Vulnerability Development mailing list archives
Re: Kill the DOG and win 100 000 DM
From: "Sherrod, Andrew" <andrew.sherrod () TFN COM>
Date: Wed, 8 Nov 2000 10:38:14 -0500
HTTP 1.0 : http://sunsite.dk/RFC/rfc/rfc1945.html HTTP 1.1 : http://sunsite.dk/RFC/rfc/rfc2616.html -----Original Message----- From: Scott Fagg [mailto:scott.fagg () ARUP COM AU] Sent: Tuesday, November 07, 2000 11:11 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Kill the DOG and win 100 000 DM I've only ever used HEAD and GET for testing... GET /index.html HTTP/1.0 GET /index.html HTTP/1.1 HEAD /index.html HTTP/1.0 HEAD /index.html HTTP/1.0 or if it's a proxy you can try GET http://slashdot.org/ HTTP/1.0 I'm not sure what the syntax for POST or PUT is. Anyone one know the WEBDAV commands? There must be a list of these somewhere....
John Herron <john.herron () RRC STATE TX US> 8/11/00 12:37:07 am >>>
Sort of interesting thing I found last night. Even though you can't ping the machine and if I try to load the machines webpage it will take a few minutes and usually fail (once and a while it will load) but if you telnet to the machine (23, 25, 80) it will connect no problem (even on 80.. which is what's strange). Ironically enough a few days before I heard about this contest I was also trying to find out what commands internet browsers use to load webpages. I didn't find that information unfortunatly, but am still curious if anyone knows these commands (if you telnet to a machine:80 you connect, but all the commands I've tried just result in a "501 Method Not Implemented" error. Also odd that no matter what I put in their machines port 80 it wouldn't ever talk back to me ::sniffle:: heh. But does anyone have a list of those commands to use on port 80? Also, just curious, but how did (forgot name) check the relaying rules?
James Cox <james () IMAJES CO UK> 11/06/00 03:52PM >>>i tried alot , but the connection always failed. even telnetting to port
80
didnt work. i have 2 (legal) shells very very close to the system, so i think you have to catch a lucky moment to get the / page. <joke> i could mirror the site if anyone send me an apropriate .tgz hehe </joke>
It seems as if the box is pretty ok right now. I have seen the two pages hosted there - no more info than hacking-contest.com...
port 25 and 23 ( try root/toor maybe it works haha ) work like a charm.
Hmm, I am not sure if I see what I should: SunOS 5.7 login: nobody Password: (nobody) Login incorrect login: root Password: (toor) Login incorrect I can keep going like this - it doesn't kick me off :)
only thing i could do was checking their relaying rules (relaying denied) and looking for some user accs: 550 www... User unknown 250 nobody... Recipient ok 250 root... Recipient ok 550 ftp... User unknown 250 nobody4... Recipient ok 250 uucp... Recipient ok [...] 550 admin... User unknown 550 administrator... User unknown 550 gast... User unknown 550 guest... User unknown 550 toor... User unknown 550 argus... User unknown 550 argusadmin... User unknown [...] 550 bla... User unknown 550 blabla... User unknown
I wonder if there is anymore info from that..
so i just sit and wait for some login info ...
Yup, don't we all. :) James Cox re.vulns () imajes co uk
Current thread:
- Re: Kill the DOG and win 100 000 DM, (continued)
- Re: Kill the DOG and win 100 000 DM Matthias Krawutschke (Nov 07)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 08)
- Fw: Re: Kill the DOG and win 100 000 DM Guilherme Mesquita (Nov 07)
- Re: Kill the DOG and win 100 000 DM John Herron (Nov 08)
- Re: Kill the DOG and win 100 000 DM Mark (Nov 08)
- Re: Kill the DOG and win 100 000 DM Robert Collins (Nov 08)
- Re: Kill the DOG and win 100 000 DM Scott Fagg (Nov 08)
- Re: Kill the DOG and win 100 000 DM Jon Larimer (Nov 09)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 09)
- Re: Kill the DOG and win 100 000 DM Michael Wojcik (Nov 09)
- Re: Kill the DOG and win 100 000 DM Sherrod, Andrew (Nov 09)
- Re: Kill the DOG and win 100 000 DM Ghory, Zeshan A (Nov 09)
- Re: Kill the DOG and win 100 000 DM Jeffrey W. Thompson (Nov 10)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 11)
- Re: Kill the DOG and win 100 000 DM Jeffrey W. Thompson (Nov 11)
- Re: Kill the DOG and win 100 000 DM Jay Tribick (Nov 11)
- Re: Kill the DOG and win 100 000 DM Jeffrey W. Thompson (Nov 11)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 11)
- Re: Kill the DOG and win 100 000 DM Mark (Nov 12)
- Re: Kill the DOG and win 100 000 DM Jeffrey W. Thompson (Nov 15)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 15)
- Re: Kill the DOG and win 100 000 DM Lincoln Yeoh (Nov 11)
- Re: Kill the DOG and win 100 000 DM Matthias Krawutschke (Nov 07)