[unios] Re: Hackers needed

Pat Wendorf beholder@ican.net
Tue, 23 Mar 1999 12:21:28 -0500



Pieter Dumon wrote:

> > certain things up properly (like web access), and due to his extreme
> > schedule, I
> Oh , but setting up Apache is really just a little work, and
> moreover, Apache is ultra-fast and ultra-configurable.

Yep, I have a local linux box that I experiment on, and apache is very easy to
set up (relative to other Linux components ;)  Apache is installed, it's just
not set up for user HTML at the moment

> > shadowing has NOT been implemented, and the passwd file is accessible.
>
> Ha ! Should be done in a minute! One search on altavista should get you a
> lot of methods. If you have an account, an insite hack is VERY easy.
> (eg use a search string "+linux +exploits" ).
> You can also use brute force on the passwd file, off course. How the hell
> is it possible that shadowing isn't implemented?

Good question... Red Hat 5.2, when you first install it, doesn't shadow the
passwords.  I know the shadow suite is installed, it's just not implemented.

I'll check out Altavista (or astalavista.box.sk, a dedicated exploit search
engine).

--
-----------------------------
Pat Wendorf
UniOS Group
http://members.xoom.com/unios
beholder@ican.net
ICQ: 1503733
-----------------------------