Re: Pen-Testing help (Compaq Insight & htsearch)

From: warchild (warchild@spoofed.org)
Date: 12/11/01


Date: Mon, 10 Dec 2001 22:47:56 -0500 (EST)
From: warchild <warchild@spoofed.org>
To: Tim Russo <trusso@wireguided.com>


> "Unable to read word database file '/xxx/xxx/htdig/db/db.words.db' Did you
> run htmerge?" [xxx are for obscurity] :)
>
> Any help with either one of these and/or general Digital-Unix pen-test info
> would be very helpful.
>

If you have write access of some part to the machine in question (local
user, anonymous ftp), then you can craft your own config file and pass it
to htsearch using "-c <path-to-config-file>". Its not much, but it will
get you read access to files should permissions allow it.

For example, I wrote a config file like the following:

        nothing_found_file: /etc/passwd
        database_dir: <path-to-anonymous-ftp>/incoming

and uploaded it to <path-to-anonymous-ftp>/incoming, then made blank db
files as htsearch will complain if they aren't found. What it gets you is
the contents of /etc/passwd after passing this dummy config to htsearch.
Its not much, but it is a start.

-warchild

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/