Re: Pen-Testing help (Compaq Insight & htsearch)

From: warchild (warchild@spoofed.org)
Date: 12/11/01


Date: Mon, 10 Dec 2001 22:47:56 -0500 (EST)
From: warchild <warchild@spoofed.org>
To: Tim Russo <trusso@wireguided.com>


> "Unable to read word database file '/xxx/xxx/htdig/db/db.words.db' Did you
> run htmerge?" [xxx are for obscurity] :)
>
> Any help with either one of these and/or general Digital-Unix pen-test info
> would be very helpful.
>

If you have write access of some part to the machine in question (local
user, anonymous ftp), then you can craft your own config file and pass it
to htsearch using "-c <path-to-config-file>". Its not much, but it will
get you read access to files should permissions allow it.

For example, I wrote a config file like the following:

        nothing_found_file: /etc/passwd
        database_dir: <path-to-anonymous-ftp>/incoming

and uploaded it to <path-to-anonymous-ftp>/incoming, then made blank db
files as htsearch will complain if they aren't found. What it gets you is
the contents of /etc/passwd after passing this dummy config to htsearch.
Its not much, but it is a start.

-warchild

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • Re: ettercap help
    ... Anyways have never tried Ettercap for VNC. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: CFM SQL injection
    ... You should better use union or alike get unauthorized data from the ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: ettercap help
    ... > I can get it to sniff telnet, ftp, pop, smb, but no vnc. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Wardialing
    ... >>> achieving the connection with the modem. ... >>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • RE: How to Tackle the Legal Tangle?
    ... How to Tackle the Legal Tangle? ... >This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)