Re: List /home directory without logging in?

From: Alan Baker (alanwbaker_at_yahoo.com)
Date: 07/05/04

• Next message: David Magda: "Re: List /home directory without logging in?"
• Previous message: Gandalf Parker: "Re: List /home directory without logging in?"
• In reply to: Alan Baker: "List /home directory without logging in?"
• Next in thread: David Magda: "Re: List /home directory without logging in?"
• Reply: David Magda: "Re: List /home directory without logging in?"
• Reply: Bit Twister: "Re: List /home directory without logging in?"
• Reply: Gerard Wassink: "Re: List /home directory without logging in?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 5 Jul 2004 13:35:41 -0700

alanwbaker@yahoo.com (Alan Baker) wrote in message news:<4e2aa94d.0407042219.3a9d19c9@posting.google.com>...
> Someone recently tried to log into all the userids on my Linux box.
> First they connected several times via http, telnet, ftp, pop3, and
> imap but were unsuccessful in logging in. Then they tried every
> userid twice in alphabetical order via SSH. Also unsuccessfully.
> (Use those strong passwords, friends!)
>
> They didn't actually use the names in /etc/passwd, but instead tried
> all directory names under /home (including non-users like lost+found).
> This makes me wonder if the preliminary probes revealed /home's
> directory list.
>
> How could someone list /home without logging in? Is there a known
> vuln I'm missing?
>
> Alan

Thanks for your ideas, Jem, Steve, and Bit Twister.

This is a server so the http, telnet, ftp, pop3, imap, and ssh ports
are open through the firewall.

Good idea about a vulnerable web CGI script that reveals /home. I'm
running mailman (pop-mail reader written in Perl) and cgipasswd
(password-changer written in PHP). They have no documented
vulnerabilities I can find. Further suggestions?

  Alan

---

• Next message: David Magda: "Re: List /home directory without logging in?"
• Previous message: Gandalf Parker: "Re: List /home directory without logging in?"
• In reply to: Alan Baker: "List /home directory without logging in?"
• Next in thread: David Magda: "Re: List /home directory without logging in?"
• Reply: David Magda: "Re: List /home directory without logging in?"
• Reply: Bit Twister: "Re: List /home directory without logging in?"
• Reply: Gerard Wassink: "Re: List /home directory without logging in?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: List /home directory without logging in? ... This is a server so the http, telnet, ftp, pop3, imap, and ssh ports ... (comp.os.linux.security) Re: Understanding iptables FC4 ... >>make my http, ftp, telnet working from the outside world I would truly ... ftp needs to be setup as passive. ... I thought I knew what I was doing till you mentioned SSH, SCP, and DMZ ... access DSL, http, ftp and telnet.. ... (alt.os.linux) Re: Firmware for locked Speedtouch 350 ... > It's not possible to use the reset/default button to unlock it. ... > telnet / ftp and http requires a combination of user and password which I ... (comp.os.linux.hardware) Re: Firmware for locked Speedtouch 350 ... > It's not possible to use the reset/default button to unlock it. ... > telnet / ftp and http requires a combination of user and password which I ... (comp.os.linux.networking) Re: List /home directory without logging in? ... > This is a server so the http, telnet, ftp, pop3, imap, and ssh ports ... (comp.os.linux.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.unix  > 2004-07