just what I have done , do a "more /etc/shadoz~" in the webshell.cgi ...
PROS AND CONS OF EFC.
1. Can protect against known or unknown vulnerabilities.
Ok, with that in mind, lets see how well it stands up to "unknown" attacks...
I'm not one to judge product quality based (partially or otherwise) on past or current programming mistakes, but if I was, I'd say that something like:
for(i=0;arg[i]; i++) { if ((strncmp(arg[i], "/etc/shadow",11) == 0) || (strncmp(arg[i], "shadow",6) == 0)) { write(1,"arg cannot be shadow\n", 21); return 0; } }
is a pretty poor way of making sure people don't play with your shadow file. There are many possibilities here, but the bottom line is that the webserver had a poorly written CGI application and EFC didn't seem to do much in the way of stopping someone from exploiting it and stealing the shadow file.
fwiw,
-jon _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _____________________________________________________________________ Envie de discuter en "live" avec vos amis ? T�l�charger MSN Messenger http://www.ifrance.com/_reloc/m la 1�re messagerie instantan�e de France
-- Jarlin l'enchanteur _____________________________________________________________________ Envie de discuter en "live" avec vos amis ? T�l�charger MSN Messenger http://www.ifrance.com/_reloc/m la 1�re messagerie instantan�e de France
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
