Hi folks,
Today I witnessed a demo by Microsoft gang of hacking Linux (RH
7.3)
Thru browser on a windows client , a php file was sent to Linux
thru browser and then executed. After that a page appeared thru
which command can be executed on Linux. They copied the whole
/etc/shadow and tried to break the root password and demonstrated
breaking of root password within a minute.
I asked them how they are doing it and under what account Apache
was running. But they gave evasive replies. IS THIS POSSIBLE !! I
want to again get back to them and seek their response. BUT PLEASE
TELL ME FIRST IS THIS POSSIBLE ? I want to do my homework first
and then confront them.
IS IT POSSIBLE TO WRITE A FILE ON LINUX BY GIVING SIMPLE PHP
COMMANDS THRU URL?
IS IT POSSIBLE TO EXECUTE THAT PHP SCRIPT AND GET ACCESSS TO
/etc/shadow.
Please reply fast.
Punkuz
-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
