Author Topic: SSH public_html vuln  (Read 4055 times)

0 Members and 1 Guest are viewing this topic.

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
SSH public_html vuln
« on: August 19, 2005, 11:38:39 pm »
joe@darkside:/home/zorm/public_html$ ls
__ZORMS_FILES_HERE__

I really don't think thats supposed to be allowed.

The problem here is I can open his config.php file and get his database file. I'm too mature to use it (er, ok, I don't know how to use it), but in the wrong hands, this is bad.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: SSH public_html vuln
« Reply #1 on: August 20, 2005, 12:01:18 am »
chmod 706 ?
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Offline Krazed

  • x86
  • Hero Member
  • *****
  • Posts: 1822
    • View Profile
Re: SSH public_html vuln
« Reply #2 on: August 20, 2005, 09:48:43 am »
That's it in the httpd.conf file.

iago, get to work. I'll do it if you want.
It is good to be good, but it is better to be lucky.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SSH public_html vuln
« Reply #3 on: August 20, 2005, 11:37:35 am »
That's not a vuln, it's because the public_html has world-read permissions (0755).  There are 3 options to fix that:
1. Make the folder 0711.  Executable but not readable.
1. Make public html owned by the group "nobody", and assign the permission 0750
2. Make Apache SEXEC (I think), so that Zorm's stuff runs as the user Zorm, and make the permission 0700.  But that opens a whole new barrel of monkeys. 

Also, that's not "SSH" at all, even if it was a vuln it would be a permissions vuln.  SSH is the means to get a remote connection and has nothing to do with what happens once you're there. 

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: SSH public_html vuln
« Reply #4 on: August 21, 2005, 10:03:05 am »
Either way, I can get his PHP source code. =p
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SSH public_html vuln
« Reply #5 on: August 21, 2005, 01:15:04 pm »
And if I get complaints about how you act on my server, I'll cut off your access. 

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: SSH public_html vuln
« Reply #6 on: August 21, 2005, 07:31:39 pm »
And if I get complaints about how you act on my server, I'll cut off your access.
*coughs* iago forgot AIM already?
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: SSH public_html vuln
« Reply #7 on: August 21, 2005, 07:47:16 pm »
And if I get complaints about how you act on my server, I'll cut off your access.
*coughs* iago forgot AIM already?
That's not what I meant.  He can store whatever he wants there, provided it's legal, information should be free.  I meant abusing it.