telnet holes??

r2ii · 08-11-2004, 04:14 PM

Im having issues finding and locating any root exploits in a telnet debian box a few friends have set up just for fun. It's running Debian GNU/Linux 3.0 on kernel 2.2.20. A default account has been created for all people trying to play around with the box however its capabilities are extremely limited.. any insight would help. Thanks

LoungeLizard · 08-11-2004, 04:25 PM

So are you trying to telnet in as root, cause you cant do that you have to telnet in as a reg user and su to root?

r2ii · 08-11-2004, 04:30 PM

Quote:

Originally posted by LoungeLizard
So are you trying to telnet in as root, cause you cant do that you have to telnet in as a reg user and su to root?

Absolutly right, Ive been telneting in on a "general access account" if you will. My only problem is gaining the rights to view the shadow file. The only thing i could think of was compiling some sort of buffer overflow.

LoungeLizard · 08-11-2004, 04:32 PM

once you loged in at as a regular did you try to su to root?

r2ii · 08-11-2004, 04:34 PM

Yes.. no clue of the password

LoungeLizard · 08-11-2004, 04:37 PM

Well you need to know the root password to login as root

r2ii · 08-11-2004, 04:38 PM

maybe you're missing my point. We each set up boxes to see if any of us would be able to gain root access to the others box. Im just trying to find some insight on how i might do this

LoungeLizard · 08-11-2004, 04:40 PM

Ahh ok...sorry my bad at work and its been a long day

r2ii · 08-11-2004, 04:44 PM

i understand .. Just got in from work myself.

Capt_Caveman · 08-11-2004, 06:11 PM

Regardless of your intentions, this thread is becoming a Debian cracking howto, which is against the site rules. Therefore, I'm closing it. Hopefully you understand how someone else might use it for more malicious purposes. If you like, you can email the site owner and administrator (Jeremy) and specifically request it to be reopened.