This is a multi-part message in MIME format. ------=_NextPart_000_00E4_01BF2CD7.AB63D2E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable There's feature of the WU-FTP daemon (Version 2.4.2 tested as well as = earlier versions) (http://www.academ.com/academ/wu-ftpd/) that allows a = remote user to workout what flavour of UNIX the ftp server is running = on. When using the cd (CWD) command to a user accounts home directory = (cd ~user) the WU-FTPD will reveal the accounts physical path if the = account is a built in standard account such as root or games or uucp = etc. For non-standard accounts it calims not to know the user: ftp> cd ~mail 550 /var/spool/mail: No such file or directory. ftp> cd ~games 550 /usr/games: No such file or directory. ftp> cd ~root 550 /root: No such file or directory. ftp> cd ~guest 550 Unknown user name after ~ ftp> cd ~jsmith 550 Unknown user name after ~ ftp> cd ~nobody 550 /dev/null: No such file or directory. Knowing what accounts exist on what flavour of UN*X allows a remote user = to can then say with a high degree of certainty that they're dealing = with a specific platform. Cheers, David Litchfield http://www.infowar.co.uk/mnemonix/ Cerberus Information Security +44(0)181 661 7405 ------=_NextPart_000_00E4_01BF2CD7.AB63D2E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Diso-8859-1" = http-equiv=3DContent-Type> <META content=3D"MSHTML 5.00.2614.3500" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>There's feature of the WU-FTP = daemon (Version=20 2.4.2 tested as well as earlier versions) (</FONT><FONT face=3DArial = size=3D2><A=20 href=3D"http://www.academ.com/academ/wu-ftpd/">http://www.academ.com/acad= em/wu-ftpd/</A>)=20 that allows a remote user to workout what flavour of UNIX the ftp server = is=20 running on. When using the cd (CWD) command to a user accounts home = directory=20 (cd ~user) the WU-FTPD will reveal the accounts physical path if the = account is=20 a built in standard account such as root or games or uucp etc. For = non-standard=20 accounts it calims not to know the user:</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>ftp> cd ~mail<BR>550 = /var/spool/mail: No such=20 file or directory.<BR>ftp> cd ~games<BR>550 /usr/games: No such file = or=20 directory.<BR>ftp> cd ~root<BR>550 /root: No such file or=20 directory.<BR>ftp> cd ~guest<BR>550 Unknown user name after = ~<BR>ftp> cd=20 ~jsmith<BR>550 Unknown user name after ~<BR>ftp> cd ~nobody<BR>550 = /dev/null:=20 No such file or directory.</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>Knowing what accounts exist on what = flavour of UN*X=20 allows a remote user to can then say with a high degree of certainty = that=20 they're dealing with a specific platform.</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>Cheers,</FONT></DIV> <DIV><FONT face=3DArial size=3D2>David Litchfield</FONT></DIV> <DIV><FONT face=3DArial size=3D2><A=20 href=3D"http://www.infowar.co.uk/mnemonix/">http://www.infowar.co.uk/mnem= onix/</A></FONT></DIV> <DIV><FONT face=3DArial size=3D2>Cerberus Information = Security</FONT></DIV> <DIV><FONT face=3DArial size=3D2>+44(0)181 661 7405</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2><BR> </DIV></FONT></BODY></HTML> ------=_NextPart_000_00E4_01BF2CD7.AB63D2E0--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:11:37 PDT