> "Unable to read word database file '/xxx/xxx/htdig/db/db.words.db' Did you > run htmerge?" [xxx are for obscurity] :) > > Any help with either one of these and/or general Digital-Unix pen-test info > would be very helpful. > If you have write access of some part to the machine in question (local user, anonymous ftp), then you can craft your own config file and pass it to htsearch using "-c <path-to-config-file>". Its not much, but it will get you read access to files should permissions allow it. For example, I wrote a config file like the following: nothing_found_file: /etc/passwd database_dir: <path-to-anonymous-ftp>/incoming and uploaded it to <path-to-anonymous-ftp>/incoming, then made blank db files as htsearch will complain if they aren't found. What it gets you is the contents of /etc/passwd after passing this dummy config to htsearch. Its not much, but it is a start. -warchild ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Dec 11 2001 - 11:06:07 PST