sshd - Setting your ports at 2222 or another port above 1024
Lisa Kachold
lisakachold at obnosis.com
Sun Mar 20 11:15:20 MST 2011
Sorry,
Actually the first link (on securitytube) shows how to get a shell.
The correct second link shows how to gain root from a shell account from a
(modern OS) kernel exploit (on 64bit OS [which many cloud and internet
servers now run]):
http://www.pcworld.com/businesscenter/article/205867/linux_kernel_exploit_gives_hackers_a_back_door.html
http://seclists.org/fulldisclosure/2010/Dec/85
Or if you run older kernels:
http://it.slashdot.org/story/08/02/10/2011257/Linux-Kernel-26-Local-Root-Exploit
And if you want the videos:
http://www.google.com/search?q=linux+kernel+exploits+video&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
On Sat, Mar 19, 2011 at 11:32 PM, James Mcphee <jmcphe at gmail.com> wrote:
> The video I got instead of sshd brute forcing was for data in an
> imagefile. When I searched the site, I could only find a couple vids for
> various password brute forcers. Was this something besides that?
> On Mar 19, 2011 7:16 AM, "Lisa Kachold" <lisakachold at obnosis.com> wrote:
> > Brute forcing sshd, gaining a non-privileged user shell on any sshd
> > configured above 1024:
> > http://www.securitytube.net/video/1641
> >
> > Once we have a nice user shell, we can gain root:
> > Here's the most recent linux kernel exploit:
> > http://securitytube.net/video/1642
> >
> > Disclaimer: All exploit education is intended for lab demonstration for
> the
> > purposes of education. We do not recommend you try this at home.
> >
> > WE DO RECOMMEND that all Linux Administrators out there TURN OFF SSHD or
> SSH
> > Servers and ONLY use VPN's.
> > --
> > (503) 754-4452 iPhone
> > (623) 239-3392 Skype
> > (623) 688-3392 Google Voice
> >
> > http://www.obnosis.com
> >
> > Senior Systems Administrator
> > IncentiveLogic,com
> >
> > *Catch My IP CAM Surveillance
> > Presentation @ ABLEConf.com in April!*
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
(503) 754-4452 iPhone
(623) 239-3392 Skype
(623) 688-3392 Google Voice
http://www.obnosis.com
Senior Systems Administrator
IncentiveLogic,com
*Catch My IP CAM Surveillance
Presentation @ ABLEConf.com in April!*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20110320/55b948c4/attachment.html>
More information about the PLUG-discuss
mailing list