FreeBSD internal security

**Tuskin** · April 18th, 2002, 11:17 PM

I am wanting to compete in the war games eventually so I decided I would try out some other war games on other servers and systems... over at black sun... hell.hackersincorporated.org port 23 usernames are given... so I have a guest account... the idea is to get root on this FreeBSD system. What, if any, docs do you know about can help me out on trying to find backdoors in its' security. su is blocked unless in group "wheel" and there are 2 users in that group, user "d" and user "ro0t". any help would be greatly appreciated. I dont know about exploits and I dont have friends around me who know... you guys/girls are the only source of feedback I get. Thanks

Tuskin

**Tuskin** · April 19th, 2002, 03:28 AM

I thought a desire to learn was something they pushed around here. I am trying to learn and I have done a lot of research... right now it's where I need someone who is willing to answer those questions I cant find in those 20 or 30 or 300 texts I've read. I have read a lot, I have searched a lot, but I still need some help. Is anyone willing to help one who is willing to learn, willing to read, willing to spend time to figure it out? I just want some help right now

**linuxcomando** · April 19th, 2002, 03:46 AM

Well, First of After checking it out its being run in a jailed enviorment, That means that even if you get root which might be hard since there not any know exploits that apply to this machine yet that you are in a "virtual file system well.....kind of" A jailed env. is another root subdirectory.......its applied using ip alliases.
As to "hacking" Now unless they installed backdoors there wont be any

**linuxcomando** · April 19th, 2002, 03:52 AM

Also upon further review, it is using the chflags -R schg {dir}
command so if you are able to become root you wont be able to change anything unless you do a
chflags -R noschg{dir}

**Tuskin** · April 19th, 2002, 03:53 AM

where can I find a challenge that isnt impossible for me? I want to learn internal security... doesnt matter if its FreeBSD, that is just what I was working on there. Do you know of easier tests or will AntiOnline provide that later? Thanks for replying, if anyone knows where I can find a lesser challenge please tell me thanks

**linuxcomando** · April 19th, 2002, 04:03 AM

hackerslab.org is an easyier one.....now it still can be a 13itch but its going to be loads easier than this one.

**linuxcomando** · April 19th, 2002, 04:05 AM

or go to happyhacker.org and click on the wargames link :P These are some easy/sucky ones for a newbie

**Tuskin** · April 19th, 2002, 04:28 AM

I'll check them out...

**linuxcomando** · April 19th, 2002, 04:43 AM

Good luck

Thread: FreeBSD internal security

Thread Tools

Display

FreeBSD internal security

Posting Permissions