Results 1 to 5 of 5

Thread: Dominos

  1. #1

    Dominos

    Hello,

    I am doing a pentest on a Dominos server and have read access to many databases, among others the names.nsf, admin4.nsf, and log.nsf. I can read their contents but don't really know what I should do to come further. Does anyone have any tips?

    Server: Lotus-Domino/0
    OS: W2K Server

    I can't really say what sort of setup they have due to the fact that it is my job to figure that out. I made a Lotus scanner and it found the following databases:

    /domcfg.nsf
    /admin4.nsf
    /agentrunner.nsf
    /bookmark.nsf
    /busytime.nsf
    /catalog.nsf
    /certsrv.nsf
    /cpa.nsf
    /dirassist.nsf
    /doc/dspug.nsf
    /domcfg.nsf
    /events4.nsf
    /help/decsdoc.nsf
    /help/dols_help.nsf
    /help/help5_admin.nsf
    /help/help5_client.nsf
    /help/help5_designer.nsf
    /help/lccon.nsf
    /help/lsxlc.nsf
    /help/readme.nsf
    /homepage.nsf
    /iNotes/Forms5.nsf/$DefaultNav
    /iNotes/Forms5.nsf
    /log.nsf
    /mail.box
    /mtatbls.nsf
    /names.nsf
    /reports.nsf
    /statmail.nsf
    /statrep.nsf
    /vpuserinfo.nsf
    /webadmin.nsf
    /admin4.nsf
    /AgentRunner.nsf
    /bookmark.nsf
    /busytime.nsf
    /catalog.nsf
    /certsrv.nsf
    /cpa.nsf
    /dirassist.nsf
    /doc/dspug.nsf
    /domcfg.nsf
    /events4.nsf
    /help/decsdoc.nsf
    /help/dols_help.nsf
    /help/help5_admin.nsf
    /help/help5_client.nsf
    /help/help5_designer.nsf
    /help/lccon.nsf
    /help/lsxlc.nsf
    /help/readme.nsf
    /homepage.nsf
    /iNotes/Forms5.nsf
    /log.nsf
    /mail.box
    /mtatbls.nsf
    /names.nsf
    /reports.nsf
    /statmail.nsf
    /statrep.nsf
    /webadmin.nsf


    I have read access to about 85% of them.


    Regards,

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    I take it that the server is a Lotus Notes 5 server? (/iNotes/Forms5.nsf). There are a few vulnerabilities out there for 4/5/6 servers so you might want to find them and replicate them. The fact that you can READ 85% of the databases would have me worried. That's a huge information leak and could mean a competitor -- being of a more nastier sort -- could find out information on my next big "thang".
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member VicE$DoS$'s Avatar
    Join Date
    Nov 2002
    Posts
    209
    Surreal,

    See I told you mate!

    The omnipotent MsMittens (who sadly forsaked Pyroto) has already come back with some good suggestions!!

    MsMittens - see the other thread relating to this earlier today in the MS Security Discussion forum. Surreal gave full details of the set up.

    Cheers
    Vice$Dos$
    I remember when Nihil was ickle. Does that mean I'm old?

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401

    Re: Dominos

    Originally posted here by Surreal
    Hello,

    I am doing a pentest on a Dominos server and have read access to many databases, among others the names.nsf, admin4.nsf, and log.nsf. I can read their contents but don't really know what I should do to come further. Does anyone have any tips?
    These are the ones I recently ran across :

    http://www.securityfocus.com/bid/6872
    http://www.securityfocus.com/bid/7038
    http://www.securityfocus.com/bid/7037

    checkout http://www.securityfocus.com/bid for more.

  5. #5
    Good stuff. There is lots og help to get here. Thanks to you all *Vice$Dos$*

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •