Register

Welcome to the RDI-Board Community.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed.


Donate Now Goal amount for this month: 100 EUR, Received: 100 EUR (100%)
Donate to support this site...

Results 1 to 12 of 12

Thread: Alo

  1. #1
    Banned
    RDI - Board Banned Avatar

    Join Date
    Apr 2003
    Posts
    28
    Posts Thanks / Likes

    Default Alo

    Frate , mai securizati-va si voi dreamboaxele .... E posibil sa se intre ca prin branza ? Care gasiti un fisier ! ! !Important.txt in /var/keys , cititi-l bine ....


    Se stiu ei care

  2. #2
    -nomad- Mentor
    Join Date
    Apr 2003
    Location
    ...
    Posts
    754
    Posts Thanks / Likes

    Default

    Ete micul écăr in cine salashuia

    cân' am signalat io problema asta ati ras de mine ca nu e o problema

    atentie la plug-inurile ce le instalati atata timp cat nu aveti acces la sursa lor(dar nici atunci nu stiu daca se gaseste cineva care sa va spuna unde sa va uitati) ca pot contine backdoor-uri
    schimbativa-ti parola de root
    (
    telnet ipdreambox
    passwd
    )
    punetzi-va faierol si lasati deschise doar porturile serviciilor c eva sunt cu adevarat necesare )

    tare mie mie ca si geboxurile au functii ascunse )

    #N#

    „…acest delir, această lume nebună a gadgeturilor, a fetişurilor care încearcă fiecare să imprime eternităţii o valoare şi să facă dovada unei mîntuiri prin lucruri şi a lipsei mîntuirii prin har.“ - JEAN BAUDRILLARD ¶Root is a state of mind¶

  3. #3
    Moderator Expert
    Join Date
    Sep 2003
    Location
    BRASOV
    Posts
    3,461
    Posts Thanks / Likes

    Default

    tare mie mie ca si geboxurile au functii ascunse )

    #N#[/quote]

    mda sa iti fure nevasta,bani de pe card si boi de la bicicleta.....
    350 kg de scule!

  4. #4
    Multi Banned User Expert
    Join Date
    Oct 2003
    Posts
    11,134
    Posts Thanks / Likes

    Default

    mai trist ar sa-ti fure ouale de sub tine

  5. #5
    Senior Member Expert
    Join Date
    Nov 2004
    Location
    espańa
    Posts
    1,125
    Posts Thanks / Likes

    Default

    Quote Originally Posted by nirolf
    mai trist ar sa-ti fure ouale de sub tine
    pai nare timp sa le fure ca le numara Bombonel, pardon am vrut sa zic Nastase
    Fiti Aliati
    Dreambox

  6. #6
    Banned Friend
    RDI - Board Banned Avatar

    Join Date
    Jul 2004
    Location
    Cluj-Napoca
    Posts
    41
    Posts Thanks / Likes

    Default

    Salutare onorabililor,

    Chiar ca asta e o problema si ca patitu nu stie nimeni ca pe mine numai jtagu m-a salvt asa ca securizati-va dremurile ca e de rau.

    u.d.o
    p.s nu pun eu mana pe ala de mi-a facut-o

  7. #7
    Banned
    RDI - Board Banned Avatar

    Join Date
    Apr 2003
    Posts
    28
    Posts Thanks / Likes

    Default

    Din pacate slabe apeluri am facut.
    La câtă lume am intrat ieri , astazi era situatia neschimbata .

    Cine primeste asemenea mesaje este rugat sa ia masuri

    [img]http://img.photobucket.com/albums/v232/*********/antene/important.gif[/img]

    E lame sa ai parola : dreambox . Un prieten avea : tineretefarabatranetesiviatafarademoarte

  8. #8
    Junior Member Master
    RDI - Board Default Avatar

    Join Date
    Jan 1970
    Posts
    89
    Posts Thanks / Likes

    Default

    si cum e cu 22?
    am observat ca dropbear de pe dream e versia 0.46
    pe site-ul lor( http://matt.ucc.asn.au/dropbear/dropbear.html ) sta ca toate versiunile dinaintea 0.47 au ceva probleme de securitate.
    stie careva daca e patch-uita versiunea de pe dream?


    PS: voi folositi putty ca si client si pe dream mc-ul ca file explorer/editor?

  9. #9
    Junior Member Master
    RDI - Board Default Avatar

    Join Date
    Jan 1970
    Posts
    89
    Posts Thanks / Likes

    Default

    Quote Originally Posted by *********
    ...Un prieten avea : tineretefarabatranetesiviatafarademoarte
    pai parola nu-i numa din 8 caractere?
    eu cred ca parola prietenului tau tot "tinerete" ramane oricat o face el de lunga dar nu sunt specialist poate gresesc.

  10. #10
    Gold Member Expert
    RDI - Board Default Avatar

    Join Date
    Aug 2002
    Posts
    4,271
    Posts Thanks / Likes

    Default

    Quote Originally Posted by prislea
    pai parola nu-i numa din 8 caractere?
    poate avea intre 5 si 8

  11. #11
    Silver Member Expert
    Join Date
    Jul 2003
    Location
    Romania
    Posts
    2,782
    Posts Thanks / Likes

    Default

    io-s prin router router-ul prin server linux cu firewall si nu folosesc porturi default nici la ftp ... nici la web

    Best Regards
    Cand esti mort , nu stii ca esti mort . E greu doar pentru ceilalti !
    La fel si cand esti prost ...
    __________________________________________________ _____________________________________________


  12. #12
    -nomad- Mentor
    Join Date
    Apr 2003
    Location
    ...
    Posts
    754
    Posts Thanks / Likes

    Default

    Code:
    Dropbear SSH Server <= 0.34
    
    From: Joel Eriksson (je_at_bitnux.com)
    Date: 08/17/03
    # Next message: debian-security-announce_at_lists.debian.org: "[Full-Disclosure] [SECURITY] [DSA-373-1] New autorespond packages fix buffer overflow"
    
        * Previous message: Nanok Thathangha: "Re: Buffer overflow prevention"
        * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ] 
    
    Date: Sun, 17 Aug 2003 01:05:19 +0200
    To: [email protected]
    
    
    
    ==========================================================================
    0xbadc0ded Advisory #02 - 2003/08/17 - Dropbear SSH Server <= 0.34
    ==========================================================================
    
    Reference http://0xbadc0ded.org/advisories/0302.txt
    PGP-key http://0xbadc0ded.org/advisories/pubkey.asc
    
    Application Dropbear SSH Server <= 0.34
    Discovered By Joel Eriksson <[email protected]>
    Researched By Joel Eriksson <[email protected]>
    
    Overview
    
      Dropbear SSH Server is a small Secure Shell server suitable for
      embedded environments. It implements various features of the SSH 2
      protocol, including X11 and Authentication agent forwarding.
    
    Problem
    
      A remotely exploitable format string vulnerability exists in the default
      configuration of the Dropbear SSH Server up until version 0.35, which was
      released shortly after Matt Johnston, the Dropbear developer, was notified
      of the problem. Thanks for a quick response Matt!
    
      The bug can be triggered by supplying a username with format specifiers
      and make a login attempt. Since the user does not exist, the login attempt
      will fail and the following code in auth.c will be executed:
    
        dropbear_log(LOG_WARNING,
                        "login attempt for nonexistant user '%s' from %s",
                        username, ses.addrstring);
    
      To format the log message, vsnprintf() is used, the resulting buffer will
      be passed to syslog() (unless dropbear is run in foreground or compiled
      with DISABLE_SYSLOG defined). The formatted buffer is passed as a format
      string to syslog() so if the username contains any format string specifiers,
      they will be parsed. This can be used to overwrite arbitrary memory
      addresses (such as function pointers) with userdefined data (such as
      the address to shellcode supplied by the attacker).
    
    Exploit
     
      Exploiting this bug was not entirely straightforward, but not far from either.
      The total time from downloading and starting to audit the Dropbear source until
      having developed a working exploit was just a few hours. Instead of just
      presenting an exploit, I will describe the essential steps of the process
      in detail here and make the exploit available from the 0xbadc0ded.org webpage
      at a later time.
    [...]
    
    Fix
    
      Upgrade to Dropbear version 0.35, or edit util.c and change:
    
        syslog(priority, printbuf);
    
      to:
    
        syslog(priority, "%s", printbuf);
    
    Disclosure Timeline
    
      2003/08/16 Notified Matt Johnston - The Dropbear developer
      2003/08/16 Received response from Matt Johnston
      2003/08/17 Public release
    
    ==========================================================================
    The 0xbadc0ded.org team is hosted and sponsored by Bitnux: www.bitnux.com
    ==========================================================================
    
    Bitnux is a newly founded company located in Sweden focused on security
    research and system development. We offer services such as:
    
      - Code Reviews
      - Exploit Development
      - Reverse Engineering of Code
      - Security Revisions of Systems and Software
      - Custom System Development for Unix/Linux/BSD and Windows
    
    E-mail : [email protected]
    Phone : +46-70-228 64 16
    Chat : http://bitnux.com/live
    Dar e bine ca exista si asa ceva. Asa pot si sriptchizi sau ecării de debara sa faca si ei rost de un root sau pot s-o puna de un free-share-ing cu cartele furate (astadaca-i duce capu´)

    #N#

    „…acest delir, această lume nebună a gadgeturilor, a fetişurilor care încearcă fiecare să imprime eternităţii o valoare şi să facă dovada unei mîntuiri prin lucruri şi a lipsei mîntuirii prin har.“ - JEAN BAUDRILLARD ¶Root is a state of mind¶

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Back to Top