[rescue] SGI Irix / Indy question
kevin at mpcf.com
Sat Dec 20 18:08:09 CST 2003
Older versions of IRIX telnetd had a remote root exploit (overflow.)
On Thu, 20 Nov 2003 16:21:14 +0100
Walter Belgers <walter+rescue at belgers.com> wrote:
> Brooke Gravitt wrote:
> > Got to the /etc/shadow file and ran it through john( by copying
> > the entries to a file on my laptop and running john there.) No
> > dice. I guess
> Too bad. Did you use a wordfile and -rules?
> I have a homebrew 40MB wordlist that works pretty well.
> > someone can give me an exploit to get root on the box? It's got
> > ports 7, 11, 13, 21, 23, 37, 80, 512, 513, 541
> Your best bet is to telnet to those ports, grab a banner (i.e.
> OPTIONS / HTTP/1.0 for port 80) and google for version string +
> vulnerability. I don't think ports 7, 11, 13, 37 will be very
> useful. Maybe there's an rexec (512), telnet (23), ftp (21) or web
> (80) exploit.
More information about the rescue