|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: wwwboard my help reveal user name and password
From: Julian Linton (jlinton
CIS.FAMU.EDU)Date: Fri Jul 07 2000 - 02:00:37 CDT
- Next message: Slawek: "(no subject)"
- Previous message: Bluefish: "Re: BitchX /ignore bug"
- Next in thread: Shadowboxer: "Re: wwwboard my help reveal user name and password"
- Reply: Shadowboxer: "Re: wwwboard my help reveal user name and password"
- Reply: Shelagh Pepper: "Re: wwwboard my help reveal user name and password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This is probably well know already. if wwwboard.pl is install with most of it default settings any web user can access www.somesite.com/wwwboard/passwd.txt
this will show the username and encrypted password for the wwwadmin.pl script. I did a search on the internet and many of the site that are running wwwboard use the same password and username for other service, such as ftp or telnet. I feel this can be a problem since the passwd.txt file is world readable.
Julian Linton
CIS Student FAMU.EDU
jlintoncis.famu.edu
- Next message: Slawek: "(no subject)"
- Previous message: Bluefish: "Re: BitchX /ignore bug"
- Next in thread: Shadowboxer: "Re: wwwboard my help reveal user name and password"
- Reply: Shadowboxer: "Re: wwwboard my help reveal user name and password"
- Reply: Shelagh Pepper: "Re: wwwboard my help reveal user name and password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]