Date: 7:05 pm  Wed Dec 27, 1995        Number : 1 of 2
From: Disorder                         Base   : [Private] System Security
To  : All                              Refer #: None
Subj:                                  Replies: 1
Stat: Normal                           Origin : Local

To: sectalk@opus.touch.net
Subject: Interesting stuff (forwarded)

Here is sum cool stuff, forwarded from Simple Nomad:


The first is a present I received. Al Payne updated the Netware Hack
FAQ web site at http://www.hookup.net/~apayne/nwhack.html and it looks
great. Thanks Al!

The next one is something I discovered by accident, showed to a friend,
and I would expect my paranoid friend is going to have this all over the
place very soon. Go to a web search site (my current fave site is 
http://www.altavista.digital.com) and search on the following -

        root: 0:0 bin: sync: adm: daemon: ftp:

It seems a number of sites have made copies of passwd files for ftp (or
an admin had a copy of the passwd file in their home directory) and it
was indexed as a searchable page on the web server. Imagine my surprise
when I was able to crack the root password for two different systems
without even accessing them! Some of the passwd files were just on the
web server (and unable to retrieve them) but several were world readable
and simply copies of the real passwd file! Certainly I am not the first
to discover this, am I? Very, very surprised...

And finally, for you Netware hackers out there, the password used by
Arcserve 5.x for the CHEY_ARCHSVR account is WONDERLAND, making this a
prime candidate for a backdoor account.

Anyway, have a fun holiday and look for version 3 of the Netware Hack FAQ
in about 3 weeks or so.

Simple Nomad