Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: help: I need to crack my box
From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Tue, 22 Jul 2008 09:09:55 -0500

--On Tuesday, July 22, 2008 09:35:03 +0200 Lucio Crusca <lucio () sulweb org> 
wrote:

Alex Howells wrote:

Probably not and I can't think anyone hiding a 0-day is going to
release it for this. Sorry.
No 0-day needed here, Lenny does not have security updates, so all I need is
some PoC code already released in the last few months...

Paul Schmehl wrote:
Ask the hosting company
It's a firewalled LAN machine that had the VNC port open for a while, but
it's not hosted by a provider, my customer has it under its desk (yes, ok,
it's not really mine, but my customer doesn't even know what a computer
is). I can access it now with ssh through a tunnel, that's all I have.


So call your customer up and walk him through rebooting, going into single user 
mode and changing the password.

-- 
Paul Schmehl
As if it wasn't already obvious,
my opinions are my own and not
those of my employer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]