[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FTP and TELNET daemons as non root on OSF/1.

Hello,

I have found that it is possible to run ftpd as non-root. It works
fine, and allows my to access files within my account on a computer I don't
administrate.

Is it possible to run telnetd as non-root? I am somewhat sceptical - as you
have to allocate a pty somehow, but tried it anyway:

I run the daemon with "telnetd -debug 8023".

First attempt: non heimdal telnet:
[554] [silas-1:bam] ~/tools/osf4.0/alpha/heimdal/sbin >/usr/bin/telnet silas-2 8023
Trying 130.194.1.7...
Connected to silas-2.cc.monash.edu.au.
Escape character is '^]'.
***************************************************************************
                            NOTICE TO USERS

Use of this system constitutes consent to security monitoring and testing.
All activity is logged with your host name and IP address.

*****************************************************************************

*** Connection not encrypted! Communication may be eavesdropped. ***


OSF1 V4.0 (silas-2.cc.monash.edu.au) (ttys8)


telnetd: pututxline failed.
Connection closed by foreign host.





That is fine. My guess is that the pututxline might be related to not being
able to allocate a pty. However, if I use the heimdal version of
telnet, I get garbage appearing. Is this an indication that telnetd
is broken on this platform?




[551] [silas-1:bam] ~/tools/osf4.0/alpha/heimdal/sbin >telnet silas-2 8023 
Trying 130.194.1.7...
Connected to silas-2.cc.monash.edu.au.
Escape character is '^]'.
[ Trying mutual KERBEROS5 ... ]
[ Kerberos V5 accepts you as ``bam@CHOCBIT.ORG.AU'' ]
***************************************************************************
                            NOTICE TO USERS

Use of this system constitutes consent to security monitoring and testing.
All activity is logged with your host name and IP address.

*****************************************************************************
XLd"<òMæHúõ'v¨#
×ónbÆÐ*.#¤iÏ]îÔÂ#° R©*õÑò|¿¦Æ9ã3w< Mäcßáó"4Ùäv1z¯
                                                 ú·àtd²VC¹íTÁõB(Q´aXX)}7Èù©òý²zb`æG#:Éz¿óÛé˹Ã%2:B      Çøµ,Y?AÞ,[ì׿5µ¡ýF½Û⯩YááÐpÎÛ9À®Eä«Âã;³3¯ÃÖÖú`A0Óóòéxe$ÎìOúÝæãÓºZýάèvø^â¤[$
                   H¨RuÛíUtAçïO[ü_Òì9Ëá¥ÎÝ_3)¤gi<ÀC)ÚS 2ã9¬.
<ù<ûmÃätelnetd: pututxline failed.
Connection closed by foreign host.





[552] [silas-1:bam] ~/tools/osf4.0/alpha/heimdal/sbin >telnet -x silas-2 8023
Encryption is verbose
Trying 130.194.1.7...
Connected to silas-2.cc.monash.edu.au.
Escape character is '^]'.
[ Trying mutual KERBEROS5 ... ]
[ Kerberos V5 accepts you as ``bam@CHOCBIT.ORG.AU'' ]
[ Input is now decrypted with type DES_CFB64 ]
[ Output is now encrypted with type DES_CFB64 ]
***************************************************************************
                            NOTICE TO USERS

Use of this system constitutes consent to security monitoring and testing.
All activity is logged with your host name and IP address.

*****************************************************************************
Ãߤðæ(Ag¬A( ´zîÑÛù9¹x×kqkÖƽëÀõ÷u,ªÀÿyPºÝé{ü¶é¯I*»È¬Âï=¦'HM
                                                           C¹£Ê(;ÐN´ôH¼QºHjnÇ­sAæF{'*Ö,~TæanV<Êéú·~X DÁöòE.É`³³]&Ç;
$ìÓå
i£ÏG¨p?fýüWU4 UÂý%d­Ì÷mQ.ú¼DÖ5h\÷ÚáÀú©Þv[jòê?ﳤP¸N¬CëÛPDzù3îÛóR©¤ê:mèya'Pþ-e¡¼m>aQ#®±rUl¾ZIÄ=ÌÞr v¦ÎÄñݬI®RÀe¬#½nÇß2uï°R?
7_E¨.*c§tp3|I`ötelnetd: pututxline failed.
Connection closed by foreign host.

-- 
Brian May <bmay@csse.monash.edu.au>

PGP signature