[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FTP and TELNET daemons as non root on OSF/1.



Hello,

I have found that it is possible to run ftpd as non-root. It works
fine, and allows my to access files within my account on a computer I don't
administrate.

Is it possible to run telnetd as non-root? I am somewhat sceptical - as you
have to allocate a pty somehow, but tried it anyway:

I run the daemon with "telnetd -debug 8023".

First attempt: non heimdal telnet:
[554] [silas-1:bam] ~/tools/osf4.0/alpha/heimdal/sbin >/usr/bin/telnet silas-2 8023
Trying 130.194.1.7...
Connected to silas-2.cc.monash.edu.au.
Escape character is '^]'.
***************************************************************************
                            NOTICE TO USERS

Use of this system constitutes consent to security monitoring and testing.
All activity is logged with your host name and IP address.

*****************************************************************************

*** Connection not encrypted! Communication may be eavesdropped. ***


OSF1 V4.0 (silas-2.cc.monash.edu.au) (ttys8)


telnetd: pututxline failed.
Connection closed by foreign host.





That is fine. My guess is that the pututxline might be related to not being
able to allocate a pty. However, if I use the heimdal version of
telnet, I get garbage appearing. Is this an indication that telnetd
is broken on this platform?




[551] [silas-1:bam] ~/tools/osf4.0/alpha/heimdal/sbin >telnet silas-2 8023 
Trying 130.194.1.7...
Connected to silas-2.cc.monash.edu.au.
Escape character is '^]'.
[ Trying mutual KERBEROS5 ... ]
[ Kerberos V5 accepts you as ``bam@CHOCBIT.ORG.AU'' ]
***************************************************************************
                            NOTICE TO USERS

Use of this system constitutes consent to security monitoring and testing.
All activity is logged with your host name and IP address.

*****************************************************************************
XLd"<MH'v¨#
nb*.#i]#R*|93w<Mc"4v1z
                                                 tdVCTB(QaXX)}7zb`G#:z˹%2:B      ,Y?A,[׿5F⯩Yp9E;3`A0xe$OӺZάv^[$
                   HRuUtAO[_9_3)gi<C)S29.
<<mtelnetd: pututxline failed.
Connection closed by foreign host.





[552] [silas-1:bam] ~/tools/osf4.0/alpha/heimdal/sbin >telnet -x silas-2 8023
Encryption is verbose
Trying 130.194.1.7...
Connected to silas-2.cc.monash.edu.au.
Escape character is '^]'.
[ Trying mutual KERBEROS5 ... ]
[ Kerberos V5 accepts you as ``bam@CHOCBIT.ORG.AU'' ]
[ Input is now decrypted with type DES_CFB64 ]
[ Output is now encrypted with type DES_CFB64 ]
***************************************************************************
                            NOTICE TO USERS

Use of this system constitutes consent to security monitoring and testing.
All activity is logged with your host name and IP address.

*****************************************************************************
ߤ(AgA( z9xkqkƽu,yP{I*Ȭ='HM
                                                           C(;NHQHjnǭsAF{'*,~TanV<~X DE.`]&;
$
iGp?fWU4 U%dmQ.D5h\v[j?ﳤPNCPDz3R:mya'P-em>aQ#rUlZI=r vݬIRe#n2uR?
7_E.*ctp3|I`telnetd: pututxline failed.
Connection closed by foreign host.

-- 
Brian May <bmay@csse.monash.edu.au>

PGP signature