Google Answers: Getting into a FreeBSD box with Telnet

View Question

Q: Getting into a FreeBSD box with Telnet ( No Answer, 2 Comments )

Question

Subject: Getting into a FreeBSD box with Telnet
Category: Computers > Security
Asked by: sdp-ga
List Price: $5.00

Posted: 16 Nov 2002 17:40 PST
Expires: 16 Dec 2002 17:40 PST
Question ID: 109112

I am in a security training course. As part of an assignment, the
student able to get into the FreeBSD server gets paid a large sum. Its
used frequently by the owner, so the best way i think to get in is via
a sniffer. Where can i get a sniffer i can use from home (I can be on
the LAN, but with restricted access) or what is the best way to get in
to it? The box is open for Telnet.

Request for Question Clarification by haversian-ga on 09 Dec 2002 20:51 PST

Could you provide more information?  scin is right - anyone using
telnet for system administration is asking for trouble and to have
their box taken over.  Is this an intro class and the guy teaching it
is looking for a dead-obvious attack?  Or is (s)he a professional?  If
so, you'll never get into the box.

So, how do you figure you can telnet into the box?

Clarification of Question by sdp-ga on 09 Dec 2002 21:02 PST

Well, he is a professional, but he obviously set it up so there IS a
way for us to get in... Its definately open for telnet,p  port 23 and
everything. I can telnet in, but it asks me for the login.

Answer

There is no answer at this time.

Comments

Subject: Re: Getting into a FreeBSD box with Telnet
From: dumbrhino-ga on 16 Nov 2002 17:55 PST

My experience is limited, but I will add my two bits.

You can find packet sniffers on the web, depending on your OS, some
may be easier to get than other.
http://www.ethereal.com/ 

With the sniffer program, the goal is to have someone remotely login
and then parse the login and password fields.  Ofcourse, Im doing alot
of arm waving.  Depending on the traffic on the network and the type
of network this may or may not be an easy task.

Personally, I favor the old fashion approach where the user is the
weak link.  Buy a keystroke recorder that can plug into the box.  Have
someone login and poof, you have their login and password.  This
assumes that you have local access to the machine or atleast the
machine where the login will take place.

Subject: Re: Getting into a FreeBSD box with Telnet
From: scin-ga on 06 Dec 2002 16:17 PST

Any sysadmin that uses telnet on a FreeBSD system is a moron.  If he
is indeed a moron, figure out if the network is switched, or uses a
hub.   If the network is switched you will need to do arp poisoning to
insert your sniffer between two points on the network, if its a hub
any sniffer will work.

However my guess is he uses SSH, which will encrypt all
transmissions... in which case you are pretty much screwed, especially
if the key is cached on the machine hes sshing from.

Lastly you can attempt the script kiddy approach, and run Nessus or
some such to see if he is running any volunerable services.  However
since he is offering a reward, I am guessing he will be patched
against a script kiddy attack.

Goodluck anyhow, and you have a lot to learn.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.

Search Google Answers for

Google Home - Answers FAQ - Terms of Service - Privacy Policy