Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Stupid Security Mistakes you have seen
View unanswered posts
View posts from last 24 hours

Goto page 1, 2, 3, 4  Next  
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  
Author Message
Bowyakka
Tux's lil' helper
Tux's lil' helper


Joined: 04 Oct 2002
Posts: 142
Location: London

PostPosted: Mon Nov 07, 2005 2:44 pm    Post subject: Stupid Security Mistakes you have seen Reply with quote

I will kick this off

Where i work we have a couple of macosx machines fro website testing, now the unix infra team wants nothing to do with these machines, so they are maintained by "IT Support" which is a largly windows based crowd.

Due to the way in which our environment is setup, many users hack their own hosts files , so in their intellegence it support gave the devs the following command to change the host file on macosx

Code:
 sudo vim /etc/hosts


So how did we get into the macosx box to install cool stuff and give us full access

... simple
Code:
sudo vim /etc/hosts
<ESC> :! bash
passwd ....


I think you get the picture, anyone else seen anything like this ? :)
_________________
glows in the dark
Back to top
View user's profile Send private message
ChristyMcJesus
Apprentice
Apprentice


Joined: 02 Oct 2004
Posts: 184

PostPosted: Mon Nov 07, 2005 3:00 pm    Post subject: Reply with quote

Heh, funny.

Biggest security fubar I saw recently was yesterday, when my bank took £3000 out of my account and sent it to China. I found this out when I tried to pay for my groceries, 5 minutes before the store closed. Oops.
Back to top
View user's profile Send private message
Bowyakka
Tux's lil' helper
Tux's lil' helper


Joined: 04 Oct 2002
Posts: 142
Location: London

PostPosted: Mon Nov 07, 2005 4:03 pm    Post subject: Reply with quote

Wha geez thats you bank !!?!?!?
_________________
glows in the dark
Back to top
View user's profile Send private message
rodoke
Tux's lil' helper
Tux's lil' helper


Joined: 01 Jan 2005
Posts: 87
Location: So. Ill.

PostPosted: Mon Nov 07, 2005 9:19 pm    Post subject: How about Reply with quote

the futility you feel every time you announce a new password to people, and you notice 2/3s of them immediately writing them down on Post-its.
Back to top
View user's profile Send private message
codergeek42
Bodhisattva
Bodhisattva


Joined: 05 Apr 2004
Posts: 5142
Location: Anaheim, CA (USA)

PostPosted: Mon Nov 07, 2005 9:29 pm    Post subject: Reply with quote

Windows running with administrative priveleges by default. :roll:
_________________
~~ Peter: Brony, GNU/Linux geek, caffeine addict, and Free Software advocate.
Who am I? :: EFF & FSF
Back to top
View user's profile Send private message
Billybob
Apprentice
Apprentice


Joined: 23 Oct 2003
Posts: 189

PostPosted: Mon Nov 07, 2005 9:45 pm    Post subject: Reply with quote

I don't remember why, but I was floating around Yahoo Mail one day and decided to test it for XSS vulns. Turns out there was plenty. About an hour later I had a preliminary exploit to show off. So I found Yahoo's security contact thingie-ma-bob, contacted them, and within a mere three months they fixed it. Wow.
_________________
---

Computer Life
Back to top
View user's profile Send private message
abaelinor
n00b
n00b


Joined: 27 Aug 2005
Posts: 51

PostPosted: Tue Nov 08, 2005 2:39 am    Post subject: Reply with quote

aa

Last edited by abaelinor on Tue Oct 21, 2008 4:29 am; edited 1 time in total
Back to top
View user's profile Send private message
homeobocks
Guru
Guru


Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?

PostPosted: Tue Nov 08, 2005 3:13 am    Post subject: Reply with quote

LOL WINDOWZ IS A SECURITY MISTEAK M I RITE?
_________________
HOW DO I SHOT WEB
Back to top
View user's profile Send private message
MACSRULETHEWORLD
Tux's lil' helper
Tux's lil' helper


Joined: 17 Apr 2004
Posts: 131

PostPosted: Tue Nov 08, 2005 3:37 am    Post subject: Reply with quote

at my school the admin left IP addresses and passwords to every single computer in a publicly viewable folder.
Back to top
View user's profile Send private message
abaelinor
n00b
n00b


Joined: 27 Aug 2005
Posts: 51

PostPosted: Tue Nov 08, 2005 4:30 am    Post subject: Reply with quote

aa

Last edited by abaelinor on Tue Oct 21, 2008 4:28 am; edited 1 time in total
Back to top
View user's profile Send private message
/dev/random
l33t
l33t


Joined: 26 Nov 2004
Posts: 704
Location: Austin, Texas, USA

PostPosted: Tue Nov 08, 2005 4:34 am    Post subject: Reply with quote

djlosch wrote:
homeobocks wrote:
LOL WINDOWZ IS A SECURITY MISTEAK M I RITE?

i was gonna start a new thread that would be taking bets on how long til someone made a post like this. (hopefully yer being sarcastic)

I think a better question would be: Is homeobocks ever serious?
Back to top
View user's profile Send private message
acasto
Apprentice
Apprentice


Joined: 06 Feb 2004
Posts: 236
Location: Durka-Durka-Stan

PostPosted: Tue Nov 08, 2005 4:35 am    Post subject: Reply with quote

The biggest security mistake I have seen was not wiping the gun for prints before ditching it.
_________________
Leerrroooooyyyyyyyy JENKINS!!!!1111...................

"You know the Nazi's had pieces of flare.. that they made the Jews wear."
Back to top
View user's profile Send private message
santiagozky
n00b
n00b


Joined: 07 Dec 2004
Posts: 39
Location: Puebla, Mexico

PostPosted: Tue Nov 08, 2005 5:17 am    Post subject: Reply with quote

in my university I take care of a web server (runing w2k3 :lol: ), a few after they gave me remote control (full control), i made a mistake and close all the remote conections, so I needed physical access to the server. When i got it I was escorted by one guy of IT support , but after a few minutes he got bored so he let me alone in the site with full physical acces to all the servers.

they are lucky that Im a good guy.
Back to top
View user's profile Send private message
wdreinhart
Guru
Guru


Joined: 11 Jun 2003
Posts: 569
Location: 14SQB1124847710

PostPosted: Tue Nov 08, 2005 7:36 am    Post subject: Re: Stupid Security Mistakes you have seen Reply with quote

Bowyakka wrote:
Code:
sudo vim /etc/hosts
<ESC> :! bash
passwd ....


This is the sort of thing that happens to people that put shells inside text editors...
Back to top
View user's profile Send private message
alistair
Retired Dev
Retired Dev


Joined: 15 Jul 2005
Posts: 869

PostPosted: Tue Nov 08, 2005 7:52 am    Post subject: Reply with quote

rlogin -l username machine

once upon at time didnt check username and allowed u to login with a username of -froot (which means no password)

easy access to root.


[edit]Even linux can have mistakes.
Back to top
View user's profile Send private message
abaelinor
n00b
n00b


Joined: 27 Aug 2005
Posts: 51

PostPosted: Wed Nov 09, 2005 3:10 am    Post subject: Reply with quote

aa

Last edited by abaelinor on Tue Oct 21, 2008 4:28 am; edited 1 time in total
Back to top
View user's profile Send private message
gkmac
Guru
Guru


Joined: 19 Jan 2003
Posts: 319
Location: West Sussex, UK

PostPosted: Wed Nov 09, 2005 1:19 pm    Post subject: Re: Stupid Security Mistakes you have seen Reply with quote

Bowyakka wrote:
So how did we get into the macosx box to install cool stuff and give us full access

... simple
Code:
sudo vim /etc/hosts
<ESC> :! bash
passwd ....
I think you get the picture, anyone else seen anything like this ? :)

Anything which allows launching of full commands is a potential security hole.

I came across something similar on an old Windows 98 desktop at work. They ran the system policy editor taking away just about every single privilege there was. Only "Programs" on the Start Menu, right clicking the desktop put up an "Access has been restricted..." popup, double-clicking "My Computer" showed a blank window...

But one terminal application had its help file missing, with the response "Do you want to try and find this file yourself?". Answer Yes, browse the file-selector towards C:\WINDOWS\regedit.exe, right click, select "Open" and bingo!

By finding out what registry keys the system policy editor changed to lock down the desktop, one could uncripple this computer. I went as far as adding back "Shut Down" to the start menu but didn't do anything else. Nobody seemed to notice...
Back to top
View user's profile Send private message
Enlight
Advocate
Advocate


Joined: 28 Oct 2004
Posts: 3514
Location: Alsace (France)

PostPosted: Wed Nov 09, 2005 1:52 pm    Post subject: Reply with quote

codergeek42 wrote:
Windows running with administrative priveleges by default. :roll:


Actually everyone can be admin on a windows machine : reboot & press a key => "mode sans echec" (in french) must be something like "single mode" or "non failure mode" in english...
_________________
le "lol" est aux boulets ce que le ";" est au programmeurs
Back to top
View user's profile Send private message
ChristyMcJesus
Apprentice
Apprentice


Joined: 02 Oct 2004
Posts: 184

PostPosted: Wed Nov 09, 2005 2:09 pm    Post subject: Re: Stupid Security Mistakes you have seen Reply with quote

gkmac wrote:
I came across something similar on an old Windows 98 desktop at work. They ran the system policy editor taking away just about every single privilege there was. Only "Programs" on the Start Menu, right clicking the desktop put up an "Access has been restricted..." popup, double-clicking "My Computer" showed a blank window...

But one terminal application had its help file missing, with the response "Do you want to try and find this file yourself?". Answer Yes, browse the file-selector towards C:\WINDOWS\regedit.exe, right click, select "Open" and bingo!

They have the same hole where I work. I use it to browse to the cd rom drive on the terminal server and click "eject". I figure if I do it often enough they might figure out something is wrong and fix it.
Back to top
View user's profile Send private message
Butts McCokey
Advocate
Advocate


Joined: 23 Apr 2004
Posts: 3314

PostPosted: Wed Nov 09, 2005 2:10 pm    Post subject: Reply with quote

AA and British Gas leaving their comms rooms unlocked with £10,000,000 worth of equipment inside. All you need is a cup of coffee and the Gas records and people stuck on the motorway go up in smoke with the rest of the building
_________________
Since the bible and the church are obviously mistaken about where we came from, how can we trust them with where we're going?

"An eye for an eye will make us all blind" - Gandhi
Back to top
View user's profile Send private message
gkmac
Guru
Guru


Joined: 19 Jan 2003
Posts: 319
Location: West Sussex, UK

PostPosted: Thu Nov 10, 2005 7:49 pm    Post subject: Reply with quote

One other computer at work ran Windows NT 4 (I think) where the clock would drift by about 5 minutes every week. Clicking the taskbar clock to try and fix it was no use, since that was restricted along with many other things.

So I yanked out the UPS power cable and stuck it back in, pressed DEL during the memory count and the unpassword-protected BIOS was all in reach. Just to correct that clock, but someone else could tinker with the IDE sector/head/cylinder settings (why do BIOSes still have those?) and cripple the computer enough for somebody to call tech support.

djlosch wrote:
and anyone could walk up to an ethernet jack, unplug it and plug their own laptop in instantly getting on the network.
Forgive me if this is a stupid question, but how exactly is it possible to prevent this?
Back to top
View user's profile Send private message
Lechium
Apprentice
Apprentice


Joined: 04 Apr 2005
Posts: 244

PostPosted: Thu Nov 10, 2005 7:57 pm    Post subject: Reply with quote

gkmac wrote:
djlosch wrote:
and anyone could walk up to an ethernet jack, unplug it and plug their own laptop in instantly getting on the network.
Forgive me if this is a stupid question, but how exactly is it possible to prevent this?

require login/have list of registred MAC addresses...
Back to top
View user's profile Send private message
mofrikaantje
n00b
n00b


Joined: 15 Oct 2005
Posts: 11
Location: Belgium

PostPosted: Thu Nov 10, 2005 8:01 pm    Post subject: Reply with quote

biggest mistake i ever saw was at our school, you could access the teacher computer containing all the marks from almost all that teacher's pupils (also ours) trought all the computers in the network... stupidly enough, i told him before changing my marks :cry:
Back to top
View user's profile Send private message
Mnemia
Guru
Guru


Joined: 17 May 2002
Posts: 476

PostPosted: Thu Nov 10, 2005 8:05 pm    Post subject: Reply with quote

Lechium wrote:
gkmac wrote:
djlosch wrote:
and anyone could walk up to an ethernet jack, unplug it and plug their own laptop in instantly getting on the network.
Forgive me if this is a stupid question, but how exactly is it possible to prevent this?

require login/have list of registred MAC addresses...

MAC addresses are easily spoofed...

The login thing however can work. Just make all the ports only give out IPs on a non-routable network with nothing accessible on it, and then require people to connect with a VPN client, authenticated by public keys, in order to do anything.
Back to top
View user's profile Send private message
Lechium
Apprentice
Apprentice


Joined: 04 Apr 2005
Posts: 244

PostPosted: Thu Nov 10, 2005 8:07 pm    Post subject: Reply with quote

At my univ at one of the computer labs there is a computer that is used to get students id/password in case theyt forgot it.
It uses fullscreen IE with turned off toolbars. It it linked to the page where you fill in your perosnal info, press button, and it loads page with your id/pass word. Than you push another button and it loads 'click here to get your id/password' screen.

Here's the thing thou -- you press backspace which functions as a back button, and by doing that you can go back and see personal information, id and password, of all people who used the system...
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Goto page 1, 2, 3, 4  Next
Page 1 of 4

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum