Hi, I installed proftpd while installing SuSE 6.2, activated it in inetd.conf and did kill -1 on inetd. I did not change proftpd.conf. Then I logged in per ftp as a normal user (letzas) - and downloaded /etc/shadow. Here are the logs (two trys): /var/log/messages: Sep 23 21:59:07 glutamat proftpd[1189]: connect from root@192.168.1.111 Sep 23 21:59:13 glutamat proftpd[1189]: FTP login as 'letzas' from somat.homenet [192.168.1.111] to 192.168.1.112:21 Sep 23 21:59:13 glutamat proftpd[1189]: FTP session opened: letzas/users somat.homenet[192.168.1.111] Sep 23 22:00:34 glutamat proftpd[1219]: connect from letzas@192.168.1.111 Sep 23 22:00:39 glutamat proftpd[1219]: FTP login as 'letzas' from somat.homenet [192.168.1.111] to 192.168.1.112:21 Sep 23 22:00:39 glutamat proftpd[1219]: FTP session opened: letzas/users somat.homenet[192.168.1.111] /var/log/xferlog: Thu Sep 23 21:59:35 1999 0 somat.homenet 1010 /etc/shadow b _ o r letzas ftp 0 * Thu Sep 23 22:00:53 1999 0 somat.homenet 1010 /etc/shadow b _ o r letzas ftp 0 * regards, Ivo Letzas
Ivo Letzas wrote:
Hi,
I installed proftpd while installing SuSE 6.2, activated it in inetd.conf and did kill -1 on inetd. I did not change proftpd.conf.
Then I logged in per ftp as a normal user (letzas) - and downloaded /etc/shadow.
Not with the newest proftpd, which you have to compile yourself. Is there already a rpm of proftpd 1.2.0pre7? BTW what are the permissions of /etc/shadow on your system? rw-r----- ? ***** /home/ftp>ncftp -u ***** ***** NcFTP 3.0.0 beta 19 (June 11, 1999) by Mike Gleason. Connecting to ************ Password for user "******" at *********: ProFTPD 1.2.0pre7 Server (Welcome to ******) [******************] Logging in... User ****** logged in. Logged in to *****. Current remote directory is /home/******. ncftp /home/***** > cd /etc/ ncftp /etc > get shadow get shadow: server said: shadow: Permission denied ncftp /etc > quit
My shadow is: [letzas@glutamat:/home/letzas] ls -l /etc/shadow -rw-r----- 1 root shadow 1010 Sep 18 18:33 /etc/shadow [letzas@glutamat:/home/letzas] ftp localhost Connected to localhost. 220 ProFTPD 1.2.0pre3 Server (powered by SuSE Linux) [glutamat.homenet] Name (localhost:letzas): 331 Password required for letzas. Password: 230 User letzas logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp> lcd /tmp Local directory now /tmp ftp> cd /etc 250 CWD command successful. ftp> get shadow local: shadow remote: shadow 200 PORT command successful. 150 Opening BINARY mode data connection for shadow (1010 bytes). 226 Transfer complete. 1010 bytes received in 0.00175 secs (5.7e+02 Kbytes/sec) ftp> bye 221 Goodbye. [letzas@glutamat:/home/letzas] rm /tmp/shadow Martin Schneider wrote:
Ivo Letzas wrote:
Hi,
I installed proftpd while installing SuSE 6.2, activated it in inetd.conf and did kill -1 on inetd. I did not change proftpd.conf.
Then I logged in per ftp as a normal user (letzas) - and downloaded /etc/shadow.
Not with the newest proftpd, which you have to compile yourself. Is there already a rpm of proftpd 1.2.0pre7? BTW what are the permissions of /etc/shadow on your system? rw-r----- ?
participants (2)
-
Ivo Letzas
-
Martin Schneider