[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability

To: "crazy_king@xxxxxxxx" <crazy_king@xxxxxxxx>
Subject: Re: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability
From: "Jamie Riden" <jamie.riden@xxxxxxxxx>
Date: Mon, 30 Apr 2007 17:20:38 +0100

On 30 Apr 2007 11:10:51 -0000, crazy_king@xxxxxxxx <crazy_king@xxxxxxxx> wrote:

By Cr@zy_King

crazy_king@xxxxxxxx

Biyosecurity.Net & Expw0rm.Com

Thanks : Liz0 & DarkXBoyZ & Eno7 & ApAci & Uyuss & Crackers_Child & Th3_43k1R & 
Xoron & Ajannn

Portal : GHH


Hi there,

GHH is a honeypot, not a portal, and it is meant to expose this
information. The file passwd.txt is actually a PHP script which
generates a random password.
http://ghh.sourceforge.net/introduction.php describes briefly how GHH works.

cheers,
Jamie
--
Jamie Riden, CISSP / jamesr@xxxxxxxxxx / jamie@xxxxxxxxxxxxxxx
UK Honeynet Project: http://www.ukhoneynet.org/

References:
- GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability
  - From: crazy_king

Prev by Date: 3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits.
Next by Date: iDefense Security Advisory 04.27.07: VMware Workstation Shared Folders Directory Traversal Vulnerability
Previous by thread: GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability
Next by thread: 3proxy[v0.5.3g]: (linux/win32 service) remote buffer overflow exploits.
Index(es):
- Date
- Thread