Search Results

Search found 550 results on 22 pages for 'passwd'.

Page 6/22 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Adding user to chroot environment

    - by Neo
    I've created a chroot system in my Ubuntu using schroot and debrootstrap, based on minimal ubuntu. However whenever I can't seem to add a new user into this chroot environment. Here is what happens. I enter schroot as root and add a new user.(Tried both adduser and useradd commands) The username lists up in /etc/passwd file and I can 'su' into the new user. So far so good. When I log out of schroot, and re-enter schroot, the user I created has vanished!! There is no mention of that user in /etc/passwd either. How do I make the new user permanent?

    Read the article

  • Solaris 11.1 smb share pam.conf

    - by websta
    I would like to enable an SMB share on Solaris 11.1 x64 My steps: pkg install service/filesystem/smb svcadm enable -r smb/server echo "other password required pam_smb_passwd.so.1 nowarn" >> /etc/pam.conf useradd public smbadm enable-user public zfs set share=name=fs1,path=/rpool/fs1,prot=smb rpool/fs1 zfs set sharesmb=on rpool/fs1 passwd -r files public Step 8 failes: It is not possible to enter a password, output is: solaris passwd -r files public Please try again Please try again Permission denied If I uncomment the new line in pam.conf, it is possible to change the password. Nevertheless, it is not possible to access the share from Windows 7. The Solaris machine is reachable with ping. Access with another SMB enabled user is denied too.

    Read the article

  • duplicity can't find remote backup directory?

    - by leeand00
    Using my private key to do so, this command allows me to connect to /home/backupUser/backup just fine: $ sudo sftp -oPort=7843 [email protected]:backup However when I run duplicity, I get the following error: duplicity full --exclude ... / scp://backupUser:[email protected]:7843:/backup bash: [email protected]:7843./backup: No such file or directory I'm under the assumption that duplicity would interpret the /backup path as relative to the user's home directory. But since the above command didn't work, I also tried leaving off the / in the backup directory at the end of the command, i.e. duplicity full --exclude ... / scp://backupUser:[email protected]:7843:backup bash: [email protected]:7843:backup: command not found Is there something I'm missing here, like adding the passcode for the private key to make this command work?

    Read the article

  • How to set up virtual users in vsftpd?

    - by ares94
    I've read this tutorial: http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/ My configuration is as follow: ---vsftpd.conf--- listen=YES anonymous_enable=NO local_enable=YES virtual_use_local_privs=YES write_enable=YES connect_from_port_20=YES pam_service_name=vsftpd guest_enable=YES user_sub_token=$USER local_root=/var/www/sites/$USER chroot_local_user=YES hide_ids=YES ---/etc/pam.d/vsftpd--- auth required pam_pwdfile.so pwdfile /etc/vsftpd/passwd account required pam_permit.so I created file /etc/vsftpd/passwd and added users using htaccess. I tried to login but it didn't work: ftp 127.0.0.1 Connected to 127.0.0.1 (127.0.0.1). 220 vsFTPd 2.3.5+ (ext.1) ready... Name (127.0.0.1:root): user1 331 Please specify the password. Password: 530 Permission denied. Login failed. Everything seems fine accept the permission denied thing. How can I fix this?

    Read the article

  • apache2 Webdav using VirtualDocumentRoot

    - by picca
    I'm trying to get up dynamical WebDav on my virtual hosts <VirtualHost *:80> # http://www.example.com/test.txt -> /var/www/example.com/www/test.txt VirtualDocumentRoot /var/www/%-2.0.%-1.0/%-3+/ <Location /webdav> Dav On AuthType Basic AuthName "example.com" AuthUserFile /var/www/[PROBLEM-1]/passwd.dav Require valid-user </Location> </VirtualHost> Is there any way I can set dynamically PROBLEM-1 placeholder based on whatever comes with *HTTP_HOST*? More precisely part of it? Example: HTTP_HOST = www.example.com - PROBLEM-1 = example.com HTTP_HOST = example.com - PROBLEM-1 = example.com What I'm trying to do here is to load dav passwd file dynamically based on which domain is requested. It is something like "groups" if you wish. So that owner of domainA is not allowed to access files of domainB. So maybe there is some other solution based on AuthGroupFile directive?

    Read the article

  • nginx public webdav server

    - by Gert Cuykens
    Can you check the user group from a $remote_user? location ~ ^/home/(.*)$ { alias /home/$remote_user/$1; auth_pam "Restricted"; auth_pam_service_name "nginx"; dav_methods PUT DELETE MKCOL COPY MOVE; dav_access group:rw all:r; create_full_put_path on; } location ~ ^/get/(.*)$ { alias /home/$1; #check the group of the $remote_user; } curl -T test.txt 'http://gert:[email protected]/home/' curl 'http://friend:[email protected]/get/gert/test.txt'

    Read the article

  • Adding local users / passwords on Kerberized Linux box

    - by Brian
    Right now if I try to add a non-system user not in the university's Kerberos realm I am prompted for a Kerberos password anyway. Obviously there is no password to be entered, so I just press enter and see: passwd: Authentication token manipulation error passwd: password unchanged Typing passwd newuser has the same issue with the same message. I tried using pwconv in the hopes that only a shadow entry was needed, but it changed nothing. I want to be able to add a local user not in the realm and give them a local password without being bothered about Kerberos. I am on Ubuntu 10.04. Here are my /etc/pam.d/common-* files (the defaults that Ubuntu's pam-auth-update package generates): account # here are the per-package modules (the "Primary" block) account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so # here's the fallback if no module succeeds account requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around account required pam_permit.so # and here are more per-package modules (the "Additional" block) account required pam_krb5.so minimum_uid=1000 # end of pam-auth-update config auth # here are the per-package modules (the "Primary" block) auth [success=2 default=ignore] pam_krb5.so minimum_uid=1000 auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config password # here are the per-package modules (the "Primary" block) password requisite pam_krb5.so minimum_uid=1000 password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512 # here's the fallback if no module succeeds password requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around password required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config session # here are the per-package modules (the "Primary" block) session [default=1] pam_permit.so # here's the fallback if no module succeeds session requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around session required pam_permit.so # and here are more per-package modules (the "Additional" block) session optional pam_krb5.so minimum_uid=1000 session required pam_unix.so # end of pam-auth-update config

    Read the article

  • Ubuntu 12.04: Unable to add or delete a user named 'mysql'

    - by Afaque H
    I am trying to install MySql on Ubuntu 12.04 but the installation is failing with the error: "Can't change to run as user 'mysql'. Check if the user 'mysql' exits." So I go ahead type in the command : 'cat /etc/passwd | grep mysql' and result is null. I try to add a user 'mysql' by issuing the command 'useradd mysql'/. But it fails with the message: 'useradd: user 'mysql' already exists'. When I try to delete the user 'mysql' using the command 'userdel mysql' it also fails with the message "userdel: cannot remove entry 'mysql' from /etc/passwd." Can anyone explain me what's going on and suggest a solution.

    Read the article

  • Someone try to hack my site, want to understand the log

    - by garconcn
    I have a wordpress site hosted on CentOS 6. After see the following access log, I checked the server, it seems ok. Can anyone explain what does this guy trying to do? Did they get what they want? I have disabled allow_url_include, and restricted open_basedir to web dir and tmp(/etc is not in the path). 190.26.208.130 - - [05/Sep/2012:21:24:42 -0700] "POST http://my_ip/?-d%20allow_url_include%3DOn+-d%20auto_prepend_file%3D../../../../../../../../../../../../etc/passwd%00%20-n/?-d%20allow_url_include%3DOn+-d%20auto_prepend_file%3D../../../../../../../../../../../../etc/passwd%00%20-n HTTP/1.1" 200 32656 "-" "Mozilla/5.0"

    Read the article

  • Nginx PHP-FPM Basic Auth

    - by Lari13
    I have nginx with php-fpm installed on Debian Squeeze. Directory tree is: /var/www/mysite index.php secret_folder_1 admin.php static.html secret_folder_2 admin.php static.html pictures img01.jpg I need to close secret_folder_1 and secret_folder_2 with basic_auth. Now config looks like: location ~ /secret_folder_1/.+\.php$ { root /var/www/mysite/; fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME /var/www/mysite$fastcgi_script_name; include fastcgi_params; auth_basic "Restricted Access"; auth_basic_user_file /path/to/.passwd; } location ~ /secret_folder_1/.* { root /var/www/mysite/; auth_basic "Restricted Access"; auth_basic_user_file /path/to/.passwd; } Same config for secret_folder_2. Is it normal? I mean, first location for serving php files in restricted folder, and second location for serving static files. Can it be simplified?

    Read the article

  • Chrooted user does not start in his home directory and does not load his bash_profiles

    - by Stuffy
    If the users logs in, he starts in / of the chroot (Which is /var/jail on the real machine). I would like him to start in his home-dir. Also, he seems not to load any of his profile-files (.bash.rc etc). I followed this tutorial to create the chroot environment. This is what my /etc/passwd looks like: test:x:1004:1008:,,,:/var/jail/home/test:/bin/bash this is what my /var/jail/etc/passwd file looks like: test:x:1004:1008:,,,:/home/test:/bin/bash I also found out that, if I remove Match User test ChrootDirectory /var/jail AllowTCPForwarding no X11Forwarding no from my /etc/ssh/sshd_config, the user starts in his correct home-folder and with his bash-settings loaded. However, he is able to leave the chroot-environment if I remove that part. This question I asked before is somewhat related, since I think the wrong look of the commandline is caused from the not loaded profile-files. So any ideas how to fix this?

    Read the article

  • Trouble with Samba Domain

    - by Arkevius
    I'm having a bit of trouble setting up this Samba domain correctly. I'm getting an Access Denied error when trying to add a Windows XP machine to the domain. I'll go through my scenario in detail, but for those of you wanting a TLDR summary it'll be at the bottom of this post. I have HP Proliant server with Ubuntu 12.04 LTS installed. For this particular environment, I need this server to act as a PDC, file server, and print server. I began by updating and upgrading the packages (of course). Then went to install samba, gnome-desktop, wine, and cpanm. Samba was, of course, for the PDC and file/print services. The GUI was needed because a certain software has to be installed on there that needs a GUI. Wine was needed because the software is Windows-native. And cpanm was for a perl script I have running. For Samba, I went into the smb.conf file and enabled domain logons, changed the workgroup/domain name, the logon script for a per-group basis (netlogon/%g), enabled the netlogon and profiles share, and setup a couple of custom shares for the file service. The printer was added later, and seems to be working just fine. I then restarted the services, and used the net groupmap command to ensure my unix groups were mapped correctly to the Windows groups. After this, I went to a Windows box, and was able to successfully join the domain without a problem. After some fidgeting with the software to get it running on the win boxes from the server (it's a records management system program, which stores it's database files on the server), I went to add another computer to the domain. But now it's saying Access Denied. Before when I had this trouble it was because I forgot to add the group "machines" so Samba could create machine accounts. Thinking this was the case, I manually created the machine account to test this theory. However, it would still give me an Access Denied error. That must mean it has something to do with permissions now, correct? I've been fighting with this server for the past two weeks. If it's not one thing that;s wrong, then it's something else completely different. This would be the third time I've actually reinstalled everything to start over. I'll post snippets of my system settings below. If anything else is needed, just say the word and I'll gather up the info. The unix group 'domadmin' is the Domain Admins group. Samba Administrator account administrator:x:1000:1000:Administrator,,,:/home/administrator:/bin/bash Adminstrator's groups administrator adm cdrom sudo dip plugdev lpadmin sambashare domadmin crimestar Samba's Configuration FIle (a snippet anyways) [global] workgroup = CITYPD server string = BPDServer dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user domain logons = yes logon path = \\%L\srv\samba\profiles\%U logon script = logon.bat add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u domain master = yes usershare allow guests = yes [netlogon] comment = Network Logon Service path = /srv/samba/netlogon/%g guest ok = yes read only = yes browseable = no [profiles] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no write list = root, @lpadmin [crimestar] comment = "Crimestar DB" path = /srv/crimestar/db valid users = @domadmin, @crimestar admin users = administrator writeable = yes guest ok = no browseable = no create mask = 0666 directory mask = 0777 [crimestarfiles] path = /home/administrator/.wine/drive_c/crimestar admin users = administrator browseable = yes ls -la on /srv/samba/profiles drwxrwxrwx 2 root machines 4096 Nov 21 15:27 . drwxr-xr-x 4 root root 4096 Nov 21 15:28 .. ls -la on /srv/samba/netlogon drwxr-xr-x 6 root root 4096 Nov 21 15:30 . drwxr-xr-x 4 root root 4096 Nov 21 15:28 .. drwxr-xr-x 2 root root 4096 Nov 21 15:30 crimestar drwxr-xr-x 2 root root 4096 Nov 21 18:13 domadmin drwxr-xr-x 3 root root 4096 Nov 21 15:30 guests drwxr-xr-x 2 root root 4096 Nov 21 15:29 users GrouMap list Domain Users (S-1-5-21-2978508755-2341913247-928297747-513) -> users Domain Admins (S-1-5-21-2978508755-2341913247-928297747-512) -> domadmin Domain Guests (S-1-5-21-2978508755-2341913247-928297747-514) -> nogroup TLDR I'm getting an Access Denied error message while trying to join a windows box to a samba domain, even after I successfully joined another computer without a problem. System settings / files are quoted above. Anyone have any ideas or suggestions?

    Read the article

  • Python read multiline JSON

    - by Paul W
    I have been trying to use JSON to store settings for a program. I can't seem to get Python 2.6 's JSON Decoder to decode multi-line JSON strings... Here is example input: .settings file: """ {\ 'user':'username',\ 'password':'passwd',\ }\ """ I have tried a couple other syntaxes for this file, which I will specify below (with the traceback they cause). My python code for reading the file in is import json settings_text = open(".settings", "r").read() settings = json.loads(settings_text) The Traceback for this is: Traceback (most recent call last): File "json_test.py", line 4, in <module> print json.loads(text) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/__init__.py", line 307, in loads return _default_decoder.decode(s) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/decoder.py", line 322, in decode raise ValueError(errmsg("Extra data", s, end, len(s))) ValueError: Extra data: line 1 column 2 - line 7 column 1 (char 2 - 41) I assume the "Extra data" is the triple-quote. Here are the other syntaxes I have tried for the .settings file, with their respective Tracebacks: "{\ 'user':'username',\ 'pass':'passwd'\ }" Traceback (most recent call last): File "json_test.py", line 4, in <module> print json.loads(text) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/__init__.py", line 307, in loads return _default_decoder.decode(s) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/decoder.py", line 319, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/decoder.py", line 336, in raw_decode obj, end = self._scanner.iterscan(s, **kw).next() File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/scanner.py", line 55, in iterscan rval, next_pos = action(m, context) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/decoder.py", line 155, in JSONString return scanstring(match.string, match.end(), encoding, strict) ValueError: Invalid \escape: line 1 column 2 (char 2) '{\ "user":"username",\ "pass":"passwd",\ }' Traceback (most recent call last): File "json_test.py", line 4, in <module> print json.loads(text) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/__init__.py", line 307, in loads return _default_decoder.decode(s) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/decoder.py", line 319, in decode obj, end = self.raw_decode(s, idx=_w(s, 0).end()) File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/json/decoder.py", line 338, in raw_decode raise ValueError("No JSON object could be decoded") ValueError: No JSON object could be decoded If I put the settings all on one line, it decodes fine.

    Read the article

  • MySQLdb not INSERTING, _mysql does fine.

    - by Mad_Casual
    Okay, I log onto the MySQL command-line client as root. I then open or otherwise run a python app using the MySQLdb module as root. When I check the results using python (IDLE), everything looks fine. When I use the MySQL command-line client, no INSERT has occurred. If I change things around to _mysql instead of MySQLdb, everything works fine. I'd appreciate any clarification(s). "Works" until IDLE/Virtual machine is reset: <pre><code>import MySQLdb db = MySQLdb.connect(user='root', passwd='*******',db='test') cursor = db.cursor() cursor.execute("""INSERT INTO test VALUES ('somevalue');""",)</code></end> Works: <pre><code>import _mysql db = _mysql.connect(user='root', passwd='*******',db='test') db.query("INSERT INTO test VALUES ('somevalue');")</code></end> System info: Intel x86 WinXP Python 2.5 MySQL 5.1.41 MySQL-Python 1.2.2

    Read the article

  • SSH Password/User problem with Cygwin sshd service

    - by Supernovah
    hello I just set up SSHd through Cygwin on a Windows XP Pro box overseas using a RAT and discluded the openssh package from the install. I ran the cywin shell (from c:\cywin) and ran Now, It's under a port I know is safe and fowarded properly, but I won't share it's number. It's not a common port, but it's under 40000. Firewalls are off etc etc. I'm on the first Admin account made on the box. (It's full admin) I've run the following commands chmod +r /etc/passwd chmod +r /etc/group hmod 777 /var /*Created New Admin User Account To Be Used via SSH*/ mkpasswd -cl > /etc/passwd mkgroup --local > /etc/group I can connect locally, but not externally. I know my ports etc are fine. Any possible problems, as i really need this tunnel up :P

    Read the article

  • cakephp find with ID inArray

    - by user331321
    Hi! i have this tables: Clients (id, name, addrees, group,...) Services_Clients (id, client_id, login,passwd) documents (id,client_id,date,path) clients must be in a group or not, and i can not change the database structure. 1) In a login form, by user/passwd i get an client group 2) after that a get all the clients id from that group like this $jur = $this-Client-find('all', array('conditions' = array('Client.group'=$group['Client']['group']))); ok, now, i need to get all documents from the clients of that group, so... how can i achive that? i need to find in my model but getting only with IDs on $jur variable sorry about my english...

    Read the article

  • SSH Password/User problem with Cygwin sshd service

    - by Supernovah
    hello I just set up SSHd through Cygwin on a Windows XP Pro box overseas using a RAT and discluded the openssh package from the install. I ran the cywin shell (from c:\cywin) and ran Now, It's under a port I know is safe and fowarded properly, but I won't share it's number. It's not a common port, but it's under 40000. Firewalls are off etc etc. I'm on the first Admin account made on the box. (It's full admin) I've run the following commands chmod +r /etc/passwd chmod +r /etc/group hmod 777 /var /*Created New Admin User Account To Be Used via SSH*/ mkpasswd -cl > /etc/passwd mkgroup --local > /etc/group I can connect locally, but not externally. I know my ports etc are fine. Any possible problems, as i really need this tunnel up :P

    Read the article

  • How to make Subversion use Linux system accounts for authentication?

    - by Alejandro García Iglesias
    Hi all, I've set up a Ubuntu Server for Subversion with Apache/WebDAV interface to share repositories with other developers. My question is, how can I make Subversion use the linux system accounts for authentication? This would lead to very easy Subversion account management. Subversion with Apache/WebDAV is currently working with this configuration: Contents of /etc/apache2/mods-available/dav_svn.conf: <Location /svn> DAV svn SVNParentPath /home/svn SVNListParentPath On AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd Require valid-user </Location> I have tried changing AuthUserFile /etc/apache2/dav_svn.passwd with AuthUserFile /etc/shadow with no success. This makes the server to respond with a error 500 internal server error. It's logical, why the Web service should have access to system authentication file? Thanks a lot in advance!

    Read the article

  • INSERT SQL in Java

    - by Pierre
    Hello. I have a Java application and I want to use SQL database. I have a class for my connection : public class SQLConnection{ private static String url = "jdbc:postgresql://localhost:5432/table"; private static String user = "postgres"; private static String passwd = "toto"; private static Connection connect; public static Connection getInstance(){ if(connect == null){ try { connect = DriverManager.getConnection(url, user, passwd); } catch (SQLException e) { JOptionPane.showMessageDialog(null, e.getMessage(), "Connection Error", JOptionPane.ERROR_MESSAGE); } } return connect; } } And now, in another class I succeeded to print my values but when I attempt to insert a value nothing is happening ... Here's my code : try { Statement state = SQLConnection.getInstance().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,ResultSet.CONCUR_READ_ONLY); Statement state2 = SQLConnection.getInstance().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,ResultSet.CONCUR_UPDATABLE); state2.executeUpdate("INSERT INTO table(field1) VALUES (\"Value\")"); // Here's my problem ResultSet res = state.executeQuery("SELECT * FROM plateau");

    Read the article

  • Mac OS X: getting names of changed/written files

    - by Patrick
    I remember having a command line tool on an older Mac OS X version (Tiger?) that told me the name of every file that was written to (or read) by any process on the system. It used fseventd (? or something like that). Is there something like that for the newest Mac OS X (10.6)? It should be run in a terminal window and then I can use the system as normal. Let's say I type cat /etc/passwd, the output of that program would be similar to /bin/cat /etc/passwd I can't use lsof because I can't get the timing right. Is this clear or do you need more information?

    Read the article

  • Iterating over a database column in Django

    - by curious
    I would like to iterate a calculation over a column of values in a MySQL database. I wondered if Django had any built-in functionality for doing this. Previously, I have just used the following to store each column as a list of tuples with the name table_column: import MySQLdb import sys try: conn = MySQLdb.connect (host = "localhost", user = "user", passwd="passwd", db="db") except MySQLdb.Error, e: print "Error %d: %s" % (e.args[0], e.args[1]) sys.exit (1) cursor = conn.cursor() for table in ['foo', 'bar']: for column in ['foobar1', 'foobar2']: cursor.execute('select %s from %s' % (column, table)) exec "%s_%s = cursor.fetchall()" % (table, column) cursor.close() conn.commit() conn.close() Is there any functionality built into Django to more conveniently iterate through the values of a column in a database table? I'm dealing with millions of rows so speed of execution is important.

    Read the article

  • Using directory traversal attack to execute commands

    - by gAMBOOKa
    Is there a way to execute commands using directory traversal attacks? For instance, I access a server's etc/passwd file like this http://server.com/..%01/..%01/..%01//etc/passwd Is there a way to run a command instead? Like... http://server.com/..%01/..%01/..%01//ls ..... and get an output? EDIT: To be clear here, I've found the vuln in our company's server. I'm looking to raise the risk level (or bonus points for me) by proving that it may give an attacker complete access to the system

    Read the article

  • Is this the right way of handling command line arguments?

    - by shadyabhi
    ask_username = True ask_password = True ask_message = True ask_number = True def Usage(): print '\t-h, --help: View help' print '\t-u, --username: Username' print '\t-p, --password: Password' print '\t-n, --number: numbber to send the sms' print '\t-m, --message: Message to send' sys.exit(1) opts, args = getopt(sys.argv[1:], 'u:p:m:n:h',["username=","password=","message=","number=","help"]) print opts, args for o,v in opts: if o in ("-h", "--help"): Usage() elif o in ("-u", "--username"): username = v ask_username = False elif o in ("-p", "--password"): passwd = v ask_password = False elif o in ("-m", "--message"): message = v ask_message = False elif o in ("-n", "--number"): number = v ask_number = False #Credentials taken here if ask_username: username = raw_input("Enter USERNAME: ") if ask_password: passwd = getpass() if ask_message: message = raw_input("Enter Message: ") if ask_number: number = raw_input("Enter Mobile number: ") I dont think it is, because I am using 4 objects just for checking if command line argument was provided... Guide me with the best way of doing it..

    Read the article

  • Windows can see Ubuntu Server printer, but can't print to it

    - by Mike
    I have an old desktop that I'm trying to set up as a home backup/print server. Backup was trivial, but am having issues getting the printing to work. The printer is connected to the server running Ubuntu Server 9.10 (no gui). If I access the printer via http://hostname:631/printers/, I am able to print a test page, so I know the printer is working; however, I am having no luck from Windows. Windows can see the printer when browsed via \hostname\, but I am unable to connect. Windows says "Windows cannot connect to the printer" without indicating why. Any suggestions? From /etc/samba/smb.conf: [global] workgroup = WORKGROUP dns proxy = no security = user username map = /etc/samba/smbusers encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user load printers = yes printing = cups printcap name = cups [printers] comment = All Printers browseable = no path = /var/spool/samba writable = no printable = yes guest ok = yes read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = yes From /etc/cups/cupsd.conf: LogLevel warn SystemGroup lpadmin Port 631 Listen /var/run/cups/cups.sock Browsing On BrowseOrder allow,deny BrowseAllow all BrowseRemoteProtocols CUPS BrowseAddress @LOCAL BrowseLocalProtocols CUPS dnssd DefaultAuthType Basic <Location /> Order allow,deny Allow all </Location> <Location /admin> Order allow,deny Allow all </Location> <Location /admin/conf> AuthType Default Require user @SYSTEM Order allow,deny Allow all </Location> <Policy default> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document> Require user @OWNER @SYSTEM Order deny,allow </Limit> <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices> AuthType Default Require user @SYSTEM Order deny,allow </Limit> <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Require user @SYSTEM Order deny,allow </Limit> <Limit CUPS-Authenticate-Job> Require user @OWNER @SYSTEM Order deny,allow </Limit> <Limit All> Order deny,allow </Limit> </Policy> <Policy authenticated> <Limit Create-Job Print-Job Print-URI> AuthType Default Order deny,allow </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document> AuthType Default Require user @OWNER @SYSTEM Order deny,allow </Limit> <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> AuthType Default Require user @SYSTEM Order deny,allow </Limit> <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Require user @SYSTEM Order deny,allow </Limit> <Limit Cancel-Job CUPS-Authenticate-Job> AuthType Default Require user @OWNER @SYSTEM Order deny,allow </Limit> <Limit All> Order deny,allow </Limit> </Policy>

    Read the article

  • How does Ubuntu create the guest session? [closed]

    - by tarantinofan
    Possible Duplicate: How do I change the guest session defaults In Ubuntu 10.04, I am able to create a guest session from the indicator-applet-session applet menu. When it is active, this session has its home folder in /tmp, an entry in /etc/passwd and /etc/shadow, and so on. This temporary guest user and its session exists only while it is active. I want to know how this guest session is created, because I want to modify it a bit.

    Read the article

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >