Syntax: g_admin_readonly string g_admin_ip System admins with readonly access to the management interface Syntax: g_acctlog_sum_inactive bool g_admin_readonly Summarise local accounts that have not logged in yet as setting has no further documentation currently available Syntax: g_access_surgeweb bool g_acctlog_sum_inactive Syntax: g_access_webonly string g_access_surgewebĪpply g_access_group rules to surgeweb sessions based on client’s address This setting has no further documentation currently available Users in this group can only use web not imap or pop Syntax: g_access_group_default string g_access_webonly (must be used in conjunction with g_access_group) Syntax: g_access_group group=string access_pop=string access_imap=string access_smtp=string access_incoming=string g_access_group_defaultĪccess group defaults for users with no access groups set. G_access_group group=”nowebmail” access_pop=”*,!webmail.ip” access_imap=”*,!webmail.ip” access_smtp=”*”Īnd put the users you want to limit in a group called ‘nowebmail’ e.g. G_access_group group=”normal” access_pop=”*” access_imap=*” access_smtp=”*” To prevent webmail access for some users you would do this: With “Access type” set to “free_user” on accounts page or equivalently in nwauth authentication mailaccess=”free_user” … G_access_group group=free_user access_pop= access_imap= access_smtp= G_access_group group=paid_user access_pop=* access_imap=* access_smtp=* this could allow you to charge webmail users for pop access privileges: When a user is authenticated access is checked against group membership defined in the “mailaccess” field in the authentication database. at this point i got pretty excited and went into explotation mode.Access rules defining groups of IP addresses with certain POP, IMAP and SMTP privileges. I then tried uploading a test file and it worked. r-rr- 1 admin users 12645888 May 03 05:53 surgemail_installer.exeĢ50 Directory changed to "/MyDocuments/./././surgemail".Ģ50 Directory changed to "/MyDocuments/./././surgemail/scripts".
#SURGEMAIL PORT 7025 NOT RESPONDING WINDOWS#
I browsed to the surgemail/scripts directoryĢ50 Directory changed to "/MyDocuments/././.".ġ50 Opening ASCII mode data connection for listingĭr-xrwx- 1 admin users 0 May 03 22:58 $Recycle.Binĭr-xrwx- 1 admin users 0 Documents and Settingsĭr-xrwx- 1 admin users 0 May 03 19:20 Program Filesĭr-xrwx- 1 admin users 0 May 03 19:21 ProgramDataĭr-xrwx- 1 admin users 0 May 03 22:51 Python26ĭr-xrwx- 1 admin users 0 Apr 30 01:21 Recoveryĭr-xrwx- 1 admin users 0 May 07 23:48 surgemailĭr-xrwx- 1 admin users 0 May 03 22:38 System Volume Informationĭr-xrwx- 1 admin users 0 May 07 23:48 Usersĭr-xrwx- 1 admin users 0 May 03 21:28 Windows \.\" actually was working and after a few iterations got me to the root directory. After messing around for awhile I realized that the "cd. After browsing files for awhile I decided this ftp session was a bust and logged out.īack to FTP:After noticing the EXE files with a possible execution on the webpage i decided to hit the FTP session back up and see if I can get to the scripts directory. But unfortunately I didnt have access to write to that directory so i moved on. My actual first thought was to replace the system32 directory program Magnify.exe with my evil payload so that at the Remote desktop login the accessibility options would become a shell. I also seemed to be able to browse to a directory with system32 files. So i decided to directly call the root directory with "cd c:".Ĭd C: correctly hopped me into a directory with loads of files available. \.\.\.\.\" and the response back indicated a fail. Failed, so I then flipped the slashes to "cd. I tried to hop out of the ftp directory structure via directory traversal attacks with "cd. After logging into the FTP server there wasnt much to play with in any available directories so i decided to try to hop out of the FTP environment. Initial FTP probing:First thing i did was log into the FTP server with credentials that were provided on the offsec page. Probably a wrong assumption, but its a good theory to cling to when things get rough KilltheN00b had various ports open including FTP, HTTP and some various mail ports.Ĩ0/tcp open http Surgemail webmail (DNews based)ġ06/tcp open pop3pw Qualcomm poppassd (Maximum users connected)ġ10/tcp open pop3 SurgeMail pop3d 3.8k4-4ġ43/tcp open imap SurgeMail imapd 3.8k4-4ģ66/tcp open smtp Surgemail smtpd 3.8k4-4ĥ87/tcp open smtp Surgemail smtpd 3.8k4-4Īll Girls Just want to have fun? Wait no that's a song LOL I logged into the offsec labs and reviewed some of the documentation on the contest page that stated there were 2 targets.Īfter a quick portscan I chose to attack killthen00b purely based on the amount of open ports available on the system. How Strong is Your FU hacker challenge Part 2Īfter some chips, salsa and a supersized burrito from el habinaro i was down for anouther challenge.
0 kommentar(er)
