Home / exploitsPDF  

OSSEC 2.8 umask Clear Text Passwords

Posted on 16 September 2014

OSSEC 2.8 umask problem with clear text passwords :-( # aramosf@unsec.net / SecurityByDefault.com root@digitalsec:/home/aramosf# /var/ossec/agentless/register_host.sh add ossec@server1 Please provide password for host ossec@server1. Password: Please provide additional password for host ossec@server1 (<enter> for empty). Password: *Host ossec@server1 added. root@digitalsec:/home/aramosf# cat /var/ossec/agentless/.passlist ossec@server1|test|test2 root@digitalsec:/home/aramosf# ls -la /var/ossec/agentless/.passlist -rwxr--r-- 1 root root 83 Sep 15 14:35 /var/ossec/agentless/.passlist root@digitalsec:/home/aramosf#

 

TOP