Penetration into national computer No. 1 school CMU-2

Author: YoCo Smart From: XI ke Information Technology-Silic Group Site: http://blackbap.org Before that, I just started my article. Then I continued. Not yet successful, it is almost a matter of character. However, it is a little poor, and there is nothing to shirk, that is, the ability is not good. The first is the main site www.cmu.edu, with the ip address 128.2.10.162 The second is www.emc.cmu.edu, And the ip address is 128.2.129.29. First, there was an OpenSSH overflow, but I also had the only hacker who was proficient in Linux penetration in the self-proclaimed operation camp. Other people would not use this vulnerability. The vulnerability can be found here: Http://marc.info /? L = openbsd-misc & m = 106375456923804 & w = 2 If this is the case, just penetrate through other machines. The second target is listed above. Https: 443, www: 80, smtp: 25, pop3: 110, ssh: 22, cmd: 514, ftp: 21, telnet: 23, finger: 79, ntp: 123 is fully enabled... However, it is worth mentioning that X-Scan prompts the glod overflow in ftpd. I have never understood what the overflow is. Therefore, finger is used at the beginning. C:> finger 0@128.2.129.29 [128.2.129.29: 79] Login Name TTY Idle When Where Daemon ??? <...> Bin ??? <...> Sys ??? <...> Then proceed: C:> finger root@128.2.129.29 [128.2.129.29: 79] Login Name TTY Idle When Where Root Super-User pts/17 <Apr 1 :29> butter. ece. cmu. Root exists. Then enable telnet. Input: Open 128.2.129.29 Tip: Telnetd: Authorization failed. The connection to the host is lost. Press any key to continue... The ntlm authentication should be 3. No way, you can only log on with the unset ntlm parameter. However, the returned information is still lost... I can't ignore my ip address .. All right, log on from ftp. Ftp: Open 128.2.129.29 The logon is successful, but authentication is required. I guess the name from root to the name of each school. The name is still incorrect. All the names are rejected, let alone the password. But let's look back at the glod. After the ftp connection is established, enter glod and configure the switch... Okay. It overflows. Glod ~ { Overflow failed... It took me a long time to finish this machine .. If anyone is interested, continue to guess. Glod overflow Literature: http://www.nsfocus.net/vulndb/2021 :