This list definitely won’t be exhaustive as many issues are silently patched, and there is just too much content to cover it all. I’ll keep this line from the first article: Welcome. Oh, and if you’re here wondering if these issues were generic enough to break into Root-Me again… Yup, they were! :) Here, I won’t detail again the setup process, we’ll just go through issues from the past, and the newly found issues!
#Abyss web server 127.0.0.1 full
Even though it’s not required to follow along, it’s always better to have the full context for a specific research. I tried to find what this file is used for but found no proper information.This is the second article dedicated to Spip 0-day research, if you haven’t read the first one, I recommend reading it first.
#Abyss web server 127.0.0.1 password
Number of days of warning before password expires : 7 Maximum number of days between password change : 365 Minimum number of days between password change : 0 Password is brand new, it is not expired.
15:32:50: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused When I enter the root credentials and click login the following logs come up - basically the same as before: 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/appliance/system/version 15:31:44: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused It is for sure related to this "no proxy-handler" error message. I have no reason what action could have triggered this new behavior. Yesterday, I tried to login and I have seen this error. I never had issues with this, not in 6.5 and not in 6.7. I am running ESXi 6.7 and VCA 6.7 (both with latest patches). The "! unable to login" error comes regardless if I use the correct or wrong credentials. I have checked the error.log file, those errors do only show up recently because in the past, I never had issues to log into the webinterface.
14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.523) no proxy-handler found for: /rest/appliance/system/version 14:31:48: (/build/mts/release/bora-7927448/studio/src/vami/apps/lighttpd/1.4.45/src/mod_proxy.c.1041) establishing connection failed: Connection refused When I access the URL, the following logs show up: Tail -f /opt/vmware/var/log/lighttpd/error.log
0 kommentar(er)
