{"id":374,"date":"2019-09-08T10:49:04","date_gmt":"2019-09-08T08:49:04","guid":{"rendered":"https:\/\/privat.andreas-klingler.de\/itsec\/?p=374"},"modified":"2023-12-20T19:28:26","modified_gmt":"2023-12-20T18:28:26","slug":"finger","status":"publish","type":"post","link":"https:\/\/infosec.andreas-klingler.de\/?p=374","title":{"rendered":"finger"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\">Enumeration<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Aktuell angemeldete Benutzer anzeigen<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">finger @ip<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Benutzer-Enu\u00admer\u00ada\u00adtion<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">for username in $(cat cirt-default-usernames.txt); do finger $username@10.10.10.76 &gt;&gt; \/tmp\/finger; done<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Enu\u00admer\u00ada\u00adtion mit Metasploit:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">msf5 &gt; use auxiliary\/scanner\/finger\/finger_users\nmsf5 auxiliary(scanner\/finger\/finger_users) &gt; set rhosts 10.10.10.76\nrhosts =&gt; 10.10.10.76\nmsf5 auxiliary(scanner\/finger\/finger_users) &gt; run<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Exploits<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Auf sehr alten Sys\u00adte\u00admen kon\u00adnte man https:\/\/insecure.org\/sploits_all.html zufolge Befehle aus\u00adf\u00fchren, etwa&nbsp;mit<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">finger \"|\/bin\/id@host'<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Enu\u00admer\u00ada\u00adtion Aktuell angemeldete Benutzer anzeigen fin\u00adger @ip Benutzer-Enu\u00admer\u00ada\u00ad\u00adtion for user\u00adname in $(cat cirt-default-usernames.txt); do fin\u00adger $username@10.10.10.76 \u00bb \/tmp\/finger; done Enu\u00admer\u00ada\u00adtion mit Metas\u00adploit: msf5 &gt; use auxiliary\/scanner\/finger\/finger_users msf5 auxiliary(scanner\/finger\/finger_users) &gt; set rhosts 10.10.10.76 rhosts =&gt; 10.10.10.76 msf5 auxiliary(scanner\/finger\/finger_users) &gt; run Exploits Auf sehr alten Sys\u00adte\u00admen kon\u00adnte man https:\/\/insecure.org\/sploits_all.html zufolge Befehle aus\u00adf\u00fchren, etwa&nbsp;mit fin\u00adger \u201c|\/bin\/id@host\u2019<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[469,471],"tags":[50,42],"class_list":["post-374","post","type-post","status-publish","format-standard","hentry","category-passive-enum","category-privesc","tag-enumeration","tag-finger"],"_links":{"self":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=374"}],"version-history":[{"count":2,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/374\/revisions"}],"predecessor-version":[{"id":3808,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/374\/revisions\/3808"}],"wp:attachment":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}