Discussing local file inclusion with with @pacohope and @kseniadmitrieva, it became evident that I have more than a few non-obvious things to say about the value of /etc/passwd when in the hands of an opportunistic adversary. It is available on most (all?) Unixes, yet it is rich in idiosyncrasy. I threw together my thoughts and put them here.
If you know of more interesting details, drop me a comment.
No comments:
Post a Comment