UGN Security
Posted By: Aelphaeis Mangarae Ways Of Logging Into A Web Server - 10/26/04 09:11 PM
Alot of administrators use FTP to login to there webserver and update the website(s) which is hosted on it.

What are other ways that admins remotely "administer" there website.
If i was able to social engineer an admin password (just an example) out of an admin, what possible ways would the admin use to log into his server except for FTP ?

Thanking you in advance.
Posted By: Gremelin Re: Ways Of Logging Into A Web Server - 10/26/04 10:27 PM
SSH, Telnet, FTP, Control Panel (if available: CPanel, Ensim, WebAdmin, etc), misconfigured scripts, etc... There are quite the many; a Control Panel wouldn't nessessarily run on a port you'd be able to scan also as it's generally a public url on the web with a redirect in the users webspace, for example:
http://www.undergroundnews.com/admin/
Posted By: §intå× Re: Ways Of Logging Into A Web Server - 10/27/04 03:30 AM
Cpanel can be reached often by

http://www.web-address.com/cpanel
or
http://www.web-address:2082

telnet://login:password@url/path/to/dir

Get putty
http://www.chiark.greenend.org.uk/~sgtatham/putty/
Posted By: Ice Re: Ways Of Logging Into A Web Server - 10/27/04 05:34 AM
ehh i dont think alot of places use telnet that much anymore.. I think the 3 most popular are

SSH
FTP
Control Panel

and "cracking" a server isnt as easy as 1, 2, 3.
Most of the servers log all activity.
Posted By: Gremelin Re: Ways Of Logging Into A Web Server - 10/27/04 08:57 AM
At HostNuke they disable Telnet on all the servers... Why? Because it's a slow service, does the same thing as ssh, and is exploited most often.

As for Control Panel's, there tend to be more than one can count lol...
Posted By: Aelphaeis Mangarae Re: Ways Of Logging Into A Web Server - 10/27/04 07:17 PM
Thank you.
© UGN Security Forum