1) Open source isn't more secure. This is an old assumption. 2) There is no such thing as closed source anymore. Everything is chocked full of open source.https://twitter.com/hackerfantastic/status/1072533649411751937 …
-
-
Replying to @joshbressers
I disagree, the reason nobody paid much attention to telnet in inetutils is because a) nobody uses it and b) it's not security sensitive. telnet isn't setuid, and if you can set DISPLAY, you might as well just set LD_PRELOAD, or use !sh to just run commands.
2 replies 2 retweets 32 likes -
Replying to @taviso @joshbressers
People do use OpenSSH and it *is* security sensitive, and you better believe people study every line. I wouldn't trust any proprietary SSH implementation.
2 replies 6 retweets 36 likes -
Replying to @taviso @joshbressers
Hacker Fantastic Retweeted Hacker Fantastic
He is not wrong, though USER= is passed via -l and could be set in a URI handler via user@ making it more interesting as the heap code be remotely reachable -https://twitter.com/hackerfantastic/status/1065095950606221312?s=19 …
Hacker Fantastic added,
Hacker Fantastic @hackerfantasticI've never seen "encryption-free" SSH, I didn't believe it was real - so I looked it up.@mikrotik_com permit you to login via password based authentication over SSH... in clear-text! My password is "SECRETKEY" and can be clearly seen once "none" is selected as a cipher type.
pic.twitter.com/sBM2MRs7sR2 replies 0 retweets 8 likes -
Replying to @hackerfantastic @joshbressers
Do you have an example of any vulnerable usage? It's hard to believe anybody is doing that, that's what I mean: I don't think anybody spent any time auditing telnet from inetutils, because it's not used anywhere security sensitive.
5 replies 0 retweets 6 likes -
Almost every IR responder I know tests open ports using telnet (as opposed to netcat as it differentiates between refused||wrapped. You can be sure that I'll have the exploit sitting on my pen box in my next engagement...
3 replies 2 retweets 12 likes -
Why would you use telnet rather than nmap for that?
1 reply 0 retweets 2 likes -
Replying to @RichFelker @taviso and
... because I want to interact with the service.
1 reply 0 retweets 1 like -
Replying to @noidd @RichFelker and
Look, the point is that the software that people care about a lot gets audited. You are one of the few people who cares deeply about the security of telnet (?), it's not surprising that people spend their finite resources auditing ssh first, is it?
1 reply 0 retweets 2 likes -
I thought the point I was making is that we rely on opensource software under the misguided belief it's more secure when in fact it's not often peer reviewed or even maintained. Not everyone has the same threat model and closed source has just as many issues.
3 replies 0 retweets 4 likes
I don't think anybody ever claimed just making something GPL makes it secure, people have to care about it. You are one of the very few people who cares about the security of mikrotik telnet client, and you were able to audit it... success 
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.