How is Authentication Required different from Access Denied [closed]

I was trying a bug bounty challenge and I was given a vulnerable URL which needs a password to access it.

  • Case 1: When I try to do SQL-Injection in Username and Password, I get a page: access denied “Username not found
  • Case-2: If I keep entering random normal usernames and passwords, I get the “Enter username and Password” dialog box, and after so many trials I get the page which says: WWW-Authentication needed!

How are the two scenarios different?

Is Case 1 different than Case 2 in terms of vulnerabilities?

enter image description here

Can a firewall duplicate denied traffic onto a TAP/SPAN port?

We have quite a number of Palo Alto firewalls at various points in our infrastructure, for east-west, north-south, and DMZ traffic, all managed with Panorama. These firewalls have TAP ports which are connected to a network packet broker (NBP) platform that balances session streams and captures all traffic as pcaps. Frequently, I will want to investigate traffic that the firewall has denied – either incoming attack traffic from the internet, or internal east-west traffic that is being incorrectly blocked. However it would seem that only traffic the firewall has allowed to pass is being mirrored to the TAP port. Is it possible to configure the firewalls to also mirror denied traffic? How would this be done?

user gets access denied when adding new document in folder

In my SharePoint 2013 environment I have a site where the admin user group has design rights + security management rights. A readers permission group has read access on the site. I have a document library with one folder. On the folder I break the inheritance and give the readers group contribute access.

When the user from the readers groups wants to add a new document (Ribbon –> new document –> document) he gets a pop-up with an access denied message.

Why can’t the user add a new document with contribute access?

WordPress php mysql errors – errcode: 13 permission denied

I’m developing a WordPress based website using the latest XAMPP release from Oct 9 2019 with Apache 2.4.41, MySQL/MariaDB 10.4.8 and php 7.3.10 using localhost on a Windows 10 machine.

Since updating XAMPP I have been besieged with errors similar to the following:

PHP Warning: mysqli_query(): (HY000/6): Error on delete of ‘C:\xampp\tmp#sql35b0_ee_0.MAI’ (Errcode: 13 "Permission denied") in C:\xampp\htdocs\amc\wp-includes\wp-db.php on line 2007

WordPress database error Error on delete of ‘C:\xampp\tmp#sql35b0_ee_0.MAI’ (Errcode: 13 “Permission denied”) for query SHOW FULL COLUMNS FROM wp_options made by wp_reschedule_event, wp_schedule_event, _set_cron_array, update_option

I have checked the permissions of \xampp\tmp 50 times and authenticated users, system, administrators and users all have full control. I have also deleted WordPress and the associated data base and data tables several times yet the error on delete permission errors continue.

I’m seriously at a loss so any help would be greatly appreciated.

Thanks in advance

WordPress php mysql errors – errcode: 13 permission denied

I’m developing a WordPress based website using the latest XAMPP release from Oct 9 2019 with Apache 2.4.41, MySQL/MariaDB 10.4.8 and php 7.3.10 using localhost on a Windows 10 machine.

Since updating XAMPP I have been besieged with errors similar to the following:

PHP Warning: mysqli_query(): (HY000/6): Error on delete of ‘C:\xampp\tmp#sql35b0_ee_0.MAI’ (Errcode: 13 "Permission denied") in C:\xampp\htdocs\amc\wp-includes\wp-db.php on line 2007

WordPress database error Error on delete of ‘C:\xampp\tmp#sql35b0_ee_0.MAI’ (Errcode: 13 “Permission denied”) for query SHOW FULL COLUMNS FROM wp_options made by wp_reschedule_event, wp_schedule_event, _set_cron_array, update_option

I have checked the permissions of \xampp\tmp 50 times and authenticated users, system, administrators and users all have full control. I have also deleted WordPress and the associated data base and data tables several times yet the error on delete permission errors continue.

I’m seriously at a loss so any help would be greatly appreciated.

Thanks in advance

mount.nfs: access denied by server while mounting herman:/home

I recently installed kubuntu 16.04.6, 32-bit on a machine that I plan to use as a backup server. All went well until I tried to mount my other computers as a client. For example, when I try to mount the client at IP address 192.168.0.237 with:

mount -v -t nfs herman:/home /mnt/backup 

I get the following error message:

mount.nfs: timeout set for Mon Oct 14 12:14:15 2019 mount.nfs: trying text-based options 'vers=4,addr=192.168.0.249,clientaddr=192.168.0.237' mount.nfs: mount(2): Permission denied mount.nfs: access denied by server while mounting herman:/home 

On herman, my host.allows file includes:

portmap: 192.168.0.237 lockd: 192.168.0.237 mountd: 192.168.0.237 rquotad: 192.168.0.237 statd: 192.168.0.237 

The host.deny file is:

ALL: PARANOID 

The /etc/exports file includes the following line:

/home       192.168.0.237(rw,no_subtree_check) 

On the host, 192.168.0.237,

rpcinfo -p 

gives:

program vers proto   port  service 100000    4   tcp    111  portmapper 100000    3   tcp    111  portmapper 100000    2   tcp    111  portmapper 100000    4   udp    111  portmapper 100000    3   udp    111  portmapper 100000    2   udp    111  portmapper 100024    1   udp  47440  status 100024    1   tcp  41305  status 100021    1   udp  43041  nlockmgr 100021    3   udp  43041  nlockmgr 100021    4   udp  43041  nlockmgr 100021    1   tcp  58816  nlockmgr 100021    3   tcp  58816  nlockmgr 100021    4   tcp  58816  nlockmgr 

and on the server, herman

rpcinfo -p 

gives:

program vers proto   port  service 100000    4   tcp    111  portmapper 100000    3   tcp    111  portmapper 100000    2   tcp    111  portmapper 100000    4   udp    111  portmapper 100000    3   udp    111  portmapper 100000    2   udp    111  portmapper 100005    1   udp  57499  mountd 100005    1   tcp  37583  mountd 100005    2   udp  59970  mountd 100005    2   tcp  32963  mountd 100005    3   udp  37256  mountd 100005    3   tcp  60257  mountd 100003    2   tcp   2049  nfs  100003    3   tcp   2049  nfs  100003    4   tcp   2049  nfs  100227    2   tcp   2049 100227    3   tcp   2049 100003    2   udp   2049  nfs  100003    3   udp   2049  nfs  100227    2   udp   2049 100227    3   udp   2049 100021    1   udp  57580  nlockmgr 100021    3   udp  57580  nlockmgr 100021    4   udp  57580  nlockmgr 100021    1   tcp  33809  nlockmgr 100021    3   tcp  33809  nlockmgr 100021    4   tcp  33809  nlockmgr 100024    1   udp  42137  status 100024    1   tcp  43815  status 

I found another post where the user had the same problem and in his case the solution had something to do with, ‘apparmor’ and a “DENIED” included in the output of dmesg. I ran dmesg and had the following 2 lines in the output. I don’t think this in meaningful, because as far as I know, I have no dependency on ‘apparmor’, but I thought I should include following excerpt from my dmesg output:

dmesg | fgrep -i denied [   57.915343] audit: type=1400 audit(1570997933.469:24): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld-akonadi///usr/sbin/mysqld" name="/proc/1577/status" pid=1577 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 [   57.915416] audit: type=1400 audit(1570997933.469:25): apparmor="DENIED" operation="open" profile="/usr/sbin/mysqld-akonadi///usr/sbin/mysqld" name="/proc/1577/status" pid=1577 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 

I have been looking at other posts with the same problem, but I have not found a solution yet.

Can anyone help with suggestions on why the client is being denied nfs access?

Thanks in advance.

Jim A

SSH Permission Denied (PublicKey), Ubuntu 18.04

So I have read many questions and answers on this site. I have tried several answers, from changing settings in sshd_config, and having permissions set on private and public keys, 600 and 644 respectively.

I am working from a Windows 10 computer to a remote session on AWS, Ubuntu 18.04 I am not able to use ssh-copy-id because it does not work on windows. My keys were created on Ubuntu server ssh version 7.6. If I set PasswordAuthentication Yes I can get right in but I want to use Key Pair for remote access. I can provide any logs or Verb log in info you would need. I will give the last lines on log in attempt. and last lines of auth.log I used cat id_rsa.pub > authorized_keys to add new pub key to file

Any help would be greatly appreciated.

sshd_config LogLevel DEBUG PermitRootLogin without-password PubkeyAuthentication yes PasswordAuthentication no ChallengeResponseAuthentication no UsePAM yes Verb login Debug1: Host '3.3.3.3' is known and matches the ECDSA host key. debug1: Found key in C:\Users\PC19/.ssh/known_hosts:1 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: C:\Users\PC19/.ssh/id_rsa debug1: Trying private key: C:\Users\PC19/.ssh/id_dsa (not an actual key i have) debug1: Trying private key: C:\Users\PC19/.ssh/id_ecdsa (not an actual key i have) debug1: Trying private key: C:\Users\PC19/.ssh/id_ed25519 (not an actual key i have) debug1: Trying private key: C:\Users\PC19/.ssh/id_xmss (not an actual key i have) debug1: No more authentication methods to try. %USER%@3.3.3.3: Permission denied (publickey). Debug Logs auth.log Oct 10 03:11:49 ip-172-31-25-81 sshd[25307]: debug1: Forked child 25329. Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: Set /proc/self/oom_score_adj to 0 Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: inetd sockets after dupping: 3, 3 Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: Connection from 6.137.179.131 port 39359 on 172.31.25.81 port 22 Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: Client protocol version 2.0; client software version OpenSSH_for_Windows_7.7 Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: match: OpenSSH_for_Windows_7.7 pat OpenSSH* compat 0x04000000 Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: permanently_set_uid: 109/65534 [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: SSH2_MSG_KEXINIT sent [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: SSH2_MSG_KEXINIT received [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: kex: algorithm: curve25519-sha256 [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: rekey after 134217728 blocks [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: SSH2_MSG_NEWKEYS sent [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: expecting SSH2_MSG_NEWKEYS [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: SSH2_MSG_NEWKEYS received [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: rekey after 134217728 blocks [preauth] Oct 10 03:11:49 ip-172-31-25-81 sshd[25329]: debug1: KEX done [preauth] Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: userauth-request for user %USER% service ssh-connection method none [preauth] Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: attempt 0 failures 0 [preauth] Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: PAM: initializing for "%USER%" Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: PAM: setting PAM_RHOST to "6.137.179.131" Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: PAM: setting PAM_TTY to "ssh" Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: Connection reset by authenticating user %USER% 6.137.179.131 port 39359 [preauth] Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: do_cleanup [preauth] Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: monitor_read_log: child log fd closed Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: do_cleanup Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: PAM: cleanup Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: Killing privsep child 25330 Oct 10 03:11:50 ip-172-31-25-81 sshd[25329]: debug1: audit_event: unhandled event 12