preisacm
/
sternwarte
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

completed report

master
Michael Preisach 6 years ago
parent
d12b471da6
commit
bd852b1a16
12 changed files with 14656 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8772
      tex/resources/200120-error.log
  2. 2389
      tex/resources/200131-error.log
  3. 2191
      tex/resources/200216-error.log
  4. 242
      tex/resources/200216-nmap.log
  5. 25
      tex/resources/dig-mx-sternwarte.log
  6. 29
      tex/resources/dirsearch.log
  7. BIN
      tex/resources/logo_flat.png
  8. 23
      tex/writeup.aux
  9. 701
      tex/writeup.log
  10. BIN
      tex/writeup.pdf
  11. BIN
      tex/writeup.synctex.gz
  12. 284
      tex/writeup.tex

8772
tex/resources/200120-error.log
View File

File diff suppressed because it is too large

2389
tex/resources/200131-error.log
View File

File diff suppressed because it is too large

2191
tex/resources/200216-error.log
View File

File diff suppressed because it is too large

242
tex/resources/200216-nmap.log
View File

@ -0,0 +1,242 @@
nmap -F -T2 85.126.106.130-154,156
Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-17 11:28 CET
Nmap scan report for acamar.mag.eu (85.126.106.130)
Host is up (0.0064s latency).
Not shown: 69 filtered ports, 29 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
Nmap scan report for algenib.mag.eu (85.126.106.131)
Host is up (0.0058s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for alcor.mag.eu (85.126.106.132)
Host is up (0.0060s latency).
Not shown: 69 filtered ports, 29 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
Nmap scan report for antares.mag.eu (85.126.106.133)
Host is up (0.0058s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for bellatrix.mag.eu (85.126.106.134)
Host is up (0.0059s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for capella.mag.eu (85.126.106.135)
Host is up (0.0058s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for gemma.mag.eu (85.126.106.136)
Host is up (0.0065s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for hadar.mag.eu (85.126.106.137)
Host is up (0.0059s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for heka.mag.eu (85.126.106.138)
Host is up (0.0060s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for kochab.mag.eu (85.126.106.139)
Host is up (0.0058s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for maia.mag.eu (85.126.106.140)
Host is up (0.0060s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for merak.mag.eu (85.126.106.141)
Host is up (0.0062s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for mizar.mag.eu (85.126.106.142)
Host is up (0.0069s latency).
Not shown: 75 filtered ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp closed telnet
25/tcp open smtp
88/tcp closed kerberos-sec
110/tcp closed pop3
119/tcp closed nntp
143/tcp closed imap
389/tcp closed ldap
443/tcp closed https
515/tcp closed printer
554/tcp closed rtsp
631/tcp closed ipp
993/tcp closed imaps
995/tcp closed pop3s
1720/tcp closed h323q931
1755/tcp closed wms
3128/tcp closed squid-http
3389/tcp closed ms-wbt-server
5060/tcp closed sip
5900/tcp closed vnc
7070/tcp closed realserver
8000/tcp closed http-alt
8081/tcp closed blackice-icecap
8443/tcp closed https-alt
9100/tcp closed jetdirect
Nmap scan report for nunki.mag.eu (85.126.106.145)
Host is up (0.0059s latency).
Not shown: 75 filtered ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp closed telnet
88/tcp closed kerberos-sec
110/tcp closed pop3
119/tcp closed nntp
143/tcp closed imap
389/tcp closed ldap
443/tcp open https
515/tcp closed printer
554/tcp closed rtsp
587/tcp open submission
631/tcp closed ipp
993/tcp open imaps
995/tcp open pop3s
1720/tcp closed h323q931
1755/tcp closed wms
3128/tcp closed squid-http
3389/tcp closed ms-wbt-server
5060/tcp closed sip
5900/tcp closed vnc
7070/tcp closed realserver
8000/tcp closed http-alt
8081/tcp closed blackice-icecap
8443/tcp closed https-alt
9100/tcp closed jetdirect
Nmap scan report for okul.mag.eu (85.126.106.148)
Host is up (0.0057s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap scan report for procyon.mag.eu (85.126.106.149)
Host is up (0.0058s latency).
Not shown: 74 filtered ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp closed telnet
25/tcp closed smtp
88/tcp closed kerberos-sec
110/tcp closed pop3
119/tcp closed nntp
143/tcp closed imap
389/tcp closed ldap
443/tcp closed https
465/tcp closed smtps
515/tcp closed printer
554/tcp closed rtsp
587/tcp closed submission
631/tcp closed ipp
993/tcp closed imaps
995/tcp closed pop3s
1720/tcp closed h323q931
1755/tcp closed wms
3128/tcp closed squid-http
3389/tcp closed ms-wbt-server
5060/tcp closed sip
5900/tcp closed vnc
7070/tcp closed realserver
8081/tcp closed blackice-icecap
8443/tcp closed https-alt
9100/tcp closed jetdirect
Nmap scan report for polaris.mag.eu (85.126.106.150)
Host is up (0.0062s latency).
Not shown: 69 filtered ports, 27 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
8000/tcp open http-alt
8080/tcp open http-proxy
Nmap scan report for regulus.mag.eu (85.126.106.151)
Host is up (0.0060s latency).
Not shown: 69 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp closed telnet
25/tcp open smtp
53/tcp open domain
80/tcp open http
88/tcp closed kerberos-sec
110/tcp open pop3
119/tcp closed nntp
143/tcp open imap
389/tcp closed ldap
443/tcp open https
465/tcp open smtps
515/tcp closed printer
554/tcp closed rtsp
587/tcp open submission
631/tcp closed ipp
993/tcp open imaps
995/tcp open pop3s
1720/tcp closed h323q931
1755/tcp closed wms
3128/tcp closed squid-http
3389/tcp closed ms-wbt-server
5060/tcp closed sip
5900/tcp closed vnc
7070/tcp closed realserver
8000/tcp closed http-alt
8080/tcp open http-proxy
8081/tcp closed blackice-icecap
8443/tcp closed https-alt
9100/tcp closed jetdirect
Nmap scan report for scheat.mag.eu (85.126.106.153)
Host is up (0.0061s latency).
Not shown: 69 filtered ports, 28 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
Nmap scan report for spica.mag.eu (85.126.106.154)
Host is up (0.0060s latency).
Not shown: 69 filtered ports, 28 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
Nmap scan report for wasat.mag.eu (85.126.106.156)
Host is up (0.0061s latency).
Not shown: 73 filtered ports, 26 closed ports
PORT STATE SERVICE
21/tcp open ftp
Nmap done: 26 IP addresses (21 hosts up) scanned in 1208.63 seconds

25
tex/resources/dig-mx-sternwarte.log
View File

@ -0,0 +1,25 @@
> dig -t mx sternwarte.at
; <<>> DiG 9.14.10 <<>> -t mx sternwarte.at
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26587
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;sternwarte.at. IN MX
;; ANSWER SECTION:
sternwarte.at. 2484 IN MX 20 mizar.mag.eu.
sternwarte.at. 2484 IN MX 10 nihal.mag.eu.
;; ADDITIONAL SECTION:
mizar.mag.eu. 2484 IN A 85.126.106.142
;; Query time: 1 msec
;; SERVER: 140.78.100.119#53(140.78.100.119)
;; WHEN: Mon Feb 17 13:38:08 CET 2020
;; MSG SIZE rcvd: 108

29
tex/resources/dirsearch.log
View File

@ -0,0 +1,29 @@
> dirsearch -u www.sternwarte.at -E
|. _ _ _ _ _ _| v0.3.9
(||| _) (/(|| (| )
Extensions: php, asp, aspx, jsp, js, html, do, action | HTTP method: get | \
Threads: 10 | Wordlist size: 8673
Error Log: /home/fuero/.dirsearch/logs/errors-20-01-19_19-32-00.log
Target: www.sternwarte.at
[19:32:00] Starting:
[19:32:01] 200 - 2KB - /%3f/
[19:32:03] 200 - 21KB - /.DS_Store
[19:32:13] 200 - 46KB - /log/error.log
[19:32:30] 500 - 294B - /ActiveDirectoryRemoteAdminScripts/
[19:34:27] 200 - 64KB - /favicon.ico
[19:35:02] 200 - 408KB - /log/error.log
[19:35:35] 500 - 294B - /phpMyAdmin-2.11.5.1-all-languages/
[19:35:35] 500 - 294B - /phpMyAdmin-2.11.7.1-all-languages-utf-8-only/
[19:35:35] 500 - 294B - /phpMyAdmin-2.11.7.1-all-languages/
[19:35:35] 500 - 294B - /phpMyAdmin-2.11.8.1-all-languages-utf-8-only/
[19:35:35] 500 - 294B - /phpMyAdmin-2.11.8.1-all-languages/
[19:35:53] 200 - 118B - /robots.txt
[19:36:14] 200 - 15KB - /start.html
[19:36:40] 500 - 294B - /WebSphereSamples.Configuration.config
Task Completed

BIN
tex/resources/logo_flat.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 17 KiB

23
tex/writeup.aux
View File

@ -0,0 +1,23 @@
\relax
\providecommand*\new@tpo@label[2]{}
\bbl@beforestart
\catcode `"\active
\babel@aux{naustrian}{}
\@writefile{toc}{\contentsline {section}{\numberline {1}Zusammenfassung}{1}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {2}Methodik}{2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Informationsgewinnung}{2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Verwendete Programme}{2}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {3}Erkenntnisse}{2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Webserver}{2}\protected@file@percent }
\@writefile{lol}{\contentsline {lstlisting}{\numberline {1}HTTP Response Header von \texttt {www.sternwarte.at}}{2}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.1}Kein TLS}{3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.2}Beliebige Frames per URL laden}{3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.3}Öffentlich zugängliche Dateien mit Metainformationen}{3}\protected@file@percent }
\@writefile{lol}{\contentsline {lstlisting}{\numberline {2}Mittels DirSearch Gefundene Endpoints}{3}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.4}Sehr alte Version des Servers}{5}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.2}FTP-Server}{5}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Mail-Server}{6}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.3.1}Mailserver, der laut DNS zuständig ist}{6}\protected@file@percent }
\@writefile{lol}{\contentsline {lstlisting}{\numberline {3}Mittels DirSearch Gefundene Endpoints}{6}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.3.2}Mailserver auf \texttt {sternwarte.at}}{7}\protected@file@percent }
\@writefile{lol}{\contentsline {lstlisting}{\numberline {4}Fehler des Mailservers auf \texttt {sternwarte.at}}{7}\protected@file@percent }

701
tex/writeup.log
View File

@ -0,0 +1,701 @@
This is pdfTeX, Version 3.14159265-2.6-1.40.20 (TeX Live 2019/Arch Linux) (preloaded format=pdflatex 2020.2.3) 17 FEB 2020 16:43
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
**writeup.tex
(./writeup.tex
LaTeX2e <2019-10-01> patch level 1
(/usr/share/texmf-dist/tex/latex/koma-script/scrartcl.cls
Document Class: scrartcl 2019/10/12 v3.27 KOMA-Script document class (article)
(/usr/share/texmf-dist/tex/latex/koma-script/scrkbase.sty
Package: scrkbase 2019/10/12 v3.27 KOMA-Script package (KOMA-Script-dependent b
asics and keyval usage)
(/usr/share/texmf-dist/tex/latex/koma-script/scrbase.sty
Package: scrbase 2019/10/12 v3.27 KOMA-Script package (KOMA-Script-independent
basics and keyval usage)
(/usr/share/texmf-dist/tex/latex/graphics/keyval.sty
Package: keyval 2014/10/28 v1.15 key=value parser (DPC)
\KV@toks@=\toks14
)
(/usr/share/texmf-dist/tex/latex/koma-script/scrlfile.sty
Package: scrlfile 2019/10/12 v3.27 KOMA-Script package (loading files)
)))
(/usr/share/texmf-dist/tex/latex/koma-script/tocbasic.sty
Package: tocbasic 2019/10/12 v3.27 KOMA-Script package (handling toc-files)
\scr@dte@tocline@numberwidth=\skip41
\scr@dte@tocline@numbox=\box27
)
Package tocbasic Info: omitting babel extension for `toc'
(tocbasic) because of feature `nobabel' available
(tocbasic) for `toc' on input line 137.
Package scrartcl Info: You've used standard option `11pt'.
(scrartcl) This is correct!
(scrartcl) Internally I'm using `fontsize=11pt'.
(scrartcl) If you'd like to set the option with \KOMAoptions,
(scrartcl) you'd have to use `fontsize=11pt' there
(scrartcl) instead of `11pt', too.
Class scrartcl Info: File `scrsize11pt.clo' used to setup font sizes on input l
ine 2208.
(/usr/share/texmf-dist/tex/latex/koma-script/scrsize11pt.clo
File: scrsize11pt.clo 2019/10/12 v3.27 KOMA-Script font size class option (11pt
)
)
(/usr/share/texmf-dist/tex/latex/koma-script/typearea.sty
Package: typearea 2019/10/12 v3.27 KOMA-Script package (type area)
\ta@bcor=\skip42
\ta@div=\count80
\ta@hblk=\skip43
\ta@vblk=\skip44
\ta@temp=\skip45
\footheight=\skip46
Package typearea Info: These are the values describing the layout:
(typearea) DIV = 10
(typearea) BCOR = 0.0pt
(typearea) \paperwidth = 597.50793pt
(typearea) \textwidth = 418.25555pt
(typearea) DIV departure = -6%
(typearea) \evensidemargin = 17.3562pt
(typearea) \oddsidemargin = 17.3562pt
(typearea) \paperheight = 845.04694pt
(typearea) \textheight = 595.80026pt
(typearea) \topmargin = -25.16531pt
(typearea) \headheight = 17.0pt
(typearea) \headsep = 20.40001pt
(typearea) \topskip = 11.0pt
(typearea) \footskip = 47.6pt
(typearea) \baselineskip = 13.6pt
(typearea) on input line 1716.
)
\c@part=\count81
\c@section=\count82
\c@subsection=\count83
\c@subsubsection=\count84
\c@paragraph=\count85
\c@subparagraph=\count86
\scr@dte@section@maxnumwidth=\skip47
Class scrartcl Info: using compatibility default `runin=bysign'
(scrartcl) for `\section on input line 4702.
Class scrartcl Info: using compatibility default `afterindent=bysign'
(scrartcl) for `\section on input line 4702.
\scr@dte@part@maxnumwidth=\skip48
Class scrartcl Info: using compatibility default `afterindent=false'
(scrartcl) for `\part on input line 4710.
\scr@dte@subsection@maxnumwidth=\skip49
Class scrartcl Info: using compatibility default `runin=bysign'
(scrartcl) for `\subsection on input line 4720.
Class scrartcl Info: using compatibility default `afterindent=bysign'
(scrartcl) for `\subsection on input line 4720.
\scr@dte@subsubsection@maxnumwidth=\skip50
Class scrartcl Info: using compatibility default `runin=bysign'
(scrartcl) for `\subsubsection on input line 4730.
Class scrartcl Info: using compatibility default `afterindent=bysign'
(scrartcl) for `\subsubsection on input line 4730.
\scr@dte@paragraph@maxnumwidth=\skip51
Class scrartcl Info: using compatibility default `runin=bysign'
(scrartcl) for `\paragraph on input line 4740.
Class scrartcl Info: using compatibility default `afterindent=bysign'
(scrartcl) for `\paragraph on input line 4740.
\scr@dte@subparagraph@maxnumwidth=\skip52
Class scrartcl Info: using compatibility default `runin=bysign'
(scrartcl) for `\subparagraph on input line 4750.
Class scrartcl Info: using compatibility default `afterindent=bysign'
(scrartcl) for `\subparagraph on input line 4750.
\abovecaptionskip=\skip53
\belowcaptionskip=\skip54
\c@pti@nb@sid@b@x=\box28
Package tocbasic Info: omitting babel extension for `lof'
(tocbasic) because of feature `nobabel' available
(tocbasic) for `lof' on input line 5969.
\scr@dte@figure@maxnumwidth=\skip55
\c@figure=\count87
Package tocbasic Info: omitting babel extension for `lot'
(tocbasic) because of feature `nobabel' available
(tocbasic) for `lot' on input line 5981.
\scr@dte@table@maxnumwidth=\skip56
\c@table=\count88
Class scrartcl Info: Redefining `\numberline' on input line 6145.
\bibindent=\dimen102
)
(/usr/share/texmf-dist/tex/latex/slantsc/slantsc.sty
Package: slantsc 2012/01/01 v2.11 Provide Slanted an Italic Small Caps
(/usr/share/texmf-dist/tex/latex/base/ifthen.sty
Package: ifthen 2014/09/29 v1.1c Standard LaTeX ifthen package (DPC)
)
LaTeX Info: Redefining \upshape on input line 35.
LaTeX Info: Redefining \slshape on input line 45.
LaTeX Info: Redefining \itshape on input line 55.
LaTeX Info: Redefining \scshape on input line 65.
)
(/usr/share/texmf-dist/tex/latex/base/inputenc.sty
Package: inputenc 2018/08/11 v1.3c Input encoding file
\inpenc@prehook=\toks15
\inpenc@posthook=\toks16
)
(/usr/share/texmf-dist/tex/generic/babel/babel.sty
Package: babel 2019/10/15 3.35 The Babel package
(/usr/share/texmf-dist/tex/generic/babel/switch.def
File: switch.def 2019/10/15 3.35 Babel switching mechanism
)
(/usr/share/texmf-dist/tex/generic/babel-german/naustrian.ldf
Language: naustrian 2018/12/08 v2.11 German support for babel (post-1996 orthog
raphy)
(/usr/share/texmf-dist/tex/generic/babel-german/ngermanb.ldf
Language: ngermanb 2018/12/08 v2.11 German support for babel (post-1996 orthogr
aphy)
(/usr/share/texmf-dist/tex/generic/babel/babel.def
File: babel.def 2019/10/15 3.35 Babel common definitions
\babel@savecnt=\count89
\U@D=\dimen103
(/usr/share/texmf-dist/tex/generic/babel/txtbabel.def)
\bbl@dirlevel=\count90
)
\l@naustrian = a dialect from \language\l@ngerman
Package babel Info: Making " an active character on input line 121.
)))
(/usr/share/texmf-dist/tex/latex/geometry/geometry.sty
Package: geometry 2018/04/16 v5.8 Page Geometry
(/usr/share/texmf-dist/tex/generic/oberdiek/ifpdf.sty
Package: ifpdf 2018/09/07 v3.3 Provides the ifpdf switch
)
(/usr/share/texmf-dist/tex/generic/oberdiek/ifvtex.sty
Package: ifvtex 2016/05/16 v1.6 Detect VTeX and its facilities (HO)
Package ifvtex Info: VTeX not detected.
)
(/usr/share/texmf-dist/tex/generic/ifxetex/ifxetex.sty
Package: ifxetex 2010/09/12 v0.6 Provides ifxetex conditional
)
\Gm@cnth=\count91
\Gm@cntv=\count92
\c@Gm@tempcnt=\count93
\Gm@bindingoffset=\dimen104
\Gm@wd@mp=\dimen105
\Gm@odd@mp=\dimen106
\Gm@even@mp=\dimen107
\Gm@layoutwidth=\dimen108
\Gm@layoutheight=\dimen109
\Gm@layouthoffset=\dimen110
\Gm@layoutvoffset=\dimen111
\Gm@dimlist=\toks17
)
Class scrartcl Warning: Usage of package `fancyhdr' together
(scrartcl) with a KOMA-Script class is not recommended.
(scrartcl) I'd suggest to use
(scrartcl) package `scrlayer' or `scrlayer-scrpage', because
(scrartcl) they support KOMA-Script classes.
(scrartcl) With `fancyhdr' several features of class `scrartcl'
(scrartcl) like options `headsepline', `footsepline' or command
(scrartcl) `\MakeMarkcase' and the commands `\setkomafont' and
(scrartcl) `\addtokomafont' for the page style elements need
(scrartcl) explicite user intervention to work.
(scrartcl) Nevertheless, using requested
(scrartcl) package `fancyhdr' on input line 8.
(/usr/share/texmf-dist/tex/latex/fancyhdr/fancyhdr.sty
Package: fancyhdr 2019/01/31 v3.10 Extensive control of page headers and footer
s
\f@nch@headwidth=\skip57
\f@nch@O@elh=\skip58
\f@nch@O@erh=\skip59
\f@nch@O@olh=\skip60
\f@nch@O@orh=\skip61
\f@nch@O@elf=\skip62
\f@nch@O@erf=\skip63
\f@nch@O@olf=\skip64
\f@nch@O@orf=\skip65
)
(/usr/share/texmf-dist/tex/latex/listings/listings.sty
\lst@mode=\count94
\lst@gtempboxa=\box29
\lst@token=\toks18
\lst@length=\count95
\lst@currlwidth=\dimen112
\lst@column=\count96
\lst@pos=\count97
\lst@lostspace=\dimen113
\lst@width=\dimen114
\lst@newlines=\count98
\lst@lineno=\count99
\lst@maxwidth=\dimen115
(/usr/share/texmf-dist/tex/latex/listings/lstmisc.sty
File: lstmisc.sty 2019/09/10 1.8c (Carsten Heinz)
\c@lstnumber=\count100
\lst@skipnumbers=\count101
\lst@framebox=\box30
)
(/usr/share/texmf-dist/tex/latex/listings/listings.cfg
File: listings.cfg 2019/09/10 1.8c listings configuration
))
Package: listings 2019/09/10 1.8c (Carsten Heinz)
(/usr/share/texmf-dist/tex/latex/eurosym/eurosym.sty
Package: eurosym 1998/08/06 v1.1 European currency symbol ``Euro''
\@eurobox=\box31
)
(/usr/share/texmf-dist/tex/latex/multirow/multirow.sty
Package: multirow 2019/05/31 v2.5 Span multiple rows of a table
\multirow@colwidth=\skip66
\multirow@cntb=\count102
\multirow@dima=\skip67
\bigstrutjot=\dimen116
)
(/usr/share/texmf-dist/tex/latex/graphics/graphicx.sty
Package: graphicx 2017/06/01 v1.1a Enhanced LaTeX Graphics (DPC,SPQR)
(/usr/share/texmf-dist/tex/latex/graphics/graphics.sty
Package: graphics 2019/10/08 v1.3c Standard LaTeX Graphics (DPC,SPQR)
(/usr/share/texmf-dist/tex/latex/graphics/trig.sty
Package: trig 2016/01/03 v1.10 sin cos tan (DPC)
)
(/usr/share/texmf-dist/tex/latex/graphics-cfg/graphics.cfg
File: graphics.cfg 2016/06/04 v1.11 sample graphics configuration
)
Package graphics Info: Driver file: pdftex.def on input line 105.
(/usr/share/texmf-dist/tex/latex/graphics-def/pdftex.def
File: pdftex.def 2018/01/08 v1.0l Graphics/color driver for pdftex
))
\Gin@req@height=\dimen117
\Gin@req@width=\dimen118
)
(/usr/share/texmf-dist/tex/latex/url/url.sty
\Urlmuskip=\muskip10
Package: url 2013/09/16 ver 3.4 Verb mode for urls, etc.
)
(/usr/share/texmf-dist/tex/latex/dejavu/DejaVuSans.sty
Package: DejaVuSans 2011/06/01 Style file for DejaVuSans.
)
(/usr/share/texmf-dist/tex/latex/dejavu/DejaVuSerif.sty
Package: DejaVuSerif 2011/06/01 Style file for DejaVuSerif.
)
(/usr/share/texmf-dist/tex/latex/dejavu/DejaVuSansMono.sty
Package: DejaVuSansMono 2011/06/01 Style file for DejaVuSansMono.
)
(/usr/share/texmf-dist/tex/latex/base/fontenc.sty
Package: fontenc 2018/08/11 v2.0j Standard LaTeX package
(/usr/share/texmf-dist/tex/latex/base/t1enc.def
File: t1enc.def 2018/08/11 v2.0j Standard LaTeX file
LaTeX Font Info: Redeclaring font encoding T1 on input line 48.
))
(/usr/share/texmf-dist/tex/latex/base/textcomp.sty
Package: textcomp 2018/08/11 v2.0j Standard LaTeX package
Package textcomp Info: Sub-encoding information:
(textcomp) 5 = only ISO-Adobe without \textcurrency
(textcomp) 4 = 5 + \texteuro
(textcomp) 3 = 4 + \textohm
(textcomp) 2 = 3 + \textestimated + \textcurrency
(textcomp) 1 = TS1 - \textcircled - \t
(textcomp) 0 = TS1 (full)
(textcomp) Font families with sub-encoding setting implement
(textcomp) only a restricted character set as indicated.
(textcomp) Family '?' is the default used for unknown fonts.
(textcomp) See the documentation for details.
Package textcomp Info: Setting ? sub-encoding to TS1/1 on input line 79.
(/usr/share/texmf-dist/tex/latex/base/ts1enc.def
File: ts1enc.def 2001/06/05 v3.0e (jk/car/fm) Standard LaTeX file
Now handling font encoding TS1 ...
... processing UTF-8 mapping file for font encoding TS1
(/usr/share/texmf-dist/tex/latex/base/ts1enc.dfu
File: ts1enc.dfu 2019/07/11 v1.2j UTF-8 support for inputenc
defining Unicode char U+00A2 (decimal 162)
defining Unicode char U+00A3 (decimal 163)
defining Unicode char U+00A4 (decimal 164)
defining Unicode char U+00A5 (decimal 165)
defining Unicode char U+00A6 (decimal 166)
defining Unicode char U+00A7 (decimal 167)
defining Unicode char U+00A8 (decimal 168)
defining Unicode char U+00A9 (decimal 169)
defining Unicode char U+00AA (decimal 170)
defining Unicode char U+00AC (decimal 172)
defining Unicode char U+00AE (decimal 174)
defining Unicode char U+00AF (decimal 175)
defining Unicode char U+00B0 (decimal 176)
defining Unicode char U+00B1 (decimal 177)
defining Unicode char U+00B2 (decimal 178)
defining Unicode char U+00B3 (decimal 179)
defining Unicode char U+00B4 (decimal 180)
defining Unicode char U+00B5 (decimal 181)
defining Unicode char U+00B6 (decimal 182)
defining Unicode char U+00B7 (decimal 183)
defining Unicode char U+00B9 (decimal 185)
defining Unicode char U+00BA (decimal 186)
defining Unicode char U+00BC (decimal 188)
defining Unicode char U+00BD (decimal 189)
defining Unicode char U+00BE (decimal 190)
defining Unicode char U+00D7 (decimal 215)
defining Unicode char U+00F7 (decimal 247)
defining Unicode char U+0192 (decimal 402)
defining Unicode char U+02C7 (decimal 711)
defining Unicode char U+02D8 (decimal 728)
defining Unicode char U+02DD (decimal 733)
defining Unicode char U+0E3F (decimal 3647)
defining Unicode char U+2016 (decimal 8214)
defining Unicode char U+2020 (decimal 8224)
defining Unicode char U+2021 (decimal 8225)
defining Unicode char U+2022 (decimal 8226)
defining Unicode char U+2030 (decimal 8240)
defining Unicode char U+2031 (decimal 8241)
defining Unicode char U+203B (decimal 8251)
defining Unicode char U+203D (decimal 8253)
defining Unicode char U+2044 (decimal 8260)
defining Unicode char U+204E (decimal 8270)
defining Unicode char U+2052 (decimal 8274)
defining Unicode char U+20A1 (decimal 8353)
defining Unicode char U+20A4 (decimal 8356)
defining Unicode char U+20A6 (decimal 8358)
defining Unicode char U+20A9 (decimal 8361)
defining Unicode char U+20AB (decimal 8363)
defining Unicode char U+20AC (decimal 8364)
defining Unicode char U+20B1 (decimal 8369)
defining Unicode char U+2103 (decimal 8451)
defining Unicode char U+2116 (decimal 8470)
defining Unicode char U+2117 (decimal 8471)
defining Unicode char U+211E (decimal 8478)
defining Unicode char U+2120 (decimal 8480)
defining Unicode char U+2122 (decimal 8482)
defining Unicode char U+2126 (decimal 8486)
defining Unicode char U+2127 (decimal 8487)
defining Unicode char U+212E (decimal 8494)
defining Unicode char U+2190 (decimal 8592)
defining Unicode char U+2191 (decimal 8593)
defining Unicode char U+2192 (decimal 8594)
defining Unicode char U+2193 (decimal 8595)
defining Unicode char U+2329 (decimal 9001)
defining Unicode char U+232A (decimal 9002)
defining Unicode char U+2422 (decimal 9250)
defining Unicode char U+25E6 (decimal 9702)
defining Unicode char U+25EF (decimal 9711)
defining Unicode char U+266A (decimal 9834)
defining Unicode char U+27E8 (decimal 10216)
defining Unicode char U+27E9 (decimal 10217)
defining Unicode char U+FEFF (decimal 65279)
))
LaTeX Info: Redefining \oldstylenums on input line 334.
Package textcomp Info: Setting cmr sub-encoding to TS1/0 on input line 349.
Package textcomp Info: Setting cmss sub-encoding to TS1/0 on input line 350.
Package textcomp Info: Setting cmtt sub-encoding to TS1/0 on input line 351.
Package textcomp Info: Setting cmvtt sub-encoding to TS1/0 on input line 352.
Package textcomp Info: Setting cmbr sub-encoding to TS1/0 on input line 353.
Package textcomp Info: Setting cmtl sub-encoding to TS1/0 on input line 354.
Package textcomp Info: Setting ccr sub-encoding to TS1/0 on input line 355.
Package textcomp Info: Setting ptm sub-encoding to TS1/4 on input line 356.
Package textcomp Info: Setting pcr sub-encoding to TS1/4 on input line 357.
Package textcomp Info: Setting phv sub-encoding to TS1/4 on input line 358.
Package textcomp Info: Setting ppl sub-encoding to TS1/3 on input line 359.
Package textcomp Info: Setting pag sub-encoding to TS1/4 on input line 360.
Package textcomp Info: Setting pbk sub-encoding to TS1/4 on input line 361.
Package textcomp Info: Setting pnc sub-encoding to TS1/4 on input line 362.
Package textcomp Info: Setting pzc sub-encoding to TS1/4 on input line 363.
Package textcomp Info: Setting bch sub-encoding to TS1/4 on input line 364.
Package textcomp Info: Setting put sub-encoding to TS1/5 on input line 365.
Package textcomp Info: Setting uag sub-encoding to TS1/5 on input line 366.
Package textcomp Info: Setting ugq sub-encoding to TS1/5 on input line 367.
Package textcomp Info: Setting ul8 sub-encoding to TS1/4 on input line 368.
Package textcomp Info: Setting ul9 sub-encoding to TS1/4 on input line 369.
Package textcomp Info: Setting augie sub-encoding to TS1/5 on input line 370.
Package textcomp Info: Setting dayrom sub-encoding to TS1/3 on input line 371.
Package textcomp Info: Setting dayroms sub-encoding to TS1/3 on input line 372.
Package textcomp Info: Setting pxr sub-encoding to TS1/0 on input line 373.
Package textcomp Info: Setting pxss sub-encoding to TS1/0 on input line 374.
Package textcomp Info: Setting pxtt sub-encoding to TS1/0 on input line 375.
Package textcomp Info: Setting txr sub-encoding to TS1/0 on input line 376.
Package textcomp Info: Setting txss sub-encoding to TS1/0 on input line 377.
Package textcomp Info: Setting txtt sub-encoding to TS1/0 on input line 378.
Package textcomp Info: Setting lmr sub-encoding to TS1/0 on input line 379.
Package textcomp Info: Setting lmdh sub-encoding to TS1/0 on input line 380.
Package textcomp Info: Setting lmss sub-encoding to TS1/0 on input line 381.
Package textcomp Info: Setting lmssq sub-encoding to TS1/0 on input line 382.
Package textcomp Info: Setting lmvtt sub-encoding to TS1/0 on input line 383.
Package textcomp Info: Setting lmtt sub-encoding to TS1/0 on input line 384.
Package textcomp Info: Setting qhv sub-encoding to TS1/0 on input line 385.
Package textcomp Info: Setting qag sub-encoding to TS1/0 on input line 386.
Package textcomp Info: Setting qbk sub-encoding to TS1/0 on input line 387.
Package textcomp Info: Setting qcr sub-encoding to TS1/0 on input line 388.
Package textcomp Info: Setting qcs sub-encoding to TS1/0 on input line 389.
Package textcomp Info: Setting qpl sub-encoding to TS1/0 on input line 390.
Package textcomp Info: Setting qtm sub-encoding to TS1/0 on input line 391.
Package textcomp Info: Setting qzc sub-encoding to TS1/0 on input line 392.
Package textcomp Info: Setting qhvc sub-encoding to TS1/0 on input line 393.
Package textcomp Info: Setting futs sub-encoding to TS1/4 on input line 394.
Package textcomp Info: Setting futx sub-encoding to TS1/4 on input line 395.
Package textcomp Info: Setting futj sub-encoding to TS1/4 on input line 396.
Package textcomp Info: Setting hlh sub-encoding to TS1/3 on input line 397.
Package textcomp Info: Setting hls sub-encoding to TS1/3 on input line 398.
Package textcomp Info: Setting hlst sub-encoding to TS1/3 on input line 399.
Package textcomp Info: Setting hlct sub-encoding to TS1/5 on input line 400.
Package textcomp Info: Setting hlx sub-encoding to TS1/5 on input line 401.
Package textcomp Info: Setting hlce sub-encoding to TS1/5 on input line 402.
Package textcomp Info: Setting hlcn sub-encoding to TS1/5 on input line 403.
Package textcomp Info: Setting hlcw sub-encoding to TS1/5 on input line 404.
Package textcomp Info: Setting hlcf sub-encoding to TS1/5 on input line 405.
Package textcomp Info: Setting pplx sub-encoding to TS1/3 on input line 406.
Package textcomp Info: Setting pplj sub-encoding to TS1/3 on input line 407.
Package textcomp Info: Setting ptmx sub-encoding to TS1/4 on input line 408.
Package textcomp Info: Setting ptmj sub-encoding to TS1/4 on input line 409.
) (./writeup.aux)
\openout1 = `writeup.aux'.
LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 78.
LaTeX Font Info: ... okay on input line 78.
LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 78.
LaTeX Font Info: ... okay on input line 78.
LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 78.
LaTeX Font Info: ... okay on input line 78.
LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 78.
LaTeX Font Info: ... okay on input line 78.
LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 78.
LaTeX Font Info: ... okay on input line 78.
LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 78.
LaTeX Font Info: ... okay on input line 78.
LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 78.
LaTeX Font Info: Trying to load font information for TS1+cmr on input line 7
8.
(/usr/share/texmf-dist/tex/latex/base/ts1cmr.fd
File: ts1cmr.fd 2014/09/29 v2.5h Standard LaTeX font definitions
)
LaTeX Font Info: ... okay on input line 78.
LaTeX Font Info: Trying to load font information for T1+DejaVuSerif-TLF on i
nput line 78.
(/usr/share/texmf-dist/tex/latex/dejavu/T1DejaVuSerif-TLF.fd
File: T1DejaVuSerif-TLF.fd 2011/06/01 Font definitions for T1/DejaVuSerif-TLF.
)
*geometry* driver: auto-detecting
*geometry* detected driver: pdftex
*geometry* verbose mode - [ preamble ] result:
* driver: pdftex
* paper: a4paper
* layout: <same size as paper>
* layoutoffset:(h,v)=(0.0pt,0.0pt)
* modes:
* h-part:(L,W,R)=(71.13188pt, 455.24411pt, 71.13188pt)
* v-part:(T,H,B)=(71.13188pt, 688.5567pt, 85.35826pt)
* \paperwidth=597.50787pt
* \paperheight=845.04684pt
* \textwidth=455.24411pt
* \textheight=688.5567pt
* \oddsidemargin=-1.1381pt
* \evensidemargin=-1.1381pt
* \topmargin=-38.53812pt
* \headheight=17.0pt
* \headsep=20.40001pt
* \topskip=11.0pt
* \footskip=47.6pt
* \marginparwidth=59.7508pt
* \marginparsep=12.8401pt
* \columnsep=10.0pt
* \skip\footins=10.0pt plus 4.0pt minus 2.0pt
* \hoffset=0.0pt
* \voffset=0.0pt
* \mag=1000
* \@twocolumnfalse
* \@twosidefalse
* \@mparswitchfalse
* \@reversemarginfalse
* (1in=72.27pt=25.4mm, 1cm=28.453pt)
\c@lstlisting=\count103
(/usr/share/texmf-dist/tex/context/base/mkii/supp-pdf.mkii
[Loading MPS to PDF converter (version 2006.09.02).]
\scratchcounter=\count104
\scratchdimen=\dimen119
\scratchbox=\box32
\nofMPsegments=\count105
\nofMParguments=\count106
\everyMPshowfont=\toks19
\MPscratchCnt=\count107
\MPscratchDim=\dimen120
\MPnumerator=\count108
\makeMPintoPDFobject=\count109
\everyMPtoPDFconversion=\toks20
) (/usr/share/texmf-dist/tex/latex/oberdiek/epstopdf-base.sty
Package: epstopdf-base 2016/05/15 v2.6 Base part for package epstopdf
(/usr/share/texmf-dist/tex/generic/oberdiek/infwarerr.sty
Package: infwarerr 2016/05/16 v1.4 Providing info/warning/error messages (HO)
)
(/usr/share/texmf-dist/tex/latex/oberdiek/grfext.sty
Package: grfext 2016/05/16 v1.2 Manage graphics extensions (HO)
(/usr/share/texmf-dist/tex/generic/oberdiek/kvdefinekeys.sty
Package: kvdefinekeys 2016/05/16 v1.4 Define keys (HO)
(/usr/share/texmf-dist/tex/generic/oberdiek/ltxcmds.sty
Package: ltxcmds 2016/05/16 v1.23 LaTeX kernel commands for general use (HO)
)))
(/usr/share/texmf-dist/tex/latex/oberdiek/kvoptions.sty
Package: kvoptions 2016/05/16 v3.12 Key value format for package options (HO)
(/usr/share/texmf-dist/tex/generic/oberdiek/kvsetkeys.sty
Package: kvsetkeys 2016/05/16 v1.17 Key value parser (HO)
(/usr/share/texmf-dist/tex/generic/oberdiek/etexcmds.sty
Package: etexcmds 2016/05/16 v1.6 Avoid name clashes with e-TeX commands (HO)
(/usr/share/texmf-dist/tex/generic/oberdiek/ifluatex.sty
Package: ifluatex 2016/05/16 v1.4 Provides the ifluatex switch (HO)
Package ifluatex Info: LuaTeX not detected.
))))
(/usr/share/texmf-dist/tex/generic/oberdiek/pdftexcmds.sty
Package: pdftexcmds 2019/07/25 v0.30 Utility functions of pdfTeX for LuaTeX (HO
)
Package pdftexcmds Info: LuaTeX not detected.
Package pdftexcmds Info: \pdf@primitive is available.
Package pdftexcmds Info: \pdf@ifprimitive is available.
Package pdftexcmds Info: \pdfdraftmode found.
)
Package epstopdf-base Info: Redefining graphics rule for `.eps' on input line 4
38.
Package grfext Info: Graphics extension search list:
(grfext) [.pdf,.png,.jpg,.mps,.jpeg,.jbig2,.jb2,.PDF,.PNG,.JPG,.JPE
G,.JBIG2,.JB2,.eps]
(grfext) \AppendGraphicsExtensions on input line 456.
(/usr/share/texmf-dist/tex/latex/latexconfig/epstopdf-sys.cfg
File: epstopdf-sys.cfg 2010/07/13 v1.3 Configuration of (r)epstopdf for TeX Liv
e
))
LaTeX Font Info: Trying to load font information for T1+DejaVuSans-TLF on in
put line 80.
(/usr/share/texmf-dist/tex/latex/dejavu/T1DejaVuSans-TLF.fd
File: T1DejaVuSans-TLF.fd 2011/10/30 Font definitions for T1/DejaVuSans-TLF.
)
LaTeX Font Info: Font shape `T1/DejaVuSans-TLF/bx/n' in size <10.95> not ava
ilable
(Font) Font shape `T1/DejaVuSans-TLF/b/n' tried instead on input l
ine 80.
LaTeX Font Info: Font shape `T1/DejaVuSans-TLF/bx/n' in size <20.74> not ava
ilable
(Font) Font shape `T1/DejaVuSans-TLF/b/n' tried instead on input l
ine 80.
<resources/logo_flat.png, id=1, 122.19652pt x 122.19652pt>
File: resources/logo_flat.png Graphic file (type png)
<use resources/logo_flat.png>
Package pdftex.def Info: resources/logo_flat.png used on input line 80.
(pdftex.def) Requested size: 85.35826pt x 85.35796pt.
LaTeX Font Info: Font shape `T1/DejaVuSans-TLF/bx/it' in size <20.74> not av
ailable
(Font) Font shape `T1/DejaVuSans-TLF/b/it' tried instead on input
line 80.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <14.4> on input line 80.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <7> on input line 80.
LaTeX Font Info: Font shape `T1/DejaVuSerif-TLF/bx/n' in size <14.4> not ava
ilable
(Font) Font shape `T1/DejaVuSerif-TLF/b/n' tried instead on input
line 80.
LaTeX Font Info: Font shape `T1/DejaVuSans-TLF/bx/n' in size <14.4> not avai
lable
(Font) Font shape `T1/DejaVuSans-TLF/b/n' tried instead on input l
ine 80.
LaTeX Font Info: Trying to load font information for T1+DejaVuSansMono-TLF o
n input line 86.
(/usr/share/texmf-dist/tex/latex/dejavu/T1DejaVuSansMono-TLF.fd
File: T1DejaVuSansMono-TLF.fd 2011/06/01 Font definitions for T1/DejaVuSansMono
-TLF.
)
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <10.95> on input line 86.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <8> on input line 86.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <6> on input line 86.
[1
{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map} <./resources/logo_flat.png
(PNG copy)>]
LaTeX Font Info: Trying to load font information for TS1+DejaVuSerif-TLF on
input line 106.
(/usr/share/texmf-dist/tex/latex/dejavu/TS1DejaVuSerif-TLF.fd
File: TS1DejaVuSerif-TLF.fd 2011/06/01 Font definitions for TS1/DejaVuSerif-TLF
.
)
LaTeX Font Info: Font shape `T1/DejaVuSans-TLF/bx/n' in size <12> not availa
ble
(Font) Font shape `T1/DejaVuSans-TLF/b/n' tried instead on input l
ine 112.
[2]
LaTeX Font Info: Font shape `T1/DejaVuSerif-TLF/bx/n' in size <10.95> not av
ailable
(Font) Font shape `T1/DejaVuSerif-TLF/b/n' tried instead on input
line 153.
(./resources/dirsearch.log [3])
Overfull \hbox (10.1914pt too wide) in paragraph at lines 189--190
[]\T1/DejaVuSerif-TLF/m/n/10.95 Wann sich der Ad-mi-nis-tra-tor (ver-mut-lich)
ein-ge-loggt oder aus-ge-loggt hat (Rück-
[]
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <9> on input line 192.
LaTeX Font Info: External font `cmex10' loaded for size
(Font) <5> on input line 192.
[4] [5]
Overfull \hbox (7.47687pt too wide) in paragraph at lines 240--242
[]\T1/DejaVuSerif-TLF/m/n/10.95 Passwort-Authentifizierung durch Key-Based Au-t
hen-ti-ca-ti-on er-set-zen. FTP over
[]
(./resources/dig-mx-sternwarte.log) [6]
LaTeX Font Info: Font shape `T1/DejaVuSansMono-TLF/bx/n' in size <10.95> not
available
(Font) Font shape `T1/DejaVuSansMono-TLF/b/n' tried instead on inp
ut line 267.
(./resources/200131-error.log)
Overfull \hbox (3.23586pt too wide) in paragraph at lines 276--279
[]\T1/DejaVuSerif-TLF/m/n/10.95 Diese Ver-mi-schung un-ter-schlied-li-cher Ser-
vices darf in ei-nem Pro-duk-tivsys-tem nicht
[]
Underfull \hbox (badness 10000) in paragraph at lines 276--279
[]
[7] [8] (./writeup.aux) )
Here is how much of TeX's memory you used:
8152 strings out of 492167
137456 string characters out of 6131559
387035 words of memory out of 5000000
12362 multiletter control sequences out of 15000+600000
40626 words of font info for 63 fonts, out of 8000000 for 9000
1141 hyphenation exceptions out of 8191
51i,11n,55p,10066b,1767s stack positions out of 5000i,500n,10000p,200000b,80000s
{/usr/share/texmf-dist/fonts/enc/dvips/dejavu/dejavumo
no_t1-type1.enc}{/usr/share/texmf-dist/fonts/enc/dvips/dejavu/dejavuserif_t1-ty
pe1.enc}{/usr/share/texmf-dist/fonts/enc/dvips/dejavu/dejavuserif_ts1.enc}{/usr
/share/texmf-dist/fonts/enc/dvips/dejavu/dejavusans_t1-type1.enc}</usr/share/te
xmf-dist/fonts/type1/public/dejavu/DejaVuSans-Bold.pfb></usr/share/texmf-dist/f
onts/type1/public/dejavu/DejaVuSans-BoldOblique.pfb></usr/share/texmf-dist/font
s/type1/public/dejavu/DejaVuSansMono-Bold.pfb></usr/share/texmf-dist/fonts/type
1/public/dejavu/DejaVuSansMono.pfb></usr/share/texmf-dist/fonts/type1/public/de
javu/DejaVuSerif-Bold.pfb></usr/share/texmf-dist/fonts/type1/public/dejavu/Deja
VuSerif-Italic.pfb></usr/share/texmf-dist/fonts/type1/public/dejavu/DejaVuSerif
.pfb>
Output written on writeup.pdf (8 pages, 124921 bytes).
PDF statistics:
66 PDF objects out of 1000 (max. 8388607)
47 compressed objects within 1 object stream
0 named destinations out of 1000 (max. 500000)
6 words of extra memory for PDF output out of 10000 (max. 10000000)

BIN
tex/writeup.pdf
View File

Binary file not shown.

BIN
tex/writeup.synctex.gz
View File

Binary file not shown.

284
tex/writeup.tex
View File

@ -0,0 +1,284 @@
\documentclass[11pt]{scrartcl}
\usepackage{slantsc}
\usepackage[utf8]{inputenc}
\usepackage[naustrian]{babel}
\usepackage[paper=a4paper, left=25mm, right=25mm, top=25mm, bottom=30mm]{geometry}
\usepackage{fancyhdr}
\usepackage{listings}
\usepackage{eurosym}
\usepackage{multirow}
\usepackage{graphicx}
\usepackage{url}
\usepackage{DejaVuSans}
\usepackage{DejaVuSerif}
\usepackage{DejaVuSansMono}
\usepackage[T1]{fontenc}
\usepackage{textcomp}
\lstset{
language=, %language, can be changed dynamically
basicstyle=\footnotesize\ttfamily, %common font style
keywordstyle=\bfseries,
commentstyle=\itshape,
stringstyle=\ttfamily,
showstringspaces=false,
xleftmargin=8pt,
numbers=left, %line numbers
numberstyle=\tiny,
numberfirstline=true,
stepnumber=1,
numbersep=5pt,
breaklines=true,
tabsize=2, %size of tabulator
columns=flexible,
upquote=true,
literate= %Umlauts in source files
{Ö}{{\"O}}1
{Ä}{{\"A}}1
{Ü}{{\"U}}1
{ß}{{\ss}}2
{ü}{{\"u}}1
{ä}{{\"a}}1
{ö}{{\"o}}1,
}
\newcommand{\mytitle}{Bericht für \emph{www.sternwarte.at}}
\newcommand{\myfoottitle}{Bericht sternwarte.at}
\newcommand{\mysecondtitle}{}
\newcommand{\mythirdtitle}{}
\newcommand{\mydelivery}{}
\newcommand{\myauthor}{Michael Preisach, SIGFLAG}
\newcommand{\mydate}{\today}
\title{\includegraphics[width=3cm]{resources/logo_flat.png}\\[1ex]\textbf{\mytitle}\\[1ex]\normalsize{\mysecondtitle}}
\author{\textbf{\mythirdtitle}}
\date{\mydate}
\pagestyle{fancy}
\fancypagestyle{plain}
{
\fancyhf{}
\fancyfoot[L]{\scriptsize{\myfoottitle}}
\fancyfoot[C]{\scriptsize{}}
\fancyfoot[R]{\scriptsize{Seite \thepage}}
\renewcommand{\headrulewidth}{0pt}
\renewcommand{\footrulewidth}{0.5pt}
}
\fancyhf{}
\fancyfoot[L]{\scriptsize{\myfoottitle}}
\fancyfoot[C]{\scriptsize{}}
\fancyfoot[R]{\scriptsize{Seite \thepage}}
\renewcommand{\headrulewidth}{0pt}
\renewcommand{\footrulewidth}{0.5pt}
\setlength{\parindent}{0mm}
\begin{document}
\maketitle
\section*{Disclaimer}
Dieser Bericht stützt sich ausschließlich auf Daten, die unauthentifiziert abrufbar sind.
Es wurden weder Login-Daten mittels Bruteforce ermittelt, noch per Login geschützte Daten kopiert oder verwendet.
\section{Zusammenfassung}
Tests wurden im Zeitraum von 15. Jänner 2020 bis 17. Februar 2020 vorgenommen.
Ziel dieses Tests war die Ermittlung der Angriffsoberfläche von \url{www.sternwarte.at}, der verwendeten Infrastruktur sowie eine Analyse der verwendeten Programme um schließlich eine Handlungsempfehlung zu formulieren.
Im Rahmen des Test wurden neben dem Server der Sternwarte auch andere Services gefunden.
Sofern sich diese im IP-Adressbereich in unmittelbarer Nähe befunden haben, wurden diese Server ebenfalls analysiert.
Im Folgenden werden die wichtigsten Erkenntnisse kurz dargestellt
\begin{enumerate}
\item Keine TLS-Verschlüsselung der Website obwohl auf der Website Formulare angeboten werden, die vertrauliche Daten abfragen.
Auch der Admin-login ist unverschlüsselt und kann daher sehr einfach in einem überwachten Netzwerk abgefangen werden.
\item Unauthentifiziert einsehbare Log-Datei, die Server-Fehler ausgibt.
\item Der FTP-Server ist auf dem Standardport verfügbar und es ist mutmaßlich verwundbar auf Bruteforce-Attacken.
\item Die Webseite kann durch modifizierte URLs in der Darstellung verändert werden. Die Daten auf dem Server müssen dafür nicht verändert werden.
\item Die verwendete Software (4D Webstar 2004) wird vom Hersteller nicht mehr unterstützt.
Die Tatsache, dass keine dokumentierten Sicherheitslücken existieren ist der mangelhaften Verbreitung und nicht der Qualität der Software zuzuschreiben.
\end{enumerate}
\section{Methodik}
In die Untersuchungen waren folgende Personen involviert:
\begin{itemize}
\item Robert Führicht
\item Tobias Höller
\item Michael Preisach
\end{itemize}
Alle genannten sind bei SIGFLAG (\url{www.sigflag.at}) tätig.
\subsection{Informationsgewinnung}
Ziel dieser Analyse ist Informationen über das System hinter \url{www.sternwarte.at} zu finden.
Für die gefundenen Services sollen möglichst alle frei zugänglichen Daten gefunden und ausgewertet werden.
Daraus ergeben sich dann Handlungsempfehlungen, die im Folgenden Teil des Berichts erläutert sind.
\subsection{Verwendete Programme}
\begin{itemize}
\item Firefox 72
\item Nmap 7.80
\item Dirsearch 0.3.9
\item TOR Web Browser (Firefox 68)
\item ftp 1.9.4
\item OpenBSD netcat 1.206 Debian Patchlevel 1
\end{itemize}
\section{Erkenntnisse}
Die Analyse wird hier in die Services unterteilt, die auf dem Server zu finden sind.
\subsection{Webserver}
Firefox kann in den Developer Tools die Metadaten des Response Headers analysieren.
Dort findet sich im Server-Tag die Information des Webservers:
\begin{lstlisting}[numbers=none, caption=HTTP Response Header von \texttt{www.sternwarte.at}]
HTTP/1.1 200 OK
Server: 4D_WebStar_D/2004
Date: Sun, 02 Feb 2020 21:08:44 GMT
Content-Length: 12281
Last-Modified: Sun, 02 Feb 2020 21:08:44 GMT
Connection: Keep-Alive
Content-Type: text/html
\end{lstlisting}
\begin{itemize}
\item Installierter Server: 4D WebStar\_D/2004, vermutlich installiert auf Mac OS X
\end{itemize}
\subsubsection{Kein TLS}
Die Webseite bietet neben statischen Inhalten auch Anmeldeformulare für Events des Vereins an.
Im Sinne der §§24 ff DSGVO müssen geeignete technische Maßnahmen getroffen werden, damit persönliche Daten nicht an eine unbestimmte Zahl dritter Personen zugänglich gemacht werden kann.
Daher muss eine Verschlüsselung der Kommunikation eingeführt werden, um mit diesen Bestimmungen konform zu werden.
\\[2ex]
\textbf{Handlungsempfehlung:} Einführung von TLS1.2 oder höher für zumindest die Formularseiten, aber auch für das restliche Angebot des Vereins. Da dies aufgrund der veralteten Software nicht direkt unterstützt wird, muss entweder ein TLS-Proxy vorgeschalten werden oder die Website auf einen Server mit aktueller Software umgesiedelt werden.
\subsubsection{Beliebige Frames per URL laden}
Die Darstellung der Webseite gliedert sich in 2 Frames, Verzeichnis und Inhaltsframe. \verb|start.html| stellt dabei den Inhalt dar und \verb|default.html| kümmert sich um das Verzeichnis.
Nun ist es aber möglich, die Homepage mit einer beliebigen zusätzlichen URL aufzurufen:
\begin{center}
\url{http://www.sternwarte.at/default.html?https://jku.at}
\end{center}
Das Beispiel lädt die Seite der JKU in den Hauptframe anstelle der vorgesehenen Startseite.
Weiters kann auch die eigene Seite geschachtelt aufgerufen werden:
\begin{center}
\url{http://www.sternwarte.at/?/?/?/}\\
\end{center}
Hier wird vier Mal \verb|default.html| aufgerufen und in den Inhaltsframe des vorherigen Aufrufes dargestellt.
Diese Schwachstelle eine Möglichkeit Drive-By-Exploits an Personen, die dieser Website vertrauen, auszuliefern.
\\[2ex]
\textbf{Handlungsempfehlung:} \\
\verb|default.html| darf nur eine definierte Liste an Links entgegennehmen - die der vorhandenen Subseiten (Whitelisting).
\subsubsection{Öffentlich zugängliche Dateien mit Metainformationen}
Dirsearch traversiert die zugänglichen Seiten auf dem Server, indem es die URL errät.
Dazu hat Dirsearch eine Liste von Verzeichnissen aller gängiger Webserver.
Das Ergebnis dieser Suche:
\lstinputlisting[caption=Mittels DirSearch Gefundene Endpoints]{resources/dirsearch.log}
Die HTTP Statuscodes zeigen, dass einige URLs mit Code 500 antworten.
Bei Aufruf dieser Seiten ist zuverlässig und immer gleich.
Daher ist es sehr wahrscheinlich, dass der \emph{Internal Server Error} nur eine Verschleierungstaktik ist.
Des Weiteren findet sich in Zeile 15 der Ausgabe \verb|.DS_Store| welches auf dem MAC zum Speichern von Metadaten der in diesem Verzeichnis abgelegten Dateien genutzt wird.
Viel Aussagekräftiger ist das \verb|error.log|, das mutmaßlich beim Blacklisting übersehen wurde.
Dieses Log wird wöchentlich in der Nacht von Samstag auf Sonntag gelöscht.
Es werden alle Dateiaufrufe am Server geloggt, die einen Rückgabewert ungleich 0 haben.
Dieses Log bietet eine Vielzahl an Meta-Informationen, die hier nur beispielhaft aufgezählt sind:
\begin{itemize}
\item Wann sich der Administrator (vermutlich) eingeloggt oder ausgeloggt hat (Rückgabewert > 0)
\item Dazugehöriger Pfad zum Login des Backends (wieder unverschlüsselt!)
\item Welche Dateien geöffnet wurden (aber Rückgabewert = 15)
\item Fehler anderer Webauftritte auf diesem Server \footnote{\url{www.kalendermanufaktur.at}} \footnote{\url{www.baer.co.at}}
\item Fehlerhaft eingegebene URLs auf diesem Server (alte Seiten auf dem Server oder Metainformationen zu den Besuchern)
\item Rückgabewerte der Datenbank und der hinterlegten Skripte - Damit kann der Ordner \verb|/4dcgi| durchsucht, bzw. dessen Inhalt aus dem Log ausgelesen werden.
\item Fehler des Mailservers geben Hinweis auf die Aufgaben des selben. Mehr dazu im Kapitel zu Mailserver
\end{itemize}
Es wurden dank der Dokumentation für 4D WebStar, die noch immer online verfügbar ist\footnote{\url{http://www.island-data.com/downloads/books/4D_Web_Companion.pdf}}, weitere gültige Pfade gefunden:
\begin{itemize}
\item \verb|/4dstats| - Abrufstatistiken
\item \verb|/4dhtmlstats| - Abrufstatistiken
\item \verb|/4dcacheclear| - Leeren des Caches
\item \verb|/4dwebtest| - Informationen über den verbundenen Client
\item \verb|/4dblank| - Leere Seite
\item \verb|/4dmethod| - Kann nicht aufgerufen werden, die URL wird aber erweitert auf beispielsweise\\ \url{http://www.sternwarte.at/4dmethod//%23%231997692744.0}
\item \verb|/4dssi| - Verbotene Anfrage
\end{itemize}
Alle diese Seiten erzeugen keinen Log-Eintrag und sollten nicht direkt aufgerufen werden können.
Zusätzlich lassen sich die Skripts im Ordner \verb|/4dcgi|, die beispielsweise für das Erfassen der Formulardaten genutzt werden, direkt per URL ausführen, ganz ohne Parameter. Durch das Log können auch per Erraten der Namen weitere Skripte gefunden werden.
\\[2ex]
\textbf{Handlungsempfehlung:} \\
Im Arbeitsverzeichnis des Webservers sollten sich nur Dateien befinden, die mit der Auslieferung der Seite direkt zu tun haben.
Für Log-Dateien gibt es eigene Verzeichnisse.
\subsubsection{Sehr alte Version des Servers}
Der zurzeit laufende Webserver scheint zumindest gegen dokumentierte Schwachstellen geschützt zu sein, die letzten bekannten Bugs CVE 2004-0696 und CVE 2006-6131 haben keinen Erfolg gezeigt.
Die Software wird aber vom Hersteller nicht mehr unterstützt.
Wenn also neue Bugs auftreten, werden diese nicht mehr repariert.
Daher sollte die Webseite auf einem Server betrieben werden, der von den Entwicklern noch mit Updates versorgt wird.
\\[2ex]
\textbf{Handlungsempfehlung:}
\begin{itemize}
\item Update der verwendeten Software auf aktuell gewartete Versionen.
\item Regelmäßige bzw. automatische Updates (zumindest bei reinen Sicherheitsupdates)
\end{itemize}
\subsection{FTP-Server}
Port 21 auf dem Server war zum Zeitpunkt der ersten Untersuchung noch erreichbar.
Der Server bot unverschlüsseltes FTP an und verlangte Username und Passwort.
Wie schon beim Webserver kann hier der Login über das Netzwerk abgefangen werden.
\\[2ex]
\textbf{Handlungsempfehlung:}
\begin{itemize}
\item FTP ausschließlich über eine verschlüsselte Verbindung anbieten.
Einerseits kann dafür Secure FTP verwendet werden, was inzwischen die meisten FTP Server anbieten.
Andererseits bietet auch SSH einen File Transfer Modus an, der in den Einstellungen des SSH aktiviert werden kann.
\item Passwort-Authentifizierung durch Key-Based Authentication ersetzen.
FTP over SSH bietet zusätzlich die Möglichkeit, die Authentifizierung über Public/Private Keys zu machen, um Bruteforce-Attacken auf Passwörter zu unterbinden.
\item Fail2Ban aktivieren. Damit können Firewall-Regeln dynamisch angepasst werden, wenn ein Client zu oft versucht, sich mit falschen Login-Daten zu authentifizieren.
\end{itemize}
Nachtrag: Zumindest auf dem Server, der \url{www.sternwarte.at} ausliefert, ist eine Firewall aktiviert worden, die Anfragen auf diesen Port droppt (keine Antwort zurückschickt).
Firewalls sollten solche Anfragen aber sauber abweisen (per Reject).
\subsection{Mail-Server}
Hier sind zwei verschiedene Services entdeckt worden, die im folgenden behandelt werden.
\begin{itemize}
\item Mailserver, die für die Domain \url{sternwarte.at} im DNS eingetragen sind
\item Der SMTP-Server, der direkt auf dem Server läuft
\end{itemize}
\subsubsection{Mailserver, der laut DNS zuständig ist}
\lstinputlisting[caption=Mittels DirSearch Gefundene Endpoints]{resources/dig-mx-sternwarte.log}
Im DNS stehen zwei Server als Mail-Server (MX) zur Verfügung:
\begin{itemize}
\item \url{nihal.mag.eu} (85.126.106.144)
\item \url{mizar.mag.eu} (85.126.106.142)
\end{itemize}
Beide Hosts haben laut NMap-Bericht Port 25 für SMTP offen.
Bei der ersten Analyse dieses Services war nur eine unverschlüsselte Verbinudung möglich.
Inzwischen wurde auf diesen Servern STARTTLS aktiviert.
\subsubsection{Mailserver auf \texttt{sternwarte.at}}
Im Errorlog des Webservers ist am 28. Jänner ein Fehler des internen Mailservers aufgetreten:
\lstinputlisting[caption=Fehler des Mailservers auf \texttt{sternwarte.at}, linerange={166-188}]{resources/200131-error.log}
Dies dokumentiert die Funktion des Services für \url{sms.zivilschutz-ooe.at}.
Der DNS-Eintrag für diese Domain zeigt auf 85.126.106.150, was die \emph{benachbarte} IP-Adresse zu \url{sternwarte.at} ist.
Es ist nicht nachvollziehbar, warum diese Fehlermeldung im error.log der Sternwarte-Website auftritt.
Am wahrscheinlichsten ist, dass hinter beiden IPs der selbe Server läuft und es keine Trennung der Services voneinander gibt.
Diese Vermischung unterschliedlicher Services darf in einem Produktivsystem nicht passieren.
\\[2ex]
\textbf{Handlungsempfehlung:}\\
\begin{itemize}
\item Sofern der Betrieb unterschiedlicher Domains auf einem Host erforderlich ist, sollten zumindest alle Ressourcen auf dem Server (User, Dateien, Berechtigungen) möglichst weitgehend voneinander getrennt werden.
\item Stand der Technik ist die Trennung der Webseiten auf Service-Ebene (zB Docker), Betriebssystem-Ebene (mittels virtueller Maschinen) oder getrennte Hardware. Letzteres wäre in diesem Fall sogar recht einfach möglich, da schon 2 unterschiedliche IPs eingerichtet sind.
\end{itemize}
\end{document}
Write Preview
Loading…
Cancel
Save