Ubiquitous - Issue 1, File 5: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Simple Shit on Unix - By Joe Lunchbucket: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Unix is a pretty standard operating system. You can find a unix implemenation for just about any platform, ranging from your basic IBM PC, to a state of the art SUN Workstation. These different systems have little in common, except for the operating system they use: Unix. In general, unix systems are all the same. The same set of basic commands, the same software, and the same routine for hacking them. The following is a short list of some of the most basic and obvious flaws/openings in unix. Not all of them will work on your system - maybe most of them won't. The main thing is that some of them _will_. ECHO ~~~~ The echo command is usefull for sending messages. When a user is logged in, he is assigned a device for screen output - usually reffered to as a tty. These devices are located in the /dev directory, and are often left writable to the general public. Pick out an unsuspecting user (preferably someone you can keep an eye on), find out what tty they are on (through finger or ps), and type the following: ~.> echo "Big Brother is Watching You." > /dev/ttyxx Where ttyxx is the tty they are on. If it works, you wont see anything at all. What they will see is the message "Big Brother is Watching You." on their screen regardless of what they are doing. If this works, the next one may be more interesting... CAT ~~~ Cat is the basic command to send a phile to the screen. Cat can be used just like echo, only instead of sending one line, it send a whole phile! Create a test phile by typing something like this: ~.> cat - > temp.txt Message from root@mysystem (Root Operator) at 12:34pm: Your account is about to be suspended - please log out immediately or face criminal prosecution ^D The control-D finishes of the phile. Then just send the phile to some dumn fuck victim like so: ~.> cat temp.txt > /dev/ttyxx They will see the message, shit 'emselves and if they are nice little people, log out. :-) See my point? You could just as easily start a war between two lusers by doing something like: ~.> cat - > /dev/ttya1 Message from joe@mysystem (Joe Lunchbucket) at 12:34pm: Hey! Fuck you! I just fucked you mother! I hear you are a fucking wimp, so why don't you come over here and prove it, you chickenshit bastard! ^D With a bit of luck, the guy on ttya1 will go over and beat the living shit out of Joe. (Note: Works best if you pick a little nerd for Joe, and a big dude for the recipient...) UTMP ~~~~ The phile /etc/utmp is a wonderful phile. This is the place that the system keeps track of who is logged in, where they are on from, etc... If you were to perhaps change the contents, you could do lots of interesting things. Usually, this phile is set so that only root can write to it, but if it isn't a simple C program will assist you in altering your login. You can even do such things as change what finger sees you as to, for example root. Then, send a write message to somebody, and they will think you are root! Simple as that, really. The best message to send is when you pick out someone you don't like, set yourself up as them, then do this: ~.> write root Fuck you - I am a hacker! ^D Root isn't well known for his sense of humor in such matters... The program itself is pretty easy, but won't be included in this article for the sake of space. Suffice to say, if you have read/write privs to the /etc/utmp phile, you can do this sort of thing. Eg: If the protection bits (the left hand column from ls -al) look like: -rw-rw-rw- root root 1 1179 utmp Then you have read/write privs. Anyway, there are heaps more but I am tired, so bad luck. Maybe more next time. Till then, enjoy, and remember: Information wants to be free, so long as AARNET can charge us for it! -- Joe Lunchbucket email: private@not.fucking.likely (You didn't really expect an email address did you?) - End of File -