131 lines
5.0 KiB
Plaintext
131 lines
5.0 KiB
Plaintext
|
||
===============================================================================
|
||
------------
|
||
Unix Nasties
|
||
------------
|
||
By Shooting Shark
|
||
|
||
Written on April 3, 1986
|
||
===============================================================================
|
||
|
||
Summary: Methods of sabotaging your favorite Unix system.
|
||
|
||
Preface: I do not advocate utilizing ANY of the methods I put forth in this
|
||
file. Unix is a cool operating system, perhaps one of the best
|
||
systems ever designed in many respects. If you have access to a Unix
|
||
system, you should LEARN UNIX AND LEARN C, because that is where the
|
||
money is in the computer world. However, Unix is a relatively
|
||
insecure operating system which is easy to fuck up. This file
|
||
explains a few ways of doing so.
|
||
|
||
Crash The System
|
||
----------------
|
||
Unix has no built-in provision for the maximum amount of disk space allowed per
|
||
user. Thus, one user can grab all the disk space on the system and effectively
|
||
prevent anyone else from writing to the disk. A simple way of grabbing all the
|
||
disk space is to create subdirectory after subdirectory until it is no longer
|
||
possible. Here are a few ways of doing it.
|
||
|
||
1> Create a file with the following lines:
|
||
|
||
mkdir subdir
|
||
cd subdir
|
||
source /u1/mydir/crash
|
||
|
||
Call it crash. The last line ("source /u1/mydir/crash") should be altered
|
||
so that it will look for the file in your directory. If your directory is
|
||
/u3/students/jeff, the last line should say "source
|
||
/u3/students/jeff/crash". After you write the above file, type:
|
||
|
||
% source crash
|
||
|
||
and wait...within a few minutes the program will abort because it won't
|
||
have any more room on the disk. Neither will anyone else.
|
||
|
||
2> Here's a more elegant way of doing the same thing. Create this "endless
|
||
loop" shellscript:
|
||
|
||
while : ; do
|
||
mkdir subdir
|
||
cd subdir
|
||
done
|
||
|
||
and then "source" the file. If you are in the "sh" shell (if you are, you
|
||
will probably have a "$" prompt) you can type "while : ; do" from the $
|
||
prompt. You will then get a > prompt. Type the next three lines and sit
|
||
back.
|
||
|
||
3> If you'd like to set the process in motion and hang up, and the file is
|
||
called crash, type:
|
||
|
||
% nohup source crash &
|
||
|
||
and log off. This will start it as a background process, allowing you to
|
||
log off. However, log off QUICKLY, since if you used the first example for
|
||
your crash file, it will also eat up background processes like crazy which
|
||
will also fuck up the system to some extent. Which brings us to...
|
||
|
||
Slow Down The System Immensely
|
||
------------------------------
|
||
There are many ways of doing this, the method being creating a sufficiently
|
||
large number of background processes. Here's one specific example. Create a
|
||
file called "slow1" with the following lines:
|
||
|
||
w &
|
||
source slow1
|
||
|
||
create a file called "slow2" with:
|
||
|
||
source slow1 &
|
||
source slow2
|
||
|
||
and execute slow2 with
|
||
|
||
% slow2
|
||
or
|
||
% slow2 &
|
||
|
||
This will create 25 background processes, each one running 25 background
|
||
processes. The system will hardly move after you've got each one running.
|
||
|
||
Messing Up A Directory
|
||
----------------------
|
||
Many file-handling commands use "-" options. Create a file with a "-" at the
|
||
beginning of its name by doing this:
|
||
|
||
cat > -filename
|
||
|
||
[now type a few lines, maybe something rude like "ha ha you can't delete this
|
||
file".] Type a ^D (control-d) to end input. You now have a file called
|
||
-filename in your directory. It will be VERY difficult to remove this file.
|
||
If you were to try rm (remove) -filename or mv (rename) -filename, the rm or mv
|
||
program would interpret -filename as an option, not a file, and would give you
|
||
an error message telling you that -filename was not a valid option...thus, the
|
||
file stays there obnoxiously.
|
||
|
||
Create a couple of hundred files with "-" as the first characters in their
|
||
names...it will be a royal pain for the person who is blessed with these new
|
||
files, and they will probably just have to get a new login.
|
||
|
||
Conclusion
|
||
|
||
The use of any of these techniques is quite irresponsible, and if anyone did
|
||
this to my Unix system, I'd be quite pissed. That is why I strongly recommend
|
||
that you never use these tricks.
|
||
|
||
So Long,
|
||
Shooting Shark
|
||
|
||
"Some people have a bad attitude, and I say, if they want to act tough, beat
|
||
'em up!" - Blue Oyster Cult
|
||
-------------------------------------------------------------------------------
|
||
For more information on UNIX sabotage and cracking, see the following articles:
|
||
|
||
Ritchie, Dennis M. [he wrote Unix] "On the Security of UNIX." Programmers
|
||
Manual for UNIX System III Volume II. Supplementary Documents.
|
||
|
||
Filipski, Alan and Hanko, James. "Making UNIX Secure." BYTE Magazine, April
|
||
1986, pp 113-128.
|
||
===============================================================================
|
||
|