informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/hacking/UNIX/p500unix.txt

817 lines
33 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Parent-Message-Id: <12229084762.30.AWALKER@RED.RUTGERS.EDU>
There is a flaw in the Berkeley 4.3 Unix passwd program that makes a
tape attack on a password feasible. (We haven't looked at any other
versions of Unix.) From passwd.c:
time(&salt);
salt = 9 * getpid();
saltc[0] = salt & 077;
saltc[1] = (salt>>6) & 077;
for (i = 0; i < 2; i++) {
c = saltc[i] + '.';
if (c > '9')
c += 7;
if (c > 'Z')
c += 6;
saltc[i] = c;
}
pw = crypt(pwbuf, saltc);
What does the salt depend on? Well, the paper on unix password
security by Morris and Thompson states that the choice of seed is based
upon the time of day clock and that there are 4096 different possible
seeds. (See "Password Security: A Case History" CACM, v 22, n 11,
November 1979, p. 594. That paper is often distributed with Unix
manuals.) On first glance at the above code, we were surprised to
find a call to getpid() in addition to the expected call to time(). A
close inspection of the first two lines of the above code reveals that
result of the call to time() is completely thrown out in the next line
of code. The salt depends only on the process ID number of the passwd
program!
But, lets go ahead and assume that a call to getpid() produces a
sufficiently random 16 bit number. What's the effect of multiplying
by 9? Well, since on the next two lines, only the low 12 bits of the
variable "seed" are used, the multiplying by 9 reduces the number of
possible seeds by a factor of nine. For example, after the second
line of code above, the variable "seed" could be 0, 9, 18, 27, etc,
but it could never be any value that is not a multiple of 9. Thus the
passwd program can only produce 4096/9 (= 456) of the 4096 possible
salt values. (It's amusing to note that without the second line, or
if the operator was "+=" instead of just "=" in the second line, the
code would generate all 4096 different seeds with about evenly
distributed probabilities.)
So what? Well, imagine taking a dictionary of 30,000 likely passwords
and producing 456 different files, one for each different salt, and
each containing 30,000 hashed passwords, each on a separate line, and
in the same order as the words in your dictionary. Each file would be
about 270 thousand bytes long (including line-feeds) and all the files
together could be kept on two 6250bpi tapes (which hold about 100
megabytes each). Now, to determine somebody's password from their
entry in the password file (assuming that their password is in your
original dictionary), position the appropriate tape at the start of
the file corresponding to the that user's salt and grep -n the tape
for the hashed password. (This will be vastly faster than 30,000
calls to crypt(), even the faster versions described in an earlier
message.)
If the salt could take on all 4096 possible values, you would need
instead need around 15 tapes to hold all the files.
All this underlies the importance of choosing a password which is not
in any dictionary and which is long enough.
Bob Baldwin
BALDWIN@XX.LCS.MIT.EDU
...!ihnp4!mit-eddie!baldwin
and
Tim Shepard
SHEP@XX.LCS.MIT.EDU
...!ihnp4!mit-eddie!shep
-------
provided for your consideration by:
| Striker |
Phortune500/BOD
-=>The DEC Hunters<=-
==============================================================================
UNIX* Usage Notes
The following is a collection of information on various UNIX topics:
Logging On
----------
You need a username and a password, supplied by the system administrator.
Some systems have guest accounts ("guest", "netguest", and other names).
To find out who's on the system without logging in, "who", "finger", or
"w" may work on your system.
(WARNING-- When you get a username or password wrong, a message gets printed
out on the system console. Trying to brute-force your way into someone else's
system is stupid, and you can get caught easily.)
There is a new Federal law that prohibits fucking around with computers across
state lines; many states also have tough computer-crime laws. You're best off
(believe me, I KNOW) using a UNIX system you have legitimate access to, such
as a school's system or a public access UNIX/Xenix (there are a few in New
York and other places; where you pay a certain amount per month).
Special Characters
------------------
ctrl-C (DEL (Ascii 127 on some systems) Interrupt. Stops the current
program. (intr) [<-- name for changing it with the "stty" command]
ctrl-B (or ctrl-\ (28)) Quit. Like control-C but stronger. Often works
when ctrl-C doesn't. Try ctrl-C first; some programs catch it so
they can clean up and exit gracefully. (quit)
ctrl-D End-of-file. Used to end input when the terminal is being read as a
file (mail senders and many other programs do this). If you type
control-D to the shell (command interpreter), it will usually log
you out. (If not, use "exit" or "logout".) (eof)
DEL (or ctrl-H) Erase the last character typed. (erase)
ctrl-U (rarely @) Erase the line typed so far. (kill)
ctrl-S Pause during output. (stop)
ctrl-Q Resume during output. (start)
ctrl-M Will usually work just like RETURN.
ctrl-J Will usually work just like RETURN.
As you can see, special characters are hardly standardized. (Old UNIX's used
to use # for character erase!) Give the "stty" command to see the settings on
your system, or to change them for your terminal session. To change the erase
to backspace (ctrl-H), give the command "stty erase '^H'".
Getting Information on Commands
-------------------------------
"man" is the standard command for getting information. "man mail" tells you
all about the 'mail' command. "man -k delete" gives you a list of everything
matching the keyword 'delete'.
Sending and Receiving Mail
--------------------------
"mail joe" sends a letter to the username 'joe'. Type your letter on the
next lines, ending with control-D on a line by itself.
"mail" lets you read your mail. When it asks whether to "save?", 'y' saves
the letter in your file 'mbox' (for old mail); 'n' gets rid of it.
Many systems also have more sophisticated programs for sending and receiving
mail (for those, type a "?" at the mail prompt "_" or maybe "-").
Directories ala UNIX
--------------------
UNIX files are arranged in a tree structure. (If you're used to MS-DOS or
PC-DOS, just use forward slashes / instead of backslashes \, and forget about
drive letters, and you'll be fine.)
There is a root directory, the "top" of the file system. At any point, there
can be subdirectories, which are just named areas to put files in so they
won't clutter up the root directory. These subdirectories can contain sub-
directories, which can contain other subdirectories, and so forth until the
disk can't hold any more files.
Here's an example of what *part* of a UNIX filesystem might look like:
(root)
/
++++++++++++++++++++++++++++++++++++
+ + + + + +
+ + + + + +
unix/ bin/ etc/ lib/ tmp usr/
+ + + + ++
++ lib dev src + + +
+ + + + +
+ + + + +
adm bin george bill mikey
A name like /foo/bar means start at the root, go to subdirectory foo, then
to the file bar (which can be either a subdirectory or a plain file).
"foo/bar" (no slash at the beginning) means start at the CURRENT DIRECTORY
(the 'pwd' command tells you where you are), and go through subdirectory
foo to bar.
foo means foo in the current directory. . (a dot) means the current direc-
tory itself; .. (two dots) means the parent directory, one level above the
current one. So ./xyzzy is the same file as xyzzy.
/unix is the UNIX kernel, the system routines that get read in when the system
is booted up.
/bin and /usr/bin (and other places like /usr/local on most systems) hold
command programs; when you type 'pwd' or 'ls' (list files) or most other UNIX
commands, these directories are checked for the 'pwd' or 'ls' program or what-
ever. Almost all UNIX commands are ordinary programs; nothing magical.
/etc, /lib, /usr/lib, /usr/adm, etc. hold "miscellaneous" system files. A few
of these are quite critical; I'll discuss them later.
/tmp and /usr/tmp are work areas for temporary files. They get cleared
regularly, at least whenever the system is re-"booted".
In this example, /usr/george, /usr/bill, and /usr/mikey are three users' file
areas or "home directories". Naming of home directories varies wildly between
UNIX systems; they might look like /usr/george or /usr/users/smith or
/home/andrews or /i/ins/.heyho. When you log in, your current directory is
set to your home directory.
Commands for Managing Directories
---------------------------------
cd Change Directory - move to another current directory (e.g.
"cd /usr/george" or "cd .."). Plain "cd" takes you to your
own home directory (unlike MS/PC-DOS!).
pwd Print Working Directory - prints your current (default)
directory. Lets you see where you are.
mkdir MaKe DIRectory, e.g. "mkdir hacks" to create a subdirectory
named "hacks" under your current directory.
rmdir ReMove DIRectory. The directory must be empty.
Other File Commands
-------------------
ls LiSt files. You may give directories or filenames after "ls", or "ls"
by itself will list the current directory.
ls -l List in Long format (with protection, owner, size (in characters) and
date before the filenames.
ls -a List All files; ordinarily files starting with a dot are not listed.
Many "setup" files have names like .profile, .login, .cshrc, .sendrc,
and so forth. Ordinarily "ls" doesn't bother you with them.
ls -d foo
Lists "foo" as a file; doesn't list what's inside if foo is a
directory. Useful in combinations like "ls -ld foo".
Other options can be combined this way, like "ls -al".
cat chow
Prints the contents of the file "chow" on your terminal.
rm trash
ReMoves (deletes) the file "trash". Once it's gone, you can't get it
back again.
chmod
Changes file protections. More about that later.
ed, vi, ex, emacs, ...
Text editors. Consult any good introductory UNIX book.
Input/Output Redirection
------------------------
Using "<file" on the command line (after the command!) lets input come from
"file" instead of "standard input" (the terminal). Similarly, ">file" redi-
rects output to "file", clobbering whatever was in it before. ">>file" means
append to the end of "file".
"foo a b c | bar x y z" means to run the command "foo a b c", and give its
output as the input of the command "bar x y z". This is called a 'pipe'
between the commands; UNIX hackers call '|' a "pipe sign".
For example, "cat" (like many commands) uses standard input if you don't give
a filename. If you say "cat >piss", it'll read from your terminal until you
hit control-D, and put that text into the file "piss".
Special Filename Characters (Wildcards)
---------------------------------------
'*' in the command line matches any string of characters within a filename.
'?' matches any ONE character. '[abc]' matches 'a', 'b', or 'c'. For
example, "*.c" will match "foo.c", "prog2b.c", and ".c", but not "mailbox"
or ".c.d.e".
A dot at the beginning of a filename (as in ".profile") and directory slashes
will not be matched -- you have to type them explicitly.
These wildcards are expanded on the command line. So if you type "echo a*b",
"echo" might be run with arguments "abb" "alba1.b" etc., or whatever. (echo
just echoes back its arguments to you; "echo *" works a lot like plain "ls".)
UID's, GID's, and File Protection
---------------------------------
Your account has a User ID (uid) number, which identifies which files you own,
and a Group ID (gid), which determines which files you can access as a member
of "the group".
A uid of 0 is special. It signifies the superuser, who can read any file and
write any non-directory. Superusers can use "chown" and "chgrp" to change
the ownership of files, and in general do anything we damn well please.
There is usually an account "root" whose uid is 0. If you're running a UNIX
system, NEVER give the superuser password to anyone who doesn't have a DAMNED
EXCELLENT reason to know. (change the password frequently--maybe every week
or two; ALWAYS whenever an "employee" leaves).
There are three ways to access a file -- owner, if your uid matches that of
the file; group member, if your gid matches the file's; and other.
Whenever you create a file, it is given your uid and gid.
The "ls -l" display shows the protection code for a file (which the owner may
change). A typical "ls -l" line might look like this:
-rw-r--r-- george users 6125 May 20 15:42 stuffy-funk
prot.code owner group size mod.date name
(these correspond
to uid & gid #'s)
The protection code can be broken down into several sections:
- rw- r-- r--
1 2 3 4
1: 'd' for a directory, 'b' or 'c' for "special files" which are really
devices, and '-' for ordinary files.
2: permissions for the owner. 'r'=read, 'w'=write, 'x'=execute.
3: permissions for the group.
4: permissions for others.
Protection on Directories
-------------------------
Since it makes no sense to 'execute' a directory, the protection bits have
a slightly different meaning on a directory.
Execute means you can access files and subdirectories if you know their
names. (If a directory has execute but no read permission, you can't "ls"
it to see what's there, but you can use files you know are there.)
Read means you can look to see what's there with "ls" or with special
filename characters.
Write means you can create and delete files in the directory. THIS IS THE
ONLY PROTECTION DEALING WITH DELETING FILES - it doesn't matter whose file it
is, as long as you have write permission in its parent directory.
SetUID and SetGID programs
--------------------------
If the setuid bit of an executable file is set, then whenever you run that
file, your "effective uid" temporarily becomes that of the file. This is
commonly used for games which write to a high score file that people should
not be able to mess with otherwise. The "set group id" bit works similarly.
These bits show up as an 's' instead of an 'x' in the owner and group sections
of the protection code.
The "Sticky" Bit ('t' bit)
----------------
Only the superuser can set the sticky bit, which shows up as a 't' in the
"others" section of the protection code. This bit means the program can't
be swapped out of memory, speeding up access time for small systems programs
that are used often. This bit can also be set as a part of your trusty hack
program (to be presented in a later installment).
Changing File Protection with "chmod"
-------------------------------------
The chmod command has the form "chmod CODE FILE(S)". CODE is an octal code
made by or-ing together the following:
04000 set user id on execution
02000 set group id on execution
01000 sticky bit [program is loaded into buffer]
0400 read permission for owner
0200 write permission for owner
0100 execute permission for owner
040, 020, 010 read, write, execute for group
04, 02, 01 read, write, execute for others
For example, "chmod 644 trash" would set the file "trash" to be readable and
writable by the owner, and only readable by others (or world).
Of course, only the owner or the superuser can use chmod on a file.
The Password File -- /etc/passwd
-----------------
The file /etc/passwd lists all the accounts on the system. It is stored in a
printable form, and everyone can read it. Each account is represented by a
line like
george:D/d7C.Xyu3pPr:205:40:George Porgie:/usr/george:/bin/sh
1----- 2------------ 3-- 4- 5------------ 6---------- 7------
There are seven parts, separated by colons.
1: the username
2: the encrypted password. The encryption algorithm is supposed to not be
reversible; to check the password you type while logging in, UNIX encrypts
your guess and sees if the encrypted version matches.
If no value is given (like in "guest::99:99: ...etc..."), no password is
necessary. If you see an "X" or "*" or "NOLOGIN" or something here, then
nobody can log into the account, since the "X" will never match an encrypt-
ed password.
3: the user id
4: the group id. (The file /etc/group lists group ids and group names.)
5: usually the person's real name
6: the home directory
7: the command interpreter to use. The default is "/bin/sh". Special
accounts like "who" work by putting the program name (like /bin/who)
here; as soon as this "command interpreter" finishes, the account is
logged off.
The SU Command -- Temporarily Switching to Another Account
--------------
If you give the command "su bill", it will ask for a password. If you give
bill's correct password, you temporarily switch into bill's account. Type
a control-D to get back to your own account.
"su" by itself means the same as "su root". *WARNING*!! Every time you use
su to try to get into a superuser account, it prints a message on the system
console (something like "SU george 20 May 1986 15:42" if you get in; "BADSU"
etc. if you don't). Don't try to force your way in with "su" -- they'll
notice and possibly trace your phone line.
=============================================================================
This is the end of my introduction to UNIX* systems.
Look for further installments on the UNIX series of operating systems.
(Including "Hacking" philes :-)
---Striker---> 1/12/86
---=======--> uVaxSquad!
* UNIX is a trademark of AT&T Bell Laboratories
-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-
note: I wrote this particular doc phile last year and I haven't included
changes from the new System V and System 7 releases. In the future
there will be appended versions with Xenix and BSD specifics...
| Striker |
Phortune500/BOD
-=>The DEC Hunters<=-
uucp ...!ihnp4!mb2c!fmsrl7!cideq3!striker
{ihnp4,seismo,philabs,ucbvax}!decvax!cwruecmp!ncoast!bizarre
...!ucbvax!ucivax!amovax!conexch!striker
Inter striker@cideq3.cidnet.com
ncoast!bizarre%Case.CSNET@CSnet-Relay.ARPA
********************
Basic Unix Use
By Lord Lawless
Phortune 500
Board of Directors
********************
March 8, 1987
-------------
This file is basically a brief introduction and overview for the beginning
hacker to the Unix operating system. All information contained herein is
accurate to the extent of my knowledge. This file is intended for inform-
ational purposes only and the author (Lord Lawless) is in NO way responsible
for the use of this file for purposes other than the aforementioned.
Part I: What is Unix?
----------------------
Unix is an operating system, so designated because it allows a user to
interface with a computer in a way that is (hopefully) easy for the user to
learn and use. Unix can be known by other forms, PC-Unix, Xenix, etc., but
they all basically are the same (with slight differences this file won't go
into) and use the same commands. Unix is a wonderfully simple to use OS once
you begin, and while this file will help you I recommend that you find a Unix
system somewhere and wander around on it to help yourself to learn. To put
this more formally:
The UNIX system is a set of programs that include a time-sharing
operating system and a set of utility programs. The operating
system has two basic parts:
1) The kernel is the program in the UNIX operating system
that is responsible for most operating system functions. It
schedules and manages all the work done by the computer and
maintains the file system. It is always running, and is
invisible to users.
2) The shell is the UNIX operating system program responsible
for handling all interaction between users and the computer.
It includes a powerful command language called "shell language"*.
The utility programs (usually called UNIX commands) are executed
through the shell, and allow users to communicate with each other,
to edit and manipulate files, to write and execute programs in
several programming languages, and many other things.
Part II: Recognizing a Unix system
-------------------------------------
When you connect to a Unix system you will see a message usually like
"AT&T Unix: Unauthorized use will be Prosecuted!" or just "Unix System V" or
the like. At the least you will see a prompt saying "login:". At this point,
if possible, make sure that you are in lowercase, because if the computer det-
ects that you are typing in uppercase everything you read after will be in
uppercase with lowercase denoted by a \ in front of the word. This is because
Unix is case sensitive, so be careful, reading lowercase is much easier than
reading all uppercase and slashes. Ok, so here you are at the Unix "login:"
prompt.
Part III: Logging on
---------------------
At this point you must enter your login, and then, if the account (
never more than 14 characters) has one, the password. Now, all Unix systems
have default accounts, and unless set by the Root System Operator no passwords.
This has been the means of infiltration by many the Unix hacker. There are two
types of accounts in a Unix, the "super user" and the "user". The super user
has access to almost everything (or everything depending on the system) and the
user basically has access to the files he owns and what he can sometimes read.
The default super user accounts on a unix are:
ROOT
MAKEFSYS
MOUNTFSYS
UMOUNTFSYS
CHECKFSYS
and sometimes
ADMIN
SYSADMIN.
For passwords to these try things like SYSTEM, SYSMAN, SYSADMIN, ADMINISTRATOR,
OPERATOR, SYSOP, etc.
The default user-level accounts are:
LP
DAEMON
TROUBLE
NUUCP
UUCP
RJE
ADM
SYSADM
SYNC
BIN
(Note: These accounts should be entered in lower case , I merely wrote them
in upper case for easier reference.)
After being on Unix's, I have also seen the following common accounts:
USER
UNIX
GAMES
GUEST
STUDENT -on school run Unix's.
The maximum length of a password is 11 characters.
After doing all this you should, with luck, be in!
If you couldn't hack anything out, try typing "WHO" at the login: prompt, it
may list all the user accounts and you can try them until you find one without
a password.
Part IV: You're in!!!
----------------------
Congratulate yourself, the hardest part of Unix "hacking" is over. Ok,
now that you're in you'll see a prompt which will probably look like "$" for a
user account or "#" if you got lucky and got a super user account.
(Quick note, to stop a unix process in action try typing ctrl-d or control
backspace, these are the end of file/Stop process keys.)
Ok, so you are now in. Let me give a quick lesson on Unix directories. In
Unix, the root is the main directory, and it contains subdirectories which may
contain subdirectories etc. In order to change to the root directory, one
would type "cd /". This is because "cd" is the command "change directory" and
"/" is the root directory. To change to subdirectory "Bill" contained in the
root directory, you would type "cd /Bill" or, if you were in the root dir, just
"cd Bill". If you wanted to access Bill's files, you'd enter "cd /Bill/files"
assuming Bill had a subdir called files where he kept his files. This is how
a person would move around in a Unix sys. Graphically, it looks like this:
Root
__________!!_________
!!
__Bill__
!!
__Files__
Part V: Basic Commands
-----------------------
Ok, these commands are the most useful ones that I've found and can are
entered from the prompt.
Command:What it does
--------------------
ls gives a listing of all files in a directory
cat gives a dump to screen of what is contained in a file. For instance
"cat phones" would show me what is in file "phones".
cd change directory
pwd shows what directory path you are in now
ps shows system processes
rm remove a file, for instance "rm phones".
rmdir removes a directory, for instance "rm Bill".
grep print ascii strings in a file, ie "grep phones"
who shows who's on the system
mail sends mail to a user, syntax mail <username>
su change from 1 account to another. For instance, if you are account
Bill and wish to change to account Jake (which is unpassworded) just
type "su Jake" and you will change to him. If Jake has a password you
will be prompted to enter it. This is useful for login in under a
user account and switching later to a super user account.
passwd allows a user to change his password. If you are a superuser you can
change someone elses password by typing "passwd <account>".
mkuser make a user (providing you are a super user)
mkdir create a directory
More Information about Commands
-------------------------------
The following are more of the most basic Unix commands.
cat cd chmod cp cut date
echo egrep fgrep file find glossary
grep help ln locate ls mail
mesg mkdir mv news pr ps
pwd rm sleep sort starter stty
tabs tail tee time touch tty
uname usage wall wc who write
Using the Command: mkdir
Syntax Summary: mkdir dir_name1 [ dir_name2 ...]
where:
dir_names are simple subdirectory names,
relative pathnames, or full pathnames
Description:
mkdir creates one or more new directories.
If mkdir is given a simple name as an argument, the new
directory will be a subdirectory of the current directory.
You can make new directories anywhere in the file system
by giving mkdir a complete or relative pathname for the new
directories, if you have permission to write in the directory
where the new directory is to be created.
Ok, those are the basic commands you will need to go around in the system.
Part VI: Useful Information
----------------------------
A great place to go to get information on who is on the system and
what accounts you can use to get on again is contained in the file "passwd"
in the "etc" directory. To look at it, cd etc, and then cat passwd. The
first entry should say something like this:
root:adfaBADca:0:1:Operator:/:/bin/sh
what this means is that the root account has an encrypted password, has super-
user capabilities (any user with a 0 in that slot is a super user) is in group
1 (relatively unimportant for this file), has a comment of Operator (this may
be blank), has a home directory of / (the root) and uses the Bourne Shell, kept
in the /bin directory.
You will then see all the other users listed out in the same format. If you
see an account followed by two colons, that means that it has no password. You
want these accounts so that you can log in under them another time. If you get
real lucky you may see something like this:
makefsys::0:1:/bin:/bin/sh
meaning that you have found a super user account with no password, a very
useful item indeed.
Another good place to look is the /usr/spool dir and the
/usr/spool/cron/crontabs dir because if you are a super user that dir contains
much that will be useful to you.
In order to move up to a directory one level higher than you are presently in,
type "cd ..". So to move from /Bill/files to /Bill I would just type cd ..
and, assuming I started in /Bill/files I would now be in /Bill.
Ok, now you can wander the system "cat"'ing around and whatnot. If a file
doesn't "cat", try just typing it's name, that will execute it if you have the
privileges. Try typing "admin" or "ua" if you are a superuser nad maybe you'll
be able to create users or other interesting things. You may not be able to
cat a file or run it because you lack access permissions. What are they? Read
on!
Access Permissions
------------------
access permissions: permissions: mode: owner:
owner/group/others: read/write/execute
As the user of a UNIX system, you can decide who can read, write,
and execute the files and directories that you own. You are
usually the owner of files and directories that you have created in
your login directory and in the "subdirectories"* in your login
directory. You may also own files in other peoples' directories.
You control the use of your files and directories by specifying the
access permissions, also called the mode, for each. You can specify
different access permissions for yourself, your "group"*, and the
other users of the system. Permission to read allows the user to
read the contents of the file. Write permission allows the user to
change the file and execute permission enables the user to execute
the program within the file.
ls -l
prints the access permissions for each file and directory in the
current directory. The sample listing below shows the mode of the
file (preceded by a -), the number of "links"*, the owner, the
"group ID"*, the size in characters, the date and time the file
was last modified, and the "filename"*.
-rwxr-x--x 1 sandy 12345 128 Oct 9 9:32 lock
If this were a listing for a directory, the hyphen (-) would be
replaced by the letter d. The owner of the file "lock" can read,
write and execute the file, the group can read and execute it, and
the others can only execute it. You can change the mode of your
files and directories by using the change mode command, chmod.
Other interesting places to look are in the directories assigned to the users
on the Unix system, often their files will contain some useful information.
Also try going into the /uucp directory or looking for any uucp dir anywhere as
it may contain phone numbers to other Unix systems or other "goodies".
The *: asterisk
---------------
In the shell, an asterisk matches any "string"* of characters in
a "filename"* on a command line. The command
rm temp*
removes all files from the current working directory that begin with
the string "temp". Files like "temp", "temp1", "temp.1", and
"temp.save" would all be deleted. An asterisk alone matches any
filename in the current working directory except those beginning
with "dot (.)"*. For example,
rm *
removes all the files in your directory except for the dot (.)files.
Finally, typing help at the unix prompt may bring up a help manual that is
usually quite well done and will help you if you are stuck or wish to explore
in more depth the commands I didn't go into.
Hmm, what else? I can't think of much more right now that would help you much
more, in this file I think I've covered everything that should get you well on
your way towards becoming a unix hacker. Once you've got this, start reading
files on "Unix Shells", "Scripts", and ask around A LOT. Ah, I just remembered
something. To get help on a command, type "man <command>" or "whatis <command>
" and you may find out. Also, a lot of Unix's have a built in Help feature
somewhere, try to get to it.
Part VII: A Few Final Words
----------------------------
If you manage to get onto a Unix system, don't screw it up. Unix is a
great operating system, and fun to learn on and have other people learn on.
Don't become a superuser and delete everything or other things, it's just not
worth it. Also, don't make a user called "Hacker" or "Shadow 1" or something,
that's a blatant giveaway. Put an account a little out of the way directory,
and create user level accounts if you must, and perhaps just 1 super user
level. I can't think of much more to say on the basics, though I probably left
some important things out....nobody's perfect. I hope you enjoyed the file and
I can be found on the following boards:
The Private Connection
The Undergraduates Lounge
Quick Shop
Phreak Klass 2600
The Brewery
The Works
Slaughterhouse 5, Holovision Network Node 1
Spock's Brain
Special Thanks to: The Prophet, for his excellent file: Unix Use and Security
From the Ground Up.
The End, good luck, enjoy yourself, and don't get caught!
Lord Lawless
Phortune 500/BOD
--This has been a Lord Lawless Presentation, (C) 1987.--
(C) 1987 Phortune 500

Reference in New Issue View Git Blame Copy Permalink