What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

More Browser Hacking: How to Download System Programs

If you try to download a program you find using Google, you will probably see something like this, which is the binary for the command "ls." The ls program lists files on a Unix or Linux type computer.

It looks like garbage because your browser is looking at all the zeros and ones of a binary and trying to figure out what it means.Most of its guesses are mistaken. However, there is a way to download interesting programs in case you want to run them on your computer in order to find out what they do.

The program you plan to download has to be compatible with your operating system. To get an idea of whether it has a chance of working on your computer, look for the directory from which you plan to download it. In the case of ls, you would look for /usr/bin. You will find that this directory exists on most Unix or Linux operating systems. However, be sure you don't overwrite your own ls program. The new one might not work or might not be as good as your own. Be sure to save it under a different name. If you save it in the same directory name from which it came, it has a better chance of working.

Also, a program or other interesting file you download may be only part of a complex installation and will need many other files, symbolic links ( a Unix/Linux installation technique) or, in the case of Windows, Registry entries.

Newbie note: In Unix and Linux systems, a file may appear to be in one location, but is actually linked to another location where the contents of the file actually are kept. In Windows operating systems, the Registry is where lots of instructions are kept for how programs are to run. Click Start --> Run --> Regedit to look over the Registry. Don't change it unless you know what you're doing!

Warning: Any program you download from a computer you are exploring might contain a Trojan that could harm your computer. Even if it is OK, it might crash your computer because of some sort of incompatibility. If you are determined to run a program you downloaded from some randomly chosen web site, be sure to use a computer that you don't mind having to reformat and reinstall if anything goes wrong.

Let's take a look at how you can download an interesting-looking file.

Of course any directory named "security" has got to sound tempting. Before trying to download anything, let's try to find out what a file with this name means. A Google search using an archived site turns up this info:

PAM stands for Pluggable Authentication Modules. Basically PAM is a way to change on the fly the way applications or services are authenticated. When you use PAM, you can define at run time how an application or service is authenticated, rather than having to recompile it.... Effectively, program simply asks PAM "Is this user allowed to access the service I'm offering", and PAM takes care of the background details of searching /etc/shadow, /etc/passwd, checking times, etc... The "pluggable" means that as your authentication needs change, your software can be adjusted to fit without having to recompile (often a great number of) applications. You simply change the PAM configuration file to reflect the changes in your authentication. -- from "What the Heck is PAM anyhow?" by Kevin Fenzi .

What the heck. Let's try to download it. In the browser window change http to ftp and we get this:

We do a little searching with Google to find out how PAM works. This tells us where to look for other files related to this program. Here's the configuration file, which is an ordinary text file.

More --->> 


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

Return to the index of Guides to (mostly) Harmless Hacking!

© 2013 Happy Hacker All rights reserved.