What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Shell Programming,continued...

Slightly Stealthy Scripts

 Now suppose you are worried about really clueless kode kiddies getting into your shell account. Believe it or not, many people who break into computers are almost totally ignorant of Unix. For example, at Def Con V a friend, Daniel, conducted an informal poll. He asked dozens of attendees if they knew the "cat" command. He found that over half the people there had never even heard of it! Well, *you* know at least one way to use "cat" now!

 Another example of haxor Unix cluelessness was a fellow who broke into my shell account and planted a Trojan named "ls." His idea was that next time I looked at my files using the Unix ls command, his ls would execute instead and trash my account. But he forgot to give the command "chmod 700 ls." So it never ran, poor baby.

******************************************************

Evil genius tip: How to keep from accidenatlly running a Trojan in your shell account. Damian advises "NEVER put '.' (the current working directory or cwd) in your path! If you really want "." in your path, make sure it is the last one. Then, if a Trojan like ls is in your current directory, the _real_ ls will be used first. Set your umask (umask is the command that automatically set permissions on all files you create, unless you specify otherwise) to something more secure than 022, I personally use 077. Never give group or other write access to your directory and be leery of what others can read." For your reading enjoyment, use the commands "man chmod" and "man umask" to get all the gory details.
******************************************************

 Here are ways to make shell scripts that the average clueless person who breaks into a computer won't be able to run.

 First, when you name your script, put a period in front of the name. For
example, call it ".secretscript". What that period does is make it a hidden file. Some kode kiddies don't know how to look for hidden files with the command "ls -a."

 After you make your script, don't give the "chmod 700" command. Just leave it alone. Then when you want to execute it, give the command "sh hackphile" (substituting for "hackphile" the name of whatever script you wish to execute). It will execute even though you never gave that chmod 700 command!

 What you have done with the "sh" command is launch a temporary new Unix shell, and then send into that shell the commands of your script.

 Here's a cool example. Make this script:
cat > .lookeehere!
who|more
netstat|more

 Remember to save this script by holding down the control key while hitting the letter "d". Now try the command: ".lookeehere!" You should get back something that looks like:
bash: ./.lookeehere!: Permission denied
That's what will stump the average kode kiddie, presuming he can even find that script in the first place.

 Now try the command "sh .lookeehere!" All of a sudden you get screen after screen of really interesting stuff!

 Your Internet Service provider may have disabled some of the commands of this Guide. Or it may have just hidden them in directories that you can get to if you know how to look for them. For example, if the "netstat" command doesn't work, give the command "whereis netstat." or else "locate netstat."

 If, for example, you were to find it in /usr/bin, you can make that command work with "/usr/bin/netstat" in your script.

 If neither the whereis or locate commands find it for you, if you are a newbie, you have two choices. Either get a better shell account, or talk your sysadmin into changing permissions on that file so you can execute it. Many sysadmins will help you out this way -- that is, they will help if when they check their syslog files they don't find evidence of you trying to break into or trash computers. Neat trick: take your sysadmin to a fancy restaurant and wait to ask him for access to EVERY Unix command until after you have paid for his meal.

***************************************************** Evil genius tip: Your sysadmin won't let you run your favorite Unix commands? Don't grovel! Compile your own! Most ISPs don't mind if you keep and use your favorite Unix stuff in your own account. Says Damian, "I tend to keep my own binaries in ~/bin/ (My home directory slash bin) and put that in my path. (With the directory being 700 or drwx------ of course)." Where can you get your own? Try http://sunsite.unc.edu/pub/Linux/welcome.html
*****************************************************

More shell programming --->>


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

 

Return to the index of Guides to (mostly) Harmless Hacking!

 © 2013 Happy Hacker All rights reserved.