an Exploit Explained
Guide to (mostly) Harmless Hacking
Vol. 5 Programmers' Series
No. 2: Shell Programming: an Exploit Explained, Part 1
by Carolyn Meinel <email@example.com> and BOFH <firstname.lastname@example.org>
(finger us for important security tips!)
"What?" you wonder. "Another GTMHH on shell programming?" Some people
complained about the first of this GTMHH Programming Series because it
didn't look like it had much to do with breaking into computers. I hope you
weren't one of those d00dz, because to run almost any exploit program, you
need to understand shells and shell programming.
Of course that also means you must have a shell account. To find out how
to get one, see the GTMHHs on "How to Get a Good Shell Account" at
In this Guide you will learn:
* Why shell programming is important
* The t shell (tcsh) and where to get it
* How to customize your login shell script to make it:
easier to use
* How to make your shell account more secure
* How to discover all available Unix commands
* The C language compiler
* An exploit explained:
how to break into a computer in one easy shell script
* How to explore a computer from inside a shell account
* How to read email directly from the mail spool
* Library programs
WHY SHELL PROGRAMMING IS IMPORTANT
We are doing yet more on Unix shells because almost any serious break-in
program does its deed from inside a Unix shell. This is a difficult subject
to teach because there are many varieties of Unix and many Unix shells.
There also is that big unknown called "library functions." Most exploit
programs use many library functions. If the computer on which you have a
shell account doesn't have the required compiler or libraries, you can't run
Newbie Note: This Guide uses the following concepts:
* Unix shell: A program that provides you with a wonderful storehouse of
commands which it turns into instructions that your computer can understand.
The same Unix operating system may accept different commands depending on
what shell you use. And different flavors of Unix (Linux, Sun OS, Solaris,
AIX, Irix, FreeBSD, etc.) offer different sets of commands that you can use.
You can also create your own shell commands -- something this Guide will
* Interpreted programs: Your computer reads and performs your commands line
by line. This kind of program is easy to write and use, but slow.
* Compiled programs: A compiler reads the commands line by line, figures out
how to run these commands fast, and writes them into a compiled program.
This kind of program is harder to make. But once compiled, it runs much
faster than an interpreted program.
* Script: A sequence of commands which is interpreted rather than compiled.
The most common scripts you will create or use in hacking are shell scripts
and Perl programs. A shell script is a series of Unix commands that are
automatically executed (run) when you simply enter the name you gave to that
script. What this means is that each script becomes a new Unix command for
you to use.
* Library functions and other library programs: These are compiled programs
that your computer stores which may be used by many other programs. This
saves disk space and programming time because each program that uses the
instructions of a library program can simply call it from the library.
* Binaries: These are the kind of files made by compilers. A binary can be
an entire program, or just a portion of a program used by many other
programs (for example the library functions).
There is no way this Guide -- or even a big, fat Unix manual -- could tell
you all you may wish to know about the flavor of Unix you are using and its
many shells, and all the library programs the exploits you want to run might
use. So at this point in the Programmers' Series we concentrate on showing
you how to discover what the shells, compilers and library programs of your
account will allow you to do.
Besides, you may discover your shell account is hopelessly crippled. Some
Internet service providers are so afraid of hackers that they disable the
use of compilers and put the library programs off limits. After reading
this Guide, you will appreciate why they do this. You will also understand
what to look for in a good shell account. This may even inspire you to
install Unix on your home computer so your skills will be the only limit on
DISCLAIMER (from BOFH):
The information shown in this Guide is known to work with Linux, OpenBSD,
FreeBSD, SunOS and Solaris. The instructions of this Guide may not work
with other flavors of Unix. Please note that I'm not a technical writer,
nor do I plan on doing this for a living.
I'm just attempting to pass on a bit of knowledge. If someone finds a
mistake, gleaming error or typo, do me a favor...
shell programming --->>
in 4th edition now!