What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Shell Programming: an Exploit Explained, continued...

HOW TO DISCOVER ALL AVAILABLE UNIX COMMANDS

        Now that you have a login file that isn't lame, let's start exploring the
commands you can run from your tcsh shell account.  Since you are reading
this because you wish to be a hacker, let's start by looking for a compiler
for the C language, the most important language for exploits to break into
computers.

        The best guess for a command to run the C compiler is the letter "C" (duh.)
So at your prompt give the command:

c<control d>

        where you first type the letter "c", then hold down the "control" key while
hitting the letter "d". (Note: this will also work with the C shell (csh)
but not with any other shells.)

        This gives us a complete list of all the commands you can use that start
with the letter "c".  It will look something like this:

c++                  chroot               compress.FCS
c2ph                 chrtbl               config
cal                  chsh                 config.txt
calctool             ci                   constype
calendar             clear                continue
cancel               clear_colormap       convert_to_Xdefaults
capitalize           clear_functions      convert_to_xview
case                 click                convertfont
cat                  clock                core
cb                   cm                   cpio
cc                   cm_delete            cppstdin

(many more commands beginning with the letter c snipped)

        That "cc" command looks promising.  It is possible that on your system the
C compiler will have a different name, most commonly "gcc" (the gnu
compiler).  So don't give up if you don't see "cc". To be sure this is the C
compiler, next you give the command "man cc".  This brings up an online
manual on the C compiler:

CC(1V)                   USER COMMANDS                     CC(1V)

NAME
     cc - C compiler

SYNOPSIS
cc [ -a ] [ -align _block ] [ -Bbinding ] [ -c ] [ -C ]
[ -dalign ] [ -dryrun ] [ -Dname [=def ] ] [ -E ]
[ float_option ] [ -fsingle ] [ -g ] [ -go ] [ -help ]
[ -Ipathname ] [ -J ] [ -Ldirectory ] [ -M ]
[ -misalign ] [ -o outputfile ] [ -O[level] ]
[ -p ] [ -P ] [ -pg ] [ -pic ] [ -PIC ] [ -pipe ]
[ -Qoption prog opt ] [ -Qpath pathname ]
[ -Qproduce sourcetype ] [ -R ] [ -S ] [ -sb ]
[ -target target_arch ] [ -temp=directory ] [ -time ]
[ -Uname ] [ -w ] sourcefile ...  [ -llibrary ]

SYSTEM V SYNOPSIS
     /usr/5bin/cc arguments

     /usr/xpg2bin/cc arguments

     Note: arguments  to  /usr/5bin/cc  and  /usr/xpg2bin/cc  are identical
to those listed above.

(snip)

DESCRIPTION
     cc is the C compiler. It translates programs written in  the C
programming language into executable load modules, or into relocatable
binary programs for subsequent loading with  the ld(1) link editor.

     In addition to the many options, cc accepts several types of filename
arguments.   For instance, files with names ending in .c are taken to be C
source programs. They are  compiled, and  each  resulting object program is
placed in the current directory.  The object file is named after its source
file - the suffix  .o  replacing .c in the name of the object.  In the same
way, files whose names end with .s are taken to  be assembly  source
programs.  They are assembled, and produce .o files. Filenames ending in .il
are  taken  to  be  inline expansion  code  template  files;  these  are
used to expand  enabled.   See FILES, below for a complete list of
compiler-related filename suffixes.

     Other arguments refer to assembler or loader options, object programs,
or  object  libraries.   Unless  -c, -S, -E -P or -Q produce  is  specified,
these  programs  and   libraries, together  with  the results of any
specified compilations or assemblies, are loaded (in the order given)  to
produce  an output  file  named  a.out.   You can specify a name for the
executable by using the -o option.

        "Oh, no!" you shout/cry/whimper.  "This stuff looks like it was written by
a gnome in some underground weapons complex in a James Bond movie!"
Patience, one of these days I'll get around to writing a simple explanation
of how to link, compile and run C programs.  If you don't have patience, a
good book that covers C and includes a CD-ROM with programming tools is
"Unix Programming Tools," by Eric Foster-Johnson, M&T Books, 1997.

        Or, if you are a real hacker, you will start trying out that C compiler
today!  Guess what, if you make mistakes in trying to follow the on-line
manual, big deal.  No one will make fun of you. You can't destroy your
computer with a C compiler mistake, either. (OK, maybe you could mess
something up, but what the heck.)  Real hackers aren't afraid to make
mistakes and don't make fun of others who make mistakes, either. The essence
of hacking is to boldly try out new things and not be afraid of hitting the
wrong key.

        Besides, I make lots and LOTS of mistakes and I [Carolyn] am a famous, er,
infamous hacker.  If an old lady like me isn't afraid to make public
boo-boos, you can be brave and figure out that C compiler by yourself. 

        To learn about every single command that you have the power to run from
your shell account, type in the letter "a" followed by control d.  Then with
each and every command that brings up, give the command "man acommand" where
you substitute the command you wish to explore for "acommand".  Then try
using that command until you have figured out how to use it with all its
variations.  Do this in turn with each of the rest of the letters of the
alphabet.  When you are done, you will be a true Unix wizard.  No one will
ever again say to you, "RTFM!" (Read the forking manual).

More shell programming --->>


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

 

Return to the index of Guides to (mostly) Harmless Hacking!

 © 2013 Happy Hacker All rights reserved.