Unix Edition
__ __ __ __ __
/ // /__ ____ ___ __ __ / // /__ _____/ /_____
____
/ _ / _ `/ _ \/ _ \/ // / / _ / _ `/ __/ '_/
-_) __/
/_//_/\_,_/ .__/ .__/\_, / /_//_/\_,_/\__/_/\_\\__/_/
/_/ /_/ /___/
___ _ __
/ _ \(_)__ ____ ___ / /_
/ // / / _ `/ -_|_-</ __/
/____/_/\_, /\__/___/\__/
/___/
June 2nd, 2000
.... .- .--. .--. -.-- .... .- -.-. -.- . .-. -.. .. --.
. ... -
See the Happy Hacker web site at http://www.happyhacker.org
Firewall gives you problems? Try http://happyhacker.org
.... .- .--. .--. -.-- .... .- -.-. -.- . .-. -.. .. --. .
... -
***********************************************************************
*** Editor's Comments
***********************************************************************
Well... wow. It's been a long time since we put out a digest...
as some of you know, we had some problems with the antionline
list, people wanted just the technical, just the AO stuff, all
kinds of requests, so we created some new mailing lists at egroups.
Hopefully, this will only be temporary, as one of our UberSQL'ers
and myself (well, mostly him) are working on a whole new site,
where the goal will be to create a community where users can
interact-- including a web based index into all mailing list
messages, our own hosting, personal accounts, and the ability
to create local "user groups" worldwide. Stay tuned!
Unfortunetely, the mail.cmeinel.com server I use was out
of commission for a while, so if I appear to have ignored your
message, then either:
a. it was really stupid or
b. I never got it... feel free to resend it.
I just have one more thing to add. A certain user, let's call
him, oh, say, Mousa, happens to go to a certain university, oh,
say, Cook College at Rutgers University. Now, our friend Mr.
Haddad (just to make up a random name) emails me asking me to
change his grades for a class, let's say, chemistry. Well, he
gives me his SSN, password, and with that (plus his AOL screen
name), I now have everything from his address (both home and
school), phone numbers, SSN's, date of birth... can you say,
credit card fraud? But I don't do things like that... I do forward
such emails to the appropriate Deans. So don't email with those
kinda requests.
***********************************************************************
*** Readers' Submissions
***********************************************************************
sgabzdyl <sgabzdyl@sgabzdyl.fsnet.co.uk>:
Hi, Mike,
I recently installed one of those versions of linux that you
can run off your windows partition, it's called PhatLinux. The
installation was fine and i am able to dial-up my ISP. However,
when I run Netscape i get an error message : 'Hostname Look-up
failure' I cannot connect to any site and get the same message.
I don't really understand much about Hostnames, the default one
i have is 'PhatLinux.PhatBox.' Do you think you could point me
in the right direction as it's really
annoying me.
_Stevie Gabzdyl_
[Editor: Sure. The hostname lookup failure is a DNS problem.
As you probably know, all machines on a TCP/IP network are identified
by a series of 4 numbers, e.g., 207.124.53.19. A DNS server maps
hostnames (like yahoo.com) to these numbers. If you haven't told
your machine what DNS servers to use, it won't know how to convert
names to numbers. Look at /etc/resolv.conf, and add the line
"nameserver 111.222.111.222" (without the quotes),
replacing 111.222.111.222 with the DNS server of your ISP. You
can have several nameserver lines, in case the first is down,
then it'll query the second, and so on.]
-----------------------------------------------------------------------
Sam Hamilton <Sam.Hamilton@btinternet.com>:
I am wanting to build a secure web server. I once read somewhere
that you put the OS on a CD-R instead of the harddisk. I want
to put a http server (SSL), ftp server, DNS, email and secure
telnet in one computer. To run the OS off the CD-R and then the
web site files to go on the harddisk with the logfiles mailed
to me daily.
So basically I am wondering how to go about doing this, if
you know any useful documentation sites or can give me a few
tips on getting it done. The only limitation is that I cannot
get my CD-R to work in Linux so it only works in MS'98.
[Editor: Excellent idea. The better idea, however, is to also
put the web files on the CD-R as well, that'll prevent any defacements.
I think there's a HOWTO on running Linux off a CD-ROM, if not,
I know there's one on how to install a fully running system on
a ZIP drive... it'll be pretty similar. To mail the log files,
you can just play around with syslogd.]
-----------------------------------------------------------------------
Nachiketa Mishra <nachiketam@hotmail.com>:
Hello carolyn,
I read your harmless hacking article.I have
a
problem.my ISP is giving me a shell account but whenever I try
to ping or finger or even cd I get a message "rksh: command
not found" . What is the problem ? please help me.
wating for a reply
nachiketa
[Editor: rksh is your shell. The "command not found"
message means that it can not find a file by that name. If it
was just ping and finger, I'd say they either: a. weren't installed
or b. weren't in your path. cd is supposed to be an internal
command however... I have no idea why that wouldn't work (unless
they won't let you use it... I can't imagine why, though).]
-----------------------------------------------------------------------
Andy <pitts@callnetuk.com>:
My name's Andy and I'm 17 years old. I've been reading the
guide to mostly harmless hacking and I just want to know the
first step I need to take to get going. You probably don't care
but I'm not going to hack to destroy things. I'm planning on
taking a degree in computer science at university next year and
I want to learn as much as I can about computers before I go.
I've tried asking in newsgroups for advice but, as always, nobody
wants to help a newbie.
At the moment I don't have any special hacker tools, just
basic windows 98 programs. My service provider is callnetuk
and I tried to find out if I had a shell account by making a
hyperterminal thingumy. It asked me to login (so I thought I
must have a shell account) but after I entered my password it
just came up with loads of symbols and nothing else. Got any
ideas? As I'm only 17 I don't have the money to go subscribing
to other service providers that offer shell accounts. I only
have a stand alone computer as well so I can't practice any LAN
things either.
Also, do you know where I can get a unix based OS cos I've
looked everywhere and I can't find one. Again, preferably a
free version.
Thanks for your time
Andy
[Editor: The "loads of symbols" are probabaly PPP
packets (dead giveaway: a bunch of curly brackets {{{). A free
Unix based OS... well, try linux.org :)]
-----------------------------------------------------------------------
Thomas Franklin <TFranklin@ukgateway.net>:
You seemed the right person to contact. My question is simple,
How do you pronounce Linux? I pronounce it as Leenux, But other
people i know say it a line-ux. Who is correct?
[Editor: lol. Please, before I answer the question, no flame
wars, ok? I call it Lih-nucks. It probably should be called Line-ux
(Linus + Unix= Linux), b/c Linus is with a long I. For some reason,
no one does, though.]
-----------------------------------------------------------------------
Spanky176@aol.com <Spanky176@aol.com>:
First off, I'd like to say that I think your webpage is great
and that I enjoy reading it. My question is this. When I try
to use mail ports on certain domains, they only let me relay
email to addresses on that server. Is there any way around this?
[Editor: No.]
-----------------------------------------------------------------------
Parker Boutell <weevil@freenet.nether.net>:
Gee mr.Mike I really think your swell................anywho
I
mailed to ask about something that happened to me the other night
while programing at 3 in the morning.. any ways I wrote a program
that acts a a one function calculator but when I try to run it
it gives me the error message "segmentation fault(core dumped)"
I know this has something to do with it making a copy of the
core or something. I heard Carolyn mention something about that
in the "Exploits Explained" GTmHH. What I was wondering
can this be made into explot code I want to use it possibly to
try and break in my linux box which is a Red Hat 6.1 OS on a
486dx so anyhelp would be appreciated or any place that you can
send me to learn more about exploit code would also help.......below
is a copy of the code which was written in C it is really bad
but im just learning but now I know alot more then I did when
I wrote this.
#include<stdio.h>
char line [100]
int term;
int term_2;
int term_3;
main()
{
fgets(line, sizeof(line), stdin);
sscanf(line, "%d %d", &term, term_2);
term_3 = (term + term_2);
printf("%d\n", term_3);
return (0);
}
p.s. Sorry its not commented or anything but it was 3 in the
morning and was just trying to sta up till 5 but this hardly
makes sence to me when I looked at it the next day but thanks
~weevil
[Editor: First, let me say that I'm not going to write an
exploit for you. You are correct in saying that this could be
a problem. The key to exploiting a core dump is the core dump
file. Try it right after you login (so your login info is still
in memory). Then look through the core dump to see if you can
find anything that looks like login information. Once you know
where (if) it can be found, see how you can automate the search,
to create a file to automatically extract usernames and passwords.
Voila, instant exploit.]
-----------------------------------------------------------------------
Alan Azar <alan304@yahoo.com>:
Hi in one of your documents you had something like
this written
If service.pwd is obtained it will look similar to
this:
Vacuum:SGXJVl6OJ9zkE
The above password is apple
Turn it into DES format:
Vacuum:SGXJVl6OJ9zkE:10:200:Vacuum:/users/Vacuum:/bin/bash
I want to know how you decrypted it
is vacuum the username?
also could you help me decrypt this
zebulun2:vxhUdORGl7WOE
thanx
Alan
[Editor: Unix passwords are one way. There is NO, repeat,
NO way to decrypt a unix password. Without getting into the cryptological
details, the bottom line is that there is no modelable one way
transformation between apple and SGXJVl6OJ9zkE. In fact, try
this. Create two user names, give them the same password. See
how they encrypt. Password crackers work by trying to encrypt
(the algorithm is public, of course) hundreds of thousands of
test passwords: brute force.]
-----------------------------------------------------------------------
who knows <insider32@hotmail.com>:
hi, I have 2 questions.
When you first log into linux or any *nix there is sometimes
a sort of motd thing after you have actually given your user
name and whatnot. What file is that setting stored in?
Also, at the prompt it will say something like #bash> or
what ever. what file has the configeration for that in it?
thanks
[Editor: 1. Usually /etc/motd. 2. .profile, .bashrc, .cshrc,
.bash_profile, .login, something like that. It depends on your
shell. Do an ls -A (to display all hidden files except . and
..) and view the files it shows.]
-----------------------------------------------------------------------
Jason <kj131@home.com> asks:
At one point I saw a section in the Happy Hacker website
that talked about getting on the internet with linux. Well I
didn't have linux then and I do now. I have cable internet and
they told me that they do not do tech support for linux. I am
running Linux Mandrake 7.0. I was wondering were I could find
that article or if you or anyone could help me out. Thank you
for your time.
[Editor: Check out the cable modem HOWTO. Basically, you'll
set up your ethernet card, then (probabaly) just have to enable
DHCP. It's really easy...]
-----------------------------------------------------------------------
Ian Neufeld <ianneufeld@hotmail.com> wrote:
I have a couple questions regarding Linux.
1) Linux is labeled as "open-source". Does that
mean I can, or have the right to, access/alter the source code
for any program? If not, what EXACTLY does it mean?
2) Do you know where I can find the source code for various
Linux commands or a decompiler/debuilder/reverse-engineering
program what would do it?
A reply will be much appreciated.
Signed,
Ian Neufeld
[Editor: Ok, most Linux that's open source is under the GPL.
While I don't want to summarize it right here (and I'm not enough
of a lawyer to give advice anyway), basically, it says that all
code must have source code availible, and must be redistributable.
Note that people say "free as in source, not free as in
beer." That means you can charge money for the code... but
since once one person buys it, he can give it away for free,
no company could get away with charging more than a "reasonable"
fee (say, >$10 per CD). As far as other code, it may be open
source, it may not... there's a bunch of difference licenses
out there. The folks at Debian (http://www.debian.org) are open-source
zealots... they're very active in making sure to bundle their
distro with only real free stuff... and they still fill up a
few CD's. As far as number 2, it's a very tough job, and I don't
know of any utility to do that. But most linux programs have
source availible, so you can build the code yourself. Look for
a .src tarball.]
-----------------------------------------------------------------------
***********************************************************************
*** Perl 101 Lesson 8
***********************************************************************
This week (roughly), we'll be discussing the concept of arrays.
As you remember from the beginning, an array is just a list of
scalar data, in order. Order does not mean the data is in alphabetical,
or any other type of order per se, it just means that item #1
will not vary by each call, that is, there is a unique index
associated with each element.
A list is defined by parentheses. Of course, you can declare
a literal array ("1", 2, "Three), which contains
three scalars, the _character_ (not number) 1, the number 2,
and the string "Three". Perl also has the .. notation
which should be familiar to those readers with some set theory
background. (1 .. 4) is defined to be (1, 2, 3, 4), (a .. d)
is defined to be (a, b, c, d) (b/c it increments the ascii value)
and (1.5 .. 6.3) is (1.5, 2.5, 3.5, 4.5, 5.5, 6.3). So it increments
one each time, stopping when value < last number. Of course,
perl is pretty free form, so you can feel free to declare a list
on
multiple lines
if
you
so
desire.
You may remember the Quote Words (qw) operator from the initial
example... it automatically double quotes a list. So
qw(Hello There)
would evaluate to:
("Hello" "There")
Just like a scalar was indentified by a $ before the variable
name, an array is prefaced by a @. So @array would be a standard,
if vague, variable name for an array. If you think back, you'll
realize we actually used two arrays in the beginning. One was
pretty explicit (actually, and I'm not writing this from home,
so I can't check, but offhand I think it was a hash), but the
other was pretty subtle. Remember the statement that said something
like:
print("Hello ",$name);
If you think about it, the ("Hello",$name) is a
list. So now we can see that print displays all elements of a
list. I suppose that may seem trivial, but trust me, it's actually
pretty important. "But wait," you should be saying!
"Didn't you say that print doesn't need parentheses?"
Yes, I did, and if you've been playing around with perl, you'll
see that I was right. So what's going on? Which is right? Truth
be told, they both are. The key is that a list, strictly speaking,
does not need parentheses. But that's for later... for now, always
declare a list w/ the parentheses.
Unlike certain languages (Basic comes to mind), the $ and
@ are not just descriptions of what's in the variable... they're
actually part of the name. Thus, you can have $var and @var,
and "never shall the twain meet." (Of course, it's
a pretty sloppy thing to do...)
What if you try and assign a scalar to an array? For example,
go to a shell, and try (right now, I'll wait) the following:
$scalar = 5
@array = $scalar;
What happened? What perl does (no cheating) is to convert
(typecast, if you wish) the scalar into the list ($scalar), and
then assign that list to @array. To add to an array, you can
refer to the array itself. If that didn't make any sense (and
reading over it, I don't think it did), look at this example:
@array=("There, " "Mike");
@array=("Hello ",@array, ".");
print @array
Your output should look something like:
Hello There, Mike.
Easy? Good. Part of the great power of perl comes from combo
statements like the following:
@array1=($var1, @array2) = ("4", "5",
"6", "Seven");
This sets @array1 to ("4", "5", "6",
"Seven"), $var1 will equal "4", and the rest
("5", "6", "Seven") will find it's
way into @array2. What if there's a mismatch between the number
of elements on the right and on the left? Try it! In case you
can't, I'll tell you... if you have too many on left (i.e., not
enough values to fill up the empty ones), you'll get undefs.
If there are too many, the values just get dropped. Of course,
the original (on the right) will be unchanged.
.... .- .--. .--. -.-- .... .- -.-. -.- . .-. -.. .. --.
. ... -
This is a list devoted to *legal* hacking! If anyone plans
to use any
information in this Digest or at our Web site to commit crime,
go away! We like to put computer criminals behind bars where
they belong!
