💾 Archived View for gemini.spam.works › mirrors › textfiles › hacking › UNIX › hack3.hac captured on 2022-06-12 at 08:50:34.

View Raw

More Information

-=-=-=-=-=-=-



UNIX IS A TRADEMARK OF BELL LABS ** ** (AND YOU KNOW WHAT *THAT* MEANS) ** **
WELCOME TO THE BASICS OF HACKING II:  VAX'S AND UNIX.  IN THIS ARTICLE, WE
DISCUSS THE UNIX SYSTEM THAT RUNS ON THE VARIOUS VAX SYSTEMS.  IF YOU ARE ON
ANOTHER UNIX-TYPE SYSTEM, SOME COMMANDS MAY DIFFER, BUT SINCE IT IS LICENCED
TO BELL, THEY CAN'T MAKE MANY CHANGES.  HACKING ONTO A UNIX SYSTEM IS VERY
DIFFICULT, AND IN THIS CASE, WE ADVISE HAVING AN INSIDE SOURCE, IF POSSIBLE.
THE REASON IT IS DIFFICULT TO HACK A VAX IS THIS:  MANY VAX, AFTER YOU GET A
CARRIER FROM THEM, RESPOND=> LOGIN:  THEY GIVE YOU NO CHANCE TO SEE WHAT THE
LOGIN NAME FORMAT IS.  MOST COMMONLY USED ARE SINGLE WORDS, UNDER 8 DIGITS,
USUALLY THE PERSON'S NAME.  THERE IS A WAY AROUND THIS:  MOST VAX HAVE AN
ACCT.  CALLED 'SUGGEST' FOR PEOPLE TO USE TO MAKE A SUGGESTION TO THE SYSTEM
ROOT TERMINAL.	THIS IS USUALLY WATCHED BY THE SYSTEM OPERATOR, BUT AT LATE HE
IS PROBABLY AT HOME SLEEPING OR SCREWING SOMEONE'S BRAINS OUT.  SO WE CAN
WRITE A PROGRAM TO SEND AT THE VAX THIS TYPE OF A MESSAGE:  A SCREEN FREEZE
(CNTRL-S), SCREEN CLEAR (SYSTEM DEPENDANT), ABOUT 255 GARBAGE CHARACTERS, AND
THEN A COMMAND TO CREATE A LOGIN ACCT., AFTER WHICH YOU CLEAR THE SCREEN
AGAIN, THEN UN- FREEZE THE TERMINAL.  WHAT THIS DOES:  WHEN THE TERMINAL IS
FROZEN, IT KEEPS A BUFFER OF WHAT IS SENT.  WELL, THE BUFFER IS ABOUT 127
CHARACTERS LONG.  SO YOU OVERFLOW IT WITH TRASH, AND THEN YOU SEND A COMMAND
LINE TO CREATE AN ACCT.  (SYSTEM DEPENDANT).  AFTER THIS YOU CLEAR THE BUFFER
AND SCREEN AGAIN, THEN UNFREEZE THE TERMINAL.  THIS IS A BAD WAY TO DO IT, AND
IT IS MUCH NICER IF YOU JUST SEND A COMMAND TO THE TERMINAL TO SHUT THE SYSTEM
DOWN, OR WHATEVER YOU ARE AFTER...  THERE IS ALWAYS, *ALWAYS* AN ACCT.
CALLED ROOT, THE MOST POWERFUL ACCT.  TO BE ON, SINCE IT HAS ALL OF THE SYSTEM
FILES ON IT.  IF YOU HACK YOUR WAY ONTO THIS ONE, THEN EVERYTHING IS EASY FROM
HERE ON...  ON THE UNIX SYSTEM, THE ABOR T KEY IS THE CNTRL-D KEY.  WATCH HOW
MANY TIMES YOU HIT THIS, SINCE IT IS ALSO A WAY TO LOG OFF THE SYSTEM!	A
LITTLE ABOUT UNIX ARCHITECHTURE:  THE ROOT DIRECTORY, CALLED ROOT, IS WHERE
THE SYSTEM RESIDES.  AFTER THIS COME A FEW 'SUB' ROOT DIRECTORIES, USUALLY TO
GROUP THINGS (STATS HERE, PRIV STUFF HERE, THE USER LOG HERE...).  UNDER THIS
COMES THE SUPERUSER (THE OPERATOR OF THE SYSTEM), AND THEN FINALLY THE NORMAL
USERS.	IN THE UNIX 'SHELL' EVERYTHING IS TREATED THE SAME.  BY THIS WE MEAN:
YOU CAN ACCESS A PROGRAM THE SAME WAY YOU ACCESS A USER DIRECTORY, AND SO ON.
THE WAY THE UNIX SYSTEM WAS WRITTEN, EVERYTHING , USERS INCLUDED, ARE JUST
PROGRAMS BELONGING TO THE ROOT DIRECTORY.  THOSE OF YOU WHO HACKED ONTO THE
ROOT, SMILE, SINCE YOU CAN SCREW EVERYTHING...	THE MAIN LEVEL (EXEC LEVEL)
PROMPT ON THE UNIX SYSTEM IS THE $, AND IF YOU ARE ON THE ROOT, YOU HAVE A #
(SUPER- USER PROMPT).  OK, A FEW BASICS FOR THE SYSTEM...  TO SEE WHERE YOU
ARE, AND WHAT PATHS ARE ACTIVE IN REGUARDS TO YOUR USER ACCOUNT, THEN TYPE =>
PWD THIS SHOWS YOUR ACCT.  SEPERATED BY A SLASH WITH AN OTHER PATHNAME (ACCT.),
POSSIBLY MANY TIMES.  TO CONNECT THROUGH TO ANOTHER PATH, OR MANY PATHS, YOU
WOULD TYPE:  YOU=> PATH1/PATH2/PATH3 AND THEN YOU ARE CONNECTED ALL THE WAY
FROM PATH1 TO PATH3.  YOU CAN RUN THE PROGRAMS ON ALL THE PATHS YOU ARE
CONNECTED TO.  IF IT DOES NOT ALLOW YOU TO CONNECT TO A PATH, THEN YOU HAVE
INSUFFICIENT PRIVS, OR THE PATH IS CLOSED AND ARCHIVED ONTO TAPE.  YOU CAN RUN
PROGRAMS THIS WAY ALSO:  YOU=> PATH1/PATH2/PATH3/PROGRAM-NAME UNIX TREATS
EVERYTHING AS A PROGRAM, AND THUS THERE A FEW COMMANDS TO LEARN...  TO SEE WHAT
YOU HAVE ACCESS TO IN THE END PATH, TYPE=> LS FOR LIST.  THIS SHOW THE
PROGRAMS YOU CAN RUN.  YOU CAN CONNECT TO THE ROOT DIRECTORY AND RUN I T'S
PROGRAMS WITH=> /ROOT BY THE WAY, MOST UNIX SYSTEMS HAVE THEIR LOG FILE ON THE
ROOT, SO YOU CAN SET UP A WATCH ON THE FILE, WAITING FOR PEOPLE TO LOG IN AND
SNATCH THEIR PASSWORD AS IT PASSES THRU THE FILE.  TO CONNECT TO A DIRECTORY,
USE THE COMMAND:  => CD PATHNAME THIS ALLOWS YOU TO DO WHAT YOU WANT WITH THAT
DIRECTORY.  YOU MAY BE ASKED FOR A PASSWORD, BUT THIS IS A GOOD WAY OF FINDING
OTHER USER NAMES TO HACK ONTO.	THE WILDCARD CHARACTER IN UNIX, IF YOU WANT TO
SEARCH DOWN A PATH FOR A GAME OR SUCH, IS THE *.  => LS /* SHOULD SHOW YOU
WHAT YOU CAN ACCESS.  THE FILE TYPES ARE THE SAME AS THEY ARE ON A DEC, SO R
EFER TO THAT SECTION WHEN EXAMINING FILE.  TO SEE WHAT IS IN A FILE, USE THE
=> PR FILENAME COMMAND, FOR PRINT FILE.  WE ADVISE PLAYING WITH PATHNAMES TO
GET THE HANG OF THE CONCEPT.  THERE IS ON-LINE HELP AVAILABLE ON MOST SYSTEMS
WITH A 'HELP' OR A '?'.  WE ADVISE YOU LOOK THRU THE HELP FILES AND PAY ATTENT
ION TO ANYTHING THEY GIVE YOU ON PATHNAMES, OR THE COMMANDS FOR THE SYSTEM.
YOU CAN, AS A USER, CREATE OR DESTROY DIRECTORIES ON THE TREE BENEATH YOU.
THIS MEANS THAT ROOT CAN KILL EVERY- THING BUT ROOT, AND YOU CAN KILL ANY THAT
ARE BELOW YOU.	THESE ARE THE => MKDIR PATHNAME => RMDIR PATHNAME COMMANDS.
ONCE AGAIN, YOU ARE NOT ALONE ON THE SYSTEM...	TYPE=> WHO TO SEE WHAT OTHER
USERS ARE LOGGED IN TO THE SYSTEM AT THE TIME.	IF YOU WANT TO TALK TO THEM=>
WRITE USERNAME WILL ALLOW YOU TO CHAT AT THE SAME TIME, WITHOUT HAVING TO
WORRY ABOUT THE PARSER.  TO SEND MAIL TO A USER, SAY => MAIL AND ENTER THE
MAIL SUB-SYSTEM.  TO SEND A MESSAGE TO ALL THE USERS ON THE SYSTEM, SAY => WALL
WHICH STANDS FOR 'WRITE ALL' BY THE WAY, ON A FEW SYSTEMS, ALL YOU HAVE TO DO
IS HIT THE <RETURN> KEY TO END THE MESSAGE, BUT ON OTHERS YOU MUST HIT THE
CNTRL-D KEY.  TO SEND A SINGLE MESSAGE TO A USER, SAY => WRITE USERNAME THIS IS
VERY HANDY AGAIN!  IF YOU SEND THE SEQUENCE OF CHARACTERS DISCUSSED AT THE
VERY BEGINNING OF THIS ARTICLE, YOU CAN HAVE THE SUPER-USER TERMINAL DO TRICKS
FOR YOU AGAIN.	PRIVS:	IF YOU WANT SUPER-USER PRIVS, YOU CAN EITHER LOG IN AS
ROOT, OR EDIT YOUR ACCT.  SO IT CAN SAY => SU THIS NOW GIVES YOU THE # PROMPT,
AND ALLOWS YOU TO COMPLETELY BY-PASS THE PROTECTION.  THE WONDERFUL SECURITY
CONSCIOUS DEVELOPERS AT BELL MADE IT VERY DIFFICULT TO DO MUCH WITHOUT PRIVS,
BUT ONCE YOU HAVE THEM, THERE IS ABSOLUTELY NOTHING STOPPING YOU FROM DOING
ANYTHING YOU WANT TO.  TO BRING DOWN A UNIX SYSTEM:  => CHDIR / BIN => RM *
THIS WIPES OUT THE PATHNAME BIN, WHERE ALL THE SYSTEM MAINTENANCE FILES ARE.
OR TRY:  => R -R THIS RECURSIVELY REMOVES EVERYTHING FROM THE SYSTEM EXCEPT
THE REMOVE COMMAND ITSELF.  OR TRY:  => KILL -1,1 => SYNC THIS WIPES OUT THE
SYSTEM DEVICES FROM OPERATION.	WHEN YOU ARE FINALLY SICK AND TIRED FROM
HACKING ON THE VAX SYSTEMS, JUST HIT YOUR CNTRL-D AND REPE AT KEY, AND YOU WILL
EVENTUALLY BE LOGGED OUT.  THE REASON THIS FILE SEEMS TO BE VERY SKETCHY IS THE
FACT THAT BELL HAS 7 LICENCED VERSIONS OF UNIX OUT IN THE PUBLIC DOMAIN, AND
THESE COMMANDS ARE THOSE COMMON TO ALL OF THEM.  WERE COMMEND YOU HACK ONTO
THE ROOT OR BIN DIRECTORY, SINCE THEY HAVE THE HIGHEST LEVELS OF PRIVS, AND
THERE IS REALLY NOT MUCH YOU CAN DO (EXCEPT DEVELOPE SOFTWARE) WITHOUT THEM.
NEXT TO COME:  THE BASICS OF HACKING III:  DATA GENERAL


THIS ARTICLE WRITTEN BY:  THE KNIGHTS OF SHADOW
[END] 1984