💾 Archived View for gemini.spam.works › mirrors › textfiles › hacking › UNIX › unix1.hac captured on 2022-06-12 at 08:51:57.

View Raw

More Information

-=-=-=-=-=-=-



===============================================================================
				rush2112
				pRESENTS
			   a hale pRODUCTION
	h ACKERS	a GAINST	   l AW		e NFORCEMENT
		     cALL hale hQ. (619)660-67XX
	aCTIVE hale MEMBERS ARE: rIPPER, tRASHMAN, rUSH2112.
	tHE uNDERGROUND nEWSLETTER: vOL i.  iSSUE i, pART i
===============================================================================
nOTE:	fEEL FREE TO DISTRIBUTE THE FILE PROVIDED NONE OF ITS CONTENTS OR 
	CREDITS ARE CHANGED.
tOPIC:	a gUIDE TO uNIX sYSTEMS, pART i.
dATE:	sEPTEMBER 1, 1989.
fOREWORD:  tHIS FILE IS COMPILED FROM MY EXPERIENCES ON BOTH bsd AND sYS v 
	   uNIX ON vax 750/780 MAINFRAMES, at&t 3b20 AND pYRAMID tECHNOLOGY'S
	   MAINFRAMES.

	iN TODAY'S WORLD, AS A HACKER, YOU ARE NOTHING UNLESS YOU LEARN SOME
OF THE MORE POPULAR OPERATING SYSTEMS AROUND USED ON MINIS, MAINFRAMES, SUPER-
COMPUTERS AND THE LIKE.  iN THIS FILE i WILL ATTEMPT (TO THE BEST OF MY 
ABILITY) TO INTRODUCE YOU TO ONE OF THOSE OPERATING SYSTEMS - NAMELY - THE
WORLD OF uNIX.  iT IS HOPED THAT BY READING THIS FILE YOU CAN PICK UP PERHAPS
ENOUGH OF A WORKING KNOWLEDGE SO THAT IF BY CHANCE IN YOUR HACKING EXPLOITS YOU
COME ACROSS A uNIX SYSTEM (AND YOU WILL) YOU'LL KNOW WHAT TO DO.
	tHERE IS no way TO COVER EVERYTHING ABOUT uNIX IN A FILE SO THIS WILL
BE THE FIRST OF MANY THAT i HOPE TO RELEASE IN THE FUTURE.  iF i FIND THERE ARE
STUFF i HAVE NOT MENTIONED i WILL WRITE MORE FILES AS NEEDED.  iN pART ii, i
PLAN TO GIVE YOU A TUTORIAL ON WHAT TO DO WHILE YOU'RE ON-LINE IN REGARDS TO
HACKING AND USING ESSENTIAL SYSTEM UTILITIES.  hAVE FUN.
	uSUALLY (UNLESS MODIFIFIED BY THE SYSTEM ADMINISTRATOR OR ONE WITH SUCH
PRIVILEGES), YOU CAN TELL IF YOU'VE CONNECTED TO A uNIX SYSTEM OF SOME TYPE BY
THE LOGIN PROMPT WHICH LOOKS LIKE THIS:

LOGIN:

pRETTY SIMPLE HUH?  aNYWAY, THAT IS THE STANDARD LOGIN PROMPT, IT MAY OR MAY
NOT BE PRECEDED BY A MESSAGE TELLING YOU WHAT TYPE OF uNIX OR SYSTEM YOU HAVE
CONNECTED TO. 
	iF YOU TRY TO LOGIN WITH AN ILLEGAL LOGIN NAME AND/OR AN ILLEGAL
PASSWORD THE SYSTEM WILL RESPOND AS SUCH AND AS YOU TO TRY AGAIN:

LOGIN:HACKER
PASSWORD:
LOGIN INCORRECT
LOGIN:
(nOTE THE PASSWORD IS NOT ECHOED IN ANY FORM)

	iN pART i OF THIS uNIX TUTORIAL i'D LIKE TO START WITH AN OVERVIEW OF 
THE uNIX SYSTEM BEFORE i GET INTO SOME OF THE MORE INTERESTING STUFF (SO BEAR 
WITH ME ALL YOU uNIX EXPERTS).  tHEN i WILL GO THROUGH THE LOGIN PROCESS AND
THE /ETC/PASSWD FILE AND HOW IT IS STRUCTURED.  tHIS WILL NOT BE AN IN-DEPTH
LOOK AT ALL, MERELY AN OVERVIEW.  sOME DAY i WILL WRITE AN IN-DEPTH STUDY TO
ACCOMPANY THIS FILE AND THE FILES THAT FOLLOW FOR THE MORE ADVANCE USER/HACKER.

	tHERE ARE BASICALLY 2 TYPES OF uNIX SYSTEMS THAT YOU WILL MOST LIKELY 
COME ACROSS.  tHEY ARE:

i.  bsd uNIX - FROM uc bERKELEY'S (b)ERKELEY (s)OFTWARE (d)ISTRIBUTORS
ii. sYSTEM v unix - FROM at&t (HOW NICE - i KNOW ALL YOU PHREAKERS ARE SMILING!)
(oTHER SPINOFF'S OF THE ABOVE 2 WILL NOT BE DISCUSSED - SUCH AS uLTRIX,
 mINIX, xENIX, ETC...)

	tHEY ARE ALIKE IN MANY RESPECTS BUT BOTH HAVE THEIR DIFFERENCES, HENCE
THEIR ARE ADVANTAGES AND DISADVANTAGES TO BOTH OF THE SYSTEMS, bsd AND sYS v.
pERHAPS THE MAIN DIFFERENCE BETWEEN THE TWO ARE THE DEFAULT SHELL THAT EACH
USES AS THE USER INTERFACE TO THE SYSTEM UTILITIES.
	bsd uNIX DEFAULTS TO THE CSH (c-sHELL) WHILE at&t'S sYS v USES THE SH
(bOURNE SHELL).  bUT ON BOTH OF THESE SYSTEMS BOTH SHELL TYPES ARE AVAILABLE TO
THE USER.  a THIRD OPTIONAL SHELL WHICH IS ALSO PRETTY POPULAR IS THE KSH 
(kORN SHELL).  tHE WAY TO RECOGNIZE THE DEFAULT SHELLS WHEN YOU SEE THEM IS BY
THEIR DEFAULT PROMPT.  tHE CSH USES THE % SYMBOL AS THE PROMPT WHILE THE SH
USES THE $ SYMBOL AS THE PROMPT.
	nOW LET'S TALK ABOUT FILES, SHALL WE?  tHE most IMPORTANT FILE OF ALL
ON any unix SYSTEM IS THE PASSWORD FILE.  tHIS FILE HOLDS INFORMATION ABOUT 
ALL THE ACCOUNTS ON THE SYSTEM, PASSWORDS, AND OTHER INFORMATION.  wITHOUT 
THIS FILE NO ONE CAN LOG IN AND USE THE SYSTEM.  yOU CAN FIND THIS FILE ON ANY
SYSTEM IN THE /ETC DIRECTORY.  iT IS CALLED SIMPLY 'PASSWD'.  tHE FULL 
PATHNAME IS /ETC/PASSWD (OF COURSE).

	tHE /ETC/PASSWD FILE IS STUCTURED AS SUCH:
eACH USER HAS AN ENTRY IN THE PASSWD FILE THAT HOLDS HIS ACCOUNT INFORMATION.
aMONG THE INFORMATION INCLUDED ON EACH USER ENTRY LINE IS HIS LOGIN NAME,
HIS PASSWORD (ENCRYPTED), HIS USER ID, HIS GROUP ID, HIS HOME DIRECTORY, HIS
NAME, AND HIS STARTUP PROGRAM IF ANY.   bASICALLY IT LOOKS SOMETHING LIKE THIS:

------------------------ sAMPLE /ETC/PASSWD FILE  -------------------------- 
		       gENERAL FORMAT OF EACH ENTRY:
LOGIN:PASSWORD:USER-id:GROUP-id:INFO:HOME DIRECTORY:STARTUP PROGRAM

ROOT:aRLLZ76dNQ:0:0:tHE & OF aLL eVIL:/:/BIN/CSH
JSMITH:yI83AMQ9:102:100:jOHN sMITH:/USR/JSMITH:/BIN/SH
WHO::99:500:wHO'S ON:/USR/UCB:/BIN/WHO
DAEMON:R6eEU:1:1:tHE devil HIMSELF:/ETC:/BIN/CSH
BIN:MB033YT:3:3:tHE kEEPER OF THE fLAME:/ETC:/BIN/CSH
INFO::508:501:lIBRARY USER GROUP:/USR2/INFO:/USR2/BIN/RSH
.....
..... [ AND SO ON ]
.....
----------------------------------------------------------------------------
	nOW WE'LL EXAMINE EACH ENTRY.  rEMEMBER THAT EACH FIELD IS SEPARATED 
BY THE COLON.  sO IN THE FIRST ENTRY IN /ETC/PASSWD GIVEN ABOVE, WE CAN TELL 
THE FOLLOWING ABOUT THE  ENTRY.

LOGIN NAME IS:		ROOT
pASSWORD (ENCRYPTED):	aRLLZ76dNQ
uSER id:		0
gROUP id:		1
iNFO (USUALLY OWNER):	ROOT
hOME dIRECTORY:		/
sTARTUP pROGRAM:	/BIN/SH

tHE SECOND ENTRY IN /ETC/PASSWD LOOKS LIKE THIS:
LOGIN NAME IS:		JSMITH
pASSWORD (ENCRYPTED):	yI83AMQ9
uSER id:		102
gROUP id:		100
iNFO (USUALLY OWNER):	jOHN sMITH
hOME dIRECTORY:		/USR/JSMITH
sTARTUP pROGRAM:	/BIN/SH

	bUT NOW YOU GET THE GENERAL FORMAT...SO LET'S DISCUSS SOME THINGS
ABOUT THE FIELD.

i.	tHE LOGIN FIELD
   tHIS IS THE LOGIN NAME THAT YOU USE TO LOGIN AT THE PROMPT OF THE uNIX 
SYSTEM.  dURING THE LOGIN PROCESS, AFTER YOU ENTER THE LOGIN AND THE PASSWORD
THE SYSTEM WILL THEN CALL ROUTINES TO SEARCH THE 1ST FIELD OF EACH ENTRY
IN /ETC/PASSWD TO SEE IF ANY LOGIN NAMES MATCH UP WITH THE ONE YOU HAVE GIVEN
IT.  iF NONE EXISTS IT WILL REPORT THE "LOGIN INCORRECT" MESSAGE AND START
PROMPTING FOR A NEW LOGIN NAME AND NEW PASSWORD.

ii.	tHE pASSWORD FIELD
   iF THE LOGIN NAME IS VALID, uNIX THEN TAKES YOUR PASSWORD ENTRY AND ENCRYPTS
IT THEN COMPARES IT AGAINST THE ENCRYPTED PASSWORD IN THE 2ND FIELD OF THE 
LOGIN NAME ENTRY (SEE i.  tHE LOGIN FIELD).  iF THE TWO PASSWORDS MATCH UP, THE
LOGIN PROCESS WILL CONTINUE, OTHERWISE THE "LOGIN INCORRECT" MESSAGE WILL BE 
DISPLAYED.  i'LL EXPLAIN LATER WHAT GOES ON WHEN COMPARISONS OF THE ENCRYPTED
PASSWORDS TAKE PLACE.  iF THE pASSWORD fIELD CONTAINS NULL :: THEN NO PASSWORD
IS NEEDED AND THE SYSTEM LOGS YOU INTO THE HOME DIRECTORY AND EXECUTES THE 
STARTUP PROGRAM.  iF THE pASSWORD fIELD CONTAINS :,.: THEN UPON LOGIN THE
SYSTEM WILL RUN THE PASSWD UTILITY AND ASSIGN THAT ACCOUNT A PASSWORD.  (tHIS
IS NICE IF YOU'RE A SYSTEM ADMINISTRATOR, YOU CREATE AN ACCOUNT FOR YOUR 
FRIEND THEN PUT THE ",." IN THE PASSWORD FIELD AND HE'LL SET HIS OWN PASSWORD
UPON LOGIN.

iii.	tHE uid (uSERid) FIELD
   iF EVERYTHING IS CORRECT (LOGIN NAME AND PASSWORD) THEN THE SYSTEM PROCEEDS
TO PUT YOUR IN YOUR HOME DIRECTORY.  yOU ARE THEN GIVEN A uid FROM YOUR ENTRY
IN THE /ETC/PASSWD FILE.  aLL uid'S FALL IN THE RANGE 0-65535 WITH 0 AS THE 
SUPERUSER uid (SEE /ETC/PASSWD EXAMPLE).  tHE SYSTEM RESERVES uid 0-99 FOR 
SPECIAL ACCOUNTS.  uid'S ARE USED BY THE SYSTEM AND ITS UTILITIES TO CONTROL 
BOTH ACCESS LEVELS AND FILE OWNERSHIP (AS DETERMINED BY THE LS UTILITY - MORE 
ON THAT LATER).  

iv.  	tHE gid (gROUPid) FIELD
   tHE gROUP id IS USED TO ASSOCIATE THE USER WITH A CERTAIN GROUP, USED BY
uNIX PRIMARILY FOR ACCESS LEVELS AS DETERMINED BY FILE PROTECTIONS.  (I.E.
A MEMBER WHO IS NOT IN A GROUP CAN NOT GET GROUP PRIVILEGES ON FILES FOR THAT
GROUP, EVEN THOUGH FILE PROTECTIONS FOR THE FILE SAY ALL PRIVILEGES TO GROUP
USERS.)  gid'S FALL IN THE RANGE 0-655535 WITH gid 1 BEING THE DEFAULT.  aLL
gid'S BETWEEN 0-99 ARE RESERVED.

v.  	tHE iNFORMATION FIELD
   tHIS FIELD USUALLY HOLDS THE ACCOUNT OWNER'S	NAME THOUGH IT CAN BE USED
FOR ANYTHING ACTUALLY.   i HAVE SEEN IT USED TO DESCRIBE THE ACCOUNT FUNCTION
(SEE THE SAMPLE /ETC/PASSWD FILE ON THE ENTRY FOR LOGIN NAME "WHO"), AND ALSO
TO HOLD PEOPLE'S PHONE EXTENSION, ETC..

vi.  	tHE hOME dIRECTORY fIELD
   tHIS FIELD SHOULD HAVE THE FULL PATHNAME TO YOUR HOME DIRECTORY.  oN MANY
unix SYSTEMS IT IS USUALLY IN THE FORMAT OF /USR/*LOGINNAME! (sEE THE
ENTRY FOR LOGIN NAME "JSMITH").  nOT NECESSARILY YOUR permanent HOME 
DIRECTORY, ONE CAN CHANGE IT BY REASSIGNING AN ALTERNATE PATH TO THE SYSTEM
VARIABLE $home (ON sYS v). 

vii.  	tHE pROGRAM fIELD 
   uSUALLY THIS FIELD HOLDS THE STARTUP PROGRAM TO EXECUTE ONCE THE LOGIN
PROCEDURE HAS BEEN COMPLETED.   iF LEFT BLANK THEN THE DEFAULT STARTUP PROGRAM
WILL BE THE SHELL ASSIGNED TO THE uNIX SYSTEM.  iN THE OUR EXAMPLE /ETC/PASSWD
FILE, THE ENTRY FOR LOGIN NAME WHO, WILL EXECUTE THE WHO COMMAND IN /BIN/WHO
ONCE YOU LOG IN.  hOWEVER, AFTER THE COMMAND FINISHES EXECUTING, IT WILL EXIT
THE SYSTEM AS THERE IS NO PASSWORD ON THE ACCOUNT, THERE IS NO WAY TO STAY
LOGGED IN.  oN THE INFO ACCOUNT HOWEVER, YOU WILL REMAIN LOGIN UNTIL YOU TYPE
EXIT OR LOGOUT OR ctrl-d AS THE PROGRAM RUNNING THERE IS A SHELL.  tHOUGH NOT
A FULL bOURNE SHELL OR c-SHELL, THE RESTRICTED SHELL (RSH) DOES ALLOW TO YOU
PLAY AROUND A LITTLE.  

	wELL, THAT ABOUT DOES IT FOR WHAT i WANT TO COVER IN pART i.  lOOK FOR
pART ii COMING OUT REAL SOON.  i WILL BE GOING INTO DETAILS WHAT TO DO ONCE
ONLINE WITH AN ACCOUNT AND HOW TO GO ABOUT GETTING AN ACCOUNT.  tHIS FILE IS
FOR INFORMATIONAL PURPOSES ONLY.
------------------------------------------------------------------------------

bROUGHT TO YOU BY: tHE aPPLE bANDIT 10-89


Text-Files 2: