More Browser Hacking:
How to Download System Programs
If you try to download a program you find using Google, you
will probably see something like this, which is the binary for
the command "ls." The ls program lists files on a Unix
or Linux type computer.
It looks like garbage because your browser is looking at all
the zeros and ones of a binary and trying to figure out what
it means.Most of its guesses are mistaken. However, there is
a way to download interesting programs in case you want to run
them on your computer in order to find out what they do.
The program you plan to download has to be compatible with
your operating system. To get an idea of whether it has a chance
of working on your computer, look for the directory from which
you plan to download it. In the case of ls, you would look for
/usr/bin. You will find that this directory exists on most Unix
or Linux operating systems. However, be sure you don't overwrite
your own ls program. The new one might not work or might not
be as good as your own. Be sure to save it under a different
name. If you save it in the same directory name from which it
came, it has a better chance of working.
Also, a program or other interesting file you download may
be only part of a complex installation and will need many other
files, symbolic links ( a Unix/Linux installation technique)
or, in the case of Windows, Registry entries.
Newbie note: In Unix and Linux systems,
a file may appear to be in one location, but is actually linked
to another location where the contents of the file actually are
kept. In Windows operating systems, the Registry is where lots
of instructions are kept for how programs are to run. Click Start
--> Run --> Regedit to look over the Registry. Don't change
it unless you know what you're doing!
Warning: Any program you download from a computer you are
exploring might contain a Trojan that could harm your computer.
Even if it is OK, it might crash your computer because of some
sort of incompatibility. If you are determined to run a program
you downloaded from some randomly chosen web site, be sure to
use a computer that you don't mind having to reformat and reinstall
if anything goes wrong.
Let's take a look at how you can download an interesting-looking
file.
Of course any directory named "security" has got
to sound tempting. Before trying to download anything, let's
try to find out what a file with this name means. A Google search using an archived site turns
up this info:
PAM stands for Pluggable Authentication Modules. Basically
PAM is a way to change on the fly the way applications or services
are authenticated. When you use PAM, you can define at run time
how an application or service is authenticated, rather than having
to recompile it.... Effectively, program simply asks PAM "Is
this user allowed to access the service I'm offering", and
PAM takes care of the background details of searching /etc/shadow,
/etc/passwd, checking times, etc... The "pluggable"
means that as your authentication needs change, your software
can be adjusted to fit without having to recompile (often a great
number of) applications. You simply change the PAM configuration
file to reflect the changes in your authentication. -- from "What
the Heck is PAM anyhow?" by Kevin Fenzi .
What the heck. Let's try to download it. In the browser window
change http to ftp and we get this:
We do a little searching with Google to find out how PAM works.
This tells us where to look for other files related to this program.
Here's the configuration file, which is an ordinary text file.
More --->>
