Shell Programming:
an Exploit Explained, continued...
HOW TO DISCOVER ALL AVAILABLE UNIX COMMANDS
Now that you have a login file that isn't lame, let's start exploring the
commands you can run from your tcsh shell account. Since you are reading
this because you wish to be a hacker, let's start by looking for a compiler
for the C language, the most important language for exploits to break into
computers.
The best guess for a command to run the C compiler is the letter "C" (duh.)
So at your prompt give the command:
c<control d>
where you first type the letter "c", then hold down the "control" key while
hitting the letter "d". (Note: this will also work with the C shell (csh)
but not with any other shells.)
This gives us a complete list of all the commands you can use that start
with the letter "c". It will look something like this:
c++ chroot compress.FCS
c2ph chrtbl config
cal chsh config.txt
calctool ci constype
calendar clear continue
cancel clear_colormap convert_to_Xdefaults
capitalize clear_functions convert_to_xview
case click convertfont
cat clock core
cb cm cpio
cc cm_delete cppstdin
(many more commands beginning with the letter c snipped)
That "cc" command looks promising. It is possible that on your system the
C compiler will have a different name, most commonly "gcc" (the gnu
compiler). So don't give up if you don't see "cc". To be sure this is the C
compiler, next you give the command "man cc". This brings up an online
manual on the C compiler:
CC(1V) USER COMMANDS CC(1V)
NAME
cc - C compiler
SYNOPSIS
cc [ -a ] [ -align _block ] [ -Bbinding ] [ -c ] [ -C ]
[ -dalign ] [ -dryrun ] [ -Dname [=def ] ] [ -E ]
[ float_option ] [ -fsingle ] [ -g ] [ -go ] [ -help ]
[ -Ipathname ] [ -J ] [ -Ldirectory ] [ -M ]
[ -misalign ] [ -o outputfile ] [ -O[level] ]
[ -p ] [ -P ] [ -pg ] [ -pic ] [ -PIC ] [ -pipe ]
[ -Qoption prog opt ] [ -Qpath pathname ]
[ -Qproduce sourcetype ] [ -R ] [ -S ] [ -sb ]
[ -target target_arch ] [ -temp=directory ] [ -time ]
[ -Uname ] [ -w ] sourcefile ... [ -llibrary ]
SYSTEM V SYNOPSIS
/usr/5bin/cc arguments
/usr/xpg2bin/cc arguments
Note: arguments to /usr/5bin/cc and /usr/xpg2bin/cc are identical
to those listed above.
(snip)
DESCRIPTION
cc is the C compiler. It translates programs written in the C
programming language into executable load modules, or into relocatable
binary programs for subsequent loading with the ld(1) link editor.
In addition to the many options, cc accepts several types of filename
arguments. For instance, files with names ending in .c are taken to be C
source programs. They are compiled, and each resulting object program is
placed in the current directory. The object file is named after its source
file - the suffix .o replacing .c in the name of the object. In the same
way, files whose names end with .s are taken to be assembly source
programs. They are assembled, and produce .o files. Filenames ending in .il
are taken to be inline expansion code template files; these are
used to expand enabled. See FILES, below for a complete list of
compiler-related filename suffixes.
Other arguments refer to assembler or loader options, object programs,
or object libraries. Unless -c, -S, -E -P or -Q produce is specified,
these programs and libraries, together with the results of any
specified compilations or assemblies, are loaded (in the order given) to
produce an output file named a.out. You can specify a name for the
executable by using the -o option.
"Oh, no!" you shout/cry/whimper. "This stuff looks like it was written by
a gnome in some underground weapons complex in a James Bond movie!"
Patience, one of these days I'll get around to writing a simple explanation
of how to link, compile and run C programs. If you don't have patience, a
good book that covers C and includes a CD-ROM with programming tools is
"Unix Programming Tools," by Eric Foster-Johnson, M&T Books, 1997.
Or, if you are a real hacker, you will start trying out that C compiler
today! Guess what, if you make mistakes in trying to follow the on-line
manual, big deal. No one will make fun of you. You can't destroy your
computer with a C compiler mistake, either. (OK, maybe you could mess
something up, but what the heck.) Real hackers aren't afraid to make
mistakes and don't make fun of others who make mistakes, either. The essence
of hacking is to boldly try out new things and not be afraid of hitting the
wrong key.
Besides, I make lots and LOTS of mistakes and I [Carolyn] am a famous, er,
infamous hacker. If an old lady like me isn't afraid to make public
boo-boos, you can be brave and figure out that C compiler by yourself.
To learn about every single command that you have the power to run from
your shell account, type in the letter "a" followed by control d. Then with
each and every command that brings up, give the command "man acommand" where
you substitute the command you wish to explore for "acommand". Then try
using that command until you have figured out how to use it with all its
variations. Do this in turn with each of the rest of the letters of the
alphabet. When you are done, you will be a true Unix wizard. No one will
ever again say to you, "RTFM!" (Read the forking manual).
More
shell programming --->>
