Carolyn's most popular book, in 4th edition now!
For advanced hacker studies, read Carolyn's
|
| Subscribe to Happy Hacker |
| Visit this group |
Feb. 14, 1999 Part 2
_______________________________________________________________________
See the Happy Hacker web site at http://www.happyhacker.org
Your local firewall blocks you? Try http://happyhacker.org
Svenska:
http://w1.340.telia.com/~u34002171/hhd/gtmhh/svenska/hhdsvensk.html
URL of the day: (the DES algorithm - not for the math-challenged)
http://www.cryptosoft.com/html/fips46-2.htm
_______________________________________________________________________Part 1:
Editor's Comments
URLs
News
Reader Questions
Reader SubmissionsPart 2:
Reader Submissions
The Joys of chmod
Getting Extra Info with httpd
WinModems
Next Issue***********************************************************************
*** Reader Sumbissions
***********************************************************************Shawn <IllSlIl@aol.com> wrote:
Hello, I wish I could meet you cause you're so AWESOME. (but thats another
story alltogether) anyhow the unix digest is exactly what I needed. I
don't know how you knew unless you saw me logged in on koan and getting
nowhere =0(. I am catching some HEAVY flames from people I ask for help.
I have already printed out and read all the manuals from your website. I
am trying to learn. Most people who know UNIX have the upper hand and if
you ask for a little help they treat you like a total idiot. I myself am
not a UNIX man (yet) - I am more NT oriented. Right now I am just a lowly
little MCP working for MCSE, but anyhow thanks again for the UNIX digest.
I'll see you at koan. =0) shawn[Ed- Thanks Shawn. First thing you should probably do, though, is ditch
the AOL account if you want people to take you seriously. Find a local
provider and go with that instead.]-----------------------------------------------------------------------
Iggy Drougge <optimus@canit.se> wrote:
>Amal Nandan Prasad <prasada@delpo1.in.unisys.com> wrote:
>
>Hello,
>I am submitting the following queries about UNIX:
>
>1) What are the real-time operating system(RTOS)? Is UNIX a RTOS?
> If no, can we manipulate it to act like one?A Real-Time Operating System is a system often used in critical
applications such as embedded systems, broadcasting, industrial
processes, etc. It gives a process a guaranteed time slice, unlike f.ex.
MS Windows, whose speed will vary greatly and will often sink to an
extremely low performance, slowing programs down, even if they must be
granted a certain priority in order to function and control important
tasks. Most UNIX versions are not RT, but there are some, such as the
Linux adaption RTLinux. There is also the popular QNX RTOS, which is at
least Posix compliant, granting a high degree of UNIX compatibility.>2) In almost all the Unix flavours, except Digital Unix, I have seen
> only the year field(yy). Are all other flavours Y2K compliant? if
> not, why are they able to show accurate results for cal 2000?Only two numbers are shown in some applications, but the internal
processing will nevertheless be handled with four numbers.-----------------------------------------------------------------------
Jason Penny <j-penny@usa.net> wrote:
In the last edition of the Happy Hacker, you put in the command
'ps -A' in the basic Unix commands sectionThe use of the - is deprecated
I prefer to use the command:
'ps afx'It shows all the processes and a tree of their parent processes
I don't mean to hurt your feelings, i just think this version is a better
command for the newbies like myself.Jason
[Ed- You didn't hurt my feelings :) And I guess I put in the -A because
that's what I'm used to. You also might try 'ps aux' - that gives a little
more info than afx.]-----------------------------------------------------------------------
Matthias Jeck <apocavi@gmx.net> wrote:
Hi there
As I am a "newbie" to this fabulous system myself, I would like to
suggest that you mention the "apropos" command in one of your next
letters. In exploring the vast possibilities of this OS, "man" and
"apropos" are the most helpfull commands to me ... and I was told this
will not change, no matter how familiar I'll get with the system.Just wanted to mention this ...
Matthias
[Ed- For those of you wondering, apropos searches the short descriptions
in man pages for the given word. So, 'apropos telnet' will return to you a
list of man pages appropriate to the word 'telnet']-----------------------------------------------------------------------
SigFraud <sigmundfraud@rocketmail.com> wrote:
To read any file that you have permission to view
with finger follow these simple steps:cd/
ln /path/filename .plan
finger <Username>what this does is links the file to your finger
information so anytime someone fingers you that file
will be displayed at the end of the finger information.
It has been suggested that you can get around the
file permissions by combining this trick with a
buffer overflow but I have never checked this out.SigFraud
-----------------------------------------------------------------------
bElaFon <belafon@cyberspace.org> wrote:
Hi!
I think this site is missing:
http://www.FreeSoft.org/CIE/
the Internet Encyclopedia is one of the most informative things I came
across...- huge RFC-library
- 100+ Internet essays
- TutorialSuck the whole thing as .zip (90 megs) and you won't have to go to the
library again so soon...I learned *almost* as many things from there as from the GTMHH... ;))
bye...
-----------------------------------------------------------------------
bigtoe <bigtoe@hardlink.com> wrote:
<snip quoted "Linux for Macs" article>
I must also tell you there is another linux port for the Mac (PPC). It is
called MkLinux, and I've heard good things about it. They recently
released a new version (well, I forget what recently means. Check for
yourself.), 5.0 I think? I forget. And I forget which one Apple wrote
and which one Apple endorses, but I've heard good things about this.I'm sorry, but don't ask me about install help; my mac doesn't support
this version. I don't know about LinuxPPC, but MkLinux doesn't have much
machine support. If you have a "power mac" series (not quadra or
performa) you're probably ok. And don't try it on your iMac either. It
seems these macs have some strange obscure hardware which is cheap and
useful, but very OS specific. The power mac series seem to stick to the
basics, and is therefore easily workable. Check the list of supported
machines before going off and DLing it.Mk I think has been around longer than PPC, but look, Digital unix has
been around a a lot longer than Solaris. Age doesn't seem to mean much.If you have a 68k mac, you can try to install a beta copy of 68k linux on
it. I've heard they are available (from a linux magazine. Scary. Do
people actually read those?) but I must warn you: Know macs well and know
linux well before attempting to work with a 68k kernel. I consider myself
a mac guru and the guy in the mag just blew me away.Also, for 68k machines, try running NeXT. Heheheheh. Or try one of the
many Minix variants for the mac.Here are some links.
www.mklinux.apple.com- Mklinux HQ.
www.linuxppc.org- Ya didn't even give the link to the LinuxPPC website!
Granted, any idiot could just look it up...Welp, that's it.
--Horrorshow***********************************************************************
*** The Joys of chmod
***********************************************************************[Ed- Many thanks to MadMan <madman593@yahoo.com> for the article]
The chmod command, in a UNIX, is used to change the access mode of
certain files or directories. The mode is the permissions set to a file
or directory. This command can only be used by the owner of a file or a
privileged user. This person can then specify who can read, write to, or
execute a file.This command is great for the hacker, sysadmin, and everyday user
alike. There are obvious uses for the different types of people. (There
is no need to go into that here.) Note that if you are a wargame hacker,
this command isnt enough to keep other hackers out of your files.
Because you are all logged in under the guest account, therefore you all
own the file.There are a couple of ways a person can use the chmod command. The
mode can be changed using octal numbers or an expression. If an
expression is used, the command has to be in the form of:chmod [WhoOpcodePermission Option] file
(Note the spacing.) If you chose to use multiple modes, you will have to
separate them using commas.First, we will change the mode using expressions.
Who lets you specify different permissions for different people. Who
is optional when using an expression, the default is All (a).This is how people on a machine are divided.
---Who
u User (You (if you own the file))
g Group (People with the same security level)
o Other (Everybody else)
a All (default)Opcodes are used to add, remove, and assign permissions.
---Opcode
+ Add permission
- Remove permission
= Assign permission (and remove permission of the unspecified
fields)Permissions are used to specify Who can read, write to, and/or execute
a file.---Permission
r Read
w Write
x Execute (No, not kill your files)
s Set User (or group) ID
t Sticky bit (save test (file) mode or prevent removal of
files by nonowners (directory))
u User's present permission
g Group's present permission
o Other's present permission
l Mandatory locking---Options
-c, --changes
Print information about files that are affected.
-f, --silent, --quiet
Do not notify User of files that chmod cannot change.
-v, --verbose
Print information about each file, whether changed or not.
-R, --recursive
Used to chmod everything in a directory.Note: Options can also be used when using octal numbers.
Many examples of the chmod command are presented below to help with
any questions concerning setting modes to directories, the format when
using multiple modes, etc.~~~Examples using the expression method~~~
chmod =r file --sets read-only access to All
chmod a-wx,a+r file --also sets read-only access to All
chmod u+x file --add execute-by-User permission to a file
chmod +x file1 file2 --makes file1 and file2 executable to All
chmod -R +r dir --add read-by-All access to all files in a
directory
chmod u+s file --turns on SETUID (SET User ID) for a file
chmod g+r,o+r file --add read access by Group and Other to a
file
chmod o+x . --add execute-by-Other to the current
directory (the period is supposed to be
there)
chmod u=rwx,g=rx,o=x file --sets read-write-execute permission to
User, read-execute permission to
Group, and execute-only permission to
OtherNote: SETUID lets a user act as another user when they use a file
with the appropriate SETUID permissions. (This comes in handy when you
get root. Copy the shell of your choice to a place where you can get to
it later, then use chmod a+s file . Now, all you have to do is run the
shell and you can do just about everything root can.)*************************************
Note:
To see the permissions set to files in a directory, type the commandls -l
ls lists the contents of a directory. The l flag shows the mode of the
files and directories. What we're looking for are the letters to the
left.For example:
drwxrw-r--
or
-rwxr--r--If d is present in the first space, then the object is a directory.
The next three letters represent the permissions set for User.
Letters 5-7 are the permissions for Group.
The last three letters are the permissions for Other.If a letter is replaced with -, then that permission, option, etc.
is not present.In each block of three letters, r always comes first; then, w; then, x.
Just as before,
r = read
w = write
x = executeThe first example is a directory. User would have the ability to read,
write, and execute; Group read-write; and Other read-only.The second example is just a regular file. User would have the ability
to read, write, and execute; Group read-only; and Other read-only.*************************************
chmod's expression method can be replaced with a much easier numeric
counterpart. The mode permissions will now be set using three octal
digits. The first digit sets the owner's permissions, the second sets
group permissions, and the third sets other's permissions. The format of
the chmod command using the octal method is:chmod [User-Group-Other] file
---Octals
4 Read
2 Write
1 Execute
0 NoneThese digits can be added together to cover all mode possibilities.
For example, if you wanted to give User read-write access, you would add
4 (read) and 2 (write) to get 6 (read-write). The same goes for any
combination.Most of the time if you ask tech support what to do if
Unix/Linux/FreeBSD/Others says you can't read or write to a file they say
just to use chmod 644 whatever, this is because:User(You) gets Read(4) and Write(2) privileges and you add that up to
make 6, your first digit.Group (People at the same security level as you) get Read(4) privileges
but no write privileges (Well, you don't want them messing with stuff
like all your haX0r notes do you?) Giving you 4, your 2nd digit.Others (everyone else) gets Read(4) privileges but no write
privileges, giving you 4, your 3rd and last digit.So add that up and you get 644, you can chmod a directory as well.
Never use chmod with this number, EVER:
477[Ed- You _can_ change it back, however, since you are the owner]
It would be disastrous. Try to figure out what that would spell for
your files/directories. Also if you don't want any privileges for that
one type (Group or Others) just use 0 as your number.A fourth digit can be added before the three permission setting octals
to set IDs and/or a sticky bit, but it is not required. Just as before,
these numbers can be added together to get an octal that gives you the
options you need.---Fourth digit octals
4 Set User ID on execution
2 Set Group ID on execution or set mandatory locking
1 Set sticky bit (save test (file) mode or prevent removal
of files by nonowners (directory))~~~Examples of the octal method~~~
chmod 444 file --sets read-only to All
chmod 000 file --nothing to All. The file cannot be used until
the mode is changed.
chmod 704 file --sets read-write-execute to User, nothing to
Group, and read-only to Other
chmod 751 file --sets read-write-execute to User, read-execute
to Group, and execute-only to Other~~~Example using a fourth digit~~~
chmod 2754 file --Sets Group ID, assigns read-write-execute
permission by owner, read-execute by group, and
read-only for everyone else.==============================================================
If anybody has any questions/comments, or want us to write about any
other commands, topics, etc. drop us a line.]v[ad]v[an -- madman593@yahoo.com
Darkjedi -- fleetpaw@yahoo.com***********************************************************************
*** Getting Extra Info with httpd
***********************************************************************[Ed- Thanks to Royans <rkt@poboxes.com> for this good article. I have some
followup info I'll include in the next digest.]Dear Editor,
I find your articles interesting in the HH column. But instead
of a question, I wish to send a small article which I've attached
below about how a http server can get obtain extra info on users.===================================================================
Let httpd do the spying for you.
I have had a lot of fun with perl and apache servers. And I like
automating things which could be automated. The other day, I noticed
that my server was being actively used by a particular IP address.
While the client browser was reading my information, I was wondering
whether its possible for the server to get client's info also.A lot of information is already in the environment varialbles of the
server. Thinks like OS, browser, machine name (i586/i686/etc), IP
address, are already there. However there is a lot more server
could get if it tries to.A simple telnet to the IP address in the access_log told me that it was
a linux box with 2.0.34 kernel. Usually this is not advisable to be
visible to the public, but many of the standard installations of most
UNIXs still have the OS name and version written.A finger to @ipaddresss revield nothing. In some cases it gives
the entire list of users online. So the next hurdle was to find out
if it's possible to identify the user name. IDENT came to my rescue.
Most of the Unix boxes have something called the IDENT server. This
server which runs at port 113, needs root permission to start and
is assumed to be telling the truth when it speaks. The IDENT is supposed
print out a username when its prompted with a pair of "port" numbers
the user is using. For example lets say the user "rkt" on that 192.168.1.2
is running netscape and is accessing my server royans.net from
port 13984 and my port number is 80. If I do a telnet to 192.168.1.2
and type in "13984,80" it would give "13984 , 80 : USERID : OTHER : rkt"
or some format of the same. On the box I was refering to it gave me
this where USERID and OTHER were written as it is seen... in other
words only the user login was revieled. But thats fine for us.So we go back to finger. A simple finger rkt@192.168.1.2 would give
his entire info, and if he has a .plan it could also give his
actual email address (incase he has a dynamic ip).There might be cases when ident might be down or finger might be down,
or his info in the .plan is not complete. A server can easily attach
a cookie to his browser to identify his partial information and obtain
the rest in subsequent connections whenever it is done.Though the above is completely possible, a possible variant of the
same which could be more productive for sniffing user info to identify
userbase could be using email address to do directory searches etc.The conclusion is that it is totally practical to rig up a system
which can gather information automatically about users, with so much
accuracy that I sometimes fear that the info available on my system
could be misused. I'd most probably build something like the above
to see how effective something like this could be, and wonder as to
what all I could do to avoid being queried myself ;-)I hope it was helpful
Royans
rkt@poboxes.com***********************************************************************
*** WinModems
***********************************************************************I don't even know how many emails I got asking how to get a modem to work
properly under Linux. This article seeks to explain, to a certain extent,
what may be happening in many of these cases.In order to lessen costs, many modem manufacturers cut corners when
building their modems. Many of the sub-100 dollar 56kbps modems you see on
the shelves are examples of this cost (and corner) cutting. This
corner-cutting involves moving some of the data processing from fast
hardware to slow (windows) software. This reduces the number of chips
they have to put on the modem's circuit board, and thus reduces the price.
Some of the savings are then handed down to you, the consumer. The big
problem with this setup is that the software that runs these modems is
specific to Windows and is proprietary (that is, possibly copyrighted and
not available to the public). Because the drivers aren't accessible to the
public, there's really no way that Linux device driver writers can support
this hardware. So, for all of you Linux users out there who have these
WinModems, as they are sometimes called, you are out of luck for the most
part, until you invest in a full-fledged modem. A few possible ways to
find out if you have a WinModem are as follows:
1) The modem is called a "WinModem"
2) The box/documentation labels it as "Made for MS Windows"
3) The box mentions the host processing the signal
4) The manufacturer's website says so
5) There was a lot of software to install under Windows to make it workBy no means is this list complete, and additions to it are welcome.
Here's an email I received explaining WinModems (I can't confirm all the
info here, but it seems to be good)generic device <rubaway@bestweb.net> wrote:
Dear Miz. Meinel,
I want to warn the readers about a problem that I encountered that
could put many of your readers out of whack:
Awhile ago, I installed Red-Hat Linux onto my system. I also spent most
of my summer vacation trying to get it to hook up to the net. I tried,
and tried and tried. I realized after almost a month of trying that all
my work had been in vain for, alas, I had an LT Winmodem. I just wanted
to explain to your readers(thats me too!) that an LT Winmodem is not
actually a modem at all. In fact, its a sound card with a phone line
hookup that uses windows software to interpret the sounds into a
modem-like situation. This sounds all fine and dandy till you realize
that the software it uses is not supported by Linux/Unix/FreeBSD/etc. So
my modem would not work and without a modem, Linux has bare-to-none value
for me. If I want to code in C I could just use a shell-account, right?
Well now I have to go out and buy a WHOLE new modem just to surf the web
linux style. It bites. I just want your readers to know that if they are
in the market for a new computer, NOT TO BUY LT WINMODEMS. They are slow
and can not be used in Unix or any variant. They are a cheap imitation of
a modem! Foo on them! They are just for profit by the large companies who
think they can trick innocent buyers into something slower, just because
they didn't know! Well, you know now!generic device (a.k.a. generic "angry buyer" device)
p.s. love those HHD, and GTMHH! keep'em up and before you know it ill have
a good modem and ill be able to use them in linux *grin*
p.p.s. Hacking for Girliez are immature losers who have nothing better to
do than to harass you. (and don't submit the the FBI!)
p.p.p.s Did your readers know that Dell just made a computer that comes
pre-packaged with Red-Hat Linux and XWindows? Sounds handy for them rich
folk +)[Ed- I don't exactly agree with the bare-to-none comment above, but to
each his own. And yes, I did know that Dell has a Linux-installed
computer on the market. Now the rest of you do too. I'm pretty sure most
of the 'big boy' computer companies will now offer Linux instead of
Windows xx.]***********************************************************************
*** Next Issue
***********************************************************************Buffer Overflows Explained
More UNIX Commands
The BSDs___________________________________________________________________
This is a list devoted to *legal* hacking! If you plan to use any
information in this Digest or at our Web site to commit crime, go away!
Foo on you! Don't email us bragging about any crimes you may have committed.
We mean it.For Windows questions, email keydet89@yahoo.com or editor@cmeinel.com
For Unix questions, contact unixeditor@cmeinel.com.
For Macs, email Strider <s.corinth@iname.com>Happy Hacker staff: Unix editor, <unixeditor@cmeinel.com>;
Windows editor, Keydet89 <editor@cmeinel.com>; postmasters Jonathan D.
Zerulik and William Lewis <>; Hacker Wargame Director,
Mark Schmitz <wizard@rt66.com>; Wargame Sysadmin, Satori <Satori@rt66.com>;
Grand Pooh-bah: Carolyn Meinel <>Happy Hacker is a 501 (c) (3) tax deductible organization
in the United States operating under Shepherd's Fold Ministries. Yes!
This is all a plot to save your immortal souls!