From: "Carolyn Meinel" Date: Sat Jun 3, 2000 3:16 am Subject: Happy Hacker Unix Digest, June 3, 2000 Unix Edition __ __ __ __ __ / // /__ ____ ___ __ __ / // /__ _____/ /_________ / _ / _ `/ _ \/ _ \/ // / / _ / _ `/ __/ '_/ -_)__/ /_//_/\_,_/ .__/ .__/\_, / /_//_/\_,_/\__/_/\_\\__/_/ /_/ /_/ /___/ ___ _ __ / _ \(_)__ ____ ___ / /_ / // / / _ `/ -_|_-: Hi, Mike, I recently installed one of those versions of linux that you can run off your windows partition, it's called PhatLinux. The installation was fine and i am able to dial-up my ISP. However, when I run Netscape i get an error message : 'Hostname Look-up failure' I cannot connect to any site and get the same message. I don't really understand much about Hostnames, the default one i have is 'PhatLinux.PhatBox.' Do you think you could point me in the right direction as it's really annoying me. _Stevie Gabzdyl_ [Editor: Sure. The hostname lookup failure is a DNS problem. As you probably know, all machines on a TCP/IP network are identified by a series of 4 numbers, e.g., 207.124.53.19. A DNS server maps hostnames (like yahoo.com) to these numbers. If you haven't told your machine what DNS servers to use, it won't know how to convert names to numbers. Look at /etc/resolv.conf, and add the line "nameserver 111.222.111.222" (without the quotes), replacing 111.222.111.222 with the DNS server of your ISP. You can have several nameserver lines, in case the first is down, then it'll query the second, and so on.] ---------------------------------------------------------------------- Sam Hamilton : I am wanting to build a secure web server. I once read somewhere that you put the OS on a CD-R instead of the harddisk. I want to put a http server (SSL), ftp server, DNS, email and secure telnet in one computer. To run the OS off the CD-R and then the web site files to go on the harddisk with the logfiles mailed to me daily. So basically I am wondering how to go about doing this, if you know any useful documentation sites or can give me a few tips on getting it done. The only limitation is that I cannot get my CD-R to work in Linux so it only works in MS'98. [Editor: Excellent idea. The better idea, however, is to also put the web files on the CD-R as well, that'll prevent any defacements. I think there's a HOWTO on running Linux off a CD-ROM, if not, I know there's one on how to install a fully running system on a ZIP drive... it'll be pretty similar. To mail the log files, you can just play around with syslogd.] ---------------------------------------------------------------------- Nachiketa Mishra : Hello carolyn, I read your harmless hacking article.I have a problem.my ISP is giving me a shell account but whenever I try to ping or finger or even cd I get a message "rksh: command not found" . What is the problem ? please help me. wating for a reply nachiketa [Editor: rksh is your shell. The "command not found" message means that it can not find a file by that name. If it was just ping and finger, I'd say they either: a. weren't installed or b. weren't in your path. cd is supposed to be an internal command however... I have no idea why that wouldn't work (unless they won't let you use it... I can't imagine why, though).] ---------------------------------------------------------------------- Andy : My name's Andy and I'm 17 years old. I've been reading the guide to mostly harmless hacking and I just want to know the first step I need to take to get going. You probably don't care but I'm not going to hack to destroy things. I'm planning on taking a degree in computer science at university next year and I want to learn as much as I can about computers before I go. I've tried asking in newsgroups for advice but, as always, nobody wants to help a newbie. At the moment I don't have any special hacker tools, just basic windows 98 programs. My service provider is callnetuk and I tried to find out if I had a shell account by making a hyperterminal thingumy. It asked me to login (so I thought I must have a shell account) but after I entered my password it just came up with loads of symbols and nothing else. Got any ideas? As I'm only 17 I don't have the money to go subscribing to other service providers that offer shell accounts. I only have a stand alone computer as well so I can't practice any LAN things either. Also, do you know where I can get a unix based OS cos I've looked everywhere and I can't find one. Again, preferably a free version. Thanks for your time Andy [Editor: The "loads of symbols" are probabaly PPP packets (dead giveaway: a bunch of curly brackets {{{). A free Unix based OS... well, try linux.org :)] ---------------------------------------------------------------------- Thomas Franklin : You seemed the right person to contact. My question is simple, How do you pronounce Linux? I pronounce it as Leenux, But other people i know say it a line-ux. Who is correct? [Editor: lol. Please, before I answer the question, no flame wars, ok? I call it Lih-nucks. It probably should be called Line-ux (Linus + Unix= Linux), b/c Linus is with a long I. For some reason, no one does, though.] ---------------------------------------------------------------------- Spanky176@a... : First off, I'd like to say that I think your webpage is great and that I enjoy reading it. My question is this. When I try to use mail ports on certain domains, they only let me relay email to addresses on that server. Is there any way around this? [Editor: No.] ---------------------------------------------------------------------- Parker Boutell : Gee mr.Mike I really think your swell................anywho I mailed to ask about something that happened to me the other night while programing at 3 in the morning.. any ways I wrote a program that acts a a one function calculator but when I try to run it it gives me the error message "segmentation fault(core dumped)" I know this has something to do with it making a copy of the core or something. I heard Carolyn mention something about that in the "Exploits Explained" GTmHH. What I was wondering can this be made into explot code I want to use it possibly to try and break in my linux box which is a Red Hat 6.1 OS on a 486dx so anyhelp would be appreciated or any place that you can send me to learn more about exploit code would also help.......below is a copy of the code which was written in C it is really bad but im just learning but now I know alot more then I did when I wrote this. #include char line [100] int term; int term_2; int term_3; main() { fgets(line, sizeof(line), stdin); sscanf(line, "%d %d", &term, term_2); term_3 = (term + term_2); printf("%d\n", term_3); return (0); } p.s. Sorry its not commented or anything but it was 3 in the morning and was just trying to sta up till 5 but this hardly makes sence to me when I looked at it the next day but thanks ~weevil [Editor: First, let me say that I'm not going to write an exploit for you. You are correct in saying that this could be a problem. The key to exploiting a core dump is the core dump file. Try it right after you login (so your login info is still in memory). Then look through the core dump to see if you can find anything that looks like login information. Once you know where (if) it can be found, see how you can automate the search, to create a file to automatically extract usernames and passwords. Voila, instant exploit.] ---------------------------------------------------------------------- Alan Azar : Hi in one of your documents you had something like this written If service.pwd is obtained it will look similar to this: Vacuum:SGXJVl6OJ9zkE The above password is apple Turn it into DES format: Vacuum:SGXJVl6OJ9zkE:10:200:Vacuum:/users/Vacuum:/bin/bash I want to know how you decrypted it is vacuum the username? also could you help me decrypt this zebulun2:vxhUdORGl7WOE thanx Alan [Editor: Unix passwords are one way. There is NO, repeat, NO way to decrypt a unix password. Without getting into the cryptological details, the bottom line is that there is no modelable one way transformation between apple and SGXJVl6OJ9zkE. In fact, try this. Create two user names, give them the same password. See how they encrypt. Password crackers work by trying to encrypt (the algorithm is public, of course) hundreds of thousands of test passwords: brute force.] ---------------------------------------------------------------------- who knows : hi, I have 2 questions. When you first log into linux or any *nix there is sometimes a sort of motd thing after you have actually given your user name and whatnot. What file is that setting stored in? Also, at the prompt it will say something like #bash> or what ever. what file has the configeration for that in it? thanks [Editor: 1. Usually /etc/motd. 2. .profile, .bashrc, .cshrc, .bash_profile, .login, something like that. It depends on your shell. Do an ls -A (to display all hidden files except . and ..) and view the files it shows.] ---------------------------------------------------------------------- Jason asks: At one point I saw a section in the Happy Hacker website that talked about getting on the internet with linux. Well I didn't have linux then and I do now. I have cable internet and they told me that they do not do tech support for linux. I am running Linux Mandrake 7.0. I was wondering were I could find that article or if you or anyone could help me out. Thank you for your time. [Editor: Check out the cable modem HOWTO. Basically, you'll set up your ethernet card, then (probabaly) just have to enable DHCP. It's really easy...] ---------------------------------------------------------------------- Ian Neufeld wrote: I have a couple questions regarding Linux. 1) Linux is labeled as "open-source". Does that mean I can, or have the right to, access/alter the source code for any program? If not, what EXACTLY does it mean? 2) Do you know where I can find the source code for various Linux commands or a decompiler/debuilder/reverse-engineering program what would do it? A reply will be much appreciated. Signed, Ian Neufeld [Editor: Ok, most Linux that's open source is under the GPL. While I don't want to summarize it right here (and I'm not enough of a lawyer to give advice anyway), basically, it says that all code must have source code availible, and must be redistributable. Note that people say "free as in source, not free as in beer." That means you can charge money for the code... but since once one person buys it, he can give it away for free, no company could get away with charging more than a "reasonable" fee (say, >$10 per CD). As far as other code, it may be open source, it may not... there's a bunch of difference licenses out there. The folks at Debian (http://www.debian.org) are open-source zealots... they're very active in making sure to bundle their distro with only real free stuff... and they still fill up a few CD's. As far as number 2, it's a very tough job, and I don't know of any utility to do that. But most linux programs have source availible, so you can build the code yourself. Look for a .src tarball.] ************************************************** ******************** *** Perl 101 Lesson 8 ********************************************************************** This week (roughly), we'll be discussing the concept of arrays. As you remember from the beginning, an array is just a list of scalar data, in order. Order does not mean the data is in alphabetical, or any other type of order per se, it just means that item #1 will not vary by each call, that is, there is a unique index associated with each element. A list is defined by parentheses. Of course, you can declare a literal array ("1", 2, "Three), which contains three scalars, the _character_ (not number) 1, the number 2, and the string "Three". Perl also has the .. notation which should be familiar to those readers with some set theory background. (1 .. 4) is defined to be (1, 2, 3, 4), (a .. d) is defined to be (a, b, c, d) (b/c it increments the ascii value) and (1.5 .. 6.3) is (1.5, 2.5, 3.5, 4.5, 5.5, 6.3). So it increments one each time, stopping when value < last number. Of course, perl is pretty free form, so you can feel free to declare a list on multiple lines if you so desire. You may remember the Quote Words (qw) operator from the initial example... it automatically double quotes a list. So qw(Hello There) would evaluate to: ("Hello" "There") Just like a scalar was indentified by a $ before the variable name, an array is prefaced by a @. So @array would be a standard, if vague, variable name for an array. If you think back, you'll realize we actually used two arrays in the beginning. One was pretty explicit (actually, and I'm not writing this from home, so I can't check, but offhand I think it was a hash), but the other was pretty subtle. Remember the statement that said something like: print("Hello ",$name); If you think about it, the ("Hello",$name) is a list. So now we can see that print displays all elements of a list. I suppose that may seem trivial, but trust me, it's actually pretty important. "But wait," you should be saying! "Didn't you say that print doesn't need parentheses?" Yes, I did, and if you've been playing around with perl, you'll see that I was right. So what's going on? Which is right? Truth be told, they both are. The key is that a list, strictly speaking, does not need parentheses. But that's for later... for now, always declare a list w/ the parentheses. Unlike certain languages (Basic comes to mind), the $ and @ are not just descriptions of what's in the variable... they're actually part of the name. Thus, you can have $var and @var, and "never shall the twain meet." (Of course, it's a pretty sloppy thing to do...) What if you try and assign a scalar to an array? For example, go to a shell, and try (right now, I'll wait) the following: $scalar = 5 @array = $scalar; What happened? What perl does (no cheating) is to convert (typecast, if you wish) the scalar into the list ($scalar), and then assign that list to @array. To add to an array, you can refer to the array itself. If that didn't make any sense (and reading over it, I don't think it did), look at this example: @array=("There, " "Mike"); @array=("Hello ",@a..., "."); print @array Your output should look something like: Hello There, Mike. Easy? Good. Part of the great power of perl comes from combo statements like the following: @array1=($var1, @array2) = ("4", "5", "6", "Seven"); This sets @array1 to ("4", "5", "6", "Seven"), $var1 will equal "4", and the rest ("5", "6", "Seven") will find it's way into @array2. What if there's a mismatch between the number of elements on the right and on the left? Try it! In case you can't, I'll tell you... if you have too many on left (i.e., not enough values to fill up the empty ones), you'll get undefs. If there are too many, the values just get dropped. Of course, the original (on the right) will be unchanged. .... .- .--. .--. -.-- .... .- -.-. -.- . .-. -.. .. --. . ... - This is a list devoted to *legal* hacking! If anyone plans to use any information in this Digest or at our Web site to commit crime, go away! We like to put computer criminals behind bars where they belong! Email addresses: Windows Editor Greggory Peck wineditor@h... Networking Editor neteditor@t... Unix Editor Mike Miller nixeditor@t... Mac Editor Pat. St. Arnaud maceditor@t... Programming Editor Anjit Fadia programmers@t... Clown Princess Carolyn Meinel cmeinel@t... Happy Hacker, Inc. is part of a 501 (c) (3) tax deductible organization