lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <001f01c36906$d3d0c2a0$0100a8c0@p3600>
From: chows at ozemail.com.au (gregh)
Subject: Idea

> ----- Original Message ----- 
> From: Elvedin 
> To: full-disclosure@...ts.netsys.com 
> Sent: Friday, August 22, 2003 9:29 AM
> Subject: Re: [Full-Disclosure] Idea


> Well, if all shells are removed and roots and other users shell is changed
> to /bin/false, you wont be able to install another shell. How would you
> interface with the system? NO SHELL!

Many years ago on a learning curve far, far away, I used to use an Amiga on the net. It had an interesting thing it did with a certain Internet setup that not a lot of people used. You could configure ports to do whatever when accessed and if you didnt actually type in a port number that could be accessed, it wouldnt open.

So, while wondering what it was that hackers actually did and having no clue at all about it, I decided it would be fun to watch them. I went through my config entries and added voluminous numbers of ports at random and linked them to a shell. The shell could also be configured and I configured it to do absolutely nothing other than act more or less like a dcc chat prior to me knowing they even existed. I guess this was somewhere around 1992. I went online and toured a few IRC channels, just popping in, saying a "hello, newbie here" and then waiting to be kicked off channel etc, which happened a lot when you typed something like that. ;-} Naturally, there were some who decided to look in on me as I wasnt hiding a thing from anyone. The truth is I didnt know how to even if I wanted to anyway and this was an Amiga with less chance of me finding someone who may know who knew Amiga. So, while I did this, I would get people connect to those ports I had opened and the shell would pop up on my desktop and they would start typing. Most often, the first command was for a list of files, sometimes a format command and so on. Obviously none of this worked but sometimes they would do interesting things. In the end, I would type "hello" to them and get a lot of people just cut the connection and some, amused, start typing back.

Now all that is a nice story and old now, anyway but the point is, surely there is *SOMEONE* on this list who is a competent enough programmer to write a "cmd" or "command" if you like that Windozers use that can be shoved in the correct dir and just do what that old Amiga shell did for me even allowing a > to a log file or whatever. One that basically does nothing or maybe appears to do nothing but attempts to trace the open connection. I know I cant do that. I was only ever a mediocre programmer. Maybe that would be something to help this "idea" along?

Greg. 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ