mirror of
https://github.com/fdiskyou/Zines.git
synced 2025-03-09 00:00:00 +01:00
133 lines
4.9 KiB
Text
133 lines
4.9 KiB
Text
|
==Phrack Inc.==
|
||
|
|
|
||
|
|
Volume One, Issue Six, Phile 5 of 13
|
||
|
|
|
||
|
|
===============================================================================
|
||
|
|
------------
|
||
|
|
Unix Nasties
|
||
|
|
------------
|
||
|
|
By Shooting Shark
|
||
|
|
|
||
|
|
Written on April 3, 1986
|
||
|
|
===============================================================================
|
||
|
|
|
||
|
|
Summary: Methods of sabotaging your favorite Unix system.
|
||
|
|
|
||
|
|
Preface: I do not advocate utilizing ANY of the methods I put forth in this
|
||
|
|
file. Unix is a cool operating system, perhaps one of the best
|
||
|
|
systems ever designed in many respects. If you have access to a Unix
|
||
|
|
system, you should LEARN UNIX AND LEARN C, because that is where the
|
||
|
|
money is in the computer world. However, Unix is a relatively
|
||
|
|
insecure operating system which is easy to fuck up. This file
|
||
|
|
explains a few ways of doing so.
|
||
|
|
|
||
|
|
Crash The System
|
||
|
|
----------------
|
||
|
|
Unix has no built-in provision for the maximum amount of disk space allowed per
|
||
|
|
user. Thus, one user can grab all the disk space on the system and effectively
|
||
|
|
prevent anyone else from writing to the disk. A simple way of grabbing all the
|
||
|
|
disk space is to create subdirectory after subdirectory until it is no longer
|
||
|
|
possible. Here are a few ways of doing it.
|
||
|
|
|
||
|
|
1> Create a file with the following lines:
|
||
|
|
|
||
|
|
mkdir subdir
|
||
|
|
cd subdir
|
||
|
|
source /u1/mydir/crash
|
||
|
|
|
||
|
|
Call it crash. The last line ("source /u1/mydir/crash") should be altered
|
||
|
|
so that it will look for the file in your directory. If your directory is
|
||
|
|
/u3/students/jeff, the last line should say "source
|
||
|
|
/u3/students/jeff/crash". After you write the above file, type:
|
||
|
|
|
||
|
|
% source crash
|
||
|
|
|
||
|
|
and wait...within a few minutes the program will abort because it won't
|
||
|
|
have any more room on the disk. Neither will anyone else.
|
||
|
|
|
||
|
|
2> Here's a more elegant way of doing the same thing. Create this "endless
|
||
|
|
loop" shellscript:
|
||
|
|
|
||
|
|
while : ; do
|
||
|
|
mkdir subdir
|
||
|
|
cd subdir
|
||
|
|
done
|
||
|
|
|
||
|
|
and then "source" the file. If you are in the "sh" shell (if you are, you
|
||
|
|
will probably have a "$" prompt) you can type "while : ; do" from the $
|
||
|
|
prompt. You will then get a > prompt. Type the next three lines and sit
|
||
|
|
back.
|
||
|
|
|
||
|
|
3> If you'd like to set the process in motion and hang up, and the file is
|
||
|
|
called crash, type:
|
||
|
|
|
||
|
|
% nohup source crash &
|
||
|
|
|
||
|
|
and log off. This will start it as a background process, allowing you to
|
||
|
|
log off. However, log off QUICKLY, since if you used the first example for
|
||
|
|
your crash file, it will also eat up background processes like crazy which
|
||
|
|
will also fuck up the system to some extent. Which brings us to...
|
||
|
|
|
||
|
|
Slow Down The System Immensely
|
||
|
|
------------------------------
|
||
|
|
There are many ways of doing this, the method being creating a sufficiently
|
||
|
|
large number of background processes. Here's one specific example. Create a
|
||
|
|
file called "slow1" with the following lines:
|
||
|
|
|
||
|
|
w &
|
||
|
|
source slow1
|
||
|
|
|
||
|
|
create a file called "slow2" with:
|
||
|
|
|
||
|
|
source slow1 &
|
||
|
|
source slow2
|
||
|
|
|
||
|
|
and execute slow2 with
|
||
|
|
|
||
|
|
% slow2
|
||
|
|
or
|
||
|
|
% slow2 &
|
||
|
|
|
||
|
|
This will create 25 background processes, each one running 25 background
|
||
|
|
processes. The system will hardly move after you've got each one running.
|
||
|
|
|
||
|
|
Messing Up A Directory
|
||
|
|
----------------------
|
||
|
|
Many file-handling commands use "-" options. Create a file with a "-" at the
|
||
|
|
beginning of its name by doing this:
|
||
|
|
|
||
|
|
cat > -filename
|
||
|
|
|
||
|
|
[now type a few lines, maybe something rude like "ha ha you can't delete this
|
||
|
|
file".] Type a ^D (control-d) to end input. You now have a file called
|
||
|
|
-filename in your directory. It will be VERY difficult to remove this file.
|
||
|
|
If you were to try rm (remove) -filename or mv (rename) -filename, the rm or mv
|
||
|
|
program would interpret -filename as an option, not a file, and would give you
|
||
|
|
an error message telling you that -filename was not a valid option...thus, the
|
||
|
|
file stays there obnoxiously.
|
||
|
|
|
||
|
|
Create a couple of hundred files with "-" as the first characters in their
|
||
|
|
names...it will be a royal pain for the person who is blessed with these new
|
||
|
|
files, and they will probably just have to get a new login.
|
||
|
|
|
||
|
|
Conclusion
|
||
|
|
|
||
|
|
The use of any of these techniques is quite irresponsible, and if anyone did
|
||
|
|
this to my Unix system, I'd be quite pissed. That is why I strongly recommend
|
||
|
|
that you never use these tricks.
|
||
|
|
|
||
|
|
So Long,
|
||
|
|
Shooting Shark
|
||
|
|
|
||
|
|
"Some people have a bad attitude, and I say, if they want to act tough, beat
|
||
|
|
'em up!" - Blue Oyster Cult
|
||
|
|
-------------------------------------------------------------------------------
|
||
|
|
For more information on UNIX sabotage and cracking, see the following articles:
|
||
|
|
|
||
|
|
Ritchie, Dennis M. [he wrote Unix] "On the Security of UNIX." Programmers
|
||
|
|
Manual for UNIX System III Volume II. Supplementary Documents.
|
||
|
|
|
||
|
|
Filipski, Alan and Hanko, James. "Making UNIX Secure." BYTE Magazine, April
|
||
|
|
1986, pp 113-128.
|
||
|
|
===============================================================================
|