• Critical Vulnerability and Privacy LoopHole Found in RoboForm Password Manager

    Unless you are a human supercomputer, remembering password is not so easy, and that too if you have a different password for each site. But luckily...

  • miniLock - Open Source File Encryption Tool from CryptoCat Developer

    It’s the age of surveillance what made the Use of Encryption so widely that it has become a need of law enforcement agencies, cyber criminals as...

  • A BEGINNERS GUIDE TO HACKING UNIX

      *************  *       A BEGINNERS GUIDE TO:        *  *        ...

  • CASH! CASH! Hacking ATM Machines with Just a Text Message

    As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world’s 3 million...

  • Microsoft Word Zero-Day Vulnerability is being exploited in the Wild

    Microsoft warned about a zero-day vulnerability in Microsoft Word that is being actively exploited in targeted attacks and discovered by the...

  • Snoopy Drone Can Hack Your Smartphones

    The use of unmanned aerial vehicles (UAVS) called Drones is rapidly transforming the way we go to war. Drones were once used for...

  • Android Privilege Escalation Flaws leave Billions of Devices vulnerable to Malware Infection

    Android - a widely used Smartphone platform offered by Google is once again suspected to affect its users with malicious software that puts...

  • Introduction to Netcat

    Introduction : So I was messing around on the internet and came across a tool called Netcat.  I've been messing with it for a couple of...

  • Google Nexus phone vulnerable to SMS-based DOS attack

    Google’s Nexus Smartphones are vulnerable to SMS-based DOS attack, where an attacker can force it to restart, freeze, or lose network...

  • Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability

    A Symantec researcher has discovered a new Linux worm, targeting machine-to-machine devices, and exploits a PHP vulnerability...

Sunday, 30 March 2014

A BEGINNERS GUIDE TO HACKING UNIX

 


*************  *       A BEGINNERS GUIDE TO:        *  *          H A C K I N G             *  *                                    *  *                U N I X             *  *                                    *  *       *  * **


   IN THE FOLLOWING FILE, ALL REFERENCES  MADE TO THE NAME UNIX, MAY ALSO BE  SUBSTITUTED TO THE XENIX OPERATING  SYSTEM.    BRIEF HISTORY:  BACK IN THE EARLY  SIXTIES, DURING THE DEVELOPMENT OF  THIRD GENERATION COMPUTERS AT MIT,  A GROUP OF PROGRAMMERS STUDYING THE  POTENTIAL OF COMPUTERS, DISCOVERED  THEIR ABILITY OF PERFORMING TWO OR  MORE TASKS SIMULTANEOUSLY.  BELL  LABS, TAKING NOTICE OF THIS DISCOVERY,  PROVIDED FUNDS FOR THEIR DEVELOPMENTAL  SCIENTISTS TO INVESTIGATE INTO THIS  NEW FRONTIER.  AFTER ABOUT 2 YEARS OF  DEVELOPMENTAL RESEARCH, THEY PRODUCED  AN OPERATING SYSTEM THEY CANLMD "UNIX".    SIXTIES TO CURRENT:  DURING THIS TIME  BELL SYSTEMS INSTALLED THE UNIX SYSTEM  TO PROVIDE THEIR COMPUTER OPERATORS  WITH THE ABILITY TO MULTITASK SO THAT  THEY COULD BECOME MORE PRODUCTIVE,  AND EFFICIENT.  ONE OF THE SYSTEMS THEY PUT ON THE UNIX SYSTEM WAS CALLED  "ELMOS". THROUGH ELMOS MANY TASKS (I.E. BILLING,AND INSTALLATION RECORDS) COULD  BE DONE BY MANY PEOPLE USING THE SAME  MAINFRAME.    NOTE: COSMOS IS ACCESSED THROUGH THE  ELMOS SYSTEM.    CURRENT:  TODAY, WITH THE DEVELOPMENT  OF MICRO COMPUTERS, SUCH MULTITASKING  CAN BE ACHIEVED BY A SCALED DOWN  VERSION OF UNIX (BUT JUST AS  POWERFUL).  MICROSOFT,SEEING THIS  DEVELOPMENT, OPTED TO DEVELOP THEIR OWN  UNIX LIKE SYSTEM FOR THE IBM LINE OF  PC/XT'S.  THEIR RESULT THEY CALLED  XENIX (PRONOUNCED ZEE-NICKS).  BOTH  UNIX AND XENIX CAN BE EASILY INSTALLED
ON IBM PC'S AND OFFER THE SAME FUNCTION
(JUST 2 DIFFERENT VENDORS).

NOTE: DUE TO THE MANY DIFFERENT
VERSIONS OF UNIX (BERKLEY UNIX,
BELL SYSTEM III, AND SYSTEM V
THE MOST POPULAR) MANY COMMANDS
FOLLOWING MAY/MAY NOT WORK. I HAVE
WRITTEN THEM IN SYSTEM V ROUTINES.
UNIX/XENIX OPERATING SYSTEMS WILL
BE CONSIDERED IDENTICAL SYSTEMS BELOW.

HOW TO TELL IF/IF NOT YOU ARE ON A
UNIX SYSTEM:  UNIX SYSTEMS ARE QUITE
COMMON SYSTEMS ACROSS THE COUNTRY.
THEIR SECURITY APPEARS AS SUCH:

LOGIN;     (OR LOGIN;)
PASSWORD:

WHEN HACKING ON A UNIX SYSTEM IT IS
BEST TO USE LOWERCASE BECAUSE THE UNIX
SYSTEM COMMANDS ARE ALL DONE IN LOWER-
CASE.
LOGIN; IS A 1-8 CHARACTER FIELD. IT IS
USUALLY THE NAME (I.E. JOE OR FRED)
OF THE USER, OR INITIALS (I.E. J.JONES
OR F.WILSON).  HINTS FOR LOGIN NAMES
CAN BE FOUND TRASHING THE LOCATION OF
THE DIAL-UP (USE YOUR CN/A TO FIND
WHERE THE COMPUTER IS).
PASSWORD: IS A 1-8 CHARACTER PASSWORD
ASSIGNED BY THE SYSOP OR CHOSEN BY THE
USER.
      COMMON DEFAULT LOGINS
   --------------------------
   LOGIN;         PASSWORD:
   ROOT           ROOT,SYSTEM,ETC..
   SYS               SYS,SYSTEM
   DAEMON     DAEMON
   UUCP           UUCP
   TTY              TTY
   TEST            TEST
   UNIX           UNIX
   BIN              BIN
   ADM            ADM
   WHO           WHO
   LEARN        LEARN
   UUHOST     UUHOST
   NUUCP        NUUCP



IF YOU GUESS A LOGIN NAME AND YOU ARE
NOT ASKED FOR A PASSWORD, AND HAVE
ACCESSED TO THE SYSTEM, THEN YOU HAVE
WHAT IS KNOWN AS A NON-GIFTED ACCOUNT.
IF YOU GUESS A CORRECT LOGIN AND PASS-
WORD, THEN YOU HAVE A USER ACCOUNT.
AND, IF YOU GUESS THE ROOT PASSWORD,
THEN YOU HAVE A "SUPER-USER" ACCOUNT.
ALL UNIX SYSTEMS HAVE THE FOLLOWING
INSTALLED TO THEIR SYSTEM:
ROOT, SYS, BIN, DAEMON, UUCP, ADM
ONCE YOU ARE IN THE SYSTEM, YOU WILL
GET A PROMPT. COMMON PROMPTS ARE:

$
%
#

BUT CAN BE JUST ABOUT ANYTHING THE
SYSOP OR USER WANTS IT TO BE.

THINGS TO DO WHEN YOU ARE IN: SOME
OF THE COMMANDS THAT YOU MAY WANT TO
TRY FOLLOW BELOW:

WHO IS ON  (SHOWS WHO IS CURRENTLY
            LOGGED ON THE SYSTEM.)
WRITE NAME (NAME IS THE PERSON YOU
            WISH TO CHAT WITH)
      TO EXIT CHAT MODE TRY CTRL-D.
      EOT=END OF TRANSFER.
LS -A      (LIST ALL FILES IN CURRENT
            DIRECTORY.)
DU -A      (CHECKS AMOUNT OF MEMORY
            YOUR FILES USE;DISK USAGE)
CD\NAME    (NAME IS THE NAME OF THE
            SUB-DIRECTORY YOU CHOOSE)
CD\        (BRINGS YOUR HOME DIRECTORY
            TO CURRENT USE)
CAT NAME   (NAME IS A FILENAME EITHER
            A PROGRAM OR DOCUMENTATION
            YOUR USERNAME HAS WRITTEN)
      MOST UNIX PROGRAMS ARE WRITTEN
      IN THE C LANGUAGE OR PASCAL
      SINCE UNIX IS A PROGRAMMERS'
      ENVIRONMENT.
ONE OF THE FIRST THINGS DONE ON THE
SYSTEM IS PRINT UP OR CAPTURE (IN A
BUFFER) THE FILE CONTAINING ALL USER
NAMES AND ACCOUNTS. THIS CAN BE DONE
BY DOING THE FOLLOWING COMMAND:

CAT /ETC/PASSWD

IF YOU ARE SUCCESSFUL YOU WILL A LIST
OF ALL ACCOUNTS ON THE SYSTEM.  IT
SHOULD LOOK LIKE THIS:

ROOT:HVNSDCF:0:0:ROOT DIR:/:
JOE:MAJDNFD:1:1:JOE COOL:/BIN:/BIN/JOE
HAL::1:2:HAL SMITH:/BIN:/BIN/HAL

THE "ROOT" LINE TELLS THE FOLLOWING
INFO :
LOGIN NAME=ROOT
HVNSDCF   = ENCRYPTED PASSWORD
0         = USER GROUP NUMBER
0         = USER NUMBER
ROOT DIR  = NAME OF USER
/         = ROOT DIRECTORY

IN THE JOE LOGIN, THE LAST PART
"/BIN/JOE " TELLS US WHICH DIRECTORY
IS HIS HOME DIRECTORY (JOE) IS.

IN THE "HAL" EXAMPLE THE LOGIN NAME IS
FOLLOWED BY 2 COLONS, THAT MEANS THAT
THERE IS NO PASSWORD NEEDED TO GET IN
USING HIS NAME.

CONCLUSION:  I HOPE THAT THIS FILE
WILL HELP OTHER NOVICE UNIX HACKERS
OBTAIN ACCESS TO THE UNIX/XENIX
SYSTEMS THAT THEY MAY FIND. THERE IS
STILL WIDE GROWTH IN THE FUTURE OF
UNIX, SO I HOPE USERS WILL NOT ABUSE
ANY SYSTEMS (UNIX OR ANY OTHERS) THAT
THEY MAY HAPPEN ACROSS ON THEIR
 THERE IS MUCH MORE TO BE  LEARNED ABOUT THE UNIX SYSTEM THAT I  HAVE NOT COVERED.  THEY MAY BE FOUND  BY BUYING A BOOK ON THE UNIX SYSTEM  (HOW I LEARNED) OR IN THE FUTURE  I MAY WRITE A PART II TO THIS                                                                                                                 
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)