unix- a hacking tutorial.sir

黑客培训教程

 [123]: killed
 $ kill -9 122
 garbage
 NO CARRIER

Also, you can do "kill -1 0" to kill your shell process to log yourself off.
This is useful in scripts (explained later).

-------------------
Shell Programmin'
-------------------

        Shell Programming is basically making a "script" file for the
standard shell, being sh, ksh, csh, or something on those lines.  Its
like an MSDOS batch file, but more complex, and more Flexible.
This can be useful in one aspect of hacking.


First, lets get into variables.  Variables obviously can be assigned
values.  These values can be string values, or numberic values.

number=1

        That would assign 1 to the variable named "number".

string=Hi There
or
string="Hi There"

        Both would assign "Hi there" to a variable.

        Using a variable is different though.  When you wish to use a variable
        you must procede it with a dollar ($) sign.  These variables can
        be used as arguments in programs.  When I said that scripts are
        like batch files, I meant it.  You can enter in any name of a program
        in a script file, and it will execute it. Here is a sample script.

counter=1
arg1="-uf"
arg2="scythian"

ps $arg1 $arg2

echo $counter

        That script would translate to "ps -uf scythian" then would print
        "1" after that was finished.  ECHO prints something on the screen
        whether it be numeric, or a string constant.

Other Commands / Examples:

read - reads someting into a variable.  format : read variable .  No dollar
        sign is needed here!  If I wwanted to get someone's name, I could
        put:

echo "What is your name?"
read hisname
echo Hello $hisname

        What is your name?
        Sir Hackalot
        Hello Sir Hackalot

        Remember, read can read numeric values also.

trap - This can watch for someone to use the interrupt character. (Ctrl-c)
       format: trap "command ; command ; command ; etc.."
Example:
        trap "echo 'Noway!! You are not getting rid o me that easy' ; echo
        'You gotta see this through!'"

        Now, if I hit control-c during the script after this statement was
        executed, I'd get:
        Noway!! You are not getting rid of me that easy
        You gotta see this through!

exit : format :exit [num]  This exists the shell [quits] with return
        code of num.

-----
CASE
-----

        Case execution is like a menu choice deal.  The format of the command
        or structure is :
        case variable in
        1) command;
           command;;
        2) command;
           command;
           command;;
        *) command;;
         esac
        Each part can have any number of commands. The last command however
        must have a ";;".  Take this menu:

        echo "Please Choose:"
        echo "(D)irectory (L)ogoff (S)hell"
        read choice
        case $choice in

        D) echo "Doing Directory...";
           ls -al ;;
        L) echo Bye;
           kill -1 0;;
        S) exit;;
        *) Echo "Error! Not a command";;
        esac

        The esac marks the end of a case function.  It must be after the
        LAST command.

Loops
-----

        Ok, loops.  There are two loop functins.  the for loops, and the
        repeat.

        repeat looks like this: repeat something somethin1 somethin2
        this would repeat a section of your script for each "something".
        say i did this:
        repeat scythian sirhack prophet

        I may see "scythian" then sirhack then prophet on my screen.

        The for loop is defined as "for variable in something
                                    do
                                    ..
                                    ..
                                    done"

        an example:
        for counter in 1 2 3
        do
        echo $counter
        done

        That would print out 1 then 2 then 3.

Using TEST
----------
The format:  Test variable option variable

The optios are:
-eq    =
-ne    <> (not equal)
-gt    >
-lt    <
-ge    >=
-le    <=

for strings its: = for equal  != for not equal.

If the condition is true, a zero is returned.  Watch:

        test 3 -eq 3

that would be test 3 = 3, and 0 would be returned.

EXPR
----

This is for numeric functions.  You cannot simply type in
echo 4 + 5
and get an answer most of the time.  you must say:
expr variable [or number] operator variable2 [or number]
the operators are:

+ add
- subtract
* multiply
/ divide
^ - power (on some systems)

example :   expr 4 + 5
var = expr 4 + 5
var would hold 9.

        On some systems, expr sometimes prints out a formula.  I mean,
        22+12 is not the same as 22 + 12.  If you said expr 22+12 you
        would see:
        22+12
        If you did expr 22 + 12 you'd see:
        34


SYSTEM VARIABLES
----------------

        These are variables used by the shell, and are usually set in the
system wide .profile [explained later].

HOME - location of your home directory.
PS1  - The prompt you are given.  usually $ .  On BSD its usually &
PATH - This is the search path for programs.  When you type in a program
to be run, it is not in memory; it must be loaded off disk.  Most commands
are not in Memory like MSDOS.  If a program is on the search path, it may
be executed no matter where you are.  If not, you must be in the directory
where the program is.  A path is a set of directories basically, seperated by
":"'s.  Here is a typical search path:

        :/bin:/etc:/usr/lbin:$HOME:

When you tried to execute a program, Unix would look for it in /bin,
/etc, /usr/lbin, and your home directory, and if its not found, an error is
spewed out.  It searches directories in ORDER of the path.  SO if you had a
program named "sh" in your home directory, and typed in "sh", EVEN if
you were in your home dir, it would execute the one in /bin. So, you
must set your paths wisely.  Public access Unixes do this for you, but systems
you may encounter may have no path set.

TERM - This is your terminal type.  UNIX has a library of functions called
"CURSES" which can take advantage of any terminal, provided the escape
codes are found.  You must have your term set to something if you run
screen oriented programs.  The escape codes/names of terms are found
in a file called TERMCAP.  Don't worry about that.  just set your term
to ansi or vt100.  CURSES will let you know if it cannot manipulate your
terminal emulation.


-------------------
The C compiler
-------------------

        This Will be BRIEF.  Why?  Becuase if you want to learn C, go
        buy a book.  I don't have time to write another text file on
        C, for it would be huge.  Basically, most executables are programmed
        in C.  Source code files on unix are found as filename.c  .
        To compile one, type in "cc filename.c".  Not all C programs
        will compile, since they may depend on other files not there, or
        are just modules.  If you see a think called "makefile" you can
        usually type in just "make" at the command prompt, and something
        will be compiled, or be attempted to compile.  When using make or
        CC, it would be wise to use the background operand since
        compiling sometimes takes for ever.
        IE:
        $ cc login.c&
        [1234]
        $
        (The 1234 was the process # it got identified as).


_____________________________________________________________________________

---------------
The FILE SYSTEM
---------------

        This is an instrumental part of UNIX.  If you do not understand this
section, you'll never get the hang of hacking Unix, since a lot of Pranks
you can play, and things you can do to "raise your access" depend on it.

First, Let's start out by talking about the directory structure.  It is
basically a Hiearchy file system, meaning, it starts out at a root directory
and expands, just as MSDOS, and possibly AmigaDos.

Here is a Directory Tree of sorts:  (d) means directory

                        /  (root dir)
                        |
                        |--------------------|
                      bin (d)               usr (d)
                                        ----^--------------------
                                        |        |              |
                                    sirhack(d)  scythian (d)    prophet (d)
                                        |
                                        src (d)

Now, this particular system contains the following directories:
/
/bin
/usr
/usr/sirhack
/usr/sirhack/src
/usr/scythian
/usr/prophet

Hopefully, you understood that part, and you should.  Everything spawns from
the root directory.

o File Permissions!
------------------

Now, this is really the biggie.  File Permissions.  It is not that hard to
understand file permissions, but I will explain them deeply anyway.

OK, now you must think of user groups as well as user names.  Everyone
belongs to a group.  at the $ prompt, you could type in 'id' to see what
group you are in.  Ok, groups are used to allow people access certain things,
instead of just having one person controlling/having access to certain files.
Remember also, that Unix looks at someone's UID to determine access, not
user name.

Ok.  File permissions are not really that complicated.  Each file has an owner
This OWNER is usually the one who creates the file, either by copying a file
or just by plain editing one.  The program CHOWN can be used to give someone
ownership of a file.  Remember that the owner of a file must be the one who
runs CHOWN, since he is the only one that can change the permissions of a file
Also, there is a group owner, which is basically the group that you were in
when the file was created.  You would use chgrp to change the group a file is
in.

Now, Files can have Execute permissions, read permissions, or write permission.
If you have execute permission, you know that you can just type in the name
of that program at the command line, and it will execute.  If you have read
permission on a file, you can obviously read the file, or do anything that
reads the file in, such as copying the file or cat[ing] it (Typing it).
If you do NOT have access to read a file, you can't do anything that requires
reading in the file.  This is the same respect with write permission.  Now,
all the permissions are arranged into 3 groups.  The first is the owner's
permissions.  He may have the permissions set for himself to read and execute
the file, but not write to it.  This would keep him from deleting it.
The second group is the group permissions.  Take an elongated directory
for an example:
 $ ls -l runme
 r-xrwxr-- sirhack       root     10990 March 21  runme

ok.  Now, "root" is the groupname this file is in.  "sirhack" is the owner.
Now, if the group named 'root' has access to read, write and execute, they