Unix/Linux users - you'll laugh at this - DFWstangs Forums
 
LinkBack Thread Tools Display Modes
post #1 of 10 (permalink) Old 01-12-2004, 08:55 AM Thread Starter
Custom Title
 
Join Date: Apr 2002
Location: Hades who?
Posts: 16,521
Unix/Linux users - you'll laugh at this

A friend of mine, who has forgotten more than I'll ever learn about Unix, just F'd up his Sun Unix box. This guy thinks he knows everything, and just goes on and on about how he could walk into any company and within 30 minutes hack into their Unix sevrer and do whatever he wants to it. Well, his brilliance just showed up!

He has a Sun Sparc station with 5.8 on it. After many failed attempts to hack into it, I give him the root password so he can do whatever he wants to it. Instead of adding a new user ID for himself, he decides to change the root users shell to bash. Problem starts here. The dumbass didn't change the path, just put ba in front of sh (used vi on the password file), logged out (second mistake) and now he can't log back in! It comes back with "No Shell"! What a tard, he didn't even think to check if bash was in /sbin
He should have stayed logged in, and telneted to it from his other system to test it before logging out, that's like rookie mistake number 1!

He can't ftp to it either, I didn't allow root to use ftp when I set it up for him. Something so simple, yet so important just fucked him up! I laughed so hard on the phone yesterday when he called me!!!
Yellowstang is offline  
Sponsored Links
Advertisement
 
post #2 of 10 (permalink) Old 01-12-2004, 10:20 AM
 
Join Date: Nov 2002
Posts: 5,831
lol... he can hack into any unix/linux box?? yet locks himself out with the root password...

EDIT: id probably do something just as stupid as that.. but im not walking around telling people i can hack into anybox
trey85stang is offline  
post #3 of 10 (permalink) Old 01-12-2004, 10:42 AM
El Camino
 
Stang2be's Avatar
 
Join Date: Sep 2003
Location: in front of the keyboard
Posts: 3,432
sounds like someone got owned.

Its always fun putting big mouths in their place.

I used to work tech support at an isp and there was a guy there thought his pc was so locked down. He had a bios password, keylock on, and a lock on the case.

I decided after he left the day before April Fools I would teach him a lesson.

I used my own key unlock his keylock, used a bios back door password to advance the date 30 years, disabled all cache from the processor, and then modified his win 95 splash screen to be the same windows logo but painted APRIL FOOLS! in big red over it

He came in the next day and freaked out and reloaded his whole box thinking it had been hacked into.

2007 Taurus SEL - daily driver
1974 El Camino SS - 400sb

Quote:
Originally Posted by purrrfectstang
Umm.. what is the ID-10T settings?
Stang2be is offline  
 
post #4 of 10 (permalink) Old 01-12-2004, 10:54 AM Thread Starter
Custom Title
 
Join Date: Apr 2002
Location: Hades who?
Posts: 16,521
Quote:
Originally posted by Stang2be
sounds like someone got owned.

Its always fun putting big mouths in their place.

I used to work tech support at an isp and there was a guy there thought his pc was so locked down. He had a bios password, keylock on, and a lock on the case.

I decided after he left the day before April Fools I would teach him a lesson.

I used my own key unlock his keylock, used a bios back door password to advance the date 30 years, disabled all cache from the processor, and then modified his win 95 splash screen to be the same windows logo but painted APRIL FOOLS! in big red over it

He came in the next day and freaked out and reloaded his whole box thinking it had been hacked into.
LOL! One time this same dude worked at this company and bragged about how locked down his server was. Well I logged onto port 25 (I worked at a different company) and sent him an email and said it was from

[email protected]

Then the text said something along the lines of Your system has been compromised.

He about crapped! They called in some consulting company and spent over $10K trying to figure out how someone hacked his root account. The guys answer was, "Someone probably telneted to port 25 and sent the email, I can't really see anything else they could have done!"

I never told him it was me, he still to this day talks about that. It was like 6 years ago too! Some people are just too smart for their own good!
Yellowstang is offline  
post #5 of 10 (permalink) Old 01-12-2004, 10:56 AM
 
Join Date: Nov 2002
Posts: 5,831
Quote:
Originally posted by yellowstang
[B]LOL! One time this same dude worked at this company and bragged about how locked down his server was. Well I logged onto port 25 (I worked at a different company) and sent him an email and said it was from

[email protected]

Then the text said something along the lines of Your system has been compromised.
B]
m a newb.. do you have know of a website that can explain how to use port 25 through telnet to send eamil?? sounds like fun
trey85stang is offline  
post #6 of 10 (permalink) Old 01-12-2004, 11:06 AM Thread Starter
Custom Title
 
Join Date: Apr 2002
Location: Hades who?
Posts: 16,521
Don't know of a website, but just connect to one that has SMTP mail and do ? and help, that's how I figured it out finally. When you first log onto it, you can type

hello or ehlo

and it says Welcome so and so, Pleased to meet you!

When you do the from, you can say any [email protected] you want! It comes back with an OK.
Yellowstang is offline  
post #7 of 10 (permalink) Old 01-12-2004, 01:32 PM
El Camino
 
Stang2be's Avatar
 
Join Date: Sep 2003
Location: in front of the keyboard
Posts: 3,432
thats assuming his smtp server isnt properly configured. all of my exchange boxes I force NT authentication before accepting smtp requests.

2007 Taurus SEL - daily driver
1974 El Camino SS - 400sb

Quote:
Originally Posted by purrrfectstang
Umm.. what is the ID-10T settings?
Stang2be is offline  
post #8 of 10 (permalink) Old 01-12-2004, 07:52 PM
Warden
 
Join Date: Mar 2000
Location: McKinney, TX
Posts: 3,174
How to send emails via a telnet session:

telnet xxx.xxx.xxx.xxx 25 [enter]
hello server.com [enter]
mail from: anyemail address [enter]
rcpt to: email address on the server [enter]
data[enter]
Type in your message
[enter]
. ( thats a period)
[enter]


You can also add subjects and other crap but I usually dont bother.

Stang2be, you force NT authentication on incoming requests? You must not get any email except from people in your own domain.
chris is offline  
post #9 of 10 (permalink) Old 01-12-2004, 10:23 PM
El Camino
 
Stang2be's Avatar
 
Join Date: Sep 2003
Location: in front of the keyboard
Posts: 3,432
sorry forgot to specify that was outgoing smtp.


2007 Taurus SEL - daily driver
1974 El Camino SS - 400sb

Quote:
Originally Posted by purrrfectstang
Umm.. what is the ID-10T settings?
Stang2be is offline  
post #10 of 10 (permalink) Old 01-13-2004, 05:59 PM
Boost is Life
 
DamonH's Avatar
 
Join Date: Dec 2001
Location: Fate, TX
Posts: 4,327
Quote:
Originally posted by Stang2be
sorry forgot to specify that was outgoing smtp.

EXACTLY. Anyone who doesn't lock down outgoing mail is just asking to be abused by Spammers.

DamonH
2006 F150 SCrew
DamonH is offline  
Sponsored Links
Advertisement
 
Reply

Bookmarks

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the DFWstangs Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome