Re: [Full-Disclosure] Idea
From: gregh (chows_at_ozemail.com.au)
To: "Elvedin" <email@example.com>, <firstname.lastname@example.org> Date: Sat, 23 Aug 2003 09:40:49 +1000
> ----- Original Message -----
> From: Elvedin
> To: email@example.com
> Sent: Friday, August 22, 2003 9:29 AM
> Subject: Re: [Full-Disclosure] Idea
> Well, if all shells are removed and roots and other users shell is changed
> to /bin/false, you wont be able to install another shell. How would you
> interface with the system? NO SHELL!
Many years ago on a learning curve far, far away, I used to use an Amiga on the net. It had an interesting thing it did with a certain Internet setup that not a lot of people used. You could configure ports to do whatever when accessed and if you didnt actually type in a port number that could be accessed, it wouldnt open.
So, while wondering what it was that hackers actually did and having no clue at all about it, I decided it would be fun to watch them. I went through my config entries and added voluminous numbers of ports at random and linked them to a shell. The shell could also be configured and I configured it to do absolutely nothing other than act more or less like a dcc chat prior to me knowing they even existed. I guess this was somewhere around 1992. I went online and toured a few IRC channels, just popping in, saying a "hello, newbie here" and then waiting to be kicked off channel etc, which happened a lot when you typed something like that. ;-} Naturally, there were some who decided to look in on me as I wasnt hiding a thing from anyone. The truth is I didnt know how to even if I wanted to anyway and this was an Amiga with less chance of me finding someone who may know who knew Amiga. So, while I did this, I would get people connect to those ports I had opened and the shell would !
pop up on my desktop and they would start typing. Most often, the first command was for a list of files, sometimes a format command and so on. Obviously none of this worked but sometimes they would do interesting things. In the end, I would type "hello" to them and get a lot of people just cut the connection and some, amused, start typing back.
Now all that is a nice story and old now, anyway but the point is, surely there is *SOMEONE* on this list who is a competent enough programmer to write a "cmd" or "command" if you like that Windozers use that can be shoved in the correct dir and just do what that old Amiga shell did for me even allowing a > to a log file or whatever. One that basically does nothing or maybe appears to do nothing but attempts to trace the open connection. I know I cant do that. I was only ever a mediocre programmer. Maybe that would be something to help this "idea" along?
Full-Disclosure - We believe in it.