Date: October 5, 2007. Categories:
shell.
Welcome to Linux Screw! If you're new here, you may want to subscribe our RSS feed.
Well known security expert H.D. Moore published entertaining article on how to make your Apple iPhone to be a hacking platform…
Having a network-enabled root shell in my pocket is great, but being able to pop a root shell on someone else’s iPhone is even better. A few things to keep in mind:
Every process runs as root. MobileSafari, MobileMail, even the Calculator, all run with full root privileges. Any security flaw in any iPhone application can lead to a complete system compromise. A rootkit takes on a whole new meaning when the attacker has access to the camera, microphone, contact list, and phone hardware. Couple this with "always-on" internet access over EDGE and you have a perfect spying device.
Read more…
Share This
ipcad is IP accounting daemon with Cisco-like ip accounting export. It runs in background, listens traffic on the specified interfaces, and records the traffic for later retrieval and analysis.
Here is a piece of shell code that allows to export ipcad output into sqlite3 database format:
echo "create table traffic (src, dst, pkt, bt);" | sqlite3 /tmp/throttle.db
rsh 127.0.0.1 show ip accounting | grep "^ " | grep -vi source | awk \
'{print"insert into traffic values (\""$1"\",\""$2"\",\""$3"\",\""$4"\");"}' \
| sqlite3 /tmp/throttle.db
To make this working ipcad should be configured not to capture ports and to enable rsh service. In my case ipcad has the following settings set in ipcad.conf:
capture-ports disable;
interface eth0;
rsh enable at 127.0.0.1;
rsh 127.0.0.1 admin;
rsh ttl = 3;
rsh timeout = 30;
pidfile = /var/run/ipcad.pid;
memory_limit = 100m;
and output (rsh 127.0.0.1 show ip accouting) is like:
192.168.0.7 192.168.0.1 113241 166387462
192.168.0.1 192.168.0.7 72117 4282846
192.168.0.77 66.235.184.245 2448 821095
66.235.184.245 192.168.0.77 3995 697371
The main problem is that it sqlite3 is rather slow and it takes eleven (11!!!) seconds to export 1000 entries of ipcad’s output into database. This was got at PC with 1.4Ghz CPU and 512Mb RAM.
If anybody knows how to get it faster, PLEASE LET ME KNOW! Thanks.
Information Improvisation: Traffic Engineering Server is new Solution for Bandwidth Management and QoS. It’s especially suitable for Broadband ISPs and SMEs.
Share This
Sometimes it’s necessary to create Linux user accounts in batch mode (fully automatic) but often newbies ask how to set password for a new user without entering it manually. Thanks to heaven command useradd can get password as an input parameter, but it should be encrypted.
In other words, to create Linux user account with password the following command will be useful:
useradd -m -p encryptedPass username
I know at least two ways to get password encrypted. The first one is to use perl crypt(); function:
perl -e 'print crypt("password_to_be_encrypted", "salt"),"\n"'
which will give you an output sa3tHJ3/KuYvI.
The second way (more simple) is to use command:
openssl passwd password_to_be_encrypted
Share This
Unix and Linux GNU coreutils command paste can be useful to merge corresponding or subsequent lines of files. Here is simple example of it’s usage:
viper@viper-laptop:~$ cat /tmp/test
pop
pop1
pop2
viper@viper-laptop:~$ cat /tmp/test1
1
2
3
4
viper@viper-laptop:~$ paste /tmp/test /tmp/test1
pop 1
pop1 2
pop2 3
4
Share This
I found using of Unix time to be very useful in various shell scripts and here are two simple commands to convert Unix/Linux date command to Unix time format and back to regular formating:
To convert Unix time to simple (regular) time please use:
date -u --date="1970-01-01 1187769064 sec GMT"
where 1187769064 is input Unix time. The output will be: Wed Aug 22 07:51:04 UTC 2007
To get Unix time seconds from regular one format just use:
date --date="Wed Aug 22 07:51:04 UTC 2007" +%s
where Wed Aug 22 07:51:04 UTC 2007 is input regular time. The output will be: 1187769064.
Update: another way to convert Unix time into regular date is to use the following command date -d @1187769064 (thanks to Mattias Lindvall), that is tested in Ubuntu and Fedora.
Share This
There are two commands that may help you to find where executable binary is located regardless it’s Unix or Linux system. They are whereis and type. First locates source/binary and manuals sections for specified files and second tells what exactly shell executes when you type a certain command.
The next picture shows examples of these commands work.
Share This
Recent Ideas