________________________
// Creating Unix Accounts \
\\ by the Kryptic Night /
// and the \
\\ Servants of the /
// Mushroom Cloud \
\\________________________/
\�����������������������
So, you've hacked the *ROOT* account on some unix system?
You have the full power of the unix system at your hands, and you
want to keep it that way for a long time? Using the root account
is not the way to do this! This short little file will describe
a way that will allow you to keep your access for as long as possible.
---------------------------------------------------------------------------
- - - Creating Unix Accounts - - -
First, you need to logon to the Unix system as the root account.
You should be confronted with a '#' or a '&', depending on which
software the system is run on, and which shell it is under. Don't worry
if it isn't one of these, many sysops like to create their own prompts.
I've seen some as stupid as 'Hi! Steve! >' to 'Don't forget to backup! >'.
Set up your settings and check your security, you don't want to be
interrupted by some moronic buffoon who is logged on at the same time as
you...especially if it's the root's other account. To see if someone else
is online, type 'who'. You will be assaulted by a list of users who are
currently on the system at the same time as you. You should do a 'finger'
to everyone of the users on their, looking for anything suspicious.
If it tells you that he is the root, or sysop, you will want to call back
later. Also, if it is convenient, change your settings to allow for
backspaces, aliasing, etc.
Next, you should create your home directory. A home directory is the
location of all your login scripts, your files, and the directory that is
loaded upon login. This should be located in the same directory as all the
legitimate users. If you see a directory with a multitude of names in it,
odds are it's the user directory. Most often, it is the /usr or /user
directory. From that directory type. . .
#mkdir XXXXX ; Don't type the '#', the XXXX is the name
; of the user's home directory. This can
; be anything you like, however, try for
; something unsuspicious...a directory like
; /usr/flaming_fag will catch attention
Ok, we got that over with painlessly. Your next step is to go to the
/etc directory.... A simple 'cd /etc' will do. If you do a ls -l, you will
see a file called 'passwd' this is the password file, it is the only one on
the system that is used. If you 'cat passwd' the file, you will see all
the users able to log on. Here is an example of what a user may look like...
Bendover:iaKJhHkjahfuH:0:0:Asshole:/user/bend:/bin/csh
\______/ \___________/\/\/\_______/\________/ \______/
1 2 3 4 5 6 7
1 - This is the name of the account used to logon.
2 - This is the encrypted password. If you see something like....
Bendover::0:0: it means that this is an account
that doesn't require a password to logon. Most systems have one
or two of these for things like netting, maintenance, and guest
accounts.
3 - This is the users level. A level of 0 is a superuser.
4 - This is the number of the group the user is in.
5 - This is a short description of the account. This is usually a full
name or a position.
6 - This tells where the home directory is located.
7 - This is the default shell to use upon logon.
csh - C Shell; sh - Bourne Shell; ksh - Korn Shell
rsh - Restricted Bourne Shell
To add a user to the password file, providing you have write access,
you can do several things. The one I will explore is called redirection.
With this method, you can add a new line to the file from the prompt.
To do this you will need to type . . .
#echo XXXXXX::0:0:XXXXX:/XXXX/XXXX:/bin/XXX >>passwd
You will need to fill in the X's with appropriate information, an example
I've used in the past is....
#echo mikeb::0:0:michael boyd:/usr1/mikeb:/bin/csh >>passwd
You may choose to use a different group number, it may catch the sysops
attention more if he sees two 0's, versus just one. I've never done this,
but it really shouldn't make a tremendous difference.
By now you should, if all went well, you should have another user!
Just to verify your work, 'cat' the password file and look for your
name at the bottom of the list. If it isn't their, try again. Make
SURE you use TWO '>'s, or else you will destroy the passwd file...This
is NOT good.
If everything worked out, logout. Try not to hang up, as this sometimes
hangs the terminal you were logged on as. This may be a bit dangerous if
the terminal connects to the next person who calls, dropping them into the
root accounts shell. Call back in about a minute or so, and logon as the
user you just created. It shouldn't ask for a 'password:' as you specified
none. If
�
it does, then you probably typed in the name in different caps
than you typed it into the password file. Remember, caps DO matter.
Assuming that you were able to log on, you will now be using your NEW
account. That's about all that is really necessary. You will want to create
your .login, and your .cshrc files eventually. But for now, you can just copy
them from another user. Use a 'ls -al' in another users home directory to see
if he has a copy of these files. If he does, copy them by
'cp .login /XXX/XXXX/.login '
The X's specify your home directory.
- - - Conclusion - - -
This file is obviously slated for the person who is just beginning to learn
Unix, although it is unlikely that a person who can attain a root account is
ignorant of unix, it is easier for EVERYONE to understand like it is. If this
file insults your intelligence, that's your problem. I've seen several people
who have root accounts, know unix fairly well, and still cannot create users.
I've tried to include as much information as I can, but I may have overlooked
something that I think is simple, but may confound you. If I do, tell me, and
I'll try to keep away from it in future releases. I'll also consider updating
this file and re-releasing it.
-----------------------------------------------------------------------------
- - - Bibliography and Suggested Reading - - -
Unix Use and Security From the Ground Up: by the Prophet in 1986
This is probably the BEST file I've ever seen on the subject
of Unix. It is written for the beginner, and contains valuable
information for the advanced user. The Prophet became a member
of Lod/H and is currently serving a sentence of 20 months in
relation to the big Lod/H bust of '90.
Articles on unix trojans and mischief: by Shooting Shark
Shooting Shark presents some interesting information
on various ways to commit havoc on Unix systems. You
can find most of his essays in both Phrack and Lod
magazines.
Lod/H Tech Journals
The Legion of Doom/Hackers are perhaps the most skilled
and knowledgable hackers in the underground society.
Their 'Tech Journals' describe almost anything you'd ever
want to know about illegal activities.
Phrack Magazines
Phrack is also one of the best sources for information on
a multitude of subjects, ranging from social engineering,
to carding, to making explosives. For those with free time,
download all of the 32 articles released to date.
----------------------------------------------------------------------------
Thanx go out to Emerikol the Chaotic for the idea of making this
file, SiD for their quality releases, every SMC member, and all else who
contribute to the free exchange of information in fascist Amerikkka.
|
| \
| /\/\ / �\ ���
| / \ / � \ A � A
| / |/| / / \ � / � /
|/ | < \ �/ �/ U L T
|\ RYPTIC / | \ \ / �\
| \ / | \ � \
|\ | | \
| \ |
| \|IGHT
/ `
- Kryptic Night, Data Kult, Lord Logics, Shadow Walker, The Scorpian -
Nacht Habicht
X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X
Another file downloaded from: NIRVANAnet(tm)
& the Temple of the Screaming Electron Jeff Hunter 510-935-5845
Salted Slug Systems Strange 408-454-9368
Burn This Flag Zardoz 408-363-9766
realitycheck Poindexter Fortran 415-567-7043
Lies Unlimited Mick Freen 415-583-4102
Tomorrow's 0rder of Magnitude Finger_Man 408-961-9315
My Dog Bit Jesus Suzanne D'Fault 510-658-8078
Specializing in conversations, obscure information, high explosives,
arcane knowledge, political extremism, diversive sexuality,
insane speculation, and wild rumours. ALL-TEXT BBS SYSTEMS.
Full access for first-time callers. We don't want to know who you are,
where you live, or what your phone number is. We are not Big Brother.
"Raw Data for Raw Nerves"
X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X