Nadav Samet's Blog » linux http://www.thesamet.com Because everyone needs a blog Sat, 07 Aug 2010 21:58:38 +0000 en hourly 1 http://wordpress.org/?v=3.3 How to Gain Root Access on SunOS (a 1-day exploit) http://www.thesamet.com/blog/2007/02/12/how-to-gain-root-access-on-sunos-a-1-day-exploit/ http://www.thesamet.com/blog/2007/02/12/how-to-gain-root-access-on-sunos-a-1-day-exploit/#comments Mon, 12 Feb 2007 21:54:12 +0000 thesamet http://www.thesamet.com/blog/2007/02/12/how-to-get-root-access-on-sunos-a-1-day-exploit/ Continue reading ]]> If you happen to find a Sun Solaris server with a telnet daemon running, it is very likely that you can get superuser access on it by just typing:

$ telnet -l "-froot" server

where server is the server name. I was able to confirm this on a Solaris server nearby.

It’s amazing to see that this one was overlooked for SO much time, and how using this exploit does not require any skill whatsoever. If root logins through telnet are disabled, you may still be able to login as any other user (think sysadmin’s user account + keystroke recorder)

While the telnet port is usually blocked to servers on the internet, it is quite common that it is left open inside local networks, and especially in universities. So go ahead and look for Solaris rootkits — the exam period is just over the corner :)

Source: Errata Security blog.

]]> http://www.thesamet.com/blog/2007/02/12/how-to-gain-root-access-on-sunos-a-1-day-exploit/feed/ 0 Efficient Editing In The Command Line: Part 1 http://www.thesamet.com/blog/2006/12/12/efficient-editing-in-the-command-line-part-1/ http://www.thesamet.com/blog/2006/12/12/efficient-editing-in-the-command-line-part-1/#comments Tue, 12 Dec 2006 22:31:29 +0000 thesamet http://www.thesamet.com/blog/2006/12/12/efficient-editing-in-the-command-line-part-1/ Continue reading ]]>
If you are like me, spending a lot of time in the command line, you might be looking for ways to edit the command lines more efficiently. Many interactive UNIX programs implement line editing by using GNU’s readline library. This means that all these programs, which include the different shells, Python and many others, offer the same set of keyboard shortcuts. Mastering these shortcuts is worthwhile, since you’ll be able to use them over and over again in many places.

Moving around quickly

The most basic part is to move to the place you want to edit quickly. Here are the most useful shortcuts:

  • Ctrl-a – Move to the start of the line.
  • Ctrl-e – Move to the end of the line.
  • Alt-f – Move forward a word.
  • Ctrl-f – Move forward a char.
  • Alt-b – Move backward a word.
  • Ctrl-b – Move backward a char.

Another very common shortcut is Ctrl-L which clears the screen and reprints the current line at the top. This is useful if you are organizing your movies library and somebody enters the room.

Cut, Paste and Undo

Here is the list of most useful shortcuts for deleting text:

  • Ctrl-w – Deletes from cursor position to the previous whitespace.
  • Ctrl-k – Deletes from cursor position to the end of the line.
  • Ctrl-d – Deletes from current character.
  • Ctrl-u – Deletes from whole line.
  • Alt-d – Deletes from cursor position to the end of the current word.
  • Alt-DEL – Deletes from cursor position to the start of the current word.

The deleted text can be pasted (yanked) using Ctrl-y. You can use Ctrl-_ or Ctrl-X-U to undo the last editing command.

Summary

This covers the essentials. On the next parts of this series we’ll explore the more powerful abilities of readline. Feel free to leave here questions, suggestions, or perhaps your own tips and tricks.

]]> http://www.thesamet.com/blog/2006/12/12/efficient-editing-in-the-command-line-part-1/feed/ 5