******************** Basic Unix Use By Lord Lawless Phortune 500 Board of Directors ******************** March 8, 1987 ------------- This file is basically a brief introduction and overview for the beginning hacker to the Unix operating system. All information contained herein is accurate to the extent of my knowledge. This file is intended for inform- ational purposes only and the author (Lord Lawless) is in NO way responsible for the use of this file for purposes other than the aforementioned. Part I: What is Unix? ---------------------- Unix is an operating system, so designated because it allows a user to interface with a computer in a way that is (hopefully) easy for the user to learn and use. Unix can be known by other forms, PC-Unix, Xenix, etc., but they all basically are the same (with slight differences this file won't go into) and use the same commands. Unix is a wonderfully simple to use OS once you begin, and while this file will help you I recommend that you find a Unix system somewhere and wander around on it to help yourself to learn. To put this more formally: The UNIX system is a set of programs that include a time-sharing operating system and a set of utility programs. The operating system has two basic parts: 1) The kernel is the program in the UNIX operating system that is responsible for most operating system functions. It schedules and manages all the work done by the computer and maintains the file system. It is always running, and is invisible to users. 2) The shell is the UNIX operating system program responsible for handling all interaction between users and the computer. It includes a powerful command language called "shell language"*. The utility programs (usually called UNIX commands) are executed through the shell, and allow users to communicate with each other, to edit and manipulate files, to write and execute programs in several programming languages, and many other things. Part II: Recognizing a Unix system ------------------------------------- When you connect to a Unix system you will see a message usually like "AT&T Unix: Unauthorized use will be Prosecuted!" or just "Unix System V" or the like. At the least you will see a prompt saying "login:". At this point, if possible, make sure that you are in lowercase, because if the computer det- ects that you are typing in uppercase everything you read after will be in uppercase with lowercase denoted by a \ in front of the word. This is because Unix is case sensitive, so be careful, reading lowercase is much easier than reading all uppercase and slashes. Ok, so here you are at the Unix "login:" prompt. Part III: Logging on --------------------- At this point you must enter your login, and then, if the account ( never more than 14 characters) has one, the password. Now, all Unix systems have default accounts, and unless set by the Root System Operator no passwords. This has been the means of infiltration by many the Unix hacker. There are two types of accounts in a Unix, the "super user" and the "user". The super user has access to almost everything (or everything depending on the system) and the user basically has access to the files he owns and what he can sometimes read. The default super user accounts on a unix are: ROOT MAKEFSYS MOUNTFSYS UMOUNTFSYS CHECKFSYS and sometimes ADMIN SYSADMIN. For passwords to these try things like SYSTEM, SYSMAN, SYSADMIN, ADMINISTRATOR, OPERATOR, SYSOP, etc. The default user-level accounts are: LP DAEMON TROUBLE NUUCP UUCP RJE ADM SYSADM SYNC BIN (Note: These accounts should be entered in lower case , I merely wrote them in upper case for easier reference.) After being on Unix's, I have also seen the following common accounts: USER UNIX GAMES GUEST STUDENT -on school run Unix's. The maximum length of a password is 11 characters. After doing all this you should, with luck, be in! If you couldn't hack anything out, try typing "WHO" at the login: prompt, it may list all the user accounts and you can try them until you find one without a password. Part IV: You're in!!! ---------------------- Congratulate yourself, the hardest part of Unix "hacking" is over. Ok, now that you're in you'll see a prompt which will probably look like "$" for a user account or "#" if you got lucky and got a super user account. (Quick note, to stop a unix process in action try typing ctrl-d or control backspace, these are the end of file/Stop process keys.) Ok, so you are now in. Let me give a quick lesson on Unix directories. In Unix, the root is the main directory, and it contains subdirectories which may contain subdirectories etc. In order to change to the root directory, one would type "cd /". This is because "cd" is the command "change directory" and "/" is the root directory. To change to subdirectory "Bill" contained in the root directory, you would type "cd /Bill" or, if you were in the root dir, just "cd Bill". If you wanted to access Bill's files, you'd enter "cd /Bill/files" assuming Bill had a subdir called files where he kept his files. This is how a person would move around in a Unix sys. Graphically, it looks like this: Root __________!!_________ !! __Bill__ !! __Files__ Part V: Basic Commands ----------------------- Ok, these commands are the most useful ones that I've found and can are entered from the prompt. Command:What it does -------------------- ls gives a listing of all files in a directory cat gives a dump to screen of what is contained in a file. For instance "cat phones" would show me what is in file "phones". cd change directory pwd shows what directory path you are in now ps shows system processes rm remove a file, for instance "rm phones". rmdir removes a directory, for instance "rm Bill". grep print ascii strings in a file, ie "grep phones" who shows who's on the system mail sends mail to a user, syntax mailsu change from 1 account to another. For instance, if you are account Bill and wish to change to account Jake (which is unpassworded) just type "su Jake" and you will change to him. If Jake has a password you will be prompted to enter it. This is useful for loggin in under a user account and switching later to a super user account. passwd allows a user to change his password. If you are a superuser you can change someone elses password by typing "passwd ". mkuser make a user (providing you are a super user) mkdir create a directory More Information about Commands ------------------------------- The following are more of the most basic Unix commands. cat cd chmod cp cut date echo egrep fgrep file find glossary grep help ln locate ls mail mesg mkdir mv news pr ps pwd rm sleep sort starter stty tabs tail tee time touch tty uname usage wall wc who write Using the Command: mkdir Syntax Summary: mkdir dir_name1 [ dir_name2 ...] where: dir_names are simple subdirectory names, relative pathnames, or full pathnames Description: mkdir creates one or more new directories. If mkdir is given a simple name as an argument, the new directory will be a subdirectory of the current directory. You can make new directories anywhere in the file system by giving mkdir a complete or relative pathname for the new directories, if you have permission to write in the directory where the new directory is to be created. Ok, those are the basic commands you will need to go around in the system. Part VI: Useful Information ---------------------------- A great place to go to get information on who is on the system and what accounts you can use to get on again is contained in the file "passwd" in the "etc" directory. To look at it, cd etc, and then cat passwd. The first entry should say something like this: root:adfaBADca:0:1:Operator:/:/bin/sh what this means is that the root account has an encrypted password, has super- user capabilities (any user with a 0 in that slot is a super user) is in group 1 (relatively unimportant for this file), has a comment of Operator (this may be blank), has a home directory of / (the root) and uses the Bourne Shell, kept in the /bin directory. You will then see all the other users listed out in the same format. If you see an account followed by two colons, that means that it has no password. You want these accounts so that you can log in under them another time. If you get real lucky you may see something like this: makefsys::0:1:/bin:/bin/sh meaning that you have found a super user account with no password, a very useful item indeed. Another good place to look is the /usr/spool dir and the /usr/spool/cron/crontabs dir because if you are a super user that dir contains much that will be useful to you. In order to move up to a directory one level higher than you are presently in, type "cd ..". So to move from /Bill/files to /Bill I would just type cd .. and, assuming I started in /Bill/files I would now be in /Bill. Ok, now you can wander the system "cat"'ing around and whatnot. If a file doesn't "cat", try just typing it's name, that will execute it if you have the privileges. Try typing "admin" or "ua" if you are a superuser nad maybe you'll be able to create users or other interesting things. You may not be able to cat a file or run it because you lack access permissions. What are they? Read on! Access Permissions ------------------ access permissions: permissions: mode: owner: owner/group/others: read/write/execute As the user of a UNIX system, you can decide who can read, write, and execute the files and directories that you own. You are usually the owner of files and directories that you have created in your login directory and in the "subdirectories"* in your login directory. You may also own files in other peoples' directories. You control the use of your files and directories by specifying the access permissions, also called the mode, for each. You can specify different access permissions for yourself, your "group"*, and the other users of the system. Permission to read allows the user to read the contents of the file. Write permission allows the user to change the file and execute permission enables the user to execute the program within the file. ls -l prints the access permissions for each file and directory in the current directory. The sample listing below shows the mode of the file (preceded by a -), the number of "links"*, the owner, the "group ID"*, the size in characters, the date and time the file was last modified, and the "filename"*. -rwxr-x--x 1 sandy 12345 128 Oct 9 9:32 lock If this were a listing for a directory, the hyphen (-) would be replaced by the letter d. The owner of the file "lock" can read, write and execute the file, the group can read and execute it, and the others can only execute it. You can change the mode of your files and directories by using the change mode command, chmod. Other interesting places to look are in the directories assigned to the users on the Unix system, often their files will contain some useful information. Also try going into the /uucp directory or looking for any uucp dir anywhere as it may contain phone numbers to other Unix systems or other "goodies". The *: asterisk --------------- In the shell, an asterisk matches any "string"* of characters in a "filename"* on a command line. The command rm temp* removes all files from the current working directory that begin with the string "temp". Files like "temp", "temp1", "temp.1", and "temp.save" would all be deleted. An asterisk alone matches any filename in the current working directory except those beginning with "dot (.)"*. For example, rm * removes all the files in your directory except for the dot (.)files. Finally, typing help at the unix prompt may bring up a help manual that is usually quite well done and will help you if you are stuck or wish to explore in more depth the commands I didn't go into. Hmm, what else? I can't think of much more right now that would help you much more, in this file I think I've covered everything that should get you well on your way towards becoming a unix hacker. Once you've got this, start reading files on "Unix Shells", "Scripts", and ask around A LOT. Ah, I just remembered something. To get help on a command, type "man " or "whatis " and you may find out. Also, a lot of Unix's have a built in Help feature somewhere, try to get to it. Part VII: A Few Final Words ---------------------------- If you manage to get onto a Unix system, don't screw it up. Unix is a great operating system, and fun to learn on and have other people learn on. Don't become a superuser and delete everything or other things, it's just not worth it. Also, don't make a use called "Hacker" or "Shadow 1" or something, that's a blatant giveaway. Put an account a little out of the way directory, and create user level accounts if you must, and perhaps just 1 super user level. I can't think of much more to say on the basics, though I probably left some important things out....nobody's perfect. I hope you enjoyed the file and I can be found on the following boards: The Private Connection The Undergraduates Lounge Quick Shop Phreak Klass 2600 The Brewery The Works Slaughterhouse 5, Holovision Network Node 1 Spock's Brain Special Thanks to: The Prophet, for his excellent file: Unix Use and Security From the Ground Up. The End, good luck, enjoy yourself, and don't get caught! Lord Lawless Phortune 500/BOD --This has been a Lord Lawless Presentation, (C) 1987.-- u are a super user that dir contains much that will be useful to you. In order to move up to a directory one level higher than you are presently in, type "cd ..". So to move from /Bill/files to /Bill I would just type cd .. and, assuming I started in /Bill/files I would now be in /Bill. Ok, now you can wander the system "cat"'ing around and whatnot. If a file doesn't "cat", try just typing it's name, that will execute it if you have the privileges. Try typing "admin" or "ua" if you are a superuser nad maybe you'll be able to create users or other interesting things. You may not be able to cat a file or run it because you lack access permissions. What are they? Re