===============================================================================

                                 ------------

                                 Unix Nasties

                                 ------------

                               By Shooting Shark



                           Written on April 3, 1986

===============================================================================



Summary:  Methods of sabotaging your favorite Unix system.



Preface:  I do not advocate utilizing ANY of the methods I put forth in this

          file.  Unix is a cool operating system, perhaps one of the best

          systems ever designed in many respects.  If you have access to a Unix

          system, you should LEARN UNIX AND LEARN C, because that is where the

          money is in the computer world.  However, Unix is a relatively

          insecure operating system which is easy to fuck up. This file

          explains a few ways of doing so.



Crash The System

----------------

Unix has no built-in provision for the maximum amount of disk space allowed per

user.  Thus, one user can grab all the disk space on the system and effectively

prevent anyone else from writing to the disk.  A simple way of grabbing all the

disk space is to create subdirectory after subdirectory until it is no longer

possible.  Here are a few ways of doing it.



1>  Create a file with the following lines:



mkdir subdir

cd subdir

source /u1/mydir/crash



    Call it crash.  The last line ("source /u1/mydir/crash") should be altered

    so that it will look for the file in your directory.  If your directory is

    /u3/students/jeff, the last line should say "source

    /u3/students/jeff/crash". After you write the above file, type:



% source crash



    and wait...within a few minutes the program will abort because it won't

    have any more room on the disk.  Neither will anyone else.



2>  Here's a more elegant way of doing the same thing.  Create this "endless

    loop" shellscript:



while : ; do

mkdir subdir

cd subdir

done



    and then "source" the file.  If you are in the "sh" shell (if you are, you

    will probably have a "$" prompt) you can type "while : ; do" from the $

    prompt.  You will then get a > prompt.  Type the next three lines and sit

    back.



3>  If you'd like to set the process in motion and hang up, and the file is

    called crash, type:



% nohup source crash &



    and log off.  This will start it as a background process, allowing you to

    log off.  However, log off QUICKLY, since if you used the first example for

    your crash file, it will also eat up background processes like crazy which

    will also fuck up the system to some extent.  Which brings us to...



Slow Down The System Immensely

------------------------------

There are many ways of doing this, the method being creating a sufficiently

large number of background processes.   Here's one specific example.  Create a

file called "slow1" with the following lines:



w &

source slow1



create a file called "slow2" with:



source slow1 &

source slow2



and execute slow2 with



% slow2

or

% slow2 &



This will create 25 background processes, each one running 25 background

processes.  The system will hardly move after you've got each one running.



Messing Up A Directory

----------------------

Many file-handling commands use "-" options.  Create a file with a "-" at the

beginning of its name by doing this:



cat > -filename



[now type a few lines, maybe something rude like "ha ha you can't delete this

file".]  Type a ^D (control-d) to end input.  You now have a file called

-filename in your directory.  It will be VERY difficult to remove this file.

If you were to try rm (remove) -filename or mv (rename) -filename, the rm or mv

program would interpret -filename as an option, not a file, and would give you

an error message telling you that -filename was not a valid option...thus, the

file stays there obnoxiously.



Create a couple of hundred files with "-" as the first characters in their

names...it will be a royal pain for the person who is blessed with these new

files, and they will probably just have to get a new login.



Conclusion



The use of any of these techniques is quite irresponsible, and if anyone did

this to my Unix system, I'd be quite pissed.  That is why I strongly recommend

that you never use these tricks.



So Long,

Shooting Shark



"Some people have a bad attitude, and I say, if they want to act tough, beat

'em up!" -  Blue Oyster Cult

-------------------------------------------------------------------------------

For more information on UNIX sabotage and cracking, see the following articles:



Ritchie, Dennis M. [he wrote Unix] "On the Security of UNIX."  Programmers

Manual for UNIX System III Volume II.  Supplementary Documents.



Filipski, Alan and Hanko, James.  "Making UNIX Secure."  BYTE Magazine, April

1986, pp 113-128.

===============================================================================