________________________

                          // Creating Unix Accounts \       

                          \\  by the Kryptic Night  /

                          //         and the        \

                          \\   Servants of the      /

                          //        Mushroom Cloud  \

                          \\________________________/

                           \����������������������� 

                   

 

       So, you've hacked the *ROOT* account on some unix system? 

 You have the full power of the unix system at your hands, and you

 want to keep it that way for a long time? Using the root account

 is not the way to do this! This short little file will describe 

 a way that will allow you to keep your access for as long as possible.



 



---------------------------------------------------------------------------



                  - - - Creating Unix Accounts - - -

   First, you need to logon to the Unix system as the root account.

You should be confronted with a '#' or a '&', depending on which 

software the system is run on, and which shell it is under. Don't worry

if it isn't one of these, many sysops like to create their own prompts. 

I've seen some as stupid as 'Hi! Steve! >' to 'Don't forget to backup! >'.



   Set up your settings and check your security, you don't want to be

interrupted by some moronic buffoon who is logged on at the same time as

you...especially if it's the root's other account. To see if someone else

is online, type 'who'. You will be assaulted by a list of users who are 

currently on the system at the same time as you. You should do a 'finger'

to everyone of the users on their, looking for anything suspicious.

If it tells you that he is the root, or sysop, you will want to call back

later. Also, if it is convenient, change your settings to allow for 

backspaces, aliasing, etc.



   Next, you should create your home directory. A home directory is the

location of all your login scripts, your files, and the directory that is

loaded upon login. This should be located in the same directory as all the

legitimate users. If you see a directory with a multitude of names in it, 

odds are it's the user directory. Most often, it is the /usr or /user 

directory. From that directory type. . .



#mkdir XXXXX                    ; Don't type the '#', the XXXX is the name

                                ; of the user's home directory. This can 

                                ; be anything you like, however, try for

                                ; something unsuspicious...a directory like

                                ; /usr/flaming_fag will catch attention



        

  Ok, we got that over with painlessly. Your next step is to go to the

/etc directory.... A simple 'cd /etc' will do. If you do a ls -l, you will

see a file called 'passwd' this is the password file, it is the only one on

the system that is used.  If you 'cat passwd' the file, you will see all

the users able to log on. Here is an example of what a user may look like...



Bendover:iaKJhHkjahfuH:0:0:Asshole:/user/bend:/bin/csh

\______/ \___________/\/\/\_______/\________/ \______/

   1           2       3 4    5         6         7





1 - This is the name of the account used to logon.

2 - This is the encrypted password. If you see something like....

    Bendover::0:0:   it means that this is an account

    that doesn't require a password to logon. Most systems have one

    or two of these for things like netting, maintenance, and guest 

    accounts.

3 - This is the users level. A level of 0 is a superuser.

4 - This is the number of the group the user is in.

5 - This is a short description of the account. This is usually a full 

    name or a position.

6 - This tells where the home directory is located.

7 - This is the default shell to use upon logon. 

    csh - C Shell; sh - Bourne Shell; ksh - Korn Shell

    rsh - Restricted Bourne Shell





  To add a user to the password file, providing you have write access,

you can do several things. The one I will explore is called redirection.

With this method, you can add a new line to the file from the prompt.

To do this you will need to type . . .



#echo XXXXXX::0:0:XXXXX:/XXXX/XXXX:/bin/XXX >>passwd



  You will need to fill in the X's with appropriate information, an example

I've used in the past is....



#echo mikeb::0:0:michael boyd:/usr1/mikeb:/bin/csh >>passwd



  You may choose to use a different group number, it may catch the sysops

attention more if he sees two 0's, versus just one. I've never done this,

but it really shouldn't make a tremendous difference.



  By now you should, if all went well, you should have another user!

Just to verify your work, 'cat' the password file and look for your

name at the bottom of the list. If it isn't their, try again. Make 

SURE you use TWO '>'s, or else you will destroy the passwd file...This

is NOT good.

 

  If everything worked out, logout. Try not to hang up, as this sometimes

hangs the terminal you were logged on as. This may be a bit dangerous if

the terminal connects to the next person who calls, dropping them into the

root accounts shell. Call back in about a minute or so, and logon as the 

user you just created. It shouldn't ask for a 'password:' as you specified 

none. If



it does, then  you probably typed in the name in different caps 

than you typed it into the password file. Remember, caps DO matter. 



  Assuming that you were able to log on, you will now be using your NEW 

account. That's about all that is really necessary. You will want to create

your .login, and your .cshrc files eventually. But for now, you can just copy

them from another user. Use a 'ls -al' in another users home directory to see

if he has a copy of these files. If he does, copy them by 



'cp .login  /XXX/XXXX/.login '



The X's specify your home directory.





                         - - - Conclusion - - -



  This file is obviously slated for the person who is just beginning to learn

Unix, although it is unlikely that a person who can attain a root account is

ignorant of unix, it is easier for EVERYONE to understand like it is. If this

file insults your intelligence, that's your problem. I've seen several people

who have root accounts, know unix fairly well, and still cannot create users.

I've tried to include as much information as I can, but I may have overlooked

something that I think is simple, but may confound you. If I do, tell me, and

I'll try to keep away from it in future releases. I'll also consider updating

this file and re-releasing it. 



-----------------------------------------------------------------------------

            

             - - - Bibliography and Suggested Reading - - -



Unix Use and Security From the Ground Up: by the Prophet in 1986

         This is probably the BEST file I've ever seen on the subject

         of Unix. It is written for the beginner, and contains valuable

         information for the advanced user. The Prophet became a member 

         of Lod/H and is currently serving a sentence of 20 months in

         relation to the big Lod/H bust of '90.

        

Articles on unix trojans and mischief: by Shooting Shark

         Shooting Shark presents some interesting information

         on various ways to commit havoc on Unix systems. You

         can find most of his essays in both Phrack and Lod

         magazines.



Lod/H Tech Journals

         The Legion of Doom/Hackers are perhaps the most skilled

         and knowledgable hackers in the underground society.

         Their 'Tech Journals' describe almost anything you'd ever

         want to know about illegal activities. 



Phrack Magazines

         Phrack is also one of the best sources for information on

         a multitude of subjects, ranging from social engineering, 

         to carding, to making explosives. For those with free time,

         download all of the 32 articles released to date.

         

----------------------------------------------------------------------------



  Thanx go out to Emerikol the Chaotic  for the idea of making this

file, SiD for their quality releases, every SMC member, and all else who 

contribute to the free exchange of information in fascist Amerikkka.



                                                                              

                     |                                                         

                     |                          \                              

                     |       /\/\     /          �\    ���                     

                     |     /      \ /            �  \ A � A                    

  |  /               |/| /        / \            �  /   �  /                   

  |/                   |        <     \          �/     �/  U L T              

  |\ RYPTIC          / |          \     \       /       �\                     

  |  \     /           |            \                   �  \                   

      |\  |            |              \                                        

      | \ |                                                                    

      |  \|IGHT                                                                

     /    `                                                                    

         

                                     





 - Kryptic Night, Data Kult, Lord Logics, Shadow Walker, The Scorpian -

                            Nacht Habicht

















X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X



 Another file downloaded from:                               NIRVANAnet(tm)



 & the Temple of the Screaming Electron   Jeff Hunter          510-935-5845

 Salted Slug Systems                      Strange              408-454-9368

 Burn This Flag                           Zardoz               408-363-9766

 realitycheck                             Poindexter Fortran   415-567-7043

 Lies Unlimited                           Mick Freen           415-583-4102

 Tomorrow's 0rder of Magnitude            Finger_Man           408-961-9315

 My Dog Bit Jesus                         Suzanne D'Fault      510-658-8078



   Specializing in conversations, obscure information, high explosives,

       arcane knowledge, political extremism, diversive sexuality,

       insane speculation, and wild rumours. ALL-TEXT BBS SYSTEMS.



  Full access for first-time callers.  We don't want to know who you are,

   where you live, or what your phone number is. We are not Big Brother.



                          "Raw Data for Raw Nerves"



X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X