Aww man no Unix Bash shell sig

[Nikolia]

$ open 206.47.32.7
connecting....
   Login: Nikola
   Password:  *****

$ Connected Welcome to 1334 shell, have fun =)
$ ./NTC
$ Now scanning....
$ Shadow File found...
$ Re83Nk47T49D74Lh4s2rR $ su root
$ password:                          
$
$whoami
$root
$ cd ..
$ cd root
$ vi bash.rc

echo \"Connected Welcome to 1334 shell, have fun =)\"
Q>
$
$ vi bash.rc
echo \"welcome to lame-box, have a nice day =0\"
>W

$ passwd
$ Enter new root password> ***********
$ Again> **********
$ rm -rf .bash_history
$ logout


most of it I made up... but I wanted it for my sig ohwell

[Moogie]

Um.... riiiight... does this thread have a point, or an understandable meaning?

[Nikolia]

you see he logs into he\'s bash shell (bsh)
he connects to 206.47.32.7
he puts in hes username/pass
He runs NTC (Nikola The Cracker)
He find the shadowed password cracks it.
He Sus to root (logs into root)
he does the whoami command to make sure hes in root
He Travels to the systems bash.rc file then he changes the message from \"Connected Welcome to 1334 shell, have fun =) \" to \"\"welcome to lame-box, have a nice day =0\"

He then changes the root password
He deletes the log file, then he logs out

...weee I guess I was just bored, and I felt like putting a creative mind to use

[Annah]

Ok, never dare to call me  crazy again 0.o

[SirJunkie]

C:\\>wtf
Ok
C:\\>

[Myrtl]

Thats WAY too big to put in your sig!! Youd get it taken off it you did. But you could change the size of it...but even then it would be too big.

[Androgos]

Ok, just let me take this :

1. The standard telnet console doesn\'t use $, but maybe you use customize software?
2. Whoami isn\'t really requierd to use to see if you\'re root, since the console sign changes to a # IIRC, which it btw doesn\'t do in your sign thing
3. Why do all the program send its output to the bash shell (noticed by that every line have a $)?
4. Why not delete connection logs?
5. Isn\'t the passwords MD5 hashed? So it would generaly take long time to crack. But since you don\'t have any timestamps, I guess it maybe were there in.. well.. about 1 day - 4 weeks or so?
6. What\'s the point of all this?

Thanks for me

[Shadowfalcon]

C:\\DOS>
C:\\DOS>run
Bad command or file name. User is incompetent. Please replace user.

[Seytra]

Originally posted by Androgos
Ok, just let me take this :

1. The standard telnet console doesn\'t use $, but maybe you use customize software?
2. Whoami isn\'t really requierd to use to see if you\'re root, since the console sign changes to a # IIRC, which it btw doesn\'t do in your sign thing
3. Why do all the program send its output to the bash shell (noticed by that every line have a $)?
4. Why not delete connection logs?
5. Isn\'t the passwords MD5 hashed? So it would generaly take long time to crack. But since you don\'t have any timestamps, I guess it maybe were there in.. well.. about 1 day - 4 weeks or so?
6. What\'s the point of all this?

Thanks for me

Not to mention that if you\'re stupid enough to give any non-root user read-access to the shadow file, you just deserve to be hacked. Also if you allow users to execute stuff that you did not put on the system, i.e. if you do not mount the /home and /temp folders \"noexec\".

# rm -Rf /

[Shadowfalcon]

all very good points. So what was the point of this thread?

[Seytra]

I think the point is that Nikolia just found out that the sig may not contain one page of text (which shouldn\'t surprise anyone, but anyway), and wanted to share this discovery with us...

[Nikolia]

Lol Androgos, I Knew some one was going to catch me out..
but honestly I did\'nt think anyone here was that advanced
and yeah I wrote it at 3am while I was doing something else.
I just guess I was bored and I wanted to share it.
Alot of things dont make sence in that strange shell lol

I know lets all worked together to fix it!

[Annah]

Somebody shoot him fast, until he\'ll start infecting the whole system 0.o
 * runs and hides *

[Androgos]

Originally posted by Nikolia
but honestly I did\'nt think anyone here was that advanced

Hey, we are only programming one of the most advanced game types there is

[hook]

it DID look suspicious to me ...or at least not bash-y at all ...but i didn\'t even think it worth commenting - i thought this thread got locked?

[edit by hook]
erm ...you need to be advanced to tell a bash shell from a wierd thing?
[/edit]