------------------------------------- Looking After Your Ass... By, ÅçìÐMêì§TéR ------------------------------------- The first time I rooted a system I was pretty much FUCKED. You see I never did pay attention to all the text files on hiding in a unix system, untill offcourse after that day. Well so I had like rooted a system finally, but the challenge in being an ethical hacker is not just getting root it's keeping it, so heres some hints on keeping safe when you have rooted a system. All files I metion below this point can be found at http://www.lordsomer.com . Once you have rooted a system you have to get zap, this program erases your presence in the log files, to use first compile zap.c -o zap then to erase the log use it as follows ./zap username thats all there is to it. Now that thats done you will want to insure you keep root in the future. Goto the site mentioned above and goto the place where trojans are found get the file that puts a shell on a port, just compile the file as above and run it, making sure to put a ./ in front of the filename. Also a good idea is to place + + in either roots .rhosts file, or if you're smart, put it in every account on the system if no .rhosts file exists then make it. This way you can always rlogin www.victim.com -l username and get in without a password. Yet another good idea is to create another account, but with root priviliges just cd /etc and vi passwd or if the system has a shadowed password file (you should know where it is) vi shadow. See if you can pick a place near the middle of the password file, lets say most usernames are like bwjensen, fbrack, tsmith, mbraun, then make up a username such as tbraun or whatever, just use your imagination. All you have to do is insert this this line into the passoword file. tbraun::0:1::/:/bin/bash Where tbraun is the username the space following it is the password which in this case isnt there. In this case it will allow you to login as tbraun, once you login just type passwd , and put in a secure passowrd. These techniques will only be helpful to ethical hackers , NOT CRACKERS, carckers are the people who break into systems, delete all the files, change the root password , they're also the people you read about in the newspapers, so if you can't figure it out on your own I'll tell you, crackers are the ones that always get caught, so here's a warning, don't be an asshole and wreck havoc, don't mess up systems, because you will only make it worse for yourself when you finally get caught. Instead use your knowledge to gain knowledge, and eventually get a job thats pays $550,000 a year by the way thats not uncommon. Well i need some ideas on what to write about so please send questions, comments, and suggestions to ameister@vol.com. Also visit my webpage for my other text files it's getting to be quite a collection by now. Visit: http://www.vol.com/~ameister DISCLAIMER: This k-rad text file is only for educational purposes only, oh what a shame for all you newbies hehehe. I will not be held responisble for any trouble you get into using this knowledge