TUCoPS :: Unix :: General :: bashhist.txt

.bash_history

  .bash_history by anonymous

  A simple way of getting accounts, even though its unpratical and should be
  used as a last resort, is to look at users .bash_history and .history files
  that are stored in their $HOME. It is suprising how easy it is to access other
  people's private information by looking at their logs. By default any file 
  thats been created by the user is set chmod 744, this lets anyone read the 
  file if they have the same group privledges as that user. Same goes when a
  new user first logs in, the /etc/skel files are copied to their home and 
  .bash_history will be created when the user logs in next time, assuming its
  a bash shell (Bourne Again). Inside the .bash_history you might be lucky 
  enough to find some typo's of passwords, heres some examples of what you
  might want to look for:

    aloc:/home/victom# cat .bash_history
    tenlet whitehouse.gov /* mis spelt */
    telnet whitehouse.gov
      :
    cat /etc/passwd
    ls
    cd ..
    more /var/log/messages
      :
    login Lewinsk1        /* login as user Lewinsk1 */

  If there are many users on the system you may want to use grep:

    aloc:~# grep telnet /home/*/.bash_history | more
    /home/victom1/.bash_history:telnet whitehouse.gov
    /home/victom2/.bash_history:telnet
    /home/victom3/.bash_history:telnet fed.gov.au

  If your looking for some 0 GID or even root you look for:

    aloc:~# grep su /home/*/.bash_history /root/.bash_history | more

  or even:

    aloc:~# grep passwd /home/*/.bash_history /root/.bash_history | more

  It may be a good choice if you find some that look promising enough then
  have a look at the file, it may take a while to find anything but its up to
  you if you want to trade time for accounts. It's a good idea to check out
  the /etc/passwd to have an idea of where the home directories are located
  and what type of shells they use because they may very from system to
  system. Also you may need to pissfart round with the login or passwd but
  its up to you depending how desperate you need the accounts. To fix this if
  your a user then a simple "chmod 000 .bash_history" will do the trick. or
  even "ln -s ~/.bash_history /dev/null" does a better job. If your an admin
  then do the following:

    touch /etc/skel/.bash_history /etc/skel/.history
    chmod 700 /etc/skel/.*history
    chmod 700 /home/*/.*history

  (depending on where your users home is placed) This maybe considered as a
  lame method of gaining accounts but I belive its worth a mention. Posted
  in by a Spaceman from outer space that wants to stay Anonymous.
  
  

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH