People say Linux isn't user friendly

P

PHiZ

Limp Gawd
Joined
Apr 7, 2006
Messages
416
bhhc21.jpg


http://gizmodo.com/5378421/fun-with-linux-commands
 
I wonder what version of 'kill' is being used here. I've never seen it return that before. Here's another fun one:

Code: 
# cat /dev/mem | strings | grep -i llama
 
Eva_Unit_0 said:
I wonder what version of 'kill' is being used here. I've never seen it return that before. Here's another fun one:

Code: 
# cat /dev/mem | strings | grep -i llama
Click to expand...

Doesn't work on Ubuntu 9.04, even as root:

/dev/mem: Operation not permitted


And that message for kill comes from busybox.
 
alan2308 said:
Doesn't work on Ubuntu 9.04, even as root:

/dev/mem: Operation not permitted


And that message for kill comes from busybox.
Click to expand...

It half-works on Debian 5, I get that when I do it as a regular user, but as root it just sits there forever. I tried viewing just cat /dev/mem and it was flashing through what looked like tons of raw data so that's probably why it's taking so long :p
 
well you guys are right that when doing "cat /dev/mem" you see a whole bunch of garbadge. But what you may have not realized, or have, is that this is actually your physical memory or some recent processes recent page.

A neat little crack commonly used on rootkits is to do "cat dev/mem", but to filter its results for SS numbers or phone numbers.

The following will search for SS#'s
Code: 
cat /dev/mem | grep [0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]

Just a note though, /dev/mem really only applies to the page of the parent process in which cat is forked from. It is a incredibly effcient way if you can get it called around getty
 
Scotch77 said:
well you guys are right that when doing "cat /dev/mem" you see a whole bunch of garbadge. But what you may have not realized, or have, is that this is actually your physical memory or some recent processes recent page.

A neat little crack commonly used on rootkits is to do "cat dev/mem", but to filter its results for SS numbers or phone numbers.

The following will search for SS#'s
Code: 
cat /dev/mem | grep [0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]

Just a note though, /dev/mem really only applies to the page of the parent process in which cat is forked from. It is a incredibly effcient way if you can get it called around getty
Click to expand...

Yeah, if it doesn't work on your system then that's a good thing. The kernel has an option to filter access to /dev/mem so that no user (not even root) can get meaningful information from it, and I'm glad to see that the stock kernels in most distros use this option.

Anyway, on a system where it does work, you can pull out like the text from web pages in your web browser and stuff like that. It's pretty funny.
 
cat /dev/mem | grep [0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]\

icky regex.:p

cat /dev/mem | grep [0-9]{3}-[0-9]{2}-[0-9]{4}

:p
 
"They say UNIX isn't user-friendly. I say it is: it's just very selective about who its friends are!"

(No idea who said that, I just though it would be funny here :p)
 
You must log in or register to reply here.
Back
Top