How to Get a *Good* Shell Account Beginners' Series #3 Part 2

How to Get a *Good* Shell Account


In this section you will learn:

· how to explore your shell account
· Ten Meinel Hall of Fame Shell Account Exploration Tools
· how to decide whether your shell account is any good for hacking
· Ten Meinel Hall of Fame LAN and Internet Exploration Tools
· Meinel Hall of Infamy Top Five Ways to Get Kicked out of Your Shell Account

How to Explore Your Shell Account

So you're in your shell account. You've tried the "ls  -alF" command and are pretty sure this really, truly is a
shell account. What do you do next?

A good place to start is to find out what kind of shell you have. There are many shells, each of which has
slightly different ways of working. To do this, at your prompt give the command "echo $SHELL." Be sure to type in the same lower case and upper case letters. If you were to give the command "ECHO $shell," for
example, this command won't work.

If you get the response:


That means you have the Bourne shell.

If you get:


Then you are in the Bourne Again (bash) shell.

If you get:


You have the Korn shell.

If the "echo $SHELL" command doesn't work, try the command "echo $shell ," remembering to use lower
case for "shell."  This will likely get you the answer:


This means you have the C shell.

Why is it important to know which shell you have? For right now, you'll want a shell that is easy to use. For
example, when you make a mistake in typing, it's nice to hit the backspace key and not see ^H^H^H on your
screen. Later, though, for running those super hacker exploits, the C shell may be better for you.

Fortunately, you may not be stuck with whatever shell you have when you log in. If your shell account is
any good, you will have a choice of shells.

Trust me, if you are a beginner, you will find bash to be the easiest shell to use. You may be able to get the
bash shell by simply typing the word "bash" at the prompt. If this doesn't work, ask tech support at your
ISP for a shell account set up to use bash. A great book on using the bash shell is _Learning the Bash
Shell_, by Cameron Newham and Bill Rosenblatt, published by O'Reilly.

If you want to find out what other shells you have the right to use, try "csh" to get the C shell; "ksh" to get
the Korn shell, "sh" for Bourne shell, "tcsh" for the Tcsh shell, and "zsh" for the Zsh shell. If you don't
have one of them, when you give the command to get into that shell you will get back the answer "command
not found."

Now that you have chosen your shell, the next thing is to explore. See what riches your ISP has allowed you
to use. For that you will want to learn, and I mean *really learn* your most important Unix commands and
auxiliary programs. Because I am supreme arbiter of what goes into these Guides, I get to decide what the
most important commands are. Hmm, "ten" sounds like a famous number. So you're going to get the:

Ten Meinel Hall of Fame Shell Account Exploration Tools

1) man <command name>  This magic command brings up the online Unix manual.  Use it on each of the commands below, today!
Wonder what all the man command options are? Try the "man  -k" option.
2) ls
Lists files. Jericho suggests "Get people in the habit of using "ls -alF". This will come into play down
the road for security-conscious users." You'll see a huge list of files that you can't see with the "ls"
command alone, and lots of details. If you see such a long list of files that they scroll off the terminal screen,
one way to solve the problem is to use "ls  -alF|more."

3) pwd
Shows what directory you are in.

4) cd <directory>
Changes directories.  Kewl directories to check out include /usr, /bin and /etc.   For laughs, jericho suggests
exploring in /tmp.

5) more <filename>
This shows the contents of text files. Also you might be able to find "less" and "cat" which are similar

6) whereis <program name>
Think there might be a nifty program hidden somewhere?   Maybe a game you love? This will find it for you.
Similar commands are "find" and "locate." Try them all for extra fun.

7) vi
An editing program. You'll need it to make your own files and when you start programming while in your
shell account. You can use it to write a really lurid file for people to read when they finger you. Or try
"emacs." It's another editing program and IMHO more fun than vi. Other editing programs you may find
include "ed" (an ancient editing program which I have used to write thousands of l ines of Fortran 77 code),
"ex," "fmt," "gmacs," "gnuemacs," and "pico."

8) grep
Extracts information from files, especially useful for seeing what's in syslog and shell log files. Similar
commands are "egrep," "fgrep," and "look."
9) chmod <filename>
Change file permissions.

10) rm <filename>
Delete file. If you have this command you should also find "cp" for copy file, and "mv" for move file.
Alas, not all shell accounts are created equal.   Your ISP may have decided to cripple your budding hacker
career by   forbidding your access to important tools. But you absolutely must have access to the top ten
tools listed above. In addition, you will need tools to explore both your ISP's local area network (LAN) and
the Internet. So in the spirit of being Supreme Arbiter of Haxor Kewl, here are my:

Ten Meinel Hall of Fame LAN and Internet Exploration Tools

1) telnet <hostname> <port number or name>   If your shell account won't let you telnet into any port you want either on its LAN or the Internet, you are
totally crippled as a hacker. Dump your ISP now!

2) who
Shows you who else is currently logged in on your ISP's LAN. Other good commands to explore the other
users on your LAN ar e "w," "rwho, " "users."

3) netstat
All sorts of statistics on your LAN, including all Internet connections. For real fun, try "netstat  -r" to see the
kernel routing table. However, jericho warns "Be careful. I was teaching a friend the basics of summin g up a
Unix system and I told her to do that and 'ifconfig'. She was booted off the system
the next day for 'hacker suspicion' even though both are legitimate commands for users."

4) whois <hostname>
Get lots of information on Internet hosts outside you LAN.

5) nslookup
Get a whole bunch more information on other Internet hosts.

6) dig
Even more info on other Internet hosts. Nslookup and dig are not redundant. Try to get a shell account that
lets you use both.

7) finger
Not only can you use finger inside your LAN. It will sometimes get you valuable informa>


Transfer interrupted!


8) ping
Find out if a distant computer is alive and run diagnostic tests  --  or just plain be a meanie and clobber people
with pings. (I strongly advise *against* using ping to annoy or harm others.)

9) traceroute
Kind of like ping with attitude. Maps Internet connections, reveals routers and boxes running firewalls.

10) ftp
Use it  to upload and download files to and from other computers.

If you have all these tools, you're in great shape to begin your hacking career. Stay with your ISP. Treat it

Once you get your shell account, you will probably want to supplement the "man" command with a good
Unix book . Jericho recommends _Unix in a Nutshell_ published by O'Reilly. "It is the ultimate Unix
command reference, and only costs 10 bucks. O'Reilly r00lz."

How to Keep from Losing Your Shell Account
 So now you have a hacker's dream, an account on a powerful computer running Unix. How do you keep this
dream account? If you are a hacker, that is not so easy. The problem is that you have no right to keep that
account. You can be kicked off for suspicion of being a bad guy, or even if you become inconvenient, at the
whim of the owners.

Meinel Hall 'O Infamy
Top Five Ways to Get Kicked out of Your Shell Account

1) Abusing Your ISP
Let's say you are reading Bugtraq and you see some code for a new way to break into a computer. Panting
with excitement, you run emacs and paste in the code. You fix up the purposely crippled stuff someone put
in to keep total idiots from running it. You tweak it until it runs under your flavor of Unix. You compile and
run the program against your own ISP. It works! You are looking at that "#" prompt and jumping up and
down yelling "I got root! I got root!" You have lost your hacker virginity, you brilliant dude, you!  Only,
next time you go to log in, your password doesn't work. You have been booted off your ISP. NEVER, NEVER

You can go to jail warning: Of course, if you want to break into another computer, you must have the
permission of the owner. Otherwise you are breaking the law.

2) Ping Abuse.
Another temptation is to use the powerful Internet connection of your shell account (usually a T1 or T3) to
ping the crap out of the people you don't like. This is especially common on Internet Relay Chat. Thinking of
ICBMing or nuking that dork? Resist the temptation to abuse ping or any other Internet Control Message
Protocol attacks. Use ping only as a diagnostic tool, OK? Please? Or else!

3) Excessive Port Surfing
Port surfing is telnetting to a specific port on another computer. Usually you are OK if you just briefly visit
another computer via telnet, and don't go any further than what that port offers to the casual visitor. But if
you keep on probing and playing with another computer, the sysadmin at the target computer will probably
email your sysadmin records of your little visits. (These records of port visits are stored in "messages," and
sometimes in "syslog" depending on the configuration of your target computer -- and assuming it is a Unix

Even if no one complains about you, some sysadmins habitually check the shell log files that keep a record
of everything you or any other user on the system has been doing in their shells. If your sysadmin sees a
pattern of excessive attention to one or a few computers, he or she may assume you are plotting a break-in.
Boom, your password is dead.

4) Running Suspicious Programs
If you run a program whose primary use is as a tool to commit computer crime, you are likely to get kicked
off your ISP. For example, many ISPs have a monitoring system that detects the use of the program
SATAN.   Run SATAN from your shell account and you are history.

Newbie note: SATAN stands for Security Administration Tool for Analyzing Networks. It basically works
by telnetting to one port after another of the victim computer. It determines what program (daemon) is
running on each port, and figures out whether that daemon has a vulnerability that can be used to break into
that computer. SATAN can be used by a sysadmin to figure out how to make his or her computer safe. Or it
may be just as easily used by a computer criminal to break into someone else's computer.

5) Storing Suspicious Programs
It's nice to think that the owners of your ISP mind their own business. But they don't. They snoop in the
directories of their users. They laugh at your email. OK, maybe they are really high-minded and resist the
temptation to snoop in your email. But chances are high that they will snoop in your shell log files that
record every keystroke you make while in your shell account. If they don't like what they see, next they will
be prowling your program files.

One solution to this problem is to give your evil hacker tools innocuous names. For example, you could
rename SATAN to ANGEL. But your sysdamin may try running your programs to see what they do. If any
of your programs  turn out to be commonly used to commit computer crimes, you are history.

Wait, wait, you are saying. Why get a shell account if I can get kicked out even for legal, innocuous
hacking? After all, SATAN is legal to use. In fact, you can learn lots of neat stuff with SATAN. Most hacker
tools, even if they are primarily used to commit crimes, are also educational. Certainly if you want to become
a sysadmin someday you will need to learn how these programs work.

Sigh, you may as well learn the truth. Shell accounts are kind of like hacker training wheels. They are OK for
beginner stuff. But to become a serious hacker, you either need to find an ISP run by hackers who will
accept you and let you do all sorts of suspicious things right under their nose. Yeah, sure. Or you can install
some form of Unix on your home computer. But that's another Guide to (mostly)  Harmless Hacking (Vol. 2
Number 2: Linux!).
If you have Unix on your home computer and use a PPP connection to get into the Internet, your ISP is
much less likely to snoop on you. Or try making friends with your sysadmin and explaining what you are
doing. Who knows, you may end up working for your ISP!

In the meantime, you can use your shell account to practice just about anything Unixy that won't make your
sysadmin go ballistic.

Would you like a shell account that runs industrial strength Linux -- with no commands censored? Want to
be able to look at the router tables, port surf, and keep SATAN in your home directory without
getting kicked out for suspicion of hacking? Do you want to be able to telnet in on ssh (secure shell)so no
one can sniff your password? Are you willing to pay $30 per month for unlimited access to this hacke r
playground? How about a seven day free trial account? Email for details.

In case you were wondering about all the input from jericho in this Guide, yes, he was quite helpful in
reviewing this and making suggestions. Jericho is a security consultant and also runs his own Internet host, Thank you,, and happy hacking!

Subscribe to our discussion list by emailing to with message "subscribe"
Want to share some kewl stuph with the Happy Hacker list? Correct mistakes? Send your messages to   To send me confidential email (please, no discussions of illegal activities) use and be sure to state in your message that you want me to keep this confidential. If
you wish your message posted anonymously, please say so! Direct flames to dev/
Happy hacking!
You may forward or post this GUIDE TO (mostly) HARMLESS
HACKING on your Web site as long as you leave this notice at the end.

Popular Posts