_______________________________________________________________________________ INTRODUCTION TO THE PRIMOS OPERATING SYSTEM Part I (Identification and Penetration) Written by Violence Copyright (C) 1989 The VOID Hackers _______________________________________________________________________________ INTRODUCTION to This Series This is the first in a public-release series of articles dealing with Prime computers (both mini's and supermini's) and their respective operating system, PRIMOS. PRIMOS is one of the several operating systems that the general hacker community has avoided due to unfamiliarity. In all actuality, PRIMOS is a very user-friendly operating system and as such, demands respect. In this series of articles I will cover everything that is important to the aspiring PRIMOS hacker. In the syllabus are: Part Contents ---- ------------------------------------------------------------------------ I Identification, and penetration, PRIMOS command line, command types II Making Your Stay Last Longer, Basic PRIMOS Commands, Internal Security III Useful PRIMOS Applications IV Prime Network Communications (PRIMENET and Associated Utilities) V Language Interpreters and Compilers, Advanced PRIMOS Commands ---- ------------------------------------------------------------------------ That about covers it. This series is largely based on extensive on-hands use, and all the information provided herein is guaranteed to be 100% accurate in regards to Revisions 19.xx through 22.xx of PRIMOS. I do occasionally address pre-revision 19.xx systems, but only in passing as they are extremely uncommon. In addition, all sample programs included herein have been fully tested. All PRIMOS output samples were taken from a Revision 22.0.0 PRIMOS system. I chose to write this series in a technical manner, but not like a typical AT&T document (grin). All in all, this series does not equal or even come close to the actual PRIMOS documentation, but since such documentation is generally un- available to the hacker community, I have tried my best to create a series that proves as an acceptible alternative. Due to the high content of information I have provided herein, you are advised to obtain all of the parts to this series and dump them to your printer. Spend a day reading and comprehending them. I suggest that you read the entire series before beginning to hack at Primes. NOTE IN CLOSING: I have opted to remain purposefully vague in some areas due to potential abuse. This seems to be the rage these days and I'm sorry if that upsets you, but I have no wish to compromise any of Prime Computer, Inc.'s trade secrets. _______________________________________________________________________________ WHAT'S IN PART I? There is so much to get started with that I wasn't able to get everything in to Part I. This makes the subsequent parts of this series vital to the comprehen- sion of the information presented here. There is tons more to cover, so I will urge you some more to go ahead and get ALL of the other parts. Inside this in- stallment I shall cover: o Conventions Used Throughout This Series o System Identification o Front-End Security and Penetration o The PRIMOS Command Line o A Discourse on PRIMOS Command Types o How PRIMOS Interacts With Its Users In 'Part II' I will completely detail the typical internal security setup and how to improve your security, as well as the many internal snooping tactics that I use in my day-to-day Prime wanderings. I will also discuss the vital PRIMOS commands that should be memorized. _______________________________________________________________________________ CONVENTIONS USED THROUGHOUT THIS SERIES As with any multi-part series, a set of standards is needed, otherwise the rea- der may become confused. In writing this series of articles, I had to make an important decision regarding the conventions used within command examples and with the numerous hands-on examples scattered throughout the text. All command references in this series will follow the conventions put forth in the PRIMOS reference manuals and online help facilities. Conventions follow: WORDS-IN-UPPERCASE identify command words or keywords and are to be entered literally. All command abbreviations will be listed following the actual full command name. Words-in-lowercase identify arguments. You substitute the appropriate numer- ical or text value. Braces { } indicate a choice of arguments and/or keywords. At least one must be selected. Brackets [ ] indicate that the word or argument enclosed is optional. Hyphens - indicate a command line option and must be entered literally. Parenthesis ( ) must be entered literally. Ellipses ... indicate that the preceeding argument may be repeated. Angle Brackets < > are used literally to separate the elements of a pathname. options: The word 'options' indicates that one or more keywords and/or argu- ments can be given and that a list of options for the command follow. All examples throughout this text will be indented '8' spaces so that they will be easily identifiable. All text typed by the user in these examples will be completely displayed in lowercase characters. PRIMOS output will then be easy to identify. _______________________________________________________________________________ SYSTEM IDENTIFICATION PRIMOS is Prime's uniform operating system for their extensive line of mini- and supermini computers. If you have ever read some of the articles detailing the PRIMOS operating system floating about, then you may have a basic working knowledge of PRIMOS and such. I will be referencing some of these articles in this series occasionally (all references are listed in the "References" section at the end of the last part of this series). A few years back, the Prime model 750 was all the rage. No longer is that the case, however. Now days there are many models of Primes and corporations and governments (the two main Prime owner classes) purchase the models that best suit their individual needs. Thusly, you will find Prime 250's (ancient) and 750's (also ancient, but still in use) to Prime 4150's (a mid-range system) and the huge Prime 9550's (high-end mini's). On the high-end of this you will also find Prime MCXL's (super-mini's) and Prime workstation clusters. As you can see, the army of Primes is astoundingly large. Equally large in number are the revisions of PRIMOS that they run. About all that you will see these days are Rev. 20.xx and greater but you will, on occ- asion, find a revision 17.xx, 18.xx, or 19.xx system. About the only places you will find 17.xx and 18.xx systems are on foreign packet-switched networks (PSN's) (like on Brazil's Interdata or Renpac networks and Japan's Venus-P/NTII or DDX-P/KDD networks). A scant few 18.xx and 19.xx systems are still operat- ing in the United States. As said previously, however, you will most likely find from Rev's 20.xx through 22.xx systems here (and in most other countries). To understand how PRIMOS interfaces with users you need to have a good working grasp of what the standard PRIMOS operating system model looks like. To do this you need a decent abstract model. Here: Identifying a Prime mini- or supermini computer is not very difficult. Primes generally behave in one of two ways when connected to. They either sit there, echoing nothing to your screen or, in the case of a PRIMENET-equipped system, display their PRIMENET nodename. In the former case, try this simple test upon connecting. Type a few random keystrokes followed by a RETURN and take note of what the host system responds with. If it responds with a battery of error messages followed with the rather distinctive 'ER!' prompt, then it is a Prime. Here is an example: asdf Invalid command "ASDF". (processcommand) Login please. ER! Any Prime that just sits there waiting for you to login is not running PRIMENET and generally lacks inter-system communications capability. On the other hand, those systems that are equipped with PRIMENET jump right out and yell "Hey! I'm a Prime!", as they display their revision of PRIMOS and their system nodename upon connect. Here is an example: PRIMENET 21.0.3 VOID That's all there is to Prime system identification. Like I said, it's a rather trivial task. _______________________________________________________________________________ FRONT-END SECURITY AND SYSTEM PENETRATION Now that we have located a Prime, how do we bypass the front-end security and get in? Well, before I can begin to answer that question a little discourse on the security itself is required. The government has granted Primes a C2 security rating. To give you an idea of what that means, VAXen are also classed as C2 systems. Hoewever, that C2 rat- ing sort of 'fluctuates' about. External security should really be a bit high- er, as Prime Computer, Inc. tells their administrators to remove all defaults. Not very nice, eh? On the other hand, internal security is not so hot. I'll discuss internal security more fully in the next Part of this series. The front door is similar to PRIMOS command level in that it utilizes the comm- and line (the prompting and I/O sub-systems). The only command which you can enter at this level of operation is the LOGIN command. There is no 'who' comm- and available to you prior to system login. As Evil Jay pointed out in his "Hacking PRIMOS" files (volumes I-III), there is no easy way to get into a Prime computer, as its front-door security is excellent. At this point only one option lies available, unless, of course, you know some- one on the inside (grin). This option is default accounts. How nice of Prime Computer, Inc. to install so many default accounts at their factories. As I have said, however, they tell their administrators to remove these default acc- ounts after the system has been installed. Not a few administrators fail to remove these defaults, however, and that is good for us. Also, never forget that Prime users are people and people like to use easy-to-remember passwords. But before I go any further, let me explain the LOGIN command in greater detail (patience is a virtue, you know). Typically you will type 'LOGIN' and press RETURN. You will then be requested first for User ID and then your password. Here's yet another example: login User id? user Password? Invalid user id or password; please try again. Login please. ER! Well, that sure didn't work. Notice how PRIMOS didn't echo your password to you. The above example is from a non-PRIMENET Prime. After this bad entry you are probably still connected, so you can have another go at it. A non-PRIMENET system generally has a high bad-login threshold, so you can make many attempts per connect. A PRIMENET system on the other hand is more of a bitch to hack as it will disconnect you after the first incorrect login. Here's another example (assuming you are hacking a PRIMENET system from the TELENET X.25 network): @214XXX 214 XXX CONNECTED PRIMENET 20.0.0 VOID login user Password? Invalid user id or password; please try again. 214 XXX DISCONNECTED 00 00 00:00:00:08 9 7 As you can see, one chance is all you get with a PRIMENET system. A minor note is in order here regarding all the myriad of X's in the above example. I have masked the last three digits of the system's NUA (Network User Address), for I do not wish all you eager PRIMOS hackers to start banging on my system's front door (grin). I have also edited the system's nodename from its actual nodename to a more appropriate one (grin). I will continue to mask all system identifi- cation from my examples. So far you are accustomed to typing in 'LOGIN' and pressing RETURN to start logging in. On all Primes you can nest the 'LOGIN' command and your User ID in the same line, as is illustrated in the following example: login user Password? And on a very few other Primes you can do a full LOGIN nest, as such: login user password You might not wish to use full-nesting capability when other hackers are lurk- ing about, as they might decide to practice shoulder surfing (grin). If a User ID/password combination (hereafter referred to as an 'account') is valid, you will recieve the following login herald from PRIMOS: USER (user 87) logged in Sunday, 22 Jan 89 16:15:40. Welcome to PRIMOS version 21.0.3 Copyright (c) 1988, Prime Computer, Inc. Serial #serial_number (company_name) Last login Wednesday, 18 Jan 89 23:37:48. 'serial_number' and 'company_name' will be replaced by the actual serial number and company name of the company that owns the Prime computer site. Just one more small thing I need to cover about the 'LOGIN' command right now, and that is login troubles. Troubles? You bet'cha. The first trouble occurs when the account you login to exists and is valid, but it doesn't have an init- ial ATTACH point (in other words, you don't seem to have a 'home' directory). This is no fun, since this account cannot be logged into. Bah. The other tro- uble is remote user passwords. This is definitely no fun. The prompt for such are generally different from one another, as they run both commercial and cust- om written software to handle this. When you come upon a remote password, try the User ID and, if that doesn't work, then try the system's nodename. If both of these attempts fail, you can either keep trying passwords (brute-force hack- ing) or you can give it up and move onto the next account or system. A popular commercial front-end security package is "LOGINSENTRY" from Bramalea Software Systems, Inc. "LOGINSENTRY" is an excellent package, so good luck when you go up against it. It supports remote passwords, password aging, old-password databasing, etc. That's about all you need to know about the 'LOGIN' command right away. In the section on Prime Networking I will discuss the remote login feature (similar to the UNIX 'rlogin' command). For now, this will suffice. Here is a listing of default PRIMOS accounts along with some other accounts I find that work occasionally (i.e, more than just once): NOTE: The '+' and '*' symbols are not parts of the User ID. User ID Password Comments _______________________________________________________________________________ + ADMIN ADMIN, ADMINISTRATOR Administrator account + CMDNC0 CMDNC0 External command UFD maintenance * DEMO DEMO, GUEST Demo account + DIAG DIAG Diagnostic account + FAM FMA File Access Manager + GAMES GAMES Games account (only on schools) * GUEST GUEST, VISITOR Demo account + HELP HELP Help subsystem account + INFO INFO Information account + JCL JCL Job Control Language account + LIB LIB, LIBRARY Library maintenance account + NETMAN NETMAN Network controller account + NETPRIV NETPRIV Network priv account + NEWS NEWS News account + NONETPRIV NONETPRIV Network nopriv account * PRIME PRIME Prime account + PR1ME PR1ME Prime account + PRIMOS PRIMOS Prime account + PRIMOS_CL PRIMOS_CL Prime account + REGIST REGIST User registration account + RJE RJE Remote Job Entry account + STUDENT STUDENT, SCHOOL Student account (only on schools) * SYSADM SYSADM, ADMIN Administrator account * SYSTEM SYSTEM Administrator account + TELENET TELENET GTE TELENET account * TEST TEST Test account + TOOLS TOOLS Tool maintenance account _______________________________________________________________________________ Several of these combinations will not work, as they are initial system setup accounts and the administrator, after setup, changes them or completely removes them (Prime Computer, Inc. advises this). I have denoted these accounts with a '+' symbol. The accounts marked by a '*' are the ones that I find work most commonly. More often than not they have good privileges (with exception to GUEST). Notice SYSADM. Say, isn't that a UNIX default? Sure it is but I have found it to work so many times that I just had to assume it was a default of some sort. As for TELENET I have yet to see it work, but Carrier Culprit states in the LOD Hacker's Technical Journal file on PRIMOS (LOD T/J Issue 2) that it works some- times. Lastly, unlike UNIX, the PRIMOS LOGIN subsystem is not case-dependant. This is good, as case dependancy gets boring at times. User ID "system" is the same as "SYSTEM". PRIMOS maps all command line input to upper case prior to processing it. This is true for logins and commands. Although your typing appears in lower case, PRIMOS interprets it in upper case. No big deal. Just thought I'd mention it. All of this information is for 19.xx through 22.xx systems. I do believe that I will make an appendix for logging into revision 17.xx and 18.xx systems beca- use you never know when you might find one. And besides, once you have experi- enced a revision 17.xx or 18.xx system you will love revisions 21.xx and 22.xx that much more! _______________________________________________________________________________ THE PRIMOS COMMAND LINE Before I go on any further some discussion on the PRIMOS command line is in or- der. The command line is the agent that accepts your input and then transports the input to the command processor (known affectionately as '(processcommand)') for parsing. The PRIMOS command line is interesting in the fact that it utilizes two prompts in it's execution. These prompts are 'OK,' and 'ER!'. There is no difference in the two, save that the 'ER!' prompt is displayed only after you make a mist- ake and are given an error message. After successful execution of a command, however, you will see the 'OK,' prompt again. You can alter these prompts with a special command, but I will save that for the section I have planned on cust- omizing your environment. Of all the most popular command lines (PRIMOS, UNIX, VAX/VMS) I like the PRIMOS command line the most. You can have separate commands on the same command line (just separate them with a semicolon), and so forth. No command (along with all options and arguments) can be longer than 160 char- acters. If you should enter a command line longer than 160 characters then it will be rejected by the command processor and you will get the following error message: Command line longer than 160 characters. (listen_) The PRIMOS command line has several special features, and some of these are: o User-defined abbreviations o Command line syntax suppression o Multiple commands on one line o User-defined global variables o PRIMOS command functions o Command iteration o Wildcard names o Treewalk pathnames o Name generation patterns There will be full discourses on user-defined abbreviations and command func- tions later in this series. The PRIMOS command processor identifies these features by searching for special characters entered in the command line. These special features, in the order that they are searched for, are given in the following table (this table repro- duced from the Revision 19.xx Command Reference Manual, still pretty current in this regard). Be aware that user-defined functions are always processed first and use no spe- cial characters of any sort. FEATURE SPECIAL CHARACTER COMMENTS ------------------------------------------------------------------------------- Abbreviations No special characters Syntax suppressor In first position on line only Command separator ; Global variables % % Functions [ ] Iteration ( ) Treewalking @,@@,+,^ In any intermediate position of pathname Wildcarding @,@@,+,^ In final position of pathname Name generation =,==,^=,^==,+ ------------------------------------------------------------------------------- When these special characters are found, the PRIMOS command processor substi- tutes the value of the item for the item itself. This is 'one-to-one' substi- tution. Iteration lists cause the command processor to create one command for each item found or matched on the iteration lists. In the case of wildcard or treewalk names, the user sets the pattern and the command processor searches the spec- ific directory or directories for all file system objects that "match" that pattern. These features can be thought of as creating "many-to-one" matches. Name generation patterns can be used to create matching names either for simple filenames or for whatever number of filenames resulting from a wildcard or treewalk name. NOTE: All commands support all the features listed above. The general rule is as follows: if a feature is not useful in connection with a particular command, then that command will not recognize it. _______________________________________________________________________________ A DISCOURSE ON PRIMOS COMMAND TYPES There are two kinds of PRIMOS commands, internal and external. Internal comm- ands are built right inside of PRIMOS (i.e, in the compiled programs that make up PRIMOS). External commands are programs located in the CMDNC0 directory. When an external command's filename is typed (the name of the command, less the file extension) then the program is invoked. Of course, you may add the file's extension if you wish, as it will work, but that is defeating the purpose. The reason for internal and external commands is twofold. The PRIMOS files (usually located in the DOS directory) take up a lot of memory. Not all Prime systems have whopping loads of memory, so Prime made sure that PRIMOS was able to be executed flawlessly (memory constraint-wise) on all system models. Only the MOST important commands were built inside of PRIMOS. Less vital (yet still vastly important) commands were made to be external commands. Secondly, diff- erent sites have different needs. Prime recognized this need and their command structure allows for the easy customizing of PRIMOS commands (adding, changing, removing, creating). It's an ideal setup, really. _______________________________________________________________________________ HOW PRIMOS INTERACTS WITH ITS USERS To understand how PRIMOS interfaces with users you need to have a good working grasp of what the standard PRIMOS operating system model looks like. To do this you need a decent abstract model. Here: __ ________________________ __ | | | | | | | | | CMDNC0 Externals | | | | | | __________ | | | Requests | |->| | | |<-| | Requests | | | | Kernel | | | | Replies | |<-| |__________| |->| | Replies | | | | | | | | | Command Line | | | |__| |________________________| |__| User Phantom Processes Processes As you can see, PRIMOS is made up of the kernel (the heart of the operating system; the command processor and all of the internal commands) as well as the CMDNC0 externals (prograns; external commands) and the PRIMOS command line (what the user uses to interact with PRIMOS). _______________________________________________________________________________ Well, I have come to the end of the first installment of five of the Introduct- ion to the PRIMOS Operating System. In the next part I will detail: o Making Your Stay Last Longer o Basic PRIMOS Commands to Memorize o A Full Discourse on User-to-User Communication o Internal PRIMOS Security o Exploring the Vast Reaches of a Prime Until then may the forces of darkness become confused on the way to your house. _______________________________________________________________________________ End of Part I of the "Introduction to the PRIMOS Operating System". _______________________________________________________________________________ _______________________________________________________________________________ INTRODUCTION TO THE PRIMOS OPERATING SYSTEM Part II (Internal Snooping and Basic Commands) Written by Violence Copyright (C) 1989 The VOID Hackers _______________________________________________________________________________ Welcome to Part II of my series on PRIMOS. In this part I will go over such things as how to make your stay on a Prime computer last longer, basic PRIMOS commands to memorize, user-to-user communication, internal PRIMOS security, and how to explore the vast reaches of a Prime computer. _______________________________________________________________________________ MAKING YOUR STAY LAST LONGER Now that you have logged in, there are a few things that you should do immed- iately to insure a nice long visit. You should make this procedure routine and do it everytime you login. Once logged in you will, as illustrated in Part I, see the login herald and then, assuming the account is not captive (there will be a section on Captive Accounts later in this part), get the system prompt (generally an "OK,"). You are now using PRIMOS and the prompt signifies that you are at the PRIMOS comm- and line. Most Primes use the standard "OK," prompt, but some do not. For this series, I shall assume that your Prime uses the "OK," prompt. Now, type some nonsensical command. Try arf. Here is what should happen: OK, arf Not found. ARF (std$cp) ER! Notice that when you enter an invalid command you get a new prompt. On all standard systems, it is "ER!". Again, this prompt can be changed and, through out this series, I shall assume that it is set to "ER!". NOTE: std$cp means Standard Command Processor. Sometimes instead of std$cp you will get a (processcommand) error. They are the same thing, just differ- ent names for different revision levels. Now that you are in, you are going to want to perform a few actions to make sure that you are safe. The first of these actions is to turn off all COMO files. COMO is the abbreviated form of the COMOUTPUT command. COMOUTPUT turns on a buffer if you will, much like your terminal program's copy buffer. From the time a COMO file is turned on everything you type and everything PRIMOS says to you will be logged to a SAM (sequential access method) file (a text file). To turn off a COMO file you will type this at the system prompt: OK, como -e The "-E" argument means "END" and will end any COMO processes. If you can't see what you are typing then perhaps the initiating COMO command turned off all terminal output. You can turn it back on by typing: OK, como -tty To save time, nest the arguments as such: OK, como -e -tty The next thing you should do is make sure that you are the only person using the account you logged in to (we don't want any irate users on our hands, now do we?). Do this by typing: OK, stat -me Assuming you are logged in as user PRIME, PRIMOS will output the following: Line User No oct( dec) Devices PRIME 87 125( 85) The "User" column displays your User ID. The "No" column lists your user number. The "Line" column indicates the AMLC line you are using (the physical modem line) in both octal and decimal notation. The "Devices" column displays the current disk partition that you are attached to. In this case, we are attached to the disk partition. If you find that there is more than one of you logged in, then you should make a hasty exit and logout. There is a correct way to logout and an incorre- ct way to logout. The correct way to logout is listed below. NEVER hang up on a Prime. Always logout in the illustrated fashion. OK, rsterm OK, lo The RSTERM command empties your terminal read (input) and write (output) buffers. This throws away anything in your type-ahead buffer and gets rid of all output pending. The LO command logs you out of the system. When you logout you will see a message similar to this: PRIME (user 87) logged out Sunday, 22 Jan 89 16:23:56. Time used: 00h 08m connect, 00m 03s CPU, 00m 00s I/O. Everything listed in this message should be self-explanatory by now, but in case you are still bewildered. The connect time is how long your session lasted in hours and minutes. The CPU time indicates how much actual time you manipulated the central processing unit (CPU); listed in minutes and seconds. The I/O time indicates how much actual disk I/O (access) you performed; in minutes and seconds. Assuming that no one else is using the account you are logged in as take a look and see who else is on the system. Do this by typing: OK, stat us The Prime will display the following to you: Line User No oct( dec) Devices SYSTEM 1 asr SMITH 5 3( 3) JOHNSON 70 104( 68) PRIME 87 125( 85) TIMER_PROCESS 123 kernel LOGIN_SERVER 124 LSr (3) DSMSR 125 DSM DSMASR 126 DSM SYSTEM_MANAGER 127 SMSr LIB 129 phant AL132 LQP 130 phant AL133 PR0 131 phant PR2 BATCH_SERVICE 132 phant SYSTEM 133 phant SYSTEM 134 phant SYSTEM 135 phant SYSTEM 136 phant Notice how the STAT US command's user display procedure is identical to that of STAT ME. Let me explain these users now. What's there to explain about users, you ask? Why, lots. Some of the users listed abover aren't actual people, but rather phantom users, processes that execute on their own. Look at SYSTEM. See how this User ID doesn't have a line listing? Instead of the familiar octal and decimal AMLC line listing, it says "asr" instead. Also notice how TIMER_PROCESS is listed as "kernel". The list goes on too, as you can see. LOGIN_SERVER is "LSr", DSMSR and DSMASR are "DSM", and SYSTEM_MANAGER is "SMSr". Also notice all those users listed as "phant". Basically, all User ID's that lack octal/decimal AMLC line notation are not actual people and cannot harm you with the exception of SYSTEM_MANAGER and SYSTEM. These users, while not people, are consoles, terminals if you will, that are logged in all the time. One monitors the system's front door and logs to screen and disk (and occasionally printer) all logins (successful and unsuccessful) and logouts. The other just sits there, waiting for the system manager to do what ever he likes. A good way to tell if either of these User ID's is active, is to look and see where they are attached to (ie, the info displayed in the "Devices" column). If you see it attached to an MFD (Main File Directory) other than the root MFD, then cruise and come back later. I will explain this a bit more in a second. LSr is the login server. It is what you "talk to" (in a manner of speaking) when you connect to the Prime initially. "kernel" is the heart of the PRIMOS operating system. When you have logged in, you are talking directly to it. "phant" users are phantom processes (batch jobs) that are executing independant of a system terminal. They perform rudimentary tasks such as running the prin- ters, backing up the system, running the RJE and Batch Job managers, etc. They perform many activities, almost always geared towards the system's needs. DSM users are Distributed System Management utilities runnung as phantoms. The DSM utilities are present to help the System Admin administrate his system. There will be more on the DSM utilities in Part III of this series. To help you out, I have prepared these two tables. They cover all of the above procedures and what you should do. For the first few times, you should use the tables. When you have memorized them you will be doing pretty good. LOGIN PROCEDURE 1. COMO -E 2. STAT ME (is there more than 1 of me logged in? Yes? Logout!) 3. STAT US (are there lots of users online? Yes? Logout!) LOGOUT PROCEDURE 1. RSTERM 2. LO That should do it for this section. I will now go into the basic PRIMOS comm- ands that you should familiarize yourself with and memorize. _______________________________________________________________________________ BASIC PRIMOS COMMANDS AND INFORMATION ABOUT PRIMOS FILES We're all ready to start covering the first PRIMOS commands to add to your new repetoire. In this section you will learn how to move around PRIMOS directory structures, how to view files, how to get full status on the Prime system, and how to get further help. First off, let me tell you a little bit about directories and how they are set up. On each logical disk on a Prime, there is a root directory called the MFD (Main File Directory). Each MFD on a system has a unique number after it. In this manner all logical disk MFD's are separate from one another. Below the MFD's are directories called UFD's (User File Directories). It is the UFD's that users login to. Not all UFD's, however, are login directories. All dir- ectories below the UFD level are called sub-UFD's (subdirectories). An illus- tration of what I am talking about follows. MFD 0 ------------- MFD 1 ------------- MFD 3 ------------- MFD 4 ______|______ ______|______ ______|______ ______|______ | | | | | | | | | | | | UFD UFD UFD UFD UFD UFD UFD UFD UFD UFD UFD UFD | | | | | SUB SUB SUB SUB SUB UFD UFD UFD UFD UFD Notice that not all UFD's have sub-UFD's. Not illustrated is the fact that sub-UFD's can have sub-UFD's under them. It's set up a lot like most micro- computer Disk Operating Systems. When you login you will be attached to your account's initial attach point (ie, your "home" directory). This will most likely be a UFD, but in some cases you will attach to an MFD. In any case, to move from directory to directory you'll use the ATTACH command. You can abbreviate ATTACH with an A. PRIMOS underst- ands ATTACH and A as being the same command. The basic format of ATTACH is: ATTACH pathname To attach to an MFD you would type: OK, a mfd # Where # is the logical device number of the MFD you wish to attach to. MFD nu- mbers always start out at 0 and increment sequentially. More on this in a few. If you are attached to an MFD or a UFD you simply need to use the UFD name you wish to attach to as the pathname. If you wish to attach to sub-UFD's then you will need to use the full pathname. Here are some examples: OK, a mfd 0 OK, a primenet* OK, a info Top-level directory not found or inaccessible. INFO (ATTACH) OK, a primenet*>info Notice how when you tried to attach to info you got an error. Well, that was because info is a sub-UFD and you need to supply the full pathname when you at- tach to sub-UFD's. Notice that when you attached to info in the correct manner you used the ">" character to separate the elements of the pathname. Locating all the available MFD logical device numbers is easy. Just type: OK, stat disk PRIMOS returns this output to you: Disk Ldev Pdev System COMDEV 0 1460 USER01 1 31460 USER02 2 32462 USER03 3 462 USER04 4 11062 USER05 5 62060 USER06 6 101062 "Disk" indicates the actual disk partition's root pathname. "Ldev" is the logical device number of a given partition. "Pdev" is the physical device number. The "System" column will be blank unless a given disk partition is located on another system. What? Impossible? Not at all. With PRIMENET, Prime's networking software, disk partitions on system B can be accessed from system A. If you are not on a system equipped with PRIMENET then the "System" column will be blank. More on this in the PRIMENET section. What is important to us immediately is the data in the "Disk" and "Ldev" col- umns. Each of these disk partitions is an MFD On some systems you will find two useful utilities, UP and DOWN. These are ex- ternal commands. They simplify moving about directories in PRIMOS. Here is how to use them. UP [n] UP allows you to move up a specified number of levels. The specification of "n" is optional. If you do not specify a value for it, it will have a default value of 1. DOWN directory_name DOWN allows you to move down one directory in the tree. You must specify the name of the directory that you wish to move down into. You need only specify the UFD or sub-UFD name. There is no need to specify the entire pathname. If these utilities are not on the Prime you are on then you can upload them to the Prime's CMDNC0 directory (where external commands are stored). There will be more information on this in Part V. Viewing files in PRIMOS is as easy as can be. You simply use the SLIST (seq- uential List) command. The format is as follows: SLIST filename You must include the file extension of the file that you are SLISTing. Briefly here is a list of file types and what they mean. Extension SLISTable? Description .ABBREV N Abbreviation files .BAS Y BASIC source code .BIN N BINARY image file .CBL Y COBOL source code .CC Y C Compiler source code .COMI Y COMMAND INPUT data files .COMO Y COMMAND OUTPUT data files .CPL Y CPL (Command Procedure Language) programs .F77 Y FORTRAN-77 source code .FTN Y FORTRAN IV source code .GVAR N Global variable files .PL1 Y PL/1, Subset G source code .PLP Y PLP source code .PMA Y Prime Macro Assembler source code .RUN N Prime-written programs; int cmds (compiled) .SAVE N Prime- and user-written programs (compiled) NOTE: The "SLISTable" column indicates that the file type in question is a SAM file (Sequential Access Method; a text file) and can be viewed normally by the SLIST (Sequential List; like the TYPE command found on most PC's) command. You can SLIST non-SAM files, but they will come out as garbage and that can be a pain in the ass. If you should SLIST a non-SLISTable file type then use BREAK or CONTROL-P to abort the listing. A very important command is the LD command (List Directory). LD will display the contents of the current attach directory. To use it just type: OK, ld The LD command supports wildcarding, too. If you should want to display all the CPL files in a directory, use LD in this manner: OK, ld @@.cpl Notice the "@@" in the above command. It tells LD to do a wildcard search for all files ending with the extension ".CPL". Just experiment with this aspect of LD. It's really quite simple. Getting more information about the Prime you are on is easy. Just use the STATUS (abbreviated STAT) and LIST commands. Here are lists of these commands and what they do. Remember the STAT US and STAT ME commands I mentioned in Part I? Well, as you probably guessed, there are several other options to the STATUS command. Here are the other options and what they do: NOTE: Capitalized letters in this table indicate the option's abbreviation. OPTION MEANING ALl Display all info available through STATUS. DEvice Display physical and logical device numbers of any assigned mag tape drives. NEtwork Displays the status of other systems to which your system is attached by PRIMENET. PRoject Displays the Project ID of all users logged in. SEmaphores Displays the value of user semaphores that have been set on the system. A semaphore is a flag used for synchronizing processes. It is used by cooperating user processes to control access to a single shared resource. SYstem Shows the system nodename and revision of PRIMOS. UNits Shows you what file units you have open. Sub: Other Nets [BitNet etc..] Read: (1-30), Message # 30, (c/r)=Next Msg ?:R 29/30: Prime file 4 of 10 Name: Predat0r #1 @5211 Date: Wed Apr 17 10:33:51 1991 From: Youth International Party Line (Kentucky) Remember, I did not mention the USers, ME, or DIsks options here, as they were fully detailed in part I of this series. If the STATUS command is issued without any options, information is provided on the following options in this order: SYSTEM, UNITS, DISK, SEMAPHORE, NETWORK and ME. NOTE: There will be some information regarding the STATUS NETWORK command in a later section entitled "HINTS ON HACKING PRIMENET". That pretty well sums up the STATUS command. But is that all? Hell no. There is also the LIST command. If you thought STATUS had a lot of options then wait until you check this lovely command out. I will only cover the useful options. First in the syllabus is the LIST_ACCESS command. This command will show you what User ID's have access to the UFD that you are currently attached to. Assume that you are attached to your initial login UFD. Also assume that your User ID is STEVE.SYS. Here is an example of what LIST_ACCESS would display: OK, list_access ACL protecting "": STEVE.SYS ALL SYSTEM ALL $REST: NONE The above command example displays all of the ACL's (Access Control Lists) regarding your UFD. Notice that you, STEVE.SYS, have ALL rights to your UFD (naturally). Also notice that SYSTEM has ALL rights too. Why? Most likely backup purposes. Also notice that $REST (meaning all other user ID's) has NO rights. Now, lets assume you ATTACHed to another user's UFD. Say, JOHN. Here is what you might get: OK, a john OK, list_access ACL protecting "": JOHN ALL SYSTEM ALL SIMSON DALURW $REST LUR Quite a different story here. Again JOHN and SYSTEM have ALL rights here. But wait, SIMSON has DALURW access and $REST (everyone else) has LUR. What do these cryptic phrases mean? This, I would gather, would be a good time for me to explain the PRIMOS access codes. So without further ado: Code Right Applies to Allows user to ---- --------- ------------- -------------------------------- P Protect Directories Change accesses and attributes D Delete Directories Delete directory entries A Add Directories Add directory entries L List Directories List directory entries U Use Directories ATTACH to directories R Read Files Read file contents W Write Files Change file contents As illustrated above, the ALL and NONE mnemonics are also PRIMOS access codes. ALL indicates YES to ALL of the above and, as you can full well guess, NONE indicated that all access is denied. Also be aware that file systems (groups of files) can be protected by an access category. To list the access of an access category type the following command: LIST_ACCESS [category_filename] Next is the LIST_GROUP command. It lists all of the ACL groups to which you belong. These groups may govern access to some files on the system. If you don't belong to any groups then PRIMOS will reply with: No groups. (list_group) Otherwise PRIMOS will respond in the following format: Groups are: .HELP .ADMINISTRATORS .ETCETERA The LIST_GROUP command can be abbreviated to LG. LIST_PRIORITY_ACCESS (abbreviation LPAC) is used to display your priority access on any given disk partition. While normally you would use LIST_ACCESS to examine all access rights and priority ACL's on file system objects, LPAC is available since a priority ACL can prevent you from accessing directories and from using the LIST_ACCESS command. Command format is as follows: LIST_PRIORITY_ACCESS [pathname] [-brief] The LIST_QUOTA command (abbreviated LQ) is, in my opinion pseudo-worthless since file quota information is displayed when the LD (List Directory) comm- and is issued. The LQ command displays current disk quota and storage info- rmation for the current (or specified) directory. To issue this command, you need to have L (list) access to the target directory and U (use) access to all higher directories. The proper command format is: LIST_QUOTA [pathname] [-brief] Executed without pathname, LIST_QUOTA returns information regarding the current directory you are ATTACHed to. Quotas are storage space constraints set on a directory. The limits are listed in disk records. A 0 quota is great (indicates no quota). A quota of 1 is absolutely lousy. A quota of 1000+ is ok. If a directory has a quota of, say, 1000, then the total number of disk records used in that directory and ALL sub- UFD's below that may NOT exceed the quota. If you have P (protect) access on the current UFD then you can use the SET_QUOTA command to change the UFD quota constraints. I know I am getting off the subject at hand, but I'll just say this anyway! :-) The format is: SET_QUOTA pathname [-Max N] The abbreviation for SET_QUOTA is SQ. The argument -MAX indicates the max. number of quotas that the specified pathname can store. N is a decimal number. Back to the LIST commands. Next up is LIST_ASSIGNED_DEVICES. This command invokes a utility in CMDNC0 that will display all devices hooked up to your Prime, such as printers, etc. Disk partitions are not listed by the LIST_ ASSIGNED_DEVICES command. Some assignable devices are listed below: Device Code Meaning ASYn Asynchronous Communications Line (a leading zero is required for single digit names; for example ASY07 must be used to specify line 7). Line numbers are in decimal. CARDR Serial Card Reader CRn MPC Parallel Card /reader or Reader/Punch DISK pdisk Physical Partition (pdisk is a partition (volume) number) GS0 - GS3 Vector General graphics display terminal MG0 - MG3 Megatek graphics display terminal MTn Magnetic tape unit PRn Line Printer PTR Paper Tape Reader PUNCH Paper Tape Punch PLOT Printer/Plotter SYNCn Synchronous Communications Line (a leading zero is required to specify single digit lines). You can use the -USER [option] argument to specify a list of users, by name or number. Assigned devices whose assigning user is not in this list are not displayed. The default is all users. The format is either: LIST_ASSIGNABLE_DEVICES -USER {user name} or LIST_ASSIGNABLE_DEVICES -USER {user numbers} Remember, the -USER argument is optional, and not required. It is just useful for listing assigned devices that were assigned by a particular user. LIST_ASYNC is another good one. This command displays all of the systems hard- wired lines and what they are doing. There are three types of assignments that a line can have, and these are: FREE Line is free to be assigned ASSIGNED Line is assigned to a hardware device (printer/etc) LOGIN Line is available for login (terminal or remote) The header for the display is as follows: Line Line Auto speed Line line User User number use enabled speed protocol number name Line number is the physical line's identification name. Line use indicates how the line is assigned (free, assigned, login). Line speed indicates the speed of the physical line. Line protocol indicates the line factor (either TTY or TTYNOP). TTYNOP means TTY not operational. User number indicates the user number associated with the AMLC line. User name is the actual name of any user/phantom using that line. I am not too sure about the Auto speed enabled column. LIST_COMM_CONTROLLERS displays information on all the communication controllers present in a system, excluding the Prime Node Controller. Information is given for each controller and includes the controller name, its type, its device address, the number of synchronous lines attached, and the number of asynchro- nous lines attached. LIST_CONFIG displays the current system configuration. LIST_LAN_NODES displays all nodes on a Prime LAN300 system. Be aware that this external command works only with Prime's LAN300 system (so far as my experience goes). LIST_SYNC displays all synchronous lines on a Prime system. LIST_PROCESS displays the environment of a specified user process. The user's process identity is displayed, together with details of its environment which include: attach points; abbreviation file; active COMI and COMO files; connect, CPU and I/O times and limits; the user's ACL groups; and all active remote identities. There are several more LIST_ commands, but they are not too important at the present moment. I'll let you learn about them on your own via Prime's excel- lent online help facility. To use the PRIMOS online HELP facility, just type HELP. Or, if you know what you need help with, type HELP commandname. Really quite simple. _______________________________________________________________________________ USER-TO-USER COMMUNICATION It is always useful to know how to send and receive messages when on a computer system, and PRIMOS is no exception. Whether communicating with other hackers online, or attempting to social engineer a legitimate user or system operator. Any user on a Prime may send or receive messages. Messages may be sent from: o any user terminal to any other user terminal o any user terminal to the system console o the system console to all user terminals o the system console to any specific user terminal o the system console to any system console on another node of the network (PRIMENET-equipped systems only) Sending messages to users on a Prime is very easy. The message command form- at is as follows: MESSAGE [username] [-NOW] [-ON nodename] [-usernumber] The abbreviation for MESSAGE is M. So instead of typing MESSAGE all the time, you can type M instead. Notice [username] and [-usernumber]. When sending messages to a user you need only specify one or the other. If you were to send a message to user SYSTEM you would type: OK, m system That would enable you to send a message to user SYSTEM. Be aware that the message you send will be displayed to ALL users logged in under the User ID of SYSTEM. In the case that there are more than 1 user with the same User ID log- ged in at the same time, you might want to do use the [-usernumber] argument. It works like this: OK, m -2 That would send a message to the user with the user number of 2. The message you send in this case would ONLY be sent to the user with the user number of 2. Use either the user name or the user number, but not both, for using both will cause an error to be displayed by PRIMOS. If may omit the [username] and [-usernumber] arguments then the message will be sent to the system console. Be careful about this! The -NOW argument is optional. If it is specified then the message will be sent to the user immediately. Otherwise the message will be put into a queue and sent only when the target user has returned to PRIMOS command level. The -ON argument need only be specified if you wish to send a message to a user that is logged in on a remote site. This argument will not be required at all if the Prime you are on is not equipped with either the PRIMENET or the LAN300 networking software packages (by Prime Computer, Inc., of course). In order to use this argument you need to know the remote system's nodename. An example of sending a message to a remote system user is: OK, m hacker -on sys.c This would send a message to User ID "HACKER" on the networked Prime system called "SYS.C". Remember, you need to know the correct nodename of the remote system. Just like in real-life situations (people-to-people), PRIMOS users may or may not wish to speak to you. So before sending a message, you should make sure that the user you wish to communicate with is accepting messages. There are several ways to obtain this information. Message -STATus - Lists receive state of ALL users Message -STATus username - Lists receive state of all users with the name of "username" Message -STATus usernumber - Lists receive state of all users with the number of "usernumber" Message -STATus ME - Lists the receive state of your own terminal/process. NOTE: Capital letters in the above forms of the message status commands ind- icate the legal PRIMOS abbreviations for the commands. When first initiating a session in which you feel you might be doing some user- to-user communication you should issue the "Message -STATus" command. This will display the message receive state of all users presently online. Here is an example of the output you might receive: OK, m -stat User No State SYSTEM 1 Accept PRIME 13 Defer PRIMOS 24 Accept HACKER 37 Reject RAGE 42 Accept In the above example you notice that there are five processes logged in, one of them being the physical system console. The "No" column denotes the user's user number, while the "State" denotes their message receive state. Notice how there are three message receive states listed, accept, defer, and reject. In theory, these states are defined as such: ACCEPT - Enables reception of all messages DEFER - Inhibits immediate messages REJECT - Inhibits all messages If you are set to accept then all messages sent to you will be displayed on your terminal immediately. In defer mode messages will not appear until what you are doing is done (ie, a message will not appear while in the middle of a currently executing command). In reject mode no messages will be received by you. Setting a receive state is useful when you do not wish to be disturbed. It is especially useful to use receive states when using any of the PRIMOS editors or utilities. Sending messages while in reject mode and sending immediate messages while in defer mode is not permitted as the user you are attempting to communicate with will not be able to respond. To set your message receive state, simply type: Message -state '-state' is either accept, defer, or reject. Quite simple. You are advised to avoid sending messages to the system console as that could be potentially hazardous to your stay on a Prime computer system. Pestering legitimate users is also not desired. Use your common sense. _______________________________________________________________________________ A DISCOURSE ON INTERNAL SNOOPING TACTICS Once inside a Prime, your paths are many. Some lead to glory, others to delet- ion of your account (gulp). To aid you in choosing the correct paths, you must snoop about your newfound host. By doing this, you can learn many things, some of which include: o Who owns the Prime and what they are doing on it o More accounts on the system o More accounts on DIFFERENT Prime systems There is plenty for you to do. I strongly urge that you make the snooping pro- cedure a routine and that you do it *immediately* upon obtaining an account, as you never know how long it might last. Finding out who owns the Prime and what they do on it is always rewarding. The best systems I have been on were Prime Computer, Inc. development systems, 3rd party development systems, and Prime's belonging to certain telephone companies (which shall, of course, remain unmentioned). Depending upon who owns the host you may obtain a bit more information that you had expected. More accounts on the system is what you are really after, however. Many users are exceedingly lax. A brief inspection of all mail in the queue can sometimes yield accounts, as can individual programs (source code) and documents. There will be more on this topic in the section entitled, "Exploring the Vast Reaches of a Prime". As for more accounts on different systems, I am saving that for the article on Prime networking (Part IV). There will be a host of information regarding the advanced snooping tactics used in order to snoop about PRIMENET-based systems and their respective Token-Ring/LAN300 networks. _______________________________________________________________________________ INTERNAL SECURITY Before you can really start exploring your new Prime, you need to understand how PRIMOS internal security is implemented and how to get around it. As you have seen from the section con basic PRIMOS commands, PRIMOS utilizes access control lists (ACL's). Getting around ACL's is almost an impossibility. There will be a full discussion on ACL's in Part V. Also you will occasionally run into passworded directories. To attach to a passworded directory, you would type something similar to this: OK, a 'dirname password' Notice how you followed the directory name with the password and enclosed the entire deal with quotes. If you were going to attach to a passworded sub-UFD you might type something like this: OK, a 'primenet*>info>source password' Passworded directories can be a pain in the ass, but, unlike ACL's, they can be gotten around. Look inside CPL programs (by SLISTing them) for occurrances of ATTACH statements enclosed in single quotes. Thats about all the internal sec- urity in PRIMOS up to the current revision level (22.0.0). _______________________________________________________________________________ EXPLORING THE VAST REACHES OF A PRIME When looking around a Prime, always start in your initial attach UFD. Check out every file in it and every file in sub-UFD's under it. When finished there cruise on up to MFD 0 and start down-attaching to the many UFD's there and look at everything. SLIST all SAM files, read all mail, look at EVERYTHING. Leave no UFD un-attached to! Leave no file un-read. Understandably it will take a good few hours (sometimes as many as 12) to fully investigate a Prime, but believe me, it is worth it. Capture everything that looks valuable to your buffer. When done looking, follow up everything you captured. Well, that about wraps up Part II of this series. Look forward to lots of use- ful information regarding the myriad of PRIMOS applications in the next part of this series. Just some of the information in the next part will be: o Using EDIT_PROFILE to create and modify accounts o The DSM (Distributed System Management) utilities o Using the myriad of MAIL utilities o Editing and Uploading text via the ED text editor Until then may the forces of darkness become confused on the way to your house. _______________________________________________________________________________ End of Part II of the "Introduction to the PRIMOS Operating System" _______________________________________________________________________________ _______________________________________________________________________________ INTRODUCTION TO THE PRIMOS OPERATING SYSTEM Part III (Useful PRIMOS Applications) Written by Violence Copyright (C) 1989 The VOID Hackers _______________________________________________________________________________ Welcome to Part III of my series on the PRIMOS operating system. In this part I will detail the several useful appliactions you are likely to find on Prime computers. You will learn about the DSM (Distributed System Management) util- ities, the EDIT_PROFILE utility (the PRIMOS user editor), and several others. _______________________________________________________________________________ EDIT_PROFILE EDIT_PROFILE is the utility that is used to add, delete, and modify users on a Prime computer running PRIMOS. It is similar to the VAX/VMS AUTHORIZE utility. There are three modes of EDIT_PROFILE access, and these are: o System Initialization (SI) mode o System Administrator (SA) mode o Project Administrator (PA) mode You will probably never be using EDIT_PROFILE in System Initialization mode as that mode is used for initial system user setup). SA mode will allow to perf- orm wholesale user modifications, whereas PA mode will only allow you to perf- orm modifications to users in the same project as you. When you decided to try out EDIT_PROFILE on the system that you have hacked into, type this: OK, edit_profile If it gives you an error message then you obviously don't have good enough pri- vileges. Don't give up hope, however, as there are ways around this. Unfort- unantly, though, the methods which you must use are beyond the scope of this tutorial. It involves programming in a high level language (FORTRAN IV, FORTR- AN-77, PL/1 Subset G, et. al.) as well as knowledge of the appropriate system calls to make. Do lots of research and experiment. You might just get lucky. If, on the other hand, it allows you to invoke EDIT_PROFILE then it will disp- lay the utility's herald (revision number, serial number and copyright inform- ation) and a message stating what mode you are in. The mode message will be one of these: In system administrator mode In project administrator mode If you are in SA mode then the account you are using has SYS1 privileges (thats the best you can do from a remote standpoint). Before I get deep in how to use EDIT_PROFILE properly I should mention that I have the source code to this won- derfully useful program and a security audit feature was added in during the last few years (circa 1986). It will log all successful and failed commands. The only ways I have discovered around this is to remove the logging procedures from the code and recompile it online, but that's pretty advanced stuff and not advised at any rate. The best you can do at maintaining your presence on the system is not to use EDIT_PROFILE overly much. In fact, don't use it unless you must. I generally use EDIT_PROFILE once per hack, and that is after I get in. What do I do? I obtain a full user/project listing for future hacking purposes. You can't obtain an account's password from within EDIT_PROFILE, but you can obtain a full user and project listing, as well as add, modify and delete users. If you get a user list, try and hack at those accounts before wontonly adding user accounts. Be sensible. Get all that you can before add- ing a user. And if you must add a user, just add one. There is no need to add 3 or 4 users. No need at all. One user is easier to hide than 3+. Use common sense here, guys. Once EDIT_PROFILE has been invoked you will be dispatched mercilessly to the ">" prompt. To obtain help, just type HELP and press RETURN. Before I get in- to adding users, I'll discuss the procedures for pulling user lists and similar information. To get full information about the system you are on (projects, users, etc) you simply need to type: >list_system -all You can abbreviate the LIST_SYSTEM command with LS. You can list individual system attributes by substituting new arguments in place of the -ALL argument. To see what LS arguments are available, type HELP. You should experiment with the available "LIST_" commands in EDIT_PROFILE. Before attempting to add a user on any Prime system you should always list the system attributes so that you will know what projects and groups are in use. When you decide to add a super-user, make sure that you add yourself to the common project (usually DEFAULT) and all of the high-access groups (examples I have seen are: .ADMINISTRATORS$, .PROJECT_ADMINISTRATORS$, .OPERATORS$, .NET_MGT$, etc). Adding super-users is not always a good idea. Never add more than 1 or 2 users on a system. Also, try to follow the naming convent- ions used on the system. If users have their first name as a User ID, then when you add a user make sure that your new user's User ID is a first name. Likewise, if all users have their initials as their User ID then make sure that your new user has a User ID with initials. Now, to add a user, type: >add_user username Where "username" is the User ID you wish to use. After you type this you will be asked for your password. Enter the password that you wish to use. Then you will be asked for your group(s) and your default login project. Like I said, you should use the "LIST_" commands to see what group(s) are in use. Groups always start with a period (.). Give yourself the administrator groups and you will be doing good. As for project, an entry of DEFAULT will usually suffice. An easier method to add users is to use the -LIKE argument. Try this: >add_user username -like system Again, "username" is the name of the User ID that you wish to use. This arg- ument of the ADD_USER command will make a copy of the user called SYSTEM (found on all Primes that I have seen; also a user of the super-user class) and add the copy as a new user but with a different name. Now, set your password with the CHANGE_USER command. Type: >change_user username -pw You will be prompted for your new password. Ta da. You now have a User ID with the same stats as the User ID "SYSTEM". Occasionally upon adding a user you may have to add your User ID to a file called LOGUFD located in one of the UFD's off of MFD 0. This will generally not happen. If it does, then simply correct it with one of your other accounts. You are advised not to wontonly delete users or edit them. Also try not to use the CHANGE_SYSTEM_ADMINISTRATOR command. In basis, type HELP and start to exp- eriment (but be careful of what you do). Make sure that you keep track of the changes that you make so that in the case you mess something up you can fix it. Get your feet wet. If you find yourself in PA mode you can do most of the above, but only regard- ing the project that you are administrating. Thus you can only add users to that project, only delete users from that project, etc. This means no adding of super-users, etc. _______________________________________________________________________________ THE DISTRIBUTED SYSTEM MANAGEMENT (DSM) UTILITIES The DSM utilities is a set of commands and services that help with the admini- stration and day-to-day operation of Prime computer systems. It is intended primarily for use with networked systems, but can also be used on single Prime systems (those lacking networking capability). The DSM utilities allow Prime system administrators and senior operators to perform system management tasks from any point on a network. DSM's main facilities are summarized below. o SIM (System Information/Metering) Commands System status and resource monitoring of local and remote systems from any point within the network. o RESUS (REmote System USer) Facility Control of remote Prime systems from any terminal. Allows use of console-only commands from a remote terminal. o Collection and collation of event messages, including PRIMOS and network events, through DSM's Unsolicited Message Handling (UMH) and logging services, with redirection of event messages to log files or users throughout the network. o Generalized logging of DSM messages in private or system logs, with commands for administering, displaying and printing logs. o Facilities for defining users' access to DSM commands throughout the network, in a single configuration file. As you can see, the DSM utilities can be a very useful asset to have. Unfort- unately, SYS1 privileges (administrator) are required to use the most exciting aspects of the DSM utilities. All normal users can utilize the SIM commands, and I have even mentioned some of them in other parts of this series. What is really useful to us, however, are the RESUS and log utilities. In a nutshell here are the basic DSM commands. After this list will be full discourses on the RESUS utility and the SIM commands. Remote System Control: RESUS -- Invokes Prime's REmote System USer facility. Event Message Handling and Redirection: CONFIG_UM -- configures DSM Unsolicited Message Handling. Administering Logs: ADMIN_LOG -- creates and administers DSM log files. Displaying and Printing Logs: DISPLAY_LOG -- displays and prints the contents of log files, including system and network event logs. DSM Configurator Commands: CONFIG_DSM -- creates a new DSM configuration file. DISTRIBUTE_DSM -- distributes a new DSM configuration file. STATUS_DSM -- displays the currently active configuration. DSM Startup and Shutdown Commands: START_DSM - starts DSM system console commands. STOP_DSM - stops DSM system console commands. For more information on any of the DSM commands, type: HELP command-name or command-name -HELP _______________________________________________________________________________ THE RESUS UTILITY RESUS is the REmote System USer facility, and allows remote operation of the physical supervisor console from any terminal. What this basically means is that, with RESUS enabled, all users with administrator access will be able to execute commands that are normally only executable from the system console. It will let you force log other users off the system (not a good idea to use this capability unless you MUST), take the system down (you must be STUPID to do such a thing), etc. RESUS supports the following command line options: {-ENABLE } {-DISABLE [-FORCE] } {-START [-ON node name] } {-STOP } {-STATUS [-ON node group] } {-HELP [-NO_WAIT] } {-USAGE } -ENABLE This option enables RESUS to be used on a system. It is only valid from the supervisor terminal. -DISABLE This option is used to prevent RESUS from being used on a system on which it has previously been -ENABLEd. The -FORCE option must be supplied if the RESUS is actually in use. It is only valid from the supervisor terminal. -START [-ON node name] This is the means by which an authorised user of RESUS may invoke REmote System USer facilities on a system. If -ON node name is omitted, the default is the local node. For this command to be successful, RESUS must previously have been -ENABLEd at the supervisor terminal. -STOP This option terminates remote control of the supervisor terminal, leaving the REmote System USer facilities available for use by other authorised users. It is only valid from the remote terminal in control of the supervisor terminal through RESUS. -STATUS [-ON nodegroup] This displays the current status of RESUS on all nodes in a specified node group. If a node group is not specified, the status of the local node is displayed. -HELP, -H [-NO_WAIT, -NW] Displays command-specific Help text. -USAGE Displays command line syntax. _______________________________________________________________________________ THE DSM SIM COMMANDS The DSM SIM (System Information/Metering) commands gather and display information about system/network status and resource usage from any point on the network. SIM commands are invoked from the PRIMOS command line. They can be invoked from any terminal to display information about any system on the network. They can be invoked once, or periodically at specified time intervals. Output displays are paginated for screen display and can be recorded in private or system log files. User access to SIM commands on local and remote nodes is controlled by DSM security. A list of SIM commands and descriptions of the general SIM options follows. LIST_ASSIGNED_DEVICES - lists assigned devices LIST_ASYNC - lists asynchronous terminals LIST_COMM_CONTROLLERS - lists comms controllers configuration LIST_CONFIG - lists PRIMOS coldstart configuration LIST_DISKS - lists disk partition names LIST_LAN_NODES - lists nodes on LAN300 local networks LIST_MEMORY - lists physical memory usage LIST_PRIMENET_NODES - lists PRIMENET configured nodes LIST_PRIMENET_LINKS - lists active PRIMENET links LIST_PRIMENET_PORTS - lists assigned PRIMENET ports LIST_PROCESS - lists active system processes LIST_SEMAPHORES - lists active semaphores LIST_SYNC - lists synchronous line configuration LIST_UNITS - lists users open file units LIST_VCS - lists active virtual circuits General SIM options are: -HELP, -H [-NO_WAIT, -NW] -USAGE -ON {node, nodegroup} -PRIVATE_LOG, -PLOG pathname [-NTTY, -N] -SYSTEM_LOG, -SLOG pathname [-NTTY, -N] -NO_WAIT, -NW -FREQ integer -TIMES integer -START, -S date+time -STOP date+time -ON {node, nodegroup} This option allows you to specify the target node, or nodegroup to which the command is to be directed. The default is to direct the command to the node on which the command is invoked. -PRIVATE_LOG, -PLOG pathname [ -NTTY, -N ] -SYSTEM_LOG, -SLOG pathname [ -NTTY, -N ] The -PRIVATE_LOG option allows you to specify a standard PRIMOS pathname as a DSM log file to which all messages from the target nodes are to be logged. If the log does not already exist, it is created automatically for you. User DSMASR (the DSM application server) must have ALL access to the directory that contains the log. The -SYSTEM_LOG option allows you a similar facility using logs that are maintained on the system logging directory DSM*>LOGS. System logs only exist on this directory or its subdirectories, and must be created with the ADMIN_LOG command prior to use. Logged data can subsequently be retrieved, printed and displayed using the DISPLAY_LOG command. -NTTY, -N; can be used with the -PRIVATE_LOG and -SYSTEM_LOG options, and indicates that no data is to be displayed to the user. When this option is used, the command spawns a phantom which executes the command on your behalf, and frees your terminal. -HELP, -H [NO_WAIT, -NW] This option overrides all other options to display help information about the associated command. -USAGE This option overrides all other options to display usage information, for the associated command. -NO_WAIT, -NW This option indicates that you are not to be prompted or queried during the command output display. If this option is not used, you are prompted between each target node's response, and after every 23 lines (1 page) of output displays '--More--' and waits, for your response. To see more output press the carraige return. To supress further output and return to command level, type Q, Quit, N, or No. Any other response will display more output. -FREQ -TIMES -START, -S -STOP These options can be used to implement periodic execution of a command. -FREQ option provides periodic execution of a command, with the interval between executions determined in seconds. The interval you specify is the interval between two successive executions of a command, and not the interval between completion of the command's display and the next execution. The interval is corrected to the nearest multiple of four seconds below that specified.If FREQ 0 is specified, the command is re-executed immediately on completion of the previous execution. If the interval elapses before completion of the previous display, the next execution is delayed until the display is complete. -TIMES is used in association with the -FREQ option, to set a limit on the number of times that a command is to be executed. -START, -S sets the date and time that execution starts. The format can be in either ISO standard: (YY_MM_DD.HH:MM:SS) or in USA standard: (MM/DD/YY.HH:MM:SS) Defaults are: year to current year; date to current date; and time to zero. -STOP sets the date and time execution stops; format and defaults are the same as for -Start. In the absence of any of these four options, the command is executed once, and immediately. In the presence of any of these four options, the defaults applied to the unspecified options are: -FREQ immediate reexecution -TIMES infinite -START now -STOP never For more information on any of the SIM commands, type: HELP command-name or command-name -HELP _______________________________________________________________________________ PRIMOS ELECTRONIC MAIL CAPABILITIES PRIMOS, like any other operating system worth it's beans, supports full elect- ronic mail capabilities. However, the mail system used will vary from system to system. A lack of standards? Perhaps. But I find it enjoyable learning the differences between the many mail systems available. I won't discuss how to use the mail systems I discuss due to lack of space, but that should pose no problem, as all of them have online help available. Prime Computer, Inc.'s old mail system (invoked by typing MAIL) is your typical run-of-the-mill mail system. It's not too difficult to figure out how to use. Prime Computer, Inc. has also created a PRIMOS implementation of the UNIX XMAIL system. This seems to be their preferred electronic mail system. It is very easy to use, not to mention very powerful. My favorite electronic mail server is NETMAIL, written by those cunning prog- rammers at Bramalea Software Systems (the same firm that created LOGIN_SENTRY). NETMAIL is the mail server with the most useful features. Not only do you get the normal features of sending user-to-user mail locally and to similarly con- figured sites on the network, you can also send: o Courtesy copies to other users o Encapsulated non-SAM files Courtesy copies is basically message forwarding. Assume I wrote a memorandum. If I wanted all the people on the 'Board of Trustees' to get a copy I just send cc's (courtesy copies) to them. The file encapsulation feature makes NETMAIL a pseudo-file transfer application like FTS (File Transfer Service, Prime's answer to UNIX's FTP utility). Say I wrote a useful public domain program and want to distribute it to some users on the local system and some remote systems. Don't want them to get the sources, now do we? So we encapsulate the executable file (compiled program) and mail it out as an encapsulated file. When the recievers read their mail, they will be able to tell NETMAIL to save it as a file to their directory. Very nice! Some sites use custom-written mail utilities. It all depends. Most, if not all, are rather user-friendly and easy to learn without documentation. Don't forget! Online help files. _______________________________________________________________________________ ED - THE PRIMOS TEXT EDITOR ED is the PRIMOS text editor and it is line-oriented as opposed to full-screen. If you are using VT-100 or a similar emulation, you might play around with the EMACS full-screen editor, but I won't be discussing EMACS here. After all, it comes with it's own interactive tutorial. Another reason why I won't be discu- ussing it is because not all Prime sites have it online (it is a separately priced product). RUNOFF is another separately priced product. It is a fully equipped word processor. ED, on the other hand, comes with PRIMOS and it is always available. To invoke the PRIMOS EDitor, type: OK, ed This will enter ED with an empty workspace. You are creating a new file. To edit an existing filesystem object, type: OK, ed filename When you enter ED with an empty workspace you will be dumped into INPUT mode. Everything you type here will be taken as input into the file you are creating. If you tell ED to load a file and edit it (ie, ED filename) then you will be dumped into EDIT mode. Everything you type will be taken as ED editing comm- ands. To switch between INPUT and EDIT mode, issue a null line (that is to say, press the RETURN key). This brings a new problem into mind. How do you make a blank line if when you press RETURN alone it switches between modes? Yes, this is a shortcoming to PRIMOS users that are used to standard text editing systems. To create a 'null' line, type a space and then press RETURN. It looks null, but it is really treated as a line 1 character in length by ED. Take note that both INPUT mode and EDIT mode use no prompt. Ok, to illustrate what we have learned so far, consider this 'pretend' session with the ED line editor: OK, ed INPUT Hey, this is pretty nice. A nice text editor. Heh. Ok, lets see what Damn! No wordwrap. Remember, press RETURN at the end of each 79 characters, ok? Now, lets go to EDIT mode... EDIT wow BAD WOW INPUT oops! 'wow' is not an ED command! I'll discuss ED's EDIT mode commands in a few minutes. Let's quit! EDIT q FILE MODIFIED OK TO QUIT? y OK, Okay, we are back at the PRIMOS command line. Damn! We forgot to save our newly-created text! What do we do now! Don't panic. Your text is still floating around in PRIMOS' memory. To restore your ED session, type: OK, start 1000 <-- Continues from break or OK, start 1001 <-- Resume in EDIT mode So, let's test it out, shall we? OK, start 1001 EDIT file sample_text q OK, Alright. A few comments are now in order. Normally, when done with a docu- ment you would FILE the text away and then QUIT. If you try and QUIT without saving new text or changes made to text, you will be told that the file has been modified and asked for verification to quit. Should you make a 'boo-boo' you can save your text by using one of the START command variations. The two EDIT mode commands we have just learned are: FILE (abbreviated FIL) Files your text to the current UFD QUIT (abbreviated Q) Exit ED to the PRIMOS command line An alternate command to save your text is the SAVE command (abbreviated by SA). I prefer SAVE to FILE because SAVE is also used on my microcomputer. Use whichever you prefer, however. A great feature of the START command will now be illustrated. Say you are mov- ing around UFD's and you end up trying to create a file in a directory that you don't have W (Write) access in. Oh no! How do we save this new CPL prog- ram we just created? Simple! Using techniques that you have just learned you can move to a different UFD (one that you have W access in) and save your text in. First, get into EDIT mode and QUIT the EDitor. From the PRIMOS command line, use the OR command to get to your 'home' UFD or ATTACH to a different one and then issue the START 1001 command. Now FILE your text. Voila! A nice trick for the forgetful. We now know the very basics of the PRIMOS line EDitor. We can create new files from scratch, append text to existing files, save or abort our modifications, and recover our text if we accidentally quit or hit the BREAK key (or send a BREAK signal). What we don't know is how to edit the text within an existing file or how to insert/delete text from an existing file (which is really easy). So read on! CAVEAT! PRIMOS normally uses the '?' and '"' (double quote) as the kill and erase characters, respectively. So typing a '?' in INPUT mode will kill the entire line. A '"' will similarly erase the previous character. I find the '?' and '"' characters integral in my documents and you will probably too. The fix? Simple. From the PRIMOS command line, type: OK, term -erase OK, term -kill _ Press CONTROL-H where it says ''. This will make the erase character a backspace and the kill character the DELETE key. Substitute whatever char- acters you feel most comfortable with on your microcomputer. I will detail the TERM command more fully in Part V in the section entitled CUSTOMIZING YOUR ENVIRONMENT. Another caveat. The semicolon character at the end of a line (';') will force a linefeed (as if you had pressed RETURN instead). You can end a line with either RETURN or a semicolon (useful if your RETURN key is broken?). If you enter a line of text containing semicolons such as this: line one;;line three ED will take it and output it as this: line one line three instead of: line one;;line three Depending upon the location of the semicolon it may produce a linefeed or a mode switch. Thus, the line of text: This is a caveat; will switch you from INPUT mode into EDIT mode. Avoid having semicolons at the end of a line of text. I will detail the method you will have to use to get around this if you want to have semicolons in your file. Should you wish to edit/insert/delete lines of text within an existing file you will have to learn how ED addresses text in it's buffer. I'll assume that you have loaded a file into ED and are in EDIT mode. The basis of our example: OK, ed example_file EDIT Ok, now let's view the entire file: p 9999 .NULL. This is the text of the file we are using in our example. I will change this file around so that you will see how to edit/add/delete text in a file. .NULL. BOTTOM This example used 'P 9999' to display the contents. 'P' is the abbreviation for the PRINT command. So you see, I told ED to PRINT the first 9999 lines of the file in it's buffer. PRINT displays the specified number of lines (9999 in the example) and makes the last line displayed the'current' line. The .NULL. is not a part of the file, but rather a marker. It marks a place where you can insert text. BOTTOM indicates that you are at the bottom of the file. Should you type PRINT (or P) again it will simply say: .NULL. You can type PRINT (or P) by itself without a numeric argument. PRINT has a default value of 1. Conversely, a PRINT -n ('n' being a whole number) command will cause ED to display the file backwards. To get to the top or bottom of a file, type: top <--- Abbreviation is T or bottom <--- Abbreviation is B Very simple. To see what the line number of the current line you are pointing to is, type: where BOTTOM Since we did that PRINT 9999 command we are at the BOTTOM of the file. Let's go to line 2. Type: point 2 This will set the ED pointer to line number 2. ED will tell you that you are at line 2 by displaying line 2 on your screen. You can abbreviate the POINT command by typing PO instead. Now try the WHERE command (it also has an abb- reviated form, which is W). Type: w LINE 2 Ok, we now know how to move around in a file and display some or all of the lines of text it contains. The NEXT command (abbreviated by N) will move the pointer to down the specified number of lines towards the BOTTOM of the file (assuming that the specified number is positive). Negative numbers will move the pointer up. As per the PO command, the new pointer line will be displayed. Here are two examples: n 1 to edit/add/delete text in a file. n -2 This is the text of the file we are using in our example. To find text in the bufferm use the LOCATE command (abbreviated L). For exam- ple, to find the string 'change this file' type: l change this file I will change this file around so that you will see how Now look and see where you are. Type: w LINE 2 Aha! The LOCATE command not only finds the specified string, but sets the pointer to the new line. Now, try and LOCATE the string 'Aunt Jamima'. Type: l Aunt Jamima BOTTOM ED could not find the string in the text. The new pointer is BOTTOM, meaning that you are at the last line in the file. Similar to LOCATE is the FIND command (abbreviated F). FIND only checks to see if the specified string is at the beginning of a line (ie, the first character is in column 1, the second in column 2, and so forth). Here is an example: find to edit/add to edit/add/delete text in a file. As with LOCATE, FIND displays the line and resets the pointer to its new loc- ation. If the string is not found FIND returns with BOTTOM and sets the point- er to the bottom of the file. NFIND is a similar command which works in the opposite manner of the FIND comm- and. NFIND (abbrevated NF) will locate the first line below the current line which does not begin with the specified string. In the following example, I'll display use of the NFIND command as well as display the method you may use to have multiple ED commands on one line. EDIT p3 .NULL. This is the text of the file we are using in our example. I will change this file around so that you will see how to edit/add/delete text in a file. top, nfind This is I will change this file around so that you will see how As you can see, NFIND only finds the first line that does not start with the specified string. Also note the use of the comma as a command delimeter when issuing the TOP and NFIND commands. Just like with LOCATE and FIND, NFIND will also return BOTTOM and set the pointer to the end of the file if it cannot find a line not starting with the string you specify. You can also FIND and NFIND string patterns on a line starting at a column pos- ition other than 1. The format for this option is displayed below: f(8) change this file I will change this fie around so that you will see how The parenthesis are required and there cannot be any spaces between the command and the (#). To append text to the end of the current line, use the APPEND command (abbrevi- ated with A). To append ' 02/24/89.' to the end of the last line, type: po3 to edit/add/delete text in a file. a 02/24/89. to edit/add/delete text in a file. 02/24/89. You must have a space between the APPEND command and the string you wish to append. If you had instead typed: a 02/24/89. you would have gotten: to edit/add/delete text in a file.02/24/89. Use the CHANGE command (abbreviated C) to change a string in the current line. The first character after the CHANGE command is used as the delimeter. This is a more complicated command than most other ED commands. Format: CHANGE/string-1/string-2/[G] [n] 'string-1' is the original string and 'string-2' is the replacement string. G specifies a global change. If G is ommitted then only the first occurance of string-1 will be changed. 'n' is a pointer value. If it is 0 or 1 (default values) then the change will be made to the current line (assuming the G option is not in use). If 'n' is a value other than 0 or 1 then ED will inspect and make changes on 'n' lines starting at the current line. As sual, ED will reset the pointer to the last line inspected. Should the file contain fewer than 'n' lines then ED will make the specified changes in all the lines of the file and end by saying BOTTOM. Should you wish to change a string containing slashes ('/'), CHANGE's delimeter character, then substitute a new delimeter character. Examples: f 02 to edit/add/delete text in a file. 02/24/89. change:02/:01/: to edit/add/delete text in a file. 01/24/89. c#/#-# to edit/add/delete text in a file. 01-24-89. c/01-24/24-Feb/ to edit/add/delete text in a file. 24-Feb-89. You should always issue the TOP command prior to making global file changes. To insert characters at the beginning of a line, use CHANGE like this: po3 to edit/add/delete text in a file. 24-Feb-89. c//Last Line --> / Last Line --> to edit/add/delete text in a file. 24-Feb-89. Remember our dilema with the semicolon character (';')? Say you want to have semicolons in your file. Lets put a semicolon in our file. First, lets mark where we want ED to put the semicolon. Do this: po3 Last Line --> to edit/add/delete text in a file. 24-Feb-89. c/. 24/@ 24/ Last Line --> to edit/add/delete text in a file@ 24-Feb-89. top, c/@/;/g9999 Last Line --> to edit/add/delete text in a file; 24-Feb-89. If you know where you want your semicolons from the start then just use a char- acter that you don't plan on using elsewhere in the file (like the '@' charact- er) and place them where you desire. Then perform the above procedure. Voila! Instant semicolons when you thought it couldn't be done. To delete commands from a file, use the DELETE command (abbreviated with D). I believe I don't like the second line of our example file. Let's delete it. To do this, type: po2 d top p9999 .NULL. This is the text of the file we are using in our example. Last Line --> to edit/add/delete text in a file; 24-Feb-89. .NULL. No more line 2. As with other ED commands, DELETE deletes from the current line. DELETE 1 will not delete the first line of the file, but rather the current line. DELETE 5 will delete the fifth line from the current line (with starting line being the current line). The last ED command I will go over is the RETYPE command (abbreviated with R). RETYPE will delete tge current line and replace it with the specified string. Notice that the text of our example is now nonsensical. The second line is a sentance fragment. All hackers should spell correctly (grin). Let's fix this grammatical error. po2 Last Line --> to edit/add/delete text in a file; 24-Feb-89. r Now you will learn how to edit/add/delete text in a file. Now you will learn how to edit/add/delete text in a file. RETYPE followed by a space and a RETURN will delete the current line. This will make a 'null' line. This can be used as an alternate method for creating 'null' lines (to delimit paragraphs in your text) as opposed to making the line a blank space. Let's look at both the original example file and its present form: ORIGINAL: This is the text of the file we are using in our example. I will change this file around so that you will see how to edit/add/delete text in a file. CURRENT: This is the text of the file we are using in our example. Now you will learn how to edit/add/delete text in a file. The most useful means of using ED is to upload text (documents or sources) to the host Prime. Simply load in the file on your microcomputer and go into your terminal program's editor. Change all occurances of a null line to a space and a RETURN. Now enter ED and upload your file via the ASCII protocol. You might need to lower the sending speed (the line delay) if you seem to be sending text too fast for ED to get it. When done with the send, just enter EDIT mode and SAVE or FILE the text. WARNING: If the filename you specify ED to save your text as exists in the cur- rent UFD then ED will overwrite the file with the text in its buffer. Be care- ful not to use an existing filename when you save files or you might be sorry. Now for some important notes on PRIMOS filenames. 1. Filename can be up to 32 characters long. 2. Filenames can only contain the following characters: A-Z, 0-9, & - $ . _ / # 3. The first character cannot be a number. 4. No embedded blanks or special characters (like [ ] ( ) { } etc). 5. All characters are mapped to UPPER CASE by PRIMOS. Legal Filenames Illegal Filenames MYFILE MY FILE TODAYS-SYSTEMS SYSTEMS? $MONEY 4MONEY TEXT_FILE ACCTS@PRIME PRIMES&VAXEN "COOL" NOTE: ED does not like TABs! Do not use your terminal's TAB key! ED will not understand them. To tell ED to use a TAB, use the backslash ('\') charac- ter. Example: tab\this\out\for me. is interpreted as: tab this out for me. EDitor has many other commands. Type HELP ED to obtain a list of them and a brief statement of each one's function. Question: Ever see a more detailed description of how to use a text editor on a mainframe in a 'how-to-hack-this-op/sys' type of file? _______________________________________________________________________________ EXPERIMENTATION WITH OTHER PRIMOS APPLICATIONS AND UTILITIES There are many other applications that you will find on Primes. Some of them useful and interesting, some of no use whatsoever to the hacker. I can't begin to describe them here. This part of the series is already larger than I had planned, so I am going to have to end it here. Here is a very incomplete list of applications commonly found on Prime computer systems: PRIME INFORMATION A database system PRIME WORD A word-processing system MIDAS A graphics design utility TELL-A-GRAF A graphing utility ORACLE A database system There are tons more application systems to be found on Primes. Experiment! It is best to experiment with available applications to see if they can be useful. Read people's word processing documents, see what's in their database. Never know what you might find! Just be careful not to delete or change anything! In the next installment of this series I will detail the networking utilities & software available for the Prime computer. I will cover the network-related SIM commands, the NETLINK utility, PRIMENET, and more! Look for it. May the forces of darkness become confused on the way to your house. _______________________________________________________________________________ End of Part III of the "Introduction to the PRIMOS Operating System" _______________________________________________________________________________ _______________________________________________________________________________ INTRODUCTION TO THE PRIMOS OPERATING SYSTEM Part IV (Prime Network Communications) Written by Violence Copyright (C) 1989 The VOID Hackers _______________________________________________________________________________ Welcome to Part IV of my continuing series on the PRIMOS operating system. In this installment I plan on covering Prime's network communications capability and the associated utilites that you will find useful. Just like other popular mainframes, Primes too have networking capabilities and support many communications applications. Prime's main communications products are PRIMENET, RJE and DPTX. I will only be going over PRIMENET in this series, as discourses on RJE and DPTX are beyond the scope of this series. For a good discussion on RJE and DPTX I refer you to Magic Hassan's excellent article on the subject (appearing in Phrack, Inc., Issue 18). _______________________________________________________________________________ PRIMENET Available for all models of Prime computers, PRIMENET is Prime's networking software. In a nutshell, PRIMENET is like a Token Ring LAN network. PRIMENET is superior to most Token Ring LAN applications, however. To really be able to visualize how a PRIMENET ring network operates, you need to be familiar with the Token Ring type of LAN (Local Area Network). Token Rings are basically 'circles' of computers (referred to as 'nodes') that are electronically connec- ted to eachother. The individual Prime computers on the PRIMENET ring are res- ponsible for allowing remote users to be able to access them, however. PRIME- NET simply allows simplified communications between all the netted systems. In the following diagram you will see a sample PRIMENET ring with six Prime compu- ters located on it. Each of the individual nodes may or may not be connected to the telephone network, another PRIMENET ring, or one of the many public data networks (PDN's) like TELENET. Here is an example of the manner in which a PRIMENET ring is set up: PRIME PRIME \_/ PRIME-(_)-PRIME / \ PRIME PRIME Each node receives information from it's neighboring system and transmits it to the node immediately downstream on the ring. In this fashion any node can send information to any other node by sending it through some or all of the others. As I stated previously, PRIMENET ring networks are superior to most Token Ring LAN applications. But in what ways? Some of the features of a PRIMENET system are listed below: o Any terminal on the PRIMENET ring can login to any system on the PRIMENET ring. o Processes running at the same time on different systems can communicate interactively. o Transparent access to any system in the PRIMENET network without use of any additional commands or protocols. o Complete access and protocol support for packet-switched communications between PRIMENET systems and mainframes located on almost all Public Data Networks (PDN's). All these features allow you to do things like access disk partitions on system A from system B, rlogin from system A to system B (requiring ONLY an account on system B), and so forth. In this installment I will explain the many things that you can (and should) do with a PRIMENET-equipped system. _______________________________________________________________________________ CHECKING OUT A PRIMENET SYSTEM Should you get into a PRIMENET-equipped system, there are a few things that you should do to learn more about the intra-system links and such. In this section I will describe all the procedures that you will need to initiate in order for you to determine said information. The first thing you should do is to use three of the DSM (Distributed System Management) utilities (remember, I described the DSM in full in Part II). The three DSM utilities (external commands, really) you should invoke are: LIST_PRIMENET_LINKS - Lists PRIMENET status LIST_PRIMENET_NODES - Lists configured PRIMENET nodes LIST_PRIMENET_PORTS - Lists assigned PRIMENET ports The information returned to you by these external commands will describe the current PRIMENET setup in detail. You will obtain remote nodenames, PRIMENET addresses, link devices, gateway nodes, configured access, and whether or not the individual nodes require remote passwords for login. Here is a good examp- le of the results obtained from a LIST_PRIMENET_NODES: OK, list_primenet_nodes ** VOID ** Remote Primenet Link Gateway Configured Validation node address device node access required? +-----------------------------------------------------------------------------+ | 2600HZ | 99994738593624 | LHC00 | | remote login, RFA | no | | THRASH | 3110XXX00254 | PNC00 | | remote login, RFA | yes | | VIOLEN | 3110XXX00245 | SYNC00 | | remote login, RFA | yes | | PSYCHO | 99994734748381 | SYNC00 | | remote login, RFA | no | | SCYTH | 3110XXX00324 | SYNC00 | | remote login, RFA | no | +-----------------------------------------------------------------------------+ This assumes that you issued the LIST_PRIMENET_NODES command from the system VOID. It states that it is on a PRIMENET ring with 5 other systems (their names can be found in the "Remote node" column). Note the "Primenet address" column. It lists each systems NUA (Network User Address). Notice that three of the listed NUA's are on TELENET and two are on some bizarre network with a DNIC (Data Network Identification Code) of 9999. Well, the host system (VOID) is located on the TELENET PDN (DNIC 3110) and thus, the DSM knows that all 3110 systems are TELENET and displays their TELENET addresses. The other systems (those with the DNIC of 9999) are located on foreign PDN's and the DSM does not understand the addressing scheme (by default it only understands that of the host system) and thusly, displays their PRIMENET addresses. The "Link device" column tells about the hardware at the individual sites. The host system's device is not displayed, only those other nodes on the ring net- work. LHC00 is a LAN300 node controller. PNC00 is a PRIMENET node controller (PNC). SYNC00 denotes a synchronous communications line. It's not all that important (unless you are a hardware fanatic, that is). The "Configured access" and "Validation required?" columns display important information about the linked systems. If you don't see a "remote login" some- where then you cannot login to the system remotely (you can access it if one of the PRIMENET systems is linked with it's disk partitions, however). If you see a "yes" in the "Validation required?" column then some sort of remote password system has been installed and you are going to have a hard time getting in. As you can see, these DSM commands can be useful when attempting to gain access to other systems on a PRIMENET or LAN300 ring. The rest of this installment will be devoted to utilizing the information gained here to do such. _______________________________________________________________________________ THE PRIMENET RLOGIN FACILITY PRIMENET supports remote logins in the same manner that UNIX machines do. If, for example, a PRIMENET ring had 6 systems on it, 4 on TELENET and 2 in the UK then you could connect to those systems in the UK for free by connecting to one of the 2 U.S. systems and rloging into one of the UK Primes. Using our already defined PRIMENET ring, we'll connect to system PSYCHO from system THRASH. 214 XXX CONNECTED PRIMENET 22.0.0 THRASH login system system -on psycho This will log you in as SYSTEM/SYSTEM on the PSYCHO node (a Prime separate from the THRASH node). This can be VERY useful when you have lost all of your acc- ounts from one node on the PRIMENET ring and do not know the NUA for one of the other ring systems that you still have accounts on. _______________________________________________________________________________ NETLINK NETLINK is Prime's network utility. All users on a PRIMENET system will have access to this communications utility. NETLINK allows you to connect to: o Other Prime's on the same PRIMENET ring as the system you are on o Any system (UNIX, VAXen, etc) located on any of the world's networks NETLINK is a powerful utility and abuse will lead to your accounts removal, so be careful in how you use it. The best thing you can possibly do is, use it to connect to and hack on other systems in the PRIMENET ring. If you MUST use the NETLINK utility to call other systems on the world's PDN's try to call only the systems that accept collect calls. Now, let me tell you how to get into NETLINK and start doing stuff. At the 'OK,' prompt (or whatever it has been set to by the LOGIN.CPL file), type: OK, netlink If NETLINK is available, then you will see something like this herald: [NETLINK Rev. 22.0.0 Copyright (c) 1988, Prime Computer, Inc.] [Serial #serial_number (company_name)] After that floats across your screen you will be deposited at the NETLINK pro- mpt, which happens to be a "@" (Gee, how original). Now, you are all ready to begin NETLINKing. Time to learn how to connect to a system. Now, there are three types of comm- ands that all do basically the same thing, and that is connect you to a remote system. I'll go over the first two types right now and save the third type for a bit later. Depending on the status of the system you are trying to call, you will use either C (connect) or NC (connect, no reverse charging). C and NC both do the same thing, but C will make the connection for free (ie, the people who own this Prime won't get a bill) and NC will make the connection and your net use will be charged. Ok, a good comparison is calling NUA's on a PDN. If the NUA is "collectable" (a term I use to describe a system that accepts collect (ie, no ID required to make the connection) calls) then you will use the C command. Otherwise use the NC command. Almost all international calls will require an NC to connect. If you simply want to call a system that was listed in the LIST_PRIMENET_NODES list, then do this: c An example would be: c thrash If you wanted to call up a system located on the same PDN as the PRIMENET you are on is and the system accepts collect calls, then do this: c An example would be: c 21398 If you want to call up a system that is located on a PDN other than the PDN your PRIMENET is on, then do this: c : An example would be: C 2624:5890040004 Regardless of what you actually end up typing, you will get one of two things: a connect message or an error message. The connect message for the above exa- mple would look like this: 5890040004 Connected The connect message for when you connect to a Prime on the PRIMENET ring would look like this: THRASH Connected Ok, now you simply login (or hack) as you normally would. When you are done, logoff the system as usual. When you logoff, you'll get a message like this: 5890040004 Disconnected Occasionally you will either type the NUA incorrectly or the system you are calling is down. When that happens you will get an error message that looks like this: 5890040004 Rejecting Clearing code = 0000 Diagnostic code = 0010 (Packet type invalid) The error message states the network address you tried to call (less the DNIC), the Clearing code, the Diagnostic code and what the Diagnostic code means in English. At the end of this file is a complete list of all Clearing codes and all Diagnostic codes (for reference). Sub: Other Nets [BitNet etc..] Read: (1-30), Message # 26, (c/r)=Next Msg ?:OP 30/30: Prime file 9 of 10 Name: Predat0r #1 @5211 Date: Sun May 05 02:41:48 1991 From: Youth International Party Line (Kentucky) _________________________________ Sub: Other Nets [BitNet etc..] Read: (1-30), Message # 30, (c/r)=Next Msg ?:- 29/30: Prime file 8 of 10 Name: Predat0r #1 @5211 Date: Sun May 05 02:41:27 1991 From: Youth International Party Line (Kentucky) Now, if you want to abort a session prematurely (not recommended unless NETLINK screws up, and it does on occasions), then there are three things you can do: o Type CONTROL-P o Issue a BREAK sequence o Return to TELENET and do a force Disconnect (via the D command) Those are listed in the order you should try them in. CONTROL-P works most of the time. Doing a BREAK will usually (but not always) close your connection and return you to PRIMOS level. When you do a BREAK, you'll probably see: UUU@UUu QUIT. OK, Now press RETURN so you can clear out the unwanted CONTROL characters that are in the Prime's command line input buffer. Now, restart NETLINK as usual. If you are forced to drop to TELENET, then disconenct yourself and re-login. If your process is still online (about 50% of the time) then don't worry, it will be logged off due to inactivity between 10 and 15 minutes. If your proc- ess got slain then you're in good shape. Now, return to NETLINK as usual. Ok, now you know how to connect and disconnect from systems. Now it's time for the fun stuff, multipadding and other advanced commands. The escape character for NETLINK is the "@" character (same as with TELENET). Basically, you type: @ to return to NETLINK while online. Doing this will take you back to NETLINK command mode. It will leave the circuit open. To reconnect to the system, type: continue 1 You will then be reconnected to the system you were on. Now for a slight draw- back. If you are using TELENET or any other PDN that uses TELENET's software, then using the NETLINK escape sequence ( @ ) will take you back to TELENET network command level instead of back to NETLINK command level. There are two ways to correct this problem. The first is to type the following while in NETLINK: prompt $ This changes the NETLINK '@' prompt to a '$' prompt. Now just type $ to return to NETLINK. The other way is to utilize TELENET's ITI parameters to turn off the escape sequence. When you connect to the PRIMENET and login, then return to TELENET command level and type these two sequences of parameters ex- actly as they are shown: SET? 1:0,2:0,3:0,4:2,5:0,7:8,9:0,10:0,12:0,15:0 SET? 0:0,57:1,63:0,64:4,66:0,71:3 When you return to the "@" prompt, type CONT to return to the Prime. Then just enter NETLINK as usual. Now when you type @ you won't return to TELE- NET as you used to. Ok now, let's get into multipadding. What exactly is "multipadding" anyways? Well, you probably already know this, but it never hurts to repeat it. Multi- padding is what you are doing when you are connected to two or more systems simultaneously. Basically, NETLINK will allow you this capability. Although the NETLINK documentation states that you can only connect to four systems at one time, you can actually connect to more. At any rate, this is how you do it. When you first enter NETLINK (Note: you must set your prompt or the ITI parameters if you plan to do any NETLINKing from a PRIMENET located on TELENET or any other PDN that uses TELENET's software), connect to the first system by typing this: CALL <-- if it is located on the same PRIMENET ring CALL <-- if the system is located on the same PDN CALL : <-- if the system is located on a different PDN The CALL command will connect you to the system and you will remain in NETLINK command mode. Now, keep CALLing systems until you are done. Be forewarned that it can be confusing being connected to more than four systems. Ok now, the above CALL examples all assumed that the system that you are CALLing will accept collect calls. If this is not the case, then CALL it like this: call -fcty The "-FCTY" command stands for facility. Ok, when you use the "-FCTY" argument you are basically doing the same thing as you where when you were using the NC connect command. Each CALL that you make opens a circuit. The first circuit you connect to is known as circuit 1, and so forth. So when you are ready to connect to the first system, type: continue 1 To connect to the second open circuit, type: continue 2 and so forth. Should you try to connect to a closed circuit you will get the following error message: Circuit does not exist To switch between systems return to NETLINK command mode via @ and then CONTINUE to the appropriate circuit. To close a particular circuit, type: d # where # is the actual circuit number. An example would be D 1 or D 3. There must be a space between the D and the circuit number. To disconnect from all open circuits you can type: d all That's pretty much all there is to multipadding. It's nothing special, and not really that useful, but it can be interesting to connect to two or three chat systems and switch between them, or hang on a chat and leave to hack a system while remaining on the chat, etc. Lots of interesting things you can do. When you are done using NETLINK, type Q or QUIT to return to PRIMOS. If you would like to see the other commands (yeah, there are more) that I am not covering in this article, then type HELP. You got the basics down now, so go fiddle around with NETLINK and see what other strange things you can do. Texts for Clearing Cause Codes detected by NETLINK 0 0 DTE Originated 1 0 Busy 3 0 Invalid Facility Request 5 0 Network Congestion 9 0 Out Of Order 11 0 Access Barred 13 0 ot Obtainable 17 0 Remote Procedure Error 19 0 Local Procedure Error 21 0 Out Of Order 25 0 Refusing Collect Call 33 0 Incompatible Destination 41 0 Fast Select Acceptance Not Subscribed 57 0 Ship Absent 128 0 DTE Originated (Non-standard Diagnostic) 129 0 Busy (Private) 131 0 Invalid Facility Request (Private) 133 0 Network Congestion (Private/Routethrough) 137 0 Out Of Order (Private/Routethrough) 139 0 Access Barred (Private) 141 0 Not Obtainable (Private) 145 0 Remote Procedure Error (Private) 147 0 Local Procedure Error (Private/Routethrough) 149 0 RPOA Out Of Order (Private) 153 0 Refusing Collect Call (Private/Primenet) 161 0 Incompatible Destination (Private) 169 0 Fast Select Acceptance Not Subscribed (Private) 185 0 Ship Absent (Private) 193 0 Gateway-detected Procedure Error 195 0 Gateway Congestion Texts for Diagnostic Codes detected by NETLINK 0 0 No additional information 1 0 Invalid P(S) 2 0 Invalid P(R) 16 0 Packet type invalid 17 0 Packet type invalid - for state r1 20 0 Packet type invalid - for state p1 21 0 Packet type invalid - for state p2 22 0 Packet type invalid - for state p3 23 0 Packet type invalid - for state p4 24 0 Packet type invalid - for state p5 26 0 Packet type invalid - for state p7 27 0 Packet type invalid - for state d1 29 0 Packet type invalid - for state d3 32 0 Packet not allowed 33 0 Unidentifiable packet 36 0 Packet on unassigned logical channel 38 0 Packet too short 39 0 Packet too long 40 0 Invalid GFI 41 0 Restart with nonzero in bits 1-4, 9-16 42 0 Packet type not compatible with facility 43 0 Unauthorized interrupt confirmation 44 0 Unauthorized interrupt 48 0 Timer expired 49 0 Timer expired - for incoming call 50 0 Timer expired - for clear indication 51 0 Timer expired - for reset indication 52 0 Timer expired - for restart indication 64 0 Call setup or clearing problem 65 0 Facility code not allowed 66 0 Facility parameter not allowed 67 0 Invalid called address 68 0 Invalid calling address 69 0 Invalid facility length 70 0 Incoming call barred 71 0 No logical channel available 72 0 Call collision 73 0 Duplicate facility requested 74 0 Nonzero address length 75 0 Nonzero facility length 76 0 Facility not provided when expected 77 0 Invalid CCITT-Specified DTE facility 112 0 International problem 144 0 Timer expired 145 0 Timer expired - For interrupt confirmation 160 0 DTE-Specific Signal 163 0 DTE Resource constraint 239 0 User segment deleted 240 0 Time out on clear request 241 0 Time out on reset request 242 0 Time out on call request 243 0 Routethrough down 244 0 Routethrough - not enough memory 245 0 Routethrough - circuit timeout 246 0 Routethrough - call request looping 247 0 Routethrough protocol error 248 0 Network server logged out 249 0 Local procedure error Primenet internal 250 0 Host down 251 0 Illegal address 252 0 No remote users 253 0 System busy 254 0 System not up 255 0 Port not assigned _______________________________________________________________________________ OTHER USEFUL PRIMENET UTILITIES There are two other useful PRIMENET utilities, and these are MONITOR_NET and CONFIG_PRIMENET. In this section I will briefly detail these two utilities. CONFIG_NET is useful for obtaining such information as intra-system links (disk partitions that are shared by systems on a PRIMENET ring), remote login pass- words, and system NUA's. Just type: OK, config_primenet configfilename The 'configfilename' is the name of the PRIMENET configuration file (located in the *>PRIMENET* directory from MFD 0. You can REALLY screw up a PRIMENET ring with this utility, so be careful. You don't want to EVER save a modified con- figuration. Always answer such a question with NO. The only command you will really ever need to use is the LIST command. When you type LIST it will ask you what you want to list. Just type ALL and it will list all available info- rmation regarding the PRIMENET configuration. CONFIG_PRIMENET has a HELP fac- ility available, so use it. MONITOR_NET is a useful utility for network freaks. It allows the complete monitoring of the local PRIMENET ring network, all virtual circuits, synchro- nous lines and LAN300 status. You cannot monitor type-ahead buffers or any- thing, but you can learn quite a bit about the systems on the ring. It will allow you to discover which nodes on the PRIMENET ring/LAN300 do a high amount of data transfer, User ID's on individual systems (albeit no passwords), etc. Unfortunantly, MONITOR_NET is an emulation-dependant utility. Most Prime util- ities support the PT series of emulation (Prime Terminal), but most of you will not have access to a terminal program that supports it. Prime was smart in one important regard, and that is that not all of their customers will be using the PT emulation, so they made MONITOR_NET be able to understand other popular emu- lations, such as VT100. Defaultly, MONITOR_NET assumes you are using PT100 or a similar mode of PT emulation. To tell it that you are using VT100, you must use the -TTP argument (terminal type) on the PRIMOS command line. To invoke MONITOR_NET with VT100 emulation, you would type this: OK, monitor_net -ttp vt100 Upon invoking MONITOR_NET, the screen will clear and you will be presented with a menu of options. MONITOR_NET is really easy to use (just make sure you enter all the commands in UPPER case), so just play around with it. Well, that's the end of this installment. In the next (and final) part of this series I will detail the myriad of PRIMOS language compilers, interpreters, and translators. I will also detail some more interesting PRIMOS commands and give out some useful PRIMOS utilities (CPL programs). May the forces of darkness become confused on the way to your house. _______________________________________________________________________________ End of Part IV of the "Introduction to the PRIMOS Operating System" _______________________________________________________________________________ _______________________________________________________________________________ INTRODUCTION TO THE PRIMOS OPERATING SYSTEM Part V (Languages and Advanced PRIMOS Material) Written by Violence Copyright (C) 1989 The VOID Hackers _______________________________________________________________________________ Welcome to the fifth and final part of my series on the PRIMOS operating sys- tem. In this last installment, I will cover many of the aspects of PRIMOS that I have overlooked, including: o Program Types and Execution (Languages) o All about Access Control Lists (Setting and Editing) o Abbreviation files (use and investigation thereof) o The physical system console of a Prime computer system o The ACL's and Read/Write Locks Used to Protect the SAD o Hacking older (outdated) revisions of PRIMOS o Some useful CPL utilities that enhance PRIMOS o References and Acknowledgements o Epilog - The End of a Series As you can see, part V is the "throw-together, finish-it-up" installment. Here I will cover everything that I have failed to do so in the previous parts. You should by now have a fairly good working knowledge of PRIMOS. I hope this last installment will make all you eager PRIMOS hackers happy. Enjoy! _______________________________________________________________________________ PROGRAM TYPES AND EXECUTION From the file extension listing in Part I you can see that There are many diff- erent types of programs, each with their own file extension. How can you look at and execute these programs? Well, that's what this section is all about. To start off, let's talk about CPL programs. CPL is Prime's "Command Procedure Language" and, like VAX/VMS's DCL, is an interpreted language for performing rudimentary tasks. This is not to say that it is unable to perform complicated tasks, for it most certainly can. Most commonly a user's LOGIN file will be a CPL program (usually called CPL's). CPL programs are SAM type files and can be SLISTed as usual. There are several methods for executing a CPL program. In these examples, I will assume the file is called VOID.CPL. Here are the examples: OK, cpl void OK, r void.cpl The first example illustrates use of the CPL command. When CPL'ing a program, you need not include the ".CPL" file extension, but you can if you want to. In the second example we see the R command. R is not really the command name, but the command's abbreviation. The full command name is RESUME. RESUME requires that you include the file extension along with the filename. Should a CPL pro- gram be located in the CMDNC0 directory, then you can execute it by simply ent- ering it's name. An example would be: OK, void That would execute the VOID.CPL program located in CMDNC0. In fact, any file located in CMDNC0 can be executed by simply typing it's name. You can, of cou- rse, append the file extension, but that is not necessary. CPL is a rather rich language and you can write many utilities with it. Every- thing from a utility to perform mediocre tasks to a full-fledged BBS/Chat prog- ram. CPL is really beyond a simple scripting langage. One thing Prime should consider is adding some new commands to CPL and writing a compiler subsystem for it. Tough work, yes, but the benefits would easily outweigh the problems involved (at least from my viewpoint). Until then, interpreted CPL is quite OK though. It's fast enough. It is beyond the scope of this series to provide instructions on programming in CPL, but there are alreasy some files floating around regarding it. The file in TCSB #1 (by Necrovore) lists all the CPL commands but is not very helpful in the examples department. With enough reader-response I might sit down and pound out a good CPL tutorial. On with the show... BAS files cannot be executed, as they are BASIC source code. You will want to compile the source and then execute the compiled code. To enter the BASIC sub- system you enter BASIC at the command line. Like this: OK, basic If the Prime you are on has BASIC/VM (called BASICV) available then I suggest that you use it, as, unlike standard BASIC, BASIC/VM is virtual in nature, making the machine's memory appear to be a hell of a lot larger than it really is. To invoke BASIC/VM, you would type (at the command line): OK, basicv Either way, you should get the ">" prompt. At this point, you need to load in the BAS file and compile it. All of the following examples assume that you are using BASIC/VM, as it is a lot more recent in nature. BASIC commands are very similar to BASIC/VM commands. On with the show. In the following examples I will show you what it would look like if you were to invoke BASIC/VM, load in a BAS program called VOID.BAS, compile it, and quit. OK, basicv [BASICV Rev. 22.0.0 Copyright (c) 1988, Prime Computer, Inc.] [Serial #serial_number (company_name)] >n void.bas >list 10 ! This is a sample BASIC/VM program 15 ! Written by Violence (C) 1989 VOID 20 ! 25 PRINT '[BASIC/VM EXAMPLE Rev. 22.0]' 30 ! 35 ! That revision level is a joke. Heh. 40 ! 45 INPUT LINE 'Enter some text,' A$ 50 PRINT 55 PRINT A$,LIN 1 60 END >comp void.bin >q OK, The 'n' command stands for NEW (either N filename or NEW filename will work). It is saying to BASIC/VM that the new filename is to be VOID.BAS. BASIC/VM lo- ads VOID.BAS into the workspace. The LIST command should be obvious. The COMP command is the abbreviation for COMPILE. It takes the source code, checks it for errors, and compiles and links it into a binary file. This file can be executed by using the RESUME command, as illustrated: OK, R VOID.BIN BASIC source code, as well as other types of source code (CBL, FTN, F77, etc.) will not compile if it contains errors. To enter the other available compilers you must enter the name of the language compilers. Available compilers consist of the following: * BASIC Prime BASIC compiler * BASICV Virtual memory BASIC compiler * COBOL COBOL compiler DBASIC Interpreted BASIC with double-precision arithmetic * F77 Compiles FORTRAN 77 or FORTRAN IV code * FTN Compiles FORTRAN IV code * NCOBOL Non-shared (non-virtual) COBOL compiler * PL1G Compiles PL/1, subset G code * PMA Assembles Prime Macro Assembler code RPG Compiles an RPG II program (non-virtual) SPL Compiles an SPL program VRPG Compiles an RPG II program (virtual) Language systems commonly found on Primes are denoted with an asterisk (*). Generally, to execute compiled source code, use the RESUME (R) command. If the program is located in CMDNC0, just issue the filename (less the file extension) to execute it. Use SLIST to view source code. Most always, source code will have file extension denoting the language type. If a source code file does not have an extension then SLIST it. Lots of times a source file will tell you what language it was coded in in its comment header. I am not going to go into the other languages as many hackers are not familiar with high level languages such as FORTRAN IV, FORTRAN-77, PL/1 Subset G, etc. Quite a few are, but not as many as one would think. The information I have presented on CPL and BASIC/VM is enough to get you on your way, and besides, there are other means of learning these languages: (a) Looking at source code files and learning (b) Purchasing language manuals from Prime Computer, Inc. (A) is easy to do. Just look for files with the extensions '.FTN', '.BAS', '.PLP', '.PL1', '.PMA' and so forth. Remember, '.SAVE' and '.BIN' are compiled code and not source. (B) may not seem like a good or easy option, but it's not so bad at all! Prime Computer, Inc. will sell you manuals for these languages for about $20 to $25 a piece. Not so bad when you consider most manuals cost even more. Just call up Prime Computer, Inc.'s Telemarketing Department and request info or buy them right then and there. Should they ask why you want manuals, tell them you are a freelance Prime programmer. They love that one. Here's the address, etc: Software Distribution PRIME COMPUTER, INC. 1 New York Ave. Framingham, MA 01701 (617) 879-2960 ext 2053, 2054 _______________________________________________________________________________ SETTING AND EDITING ACCESS CONTROL LISTS (ACL'S) You have already learned how to check the ACL (Access Control List) protecting a specified UFD and you also know what each of the access rights are and what they mean. If you have forgotten any of these things then please refer to Part II of this series. First off I will explain ACL's and how they are set up. Then I will go into the actual editing and creating of ACL's. ACL's are stored in Access Catagories (ACAT's) and can protect not only UFD's, but also individual files. An ACL is a list of users and access rights for the objects they cover. Each entry in an ACL governs who has what rights to a par- ticular filesystem object. Each entry in an ACL is an ordered pair, as is ill- ustrated by this structural example: identifier:rights The two fields in an entry in an ACL must be separated by a colon (:). ACL's may contain up to 32 pairs but may not be longer than 160 characters in length, including blanks. An identifier is one of three types, a single user ID (such as SYSTEM), a group identifier (like .PROJECT_ADMINISTRATORS$), or a special identifier (like $REST meaning everyone else not specified in the ACL). Access categories are files that contain an ACL. ACAT's are used to protect a set of files in a similar matter. A good example of ACAT usage is the SAD UFD on a Prime computer (located off of MFD 0). SAD is protected in such a manner that all of the files therein are protected similarly. Basically, ACAT's are useful when protecting files in a UFD differently from one another. Here is a sample ACL for a UFD called STEVE. I will be using this ACL for all further examples used in this section. ACL protecting "": STEVE ALL SYSTEM ALL LOWERY DALURW JOHNSON DALURW $REST: NONE Notice that the owner of this UFD, STEVE, has ALL rights to his UFD. This is obvious, of course. Also notice that SYSTEM has ALL rights also. This is pro- bably due to backup reasons, etc. STEVE has also given the users, LOWERY and JOHNSON DALURW access to his UFD. Possibly they are in the same department and are working together on a project of some sort. The $REST identifier is a wildcard indicating that no other system user has any access to STEVE's UFD. Let's say that LOWERY no longer works on the project with STEVE and JOHNSON. Therefore LOWERY's access to STEVE's UFD needs to be terminated. In addition, JOHNSON needs P (Protect) access to STEVE's UFD. Lastly, STEVE wants to add SIMPSON to his ACL (LOWERY's replacement, perhaps). To perform these changes, STEVE must edit his UFD's ACL. To do this he will have to use the EDIT_ACCESS command (abbreviated EDAC). Here is what he would type: OK, edac steve lowery: johnson:pdalurw simpson:dalurw Sorry for the runover, but ACL related command lines are generally lengthy. It should be easy for you to track the modifications presented in the above examp- le. Notice that STEVE did not list himself or SYSTEM. Why? Because he wasn't making changes to them. When using EDAC you need only list all ACL changes. The EDAC command will be useful for editing rights into other people's ACL- protected UFD's (assuming you have access to do such). STEVE's new ACL looks like this: ACL protecting: "": STEVE ALL SYSTEM ALL JOHNSON PDALURW SIMPSON DALURW $REST: NONE If you happen to create an account on a Prime computer you will want to protect your UFD with an ACL. To do this you will want to use the SET_ACCESS command (abbreviated SAC). Let's go back into time when the system administrator of STEVE's system created his account. Also assume that the sys admin didn't cre- ate a default ACL for STEVE. Here is what STEVE did to create his original ACL entry: OK, sac steve steve:all system:all lowery:dalurw johnson:dalurw $rest:none Unlike EDAC, SAC requires you to list all ACL fields. Failure to list a field will cause the field to have NONE as the access right. EDAC and SAC will usually prompt you as to whether or not you really want to make the specified changes, if you want to overwrite an existing ACL file, and so forth. If you supply a -NO_QUERY argument to the end of the entry then you will not be prompted at all. Abbreviate -NO_QUERY with -NQ. A good example is SAC'ing an existing ACL to make wholesale modifications. To avoid the 'are you sure' type prompt, type this (using our previous SAC example): OK, sac steve steve:all system:all lowery:dalurw johnson:dalurw $rest:none -nq Remember, when SAC'ing and EDAC'ing ACL's include the full pathname of the ACL file. And remember to include the owner as having ALL rights, as failure to do so can lock you out of a UFD or other filesystem object. Other access-related commands are LIST_ACCESS (abbreviated LA, detailed in Part II of this series), RWLOCK, SET_DELETE, and PROTECT. Use Prime's online 'HELP' for descriptions of these commands. _______________________________________________________________________________ PRIMOS ABBREVIATION FILES While most PRIMOS commands are not long enough to be an inconvinience, it can occasionally be irritating to type a command or command with arguments that you commonly use. The solution? Abbreviations. PRIMOS fully supports abbreviations. Abbreviations are exactly what they sound like; shortened commands that represent full commands. Some good examples that illustrate this are as follows: (a) Say you like use the -DETAIL argument of the LD command as opposed to the normal form of LD. Instead of having to type LD -DET all the time you can create an abbreviation called LF that will, when issued, tell PRIMOS to do an LD -DET. (b) Say you frequently issue the CLOSE ALL command. Wouldn't it be nicer to be able to type CA instead of CLOSE ALL all the time? (c) Say you create many temporary (T$xxxx) files and that you have to delete these files when done with your session. Instead of 'hand- deleting' them before you logout, make an abbreviation called DT that PRIMOS interprets as DELETE T$@ -NQ. Those three examples illustrate the usefulness of abbreviation files. Another nice fact about abbreviation files is that people occasionally store passwords to passworded UFD's (non-ACL) and NUA's to various and sundry systems on the network. So inspecting peoples' abbreviation files is also good hacking pract- ice. In this section I will describe how to access, list, use, and create abb- reviation files. Abbreviation files can be called from within CPL program as well as used during interactive sessions. Another important fact about abbreviation files is that they can contain only normal commands and not subcommands. That is to say, you can abbreviate any normal command line procedure, but you cannot make an abb- reviation to enter NETLINK, call and NUA, and THEN log you in. The system administrator can turn abbreviation files on and off, thus some ins- tallations will not be able to use abbreviation files. First off lets learn how to look at and use existing abbreviation files (ABBREV files). At the start of a session you must tell PRIMOS to 'turn on' your abb- reviation file. Usually a user's LOGIN.CPL or LOGIN.COMI file will do this for you, but if you want to look inside another user's ABBREV file you will need to know how to do this from the PRIMOS command line. Type: OK, abbrev pathname where 'pathname' is the full pathname of the ABBREV file you wish to activate. To see what is inside the ABBREV file, issue the following command: OK, abbrev -list Very simple. To deactivate an ABBREV file, simply type: OK, abbrev -off If you wish to turn the ABBREV file back on, type: OK, abbrev -on If you have activated a new ABBREV file (with the 'ABBREV pathname' command) then you will have to use the 'ABBREV pathname' file to turn the ABBREV file on again. Note that logging off will automatically turn on an active ABBREV file. Also note that you can only have one active ABBREV file at any given time. To create a brand new ABBREV file, you need to issue the following command: OK, abbrev newpathname -create An example would be: OK, abbrev void -create OK, Sub: Other Nets [BitNet etc..] Read: (1-30), Message # 30, (c/r)=Next Msg ?::R 30/30: Last prime file 10 of 10... Name: Predat0r #1 @5211 Date: Sun May 05 22:40:43 1991 From: Youth International Party Line (Kentucky) Now you have an empty ABBREV file named VOID. Abbreviations consist of two parts, a name and a value. Names can be up to 8 ASCII characters in length and can contain any character except for spaces, single-quotes ('), commas (,), greater-than symbols (>) and vertical bars (|). Also remember that PRIMOS con- verts all command line text to UPPER CASE, so case is irrelevant in the name. NOTE: Do NOT start an abbreviation name with a hyphen (-). If you do then you will have to enclose the entire name in single-quotes (') whenever you issue the ABBREV command. Example, an abbreviation named -VOID can only be called if you type '-VOID' and so forth. Values contain the ASCII text that the abbreviation name represents (ie, the actual command line procedure). Values can contain all characters. Now let's create a sample ABBREV file. Let's fill it up with some useful abb- reviations. Type: OK, abbrev -add test cpl test OK, abbrev -add ca close all OK, abbrev -add lf ld -det OK, abbrev -list Abbreviation file: TVH>VOID Abbreviations: 2 TEST cpl test CA close all LF ld -det OK, Okay, here we have just created three abbreviations. These abbreviations will now be interpreted as commands by the PRIMOS command line. Thus, typing: OK, test will execute the CPL program called TEST (or TEST.CPL; recall that CPL does not require you to enter the file extension). CA would act just like you had typed CLOSE ALL, and so on. Be aware that an abbreviation file cannot contain more than 200 abbreviations. To delete an abbreviation file entry, type: OK, abbrev -delete abbrevname Thus, to delete the TEST abbreviation, we would type: OK, abbrev -delete test These are the basics of the abbreviation subsystem. There are more advanced commands that I have not gone over due to spacial limitations. To obtain more information on the abbreviation subsystem, type: OK, abbrev -help _______________________________________________________________________________ THE PHYSICAL SYSTEM CONSOLE The physical system console of a Prime computer has added power over any other local or remote terminal. It is only from this one specific console that several potent operator commands can be issued and invoked successfully. A few of these console-specific commands will be boring to any hacker not into system programming on a Prime. Some commands, however, will be rather useful. About the most useful console command is the 'RESUS -ENABLE' command. As you might recall from Part III, RESUS is the REmote System USer facility. That is to say, when RESUS is enabled and you are logged into an administrator account, you will actually be a virtual system console. This will allow all console commands to be able to be used from any local or remote terminal. The -ENABLE argument simply tells PRIMOS that you want to turn RESUS on. Another useful console command is the user logoff command. With this you will be able to logoff users other than yourself. This is not advised. Other useful commands are the log management commands. These will allow you to make your presence on the system virtually unknown. Simply edit all logs, both PRIMOS and NETWORK related, and kill all references to yourself. There is much that you can do. For a full list of operator commands you will have to invoke the online HELP facility by typing, you guessed it, HELP. Without an argument, it should list all the PRIMOS commands. Just pick out those that say 'Operator Command' beside them. I'm not really going to continue with this topic as you will have a hard time getting console capability unless you are on-site or the fools have RESUS enabled and you are using a SYS1 priv'ed account. You don't need the logging commands to edit the logs (just the SYS1 privs). Lastly, there are ways of getting console that I will not discuss. I just want you to know that there are additional methods available and that you should work at finding them. Its the best way to really learn (besides, it's too sensitive to release to the general hacker community). _______________________________________________________________________________ THE ACL'S AND READ/WRITE LOCKS USED TO PROTECT THE SAD It should prove both helpful and informative to know how the SAD (System Admin- istration Directory) is protected. The following 'map' displays the SAD ACL's and their associated access rights. SAD - System Administrator Directory | | (System Administrator: ALL) | (Login Server: ALL) | (Everyone Else: LU) ______________|_______________________________________ | | | | | UVF SDF MGF MPF PD (Sys Admin: ALL) (DEFAULT) (DEFAULT) (PA.ACAT) (PA.ACAT) | (Login Srv: LUR) | (PA.ACAT: LURW) ______________________________________________________| | | | | | MPP PVF PPPF PDF BACKUP (Sys Admin: RW)(DEFAULT) (DEFAULT) (DEFAULT) (Sys Admin: ALL) (Login Srv: R) (PA.ACAT: DALURW) (PA.ACCR: R) PA.ACAT = System_Administrator: RW .PROJECT_ADMINISTRATORS$: RW SAD = System Administration Directory UVF = User Validation File SDF = System MGF = Master Group File MPF = Master Project File PD = MPP = Master Project Profile PVF = Project Validation File PPPF = PDF = BACKUP = Backup of PA.ACAT PA.ACAT = Project Admin Access Cat _______________________________________________________________________________ HACKING OLDER (OUTDATED) REVISIONS OF PRIMOS I hadn't planned on covering any pre-19.x.x revisions of PRIMOS, but I thought some of you avid network hackers might be interested to know the very basics about these insecure revisions. Revisions 18.x.x, 17.x.x and earlier will actually tell you whether or not a given user ID is valid before asking you for a password. This makes it a rather trivial task of determining whether or not a given account exists. In my experiences early revisions of PRIMOS will be found only on obscure nets, like those in Brazil and Japan. On these archaic revisions of PRIMOS you can enter CTRL-C as the password of a valid account and automatically bypass the front door password security. Very nice. You can barely find these ancient revisions anymore. These older revisions are not at all like the current revisions of PRIMOS. I suggest reading the 'HACKING PRIMOS' article by Nanuk of the North if you plan on penetrating these revisions, as his file was written in the days when 18.x.x was common. Not really much more that I can say, as you'll probably never come across these revisions and even if you do, the command structure they use is enough to cause severe gastro-intestinal disorders. _______________________________________________________________________________ SIMPLIFIED MEANS OF ATTACHING TO SUB-UFD'S Sub-directories are great, but when you start going deeper than 2 levels on a Prime it starts getting to be a pain. Full pathnames get to be depressing when you are 6 or 7 levels deep. Enter the UP and DOWN external commands. Recall that I mentioned these commands in Part II of this series. These externals are found on most Primes, but there are a few that do not have them available. ******** I did not write these utilities. Many versions exist on different * NOTE * systems. I have yet to see copyright notieces, so I will assume that ******** they are either examples from the CPL Reference Manual or Pub Domain. _______________________________________________________________________________ DOWN.CPL SOURCE CODE /* DOWN.CPL, DOWN_ATTACH, WHO_KNOWS, 02/24/89 /* An external command to simplify down-ATTACHing. /* /* START-CODE: /* &args path &do &while [null %path%] &s path := [response 'UFD to Down-ATTACH to' ''] &end a *>%path% type Now attached to %path% &return /* /* END-CODE _______________________________________________________________________________ UP.CPL SOURCE CODE /* UP.CPL, UP_ATTACH, WHO_KNOWS, 02/24/89 /* An external command to simplify up-ATTACHing. /* /* START-CODE: /* &args num:dec=1 &s path := [dir [pathname *]] &do I := 1 &to %num% &s path := [dir [pathname %path%]] &end a %path% type Now attached to %path% &return /* /* END-CODE _______________________________________________________________________________ A PRIMOS IMPLEMENTATION OF THE UNIX "FILE" COMMAND I really like the UNIX "file" command. Instead of accidentally viewing a comp- iled program or other non-ASCII file, I check and see if it is a text file by using the "file" command. PRIMOS, unfortunately, does not have a simple means for you to obtain such information. You can best get the information from one of the LD arguments, but that's a pain in the ass when you just want the stats one one file and the UFD has lots of files in it. Thus was caused the PRIMOS implementation of the UNIX "file" command. The UNIX "file" command simply tells you the filetype of the specified file. The PRIMOS implementation of "file" tells you: o Filename o Filetype o Size (in bytes) o Date and time of last modification Following are the filetypes understandable by the FILE command: o ACAT for an access category o DAM for a direct access file o SAM for a sequential access file (ASCII text) o SEGDAM for a segmented direct access file o SEGSAM for a segmented sequential access file o UFD for a directory (UFD) o UNKNOWN if file is not of a recognized type CAVEAT - all error messages when using "file" are suppressed. no wildcard capability (yet). _______________________________________________________________________________ FILE.CPL SOURCE CODE /* FILE.CPL, FILE_INFORMATION, VOID, 02/24/89 /* PRIMOS version of the UNIX System V 'file' command. /* This source code is in the public domain. /* /* Version Date Programmer Description /* 1.0 02/02/89 Violence Initial coding. /* 2.0 02/24/89 Violence Words converted into bytes. /* /* START-CODE: /* &args filename &severity &warning &ignore &if [null %filename%] &then &goto usage &s filename := [translate %filename%] &if [exists %filename%] &then &goto file type 'File not found. '%filename%' (FILE)' &return /* /* Display file attributes /* &label file &s ftyp := [attrib %filename% -type -br] &s size := [attrib %filename% -l -br] &s datm := [attrib %filename% -dtm -br] &s size := [calc %size% * 2] &if %size% = 1 &then &s size := %size%' byte' &else size := %size%' bytes' type %filename%': '%ftyp%' ('%size%'); Last Modified '%datm% &return /* /* Display FILE usage /* &label usage type type 'Usage: FILE {filename}' type &return /* /* END-CODE _______________________________________________________________________________ CONCLUSION All in all I find the PRIMOS operating system excellent, both in power and in user friendliness. One can do almost anything from PRIMOS and it's associated utilities and language systems. It's every bit as capable as VAX/VMS or UNIX. Primes have, on the down side, become a lot more difficult to hack. Prime Computer, Inc. has become aware of the increasing popularity of PRIMOS with hackers and have taken the appropriate steps in alerting it's customers. This probably has already affected you. Defaults are gone. System passwords are in effect. Increased system security. This makes hacking Prime computers these days a damn sight more difficult than it once was. To this you may thank all those people that abused NETLINK on PRIMENET systems and so forth. Enjoy a Prime when you get in one. Experiment with the operating system. Most of all, however, LEARN! One need not be malicious to learn. When experiment- ing, experiment on *YOUR OWN* filesystems, not those of the owners. As I have said, it is more difficult to obtain PRIMOS and PRIMENET accounts these days. Cherish and benefit from them, but do not act like an idiot and end up making it harder for everyone else. _______________________________________________________________________________ REFERENCES FDR3108-190L (PRIMOS Commands Reference Guide) FDR3104-101B (New User's Guide to EDITOR and RUNOFF) FDR3250 (PRIMOS Commands Programmer's Companion) FDR3341 (BASIC/VM Programmer's Companion) Hacking PRIMOS Volumes I and II (by Codes Master) Hacking PRIMOS I, II, and III (by Evil Jay) PRIMOS: Networking Communications (by Magic Hassan) PRIMOS Part I (by Carrier Culprit, LOD/H Tech Journal #2) PRIMOS (by Nanuk of the North) _______________________________________________________________________________ ACKNOWLEDGEMENTS During the course of the writing of this series many people have lent me their help and support. I now wish to acknowledge those that aided me in this task. Thrashing Rage - Thanks for the ideas, proofreading, and help in recovering the original documents when the work disk got 164 disk errors. You saved me from two weeks of retyping! Thanks! The Beekeeper - Thanks for getting the documents to the right people at 2600, "The Hackers' Quarterly". Whether or not it actually gets published or not is not important. What is important is that you thought it was a worthy-enough series for possible publication. Thanks! Mad Hacker - Without all of our hours and hours of discussion this series would not be what it is now. Thanks! And to all the hackers that have written about the PRIMOS operating system in the past goes a hearty thanks. Couldn't have done it without you guys. Thanks goes to: Prime Suspect, Magic Hassan, The Codes Master, Necrovore, Nanuk of the North, and The Force. Thanks guys! _______________________________________________________________________________ EPILOG - THE END OF A SERIES Here ends the last part of my PRIMOS series. I hope that you have learned some about PRIMOS and how it can be extremely useful to the hacker. If you wish to contact me, you can reach me on the following systems: 2600 BBS #4 - The BeeHIve The Dallas Hack Shack P-80 Systems International The Lost City of Atlantis I will do my best to answer all questions fielded to me regarding the PRIMOS operating system. Thanks for a successful series! -- Violence (03/8/89) May the forces of darkness become confused on the way to your house. _______________________________________________________________________________ End of Part V of "Introduction to the PRIMOS Operating System" _______________________________________________________________________________