Or the art of playing with the nerves of one’s colleagues
Ok here are two three little tips to make your Linux a little more fluffy or to rot the linux of a buddy/colleague who didn’t loggout from root or who put sudo nopasswd and let you put your paws in it ^^
0x001 – nsswitch.conf
Very rarely watched by unconfirmed ninuxians, this file allows to choose in which order the searches will be made ex /etc/hosts file then dns (if the result is not in the /etc/hosts file, go search on the dns), but it is possible to do the other way around with the nsswitch.conf file.
Example:
grep google /etc/hosts
127.0.0.1 google.com
grep host /etc/nsswitch.conf
#hosts: db files nisplus nis dns
hosts: files dns myhostname
ping google.com
PING google.com (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.017 ms
^C
--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.017/0.017/0.017/0.000 ms
#%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<#
grep host /etc/nsswitch.conf
#hosts: db files nisplus nis dns
hosts: dns files myhostname
ping google.com
PING google.com (172.217.169.14) 56(84) bytes of data.
64 bytes from lhr25s26-in-f14.1e100.net (172.217.169.14): icmp_seq=1 ttl=255 time=11.2 ms
^C
--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 11.220/11.220/11.220/0.000 ms
You can also delete queries to the DNS hahaha (Machiavellian laughter).
grep host nsswitch.conf
#hosts: db files nisplus nis dns
hosts: files myhostname
ping yahoo.fr
ping: yahoo.fr: Name or service not known
ping 124.108.115.100
PING 124.108.115.100 (124.108.115.100) 56(84) bytes of data.
64 bytes from 124.108.115.100: icmp_seq=1 ttl=255 time=290 ms
^C
--- 124.108.115.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 290.732/290.732/290.732/0.000 ms
echo "I don't understand yet I pinging their server"
I don't understand yet I pinging their server
echo "answer LOL - arghh"
answer LOL - arghh
And lots of super critical things for the system to change in nsswitch.conf.
0x010 -motd.conf
For this second example, I wanted to install the ssh daemon in a Podman container, and I couldn’t install, search, or update… after 5 minutes, I understood that I hadn’t reactivated the dns in the nsswitch LOL. like that… :-/
echo "Welcome Home
> Mortal Human" > /etc/motd
It’s just the message that is displayed when validating the ssh connection but how to display an insulting message like before the connection is established?
0x011 -The issue
Same but for tty terminals. So if you are in multiuser (old school) Alt+Ctrl+F [1-7] you will see this nice message at the top of your login screen. To be written in /etc/issue
0x100 -The Banner option
In sshd_config, the Banner option is by default to none and we will place it on a file containing our message, let’s name it /etc/ssh/sshd-banner, but this is not a requirement, it can be sent to /etc/motd or whatever.
sudo sed -i 's/#Banner none/Banner \/etc\/ssh\/sshd-banner/g' /etc/ssh/sshd_config
echo "Linux sucks
OpenBSD rulez" > /etc/ssh/sshd-banner
systemctl reload sshd #or restart
ssh root@127.0.0.1 -p 22222
Linux sucks
OpenBSD rulez
root@127.0.0.1's password:
Last login: Sun Nov à 21:13:49 2020 from localhost
Welcome Home
Mortal Human
echo "who did this?"
who did this?
0x101 -resolv.conf
Everybody knows resolv.conf, to put in the DNS servers but did you know that you can only enter 3 nameservers, because from this limit, the others will be ignored… Let’s have fun testing this
cat resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
ping -c 1 google.fr
PING google.fr (216.58.210.35) 56(84) bytes of data.
64 bytes from lhr25s11-in-f3.1e100.net (216.58.210.35): icmp_seq=1 ttl=255 time=10.4 ms
--- google.fr ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 10.400/10.400/10.400/0.000 ms
#%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<#
cat resolv.conf
nameserver 192.168.2.5
nameserver 192.168.5.8
nameserver 8.8.8.8
nameserver 8.8.4.4
ping -c 1 fdn.fr
PING fdn.fr (80.67.169.52) 56(84) bytes of data.
64 bytes from chewie.fdn.fr (80.67.169.52): icmp_seq=1 ttl=255 time=23.2 ms
--- fdn.fr ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 23.239/23.239/23.239/0.000 ms
#%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<%<#
cat resolv.conf
nameserver 192.168.2.5
nameserver 192.168.5.8
nameserver 192.168.7.1
nameserver 8.8.8.8
nameserver 8.8.4.4
ping -c 1 google.es
ping: google.es: Name or service not known
echo "Hahahahahahahhaha"
Hahahahahahahhaha
We can see that even if 2 servers are wrong in the first choice, it always uses the 3rd (the correct one) but when the first 3 are mouldy, nothing happens anymore. Most people use dhcp which will overwrite our death config… don’t panic, we still have the possibility to rot our friends:
dhclient.conf for OpenBSD
What if we told the dhclient not to import DNS server changes?
cat dhclient.conf
ignore domain-name-servers, domain-name;
chattr for Linux
lsattr and chattr are two rarely known tools and don’t work under OpenBSD, but… under ninux, the +i prevents modification, which can severely annoy a user/admin who wants to modify or delete a file, anyway it allows to freeze some config files (bad practice but super hack) 😀 Warning, doesn’t work in /tmp surely because of the sticky bit
touch TestFile
lsattr TestFile
--------------e----- TestFile
whoami
root
echo "test2" > TestFile
cat TestFile
test2
chattr +i TestFile
echo "test3" > TestFile
bash: TestFile: Opération non permise
rm -f TestFile
rm: impossible de supprimer 'TestFile': Opération non permise
whoami
root
ls -l TestFile
-rw-r--r--. 1 root root 6 8 nov. 22:02 TestFile
echo "EH?"
EH?
chattr -i TestFile
rm -f TestFile
ll
total 4
-rw-------. 1 root root 1361 25 août 19:39 anaconda-ks.cfg
#so
chattr +i /etc/resolv.conf #will do the job ;-)
This was the first part, reserved for the network and with the config files normally present on all standard linux and many Unix. I’m going to do a special post on the RedHat because it’s enough to tear out huhuhu.
If you are reading these lines, I hope it has taught you a couple of funny tricks ^_^