Help on control keys

Naoto Kimura abcscnuk at csuna.UUCP
Fri Jan 6 09:44:45 AEST 1989


In <9259 at smoke.BRL.MIL> Doug Gwyn writes:
> A few terminals DO have a feature that can be exploited to
> accomplish host command execution indirectly, namely "programmable
> function keys" combined with "transmit the contents of designated
> function key".  That is a HORRIBLE security flaw and you should
> avoid buying such terminals ...
> ...

While at UCLA, when some people would try to annoy me by redirecting
/usr/games/worms or /usr/games/rain to my terminal. I would retaliate by
using a text file designed for the terminal that they using.  In the
file were the control sequences to:

    1) lock the keyboard
    2) clear the screen
    3) set the terminal to display control characters rather than
       display them
    4) output the string "logout\n"
    5) send the transmit line sequence

Of course, I could've been cruel and did other things, like execute
"rm -rf ~"
Other things possible were to append "logout" to their ".cshrc"
Or even more fun, put a "chmod u-rwx ~" in their ".login"

At times I would put a "chmod o+r `tty`" on their terminal instead of
login.  Then I would do a "tail -x" on their terminal.  Of course, I
could've gotten cute and interactively simulate the login process...

While I'm at discussing different malicious things that can be done,
another one is the file containing the control character to protect the
entire screen except for one character at the middle of the screen.  Of
course it can be made worse by causing the entire screen to be
protected.

                //-n-\\				Naoto Kimura
        _____---=======---_____			(csun!csuna!abcscnuk)
    ====____\   /.. ..\   /____====
  //         ---\__O__/---         \\	Enterprise... Surrender or we'll
  \_\                             /_/	send back your *&^$% tribbles !!



More information about the Comp.unix.questions mailing list