How to Hack UNIX

Know the UNIX operating system. You cannot hack UNIX without knowing how the operating system works and how it operates. Once you have mastered the usage of UNIX, you can begin learning some hacking techniques. Know the UNIX commands and the error messages and what each error message conveys.

Guess the login name and password. At times, doing this will yield access, especially if everyone in the office already has a standard login naming convention. Also, some users are careless; they leave their passwords on sticky notes, or they let other people see what they are typing. Teach them a lesson by hacking into their system and then tell them they should be more careful next time. Help them choose a stronger password that is hard to guess.

Log in to superuser accounts. Superuser names that are shortcut names commonly used to support the subsystems are "root" (has no restrictions), "sysadmin" (does not need a root account), "mountfsys" (mount files) and "makefsys" (make files). Some careless systems administrator might leave the password as "password" or they might use a password that is the same as the login name. For example, for login "root," they use the password "root." Other common ones are "bin" and "daemon." Teach other systems admins in your company to be more careful by doing this simple hack so they can strengthen the sysadmin accounts right away.

Use lowercase when guessing logins and passwords. Guess from 1 to 8 alpha and numerics. Sometimes, a weak password will have only alpha characters, so go there first.

Try basic commands once you are in. You know you are in if you see any of the following characters at the beginning of the line: $, % or #. Some basic commands to use are "ls- a" (list of files in current directory), "cd\name" (name of the subdirectory you choose), "cd\" (brings your home directory to current use) and "cat name" (a filename that the user name you got into has written). To find or look at the list of accounts created in the system, use "cat /etc/passwd." By default this is readable by anyone in the system.

Locate the "shadow" files. If the /etc text file doesn't show the password hashes, you can find them using "NIS/yp," which is a password shadowing the password data. Some UNIX systems use this to hide passwords.

Use a brute-force password-cracking technique. This is a repeated attempt to guess the password. This is useful to find a forgotten password, but it needs the aid of a systems administrator to allow this to be done repeatedly by clearing the lockouts when they happen.

Use a dictionary word-cracking technique. This is one of the most popular techniques to hack into UNIX passwords. This takes a word list and then tries to crack one or all the listed passwords listed in the file. Dictionary word-cracking tools filter, change or mutate the words, add prefixes or suffixes and mix letters and numbers by switching the orders they are used.

Use the Alex Muffet's program to crack passwords on UNIX. This can be configured by the systems administrator to run automatically and periodically, which then sends a "nastygram" or mail to users with weak passwords to remind them to create stronger passwords. This can be run manually and used across multiple systems.

Use Jack the Ripper cracking tool. This program is DOS-based and uses a number of features that are easy to use. There is also a version called John the Ripper, which was developed by Solar Designer; cracklike rules have been added and can run on DOS and UNIX. Either one will do to hack into any DOS- or UNIX-based system.