Just because it made me giggle so much, I thought I’d write up a classic shell prank: pumping messages into someone else’s shell terminal.
If you can ssh into the computer, then you can write messages to other user’s terminal with wall
:
adams-ssh-account@computer $ echo "You suck!" | wall
target-user@computer $
Broadcast Message from adams-ssh-account@computer
(/dev/pts/1) at 21:48 ...
You suck!
However, that’s making it far too easy for the target. The message itself gives the game away! Also, you’ll need an account on the target computer, which means you’ll have to get sudo access. People might leave their computers unlocked but it’s unlikely they’ll have root (at least, without you knowing their password).
One of my favorite linux utilities is netcat
. netcat
allows you to listen on a port (-l
). When a data is received on that port, it will write that data to the standard output. It would normally send responses using its own standard input, but that can be disabled (-d
). You can also prevent it from closing when the input stream contains an EOF
(-k
). Because of these features, netcat
is a core component of some backdoors. We’re also using it as a backdoor, but our purposes are fun, so it’s ok.
If your target has a habit of leaving their computer unlocked but you can’t get sudo access, the approach I take for launching this prank is to add this line to .bashrc
:
targets-unlocked-system@computer ~ $ cat .bashrc
# Sneaky sneaky, open port 38487 (arbitrary) and listen
# for incoming messages. Write STDERR messages to /dev/null
# so that any bootup issues (e.g. port in use)
# get hidden from the target
netcat -lkd -p 39487 -q -1 2> /dev/null &
Then, whenever I see the target hacking away in the shell I connect from my own:
adamkewley@own-computer $ netcat target-pc-addr 38487
Hey
Hey you.
Yeah you!
I'm in your computer.
And this, folks, is why you shouldn’t leave your computer unlocked (although please do, I can get alot more devious).