Today's article is about 'nohup'.

KGIII

Super Moderator
Staff member
Gold Supporter
Credits
27,947
It's useful for when you want open an application from the terminal and want it to stay open when you close the terminal.


Feedback is awesome.
 


dcbrown73

Well-Known Member
Credits
3,042
Nice, now I must figure out how to exploit it so I can make reddit posts on your behalf. ;)
 

captain-sensible

Well-Known Member
Credits
14,907
Do you wear a white hat , gray hat or both ? Do you think its possible to have a thread here - Linux Cyber Security without educating irresponsible hackers ?

I've often wanted to talk about testing of webs on localhost for issues before going live etc. But with a lot of guests viewing its difficult.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Credits
27,947
You'd actually have to compromise a couple of passwords. It also won't help that I use different email addresses for the services. I also use 2FA for the web site. So, you'd have to work at it. It's definitely not impossible, but it's gonna take some effort - and there are far easier targets with greater impact.

The weakness would probably be on the Reddit end, but even there I had to enable the application with my account and it's only good for one application. That's still likely the weakest point.
 

dcbrown73

Well-Known Member
Credits
3,042
Do you wear a white hat , gray hat or both ? Do you think its possible to have a thread here - Linux Cyber Security without educating irresponsible hackers ?

I've often wanted to talk about testing of webs on localhost for issues before going live etc. But with a lot of guests viewing its difficult.
I'm definitely white hat. I've written several malware and c&c applications, but they were for learning experiences so I can better understand how these types of attacks work.

All you have to do is look at some of my posts and my signature and you can see I love playing around with base64. Many black hats use base64 to obfuscate code so that it's harder to detect by anti-virus.

I wrote this little bit of code recently as an example to one of my junior Linux admins who I've been training in both on Python and on security. The Python code below is not harmful, but you should never just execute code you find on the Internet!

That said, I challenge someone to tell me what it does!
Python:
from base64 import b64decode as _0x111111
df38534cc670c70a91cf9b035845d244 = exec
a87fc76f18e98ee7d3848f6b81b3391e = b'CmltcG9ydCB0aW1lCm15YXJyYXkgPSBbJ1dpbGwgSmFtaWUgZmlndXJlIHRoaXMgb3V0PycsICdTdXJlIGhlIHdpbGwsIGhlIGlzIGEgc21hcnQgY29va2llLicsICdXaGlsZSBJIGRvIG5vdCBrbm93IGlmIGhlIGhhcyBzZWVuIHRoaXMgYmVmb3JlLicsICdUaGVyZSBpcyBhIGJyZWFkY3J1bWIgdHJhaWwgdG8gZmluZCB0aGUgYW5zd2VyLicsICdJZiBoZSBkb2VzIG5vdCwgSSB3aWxsIGRlZmluaXRlbHkgZ2l2ZSBoaW0gYSBoYXJkIHRpbWUhJ10KCmZvciB0ZXh0IGluIG15YXJyYXk6CiAgICBwcmludCh0ZXh0KQogICAgdGltZS5zbGVlcCgxKQo='
df38534cc670c70a91cf9b035845d244(_0x111111(a87fc76f18e98ee7d3848f6b81b3391e))
 

captain-sensible

Well-Known Member
Credits
14,907
The only recent python thing i've done is this: https://github.com/captain-sensible/learnABC Aimed 3rd world and still on Amazon
Will Jamie figure this out?
Sure he will, he is a smart cookie.
While I do not know if he has seen this before.
There is a breadcrumb trail to find the answer.
If he does not, I will definitely give him a hard time!
 

KGIII

Super Moderator
Staff member
Gold Supporter
Credits
27,947
Me? Oh, man... You don't actually *want* me doing any coding. Once upon a time, I was fluent in Perl. So, if that's any indicator, you don't want me doing any coding.

I can do some passable PHP, but I don't consider that a programming language.

I want to say that I've shared my Perl story before. Lemme see...

Yeah, here:


Read at least the first post of that thread.
 

dcbrown73

Well-Known Member
Credits
3,042
Nice. hah I recall my first web app. It was a B2B application for our wine and liquor wholesale company. It allows restaurants and clubs order alcohol from us. They already had accounts so there was no credit cards or anything. They each had a pre-specified list of beverages they could purchase that was pre-approved by the owner of the restaurant or club.

Oh man, what a trainwreck that application was, but it actually freaking worked for years even after I left the company! I had no training as a developer at the time and had no concept of software architecture, how to manage data, or anything. It never even occurred to me at the time to store carts in the database! No, I did much better than that! I stored their entire shopping cart in cookies! lol

Oh yeah, it was BOSS! rofl.

I recall after I left the company some guy called me that I never had met before and said that he was hired by my company enhance the application and after lookng at the code. He had no idea what it was doing! lol. Render codes completely meshed into the logic code. I mean an absolutely NIGHTMARE!

I told him, he needed to start from scratch or find a new job! lol Both would be easier than trying to update that dumpster fire! That was back in the mid or late 90s I think. I think I had originally started it in Perl, but had switched to PHP mid-stream due to my dislike of Perl's mish-mash ugly heh PHP looked closer to C/C++ and I had been learning C / C++ around the same time.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Credits
27,947
I had no training as a developer at the time and had no concept of software architecture, how to manage data, or anything.
I took a semester's worth of C development and that's the entirety of my formal programming training. The rest I had to learn on my own. I wrote much of my own software all through grad school and then as a business owner. But, after the first contract was winding down and we were picking up our next contracts, I started hiring real programmers and gave them the math that they were to work with.

They kept my code alive for a few years before they convinced me to authorize a complete re-write. By then, I was smart enough to listen to them and wise enough to let go of my shoddy code. I haven't done much programming since, though I'll tinker with something here and there.

By the time I sold, we were selling software solutions to others and supporting it. It was quite a change in dynamics over the years.
 

dcbrown73

Well-Known Member
Credits
3,042
heh yeah. My programming history really stems from learning Basic as a kid in school and my friend and I writing Cutdown Matrix application to invent new ways to insult each other lol.

After that, we were playing DOOM and installed it on Linux (I've shared that before), but I didn't share is we were playing Internet MUDs. (Multi-User Dungeons) at the time and many where open source written in C.

So my buddy and I started learning C because we wanted to write our own mud and that's what we did. (still have the source)

Anyhow as I became a system admin, I started learning more programming to automate things at work and gradually learned quite a bit, but still didn't know a whole lot about software architecture. That's when I went to work in the financial district and worked very closely with some extremely talented developers and architects. These guys really taught me the ropes about architecture and other principals like SOLID, etc.

All of our desks where in a single room and they would discuss software related issues and architecture decisions and I was like a sponge when they would talk. They were always cool about answering questions.

Gradually as we worked together, I started building DevOps applications and automated deployments and all kinds of stuff for them while they wrote the HFT trading applications. I leaned so much from those guys and they helped me make decisions and understand why I was making those architectural decisions. From a software development standpoint I owe 90% of what I know today from them.

I still never want to be a full time developer though. No way, I figured out pretty quickly that I will burnout on that within six months. I like to do small scale projects that can be completed without days, weeks, or maybe 2-4 months. I also prefer when I can change gears and do other engineering tasks that aren't software development. Full-time development is just not my cup of tea, but I respect the hell of out great developers.

I tell ownership of the company I work at now. When they ask me if $x is possible. I respond with, anything can be done in software development. The question is never, can it be done. It's should it be done. Something are best left not done due to the nightmare they can cause down the road.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Credits
27,947
Just because we can, doesn't mean we should!

I too learned a lot from the programmers I hired. They were a different breed back then. We're talking early and mid 1990s when I first employed them in number. Getting them into business attire when clients visited was neigh on impossible and it's not like I could just fire them. I had, after all, employed them to do things that I could not do.

They were good, but expensive. Some of them actually had a higher salary than I had - and I owned the business. I did have a computer scientist (full on Ph.D.) that started the company with me, but he bailed after a couple of years and his job would be called IT/Infrastructure today. Coding was 'beneath' him.

I used to poach people right from grad school, just so I could get them early. I paid well and had some lenient rules. I have days where I really miss it. Then, I look out the window and realize that I don't have to work today, and that whole 'missing it' thing goes away quickly.
 

JasKinasis

Well-Known Member
Credits
7,670
I'm definitely white hat. I've written several malware and c&c applications, but they were for learning experiences so I can better understand how these types of attacks work.

All you have to do is look at some of my posts and my signature and you can see I love playing around with base64. Many black hats use base64 to obfuscate code so that it's harder to detect by anti-virus.

I wrote this little bit of code recently as an example to one of my junior Linux admins who I've been training in both on Python and on security. The Python code below is not harmful, but you should never just execute code you find on the Internet!

That said, I challenge someone to tell me what it does!
Python:
from base64 import b64decode as _0x111111
df38534cc670c70a91cf9b035845d244 = exec
a87fc76f18e98ee7d3848f6b81b3391e = b'CmltcG9ydCB0aW1lCm15YXJyYXkgPSBbJ1dpbGwgSmFtaWUgZmlndXJlIHRoaXMgb3V0PycsICdTdXJlIGhlIHdpbGwsIGhlIGlzIGEgc21hcnQgY29va2llLicsICdXaGlsZSBJIGRvIG5vdCBrbm93IGlmIGhlIGhhcyBzZWVuIHRoaXMgYmVmb3JlLicsICdUaGVyZSBpcyBhIGJyZWFkY3J1bWIgdHJhaWwgdG8gZmluZCB0aGUgYW5zd2VyLicsICdJZiBoZSBkb2VzIG5vdCwgSSB3aWxsIGRlZmluaXRlbHkgZ2l2ZSBoaW0gYSBoYXJkIHRpbWUhJ10KCmZvciB0ZXh0IGluIG15YXJyYXk6CiAgICBwcmludCh0ZXh0KQogICAgdGltZS5zbGVlcCgxKQo='
df38534cc670c70a91cf9b035845d244(_0x111111(a87fc76f18e98ee7d3848f6b81b3391e))
Did Jamie ever work out what it did?! Ha ha!
It’s not too tricky.

The b64decode function has been aliased to _0x111111
A pointer/reference to the exec function has been assigned to an obfuscated looking variable, named df38534….. (can’t be arsed to write the entire variable name!)
The obfuscated variable a87fc7….. is assigned a base64 encoded string, which decodes as:
Python:
import time
myarray = ['Will Jamie figure this out?', 'Sure he will, he is a smart cookie.', 'While I do not know if he has seen this before.', 'There is a breadcrumb trail to find the answer.', 'If he does not, I will definitely give him a hard time!']

for text in myarray:
    print(text)
    time.sleep(1)
Then in the final line - it’s all brought together.
In pseudo-code the final line says:
Code:
exec(b64decode({base64Encoded-string})
Which will execute the decoded Python code above, which sets up an array of strings. It then iterates through the array, prints a string, sleeps for a second, then reiterates to print the next string and sleep, until the end of the array is reached!

Yielding the output that @captain-sensible provided in his post!
 
Last edited:

dcbrown73

Well-Known Member
Credits
3,042
@JasKinasis Exactly. Nice breakdown. :)

As for Jamie. He didn't quite get it until I did what you just did. I had to break it down so he understood how it was constructed.

His eyes lit up when he saw the code hidden inside the base64 string. It was like a kid seeing his first fire truck lol.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Top