On Thu, 11 Jan 2007, Topher Fischer wrote:
I learned something at PLUG that I though was just so nifty, that I had
to share it. ssh has an escape charcter (default is tilde, "~") which
can help you do some cool stuff. I think the first two are going to be
very useful, but here's the whole section from the man page:
Ack! That sounds like one of those unexpected features that could really get
you in trouble. Looks like it tries to be clever, though:
$ nc -l -p 1337 | ssh localhost
Pseudo-terminal will not be allocated because stdin is not a terminal.
I bet there's some weird case where it wouldn't be able to tell, at which
point the data coming over the connection astonishingly becomes metadata. I
discovered an analogous vulnerability years ago at a dialup ISP where people
could dial in directly to a login: prompt on our sun. I wrote a script that
echoed 3 tildes, waited, then did it again, followed by a few tricky AT
commands so the terminal server wouldn't know when the modem hung up. Then I
did "ATH1" followed by "ATDT [my phone number]". When I ran the script, the
modem hung up on me... but then called me back!
-J
--------------------
BYU Unix Users Group
http://uug.byu.edu/
The opinions expressed in this message are the responsibility of their
author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG.
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
