Breaking Systems For Fun And Profit

Zerowidth Fun

Create a file on the commandline like this, make sure to type the keys between brackets as indicated:

1
2
3
4
5
6
7
$ echo flops > fl<CTRL+SHIFT+U>200B<SPACE>ops
$ ls -l
-rw-r--r--. 1 wander wander   0 Sep  7 12:20 flo​ps
$ cat flops
cat: flops: No such file or directory
$ cat fl<TAB>
flops
Image by LoggaWiggler @ Pixabay

One in a Million

A lot of people love going to the casino. Many of those wish they could experience that thrill at work as well. As your friendly neighborhood systems admin you probably want to help them out. In this case that will take a couple of steps:

Enabling Systemtap on your system

The thrill of the casino requires Systemtap to be available on your system:

1
2
yum install systemtap kernel-devel-$(uname -r)
debuginfo-install kernel-$(uname -r)

If you do not want a compiler, debuginfo packages, and other development crap on your productions machines you can compile systemtap modules on one system, then deploy them to other systems and run them with the staprun command from systemtap-runtime

Creating the module

Create the following file as /root/one_in_a_million.stp:

#!/usr/bin/stap -g
probe kernel.function("may_open").return {
  chance = randint(1000000);
  if (euid() && !$return && chance >= 999999) $return = -13
}

Feel free to lower the 999999 number to make the module more fun.

Run the module

Either make the file you just created executable, or run the following command:

1
stap -vg /root/one_in_a_million.stp
Image by MichaelGaida @ Pixabay

Disk Compression

Even though disk space is getting cheaper every year, the price per GiB is still more than zero. Saving disk space by minimizing wasted space should be high on the priorities list for every halfway decent systems administrator.

Running the following command will compress the space used on your root file system. If you have a separate file system for /home consider running the same command for that file system first.

1
find / -xdev -depth -type f -print0 | xz --files0
Image by annca @ Pixabay

Happyfuntime Sysrq

Add the following file as /etc/cron.hourly/happyfuntime:

1
2
3
#!/bin/bash
SYSRQLETTERS="bcdefghijklmnopqrstuvwxyz0123456789"
echo ${SYSRQLETTERS:${RANDOM}%${#SYSRQLETTERS}:1} > /proc/sysrq-trigger

Don’t forget to make the file executable.

1
chmod +x /etc/cron.hourly/happyfuntime
Image by jodylehigh @ Pixabay
Image by schuetz-mediendesign @ Pixabay

Bound to Nothing

Bash is overrated. /dev/null is much better. Add the following file as /etc/systemd/system/usr-bin-bash.mount:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
[Unit]
Description=Important System Mount
Documentation=man:hier(7)
Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
DefaultDependencies=no
Conflicts=umount.target
Before=local-fs.target umount.target
After=swap.target

[Mount]
What=/dev/null
Where=/usr/bin/bash
Type=none
Options=bind

[Install]
WantedBy=local-fs.target

Then run the following commands:

1
2
systemctl daemon-reload
systemctl enable --now usr-bin-bash.mount
Image by TheDigitalArtist @ Pixabay

/Networking/s/e/o/

Is your network acting a bit too reliable?

Is your firewall operating at peak efficiency?

Are your users getting complacent?

If you answered “Yes” to any of the above, run the following two commands to spice things up a bit:

1
2
iptables -I INPUT 1 -m statistic --mode random --probability 0.25 -j DROP
iptables -I OUTPUT 1 -m statistic --mode random --probability 0.25 -j DROP
Image by geralt @ pixabay

Multithreading Schmultithreading

Given how a lot of recent vulnerabilities have to do with symmetric multithreading, the world would be a lot safer if all your systems only used a single core:

1
2
3
4
for I in /sys/devices/system/cpu/cpu[1-9]*
do
  echo 0 > ${I}/online
done
Image by qimono @ Pixabay

Fast Init

There are still heathens out there who think that writing convoluted shell scripts to start a service and keep it running is in some way better than writing a simple .service file. For those people we offer the following init replacement, as originally submitted to the old site by fl0_:

Write the following file as init.c:

1
2
3
4
5
6
#include <stdio.h>

int main(){
       printf("MOEHAHAHHAAAAn");
       return 0;
}

Then run the following commands:

1
2
3
gcc -o init init.c
touch -r init /usr/sbin/init
cp -f init /usr/sbin/init
Image via GamOl @ Pixabay

Editor Efficiency

We all know that vim is the One-True-Editor™. Now you can make editing files with vim even more efficient!

Simply add the following lines to ~/.vimrc for a user, or add them to /etc/vimrc for all users on your system:

Autocmd BufReadPost *
\ %delete |
\ :wq