[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Scripts
From: |
Lucio Rene Souza Cunha |
Subject: |
Scripts |
Date: |
Thu, 27 Sep 2001 08:57:45 -0300 |
User-agent: |
Mozilla/5.0 (X11; U; Linux 2.2.19pre17 i586; en-US; m18) Gecko/20001103 |
pessoall,
tenho que automatizar um processo de ttysnoop, como o
ttysnoop necessita de uid 0 tive que fazer o script abaixo com suid root
( mesmo sabendo das vulnerabilidades).
O problema é que quando esse script chama o /sbin/ttysnoop o programa
ttysnoop come 99% de processamento, existe algo no codigo que esteja
ocasionando issu?
bom o ttysnoop rodando normalmente nao chega 2% de processamento da maquina
fiz um script rodando /sbin/ttysnoop ttyp$1 e ele mantem suas
propriedades normais.
>> Script comedor de memoria :P <<
dia=`/bin/date "+%H:%M_%d-%m-%Y"`
hst=`/bin/echo "$REMOTEHOST"`
tty=`/usr/bin/tty | /usr/bin/cut -c6-10`
lend=` /usr/bin/who -l | /bin/grep $tty `
cinf=`/bin/echo $dia $hst`
/bin/echo $cinf | /bin/mail -s dgtbfScript address@hidden
ffile=`who -l | grep $tty | cut -c23- | tr -d " " | tr -d \( | tr -d \) `
/sbin/ttysnoop $tty > /tmp/logs/l$ffile &
"alias" ls="/bin/ls --color=no"
--EOF
e o ltrace me voltou o seguinte:
<... select resumed> ) = 1
read(0, <unfinished ...>
event: syscall (3)
SYS_read(0, <unfinished ...>
event: sysret (3)
<... SYS_read resumed> "", 256) = 0
<... read resumed> "", 256) = 0
write(3, "", 0 <unfinished ...>
event: syscall (4)
SYS_write(3, "", 0 <unfinished ...>
event: sysret (4)
<... SYS_write resumed> ) = 0
<... write resumed> ) = 0
select(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: syscall (142)
SYS__newselect(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: sysret (142)
<... SYS__newselect resumed> ) = 1
<... select resumed> ) = 1
read(0, <unfinished ...>
event: syscall (3)
SYS_read(0, <unfinished ...>
event: sysret (3)
<... SYS_read resumed> "", 256) = 0
<... read resumed> "", 256) = 0
write(3, "", 0 <unfinished ...>
event: syscall (4)
SYS_write(3, "", 0 <unfinished ...>
event: sysret (4)
<... SYS_write resumed> ) = 0
<... write resumed> ) = 0
select(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: syscall (142)
SYS__newselect(4, 0xbffffa60, 0, 0, 0 <unfinished ...>
event: sysret (142)
<... SYS__newselect resumed> ) = 1
<... select resumed> ) = 1
read(0, <unfinished ...>
event: syscall (3)
SYS_read(0, <unfinished ...>
event: sysret (3)
<... SYS_read resumed> "", 256) = 0
<... read resumed> "", 256) = 0
write(3, "", 0 <unfinished ...>
event: syscall (4)
SYS_write(3, "", 0 <unfinished ...>
event: sysret (4)
entao eu soh tenho a dizer:
HELP ME!!!
:)
[]'z
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Scripts,
Lucio Rene Souza Cunha <=