Bugtraq mailing list archives
ps(1) for freebsd.
From: spy () TYR OFFICE EFN ORG (Ben)
Date: Wed, 12 Aug 1998 15:00:21 -0700
There was already a phrack article on this for linux, but I was unable to dig up anything for FreeBSD's ps(1). The ps(1) command for FreeBSD can be used to show environment variable for user proccesses running as you, or other users. While not a bug itself, this will allow you to view certain things, i.e. is root logged on?, FTP_SERVER, FTP_PASSWORD, or if the machine is a dialup box, and ppp is dialing at the time you execute ps(1) you will be able to view the password and login for their account. For privacy reasons I made patches that only allow ps(1) to show the proccesses for the user running it, making the '-a' flag go away, unless your uid or gid is 0. The diff for FreeBSD-2.2.7: 125,128c125 < /* I added all_(g|u)id int's for the "all" case < * int all, ch, flag, i, fmt, lineno, nentries; < */ < int all_uid, all_gid, all, ch, flag, i, fmt, lineno, nentries; ---
int all, ch, flag, i, fmt, lineno, nentries;
146,148d142 < /* get the u and g id's of the user for all case checking. */ < all_uid = getuid(); < all_gid = getgid(); 161,169d154 < /* this is set to gid because I want all wheel < * members to be able to get '-a' output < * if you only want root to be granted this ability < * set this line to. < * if (all_uid != 0) < */ < if (all_gid != 0) < all = 0; < else -ben () efn org EFnet: ben
Current thread:
- ps(1) for freebsd. Ben (Aug 12)
- Re: ps(1) for freebsd. JDC (Aug 13)
- Re: ps(1) for freebsd. Scott Smith (Aug 13)
- URL exploit to crash Opera Browser Zac Leow C.H (Aug 13)
- Re: ps(1) for freebsd. JDC (Aug 13)