Jun 062013
 

This is a trick I learned a long time ago.  I used to teach it in my linux administration, digital forensics, and ethical hacking courses I taught at college.  It has been one of the most useful commands I ever learned.  So the scenario goes like this:  lets assume you have a user you suspect is doing something nefarious…maybe even a hacker has a shell on your server.  You would like to be able to see exactly what they are doing.  Wouldn’t it be nice to be able to connect to their shell without them knowing so you can watch what they are doing?

Here is how it is done…..

Continue reading »

Jun 132011
 

As system administrators, we often need to search for potential backdoors or shells in web sites for servers we manage.  Its not something we want to happen, but need to do especially if we are supporting legacy code; have gotten behind on patches or updates; or a new exploit slipped through the cracks due to its popularity and how quickly it spread.

I wrote a quick bash script based on a php version I found here.

Here is the short script:

Continue reading »