May 13, 2011

The Confession: Discussing Religious Morals with Jack Bauer

We have all been fans of 24 right? The innovative show (in terms of story line) where Jack Bauer the secret agent solves terrorist and conspiracy plots in 24 hours, not hesitating to use the most drastic techniques (extensive torture and even shooting his team and family members) to uncover the truth? Wait you don't know what I am talking about? Shame on you :).

Well, Kiefer Sutherland, the actor who played the charismatic role in the show has done it again; This time in a smaller scale, through a 10-episode web series that he created: The Confession. The plot is rather simple: a professional killer (played by Kiefer) and a priest engage in the only truthful conversation that can happen, in my opinion, between such characters, i.e. the meaning of good and evil, all in the secrecy of a confessional.

I absolutely love the format of this series. It is web-only (mainly on, unfortunately available only in the US, deals are signed for internatinal distribution, I just don't know what sites), 7-10 minutes per episode and really fast-paced.

Good Job on this one Kiefer, can't wait for more of your projects or more web-only specials like this one. See the trailer below:

Breaking Out of "Jail" : Restricted Shell

No, I am not writing a sequel for the show "Prison Break", though I would love to see it come back to the screens :).

If you have never used a Linux or Unix-like terminal to administer a computer (yeah, it's a geeky post), you better stop reading now. The purpose of this post is to give some ideas on ways to get out of restricted shells on Linux systems.

- "But what is this restricted shell thing you are talking about?".
I assume as a Linux user (if you are not, you should have stopped reading by now :D), you know that each time a terminal is launched, a special program is started to read your commands: The Shell. There exist many shells (Boune shell or bash, Korne Shell or kshell, and more) and they are very powerful as you might expect. However, mostly in production environments where multiple users can remotely access a shell of a machine, it is good practice for administrators to apply restrictions on the commands that a normal user can execute on the host with the help of restricted shells (a good example is rbash and this post How to restrict access with rbash describe a way to implement it).

- "So how do I break out of this restrictive "prison"?", two words: Shell Escapes.
Many command-line applications provide a way to fall back into a shell, restrictive or not. The one I will mostly talk about is offered by vi/vim the text editor, since it can permit you to access an unrestricted shell following these instructions:

1. Once in vi/vim, type ESC, then:
  • Type “:set shell=/bin/bash
  • Type “:shell” and VOILA!!!!! 

Unfortunately, vi/vim also has a restricted version rvi/rvim in which this trick will not work. If you are stuck with rvi, you can try the following methods to access vi with other applications:

2. Using the text-based browser lynx:
  • open a local file with lynx (e.g.: $ lynx /etc/passwd)
  • type “o” to open the options; change the second option (Editor) to “/bin/vi” and save the changes to go back at the main page.
  • Type “e” to edit the file with vi
  • Follow instructions in 1.
3. Using the mail (local email client) command:
  • $ set VISUAL=/bin/vi
  • $ mail -s "subject" "destination email"
  • Type "~v" on the next line to edit the mail with vi.
  • Follow the instructions in 1.
There are various other ways to obtain the same result, this was just a the tip of the iceberg.

UPDATE: Guess what?? The browser Elinks is also vulnerable to shell escapes. This is based on the feature (hacking feature?) allowing users to edit the contents of text boxes on a webpage using external editors (i.e. using other applications on the machine... Yayyy vi/vim). All you have to do is setup the $EDITOR environment variable with "/bin/vi" and the rest is history... Wait you need more details?? OK:

  • $ set EDITOR=/bin/vi
  • Open a webpage containing a text box (should be easy to find on the Internet. If you can not, well lmgtfy!!!).
  • Navigate to the text-box area and Enter to edit, the press F4 (or whatever is used in the configurations) to edit the text box externally, and you should see something familiar :=)

Search This Blog