chmod -x chmod

•

90 likes•61,466 views

Video at http://www.youtube.com/watch?v=DTWZqh64RcQ. You're in a Data Center, with absolutely no contact with the outside world, with a machine that you must not restart, and someone performed a `chmod -x chmod`. This is a problem we used in interviews during 2009, and this presentation is a list of some of the possible solutions that my co-workers at SAPO have suggested.

Technology

chmod -x chmod
José Castro <cog@cpan.org>
August 2010

During 2009
we posed this problem
to several of our candidates

With absolutely
no contact
with the outside world

And someone had
the brilliant idea
of performing a
`chmod -x chmod`

The following is a list
of possible solutions
proposed by my co-workers

If the package is in
cache, reinstall it

On Debian:

sudo apt-get install --reinstall coreutils

Python

python -c "import os;os.chmod('/bin/chmod', 0777)"

d
un teste

Node.js

require("fs").chmodSync("/bin/chmod", 0755);

Use existing executables
or create your own

$$ cat - > chmod.c int main () { } ^D$

$$ cat - > chmod.c int main () { } ^D $ cc chmod.c$

$$ cat - > chmod.c int main () { } ^D $ cc chmod.c $ cat /bin/chmod > a.out$

$ cp cat new_chmod

$ cat chmod > new_chmod

$$ cat - > restore_chmod.c #include <sys/types.h> #include <sys/stat.h> int main () { chmod( "/bin/chmod", 0000777 ); } ^D$

$$ cat - > restore_chmod.c #include <sys/types.h> #include <sys/stat.h> int main () { chmod( "/bin/chmod", 0000777 ); } ^D $ cc restore_chmod.c$

$$ cat - > restore_chmod.c #include <sys/types.h> #include <sys/stat.h> int main () { chmod( "/bin/chmod", 0000777 ); } ^D $ cc restore_chmod.c $ ./a.out$

$ tar --mode 0777 -cf chmod.tar /bin/chmod

$ tar xvf chmod.tar

d
un teste

$ tar -cvf chmod.tar chmod

edit the archive and alter the permissions

“You said I couldn’t
go to the internet...

“You said I couldn’t
go to the internet...

but you said nothing about
the other machines
on the data center...”

Open a socket to another machine and do a:

$ tar --preserve-permissions -cf chmod.tar chmod

Open a socket to another machine and do a:

$ tar --preserve-permissions -cf chmod.tar chmod

Get this tar to your machine and:

$ tar xvf chmod.tar

cpio lets you
copy ﬁles
to and from archives

bytes 19 to 24
are the ﬁle mode
(http://4bxf.sl.pt)

$echo chmod | cpio -o | perl -pe 's/^(.{21}).../${1}755/' | cpio -i -u$

d
un teste

• attrib or ls -@
• force the inode into cache
• check kcore for the VFS structures
• use sed to alter the execution bit without
the kernel realizing it

• run chmod +x chmod

Text editors
sometimes need
to overwrite a ﬁle

Thus, some of them
have something
resembling chmod

Ctrl+x b > *scratch*
(set-file-modes "/bin/chmod" (string-to-number "0755" 8))
Ctrl+j

But one of the best
answers I’ve seen...

Was from a guy who replied to my
“Solve the problem”
with...

“What problem?
Isn’t the machine still
running?”

Viewers also liked

Different types of Editors in Linux

Bhavik Trivedi

File permission in linux

Prakash Poudel

Basic Unix

Rajesh Kumar

Unix Shell Scripting Basics

Dr.Ravi

Linux Administration

Harish1983

The "vi" Text Editor

Alessandro Manfredi

Search Engine Powerpoint

201014161

Linux admin interview questions

Kavya Sri

Viewers also liked (8)

Different types of Editors in Linux

File permission in linux

Basic Unix

Unix Shell Scripting Basics

Linux Administration

The "vi" Text Editor

Search Engine Powerpoint

Linux admin interview questions

Recently uploaded

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Rafal Los

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

This presentation explores the impact of HTML injection attacks on web applications, detailing how attackers exploit vulnerabilities to inject malicious code into web pages. Learn about the potential consequences of such attacks and discover effective mitigation strategies to protect your web applications from HTML injection vulnerabilities. for more information visit https://bostoninstituteofanalytics.org/category/cyber-security-ethical-hacking/

HTML Injection Attacks: Impact and Mitigation Strategies

Boston Institute of Analytics

Tech Trends Report 2024 Future Today Institute.pdf

hans926745

Developing An App To Navigate The Roads of Brazil

V3cube

Recently uploaded (20)

Axa Assurance Maroc - Insurer Innovation Award 2024

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Powerful Google developer tools for immediate impact! (2023-24 C)

The 7 Things I Know About Cyber Security After 25 Years | April 2024

A Year of the Servo Reboot: Where Are We Now?

Partners Life - Insurer Innovation Award 2024

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Apidays New York 2024 - The value of a flexible API Management solution for O...

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Automating Google Workspace (GWS) & more with Apps Script

Exploring the Future Potential of AI-Enabled Smartphone Processors

Data Cloud, More than a CDP by Matt Robison

HTML Injection Attacks: Impact and Mitigation Strategies

Tech Trends Report 2024 Future Today Institute.pdf

Developing An App To Navigate The Roads of Brazil

chmod -x chmod

1. chmod -x chmod José Castro <cog@cpan.org> August 2010

2. During 2009 we posed this problem to several of our candidates

3. You’re in a Data Center

4. With absolutely no contact with the outside world

5. There’s a machine you must not reboot

6. And someone had the brilliant idea of performing a `chmod -x chmod`

7. Solve the problem

8. The following is a list of possible solutions proposed by my co-workers

9. If the package is in cache, reinstall it

10. On Debian: sudo apt-get install --reinstall coreutils

11. Use a language that implements chmod

12. Perl perl -e ‘chmod 0755, “chmod”’

13. Python python -c "import os;os.chmod('/bin/chmod', 0777)"

14. d un teste Node.js require("fs").chmodSync("/bin/chmod", 0755);

15. Use existing executables or create your own

16. $ cat - > chmod.c

17. $ cat - > chmod.c int main () { } ^D

18. $ cat - > chmod.c int main () { } ^D $ cc chmod.c

19. $ cat - > chmod.c int main () { } ^D $ cc chmod.c $ cat /bin/chmod > a.out

20. $ cp cat new_chmod $ cat chmod > new_chmod

21. $ cat - > restore_chmod.c

22. $ cat - > restore_chmod.c #include <sys/types.h> #include <sys/stat.h> int main () { chmod( "/bin/chmod", 0000777 ); } ^D

23. $ cat - > restore_chmod.c #include <sys/types.h> #include <sys/stat.h> int main () { chmod( "/bin/chmod", 0000777 ); } ^D $ cc restore_chmod.c

24. $ cat - > restore_chmod.c #include <sys/types.h> #include <sys/stat.h> int main () { chmod( "/bin/chmod", 0000777 ); } ^D $ cc restore_chmod.c $ ./a.out

25. launch BusyBox (it has a chmod inside)

26. GNU tar

27. $ tar --mode 0777 -cf chmod.tar /bin/chmod $ tar xvf chmod.tar

28. tar --mode 555 -cvf - chmod | tar xvf -

29. d un teste $ tar -cvf chmod.tar chmod edit the archive and alter the permissions

30. “You said I couldn’t go to the internet...

31. “You said I couldn’t go to the internet... but you said nothing about the other machines on the data center...”

32. Open a socket to another machine and do a: $ tar --preserve-permissions -cf chmod.tar chmod

33. Open a socket to another machine and do a: $ tar --preserve-permissions -cf chmod.tar chmod Get this tar to your machine and: $ tar xvf chmod.tar

34. cpio

35. cpio lets you copy ﬁles to and from archives

36. bytes 19 to 24 are the ﬁle mode (http://4bxf.sl.pt)

37. echo chmod | cpio -o | perl -pe 's/^(.{21}).../${1}755/' | cpio -i -u

38. Hardcore

39. alias chmod='/lib/ld-2.11.1.so ./chmod'

40. d un teste • attrib or ls -@ • force the inode into cache • check kcore for the VFS structures • use sed to alter the execution bit without the kernel realizing it • run chmod +x chmod

41. Text editors sometimes need to overwrite a ﬁle

42. Thus, some of them have something resembling chmod

43. Emacs

44. Ctrl+x b > *scratch* (set-file-modes "/bin/chmod" (string-to-number "0755" 8)) Ctrl+j

45. There seem to be countless solutions

46. But one of the best answers I’ve seen...

47. Was from a guy who replied to my “Solve the problem” with...

48. “What problem? Isn’t the machine still running?”

49. The End (for now)

chmod -x chmod

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (8)

Recently uploaded

Recently uploaded (20)

chmod -x chmod