Re: Shadow Shell?

Ron Crash wrote:
> Ken,
>
> Pretty smart. Never thought about doing it that way.
>
> Thanks

Another approach is to remote shell (ssh shell... whatever)
and do an sh -i (bash -i/ksh -i). You won't have a full
tty, but you'll have a command by command line shell.

e.g.

ssh user@target-host "ksh -i"

>
>
>
> "Kenneth A Kauffman" <kkauffman@nospam.headfog.com> wrote in message
> news:p%%Ha.5251$Ri.1144@news2.east.cox.net...
>
>>"Ron Crash" <crash@metro.lexus.com> wrote in message
>>news:vejsqtgl37iscc@corp.supernews.com...
>>
>>>Is there a way to be logged into a shell without being seen by "who" or
>>
>>"w"?
>>
>>>I don't want to rootkit, I want to see what other users are doing on my
>>
>>box
>>
>>>at work without them knowing I'm logged on.
>>>
>>>Ron
>>>
>>>
>>
>>if it is always the same username, then you can do the following:
>>
>>move /usr/bin/w and /usr/bin/who to their own location not in the path.
>>
>>create a script by the same name for each in /usr/bin as follows:
>>
>>/<newpath>/who | grep -v <username> (save as /usr/bin/who)
>>/<newpath>/w | grep -v <username> (save as /usr/bin/w)
>>
>>After saving the files, chmod the scripts to 755
>>
>>What happens is that each script will execute the binary and remove your
>>username from the output via grep -v.
>>
>>ken k
>>
>>
>
>
>