EXT2 TOOLS: Read ext2 files from DOS

EXT2 TOOLS: Read ext2 files from DOS

Post by Ron DuFres » Mon, 22 May 1995 04:00:00



: The ext2 tools are a set of DOS programs that enable you to read
: a Linux ext2 file system under DOS.

: The ext2 tools consist of the following programs:

:    E2CAT     analogous to the Linux cat command
:    E2CD      analogous to the Linux cd command
:    E2CP      analogous to the Linux cp command
:    E2LS      analogous to the Linux ls command
:    E2PART    lists hard disk partitions
:    E2PWD     analogous to the Linux pwd command

: The programs are distributed in both binary and source code form.

: They can be accessed by anonymous FTP from:

: Site:  login.dknet.dk
: File:  /pub/ct/ext2tool.zip

hmm, get permission denied here...

Later,

Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!

OK, so you're a Ph.D.  Just don't touch anything.

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Joe Slo » Tue, 23 May 1995 04:00:00


: The ext2 tools are a set of DOS programs that enable you to read
: a Linux ext2 file system under DOS.

: The ext2 tools consist of the following programs:

:    E2CAT     analogous to the Linux cat command
:    E2CD      analogous to the Linux cd command
:    E2CP      analogous to the Linux cp command
:    E2LS      analogous to the Linux ls command
:    E2PART    lists hard disk partitions
:    E2PWD     analogous to the Linux pwd command

This is a clever tool which fills an oft-mentioned need, but....

If we should ever see tools which can WRITE ext2 partitions from
dos, security on dual boot dos/linux machines is down the drain.

That would compel me to remove one or the other OS from dual boot
machines in public places until an effective defense is established.

Perhaps disable dos boot, but allow dos access exclusively via dosemu?

just my $.02

--
Joe Sloan                | "UNIX - Live free or die!"

University Of California | http://neuromancer.ucr.edu/~jjs

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by ron bardars » Tue, 23 May 1995 04:00:00





>: The ext2 tools are a set of DOS programs that enable you to read
>: a Linux ext2 file system under DOS.

>: The ext2 tools consist of the following programs:

>:    E2CAT     analogous to the Linux cat command
>:    E2CD      analogous to the Linux cd command
>:    E2CP      analogous to the Linux cp command
>:    E2LS      analogous to the Linux ls command
>:    E2PART    lists hard disk partitions
>:    E2PWD     analogous to the Linux pwd command

>This is a clever tool which fills an oft-mentioned need, but....

>If we should ever see tools which can WRITE ext2 partitions from
>dos, security on dual boot dos/linux machines is down the drain.

>That would compel me to remove one or the other OS from dual boot
>machines in public places until an effective defense is established.

Either start immediately or realize that no security exists when
physical access is possible.  Even without these tools, I can gain
full access to your filesystems whenever I have physical access.  For
every defense you offer, I have a counter.  You can protect remote
machines generally, but never when uncontrolled physical access is
possible.  But then, no one is really interested in breaking into
every machine, so "don't worry, be happy".
--
#include <std.dsclmr>
 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by John Tayl » Wed, 24 May 1995 04:00:00



: : The ext2 tools are a set of DOS programs that enable you to read
: : a Linux ext2 file system under DOS.

: : The ext2 tools consist of the following programs:

: :    E2CAT     analogous to the Linux cat command
: :    E2CD      analogous to the Linux cd command
: :    E2CP      analogous to the Linux cp command
: :    E2LS      analogous to the Linux ls command
: :    E2PART    lists hard disk partitions
: :    E2PWD     analogous to the Linux pwd command

: This is a clever tool which fills an oft-mentioned need, but....

: If we should ever see tools which can WRITE ext2 partitions from
: dos, security on dual boot dos/linux machines is down the drain.

: That would compel me to remove one or the other OS from dual boot
: machines in public places until an effective defense is established.

: Perhaps disable dos boot, but allow dos access exclusively via dosemu?

No, I successfully ran these tools from dosemu.  These can breach security
because, with them, you can read /var/adm/* or /etc/shadow, for example. I
tried to e2cat /dev/kmem, but the program reported it as "not a regular
file" and did not let me read it.

--

John Taylor

Heaven and Earth will pass away, but my words will never pass away. Mk 13:34

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Daniel Quinl » Wed, 24 May 1995 04:00:00



> This is a clever tool which fills an oft-mentioned need, but....  If
> we should ever see tools which can WRITE ext2 partitions from dos,
> security on dual boot dos/linux machines is down the drain.

Try a disk editor.  ANYONE can edit your /etc/passwd and break in to
your system in 5 minutes if they have physical access to the machine.

> That would compel me to remove one or the other OS from dual boot
> machines in public places until an effective defense is established.

> Perhaps disable dos boot, but allow dos access exclusively via dosemu?

> No, I successfully ran these tools from dosemu.  These can breach
> security because, with them, you can read /var/adm/* or /etc/shadow,
> for example. I tried to e2cat /dev/kmem, but the program reported it
> as "not a regular file" and did not let me read it.

I think this is an example of false security.

1. It is possible to break into any (typical) system to which
   physical access is permitted.

2. Security under DOS is difficult because the operating system has no
   real security measures.  All someone ever had to do is bring a
   floppy and run `format'.  You're deluding yourself if you think
   these EXT2 tools have introduced any new factor.  It was always there.

3. (In my opinion) /etc/shadow is not all that it is cracked up to be.
   It helps promote a false sense of security more than anything else,
   especially when physical access to the machine is possible.

--
Daniel Quinlan          Member of the League for Programming Freedom

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by roo » Wed, 24 May 1995 04:00:00



: : The ext2 tools are a set of DOS programs that enable you to read
: : a Linux ext2 file system under DOS.

: : The ext2 tools consist of the following programs:

: :    E2CAT     analogous to the Linux cat command
: :    E2CD      analogous to the Linux cd command
: :    E2CP      analogous to the Linux cp command
: :    E2LS      analogous to the Linux ls command
: :    E2PART    lists hard disk partitions
: :    E2PWD     analogous to the Linux pwd command

: : The programs are distributed in both binary and source code form.

: : They can be accessed by anonymous FTP from:

: : Site:  login.dknet.dk
: : File:  /pub/ct/ext2tool.zip

: hmm, get permission denied here...
      I don't.... maybe you tried when it was overloaded or something.
: Later,

: Ron DuFresne
: --
: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: "Cutting the space budget really restores my faith in humanity.  It
: eliminates dreams, goals, and ideals and lets us get straight to the
: business of hate, debauchery, and self-annihilation."
:                 -- Johnny Hart
: testing, only testing, and damn good at it too!

: OK, so you're a Ph.D.  Just don't touch anything.

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by B.A.McCau.. » Fri, 26 May 1995 04:00:00


Quote:>>No, I successfully ran these tools from dosemu.  These can breach security
>>because, with them, you can read /var/adm/* or /etc/shadow, for example. I
>>tried to e2cat /dev/kmem, but the program reported it as "not a regular
>>file" and did not let me read it.

>You know, you are right - I realized, after posting, that security
>is already hosed with the availability of these tools. (They're nice
>to have around in your bag of sys admin tricks, but....)

>Well, you can't put the genie back in the bottle now - but we better
>have a plan to deal with this stuff pretty quick.

IMHO security by obsucrity is no security. It has always been
possible to read /etc/shadow with DOS direct disk reading tools. All
these tools do is make it easier. If your system is insecure after you
put these tools on then it was insecure already.

I'm not too up on DOSEMU but I belive I read that it is possible you
deny DOSEMU direct access to disk partitions. If DOSEMU is to be run
by non-root then you should do this regardless of the availbilty of
such tools.
--

 .  _\\__[oo       from       | Phones: +44 121 471 3789 (home)

.  l___\\    /~~) /~~[  /   [ | PGP-fp: D7 03 2A 4B D8 3A 05 37
 # ll  l\\  ~~~~ ~   ~ ~    ~ |         A1 93 FE EA BE E3 2A 91

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Daniel Barl » Fri, 26 May 1995 04:00:00





>> This is a clever tool which fills an oft-mentioned need, but....  If
>> we should ever see tools which can WRITE ext2 partitions from dos,
>> security on dual boot dos/linux machines is down the drain.

>Try a disk editor.  ANYONE can edit your /etc/passwd and break in to
>your system in 5 minutes if they have physical access to the machine.

Even easier, try loadlin.  If you allow people to get loadlin and a
suitable kernel image on the DOS partition, they can have your linux
partition up and running single user as quick as ->that<-

Got a password on single user access?  OK, get a slackware root disk
or similar, untar it under c:\linux (this kind of requires that the
attacker have access to another linux box somewhere, but that's not
too uncommon), then loadlin zimage root=/dev/yourdospartition single
and mount the linux partition on /mnt

Note that neither of these attack strategies require booting from a
floppy (or any use at all of a floppy, if the box is net-connected).
I hope nobody will flame me for revealing these, but given that
they've been independently discovered by a number of people round here,
I'm sure that much of the rest of the world knows about them already.

[many good points by Daniel Quinlan dleted]

Daniel
--

``Our single posting of 6,000 was a drop in a huge bucket''
                                -- Canter & Siegel, to the Tennessee Bar

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Robert Bla » Fri, 26 May 1995 04:00:00


The security problem is manageable:

1) allow DOSEMU access to trusted (i.e. root or administrator) accounts only
   (this is simple via the /etc/dosemu.users file)
2) allow physical access to your machine only to trusted individuals
   (this, of course, means DOS access is possible only to said trusted
    individuals)

These are the only ways to assure any kind of security if you have DOS
on the machine and/or non-password boot (even so it must be possible to
erase the CMOS password with physical access).
--

 *C~o~()*
Cc{*(o~*Q&                                          Bob Blair
(  ((     )
|~      ~ |                                     Argonne National Lab.
|O      - |                                     High Energy Physics Div.
\   "     /                                     9700 S. Cass Ave.
 \ ****  /                                      Argonne,   IL 60439
  **^u^**                                       Phone (708)-252-7545

    ***                                                 fnald::rebcdf

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Marek Michalkiewi » Fri, 26 May 1995 04:00:00


: If we should ever see tools which can WRITE ext2 partitions from
: dos, security on dual boot dos/linux machines is down the drain.

Why?  Without such tools, anyone can boot the box from a floppy, mount
the ext2 partition and do what they want with it...  Or just use tools
like Norton DiskEdit to edit any physical partition manually.

Regards,

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Gwoho L » Fri, 26 May 1995 04:00:00




: : The ext2 tools are a set of DOS programs that enable you to read
: : a Linux ext2 file system under DOS.
:
: : The ext2 tools consist of the following programs:
:
: :    E2CAT     analogous to the Linux cat command
: :    E2CD      analogous to the Linux cd command
: :    E2CP      analogous to the Linux cp command
: :    E2LS      analogous to the Linux ls command
: :    E2PART    lists hard disk partitions
: :    E2PWD     analogous to the Linux pwd command
:
:
: This is a clever tool which fills an oft-mentioned need, but....
:
: If we should ever see tools which can WRITE ext2 partitions from
: dos, security on dual boot dos/linux machines is down the drain.

It's down the drain anyway.  If you let people use your Linux computer
with DOS.  I think you can edit the password file in a linux partition
with the DOS debug command.

gwoho liu.

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Gwoho L » Fri, 26 May 1995 04:00:00





: >
: >No, I successfully ran these tools from dosemu.  These can breach security
: >because, with them, you can read /var/adm/* or /etc/shadow, for example. I
: >tried to e2cat /dev/kmem, but the program reported it as "not a regular

Gee--I wonder why that didn't work.

: >file" and did not let me read it.
:
: Well, you can't put the genie back in the bottle now - but we better
: have a plan to deal with this stuff pretty quick.

Even more fun is that with at least one distribution of Linux, you can just
mcopy /etc/passwd to a floppy, edit it, then mcopy it back.

gwoho liu.

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Joe Slo » Fri, 26 May 1995 04:00:00





>: If we should ever see tools which can WRITE ext2 partitions from
>: dos, security on dual boot dos/linux machines is down the drain.

>Why?  Without such tools, anyone can boot the box from a floppy, mount
>the ext2 partition and do what they want with it...  Or just use tools
>like Norton DiskEdit to edit any physical partition manually.

No, they can't boot from a floppy, because I have it disabled in
the BIOS, and the BIOS setup is password protected. But then again,
if they have a screwdriver and some privacy, they can get around that...

I guess it would help to diable dos boot entirely, and provide access
to trusted users via doesmu, as was suggested earlier.
Now if there were a way to prohibit dosemu access to ext2 partitions....

--
Joe Sloan                | "UNIX - Live free or die!"

University Of California | http://dostoevsky.ucr.edu

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Joe Slo » Fri, 26 May 1995 04:00:00




>No, I successfully ran these tools from dosemu.  These can breach security
>because, with them, you can read /var/adm/* or /etc/shadow, for example. I
>tried to e2cat /dev/kmem, but the program reported it as "not a regular
>file" and did not let me read it.

You know, you are right - I realized, after posting, that security
is already hosed with the availability of these tools. (They're nice
to have around in your bag of sys admin tricks, but....)

Well, you can't put the genie back in the bottle now - but we better
have a plan to deal with this stuff pretty quick.

--
Joe Sloan                | "UNIX - Live free or die!"

University Of California | http://neuromancer.ucr.edu/~jjs

 
 
 

EXT2 TOOLS: Read ext2 files from DOS

Post by Joe Slo » Fri, 26 May 1995 04:00:00



>It's down the drain anyway.  If you let people use your Linux computer
>with DOS.  I think you can edit the password file in a linux partition
>with the DOS debug command.

Yes, this is correct. dos is a big risk.
actually, any machine which is not physically secure is at risk,
but it would help tremendously to get rid of dos for good...

--
Joe Sloan                | "UNIX - Live free or die!"

University Of California | http://dostoevsky.ucr.edu

 
 
 

1. EXT2 TOOLS: Read ext2 files from DOS

The ext2 tools are a set of DOS programs that enable you to read
a Linux ext2 file system under DOS.

The ext2 tools consist of the following programs:

   E2CAT     analogous to the Linux cat command
   E2CD      analogous to the Linux cd command
   E2CP      analogous to the Linux cp command
   E2LS      analogous to the Linux ls command
   E2PART    lists hard disk partitions
   E2PWD     analogous to the Linux pwd command

The programs are distributed in both binary and source code form.

They can be accessed by anonymous FTP from:

Site:  login.dknet.dk
File:  /pub/ct/ext2tool.zip

---
Claus Tondering
Lyngby, Denmark

--

PLEASE remember Keywords: and a short description of the software.

2. Debunking the Linux-Windows market-share myth

3. problem mounting older ext2 with newer ext2 tools installed

4. ATI question

5. Dos/Win(vfat) file to Linux file (ext2) conversion utility

6. how to setup kernel debugging?

7. Possible to read ext2 fs under Dos or OS/2?

8. tty input overflow on new internal USR V.34 modem

9. Read/Write ext2 fs from DOS ?

10. Read ext2 fs from OS/2 or DOS?

11. Reading of ext2 under DOS or Win ???

12. reading ext2 FS from dos. how?

13. Is there a utility that will let DOS/Win9x read/write ext2 partitions?