Foiling the Finger Command / Playing With Your Fingers

by Packet Rat

The Finger command is a command that most systems on the Internet have.

It allows anyone, anywhere on the Internet to get information on anyone else on the Internet.

This has both positive and negative aspects.  On the positive side it allows people to leave messages about their whereabouts, phone numbers, etc.  This also happens to be the negative side.

Depending on how the system administrator configures Finger, info such as your phone number, address, full name, and what you are doing (i.e., what commands you are executing) are available to anyone (and you have no way of knowing who has been poking around).

As you may or may not know, information such as that stated above could adversely affect the Internet user.  For example, with your name and phone number people could easily social engineer most college or company workers into giving out your address, Social Security Number (oh no!), and other sensitive info.

With your Social Security Number, people can cause you BIG problems (that's another article).  You may ask, "What can I do?"  Well, here are some solutions:

1.)  Change your Finger information.  On most UNIX systems users can execute the command "chfn" (change finger info) or "passwd -f".  By running "chfn" or "passwd -f" you can change your name, phone number, or any other bit of finger information.  Note: Some system administrators disable these commands or options for accounting reasons.

2.)  Modify your .plan file.  The .plan file is a file that is echoed to the screen of the person fingering you.  So one thing you can do is create a .plan full of empty lines (100 or so should do).  This will have the effect of scrolling your finger info off the fingerer's screen.  This works if the person is using a dumb terminal, but useless if he has scrollback on his terminal.  You could link your .plan file to a binary file such as /bin/sh (ln -s /bin/sh .plan).  This will display garbage characters and possibly make noises (wow!) on the fingerer's system.

3.)  If your UNIX system is running GNU Finger (Finger program written at MIT), you can copy the included script into a file called ".fingerrc".  The file ".fingerrc" is executed and output goes to stdout.  This script will:


# Insert your username here

# Create variable to point to file that will hold number of times fingered.

# Increase COUNTFILE by 1
expr `cat $COUNTFILE` + 1 > $COUNTFILE

# Nice message
echo "My privacy has been violated " `cat $COUNTFILE` "times"

# Variable $2 detects remote or local fingerer
case $2 in 
        # Variable $1 is site of fingerer
remote) echo "People from $1 sure are nosey!"
        # Add fingerer site name to file /tmp/.safehouse
        echo $1 > /tmp/.safehouse
        # Finger fingerer's site
		finger @$1 >> /tmp/.safehouse
        # Send mail with reverse finger info
		/usr/ucb/mail -s "REMOTE FINGER!" $UID < /tmp/.safehouse
        # Remove temp file
		rm /tmp/.safehouse
        # Put fingerer site name is list of fingerers that have fingered me
		echo $1 >> /tmp/.spies

       # Who is running finger locally at the time
local) /usr/ucb/w | grep "finger" | cut -d " " -f1 > /tmp/.spy
       # Nicer message
       echo "Hey `cat /tmp/.spy`, stop poking around here!"
       # Time and data stamp for finger mail
       date > /tmp/.revfing
       # Reverse long finger to get fingerer's finger info.
       finger -l `cat /ccs/tmp/.spy` >> /tmp/.revfing
	   # Append to mail file.
       /usr/ucb/mail -s "FINGERED!" $UID  < /tmp/.revfing
       # Remove temp file
       rm /tmp/.revfing
       # Add fingerer name to list of fingerers
       cat /tmp/.spy >> /tmp/.spies
       # Remove temp file
       rm /tmp/.spy;;

Change UID to your username.  Also, you should change /tmp to a directory that is writable by anyone and accessible from any system on your local net.  Also create the file .fingerd in your home directory with a "0" in it:

$ cat > .fingerd

The .fingerrc file and your home directory must have the read and execute permissions set so "others" have access.  The .fingerd file should be writable by "others" also.  This is necessary because GNU Finger is run as user "nobody".

If your system is set up so output is filtered through your .fingerrc, you can set up a series of "grep -v" pipes to filter out any info you do not want the world to see.  Or you can just put "echo" by itself to display nothing.  Another fun thing to do is put "finger -l <USER>" in your .fingerrc.  This will have the effect of people seeing someone else's finger info instead of yours.

Note:  It is possible to create a program that will kill all Finger daemon processes as soon as they are started.  This is due to the fact that since your .fingerrc script is run as user "nobody", all commands in it are run as "nobody", just like the daemon Finger processes.  I urge you not to try this since your local system administrator would get quite mad.

4.)  There are other things you can do to stop or limit the amount of Finger info that goes out, but these require root (highest) access.  As root you can do many things.  Some options are:


Return to $2600 Index