Friday, August 18, 2006

BusyBox simplifies embedded Linux systems:

"BusyBox is a single executable implementation of many standard Linux® utilities. BusyBox contains simple utilities, such as cat and echo, as well as larger, more complex tools, such as grep, find, mount, and telnet (albeit, with fewer options than the traditional version); some refer to BusyBox as the Swiss Army knife of utilities."




This utility came in handy once, when a box got compromised. A rootkit had been installed. I needed to see various configuration settings on the compromised box, while setting up the new box on a separate machine. The normal utilities such as ls and cat, were being appended to by the rootkit, which in turn would cause the executable to segfault. Busybox was an executable not known by the root kit, and I was able to use it for most commands that I wanted to run. Ofcourse the compromised box was offline, and I had already determined how the hacker got in.

Unfortunately this was a box that didn't have a backup of its configuration. I made sure all my systems configuration was backed up after this!