More than one year ago, I've read an article about how someone hacked into DNS servers because they weren't maintained anymore (see The Journey to Hijacking a Country's TLD). In this post, the author mentions a protocol that almost disappeared, except on the computers he hacked into (which are old and unmaintained). That intrigued me, so I wanted to know a little more.
In the first edition of UNIX, published in 1971, in order to find out who was currently logged in and active, you would use who. However, if you wanted to know when someone you wanted to meet was available, last time he was seen, where they currently are, and so on, this program wasn't very convenient.
To solve this problem, Les Earnest invented a program named “finger”, which came with a protocol which has been standardized for the first time in 1977 in RFC 742 by Ken Harrenstien, and uses the tcp/79 port. This RFC evolved a few times up to 1991 in RFC 1288 while the protocol was progressively being abandoned.
Nowadays, under Manjaro Linux, the finger utility can be found in the netkit-bsd-finger package. Very few Finger servers you can interact with are available, but finger also allows to make local requests to get results such as this one (with a customized .plan file):
Login: cake Name: Thomas Touhey
Directory: /home/cake Shell: /bin/zsh
Office: 0621612972, 016-943-9574
On since Mon Jan 8 13:17 (CET) on tty7 from :0
52 minutes 26 seconds idle
No mail.
Plan:
__ _ _
/ _(_)_ __ __ _ ___ _ __ __| |
| |_| | '_ \ / _` |/ _ \ '__/ _` |
| _| | | | | (_| | __/ | | (_| |
|_| |_|_| |_|\__, |\___|_| \__,_|
yet another |___/ finger daemon
Find out more about the project on
https://forge.touhey.org/fingerd.git
Here are the ways you can use the utility:
- finger
Requests a list of logged-in local users.
- finger user
Requests details about local users having user in their name.
- finger @host
Requests a list of logged-in users to the host host (some examples for hosts are localhost or touhey.fr);
- finger user@host
Requests details about users having user in their name to the host host.
- finger <…>@hehe@host
Requests from host to transmit a query to the hehe host (nowadays' Finger servers will refuse to comply to that request).
These commands' outputs, as for whois, have an irregular format as they were thought to be read by humans from the start; in the case of a distant request, the utility will directly show you the server's output.
As a challenge, I started making a server a server implementing this protocol. I chose Python, my favourite scripting language, and run the fingerd project last year. I work on it at an irregular rate.
cake@68 :: fingerd/public » python -m fingerd &
Starting fingerd on [127.0.0.1]:3999.
Starting fingerd on [::1]:3999.
cake@68 :: fingerd/public » finger @localhost
[localhost]
[127.0.0.1] list connected users.
Site: TOUHEY.FR
Command line:
Login Name TTY Idle Login Time Office
john Johnny Boy ttyS2 =TODO= =TODO= Rob's office
cake@68 :: fingerd/public » kill -INT %1
Stopping fingerd on [::1]:3999.
Stopping fingerd on [127.0.0.1]:3999.
The project is still a work in progress, but I've already implemented the protocol management (with the socketserver module), decomposed the problem into several objects, which are the server itself, the interface with the rest of the system which gets the user information, the displayer which produces the output, and the logger which logs the requests.
The fact that I've done interfaces gave me an idea which is already made in part: I wanted to make a fiction interface, which allows you to script user creations, editions, deletions, logins, logouts, working directory and shell changes, and so on, in order to tell a story. The protocol wasn't thought out to tell stories, but to organize meetings, so that would be like watching a theatre play though a keyhole. But why not?
Anyway, I'll continue this project at the same irregular rate as today, and who knows, one day, finger @touhey.fr might tell you something interesting!