In your first hexdump, this is what those values represent:
00013 = id of the device the tty is on
34816 = device id of the tty file
00003 = inode of the tty file
01000 = uid of the tty file
00005 = gid of the tty file
31291 = sid
The id of the device the tty is on is known. So is the uid and gid.
The device id of the tty file can be found in auth.log.
So that leaves the inode of the tty file and the sid.
You need to be able to open a new tty and hit the same tty number, the same sid and the same inode, and you need to do it blindly without knowing in advance what the inode and the sid were.
Hi Mark,
In your first hexdump, this is what those values represent:
00013 = id of the device the tty is on
34816 = device id of the tty file
00003 = inode of the tty file
01000 = uid of the tty file
00005 = gid of the tty file
31291 = sid
The id of the device the tty is on is known. So is the uid and gid.
The device id of the tty file can be found in auth.log.
So that leaves the inode of the tty file and the sid.
You need to be able to open a new tty and hit the same tty number, the same sid and the same inode, and you need to do it blindly without knowing in advance what the inode and the sid were.