A few days ago, while digging through an old backup drive labeled “random_2007,” I found it. A single .zip file with a name that felt like a time capsule: command-grab-lnx-v1-1.zip .
But somewhere, on some forgotten IRC log or Slashdot thread from 2004, someone probably said: “Check out this command grabber I made. Works great on my colo box.”
That’s why the zip file died out by v2.0. Real monitoring tools (Nagios, Zabbix, SNMP) won. And thank goodness. command-grab-lnx-v1-1.zip
Now you know. Have you ever found a weird binary from the early 2000s? Share your story in the comments—or better yet, tell me you still run UDP grabbers in production. I won’t judge. Much.
You’d deploy the grabber on your own machines. A tiny cron job would nc -u a query packet to port 31337, and the grabber would whisper back the system state. No SSH overhead. No passwords. Just UDP and a custom protocol. A few days ago, while digging through an
You’ll hear the ghost of 2004 whisper back: ps aux . I never found the original author, tty0n1n3. The domain in the binary is dead. The email address bounces.
It was elegant. It was also terrifyingly insecure. Here’s the kicker: v1.1 had no authentication . Any packet to port 31337 would trigger the grab. If you ran this on a public server, anyone on the network could ask, “Hey, what commands are running right now?” Works great on my colo box
command-grab solved a simple problem: “I want to see the live command history and process list of a remote box without logging in every 10 seconds.”
But in 2004, on a trusted LAN? People used this. I know, because I found a second file in the zip: grabber.conf with a single line:
So what did it do?