Re: [Full-disclosure] Root password change
- From: Valdis.Kletnieks@xxxxxx
- Date: Fri, 31 Mar 2006 12:20:06 -0500
On Fri, 31 Mar 2006 09:21:13 EST, Michael Holstein said:
Trivial to defeat. Just boot in to single user mode with these kernel
options:
single init=/bin/bash
Again .. only due to initial misconfiguration.
Nobody should allow alternate switches to be passed to the kernel at
boot .. either by password-protecting the bootloader, or via firmware
(as with OpenBoot).
Of course, if you're that paranoid, you *did* configure whatever the machine
uses for a BIOS to only boot off the intended hard drive, right? ;)
(It's amazing how many boxes I've found that forget that step, so a CD and enough
time to hit the RESET button are enough to get you in. And if you have any smarts
at all, you don't even need to hang around at the console after you hit reset.
It's not that hard to get a Knoppix to start an sshd. :)
Attachment:
pgpfjaBlFI23T.pgp
Description: PGP signature
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] Root password change
- From: gboyce
- Re: [Full-disclosure] Root password change
- References:
- [Full-disclosure] Root password change
- From: Mockbee, Tom
- Re: [Full-disclosure] Root password change
- From: Michael Holstein
- Re: [Full-disclosure] Root password change
- From: spam
- Re: [Full-disclosure] Root password change
- From: Kerry Thompson
- Re: [Full-disclosure] Root password change
- From: Gary E. Miller
- Re: [Full-disclosure] Root password change
- From: Michael Holstein
- [Full-disclosure] Root password change
- Prev by Date: Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
- Next by Date: Re: [Full-disclosure] Root password change
- Previous by thread: Re: [Full-disclosure] Root password change
- Next by thread: Re: [Full-disclosure] Root password change
- Index(es):
