[NCLUG] Hacking in as root
Benson Chow
blc at q.dyndns.org
Fri Feb 23 08:54:00 MST 2001
I believe at least rh7 made init ask for a password to get into single
user mode now. So passing "single" to linux is not sufficient anymore to
get a rootprompt. Burned me a few times trying to recover a sick system.
Not to say in the least this can't be worked around. Setting your init to
something else, say, bash, will do the trick too.
LILO: linux init=/bin/bash
You will need to reset some control settings but this will get you a
command prompt pretty quickly. From here on, it's in the rootkit, if
you're really going to do something, you already know what to do :)
-bc (once-lilo, now grub user...)
P.S. To thwart this attempt (again, physical security is needed, not this
workaround) is to man lilo and look at the "password=" and "restricted"
options. Lilo can always be worked around with a boot disk...
On Thu, 22 Feb 2001, R P Herrold wrote:
> Date: Thu, 22 Feb 2001 23:49:28 -0500 (EST)
> From: R P Herrold <herrold at owlriver.com>
> Reply-To: nclug at nclug.org
> To: Matt Taggart <taggart at carmen.fc.hp.com>
> Cc: nclug at nclug.org
> Subject: Re: [NCLUG] Hacking in as root
>
> On Thu, 22 Feb 2001, Matt Taggart wrote:
>
> > > Does anyone have a link on how to hack in as root though single user mode?
> >
> > IIRC single user mode still requires a login. If you want to reset the root
> > passwd boot off a rescue disk, mount the disk, and edit /etc/passwd(or shadow).
>
> ... depends on the setup -- absent a lilo password, typing:
>
> lilo: linux single
>
> will yield a root prompt without a password
>
> The other comments about other ways in, and physical security
> are correct as well.
>
> -- Russ Herrold
>
>
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
>
More information about the NCLUG
mailing list