John,
I'll throw a few into the ring (not all linux specific
- just times when I needed to get root on a box where
I didn't have it - all benign):
-I hosed a Solaris install by editing /etc/passwd to
change root's shell. I think I put in /bin/bash (which
didn't exist) instead of /usr/bin/bash. Needless to
say, root logins failed w/ 'no valid shell.' I did the
old mount disk from install cd and overwrite
/etc/passwd - notice this is a case where I had the
root pw but couldn't use it. Everyone's done this
right? (or is it just me).
-At a site that was using Unix Services for Windows,
which synchronizes passwd/shadow files with NT SAMs,
among other things, over the network. Anyhoo, the
process went TU during an update, killing shadow.
Whoops. Luckily, a user was logged in over the
network, and I used a local privilege escalation
exploit to get root back and restore the shadow file
(this actually happened twice, at 2 different sites -
luckily the second site had root logged in at the
console - this is why I'm hesitant to recommend this
product, thought the premise is kinda cool).
-And the most popular, an admin leaves and doesn't
give up the root pw (boring, but common)
Jason
>Aside from blackhat reasons what are some >situations
that require this
>I
>haven't forgotten my password yet but I'm sure >that
has happened. Once
>when very new to linux I had someone work on my >box
and I didn't
>remember them telling me what the password was . >How
many can the
>experienced admins list?
>
>John
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
EuG-LUG mailing list
[EMAIL PROTECTED]
http://mailman.efn.org/cgi-bin/listinfo/eug-lug
