Trivial to defeat. Just boot in to single user mode with these kernel
options:
single init=/bin/bash
Again .. only due to initial misconfiguration.
Nobody should allow alternate switches to be passed to the kernel at
boot .. either by password-protecting the bootloader, or via
On Fri, 31 Mar 2006 09:21:13 EST, Michael Holstein said:
Trivial to defeat. Just boot in to single user mode with these kernel
options:
single init=/bin/bash
Again .. only due to initial misconfiguration.
Nobody should allow alternate switches to be passed to the kernel at
boot
On Fri, 31 Mar 2006, [EMAIL PROTECTED] wrote:
On Fri, 31 Mar 2006 09:21:13 EST, Michael Holstein said:
Trivial to defeat. Just boot in to single user mode with these kernel
options:
single init=/bin/bash
Again .. only due to initial misconfiguration.
Nobody should allow alternate
On Fri, 31 Mar 2006 12:33:28 EST, gboyce said:
In which case the person needs to remove the hard drive, and put it into a
different system for the modifications (or mirroring).
Time constraints. The amount of time needed to pop in a disk and hit reboot
is (or should be, in this case) a lot
On Fri, 31 Mar 2006, [EMAIL PROTECTED] wrote:
On Fri, 31 Mar 2006 12:33:28 EST, gboyce said:
In which case the person needs to remove the hard drive, and put it into a
different system for the modifications (or mirroring).
Time constraints. The amount of time needed to pop in a disk and
I am logged in as a regular user but have root permission in
the tmp directory through a different shell. I am stuck as to what is my next
move to be able to change the root users password to one I know. Any help?
Tom
___
Full-Disclosure
if you're chrooted under /tmp (as it sounds from your email) you're out
of luck, unless you have a way to escape the chroot due to a
misconfiguration of that environment in the first place.
Easiest way to reset a lost UNIX password is boot from a live CD (eg:
knoppix) .. mount the / partition
Isn't it easier to boot into single user mode and reset the password? It
doesn't require you to load the live CD which is one less step.
depends on if they setup 'console' as insecure or not in /etc/ttys.
~Mike.
___
Full-Disclosure - We believe in
Michael Holstein wrote:
Isn't it easier to boot into single user mode and reset the password? It
doesn't require you to load the live CD which is one less step.
depends on if they setup 'console' as insecure or not in /etc/ttys.
Setuid script on /tmp?
Given that /tmp isn't mounted with
Michael Holstein wrote:
Easiest way to reset a lost UNIX password is boot from a live CD
(eg: knoppix) .. mount the / partition of your hard drive (eg: mnt -t
ext2 /dev/hda1 /mnt) then do chroot /mnt and execute passwd root
from in there.
Isn't it easier to boot into single user mode and
spam said:
Isn't it easier to boot into single user mode and reset the password? It
doesn't require you to load the live CD which is one less step.
Most *nix systems these days require you to enter the root password before
giving you a shell in single user mode. I guess its a security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Kerry!
On Fri, 31 Mar 2006, Kerry Thompson wrote:
Most *nix systems these days require you to enter the root password before
giving you a shell in single user mode.
Trivial to defeat. Just boot in to single user mode with these kernel
12 matches
Mail list logo