Re: root password forgotten
On Sat, 2002-01-26 at 03:03, Sean 'Shaleh' Perry wrote:
>
> On 25-Jan-2002 Michael Jinks wrote:
> > One thing you can do: hold left shift during boot to get a prompt, and
> > at the "LILO:" prompt enter "Linux init=/bin/sh" (possibly replacing
> > "Linux" with another image name if your box doesn't have the default).
> >
> > The root fs will come up read-only. To be able to mount other
> > filesystems and otherwise bring the box to a usable state,
> >
> > mount -o rw,remount /
> >
>
> (lower case 'linux init=/bin/sh' usually)
Wow, I kind of knew there were ways to gain root access or even find out
the root password quite easily, but that's really really easy...
On every standard Debian install, anybody can gain the root password
within minutes (given the attacker has phyiscal access to the box):
1) Issue "linux init=/bin/sh" on the lilo promt
2) Use john to crack the root password
Should be pretty transparent and thus hard to trace...
I just discussed that on #debian with some other guy - and I do have an
idea:
Couldn't one add some debconf questions (and infos) to the lilo deb that
ask the user whether lilo should be password protected ? And at the same
time inform the user that if he'd want a secure system he'd better
password protect the bios and disable all boot methods except hdd.
Sure, there are ton's of breakins and every sane sysadmin should know,
but then again, i am sure that there are tons of boxes that should be
protected and are not - and maybe such a little debconf question would
help.
What do others think about that? Should I file a whishlist bug on lilo?
regards,
Andreas
--
Just because I am paranoid doesn't mean they are not behind me!
Reply to: