[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
lilo-exploit
>From http://www.ilf.net/brotherhood/filez/hacking/lilo-exploit.txt
Anyone tried this?
On most Linux systems root can be obtained with the LD_PRELOAD
environment variable:
1) Download the hacked libc.so.5 that spawns a shell when a call
is made to crypt from http://www.rootshell.com and put it
in a directory that you can remember like -> /var/tmp
2) Reboot the machine and when you see the LILO prompt,
hit the SHIFT key and at the LILO boot: prompt type something like:
LILO boot: linux LD_PRELOAD=/var/tmp/libc.so.5
3) When the Linux system boots, you might see a lot of warnings
and errors - Just ignore them...
4) When you will get to a login prompt,
->If you are using Red Hat Linux, you *must*
log in as a normal user and supply as correct password.
->If you are using Slackware Linux, you can
type in a few random characters for the login and password.
5) At this point, you are now root.
- BeastMaster V
=======================================================================
This method is even easier than the one above
ok, i found the easiest way to change a root passwd on a physically
accessed machine is to apply the boot params "init=/bin/bash rw"
ie if you use lilo, and your image is "linux" try
linux init=/bin/bash rw
this should drop you to a root shell. just edit your passwd file.
and run "sync" before you reboot.
=======================================================================
--
______________________________________________________________________
Stas Bekman mailto:sbekman@iil.intel.com [just another webmaster]
Home Page: http://www.eprotect.com/stas
A must visit: http://www.eprotect.com/stas/TULARC (Java,CGI,PC,Linux)
Linux-il Home: http://www.linux.org.il/