These days I did a presentation in a local event (Poticon 2018). It was about some silly security pranks and I was surprised when I asked about disk encryption and/or grub password and only one person hands up. The majority didn’t use any measure to protect their machines. You may asking why I got so surprised or concerned and the answer is simple: init=/bin/bash into your grub config plus mount -n -o remount,rw /; passwd. Yep, if you got it you know exactly what I meaning. A machine without any protect is completely vulnerable to someone change your root password and worst than that. If you do a fresh install and select you user to be into the adm group or sudo group the password you pick will work for you user do a sudo and become root, but if someone change your root password by falling into /bin/bash from grub you’ll probably never realize that your root passwd changed unless you ssh as root to your machine and, of course, be blocked to get into it.
Archive for November, 2018
Security: the init=/bin/bash trick
Posted in Uncategorized on November 25, 2018| 1 Comment »
Searching here
Archives
- March 2026 (1)
- June 2024 (1)
- August 2022 (1)
- July 2022 (1)
- March 2022 (1)
- November 2020 (1)
- August 2020 (1)
- July 2020 (1)
- January 2019 (1)
- November 2018 (1)
- October 2018 (1)
- August 2018 (2)
- July 2018 (1)
- April 2018 (1)
- March 2018 (1)
- July 2017 (1)
- June 2017 (4)
- May 2017 (2)
- April 2017 (1)
- January 2017 (3)
- December 2016 (2)
- October 2016 (1)
- February 2016 (2)
- August 2015 (3)
- July 2015 (4)
- March 2015 (2)
- February 2015 (1)
- May 2014 (3)
- July 2013 (1)
- May 2013 (1)
- April 2013 (2)
- March 2013 (3)
- December 2012 (3)
- August 2012 (1)
- July 2012 (1)
- June 2012 (1)
- April 2012 (1)
- March 2012 (2)
- February 2012 (3)
- January 2012 (2)
- December 2011 (1)
- November 2011 (3)
- August 2011 (1)
- May 2011 (1)
- April 2011 (7)
- March 2011 (7)
- February 2011 (3)
- January 2011 (1)
- December 2010 (2)
- November 2010 (5)
- May 2010 (1)
- December 2009 (1)
- November 2009 (1)
- October 2009 (4)
- July 2009 (3)
- June 2009 (2)
- May 2009 (1)
- April 2009 (1)
- February 2009 (1)
- December 2008 (8)
- July 2008 (1)
- June 2008 (1)
- May 2008 (3)
Categories
- android (3)
- bash (2)
- C/C++ (10)
- dicas (14)
- docker (1)
- Dot (1)
- Fowards (1)
- Gnome (3)
- GLib (1)
- Gtk (4)
- informativos (43)
- JavaScript (2)
- Kernel (2)
- Manutenção do Pc (2)
- MySql (1)
- O universo e tudo mais (1)
- Opera (2)
- extensions (1)
- PHP (3)
- PHP-Gtk2 (2)
- portuguese (2)
- PySide (2)
- Python (25)
- Qt (4)
- Rhythmbox (4)
- sailfishOs (1)
- Seed (1)
- Sistemas multiagentes (1)
- Sistemas Operacionais (1)
- Software Livre (2)
- ssh (1)
- tips (8)
- Uncategorized (45)
- Animação 3D (2)
- unix (14)
- linux (11)
- file system (case-insensitive) (1)
- ubuntu (7)
- linux (11)
- vim (2)
del.icio.us/kirotawa
Recent Comments
-
Core code by corecode.worpress.com is licensed under a Creative Commons Attribution-Noncommercial 2.5 Brazil License.
Core Code 