lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sat Jul 16 21:00:20 2005
From: als at thangorodrim.de (als@...ngorodrim.de)
Subject: Rooting Linux with a floppy

On Thu, Jul 14, 2005 at 04:23:31PM -0800, Sumy wrote:
> You have lost your root password on your linux box and now you
> consider formatting
> everythign to regain control? Your admin is a moron that leaves the
> server available
> physically for everybody? You wanna test your Linux box? Don't worry
> if you have at least
> a floppy rescue disk under hand,you can root it ;-) )
> 
> The problem with the new version of Linux since 6.2 is :
> http://www.exploitx.com/69/rooting-linux-with-a-floppy/

*yawn*

This was old news 10 years ago.

Unless you are facing a very special setup (for instance crypto disks 
even for system installation), you can easily take over most UNIX systems
if you are able to boot from a medium of your choice.

That's why physical security is important too.

As a rule: You usually can take control of any system provided you have
sufficient physical access to it. 

BTW: there are plenty of errors and omissions in the web page
     advertised by you.

Regards,
      Alex.
-- 
"Opportunity is missed by most people because it is dressed in overalls and
 looks like work."                                      -- Thomas A. Edison

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ