lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <200507151523.17384.harry@cc.kuleuven.ac.be>
Date: Fri Jul 15 14:53:09 2005
From: harry at cc.kuleuven.ac.be (Harry de Grote)
Subject: Rooting Linux with a floppy

On Friday 15 July 2005 02:23, Sumy wrote:
> You have lost your root password on your linux box and now you
> consider formatting
> everythign to regain control? Your admin is a moron that leaves the
> server available
> physically for everybody? You wanna test your Linux box? Don't worry
> if you have at least
> a floppy rescue disk under hand,you can root it ;-) )
>
> The problem with the new version of Linux since 6.2 is :
> http://www.exploitx.com/69/rooting-linux-with-a-floppy/

lol... linux 6.2 , i must be an idiot... i'm still running an ancient 2.6.12 
kernel!

but one good thing, i don't think i'm vulnerable, i don't have a floppy drive! 
(thank god, i thought i would need an upgrade!)

btw. how about this rooting technique: i remove the disk from the system, put 
it in another system, start that system (with another os off course) mount 
rootfs, chroot there and CLEAR the passwd!

damn... this is so stupid, it MUST be a joke ;)

ps. this actually works :pppppppp

-- 
harry
aka Rik Bobbaers
ps. this is NOT a serious mail, please don't read! ;)

K.U.Leuven - LUDIT          -=- Tel: +32 485 52 71 50
Rik.Bobbaers@...kuleuven.be -=- http://harry.ulyssis.org

Disclaimer:
By sending an email to ANY of my addresses you are agreeing that:
  1. I am by definition, "the intended recipient"
  2. All information in the email is mine to do with as I see fit and make 
such financial profit, political mileage, or good joke as it lends itself to. 
In particular, I may quote it on usenet.
  3. I may take the contents as representing the views of your company.
  4. This overrides any disclaimer or statement of confidentiality that may be 
included on your message.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ