Security Basics mailing list archives
RE: Root account desactivated
From: "Burton M. Strauss III" <BStrauss () acm org>
Date: Fri, 12 Mar 2004 11:27:35 -0600
How about something so simple, you're going to smack your head and scream D'oh??? Boot using a CD distro (e.g. Knoppix), mount the disk and edit the file... Now, if you can't reboot the box (although with the root password, I can't imagine why not) let's see - all of the usual privledge escalation attacks. ... Can you replace /sbin/nologin with a ln to bash? ... Any interesting commands available to you via sudo? etc. But me - I'd reboot using Knoppix and be done with it. -----Burton
-----Original Message----- From: MARTIN M. Bénoni [mailto:benoni_martin () hotmail com] Sent: Thursday, March 11, 2004 8:48 AM To: security-basics () securityfocus com Subject: Root account desactivated Hi community! I have a really stupid trouble: on a Redhat 9.0, the line matching the root account in the file /etc/passwd has been changed from ".../bin/bash" to ".../sbin/nologin". We have the root password, but when performing a "su" command, the system replies that the account is not currently available. So the question is: how from an user's account and knowing the root's password but having the root account disabled can we reactivate this root's account? Any suggestion would be appreciated, I do not want to reinstall the box :( Thanks a lot in advance! _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus ------------------------------------------------------------------ --------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------ ----------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: Root account desactivated, (continued)
- Re: Root account desactivated Ansgar -59cobalt- Wiechers (Mar 12)
- Re: Root account desactivated Paul Mohr (Mar 12)
- Re: Root account desactivated mike (Mar 12)
- Re: Root account desactivated Adam Brewster (Mar 12)
- Re: Root account desactivated Torry Crass (Mar 12)
- Re: Root account desactivated Leif Ericksen (Mar 12)
- Re: Root account desactivated Suramya Tomar (Mar 12)
- Re: Root account desactivated Mike Dresser (Mar 12)
- Re: Root account desactivated Andreas (Mar 12)
- Re: Root account desactivated Andreas (Mar 12)
- RE: Root account desactivated Burton M. Strauss III (Mar 12)
- RE: Root account desactivated Harshul Nayak (Mar 12)
- FW: Root account desactivated Jimmy Godbout (Mar 12)
- Re: FW: Root account desactivated Iván Eguiguren (Mar 17)