It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Hack into a Linux computer just by pressing backspace 28 times!

page: 1
15

log in

join
share:

posted on Dec, 18 2015 @ 04:45 AM
link   



So what would anyone need to bypass password protection on your computer?

It just needs to hit the backspace key 28 times, for at least the computer running Linux operating system.

Wait, what?

A pair of security researchers from the University of Valencia have uncovered a bizarre bug in several distributions of Linux that could allow anyone to bypass any kind of authentication during boot-up just by pressing backspace key 28 times.


This time, the issue is neither in a kernel nor in an operating system itself, but rather the vulnerability actually resides in Grub2, the popular Grand Unified Bootloader, which is used by most Linux systems to boot the operating system when the PC starts.

Also Read: GPU-based Linux Rootkit and Keylogger.

The source of the vulnerability is nothing but an integer underflow fault that was introduced with single commit in Grub version 1.98 (December 2009) – b391bdb2f2c5ccf29da66cecdbfb7566656a704d – affecting the grub_password_get() function.

Here's How to Exploit the Linux Vulnerability

If your computer system is vulnerable to this bug:

Just hit the backspace key 28 times at the Grub username prompt during power-up. This will open a "Grub rescue shell" under Grub2 versions 1.98 to version 2.02.

This rescue shell allows unauthenticated access to a computer and the ability to load another environment.

From this shell, an attacker could gain access to all the data on your computer, and can misuse it to steal or delete all the data, or install persistent malware or rootkit, according to researchers Ismael Ripoll and Hector Marco, who published their research on Tuesday.


Source

And here I was thinking that Linux was ohh so secure. Well it really is. This "hack" requires physical presence at your computer, and its a bug in the GRUB loader.

Visit the site on how to update and fix this bug.



posted on Dec, 18 2015 @ 04:53 AM
link   
I can now call myself an L33T Hacker, and this time I can prove it! thank you Linux!

I always wonder how obvious, simplistic, and major issues like this ever originate in the first place?



posted on Dec, 18 2015 @ 04:55 AM
link   
Theres loads of bugs found in Linux and for exploitation it would of required someone to of set a boot time password which by itself doesn't provide much more security as you can just mount the volume on another system and read away but will stop your younger brother etc but is pretty much meh for anything decent.



posted on Dec, 18 2015 @ 04:56 AM
link   
that is hilarious!

getting these updated will be no easy task,

but, thinking about it, you would still need some sort of credentials to restart the thing remotly, or physical access to hit the button, either way, there already in

this looks like a backdoor way in that the developers missed taking out

good find though



posted on Dec, 18 2015 @ 05:19 AM
link   
a reply to: kloejen

If you have physical access to the computer then hacking in is easy (about 99.9% of the time). Just get a bootable DVD from a Linux magazine and boot from that. It will load whatever flavour of Linux is on the disk and it will mount the harddrive as a readable disk. The only thing you can't read is encrypted data.

If the computer has been set to boot from the harddisk as step 1 then modify the boot order! If you don't know which F key to press then just keep re-booting and re-trying. There's usually a hint from a power on boot.

PS. This works for windows PC's as well as Linux.
edit on 18/12/2015 by yorkshirelad because: PS



posted on Dec, 18 2015 @ 05:43 AM
link   
a reply to: yorkshirelad

Yea, any bootable USB-key would also do the trick. And that goes for every OS out there.

This "security flaw", is not that serious imho, since it requires physical access to the computer. It's merely a weird bug. "Integer underflow" - and its easy to fix


Not unlike the Windows NT login failure back in the days. (Using the tooltip to bypass password)
link to GIF

As mentioned, encrypting your data, will keep it safe.



posted on Dec, 18 2015 @ 05:47 AM
link   
The historical past w/linux...update ((lack thereof )) 3rd party apps FTP & snmp did they fix that on wireless?

Anyway AT least the user has to be there ... unless of course. ....

Oh NV..

Good find Kloe!!

SF



posted on Dec, 18 2015 @ 06:03 AM
link   
is this no a bug rather than and true hack?



posted on Dec, 18 2015 @ 06:49 AM
link   
It is very easy to change the root password during Linux boot up on a RHEL, CentOS or Fedora distros anyway.

If you have an encrypted Linux file system, it does not work and neither does using a USB during boot or placing the HDD in another PC.




edit on 18-12-2015 by deliberator because: (no reason given)



posted on Dec, 18 2015 @ 06:56 AM
link   
Wow. This simple bug has been in the OS since 2009! Open source code is supposed to be more secure because there are more eyes looking at the code. Apparently this one slipped by everybody for quite a while.

WRT booting up a computer with something other than the HDD, boot order can be configured in the BIOS and then the BIOS can be password protected. You can still get passed this however, but you need to get into the case and work the magic BIOS reset procedure. But this is not always obvious.

-dex



posted on Dec, 18 2015 @ 07:26 AM
link   

originally posted by: OtherSideOfTheCoin
is this no a bug rather than and true hack?


Its more of a bug than anything else, probably no ones bothered to look at the code too hard for ages and as such its not had the same viewover as stuff like the SSL libs etc

The problem is that with open source code there is so much and it changes so often it gets a bit silly and the moment you seem to get two dev's who disagree you get a code forking and it makes it even harder to check the code out.



posted on Dec, 18 2015 @ 07:35 AM
link   
Let's put this in perspective for a minute...

This has been around since 2009. Most systems that are designed to be more secure typically have Linux at the helm, including cloud providers.

Who is to say that this hack hasn't been known about since 2009 and that a majority of data breaches aren't simply related to this one hack?

For all anyone knows, this may have been hackers' best kept secret. I'm sure there will be a new round of attacks by people just looking to exploit the laziness and lack of information in companies that don't stay up on news like this.

I'd expect this to get worse before it gets better.

~Namaste



posted on Dec, 18 2015 @ 08:13 AM
link   
a reply to: kloejen

Security is all relative.

if a linux server is in a secure data center. well then this hack would not work.

No system is 100% secure. If an attacker wants to get in. they will get in. It's just a matter of time and effort.



posted on Dec, 18 2015 @ 08:35 AM
link   
a reply to: SonOfTheLawOfOne

This requires physical access to the machine at boot time so makes it very much a limited opportunity vector, remote control vectors are what they're looking for not something that if you're lucky and they've stuck a password on a system i can boot my own system and grab all your files as its rather as much luck as pushing front doors at night hoping.



posted on Dec, 18 2015 @ 09:02 AM
link   
and unlike windows now that it has been discovered the problem will be resolved in a timely manner
this is why open source is awesome
millions of prying eyes looking for any tiny little cracks
and millions of hands to fill them in when found



posted on Dec, 18 2015 @ 09:14 AM
link   
a reply to: Maxatoria

that requires a fairly long time frame of physical access to the device
so somebody is physically in your house or place of business (etc)
youve got bigger fish to fry



posted on Dec, 18 2015 @ 10:18 AM
link   
If I understand it correctly then attacker need "physical access".
Many HW servers are equipped with KVM/IPMI and this hack may be working this way.
Some VM hostings provides console access, so such machines are probably also vulnerable.
So potential of this exploit is relatively huge, still limited.
Patch for Grub is trivial and maybe is available right now for your distro.



posted on Dec, 18 2015 @ 01:25 PM
link   
I'm running Ubuntu Gnome 15.10. I tried rebooting and hitting the backspace key 28 times when the login came up. It didn't work, thank goodness for that.



posted on Dec, 18 2015 @ 01:38 PM
link   
Did you boot into text mode or were you using the GUI login?


edit on 18-12-2015 by deliberator because: (no reason given)



posted on Dec, 18 2015 @ 06:49 PM
link   
It doesn't work on Lubuntu 14.04 either.

Update: it seems like it was patched on 15Dec2015, the day before the THN article was published
edit on 18-12-2015 by xianligen because: added patch history



new topics

top topics



 
15

log in

join