Potential Hack in sudo?

Steve smorrey at gmail.com
Sat Apr 14 23:55:03 MDT 2007


You know I didn't put that much thought into it, but I think I guess
it counts as a semi-vulnerability for any OS that has a sudo'rs group.
It's also not ubuntu, it's just an old gentoo box, I dragged out of the garage.
AFAIK ubuntu has no root account, so the "hack" would be essentially pointless.

This isn't really supposed to be a vulnerability report, I'm just
posting a quick FYI on how I just rooted my own box, in case anyone
else ever runs into a similar need :)

Anyways try it on your own box and see if it works.

On 4/14/07, Michael Torrie <torriem at chem.byu.edu> wrote:
> On Sat, 2007-04-14 at 23:35 -0600, Steve wrote:
> > Hey there everyone,
> > I don't know if this is useful or not, but I just fired up an old
> > linux box that I had forgotten the root password for.
> > Fortunately I was able to remember my user password.
> > Once I logged in I tried to su, but that failed because I couldn't
> > remember the root password (duh!), so I tried to sudo but that failed
> > as well.
>
> Hmm.  Is this an ubuntu-specific vulnerability/hack?  What exactly does
> this doe?  Are you implying anyone can get local root?
>
> >
> > Finally out of desperation I tried this,
> >
> > touch ~/.sudo_as_admin_successful
> > sudo /bin/bash
> > su root
> > passwd "mynewpassword"
> >
> > And it worked!
> >
> > I don't think there is much danger in this, but if you ever lose your
> > root passwd for whatever reason it's nice to know that this neat
> > little trick appears to work (well at least for me)
> >
> > Regards,
> >
> > /*
> > PLUG: http://plug.org, #utah on irc.freenode.net
> > Unsubscribe: http://plug.org/mailman/options/plug
> > Don't fear the penguin.
> > */
> >
>
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>



More information about the PLUG mailing list