Potential Hack in sudo?
smorrey at gmail.com
Sat Apr 14 23:55:03 MDT 2007
You know I didn't put that much thought into it, but I think I guess
it counts as a semi-vulnerability for any OS that has a sudo'rs group.
It's also not ubuntu, it's just an old gentoo box, I dragged out of the garage.
AFAIK ubuntu has no root account, so the "hack" would be essentially pointless.
This isn't really supposed to be a vulnerability report, I'm just
posting a quick FYI on how I just rooted my own box, in case anyone
else ever runs into a similar need :)
Anyways try it on your own box and see if it works.
On 4/14/07, Michael Torrie <torriem at chem.byu.edu> wrote:
> On Sat, 2007-04-14 at 23:35 -0600, Steve wrote:
> > Hey there everyone,
> > I don't know if this is useful or not, but I just fired up an old
> > linux box that I had forgotten the root password for.
> > Fortunately I was able to remember my user password.
> > Once I logged in I tried to su, but that failed because I couldn't
> > remember the root password (duh!), so I tried to sudo but that failed
> > as well.
> Hmm. Is this an ubuntu-specific vulnerability/hack? What exactly does
> this doe? Are you implying anyone can get local root?
> > Finally out of desperation I tried this,
> > touch ~/.sudo_as_admin_successful
> > sudo /bin/bash
> > su root
> > passwd "mynewpassword"
> > And it worked!
> > I don't think there is much danger in this, but if you ever lose your
> > root passwd for whatever reason it's nice to know that this neat
> > little trick appears to work (well at least for me)
> > Regards,
> > /*
> > PLUG: http://plug.org, #utah on irc.freenode.net
> > Unsubscribe: http://plug.org/mailman/options/plug
> > Don't fear the penguin.
> > */
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
More information about the PLUG