Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: password backdoors
From: cmcurtin () clipper cb att com (cmcurtin () clipper cb att com)
Date: Thu, 11 May 1995 00:53:21 -0400


On May 10,  9:15pm, System Admin wrote:

Can anyone enlighten me further into how this would be
done and if such back doors exist in other operating
systems.

Exploitation of back doors usually isn't necessary. Hopefully, any such
weaknesses have been turned off. In any case...

A number of ways exist to regain root if you have physical access to the
machine. The easiest is usually to boot the system from the install
media (CD, tape, etc), and once the system is up and running, go into a
maintenance shell (miniroot, whatever). Just get a root prompt...

Once you've got this, you should be able to mount the disk that your
password file lives on, and then edit the password file to delete the
encypted password. Save your changes, and boot normally. Login as root,
which will then have no password. Ta-da.

-- 
C Matthew Curtin
AT&T Bell Labs - Internet Gateway Group            cmcurtin () clipper cb att com



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]