Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Bypass grub edit protection password
From: Shohn Trojacek <trojacek () gmail com>
Date: Thu, 9 Feb 2012 12:52:23 -0600

It may have some sort of dial home capability - listen to outbound
traffic when it first fires up and see what it tries to talk to. Then
you could possibly act as a bit of a middle man.

Shohn

On Thu, Feb 9, 2012 at 3:26 AM, Nik <foringer () gmail com> wrote:
Hello list!

I'm doing a physical pentest of the blackbox network security device
and need your help in it :).

Device is a hardware protected linux box with serail and ethernet
ports available. It is running on Intel platform.

Conditions of the testing is that I need to receive privilege (root)
access to the box, but I cannot open it and get direct access to the
hard drives.

Form the serial connection, while booting I've got information that it
is running CentOS 4.1. I can select different kernels while the system
in grub menu, but I cannot enter edit mode, because it is password
protected. After selecting anything from grub menu the system boots,
but the output to the serial console terminates.

I've tried to boot device from CD-ROM live cd and USB flash, but has
not success with it - the first boot device in BIOS is internal
harddrive.

While booting I cannot enter BIOS setup - do not know why - the F2 key
simple does not work!

So thats the story, I'm stack now and need your help very much. Thank
you in advanced....

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]