[TUHS] shell escapes in utilities
Grant Taylor via TUHS
tuhs at tuhs.org
Wed Aug 2 13:01:05 AEST 2023
On 8/1/23 1:55 PM, Niklas Karlsson wrote:
> What you did with that RS/6000 sounds roughly equivalent to booting
> a modern Linux box in single-user mode, where you can also set the
> root password to anything you like.
I think that's *HIGHLY* dependent on the distribution. Some systems
make it harder than others to get into single user mode. I feel like
"sulogin" comes into play here.
The thing that I used to do is append "init=/bin/sh" to the GRUB boot
line via the transient editor. Drops you at a shell and bypasses almost
all of the startup scripts. Obviously there are ways to secure against
this. But, again, it depends on the distro.
Grant. . . .
More information about the TUHS
mailing list