Next thing ya know he will publish a disclosure on the default password being toor. On Apr 24, 2012 7:41 AM, "Urlan" <[email protected]> wrote:
> It makes me laugh! hahahaha > > 2012/4/24 Gage Bystrom <[email protected]> > >> *sigh* vulnerability reports like this make me sad. >> On Apr 24, 2012 5:50 AM, "Григорий Братислава" <[email protected]> >> wrote: >> >>> Is good evening. I is would like to warn you about is vulnerability in >>> Backtrack is all version. >>> >>> Backtrack Linux is penetration tester is system. Is come complete with >>> tool for to make hacking for penetration tester. >>> >>> In is booting Backtrack, vulnerability exist in booting for when start >>> if attacker is edit grub, attacker can bypass restricted user and is >>> boot into admin account. E.g.: >>> >>> grub edit > kernel /boom/vmlinuz-2.3.11.7 root=/dev/sda1 ro Single >>> [ENTER] >>> grub edit > b >>> # mount -t proc proc /proc >>> # mount -o remount,rw / >>> # passwd >>> [ENTER IS ANYTHING YOU WANT] >>> # sync >>> # reboot >>> >>> I is will make this into video for bypassing security in Backtrack for >>> to post on InfoSecInstitute >>> >>> -- >>> >>> `Wherever I is go - there am I routed` >>> >>
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
