Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bypassing GRUB and LILO passwords with a live CD


  • Please log in to reply
2 replies to this topic

#1 DnDer

DnDer

  • Members
  • 646 posts
  • OFFLINE
  •  
  • Local time:12:05 PM

Posted 05 March 2009 - 09:10 AM

I'm learning how to secure a linux workstation. One of the suggestions I've come across was to set a BIOS/boot password using GRUB or LILO, whichever your particular distro uses.

My linux guru friend told me that using a live CD will bypass this protection, which puzzled me. If you set a password to go through the boot sequence, how do you do something *before* you boot? What's the science behind that?

BC AdBot (Login to Remove)

 


#2 madman6510

madman6510

  • Members
  • 384 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:05 PM

Posted 05 March 2009 - 05:10 PM

Setting a password on the bootloader only requires a password if you're booting from the hard drive, if you're not (like booting from the CD), then the computer will not read the hard drive's bootloader, and won't ask for a password.

#3 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:05 PM

Posted 05 March 2009 - 05:43 PM

Two different things here. Some BIOS's offer a "boot" password.
Start up will not continue without this password, including entering
the BIOS. LiveCD does not bypass this.
Grub/Lilo password protects the "bootloader", preventing
access to the Operating System and protecting the boot options from
being changed. Ex: edit Grub and append "1", "s", "single" and the
system is booted into "maintenance"/"single user" mode as root.
Game Over! :thumbsup:
LiveCD will bypass this.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users