Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hacking


  • Please log in to reply
40 replies to this topic

#1 tealover

tealover

  • Members
  • 174 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chester, UK
  • Local time:11:54 AM

Posted 17 December 2015 - 03:54 PM

Here's a gem for all linux hactivists.

 

http://motherboard.vice.com/read/hack-into-a-linux-computer-by-hitting-the-backspace-28-times?utm_source=howtogeek&utm_medium=email&utm_campaign=newsletter

 

 



BC AdBot (Login to Remove)

 


#2 TheJokerz

TheJokerz

  • Members
  • 286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:06:54 AM

Posted 17 December 2015 - 04:00 PM

Interesting!  Good read!


utl8q0-5.png


#3 Guest_hollowface_*

Guest_hollowface_*

  • Guests
  • OFFLINE
  •  

Posted 17 December 2015 - 04:17 PM

There must be more steps to it than they are saying in the article. I just tried this on Lubuntu 14.04 from the login screen, from the terminal login screen, during the boot process, and from the Grub boot-manager sreen. It didn't work.

 

EDIT: To clarify, I've not installed the patch mentioned below by others. This installation hasn't been updated since it was setup ages ago.


Edited by hollowface, 17 December 2015 - 04:48 PM.


#4 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,904 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia

Posted 17 December 2015 - 04:19 PM

Patched.

They can try that on my Ubuntu machines see how far they get.


Edited by NickAu, 17 December 2015 - 04:42 PM.

Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#5 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 17 December 2015 - 04:34 PM

Already patched...  :guitar:
 
grub2 (2.02~beta2-9ubuntu1.6) trusty-security; urgency=medium
 
  * SECURITY UPDATE: password bypass via backspace key buffer overflow
    - debian/patches/CVE-2015-8370.patch: check length before accepting a
      backspace character in grub-core/lib/crypto.c,
      grub-core/normal/auth.c.
    - CVE-2015-8370
 
 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 15 Dec 2015 09:11:24 -0500
 
Greets!


#6 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,904 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:54 PM

Posted 17 December 2015 - 04:45 PM

Even before it was patched, anybody who was afraid of " spies" would have used disk encryption, You can hit all the keys you like for as long as you like but only the right key will unencrypt.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#7 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 17 December 2015 - 04:55 PM

 NickAu, look at the date of the patch and at the date of the article...

It was patched before the article was published!  :bubbles:

 

Greets!



#8 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA

Posted 22 December 2015 - 05:08 AM

 NickAu, look at the date of the patch and at the date of the article...

It was patched before the article was published!  :bubbles:

 

Greets!

 

GNULINUX, Thanks for catching this! :thumbup2:

 

I was looking on my newly installed OS to see if the latest Grub was installed, though still a beta.  :)

 

How long does it take Grub to advance from beta to stable release? It's just a bootloader, or that's what I see, and even if updating it, doesn't display all 4 installed OS's. Just Linux Mint 17 (no point release) & Windows 8 (loader). That's it. The two Windows 7 OS's are not shown, and if I selected the Windows 8 loader, it would still boot to 7 Pro, because it's the system wide default OS. 

 

Maybe it's because of the way it's installed, the bootloader during install, was placed on the root partition, rather than a whole device, which could cause more than one reboot to get to one OS (Win 8.1 Pro) & totally defeats the purpose of spending $350 on two SSD's to have 10-15 second boots with browsers ready to roll in about 8-10 more seconds tops (5 for Linux Mint, browser is loading before the features popup). That's the way it's supposed to be, seconds, not minutes. When booting to Linux MInt, can be reading email in less than 20 seconds with Google Chrome's GMail, if I type the login password fast enough. :thumbup2:

 

Ideally, the Grub bootloader wouldn't trigger a double boot afterwards to get to that one OS, yet that's the way it is, so use EasyBCD 2.3 for my bootloader. Which prevents such nonsense that shouldn't be occurring. While the majority of Linux software is fantastic, Grub could be much improved on & there hasn't been a major version released in years, evidenced by the fact that after all of these years, we're still at '2.whatever.beta'. Essentially meaning there's not a lot of releases, period. 

 

Though am glad that someone reported the security flaw & was fixed in no time. :)

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#9 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2015 - 03:40 PM

cat1092,

I think GRUB2 will never be out of beta... :whistle: ...but it works for me on my dual boot with W7.

Linux Mint has a (too?) cautious update policy, I think on Mint (default settings) you don't get GRUB and KERNEL updates?
 
I'm on Peppermint and have following update policies:
 
LPFYe8o.png
 
I get the GRUB and KERNEL updates (not upgrades) that way.
You can always "handpick" the updates or wait a few days before you install them.
 

Maybe it's because of the way it's installed, the bootloader during install, was placed on the root partition, rather than a whole device...

 

Bingo, you are booting from one bootloader into another with different options...

Difficult to get rid of... especially when you have that many OS's. Luckily EasyBCD did the trick!  :thumbup2:

 

Greets!



#10 Winterland

Winterland

  • Members
  • 980 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Enchantment
  • Local time:08:54 PM

Posted 22 December 2015 - 04:09 PM

I'm at work so I have to be brief but felt compelled to at least offer this.

 

Cheers!

 

Winterland


Photobucket removed my cool flag - idiots!

 

Every calculation based on experience elsewhere fails in New Mexico.


#11 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,904 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia

Posted 22 December 2015 - 04:19 PM

This story is just a beat up at best and has no application in the real world. If I want to " hack " a linux system even a password protected one ( Not encrypted ) all I need to do is boot the PC from a Live distro mount the HDD and I am in, I can also change the log in password if I want.

 

Encryption is the solution.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#12 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:06:54 AM

Posted 22 December 2015 - 04:23 PM

This story is just a beat up at best and has no application in the real world. If I want to " hack " a linux system even a password protected one ( Not encrypted ) all I need to do is boot the PC from a Live distro mount the HDD and I am in, I can also change the log in password if I want.

 

Encryption is the solution.

Ha, its true Nick! I feel like most people are going to do that anyway rather then hitting backspace 28 times (kind of impractical). It would take me 2 minutes to boot up Puppy and then start copying files over to an external. So encryption, and of course locking your bios down is always a good choice (though it is possible to bypass, very easy on desktops). 


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#13 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,002 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA

Posted 25 December 2015 - 04:01 AM

 

I get the GRUB and KERNEL updates (not upgrades) that way.

You can always "handpick" the updates or wait a few days before you install them.
 

 

That's what I've been doing since Mint 16, many criticized the Mint devs for not showing Level 4 & 5 updates by default, a few of which were security ones. One can always hide any unwanted updates, and unhide later if desired. 

 

 

 

Encryption is the solution.

 

Yes, this guarantees that a hacker cannot access one's files w/out the key. While there are some tricks that professional hackers uses to obtain the key, there's also workarounds for this. For starters, don't use public wireless hotspots with one's most valuable computer, carry an older one with as little data as possible for this, and by all means, make sure the ufw Firewall is enabled. Regardless of if at home or on other networks. One thing to keep in mind, even if one knows the other party, there's little way to tell if the router has been hacked, which is the among the weakest links in one's security. Ideally, one would be running a Firewall appliance, and Sophos has a free OS for this, only one has to add an outgoing network card. 

 

$20-30 on eBay is the cost of the card. One can dedicate a spare computer that equals or exceeds the minimum specs, which leaves a lot of budget PC's out of the picture, yet there's lots of refurbished business/corporate PC for $125 or less that more than meets the need. 

 

Hackers will also attack the RAM itself, don't know of all the details, but did read in one article that a tiny bit of glitter nail polish can boost security, make sure that a few close up snapshots are taken afterwards & when traveling, make sure your notebook is by your side or securely stored. When the computer is running, keep in mind that the encryption key is stored in RAM for the session, otherwise the computer wouldn't fire up. 

 

http://www.wired.com/2013/12/better-data-security-nail-polish/

 

Yet the majority, but not all, of the time, data thieves are looking at high profile targets to steal data from, or to be reworded, those with significant cash & other assets, they're looking to profit (as in earning a living) from their work. These aren't script kiddies horsing around to get a free internet connection to keep from paying, or to have bragging rights on certain forums, though may initially use these techniques to get to where they want. 

 

Still, encrypted devices are best, when other precautions are used. And when purchasing a new computer, don't be so eager to dump your old one, reinstall the OS after the transfer of data to the new one & use that one at Starbucks or your favorite hotspot, or when visiting friends/family. Properly maintained, a notebook will last for 6-8 years before it's considered to be obsolete & it's best to have a spare or two. Be sure that before reinstall, if a SSD in in use to secure erase, if an HDD, run DBAN, at the prompt, enter autonuke. May take a few hours to run, yet it's Department of Defense compliant, that's just the right amount for most users. Have ran it numerous times & after installing an OS, Recuva couldn't find any files on the drive. DBAN not only destroys the data, it also writes random data across the entire drive. 

 

http://sourceforge.net/projects/dban/

 

Cat


Edited by cat1092, 25 December 2015 - 04:09 AM.

Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#14 technonymous

technonymous

  • Members
  • 2,480 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:54 AM

Posted 29 December 2015 - 03:45 AM

How many of you secure your grub2? :)



#15 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,904 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:54 PM

Posted 29 December 2015 - 04:01 AM

I do not bother with passwords for grub, what’s the point when I can  re set the grub password by booting a live distro mount the drive and type a few terminal commands.

 

Boot from live media.

 

Then  mount the right partition

# mount /dev/sd?? /mnt

Then.

Remove The Grub Password

If you are using Debian Linux you need to modify /boot/grub/menu.lst file:

# cd /mnt/boot/grub
# vi menu.lst

You work out the rest LOL.

 

Next.

Change Root password

Now your Grub password is removed from the system. You need to login to the system without any password. To restore root user password boot system into a single user mode.

1) At Grub prompt press 'e' to edit command before booting.

2) Select second line

3) Again, press 'e' to edit selected command

4) Type the following line
 

init=/bin/sh

You work out the rest LOL.

 

 

 

Now setting the PC to boot from HDD only and password protecting the BIOS so the boot order can't be changed would be " more " useful maybe.

 

For all its security features if you are sitting in front of the pc and have a Live distro and know a few terminal commands Linux is easy to hack.

Encryption changes the rules.

 

 

Please note the above comments made by me are common knowledge in the Linux community. 


Edited by NickAu, 29 December 2015 - 04:28 AM.

Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users