TUCoPS :: Linux :: Red Hat/Fedora :: rhlilopm.txt

RedHat 6.0 LILO PAM Filter Workaround


::--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--::
::              .ooO RedHat 6.0 LILO PAM Filter Workaround Ooo.             ::
::--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--::
::                                                                          ::
:: OK well I suppose I've put off writing this for long enough.             ::
::                                                                          ::
:: Background:                                                              ::
:: ===========                                                              ::
::                                                                          ::
:: The most commonly known hack on the planet has just gotten interesting.  ::
:: It seems that Redhat 6.0 has become uncommon in the stability of previous::
:: versions. Please note that this is not a hack in the script kiddy sense  ::
:: of the word. It will not gain you access to your best friends porn       ::
:: files, it will not let you read some girl you likes e-mail, and it will  ::
:: not let you pass school (Thank God, I think you guys should stay off the ::
:: streets, its safer for you.)                                             ::
::                                                                          ::
:: Technical Background:                                                    ::
:: =====================                                                    ::
::                                                                          ::
:: Linux uses a boot loader called Lilo. Lilo, if you read the man page     ::
:: you will notice this, actually has many other options over the regular   ::
:: "boot dos/linux" option. An easy hack on the system could be acomplished ::
:: by having hands on access to the machine you want to break. Reboot the   ::
:: machine and at the lilo prompt type "$linux s" where $linux is your      ::
:: kernel name. This logs you in as a single user, from here you can edit   ::
:: the /etc/passwd file at will, and then log in properly.                  ::
::                                                                          ::
:: PAM Workaround in RH 6.0:                                                ::
:: =========================                                                ::
::                                                                          ::
:: It seems that there is some instabillity in PAM in RH6, either           ::
:: intentionally, or totally stupidly. All attempts to simply remove the    ::
:: root password will fail. To get around this:                             ::
::                                                                          ::
:: 1) Adduser r00t                                                          ::
:: 2) Change pid and gid of r00t to 0:0                                     ::
:: 3) Change passwd                                                         ::
::                                                                          ::
:: Exit single user mode, and login as r00t.                                ::
::                                                                          ::
:: Note: You must do it like this, because if you just try to get rid of    ::
:: the root passw, PAM GOES WILD. Its so easy it scares me.                 ::
::                                                                          ::
:: Bitches and gripes:                                                      ::
:: ===================                                                      ::
::                                                                          ::
:: I finally understand the exponential growth in scripties. It struck me   ::
:: the other day. The Old Skool of hacker grew up on DOS/UNIX/etc....       ::
:: playing around with demo's etc... They learnt the hack. Now we have this ::
:: front end Win hanging around 90% of households, and stagnating education.::
:: The front-end will be the death of real hackers....Beware, the next      ::
:: generation will be the HaX0r........I am not a scripty, I just wanted    ::
:: others to understand them.                                               ::
::                                                                          ::
:: <Notes from Wyzewun: Remember that if you setup your /etc/lilo.conf      ::
::  securely, this isn't a problem. To find out how to do this if you don't ::
::  know already, get the LASG from www.seifried.org/lasg>                  ::
::                                                                          ::
::                               --=====--                                  ::
::                  <fred> sektorgrl, no one likes you                      ::
::                             <fred> leave.                                ::
::                             <sektie> no.                                 ::
::                      <sektie> jsbach likes me :(                         ::
::                             <jsbach> brb.                                ::
::                             <sektie> SEE                                 ::
::                      <sektie> that's one person                          ::
::                           <sektie> so nyah                               ::
::                               --=====--                                  ::
::                                                                          ::
::--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--::

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH