Fail while experimenting with passwd file, need your help!!

L00PeR
6 years ago

0

Hey :(
Let me put you on situation, I was reading something about security about the /etc/passwd file (used for making backdoors) when I sarted tinkering with it.
First I thought, what would happen if I change the UID and the GID of my user to 0, well first, in the prompt was written: I have no name!
This was weird, I guess this happened because when you login, you create a kind of session with a UID and a GID, and as the ID’s of my user were changed, the system didn’t knew who I was.
This had a very simple solution, just pressing Ctrl+Alt+f1 so another shell opened and I could login with my user, which instantly converted into root.
Wooohooo so nice!!!
Then I thought, what would happen if instead of changing the ID’s of my user to 0, I change the ID’s of the root to 1000(the ID of my user).
Well the hole system crushed, I cannot even start Ubuntu (only in recovery mode).
And when I start it on recovery mode and select to open a shell as root, the system doesn’t know who I am, as on the passwd file there’s anybody with UID and GID 0, so I loose my superuser powers….
Any help?
Thank you in advance

2replies
2voices
164views
L00PeR
6 years ago | edited 6 years ago

0

OMG, DONE!!!
uff such a big scare xD

I didn’t wanted to lost my bot xD

The solution to the problem was simple:

Start another OS, you can do this form a live CD or just selecting one already installed.
Then execute this command:
mount /dev/sdaX /mnt
WARNING: You must change the ‘X’ to a number, if you don’t know in which partition is your linux, just try them all and check whats inside the /mnt folder, you should identify your OS by looking at the files!!
Then go inside the /mnt folder and change whatever you want to change, WHATEVER!!!!!
Then you just need to reboot your system, because somehow, changes on your /mnt folder are saved to the real partition!!

In my case, I just needed to open the /mnt/etc/passwd file and change the UID and the GID of the root on /mnt/etc/passwd

This is awesome!!!
Because you can access whatever you want on your computer!!
Now I understand why experienced hackers say that if you have physical access to a PC, you can do whatever you want!!

Reply has been removed
L00PeR
6 years ago

0

I was waiting for someone to ask something :)
If somebody wants to, you can pm me :)
closing…

Discussion thread has been locked. You can no longer add new posts.
1 of 3

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss