Please read ahead>

Borgmeister · 11-11-2004, 07:09 PM

A colleague from work, managed to break into my linux box, and he wont tell me how, he did not knwo the password, but somehow managed to get into the machine, how could he do this, and he didnt have access to bootable media, because the bios is locked(on a laptop)

horndude · 11-11-2004, 07:44 PM

probably guessed your password, social engineering is always the most effective hack

bios settings set up for boot only from hard drive?

horndude · 11-11-2004, 07:45 PM

or he removed your hard drive and got in that way, that isnt tough to do, especially on a laptop

s0me0ne · 11-12-2004, 12:56 AM

was this all on a local lan? did you check your loggs? are you running an exploitable service maybe? does he have an account on your box anyway and just gained root? am I asking to many questions right now? haha

intercodes · 11-12-2004, 01:18 AM

Borgmeister

Yea, he should have probably run 'lopht crack' or 'john the ripper' to get the root password. There are already 50 known expliots to get the root password in a linux box. He would have searched for such an exploit and executed in your system.
Thou I couldn't figure out the BIOS breaking? ..removing the BIOS battery...removes the password protection..rite??

Sign
Codes

Borgmeister · 11-12-2004, 09:57 AM

Hmm, i am runnign ubuntu, and the screen was locked, (xfree86) my password is not guessable(alpha numeric jumble), and it was not connectedd to a network at the time. He said he got in via the screen saver, and did not drop out to the terminal. Cheers guys

Qiranworms · 11-13-2004, 12:17 AM

Quote:

Originally posted by Borgmeister
Hmm, i am runnign ubuntu, and the screen was locked, (xfree86) my password is not guessable(alpha numeric jumble), and it was not connectedd to a network at the time. He said he got in via the screen saver, and did not drop out to the terminal. Cheers guys

Maybe you thought you loaded xfree86 and didn't...and this person knows that it's your habit to use it...and he saw you forgot, and figured it was a mistake. Thus he could have taken advantage and pretended to have broken in. Just an idea that's to be considered along with these hacking theories.

All I know is people in my house could NEVER break my xfree86, so I'm safe here :laughing:. ****...nobody even broke the Windows XP 'lock screen'...actually, I don't think anyone ever tried. Someone starts a conversation on MSN that might have some sort of private info...and if I'm not there...and someone glances at the screen...can't risk that.

NoodleKnight · 11-13-2004, 12:31 AM

Not sure how easy this would be, or if it actually works. If you can get access into the hard drive (like attatching it to another computer as a slave drive) then deleting the password file (something like .pwd or .passwd) then you should be able to log into root with a blank password. Though, I hear that for some versions of linux this doesn't work.

Member Login