Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
so someone played a trick on you and now you can't login? nice... You really need to get the administrator to remove the offending entries assuming you have no access to a higher level account yourself
Actually, no.. this was a question in a certain event on ethical hacking and I'd like to know the answer... you can't seek the administrator's help here...
No dude.... It's just knowledge for the sake of it... that event happened some 3 months ago and I was just chewing cud... so I wouldn't be gaining anything - not material, at least.
Well there should be no way for a user to bypass their .bashrc, as that could easily lead to security issues and such. AFAIK There is no escape sequence to bypass them. As such you would need to be able to access those files as someone else, as naturally your own user account is not able to complete a full login. this person would need to be an administrator, i.e. root.
There are some things you can do, but under circumstances.
e.g if you have ftp access, you ftp to the machine and then rename the .bashrc or .profile or .bash_profile or whatever
to another name and then login like usually. You then edit the renamed file, delete the "logout" line and rename it back
to the normal name.
e.g if some friend has an account, he logins and the you "su" to your account.
when you run "su" (not "su -") then the shell startup scripts are not run, so you can edit the profile.
There are other solutions like these but every solution starts with "if"
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.