Hey there fellas,

I'm working on a lab for one of my sysadmin classes and one of the activities requires me to configure a floppy disk on a second system that will allow me to get a root shell on the first system from an unpriveldged user account. Also, the floppy needs to give me raw access to the file system. I know there's some people out there who can give me a hint on this. I've been pondering this for several days now and I can't come up with anything.

Thanks,

Celeron

ok, you'll need to create a bootdisk / rootdisk on the second pc, wich distro are you using? some distro's have a command wich let you create such disks. maybe you'll have to compile a custom kernel with the IDE taskfile support, this gives you real raw access to the hard drive. if you boot the first pc from floppy, mount the hard drive and do a chroot command to the mount point, you now have root access on the first pc.

succes,
-= iluvatar =-

Tsk, tsk. You shameless cracker you.


Visit Tom's Boot-n-root, your onestop shop for machine dominance.

http://www.toms.net/rb/

You don't have to have the same distro as what is installed on the machine, just as long as:

a) You support the same FS as it does (e.g. Ext3)
b) Said FS is not encrypted.

And it could be as simple as plopping in any old linux install disk and hitting Control-Alt-F2 to bring up a new shell (in which you will be root).


And since you want to use the first machine to h4x0r the second, simply make a bootable floppy, and then copy various utilities that will assist you in your endeavor onto it. See the Tom's FAQ as to which files he includes.

You could build a custom kernel (but not install it) on the first machine to keep the size of the kernel down to allow for more utilities.

First save the old menuconfig, and be sure that you don't install the modules (or you will be working on two machines) from the new kernel (actually you shouldn't have anything compiled as a module, keep it all in the kernel).

Basically make sure that you can restore the original system once you are finished.

dd the bzImage to a floppy, you will have to create an init file, but that is beyond my experience.

Try experimenting with a ramdisk so that you will have more room to load utilities.

A good place to look (along with studying the layout of Tom's disk) are those old distros that started up off of floppies.

And a bit of research on "rootkits" might be enlightening.

I'll leave it as an exercise to the reader to figure out how recover the passwords. Not that I would know anything about these things...

http://www.linuxsecurity.com/docs/Ha...asswords.shtml


Shame on both of us


Good luck, and I don't want any calls from any three-letter agencies because of you


Basically, if you allow unauthorized access to any machine, you can kiss your security goodbye.


John