8 thoughts on “How to: break into a Linux user account in seconds”

  1. If you setup the root user with a password, that won’t be possible. Once you enter Root mode, you will be asked the root password to continue ;)

    I think It is a security flaw not asking users to give the root / Administrator user a password during installation…

    1. I’ve got to agree with you there – even though in distros like Ubuntu the root account is more or less disabled for use (i.e. although you can still su to root using su -s), it should definitely have a password set.

      But reading further says that by giving the root user no password means it can’t be brute-forced, and instead you have to know a combination of username and their password, which it’s claimed is harder to know.
      Sources: http://www.ubuntux.org/how-to-change-the-root-password-in-ubuntu, http://ubuntulinuxtipstricks.blogspot.com/2009/08/root-password-rumour.html

      BUT, if you can just drop into a recovery shell as root you can list all users using less /etc/shadow, or you could even create a user from the root shell! So that doesn’t work…

      IMHO, the root account MUST have a password to prevent physical ownership meaning the box allows anyone with a modicum of knowledge instant access to everything. So even if the name of the account (‘root’) is known, there’s still a SHA-512 password which needs to be deciphered before access is granted, and with a sufficiently strong password, that should be very, very hard to do.

  2. security is an illusion theres always a back door its just a matter of seeing it the best way imo is to just give them access to a part of your box then spy them a while then hit them with a bunch of viruses lol

  3. That’s because Ubuntu is a friendly operating system that offers a “recovery mode” for people who made a bad mistake on root, and need to fix it.

    You can always run a distro that uses a different Linux kernel, one that is made without “recovery mode” or “single-user mode”. Then, if you encrypt your files, no one can get at them. (but of course they can still erase them by installing another OS)

Leave a Reply

Your email address will not be published.