If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
On 12/21/15 17:03, Gary Heston so wittily quipped:
Given physical access to a system, an attacker of even modest skills can get any and everything off a system. If the sole objective is denial of service, I don't know of any hard drve that can survive a hammer or drill (particularly both) attack. or thermite |
Ads |
#17
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
On 12/21/15 10:01, Peter Köhlmann so wittily quipped:
edevils wrote: On 21/12/2015 18:06, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux—specifically, one using the Grub2 bootloader—you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. so the bug is funnier than it is dangerous. Unless data is encrypted. If you remove the hard drive and plug it somewhere, you are still left with ciphered data. On the contrary, if you read Hector Marco and Ismael Ripoll's original article, you'll find out how they used the GRUB2 vulnerability to access the GRUB rescue shell and deploy a malware from there. "Since the data is ciphered, the strategy we will use is to infect the system and wait until the user decrypts the data (by login into the system) and then access to the information in plain." http://hmarco.org/bugs/CVE-2015-8370...on-bypass.html With physical access to the machine they could just as well install the logging software the standard way. No need for a Grub exploit Physical access means all bounds are off. You can not secure such a system in any meaningful way, encrypted or not right, that's kinda where I was going, too. thanks for stating it THAT way. so yeah, 'physical access required' takes a LOT of the 'threat' out of it. still needs patching. devs need to self-slap for letting it happen. |
#18
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
On 12/21/15 10:21, edevils so wittily quipped:
On 21/12/2015 19:01, Peter Köhlmann wrote: edevils wrote: On 21/12/2015 18:06, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux—specifically, one using the Grub2 bootloader—you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. so the bug is funnier than it is dangerous. Unless data is encrypted. If you remove the hard drive and plug it somewhere, you are still left with ciphered data. On the contrary, if you read Hector Marco and Ismael Ripoll's original article, you'll find out how they used the GRUB2 vulnerability to access the GRUB rescue shell and deploy a malware from there. "Since the data is ciphered, the strategy we will use is to infect the system and wait until the user decrypts the data (by login into the system) and then access to the information in plain." http://hmarco.org/bugs/CVE-2015-8370...on-bypass.html With physical access to the machine they could just as well install the logging software the standard way. Could they, if GRUB is password protected? yes. just install "no password" grub onto a different hard drive, and set it up (cloned without password) to boot that image from a separate HD [USB plug in for example], then put the "new" HD into the hard drive slot, and voila! boot whatever you want, whenever you want, no password required. |
#19
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
On 12/21/15 14:05, Shadow so wittily quipped:
On Mon, 21 Dec 2015 09:06:22 -0800, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux?specifically, one using the Grub2 bootloader?you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. And you remove the hard drive because .... ? []'s it's easier to read it with a different machine, possibly. or you could boot your OWN image with a different hard drive if passwords lock out USB bootup. etc. it's back to "if you have physical access you can ultimately bypass ANY security" if a crook wanted your data he'd just steal the device and work on it elsewhere. |
#20
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
In article Big Bad Bob wrote: On 12/21/15 14:05, Shadow so wittily quipped: On Mon, 21 Dec 2015 09:06:22 -0800, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux?specifically, one using the Grub2 bootloader?you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. And you remove the hard drive because .... ? []'s it's easier to read it with a different machine, possibly. or you could boot your OWN image with a different hard drive if passwords lock out USB bootup. etc. it's back to "if you have physical access you can ultimately bypass ANY security" if a crook wanted your data he'd just steal the device and work on it elsewhere. Like to see them do that with fibre channel or NAS. |
#21
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
In article
edevils wrote: On 12/21/2015 10:28 PM, ray carter wrote: With physical access to the machine they could just as well install the logging software the standard way. Could they, if GRUB is password protected? No need for a Grub exploit Physical access means all bounds are off. You can not secure such a system in any meaningful way, encrypted or not However, removing a hard drive is not as easy as using a keyboard. If you remove a hard drive in an office, you might be be noticed. Some hard drives are even stored in a secure vault, while you can still access the keyboard. physical access == total access If a bad guy has UNRESTRICTED physical access, then he will be able to do anything. But another scenario is "restricted" physical access, meaning: KEYBOARD access only! Lmao. Like to see you stop me from doing anything if I have "KEYBOARD" access. |
#22
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
In article Big Bad Bob wrote: On 12/21/15 17:03, Gary Heston so wittily quipped: Given physical access to a system, an attacker of even modest skills can get any and everything off a system. If the sole objective is denial of service, I don't know of any hard drve that can survive a hammer or drill (particularly both) attack. or thermite Why must one poor little hard drive be the single point of failure? |
#23
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
In article .at,
Anonymous Remailer (austria) wrote: In article Big Bad Bob wrote: On 12/21/15 17:03, Gary Heston so wittily quipped: Given physical access to a system, an attacker of even modest skills can get any and everything off a system. If the sole objective is denial of service, I don't know of any hard drve that can survive a hammer or drill (particularly both) attack. or thermite Why must one poor little hard drive be the single point of failure? Oh, it doesn' have to be. I have a couple of servers at work with two dozen drives in them, and the 96TB storage servers that should be arriving soon will each have at least that many. We like storage at work. It'll probably take a couple of days to format them and create the RAID volumes. Gary |
#24
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
On 22/12/2015 22:01, Big Bad Bob wrote:
On 12/21/15 10:21, edevils so wittily quipped: On 21/12/2015 19:01, Peter Köhlmann wrote: edevils wrote: On 21/12/2015 18:06, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux—specifically, one using the Grub2 bootloader—you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. so the bug is funnier than it is dangerous. Unless data is encrypted. If you remove the hard drive and plug it somewhere, you are still left with ciphered data. On the contrary, if you read Hector Marco and Ismael Ripoll's original article, you'll find out how they used the GRUB2 vulnerability to access the GRUB rescue shell and deploy a malware from there. "Since the data is ciphered, the strategy we will use is to infect the system and wait until the user decrypts the data (by login into the system) and then access to the information in plain." http://hmarco.org/bugs/CVE-2015-8370...on-bypass.html With physical access to the machine they could just as well install the logging software the standard way. Could they, if GRUB is password protected? yes. just install "no password" grub onto a different hard drive, Looks like you have not read previous posts. Again, I am talking about keyboard access, in a scenario where both GRUB and BIOS settings are password protected. No *unrestricted* physical access, no tampering with hardware. Therefore, no "different hard drive" available, no "boot from CD/USB", no easy shortcuts available, and set it up (cloned without password) to boot that image from a separate HD [USB plug in for example], then put the "new" HD into the hard drive slot, and voila! boot whatever you want, whenever you want, no password required. |
#25
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
On 22/12/2015 21:29, Big Bad Bob wrote:
.... so yeah, 'physical access required' takes a LOT of the 'threat' out of it. still needs patching. devs need to self-slap for letting it happen. Maybe they wrote "physical access required", but they just used keyboard access. They did not need to tamper with hardware. |
#26
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
On 22/12/2015 22:03, Big Bad Bob wrote:
On 12/21/15 14:05, Shadow so wittily quipped: On Mon, 21 Dec 2015 09:06:22 -0800, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux?specifically, one using the Grub2 bootloader?you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. And you remove the hard drive because .... ? []'s it's easier to read it with a different machine, possibly. or you could boot your OWN image with a different hard drive if passwords lock out USB bootup. etc. it's back to "if you have physical access you can ultimately bypass ANY security" if a crook wanted your data he'd just steal the device and work on it elsewhere. But then, in real life, you don't "just steal the device", unless you are a thief. Maybe you have access to the keybaard though. |
#27
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
In article
edevils wrote: On 22/12/2015 22:01, Big Bad Bob wrote: On 12/21/15 10:21, edevils so wittily quipped: On 21/12/2015 19:01, Peter Köhlmann wrote: edevils wrote: On 21/12/2015 18:06, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux—specifically, one using the Grub2 bootloader—you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. so the bug is funnier than it is dangerous. Unless data is encrypted. If you remove the hard drive and plug it somewhere, you are still left with ciphered data. On the contrary, if you read Hector Marco and Ismael Ripoll's original article, you'll find out how they used the GRUB2 vulnerability to access the GRUB rescue shell and deploy a malware from there. "Since the data is ciphered, the strategy we will use is to infect the system and wait until the user decrypts the data (by login into the system) and then access to the information in plain." http://hmarco.org/bugs/CVE-2015-8370...on-bypass.html With physical access to the machine they could just as well install the logging software the standard way. Could they, if GRUB is password protected? yes. just install "no password" grub onto a different hard drive, Looks like you have not read previous posts. Again, I am talking about keyboard access, in a scenario where both GRUB and BIOS settings are password protected. No *unrestricted* physical access, no tampering with hardware. Therefore, no "different hard drive" available, no "boot from CD/USB", no easy shortcuts available, Pull the drive and put it in another box. Now what good are your passwords? and set it up (cloned without password) to boot that image from a separate HD [USB plug in for example], then put the "new" HD into the hard drive slot, and voila! boot whatever you want, whenever you want, no password required. |
#28
|
|||
|
|||
Exploit Logs You Into Linux Systems After Hitting Backspace 28Times
Anonymous Remailer (austria) wrote: In article Big Bad Bob wrote: On 12/21/15 14:05, Shadow so wittily quipped: On Mon, 21 Dec 2015 09:06:22 -0800, Big Bad Bob wrote: On 12/20/15 16:38, Chris Ahlstrom so wittily quipped: Anonymous wrote this copyrighted missive and expects royalties: Though most of you likely don't run Linux?specifically, one using the Grub2 bootloader?you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. http://www.pcmag.com/article2/0,2817,2496870,00.asp What took you so long to post this? It's been bandied about for many days now. Already fixed, by the way. Pretty stupid bug, though. Should never have happened. with physical access to the machine, there's nothing stopping anyone from removing the hard drive, plugging in a USB hard drive adaptor thingy, and then reading it directly with another computer. And you remove the hard drive because .... ? []'s it's easier to read it with a different machine, possibly. or you could boot your OWN image with a different hard drive if passwords lock out USB bootup. etc. it's back to "if you have physical access you can ultimately bypass ANY security" if a crook wanted your data he'd just steal the device and work on it elsewhere. Like to see them do that with fibre channel or NAS. What difference would that make if they just want the device? EZoto |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|