Ubuntu Security :: Privilege Escalation / Compromising Administrator Rights
Jul 24, 2011
I have been wondering if a guest user could compromise a machine which is set in the following way: they are not able to open the computer case, to boot from either an USB flash drive or an optical-disc drive, nor have any knowledge of the administrator-user password. Thus, they are landing on their guess account, and have to work their privilege escalation from there.
Therefore, what can they do to gain it? Could they download or otherwise install or run from a thumb drive an application that could be used to crack the administrator-user password? Because, it seems to me, could they enter into the system such a password-cracking application, the whole system could be compromised given the administrator-user password contains less than 9-or-so characters. What do you think? Can I lend my computer to anybody without them having beforehand gained my trust in them? Is the reasoning reasonable?
View 9 Replies
ADVERTISEMENT
Dec 1, 2010
Currently as a part of an assignment I need to implement a reverse shell on a linux system. The system details are -Quote:Linux Kernal Version - 2.6Database - MySQLUsing web-server I could upload a php file which could execute the command on behalf of me. Now, I want to get root access so that I can get access to system's core files.My sample php file -
PHP Code:
<?php
if((!empty($_GET['cmd']) && isSet($_GET['cmd'])))
[code]....
View 2 Replies
View Related
Oct 22, 2010
I am only user on this ubuntu 10.10 install. I have admin rights but when I try to change some settings via Ubuntu tweak unlock or alter user and groups via advanced tab I never get the option to enter my password. I have added a new user 'tempuser' via safe mode and this user is administrator too but everything works fine from this user..
Results from $ grep admin /etc/group
lpadmin:105:heath,tempuser
admin:119:firstuser,tempuser,heath
Results from groups
admin adm dialout fax cdrom floppy tape audio dip video plugdev fuse lpadmin sambashare
I am thinking of making a fresh install if I cant sort this but would like to fix if possible.
View 9 Replies
View Related
Jan 10, 2010
I am trying to run eclipse with administrator rights so that it can access any folder on my system.
View 9 Replies
View Related
May 1, 2010
due to an exercise in Operating Systems I have to do the following: There are 6 users, user1, user2 ... user6 with home directories /users/user1 ... users/user6. User1 to user3 belong to group1, user4 to user6 belong to group2. The System Administrator wants to change the privilege* only to users 1, 2 and 3 to execute the file /bin/xxx. Which are the commands he has to type in order to achieve the previous?*I'm not sure if this is the right translation.What I have come till now is: Code: $ chgrp group1 <name_of_file> but it seems too simple to be right.
View 1 Replies
View Related
Aug 14, 2010
is there a way to run flash and java securely? stupid question i guess. i'd like to use a couple of sites that require them but don't want to open my box up to the bad things that can happen with these. videos, pandora etc. i don't know linux security well and just wonder what the ramifications of this will be?
View 9 Replies
View Related
Nov 16, 2010
Users of Lacie's 4L which is used to burn labels for your Lightscribe disks, are required to have the app run with sudo privileges, (the command being: gksudo 4L-gui). On an older version of an Ubuntu install, I had it set up so that it did this automatically, without it, (or me), being asked for a password. I thought it was something I added to the sudoers file, to give 4l-gui automatic authority, but I forgot how i did it.
View 2 Replies
View Related
Jun 7, 2010
Certain commands like:
fdisk -l
nmap -sT 192.168.0.1/24
iftop
require administrator privileges to run. A while ago i read a post(forgot where i read it) about being able to let a user run these commands in a script (that contains the desired command) created by the administrator/root without the user having to do a sudo and entering a password. Does anyone know how i can go about doing this?
View 3 Replies
View Related
Nov 18, 2010
I love My linux OS, and I carry It with me all the time in USB. I used to be able to boot from USB in the University computers, but not any more. Now it required Admin password in order to boot from CD or USB. I tried The VMWare, but I didn't like it. Is there any way I can get around it.
View 1 Replies
View Related
Apr 27, 2011
I am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote. What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights ? So except me no one can install any software. I will have another general user id for internet surfing
View 3 Replies
View Related
Nov 19, 2010
newbie changing to Linux, but not comps.as I said in newbie forum, putting them together since mid 80's w/5150's. that said most exp is old dos command line and commodore 64 basic. our economy here in USA causes change for many of us. I am now reading CompTIA study guide for Linux+ certification by Robb H. Tracy, pro Linux administration by James Turnbull,Peter Lieverdink, and Dennis Matotek. I have downloaded and installed PcLinuxOs, Fedora, SuSe.(three separate disks) have Linux Mint, Ubuntu, on cd. I also have Helix, DEFT, FIRE, FCCU, and Live Forensics Toolkit for Windows. because of pending legislation in our state and current or pending in others, taking classes@community college for private investigator. end goal?: Linux Systems Administrator/security/private investigator specializing in forensics?as I learn I'll probably install a server version on 1 of my drives and ask some of you to use it to work with/hack me/give me help in general.
View 5 Replies
View Related
Sep 27, 2010
I have setup a VPS server, created two accounts to two domains respectively, and in one account I built a tool to manage other accounts. I have been rigorously researching and found information, however not implemented yet, about granting apache sudo rights through an interface on one account, so that it can execute scripts as root to manage installations in other accounts. what I mean this is my tool will use 'rsync' to duplicate installations from any account into any account.
My question for security, is it secure to grant apache sudo rights? I have not resolved successfully granting it permissions, and I would not want to waste my time investigating more on it if it can compromise the system in any way.
In your experience, is it feasible to build such a tool like I described? I have the tool working to copy within account and to addon domains and it works great, but I want it to manage all accounts on the server.
View 3 Replies
View Related
Oct 21, 2010
Quote: The open-source Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system. The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included.
According to VSR Security, the research outfit that discovered the security hole, Linux installations are only vulnerable if the CONFIG_RDS kernel configuration option is set, and if there are no restrictions on unprivileged users loading packet family modules, as is the case on most stock distributions.
View 3 Replies
View Related
Apr 27, 2011
I am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote.What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights? So only root and one admin can install softwares and no one else.
View 5 Replies
View Related
Nov 11, 2009
I am getting kernel panics multiple times per day. I want to reinstall Fedora but the only option is to "replace existing Linux system," "shrink current system," "use entire drive," "use free space," and "create custom layout." Which one will reinstall without compromising my data?
View 12 Replies
View Related
Jan 10, 2010
I just installed Arch Linux, and then GNOME. But now I am regretiing the GNOME decision for one main reason; it works against the idea of K.I.S.S. and technical transperancy.But, I do like having a fully-featured GUI DE.
So, which Desktop Environment best follows the K.I.S.S. philosophy, without compromising on features? All opinions welcome, and maybe even a screenshot
View 5 Replies
View Related
Dec 10, 2010
I am traying to install an application on ubuntu, it asks me that I have to get root access. How can I get this previlige?
View 9 Replies
View Related
Mar 14, 2011
I adjusted some settings in the desktop settings folder in KDE. I had only one user account on the machine. Next time I rebooted I could not log into KDE (it kept bombing out). I had to log into the console. Finally I managed to create a new account with useradd but this user cannot sudo
My problem is that my home directory is encrypted, so I need a new user with sudo privileges to delete all the kde files and folders in my original users home directory so that I can start with a new KDE setup (which won�t be a bad thing since I tinkered a lot).
How can I add sudo privileges to the new account (I presume I can do it by logging in with my sudo account in a terminal login?
View 9 Replies
View Related
Sep 18, 2010
This is my first thread ever to make on the linux forum, and I just began using linux Ubuntu Lucid for my server. Please bare with me because I think I am questioning such a basic question. How do you give sftp root privilege to user? I've made group "admin" and made 2 users under that group. Trying to upload a file onto a server using SFTP with one of the user and it fails and says "Permission denied."
I gave full sudo/root permission to the group "admin" from /usr/sbin/visudo I mainly use Tranmit4 but I also have filezilla. Or is there a way to run sudo command on either ftp client application?
View 14 Replies
View Related
Apr 8, 2011
When I started using Fedora (with Gnome) a week ago, I noticed a key symbol in the system tray, or however you call that in the linux world ;-). I can't remember what it was called, but it appeared after I loaded a program or administrative function that required root privileges. If I understand correctly there's a certain timeout after you put in the root password that allows you to run more than one program with elevated privileges so you don't have to put in the root password all the time. I remember reading somewhere that you can change that timeout. This key symbol basically was a "screw the timeout, i'm done being root".
This key symbol doesn't appear anymore though and I'd really like it back.
I'm pretty sure, I didn't do anything to make it go away, as I didn't play around with any security settings.
It was a little tricky to search for this as I can't recall the actual name of this... key thingy..
View 14 Replies
View Related
Jul 7, 2009
I want to give root privilege to the command rm for only a directory Dir inside /local/home. How I can do that?
View 9 Replies
View Related
Jan 18, 2010
I'm under linux . by default, other user can't read anything under my home directory. let's see my home directory is /home/superman , and I tried to use
chmod +r /home/superman
to let others can acess files under my home directory , but it does not work .
View 1 Replies
View Related
Feb 28, 2011
I'm new to Linux (had some basic Unix experience in 1995 era). (Teenager) gave me HP2133 mini notebook running SUSE Linux Enterprise Desktop 10. Everything checks good (hardware and software), even wireless networking. Problem is she apparently created Admin/root password but says cannot remember. I cannot even set correct date time... yast is asking for root privilege:
Command: /sbin/yast2 time
Is there anything I can do to re-establish administrator privilege?
View 6 Replies
View Related
Sep 28, 2010
On Linux, is root privilege required to send a wake-on-lan magic packet? If it depends on how you send the magic packet, please let me know under what situation root is required.
View 1 Replies
View Related
Apr 6, 2010
how will i login as administrator in ubuntu?
View 2 Replies
View Related
Mar 23, 2010
I am looking to create a user to be able to do WinSCP or SSH into the system and only be able to see /var/www/html/joomla/ and that is it. I don't want them to be able to start or stop service but be able to upload and download files to the specific directory or change privileges of the mentioned directory. Is that possible? what commands should I run.
View 1 Replies
View Related
Aug 12, 2010
I finished my Bachelor's degree in Electronics and communication engineering in 2007. I finished RHCE in 12th July 2010. I don't have any work experience in the field of linux. Previously i had been working in knowledge processioning outsourcing which is completely not related to the field of linux. I have no experience in the field of linux. I have also finished CCNA in 2008. I have no experience to what I have studied. Can I get a job as a linux administrator? If I want to get a job what are the necessary things should i do?
View 10 Replies
View Related
Nov 11, 2010
I am using VMware to install RHEL 5.0 through an .ISO image in my lappy, bcoz my DVD-ROM is not working.While installation it didn't ask anything except user-name and password and it got installed correctly.But the problem is that, when I open a terminal it always opens in USER mode ($- prompt) and working directory shows(/home/user).how can I use the administrator(/root) ---> # -prompt.
View 5 Replies
View Related
Mar 2, 2010
everytime I try to enter any of the admin controls ie update manager etc the window opens for a split second then crashes also if the sound is turned up or down via keyboard shortcut the sound bar starts flashing very fast and the keyboard becomes inoperative, I have tried rebooting etc with no avail, I have done everything that I can with my very ltd knowledge, this first started after the last update I am using 9:10 KK.
View 5 Replies
View Related
Mar 22, 2010
I recently installed lucid on my new laptop (Thinkpad T410, since had some problems installing Karmic). Originally ran great, yet after several days lost the ability to log on as administrator using the login screen. After several seconds, it just sends me right back to the same screen. However, at the same time, I have no problem logging on as a different user via this screen. I'm also able to login no problem using the command line. I can toggle between this command screen and the visual user account, so can run what I need in root and then transfer to the user account so I can view it.
View 3 Replies
View Related
