Click Here!Click Here!
Home / Technology / Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times
Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times

Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times

Though many of we expected don’t run Linux—specifically, one regulating a Grub2 bootloader—you’ll certainly conclude a unintended amusement of a mint feat that was recently found for pronounced bootloader. The feat is being fast patched by several vital Linux distros, including Ubuntu, Red Hat, and Debian, and it also requires earthy entrance to an unpatched appurtenance to work, so it’s not a worst intensity vulnerability, only one of a sillier ones.

We’ll let Hector Marco and Ismael Ripoll explain, around their Dec 14 security report:

“To fast check if your complement is vulnerable, when a Grub ask we a username, press a Backspace 28 times. If your appurtenance reboots or we get a rescue bombard afterwards your Grub is affected,” they write.

Yes, it’s that easy. After you’ve tapped backspace for a 28th time (on an influenced system), you’ll benefit entrance to a rescue shell—giving we a lot some-more energy over a complement than we formerly had. An assailant would be means to have full entrance to a console but wanting to enter any user name or cue whatsoever. Said chairman could afterwards bucket a customized heart and do all sorts of things to a horde computer—including duplicating a essence of a tough expostulate or installing some other, harder-to-find feat (like a rootkit) that could means all sorts of issues for a compromised complement (or, worse, other networked systems).

“The assailant is means to destroy any information including a muck itself. Even in a box that a hoop is ciphered a assailant can overwrite it, causing a [denial of service],” a news reads.

If your Linux distro of choice doesn’t occur to have a patch prepared only yet, we can squeeze a emergency patch that Marco and Ripoll have combined to repair a isssue—all stemming from a elementary integer underflow error that was introduced to Grub2 behind in Dec of 2009.

“It is insane for muck to miss decades-old feat mitigations like smoke-stack cookies that could have addressed this issue,” pronounced Dan Guido, Trail of Bits founder, in an talk with Motherboard.

About admin

Scroll To Top