[lug] Re: Backdoor Root

Hugh Brown hugh at math.byu.edu
Sun Oct 1 18:15:45 MDT 2000


I think the problem may be that su goes by the first occurrence of the
uid in question (so su will want the passwd for root and not your
pseudo-root (typically known as toor).  Assuming that your second uid 0
user is named toor, what happens when you do `su toor` from a mortal
user account?

Hugh


SoloCDM wrote:
> 
> Alan Robertson wrote:
> >
> > SoloCDM wrote:
> > >
> > > Prior to my server update, when I made a backdoor root access, I would
> > > place a username at the end of the line for root after a comma in
> > > /etc/group, then I made a user in /etc/passwd with 0 uid, 0 gid, and
> > > /root as the account.  No matter where I was or what I did, I could
> > > act as root with all the same privileges.  Now it won't work with
> > > Mandrake 7.0.
> > >
> > > The error for a user account is:
> > >
> > >         su: incorrect password
> > >
> > > when I use su - [super-user] or su [super-user].  Although, it does
> > > work when I'm logged in as root and I invoke su - [super-user].  It
> > > also shows the [super-user] name in the prompt.
> >
> > The short answer is "use sudo".  You can make it do the same thing (if you
> > want), or you can make it more secure, and it logs what you did, so you can
> > figure out "Now, how did I do *that*?"
> 
> I'm going to go for what's behind door number 2.  How do I get su to
> work?  Also, isn't sudo an application not on the normal distribution?
> 
> Note: When you reply to this message, please include
>       the mailing list and my email address.
> 
> *********************************************************************
> Signed,
> SoloCDM
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug




More information about the LUG mailing list