[lug] Re: Backdoor Root (UPDATE)

Wed Oct 4 20:41:01 MDT 2000

I found the answer the the following issue.

Enter a line in /etc/passwd as follows:
[new_super_user]:[leave_blank]:0:0:[name_of_super_user or use
chfn]:/root:/bin/bash when completely done.  In /etc/group add the
user to the end of root:x:0:root,[new_super_user] with no space before
username.

After that's accomplished, type pwconv at the prompt, then press enter
(man pwconv exists).  Finally, execute passwd [new_super_user] as root
and enter password.  Now your finished!

*********************************************************************
Signed,
SoloCDM

___________________________Reply_Separator___________________________

"Atkinson, Chip" wrote:
> 
> The two ways that I've used are adduser and vi.  Right now, I'd just copy
> the root entry and change the password as root to whatever you fancy.
> 
> -----Original Message-----
> From: SoloCDM [mailto:deedsmis at aculink.net]
> 
> Hugh Brown wrote:
> >
> > I think the problem may be that su goes by the first occurrence of the
> > uid in question (so su will want the passwd for root and not your
> > pseudo-root (typically known as toor).  Assuming that your second uid 0
> > user is named toor, what happens when you do `su toor` from a mortal
> > user account?
> 
> I found the problem.  My new super-user doesn't have an entry in the
> /etc/shadow file.  I don't know how to make it happen.
> 
> > SoloCDM wrote:
> > >
> > > Alan Robertson wrote:
> > > >
> > > > SoloCDM wrote:
> > > > >
> > > > > Prior to my server update, when I made a backdoor root access, I
> would
> > > > > place a username at the end of the line for root after a comma in
> > > > > /etc/group, then I made a user in /etc/passwd with 0 uid, 0 gid, and
> > > > > /root as the account.  No matter where I was or what I did, I could
> > > > > act as root with all the same privileges.  Now it won't work with
> > > > > Mandrake 7.0.
> > > > >
> > > > > The error for a user account is:
> > > > >
> > > > >         su: incorrect password
> > > > >
> > > > > when I use su - [super-user] or su [super-user].  Although, it does
> > > > > work when I'm logged in as root and I invoke su - [super-user].  It
> > > > > also shows the [super-user] name in the prompt.
> > > >
> > > > The short answer is "use sudo".  You can make it do the same thing (if
> you
> > > > want), or you can make it more secure, and it logs what you did, so
> you can
> > > > figure out "Now, how did I do *that*?"
> > >
> > > I'm going to go for what's behind door number 2.  How do I get su to
> > > work?  Also, isn't sudo an application not on the normal distribution?