Penetration Testing
Bypass grub edit protection password Feb 09 2012 09:26AM
Nik (foringer gmail com) (3 replies)
Hello list!

I'm doing a physical pentest of the blackbox network security device
and need your help in it :).

Device is a hardware protected linux box with serail and ethernet
ports available. It is running on Intel platform.

Conditions of the testing is that I need to receive privilege (root)
access to the box, but I cannot open it and get direct access to the
hard drives.

Form the serial connection, while booting I've got information that it
is running CentOS 4.1. I can select different kernels while the system
in grub menu, but I cannot enter edit mode, because it is password
protected. After selecting anything from grub menu the system boots,
but the output to the serial console terminates.

I've tried to boot device from CD-ROM live cd and USB flash, but has
not success with it - the first boot device in BIOS is internal
harddrive.

While booting I cannot enter BIOS setup - do not know why - the F2 key
simple does not work!

So thats the story, I'm stack now and need your help very much. Thank
you in advanced....

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: Bypass grub edit protection password Feb 09 2012 06:52PM
Shohn Trojacek (trojacek gmail com)
Re: Bypass grub edit protection password Feb 09 2012 06:51PM
Ian Hayes (cthulhucalling gmail com) (1 replies)
Re: Bypass grub edit protection password Feb 10 2012 08:33PM
Mark (security internecto net)
Re: Bypass grub edit protection password Feb 09 2012 06:35PM
Adrián Puente Z. (apuente hackarandas com)


 

Privacy Statement
Copyright 2010, SecurityFocus