Penetration Testing
Bypass grub edit protection password Feb 09 2012 09:26AM
Nik (foringer gmail com) (3 replies)
Re: Bypass grub edit protection password Feb 09 2012 06:52PM
Shohn Trojacek (trojacek gmail com)
It may have some sort of dial home capability - listen to outbound
traffic when it first fires up and see what it tries to talk to. Then
you could possibly act as a bit of a middle man.

Shohn

On Thu, Feb 9, 2012 at 3:26 AM, Nik <foringer (at) gmail (dot) com [email concealed]> wrote:
> Hello list!
>
> I'm doing a physical pentest of the blackbox network security device
> and need your help in it :).
>
> Device is a hardware protected linux box with serail and ethernet
> ports available. It is running on Intel platform.
>
> Conditions of the testing is that I need to receive privilege (root)
> access to the box, but I cannot open it and get direct access to the
> hard drives.
>
> Form the serial connection, while booting I've got information that it
> is running CentOS 4.1. I can select different kernels while the system
> in grub menu, but I cannot enter edit mode, because it is password
> protected. After selecting anything from grub menu the system boots,
> but the output to the serial console terminates.
>
> I've tried to boot device from CD-ROM live cd and USB flash, but has
> not success with it - the first boot device in BIOS is internal
> harddrive.
>
> While booting I cannot enter BIOS setup - do not know why - the F2 key
> simple does not work!
>
> So thats the story, I'm stack now and need your help very much. Thank
> you in advanced....
>
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

>

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: Bypass grub edit protection password Feb 09 2012 06:51PM
Ian Hayes (cthulhucalling gmail com) (1 replies)
Re: Bypass grub edit protection password Feb 10 2012 08:33PM
Mark (security internecto net)
Re: Bypass grub edit protection password Feb 09 2012 06:35PM
Adrián Puente Z. (apuente hackarandas com)


 

Privacy Statement
Copyright 2010, SecurityFocus