Announcement

Collapse
No announcement yet.

Cryptsetup Vulnerability Allows Easily Getting To A Root Shell

Collapse
X
Collapse
 
  • Page of 4
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 template Next
  • #11
    Originally posted by franglais125 View Post
    If an attacker has physical access, it would actually be much easier to plug a USB drive with whichever OS he/she prefers and modify stuff in a more convenient way.
    How do you plan to do it if both the bios and grub are locked by password? You will have to open the laptop, which will take much more time.
    ## VGA ##
    AMD: X1950XTX, HD3870, HD5870
    Intel: GMA45, HD3000 (Core i5 2500K)
    • Likes 1

    Comment

    • #12
      Further note: In Dracut, failure to open an encrypted root device will force an initramfs shell no matter what cryptsetup does, but that is dracut's behavior on not finding root and can't be changed by changing cryptsetup

      Comment

      • #13
        This hyped vulnerability implies the perpetrator has a physical access to your PC? Well, then he can boot from his own media and p0wn your initrd and access any unencrypted data. Too much drama.

        Before you tell me about Secure Boot or BIOS password, stop! Your CMOS can be easily reset by removing a battery.
        • Likes 1

        Comment

        • #14
          Originally posted by darkbasic View Post

          How do you plan to do it if both the bios and grub are locked by password? You will have to open the laptop, which will take much more time.
          I am not sure I understand your comment. What you are saying applies with and without this vulnerability.

          Comment

          • #15
            Originally posted by birdie View Post
            This hyped vulnerability implies the perpetrator has a physical access to your PC? Well, then he can boot from his own media and p0wn your initrd and access any unencrypted data. Too much drama.

            Before you tell me about Secure Boot or BIOS password, stop! Your CMOS can be easily reset by removing a battery.
            Removing the battery and leaving it out for 6 months you mean? The CMOS usually has their own small battery.

            Anyway bios and grub security is kind of pointless these day on a laptop since no one fully powers down their laptop anyway.

            Comment

            • #16
              Originally posted by carewolf View Post

              Removing the battery and leaving it out for 6 months you mean? The CMOS usually has their own small battery.

              Anyway bios and grub security is kind of pointless these day on a laptop since no one fully powers down their laptop anyway.
              Don't understand if you're an idiot or you're just pretending.

              Google->Images 'CMOS battery' and don't humiliate yourself. In case Google is too difficult for you, here's an example.

              Comment

              • #17
                Originally posted by birdie View Post
                This hyped vulnerability implies the perpetrator has a physical access to your PC? Well, then he can boot from his own media and p0wn your initrd and access any unencrypted data. Too much drama.

                Before you tell me about Secure Boot or BIOS password, stop! Your CMOS can be easily reset by removing a battery.
                Battery that on most laptops is either soldered, inaccessible, or both? In most cases there are contacts exposed somewhere in the RAM compartment or somewhere you can get at relatively easily, but there is no rule.

                Anyway, this "pull the battery to reset" is true for shitty consumer hardware, NOT true for many workstation-grade laptops (say thinkpads) that store the password in a special flash chip.
                Yes, you can get at the thing, desolder the fucker or solder cables to reflash it manually to erase it, but it's not something you can do on the fly or without looking at documentation.
                http://sodoityourself.com/hacking-ib...bios-password/ (ancient stuff)

                http://www.ja.axxs.net/t430.htm (more modern stuff)

                official LENOVO statement https://support.lenovo.com/us/en/documents/ht036206

                A forgotten Supervisor password will prevent access to the ThinkPad BIOS setup utility. If the Supervisor password has been forgotten and cannot be made available to the service technician, there is no service procedure to reset the password. The system board must be replaced for a scheduled fee. Proof of purchase is required, and this repair is not covered under the warranty.
                • Likes 1

                Comment

                • #18
                  unapproved post for birdie

                  Comment

                  • #19
                    Originally posted by Luke View Post
                    Further note: In Dracut, failure to open an encrypted root device will force an initramfs shell no matter what cryptsetup does, but that is dracut's behavior on not finding root and can't be changed by changing cryptsetup
                    No, dracut only does this if you don't have rd.shell option set to 0. Which is precisely what installer does when you secure a bootloader.

                    Comment

                    • #20
                      I've been talking about consumer grade laptops - for instance my laptop from late 2015 has a removable CMOS battery. In fact you anecdotal evidence of business laptops with some sort of flash for storing a password is again anecdotal. At least 95% of laptops out there have an unsoldered CMOS battery which can be easily removed or short circuited. The laptops you're describing are exceedingly rare.

                      Comment

                      Previous 1 2 3 4 template Next
                      Working...
                      X