Hacking Linux OS? Nothing’s easier. Just press the button 28 times ‘backspace’. Two Spanish researchers detected a flaw in Grub that can take control of the machine.
With a Linux system based on the bootloader Grub 2, password protection this can be bypassed and open the doors to a disaster. An operation launched by 28 times on the Backspace key on the keyboard.
Also Read: Why Hackers Use Linux OS ?
It is a strange security bug that was discovered by two researchers in Spain. It potentially affects a broad range of machines running under Linux since it affects the popular bootloader Grub 2. Back-to-28 Grub Part of Cybersecurity group of the Polytechnic University of Valencia, researchers have uncovered a vulnerability that can be exploited to allow a local attacker to bypass authentication any measures related to the protection of Grub 2 password. Such protection is however not necessarily activated.
Hack Linux System By Pressing Backspace 28 Times But You Can Fix It
The operating carrier is at least curious since it is to press 28 times on the Backspace key (backspace) when the boot program requires a user name. Depending on the case, this will cause a reboot or access to emergency mode or rescue mode Grub.
Also Read: Top 10 Best Hacking Tools For Linux
Through Shell commands, access opens up a rewrite of the code loaded into RAM Grub and ultimately taking control of a vulnerable system with a whole range of possible malicious actions to infection by a rootkit.
The success of an operation depends on several factors such as the BIOS version and that of Grub, the amount of RAM and others. Researchers and indicate for each system, a thorough analysis of its components is necessary to design a specific exploit. They present a feat that is not so generic.
Also Read: How To Install Kali Linux On Any Android
The vulnerability is CVE-2015-8370 referenced – nicknamed Back to 28 – and affects all versions of Grub 2 ranging from 1.98 dating from December 2009 to 2.02 in December 2015. The researchers propose a patch. Ubuntu, Red Hat and Debian have also published a patch. No doubt this will be the case for other distributions.
How Can You Solve It?
A patch was posted to the GRUB 2:02, which tries to correct the fault – [0001-Fix CVE-2015-8370-Grub2-user-pass-vulnerability.patch].
To apply it, run the following commands:
$ Git clone git: //git.savannah.gnu.org/grub.git grub.git
$ cd grub.git
$ wget http://hmarco.org/bugs/patches/0001-Fix-CVE-2015-8370- Grub2-user-pass-vulnerability.patch
$ git apply 0001-Fix CVE-2015-8370-grub2-user-pass-vulnerability.patch