Saturday, 19 December 2015

You can Hack into a Linux Computer just by pressing 'Backspace' 28 times

hack-linux-grub-password
So what would anyone need to bypass password protection on your computer?

It just needs to hit the backspace key 28 times, for at least the computer running Linux operating system.

Wait, what?

A pair of security researchers from the University of Valencia have uncovered a bizarre bug in several distributions of Linux that could allow anyone to bypass any kind of authentication during boot-up just by pressing backspace key 28 times.


This time, the issue is neither in a kernel nor in an operating system itself, but rather the vulnerability actually resides in Grub2, the popular Grand Unified Bootloader, which is used by most Linux systems to boot the operating system when the PC starts.


The source of the vulnerability is nothing but an integer underflow fault that was introduced with single commit in Grub version 1.98 (December 2009) – b391bdb2f2c5ccf29da66cecdbfb7566656a704d – affecting the grub_password_get() function.

Here's How to Exploit the Linux Vulnerability


If your computer system is vulnerable to this bug:

Just hit the backspace key 28 times at the Grub username prompt during power-up. This will open a "Grub rescue shell" under Grub2 versions 1.98 to version 2.02.

This rescue shell allows unauthenticated access to a computer and the ability to load another environment.

From this shell, an attacker could gain access to all the data on your computer, and can misuse it to steal or delete all the data, or install persistent malware or rootkit, according to researchers Ismael Ripoll and Hector Marco, who published their research on Tuesday.

Here's How to Protect Linux System


The Grub vulnerability affects Linux systems from December 2009 to the present date, though older Linux systems may also be affected.

The good news is the researchers have made an emergency patch to fix the Grub2 vulnerability. So if you are a Linux user and worried your system might be vulnerable, you can apply this emergency patch,available here.

Meanwhile, many major distributions, including UbuntuRed Hat, and Debian have also released emergency patches to fix the issue.

Linux is often thought to be a super secure operating system compare to others, and this Grub vulnerability could be a good reminder that it's high time to take physical security just as seriously as network security.