Menu Categories Author

Nubis Novem

Consulting On Cloud Nine

Pressing oneself into Linux grub2 rescue shell

Just press through that bar: reports surfaced recently that bypassing authentication of a Linux system equipped with Grub2 versions from 1.98 (December, 2009) to 2.02 (December, 2015) is as easy as pressing backspace key 28 times when the boot loader prompts for a username. All one needs is physical access to the server console. Consequences are serious, as an attacker may obtain root access and plant malware inside a PC server or appliance.

Please read more in a latest revelation by Hector Marco, a security researcher at Universitat Politècnica de València, Spain.

Leave a Reply

Your email address will not be published. Required fields are marked *