This Hack Gives Linux Root Shell Just By Pressing 'ENTER' for 70 Seconds
Nov 16, 2016
A hacker with little more than a minute can bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds. The result? The act grants the hacker a shell with root privileges, which allows them to gain complete remote control over encrypted Linux machine. The security issue relies due to a vulnerability ( CVE-2016-4484 ) in the implementation of the Cryptsetup utility used for encrypting hard drives via Linux Unified Key Setup (LUKS), which is the standard implementation of disk encryption on a Linux-based operating system. The flaw actually is in the way the Cryptsetup utility handles password failures for the decryption process when a system boots up, which lets a user retry the password multiple times. What's even worse? Even if the user has tried up all 93 password attempts, the user is dropped to a shell (Busybox in Ubuntu) that has root privileges. In other words, if you enter a blank password 93 times – or s...
![Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM5jI8FVP1tzJaKIu8nlTdOmjGyA2IQAKVRihrTXOM7K3WCMjugET571ivv6PB_-jdsJPrBN7f34R9uF-8JohBpF8ZSey7ZTRmgdpQ8OZ9JwvpBAJujhuOH6zCidExabNOyw2uD7cCscTHAJtzEGLI4KHjHcUbvAunnpfIlm8HjBZVkXPBCCIguGoOfKCB/w72-h72-p-k-no-nu/storm.png "Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails")
