Ubuntu Breezy 5.10 Installer Password Disclosure - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Exploits > Public
Ubuntu Breezy 5.10 Installer Password Disclosure

Mark Forums Read

Notices

Welcome to you visitor! This community is mainly dedicated to the computer and security, if you're looking for DFind scanner or others exploits codes you will find them into the Projects section, feel free to start Blogging and remember to always keep an eye and start talking about security Advisories & public Exploits.

Public Proof-of-concept codes made publics everydays, feel free to discuss about

Ubuntu Breezy 5.10 Installer Password Disclosure

This is a discussion on "Ubuntu Breezy 5.10 Installer Password Disclosure" within the Public part of the Exploits section; There are two vunerable files: /var/log/installer/cdebconf/questions.dat /var/log/debian-installer/cdebconf/questions.dat When installing Breezy you give a account name and a password, no root account etc. So the User and Passwd contained in ...

Reply

#1 (permalink)

Old

13-03-06

toe is offline

Junior Member

Join Date: Mar 2006

Posts: 4

Thanks: 0

Thanked 0 Times in 0 Posts

Rep Power: 5

toe is on a distinguished road

Default

Ubuntu Breezy 5.10 Installer Password Disclosure

There are two vunerable files:
/var/log/installer/cdebconf/questions.dat
/var/log/debian-installer/cdebconf/questions.dat

When installing Breezy you give a account name and a password, no root account etc. So the User and Passwd contained in those files can be used to gain root. Once you have those files simply type sudo -s in a shell/terminal enter the password given in the log files.

-toe

Reply With Quote

Sponsor

Advertiser

Reply

Tags
510, breezy, disclosure, installer, password, ubuntu

« Microsoft Windows Media Player BMP Handling (MS06-005) #2 | Dameware scanner »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Gallery Kys 1.0 Admin Password Disclosure / Permanent XSS Vulns	Heap	Public	0	19-01-09 18:24

heapoverflow.com - SEOmeter SEO tools

Locations of visitors to this page

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37