[Cryptography] Need some help regaining access to a server
fungi at yuggoth.org
Wed Sep 11 21:50:19 EDT 2019
On 2019-09-11 17:09:07 -0700 (-0700), Ron Garret wrote:
> This person left behind a server whose hatches are pretty tightly
> battened down. I’ve volunteered to help regain access to the
> server. I was able to recover the victim’s ssh key and log in to
> the server, but unfortunately sudo access is password protected so
> that has me stuck.
This is short some critical bits of context: is it a real piece of
hardware to which you have local physical access? If rebooted does
it require any additional passwords/keys to alter BIOS settings or
boot order, to alter bootloader configuration, or to decrypt the
If you have console access and can alter the kernel command line or
boot from removeable media and there's no disk/fs encryption to
overcome then there are a myriad of ways to get direct root control
of the system, reset passwords, replace or add keys, and so on
without needing to exploit any privilege escalation vulnerabilities.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 963 bytes
Desc: not available
More information about the cryptography