[Cryptography] Need some help regaining access to a server
Ron Garret
ron at flownet.com
Thu Sep 12 11:29:13 EDT 2019
On Sep 11, 2019, at 7:51 PM, STeve Andre' <steve at wb8wsf.org> wrote:
>
>
> On 9/11/19 8:09 PM, Ron Garret wrote:
>> An acquaintance of mine is a close relative of one of the victims of the dive boat fire that killed 34 people in southern California on Sept 2. This person left behind a server whose hatches are pretty tightly battened down. I’ve volunteered to help regain access to the server. I was able to recover the victim’s ssh key and log in to the server, but unfortunately sudo access is password protected so that has me stuck. I also have their SHA512-hashed password from a backup. Is there anyone here who can help either point me to a recent (Debian 3.2.102-1 x86_64) Linux local privilege escalation exploit or a good password cracker that I can use to try to get root on this machine?
>> Thanks,
>> rg
>
> Is the disk itself encrypted? If not take it out and put it in a USB
> enclsure and try ti mount it on another Debian machine. Might as well
> try the simplest method first. Also you could suck up a copy of the
> disk with dd so you have a copy if you mess it up.
I forgot to mention: the machine is an AWS VM. The owner took their AWS admin password to the grave with them as well.
rg
More information about the cryptography
mailing list