SUID not executing as root [duplicate]
This question already has an answer here:
SUID not used after exploit
1 answer
I am trying to learn about SUIDs and have … Continue reading SUID not executing as root [duplicate]
Category Archives: root
How to properly protect /home with separate user accounts on Linux
A great quote from this InfoSec stackExchange thread.
The way to prevent malicious code from damaging files in your home
directory is to not run it using your account. Create a separate_user
that doesn’t have any spec… Continue reading How to properly protect /home with separate user accounts on Linux
Privilege Escalation WordPress
I have access to a Wordpress blog and want to read the server’s /root directory that belongs to the user “root” and not “www-data”. I also know his password, but I can’t open an interactive shell to be even asked about that bit of informat… Continue reading Privilege Escalation WordPress
metasploitable not booting properly [on hold]
hi i’m trying to get into security and have installed virtual box and downloaded metasploitable. my question is why doesn’t metasploitable show the splash-screen and let me login as msfadmin instead asking me to preform a fil… Continue reading metasploitable not booting properly [on hold]
How do I create an invisible and persistent user on linux?
For my software security class we are required to hack into a server created by our professor. I have hacked into the server, and have the password for the root user.
Now that I am root, I would like to ensure I have persis… Continue reading How do I create an invisible and persistent user on linux?
Prevent program from switching to user without password
I created a user with useradd without specifying a password. When I try to
sudo -u theuser echo hi
I am being prompted for my admin password (unless specified otherwise in the sudoers file, of course).
su -c “echo hi” -s … Continue reading Prevent program from switching to user without password
Why is root security enforced but $HOME typically unprotected?
Coming from the comments in this question Why is it bad to log in as root?:
The sudo mechanics is in use so non-administrative tools “cannot harm your system.” I agree that it would be pretty bad if some github project I cloned was able t… Continue reading Why is root security enforced but $HOME typically unprotected?
Mechanisms: The Screw Thread
They hold together everything from the most delicate watch to the largest bridge. The world is literally kept from coming apart by screws and bolts, and yet we don’t often give a thought to these mechanisms. Part of that is probably because we’ve gotten so good at making them that they’re seen as cheap commodities, but the physics and engineering behind the screw thread is interesting stuff.
We all likely remember an early science lesson wherein the basic building blocks of all mechanisms laid out. The simple machines are mechanisms that use an applied force to do work, such as …read more
Difference between root login and passwordless sudo
Cloud images of some popular operating systems do not let the user to log in as root, yet they use a very standard user name (for example ec2-user, ubuntu) and allow these users to use passwordless sudo.
What is the reason f… Continue reading Difference between root login and passwordless sudo
How to protect your Mac from the ‘App Store password’ bug
Shortly after the discovery of the “root” bug plaguing Macs worldwide, Apple is faced with another embarrassing flaw in the newest version of its macOS. And it’s yet another password-centric vulnerability. A recent post on Open Radar … Continue reading How to protect your Mac from the ‘App Store password’ bug