Page 1 of 1

Porteus penetration

Posted: 29 Aug 2015, 21:48
by brokenman
So you sit down at a stock standard vanilla version of Porteus v3.1 and you are looking at a guest console prompt. What do you look at to see if you can own it?

Re: Porteus penetration

Posted: 30 Aug 2015, 03:42
by francois

Code: Select all

root@porteus:~#

Re: Porteus penetration

Posted: 30 Mar 2017, 22:29
by donald
Porteus 3.2.2 xfce 32bit

Code: Select all

guest@porteus:~$ sudo /bin/bash
Password: (guest)
root@porteus:/home/guest# passwd
Changing password for root
Enter the new password (minimum of 5 characters)
Please use a combination of upper and lower case letters and numbers.
New password: 
Re-enter new password: 
passwd: password changed.
root@porteus:/home/guest# 
root@porteus:/home/guest# exit
exit
guest@porteus:~$ su
Password: (the new root Pw)
root@porteus:/home/guest# 
8)

Re: Porteus penetration

Posted: 31 Mar 2017, 01:32
by francois
I thought I was the only one doing necro bumping on this forum. :no:

Re: Porteus penetration

Posted: 31 Mar 2017, 01:48
by donald
^
francois, I just didn't want to write an extra Tutorial:

Porteus 3.2.2
"How to" easily take over the root account.. :wink:

btw
another example of this sudo crap
Re: NetMan storing passwords as clear text (Post by donald #52636)