Boot loader · Grub 2 presses the backspace key 28 times to find a vulnerability to activate


It is used in many Linux and embedded systemsBoot loader·Grub 2I found a vulnerability that can effectively hijack a computer.

Back to 28: Grub 2 Authentication Bypass 0-Day

Hack Into a Linux Computer by Hitting the Backspace 28 Times | Motherboard

This vulnerability was reported by Mr. Hector Marco of the Valencia University of Technology Cyber ​​Security Group in Spain and Mr. Ismael Rolle, and since version 1.98 released in December 2009, the version released in December 2015 Up to 2.02 is applicable.

When Grub 2's authentication function is asked for user namePress back space key 28 times to reboot or enter the rescue shellThe machine has this vulnerability.

The rescue shell is very powerful, even if you do not know the correct user name and password, you can avoid full authentication with full authentication, delete the data including the Grub itself, load the customized kernel from the USB memory It is possible.

It is surprising that no one was noticed access to the rescue console in a very simple way "push backspace 28 times", but certainly it will not bother to enter unless you notice it so.

The cause of the vulnerability is briefly summarized by Mr. Ryo Ena.

Book worm: When backspace is pressed 28 times for authentication of Grub 2, a vulnerability to be put in the rescue console was discovered

in Security, Posted by logc_nt