Cracker’s Delight
Only just recently, K-ON-boot was released.
OK, so that was kon-boot. I’m hosted on an anime centric domain, after all.
Through the wonders of x86 assembly, this program (or bootloader, perhaps) allows a user to boot up a Linux/Windows install on hard disk in root user. All you need is access to the BIOS to change the boot sequence, or if the boot sequence is already set to floppy/USB/CD, you’re set. You boot the thing, and it boots into whatever OS you choose in Administrator/root/uid=0;gid=0 without a password required. You can do the same with Linux if the bootloader is not password protected by appending a “1″ to the end of the kernel command. Yeah, it’s as easy as that. Change it to “6″ and inexperienced admins will be wondering why their Linux machines reboot all the time.
This is just great for, you know, having a quick peek at /etc/passwd or /etc/shadow. Or changing the password for Administrator on a Windows box (that would be too obvious though). There’s lots of stuff you can do as Admin on Windows, last but not least dumping the region in memory where the BIOS password is located.
The other wonder? It’s only 9kb. Yeah, assembly rules, Java grovels.
