On a Debian 10 server, which started as Debian 7 and updated whenever new version came out, I accidentally found these three files:
The backup files
/etc/shadow- and other *- files are present, as they should.
For example, all
passwd files are (same applies for the other two):
$ ll /etc/passwd*
-rw-r--r-- 1 root root 2,1K Αυγ 13 14:08 /etc/passwd
-rw-r--r-- 1 root root 2,1K Αυγ 13 14:06 /etc/passwd-
-rw-r--r-- 1 root root 2,0K Ιουν 20 2015 /etc/passwd.org
Their last access time is somewhere in 2015. Their contents are on par with
/etc/shadow, as they probably were some time in the past – I can see some deleted users. I cannot find any info of such *org files. Does anybody has any idea what are there *org files and what is their use?
Go to Source
I’m trying to gain root access on a cheap DVR that I bought for a CCTV system. The manufacturer has a firmware update image available for download that I was able to inspect using a tool called
binwalk and I extracted the rootfs. It looks like a flavor of embedded Linux with Busybox.
I took a look at the
/etc/passwd file and it has one line for
root with a password hash and a login shell defined. There’s no
/etc/shadow file but there is a
/etc/passwd- which I haven’t seen before.
I also found an init script that would normally be launching
telnetd but it’s commented out.
Can I just generate a new password hash to substitute in
/etc/passwd, uncomment the
telnetd line and then log in as root with the new password through telnet over the network?
(Of course this is ignoring the possible problems I could run into with flashing the new firmware onto the device and bricking it)
Go to Source