How to bypass Lynix's Grub2 bootloader (with one key)

The password protection feature on Grub2, a popular bootloader for Linux OS, can be bypassed simply by pressing the backspace key 28 times.
The password protection feature on Grub2, a popular bootloader for Linux OS, can be bypassed simply by pressing the backspace key 28 times.

The password protection feature on Grub2, a popular bootloader for Linux operating systems, can be bypassed simply by pressing the backspace key 28 times.

The vulnerability, discovered by two researchers at the Polytechnic University of Valencia's (UPV) CyberSecurity Group in Spain, enabled any attacker with physical access to a Linux computer to obtain a Grub rescue shell.

The malicious person only needs to boot the computer from a different operating system to gain the Grub rescue shell, the researchers noted in a blog post. The rescue shell grants elevated privileges to users and can then be used to load malware or to steal and delete data.

Researchers Hector Marco and Ismael Ripoll, demonstrated that the vulnerability can be exploited by APTs (advanced persistent threats) to gain full access to the victim's data remotely.

The researchers also provided instructions for creating an emergency patch to secure bootloader.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS