On Wed, 5 Jan 2000, Jack Barnett wrote:
Root has a shell define, it is the only one on the system, everyone else don't have a shell. I know root's password, but for security reasons I disabled telnet login and .rhosts for the root account (DOH!).
Assuming that ftp doesn't have root disabled, grab the passwd file, edit it, and push it back.
Ben
Jack
----- Original Message ----- From: Ryan The Great <ryagatich@csn1.com> To: Jack Barnett <jbarnett@axil.netmate.com>; SuSE Linux English <suse-linux-e@suse.com> Sent: Wednesday, January 05, 2000 3:06 PM Subject: RE: [SLE] No shell in /etc/passwd
try using one of the accounts that have a shell correctly entered. if you can access this account, you can then take over root (even if
root
doesn't have a shell defined).
-~->-----Original Message----- -~->From: Jack Barnett [mailto:jbarnett@axil.netmate.com] -~->Sent: Wednesday, January 05, 2000 4:04 PM -~->To: Ryan The Great; SuSE Linux English -~->Subject: Re: [SLE] No shell in /etc/passwd -~-> -~-> -~-> -~->Nope. See I recompile bash and though I copied it over to -~->/usr/local/bin (I -~->guess I didn't) and then did a vi /etc/passwd and changed all -~->the account -~->(except root) to point to the 'new' bash. Either it didn't -~->copy over right -~->(or I copied it to the wrong place) or I missed typed all the shells for -~->those accounts. The only account at this point is root. I do have 'r' -~->access to a couple programs like rsh and rlogin, but they don't -~->like working -~->to well without a shell. -~-> -~->I tried doing a -~-> -~->/bin/rsh host.domain.com /bin/sh -~-> -~->but it gave a permission denied. If I do a /bin/rsh -~->host.domain.com it asks -~->for a password, then fails with a "no shell" error message. -~-> -~->Jack -~-> -~->----- Original Message ----- -~->From: Ryan The Great <ryagatich@csn1.com> -~->To: Jack Barnett <jbarnett@axil.netmate.com>; SuSE Linux English -~-><suse-linux-e@suse.com> -~->Sent: Wednesday, January 05, 2000 2:57 PM -~->Subject: RE: [SLE] No shell in /etc/passwd -~-> -~-> -~->> do you have an account that uses another shell (like bsh or -~->something?) -~->> -~->> ryan -~->> -~->> -~->-----Original Message----- -~->> -~->From: Jack Barnett [mailto:jbarnett@axil.netmate.com] -~->> -~->Sent: Wednesday, January 05, 2000 3:56 PM -~->> -~->To: Ryan The Great; SuSE Linux English -~->> -~->Subject: Re: [SLE] No shell in /etc/passwd -~->> -~-> -~->> -~-> -~->> -~-> -~->> -~->----- Original Message ----- -~->> -~->From: Ryan The Great <ryagatich@csn1.com> -~->> -~->To: Jack Barnett <jbarnett@axil.netmate.com>; SuSE Linux English -~->> -~-><suse-linux-e@suse.com> -~->> -~->Sent: Wednesday, January 05, 2000 2:44 PM -~->> -~->Subject: RE: [SLE] No shell in /etc/passwd -~->> -~-> -~->> -~->I do have 'r00t', and I did have a back door account. But
HELL YEA! It worked, root was allowed to login though ftp download, edit then upload the /etc/passwd file. I wouldn't of thought of that in a million years. It worked great. Thanks. You have saved me a 2 days of time since I don't have to go down their. Thank you so much, I would of been really screwed without this trick. That is somewhat of a security risk though, someone could just hurl huge amount of passwords at the root account though ftp. Thanks again, Jack ----- Original Message ----- From: Ben Taylor <bent@clark.net> To: Jack Barnett <jbarnett@axil.netmate.com> Cc: Ryan The Great <ryagatich@csn1.com>; SuSE Linux English <suse-linux-e@suse.com> Sent: Wednesday, January 05, 2000 6:09 PM Subject: Re: [SLE] No shell in /etc/passwd the
-~->> -~->problem is my -~->> -~->backdoor got globbed at the same time. I recompiled bash, but -~->> -~->installed it -~->> -~->in the wrong place. I changed everything in /etc/passwd to -~->> -~->reflect this, -~->> -~->(even on my second and thrid accounts) and then it went down. -~->> -~->I don't have -~->> -~->physically access either. The good thing is, I do a -~->.rhosts file, but -~->> -~->rlogin gives an error about no shell and rsh give the same -~->> -~->error, if I try -~->> -~->to execute any command (/bin/ls, /bin/sh) it gives a -~->permission deneid -~->> -~->error. -~->> -~-> -~->> -~->Jack -~->> -~-> -~->> -~-> -~->> -~-> -~->> -~->> got r00t? -~->> -~->> -~->> -~->> here's where you basically hack your way into the system. if you -~->were -~->> -~->root, -~->> -~->> then you should have a backdoor account somewhere where you -~->> -~->can make the -~->> -~->> changes. then go into yast, system administrator, user -~->> -~->admin.., and set -~->> -~->the -~->> -~->> shell of root to bash. -~->> -~->> -~->> -~->> -~->> -~->> ryan -~->> -~->> -~->> -~->> -~->-----Original Message----- -~->> -~->> -~->From: Jack Barnett [mailto:jbarnett@axil.netmate.com] -~->> -~->> -~->Sent: Wednesday, January 05, 2000 3:43 PM -~->> -~->> -~->To: SuSE Linux English -~->> -~->> -~->Subject: [SLE] No shell in /etc/passwd -~->> -~->> -~-> -~->> -~->> -~-> -~->> -~->> -~-> -~->> -~->> -~->I changed my shell in /etc/passwd, which I type the -~->path to it -~->> -~->> -~->wrong, now -~->> -~->> -~->when I try and log in, it gives me an error saying -~->I don't have -~->a -~->> -~->valid -~->> -~->> -~->shell and then disconnects the sesssion. The -~->problem is, well -~->> -~->> -~->the machine -~->> -~->> -~->is in a remote area, and I don't have physically -~->access to it. -~->I -~->> -~->tried -~->> -~->> -~->rlogin in which doesn't work either. Any ideas? -~->> -~->> -~-> -~->> -~->> -~->Jack -~->> -~->> -~-> -~->> -~->> -~-> -~->> -~->> -~->-- -~->> -~->> -~->To unsubscribe send e-mail to -~->suse-linux-e-unsubscribe@suse.com -~->> -~->> -~->For additional commands send e-mail to -~->> -~->> -~->suse-linux-e-help@suse.com -~->> -~->> -~->Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/ -~->> -~->> -~-> -~->> -~->> -~->> -~->> -~->> -~->> -- -~->> -~->> To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com -~->> -~->> For additional commands send e-mail to -~->suse-linux-e-help@suse.com -~->> -~->> Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/ -~->> -~->> -~->> -~->> -~->> -~-> -~->> -~-> -~->> -~->-- -~->> -~->To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com -~->> -~->For additional commands send e-mail to -~->> -~->suse-linux-e-help@suse.com -~->> -~->Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/ -~->> -~-> -~->> -~->> -- -~->> To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com -~->> For additional commands send e-mail to suse-linux-e-help@suse.com -~->> Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/ -~->> -~->> -~-> -~-> -~->-- -~->To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com -~->For additional commands send e-mail to -~->suse-linux-e-help@suse.com -~->Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/ -~->
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/