using a set uid root appkit program to gain root

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

using a set uid root appkit program to gain root

Michael_google gmail_Gersten
Is possible to use a set uid root appkit program to gain access to root?
Or if nothing else, set the password on an account to a known value?

I am specifically thinking if it is possible to use apple script to get it to execute a system command.


---
Entertaining minecraft videos
http://YouTube.com/keybounce

_______________________________________________
MacOSX-talk mailing list
[hidden email]
http://www.omnigroup.com/mailman/listinfo/macosx-talk
Reply | Threaded
Open this post in threaded view
|

Re: using a set uid root appkit program to gain root

Michael_google gmail_Gersten
On 2018-01-22, at 2:28 PM, Karl Kuehn <[hidden email]> wrote:

> `setuid` has really been restricted, and I don't think you could do this though AppleScript at this point (requires app signatures).

I am running on 10.9.5. So some security holes might sill be around.

> However, if what you are actually trying to accomplish is doable via a command line, you could set it up in the `/etc/sudoers` file that whomever needs to run this could run that specific command (and nothing else) with `sudo COMMAND` without needing a passoword.

The issue is that I have managed to lose my password. I can probably (I hope) use a recovery boot to clear he password, and in worst-case, I can do a full re-install and time machine backup. I want to avoid that if possible.

If nothing else, being able to set my password to something known is sufficient.


_______________________________________________
MacOSX-talk mailing list
[hidden email]
http://www.omnigroup.com/mailman/listinfo/macosx-talk
Reply | Threaded
Open this post in threaded view
|

Re: using a set uid root appkit program to gain root

Macs R We
You can change your password in Recovery Mode  or as root in single-user mode if you are a gearhead.  You'll lose every other saved password in your keychain but at least you'll be able to log in.

On Jan 22, 2018, at 3:37 PM, Michael <[hidden email]> wrote:

On 2018-01-22, at 2:28 PM, Karl Kuehn <[hidden email]> wrote:

`setuid` has really been restricted, and I don't think you could do this though AppleScript at this point (requires app signatures).

I am running on 10.9.5. So some security holes might sill be around.

However, if what you are actually trying to accomplish is doable via a command line, you could set it up in the `/etc/sudoers` file that whomever needs to run this could run that specific command (and nothing else) with `sudo COMMAND` without needing a passoword.

The issue is that I have managed to lose my password. I can probably (I hope) use a recovery boot to clear he password, and in worst-case, I can do a full re-install and time machine backup. I want to avoid that if possible.

If nothing else, being able to set my password to something known is sufficient.


_______________________________________________
MacOSX-talk mailing list
[hidden email]
http://www.omnigroup.com/mailman/listinfo/macosx-talk


_______________________________________________
MacOSX-talk mailing list
[hidden email]
http://www.omnigroup.com/mailman/listinfo/macosx-talk
Reply | Threaded
Open this post in threaded view
|

Re: using a set uid root appkit program to gain root

@lbutlr
On 22 Jan 2018, at 15:58, Macs R We <[hidden email]> wrote:
> You'll lose every other saved password in your keychain but at least you'll be able to log in.

If you use iCloud and have syncing of the keychain enabled, you'll get them all (mostly all?) back.

--
Take my hand and I'll show you what was and will be.
_______________________________________________
MacOSX-talk mailing list
[hidden email]
http://www.omnigroup.com/mailman/listinfo/macosx-talk
Reply | Threaded
Open this post in threaded view
|

Re: using a set uid root appkit program to gain root

Macs R We
Ooh, that's good news!

That means that if somebody lost their password but has automatic login enabled, you can activate iCloud keychain and ensure stuff is synced, before forcing a new password in recovery modeā€¦ then most or all of them will come back.

> On Jan 23, 2018, at 2:37 AM, @lbutlr <[hidden email]> wrote:
>
> On 22 Jan 2018, at 15:58, Macs R We <[hidden email]> wrote:
>> You'll lose every other saved password in your keychain but at least you'll be able to log in.
>
> If you use iCloud and have syncing of the keychain enabled, you'll get them all (mostly all?) back.
>
> --
> Take my hand and I'll show you what was and will be.
> _______________________________________________
> MacOSX-talk mailing list
> [hidden email]
> http://www.omnigroup.com/mailman/listinfo/macosx-talk

_______________________________________________
MacOSX-talk mailing list
[hidden email]
http://www.omnigroup.com/mailman/listinfo/macosx-talk