Cryptsetup Initrd root Shell demonstration

I have an old Asus EEE PC 4G (trusty tiny laptop) running Debian 8 with LUKS encryption on LVM so as soon as I have heard the news about CVE-2106-4484 I wanted to see the bug in action. Now what does this remind me of ? ……
sleepy

In my case my disk is split as follows :

/dev/sda1  bootable  partition ID 83 Linux  
/dev/sda2            partition ID 5  Extended 
/dev/sda5            partition ID 83 Linux

I have a LVM partition /dev/eee-vg/root and /dev/eee-vg/swap_1

And on the /dev/sda1 the following:

config-3.16-3.686-pae
grub
initrd.img-3.16-3.686-pae
System.map-3.16-3-686-pae
vmlinuz-3.16-3-686-pae

Just holding the enter for a while when the decryption password gets asked gives you the

(initrams) shell with uid0

Here is a recording I have made of the bug

 

Advertisements
Gallery | This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s