Open main menu

CDOT Wiki β

Changes

SRT210 Lab 1

1,934 bytes added, 21:51, 4 January 2019
PART 1: HOST VIRTUAL MACHINE
Once the installation is complete your andrewVMhost virtual machine should boot into CentOS when it's powered on, you should be able to log in with your username, and browse the internet using Firefox.
 
== Create a "secret" files ==
 
Create a simple text file in your user's home directory called secrets.txt and put some text in that file.
 
Create another file secrets-root.txt in the root's home directory and put some text in that file as well.
 
Notice how it appears that you need your user's password in order to log in and access the user's secrets.txt and the root password to access secrets-root.txt
 
= PART 2: OFFLINE ACCESS SECURITY =
 
The short version of this section is that with access to the physical machine (or the virtual disk images in our case) there is practically nothing you can do to secure a system. We'll look at a couple of simple examples to illustrate this point.
 
Download the latest SystemRescueCd ISO file on windows and configure your host virtual machine to boot from that file.
 
== Access to files ==
 
* Notice that when the machine boots from the systemrescuecd it does not ask for a password. You just press enter a few times and you are logged in as root, with full control over the system.
* If you can figure out the device file associated with the filesystems in your c7host, you can easily access (read or write) any files in there. Run <code>blkid</code> and see which block devices ring a bell.
* Then create a couple of directories under /mnt: centos-root and centos-home.
* Then mount the two filesystems you found into those directories.
* At this point you'll have unrestricted access to all the files inside the root and home logical volumes you created when you installed CentOS.
* Find the secrets.txt and secrets-root.txt files and read their contents. Modify those files to include the line "Please secure your system!"
* Shut down your VM, disconnect the DVD drive, and boot back into c7host. Check your secret files.
 
Practice the above by looking for other files that might be of interest. Configuration files, databases, .htaccess files, etc.
 
== Resetting the root password ==