How to run command as a different user when there are no sudo or su commands
Clash Royale CLAN TAG#URR8PPP
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;
up vote
0
down vote
favorite
I have this quite unusual condition here. I have a old linux system that has no sudo or su commands. I do not have physical access to this computer so I cannot login as another user.
Linux kernel is 2.6.18-498 and the system is a red-hat 4.1.2-55.
I can go to the /bin directory and can say for sure there are no su or sudo binaries there. So this is not the case of PATH variables misconfigaration.
Also this is a web server so maybe it is configured this way. Is there any way to run a command as a different user? Any help would be appreciated.
command-line su
edited Jul 27 at 15:40
ctrl-alt-delor
8,54031946
asked Jul 27 at 15:35
Gnik
32
 |Â
show 5 more comments
up vote
0
down vote
favorite
I have this quite unusual condition here. I have a old linux system that has no sudo or su commands. I do not have physical access to this computer so I cannot login as another user.
Linux kernel is 2.6.18-498 and the system is a red-hat 4.1.2-55.
I can go to the /bin directory and can say for sure there are no su or sudo binaries there. So this is not the case of PATH variables misconfigaration.
Also this is a web server so maybe it is configured this way. Is there any way to run a command as a different user? Any help would be appreciated.
command-line su
edited Jul 27 at 15:40
ctrl-alt-delor
8,54031946
asked Jul 27 at 15:35
Gnik
32
sudomay be in/usr/bin.
– ctrl-alt-delor
Jul 27 at 15:39
1
find / -name 'su*' -print
– roaima
Jul 27 at 15:39
The su is not present in the /usr/bin either. find / -name "su*" does not give the location of su just some gibberish files. I am pretty sure su is not present
– Gnik
Jul 27 at 15:44
find / -executable -type f -name 'su*' -print 2>/dev/nullwill give a more concise list: no directories, and only executables.
– ctrl-alt-delor
Jul 27 at 15:54
Okay I executed the find with the given options and still there is no su binary anywere. I strongly think there is no binary su here.
– Gnik
Jul 27 at 15:58
 |Â
show 5 more comments
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have this quite unusual condition here. I have a old linux system that has no sudo or su commands. I do not have physical access to this computer so I cannot login as another user.
Linux kernel is 2.6.18-498 and the system is a red-hat 4.1.2-55.
I can go to the /bin directory and can say for sure there are no su or sudo binaries there. So this is not the case of PATH variables misconfigaration.
Also this is a web server so maybe it is configured this way. Is there any way to run a command as a different user? Any help would be appreciated.
command-line su
edited Jul 27 at 15:40
ctrl-alt-delor
8,54031946
asked Jul 27 at 15:35
Gnik
32
I have this quite unusual condition here. I have a old linux system that has no sudo or su commands. I do not have physical access to this computer so I cannot login as another user.
Linux kernel is 2.6.18-498 and the system is a red-hat 4.1.2-55.
I can go to the /bin directory and can say for sure there are no su or sudo binaries there. So this is not the case of PATH variables misconfigaration.
Also this is a web server so maybe it is configured this way. Is there any way to run a command as a different user? Any help would be appreciated.
command-line su
edited Jul 27 at 15:40
ctrl-alt-delor
8,54031946
asked Jul 27 at 15:35
Gnik
32
edited Jul 27 at 15:40
ctrl-alt-delor
8,54031946
edited Jul 27 at 15:40
ctrl-alt-delor
8,54031946
edited Jul 27 at 15:40
ctrl-alt-delor
8,54031946
8,54031946
asked Jul 27 at 15:35
Gnik
32
asked Jul 27 at 15:35
Gnik
32
asked Jul 27 at 15:35
Gnik
32
32
sudomay be in/usr/bin.
– ctrl-alt-delor
Jul 27 at 15:39
1
find / -name 'su*' -print
– roaima
Jul 27 at 15:39
The su is not present in the /usr/bin either. find / -name "su*" does not give the location of su just some gibberish files. I am pretty sure su is not present
– Gnik
Jul 27 at 15:44
find / -executable -type f -name 'su*' -print 2>/dev/nullwill give a more concise list: no directories, and only executables.
– ctrl-alt-delor
Jul 27 at 15:54
Okay I executed the find with the given options and still there is no su binary anywere. I strongly think there is no binary su here.
– Gnik
Jul 27 at 15:58
 |Â
show 5 more comments
sudomay be in/usr/bin.
– ctrl-alt-delor
Jul 27 at 15:39
1
find / -name 'su*' -print
– roaima
Jul 27 at 15:39
The su is not present in the /usr/bin either. find / -name "su*" does not give the location of su just some gibberish files. I am pretty sure su is not present
– Gnik
Jul 27 at 15:44
find / -executable -type f -name 'su*' -print 2>/dev/nullwill give a more concise list: no directories, and only executables.
– ctrl-alt-delor
Jul 27 at 15:54
Okay I executed the find with the given options and still there is no su binary anywere. I strongly think there is no binary su here.
– Gnik
Jul 27 at 15:58
sudo may be in /usr/bin.– ctrl-alt-delor
Jul 27 at 15:39
sudo may be in /usr/bin.– ctrl-alt-delor
Jul 27 at 15:39
1
1
find / -name 'su*' -print– roaima
Jul 27 at 15:39
find / -name 'su*' -print– roaima
Jul 27 at 15:39
The su is not present in the /usr/bin either. find / -name "su*" does not give the location of su just some gibberish files. I am pretty sure su is not present
– Gnik
Jul 27 at 15:44
The su is not present in the /usr/bin either. find / -name "su*" does not give the location of su just some gibberish files. I am pretty sure su is not present
– Gnik
Jul 27 at 15:44
find / -executable -type f -name 'su*' -print 2>/dev/null will give a more concise list: no directories, and only executables.– ctrl-alt-delor
Jul 27 at 15:54
find / -executable -type f -name 'su*' -print 2>/dev/null will give a more concise list: no directories, and only executables.– ctrl-alt-delor
Jul 27 at 15:54
Okay I executed the find with the given options and still there is no su binary anywere. I strongly think there is no binary su here.
– Gnik
Jul 27 at 15:58
Okay I executed the find with the given options and still there is no su binary anywere. I strongly think there is no binary su here.
– Gnik
Jul 27 at 15:58
 |Â
show 5 more comments
2 Answers
2
active
oldest
votes
up vote
1
down vote
accepted
See if you have any remote login services running (in.telnetd, rlogind, sshd) and then run the appropriate login command to the localhost (127.0.0.1). For example if you have sshd then do:
$ ssh root@127.0.0.1
With telnet you'd run:
$ telnet -l root 127.0.0.1
And with rlogin you'd run:
$ rlogin -l root 127.0.0.1
answered Jul 27 at 16:45
tk421
2168
This worked for me sshd works. Thank you. I didn't think of services running. Stupid me!
– Gnik
Jul 27 at 17:28
add a comment |Â
up vote
0
down vote
Any command with set-uid, or set gid-bit, set. Will be run as the owning user or group. However if they are written properly, they will not let you do anything that you should not. sudo and su only allow you to do anything of significance if you provide the correct password. Most other tools will just do one thing safely, but not allow you to escalate privileges.
However if you can write to the storage, as root (by removing media, and inserting into another machine, or booting into a different OS), then you can add the files that you need, with the appropriate permission.
Executables with set-uid/set-gid bits, are the only way of escalating privilege in Unix systems (The modern systems now have capabilities, but these amount to the same thing).
The kernel does not use passwords, so to implement passwords, an executable with root owner and set-uid bit set, is created. This executable will check the password, and then set the user appropriately, and start a shell (or something).
Supposing there is no use of capabilities, then find / -executable -type f -user root -perm -u+s -print 2>/dev/null will list all executables that elevate permission (at least temporarily), most (maybe all) will be useless.
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
I have the root password. I just need a way to change to the root user.
– Gnik
Jul 27 at 15:46
I am pretty familiar with suid bits. I can assure you that there is no privilege escalation executables here. (I think there should not be any for security reason anyway) Searching for files with suid bit either returns files which I myself am the owner of (so no use) or lists the directories I do not have permissions to view.
– Gnik
Jul 27 at 16:09
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
See if you have any remote login services running (in.telnetd, rlogind, sshd) and then run the appropriate login command to the localhost (127.0.0.1). For example if you have sshd then do:
$ ssh root@127.0.0.1
With telnet you'd run:
$ telnet -l root 127.0.0.1
And with rlogin you'd run:
$ rlogin -l root 127.0.0.1
answered Jul 27 at 16:45
tk421
2168
This worked for me sshd works. Thank you. I didn't think of services running. Stupid me!
– Gnik
Jul 27 at 17:28
add a comment |Â
up vote
1
down vote
accepted
See if you have any remote login services running (in.telnetd, rlogind, sshd) and then run the appropriate login command to the localhost (127.0.0.1). For example if you have sshd then do:
$ ssh root@127.0.0.1
With telnet you'd run:
$ telnet -l root 127.0.0.1
And with rlogin you'd run:
$ rlogin -l root 127.0.0.1
answered Jul 27 at 16:45
tk421
2168
This worked for me sshd works. Thank you. I didn't think of services running. Stupid me!
– Gnik
Jul 27 at 17:28
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
See if you have any remote login services running (in.telnetd, rlogind, sshd) and then run the appropriate login command to the localhost (127.0.0.1). For example if you have sshd then do:
$ ssh root@127.0.0.1
With telnet you'd run:
$ telnet -l root 127.0.0.1
And with rlogin you'd run:
$ rlogin -l root 127.0.0.1
answered Jul 27 at 16:45
tk421
2168
See if you have any remote login services running (in.telnetd, rlogind, sshd) and then run the appropriate login command to the localhost (127.0.0.1). For example if you have sshd then do:
$ ssh root@127.0.0.1
With telnet you'd run:
$ telnet -l root 127.0.0.1
And with rlogin you'd run:
$ rlogin -l root 127.0.0.1
answered Jul 27 at 16:45
tk421
2168
answered Jul 27 at 16:45
tk421
2168
answered Jul 27 at 16:45
tk421
2168
answered Jul 27 at 16:45
tk421
2168
2168
This worked for me sshd works. Thank you. I didn't think of services running. Stupid me!
– Gnik
Jul 27 at 17:28
add a comment |Â
This worked for me sshd works. Thank you. I didn't think of services running. Stupid me!
– Gnik
Jul 27 at 17:28
This worked for me sshd works. Thank you. I didn't think of services running. Stupid me!
– Gnik
Jul 27 at 17:28
This worked for me sshd works. Thank you. I didn't think of services running. Stupid me!
– Gnik
Jul 27 at 17:28
add a comment |Â
up vote
0
down vote
Any command with set-uid, or set gid-bit, set. Will be run as the owning user or group. However if they are written properly, they will not let you do anything that you should not. sudo and su only allow you to do anything of significance if you provide the correct password. Most other tools will just do one thing safely, but not allow you to escalate privileges.
However if you can write to the storage, as root (by removing media, and inserting into another machine, or booting into a different OS), then you can add the files that you need, with the appropriate permission.
Executables with set-uid/set-gid bits, are the only way of escalating privilege in Unix systems (The modern systems now have capabilities, but these amount to the same thing).
The kernel does not use passwords, so to implement passwords, an executable with root owner and set-uid bit set, is created. This executable will check the password, and then set the user appropriately, and start a shell (or something).
Supposing there is no use of capabilities, then find / -executable -type f -user root -perm -u+s -print 2>/dev/null will list all executables that elevate permission (at least temporarily), most (maybe all) will be useless.
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
I have the root password. I just need a way to change to the root user.
– Gnik
Jul 27 at 15:46
I am pretty familiar with suid bits. I can assure you that there is no privilege escalation executables here. (I think there should not be any for security reason anyway) Searching for files with suid bit either returns files which I myself am the owner of (so no use) or lists the directories I do not have permissions to view.
– Gnik
Jul 27 at 16:09
add a comment |Â
up vote
0
down vote
Any command with set-uid, or set gid-bit, set. Will be run as the owning user or group. However if they are written properly, they will not let you do anything that you should not. sudo and su only allow you to do anything of significance if you provide the correct password. Most other tools will just do one thing safely, but not allow you to escalate privileges.
However if you can write to the storage, as root (by removing media, and inserting into another machine, or booting into a different OS), then you can add the files that you need, with the appropriate permission.
Executables with set-uid/set-gid bits, are the only way of escalating privilege in Unix systems (The modern systems now have capabilities, but these amount to the same thing).
The kernel does not use passwords, so to implement passwords, an executable with root owner and set-uid bit set, is created. This executable will check the password, and then set the user appropriately, and start a shell (or something).
Supposing there is no use of capabilities, then find / -executable -type f -user root -perm -u+s -print 2>/dev/null will list all executables that elevate permission (at least temporarily), most (maybe all) will be useless.
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
I have the root password. I just need a way to change to the root user.
– Gnik
Jul 27 at 15:46
I am pretty familiar with suid bits. I can assure you that there is no privilege escalation executables here. (I think there should not be any for security reason anyway) Searching for files with suid bit either returns files which I myself am the owner of (so no use) or lists the directories I do not have permissions to view.
– Gnik
Jul 27 at 16:09
add a comment |Â
up vote
0
down vote
up vote
0
down vote
Any command with set-uid, or set gid-bit, set. Will be run as the owning user or group. However if they are written properly, they will not let you do anything that you should not. sudo and su only allow you to do anything of significance if you provide the correct password. Most other tools will just do one thing safely, but not allow you to escalate privileges.
However if you can write to the storage, as root (by removing media, and inserting into another machine, or booting into a different OS), then you can add the files that you need, with the appropriate permission.
Executables with set-uid/set-gid bits, are the only way of escalating privilege in Unix systems (The modern systems now have capabilities, but these amount to the same thing).
The kernel does not use passwords, so to implement passwords, an executable with root owner and set-uid bit set, is created. This executable will check the password, and then set the user appropriately, and start a shell (or something).
Supposing there is no use of capabilities, then find / -executable -type f -user root -perm -u+s -print 2>/dev/null will list all executables that elevate permission (at least temporarily), most (maybe all) will be useless.
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
Any command with set-uid, or set gid-bit, set. Will be run as the owning user or group. However if they are written properly, they will not let you do anything that you should not. sudo and su only allow you to do anything of significance if you provide the correct password. Most other tools will just do one thing safely, but not allow you to escalate privileges.
However if you can write to the storage, as root (by removing media, and inserting into another machine, or booting into a different OS), then you can add the files that you need, with the appropriate permission.
Executables with set-uid/set-gid bits, are the only way of escalating privilege in Unix systems (The modern systems now have capabilities, but these amount to the same thing).
The kernel does not use passwords, so to implement passwords, an executable with root owner and set-uid bit set, is created. This executable will check the password, and then set the user appropriately, and start a shell (or something).
Supposing there is no use of capabilities, then find / -executable -type f -user root -perm -u+s -print 2>/dev/null will list all executables that elevate permission (at least temporarily), most (maybe all) will be useless.
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
edited Jul 27 at 16:02
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
answered Jul 27 at 15:44
ctrl-alt-delor
8,54031946
8,54031946
I have the root password. I just need a way to change to the root user.
– Gnik
Jul 27 at 15:46
I am pretty familiar with suid bits. I can assure you that there is no privilege escalation executables here. (I think there should not be any for security reason anyway) Searching for files with suid bit either returns files which I myself am the owner of (so no use) or lists the directories I do not have permissions to view.
– Gnik
Jul 27 at 16:09
add a comment |Â
I have the root password. I just need a way to change to the root user.
– Gnik
Jul 27 at 15:46
I am pretty familiar with suid bits. I can assure you that there is no privilege escalation executables here. (I think there should not be any for security reason anyway) Searching for files with suid bit either returns files which I myself am the owner of (so no use) or lists the directories I do not have permissions to view.
– Gnik
Jul 27 at 16:09
I have the root password. I just need a way to change to the root user.
– Gnik
Jul 27 at 15:46
I have the root password. I just need a way to change to the root user.
– Gnik
Jul 27 at 15:46
I am pretty familiar with suid bits. I can assure you that there is no privilege escalation executables here. (I think there should not be any for security reason anyway) Searching for files with suid bit either returns files which I myself am the owner of (so no use) or lists the directories I do not have permissions to view.
– Gnik
Jul 27 at 16:09
I am pretty familiar with suid bits. I can assure you that there is no privilege escalation executables here. (I think there should not be any for security reason anyway) Searching for files with suid bit either returns files which I myself am the owner of (so no use) or lists the directories I do not have permissions to view.
– Gnik
Jul 27 at 16:09
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f458877%2fhow-to-run-command-as-a-different-user-when-there-are-no-sudo-or-su-commands%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
sudomay be in/usr/bin.– ctrl-alt-delor
Jul 27 at 15:39
1
find / -name 'su*' -print– roaima
Jul 27 at 15:39
The su is not present in the /usr/bin either. find / -name "su*" does not give the location of su just some gibberish files. I am pretty sure su is not present
– Gnik
Jul 27 at 15:44
find / -executable -type f -name 'su*' -print 2>/dev/nullwill give a more concise list: no directories, and only executables.– ctrl-alt-delor
Jul 27 at 15:54
Okay I executed the find with the given options and still there is no su binary anywere. I strongly think there is no binary su here.
– Gnik
Jul 27 at 15:58