Hacking a Thin Client to Gain Root Access

[Roberto] recently discovered a clever way to gain root access to an HP t520 thin client computer. These computers run HP’s ThinPro operating system. The OS is based on Linux and is basically just a lightweight system designed to boot into a virtual desktop image loaded from a server. [Roberto’s] discovery works on systems that are running in “kiosk mode”.

The setup for the attack is incredibly simple. The attacker first stops the virtual desktop image from loading. Then, the connection settings are edited. The host field is filled with garbage, which will prevent the connection from actually working properly. The real trick is in the “command line arguments” field. The attacker simply needs to add the argument “&& xterm”. When the connection is launched, it will first fail and then launch the xterm program. This gives the attacker a command shell running under the context of whichever user the original software is running as.

The next step is to escalate privileges to root. [Roberto] discovered a special command that the default user can run as root using sudo. The “”hpobl” command launches the HP Easy Setup Wizard. Once the wizard is opened, the attacker clicks on the “Thank You” link, which will then load up the HP website in a version of Firefox. The final step is to edit Firefox’s default email program association to xterm. Now when the attacker visits an address like “mailto:test@test.com”, Firefox (running as root) launches xterm with full root privileges. These types of attacks are nothing new, but it’s interesting to see that they still persist even in newer software.

Simple Terminal Hack is Fit For Hollywood

We’ve all seen the cheesy hacker scenes in movies and on TV. Three dimensional file system browsers, computer chip cityscapes, and other ridiculous visualizations to make the dull act of sitting at a keyboard look pretty on the silver screen. While real hackers know those things are often silly and impractical, sometimes we do go out of our way to pretty things up a bit.

Hollywood might be able to learn a thing or two from this latest hack. [Yuri] modified his Linux terminal to change the color of the back lights on his laptop’s keyboard. It’s the kind of thing that actually would look good in a modern hacker movie, and [Yuri] is living proof that it’s something that a real-life hacker would actually use!

[Yuri] has been running Simple Terminal. The Simple Terminal project aims to build a replacement for the default xterm program that removes all of the unnecessary features and simplifies the source code. It also aims to make your terminal experience prettier. Part of making things prettier means that you can choose the font color for your terminals, and of course each terminal window can have its own color if you so choose.

[Yuri] happens to own an Alienware laptop. This laptop comes with RGB LEDs behind the keyboard, allowing you to light them up just about any color you could ever want. [Yuri] thought it would be cool if his keyboard color matched the font color of his terminal windows. Thanks to AlienFX, he was able to write a simple patch for Simple Terminal that does exactly this. Now whenever he selects a terminal window, the keyboard automatically switches colors to match the text in that window. Be sure to check out the video below. Continue reading “Simple Terminal Hack is Fit For Hollywood”