Just a quick post. Xorg is the graphical server that handles the desktop environment you choose for your Linux box. A pretty big flaw was found in Xorg versions 1.11 and later that allows anyone to bypass the screen lock mechanism on xscreensaver, gscreensaver, and many others.
The key combo that allows us to bypass the password protected is: ctrl + alt + *.
It's unknown whether or not this was left there intentionally, but the issue remains unresolved.
How To:
Discover & Attack Raspberry Pis Using Default Credentials with Rpi-hunter
How To:
Probe Websites for Vulnerabilities More Easily with the TIDoS Framework
How To:
Scan, Fake & Attack Wi-Fi Networks with the ESP8266-Based WiFi Deauther
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
How To:
Steal Usernames & Passwords Stored in Firefox on Windows 10 Using a USB Rubber Ducky
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
How To:
Find Anyone's Private Phone Number Using Facebook
How To:
Top 10 Things to Do After Installing Kali Linux
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
How To:
Use & Abuse the Address Resolution Protocol (ARP) to Locate Hosts on a Network
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
Hack Like a Pro:
How to Exploit and Gain Remote Access to PCs Running Windows XP
How To:
Discover & Attack Raspberry Pis Using Default Credentials with Rpi-hunter
How To:
Probe Websites for Vulnerabilities More Easily with the TIDoS Framework
How To:
Scan, Fake & Attack Wi-Fi Networks with the ESP8266-Based WiFi Deauther
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
How To:
Steal Usernames & Passwords Stored in Firefox on Windows 10 Using a USB Rubber Ducky
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
How To:
Find Anyone's Private Phone Number Using Facebook
How To:
Top 10 Things to Do After Installing Kali Linux
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
How To:
Use & Abuse the Address Resolution Protocol (ARP) to Locate Hosts on a Network
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
Hack Like a Pro:
How to Exploit and Gain Remote Access to PCs Running Windows XP
6 Comments
This is pretty big, actually. They need to patch this fast.
Yeah, that means it gets around my failed password safety script :(. I have it so my HDD is wiped clean upon 3 incorrect password guesses. This kind of ruins that :/. I'm just locking the screen by going to TTY 1 and logging out. Haha. Temporary fix.
I still wont let any get near my laptop with that HDD wipe, because I might start it by accident, if this only really effects 1.11 can't you just downgrade your Xorg?
Won't that mean you will need to downgrade dependencies one by one also?
Yeah, I wouldn't bother. Just shutdown for the time being, or come up with an icky workaround.
Yes you might need to downgrade a few dependencies but if you are really worried about your security then I would recomend trying it
Share Your Thoughts