Just a quick post. Xorg is the graphical server that handles the desktop environment you choose for your Linux box. A pretty big flaw was found in Xorg versions 1.11 and later that allows anyone to bypass the screen lock mechanism on xscreensaver, gscreensaver, and many others.
The key combo that allows us to bypass the password protected is: ctrl + alt + *.
It's unknown whether or not this was left there intentionally, but the issue remains unresolved.
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
Mac for Hackers:
How to Get Your Mac Ready for Hacking
How To:
An Intro to Vim, the Unix Text Editor Every Hacker Should Be Familiar With
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Exploring Kali Linux Alternatives: How to Get Started with BlackArch, a More Up-to-Date Pentesting Distro
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
Successfully Hack a Website in 2016!
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
How To:
Hack WPA WiFi Passwords by Cracking the WPS PIN
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Hack Android Using Kali (Remotely)
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
How To:
Install Kali Live on a USB Drive (With Persistence, Optional)
How To:
Hack Forum Accounts with Password-Stealing Pictures
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2017
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Exploring Kali Linux Alternatives: How to Get Started with BlackArch, a More Up-to-Date Pentesting Distro
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
Successfully Hack a Website in 2016!
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
How To:
Hack WPA WiFi Passwords by Cracking the WPS PIN
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Hack Android Using Kali (Remotely)
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
How To:
Install Kali Live on a USB Drive (With Persistence, Optional)
How To:
Hack Forum Accounts with Password-Stealing Pictures
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2017
How To:
Hack Windows 7 (Become Admin)
How To:
Embed a Metasploit Payload in an Original .Apk File | Part 2 – Do It Manually
6 Comments
This is pretty big, actually. They need to patch this fast.
Yeah, that means it gets around my failed password safety script :(. I have it so my HDD is wiped clean upon 3 incorrect password guesses. This kind of ruins that :/. I'm just locking the screen by going to TTY 1 and logging out. Haha. Temporary fix.
I still wont let any get near my laptop with that HDD wipe, because I might start it by accident, if this only really effects 1.11 can't you just downgrade your Xorg?
Won't that mean you will need to downgrade dependencies one by one also?
Yeah, I wouldn't bother. Just shutdown for the time being, or come up with an icky workaround.
Yes you might need to downgrade a few dependencies but if you are really worried about your security then I would recomend trying it
Share Your Thoughts