Just a quick post. Xorg is the graphical server that handles the desktop environment you choose for your Linux box. A pretty big flaw was found in Xorg versions 1.11 and later that allows anyone to bypass the screen lock mechanism on xscreensaver, gscreensaver, and many others.
The key combo that allows us to bypass the password protected is: ctrl + alt + *.
It's unknown whether or not this was left there intentionally, but the issue remains unresolved.
How To:
Phish for Social Media & Other Account Passwords with Blackeye
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Phish Social Media Sites with SocialFish
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
How To:
Top 10 Things to Do After Installing Kali Linux
How To:
Scan Websites for Interesting Directories & Files with Gobuster
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
How To:
Use LinEnum to Identify Potential Privilege Escalation Vectors
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
The 15 Most Popular Talks from DEFCON's Hacking Conferences
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
Automate Wi-Fi Hacking with Wifite2
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
How To:
Phish for Social Media & Other Account Passwords with Blackeye
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Phish Social Media Sites with SocialFish
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
How To:
Top 10 Things to Do After Installing Kali Linux
How To:
Scan Websites for Interesting Directories & Files with Gobuster
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
How To:
Use LinEnum to Identify Potential Privilege Escalation Vectors
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
The 15 Most Popular Talks from DEFCON's Hacking Conferences
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
Automate Wi-Fi Hacking with Wifite2
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
6 Comments
This is pretty big, actually. They need to patch this fast.
Yeah, that means it gets around my failed password safety script :(. I have it so my HDD is wiped clean upon 3 incorrect password guesses. This kind of ruins that :/. I'm just locking the screen by going to TTY 1 and logging out. Haha. Temporary fix.
I still wont let any get near my laptop with that HDD wipe, because I might start it by accident, if this only really effects 1.11 can't you just downgrade your Xorg?
Won't that mean you will need to downgrade dependencies one by one also?
Yeah, I wouldn't bother. Just shutdown for the time being, or come up with an icky workaround.
Yes you might need to downgrade a few dependencies but if you are really worried about your security then I would recomend trying it
Share Your Thoughts