Just a quick post. Xorg is the graphical server that handles the desktop environment you choose for your Linux box. A pretty big flaw was found in Xorg versions 1.11 and later that allows anyone to bypass the screen lock mechanism on xscreensaver, gscreensaver, and many others.
The key combo that allows us to bypass the password protected is: ctrl + alt + *.
It's unknown whether or not this was left there intentionally, but the issue remains unresolved.
How To:
Hack Facebook & Gmail Accounts Owned by MacOS Targets
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How To:
Use an ESP8266 Beacon Spammer to Track Smartphone Users
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2018
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How To:
Use MSFconsole's Generate Command to Obfuscate Payloads & Evade Antivirus Detection
How To:
Find Anyone's Private Phone Number Using Facebook
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Hack Windows 7 (Become Admin)
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
Hack Like a Pro:
How to Crack Passwords, Part 1 (Principles & Technologies)
How To:
Hack a Windows 7/8/10 Admin Account Password with Windows Magnifier
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
How To:
How Hackers Use Your IP Address to Hack Your Computer & How to Stop It
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
How To:
Hack Facebook & Gmail Accounts Owned by MacOS Targets
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How To:
Use an ESP8266 Beacon Spammer to Track Smartphone Users
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2018
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How To:
Use MSFconsole's Generate Command to Obfuscate Payloads & Evade Antivirus Detection
How To:
Find Anyone's Private Phone Number Using Facebook
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Hack Windows 7 (Become Admin)
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
Hack Like a Pro:
How to Crack Passwords, Part 1 (Principles & Technologies)
How To:
Hack a Windows 7/8/10 Admin Account Password with Windows Magnifier
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
How To:
How Hackers Use Your IP Address to Hack Your Computer & How to Stop It
Hack Like a Pro:
How to Spy on Anyone, Part 1 (Hacking Computers)
6 Comments
This is pretty big, actually. They need to patch this fast.
Yeah, that means it gets around my failed password safety script :(. I have it so my HDD is wiped clean upon 3 incorrect password guesses. This kind of ruins that :/. I'm just locking the screen by going to TTY 1 and logging out. Haha. Temporary fix.
I still wont let any get near my laptop with that HDD wipe, because I might start it by accident, if this only really effects 1.11 can't you just downgrade your Xorg?
Won't that mean you will need to downgrade dependencies one by one also?
Yeah, I wouldn't bother. Just shutdown for the time being, or come up with an icky workaround.
Yes you might need to downgrade a few dependencies but if you are really worried about your security then I would recomend trying it
Share Your Thoughts