Hack Linux Computer with Backspace Key What’s the actual bug which allows Hacking of Linux Boot Authentication process? Actually the bug is not in Kernel nor in Operating system itself, bug lies in Grub2. Yes you read it right its in Grand Unified Bootloader, which is used by most Linux systems to boot the operating system when the PC starts. Grub 2 has integer underflow vulnerability, which affects the grub_password_get() function. This allows hackers to bypass the usual authentication process of Linux Computers which used Grub2 as boot loader. Now let’s learn how hackers can exploit this vulnerability to get complete access of you Linux Machine. How Hacker’s can exploit Grub2 Vulnerability to get access of your Linux Computer? If you are using Linux Operating System and your Linux Distribution is using GRUB version from 1.98 to 2.02 then your machine is vulnerable to this backspace bug. In order to test this, Just hit the backspace key 28 times at the Grub username prompt during power-up. This will open a “Grub rescue shell“. This rescue shell allows unauthenticated access to a computer and the ability to load another environment. From this shell, an attacker could gain access to all the data on your computer, and can misuse it to steal or delete all the data, or install persistent malware or rootkit on your Linux Machine. How to protect your Linux Computer from this Vulnerability? Grub2 Backspace Vulnerability affects all Linux distributions which are published since December 2009 to present date, but older Linux distribution versions are not affected by this bug. Also most of the famous Linux distributions like Debian, Ubuntu, Red Hat has already released an emergency patch to fix this GRUB 2 Vulnerability. You can download patch from below: Ubuntu Red Hat Linux Debian Others (released by researchers) for all distributions. We all know Linux is still considered as most secured operating system but its also prone to bugs, so always keep yourself updated and never believe in myth’s that Linux cannot be hacked. Keep Learning !! Keep Connected !!