0008046: Can access root terminal time of booting without any authentication & can control every thing : (*change root user password) - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0008046	Kali Linux	General Bug	public	2022-11-04 15:07	2025-07-14 09:15

Reporter	milky_way2	Assigned To	daniruiz
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	no change required
Product Version	2022.3

Summary	0008046: Can access root terminal time of booting without any authentication & can control every thing : (*change root user password)
Description	When my device or any device booting i can get access root terminal without any authentication. After that i can easily control every thing of the machine. I can change password of root user, can delete an existing user , any directory or file also can delete. Can install any package on the machine. Can create any folder or file in any location. And as a root user i can do any thing with this machine.
Steps To Reproduce	Step1:Press " E " when booting start until GRUB Boot loader page open. Step2: Look at first column and find " linux " named row. Step3: In the previously find row again find " ro quite splash " and remove it and enter it without double quote "rw initrd=/install/initrd.gz init=/bin/bash" Step4:After editing enter ctrl+x or take a look at the bottom of the page and press relavent key to save the changes and boot. Step5: Now after booting you can have access of root terminal of the machine. now you can do any thing. Step6: To save what ever you have done execute the bellow command exec /sbin/init Step7:Now all done.
Additional Information	1.start your machine 2.press E in the time of booting until grub boot loader appear 3.now remove ro quiet splash 4.add rw initrd=/install/initrd.gz init=/bin/bash 5.after editing press ctrl+x 6.wait for terminal when terminal appears clear the terminal 7.enter whoami 8.you can see you are the root user 9.now you can do any thing 10.you have authority to access any directory any file and have full power of the machine. 11.after work enter exec /sbin/init to save all the changes. now you can login with new password. thats all. video resources: https://drive.google.com/drive/folders/1KaEPswHQ4IKrB8RVwS3G2ruFtWolx_cj?usp=sharing
Attached Files	uname-a.png (22,875 bytes) uname-a.png (22,875 bytes) kaliVersion.png (25,811 bytes) kaliVersion.png (25,811 bytes) steps.txt (554 bytes) 1.start your machine 2.press E in the time of booting until grub boot loader appear 3.now remove ro quiet splash 4.add rw initrd=/install/initrd.gz init=/bin/bash 5.after editing press ctrl+x 6.wait for terminal when terminal appears clear the terminal 7.enter whoami 8.you can see you are the root user 9.now you can do any thing 10.you have authority to access any directory any file and have full power of the machine. 11.after work enter exec /sbin/init to save all the changes. 12. now you can login with new password. thats all. steps.txt (554 bytes) p9.png (42,201 bytes) p9.png (42,201 bytes) p8.png (244,367 bytes) p8.png (244,367 bytes) p7.png (338,506 bytes) p6.png (49,402 bytes) p6.png (49,402 bytes) p5.png (302,907 bytes) p4.png (140,121 bytes) p4.png (140,121 bytes)

kali-bugreport 2022-11-05 19:17 reporter ~0017054	Nothing really new in the Linux world / well known. If you want to protect your system from an physical attacker enable full disc encryption (FDE). A quicker but more risky solution would be to enable a password in the Grub bootloader. Just remember that a physical attacker still could just remove your hard disc and access your data from an external system so a FDE is still recommended.

daniruiz 2022-11-07 09:30 manager ~0017060	This is not a bug

Date Modified	Username	Field	Change
2022-11-04 15:07	milky_way2	New Issue
2022-11-04 15:07	milky_way2	File Added: uname-a.png
2022-11-04 15:07	milky_way2	File Added: kaliVersion.png
2022-11-04 15:07	milky_way2	File Added: steps.txt
2022-11-04 15:07	milky_way2	File Added: p9.png
2022-11-04 15:07	milky_way2	File Added: p8.png
2022-11-04 15:07	milky_way2	File Added: p7.png
2022-11-04 15:07	milky_way2	File Added: p6.png
2022-11-04 15:07	milky_way2	File Added: p5.png
2022-11-04 15:07	milky_way2	File Added: p4.png
2022-11-05 19:17	kali-bugreport	Note Added: 0017054
2022-11-07 09:30	daniruiz	Note Added: 0017060
2022-11-07 09:30	daniruiz	Assigned To	=> daniruiz
2022-11-07 09:30	daniruiz	Status	new => closed
2022-11-07 09:30	daniruiz	Resolution	open => no change required
2025-07-14 09:15	g0tmi1k	Priority	immediate => normal