All tech blog posts »
  • Security
Access to a computer from USB key
Somebody with a USB key can take control of your computer
  • March 01, 2019
  • 5 min
Creative Commons Attribution 4.0 International License:
Table of contents

Imagine that you are in one of the following situations:

  1. You have forgotten your password to connect to the personal workspace of your computer, and you want to reset it.
  2. After a wrong manipulation, you can not access the personal data of your computer, and you want to retrieve this access.
  3. You found a computer without supervision for which you are not the owner, but you want to see the file system’s content.

With a bootable USB key on Ubuntu, you can resolve these situations by first mounting the file system of the targeted computer with all permissions, then changing the password of any local user, and finally by connecting to the targeted workspace and exploring the file system.

First, plug your USB drive into the target computer and select your key as the boot device. This will enable the target computer to boot into the Ubuntu system on your USB drive. On a DELL computer, press F12 to access this selection. This information is visible on the welcome screen of your computer’s manufacturer.

DELL welcome screen
DELL welcome screen

Start by choosing the following option:

Advanced startup options
Advanced startup options

Then select the recovery mode:

Getting started in recovery mode
Getting started in recovery mode

Launch a root shell:

Choosing the root shell
Choosing the root shell

You access a device as a root user.

If you need to access the internet, select the network entry before. To verify that you have access to the web you can ping 8.8.8.8 on the Google DNS server, then make nslookup 8.8.8.8 to check that the DNS resolution works. If that does not work, add this line nameserver 8.8.8.8 to the file /etc/resolv.conf (this will be deleted when you restart the computer) and restart your service network-manager with service network-manager restart.

For the moment, the file system is only in read only, type the following command to mount the file system in read / write at the root of your key:

mount -o remount, rw /

Now you can copy the file system to an external hard drive, and then you can choose the new user password by typing:

passwd <username>
If you do not know the users on this machine, you can do ls /home. Certainly, a user of this machine corresponds to a directory name in /home/, or even view the file /etc/passwd, or else you can create a user as you are root.

Type in the new password and confirm.

You can shut down the computer.

shutdown -h now

You can now turn on the computer normally and log in with the chosen user and password.

Beware, the morality of this article is that a person physically accessing your computer does not need login/password to access your computer. If you want to protect yourself from this attack, you must encrypt your hard drive.

Well done :smile:!

  • Category:
    • Security
Creative Commons Attribution 4.0 International License:
Author
picture of glegoux Gilles LEGOUX (glegoux)
Staff software engineer @Criteo

Also read
2022-12-10-how-to-write-a-readme
How to write a README?
After a retrospective of team work, we noted that our computer projects are not sufficient well documented. With my t...
  • Documentation
December 10, 2022
4 min
2019-01-21-getting-started
Getting started
How to write articles on this blog from an easy-to-use and rich syntax?
  • Methodology
January 21, 2019
10 min
2019-04-01-lighthouse
Lighthouse
Lighthouse is an open-source, automated tool for improving the quality of web pages.
  • Web
April 01, 2019
10 min
Comments