Create a New sudo User and Gain Root on Ubuntu Without a Password – Full Exploit Guide

This article explains a critical Ubuntu vulnerability that lets a standard user create a new sudo account and obtain root privileges without a system password, detailing the exploitation steps, required commands, and the underlying flaw in accounts‑daemon and GNOME Display Manager, plus mitigation advice.

Linux securitySudoUbuntu

0 likes · 7 min read

Create a New sudo User and Gain Root on Ubuntu Without a Password – Full Exploit Guide

ITPUB

Nov 17, 2020 · Information Security

How to Exploit Ubuntu’s Accounts‑Daemon & GDM3 Bug to Gain Root Without a Password

This article explains a critical Ubuntu desktop vulnerability discovered by GitHub researcher Kevin Backhouse, detailing step‑by‑step commands that let a standard user create a privileged sudo account, the underlying bugs in accounts‑service and GNOME Display Manager, and the official patches released to fix it.

accounts-daemongdm3privilege escalation

0 likes · 7 min read

How to Exploit Ubuntu’s Accounts‑Daemon & GDM3 Bug to Gain Root Without a Password

Liangxu Linux

Nov 16, 2020 · Information Security

How to Exploit and Patch Ubuntu’s Accounts‑Daemon & GDM3 Privilege Escalation

Security researcher Kevin Backhouse revealed a local‑privilege‑escalation flaw in Ubuntu desktop that lets a standard user create a sudo‑enabled account without a password by abusing a .pam_environment symlink, crashing accounts‑daemon, and forcing GNOME’s initial‑setup wizard, with patches now available.

Linux securityUbuntuaccounts-daemon

0 likes · 7 min read

How to Exploit and Patch Ubuntu’s Accounts‑Daemon & GDM3 Privilege Escalation