This is a very different post than the usual HackTheBox/VulnHub write-ups on this site. I managed to brick my Kali VM while testing out an exploit locally, which unfortunately, involves manually editing
I realised I done goofed when I couldn’t run
sudo, and I also didn’t set a password for the
…and the last snapshot of the VM was taken a month ago.
Note that there will be some swearing involved.
1. How to Goof
Simply (and stupidly), editing your
/etc/sudoers file without testing it out using
If you edit
visudo, it will warn you if you made a mistake, and will ask you what to do next.
Stupidly, I just ran the following:
sudo sed -i -e '$akali ALL=[ALL:ALL] NOPASSWD:ALL' /etc/sudoers
Notice the mistake?
It’s supposed to be
( ) instead of
And this is when you know you’ve fucked up.
Now you can P A N I C.
2. The Fix
I desperately tried to
su root with every password I can think of, but of course, it doesn’t work because there’s no password set in the first place.
So, I tried to boot into single user mode in the hopes that I can edit
/etc/sudoers with the root user.
To do so, I had to edit the bootloader script.
e to edit.
Find the following line and add a
1 behind it.
linux /boot/vmlinuz-5.7.0-kali3-amd64 root=UUID=114c498f-de75-44bb-a5ec-6339282d4171 ro quiet splash
Press Ctrl+X to boot.
F u c k.
Cue more P A N I C.
After some research, I found that you could append
init=/bin/bash instead, and change
rw to boot into
bash directly with a writable filesystem.
Now to revert the sudoers file, this time using
Next to power off the machine and boot it again normally.