RoryJMcKenna
MIS
I have a Debian box (Woody) that I have not used for a bit I cannot recall my root passwd to get some data off of this box... Anyone know a good util. to hack my root pw?
Thx Rory
Thx Rory
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Locked out
- Thread starter RoryJMcKenna
- Start date
- Status
- Thread starter
- #3
RoryJMcKenna
MIS
Ha! If I knew it was that easy I would not have asked... But here is the how too if anyone else is curious.
At the lilo boot screen, as soon as boot: appears (you must press a shift key at this point on some systems to prevent automatic booting), enter:
boot: Linux init=/bin/sh
This causes the system to boot the kernel and run /bin/sh instead of its standard init. Now you have gained root privileges and a root shell. Since / is currently mounted read-only and many disk partitions have not been mounted yet, you must do the following to have a reasonably functioning system.
init-2.03# mount -n -o remount,rw /
init-2.03# mount -avt nonfs,noproc,nosmbfs
init-2.03# cd /etc
init-2.03# vi passwd
init-2.03# vi shadow
(If the second data field in /etc/passwd is "x" for every username, your system uses shadow passwords, and you must edit /etc/shadow.) To disable the root password, edit the second data field in the password file so that it is empty. Now the system can be rebooted and you can log on as root without a password. When booting into runlevel 1, Debian (at least after Potato) requires a password, which some older distributions did not.
At the lilo boot screen, as soon as boot: appears (you must press a shift key at this point on some systems to prevent automatic booting), enter:
boot: Linux init=/bin/sh
This causes the system to boot the kernel and run /bin/sh instead of its standard init. Now you have gained root privileges and a root shell. Since / is currently mounted read-only and many disk partitions have not been mounted yet, you must do the following to have a reasonably functioning system.
init-2.03# mount -n -o remount,rw /
init-2.03# mount -avt nonfs,noproc,nosmbfs
init-2.03# cd /etc
init-2.03# vi passwd
init-2.03# vi shadow
(If the second data field in /etc/passwd is "x" for every username, your system uses shadow passwords, and you must edit /etc/shadow.) To disable the root password, edit the second data field in the password file so that it is empty. Now the system can be rebooted and you can log on as root without a password. When booting into runlevel 1, Debian (at least after Potato) requires a password, which some older distributions did not.
And what if you forget that password ;-)
Anyway, a computer where people have physical access can never be secure so protecting LILO or the boot up process won't make it any safer.
Cheers
Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
Morsing,
In my long experience I have never encountered a
situation where being afraid of a little security
and choosing not to implement it helped at all.
If you are afraid that you will forget your
passwords store them in an encrypted file on
other media.
Your physical access theory only goes so far.
We are talking about SERVERS not workstations.
Why should an untrusted individual have access
to this machine? Why make it easy for anyone?
Many times a few precautions, like password protecting
your bootloader, bios and removing the keyboard after
boot, produce an insuperable obstacle to a malicious
user.
In my long experience I have never encountered a
situation where being afraid of a little security
and choosing not to implement it helped at all.
If you are afraid that you will forget your
passwords store them in an encrypted file on
other media.
Your physical access theory only goes so far.
We are talking about SERVERS not workstations.
Why should an untrusted individual have access
to this machine? Why make it easy for anyone?
Many times a few precautions, like password protecting
your bootloader, bios and removing the keyboard after
boot, produce an insuperable obstacle to a malicious
user.
- Status