Everything2
Near Matches
Ignore Exact
Full Text
Everything2

How to recover a lost Linux root or Windows 2000 Administrator password

(idea) by semprini (1.2 mon) (print)  ?  1 C! I like it!Wed Dec 13 2000 at 5:30:11

With the recent introduction of Windows 2000 to the regular Joe user along with the increasing popularity of Linux with the masses, the problem of what to do when the superuser password is forgotten is likely to become more than a casual concern.

In short, you can't easlily recover the password, you need to change it.

(Note that this is not intended as a "How to hack into a computer" lesson. Following these instructions on a system on which you shouldn't doesn't make you l33t, it makes you a script kiddie. Nobody likes weenies.)

Fear not, brave user! the solution is not as difficult as you may imagine.

To get around a lost Windows 2000 Administrator password:
(This also works for Windows NT 4.0)

You need to get hold of a specialized Linux boot disk. Don't let this part put you off, they're easy to find on the net. These disks contain support for both VFAT32 and NTFS partitions, and an automated script and utilities to alter the password file with a new password. Early versions had difficulty handling the obfuscator that Windows 2000 employs for its password hashes. Make sure you find a recent one. A quick search on your favorite search engine ought to provide a starting point. As a reference, finding one when I last needed it took around five minutes.

To get around a lost Linux root password:

You must have access to the console for this to work. Follow these steps:

  • Power off the system
  • Power on the system, wait for the LILO/SILO/MILO prompt (platform dependent)
Depending on how lucky you are, or rather how ancient your linux distribution is, you might be able to get away with the following:

  • At the prompt, type <kernel> 1 (where <kernel> is the label you use to boot linux normally) and thus boot to single user mode.
  • In single user mode, linux never used to prompt for the superuser password. If this is the case with your system, simply use mount -o remount -n / and then use the passwd command to change the superuser password.
If you're blessed with a somewat more secure system, you need to do this:
  • At the prompt, type in <kernel> init=/bin/sh (where <kernel> is the label you use to boot linux normally).
  • Once the system dumps you at a "# " prompt, type: mount -o remount -n /
  • echo root2:x:0:0:::: >> /etc/passwd
  • echo root2:::::::: >> /etc/shadow
  • sync
  • Power cycle the system.
  • Once the system has booted, log in as root2 (you shouldn't be prompted for a password) and use the command passwd root to change the root pasword, then userdel to remove the root2 user.
  • Problem solved.

There are of course many variations on the linux version. For example, you could edit /etc/shadow directly. This requires knowledge of text editors such as ed (most of the time, you won't have a normal terminal when you boot like this and vi won't work!) which may or may not be an unreasonable expectation. YMMV.


(idea) by freshmint (1.8 mon) (print)  ?   I like it!Sun Nov 11 2001 at 22:07:22

Even though semprini's write-up was not intended as a "How to Hack Into a Computer" lesson, he's brought up two security issues in Linux that could potentially cause you (as a Linux user, right?) problems. This write-up will hopefully help you guard yourself from the aforementioned script kiddies.

The first method he mentioned, using "linux 1" at the LILO prompt, will also work with using "linux single" at the LILO prompt. The only real way to stop people using this method on your box, if you are running a vulnerable system, is to password protect linux single.

  • Open your favourite editor (such as vi) and open /etc/LILO.conf
    (00100 points out that this may be /etc/lilo.conf on some distributions - e.g. his Red Hat 7.1 dist. - and reminds us that unix filenames are case-sensitive)
  • Add a new line, after the first line, and type Restricted blog, where "blog" is the password you wish to use to restrict it.
  • Type lilo at the prompt, to execute the /etc/LILO.conf file.
Now, if anyone tries to use linux single or linux 1 to get into root on your box, they will need this password, but otherwise this change should in no way change the functioning of your box.

(thing) by Hephaestus (3.1 y) (print)  ?   I like it!Sun Aug 29 2004 at 8:24:35

Actualy, encryption the entire hard disk will stop anyone from acessing the drive without authorization. Software encryption is possible, it tends to eat up system resources and slow the machine down considerably. It also tends to use a weaker encryption to speed things up, thus its not as secure as it could be. To be totaly secure, you need a hardware encryption module.

Such a device usualy takes the form of a card which plugs into an IDE, SIDE, or SCSI port and has an identical interface on the oposite side. The drive cable is then plugged into the card. All information going into the drive is passed through the encryption system on the card, shifting the actual bits around as they are written to the disk. The disk, if removed from the card, is useless because all of its contents are encrypted, even the file system.

To acess the drive, you must use an encryption card identical to the one the disk was written to with and have the same security key used to write to the disk. The security key can take many forms, usualy a USB pen drive with a large "password" which is the key to the encrypition algorythim. The security key may also use a propriatary connection, other than USB.

The only way to bypass this system is to employ brute force. This means using trial and error to attempt to find the key. This will usualy take a very long time because keys tend to be hundreds of bytes.


(idea) by William42 (5.6 d) (print)  ?   I like it!Fri Jan 06 2006 at 21:07:27

Here's another way to change your root password on Linux, which avoids the having to tweak boot options when you use GRUB(a pain to do), instead using a LiveCD. If you have a second Linux system, you can use that instead, and it might even be possible to do it from Windows, but it would probably be much harder.:

1. Get a normal LiveCD. Knoppix will do, as will the Gentoo LiveCD. All that matters is that it boots into some sort of semi-normal Linux from which you can get a normal command prompt, and not some specialized program. If you have a second Linux system, skip this step and boot to it instead.(You'll need root on it though)

2. Mount your directory structure under some subdirectory of the LiveCD system. For the Gentoo LiveCD, there's a /mnt/gentoo designed for this purpose.(You can still use it even if you're not using Gentoo--it's called that because the LiveCD is for Gentoo installation) In Knoppix, apparently the drive will be mounted for you already. However, since I don't use Knoppix, I can't vouch for that.

3. chroot to this subdirectory. To do so, type in chroot (directory) or simply cd to the directory and type in chroot . and you're set. You'll have a root prompt.

4. Run passwd.

To run you through this without the extraneous comments:
1. Get a LiveCD, or boot to root on a second Linux system on the same computer.
2. Mount your Linux system in a subdirectory, if it's not done so already.
3. chroot to said directory.
4. Run passwd.

And that's it!

(idea) by Rancid_Pickle (3.7 wk) (print)  ?  1 C! I like it!Sat Jan 07 2006 at 18:38:06

I own a networking business in Colorado, and this comes up every so often.

We had one instance where a company was going to fire their network admin (for pirating software and downloading gigs of porn on company time, plus telling the owner that he couldn't be fired because he was not replacable). We were called in to prep for the firing, and we needed to get the password sets for the company.

If you can still find it online, I like using a free floppy disk tool called LinNT, which basically does the above steps using a quick automated process. This does not always work, however. We went to the workstation where the employee did his thing, and used a nifty tool from http://www.loginrecovery.com/. There is a free method, but we opted for the paid version, which gave us all the passwords to each of the accounts he used on his computer in less than three minutes.

We installed Spectre Pro, a program that logs and records everything, including screenshots, emails and chats.

I asked the owner to give the employee a series of tasks, which required logging in to different devices, such as the Cisco routers and switches. We ended up capturing his pirating and porn activities, and found out he was cheating on his wife with two women, but that was beyond our professional scope.

Well, he was fired, and he stormed out saying the owner "would be sorry". He did attempt to sabotage the network, but we had already changed the passwords. He tried to get in from his home DSL connection, but he was blocked. They now have a professional administrator, and we helped screen the applicants.

To prevent people from breaking in to machines using these methods, move the hard drive to the first boot device, and if your BIOS supports it, remove the floppy and CD from the bootable devices. Put a BIOS password on the machines. If needed, you can chage them back when you have to boot using removable media.


printable version
chaos

How not to fix a computer Why Linux sucks How to turn a crack house into a crack home How to crack root and not get caught
Enter root password for maintenance Why don't search engines make use of NLP? mindfuck cycle Escaping a mindfuck cycle
How I made my computer quieter Ack! I forgot my root password! l33t power cycle
script kiddie Windows 2000 Command Console Script Kiddies for Jesus How to recover a lost FreeBSD root password
NTFS Microsoft Linux Make an emergency Windows XP/2000 boot disk boot disk
Windows 2000 how to hack LILO December 13, 2000 : the concession speech of Al Gore
Y'know, if you login, you can write something here. You can also Create a New User if you don't already have an account.
  Epicenter
Login
Password

password reminder
register
Random Nodes
Nodes your cousin would have liked:
Reaganomics
Mars
Barbed wire
March 5, 2007
how to breathe
OK, so I'm a fuckup, and it's Tuesday
rice blast
The Original GNU Announcement
Orca
Egyptian rat screw
Sigue Sigue Sputnik
underwear as an erogenous zone
Alcibiades
New Writeups
Noung
monoculture(idea)
TheLady
Why are people afraid of touching?(idea)
hookersb
Quake - Arcade Tournament Edition(thing)
Jack
Why are people afraid of touching?(place)
museman
The Herd(thing)
Tem42
Sufganiyah(thing)
museman
Engineers' children(idea)
museman
My neighbours are going to make me into a creepy voyeur(idea)
Tlachtga
Santa Claus Is Comin' To Town(thing)
museman
John Brown(person)
museman
Why are people afraid of touching?(idea)
shaogo
further investigation of farther(thing)
icedcoffey
Angered Gods(fiction)
badme
Dan Deacon(person)
richiki
BTTB(thing)
This affordable entertainment brought to you by The Everything Development Company
Сайт создан в системе uCoz