[TriLUG] best way to hack root...

Joseph S. Tate dragonstrider at gmail.com
Thu Feb 21 16:15:01 EST 2013


And this, my friends, is why, if you don't have physical security, you
don't have any security.  :)


On Thu, Feb 21, 2013 at 3:10 PM, Kevin Otte <nivex at nivex.net> wrote:

> I would propose one small modification to the procedure. Rather than hand
> edit the mounted /etc/shadow, change root into the mounted partition and
> use the passwd tool to change it to something known. This way you can
> recover the root password (if there is one) and/or the user's password.
>
> eg:
> rescue# mount /dev/root_part /tmp/mnt
> rescue# chroot /tmp/mnt
> chroot# passwd root (or username)
> [follow prompts]
> chroot# exit
> rescue# exit (or reboot)
>
>
> On 02/21/2013 02:07 PM, Alan Porter wrote:
>
>>
>>  I can "su" as I have the system
>>> auto-logging into my user account.
>>>
>>
>> "su" requires root's password (which you don't know).
>> "sudo" requires YOUR password (which you also don't know).
>>
>> In this situation, I boot using a liveCD or liveUSB, then mount the root
>> filesystem and edit /mnt/etc/shadow, removing the encrypted password for
>> root or the user in question.  Reboot and log in using your now-empty
>> password.
>>
>>  --
> This message was sent to: Joseph Tate <dragonstrider at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/**listinfo/trilug<http://www.trilug.org/mailman/listinfo/trilug>
> Unsubscribe or edit options on the web  : http://www.trilug.org/mailman/**
> options/trilug/dragonstrider%**40gmail.com<http://www.trilug.org/mailman/options/trilug/dragonstrider%40gmail.com>
> TriLUG FAQ          : http://www.trilug.org/wiki/**
> Frequently_Asked_Questions<http://www.trilug.org/wiki/Frequently_Asked_Questions>
>



-- 
Joseph Tate



More information about the TriLUG mailing list