How to crack Root with Grub

Protecting your Linux box

Postby squid » Sat Sep 13, 2003 4:11 pm

thx man... :wink:
squid
Lance Naik
 
Posts: 20
Joined: Fri Sep 05, 2003 10:15 am

Postby zafarameer » Sat Sep 13, 2003 7:39 pm

no way to crack the root password from Grub.. if you have physical access (Console) then it is posiable that you can change it. :)
Be A Helping Hand 4 Others...
zafarameer
Cadet
 
Posts: 9
Joined: Mon Mar 03, 2003 1:54 am
ICQ: 166614508
WLM: schonde@hotmail.com
Yahoo Messenger: zafarameer@yahoo.com
Location: Sukkur

Postby Faraz.Fazil » Sat Sep 13, 2003 9:05 pm

Let me put it this way:

To change the root password, you have to issue the passwd command through terminal.

To get access to the terminal, without a password and with complete preveilages, you can start linux in single user mode (run level1) as already explained in detail in my previous posts.

zafarameer wrote:no way to crack the root password from Grub.. if you have physical access (Console) then it is posiable that you can change it. :)
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby outstream » Sat Oct 18, 2003 1:10 am

AoA

I tried the procedure explained earlier in this post to change root password on my own machine. I have 2 kernels installed right now. one is the default Red Hat 9 kernel and other is kernel 2.4.22 that i compiled later. The steps involved in changing root password from grub screen, applies to my new kernel successfully, but its not working on the old kernel. for example my grub.conf looks like this

title Red Hat Linux 9 New Kernel (2.4.22)
root (hd0,7)
kernel /vmlinuz-2.4.22
initrd /initrd-2.4.22.img
title Red Hat Linux (2.4.20-8 )
root (hd0,7)
kernel /vmlinuz-2.4.20-8 ro root=LABEL=/
initrd /initrd-2.4.20-8.img

Now on grub screen i high lighted new kernel and pressed 'e' and then selected kernel line and pressed again 'e' to edit it. After putting '-s' to it it looked like :

kernel /vmlinuz-2.4.22 -s

after this i pressed 'b' to boot and it worked and took me to single user mode and there i tried to change password and it worked. fine, great. but if i try to edit and old kernel like, and after editing it looks like :

kernel /vmlinuz-2.4.20-8 ro root=LABEL=/ -s

it doesnt works. when i boot it, the kernel gets panic. i tried removing ro root= LABEL=/ and changed it to

kernel /vmlinuz-2.4.20-8 -s

but still it didnt work and kernel got panic, before letting me into single user mode.

where am i doing a mistake?

Thanks for ur precious time

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.
----------------------------------------------------
Imran
Registered Linux User # 334322
outstream
Naib Subedar
 
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Postby zaeemarshad » Sat Oct 18, 2003 3:47 am

its not -s rather single,s or 1

better put single or 1 in place of -s

zaeem

------------------------------
*Proud to be Zaeem
(I will add more pride later ;) )
------------------------------
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Postby Kdaemon » Thu Oct 23, 2003 6:45 pm

make your derive as slave on other machine
boot, then mount the / of slave and change passwd :wink:
Kdaemon
Naib Subedar
 
Posts: 346
Joined: Sat Nov 30, 2002 12:22 pm
Location: Islamabad. GPS: LHR

Postby Faraz.Fazil » Thu Oct 23, 2003 9:35 pm

That depends on case to case.
Also note he is using grub and not lilo.
formats like linux 1 or linux single work well with lilo tab images.

In case of grub, In some cases only the -s switch works.
In some cases init 1 or single works

I checked single, s and 1 personally and they donot work for me.
-s works for me.


zaeemarshad wrote:its not -s rather single,s or 1

better put single or 1 in place of -s

zaeem

------------------------------
*Proud to be Zaeem
(I will add more pride later ;) )
------------------------------
Last edited by Faraz.Fazil on Mon Nov 03, 2003 9:19 pm, edited 2 times in total.
Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby Faraz.Fazil » Thu Oct 23, 2003 9:37 pm

outstream, when u are able to change the password using the new kernel then whats the problem when u have changed it successfully.?

Also if there is any problem, you can boot from the redhat 9 cd's , start in rescue mode, do a chroot /mnt/sysimage and then give the passwd command.This one is the most effecient method to reset the password.
Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby outstream » Fri Oct 24, 2003 1:23 am

AoA

Mr Faraz.Fazil sir

No no sir ji..i dont have any problems in booting at all or anything. i remember my password of root on both kernels very well. but as i was browsing through the forum and i came across this post. i thought lets give it a try. i mean for the sake of learning. u never know about it. kissi bhi waqt koi bhii cheez kaam aa sakti hai naa. so thats y i was trying it. yeah i was able to change it using -s switch in new kernel, but i was wondering y doesnt it works on old kernel. thats what i was thinking about.

Thanks for ur precious time

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.

----------------------------------------------------

Imran

Registered Linux User # 334322
outstream
Naib Subedar
 
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Postby Faraz.Fazil » Fri Oct 24, 2003 12:25 pm

As i said before:

Also if there is any problem, you can boot from the redhat 9 cd's , start in rescue mode, do a chroot /mnt/sysimage and then give the passwd command.This one is the most effecient method to reset the password.
Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby outstream » Sat Oct 25, 2003 4:03 am

AoA

Mr Faraz.Fazil sir

sir jii..yeah u r right..that chroot /mnt/sysimage works.

But i think i am still unable to clarify my question here. ok lets get it like this, by now from this post i have learned there are two methods to do this job.

1. by doing -s switch in kernel line.

2. by doing chroot /mnt/sysimage.

now when it comes to my side, they become 4 methods.

1. try doing it by -s switch in new kernel

2. try doing it by -s switch in old kernel.

3. try doing it by chroot /mnt/sysimage in new kernel

4. try doing it by chroot /mnt/sysimage in old kernel


and my GOAL is NOT to CHANGE the password. my GOAL is to LEARN that HOW THINGS WORK. Right now i can successfully run -s switch method in new kernel. may be later some time in future, if i come across a real problem and its only default kernel installed in my machine then what will i do? i havent learned how to start it in single user mode by -s switch, cuz i havent tried it. well i have tried it but it didnt work, so i havent learned this method with default kernel. am i making any sense?.

so thats y i said in earlier post that i DONOT REALLY want to change my password. there is no such thing that i am having trouble in logging in as root. all i want is to LEARN how things work. BOTH the methods u told were an increase in my knowledge. one of them WORKS with me. the other one DOESNT. and i am after this that WHY doesnt the other one works. if its a method made to do the job, it should work. thats what i am after for.

Thanks for ur precious time

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.

----------------------------------------------------

Imran

Registered Linux User # 334322
outstream
Naib Subedar
 
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Postby Faraz.Fazil » Sat Oct 25, 2003 6:53 am

This is due to a string in /etc/fstab which goes like:

LABEL=/ / ext3 defaults 1 1

U noticed by default the grub.conf had ro root =label=/

You may need to enter an entry for the root drive to make it look somewhat like:

/dev/hdaNUMBER / ext3 defaults 1 1

then reference it in grub.conf and then add -s switch to the end.
I donot recommend a newbie messing with /etc/fstab since it can cause problems if not edited correctly.

Also it maybe that your old kernel's loopback's and initrd images donot get initialized correctly
which may also be responsible for this.

outstream wrote:AoA

. and i am after this that WHY doesnt the other one work

Good Day
Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby outstream » Sun Oct 26, 2003 11:58 am

AoA

Mr Faraz.Fazil sir,

ok sir ji i got it...thanksss a lottttt for alll the time u have given me

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.

----------------------------------------------------

Imran

Registered Linux User # 334322
outstream
Naib Subedar
 
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Postby Faraz.Fazil » Sun Oct 26, 2003 1:37 pm

Np.
Anytime.
Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby outstream » Mon Nov 03, 2003 2:38 pm

AoA

Guys yesterday i was reading some documentation of Red Hat. There i came across this thing, that how to boot to single user mode. In that documentation they told just to put word 'single' at the end of kernel line. i tried it and it worked. The problem i was having to boot to single user mode from default kernel of Red Hat 9 is solved.

I thought may be its useful for some one here. thats y i`m posting it here.
Testing?What's that? If it compiles, its good, if it boots up it is perfect.

----------------------------------------------------

Imran

Registered Linux User # 334322
outstream
Naib Subedar
 
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron