How to crack Root with Grub

Protecting your Linux box
squid
Lance Naik
Posts: 20
Joined: Fri Sep 05, 2003 10:15 am

Post by squid »

thx man... :wink:
zafarameer
Cadet
Posts: 9
Joined: Mon Mar 03, 2003 1:54 am
Location: Sukkur
Contact:

Post by zafarameer »

no way to crack the root password from Grub.. if you have physical access (Console) then it is posiable that you can change it. :)
Be A Helping Hand 4 Others...
Faraz.Fazil
Major General
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
Location: Karachi/Pakistan/Earth/Universe

Post by Faraz.Fazil »

Let me put it this way:

To change the root password, you have to issue the passwd command through terminal.

To get access to the terminal, without a password and with complete preveilages, you can start linux in single user mode (run level1) as already explained in detail in my previous posts.
zafarameer wrote:no way to crack the root password from Grub.. if you have physical access (Console) then it is posiable that you can change it. :)
outstream
Naib Subedar
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Post by outstream »

AoA

I tried the procedure explained earlier in this post to change root password on my own machine. I have 2 kernels installed right now. one is the default Red Hat 9 kernel and other is kernel 2.4.22 that i compiled later. The steps involved in changing root password from grub screen, applies to my new kernel successfully, but its not working on the old kernel. for example my grub.conf looks like this

title Red Hat Linux 9 New Kernel (2.4.22)
root (hd0,7)
kernel /vmlinuz-2.4.22
initrd /initrd-2.4.22.img
title Red Hat Linux (2.4.20-8 )
root (hd0,7)
kernel /vmlinuz-2.4.20-8 ro root=LABEL=/
initrd /initrd-2.4.20-8.img

Now on grub screen i high lighted new kernel and pressed 'e' and then selected kernel line and pressed again 'e' to edit it. After putting '-s' to it it looked like :

kernel /vmlinuz-2.4.22 -s

after this i pressed 'b' to boot and it worked and took me to single user mode and there i tried to change password and it worked. fine, great. but if i try to edit and old kernel like, and after editing it looks like :

kernel /vmlinuz-2.4.20-8 ro root=LABEL=/ -s

it doesnt works. when i boot it, the kernel gets panic. i tried removing ro root= LABEL=/ and changed it to

kernel /vmlinuz-2.4.20-8 -s

but still it didnt work and kernel got panic, before letting me into single user mode.

where am i doing a mistake?

Thanks for ur precious time

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.
----------------------------------------------------
Imran
Registered Linux User # 334322
zaeemarshad
Lieutenant Colonel
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Location: Islamabad
Contact:

Post by zaeemarshad »

its not -s rather single,s or 1

better put single or 1 in place of -s

zaeem

------------------------------
*Proud to be Zaeem
(I will add more pride later ;) )
------------------------------
Kdaemon
Naib Subedar
Posts: 346
Joined: Sat Nov 30, 2002 12:22 pm
Location: Islamabad. GPS: LHR

Post by Kdaemon »

make your derive as slave on other machine
boot, then mount the / of slave and change passwd :wink:
Faraz.Fazil
Major General
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
Location: Karachi/Pakistan/Earth/Universe

Post by Faraz.Fazil »

That depends on case to case.
Also note he is using grub and not lilo.
formats like linux 1 or linux single work well with lilo tab images.

In case of grub, In some cases only the -s switch works.
In some cases init 1 or single works

I checked single, s and 1 personally and they donot work for me.
-s works for me.

zaeemarshad wrote:its not -s rather single,s or 1

better put single or 1 in place of -s

zaeem

------------------------------
*Proud to be Zaeem
(I will add more pride later ;) )
------------------------------
Last edited by Faraz.Fazil on Mon Nov 03, 2003 9:19 pm, edited 2 times in total.
Linux for Life!
Faraz.Fazil
Major General
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
Location: Karachi/Pakistan/Earth/Universe

Post by Faraz.Fazil »

outstream, when u are able to change the password using the new kernel then whats the problem when u have changed it successfully.?

Also if there is any problem, you can boot from the redhat 9 cd's , start in rescue mode, do a chroot /mnt/sysimage and then give the passwd command.This one is the most effecient method to reset the password.
Linux for Life!
outstream
Naib Subedar
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Post by outstream »

AoA

Mr Faraz.Fazil sir

No no sir ji..i dont have any problems in booting at all or anything. i remember my password of root on both kernels very well. but as i was browsing through the forum and i came across this post. i thought lets give it a try. i mean for the sake of learning. u never know about it. kissi bhi waqt koi bhii cheez kaam aa sakti hai naa. so thats y i was trying it. yeah i was able to change it using -s switch in new kernel, but i was wondering y doesnt it works on old kernel. thats what i was thinking about.

Thanks for ur precious time

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.
----------------------------------------------------
Imran
Registered Linux User # 334322
Faraz.Fazil
Major General
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
Location: Karachi/Pakistan/Earth/Universe

Post by Faraz.Fazil »

As i said before:

Also if there is any problem, you can boot from the redhat 9 cd's , start in rescue mode, do a chroot /mnt/sysimage and then give the passwd command.This one is the most effecient method to reset the password.
Linux for Life!
outstream
Naib Subedar
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Post by outstream »

AoA

Mr Faraz.Fazil sir

sir jii..yeah u r right..that chroot /mnt/sysimage works.

But i think i am still unable to clarify my question here. ok lets get it like this, by now from this post i have learned there are two methods to do this job.

1. by doing -s switch in kernel line.

2. by doing chroot /mnt/sysimage.

now when it comes to my side, they become 4 methods.

1. try doing it by -s switch in new kernel

2. try doing it by -s switch in old kernel.

3. try doing it by chroot /mnt/sysimage in new kernel

4. try doing it by chroot /mnt/sysimage in old kernel


and my GOAL is NOT to CHANGE the password. my GOAL is to LEARN that HOW THINGS WORK. Right now i can successfully run -s switch method in new kernel. may be later some time in future, if i come across a real problem and its only default kernel installed in my machine then what will i do? i havent learned how to start it in single user mode by -s switch, cuz i havent tried it. well i have tried it but it didnt work, so i havent learned this method with default kernel. am i making any sense?.

so thats y i said in earlier post that i DONOT REALLY want to change my password. there is no such thing that i am having trouble in logging in as root. all i want is to LEARN how things work. BOTH the methods u told were an increase in my knowledge. one of them WORKS with me. the other one DOESNT. and i am after this that WHY doesnt the other one works. if its a method made to do the job, it should work. thats what i am after for.

Thanks for ur precious time

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.
----------------------------------------------------
Imran
Registered Linux User # 334322
Faraz.Fazil
Major General
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
Location: Karachi/Pakistan/Earth/Universe

Post by Faraz.Fazil »

This is due to a string in /etc/fstab which goes like:

LABEL=/ / ext3 defaults 1 1

U noticed by default the grub.conf had ro root =label=/

You may need to enter an entry for the root drive to make it look somewhat like:

/dev/hdaNUMBER / ext3 defaults 1 1

then reference it in grub.conf and then add -s switch to the end.
I donot recommend a newbie messing with /etc/fstab since it can cause problems if not edited correctly.

Also it maybe that your old kernel's loopback's and initrd images donot get initialized correctly
which may also be responsible for this.
outstream wrote:AoA

. and i am after this that WHY doesnt the other one work

Good Day
Linux for Life!
outstream
Naib Subedar
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Post by outstream »

AoA

Mr Faraz.Fazil sir,

ok sir ji i got it...thanksss a lottttt for alll the time u have given me

Good Day
Testing?What's that? If it compiles, its good, if it boots up it is perfect.
----------------------------------------------------
Imran
Registered Linux User # 334322
Faraz.Fazil
Major General
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
Location: Karachi/Pakistan/Earth/Universe

Post by Faraz.Fazil »

Np.
Anytime.
Linux for Life!
outstream
Naib Subedar
Posts: 322
Joined: Wed Sep 24, 2003 10:04 pm
Location: islamabad

Post by outstream »

AoA

Guys yesterday i was reading some documentation of Red Hat. There i came across this thing, that how to boot to single user mode. In that documentation they told just to put word 'single' at the end of kernel line. i tried it and it worked. The problem i was having to boot to single user mode from default kernel of Red Hat 9 is solved.

I thought may be its useful for some one here. thats y i`m posting it here.
Testing?What's that? If it compiles, its good, if it boots up it is perfect.
----------------------------------------------------
Imran
Registered Linux User # 334322
Post Reply