Security Basics mailing list archives
Re: Reseting root password Was: user name from security logs
From: "Robert Reed" <rreed567 () earthlink net>
Date: Tue, 31 May 2005 10:13:57 -0700
yes there is a way to get control back..... I'm not clear if you are referring to a Linux box or windows.... please clarify? for windows boxes there are live Linux distros that will allow you to change the admin password....... with Linux you can attack the shadow password file and delete the admin password... then log on as root and create a new password for the root account ----- Original Message ----- From: "Alexander Klimov" <alserkli () inbox ru> To: "Emmanuel Goldstein" <goldstein101 () gmail com> Cc: <security-basics () securityfocus com> Sent: Tuesday, May 31, 2005 1:33 AM Subject: Reseting root password Was: user name from security logs
On Sun, 29 May 2005, Emmanuel Goldstein wrote:I have physical access to the computer and i can also access all hd's files using a LiveCD linux distribution. So, here's my question: Is there anyway to change the admin password and/or get the machine's control back?Boot a LiveCD, mount the root partition: mkdir /tmp/a; mount /dev/hda1 /tmp/a chroot to it: chroot /tmp/a and change the password: passwd Depending of authentication method used you can do it more directly, e.g., changing a line in /etc/shadow: root:password-hash:.... to root::.... -- Regards, ASK
Current thread:
- Re: Reseting root password Was: user name from security logs Robert Reed (Jun 01)
- Re: Reseting root password Was: user name from security logs Steven McIntosh (Jun 06)