Hello, I lost root password on an old linux box that I need to recover. I remember that the password is not complex, so brute forcing should be possible, however I'm currently looking to find a user escalation vulnerability because this would likely be faster.

In the event that this fails, does anyone know of a script I could use to brute force my password?

(This is a local Mandriva box. I have the password for a non-root user.)

Thanks in advance.

Hi Geminias,

Why you want to go for brute force. Isn't the following method easy :-)

http://forum.mandriva.com/en/viewtopic.php?t=132578

1 members found this post helpful.

Since the answer to this would likely be a breach of the LQ rules, i wont tell you how to do it.
But a google search will have the answer.

@ fukawi1,

I don't think so that suggesting how to reset a root password using single user mode is violation to LQ rules. LQ prohibit talks on hacking and going in single usermode when you have physical access to the system (in single user mode you do not have network connectivity so person has to be physically there) is not hacking. And if a person has physical access to the system then he can do anything with the system if he want :-) hacking not required ;-)

@ Moderators

Moderators please correct if I am wrong. If I am then I sincerly apologise for my earlier post.

This is a good suggestion Terminator,

I'm currently just trying to figure out how to get GRUB boot loader menu to display because I configured it to hide the menu on startup.

I tried holding shift and escape, but to no avail.

Obviously since I don't have root access, I can't just edit menu.lst either...

Anyone know a sure way to boot into safe mode?

And I lost my Mandriva disc, so that's not an option either.

In that case I am out of suggestions.

A couple of thoughts,
1) is sudo set up, to enable you to change the root passwd using the normal user accounts password
2) can you burn a new iso as a user?
You can boot to a live cd and modify /etc/passwd manually

http://linuxgazette.net/107/tomar.html describes a couple of ways

Yeah this sucks. My main deboccle is my internet sucks and I don't have a liveCD currently downloaded.

Was hoping to gain access tonight.

[MODERATED]

I found a Live-CD, tried to mount my mandriva partition, and getting error that it can't mount because
it doesn't contain a valid partition table.

Isn't it great how a simple thing can turn into an impossible thing?

EDIT: it just occurred to me the problem is that my Live-CD is fedora 8 which is pretty old one. My hard drive is ext4 which it probably can't recognize.

If you have the root password hash and know the hash type, you can [MODERATED]

Creating a new root account password (un-passworded runlevel 1 or S entry, alternative bootable medium) is not a breach of the LQ Rules as the myriad of threads on the subject show. What is a breach of the LQ Rules would be:

0) aiding the OP accomplishing things wrt his or her misguided approach:
...or

1) misguided attempts at promoting brute-forcing:

2 members found this post helpful.

Thanks for clearing that up.

"misguided" approach. It's my machine, my data, my life. I can do whatever I want with it.

Or you want me to call up old Adolf and restore the Reich?

After booting to LiveCD I downloaded overnight, i was able to mount the partition, edit the menu.lst file and boot into safe mode.

From there I was able to follow these instructions. Just wanted to say thanks!