My brother is stupid and he lost his root password.
How do I run a bruteforce to crack it? (Fedora Core 1)

I don't really know and it's hard to answer 'cos it may help any people to access any PC.

I suggst reinstall the partition in question.

Besides, someone says you start the pc with knoppix, mount the partition read/write. Go into shadow and find the encrypted pass and suppress the file. Normaly at boot there shouldn't be a pass for root. If you can do that you could have thought it yourself : )
If this work, you can put a pass for root you keep and an admin profile for your brother to take care of his daily tasks.

Marc A

It's his computer so I don't even care if he throws it off the roof. I'll tell him that he needs to reinstall Linux.

He can boot up using knoppix and get access that way. I can not remember exactly how but it is not that difficult.

There is another way to do it, which is quite simple actually.
I don't remember the exact details but I've got it written down at the office.
If it's necessary, reply, and I'll post it.

Boot into single user mode and change it.
If he is using GRUB I think he needs to hit 'a' then put a -S or 'single' at the end of the line.

(it won't tell him what his old one is but it will allow him to change to one he knows.)

If you forgot you root you can also just boot with the fedora 1 cd.

Type "linux rescue" at the boot prompt.

once you get a shell type

chroot /mnt/sysimage

then type

passwd

reboot without the cd and you are good to go.

mr Blinker_Fluid ,


i also got the same problem before but reinstalled linux on my pc...
please try to explain me to change the password using grub clearly..


bye

First, try single user. If you don't see either a LILO or GRUB boot screen, try hitting CTRL-X to get one. If it's LILO, just type "linux single" and that should do it (assuming that "linux" is the lilo label). If GRUB, hit 'e", then select the "kernel" line, hit "e" again, and add " single" (or just " 1") to the end of the line. Press ENTER, and then "b" to boot.


You should get a fairly normal looking boot sequence except that it terminates a little early at a bash prompt. If you get a "Give root password for system maintenance", this isn't going to work, so see the "init" version below.


If you do get the prompt, the / filesystem may not be mounted rw (although "mount" may say it is). Do

mount -o remount,rw /



If that doesn't work (it might not), just type "mount" to find out where "/" is mounted. Let's say it is on /dev/sda2. You'd then type:

mount -o remount,rw /dev/sda2



If you can do this, just type "passwd" once you are in and change it to whatever you like. Or just edit /etc/shadow to remove the password field: move to just beyond the first ":" and remove everything up to the next ":". With vi, that would be "/:" to move to the first ":", space bar once, then "d/:" and ENTER. You'll get a warning about changing a read-only file; that's normal. Before you do this, /etc/shadow might look like:

root:$1$8NFmV6tr$rT.INHxDBWn1VvU5gjGzi/:12209:0:99999:7:-1:-1:1074970543
bin:*:12187:0:99999:7:::
daemon:*:12187:0:99999:7:::
adm:*:12187:0:99999:7:::



and after, the first few lines should be:

root::12209:0:99999:7:-1:-1:1074970543
bin:*:12187:0:99999:7:::
daemon:*:12187:0:99999:7:::
adm:*:12187:0:99999:7:::



You'll need to force the write: with vi, ":wq!". (If that still doesn't work, you needed to do the -o remount,rw, see above).


Another trick is to add "init=/bin/bash" (LILO "linux init=/bin/bash" or add it to the Grub "kernel" line). This will dump you to a bash prompt much earlier than single user mode, and a lot less has been initialized, mounted, etc. You'll definitely need the "-o remount,rw" here. Also note that other filesystems aren't mounted at all, so you may need to mount them manually if you need them. Look in /etc/fstab for the device names.



=====================
Mark Vincent Verallo

step by step instructions:
Power on machine when you get to the grub screen where it is counting down and asking you to select the kernel you hit the 'a' key
this will drop you to a screen where you can modify kernel arguments add 'single' to the end of the line and press 'enter'
You will then boot into single user mode where you can type 'passwd root' and then enter a password you know.

Hope that helps

Use this

Quote:

Originally posted by flashingcurser Use this

Well it's there for the viewing and doesn't exceed the kind of kind of cracking simple guess work can do more slowly. But I don't like it. At some point, any way that a password becomes replaceable/crackable etc without a reinstall renders it useless, and just a temporary delay in unauthorized access... It's why the encryption and master password in Mac is so tight, lose it and your data is gone - 99% of password security is a personal memory function. No written paper, no phone numbers, no birthday backward or crap like that.

A bruteforce of any 8 character or more password with john could take weeks. With a CRAY-2.