Dec 21, 2010

Linux Password Hacking

If you’ve ever got stuck on the Login screen of your Linux system, as you don’t know the System password, don’t worry now. Its very easy to crack the password in Linux system.
All it takes is adjusting the boot parameters slightly and typing a command or two. Just follow the below given commands, and the work would be done.

  1. Reboot your computer, and then as soon as you see the GRUB Loading screen, make sure to hit the ESC key so that you can get to the menu.
    Linux Grub
  2. Now you have two options:
Root Shell Method
  1. If you have the option, you can choose the “recovery mode” item on the menu, usually found right below your default kernel option.
  2. Then choose “Drop to root shell prompt” from this menu (This is called the Single User Mode).
  3. This should give you a root shell prompt.
Alternate Root Shell Method
If you don’t have the recovery mode option, this is the alternate way to manually edit the grub options to allow for a root shell.

  1. First you’ll have to make sure to choose the regular boot kernel that you use (typically just the default one), and then use the “e” key to choose to edit that boot option.
  2. Now just hit the down arrow key over to the “kernel” option, and then use the “e” key to switch to edit mode for the kernel option.
    Grub Details
  3. Now in the next screen that you see, you have to remove the “ro quiet splash” part with the backspace key, and then add this onto the end:
    rw init=/bin/bash
    (On some versions of Linux, you might have other shells as the default shell. So you have to type the above line accordingly. But most Linux versions have the “bash” shell as the default shell.)
  4. Once you hit enter after adjusting the kernel line, you’ll need to use the B key to choose to boot with that option.
  5. At this point the system should boot up very quickly to a command prompt.
You are now at the Root Shell Prompt (also called the Single User Mode)
Now Reset the Password
  1. Once you are the Root Shell Prompt, by following any of the above given method, you can use following command to reset the password of any user account:
    passwd username
  2. After the command is successful, type the following command to make sure the changes are written to the hard disk, before you reboot the computer:
    sync
  3. Now reboot the computer using the command:
    reboot -f
Once the computer restarts, you shall be able to login from the account, for which you had changed the password.


Cracking Linux Password when Grub cannot be changed


In the previous post we learnt about cracking Linux Password using the Grub – Dropping to Single User Mode.
However, if the Grub is password protected, then this method will not work. So in such cases, we can use the Linux Live CD to crack the Linux Password. Follow the below given steps to change the Linux Password, using the Linux Live CD.
  1. Boot your computer from your Linux Live CD, choosing “Try Linux without any change to your computer” from the boot menu.
  2. Once the system boots open up a new Terminal window and then type in the following command:
    sudo fdisk –l
  3. This command is used to tell what device name the hard drive is using, which in most cases should be /dev/sda1, but could be different on your system.
  4. Now you’ll need to create a directory to mount the hard drive on. Since we’re actually booting off the live cd, the directory doesn’t really get created anywhere.
    sudo mkdir /media/sda1
  5. The next command will mount the hard drive in the /media/sda1 folder.
    sudo mount /dev/sda1 /media/sda1
  6. Now it’s time for the command that actually does the magic:
    chroot.

    This command is used to open up a shell with a different root directory than the current shell is using, and we’ll pass in the folder where we mounted the hard drive.
    sudo chroot /media/sda1
  7. Now you should be able to use the passwd command to change your user account’s password, and it will be applied to the hard drive since we are using chroot.
    passwd <username>
  8. Now you should be able to reboot your system and log yourself in with your new password.
Hope you find this post useful, as many students have asked about cracking Linux Password.
More posts would be coming in the future about Linux.