Linux system password and GRUB password cracking

Source: Internet
Author: User
Tags crypt
& Nbsp; security! This is a very sensitive issue. what is real security? For Linux, Windows, and other operating systems, as long as you get the host, you will be able to crack its password. Some people started to wonder: Isn't Linux more secure than Windows? Yes, this is beyond doubt. Micro

Safe! This is a very sensitive issue. what is real security? For Linux, Windows, and other operating systems, as long as you get the host, you will be able to crack its password. Some people started to wonder: Isn't Linux more secure than Windows? Yes, this is beyond doubt. Both Microsoft and Linux provide support for verification, access control, accounting/logs, controlled access protection entities, and encryption. However, Linux performs better, because Linux also provides Linux Security Modules, SELinux and winbind. Linux users can add additional security mechanisms without patching the kernel. Linux builds multiple access control mechanisms on LSM. All content in linuxis saved in the form of files, and virus is also easy to spread. executable files such as .exe cannot play a role in Linux. Wait. In short, Linux is safer than Windows.
Imagine what if I forget my computer password? If only the system password is set, it is easy to crack. what if the GRUB password is set? In this case, we need to install the CD and start from the safe mode to crack it. but if we have set a BIOS password, what should we do? You can only pull the battery or find the manufacturer. Every link is closely related. this is also like the biological chain in nature. In fact, it is a backdoor specially reserved by the manufacturer for us. Today, we will take Red Hat Enterprise Linux 5 as an example to introduce the system password and GRUB password cracking methods.


General process:

I. system password cracking-single user mode

II. GRUB password cracking-security mode

System password ---------- GRUB password
|
|
Single-user security mode


I. system password cracking

General steps: ① GRUB -- e -- ② kernel /...... (Select the second character on the character interface and the third character on the graphic interface) -- e -- ③ input character: single -- B -- ④ vi/etc/passwd ---- ⑤ delete the password sign (X ), save and exit ---- ⑥ reboot (restart)

Enter the startup interface and press enter.

① Check the following prompt and press "e" to edit the command before Startup. ② select the second line "kernel/vmlinux -......", Press the "e" edit command ③ enter the character "single" in the edit box, enter the single-user mode command, and press "enter"
Follow the prompts below to start it by "B,
After the startup, enter the following interface
④ Vi/etc/passwd: enter the password configuration file of the system
The first line is the superuser's password information.
⑤ Delete the password sign (X), save and exit (reboot), restart, enter the user name, and then directly enter the system, no prompt to enter the password
II. general steps for GRUB password cracking:
1. the grub-md5-crypt generates the grub password
2. modify the grub configuration file in vi/etc/grub. conf.
Add the encrypted password under the background image
Password -- md5 encrypted password
After GRUB is encrypted, you need the GRUB password to crack the password in single-user mode. However, the GRUB password is not the final password, and there are still methods to crack it. The following describes how to crack the GRUB password and configure it in security mode.
1. grub-md5-crypt to generate grub password vi/etc/grub. conf look at the GRUB configuration file, can not be md5 encryption GRUB password directly copied over, need to use the tool
We use the software SecureCRT to achieve the above purpose, copy the encrypted md5 password to the configuration file
Connect to the secure SSH2 file as shown in the following figure to enter the Linux system.
Create a host key,
Enter the connection user verification password
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.