cracking the root password

[Master of Reality]

It's innocent i swear. I have an old ibm thinkpad 300 with an old debian on it. I have my user password, but i cant remember the root password. After many many attempts i still cant figure out what i made it.

Any ideas to getting root access. Lilo is installed, but doesnt pause or anything it loads linux immediately so i cant enter kernel params. The distro isnt old enough, so there is still shadowed passwords meaning i cant just use crack to brute force the password.

There is only a floppy drive.

So far the only thing i can think of is using the floppy to run crack off a live floppy distro. Or re-installing completely.

[Tux]

Put a boot loader on a floppy, boot installed kernel using said floppy. Boot into single user.

You know that

[Ice9]

Re-installing wouldn't hurt if the install is really that old, you would have to pretty much dist-upgrade the whole shebang just to get it up-to-date.

Other than that it would be interesting to follow Tux's lead, I would have a hard time doing that for sure

[Master of Reality]

debian floppies wont boot, tomsrtbt didnt work properly. Slackware (zipslack) floppy loaded into single user then i messed up the partition table screwing around. Dont know what it was before.

I guess ill figure out a way to re-install.

[Void Main]

Haven't used Debian in a while but with the Fedora install or rescue CD you can go into rescue mode and mount the partitions where you can either just delete the password from the /etc/shadow file on your root partition or you can chroot to the root partition and run the regular "passwd" command. You could also use KNOPPIX or any other boot disk for that matter and do the same thing. If you are running an unpatched 2.6.17 kernel or newer you can just use the latest local root exploit that came out a few days ago. Patch your kernels if you haven't already. It's trivial to exploit.

[Ice9]

I think there's no cd on that machine

There is only a floppy drive.

MoR, here you have a floppy boot image you can use to do a network install.

[Void Main]

I think there's no cd on that machine

There is only a floppy drive.

MoR, here you have a floppy boot image you can use to do a network install.

Ooops. I guess I need to take more time and actually read. :) Seriously, the local root exploit would get you in if single user mode doesn't get him in or he can't boot from floppy.

http://www.milw0rm.com/exploits/5092

Just compile it and run it as a normal user and you'll have root if you are running a kernel between 2.6.17 - 2.6.24.1 that isn't patched.

Do you know how to get your machine booted into single user mode? If you are using grub arrow to the kernel you want to boot and press "a" which should put you into "append" mode. Add a "1" as the last parameter of the boot line and press ENTER. Some systems boot you right to a root shell in single user mode, some ask for root's password. Another thing you can do in Fedora that you may be able to do in Debian is putting the boot process into interactive mode by pressing the "I" key at the beginning of the init process.

If none of that works check this out:

http://www.debianadmin.com/forgot-root- ... ebian.html

It's probably best if you check that out first actually. :)

[Calum]

why didn't tomsrtbt work?

[insomnia]

I had the same problem with a Debian(etch) box about a week ago.
All I had to do was chrooting the root partition and run passwd.

PS: You can make a grub floppy (always handy to have around, especially for lilo users) like this:

mke2fs /dev/fd0
mount /dev/fd0 /media/floppy
mkdir /media/floppy/boot
mkdir /media/floppy/boot/grub
cd /boot/grub
cp stage1 stage2 /media/floppy/boot/grub
umount /dev/fd0
grub
device (fd0) /dev/fd0
root (fd0)
setup (fd0)
quit

[Master of Reality]

tomsrbtb didnt want to boot despite an apparent success on imaging the disk.
I'm using the slackware floppies to re-install.