Hello!
If there are any changes to this article, it will be located at http://www.tcu-inc.com/mark/articles/Breaking.html.
This brief article is just my easy way to break into my own system if I
screw up the root password. There are much easier ways to do it, but this
can also be used if you cannot log into your system if a configuration
file is messed up.
Okay, this isn't a Linux independent OS solution. I use a bootable cdrom that I got from www.cheapbytes.com which is a cheapbytes version of the RedHat 5.2 cd.
For this documentation, I am going to assume the computer is partitioned
in the following manner:
/dev/hda1
swap partition
/dev/hda2
root partition for Linux or "/"
/dev/hda3
DOS partition (yes, I know, it is scary to put nasty software on the same
hard drive as Linux)
/dev/hda2 means we are using the master hard drive on the primary IDE controller and root is on the 2nd primary partition on the hard drive. If your root is on the first primary partition, it would be /dev/hda1.
Here are the steps I use to hack into my own computer.
1. Make your system bootable off of the cdrom in your computers BIOS. If your computer doesn't support booting off of the cdrom, then you will have to figure out how to do it with bootable floppy disks. For me, I just want to use what is the fastest and easiest method, and so, I boot of off cdroms. I haven't booted off of a floppy drive in ages.
2. Put in your cdrom into your cdrom drive and turn on your computer.
3. Pretend to go through the installation of RedHat 5.2, and after it asks you to put in the cdrom and it gets to next screen, you can now goto the second console window.
4. Press Alt-F2, Alt-F3, Alt-F4, Alt-F5, and then Alt-F1. You should see various screens with different messages. The one we are concerned about is Alt-F2.
5. Okay, press Alt-F2.
6. Type "cd /tmp" and press enter. This takes us to a directory where we can make files, directories, etc.
7. Now we need to make a temporary directory and a temporary device
for the partition on the hard drive that we want to look at or edit. Type
in the following commands
mkdir /tmp/my_dir
mknod /tmp/my_dev b 3 2
mount /tmp/my_dev /tmp/my_dir
df
8. "mkdir" makes a directory for us to mount the a partition to.
"mknod" makes a device for 2nd partition on the
master hard drive. This lets us "see" the partition.
In particular, "b
3 2" means the following. "b" is for block device. "3" is the master hard
drive on the
primary IDE controller
on your computer. "2" means the second partition.
"mount" takes the device we can "see" and puts it
on top of the directory "/tmp/my_dir"
"df" just lets you see what file systems are mounted
and where they are mounted to.
Now, for our example, we could either edit the password file or perhaps do something simple like turning off xwindows from starting up if you have your computer set to use xdm. Let's do the xwindows example.
10. Do the following steps:
cd /tmp/my_dir/etc
vi inittab
11. Now you need to know how to use vi which is a fantastic editor,
but it is a pain to learn. Here are some simple commands in vi.
"x" deletes a character.
"i" makes it so you can insert letters or characters.
"Esc" turns off inserting characters.
"wq!" writes, quits, and ignores any problems
with read only files.
"h" moves one character to the left
"l" moves one character to the right
"k" moves up one line
"j" moves down one line
12. Now, go down to the line which should have something that looks
like
id:5:initdefault:
Delete the "5" by positioning the cursor at
the "5".
Press "x".
Press "i" to insert a number. Press "3".
Press the "Esc" key.
Type "wq!" and press enter.
13. Now you are done editing a file! What is the problem now? If you reboot you will most likely loose all of your changes. You must unmount the directory and then reboot.
14. Do this
cd /tmp
umount /tmp/my_dir
df
15. Now Press Crtl-Alt-Del to reboot. Also, take your cdrom out of the cdrom drive. When your computer restarts, I would recommend having your BIOS boot off of the hard drive instead of a CDROM.
That is it! You can also use this method to change the password file and do other stuff.
Naturally, having a password in your computers BIOS would be ideal. If you haven't physically secured your computer, then anybody can do this to the computer. Even if you put a password in the BIOS, someone could always take out the hard drive by taking apart the computer.
-------------------------------------------------------
Mark Nielsen
"Where 98 has no meaning."
www.tcu-inc.com
sales@tcu-inc.com
The Computer Underground, Inc. 614-485-0506
computers, programming, networking, Perl, PHP, SQL, HTMl, Linux, Unix