Breaking password on FreeBSD 5.2.1 box

Bill Moran wmoran at potentialtech.com
Sat Nov 27 10:12:38 PST 2004


Nikolas Britton <freebsd at nbritton.org> wrote:
> Andrew Lewis wrote:
> 
> >Hi list,
> >
> >We have a client running a fBSD 5.2.1 box that needed its root password
> >hacked.
> >
> >I couldn't boot into single user mode w/o the root password, so I
> >installed fBSD 5.3 on another machine, and slaved the drive from the
> >5.2.1 box in mine.
> >  
> What?
> 
> Step 1: Boot the computer.
> Step 2: At the FreeBSD boot menu select "Escape to loader prompt"
> Step 3: Type in "boot -s" and hit enter.
> Step 4: Hit enter when it asks you what shell you want to use.
> Step 5: Type in "cat /etc/fstab" and hit enter.
> Step 6: Mount / and /usr, "mount /dev/foobar /", "mount /dev/foobar /usr".
> Step 7: Type in "passwd" and hit enter.
> Step 8: Type in new password and hit enter.
> Step 9: Retype in new password and hit enter.
> Step 10: type in "reboot" and hit enter.
> 
> I just try'ed it with FreeBSD 4.10 and 5.3 and it worked for both of them.

Edit /etc/ttys and mark the console "insecure" and try it again.

You'll find you can't get in without the password when that change has
been made.  That configuration is the correct thing to do when you can't
guarantee the physical security of the machine.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com


More information about the freebsd-questions mailing list