unix r00t

Quote:

---

Originally posted here by phishphreek80
If you have access to the system as root, but don't know the root password then you can edit the /etc/shadow file to remove the encrypted password. Then you can set the password to whatever you want. This method is also used to reset the root password using single user mode at boot.

---

Ever heard of passwd? If you're on as root just change the password, sheesh. You don't need to edit /etc/shadow.

Quote:

---

Originally posted here by !mitationRust
You would like to read some of the major flaws? I'm afraid I broke my stick on this dead horse awhile ago, but I'll let catch educate you on some of the flaws. *nix vs. ?, thread is not the same unless it has catch involved.

---

IOW, I don't actually know myself, so I will defer to someone else who I think knows. :rolleyes:
At any rate, it's useless to debate your non-statements based on someone else's statements that may or may not be correct.

Quote:

---

Originally posted here by spurious_inode For root, always use a shell that can set the environment variables as `read-only'. Most implementations of the Korn shell recognize 'typeset -xr VAR' to mean export the variable and set it to read-only.

---

Props to you spurious, for being the first person I've seen recommend this here in a long time.

Bash supports this as well, via the readonly built-in for existing exports/declarations:

Code:

---

root@Optimus:~# export PATH="$PATH:/home/chsh"
root@Optimus:~# readonly PATH
root@Optimus:~# export PATH="$PATH:."
-su: PATH: readonly variable

---

It should be in root's /etc/.bash_profile, or perhaps the system-wide /etc/profile if you want to do it for everyone. You should then lock down the profile files obviously, however if someone gets root on your system, your efforts will only lengthen the time it will take them to break it. :)

You can also optionally flag stuff as readonly when it's declared using the built-in declare.

Quote:

---

Ever heard of passwd? If you're on as root just change the password, sheesh. You don't need to edit /etc/shadow.

---

I am relatively sure that, in order to change a password using passwd, you need to enter the old password first. So, by deleting it in /etc/shadow, you can change a password without entering the old one because the system believes there was no password to begin with.

nifty trick, btw ;)

Quote:

---

Originally posted here by TheRepublican
I am relatively sure that, in order to change a password using passwd, you need to enter the old password first. So, by deleting it in /etc/shadow, you can change a password without entering the old one because the system believes there was no password to begin with.

nifty trick, btw ;)

---

You use Gentoo and you're Republican.... You'll end up burning in hell anyway.

How did you have time too post this in between security updates? Gentoo still poppin' out 2 a day?

And for the record, no you don't have too enter in the old password too use passwd. You type passwd and type the new password twice.

I think the point of the method from the book, vs the methods suggested in this thread, is to obtain the root password without changing it - secretly gaining access without breaking the original user's access as well.

If I'm wrong about the functionality of the book instructions, please let me know. If my comment was just too obvious for anyone to state it before this, I apologize for your wasted time. :)