Author Topic: Brute Force Program For Linux  (Read 2978 times)

0 Members and 1 Guest are viewing this topic.

Offline The Philanthropist

  • Camper
  • ***
  • Posts: 284
  • .:|TGIF|:. Philly
Brute Force Program For Linux
« on: January 17, 2009, 02:18:31 am »
At work we have linux running on some mininote laptops, but a unscrupulous customer has fucked our shit up with some password changing antics, and we need a brute force program that possibly includes special characters (@#$% etc) and numbers.

Any magical solution?

Offline jettlarue

  • Flagrunner
  • ****
  • Posts: 724
Re: Brute Force Program For Linux
« Reply #1 on: January 17, 2009, 02:29:36 am »
John the Ripper
http://www.openwall.com/john/

I have not used it so thats as far as I can assist you

Offline jrgp

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 5037
Re: Brute Force Program For Linux
« Reply #2 on: January 17, 2009, 04:04:07 am »
Yes, when you boot it, hit escape as soon as you see the Grub menu. Click the latest kernel with the "Recovery Mode" next to it. When/if it asks, tell it to drop you to a root terminal. From there, you have unlimited access to everything on the system. To change a user's password to whatever you want, run the following:
passwd USERNAME

And if you need to change root's password, just runn passwd without any arguments.

There's no need to bruteforce the hashes in /etc/shadow when you can easily do the above in less than a few minutes.
There are other worlds than these

Offline Antipathy

  • Major(1)
  • Posts: 19
  • Set it free.
Re: Brute Force Program For Linux
« Reply #3 on: January 17, 2009, 07:23:33 am »
Yes, when you boot it, hit escape as soon as you see the Grub menu. Click the latest kernel with the "Recovery Mode" next to it. When/if it asks, tell it to drop you to a root terminal. From there, you have unlimited access to everything on the system. To change a user's password to whatever you want, run the following:
passwd USERNAME

And if you need to change root's password, just runn passwd without any arguments.

There's no need to bruteforce the hashes in /etc/shadow when you can easily do the above in less than a few minutes.

And I thought I was being geeky when I made a virtual image out of a music CD just so I could listen it on a PSX emulator.

The more you know...  :)

Offline N. Escalona

  • Major(1)
  • Posts: 24
  • Pretentious Nutknot
Re: Brute Force Program For Linux
« Reply #4 on: January 25, 2009, 07:25:31 am »
... From there, you have unlimited access to everything on the system. ...

You've got to love an operating system where, by default, it takes only 3 sentences to get to that one above.
Of course, the alternatives are even worse.
Do you want to see me crawl across the floor to you?
Do you want to hear me beg you to take me back?
I'd gladly do it because
I don't want to fade away.

Offline jrgp

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 5037
Re: Brute Force Program For Linux
« Reply #5 on: January 25, 2009, 09:09:57 pm »
... From there, you have unlimited access to everything on the system. ...

You've got to love an operating system where, by default, it takes only 3 sentences to get to that one above.
Of course, the alternatives are even worse.
If you have physical contact to a computer running whatever operating system, getting full access to it is trivial.

However, if you do not have physical access to a computer running Linux, you can't get into it at all unless you know the username & password of an account on it and it has ssh running and there's a port forwarded. Otherwise no.
There are other worlds than these

Offline a-4-year-old

  • Veteran
  • *****
  • Posts: 1918
Re: Brute Force Program For Linux
« Reply #6 on: January 25, 2009, 09:18:42 pm »
Theres nothing I hated more than username and password for linux. It was totally unnecessary and useless for me.
If we hit the bullseye the rest of the dominoes will fall like a house of cards. Checkmate. -Zapp Brannigan

Offline FliesLikeABrick

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 6144
    • Ultimate 13 Soldat
Re: Brute Force Program For Linux
« Reply #7 on: January 25, 2009, 11:28:35 pm »
Yes, when you boot it, hit escape as soon as you see the Grub menu. Click the latest kernel with the "Recovery Mode" next to it. When/if it asks, tell it to drop you to a root terminal. From there, you have unlimited access to everything on the system. To change a user's password to whatever you want, run the following:
passwd USERNAME

And if you need to change root's password, just runn passwd without any arguments.

There's no need to bruteforce the hashes in /etc/shadow when you can easily do the above in less than a few minutes.

This only works if it is a ubuntu-like system where there's no root password and the root account is disabled by default.  If they have the account enabled/a password set, they won't be able to do it.

You can, however, by using a livecd+chroot craftily enough (boot a livecd of Ubuntu or something, make a directory, mount the root filesystem of the laptop's hard drive on the directory.  mount proc and dev in it, then chroot /mnt/target (where /mnt/target is where the laptop's main partition is mounted)  From there you can then passwd <username> to reset the password.