The fact that, In my Lab, one of the user who is in sodoers list has changed the root password, is there any way to reveal the password he has set? I know how to change it by editing from GRUB but what if I want to know what's the previous password.
Asked
Active
Viewed 5,244 times
2
-
If there was an easy way for you to know the password, there would have been an easy way for wrongdoers to know the password too. That defeats the purpose of a password. – Alaa Ali Sep 15 '14 at 03:21
-
This question appears to be off-topic because it is about bypassing security. There is no actual ubuntu problem. – Luis Alvarado Sep 15 '14 at 06:09
-
@LuisAlvarado This certainly applies to Ubuntu. It seems to me this is about Ubuntu. Presumably the system on which this password has been set is an Ubuntu system. If this weren't about "bypassing security," would you have felt comfortable closing it with a single moderator close vote? (It had no other close votes before that.) As far as I know we have no community consensus that questions about "bypassing security" are off-topic. – Eliah Kagan Sep 15 '14 at 10:33
-
There is no indication that this is about Ubuntu anywhere on the question. Furthermore this is more related to bypassing an actual security feature than solving an ubuntu problem. – Luis Alvarado Sep 15 '14 at 16:00
-
@LuisAlvarado , mate if this wouldn't be a question from Ubuntu, I wouldn't post in here. as far as I know, Grub, Sudoers, root are the concepts from linux alone, I don't think Windows OS has these concepts! so don't use your Reputation and powers over my question and put it on hold. – T3J45 Sep 18 '14 at 09:26
-
@RAWbot What you are asking is not an Ubuntu problem, app or question regarding an ubuntu configuration but bypassing a security measure, you can see how I landed on that conclusion just by seeing the question as it currently shows. The information from your question points to the fact that you wish to reveal the current password for root, which is a subtle way of asking how to break into a system. I would recommend a more appropiate site like: http://security.stackexchange.com/ – Luis Alvarado Sep 18 '14 at 15:07
2 Answers
4
It is a vast topic to discuss on. But considering the case of Ubuntu, the passwords are stored in the location
/etc/shadow
You can view the contents by opening it with
sudo nano /etc/shadow
On the very first line you can see
root:$6$xrzOs5vu$gfLwd1NVOBRqCvmgpBOa9V4PzNOzlgC2jGU.GT8k9zPiW2zihymU/nmgdjsP8SzR3Qk7UoQUkTrsi9tCIFy6f.:16303:0:99999:7:::
The first part is the username (Here it is root. You can see other users below). Then comes the hashed form of your root password. Usually once we assign a password to ubuntu, It generates a random salt value and add this salt value to the password file and then hashes it using any of the algorithms like sha512,md5,etc. Since the salt is unknown it is very hard for a cracker to crack the passwords. But you still can change your root password by simply typing the following on terminal
sudo passwd
Anandu M Das
- 2,233
-
1Thank you. I made a pretty good search, but it's the first time i've heard the concept of Salt value and sha512. I'll expand my search over this. Thanks again. – T3J45 Sep 15 '14 at 16:22
0
There isn't a way to decrypt the password. Historically, the encryption of Unix passwords has always been irreversible because the encryption is not unique to the password. There may be other passwords that will generate the same encryption string. Because of this, decryption to a single password is impossible. Unix takes the password that you enter at login, encrypts it, and compares the encryptions to see if you entered the correct password.
