Bypass Linux Login Password, Reset It Without Original Password😈:
Hi,
My name is Aman. I am here with my another informative blog, In this blog we will see how to login into any Linux machine( I tried it on Kali, Parrot, Ubuntu) without knowing its original password and without loosing date into any user’s account by changing the password. And i will also tell you how to be protected against it.
If you are a Linux user you have to know it. Because it is very serious problem.
================ Lets Begin ===============
I am going to demonstrate it on my Parrot OS box.
First start the machine and wait until its shows the grub boot loader screen.(fig-2.0)
On the same screen press ‘e’ for edit into boot loader setting. As soon as you press ‘e’ an new window opens.(fig-3.0)
In here Linux section we have to do some changes first we have to change the ‘ro’ mean read only to ‘rw’ means ‘read&write’ and in the last of the line we need to add ‘init=/bin/bash’. Changes are temporary.fig(4.0)
After when all changes are done press CTRL+X for save and exit. when the system it try to open first a root shell will be appear.(fig-5.0)
Here we can access all the files and folder. But thats not enough we will change the user and root password for login into as graphical mode. For do show first we will see the username into /etc/shadow file after that we have to change the password for that user.(fig6.0)
Here we can see a user named as wild will change its password for that run the following command.(fig-7.0)
(1) #passwd [username] (change password for user(system user))
(2) #passwd (change password for root user)
Now the password is changed for both wild(user)& root user run ‘reboot -f’ command for reboot the system or simply shut down the computer by long pressing the power button and restart it. As soon as machine get started you will get normal login screen for the user, enter the new changed password and you able to login into the system.(fig-8.0)
Now we are able to login to the system user also as root user. The password has been changed but the owner of the machine can’t be login to the system because his/her password get changed.
This is very serious problem, any one can change your password without knowing you, now lets see how we can protect ourselves form this:
To avoid this thing we have to set a lock 🔒 on the grub that only the authentic person have the permission to edit it.
For do so we have to edit the ‘ /etc/grub.d/10_linux ’file. Start our system and run the following command.
~$ sudo nano /etc/grub.d/10_linuxGo to the last line of this text file.(fig-9.0)
Add these lines to this file.
cat << EOFset superusers=[USER_NAME]
password_pbkdf2 [USER_NAME][PASSWORD_HASH]EOF
But before that you have to create hashes for your password, for do so run the following command.
~$ grub-mkpasswd-pbkdf2As soon as you run the command its ask you for password, enter the password it will automatically generate the password hash.Copy the selected hash, it is password hash, we will use it at place of password hash. In your case it will be different. (fig-10.0)
Now time to paste all of this into the /etc/grub.d/10_linux file.(fig-11.0)
Now save this changes after that run these two following commands.(fig-12.0)
(1)~$ sudo update-grub
(2)~$ sudo grub-mkconfig -o /boot/grub/grub.cfg
Now the grub is locked for see this reboot the system and try to edit the boot loader. It will ask for user_name and Password when you try to edit the grub .(fig-13.0)
Now you are safe no one can change you password without unlocking the grub.
