Article Directory
1. Single user mode
Common bug fixes in single user mode:
(1) Forget the root password
(2) Modify the system default operating level
1.1 Cracking the root password
(1) Single user mode: press any key to enter this interface when the countdown is five seconds
(2) I have removed gurb encryption, so I can enter directly by pressing the e key and move the cursor to the kernel
(2) These three sentences are the three sentences that define startup items under title in grub. The second item defines the kernel startup options. Cut the cursor to the second line and press e to edit, add 1, and then press Enter .
(4) Press the b key at this time to start in single user mode. At this time, Linux will start. You will find that you can log in to an operation interface without entering a user name and password. This prompt interface is called single user mode
(5) Mainly to modify the root password. If you forget the root user’s password, as long as you enter the single-user mode, you can enter directly without entering the user name and password in the single-user mode, and then you can set a new root for my root Password. This must be operated locally, remotely is not possible.
1.2 Modify the system default run level
The default running level cannot be changed to 0 or 6, otherwise the system will not get up. At this time, if it is really changed to 0, it is changed to 6, you can use single user mode to change this level back,
vim / Just change the default level number in the entire file etc/inittab. But the most common is to change the root password.
2. Disc repair mode
After the above operation, there will be a question at this time. Just press the e key to crack the root password. Is this a bit unsafe? ? ? At this time, there is another layer of protection, which is to encrypt grub. Before pressing the e key, press the p key and enter the correct grub password. Then you can enter the edit mode to break the password. Is this safe? ? ?
The single user mode is used for the system password. If you set the grub password and forget the grub password, you cannot crack it in the single user mode. If you want to break the system password, you must first enter the correct grub password. How to crack the grub password at this time? ? ? At this time, you can use the CD repair mode to crack the grub password.
In the CD-ROM repair mode, the CD is used as the startup item, bypassing the system startup of the hard disk, booting from the CD, and then mounting the hard disk back, because the hard disk is not loaded during startup, so all the data in the hard disk is to me If there is no password, do what you want, including changing the grub password, cracking the grub password, how to enter the CD-ROM repair mode?
2.1 Enter the disc repair mode
(1) Put the system CD in the virtual machine, choose OK and restart
(2) Then restart, quickly press the F2 key to enter the BIOS settings, as shown below
(3) I saw this interface when I installed Linux, but I chose the first installation and upgrade when installing, and now I need to choose the third one. That is to enter the safe mode installation, press Enter.
(4) Select the interface language. Chinese is not supported under the pure character interface. Although Chinese is listed, if you choose Chinese, garbled characters will appear. Simply choose English here. Select ok by tab key, basically all the way ok.
(5) Then enter a prompt, which is completely different from grub single user mode. In grub single user mode, you need to enter the grub password and then enter the e key. The system hard disk is entered through grub, but the current CD mode , Put the CD into it through the modified boot option, and now it is the system CD. The storage devices in Linux all need to be mounted before they can be used. After our normal standard boot, if it is booted from the hard disk , if you want to use the CD, you need to mount the CD to use it. But in the CD-ROM repair mode, the CD-ROM medium is started. If you want to use a hard disk, you also need to mount the hard disk back. Of course, this mount does not use the mount command. It is a command called chroot to change the home directory. In the interface currently entered, this directory is not the real root directory of the system. This is actually the CD-ROM. It simulates a fake root, not a real system root. How can I enter the system root (that is, mount it on the CD-ROM)? hard disk)? ? ?
Command: chroot /mnt/sysimage
Function: Change the home directory and enter the system root
Tips: Think of the real system root as /mnt/sysimage/such a directory and save it on the CD. Boot from the CD, you can see that the real system root is /mnt/sysimageinside, you need to use this command chroot /mnt/sysimageto mount the real root back. After the execution, the real root directory is operated. Once this command is executed, it will enter the real CD repair mode. If you enter the CD repair mode, theoretically all errors can be corrected by it, and some errors cannot be corrected by it.
2.2 Crack grub password
Here comes the point:After executing this command chroot /mnt/sysimage, we have entered the system root. If you forget the grub password, then directly enter the grub configuration file, directly modify the content inside vim /boot /grub/grub.conf, directly set the password Just delete that line. The root password can also be set here (the password was cracked in single user mode before).
vim /boot/grub/grub.confEnter the configuration file and just delete the line with the password (of course I did not set the grub password here). There is no password when restarting Linux.
2.3 System file repair
Here comes the point:The loss of important system files makes the system unable to start. If the file /etc/inittab is lost, if the system startup file is deleted, this file defines which level to boot into. If this file is lost, your system must start If it doesn't come, it will collapse. How to fix it? ? ?
Start experiment:
(1) At this time, you need to check, which package this file belongs to (in fact, this file is not lost). If it is deleted by mistake, it will not be found in the root of the file system that was originally missing. You need to take another one. A Linux, the same version of Linux as my system, to query which package it belongs to, this is just an experiment.
(2) Assuming that the file is really lost, you can extract the current file from this package to repair the error of the file loss, because it is now in the system root, now create a key mount point for the CD, and then mount it , You can extract the required files inside.
(3) Then execute the rpm2cpio command to extract the data of this package, and use the cpio -idv command to extract the file. . Means to extract to the current directory, instead of directly overwriting the file under the root, but to save it in the current directory. If you need to overwrite, select it manually. Therefore, you should switch to the /root/ directory first, and then copy it if you need to overwrite it.
Summary of the commands used above:
Command: cd /root
Function: Enter the root directory
Command: rpm -qf /etc/inittab
Function: Query which package the /etc/inittab file belongs to
Command: mkdir /mnt/cdrom
Role: Create a mount point
Command: mount /dev/sr0 /mnt/cdrom
Role: Mount CD
Command: rpm2cpio /mnt/cdrom/Packages/initscripts-9.03.40-2.el6.centosi686.rpm | cpio -idv ./etc/inittab
Function: Extract the inittab file to the current directory
Command: cp /root/inittab /etc/inittab
Function: Copy the inittab file to the specified location
Summary: The disc repair mode mainly does two things, one is to cancel the grub password, of course, you can also crack the root password, and the other is to repair important system files. In the CD-ROM repair mode, most of the errors that cause the system to fail to start normally can be corrected through it. Because it is a system booted from a CD, it bypasses the Linux hard disk, even if your hard disk crashes and cannot be used, as long as you boot from the CD, you can mount the hard disk and use it again, bypassing the
hard disk boot process , Even if the hard disk boot error does not affect the disc repair mode.
3. Linux security
- Linux has always been known for its security. After some operations above, do you feel that Linux is insecure? You can crack the password. The user's password can be easily cracked by a single user. To crack into the single user mode, you need to enter grub, but you can also use grub encryption to protect the single user mode. At this time, I thought that through the CD-ROM repair mode, the grub encryption can be completely cracked. You can use the CD-ROM repair mode. You must restart Linux and change the boot sequence in the BIOS. The BIOS here can also be encrypted, and the disc repair mode can be solved through BIOS encryption. But the BIOS password can also be cracked. There is a battery on the motherboard, and the information saved in the BIOS will disappear as long as the motherboard battery is unplugged. Of course, the password will also disappear because there is no power supply to support it.
- So we think the security is wrong. The security we are talking about refers to network security. If I can get this computer, I think this computer belongs to me, and I have full authority over it, so all these backdoors (password cracking) are systems Deliberately reserved. If there is no such backdoor, what should I do if I forget the system password? ? ?
- In other words, these backdoors are actually necessary for the normal use of the system. Not only Linux is the case. All devices that require passwords, Windows, switches, routers, databases...are all backdoors that have passwords to crack them. Otherwise, if the password is lost, This equipment is scrapped.
Summary: What we mean by security is network security, which means that if you cannot see this computer, it is connected through the network. At this time, you will think that you have no ownership of the computer. All security settings refer to this problem. There are also local security, which are common passwords, but they are reserved for cracking backdoors. If the password is forgotten, the computer will not be able to ask for it.
4. Summary
(1) Cracking the grub password in the CD-ROM repair mode: boot with the CD, because the real system root is regarded as /mnt/sysimage/such a directory and saved in the CD. Then use the initial interface to chroot /mnt/sysimagemount it back from the hard disk to enter the real root directory interface. At this time, the operation is our Linux system, open the /boot/grub/grub.conffile directly , and delete the line that sets the grub password.
(2) Repair of system files: Because in the CD-ROM repair mode, I have entered the real system root, which is my Linux system, and then mount the CD, use commands to take out the files I need, and then repair. Note: If you lose a file, you need to check which package my lost file is in on another Linux of the same version, so that you can extract the required file from the CD.
(3) Because the system booted from the CD bypasses the Linux hard disk, you can leave it at your mercy without a password.
(4) The single-user mode is mainly for cracking the root password. The CD repair mode is the real repair mode in Linux. It can be used to crack grub password, root password, and system files. Most of the errors can be repaired through the CD repair mode.