Steps to crack the root user password:
-
When restarting or starting up, press any key (except the Enter key) within 5 seconds when the following screen appears to enter the operating system selection menu.
-
According to the prompt below the interface: Press "e" or "a" to modify.
-
Enter kernel selection, press "e"
-
Select the operating kernel, and send a parameter "1" or "s" or "signal" to the current kernel , indicating that it enters single-user mode after startup.
-
Press Enter to return to the OS selection interface, and press b to start.
-
After entering the single-user mode, first use "getenforce" to check the status. If it is Enforcing, use the command "setenforce 0" to modify the status to allow. If the status is not changed, the password modification is unsuccessful. Use "passwd" to enter the password twice, if it is too short, it will prompt but will not affect the modification.
Measures to Prevent Cracking of Root User Password
In the above steps to crack the root user password, we can find that we enter e, e, and 1 respectively, and then start Linux to enter the single-user mode and then modify the password. The idea of preventing password modification is to prevent it from entering single-user mode. By setting a password, you will not be given the opportunity to press the "e" key. The operation steps are as follows:
1. Back up the grub.conf file
Centos6 operation is:
The operation of centos7 is:
grub.conf is generally in the isolinux directory under the CD-ROM mount directory by default. If you can’t find it, you can use the command find / -name grub.conf to find its path in the entire root directory. Then make a backup.
2. Modify the grub.conf file
Add a line of password password to the file .
再重新启动Linux进入相应界面时,就会提示输入相应的密码才能进入下一步。
3. Two loopholes in the above operation
<1>: The password is plain text, you only need to check the contents of the grub.conf file, and it will be leaked. The solution is to use the command to generate the encrypted password, the steps are as follows:
<2>: The password set above will not prevent Linux from starting, and it is safer to directly prevent it from starting. The solution is as follows: