(CentOS 6.6: Lesson 5)

{ Using a Live CD to clear root's passwd in /etc/shadow }

Section 0. Background Information

Background Information
- In this lesson, you will learn how to use a Fedora Live CD or any Linux live CD to (1) boot into single user mode, (2) mount the "/" directory which contains /etc, and (3) how to remove root's password from the /etc/shadow file.
Pre-requisites
Lab Notes
- In this lab we will do the following:
  1. Boot the Operating System off a CentOS Live CD.
  2. We will mount the disk partition that contains /etc.
  3. We will delete root's encrypted password from /etc/shadow.
  4. We will test our handy work.
Legal Disclaimer
- As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
- In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
- In addition, this is a teaching website that does not condone malicious behavior of any kind.
- You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
- © 2015 No content replication of any kind is allowed without express written permission.

Section 1. Configure CentOS-6.6 Virtual Machine Settings

Open Your VMware Player
- Instructions:
  1. On Your Host Computer, Go To
  2. Start --> All Program --> VMWare --> VMWare Player
Edit CentOS-6.6 Virtual Machine Settings
- Instructions:
  1. Highlight CentOS-6.6
  2. Click Edit virtual machine settings
Set Machine to Boot From CD/DVD
- Instructions:
  1. Select CD/DVD (IDE)
  2. Device status: Check the Connect at power on checkbox.
  3. Select the "Use ISO image file" radio button.
  4. Click the Browse Button and Navigate to the location of your CentOS-6.6-i386-bin-DVD1.iso or other Live CD.
  5. Click the OK Button
Edit Network Adapter
- Instructions:
  1. Highlight Network Adapter
  2. Select Bridged
  3. Click the OK Button

Section 2. Play Virtual Machine

Start the CentOS-6.6 VM
- Instructions:
  1. Click on the CentOS-6.6 VM
  2. Click on Play virtual machine
Obtain Boot Menu
- Instructions
  1. Once you see the below vmware screen, (1) Left Click in the screen and (2) press the "<Esc>" key
- Note(FYI):
  1. This might take you a few times so be patient!!!
Boot Menu Options
- Instructions:
  1. Arrow Down to CD-ROM Drive
  2. Press <Enter>
Rescue
- Instructions:
  1. Arrow Down to "Rescue installed system"
  2. Press <Enter>
Choose Language
- Instructions:
  1. Arrow Down English or your language of choice
  2. Press the <Tab> key, which will move focus to the OK Button
  3. Press the <Enter> key
Choose Keyboard Type
- Instructions:
  1. Arrow Down to us or desired keyboard and press the <Tab> key
  2. Once the OK button is highlighted, press the <Enter> key
Setup Networking
- Instructions:
  1. Press the <Tab> key
  2. Once the No button is highlighted, press the <Enter> key
Continue Mounting File Systems
- Instructions:
  1. Press the <Tab> key
  2. Once the Continue button is highlighted, press the <Enter> key
chroot information
- Instructions:
  1. Press the <Enter> key
Mount Information
- Instructions:
  1. Press the <Enter> key
Shell Access
- Instructions:
  1. Make sure cursor is on "shell Start shell"
  2. Press the <Tab> key
  3. Press the <Enter> key

Section 3. Examining Mounted File Systems in Single User Mode.

Section 4. Modifying /etc/shadow in Single User Mode.

Make a backup copy of /etc/shadow
- Instructions:
  1. cd /mnt/sysimage/etc/
  2. cp shadow shadow.bkp
  3. ls -l shadow*
Open the shadow File
- Instructions:
  1. vi shadow
Position Cursor
- Instructions:
  1. Cursor over one position to the right of the first colon(:)
Delete Encrypted Password
- Instructions:
  1. Type dt:
    - This will delete everything up to the next colon.
    - You should now see no password between the first and second colon(:).
- Note(FYI):
  1. If you make a mistake, just press u to undo.
Save the shadow file
- Instructions:
  1. Type :wq!
  2. Press <Enter>
Reboot Machine
- Instructions:
  1. cd /
  2. poweroff

Section 5. Configure Virtual Settings

Edit CentOS-6.6 Virtual Machine Settings
- Instructions:
  1. Highlight CentOS-6.6
  2. Click Edit virtual machine settings
Auto Detect Hard Drive
- Instructions:
  1. Click on CD/DVD(IDE)
  2. Click the Use physical drive: radio button
  3. Make sure Auto detect is selected
Edit Network Adapter
- Instructions:
  1. Highlight Network Adapter
  2. Select Bridged
  3. Click the OK Button

Section 6. Login without a root password

Start the CentOS-6.6 VM
- Instructions:
  1. Click on the CentOS-6.6 VM
  2. Click on Play virtual machine
Login to CentOS
- Note(FYI):
  1. Until you click the user, in this case Security Student, the Password field will not be displayed.
- Instructions:
  1. Click on Security Student
    - This will display the password text box.
  2. Supply its' password
  3. Click the Log In Button
Open a Terminal
- Instructions:
  1. Applications --> System Tools --> Terminal
Switch User to root
- Instructions:
  1. su - root
  2. whoami
- Note(FYI):
  1. su, This is the switch user command. In this case, I am switching from user student to user root.
  2. whoami, The command prints the user name associated with the current effective user ID.
  3. Notice you were not prompted for a root password!!!
Switch User to root
- Instructions:
  1. passwd root
  2. Provide a password
  3. Re-Enter the password

Section 7. Proof of Lab