Results 1 to 9 of 9

Thread: Debian GNU/Linux lenny.sid tty1 login problems

  1. #1
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    7

    Default Debian GNU/Linux lenny.sid tty1 login problems

    Hello
    This is my first time I am using the forum and I feel sorry that I now decided to registered. Usually I was browsing the various posts and getting the answers to various questions I had but now i find my self in a position that desperately needs help.

    I am new to Linux so a newbie but I am trying to gather as much knowledge and eventually get rid of the Windows OS. Also English is not my native language.

    A friend of my gave me a game server based in Debian version Lennny/SID
    and I need to know if it is possible to find the login password. He got the PC from his fathers shop. His father bought it from a customer in order to resell it but my friend decides to keep it hopefully to have a look if the machine it is good for a game server so to load a game and use it all of the friends.

    It is a Dell PC. It is booting normally and comes to this point

    Debian GNU/Linux lenny.sid test-system tty1

    test-system login:

    I boot from an Ubuntu DVD and mount the HDD. After finding the /etc file I found out that they were not accessible so I could not see their contents and hopefully get to the login password.
    Later on I got in the terminal and tried some commands. Below are the results:

    media/ROOT/etc

    unshadow PASSWORD-FILE- SHADOW-FILE

    pwunconv can’t lock passwd file

    grpunconv can’t lock group file

    Later tried to use John the ripper to try to recover the password and here are the results again:

    john passwd Loaded 0 passwords cracked, existing...

    john --show --shells=-/etc/expired passwd Loaded 0 passwords cracked, 0 left
    I read that john can not recover passwd unless is shown but I could not because trying to unshadow the passwd, passwd-, group, files I could not

    Is it possible that the login that the system need is not a administrator password and something else. If I change the bootloader (grub) can I pass overpass the login password and get the desktop?

    Is there a way to put the pc in my local network and try to access it from tty1??

    There is something I am doing wrong but I do not know what is it.

    So far I did not insert the Backtrack DVD to boot from it because I am not sure if I will have the same results mostly because my knowledge is limited. I will read some more information and tutorials for Backtrack.

    A hammer will not help me isn’t it?

    Thank you very much

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    This is how you would do this on BackTrack (you will note that Im not telling you how to do this from Ubuntu because this is not an Ubuntu forum).

    The below is reproduced from memory, I don't have a BackTrack system handy ATM, so you may have to tweak it a little for your requirements. Use Google and the appropriate man pages to help.

    The below assumes that you have booted the system from a BT4 DVD /USB and that the Ubuntu systems root (/) partition is mounted at /mnt/sda1. If that's not the case then adjust the commands as appropriate.

    Use "fdisk -l" or "cat /proc/partitions" to show available partitions to mount, "mkdir" to create a directory to use as a mount point (e.g. /mnt/sda1) and the "mount" command to mount the partition to that mount point (e.g. "mount /dev/sda1 /mnt/sda1").

    Code:
    cd /pentest/passwords/jtr/
    ./unshadow /mnt/sda1/etc/passwd /mnt/sda1/etc/shadow > ~/password-hashes
    ./john ~/password-hashes
    OK, that fulfills my spoon feeding quota for this month.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by bafman View Post
    A friend of my gave me a game server based in Debian version Lennny/SID
    and I need to know if it is possible to find the login password. He got the PC from his fathers shop. His father bought it from a customer in order to resell it but my friend decides to keep it hopefully to have a look if the machine it is good for a game server so to load a game and use it all of the friends.
    Why would you need the password? The only reason I could see you needing this would be that you also want to see what data the computer potentially contains. Otherwise you could just format and reinstall your OS of choice onto the machine.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  4. #4
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    7

    Default

    Hi Lupin
    Thanks for your reply and informations
    I followed your instructions and got help from google as well and came to these results.

    I Typed cat /proc/partitions and results are
    7 0 1334364 loop0
    3 0 156290904 hda
    3 1 154810341 hda1
    3 2 1 hda2
    3 5 1477948 hda5

    Then fdisk -l and results
    /dev/hda1 * 1 19273 154810341 83 linux
    /dev/hda2 19274 19457 1477980 5 Extended
    /dev/hda5 19274 19457 1477948+ 82 Linux swap /Solaris

    I used mkdir /file
    Later used mount /dev/hda1 /mnt/hda1

    results: cant find /hda1//mount/ in /etc/fstab or /etc/mtab

    I proceed and get in to the Backtrack4 onfly and check in the ROOT directory etc/fstab. I found this

    # /etc/fstab: static file system information.
    #
    # <file system> <mount point> <type> <options> <dump> <pass>
    proc /proc proc defaults 0 0
    LABEL=ROOT / ext3 default,errors=remout-ro 0 1
    /dev/sda5 nonw swap sw 0 0
    I can not make any changes from there cause it need permitions and I could not find a way to lof in as administrator so edit the /etc/fstab file

    Rebooted and tried to
    mkdir /file and
    then vi /etc/fstab. The text editor opened and showed nothing so I had to shut down cause I was afraid if I was going to effect the etc/fstab file and do not boot at all.

    What are my mistakes?? Ia there any way to edit the etc/fstab with Backtrack4?

    It appears that I need spoon feed with a hudge spoon Lupin

    Thanks for your help

    Quote Originally Posted by archangel.amael View Post
    Why would you need the password? The only reason I could see you needing this would be that you also want to see what data the computer potentially contains. Otherwise you could just format and reinstall your OS of choice onto the machine.
    Hi
    It is easy to reformat the PC and use the OS of my choice you are right.
    First the PC has a linux system and it is a ready game server. Opening that "box" will help me to have a look how it was working as a game server and get as much informations we can. It will help me to set up our server.

    The server is a ready game server so there is a possibility to make our own game server easily...i belive.

    It is a Linux system so i need to expand my knowledge on Linux and how it works even the hard way.

    Because i want to know how is done

    Is appears stupid what i am doing but learning the hard way is better

    Thank you all

  5. #5
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Do not make multiple consecutive posts use the edit button instead.
    Hi
    It is easy to reformat the PC and use the OS of my choice you are right.
    First the PC has a linux system and it is a ready game server. Opening that "box" will help me to have a look how it was working as a game server and get as much informations we can. It will help me to set up our server.
    The server is a ready game server so there is a possibility to make our own game server easily...i belive.
    There are plenty of good tutorials around the internet that will help you to not only learn linux, but how to use linux as a game server.

    It is a Linux system so i need to expand my knowledge on Linux and how it works even the hard way.
    Because i want to know how is done
    If you want to learn linux as you have mentioned then why would you want to use BT since it is not a very user-friendly learning tool? Seems like you are trying to use a race car to learn how to ride a bike.
    Is appears stupid what i am doing but learning the hard way is better
    Thank you all
    Not only does it seem stupid, and indeed the hard way, but it also makes it look like you are trying to do something that you should not be doing.
    I mean once you have found the password, what will you have learned about linux?
    Now granted this may not be the case.
    So if you want to learn linux and you want to use BT great, I won't tell you not to, but I will tell you it is not the easiest thing to do.
    If this is the case then make sure you look at this thread for a plethora of information.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  6. #6
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    7

    Default

    Hello archangel.amael
    Thanks for your post and help.
    I understand your concept and your advice and i am sure that you are encouraging me to start learning from the scratch and thank you very much about it.
    I am using Ubuntu the last six months and read many articles and tutorials and feel that i need improvement in Linux. So far i was using Ubuntu for normal use like browsing sending receiving emails ....basic stuff. It’s been now four days trying to find the password of this machine and in these four days i learned more that i learned six months. All those console commands I learned to use made me to understand the power of the Linux OS generally.
    Now having seen what other tools BT4 has i reassure you that i will not stop learning and hopefully i want one day to use at least some of those tools that BT offers.
    I may do not succeed to find the password but i will succeed to be friend with Linux and BT environments and that is sure.
    It may look that I am doing something illegal but I explained the situation how the server got into my hands. The matter now stands for the password recovering challenge more than the curiosity of what is inside the box. Yes you are right telling me to start reading how to setup a Linux gaming server it is maybe easier that the password recovery but this is not the issue anymore. I will give my self a week working for the recovery. If I succeed it good if not reformat the PC and start setting up a Linux game server.

    Thank you for your posts and advices

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by bafman View Post
    Later used mount /dev/hda1 /mnt/hda1

    results: cant find /hda1//mount/ in /etc/fstab or /etc/mtab

    I proceed and get in to the Backtrack4 onfly and check in the ROOT directory etc/fstab. I found this

    # /etc/fstab: static file system information.
    #
    # <file system> <mount point> <type> <options> <dump> <pass>
    proc /proc proc defaults 0 0
    LABEL=ROOT / ext3 default,errors=remout-ro 0 1
    /dev/sda5 nonw swap sw 0 0
    I can not make any changes from there cause it need permitions and I could not find a way to lof in as administrator so edit the /etc/fstab file

    Rebooted and tried to
    mkdir /file and
    then vi /etc/fstab. The text editor opened and showed nothing so I had to shut down cause I was afraid if I was going to effect the etc/fstab file and do not boot at all.

    What are my mistakes?? Ia there any way to edit the etc/fstab with Backtrack4?

    It appears that I need spoon feed with a hudge spoon Lupin

    Thanks for your help
    You can edit the /etc/fstab file with any text editor, because its a plain text file ('man fstab' for the proper format), however you don't really need to because mount should work on its own as long as it recognises the device and mount point you specify on the command line. Im a little confused why the mount command gave you the error it did - perhaps a permission error.

    The following should work to mount your hda1 partition...
    Code:
    sudo -s
    mkdir /mnt/hda1
    mount /dev/hda1 /mnt/hda1
    If you have problems try "dmesg | tail" to see if any information about unknown filesystems is shown.

    As archangel.amael mentioned, this method using john will (possibly) only give you passwords to allow you to login. If you just want to get at the files in the system you can do this directly from BackTrack after mounting the appropriate partition, or you could just erase the partitions and reinstall Linux over the top of the existing install for your game server.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    7

    Default

    Hi Lupin and Archangel.Amael
    Thank you very much for your post and informations. I succeed to mount the hda1 at least.(i believe)

    sudo su
    mkdir /media/disk
    after fdisk -l game me the same
    /dev/hda1 * 1 19273 154810341 83 Linux
    /dev/hda2 19274 19457 1477980 5 Extended
    /dev/hda5 19274 19457 1477948+ 82 Linux swap /Solaris

    Later typed mount /dev/hda1 /media/disk

    I am still root@bt:~# So ls gives me only install.sh

    mount /dev/hda1 /media/disk looks Looks ok and later chroot /media/disk
    And I am in bt:/#
    With ls I can now see the etc file. cd etc I can see the passwd file in white color letters

    I type passwd and is asking for Enter new Unix password
    I set a new password and type exit
    I am now to root@bt:~#
    Type unmount /media/disk and get bash:command not found (it appears that I can not unmount the /media/disk)
    Later reboot to see if the system made any changes No changes to the test-system login. The new password does not work.
    I am not sure how to use john to recover or uncover the password.

    Lupin I tried to use the commands at your first post
    I was root@bt:~# and typed cd /pentest/passwords/jtr/ result was bash: cd /pentest/passwords/jtr/: No such file or directory.
    Later I typed chroot /media/disk . So I came to bt:/# from there tried to use the cd /pentest/passwords/jtr/ Results bash: cd /pentest/passwords/jtr/: No such file or directory

    So I proceed to add new user.
    I succeed to ad a new user so I log in as newuser password as I set it.
    It comes to marios@test-system:$ (which is the new user I set)
    From here ordinary console commands do not work at all even ls command doesn not give me anything.
    Pwd gives me /home/marios

    Any ideas??
    Thank you very much for your help

    Hi Again

    I edited the password with nano as I was root and now I am able to get into the system as root. I can browse all the directories and files without any limitation and I can edit them with nano editor.

    Thank you Lupin and archangel.amael

  9. #9
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by bafman View Post
    I was root@bt:~# and typed cd /pentest/passwords/jtr/ result was bash: cd /pentest/passwords/jtr/: No such file or directory.
    That path should definitely exist. From my BT4 Prefinal system:

    Code:
    root@bt4pf:~# cd /pentest/passwords/jtr/
    root@bt4pf:/pentest/passwords/jtr#
    Anyway, never mind, it appears as though you have fixed your problem.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •