Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Backtrack4 password "toor" doesn't work!

  1. #11
    Member whitelisted's Avatar
    Join Date
    Feb 2010

    Default Re: Backtrack4 password "toor" doesn't work!

    I'm sorry, but I think it's very unlikely that this is a corrupted file or a bad burn.

    If you think about what a live image has to go through before it even reaches the point of dropping you at a hash prompt - loading the kernel image and miniroot, uncompressing and mounting the squashfs root filesystem, going through the init scripts, and eventually hauling the vast reptilian bulk of KDE off the filesystem and into main memory after you've typed "startx", I really think a corrupt download or a duff burn would have already presented themselves with far worse symptoms than something as trivial as a changed root password (refusals to boot, kernel panics, or filesystem corruption errors).

    I've just booted off my copy of bt4-final.iso, and run "sshd-generate" (to generate a set of ssh host keys), followed by "/etc/init.d/ssh start" (to start the ssh daemon) and finally "ssh root@localhost". The password "toor" doesn't work. A quick check of /etc/ssh/sshd_config shows that PermitRootLogin is set to yes, so that's not the problem.

    Typing "passwd root" (to change the root password) and setting it to something else and then trying again to ssh to localhost means I can log in successfully using my new password.

    This pretty well proves that the root password on the live image isn't "toor".

    Finally, because I'm absent-minded and I didn't think to save my /etc/shadow and /etc/passwd before changing root's password, I rebooted off the live image again and used John The Ripper to break the password.

    For those interested in keeping track, here's a copy/paste of the steps:

    root@bt:~# cd /pentest/passwords/jtr
    root@bt:/pentest/passwords/jtr# ./unshadow /etc/passwd /etc/shadow | egrep ^root >p
    root@bt:/pentest/passwords/jtr# cat p
    root@bt:/pentest/passwords/jtr# ./john p
    Loaded 1 password hash (Traditional DES [128/128 BS SSE2])
    guesses: 1  time: 0:00:00:00 100% (2)  c/s: 12471  trying: 12345 - boomer
    OK, so John cracked the password in no time at all, but there's no password shown.. hmm..

    OK, so testing a theory, here's a a C program that I quickly bodged together:

    root@bt:~# cat foo.c
    #define _XOPEN_SOURCE
    #include <unistd.h>
    #include <stdio.h>
    main() {
        printf("%s\n", crypt("", "U6"));
    root@bt:~# gcc foo.c -lcrypt -o foo
    root@bt:~# ./foo
    Note the output of my program (U6aMy0wojraho) matches root's password hash shown in the JTR phase above.

    This pretty well shows that the root password on the live image is a zero-length string, not "toor".

    If you check around on the site, you should find the mods and developers saying in about a hundred different threads that "toor" is the password that is set by the installer, it's not what's used by the live image.

  2. #12
    Just burned his ISO
    Join Date
    Mar 2010

    Thumbs up Re: Backtrack4 password "toor" doesn't work!

    thx nice job whitelisted, there were no further questions. I probably compared it too much with bt3.

  3. #13
    Just burned his ISO
    Join Date
    Feb 2010

    Default Re: Backtrack4 password "toor" doesn't work!

    I installed BT4 on a dedicated harddrive,no partitions,and when the pc rebooted and asked for login and pwd I typed in root then toor as the pwd and it didn't accept this but then I got the prompt "root@bt:~#" and typed in "startx" then I was able to get in. Is the way it should work or is my installation a bit corrupt?

    PS: I used the iso Live CD image that a friend of mine gave me to install BT4 on my dedicated harddrive. I couldn't download the vm ware version cause I'm using dial-up so if I start the download now and order the cd online at the same time,I will definitely receive the CD by mail B4 the download is complete.

  4. #14
    Member xX_Spiidey_Xx's Avatar
    Join Date
    Jan 2010

    Default Re: Backtrack4 password "toor" doesn't work!

    Quote Originally Posted by whitelisted View Post
    This pretty well shows that the root password on the live image is a zero-length string, not "toor".
    I booted my liveDVD iso, and here are my steps:
    vi /etc/ssh/sshd_config
    PermitEmptyPasswords YES
    /etc/init.d/ssh start
    useradd spiidey
    passwd spiidey
    <!-- test was the password used -->
    ssh spiidey@localhost
    <prompt> Password: test
    <shell> spiidey@bt: ssh root@localhost
    <NO PASSWORD PROMPT, dropped to a root shell over ssh>
    <shell> root@bt:
    also shows that on a live boot that the root password is a zero-length string.

    BUT: when it is installed, the password will be toor, unless you changed it using the passwd command.
    Last edited by xX_Spiidey_Xx; 03-07-2010 at 07:02 PM.
    thou shalt treat all computers as thou wouldst treat thyself, for thou art the creator of thine own problems.

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Wicd says "This network requires encryption to be enabled". Why?
    By balding_parrot in forum Frequently Asked Questions
    Replies: 0
    Last Post: 02-28-2010, 06:36 AM
  2. USB Backtrack 4 hangs at "system-tools-backends"
    By Skippy989 in forum Beginners Forum
    Replies: 0
    Last Post: 02-26-2010, 11:32 PM
  3. login: root password: toor won't work on clean install
    By cybersmurf in forum Beginners Forum
    Replies: 2
    Last Post: 02-08-2010, 03:04 PM
  4. problems whit "/etc/console-tools/config"
    By DreaDy.HK in forum Beginners Forum
    Replies: 1
    Last Post: 01-22-2010, 02:36 AM
  5. Replies: 0
    Last Post: 01-16-2010, 06:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts