Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


create a root
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

create a root

DanielMDanielM Member
edited May 2012 in General

does anyone know of a tool or script that i can execute to gain root access for a vps?

«1

Comments

  • DanielMDanielM Member

    Or create a second root account which cannot be removed.

    btw its centos

  • SpencerSpencer Member
    edited May 2012

    Skid much?

  • DanielMDanielM Member

    @PytoHost said: Skid much?

    I need it incase the server is hacked/root pass changed...

  • NickMNickM Member

    @DanielM said: I need it incase the server is hacked/root pass changed...

    No, you don't.

  • DanielMDanielM Member

    @NickM said: No, you don't.

    Then how do i get back in if he changes the pass?

  • NickMNickM Member
    edited May 2012

    OpenVZ? Xen? KVM? LXC? BSD jail?

  • DanielMDanielM Member

    @NickM said: OpenVZ? Xen? KVM? LXC? BSD jail?

    KVM

  • useradd username
    passwd username

    passwd root? :D

  • On KVM, boot a live cd and chroot to the disk then just run passwd

  • DanielMDanielM Member

    @ErawanArifNugroho said: useradd username

    passwd username

    passwd root? :D

    No luck tried that earilier. It doesnt give all root privs.

  • EddyEddy Member

    Guys! the kid wanna help ;p

    /usr/sbin/useradd r00t -g 0 -G root,bin,daemon,sys,adm,disk -M -o -u 0 -p yourp4ssw0rdh3r3

    this for centos as you request, then u must enter a command to confirm the password to be encrypted in shadow file

    passwd r00t
    yourp4ssw0rdh3r3

    btw, you can google it!

  • DanielMDanielM Member

    @Eddy said: this for centos as you request, then u must enter a command to confirm the password to be encrypted in shadow file

    Thanks pal :)

  • NickMNickM Member

    Boot it into single user mode via the VNC console. I'm going to assume here that you're using GRUB 2, since that's the default for just about everything now...

    When the GRUB menu comes up, press any key other than Enter. Highlight your default boot entry, and press e. Use the editor to add single to the end of the line that starts with linux. Press F10 to continue the boot process. It should drop you into a root prompt without requiring a password. Change your password using the passwd command.

    Thanked by 2marrco djvdorp
  • MrDOSMrDOS Member

    @NickM said: It should drop you into a root prompt without requiring a password. Change your password using the passwd command.

    And that, folks, is how we do root password resets.

    Although, really, if you're that worried about an attacker changing the root password, I hear ssh keys are good at making things like that irrelevant.

  • beardbeard Member
    1. Attacker gains access
    2. ls -las /home
    3. Removes your account
    4. ??????
    5. LOL!
  • NickMNickM Member

    @MrDOS said: Although, really, if you're that worried about an attacker changing the root password, I hear ssh keys are good at making things like that irrelevant.

    Not really. Personally, if I were to break into a server and gain root access, if I was going to change the root password, I would also delete the authorized_keys file...

  • @beard said: Removes your account

    Hence why i really wanted a backdoor.

  • beardbeard Member

    @DanielM said: Hence why i really wanted a backdoor.

    You don't get it

  • I would say, make backups of your data, if a hacker gets on then reinstall.

  • u4iau4ia Member

    @NickM said: Boot it into single user mode via the VNC console.

    This is the only backdoor you would need in the situation you described.

  • @beard said: You don't get it

    >

    I do. But you don't get my point. i dont care if its a root account even though this would be the best method.

  • NickMNickM Member

    The point is, whatever backdoor you have set up, if someone gets in, you can't count on that backdoor being there any longer. If it's a secondary root account, or another account with full sudo privileges, or whatever other way you can think of to do it, if I'm breaking into a server and wanting to lock you out of it, those are the first things I'm going to find anyways.

    Thanked by 1djvdorp
  • netomxnetomx Moderator, Veteran
    edited June 2012

    Well the backdoor may be the serial console

  • I love how we're turning into HackForums.

  • u4iau4ia Member

    @Aldryic I agree that the wording of the original question sounds sketchy, but after some discussion isn't how to regain access to your compromised VPS valuable community information?

  • yomeroyomero Member

    If a server is hacked... IS HACKED. Period.
    Do the live cd stuff and recover the rests...

    Thanked by 1marrco
  • sudo is your friend.

    Also, any decent hacker should know to look for UID 0, not just 'root'. Also, you probably shouldn't allow password-auth for root, and if the hacker locks you out of root, why do you think they'll not lock you out of any other accounts on the system?

  • jarjar Patron Provider, Top Host, Veteran

    I have a preferred anti-hack mechanism that works wonders, immediately shuts them down, and is only as slow as myself.

    Power button. Suck it, hackers!

    Thanked by 1djvdorp
  • @jarland said: Power button. Suck it, hackers!

    service network stop does almost as much good, but still lets you access the server through the console.

    Thanked by 1jar
  • @Aldryic said: I love how we're turning into HackForums.

    What? This is HackForums!

Sign In or Register to comment.