You’re in the front of a Linux computer, you need a root access. What do you do?

less than 1 minute read

So, imagine that you are in front of some Linux computer to which you don’t have any access. How do you get a root access?

Restart the computer, in Grub menu choose (recovery mode) and on the next screen select Drop to root shell prompt. Simple as that.


If you liked the post, we should get connected - follow me on Twitter

13 Comments You’re in the front of a Linux computer, you need a root access. What do you do?

  1. G

    Unless of course the system is properly configured with a password for Grub, preventing you from selecting a different option.

    Reply
    1. jole

      And if there’s no any BIOS password :) It’s not any attack method (although it could be, on a weakly protected systems, f.e. without Grub pass protection). It’s more a cool trick which can be handy sometimes.

      Reply
  2. Paolo

    If the boot loader is password protected but the BIOS isn’t, you could always boot the computer with a live CD, mount the partition with /etc and reset the root password. This also isn’t possible if /etc is inside an encrypted partition… In that case you’re kinda screwed: with an encrypted root partition the recovery mode would also be tricky (you’d need the partition password in order to boot the system properly).

    Reply
  3. 4x

    In grub menu press “e” on a boot menu item you’re interested in, then add init=/bin/bash to the end of kernel’s command line

    Reply
  4. Anony Mouse

    Or, you could pull the drive, connect it to a USB to SATA (assuming SATA, for RAID arrays, this gets more interesting…) dongle, plug that into a booted machine that you have control over, mount the disk to /mnt/root.me, chroot /mnt/root.me and then do “passwd” to change the root password.

    Unless someone encrypted their root disk, in which case you’re pretty much SOL.

    Reply
    1. Paolo Bernardi

      In that case you could always at least have fun experimenting with cold boot attacks. Or you could try to “social engineer” your way to the root account (assuming that root is hostile)

      Reply
  5. Dylan

    A restart via command line requires a root password. Usually the system you want root access too is also in a remote location, so manually restarting isn’t an option either…. how do you gain access to it? Obviously if its your own box this isnt a problem ;)

    Reply
  6. pschepenaar

    @Dylan
    Alt+Magic-sysreqkey+r

    Instant reboot.

    So we need to be root – does it have to be the running OS?

    Reply
  7. Anes Lihovac

    Most Distros nowadays will still prompt you for a Password even in recovery mode.
    Another solution:
    Get an USB Stick and install e.g. Damn Small Linux via Unetbootin on it. Reboot the PC and boot from USB. Mount the harddisk partition and edit /etc/passwd. Delete the garbage between the two colons e.g root:khdfkj887676!dsd:/bin/bash…..
    Reboot, and log into as root without a password
    OR !!! Look under the keyboard, maybe someone scribbled a hint ;)

    Reply
  8. baldfat

    Missing #1 security rule.

    ANY computer that someone has physical contact with is already broken. No matter if BIOS and GRUB is password protected or not.

    What policy is in place to protect the physical computer besides passwords that can be hammered?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *