(Fedora: Lesson 4)

{ Using a Live CD to crack a password protected grub.conf file }

Section 0. Background Information

Background Information
- In Lesson 3 you learned how to password protect the grub menu.
- This lesson teaches you how to circumvent a password protected grub menu using a Fedora Live CD. Actually, you can use just about any Linux Live CD (e.g., Hiren's, BackTrack, etc).
Pre-requisites
1. Fedora: Lesson 1: Installing Fedora 14
2. Fedora: Lesson 3: Hardening the Boat Loader, /boot/grub/grub.conf
Lab Notes
- In this lab we will do the following:
  1. We will circumvent password protected Grub with a Fedora 14 Live CD.
  2. We will mount the boot partition
  3. We will removed the password directive that protects the grub.conf file.
  4. We will test our handy work.
Legal Disclaimer
- As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
- In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
- In addition, this is a teaching website that does not condone malicious behavior of any kind.
- Your are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
- © 2013 No content replication of any kind is allowed without express written permission.

Section 1: Configure Fedora14 Virtual Machine Settings

Open Your VMware Player
- Instructions:
  1. On Your Host Computer, Go To
  2. Start --> All Program --> VMWare --> VMWare Player
Edit Fedora 14 Virtual Machine Settings
- Instructions:
  1. Highlight Fedora14
  2. Click Edit virtual machine settings
Set Machine to Boot From CD/DVD
- Instructions:
  1. Select CD/DVD (IDE)
  2. Device status: Check the Connect at power on checkbox.
  3. Select the "Use ISO image file" radio button.
  4. Click the Browse Button.
  5. Navigate to the location of your Fedora14.iso or other Live CD
Edit Network Adapter
- Instructions:
  1. Highlight Network Adapter
  2. Select Bridged
  3. Click the OK Button

Section 2: Play Virtual Machine

Start the Fedora14 VM
- Instructions:
  1. Click on the Fedora14 VM
  2. Click on Play virtual machine
Obtain Boot Menu
- Instructions
  1. Once you see the below vmware screen, (1) Left Click in the screen and (2) press the "<Esc>" key
- Note(FYI):
  1. This might take you a few times so be patient!!!
Boot Menu Options
- Instructions:
  1. Arrow Down to CD-ROM Drive
  2. Press <Enter>
Boot Notification
- Instructions:
  1. Press the <Tab> key
Live Desktop
- Instructions:
  1. Arrow Down to Boot
  2. Press the <Tab> key
Boot into Single User Mode
- Instructions:
  1. Type the word single and the end of the line.
  2. Press the <Enter> key
- Note(FYI):
  1. By adding "single" or "1" to the end of the line, you are telling the CD to boot into single user mode instead of the Graphical User Interface (init 5).

Section 3: Editing the grub.conf from single user mode.

Working in Single User Mode
- Note(FYI):
  1. In my case, you will notice the drive [sda]
  2. When booting off a CD into single user mode, you will automatically be the root user
View Partition Table
- Instructions:
  1. fdisk -l
    - Where "-l" is the lower case letter L.
- Note(FYI):
  1. The fdisk command will allow you to see the partition table for one or many disk(s).
Determine the Boot Partition
- Note(FYI):
  1. Under the "Boot" Column there is a "*", which indicates to you that this is the boot slice of disk /dev/sda, which in this case it is /dev/sda1
Mount the boot device
- Instructions:
  1. mount -t ext4 /dev/sda1 /mnt
- Note(FYI):
  1. The ext4 or fourth extended filesystem is a journaling file system for Linux, developed as the successor to ext3.
  2. ext4 is backward compatible with ext3 and ext2, making it possible to mount ext3 and ext2 as ext4.
Backup and open the grub.conf file
- Instructions:
  1. cd /mnt/grub/
  2. cp grub.conf grub.conf.bkp2
  3. vi grub.conf
- Note(FYI):
  1. Remember, /mnt is really /boot now, since /dev/sda1 is the partition in which the /boot filesystem is normally mounted on.
  2. This is the second grub.conf backup file.
Delete the line that contains password.
- Instructions:
  1. Arrow down until your cursor is on the password string.
  2. Type "dd", to the delete one line.
  3. Press the <ESC> key
  4. Type ":wq!"
  5. Present the <Enter> key.
Power Off Operating System
- Instructions:
  1. cd /
  2. umount /mnt
  3. poweroff
Power Off Virtual Machine
- Instructions:
  1. Click Power Off (See Picture)

Section 4: Configure Virtual Settings

Edit Fedora 14 Virtual Machine Settings
- Instructions:
  1. Highlight Fedora14
  2. Click Edit virtual machine settings
Auto Detect Hard Drive
- Instructions:
  1. Click on CD/DVD(IDE)
  2. Click the Use physical drive: radio button
  3. Make sure Auto detect is selected
Edit Network Adapter
- Instructions:
  1. Highlight Network Adapter
  2. Select Bridged
  3. Click the OK Button

Section 5: Configure the grub.conf to provide a root prompt at single user mode

Start the Fedora14 VM
- Instructions:
  1. Click on the Fedora14 VM
  2. Click on Play virtual machine
Obtain Boot Menu
- Instructions
  1. Once you see the below vmware screen, (1) Left Click in the screen and (2) press the "e" key
- Note(FYI):
  1. This might take you a few times so be patient!!!
Enter the Grub Menu
- Instructions
  1. Press "e" key
Access the Kernel
- Instructions:
  1. Arrow down to the line that contains the kernel.
  2. Press the "e" key to edit the kernel.
- Note(FYI): What is the kernel?
  - The kernel is the part of the operating system that allocates machine resources, including memory, disk space, and CPU cycles, to all other programs that run on a computer. The kernel includes the low-level hardware interfaces (a.k.a drivers) and manages processes, the means by which Linux executes programs.
Prepare Operating System to Boot into Single User Mode
- Instructions:
  1. Type a "1" after the word quiet (See Below)
  2. Press Enter.
- Note(FYI):
  1. This is how we will put the system into single user mode.
Boot the System
- Instructions:
  1. Type "b" to boot.
- Note(FYI):
  1. The below screen is the result of pressing enter in step 4.

Section 6: Resetting root's password in Single User Mode

Single User Mode
- Note(FYI):
  1. You are in single user mode
  2. You are the root user
Create a new root password
- Instructions:
  1. passwd root
  2. New password: <Provide whatever password you like>
  3. Retype new password: <Provide same password>
Boot machine into the Graphical Multiuser Interface
- Instructions:
  1. init 5
- Note(FYI): Below are all the run levels.
  - init 0 - Halt
  - init 1 - Single User, File Systems are Mounted, Network Down.
  - init 2 - Multi User, No NFS, File Systems Mounted, Network Up.
  - init 3 - Multi User, File Systems are Mounted, Network Up.
  - init 4 - User defined.
  - init 5 - Graphical Multiuser, File Systems Mounted, Network Up.
  - init 6 - Reboot.

Section 7: Login to Fedora 14

Login to Fedora14
- Instructions:
  1. Login: student
  2. Password: <Provide Your Password>
  3. Click the Log In Button
Start a Terminal Console
- Instructions:
  1. Applications --> Terminal
Switch user to root
- Instructions:
  1. su - root
  2. <Whatever you set the root password to>

Section 8: Proof of Lab

Proof of Lab
- Instructions:
  1. cd /boot/grub/
  2. ls -l grub.conf*
  3. grep password grub.conf*
  4. date
  5. echo "Your Name"
    - Put in your actual name in place of "Your Name"
    - e.g., echo "John Gray"
- Proof of Lab Instructions
  1. Press the <Ctrl> and <Alt> key at the same time.
  2. Press the <PrtScn> key.
  3. Paste into a word document
  4. Upload to Moodle