BackTrack Reset Root Password

1. Boot BackTrack Live CD
   • Instructions:
     1. Select "BackTrack Text - Default Boot Text Mode"
     2. Press Enter
   • 
2. BackTrack5 Command Line
   • Note:
     • This is the screen you will see to begin the reset process.
   • 

Section 3. Mounting the Boot Disk

1. Discover the Boot Disk
   • Instruction:
     1. fdisk -l
   • Note:
     • This server was built with all the directories under the same partition.
     • Typically, productions servers will have a partition per file system.  In our case, this server was built with all the directory and filesystems under one partition.
     • In the next step, we will mount up the /dev/sda1 partition.
   • 
2. Mount the Boot Partition
   • Instruction:
     1. mount /dev/sda1 /mnt
     2. df -k
   • Note:
     • Since, all filesystems and directories are located under /dev/sda1 we will be able to access any file.
   • 
3. Navigate to the etc directory
   • Instruction:
     1. cd /mnt/etc
     2. ls -l | grep shadow
     3. md5sum /mnt/etc/shadow > /mnt/var/tmp/before.txt
        • This is part of the proof of lab.
   • Note:
     • By mounting /dev/sda1 to the /mnt directory, we know have access to the shadow file.
   • 
4. Edit the shadow file
   • Instruction:
     1. vi shadow
   • 
5. Edit the shadow file
   • Instruction:
     1. Right arrow over to the immediate next right position of the first colon.
     2. Press the "x" to delete all the characters, until you get to the second colon.  Note, do not delete the colons.
   • 
6. Saving the shadow file
   • Instruction:
     1. Press the "Esc" key
     2. Press <Shift> and the ":" key.
     3. Type wq!
     4. Press enter
   • Note:
     • Congratulations, You effectively cleared out the root password.
   • 
7. Post Lab Verification
   • Instruction:
     1. md5sum /mnt/etc/shadow > /mnt/var/tmp/after.txt
     2. ls -l /mnt/var/tmp/*.txt
     3. cat /mnt/var/tmp/*.txt
   • Note:
     • The above command are not required to reset/clear the root password.
     • This is only part of our pre-proof of lab instructions.
   • 

Section 4. Reboot BackTrack

1. Reboot the server
   • Instruction:
     1. shutdown -r now
     2. Press <Enter> when you see the line that says "Please remove the disc and close ..."
   • 
2. Login as root
   • Instruction:
     1. Type "root" at the bt login: prompt.
   • Note:
     • After you press enter, you will not be prompted for the root password.
   • 
3. Change Root Password
   • Instruction:
     1. passwd root
        • Set the root password to our standard classroom password.
   • 
4. Proof of Lab
   • Instruction:
     1. ls -l /var/tmp/*.txt
     2. md5sum /etc/passwd
     3. md5sum /var/tmp/*.txt
     4. date
     5. echo "Your Name"
        • Replace "Your Name" with your actual name.
        • e.g., echo "John Gray"
   • 
5. Change Back the Virtual Machine Settings
   • Instruction:
     1. Virtual Machine --> Virtual Machine Settings...
   • 
6. Change CD/DVD Settings
   • Instruction:
     1. Select CD/DVD (IDE)
     2. Select radio button "Use physical drive:" and make sure "Auto detect" is selected.
   •