3

I follow a tutorial about the race condition exploit.

I made a copy of my /etc/shadow file. And then replace all the contain by one line

root::1:99999:::::

However. My old password doesn't work anymore when I'm trying to use the command su. :/

I kept my old shadow file but try to restore it. However I can't because I'm not su and can't become su anymore.

Does anyone know if it's possible to deduce which is the new su's password only with the line I provided above ?

I'm currently on Linux Mint 18.

Gilles 'SO- stop being evil'
  • 829,060
S7_0
  • 181
  • 1
    Press ++. Type "root". Press . What does this do? After trying this, press ++ to get back to where you were. – thb Oct 22 '16 at 23:19
  • 2
    @thb F7 and greater are reserved for X sessions, but F7 is only the right one if the user is the only (or first) person currently logged in, at least for Ubuntu's "Switch user" functionality. – jpaugh Oct 23 '16 at 04:50

1 Answers1

7

root::… is an empty password hash. Depending on how your system is configured (is nullok present on the auth … pam_unix.so line in /etc/pam.conf or the applicable file in /etc/pam.d?), you either get no password prompt, or else no password will be accepted.

Since su doesn't let you in, it probably isn't configured with nullok. That's to be expected: allowing login with no password for root is highly unusual so it isn't the default configuration.

If su or login is configured with nullok_secure then this allows you to log in with no password, but only on a text console. So try switching to a text console (Ctrl+Alt+F1) and logging in as root, or logging in under your normal account and running su.

If you have sudo set up then it doesn't care about the root password and you can still use it.

If you can't get into the root account this way, you'll have to reboot in single user mode or rescure shell mode. See What is the difference between these two ways of reseting the root password?, How to Reset Forgotten Root Password in Fedora 19 from GRUB, How can we change root password?, …

In the future, if you do anything that might affect logging in, keep a root shell open!

Community
  • 1
Gilles 'SO- stop being evil'
  • 829,060
  • thb, It work perfectly ! I just needed to press CRTL LEFT + ALT LEFT. Type "root". Press ENTER It didn't ask me any password.

    As @Gilles said, I think that it wasn't configured with "nullok" when I type "su"

    When was maybe configure using CRTL LEFT + ALT LEFT + F1Type "root". Press ENTER

    Thanks everyone

     – S7_0 Oct 29 '16 at 14:59