How can I retrieve a lost root password?

[Penk]

I like the idea. But it requires a bit work. Here is how *I* would do it.

The hard but doable way:
1. I would download and install a free DNS server for either windows or linux. Bind would do. I would then find out what server for example Hydra (if thats what you're using) downloads plugins from by examining the cpanel of another box or by simply asking for the URL here.

2. I would then add a zone for that host in my newly installed DNS server and point it to my personal web server for which I have full control over, and then change the DNS server used in the dreambox to point to that DNS server (In Network setup).

3. At last I would create a new tar.gz file called the same as one of the plugins available for download, and place that in the correct folder on my web server. This file would contain just a new version of the file /var/etc/passwd.

4. Download the plugin from cpanel, and voila, you have successfully resetted your password.

The easy way:
Ask the imagemaker of your image to make a download called 'Password Reset' containing just a fresh version of /var/etc/passwd and place that on their list of available downloads.

-Penk

Edit: Added sample file, resetting the password to 'dreambox'

[MrBandwidth]

Agree... this is an option that will work

[disisdavo]

@Penk the BEST 33rd post i have ever seen

lol.

davo

[ngiann]

Quote:

Originally Posted by Penk

I like the idea. But it requires a bit work. Here is how *I* would do it.

The hard but doable way:
1. I would download and install a free DNS server for either windows or linux. Bind would do. I would then find out what server for example Hydra (if thats what you're using) downloads plugins from by examining the cpanel of another box or by simply asking for the URL here.

2. I would then add a zone for that host in my newly installed DNS server and point it to my personal web server for which I have full control over, and then change the DNS server used in the dreambox to point to that DNS server (In Network setup).

3. At last I would create a new tar.gz file called the same as one of the plugins available for download, and place that in the correct folder on my web server. This file would contain just a new version of the file /var/etc/passwd.

4. Download the plugin from cpanel, and voila, you have successfully resetted your password.

The easy way:
Ask the imagemaker of your image to make a download called 'Password Reset' containing just a fresh version of /var/etc/passwd and place that on their list of available downloads.

-Penk

Edit: Added sample file, resetting the password to 'dreambox'

a little late (J just read the posts) of how I would do it:
If you have an image that accepts plugins from internet (e.g. Gemini)
1) Install TuxCom plugin
2) Run it from Yellow button
3) Point to /var/etc/passwd
4) .....
5) .....
6) .....
..do I have to say everything?

With above steps, you can easily blank out root password to gain full access to the box, telnet & use passwd command to change it to anything.
If you really want to retrieve the lost password then: before step 4, you may copy the passwd file somewhere in /var (which is not read only), so you can transfer it later to your PC for using a passwd cracker (john ripper, l0pht etc). In the meantime you'll already have root access.

[cory239]

Quote:

Originally Posted by MartiniB

just guesing:
reflashing via serial + erase can't help in this situation???

<-edit->
sorry, didn't read succesfuly ("without destroying the data in the box")
<-edit->

i don't really care if i lose everything or not just need to be able to get into this to start whatching tv lol
i need step by step instr i am very frustrated and at my wits end my own 911 is happening this is serious!!!

[NitroCrzy]

Dude you guys rock!
I bought my box and the darn outfit changed the default password. I can't tell you how upsetting that was... Now I have managed to reset my password! Thanks

[ouss]

hi, i've tried to reset the password using the tuxcom plugin, but maybe i did a mistake while editting the passwrd file. now when i try to telnet my box or with flashxp, it keeps saying impossible to establish connection. i know it's an old thread, but i just don't wan't to reflash my box and lose all my conf. thanks

[dvdman]

Most images now have it via the Downloads, have a look under your downloads area for Password Reset.

[ouss]

the thing is i've searched for it, and didn't found, i have the project gemini image version 4.10. but now after editing the passwd file, i cannot even connect to the internet :s

[Jimdefruit]

What you do is reflash your DB with the new image and redo all the settings. Perhaps that will teach you a lesson about keeping passwords safe.