I have forgotten my root password.
Now,I know that i can change the root password by using single user mode.But i don't want to chage the root password.Instead,I want to know the root password.Is it possible??:confused::confused:

No.AFAIK

Regards,
ray

I beleive if one can change the root password,then one can know the exisiting root password in single user mode.But i don't know how??:confused::confused:

You cant.
When u start as single user mode it automatically logs you in.
There u can change ur password by supplying a new password.
But there's no way to know ur old one.
Why do u need to know anyways?

Regards,
ray

just curious to know whether i can know my old root password.:D:D:D
By the way,i know that the root password is encrpted in some file...Can't we decrypt the file containing root password??:confused::confused:

If you knew the exact algorithm they used and the key which might be a 64bit one then yea maybe ;),
Dont even think of brute-force,u would have grand-kids before it broke :p

Regards,
ray

^^can u tell me where the root password is stored....

/etc/shadow AFAICR.

Regards,
ray

^Thanks.Will try to hack...:D:D:D

G'Luck ;)
May the force be with you :p

Regards,
ray

One can use john to view shadow files if he/she knows the root password.
sudo apt-get install john
And:
sudo john /etc/passwd

^but it wont work 100% with a good passwd :D

Yeah at-least it can guess a bit :p

One can use john to view shadow files if he/she knows the root password.
sudo apt-get install john
And:
sudo john /etc/passwd
downloaded john and used it but no result.
It's just mere guessing all the possibilites.I just ran it for 2 hrs and even then it was unable to find out.I think it is immpossible to detect good root password by this....
The one thing i liked int it was we can resume our search by using

./john --resume

and we can add custom rules

^yes,ofcourse :)
Description: active password cracking tool
john, mostly known as John the Ripper, is a tool designed to help systems
administrators to find weak (easy to guess or crack through brute force)
passwords, and even automatically mail users warning them about it, if it
is desired.
.
It can also be used with different cyphertext formats, including Unix's
DES and MD5, Kerberos AFS passwords, Windows' LM hashes, BSDI's extended DES,
and OpenBSD's Blowfish.
.
Homepage: http://www.openwall.com/john/

I just did some R&D on shadow file.
I think the password is encrpted under MD5 algorithm or Blow fish.
So is there any software that converts the md5 encrpted or blow fish encrpted text into decrpted text :confused::confused:

And the second thing i noticed was
i just backed up the file shadow and changed my root password.I again changed the root password to the first one.Now i compared the backed up file with shadow file and noticed that the two encrypted text are not same..
Even though the password is same,the encrpted text was not same:confused::confused:.
Will that means it is taking time consideration also:confused::confused:

^that is hard.afaik it will take yrs to crack a really good passwd that too not for sure :D

is there any software that converts the md5 encrpted or blow fish encrpted text into decrpted text :confused::confused:

no reply to this :(:(

LMAO, no software exists to do that, it'd take years to decrypt on a very fast computer! If decrypting MD5 were so easy, Raaabo would already know all our passwords. :p

And even after years, the final string would just be *near* to the actual one. No way to guess what it was exactly.

And about MD5 Hashes, you do know collisions in hash tables right? Read on: http://www.mathstat.dal.ca/~selinger/md5collision/

yea man these hashing algorithms are pretty good.They are almost perfect specially md5hash(thats why it is so much used).

yeah thats MD5 hash used in linux to store password,
Check out wikipedia , we hav encryption in our syllabus this sem.

A seed is required to make 128 bit hash and depending upon keys and S functions ur password will vary considerably(cascading effect) even for one letter difference.

Brute force is the only way to decrypt and it will take ages to get password. If u remember the hash is in hex.

so that means md5hash is broken :(

Is there no way that an md5 encrpted string can be decrypted...:(:(
But how does linux decryptes it and check whether the entered password is right or wrong:confused::confused:...

I think there must be some method to decrpt the encrpted md5 string...