password

Neoware Thin Client – Password Recovery

Personally I tried this procedure on Neoware e140 wich run Neolinux 2.x but i think it’s the some with other models or os version:

1. Power on the thin client

2. Press ‘SHIFT’ during boot procedure

3. Now you can get LILO prompt, type: ‘vga simple’ (I have tried without success to run directly init=/bin/bash the system start but don’t load correctly the filesystem on flashdrive)

4. After kernel starting up procedure you can’t see nothing, then you can jump on terminal 2 pressing ‘ALT + F2’

5. Now on bash# prompt simply digit ‘passwd’ for setup new password

6. Reboot the system and use your new password

GRUB – Init Shell

Sometime in case of root password lost or file system corruption, you need to boot system with simple shell, skipping the init sequence.

1. At Grub prompt press ‘e’ to edit command before booting.

2. Select ‘kernel’ line

3. Press ‘e’ again to edit selected command

4. Type follow at end of the line: init=/bin/bash (or sh)

5. Press ‘b’ to boot system

6. Now you are at shell prompt. Enjoy

cisco-decrypt.c

/* Decoder for password encoding of Cisco VPN client.
Copyright (C) 2005 Maurice Massar
Thanks to HAL-9000@evilscientists.de for decoding and posting the algorithm!This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/

/*
Requires libgcrypt version 1.1.90 or newer
Compile with:
gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags)
Usage:
./cisco-decrypt DEADBEEF...012345678 424242...7261
*/

#include <stdio.h>
#include <stdlib.h>
#include <gcrypt.h>
#include <errno.h>

int hex2bin_c(unsigned int c)
{
if ((c >= '0')&&(c <= '9'))
return c - '0';
if ((c >= 'A')&&(c <= 'F'))
return c - 'A' + 10;
if ((c >= 'a')&&(c <= 'f'))
return c - 'a' + 10;
return -1;
}

int hex2bin(const char *str, char **bin, int *len)
{
char *p;
int i, l;

if (!bin)
return EINVAL;

for (i = 0; str[i] != '\0'; i++)
if (hex2bin_c(str[i]) == -1)
return EINVAL;

l = i;
if ((l & 1) != 0)
return EINVAL;
l /= 2;

p = malloc(l);
if (p == NULL)
return ENOMEM;

for (i = 0; i < l; i++)
p[i] = hex2bin_c(str[i*2]) << 4 | hex2bin_c(str[i*2+1]);

*bin = p;
if (len)
*len = l;

return 0;
}

int c_decrypt(char *ct, int len, char **resp, char *reslenp)
{
const char *h1 = ct;
const char *h4 = ct + 20;
const char *enc = ct + 40;

char ht[20], h2[20], h3[20], key[24];
const char *iv = h1;
char *res;
gcry_cipher_hd_t ctx;
int reslen;

if (len < 48)
return 0;
len -= 40;

memcpy(ht, h1, 20);

ht[19]++;
gcry_md_hash_buffer(GCRY_MD_SHA1, h2, ht, 20);

ht[19] += 2;
gcry_md_hash_buffer(GCRY_MD_SHA1, h3, ht, 20);

memcpy(key, h2, 20);
memcpy(key+20, h3, 4);
/* who cares about parity anyway? */

gcry_md_hash_buffer(GCRY_MD_SHA1, ht, enc, len);

if (memcmp(h4, ht, 20) != 0)
return -1;

res = malloc(len);
if (res == NULL)
return -1;

gcry_cipher_open(&ctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0);
gcry_cipher_setkey(ctx, key, 24);
gcry_cipher_setiv(ctx, iv, 8);
gcry_cipher_decrypt(ctx, (unsigned char *)res, len, (unsigned char *)enc, len);
gcry_cipher_close(ctx);

reslen = len - res[len-1];
res[reslen] = '\0';

if (resp)
*resp = res;
if (reslenp)
*reslenp = reslen;
return 0;
}

int main(int argc, char *argv[])
{
int i, len, ret = 0;
char *bin, *pw;

gcry_check_version(NULL);

for (i = 1; i < argc; i++) {
ret = hex2bin(argv[i], &bin, &len);
if (ret != 0) {
perror("decoding input");
continue;
}
ret = c_decrypt(bin, len, &pw, NULL);
free(bin);
if (ret != 0) {
perror("decrypting input");
continue;
}
printf("%s\n", pw);
free(pw);
}

exit(ret != 0);
}

Download: cisco-decrypt

MySQL Change Password

If you have never set a root password for mysql, the server does not require a password at all for connecting as root. To setup root password for first time, use mysqladmin command at shell prompt as follows:

# mysqladmin -u root password NEWPASSWORD

However, if you want to change (or update) a root password, then you need to use following command

# mysqladmin -u root -p oldpassword newpass

Enter password:
Change MySQL password for other user
To change a normal user password you need to type (let us assume you would like to change password for leo):

# mysqladmin -u leo -p oldpassword newpass

Changing mysql root user password using mysql sql command
This is another method. mysql stores username and passwords in user table inside mysql database. You can directly update password using the following method to update or change password for user leo:

1. Login to mysql server, type following command at shell prompt:

# mysql -u root -p

2. Use mysql database (type command at mysql> prompt):

mysql> use mysql;

3. Change password for user leo:

mysql> update user set password=PASSWORD(“NEWPASSWORD”) where User=’leo’;

4. Reload privileges:

mysql> flush privileges;
mysql> quit

MySQL – Reset root password

E si a volte capita di non ricordare o avere sotto mano la password di un database mysql, ecco qualche breve passaggio per reimpostarla:

1. Stoppare il server mysql solitamente una cosa del genere dovrebbe bastare:

root@tardis:~# /etc/init.d/mysql stop

2. Avviare una sessione del demone mysql con il parametro “skip grant table”

root@tardis:~# mysqld_safe –skip-grant-tables

3. A questo punto è possibile collegarsi al server senza che richieda credenziali quindi:

root@tardis:~# mysql
>

4. Reipostiamo direttamente nella tabella del db la password di root:

mysql> UPDATE mysql.user SET Password=PASSWORD(‘NewPass’) WHERE User=’root’;
mysql> FLUSH PRIVILEGES;

5. Stoppiamo il demone avviato con il “skip grant table” e riavviare quello corretto:

root@tardis:~# /etc/init.d/mysql start