This is not a ColdFusion post, but I found it very interesting for those who work with Linux systems. Jimmy Ray Purser, from Cisco, got attacked by a hacker on his dark net server who changed his root password.
In his post, he explains how he got access back to his server.
Here is his solution:
- Boot the system and get to the GRUB screen. I moved the arrow key so I did not go into normal boot mode.
- Select the version and hit the “E” key to edit the kernel
- Arrow key to the line that begins with Kernel and hit the “E” key
- At the GRUB Edit line, I just simply append the load string with a number 1. So it looks like this:
grub edit>/vmlinuz-2.5.9-22.DRnetsmp ro root=LABEL=/ rhgb quiet 1
- Now hit ENTER and B and the system will boot up into single user mode
- Newcastle time!!! A simple:
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully