This is not a ColdFusion post, but I found it very interesting for those who work with Linux systems. Jimmy Ray Purser, from Cisco, got attacked by a hacker on his dark net server who changed his root password.

In his post, he explains how he got access back to his server.

Here is his solution:

– Boot the system and get to the GRUB screen. I moved the arrow key so I did not go into normal boot mode.
– Select the version and hit the “E” key to edit the kernel
– Arrow key to the line that begins with Kernel and hit the “E” key
– At the GRUB Edit line, I just simply append the load string with a number 1. So it looks like this:
grub edit>/vmlinuz-2.5.9-22.DRnetsmp ro root=LABEL=/ rhgb quiet 1
– Now hit ENTER and B and the system will boot up into single user mode
– Newcastle time!!! A simple:
sh-2.5# passwd
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully

Leave a Reply