jump to navigation

Hack the password protected “single user ” mode on Linux January 22, 2011

Posted by Tournas Dimitrios in Linux.

My previous article demonstrated how to bypass the login screen and reset the root password . The “single user ” mode could be used to bypass the security layer . Well single user mode can also be password protected , just append the following line in the  “/etc/inittab ” file :

su:S:wait:/sbin/nologin #Single level will be skipped —> goes directly to the default runlevel ie 5
#Single level will demand root password

Now your machine will demand the root password even if Linux is start on “single user ” mode . This extra layer of protection will only prohibit a newbie to break in to your Linux box . The following 4 steps  show how to bypass the protected “single user ” mode :

  1. While booting pass this kernel parameter : init=/bin/bash
    This parameter will prevent the kernel to run the /sbin/init and proceed with the usual /etc/rc.d/*  procedure , it will just give us a shell (no password checks , no filesystem checks , no startup environment) . THE FILESYSTEM WILL BE IN READ -ONLY MODE .
  2. The following command will remount the / filesystem writable .
    mount  -o  remount , rw  /
  3. Now the password can be changed with the “passwd ” command . Do not reboot yet until :
  4. mount  -o remount , ro /
  5. Now press the reset button


1. mayank - January 20, 2014

thanks buddy…it worked perfectly…..

2. vSphere Upgrade Saga: 6.0 Upgrade through SRM • AstroArch Consulting, Inc - July 16, 2015

[…] (vRO) (step 8), I had to reset the root password. I found the following to help with this: https://tournasdimitrios1.wordpress.com/2011/01/22/hack-the-password-protected-single-user-mode-on-l…. This is one reason why vCenter access should be seriously restricted! Console access can cause all […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s