How to hack Linux by breaking the root password on RHEL OS

Passwords are the most basic security of a computer system. In the case of linux operating system it is the root password. If you have the root password you own the system by all means. Today I am discussing about how to break the linux root password and of course the countermeasures for such a hack.

The following hack is tested on RHEL OS and you needed physical access to the machine to perform this.

1. Boot your system , at the time of booting press any key to access the GRUB Menu.
2. Press 'e' to enable and move to the second line which starts with the kernel.
3. Again press 'e' again to edit the kernel parameters.
4. Add 'a' at the end of the line and press enter (without quotes). This will start the system in single user mode instead of default run level.
5. Now press 'b' to start booting in single user mode.
6. Now the system will start in single user mode and use the passwd command to change the root password. Sometimes passwd command will not work in that case assume that the SElinux is in enforcing mode.So you have to first disable it and change the password using passwd. To disable SElinux enforcing mode use setenforce 0 command.
7. After changing the password switch to GUI mode using init 5 command and start using the newly assigned root password.

This hack can be easily prevented by enabling password to access  single user mode.To do that edit/etc/rc1.d/S99single file and add  exec /sbin/sulogin before exec init t1 S statement. Now you have to give root password to access single user mode..

Hope you enjoy this hack.

Source: 
http://www.opentech4u.com/2013/03/how-to-hack-linux-by-breaking-root.html