//
you're reading...
Ethical Hacking

Resetting forgotten MySQL password

I have an issue today while trying to get Snort running under Backtrack 4 R2. I had somehow forgetten the exact password which made me wonder how we can do a recovery of a password.  It happens to the best of us. This technique can be used by hackers once they have root on the system they can then access the database.

This is basically what I had to do to get the reset the MySQL password.

You can recover a MySQL database server password with the following five easy steps:

Step # 1: Stop the MySQL server process.

Step # 2: Start the MySQL (mysqld) server/daemon process with the –skip-grant-tables option so that it will not prompt for a password.

Step # 3: Connect to the MySQL server as the root user.

Step # 4: Set a new root password.

Step # 5: Exit and restart the MySQL server.

Here are the commands you need to type for each step. You need to be logged in as the root user or this will not work:

Step # 1 :
Stop the MySQL service:

# /etc/init.d/mysql stop

Output:

Stopping MySQL database server: mysqld.

Step # 2:
Start the MySQL server w/o password:

# mysqld_safe
–skip-grant-tables &

Output:

[1] 5988 Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started

Step # 3:
Connect to the MySQL server using the MySQL client:

# mysql -u root

Output:

Welcome to the MySQL monitor. Commands end with ;
or \g.
Your MySQL connection id is 1 to server version: 4.1.15-Debian_1-log
Type ‘help;’ or ‘\h’ for help.
Type ‘\c’ to clear the buffer.

mysql>

Step # 4: Set a new MySQL root user password:

mysql> use mysql;
mysql> update user set password=PASSWORD(‘newpassword
‘) where User=’root’;
mysql> flush privileges;
mysql> quit

Note: the word  newpassword is your designated password. The password must be entered between the single quotes within the brackets.

Step # 5:
Stop the MySQL server:

# /etc/init.d/mysql stop

Output:

Stopping MySQL database server: mysqld

STOPPING server from pid file /var/run/mysqld/mysqld.pid
mysqld_safe[6186]: ended

[1]+ Done mysqld_safe –skip-grant-tables

Start the
MySQL server and test it:

# /etc/init.d/mysql start

# mysql -u root -p


 

Advertisements

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: