Home |  Log In  
Forensics and eDiscovery technologies for Mac OS X, Microsoft Windows, and Linux

Gaining Root Access in Linux

There may be times when it can be beneficial to an investigation for the investigator to be able to login to a suspect machine as the root user to explore. Such access may allow an investigator access to items that may be locked without root access to the machine.

Boot Linux into single-user mode

  1. Reboot the machine.
  2. Press the ESC key while GRUB is loading to enter the menu.
  3. If there is a ‘Recovery Mode’ option, select it and press ‘B’ to boot into single user mode. Otherwise, the default boot configuration should be selected. Press ‘E’ to edit it.
  4. Highlight the line that begins with ‘kernel’. Press ‘E’ again to edit this line.
  5. At the end of the line, add an additional parameter: ’single’. Hit Return to make the change and press ‘B’ to boot.

Change the admin password

The system should load into single user mode and you will be left at the command line automatically logged in as root. Type ‘passwd’ to change the root password or ‘passwd username’ to change the password for your “username” admin account. Reboot and you now have Linux root access.


Product 17/34

Gain SYSTEM User Access in Microsoft VistaPrevious
Return to the Product List
NextiPhone Artifacts
 | Home | 

Copyright © 2006 - 2010 MacForensicsLab Inc.
Phone +1 (510) 870-7883 - Fax +1 (510) 868 3407
Mac and the Mac logo are trademarks of Apple Computer, Inc., registered in the U.S. and other countries.

Forensics Technologies - designed to perform investigations, for law enforcement and eDiscovery professionals.

MacForensicsLab - The only effective cross-platform weapon in the war on Cyber Crime and Digital Terrorism,
with unique tools designed to combat identity theft and child pornography.

Your IP Address is: 184.73.7.143