Re: cant log in but im using the right password
Reply #1 –
Brute force unencrypt the password with john the ripper? You might want to use cgmanager or something similar for cpu limiting though or it will use 100% CPU possibly for hours (days? who knows...!) on end. This would look randomly / incrementally, which might be what you wanted, although you can do smart searches, and might want to modify this command:
/path-to/run/john --session=s1 --save-memory=1 --min-length=?(somenumber) --max-length=? --incremental=ASCII ~/path-to-passwd-copy/passwd
(restart cracking after reboot, you could automate this as a startup command so it runs whenever you are running)
/path-to/run/john --restore=s1
(show results)
/path-to/run/john --show ~/path-to-passwd-copy/passwd
Some probably quicker approaches: there are usually backup files too for /etc/passwd and /etc/shadow called /etc/passwd~ and /etc/shadow~ and I THINK you can copy the original ones aside and copy the backup *~ ones in, after mounting the partition from elsewhere, but I have never done this myself! Probably there are ways to clear or reset the password if you mount the drive as root and could chroot to it or something - I seem to remember setting passwords in a chroot before, and you gain root permission in the system you are chrooting from, not to.
And you have to wonder what has changed so you can't log in - has the password changed? Or is this some kind of keyboard issue so you aren't typing what you think you are - a fault, keymap change etc.? And is there anything in .bash_history (or equivalent) and /var/log/pacman.log that would suggest something was changed in that session? A permissions issue might cause this kind of thing. You should be able to regain access somehow, although it could be tricky if you encrypted your hard drive. Whatever path you decide on you should probably try and find some more details online than what I've said here, which are just some ideas to explore.