The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Root Password Changed??? Did CPanel do this?

Discussion in 'General Discussion' started by kthxbai2u, Nov 19, 2010.

  1. kthxbai2u

    kthxbai2u Member

    Joined:
    Nov 7, 2010
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    I just got back from work, to notice I cannot log in to WHM as root.

    I tried the username/password that was working this morning, and failed. I tried a password stored in roboform2go, and it failed... I even copy/pasted my password from my own records, and it still failed...

    The only 2 conclusions I can draw, are either a) CPanel / WHM changed my root password, or b) I got hacked and the hacker changed the root password

    I find both hard to believe though... WHM has no reason to change the root password. If someone hacked me I would think they would leave the password the same, to stay undetected as long as possible... Also, I would think that my site & my clients sites would all be defaced or offline by now...

    Anyone know what might have happened?

    Is there a way I can reset the root password without SSH / WHM access? I have asked the DC but they may need the root password to do that... lol.

    I have no idea how this happened... I am clueless :confused:

    Oh forgot to mention, the other reason it can't be a hacker, is because I use a non-standard SSH port, and CPHulk is enabled on the server... All brute force attempts get logged and I have not seen any email notifications yet... Not to mention it should email me on a root login from non-whitelisted IP... I haven't received any of those emails recently...

    And the weirdest thing of all is how WHMCS still somehow creates the accounts... Does this have anything to do with the access hash? The access hash never worked before... So I assumed the access hash does not work.
     
    #1 kthxbai2u, Nov 19, 2010
    Last edited: Nov 19, 2010
  2. atheros

    atheros Member

    Joined:
    Nov 18, 2010
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Did you already try to bypass your root password? If you don't know how to do that, you may check in this tutorial, or you can search in Google (or other search engine provider) with keyword "bypass linux root" (without quote).
     
  3. kthxbai2u

    kthxbai2u Member

    Joined:
    Nov 7, 2010
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    "Booting Into Single-User Mode"

    ^ requires physical access

    Did I not say DC many times in the above post? This aint no 386 in someones basement :P Most people who have webservers do not have physical access to them... And mine is in Germany, that would be an expensive flight to reset root password...

    Thanks for the idea anyways...

    Anyone from CPanel care to explain or help?
     
  4. kthxbai2u

    kthxbai2u Member

    Joined:
    Nov 7, 2010
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    I have just been informed it was my partner LOL. He said he accidentally sent someone a txt file with the password in it >.<

    So sorry, I didn't know my partner knew how to change the root password... Guess he does...

    The best prank to pull on root, is to change the root password without telling root haha

    Well it seems the problems resolved now.

    Thanks :)
     
    #4 kthxbai2u, Nov 19, 2010
    Last edited: Nov 19, 2010
Loading...

Share This Page