Changes

Jump to: navigation, search

B10B Factory Reset

1 byte added, 15:33, 12 August 2019
m
SHA-512 not 256
 
The supervisor account uses a password which is automatically generated by the device, and unique to each device. Its format is 9 hexadecimal digits (each digit is 0-9 or a-f), and is believed to use the device's serial number as a starting point. AAISP do not know this password.
The usual way to obtain the supervisor password is to use software (e.g. hashcat) to crack the hashed version of the password which is held in the file /etc/passwd (before firmware version AAVF.10) or /etc/shadow (version AAVF.10 and later). The earlier firmware versions used an MD5 hash, and hashcat (on a fast machine) could crack the password in around 8 minutes. AAVF.10 switched to SHA256SHA-512 and hashcat takes longer to crack the password.
 
Unfortunately as of firmware version AAVF.10 the admin user can't read the files /etc/passwd or /etc/shadow. This means you can't get the hashed version of the password to feed to cracking software.
347
edits

Navigation menu