Reset Fog Password
-
This post is deleted! -
And yes, I have full access to the server.
-
Just to be clear, you want to decode the password of the FOG web ui user
fogor do you want to reset it to something you know so you can regain control of your fog server? -
It is md5 hashed so no decoding it. I don’t know who did it but they didn’t reset the password over pxe. Either they manually did it through MySQL or the web ui.
I would highly encourage you to update to a more recent build of fog for many new features and bug fixes.
At any rate to reset your fog password access MySQL. Then run
UPDATE fog.users SET uPass = MD5(‘password’) WHERE uName = ‘fog’;Of course change the password to whatever you want the password to be set to.
-
If you simply want to reset the fog ui user
fogback to the default you could execute these steps.- Log into the FOG server’s linux console and use sudo to switch to root.
sudo su - - Confirm you are root
whoami - Log into mysql client
mysql -u root - Switch to the fog database
use fog; - Update the fog ui password. (SQL code borrowed from Tom’s post)
UPDATE fog.users SET uPass = MD5(‘password’) WHERE uName = ‘fog’; - Confirm that its set
select uPass from users where uName = 'fog'; - Attempt to log into the web ui with use
fogand the default password. - Change the password so something secure.
Hint: The apache access log would give you the IP address of the system that was used to log into the fog ui when you suspected the password was changed. Find the owner of that IP address and talk to them using a big baseball bat.
- Log into the FOG server’s linux console and use sudo to switch to root.
-
@george1421 for 1.2.0 blowfish encryption wasn’t used, at least I don’t think it was it’s been a while. The md5 method will work for all versions for now though as when you login if it finds the password was md5 it updates it to blowfish style encryption.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@tom-elliott Yeah, your way is a bit easier. I just tried to reverse engineer what I had on hand. I didn’t consider how old 1.2.0 was. Well done!.
Full Disclosure: I updated my post with your SQL code which is more appropriate.
-
@tom-elliott
Sorry, I didn’t make it clear. It was through Web UI using an Office Computer that is connected to the server over PXE.
Yes, I have this option in mind (updating fog). -
This post is deleted! -
@richardname hashes by their very nature are unable to be decoded. The best you could do is a dictionary attack that would try any/all combinations until a matching hash is found.
-
@tom-elliott
Its what I did
Hash found! Guilty Found! -
-
This post is deleted! -
@richardname Impressive that you found out who it was by the password.
-
For future readers: https://wiki.fogproject.org/wiki/index.php?title=Password_Central
