What to do?

configuration
Tags: #<Tag:0x00007f91ce1becb8>

(John) #1

I came upon a new customer with freepbx on a PC. No one knows root password or freepbx login information and original installer is out of business. This is a restaurant. Must we start from scratch? I have managed to get myself back in to my own systems but I knew root password.

Is this a case of finding out the O/S and then googling it to find instructions?


(David55) #2

It should be possible to reset a Linux root password if you have physical access to the machine. However, although, in principle, it isn’t that difficult, I don’t think it is something that should be detailed on a public forum.


(Greg Snover) #3

Piece Of Cake:

TipsAndTricks/ResetRootPassword - CentOS Wiki

[HowTo] How to reset a FreePBX administrator password | FreePBX Hosting

Physical Access to the machine is the most important security measure - but if you have physical access, resetting lost ones is trivial.


(Jared Busch) #4

It is completely public already. This is not a security risk.


(TheJames) #5

Security rule #1: if they have physical access it’s over.


(John) #6

Supposedly it was installed in 2014. Thanks for the advice and I will let you know how it goes, if it goes.


(John) #7

Just to follow up it was not a Freepbx PC. After some investigation the PBX is a re-branded PBX appliance by Yeastar which I believe runs some sort of asterisk but we are locked out. Probably barking up the wrong tree here. Nonetheless no easy solution and customer isn’t too keen on rebuilding the whole setup.


(David55) #8

You’ll need to take the hard disk out and edit it outside the machine.


(Simon Telephonics) #9

It’s not clear what your relationship is to this customer but it seems like a clear opportunity to sell them something better, that you can support. They may not be keen on rebuilding the setup but I bet they would be happier about it if they knew a new FreePBX / PBXact system would be well cared for by johntgs and they won’t have another emergency like this.


(John) #10

Yes, that is going to be our goal. Get them on a good system with good support. I don’t believe in a magic but is there a way to somehow obtain the sip credentials over the network for the existing 15 - 20 IP phones or must we manually do so and then retype them into another pbx?


#11

I don’t believe the SIP credentials are passed “in the clear” - though if this is a very old system maybe there is a chance of that? Also, I’ve found poorly setup systems tend to use the same password for all phones so you might luck out there.

Are you unable to reboot the system off of a “live linux cd” and then go look at the files in /etc/asterisk to get this info?


(Simon Telephonics) #12

If they are provisioning using a cleartext method like tftp or http then you can probably grab what you need with wireshark.

Or do as david55 said, get the disk out of the old system and mount it on a system you control, and then you can read the configs from the asterisk config files.


(Dave Burgess) #13

A slightly less dangerous option would be to pull the disk and duplicate it, then put it back. Use the duped copy for your forensics and you should be able to pull all of the information from the “/mnt” mounted file system. The advantage there is that you can do it in a more leisurely timeframe and have (as a side benefit) a backup you can use if the drive craps while you are working on the replacement.

This also gives you the advantage of being able to test everything before you get started with the “real” uprade.


#14

Even less disruptive if the machine boots and you have root access to it from the ‘forensic machine’ :-

ssh [email protected]  "dd bs=16M if=/dev/sda"|dd bs=16M of=/place/to/put/the/image.img

you can then mount the output file produced somewhere convenient.|

In that image the directories etc/* var/lib/asterisk* var/spool/asterisk/* and var/lib/mysql will probably have useful breadcrumbs like asterisk’s .conf files and the asteriskdb sqlite3 file (this depending on how asterisk was deployed on the original appliance)


(Dave Burgess) #15

The genesis of the problem was no ‘root’ and no ‘freepbx’ password. I think he’s pretty well jammed up unless he can get access to the hardware, but once he does, there are lots of ways ahead.


#16

There I was thinking the server was physically available to him. (It would be hard to “pull” the physical drive otherwise :slight_smile: )


(Jared Busch) #17

He has no root access. and yeah, he was told to go onsite and use single user mode to recover root access.


#18

Then I suggest he take his laptop and an RJ45 as well as his screwdriver (maybe a monitor and keyboard if the appliance has those holes add a usb to serial adapter if it doesn’t.)


(John) #19

All great ideas. Thank you for your input.


(system) closed #20

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.