Is there a way to retrieve a root mysql password (no reset)
Clash Royale CLAN TAG#URR8PPP
Is there a way to get back / retrieve a mysql root password.
I mean get it back : not resetting it (I already know how to reset it and I use the reset method currently).
root mysql passwd
add a comment |
Is there a way to get back / retrieve a mysql root password.
I mean get it back : not resetting it (I already know how to reset it and I use the reset method currently).
root mysql passwd
That will be hard. I know this is not a solution just a comment, try history | grep mysql -p maybe show something interesting, and .bash_history from users that accessed the server. Because mysql accept password directly in command line, and some users use in that bad way.
– Luciano Andress Martini
Feb 21 at 20:06
add a comment |
Is there a way to get back / retrieve a mysql root password.
I mean get it back : not resetting it (I already know how to reset it and I use the reset method currently).
root mysql passwd
Is there a way to get back / retrieve a mysql root password.
I mean get it back : not resetting it (I already know how to reset it and I use the reset method currently).
root mysql passwd
root mysql passwd
edited Feb 21 at 20:11
Rui F Ribeiro
41.5k1483141
41.5k1483141
asked Feb 21 at 20:04
francois Pfrancois P
966215
966215
That will be hard. I know this is not a solution just a comment, try history | grep mysql -p maybe show something interesting, and .bash_history from users that accessed the server. Because mysql accept password directly in command line, and some users use in that bad way.
– Luciano Andress Martini
Feb 21 at 20:06
add a comment |
That will be hard. I know this is not a solution just a comment, try history | grep mysql -p maybe show something interesting, and .bash_history from users that accessed the server. Because mysql accept password directly in command line, and some users use in that bad way.
– Luciano Andress Martini
Feb 21 at 20:06
That will be hard. I know this is not a solution just a comment, try history | grep mysql -p maybe show something interesting, and .bash_history from users that accessed the server. Because mysql accept password directly in command line, and some users use in that bad way.
– Luciano Andress Martini
Feb 21 at 20:06
That will be hard. I know this is not a solution just a comment, try history | grep mysql -p maybe show something interesting, and .bash_history from users that accessed the server. Because mysql accept password directly in command line, and some users use in that bad way.
– Luciano Andress Martini
Feb 21 at 20:06
add a comment |
1 Answer
1
active
oldest
votes
I usually have moderate success retrieving lost root MySQL passwords from MySQL history logs (e.g. .mysql_history log files). Also frequently applications are also a data trove for finding privileged passwords. Often root passwords are (mis)used for applicational use. Also, more rarely, as @Luciano says, you can also found MySQL password(s) in the shell history logs, if the user is not careful and uses the password in the command line.
As for the actual MySQL user tables, they are in an hash format. For practical purposes, it is not possible to get back the actual original password from there.
Unfortunately, as you imply in the question, failing getting the password from logs or applications (or from someone), the best course of action, is indeed resetting it anew.
As for the actual MySQL user tables, they are in an hash format, and it is not possible to get back the actual original password from there. -> theorically
– Luciano Andress Martini
Feb 21 at 20:12
@LucianoAndressMartini yeah, the computational effort to do that is not practical even less as newer versions are using stronger algorithms.
– Rui F Ribeiro
Feb 21 at 20:13
If the password is weak maybe only maybe it is possible to break the hash using bruteforce, john the ripper or somerhing like this. but yes ;... it is hard or impossible in practice.
– Luciano Andress Martini
Feb 21 at 20:14
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f502165%2fis-there-a-way-to-retrieve-a-root-mysql-password-no-reset%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I usually have moderate success retrieving lost root MySQL passwords from MySQL history logs (e.g. .mysql_history log files). Also frequently applications are also a data trove for finding privileged passwords. Often root passwords are (mis)used for applicational use. Also, more rarely, as @Luciano says, you can also found MySQL password(s) in the shell history logs, if the user is not careful and uses the password in the command line.
As for the actual MySQL user tables, they are in an hash format. For practical purposes, it is not possible to get back the actual original password from there.
Unfortunately, as you imply in the question, failing getting the password from logs or applications (or from someone), the best course of action, is indeed resetting it anew.
As for the actual MySQL user tables, they are in an hash format, and it is not possible to get back the actual original password from there. -> theorically
– Luciano Andress Martini
Feb 21 at 20:12
@LucianoAndressMartini yeah, the computational effort to do that is not practical even less as newer versions are using stronger algorithms.
– Rui F Ribeiro
Feb 21 at 20:13
If the password is weak maybe only maybe it is possible to break the hash using bruteforce, john the ripper or somerhing like this. but yes ;... it is hard or impossible in practice.
– Luciano Andress Martini
Feb 21 at 20:14
add a comment |
I usually have moderate success retrieving lost root MySQL passwords from MySQL history logs (e.g. .mysql_history log files). Also frequently applications are also a data trove for finding privileged passwords. Often root passwords are (mis)used for applicational use. Also, more rarely, as @Luciano says, you can also found MySQL password(s) in the shell history logs, if the user is not careful and uses the password in the command line.
As for the actual MySQL user tables, they are in an hash format. For practical purposes, it is not possible to get back the actual original password from there.
Unfortunately, as you imply in the question, failing getting the password from logs or applications (or from someone), the best course of action, is indeed resetting it anew.
As for the actual MySQL user tables, they are in an hash format, and it is not possible to get back the actual original password from there. -> theorically
– Luciano Andress Martini
Feb 21 at 20:12
@LucianoAndressMartini yeah, the computational effort to do that is not practical even less as newer versions are using stronger algorithms.
– Rui F Ribeiro
Feb 21 at 20:13
If the password is weak maybe only maybe it is possible to break the hash using bruteforce, john the ripper or somerhing like this. but yes ;... it is hard or impossible in practice.
– Luciano Andress Martini
Feb 21 at 20:14
add a comment |
I usually have moderate success retrieving lost root MySQL passwords from MySQL history logs (e.g. .mysql_history log files). Also frequently applications are also a data trove for finding privileged passwords. Often root passwords are (mis)used for applicational use. Also, more rarely, as @Luciano says, you can also found MySQL password(s) in the shell history logs, if the user is not careful and uses the password in the command line.
As for the actual MySQL user tables, they are in an hash format. For practical purposes, it is not possible to get back the actual original password from there.
Unfortunately, as you imply in the question, failing getting the password from logs or applications (or from someone), the best course of action, is indeed resetting it anew.
I usually have moderate success retrieving lost root MySQL passwords from MySQL history logs (e.g. .mysql_history log files). Also frequently applications are also a data trove for finding privileged passwords. Often root passwords are (mis)used for applicational use. Also, more rarely, as @Luciano says, you can also found MySQL password(s) in the shell history logs, if the user is not careful and uses the password in the command line.
As for the actual MySQL user tables, they are in an hash format. For practical purposes, it is not possible to get back the actual original password from there.
Unfortunately, as you imply in the question, failing getting the password from logs or applications (or from someone), the best course of action, is indeed resetting it anew.
edited Feb 22 at 14:27
answered Feb 21 at 20:08
Rui F RibeiroRui F Ribeiro
41.5k1483141
41.5k1483141
As for the actual MySQL user tables, they are in an hash format, and it is not possible to get back the actual original password from there. -> theorically
– Luciano Andress Martini
Feb 21 at 20:12
@LucianoAndressMartini yeah, the computational effort to do that is not practical even less as newer versions are using stronger algorithms.
– Rui F Ribeiro
Feb 21 at 20:13
If the password is weak maybe only maybe it is possible to break the hash using bruteforce, john the ripper or somerhing like this. but yes ;... it is hard or impossible in practice.
– Luciano Andress Martini
Feb 21 at 20:14
add a comment |
As for the actual MySQL user tables, they are in an hash format, and it is not possible to get back the actual original password from there. -> theorically
– Luciano Andress Martini
Feb 21 at 20:12
@LucianoAndressMartini yeah, the computational effort to do that is not practical even less as newer versions are using stronger algorithms.
– Rui F Ribeiro
Feb 21 at 20:13
If the password is weak maybe only maybe it is possible to break the hash using bruteforce, john the ripper or somerhing like this. but yes ;... it is hard or impossible in practice.
– Luciano Andress Martini
Feb 21 at 20:14
As for the actual MySQL user tables, they are in an hash format, and it is not possible to get back the actual original password from there. -> theorically
– Luciano Andress Martini
Feb 21 at 20:12
As for the actual MySQL user tables, they are in an hash format, and it is not possible to get back the actual original password from there. -> theorically
– Luciano Andress Martini
Feb 21 at 20:12
@LucianoAndressMartini yeah, the computational effort to do that is not practical even less as newer versions are using stronger algorithms.
– Rui F Ribeiro
Feb 21 at 20:13
@LucianoAndressMartini yeah, the computational effort to do that is not practical even less as newer versions are using stronger algorithms.
– Rui F Ribeiro
Feb 21 at 20:13
If the password is weak maybe only maybe it is possible to break the hash using bruteforce, john the ripper or somerhing like this. but yes ;... it is hard or impossible in practice.
– Luciano Andress Martini
Feb 21 at 20:14
If the password is weak maybe only maybe it is possible to break the hash using bruteforce, john the ripper or somerhing like this. but yes ;... it is hard or impossible in practice.
– Luciano Andress Martini
Feb 21 at 20:14
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f502165%2fis-there-a-way-to-retrieve-a-root-mysql-password-no-reset%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
That will be hard. I know this is not a solution just a comment, try history | grep mysql -p maybe show something interesting, and .bash_history from users that accessed the server. Because mysql accept password directly in command line, and some users use in that bad way.
– Luciano Andress Martini
Feb 21 at 20:06