Restoring admin access in Kirjuri

I recently got asked how to restore admin access on Kirjuri after the original administrator has left and the password for the admin account isn’t known.

As Kirjuri does not have any internet-connected features, it can’t implement a standard “we’ll email you a password reset link feature. Most Kirjuri users run their own server on Linux. This makes restoring admin access easy by using the command line. Here are the instructions on how to achieve this assuming you have access to the server running Kirjuri:

Step 1: Connect and log in to the Kirjuri server using ssh from a capable terminal emulator. Windows users can use PuTTy for this. A Kirjuri server runs a few internal servers; the web server that serves you web pages, and a database server that handles storing and reading data. We are going to connect directly to the database server and change user accesss levels to regain administrator access to Kirjuri.

Step 2: Find out your Mysql server database name, username and password. These are configured when Kirjuri is installed, and stored in a php file mysql_credentials.php in the conf/ folder. If you don’t know which folder your web server is serving content from, you can find the file with this command: find . / 2>&1 | grep mysql_credentials.php | xargs cat. Make note of your username, password and database name. These are not the same details that you use to log into Kirjuri. These are the Mysql server credentials.

Step 3: Log in to Mysql using the credentials that Kirjuri uses with this command: mysql -u yourusername -p. Replace yourusername with the username you recovered in the previous step. Mysql will prompt you for the password. Supply the password that you found on the previous step.

Step 4: After you’ve succesfully logged into Mysql, you will be presented with the command line for ordering Mysql around. Switch to your kirjuri database by typing use yourdatabasename; The yourdatabasename part is found in step 2. Remember the trailing semicolon when issuing commands to the database.

Step 5: Check your user details by typing SELECT * FROM users;

Step 6: Make a note of the id column of the user your want to elevate to administrator status. Every user has an unique id number. I’m using 3 as an example on the next step.

Step 7: Type UPDATE users SET access="0" WHERE id="3”;. Access level 0 means administrator access. If Mysql doesn’t give any errors, then you’re all set. Check that the user access level is correct by running SELECT * FROM users; again.

Step 8: Congratulations! User 3 is now a Kirjuri administrator. Quit Mysql and exit the command line.

Step 9: Log in with the newly promoted account and go to user management. Change the original administrator password. You can then log in as the administrator and change the user access level back to normal using the web interface.

Step 10: Celebrate with beer and chips. This is you now:

Hackerman!
Source: https://knowyourmeme.com/memes/hackerman

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.