Restoring admin access in Kirjuri

u r hackerman!

I recently got asked how to restore admin access on Kirjuri after the original administrator has left and the password for the admin account isn’t known.

As Kirjuri does not have any internet-connected features, it can’t implement a standard “we’ll email you a password reset link feature. Most Kirjuri users run their own server on Linux. This makes restoring admin access easy by using the command line. Here are the instructions on how to achieve this assuming you have access to the server running Kirjuri:

Step 1: Connect and log in to the Kirjuri server using ssh from a capable terminal emulator. Windows users can use PuTTy for this. A Kirjuri server runs a few internal servers; the web server that serves you web pages, and a database server that handles storing and reading data. We are going to connect directly to the database server and change user accesss levels to regain administrator access to Kirjuri.

Step 2: Find out your Mysql server database name, username and password. These are configured when Kirjuri is installed, and stored in a php file mysql_credentials.php in the conf/ folder. If you don’t know which folder your web server is serving content from, you can find the file with this command: find . / 2>&1 | grep mysql_credentials.php | xargs cat. Make note of your username, password and database name. These are not the same details that you use to log into Kirjuri. These are the Mysql server credentials.

Step 3: Log in to Mysql using the credentials that Kirjuri uses with this command: mysql -u yourusername -p. Replace yourusername with the username you recovered in the previous step. Mysql will prompt you for the password. Supply the password that you found on the previous step.

Step 4: After you’ve succesfully logged into Mysql, you will be presented with the command line for ordering Mysql around. Switch to your kirjuri database by typing use yourdatabasename; The yourdatabasename part is found in step 2. Remember the trailing semicolon when issuing commands to the database.

Step 5: Check your user details by typing SELECT * FROM users;

Step 6: Make a note of the id column of the user your want to elevate to administrator status. Every user has an unique id number. I’m using 3 as an example on the next step.

Step 7: Type UPDATE users SET access="0" WHERE id="3”;. Access level 0 means administrator access. If Mysql doesn’t give any errors, then you’re all set. Check that the user access level is correct by running SELECT * FROM users; again.

Step 8: Congratulations! User 3 is now a Kirjuri administrator. Quit Mysql and exit the command line.

Step 9: Log in with the newly promoted account and go to user management. Change the original administrator password. You can then log in as the administrator and change the user access level back to normal using the web interface.

Step 10: Celebrate with beer and chips. This is you now:

Hackerman!
Source: https://knowyourmeme.com/memes/hackerman

You might be interested in …

Daily NCSC-FI news followup 2019-08-30

Phishers are Angling for Your Cloud Providers krebsonsecurity.com/2019/08/phishers-are-angling-for-your-cloud-providers/ Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the clients brand and their customers. Heres a look at a recent CRM-based phishing […]

Read More

Daily NCSC-FI news followup 2019-10-02

Vulnerability in Cisco Webex and Zoom may expose online meetings to snooping www.helpnetsecurity.com/2019/10/01/prying-eye-vulnerability/ Cequence Securitys CQ Prime Threat Research Team discovered of a vulnerability in Cisco Webex and Zoom video conferencing platforms that potentially allows an attacker to enumerate or list and view active meetings that are not protected. How SMBs Can Mitigate the Growing […]

Read More

Daily NCSC-FI news followup 2020-03-06

Human-operated ransomware attacks: A preventable disaster www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-a-preventable-disaster/ Human-operated ransomware campaigns pose a significant and growing threat to businesses and represent one of the most impactful trends in cyberattacks today.. In these hands-on-keyboard attacks, which are different from auto-spreading ransomware like WannaCry or NotPetya, adversaries employ credential theft and lateral movement methods traditionally associated with targeted […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.