Hello there, we have been discussing about Cisco Unified Communications Manager administration guides. A lot of time we may run into a situation where you need CUCM root access. Ideally CUCM root access is limited to only Cisco TAC team. The command line interface that we are getting while SSH to CUCM is not the root, instead it is just a modified version of CLI. We will be able to run some basic commands over there.
In this article I’m gonna explain how to hack CUCM or any other Cisco Unified Communications OS (like Cisco Unity Connection – CUC, Cisco IM and Presence – IMP, Contact Centre Express – UCCX, etc.) to get access to ROOT.
All most all Cisco UC OS built over a Red Hat Enterprise Linux platform. For CUCM, the underlying operating system is still Linux! Hence if you know little bit of Linux tweaking, you can apply this hack and get root access to CUCM without the help of Cisco TAC.
The purpose of getting root access is important once you fail with all your CUCM CLI general commands to fix a particular issue. Situations like CUCM DB Replication, Certificate issue, etc. sometimes cannot be fixed by “utils” commands. In such scenario you need Root access to CUCM. Root access can also be used to hack licenses in UC OS for test purpose.
Note: Do not try this hack on any production system, this article only for lab experiments. Cisco TAC never supports if you do some changes in the root. But it is good to understand the CUCM file structure and architecture via root.
Keeping that is in mind, let’s start our hack to unlock and jail-break CUCM for root access. I have tried this hack on CUCM 9.X, 10.5, 11.5 and all pass!
Tools & Skills Required
- Linux Cent OS 7
- Installed CUCM / any UC OS
- Access to ESXi where CUCM is already installed
- Basic Understanding of Linux Commands (No problem even you are new to Linux)
Step 1: Download Linux Cent OS
Download Cent OS 7 ISO from the following link.
In any chance if the link is broken, get your Cent OS ISO from Google.
Now upload your Cent OS ISO file to ESXi Data Store.
Step 2: Edit CUCM Virtual Machine to Boot from CD
Login to ESXi where CUCM is already installed using VSphere client. Right click on the CUCM VM and go to Edit Settings.
Select CD/DVD Drive 1 >> Check the ‘Connect at power on’ status and browse your Cent OS at Data Store ISO File as shown below.
Go to ‘Options’ tab and click ‘Boot Options’. Then check the box which says ‘The next time the virtual machine boots, force entry in to the BIOS setup screen’ >> OK
No go ahead and power on your CUCM Virtual Machine, the system will boot in to BIOS.
Step 3: Set Boot Device to CD-DVD ROM
Select CD-ROM Drive as the boot device (move it up) and hit F10 to Save.
Hit Enter for ‘Yes’ in the setup confirmation box.
System will boot in to CentOS Linux.
Step 4: Tweak CUCM Root Files from CentOS
Select ‘Troubleshooting’ from the screen as shown below.
From the troubleshooting menu, choose ‘Rescue a CentOS Linux system’ and hit enter.
Select Option 1 and proceed.
CentOS will perform a Rescue Mount.
Hit Enter key to get in to Shell.
Wow! Now you are at the Shell.
Now, enter the following commands,
At this point, you will be asked to enter new password for the root account. Please provide a complex password and confirm.
Let’s edit the ‘passwd’ file to get shell access to root account.
Change the first line from,
To save this file, hit ‘Escape Key’ then type :wq as shown below.
Now you are back to Shell windows, type
Change the sshd_config file so you can SSH as root (it’s disabled by default).
Find the line, #PermitRootLogin yes and edit to PermitRootLogin yes
[Just remove the # from the beginning.]
Hit ‘Escape Key’ then type :wq! as shown below.
Again we are back to Shell window. Now let’s go ahead and Power off the system by issuing poweroff command
Step 5: Return back normal Booting by Editing CUCM Virtual Machine from ESXi
Login to ESXi via VSphere Client and edit the CUCM VM Settings.
CD/DVD Drive 1 >> Remove the Check box at ‘Connect at power on’
Now, power on the CUCM VM, you will be getting some warning about SELinux strict Policy. No worries, this will be auto completed!
Once it completely booted, try to SSH to the CUCM using root account.
Step 6: SSH to CUCM Root
Open your SSH client (I’m using Putty) and enter the IP of CUCM and SSH to it.
Login as: root
Password: [Password you have configured in the Step 4]
Great! You are in the CUCM Root account now…. Cheers!
You may use cd .. command to move to Root directory as shown above.
If you are not a fan of CLI, we may use WinSCP to get root GUI for file access. Install WinSCP and login to CUCM via root account.
Change the directory to /<root>
Yes, We are done it… Play around with your CUCM root files. You can copy files, verify scripts, Hack license and much more. Options are limitless!. Please let me know your valuable comments and feedback about this article. Next article I would cover some License hack tutorials for CUCM. Please like our Facebook page to get latest update.