How to crack SPLAT password

SPLAT is the secure hardened OS provided by Checkpoint Software Technologies. There may be instances where firewall administrators have forgotten the password and need to reset the password. This article will give you an insight on how to reset the 'admin' and 'expert' passwords of SPLAT. For this you need physical access to your device, and a Linux live CD (ubuntu, will do the job).

1. Boot the device using the live CD.
2. Mount the '/' partition. If you are using Ubuntu, this will be an easy task. Otherwise, change your user to root or login as root. To change into root login, in RedHat based Linux systems issue
   "su -" followed by the root password. In Debian based Linux systems, issue "sudo su -" followed by the account password. After changing into root user issue the following commands,
   mkdir /mnt/_root
   mount /dev/hda1 /mnt/_root (you have to replace hda1 with the appropriate partition)
   
   
3. Open a terminal (you should be in root mode), and browse into the mounted "/" partition. If you mount it using GUI, it will be "/media/_". Then browse into the "etc" folder in the mounted partition. We are going to edit the "passwd" file. So it will be,
   "vi /media/_/etc/passwd"
   
   
4. Notice that the shell set for admin user is "/bin/cpshell". This shell has a limited functionality. So it restricts most of the common Linux commands to be executed using the admin account. You have to change this shell to "bash".
   For this use your favourite CLI based editor. In my case it will be "vi". Replace the "/bin/cpshell" to "/bin/bash" in the admin user's line. Save it and exit.
   
   
5. Now edit the shadow file inside etc folder. "vi /media/_/etc/shadow". In this file delete the hashed password of the admin user. Save it and exit.
6. Reboot the device.
7. Once the device is booted. Login as admin. You don't have to provide the password. Now you are in Expert mode. (See it's the bash shell that gives you the Expert view :) )
8. Issue "passwd" and change the password. This is the password that you provide for the expert.
9. After you have set the expert password, edit the "/etc/passwd" file. Change the admin user's shell from "/bin/bash" to "/bin/cpshell". Save it and exit.
   
10. Now logout from the shell.
11. The login prompt will appear, login an admin. You don't need any password to login.
    
12. Once you have logged in, issue "passwd". When it asks for the current password, just press Enter, because there is no admin password. Then enter the password you desire.

That's all. :D