VIVO Documentation
Page History
...
| Note |
|---|
This page is intended to make access easier for VIVO developers and maintainers. Please note that an attacker cannot use these techniques to gain access to your VIVO installation. Rather, they would need full access to your system in order to use these techniques. |
...
VIVO releases prior to
...
1.3
Older VIVO instances did not have a "root" account, per se. Instead, they had "default_admin" accounts.
...
Find out the name of the default_admin account (in this example, the name is "
admin"):Code Block mysql> select obj from jena_g3t1_stmt -> where subj = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/default#defaultAdminUser:' -> and prop = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/0.7#username:'; +-------------------------------------------------------+ | Obj | +-------------------------------------------------------+ | Lv:0:39:http://www.w3.org/2001/XMLSchema#stringadmin: | +-------------------------------------------------------+ 1 row in set (0.00 sec)Set the password to "to
rootPassword"Code Block mysql> update jena_g3t1_stmt -> set obj = 'Lv:0:39:http://www.w3.org/2001/XMLSchema#string4BBA69E66998C59F03530EE02C406CB0:' -> where subj = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/default#defaultAdminUser:' -> and prop = 'Uv::http://vitro.mannlib.cornell.edu/ns/vitro/0.7#md5password:'; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 0Log in with the name that you found in the first step, and the password of
rootPassword.
VIVO
...
releases from 1.3 to
...
1.5.2
These releases of VIVO include a "back door" to permit this operation. A developer can add a special file to the VIVO code, which will enable a special URL that will give access.
...
Overview
Content Tools