Recover your password with ip and ssh

Posted on 3 mins read

Suppose you have used a web resource for a while accessing it by IP address. Let’s say the URL was http://1.2.3.4:8080/resource/. Suppose the resource required you to enter a password, something you set up long long time ago and don’t remember, but something your browser remembers in its password store for you. Now suppose the resource has moved to another URL: http://5.6.7.8:8080/resource/. Your browser does not fill the password any longer, since it’s not bound to the new URL, and of course you don’t remember it. The only option left is using the password recover procedure, if available, or contact the service administrator.

But wait! Let’s try to look at the problem in another way.

The password is still saved in the browser store and all you have to do is persuade the browser to toss it. The only way is connecting to the original URL: http://1.2.3.4:8080/resource/. But how? Well, with a little trick. The first step is assigning the original address to one of your local interfaces. Let’s pick eth0 in this example. The command is:

$ ip address add 1.2.3.4 dev eth0

Now your eth0 interface has another address. But that’s not enough: if you point your browser to the original URL, nothing happens, because the port 8080 is dead on that address. The second step is to forward all the traffic reaching that port to the new location of the resource: port 8080 on address 5.6.7.8. There are many tools to do this, like netcat or socat, but the tool with the highest chance to be already installed on your computer is ssh. That’s why we’ll choose it:

$ ssh -L 1.2.3.4:8080:5.6.7.8:8080 localhost

If requested, enter your local login password and then set apart the SSH session without closing it. The -L option stands for “local port forwarding” and just sets up the proxy we need. As long as the SSH session will run, all the traffic to the local port will be forwarded to the new location of the resource. Point the browser to http://1.2.3.4:8080/resource/ et voilà! The service is again available on the old URL! And your browser is filling the login form for you. Now log into the resource and change your password. Then close the session, point the browser to http://5.6.7.8:8080/resource/, re-enter your userid and password and save them in the browser store. You’ll be OK until the resource is moved again to another address.

To switch off the trick close the SSH session and enter this line:

$ ip address remove 1.2.3.4 dev eth0

Now you’ll be able to contact the real 1.2.3.4 address again. And please, ask your system administrator to make the resource available with a real DNS name, not its IP address.