Hack ShoreTel to Make Yourself the System Administrator?

I don't know how many times I have had a client tell me that there IT guy quit and they do not know the password to the ShoreWare Director. Passwords are encrypted to it is way to much effort to read the database, find the user and then run some funny program to recover the password. Why bother? If you have a "plain vanillia" user who has a password you know, you are done! By now I assume you have followed the DrVoIP recurring recommendation to get SQLyog installed on your ShoreTel server?

Here is what you need to do. First, connect to the ShoreTel MySQL database with a utility like SQLyog. Find the TABLE for USERS. This contains all of the attributes that define a user, including one name ROLE ID. This will be a column within the USER TABLE similar to any othe column like name and extension number. Find a user that you know the password for. Scroll through the database on the row for that user and find the column for "ROLE ID, change it from NULL (e.g. plan vanillia user) to the integer number 1, and you have just made that user a System Administrator with God Level previledges! Save the change log out of the ShoreTel MySQL database. Bring up ShoreWare Director and log in as the user who's password you know. You will find that you are now a full System Administrator and you can add yourself as a System Administrator and change the other user back to plain vanillia.

This is a great strategy, simple and easy to accomplish. The video clip demonstrates just how to do it!

http://www.youtube.com/watch?v=bBD9G3qWWDY br />