PowerDNS-Admin - Forgot your password?

A cute, desperate robot that forgets the admin password - created with DALLE-2

What is PowerDNS Admin?

PowerDNS-Admin is a web-based interface for managing the PowerDNS DNS server. It allows users to manage DNS zones and records through a user-friendly web interface. It is written in Python, uses the Flask framework and a SQL database to store data. In a Kubernetes environment, PowerDNS-Admin can be used to manage the DNS records for a cluster and its resources via ExternalDNS.

Relationship between PowerDNS Admin and PowerDNS Server

In the following diagram you can see that the PowerDNS admin calls the API from the PowerDNS server via a secret key (see red box). The secret key is defined in the PowerDNS server configuration.

Run as a Docker container

If you run PowerDNS-Admin as a Docker container, Docker creates a volume on the host system and creates a Sqlite3 database. When you log in to the PowerDNS Admin UI for the first time, you must create a new user, this user will be assigned the Admin role.

Forget your password, don't worry!

Don't panic, as Sqlite3 is a file-based database and the Linux rights concept applies, the data can be easily manipulated.

1. establish a connection to the system on the PowerDNS admin container is executed:

#use ssh to connect to your vm like:
ssh exampleuser@10.0.0.17

2. then list the volumes and check them:

#list the docker volumes
docker volume ls

#Similar output like:
DRIVER    VOLUME NAME
local     1a6bf52ae2edfeaa41d662ec674d026e348a1ed62491742923bf52ae22ec674e
local     17fc48e354723bf52ae2edfe17fc48e354723bf5ec674d026e348a1ed62e2edf
local     powerdns-admin

#inspect the docker volume from the powerdns-admin
docker volume inspect powerdns-admin

#Similar Output like:
[
    {
        "CreatedAt": "2023-01-21T10:39:18+01:00",
        "Driver": "local",
        "Labels": {
            "com.docker.compose.project": "powerdns-admin",
            "com.docker.compose.volume": "pdns-admin"
        },
        "Mountpoint": "/var/lib/docker/volumes/powerdns-admin/_data",
        "Name": "powerdns-admin",
        "Options": null,
        "Scope": "local"
    }
]

3. establish a connection to the Sqlite3 database:

#Connect to the sqlite3 powerdns-admin database
sqlite3 /var/lib/docker/volumes/powerdns-admin/_data/powerdns-admin.db

4. display table:

sqlite> .tables

#Similar output like:
account                 domain_apikey           history
account_user            domain_setting          role
alembic_version         domain_template         setting
apikey                  domain_template_record  user
domain                  domain_user

5. display the schema of the user table:

sqlite> PRAGMA table_info(user);

#Similar output like:
0|id|INTEGER|1||1
1|username|VARCHAR(64)|0||0
2|password|VARCHAR(64)|0||0
3|firstname|VARCHAR(64)|0||0
4|lastname|VARCHAR(64)|0||0
5|email|VARCHAR(128)|0||0
6|otp_secret|VARCHAR(16)|0||0
7|role_id|INTEGER|0||0
8|confirmed|BOOLEAN|1||0

6. add content to the table role:

sqlite> select * from role;

#Similar output like:
1|Administrator|Administrator
2|User|User
3|Operator|Operator

7. create a new user with bcrypt hash:

sqlite> INSERT INTO user (id, username, password, firstname, lastname, email, otp_secret, role_id, confirmed)
VALUES (50, 'artemla', '$2a$12$hx8Qcuo2vq0xdMhFhzLAY********', 'Artem', 'La', 'artemla@showcase.de', '', 1, 0);

You can see that I have added the user with the role ID1 (Administrator|Administrator).

8. check whether the new user has been created:

sqlite> select * from user;

#Similar output like:
1|admin|$2b$12$HpYpbwpuqlZ.ixfu/hvbI.Rk********|admin|admin|admin@lab.de||1|0
50|artemla|$2a$12$hx8Qcuo2vq0xdMhFhzLAY********|Artem|La|artemla@showcase.de||1|0

9. log in to PowerDNS-Admin with the new user.