The fact that, In my Lab, one of the user who is in sodoers list has changed the root password, is there any way to reveal the password he has set? I know how to change it by editing from GRUB but what if I want to know what's the previous password.
It is a vast topic to discuss on. But considering the case of Ubuntu, the passwords are stored in the location
/etc/shadow
You can view the contents by opening it with
sudo nano /etc/shadow
On the very first line you can see
root:$6$xrzOs5vu$gfLwd1NVOBRqCvmgpBOa9V4PzNOzlgC2jGU.GT8k9zPiW2zihymU/nmgdjsP8SzR3Qk7UoQUkTrsi9tCIFy6f.:16303:0:99999:7:::
The first part is the username (Here it is root. You can see other users below). Then comes the hashed form of your root password. Usually once we assign a password to ubuntu, It generates a random salt value and add this salt value to the password file and then hashes it using any of the algorithms like sha512,md5,etc. Since the salt is unknown it is very hard for a cracker to crack the passwords. But you still can change your root password by simply typing the following on terminal
sudo passwd
