![]() ![]() The first field is the user's login name. A typical line looks something like this: msfadmin:x:1000:1000:msfadmin,:/home/msfadmin:/bin/bash There are seven fields in each line of /etc/passwd. The /etc/passwd file contains basic information about each user account on the system, including the root user which has full administrative rights, system service accounts, and actual users. Previously: Perform Local Privilege Escalation Using a Linux Kernel ExploitĪ couple files of particular interest on Linux systems are the /etc/passwd and /etc/shadow files.There are two tried-and-true password cracking tools that can accomplish this: John the Ripper and Hashcat. If the user passwords on the system can be obtained and cracked, an attacker can use them to pivot to other machines if the login is the same across systems. After gaining access to a root account, the next order of business is using that power to do something more significant. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |