Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Linux Services
|
Users inside of Linux
Let’s talk about users inside of Linux. The users inside of Linux are stored inside the /etc/passwd file. So here is what the contents of the /etc/passwd file look like: So, let’s try to understand what the sample entry means. The output for the first line looks like this: root:x:0:0:root:/root:/bin/bash ◾ The “root” is the username. ◾ The root is followed by x, which means that the password is moved inside the shadow file, which we will discuss next. ◾ Next is the UID of the user, which is (0) for root, followed by the groupid (0) primary group the user belongs to. In this case, the user belongs to root. ◾ Next is the space for comments, which an administrator may want to store. ◾ It is then followed by the absolute path of the home directory, which is also the starting loca- tion of the command line. Linux Basics ◾ 29 More about the /etc/passwd file: ◾ In a standard /etc/passwd file, most of the users would be default users like bin/adm and mail. ◾ All the Unix/Linux users are identified by a user id, which starts at 0 and increments from there with some jumps in between. Any user with uid 0 has root level privileges. ◾ The nondefault users generally have UIDs starting from 500 or 1000, and increment from there. ◾ Inside of the /etc/passwd file, some users would have /false at the end, which means that those users cannot have an interactive login session. Linux Services The traditional Linux services are inside the /etc/init.d directory; this would include scripts to execute a particular service or program that would begin when Linux starts loading. Linux Password Storage The password for Unix/Linux is stored inside the /etc/passwd file or /etc/shadow file. Modern Unix-based systems only store passwords in the /etc/shadow file and are only readable by root. In older Unix versions, you may find passwords being stored in the /etc/passwd file. This is what the /etc/shadow file looks like: The username is followed by a hash. The hashing method would depend upon the version of Linux you are using. MD5 is the most common hashing format for Linux; the password is salted, making it very difficult to crack. You would learn more about cracking password hashes in later Yüklə 22,44 Mb. Dostları ilə paylaş:
|