Now let’s edit the /etc/passwd file and paste the newly generated hash between the first and second colon.įinally, we can switch to the root user using the new password.Īlternatively, you could have also created a new user account with root group membership. Now we can use openssl to generate a new password hash in the format used by /etc/passwd. In our example, we can see that our user account has read/write access. If we have write access to this file as a low level user, we can abuse this privilege to actually overwrite the root user’s password hash.ĭo do this, let’s first check the file permissions on the /etc/passwd file. Historically, the /etc/passwd file contained user password hashes, and some versions of Linux will still allow password hashes to be stored there. It is world-readable, but usually only writable by the root user.
The /etc/passwd file contains information about user accounts.
0 kommentar(er)
