Show Rationale: If attackers can gain read access to the /etc/shadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/shadow file (such as expiration) could also be useful to subvert the user accounts. # chown root:root /etc/shadow # chown root:shadow /etc/shadow Run the following command to remove excess permissions form /etc/shadow: # chmod u-x,g-wx,o-rwx /etc/shadow https://workbench.cisecurity.org/files/3219 Learn what the /etc/shadow file is in Linux, its format and the meaning of the fields contained in each line of the file.
In this article, we explain what the /etc/shadow file is in Linux, its format and the meaning of the fields contained in each line of the file. What is Linux?Linux is a family of open-source operating systems based on the Linux kernel. The first Linux system kernel was released on September 17, 1991, by Linus Torvalds.
Read more …
Popular Linux distributions include Debian, Fedora, and Ubuntu, and the commercial distributions include Red Hat Enterprise Linux and SUSE Linux Enterprise Server. There are also quite a number of customized Linux distributions, such as Kali Linux, REMnux etc. Kali Linux is a Debian-based distribution developed, funded and maintained by Offensive Security for ethical hackers for the purposes of Penetration Testing, Security Research & Assessment, and Computer Computer Forensics & Reverse Engineering. REMnux, on the other hand, is a Linux distro curated for reverse-engineering and malware analysis purposes. Quote by Jamie Zawinski
Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes. In Linux, /etc/shadow is a plain text file that stores the encrypted passwords of the users and a set of properties related to the passwords contained. As an essential system file, /etc/shadow file is owned by the root user and it has 640 permissions, i.e., the root account can modify its content while only the users defined in the shadow group are allowed to read it. To display access permissions on the the /etc/shadow file, you can use the ls command in Linux, as described below. $ ls -la /etc/shadow Figure 1. Access Permissions on the /etc/shadow File/etc/shadow File FormatThe /etc/shadow file contains one entry per line that defines the user passwords and the associated parameters for them. Each line of entry is represented by 9 fields that are separated (delimited) by a colon symbol. An example /etc/shadow file entry and the meaning of its contents are depicted in Figure 2. Figure 2. /etc/shadow File Format in LinuxExplanation of the Fields in the /etc/shadow File
Displaying the /etc/shadow FileTo display the content of the /etc/shadow file, you can use the cat command in Linux, as described below. To filter the output of the pervious cat /etc/shadow command by specifying a search pattern, such as a username, you can use the grep command command in Linux, as shown below. $ cat /etc/passwd | grep kali Figure 3. Displaying and Filtering the /etc/shadow File for a Specified UsernameTo learn more on Linux, you could also visit our Linux Resources Page. |