Credential Attacks

Linux

Notes and commands for Linux.

2024-03-28

Tags passwordslinux

Back to Pentest Notes Search Notes

/etc/shadow - which code is which hash

$1$ MD5
$2a$ Blowfish
$5$ SHA-256
$6$ SHA-512
$sha1$ SHA1crypt
$y$ Yescrypt
$gy$ Gost-yescrypt
$7$ Scrypt

/etc/passwd

htb-student:x:1000:1000:,,,:/home/htb-student:/bin/bash
htb-student: x: 1000: 1000:,,,: /home/htb-student: /bin/bash
: : : : : :

The “x” at passwords means a redirect to /etc/shadow where the pw is stored, but if its not set and wrong privleges can lead to vulnerability.

https://tldp.org/HOWTO/pdf/User-Authentication-HOWTO.pdf