/etc/passwd and /etc/shadow files are manipulated to configure the account policies. /etc/groups stores the information about the groups
/etc/passwd Format:
-------
root:x:0:0:root:/root:/bin/bash
#User ID: Refer password to Shadow File: User ID: Group ID: Comment: Home directory: SHELL.
------
This file has to be regularly checked for any root equivalent entry (any other users having the user id '0') in case of any suspected compromise to the system.
/etc/shadow Format:
root:$!*&^#*&J@*(&#JHJKgFU:13037:0:99999:7:::
This file contains the encrypted password and the password policies information.
CHAGE
Using this chage command we can alter the password policies.
Setting up the accound policies:
/etc/login.defs
This file defines the key variables that appiles to all users while creating the new users.This includes the following settings
Default Mail directory
Max password age days
Min Passsword held days
Password warining days etc
minimum and maximum user IDs and the option of creating the home directories etc.
After altering the file a new user created will be inheriting the new settings. Old users will retain their previous settings.
Now create a user and check the password policy using
# chage -l user
This will show the default account policy set.
If need to change the password policy upon per user basis can set password policy using chage.
#chage -m 3 user
this updates the calue of minimum days of password held to 3
#chage -M 45 -W 7 user
THis will change the value of Maximum password days to 45 and gives a Warining before 7 days of password expiration.
extract the usernames from the password file
# for i in `awk -F : {' print $1 '} /etc/passwd; do echo $i; done
awk runs as field separator and prints the field 1. and extracts the user names from the file /etc/passwd
John The Ripper Tool:
This is the password integritty checker as well password cracker. Download the tool and signature from www.openwall.com.
#gpg --import
# gpg --verify john-1.7.tar.sig john-1.7.tar.gz
# tar -zxvf john-1.7.tar.gz
# cd john-1.6
# make
This will return the list of system that this program can compiled on. So search for the file that has the similarities to our hardware.
eg :- "linux-x86-mmx-elf"
# make linux-x86-mmx-elf
Now the binary will be compiled
# cd run
In this file we will get the newly compiled binary named "john"
#./john -users:root,kiran,jithu /etc/shadow
If you have got a weak password in shadow it will echo the result of the password crack. including the alorithm used for encryption. This process result in creation of a file called john.pot which contains the encryption string and corressponding password.
#./john -show -users:root,kiran,jithu /etc/shadow
This will show the password cracked history (read from the file john.pot) in clear text format
kiran:kiran123:13037:3:45:7::: (the shadow file format)
The more difficult password the time taken by the tool and the utilization of CPU will be more. Even more length of password with out any combination of case sensitive will make more time to crack. So usage of the password having more than 7 characters of minimum length will make more time to crack the passwords
#./john /etc/shadow
This will crack all the users in the system.
No comments:
Post a Comment
tag ur valuable ideas below