Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Why use strong passwords?
Special Forums Cybersecurity Why use strong passwords? Post 302727035 by jgt on Monday 5th of November 2012 02:18:25 PM
Old 11-05-2012
Passwords are no longer stored in /etc/passwd. If you have access to /etc/shadow, then you already have root access to the target system anyway, either through the root password, or physical access.
 

2 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Strong quotes and spaces

We ran into a problem because of a shop that uses Windows and UNIX. The file names that Windows uses have spaces in them. When they get moved to the unix system they still have spaces. This produces a problem in our script that moves them again from one unix system to another. I've made up a... (2 Replies)
Discussion started by: jimcampanella
2 Replies

2. UNIX for Advanced & Expert Users

When did UNIX start using encrypted passwords, and not displaying passwords when you type them in?

I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies

LEARN ABOUT DEBIAN

sucrack

SUCRACK(1)						      General Commands Manual							SUCRACK(1)

NAME

       sucrack - is a multithreaded Linux/UNIX tool for brute-force cracking of local user accounts via su.

SYNOPSIS

       sucrack [options] wordlist

DESCRIPTION

       sucrack is a multithreaded Linux/UNIX tool brute-force cracking tool that drives su(1) with referencing a specific user and uses words from
       a wordlist as passwords. Running sucrack does not require high privileges on the target system.

OPTIONS

       sucrack allows reading passwords from stdin. In that case, use '-' instead of a filename as wordlist parameter.

       Common options:

       -h     print help message

       -a     use ansi escape codes for nice looking statistics (requires --enable-statistics configuration flag)

       -s <seconds>
	      statistics display intervall (requires --enable-statistics configuration flag)

       -c     only print statistics if a key other than `q' is pressed

       -r     enable rewriting of dictionary words (see rules below)

       -w <num>
	      number of threads to run with.

       -b <size>
	      size of the word list buffer

       -u <user>
	      user account to su to

       -l <rules>
	      specify certain rules for the rewriting process

       Rewriting rules:

       A      Rewrite word with only upper case characters

       F      Rewrite word with first character as upper case

       L      Rewrite word with last character as upper case

       a      Rewrite word with only lower case characters

       f      Rewrite word with first character as lower case

       l      Rewrite word with last character as lower case

       D      Prepend each digit (0-9) to the word

       d      Append each digit (0-9) to the word

       e      enleet the word

       x      apply all rules to a word

ENVIRONMENT VARIABLES

       SUCRACK_SU_PATH
	      The path to su (usually /bin/su or /usr/bin/su)

       SUCRACK_AUTH_FAILURE
	      The message su returns on an authentication failure (like "su: Authentication failure" or "su: Sorry")

       SUCRACK_AUTH_SUCCESS
	      The message that indicates an authentication success. This message must not be  a  password  listed  in  the  wordlist  (default	is
	      "SUCRACK_SUCCESS")

AUTHOR

       Nico Leidecker <nfl@portcullis-security.com>
	      http://www.leidecker.info

SEE ALSO

       su(1)

								   Version 1.2.3							SUCRACK(1)
All times are GMT -4. The time now is 07:33 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy