Password Attacks

Credential Storage

Linux

  • /etc/shadow contains the hashes

Format: $id$salt$hash$

Hash algorithm ID:

In the past, the encrypted password was stored together with the username in the /etc/passwd file, but this was increasingly recognized as a security problem because the file can be viewed by all users on the system and must be readable. The /etc/shadow file can only be read by the user root.

passwd file

htb-student:

x:

1000:

1000:

,,,:

/home/htb-student:

/bin/bash

<username>:

<password>:

<uid>:

<gid>:

<comment>:

<home directory>:

<cmd executed after logging in>

Windows

Last updated