Weak file permission
first start with to know the permissions of critical file like /etc/shadow /etc/passwsd
we found any user on the system can read the shadow file
try to unshadow passwords of this file
get two file on attacker machine
/etc/shadow/etc/passwsdthen choose unshadow tool → which use to print user and hashed file
run john to crack this hash
shadow file must have privilege for other users is 0 privilege
--pot=deleteme.pot
Last updated