Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1. Adaugarea
- a. sudo su - root
- b. adduser test
- c. usermod -aG sudo test
- 2. Schimbarea de parola
- a. cd /usr/bin
- b. sudo chmod u-s passwd
- c. PASSWD
- passwd: Authentication token manipulation error
- passwd: password unchanged
- 3. Capabilitati
- a. setcap + cap_chown + cap_dac_override + cap_fowner
- b. setcap cap_chown,cap_dac_override,cap_fowner+ep /usr/bin/passwd
- + Conform articolului https://github.com/tsgates/arch-wiki-markdown/blob/master/wiki/Using_File_Capabilities_Instead_Of_Setuid.md
- 4. Comanda Shadow - conform articolului si testat.
- # chmod u-s /usr/bin/chage
- # setcap cap_dac_read_search+ep /usr/bin/chage
- # chmod u-s /usr/bin/chfn
- # setcap cap_chown,cap_setuid+ep /usr/bin/chfn
- # chmod u-s /usr/bin/chsh
- # setcap cap_chown,cap_setuid+ep /usr/bin/chsh
- # chmod u-s /usr/bin/expiry
- # setcap cap_dac_override,cap_setgid+ep /usr/bin/expiry
- # chmod u-s /usr/bin/gpasswd
- # setcap cap_chown,cap_dac_override,cap_setuid+ep /usr/bin/gpasswd
- # chmod u-s /usr/bin/newgrp
- # setcap cap_dac_override,cap_setgid+ep /usr/bin/newgrp
- # chmod u-s /usr/bin/passwd
- # setcap cap_chown,cap_dac_override,cap_fowner+ep /usr/bin/passwd
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
