Lab 7 for Boot to Linux - Computer Network Security | ECPE 178, Lab Reports of Cryptography and System Security

Material Type: Lab; Class: Computer Network Security; Subject: Electrcl & Computer Engr; University: University of the Pacific; Term: Fall 2007;

Typology: Lab Reports

Pre 2010

Uploaded on 08/16/2009

koofers-user-9z7
koofers-user-9z7 🇺🇸

10 documents

1 / 24

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
LAB #7LAB #7
If any of your force be
Your assignment, Your assignment,
should you choose should you choose
to accept it…to accept it…
Gathering information:
12/20/2007 1
LAB 7
If any of your force be
killed or captured, the
secretary will disavow
any knowledge of your
actions...this tape will
self destruct in 5
seconds...
Good Luck, Jim
Gathering information:
Find the password file on a
Linux box
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18

Partial preview of the text

Download Lab 7 for Boot to Linux - Computer Network Security | ECPE 178 and more Lab Reports Cryptography and System Security in PDF only on Docsity!

LAB #7LAB

If any of your force be

Your assignment,Your assignment,should you chooseshould you chooseto accept it…to accept it… Gathering information:

12/20/

LAB 7

If any of your force be killed or captured, thesecretary will disavowany knowledge of youractions...this tape willself destruct in 5seconds...Good Luck, Jim

Gathering information: Find the password file on aLinux box

Scenario

You have access to a Linux computer. You must findthe password file on the computer.

LAB #7LAB

12/20/

LAB 7

The “all-powerful” user under Windows

is

Administrator or any user with admin privileges

An attacker wants “admin privileges.”

The “all-powerful” user under Linux

is

root

LAB #7LAB

12/20/

LAB 7

root

An attacker wants “root privileges.”

Only

root

has root privileges – no other users

Linux Prompts:

$ = normal user# = root

Important!Important!Important!Important!

LAB #7LAB

Boot to Linux

Insert the

Knoppix

CD in your laptop and reboot.

Knoppix is a “distro” of Linux.

“distro” is short for “distribution

Press when you get the

Boot:

prompt.

When fully booted,

close the Knoppix webpage

12/20/

LAB 7

When fully booted,

close the Knoppix webpage

Open a terminal window

by clicking on the computer icon

on the task bar at the bottom of the screen. •

The icon has a black screen

It’s to the right of the little house.

Use the up/down arrow keys to access previous commands!

LAB #7LAB

Navigating the directory structure You can move:

  1. Down the directory structure2. Up the directory structure3. Across the directory structure

12/20/

LAB 7

LAB #7LAB

Enter the following

(the

is the “normal

user” prompt)

$ cd /

cd (change directory) to the top of structure

that’s a

forward

slash!

$ pwd

where am I in the directory structure?

$ ls

list the top level directories, including these 5:

12/20/

LAB 7

LAB #7LAB

Continue…

(You’re in

/home/knoppix

$ cd root

oops!

no

/root

dir under

/home/knoppix

$ cd /root

go

directly

to

/root

from

/home/knoppix

$ ls /home/knoppix

view a remote dir w/o going there

$ cd ..

move up one level (to the top)

Linux requires a there! (DOS does not)

12/20/

10

LAB 7

LAB #7LAB

Tab completion

  • type part of a file or directory name

, hit

, and Linux will finish the name

$ cd /ro

ro becomes root!

is nice when names are very long

Wildcards

(can be used with any command)

  • = zero or more characters;? = zero or one character

$ cd /etc

/etc is big!

12/20/

LAB 7

$ cd /etc

/etc is big!

$ ls *.conf

lots of .conf files

$ ls *.c??

list all .c?? files

there’s 2 chars after ‘c’

Finding

files (e.g. the

passwd

file – or flags)

$ cd /

start at top

$ find / -name passwd

find

passwd

file

Don’t re-type previous commands – use the arrow keys!

LAB #7LAB

Continue…

(You’re in

/etc

$ su

switch user (root is default)

the prompt changes!

you’re root!

you were not asked for root’s password, because root has no password - yet

cat shadow

now you can view the password file!

root can do lots of things that the normal user cannot

12/20/

LAB 7

root can do lots of things that the normal user cannot

but there’s no hashes here – no one has a password yet

cat shadow | less

view it a page at a time

note root (top first page) has no

hash

(no password)

hit to view next page, q to quit

remember, you can hit and try anyprevious command again

LAB #7LAB

Continue…

passwd root

give root a

simple

password

Linux will now ask you (twice) for the new password

hit til you see the next command; hit

cat shadow | less

should now see a

hash

for root at top of first page

12/20/

LAB 7

When a password cracker guesses a password (either a wordtaken from a dictionary or just a random set of characters), ithashes that password and then compares the hash with thehash stored in the password file. If they match, the passwordhas been successfully guessed!Remember, a hash is just the result of a mathematicaloperation done on the numerical equivalent of a password.

LAB #7LAB

Enter this sequence of commonly used commands:

cd /root

go to root’s home directory

mkdir test

make a new directory under /root

cd test

move to new directory

pwd

you’re in /root/test

echo “Hello Linux World.” > file

creates a new file called file1 and…

12/20/

LAB 7

creates a new file called file1 and…

writes the message into the file

cat file

view the contents of file

rm file

remove (delete) file

cd ..

go up to /root

rmdir test

remove test directory

LAB #7LAB

Continue…

cat /etc/shadow

one more time…

cat /etc/SHADOW

Linux is case sensitive

cd ~

go home (/root)

pwd

list present working directory

ls

nothing here

cp /etc/shadow.

copy password file here (.)

12/20/

LAB 7

cp /etc/shadow.

copy password file here (.)

ls

there it is - shadow!

su knoppix

switch to knoppix user

$ ls

$ = you’re a normal user

$ cat shadow

you don’t have the right!

Note

: Both

cp

and

mv

(move file) will over-write existing

files without warning you!

LAB #7LAB

File permissions:

dooogggwww

= permissions

d:

directory

o

= owner

r

= file can be read

g

= group

w

= file can be written

w

= world

x

= file can be executed

Example:

-rwxr-x--x

Meaning:

This is a file, not a directory (no ‘d’)

File’s owner

12/20/

LAB 7

Meaning:

This is a file, not a directory (no ‘d’)

File’s owner

can read, write, execute

Owner’s group can read and execute

The world (everyone) can execute only.

cd /etc

if not already there, move to /etc

ls –l passwd

list passwd – note permissions

ls –l shadow

list shadow – note permissions

Do you see the difference between passwd and shadow?^ 

World can read

passwd

, but not

shadow

Networking commands

ifconfig

list interface conf info – gives your IP address

ping 127.0.0.

pings the target (Ctrl-c = quit)

netstat –an | less

lists status of (

a

ll)

n

etwork interfaces – pipe to

less

LAB #7LAB

12/20/

LAB 7