Unshadow Attack

Hi and welcome to this new video! In this video we continue the "Linux Privilege Escalation" series. This time the focus will be on a specific technique that uses the unshadow tool. The idea is that anytime we can get our hands on the shadow file, then we can try to crack the hashes saved within that file to obtain some user credentials. In this video I show how to go about doing something like that. I hope you find it helpful, and I would appreciate if you leave your feedback down in the comments, subscribe to the channel and share this series with like-minded people. Thank you very much! ------------------------- TIMESTAMP 00:00 Introduction 01:15 Docker setup 02:30 Shadow and Passwd files 10:35 Compute shadow hashes 13:20 Why use the salt? 15:25 Wordlists and rockyou.txt 17:22 Unshadow attack 23:52 Conclusion ------------------------- REFERENCES - Material: https://github.com/LeonardoE95/yt-en/tree/main/src/TBD-linux-privesc-linux-unshadow-attack - John the ripper: https://www.openwall.com/john/ - Hashcat: https://hashcat.net/hashcat/ - Rockyou wordlist: https://github.com/danielmiessler/SecLists/tree/master/Passwords/Leaked-Databases ------------------------- CONTACTS - Blog: https://blog.leonardotamiano.xyz/ - Github: https://github.com/LeonardoE95?tab=repositories - Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ