What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

More How to Explore the Insides of Internet Computers -- from your Browser!

You are probably dying to see what's in passwd.  I'm going to be cruel and first force you to learn about group.  OK, OK, I know you can just skip ahead to passwd, but pretty please calm down and look over group first.


Figure 11. The file /etc/group, viewed with Internet Explorer 4.0.

Newbie note:  What does root::0:root mean?  Root is the name of a Unix group.  Each file and directory in a Unix computer has two owners, one a user and the other a group.  One's power to use, write and read a file or directory is dependent on under what user name you login, and on what group you are.  In this case the number zero is the numerical identification (ID) of group root.  Normally group ID 0 is reserved for group root or group wheel.  (I prefer to set up a group wheel for the uberpowerful users on my boxen.) On this computer there is only one user -- root -- in group root.  Group sys looks like another group, adm, is a member. However, only user names are members of groups.  In this case adm is both a user name and a group name.  The groups and user names sys, adm, uucp and so on are all used not by people, but by programs which need rights to use other programs. 

Evil genius tip: The only user name that looks like it is used by a human on this box is root.  This tells us that the sysadmin is careless.  You should always set up an account with lower privileges than root on any Unix computer and do most of your work from that account. The worst problem with having root as your only user account is that then you are forced to login as root.  This makes the root account vulnerable to password guessing.

What else is /etc/group good for?  Let's take a look at another group file:


Figure 12: Another /etc/group

In this case we see a group named bsdi.  This tells us the operating system this computer uses is BSDI.  You can learn more about it at http://www.bsdi.com. 

Evil genius tip:  If you know the operating system of a webserver computer, you can use that information to find ways you might be able to break into it.  See http://happyhacker.org/links.shtml for searchable vulnerability databases.

More hacking with your web browser--->>


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

 
 © 2013 Happy Hacker All rights reserved.