Читать книгу Kali Linux Penetration Testing Bible - Gus Khawaja - Страница 22
Users Commands
ОглавлениеLow‐privilege users must prepend commands with sudo
to execute system commands (and the low‐privilege user must be in the sudo
group to execute sudo
). You will be asked for your account password if you want to use the sudo
command. For example, if you want to execute the fdisk
system tool to show the Kali‐attached devices, use the following command:
root@kali:~# fdisk -l Disk /dev/sda: 80 GiB, 85899345920 bytes, 167772160 sectors Disk model: VMware Virtual S Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x7c02676c Device Boot Start End Sectors Size Id Type /dev/sda1 * 2048 165771263 165769216 79G 83 Linux /dev/sda2 165773310 167770111 1996802 975M 5 Extended /dev/sda5 165773312 167770111 1996800 975M 82 Linux swap / Solaris
Figure 1.5 Kali Linux OS Security Commands
To add a new user to Kali (in this example, Gus is going to be the user), use the useradd
command. Along with it you need to choose the sudo
group with the ‐G
option and the shell type with the ‐s
option:
$useradd -m [user name] -G [group name] -s [shell type]
For our example, it looks like this:
root@kali:~# useradd -m Gus -G sudo -s /bin/bash
Next, let's give the new user a password using the passwd
command:
$passwd [user name - that you want to change password]
Here's how it looks in the terminal window:
root@kali:~# passwd Gus New password: Retype new password: passwd: password updated successfully
If you look closely at the top left, it's written root@kali
; I know that this is confusing, but the structure of this part is in the following format:
username@hostname
To switch to the new user Gus that we created previously, we use the su
command (pay attention to how the user has changed in the terminal window text and turned into Gus@kali
):
$su [user name – that you want to switch to] root@kali:~# su Gus Gus@kali:/root$
To learn the capabilities of the current user with the sudo
command, you need to execute sudo ‐l
to get the correct information:
Gus@kali:~$ sudo -l We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for Gus: Matching Defaults entries for Gus on kali: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin User Gus may run the following commands on kali: (ALL : ALL) ALL
To view the current user information, use the id
command:
Gus@kali:~$ id uid=1001(Gus) gid=1001(Gus) groups=1001(Gus),27(sudo)
To list the currently logged on users, use w
or who
(with fewer details):
Gus@kali:~$ w 10:44:06 up 19 min, 1 user, load average: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root tty7 :0 10:24 19:55 2.36s 2.36s /usr/lib/x Gus@kali:~$ who root tty7 2020-09-22 10:24 (:0)
To remove a user (the user that we will remove in this example is test
), execute the userdel
command:
$userdel [user name – that you want to delete] Gus@kali:~$ sudo userdel test
To list the last logged in users in the Kali system, use the last
command:
Gus@kali:~$ last root tty7 :0 Tue Sep 22 10:24 still logged in reboot system boot 5.7.0-kali1-amd6 Tue Sep 22 10:24 still running root tty8 :1 Tue Sep 22 10:21 - 10:23 (00:02) kali pts/1 tmux(1793).%0 Mon Sep 21 12:16 - 10:23 (22:07) kali pts/2 tmux(1584).%0 Mon Sep 21 11:48 - 11:48 (00:00) kali tty7 :0 Mon Sep 21 10:50 - 10:23 (23:33) reboot system boot 5.7.0-kali1-amd6 Mon Sep 21 10:50 - 10:23 (23:33) kali tty7 :0 Mon Jul 27 13:36 - 15:56 (02:20) reboot system boot 5.7.0-kali1-amd6 Mon Jul 27 13:36 - 15:57 (02:20) kali tty7 :0 Mon Jul 27 13:31 - crash (00:05) reboot system boot 5.7.0-kali1-amd6 Mon Jul 27 13:30 - 15:57 (02:26) kali tty7 :0 Mon Jul 27 13:28 - crash (00:02) reboot system boot 5.7.0-kali1-amd6 Mon Jul 27 13:28 - 15:57 (02:28) wtmp begins Mon Jul 27 13:28:09 2020
Finally, take note that all the users in Kali are stored in a configuration file, /etc/passwd
. Use the cat
command to reveal its contents:
Gus@kali:~$ cat /etc/passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin
The previous command will list all the users, even the system ones (the example just shows the first three). To filter the contents and limit the results for the human users, pipe the output using |
in the grep
command:
Gus@kali:~$ cat /etc/passwd | grep "/bin/bash" root:x:0:0:root:/root:/bin/bash postgres:x:119:124:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash kali:x:1000:1000:kali,,,:/home/kali:/bin/bash Gus:x:1001:1001::/home/Gus:/bin/bash