Unix 09

Bookmarked!

This exercise is one of our challenges to help you learn more about Unix/Linux

PRO
Tier
difficulty_easy_icon
Easy
clock icon
< 1 Hr.
number of users completed icon
20418
badge icon
Unix Badge

In this lab, you will be logging in with the username pentesterlab and the password pentesterlab. The challenge focuses on identifying a common mistake where users accidentally type their passwords directly into the shell instead of at a password prompt. This mistake leaves passwords visible in the .bash_history file, which records all commands run in the shell.

You will learn to use the grep command to search through .bash_history files for instances of the passwd command, which is often followed by the mistakenly typed password. By leveraging the -A option in grep, you can capture the line following the passwd command. To refine your search and avoid false positives from lines containing /etc/passwd, you can use the caret ^ to match lines starting specifically with passwd. Wrapping this in a find command, you will automate the process, searching through multiple user directories efficiently.

Want to learn more? Get started with PentesterLab Pro! GOPRO