Unix 09
Bookmarked!This exercise is one of our challenges to help you learn more about Unix/Linux
In this lab, you will be logging in with the username pentesterlab
and the password pentesterlab
. The challenge focuses on identifying a common mistake where users accidentally type their passwords directly into the shell instead of at a password prompt. This mistake leaves passwords visible in the .bash_history
file, which records all commands run in the shell.
You will learn to use the grep
command to search through .bash_history
files for instances of the passwd
command, which is often followed by the mistakenly typed password. By leveraging the -A
option in grep
, you can capture the line following the passwd
command. To refine your search and avoid false positives from lines containing /etc/passwd
, you can use the caret ^
to match lines starting specifically with passwd
. Wrapping this in a find
command, you will automate the process, searching through multiple user directories efficiently.