1
00:00:00,150 --> 00:00:03,520
OK so now we're going to cover users and privileges.

2
00:00:03,660 --> 00:00:10,400
So in the last video we touched a little bit on privileges with our allies dash L.A. and we touched

3
00:00:10,400 --> 00:00:14,170
a little bit on users by changing the password of our route account.

4
00:00:14,310 --> 00:00:17,970
So now we'll cover a few more commands regarding those.

5
00:00:17,970 --> 00:00:20,730
So if we look again at s dash L.A.

6
00:00:23,970 --> 00:00:29,540
You could see all this crazy jumbled word EJ over here right.

7
00:00:29,580 --> 00:00:34,500
So it actually means something so we look at the first line here.

8
00:00:34,500 --> 00:00:41,270
If we see a dash like this a hyphen that means it's a file if we see a D.

9
00:00:41,280 --> 00:00:49,070
That means it's actually a directory and then you see our w an X so RW an X actually means read write

10
00:00:49,210 --> 00:00:50,100
execute.

11
00:00:50,270 --> 00:00:54,280
It's the permission settings that this particular group has.

12
00:00:54,380 --> 00:00:57,010
Now there are three groups here.

13
00:00:57,080 --> 00:01:00,860
There's the first second and then your third right here.

14
00:01:00,860 --> 00:01:01,830
Right.

15
00:01:01,880 --> 00:01:08,270
So your first group right here is the owner of the file.

16
00:01:08,330 --> 00:01:12,490
So it looks like the owner of the file has full read right execution.

17
00:01:12,560 --> 00:01:13,610
Right.

18
00:01:13,700 --> 00:01:20,090
And then the next set of three here is actually the permissions for the members of the group that own

19
00:01:20,090 --> 00:01:21,360
the file.

20
00:01:21,380 --> 00:01:25,940
So this is a group ownership as opposed to actual ownership here.

21
00:01:25,940 --> 00:01:31,250
So for the people that are in the group that has access to this file they can only read and execute.

22
00:01:31,250 --> 00:01:33,100
They can't write to it.

23
00:01:33,500 --> 00:01:36,710
Now for the last one this is just all of their users.

24
00:01:36,710 --> 00:01:40,960
So any common user here can actually just read and execute.

25
00:01:40,970 --> 00:01:42,730
They can't write the document.

26
00:01:43,130 --> 00:01:49,170
So that comes into play especially when we get into penetration testing because of penetration testing.

27
00:01:49,310 --> 00:01:51,860
We're looking to have full access right.

28
00:01:51,890 --> 00:01:55,620
So we're always going to be looking for that folder that has full read.

29
00:01:55,630 --> 00:01:56,300
Right.

30
00:01:56,310 --> 00:02:02,660
Typically if we look at temp that's our temp folder a lot of times you see the temple there has full

31
00:02:02,660 --> 00:02:03,650
read write execute.

32
00:02:03,740 --> 00:02:08,890
So when we're doing penetration testing we're trying to upload some sort of exploit.

33
00:02:08,900 --> 00:02:14,620
We might actually upload it into the temp folder because that's where we can execute those those files.

34
00:02:14,630 --> 00:02:21,980
However we could also be looking for other full read write execute files where we need to modify them

35
00:02:22,130 --> 00:02:24,890
and give us root access to a system.

36
00:02:24,920 --> 00:02:29,030
So it's all about insecure configurations.

37
00:02:29,030 --> 00:02:34,440
And we're going to cover that more once we get into the actual penetration testing part of the course.

38
00:02:34,460 --> 00:02:40,010
So for the Linux essentials part of the course all we need to worry about is these file permissions.

39
00:02:40,010 --> 00:02:44,960
Another important feature of that is if we were to create a script or scripts actually be to run until

40
00:02:44,960 --> 00:02:46,730
it has full access.

41
00:02:46,730 --> 00:02:49,320
So how do we change access here.

42
00:02:49,580 --> 00:02:51,890
So let's make a file.

43
00:02:51,950 --> 00:02:56,960
I'm just going to make will just echo another text document right.

44
00:02:56,990 --> 00:02:58,970
So we'll just say hello.

45
00:02:59,330 --> 00:03:01,850
And actually I type that it backwards.

46
00:03:02,460 --> 00:03:03,410
So hello.

47
00:03:03,500 --> 00:03:05,170
And we'll call it.

48
00:03:05,570 --> 00:03:06,550
Hello.

49
00:03:06,590 --> 00:03:14,320
Text slightly less here by default.

50
00:03:14,330 --> 00:03:18,180
We only have read write and then read access for everybody else.

51
00:03:18,230 --> 00:03:22,680
Meaning if we wanted to read it we could say cat which we're going to get into later.

52
00:03:23,090 --> 00:03:25,580
Cat hollowed out texts and it just says hello.

53
00:03:26,360 --> 00:03:34,910
So what can we do here where we can use something called change mode in changing mode is C H emoji and

54
00:03:34,910 --> 00:03:39,690
we have a couple options here so we can do a plus.

55
00:03:39,740 --> 00:03:40,160
Right.

56
00:03:40,190 --> 00:03:45,070
And we could say well we want read write execute or we just want execute.

57
00:03:46,580 --> 00:03:52,550
But another way I like doing it is you have a number feature.

58
00:03:52,640 --> 00:04:00,170
So the one you really need to know is all sevens sevens gives you full read write access across the

59
00:04:00,170 --> 00:04:01,160
board.

60
00:04:01,250 --> 00:04:06,430
So if we say C H mod seven seven seven hollowed out text.

61
00:04:07,010 --> 00:04:10,730
Now we l s L.A. and you notice that.

62
00:04:10,730 --> 00:04:11,240
Hello.

63
00:04:11,240 --> 00:04:12,710
That text turns green.

64
00:04:12,710 --> 00:04:14,930
That means it is full read right.

65
00:04:14,990 --> 00:04:15,910
And here you go.

66
00:04:15,920 --> 00:04:21,170
We've got the dash here saying it's a file and we've got read write execute across the board.

67
00:04:21,170 --> 00:04:23,740
So this is how we change file permissions.

68
00:04:23,900 --> 00:04:28,730
You don't need to necessarily know about the other numbers in terms of penetration testing it becomes

69
00:04:28,730 --> 00:04:34,400
more in terms of configuration and security management of files if you were to get down that path.

70
00:04:34,430 --> 00:04:41,060
So to stay on the easiest path just remember seven seven seven or plus X will work as well.

71
00:04:41,060 --> 00:04:46,670
So changing the mode is is critical and we're going to cover it time and time again throughout the course.

72
00:04:46,940 --> 00:04:48,950
Once we get a little bit deeper.

73
00:04:49,130 --> 00:04:51,810
So a couple more things we need to talk about.

74
00:04:51,920 --> 00:04:54,990
Say we wanted to add a new user.

75
00:04:55,120 --> 00:05:02,830
Well there's a feature called add user so we say add user and one or two names is allowed.

76
00:05:02,830 --> 00:05:06,470
So we need to add a user a John.

77
00:05:06,580 --> 00:05:06,910
OK.

78
00:05:06,940 --> 00:05:08,440
So it made something for John.

79
00:05:08,470 --> 00:05:16,930
Let's give him a password given password again and we'll just hit enter for the defaults.

80
00:05:16,930 --> 00:05:18,460
It's all correct.

81
00:05:18,460 --> 00:05:18,710
OK.

82
00:05:18,730 --> 00:05:28,510
So we now have a user named John and we can confirm that we can actually cat the Etsy password file

83
00:05:28,510 --> 00:05:33,870
here and you see down at the very bottom we have this user John.

84
00:05:33,900 --> 00:05:40,320
So this Etsy password file you're going to become very familiar with because it shows you all the users.

85
00:05:40,320 --> 00:05:45,180
Now this will this lot of times are you doing penetration testing you're going to have access is Etsy

86
00:05:45,200 --> 00:05:48,200
pass her file because it doesn't provide the password anymore.

87
00:05:48,210 --> 00:05:50,130
It used to a long time ago.

88
00:05:50,340 --> 00:05:56,460
Passwords are now in the shadow file so you actually have a little bit of access and information disclosure

89
00:05:56,460 --> 00:05:59,850
here at the hands of poor configuration.

90
00:05:59,850 --> 00:06:02,900
So you see that I've created a user John.

91
00:06:02,910 --> 00:06:04,980
Well that gives us a little bit more information.

92
00:06:04,980 --> 00:06:07,580
Say there's SSA each on a machine or something else.

93
00:06:07,680 --> 00:06:11,040
We can use that user name of John to try to break into the machine.

94
00:06:11,220 --> 00:06:13,830
So we'll cover that again later.

95
00:06:13,830 --> 00:06:22,470
But if we wanted to see what the Etsy shadow file looks like now we come in here and you've got these

96
00:06:23,190 --> 00:06:25,710
these jumbled stuff here right.

97
00:06:25,710 --> 00:06:28,050
So it's just a hashing format.

98
00:06:28,110 --> 00:06:37,200
So what we're doing is we can actually use a tool like hash cat to break this down and crack these passwords.

99
00:06:37,200 --> 00:06:43,920
Now a password a password will be very easy but just know that if you have access to the Etsy shadow

100
00:06:43,920 --> 00:06:49,140
file you have a good chance of cracking a password depending on your capabilities and depending on the

101
00:06:49,140 --> 00:06:52,570
strength of the password that allow you access to a machine.

102
00:06:52,590 --> 00:06:55,250
So something to think about their OK.

103
00:06:55,280 --> 00:06:57,770
So now we have our user John.

104
00:06:57,950 --> 00:07:04,070
Let's go ahead and switch to him so we can use something called SMU which stands for switch user will

105
00:07:04,140 --> 00:07:07,320
say switch user John OK.

106
00:07:07,350 --> 00:07:09,470
So automatically gave us John here.

107
00:07:09,480 --> 00:07:11,970
Let's see if we could switch back to root.

108
00:07:12,120 --> 00:07:16,260
We can't just switch back to root because we need root's password.

109
00:07:16,440 --> 00:07:16,710
Right.

110
00:07:16,740 --> 00:07:20,070
So we can type in password and that works.

111
00:07:20,070 --> 00:07:22,920
But if we didn't know the password then we'd be stuck on John.

112
00:07:23,040 --> 00:07:26,030
We are able to access John because we were already rude.

113
00:07:26,580 --> 00:07:29,700
So this comes into play in terms of users.

114
00:07:29,730 --> 00:07:30,990
Let's go back to John here

115
00:07:33,890 --> 00:07:34,440
now.

116
00:07:34,800 --> 00:07:40,260
If you're a user you have to be able to do certain things you need permission to do certain things I

117
00:07:40,260 --> 00:07:40,980
should say right.

118
00:07:41,010 --> 00:07:44,350
So root has full access and permission to do everything.

119
00:07:44,370 --> 00:07:45,810
But John we just created John.

120
00:07:45,810 --> 00:07:47,910
John doesn't have any sort of access.

121
00:07:47,910 --> 00:07:54,820
So if we wanted to if we wanted to change the password say we want to change the password for four root

122
00:07:56,890 --> 00:08:01,650
I can't modify the password information because I don't have that kind of access.

123
00:08:01,750 --> 00:08:07,330
Now there is something called a pseudo which would provide John the access if we gave it to him.

124
00:08:07,330 --> 00:08:15,250
So it's called a pseudo source file and basically anybody in that pseudo worse file can change permissions

125
00:08:15,250 --> 00:08:17,290
given if they are a pseudo user.

126
00:08:17,290 --> 00:08:18,050
Right.

127
00:08:18,070 --> 00:08:27,100
So we would type in pseudo password root and it's going to ask for the password for John but you're

128
00:08:27,100 --> 00:08:29,860
going to notice a John's not in the pseudo ours file.

129
00:08:29,860 --> 00:08:31,450
John can't do this.

130
00:08:31,450 --> 00:08:33,830
So John has base permissions right.

131
00:08:34,000 --> 00:08:38,350
And we're going to counter that a lot of times and penetration testing where if we get in we'll get

132
00:08:38,350 --> 00:08:43,780
something called Lower privilege and we'll get it and count like John and we're going to try to escalate

133
00:08:43,780 --> 00:08:45,580
into route but we just can't do it.

134
00:08:45,590 --> 00:08:52,360
You know the chances of doing a doing that and having a John in a pseudo risk file is just not high.

135
00:08:52,390 --> 00:08:54,790
It's possible but it's not likely.

136
00:08:54,790 --> 00:09:01,000
So for now just know that if you want a user other than route to have access to file permissions you

137
00:09:01,000 --> 00:09:06,070
need to have them in the pseudo file that becomes useful to penetration testing because you can look

138
00:09:06,070 --> 00:09:12,220
at the sewers file if you have access to see what users have sudo privileges OK.

139
00:09:12,250 --> 00:09:17,710
So that is it for this lesson and the next lesson we're going to be covering network commands and moving

140
00:09:17,710 --> 00:09:19,960
on gradually towards scripting.

141
00:09:19,960 --> 00:09:23,490
So let's go ahead and get there and I will see you when we get over there.