Writeable /etc/passwd

The /etc/passwd file contains information about user accounts. It is world-readable, but usually only writable by the root user. Historically, the /etc/passwd file contained user password hashes, and some versions of Linux will still allow password hashes to be stored there.

Investigation and password hash generation

ls -l /etc/passwd
openssl passwd newpasswordhere
nano /etc/passwd

Edit /etc/passwd and add a newly generated password hash

su root

Alternatively, copy the root user's row and append it to the bottom of the file, changing the first instance of the word "root" to "newroot" and placing the generated password hash between the first and second colon (replacing the "x").

Now switch to the newroot user, using the new password.

su newroot

PreviousWeak File Permissions NextReadable /etc/shadow

Last updated 1 year ago