Our Scenarios
password security

*NIX passwords


Modern operating systems store user passwords as hashes for security purposes; a hash is the the result of using a one-way cryptographic function on a user's password, so that it is nearly impossible to reverse the process.

It is very important to know how the major operating systems store user passwords and what hash functions are used, because attempting to crack password hashes is very common during penetration tests. This scenario looks at the various *NIX operating systems and how they store passwords and what hash functions they use.


Imagine the following:

You are providing support for your Red Team who have just managed to compromise the workstation of an IT administrator during their most recent engagement. The Red Team was able to retrieve SSH credentials that are used to connect to the target's central password store. The environment is surprisingly *NIX based, and the Red Team need your help in retrieving and cracking the hashed passwords so they can complete their objectives. Connect to the password store using the SSH credentials retrieved, dump the passwords and crack them to help your Red Team.

What you will learn

After completing this scenario you will learn where the major *nix operating systems store their passwords, how they store them and how to try and crack them.

Technical Details

This scenario contains one virtual machine.