Open in app

Sign in

Write

Sign in

[Part 3]Kali Linux Basics: Learn about Users and Privileges with simple command line

Koay Yong Cett
7 min readApr 26, 2020

This topic continue back from Part 2 Kali Linux Basics. In this lesson, we will learn about the users and privileges in the Kali Linux OS with several simple command line. Now, let’s dive in to explore the Kali Linux OS.

What we will learn in this lesson:

  1. overview (quick user privilege overview)
  2. chmod (change mod)
  3. adduser (add user with this command)
  4. /etc/password, /etc/shadow (important files)
  5. su (switch user)
  6. sudo (elevate privileges)

Now, we are going to cover users and privileges. In the last lesson, we touched a bit on privileges with our ls -la and a bit on users by changing the password of our root account. Thus, we will cover few more commands regarding of the users and privileges.

Now, let’s have a look at the content of ls -la . You could see all this crazy line of word in the red box right? It actually mean something, so we will examine all the information in the line carefully.

If we see a dash in front of the line that means that it’s a file.

If we see a d in front means that it’s actually a directory.

If we see r, w and x mean that it’s read, write and execute. It’s the permission setting that this particular group has.

There are three group and it’s boxed in color for the differentiation. The first group(red box) here is the owner of the file and in the figure above shows that the owner of the file has full read/write/execute. Next set of three here(blue box) is actually the permissions for the member of group that own the file. Therefore, this is a group ownership as opposed to the actual ownership.For the people that are in the group that has access to this file, they can only read and execute but cannot write to it. As for the last one, this is for just all other users. Hence, any common user here can actually only read and execute and cannot write to it.

Now, why is this important? That is important especially when we get in to penetration testing. This is because we are looking to have full access right so we are going to be looking for that folder that have full read/write in all the three group.

Typically we look at our temp folder a lot of times.As you can see in the figure above, temp folder has full read/write/execute . Then, when we are performing penetration testing and want to upload some sort of exploit, we might upload into temp folder. This is because in the temp folder, we can execute those files. However, we could also be looking for other full read/write execute files where we need to modify them and give us root access to a system. Therefore, it’s all about insecure configurations

Take Note: if you notice that at the permission part where the last part of it is replaced with t instead of x.

If the sticky bit is set on a directory, the write permission on the directory is no longer enough to allow files to be removed. You must additionally own the file or own the directory to perform such action. The “t” symbol means that the execute permission (x) is combined with sticky bit.

In that /tmp directory above, anyone can create new files. But because of the sticky bit, one user cannot delete another user’s files. However, the root still continues to be able to delete from any directory regardless of permissions.

Another important feature here is change access of files, folders and directory with command called chmod.

If we create a script, our script are not going to be able to run until it has full access. Thus, how do we change access in the terminal?

Here, I am just going to make another file with echo command. I will just make the hello.txt file with the word “hello” in it. When we list all the directory content, the file by default only have read/write and read access for everybody else.

We can change the access with command chmod. For instance in the figure above, chmod +x hello.txt means that the execute command is added to all group. Now, you will notice that the hello.txt file is green color coordination means that it is full read/write.

Another way of changing access with the number feature. The one number that you really need to know is all seven(777) and seven give you full read/write/execute for the file. So, this is basically how we change file permissions. You don’t actually need to know about other numbers in term of penetration testing. However, when it becomes more in terms of configuration and securing management of file then you probably need to know about it more.

Another feature is add a new user with command known as adduser.

We can adduser with the command sudo adduser combined with name and enter all the other information. Now, we have a user name called john. How do we confirm that?

We can confirm that by looking into the /etc/passwd file by command cat. At the very bottom, you can see that we have the user john which we created just now. In this file, it shows you all the user. However, it doesn’t provide the password anymore but it used to be at a long time ago. The passwords are now in the shadow file now.

In this file, you have all this information and it’s actually the hashing format. For instance, we can use a tool like hash cat to break this down and crack the passwords depending on your capability and strength of the password.

Another feature is switch user with command su.

We can switch to user john with command su and the password for user john is needed to switch the user successfully. The command whoami is used to check what user terminal we are in right now or you can just simply look at the name john@kali.

User john are not able to perform such action as it is not user kali.

Another feature called sudo for escalating privileges.

The sudo will provide john that access to modify the password information for other user if we give it to him. It’s called the sudoers file and basically anyone in that sudoers file can change permission given. If they are sudo user in sudoers the file, then they will able to change the password. In figure above, john is not in the sudoers file so he cannot perform this action.

In figure above kali is in the sudoers file thus the user is allowed to changed the password for john. Therefore, if you want other user than root/kali to have file permissions then you need to have them in the sudoers file. That become useful too in penetration testing because you can look at the sudoers file if you have access and see what user have sudo privileges. Thanks for reading.

To be continued… and next lesson we will look into network commands

Kali Linux
Command Line
Operating Systems
Education

--

--

Koay Yong Cett

Written by Koay Yong Cett

99 Followers

A Bachelor CS student with major in Network Security (UniSZa). Every stories I shared is based on my personal opinion. Thanks you. Having my Internship now.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams