Passswd & shaddow
Weak File Permissions - Readable /etc/shadow
View the contents of the /etc/shadow file
User's password hash (if they have one) can be found between the first and second colons (:) Login as rootWeak File Permissions - Writable /etc/shadow
Generate a new password hash with a password of your choice:
Edit the /etc/shadow file and replace the original root user's password hash with the one you just generated.Login as root
Weak File Permissions - Writable /etc/passwd
The /etc/passwd file contains information about user accounts. It is world-readable, but usually only writable by the root user. Historically, the /etc/passwd file contained user password hashes, and some versions of Linux will still allow password hashes to be stored there.
Generate a new password hash with a password of your choice
Edit the /etc/passwd file and place the generated password hash between the first and second colon (:) of the root user's row (replacing the "x")Login as root