1
00:00:00,410 --> 00:00:09,620
‫In Linux systems, the ETSI Shadow files stores, actual passwords in encrypted format, more like the

2
00:00:09,620 --> 00:00:15,350
‫hash of the password for users account with additional properties related to the user password.

3
00:00:16,040 --> 00:00:19,280
‫Basically, it stores secure user account information.

4
00:00:20,310 --> 00:00:23,160
‫All fields are separated by Colin Symbol.

5
00:00:24,030 --> 00:00:33,000
‫And it contains one entry per line for each user listed in the FTC password file, generally shadow

6
00:00:33,000 --> 00:00:35,850
‫file entry looks seen in the slide.

7
00:00:36,980 --> 00:00:42,740
‫So let's see the fields of a typical Linux hash values most probably gathered from the shadow file.

8
00:00:43,670 --> 00:00:48,680
‫Just like in the windows, local hashes fields are separated by colons in the Linux hashes.

9
00:00:49,570 --> 00:00:57,070
‫The first field is username, your login name, the second field is your encrypted password, usually

10
00:00:57,070 --> 00:01:07,690
‫the password format is set to deliver ID $ altie $ hash ID is the algorithm used on going to Linux as

11
00:01:07,690 --> 00:01:08,110
‫followed.

12
00:01:10,030 --> 00:01:12,550
‫Dollar one dollar is empty five.

13
00:01:13,670 --> 00:01:16,490
‫Dollar to a dollar is blobfish.

14
00:01:17,400 --> 00:01:20,460
‫Dollar two, why dollar is blowfish.

15
00:01:21,470 --> 00:01:29,180
‫Dollar five dollar is S.A.G. 256, dollar six dollar is as 512.

16
00:01:30,040 --> 00:01:34,150
‫Now, the third field is the date that the password was last modified.

17
00:01:35,150 --> 00:01:41,180
‫The fourth field is the minimum number of days required between password changes, that is the number

18
00:01:41,180 --> 00:01:45,920
‫of days left before the user is allowed to change his or her password.

19
00:01:46,970 --> 00:01:53,360
‫The fifth field is the maximum number of days a password is valid, after that, the user is forced

20
00:01:53,360 --> 00:01:54,860
‫to change his or her password.

21
00:01:55,720 --> 00:02:02,620
‫The sixth field is the number of days before the password is to expire, that user is warned that his

22
00:02:02,620 --> 00:02:04,120
‫or her password must be changed.

23
00:02:04,930 --> 00:02:08,650
‫Now, there are two more fields in the line which are blank in this example.

24
00:02:09,260 --> 00:02:16,000
‫The seventh field is called inactive, which is the number of days after the password expires that the

25
00:02:16,000 --> 00:02:17,320
‫account is disabled.

26
00:02:18,210 --> 00:02:26,550
‫And the last field is called expire, which indicates the days since one January 1970 that the count

27
00:02:26,550 --> 00:02:27,250
‫is disabled.

28
00:02:27,630 --> 00:02:32,970
‫That is an absolute date specifying when the log in may no longer be used.