Exploit Notes

Linux User & File Management

Last modified: 2023-01-20


User Management

# List all users
cat /etc/passwd
cat /etc/shadow

# Add users
useradd <new-user>
useradd <new-user> -p <new-password>

# Delete users
deluser <user>

# Set passwords - stored in "/etc/shadow"
passwd <user>

Allow Users to Run Commands as Root Privilege

Add users to the “sudo” group.

usermod -a -G sudo <user>

# Check the permissions
su <user>
sudo -l

Group Management

# List all groups
cat /etc/group
# List groups where the specific user in
groups <user>

# Create a new group
groupadd <new-group>

# Delete a group
groupdel <group>

# Add an user to a group
# -a: append the user to the specific group
# -G: group
usermod -a -G <group> <user>

# Change the user's primary group
# -g: gid
usermod -g <group> <user>

File Management

Change Owners of Files/Directories

# User only
chown <user> <file-name>
chown <user> <dir-name>
# -R: Recursive
chown <user> -R <dir-name>

# Group only
chown :<group> <file-name>
chown :<group> <dir-name>

# User and group
chown <user>:<group> <file-name>
chown <user>:<group> <dir-name>

Change Permissions of Files/Directories

# read+write+execute for an owner
chmod 700 sample.txt
chmod u+rwx sample.txt
# read+write+execute for a group
chmod 070 sample.txt
chmod g+rwx sample.txt
# read+write+execute for other users
chmod 007 sample.txt
chmod o+rwx sample.txt
# read+write+execute for all users
chmod 777 sample.txt
chmod a+rwx sample.txt

# read+write for an owner
chmod 600 sample.txt

SUID/GUID of Files/Directories

# SUID for an owner
chmod u+s sample.txt

# GUID for a group
chmod g+s sample.txt

Tools by HDKS


Automatic web fuzzer.


Auto reconnaissance CLI.

Hash Cracker

Hash identifier.