OPS245 Assignment 1: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 18: | Line 18: | ||
**Only meeny, miny, and moe can read files. | **Only meeny, miny, and moe can read files. | ||
**eeny can neither read nor modify any of the files. | **eeny can neither read nor modify any of the files. | ||
*Find '''moe's password''' using John the ripper:<syntaxhighlight lang="bash">time john --format=crypt /etc/shadow</syntaxhighlight> | *Find '''moe's password''' using John the ripper:<syntaxhighlight lang="bash">time john --format=crypt /etc/shadow</syntaxhighlight>If it doesn't work in 5-10 minutes: you either didn't set moe's password correctly. | ||
*The more CPUs your VM has and the longer you wait: the more passwords will be calculated. Wait at least long enough to find moe's and eeny's passwords. If you have to interrupt the command: you can show the passwords it already cracked using this command:<syntaxhighlight lang="bash">john --show /etc/shadow</syntaxhighlight> | *The more CPUs your VM has and the longer you wait: the more passwords will be calculated. Wait at least long enough to find moe's and eeny's passwords. If you have to interrupt the command: you can show the passwords it already cracked using this command:<syntaxhighlight lang="bash">john --show /etc/shadow</syntaxhighlight> | ||
*Add a '''2GB hard drive''' to your VM. | *Add a '''2GB hard drive''' to your VM. |
Revision as of 11:28, 13 February 2023
In this assignment you'll get more practice with the material you've learned in the labs. It's the same type of work but you'll have to figure out how to do things by yourself.
- Set up a new Debian virtual machine, call it asg1 and give it the hostname asg1. Do a minimal installtion, with no GUI. All your assignment will be done in this new virtual machine.
- Install John the Ripper. Note that this package is not available on the Debian DVD1.
- Create three users:
- eeny: a regular user with a simple (bad) password.
- meeny: a regular user with a complex (good) password.
- miny: a regular user with a complex (good) password.
- Create a fourth user named moe with the following properties. Look at the man page for the useradd command to find how to add these settings:
- With the following password pre-hashed (you might call it "encrypted"):
'$6$VmcXfmHyzTid3xhq$iMDhyo6lqysdI9A80CsmM3uQterJF98ZyeoDg4lkKUmvi8kvqm2NEuqKi5ZV.4B48JsVZzT9F6NsqFc1VTvIS1'
- With the home directory /srv/projectplan
- With the following password pre-hashed (you might call it "encrypted"):
- Create a group with the name viewproject.
- Add the users meeny, miny and moe to the viewproject group.
- Download projectplan.tar.bz2 and extract it into /srv/projectplan.
- Change the ownership of all the contents of /srv/projectplan so they are all owned by the user moe and the group viewproject.
- Change the permissions of all the contents of /srv/projectplan so that:
- Only moe can modify the files.
- Only meeny, miny, and moe can read files.
- eeny can neither read nor modify any of the files.
- Find moe's password using John the ripper:If it doesn't work in 5-10 minutes: you either didn't set moe's password correctly.
time john --format=crypt /etc/shadow
- The more CPUs your VM has and the longer you wait: the more passwords will be calculated. Wait at least long enough to find moe's and eeny's passwords. If you have to interrupt the command: you can show the passwords it already cracked using this command:
john --show /etc/shadow
- Add a 2GB hard drive to your VM.
- Add a 3GB hard drive to your VM
- Create two 1GB partitions on your 2GB drive.
- Mount the first partition permanently onto /home/meeny, make sure to move meeny's files to the new storage device.
- Mount the second partition permanently onto /home/miny, make sure to move miny's files to the new storage device.
- Create one 3GB partition on your 3GB drive.
- Mount this partition permanently onto /srv/projectplan, make sure to move moe's files to the new storage device.
Submission
Please submit the following files all compressed into a file named asg1.tar.bz2 (no document or directories, just all the files inside the archive):
- 01-shadow.png: the contents of your
/etc/shadow
file (including the new users). - 02-moe.png: the part of the
/etc/passwd
file that shows your "moe" user. - 03-group.png: the part of the
/etc/group
file that shows your "viewproject" group. - 04-projectplan.png: the output of
ls -lR /srv/projectplan
- 05-john.png: the results of John the Ripper's work.
- 06-blkid.png: the output of the
blkid
command. - 07-mount.png: the output of
mount | grep /sd
- 08-homes.png: the output of
ls -al ~eeny ~meeny ~miny ~moe