Monday, January 14, 2013

Adding an unprivileged user in Backtrack



backtrack, linux, hacking, tutorial, pentest, penetration testing, pc, wpa, wpa2, cracking, password attack, metasploit, meterpreter, windows

Now that you have installed you Backtrack distribution, and changed your default password from "too" to that of your choice, another security measure is also waiting for us.
The "root" account in Backtrack as is the case with Linux distribution is the most privileged account. It gives you the privilege of doing anything you like without asking for any confirmation, simply because the system supposes that you are completely aware of every single step you make.
It's good not having a annoying girlfriend or wife bothering you every time with those useless  questions and nagging !!! However, cautions are very useful sometimes. It is better to think twice or have two different points of view before proceeding ;-) As a non-professional user of a Linux system, you may break things in the system and ending up reinstalling the system again and again, and this is what makes so many Linux users resign and resolve to their easy to use windows systems, why simply getting all this trouble they may say !!!!
They simply don't know that one has to be a professional Linux user in order to run the system as a "root" user, so if you don't want to damage your system or loose important data, you have to create a non privileged user in Backtrack,as such even you mishandle things in that account, these changes will not affect the "root" account in any way even if your machine got pawned by a hacker !!
We talked a lot i think, so let's move to practical things here with this video tutorial:





Commands used in the video:

* root@bt:~# adduser kiko
change "kiko to the name of your choice
type the specific password for the user you created, & retype it again.
You can fill in all the rest of the fields, or just skipping them by pressing "enter", then type "y" to confirm.

* root@bt:~# visudo
Now that you have added your new user account, you would not like to switch to "root' to do every small task !! So we will allow the usage of "sudo" command for the new created user. We need to add the user to "sudoers" list, and this is simply what "visudo" command does.
Once you type it, a "nano" config file will be displayed for you:





backtrack, linux, hacking, tutorial, pentest, penetration testing, pc, wpa, wpa2, cracking, password attack, metasploit, meterpreter, windows



Go to the end of the screen and look for the following line: %admin ALL=(ALL) ALL



backtrack, linux, hacking, tutorial, pentest, penetration testing, pc, wpa, wpa2, cracking, password attack, metasploit, meterpreter, windows





After this add a line same as the above but replace "admin" with the username you created. The example in the video is:    %kiko ALL=(ALL) ALL

Now you will be able able to use the "sudo" command without having to switch bach back to the "rrot" account to do a specific task. If you you want to install vlc for example, you will have to type

root@bt:~#sudo apt-get install vlc


Important !!! After you finish editing the file, hit "ctrl+O" to save the file, then hit "ctrl+X" to exit.

0 commentaires: