O que é o comando 'add user'?

O comando 'add user' é utilizado para criar uma nova conta de usuário no sistema Linux.

Qual a diferença entre 'add user' e 'user add'?

Ambos os comandos criam usuários, mas 'add user' é mais interativo e configura mais opções automaticamente, enquanto 'user add' é mais simples e não configura detalhes como senha.

O que é o comando 'sudo'?

O comando 'sudo' permite que um usuário execute comandos com permissões de superusuário, essencialmente dando acesso temporário a privilégios elevados.

Como posso ver todos os usuários no sistema?

Você pode ver todos os usuários no sistema usando o comando 'cat /etc/passwd'.

O que é o arquivo sudoers?

O arquivo sudoers define quais usuários têm permissão para usar o comando sudo e quais comandos eles podem executar.

Como adicionar um usuário a um grupo?

Você pode adicionar um usuário a um grupo usando o comando 'usermod -aG nome_do_grupo nome_do_usuario'.

O que faz o comando 'userdel'?

O comando 'userdel' é usado para deletar uma conta de usuário do sistema.

Como criar um grupo no Linux?

Você pode criar um grupo usando o comando 'groupadd nome_do_grupo'.

O que é o comando 'gpasswd'?

O comando 'gpasswd' é usado para adicionar ou remover usuários de grupos.

Como posso verificar a qual grupo um usuário pertence?

Você pode verificar a quais grupos um usuário pertence usando o comando 'groups nome_do_usuario'.

sudo = POWER!! (managing users in Linux) // Linux for Hackers // EP4

00:28:19

https://www.youtube.com/watch?v=jwnvKOjmtEA

Summary

TLDRO vídeo ensina sobre a gestão de usuários no Linux, abordando a criação, modificação e exclusão de contas de usuários e grupos. O apresentador utiliza uma narrativa divertida, fazendo referências aos Vingadores e Thanos, para explicar conceitos como o comando sudo, o arquivo sudoers e a importância de permissões de usuário. Os espectadores são incentivados a praticar em um laboratório Linux gratuito oferecido pelo Hack The Box Academy, onde podem aplicar o que aprenderam. O vídeo é uma introdução essencial para quem deseja se aprofundar em Linux e hacking.

Takeaways

🖥️ Aprenda a criar e gerenciar usuários no Linux.
🔑 Entenda a diferença entre 'add user' e 'user add'.
⚡ Descubra como usar o comando sudo para permissões elevadas.
📂 Veja como listar todos os usuários do sistema.
📝 Conheça o arquivo sudoers e sua importância.
👥 Aprenda a adicionar usuários a grupos.
❌ Saiba como deletar contas de usuários.
👥 Crie grupos no Linux facilmente.
🔄 Use 'gpasswd' para gerenciar grupos.
🔍 Verifique a quais grupos um usuário pertence.

Timeline

00:00:00 - 00:05:00
Neste vídeo, o apresentador introduz a gestão de usuários no Linux, enfatizando sua importância para quem deseja se tornar um hacker ou trabalhar com Linux. Ele menciona que o episódio 4 abordará a criação, exclusão e modificação de contas de usuários, além de grupos e permissões, utilizando o comando sudo para obter privilégios elevados.
00:05:00 - 00:10:00
O apresentador orienta os espectadores a acessarem um laboratório Linux gratuito oferecido pela Hack The Box Academy, onde podem praticar a gestão de usuários. Ele demonstra como iniciar o laboratório e como verificar a identidade do usuário atual no sistema usando o comando 'who am i'.
00:10:00 - 00:15:00
O vídeo prossegue com a criação de um novo usuário, Thor, utilizando o comando 'add user'. O apresentador explica a diferença entre 'add user' e 'user add', destacando que o primeiro é mais interativo. Ele também menciona a importância do usuário root e como usar o sudo para obter permissões elevadas.
00:15:00 - 00:20:00
Após criar Thor, o apresentador mostra como visualizar todos os usuários do sistema através do arquivo '/etc/passwd'. Ele explica a estrutura desse arquivo e a importância do arquivo '/etc/shadow' para armazenar senhas de forma segura. O apresentador também demonstra como adicionar mais usuários, como Iron Man, e a diferença entre os comandos 'add user' e 'user add'.
00:20:00 - 00:28:19
O vídeo conclui com a criação de grupos e a adição de usuários a esses grupos, explicando como o comando 'sudo' permite que os usuários executem tarefas administrativas. O apresentador enfatiza a importância de gerenciar usuários e grupos no Linux, destacando que essas habilidades são essenciais para qualquer um que deseje trabalhar com o sistema.

Mind Map

Video Q&A

O que é o comando 'add user'?
O comando 'add user' é utilizado para criar uma nova conta de usuário no sistema Linux.
Qual a diferença entre 'add user' e 'user add'?
Ambos os comandos criam usuários, mas 'add user' é mais interativo e configura mais opções automaticamente, enquanto 'user add' é mais simples e não configura detalhes como senha.
O que é o comando 'sudo'?
O comando 'sudo' permite que um usuário execute comandos com permissões de superusuário, essencialmente dando acesso temporário a privilégios elevados.
Como posso ver todos os usuários no sistema?
Você pode ver todos os usuários no sistema usando o comando 'cat /etc/passwd'.
O que é o arquivo sudoers?
O arquivo sudoers define quais usuários têm permissão para usar o comando sudo e quais comandos eles podem executar.
Como adicionar um usuário a um grupo?
Você pode adicionar um usuário a um grupo usando o comando 'usermod -aG nome_do_grupo nome_do_usuario'.
O que faz o comando 'userdel'?
O comando 'userdel' é usado para deletar uma conta de usuário do sistema.
Como criar um grupo no Linux?
Você pode criar um grupo usando o comando 'groupadd nome_do_grupo'.
O que é o comando 'gpasswd'?
O comando 'gpasswd' é usado para adicionar ou remover usuários de grupos.
Como posso verificar a qual grupo um usuário pertence?
Você pode verificar a quais grupos um usuário pertence usando o comando 'groups nome_do_usuario'.

View more video summaries

Get instant access to free YouTube video summaries powered by AI!

Subtitles

Auto Scroll:

00:00:00
managing users in linux this is
00:00:02
essential you got to know this if you
00:00:03
want to get into linux or become a
00:00:04
hacker or do anything
00:00:06
don't skip this so assemble the avengers
00:00:08
we gotta stop thanos
00:00:14
what
00:00:18
welcome to linux for hackers and
00:00:20
everyone because everyone
00:00:22
needs to learn linux this is episode 4
00:00:24
and you don't want to miss this when
00:00:25
we're talking about user management user
00:00:27
accounts and linux and we're pretty much
00:00:29
going to cover everything from creating
00:00:30
users deleting them changing them
00:00:32
creating groups deleting those putting
00:00:34
on the infinity gauntlet and giving
00:00:35
yourself super godlike permissions
00:00:37
which is also known as sudo or the
00:00:39
sudoer's file we'll cover all that
00:00:41
and yeah we're gonna assemble the
00:00:42
avengers and stop thanos we're going to
00:00:44
save the world and when i say we i mean
00:00:46
we because you're going to do this with
00:00:47
me you're getting a free
00:00:48
linux lab right here in this video check
00:00:50
the link in the description thanks to
00:00:52
our sponsor
00:00:52
hack the box academy it's seriously
00:00:54
amazing free to sign up
00:00:55
hack the box academy is basically a
00:00:57
trading ground for hackers
00:00:59
good hackers mind you so if you want to
00:01:00
follow along with me learn how to manage
00:01:02
users in linux and save the world
00:01:04
then click the link below get signed up
00:01:05
for free and you'll have a linux
00:01:07
lab right here in your browser and then
00:01:09
of course whatever else you want to
00:01:10
learn regarding hacking it's there so
00:01:12
check that out too also hack the box
00:01:13
academy now has a student subscription
00:01:15
and you get cpe credits for completing
00:01:18
tier 1 modules or above
00:01:20
kind of killer check it out link below
00:01:22
to learn more have you hacked the
00:01:23
youtube algorithm today let's make sure
00:01:25
you do hit that like button subscribe
00:01:26
comment
00:01:27
notification bell let's hack youtube
00:01:28
today ethically of course
00:01:30
anyways no time to waste get your
00:01:32
stinking coffee let's do this
00:01:35
right now okay here we go we're going to
00:01:37
learn nearly everything you need to know
00:01:38
about managing users and linux
00:01:40
and we're gonna have a bit of fun with
00:01:42
it too so get your copy and let's go
00:01:44
now first we gotta launch our lab our
00:01:46
free linux lab from hack the box academy
00:01:49
so go ahead and navigate out there
00:01:50
hack the blogs account of me they are
00:01:52
our sponsor and they're amazing it's
00:01:54
completely free if you haven't already
00:01:55
signed up we'll get signed up i've got a
00:01:56
video walking you through that right
00:01:58
here
00:01:58
so log in to hack the box academy go and
00:02:00
click on the linux fundamentals course
00:02:01
to get started go ahead and open up the
00:02:03
user management module right here and
00:02:05
then to launch our free amazing phone
00:02:06
box our lab
00:02:08
scroll about halfway down and click on
00:02:09
start instance and it's going to start
00:02:11
quick coffee break just a little sip and
00:02:14
it is ready go ahead and click on
00:02:15
interact to uh
00:02:17
interact with it and i've said it before
00:02:18
this is amazing it's your free linux lab
00:02:20
in your browser that you can mess with
00:02:22
and break things and
00:02:23
let's do this okay let's talk about
00:02:25
users every computer system has a user
00:02:28
including linux and you know what you're
00:02:30
a user
00:02:32
to be able to log into the server this
00:02:34
linux box and do anything you have to be
00:02:36
a user on the system which user are you
00:02:38
let's see in a previous video we showed
00:02:40
this already so let's go ahead and
00:02:41
launch our terminal
00:02:42
our green or yellow box up at the top
00:02:44
here this is launching our shell
00:02:46
if you don't know what that is we'll go
00:02:47
back to the last video and watch that
00:02:48
one we talk all about it to quickly see
00:02:50
who you are you simply type in who
00:02:52
am i and there you are your user account
00:02:55
and you as user 86527 can log into this
00:02:58
linux machine
00:02:58
and do stuff you can launch programs
00:03:00
play games hack
00:03:01
create things delete things if you have
00:03:03
the right permissions we'll cover that
00:03:04
here in a moment
00:03:05
you you can do a lot of stuff as a user
00:03:07
of the system but not all users are the
00:03:09
same now hey
00:03:10
i've got some bad news we're under
00:03:12
attack our system our linux
00:03:14
box here we're being attacked by
00:03:17
thanos that's his name right the bad guy
00:03:19
from avengers yes thanos he's attacking
00:03:21
us
00:03:21
bad guy thanos is gonna snap his fingers
00:03:23
and destroy all our user accounts and we
00:03:24
won't be able to have fun on linux
00:03:26
anymore
00:03:26
we have to stop him but how do we do
00:03:28
that avengers assemble we need the
00:03:30
avengers right let's call them do they
00:03:32
have like a bat signal i don't know how
00:03:33
you call them
00:03:34
they just know they need help right or
00:03:35
that we need help but they're not in our
00:03:37
system right now we have to create these
00:03:38
user accounts to come and stop thanos
00:03:40
before he
00:03:41
snaps anyways let's start by adding the
00:03:44
avengers to our system
00:03:45
let's start with thor he's my favorite
00:03:47
so the command will be
00:03:49
add user thor and honestly it's that
00:03:52
simple that's all we need
00:03:53
the command add user will obviously add
00:03:55
a user but it's not the only one that
00:03:57
does this by the way just so you know
00:03:59
there's add user and then confusingly
00:04:01
there's another one called
00:04:02
user add which they do both add a user
00:04:06
but this command right here is a little
00:04:07
lazy
00:04:08
he doesn't do as much whereas this
00:04:09
command will do a lot i'll show you the
00:04:11
difference here real quick we'll bring
00:04:12
in our other avengers
00:04:13
anyways let's add thor real quick now
00:04:14
i'm going to hit enter but it's not
00:04:16
going to work
00:04:17
watch only root may add a user a group
00:04:19
to the system now what is a root
00:04:21
i mean root's another user on the system
00:04:23
if you watched our previous videos in
00:04:24
the series you would know all about root
00:04:26
not groot
00:04:27
root but we're going to temporarily
00:04:28
borrow some power from the root which
00:04:30
he's also known as the super user um so
00:04:33
what we're going to do here is hit the
00:04:34
up arrow to get our command back in
00:04:35
there add user thor we're going to go to
00:04:37
the beginning of our command
00:04:38
and type in sudo or it's also often
00:04:41
pronounced soo do but it's spelt sudo so
00:04:43
i want to say that
00:04:44
this is kind of like saying please in
00:04:45
linux please do this i'm getting super
00:04:47
powers to do this
00:04:48
again i'll explain more about that here
00:04:50
in a moment but anyways this is gonna
00:04:51
work
00:04:52
okay cool we got a fun prompt here let's
00:04:54
put a password in for thor i'm gonna say
00:04:56
hammer type it in again hammer full name
00:04:58
i think it's just thor
00:05:00
it'll ask you for all this random
00:05:01
information you don't have to put it all
00:05:02
in just enter enter enter
00:05:03
is it correct sure and thor's created he
00:05:05
is now a user on the system but how do
00:05:08
we know that where
00:05:09
is he well to find out what users are on
00:05:12
your system there's one simple place to
00:05:13
look
00:05:13
i'm going to clear my screen real quick
00:05:15
by typing in clear or i can just do
00:05:16
control
00:05:17
l whoo nice and clean there's a file in
00:05:19
the system that has a list of every user
00:05:20
on this
00:05:21
box or this system we're going to use
00:05:23
the command cat which we learned before
00:05:25
we're going to cat the forward slash
00:05:27
etsy forward slash pass
00:05:28
wd when we do that here's what happens
00:05:31
boom bunch of users on our system i bet
00:05:33
you're surprised like where all these
00:05:35
users come from i mean the first two we
00:05:36
recognize right i mean the last two
00:05:38
uh this one right here is us user blah
00:05:40
blah
00:05:41
and then thor the one we just created
00:05:42
there he is all these other entries are
00:05:44
indeed
00:05:45
user accounts on this system and they do
00:05:47
serve a purpose a lot of these you can't
00:05:48
log in
00:05:49
with like right here it says no login on
00:05:51
this account they do serve a purpose not
00:05:53
the topic for another video anyways now
00:05:55
real quick
00:05:55
what does all this right here mean it's
00:05:58
kind of gobbledygook right i mean the
00:05:59
first bit we understand what it is the
00:06:01
username
00:06:02
thor and user blah blah blah but what's
00:06:04
all the stuff after it well just after
00:06:06
the username we have
00:06:07
just an x sitting there all by himself
00:06:09
in fact you'll see this on pretty much
00:06:10
every user account appear
00:06:12
x max and what the x indicates is that
00:06:14
your password is stored in a separate
00:06:16
file called the
00:06:17
shadow file more specifically it's in a
00:06:19
place called etsy
00:06:21
shadow in linux we store our passwords
00:06:23
in the shadows where they're hidden you
00:06:25
can't see them but for real
00:06:26
if we go to it real quick we can
00:06:27
actually look at it let's do cat
00:06:29
etc etsy shadow oh permission deny we
00:06:32
need some
00:06:33
listen please sudo there we go and right
00:06:35
here next to the username thor we have
00:06:37
his password which that's actually not
00:06:38
his password
00:06:39
that's the hashed version topic for
00:06:41
another time anyways now just after x we
00:06:43
have two numbers
00:06:44
and they're the same we have one
00:06:45
thousand one and one thousand one what
00:06:48
are those
00:06:48
well those are his ids the first one is
00:06:52
his user id or a uid it's a number
00:06:55
which you can obviously see it's 1001.
00:06:57
the second one is his
00:06:59
group id we'll cover groups here in a
00:07:00
second but just know that when we create
00:07:02
a user in linux
00:07:03
we both create a user and a group for
00:07:06
that user so we have a username named
00:07:07
thor
00:07:08
we also have a group named thor and the
00:07:10
member of that group
00:07:11
is thor and then after that we got some
00:07:13
like random filler stuff like his name
00:07:15
and comments and stuff
00:07:16
and then after that we have his home
00:07:19
directory where he gives his hammer and
00:07:21
his
00:07:21
chest plate i don't know what thor has
00:07:23
his hair ties for thor his home
00:07:25
directory is in
00:07:26
the same place that a lot of people's
00:07:27
home directories are home
00:07:30
and then a directory called thor we'll
00:07:32
look at that here in a moment and then
00:07:33
just after that
00:07:34
we have his default shell when thor logs
00:07:37
into the system
00:07:37
what shell is he going to be given again
00:07:39
if you don't know what i'm talking about
00:07:40
go look at our previous video
00:07:42
but by default when we created his user
00:07:44
account with the add user command
00:07:46
it's going to be bash so that is what
00:07:48
all that gobbledygook means now let me
00:07:49
show you what the user add command does
00:07:51
our
00:07:52
alternative command which is kind of
00:07:54
weird so we have thor he's pretty
00:07:56
awesome but we need some extra help
00:07:57
i think we need iron man yeah yeah let's
00:07:59
get iron man in here so we'll do sudo
00:08:01
and instead of add user we're gonna
00:08:03
we're gonna do user
00:08:05
add and same as before we'll just type
00:08:07
in the user name iron man
00:08:09
and watch what happens here it is
00:08:11
different it's simple
00:08:13
that's it so remember add user like asks
00:08:16
hey put in his password
00:08:17
uh what's his first name last name
00:08:19
what's social security number
00:08:21
favorite flavor ice cream like all that
00:08:22
stuff this one just says
00:08:24
okay you're like uh what else
00:08:27
what do i do now that's what i meant by
00:08:29
saying that command is lazy because he
00:08:30
doesn't do anything but just say okay
00:08:32
yeah here's a user account i'm not gonna
00:08:33
do anything else like
00:08:34
set the password for you like you can do
00:08:36
that yourself um and i'll show you how
00:08:37
to do that here in a second but right
00:08:38
now
00:08:39
iron man is created but you can't really
00:08:40
do much with him so if we cat our
00:08:42
password file again to see what user
00:08:44
accounts we have in our system cat
00:08:45
slash etsy pass wd he's there iron man
00:08:49
is shown up
00:08:49
but there's a few things missing now for
00:08:51
example he has the x there saying that
00:08:53
his password's in the shadow file but is
00:08:54
it really because we didn't set a
00:08:55
password did we also notice here that
00:08:58
um his default shell is different it's
00:09:00
sh for
00:09:01
shell instead of bash so real quick i
00:09:03
want to take a look at the shadow file
00:09:05
to see if the stuff is there
00:09:06
that's interesting you can see that he
00:09:08
does have
00:09:09
an entry in the shadow file but it
00:09:11
doesn't seem to be a password
00:09:12
and i don't think it is but we can set
00:09:14
this password real quick command to set
00:09:16
a password for someone or change a
00:09:17
password for any username
00:09:18
is going to be password without the o-r
00:09:22
i'll show you so we'll we'll need super
00:09:24
powers sudo command is p-a-s-s-w-d
00:09:28
and then the user name so i'll type in
00:09:30
iron man and now we can set his password
00:09:32
jarvis there we go he's got a legit hash
00:09:34
there so we know it's working now one
00:09:36
thing the ad user command did not do for
00:09:37
iron man is it did not give him a home
00:09:39
he doesn't have a house right now he
00:09:40
doesn't have a home directory if i
00:09:41
navigate to the home directory well all
00:09:42
the
00:09:43
user directories live i go cd forward
00:09:45
slash home
00:09:46
and i type in ls i can see there are two
00:09:48
directories there for thor and then for
00:09:50
me
00:09:51
but iron man he doesn't have a home dude
00:09:53
and that's one downside of using the
00:09:55
user ad command
00:09:56
is again he's lazy he doesn't do this
00:09:57
kind of stuff if i jump into the thor
00:09:59
directory by doing cd
00:10:01
thor and then lsing his contents
00:10:04
yeah he's got a desktop he's got
00:10:05
templates if i do ls
00:10:07
dash al to reveal the hidden files he's
00:10:10
got a bunch of stuff going on in there
00:10:11
which we're not going to get into right
00:10:13
now i mean it is important but right now
00:10:14
we got to save the world
00:10:15
thor is here and he's coming clear our
00:10:17
screen now if we cap the password file
00:10:19
again
00:10:20
etsy pass wd i'm super annoyed that iron
00:10:23
man's
00:10:24
default shell is not the same as
00:10:25
everyone else's it's just sh
00:10:27
let's make sure it is bash we can modify
00:10:29
user account new command time are you
00:10:31
ready the command is
00:10:32
user mod which stands for user
00:10:34
modification and as you might expect it
00:10:36
will modify a user account now there are
00:10:38
a ton of things we can change if you do
00:10:40
dash h for help to see like what can i
00:10:42
do with this it'll tell you
00:10:44
a lot of stuff and i'm not going to
00:10:46
cover everything right now that take
00:10:47
forever and
00:10:48
thanos is here so i'll do sudo because
00:10:50
we will need special permissions
00:10:52
user mod and let's say i want to change
00:10:53
that shell for iron man
00:10:55
i'll do iron man say that's who i want
00:10:57
to change it for
00:10:58
dash dash shell and i'll say ben
00:11:02
bash done and if we cap the user or the
00:11:05
cat the password file once more welcome
00:11:07
iron man you now are using bash just
00:11:09
like everyone else
00:11:09
and we can change other things too like
00:11:11
maybe his name like sometimes iron man
00:11:13
isn't iron man sometimes he's tony stark
00:11:15
so if we do sudo user mod once more
00:11:18
we'll use the switch
00:11:19
dash l and then we'll put in the new
00:11:22
information
00:11:23
tony stark that's his new username and
00:11:25
then the old one
00:11:26
iron man done so if i cat the password
00:11:30
file once more
00:11:30
huh he's tony stark now but we don't
00:11:32
need tony stark right now we need iron
00:11:33
man let's change it back
00:11:35
okay better okay here we go now again
00:11:37
thanos is here and we need more than
00:11:38
just two avengers
00:11:40
avengers assemble let's create more
00:11:42
right now real quick
00:11:43
fast and that is where the user add
00:11:45
command comes in handy because you can
00:11:46
add things really quickly enough to go
00:11:47
through a menu every single time so
00:11:49
we'll just do it real quick
00:11:50
and we also have switches to help us
00:11:51
with that if i do user add dash h
00:11:53
we can do a lot of the stuff that the
00:11:55
add user command does just in one line
00:11:57
so i'll do user add let's bring in
00:12:01
hulk and i'll do a dash m which dash m
00:12:04
will actually create a home directory
00:12:05
form so whereas iron man didn't get one
00:12:07
by default i almost forgot we need
00:12:09
superhero permissions there we go let's
00:12:11
get spider-man in here
00:12:13
loki why not oh we can't forget captain
00:12:15
america
00:12:16
and i suppose we'll need doctor strange
00:12:18
i don't like that movie that much
00:12:19
didn't like it at all wasn't a fan but
00:12:21
he kind of played a key role so we'll
00:12:22
put him in here
00:12:23
so now we have some avengers if i do uh
00:12:26
cat
00:12:27
etsy password file boom
00:12:31
we got them they're here if you've seen
00:12:33
the movies you know it doesn't go
00:12:35
great at first thanos does get the power
00:12:37
he gets the
00:12:38
the gauntlet or what is it called ah
00:12:40
okay the infinity gauntlet almost forgot
00:12:42
actually i did forget i had to look it
00:12:43
up thanos has the power and he does
00:12:46
flick his fingers or snaps fingers and
00:12:48
do some bad stuff
00:12:50
now i'm gonna add the user account
00:12:52
thanos
00:12:53
we're bringing him in he's there i'm
00:12:55
going to set his password real quick
00:12:57
password inevitable let's see if he's
00:13:00
here yep there's thanos
00:13:01
now here in linux the infinity gauntlet
00:13:03
that gives you super
00:13:04
awesome powers and has all the stones
00:13:06
and you can flick your fingers and
00:13:07
everyone disappears
00:13:09
in linux that's definitely the pseudo
00:13:11
command
00:13:12
or pseudo we haven't really dived into
00:13:14
that deeply just yet
00:13:16
but right now we are it's a command we
00:13:17
use all the time it stands for
00:13:20
super user do essentially every time we
00:13:22
use that command it's like we're
00:13:23
slipping on the infinity gauntlet
00:13:24
the super powerful glove and this is the
00:13:26
worst glove you'll ever see we slip that
00:13:28
glove on and for one moment
00:13:30
we have powers to do whatever we frickin
00:13:31
want so the sudo command or the sudo
00:13:33
command
00:13:34
were able to grab the powers of the
00:13:36
super user the root user
00:13:37
and use them for that command now the
00:13:40
super user in the system
00:13:41
which is the root user he's the boss he
00:13:43
can do whatever stinking wants on linux
00:13:45
he can change all the settings
00:13:46
he can delete all the settings he can
00:13:48
ruin everything delete half your stuff
00:13:50
rmrf man that's what thanos is gonna do
00:13:54
and if you can use the pseudo command to
00:13:55
impersonate him just for a moment
00:13:57
that's a pretty stinking powerful
00:13:59
command it's a command that you don't
00:14:00
want to just give to anyone you want to
00:14:02
restrict that access and by default it
00:14:04
is pretty restricted
00:14:05
now you can see that right now we've
00:14:07
been using sudo all day
00:14:08
we have the infinity gauntlet we can put
00:14:10
that sucker on and use it whenever we
00:14:11
want to
00:14:12
but not everyone can use it for example
00:14:14
iron man he can't use it we can actually
00:14:16
pretend to be iron man real quick
00:14:17
new command time you ready the command
00:14:19
is s u
00:14:20
s u allows us to impersonate another
00:14:22
user we're actually switching
00:14:24
users we're becoming this user so let's
00:14:26
become iron man
00:14:27
i've always wanted to be iron man let's
00:14:29
do this so again the command is su
00:14:31
we'll do a space a dash or a tick space
00:14:33
and then the username of who we want to
00:14:34
switch into
00:14:35
now real quick by default if you don't
00:14:37
put anything here just
00:14:38
su space dash it's going to switch you
00:14:41
to the root user
00:14:42
which we can do like watch and i don't
00:14:44
know the root password
00:14:46
um actually but we can do this we can
00:14:49
put our gauntlet on
00:14:50
put the affinity gauntlet on sudo su
00:14:54
space dash i just became the root user i
00:14:57
just became the infinity gauntlet which
00:14:58
is kind of weird
00:14:59
you never want to become the infinity
00:15:00
gauntlet never log in as root that's why
00:15:02
we have sudo so i'm going to hit ctrl
00:15:04
d or we can just type in exit or
00:15:07
log out either of any of those so i'll
00:15:10
just do ctrl d
00:15:11
to become myself again but anyways back
00:15:13
to becoming iron man so i'll do su
00:15:14
space dash iron man now doing this
00:15:18
without the gauntlet on i will have to
00:15:20
know iron man's password this goes for
00:15:22
any time you use the su command but if i
00:15:24
were to use sudo
00:15:25
and put my gauntlet back on i don't have
00:15:27
to put a password in but anyways
00:15:29
i'll become iron man put his password in
00:15:31
jarvis
00:15:32
i'm iron man now iron man is pretty
00:15:34
powerful but he cannot use a pseudo
00:15:35
command let's try it real quick
00:15:37
i'll do sudo and i'll try to add a user
00:15:39
user add
00:15:40
let's try to bring in pepper potts his
00:15:42
wife right yeah wife
00:15:43
that's gonna ask for a pseudo password
00:15:45
okay just type in jarvis
00:15:47
things are looking pretty good right no
00:15:49
we're in trouble
00:15:50
you're not in the sudoers file this
00:15:52
incident will be reported you're like
00:15:54
you're grounded iron man you can't do
00:15:56
this i do love that we're talking about
00:15:57
marvel and we have this spider-man line
00:15:59
that comes in
00:16:00
anyways that's an overused line anyway
00:16:02
um so real quick
00:16:03
what is this right here the sue doers
00:16:06
file which is a very very awkward phrase
00:16:09
basically this file the sudor's file
00:16:11
defines
00:16:12
who can use sudo who can wear the
00:16:14
gauntlet right now iron man
00:16:16
is not in that file so we can't put it
00:16:18
on so what do you say we go take a look
00:16:19
at that file i know you're itching to so
00:16:20
let's do it real quick now the scooters
00:16:22
file is a very important file that you
00:16:23
don't want to jack up
00:16:24
and you can jack it up you can ruin your
00:16:26
entire system by
00:16:27
messing up the scenarios file but there
00:16:29
are some checks in place to keep you
00:16:30
safe now normally in linux
00:16:31
to edit a file you might just use your
00:16:33
default text editor right the one you
00:16:35
love like we might use
00:16:36
nano or them but with a suitor's file
00:16:39
the best practice is to do but with the
00:16:40
scooter
00:16:41
but with these two doors file there's a
00:16:42
certain way we have to do it now we will
00:16:44
have to use sudo to do this so i'm going
00:16:45
to stop being iron man for a second i'm
00:16:47
going to
00:16:48
ctrl d to log out of iron man okay i'm
00:16:50
me again the command will be sudo
00:16:52
and then right after that it'll be vi
00:16:56
sudo this is the only best practice
00:16:58
recommended way to
00:16:59
edit the sudoers file so let's uh get in
00:17:02
there and take a look and it's not a
00:17:03
crazy big file either it's kind of
00:17:05
simple in a way so i'll hit enter
00:17:07
and we're in and then i'll scroll down
00:17:08
through this document to
00:17:10
about here right here is where we're
00:17:12
able to see who's got permission to do
00:17:14
what obviously root can use sudo and
00:17:16
i'll explain what all this means here in
00:17:18
a moment and then down here in this
00:17:19
section we have allowed members of a
00:17:20
group
00:17:21
pseudo access or pseudo to execute any
00:17:23
command and then just below that we have
00:17:25
something else we have a percent sign
00:17:26
and then
00:17:27
pseudo this actually is a group and if
00:17:29
you're a member of this group the sudo
00:17:31
group
00:17:32
well you can do all this and what this
00:17:34
actually means is you can enter
00:17:35
any command at all and you don't have to
00:17:37
enter
00:17:39
a password which is pretty dangerous
00:17:40
kind of risky but
00:17:42
it's okay so if you're in this file
00:17:45
you have the power and thanos does have
00:17:47
the power let's go ahead and add thanos
00:17:48
real quick
00:17:49
we'll pretend he's already in there so
00:17:51
just under root i'm going to add thanos
00:17:53
so we'll start with the username which
00:17:54
is
00:17:55
thanos the first option here is what
00:17:57
systems
00:17:58
can thanos have ultimate power on well
00:18:01
it's the infinity gauntlet
00:18:02
all systems and this would be if they're
00:18:04
like multi-system situations but
00:18:06
and then i'll do a space equals not plus
00:18:09
sign
00:18:09
equals all and that all stands for all
00:18:13
commands now if you want to just give
00:18:15
thanos options to do one thing like
00:18:16
maybe add a user we might do forward
00:18:18
slash
00:18:19
sbn forward slash user add giving him
00:18:22
access to that one command
00:18:24
we don't want to do that thanos has all
00:18:26
power
00:18:27
oh and that's all we need i'm going to
00:18:29
hit control
00:18:30
x to say i want out of here don't want
00:18:32
to save it hit y
00:18:33
hit enter to write it to that file and
00:18:36
thanos is there
00:18:37
he's got the gauntlet on he can do
00:18:38
whatever he wants let's see if he can
00:18:40
we're going to become thanos for a
00:18:41
second so i'll do sudo
00:18:44
su space dash space thanos
00:18:47
we're thanos right now so let's do sudo
00:18:49
user ad what's another bad guy he uses
00:18:51
oh yeah his daughter nebulous little
00:18:53
spring nebula in here the stanos have
00:18:55
access let's see
00:18:57
what's his password inevitable yep
00:19:00
it did it worked so let's cap the uh
00:19:03
password file yep there's nebula
00:19:05
so thanos has ultimate power he's got
00:19:07
the gauntlet on
00:19:08
and crap he's about to snap you ready
00:19:11
he's going to delete half the
00:19:12
population in our case half the avengers
00:19:14
we have here to delete a user
00:19:16
new new command time it's terrible but
00:19:19
new command time coffee break
00:19:22
okay i'm ready sudo user
00:19:25
del or user delete as you might expect
00:19:28
this command will
00:19:29
delete a user and we'll take out thor
00:19:32
thor is gone if we catch the password
00:19:35
file
00:19:36
thor he's gone pseudo user delete
00:19:39
spider-man gone bye doctor strange
00:19:43
gone and just like that with a snap of
00:19:44
his fingers we're down to
00:19:46
hulk loki and captain america oh and
00:19:49
iron man two there he is
00:19:50
and just when it seems hopeless just
00:19:52
when it seems all is lost the avengers
00:19:54
have a plan ant-man comes in somehow
00:19:56
quantum stuff anyways we need the
00:19:57
gauntlet we need pseudo access to be
00:19:59
able to
00:20:00
bring captain america back and all the
00:20:01
other people got got deleted so let's do
00:20:03
this right now so
00:20:04
we're gonna explore a new concept we're
00:20:06
going to create a group to do that
00:20:08
new command time here we go we'll do
00:20:11
sudo group
00:20:12
add and as you might expect group add
00:20:14
will simply add a new group i'll do a
00:20:16
space i'll name my group
00:20:18
infinite
00:20:21
gauntlet does spell that right i don't
00:20:24
care that's what it's going to be called
00:20:26
and the group is there but how do we
00:20:28
know where is that group at
00:20:29
well just like we have a password file
00:20:31
to look at our users in the system
00:20:33
we have a file to look at the groups and
00:20:35
it's much more self-explanatory it makes
00:20:37
more sense
00:20:38
i'm going to cat the etsy group
00:20:41
file and there it is infinity gauntlet
00:20:45
right there
00:20:45
as well as every other group that was
00:20:47
created for our users
00:20:49
i told you whenever a user account is
00:20:50
created also they have a group created
00:20:52
for themselves as well
00:20:53
now what i want to do is make sure that
00:20:54
the members of the infinity gauntlet
00:20:56
group
00:20:56
do have ultimate power because you mean
00:20:58
you should you have the infinity
00:21:00
gauntlet on
00:21:00
so we need to add the infinity gauntlet
00:21:02
group to our sudoers file
00:21:04
let's do that real quick so again we'll
00:21:05
do sudo vi sudo to edit that file the
00:21:08
only way to do it don't you ever do it a
00:21:09
different way
00:21:10
i'm just kidding but seriously um let's
00:21:13
edit that file we're gonna scroll down
00:21:14
to
00:21:15
where we were and then right here right
00:21:17
now we see that members of the sudo
00:21:19
group
00:21:20
can do whatever they want and actually
00:21:21
real quick let me show you the reason we
00:21:23
can do whatever we want
00:21:24
is because we're members of the sudo
00:21:26
group if i do
00:21:27
actually new command time if you just
00:21:29
type in group i'm sorry
00:21:31
groups groot
00:21:34
it'll tell you what groups you are a
00:21:36
member of the current user account
00:21:37
you're logged in as and here i'm a
00:21:38
member of my own group user 86527
00:21:40
and the pseudo group which gives me
00:21:43
gauntlet
00:21:44
access anyways let's make sure the
00:21:45
gauntlet does have the appropriate
00:21:47
permissions here so just under
00:21:49
the sudo group i'm going to add percent
00:21:51
infinity
00:21:54
gauntlet make sure you spell it right
00:21:56
i'll do a space and i'll pretty much
00:21:57
copy the one just above it i'll say all
00:21:58
which again is all systems
00:22:00
space equal sign space i'll say no
00:22:02
password which is nopa sswd like we see
00:22:05
here
00:22:06
i'll do a colon and say all essentially
00:22:08
it's saying you can do everything you
00:22:09
want
00:22:10
all commands and you don't need a
00:22:11
password you got all them stones
00:22:13
anyways so i'm going to hit control now
00:22:16
actually you know what real quick before
00:22:17
i do that
00:22:18
i'm going to mess it up like i mentioned
00:22:20
before if you mess up your suitors file
00:22:22
you can break the entire system
00:22:24
there is some checks in there that'll
00:22:26
keep you safe so i'll just go
00:22:29
and i hit control x to get out of there
00:22:32
yes to save hit enter it'll say whoa
00:22:35
whoa whoa
00:22:36
there is a syntax error right there not
00:22:38
supposed to do that what are you doing
00:22:40
what are you going to do now what do you
00:22:41
want to do are you sure you want to save
00:22:42
this if i hit enter it will give me some
00:22:44
options
00:22:44
and i love this it's like you might want
00:22:47
to go edit it again hit e
00:22:48
hit x to get out of there and don't save
00:22:50
it just forget what you're doing you
00:22:51
don't know what you're doing or says you
00:22:52
know what if you're pretty confident
00:22:53
just hit q and say you want to save it
00:22:55
danger um let's be smart let's hit e to
00:22:59
edit it
00:23:00
and remove that crap we put in there and
00:23:02
then we can hit ctrl
00:23:03
x y and enter no errors we're good
00:23:07
so the infinity gauntlet group does have
00:23:10
ultimate sudo
00:23:11
super user due powers and now what's
00:23:13
left is the avengers have to somehow
00:23:15
become part of that group
00:23:16
put on the glove and change history and
00:23:18
if you've seen the movie
00:23:19
spoiler alert um iron man he does this
00:23:22
so we need to somehow get iron man into
00:23:25
the infinity gauntlet group let's do
00:23:26
that right now now real quick let's
00:23:28
demonstrate that iron man can't do crap
00:23:29
right now so if i
00:23:30
become iron man and i try to bring back
00:23:34
spider-man i can't i don't have the
00:23:36
glove i can't do it man iron man is
00:23:37
helpless but let's add them to the group
00:23:39
so to add a user to a group
00:23:40
pretty simple we're going to use the
00:23:41
same command we used earlier to modify a
00:23:43
user the user mod command
00:23:45
so we'll do sudo and keeping in mind i'm
00:23:47
logged in as me now not ironman anymore
00:23:49
i'll do sudo
00:23:50
user mod and the switch is dash
00:23:53
g now dash g by itself will add this
00:23:56
user to a group
00:23:57
but it will add it to that group and
00:23:59
kind of eliminate all other groups
00:24:01
you may not want to do that so we often
00:24:03
want to change this to
00:24:04
dash lowercase a capital g the a stands
00:24:08
for append
00:24:08
so this command here we're appending the
00:24:10
groups that ironman
00:24:12
is part of so just after dash ag we'll
00:24:15
type in
00:24:16
the group which is infinity gauntlet
00:24:19
and then the user we want to add which
00:24:21
will be iron man
00:24:22
just like that iron man has the glove on
00:24:25
we can actually see if that's happening
00:24:26
by going to
00:24:27
or catting the group file
00:24:30
etsy group and here we can see the
00:24:33
infinity gauntlet group
00:24:34
the members over here on the right and
00:24:35
there's iron man right there now again
00:24:37
if you saw the movie you know that iron
00:24:38
man and
00:24:39
and thanos were kind of wrestling with
00:24:41
the gloves so thanos was in the group
00:24:43
too
00:24:43
they kept going back and forth let me
00:24:45
add thanos in there real quick
00:24:46
so yes right now iron man and thanos are
00:24:48
both part of this group they both have
00:24:49
super awesome
00:24:50
powerful pseudo access but eventually
00:24:53
iron man does wrestle the
00:24:55
glove off of thanos and puts it on
00:24:56
himself so new command time how do you
00:24:58
remove
00:24:59
a user from a group this command is
00:25:01
called g password
00:25:03
the commands sometimes are weird um so
00:25:05
we'll do sudo
00:25:06
g pass wd we're gonna do dash d for
00:25:09
delete specify the user we want to
00:25:11
remove which will be
00:25:13
thanos take that off take that take it
00:25:15
and then we'll specify the group
00:25:17
infinity gauntlet take that thanos look
00:25:20
at the group once more
00:25:21
no one's in there so anyways iron man he
00:25:23
has the gauntlet
00:25:24
he snaps his fingers and he creates the
00:25:27
users we lost
00:25:28
let me become iron man i am iron man
00:25:31
pseudo
00:25:32
user ad captain america pseudo
00:25:35
user ad spiderman done we'll bring back
00:25:39
doctor strange
00:25:40
and i forgot who else but anyways you
00:25:41
get the picture right iron man has the
00:25:43
gauntlet on he has the power he's part
00:25:45
of the group
00:25:46
and he can now bring back everyone and
00:25:48
shoot while he's at it let's defeat
00:25:50
thanos right
00:25:51
sudo user delete
00:25:55
thanos here we go
00:25:58
goodbye thanos and then finally iron man
00:26:00
realizes the infinity gauntlet it's too
00:26:02
powerful
00:26:03
for anyone to possess so he destroys it
00:26:05
i think that's what happens
00:26:06
that's what we're going to do right now
00:26:07
so using the principle of least
00:26:08
privilege
00:26:09
we're going to remove the the infinity
00:26:11
gauntlet group we're going to delete
00:26:12
that group by doing the
00:26:14
group delete command in fact iron man
00:26:16
will do it himself right now and he's
00:26:17
going to
00:26:18
delete his access to do it at the same
00:26:20
time which is kind of weird right
00:26:21
so sudo group delete uh new command time
00:26:25
i forgot to sit man
00:26:26
which obviously means we're gonna be
00:26:28
deleting a group and the usage is pretty
00:26:30
straightforward just after group delete
00:26:32
we'll enter the name of the group
00:26:33
infinity gauntlet now this does not
00:26:36
delete any
00:26:37
users in that group it just deletes the
00:26:39
group and gone are also iron man's
00:26:41
privileges to do anything special
00:26:42
anymore
00:26:43
for example if he got greedy and wanted
00:26:45
to create the group once more
00:26:47
sorry iron man you don't have it anymore
00:26:49
and i think you have other problems to
00:26:50
worry about
00:26:51
we did it i think like we saved the
00:26:53
world right i mean iron man's
00:26:54
not okay but we we learned how to manage
00:26:57
users and linux and in the process we
00:26:59
assembled the avengers and took away the
00:27:01
infinity gauntlet destroyed it and saved
00:27:03
the world
00:27:04
yeah but seriously we learned a lot
00:27:06
today we learned how to manage users in
00:27:07
linux
00:27:08
add them delete them groups permissions
00:27:11
all that
00:27:12
and that's essential to managing a linux
00:27:13
system to becoming a hacker to doing
00:27:16
anything with linux now and
00:27:17
pretty much every area of it involves
00:27:19
linux and also if you want a quick
00:27:21
review of what we covered in text form
00:27:23
uh mosey on over to hack the box academy
00:27:25
the page we were at the whole time
00:27:26
and look it over they've got the
00:27:27
commands we we talked about in text form
00:27:30
and they also have a delightful quiz at
00:27:32
the very bottom to test your knowledge
00:27:33
and see how you do
00:27:34
and if you get it right you earn cubes
00:27:36
back which with the junk or cubes
00:27:38
go watch episode one if you don't know
00:27:39
what they are also if you want to test
00:27:41
your skills even further
00:27:42
i've got a quiz in the description below
00:27:44
it's free click the link
00:27:45
and uh let's see what you got and again
00:27:47
huge shout out to our sponsor hack the
00:27:49
box academy
00:27:50
it's free to access right now to do what
00:27:52
we've been doing here if you want to go
00:27:53
further and learn how to hack wordpress
00:27:55
and
00:27:55
and do python stuff and just man just so
00:27:58
many things
00:27:59
check them out link below i'll catch you
00:28:01
guys next time
00:28:03
[Music]
00:28:17
[Music]
00:28:18
you