You have gained basic access to the server, and now you need to create covert accounts, disguise identities, and form a privileged team! Are you ready to become a master of user management?
🎯 Act 1: Reconnaissance – Viewing User Intelligence
cat /etc/passwd # View all user profiles
cat /etc/group # View all organizational structures
id # View current identity permissions
whoami # Confirm who I am
w # View current online users🛠 Act 2: Forming the Team – User Group Operations
groupadd hacker # Create a privileged group
groupdel test_group # Delete test group
groups # View belonging organizations👤 Act 3: Disguising Identity – User Operation Secrets
# Create a covert account
useradd -u 31337 -g hacker -m -s /bin/bash stealth_agent# Password manipulation
passwd stealth_agent # Set password
passwd -l stealth_agent # Lock account
passwd -u stealth_agent # Unlock account# Account management
userdel -r stealth_agent # Completely delete account🎭 Act 4: Identity Switching – Transformation Techniques
su root # Switch to root
su - username # Complete identity switch
users # View online users🔍 Act 5: Task Verification – Trace Examination
# User operation verification
cat /etc/passwd | grep 31337 # Check hidden user
cat /etc/group | grep hacker # Check user group# System status confirmation
whoami # Confirm current identity
w # Monitor online sessions📖 Agent Notes: Key File Analysis
root:x:0:0:root:/root:/bin/bash ↑ ↑ ↑ ↑ ↑ ↑ ↑ Username Password UID GID Full Name Home Directory Shell Shadow file: /etc/shadow stores password hashes! 🛡️ Advanced Security Techniques: • Monitor Dedicated Accounts:Use <span>-s /sbin/nologin</span> to create system accounts solely for monitoring
useradd -s /sbin/nologin monitor_user # Monitoring dedicated account • Time-Limited Credentials:Set automatic expiration for temporary accounts using <span>-e 2025-12-31</span> useradd -e 2025-12-31 temp_agent # Self-destructing temporary account • Dynamic Permission Adjustment:Use <span>usermod</span> command to modify existing account attributes and permissions in real-time
usermod -L target_user # 🔴 Lock account first (execute separately) usermod -e 2024-06-30 target_user # 🔴 Then set expiration date (execute separately)Mastering user management means mastering the identity control system of the server! Remember to comply with cybersecurity regulations and practice these skills only in authorized environments!
🚀 Are you ready to take on more advanced privilege escalation challenges?