Given the following permission strings, what is the resulting octal permissions?

• drwxr-x-w-
• –w-rw—x
• pr-xrw–wx
• c—–x-w-
• -r-x-wxrw-
• drw-rw-r–

Based on the following:

val1=15
val2=1

What will the output be of each of the following, and why?

• echo "${val1}+${val2}"
• echo '$((${val1}+${val2}))'
• val3=6; echo "${val1}${val3}"
• yes | head -16 | wc -l

In /var/public/unix/ka/ is a file called ka1.mp3;

• copy this somewhere in your home directory (how did you do this?)
• figure out how to access its contents (how did you do this?)

For all files:

• What is the file's name?
• What type of file is it?
• Can you view its contents? If not, how do you remedy this?

For any C (.c) files:

• How do you successfully compile it?
• How do you appropriately run it?
• What does the program appear to do?

For any shell script:

• What is the script's name?
• What does it appear to do?
• Using # marks for comments, add comments at the end of each line of uncommented script code, explaining as best you can what is going on
• Upon running the script, what is the correct way to run it so it does something?

NOTE: If you cannot finish this one, it turns into a project.

In your speckled but hidden life of nefariousness and crime, you have managed to hack into the secure system of some organization. In this exploit, you obtained “hashfile”, which has a list of user names and their encrypted passwords.

As you do not have the actual plaintext passwords, you cannot immediately log in. Remembering your time (well spent) taking a UNIX course before turning to your current life of debauchery, you decide to set about brute forcing these passwords.

Using the programs and scripts you otherwise obtained from ka1.mp3, rig up a brute force password cracker to determine what these users have for passwords.

You may work with the following assumptions:

• Passwords are no longer than 3 characters
• Passwords can contain ONLY lower- or upper-case letters, or numbers

Aside from determining the user passwords, please answer me the following:

• Which user(s) have passwords that in some way mirror their user name?
• Which user(s) have passwords that match that of a dictionary word?
• What changes/modifications did you have to make to the various scripts to create a workable solution?
• How many total password combinations can there be for 2 character upper/lower/number?
• How many total password combinations can there be for 3 character upper/lower/number?
• The time command can prepend a command on the command-line. How long does it take to generate all the possible 2 character passwords?
• The time command can prepend a command on the command-line. How long does it take to generate all the possible 3 character passwords?

Challenge:

• Once you have a working solution, see how much you can optimize your overall runtime (compare times from before) by pre-allocating a rainbow table, and altering the logic of these scripts to use that as input.