Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-12-03 09:59:40 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/linux-hardening/linux-post-exploitation/pam-pluggable-authentication-modules.md

103 lines
6.6 KiB
Markdown
Raw Normal View History

Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
<details>
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Njia nyingine za kusaidia HackTricks:
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
Translated to Swahili
2024-02-11 02:13:58 +00:00
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
### [WhiteIntel](https://whiteintel.io)
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
[**WhiteIntel**](https://whiteintel.io) ni injini ya utaftaji inayotumia **dark-web** ambayo inatoa huduma za **bure** za kuangalia ikiwa kampuni au wateja wake wameathiriwa na **malware za wizi**.
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
Lengo kuu la WhiteIntel ni kupambana na utekaji wa akaunti na mashambulio ya ransomware yanayotokana na malware za kuiba habari.
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
Unaweza kutembelea tovuti yao na kujaribu injini yao **bure** kwenye:
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
{% embed url="https://whiteintel.io" %}
---
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Taarifa Msingi
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
**PAM (Moduli za Uthibitishaji Zinazoweza Kusanikishwa)** inafanya kama kifaa cha usalama ambacho **huthibitisha utambulisho wa watumiaji wanaojaribu kupata huduma za kompyuta**, kudhibiti upatikanaji wao kulingana na vigezo mbalimbali. Inafanana na mlinzi wa kidijitali, ikihakikisha kuwa watumiaji walioruhusiwa pekee wanaweza kushirikiana na huduma maalum wakati wakizuia matumizi yao kuzuia mzigo kwenye mfumo.
a
2024-02-07 04:06:18 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### Faili za Usanidi
a
2024-02-07 04:06:18 +00:00
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
- **Mifumo ya Solaris na UNIX** kwa kawaida hutumia faili ya usanidi wa kati iliyoko kwenye `/etc/pam.conf`.
- **Mifumo ya Linux** hupendelea njia ya saraka, kuhifadhi usanidi wa huduma maalum ndani ya `/etc/pam.d`. Kwa mfano, faili ya usanidi kwa huduma ya kuingia inapatikana kwenye `/etc/pam.d/login`.
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Mfano wa usanidi wa PAM kwa huduma ya kuingia unaweza kuonekana kama hivi:
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
```text
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so try_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_ldap.so
password required /lib/security/pam_pwdb.so use_first_pass
session required /lib/security/pam_unix_session.so
```
Translated to Swahili
2024-02-11 02:13:58 +00:00
### **Maeneo ya Usimamizi wa PAM**
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
Maeneo haya, au vikundi vya usimamizi, ni pamoja na **auth**, **account**, **password**, na **session**, kila moja ikihusika na vipengele tofauti vya uthibitishaji na usimamizi wa kipindi cha kikao:
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
- **Auth**: Inathibitisha kitambulisho cha mtumiaji, mara nyingi kwa kumwomba nywila.
- **Account**: Inashughulikia uthibitisho wa akaunti, ikichunguza hali kama uanachama wa kikundi au vizuizi vya wakati wa siku.
- **Password**: Inasimamia uppdatering wa nywila, ikiwa ni pamoja na ukaguzi wa ugumu au kuzuia mashambulizi ya kamusi.
- **Session**: Inasimamia hatua wakati wa kuanza au kumaliza kikao cha huduma, kama vile kupakia saraka au kuweka mipaka ya rasilimali.
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
### **Mipangilio ya Moduli ya PAM**
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
Mipangilio inaamua jibu la moduli kwa mafanikio au kushindwa, ikichochea mchakato mzima wa uthibitishaji. Hizi ni pamoja na:
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
- **Required**: Kushindikana kwa moduli inayohitajika kunasababisha kushindwa hatimaye, lakini baada ya kuhakikiwa kwa moduli zote zifuatazo.
- **Requisite**: Kukomesha mara moja mchakato baada ya kushindwa.
- **Sufficient**: Mafanikio hupuuza ukaguzi mwingine wa eneo hilo isipokuwa moduli inayofuata inashindwa.
- **Optional**: Husababisha kushindwa tu ikiwa ni moduli pekee kwenye safu.
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
### Mfano wa Tukio
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
Katika mazingira yenye moduli nyingi za auth, mchakato unafuata mpangilio wa kina. Ikiwa moduli ya `pam_securetty` inagundua terminali ya kuingia isiyo ruhusiwa, kuingia kama mtumiaji wa mizizi kunazuiliwa, lakini moduli zote bado zinashughulikiwa kutokana na hadhi yake ya "required". Moduli ya `pam_env` inaweka mazingira ya mazingira, ikisaidia uzoefu wa mtumiaji. Moduli za `pam_ldap` na `pam_unix` hufanya kazi pamoja kuthibitisha mtumiaji, na `pam_unix` ikijaribu kutumia nywila iliyotolewa awali, ikiboresha ufanisi na mabadiliko katika njia za uthibitishaji.
GitBook: [master] 3 pages modified
2021-06-23 17:08:03 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
## Marejeo
a
2024-02-07 04:06:18 +00:00
* [https://hotpotato.tistory.com/434](https://hotpotato.tistory.com/434)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
### [WhiteIntel](https://whiteintel.io)
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
[**WhiteIntel**](https://whiteintel.io) ni injini ya utaftaji inayotumia **dark-web** ambayo inatoa huduma za **bure** kuchunguza ikiwa kampuni au wateja wake wameathiriwa na **malware za wizi**.
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack.
2024-04-18 04:08:12 +00:00
Lengo kuu la WhiteIntel ni kupambana na utekaji wa akaunti na mashambulio ya ransomware yanayotokana na programu hasidi za kuiba taarifa.
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
Unaweza kutembelea tovuti yao na kujaribu injini yao **bure** kwa:
{% embed url="https://whiteintel.io" %}
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
<details>
Translated to Swahili
2024-02-11 02:13:58 +00:00
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated to Swahili
2024-02-11 02:13:58 +00:00
Njia nyingine za kusaidia HackTricks:
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['crypto-and-stego/hash-length-extension-attack.md', 'forensi
2024-04-18 03:38:36 +00:00
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Reference in a new issue Copy permalink