Certified Ethical Hacker (CEH) — Question 64

A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it?

Answer options

• A. The password file does not contain the passwords themselves.
• B. He can open it and read the user ids and corresponding passwords.
• C. The file reveals the passwords to the root user only.
• D. He cannot read it because it is encrypted.

Correct answer: A

Explanation

The correct answer is A because the /etc/passwd file contains user account information, but it does not store the actual passwords, which are typically hashed and stored in /etc/shadow. Options B and C are incorrect because they imply the presence of readable passwords in /etc/passwd, and D is wrong as the file is not encrypted but simply formatted for user information.