generic.secrets.security.detected-etc-shadow.detected-etc-shadow
Community Favorite

Author
42,313
Download Count*
License
linux shadow file detected
Run Locally
Run in CI
Defintion
rules:
- id: detected-etc-shadow
pattern-regex: root:[x!*]*:[0-9]*:[0-9]*
languages:
- regex
message: linux shadow file detected
severity: ERROR
metadata:
cwe:
- "CWE-798: Use of Hard-coded Credentials"
category: security
technology:
- secrets
confidence: LOW
owasp:
- A07:2021 - Identification and Authentication Failures
references:
- https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures
cwe2022-top25: true
cwe2021-top25: true
subcategory:
- audit
likelihood: LOW
impact: MEDIUM
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
vulnerability_class:
- Hard-coded Secrets
Examples
detected-etc-shadow.txt
# ruleid: detected-etc-shadow
root::17431:0:99999:7:::
daemon:*:17431:0:99999:7:::
bin:*:17431:0:99999:7:::
sys:*:17431:0:99999:7:::
sync:*:17431:0:99999:7:::
games:*:17431:0:99999:7:::
man:*:17431:0:99999:7:::
lp:*:17431:0:99999:7:::
mail:*:17431:0:99999:7:::
news:*:17431:0:99999:7:::
uucp:*:17431:0:99999:7:::
proxy:*:17431:0:99999:7:::
www-data:*:17431:0:99999:7:::
backup:*:17431:0:99999:7:::
list:*:17431:0:99999:7:::
irc:*:17431:0:99999:7:::
gnats:*:17431:0:99999:7:::
nobody:*:17431:0:99999:7:::
sshd:*:17431:0:99999:7:::
ubuntu:$6$LnUhhUi45srUKt9i$4Hp6VRTOB2mxvsYH8mwsCfBryg6hCbm4JJjV26KplN8ewZ7EUVqQDkLKDW.O8XRHx.B76JkwXtyD3wnAXEuZN1:0:99999:7:::
Short Link: https://sg.run/4ylL