EMBA firmware report

[+] Check users, groups and authentication

==> Users with UID zero (0)

[*] Searching accounts with UID 0

[+] Found administrator account/s with UID 0 in /etc/passwd (-rw-r--r-- root root)

    Administrator account: root:0

==> Shadow file identification

[*] Searching shadow files

[+] Found shadow file /etc/shadow (-rw-r--r-- root root) with possible hash root:$1$ZMDCdK26$t9H/47MjUhJU5xYl46PVM.:17366:0:99999:7::: of hashtype: MD5

[+] Found shadow file /etc/shadow (-rw-r--r-- root root) with possible hash sdcard:$1$JbElAA7t$JzppsspcGk.BRuKFyFj2A0:17360:0:99999:7::: of hashtype: MD5

==> Non-unique accounts

[*] Searching non-unique accounts

[-] All accounts found in /etc/passwd (-rw-r--r-- root root) are unique

==> Unique group IDs

[*] Searching non-unique group ID's

[-] All group ID's found in /etc/group (-rw-r--r-- root root) are unique

==> Unique group name

[*] Searching non-unique group names

[-] All group names found in /etc/group (-rw-r--r-- root root) are unique

==> Query user accounts

[*] Reading system users

[*] Linux real users output (ID = 0, or 1000+, but not 65534):

[+] Query system user

    root,0

    sdcard,1001

==> Query NIS and NIS+ authentication support

[*] Check nsswitch.conf

[+] /etc/nsswitch.conf (-rw-r--r-- root root) exist

[-] NIS/NIS+ authentication not enabled

==> Scan and test sudoers files

    /etc/sudoers (-rw-r--r-- root root)

[*] Testing sudoers file with sudo-parse.pl:

[+] E: %sudo:ALL matches .*ALL.*

[+] E: root:ALL matches .*ALL.*

[+] E: http:ALL matches .*ALL.*

==> Ownership and permissions for sudo configuration files

[*] Checking drop-in directory (/etc/sudoers.d (drwxrwxr-x root root))

[*] /etc/sudoers.d (drwxrwxr-x root root): Found permissions: drwxrwxr-x and owner UID GID: 0:0

[+] /etc/sudoers.d (drwxrwxr-x root root) permissions possibly unsafe

[-] /etc/sudoers.d (drwxrwxr-x root root) ownership OK

[*] /etc/sudoers (-rw-r--r-- root root): Found permissions: -rw-r--r-- and owner UID GID: 0:0

[+] /etc/sudoers (-rw-r--r-- root root) permissions possibly unsafe

[-] /etc/sudoers (-rw-r--r-- root root) ownership OK

==> Search for PAM password strength testing libraries

[*] Searching PAM password testing modules (cracklib, passwdqc, pwquality)

[-] pam_cracklib.so not found

[-] pam_passwdqc.so not found

[-] pam_pwquality.so not found

[-] No PAM modules for password strength testing found

==> Scan PAM configuration file

[-] /etc/pam.conf not available

==> Searching PAM configurations and LDAP support in PAM files

[-] /etc/pam.d not available

==> Searching available PAM files

[-] Nothing found