killchain-compendium/post_exploitation/docs/linux.md

Linux enumeration

• cat /etc/*-release * cat /proc/version

• hostname

• uname -a

• cat /etc/issue

• ps wuax or ps ajxf or ps -A

• printenv or env

• sudo -l

• id

• whoami

• groups and getent group

• cat /etc/passwd

• history

• ip or ifconfig

• ip route

• netstat -natup or ss natup

• netstat -s and netstat -i

• lsof -i

• Find SUID permissions on files and dirs

• find / -perm /6000 -ls 2>/dev/null

• Find writeables dirs

• find / -writable -type d 2>/dev/null or find / -perm -o w -type d 2>/dev/null

• find / -perm -o x -type d 2>/dev/null

• Find writeable subdirs find / -writable 2>/dev/null | cut -d "/" -f 2,3 | grep -v proc | sort -u