71 lines
1.3 KiB
Markdown
71 lines
1.3 KiB
Markdown
# Linux enumeration
|
|
|
|
* `cat /etc/*-release` * `cat /proc/version`
|
|
* `hostname` or `cat /etc/hostname`
|
|
* `cat /etc/hosts`
|
|
* `cat /etc/resolve.conf`
|
|
* `uname -a`
|
|
* `cat /etc/issue`
|
|
* `ps wuax ` or `ps ajxf` or `ps -A`
|
|
* `printenv` or `env`
|
|
* `cat /etc/timezone` or `timedatectl`
|
|
* `sudo -l`
|
|
* `id`
|
|
* `whoami`
|
|
* `groups` and `getent group` or `cat /etc/group`
|
|
* `cat /etc/passwd | column -t -s :`
|
|
* `cat /etc/sudoers`
|
|
* `history`
|
|
* `ip` or `ifconfig`
|
|
* `ip route`
|
|
* `cat /etc/network/interfaces`
|
|
* `netstat -natup` or `ss -natup`
|
|
* `netstat -s` and `netstat -i`
|
|
* `lsof -i`
|
|
## Login Info
|
|
```sh
|
|
last -f /var/log/wtmp
|
|
last -f /var/log/btmp
|
|
last
|
|
w
|
|
who
|
|
```
|
|
|
|
## Syslog
|
|
|
|
```sh
|
|
journalctl -xe
|
|
less /var/log/syslog
|
|
```
|
|
|
|
## Auth Logs
|
|
```sh
|
|
cat /var/log/auth.log | less
|
|
cat /var/log/access.log | less
|
|
|
|
```
|
|
|
|
## Find Files
|
|
* Find SUID permissions on files and dirs
|
|
* `find / -perm /6000 -ls 2>/dev/null`
|
|
|
|
* Find writeables dirs
|
|
* `find / -writable -type d 2>/dev/null` or `find / -perm -o w -type d 2>/dev/null`
|
|
* `find / -perm -o x -type d 2>/dev/null`
|
|
|
|
* Find writeable subdirs
|
|
`find / -writable 2>/dev/null | cut -d "/" -f 2,3 | grep -v proc | sort -u`
|
|
|
|
* `cat ~/.viminfo`
|
|
|
|
## Services
|
|
|
|
```sh
|
|
ls -al /etc/systemd/system && ls -la /var/lib/systemd/system || ls -la /etc/init.d
|
|
```
|
|
```sh
|
|
cat /etc/crontab
|
|
crontab -l
|
|
cat /etc/bash.bashrc ; cat /etc/profile
|
|
```
|