Categorieën
Linux Checks Uncategorized

Linux Checks

Hostname

hostname

Kernel Version

uname -a

Operating System

Related command cat /etc/issue

Running processes

ps auxw

Running services

netstat -antp

Lookup folders

  • ls /

Look SUID files

  • find / -perm -4000 2>/dev/null

tmux migration

  • Running ps aux reveals a tmux session being run as the root user.
  • Simply running the command tmux -S /.devs/dev_sess will connect to the session, with full root privileges.

 

GREP password in files

*grep -Ri password | less

 

Linux process monitor

#!/bin/bash

#loop by line IFS=$'\n'

old_process=$(ps -eo command)

while true; do new_process=$(ps -eo command) diff <(echo "$old_process") <(echo "$new_process") sleep 1 old_process=$new_process done

 

Check for GTFOBins

  • run sudo -l to check which commands you can execute under sudo rights
  • check https://gtfobins.github.io/ for commands to escalate to root

Check linux read to read/write options

 

*check you have read permissions on files ls -la *check to of location you do have write permissions *mkdir writelocation *cp -r /target/folder /writelocation

Geef een reactie

Vul je gegevens in of klik op een icoon om in te loggen.

WordPress.com logo

Je reageert onder je WordPress.com account. Log uit /  Bijwerken )

Google photo

Je reageert onder je Google account. Log uit /  Bijwerken )

Twitter-afbeelding

Je reageert onder je Twitter account. Log uit /  Bijwerken )

Facebook foto

Je reageert onder je Facebook account. Log uit /  Bijwerken )

Verbinden met %s

Deze site gebruikt Akismet om spam te bestrijden. Ontdek hoe de data van je reactie verwerkt wordt.