Categorie├źn
Linux Checks Uncategorized

Linux Checks

Hostname

hostname

Kernel Version

uname -a

Operating System

Related command cat /etc/issue

Running processes

ps auxw

Running services

netstat -antp

Lookup folders

  • ls /

Look SUID files

  • find / -perm -4000 2>/dev/null

tmux migration

  • Running ps aux reveals a tmux session being run as the root user.
  • Simply running the command tmux -S /.devs/dev_sess will connect to the session, with full root privileges.

 

GREP password in files

*grep -Ri password | less

 

Linux process monitor

#!/bin/bash

#loop by line IFS=$'\n'

old_process=$(ps -eo command)

while true; do new_process=$(ps -eo command) diff <(echo "$old_process") <(echo "$new_process") sleep 1 old_process=$new_process done

 

Check for GTFOBins

  • run sudo -l to check which commands you can execute under sudo rights
  • check https://gtfobins.github.io/ for commands to escalate to root

Check linux read to read/write options

 

*check you have read permissions on files ls -la *check to of location you do have write permissions *mkdir writelocation *cp -r /target/folder /writelocation