Linux Checks Uncategorized

Linux Checks



Kernel Version

uname -a

Operating System

Related command cat /etc/issue

Running processes

ps auxw

Running services

netstat -antp

Lookup folders

  • ls /

Look SUID files

  • find / -perm -4000 2>/dev/null

tmux migration

  • Running ps aux reveals a tmux session being run as the root user.
  • Simply running the command tmux -S /.devs/dev_sess will connect to the session, with full root privileges.


GREP password in files

*grep -Ri password | less


Linux process monitor


#loop by line IFS=$'\n'

old_process=$(ps -eo command)

while true; do new_process=$(ps -eo command) diff <(echo "$old_process") <(echo "$new_process") sleep 1 old_process=$new_process done


Check for GTFOBins

  • run sudo -l to check which commands you can execute under sudo rights
  • check for commands to escalate to root

Check linux read to read/write options


*check you have read permissions on files ls -la *check to of location you do have write permissions *mkdir writelocation *cp -r /target/folder /writelocation