LINUX BASIC AND USEFUL COMMANDS

-










 

Operating System
What's the distribution type? What version?

  • cat /etc/issue
  • cat /etc/*-release
  • cat /etc/lsb-release

 

What's the kernel version? Is it 64-bit?

  • cat /proc/version
  • uname -a
  • uname -mrs
  • rpm -q kernel
  • dmesg | grep Linux
  • ls /boot | grep vmlinuz-


What can be learnt from the environmental variables?

  • cat /etc/profile
  • cat /etc/bashrc
  • cat ~/.bash_profile
  • cat ~/.bashrc
  • cat ~/.bash_logout
  • env
  • set


Is there a printer?

  • lpstat -a

 

Applications & Services
What services are running? Which service has which user privilege?

  • ps aux
  • ps -ef
  • top
  • cat /etc/services


Which service(s) are been running by root? Of these services, which are vulnerable

  • ps aux | grep root
  • ps -ef | grep root


What applications are installed? What version are they? Are they currently running?


  • ls -alh /usr/bin/
  • ls -alh /sbin/
  • dpkg -l
  • rpm -qa
  • ls -alh /var/cache/apt/archivesO
  • ls -alh /var/cache/yum/


Any of the service(s) settings misconfigured? Are any (vulnerable) plugins attached?

  • cat /etc/syslog.conf
  • cat /etc/chttp.conf
  • cat /etc/lighttpd.conf
  • cat /etc/cups/cupsd.conf
  • cat /etc/inetd.conf
  • cat /etc/apache2/apache2.conf
  • cat /etc/my.conf
  • cat /etc/httpd/conf/httpd.conf
  • cat /opt/lampp/etc/httpd.conf
  • ls -aRl /etc/ | awk '$1 ~ /^.*r.*/


What jobs are scheduled?

  • crontab -l
  • ls -alh /var/spool/cron
  • ls -al /etc/ | grep cron
  • ls -al /etc/cron*
  • cat /etc/cron*
  • cat /etc/at.allow
  • cat /etc/at.deny
  • cat /etc/cron.allow
  • cat /etc/cron.deny
  • cat /etc/crontab
  • cat /etc/anacrontab
  • cat /var/spool/cron/crontabs/root

 

Any plain text usernames and/or passwords?

  • grep -i user [filename]
  • grep -i pass [filename]
  • grep -C 5 "password" [filename]
  • find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password"   # Joomla


Communications & Networking
What NIC(s) does the system have? Is it connected to another network?

  • /sbin/ifconfig -a
  • cat /etc/network/interfaces
  • cat /etc/sysconfig/network


What are the network configuration settings? What can you find out about this network? DHCP server? DNS server? Gateway?


  • cat /etc/resolv.conf
  • cat /etc/sysconfig/network
  • cat /etc/networks
  • iptables -L
  • hostname
  • dnsdomainname


What other users & hosts are communicating with the system?

  • lsof -i
  • lsof -i :80
  • grep 80 /etc/services
  • netstat -antup
  • netstat -antpx
  • netstat -tulpn
  • chkconfig --list
  • chkconfig --list | grep 3:on



Whats cached? IP and/or MAC addresses

  • arp -e
  • route
  • /sbin/route -nee

 

Confidential Information & Users
Who are you? Who is logged in? Who has been logged in? Who else is there? Who can do what?

  • id
  • who
  • w
  • last
  • cat /etc/passwd | cut -d: -f1    # List of users
  • grep -v -E "^#" /etc/passwd | awk -F: '$3 == 0 { print $1}'   # List of super users
  • awk -F: '($3 == "0") {print}' /etc/passwd   # List of super users
  • cat /etc/sudoers
  • sudo -l


What sensitive files can be found?

  • cat /etc/passwd
  • cat /etc/group
  • cat /etc/shadow
  • ls -alh /var/mail/


Anything "interesting" in the home directorie(s)? If it's possible to access

  • ls -ahlR /root/
  • ls -ahlR /home/


Are there any passwords in; scripts, databases, configuration files or log files? Default paths and locations for passwords

  • cat /var/apache2/config.inc
  • cat /var/lib/mysql/mysql/user.MYD
  • cat /root/anaconda-ks.cfg


What has the user being doing? Is there any password in plain text? What have they been edting?

  • cat ~/.bash_history
  • cat ~/.nano_history
  • cat ~/.atftp_history
  • cat ~/.mysql_history
  • cat ~/.php_history


What user information can be found?

  • cat ~/.bashrc
  • cat ~/.profile
  • cat /var/mail/root
  • cat /var/spool/mail/root

Comments

Post a Comment

Popular posts from this blog

Websites To Learn Programming

-
Image
  Websites To Learn  Programming Hacker Earth Similar to HackerRank, HackerEarth provides a platform for both developers and companies. W3Schools W3Schools includes HTML ,CSS, JavaScript ,JSON ,PHP ,Python, AngularJS ,React.js, BootStrap ,SaSS ,Node.js ,Rasberry PI ,C++ ,C#  and Java Hackerrank Programming Medium   Medium blog post and articles on these websites are extremely useful for beginner programmers and developers YouTube YouTube is one such platform that is home to tons of free programming and coding content  that will allow its viewers to learn  GitHub and StackOverflow Both GitHub and Stack Overflow are amazing websites that will allow you to engage in conversations that other experts in this field of programming and receive the appropriate solutions to your doubts and queries   WANT TO LEARN CODING ON THE PHONE   CLICK ME !!
Read more

GitHub repositories to improve your programming skills

-
Image
 GitHub Repositories To Improve Your     Programming Skills   1. Free Programming Books :  🔗  https://github.com/EbookFoundation/free-programming-books 2. Awesome :   🔗   https://github.com/sindresorhus/awesome 3. Coding Interview University : 🔗   https://github.com/kamranahmedse/developer-roadmap  5. Public APIs : 🔗   https://github.com/public-apis/public-apis 6. Awesome Python : 🔗 https://github.com/vinta/awesome-python 7. JavaScript Algorithms : 🔗  https://github.com/trekhleb/javascript-algorithm s 8. Node Best Practices : 🔗 https://github.com/goldbergyoni/nodebestpractices 9. Real World : 🔗 https://github.com/gothinkster/realworld 10. Tech Interview Handbook : 🔗 https://github.com/yangshun/tech-interview-handbook 11. Clean Code JavaScript : 🔗 https://github.com/ryanmcdermott/clean-code-javascript 12. Free For Dev : 🔗 https://github.com/ripienaar/free-for-dev 13. Awesome For Beginners :...
Read more

What To Study For Cyber Security ( Ethical Hacking )

-
Image
  What To Study For Cyber Security ( Ethical Hacking ) SO this article is Straight forward about what learn for Cyber Security let's start from the beginning Computer Fundamentals Networking Operation of IP Data Networks Functions of Routers, Switches, Bridges, and Hubs OSI and TCP/IP models Data flow between two hosts across a network Experience with network OS, Windows/ Linux/ MacOS, communications protocols, firewalls, IPS/IDS systems, virtual environments, data encryption, and mobile penetration testing of IOS/Android systems. 3.  Network Security 4.  Programming Knowledge Java C / C++ Python PHP HTML JavaScript GO lang SQL Ruby Perl Bash Scripting Powershell OWASP Top 10 5. Linux Essential Linux commands Shell programming System administration INTRODUCTION TO SOCKETS File System Management More You can find it on  https://www.urbanpro.com/linux/linux-syllabus 6. Knowledge of common pen test and application security tools, such as: Kali Metasploit Burpsuite ...
Read more