weyne/pwnwiki.github.io
1
0
Fork 0
mirror of https://github.com/oXis/pwnwiki.github.io.git synced 2025-10-29 16:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #31 from wireghoul/master

Browse Source 
More linux command documentation
This commit is contained in:
WebBreacher 2013-12-08 16:23:48 -08:00
commit 3d042da838
2 changed files with 51 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
linux/find_files.md
View File

@ -14,6 +14,7 @@ $(document).ready(function() {
Commands that finds files on the file system are usually executed from within a shell (sh/bash) or through a forking function such as system() or exec(). Commands that finds files on the file system are usually executed from within a shell (sh/bash) or through a forking function such as system() or exec().
## ls ## ls
### Attributes showing ### Attributes showing
* **Command with arguments**: `ls -l [directory or filename]` * **Command with arguments**: `ls -l [directory or filename]`
* **Description**: Displays attributes of files and directories in the specified location * **Description**: Displays attributes of files and directories in the specified location
@ -51,6 +52,7 @@ Commands that finds files on the file system are usually executed from within a
---- ----
## find ## find
### Search by name ### Search by name
* **Command with arguments**: `find /etc -name "issue*"` * **Command with arguments**: `find /etc -name "issue*"`
* **Description**: Locates files matching the name (wildcards supported) * **Description**: Locates files matching the name (wildcards supported)
@ -61,9 +63,44 @@ Commands that finds files on the file system are usually executed from within a
/etc/issue.dpkg-dist /etc/issue.dpkg-dist
</code></div> </code></div>
### Search by permissions
* **Command with arguments**: `find / -perm 777`
* **Description**: Locates files matching the permissions
* **Output**:
* <div class="slide" style="cursor: pointer;"> **Ubuntu:** Show/Hide</div><div class="view"><code>root@localhost:~/ find / -perm 777
/initrd.img
/pentest/exploits/isr-evilgrade/include/sunjava/JavaPayload/FunnyClass2.jar
/pentest/exploits/isr-evilgrade/agent/java/javaws.exe
/pentest/exploits/isr-evilgrade/trash
/pentest/passwords/hashcat-gui/hashcat
/pentest/passwords/hashcat-gui/oclHashcat-plus
/pentest/passwords/hashcat-gui/oclHashcat-lite
/pentest/passwords/john/undrop
--snip--
</code></div>
### Search by username
* **Command with arguments**: `find / -user root`
* **Description**: Locates files owned by the user "root"
* **Output**:
* <div class="slide" style="cursor: pointer;"> **Ubuntu:** Show/Hide</div><div class="view"><code>root@localhost:~/ find / -user root
/
/initrd.img
/pentest
/pentest/sniffers
/pentest/sniffers/dnschef
/pentest/sniffers/dnschef/dnschef.exe
/pentest/sniffers/dnschef/dnschef.ini
/pentest/sniffers/dnschef/dnslib
/pentest/sniffers/dnschef/dnslib/dns.py
/pentest/sniffers/dnschef/dnslib/__init__.py
--snip--
</code></div>
---- ----
## locate ## locate
* **Command with arguments**: `locate ifconfig` * **Command with arguments**: `locate ifconfig`
* **Description**: Look files up in the location database * **Description**: Look files up in the location database
* **Output**: * **Output**:

16
linux/privesc.md
View File

@ -1,3 +1,15 @@
# Place Holder # Sudo
Don't forget to check sudo to see if you can execute any commands with any privilege besides your user level
**Show which commands sudo allows you to run**
`sudo -l`
Content coming. Feel free to submit ;-) # Find
The following commands are helpful when looking to exploit local applications for privilege escalation
**Finding world writeable directories**
`find / -perm 777`
**Find setuid files**
`find / -perm +4000 -type f`
**Find root setuid files**
`find / -perm +4000 -uid 0 -type f`