weyne/pwnwiki.github.io
1
0
Fork 0
mirror of https://github.com/oXis/pwnwiki.github.io.git synced 2025-10-29 16:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update gdoc_linux.md

Browse Source
This commit is contained in:
Will Pennell 2014-04-26 13:05:52 -04:00
parent 40cd062407
commit 3f4b26d98e
1 changed files with 35 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
2besorted/gdoc_linux.md
View File

@ -41,43 +41,45 @@ The content below is the raw data from the Google Doc that was first used to col
| `jps -l` | Looks for Java Virtual Machines | | `jps -l` | Looks for Java Virtual Machines |
| `java -version` | Returns the version of Java. | | `java -version` | Returns the version of Java. |
## Networking ## Networking
| Command | Description / Importance | | Command | Description / Importance |
| ------- | ------------------------ | | ------- | ------------------------ |
hostname -f | `hostname -f` | Show long hostname (FQDN) |
ip addr show | `ip addr show` | Show IP information |
ip ro show | `ip ro show` | Show routing information |
ifconfig -a | `ifconfig -a` | Show information on network interface configuration |
route -n | `route -n` | Show routing table for all host IPs |
cat /etc/network/interfaces | `cat /etc/network/interfaces` | Show network interfaces |
iptables -L -n -v | `iptables -L -n -v` | text goes here |
iptables -t nat -L -n -v | `iptables -t nat -L -n -v` | text goes here |
ip6tables -L -n -v | `ip6tables -L -n -v` | text goes here |
iptables-save | `iptables-save` | text goes here |
netstat -anop | `netstat -anop` | text goes here |
netstat -r | `netstat -r` | text goes here |
netstat -nltupw (root with raw sockets) | `netstat -nltupw ` | Requires root with raw sockets, text goes here |
arp -a | `arp -a` | text goes here |
lsof -nPi | `lsof -nPi` | text goes here |
to resume it ? "cat /proc/net/*" (more discreet) | `to resume it ? "cat /proc/net/*" (more discreet)` | text goes here |
what does the above mean? -> It means that all the information given by the above commands can be found by looking into the files under /proc/net , and that this approach is less likely to trigger monitoring or other stuff. | `what does the above mean? -> It means that all the information given by the above commands can be found by looking into the files under /proc/net , and that this approach is less likely to trigger monitoring or other stuff.` | text goes here |
User accounts
local accounts: cat /etc/passwd
password hashes in /etc/shadow on Linux
password hashes in /etc/security/passwd on AIX
groups in /etc/group (and/or /etc/gshadow on Linux)
all accounts: getent passwd
should dump local, LDAP, NIS, whatever the system is using
same with getent group
Samba's own database: pdbedit -L -w or pdbedit -L -v
privileged accounts: cat
(above: cat ???)
mail aliases: cat /etc/aliases find /etc -name aliases, getent aliases
NIS accounts: ypcat passwd - displays NIS password file
Credentials ## User accounts
| Command | Description / Importance |
| ------- | ------------------------ |
| `cat /etc/passwd` | Display local accounts |
| `cat /etc/shadow on Linux` | Display password hashes on Linux |
| `cat /etc/security/passwd` | Display password hashes on AIX|
| `cat /etc/group` | Show system groups |
| `cat /etc/gshadow` | Show shadow group file on Linux |
| `getent passwd` | List of all user accounts from local, LDAP, NIS, and whatever the system is using |
| `getent group` | List of all groups from local, LDAP, NIS, and whatever the system is using |
| `pdbedit -L -w or pdbedit -L -v` | SAMBA Database |
| `find /etc -name aliases` | Find mail aliases |
| `cat /etc/aliases` | Display mail aliases |
| `getent aliases ` | List of all mail aliases |
| `ypcat passwd` | displays NIS password file |
## Credentials
SSH keys, often passwordless: /home/*/.ssh/id* SSH keys, often passwordless: /home/*/.ssh/id*
SSH agent: SSH agent: