Enumerating the System

System enumeration

hostname

#check kernal
uname -a
cat /proc/version

#check processes
ps aux
ps aux | grep root
ps aux | grep <user>

User enumeration

whoami
id

#checking privileges
sudo -l

#sensitive file permissions
cat /etc/shadow
cat /etc/group
history
cat .bash_history

Network enumeration

#see open ports
netstat -ano

#see the configurations
ifconfig
ip a

#chcek the ip route
ip route

Credential hunting

Password hunting

grep --color=auto -rnw '/' -ie "PASSWORD" --color=always 2>/dev/null
grep --color=auto -rnw '/' -ie "PASSWORD=" --color=always 2>/dev/null
locate password | more

SSH hunting

to find credentials

find / -name id_rsa 2> /dev/null
grep PRIVATE KEY . -r

PreviousLinux priv esc NextAutomatic tooling

Last updated 1 year ago