Enumeration

System Enumeration

hostname

uname -a
cat /proc/version
cat /etc/issue

lscpu

ps aux
ps aux | grep [USERNAME]

# View all running processes
ps -A

# View Process Tree
ps axjf

env

whoami

id

cat /etc/passwd

# Displays only the username
cat /etc/passwd | cut -d : -f 1

cat /etc/passwd | grep home

cat /etc/group

sudo -l

sudo -V

ls -la /etc/passwd
ls -la /etc/shadow

find / -type f -perm -04000 -ls 2>/dev/null

find / -perm -u=s -type f 2>/dev/null

find / -user root -perm -4000 -exec ls -ldb {} \\; 2>/dev/null

getcap -r / 2>/dev/null
# Look for cap_setuid+ep

ip a
ifconfig

ip route
route

ip neigh
arp -a

netstat -ano

grep —color=auto -rnw '/' -ie "PASSWORD" —color=always 2> /dev/null

locate password | less

find / -name authorized_keys 2>/dev/null
find / -name id_rsa 2>/dev/null

find . -name flag1.txt: find the file named “flag1.txt” in the current directory
find /home -name flag1.txt: find the file names “flag1.txt” in the /home directory
find / -type d -name config: find the directory named config under “/”
find / -type f -perm 0777: find files with the 777 permissions (files readable, writable, and executable by all users)
find / -perm a=x: find executable files
find /home -user frank: find all files for user “frank” under “/home”
find / -mtime 10: find files that were modified in the last 10 days
find / -atime 10: find files that were accessed in the last 10 day
find / -cmin -60: find files changed within the last hour (60 minutes)
find / -amin -60: find files accesses within the last hour (60 minutes)
find / -size 50M: find files with a 50 MB size
find / -writable -type d 2>/dev/null : Find world-writeable folders
find / -perm -222 -type d 2>/dev/null: Find world-writeable folders
find / -perm -o w -type d 2>/dev/null: Find world-writeable folders
find / -perm -o x -type d 2>/dev/null : Find world-executable folders

Last updated 6 months ago