Enumeration on Linux
-
Tools
- Linux Smart Enumeration https://github.com/diego-treitos/linux-smart-enumeration
- LinEnum https://github.com/rebootuser/LinEnum Notes: This allows to also search for passwords in files, also can export interesting files for further analysis
- Linux Priv Checker https://github.com/linted/linuxprivchecker
- BeRoot https://github.com/AlessandroZ/BeRoot
- Unix Pricesc Check - http://pentestmonkey.net/tools/audit/unix-privesc-check
-
File permissions
find /home -type f -printf "%f\t%p\t%u\t%g\t%m", followed by suid binary search -find / -perm -4000 2>/dev/null -
Enumerating binary programs strings
strace -v -f -e execve 2>&1 | grep exec ltrace