6.2. Linux Intranet Penetration

Content Index:

• 6.2.1. Information collection
  • 6.2.1.1. Obtaining kernel, operating system and device information
  • 6.2.1.2. Users and Groups
  • 6.2.1.3. User and Privilege Information
  • 6.2.1.4. Environmental Information
  • 6.2.1.5. Process Information
  • 6.2.1.6. Service Information
  • 6.2.1.7. Scheduled tasks
  • 6.2.1.8. Networking, Routing and Communication
  • 6.2.1.9. Installed Programs
  • 6.2.1.10. File
  • 6.2.1.11. Public and private key information
  • 6.2.1.12. Logs
  • 6.2.1.13. Virtual Environment Detection
  • 6.2.1.14. Container Information Collection
• 6.2.2. Persistence
  • 6.2.2.1. Privilege Escalation
  • 6.2.2.2. Self-start
  • 6.2.2.3. Backdoors
• 6.2.3. Trace cleaning
  • 6.2.3.1. History Commands
  • 6.2.3.2. Clear/modify log files
  • 6.2.3.3. Login traces
  • 6.2.3.4. Operation traces
  • 6.2.3.5. Overwriting files
  • 6.2.3.6. Difficulties
  • 6.2.3.7. Notice
  • 6.2.3.8. Reference Links