Initial Enumeration Flashcards
Why is it useful to list the kernel version?
Once you know the kernel version, you can look for exploits for it. Search if the showed version is vulnerable to an exploit.
What commands can be used to show the kernel version of a system?
$ uname -a $ cat /proc/version $ cat /etc/issue
The last one shows the distribution!
Why is it important to list the CPU of a system?
Some kernel exploits require a minimum ammount of cpu cores to be able to work properly. Besides that, it returns useful information about the current hardware.
What command can be used to display information about the CPU architecture?
$ lscpu
What commands can be used to display the current services/processes?
$ ps aux $ top
Why is it important to perform user enumeration?
It’s very important to know who we are, what permissions we have and what we are capable of doing in a system.
What commands can be used to display who the current user is?
$ whoami $ id
What command can be used to display the commands that can be run as sudo?
$ sudo -l
Why is it important to look the bash history? What command can be used to display it?
The bash history can return useful hints or even some quick wins like a password. The command is simply history.
Why is it important to perform network enumeration?
It lets us understand the IP architecture, see the networks that the system has access to it and see open ports availbable internally.
How to list network interfaces?
$ ifconfig (old) $ ip a
How to display the route table?
$ route $ ip route
How to display the ARP table?
$ arp -a $ ip n
How to display internet connections, ports available and open internal ports?
$ netstat -ano
Why is it useful to use automated tools?
These tools can return lots of information in less time and in a more organized way.
