Skip to content

File permission information gathering #1

Description

@int0x33
find / -perm -4000 -type f 2>/dev/null Find SUID files
find / -uid 0 -perm -4000 -type f 2>/dev/null Find SUID files owned by root
find / -perm -2000 -type f 2>/dev/null Find SGID files (sticky bit)
find / ! -path "/proc/" -perm -2 -type f -print 2>/dev/null Find world-writeable files excluding procfile
find / -type f '(' -name *.cert -or -name *.crt -or -name *.pem -or -name *.ca -or -name *.p12 -or -name *.cer -name *.der ')' '(' '(' -user support -perm -u=r ')' -or '(' -group support -perm -g=r ')' -or '(' -perm -o=r ')' ')' 2> /dev/null-or -name *.cer -name *.der ')' 2> /dev/null Find keys or certificates you can read
find /home –name *.rhosts -print 2>/dev/null Find rhost config files
find /etc -iname hosts.equiv -exec ls -la {} 2>/dev/null ; -exec cat {} 2>/dev/null ; Find hosts.equiv, list permissions and cat the file contents
cat ~/.bash_history Display current user history
ls -la ~/.*_history Dislay the current user various history files
ls -la ~/.ssh/ Check current user’s ssh files
find /etc -maxdepth 1 -name '.conf' -type f or ls -la /etc/.conf List the configuration files in /etc (depth 1, modify the maxdepth param in the first command for change it)
lsof | grep '/home/|/etc/|/opt/' Display the possibly interesting openfiles

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions