2022-09-12
3183
翻译
渗透测试之Linux系统信息收集
Linux系统信息收集
一、信息收集
1、 system architecture
uname -a #输出liunx内核信息相关版本信息
Linux kali 5.14.0-kali4-amd64 #1 SMP Debian 5.14.16-1kali1 (2021-11-05) x86_64 GNU/Linux
cat /etc/issue #该文件保存着开机启动时候的欢迎页面
Kali GNU/Linux Rolling \n \l
cat /etc/*-relese # 查看linux发行版本信息
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2021.4"
VERSION_ID="2021.4"
VERSION_CODENAME="kali-rolling"
ID_LIKE=debian
ANSI_COLOR="1;31"
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"
cat /proc/version #查看相关的发行版本和内核版本信息
Linux version 5.14.0-kali4-amd64 (devel@kali.org) (gcc-10 (Debian 10.3.0-12) 10.3.0, GNU ld (GNU Binutils for Debian) 2.37) #1 SMP Debian 5.14.16-1kali1 (2021-11-05)
cat /proc/sys/kernel/version # 查看相关的linux内核版本信息
#1 SMP Debian 5.14.16-1kali1 (2021-11-05)
2、进程相关信息查询
ps -ef # 标准格式显示UID PID PPID C STIME TTY TIME CMD
root 1 0 0 19:39 ? 00:00:02 /sbin/init splash
root 2 0 0 19:39 ? 00:00:00 [kthreadd]
root 3 2 0 19:39 ? 00:00:00 [rcu_gp]
root 4 2 0 19:39 ? 00:00:00 [rcu_par_gp]
root 6 2 0 19:39 ? 00:00:00 [kworker/0:0H-events_highpri]
root 8 2 0 19:39 ? 00:00:03 [kworker/u256:0-flush-8:0]
root 9 2 0 19:39 ? 00:00:00 [mm_percpu_wq]
root 10 2 0 19:39 ? 00:00:00 [rcu_tasks_rude_]
root 11 2 0 19:39 ? 00:00:00 [rcu_tasks_trace]
root 12 2 0 19:39 ? 00:00:00 [ksoftirqd/0]
root 13 2 0 19:39 ? 00:00:00 [rcu_sched]
root 14 2 0 19:39 ? 00:00:00 [migration/0]
root 15 2 0 19:39 ? 00:00:00 [cpuhp/0]
ps -aux #BSD格式显示
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.2 0.2 164484 10452 ? Ss 19:39 0:02 /sbin/init splash
root 2 0.0 0.0 0 0 ? S 19:39 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? I< 19:39 0:00 [rcu_gp]
root 4 0.0 0.0 0 0 ? I< 19:39 0:00 [rcu_par_gp]
root 6 0.0 0.0 0 0 ? I< 19:39 0:00 [kworker/0:0H-events_highpri]
root 8 0.3 0.0 0 0 ? I 19:39 0:03 [kworker/u256:0-events_unbound]
root 9 0.0 0.0 0 0 ? I< 19:39 0:00 [mm_percpu_wq]
root 10 0.0 0.0 0 0 ? S 19:39 0:00 [rcu_tasks_rude_]
root 11 0.0 0.0 0 0 ? S 19:39 0:00 [rcu_tasks_trace]
root 12 0.0 0.0 0 0 ? S 19:39 0:00 [ksoftirqd/0]
root 13 0.0 0.0 0 0 ? I 19:39 0:00 [rcu_sched]
root 14 0.0 0.0 0 0 ? S 19:39 0:00 [migration/0]
root 15 0.0 0.0 0 0 ? S 19:39 0:00 [cpuhp/0]
root 16 0.0 0.0 0 0 ? S 19:39 0:00 [cpuhp/1]
root 17 0.0 0.0 0 0 ? S 19:39 0:00 [migration/1]
root 18 0.0 0.0 0 0 ? S 19:39 0:00 [ksoftirqd/1]
top # 动态监控信息
top - 19:57:49 up 17 min, 1 user, load average: 0.11, 0.14, 0.09
任务: 178 total, 1 running, 177 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.2 us, 0.3 sy, 0.0 ni, 99.5 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 3898.0 total, 2699.8 free, 658.3 used, 539.8 buff/cache
MiB Swap: 975.0 total, 975.0 free, 0.0 used. 3006.8 avail Mem
进程号 USER PR NI VIRT RES SHR %CPU %MEM TIME+ COMMAND
580 root 20 0 337800 96280 48152 S 1.7 2.4 0:11.28 Xorg
1208 root 20 0 505520 107968 82984 S 1.0 2.7 0:10.75 qterminal
464 root 20 0 238648 9892 6808 S 0.3 0.2 0:02.20 vmtoolsd
996 root 20 0 703972 52100 41972 S 0.3 1.3 0:01.63 panel-17-pulsea
1 root 20 0 164484 10452 7748 S 0.0 0.3 0:02.07 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.01 kthreadd
3 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 rcu_gp
4 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 rcu_par_gp
6 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/0:0H-events_highpri
8 root 20 0 0 0 0 I 0.0 0.0 0:03.38 kworker/u256:0-flush-8:0
9 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 mm_percpu_wq
10 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_tasks_rude_
11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_tasks_trace
12 root 20 0 0 0 0 S 0.0 0.0 0:00.05 ksoftirqd/0
13 root 20 0 0 0 0 I 0.0 0.0 0:00.63 rcu_sched
14 root rt 0 0 0 0 S 0.0 0.0 0:00.01 migration/0
ls -al /proc #该目录存储了一些关于进程的文件其中数字表示进程号,其中进程号内文件表示各个映射表
总用量 4
dr-xr-xr-x 237 root root 0 3月 20 19:39 .
drwxr-xr-x 19 root root 4096 12月 19 20:59 ..
dr-xr-xr-x 9 root root 0 3月 20 19:39 1
dr-xr-xr-x 9 root root 0 3月 20 19:40 10
dr-xr-xr-x 9 root root 0 3月 20 19:41 1030
dr-xr-xr-x 9 root root 0 3月 20 19:41 1031
dr-xr-xr-x 9 root root 0 3月 20 19:41 1043
3、用户和用户组的查看
id # 查看当前用户的UID 和 GID
用户id=0(root) 组id=0(root) 组=0(root),20(dialout),120(wireshark),142(kaboxer)
w # 本地登录或远程登录到系统的用户
20:04:49 up 24 min, 1 user, load average: 0.05, 0.10, 0.09
USER TTY 来自 LOGIN@ IDLE JCPU PCPU WHAT
root tty7 :0 19:41 24:46 13.68s 13.68s /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch
whoami # 展示当前shell所登录的计算机名
root
lastlog # 登录日志目录
用户名 端口 来自 最后登录时间
root **从未登录过**
daemon **从未登录过**
bin **从未登录过**
sys **从未登录过**
sync **从未登录过**
games **从未登录过**
man **从未登录过**
lp **从未登录过**
mail **从未登录过**
news **从未登录过**
uucp **从未登录过**
proxy **从未登录过**
www-data **从未登录过**
backup **从未登录过**
cat /etc/passwd #存储用户信息但不保留用户密码信息
cat /etc/shadow #存储了用户的密码文件
cat /etc/sudoers #用户的sudo 执行哪些root权限
4、Linux服务
service --status-all #查看计算机中所有服务的状态信息 + 开启 -关闭
[ - ] apache-htcacheclean
[ - ] apache2
[ - ] apparmor
[ - ] atftpd
[ - ] avahi-daemon
[ + ] binfmt-support
[ - ] bluetooth
[ - ] console-setup.sh
[ + ] cron
[ - ] cryptdisks
[ - ] cryptdisks-early
[ - ] cups
[ - ] cups-browsed
[ + ] dbus
[ - ] dns2tcp
[ - ] gdomap
[ + ] haveged
[ - ] hwclock.sh
[ - ] inetsim
service 服务名称 start # 开启服务
service 服务名称 status # 查看指定某个服务的状态
service 服务名称 stop # 关闭某个服务
cat /etc/services # 该目录中存放着服务与端口的映射的状况
ms-sql-s 1433/tcp # Microsoft SQL Server
ms-sql-m 1434/udp # Microsoft SQL Monitor
ingreslock 1524/tcp
datametrics 1645/tcp old-radius
datametrics 1645/udp old-radius
sa-msg-port 1646/tcp old-radacct
sa-msg-port 1646/udp old-radacct
kermit 1649/tcp
groupwise 1677/tcp
l2f 1701/udp l2tp
radius 1812/tcp
radius 1812/udp
radius-acct 1813/tcp radacct # Radius Accounting
radius-acct 1813/udp radacct
cisco-sccp 2000/tcp # Cisco SCCP
nfs 2049/tcp # Network File System
nfs 2049/udp # Network File System
SHELL