Fernando Flores#

  • Número de cuenta: 314107035

Hola, esta es mi carpeta para la tarea-1

CENTOS8#

Información de CentOS
[fflores@localhost ~]$ uname -a
Linux localhost.localdomain 4.18.0-365.el8.x86_64 #1 SMP Thu Feb 10 16:11:23 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

[fflores@localhost ~]$ cat /etc/os-release
NAME="CentOS Stream"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Stream 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"

[fflores@localhost ~]$ netstat -ntulp
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      -                   
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      -                   
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -                   
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      -                   
tcp6       0      0 :::111                  :::*                    LISTEN      -                   
tcp6       0      0 :::22                   :::*                    LISTEN      -                   
tcp6       0      0 ::1:631                 :::*                    LISTEN      -                   
udp        0      0 0.0.0.0:111             0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:37685           0.0.0.0:*                           -                   
udp        0      0 127.0.0.1:323           0.0.0.0:*                           -                   
udp        0      0 192.168.122.1:53        0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:67              0.0.0.0:*                           -                   
udp6       0      0 :::111                  :::*                                -                   
udp6       0      0 :::5353                 :::*                                -                   
udp6       0      0 ::1:323                 :::*                                -                   
udp6       0      0 :::38246                :::*                                -                   
udp6       0      0 fe80::a00:27ff:fe10:546 :::*      

[fflores@localhost ~]$ ping -c 4 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=58 time=5.03 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=58 time=5.09 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=58 time=5.14 ms
64 bytes from 1.1.1.1: icmp_seq=4 ttl=58 time=5.11 ms

--- 1.1.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3006ms
rtt min/avg/max/mdev = 5.032/5.095/5.143/0.040 ms

[fflores@localhost ~]$ dig example.com

; <<>> DiG 9.11.36-RedHat-9.11.36-2.el8 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5614
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;example.com.           IN  A

;; ANSWER SECTION:
example.com.        74704   IN  A   93.184.216.34

;; Query time: 13 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Mon Feb 28 01:13:53 CST 2022
;; MSG SIZE  rcvd: 56

Privilegios de usuario normal.#

[fflores@localhost ~]$ getent passwd ${USER}
fflores:x:1000:1000:fflores:/home/fflores:/bin/bash

[fflores@localhost ~]$ id
uid=1000(fflores) gid=1000(fflores) groups=1000(fflores),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[fflores@localhost ~]$ groups
fflores wheel

[fflores@localhost ~]$ sudo -l
[sudo] password for fflores: 
Matching Defaults entries for fflores on localhost:
    !visiblepw, always_set_home, match_group_by_gid, always_query_group_plugin,
    env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS",
    env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE",
    env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES",
    env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE",
    env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",
    secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin

User fflores may run the following commands on localhost:
    (ALL) ALL

[fflores@localhost ~]$ sudo -i
[root@localhost ~]#

Ubicación de las herramientas#

[fflores@localhost ~]$ which wireshark tcpdump nmap netcat ngrep dsniff wget curl whois bind-utils net-tools iproute iptables iptables-services iputils traceroute ethtool
/usr/bin/wireshark
/usr/sbin/tcpdump
/usr/bin/nmap
/usr/bin/netcat
/usr/sbin/ngrep
/usr/sbin/dsniff
/usr/bin/wget
/usr/bin/curl
/usr/bin/whois
/usr/bin/which: no bind-utils in (/home/fflores/.local/bin:/home/fflores/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
/usr/bin/which: no net-tools in (/home/fflores/.local/bin:/home/fflores/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
/usr/bin/which: no iproute in (/home/fflores/.local/bin:/home/fflores/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
/usr/sbin/iptables
/usr/bin/which: no iptables-services in (/home/fflores/.local/bin:/home/fflores/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
/usr/bin/which: no iputils in (/home/fflores/.local/bin:/home/fflores/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
/usr/bin/traceroute
/usr/sbin/ethtool

[fflores@localhost ~]$ whereis wireshark tcpdump nmap netcat ngrep dsniff wget curl whois bind-utils net-tools iproute iptables iptables-services iputils traceroute ethtool
wireshark: /usr/bin/wireshark /usr/lib64/wireshark /usr/share/wireshark /usr/share/man/man1/wireshark.1.gz
tcpdump: /usr/sbin/tcpdump /usr/share/man/man8/tcpdump.8.gz
nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz
netcat: /usr/bin/netcat /usr/share/man/man1/netcat.1.gz
ngrep: /usr/sbin/ngrep /usr/share/man/man8/ngrep.8.gz
dsniff: /usr/sbin/dsniff /etc/dsniff /usr/share/man/man8/dsniff.8.gz
wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz
curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz
whois: /usr/bin/whois.md /usr/bin/whois /etc/whois.conf /usr/share/man/man1/whois.1.gz
bind-utils:
net-tools:
iproute:
iptables: /usr/sbin/iptables /usr/libexec/iptables /usr/share/man/man8/iptables.8.gz
iptables-services:
iputils:
traceroute: /usr/bin/traceroute /usr/share/man/man8/traceroute.8.gz
ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz

DEBIAN#

Información de Debian
root@fernandondin:~# uname -a
Linux fernandondin 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64 GNU/Linux
root@fernandondin:~# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@fernandondin:~# cat /etc/debian_version
11.2
root@fernandondin:~# lsmod
Module                  Size  Used by
nf_tables             245760  0
libcrc32c              16384  1 nf_tables
nfnetlink              16384  1 nf_tables
vboxsf                 45056  0
rfkill                 28672  3
ghash_clmulni_intel    16384  0
aesni_intel           368640  0
joydev                 28672  0
libaes                 16384  1 aesni_intel
crypto_simd            16384  1 aesni_intel
cryptd                 24576  2 crypto_simd,ghash_clmulni_intel
glue_helper            16384  1 aesni_intel
sg                     36864  0
serio_raw              20480  0
pcspkr                 16384  0
snd_intel8x0           49152  2
snd_ac97_codec        180224  1 snd_intel8x0
ac97_bus               16384  1 snd_ac97_codec
snd_pcm               135168  2 snd_intel8x0,snd_ac97_codec
snd_timer              49152  1 snd_pcm
snd                   110592  8 snd_intel8x0,snd_timer,snd_ac97_codec,snd_pcm
evdev                  28672  10
soundcore              16384  1 snd
ac                     16384  0
vboxguest              49152  5 vboxsf
msr                    16384  0
fuse                  167936  7
configfs               57344  1
ip_tables              32768  0
x_tables               53248  1 ip_tables
autofs4                53248  2
ext4                  921600  1
crc16                  16384  1 ext4
mbcache                16384  1 ext4
jbd2                  151552  1 ext4
crc32c_generic         16384  0
hid_generic            16384  0
usbhid                 65536  0
hid                   147456  2 usbhid,hid_generic
sd_mod                 61440  3
sr_mod                 28672  0
cdrom                  73728  1 sr_mod
t10_pi                 16384  1 sd_mod
crc_t10dif             20480  1 t10_pi
crct10dif_generic      16384  0
ata_generic            16384  0
vboxvideo              32768  1
drm_vram_helper        20480  1 vboxvideo
drm_ttm_helper         16384  1 drm_vram_helper
ttm                   114688  2 drm_vram_helper,drm_ttm_helper
drm_kms_helper        278528  4 drm_vram_helper,vboxvideo
cec                    61440  1 drm_kms_helper
ahci                   40960  2
ohci_pci               20480  0
ehci_pci               20480  0
libahci                45056  1 ahci
ohci_hcd               61440  1 ohci_pci
drm                   618496  7 drm_kms_helper,drm_vram_helper,vboxvideo,drm_ttm_helper,ttm
ata_piix               36864  0
ehci_hcd               98304  1 ehci_pci
libata                290816  4 ata_piix,libahci,ahci,ata_generic
usbcore               323584  5 ohci_hcd,ehci_pci,usbhid,ehci_hcd,ohci_pci
scsi_mod              262144  4 sd_mod,libata,sg,sr_mod
crct10dif_pclmul       16384  1
crct10dif_common       16384  3 crct10dif_generic,crc_t10dif,crct10dif_pclmul
crc32_pclmul           16384  0
psmouse               184320  0
crc32c_intel           24576  3
e1000                 155648  0
i2c_piix4              28672  0
usb_common             16384  3 ohci_hcd,usbcore,ehci_hcd
battery                20480  0
video                  53248  0
button                 24576  0

root@fernandondin:~# ps afx
    PID TTY      STAT   TIME COMMAND
      2 ?        S      0:00 [kthreadd]
      3 ?        I<     0:00  \_ [rcu_gp]
      4 ?        I<     0:00  \_ [rcu_par_gp]
      6 ?        I<     0:00  \_ [kworker/0:0H-events_highpri]
      8 ?        I<     0:00  \_ [mm_percpu_wq]
      9 ?        S      0:00  \_ [rcu_tasks_rude_]
     10 ?        S      0:00  \_ [rcu_tasks_trace]
     11 ?        S      0:00  \_ [ksoftirqd/0]
     12 ?        I      0:01  \_ [rcu_sched]
     13 ?        S      0:00  \_ [migration/0]
     15 ?        S      0:00  \_ [cpuhp/0]
     17 ?        S      0:00  \_ [kdevtmpfs]
     18 ?        I<     0:00  \_ [netns]
     19 ?        S      0:00  \_ [kauditd]
     20 ?        S      0:00  \_ [khungtaskd]
     21 ?        S      0:00  \_ [oom_reaper]
     22 ?        I<     0:00  \_ [writeback]
     23 ?        S      0:01  \_ [kcompactd0]
     24 ?        SN     0:00  \_ [ksmd]
     25 ?        SN     0:00  \_ [khugepaged]
     43 ?        I<     0:00  \_ [kintegrityd]
     44 ?        I<     0:00  \_ [kblockd]
     45 ?        I<     0:00  \_ [blkcg_punt_bio]
     46 ?        I<     0:00  \_ [edac-poller]
     47 ?        I<     0:00  \_ [devfreq_wq]
     48 ?        I<     0:01  \_ [kworker/0:1H-kblockd]
     50 ?        S      0:03  \_ [kswapd0]
     51 ?        I<     0:00  \_ [kthrotld]
     52 ?        I<     0:00  \_ [acpi_thermal_pm]
     53 ?        I<     0:00  \_ [ipv6_addrconf]
     63 ?        I<     0:00  \_ [kstrp]
     66 ?        I<     0:00  \_ [zswap-shrink]
     67 ?        I<     0:00  \_ [kworker/u3:0]
    105 ?        I<     0:00  \_ [ata_sff]
    106 ?        S      0:00  \_ [scsi_eh_0]
    107 ?        I<     0:00  \_ [scsi_tmf_0]
    108 ?        S      0:00  \_ [scsi_eh_1]
    109 ?        I<     0:00  \_ [scsi_tmf_1]
    111 ?        S      0:00  \_ [scsi_eh_2]
    112 ?        I<     0:00  \_ [scsi_tmf_2]
    114 ?        I<     0:00  \_ [ttm_swap]
    155 ?        S      0:00  \_ [jbd2/sda1-8]
    156 ?        I<     0:00  \_ [ext4-rsv-conver]
    282 ?        I<     0:00  \_ [cryptd]
   3335 ?        I      0:02  \_ [kworker/u2:3-flush-8:0]
   5169 ?        I      0:00  \_ [kworker/u2:1-flush-8:0]
   5249 ?        I      0:01  \_ [kworker/0:1-mm_percpu_wq]
   5256 ?        I      0:00  \_ [kworker/0:0-ata_sff]
   5280 ?        I      0:00  \_ [kworker/u2:0-events_unbound]
   5286 ?        I      0:00  \_ [kworker/0:2-ata_sff]
      1 ?        Ss     0:07 /sbin/init
    193 ?        Ss     0:01 /lib/systemd/systemd-journald
    221 ?        Ss     0:00 /lib/systemd/systemd-udevd
    397 ?        Ssl    0:00 /usr/libexec/accounts-daemon
    405 ?        Ss     0:00 avahi-daemon: running [fernandondin.local]
    420 ?        S      0:00  \_ avahi-daemon: chroot helper
    406 ?        Ss     0:00 /usr/sbin/cron -f
    407 ?        Ss     0:04 /usr/bin/dbus-daemon --system --address=systemd: --
    408 ?        Ssl    0:01 /usr/sbin/NetworkManager --no-daemon
    410 ?        Ssl    0:05 /usr/libexec/polkitd --no-debug
    411 ?        Ssl    0:00 /usr/sbin/rsyslogd -n -iNONE
    412 ?        Ssl    0:00 /usr/libexec/switcheroo-control
    413 ?        Ss     0:00 /lib/systemd/systemd-logind
    414 ?        Ssl    0:00 /usr/libexec/udisks2/udisksd
    416 ?        Ss     0:00 /sbin/wpa_supplicant -u -s -O /run/wpa_supplicant
    457 ?        Ssl    0:00 /usr/sbin/ModemManager
    461 ?        Ssl    0:00 /usr/bin/python3 /usr/share/unattended-upgrades/una
    908 ?        Ssl    0:00 /usr/sbin/gdm3
   1300 ?        Sl     0:00  \_ gdm-session-worker [pam/gdm-password]
   1337 tty2     Ssl+   0:00      \_ /usr/libexec/gdm-wayland-session /usr/bin/g
   1343 tty2     Sl+    0:00          \_ /usr/libexec/gnome-session-binary --sys
    911 ?        Sl     0:01 /usr/sbin/VBoxService --pidfile /var/run/vboxadd-se
    956 ?        SNsl   0:00 /usr/libexec/rtkit-daemon
   1043 ?        Ssl    0:00 /usr/libexec/upowerd
   1107 ?        Ssl    0:19 /usr/libexec/packagekitd
   1231 ?        Ssl    0:00 /usr/libexec/colord
   1306 ?        Ss     0:00 /lib/systemd/systemd --user
   1307 ?        S      0:00  \_ (sd-pam)
   1326 ?        S<sl   0:00  \_ /usr/bin/pipewire
   1341 ?        S<l    0:00  |   \_ /usr/bin/pipewire-media-session
   1327 ?        S<sl   0:03  \_ /usr/bin/pulseaudio --daemonize=no --log-target
   1329 ?        SNsl   0:00  \_ /usr/libexec/tracker-miner-fs
   1338 ?        Ss     0:01  \_ /usr/bin/dbus-daemon --session --address=system
   1383 ?        Ssl    0:00  \_ /usr/libexec/gvfsd
   1388 ?        Sl     0:00  \_ /usr/libexec/gvfsd-fuse /run/user/1000/gvfs -f
   1395 ?        Ssl    0:00  \_ /usr/libexec/gvfs-udisks2-volume-monitor
   1413 ?        Ssl    0:00  \_ /usr/libexec/gvfs-gphoto2-volume-monitor
   1417 ?        Ssl    0:00  \_ /usr/libexec/gvfs-afc-volume-monitor
   1425 ?        Ssl    0:00  \_ /usr/libexec/gnome-session-ctl --monitor
   1426 ?        Ssl    0:00  \_ /usr/libexec/gvfs-mtp-volume-monitor
   1427 ?        Ss     0:00  \_ ssh-agent -D -a /run/user/1000/openssh_agent
   1432 ?        Ssl    0:00  \_ /usr/libexec/gnome-session-binary --systemd-ser
   1457 ?        Sl     0:00  |   \_ /usr/libexec/at-spi-bus-launcher --launch-i
   1464 ?        S      0:00  |   |   \_ /usr/bin/dbus-daemon --config-file=/usr
   1560 ?        Sl     0:10  |   \_ /usr/bin/gnome-software --gapplication-serv
   1570 ?        Sl     0:00  |   \_ /usr/libexec/gsd-disk-utility-notify
   1576 ?        Sl     0:01  |   \_ /usr/libexec/evolution-data-server/evolutio
   1440 ?        Ssl    0:00  \_ /usr/libexec/gvfs-goa-volume-monitor
   1445 ?        Sl     0:00  \_ /usr/libexec/goa-daemon
   1458 ?        Ssl    2:36  \_ /usr/bin/gnome-shell
   1491 ?        Sl     0:01  |   \_ /usr/bin/Xwayland :0 -rootless -noreset -ac
   1780 ?        Sl     0:10  |   \_ ibus-daemon --panel disable -r --xim
   1795 ?        Sl     0:00  |       \_ /usr/libexec/ibus-memconf
   1796 ?        Sl     0:03  |       \_ /usr/libexec/ibus-extension-gtk3
   1813 ?        Sl     0:03  |       \_ /usr/libexec/ibus-engine-simple
   1472 ?        Sl     0:00  \_ /usr/libexec/goa-identity-service
   1511 ?        Ssl    0:00  \_ /usr/libexec/xdg-permission-store
   1516 ?        Sl     0:00  \_ /usr/libexec/gnome-shell-calendar-server
   1522 ?        Ssl    0:00  \_ /usr/libexec/evolution-source-registry
   1527 ?        Sl     0:00  \_ /usr/libexec/dconf-service
   1534 ?        Ssl    0:00  \_ /usr/libexec/evolution-calendar-factory
   1538 ?        Sl     0:00  \_ /usr/bin/gjs /usr/share/gnome-shell/org.gnome.S
   1540 ?        Sl     0:00  \_ /usr/libexec/at-spi2-registryd --use-gnome-sess
   1547 ?        Ssl    0:00  \_ /usr/libexec/gsd-a11y-settings
   1548 ?        Ssl    0:00  \_ /usr/libexec/gsd-color
   1550 ?        Ssl    0:00  \_ /usr/libexec/gsd-datetime
   1553 ?        Ssl    0:00  \_ /usr/libexec/gsd-housekeeping
   1554 ?        Ssl    0:00  \_ /usr/libexec/gsd-keyboard
   1565 ?        Ssl    0:00  \_ /usr/libexec/gsd-media-keys
   1569 ?        Ssl    0:00  \_ /usr/libexec/gsd-power
   1573 ?        Ssl    0:00  \_ /usr/libexec/gsd-print-notifications
   1581 ?        Ssl    0:00  \_ /usr/libexec/gsd-rfkill
   1582 ?        Ssl    0:00  \_ /usr/libexec/gsd-screensaver-proxy
   1589 ?        Ssl    0:00  \_ /usr/libexec/gsd-sharing
   1590 ?        S      0:00  \_ /usr/bin/VBoxClient --clipboard
   1592 ?        Sl     0:00  |   \_ /usr/bin/VBoxClient --clipboard
   1597 ?        Ssl    0:00  \_ /usr/libexec/gsd-smartcard
   1601 ?        Ssl    0:00  \_ /usr/libexec/gsd-sound
   1608 ?        Ssl    0:00  \_ /usr/libexec/gsd-usb-protection
   1617 ?        Ssl    0:00  \_ /usr/libexec/gsd-wacom
   1645 ?        Sl     0:00  \_ /usr/libexec/gsd-printer
   1655 ?        S      0:00  \_ /usr/bin/VBoxClient --display
   1656 ?        S      0:00  |   \_ /usr/bin/VBoxClient --display
   1688 ?        S      0:00  \_ /usr/bin/VBoxClient --seamless
   1689 ?        Sl     0:00  |   \_ /usr/bin/VBoxClient --seamless
   1695 ?        S      0:00  \_ /usr/bin/VBoxClient --draganddrop
   1697 ?        Sl     0:15  |   \_ /usr/bin/VBoxClient --draganddrop
   1699 ?        Ssl    0:00  \_ /usr/libexec/evolution-addressbook-factory
   1785 ?        Ssl    0:00  \_ /usr/libexec/gsd-xsettings
   1799 ?        Sl     0:00  \_ /usr/libexec/ibus-x11 --kill-daemon
   1802 ?        Sl     0:00  \_ /usr/libexec/ibus-portal
   1859 ?        Ssl    0:00  \_ /usr/libexec/gvfsd-metadata
   2163 ?        Ssl    0:20  \_ /usr/libexec/gnome-terminal-server
   2174 pts/0    Ss     0:00  |   \_ bash
   2771 pts/0    S      0:00  |       \_ su -
   2772 pts/0    S      0:00  |           \_ -bash
   2790 pts/0    T      0:00  |               \_ visudo /etc/network/interfaces
   2800 pts/0    T      0:00  |               |   \_ /usr/bin/editor -- /etc/net
   4751 pts/0    S      0:00  |               \_ su -
   4752 pts/0    S      0:00  |                   \_ -bash
   5332 pts/0    R+     0:00  |                       \_ ps afx
   2684 pts/0    S      0:00  \_ dbus-launch --autolaunch=88e0f3b82dac4b658dd4b7
   2685 ?        Ss     0:00  \_ /usr/bin/dbus-daemon --syslog-only --fork --pri
   2689 ?        Sl     0:00  \_ /usr/libexec/at-spi-bus-launcher
   2694 ?        S      0:00  |   \_ /usr/bin/dbus-daemon --config-file=/usr/sha
   2696 ?        Sl     0:00  \_ /usr/libexec/xdg-desktop-portal
   2701 ?        Sl     0:00  \_ /usr/libexec/xdg-document-portal
   2710 ?        Ss     0:00  |   \_ fusermount -o rw,nosuid,nodev,fsname=portal
   2705 ?        Sl     0:00  \_ /usr/libexec/xdg-permission-store
   2716 ?        Sl     0:00  \_ /usr/libexec/xdg-desktop-portal-gtk
   2720 ?        Sl     0:00  \_ /usr/libexec/gvfsd
   2725 ?        Sl     0:00  \_ /usr/libexec/gvfsd-fuse /root/.cache/gvfs -f
   2733 ?        Sl     0:00  \_ /usr/libexec/at-spi2-registryd --use-gnome-sess
   2736 ?        Sl     0:00  \_ /usr/libexec/dconf-service
   2745 ?        Sl     0:00  \_ /usr/bin/gnome-keyring-daemon --start --foregro
   1333 ?        Sl     0:00 /usr/bin/gnome-keyring-daemon --daemonize --login
   1815 ?        Ssl    0:01 /usr/libexec/fwupd/fwupd
   2506 ?        Ss     0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 star

root@fernandondin:~# hostname -I
10.0.2.15 
root@fernandondin:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:56:05:b0 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 82740sec preferred_lft 82740sec
    inet6 fe80::a00:27ff:fe56:5b0/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
root@fernandondin:~# ip route show
default via 10.0.2.2 dev enp0s3 proto dhcp metric 100 
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 
169.254.0.0/16 dev enp0s3 scope link metric 1000 
root@fernandondin:~# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.2.3
root@fernandondin:~# netstat -ntulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2506/sshd: /usr/sbi 
tcp6       0      0 :::22                   :::*                    LISTEN      2506/sshd: /usr/sbi 
udp        0      0 0.0.0.0:60376           0.0.0.0:*                           405/avahi-daemon: r 
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           405/avahi-daemon: r 
udp6       0      0 :::52068                :::*                                405/avahi-daemon: r 
udp6       0      0 :::5353                 :::*                                405/avahi-daemon: r 
root@fernandondin:~# ping -c 4 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=63 time=5.093 ms
64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=5.820 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=5.662 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=5.343 ms
--- 1.1.1.1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 5.093/5.479/5.820/0.282 ms
root@fernandondin:~# dig example.com

; <<>> DiG 9.16.22-Debian <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33700
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com.           IN  A

;; ANSWER SECTION:
example.com.        20586   IN  A   93.184.216.34

;; Query time: 16 msec
;; SERVER: 10.0.2.3#53(10.0.2.3)
;; WHEN: Mon Feb 28 21:28:52 CST 2022
;; MSG SIZE  rcvd: 56


Privilegios de usuario normal#

fernandondin@fernandondin:~$ getent passwd ${USER}
fernandondin:x:1000:1000:Fernando Flores,,,:/home/fernandondin:/bin/bash
fernandondin@fernandondin:~$ id
uid=1000(fernandondin) gid=1000(fernandondin) groups=1000(fernandondin),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev),113(bluetooth),119(scanner)
fernandondin@fernandondin:~$ groups
fernandondin cdrom floppy sudo audio dip video plugdev netdev bluetooth scanner
fernandondin@fernandondin:~$ sudo -l
Matching Defaults entries for fernandondin on fernandondin:
    env_reset, mail_badpass,
    secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin

User fernandondin may run the following commands on fernandondin:
    (ALL : ALL) NOPASSWD: ALL
fernandondin@fernandondin:~$ sudo -i
root@fernandondin:~# 

Ubicación de las herramientas#

root@fernandondin:~# which wireshark tcpdump nmap netcat ngrep dsniff wget curl whois bind-utils net-tools iproute iptables iptables-services iputils traceroute ethtool
/usr/bin/wireshark
/usr/bin/tcpdump
/usr/bin/nmap
/usr/bin/netcat
/usr/bin/ngrep
/usr/sbin/dsniff
/usr/bin/wget
/usr/bin/curl
/usr/bin/whois
/usr/sbin/iptables
/usr/sbin/traceroute
/usr/sbin/ethtool

root@fernandondin:~# whereis wireshark tcpdump nmap netcat ngrep dsniff wget curl whois bind-utils net-tools iproute iptables iptables-services iputils traceroute ethtool
wireshark: /usr/bin/wireshark /usr/lib/x86_64-linux-gnu/wireshark /etc/wireshark /usr/share/wireshark /usr/share/man/man1/wireshark.1.gz
tcpdump: /usr/bin/tcpdump /usr/share/man/man8/tcpdump.8.gz
nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz
netcat: /usr/bin/netcat /usr/share/man/man1/netcat.1.gz
ngrep: /usr/bin/ngrep /usr/share/man/man8/ngrep.8.gz
dsniff: /usr/sbin/dsniff /usr/share/dsniff /usr/share/man/man8/dsniff.8.gz
wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz
curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz
whois: /usr/bin/whois /usr/share/man/man1/whois.1.gz
bind-utils:
net-tools:
iproute:
iptables: /usr/sbin/iptables /etc/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz
iptables-services:
iputils:
traceroute: /usr/bin/traceroute.db /usr/bin/traceroute6.db /usr/bin/traceroute /usr/sbin/traceroute /usr/share/man/man1/traceroute.1.gz
ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz