CentOS Stream 8#

Informacion del sistema
  • uname -a Linux centos-8.local 4.18.0-365.el8.x86_64 #1 SMP Thu Feb 10 16:11:23 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

  • cat /etc/os-release NAME="CentOS Stream" VERSION="8" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="8" PLATFORM_ID="platform:el8" PRETTY_NAME="CentOS Stream 8" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:8" HOME_URL="https://centos.org/" BUG_REPORT_URL="https://bugzilla.redhat.com/" REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 8" REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"

  • cat /etc/redhat-release CentOS Stream release 8

  • lsmod Module Size Used by vboxsf 90112 1 vboxguest 385024 2 vboxsf vboxvideo 32768 0 drm_vram_helper 20480 1 vboxvideo drm_ttm_helper 16384 2 drm_vram_helper,vboxvideo nls_utf8 16384 1 isofs 49152 1 cfg80211 851968 0 rfkill 28672 4 cfg80211 uinput 20480 0 xt_CHECKSUM 16384 1 ipt_MASQUERADE 16384 3 xt_conntrack 16384 1 ipt_REJECT 16384 2 nft_compat 20480 16 nf_nat_tftp 16384 0 nft_objref 16384 1 nf_conntrack_tftp 16384 3 nf_nat_tftp nft_counter 16384 33 bridge 278528 0 stp 16384 1 bridge llc 16384 2 bridge,stp nft_fib_inet 16384 1 nft_fib_ipv4 16384 1 nft_fib_inet nft_fib_ipv6 16384 1 nft_fib_inet nft_fib 16384 3 nft_fib_ipv6,nft_fib_ipv4,nft_fib_inet nft_reject_inet 16384 5 nf_reject_ipv4 16384 2 nft_reject_inet,ipt_REJECT nf_reject_ipv6 16384 1 nft_reject_inet nft_reject 16384 1 nft_reject_inet nft_ct 20480 18 nf_tables_set 49152 20 nft_chain_nat 16384 12 nf_nat 45056 3 ipt_MASQUERADE,nf_nat_tftp,nft_chain_nat nf_conntrack 172032 6 xt_conntrack,nf_nat,nf_conntrack_tftp,nft_ct,ipt_MASQUERADE,nf_nat_tftp nf_defrag_ipv6 20480 1 nf_conntrack nf_defrag_ipv4 16384 1 nf_conntrack ip_set 49152 0 nf_tables 180224 456 nft_ct,nft_compat,nft_reject_inet,nft_fib_ipv6,nft_objref,nft_fib_ipv4,nft_counter,nft_chain_nat,nf_tables_set,nft_reject,nft_fib,nft_fib_inet nfnetlink 16384 4 nft_compat,nf_tables,ip_set sunrpc 565248 1 intel_rapl_msr 16384 0 intel_rapl_common 24576 1 intel_rapl_msr snd_intel8x0 45056 3 intel_pmc_core_pltdrv 16384 0 intel_pmc_core 49152 0 intel_powerclamp 16384 0 snd_ac97_codec 143360 1 snd_intel8x0 crct10dif_pclmul 16384 1 ac97_bus 16384 1 snd_ac97_codec crc32_pclmul 16384 0 snd_seq 81920 0 snd_seq_device 16384 1 snd_seq snd_pcm 118784 2 snd_intel8x0,snd_ac97_codec ghash_clmulni_intel 16384 0 rapl 20480 0 snd_timer 36864 2 snd_seq,snd_pcm snd 98304 12 snd_seq,snd_seq_device,snd_intel8x0,snd_timer,snd_ac97_codec,snd_pcm pcspkr 16384 0 i2c_piix4 24576 0 soundcore 16384 1 snd video 49152 0 xfs 1552384 2 libcrc32c 16384 4 nf_conntrack,nf_nat,nf_tables,xfs sr_mod 28672 1 sd_mod 53248 3 t10_pi 16384 1 sd_mod cdrom 65536 2 isofs,sr_mod sg 40960 0 ata_generic 16384 0 vmwgfx 372736 2 ttm 73728 3 vmwgfx,drm_vram_helper,drm_ttm_helper drm_kms_helper 266240 3 vmwgfx,drm_vram_helper,vboxvideo syscopyarea 16384 1 drm_kms_helper sysfillrect 16384 1 drm_kms_helper sysimgblt 16384 1 drm_kms_helper fb_sys_fops 16384 1 drm_kms_helper ahci 40960 2 libahci 40960 1 ahci drm 585728 8 vmwgfx,drm_kms_helper,drm_vram_helper,vboxvideo,drm_ttm_helper,ttm crc32c_intel 24576 1 ata_piix 36864 1 serio_raw 16384 0 libata 262144 4 ata_piix,libahci,ahci,ata_generic e1000 151552 0 dm_mirror 28672 0 dm_region_hash 20480 1 dm_mirror dm_log 20480 2 dm_region_hash,dm_mirror dm_mod 151552 9 dm_log,dm_mirror ipmi_devintf 20480 0 ipmi_msghandler 110592 1 ipmi_devintf fuse 155648 3

  • ps afx PID TTY STAT TIME COMMAND 2 ? S 0:00 [kthreadd] 3 ? I< 0:00 _ [rcu_gp] 4 ? I< 0:00 _ [rcu_par_gp] 6 ? I< 0:00 _ [kworker/0:0H-events_highpri] 9 ? I< 0:00 _ [mm_percpu_wq] 10 ? S 0:00 _ [rcu_tasks_rude_] 11 ? S 0:00 _ [rcu_tasks_trace] 12 ? S 0:00 _ [ksoftirqd/0] 13 ? R 0:00 _ [rcu_sched] 14 ? S 0:00 _ [migration/0] 15 ? S 0:00 _ [watchdog/0] 16 ? S 0:00 _ [cpuhp/0] 18 ? S 0:00 _ [kdevtmpfs] 19 ? I< 0:00 _ [netns] 20 ? S 0:00 _ [kauditd] 21 ? S 0:00 _ [khungtaskd] 22 ? S 0:00 _ [oom_reaper] 23 ? I< 0:00 _ [writeback] 24 ? S 0:00 _ [kcompactd0] 25 ? SN 0:00 _ [ksmd] 26 ? SN 0:00 _ [khugepaged] 27 ? I< 0:00 _ [crypto] 28 ? I< 0:00 _ [kintegrityd] 29 ? I< 0:00 _ [kblockd] 30 ? I< 0:00 _ [blkcg_punt_bio] 31 ? I< 0:00 _ [tpm_dev_wq] 32 ? I< 0:00 _ [md] 33 ? I< 0:00 _ [edac-poller] 34 ? S 0:00 _ [watchdogd] 35 ? I< 0:00 _ [kworker/0:1H-kblockd] 59 ? S 0:01 _ [kswapd0] 161 ? I< 0:00 _ [kthrotld] 162 ? I< 0:00 _ [acpi_thermal_pm] 163 ? I< 0:00 _ [kmpath_rdacd] 164 ? I< 0:00 _ [kaluad] 165 ? I< 0:00 _ [ipv6_addrconf] 167 ? I< 0:00 _ [kstrp] 448 ? I< 0:00 _ [ata_sff] 451 ? S 0:00 _ [scsi_eh_0] 454 ? I< 0:00 _ [scsi_tmf_0] 456 ? S 0:00 _ [scsi_eh_1] 458 ? I< 0:00 _ [scsi_tmf_1] 463 ? S 0:00 _ [scsi_eh_2] 464 ? I< 0:00 _ [scsi_tmf_2] 468 ? I< 0:00 _ [ttm_swap] 469 ? S 0:00 _ [irq/18-vmwgfx] 470 ? S 0:00 _ [card0-crtc0] 471 ? S 0:00 _ [card0-crtc1] 472 ? S 0:00 _ [card0-crtc2] 473 ? S 0:00 _ [card0-crtc3] 474 ? S 0:00 _ [card0-crtc4] 475 ? S 0:00 _ [card0-crtc5] 476 ? S 0:00 _ [card0-crtc6] 477 ? S 0:00 _ [card0-crtc7] 552 ? I< 0:00 _ [kdmflush/253:0] 561 ? I< 0:00 _ [kdmflush/253:1] 586 ? I< 0:00 _ [xfsalloc] 587 ? I< 0:00 _ [xfs_mru_cache] 588 ? I< 0:00 _ [xfs-buf/dm-0] 589 ? I< 0:00 _ [xfs-conv/dm-0] 590 ? I< 0:00 _ [xfs-cil/dm-0] 591 ? I< 0:00 _ [xfs-reclaim/dm-] 592 ? I< 0:00 _ [xfs-eofblocks/d] 593 ? I< 0:00 _ [xfs-log/dm-0] 594 ? S 0:00 _ [xfsaild/dm-0] 801 ? I< 0:00 _ [xfs-buf/sda1] 802 ? I< 0:00 _ [xfs-conv/sda1] 803 ? I< 0:00 _ [xfs-cil/sda1] 804 ? I< 0:00 _ [xfs-reclaim/sda] 805 ? I< 0:00 _ [xfs-eofblocks/s] 806 ? I< 0:00 _ [xfs-log/sda1] 807 ? S 0:00 _ [xfsaild/sda1] 846 ? I< 0:00 _ [rpciod] 848 ? I< 0:00 _ [kworker/u3:0] 849 ? I< 0:00 _ [xprtiod] 32639 ? I< 0:00 _ [cfg80211] 33796 ? I 0:00 _ [kworker/u2:0-events_unbound] 35398 ? I 0:00 _ [kworker/u2:3-events_unbound] 70178 ? I< 0:00 _ [iprt-VBoxWQueue] 71230 ? I 0:00 _ [kworker/0:2-ata_sff] 71271 ? I 0:00 _ [kworker/0:0-ata_sff] 71389 ? I 0:00 _ [kworker/0:1-events_power_eff 71439 ? I 0:00 _ [kworker/u2:1-events_unbound] 1 ? Ss 0:02 /usr/lib/systemd/systemd --switch 692 ? Ss 0:00 /usr/lib/systemd/systemd-journald 729 ? Ss 0:00 /usr/lib/systemd/systemd-udevd 830 ? Ss 0:00 /usr/bin/rpcbind -w -f 833 ? S<sl 0:00 /sbin/auditd 835 ? S< 0:00 _ /usr/sbin/sedispatch 863 ? Ss 0:00 /usr/sbin/sssd -i --logger=files 895 ? S 0:00 _ /usr/libexec/sssd/sssd_be --d 902 ? S 0:00 _ /usr/libexec/sssd/sssd_nss -- 864 ? Ss 0:00 /usr/bin/lsmd -d 865 ? Ss 0:00 /usr/sbin/smartd -n -q never 868 ? SNs 0:00 /usr/sbin/alsactl -s -n 19 -c -E 871 ? Ss 0:00 /usr/sbin/mcelog --ignorenodev -- 872 ? SNsl 0:00 /usr/libexec/rtkit-daemon 873 ? Ssl 0:02 /usr/bin/dbus-daemon --system --a 874 ? Ss 0:00 avahi-daemon: running [centos-8.l 893 ? S 0:00 _ avahi-daemon: chroot helper 875 ? Ssl 0:05 /usr/lib/polkit-1/polkitd --no-de 876 ? Ssl 0:00 /usr/libexec/udisks2/udisksd 877 ? Ss 0:00 /usr/lib/systemd/systemd-machined 880 ? S 0:00 /usr/sbin/chronyd 887 ? S 0:00 /bin/bash /usr/sbin/ksmtuned 71560 ? S 0:00 _ sleep 60 905 ? Ssl 0:00 /usr/sbin/ModemManager 906 ? Ssl 0:00 /usr/libexec/platform-python -s / 931 ? Ss 0:00 /usr/lib/systemd/systemd-logind 932 ? Ssl 0:00 /usr/libexec/accounts-daemon 990 ? Ssl 0:00 /usr/sbin/NetworkManager --no-dae 999 ? Ss 0:00 /usr/sbin/cupsd -l 1003 ? Ss 0:00 /usr/sbin/sshd -D -oCiphers=aes25 1004 ? Ssl 0:30 /usr/libexec/platform-python -Es 1007 ? Ssl 0:00 /usr/sbin/gssproxy -D 1229 ? Ssl 0:00 /usr/sbin/rsyslogd -n 1237 ? Ss 0:00 /usr/sbin/atd -f 1239 ? Ss 0:00 /usr/sbin/crond -n 1241 ? Ssl 0:00 /usr/sbin/gdm 2074 ? Sl 0:00 _ gdm-session-worker [pam/gdm-p 2120 tty2 Ssl+ 0:00 _ /usr/libexec/gdm-wayland- 2127 tty2 Sl+ 0:00 _ /usr/libexec/gnome-se 2180 tty2 Sl+ 0:56 _ /usr/bin/gnome-sh 2207 tty2 S+ 0:00 | _ /usr/bin/Xway 2229 tty2 Sl 0:02 | _ ibus-daemon - 2233 tty2 Sl 0:00 | _ /usr/libe 2235 tty2 Sl 0:00 | _ /usr/libe 2362 tty2 Sl 0:00 | _ /usr/libe 2316 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2317 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2322 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2331 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2338 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2343 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2347 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2351 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2353 tty2 Sl+ 0:01 _ /usr/libexec/gsd- 2359 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2382 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2387 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2390 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2392 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2398 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2407 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2414 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2419 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2475 tty2 Sl+ 0:00 _ /usr/libexec/gsd- 2504 tty2 SNl+ 0:00 _ /usr/libexec/trac 2506 tty2 SNl+ 0:00 _ /usr/libexec/trac 2519 tty2 Sl+ 0:00 _ /usr/bin/gnome-so 1605 ? S 0:00 /usr/sbin/dnsmasq --conf-file=/va 1607 ? S 0:00 _ /usr/sbin/dnsmasq --conf-file 1884 ? Ssl 0:00 /usr/libexec/upowerd 1889 ? Ssl 0:00 /usr/libexec/geoclue 1898 ? Ss 0:00 /usr/sbin/wpa_supplicant -c /etc/ 1900 ? Ssl 0:03 /usr/libexec/packagekitd 1989 ? Ssl 0:00 /usr/libexec/colord 2090 ? Ss 0:00 /usr/lib/systemd/systemd --user 2094 ? S 0:00 _ (sd-pam) 2109 ? S<sl 0:00 _ /usr/bin/pulseaudio --daemoni 2124 ? Ssl 0:00 _ /usr/bin/dbus-daemon --sessio 2195 ? Ssl 0:00 _ /usr/libexec/gvfsd 71450 ? Sl 0:00 | _ /usr/libexec/gvfsd-trash 71463 ? Sl 0:00 | _ /usr/libexec/gvfsd-networ 71478 ? Sl 0:00 | _ /usr/libexec/gvfsd-dnssd 2206 ? Sl 0:00 _ /usr/libexec/gvfsd-fuse /run/ 2216 ? Ssl 0:00 _ /usr/libexec/at-spi-bus-launc 2221 ? Sl 0:00 | _ /usr/bin/dbus-daemon --co 2226 ? Sl 0:00 _ /usr/libexec/at-spi2-registry 2234 ? Ssl 0:00 _ /usr/libexec/xdg-permission-s 2248 ? Sl 0:00 _ /usr/libexec/ibus-portal 2254 ? Sl 0:00 _ /usr/libexec/gnome-shell-cale 2264 ? Ssl 0:00 _ /usr/libexec/evolution-source 2272 ? Ssl 0:00 _ /usr/libexec/gvfs-udisks2-vol 2277 ? Sl 0:00 _ /usr/libexec/goa-daemon 2284 ? Ssl 0:00 _ /usr/libexec/gvfs-mtp-volume- 2290 ? Ssl 0:00 _ /usr/libexec/gvfs-gphoto2-vol 2294 ? Ssl 0:00 _ /usr/libexec/gvfs-afc-volume- 2299 ? Ssl 0:00 _ /usr/libexec/gvfs-goa-volume- 2309 ? Sl 0:00 _ /usr/libexec/goa-identity-ser 2341 ? Ssl 0:00 _ /usr/libexec/evolution-calend 2384 ? Sl 0:00 | _ /usr/libexec/evolution-ca 2424 ? Sl 0:00 _ /usr/libexec/dconf-service 2425 ? Ssl 0:00 _ /usr/libexec/evolution-addres 2501 ? Sl 0:00 | _ /usr/libexec/evolution-ad 2528 ? Ssl 0:00 _ /usr/libexec/tracker-store 2712 ? Ssl 0:04 _ /usr/libexec/gnome-terminal-s 2717 pts/0 Ss 0:00 | _ bash 71562 pts/0 R+ 0:00 | _ ps afx 71434 ? Sl 0:03 _ /usr/bin/gedit --gapplication 2114 ? Sl 0:00 /usr/bin/gnome-keyring-daemon --d 2243 tty2 Sl 0:00 /usr/libexec/ibus-x11 --kill-daem 2319 ? Ss 0:05 /usr/libexec/sssd/sssd_kcm --uid 2468 tty2 Sl+ 0:00 /usr/libexec/gsd-printer 2641 ? Ssl 0:00 /usr/libexec/fwupd/fwupd 70412 ? Sl 0:03 /usr/sbin/VBoxService --pidfile /

  • hostname -I 10.0.2.15 192.168.122.1

  • ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 08:00:27:61:d1:52 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3 valid_lft 79181sec preferred_lft 79181sec inet6 fe80::a00:27ff:fe61:d152/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: enp0s8: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 08:00:27:53:3b:cc brd ff:ff:ff:ff:ff:ff 4: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:86:71:77 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever

  • ip route show default via 10.0.2.2 dev enp0s3 proto dhcp metric 100 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

  • cat /etc/resolv.conf

Generated by NetworkManager#

search local nameserver 192.168.100.1

  • netstat -ntulp (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 0.0.0.0:111 0.0.0.0: LISTEN -
    tcp 0 0 192.168.122.1:53 0.0.0.0:
    LISTEN -
    tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN -
    tcp 0 0 127.0.0.1:631 0.0.0.0:
    LISTEN -
    tcp6 0 0 :::111 ::: LISTEN -
    tcp6 0 0 :::22 :::
    LISTEN -
    tcp6 0 0 ::1:631 ::: LISTEN -
    udp 0 0 0.0.0.0:35622 0.0.0.0:
    -
    udp 0 0 192.168.122.1:53 0.0.0.0: -
    udp 0 0 0.0.0.0:67 0.0.0.0:
    -
    udp 0 0 0.0.0.0:111 0.0.0.0: -
    udp 0 0 0.0.0.0:5353 0.0.0.0:
    -
    udp 0 0 127.0.0.1:323 0.0.0.0: -
    udp6 0 0 :::35331 :::
    -
    udp6 0 0 :::111 ::: -
    udp6 0 0 :::5353 :::
    -
    udp6 0 0 ::1:323 :::* -

  • ping -c 4 1.1.1.1 PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=13.9 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=10.0 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=6.54 ms 64 bytes from 1.1.1.1: icmp_seq=4 ttl=63 time=12.9 ms

--- 1.1.1.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3010ms rtt min/avg/max/mdev = 6.543/10.848/13.940/2.874 ms

  • dig example.com.

; <<>> DiG 9.11.36-RedHat-9.11.36-2.el8 <<>> example.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15152 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;example.com. IN A

;; ANSWER SECTION: example.com. 73187 IN A 93.184.216.34

;; Query time: 13 msec ;; SERVER: 192.168.100.1#53(192.168.100.1) ;; WHEN: Mon Feb 28 01:33:57 CST 2022 ;; MSG SIZE rcvd: 56

dm_mod 151552 9 dm_log,dm_mirror ipmi_devintf 20480 0 ipmi_msghandler 110592 1 ipmi_devintf fuse 155648 3

Privilegios de usuario normal#

  • getent passwd ${USER} jess-monter:x:1000:1000:jess-monter:/home/jess-monter:/bin/bash

  • id uid=1000(jes-smonter) gid=1000(jess-monter) groups=1000(jess-monter),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev),112(bluetooth),120(wireshark)

  • groups jess-monter cdrom floppy sudo audio dip video plugdev netdev bluetooth wireshark

  • sudo -l Matching Defaults entries for jessmonter on debian-clases: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin

User jessmonter may run the following commands on debian-clases: (ALL : ALL) NOPASSW

  • sudo -i [root@centos-8 ~]#

Herramientas instaladas#

  • which wireshark tcpdump nmap netcat-openbsd ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool /usr/bin/wireshark /usr/sbin/tcpdump /usr/bin/nmap /usr/bin/which: no netcat-openbsd in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/sbin/ngrep /usr/sbin/dsniff /usr/bin/wget /usr/bin/curl /usr/bin/whois /usr/bin/which: no dnsutils in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/bin/which: no net-tools in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/bin/which: no iproute2 in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/sbin/iptables /usr/bin/which: no iptables-persistent in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/bin/which: no tsocks in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/bin/which: no inetutils-ping in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/bin/which: no inetutils-traceroute in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/bin/which: no inetutils-tools in (/home/jess-monter/.local/bin:/home/jess-monter/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin) /usr/sbin/ethtool

  • whereis wireshark tcpdump nmap netcat-openbsd ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool wireshark: /usr/bin/wireshark /usr/lib64/wireshark /usr/share/wireshark /usr/share/man/man1/wireshark.1.gz tcpdump: /usr/sbin/tcpdump /usr/share/man/man8/tcpdump.8.gz nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz netcat-openbsd: ngrep: /usr/sbin/ngrep /usr/share/man/man8/ngrep.8.gz dsniff: /usr/sbin/dsniff /etc/dsniff /usr/share/man/man8/dsniff.8.gz wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz whois: /usr/bin/whois.md /usr/bin/whois /etc/whois.conf /usr/share/man/man1/whois.1.gz dnsutils: net-tools: iproute2: /etc/iproute2 iptables: /usr/sbin/iptables /usr/libexec/iptables /usr/share/man/man8/iptables.8.gz iptables-persistent: tsocks: inetutils-ping: inetutils-traceroute: inetutils-tools: ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz

Debian 11#

Informacion del sistema
  • uname -a Linux debian-clases 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64 GNU/Linux

  • cat /etc/os-release PRETTY_NAME="Debian GNU/Linux 11 (bullseye)" NAME="Debian GNU/Linux" VERSION_ID="11" VERSION="11 (bullseye)" VERSION_CODENAME=bullseye ID=debian HOME_URL="https://www.debian.org/" SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/"

  • cat /etc/debian_version 11.2

  • lsmod Module Size Used by vboxsf 90112 1 isofs 49152 1 vboxvideo 49152 0 rfkill 28672 2 intel_rapl_msr 20480 0 intel_rapl_common 28672 1 intel_rapl_msr intel_pmc_core_pltdrv 16384 0 intel_pmc_core 45056 0 intel_powerclamp 20480 0 ghash_clmulni_intel 16384 0 snd_intel8x0 49152 2 aesni_intel 368640 0 snd_ac97_codec 180224 1 snd_intel8x0 libaes 16384 1 aesni_intel crypto_simd 16384 1 aesni_intel ac97_bus 16384 1 snd_ac97_codec cryptd 24576 2 crypto_simd,ghash_clmulni_intel glue_helper 16384 1 aesni_intel rapl 20480 0 snd_pcm 135168 2 snd_intel8x0,snd_ac97_codec joydev 28672 0 snd_timer 49152 1 snd_pcm pcspkr 16384 0 snd 110592 8 snd_intel8x0,snd_timer,snd_ac97_codec,snd_pcm serio_raw 20480 0 vboxguest 413696 6 vboxsf soundcore 16384 1 snd sg 36864 0 ac 16384 0 evdev 28672 10 nfnetlink 16384 0 fuse 167936 3 configfs 57344 1 ip_tables 32768 0 x_tables 53248 1 ip_tables autofs4 53248 2 ext4 921600 1 crc16 16384 1 ext4 mbcache 16384 1 ext4 jbd2 151552 1 ext4 crc32c_generic 16384 0 hid_generic 16384 0 usbhid 65536 0 hid 147456 2 usbhid,hid_generic sd_mod 61440 3 t10_pi 16384 1 sd_mod crc_t10dif 20480 1 t10_pi sr_mod 28672 1 cdrom 73728 2 isofs,sr_mod crct10dif_generic 16384 0 ata_generic 16384 0 vmwgfx 376832 2 ata_piix 36864 1 ahci 40960 2 libahci 45056 1 ahci ttm 114688 2 vmwgfx,vboxvideo drm_kms_helper 278528 2 vmwgfx,vboxvideo ohci_pci 20480 0 ehci_pci 20480 0 ohci_hcd 61440 1 ohci_pci ehci_hcd 98304 1 ehci_pci crct10dif_pclmul 16384 1 crct10dif_common 16384 3 crct10dif_generic,crc_t10dif,crct10dif_pclmul cec 61440 1 drm_kms_helper libata 290816 4 ata_piix,libahci,ahci,ata_generic crc32_pclmul 16384 0 psmouse 184320 0 crc32c_intel 24576 2 i2c_piix4 28672 0 usbcore 323584 5 ohci_hcd,ehci_pci,usbhid,ehci_hcd,ohci_pci usb_common 16384 3 ohci_hcd,usbcore,ehci_hcd scsi_mod 262144 4 sd_mod,libata,sg,sr_mod e1000 155648 0 drm 618496 6 vmwgfx,drm_kms_helper,vboxvideo,ttm battery 20480 0 video 53248 0 button 24576 0

  • ps afx PID TTY STAT TIME COMMAND 2 ? S 0:00 [kthreadd] 3 ? I< 0:00 _ [rcu_gp] 4 ? I< 0:00 _ [rcu_par_gp] 5 ? I 0:00 _ [kworker/0:0-events] 6 ? I< 0:00 _ [kworker/0:0H-events_highpri] 7 ? I 0:00 _ [kworker/0:1-cgroup_destroy] 8 ? I 0:00 _ [kworker/u2:0-flush-8:0] 9 ? I< 0:00 _ [mm_percpu_wq] 10 ? S 0:00 _ [rcu_tasks_rude_] 11 ? S 0:00 _ [rcu_tasks_trace] 12 ? S 0:00 _ [ksoftirqd/0] 13 ? I 0:00 _ [rcu_sched] 14 ? S 0:00 _ [migration/0] 15 ? S 0:00 _ [cpuhp/0] 17 ? S 0:00 _ [kdevtmpfs] 18 ? I< 0:00 _ [netns] 19 ? S 0:00 _ [kauditd] 20 ? S 0:00 _ [khungtaskd] 21 ? S 0:00 _ [oom_reaper] 22 ? I< 0:00 _ [writeback] 23 ? S 0:00 _ [kcompactd0] 24 ? SN 0:00 _ [ksmd] 25 ? SN 0:00 _ [khugepaged] 43 ? I< 0:00 _ [kintegrityd] 44 ? I< 0:00 _ [kblockd] 45 ? I< 0:00 _ [blkcg_punt_bio] 46 ? I< 0:00 _ [edac-poller] 47 ? I< 0:00 _ [devfreq_wq] 48 ? I< 0:00 _ [kworker/0:1H-kblockd] 49 ? S 0:00 _ [kswapd0] 50 ? I< 0:00 _ [kthrotld] 51 ? I< 0:00 _ [acpi_thermal_pm] 52 ? I< 0:00 _ [ipv6_addrconf] 62 ? I< 0:00 _ [kstrp] 65 ? I< 0:00 _ [zswap-shrink] 66 ? I< 0:00 _ [kworker/u3:0] 106 ? I 0:00 _ [kworker/0:2-events] 109 ? I< 0:00 _ [ata_sff] 110 ? S 0:00 _ [scsi_eh_0] 111 ? S 0:00 _ [scsi_eh_1] 112 ? I< 0:00 _ [scsi_tmf_0] 113 ? I< 0:00 _ [scsi_tmf_1] 114 ? S 0:00 _ [scsi_eh_2] 115 ? I< 0:00 _ [scsi_tmf_2] 116 ? I 0:00 _ [kworker/u2:2-flush-8:0] 117 ? I 0:00 _ [kworker/u2:3-events_unbound] 118 ? S 0:00 _ [irq/18-vmwgfx] 119 ? I< 0:00 _ [ttm_swap] 120 ? S 0:00 _ [card0-crtc0] 121 ? S 0:00 _ [card0-crtc1] 122 ? S 0:00 _ [card0-crtc2] 123 ? I 0:00 _ [kworker/0:3-events] 124 ? S 0:00 _ [card0-crtc3] 125 ? S 0:00 _ [card0-crtc4] 126 ? S 0:00 _ [card0-crtc5] 127 ? S 0:00 _ [card0-crtc6] 128 ? S 0:00 _ [card0-crtc7] 170 ? S 0:00 _ [jbd2/sda1-8] 171 ? I< 0:00 _ [ext4-rsv-conver] 289 ? I< 0:00 _ [iprt-VBoxWQueue] 302 ? I< 0:00 _ [cryptd] 1174 ? I 0:00 _ [kworker/0:4-ata_sff] 1 ? Ss 0:00 /sbin/init 209 ? Ss 0:00 /lib/systemd/systemd-journald 233 ? Ss 0:00 /lib/systemd/systemd-udevd 413 ? Ssl 0:00 /usr/libexec/accounts-daemon 415 ? Ss 0:00 avahi-daemon: running [debian-clases.local] 433 ? S 0:00 _ avahi-daemon: chroot helper 416 ? Ss 0:00 /usr/sbin/cron -f 417 ? Ss 0:00 /usr/bin/dbus-daemon --system --address=systemd: 418 ? Ssl 0:00 /usr/sbin/NetworkManager --no-daemon 420 ? Ssl 0:00 /usr/libexec/polkitd --no-debug 421 ? Ssl 0:00 /usr/sbin/rsyslogd -n -iNONE 424 ? Ss 0:00 /lib/systemd/systemd-logind 427 ? Ssl 0:00 /usr/libexec/udisks2/udisksd 429 ? Ss 0:00 /sbin/wpa_supplicant -u -s -O /run/wpa_supplicant 440 ? Ssl 0:00 /usr/sbin/ModemManager 523 ? Ssl 0:00 /sbin/dhclient -4 -v -i -pf /run/dhclient.enp0s8. 647 ? Sl 0:00 /usr/sbin/VBoxService --pidfile /var/run/vboxadd- 703 ? SLsl 0:00 /usr/sbin/lightdm 714 tty7 Ssl+ 0:05 _ /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/ 798 ? Sl 0:00 _ lightdm --session-child 12 21 834 ? Ssl 0:00 _ x-session-manager 910 ? Ss 0:00 _ /usr/bin/ssh-agent x-session-manager 942 ? Sl 0:00 _ /usr/bin/mate-settings-daemon 952 ? Sl 0:00 _ marco 963 ? Sl 0:00 _ mate-panel 1184 ? Sl 0:00 | _ mate-terminal 1192 pts/0 Ss 0:00 | | _ bash 1548 pts/0 R+ 0:00 | | _ ps afx 1196 ? Sl 0:21 | _ /usr/lib/firefox-esr/firefox-esr 1278 ? Sl 0:00 | _ /usr/lib/firefox-esr/firefox- 1292 ? Sl 0:00 | _ /usr/lib/firefox-esr/firefox- 1377 ? Sl 0:05 | _ /usr/lib/firefox-esr/firefox- 1513 ? Sl 0:00 | _ /usr/lib/firefox-esr/firefox- 991 ? Sl 0:00 _ /usr/bin/caja 1002 ? Sl 0:00 _ mate-screensaver 1018 ? Sl 0:00 _ mate-volume-control-status-icon 1019 ? Sl 0:00 _ mate-power-manager 1022 ? Sl 0:00 _ /usr/lib/x86_64-linux-gnu/polkit-mate 1030 ? Sl 0:00 _ nm-applet 709 ? Ss 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 st 713 tty1 Ss+ 0:00 /sbin/agetty -o -p -- \u --noclear tty1 linux 757 ? SNsl 0:00 /usr/libexec/rtkit-daemon 803 ? Ss 0:00 /lib/systemd/systemd --user 804 ? S 0:00 _ (sd-pam) 823 ? S<sl 0:00 _ /usr/bin/pipewire 830 ? S<l 0:00 | _ /usr/bin/pipewire-media-session 824 ? S<sl 0:00 _ /usr/bin/pulseaudio --daemonize=no --log-targ 827 ? Ss 0:00 _ /usr/bin/dbus-daemon --session --address=syst 917 ? Ssl 0:00 _ /usr/libexec/at-spi-bus-launcher 922 ? S 0:00 | _ /usr/bin/dbus-daemon --config-file=/usr/s 938 ? Sl 0:00 _ /usr/libexec/dconf-service 945 ? Sl 0:00 _ /usr/libexec/at-spi2-registryd --use-gnome-se 953 ? Ssl 0:00 _ /usr/libexec/gvfsd 1132 ? Sl 0:00 | _ /usr/libexec/gvfsd-trash --spawner :1.17 976 ? Ssl 0:00 _ /usr/libexec/gvfs-udisks2-volume-monitor 981 ? Ssl 0:00 _ /usr/libexec/gvfs-gphoto2-volume-monitor 985 ? Ssl 0:00 _ /usr/libexec/gvfs-mtp-volume-monitor 989 ? Ssl 0:00 _ /usr/libexec/gvfs-goa-volume-monitor 994 ? Ssl 0:00 _ /usr/libexec/gvfs-afc-volume-monitor 1008 ? Sl 0:00 _ /usr/lib/mate-panel/wnck-applet 1009 ? Sl 0:00 _ /usr/lib/mate-panel/clock-applet 1010 ? Sl 0:00 _ /usr/lib/mate-panel/notification-area-applet 1040 ? Ssl 0:00 _ /usr/libexec/xdg-desktop-portal 1057 ? Ssl 0:00 _ /usr/libexec/xdg-document-portal 1081 ? Ss 0:00 | _ fusermount -o rw,nosuid,nodev,fsname=port 1067 ? Ssl 0:00 _ /usr/libexec/xdg-permission-store 1088 ? Ssl 0:00 _ /usr/libexec/xdg-desktop-portal-gtk 829 ? Sl 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login 885 ? S 0:00 /usr/bin/VBoxClient --clipboard 887 ? Sl 0:00 _ /usr/bin/VBoxClient --clipboard 896 ? S 0:00 /usr/bin/VBoxClient --seamless 897 ? Sl 0:00 _ /usr/bin/VBoxClient --seamless 904 ? S 0:00 /usr/bin/VBoxClient --draganddrop 906 ? Sl 0:00 _ /usr/bin/VBoxClient --draganddrop 908 ? S 0:00 /usr/bin/VBoxClient --vmsvga 912 ? Sl 0:00 _ /usr/bin/VBoxClient --vmsvga 1094 ? Ssl 0:00 /usr/libexec/upowerd

  • hostname -I 10.0.2.15 192.168.56.102

  • ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:8d:91:99 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3 valid_lft 86012sec preferred_lft 86012sec inet6 fe80::a00:27ff:fe8d:9199/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: enp0s8: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:a2:4b:0c brd ff:ff:ff:ff:ff:ff inet 192.168.56.102/24 brd 192.168.56.255 scope global dynamic enp0s8 valid_lft 464sec preferred_lft 464sec inet6 fe80::a00:27ff:fea2:4b0c/64 scope link valid_lft forever preferred_lft forever

  • ip route show default via 10.0.2.2 dev enp0s3 proto dhcp metric 100 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 169.254.0.0/16 dev enp0s3 scope link metric 1000 192.168.56.0/24 dev enp0s8 proto kernel scope link src 192.168.56.102

  • cat /etc/resolv.conf

Generated by NetworkManager#

nameserver 10.42.0.1

  • netstat -ntulp (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN -
    tcp6 0 0 :::22 :::
    LISTEN -
    udp 0 0 0.0.0.0:5353 0.0.0.0: -
    udp 0 0 0.0.0.0:50608 0.0.0.0:
    -
    udp 0 0 0.0.0.0:68 0.0.0.0: -
    udp6 0 0 :::5353 :::
    -
    udp6 0 0 :::60804 :::* -

  • ping -c 4 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 56 data bytes 64 bytes from 1.1.1.1: icmp_seq=0 ttl=63 time=15.083 ms 64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=13.765 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=13.150 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=6.820 ms --- 1.1.1.1 ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max/stddev = 6.820/12.204/15.083/3.186 ms

  • dig example.com.

; <<>> DiG 9.16.22-Debian <<>> example.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56923 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;example.com. IN A

;; ANSWER SECTION: example.com. 14809 IN A 93.184.216.34

;; Query time: 11 msec ;; SERVER: 10.42.0.1#53(10.42.0.1) ;; WHEN: Mon Feb 28 17:46:56 CST 2022 ;; MSG SIZE rcvd: 56

Privilegios de usuario normal#

  • getent passwd ${USER} jessmonter:x:1000:1000:jessmonter:/home/jessmonter:/bin/bash

  • id uid=1000(jessmonter) gid=1000(jessmonter) groups=1000(jessmonter),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev),112(bluetooth),120(wireshark)

  • groups jessmonter cdrom floppy sudo audio dip video plugdev netdev bluetooth wireshark

  • sudo -l Matching Defaults entries for jessmonter on debian-clases: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin

User jessmonter may run the following commands on debian-clases: (ALL : ALL) NOPASSWD: ALL

  • sudo -i root@debian-clases:~#

Herramientas instaladas#

  • which wireshark tcpdump nmap netcat-openbsd ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool /usr/bin/wireshark /usr/bin/tcpdump /usr/bin/nmap /usr/bin/ngrep /usr/bin/wget /usr/bin/curl /usr/bin/whois /usr/bin/tsocks /usr/bin/inetutils-traceroute

  • whereis wireshark tcpdump nmap netcat-openbsd ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool wireshark: /usr/bin/wireshark /usr/lib/x86_64-linux-gnu/wireshark /etc/wireshark /usr/share/wireshark /usr/share/man/man1/wireshark.1.gz tcpdump: /usr/bin/tcpdump /usr/share/man/man8/tcpdump.8.gz nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz netcat-openbsd: ngrep: /usr/bin/ngrep /usr/share/man/man8/ngrep.8.gz dsniff: /usr/sbin/dsniff /usr/share/dsniff /usr/share/man/man8/dsniff.8.gz wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz whois: /usr/bin/whois /usr/share/man/man1/whois.1.gz dnsutils: net-tools: iproute2: /etc/iproute2 /usr/include/iproute2 iptables: /usr/sbin/iptables /etc/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz iptables-persistent: tsocks: /usr/bin/tsocks /etc/tsocks.conf /usr/share/man/man8/tsocks.8.gz /usr/share/man/man1/tsocks.1.gz inetutils-ping: inetutils-traceroute: /usr/bin/inetutils-traceroute /usr/share/man/man1/inetutils-traceroute.1.gz inetutils-tools: ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz