- Concepts
1. RPC (Remote Procedure Call): Protocol that enables a program to execute a procedure on a remote system as if it were a local function.
2. rpcbind: Critical component in the RPC system. It translates RPC program nums into network addresses where the programs are available.
3. NFS (Network File System): Protocol that allows users to access files over a network as if they were located on their local machines.
4. NIS (Network Information Services): Directory service protocol for centralizing administrative data like user accounts, passwords, and hostnames in a networked environmet.
5. Finger enumeration: Gathers information about user accounts on a remote system using the Finger Protocol.
6. Finger: Protocol designed to retrieve information about system users, such as usernames, login times, and other metadata. However, this protocol was originally intended for legitimate purposes. (e.g., for administrators to monitor user activity)
7. Shellshock (=bash bug): Vuln discovered in the Bash command-line interpreter. Allows attackers to execute arbitrary commands on a vulnerable system by exploiting how Bash processes environment variables.
- e.g., env x='() { :;}; echo Vulnerable' bash -c "echo This is a test"
- Commands
1. nmap --max-tries {num} {target_ip}: Specifies the maximum num of times Nmap should attempt to retransmit a request for a given port when it doesn't receive a response. By default, Nmap makes multiple attempts to request a target port to confirm its state. To speed up scans, you can decrease the num of this retries switch.
2. patator: Brute-forcing tool that supports various protocols
3. find . -type f -exec wc -l {} \; : Shows line counts of every file.
4. hashcat: High-performance password recovery tool.
5. umask: file permission mask that determines the initial permissions of newly created files and directories.
