linux intrusion-PHP开发-php.cn

Home

php教程

PHP开发

linux intrusion

高洛峰

Dec 01, 2016 pm 01:40 PM

linux

1. Copy the /etc/skel directory to /home/tuser1. It is required that the group and other users of /home/tuser1 and its internal files do not have any access rights.

[root@www /]# cp -r /etc/skel /home/tuser1 && chmod 700 -R /home/tuser1  
[root@www /]# echo $?
0
[root@www home]# ll -al /home/tuser1/
总用量 12
drwx------. 3 root root  74 11月 30 13:14 .
drwxr-xr-x. 4 root root  30 11月 30 13:14 ..
-rwx------. 1 root root  18 11月 30 13:14 .bash_logout
-rwx------. 1 root root 193 11月 30 13:14 .bash_profile
-rwx------. 1 root root 231 11月 30 13:14 .bashrc
drwx------. 4 root root  37 11月 30 13:14 .mozilla

Copy after login

2. Edit the /etc/group file and add the group hadoop.

[root@www /]#echo "hadoop:x:1001" >>/etc/group
[root@www /]# cat /etc/group |grep hadoop
hadoop:x:1001
[root@www /]#

Copy after login

3. Manually edit the /etc/passwd file and add a new line to add user hadoop. Its basic group ID is the ID number of the hadoop group; its home directory is /home/hadoop.

[root@www home]# echo "hadoop:x:1001:1001:hadoop:/home/hadoop:/bin/bash" >> /etc/passwd && tail -n 2 /etc/passwd
user:x:1000:1000:user:/home/user:/bin/bash
hadoop:x:1001:1001:hadoop:/home/hadoop:/bin/bash

Copy after login

4. Copy the /etc/skel directory to /home/hadoop. It is required to modify the group belonging to the hadoop directory and other users do not have any access rights.

[root@www /]# cp -r /etc/skel /home/hadoop && chmod 700 -R /home/hadoop && ll -al /home/hadoop/
总用量 12
drwx------. 3 root root  74 11月 30 13:54 .
drwxr-xr-x. 5 root root  43 11月 30 13:54 ..
-rwx------. 1 root root  18 11月 30 13:54 .bash_logout
-rwx------. 1 root root 193 11月 30 13:54 .bash_profile
-rwx------. 1 root root 231 11月 30 13:54 .bashrc
drwx------. 4 root root  37 11月 30 13:54 .mozilla
[root@www /]#

Copy after login

5. Modify the owner of the /home/hadoop directory and all the files inside it to hadoop, and the group to be hadoop.

[root@www /]# chown -R hadoop:hadoop /home/hadoop/ && ll -al /home/hadoop/
总用量 12
drwx------. 3 hadoop hadoop  74 11月 30 13:54 .
drwxr-xr-x. 5 root   root    43 11月 30 13:54 ..
-rwx------. 1 hadoop hadoop  18 11月 30 13:54 .bash_logout
-rwx------. 1 hadoop hadoop 193 11月 30 13:54 .bash_profile
-rwx------. 1 hadoop hadoop 231 11月 30 13:54 .bashrc
drwx------. 4 hadoop hadoop  37 11月 30 13:54 .mozilla
[root@www /]#

Copy after login

6. Display the lines starting with uppercase or lowercase S in the /proc/meminfo file; use two methods;

[root@www /]# grep -i "^s" /proc/meminfo
SwapCached:            0 kB
SwapTotal:       1023996 kB
SwapFree:        1023996 kB
Shmem:              9636 kB
Slab:             171236 kB
SReclaimable:      99660 kB
SUnreclaim:        71576 kB
[root@www /]# grep -i "^[sS]" /proc/meminfo
SwapCached:            0 kB
SwapTotal:       1023996 kB
SwapFree:        1023996 kB
Shmem:              9636 kB
Slab:             171236 kB
SReclaimable:      99660 kB
SUnreclaim:        71576 kB
[root@www /]#

Copy after login

7. Display the users whose default shell is not /sbin/nologin in the /etc/passwd file;

[root@www /]# grep -v "/sbin/nologin" /etc/passwd
root:x:0:0:root:/root:/bin/bash
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
amandabackup:x:33:6:Amanda user:/var/lib/amanda:/bin/bash
user:x:1000:1000:user:/home/user:/bin/bash
hadoop:x:1001:1001:hadoop:/home/hadoop:/bin/bash
[root@www /]# 
 
cut一下，美观
[root@www /]# grep -v "/sbin/nologin" /etc/passwd | cut -d":" -f1
root
sync
shutdown
halt
amandabackup
user
hadoop
[root@www /]#

Copy after login

8. Display the users whose default shell is /bin/bash in the /etc/passwd file;

[root@www /]# grep  "/bin/bash" /etc/passwd
root:x:0:0:root:/root:/bin/bash
amandabackup:x:33:6:Amanda user:/var/lib/amanda:/bin/bash
user:x:1000:1000:user:/home/user:/bin/bash
hadoop:x:1001:1001:hadoop:/home/hadoop:/bin/bash
 
cut一下，美观
[root@www /]# grep  "/bin/bash" /etc/passwd |cut -d":" -f1
root
amandabackup
user
hadoop
[root@www /]#

Copy after login

9. Find the one or two digits in the /etc/passwd file;

1	`grep` `"\<[0-9]\{1,2\}\>"` `/etc/passwd`

Copy after login

10. Display lines starting with at least one blank character in /boot/grub/grub.conf;

[root@centos6 ~]# grep "^[[:space:]]\+" /boot/grub/grub.conf
    root (hd0,0)
    kernel /vmlinuz-2.6.32-642.3.1.el6.x86_64 ro root=/dev/mapper/vg_centos-lv_root rd_NO_LUKS rd_LVM_LV=vg_centos/lv_swap rd_NO_MD.UTF-8 rd_LVM_LV=vg_centos/lv_root  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet crashkernel=auto
    initrd /initramfs-2.6.32-642.3.1.el6.x86_64.img
    root (hd0,0)
    kernel /vmlinuz-2.6.32-642.el6.x86_64 ro root=/dev/mapper/vg_centos-lv_root rd_NO_LUKS rd_LVM_LV=vg_centos/lv_swap rd_NO_MD.UTF-8 rd_LVM_LV=vg_centos/lv_root  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
    initrd /initramfs-2.6.32-642.el6.x86_64.img

Copy after login

11. Display lines starting with # in the /etc/rc.d/rc.sysinit file, followed by at least one blank character, and then Lines with at least one non-whitespace character;

1	`grep` `"^#[[:space:]]\+[^[:space:]]\+"` `/etc/rc.d/rc.sysinit`

Copy after login

12. Find lines ending with 'LISTEN' followed by 0, 1 or more whitespace characters in the results of the "netstat -tan" command;

[root@www /]# netstat -tan | grep  "LISTEN[[:space:]]*$"
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     
tcp6       0      0 ::1:631                 :::*                    LISTEN     
tcp6       0      0 ::1:25                  :::*                    LISTEN     
tcp6       0      0 ::1:6010                :::*                    LISTEN     
[root@www /]#

Copy after login

13. Add user bash , testbash, basher, nologin (the shell of this user is /sbin/nologin), and then find out the information of the user whose user name is the same as the default shell on the current system;

useradd -d /home/bash -s /bin/bash -m bash
useradd -d /home/testbash -s /bin/bash -m testbash
useradd -d /home/basher -s /bin/bash -m basher
useradd -d /home/nologin -s /sbin/nologin -m nologin
 
 
[root@www /]# cat  /etc/passwd | grep "^\<bash\>"
bash:x:1002:1002::/home/bash:/bin/bash
[root@www /]#

Copy after login

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Best Graphic Settings

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows: Seashell Riddle Solution

2 weeks ago By DDD

R.E.P.O. How to Fix Audio if You Can't Hear Anyone

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

WWE 2K25: How To Unlock Everything In MyRise

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7467

CakePHP Tutorial

1376

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

Related knowledge

How to solve permission issues when using python --version command in Linux terminal? Apr 02, 2025 am 06:36 AM

Using python in Linux terminal...

How to configure apscheduler timing task as a service on macOS? Apr 01, 2025 pm 06:09 PM

Configure the apscheduler timing task as a service on macOS platform, if you want to configure the apscheduler timing task as a service, similar to ngin...

Four ways to implement multithreading in C language Apr 03, 2025 pm 03:00 PM

Multithreading in the language can greatly improve program efficiency. There are four main ways to implement multithreading in C language: Create independent processes: Create multiple independently running processes, each process has its own memory space. Pseudo-multithreading: Create multiple execution streams in a process that share the same memory space and execute alternately. Multi-threaded library: Use multi-threaded libraries such as pthreads to create and manage threads, providing rich thread operation functions. Coroutine: A lightweight multi-threaded implementation that divides tasks into small subtasks and executes them in turn.

How to open web.xml Apr 03, 2025 am 06:51 AM

To open a web.xml file, you can use the following methods: Use a text editor (such as Notepad or TextEdit) to edit commands using an integrated development environment (such as Eclipse or NetBeans) (Windows: notepad web.xml; Mac/Linux: open -a TextEdit web.xml)

Can the Python interpreter be deleted in Linux system? Apr 02, 2025 am 07:00 AM

Regarding the problem of removing the Python interpreter that comes with Linux systems, many Linux distributions will preinstall the Python interpreter when installed, and it does not use the package manager...

What is the Linux best used for? Apr 03, 2025 am 12:11 AM

Linux is best used as server management, embedded systems and desktop environments. 1) In server management, Linux is used to host websites, databases, and applications, providing stability and reliability. 2) In embedded systems, Linux is widely used in smart home and automotive electronic systems because of its flexibility and stability. 3) In the desktop environment, Linux provides rich applications and efficient performance.

How is Debian Hadoop compatibility Apr 02, 2025 am 08:42 AM

DebianLinux is known for its stability and security and is widely used in server, development and desktop environments. While there is currently a lack of official instructions on direct compatibility with Debian and Hadoop, this article will guide you on how to deploy Hadoop on your Debian system. Debian system requirements: Before starting Hadoop configuration, please make sure that your Debian system meets the minimum operating requirements of Hadoop, which includes installing the necessary Java Runtime Environment (JRE) and Hadoop packages. Hadoop deployment steps: Download and unzip Hadoop: Download the Hadoop version you need from the official ApacheHadoop website and solve it

Is Debian Strings compatible with multiple browsers Apr 02, 2025 am 08:30 AM

"DebianStrings" is not a standard term, and its specific meaning is still unclear. This article cannot directly comment on its browser compatibility. However, if "DebianStrings" refers to a web application running on a Debian system, its browser compatibility depends on the technical architecture of the application itself. Most modern web applications are committed to cross-browser compatibility. This relies on following web standards and using well-compatible front-end technologies (such as HTML, CSS, JavaScript) and back-end technologies (such as PHP, Python, Node.js, etc.). To ensure that the application is compatible with multiple browsers, developers often need to conduct cross-browser testing and use responsiveness

See all articles