Manual Enumeration¶

User info¶

Current user

whoami
who

Currently logged in users

Current permissions

id

User list

cat /etc/passwd

Groups

cat /etc/group

Show host

hostname

Distribution type & version

/etc/issue
/etc/*-release
/etc/lsb-release #debian
/etc/redhat-released #redhat

Kernel version

/proc/version
uname -a
uname -r
uname -mrs
rpm -q kernel
dmesg | grep linux
ls /boot | grep vmlinuz-

Kernel modules

lsmod

More info on specific kernel module

/sbin/modinfo <kernel module>

System architecture

arch

Environment Variables

/etc/profile
/etc/bashrc

Network interfaces and addresses

/proc/net/fib_trie

Listening ports (HEX encoded)

/proc/net/tcp

cat /proc/net/tcp | grep '00000000:0000 0A'

0A = listening

0100007F:15E1 = 127.0.0.1:5701

Search for files modified between two dates

find / -newermt YYYY-MM-DD ! -newermt YYYY-MM-DD -ls 2>/dev/null

Show additional details about files

stat <file>

List files and their 32-bit last modified time

find / -type f -printf "%T+ %pn\n"

%T+ - Show full last modified timestamp

%pn - Show file name