June 2018
Intermediate to advanced
294 pages
7h 5m
English
Content preview from Practical Web Penetration Testing
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
System info commands
This section will be very useful in the post-exploitation phase.
Suppose that you just escalated your privileges on a Linux box; how can you know if you're really an admin? Just execute the id command, and you'll get the results. Don't underestimate this section! Review it carefully, and see the commands that you can take advantage of during the post-exploitation phase on a Linux machine:
- To show the current host uptime, use the following:
uptime
- To show who's logged in, use the following:
wwhoami
- To show who you are (as a user), use the following:
id
- To display information about a user, use the following:
finger [user name]
- To show kernel information, use the following:
uname -a
- To show CPU information, use ...