Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@centos ~]# history
- 1 vim /boot/loader/entries/c38c5b35ef7948c7816e02bdcd93265a-5.14.0-425.el9.x86_64.conf
- 2 reboot
- 3 cd /boot/loader/entries
- 4 ls
- 5 vim c38c5b35ef7948c7816e02bdcd93265a-5.14.0-425.el9.x86_64.conf
- 6 reboot
- 7 poweroff
- 8 chvt 3
- 9 chvt 2
- 10 chvt 3
- 11 dnf install -y git
- 12 git clone https://github.com/sandervanvugt/linux-security
- 13 git clone https://github.com/sandervanvugt/linuxsecurity
- 14 cd linuxsecurity/
- 15 history
- 16 ./countdown 12
- 17 cd
- 18 fdisk /dev/sdb
- 19 cryptsetup luksFormat /dev/sdb1
- 20 cryptsetup luksOpen /dev/sdb1 secret
- 21 ls -l /dev/mapper/
- 22 mkfs.ext4 /dev/mapper/secret
- 23 mount /dev/mapper/secret /mnt
- 24 touch /mnt/file1
- 25 echo hello > /mnt/file2
- 26 umount /mnt
- 27 cryptsetup luksClose /dev/sdb1
- 28 cryptsetup luksClose /dev/mapper/secret
- 29 ls -l /dev/mapper
- 30 xxd /dev/sdb1 | less
- 31 ldd $(which login)
- 32 cd /etc/pam.d
- 33 ls
- 34 vim login
- 35 vim system-auth
- 36 find / -name "pam_limits.so"
- 37 cd /usr/lib64/security/
- 38 ls
- 39 vim /etc/securetty
- 40 chvt 4
- 41 loginctl list-sessions
- 42 loginctl kill-session 4
- 43 loginctl kill-session 6
- 44 loginctl list-sessions
- 45 pwd
- 46 cd /etc/pam.d/
- 47 man -k pam
- 48 man pam_securetty
- 49 vim login
- 50 chvt 4
- 51 loginctl list-sessions
- 52 loginctl kill-session 7
- 53 loginctl kill-session 9
- 54 cd
- 55 touch /home/linda/anotherfile
- 56 su - linda
- 57 vim /home/linda/playme
- 58 chmod +x /home/linda/playme
- 59 su - linda
- 60 chmod u+s /home/linda/playme
- 61 su - linda
- 62 find / -perm /4000
- 63 ls -l /usr/bin/passwd
- 64 ls -l /etc/shadow
- 65 history
- 66 find / -perm /4000
- 67 history
- 68 crontab -e
- 69 find / -perm /4000 > /tmp/suid-base.txt
- 70 history
- 71 iptables
- 72 iptables -P OUTPUT DROP
- 73 iptables -P INPUT DROP
- 74 ping google.com
- 75 iptables -A OUTPUT -p icmp -j ACCEPT
- 76 ping google.com
- 77 iptables -A OUTPUT -p tcp --dport=53 -j ACCEPT
- 78 iptables -A OUTPUT -p udp --dport=53 -j ACCEPT
- 79 ping google.com
- 80 iptables -A INPUT -m state=ESTABLISHED,RELATED -j ACCEPT
- 81 iptables -A INPUT -m state --state=ESTABLISHED,RELATED -j ACCEPT
- 82 ping google.com
- 83 iptables -A OUTPUT -p tcp --dport=80 -j ACCEPT
- 84 iptables -A OUTPUT -p tcp --dport=443 -j ACCEPT
- 85 curl google.com
- 86 history
- 87 iptables-save
- 88 reboot
- 89 firewall-cmd --list-all
- 90 firewall-cmd --get-services
- 91 firewall-cmd --add-service http --permanent
- 92 firewall-cmd --list-all
- 93 firewall-cmd --reload
- 94 firewall-cmd --list-all
- 95 vim /usr/lib/firewalld/services/ftp.xml
- 96 cp /usr/lib/firewalld/services/ftp.xml /etc/firewalld/services/sander.xml
- 97 vim /etc/firewalld/services/sander.xml
- 98 firewall-cmd --list-services | grep sander
- 99 systemctl restart firewalld
- 100 firewall-cmd --list-services | grep sander
- 101 firewall-cmd --reload
- 102 firewall-cmd --list-services | grep sander
- 103 ls /etc/firewalld/services/
- 104 firewall-cmd --get-services | grep sander
- 105 firewall-cmd --help | grep forward
- 106 firewall-cmd --add-forward-port=port=2022:proto=tcp:toport:22:toaddr=127.0.0.1
- 107 firewall-cmd --add-forward-port=port=2022:proto=tcp:toport=22:toaddr=127.0.0.1
- 108 ssh localhost:2022
- 109 ssh -p 2022 localhost
- 110 ip a
- 111 ssh -p 2022 192.168.29.144
- 112 firewall-cmd --list-all
- 113 ip
- 114 ip a
- 115 systemctl status sshd
- 116 dnf install -y nmap
- 117 nmap localhost
- 118 nmap 192.168.29.144
- 119 setenforce permissive
- 120 firewall-cmd --permanent --zone=public --add-rich-rule='rule service name="ssh" log prefix="ssh" level="notice" limit value="2/m" accept'
- 121 firewall-cmd --reload
- 122 firewall-cmd --list-all
- 123 history
- 124 man firewalld.richlanguage
- 125 firewall-cmd --add-rich-rule='rule forward-port to-addr="127.0.0.1" to-port="22" protocol="tcp" port="2023"'
- 126 man firewalld.richlanguage
- 127 firewall-cmd --add-rich-rule='family="ipv4" rule forward-port to-addr="127.0.0.1" to-port="22" protocol="tcp" port="2023"'
- 128 firewall-cmd --add-rich-rule='rule family="ipv4" forward-port to-addr="127.0.0.1" to-port="22" protocol="tcp" port="2023"'
- 129 ssh -p 2023 localhost
- 130 history
- 131 firewall-cmd --reload
- 132 firewall-cmd --add-forward-port=port=2022:proto=tcp:toport=22:toaddr=127.0.0.1
- 133 nmap 192.168.29.144
- 134 firewall-cmd --list-all
- 135 firewall-cmd --reload
- 136 firewall-cmd --add-forward-port=port=2024:proto=tcp:to-port=22
- 137 firewall-cmd --add-forward-port=port=2024:proto=tcp:toport=22
- 138 nmap 127.0.0.1
- 139 history
- 140 nmap 127.0.0.1
- 141 nmap 192.168.29.144
- 142 nmap -sT 192.168.29.144
- 143 nmap localhost -p 2024
- 144 systemctl status auditd
- 145 ls -l /var/log/audit/audit.log
- 146 less /var/log/audit/audit.log
- 147 grep AVC /var/log/audit/audit.log
- 148 auditctl -w /etc/passwd -p wa -k passwd-access
- 149 cat /etc/passwd
- 150 grep passwd-access /var/log/audit/audit.log
- 151 auditctl -w /bin -p x
- 152 ls
- 153 tail /var/log/audit/audit.log
- 154 auditctl -a exit,always -F dir=/home/ -F uid=0 -C auid!=obj_uid
- 155 auditctl -a exit,always -F arch=b32 -S unlink -S unlinkat -S rename -S renameat -F auid>=1000 -F auid!=4294967295 -k delete
- 156 auditctl -a exit,always -F arch=b32 -S unlink -S unlinkat -S rename -S renameat -F auid>=1000 -k delete
- 157 auditctl -a exit,always -F arch=b32 -S unlink -S unlinkat -S rename -S renameat -C auid>=1000 -C auid!=4294967295 -k delete
- 158 man auditctl
- 159 ssh student@192.168.29.143
- 160 aa-status
- 161 ssh student@192.168.29.143
- 162 dnf install -y httpd
- 163 ip a
- 164 vim /etc/hosts
- 165 hostname set-hostname centos.example.com
- 166 hostnamectl set-hostname centos.example.com
- 167 systemctl enable --now httpd
- 168 ps Zaux | grep http
- 169 ls -Z /var/www
- 170 mkdir /web
- 171 vim /web/index.html
- 172 vim /etc/httpd/conf/httpd.conf
- 173 ls -Zd /web
- 174 systemctl restart httpd
- 175 curl localhost
- 176 getenforce
- 177 setenforce enforcing
- 178 curl localhost
- 179 grep AVC /var/log/audit/audit.log
- 180 man semanage-fcontext
- 181 semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
- 182 ls -Zd /web
- 183 restorecon -Rv /web
- 184 curl localhost
- 185 history
- 186 grep AVC /var/log/audit/audit.log
- 187 vim /etc/httpd/conf/httpd.conf
- 188 systemctl restart httpd
- 189 systemctl status httpd
- 190 grep AVC /var/log/audit/audit.log
- 191 man semanage-port
- 192 journalctl | grep sealert
- 193 sealert -l 5bfad355-0430-408d-af7c-9b15461043bc | less
- 194 emanage port -a -t http_port_t -p tcp 82
- 195 semanage port -a -t http_port_t -p tcp 82
- 196 systemctl restart httpd
- 197 ss -tunapZ
- 198 getsebool
- 199 getsebool -a
- 200 getsebool -a | wc -l
- 201 getsebool -a | grep ftp
- 202 setsebool -P ftpd_anon_write on
- 203 getsebool -a | grep ftp
- 204 journalctl | grep sealert
- 205 sealert -l a5de5d12-4f37-4203-8954-a5b6d7d38c69 | less
- 206 dnf install fapolicyd
- 207 systemctl enable --now fapolicyd
- 208 cp /bin/ls /tmp/ls
- 209 exit
- 210 fapolicyd-cli --add-file /tmp/ls --trust-file myapp
- 211 fapolicyd-cli --add file /tmp/ls --trust-file myapp
- 212 man fapolicyd-cli
- 213 fapolicyd-cli --file add /tmp/ls --trust-file myapp
- 214 fapolicyd-cli --update
- 215 exit
- 216 history
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement