Showing posts with label Cron. Show all posts
Showing posts with label Cron. Show all posts

Linux persistence techniques as a map

Pepe Berba has created a nice overview of linux persistence techniques as a maphttps://pberba.github.io/security/2021/11/22/linux-threat-hunting-for-persistence-sysmon-auditd-webshell/

Linux persistence map v0.2 from pberba

It shows places/locations/paths for persistense in systemd-generators, motd, /usr/sbin/cron (Cron Scheduler), rootkits, /sbin/init [PID 1] (System systemd), web server (web shells), systemd --user (User systemd), /usr/sbin/sshd (SSH Daemon), /bin/bash (Login Shell), user systemd-generators, user systemd timers, user systemd services, etc and its mitre attack technique ids. 
at No comments:
Labels: , , , , , ,

Linux show all cronjobs of all users

How to Linux show all cronjobs of all users (not ldap or nis users): Use the following command as root:
for user in $(cut -f1 -d: /etc/passwd); do crontab -u $user -l; done
 

Example:

linuxhost001:~ # for user in $(cut -f1 -d: /etc/passwd); do crontab -u $user -l; done
no crontab for bin
no crontab for daemon
no crontab for ftp
no crontab for lp
no crontab for mail
no crontab for man
no crontab for messagebus
no crontab for news
no crontab for nobody
no crontab for nscd
no crontab for openslp
no crontab for polkitd
no crontab for postfix
no crontab for root
no crontab for rpc
no crontab for sshd
no crontab for statd
no crontab for systemd-bus-proxy
no crontab for systemd-timesync
no crontab for uucp
no crontab for wwwrun
no crontab for ntp
no crontab for nagios
no crontab for radiusd
at No comments:
Labels: ,
Subscribe to: Posts (Atom)

Monitor UniFi WLAN Access Point with PRTG with SNMPv3 Auth+Encrypted

This is a tiny guide howto monitor your UniFi wireless accesspoint, in this case a Unifi U7 pro with SNMPv3 with AES-Encryption and SHA-Auth...