linux:seguridad:sadservers

Diferències

Ací es mostren les diferències entre la revisió seleccionada i la versió actual de la pàgina.

Enllaç a la visualització de la comparació

Ambdós costats versió prèvia Revisió prèvia
Següent revisió		 Revisió prèvia
linux:seguridad:sadservers [15/05/2024 05:37] – ["Saskatoon": counting IPs.] matelinux:seguridad:sadservers [28/05/2024 06:51] (actual) – ["Resumable Server": Linux Upskill Challenge] mate
Línia 24: Línia 24:
   * ''awk '{print $1}' ''   * ''awk '{print $1}' ''
   * ''cut -d' ' -f1''   * ''cut -d' ' -f1''
-  * ''sort'': -hnumérico humano-r reverso+  * ''sort'': 
 +    * -hnumérico humano 
 +    * -rreverso 
 +    * -k[primer-campo],[ultimo-campo] 
 +    * -t <SEP>: separador
   * ''uniq -c'': cuenta elementos únicos   * ''uniq -c'': cuenta elementos únicos
 <code> <code>
Línia 38: Línia 42:
  
 Solution: One posible way is awk '{print $1}' access.log|sort|uniq -c|sort -r|head -1|awk '{print $2}' > /home/admin/highestip.txt Solution: One posible way is awk '{print $1}' access.log|sort|uniq -c|sort -r|head -1|awk '{print $2}' > /home/admin/highestip.txt
 +</code>
 +
 +== "Santiago": Find the secret combination
 +  * ''grep -rc''
 +  * ''grep -A 1''
 +  * ''find ... | xargs grep -c''
 +<code>
 +1. Use grep recursively or use find and pass the results to grep via xargs
 +
 +(Open window once more to see the solution to the first part).
 +
 +2. (Solution to 1) cd /home/admin/ and then for example: grep -rc Alice *.txt or find . -type f -name "*.txt" |xargs grep -c 'Alice' , adding the results from the three files: echo -n 411 > /home/admin/solution
 +
 +(Open window once more to see the solution to the second part).
 +
 +3. (Solution to 2) The file with exactly one Alice occurrence is 1342-0.txt :grep Alice -A 1 /home/admin/1342-0.txt (or open the file with less or vi and enter /Alice). Appending this result: echo 156 >> /home/admin/solution (The solution is 411156).
 +</code>
 +
 +== "The Command Line Murders"
 +  * ''knock localhost 3000''
 +  * ''nmap -p- localhost''
 +<code>
 +1. You can use the knock utility, for example to knock on port 3000: knock localhost 3000. Netcat (nc) and nmap are also available. Note than nmap has some options where you'd need to be root (not possible here)
 +
 +2. You can also write a BASH script that knocks sequentially on all ports.
 +
 +3. Solution.Probably the fastest is using nmap against all ports, for example: nmap -p- localhost.
 +</code>
 +
 +== "Resumable Server": Linux Upskill Challenge
 +<code></code>
 +
 +== "Bucharest": Connecting to Postgres
 +  * ''sudo systemctl restart postgresql@13-main''
 +<code>
 +1. The issue might be related to the configuration of the PostgreSQL server. (See the error message when attempting the tedt). The configuration files are usually located in the /etc/postgresql/$version/main/ directory. You might want to start by checking these files. (You'll need to use "sudo").
 +
 +2. The pg_hba.conf file controls client authentication. This file is read on start-up and when the main server process receives a SIGHUP signal. If you’re having trouble connecting to the database, this file could be a good place to look. (Click again "Next Clue/Solution" to reveal the final step)
 +
 +Solution: In the /etc/postgresql/13/main/pg_hba.conf file, delete or comment out the lines with a reject keyword from all. Then restart the PostgreSQL service: sudo systemctl restart postgresql@13-main
 </code> </code>
  • linux/seguridad/sadservers.1715776670.txt.gz
  • Darrera modificació: 15/05/2024 05:37
  • per mate