Frequently Exploited Linux Services
Linux is a free and open source operating system that is comprised of the Linux kernel, which was developed by Linus Torvalds, and the GNU toolkit, which is a collection of software and utilities that was started and developed by Richard Stallman.
This combination of open source software is what makes up the Linux OS as a whole, and it is commonly referred to as GNU/Linux.
Linux has various use cases, however, it is typically deployed as a server operating system. For this reason, there are specific services and protocols that will typically be found running on a Linux server.
These services provide an attacker with an access vector that they can utilize to gain access to a target host.
Having a good understanding of what these services are, how they work and their potential vulnerabilities is a vitally important skill to have as a penetration tester.
| Protocol/Service | Ports | Purpose |
|---|---|---|
| Apache Web Server | TCP ports 80/443 | Free and open source cross-platform web server released under the Apache License 2.0. Apache accounts for over 80% of web servers globally. |
| SSH (Secure Shell) | TCP ports 22 | SSH is a cryptographic remote access protocols that is used to remotely access and control systems over an unsecured network. SSH was developed as a secure successor to telnet. |
| FTP (File Transfer Protocol) | TCP port 21 | FTP (File Transfer Protocol) is a protocol that uses TCP port 21 and is used to facilitate file sharing between a server and client/clients and vice versa. |
| SAMBA | TCP port 445 | Samba is the Linux implementation of SMB, and allows Windows systems to access Linux shares and devices. |
经常被利用的 Linux 服务
Linux 是一个免费的开源操作系统,它由 Linux 内核(由 Linus Torvalds 开发)和 GNU 工具包(由 Richard Stallman 启动和开发的软件和实用程序的集合)组成。
这种开源软件的组合构成了整个 Linux 操作系统,它通常被称为 GNU/Linux。
Linux 有各种用例,但是,它通常被部署为服务器操作系统。 出于这个原因,有一些特定的服务和协议通常会在 Linux 服务器上运行。
这些服务为攻击者提供了一个访问向量,他们可以利用该向量访问目标主机。
充分了解这些服务是什么、它们如何工作以及它们的潜在漏洞是作为渗透测试人员至关重要的技能。
| 协议/服务 | 端口 | 用途 |
|---|---|---|
| Apache Web 服务器 | TCP 端口 80/443 | 在 Apache 许可证 2.0 下发布的免费和开源跨平台 Web 服务器。 Apache 占全球 Web 服务器的 80% 以上。 |
| SSH (Secure Shell) | TCP 端口 22 | SSH 是一种加密远程访问协议,用于通过不安全的网络远程访问和控制系统。 SSH 是作为 telnet 的安全继任者而开发的。 |
| FTP(文件传输协议) | TCP 端口 21 | FTP(文件传输协议)是一种使用 TCP 端口 21 的协议,用于促进服务器和客户端/客户端之间的文件共享,反之亦然。 |
| SAMBA | TCP 端口 445 | Samba 是 SMB 的 Linux 实现,允许 Windows 系统访问 Linux 共享和设备。 |
