# Enumeration Automated enumeration on Linux is a common technique used for gathering system and network information during penetration testing or system auditing. There are several tools and scripts available to automate this process. Below is a breakdown of how you can use different modules and scripts for automated enumeration on a Linux system. ## **Automated Enumeration Using Metasploit Modules** Metasploit offers several post-exploitation modules that can help gather system, network, and configuration information from a compromised Linux machine. The following are the relevant modules for automation: 1. **Post/Linux/Gather/Enum\_Configs** * This module gathers system configuration information such as the contents of configuration files, sudoers file, crontab, etc. * Example usage: ```bash use post/linux/gather/enum_configs run ``` 2. **Post/Linux/Gather/Enum\_Network** * This module collects network-related information, such as network interfaces, routes, DNS settings, and network shares. * Example usage: ```bash use post/linux/gather/enum_network run ``` 3. **Post/Linux/Gather/Enum\_System** * This module retrieves system information, including the kernel version, system architecture, installed software, and running processes. * Example usage: ```bash use post/linux/gather/enum_system run ``` ## **Using LinEnum.sh for Linux Enumeration** `LinEnum.sh` is a popular script used for automated enumeration on Linux. It performs a thorough scan of the system and gathers important information like user privileges, system configurations, kernel information, and more. To use `LinEnum.sh`, follow these steps: 1. **Download `LinEnum.sh`** You can download the script from a trusted source such as the official GitHub repository or other trusted repositories. 2. **Make the script executable** Once the script is downloaded, you need to make it executable: ```bash chmod +x LinEnum.sh ``` 3. **Run the script** You can now run the script to gather detailed information: ```bash ./LinEnum.sh ``` By default, the script will scan for the following types of information: * **User information**: Active users, sudo permissions, groups. * **Kernel and architecture**: Kernel version, system architecture, etc. * **Network information**: Network interfaces, routes, open ports, etc. * **Sudo and cron jobs**: Configuration files, cron jobs, sudo permissions. * **File system information**: Writable files, directories, and other system-related information. 4. **Run with different options**\ You can specify different options to focus on particular aspects of enumeration. For example: * **Run a simple enumeration**: ```bash ./LinEnum.sh -e ``` * **Full enumeration**: ```bash ./LinEnum.sh -all ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://kmanu225.gitbook.io/cs/cybersecurity/os/linux/enumeration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.