I've been searching for quite a while for this, And couldn't find it anywhere.
Firstly, Is there equivalent command to:
wmic computersystem get domain
Which return the current user primary domain.
And I've been wondering whether there's an equivalent command of:
net group /domain
A command that returns all the global groups of user current domain.
So far I've been trying to search in different network files at /etc/, Currently the only relevant file I've found was reslov.conf which hold all the DNS, And it might contain more information than i actually need. [Which means that i'll have to query each domain there and 'ask' whether the user is associated with that domain] is there a way which is more efficient than that?
Thanks.
Un*x hostname
hostname -f
host.domain
host host.domain
host.domain has address 192.168.1.35
See man host, man dig and man hostname. Have also a look at See also sections in man pages.
Windows net command under Linux
You have to install at least samba-client package. After installing samba suite, you will be able to run linux's net command:
net help
Usage:
net rpc Run functions using RPC transport
net rap Run functions using RAP transport
net ads Run functions using ADS transport
net file Functions on remote opened files
net share Functions on shares
net session Manage sessions
net server List servers in workgroup
net domain List domains/workgroups on network
net printq Modify printer queue
net user Manage users
net group Manage groups
net groupmap Manage group mappings
net sam Functions on the SAM database
net validate Validate username and password
net groupmember Modify group memberships
net admin Execute remote command on a remote OS/2 server
net service List/modify running services
net password Change user password on target server
...
net help Print usage information
Valid targets: choose one (none defaults to localhost)
-S or --server=<server> server name
-I or --ipaddress=<ipaddr> address of target server
-w or --workgroup=<wg> target workgroup or domain
Valid miscellaneous options are:
-p or --port=<port> connection port on target
-W or --myworkgroup=<wg> client workgroup
-d or --debuglevel=<level> debug level (0-10)
...
The concept of domain you mention is ambiguous.
The equivalent of wmic computersystem get domain is dnsdomainname .
This isn't the command to return the current user primary domain (Active Directory domain or otherwise).
That command for Active directory domain for a given Unix user mapped with samba is
wbinfo --sid-to-fullname `wbinfo --uid-to-sid username` | awk -F "\\" '{print $1}'.
Also see the following related StackOverFlow question.
The equivalent of net group /domain is net ads group -w <domainname>, which is provided by Samba. The net group /domain isn't for a current user as you have described it, if you want the command equivalent of your description you will need to add -U <username> to the equivalent given.
If you are just looking for a command to get the groups of the current user, then getent group | grep username for the unix groups and existing Windows groups to Unix groups as per the Winbind configuration, or
wbinfo --user-domgroups `wbinfo --uid-to-sid username`
for the global groups of a current user in a domain.
Related
I have written a service that monitors if my app is running and starts it if not. In result the app is run as a "system" user - which is the way I want it to be. I have several of those installations working properly.
The app should mount a network share that is in this case available on a linux samba server. The problem is that when running the command:
net use X: \\IP\share_name /user:login password
an error is displayed:
System error 1312 has occured.
A specified logon session does not exist. It may already have been
terminated.
I have run some checks and it turns out that the X: drive in local system is available, the server is online, the share is available, the credentials are OK, there are no other net use sessions running in this system. Also I have found out a strange behavior: running identical command as a standard user gives proper results and the drive is mounted properly.
Do you have any suggestions what might be the problem and how to solve it?
Additionally I am not a domain member, and the system that shows the error is Windows 7 Pro. I have other machines in the same network that do work properly without the error.
I have had the same issue some time ago. It helped when I introduced a domain name (even if you are not a domain member) before the login.
I your case try this command:
net use X: \\IP\share_name /user:whatEver\login password
Test this command:
EXEC XP_CMDSHELL 'net use Z: 192.168.3.55backupShare password#123 /User:domainuser'
I've just run into the same problem on upgrading to Windows 10 PE 2004 (19041). The older Windows 10 PE 1803 (17134) did not require the dot before the username.
Here's the solution:
Put the password before the user (this is the argument order given by net use /?).
Add the server's name, IP or a dot and then a backslash (.\) before the username .
Use:
net use X: \\IP\share_name password /user:.\login
or
net use X: \\IP\share_name password /user:IP\login
If you have arguments with spaces, add parenthesis around them:
net use X: "\\IP\share name" "pass word" /user:".\test user"
I am running the CUPS in Linux Debian machine. Using the CUPS I am sending the print request to Windows XP machine. I have enabled the 445 and 139 port and I am able to connect the Windows Machine. Printer is connected to the Windows Machine.
I am sending the print request using the following command
lp -E -d < Printer Name > file name.
After sending I am checking the printer status using the following command
lpstat -p < Printer Name >
I am getting the below error message when I execute the above message.
unable to connect to cifs host will retry in 60 seconds..
When I checked in the log I am getting the below error message.
session setup failed: NT_STATUS_LOGON_FAILURE and NT_STATUS_BAD_NETWORK_NAME
The DeviceURI is like below in /etc/cups/printers.conf
smb://username:password#IP Address of windows Machine/printer_Name
Please let me know if the password is having '#' symbol, how can we specify the '#' with actual syntax in DeviceURI ( user:password#IP )
Unfortunately you provide not enough detailed info about your specific setup. So I will make an effort to take several potential problems into account and give hints how to overcome them:
I.
Did you use the correct share name for your shared Windows printer?
To find out, use this command:
$ smbtree -U windowsusername
You might see something like the following output:
WORKGROUP
\\MURUGA-PC
\\MURUGA-PC\G
\\MURUGA-PC\Z
\\MURUGA-PC\Public
\\MURUGA-PC\print$ Printer Drivers
\\MURUGA-PC\EPSON Stylus CX8400 Series EPSON Stylus CX8400 Series
In other words: your printer's share name may contain spaces. But you cannot use spaces in the device URI for CUPS! What now?
Easy: (1) Either rename the share name on the Windows side. (2) Or escape the space by using %20 instead:
smb://muruga:mysecretpassword#muruga-pc/EPSON%20Stylus%20CX8400%20Serie
II.
Is your Windows XP by any chance using Kerberos authentication? For example, because it is part of an Active Directory environment? Then you should refer to this document on cups.org:
Configuring CUPS to Use Kerberos
Kerberos authentication does not work with username/password, it uses 'tickets'.
III.
Otherwise, if your Windows XP machine is part of a "standard" domain, you may be more successful by ditching your device URI of smb://username:password#ip-address-of-windows/printer_name and use this instead:
smb://username:password#domain_name/windows_host/printer_Name
The username you use has to be the Windows user name (with his/her password) who installed the printer on Windows!
IV.
Alternatively, you may have success by using IPP to print to Windows (though XP needs an IPP-enabling extension installed, provided by Microsoft). Be aware that MS is using a non-standard syntax for their device URIs (using port 80 or 443), and their version of IPP is still 1.0 (which always remained in "draft" status and never made it into an official release by the IETF):
DeviceURI https://mywindowsprintserver/printers/printername/.printer
or
DeviceURI http://mywindowsprintserver/printers/printername/.printer
For username/password authentication to this printer, you need
AuthInfoRequired username,password in /etc/cups/printers.conf and
DefaultAuthType Basic in cupsd.conf.
To use Kerberos, you need
AuthInfoRequired Negotiate in /etc/cups/printers.conf and
DefaultAuthType Negotiate in cupsd.conf.
If the whole setup is in a household with a private LAN/WLAN, you may want to consider removing all access controls (first on the Windows print server side, then):
AuthInfoRequired None in /etc/cups/printers.conf and
DefaultAuthType None in cupsd.conf.
If your problem is that your password contains a '#'-character, then try this:
smb://username:'p#ssword'#domain_name/windows_host/printer_Name
or
smb://username:p%40ssword#domain_name/windows_host/printer_Name
Scenario is this.
I have logged into a web server as admin through the login page in browser.
it has displayed me with an input box that with a button next to it saying "ping"
it essentially will ping an ip address that you input.
I know for a fact the service running on the web server is running as root.
my question is this. can i put in an IP address and then pipe a command after it to elevate my privileges?
For Example...
ping 192.168.0.1 | usermod -a -G <groupname> username
ping 192.168.0.1 | whoami
the command shell running the ping is running under root so in theory it should allow me to elevate a users privileges on the system? please correct me if i'm wrong.
Don't have anything to test on so hence the question.
thanks in advance
This question cannot be answered with a certain "yes" or "no" without seeing the code or being able to explore the system.
It all really depends on the web app. If they're simply concatenating your input onto the end of ping and then execing that command, then yes, what you show is possible.
On the other hand, if they're properly sanitizing inputs (e.g. ensuring the input is only an IP address), or using some other implementation (e.g. a Ping library), then it may not be vulnerable.
We are writing softwares that run on both Windows and Linux, and plan to use Windows Active Directory for authentication. I am struggling with the issues described below, and would appreciate any help very much:
Domain name: CORP.COMPANY.COM
Test programming running on the one Linux machine: host1.corp.company.com
The test program comes from the gss-sample from krb5-1.11.3 downloaded files.
The server will be named "gssapitest".
Based on "Step-by-Step Guide to Kerberos 5(krb5 1.0) Interoperability(from Microsoft)
,
First create a user "host1" in the AD to represent the host
host1.corp.company.com (the linux machine).
Use ktpass to generate the keytab (run from Windows):
ktpass /princ host/host1.corp.company.com#CORP.COMPANY.COM /mapuser host1 /pass
hostpassword /out file1.keytab
Now in AD, create another domain user "gssapitest" to represent the test server program, and map user similarly:
ktpass /princ gssapitest/host1.corp.company.com#CORP.COMPANY.COM /mapuser
gssapitest /pass gssapitestpassword /out file2.keytab
copy file1.keytab and file2.keytab to the Linux machine host1, and merge them to /etc/krb5.keytab.
In Linux, "ktutil" shows the content of /etc/krb5.keytab like the following:
slot KVNO Principal
1 4 host/host1.corp.company.com#CORP.COMPANY.COM
2 5 gssapitest/host1.corp.company.com#CORP.COMPANY.COM
On windows, register the service (using "setspn") for the Linux server program so that the result looks like (2 entries, one with mapped host name, the other with actual host name, for testing purpose. If only one entry, no matter which one, the result was the same):
Registered ServicePrincipalNames for
CN=xxxx,CN=Users,DC=corp,DC=company,DC=com:
gssapitest/host1:2001
gssapitest/host1.corp.company.com:2001
Now I start the server this way:
gss-server -port 2001 gssapitest
and start the client from another terminal this way:
gss-client -port 2001 -user xxxx -pass xxxxpassword host1.corp.company.com
gssapitest "abcd"
The error shows on the server side:
GSS-API error accepting context: Unspecified GSS failure. Minor code may
provide more information
GSS-API error accepting context: Wrong principal in request
What could be the likely cause of this? I'd like to know if the step I outlined about
are all necessary. and which one are not needed at all or are incorrect.
(Note: I have tried to log in to the Linux with both a local user account and
a domain account in CORP.COMPANY.COM, the result shows the same error.
also the nslookup shows correct IP to host mapping for the linux machine).
I would not include the port number when using setspn; I'd expect gssapitest not gssapitest:2001.
In addition, use gssapitest#host as the service name in the call to gss-client;
gss-client -user xxx -pass xxx -port 2001 hostname gssapitest#hostname "test message"
You can use krb5 tracing to get much better logging about what's going on:
export KRB5_TRACE=/tmp/trace.client # and run client
Similar for the server.
I did some test runs, and in my case, the problem seems to be this: I made changes to my mapped user, i.e., gssapitest (In "Active Directory Users and Computers", I unchecked "Use DES encryption types for this account" under "Account" tab for this user) after running "ktpass" and merged the output file to the krb5.keytab in the Linux machine.
To fix this problem, I checked the "Use DES encryptiuon types for this account" again from inside the Active Directory, then go to the Linux machine, run "kdestroy" before starting my server and client programs. Then it worked.
If anyone is having similar problems, you may want to look into this possible cause. Thanks.
what is the Linux command to connect to another server using host name and port number?
how to connect to another server using only host name and port number then check if an existing process is running? the only way i see it working is to log in to the server and run the PS command. but is there a way to do it without logging in directly to the other server and connect only with host name and port number and check the running process?
If you just want to try an arbitrary connection to a given host/port combination, you could try one nmap, telnet or nc (netcat).
Note that you can't necessarily determine whether or not a process is running remotely - it might be running on that port, but simply ignore anything it sees over the port. To really be sure, you will need to run ps or netstat or etc. via ssh or etc.
If you want to use SSH from e.g. a script or, more generally, without typing in login information, then you will want to use public key authentication. Ubuntu has some good documentation on how to set this up, and it's very much applicable to other distrobutions as well: https://help.ubuntu.com/community/SSH/OpenSSH/Keys.
If you have no access to the server you're trying to list processes on at all, then I'm afraid there isn't a way to list running processes remotely (besides remote tools like nmap and so on, as mentioned earlier - you can always probe public ports without authentication [although you might make people angry if you do this to servers you don't own]). This is a feature, not a problem.
telnet connects to most of services. With it you can ensure that port is open and see hello message (if any). Also nc is more low level.
eri#eri-macro ~ $ telnet smtp.yandex.ru 25
Trying 87.250.250.38...
Connected to smtp.yandex.ru.
Escape character is '^]'.
220 smtp16.mail.yandex.net ESMTP (Want to use Yandex.Mail for your domain? Visit http://pdd.yandex.ru)
helo
501 5.5.4 HELO requires domain address.
HELO ya.ru
250 smtp16.mail.yandex.net
MAILĀ FROM: <someusername#somecompany.ru>
502 5.5.2 Syntax error, command unrecognized.
If there is plain text protocol you cat talk with service by keyboard. If connection is secured try openssl.
openssl s_client -quiet -connect www.google.com:443
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
GET /
<HTML><HEAD>
If protocol is not known you may see much of hieroglyphs or just Connected to ... message.
Try this :
ssh <YOUR_HOST_NAME> 'ps auxwww'
Like Dark Falcon said in the comments, you need a protocol to communicate with the server, a port alone is useless in this case.
By default on unix (and unix like) servers, ssh is the way to go.
Remote Shell with this command. Example is cat a file on the remote machine.
rsh host port 'cat remotefile' >> localfile
host and port self explainitory
remotefile: name of some file on the machine remote logging to in home directory
localfile: name of file cat information to.
Use monitoring software (like Nagios). It looks at your processes, sensors, load and thatever you configured to watch. It continuously stores log. It alerts you by email\sms\jabber if something fails. You can access it with browser or by HTTP API.