The Ultimate Unix Cheat Sheet

I just stumbled across Rosetta Stone for Unix, a brilliant page that lists how to do a large number of tasks in a variety of unix-like operating systems.  I wish I’d found this years ago. It should be very handy for pentesting or auditing those less familiar unix flavours. I’ll definitely taking a copy with […]

Finding the NIS Domain Name from Bootparamd

NIS (Network Information Service) is not a particularly common protocol on modern internal networks. This is for good reason really consider its security weaknesses.  Its presense is often a gift to penetration testers (and probably hackers too).  This blog entry briefly documents one way that all important NIS Domain Name can be found remotely.


Basically tries lots of combinations of local and remote usernames to execute commands via RSH. Download SHA1sum: f1b37abb6ad54df775c1cf194ab91fd41d607f1f MD5sum: 2ecae8730f89c697f2512181ded3842f User documentation is also available in PDF format.