Beyond

This is the beyond page that an additional post enumeration and assessment are conducted as the root user after compromising the target system.

Grafana

root@fanatastic:~# systemctl status grafana-server.service
● grafana-server.service - Grafana instance
     Loaded: loaded (/lib/systemd/system/grafana-server.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2024-08-03 01:23:52 UTC; 7 months 29 days ago
       Docs: http://docs.grafana.org
   Main PID: 849 (grafana-server)
      Tasks: 10 (limit: 1066)
     Memory: 53.4M
     CGroup: /system.slice/grafana-server.service
             └─849 /usr/sbin/grafana-server --config=/etc/grafana/grafana.ini --pidfile=/run/grafana/grafana-server.pid --packaging=deb cfg:default.paths.logs=/var/log/grafana cfg:default.paths.data=/var/lib/grafana cfg:default.paths.plugins=/var/lib/grafana/plugins cfg:default.paths.provisioning=/etc/grafana/provisioning
 
 
 
root@fanatastic:~# cat /lib/systemd/system/grafana-server.service
[Unit]
Description=Grafana instance
Documentation=http://docs.grafana.org
Wants=network-online.target
After=network-online.target
After=postgresql.service mariadb.service mysql.service
 
[Service]
EnvironmentFile=/etc/default/grafana-server
User=grafana
Group=grafana
Type=simple
Restart=on-failure
WorkingDirectory=/usr/share/grafana
RuntimeDirectory=grafana
RuntimeDirectoryMode=0750
ExecStart=/usr/sbin/grafana-server                                                  \
                            --config=${CONF_FILE}                                   \
                            --pidfile=${PID_FILE_DIR}/grafana-server.pid            \
                            --packaging=deb                                         \
                            cfg:default.paths.logs=${LOG_DIR}                       \
                            cfg:default.paths.data=${DATA_DIR}                      \
                            cfg:default.paths.plugins=${PLUGINS_DIR}                \
                            cfg:default.paths.provisioning=${PROVISIONING_CFG_DIR}  
 
 
LimitNOFILE=10000
TimeoutStopSec=20
CapabilityBoundingSet=
DeviceAllow=
LockPersonality=true
MemoryDenyWriteExecute=false
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectClock=true
ProtectControlGroups=true
ProtectHome=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectProc=invisible
ProtectSystem=full
RemoveIPC=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
UMask=0027
 
[Install]
WantedBy=multi-user.target
 
 
 
root@fanatastic:~# cat /etc/default/grafana-server
GRAFANA_USER=grafana
GRAFANA_GROUP=grafana
GRAFANA_HOME=/usr/share/grafana
LOG_DIR=/var/log/grafana
DATA_DIR=/var/lib/grafana
MAX_OPEN_FILES=10000
CONF_DIR=/etc/grafana
CONF_FILE=/etc/grafana/grafana.ini
RESTART_ON_UPGRADE=true
PLUGINS_DIR=/var/lib/grafana/plugins
PROVISIONING_CFG_DIR=/etc/grafana/provisioning
 
# Only used on systemd systems
PID_FILE_DIR=/run/grafana
 
 
 
root@fanatastic:~# ll /var/lib/grafana/
total 776
drwxr-xr-x  6 grafana grafana   4096 Apr  2 14:27 ./
drwxr-xr-x 43 root    root      4096 Feb  4  2022 ../
drwxr-x---  3 grafana grafana   4096 Feb  4  2022 alerting/
drwx------  2 grafana grafana   4096 Feb  4  2022 csv/
-rw-r-----  1 grafana grafana 765952 Apr  2 14:27 grafana.db
drwxr-x---  2 grafana grafana   4096 Feb  4  2022 plugins/
drwx------  2 grafana grafana   4096 Feb  4  2022 png/

Prometheus

root@fanatastic:~# systemctl status prometheus.service
● prometheus.service - Prometheus
     Loaded: loaded (/etc/systemd/system/prometheus.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2024-08-03 01:23:52 UTC; 7 months 29 days ago
   Main PID: 853 (prometheus)
      Tasks: 8 (limit: 1066)
     Memory: 61.6M
     CGroup: /system.slice/prometheus.service
             └─853 /usr/local/bin/prometheus --config.file /etc/prometheus/prometheus.yml --storage.tsdb.path /var/lib/prometheus/ --web.console.templates=/etc/prometheus/consoles --web.console.libraries=/etc/prometheus/console_libraries
 
 
 
 
root@fanatastic:~# cat /etc/systemd/system/prometheus.service
[Unit]
Description=Prometheus
Wants=network-online.target
After=network-online.target
 
[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/local/bin/prometheus     --config.file /etc/prometheus/prometheus.yml     --storage.tsdb.path /var/lib/prometheus/     --web.console.templates=/etc/prometheus/consoles     --web.console.libraries=/etc/prometheus/console_libraries
 
[Install]
WantedBy=multi-user.target
 
 
 
 
root@fanatastic:~# cat /etc/prometheus/prometheus.yml
global:
  scrape_interval: 10s
 
scrape_configs:
  - job_name: 'prometheus'
    scrape_interval: 5s
    static_configs:
      - targets: ['localhost:9090']
 
 
 
root@fanatastic:~# ll /var/lib/prometheus/
total 44
drwxr-xr-x  5 prometheus prometheus  4096 Apr  2 14:17 ./
drwxr-xr-x 43 root       root        4096 Feb  4  2022 ../
drwxr-xr-x  3 prometheus prometheus  4096 Apr  2 12:17 01JQV6ZEPQ9RA5G6JH0H531RAY/
drwxr-xr-x  2 prometheus prometheus  4096 Apr  2 14:17 chunks_head/
-rw-r--r--  1 prometheus prometheus     0 Aug  3  2024 lock
-rw-r--r--  1 prometheus prometheus 20001 Apr  2 14:30 queries.active
drwxr-xr-x  3 prometheus prometheus  4096 Apr  2 14:17 wal/

InfoSec LAB

Explorer

Fanatastic_Beyond

Beyond

Grafana

Prometheus

Interactive Graph View

Table of Contents

Backlinks