Update linux-forensics.md

fixes grammatical errors

Signed-off-by: Yuvraj Saxena <ysaxenax@gmail.com>
This commit is contained in:
Yuvraj Saxena 2024-03-31 18:14:46 +05:30
parent c539bd7d2c
commit dce6181884

View file

@ -223,7 +223,7 @@ Get Access Today:
## Recover Deleted Running Binaries ## Recover Deleted Running Binaries
Imagina a process taht was executed from /tmp/exec and deleted. It's possible to extract it Imagine a process that was executed from /tmp/exec and then deleted. It's possible to extract it
```bash ```bash
cd /proc/3746/ #PID with the exec file deleted cd /proc/3746/ #PID with the exec file deleted
@ -251,7 +251,7 @@ ls -l /usr/lib/cron/tabs/ /Library/LaunchAgents/ /Library/LaunchDaemons/ ~/Libra
### Services ### Services
Paths where a malware could be isntalled as a service: Paths where a malware could be installed as a service:
* **/etc/inittab**: Calls initialization scripts like rc.sysinit, directing further to startup scripts. * **/etc/inittab**: Calls initialization scripts like rc.sysinit, directing further to startup scripts.
* **/etc/rc.d/** and **/etc/rc.boot/**: Contain scripts for service startup, the latter being found in older Linux versions. * **/etc/rc.d/** and **/etc/rc.boot/**: Contain scripts for service startup, the latter being found in older Linux versions.