System Intel
Profile any system. Extract hardware fingerprints. Know your target.
CLASSIFIED SCENARIO
Your team has gained access to an enemy workstation at a foreign embassy. Before exfiltrating data, you need to profile the system - hardware specs, available resources, storage capacity. This intel will determine what tools can be deployed and how much data can be staged for extraction.
Why System Profiling Matters
When you gain access to a target system, the first question is always: What am I working with? System profiling reveals critical intelligence:
- CPU architecture determines which exploits and tools will work
- Memory availability affects what can be loaded without detection
- Disk space determines exfiltration staging capacity
- Uptime reveals maintenance windows and potential monitoring gaps
- Kernel version identifies unpatched vulnerabilities
Forensic Value
- Hardware fingerprinting - Unique system identifiers for attribution
- Resource constraints - Plan tool deployment within limits
- Kernel/OS version - Map to known CVEs and exploits
- Storage analysis - Find hidden partitions, estimate exfil capacity
- Uptime patterns - Identify maintenance windows
Core System Intel Commands
uname - System Identity
Reveals kernel name, version, architecture, and hostname. The -a flag shows everything.
lscpu - CPU Intelligence
Detailed processor info: architecture, cores, threads, cache, virtualization support.
free - Memory Status
RAM and swap usage. Use -h for human-readable sizes. Critical for tool deployment.
uptime - System Age
How long since last reboot, current time, load averages. Reveals maintenance patterns.
df - Disk Free Space
Mounted filesystem usage. Use -h for human sizes. Find space for staging.
du - Disk Usage
Directory sizes. Use -sh for summary. Find where data lives.
Command Deep Dive
uname - Know Your Kernel
operator@target:~$ uname -a
Linux embassy-ws-07 5.15.0-91-generic #101-Ubuntu SMP x86_64 GNU/Linux
operator@target:~$ uname -r
5.15.0-91-generic # Just kernel version - check for CVEs
operator@target:~$ uname -m
x86_64 # Architecture - determines which binaries work
lscpu - Processor Profile
operator@target:~$ lscpu
Architecture: x86_64
CPU(s): 8
Thread(s) per core: 2
Core(s) per socket: 4
Model name: Intel(R) Core(TM) i7-10700 @ 2.90GHz
Virtualization: VT-x
L3 cache: 16 MiB
# Virtualization support = can run nested VMs
# 8 CPUs = can handle parallel operations
free - Memory Analysis
operator@target:~$ free -h
total used free shared available
Mem: 31Gi 8.2Gi 18Gi 512Mi 22Gi
Swap: 4.0Gi 0B 4.0Gi
# 22GB available = plenty for memory-resident tools
# Swap unused = system not under memory pressure
uptime & df - Operational Intel
operator@target:~$ uptime
14:32:17 up 47 days, 3:21, 2 users, load average: 0.15, 0.21, 0.18
# 47 days uptime = likely no security patches applied recently
operator@target:~$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 450G 127G 300G 30% /
/dev/sdb1 1.8T 1.2T 600G 67% /data
# 300GB free on root, 600GB on /data
# /data partition likely contains target files
Quick Reference
| Command | Purpose | Key Flags |
|---|---|---|
uname -a |
All system info | -r (kernel), -m (arch), -n (hostname) |
lscpu |
CPU details | No flags needed |
free -h |
Memory usage | -h (human), -m (MB), -g (GB) |
uptime |
System uptime | -p (pretty), -s (since) |
df -h |
Disk free space | -h (human), -T (filesystem type) |
du -sh |
Directory size | -s (summary), -h (human) |
Operational Workflow
# === RAPID SYSTEM PROFILE ===
$ echo "=== TARGET PROFILE ===" && date
$ uname -a # System identity
$ lscpu | grep -E "^(Arch|CPU|Model)" # Key CPU info
$ free -h | head -2 # Memory available
$ df -h | grep -v tmpfs # Real disk usage
$ uptime # Patch window estimate
# This 5-command sequence gives you everything needed
# to plan operations on an unfamiliar system
Ready to Profile a Target?
Test your system intel skills, then apply them in the lab.