Scheduling Jobs

Introduction

When penetration testing Linux systems you may come across a system that is running a job at a regular interval. Sometimes those can be hijacked or otherwise abused. Here I discuss the two main methods, cron jobs and systemd timers.

Cron

Systemd Timers

https://www.youtube.com/watch?v=Oup21KLlpD8

You need three elements

Script or program to run
Systemd service
- Goes into /etc/systemd/system or /lib/systemd/system/ and ents in .service
Timer to start the service
- Goes into /etc/systemd/system/ and ends in .timer
- Timers run the .service that shares the same name as it by default
  - This behavior can be changed by adding Unit=<service name> in the [Timer] section

Example Script

#!/bin/bash
echo "The date is $(date)" >> /tmp/log.log

Example Service

[Unit]
Description=My custom script

[Service]
Type=simple
ExecStart=/opt/myscript.sh
User=arronp

Example Timers

[Unit]
Description=My Custom script

[Timer]
Unit=myscript.service
OnBootSec=5min
OnUnitActiveSec=15min

[Install]
Wantedby=graphical.timer

[Unit]
Description=My Custom script

[Timer]
Unit=myscript.service
OnCalendar=Thu *-*-* 17:00:00

[Install]
Wantedby=timers.target

To start the timer once all elements are in place:

sudo systemctl deamon-reload
sudo systemctl enable myscript.timer
sudo systemctl start myscript.timer

View Timers

You can view all of the timers with:

systemclt list-timers

Continuously look at timers every second with:

watch -n 1 'systemctl list-timers'

PreviousLinux File System NextPOSIX

Last updated 3 years ago

Was this helpful?