Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- =================================================================================================
- LINUX PRIVILEGE ESCALATION CHECKER
- =================================================================================================
- [*] GETTING BASIC SYSTEM INFO...
- [+] Kernel
- Linux version 2.6.32-696.20.1.el6.x86_64 (mockbuild@x86_64_01.bsys.centos.org) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC) ) #1 SMP Fri Jan 26 17:51:45 UTC 2018
- [+] Hostname
- cddc-t107-ot-svr2
- [+] Operating System
- CentOS release 6.9 (Final)
- Kernel \r on an \m
- [*] GETTING NETWORKING INFO...
- [+] Interfaces
- eth0 Link encap:Ethernet HWaddr 42:01:0A:32:C7:0C
- inet addr:10.50.199.12 Bcast:10.50.199.12 Mask:255.255.255.255
- inet6 addr: fe80::4001:aff:fe32:c70c/64 Scope:Link
- UP BROADCAST RUNNING MULTICAST MTU:1460 Metric:1
- RX packets:1055295 errors:0 dropped:0 overruns:0 frame:0
- TX packets:1093284 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:1000
- RX bytes:166219997 (158.5 MiB) TX bytes:189726574 (180.9 MiB)
- lo Link encap:Local Loopback
- inet addr:127.0.0.1 Mask:255.0.0.0
- inet6 addr: ::1/128 Scope:Host
- UP LOOPBACK RUNNING MTU:65536 Metric:1
- RX packets:20 errors:0 dropped:0 overruns:0 frame:0
- TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:1166 (1.1 KiB) TX bytes:1166 (1.1 KiB)
- [+] Netstat
- Active Internet connections (servers and established)
- Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
- tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN -
- tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
- tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
- tcp 0 0 10.50.199.12:60770 169.254.169.254:80 ESTABLISHED -
- tcp 0 0 10.50.199.12:60774 169.254.169.254:80 ESTABLISHED -
- tcp 4 0 10.50.199.12:60764 169.254.169.254:80 CLOSE_WAIT -
- tcp 0 0 10.50.199.12:60772 169.254.169.254:80 ESTABLISHED -
- tcp 0 0 :::80 :::* LISTEN -
- tcp 0 0 :::22 :::* LISTEN -
- tcp 0 0 ::1:25 :::* LISTEN -
- tcp 0 0 ::ffff:10.50.199.12:80 ::ffff:10.50.199.11:38962 ESTABLISHED -
- udp 0 0 0.0.0.0:68 0.0.0.0:* -
- udp 0 0 10.50.199.12:123 0.0.0.0:* -
- udp 0 0 127.0.0.1:123 0.0.0.0:* -
- udp 0 0 0.0.0.0:123 0.0.0.0:* -
- udp 0 0 fe80::4001:aff:fe32:c70c:123 :::* -
- udp 0 0 ::1:123 :::* -
- udp 0 0 :::123 :::* -
- [+] Route
- Kernel IP routing table
- Destination Gateway Genmask Flags Metric Ref Use Iface
- 10.50.199.1 * 255.255.255.255 UH 0 0 0 eth0
- link-local * 255.255.0.0 U 1002 0 0 eth0
- default 10.50.199.1 0.0.0.0 UG 0 0 0 eth0
- [*] GETTING FILESYSTEM INFO...
- [+] Mount results
- /dev/sda1 on / type ext4 (rw,barrier=1)
- proc on /proc type proc (rw)
- sysfs on /sys type sysfs (rw)
- devpts on /dev/pts type devpts (rw,gid=5,mode=620)
- tmpfs on /dev/shm type tmpfs (rw)
- none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
- [+] fstab entries
- #
- # /etc/fstab
- # Created by anaconda on Thu Jan 4 23:17:54 2018
- #
- # Accessible filesystems, by reference, are maintained under '/dev/disk'
- # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
- #
- UUID=2cf5abb9-aa83-4723-b2b3-92a33f556d67 / ext4 defaults,barrier=1 1 1
- tmpfs /dev/shm tmpfs defaults 0 0
- devpts /dev/pts devpts gid=5,mode=620 0 0
- sysfs /sys sysfs defaults 0 0
- proc /proc proc defaults 0 0
- [+] Scheduled cron jobs
- -rw-------. 1 root root 0 Aug 23 2016 /etc/cron.deny
- -rw-r--r--. 1 root root 457 Sep 27 2011 /etc/crontab
- /etc/cron.d:
- total 20
- drwxr-xr-x. 2 root root 4096 Jan 30 08:30 .
- drwxr-xr-x. 78 root root 4096 Jun 2 01:39 ..
- -rw-r--r--. 1 root root 113 Aug 23 2016 0hourly
- -rw-------. 1 root root 108 Jan 26 2017 raid-check
- -rw-------. 1 root root 235 Jan 26 07:43 sysstat
- /etc/cron.daily:
- total 40
- drwxr-xr-x. 2 root root 4096 Jan 4 23:25 .
- drwxr-xr-x. 78 root root 4096 Jun 2 01:39 ..
- -rwxr-xr-x. 1 root root 4983 Mar 22 2017 0yum.cron
- -rwx------. 1 root root 180 Jul 9 2003 logrotate
- -rwx------. 1 root root 927 Mar 22 2017 makewhatis.cron
- -rwx------. 1 root root 189 Jan 26 2015 mlocate.cron
- -rwxr-xr-x. 1 root root 2126 Jul 19 2013 prelink
- -rwxr-xr-x. 1 root root 563 Nov 23 2013 readahead.cron
- -rwxr-xr-x. 1 root root 433 Nov 6 2015 tmpwatch
- /etc/cron.hourly:
- total 12
- drwxr-xr-x. 2 root root 4096 Jan 4 23:18 .
- drwxr-xr-x. 78 root root 4096 Jun 2 01:39 ..
- -rwxr-xr-x. 1 root root 409 Aug 23 2016 0anacron
- /etc/cron.monthly:
- total 12
- drwxr-xr-x. 2 root root 4096 Jan 4 23:19 .
- drwxr-xr-x. 78 root root 4096 Jun 2 01:39 ..
- -rwxr-xr-x. 1 root root 111 Nov 23 2013 readahead-monthly.cron
- /etc/cron.weekly:
- total 8
- drwxr-xr-x. 2 root root 4096 Sep 27 2011 .
- drwxr-xr-x. 78 root root 4096 Jun 2 01:39 ..
- [+] Writable cron dirs
- [*] ENUMERATING USER AND ENVIRONMENTAL INFO...
- [+] Logged in User Activity
- 08:40:53 up 1 day, 23:48, 0 users, load average: 0.00, 0.00, 0.00
- USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
- [+] Super Users Found:
- root
- [+] Environment
- TERM=linux
- PATH=/sbin:/usr/sbin:/bin:/usr/bin:/tmp
- runlevel=3
- RUNLEVEL=3
- _=/bin/env
- LANGSH_SOURCED=1
- PWD=/var/www/html/project/logos_clients
- LANG=C
- previous=N
- PREVLEVEL=N
- CONSOLETYPE=serial
- SHLVL=5
- UPSTART_INSTANCE=
- UPSTART_EVENTS=runlevel
- UPSTART_JOB=rc
- [+] Root and current user history (depends on privs)
- [+] Sudoers (privileged)
- [+] All users
- root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- abrt:x:173:173::/etc/abrt:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- saslauth:x:499:76:Saslauthd user:/var/empty/saslauth:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
- Chris:x:500:501::/home/Chris:/bin/bash
- osboxes:x:501:502::/home/osboxes:/bin/bash
- [+] Current User
- apache
- [+] Current User ID
- uid=48(apache) gid=48(apache) groups=48(apache)
- [*] ENUMERATING FILE AND DIRECTORY PERMISSIONS/CONTENTS...
- [+] World Writeable Directories for User/Group 'Root'
- drwxrwxrwt 2 root root 40 May 31 08:51 /dev/shm
- drwxrwxrwt. 3 root root 4096 Jun 2 08:40 /tmp
- drwxrwxrwt 2 root root 4096 May 31 08:52 /tmp/.ICE-unix
- drwxrwxrwt. 2 root root 4096 Feb 13 03:04 /var/tmp
- drwxrwxrwt. 2 root root 4096 May 15 2016 /opt/rh/python27/root/tmp
- drwxrwxrwt. 2 root root 4096 May 15 2016 /opt/rh/python27/root/var/tmp
- [+] World Writeable Directories for Users other than Root
- drwxrwxrwx. 38 apache apache 4096 Jan 30 08:37 /var/www/html/project
- drwxrwxrwx. 2 apache apache 4096 Jun 2 07:17 /var/www/html/project/files
- [+] World Writable Files
- -rw-rw-rw- 1 apache apache 163746 Jun 2 08:06 /var/www/html/project/logos_clients/1.IQLbbdxVg.php
- [+] Checking if root's home folder is accessible
- [+] SUID/SGID Files and Directories
- -rws--x--x 1 root root 42288 Aug 22 2010 /usr/sbin/userhelper
- -rwxr-sr-x. 1 root postdrop 217832 Mar 23 2017 /usr/sbin/postqueue
- -rwsr-xr-x. 1 root root 9000 Oct 4 2017 /usr/sbin/usernetctl
- -rwxr-sr-x. 1 root postdrop 189000 Mar 23 2017 /usr/sbin/postdrop
- -r-s--x---. 1 root apache 13984 Oct 19 2017 /usr/sbin/suexec
- -rwsr-xr-x. 1 abrt abrt 10296 Mar 23 2017 /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache
- -rwsr-xr-x. 1 root root 14368 Mar 17 2015 /usr/libexec/polkit-1/polkit-agent-helper-1
- -rwx--s--x 1 root utmp 9808 Aug 18 2010 /usr/libexec/utempter/utempter
- -rws--x--x. 1 root root 14736 Jun 20 2017 /usr/libexec/pt_chown
- -rwsr-xr-x. 1 root root 257824 Aug 31 2017 /usr/libexec/openssh/ssh-keysign
- -rwsr-xr-x. 1 root root 22544 Mar 17 2015 /usr/bin/pkexec
- -rwsr-xr-x. 1 root root 40240 May 10 2016 /usr/bin/newgrp
- -rwsr-xr-x. 1 root root 30768 Nov 23 2015 /usr/bin/passwd
- -rws--x--x. 1 root root 20056 Jan 26 07:41 /usr/bin/chsh
- ---s--x---. 1 root stapusr 183072 Mar 22 2017 /usr/bin/staprun
- -rwxr-sr-x. 1 root nobody 141384 Aug 31 2017 /usr/bin/ssh-agent
- ---s--x--x. 1 root root 123832 Jun 22 2017 /usr/bin/sudo
- -rws--x--x. 1 root root 20184 Jan 26 07:41 /usr/bin/chfn
- -rwsr-xr-x. 1 root root 54464 Mar 22 2017 /usr/bin/at
- -rwsr-xr-x. 1 root root 51784 Aug 23 2016 /usr/bin/crontab
- -rwsr-xr-x. 1 root root 70480 May 10 2016 /usr/bin/chage
- -rwxr-sr-x. 1 root tty 12016 Jan 26 07:41 /usr/bin/write
- -rwsr-xr-x. 1 root root 75640 May 10 2016 /usr/bin/gpasswd
- -r-xr-sr-x 1 root tty 15224 Jul 23 2015 /usr/bin/wall
- -rwx--s--x 1 root slocate 38464 Mar 12 2015 /usr/bin/locate
- -rwsr-xr-x. 1 root root 10272 Mar 22 2017 /sbin/pam_timestamp_check
- -rwxr-sr-x 1 root root 8792 Oct 4 2017 /sbin/netreport
- -rwsr-xr-x. 1 root root 34840 Mar 22 2017 /sbin/unix_chkpwd
- -rwsr-xr-x. 1 root root 6571 Feb 13 03:05 /home/scan_host
- -rwsr-x--- 1 root dbus 50552 Apr 22 2015 /lib64/dbus-1/dbus-daemon-launch-helper
- -rwsr-xr-x. 1 root root 36488 Mar 22 2017 /bin/ping6
- -rwsr-xr-x. 1 root root 77560 Jan 26 07:41 /bin/mount
- -rwsr-xr-x. 1 root root 53480 Jan 26 07:41 /bin/umount
- -rwsr-xr-x. 1 root root 34904 Mar 22 2017 /bin/su
- -rwsr-xr-x. 1 root root 38520 Mar 22 2017 /bin/ping
- -rwxr-sr-x 1 root cgred 16352 Oct 4 2017 /bin/cgclassify
- -rwxr-sr-x 1 root cgred 16384 Oct 4 2017 /bin/cgexec
- [+] Logs containing keyword 'password'
- /var/log/prelink/prelink.log:Prelinking /bin/pwd
- /var/log/prelink/prelink.log:Prelinking /usr/bin/pwdx
- [+] Config files containing keyword 'password'
- /etc/pki/tls/openssl.cnf:# input_password = secret
- /etc/pki/tls/openssl.cnf:# output_password = secret
- /etc/pki/tls/openssl.cnf:challengePassword = A challenge password
- /etc/libreport/forbidden_words.conf:password
- /etc/libreport/plugins/ureport.conf:# Use username and password:
- /etc/libreport/plugins/ureport.conf:# HTTPAuth = username:password
- /etc/libreport/events.d/abrt_event.conf: reporter-upload -u scp://user:password@server.name/var/spool/abrt-upload/ || :
- /etc/libreport/events.d/abrt_event.conf: reporter-upload -u scp://user:password@server.name/tmp/crash.tar.gz || :
- /etc/postfix/main.cf:# NOTE: if you use this feature for accounts not in the UNIX password
- /etc/postfix/main.cf:# NOTE: if you use this feature for accounts not in the UNIX password
- /etc/postfix/main.cf:# NOTE: if you use this feature for accounts not in the UNIX password
- Binary file /etc/prelink.cache matches
- [+] Shadow File (Privileged)
- [*] ENUMERATING PROCESSES AND APPLICATIONS...
- [+] Installed Packages
- ConsoleKit-0.4.1-6.el6.x86_64
- ConsoleKit-libs-0.4.1-6.el6.x86_64
- MAKEDEV-3.24-6.el6.x86_64
- abrt-2.0.8-43.el6.centos.x86_64
- abrt-addon-ccpp-2.0.8-43.el6.centos.x86_64
- abrt-addon-kerneloops-2.0.8-43.el6.centos.x86_64
- abrt-addon-python-2.0.8-43.el6.centos.x86_64
- abrt-cli-2.0.8-43.el6.centos.x86_64
- abrt-libs-2.0.8-43.el6.centos.x86_64
- abrt-python-2.0.8-43.el6.centos.x86_64
- abrt-tui-2.0.8-43.el6.centos.x86_64
- acl-2.2.49-7.el6_9.1.x86_64
- acpid-1.0.10-3.el6.x86_64
- apr-1.3.9-5.el6_9.1.x86_64
- apr-util-1.3.9-3.el6_0.1.x86_64
- apr-util-ldap-1.3.9-3.el6_0.1.x86_64
- at-3.1.10-49.el6.x86_64
- attr-2.4.44-7.el6.x86_64
- audit-2.4.5-6.el6.x86_64
- audit-libs-2.4.5-6.el6.x86_64
- audit-libs-python-2.4.5-6.el6.x86_64
- augeas-libs-1.0.0-10.el6.x86_64
- authconfig-6.1.12-23.el6.x86_64
- basesystem-10.0-4.el6.noarch
- bash-4.1.2-48.el6.x86_64
- bc-1.06.95-1.el6.x86_64
- bind-libs-9.8.2-0.62.rc1.el6_9.5.x86_64
- bind-utils-9.8.2-0.62.rc1.el6_9.5.x86_64
- binutils-2.20.51.0.2-5.47.el6_9.1.x86_64
- biosdevname-0.7.2-1.el6.x86_64
- blktrace-1.0.1-7.el6.x86_64
- bridge-utils-1.2-10.el6.x86_64
- bzip2-1.0.5-7.el6_0.x86_64
- bzip2-libs-1.0.5-7.el6_0.x86_64
- ca-certificates-2017.2.14-65.0.1.el6_9.noarch
- centos-indexhtml-6-2.el6.centos.noarch
- centos-release-6-9.el6.12.3.x86_64
- centos-release-scl-7-3.el6.centos.noarch
- centos-release-scl-rh-2-3.el6.centos.noarch
- checkpolicy-2.0.22-1.el6.x86_64
- chkconfig-1.3.49.5-1.el6.x86_64
- cloog-ppl-0.15.7-1.2.el6.x86_64
- coreutils-8.4-46.el6.x86_64
- coreutils-libs-8.4-46.el6.x86_64
- cpio-2.10-13.el6.x86_64
- cpp-4.4.7-18.el6.x86_64
- cpuspeed-1.5-22.el6.x86_64
- cracklib-2.8.16-4.el6.x86_64
- cracklib-dicts-2.8.16-4.el6.x86_64
- crda-3.13_2015.10.22-3.el6.x86_64
- cronie-1.4.4-16.el6_8.2.x86_64
- cronie-anacron-1.4.4-16.el6_8.2.x86_64
- crontabs-1.10-33.el6.noarch
- cryptsetup-luks-1.2.0-11.el6.x86_64
- cryptsetup-luks-libs-1.2.0-11.el6.x86_64
- curl-7.19.7-53.el6_9.x86_64
- cyrus-sasl-2.1.23-15.el6_6.2.x86_64
- cyrus-sasl-lib-2.1.23-15.el6_6.2.x86_64
- cyrus-sasl-plain-2.1.23-15.el6_6.2.x86_64
- dash-0.5.5.1-4.el6.x86_64
- db4-4.7.25-22.el6.x86_64
- db4-utils-4.7.25-22.el6.x86_64
- dbus-1.2.24-8.el6_6.x86_64
- dbus-glib-0.86-6.el6.x86_64
- dbus-libs-1.2.24-8.el6_6.x86_64
- dbus-python-0.83.0-6.1.el6.x86_64
- desktop-file-utils-0.15-9.el6.x86_64
- device-mapper-1.02.117-12.el6_9.1.x86_64
- device-mapper-event-1.02.117-12.el6_9.1.x86_64
- device-mapper-event-libs-1.02.117-12.el6_9.1.x86_64
- device-mapper-libs-1.02.117-12.el6_9.1.x86_64
- device-mapper-persistent-data-0.6.2-0.1.rc7.el6.x86_64
- dhclient-4.1.1-53.P1.el6.centos.1.x86_64
- dhcp-common-4.1.1-53.P1.el6.centos.1.x86_64
- diffutils-2.8.1-28.el6.x86_64
- dmidecode-2.12-7.el6.x86_64
- dosfstools-3.0.9-4.el6.x86_64
- dracut-004-409.el6_8.2.noarch
- dracut-kernel-004-409.el6_8.2.noarch
- e2fsprogs-1.41.12-23.el6.x86_64
- e2fsprogs-libs-1.41.12-23.el6.x86_64
- ed-1.1-3.3.el6.x86_64
- eggdbus-0.6-3.el6.x86_64
- elfutils-0.164-2.el6.x86_64
- elfutils-libelf-0.164-2.el6.x86_64
- elfutils-libs-0.164-2.el6.x86_64
- epel-release-6-8.noarch
- ethtool-3.5-6.el6.x86_64
- expat-2.0.1-13.el6_8.x86_64
- file-5.04-30.el6.x86_64
- file-libs-5.04-30.el6.x86_64
- filesystem-2.4.30-3.el6.x86_64
- findutils-4.4.2-9.el6.x86_64
- fipscheck-1.2.0-7.el6.x86_64
- fipscheck-lib-1.2.0-7.el6.x86_64
- fprintd-0.1-22.git04fd09cfa.el6.x86_64
- fprintd-pam-0.1-22.git04fd09cfa.el6.x86_64
- gamin-0.1.10-9.el6.x86_64
- gawk-3.1.7-10.el6_7.3.x86_64
- gcc-4.4.7-18.el6.x86_64
- gce-disk-expand-1.0.0-1460396597.el6.x86_64
- gdbm-1.8.0-39.el6.x86_64
- gdisk-0.8.10-1.el6.x86_64
- gdk-pixbuf2-2.24.1-6.el6_7.x86_64
- glib2-2.28.8-9.el6.x86_64
- glibc-2.12-1.209.el6_9.2.x86_64
- glibc-common-2.12-1.209.el6_9.2.x86_64
- glibc-devel-2.12-1.209.el6_9.2.x86_64
- glibc-headers-2.12-1.209.el6_9.2.x86_64
- gmp-4.3.1-12.el6.x86_64
- gnupg2-2.0.14-8.el6.x86_64
- google-compute-engine-2.7.2-1.el6.noarch
- google-compute-engine-oslogin-1.1.2-1.el6.x86_64
- gpg-pubkey-3e1ba8d5-558ab6a8
- gpg-pubkey-a7317b0f-551deab2
- gpg-pubkey-c105b9de-4e0fd3a3
- gpg-pubkey-f2ee9d55-560cfc0a
- gpgme-1.1.8-3.el6.x86_64
- gpm-libs-1.20.6-12.el6.x86_64
- grep-2.20-6.el6.x86_64
- groff-1.18.1.4-21.el6.x86_64
- grub-0.97-99.el6.x86_64
- grubby-7.0.15-7.el6.x86_64
- gzip-1.3.12-24.el6.x86_64
- hal-0.5.14-14.el6.x86_64
- hal-info-20090716-5.el6.noarch
- hal-libs-0.5.14-14.el6.x86_64
- hdparm-9.43-4.el6.x86_64
- httpd-2.2.15-60.el6.centos.6.x86_64
- httpd-tools-2.2.15-60.el6.centos.6.x86_64
- hunspell-1.2.8-16.el6.x86_64
- hunspell-en-0.20090216-7.1.el6.noarch
- hwdata-0.233-18.1.el6.noarch
- info-4.13a-8.el6.x86_64
- initscripts-9.03.58-1.el6.centos.2.x86_64
- iproute-2.6.32-54.el6.x86_64
- iptables-1.4.7-16.el6.x86_64
- iptables-ipv6-1.4.7-16.el6.x86_64
- iputils-20071127-24.el6.x86_64
- iso-codes-3.16-2.el6.noarch
- iw-4.1-1.el6.x86_64
- jasper-libs-1.900.1-21.el6_9.x86_64
- json-c-0.11-13.el6.x86_64
- kbd-1.15-11.el6.x86_64
- kbd-misc-1.15-11.el6.noarch
- kernel-2.6.32-696.18.7.el6.x86_64
- kernel-2.6.32-696.20.1.el6.x86_64
- kernel-2.6.32-696.el6.x86_64
- kernel-firmware-2.6.32-696.20.1.el6.noarch
- kernel-headers-2.6.32-696.20.1.el6.x86_64
- keyutils-libs-1.4-5.el6.x86_64
- kpartx-0.4.9-100.el6_9.1.x86_64
- krb5-libs-1.10.3-65.el6.x86_64
- ledmon-0.79-1.el6.x86_64
- less-436-13.el6.x86_64
- libX11-1.6.4-3.el6.x86_64
- libX11-common-1.6.4-3.el6.noarch
- libXau-1.0.6-4.el6.x86_64
- libacl-2.2.49-7.el6_9.1.x86_64
- libaio-0.3.107-10.el6.x86_64
- libattr-2.4.44-7.el6.x86_64
- libblkid-2.17.2-12.28.el6_9.2.x86_64
- libcap-2.16-5.5.el6.x86_64
- libcap-ng-0.6.4-3.el6_0.1.x86_64
- libcgroup-0.40.rc1-24.el6_9.x86_64
- libcom_err-1.41.12-23.el6.x86_64
- libcurl-7.19.7-53.el6_9.x86_64
- libdrm-2.4.65-2.el6.x86_64
- libedit-2.11-4.20080712cvs.1.el6.x86_64
- libffi-3.0.5-3.2.el6.x86_64
- libfprint-0.1.0-19.pre2.el6.x86_64
- libgcc-4.4.7-18.el6.x86_64
- libgcrypt-1.4.5-12.el6_8.x86_64
- libgomp-4.4.7-18.el6.x86_64
- libgpg-error-1.7-4.el6.x86_64
- libidn-1.18-2.el6.x86_64
- libjpeg-turbo-1.2.1-3.el6_5.x86_64
- libnih-1.0.1-7.el6.x86_64
- libnl-1.1.4-2.el6.x86_64
- libpcap-1.4.0-4.20130826git2dbcaa1.el6.x86_64
- libpciaccess-0.13.4-1.el6.x86_64
- libpng-1.2.49-2.el6_7.x86_64
- libproxy-0.3.0-10.el6.x86_64
- libproxy-bin-0.3.0-10.el6.x86_64
- libproxy-python-0.3.0-10.el6.x86_64
- libreport-2.0.9-33.el6.centos.x86_64
- libreport-cli-2.0.9-33.el6.centos.x86_64
- libreport-compat-2.0.9-33.el6.centos.x86_64
- libreport-filesystem-2.0.9-33.el6.centos.x86_64
- libreport-plugin-kerneloops-2.0.9-33.el6.centos.x86_64
- libreport-plugin-logger-2.0.9-33.el6.centos.x86_64
- libreport-plugin-mailx-2.0.9-33.el6.centos.x86_64
- libreport-plugin-reportuploader-2.0.9-33.el6.centos.x86_64
- libreport-plugin-rhtsupport-2.0.9-33.el6.centos.x86_64
- libreport-plugin-ureport-2.0.9-33.el6.centos.x86_64
- libreport-python-2.0.9-33.el6.centos.x86_64
- libselinux-2.0.94-7.el6.x86_64
- libselinux-python-2.0.94-7.el6.x86_64
- libselinux-utils-2.0.94-7.el6.x86_64
- libsemanage-2.0.43-5.1.el6.x86_64
- libsemanage-python-2.0.43-5.1.el6.x86_64
- libsepol-2.0.41-4.el6.x86_64
- libss-1.41.12-23.el6.x86_64
- libssh2-1.4.2-2.el6_7.1.x86_64
- libstdc++-4.4.7-18.el6.x86_64
- libtar-1.2.11-17.el6_4.1.x86_64
- libtasn1-2.3-6.el6_5.x86_64
- libtiff-3.9.4-21.el6_8.x86_64
- libudev-147-2.73.el6_8.2.x86_64
- libusb-0.1.12-23.el6.x86_64
- libusb1-1.0.9-0.7.rc1.el6.x86_64
- libuser-0.56.13-8.el6_7.x86_64
- libutempter-1.1.5-4.1.el6.x86_64
- libuuid-2.17.2-12.28.el6_9.2.x86_64
- libxcb-1.12-4.el6.x86_64
- libxml2-2.7.6-21.el6_8.1.x86_64
- libxml2-python-2.7.6-21.el6_8.1.x86_64
- logrotate-3.7.8-28.el6.x86_64
- lsof-4.82-5.el6.x86_64
- lua-5.1.4-4.1.el6.x86_64
- lvm2-2.02.143-12.el6_9.1.x86_64
- lvm2-libs-2.02.143-12.el6_9.1.x86_64
- m2crypto-0.20.2-9.el6.x86_64
- m4-1.4.13-5.el6.x86_64
- mailcap-2.1.31-2.el6.noarch
- mailx-12.4-8.el6_6.x86_64
- make-3.81-23.el6.x86_64
- man-1.6f-39.el6.x86_64
- man-pages-3.22-20.el6.noarch
- man-pages-overrides-6.9.1-1.el6.noarch
- mdadm-3.3.4-8.el6.x86_64
- mingetty-1.08-5.el6.x86_64
- mlocate-0.22.2-6.el6.x86_64
- module-init-tools-3.9-26.el6.x86_64
- mpfr-2.4.1-6.el6.x86_64
- mtr-0.75-5.el6.x86_64
- mysql-5.1.73-8.el6_8.x86_64
- mysql-libs-5.1.73-8.el6_8.x86_64
- mysql-server-5.1.73-8.el6_8.x86_64
- nano-2.0.9-7.el6.x86_64
- ncurses-5.7-4.20090207.el6.x86_64
- ncurses-base-5.7-4.20090207.el6.x86_64
- ncurses-libs-5.7-4.20090207.el6.x86_64
- net-tools-1.60-114.el6.x86_64
- newt-0.52.11-4.el6.x86_64
- newt-python-0.52.11-4.el6.x86_64
- nspr-4.13.1-1.el6.x86_64
- nss-3.28.4-4.el6_9.x86_64
- nss-softokn-3.14.3-23.3.el6_8.x86_64
- nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64
- nss-sysinit-3.28.4-4.el6_9.x86_64
- nss-tools-3.28.4-4.el6_9.x86_64
- nss-util-3.28.4-1.el6_9.x86_64
- ntp-4.2.6p5-12.el6.centos.2.x86_64
- ntpdate-4.2.6p5-12.el6.centos.2.x86_64
- ntsysv-1.3.49.5-1.el6.x86_64
- openldap-2.4.40-16.el6.x86_64
- openssh-5.3p1-123.el6_9.x86_64
- openssh-clients-5.3p1-123.el6_9.x86_64
- openssh-server-5.3p1-123.el6_9.x86_64
- openssl-1.0.1e-57.el6.x86_64
- p11-kit-0.18.5-2.el6_5.2.x86_64
- p11-kit-trust-0.18.5-2.el6_5.2.x86_64
- pam-1.1.1-24.el6.x86_64
- pam_passwdqc-1.0.5-8.el6.x86_64
- parted-2.1-29.el6.x86_64
- passwd-0.77-7.el6.x86_64
- pciutils-3.1.10-4.el6.x86_64
- pciutils-libs-3.1.10-4.el6.x86_64
- pcmciautils-015-4.2.el6.x86_64
- pcre-7.8-7.el6.x86_64
- perl-5.10.1-144.el6.x86_64
- perl-DBD-MySQL-4.013-3.el6.x86_64
- perl-DBI-1.609-4.el6.x86_64
- perl-Module-Pluggable-3.90-144.el6.x86_64
- perl-Pod-Escapes-1.04-144.el6.x86_64
- perl-Pod-Simple-3.13-144.el6.x86_64
- perl-libs-5.10.1-144.el6.x86_64
- perl-version-0.77-144.el6.x86_64
- php-5.3.3-49.el6.x86_64
- php-cli-5.3.3-49.el6.x86_64
- php-common-5.3.3-49.el6.x86_64
- php-mysql-5.3.3-49.el6.x86_64
- php-pdo-5.3.3-49.el6.x86_64
- pinentry-0.7.6-8.el6.x86_64
- pinfo-0.6.9-12.el6.x86_64
- pkgconfig-0.23-9.1.el6.x86_64
- plymouth-0.8.3-29.el6.centos.x86_64
- plymouth-core-libs-0.8.3-29.el6.centos.x86_64
- plymouth-scripts-0.8.3-29.el6.centos.x86_64
- pm-utils-1.2.5-11.el6.x86_64
- policycoreutils-2.0.83-30.1.el6_8.x86_64
- policycoreutils-python-2.0.83-30.1.el6_8.x86_64
- polkit-0.96-11.el6.x86_64
- popt-1.13-7.el6.x86_64
- postfix-2.6.6-8.el6.x86_64
- ppl-0.10.2-11.el6.x86_64
- prelink-0.4.6-3.1.el6_4.x86_64
- procps-3.2.8-45.el6_9.1.x86_64
- psacct-6.3.2-70.el6.x86_64
- psmisc-22.6-24.el6.x86_64
- pth-2.0.7-9.3.el6.x86_64
- pygobject2-2.20.0-5.el6.x86_64
- pygpgme-0.1-18.20090824bzr68.el6.x86_64
- python-2.6.6-66.el6_8.x86_64
- python-argparse-1.2.1-2.1.el6.noarch
- python-backports-1.0-5.el6.x86_64
- python-backports-ssl_match_hostname-3.4.0.2-5.el6.noarch
- python-boto-2.34.0-6.el6.noarch
- python-chardet-2.2.1-1.el6.noarch
- python-dmidecode-3.10.15-1.el6.x86_64
- python-ethtool-0.6-6.el6.x86_64
- python-google-compute-engine-2.7.2-1.el6.noarch
- python-iniparse-0.3.1-2.1.el6.noarch
- python-iwlib-0.1-1.2.el6.x86_64
- python-libs-2.6.6-66.el6_8.x86_64
- python-pycurl-7.19.0-9.el6.x86_64
- python-requests-2.6.0-4.el6.noarch
- python-setuptools-0.6.10-4el6_9.noarch
- python-six-1.9.0-2.el6.noarch
- python-urlgrabber-3.9.1-11.el6.noarch
- python-urllib3-1.10.2-3.el6.noarch
- python27-1.1-25.el6.x86_64
- python27-python-2.7.13-3.el6.x86_64
- python27-python-babel-0.9.6-7.sc1.el6.noarch
- python27-python-devel-2.7.13-3.el6.x86_64
- python27-python-docutils-0.11-2.el6.noarch
- python27-python-jinja2-2.6-10.sc1.el6.noarch
- python27-python-libs-2.7.13-3.el6.x86_64
- python27-python-markupsafe-0.11-11.sc1.el6.x86_64
- python27-python-nose-1.3.0-1.sc1.el6.noarch
- python27-python-pip-8.1.2-2.el6.noarch
- python27-python-pygments-1.5-2.sc1.el6.noarch
- python27-python-setuptools-0.9.8-4.el6.noarch
- python27-python-simplejson-3.2.0-2.el6.x86_64
- python27-python-sphinx-1.1.3-7.sc1.el6.noarch
- python27-python-sqlalchemy-0.7.9-3.sc1.el6.x86_64
- python27-python-virtualenv-13.1.0-2.el6.noarch
- python27-python-werkzeug-0.8.3-5.sc1.el6.noarch
- python27-python-wheel-0.24.0-2.el6.noarch
- python27-runtime-1.1-25.el6.x86_64
- quota-3.17-23.el6.x86_64
- rdate-1.4-16.el6.x86_64
- rdma-6.9_4.1-3.el6.noarch
- readahead-1.5.6-2.el6.x86_64
- readline-6.0-4.el6.x86_64
- redhat-logos-60.0.14-12.el6.centos.noarch
- redhat-rpm-config-9.0.3-51.el6.centos.noarch
- rfkill-0.3-4.el6.x86_64
- rng-tools-5-2.el6_7.x86_64
- rootfiles-8.1-6.1.el6.noarch
- rpm-4.8.0-55.el6.x86_64
- rpm-libs-4.8.0-55.el6.x86_64
- rpm-python-4.8.0-55.el6.x86_64
- rsync-3.0.6-12.el6.x86_64
- rsyslog-5.8.10-10.el6_6.x86_64
- satyr-0.16-2.el6.x86_64
- scl-utils-20120927-29.el6_9.x86_64
- scl-utils-build-20120927-29.el6_9.x86_64
- sed-4.2.1-10.el6.x86_64
- selinux-policy-3.7.19-307el6_9.3.noarch
- selinux-policy-targeted-3.7.19-307el6_9.3.noarch
- setools-libs-3.3.7-4.el6.x86_64
- setools-libs-python-3.3.7-4.el6.x86_64
- setserial-2.17-25.el6.x86_64
- setup-2.8.14-23.el6.noarch
- setuptool-1.19.9-4.el6.x86_64
- sg3_utils-libs-1.28-12.el6.x86_64
- shadow-utils-4.1.5.1-5.el6.x86_64
- shared-mime-info-0.70-6.el6.x86_64
- slang-2.2.1-1.el6.x86_64
- sos-3.2-54.el6.centos.1.noarch
- sqlite-3.6.20-1.el6_7.2.x86_64
- strace-4.8-11.el6.x86_64
- sudo-1.8.6p3-29.el6_9.x86_64
- sysstat-9.0.4-33el6_9.1.x86_64
- system-config-firewall-base-1.2.27-7.2.el6_6.noarch
- system-config-firewall-tui-1.2.27-7.2.el6_6.noarch
- system-config-network-tui-1.6.0.el6.3-4.el6.noarch
- systemtap-runtime-2.9-7.el6.x86_64
- sysvinit-tools-2.87-6.dsf.el6.x86_64
- tar-1.23-15.el6_8.x86_64
- tcp_wrappers-7.6-58.el6.x86_64
- tcp_wrappers-libs-7.6-58.el6.x86_64
- tcpdump-4.0.0-11.20090921gitdf3cb4.2.el6.x86_64
- tcsh-6.17-38.el6.x86_64
- time-1.7-38.el6.x86_64
- tmpwatch-2.9.16-6.el6.x86_64
- traceroute-2.0.14-2.el6.x86_64
- tzdata-2017c-1.el6.noarch
- udev-147-2.73.el6_8.2.x86_64
- unzip-6.0-5.el6.x86_64
- upstart-0.6.5-16.el6.x86_64
- usbutils-003-6.el6.x86_64
- usermode-1.102-3.el6.x86_64
- ustr-1.0.4-9.1.el6.x86_64
- util-linux-ng-2.17.2-12.28.el6_9.2.x86_64
- vconfig-1.9-8.1.el6.x86_64
- vim-common-7.4.629-5.el6_8.1.x86_64
- vim-enhanced-7.4.629-5.el6_8.1.x86_64
- vim-filesystem-7.4.629-5.el6_8.1.x86_64
- vim-minimal-7.4.629-5.el6_8.1.x86_64
- virt-what-1.11-1.3.el6.x86_64
- wget-1.12-10.el6.x86_64
- which-2.19-6.el6.x86_64
- wireless-tools-29-6.el6.x86_64
- words-3.0-17.el6.noarch
- xdg-utils-1.0.2-17.20091016cvs.el6.noarch
- xml-common-0.6.3-33.el6.noarch
- xmlrpc-c-1.16.24-1210.1840.el6.x86_64
- xmlrpc-c-client-1.16.24-1210.1840.el6.x86_64
- xz-4.999.9-0.5.beta.20091007git.el6.x86_64
- xz-libs-4.999.9-0.5.beta.20091007git.el6.x86_64
- xz-lzma-compat-4.999.9-0.5.beta.20091007git.el6.x86_64
- yum-3.2.29-81.el6.centos.noarch
- yum-cron-3.2.29-81.el6.centos.noarch
- yum-metadata-parser-1.1.2-16.el6.x86_64
- yum-plugin-fastestmirror-1.1.30-40.el6.noarch
- yum-plugin-security-1.1.30-40.el6.noarch
- yum-utils-1.1.30-40.el6.noarch
- zip-3.0-1.el6_7.1.x86_64
- zlib-1.2.3-29.el6.x86_64
- [+] Current processes
- USER PID START TIME COMMAND
- root 1 May31 0:01 /sbin/init
- root 2 May31 0:00 [kthreadd]
- root 3 May31 0:00 [migration/0]
- root 4 May31 0:00 [ksoftirqd/0]
- root 5 May31 0:00 [stopper/0]
- root 6 May31 0:00 [watchdog/0]
- root 7 May31 0:06 [events/0]
- root 8 May31 0:00 [events/0]
- root 9 May31 0:00 [events_long/0]
- root 10 May31 0:00 [events_power_ef]
- root 11 May31 0:00 [cgroup]
- root 12 May31 0:00 [khelper]
- root 13 May31 0:00 [netns]
- root 14 May31 0:00 [async/mgr]
- root 15 May31 0:00 [pm]
- root 16 May31 0:00 [sync_supers]
- root 17 May31 0:00 [bdi-default]
- root 18 May31 0:00 [kintegrityd/0]
- root 19 May31 0:00 [kblockd/0]
- root 20 May31 0:00 [kacpid]
- root 21 May31 0:00 [kacpi_notify]
- root 22 May31 0:00 [kacpi_hotplug]
- root 23 May31 0:00 [ata_aux]
- root 24 May31 0:00 [ata_sff/0]
- root 25 May31 0:00 [ksuspend_usbd]
- root 26 May31 0:00 [khubd]
- root 27 May31 0:00 [kseriod]
- root 28 May31 0:00 [md/0]
- root 29 May31 0:00 [md_misc/0]
- root 30 May31 0:00 [linkwatch]
- root 33 May31 0:00 [khungtaskd]
- root 34 May31 0:00 [kswapd0]
- root 35 May31 0:00 [ksmd]
- root 36 May31 0:00 [khugepaged]
- root 37 May31 0:00 [aio/0]
- root 38 May31 0:00 [crypto/0]
- root 45 May31 0:00 [kthrotld/0]
- root 47 May31 0:00 [kpsmoused]
- root 48 May31 0:00 [usbhid_resumer]
- root 49 May31 0:00 [deferwq]
- root 81 May31 0:00 [kdmremove]
- root 82 May31 0:00 [kstriped]
- root 248 May31 0:00 [scsi_eh_0]
- root 377 May31 0:01 [jbd2/sda1-8]
- root 378 May31 0:00 [ext4-dio-unwrit]
- root 471 May31 0:00 /sbin/udevd
- root 569 May31 0:00 [flush-8:0]
- root 579 May31 0:00 [virtio-net]
- root 785 May31 0:00 [kauditd]
- root 843 May31 0:00 [ib_addr]
- root 848 May31 0:00 [infiniband/0]
- root 857 May31 0:00 [ib_mcast]
- root 862 May31 0:00 [iw_cm_wq]
- root 867 May31 0:00 [ib_cm/0]
- root 872 May31 0:00 [rdma_cm]
- root 893 May31 0:00 [ipoib_flush]
- root 1168 May31 0:00 /sbin/dhclient
- root 1220 May31 0:04 auditd
- root 1242 May31 0:04 /sbin/rsyslogd
- root 1302 May31 0:05 /usr/sbin/sshd
- root 1328 May31 0:04 /usr/bin/python
- root 1330 May31 0:07 /usr/bin/python
- root 1331 May31 0:14 /usr/bin/python
- dbus 1388 May31 0:00 dbus-daemon
- root 1434 May31 0:00 /usr/sbin/acpid
- 68 1446 May31 0:00 hald
- root 1447 May31 0:00 hald-runner
- root 1476 May31 0:00 hald-addon-input:
- 68 1484 May31 0:00 hald-addon-acpi:
- ntp 1518 May31 0:00 ntpd
- root 1555 May31 0:00 /bin/sh
- mysql 1657 May31 0:45 /usr/libexec/mysqld
- root 1758 May31 0:00 /usr/libexec/postfix/master
- postfix 1771 May31 0:00 qmgr
- root 1772 May31 0:00 /usr/sbin/abrtd
- root 1798 May31 0:05 /usr/sbin/httpd
- root 1810 May31 0:00 crond
- root 1825 May31 0:00 /usr/sbin/atd
- root 1839 May31 0:00 /sbin/mingetty
- root 1841 May31 0:00 /sbin/mingetty
- root 1843 May31 0:00 /sbin/mingetty
- root 1845 May31 0:00 /sbin/mingetty
- root 1847 May31 0:00 /sbin/mingetty
- root 1849 May31 0:00 /sbin/mingetty
- root 1854 May31 0:00 /sbin/udevd
- root 1855 May31 0:00 /sbin/udevd
- root 1856 May31 0:00 /sbin/agetty
- apache 14268 08:40 0:00 python
- apache 14398 08:40 0:00 /bin/sh
- apache 14399 08:40 0:00 ps
- apache 14400 08:40 0:00 awk
- postfix 27274 07:31 0:00 pickup
- apache 30776 04:33 0:12 /usr/sbin/httpd
- apache 30777 04:33 0:11 /usr/sbin/httpd
- apache 30778 04:33 0:11 /usr/sbin/httpd
- apache 30779 04:33 0:12 /usr/sbin/httpd
- apache 30780 04:33 0:12 /usr/sbin/httpd
- apache 30781 04:33 0:12 /usr/sbin/httpd
- apache 30782 04:33 0:12 /usr/sbin/httpd
- [+] Apache Version and Modules
- Server version: Apache/2.2.15 (Unix)
- Server built: Oct 19 2017 16:43:38
- Compiled in modules:
- core.c
- prefork.c
- http_core.c
- mod_so.c
- [+] Apache Config File
- [+] Sudo Version (Check out http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=sudo)
- Sudo version 1.8.6p3
- Sudoers policy plugin version 1.8.6p3
- Sudoers file grammar version 42
- Sudoers I/O plugin version 1.8.6p3
- [*] IDENTIFYING PROCESSES AND PACKAGES RUNNING AS ROOT OR OTHER SUPERUSER...
- root 33 May31 0:00 [khungtaskd]
- root 867 May31 0:00 [ib_cm/0]
- root 1168 May31 0:00 /sbin/dhclient
- Possible Related Packages:
- dhclient-4.1.1-53.P1.el6.centos.1.x86_64
- root 35 May31 0:00 [ksmd]
- root 81 May31 0:00 [kdmremove]
- root 5 May31 0:00 [stopper/0]
- root 3 May31 0:00 [migration/0]
- root 848 May31 0:00 [infiniband/0]
- root 24 May31 0:00 [ata_sff/0]
- root 47 May31 0:00 [kpsmoused]
- root 30 May31 0:00 [linkwatch]
- root 1798 May31 0:05 /usr/sbin/httpd
- Possible Related Packages:
- httpd-2.2.15-60.el6.centos.6.x86_64
- httpd-tools-2.2.15-60.el6.centos.6.x86_64
- root 377 May31 0:01 [jbd2/sda1-8]
- root 25 May31 0:00 [ksuspend_usbd]
- root 26 May31 0:00 [khubd]
- root 45 May31 0:00 [kthrotld/0]
- root 1847 May31 0:00 /sbin/mingetty
- Possible Related Packages:
- mingetty-1.08-5.el6.x86_64
- root 15 May31 0:00 [pm]
- root 18 May31 0:00 [kintegrityd/0]
- root 1849 May31 0:00 /sbin/mingetty
- Possible Related Packages:
- mingetty-1.08-5.el6.x86_64
- root 471 May31 0:00 /sbin/udevd
- root 38 May31 0:00 [crypto/0]
- root 17 May31 0:00 [bdi-default]
- root 579 May31 0:00 [virtio-net]
- root 248 May31 0:00 [scsi_eh_0]
- root 23 May31 0:00 [ata_aux]
- root 872 May31 0:00 [rdma_cm]
- root 1855 May31 0:00 /sbin/udevd
- root 12 May31 0:00 [khelper]
- root 1854 May31 0:00 /sbin/udevd
- root 785 May31 0:00 [kauditd]
- root 8 May31 0:00 [events/0]
- root 22 May31 0:00 [kacpi_hotplug]
- root 48 May31 0:00 [usbhid_resumer]
- root 37 May31 0:00 [aio/0]
- root 10 May31 0:00 [events_power_ef]
- root 1845 May31 0:00 /sbin/mingetty
- Possible Related Packages:
- mingetty-1.08-5.el6.x86_64
- root 6 May31 0:00 [watchdog/0]
- root 1242 May31 0:04 /sbin/rsyslogd
- root 13 May31 0:00 [netns]
- root 1856 May31 0:00 /sbin/agetty
- root 1825 May31 0:00 /usr/sbin/atd
- root 9 May31 0:00 [events_long/0]
- root 1758 May31 0:00 /usr/libexec/postfix/master
- root 1220 May31 0:04 auditd
- root 27 May31 0:00 [kseriod]
- root 1 May31 0:01 /sbin/init
- Possible Related Packages:
- initscripts-9.03.58-1.el6.centos.2.x86_64
- module-init-tools-3.9-26.el6.x86_64
- nss-sysinit-3.28.4-4.el6_9.x86_64
- sysvinit-tools-2.87-6.dsf.el6.x86_64
- root 49 May31 0:00 [deferwq]
- root 19 May31 0:00 [kblockd/0]
- root 1841 May31 0:00 /sbin/mingetty
- Possible Related Packages:
- mingetty-1.08-5.el6.x86_64
- root 36 May31 0:00 [khugepaged]
- root 843 May31 0:00 [ib_addr]
- root 857 May31 0:00 [ib_mcast]
- root 28 May31 0:00 [md/0]
- root 4 May31 0:00 [ksoftirqd/0]
- root 569 May31 0:00 [flush-8:0]
- root 34 May31 0:00 [kswapd0]
- root 14 May31 0:00 [async/mgr]
- root 1839 May31 0:00 /sbin/mingetty
- Possible Related Packages:
- mingetty-1.08-5.el6.x86_64
- root 20 May31 0:00 [kacpid]
- root 1434 May31 0:00 /usr/sbin/acpid
- Possible Related Packages:
- acpid-1.0.10-3.el6.x86_64
- root 893 May31 0:00 [ipoib_flush]
- root 1476 May31 0:00 hald-addon-input:
- root 1772 May31 0:00 /usr/sbin/abrtd
- root 1328 May31 0:04 /usr/bin/python
- Possible Related Packages:
- abrt-addon-python-2.0.8-43.el6.centos.x86_64
- abrt-python-2.0.8-43.el6.centos.x86_64
- audit-libs-python-2.4.5-6.el6.x86_64
- dbus-python-0.83.0-6.1.el6.x86_64
- libproxy-python-0.3.0-10.el6.x86_64
- libreport-python-2.0.9-33.el6.centos.x86_64
- libselinux-python-2.0.94-7.el6.x86_64
- libsemanage-python-2.0.43-5.1.el6.x86_64
- libxml2-python-2.7.6-21.el6_8.1.x86_64
- newt-python-0.52.11-4.el6.x86_64
- policycoreutils-python-2.0.83-30.1.el6_8.x86_64
- python-2.6.6-66.el6_8.x86_64
- python-argparse-1.2.1-2.1.el6.noarch
- python-backports-1.0-5.el6.x86_64
- python-backports-ssl_match_hostname-3.4.0.2-5.el6.noarch
- python-boto-2.34.0-6.el6.noarch
- python-chardet-2.2.1-1.el6.noarch
- python-dmidecode-3.10.15-1.el6.x86_64
- python-ethtool-0.6-6.el6.x86_64
- python-google-compute-engine-2.7.2-1.el6.noarch
- python-iniparse-0.3.1-2.1.el6.noarch
- python-iwlib-0.1-1.2.el6.x86_64
- python-libs-2.6.6-66.el6_8.x86_64
- python-pycurl-7.19.0-9.el6.x86_64
- python-requests-2.6.0-4.el6.noarch
- python-setuptools-0.6.10-4el6_9.noarch
- python-six-1.9.0-2.el6.noarch
- python-urlgrabber-3.9.1-11.el6.noarch
- python-urllib3-1.10.2-3.el6.noarch
- python27-1.1-25.el6.x86_64
- python27-python-2.7.13-3.el6.x86_64
- python27-python-babel-0.9.6-7.sc1.el6.noarch
- python27-python-devel-2.7.13-3.el6.x86_64
- python27-python-docutils-0.11-2.el6.noarch
- python27-python-jinja2-2.6-10.sc1.el6.noarch
- python27-python-libs-2.7.13-3.el6.x86_64
- python27-python-markupsafe-0.11-11.sc1.el6.x86_64
- python27-python-nose-1.3.0-1.sc1.el6.noarch
- python27-python-pip-8.1.2-2.el6.noarch
- python27-python-pygments-1.5-2.sc1.el6.noarch
- python27-python-setuptools-0.9.8-4.el6.noarch
- python27-python-simplejson-3.2.0-2.el6.x86_64
- python27-python-sphinx-1.1.3-7.sc1.el6.noarch
- python27-python-sqlalchemy-0.7.9-3.sc1.el6.x86_64
- python27-python-virtualenv-13.1.0-2.el6.noarch
- python27-python-werkzeug-0.8.3-5.sc1.el6.noarch
- python27-python-wheel-0.24.0-2.el6.noarch
- python27-runtime-1.1-25.el6.x86_64
- rpm-python-4.8.0-55.el6.x86_64
- setools-libs-python-3.3.7-4.el6.x86_64
- root 16 May31 0:00 [sync_supers]
- root 1843 May31 0:00 /sbin/mingetty
- Possible Related Packages:
- mingetty-1.08-5.el6.x86_64
- root 11 May31 0:00 [cgroup]
- root 1302 May31 0:05 /usr/sbin/sshd
- root 862 May31 0:00 [iw_cm_wq]
- root 1330 May31 0:07 /usr/bin/python
- Possible Related Packages:
- abrt-addon-python-2.0.8-43.el6.centos.x86_64
- abrt-python-2.0.8-43.el6.centos.x86_64
- audit-libs-python-2.4.5-6.el6.x86_64
- dbus-python-0.83.0-6.1.el6.x86_64
- libproxy-python-0.3.0-10.el6.x86_64
- libreport-python-2.0.9-33.el6.centos.x86_64
- libselinux-python-2.0.94-7.el6.x86_64
- libsemanage-python-2.0.43-5.1.el6.x86_64
- libxml2-python-2.7.6-21.el6_8.1.x86_64
- newt-python-0.52.11-4.el6.x86_64
- policycoreutils-python-2.0.83-30.1.el6_8.x86_64
- python-2.6.6-66.el6_8.x86_64
- python-argparse-1.2.1-2.1.el6.noarch
- python-backports-1.0-5.el6.x86_64
- python-backports-ssl_match_hostname-3.4.0.2-5.el6.noarch
- python-boto-2.34.0-6.el6.noarch
- python-chardet-2.2.1-1.el6.noarch
- python-dmidecode-3.10.15-1.el6.x86_64
- python-ethtool-0.6-6.el6.x86_64
- python-google-compute-engine-2.7.2-1.el6.noarch
- python-iniparse-0.3.1-2.1.el6.noarch
- python-iwlib-0.1-1.2.el6.x86_64
- python-libs-2.6.6-66.el6_8.x86_64
- python-pycurl-7.19.0-9.el6.x86_64
- python-requests-2.6.0-4.el6.noarch
- python-setuptools-0.6.10-4el6_9.noarch
- python-six-1.9.0-2.el6.noarch
- python-urlgrabber-3.9.1-11.el6.noarch
- python-urllib3-1.10.2-3.el6.noarch
- python27-1.1-25.el6.x86_64
- python27-python-2.7.13-3.el6.x86_64
- python27-python-babel-0.9.6-7.sc1.el6.noarch
- python27-python-devel-2.7.13-3.el6.x86_64
- python27-python-docutils-0.11-2.el6.noarch
- python27-python-jinja2-2.6-10.sc1.el6.noarch
- python27-python-libs-2.7.13-3.el6.x86_64
- python27-python-markupsafe-0.11-11.sc1.el6.x86_64
- python27-python-nose-1.3.0-1.sc1.el6.noarch
- python27-python-pip-8.1.2-2.el6.noarch
- python27-python-pygments-1.5-2.sc1.el6.noarch
- python27-python-setuptools-0.9.8-4.el6.noarch
- python27-python-simplejson-3.2.0-2.el6.x86_64
- python27-python-sphinx-1.1.3-7.sc1.el6.noarch
- python27-python-sqlalchemy-0.7.9-3.sc1.el6.x86_64
- python27-python-virtualenv-13.1.0-2.el6.noarch
- python27-python-werkzeug-0.8.3-5.sc1.el6.noarch
- python27-python-wheel-0.24.0-2.el6.noarch
- python27-runtime-1.1-25.el6.x86_64
- rpm-python-4.8.0-55.el6.x86_64
- setools-libs-python-3.3.7-4.el6.x86_64
- root 1331 May31 0:14 /usr/bin/python
- Possible Related Packages:
- abrt-addon-python-2.0.8-43.el6.centos.x86_64
- abrt-python-2.0.8-43.el6.centos.x86_64
- audit-libs-python-2.4.5-6.el6.x86_64
- dbus-python-0.83.0-6.1.el6.x86_64
- libproxy-python-0.3.0-10.el6.x86_64
- libreport-python-2.0.9-33.el6.centos.x86_64
- libselinux-python-2.0.94-7.el6.x86_64
- libsemanage-python-2.0.43-5.1.el6.x86_64
- libxml2-python-2.7.6-21.el6_8.1.x86_64
- newt-python-0.52.11-4.el6.x86_64
- policycoreutils-python-2.0.83-30.1.el6_8.x86_64
- python-2.6.6-66.el6_8.x86_64
- python-argparse-1.2.1-2.1.el6.noarch
- python-backports-1.0-5.el6.x86_64
- python-backports-ssl_match_hostname-3.4.0.2-5.el6.noarch
- python-boto-2.34.0-6.el6.noarch
- python-chardet-2.2.1-1.el6.noarch
- python-dmidecode-3.10.15-1.el6.x86_64
- python-ethtool-0.6-6.el6.x86_64
- python-google-compute-engine-2.7.2-1.el6.noarch
- python-iniparse-0.3.1-2.1.el6.noarch
- python-iwlib-0.1-1.2.el6.x86_64
- python-libs-2.6.6-66.el6_8.x86_64
- python-pycurl-7.19.0-9.el6.x86_64
- python-requests-2.6.0-4.el6.noarch
- python-setuptools-0.6.10-4el6_9.noarch
- python-six-1.9.0-2.el6.noarch
- python-urlgrabber-3.9.1-11.el6.noarch
- python-urllib3-1.10.2-3.el6.noarch
- python27-1.1-25.el6.x86_64
- python27-python-2.7.13-3.el6.x86_64
- python27-python-babel-0.9.6-7.sc1.el6.noarch
- python27-python-devel-2.7.13-3.el6.x86_64
- python27-python-docutils-0.11-2.el6.noarch
- python27-python-jinja2-2.6-10.sc1.el6.noarch
- python27-python-libs-2.7.13-3.el6.x86_64
- python27-python-markupsafe-0.11-11.sc1.el6.x86_64
- python27-python-nose-1.3.0-1.sc1.el6.noarch
- python27-python-pip-8.1.2-2.el6.noarch
- python27-python-pygments-1.5-2.sc1.el6.noarch
- python27-python-setuptools-0.9.8-4.el6.noarch
- python27-python-simplejson-3.2.0-2.el6.x86_64
- python27-python-sphinx-1.1.3-7.sc1.el6.noarch
- python27-python-sqlalchemy-0.7.9-3.sc1.el6.x86_64
- python27-python-virtualenv-13.1.0-2.el6.noarch
- python27-python-werkzeug-0.8.3-5.sc1.el6.noarch
- python27-python-wheel-0.24.0-2.el6.noarch
- python27-runtime-1.1-25.el6.x86_64
- rpm-python-4.8.0-55.el6.x86_64
- setools-libs-python-3.3.7-4.el6.x86_64
- root 2 May31 0:00 [kthreadd]
- root 1810 May31 0:00 crond
- root 7 May31 0:06 [events/0]
- root 1555 May31 0:00 /bin/sh
- root 82 May31 0:00 [kstriped]
- root 29 May31 0:00 [md_misc/0]
- root 21 May31 0:00 [kacpi_notify]
- root 378 May31 0:00 [ext4-dio-unwrit]
- root 1447 May31 0:00 hald-runner
- [*] ENUMERATING INSTALLED LANGUAGES/TOOLS FOR SPLOIT BUILDING...
- [+] Installed Tools
- /bin/awk
- /usr/bin/perl
- /usr/bin/python
- /usr/bin/gcc
- /usr/bin/cc
- /bin/vi
- /usr/bin/vim
- /bin/find
- /usr/bin/wget
- [+] Related Shell Escape Sequences...
- vi--> :!bash
- vi--> :set shell=/bin/bash:shell
- vi--> :!bash
- vi--> :set shell=/bin/bash:shell
- awk--> awk 'BEGIN {system("/bin/bash")}'
- find--> find / -exec /usr/bin/awk 'BEGIN {system("/bin/bash")}' \;
- perl--> perl -e 'exec "/bin/bash";'
- [*] FINDING RELEVENT PRIVILEGE ESCALATION EXPLOITS...
- Note: Exploits relying on a compile/scripting language not detected on this system are marked with a '**' but should still be tested!
- The following exploits are ranked higher in probability of success because this script detected a related running process, OS, or mounted file system
- - 2.6 UDEV < 141 Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/8572 || Language=c
- - 2.6 UDEV Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/8478 || Language=c
- - MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/1518 || Language=c
- The following exploits are applicable to this kernel version and should be investigated as well
- - Kernel ia32syscall Emulation Privilege Escalation || http://www.exploit-db.com/exploits/15023 || Language=c
- - Sendpage Local Privilege Escalation || http://www.exploit-db.com/exploits/19933 || Language=ruby**
- - 2.x sock_sendpage() Local Root Exploit 2 || http://www.exploit-db.com/exploits/9436 || Language=c
- - 2.4/2.6 sock_sendpage() ring0 Root Exploit (simple ver) || http://www.exploit-db.com/exploits/9479 || Language=c
- - 2.6 UDEV < 141 Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/8572 || Language=c
- - 2.x sock_sendpage() Local Ring0 Root Exploit || http://www.exploit-db.com/exploits/9435 || Language=c
- - CAP_SYS_ADMIN to Root Exploit 2 (32 and 64-bit) || http://www.exploit-db.com/exploits/15944 || Language=c
- - Linux RDS Protocol Local Privilege Escalation || http://www.exploit-db.com/exploits/15285 || Language=c
- - 2.6.x ptrace_attach Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/8673 || Language=c
- - 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update) || http://www.exploit-db.com/exploits/926 || Language=c
- - CAP_SYS_ADMIN to root Exploit || http://www.exploit-db.com/exploits/15916 || Language=c
- - 2.6 UDEV Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/8478 || Language=c
- - MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/1518 || Language=c
- - < 2.6.36.2 Econet Privilege Escalation Exploit || http://www.exploit-db.com/exploits/17787 || Language=c
- - 'pipe.c' Local Privilege Escalation Vulnerability || http://www.exploit-db.com/exploits/10018 || Language=sh
- - <= 2.6.37 Local Privilege Escalation || http://www.exploit-db.com/exploits/15704 || Language=c
- - open-time Capability file_ns_capable() Privilege Escalation || http://www.exploit-db.com/exploits/25450 || Language=c
- - 2.4.1-2.4.37 and 2.6.1-2.6.32-rc5 Pipe.c Privelege Escalation || http://www.exploit-db.com/exploits/9844 || Language=python
- - open-time Capability file_ns_capable() - Privilege Escalation Vulnerability || http://www.exploit-db.com/exploits/25307 || Language=c
- - 2.4/2.6 sock_sendpage() Local Root Exploit [2] || http://www.exploit-db.com/exploits/9598 || Language=c
- - < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit || http://www.exploit-db.com/exploits/14814 || Language=c
- - 2.4/2.6 sock_sendpage() Local Root Exploit (ppc) || http://www.exploit-db.com/exploits/9545 || Language=c
- - < 2.6.37-rc2 ACPI custom_method Privilege Escalation || http://www.exploit-db.com/exploits/15774 || Language=c
- - 2.4/2.6 sock_sendpage() Local Root Exploit [3] || http://www.exploit-db.com/exploits/9641 || Language=c
- - 2.4.x / 2.6.x uselib() Local Privilege Escalation Exploit || http://www.exploit-db.com/exploits/895 || Language=c
- Finished
- =================================================================================================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement