API tools faq
paste
Advertisement
Guest User

linenum

a guest
Apr 13th, 2018
430
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 39.08 KB | None | 0 0
raw download clone embed print report
  1.  
  2. #########################################################
  3. # Local Linux Enumeration & Privilege Escalation Script #
  4. #########################################################
  5. # www.rebootuser.com
  6. # 
  7.  
  8. [-] Debug Info
  9. [+] Thorough tests = Disabled (SUID/GUID checks will not be perfomed!)
  10.  
  11.  
  12. Scan started at:
  13. Fri Apr 13 13:51:25 EDT 2018
  14. 
  15.  
  16. ### SYSTEM ##############################################
  17. [-] Kernel information:
  18. Linux Nibbles 4.4.0-104-generic #127-Ubuntu SMP Mon Dec 11 12:16:42 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
  19.  
  20.  
  21. [-] Kernel information (continued):
  22. Linux version 4.4.0-104-generic (buildd@lgw01-amd64-022) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.5) ) #127-Ubuntu SMP Mon Dec 11 12:16:42 UTC 2017
  23.  
  24.  
  25. [-] Specific release information:
  26. DISTRIB_ID=Ubuntu
  27. DISTRIB_RELEASE=16.04
  28. DISTRIB_CODENAME=xenial
  29. DISTRIB_DESCRIPTION="Ubuntu 16.04.3 LTS"
  30. NAME="Ubuntu"
  31. VERSION="16.04.3 LTS (Xenial Xerus)"
  32. ID=ubuntu
  33. ID_LIKE=debian
  34. PRETTY_NAME="Ubuntu 16.04.3 LTS"
  35. VERSION_ID="16.04"
  36. HOME_URL="http://www.ubuntu.com/"
  37. SUPPORT_URL="http://help.ubuntu.com/"
  38. BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
  39. VERSION_CODENAME=xenial
  40. UBUNTU_CODENAME=xenial
  41.  
  42.  
  43. [-] Hostname:
  44. Nibbles
  45.  
  46.  
  47. ### USER/GROUP ##########################################
  48. [-] Current user/group info:
  49. uid=1001(nibbler) gid=1001(nibbler) groups=1001(nibbler)
  50.  
  51.  
  52. [-] Users that have previously logged onto the system:
  53. Username Port From Latest
  54. root tty1 Fri Dec 29 05:21:10 -0500 2017
  55.  
  56.  
  57. [-] Who else is logged on:
  58. 13:51:25 up 2:09, 0 users, load average: 0.07, 0.02, 0.00
  59. USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
  60.  
  61.  
  62. [-] Group memberships:
  63. uid=0(root) gid=0(root) groups=0(root)
  64. uid=1(daemon) gid=1(daemon) groups=1(daemon)
  65. uid=2(bin) gid=2(bin) groups=2(bin)
  66. uid=3(sys) gid=3(sys) groups=3(sys)
  67. uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
  68. uid=5(games) gid=60(games) groups=60(games)
  69. uid=6(man) gid=12(man) groups=12(man)
  70. uid=7(lp) gid=7(lp) groups=7(lp)
  71. uid=8(mail) gid=8(mail) groups=8(mail)
  72. uid=9(news) gid=9(news) groups=9(news)
  73. uid=10(uucp) gid=10(uucp) groups=10(uucp)
  74. uid=13(proxy) gid=13(proxy) groups=13(proxy)
  75. uid=33(www-data) gid=33(www-data) groups=33(www-data)
  76. uid=34(backup) gid=34(backup) groups=34(backup)
  77. uid=38(list) gid=38(list) groups=38(list)
  78. uid=39(irc) gid=39(irc) groups=39(irc)
  79. uid=41(gnats) gid=41(gnats) groups=41(gnats)
  80. uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
  81. uid=100(systemd-timesync) gid=102(systemd-timesync) groups=102(systemd-timesync)
  82. uid=101(systemd-network) gid=103(systemd-network) groups=103(systemd-network)
  83. uid=102(systemd-resolve) gid=104(systemd-resolve) groups=104(systemd-resolve)
  84. uid=103(systemd-bus-proxy) gid=105(systemd-bus-proxy) groups=105(systemd-bus-proxy)
  85. uid=104(syslog) gid=108(syslog) groups=108(syslog),4(adm)
  86. uid=105(_apt) gid=65534(nogroup) groups=65534(nogroup)
  87. uid=106(lxd) gid=65534(nogroup) groups=65534(nogroup)
  88. uid=107(messagebus) gid=111(messagebus) groups=111(messagebus)
  89. uid=108(uuidd) gid=112(uuidd) groups=112(uuidd)
  90. uid=109(dnsmasq) gid=65534(nogroup) groups=65534(nogroup)
  91. uid=110(sshd) gid=65534(nogroup) groups=65534(nogroup)
  92. uid=111(mysql) gid=118(mysql) groups=118(mysql)
  93. uid=1001(nibbler) gid=1001(nibbler) groups=1001(nibbler)
  94.  
  95.  
  96. [-] It looks like we have some admin users:
  97. uid=104(syslog) gid=108(syslog) groups=108(syslog),4(adm)
  98.  
  99.  
  100. [-] Contents of /etc/passwd:
  101. root:x:0:0:root:/root:/bin/bash
  102. daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
  103. bin:x:2:2:bin:/bin:/usr/sbin/nologin
  104. sys:x:3:3:sys:/dev:/usr/sbin/nologin
  105. sync:x:4:65534:sync:/bin:/bin/sync
  106. games:x:5:60:games:/usr/games:/usr/sbin/nologin
  107. man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
  108. lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
  109. mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
  110. news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
  111. uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
  112. proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
  113. www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
  114. backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
  115. list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
  116. irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
  117. gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
  118. nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
  119. systemd-timesync:x:100:102:systemd Time Synchronization,,,:/run/systemd:/bin/false
  120. systemd-network:x:101:103:systemd Network Management,,,:/run/systemd/netif:/bin/false
  121. systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd/resolve:/bin/false
  122. systemd-bus-proxy:x:103:105:systemd Bus Proxy,,,:/run/systemd:/bin/false
  123. syslog:x:104:108::/home/syslog:/bin/false
  124. _apt:x:105:65534::/nonexistent:/bin/false
  125. lxd:x:106:65534::/var/lib/lxd/:/bin/false
  126. messagebus:x:107:111::/var/run/dbus:/bin/false
  127. uuidd:x:108:112::/run/uuidd:/bin/false
  128. dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/bin/false
  129. sshd:x:110:65534::/var/run/sshd:/usr/sbin/nologin
  130. mysql:x:111:118:MySQL Server,,,:/nonexistent:/bin/false
  131. nibbler:x:1001:1001::/home/nibbler:
  132.  
  133.  
  134. [-] Super user account(s):
  135. root
  136.  
  137.  
  138. [+] We can sudo without supplying a password!
  139. Matching Defaults entries for nibbler on Nibbles:
  140. env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
  141.  
  142. User nibbler may run the following commands on Nibbles:
  143. (root) NOPASSWD: /home/nibbler/personal/stuff/monitor.sh
  144.  
  145.  
  146. [+] Possible sudo pwnage!
  147. -rwxrwxrwx 1 nibbler nibbler 4015 May 8 2015 /home/nibbler/personal/stuff/monitor.sh
  148.  
  149.  
  150. [-] Are permissions on /home directories lax:
  151. total 12K
  152. drwxr-xr-x 3 root root 4.0K Dec 10 21:57 .
  153. drwxr-xr-x 23 root root 4.0K Dec 28 05:57 ..
  154. drwxr-xr-x 4 nibbler nibbler 4.0K Apr 13 11:59 nibbler
  155.  
  156.  
  157. [-] Root is allowed to login via SSH:
  158. PermitRootLogin yes
  159.  
  160.  
  161. ### ENVIRONMENTAL #######################################
  162. [-] Environment information:
  163. USER=nibbler
  164. PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/system/bin:/system/sbin:/system/xbin
  165. PWD=/var/www/html/nibbleblog/content/private/plugins/my_image
  166. LANG=C
  167. HOME=/home/nibbler
  168. SHLVL=2
  169. _=/usr/bin/env
  170.  
  171.  
  172. [-] Path information:
  173. /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/system/bin:/system/sbin:/system/xbin
  174.  
  175.  
  176. [-] Available shells:
  177. # /etc/shells: valid login shells
  178. /bin/sh
  179. /bin/dash
  180. /bin/bash
  181. /bin/rbash
  182. /usr/bin/tmux
  183. /usr/bin/screen
  184.  
  185.  
  186. [-] Current umask value:
  187. 0022
  188. u=rwx,g=rx,o=rx
  189.  
  190.  
  191. [-] umask value as specified in /etc/login.defs:
  192. UMASK 022
  193.  
  194.  
  195. [-] Password and storage information:
  196. PASS_MAX_DAYS 99999
  197. PASS_MIN_DAYS 0
  198. PASS_WARN_AGE 7
  199. ENCRYPT_METHOD SHA512
  200.  
  201.  
  202. ### JOBS/TASKS ##########################################
  203. [-] Cron jobs:
  204. -rw-r--r-- 1 root root 722 Apr 5 2016 /etc/crontab
  205.  
  206. /etc/cron.d:
  207. total 24
  208. drwxr-xr-x 2 root root 4096 Dec 28 05:57 .
  209. drwxr-xr-x 92 root root 4096 Dec 28 05:58 ..
  210. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
  211. -rw-r--r-- 1 root root 589 Jul 16 2014 mdadm
  212. -rw-r--r-- 1 root root 712 Sep 5 2017 php
  213. -rw-r--r-- 1 root root 191 Sep 22 2017 popularity-contest
  214.  
  215. /etc/cron.daily:
  216. total 60
  217. drwxr-xr-x 2 root root 4096 Dec 28 05:57 .
  218. drwxr-xr-x 92 root root 4096 Dec 28 05:58 ..
  219. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
  220. -rwxr-xr-x 1 root root 539 Apr 5 2016 apache2
  221. -rwxr-xr-x 1 root root 376 Mar 31 2016 apport
  222. -rwxr-xr-x 1 root root 1474 Jun 19 2017 apt-compat
  223. -rwxr-xr-x 1 root root 355 May 22 2012 bsdmainutils
  224. -rwxr-xr-x 1 root root 1597 Nov 26 2015 dpkg
  225. -rwxr-xr-x 1 root root 372 May 6 2015 logrotate
  226. -rwxr-xr-x 1 root root 1293 Nov 6 2015 man-db
  227. -rwxr-xr-x 1 root root 539 Jul 16 2014 mdadm
  228. -rwxr-xr-x 1 root root 435 Nov 18 2014 mlocate
  229. -rwxr-xr-x 1 root root 249 Nov 12 2015 passwd
  230. -rwxr-xr-x 1 root root 3449 Feb 26 2016 popularity-contest
  231. -rwxr-xr-x 1 root root 214 May 24 2016 update-notifier-common
  232.  
  233. /etc/cron.hourly:
  234. total 12
  235. drwxr-xr-x 2 root root 4096 Sep 22 2017 .
  236. drwxr-xr-x 92 root root 4096 Dec 28 05:58 ..
  237. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
  238.  
  239. /etc/cron.monthly:
  240. total 12
  241. drwxr-xr-x 2 root root 4096 Sep 22 2017 .
  242. drwxr-xr-x 92 root root 4096 Dec 28 05:58 ..
  243. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
  244.  
  245. /etc/cron.weekly:
  246. total 24
  247. drwxr-xr-x 2 root root 4096 Sep 22 2017 .
  248. drwxr-xr-x 92 root root 4096 Dec 28 05:58 ..
  249. -rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
  250. -rwxr-xr-x 1 root root 86 Apr 13 2016 fstrim
  251. -rwxr-xr-x 1 root root 771 Nov 6 2015 man-db
  252. -rwxr-xr-x 1 root root 211 May 24 2016 update-notifier-common
  253.  
  254.  
  255. [-] Crontab contents:
  256. # /etc/crontab: system-wide crontab
  257. # Unlike any other crontab you don't have to run the `crontab'
  258. # command to install the new version when you edit this file
  259. # and files in /etc/cron.d. These files also have username fields,
  260. # that none of the other crontabs do.
  261.  
  262. SHELL=/bin/sh
  263. PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
  264.  
  265. # m h dom mon dow user command
  266. 17 * * * * root cd / && run-parts --report /etc/cron.hourly
  267. 25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
  268. 47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
  269. 52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
  270. #
  271.  
  272.  
  273. ### NETWORKING ##########################################
  274. [-] Network and IP info:
  275. ens32 Link encap:Ethernet HWaddr 00:50:56:b9:01:26
  276. inet addr:10.10.10.75 Bcast:10.10.10.255 Mask:255.255.255.0
  277. inet6 addr: fe80::250:56ff:feb9:126/64 Scope:Link
  278. inet6 addr: dead:beef::250:56ff:feb9:126/64 Scope:Global
  279. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  280. RX packets:1589206 errors:0 dropped:0 overruns:0 frame:0
  281. TX packets:1092439 errors:0 dropped:0 overruns:0 carrier:0
  282. collisions:0 txqueuelen:1000
  283. RX bytes:167740463 (167.7 MB) TX bytes:212673612 (212.6 MB)
  284.  
  285. lo Link encap:Local Loopback
  286. inet addr:127.0.0.1 Mask:255.0.0.0
  287. inet6 addr: ::1/128 Scope:Host
  288. UP LOOPBACK RUNNING MTU:65536 Metric:1
  289. RX packets:6212 errors:0 dropped:0 overruns:0 frame:0
  290. TX packets:6212 errors:0 dropped:0 overruns:0 carrier:0
  291. collisions:0 txqueuelen:1
  292. RX bytes:610740 (610.7 KB) TX bytes:610740 (610.7 KB)
  293.  
  294.  
  295. [-] ARP history:
  296. ? (10.10.10.2) at 00:50:56:aa:9c:8d [ether] on ens32
  297.  
  298.  
  299. [-] Nameserver(s):
  300. nameserver 10.10.10.2
  301.  
  302.  
  303. [-] Default route:
  304. default 10.10.10.2 0.0.0.0 UG 0 0 0 ens32
  305.  
  306.  
  307. [-] Listening TCP:
  308. Active Internet connections (servers and established)
  309. Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
  310. tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
  311. tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
  312. tcp 0 0 10.10.10.75:33174 10.10.14.199:4444 ESTABLISHED 3496/lGfTC
  313. tcp 0 0 10.10.10.75:43576 10.10.14.120:1030 ESTABLISHED 5036/bash
  314. tcp 0 0 10.10.10.75:33146 10.10.14.199:4444 ESTABLISHED -
  315. tcp 0 0 10.10.10.75:22 10.10.14.217:53114 ESTABLISHED -
  316. tcp 0 0 10.10.10.75:58736 10.10.14.199:4433 ESTABLISHED 3496/lGfTC
  317. tcp6 0 0 :::80 :::* LISTEN -
  318. tcp6 0 0 :::22 :::* LISTEN -
  319. tcp6 0 0 10.10.10.75:80 10.10.15.80:54891 TIME_WAIT -
  320. tcp6 0 140 10.10.10.75:80 10.10.15.80:58067 ESTABLISHED -
  321. tcp6 0 140 10.10.10.75:80 10.10.15.80:60377 ESTABLISHED -
  322. tcp6 0 0 10.10.10.75:80 10.10.14.116:35924 TIME_WAIT -
  323. tcp6 1 0 10.10.10.75:80 10.10.14.199:36699 CLOSE_WAIT -
  324. tcp6 0 0 10.10.10.75:80 10.10.14.116:35926 TIME_WAIT -
  325. tcp6 0 0 10.10.10.75:80 10.10.14.116:35928 TIME_WAIT -
  326. tcp6 0 140 10.10.10.75:80 10.10.15.80:48375 ESTABLISHED -
  327. tcp6 0 140 10.10.10.75:80 10.10.15.80:59081 ESTABLISHED -
  328. tcp6 0 140 10.10.10.75:80 10.10.15.80:57627 ESTABLISHED -
  329. tcp6 0 0 10.10.10.75:80 10.10.15.80:34609 TIME_WAIT -
  330. tcp6 0 0 10.10.10.75:80 10.10.15.80:35073 TIME_WAIT -
  331. tcp6 0 0 10.10.10.75:80 10.10.14.116:35930 TIME_WAIT -
  332. tcp6 0 0 10.10.10.75:80 10.10.15.80:54275 TIME_WAIT -
  333. tcp6 0 0 10.10.10.75:80 10.10.15.80:57291 TIME_WAIT -
  334. tcp6 0 0 10.10.10.75:80 10.10.15.80:35485 TIME_WAIT -
  335. tcp6 0 0 10.10.10.75:80 10.10.15.80:34175 TIME_WAIT -
  336. tcp6 0 0 10.10.10.75:80 10.10.15.133:60556 TIME_WAIT -
  337. tcp6 0 0 10.10.10.75:80 10.10.16.32:54644 ESTABLISHED -
  338. tcp6 0 0 10.10.10.75:80 10.10.15.133:60558 TIME_WAIT -
  339. tcp6 0 0 10.10.10.75:80 10.10.14.116:35936 TIME_WAIT -
  340. tcp6 0 0 10.10.10.75:80 10.10.15.80:42139 TIME_WAIT -
  341. tcp6 0 0 10.10.10.75:80 10.10.14.120:53408 ESTABLISHED -
  342. tcp6 0 0 10.10.10.75:80 10.10.15.80:36353 TIME_WAIT -
  343. tcp6 0 0 10.10.10.75:80 10.10.15.80:53471 TIME_WAIT -
  344. tcp6 0 0 10.10.10.75:80 10.10.15.80:33813 ESTABLISHED -
  345. tcp6 0 0 10.10.10.75:80 10.10.15.80:35337 TIME_WAIT -
  346. tcp6 0 140 10.10.10.75:80 10.10.15.80:42205 ESTABLISHED -
  347. tcp6 1 0 10.10.10.75:80 10.10.14.199:39259 CLOSE_WAIT -
  348. tcp6 0 0 10.10.10.75:80 10.10.14.116:35934 TIME_WAIT -
  349. tcp6 0 0 10.10.10.75:80 10.10.15.133:60686 TIME_WAIT -
  350. tcp6 0 0 10.10.10.75:80 10.10.15.80:39577 TIME_WAIT -
  351. tcp6 0 0 10.10.10.75:80 10.10.15.80:56183 ESTABLISHED -
  352. tcp6 0 0 10.10.10.75:80 10.10.15.80:46875 TIME_WAIT -
  353. tcp6 0 0 10.10.10.75:80 10.10.14.116:35932 TIME_WAIT -
  354. tcp6 0 0 10.10.10.75:80 10.10.14.116:35910 TIME_WAIT -
  355. tcp6 0 0 10.10.10.75:80 10.10.15.80:56523 TIME_WAIT -
  356. tcp6 0 0 10.10.10.75:80 10.10.15.80:59233 TIME_WAIT -
  357. tcp6 0 140 10.10.10.75:80 10.10.15.80:51653 ESTABLISHED -
  358. tcp6 0 140 10.10.10.75:80 10.10.15.80:51127 ESTABLISHED -
  359. tcp6 0 0 10.10.10.75:80 10.10.14.116:35922 TIME_WAIT -
  360. tcp6 0 0 10.10.10.75:80 10.10.15.80:46793 TIME_WAIT -
  361. tcp6 0 0 10.10.10.75:80 10.10.15.80:44297 TIME_WAIT -
  362. tcp6 0 0 10.10.10.75:80 10.10.15.80:57111 TIME_WAIT -
  363. tcp6 0 0 10.10.10.75:80 10.10.15.80:38099 TIME_WAIT -
  364. tcp6 0 0 10.10.10.75:80 10.10.15.80:43685 TIME_WAIT -
  365. tcp6 0 140 10.10.10.75:80 10.10.15.80:37209 ESTABLISHED -
  366. tcp6 0 140 10.10.10.75:80 10.10.15.80:47123 ESTABLISHED -
  367. tcp6 0 0 10.10.10.75:80 10.10.15.133:60802 FIN_WAIT2 -
  368.  
  369.  
  370. [-] Listening UDP:
  371. Active Internet connections (servers and established)
  372. Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
  373. udp 0 0 10.10.10.75:37159 10.10.10.2:53 ESTABLISHED -
  374.  
  375.  
  376. ### SERVICES #############################################
  377. [-] Running processes:
  378. USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
  379. root 1 0.0 0.5 119716 5808 ? Ss 11:42 0:03 /sbin/init
  380. root 2 0.0 0.0 0 0 ? S 11:42 0:00 [kthreadd]
  381. root 3 0.0 0.0 0 0 ? S 11:42 0:04 [ksoftirqd/0]
  382. root 5 0.0 0.0 0 0 ? S< 11:42 0:00 [kworker/0:0H]
  383. root 7 0.0 0.0 0 0 ? S 11:42 0:02 [rcu_sched]
  384. root 8 0.0 0.0 0 0 ? S 11:42 0:00 [rcu_bh]
  385. root 9 0.0 0.0 0 0 ? S 11:42 0:00 [migration/0]
  386. root 10 0.0 0.0 0 0 ? S 11:42 0:00 [watchdog/0]
  387. root 11 0.0 0.0 0 0 ? S 11:42 0:00 [kdevtmpfs]
  388. root 12 0.0 0.0 0 0 ? S< 11:42 0:00 [netns]
  389. root 13 0.0 0.0 0 0 ? S< 11:42 0:00 [perf]
  390. root 14 0.0 0.0 0 0 ? S 11:42 0:00 [khungtaskd]
  391. root 15 0.0 0.0 0 0 ? S< 11:42 0:00 [writeback]
  392. root 16 0.0 0.0 0 0 ? SN 11:42 0:00 [ksmd]
  393. root 17 0.0 0.0 0 0 ? SN 11:42 0:00 [khugepaged]
  394. root 18 0.0 0.0 0 0 ? S< 11:42 0:00 [crypto]
  395. root 19 0.0 0.0 0 0 ? S< 11:42 0:00 [kintegrityd]
  396. root 20 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  397. root 21 0.0 0.0 0 0 ? S< 11:42 0:00 [kblockd]
  398. root 22 0.0 0.0 0 0 ? S< 11:42 0:00 [ata_sff]
  399. root 23 0.0 0.0 0 0 ? S< 11:42 0:00 [md]
  400. root 24 0.0 0.0 0 0 ? S< 11:42 0:00 [devfreq_wq]
  401. root 28 0.0 0.0 0 0 ? S 11:42 0:00 [kswapd0]
  402. root 29 0.0 0.0 0 0 ? S< 11:42 0:00 [vmstat]
  403. root 30 0.0 0.0 0 0 ? S 11:42 0:00 [fsnotify_mark]
  404. root 31 0.0 0.0 0 0 ? S 11:42 0:00 [ecryptfs-kthrea]
  405. root 47 0.0 0.0 0 0 ? S< 11:42 0:00 [kthrotld]
  406. root 48 0.0 0.0 0 0 ? S< 11:42 0:00 [acpi_thermal_pm]
  407. root 49 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  408. root 50 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  409. root 51 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  410. root 52 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  411. root 53 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  412. root 54 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  413. root 55 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  414. root 56 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  415. root 57 0.0 0.0 0 0 ? S 11:42 0:00 [scsi_eh_0]
  416. root 58 0.0 0.0 0 0 ? S< 11:42 0:00 [scsi_tmf_0]
  417. root 59 0.0 0.0 0 0 ? S 11:42 0:00 [scsi_eh_1]
  418. root 60 0.0 0.0 0 0 ? S< 11:42 0:00 [scsi_tmf_1]
  419. root 66 0.0 0.0 0 0 ? S< 11:42 0:00 [ipv6_addrconf]
  420. root 79 0.0 0.0 0 0 ? S< 11:42 0:00 [deferwq]
  421. root 80 0.0 0.0 0 0 ? S< 11:42 0:00 [charger_manager]
  422. root 81 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  423. root 150 0.0 0.0 0 0 ? S 11:42 0:00 [scsi_eh_2]
  424. root 151 0.0 0.0 0 0 ? S< 11:42 0:00 [scsi_tmf_2]
  425. root 152 0.0 0.0 0 0 ? S< 11:42 0:00 [vmw_pvscsi_wq_2]
  426. root 154 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  427. root 170 0.0 0.0 0 0 ? S< 11:42 0:00 [kpsmoused]
  428. root 177 0.0 0.0 0 0 ? S< 11:42 0:00 [ttm_swap]
  429. root 270 0.0 0.0 0 0 ? S< 11:42 0:00 [raid5wq]
  430. root 295 0.0 0.0 0 0 ? S< 11:42 0:00 [kdmflush]
  431. root 296 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  432. root 306 0.0 0.0 0 0 ? S< 11:42 0:00 [kdmflush]
  433. root 307 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  434. root 322 0.0 0.0 0 0 ? S< 11:42 0:00 [bioset]
  435. root 350 0.0 0.0 0 0 ? S 11:42 0:00 [jbd2/dm-0-8]
  436. root 351 0.0 0.0 0 0 ? S< 11:42 0:00 [ext4-rsv-conver]
  437. root 394 0.0 0.0 0 0 ? S 11:42 0:04 [kworker/0:2]
  438. root 396 0.0 0.0 0 0 ? S< 11:42 0:00 [kworker/0:1H]
  439. root 411 0.0 0.2 28336 2668 ? Ss 11:42 0:00 /lib/systemd/systemd-journald
  440. root 426 0.0 0.0 0 0 ? S< 11:42 0:00 [iscsi_eh]
  441. root 427 0.0 0.0 0 0 ? S 11:42 0:00 [kauditd]
  442. root 441 0.0 0.0 0 0 ? S< 11:42 0:00 [ib_addr]
  443. root 444 0.0 0.1 102972 1596 ? Ss 11:42 0:00 /sbin/lvmetad -f
  444. root 451 0.0 0.0 0 0 ? S< 11:42 0:00 [ib_mcast]
  445. root 452 0.0 0.0 0 0 ? S< 11:42 0:00 [ib_nl_sa_wq]
  446. root 456 0.0 0.0 0 0 ? S< 11:42 0:00 [ib_cm]
  447. root 461 0.0 0.0 0 0 ? S< 11:42 0:00 [iw_cm_wq]
  448. root 463 0.0 0.3 44568 3600 ? Ss 11:42 0:00 /lib/systemd/systemd-udevd
  449. root 469 0.0 0.0 0 0 ? S< 11:42 0:00 [rdma_cm]
  450. root 731 0.0 0.0 0 0 ? S< 11:42 0:00 [ext4-rsv-conver]
  451. systemd+ 798 0.0 0.2 100324 2392 ? Ssl 11:42 0:00 /lib/systemd/systemd-timesyncd
  452. root 901 0.0 0.6 275860 6008 ? Ssl 11:42 0:00 /usr/lib/accountsservice/accounts-daemon
  453. root 902 0.0 0.1 20104 1132 ? Ss 11:42 0:00 /lib/systemd/systemd-logind
  454. syslog 905 0.0 0.3 260632 3336 ? Ssl 11:42 0:00 /usr/sbin/rsyslogd -n
  455. message+ 912 0.0 0.3 42904 3736 ? Ss 11:42 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
  456. root 929 0.0 2.5 277936 25208 ? Ssl 11:42 0:00 /usr/lib/snapd/snapd
  457. daemon 930 0.0 0.2 26048 2048 ? Ss 11:42 0:00 /usr/sbin/atd -f
  458. root 939 0.0 0.1 4400 1268 ? Ss 11:42 0:00 /usr/sbin/acpid
  459. root 942 0.0 0.2 29012 2768 ? Ss 11:42 0:00 /usr/sbin/cron -f
  460. root 948 0.0 0.4 613544 4708 ? Ssl 11:42 0:00 /usr/bin/lxcfs /var/lib/lxcfs/
  461. root 949 0.0 1.0 185740 10020 ? Ssl 11:42 0:07 /usr/bin/vmtoolsd
  462. root 979 0.0 0.5 277092 5864 ? Ssl 11:42 0:00 /usr/lib/policykit-1/polkitd --no-debug
  463. root 992 0.0 0.0 13376 152 ? Ss 11:42 0:00 /sbin/mdadm --monitor --pid-file /run/mdadm/monitor.pid --daemonise --scan --syslog
  464. root 1134 0.0 0.5 65524 5984 ? Ss 11:42 0:00 /usr/sbin/sshd -D
  465. root 1156 0.0 0.0 5224 124 ? Ss 11:42 0:00 /sbin/iscsid
  466. mysql 1158 0.0 15.6 1115980 156576 ? Ssl 11:42 0:03 /usr/sbin/mysqld
  467. root 1160 0.0 0.3 5724 3520 ? S<Ls 11:42 0:01 /sbin/iscsid
  468. root 1245 0.0 0.1 15940 1572 tty1 Ss+ 11:42 0:00 /sbin/agetty --noclear tty1 linux
  469. root 1336 0.0 1.7 328296 17692 ? Ss 11:42 0:01 /usr/sbin/apache2 -k start
  470. nibbler 1729 0.0 1.2 329784 12940 ? S 11:50 0:01 /usr/sbin/apache2 -k start
  471. nibbler 3457 0.0 1.3 329784 13412 ? S 11:53 0:01 /usr/sbin/apache2 -k start
  472. nibbler 3496 0.0 0.0 1188 960 ? Sl 11:54 0:00 /tmp/lGfTC
  473. nibbler 3598 0.0 0.0 4508 644 ? S 11:57 0:00 /bin/sh -c /bin/sh
  474. nibbler 3599 0.0 0.0 4508 564 ? S 11:57 0:00 /bin/sh
  475. nibbler 3603 0.0 0.2 18220 2088 ? S 11:57 0:00 bash -i
  476. nibbler 4336 0.0 1.5 332516 15788 ? S 12:12 0:01 /usr/sbin/apache2 -k start
  477. nibbler 4653 0.0 0.0 4508 752 ? S 12:22 0:00 /bin/sh -c /bin/sh
  478. nibbler 4654 0.0 0.0 4508 712 ? S 12:22 0:00 /bin/sh
  479. nibbler 4655 0.0 0.2 18216 2788 ? S 12:22 0:00 bash -i
  480. root 4842 0.0 0.0 0 0 ? S 12:28 0:00 [kworker/u256:1]
  481. nibbler 5034 0.0 0.0 4508 848 ? S 12:53 0:00 sh -c cd /tmp; bash mo*.sh 2>&1
  482. nibbler 5035 0.0 0.1 18032 1648 ? S 12:53 0:00 bash monitor.sh
  483. nibbler 5036 0.0 0.2 18216 2092 ? S 12:53 0:00 bash -i
  484. nibbler 5179 0.0 1.8 332528 18232 ? S 13:06 0:00 /usr/sbin/apache2 -k start
  485. nibbler 5187 0.0 1.8 332528 18548 ? S 13:08 0:00 /usr/sbin/apache2 -k start
  486. nibbler 5275 0.0 1.7 332020 17060 ? S 13:09 0:00 /usr/sbin/apache2 -k start
  487. root 5290 0.0 0.0 0 0 ? S 13:18 0:00 [kworker/u256:0]
  488. root 5301 0.0 0.0 0 0 ? S 13:39 0:00 [kworker/0:0]
  489. nibbler 5362 0.0 1.4 328928 14876 ? S 13:43 0:00 /usr/sbin/apache2 -k start
  490. nibbler 5391 0.0 1.7 332008 17204 ? S 13:50 0:00 /usr/sbin/apache2 -k start
  491. nibbler 5395 0.0 1.7 332524 17624 ? S 13:50 0:00 /usr/sbin/apache2 -k start
  492. nibbler 5396 0.0 0.9 328532 9280 ? S 13:50 0:00 /usr/sbin/apache2 -k start
  493. nibbler 5398 0.0 0.0 4508 748 ? S 13:51 0:00 /bin/sh -c /bin/sh
  494. nibbler 5399 0.0 0.0 4508 700 ? S 13:51 0:00 /bin/sh
  495. nibbler 5400 0.0 0.9 328556 9416 ? S 13:51 0:00 /usr/sbin/apache2 -k start
  496. nibbler 5401 0.0 0.9 328532 9272 ? S 13:51 0:00 /usr/sbin/apache2 -k start
  497. nibbler 5402 0.0 1.5 328928 15032 ? S 13:51 0:00 /usr/sbin/apache2 -k start
  498. nibbler 5403 0.0 0.3 18216 3204 ? S 13:51 0:00 bash -i
  499. nibbler 5406 0.0 1.7 332016 17944 ? S 13:51 0:00 /usr/sbin/apache2 -k start
  500. nibbler 5408 0.0 0.3 18988 3900 ? S 13:51 0:00 bash LinEnum.sh
  501. nibbler 5409 0.0 0.3 19088 3480 ? S 13:51 0:00 bash LinEnum.sh
  502. nibbler 5410 0.0 0.0 4384 664 ? S 13:51 0:00 tee -a
  503. root 5490 0.0 0.6 94036 6396 ? Ss 13:52 0:00 sshd: root [priv]
  504. sshd 5491 0.0 0.3 66868 3040 ? S 13:52 0:00 sshd: root [net]
  505. nibbler 5581 0.0 0.9 328368 9156 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  506. nibbler 5582 0.0 0.9 328368 9156 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  507. nibbler 5583 0.0 0.8 328360 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  508. nibbler 5584 0.0 0.8 328360 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  509. nibbler 5585 0.0 0.8 328360 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  510. nibbler 5586 0.0 0.8 328360 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  511. nibbler 5587 0.0 0.8 328360 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  512. nibbler 5589 0.0 0.8 328336 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  513. nibbler 5591 0.0 0.8 328360 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  514. nibbler 5592 0.0 0.8 328336 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  515. nibbler 5593 0.0 0.8 328320 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  516. nibbler 5594 0.0 0.8 328336 8080 ? S 13:52 0:00 /usr/sbin/apache2 -k start
  517. root 5604 0.0 0.0 0 0 ? S 13:52 0:00 [kworker/u256:2]
  518. nibbler 5612 0.0 0.2 19088 2976 ? S 13:52 0:00 bash LinEnum.sh
  519. nibbler 5613 0.0 0.2 34428 2804 ? R 13:52 0:00 ps aux
  520.  
  521.  
  522. [-] Process binaries and associated permissions (from above list):
  523. lrwxrwxrwx 1 root root 4 Sep 22 2017 /bin/sh -> dash
  524. -rwxr-xr-x 1 root root 326224 Oct 27 06:12 /lib/systemd/systemd-journald
  525. -rwxr-xr-x 1 root root 618520 Oct 27 06:12 /lib/systemd/systemd-logind
  526. -rwxr-xr-x 1 root root 141904 Oct 27 06:12 /lib/systemd/systemd-timesyncd
  527. -rwxr-xr-x 1 root root 453240 Oct 27 06:12 /lib/systemd/systemd-udevd
  528. -rwxr-xr-x 1 root root 44104 Jun 14 2017 /sbin/agetty
  529. lrwxrwxrwx 1 root root 20 Oct 27 06:11 /sbin/init -> /lib/systemd/systemd
  530. -rwxr-xr-x 1 root root 783984 Jul 26 2017 /sbin/iscsid
  531. -rwxr-xr-x 1 root root 51336 Apr 16 2016 /sbin/lvmetad
  532. -rwxr-xr-x 1 root root 513216 Nov 8 08:18 /sbin/mdadm
  533. -rwxr-xr-x 1 root root 224208 Jan 12 2017 /usr/bin/dbus-daemon
  534. -rwxr-xr-x 1 root root 18504 Nov 8 20:43 /usr/bin/lxcfs
  535. -rwxr-xr-x 1 root root 44528 Feb 9 2017 /usr/bin/vmtoolsd
  536. -rwxr-xr-x 1 root root 164928 Nov 3 2016 /usr/lib/accountsservice/accounts-daemon
  537. -rwxr-xr-x 1 root root 15048 Jan 17 2016 /usr/lib/policykit-1/polkitd
  538. -rwxr-xr-x 1 root root 21178072 Nov 30 14:48 /usr/lib/snapd/snapd
  539. -rwxr-xr-x 1 root root 48112 Apr 8 2016 /usr/sbin/acpid
  540. -rwxr-xr-x 1 root root 662496 Sep 18 2017 /usr/sbin/apache2
  541. -rwxr-xr-x 1 root root 26632 Jan 14 2016 /usr/sbin/atd
  542. -rwxr-xr-x 1 root root 44472 Apr 5 2016 /usr/sbin/cron
  543. -rwxr-xr-x 1 root root 24803912 Oct 18 11:23 /usr/sbin/mysqld
  544. -rwxr-xr-x 1 root root 599328 Apr 5 2016 /usr/sbin/rsyslogd
  545. -rwxr-xr-x 1 root root 799216 Mar 16 2017 /usr/sbin/sshd
  546.  
  547.  
  548. [-] /etc/init.d/ binary permissions:
  549. total 324
  550. drwxr-xr-x 2 root root 4096 Dec 28 05:57 .
  551. drwxr-xr-x 92 root root 4096 Dec 28 05:58 ..
  552. -rw-r--r-- 1 root root 1183 Dec 28 05:57 .depend.boot
  553. -rw-r--r-- 1 root root 1065 Dec 28 05:57 .depend.start
  554. -rw-r--r-- 1 root root 1209 Dec 28 05:57 .depend.stop
  555. -rw-r--r-- 1 root root 2427 Jan 19 2016 README
  556. -rwxr-xr-x 1 root root 2243 Feb 9 2016 acpid
  557. -rwxr-xr-x 1 root root 2210 Apr 5 2016 apache-htcacheclean
  558. -rwxr-xr-x 1 root root 8087 Apr 5 2016 apache2
  559. -rwxr-xr-x 1 root root 6223 Mar 3 2017 apparmor
  560. -rwxr-xr-x 1 root root 2802 Nov 17 13:56 apport
  561. -rwxr-xr-x 1 root root 1071 Dec 6 2015 atd
  562. -rwxr-xr-x 1 root root 1275 Jan 19 2016 bootmisc.sh
  563. -rwxr-xr-x 1 root root 3807 Jan 19 2016 checkfs.sh
  564. -rwxr-xr-x 1 root root 1098 Jan 19 2016 checkroot-bootclean.sh
  565. -rwxr-xr-x 1 root root 9353 Jan 19 2016 checkroot.sh
  566. -rwxr-xr-x 1 root root 1343 Apr 4 2016 console-setup
  567. -rwxr-xr-x 1 root root 3049 Apr 5 2016 cron
  568. -rwxr-xr-x 1 root root 937 Mar 28 2015 cryptdisks
  569. -rwxr-xr-x 1 root root 896 Mar 28 2015 cryptdisks-early
  570. -rwxr-xr-x 1 root root 2813 Dec 1 2015 dbus
  571. -rwxr-xr-x 1 root root 1105 Mar 15 2016 grub-common
  572. -rwxr-xr-x 1 root root 1336 Jan 19 2016 halt
  573. -rwxr-xr-x 1 root root 1423 Jan 19 2016 hostname.sh
  574. -rwxr-xr-x 1 root root 3809 Mar 12 2016 hwclock.sh
  575. -rwxr-xr-x 1 root root 2372 Apr 11 2016 irqbalance
  576. -rwxr-xr-x 1 root root 1503 Mar 29 2016 iscsid
  577. -rwxr-xr-x 1 root root 1804 Apr 4 2016 keyboard-setup.dpkg-bak
  578. -rwxr-xr-x 1 root root 1300 Jan 19 2016 killprocs
  579. -rwxr-xr-x 1 root root 2087 Dec 20 2015 kmod
  580. -rwxr-xr-x 1 root root 695 Oct 30 2015 lvm2
  581. -rwxr-xr-x 1 root root 571 Oct 30 2015 lvm2-lvmetad
  582. -rwxr-xr-x 1 root root 586 Oct 30 2015 lvm2-lvmpolld
  583. -rwxr-xr-x 1 root root 2378 Nov 8 20:43 lxcfs
  584. -rwxr-xr-x 1 root root 2541 Jun 30 2016 lxd
  585. -rwxr-xr-x 1 root root 2365 Oct 9 2017 mdadm
  586. -rwxr-xr-x 1 root root 1199 Jul 16 2014 mdadm-waitidle
  587. -rwxr-xr-x 1 root root 703 Jan 19 2016 mountall-bootclean.sh
  588. -rwxr-xr-x 1 root root 2301 Jan 19 2016 mountall.sh
  589. -rwxr-xr-x 1 root root 1461 Jan 19 2016 mountdevsubfs.sh
  590. -rwxr-xr-x 1 root root 1564 Jan 19 2016 mountkernfs.sh
  591. -rwxr-xr-x 1 root root 711 Jan 19 2016 mountnfs-bootclean.sh
  592. -rwxr-xr-x 1 root root 2456 Jan 19 2016 mountnfs.sh
  593. -rwxr-xr-x 1 root root 5607 Feb 3 2017 mysql
  594. -rwxr-xr-x 1 root root 4771 Jul 19 2015 networking
  595. -rwxr-xr-x 1 root root 1581 Oct 15 2015 ondemand
  596. -rwxr-xr-x 1 root root 2503 Mar 29 2016 open-iscsi
  597. -rwxr-xr-x 1 root root 1578 Mar 29 2016 open-vm-tools
  598. -rwxr-xr-x 1 root root 1366 Nov 15 2015 plymouth
  599. -rwxr-xr-x 1 root root 752 Nov 15 2015 plymouth-log
  600. -rwxr-xr-x 1 root root 1192 Sep 6 2015 procps
  601. -rwxr-xr-x 1 root root 6366 Jan 19 2016 rc
  602. -rwxr-xr-x 1 root root 820 Jan 19 2016 rc.local
  603. -rwxr-xr-x 1 root root 117 Jan 19 2016 rcS
  604. -rwxr-xr-x 1 root root 661 Jan 19 2016 reboot
  605. -rwxr-xr-x 1 root root 4149 Nov 23 2015 resolvconf
  606. -rwxr-xr-x 1 root root 4355 Jul 10 2014 rsync
  607. -rwxr-xr-x 1 root root 2796 Feb 3 2016 rsyslog
  608. -rwxr-xr-x 1 root root 1226 Jun 9 2015 screen-cleanup
  609. -rwxr-xr-x 1 root root 3927 Jan 19 2016 sendsigs
  610. -rwxr-xr-x 1 root root 597 Jan 19 2016 single
  611. -rw-r--r-- 1 root root 1087 Jan 19 2016 skeleton
  612. -rwxr-xr-x 1 root root 4077 Apr 27 2016 ssh
  613. -rwxr-xr-x 1 root root 6087 Apr 12 2016 udev
  614. -rwxr-xr-x 1 root root 2049 Aug 7 2014 ufw
  615. -rwxr-xr-x 1 root root 2737 Jan 19 2016 umountfs
  616. -rwxr-xr-x 1 root root 2202 Jan 19 2016 umountnfs.sh
  617. -rwxr-xr-x 1 root root 1879 Jan 19 2016 umountroot
  618. -rwxr-xr-x 1 root root 1391 Apr 20 2017 unattended-upgrades
  619. -rwxr-xr-x 1 root root 3111 Jan 19 2016 urandom
  620. -rwxr-xr-x 1 root root 1306 May 26 2016 uuidd
  621.  
  622.  
  623. ### SOFTWARE #############################################
  624. [-] Sudo version:
  625. Sudo version 1.8.16
  626.  
  627.  
  628. [-] MYSQL version:
  629. mysql Ver 14.14 Distrib 5.7.20, for Linux (x86_64) using EditLine wrapper
  630.  
  631.  
  632. [-] Apache version:
  633. Server version: Apache/2.4.18 (Ubuntu)
  634. Server built: 2017-09-18T15:09:02
  635.  
  636.  
  637. [-] Apache user configuration:
  638. APACHE_RUN_USER=nibbler
  639. APACHE_RUN_GROUP=nibbler
  640.  
  641.  
  642. [-] Installed Apache modules:
  643. Loaded Modules:
  644. core_module (static)
  645. so_module (static)
  646. watchdog_module (static)
  647. http_module (static)
  648. log_config_module (static)
  649. logio_module (static)
  650. version_module (static)
  651. unixd_module (static)
  652. access_compat_module (shared)
  653. alias_module (shared)
  654. auth_basic_module (shared)
  655. authn_core_module (shared)
  656. authn_file_module (shared)
  657. authz_core_module (shared)
  658. authz_host_module (shared)
  659. authz_user_module (shared)
  660. autoindex_module (shared)
  661. deflate_module (shared)
  662. dir_module (shared)
  663. env_module (shared)
  664. filter_module (shared)
  665. mime_module (shared)
  666. mpm_prefork_module (shared)
  667. negotiation_module (shared)
  668. php5_module (shared)
  669. setenvif_module (shared)
  670. status_module (shared)
  671.  
  672.  
  673. [-] www home dir contents:
  674. /var/www/:
  675. total 12K
  676. drwxr-xr-x 3 root root 4.0K Dec 10 23:27 .
  677. drwxr-xr-x 14 root root 4.0K Dec 10 23:27 ..
  678. drwxr-xr-x 3 root root 4.0K Dec 28 15:22 html
  679.  
  680. /var/www/html:
  681. total 16K
  682. drwxr-xr-x 3 root root 4.0K Dec 28 15:22 .
  683. drwxr-xr-x 3 root root 4.0K Dec 10 23:27 ..
  684. -rw-r--r-- 1 root root 93 Dec 28 15:19 index.html
  685. d-wx-wx--x 7 nibbler nibbler 4.0K Dec 28 08:55 nibbleblog
  686.  
  687.  
  688. ### INTERESTING FILES ####################################
  689. [-] Useful file locations:
  690. /bin/nc
  691. /bin/netcat
  692. /usr/bin/wget
  693. /usr/bin/gcc
  694. /usr/bin/curl
  695.  
  696.  
  697. [-] Installed compilers:
  698. ii g++ 4:5.3.1-1ubuntu1 amd64 GNU C++ compiler
  699. ii g++-5 5.4.0-6ubuntu1~16.04.5 amd64 GNU C++ compiler
  700. ii gcc 4:5.3.1-1ubuntu1 amd64 GNU C compiler
  701. ii gcc-5 5.4.0-6ubuntu1~16.04.5 amd64 GNU C compiler
  702.  
  703.  
  704. [-] Can we read/write sensitive files:
  705. -rw-r--r-- 1 root root 1607 Dec 10 22:42 /etc/passwd
  706. -rw-r--r-- 1 root root 772 Dec 10 22:42 /etc/group
  707. -rw-r--r-- 1 root root 575 Oct 22 2015 /etc/profile
  708. -rw-r----- 1 root shadow 1069 Dec 10 22:42 /etc/shadow
  709.  
  710.  
  711. [-] Can't search *.conf files as no keyword was entered
  712.  
  713. [-] Can't search *.php files as no keyword was entered
  714.  
  715. [-] Can't search *.log files as no keyword was entered
  716.  
  717. [-] Can't search *.ini files as no keyword was entered
  718.  
  719. [-] All *.conf files in /etc (recursive 1 level):
  720. -rw-r--r-- 1 root root 350 Sep 22 2017 /etc/popularity-contest.conf
  721. -rw-r--r-- 1 root root 2969 Nov 10 2015 /etc/debconf.conf
  722. -rw-r--r-- 1 root root 703 May 6 2015 /etc/logrotate.conf
  723. -rw-r--r-- 1 root root 2084 Sep 6 2015 /etc/sysctl.conf
  724. -rw-r--r-- 1 root root 338 Nov 18 2014 /etc/updatedb.conf
  725. -rw-r--r-- 1 root root 4781 Mar 17 2016 /etc/hdparm.conf
  726. -rw-r--r-- 1 root root 14867 Apr 12 2016 /etc/ltrace.conf
  727. -rw-r--r-- 1 root root 34 Jan 27 2016 /etc/ld.so.conf
  728. -rw-r--r-- 1 root root 771 Mar 6 2015 /etc/insserv.conf
  729. -rw-r--r-- 1 root root 8464 Dec 10 12:07 /etc/ca-certificates.conf
  730. -rw-r--r-- 1 root root 144 Sep 22 2017 /etc/kernel-img.conf
  731. -rw-r--r-- 1 root root 3028 Jul 19 2016 /etc/adduser.conf
  732. -rw-r--r-- 1 root root 497 May 4 2014 /etc/nsswitch.conf
  733. -rw-r--r-- 1 root root 92 Oct 22 2015 /etc/host.conf
  734. -rw-r--r-- 1 root root 552 Mar 16 2016 /etc/pam.conf
  735. -rw-r--r-- 1 root root 191 Jan 18 2016 /etc/libaudit.conf
  736. -rw-r--r-- 1 root root 280 Jun 20 2014 /etc/fuse.conf
  737. -rw-r--r-- 1 root root 2584 Feb 18 2016 /etc/gai.conf
  738. -rw-r--r-- 1 root root 604 Jul 2 2015 /etc/deluser.conf
  739. -rw-r--r-- 1 root root 100 Nov 25 2015 /etc/sos.conf
  740. -rw-r--r-- 1 root root 967 Oct 30 2015 /etc/mke2fs.conf
  741. -rw-r--r-- 1 root root 6816 May 11 2017 /etc/overlayroot.conf
  742. -rw-r--r-- 1 root root 1260 Mar 16 2016 /etc/ucf.conf
  743. -rw-r--r-- 1 root root 1371 Jan 27 2016 /etc/rsyslog.conf
  744.  
  745.  
  746. [-] Current user's history files:
  747. -rw------- 1 nibbler nibbler 0 Dec 29 05:29 /home/nibbler/.bash_history
  748.  
  749.  
  750. [-] Location and contents (if accessible) of .bash_history file(s):
  751. /home/nibbler/.bash_history
  752.  
  753.  
  754. [-] Any interesting mail in /var/mail:
  755. total 8
  756. drwxrwsr-x 2 root mail 4096 Dec 10 23:27 .
  757. drwxr-xr-x 14 root root 4096 Dec 10 23:27 ..
  758.  
  759.  
  760. ### SCAN COMPLETE ####################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!