API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 17th, 2016
67
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 24.86 KB | None | 0 0
raw download clone embed print report
  1. ystem information enumerated. ### SYSTEM ############################################## Kernel information: Linux bibek.ibe.edu.pl 2.6.18-371.9.1.el5 #1 SMP Tue Jun 10 17:49:56 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux Contents of /etc/passwd: root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin pcap:x:77:77::/var/arpwatch:/sbin/nologin rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin avahi:x:70:70:Avahi daemon:/:/sbin/nologin haldaemon:x:68:68:HAL daemon:/:/sbin/nologin avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin maxel:x:500:500:MAX Elektronik:/home/maxel:/bin/bash apache:x:48:48:Apache:/var/www:/sbin/nologin prolib:x:501:500:Operator Proliba TXT:/home/prolib:/bin/bash ibe:x:502:502::/home/ibe:/bin/bash Super user account(s): root Password and storage information: PASS_MAX_DAYS 99999 PASS_MIN_DAYS 0 PASS_WARN_AGE 7 Crontab contents: SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly Anacron jobs and associated file permissions: -rw-r--r-- 1 root root 298 Mar 28 2007 /etc/anacrontab # /etc/anacrontab: configuration file for anacron # See anacron(8) and anacrontab(5) for details. SHELL=/bin/sh PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root 1 65 cron.daily run-parts /etc/cron.daily 7 70 cron.weekly run-parts /etc/cron.weekly 30 75 cron.monthly run-parts /etc/cron.monthly When were jobs last executed (/var/spool/anacron contents): total 40 drwxr-xr-x 2 root root 4096 Jun 18 2010 . drwxr-xr-x 12 root root 4096 May 11 2011 .. -rw------- 1 root root 9 Jan 24 04:02 cron.daily -rw------- 1 root root 9 Jan 1 04:42 cron.monthly -rw------- 1 root root 9 Jan 24 04:22 cron.weekly ### NETWORKING ########################################## Network & IP info: eth0 Link encap:Ethernet HWaddr 52:54:00:4C:FC:74 inet addr:10.0.1.6 Bcast:10.255.255.255 Mask:255.0.0.0 inet6 addr: fe80::5054:ff:fe4c:fc74/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2738757 errors:0 dropped:0 overruns:0 frame:0 TX packets:43717 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:198513241 (189.3 MiB) TX bytes:1030543955 (982.8 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:47219 errors:0 dropped:0 overruns:0 frame:0 TX packets:47219 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6967208 (6.6 MiB) TX bytes:6967208 (6.6 MiB) sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Nameserver(s): nameserver 10.0.1.10 nameserver 10.0.1.2 Listening TCP: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:40000 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:2001 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:637 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:34539 127.0.0.1:60107 ESTABLISHED - tcp 0 0 :::7840 :::* LISTEN - tcp 0 0 :::20931 :::* LISTEN - tcp 0 0 :::39176 :::* LISTEN - tcp 0 0 :::8840 :::* LISTEN - tcp 0 0 :::3055 :::* LISTEN - tcp 0 0 :::80 :::* LISTEN - tcp 0 0 :::37010 :::* LISTEN - tcp 0 0 :::22 :::* LISTEN - tcp 0 0 :::49212 :::* LISTEN - tcp 0 0 ::ffff:127.0.0.1:60107 ::ffff:127.0.0.1:34539 ESTABLISHED - tcp 0 0 ::ffff:127.0.0.1:58025 ::ffff:127.0.0.1:37010 TIME_WAIT - tcp 0 0 ::ffff:10.0.1.6:80 ::ffff:194.187.250.22:49927 TIME_WAIT - tcp 0 0 ::ffff:10.0.1.6:80 ::ffff:194.187.250.22:49926 TIME_WAIT - tcp 0 0 ::ffff:10.0.1.6:80 ::ffff:194.187.250.22:49928 TIME_WAIT - tcp 0 0 ::ffff:10.0.1.6:80 ::ffff:194.187.250.22:49934 TIME_WAIT - tcp 0 0 ::ffff:10.0.1.6:80 ::ffff:194.187.250.22:49933 TIME_WAIT - tcp 0 0 ::ffff:10.0.1.6:80 ::ffff:194.187.250.22:49932 TIME_WAIT - tcp 0 25066 ::ffff:10.0.1.6:80 ::ffff:194.187.250.22:49936 ESTABLISHED - tcp 0 0 ::ffff:127.0.0.1:56796 ::ffff:127.0.0.1:39176 TIME_WAIT - tcp 0 0 ::ffff:127.0.0.1:56793 ::ffff:127.0.0.1:39176 TIME_WAIT - tcp 0 0 ::ffff:127.0.0.1:51967 ::ffff:127.0.0.1:49212 TIME_WAIT - Listening UDP: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 10.0.1.6:137 0.0.0.0:* - udp 0 0 0.0.0.0:137 0.0.0.0:* - udp 0 0 10.0.1.6:138 0.0.0.0:* - udp 0 0 0.0.0.0:138 0.0.0.0:* - udp 0 0 0.0.0.0:56374 0.0.0.0:* - udp 0 0 0.0.0.0:5353 0.0.0.0:* - udp 0 0 0.0.0.0:111 0.0.0.0:* - udp 0 0 0.0.0.0:631 0.0.0.0:* - udp 0 0 0.0.0.0:634 0.0.0.0:* - udp 0 0 :::58141 :::* - udp 0 0 :::5162 :::* - udp 0 0 :::53075 :::* - udp 0 0 :::5353 :::* - ### SERVICES ############################################# Running processes: USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 10372 704 ? Ss Jan23 0:00 init [3] root 2 0.0 0.0 0 0 ? S< Jan23 0:00 [migration/0] root 3 0.0 0.0 0 0 ? RN Jan23 0:00 [ksoftirqd/0] root 4 0.0 0.0 0 0 ? S< Jan23 0:00 [watchdog/0] root 5 0.0 0.0 0 0 ? S< Jan23 0:00 [events/0] root 6 0.0 0.0 0 0 ? S< Jan23 0:00 [khelper] root 43 0.0 0.0 0 0 ? S< Jan23 0:00 [kthread] root 47 0.0 0.0 0 0 ? S< Jan23 0:00 [kblockd/0] root 48 0.0 0.0 0 0 ? S< Jan23 0:00 [kacpid] root 117 0.0 0.0 0 0 ? S< Jan23 0:00 [cqueue/0] root 120 0.0 0.0 0 0 ? S< Jan23 0:00 [khubd] root 122 0.0 0.0 0 0 ? S< Jan23 0:00 [kseriod] root 191 0.0 0.0 0 0 ? S Jan23 0:00 [khungtaskd] root 193 0.0 0.0 0 0 ? S Jan23 0:00 [pdflush] root 194 0.0 0.0 0 0 ? S< Jan23 0:00 [kswapd0] root 195 0.0 0.0 0 0 ? S< Jan23 0:00 [aio/0] root 337 0.0 0.0 0 0 ? S< Jan23 0:00 [kpsmoused] root 363 0.0 0.0 0 0 ? S< Jan23 0:00 [ata/0] root 364 0.0 0.0 0 0 ? S< Jan23 0:00 [ata_aux] root 369 0.0 0.0 0 0 ? S< Jan23 0:00 [kstriped] root 378 0.0 0.0 0 0 ? S< Jan23 0:00 [ksnapd] root 389 0.0 0.0 0 0 ? S< Jan23 0:25 [kjournald] root 413 0.0 0.0 0 0 ? S< Jan23 0:00 [kauditd] root 444 0.0 0.0 12720 808 ? S<s Jan23 0:00 /sbin/udevd -d root 872 0.0 0.0 0 0 ? S< Jan23 0:00 [vballoon] root 1029 0.0 0.0 0 0 ? S< Jan23 0:00 [kmpathd/0] root 1030 0.0 0.0 0 0 ? S< Jan23 0:00 [kmpath_handlerd] root 1086 0.0 0.0 0 0 ? S< Jan23 0:00 [kjournald] root 1221 0.0 0.0 0 0 ? S< Jan23 0:00 [iscsi_eh] root 1256 0.0 0.0 0 0 ? S< Jan23 0:00 [cnic_wq] root 1262 0.0 0.0 0 0 ? S< Jan23 0:00 [bnx2i_thread/0] root 1272 0.0 0.0 0 0 ? S< Jan23 0:00 [ib_addr] root 1279 0.0 0.0 0 0 ? S< Jan23 0:00 [ib_mcast] root 1280 0.0 0.0 0 0 ? S< Jan23 0:00 [ib_inform] root 1281 0.0 0.0 0 0 ? S< Jan23 0:00 [local_sa] root 1284 0.0 0.0 0 0 ? S< Jan23 0:00 [iw_cm_wq] root 1287 0.0 0.0 0 0 ? S< Jan23 0:00 [ib_cm/0] root 1290 0.0 0.0 0 0 ? S< Jan23 0:00 [rdma_cm] root 1305 0.0 0.5 28704 22552 ? S<Lsl Jan23 0:00 iscsiuio root 1310 0.0 0.0 4596 448 ? Ss Jan23 0:00 iscsid root 1311 0.0 0.0 5100 3048 ? S<Ls Jan23 0:00 iscsid root 1572 0.0 0.0 27352 776 ? S<sl Jan23 0:00 auditd root 1574 0.0 0.0 16292 752 ? S<sl Jan23 0:00 /sbin/audispd root 1600 0.0 0.0 5932 628 ? Ss Jan23 0:01 syslogd -m 0 root 1603 0.0 0.0 3828 444 ? Ss Jan23 0:00 klogd -x rpc 1689 0.0 0.0 8076 604 ? Ss Jan23 0:00 portmap root 1721 0.0 0.0 0 0 ? S< Jan23 0:00 [rpciod/0] rpcuser 1727 0.0 0.0 10184 800 ? Ss Jan23 0:00 rpc.statd root 1759 0.0 0.0 22812 588 ? Ss Jan23 0:00 rpc.idmapd dbus 1785 0.0 0.0 21388 1000 ? Ss Jan23 0:00 dbus-daemon --system root 1796 0.0 0.0 10456 800 ? Ss Jan23 0:00 /usr/sbin/hcid root 1800 0.0 0.0 5960 548 ? Ss Jan23 0:00 /usr/sbin/sdpd root 1827 0.0 0.0 0 0 ? S< Jan23 0:00 [krfcommd] root 1867 0.0 0.0 21068 1304 ? Ssl Jan23 0:00 pcscd root 1879 0.0 0.0 3824 568 ? Ss Jan23 0:00 /usr/sbin/acpid 68 1891 0.0 0.1 30992 4056 ? Ss Jan23 0:00 hald root 1892 0.0 0.0 21724 1048 ? S Jan23 0:00 hald-runner 68 1899 0.0 0.0 12348 860 ? S Jan23 0:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket 68 1904 0.0 0.0 12348 856 ? S Jan23 0:00 hald-addon-keyboard: listening on /dev/input/event0 root 1930 0.0 0.0 8540 496 ? Ss Jan23 0:00 /usr/bin/hidd --server root 1964 0.0 0.0 54432 1516 ? Ssl Jan23 0:00 automount --pid-file /var/run/autofs.pid root 2009 0.0 0.6 60244 26420 ? S Jan23 0:00 /prolib/progress/bin/_mprosrv -classpath /prolib/java/jre/lib/tools.jar:/prolib/progress/java/progress.jar:/prolib/progress/java/messages.jar:/prolib/progress/java/prosp.jar -pf /prolib/maxware/conf/prolib.pf root 2012 0.0 0.0 43248 1392 ? S Jan23 0:00 /prolib/progress/bin/_mprshut -db /prolib/db/prolib -C watchdog root 2058 0.0 2.1 1330808 86800 ? Sl Jan23 0:19 /prolib/java/jre/bin/java -Djava.class.path=/prolib/progress/java/ext/jmxri.jar:/prolib/progress/java/ext/mgmt_agent.jar:/prolib/progress/java/ext/mgmt_client.jar:/prolib/progress/java/ext/mgmt_config.jar:/prolib/progress/java/ext/sonic_Client.jar:/prolib/progress/java/progress.jar:/prolib/progress/java/osmetrics.jar:/prolib/progress/java/jdbc.jar:/prolib/progress/java/base.jar:/prolib/progress/java/openedge.jar:/prolib/progress/java/util.jar:/prolib/progress/java/ext/soap.jar:/prolib/progress/java/prorepl.jar:/prolib/progress/java/ext/wsdl4j.jar -Dadmsrv.jvm=/prolib/java/jre/bin/java -Djava.command=java -Duser.country=US -Dsun.java.launcher=SUN_STANDARD -Dsun.os.patch.level=unknown -DWork.Dir=/prolib/wrk -Djava.endorsed.dirs=/prolib/java/jre1.6.0_18/lib/endorsed -Dsun.jnu.encoding=ISO-8859-1 -Dsun.management.compiler=HotSpot 64-Bit Server Compiler -Djava.security.policy=/prolib/progress/java/java.policy -Dfile.encoding=ISO-8859-1 -Dsun.arch.data.model=64 -DInstall.Dir=/prolib/progress -Djvmstart.debug=0 com.progress.chimera.adminserver.AdminServerStarter root 2085 0.0 0.0 64808 1192 ? Ss Jan23 0:00 /usr/sbin/sshd root 2096 0.0 0.0 133476 2860 ? Ss Jan23 0:00 cupsd root 2126 0.0 0.0 66980 2356 ? Ss Jan23 0:00 sendmail: accepting connections smmsp 2134 0.0 0.0 57732 1776 ? Ss Jan23 0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue root 2146 0.0 0.0 6480 380 ? Ss Jan23 0:00 gpm -m /dev/input/mice -t exps2 root 2158 0.0 0.0 174480 3828 ? Ss Jan23 0:00 /usr/sbin/httpd root 2172 0.0 0.0 74860 1160 ? Ss Jan23 0:00 crond xfs 2199 0.0 0.0 20104 952 ? Ss Jan23 0:00 xfs -droppriv -daemon root 2210 0.0 0.0 135656 2840 ? Ss Jan23 0:00 smbd -D root 2213 0.0 0.0 107800 1500 ? Ss Jan23 0:03 nmbd -D root 2234 0.0 0.0 18756 464 ? Ss Jan23 0:00 /usr/sbin/atd root 2254 0.0 0.0 135656 1408 ? S Jan23 0:00 smbd -D avahi 2260 0.0 0.0 23300 1300 ? Ss Jan23 0:06 avahi-daemon: running [bibek.local] avahi 2261 0.0 0.0 23180 344 ? Ss Jan23 0:00 avahi-daemon: chroot helper root 2289 0.0 0.0 18716 836 ? S Jan23 0:00 /usr/sbin/smartd -q never root 2292 0.0 0.0 3816 484 tty1 Ss+ Jan23 0:00 /sbin/mingetty tty1 root 2293 0.0 0.0 3816 484 tty2 Ss+ Jan23 0:00 /sbin/mingetty tty2 root 2294 0.0 0.0 3816 484 tty3 Ss+ Jan23 0:00 /sbin/mingetty tty3 root 2295 0.0 0.0 3816 488 tty4 Ss+ Jan23 0:00 /sbin/mingetty tty4 root 2296 0.0 0.0 3816 484 tty5 Ss+ Jan23 0:00 /sbin/mingetty tty5 root 2301 0.0 0.0 3816 484 tty6 Ss+ Jan23 0:00 /sbin/mingetty tty6 root 2308 0.0 0.4 257532 16232 ? SN Jan23 0:01 /usr/bin/python -tt /usr/sbin/yum-updatesd root 2310 0.0 0.0 12944 1180 ? SN Jan23 0:00 /usr/libexec/gam_server root 2314 0.0 0.7 1272800 30688 ? Ssl Jan23 0:07 /prolib/java/jre/bin/java -classpath /prolib/progress/jre/i18n.jar:/prolib/java/jre/lib/tools.jar:/prolib/progress/java/progress.jar:/prolib/progress/java/ext/mgmt_client.jar -DInstall.Dir=/prolib/progress -Djava.security.policy=/prolib/progress/java/java.policy -DCanonicalName=local.localhost:ID=NameServer com.progress.nameserver.NameServer -i NS1 -r rmi://bibek.ibe.edu.pl:20931/NS1 -f /prolib/progress/properties/ubroker.properties root 2344 0.0 1.7 1297872 70112 ? Ssl Jan23 0:07 /prolib/java/jre/bin/java -classpath /prolib/progress/jre/i18n.jar:/prolib/java/jre/lib/tools.jar:/prolib/progress/java/progress.jar:/prolib/progress/java/ext/mgmt_client.jar -DInstall.Dir=/prolib/progress -Djava.security.policy=/prolib/progress/java/java.policy -DCanonicalName=local.localhost:ID=WebSpeed com.progress.ubroker.broker.ubroker -t WS -i wsbroker1 -r rmi://bibek.ibe.edu.pl:20931/wsbroker1 -f /prolib/progress/properties/ubroker.properties root 9296 0.0 0.0 0 0 ? S< 03:00 0:00 [nfsiod] root 9312 0.0 0.0 0 0 ? S 03:01 0:00 [pdflush] apache 10011 0.0 0.0 174616 3044 ? S 04:02 0:00 /usr/sbin/httpd apache 10012 0.0 0.0 174616 3032 ? S 04:02 0:00 /usr/sbin/httpd apache 10013 0.0 0.0 174616 3032 ? S 04:02 0:00 /usr/sbin/httpd apache 10014 0.0 0.0 174616 3032 ? S 04:02 0:00 /usr/sbin/httpd apache 10015 0.0 0.0 174480 3016 ? S 04:02 0:00 /usr/sbin/httpd apache 10016 0.0 0.0 174616 3052 ? S 04:02 0:00 /usr/sbin/httpd apache 10017 0.0 0.0 174480 3028 ? S 04:02 0:00 /usr/sbin/httpd apache 10018 0.0 0.0 174480 3020 ? S 04:02 0:00 /usr/sbin/httpd apache 12345 0.0 0.0 174616 3028 ? S 14:01 0:00 /usr/sbin/httpd apache 13101 0.0 0.0 174480 3024 ? S 16:27 0:00 /usr/sbin/httpd root 14513 0.0 0.3 73396 14204 ? S 20:30 0:00 /prolib/progress/bin/_progres -web -logginglevel 2 -logfile /prolib/wrk/wsbroker1.server.log -ubpid 2344 -wtbhostname 127.0.0.1 -wtbport 60107 -wtaminport 40000 -wtamaxport 50000 -wtbname wsbroker1 -wtainstance 20 -ubpropfile /prolib/progress/properties/ubroker.properties -logname wsbroker1 -logthreshold 0 -numlogfiles 3 -logentrytypes DB.Connects -ipver IPv4 -p web/objects/web-disp.p -weblogerror -pf /prolib/maxware/conf/opac.pf apache 14648 0.0 0.0 8728 916 ? S 20:42 0:00 /bin/sh /var/www/cgi-bin/wspd_cgi.sh apache 14649 1.0 0.0 10972 1364 ? R 20:42 0:00 /bin/bash /tmp/LinEnum-master/LinEnum.sh apache 14950 0.0 0.0 10972 788 ? R 20:42 0:00 /bin/bash /tmp/LinEnum-master/LinEnum.sh apache 14951 0.0 0.0 10484 892 ? R 20:42 0:00 ps aux Process binaries & associated permissions (from above list): -rwxr-xr-x 1 root root 801528 Jul 10 2013 /bin/bash lrwxrwxrwx 1 root root 4 Jun 27 2014 /bin/sh -> bash -rwxr-xr-x 1 root root 50810 Dec 17 2009 /prolib/java/jre/bin/java -rwsr-xr-x 1 root root 3691413 May 30 2009 /prolib/progress/bin/_mprosrv -rwsr-xr-x 1 root root 3543486 May 30 2009 /prolib/progress/bin/_mprshut -rwsr-xr-x 1 root root 9494135 May 30 2009 /prolib/progress/bin/_progres -rwxr-x--- 1 root root 92112 Feb 22 2012 /sbin/audispd -rwxr-xr-x 1 root root 16872 Jan 6 2007 /sbin/mingetty -rwxr-xr-x 1 root root 74312 Jan 9 2013 /sbin/udevd -rwxr-xr-x 1 root root 37024 Jul 14 2008 /usr/bin/hidd -rwxr-xr-x 2 root root 8304 Jan 9 2013 /usr/bin/python -rwxr-xr-x 1 root root 107912 Feb 23 2012 /usr/libexec/gam_server -rwxr-x--- 1 root root 23120 Feb 23 2012 /usr/sbin/acpid -rwxr-xr-x 1 root root 23872 Jan 27 2010 /usr/sbin/atd -rwxr-xr-x 1 root root 175584 Jul 14 2008 /usr/sbin/hcid -rwxr-xr-x 1 root root 332712 Apr 4 2014 /usr/sbin/httpd -rwxr-xr-x 1 root root 24768 Jul 14 2008 /usr/sbin/sdpd -rwxr-xr-x 1 root root 476064 Jan 9 2013 /usr/sbin/smartd -rwxr-xr-x 1 root root 409488 Feb 22 2012 /usr/sbin/sshd /etc/init.d/ binary permissions: lrwxrwxrwx 1 root root 11 Jun 18 2010 /etc/init.d -> rc.d/init.d /etc/rc.d/init.d binary permissions: total 428 drwxr-xr-x 2 root root 4096 Jun 27 2014 . drwxr-xr-x 10 root root 4096 Jun 27 2014 .. -rwxr-xr-x 1 root root 1897 Jul 22 2011 NetworkManager -rwxr-xr-x 1 root root 1566 Feb 23 2012 acpid -rwxr-xr-x 1 root root 1441 Mar 28 2007 anacron -rwxr-xr-x 1 root root 1284 Jan 27 2010 atd -rwxr-xr-x 1 root root 3328 Feb 22 2012 auditd -rwxr-xr-x 1 root root 3908 Oct 1 2013 autofs -rwxr-xr-x 1 root root 1877 Apr 14 2011 avahi-daemon -rwxr-xr-x 1 root root 1824 Apr 14 2011 avahi-dnsconfd -rwxr-xr-x 1 root root 1477 Jul 14 2008 bluetooth -rwxr-xr-x 1 root root 1470 Nov 11 2007 conman -rwxr-xr-x 1 root root 9993 Apr 10 2014 cpuspeed -rwxr-xr-x 1 root root 1926 Feb 22 2012 crond -rwxr-xr-x 1 root root 1942 Feb 28 2013 cups -rwxr-xr-x 1 root root 1407 Sep 1 2009 dnsmasq -rwxr-xr-x 1 root root 996 Jul 14 2008 dund -rwxr-xr-x 1 root root 1965 Feb 22 2012 firstboot -rwxr-xr-x 1 root root 14793 May 14 2013 functions -rwxr-xr-x 1 root root 1778 Jan 6 2007 gpm -rwxr-xr-x 1 root root 1586 Jan 9 2013 haldaemon -rwxr-xr-x 1 root root 5788 May 14 2013 halt -rwxr-xr-x 1 root root 966 Jul 14 2008 hidd -rwxr-xr-x 1 root root 3523 Apr 4 2014 httpd -rwxr-xr-x 1 root root 8141 Oct 30 2012 ip6tables -rwxr-xr-x 1 root root 8053 Oct 30 2012 iptables -rwxr-xr-x 1 root root 1624 Jan 7 2007 irda -rwxr-xr-x 1 root root 2193 Sep 3 2009 irqbalance -rwxr-xr-x 1 root root 1369 Jan 9 2013 iscsi -rwxr-xr-x 1 root root 1899 Jan 9 2013 iscsid -rwxr-xr-x 1 root root 652 May 14 2013 killall -rwxr-xr-x 1 root root 1331 May 7 2014 krb524 -rwxr-xr-x 1 root root 1406 Jan 9 2013 kudzu -r-xr-xr-x 1 root root 2497 Oct 1 2013 lvm2-monitor -rwxr-xr-x 1 root root 1914 Jan 21 2009 mcstrans -rwxr-xr-x 1 root root 2125 Jan 9 2013 mdmonitor -rwxr-xr-x 1 root root 1613 Jan 9 2013 mdmpd -rwxr-xr-x 1 root root 1819 Oct 1 2013 messagebus -rwxr-xr-x 1 root root 1926 Oct 1 2013 microcode_ctl -rwxr-xr-x 1 root root 2323 Apr 17 2014 multipathd -rwxr-xr-x 1 root root 3009 May 14 2013 netconsole -rwxr-xr-x 1 root root 5920 May 14 2013 netfs -rwxr-xr-x 1 root root 1258 Oct 15 2013 netplugd -rwxr-xr-x 1 root root 8471 May 14 2013 network -rwxr-xr-x 1 root root 5421 Oct 1 2013 nfs -rwxr-xr-x 1 root root 3708 Oct 1 2013 nfslock -rwxr-xr-x 1 root root 2551 Oct 8 2013 nscd -rwxr-xr-x 1 root root 1790 Feb 23 2012 oddjobd -rwxr-xr-x 1 root root 1203 Jul 14 2008 pand -rwxr-xr-x 1 root root 2020 Jul 15 2010 pcscd -rwxr-xr-x 1 root root 1877 Jan 6 2007 portmap -rwxr-xr-x 1 root root 1122 Jul 13 2010 prolib -rwxr-xr-x 1 root root 1030 Mar 11 2009 psacct -rwxr-xr-x 1 root root 2245 May 14 2013 rawdevices -rwxr-xr-x 1 root root 1387 Sep 26 2009 rdisc -rwxr-xr-x 1 root root 931 Apr 26 2010 readahead_early -rwxr-xr-x 1 root root 930 Apr 26 2010 readahead_later -rwxr-xr-x 1 root root 1793 Oct 1 2013 restorecond -rwxr-xr-x 1 root root 2916 Oct 1 2013 rpcgssd -rwxr-xr-x 1 root root 2429 Oct 1 2013 rpcidmapd -rwxr-xr-x 1 root root 2914 Oct 1 2013 rpcsvcgssd -rwxr-xr-x 1 root root 1676 Sep 3 2012 saslauthd -rwxr-xr-x 1 root root 3349 Aug 11 2011 sendmail -rwxr-xr-x 1 root root 647 May 14 2013 single -rwxr-xr-x 1 root root 2740 Jan 9 2013 smartd -rwxr-xr-x 1 root root 2145 Mar 17 2014 smb -rwxr-xr-x 1 root root 3414 Feb 22 2012 sshd -rwxr-xr-x 1 root root 2043 Apr 3 2010 syslog -rwxr-xr-x 1 root root 2174 May 25 2008 tcsd -rwxr-xr-x 1 root root 1559 Mar 17 2014 winbind -rwxr-xr-x 1 root root 1634 Oct 1 2013 wpa_supplicant -rwxr-xr-x 1 root root 3902 Apr 20 2011 xfs -rwxr-xr-x 1 root root 3518 Jun 30 2011 ypbind -rwxr-xr-x 1 root root 1498 Jan 9 2013 yum-updatesd ### SOFTWARE ############################################# Sudo version: Sudo version 1.7.2p1 ### INTERESTING FILES #################################### Useful file locations: Can we read/write sensitive files: -rw-r--r-- 1 root root 1580 Jun 27 2014 /etc/passwd -rw-r--r-- 1 root root 625 Jun 27 2014 /etc/group -rw-r--r-- 1 root root 1344 Feb 22 2012 /etc/profile -r-------- 1 root root 1256 Dec 6 2011 /etc/shadow NFS config details: -rw-r--r-- 1 root root 0 Jan 13 2000 /etc/exports Config files containing keyword 'password': /etc/pki/tls/openssl.cnf:# input_password = secret /etc/pki/tls/openssl.cnf:# output_password = secret /etc/pki/tls/openssl.cnf:challengePassword = A challenge password /etc/lftp.conf:## This can be e.g. TIS-FWTK or rftpd. User and password are optional. /etc/oddjobd.conf: <helper exec="/usr/bin/pwd" arguments="0" prepend_user_name="no"/> /etc/ldap.conf:# Search the root DSE for the password policy (works /etc/ldap.conf:# Do not hash the password at all; presume /etc/ldap.conf:#pam_password clear /etc/ldap.conf:# Hash password locally; required for University of /etc/ldap.conf:#pam_password crypt /etc/ldap.conf:# Remove old password first, then update in /etc/ldap.conf:#pam_password clear_remove_old /etc/ldap.conf:#pam_password nds /etc/ldap.conf:#pam_password racf /etc/ldap.conf:# Update Active Directory password, by /etc/ldap.conf:# creating Unicode password and updating /etc/ldap.conf:#pam_password ad /etc/ldap.conf:# Use the OpenLDAP password change /etc/ldap.conf:# extended operation to update the password. /etc/ldap.conf:#pam_password exop /etc/ldap.conf:# Redirect users to a URL or somesuch on password /etc/ldap.conf:#pam_password_prohibit_message Please visit http://internal to change your password. /etc/ldap.conf:#pam_password ad /etc/ldap.conf:#nss_map_attribute shadowLastChange pwdLastSet /etc/ldap.conf:#pam_password ad /etc/ldap.conf:#nss_map_attribute shadowLastChange pwdLastSet /etc/ldap.conf:#pam_password ad /etc/ldap.conf:# configure --enable-authpassword is no longer supported /etc/ldap.conf:#nss_map_attribute userPassword passwordChar /etc/ldap.conf:#pam_password clear /etc/ldap.conf:# at present and does not support password policy control /etc/ldap.conf:pam_password md5 Binary file /etc/prelink.cache matches: /etc/samba/smb.conf:# Use password server option only with security = server or if you can't /etc/samba/smb.conf:# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] /etc/samba/smb.conf:# password server = * /etc/samba/smb.conf:; password server = <NT-Server-Name> /etc/samba/smb.conf.org:# Use password server option only with security = server or if you can't /etc/samba/smb.conf.org:# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] /etc/samba/smb.conf.org:# password server = * /etc/samba/smb.conf.org:; password server = <NT-Server-Name> /etc/pam_pkcs11/pam_pkcs11.conf: # Allow empty passwords /etc/pam_pkcs11/pam_pkcs11.conf: # Do not prompt the user for the passwords but take them from the /etc/pam_pkcs11/pam_pkcs11.conf: # Do not prompt the user for the passwords unless PAM_(OLD)AUTHTOK /etc/pam_pkcs11/pam_pkcs11.conf: # previously set (intended for stacking password modules only). All *.conf files in /etc (recursive 1 level): -rw-r--r-- 1 root root 658 Oct 1 2013 /etc/initlog.conf -rwxr-xr-x 1 root root 2242 May 18 2011 /etc/mcelog.conf -rw-r--r-- 1 root root 178 Mar 6 2011 /etc/dhcp6c.conf -rw-r--r-- 1 root root 1756 Jan 6 2007 /etc/gpm-root.conf -rw-r--r-- 1 root root 379 Jul 26 2012 /etc/yum.conf -rw-r--r-- 1 root root 12 Jan 6 2007 /etc/pam_smb.conf -rw-r--r-- 1 root root 2506 Aug 7 2012 /etc/libuser.conf -rw-r--r-- 1 root root 3544 Jan 9 2013 /etc/lftp.conf -rw-r--r-- 1 root root 2678 Jan 9 2013 /etc/warnquota.conf -rw-r--r-- 1 root root 6717 Jan 9 2013 /etc/smartd.conf -rw-r--r-- 1 root root 4461 Jul 19 2006 /etc/oddjobd.conf -rw-r--r-- 1 root root 694 Apr 3 2010 /etc/syslog.conf -rw-r--r-- 1 root root 216 Oct 1 2013 /etc/sestatus.conf -rw-r--r-- 1 root root 9111 Jun 18 2010 /etc/ldap.conf -rw-r--r-- 1 root root 136 Sep 3 2009 /etc/updatedb.conf -rw-r--r-- 1 root root 585 Jun 30 2011 /etc/yp.conf -rw-r--r-- 1 root root 1484 Jan 6 2007 /etc/request-key.conf -rw-r--r-- 1 root root 18484 Sep 1 2009 /etc/dnsmasq.conf -rw-r--r-- 1 root root 3579 Oct 1 2013 /etc/idmapd.conf -rw------- 1 root root 6411 May 25 2008 /etc/tcsd.conf -rw-r--r-- 1 root root 996 Oct 1 2013 /etc/sysctl.conf -rw-r--r-- 1 root root 59 Jul 7 2010 /etc/resolv.conf -rw-r--r-- 1 root root 1717 Jun 27 2014 /etc/nsswitch.conf -rw-r--r-- 1 root root 973 Sep 18 2008 /etc/prelink.conf -rw-r--r-- 1 root root 2706 Apr 17 2014 /etc/multipath.conf -rw-r--r-- 1 root root 435 Jan 23 05:40 /etc/reader.conf -rw-r--r-- 1 root root 1983 Jan 7 2007 /etc/mtools.conf -rw------- 1 root root 3902 Oct 1 2013 /etc/autofs_ldap_auth.conf -rw-r--r-- 1 root root 619 Jun 4 2012 /etc/logrotate.conf -rw-r--r-- 1 root root 32 Jun 27 2011 /etc/modprobe.conf -rw-r--r-- 1 root root 0 Feb 22 2012 /etc/host.conf -rw-r--r-- 1 root root 32016 May 4 2011 /etc/jwhois.conf -rw-r--r-- 1 root root 608 May 7 2014 /etc/krb5.conf -rw-r--r-- 1 root root 28 Oct 8 2006 /etc/ld.so.conf -rw-r--r-- 1 root root 330 May 9 2013 /etc/mke2fs.conf -rw-r--r-- 1 root root 833 Mar 14 2007 /etc/gssapi_mech.conf -rw-r--r-- 1 root root 1895 Oct 8 2013 /etc/nscd.conf -rw-r--r-- 1 root root 6308 Nov 11 2007 /etc/conman.conf -rw-r----- 1 root root 191 Oct 27 2011 /etc/libaudit.conf lrwxrwxrwx 1 root root 10 Jun 27 2014 /var/mail -> spool/mail
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!