Повышение прав [задай вопрос - получи ответ]

Discussion in 'Уязвимости' started by Expl0ited, 1 Oct 2011.

  1. foma9999

    foma9999 New Member

    Joined:
    5 Jan 2010
    Messages:
    125
    Likes Received:
    2
    Reputations:
    -4
    Linux by106.activeby.net 2.6.32-431.el6.x86_64 #1 SMP Sun Nov 10 22:19:54 EST 2013 i686 i686 i386 GNU/Linux

    gcc не работает, пишет, что такой комманды нема.
    Когда пытаюсь установить его, пишет, что для этого нужен рут


    $ ls -la /boot 2>&1
    total 5324
    drwxr-xr-x 2 root root 4096 May 11 2011 .
    drwxr-xr-x 23 root root 4096 Sep 5 15:20 ..
    -rw-r--r-- 1 root root 162 Dec 5 2013 .vmlinuz-2.6.18-371.3.1.el5.hmac
    -rw-r--r-- 1 root root 996296 Dec 5 2013 System.map-2.6.18-371.3.1.el5
    -rw-r--r-- 1 root root 70404 Dec 5 2013 config-2.6.18-371.3.1.el5
    -rw------- 1 root root 2333990 Dec 19 2013 initrd-2.6.18-371.3.1.el5.img
    -rw-r--r-- 1 root root 117436 Dec 5 2013 symvers-2.6.18-371.3.1.el5.gz
    -rw-r--r-- 1 root root 1912180 Dec 5 2013 vmlinuz-2.6.18-371.3.1.el5



    cat /etc/issue 2>&1
    CentOS release 5.10 (Final)
    Kernel \r on an \m




    $ mount 2>&1
    /dev/root on / type reiserfs (rw,relatime,usrquota,grpquota)
    tmpfs on /dev/shm type tmpfs (rw)
    none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
    rw on /proc/sys type unknown (rw)
    none on /var/spool/eaccelerator type tmpfs (rw,size=7516192768)
    none on /var/spool/eaccelerator/sessions type tmpfs (rw,size=536870912)
    none on /var/spool/exim/mem type tmpfs (rw,size=2147483648)
    10.159.247.29:/backup2/btku-cludbs-2/btku-cludb2 on /backup/mysql type nfs (rw,addr=10.159.247.29)
    10.159.243.46:/backup/btku-linsh-04 on /backup/rootfs type nfs (rw,remount,addr=10.159.243.46)




    1747 ( tatyana ) Group: 1749 ( tatyana )
     
  2. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    Пробуйте
    CVE-2013-2094 Linux 2.6.32/2.6.37 - 3.8.10 PERF_EVENTS local root x86_64 (и x86)
    , который из-под веб-шелла.

    Всех касается! Не забываем выполнять требования, прописанные в первом посте!
     
    #562 YaBtr, 27 Jan 2015
    Last edited: 27 Jan 2015
  3. foma9999

    foma9999 New Member

    Joined:
    5 Jan 2010
    Messages:
    125
    Likes Received:
    2
    Reputations:
    -4

    пишет, после выполнения sh run.sh, что не может найти файл ./exploit
    он и не создается.

    и суидника нет
     
  4. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    https://fail0verflow.com/blog/2012/cve-2012-0217-intel-sysret-freebsd.html
     
    #564 YaBtr, 20 Feb 2015
    Last edited: 20 Feb 2015
    1 person likes this.
  5. psihoz26

    psihoz26 Members of Antichat

    Joined:
    22 Nov 2010
    Messages:
    561
    Likes Received:
    159
    Reputations:
    324
    Есть у кого рабочий сплоент под:
    Code:
    Linux vds.firmixal.info 2.6.18-348.16.1.el5.028stab108.1 #1 SMP Tue Aug 27 13:02:53 MSD 2013 x86_64
    ??


    с эксплоит-дб не компилируется
     
  6. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    2,399
    Likes Received:
    396
    Reputations:
    228
    uname -a
    2.6.32-504.el6.x86_64 #1 SMP Tue Sep 16 01:56:35 EDT 2014 x86_64

    ls -la /boot
    total 85642
    dr-xr-xr-x. 5 root root 3072 Dec 4 12:14 .
    dr-xr-xr-x. 24 root root 4096 Jan 29 17:44 ..
    -rw-r--r-- 1 root root 171 Apr 11 2014 .vmlinuz-2.6.32-431.17.1.el6.x86_64.hmac
    -rw-r--r-- 1 root root 170 Oct 31 16:43 .vmlinuz-2.6.32-504.1.3.el6.x86_64.hmac
    -rw-r--r-- 1 root root 166 Sep 16 08:04 .vmlinuz-2.6.32-504.el6.x86_64.hmac
    -rw-r--r-- 1 root root 2518959 Apr 11 2014 System.map-2.6.32-431.17.1.el6.x86_64
    -rw-r--r-- 1 root root 2544748 Oct 31 16:43 System.map-2.6.32-504.1.3.el6.x86_64
    -rw-r--r-- 1 root root 2544748 Sep 16 08:04 System.map-2.6.32-504.el6.x86_64
    -rw-r--r-- 1 root root 105200 Apr 11 2014 config-2.6.32-431.17.1.el6.x86_64
    -rw-r--r-- 1 root root 106312 Oct 31 16:43 config-2.6.32-504.1.3.el6.x86_64
    -rw-r--r-- 1 root root 106308 Sep 16 08:04 config-2.6.32-504.el6.x86_64
    drwxr-xr-x. 3 root root 1024 Jul 30 2012 efi
    drwxr-xr-x. 2 root root 1024 Dec 4 12:11 grub
    -rw------- 1 root root 17186604 May 16 2014 initramfs-2.6.32-431.17.1.el6.x86_64.img
    -rw------- 1 root root 19168484 Dec 4 12:09 initramfs-2.6.32-504.1.3.el6.x86_64.img
    -rw------- 1 root root 19167416 Dec 4 12:11 initramfs-2.6.32-504.el6.x86_64.img
    -rw------- 1 root root 5585988 Dec 4 12:08 initrd-2.6.32-431.17.1.el6.x86_64kdump.img
    -rw------- 1 root root 5233991 Dec 4 12:14 initrd-2.6.32-504.el6.x86_64kdump.img
    drwx------. 2 root root 12288 Jul 30 2012 lost+found
    -rw-r--r-- 1 root root 193889 Apr 11 2014 symvers-2.6.32-431.17.1.el6.x86_64.gz
    -rw-r--r-- 1 root root 200191 Oct 31 16:44 symvers-2.6.32-504.1.3.el6.x86_64.gz
    -rw-r--r-- 1 root root 200191 Sep 16 08:04 symvers-2.6.32-504.el6.x86_64.gz
    -rwxr-xr-x 1 root root 4130640 Apr 11 2014 vmlinuz-2.6.32-431.17.1.el6.x86_64
    -rwxr-xr-x 1 root root 4153008 Oct 31 16:43 vmlinuz-2.6.32-504.1.3.el6.x86_64
    -rwxr-xr-x 1 root root 4153904 Sep 16 08:04 vmlinuz-2.6.32-504.el6.x86_64


    $ cat /etc/issue
    RedHat Enterprise Linux Server 6.6
    Authorized uses only by personnel of tubIT IT-Service-Center. All activity may be monitored and reported.


    $ cat /proc/version
    Linux version 2.6.32-504.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-11) (GCC) ) #1 SMP Tue Sep 16 01:56:35 EDT 2014

    $ cat /proc/sys/vm/mmap_min_addr
    4096

    $ ls -la /usr/bin/staprun
    ---s--x--- 1 root stapusr 183072 Jun 23 2014 /usr/bin/staprun

    Чем можно взять?
     
  7. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    Ничем, где остальные команды и их результаты работы?
     
  8. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    2,399
    Likes Received:
    396
    Reputations:
    228
    не выполняются
     
  9. sysjuk

    sysjuk Member

    Joined:
    5 Jan 2012
    Messages:
    220
    Likes Received:
    41
    Reputations:
    3
    Code:
    [[email protected]**********.ru ~]$ uname -a
    Linux ********** 2.6.32-042stab093.4 #1 SMP Mon Aug 11 18:47:39 MSK 2014 x86_64 x86_64 x86_64 GNU/Linux
    [[email protected]**********.ru ~]$ ls -la /boot
    total 12
    dr-xr-xr-x  3 root root 4096 Feb 20  2014 ./
    dr-xr-xr-x 25 root root 4096 Mar 25 03:33 ../
    drwxr-xr-x  2 root root 4096 Dec 22  2012 grub/
    [[email protected]**********.ru ~]$ ls -la --full-time /lib64
    total 15272
    dr-xr-xr-x  7 root root   12288 2015-01-29 05:33:43.633230136 +0300 ./
    dr-xr-xr-x 25 root root    4096 2015-03-25 03:33:40.839381604 +0300 ../
    -rwxr-xr-x  1 root root  157032 2015-01-27 22:38:10.000000000 +0300 ld-2.12.so*
    lrwxrwxrwx  1 root root      10 2015-01-28 15:09:32.320483506 +0300 ld-linux-x86-64.so.2 -> ld-2.12.so*
    lrwxrwxrwx  1 root root      15 2013-01-16 16:10:56.000000000 +0400 libacl.so.1 -> libacl.so.1.1.0*
    -rwxr-xr-x  1 root root   33816 2011-12-07 20:53:53.000000000 +0400 libacl.so.1.1.0*
    lrwxrwxrwx  1 root root      22 2013-01-16 16:10:56.000000000 +0400 libaio.so.1 -> /lib64/libaio.so.1.0.1*
    -rwxr-xr-x  1 root root    3944 2010-08-23 01:08:18.000000000 +0400 libaio.so.1.0.0*
    -rwxr-xr-x  1 root root    5624 2010-08-23 01:08:18.000000000 +0400 libaio.so.1.0.1*
    -rwxr-xr-x  1 root root   19368 2015-01-27 22:38:11.000000000 +0300 libanl-2.12.so*
    lrwxrwxrwx  1 root root      14 2015-01-28 15:09:32.336483881 +0300 libanl.so.1 -> libanl-2.12.so*
    lrwxrwxrwx  1 root root      16 2013-01-16 16:10:56.000000000 +0400 libattr.so.1 -> libattr.so.1.1.0*
    -rwxr-xr-x  1 root root   21152 2011-09-23 22:53:58.000000000 +0400 libattr.so.1.1.0*
    lrwxrwxrwx  1 root root      17 2014-06-11 16:00:30.542733378 +0400 libaudit.so.1 -> libaudit.so.1.0.0*
    -rwxr-xr-x  1 root root  115536 2014-05-28 18:37:08.000000000 +0400 libaudit.so.1.0.0*
    lrwxrwxrwx  1 root root      19 2014-06-11 16:00:30.546728783 +0400 libauparse.so.0 -> libauparse.so.0.0.0*
    -rwxr-xr-x  1 root root   59920 2014-05-28 18:37:08.000000000 +0400 libauparse.so.0.0.0*
    lrwxrwxrwx  1 root root      17 2013-08-26 16:29:27.502862788 +0400 libblkid.so.1 -> libblkid.so.1.1.0*
    -rwxr-xr-x  1 root root  138616 2013-04-29 11:43:56.000000000 +0400 libblkid.so.1.1.0*
    -rwxr-xr-x  1 root root    8488 2015-01-27 22:38:11.000000000 +0300 libBrokenLocale-2.12.so*
    lrwxrwxrwx  1 root root      23 2015-01-28 15:09:32.321483496 +0300 libBrokenLocale.so.1 -> libBrokenLocale-2.12.so*
    lrwxrwxrwx  1 root root      15 2013-01-16 16:10:56.000000000 +0400 libbz2.so.1 -> libbz2.so.1.0.4*
    -rwxr-xr-x  1 root root   69976 2011-06-25 05:45:55.000000000 +0400 libbz2.so.1.0.4*
    -rwxr-xr-x  1 root root 1926760 2015-01-27 22:38:13.000000000 +0300 libc-2.12.so*
    lrwxrwxrwx  1 root root      18 2013-01-16 16:10:56.000000000 +0400 libcap-ng.so.0 -> libcap-ng.so.0.0.0*
    -rwxr-xr-x  1 root root   18672 2011-06-25 07:49:32.000000000 +0400 libcap-ng.so.0.0.0*
    lrwxrwxrwx  1 root root      14 2013-01-16 16:10:56.000000000 +0400 libcap.so.2 -> libcap.so.2.16*
    -rwxr-xr-x  1 root root   19016 2011-12-08 00:04:01.000000000 +0400 libcap.so.2.16*
    lrwxrwxrwx  1 root root      19 2014-06-11 16:33:41.480854133 +0400 libcgroup.so.1 -> libcgroup.so.1.0.40*
    -rwxr-xr-x  1 root root   97016 2013-12-09 12:36:08.000000000 +0400 libcgroup.so.1.0.40*
    -rwxr-xr-x  1 root root  197064 2015-01-27 22:38:10.000000000 +0300 libcidn-2.12.so*
    lrwxrwxrwx  1 root root      15 2015-01-28 15:09:32.910483773 +0300 libcidn.so.1 -> libcidn-2.12.so*
    lrwxrwxrwx  1 root root      17 2014-04-09 10:20:39.772791310 +0400 libcom_err.so.2 -> libcom_err.so.2.1*
    -rwxr-xr-x  1 root root   17256 2013-11-22 16:56:01.000000000 +0400 libcom_err.so.2.1*
    -rwxr-xr-x  1 root root   43392 2015-01-27 22:38:10.000000000 +0300 libcrypt-2.12.so*
    lrwxrwxrwx  1 root root      16 2015-01-28 15:09:32.920483906 +0300 libcrypt.so.1 -> libcrypt-2.12.so*
    lrwxrwxrwx  1 root root      12 2015-01-28 15:09:32.901484045 +0300 libc.so.6 -> libc-2.12.so*
    -rwxr-xr-x  1 root root 1525224 2013-09-12 13:40:56.000000000 +0400 libdb-4.7.so*
    lrwxrwxrwx  1 root root      18 2013-01-16 16:10:56.000000000 +0400 libdbus-1.so.3 -> libdbus-1.so.3.4.0*
    -rwxr-xr-x  1 root root  268232 2012-09-13 21:04:29.000000000 +0400 libdbus-1.so.3.4.0*
    -rwxr-xr-x  1 root root   22536 2015-01-27 22:38:10.000000000 +0300 libdl-2.12.so*
    lrwxrwxrwx  1 root root      13 2015-01-28 15:09:32.921483889 +0300 libdl.so.2 -> libdl-2.12.so*
    lrwxrwxrwx  1 root root      13 2014-04-09 10:20:41.666729887 +0400 libe2p.so.2 -> libe2p.so.2.3*
    -rwxr-xr-x  1 root root   30552 2013-11-22 16:56:01.000000000 +0400 libe2p.so.2.3*
    lrwxrwxrwx  1 root root      17 2013-01-16 16:10:56.000000000 +0400 libexpat.so.1 -> libexpat.so.1.5.2*
    -rwxr-xr-x  1 root root  167648 2012-06-13 19:01:40.000000000 +0400 libexpat.so.1.5.2*
    lrwxrwxrwx  1 root root      16 2014-04-09 10:20:41.667729935 +0400 libext2fs.so.2 -> libext2fs.so.2.4*
    -rwxr-xr-x  1 root root  204296 2013-11-22 16:56:01.000000000 +0400 libext2fs.so.2.4*
    lrwxrwxrwx  1 root root      21 2013-01-16 16:10:56.000000000 +0400 libfipscheck.so.1 -> libfipscheck.so.1.1.0*
    -rwxr-xr-x  1 root root   12688 2011-12-07 23:13:53.000000000 +0400 libfipscheck.so.1.1.0*
    -rw-r--r--  1 root root      65 2011-12-07 23:13:53.000000000 +0400 .libfipscheck.so.1.1.0.hmac
    lrwxrwxrwx  1 root root      27 2013-01-16 16:10:56.000000000 +0400 .libfipscheck.so.1.hmac -> .libfipscheck.so.1.1.0.hmac
    -rw-r--r--  1 root root     899 2013-08-08 00:19:37.000000000 +0400 libfreebl3.chk
    -rwxr-xr-x  1 root root  427008 2013-08-08 00:19:37.000000000 +0400 libfreebl3.so*
    -rwxr-xr-x  1 root root   93320 2013-11-21 22:08:46.000000000 +0400 libgcc_s-4.4.7-20120601.so.1*
    lrwxrwxrwx  1 root root      28 2014-04-09 10:20:25.611916602 +0400 libgcc_s.so.1 -> libgcc_s-4.4.7-20120601.so.1*
    lrwxrwxrwx  1 root root      19 2013-01-16 16:10:56.000000000 +0400 libgcrypt.so.11 -> libgcrypt.so.11.5.3*
    -rwxr-xr-x  1 root root  481064 2012-04-16 17:21:17.000000000 +0400 libgcrypt.so.11.5.3*
    -rw-r--r--  1 root root      65 2012-04-16 17:21:17.000000000 +0400 .libgcrypt.so.11.hmac
    lrwxrwxrwx  1 root root      22 2013-01-16 16:10:56.000000000 +0400 libgio-2.0.so.0 -> libgio-2.0.so.0.2200.5*
    -rwxr-xr-x  1 root root  695464 2012-06-22 10:17:18.000000000 +0400 libgio-2.0.so.0.2200.5*
    lrwxrwxrwx  1 root root      23 2013-01-16 16:10:56.000000000 +0400 libglib-2.0.so.0 -> libglib-2.0.so.0.2200.5*
    -rwxr-xr-x  1 root root  939360 2012-06-22 10:17:18.000000000 +0400 libglib-2.0.so.0.2200.5*
    lrwxrwxrwx  1 root root      26 2013-01-16 16:10:56.000000000 +0400 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.2200.5*
    -rwxr-xr-x  1 root root   14392 2012-06-22 10:17:18.000000000 +0400 libgmodule-2.0.so.0.2200.5*
    lrwxrwxrwx  1 root root      26 2013-01-16 16:10:56.000000000 +0400 libgobject-2.0.so.0 -> libgobject-2.0.so.0.2200.5*
    -rwxr-xr-x  1 root root  283584 2012-06-22 10:17:18.000000000 +0400 libgobject-2.0.so.0.2200.5*
    lrwxrwxrwx  1 root root      21 2013-01-16 16:10:56.000000000 +0400 libgpg-error.so.0 -> libgpg-error.so.0.5.0*
    -rwxr-xr-x  1 root root   16656 2011-12-07 21:37:21.000000000 +0400 libgpg-error.so.0.5.0*
    lrwxrwxrwx  1 root root      21 2014-04-09 10:20:41.259728928 +0400 libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2*
    -rwxr-xr-x  1 root root  280520 2014-04-03 19:12:22.000000000 +0400 libgssapi_krb5.so.2.2*
    lrwxrwxrwx  1 root root      19 2013-01-16 16:10:56.000000000 +0400 libgssglue.so.1 -> libgssglue.so.1.0.0*
    -rwxr-xr-x  1 root root   36584 2011-07-19 12:22:02.000000000 +0400 libgssglue.so.1.0.0*
    lrwxrwxrwx  1 root root      16 2014-04-09 10:20:41.270729039 +0400 libgssrpc.so.4 -> libgssrpc.so.4.1*
    -rwxr-xr-x  1 root root  131384 2014-04-03 19:12:22.000000000 +0400 libgssrpc.so.4.1*
    lrwxrwxrwx  1 root root      26 2013-01-16 16:10:56.000000000 +0400 libgthread-2.0.so.0 -> libgthread-2.0.so.0.2200.5*
    -rwxr-xr-x  1 root root   17440 2012-06-22 10:17:18.000000000 +0400 libgthread-2.0.so.0.2200.5*
    lrwxrwxrwx  1 root root      16 2013-01-16 16:10:56.000000000 +0400 libidn.so.11 -> libidn.so.11.6.1*
    -rwxr-xr-x  1 root root  209120 2010-08-24 04:51:20.000000000 +0400 libidn.so.11.6.1*
    lrwxrwxrwx  1 root root      34 2013-08-26 16:30:17.379674066 +0400 libip4tc.so.0 -> /etc/alternatives/libip4tc0.x86_64*
    lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 libip4tc.so.0.0.0 -> /etc/alternatives/libip4tc000.x86_64*
    -rwxr-xr-x  1 root root   28544 2013-02-22 05:45:53.000000000 +0400 libip4tc.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      23 2013-08-26 16:29:33.590486490 +0400 libip4tc.so.0-1.4.7 -> libip4tc.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      34 2013-08-26 16:30:17.379674066 +0400 libip6tc.so.0 -> /etc/alternatives/libip6tc0.x86_64*
    lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 libip6tc.so.0.0.0 -> /etc/alternatives/libip6tc000.x86_64*
    -rwxr-xr-x  1 root root   28064 2013-02-22 05:45:53.000000000 +0400 libip6tc.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      23 2013-08-26 16:29:33.592486500 +0400 libip6tc.so.0-1.4.7 -> libip6tc.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      32 2013-08-26 16:30:17.379674066 +0400 libipq.so.0 -> /etc/alternatives/libipq0.x86_64*
    lrwxrwxrwx  1 root root      34 2013-08-26 16:30:17.379674066 +0400 libipq.so.0.0.0 -> /etc/alternatives/libipq000.x86_64*
    -rwxr-xr-x  1 root root    9280 2013-02-22 05:45:53.000000000 +0400 libipq.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      21 2013-08-26 16:29:33.593486534 +0400 libipq.so.0-1.4.7 -> libipq.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      33 2013-08-26 16:30:17.379674066 +0400 libiptc.so.0 -> /etc/alternatives/libiptc0.x86_64*
    lrwxrwxrwx  1 root root      35 2013-08-26 16:30:17.379674066 +0400 libiptc.so.0.0.0 -> /etc/alternatives/libiptc000.x86_64*
    -rwxr-xr-x  1 root root    3680 2013-02-22 05:45:53.000000000 +0400 libiptc.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      22 2013-08-26 16:29:33.594486893 +0400 libiptc.so.0-1.4.7 -> libiptc.so.0.0.0-1.4.7*
    lrwxrwxrwx  1 root root      18 2014-04-09 10:20:41.275734947 +0400 libk5crypto.so.3 -> libk5crypto.so.3.1*
    -rwxr-xr-x  1 root root  177520 2014-04-03 19:12:22.000000000 +0400 libk5crypto.so.3.1*
    lrwxrwxrwx  1 root root      18 2013-01-16 16:10:56.000000000 +0400 libkeyutils.so.1 -> libkeyutils.so.1.3*
    -rwxr-xr-x  1 root root   12592 2012-06-22 10:20:37.000000000 +0400 libkeyutils.so.1.3*
    lrwxrwxrwx  1 root root      14 2014-04-09 10:20:41.282731023 +0400 libkrb5.so.3 -> libkrb5.so.3.3*
    -rwxr-xr-x  1 root root  944712 2014-04-03 19:12:22.000000000 +0400 libkrb5.so.3.3*
    lrwxrwxrwx  1 root root      21 2014-04-09 10:20:41.315755231 +0400 libkrb5support.so.0 -> libkrb5support.so.0.1*
    -rwxr-xr-x  1 root root   46368 2014-04-03 19:12:22.000000000 +0400 libkrb5support.so.0.1*
    lrwxrwxrwx  1 root root      20 2013-08-26 16:29:30.369736593 +0400 liblber-2.4.so.2 -> liblber-2.4.so.2.5.6*
    -rwxr-xr-x  1 root root   63336 2013-04-29 11:50:08.000000000 +0400 liblber-2.4.so.2.5.6*
    lrwxrwxrwx  1 root root      20 2013-08-26 16:29:30.371736205 +0400 libldap-2.4.so.2 -> libldap-2.4.so.2.5.6*
    -rwxr-xr-x  1 root root  317200 2013-04-29 11:50:08.000000000 +0400 libldap-2.4.so.2.5.6*
    lrwxrwxrwx  1 root root      22 2013-08-26 16:29:30.383737800 +0400 libldap_r-2.4.so.2 -> libldap_r-2.4.so.2.5.6*
    -rwxr-xr-x  1 root root  335264 2013-04-29 11:50:08.000000000 +0400 libldap_r-2.4.so.2.5.6*
    lrwxrwxrwx  1 root root      20 2013-08-26 16:29:30.391548803 +0400 libldif-2.4.so.2 -> libldif-2.4.so.2.5.6*
    -rwxr-xr-x  1 root root   18736 2013-04-29 11:50:08.000000000 +0400 libldif-2.4.so.2.5.6*
    -rwxr-xr-x  1 root root  599392 2015-01-27 22:38:12.000000000 +0300 libm-2.12.so*
    lrwxrwxrwx  1 root root      17 2013-08-26 16:29:34.457486791 +0400 libmount.so.1 -> libmount.so.1.1.0*
    -rwxr-xr-x  1 root root   68304 2013-04-29 11:43:56.000000000 +0400 libmount.so.1.1.0*
    lrwxrwxrwx  1 root root      12 2015-01-28 15:09:32.958483737 +0300 libm.so.6 -> libm-2.12.so*
    lrwxrwxrwx  1 root root      17 2013-01-16 16:10:57.000000000 +0400 libncurses.so.5 -> libncurses.so.5.7*
    -rwxr-xr-x  1 root root  142536 2010-08-18 19:42:28.000000000 +0400 libncurses.so.5.7*
    lrwxrwxrwx  1 root root      18 2013-01-16 16:10:57.000000000 +0400 libncursesw.so.5 -> libncursesw.so.5.7*
    -rwxr-xr-x  1 root root  195616 2010-08-18 19:42:28.000000000 +0400 libncursesw.so.5.7*
    lrwxrwxrwx  1 root root      20 2013-01-16 16:10:57.000000000 +0400 libnih-dbus.so.1 -> libnih-dbus.so.1.0.0*
    -rwxr-xr-x  1 root root   39896 2011-12-07 21:40:52.000000000 +0400 libnih-dbus.so.1.0.0*
    lrwxrwxrwx  1 root root      15 2013-01-16 16:10:57.000000000 +0400 libnih.so.1 -> libnih.so.1.0.0*
    -rwxr-xr-x  1 root root  101920 2011-12-07 21:40:52.000000000 +0400 libnih.so.1.0.0*
    lrwxrwxrwx  1 root root      14 2013-08-26 16:29:48.257863034 +0400 libnl.so.1 -> libnl.so.1.1.4*
    -rwxr-xr-x  1 root root  337248 2013-06-28 03:58:04.000000000 +0400 libnl.so.1.1.4*
    -rwxr-xr-x  1 root root  116368 2015-01-27 22:38:12.000000000 +0300 libnsl-2.12.so*
    lrwxrwxrwx  1 root root      14 2015-01-28 15:09:32.964484369 +0300 libnsl.so.1 -> libnsl-2.12.so*
    -rwxr-xr-x  1 root root  247192 2014-07-22 22:06:22.000000000 +0400 libnspr4.so*
    -rwxr-xr-x  1 root root   42808 2015-01-27 22:38:11.000000000 +0300 libnss_compat-2.12.so*
    lrwxrwxrwx  1 root root      21 2015-01-28 15:09:32.966483996 +0300 libnss_compat.so.2 -> libnss_compat-2.12.so*
    -rwxr-xr-x  1 root root   27424 2015-01-27 22:38:12.000000000 +0300 libnss_dns-2.12.so*
    lrwxrwxrwx  1 root root      18 2015-01-28 15:09:32.970483722 +0300 libnss_dns.so.2 -> libnss_dns-2.12.so*
    -rwxr-xr-x  1 root root   65928 2015-01-27 22:38:11.000000000 +0300 libnss_files-2.12.so*
    lrwxrwxrwx  1 root root      20 2015-01-28 15:09:32.973483747 +0300 libnss_files.so.2 -> libnss_files-2.12.so*
    -rwxr-xr-x  1 root root   24152 2015-01-27 22:38:10.000000000 +0300 libnss_hesiod-2.12.so*
    lrwxrwxrwx  1 root root      21 2015-01-28 15:09:32.981483880 +0300 libnss_hesiod.so.2 -> libnss_hesiod-2.12.so*
    -rwxr-xr-x  1 root root   52560 2015-01-27 22:38:11.000000000 +0300 libnss_nis-2.12.so*
    -rwxr-xr-x  1 root root   61712 2015-01-27 22:38:10.000000000 +0300 libnss_nisplus-2.12.so*
    lrwxrwxrwx  1 root root      22 2015-01-28 15:09:32.987484337 +0300 libnss_nisplus.so.2 -> libnss_nisplus-2.12.so*
    lrwxrwxrwx  1 root root      18 2015-01-28 15:09:32.983483930 +0300 libnss_nis.so.2 -> libnss_nis-2.12.so*
    lrwxrwxrwx  1 root root      17 2013-08-26 16:29:19.640487432 +0400 libpamc.so.0 -> libpamc.so.0.82.1*
    -rwxr-xr-x  1 root root   14528 2013-02-22 04:16:03.000000000 +0400 libpamc.so.0.82.1*
    lrwxrwxrwx  1 root root      21 2013-08-26 16:29:19.639487003 +0400 libpam_misc.so.0 -> libpam_misc.so.0.82.0*
    -rwxr-xr-x  1 root root   17248 2013-02-22 04:16:03.000000000 +0400 libpam_misc.so.0.82.0*
    lrwxrwxrwx  1 root root      16 2013-08-26 16:29:19.637487571 +0400 libpam.so.0 -> libpam.so.0.82.2*
    -rwxr-xr-x  1 root root   58480 2013-02-22 04:16:03.000000000 +0400 libpam.so.0.82.2*
    lrwxrwxrwx  1 root root      16 2013-08-26 16:29:37.784549227 +0400 libpci.so.3 -> libpci.so.3.1.10*
    -rwxr-xr-x  1 root root   51472 2013-02-22 02:31:11.000000000 +0400 libpci.so.3.1.10*
    lrwxrwxrwx  1 root root      16 2013-08-26 16:29:27.530487312 +0400 libpcre.so.0 -> libpcre.so.0.0.1*
    -rwxr-xr-x  1 root root  183816 2012-09-07 15:03:38.000000000 +0400 libpcre.so.0.0.1*
    -rwxr-xr-x  1 root root   21288 2014-07-22 22:06:22.000000000 +0400 libplc4.so*
    -rwxr-xr-x  1 root root   17128 2014-07-22 22:06:22.000000000 +0400 libplds4.so*
    lrwxrwxrwx  1 root root      16 2013-01-16 16:10:57.000000000 +0400 libpopt.so.0 -> libpopt.so.0.0.0*
    -rwxr-xr-x  1 root root   38808 2010-08-21 09:30:58.000000000 +0400 libpopt.so.0.0.0*
    -rwxr-xr-x  1 root root   65608 2012-11-15 17:54:14.000000000 +0400 libproc-3.2.8.so*
    lrwxrwxrwx  1 root root      16 2013-08-26 16:29:27.723736249 +0400 libproc.so -> libproc-3.2.8.so*
    -rwxr-xr-x  1 root root  145896 2015-01-27 22:38:12.000000000 +0300 libpthread-2.12.so*
    lrwxrwxrwx  1 root root      18 2015-01-28 15:09:32.996483709 +0300 libpthread.so.0 -> libpthread-2.12.so*
    lrwxrwxrwx  1 root root      18 2014-09-11 06:35:16.830484171 +0400 libreadline.so.5 -> libreadline.so.5.2*
    -rwxr-xr-x  1 root root  261144 2010-11-11 06:19:38.000000000 +0300 libreadline.so.5.2*
    lrwxrwxrwx  1 root root      18 2013-01-16 16:10:57.000000000 +0400 libreadline.so.6 -> libreadline.so.6.0*
    -rwxr-xr-x  1 root root  272008 2012-06-22 10:54:32.000000000 +0400 libreadline.so.6.0*
    -rwxr-xr-x  1 root root  113952 2015-01-27 22:38:11.000000000 +0300 libresolv-2.12.so*
    lrwxrwxrwx  1 root root      17 2015-01-28 15:09:33.003484346 +0300 libresolv.so.2 -> libresolv-2.12.so*
    -rwxr-xr-x  1 root root   47112 2015-01-27 22:38:10.000000000 +0300 librt-2.12.so*
    lrwxrwxrwx  1 root root      13 2015-01-28 15:09:33.006484168 +0300 librt.so.1 -> librt-2.12.so*
    -rwxr-xr-x  1 root root   21928 2015-01-27 22:38:11.000000000 +0300 libSegFault.so*
    -rwxr-xr-x  1 root root  124624 2013-05-10 13:06:33.000000000 +0400 libselinux.so.1*
    -rwxr-xr-x  1 root root  201824 2013-02-22 04:21:47.000000000 +0400 libsemanage.so.1*
    -rwxr-xr-x  1 root root  251112 2011-12-07 22:01:08.000000000 +0400 libsepol.so.1*
    lrwxrwxrwx  1 root root      12 2014-04-09 10:20:41.035755091 +0400 libss.so.2 -> libss.so.2.0*
    -rwxr-xr-x  1 root root   29656 2013-11-22 16:56:01.000000000 +0400 libss.so.2.0*
    -rwxr-xr-x  1 root root   34008 2015-01-27 22:38:11.000000000 +0300 libthread_db-1.0.so*
    lrwxrwxrwx  1 root root      19 2015-01-28 15:09:33.013484386 +0300 libthread_db.so.1 -> libthread_db-1.0.so*
    lrwxrwxrwx  1 root root      15 2013-01-16 16:10:57.000000000 +0400 libtinfo.so.5 -> libtinfo.so.5.7*
    -rwxr-xr-x  1 root root  138280 2010-08-18 19:42:28.000000000 +0400 libtinfo.so.5.7*
    lrwxrwxrwx  1 root root      18 2013-08-26 16:29:47.896615564 +0400 libtirpc.so.1 -> libtirpc.so.1.0.10*
    -rwxr-xr-x  1 root root  161984 2013-05-30 22:54:27.000000000 +0400 libtirpc.so.1.0.10*
    -rwxr-xr-x  1 root root   17520 2015-01-27 22:38:10.000000000 +0300 libutil-2.12.so*
    lrwxrwxrwx  1 root root      15 2015-01-28 15:09:33.013484386 +0300 libutil.so.1 -> libutil-2.12.so*
    lrwxrwxrwx  1 root root      16 2013-08-26 16:29:27.458487528 +0400 libuuid.so.1 -> libuuid.so.1.3.0*
    -rwxr-xr-x  1 root root   18936 2013-04-29 11:43:56.000000000 +0400 libuuid.so.1.3.0*
    lrwxrwxrwx  1 root root      16 2013-01-16 16:10:57.000000000 +0400 libwrap.so.0 -> libwrap.so.0.7.6*
    -rwxr-xr-x  1 root root   40792 2011-12-07 21:45:47.000000000 +0400 libwrap.so.0.7.6*
    lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 libxtables.so.4 -> /etc/alternatives/libxtables4.x86_64*
    lrwxrwxrwx  1 root root      38 2013-08-26 16:30:17.379674066 +0400 libxtables.so.4.0.0 -> /etc/alternatives/libxtables400.x86_64*
    -rwxr-xr-x  1 root root   34616 2013-02-22 05:45:53.000000000 +0400 libxtables.so.4.0.0-1.4.7*
    lrwxrwxrwx  1 root root      25 2013-08-26 16:29:33.594486893 +0400 libxtables.so.4-1.4.7 -> libxtables.so.4.0.0-1.4.7*
    lrwxrwxrwx  1 root root      13 2013-08-26 16:29:18.217491166 +0400 libz.so.1 -> libz.so.1.2.3*
    -rwxr-xr-x  1 root root   91096 2013-02-22 03:02:16.000000000 +0400 libz.so.1.2.3*
    drwxr-xr-x  2 root root    4096 2013-10-01 18:37:18.198486390 +0400 rsyslog/
    drwxr-xr-x  2 root root    4096 2015-01-28 15:09:33.027484329 +0300 rtkaio/
    drwxr-xr-x  3 root root    4096 2013-08-26 16:29:19.668550214 +0400 security/
    dr-xr-xr-x  2 root root    4096 2014-02-20 21:32:33.000000000 +0400 tls/
    lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 xtables -> /etc/alternatives/lib-xtables.x86_64/
    drwxr-xr-x  2 root root    4096 2013-08-26 16:29:33.634737660 +0400 xtables-1.4.7/
    [[email protected]**********.ru ~]$ ls -la --full-time /lib
    total 28
    dr-xr-xr-x  7 root root 4096 2014-02-20 21:32:33.000000000 +0400 ./
    dr-xr-xr-x 25 root root 4096 2015-03-25 03:33:40.839381604 +0300 ../
    lrwxrwxrwx  1 root root   14 2014-04-09 10:20:40.229729238 +0400 cpp -> ../usr/bin/cpp*
    drwxr-xr-x  2 root root 4096 2013-02-22 09:22:18.000000000 +0400 firmware/
    dr-xr-xr-x  7 root root 4096 2015-03-17 02:06:50.808858882 +0300 modules/
    drwxr-xr-x  2 root root 4096 2013-02-22 04:16:00.000000000 +0400 security/
    drwxr-xr-x  6 root root 4096 2011-09-13 21:36:01.000000000 +0400 terminfo/
    drwxr-xr-x  5 root root 4096 2015-01-29 05:33:58.058230195 +0300 udev/
    [[email protected]**********.ru ~]$ mount
    /dev/simfs on / type simfs (rw,relatime)
    proc on /proc type proc (rw,relatime)
    sysfs on /sys type sysfs (rw,relatime)
    none on /dev type devtmpfs (rw,relatime,mode=755)
    none on /dev/pts type devpts (rw,relatime,mode=600,ptmxmode=000)
    tmpfs on /tmp/mysql_tmpfs type tmpfs (rw,relatime,size=2097152k,mode=700,uid=27,gid=27)
    tmpfs on /srv/www/**********.com/htdocs/upload/responses type tmpfs (rw,relatime,size=524288k,mode=700,uid=48,gid=48)
    none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,relatime)
    [[email protected]**********.ru ~]$ df -h
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/simfs            5.3T  1.1T  4.2T  21% /
    none                   16G  4.0K   16G   1% /dev
    tmpfs                 2.0G  8.0K  2.0G   1% /tmp/mysql_tmpfs
    tmpfs                 512M   28K  512M   1% /srv/www/**********.com/htdocs/upload/responses
    [[email protected]**********.ru ~]$ cat /etc/issue
    CentOS release 6.4 (Final)
    Kernel \r on an \m
    
    [[email protected]**********.ru ~]$ cat /etc/crontab
    SHELL=/bin/bash
    PATH=/sbin:/bin:/usr/sbin:/usr/bin
    MAILTO=root
    HOME=/
    
    # For details see man 4 crontabs
    
    # Example of job definition:
    # .---------------- minute (0 - 59)
    # |  .------------- hour (0 - 23)
    # |  |  .---------- day of month (1 - 31)
    # |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
    # |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
    # |  |  |  |  |
    # *  *  *  *  * user-name command to be executed
    
    [[email protected]**********.ru ~]$ cat /proc/version
    Linux version 2.6.32-042stab093.4 ([email protected]) (gcc version 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) ) #1 SMP Mon Aug 11 18:47:39 MSK 2014
    [[email protected]**********.ru ~]$ cat /proc/sys/vm/mmap_min_addr
    4096
    [[email protected]**********.ru ~]$ pwd
    /home/**********
    [[email protected]**********.ru ~]$ ls -la /usr/bin/staprun
    ls: cannot access /usr/bin/staprun: No such file or directory
    [[email protected]**********.ru ~]$ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null
    
    Есть ssh доступ, но доступа к /root/ нету, нужен туда доступ заполучить)))
     
  10. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
     
  11. Vip77

    Vip77 Elder - Старейшина

    Joined:
    29 Sep 2012
    Messages:
    307
    Likes Received:
    55
    Reputations:
    20
    Подскажите сплоит. Не смог найти
    Code:
    $ uname -a
    FreeBSD *** 8.2-RELEASE-p6 FreeBSD 8.2-RELEASE-p6 #1: Mon Feb 13 10:42:12 MSK 2012     [email protected]***:/usr/obj/usr/src/sys/GENERIC  amd64
    
    $ ls -la /boot
    total 3132
    drwxr-xr-x   8 root  wheel    1024 Feb 13  2012 .
    drwxr-xr-x  22 root  wheel     512 May  9  2014 ..
    -r--r--r--   1 root  wheel    7690 Feb 13  2012 beastie.4th
    -r--r--r--   1 root  wheel    8192 Feb 13  2012 boot
    -r--r--r--   1 root  wheel     512 Feb 13  2012 boot0
    -r--r--r--   1 root  wheel     512 Feb 13  2012 boot0sio
    -r--r--r--   1 root  wheel     512 Feb 13  2012 boot1
    -r--r--r--   1 root  wheel    7680 Feb 13  2012 boot2
    -r--r--r--   1 root  wheel    1201 Feb 13  2012 cdboot
    drwxr-xr-x   2 root  wheel     512 Feb 13  2012 defaults
    -r--r--r--   1 root  wheel     808 Feb 24  2008 device.hints
    drwxr-xr-x   2 root  wheel     512 Feb 24  2008 firmware
    -r--r--r--   1 root  wheel    2262 Feb 13  2012 frames.4th
    -r--r--r--   1 root  wheel   13851 Feb 13  2012 gptboot
    -r--r--r--   1 root  wheel   27463 Feb 13  2012 gptzfsboot
    drwxr-xr-x   2 root  wheel   30208 Feb 13  2012 kernel
    drwxr-xr-x   2 root  wheel   30208 Aug  3  2011 kernel.old
    -r-xr-xr-x   1 root  wheel  237568 Feb 13  2012 loader
    -r--r--r--   1 root  wheel    5865 Feb 13  2012 loader.4th
    -rw-r--r--   1 root  wheel     195 Jan 28  2010 loader.conf
    -r--r--r--   1 root  wheel   15219 Feb 13  2012 loader.help
    -r-xr-xr-x   1 root  wheel  237568 Aug  3  2011 loader.old
    -r--r--r--   1 root  wheel     385 Feb 24  2008 loader.rc
    -r--r--r--   1 root  wheel     512 Feb 13  2012 mbr
    drwxr-xr-x   2 root  wheel     512 Feb 24  2008 modules
    -r--r--r--   1 root  wheel     512 Feb 13  2012 pmbr
    -r--r--r--   1 root  wheel  239616 Feb 13  2012 pxeboot
    -r--r--r--   1 root  wheel     703 Feb 13  2012 screen.4th
    -r--r--r--   1 root  wheel   35136 Feb 13  2012 support.4th
    drwxr-xr-x   2 root  wheel     512 Feb 24  2008 zfs
    -r--r--r--   1 root  wheel   33280 Feb 13  2012 zfsboot
    -r-xr-xr-x   1 root  wheel  258048 Feb 13  2012 zfsloader
    -r-xr-xr-x   1 root  wheel  258048 Aug  3  2011 zfsloader.old
    
    $ lls -la --full-time /lib 
    
    $ mount
    /dev/aacd0s1a on / (ufs, local)
    devfs on /dev (devfs, local, multilabel)
    /dev/aacd0s1d on /tmp (ufs, local, soft-updates)
    /dev/aacd0s1f on /usr (ufs, local, soft-updates)
    /dev/aacd0s1e on /var (ufs, local, soft-updates)
    /dev/aacd1s1d on /home (ufs, local, soft-updates)
    
    $ df -h
    Filesystem       Size    Used   Avail Capacity  Mounted on
    /dev/aacd0s1a    1.9G    592M    1.2G    33%    /
    devfs            1.0K    1.0K      0B   100%    /dev
    /dev/aacd0s1d    2.9G    490K    2.7G     0%    /tmp
    /dev/aacd0s1f     15G    3.8G    9.9G    28%    /usr
    /dev/aacd0s1e     29G    3.5G     23G    13%    /var
    /dev/aacd1s1d    406G     71G    303G    19%    /home
    
    $ cat /etc/issue
    
    $ cat /etc/crontab
    # /etc/crontab - root's crontab for FreeBSD
    #
    # $FreeBSD: src/etc/crontab,v 1.32 2002/11/22 16:13:39 tom Exp $
    #
    SHELL=/bin/sh
    PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
    HOME=/var/log
    #
    #minute	hour	mday	month	wday	who	command
    #
    */5	*	*	*	*	root	/usr/libexec/atrun
    #
    # Save some entropy so that /dev/random can re-seed on boot.
    */11	*	*	*	*	operator /usr/libexec/save-entropy
    #
    # Rotate log files every hour, if necessary.
    0	*	*	*	*	root	newsyslog
    #
    # Perform daily/weekly/monthly maintenance.
    1	3	*	*	*	root	periodic daily
    15	4	*	*	6	root	periodic weekly
    30	5	1	*	*	root	periodic monthly
    #
    # Adjust the time zone if the CMOS clock keeps local time, as opposed to
    # UTC time.  See adjkerntz(8) for details.
    1,31	0-5	*	*	*	root	adjkerntz -a
    
    $ ls -la cron.d
    
    $ cat /proc/version
    
    $ cat /proc/sys/vm/mmap_min_addr
    
    $ pwd
    /lib/geom
    
    $ ls -la /usr/bin/staprun
    
    $ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null
    -r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/at
    -r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/atq
    -r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/atrm
    -r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/batch
    -r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/chpass
    -r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/chfn
    -r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/chsh
    -r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/ypchpass
    -r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/ypchfn
    -r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/ypchsh
    -r-sr-xr-x  1 root  wheel  11472 Feb 13  2012 /usr/bin/lock
    -r-sr-xr-x  1 root  wheel  25552 Feb 13  2012 /usr/bin/login
    -r-sr-xr-x  1 root  wheel  7032 Feb 13  2012 /usr/bin/opieinfo
    -r-sr-xr-x  1 root  wheel  14056 Feb 13  2012 /usr/bin/opiepasswd
    -r-sr-xr-x  2 root  wheel  8176 Feb 13  2012 /usr/bin/passwd
    -r-sr-xr-x  2 root  wheel  8176 Feb 13  2012 /usr/bin/yppasswd
    -r-sr-xr-x  1 root  wheel  16048 Feb 13  2012 /usr/bin/rlogin
    -r-sr-xr-x  1 root  wheel  11592 Feb 13  2012 /usr/bin/rsh
    -r-sr-xr-x  1 root  wheel  16904 Feb 13  2012 /usr/bin/su
    -r-sr-xr-x  1 root  wheel  33864 Feb 13  2012 /usr/bin/crontab
    -r-sr-sr-x  1 root  daemon  34232 Feb 13  2012 /usr/bin/lpq
    -r-sr-sr-x  1 root  daemon  38272 Feb 13  2012 /usr/bin/lpr
    -r-sr-sr-x  1 root  daemon  30248 Feb 13  2012 /usr/bin/lprm
    ---s--x--x  2 root  wheel  1099192 Feb 13  2012 /usr/local/bin/sudo
    ---s--x--x  2 root  wheel  1099192 Feb 13  2012 /usr/local/bin/sudoedit
    -r-sr-sr-x  1 root  authpf  20240 Feb 13  2012 /usr/sbin/authpf
    -r-sr-x---  1 root  network  408712 Feb 13  2012 /usr/sbin/ppp
    -r-sr-xr-x  1 root  wheel  21080 Feb 13  2012 /usr/sbin/timedc
    -r-sr-xr-x  1 root  wheel  29456 Feb 13  2012 /usr/sbin/traceroute
    -r-sr-xr-x  1 root  wheel  24448 Feb 13  2012 /usr/sbin/traceroute6
    -r-sr-xr-x  1 root  wheel  20416 Feb 13  2012 /bin/rcp
    -r-sr-x---  1 root  operator  9704 Feb 13  2012 /sbin/mksnap_ffs
    -r-sr-xr-x  1 root  wheel  28200 Feb 13  2012 /sbin/ping
    -r-sr-xr-x  1 root  wheel  37240 Feb 13  2012 /sbin/ping6
    -r-sr-x---  1 root  operator  15952 Feb 13  2012 /sbin/shutdown
     
  12. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
     
    1 person likes this.
  13. sysjuk

    sysjuk Member

    Joined:
    5 Jan 2012
    Messages:
    220
    Likes Received:
    41
    Reputations:
    3
    Code:
    $ uname -a
    Linux ****** 2.6.32.26 #1 SMP Thu Dec 9 15:33:24 UTC 2010 x86_64 GNU/Linux
    $ ls -la /boot
    total 16696
    drwxr-xr-x  3 root root     4096 Feb 24 10:19 .
    drwxr-xr-x 23 root root     4096 Mar 22 23:06 ..
    lrwxrwxrwx  1 root root       20 Dec  9  2010 System.map -> System.map-2.6.32.26
    -rw-r--r--  1 root root  1678996 Dec  9  2010 System.map-2.6.32.26
    -rw-r--r--  1 root root  2114446 Feb 22 08:16 System.map-3.2.0-4-amd64
    lrwxrwxrwx  1 root root       16 Dec  9  2010 config -> config-2.6.32.26
    -rw-r--r--  1 root root    43412 Dec  9  2010 config-2.6.32.26
    -rw-r--r--  1 root root   129281 Feb 22 08:16 config-3.2.0-4-amd64
    drwxr-xr-x  2 root root     4096 Feb 24 10:19 grub
    -rw-r--r--  1 root root 10235778 Feb 24 10:19 initrd.img-3.2.0-4-amd64
    lrwxrwxrwx  1 root root       17 Dec  9  2010 vmlinuz -> vmlinuz-2.6.32.26
    -rw-r--r--  1 root root  2841408 Feb 22 08:05 vmlinuz-3.2.0-4-amd64
    $ lls -la --full-time
    
    $ ls -la --full-time
    total 52
    drwxr-xr-x 2 windows windows  4096 2015-03-30 05:32:50.000000000 +0300 .
    drwxr-xr-x 4 windows windows 12288 2015-04-02 20:31:56.000000000 +0300 ..
    -rwxrwxrwx 1 windows windows 30712 2015-03-29 22:00:04.000000000 +0300 index.php
    $ mount
    proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
    sys on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
    udev on /dev type devtmpfs (rw,relatime,size=1007792k,nr_inodes=251948,mode=755)
    /dev/pts on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
    /dev/xvda1 on / type ext3 (rw,relatime,errors=panic,user_xattr,acl,data=ordered,usrquota,grpquota)
    selinuxfs on /selinux type selinuxfs (rw,relatime)
    tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=209088k,mode=755)
    tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
    tmpfs on /run/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=418160k)
    none on /proc/xen type xenfs (rw,relatime)
    $ df -h
    Filesystem      Size  Used Avail Use% Mounted on
    rootfs           35G   22G   13G  64% /
    udev            985M     0  985M   0% /dev
    /dev/xvda1       35G   22G   13G  64% /
    tmpfs           205M  108K  205M   1% /run
    tmpfs           5.0M     0  5.0M   0% /run/lock
    tmpfs           409M     0  409M   0% /run/shm
    $ cat /etc/issue
    Debian GNU/Linux 7 \n \l
    
    $ cat /etc/crontab
    # /etc/crontab: system-wide crontab
    # Unlike any other crontab you don't have to run the `crontab'
    # command to install the new version when you edit this file
    # and files in /etc/cron.d. These files also have username fields,
    # that none of the other crontabs do.
    
    SHELL=/bin/sh
    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
    
    # m h dom mon dow user    command
    17 *    * * *    root    cd / && run-parts --report /etc/cron.hourly
    25 6    * * *    root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
    47 6    * * 7    root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
    52 6    1 * *    root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
    #
    $ ls -la cron.d
    
    $ cat /proc/version
    Linux version 2.6.32.26 ([email protected]) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-48)) #1 SMP Thu Dec 9 15:33:24 UTC 2010
    $ cat /proc/sys/vm/mmap_min_addr
    4096
    $ pwd
    /var/www/windows/data/www/********/
    $ ls -la /usr/bin/staprun
    
    $ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null
    -rwsr-xr-x 1 root root 1103424 Jul 24  2014 /usr/sbin/exim4
    -rwsr-xr-- 1 root www-data 18920 Dec 24 01:49 /usr/lib/apache2/suexec
    -rwsr-xr-x 1 root root 245064 Jun 30  2014 /usr/lib/openssh/ssh-keysign
    -rwsr-xr-- 1 root messagebus 298544 Feb 10 00:37 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
    -rwsr-xr-x 1 root root 10496 Feb 22 14:42 /usr/lib/pt_chown
    -r-sr-xr-x 1 root root 13024 Jul 27  2014 /usr/local/ispmgr/cgi/login
    -r-sr-xr-x 1 root root 57344 Jul 27  2014 /usr/local/ispmgr/cgi/certdownload
    -r-sr-xr-x 1 root root 49016 Jul 27  2014 /usr/local/ispmgr/cgi/upload
    -r-sr-xr-x 1 root root 19816 Jul 27  2014 /usr/local/ispmgr/cgi/outlook
    -r-sr-xr-x 1 root root 140408 Jul 27  2014 /usr/local/ispmgr/cgi/getuser
    -r-sr-xr-x 1 root root 32752 Jul 27  2014 /usr/local/ispmgr/cgi/dbdownload
    -r-sr-xr-x 1 root root 38264 Jul 27  2014 /usr/local/ispmgr/cgi/xml2csv
    -r-sr-xr-x 1 root root 53992 Jul 27  2014 /usr/local/ispmgr/cgi/download
    -r-sr-xr-x 1 root root 53248 Jul 27  2014 /usr/local/ispmgr/cgi/cronrun
    -r-sr-xr-x 1 root root 53280 Jul 27  2014 /usr/local/ispmgr/cgi/mindterm
    -r-sr-xr-x 1 root root 8280 Jul 27  2014 /usr/local/ispmgr/cgi/ispmgr
    -r-sr-xr-x 1 root root 140888 Jul 27  2014 /usr/local/ispmgr/cgi/bdownload
    -r-sr-xr-x 1 root root 5240 Jul 27  2014 /usr/local/ispmgr/sbin/suexec
    -r-sr-xr-x 1 root root 36480 Jul 27  2014 /usr/local/ispmgr/sbin/vacation
    -r-sr-xr-x 1 root root 1774704 Jul 27  2014 /usr/local/ispmgr/sbin/usermove
    -r-sr-xr-x 1 root root 1146280 Jul 27  2014 /usr/local/ispmgr/sbin/pbackup
    -r-sr-xr-x 1 root root 66392 Jul 27  2014 /usr/local/ispmgr/sbin/responder
    -r-sr-xr-x 1 root root 1550632 Jul 27  2014 /usr/local/ispmgr/bin/ispmgr
    -rwsr-xr-x 1 root root 46264 May 26  2012 /usr/bin/chfn
    -rwsr-xr-x 1 root root 51096 May 26  2012 /usr/bin/passwd
    -rwsr-xr-x 1 root root 41272 May 26  2012 /usr/bin/chsh
    -rwsr-xr-x 1 root root 68024 May 26  2012 /usr/bin/gpasswd
    -rwsr-xr-x 2 root root 112824 Feb 16 15:46 /usr/bin/sudo
    -rwsr-xr-x 1 root root 36432 May 26  2012 /usr/bin/newgrp
    -rwsr-sr-x 1 daemon daemon 55456 Oct  3  2014 /usr/bin/at
    -rwsr-xr-x 2 root root 112824 Feb 16 15:46 /usr/bin/sudoedit
    -rwsr-xr-x 1 root root 69080 Dec 11  2012 /bin/umount
    -rwsr-xr-x 1 root root 36136 Apr 12  2011 /bin/ping
    -rwsr-xr-x 1 root root 36816 May 26  2012 /bin/su
    -rwsr-xr-x 1 root root 94776 Dec 11  2012 /bin/mount
    -rwsr-xr-x 1 root root 36896 Apr 12  2011 /bin/ping6
    Есть что нибудь для нее?
     
  14. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    sysjuk, что Вы пробовали? Что с библиотеками? enlightenment?
     
  15. sysjuk

    sysjuk Member

    Joined:
    5 Jan 2012
    Messages:
    220
    Likes Received:
    41
    Reputations:
    3
    Пробывал enlightenment
    ./run_nonnull_exploits.sh 2>&1
    Compiling exp_abacus.c...OK.
    Compiling exp_cheddarbay.c...OK.
    Compiling exp_ingom0wnar.c...OK.
    Compiling exp_moosecox.c...OK.
    Compiling exp_paokara.c...OK.
    Compiling exp_powerglove.c...OK.
    Compiling exp_sieve.c...OK.
    Compiling exp_therebel.c...OK.
    Compiling exp_vmware.c...OK.
    Compiling exp_wunderbar.c...OK.
    ./run_null_exploits.sh: 44: ./run_null_exploits.sh: ./exploit: Permission denied
    Таки не вкурил почему :(
     
  16. Vip77

    Vip77 Elder - Старейшина

    Joined:
    29 Sep 2012
    Messages:
    307
    Likes Received:
    55
    Reputations:
    20
    Есть что-нибудь под сие?
    Code:
    $ uname -a
    Linux srv100 2.6.32-5-686-bigmem #1 SMP Sat May 5 02:21:15 UTC 2012 i686 GNU/Linux
    
    $ mount
    /dev/sda2 on / type ext4 (rw,noatime,errors=remount-ro)
    tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
    proc on /proc type proc (rw,noexec,nosuid,nodev)
    sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
    udev on /dev type tmpfs (rw,mode=0755)
    tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
    devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
    /dev/sda1 on /boot type ext3 (rw,noatime)
    /dev/sda5 on /var type ext4 (rw,noatime)
    /dev/sda6 on /home type ext4 (rw,nosuid,nodev,noatime,usrquota)
    
    $ cat /etc/issue
    Debian GNU/Linux 6.0 \n \l
    
    $ cat /etc/crontab
    # /etc/crontab: system-wide crontab
    # Unlike any other crontab you don't have to run the `crontab'
    # command to install the new version when you edit this file
    # and files in /etc/cron.d. These files also have username fields,
    # that none of the other crontabs do.
    
    SHELL=/bin/sh
    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
    
    # m h dom mon dow user   command
    17 *   * * *   root  cd / && run-parts --report /etc/cron.hourly
    25 6   * * *   root   test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
    47 6   * * 7   root   test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
    52 6   1 * *   root   test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
    #
    
    $ cat /proc/sys/vm/mmap_min_addr
    65536
     
  17. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    Посмотрите в сторону PERF_EVENTS local root.
     
    Vip77 likes this.
  18. foma9999

    foma9999 New Member

    Joined:
    5 Jan 2010
    Messages:
    125
    Likes Received:
    2
    Reputations:
    -4
    • uname -a
    Code:
    Linux qweqweqwe 2.6.32-431.el6.x86_64 #1 SMP Sun Nov 10 22:19:54 EST 2013 i686 i686 i386 GNU/Linux
    • ls -la /boot
    Code:
    total 5324
    drwxr-xr-x  2 root root    4096 May 11  2011 .
    drwxr-xr-x 23 root root    4096 Sep  5  2014 ..
    -rw-r--r--  1 root root     162 Dec  5  2013 .vmlinuz-2.6.18-371.3.1.el5.hmac
    -rw-r--r--  1 root root  996296 Dec  5  2013 System.map-2.6.18-371.3.1.el5
    -rw-r--r--  1 root root   70404 Dec  5  2013 config-2.6.18-371.3.1.el5
    -rw-------  1 root root 2333990 Dec 19  2013 initrd-2.6.18-371.3.1.el5.img
    -rw-r--r--  1 root root  117436 Dec  5  2013 symvers-2.6.18-371.3.1.el5.gz
    -rw-r--r--  1 root root 1912180 Dec  5  2013 vmlinuz-2.6.18-371.3.1.el5
    
    • ls -la --full-time /lib (или /lib64)
    Code:
    total 22904
    drwxr-xr-x 13 root root    4096 2015-02-18 01:42:06.027999964 +0300 .
    drwxr-xr-x 23 root root    4096 2014-09-05 15:20:06.791999964 +0300 ..
    -rw-r--r--  1 root root      65 2013-03-05 14:27:05.000000000 +0300 .libcrypto.so.0.9.8e.hmac
    lrwxrwxrwx  1 root root      25 2013-04-19 20:26:03.503221611 +0300 .libcrypto.so.6.hmac -> .libcrypto.so.0.9.8e.hmac
    -rw-r--r--  1 root root      65 2013-03-05 14:27:05.000000000 +0300 .libssl.so.0.9.8e.hmac
    lrwxrwxrwx  1 root root      22 2013-04-19 20:26:03.515221611 +0300 .libssl.so.6.hmac -> .libssl.so.0.9.8e.hmac
    drwxr-xr-x  2 root root    4096 2013-12-19 06:19:13.683999982 +0300 bdevid
    lrwxrwxrwx  1 root root      14 2015-02-18 01:42:05.288999963 +0300 cpp -> ../usr/bin/cpp
    drwxr-xr-x  2 root root    4096 2013-12-19 06:19:04.458999982 +0300 dbus-1
    drwxr-xr-x  2 root root    4096 2013-12-19 06:18:06.593999981 +0300 device-mapper
    drwxr-xr-x  2 root root    4096 2013-01-09 09:09:01.000000000 +0300 firmware
    drwxr-xr-x  3 root root    4096 2015-01-27 21:28:03.000000000 +0300 i686
    drwxr-xr-x  2 root root    4096 2013-12-19 06:18:24.479999981 +0300 iptables
    -rwxr-xr-x  1 root root  129476 2015-01-27 22:04:53.000000000 +0300 ld-2.5.so
    lrwxrwxrwx  1 root root       9 2015-02-06 04:17:26.933999964 +0300 ld-linux.so.2 -> ld-2.5.so
    -rwxr-xr-x  1 root root    7664 2015-01-27 22:04:53.000000000 +0300 libBrokenLocale-2.5.so
    lrwxrwxrwx  1 root root      22 2015-02-06 04:17:26.934999964 +0300 libBrokenLocale.so.1 -> libBrokenLocale-2.5.so
    -rwxr-xr-x  1 root root   16704 2015-01-27 22:04:53.000000000 +0300 libSegFault.so
    lrwxrwxrwx  1 root root      15 2013-12-19 06:17:46.312999980 +0300 libacl.so.1 -> libacl.so.1.1.0
    -rwxr-xr-x  1 root root   24180 2012-02-22 16:57:47.000000000 +0300 libacl.so.1.1.0
    -rwxr-xr-x  1 root root   14128 2015-01-27 22:04:53.000000000 +0300 libanl-2.5.so
    lrwxrwxrwx  1 root root      13 2015-02-06 04:17:26.941999964 +0300 libanl.so.1 -> libanl-2.5.so
    lrwxrwxrwx  1 root root      16 2012-03-12 21:23:16.697351269 +0300 libattr.so.1 -> libattr.so.1.1.0
    -rwxr-xr-x  1 root root   14296 2007-01-06 07:12:05.000000000 +0200 libattr.so.1.1.0
    lrwxrwxrwx  1 root root      17 2013-12-19 06:17:44.824999980 +0300 libaudit.so.0 -> libaudit.so.0.0.0
    -rwxr-xr-x  1 root root   95740 2012-02-22 18:10:06.000000000 +0300 libaudit.so.0.0.0
    lrwxrwxrwx  1 root root      19 2013-12-19 06:17:44.828999983 +0300 libauparse.so.0 -> libauparse.so.0.0.0
    -rwxr-xr-x  1 root root   58932 2012-02-22 18:10:06.000000000 +0300 libauparse.so.0.0.0
    lrwxrwxrwx  1 root root      15 2013-11-05 22:13:16.854090466 +0300 libblkid.so.1 -> libblkid.so.1.0
    -rwxr-xr-x  1 root root   36740 2013-05-09 14:10:58.000000000 +0300 libblkid.so.1.0
    -rwxr-xr-x  1 root root 1702792 2015-01-27 22:04:54.000000000 +0300 libc-2.5.so
    lrwxrwxrwx  1 root root      11 2015-02-06 04:17:27.040999964 +0300 libc.so.6 -> libc-2.5.so
    lrwxrwxrwx  1 root root      14 2012-03-12 21:23:16.697351269 +0300 libcap.so.1 -> libcap.so.1.10
    -rwxr-xr-x  1 root root   10184 2007-03-14 20:15:10.000000000 +0200 libcap.so.1.10
    -rwxr-xr-x  1 root root  191708 2015-01-27 22:04:55.000000000 +0300 libcidn-2.5.so
    lrwxrwxrwx  1 root root      14 2015-02-06 04:17:27.103999964 +0300 libcidn.so.1 -> libcidn-2.5.so
    lrwxrwxrwx  1 root root      17 2013-11-05 22:13:16.914090466 +0300 libcom_err.so.2 -> libcom_err.so.2.1
    -rwxr-xr-x  1 root root    6364 2013-05-09 14:10:58.000000000 +0300 libcom_err.so.2.1
    -rwxr-xr-x  1 root root   43616 2015-01-27 22:04:55.000000000 +0300 libcrypt-2.5.so
    lrwxrwxrwx  1 root root      15 2015-02-06 04:17:27.105999964 +0300 libcrypt.so.1 -> libcrypt-2.5.so
    -rwxr-xr-x  1 root root 1296768 2013-03-05 14:27:05.000000000 +0300 libcrypto.so.0.9.8e
    lrwxrwxrwx  1 root root      19 2013-04-19 20:26:03.554221611 +0300 libcrypto.so.6 -> libcrypto.so.0.9.8e
    -rwxr-xr-x  1 root root  838860 2007-01-07 07:37:48.000000000 +0200 libdb-4.1.so
    -rwxr-xr-x  1 root root  934132 2007-01-07 07:37:48.000000000 +0200 libdb-4.2.so
    -rwxr-xr-x  1 root root 1010204 2010-07-12 19:11:02.000000000 +0300 libdb-4.3.so
    -rwxr-xr-x  1 root root  905704 2007-01-07 07:37:48.000000000 +0200 libdb_cxx-4.1.so
    -rwxr-xr-x  1 root root 1019472 2007-01-07 07:37:48.000000000 +0200 libdb_cxx-4.2.so
    lrwxrwxrwx  1 root root      18 2013-12-19 06:18:47.989999982 +0300 libdbus-1.so.3 -> libdbus-1.so.3.4.0
    -rwxr-xr-x  1 root root  255980 2013-10-02 00:59:51.000000000 +0300 libdbus-1.so.3.4.0
    lrwxrwxrwx  1 root root      31 2013-12-19 06:18:06.593999981 +0300 libdevmapper-event-lvm2.so -> libdevmapper-event-lvm2.so.2.02
    -r-xr-xr-x  1 root root    5092 2013-10-01 22:35:41.000000000 +0300 libdevmapper-event-lvm2.so.2.02
    lrwxrwxrwx  1 root root      46 2013-12-19 06:18:06.595999981 +0300 libdevmapper-event-lvm2mirror.so -> device-mapper/libdevmapper-event-lvm2mirror.so
    lrwxrwxrwx  1 root root      48 2013-12-19 06:18:06.595999981 +0300 libdevmapper-event-lvm2snapshot.so -> device-mapper/libdevmapper-event-lvm2snapshot.so
    -r--r--r--  1 root root   45098 2012-02-22 20:26:24.000000000 +0300 libdevmapper-event.a
    lrwxrwxrwx  1 root root      26 2013-12-19 06:17:45.119999981 +0300 libdevmapper-event.so -> libdevmapper-event.so.1.02
    -r-xr-xr-x  1 root root   18488 2012-02-22 20:26:32.000000000 +0300 libdevmapper-event.so.1.02
    -r--r--r--  1 root root  496324 2012-02-22 20:26:17.000000000 +0300 libdevmapper.a
    lrwxrwxrwx  1 root root      20 2013-12-19 06:17:45.139999983 +0300 libdevmapper.so -> libdevmapper.so.1.02
    -r-xr-xr-x  1 root root  163292 2012-02-22 20:26:32.000000000 +0300 libdevmapper.so.1.02
    -rwxr-xr-x  1 root root   18812 2015-01-27 22:04:55.000000000 +0300 libdl-2.5.so
    lrwxrwxrwx  1 root root      12 2015-02-06 04:17:27.107999964 +0300 libdl.so.2 -> libdl-2.5.so
    lrwxrwxrwx  1 root root      34 2013-12-19 06:18:47.550999981 +0300 libdmraid-events-isw.so -> libdmraid-events-isw.so.1.0.0.rc13
    -rwxr-xr-x  1 root root   19740 2011-07-22 08:07:41.000000000 +0300 libdmraid-events-isw.so.1.0.0.rc13
    -r-xr-xr-x  1 root root   19740 2011-07-22 08:07:40.000000000 +0300 libdmraid-events-isw.so.1.0.0.rc13-17
    lrwxrwxrwx  1 root root      23 2013-12-19 06:18:47.553999981 +0300 libdmraid.so -> libdmraid.so.1.0.0.rc13
    -rwxr-xr-x  1 root root  219964 2011-07-22 08:07:41.000000000 +0300 libdmraid.so.1.0.0.rc13
    -r-xr-xr-x  1 root root  219968 2011-07-22 08:07:40.000000000 +0300 libdmraid.so.1.0.0.rc13-17
    lrwxrwxrwx  1 root root      13 2013-11-05 22:13:16.929090466 +0300 libe2p.so.2 -> libe2p.so.2.3
    -rwxr-xr-x  1 root root   20192 2013-05-09 14:10:58.000000000 +0300 libe2p.so.2.3
    lrwxrwxrwx  1 root root      17 2013-12-19 06:17:53.476999982 +0300 libexpat.so.0 -> libexpat.so.0.5.0
    -rwxr-xr-x  1 root root  134448 2012-06-13 17:35:31.000000000 +0300 libexpat.so.0.5.0
    lrwxrwxrwx  1 root root      16 2013-11-05 22:13:16.961090466 +0300 libext2fs.so.2 -> libext2fs.so.2.4
    -rwxr-xr-x  1 root root  113892 2013-05-09 14:10:58.000000000 +0300 libext2fs.so.2.4
    -rwxr-xr-x  1 root root   45192 2014-09-18 06:05:57.000000000 +0300 libgcc_s-4.1.2-20080825.so.1
    lrwxrwxrwx  1 root root      28 2015-02-18 01:42:06.025999964 +0300 libgcc_s.so.1 -> libgcc_s-4.1.2-20080825.so.1
    lrwxrwxrwx  1 root root      23 2012-03-12 21:23:16.697351269 +0300 libglib-2.0.so.0 -> libglib-2.0.so.0.1200.3
    -rwxr-xr-x  1 root root  642956 2009-03-25 03:52:17.000000000 +0200 libglib-2.0.so.0.1200.3
    lrwxrwxrwx  1 root root      26 2012-03-12 21:23:16.697351269 +0300 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.1200.3
    -rwxr-xr-x  1 root root    9852 2009-03-25 03:52:17.000000000 +0200 libgmodule-2.0.so.0.1200.3
    lrwxrwxrwx  1 root root      26 2012-03-12 21:23:16.697351269 +0300 libgobject-2.0.so.0 -> libgobject-2.0.so.0.1200.3
    -rwxr-xr-x  1 root root  257576 2009-03-25 03:52:17.000000000 +0200 libgobject-2.0.so.0.1200.3
    lrwxrwxrwx  1 root root      26 2012-03-12 21:23:16.697351269 +0300 libgthread-2.0.so.0 -> libgthread-2.0.so.0.1200.3
    -rwxr-xr-x  1 root root   14660 2009-03-25 03:52:17.000000000 +0200 libgthread-2.0.so.0.1200.3
    -rwxr-xr-x  1 root root    6404 2007-01-06 09:57:38.000000000 +0200 libkeyutils-1.2.so
    lrwxrwxrwx  1 root root      18 2012-03-12 21:23:16.697351269 +0300 libkeyutils.so.1 -> libkeyutils-1.2.so
    -r--r--r--  1 root root 4127600 2013-10-01 22:35:38.000000000 +0300 liblvm2cmd.a
    lrwxrwxrwx  1 root root      18 2013-12-19 06:18:06.704999982 +0300 liblvm2cmd.so -> liblvm2cmd.so.2.02
    -r-xr-xr-x  1 root root  882308 2013-10-01 22:35:41.000000000 +0300 liblvm2cmd.so.2.02
    -rwxr-xr-x  1 root root  214572 2015-01-27 22:04:55.000000000 +0300 libm-2.5.so
    lrwxrwxrwx  1 root root      11 2015-02-06 04:17:27.114999964 +0300 libm.so.6 -> libm-2.5.so
    -rwxr-xr-x  1 root root  107924 2015-01-27 22:04:55.000000000 +0300 libnsl-2.5.so
    lrwxrwxrwx  1 root root      13 2015-02-06 04:17:27.127999964 +0300 libnsl.so.1 -> libnsl-2.5.so
    -rwxr-xr-x  1 root root   36468 2015-01-27 22:04:55.000000000 +0300 libnss_compat-2.5.so
    lrwxrwxrwx  1 root root      20 2015-02-06 04:17:27.129999964 +0300 libnss_compat.so.2 -> libnss_compat-2.5.so
    -rwxr-xr-x  1 root root  825028 2010-05-13 14:02:40.000000000 +0300 libnss_db-2.2.so
    lrwxrwxrwx  1 root root      16 2012-03-12 21:23:16.697351269 +0300 libnss_db.so.2 -> libnss_db-2.2.so
    -rwxr-xr-x  1 root root   21948 2015-01-27 22:04:56.000000000 +0300 libnss_dns-2.5.so
    lrwxrwxrwx  1 root root      17 2015-02-06 04:17:27.130999964 +0300 libnss_dns.so.2 -> libnss_dns-2.5.so
    -rwxr-xr-x  1 root root   50848 2015-01-27 22:04:56.000000000 +0300 libnss_files-2.5.so
    lrwxrwxrwx  1 root root      19 2015-02-06 04:17:27.133999964 +0300 libnss_files.so.2 -> libnss_files-2.5.so
    -rwxr-xr-x  1 root root   22764 2015-01-27 22:04:56.000000000 +0300 libnss_hesiod-2.5.so
    lrwxrwxrwx  1 root root      20 2015-02-06 04:17:27.134999964 +0300 libnss_hesiod.so.2 -> libnss_hesiod-2.5.so
    -rwxr-xr-x  1 root root 3208608 2013-02-12 11:41:51.000000000 +0300 libnss_ldap-2.5.so
    lrwxrwxrwx  1 root root      18 2013-12-19 06:18:10.903999982 +0300 libnss_ldap.so.2 -> libnss_ldap-2.5.so
    -rwxr-xr-x  1 root root   46624 2015-01-27 22:04:56.000000000 +0300 libnss_nis-2.5.so
    lrwxrwxrwx  1 root root      17 2015-02-06 04:17:27.137999964 +0300 libnss_nis.so.2 -> libnss_nis-2.5.so
    -rwxr-xr-x  1 root root   55804 2015-01-27 22:04:56.000000000 +0300 libnss_nisplus-2.5.so
    lrwxrwxrwx  1 root root      21 2015-02-06 04:17:27.139999964 +0300 libnss_nisplus.so.2 -> libnss_nisplus-2.5.so
    -rwxr-xr-x  1 root root   19500 2012-04-11 00:14:14.000000000 +0300 libnss_winbind.so.2
    -rwxr-xr-x  1 root root  987544 2012-04-11 00:14:14.000000000 +0300 libnss_wins.so.2
    lrwxrwxrwx  1 root root      16 2013-11-05 22:13:18.599090466 +0300 libpam.so.0 -> libpam.so.0.81.5
    -rwxr-xr-x  1 root root   43020 2013-01-09 08:30:33.000000000 +0300 libpam.so.0.81.5
    lrwxrwxrwx  1 root root      21 2013-11-05 22:13:18.602090466 +0300 libpam_misc.so.0 -> libpam_misc.so.0.81.2
    -rwxr-xr-x  1 root root    8624 2013-01-09 08:30:33.000000000 +0300 libpam_misc.so.0.81.2
    lrwxrwxrwx  1 root root      17 2013-11-05 22:13:18.603090466 +0300 libpamc.so.0 -> libpamc.so.0.81.0
    -rwxr-xr-x  1 root root    9868 2013-01-09 08:30:33.000000000 +0300 libpamc.so.0.81.0
    lrwxrwxrwx  1 root root      16 2013-12-19 06:18:17.296999981 +0300 libpcre.so.0 -> libpcre.so.0.0.1
    -rwxr-xr-x  1 root root  127760 2013-10-01 21:18:22.000000000 +0300 libpcre.so.0.0.1
    -rwxr-xr-x  1 root root   52856 2013-10-01 23:42:22.000000000 +0300 libproc-3.2.7.so
    -rwxr-xr-x  1 root root  135928 2015-01-27 22:04:56.000000000 +0300 libpthread-2.5.so
    lrwxrwxrwx  1 root root      17 2015-02-06 04:17:27.144999964 +0300 libpthread.so.0 -> libpthread-2.5.so
    -rwxr-xr-x  1 root root   83048 2015-01-27 22:04:56.000000000 +0300 libresolv-2.5.so
    lrwxrwxrwx  1 root root      16 2015-02-06 04:17:27.147999964 +0300 libresolv.so.2 -> libresolv-2.5.so
    -rwxr-xr-x  1 root root   46144 2015-01-27 22:04:56.000000000 +0300 librt-2.5.so
    lrwxrwxrwx  1 root root      12 2015-02-06 04:17:27.149999964 +0300 librt.so.1 -> librt-2.5.so
    -rwxr-xr-x  1 root root   91892 2011-03-06 06:51:56.000000000 +0200 libselinux.so.1
    -rwxr-xr-x  1 root root  159412 2009-09-04 01:49:09.000000000 +0300 libsemanage.so.1
    -rwxr-xr-x  1 root root  243928 2010-03-31 11:26:18.000000000 +0300 libsepol.so.1
    lrwxrwxrwx  1 root root      12 2013-11-05 22:13:17.187090466 +0300 libss.so.2 -> libss.so.2.0
    -rwxr-xr-x  1 root root   19008 2013-05-09 14:10:58.000000000 +0300 libss.so.2.0
    -rwxr-xr-x  1 root root  298540 2013-03-05 14:27:05.000000000 +0300 libssl.so.0.9.8e
    lrwxrwxrwx  1 root root      16 2013-04-19 20:26:03.566221611 +0300 libssl.so.6 -> libssl.so.0.9.8e
    lrwxrwxrwx  1 root root      19 2012-03-12 21:23:16.698351269 +0300 libtermcap.so.2 -> libtermcap.so.2.0.8
    -rwxr-xr-x  1 root root   11636 2007-01-06 15:01:17.000000000 +0200 libtermcap.so.2.0.8
    -rwxr-xr-x  1 root root   33852 2015-01-27 22:04:56.000000000 +0300 libthread_db-1.0.so
    lrwxrwxrwx  1 root root      19 2015-02-06 04:17:27.152999964 +0300 libthread_db.so.1 -> libthread_db-1.0.so
    -rwxr-xr-x  1 root root   13492 2015-01-27 22:04:56.000000000 +0300 libutil-2.5.so
    lrwxrwxrwx  1 root root      14 2015-02-06 04:17:27.153999964 +0300 libutil.so.1 -> libutil-2.5.so
    lrwxrwxrwx  1 root root      14 2013-11-05 22:13:17.215090466 +0300 libuuid.so.1 -> libuuid.so.1.2
    -rwxr-xr-x  1 root root   14472 2013-05-09 14:10:58.000000000 +0300 libuuid.so.1.2
    lrwxrwxrwx  1 root root      16 2012-03-12 21:23:16.698351269 +0300 libwrap.so.0 -> libwrap.so.0.7.6
    -rwxr-xr-x  1 root root   31344 2009-09-22 01:37:30.000000000 +0300 libwrap.so.0.7.6
    lrwxrwxrwx  1 root root      13 2013-11-05 22:13:28.080090466 +0300 libz.so -> libz.so.1.2.3
    lrwxrwxrwx  1 root root      13 2013-11-05 22:13:23.526090466 +0300 libz.so.1 -> libz.so.1.2.3
    -rwxr-xr-x  1 root root   73640 2012-07-17 11:32:17.000000000 +0300 libz.so.1.2.3
    drwxr-xr-x  3 root root    4096 2013-12-19 07:29:03.445999982 +0300 modules
    drwxr-xr-x  2 root root    4096 2012-11-07 02:41:06.521808510 +0300 rsyslog
    drwxr-xr-x  3 root root    4096 2015-02-06 04:17:27.166999964 +0300 rtkaio
    drwxr-xr-x  3 root root    4096 2013-12-19 06:18:16.275999982 +0300 security
    drwxr-xr-x  3 root root    4096 2013-12-19 06:18:46.219999982 +0300 udev
    
    • mount
    Code:
    /dev/root on / type reiserfs (rw,relatime,usrquota,grpquota)
    tmpfs on /dev/shm type tmpfs (rw)
    none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
    rw on /proc/sys type unknown (rw)
    none on /var/spool/eaccelerator type tmpfs (rw,size=7516192768)
    none on /var/spool/eaccelerator/sessions type tmpfs (rw,size=536870912)
    none on /var/spool/exim/mem type tmpfs (rw,size=2147483648)
    10.159.247.29:/backup2/btku-cludbs-2/btku-cludb2 on /backup/mysql type nfs (rw,addr=10.159.247.29)
    10.159.243.46:/backup/btku-linsh-04 on /backup/rootfs type nfs (rw,remount,addr=10.159.243.46)
    
    • df -h
    Code:
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/root             1.2T  777G  345G  70% /
    tmpfs                 9.8G  8.0K  9.8G   1% /dev/shm
    none                  7.0G  2.6G  4.5G  37% /var/spool/eaccelerator
    none                  512M  3.2M  509M   1% /var/spool/eaccelerator/sessions
    df: `/var/spool/exim/mem': Permission denied
    10.159.247.29:/backup2/btku-cludbs-2/btku-cludb2
                          6.0T  4.2T  1.5T  75% /backup/mysql
    10.159.243.46:/backup/btku-linsh-04
                          9.9T  9.2T  750G  93% /backup/rootfs
    
    • cat /etc/issue
    Code:
    CentOS release 5.10 (Final)
    Kernel \r on an \m
    
    • cat /etc/crontab
      Code:
      SHELL=/bin/bash
      PATH=/sbin:/bin:/usr/sbin:/usr/bin
      MAILTO=root
      HOME=/
      
      # run-parts
      47 * * * * root run-parts /etc/cron.hourly
      3 1 * * * root run-parts /etc/cron.daily
      55 0 * * 0 root run-parts /etc/cron.weekly
      53 3 30 * * root run-parts /etc/cron.monthly
      
    • ls -la cron.d
      Code:
      ls: /etc/cron.d: Permission denied
    • ls -la cron.hourly
      Code:
      $ ls -la /etc/cron.hourly 2>&1
      total 24
      drwxr-xr-x  2 root root  4096 Jan  9  2013 .
      drwxr-xr-x 62 root root 20480 Apr 19 13:09 ..
      
    • ls -la cron.monthly
      Code:
      $ ls -la /etc/cron.monthly 2>&1
      total 24
      drwxr-xr-x  2 root root  4096 Jan  9  2013 .
      drwxr-xr-x 62 root root 20480 Apr 19 13:09 ..
      
    • ls -la cron.weekly
      Code:
      $ ls -la /etc/cron.weekly 2>&1
      total 36
      drwxr-xr-x  2 root root  4096 Dec 19  2013 .
      drwxr-xr-x 62 root root 20480 Apr 19 13:09 ..
      -rwxr-xr-x  1 root root   414 May 30  2012 makewhatis.cron
      -rwxr-xr-x  1 root root   261 Sep 25  2009 opt-geoip-lite-city
      -rwxr-xr-x  1 root root   262 Sep 25  2009 opt-geoip-lite-country
      
    • cat /proc/version
    Code:
    Linux version 2.6.32-431.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC) ) #1 SMP Sun Nov 10 22:19:54 EST 2013
    • cat /proc/sys/vm/mmap_min_addr
    Code:
    4096
    • pwd
    Code:
    /home/bgk/www/bgkqqw.com/core/config/
    • ls -la /usr/bin/staprun
    Code:
    ls: /usr/bin/staprun: No such file or directory
    • find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null
    Code:
    -rwsr-xr-x 1 root root 34928 Nov  8  2012 /bin/umount
    -rwsr-xr-x 1 root root 24312 Mar 21  2012 /bin/su
    -rwsr-xr-x 1 root root 53836 Nov  8  2012 /bin/mount
    -rwsr-xr-x 1 root root 35832 Sep 26  2009 /bin/ping
    -rwsr-xr-x 1 root root 31244 Sep 26  2009 /bin/ping6
    -rwsr-xr-x 1 root root 12376 Jan  9  2013 /sbin/pam_timestamp_check
    -rwsr-xr-x 1 root root 73112 Oct  2  2013 /sbin/umount.nfs4
    -rwsr-xr-x 1 root root 73112 Oct  2  2013 /sbin/mount.nfs4
    -rwsr-xr-x 1 root root 73112 Oct  2  2013 /sbin/umount.nfs
    -rwsr-xr-x 1 root root 19296 Jan  9  2013 /sbin/unix_chkpwd
    -rwsr-xr-x 1 root root 73108 Oct  2  2013 /sbin/mount.nfs
    find: /etc/cron.d: Permission denied
    
    далее все файлы с ошибкой Permission denied
    

    Встроенный gcc не позволяет ничего компилить, выдает ошибку collect2: cannot find 'ld', поэтому компилю все на локалке, с ядром
    Linux localhost.localdomain 2.6.18-371.el5 #1 SMP Tue Oct 1 08:37:57 EDT 2013 i686 i686 i386 GNU/Linux


    Все запускается, но не РУТается. Скажем, "CVE-2013-2094 Linux 2.6.32/2.6.37 - 3.8.10 PERF_EVENTS local root x86_64 (и x86) , который из-под веб-шелла." дал в результате sheep: Assertion `!close(fd)' failed.

    Все запускаю из-под шелла.
     
    #578 foma9999, 20 Apr 2015
    Last edited: 20 Apr 2015
  19. KIR@PRO

    [email protected] Active Member

    Joined:
    26 Dec 2007
    Messages:
    824
    Likes Received:
    289
    Reputations:
    352
    А как вы собираетесь понять, что повысили привилегии, если у вас нет стабильной сессии? Сделайте backconnect и с него дальше пробуйте.
    Я не говорю, что из-за этого все ваши проблемы, просто повышение привилегий производится из под шелла, когда используется подготовленный код для выполнения с повышенными правами, но большинство эксплоитов попросту повышают права для процесса из под которого они были запущены (в вашем случае это процесс (один из) веб-сервера, который после вывода данных в браузер, завершится и толку от повышения прав нет, а при постоянном коннекте все ваши последующие команды будут выполняться с повышенными привилегиями (при успешном повышении прав соответственно xD )).


    p.s. ваш пост - эталон оформления!
     
    _________________________
  20. mazaxaka

    mazaxaka Elder - Старейшина

    Joined:
    15 Feb 2008
    Messages:
    424
    Likes Received:
    45
    Reputations:
    0
    залил шелл, изначально група \овнер были 498 ( apache ) Group: 500 ( apache )
    потом залил в доступный для записи файл, созданый нужным мне юзером
    thumbs.php 24.18 KB 2015-04-29 00:49:16 kesdn/kesdn -rw-rw-rw- R T E D

    но все равно при заходе на шел, нужного юзера, в верху мне пишется 498 ( apache ) Group: 500 ( apache )
    как зайти под нужным юзером?
     
Loading...