Повышение прав [задай вопрос - получи ответ]

Discussion in 'Уязвимости' started by Expl0ited, 1 Oct 2011.

  1. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    beginner2010

    Пробуйте это, версия для суидника:
    http://pastebin.com/mvrVAtJw
     
    1 person likes this.
  2. PoliGroS

    PoliGroS Member

    Joined:
    29 Mar 2012
    Messages:
    79
    Likes Received:
    8
    Reputations:
    0
    $ uname -a

    linux mail.xxxxxxx.xx 2.6.32-279.11.1.el6.x86_64 #1 SMP Tue Oct 16 11:16:02 CDT 2012 x86_64 x86_64 x86_64 GNU/Linux

    $ mount
    /dev/mapper/vg_noc-LogVol00 on / type ext4 (rw)
    proc on /proc type proc (rw)
    sysfs on /sys type sysfs (rw)
    devpts on /dev/pts type devpts (rw,gid=5,mode=620)
    tmpfs on /dev/shm type tmpfs (rw)
    /dev/sda1 on /boot type ext4 (rw)
    none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
    sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
    nfsd on /proc/fs/nfsd type nfsd (rw)
    /etc/named on /var/named/chroot/etc/named type none (rw,bind)
    /var/named on /var/named/chroot/var/named type none (rw,bind)
    /etc/rndc.conf on /var/named/chroot/etc/rndc.conf type none (rw,bind)
    /usr/lib64/bind on /var/named/chroot/usr/lib64/bind type none (rw,bind)
    /etc/named.iscdlv.key on /var/named/chroot/etc/named.iscdlv.key type none (rw,bind)
    /etc/named.root.key on /var/named/chroot/etc/named.root.key type none (rw,bind)


    $ cat /proc/version
    Linux version 2.6.32-279.11.1.el6.x86_64 (mockbuild@sl6.fnal.gov) (gcc version 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) ) #1 SMP Tue Oct 16 11:16:02 CDT 2012

    $ ls -la /boot
    total 61696
    dr-xr-xr-x. 5 root root 4096 Oct 18 2012 .
    dr-xr-xr-x. 24 root root 4096 May 15 10:14 ..
    -rw-r--r-- 1 root root 170 Mar 7 2012 .vmlinuz-2.6.32-220.7.1.el6.x86_64.hmac
    -rw-r--r-- 1 root root 171 Oct 16 2012 .vmlinuz-2.6.32-279.11.1.el6.x86_64.hmac
    -rw-r--r-- 1 root root 170 Aug 15 2012 .vmlinuz-2.6.32-279.5.1.el6.x86_64.hmac
    -rw-r--r-- 1 root root 2313972 Mar 7 2012 System.map-2.6.32-220.7.1.el6.x86_64
    -rw-r--r-- 1 root root 2342243 Oct 16 2012 System.map-2.6.32-279.11.1.el6.x86_64
    -rw-r--r-- 1 root root 2341894 Aug 15 2012 System.map-2.6.32-279.5.1.el6.x86_64
    -rw-r--r-- 1 root root 100947 Mar 7 2012 config-2.6.32-220.7.1.el6.x86_64
    -rw-r--r-- 1 root root 101977 Oct 16 2012 config-2.6.32-279.11.1.el6.x86_64
    -rw-r--r-- 1 root root 101976 Aug 15 2012 config-2.6.32-279.5.1.el6.x86_64
    drwxr-xr-x. 3 root root 4096 Nov 11 2011 efi
    drwxr-xr-x. 2 root root 4096 Oct 18 2012 grub
    -rw-r--r-- 1 root root 13966167 Mar 12 2012 initramfs-2.6.32-220.7.1.el6.x86_64.img
    -rw-r--r-- 1 root root 15189592 Oct 18 2012 initramfs-2.6.32-279.11.1.el6.x86_64.img
    -rw-r--r-- 1 root root 14207596 Sep 14 2012 initramfs-2.6.32-279.5.1.el6.x86_64.img
    drwx------. 2 root root 16384 Nov 11 2011 lost+found
    -rw-r--r-- 1 root root 171216 Mar 7 2012 symvers-2.6.32-220.7.1.el6.x86_64.gz
    -rw-r--r-- 1 root root 179202 Oct 16 2012 symvers-2.6.32-279.11.1.el6.x86_64.gz
    -rw-r--r-- 1 root root 179204 Aug 15 2012 symvers-2.6.32-279.5.1.el6.x86_64.gz
    -rwxr-xr-x 1 root root 3941456 Mar 7 2012 vmlinuz-2.6.32-220.7.1.el6.x86_64
    -rwxr-xr-x 1 root root 3988240 Oct 16 2012 vmlinuz-2.6.32-279.11.1.el6.x86_64
    -rwxr-xr-x 1 root root 3987376 Aug 15 2012 vmlinuz-2.6.32-279.5.1.el6.x86_64

    $ df -h
    Filesystem Size Used Avail Use% Mounted on
    /dev/mapper/vg_noc-LogVol00
    729G 647G 45G 94% /
    tmpfs 2.9G 0 2.9G 0% /dev/shm
    /dev/sda1 1012M 95M 866M 10% /boot

    $ cat /etc/crontab
    SHELL=/bin/bash
    PATH=/sbin:/bin:/usr/sbin:/usr/bin
    MAILTO=root
    HOME=/

    $ cat /proc/sys/vm/mmap_min_addr
    4096

    $ pwd
    /var/www/data/xxxxxx.ru/tmp/

    $ ls -la /usr/bin/staprun
    ---s--x--- 1 root stapusr 158488 Jun 20 2012 /usr/bin/staprun
     
    #542 PoliGroS, 11 Oct 2014
    Last edited: 11 Oct 2014
  3. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    CVE-2013-2094
     
  4. PoliGroS

    PoliGroS Member

    Joined:
    29 Mar 2012
    Messages:
    79
    Likes Received:
    8
    Reputations:
    0
    not work/ no root
     
  5. OxoTnik

    OxoTnik На мышей

    Joined:
    10 Jun 2011
    Messages:
    980
    Likes Received:
    525
    Reputations:
    173
    Code:
    [B]
    $ uname -a[/B]
    Linux hinks.ru 2.6.32-279.19.1.el6.x86_64 #1 SMP Wed Dec 19 07:05:20 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
    [B]$ ls -la /boot[/B]
    total 19936
    dr-xr-xr-x  5 root root     1024 Jan 17  2013 .
    drwxr-xr-x 26 root root     4096 Aug  3 16:39 ..
    -rw-r--r--  1 root root      171 Dec 19  2012 .vmlinuz-2.6.32-279.19.1.el6.x86_64.hmac
    -rw-r--r--  1 root root  2341554 Dec 19  2012 System.map-2.6.32-279.19.1.el6.x86_64
    lrwxrwxrwx  1 root root        1 Jan 17  2013 boot -> .
    -rw-r--r--  1 root root   101977 Dec 19  2012 config-2.6.32-279.19.1.el6.x86_64
    drwxr-xr-x  3 root root     1024 Jul 11  2011 efi
    drwxr-xr-x  2 root root     1024 Jan 17  2013 grub
    -rw-r--r--  1 root root 13742636 Jan 17  2013 initramfs-2.6.32-279.19.1.el6.x86_64.img
    drwx------  2 root root    12288 Jul 11  2011 lost+found
    -rw-r--r--  1 root root   179242 Dec 19  2012 symvers-2.6.32-279.19.1.el6.x86_64.gz
    -rwxr-xr-x  1 root root  3941776 Dec 19  2012 vmlinuz-2.6.32-279.19.1.el6.x86_64
    [B]$ ls -la --full-time /lib/lib*[/B]
    
    [B]$ mount[/B]
    /dev/mapper/vg-root on / type ext4 (rw)
    proc on /proc type proc (rw)
    none on /dev/pts type devpts (rw,gid=5,mode=620)
    /dev/md0 on /boot type ext2 (rw)
    /dev/mapper/vg-mysql on /var/lib/mysql type ext4 (rw)
    /dev/mapper/vg-log on /var/log type ext4 (rw)
    /dev/mapper/vg-www on /www type ext4 (rw)
    /dev/sdc on /mnt/flash type xfs (rw)
    none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
    [B]$ df -h[/B]
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/mapper/vg-root    10G  2.3G  7.3G  24% /
    /dev/md0              496M   23M  449M   5% /boot
    /dev/mapper/vg-mysql   50G  1.1G   47G   3% /var/lib/mysql
    /dev/mapper/vg-log     50G  2.7G   45G   6% /var/log
    /dev/mapper/vg-www     50G   13G   35G  27% /www
    /dev/sdc               15G   33M   15G   1% /mnt/flash
    [B]$ cat /etc/issue[/B]
    CentOS release 6.3 (Final)
    Kernel \r on an \m
    [B]
    $ cat /etc/crontab[/B]
    SHELL=/bin/bash
    PATH=/sbin:/bin:/usr/sbin:/usr/bin
    MAILTO=root
    HOME=/
    
    # For details see man 4 crontabs
    
    # Example of job definition:
    # .---------------- minute (0 - 59)
    # |  .------------- hour (0 - 23)
    # |  |  .---------- day of month (1 - 31)
    # |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
    # |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
    # |  |  |  |  |
    # *  *  *  *  * user-name command to be executed
    
    [B]$ cat /proc/version[/B]
    Linux version 2.6.32-279.19.1.el6.x86_64 (mockbuild@c6b8.bsys.dev.centos.org) (gcc version 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) ) #1 SMP Wed Dec 19 07:05:20 UTC 2012
    [B]$ cat /proc/sys/vm/mmap_min_addr[/B]
    4096
    [B]$ pwd[/B]
    /www/user1/video.com/img_lib/ufo/science
    [B]$ ls -la /usr/bin/staprun[/B]
    
     
  6. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    Сплойт, что на пост выше, пробовал?

    up

    Посмотрел пост на соседнем форуме. Либы обновлены, с правами все в порядке. Эскалацию провести вряд ли плучится.
     
    #546 YaBtr, 5 Nov 2014
    Last edited: 5 Nov 2014
  7. OxoTnik

    OxoTnik На мышей

    Joined:
    10 Jun 2011
    Messages:
    980
    Likes Received:
    525
    Reputations:
    173
    Да, безрезультатно
     
  8. N@b$ter

    N@b$ter Elder - Старейшина

    Joined:
    6 Oct 2009
    Messages:
    294
    Likes Received:
    71
    Reputations:
    20
    Code:
    uname -a
    Linux xxxx.xxxx.xx 2.6.35.14-106.fc14.i686.PAE #1 SMP Wed Nov 23 13:39:51 UTC 2011 i686 i686 i386 GNU/Linux
    
    ls -la /boot
    dr-xr-xr-x.  5 root root     4096 Jan 17  2013 .
    dr-xr-xr-x. 26 root root     4096 Sep 25 10:30 ..
    -rw-r--r--.  1 root root  1713144 Nov 23  2011 System.map-2.6.35.14-106.fc14.i686.PAE
    -rw-r--r--.  1 root root   115294 Nov 23  2011 config-2.6.35.14-106.fc14.i686.PAE
    drwxr-xr-x.  3 root root     4096 Jan 17  2013 efi
    drwxr-xr-x.  2 root root     4096 Jan 17  2013 grub
    -rw-r--r--.  1 root root 12905836 Jan 17  2013 initramfs-2.6.35.14-106.fc14.i686.PAE.img
    drwx------.  2 root root    16384 Jan 17  2013 lost+found
    -rwxr-xr-x.  1 root root  3770976 Nov 23  2011 vmlinuz-2.6.35.14-106.fc14.i686.PAE
    
    ls -la --full-time /lib/lib*
    -rwxr-xr-x. 1 root root    7220 2011-08-05 14:40:46.000000000 +0300 /lib/libBrokenLocale-2.13.so
    lrwxrwxrwx. 1 root root      23 2013-01-17 03:54:42.300000056 +0300 /lib/libBrokenLocale.so.1 -> libBrokenLocale-2.13.so
    -rwxr-xr-x. 1 root root   16276 2011-08-05 14:40:47.000000000 +0300 /lib/libSegFault.so
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:54:58.275000055 +0300 /lib/libacl.so.1 -> libacl.so.1.1.0
    -rwxr-xr-x. 1 root root   32244 2011-07-08 14:33:21.000000000 +0300 /lib/libacl.so.1.1.0
    lrwxrwxrwx. 1 root root      20 2013-01-17 03:56:41.365000055 +0300 /lib/libaio.so.1 -> /lib/libaio.so.1.0.1
    -rwxr-xr-x. 1 root root    2772 2010-01-19 19:39:05.000000000 +0200 /lib/libaio.so.1.0.0
    -rwxr-xr-x. 1 root root    2772 2010-01-19 19:39:05.000000000 +0200 /lib/libaio.so.1.0.1
    -rwxr-xr-x. 1 root root   13412 2011-08-05 14:40:45.000000000 +0300 /lib/libanl-2.13.so
    lrwxrwxrwx. 1 root root      14 2013-01-17 03:54:42.303000056 +0300 /lib/libanl.so.1 -> libanl-2.13.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:56:01.560000059 +0300 /lib/libasound.so.2 -> libasound.so.2.0.0
    -rwxr-xr-x. 1 root root 1002328 2011-01-28 12:11:13.000000000 +0200 /lib/libasound.so.2.0.0
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:58.150000057 +0300 /lib/libattr.so.1 -> libattr.so.1.1.0
    -rwxr-xr-x. 1 root root   18756 2011-01-05 20:52:22.000000000 +0200 /lib/libattr.so.1.1.0
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:54:49.309000053 +0300 /lib/libaudit.so.1 -> libaudit.so.1.0.0
    -rwxr-xr-x. 1 root root   93256 2011-08-15 21:41:30.000000000 +0300 /lib/libaudit.so.1.0.0
    lrwxrwxrwx. 1 root root      19 2013-01-17 03:54:49.316000059 +0300 /lib/libauparse.so.0 -> libauparse.so.0.0.0
    -rwxr-xr-x. 1 root root   60572 2011-08-15 21:41:30.000000000 +0300 /lib/libauparse.so.0.0.0
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:54:54.774000056 +0300 /lib/libblkid.so.1 -> libblkid.so.1.1.0
    -rwxr-xr-x. 1 root root  141976 2011-01-27 21:46:46.000000000 +0200 /lib/libblkid.so.1.1.0
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:54:47.224000424 +0300 /lib/libbz2.so.1 -> libbz2.so.1.0.6
    -rwxr-xr-x. 1 root root   71980 2010-09-30 08:09:37.000000000 +0300 /lib/libbz2.so.1.0.6
    -rwxr-xr-x. 1 root root 1847224 2011-08-05 14:40:47.000000000 +0300 /lib/libc-2.13.so
    lrwxrwxrwx. 1 root root      12 2013-01-17 03:54:42.441000056 +0300 /lib/libc.so.6 -> libc-2.13.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:58.951000061 +0300 /lib/libcap-ng.so.0 -> libcap-ng.so.0.0.0
    -rwxr-xr-x. 1 root root   19468 2010-11-03 20:10:27.000000000 +0200 /lib/libcap-ng.so.0.0.0
    lrwxrwxrwx. 1 root root      14 2013-01-17 03:54:58.211000051 +0300 /lib/libcap.so.2 -> libcap.so.2.22
    -rwxr-xr-x. 1 root root   14396 2011-07-27 16:22:48.000000000 +0300 /lib/libcap.so.2.22
    lrwxrwxrwx. 1 root root      19 2013-01-17 04:01:30.139000056 +0300 /lib/libcgroup.so.1 -> libcgroup.so.1.0.36
    -rwxr-xr-x. 1 root root   66016 2011-05-26 17:02:35.000000000 +0300 /lib/libcgroup.so.1.0.36
    -rwxr-xr-x. 1 root root  207384 2011-08-05 14:40:45.000000000 +0300 /lib/libcidn-2.13.so
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:54:42.454000056 +0300 /lib/libcidn.so.1 -> libcidn-2.13.so
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:54:46.902000059 +0300 /lib/libcom_err.so.2 -> libcom_err.so.2.1
    -rwxr-xr-x. 1 root root   12032 2010-12-08 00:47:21.000000000 +0200 /lib/libcom_err.so.2.1
    -rwxr-xr-x. 1 root root   36132 2011-08-05 14:40:48.000000000 +0300 /lib/libcrypt-2.13.so
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:42.457000056 +0300 /lib/libcrypt.so.1 -> libcrypt-2.13.so
    -rwxr-xr-x. 1 root root 1609004 2011-09-07 22:02:30.000000000 +0300 /lib/libcrypto.so.1.0.0e
    lrwxrwxrwx. 1 root root      19 2013-01-17 03:55:54.206000056 +0300 /lib/libcrypto.so.10 -> libcrypto.so.1.0.0e
    lrwxrwxrwx. 1 root root      22 2013-01-17 04:01:17.627999954 +0300 /lib/libcryptsetup.so.1 -> libcryptsetup.so.1.0.0
    -rwxr-xr-x. 1 root root   94252 2010-07-03 17:35:09.000000000 +0300 /lib/libcryptsetup.so.1.0.0
    -rwxr-xr-x. 1 root root 1528812 2010-08-26 20:33:49.000000000 +0300 /lib/libdb-4.7.so
    -rwxr-xr-x. 1 root root 1577412 2010-07-08 09:58:40.000000000 +0300 /lib/libdb-4.8.so
    -rwxr-xr-x. 1 root root 1590068 2010-07-07 10:58:12.000000000 +0300 /lib/libdb-5.0.so
    -rwxr-xr-x. 1 root root 1644632 2010-08-26 20:33:47.000000000 +0300 /lib/libdb_cxx-4.7.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:58:46.722000059 +0300 /lib/libdbus-1.so -> libdbus-1.so.3.5.2
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:45.919000056 +0300 /lib/libdbus-1.so.3 -> libdbus-1.so.3.5.2
    -rwxr-xr-x. 1 root root  302820 2011-07-28 21:52:08.000000000 +0300 /lib/libdbus-1.so.3.5.2
    -rwxr-xr-x. 1 root root    5276 2011-05-06 17:32:54.000000000 +0300 /lib/libdevmapper-event-lvm2.so.2.02
    lrwxrwxrwx. 1 root root      46 2013-01-17 04:00:17.680000059 +0300 /lib/libdevmapper-event-lvm2mirror.so -> device-mapper/libdevmapper-event-lvm2mirror.so
    lrwxrwxrwx. 1 root root      48 2013-01-17 04:00:17.681000059 +0300 /lib/libdevmapper-event-lvm2snapshot.so -> device-mapper/libdevmapper-event-lvm2snapshot.so
    -rwxr-xr-x. 1 root root   19924 2011-05-06 17:32:55.000000000 +0300 /lib/libdevmapper-event.so.1.02
    -rwxr-xr-x. 1 root root  169636 2011-05-06 17:32:55.000000000 +0300 /lib/libdevmapper.so.1.02
    -rwxr-xr-x. 1 root root   19776 2011-08-05 14:40:45.000000000 +0300 /lib/libdl-2.13.so
    lrwxrwxrwx. 1 root root      13 2013-01-17 03:54:42.459000056 +0300 /lib/libdl.so.2 -> libdl-2.13.so
    lrwxrwxrwx. 1 root root      34 2013-01-17 04:00:49.632001137 +0300 /lib/libdmraid-events-isw.so -> libdmraid-events-isw.so.1.0.0.rc16
    lrwxrwxrwx. 1 root root      34 2013-01-17 04:00:49.633001117 +0300 /lib/libdmraid-events-isw.so.1 -> libdmraid-events-isw.so.1.0.0.rc16
    -rwxr-xr-x. 1 root root   20632 2010-01-21 18:51:41.000000000 +0200 /lib/libdmraid-events-isw.so.1.0.0.rc16
    lrwxrwxrwx. 1 root root      23 2013-01-17 04:00:49.635001011 +0300 /lib/libdmraid.so -> libdmraid.so.1.0.0.rc16
    lrwxrwxrwx. 1 root root      23 2013-01-17 04:00:49.635001011 +0300 /lib/libdmraid.so.1 -> libdmraid.so.1.0.0.rc16
    -rwxr-xr-x. 1 root root  233292 2010-01-21 18:51:41.000000000 +0200 /lib/libdmraid.so.1.0.0.rc16
    lrwxrwxrwx. 1 root root      13 2013-01-17 03:55:02.804000068 +0300 /lib/libe2p.so.2 -> libe2p.so.2.3
    -rwxr-xr-x. 1 root root   25440 2010-12-08 00:47:20.000000000 +0200 /lib/libe2p.so.2.3
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:54:47.975999575 +0300 /lib/libexpat.so.1 -> libexpat.so.1.5.2
    -rwxr-xr-x. 1 root root  161872 2010-02-08 23:21:18.000000000 +0200 /lib/libexpat.so.1.5.2
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:55:02.806000068 +0300 /lib/libext2fs.so.2 -> libext2fs.so.2.4
    -rwxr-xr-x. 1 root root  202280 2010-12-08 00:47:21.000000000 +0200 /lib/libext2fs.so.2.4
    -rw-r--r--. 1 root root     478 2011-10-13 01:41:39.000000000 +0300 /lib/libfreebl3.chk
    -rwxr-xr-x. 1 root root  299664 2011-10-13 01:41:39.000000000 +0300 /lib/libfreebl3.so
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:55:32.302000059 +0300 /lib/libfuse.so.2 -> libfuse.so.2.8.5
    -rwxr-xr-x. 1 root root  186736 2011-03-03 11:43:55.000000000 +0200 /lib/libfuse.so.2.8.5
    -rwxr-xr-x. 1 root root  114320 2010-09-24 23:09:40.000000000 +0300 /lib/libgcc_s-4.5.1-20100924.so.1
    lrwxrwxrwx. 1 root root      28 2013-01-17 03:54:29.346000072 +0300 /lib/libgcc_s.so.1 -> libgcc_s-4.5.1-20100924.so.1
    lrwxrwxrwx. 1 root root      19 2013-01-17 03:54:50.893000067 +0300 /lib/libgcrypt.so.11 -> libgcrypt.so.11.5.3
    -rwxr-xr-x. 1 root root  505040 2010-02-14 22:35:19.000000000 +0200 /lib/libgcrypt.so.11.5.3
    lrwxrwxrwx. 1 root root      22 2013-01-17 03:54:52.025000056 +0300 /lib/libgio-2.0.so.0 -> libgio-2.0.so.0.2600.0
    -rwxr-xr-x. 1 root root 1154820 2010-09-30 22:03:12.000000000 +0300 /lib/libgio-2.0.so.0.2600.0
    lrwxrwxrwx. 1 root root      23 2013-01-17 03:54:52.106000058 +0300 /lib/libglib-2.0.so.0 -> libglib-2.0.so.0.2600.0
    -rwxr-xr-x. 1 root root 1106516 2010-09-30 22:03:11.000000000 +0300 /lib/libglib-2.0.so.0.2600.0
    lrwxrwxrwx. 1 root root      26 2013-01-17 03:54:52.186000058 +0300 /lib/libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.2600.0
    -rwxr-xr-x. 1 root root   11968 2010-09-30 22:03:11.000000000 +0300 /lib/libgmodule-2.0.so.0.2600.0
    lrwxrwxrwx. 1 root root      26 2013-01-17 03:54:52.188000059 +0300 /lib/libgobject-2.0.so.0 -> libgobject-2.0.so.0.2600.0
    -rwxr-xr-x. 1 root root  321792 2010-09-30 22:03:12.000000000 +0300 /lib/libgobject-2.0.so.0.2600.0
    lrwxrwxrwx. 1 root root      21 2013-01-17 03:54:50.773000083 +0300 /lib/libgpg-error.so.0 -> libgpg-error.so.0.7.0
    -rwxr-xr-x. 1 root root   13828 2010-08-10 22:17:01.000000000 +0300 /lib/libgpg-error.so.0.7.0
    lrwxrwxrwx. 1 root root      21 2013-01-17 03:54:56.611000058 +0300 /lib/libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2
    -rwxr-xr-x. 1 root root  227872 2011-10-18 21:33:27.000000000 +0300 /lib/libgssapi_krb5.so.2.2
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:56.630000059 +0300 /lib/libgssrpc.so.4 -> libgssrpc.so.4.1
    -rwxr-xr-x. 1 root root  122036 2011-10-18 21:33:27.000000000 +0300 /lib/libgssrpc.so.4.1
    lrwxrwxrwx. 1 root root      26 2013-01-17 03:54:52.210000058 +0300 /lib/libgthread-2.0.so.0 -> libgthread-2.0.so.0.2600.0
    -rwxr-xr-x. 1 root root   17140 2010-09-30 22:03:12.000000000 +0300 /lib/libgthread-2.0.so.0.2600.0
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:55:43.628000044 +0300 /lib/libhandle.so.1 -> libhandle.so.1.0.3
    -rwxr-xr-x. 1 root root   11328 2010-05-08 01:13:56.000000000 +0300 /lib/libhandle.so.1.0.3
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:57.485999985 +0300 /lib/libidn.so.11 -> libidn.so.11.6.1
    -rwxr-xr-x. 1 root root  203300 2010-03-29 11:40:41.000000000 +0300 /lib/libidn.so.11.6.1
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:55:15.055000056 +0300 /lib/libip4tc.so.0 -> libip4tc.so.0.0.0
    -rwxr-xr-x. 1 root root   25652 2010-08-04 17:57:44.000000000 +0300 /lib/libip4tc.so.0.0.0
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:55:15.058000059 +0300 /lib/libip6tc.so.0 -> libip6tc.so.0.0.0
    -rwxr-xr-x. 1 root root   26600 2010-08-04 17:57:38.000000000 +0300 /lib/libip6tc.so.0.0.0
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:55:15.060000057 +0300 /lib/libipq.so.0 -> libipq.so.0.0.0
    -rwxr-xr-x. 1 root root    7304 2010-08-04 17:57:38.000000000 +0300 /lib/libipq.so.0.0.0
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:55:15.061000055 +0300 /lib/libiptc.so.0 -> libiptc.so.0.0.0
    -rwxr-xr-x. 1 root root    2564 2010-08-04 17:57:44.000000000 +0300 /lib/libiptc.so.0.0.0
    -rwxr-xr-x. 1 root root   32428 2009-09-01 22:21:11.000000000 +0300 /lib/libiw.so.29
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:56.640000059 +0300 /lib/libk5crypto.so.3 -> libk5crypto.so.3.1
    -rwxr-xr-x. 1 root root  161280 2011-10-18 21:33:27.000000000 +0300 /lib/libk5crypto.so.3.1
    -rwxr-xr-x. 1 root root    8224 2009-07-26 19:29:04.000000000 +0300 /lib/libkeyutils-1.2.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:56.461000083 +0300 /lib/libkeyutils.so.1 -> libkeyutils-1.2.so
    lrwxrwxrwx. 1 root root      14 2013-01-17 03:54:56.653000054 +0300 /lib/libkrb5.so.3 -> libkrb5.so.3.3
    -rwxr-xr-x. 1 root root  858028 2011-10-18 21:33:27.000000000 +0300 /lib/libkrb5.so.3.3
    lrwxrwxrwx. 1 root root      21 2013-01-17 03:54:56.714000057 +0300 /lib/libkrb5support.so.0 -> libkrb5support.so.0.1
    -rwxr-xr-x. 1 root root   38760 2011-10-18 21:33:27.000000000 +0300 /lib/libkrb5support.so.0.1
    -rwxr-xr-x. 1 root root  622836 2011-05-06 17:32:54.000000000 +0300 /lib/liblvm2app.so.2.2
    -rwxr-xr-x. 1 root root  861348 2011-05-06 17:32:55.000000000 +0300 /lib/liblvm2cmd.so.2.02
    -rwxr-xr-x. 1 root root  202132 2011-08-05 14:40:45.000000000 +0300 /lib/libm-2.13.so
    lrwxrwxrwx. 1 root root      12 2013-01-17 03:54:42.474000056 +0300 /lib/libm.so.6 -> libm-2.13.so
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:55:43.305000059 +0300 /lib/libmount.so.1 -> libmount.so.1.1.0
    -rwxr-xr-x. 1 root root   69868 2011-01-27 21:46:46.000000000 +0200 /lib/libmount.so.1.1.0
    -rwxr-xr-x. 1 root root  231336 2010-02-17 01:35:57.000000000 +0200 /lib/libmultipath.so
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:54:43.537000058 +0300 /lib/libncurses.so.5 -> libncurses.so.5.7
    -rwxr-xr-x. 1 root root  147496 2010-12-13 19:09:19.000000000 +0200 /lib/libncurses.so.5.7
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:43.550000059 +0300 /lib/libncursesw.so.5 -> libncursesw.so.5.7
    -rwxr-xr-x. 1 root root  202428 2010-12-13 19:09:19.000000000 +0200 /lib/libncursesw.so.5.7
    lrwxrwxrwx. 1 root root      20 2013-01-17 03:55:50.606000051 +0300 /lib/libnih-dbus.so.1 -> libnih-dbus.so.1.0.0
    -rwxr-xr-x. 1 root root   36932 2010-06-25 02:06:29.000000000 +0300 /lib/libnih-dbus.so.1.0.0
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:55:50.610000062 +0300 /lib/libnih.so.1 -> libnih.so.1.0.0
    -rwxr-xr-x. 1 root root   99564 2010-06-25 02:06:29.000000000 +0300 /lib/libnih.so.1.0.0
    lrwxrwxrwx. 1 root root      12 2013-01-17 03:55:01.120000061 +0300 /lib/libnl.so.1 -> libnl.so.1.1
    -rwxr-xr-x. 1 root root  338408 2011-03-21 21:52:43.000000000 +0200 /lib/libnl.so.1.1
    -rwxr-xr-x. 1 root root  115484 2011-08-05 14:40:48.000000000 +0300 /lib/libnsl-2.13.so
    lrwxrwxrwx. 1 root root      14 2013-01-17 03:54:42.482000056 +0300 /lib/libnsl.so.1 -> libnsl-2.13.so
    -rwxr-xr-x. 1 root root  240412 2011-05-11 18:01:04.000000000 +0300 /lib/libnspr4.so
    -rwxr-xr-x. 1 root root   39888 2011-08-05 14:40:47.000000000 +0300 /lib/libnss_compat-2.13.so
    lrwxrwxrwx. 1 root root      21 2013-01-17 03:54:42.485000056 +0300 /lib/libnss_compat.so.2 -> libnss_compat-2.13.so
    -rwxr-xr-x. 1 root root  835604 2011-05-18 21:43:53.000000000 +0300 /lib/libnss_db-2.2.3.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:58:23.727000056 +0300 /lib/libnss_db.so.2 -> libnss_db-2.2.3.so
    -rwxr-xr-x. 1 root root   33992 2011-08-05 14:40:45.000000000 +0300 /lib/libnss_dns-2.13.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:42.488000056 +0300 /lib/libnss_dns.so.2 -> libnss_dns-2.13.so
    -rwxr-xr-x. 1 root root   54380 2011-08-05 14:40:46.000000000 +0300 /lib/libnss_files-2.13.so
    lrwxrwxrwx. 1 root root      20 2013-01-17 03:54:42.492000056 +0300 /lib/libnss_files.so.2 -> libnss_files-2.13.so
    -rwxr-xr-x. 1 root root   22144 2011-08-05 14:40:47.000000000 +0300 /lib/libnss_hesiod-2.13.so
    lrwxrwxrwx. 1 root root      21 2013-01-17 03:54:42.494000056 +0300 /lib/libnss_hesiod.so.2 -> libnss_hesiod-2.13.so
    -rwxr-xr-x. 1 root root   49660 2011-08-05 14:40:47.000000000 +0300 /lib/libnss_nis-2.13.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:42.498000056 +0300 /lib/libnss_nis.so.2 -> libnss_nis-2.13.so
    -rwxr-xr-x. 1 root root   58616 2011-08-05 14:40:45.000000000 +0300 /lib/libnss_nisplus-2.13.so
    lrwxrwxrwx. 1 root root      22 2013-01-17 03:54:42.502000056 +0300 /lib/libnss_nisplus.so.2 -> libnss_nisplus-2.13.so
    -rwxr-xr-x. 1 root root   18188 2011-08-05 17:36:52.000000000 +0300 /lib/libnss_sss.so.2
    -rwxr-xr-x. 1 root root   26396 2011-08-04 13:51:47.000000000 +0300 /lib/libnss_winbind.so.2
    -rwxr-xr-x. 1 root root 3349604 2011-08-04 13:51:47.000000000 +0300 /lib/libnss_wins.so.2
    lrwxrwxrwx. 1 root root      20 2013-01-17 03:56:33.619000057 +0300 /lib/libntfs-3g.so.81 -> libntfs-3g.so.81.0.0
    -rwxr-xr-x. 1 root root  411472 2011-09-12 20:33:10.000000000 +0300 /lib/libntfs-3g.so.81.0.0
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:59:49.603000057 +0300 /lib/libpam.so.0 -> libpam.so.0.82.2
    -rwxr-xr-x. 1 root root   51544 2010-11-02 14:31:40.000000000 +0200 /lib/libpam.so.0.82.2
    lrwxrwxrwx. 1 root root      21 2013-01-17 03:59:49.608000058 +0300 /lib/libpam_misc.so.0 -> libpam_misc.so.0.82.0
    -rwxr-xr-x. 1 root root   10820 2010-11-02 14:31:40.000000000 +0200 /lib/libpam_misc.so.0.82.0
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:59:49.609000059 +0300 /lib/libpamc.so.0 -> libpamc.so.0.82.1
    -rwxr-xr-x. 1 root root   10324 2010-11-02 14:31:40.000000000 +0200 /lib/libpamc.so.0.82.1
    lrwxrwxrwx. 1 root root      18 2013-01-17 04:01:17.254000058 +0300 /lib/libparted.so.0 -> libparted.so.0.0.1
    -rwxr-xr-x. 1 root root  484700 2011-10-15 01:56:22.000000000 +0300 /lib/libparted.so.0.0.1
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:55:15.932000064 +0300 /lib/libpci.so.3 -> libpci.so.3.1.7
    -rwxr-xr-x. 1 root root   48996 2011-01-18 16:34:46.000000000 +0200 /lib/libpci.so.3.1.7
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:54.464000067 +0300 /lib/libpcre.so.0 -> libpcre.so.0.0.1
    -rwxr-xr-x. 1 root root  233144 2011-05-09 16:03:30.000000000 +0300 /lib/libpcre.so.0.0.1
    -rwxr-xr-x. 1 root root   16676 2011-05-11 18:01:04.000000000 +0300 /lib/libplc4.so
    -rwxr-xr-x. 1 root root   12196 2011-05-11 18:01:04.000000000 +0300 /lib/libplds4.so
    lrwxrwxrwx. 1 root root      27 2013-01-17 03:55:17.161000062 +0300 /lib/libply-splash-core.so.2 -> libply-splash-core.so.2.0.0
    -rwxr-xr-x. 1 root root   72356 2010-12-07 19:50:20.000000000 +0200 /lib/libply-splash-core.so.2.0.0
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:55:17.167000058 +0300 /lib/libply.so.2 -> libply.so.2.0.0
    -rwxr-xr-x. 1 root root   89896 2010-12-07 19:50:21.000000000 +0200 /lib/libply.so.2.0.0
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:47.451999867 +0300 /lib/libpopt.so.0 -> libpopt.so.0.0.0
    -rwxr-xr-x. 1 root root   35128 2010-03-28 18:52:06.000000000 +0300 /lib/libpopt.so.0.0.0
    -rwxr-xr-x. 1 root root   58104 2011-01-18 16:39:19.000000000 +0200 /lib/libproc-3.2.8.so
    -rwxr-xr-x. 1 root root  133344 2011-08-05 14:40:45.000000000 +0300 /lib/libpthread-2.13.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:42.511000056 +0300 /lib/libpthread.so.0 -> libpthread-2.13.so
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:56:31.834000138 +0300 /lib/libreadline.so.5 -> libreadline.so.5.2
    -rwxr-xr-x. 1 root root  225284 2009-07-25 06:41:35.000000000 +0300 /lib/libreadline.so.5.2
    lrwxrwxrwx. 1 root root      18 2013-01-17 03:54:48.843000226 +0300 /lib/libreadline.so.6 -> libreadline.so.6.1
    -rwxr-xr-x. 1 root root  239360 2010-02-17 22:22:15.000000000 +0200 /lib/libreadline.so.6.1
    -rwxr-xr-x. 1 root root  105200 2011-08-05 14:40:47.000000000 +0300 /lib/libresolv-2.13.so
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:54:42.520000056 +0300 /lib/libresolv.so.2 -> libresolv-2.13.so
    -rwxr-xr-x. 1 root root   41700 2011-08-05 14:40:45.000000000 +0300 /lib/librt-2.13.so
    lrwxrwxrwx. 1 root root      13 2013-01-17 03:54:42.523000056 +0300 /lib/librt.so.1 -> librt-2.13.so
    -rwxr-xr-x. 1 root root  122424 2010-09-30 09:04:12.000000000 +0300 /lib/libselinux.so.1
    -rwxr-xr-x. 1 root root  245836 2010-06-17 10:42:28.000000000 +0300 /lib/libsepol.so.1
    lrwxrwxrwx. 1 root root      12 2013-01-17 03:55:27.834000046 +0300 /lib/libss.so.2 -> libss.so.2.0
    -rwxr-xr-x. 1 root root   21740 2010-12-08 00:47:20.000000000 +0200 /lib/libss.so.2.0
    lrwxrwxrwx. 1 root root      17 2013-01-17 03:56:36.694000079 +0300 /lib/libsysfs.so.2 -> libsysfs.so.2.0.1
    -rwxr-xr-x. 1 root root   47376 2010-06-18 12:00:09.000000000 +0300 /lib/libsysfs.so.2.0.1
    -rwxr-xr-x. 1 root root   31648 2011-08-05 14:40:49.000000000 +0300 /lib/libthread_db-1.0.so
    lrwxrwxrwx. 1 root root      19 2013-01-17 03:54:42.525000056 +0300 /lib/libthread_db.so.1 -> libthread_db-1.0.so
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:54:43.563000055 +0300 /lib/libtinfo.so.5 -> libtinfo.so.5.7
    -rwxr-xr-x. 1 root root  125880 2010-12-13 19:09:19.000000000 +0200 /lib/libtinfo.so.5.7
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:51.021000156 +0300 /lib/libudev.so.0 -> libudev.so.0.9.1
    -rwxr-xr-x. 1 root root   59372 2011-08-29 17:31:15.000000000 +0300 /lib/libudev.so.0.9.1
    lrwxrwxrwx. 1 root root      20 2013-01-17 03:55:32.316000055 +0300 /lib/libulockmgr.so.1 -> libulockmgr.so.1.0.1
    -rwxr-xr-x. 1 root root    8416 2011-03-03 11:43:55.000000000 +0200 /lib/libulockmgr.so.1.0.1
    -rwxr-xr-x. 1 root root   14608 2011-08-05 14:40:46.000000000 +0300 /lib/libutil-2.13.so
    lrwxrwxrwx. 1 root root      15 2013-01-17 03:54:42.527000056 +0300 /lib/libutil.so.1 -> libutil-2.13.so
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:49.491000059 +0300 /lib/libuuid.so.1 -> libuuid.so.1.3.0
    -rwxr-xr-x. 1 root root   16684 2011-01-27 21:46:47.000000000 +0200 /lib/libuuid.so.1.3.0
    lrwxrwxrwx. 1 root root      16 2013-01-17 03:54:49.394000074 +0300 /lib/libwrap.so.0 -> libwrap.so.0.7.6
    -rwxr-xr-x. 1 root root   37080 2010-06-16 15:57:00.000000000 +0300 /lib/libwrap.so.0.7.6
    lrwxrwxrwx. 1 root root      19 2013-01-17 03:55:15.062000055 +0300 /lib/libxtables.so.5 -> libxtables.so.5.0.0
    -rwxr-xr-x. 1 root root   29528 2010-08-04 17:57:45.000000000 +0300 /lib/libxtables.so.5.0.0
    lrwxrwxrwx. 1 root root      13 2013-01-17 03:54:45.653000007 +0300 /lib/libz.so.1 -> libz.so.1.2.5
    -rwxr-xr-x. 1 root root   84848 2010-06-17 09:42:02.000000000 +0300 /lib/libz.so.1.2.5
    
    mount
    /dev/sda3 on / type ext4 (rw)
    proc on /proc type proc (rw)
    sysfs on /sys type sysfs (rw)
    devpts on /dev/pts type devpts (rw,gid=5,mode=620)
    tmpfs on /dev/shm type tmpfs (rw)
    /dev/sda2 on /BACKUP type ext4 (rw)
    /dev/sda1 on /boot type ext4 (rw)
    /dev/sda4 on /wwwusers type ext4 (rw)
    /dev/sdb1 on /DB type ext4 (rw)
    none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
    sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
    
    df -h
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/sda3              49G  5.3G   41G  12% /
    tmpfs                 4.0G   88K  4.0G   1% /dev/shm
    /dev/sda2             577G   26G  522G   5% /BACKUP
    /dev/sda1             291M   35M  242M  13% /boot
    /dev/sda4             917G  207G  664G  24% /wwwusers
    /dev/sdb1              60G  2.3G   54G   5% /DB
    
    cat /etc/issue
    Fedora release 14 (Laughlin)
    Kernel \r on an \m (\l)
    
    cat /etc/crontab
    SHELL=/bin/bash
    PATH=/sbin:/bin:/usr/sbin:/usr/bin
    MAILTO=root
    
    # For details see man 4 crontabs
    
    # Example of job definition:
    # .---------------- minute (0 - 59)
    # |  .------------- hour (0 - 23)
    # |  |  .---------- day of month (1 - 31)
    # |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
    # |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
    # |  |  |  |  |
    # *  *  *  *  * user-name  command to be executed
    
    cat /proc/version
    Linux version 2.6.35.14-106.fc14.i686.PAE (mockbuild@x86-01.phx2.fedoraproject.org) (gcc version 4.5.1 20100924 (Red Hat 4.5.1-4) (GCC) ) #1 SMP Wed Nov 23 13:39:51 UTC 2011
    
    cat /proc/sys/vm/mmap_min_addr
    4096
    
    pwd
    /wwwusers/xxxx.xxxx.xx/htdocs/assets/files
    
    ls -la /usr/bin/staprun
    ---s--x---. 1 root stapusr 149456 Aug  3  2011 /usr/bin/staprun
    
     
  9. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    N@b$ter, пробуйте http://www.exploit-db.com/exploits/21323/
     
  10. Br@!ns

    Br@!ns Elder - Старейшина

    Joined:
    3 Sep 2010
    Messages:
    915
    Likes Received:
    120
    Reputations:
    25
    HTML:
    $ uname -a
    Linux hosting3 2.6.32-5-amd64 #1 SMP Fri Sep 9 20:23:16 UTC 2011 x86_64 GNU/Linux
    $ ls -la /boot
    total 13156
    drwxr-xr-x  3 root root    4096 Sep 30  2011 .
    drwxr-xr-x 22 root root    4096 Jul  9 09:50 ..
    -rw-r--r--  1 root root 1662623 Sep 10  2011 System.map-2.6.32-5-amd64
    -rw-r--r--  1 root root  106153 Sep 10  2011 config-2.6.32-5-amd64
    drwxr-xr-x  3 root root    4096 Sep 30  2011 grub
    -rw-r--r--  1 root root 9238156 Sep 30  2011 initrd.img-2.6.32-5-amd64
    -rw-r--r--  1 root root 2419200 Sep 10  2011 vmlinuz-2.6.32-5-amd64
    $ ls -la --full-time /lib/lib*
    -rw-r--r-- 1 root root    6264 2012-02-12 22:12:38.000000000 +0300 /lib/libBrokenLocale-2.11.3.so
    lrwxrwxrwx 1 root root      25 2012-03-15 15:31:59.000000000 +0300 /lib/libBrokenLocale.so.1 -> libBrokenLocale-2.11.3.so
    -rw-r--r-- 1 root root   18680 2012-02-12 22:12:38.000000000 +0300 /lib/libSegFault.so
    lrwxrwxrwx 1 root root      15 2011-09-09 14:41:33.000000000 +0300 /lib/libacl.so.1 -> libacl.so.1.1.0
    -rw-r--r-- 1 root root   30408 2010-09-21 10:38:59.000000000 +0300 /lib/libacl.so.1.1.0
    -rw-r--r-- 1 root root   14920 2012-02-12 22:12:38.000000000 +0300 /lib/libanl-2.11.3.so
    lrwxrwxrwx 1 root root      16 2012-03-15 15:31:59.000000000 +0300 /lib/libanl.so.1 -> libanl-2.11.3.so
    lrwxrwxrwx 1 root root      16 2011-09-09 14:41:33.000000000 +0300 /lib/libattr.so.1 -> libattr.so.1.1.0
    -rw-r--r-- 1 root root   17608 2010-06-08 08:47:32.000000000 +0300 /lib/libattr.so.1.1.0
    lrwxrwxrwx 1 root root      17 2013-02-25 15:50:14.000000000 +0300 /lib/libaudit.so.0 -> libaudit.so.0.0.0
    -rw-r--r-- 1 root root  104808 2010-06-18 17:24:53.000000000 +0300 /lib/libaudit.so.0.0.0
    lrwxrwxrwx 1 root root      19 2013-02-25 15:50:14.000000000 +0300 /lib/libauparse.so.0 -> libauparse.so.0.0.0
    -rw-r--r-- 1 root root   55760 2010-06-18 17:24:53.000000000 +0300 /lib/libauparse.so.0.0.0
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:39.000000000 +0300 /lib/libblkid.so.1 -> libblkid.so.1.1.0
    -rw-r--r-- 1 root root  128256 2011-01-25 22:17:01.000000000 +0300 /lib/libblkid.so.1.1.0
    lrwxrwxrwx 1 root root      15 2011-09-09 14:48:21.000000000 +0300 /lib/libbsd.so.0 -> libbsd.so.0.2.0
    -rw-r--r-- 1 root root   40104 2010-01-11 17:49:56.000000000 +0300 /lib/libbsd.so.0.2.0
    lrwxrwxrwx 1 root root      15 2012-10-18 11:55:31.000000000 +0300 /lib/libbz2.so.1 -> libbz2.so.1.0.4
    lrwxrwxrwx 1 root root      15 2012-10-18 11:55:31.000000000 +0300 /lib/libbz2.so.1.0 -> libbz2.so.1.0.4
    -rw-r--r-- 1 root root   66944 2011-12-26 16:01:14.000000000 +0300 /lib/libbz2.so.1.0.4
    -rwxr-xr-x 1 root root 1437064 2012-02-12 22:12:38.000000000 +0300 /lib/libc-2.11.3.so
    lrwxrwxrwx 1 root root      14 2012-03-15 15:31:59.000000000 +0300 /lib/libc.so.6 -> libc-2.11.3.so
    lrwxrwxrwx 1 root root      14 2011-09-09 14:48:16.000000000 +0300 /lib/libcap.so.2 -> libcap.so.2.19
    -rw-r--r-- 1 root root   16640 2010-08-17 00:17:36.000000000 +0300 /lib/libcap.so.2.19
    -rw-r--r-- 1 root root  190840 2012-02-12 22:12:39.000000000 +0300 /lib/libcidn-2.11.3.so
    lrwxrwxrwx 1 root root      17 2012-03-15 15:31:59.000000000 +0300 /lib/libcidn.so.1 -> libcidn-2.11.3.so
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:39.000000000 +0300 /lib/libcom_err.so.2 -> libcom_err.so.2.1
    -rw-r--r-- 1 root root   12336 2011-06-20 05:54:17.000000000 +0300 /lib/libcom_err.so.2.1
    -rw-r--r-- 1 root root   35104 2012-02-12 22:12:38.000000000 +0300 /lib/libcrypt-2.11.3.so
    lrwxrwxrwx 1 root root      18 2012-03-15 15:31:59.000000000 +0300 /lib/libcrypt.so.1 -> libcrypt-2.11.3.so
    lrwxrwxrwx 1 root root      18 2012-03-15 15:33:52.000000000 +0300 /lib/libdbus-1.so.3 -> libdbus-1.so.3.4.0
    -rw-r--r-- 1 root root  261656 2011-06-14 23:40:36.000000000 +0300 /lib/libdbus-1.so.3.4.0
    -rw-r--r-- 1 root root  139736 2011-01-23 20:36:59.000000000 +0300 /lib/libdevmapper.so.1.02.1
    -rw-r--r-- 1 root root   14696 2012-02-12 22:12:39.000000000 +0300 /lib/libdl-2.11.3.so
    lrwxrwxrwx 1 root root      15 2012-03-15 15:31:59.000000000 +0300 /lib/libdl.so.2 -> libdl-2.11.3.so
    lrwxrwxrwx 1 root root      13 2011-09-09 14:41:40.000000000 +0300 /lib/libe2p.so.2 -> libe2p.so.2.3
    -rw-r--r-- 1 root root   28680 2011-06-20 05:54:18.000000000 +0300 /lib/libe2p.so.2.3
    lrwxrwxrwx 1 root root      16 2011-09-09 14:41:40.000000000 +0300 /lib/libext2fs.so.2 -> libext2fs.so.2.4
    -rw-r--r-- 1 root root  190000 2011-06-20 05:54:18.000000000 +0300 /lib/libext2fs.so.2.4
    -rw-r--r-- 1 root root   90504 2010-11-15 05:02:27.000000000 +0300 /lib/libgcc_s.so.1
    lrwxrwxrwx 1 root root      23 2012-05-29 16:12:21.000000000 +0300 /lib/libglib-2.0.so.0 -> libglib-2.0.so.0.2400.2
    -rw-r--r-- 1 root root  900200 2010-09-08 22:02:05.000000000 +0300 /lib/libglib-2.0.so.0.2400.2
    lrwxrwxrwx 1 root root      17 2011-09-09 14:48:16.000000000 +0300 /lib/libhistory.so.5 -> libhistory.so.5.2
    -rw-r--r-- 1 root root   32920 2009-11-02 04:59:32.000000000 +0300 /lib/libhistory.so.5.2
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:51.000000000 +0300 /lib/libhistory.so.6 -> libhistory.so.6.1
    -rw-r--r-- 1 root root   33784 2010-05-30 22:09:22.000000000 +0300 /lib/libhistory.so.6.1
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:54.000000000 +0300 /lib/libip4tc.so.0 -> libip4tc.so.0.0.0
    -rw-r--r-- 1 root root   25560 2010-07-17 00:17:27.000000000 +0300 /lib/libip4tc.so.0.0.0
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:54.000000000 +0300 /lib/libip6tc.so.0 -> libip6tc.so.0.0.0
    -rw-r--r-- 1 root root   28096 2010-07-17 00:17:27.000000000 +0300 /lib/libip6tc.so.0.0.0
    lrwxrwxrwx 1 root root      15 2011-09-09 14:41:54.000000000 +0300 /lib/libipq.so.0 -> libipq.so.0.0.0
    -rw-r--r-- 1 root root    9344 2010-07-17 00:17:27.000000000 +0300 /lib/libipq.so.0.0.0
    lrwxrwxrwx 1 root root      16 2011-09-09 14:41:54.000000000 +0300 /lib/libiptc.so.0 -> libiptc.so.0.0.0
    -rw-r--r-- 1 root root    3704 2010-07-17 00:17:27.000000000 +0300 /lib/libiptc.so.0.0.0
    lrwxrwxrwx 1 root root      18 2011-09-09 14:48:16.000000000 +0300 /lib/libkeyutils.so.1 -> libkeyutils.so.1.3
    -rw-r--r-- 1 root root    8528 2010-04-04 01:42:19.000000000 +0300 /lib/libkeyutils.so.1.3
    -rw-r--r-- 1 root root  530736 2012-02-12 22:12:39.000000000 +0300 /lib/libm-2.11.3.so
    lrwxrwxrwx 1 root root      14 2012-03-15 15:31:59.000000000 +0300 /lib/libm.so.6 -> libm-2.11.3.so
    -rw-r--r-- 1 root root   18760 2012-02-12 22:12:39.000000000 +0300 /lib/libmemusage.so
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:38.000000000 +0300 /lib/libncurses.so.5 -> libncurses.so.5.7
    -rw-r--r-- 1 root root  286776 2011-01-04 06:33:11.000000000 +0300 /lib/libncurses.so.5.7
    lrwxrwxrwx 1 root root      18 2011-09-09 14:41:51.000000000 +0300 /lib/libncursesw.so.5 -> libncursesw.so.5.7
    -rw-r--r-- 1 root root  338840 2011-01-04 06:33:12.000000000 +0300 /lib/libncursesw.so.5.7
    -rw-r--r-- 1 root root   89064 2012-02-12 22:12:38.000000000 +0300 /lib/libnsl-2.11.3.so
    lrwxrwxrwx 1 root root      16 2012-03-15 15:31:59.000000000 +0300 /lib/libnsl.so.1 -> libnsl-2.11.3.so
    -rw-r--r-- 1 root root   31616 2012-02-12 22:12:38.000000000 +0300 /lib/libnss_compat-2.11.3.so
    lrwxrwxrwx 1 root root      23 2012-03-15 15:31:59.000000000 +0300 /lib/libnss_compat.so.2 -> libnss_compat-2.11.3.so
    -rw-r--r-- 1 root root   22928 2012-02-12 22:12:38.000000000 +0300 /lib/libnss_dns-2.11.3.so
    lrwxrwxrwx 1 root root      20 2012-03-15 15:31:59.000000000 +0300 /lib/libnss_dns.so.2 -> libnss_dns-2.11.3.so
    -rw-r--r-- 1 root root   51728 2012-02-12 22:12:38.000000000 +0300 /lib/libnss_files-2.11.3.so
    lrwxrwxrwx 1 root root      22 2012-03-15 15:31:59.000000000 +0300 /lib/libnss_files.so.2 -> libnss_files-2.11.3.so
    -rw-r--r-- 1 root root   18864 2012-02-12 22:12:39.000000000 +0300 /lib/libnss_hesiod-2.11.3.so
    lrwxrwxrwx 1 root root      23 2012-03-15 15:31:59.000000000 +0300 /lib/libnss_hesiod.so.2 -> libnss_hesiod-2.11.3.so
    -rw-r--r-- 1 root root   43552 2012-02-12 22:12:39.000000000 +0300 /lib/libnss_nis-2.11.3.so
    lrwxrwxrwx 1 root root      20 2012-03-15 15:31:59.000000000 +0300 /lib/libnss_nis.so.2 -> libnss_nis-2.11.3.so
    -rw-r--r-- 1 root root   51704 2012-02-12 22:12:38.000000000 +0300 /lib/libnss_nisplus-2.11.3.so
    lrwxrwxrwx 1 root root      24 2012-03-15 15:31:59.000000000 +0300 /lib/libnss_nisplus.so.2 -> libnss_nisplus-2.11.3.so
    lrwxrwxrwx 1 root root      16 2011-09-09 14:41:38.000000000 +0300 /lib/libpam.so.0 -> libpam.so.0.82.2
    -rw-r--r-- 1 root root   49728 2010-10-21 20:39:56.000000000 +0300 /lib/libpam.so.0.82.2
    lrwxrwxrwx 1 root root      21 2011-09-09 14:41:38.000000000 +0300 /lib/libpam_misc.so.0 -> libpam_misc.so.0.82.0
    -rw-r--r-- 1 root root   11016 2010-10-21 20:39:56.000000000 +0300 /lib/libpam_misc.so.0.82.0
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:38.000000000 +0300 /lib/libpamc.so.0 -> libpamc.so.0.82.1
    -rw-r--r-- 1 root root   11592 2010-10-21 20:39:56.000000000 +0300 /lib/libpamc.so.0.82.1
    -rw-r--r-- 1 root root    6272 2012-02-12 22:12:38.000000000 +0300 /lib/libpcprofile.so
    lrwxrwxrwx 1 root root      17 2011-09-09 14:48:19.000000000 +0300 /lib/libpcre.so.3 -> libpcre.so.3.12.1
    -rw-r--r-- 1 root root  198176 2010-07-31 23:45:45.000000000 +0300 /lib/libpcre.so.3.12.1
    lrwxrwxrwx 1 root root      18 2012-03-15 15:33:13.000000000 +0300 /lib/libpng12.so.0 -> libpng12.so.0.44.0
    -rw-r--r-- 1 root root  155360 2012-02-15 21:09:53.000000000 +0300 /lib/libpng12.so.0.44.0
    lrwxrwxrwx 1 root root      16 2011-09-09 14:41:54.000000000 +0300 /lib/libpopt.so.0 -> libpopt.so.0.0.0
    -rw-r--r-- 1 root root   46848 2010-05-13 07:40:24.000000000 +0300 /lib/libpopt.so.0.0.0
    -rw-r--r-- 1 root root   75088 2010-05-04 14:26:22.000000000 +0300 /lib/libproc-3.2.8.so
    -rwxr-xr-x 1 root root  131258 2012-02-12 22:12:41.000000000 +0300 /lib/libpthread-2.11.3.so
    lrwxrwxrwx 1 root root      20 2012-03-15 15:31:59.000000000 +0300 /lib/libpthread.so.0 -> libpthread-2.11.3.so
    lrwxrwxrwx 1 root root      18 2011-09-09 14:48:16.000000000 +0300 /lib/libreadline.so.5 -> libreadline.so.5.2
    -rw-r--r-- 1 root root  258088 2009-11-02 04:59:32.000000000 +0300 /lib/libreadline.so.5.2
    lrwxrwxrwx 1 root root      18 2011-09-09 14:41:51.000000000 +0300 /lib/libreadline.so.6 -> libreadline.so.6.1
    -rw-r--r-- 1 root root  273840 2010-05-30 22:09:22.000000000 +0300 /lib/libreadline.so.6.1
    -rw-r--r-- 1 root root   80712 2012-02-12 22:12:38.000000000 +0300 /lib/libresolv-2.11.3.so
    lrwxrwxrwx 1 root root      19 2012-03-15 15:31:59.000000000 +0300 /lib/libresolv.so.2 -> libresolv-2.11.3.so
    -rw-r--r-- 1 root root   31744 2012-02-12 22:12:38.000000000 +0300 /lib/librt-2.11.3.so
    lrwxrwxrwx 1 root root      15 2012-03-15 15:31:59.000000000 +0300 /lib/librt.so.1 -> librt-2.11.3.so
    -rw-r--r-- 1 root root  117848 2010-07-21 09:30:01.000000000 +0300 /lib/libselinux.so.1
    -rw-r--r-- 1 root root  241880 2010-05-26 07:56:04.000000000 +0300 /lib/libsepol.so.1
    lrwxrwxrwx 1 root root      17 2011-09-09 14:41:40.000000000 +0300 /lib/libslang.so.2 -> libslang.so.2.2.2
    -rw-r--r-- 1 root root 1077912 2010-03-18 22:08:06.000000000 +0300 /lib/libslang.so.2.2.2
    lrwxrwxrwx 1 root root      12 2011-09-09 14:41:40.000000000 +0300 /lib/libss.so.2 -> libss.so.2.0
    -rw-r--r-- 1 root root   24496 2011-06-20 05:54:17.000000000 +0300 /lib/libss.so.2.0
    -rw-r--r-- 1 root root   31472 2012-02-12 22:12:38.000000000 +0300 /lib/libthread_db-1.0.so
    lrwxrwxrwx 1 root root      19 2012-03-15 15:31:59.000000000 +0300 /lib/libthread_db.so.1 -> libthread_db-1.0.so
    lrwxrwxrwx 1 root root      13 2011-09-09 14:41:38.000000000 +0300 /lib/libtic.so.5 -> libtic.so.5.7
    -rw-r--r-- 1 root root   54176 2011-01-04 06:33:11.000000000 +0300 /lib/libtic.so.5.7
    lrwxrwxrwx 1 root root      14 2011-09-09 14:41:51.000000000 +0300 /lib/libticw.so.5 -> libticw.so.5.7
    -rw-r--r-- 1 root root   54144 2011-01-04 06:33:12.000000000 +0300 /lib/libticw.so.5.7
    lrwxrwxrwx 1 root root      16 2011-09-09 14:41:55.000000000 +0300 /lib/libudev.so.0 -> libudev.so.0.9.3
    -rw-r--r-- 1 root root   55136 2010-12-13 05:56:22.000000000 +0300 /lib/libudev.so.0.9.3
    lrwxrwxrwx 1 root root      19 2011-09-09 14:41:51.000000000 +0300 /lib/libusb-0.1.so.4 -> libusb-0.1.so.4.4.4
    -rw-r--r-- 1 root root   32760 2010-09-01 01:06:36.000000000 +0300 /lib/libusb-0.1.so.4.4.4
    -rw-r--r-- 1 root root   10648 2012-02-12 22:12:38.000000000 +0300 /lib/libutil-2.11.3.so
    lrwxrwxrwx 1 root root      17 2012-03-15 15:31:59.000000000 +0300 /lib/libutil.so.1 -> libutil-2.11.3.so
    lrwxrwxrwx 1 root root      16 2011-09-09 14:41:38.000000000 +0300 /lib/libuuid.so.1 -> libuuid.so.1.3.0
    -rw-r--r-- 1 root root   15720 2011-01-25 22:17:01.000000000 +0300 /lib/libuuid.so.1.3.0
    lrwxrwxrwx 1 root root      16 2011-09-09 14:48:23.000000000 +0300 /lib/libwrap.so.0 -> libwrap.so.0.7.6
    -rw-r--r-- 1 root root   36360 2010-05-23 18:52:55.000000000 +0300 /lib/libwrap.so.0.7.6
    lrwxrwxrwx 1 root root      19 2011-09-09 14:41:54.000000000 +0300 /lib/libxtables.so.4 -> libxtables.so.4.0.0
    -rw-r--r-- 1 root root   32136 2010-07-17 00:17:27.000000000 +0300 /lib/libxtables.so.4.0.0
    $ mount
    /dev/vda1 on / type ext3 (rw,grpquota,errors=remount-ro,usrquota)
    tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
    proc on /proc type proc (rw,noexec,nosuid,nodev)
    sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
    udev on /dev type tmpfs (rw,mode=0755)
    tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
    devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
    /dev/vda3 on /data type ext3 (rw)
    $ df -h
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/vda1             4.7G  1.9G  2.6G  43% /
    tmpfs                1007M     0 1007M   0% /lib/init/rw
    udev                 1002M  120K 1002M   1% /dev
    tmpfs                1007M     0 1007M   0% /dev/shm
    /dev/vda3              94G   40G   50G  45% /data
    $ cat /etc/issue
    Debian GNU/Linux 6.0 \n \l
    
    $ cat /etc/crontab
    # /etc/crontab: system-wide crontab
    # Unlike any other crontab you don't have to run the `crontab'
    # command to install the new version when you edit this file
    # and files in /etc/cron.d. These files also have username fields,
    # that none of the other crontabs do.
    
    SHELL=/bin/sh
    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
    
    # m h dom mon dow user	command
    17 *	* * *	root    cd / && run-parts --report /etc/cron.hourly
    25 6	* * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
    47 6	* * 7	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
    52 6	1 * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
    #
    
    
    $ cat /proc/version
    Linux version 2.6.32-5-amd64 (Debian 2.6.32-35squeeze2) (dannf@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Fri Sep 9 20:23:16 UTC 2011
    $ cat /proc/sys/vm/mmap_min_addr
    65536
    $ pwd
    /lib
    $ ls -la /usr/bin/staprun
    
     
  11. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    Читаем первый пост!
    Что Вы опробовали?
     
  12. Br@!ns

    Br@!ns Elder - Старейшина

    Joined:
    3 Sep 2010
    Messages:
    915
    Likes Received:
    120
    Reputations:
    25
    enlightenment
    exploit-db.com/exploits/26368
    exploit-db.com/exploits/18411
    CVE-2013-2094

    ничего не берет, на последнем sheep: Assertion `!close(fd)' failed.
     
  13. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    Пооробуйте pkexec.
    Что выдают команды:
     
  14. Br@!ns

    Br@!ns Elder - Старейшина

    Joined:
    3 Sep 2010
    Messages:
    915
    Likes Received:
    120
    Reputations:
    25
    HTML:
    $ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null
    -rwsr-xr-x 1 root root 94992 Aug 27  2010 /sbin/mount.nfs
    -rwsr-xr-x 1 root root 6776 Dec 19  2010 /usr/lib/eject/dmcrypt-get-device
    -rwsr-xr-- 1 root messagebus 45936 Jun 14  2011 /usr/lib/dbus-1.0/dbus-daemon-la
    unch-helper
    -rwsr-xr-x 1 root root 212128 Dec 27  2010 /usr/lib/openssh/ssh-keysign
    -rwsr-xr-x 1 root root 10592 Feb 12  2012 /usr/lib/pt_chown
    -rwsr-xr-- 1 root www-data 18944 Feb  6  2012 /usr/lib/apache2/suexec
    -rwsr-xr-x 2 root root 166312 Mar  6  2013 /usr/bin/sudo
    -rwsr-xr-x 1 root root 32808 Feb 15  2011 /usr/bin/newgrp
    -rwsr-xr-x 1 root root 43280 Feb 15  2011 /usr/bin/passwd
    -rwsr-sr-x 1 root mail 89720 Apr 26  2010 /usr/bin/procmail
    -rwsr-xr-x 1 root root 39856 Feb 15  2011 /usr/bin/chfn
    -rwsr-xr-x 2 root root 166312 Mar  6  2013 /usr/bin/sudoedit
    -rwsr-xr-x 1 root root 60208 Feb 15  2011 /usr/bin/gpasswd
    -rwsr-sr-x 1 daemon daemon 48416 Nov 30  2009 /usr/bin/at
    -rwsr-xr-x 1 root root 4536 Dec 14  2006 /usr/bin/procmail-wrapper
    -rwsr-xr-x 1 root root 37552 Feb 15  2011 /usr/bin/chsh
    вторая выдает очень очень много строк, и файлов разных форматов включая jpg
     
  15. d4rk73rr0r

    d4rk73rr0r Member

    Joined:
    2 Jan 2013
    Messages:
    139
    Likes Received:
    6
    Reputations:
    0
    $ uname -a
    Code:
    Linux ****** 2.6.26-2-amd64 #1 SMP Wed Sep 21 03:36:44 UTC 2011 x86_64 GNU/Linux
    $ ls -la /boot
    Code:
    total 17175
    drwxr-xr-x  4 root root    1024 Mar  1  2012 .
    drwxr-xr-x 22 root root    4096 Sep 23  2013 ..
    -rw-r--r--  1 root root 1227280 Sep 21  2011 System.map-2.6.26-2-amd64
    -rw-r--r--  1 root root   85694 Sep 21  2011 config-2.6.26-2-amd64
    drwxr-xr-x  2 root root    1024 Mar  1  2012 grub
    -rw-r--r--  1 root root 7757503 Mar  1  2012 initrd.img-2.6.26-2-amd64
    -rw-r--r--  1 root root 6665119 Jul  7  2011 initrd.img-2.6.26-2-amd64.bak
    drwx------  2 root root   12288 Nov 23  2010 lost+found
    -rw-r--r--  1 root root 1756944 Sep 21  2011 vmlinuz-2.6.26-2-amd64
    $ ls -la --full-time /lib/libc*
    Code:
    -rwxr-xr-x 1 root root 1375536 2011-01-08 02:33:04.000000000 +0500 /lib/libc-2.7.so
    lrwxrwxrwx 1 root root      11 2011-01-23 19:16:16.000000000 +0500 /lib/libc.so.6 -> libc-2.7.so
    lrwxrwxrwx 1 root root      14 2010-11-23 17:33:39.000000000 +0500 /lib/libcap.so.1 -> libcap.so.1.10
    -rw-r--r-- 1 root root   14880 2006-03-16 16:56:29.000000000 +0500 /lib/libcap.so.1.10
    lrwxrwxrwx 1 root root      14 2010-11-23 16:58:17.000000000 +0500 /lib/libcap.so.2 -> libcap.so.2.11
    -rw-r--r-- 1 root root   16976 2008-07-26 20:52:16.000000000 +0500 /lib/libcap.so.2.11
    lrwxrwxrwx 1 root root      17 2010-11-23 16:23:24.000000000 +0500 /lib/libcfont.so.0 -> libcfont.so.0.0.0
    -rw-r--r-- 1 root root   12776 2008-04-16 02:40:42.000000000 +0500 /lib/libcfont.so.0.0.0
    -rw-r--r-- 1 root root  190760 2011-01-08 02:33:04.000000000 +0500 /lib/libcidn-2.7.so
    lrwxrwxrwx 1 root root      14 2011-01-23 19:16:16.000000000 +0500 /lib/libcidn.so.1 -> libcidn-2.7.so
    lrwxrwxrwx 1 root root      17 2010-11-23 16:22:49.000000000 +0500 /lib/libcom_err.so.2 -> libcom_err.so.2.1
    -rw-r--r-- 1 root root   11648 2008-10-13 08:54:02.000000000 +0500 /lib/libcom_err.so.2.1
    lrwxrwxrwx 1 root root      19 2010-11-23 16:23:24.000000000 +0500 /lib/libconsole.so.0 -> libconsole.so.0.0.0
    -rw-r--r-- 1 root root  140840 2008-04-16 02:40:42.000000000 +0500 /lib/libconsole.so.0.0.0
    -rw-r--r-- 1 root root   39112 2011-01-08 02:33:04.000000000 +0500 /lib/libcrypt-2.7.so
    lrwxrwxrwx 1 root root      15 2011-01-23 19:16:16.000000000 +0500 /lib/libcrypt.so.1 -> libcrypt-2.7.so
    lrwxrwxrwx 1 root root      19 2010-11-23 16:23:24.000000000 +0500 /lib/libctutils.so.0 -> libctutils.so.0.0.0
    -rw-r--r-- 1 root root   21024 2008-04-16 02:40:42.000000000 +0500 /lib/libctutils.so.0.0.0
    $ mount

    Code:
    /dev/cciss/c0d0p7 on / type ext3 (rw,errors=remount-ro)
    tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
    proc on /proc type proc (rw,noexec,nosuid,nodev)
    sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
    procbususb on /proc/bus/usb type usbfs (rw)
    udev on /dev type tmpfs (rw,mode=0755)
    tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
    devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
    /dev/cciss/c0d0p1 on /boot type ext3 (rw)
    /dev/cciss/c0d0p8 on /root type ext3 (rw)
    /dev/cciss/c0d0p6 on /tmp type ext3 (rw)
    /dev/cciss/c0d0p9 on /usr type ext3 (rw)
    /dev/cciss/c0d0p10 on /var type ext3 (rw)
    $ df -h

    Code:
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/cciss/c0d0p7     5.5G  258M  5.0G   5% /
    tmpfs                 3.0G     0  3.0G   0% /lib/init/rw
    udev                   10M  840K  9.2M   9% /dev
    tmpfs                 3.0G     0  3.0G   0% /dev/shm
    /dev/cciss/c0d0p1     464M   28M  413M   7% /boot
    /dev/cciss/c0d0p8     9.2G  4.8G  4.0G  55% /root
    /dev/cciss/c0d0p6     2.8G   69M  2.6G   3% /tmp
    /dev/cciss/c0d0p9     321G  1.2G  304G   1% /usr
    /dev/cciss/c0d0p10    576G   34G  513G   7% /var
    $ cat /etc/issue

    Code:
    Debian GNU/Linux 5.0 \n \l
    $ cat /etc/crontab

    Code:
    # /etc/crontab: system-wide crontab
    # Unlike any other crontab you don't have to run the `crontab'
    # command to install the new version when you edit this file
    # and files in /etc/cron.d. These files also have username fields,
    # that none of the other crontabs do.
    
    SHELL=/bin/sh
    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
    
    # m h dom mon dow user	command
    17 *	* * *	root    cd / && run-parts --report /etc/cron.hourly
    25 6	* * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
    47 6	* * 7	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
    52 6	1 * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
    #
    $ cat /proc/version

    Code:
    Linux version 2.6.26-2-amd64 (Debian 2.6.26-27) (dannf@debian.org) (gcc version 4.1.3 20080704 (prerelease) (Debian 4.1.2-25)) #1 
    
    SMP Wed Sep 21 03:36:44 UTC 2011
    $ cat /proc/sys/vm/mmap_min_addr


    Code:
    4096
    $ pwd

    Code:
    /var/www/dtl
    $ ls -la /usr/bin/staprun

    Code:
    Результат ноль
    $ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null

    Code:
    -rwsr-sr-x 1 daemon daemon 46200 Sep 23  2008 /usr/bin/at
    -rwsr-xr-x 1 root root 39104 Dec  6  2009 /usr/bin/passwd
    ---s--x--x 2 root root 127432 Jun 11  2010 /usr/bin/sudo
    ---s--x--x 2 root root 127432 Jun 11  2010 /usr/bin/sudoedit
    -rwsr-xr-x 1 root root 73736 Apr 17  2008 /usr/bin/mtr
    -rwsr-xr-x 1 root root 49536 Dec  6  2009 /usr/bin/gpasswd
    -rwsr-xr-x 1 root root 36416 Dec  6  2009 /usr/bin/chfn
    -rwsr-sr-x 1 root mail 85472 Apr 30  2006 /usr/bin/procmail
    -rwsr-xr-x 1 root root 33376 Dec  6  2009 /usr/bin/chsh
    -rwsr-xr-x 1 root root 28600 Dec  6  2009 /usr/bin/newgrp
    -rwsr-xr-x 1 root root 6696 Oct  3  2008 /usr/lib/eject/dmcrypt-get-device
    -rwsr-xr-- 1 root messagebus 44968 Jan 15  2011 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
    -rwsr-xr-x 1 root root 212656 Jan 14  2009 /usr/lib/openssh/ssh-keysign
    -rwsr-xr-x 1 root root 10512 Jan  8  2011 /usr/lib/pt_chown
    -rwsr-xr-x 1 root root 850000 Jan 31  2011 /usr/sbin/exim4
    -rwsr-xr-x 1 root root 76344 Apr 19  2010 /sbin/mount.nfs
    -rwsr-xr-x 1 root root 46040 Apr 29  2008 /bin/umount
    -rwsr-xr-x 1 root root 33528 Jul 25  2010 /bin/ping
    -rwsr-xr-x 1 root root 66152 Apr 29  2008 /bin/mount
    -rwsr-xr-x 1 root root 33112 Dec  6  2009 /bin/su
    -rwsr-xr-x 1 root root 28944 Jul 25  2010 /bin/ping6
    Помогите новичкам найти эксплоит для этого сервака
     
  16. ZodiaX

    ZodiaX Reservists Of Antichat

    Joined:
    7 May 2009
    Messages:
    532
    Likes Received:
    301
    Reputations:
    46
    bash уязвим?
     
  17. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    d4rk73rr0r, посмотрите в сторону exim.
     
  18. попугай

    попугай Elder - Старейшина

    Joined:
    15 Jan 2008
    Messages:
    1,589
    Likes Received:
    406
    Reputations:
    196
    2.6.9-103.ELsmp #1 SMP Fri Dec 9 04:31:51 EST 2011 i686

    cat /proc/sys/vm/mmap_min_addr показывает 0 - это баг по идее?
     
  19. YaBtr

    YaBtr Members of Antichat

    Joined:
    30 May 2012
    Messages:
    601
    Likes Received:
    350
    Reputations:
    652
    Это не баг, это одна из настроек ядра, позволяющая успешно отработать сплоентам, использующим NULL page.
     
    1 person likes this.
  20. попугай

    попугай Elder - Старейшина

    Joined:
    15 Jan 2008
    Messages:
    1,589
    Likes Received:
    406
    Reputations:
    196
    Реально ли порутать такое?

    http://pastebin.com/MtDGyZwZ

    Если есть профессионалы, пишите в личку, заплачу в случае успеха.

    //YaBtr: Что пробовал?.
     
    #560 попугай, 23 Jan 2015
    Last edited by a moderator: 23 Jan 2015
Loading...