Повышение прав [задай вопрос - получи ответ]

Есть у кого рабочий сплоент под:

Code:

Linux vds.firmixal.info 2.6.18-348.16.1.el5.028stab108.1 #1 SMP Tue Aug 27 13:02:53 MSD 2013 x86_64

??


с эксплоит-дб не компилируется

 

uname -a
2.6.32-504.el6.x86_64 #1 SMP Tue Sep 16 01:56:35 EDT 2014 x86_64

ls -la /boot
total 85642
dr-xr-xr-x. 5 root root 3072 Dec 4 12:14 .
dr-xr-xr-x. 24 root root 4096 Jan 29 17:44 ..
-rw-r--r-- 1 root root 171 Apr 11 2014 .vmlinuz-2.6.32-431.17.1.el6.x86_64.hmac
-rw-r--r-- 1 root root 170 Oct 31 16:43 .vmlinuz-2.6.32-504.1.3.el6.x86_64.hmac
-rw-r--r-- 1 root root 166 Sep 16 08:04 .vmlinuz-2.6.32-504.el6.x86_64.hmac
-rw-r--r-- 1 root root 2518959 Apr 11 2014 System.map-2.6.32-431.17.1.el6.x86_64
-rw-r--r-- 1 root root 2544748 Oct 31 16:43 System.map-2.6.32-504.1.3.el6.x86_64
-rw-r--r-- 1 root root 2544748 Sep 16 08:04 System.map-2.6.32-504.el6.x86_64
-rw-r--r-- 1 root root 105200 Apr 11 2014 config-2.6.32-431.17.1.el6.x86_64
-rw-r--r-- 1 root root 106312 Oct 31 16:43 config-2.6.32-504.1.3.el6.x86_64
-rw-r--r-- 1 root root 106308 Sep 16 08:04 config-2.6.32-504.el6.x86_64
drwxr-xr-x. 3 root root 1024 Jul 30 2012 efi
drwxr-xr-x. 2 root root 1024 Dec 4 12:11 grub
-rw------- 1 root root 17186604 May 16 2014 initramfs-2.6.32-431.17.1.el6.x86_64.img
-rw------- 1 root root 19168484 Dec 4 12:09 initramfs-2.6.32-504.1.3.el6.x86_64.img
-rw------- 1 root root 19167416 Dec 4 12:11 initramfs-2.6.32-504.el6.x86_64.img
-rw------- 1 root root 5585988 Dec 4 12:08 initrd-2.6.32-431.17.1.el6.x86_64kdump.img
-rw------- 1 root root 5233991 Dec 4 12:14 initrd-2.6.32-504.el6.x86_64kdump.img
drwx------. 2 root root 12288 Jul 30 2012 lost+found
-rw-r--r-- 1 root root 193889 Apr 11 2014 symvers-2.6.32-431.17.1.el6.x86_64.gz
-rw-r--r-- 1 root root 200191 Oct 31 16:44 symvers-2.6.32-504.1.3.el6.x86_64.gz
-rw-r--r-- 1 root root 200191 Sep 16 08:04 symvers-2.6.32-504.el6.x86_64.gz
-rwxr-xr-x 1 root root 4130640 Apr 11 2014 vmlinuz-2.6.32-431.17.1.el6.x86_64
-rwxr-xr-x 1 root root 4153008 Oct 31 16:43 vmlinuz-2.6.32-504.1.3.el6.x86_64
-rwxr-xr-x 1 root root 4153904 Sep 16 08:04 vmlinuz-2.6.32-504.el6.x86_64


$ cat /etc/issue
RedHat Enterprise Linux Server 6.6
Authorized uses only by personnel of tubIT IT-Service-Center. All activity may be monitored and reported.


$ cat /proc/version
Linux version 2.6.32-504.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-11) (GCC) ) #1 SMP Tue Sep 16 01:56:35 EDT 2014

$ cat /proc/sys/vm/mmap_min_addr
4096

$ ls -la /usr/bin/staprun
---s--x--- 1 root stapusr 183072 Jun 23 2014 /usr/bin/staprun

Чем можно взять?

 

Ничем, где остальные команды и их результаты работы?

 

не выполняются

 

Code:

[apache@vs01.**********.ru ~]$ uname -a
Linux ********** 2.6.32-042stab093.4 #1 SMP Mon Aug 11 18:47:39 MSK 2014 x86_64 x86_64 x86_64 GNU/Linux
[apache@vs01.**********.ru ~]$ ls -la /boot
total 12
dr-xr-xr-x  3 root root 4096 Feb 20  2014 ./
dr-xr-xr-x 25 root root 4096 Mar 25 03:33 ../
drwxr-xr-x  2 root root 4096 Dec 22  2012 grub/
[apache@vs01.**********.ru ~]$ ls -la --full-time /lib64
total 15272
dr-xr-xr-x  7 root root   12288 2015-01-29 05:33:43.633230136 +0300 ./
dr-xr-xr-x 25 root root    4096 2015-03-25 03:33:40.839381604 +0300 ../
-rwxr-xr-x  1 root root  157032 2015-01-27 22:38:10.000000000 +0300 ld-2.12.so*
lrwxrwxrwx  1 root root      10 2015-01-28 15:09:32.320483506 +0300 ld-linux-x86-64.so.2 -> ld-2.12.so*
lrwxrwxrwx  1 root root      15 2013-01-16 16:10:56.000000000 +0400 libacl.so.1 -> libacl.so.1.1.0*
-rwxr-xr-x  1 root root   33816 2011-12-07 20:53:53.000000000 +0400 libacl.so.1.1.0*
lrwxrwxrwx  1 root root      22 2013-01-16 16:10:56.000000000 +0400 libaio.so.1 -> /lib64/libaio.so.1.0.1*
-rwxr-xr-x  1 root root    3944 2010-08-23 01:08:18.000000000 +0400 libaio.so.1.0.0*
-rwxr-xr-x  1 root root    5624 2010-08-23 01:08:18.000000000 +0400 libaio.so.1.0.1*
-rwxr-xr-x  1 root root   19368 2015-01-27 22:38:11.000000000 +0300 libanl-2.12.so*
lrwxrwxrwx  1 root root      14 2015-01-28 15:09:32.336483881 +0300 libanl.so.1 -> libanl-2.12.so*
lrwxrwxrwx  1 root root      16 2013-01-16 16:10:56.000000000 +0400 libattr.so.1 -> libattr.so.1.1.0*
-rwxr-xr-x  1 root root   21152 2011-09-23 22:53:58.000000000 +0400 libattr.so.1.1.0*
lrwxrwxrwx  1 root root      17 2014-06-11 16:00:30.542733378 +0400 libaudit.so.1 -> libaudit.so.1.0.0*
-rwxr-xr-x  1 root root  115536 2014-05-28 18:37:08.000000000 +0400 libaudit.so.1.0.0*
lrwxrwxrwx  1 root root      19 2014-06-11 16:00:30.546728783 +0400 libauparse.so.0 -> libauparse.so.0.0.0*
-rwxr-xr-x  1 root root   59920 2014-05-28 18:37:08.000000000 +0400 libauparse.so.0.0.0*
lrwxrwxrwx  1 root root      17 2013-08-26 16:29:27.502862788 +0400 libblkid.so.1 -> libblkid.so.1.1.0*
-rwxr-xr-x  1 root root  138616 2013-04-29 11:43:56.000000000 +0400 libblkid.so.1.1.0*
-rwxr-xr-x  1 root root    8488 2015-01-27 22:38:11.000000000 +0300 libBrokenLocale-2.12.so*
lrwxrwxrwx  1 root root      23 2015-01-28 15:09:32.321483496 +0300 libBrokenLocale.so.1 -> libBrokenLocale-2.12.so*
lrwxrwxrwx  1 root root      15 2013-01-16 16:10:56.000000000 +0400 libbz2.so.1 -> libbz2.so.1.0.4*
-rwxr-xr-x  1 root root   69976 2011-06-25 05:45:55.000000000 +0400 libbz2.so.1.0.4*
-rwxr-xr-x  1 root root 1926760 2015-01-27 22:38:13.000000000 +0300 libc-2.12.so*
lrwxrwxrwx  1 root root      18 2013-01-16 16:10:56.000000000 +0400 libcap-ng.so.0 -> libcap-ng.so.0.0.0*
-rwxr-xr-x  1 root root   18672 2011-06-25 07:49:32.000000000 +0400 libcap-ng.so.0.0.0*
lrwxrwxrwx  1 root root      14 2013-01-16 16:10:56.000000000 +0400 libcap.so.2 -> libcap.so.2.16*
-rwxr-xr-x  1 root root   19016 2011-12-08 00:04:01.000000000 +0400 libcap.so.2.16*
lrwxrwxrwx  1 root root      19 2014-06-11 16:33:41.480854133 +0400 libcgroup.so.1 -> libcgroup.so.1.0.40*
-rwxr-xr-x  1 root root   97016 2013-12-09 12:36:08.000000000 +0400 libcgroup.so.1.0.40*
-rwxr-xr-x  1 root root  197064 2015-01-27 22:38:10.000000000 +0300 libcidn-2.12.so*
lrwxrwxrwx  1 root root      15 2015-01-28 15:09:32.910483773 +0300 libcidn.so.1 -> libcidn-2.12.so*
lrwxrwxrwx  1 root root      17 2014-04-09 10:20:39.772791310 +0400 libcom_err.so.2 -> libcom_err.so.2.1*
-rwxr-xr-x  1 root root   17256 2013-11-22 16:56:01.000000000 +0400 libcom_err.so.2.1*
-rwxr-xr-x  1 root root   43392 2015-01-27 22:38:10.000000000 +0300 libcrypt-2.12.so*
lrwxrwxrwx  1 root root      16 2015-01-28 15:09:32.920483906 +0300 libcrypt.so.1 -> libcrypt-2.12.so*
lrwxrwxrwx  1 root root      12 2015-01-28 15:09:32.901484045 +0300 libc.so.6 -> libc-2.12.so*
-rwxr-xr-x  1 root root 1525224 2013-09-12 13:40:56.000000000 +0400 libdb-4.7.so*
lrwxrwxrwx  1 root root      18 2013-01-16 16:10:56.000000000 +0400 libdbus-1.so.3 -> libdbus-1.so.3.4.0*
-rwxr-xr-x  1 root root  268232 2012-09-13 21:04:29.000000000 +0400 libdbus-1.so.3.4.0*
-rwxr-xr-x  1 root root   22536 2015-01-27 22:38:10.000000000 +0300 libdl-2.12.so*
lrwxrwxrwx  1 root root      13 2015-01-28 15:09:32.921483889 +0300 libdl.so.2 -> libdl-2.12.so*
lrwxrwxrwx  1 root root      13 2014-04-09 10:20:41.666729887 +0400 libe2p.so.2 -> libe2p.so.2.3*
-rwxr-xr-x  1 root root   30552 2013-11-22 16:56:01.000000000 +0400 libe2p.so.2.3*
lrwxrwxrwx  1 root root      17 2013-01-16 16:10:56.000000000 +0400 libexpat.so.1 -> libexpat.so.1.5.2*
-rwxr-xr-x  1 root root  167648 2012-06-13 19:01:40.000000000 +0400 libexpat.so.1.5.2*
lrwxrwxrwx  1 root root      16 2014-04-09 10:20:41.667729935 +0400 libext2fs.so.2 -> libext2fs.so.2.4*
-rwxr-xr-x  1 root root  204296 2013-11-22 16:56:01.000000000 +0400 libext2fs.so.2.4*
lrwxrwxrwx  1 root root      21 2013-01-16 16:10:56.000000000 +0400 libfipscheck.so.1 -> libfipscheck.so.1.1.0*
-rwxr-xr-x  1 root root   12688 2011-12-07 23:13:53.000000000 +0400 libfipscheck.so.1.1.0*
-rw-r--r--  1 root root      65 2011-12-07 23:13:53.000000000 +0400 .libfipscheck.so.1.1.0.hmac
lrwxrwxrwx  1 root root      27 2013-01-16 16:10:56.000000000 +0400 .libfipscheck.so.1.hmac -> .libfipscheck.so.1.1.0.hmac
-rw-r--r--  1 root root     899 2013-08-08 00:19:37.000000000 +0400 libfreebl3.chk
-rwxr-xr-x  1 root root  427008 2013-08-08 00:19:37.000000000 +0400 libfreebl3.so*
-rwxr-xr-x  1 root root   93320 2013-11-21 22:08:46.000000000 +0400 libgcc_s-4.4.7-20120601.so.1*
lrwxrwxrwx  1 root root      28 2014-04-09 10:20:25.611916602 +0400 libgcc_s.so.1 -> libgcc_s-4.4.7-20120601.so.1*
lrwxrwxrwx  1 root root      19 2013-01-16 16:10:56.000000000 +0400 libgcrypt.so.11 -> libgcrypt.so.11.5.3*
-rwxr-xr-x  1 root root  481064 2012-04-16 17:21:17.000000000 +0400 libgcrypt.so.11.5.3*
-rw-r--r--  1 root root      65 2012-04-16 17:21:17.000000000 +0400 .libgcrypt.so.11.hmac
lrwxrwxrwx  1 root root      22 2013-01-16 16:10:56.000000000 +0400 libgio-2.0.so.0 -> libgio-2.0.so.0.2200.5*
-rwxr-xr-x  1 root root  695464 2012-06-22 10:17:18.000000000 +0400 libgio-2.0.so.0.2200.5*
lrwxrwxrwx  1 root root      23 2013-01-16 16:10:56.000000000 +0400 libglib-2.0.so.0 -> libglib-2.0.so.0.2200.5*
-rwxr-xr-x  1 root root  939360 2012-06-22 10:17:18.000000000 +0400 libglib-2.0.so.0.2200.5*
lrwxrwxrwx  1 root root      26 2013-01-16 16:10:56.000000000 +0400 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.2200.5*
-rwxr-xr-x  1 root root   14392 2012-06-22 10:17:18.000000000 +0400 libgmodule-2.0.so.0.2200.5*
lrwxrwxrwx  1 root root      26 2013-01-16 16:10:56.000000000 +0400 libgobject-2.0.so.0 -> libgobject-2.0.so.0.2200.5*
-rwxr-xr-x  1 root root  283584 2012-06-22 10:17:18.000000000 +0400 libgobject-2.0.so.0.2200.5*
lrwxrwxrwx  1 root root      21 2013-01-16 16:10:56.000000000 +0400 libgpg-error.so.0 -> libgpg-error.so.0.5.0*
-rwxr-xr-x  1 root root   16656 2011-12-07 21:37:21.000000000 +0400 libgpg-error.so.0.5.0*
lrwxrwxrwx  1 root root      21 2014-04-09 10:20:41.259728928 +0400 libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2*
-rwxr-xr-x  1 root root  280520 2014-04-03 19:12:22.000000000 +0400 libgssapi_krb5.so.2.2*
lrwxrwxrwx  1 root root      19 2013-01-16 16:10:56.000000000 +0400 libgssglue.so.1 -> libgssglue.so.1.0.0*
-rwxr-xr-x  1 root root   36584 2011-07-19 12:22:02.000000000 +0400 libgssglue.so.1.0.0*
lrwxrwxrwx  1 root root      16 2014-04-09 10:20:41.270729039 +0400 libgssrpc.so.4 -> libgssrpc.so.4.1*
-rwxr-xr-x  1 root root  131384 2014-04-03 19:12:22.000000000 +0400 libgssrpc.so.4.1*
lrwxrwxrwx  1 root root      26 2013-01-16 16:10:56.000000000 +0400 libgthread-2.0.so.0 -> libgthread-2.0.so.0.2200.5*
-rwxr-xr-x  1 root root   17440 2012-06-22 10:17:18.000000000 +0400 libgthread-2.0.so.0.2200.5*
lrwxrwxrwx  1 root root      16 2013-01-16 16:10:56.000000000 +0400 libidn.so.11 -> libidn.so.11.6.1*
-rwxr-xr-x  1 root root  209120 2010-08-24 04:51:20.000000000 +0400 libidn.so.11.6.1*
lrwxrwxrwx  1 root root      34 2013-08-26 16:30:17.379674066 +0400 libip4tc.so.0 -> /etc/alternatives/libip4tc0.x86_64*
lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 libip4tc.so.0.0.0 -> /etc/alternatives/libip4tc000.x86_64*
-rwxr-xr-x  1 root root   28544 2013-02-22 05:45:53.000000000 +0400 libip4tc.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      23 2013-08-26 16:29:33.590486490 +0400 libip4tc.so.0-1.4.7 -> libip4tc.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      34 2013-08-26 16:30:17.379674066 +0400 libip6tc.so.0 -> /etc/alternatives/libip6tc0.x86_64*
lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 libip6tc.so.0.0.0 -> /etc/alternatives/libip6tc000.x86_64*
-rwxr-xr-x  1 root root   28064 2013-02-22 05:45:53.000000000 +0400 libip6tc.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      23 2013-08-26 16:29:33.592486500 +0400 libip6tc.so.0-1.4.7 -> libip6tc.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      32 2013-08-26 16:30:17.379674066 +0400 libipq.so.0 -> /etc/alternatives/libipq0.x86_64*
lrwxrwxrwx  1 root root      34 2013-08-26 16:30:17.379674066 +0400 libipq.so.0.0.0 -> /etc/alternatives/libipq000.x86_64*
-rwxr-xr-x  1 root root    9280 2013-02-22 05:45:53.000000000 +0400 libipq.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      21 2013-08-26 16:29:33.593486534 +0400 libipq.so.0-1.4.7 -> libipq.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      33 2013-08-26 16:30:17.379674066 +0400 libiptc.so.0 -> /etc/alternatives/libiptc0.x86_64*
lrwxrwxrwx  1 root root      35 2013-08-26 16:30:17.379674066 +0400 libiptc.so.0.0.0 -> /etc/alternatives/libiptc000.x86_64*
-rwxr-xr-x  1 root root    3680 2013-02-22 05:45:53.000000000 +0400 libiptc.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      22 2013-08-26 16:29:33.594486893 +0400 libiptc.so.0-1.4.7 -> libiptc.so.0.0.0-1.4.7*
lrwxrwxrwx  1 root root      18 2014-04-09 10:20:41.275734947 +0400 libk5crypto.so.3 -> libk5crypto.so.3.1*
-rwxr-xr-x  1 root root  177520 2014-04-03 19:12:22.000000000 +0400 libk5crypto.so.3.1*
lrwxrwxrwx  1 root root      18 2013-01-16 16:10:56.000000000 +0400 libkeyutils.so.1 -> libkeyutils.so.1.3*
-rwxr-xr-x  1 root root   12592 2012-06-22 10:20:37.000000000 +0400 libkeyutils.so.1.3*
lrwxrwxrwx  1 root root      14 2014-04-09 10:20:41.282731023 +0400 libkrb5.so.3 -> libkrb5.so.3.3*
-rwxr-xr-x  1 root root  944712 2014-04-03 19:12:22.000000000 +0400 libkrb5.so.3.3*
lrwxrwxrwx  1 root root      21 2014-04-09 10:20:41.315755231 +0400 libkrb5support.so.0 -> libkrb5support.so.0.1*
-rwxr-xr-x  1 root root   46368 2014-04-03 19:12:22.000000000 +0400 libkrb5support.so.0.1*
lrwxrwxrwx  1 root root      20 2013-08-26 16:29:30.369736593 +0400 liblber-2.4.so.2 -> liblber-2.4.so.2.5.6*
-rwxr-xr-x  1 root root   63336 2013-04-29 11:50:08.000000000 +0400 liblber-2.4.so.2.5.6*
lrwxrwxrwx  1 root root      20 2013-08-26 16:29:30.371736205 +0400 libldap-2.4.so.2 -> libldap-2.4.so.2.5.6*
-rwxr-xr-x  1 root root  317200 2013-04-29 11:50:08.000000000 +0400 libldap-2.4.so.2.5.6*
lrwxrwxrwx  1 root root      22 2013-08-26 16:29:30.383737800 +0400 libldap_r-2.4.so.2 -> libldap_r-2.4.so.2.5.6*
-rwxr-xr-x  1 root root  335264 2013-04-29 11:50:08.000000000 +0400 libldap_r-2.4.so.2.5.6*
lrwxrwxrwx  1 root root      20 2013-08-26 16:29:30.391548803 +0400 libldif-2.4.so.2 -> libldif-2.4.so.2.5.6*
-rwxr-xr-x  1 root root   18736 2013-04-29 11:50:08.000000000 +0400 libldif-2.4.so.2.5.6*
-rwxr-xr-x  1 root root  599392 2015-01-27 22:38:12.000000000 +0300 libm-2.12.so*
lrwxrwxrwx  1 root root      17 2013-08-26 16:29:34.457486791 +0400 libmount.so.1 -> libmount.so.1.1.0*
-rwxr-xr-x  1 root root   68304 2013-04-29 11:43:56.000000000 +0400 libmount.so.1.1.0*
lrwxrwxrwx  1 root root      12 2015-01-28 15:09:32.958483737 +0300 libm.so.6 -> libm-2.12.so*
lrwxrwxrwx  1 root root      17 2013-01-16 16:10:57.000000000 +0400 libncurses.so.5 -> libncurses.so.5.7*
-rwxr-xr-x  1 root root  142536 2010-08-18 19:42:28.000000000 +0400 libncurses.so.5.7*
lrwxrwxrwx  1 root root      18 2013-01-16 16:10:57.000000000 +0400 libncursesw.so.5 -> libncursesw.so.5.7*
-rwxr-xr-x  1 root root  195616 2010-08-18 19:42:28.000000000 +0400 libncursesw.so.5.7*
lrwxrwxrwx  1 root root      20 2013-01-16 16:10:57.000000000 +0400 libnih-dbus.so.1 -> libnih-dbus.so.1.0.0*
-rwxr-xr-x  1 root root   39896 2011-12-07 21:40:52.000000000 +0400 libnih-dbus.so.1.0.0*
lrwxrwxrwx  1 root root      15 2013-01-16 16:10:57.000000000 +0400 libnih.so.1 -> libnih.so.1.0.0*
-rwxr-xr-x  1 root root  101920 2011-12-07 21:40:52.000000000 +0400 libnih.so.1.0.0*
lrwxrwxrwx  1 root root      14 2013-08-26 16:29:48.257863034 +0400 libnl.so.1 -> libnl.so.1.1.4*
-rwxr-xr-x  1 root root  337248 2013-06-28 03:58:04.000000000 +0400 libnl.so.1.1.4*
-rwxr-xr-x  1 root root  116368 2015-01-27 22:38:12.000000000 +0300 libnsl-2.12.so*
lrwxrwxrwx  1 root root      14 2015-01-28 15:09:32.964484369 +0300 libnsl.so.1 -> libnsl-2.12.so*
-rwxr-xr-x  1 root root  247192 2014-07-22 22:06:22.000000000 +0400 libnspr4.so*
-rwxr-xr-x  1 root root   42808 2015-01-27 22:38:11.000000000 +0300 libnss_compat-2.12.so*
lrwxrwxrwx  1 root root      21 2015-01-28 15:09:32.966483996 +0300 libnss_compat.so.2 -> libnss_compat-2.12.so*
-rwxr-xr-x  1 root root   27424 2015-01-27 22:38:12.000000000 +0300 libnss_dns-2.12.so*
lrwxrwxrwx  1 root root      18 2015-01-28 15:09:32.970483722 +0300 libnss_dns.so.2 -> libnss_dns-2.12.so*
-rwxr-xr-x  1 root root   65928 2015-01-27 22:38:11.000000000 +0300 libnss_files-2.12.so*
lrwxrwxrwx  1 root root      20 2015-01-28 15:09:32.973483747 +0300 libnss_files.so.2 -> libnss_files-2.12.so*
-rwxr-xr-x  1 root root   24152 2015-01-27 22:38:10.000000000 +0300 libnss_hesiod-2.12.so*
lrwxrwxrwx  1 root root      21 2015-01-28 15:09:32.981483880 +0300 libnss_hesiod.so.2 -> libnss_hesiod-2.12.so*
-rwxr-xr-x  1 root root   52560 2015-01-27 22:38:11.000000000 +0300 libnss_nis-2.12.so*
-rwxr-xr-x  1 root root   61712 2015-01-27 22:38:10.000000000 +0300 libnss_nisplus-2.12.so*
lrwxrwxrwx  1 root root      22 2015-01-28 15:09:32.987484337 +0300 libnss_nisplus.so.2 -> libnss_nisplus-2.12.so*
lrwxrwxrwx  1 root root      18 2015-01-28 15:09:32.983483930 +0300 libnss_nis.so.2 -> libnss_nis-2.12.so*
lrwxrwxrwx  1 root root      17 2013-08-26 16:29:19.640487432 +0400 libpamc.so.0 -> libpamc.so.0.82.1*
-rwxr-xr-x  1 root root   14528 2013-02-22 04:16:03.000000000 +0400 libpamc.so.0.82.1*
lrwxrwxrwx  1 root root      21 2013-08-26 16:29:19.639487003 +0400 libpam_misc.so.0 -> libpam_misc.so.0.82.0*
-rwxr-xr-x  1 root root   17248 2013-02-22 04:16:03.000000000 +0400 libpam_misc.so.0.82.0*
lrwxrwxrwx  1 root root      16 2013-08-26 16:29:19.637487571 +0400 libpam.so.0 -> libpam.so.0.82.2*
-rwxr-xr-x  1 root root   58480 2013-02-22 04:16:03.000000000 +0400 libpam.so.0.82.2*
lrwxrwxrwx  1 root root      16 2013-08-26 16:29:37.784549227 +0400 libpci.so.3 -> libpci.so.3.1.10*
-rwxr-xr-x  1 root root   51472 2013-02-22 02:31:11.000000000 +0400 libpci.so.3.1.10*
lrwxrwxrwx  1 root root      16 2013-08-26 16:29:27.530487312 +0400 libpcre.so.0 -> libpcre.so.0.0.1*
-rwxr-xr-x  1 root root  183816 2012-09-07 15:03:38.000000000 +0400 libpcre.so.0.0.1*
-rwxr-xr-x  1 root root   21288 2014-07-22 22:06:22.000000000 +0400 libplc4.so*
-rwxr-xr-x  1 root root   17128 2014-07-22 22:06:22.000000000 +0400 libplds4.so*
lrwxrwxrwx  1 root root      16 2013-01-16 16:10:57.000000000 +0400 libpopt.so.0 -> libpopt.so.0.0.0*
-rwxr-xr-x  1 root root   38808 2010-08-21 09:30:58.000000000 +0400 libpopt.so.0.0.0*
-rwxr-xr-x  1 root root   65608 2012-11-15 17:54:14.000000000 +0400 libproc-3.2.8.so*
lrwxrwxrwx  1 root root      16 2013-08-26 16:29:27.723736249 +0400 libproc.so -> libproc-3.2.8.so*
-rwxr-xr-x  1 root root  145896 2015-01-27 22:38:12.000000000 +0300 libpthread-2.12.so*
lrwxrwxrwx  1 root root      18 2015-01-28 15:09:32.996483709 +0300 libpthread.so.0 -> libpthread-2.12.so*
lrwxrwxrwx  1 root root      18 2014-09-11 06:35:16.830484171 +0400 libreadline.so.5 -> libreadline.so.5.2*
-rwxr-xr-x  1 root root  261144 2010-11-11 06:19:38.000000000 +0300 libreadline.so.5.2*
lrwxrwxrwx  1 root root      18 2013-01-16 16:10:57.000000000 +0400 libreadline.so.6 -> libreadline.so.6.0*
-rwxr-xr-x  1 root root  272008 2012-06-22 10:54:32.000000000 +0400 libreadline.so.6.0*
-rwxr-xr-x  1 root root  113952 2015-01-27 22:38:11.000000000 +0300 libresolv-2.12.so*
lrwxrwxrwx  1 root root      17 2015-01-28 15:09:33.003484346 +0300 libresolv.so.2 -> libresolv-2.12.so*
-rwxr-xr-x  1 root root   47112 2015-01-27 22:38:10.000000000 +0300 librt-2.12.so*
lrwxrwxrwx  1 root root      13 2015-01-28 15:09:33.006484168 +0300 librt.so.1 -> librt-2.12.so*
-rwxr-xr-x  1 root root   21928 2015-01-27 22:38:11.000000000 +0300 libSegFault.so*
-rwxr-xr-x  1 root root  124624 2013-05-10 13:06:33.000000000 +0400 libselinux.so.1*
-rwxr-xr-x  1 root root  201824 2013-02-22 04:21:47.000000000 +0400 libsemanage.so.1*
-rwxr-xr-x  1 root root  251112 2011-12-07 22:01:08.000000000 +0400 libsepol.so.1*
lrwxrwxrwx  1 root root      12 2014-04-09 10:20:41.035755091 +0400 libss.so.2 -> libss.so.2.0*
-rwxr-xr-x  1 root root   29656 2013-11-22 16:56:01.000000000 +0400 libss.so.2.0*
-rwxr-xr-x  1 root root   34008 2015-01-27 22:38:11.000000000 +0300 libthread_db-1.0.so*
lrwxrwxrwx  1 root root      19 2015-01-28 15:09:33.013484386 +0300 libthread_db.so.1 -> libthread_db-1.0.so*
lrwxrwxrwx  1 root root      15 2013-01-16 16:10:57.000000000 +0400 libtinfo.so.5 -> libtinfo.so.5.7*
-rwxr-xr-x  1 root root  138280 2010-08-18 19:42:28.000000000 +0400 libtinfo.so.5.7*
lrwxrwxrwx  1 root root      18 2013-08-26 16:29:47.896615564 +0400 libtirpc.so.1 -> libtirpc.so.1.0.10*
-rwxr-xr-x  1 root root  161984 2013-05-30 22:54:27.000000000 +0400 libtirpc.so.1.0.10*
-rwxr-xr-x  1 root root   17520 2015-01-27 22:38:10.000000000 +0300 libutil-2.12.so*
lrwxrwxrwx  1 root root      15 2015-01-28 15:09:33.013484386 +0300 libutil.so.1 -> libutil-2.12.so*
lrwxrwxrwx  1 root root      16 2013-08-26 16:29:27.458487528 +0400 libuuid.so.1 -> libuuid.so.1.3.0*
-rwxr-xr-x  1 root root   18936 2013-04-29 11:43:56.000000000 +0400 libuuid.so.1.3.0*
lrwxrwxrwx  1 root root      16 2013-01-16 16:10:57.000000000 +0400 libwrap.so.0 -> libwrap.so.0.7.6*
-rwxr-xr-x  1 root root   40792 2011-12-07 21:45:47.000000000 +0400 libwrap.so.0.7.6*
lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 libxtables.so.4 -> /etc/alternatives/libxtables4.x86_64*
lrwxrwxrwx  1 root root      38 2013-08-26 16:30:17.379674066 +0400 libxtables.so.4.0.0 -> /etc/alternatives/libxtables400.x86_64*
-rwxr-xr-x  1 root root   34616 2013-02-22 05:45:53.000000000 +0400 libxtables.so.4.0.0-1.4.7*
lrwxrwxrwx  1 root root      25 2013-08-26 16:29:33.594486893 +0400 libxtables.so.4-1.4.7 -> libxtables.so.4.0.0-1.4.7*
lrwxrwxrwx  1 root root      13 2013-08-26 16:29:18.217491166 +0400 libz.so.1 -> libz.so.1.2.3*
-rwxr-xr-x  1 root root   91096 2013-02-22 03:02:16.000000000 +0400 libz.so.1.2.3*
drwxr-xr-x  2 root root    4096 2013-10-01 18:37:18.198486390 +0400 rsyslog/
drwxr-xr-x  2 root root    4096 2015-01-28 15:09:33.027484329 +0300 rtkaio/
drwxr-xr-x  3 root root    4096 2013-08-26 16:29:19.668550214 +0400 security/
dr-xr-xr-x  2 root root    4096 2014-02-20 21:32:33.000000000 +0400 tls/
lrwxrwxrwx  1 root root      36 2013-08-26 16:30:17.379674066 +0400 xtables -> /etc/alternatives/lib-xtables.x86_64/
drwxr-xr-x  2 root root    4096 2013-08-26 16:29:33.634737660 +0400 xtables-1.4.7/
[apache@vs01.**********.ru ~]$ ls -la --full-time /lib
total 28
dr-xr-xr-x  7 root root 4096 2014-02-20 21:32:33.000000000 +0400 ./
dr-xr-xr-x 25 root root 4096 2015-03-25 03:33:40.839381604 +0300 ../
lrwxrwxrwx  1 root root   14 2014-04-09 10:20:40.229729238 +0400 cpp -> ../usr/bin/cpp*
drwxr-xr-x  2 root root 4096 2013-02-22 09:22:18.000000000 +0400 firmware/
dr-xr-xr-x  7 root root 4096 2015-03-17 02:06:50.808858882 +0300 modules/
drwxr-xr-x  2 root root 4096 2013-02-22 04:16:00.000000000 +0400 security/
drwxr-xr-x  6 root root 4096 2011-09-13 21:36:01.000000000 +0400 terminfo/
drwxr-xr-x  5 root root 4096 2015-01-29 05:33:58.058230195 +0300 udev/
[apache@vs01.**********.ru ~]$ mount
/dev/simfs on / type simfs (rw,relatime)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
none on /dev type devtmpfs (rw,relatime,mode=755)
none on /dev/pts type devpts (rw,relatime,mode=600,ptmxmode=000)
tmpfs on /tmp/mysql_tmpfs type tmpfs (rw,relatime,size=2097152k,mode=700,uid=27,gid=27)
tmpfs on /srv/www/**********.com/htdocs/upload/responses type tmpfs (rw,relatime,size=524288k,mode=700,uid=48,gid=48)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,relatime)
[apache@vs01.**********.ru ~]$ df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/simfs            5.3T  1.1T  4.2T  21% /
none                   16G  4.0K   16G   1% /dev
tmpfs                 2.0G  8.0K  2.0G   1% /tmp/mysql_tmpfs
tmpfs                 512M   28K  512M   1% /srv/www/**********.com/htdocs/upload/responses
[apache@vs01.**********.ru ~]$ cat /etc/issue
CentOS release 6.4 (Final)
Kernel \r on an \m

[apache@vs01.**********.ru ~]$ cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed

[apache@vs01.**********.ru ~]$ cat /proc/version
Linux version 2.6.32-042stab093.4 (root@kbuild-rh6-x64) (gcc version 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) ) #1 SMP Mon Aug 11 18:47:39 MSK 2014
[apache@vs01.**********.ru ~]$ cat /proc/sys/vm/mmap_min_addr
4096
[apache@vs01.**********.ru ~]$ pwd
/home/**********
[apache@vs01.**********.ru ~]$ ls -la /usr/bin/staprun
ls: cannot access /usr/bin/staprun: No such file or directory
[apache@vs01.**********.ru ~]$ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null

Есть ssh доступ, но доступа к /root/ нету, нужен туда доступ заполучить)))

 

Подскажите сплоит. Не смог найти

Code:

$ uname -a
FreeBSD *** 8.2-RELEASE-p6 FreeBSD 8.2-RELEASE-p6 #1: Mon Feb 13 10:42:12 MSK 2012     user1@***:/usr/obj/usr/src/sys/GENERIC  amd64

$ ls -la /boot
total 3132
drwxr-xr-x   8 root  wheel    1024 Feb 13  2012 .
drwxr-xr-x  22 root  wheel     512 May  9  2014 ..
-r--r--r--   1 root  wheel    7690 Feb 13  2012 beastie.4th
-r--r--r--   1 root  wheel    8192 Feb 13  2012 boot
-r--r--r--   1 root  wheel     512 Feb 13  2012 boot0
-r--r--r--   1 root  wheel     512 Feb 13  2012 boot0sio
-r--r--r--   1 root  wheel     512 Feb 13  2012 boot1
-r--r--r--   1 root  wheel    7680 Feb 13  2012 boot2
-r--r--r--   1 root  wheel    1201 Feb 13  2012 cdboot
drwxr-xr-x   2 root  wheel     512 Feb 13  2012 defaults
-r--r--r--   1 root  wheel     808 Feb 24  2008 device.hints
drwxr-xr-x   2 root  wheel     512 Feb 24  2008 firmware
-r--r--r--   1 root  wheel    2262 Feb 13  2012 frames.4th
-r--r--r--   1 root  wheel   13851 Feb 13  2012 gptboot
-r--r--r--   1 root  wheel   27463 Feb 13  2012 gptzfsboot
drwxr-xr-x   2 root  wheel   30208 Feb 13  2012 kernel
drwxr-xr-x   2 root  wheel   30208 Aug  3  2011 kernel.old
-r-xr-xr-x   1 root  wheel  237568 Feb 13  2012 loader
-r--r--r--   1 root  wheel    5865 Feb 13  2012 loader.4th
-rw-r--r--   1 root  wheel     195 Jan 28  2010 loader.conf
-r--r--r--   1 root  wheel   15219 Feb 13  2012 loader.help
-r-xr-xr-x   1 root  wheel  237568 Aug  3  2011 loader.old
-r--r--r--   1 root  wheel     385 Feb 24  2008 loader.rc
-r--r--r--   1 root  wheel     512 Feb 13  2012 mbr
drwxr-xr-x   2 root  wheel     512 Feb 24  2008 modules
-r--r--r--   1 root  wheel     512 Feb 13  2012 pmbr
-r--r--r--   1 root  wheel  239616 Feb 13  2012 pxeboot
-r--r--r--   1 root  wheel     703 Feb 13  2012 screen.4th
-r--r--r--   1 root  wheel   35136 Feb 13  2012 support.4th
drwxr-xr-x   2 root  wheel     512 Feb 24  2008 zfs
-r--r--r--   1 root  wheel   33280 Feb 13  2012 zfsboot
-r-xr-xr-x   1 root  wheel  258048 Feb 13  2012 zfsloader
-r-xr-xr-x   1 root  wheel  258048 Aug  3  2011 zfsloader.old

$ lls -la --full-time /lib 

$ mount
/dev/aacd0s1a on / (ufs, local)
devfs on /dev (devfs, local, multilabel)
/dev/aacd0s1d on /tmp (ufs, local, soft-updates)
/dev/aacd0s1f on /usr (ufs, local, soft-updates)
/dev/aacd0s1e on /var (ufs, local, soft-updates)
/dev/aacd1s1d on /home (ufs, local, soft-updates)

$ df -h
Filesystem       Size    Used   Avail Capacity  Mounted on
/dev/aacd0s1a    1.9G    592M    1.2G    33%    /
devfs            1.0K    1.0K      0B   100%    /dev
/dev/aacd0s1d    2.9G    490K    2.7G     0%    /tmp
/dev/aacd0s1f     15G    3.8G    9.9G    28%    /usr
/dev/aacd0s1e     29G    3.5G     23G    13%    /var
/dev/aacd1s1d    406G     71G    303G    19%    /home

$ cat /etc/issue

$ cat /etc/crontab
# /etc/crontab - root's crontab for FreeBSD
#
# $FreeBSD: src/etc/crontab,v 1.32 2002/11/22 16:13:39 tom Exp $
#
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
#
#minute	hour	mday	month	wday	who	command
#
*/5	*	*	*	*	root	/usr/libexec/atrun
#
# Save some entropy so that /dev/random can re-seed on boot.
*/11	*	*	*	*	operator /usr/libexec/save-entropy
#
# Rotate log files every hour, if necessary.
0	*	*	*	*	root	newsyslog
#
# Perform daily/weekly/monthly maintenance.
1	3	*	*	*	root	periodic daily
15	4	*	*	6	root	periodic weekly
30	5	1	*	*	root	periodic monthly
#
# Adjust the time zone if the CMOS clock keeps local time, as opposed to
# UTC time.  See adjkerntz(8) for details.
1,31	0-5	*	*	*	root	adjkerntz -a

$ ls -la cron.d

$ cat /proc/version

$ cat /proc/sys/vm/mmap_min_addr

$ pwd
/lib/geom

$ ls -la /usr/bin/staprun

$ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null
-r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/at
-r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/atq
-r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/atrm
-r-sr-xr-x  4 root  wheel  30056 Feb 13  2012 /usr/bin/batch
-r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/chpass
-r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/chfn
-r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/chsh
-r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/ypchpass
-r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/ypchfn
-r-sr-xr-x  6 root  wheel  22944 Feb 13  2012 /usr/bin/ypchsh
-r-sr-xr-x  1 root  wheel  11472 Feb 13  2012 /usr/bin/lock
-r-sr-xr-x  1 root  wheel  25552 Feb 13  2012 /usr/bin/login
-r-sr-xr-x  1 root  wheel  7032 Feb 13  2012 /usr/bin/opieinfo
-r-sr-xr-x  1 root  wheel  14056 Feb 13  2012 /usr/bin/opiepasswd
-r-sr-xr-x  2 root  wheel  8176 Feb 13  2012 /usr/bin/passwd
-r-sr-xr-x  2 root  wheel  8176 Feb 13  2012 /usr/bin/yppasswd
-r-sr-xr-x  1 root  wheel  16048 Feb 13  2012 /usr/bin/rlogin
-r-sr-xr-x  1 root  wheel  11592 Feb 13  2012 /usr/bin/rsh
-r-sr-xr-x  1 root  wheel  16904 Feb 13  2012 /usr/bin/su
-r-sr-xr-x  1 root  wheel  33864 Feb 13  2012 /usr/bin/crontab
-r-sr-sr-x  1 root  daemon  34232 Feb 13  2012 /usr/bin/lpq
-r-sr-sr-x  1 root  daemon  38272 Feb 13  2012 /usr/bin/lpr
-r-sr-sr-x  1 root  daemon  30248 Feb 13  2012 /usr/bin/lprm
---s--x--x  2 root  wheel  1099192 Feb 13  2012 /usr/local/bin/sudo
---s--x--x  2 root  wheel  1099192 Feb 13  2012 /usr/local/bin/sudoedit
-r-sr-sr-x  1 root  authpf  20240 Feb 13  2012 /usr/sbin/authpf
-r-sr-x---  1 root  network  408712 Feb 13  2012 /usr/sbin/ppp
-r-sr-xr-x  1 root  wheel  21080 Feb 13  2012 /usr/sbin/timedc
-r-sr-xr-x  1 root  wheel  29456 Feb 13  2012 /usr/sbin/traceroute
-r-sr-xr-x  1 root  wheel  24448 Feb 13  2012 /usr/sbin/traceroute6
-r-sr-xr-x  1 root  wheel  20416 Feb 13  2012 /bin/rcp
-r-sr-x---  1 root  operator  9704 Feb 13  2012 /sbin/mksnap_ffs
-r-sr-xr-x  1 root  wheel  28200 Feb 13  2012 /sbin/ping
-r-sr-xr-x  1 root  wheel  37240 Feb 13  2012 /sbin/ping6
-r-sr-x---  1 root  operator  15952 Feb 13  2012 /sbin/shutdown

 

Code:

$ uname -a
Linux ****** 2.6.32.26 #1 SMP Thu Dec 9 15:33:24 UTC 2010 x86_64 GNU/Linux
$ ls -la /boot
total 16696
drwxr-xr-x  3 root root     4096 Feb 24 10:19 .
drwxr-xr-x 23 root root     4096 Mar 22 23:06 ..
lrwxrwxrwx  1 root root       20 Dec  9  2010 System.map -> System.map-2.6.32.26
-rw-r--r--  1 root root  1678996 Dec  9  2010 System.map-2.6.32.26
-rw-r--r--  1 root root  2114446 Feb 22 08:16 System.map-3.2.0-4-amd64
lrwxrwxrwx  1 root root       16 Dec  9  2010 config -> config-2.6.32.26
-rw-r--r--  1 root root    43412 Dec  9  2010 config-2.6.32.26
-rw-r--r--  1 root root   129281 Feb 22 08:16 config-3.2.0-4-amd64
drwxr-xr-x  2 root root     4096 Feb 24 10:19 grub
-rw-r--r--  1 root root 10235778 Feb 24 10:19 initrd.img-3.2.0-4-amd64
lrwxrwxrwx  1 root root       17 Dec  9  2010 vmlinuz -> vmlinuz-2.6.32.26
-rw-r--r--  1 root root  2841408 Feb 22 08:05 vmlinuz-3.2.0-4-amd64
$ lls -la --full-time

$ ls -la --full-time
total 52
drwxr-xr-x 2 windows windows  4096 2015-03-30 05:32:50.000000000 +0300 .
drwxr-xr-x 4 windows windows 12288 2015-04-02 20:31:56.000000000 +0300 ..
-rwxrwxrwx 1 windows windows 30712 2015-03-29 22:00:04.000000000 +0300 index.php
$ mount
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sys on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,relatime,size=1007792k,nr_inodes=251948,mode=755)
/dev/pts on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
/dev/xvda1 on / type ext3 (rw,relatime,errors=panic,user_xattr,acl,data=ordered,usrquota,grpquota)
selinuxfs on /selinux type selinuxfs (rw,relatime)
tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=209088k,mode=755)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
tmpfs on /run/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=418160k)
none on /proc/xen type xenfs (rw,relatime)
$ df -h
Filesystem      Size  Used Avail Use% Mounted on
rootfs           35G   22G   13G  64% /
udev            985M     0  985M   0% /dev
/dev/xvda1       35G   22G   13G  64% /
tmpfs           205M  108K  205M   1% /run
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           409M     0  409M   0% /run/shm
$ cat /etc/issue
Debian GNU/Linux 7 \n \l

$ cat /etc/crontab
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user    command
17 *    * * *    root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *    root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6    * * 7    root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6    1 * *    root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
$ ls -la cron.d

$ cat /proc/version
Linux version 2.6.32.26 ([email protected]) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-48)) #1 SMP Thu Dec 9 15:33:24 UTC 2010
$ cat /proc/sys/vm/mmap_min_addr
4096
$ pwd
/var/www/windows/data/www/********/
$ ls -la /usr/bin/staprun

$ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null
-rwsr-xr-x 1 root root 1103424 Jul 24  2014 /usr/sbin/exim4
-rwsr-xr-- 1 root www-data 18920 Dec 24 01:49 /usr/lib/apache2/suexec
-rwsr-xr-x 1 root root 245064 Jun 30  2014 /usr/lib/openssh/ssh-keysign
-rwsr-xr-- 1 root messagebus 298544 Feb 10 00:37 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
-rwsr-xr-x 1 root root 10496 Feb 22 14:42 /usr/lib/pt_chown
-r-sr-xr-x 1 root root 13024 Jul 27  2014 /usr/local/ispmgr/cgi/login
-r-sr-xr-x 1 root root 57344 Jul 27  2014 /usr/local/ispmgr/cgi/certdownload
-r-sr-xr-x 1 root root 49016 Jul 27  2014 /usr/local/ispmgr/cgi/upload
-r-sr-xr-x 1 root root 19816 Jul 27  2014 /usr/local/ispmgr/cgi/outlook
-r-sr-xr-x 1 root root 140408 Jul 27  2014 /usr/local/ispmgr/cgi/getuser
-r-sr-xr-x 1 root root 32752 Jul 27  2014 /usr/local/ispmgr/cgi/dbdownload
-r-sr-xr-x 1 root root 38264 Jul 27  2014 /usr/local/ispmgr/cgi/xml2csv
-r-sr-xr-x 1 root root 53992 Jul 27  2014 /usr/local/ispmgr/cgi/download
-r-sr-xr-x 1 root root 53248 Jul 27  2014 /usr/local/ispmgr/cgi/cronrun
-r-sr-xr-x 1 root root 53280 Jul 27  2014 /usr/local/ispmgr/cgi/mindterm
-r-sr-xr-x 1 root root 8280 Jul 27  2014 /usr/local/ispmgr/cgi/ispmgr
-r-sr-xr-x 1 root root 140888 Jul 27  2014 /usr/local/ispmgr/cgi/bdownload
-r-sr-xr-x 1 root root 5240 Jul 27  2014 /usr/local/ispmgr/sbin/suexec
-r-sr-xr-x 1 root root 36480 Jul 27  2014 /usr/local/ispmgr/sbin/vacation
-r-sr-xr-x 1 root root 1774704 Jul 27  2014 /usr/local/ispmgr/sbin/usermove
-r-sr-xr-x 1 root root 1146280 Jul 27  2014 /usr/local/ispmgr/sbin/pbackup
-r-sr-xr-x 1 root root 66392 Jul 27  2014 /usr/local/ispmgr/sbin/responder
-r-sr-xr-x 1 root root 1550632 Jul 27  2014 /usr/local/ispmgr/bin/ispmgr
-rwsr-xr-x 1 root root 46264 May 26  2012 /usr/bin/chfn
-rwsr-xr-x 1 root root 51096 May 26  2012 /usr/bin/passwd
-rwsr-xr-x 1 root root 41272 May 26  2012 /usr/bin/chsh
-rwsr-xr-x 1 root root 68024 May 26  2012 /usr/bin/gpasswd
-rwsr-xr-x 2 root root 112824 Feb 16 15:46 /usr/bin/sudo
-rwsr-xr-x 1 root root 36432 May 26  2012 /usr/bin/newgrp
-rwsr-sr-x 1 daemon daemon 55456 Oct  3  2014 /usr/bin/at
-rwsr-xr-x 2 root root 112824 Feb 16 15:46 /usr/bin/sudoedit
-rwsr-xr-x 1 root root 69080 Dec 11  2012 /bin/umount
-rwsr-xr-x 1 root root 36136 Apr 12  2011 /bin/ping
-rwsr-xr-x 1 root root 36816 May 26  2012 /bin/su
-rwsr-xr-x 1 root root 94776 Dec 11  2012 /bin/mount
-rwsr-xr-x 1 root root 36896 Apr 12  2011 /bin/ping6

Есть что нибудь для нее?

 

sysjuk, что Вы пробовали? Что с библиотеками? enlightenment?

 

Пробывал enlightenment
./run_nonnull_exploits.sh 2>&1
Compiling exp_abacus.c...OK.
Compiling exp_cheddarbay.c...OK.
Compiling exp_ingom0wnar.c...OK.
Compiling exp_moosecox.c...OK.
Compiling exp_paokara.c...OK.
Compiling exp_powerglove.c...OK.
Compiling exp_sieve.c...OK.
Compiling exp_therebel.c...OK.
Compiling exp_vmware.c...OK.
Compiling exp_wunderbar.c...OK.
./run_null_exploits.sh: 44: ./run_null_exploits.sh: ./exploit: Permission denied
Таки не вкурил почему

 

Есть что-нибудь под сие?

Code:

$ uname -a
Linux srv100 2.6.32-5-686-bigmem #1 SMP Sat May 5 02:21:15 UTC 2012 i686 GNU/Linux

$ mount
/dev/sda2 on / type ext4 (rw,noatime,errors=remount-ro)
tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
udev on /dev type tmpfs (rw,mode=0755)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
/dev/sda1 on /boot type ext3 (rw,noatime)
/dev/sda5 on /var type ext4 (rw,noatime)
/dev/sda6 on /home type ext4 (rw,nosuid,nodev,noatime,usrquota)

$ cat /etc/issue
Debian GNU/Linux 6.0 \n \l

$ cat /etc/crontab
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user   command
17 *   * * *   root  cd / && run-parts --report /etc/cron.hourly
25 6   * * *   root   test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6   * * 7   root   test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6   1 * *   root   test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#

$ cat /proc/sys/vm/mmap_min_addr
65536

 

Посмотрите в сторону PERF_EVENTS local root.

 

А как вы собираетесь понять, что повысили привилегии, если у вас нет стабильной сессии? Сделайте backconnect и с него дальше пробуйте.
Я не говорю, что из-за этого все ваши проблемы, просто повышение привилегий производится из под шелла, когда используется подготовленный код для выполнения с повышенными правами, но большинство эксплоитов попросту повышают права для процесса из под которого они были запущены (в вашем случае это процесс (один из) веб-сервера, который после вывода данных в браузер, завершится и толку от повышения прав нет, а при постоянном коннекте все ваши последующие команды будут выполняться с повышенными привилегиями (при успешном повышении прав соответственно xD )).


p.s. ваш пост - эталон оформления!

 

залил шелл, изначально група \овнер были 498 ( apache ) Group: 500 ( apache )
потом залил в доступный для записи файл, созданый нужным мне юзером
thumbs.php 24.18 KB 2015-04-29 00:49:16 kesdn/kesdn -rw-rw-rw- R T E D

но все равно при заходе на шел, нужного юзера, в верху мне пишется 498 ( apache ) Group: 500 ( apache )
как зайти под нужным юзером?

 

Ответ: ни как.

Скрипты запускаются не от имени владельца/группы файла, они запускаются с правами сервера, в вашем случае (apache).

 

есть что нибуть под такое? помогите пожалуйста!


$ uname -a
Linux server.domain.com 2.6.38.2.domU.x86_64 #1 SMP Wed Mar 30 13:47:22 EEST 2011 x86_64 x86_64 x86_64 GNU/Linux

 

прочитать первый пост? оформить, как надо? попробовать semtex?
http://packetstormsecurity.com/files/121616/semtex.c

 

Спасибо, поспешил, первый раз собираюсь рутать, опытат вообще ноль, в следующий раз буду более осмотрителен!

 

Подскажите эксплоит

Code:

uname -a
Linux xxx 3.10.25-gentoo #1 SMP Sat Feb 1 15:48:44 EET 2014 x86_64 Intel(R) Xeon(R) CPU E5630 @ 2.53GHz GenuineIntel GNU/Linux

ls -la /boot 2>&1
total 8
drwxr-xr-x  2 root root 4096 Sep 13  2012 .
drwxr-xr-x 21 root root 4096 Feb  3 00:38 ..

ls -la --full-time /lib/libc* 2>&1
-rwxr-xr-x 1 root root 1716472 2015-02-03 00:38:44.273116240 +0200 /lib/libc-2.19.so
lrwxrwxrwx 1 root root  12 2015-02-03 00:38:41.553121571 +0200 /lib/libc.so.6 -> libc-2.19.so
lrwxrwxrwx 1 root root  14 2012-09-13 14:06:50.297258314 +0300 /lib/libcap.so.2 -> libcap.so.2.22
-rwxr-xr-x 1 root root  18744 2012-09-13 14:06:49.327261624 +0300 /lib/libcap.so.2.22
-rwxr-xr-x 1 root root  190688 2015-02-03 00:38:44.743115317 +0200 /lib/libcidn-2.19.so
lrwxrwxrwx 1 root root  15 2015-02-03 00:38:41.553121571 +0200 /lib/libcidn.so.1 -> libcidn-2.19.so
lrwxrwxrwx 1 root root  17 2014-02-01 15:14:12.306873983 +0200 /lib/libcom_err.so.2 -> libcom_err.so.2.1
-rwxr-xr-x 1 root root  14480 2014-02-01 15:14:13.286872409 +0200 /lib/libcom_err.so.2.1
lrwxrwxrwx 1 root root  17 2014-02-01 14:34:01.189952358 +0200 /lib/libcrack.so.2 -> libcrack.so.2.8.1
-rwxr-xr-x 1 root root  43336 2014-02-01 14:34:02.489951842 +0200 /lib/libcrack.so.2.8.1
-rwxr-xr-x 1 root root  34992 2015-02-03 00:38:44.273116240 +0200 /lib/libcrypt-2.19.so
lrwxrwxrwx 1 root root  16 2015-02-03 00:38:41.553121571 +0200 /lib/libcrypt.so.1 -> libcrypt-2.19.so

mount 2>&1
rootfs on / type rootfs (rw)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=10240k,nr_inodes=4614510,mode=755)
devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
/dev/sda2 on / type ext4 (rw,noatime,data=ordered)
tmpfs on /run type tmpfs (rw,nosuid,nodev,relatime,size=3692176k,mode=755)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
/dev/sda3 on /home type ext4 (rw,noatime)
/dev/sda4 on /storage type ext4 (rw,noatime)
/dev/md0 on /var/www type ext4 (rw,noatime,discard)
none on /tmp type tmpfs (rw,size=8G,nr_inodes=1M)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nodev,noexec,nosuid)

df -h 2>&1
Filesystem  Size  Used Avail Use% Mounted on
/dev/sda2  46G  31G  13G  72% /
udev  10M  0  10M  0% /dev
tmpfs  3.6G  832K  3.6G  1% /run
shm  18G  0  18G  0% /dev/shm
/dev/sda3  46G  714M  43G  2% /home
/dev/sda4  3.5T  2.7T  690G  80% /storage
/dev/md0  147G  11G  129G  8% /var/www
none  8.0G  134M  7.9G  2% /tmp

cat /etc/issue 2>&1

This is \n.\O (\s \m \r) \t

$ cat /etc/crontab 2>&1
# for vixie cron
# $Header: /var/cvsroot/gentoo-x86/sys-process/vixie-cron/files/crontab-3.0.1-r4,v 1.2 2009/05/12 09:13:46 bangert Exp $

# Global variables
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# check scripts in cron.hourly, cron.daily, cron.weekly and cron.monthly
59  *  * * *   root   rm -f /var/spool/cron/lastrun/cron.hourly
9  3  * * *   root   rm -f /var/spool/cron/lastrun/cron.daily
19 4  * * 6   root   rm -f /var/spool/cron/lastrun/cron.weekly
29 5  1 * *   root   rm -f /var/spool/cron/lastrun/cron.monthly
*/10  *  * * *   root   test -x /usr/sbin/run-crons && /usr/sbin/run-crons
*/5  * * * *  root  /bin/sh /usr/local/bin/srvstat.sh
51 2  * * *  root  /bin/sh /usr/local/bin/sitestat.sh
@reboot  root  mkdir -p /tmp/unncache && chown apache:apache /tmp/unncache
@reboot  root  mkdir -p /tmp/amn-sessions && chown apache:apache /tmp/amn-sessions

cat /proc/version 2>&1
Linux version 3.10.25-gentoo (root@xxx) (gcc version 4.7.3 (Gentoo 4.7.3-r1 p1.4, pie-0.5.5) ) #1 SMP Sat Feb 1 15:48:44 EET 2014

UPD: А никто не знает как подобрать открытый порт для бэк коннекта?!