· 5 years ago · Jan 03, 2020, 04:42 PM
1Local Linux Enumeration & Privilege Escalation
2
3-Kernel information
4Linux localhost 3.2.0-4-686-pae #1 SMP Debian 3.2.65-1 i686 GNU/Linux
5
6Kernel information (continued)
7Linux version 3.2.0-4-686-pae (debian-kernel@lists.debian.org) (gcc version 4.6.3 (Debian 4.6.3-14) ) #1 SMP Debian 3.2.65-1
8
9Specific release information
10PRETTY_NAME="Debian GNU/Linux 7 (wheezy)"
11NAME="Debian GNU/Linux"
12VERSION_ID="7"
13VERSION="7 (wheezy)"
14ID=debian
15ANSI_COLOR="1;31"
16HOME_URL="http://www.debian.org/"
17SUPPORT_URL="http://www.debian.org/support/"
18BUG_REPORT_URL="http://bugs.debian.org/"
19
20Hostname:
21localhost
22
23USER/GROUP
24-e \e[00;31m[-] Current user/group info:\e[00m
25uid=39(irc) gid=39(irc) groups=39(irc)
26
27Users that have previously logged onto the system:\e[00m
28Username Port From Latest
29root tty1 Tue Nov 19 10:05:01 -0800 2019
30vagrant pts/1 192.168.1.12 Fri Apr 19 06:38:23 -0700 2019
31-e
32
33Who else is logged on:\e[00m
3408:12:41 up 1:33, 0 users, load average: 0.11, 0.12, 0.07
35USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
36
37Group memberships:\e[00m
38uid=0(root) gid=0(root) groups=0(root)
39uid=1(daemon) gid=1(daemon) groups=1(daemon)
40uid=2(bin) gid=2(bin) groups=2(bin)
41uid=3(sys) gid=3(sys) groups=3(sys)
42uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
43uid=5(games) gid=60(games) groups=60(games)
44uid=6(man) gid=12(man) groups=12(man)
45uid=7(lp) gid=7(lp) groups=7(lp)
46uid=8(mail) gid=8(mail) groups=8(mail)
47uid=9(news) gid=9(news) groups=9(news)
48uid=10(uucp) gid=10(uucp) groups=10(uucp)
49uid=13(proxy) gid=13(proxy) groups=13(proxy)
50uid=33(www-data) gid=33(www-data) groups=33(www-data)
51uid=34(backup) gid=34(backup) groups=34(backup)
52uid=38(list) gid=38(list) groups=38(list)
53uid=39(irc) gid=39(irc) groups=39(irc)
54uid=41(gnats) gid=41(gnats) groups=41(gnats)
55uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
56uid=100(libuuid) gid=101(libuuid) groups=101(libuuid)
57uid=101(Debian-exim) gid=103(Debian-exim) groups=103(Debian-exim)
58uid=102(statd) gid=65534(nogroup) groups=65534(nogroup)
59uid=103(ntp) gid=106(ntp) groups=106(ntp)
60uid=104(sshd) gid=65534(nogroup) groups=65534(nogroup)
61uid=999(vboxadd) gid=1(daemon) groups=1(daemon)
62uid=1000(vagrant) gid=1000(vagrant) groups=1000(vagrant)
63uid=105(messagebus) gid=107(messagebus) groups=107(messagebus)
64uid=106(popa3d) gid=109(popa3d) groups=109(popa3d)
65
66Contents of /etc/passwd:\e[00m
67root:x:0:0:root:/root:/bin/bash
68daemon:x:1:1:daemon:/usr/sbin:/bin/sh
69bin:x:2:2:bin:/bin:/bin/sh
70sys:x:3:3:sys:/dev:/bin/sh
71sync:x:4:65534:sync:/bin:/bin/sync
72games:x:5:60:games:/usr/games:/bin/sh
73man:x:6:12:man:/var/cache/man:/bin/sh
74lp:x:7:7:lp:/var/spool/lpd:/bin/sh
75mail:x:8:8:mail:/var/mail:/bin/sh
76news:x:9:9:news:/var/spool/news:/bin/sh
77uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
78proxy:x:13:13:proxy:/bin:/bin/sh
79www-data:x:33:33:www-data:/var/www:/bin/sh
80backup:x:34:34:backup:/var/backups:/bin/sh
81list:x:38:38:Mailing List Manager:/var/list:/bin/sh
82irc:x:39:39:ircd:/var/run/ircd:/bin/sh
83gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
84nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
85libuuid:x:100:101::/var/lib/libuuid:/bin/sh
86Debian-exim:x:101:103::/var/spool/exim4:/bin/false
87statd:x:102:65534::/var/lib/nfs:/bin/false
88ntp:x:103:106::/home/ntp:/bin/false
89sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
90vboxadd:x:999:1::/var/run/vboxadd:/bin/false
91vagrant:x:1000:1000::/home/vagrant:/bin/bash
92messagebus:x:105:107::/var/run/dbus:/bin/false
93popa3d:x:106:109::/var/lib/popa3d:/bin/false
94
95Super user account(s):\e[00m
96root
97-e
98
99Are permissions on /home directories lax:\e[00m
100total 16K
101drwxr-xr-x 4 root root 4.0K Nov 19 06:48 .
102drwxr-xr-x 24 root root 4.0K Dec 4 06:26 ..
103drwxr-xr-x 2 irc irc 4.0K Jan 3 08:12 irc
104drwxr-xr-x 3 vagrant vagrant 4.0K Apr 19 2019 vagrant
105
106ENVIRONMENTAL #######################################\e[00m
107Environment information:\e[00m
108CONSOLE=/dev/console
109SHLVL=3
110HOME=/
111OLDPWD=/
112init=/sbin/init
113runlevel=2
114INIT_VERSION=sysvinit-2.88
115_=/bin/sh
116TERM=linux
117COLUMNS=80
118BOOT_IMAGE=/vmlinuz-3.2.0-4-686-pae
119PATH=/sbin:/usr/sbin:/bin:/usr/bin
120RUNLEVEL=2
121PREVLEVEL=N
122SHELL=/bin/sh
123debian-installer=en_US
124PWD=/home/irc
125previous=N
126LINES=25
127rootmnt=/root
128-e
129
130Path information:\e[00m
131/sbin:/usr/sbin:/bin:/usr/bin
132-e drwxr-xr-x 2 root root 4096 Mar 8 2016 /bin
133drwxr-xr-x 2 root root 4096 Nov 19 06:42 /sbin
134drwxr-xr-x 2 root root 36864 Nov 19 06:44 /usr/bin
135drwxr-xr-x 2 root root 4096 Nov 19 06:48 /usr/sbin
136
137Available shells:\e[00m
138# /etc/shells: valid login shells
139/bin/sh
140/bin/dash
141/bin/bash
142/bin/rbash
143
144Current umask value:\e[00m
1450077
146u=rwx,g=,o=
147
148umask value as specified in /etc/login.defs:\e[00m
149UMASK 022
150
151Password and storage information:\e[00m
152PASS_MAX_DAYS 99999
153PASS_MIN_DAYS 0
154PASS_WARN_AGE 7
155ENCRYPT_METHOD SHA512
156
157JOBS/TASKS ##########################################\e[00m
158Cron jobs:\e[00m
159-rw-r--r-- 1 root root 722 Jul 3 2012 /etc/crontab
160
161/etc/cron.d:
162total 12
163drwxr-xr-x 2 root root 4096 Mar 8 2016 .
164drwxr-xr-x 81 root root 4096 Jan 3 08:08 ..
165-rw-r--r-- 1 root root 102 Jul 3 2012 .placeholder
166
167/etc/cron.daily:
168total 72
169drwxr-xr-x 2 root root 4096 Nov 19 06:44 .
170drwxr-xr-x 81 root root 4096 Jan 3 08:08 ..
171-rw-r--r-- 1 root root 102 Jul 3 2012 .placeholder
172-rwxr-xr-x 1 root root 633 May 30 2018 apache2
173-rwxr-xr-x 1 root root 14985 Oct 23 2014 apt
174-rwxr-xr-x 1 root root 314 Nov 4 2012 aptitude
175-rwxr-xr-x 1 root root 355 Jun 11 2012 bsdmainutils
176-rwxr-xr-x 1 root root 256 Jun 5 2014 dpkg
177-rwxr-xr-x 1 root root 4125 Jul 20 2014 exim4-base
178-rwxr-xr-x 1 root root 89 May 17 2012 logrotate
179-rwxr-xr-x 1 root root 1365 Jun 18 2012 man-db
180-rwxr-xr-x 1 root root 606 Sep 25 2010 mlocate
181-rwxr-xr-x 1 root root 1110 Oct 28 2015 ntp
182-rwxr-xr-x 1 root root 249 May 25 2012 passwd
183
184/etc/cron.hourly:
185total 12
186drwxr-xr-x 2 root root 4096 Mar 8 2016 .
187drwxr-xr-x 81 root root 4096 Jan 3 08:08 ..
188-rw-r--r-- 1 root root 102 Jul 3 2012 .placeholder
189
190/etc/cron.monthly:
191total 12
192drwxr-xr-x 2 root root 4096 Mar 8 2016 .
193drwxr-xr-x 81 root root 4096 Jan 3 08:08 ..
194-rw-r--r-- 1 root root 102 Jul 3 2012 .placeholder
195
196/etc/cron.weekly:
197total 16
198drwxr-xr-x 2 root root 4096 Mar 8 2016 .
199drwxr-xr-x 81 root root 4096 Jan 3 08:08 ..
200-rw-r--r-- 1 root root 102 Jul 3 2012 .placeholder
201-rwxr-xr-x 1 root root 907 Jun 18 2012 man-db
202-e
203
204Crontab contents:\e[00m
205# /etc/crontab: system-wide crontab
206# Unlike any other crontab you don't have to run the `crontab'
207# command to install the new version when you edit this file
208# and files in /etc/cron.d. These files also have username fields,
209# that none of the other crontabs do.
210
211SHELL=/bin/sh
212PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
213
214# m h dom mon dow user command
21517 * * * * root cd / && run-parts --report /etc/cron.hourly
21625 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
21747 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
21852 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
219
220NETWORKING ##########################################\e[00m
221-e \e[00;31m[-] Network and IP info:\e[00m
222eth0 Link encap:Ethernet HWaddr 08:00:27:1c:b1:1b
223 inet addr:10.0.2.7 Bcast:10.0.2.255 Mask:255.255.255.0
224 inet6 addr: fe80::a00:27ff:fe1c:b11b/64 Scope:Link
225 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
226 RX packets:114312 errors:0 dropped:0 overruns:0 frame:0
227 TX packets:113391 errors:0 dropped:0 overruns:0 carrier:0
228 collisions:0 txqueuelen:1000
229 RX bytes:9661233 (9.2 MiB) TX bytes:11694023 (11.1 MiB)
230
231lo Link encap:Local Loopback
232 inet addr:127.0.0.1 Mask:255.0.0.0
233 inet6 addr: ::1/128 Scope:Host
234 UP LOOPBACK RUNNING MTU:16436 Metric:1
235 RX packets:0 errors:0 dropped:0 overruns:0 frame:0
236 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
237 collisions:0 txqueuelen:0
238 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
239
240ARP history:\e[00m
241? (10.0.2.1) at 52:54:00:12:35:00 [ether] on eth0
242? (10.0.2.3) at 08:00:27:f3:53:d9 [ether] on eth0
243? (10.0.2.8) at 08:00:27:69:94:e4 [ether] on eth0
244
245Nameserver(s):\e[00m
246nameserver 192.168.1.254
247
248Default route:\e[00m
249default 10.0.2.1 0.0.0.0 UG 0 0 0 eth0
250-e
251
252Listening TCP:\e[00m
253Active Internet connections (only servers)
254Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
255tcp 0 0 0.0.0.0:6667 0.0.0.0:* LISTEN 2670/ircd
256tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN -
257tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
258tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
259tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
260tcp 0 0 0.0.0.0:55360 0.0.0.0:* LISTEN -
261tcp6 0 0 :::60876 :::* LISTEN -
262tcp6 0 0 :::111 :::* LISTEN -
263tcp6 0 0 :::80 :::* LISTEN -
264tcp6 0 0 :::22 :::* LISTEN -
265tcp6 0 0 ::1:25 :::* LISTEN
266
267Listening UDP:\e[00m
268Active Internet connections (only servers)
269Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
270udp 0 0 0.0.0.0:36686 0.0.0.0:* -
271udp 0 0 0.0.0.0:982 0.0.0.0:* -
272udp 0 0 127.0.0.1:1014 0.0.0.0:* -
273udp 0 0 0.0.0.0:68 0.0.0.0:* -
274udp 0 0 0.0.0.0:111 0.0.0.0:* -
275udp 0 0 10.0.2.7:123 0.0.0.0:* -
276udp 0 0 127.0.0.1:123 0.0.0.0:* -
277udp 0 0 0.0.0.0:123 0.0.0.0:* -
278udp 0 0 0.0.0.0:59077 0.0.0.0:* -
279udp6 0 0 :::982 :::* -
280udp6 0 0 :::47634 :::* -
281udp6 0 0 :::111 :::* -
282udp6 0 0 ::1:123 :::* -
283udp6 0 0 fe80::a00:27ff:fe1c:123 :::* -
284udp6 0 0 :::123 :::* -
285udp6 0 0 :::49403 :::* -
286-e
287
288SERVICES #############################################\e[00m
289Running processes:\e[00m
290USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
291root 1 0.0 0.0 2212 700 ? Ss 06:39 0:00 init [2]
292root 2 0.0 0.0 0 0 ? S 06:39 0:00 [kthreadd]
293root 3 0.0 0.0 0 0 ? S 06:39 0:00 [ksoftirqd/0]
294root 5 0.0 0.0 0 0 ? S 06:39 0:00 [kworker/u:0]
295root 6 0.0 0.0 0 0 ? S 06:39 0:00 [migration/0]
296root 7 0.0 0.0 0 0 ? S 06:39 0:00 [watchdog/0]
297root 8 0.0 0.0 0 0 ? S 06:39 0:00 [migration/1]
298root 10 0.0 0.0 0 0 ? S 06:39 0:00 [ksoftirqd/1]
299root 11 0.0 0.0 0 0 ? S 06:39 0:00 [kworker/0:1]
300root 12 0.0 0.0 0 0 ? S 06:39 0:00 [watchdog/1]
301root 13 0.0 0.0 0 0 ? S< 06:39 0:00 [cpuset]
302root 14 0.0 0.0 0 0 ? S< 06:39 0:00 [khelper]
303root 15 0.0 0.0 0 0 ? S 06:39 0:00 [kdevtmpfs]
304root 16 0.0 0.0 0 0 ? S< 06:39 0:00 [netns]
305root 17 0.0 0.0 0 0 ? S 06:39 0:00 [sync_supers]
306root 18 0.0 0.0 0 0 ? S 06:39 0:00 [bdi-default]
307root 19 0.0 0.0 0 0 ? S< 06:39 0:00 [kintegrityd]
308root 20 0.0 0.0 0 0 ? S< 06:39 0:00 [kblockd]
309root 21 0.0 0.0 0 0 ? S 06:39 0:00 [khungtaskd]
310root 22 0.0 0.0 0 0 ? S 06:39 0:00 [kswapd0]
311root 23 0.0 0.0 0 0 ? SN 06:39 0:00 [ksmd]
312root 24 0.0 0.0 0 0 ? SN 06:39 0:00 [khugepaged]
313root 25 0.0 0.0 0 0 ? S 06:39 0:00 [fsnotify_mark]
314root 26 0.0 0.0 0 0 ? S< 06:39 0:00 [crypto]
315root 122 0.0 0.0 0 0 ? S< 06:39 0:00 [ata_sff]
316root 131 0.0 0.0 0 0 ? S 06:39 0:00 [scsi_eh_0]
317root 132 0.0 0.0 0 0 ? S 06:39 0:00 [scsi_eh_1]
318root 133 0.0 0.0 0 0 ? S 06:39 0:00 [kworker/u:1]
319root 151 0.0 0.0 0 0 ? S< 06:39 0:00 [kdmflush]
320root 159 0.0 0.0 0 0 ? S< 06:39 0:00 [kdmflush]
321root 174 0.0 0.0 0 0 ? S 06:39 0:00 [kjournald]
322root 315 0.0 0.0 2552 1144 ? Ss 06:39 0:00 udevd --daemon
323root 454 0.0 0.0 2548 860 ? S 06:39 0:00 udevd --daemon
324root 466 0.0 0.0 2548 860 ? S 06:39 0:00 udevd --daemon
325root 499 0.0 0.0 0 0 ? S< 06:39 0:00 [kpsmoused]
326root 505 0.0 0.0 0 0 ? S< 06:39 0:00 [ttm_swap]
327root 508 0.0 0.0 0 0 ? S< 06:39 0:00 [iprt-VBoxWQueu
328root 513 0.0 0.0 0 0 ? S 06:39 0:00 [kworker/0:2]
329root 1655 0.0 0.0 2308 876 ? Ss 06:39 0:00 /sbin/rpcbind -
330statd 1686 0.0 0.0 2624 1324 ? Ss 06:39 0:00 /sbin/rpc.statd
331root 1691 0.0 0.0 0 0 ? S< 06:39 0:00 [rpciod]
332root 1693 0.0 0.0 0 0 ? S< 06:39 0:00 [nfsiod]
333root 1700 0.0 0.0 2508 388 ? Ss 06:39 0:00 /usr/sbin/rpc.i
334root 1916 0.0 0.1 5112 2296 ? Ss 06:39 0:00 dhclient -v -pf
335root 2034 0.0 0.0 2088 276 ? Ss 06:39 0:00 /usr/sbin/popa3
336root 2039 0.0 0.0 1796 488 ? Ss 06:39 0:00 startpar -f --
337root 2049 0.0 0.0 27860 1336 ? Sl 06:39 0:00 /usr/sbin/rsysl
338root 2094 0.0 0.0 1808 604 ? Ss 06:39 0:00 /usr/sbin/acpid
339root 2117 0.0 0.6 30496 13812 ? Sl 06:39 0:02 /opt/puppetlabs
340root 2142 0.0 0.1 5840 2676 ? Ss 06:39 0:00 /usr/sbin/apach
341www-data 2146 0.0 0.1 5936 2752 ? S 06:39 0:00 /usr/sbin/apach
342www-data 2147 0.0 0.1 5920 2732 ? S 06:39 0:00 /usr/sbin/apach
343www-data 2148 0.0 0.1 5920 2712 ? S 06:39 0:00 /usr/sbin/apach
344www-data 2149 0.0 0.1 5956 2776 ? S 06:39 0:00 /usr/sbin/apach
345www-data 2150 0.0 0.1 5920 2728 ? S 06:39 0:00 /usr/sbin/apach
346www-data 2152 0.0 0.1 5920 2724 ? S 06:39 0:00 /usr/sbin/apach
347www-data 2153 0.0 0.1 5920 2712 ? S 06:39 0:00 /usr/sbin/apach
348www-data 2154 0.0 0.1 5976 2792 ? S 06:39 0:00 /usr/sbin/apach
349daemon 2189 0.0 0.0 2084 124 ? Ss 06:39 0:00 /usr/sbin/atd
350root 2251 0.0 0.0 3740 776 ? Ss 06:39 0:00 /usr/sbin/cron
351105 2313 0.0 0.0 2948 672 ? Ss 06:39 0:00 /usr/bin/dbus-d
352ntp 2347 0.0 0.0 5392 2012 ? Ss 06:39 0:00 /usr/sbin/ntpd
353root 2367 0.0 0.0 19932 1944 ? Sl 06:39 0:00 /opt/puppetlabs
354root 2587 0.0 0.0 0 0 ? S 06:39 0:00 [flush-254:0]
355root 2598 0.0 0.0 6408 1040 ? Ss 06:39 0:00 /usr/sbin/sshd
356101 2626 0.0 0.0 7308 880 ? Ss 06:39 0:00 /usr/sbin/exim4
357root 2662 0.0 0.0 23384 996 ? Sl 06:39 0:00 /usr/sbin/VBoxS
358irc 2670 0.0 0.1 4360 2280 ? S 06:39 0:00 /var/lib/unreal
359root 2674 0.0 1.5 51532 31860 ? Ssl 06:39 0:00 /opt/puppetlabs
360root 2702 0.0 0.0 3712 824 tty1 Ss+ 06:39 0:00 /sbin/getty 384
361root 2703 0.0 0.0 3712 816 tty2 Ss+ 06:39 0:00 /sbin/getty 384
362root 2704 0.0 0.0 3712 816 tty3 Ss+ 06:39 0:00 /sbin/getty 384
363root 2705 0.0 0.0 3712 812 tty4 Ss+ 06:39 0:00 /sbin/getty 384
364root 2706 0.0 0.0 3712 816 tty5 Ss+ 06:39 0:00 /sbin/getty 384
365root 2707 0.0 0.0 3712 812 tty6 Ss+ 06:39 0:00 /sbin/getty 384
366root 17373 0.0 0.0 0 0 ? S 08:01 0:00 [kworker/1:1]
367irc 22215 0.0 0.0 1792 248 ? S 08:06 0:00 sleep 4546
368irc 22216 0.0 0.0 3372 892 ? S 08:06 0:00 telnet 10.0.2.8
369irc 22217 0.0 0.0 1864 288 ? S 08:06 0:00 sh -c (sleep 45
370irc 22218 0.0 0.0 3372 888 ? S 08:06 0:00 telnet 10.0.2.8
371irc 22219 0.0 0.0 1864 496 ? S 08:06 0:00 sh
372irc 23187 0.0 0.0 2740 996 ? S 08:07 0:00 bash
373irc 23190 0.0 0.0 2744 1080 ? S 08:07 0:00 /bin/bash
374irc 23195 0.0 0.1 6624 3528 ? S 08:07 0:00 python -c impor
375irc 23196 0.0 0.0 1864 492 pts/0 Ss 08:07 0:00 /bin/sh
376irc 23197 0.0 0.0 3104 1680 pts/0 S 08:07 0:00 bash
377root 26348 0.0 0.0 0 0 ? S 08:10 0:00 [flush-8:0]
378irc 28462 0.0 0.0 1996 508 pts/0 S+ 08:12 0:00 sh linenum.sh
379irc 28463 0.0 0.0 1996 528 pts/0 S+ 08:12 0:00 sh linenum.sh
380irc 28464 0.0 0.0 1792 248 pts/0 S+ 08:12 0:00 tee -a
381irc 28620 0.0 0.0 2748 940 pts/0 R+ 08:12 0:00 ps aux
382root 32751 0.0 0.0 0 0 ? S 07:10 0:00 [kworker/1:0]
383
384Process binaries and associated permissions (from above list):\e[00m
385-rwxr-xr-x 1 root root 941252 Sep 25 2014 /bin/bash
386lrwxrwxrwx 1 root root 4 Mar 1 2012 /bin/sh -> dash
387-rwxr-xr-x 2 root root 26684 Dec 9 2012 /sbin/getty
388-rwxr-xr-x 1 root root 68180 May 21 2013 /sbin/rpc.statd
389-rwxr-xr-x 1 root root 42836 Sep 20 2015 /sbin/rpcbind
390-rwxr-xr-x 1 root root 42748 Apr 15 2013 /usr/sbin/acpid
391-rwxr-xr-x 1 root root 21812 Oct 3 2014 /usr/sbin/atd
392-rwxr-xr-x 1 root root 43020 Jul 3 2012 /usr/sbin/cron
393-rwsr-xr-x 1 root root 937532 Jul 20 2014 /usr/sbin/exim4
394-rwxr-xr-x 1 root root 527824 Oct 28 2015 /usr/sbin/ntpd
395-rwxr-xr-x 1 root root 531920 Jan 13 2016 /usr/sbin/sshd
396
397/opt/puppetlabs:
398total 28
399drwxr-xr-x 7 root root 4096 Mar 8 2016 .
400drwxr-xr-x 4 root root 4096 Mar 8 2016 ..
401drwxr-xr-x 2 root root 4096 Mar 8 2016 bin
402drwxr-xr-x 3 root root 4096 Mar 8 2016 facter
403drwxr-xr-x 3 root root 4096 Mar 8 2016 mcollective
404drwxr-xr-x 9 root root 4096 Mar 8 2016 puppet
405drwxr-xr-x 4 root root 4096 Mar 8 2016 pxp-agent
406/var/lib/unreal:
407total 1796
408drwx------ 14 irc irc 4096 Jan 3 06:39 .
409drwxr-xr-x 33 root root 4096 Nov 19 06:48 ..
410-rw------- 1 irc irc 932 Apr 13 2009 .CHANGES.NEW
411-rw------- 1 irc irc 1645 Apr 24 2004 .CONFIG.RANT
412-rw------- 1 irc irc 5623 Apr 13 2009 .RELEASE.NOTES
413-rw------- 1 irc irc 1060 Apr 24 2004 .SICI
414-rw------- 1 irc irc 519 Dec 10 2000 .UPDATE
415-rw------- 1 irc irc 2791 Apr 24 2004 .bugreport.gdb
416-rw------- 1 irc irc 124 Apr 24 2004 .cvsignore
417-rw------- 1 irc irc 794 Aug 20 2000 .indent.pro
418drwx------ 2 irc irc 4096 Nov 19 06:45 CVS
419-rw------- 1 irc irc 117115 Apr 13 2009 Changes
420-rw------- 1 irc irc 262254 Jul 3 2004 Changes.old
421-rwx------ 1 irc irc 17705 Mar 1 2009 Config
422-rw------- 1 irc irc 1365 Apr 13 2009 Donation
423-rw------- 1 irc irc 1051 Apr 24 2004 INSTALL.REMOTEINC
424-rw------- 1 irc irc 17992 Feb 28 2000 LICENSE
425-rw-r--r-- 1 irc irc 8060 Nov 19 06:46 Makefile
426-rw------- 1 irc irc 7903 Apr 13 2009 Makefile.in
427-rw------- 1 irc irc 851 Apr 24 2004 README
428-rw------- 1 irc irc 2087 Apr 13 2009 Unreal.nfo
429drwx------ 3 irc irc 4096 Nov 19 06:45 aliases
430drwx------ 3 irc irc 4096 Nov 19 06:45 autoconf
431-rw------- 1 irc irc 1175 Apr 24 2004 badwords.channel.conf
432-rw------- 1 irc irc 1183 Apr 24 2004 badwords.message.conf
433-rw------- 1 irc irc 1121 Apr 24 2004 badwords.quit.conf
434drwxr-xr-x 2 irc irc 4096 Nov 19 06:47 config
435-rw------- 1 irc irc 39027 Apr 24 2004 config.guess
436-rw-r--r-- 1 irc irc 68013 Nov 19 06:46 config.log
437-rwxr-xr-x 1 irc irc 29074 Nov 19 06:46 config.status
438-rwxr-xr-x 1 irc irc 29018 Nov 19 06:46 config.status.lineno
439-rw------- 1 irc irc 27846 Apr 24 2004 config.sub
440-rwx------ 1 irc irc 388713 Mar 1 2009 configure
441-rw------- 1 irc irc 499712 Dec 12 03:33 core
442-rw------- 1 irc irc 242894 Apr 13 2009 curl-ca-bundle.crt
443-rwx------ 1 irc irc 1316 Apr 24 2004 curlinstall
444-rw------- 1 irc irc 1900 Apr 13 2009 dccallow.conf
445drwx------ 4 irc irc 4096 Apr 13 2009 doc
446drwx------ 8 irc irc 4096 Nov 19 06:46 extras
447-rw------- 1 irc irc 49552 Mar 1 2009 help.conf
448drwx------ 4 irc irc 4096 Nov 19 06:46 include
449-rw------- 1 irc irc 0 Apr 24 2004 install-sh
450-rw------- 1 irc irc 108 Nov 19 06:47 ircd.log
451-rw-r--r-- 1 irc irc 351 Nov 19 06:48 ircd.motd
452-rw-r--r-- 1 root root 351 Nov 19 06:48 ircd.motd2
453-rw------- 1 irc irc 6 Jan 3 06:39 ircd.pid
454-rw------- 1 irc irc 4 Jan 3 08:09 ircd.tune
455drwx------ 3 irc irc 4096 Nov 19 06:46 ircdcron
456drwx------ 3 irc irc 4096 Nov 19 06:45 keys
457-rw------- 1 irc irc 1962 Apr 13 2009 m_template.c
458-rw------- 1 irc irc 30533 Mar 1 2009 makefile.win32
459-rwx------ 1 irc irc 630 Apr 24 2004 modulize
460drwx------ 3 irc irc 4096 Nov 19 06:45 networks
461-rwx------ 1 irc irc 601 Apr 13 2009 newnet
462-rw------- 1 irc irc 5656 Apr 13 2009 spamfilter.conf
463drwx------ 5 irc irc 4096 Nov 19 06:47 src
464drwxrwxrwx 2 irc irc 4096 Jan 3 06:39 tmp
465-rwx------ 1 irc irc 4088 Nov 19 06:46 unreal
466-rw------- 1 irc irc 3968 Mar 1 2009 unreal.in
467-rw------- 1 irc irc 1325 Nov 19 06:47 unrealircd.conf
468-rwx------ 1 irc irc 956 Apr 24 2004 update
469-rw------- 1 irc irc 14928 Feb 3 2006 wircd.def
470
471/etc/init.d/ binary permissions:\e[00m
472total 348
473drwxr-xr-x 2 root root 4096 Nov 19 06:48 .
474drwxr-xr-x 81 root root 4096 Jan 3 08:08 ..
475-rw-r--r-- 1 root root 1629 Nov 19 06:48 .depend.boot
476-rw-r--r-- 1 root root 809 Nov 19 06:48 .depend.start
477-rw-r--r-- 1 root root 793 Nov 19 06:48 .depend.stop
478-rw-r--r-- 1 root root 2427 Oct 15 2012 README
479-rwxr-xr-x 1 root root 2227 Apr 15 2013 acpid
480-rwxr-xr-x 1 root root 7820 May 26 2018 apache2
481-rwxr-xr-x 1 root root 1071 Jun 25 2011 atd
482-rwxr-xr-x 1 root root 1276 Oct 15 2012 bootlogs
483-rwxr-xr-x 1 root root 1281 Jul 14 2013 bootmisc.sh
484-rwxr-xr-x 1 root root 3816 Jul 14 2013 checkfs.sh
485-rwxr-xr-x 1 root root 1099 Jul 14 2013 checkroot-bootclean.sh
486-rwxr-xr-x 1 root root 9673 Jul 14 2013 checkroot.sh
487-rwxr-xr-x 1 root root 1379 Dec 8 2011 console-setup
488-rwxr-xr-x 1 root root 3033 Jul 2 2012 cron
489-rwxr-xr-x 1 root root 2813 Feb 5 2015 dbus
490-rwxr-xr-x 1 root root 6435 Jul 20 2014 exim4
491-rwxr-xr-x 1 root root 1329 Oct 15 2012 halt
492-rwxr-xr-x 1 root root 1423 Oct 15 2012 hostname.sh
493-rwxr-xr-x 1 root root 3880 Dec 9 2012 hwclock.sh
494-rwxr-xr-x 1 root root 7592 Apr 28 2012 kbd
495-rwxr-xr-x 1 root root 1591 Sep 30 2012 keyboard-setup
496-rwxr-xr-x 1 root root 1293 Oct 15 2012 killprocs
497-rwxr-xr-x 1 root root 1990 May 20 2012 kmod
498-rwxr-xr-x 1 root root 884 May 4 2012 lvm2
499-rwxr-xr-x 1 root root 2586 Feb 2 2016 mcollective
500-rwxr-xr-x 1 root root 995 Oct 15 2012 motd
501-rwxr-xr-x 1 root root 670 Feb 23 2013 mountall-bootclean.sh
502-rwxr-xr-x 1 root root 2128 Feb 23 2013 mountall.sh
503-rwxr-xr-x 1 root root 1508 Jul 14 2013 mountdevsubfs.sh
504-rwxr-xr-x 1 root root 1413 Jul 14 2013 mountkernfs.sh
505-rwxr-xr-x 1 root root 678 Feb 23 2013 mountnfs-bootclean.sh
506-rwxr-xr-x 1 root root 2440 Oct 15 2012 mountnfs.sh
507-rwxr-xr-x 1 root root 1731 Jul 14 2013 mtab.sh
508-rwxr-xr-x 1 root root 4322 Mar 14 2013 networking
509-rwxr-xr-x 1 root root 6491 May 21 2013 nfs-common
510-rwxr-xr-x 1 root root 1814 Feb 4 2015 ntp
511-rwxr-xr-x 1 root root 1309 Sep 9 2010 popa3d
512-rwxr-xr-x 1 root root 1346 May 19 2012 procps
513-rwxr-xr-x 1 root root 2866 Feb 2 2016 puppet
514-rwxr-xr-x 1 root root 2798 Feb 2 2016 pxp-agent
515-rwxr-xr-x 1 root root 6120 Oct 15 2012 rc
516-rwxr-xr-x 1 root root 782 Oct 15 2012 rc.local
517-rwxr-xr-x 1 root root 117 Oct 15 2012 rcS
518-rwxr-xr-x 1 root root 639 Oct 15 2012 reboot
519-rwxr-xr-x 1 root root 1074 Jul 14 2013 rmnologin
520-rwxr-xr-x 1 root root 2344 Sep 20 2015 rpcbind
521-rwxr-xr-x 1 root root 4395 Dec 2 2012 rsync
522-rwxr-xr-x 1 root root 3054 Oct 7 2014 rsyslog
523-rwxr-xr-x 1 root root 3200 Oct 15 2012 sendsigs
524-rwxr-xr-x 1 root root 590 Oct 15 2012 single
525-rw-r--r-- 1 root root 4290 Oct 15 2012 skeleton
526-rwxr-xr-x 1 root root 3881 Jan 13 2016 ssh
527-rwxr-xr-x 1 root root 714 Jan 5 2016 sudo
528-rwxr-xr-x 1 root root 8827 Nov 8 2012 udev
529-rwxr-xr-x 1 root root 1179 Aug 19 2012 udev-mtab
530-rwxr-xr-x 1 root root 2721 Apr 9 2013 umountfs
531-rwxr-xr-x 1 root root 2195 Apr 9 2013 umountnfs.sh
532-rwxr-xr-x 1 root root 1122 Oct 15 2012 umountroot
533-rwxr-xr-x 1 root root 3397 Nov 19 06:47 unreal
534-rwxr-xr-x 1 root root 3111 Oct 15 2012 urandom
535-rwxr-xr-x 1 root root 15796 Mar 8 2016 vboxadd
536-rwxr-xr-x 1 root root 4535 Mar 8 2016 vboxadd-service
537-rwxr-xr-x 1 root root 22252 Mar 8 2016 vboxadd-x11
538-rwxr-xr-x 1 root root 2666 Mar 2 2012 x11-common
539
540/etc/init/ config file permissions:\e[00m
541total 48
542drwxr-xr-x 2 root root 4096 Mar 8 2016 .
543drwxr-xr-x 81 root root 4096 Jan 3 08:08 ..
544-rw-r--r-- 1 root root 523 Mar 14 2013 network-interface-container.conf
545-rw-r--r-- 1 root root 1603 Mar 14 2013 network-interface-security.conf
546-rw-r--r-- 1 root root 803 Mar 14 2013 network-interface.conf
547-rw-r--r-- 1 root root 1898 Mar 14 2013 networking.conf
548-rw-r--r-- 1 root root 567 Feb 23 2013 startpar-bridge.conf
549-rw-r--r-- 1 root root 637 Nov 4 2012 udev-fallback-graphics.conf
550-rw-r--r-- 1 root root 769 Nov 4 2012 udev-finish.conf
551-rw-r--r-- 1 root root 322 Nov 4 2012 udev.conf
552-rw-r--r-- 1 root root 356 Nov 4 2012 udevmonitor.conf
553-rw-r--r-- 1 root root 352 Nov 4 2012 udevtrigger.conf
554
555-e \e[00;31m[-] /lib/systemd/* config file permissions:\e[00m
556/lib/systemd/:
557total 4.0K
558drwxr-xr-x 6 root root 4.0K Nov 19 06:41 system
559
560/lib/systemd/system:
561total 64K
562drwxr-xr-x 2 root root 4.0K Nov 19 06:41 dbus.target.wants
563drwxr-xr-x 2 root root 4.0K Nov 19 06:41 multi-user.target.wants
564drwxr-xr-x 2 root root 4.0K Nov 19 06:41 sockets.target.wants
565drwxr-xr-x 2 root root 4.0K Mar 8 2016 basic.target.wants
566-rw-r--r-- 1 root root 282 Jan 5 2016 sudo.service
567-rw-r--r-- 1 root root 353 Feb 9 2015 dbus.service
568-rw-r--r-- 1 root root 106 Feb 9 2015 dbus.socket
569-rw-r--r-- 1 root root 190 Oct 7 2014 rsyslog.service
570-rw-r--r-- 1 root root 164 Apr 28 2013 udev-control.socket
571-rw-r--r-- 1 root root 177 Apr 28 2013 udev-kernel.socket
572-rw-r--r-- 1 root root 752 Apr 28 2013 udev-settle.service
573-rw-r--r-- 1 root root 291 Apr 28 2013 udev-trigger.service
574-rw-r--r-- 1 root root 384 Apr 28 2013 udev.service
575-rw-r--r-- 1 root root 155 Apr 15 2013 acpid.service
576-rw-r--r-- 1 root root 115 Apr 15 2013 acpid.socket
577-rw-r--r-- 1 root root 188 Dec 2 2012 rsync.service
578
579/lib/systemd/system/dbus.target.wants:
580total 0
581lrwxrwxrwx 1 root root 14 Feb 9 2015 dbus.socket -> ../dbus.socket
582
583/lib/systemd/system/multi-user.target.wants:
584total 0
585lrwxrwxrwx 1 root root 15 Feb 9 2015 dbus.service -> ../dbus.service
586
587/lib/systemd/system/sockets.target.wants:
588total 0
589lrwxrwxrwx 1 root root 14 Feb 9 2015 dbus.socket -> ../dbus.socket
590lrwxrwxrwx 1 root root 22 Apr 28 2013 udev-control.socket -> ../udev-control.socket
591lrwxrwxrwx 1 root root 21 Apr 28 2013 udev-kernel.socket -> ../udev-kernel.socket
592
593/lib/systemd/system/basic.target.wants:
594total 0
595lrwxrwxrwx 1 root root 23 Apr 28 2013 udev-trigger.service -> ../udev-trigger.service
596lrwxrwxrwx 1 root root 15 Apr 28 2013 udev.service -> ../udev.service
597-e
598
599-e \e[00;33m### SOFTWARE #############################################\e[00m
600-e \e[00;31m[-] Sudo version:\e[00m
601Sudo version 1.8.5p2
602-e
603
604-e \e[00;31m[-] Apache version:\e[00m
605Server version: Apache/2.2.22 (Debian)
606Server built: May 30 2018 12:49:05
607-e
608
609-e \e[00;31m[-] Apache user configuration:\e[00m
610APACHE_RUN_USER=www-data
611APACHE_RUN_GROUP=www-data
612-e
613
614-e \e[00;31m[-] Installed Apache modules:\e[00m
615Loaded Modules:
616 core_module (static)
617 log_config_module (static)
618 logio_module (static)
619 version_module (static)
620 mpm_prefork_module (static)
621 http_module (static)
622 so_module (static)
623 alias_module (shared)
624 auth_basic_module (shared)
625 authn_alias_module (shared)
626 authn_file_module (shared)
627 authz_default_module (shared)
628 authz_groupfile_module (shared)
629 authz_host_module (shared)
630 authz_user_module (shared)
631 autoindex_module (shared)
632 cgi_module (shared)
633 dav_module (shared)
634 dav_fs_module (shared)
635 deflate_module (shared)
636 dir_module (shared)
637 env_module (shared)
638 mime_module (shared)
639 negotiation_module (shared)
640 reqtimeout_module (shared)
641 setenvif_module (shared)
642 status_module (shared)
643
644INTERESTING FILES ####################################\e[00m
645-e \e[00;31m[-] Useful file locations:\e[00m
646/bin/nc
647/bin/netcat
648/usr/bin/wget
649/usr/bin/nmap
650/usr/bin/gcc
651/usr/bin/curl
652
653Installed compilers:\e[00m
654ii g++ 4:4.7.2-1 i386 GNU C++ compiler
655ii g++-4.7 4.7.2-5 i386 GNU C++ compiler
656ii gcc 4:4.7.2-1 i386 GNU C compiler
657ii gcc-4.6 4.6.3-14 i386 GNU C compiler
658ii gcc-4.7 4.7.2-5 i386 GNU C compiler
659ii gcc-4.7-multil 4.7.2-5 i386 GNU C compiler (multilib files)
660ii gcc-multilib 4:4.7.2-1 i386 GNU C compiler (multilib files)
661-e
662
663Can we read/write sensitive files:\e[00m
664-rw-r--r-- 1 root root 1123 Nov 19 06:48 /etc/passwd
665-rw-r--r-- 1 root root 617 Nov 19 06:48 /etc/group
666-rw-r--r-- 1 root root 851 Jul 29 2011 /etc/profile
667-rw-r----- 1 root shadow 920 Nov 19 10:03 /etc/shadow
668-e
669
670SUID files:\e[00m
671-rwsr-xr-x 1 root root 84532 May 21 2013 /sbin/mount.nfs
672-rwsr-xr-x 1 root root 31104 Apr 12 2011 /bin/ping
673-rwsr-xr-x 1 root root 88744 Dec 9 2012 /bin/mount
674-rwsr-xr-x 1 root root 35200 May 25 2012 /bin/su
675-rwsr-xr-x 1 root root 67704 Dec 9 2012 /bin/umount
676-rwsr-xr-x 1 root root 35252 Apr 12 2011 /bin/ping6
677-rwsr-xr-x 1 root root 937532 Jul 20 2014 /usr/sbin/exim4
678-rwsr-xr-x 1 root root 66196 May 25 2012 /usr/bin/gpasswd
679-rwsr-sr-x 1 root mail 83912 Sep 4 2014 /usr/bin/procmail
680-rwsrwxrwx 1 root root 1794608 Jul 17 2017 /usr/bin/vim.basic
681-rwsr-xr-x 1 root root 45396 May 25 2012 /usr/bin/passwd
682-rwsr-xr-x 2 root root 119172 Jan 5 2016 /usr/bin/sudoedit
683-rwsr-sr-x 1 daemon daemon 50652 Oct 3 2014 /usr/bin/at
684-rwsrwxrwx 1 root root 730004 Jul 17 2017 /usr/bin/vim.tiny
685-rwsr-xr-x 1 root root 30880 May 25 2012 /usr/bin/newgrp
686-rwsr-xr-x 1 root root 35892 May 25 2012 /usr/bin/chsh
687-rwsr-xr-x 1 root root 1952884 Aug 15 2013 /usr/bin/nmap
688-rwsr-xr-x 2 root root 119172 Jan 5 2016 /usr/bin/sudo
689-rwsr-xr-x 1 root root 44564 May 25 2012 /usr/bin/chfn
690-rwsr-xr-- 1 root messagebus 321692 Feb 9 2015 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
691-rwsr-xr-x 1 root root 9660 Jun 19 2017 /usr/lib/pt_chown
692-rwsr-xr-x 1 root root 5412 Dec 23 2012 /usr/lib/eject/dmcrypt-get-device
693-rwsr-xr-x 1 root root 248036 Jan 13 2016 /usr/lib/openssh/ssh-keysign
694
695-e \e[00;33m[+] Possibly interesting SUID files:\e[00m
696-rwsrwxrwx 1 root root 1794608 Jul 17 2017 /usr/bin/vim.basic
697-rwsrwxrwx 1 root root 730004 Jul 17 2017 /usr/bin/vim.tiny
698-rwsr-xr-x 1 root root 1952884 Aug 15 2013 /usr/bin/nmap
699
700World-writable SUID files:\e[00m
701-rwsrwxrwx 1 root root 1794608 Jul 17 2017 /usr/bin/vim.basic
702-rwsrwxrwx 1 root root 730004 Jul 17 2017 /usr/bin/vim.tiny
703
704World-writable SUID files owned by root:\e[00m
705-rwsrwxrwx 1 root root 1794608 Jul 17 2017 /usr/bin/vim.basic
706-rwsrwxrwx 1 root root 730004 Jul 17 2017 /usr/bin/vim.tiny
707
708SGID files:\e[00m
709-rwxr-sr-x 1 root shadow 30332 May 4 2012 /sbin/unix_chkpwd
710-rwxr-sr-x 1 root ssh 128396 Jan 13 2016 /usr/bin/ssh-agent
711-rwxr-sr-x 1 root mail 17908 Sep 4 2014 /usr/bin/lockfile
712-rwxr-sr-x 1 root mail 9768 Nov 29 2014 /usr/bin/mutt_dotlock
713-rwsr-sr-x 1 root mail 83912 Sep 4 2014 /usr/bin/procmail
714-rwxr-sr-x 1 root shadow 18168 May 25 2012 /usr/bin/expiry
715-rwxr-sr-x 1 root shadow 49364 May 25 2012 /usr/bin/chage
716-rwxr-sr-x 1 root tty 9708 Jun 11 2012 /usr/bin/bsd-write
717-rwsr-sr-x 1 daemon daemon 50652 Oct 3 2014 /usr/bin/at
718-rwxr-sr-x 1 root crontab 34760 Jul 3 2012 /usr/bin/crontab
719-rwxr-sr-x 1 root mail 13960 Dec 11 2012 /usr/bin/dotlockfile
720-rwxr-sr-x 1 root mlocate 30492 Sep 25 2010 /usr/bin/mlocate
721-rwxr-sr-x 1 root tty 18020 Dec 9 2012 /usr/bin/wall
722
723All *.conf files in /etc (recursive 1 level):\e[00m
724-rw-r--r-- 1 root root 49 Jan 3 08:08 /etc/resolv.conf
725-rw-r--r-- 1 root root 2981 Mar 8 2016 /etc/adduser.conf
726-rw-r--r-- 1 root root 475 Aug 28 2006 /etc/nsswitch.conf
727-rw-r--r-- 1 root root 956 Mar 20 2013 /etc/mke2fs.conf
728-rw-r--r-- 1 root root 34 Mar 8 2016 /etc/ld.so.conf
729-rw-r--r-- 1 root root 604 May 15 2012 /etc/deluser.conf
730-rw-r--r-- 1 root root 214 May 11 2013 /etc/idmapd.conf
731-rw-r--r-- 1 root root 9 Aug 7 2006 /etc/host.conf
732-rw-r--r-- 1 root root 859 Nov 23 2012 /etc/insserv.conf
733-rw-r--r-- 1 root root 2969 Dec 25 2012 /etc/debconf.conf
734-rw-r--r-- 1 root root 7684 Mar 8 2016 /etc/ca-certificates.conf
735-rw-r--r-- 1 root root 1988 Oct 28 2015 /etc/ntp.conf
736-rw-r--r-- 1 root root 2632 Oct 7 2014 /etc/rsyslog.conf
737-rw-r--r-- 1 root root 599 Feb 19 2009 /etc/logrotate.conf
738-rw-r--r-- 1 root root 346 Mar 30 2012 /etc/discover-modprobe.conf
739-rw-r--r-- 1 root root 834 Jun 7 2012 /etc/gssapi_mech.conf
740-rw-r--r-- 1 root root 144 Mar 8 2016 /etc/kernel-img.conf
741-rw-r--r-- 1 root root 2940 Oct 16 2014 /etc/gai.conf
742-rw-r--r-- 1 root root 284 Sep 25 2010 /etc/updatedb.conf
743-rw-r--r-- 1 root root 3173 Aug 2 2014 /etc/reportbug.conf
744-rw-r--r-- 1 root root 552 Apr 29 2012 /etc/pam.conf
745-rw-r--r-- 1 root root 1260 May 29 2008 /etc/ucf.conf
746-rw-r--r-- 1 root root 2082 May 19 2012 /etc/sysctl.conf
747
748Location and contents (if accessible) of .bash_history file(s):\e[00m
749/home/vagrant/.bash_history
750
751Location and Permissions (if accessible) of .bak file(s):\e[00m
752-rw------- 1 irc irc 497046 Nov 19 06:45 /var/lib/unreal/extras/tre.tar.gz.bak
753-rw------- 1 irc irc 467747 Nov 19 06:45 /var/lib/unreal/extras/c-ares.tar.gz.bak
754-rw------- 1 root root 617 Nov 19 06:48 /var/backups/group.bak
755-rw------- 1 root shadow 511 Nov 19 06:48 /var/backups/gshadow.bak
756-rw------- 1 root root 1123 Nov 19 06:48 /var/backups/passwd.bak
757-rw------- 1 root shadow 920 Nov 19 10:03 /var/backups/shadow.bak
758
759Any interesting mail in /var/mail:\e[00m
760total 25352
761drwxrwsr-x 2 root mail 4096 Jan 3 08:12 .
762drwxr-xr-x 12 root root 4096 Nov 19 06:44 ..
763-rw------- 1 mail mail 25917834 Jan 3 08:12 mail
764CAN COMPLETE ####################################\e[00m