Back
#########################################################
# Local Linux Enumeration & Privilege Escalation Script #
#########################################################
# www.rebootuser.com
# version 0.981
[-] Debug Info
[+] Thorough tests = Disabled
Scan started at:
Fri Nov 29 06:12:31 PST 2019
### SYSTEM ##############################################
[-] Kernel information:
Linux Valentine 3.2.0-23-generic #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012 x86 _64 x86_64 x86_64 GNU/Linux
[-] Kernel information (continued):
Linux version 3.2.0-23-generic (buildd@crested) (gcc version 4.6.3 (Ubuntu/Linar o 4.6.3-1ubuntu4) ) #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012
[-] Specific release information:
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=12.04
DISTRIB_CODENAME=precise
DISTRIB_DESCRIPTION="Ubuntu 12.04 LTS"
[-] Hostname:
Valentine
### USER/GROUP ##########################################
[-] Current user/group info:
uid=1000(hype) gid=1000(hype) groups=1000(hype),24(cdrom),30(dip),46(plugdev),12 4(sambashare)
[-] Users that have previously logged onto the system:
Username Port From Latest
root tty1 Fri Feb 16 14:38:30 -0800 2018
hype pts/0 10.10.14.34 Fri Nov 29 05:55:27 -0800 2019
[-] Who else is logged on:
06:12:31 up 21:15, 1 user, load average: 0.10, 0.12, 0.12
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
hype pts/0 10.10.14.34 05:55 2.00s 0.27s 0.00s /bin/bash ./Lin
[-] Group memberships:
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(libuuid) gid=101(libuuid) groups=101(libuuid)
uid=101(syslog) gid=103(syslog) groups=103(syslog)
uid=102(messagebus) gid=105(messagebus) groups=105(messagebus)
uid=103(colord) gid=108(colord) groups=108(colord)
uid=104(lightdm) gid=111(lightdm) groups=111(lightdm)
uid=105(whoopsie) gid=114(whoopsie) groups=114(whoopsie)
uid=106(avahi-autoipd) gid=117(avahi-autoipd) groups=117(avahi-autoipd)
uid=107(avahi) gid=118(avahi) groups=118(avahi)
uid=108(usbmux) gid=46(plugdev) groups=46(plugdev)
uid=109(kernoops) gid=65534(nogroup) groups=65534(nogroup)
uid=110(pulse) gid=119(pulse) groups=119(pulse),29(audio)
uid=111(rtkit) gid=122(rtkit) groups=122(rtkit)
uid=112(speech-dispatcher) gid=29(audio) groups=29(audio)
uid=113(hplip) gid=7(lp) groups=7(lp)
uid=114(saned) gid=123(saned) groups=123(saned)
uid=1000(hype) gid=1000(hype) groups=1000(hype),24(cdrom),30(dip),46(plugdev),12 4(sambashare)
uid=115(sshd) gid=65534(nogroup) groups=65534(nogroup)
[-] Contents of /etc/passwd:
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
messagebus:x:102:105::/var/run/dbus:/bin/false
colord:x:103:108:colord colour management daemon,,,:/var/lib/colord:/bin/false
lightdm:x:104:111:Light Display Manager:/var/lib/lightdm:/bin/false
whoopsie:x:105:114::/nonexistent:/bin/false
avahi-autoipd:x:106:117:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false
avahi:x:107:118:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
usbmux:x:108:46:usbmux daemon,,,:/home/usbmux:/bin/false
kernoops:x:109:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false
pulse:x:110:119:PulseAudio daemon,,,:/var/run/pulse:/bin/false
rtkit:x:111:122:RealtimeKit,,,:/proc:/bin/false
speech-dispatcher:x:112:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/ sh
hplip:x:113:7:HPLIP system user,,,:/var/run/hplip:/bin/false
saned:x:114:123::/home/saned:/bin/false
hype:x:1000:1000:Hemorrhage,,,:/home/hype:/bin/bash
sshd:x:115:65534::/var/run/sshd:/usr/sbin/nologin
[-] Super user account(s):
root
[-] Are permissions on /home directories lax:
total 12K
drwxr-xr-x 3 root root 4.0K Dec 11 2017 .
drwxr-xr-x 26 root root 4.0K Feb 6 2018 ..
drwxr-xr-x 21 hype hype 4.0K Feb 5 2018 hype
[-] Root is allowed to login via SSH:
PermitRootLogin yes
### ENVIRONMENTAL #######################################
[-] Environment information:
SHELL=/bin/bash
TERM=xterm
XDG_SESSION_COOKIE=c9052f1b76300a5447f46cc700000004-1575035727.340551-1370220348
SSH_CLIENT=10.10.14.34 46088 22
SSH_TTY=/dev/pts/0
USER=hype
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
MAIL=/var/mail/hype
PWD=/tmp
LANG=en_US.UTF-8
HOME=/home/hype
SHLVL=2
LOGNAME=hype
SSH_CONNECTION=10.10.14.34 46088 10.10.10.79 22
LESSOPEN=| /usr/bin/lesspipe %s
LESSCLOSE=/usr/bin/lesspipe %s %s
_=/usr/bin/env
[-] Path information:
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
drwxr-xr-x 2 root root 4096 Dec 11 2017 /bin
drwxr-xr-x 2 root root 4096 Feb 16 2018 /sbin
drwxr-xr-x 2 root root 36864 Feb 16 2018 /usr/bin
drwxr-xr-x 2 root root 4096 Apr 25 2012 /usr/games
drwxr-xr-x 2 root root 4096 Apr 25 2012 /usr/local/bin
drwxr-xr-x 2 root root 4096 Apr 25 2012 /usr/local/sbin
drwxr-xr-x 2 root root 12288 Feb 16 2018 /usr/sbin
[-] Available shells:
# /etc/shells: valid login shells
/bin/sh
/bin/dash
/bin/bash
/bin/rbash
/usr/bin/tmux
[-] Current umask value:
0002
u=rwx,g=rwx,o=rx
[-] umask value as specified in /etc/login.defs:
UMASK 022
[-] Password and storage information:
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
ENCRYPT_METHOD SHA512
### JOBS/TASKS ##########################################
[-] Cron jobs:
-rw-r--r-- 1 root root 722 Apr 2 2012 /etc/crontab
/etc/cron.d:
total 28
drwxr-xr-x 2 root root 4096 Dec 11 2017 .
drwxr-xr-x 132 root root 12288 Nov 28 08:56 ..
-rw-r--r-- 1 root root 288 Jun 20 2010 anacron
-rw-r--r-- 1 root root 544 Feb 13 2017 php5
-rw-r--r-- 1 root root 102 Apr 2 2012 .placeholder
/etc/cron.daily:
total 84
drwxr-xr-x 2 root root 4096 Dec 11 2017 .
drwxr-xr-x 132 root root 12288 Nov 28 08:56 ..
-rwxr-xr-x 1 root root 311 Jun 20 2010 0anacron
-rwxr-xr-x 1 root root 633 Jul 15 2016 apache2
-rwxr-xr-x 1 root root 219 Apr 10 2012 apport
-rwxr-xr-x 1 root root 15399 Apr 20 2012 apt
-rwxr-xr-x 1 root root 502 Mar 31 2012 bsdmainutils
-rwxr-xr-x 1 root root 256 Apr 12 2012 dpkg
-rwxr-xr-x 1 root root 372 Oct 4 2011 logrotate
-rwxr-xr-x 1 root root 1365 Mar 31 2012 man-db
-rwxr-xr-x 1 root root 606 Aug 17 2011 mlocate
-rwxr-xr-x 1 root root 249 Apr 8 2012 passwd
-rw-r--r-- 1 root root 102 Apr 2 2012 .placeholder
-rwxr-xr-x 1 root root 2417 Jul 1 2011 popularity-contest
-rwxr-xr-x 1 root root 2947 Apr 2 2012 standard
-rwxr-xr-x 1 root root 214 Apr 19 2012 update-notifier-common
/etc/cron.hourly:
total 20
drwxr-xr-x 2 root root 4096 Apr 25 2012 .
drwxr-xr-x 132 root root 12288 Nov 28 08:56 ..
-rw-r--r-- 1 root root 102 Apr 2 2012 .placeholder
/etc/cron.monthly:
total 24
drwxr-xr-x 2 root root 4096 Apr 25 2012 .
drwxr-xr-x 132 root root 12288 Nov 28 08:56 ..
-rwxr-xr-x 1 root root 313 Jun 20 2010 0anacron
-rw-r--r-- 1 root root 102 Apr 2 2012 .placeholder
/etc/cron.weekly:
total 32
drwxr-xr-x 2 root root 4096 Apr 25 2012 .
drwxr-xr-x 132 root root 12288 Nov 28 08:56 ..
-rwxr-xr-x 1 root root 312 Jun 20 2010 0anacron
-rwxr-xr-x 1 root root 730 Dec 30 2011 apt-xapian-index
-rwxr-xr-x 1 root root 907 Mar 31 2012 man-db
-rw-r--r-- 1 root root 102 Apr 2 2012 .placeholder
[-] Crontab contents:
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --repor t /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --repor t /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --repor t /etc/cron.monthly )
#
[-] Anacron jobs and associated file permissions:
-rw-r--r-- 1 root root 395 Jun 20 2010 /etc/anacrontab
# /etc/anacrontab: configuration file for anacron
# See anacron(8) and anacrontab(5) for details.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# These replace cron's entries
1 5 cron.daily nice run-parts --report /etc/cron.daily
7 10 cron.weekly nice run-parts --report /etc/cron.weekly
@monthly 15 cron.monthly nice run-parts --report /etc/cron.monthly
[-] When were jobs last executed (/var/spool/anacron contents):
total 20
drwxr-xr-x 2 root root 4096 Dec 11 2017 .
drwxr-xr-x 8 root root 4096 Apr 25 2012 ..
-rw------- 1 root root 9 Nov 28 09:18 cron.daily
-rw------- 1 root root 9 Nov 28 09:18 cron.monthly
-rw------- 1 root root 9 Nov 28 09:18 cron.weekly
### NETWORKING ##########################################
[-] Network and IP info:
eth0 Link encap:Ethernet HWaddr 00:50:56:b9:08:da
inet addr:10.10.10.79 Bcast:10.10.10.255 Mask:255.255.255.0
inet6 addr: dead:beef::250:56ff:feb9:8da/64 Scope:Global
inet6 addr: fe80::250:56ff:feb9:8da/64 Scope:Link
inet6 addr: dead:beef::f427:f95c:83ef:ea64/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:572676 errors:0 dropped:40 overruns:0 frame:0
TX packets:447135 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:154441982 (154.4 MB) TX bytes:243854683 (243.8 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12674 errors:0 dropped:0 overruns:0 frame:0
TX packets:12674 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2717950 (2.7 MB) TX bytes:2717950 (2.7 MB)
[-] ARP history:
? (10.10.10.2) at 00:50:56:b9:f9:ab [ether] on eth0
[-] Nameserver(s):
nameserver 8.8.8.8
[-] Default route:
default 10.10.10.2 0.0.0.0 UG 100 0 0 eth0
[-] Listening TCP:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::80 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
tcp6 0 0 :::443 :::* LISTEN -
[-] Listening UDP:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 0.0.0.0:32860 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp6 0 0 :::58966 :::* -
udp6 0 0 :::5353 :::* -
### SERVICES #############################################
[-] Running processes:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 24424 2420 ? Ss Nov28 0:01 /sbin/init
root 2 0.0 0.0 0 0 ? S Nov28 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S Nov28 0:04 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S Nov28 0:00 [kworker/u:0]
root 6 0.0 0.0 0 0 ? S Nov28 0:00 [migration/0]
root 7 0.0 0.0 0 0 ? S Nov28 0:00 [watchdog/0]
root 8 0.0 0.0 0 0 ? S< Nov28 0:00 [cpuset]
root 9 0.0 0.0 0 0 ? S< Nov28 0:00 [khelper]
root 10 0.0 0.0 0 0 ? S Nov28 0:00 [kdevtmpfs]
root 11 0.0 0.0 0 0 ? S< Nov28 0:00 [netns]
root 12 0.0 0.0 0 0 ? S Nov28 0:00 [sync_supers]
root 13 0.0 0.0 0 0 ? S Nov28 0:00 [bdi-default]
root 14 0.0 0.0 0 0 ? S< Nov28 0:00 [kintegrityd]
root 15 0.0 0.0 0 0 ? S< Nov28 0:00 [kblockd]
root 16 0.0 0.0 0 0 ? S< Nov28 0:00 [ata_sff]
root 17 0.0 0.0 0 0 ? S Nov28 0:00 [khubd]
root 18 0.0 0.0 0 0 ? S< Nov28 0:00 [md]
root 19 0.0 0.0 0 0 ? S Nov28 0:00 [kworker/u:1]
root 21 0.0 0.0 0 0 ? S Nov28 0:00 [khungtaskd]
root 22 0.0 0.0 0 0 ? S Nov28 0:00 [kswapd0]
root 23 0.0 0.0 0 0 ? SN Nov28 0:00 [ksmd]
root 24 0.0 0.0 0 0 ? SN Nov28 0:00 [khugepaged]
root 25 0.0 0.0 0 0 ? S Nov28 0:00 [fsnotify_mark ]
root 26 0.0 0.0 0 0 ? S Nov28 0:00 [ecryptfs-kthr ea]
root 27 0.0 0.0 0 0 ? S< Nov28 0:00 [crypto]
root 35 0.0 0.0 0 0 ? S< Nov28 0:00 [kthrotld]
root 37 0.0 0.0 0 0 ? S Nov28 0:00 [scsi_eh_0]
root 38 0.0 0.0 0 0 ? S Nov28 0:00 [scsi_eh_1]
root 59 0.0 0.0 0 0 ? S< Nov28 0:00 [devfreq_wq]
root 160 0.0 0.0 0 0 ? S Nov28 0:00 [scsi_eh_2]
root 168 0.0 0.0 0 0 ? S< Nov28 0:00 [vmw_pvscsi_wq _2]
root 236 0.0 0.0 0 0 ? S Nov28 0:00 [jbd2/sda1-8]
root 237 0.0 0.0 0 0 ? S< Nov28 0:00 [ext4-dio-unwr it]
root 320 0.0 0.0 17224 636 ? S Nov28 0:00 upstart-udev-b ridge --daemon
root 326 0.0 0.1 21976 1804 ? Ss Nov28 0:00 /sbin/udevd -- daemon
root 537 0.0 0.1 21776 1152 ? S Nov28 0:00 /sbin/udevd -- daemon
root 538 0.0 0.1 21848 1184 ? S Nov28 0:00 /sbin/udevd -- daemon
syslog 560 0.0 0.1 249464 1632 ? Sl Nov28 0:02 rsyslogd -c5
102 587 0.0 0.1 24088 1236 ? Ss Nov28 0:00 dbus-daemon -- system --fork --activation=upstart
root 599 0.0 0.3 79036 3212 ? Ss Nov28 0:00 /usr/sbin/mode m-manager
root 605 0.0 0.1 21180 1712 ? Ss Nov28 0:00 /usr/sbin/blue toothd
avahi 617 0.0 0.1 32296 1740 ? S Nov28 0:00 avahi-daemon: running [Valentine.local]
avahi 618 0.0 0.0 32172 472 ? S Nov28 0:00 avahi-daemon: chroot helper
root 625 0.0 0.0 0 0 ? S< Nov28 0:00 [kpsmoused]
root 629 0.0 0.6 174440 6608 ? Ssl Nov28 0:00 NetworkManager
root 631 0.0 0.0 0 0 ? S< Nov28 0:00 [krfcommd]
root 658 0.0 0.3 104088 3696 ? Ss Nov28 0:00 /usr/sbin/cups d -F
root 798 0.0 0.3 203500 3888 ? Sl Nov28 0:00 /usr/lib/polic ykit-1/polkitd --no-debug
root 816 0.0 0.0 15180 424 ? S Nov28 0:00 upstart-socket -bridge --daemon
root 873 0.0 0.0 0 0 ? S Nov28 0:00 [flush-8:0]
root 929 0.0 0.2 49952 2860 ? Ss Nov28 0:00 /usr/sbin/sshd -D
root 1017 0.0 0.0 19976 980 tty4 Ss+ Nov28 0:00 /sbin/getty -8 38400 tty4
root 1026 0.0 0.0 19976 972 tty5 Ss+ Nov28 0:00 /sbin/getty -8 38400 tty5
root 1032 0.0 0.1 26416 1676 ? Ss Nov28 0:26 /usr/bin/tmux -S /.devs/dev_sess
root 1036 0.0 0.4 20652 4584 pts/14 Ss+ Nov28 0:00 -bash
root 1042 0.0 0.0 19976 976 tty2 Ss+ Nov28 0:00 /sbin/getty -8 38400 tty2
root 1043 0.0 0.0 19976 976 tty3 Ss+ Nov28 0:00 /sbin/getty -8 38400 tty3
root 1049 0.0 0.0 19976 976 tty6 Ss+ Nov28 0:00 /sbin/getty -8 38400 tty6
root 1067 0.0 0.0 4452 812 ? Ss Nov28 0:00 acpid -c /etc/ acpi/events -s /var/run/acpid.socket
root 1068 0.0 0.1 19104 1040 ? Ss Nov28 0:00 cron
daemon 1069 0.0 0.0 16900 372 ? Ss Nov28 0:00 atd
whoopsie 1077 0.0 0.5 203588 5936 ? Ssl Nov28 0:00 whoopsie
root 1118 0.0 0.4 162284 4320 ? Sl Nov28 0:57 /usr/bin/vmtoo lsd
root 1280 0.0 1.0 113124 10976 ? Ss Nov28 0:03 /usr/sbin/apac he2 -k start
root 1461 0.0 0.0 19976 972 tty1 Ss+ Nov28 0:00 /sbin/getty -8 38400 tty1
root 1618 0.0 1.0 66916 10304 ? S Nov28 0:00 /usr/lib/vmwar e-vgauth/VGAuthService -s
root 1653 0.0 0.5 510124 5472 ? Sl Nov28 0:25 //usr/lib/vmwa re-caf/pme/bin/ManagementAgentHost
root 2450 0.0 0.0 0 0 ? S Nov28 0:38 [kworker/0:2]
www-data 3071 0.0 0.8 113780 8876 ? S Nov28 0:01 /usr/sbin/apac he2 -k start
www-data 3129 0.0 0.8 113880 8608 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
root 3218 0.0 0.3 584296 3896 ? Sl Nov28 0:00 /usr/sbin/cons ole-kit-daemon --no-daemon
www-data 3816 0.0 0.8 113884 8580 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
www-data 3838 0.0 0.8 113884 8556 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
www-data 3839 0.0 0.8 113884 8572 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
www-data 3849 0.0 0.8 113884 8560 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
www-data 3851 0.0 0.8 113884 8524 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
www-data 3852 0.0 0.8 113884 8576 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
www-data 3858 0.0 0.8 113884 8564 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
www-data 3859 0.0 0.8 113884 8536 ? S Nov28 0:00 /usr/sbin/apac he2 -k start
root 6392 0.0 0.3 92220 3968 ? Ss 05:55 0:00 sshd: hype [pr iv]
hype 6536 0.0 0.1 92220 1672 ? S 05:55 0:00 sshd: hype@pts /0
hype 6537 0.0 0.8 31604 8704 pts/0 Ss 05:55 0:00 -bash
root 7187 0.0 0.0 0 0 ? S 06:06 0:00 [kworker/0:1]
root 7202 0.0 0.0 0 0 ? S 06:11 0:00 [kworker/0:0]
hype 7207 0.0 0.1 17076 1984 pts/0 S+ 06:12 0:00 /bin/bash ./Li nEnum.sh
hype 7208 0.0 0.1 17104 1552 pts/0 S+ 06:12 0:00 /bin/bash ./Li nEnum.sh
hype 7209 0.0 0.0 11356 660 pts/0 S+ 06:12 0:00 tee -a
hype 7409 0.0 0.1 17104 1236 pts/0 S+ 06:13 0:00 /bin/bash ./Li nEnum.sh
hype 7410 0.0 0.1 22352 1276 pts/0 R+ 06:13 0:00 ps aux
[-] Process binaries and associated permissions (from above list):
936K -rwxr-xr-x 1 root root 933K Apr 3 2012 /bin/bash
32K -rwxr-xr-x 1 root root 32K Mar 29 2012 /sbin/getty
160K -rwxr-xr-x 1 root root 160K Apr 16 2012 /sbin/init
136K -rwxr-xr-x 1 root root 135K Apr 5 2012 /sbin/udevd
416K -rwxr-xr-x 1 root root 413K Feb 13 2012 /usr/bin/tmux
44K -rwxr-xr-x 1 root root 44K Dec 2 2015 /usr/bin/vmtoolsd
16K -rwxr-xr-x 1 root root 15K Jan 6 2012 /usr/lib/policykit-1/polkitd
784K -rwxr-xr-x 4 root root 783K Dec 11 2017 //usr/lib/vmware-caf/pme/bin/Manag ementAgentHost
0 lrwxrwxrwx 1 root root 37 Dec 11 2017 /usr/lib/vmware-vgauth/VGAuthServi ce -> /usr/lib/vmware-tools/bin64/appLoader
0 lrwxrwxrwx 1 root root 34 Jul 15 2016 /usr/sbin/apache2 -> ../lib/apache 2/mpm-prefork/apache2
856K -rwxr-xr-x 1 root root 856K Mar 21 2012 /usr/sbin/bluetoothd
144K -rwxr-xr-x 1 root root 141K Feb 25 2012 /usr/sbin/console-kit-daemon
436K -rwxr-xr-x 1 root root 434K Apr 9 2012 /usr/sbin/cupsd
388K -rwxr-xr-x 1 root root 388K Mar 24 2012 /usr/sbin/modem-manager
508K -rwxr-xr-x 1 root root 505K Aug 11 2016 /usr/sbin/sshd
[-] /etc/init.d/ binary permissions:
total 196
drwxr-xr-x 2 root root 4096 Feb 16 2018 .
drwxr-xr-x 132 root root 12288 Nov 28 08:56 ..
lrwxrwxrwx 1 root root 21 Dec 11 2017 acpid -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 652 Jan 4 2010 acpi-support
lrwxrwxrwx 1 root root 21 Dec 11 2017 alsa-restore -> /lib/init/upstart-jo b
lrwxrwxrwx 1 root root 21 Dec 11 2017 alsa-store -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 anacron -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 7621 Feb 6 2012 apache2
-rwxr-xr-x 1 root root 4596 Apr 12 2012 apparmor
lrwxrwxrwx 1 root root 21 Dec 11 2017 apport -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 atd -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 avahi-daemon -> /lib/init/upstart-jo b
lrwxrwxrwx 1 root root 21 Dec 11 2017 bluetooth -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 2444 Apr 14 2012 bootlogd
-rwxr-xr-x 1 root root 2125 Mar 1 2011 brltty
lrwxrwxrwx 1 root root 21 Dec 11 2017 console-setup -> /lib/init/upstart-j ob
lrwxrwxrwx 1 root root 21 Dec 11 2017 cron -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 cups -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 dbus -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 dmesg -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 1242 Dec 13 2011 dns-clean
lrwxrwxrwx 1 root root 21 Dec 11 2017 failsafe-x -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 friendly-recovery -> /lib/init/upsta rt-job
-rwxr-xr-x 1 root root 1105 Apr 17 2012 grub-common
-rwxr-xr-x 1 root root 1329 Apr 14 2012 halt
lrwxrwxrwx 1 root root 21 Dec 11 2017 hostname -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 hwclock -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 hwclock-save -> /lib/init/upstart-jo b
lrwxrwxrwx 1 root root 21 Dec 11 2017 irqbalance -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 1893 Apr 18 2012 kerneloops
-rwxr-xr-x 1 root root 1293 Apr 14 2012 killprocs
-rw-r--r-- 1 root root 0 Apr 25 2012 .legacy-bootordering
lrwxrwxrwx 1 root root 21 Dec 11 2017 lightdm -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 modemmanager -> /lib/init/upstart-jo b
lrwxrwxrwx 1 root root 21 Dec 11 2017 module-init-tools -> /lib/init/upsta rt-job
-rwxr-xr-x 1 root root 2797 Feb 13 2012 networking
lrwxrwxrwx 1 root root 21 Dec 11 2017 network-interface -> /lib/init/upsta rt-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 network-interface-container -> /lib/ init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 network-interface-security -> /lib/i nit/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 network-manager -> /lib/init/upstart -job
-rwxr-xr-x 1 root root 882 Apr 14 2012 ondemand
-rwxr-xr-x 1 root root 1685 Jan 24 2012 open-vm-tools
lrwxrwxrwx 1 root root 21 Dec 11 2017 plymouth -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 plymouth-log -> /lib/init/upstart-jo b
lrwxrwxrwx 1 root root 21 Dec 11 2017 plymouth-splash -> /lib/init/upstart -job
lrwxrwxrwx 1 root root 21 Dec 11 2017 plymouth-stop -> /lib/init/upstart-j ob
lrwxrwxrwx 1 root root 21 Dec 11 2017 plymouth-upstart-bridge -> /lib/init /upstart-job
-rwxr-xr-x 1 root root 561 Feb 4 2011 pppd-dns
lrwxrwxrwx 1 root root 21 Dec 11 2017 procps -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 2180 Apr 11 2012 pulseaudio
-rwxr-xr-x 1 root root 8635 Apr 14 2012 rc
-rwxr-xr-x 1 root root 801 Apr 14 2012 rc.local
-rwxr-xr-x 1 root root 117 Apr 14 2012 rcS
-rw-r--r-- 1 root root 2427 Apr 14 2012 README
-rwxr-xr-x 1 root root 639 Apr 14 2012 reboot
lrwxrwxrwx 1 root root 21 Dec 11 2017 resolvconf -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 rfkill-restore -> /lib/init/upstart- job
lrwxrwxrwx 1 root root 21 Dec 11 2017 rfkill-store -> /lib/init/upstart-jo b
-rwxr-xr-x 1 root root 4395 Nov 8 2011 rsync
lrwxrwxrwx 1 root root 21 Dec 11 2017 rsyslog -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 2344 Dec 4 2011 saned
-rwxr-xr-x 1 root root 4321 Apr 14 2012 sendsigs
lrwxrwxrwx 1 root root 21 Dec 11 2017 setvtrgb -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 590 Apr 14 2012 single
-rw-r--r-- 1 root root 4304 Apr 14 2012 skeleton
-rwxr-xr-x 1 root root 2107 May 15 2011 speech-dispatcher
-rwxr-xr-x 1 root root 4371 Aug 11 2016 ssh
-rwxr-xr-x 1 root root 567 Apr 14 2012 stop-bootlogd
-rwxr-xr-x 1 root root 1143 Apr 14 2012 stop-bootlogd-single
-rwxr-xr-x 1 root root 700 Oct 26 2011 sudo
srw-rw---- 1 root root 0 Dec 13 2017 test
-rwxr-xr-x 1 root root 409 Dec 13 2017 tmuxer
lrwxrwxrwx 1 root root 21 Dec 11 2017 udev -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 udev-fallback-graphics -> /lib/init/ upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 udev-finish -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 udevmonitor -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 udevtrigger -> /lib/init/upstart-job
lrwxrwxrwx 1 root root 21 Dec 11 2017 ufw -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 2800 Apr 14 2012 umountfs
-rwxr-xr-x 1 root root 2211 Apr 14 2012 umountnfs.sh
-rwxr-xr-x 1 root root 2926 Apr 14 2012 umountroot
-rwxr-xr-x 1 root root 1039 Nov 9 2011 unattended-upgrades
-rwxr-xr-x 1 root root 1985 Apr 14 2012 urandom
lrwxrwxrwx 1 root root 21 Dec 11 2017 whoopsie -> /lib/init/upstart-job
-rwxr-xr-x 1 root root 2666 Mar 22 2012 x11-common
[-] /etc/init/ config file permissions:
total 332
drwxr-xr-x 2 root root 4096 Dec 11 2017 .
drwxr-xr-x 132 root root 12288 Nov 28 08:56 ..
-rw-r--r-- 1 root root 320 Dec 8 2011 acpid.conf
-rw-r--r-- 1 root root 268 Apr 3 2012 alsa-restore.conf
-rw-r--r-- 1 root root 267 Apr 3 2012 alsa-store.conf
-rw-r--r-- 1 root root 278 Jun 20 2010 anacron.conf
-rw-r--r-- 1 root root 1309 Apr 18 2012 apport.conf
-rw-r--r-- 1 root root 261 Oct 25 2011 atd.conf
-rw-r--r-- 1 root root 541 Oct 17 2011 avahi-daemon.conf
-rw-r--r-- 1 root root 1009 Mar 7 2012 bluetooth.conf
-rw-r--r-- 1 root root 266 Apr 16 2012 console.conf
-rw-r--r-- 1 root root 509 Dec 21 2010 console-setup.conf
-rw-r--r-- 1 root root 1122 Apr 16 2012 container-detect.conf
-rw-r--r-- 1 root root 356 Apr 16 2012 control-alt-delete.conf
-rw-r--r-- 1 root root 297 Apr 2 2012 cron.conf
-rw-r--r-- 1 root root 1814 Apr 9 2012 cups.conf
-rw-r--r-- 1 root root 510 Jan 10 2012 dbus.conf
-rw-r--r-- 1 root root 273 Mar 30 2012 dmesg.conf
-rw-r--r-- 1 root root 1377 Apr 16 2012 failsafe.conf
-rw-r--r-- 1 root root 380 Aug 30 2011 failsafe-x.conf
-rw-r--r-- 1 root root 267 Apr 16 2012 flush-early-job-log.conf
-rw-r--r-- 1 root root 1247 Mar 14 2012 friendly-recovery.conf
-rw-r--r-- 1 root root 317 May 26 2011 hostname.conf
-rw-r--r-- 1 root root 557 Mar 29 2012 hwclock.conf
-rw-r--r-- 1 root root 444 Mar 29 2012 hwclock-save.conf
-rw-r--r-- 1 root root 131 Apr 6 2012 hybrid-gfx.conf
-rw-r--r-- 1 root root 571 Feb 3 2012 irqbalance.conf
-rw-r--r-- 1 root root 1413 Apr 19 2012 lightdm.conf
-rw-r--r-- 1 root root 349 Mar 24 2012 modemmanager.conf
-rw-r--r-- 1 root root 367 Mar 18 2011 module-init-tools.conf
-rw-r--r-- 1 root root 943 Apr 12 2012 mountall.conf
-rw-r--r-- 1 root root 349 Apr 12 2012 mountall-net.conf
-rw-r--r-- 1 root root 261 Apr 12 2012 mountall-reboot.conf
-rw-r--r-- 1 root root 1201 Apr 12 2012 mountall-shell.conf
-rw-r--r-- 1 root root 405 Apr 12 2012 mounted-debugfs.conf
-rw-r--r-- 1 root root 550 Apr 12 2012 mounted-dev.conf
-rw-r--r-- 1 root root 480 Apr 12 2012 mounted-proc.conf
-rw-r--r-- 1 root root 610 Apr 12 2012 mounted-run.conf
-rw-r--r-- 1 root root 1890 Apr 12 2012 mounted-tmp.conf
-rw-r--r-- 1 root root 903 Apr 12 2012 mounted-var.conf
-rw-r--r-- 1 root root 388 Apr 4 2012 networking.conf
-rw-r--r-- 1 root root 803 Apr 4 2012 network-interface.conf
-rw-r--r-- 1 root root 523 Apr 4 2012 network-interface-container.conf
-rw-r--r-- 1 root root 1603 Apr 4 2012 network-interface-security.conf
-rw-r--r-- 1 root root 543 Apr 12 2012 network-manager.conf
-rw-r--r-- 1 root root 971 Nov 9 2011 plymouth.conf
-rw-r--r-- 1 root root 326 Mar 26 2010 plymouth-log.conf
-rw-r--r-- 1 root root 899 Mar 18 2011 plymouth-splash.conf
-rw-r--r-- 1 root root 800 Apr 13 2012 plymouth-stop.conf
-rw-r--r-- 1 root root 367 Jan 25 2011 plymouth-upstart-bridge.conf
-rw-r--r-- 1 root root 363 Dec 5 2011 procps.conf
-rw-r--r-- 1 root root 454 Apr 16 2012 rc.conf
-rw-r--r-- 1 root root 705 Apr 16 2012 rcS.conf
-rw-r--r-- 1 root root 1543 Apr 16 2012 rc-sysinit.conf
-rw-r--r-- 1 root root 457 Mar 29 2012 resolvconf.conf
-rw-r--r-- 1 root root 597 Mar 22 2012 rfkill-restore.conf
-rw-r--r-- 1 root root 469 Mar 22 2012 rfkill-store.conf
-rw-r--r-- 1 root root 426 Mar 30 2012 rsyslog.conf
-rw-r--r-- 1 root root 230 Mar 18 2011 setvtrgb.conf
-rw-r--r-- 1 root root 277 Apr 16 2012 shutdown.conf
-rw-r--r-- 1 root root 667 Mar 26 2013 ssh.conf
-rw-r--r-- 1 root root 348 Apr 16 2012 tty1.conf
-rw-r--r-- 1 root root 333 Apr 16 2012 tty2.conf
-rw-r--r-- 1 root root 333 Apr 16 2012 tty3.conf
-rw-r--r-- 1 root root 333 Apr 16 2012 tty4.conf
-rw-r--r-- 1 root root 232 Apr 16 2012 tty5.conf
-rw-r--r-- 1 root root 232 Apr 16 2012 tty6.conf
-rw-r--r-- 1 root root 322 Dec 16 2011 udev.conf
-rw-r--r-- 1 root root 637 Apr 4 2012 udev-fallback-graphics.conf
-rw-r--r-- 1 root root 769 Aug 22 2011 udev-finish.conf
-rw-r--r-- 1 root root 356 Sep 29 2011 udevmonitor.conf
-rw-r--r-- 1 root root 352 Apr 4 2012 udevtrigger.conf
-rw-r--r-- 1 root root 473 Apr 5 2012 ufw.conf
-rw-r--r-- 1 root root 329 Apr 16 2012 upstart-socket-bridge.conf
-rw-r--r-- 1 root root 553 Apr 16 2012 upstart-udev-bridge.conf
-rw-r--r-- 1 root root 889 Feb 3 2012 ureadahead.conf
-rw-r--r-- 1 root root 683 Feb 3 2012 ureadahead-other.conf
-r--r--r-- 1 root root 901 Dec 11 2017 vmware-tools.conf
-rw-r--r-- 1 root root 351 Dec 11 2017 vmware-tools-thinprint.conf
-rw-r--r-- 1 root root 1481 Apr 16 2012 wait-for-state.conf
-rw-r--r-- 1 root root 362 Apr 18 2012 whoopsie.conf
[-] /lib/systemd/* config file permissions:
/lib/systemd/:
total 4.0K
drwxr-xr-x 9 root root 4.0K Apr 25 2012 system
/lib/systemd/system:
total 112K
drwxr-xr-x 2 root root 4.0K Apr 25 2012 basic.target.wants
drwxr-xr-x 2 root root 4.0K Apr 25 2012 halt.target.wants
drwxr-xr-x 2 root root 4.0K Apr 25 2012 poweroff.target.wants
drwxr-xr-x 2 root root 4.0K Apr 25 2012 reboot.target.wants
drwxr-xr-x 2 root root 4.0K Apr 25 2012 dbus.target.wants
drwxr-xr-x 2 root root 4.0K Apr 25 2012 multi-user.target.wants
drwxr-xr-x 2 root root 4.0K Apr 25 2012 sockets.target.wants
-rw-r--r-- 1 root root 133 Apr 13 2012 upower.service
-rw-r--r-- 1 root root 137 Apr 12 2012 udisks.service
-rw-r--r-- 1 root root 164 Apr 5 2012 udev-control.socket
-rw-r--r-- 1 root root 177 Apr 5 2012 udev-kernel.socket
-rw-r--r-- 1 root root 341 Apr 5 2012 udev.service
-rw-r--r-- 1 root root 752 Apr 5 2012 udev-settle.service
-rw-r--r-- 1 root root 291 Apr 5 2012 udev-trigger.service
-rw-r--r-- 1 root root 231 Mar 30 2012 rsyslog.service
-rw-r--r-- 1 root root 433 Mar 27 2012 accounts-daemon.service
-rw-r--r-- 1 root root 189 Mar 21 2012 bluetooth.service
-rw-r--r-- 1 root root 432 Feb 25 2012 console-kit-daemon.service
-rw-r--r-- 1 root root 219 Feb 25 2012 console-kit-log-system-restart.service
-rw-r--r-- 1 root root 201 Feb 25 2012 console-kit-log-system-start.service
-rw-r--r-- 1 root root 218 Feb 25 2012 console-kit-log-system-stop.service
-rw-r--r-- 1 root root 419 Feb 22 2012 dbus.service
-rw-r--r-- 1 root root 106 Feb 22 2012 dbus.socket
-rw-r--r-- 1 root root 471 Feb 13 2012 colord.service
-rw-r--r-- 1 root root 1.1K Dec 17 2011 avahi-daemon.service
-rw-r--r-- 1 root root 874 Dec 17 2011 avahi-daemon.socket
-rw-r--r-- 1 root root 188 Nov 8 2011 rsync.service
-rw-r--r-- 1 root root 953 Oct 24 2011 rtkit-daemon.service
/lib/systemd/system/basic.target.wants:
total 0
lrwxrwxrwx 1 root root 39 Dec 11 2017 console-kit-log-system-start.service -> . ./console-kit-log-system-start.service
lrwxrwxrwx 1 root root 15 Dec 11 2017 udev.service -> ../udev.service
lrwxrwxrwx 1 root root 23 Dec 11 2017 udev-trigger.service -> ../udev-trigger.s ervice
/lib/systemd/system/halt.target.wants:
total 0
lrwxrwxrwx 1 root root 38 Dec 11 2017 console-kit-log-system-stop.service -> .. /console-kit-log-system-stop.service
/lib/systemd/system/poweroff.target.wants:
total 0
lrwxrwxrwx 1 root root 38 Dec 11 2017 console-kit-log-system-stop.service -> .. /console-kit-log-system-stop.service
/lib/systemd/system/reboot.target.wants:
total 0
lrwxrwxrwx 1 root root 41 Dec 11 2017 console-kit-log-system-restart.service -> ../console-kit-log-system-restart.service
/lib/systemd/system/dbus.target.wants:
total 0
lrwxrwxrwx 1 root root 14 Dec 11 2017 dbus.socket -> ../dbus.socket
/lib/systemd/system/multi-user.target.wants:
total 0
lrwxrwxrwx 1 root root 15 Dec 11 2017 dbus.service -> ../dbus.service
/lib/systemd/system/sockets.target.wants:
total 0
lrwxrwxrwx 1 root root 14 Dec 11 2017 dbus.socket -> ../dbus.socket
lrwxrwxrwx 1 root root 22 Dec 11 2017 udev-control.socket -> ../udev-control.so cket
lrwxrwxrwx 1 root root 21 Dec 11 2017 udev-kernel.socket -> ../udev-kernel.sock et
### SOFTWARE #############################################
[-] Sudo version:
Sudo version 1.8.3p1
[-] Apache version:
Server version: Apache/2.2.22 (Ubuntu)
Server built: Jul 15 2016 15:32:34
[-] Apache user configuration:
APACHE_RUN_USER=www-data
APACHE_RUN_GROUP=www-data
[-] Installed Apache modules:
Loaded Modules:
core_module (static)
log_config_module (static)
logio_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
mime_module (shared)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
setenvif_module (shared)
ssl_module (shared)
status_module (shared)
### INTERESTING FILES ####################################
[-] Useful file locations:
/bin/nc
/bin/netcat
/usr/bin/wget
/usr/bin/gcc
/usr/bin/curl
[-] Installed compilers:
ii gcc 4:4.6.3-1ubuntu5 GNU C compiler
ii gcc-4.6 4.6.3-1ubuntu5 GNU C compiler
ii libprotoc7 2.4.1-1ubuntu2 protocol buffers compiler library
ii protobuf-compiler 2.4.1-1ubuntu2 compiler for protocol buffer definition files
[-] Can we read/write sensitive files:
-rw-r--r-- 1 root root 1711 Dec 11 2017 /etc/passwd
-rw-r--r-- 1 root root 850 Feb 6 2018 /etc/group
-rw-r--r-- 1 root root 665 Apr 25 2012 /etc/profile
-rw-r----- 1 root shadow 1164 Feb 6 2018 /etc/shadow
[-] SUID files:
-rwsr-xr-x 1 root root 36832 Apr 8 2012 /bin/su
-rwsr-xr-x 1 root root 31304 Mar 2 2012 /bin/fusermount
-rwsr-xr-x 1 root root 69096 Mar 29 2012 /bin/umount
-rwsr-xr-x 1 root root 35712 Nov 8 2011 /bin/ping
-rwsr-xr-x 1 root root 40256 Nov 8 2011 /bin/ping6
-rwsr-xr-x 1 root root 94792 Mar 29 2012 /bin/mount
-rwsr-xr-- 1 root messagebus 292944 Feb 22 2012 /usr/lib/dbus-1.0/dbus-daemon-l aunch-helper
-rwsr-xr-x 1 root root 10592 Apr 19 2012 /usr/lib/pt_chown
-r-sr-xr-x 1 root root 14320 Dec 11 2017 /usr/lib/vmware-tools/bin64/vmware-use r-suid-wrapper
-r-sr-xr-x 1 root root 9532 Dec 11 2017 /usr/lib/vmware-tools/bin32/vmware-user -suid-wrapper
-rwsr-xr-x 1 root root 14696 Jan 6 2012 /usr/lib/policykit-1/polkit-agent-help er-1
-rwsr-xr-x 1 root root 10408 Dec 13 2011 /usr/lib/eject/dmcrypt-get-device
-rwsr-xr-x 1 root root 240984 Aug 11 2016 /usr/lib/openssh/ssh-keysign
-rwsr-xr-x 1 root root 23184 Jan 6 2012 /usr/bin/pkexec
-rwsr-xr-x 1 root root 71248 Jan 31 2012 /usr/bin/sudoedit
-rwsr-sr-x 1 root root 10184 Mar 22 2012 /usr/bin/X
-rwsr-xr-x 1 root root 32352 Apr 8 2012 /usr/bin/newgrp
-rwsr-xr-x 1 root lpadmin 14688 Apr 9 2012 /usr/bin/lppasswd
-rwsr-xr-x 1 root root 62400 Jul 28 2011 /usr/bin/mtr
-rwsr-xr-x 1 root root 37096 Apr 8 2012 /usr/bin/chsh
-rwsr-xr-x 1 root root 18808 Nov 8 2011 /usr/bin/arping
-rwsr-xr-x 1 root root 42824 Apr 8 2012 /usr/bin/passwd
-rwsr-xr-x 1 root root 71248 Jan 31 2012 /usr/bin/sudo
-rwsr-sr-x 1 daemon daemon 47928 Oct 25 2011 /usr/bin/at
-rwsr-xr-x 1 root root 41832 Apr 8 2012 /usr/bin/chfn
-rwsr-xr-x 1 root root 18912 Nov 8 2011 /usr/bin/traceroute6.iputils
-rwsr-xr-x 1 root root 63848 Apr 8 2012 /usr/bin/gpasswd
-rwsr-sr-x 1 libuuid libuuid 18856 Mar 29 2012 /usr/sbin/uuidd
-rwsr-xr-- 1 root dip 325744 Feb 4 2011 /usr/sbin/pppd
[-] SGID files:
-rwxr-sr-x 1 root utmp 10096 Apr 30 2011 /usr/lib/utempter/utempter
-rwxr-sr-x 1 root utmp 14864 Apr 16 2012 /usr/lib/libvte-2.90-9/gnome-pty-helpe r
-rwxr-sr-x 1 root mail 14664 Mar 30 2012 /usr/lib/evolution/camel-lock-helper-1 .2
-rwsr-sr-x 1 root root 10184 Mar 22 2012 /usr/bin/X
-rwxr-sr-x 1 root mail 14544 Oct 18 2011 /usr/bin/mail-lock
-rwxr-sr-x 1 root mail 14800 Oct 17 2011 /usr/bin/dotlockfile
-rwxr-sr-x 1 root mlocate 39472 Aug 17 2011 /usr/bin/mlocate
-rwxr-sr-x 1 root mail 14544 Oct 18 2011 /usr/bin/mail-touchlock
-rwxr-sr-x 1 root ssh 129104 Aug 11 2016 /usr/bin/ssh-agent
-rwsr-sr-x 1 daemon daemon 47928 Oct 25 2011 /usr/bin/at
-rwxr-sr-x 1 root crontab 35896 Apr 2 2012 /usr/bin/crontab
-rwxr-sr-x 1 root tty 14648 Mar 31 2012 /usr/bin/bsd-write
-rwxr-sr-x 1 root shadow 23168 Apr 8 2012 /usr/bin/expiry
-rwxr-sr-x 1 root mail 14544 Oct 18 2011 /usr/bin/mail-unlock
-rwxr-sr-x 1 root tty 18976 Mar 29 2012 /usr/bin/wall
-rwxr-sr-x 1 root shadow 50760 Apr 8 2012 /usr/bin/chage
-rwsr-sr-x 1 libuuid libuuid 18856 Mar 29 2012 /usr/sbin/uuidd
-rwxr-sr-x 1 root games 132624 Apr 17 2012 /usr/games/gnomine
-rwxr-sr-x 1 root games 149016 Apr 17 2012 /usr/games/mahjongg
-rwxr-sr-x 1 root shadow 35432 Feb 8 2012 /sbin/unix_chkpwd
[+] Files with POSIX capabilities set:
/usr/bin/gnome-keyring-daemon = cap_ipc_lock+ep
[-] Can't search *.conf files as no keyword was entered
[-] Can't search *.php files as no keyword was entered
[-] Can't search *.log files as no keyword was entered
[-] Can't search *.ini files as no keyword was entered
[-] All *.conf files in /etc (recursive 1 level):
-rw-r--r-- 1 root root 91 Dec 11 2017 /etc/kernel-img.conf
-rw-r--r-- 1 root root 321 Mar 29 2012 /etc/blkid.conf
-rw-r--r-- 1 root root 6961 Apr 25 2012 /etc/ca-certificates.conf
-rw-r--r-- 1 root root 15752 Jul 25 2009 /etc/ltrace.conf
-rw-r--r-- 1 root root 333 Dec 11 2017 /etc/updatedb.conf
-rw-r--r-- 1 root root 34 Apr 25 2012 /etc/ld.so.conf
-rw-r--r-- 1 root root 1260 May 2 2011 /etc/ucf.conf
-rw-r--r-- 1 root root 624 May 16 2010 /etc/mtools.conf
-rw-r--r-- 1 root root 956 Mar 30 2012 /etc/mke2fs.conf
-rw-r--r-- 1 root root 112 Jun 22 2007 /etc/apg.conf
-rw-r--r-- 1 root root 10333 Feb 21 2012 /etc/sensors3.conf
-rw-r--r-- 1 root root 1309 Apr 18 2012 /etc/kerneloops.conf
-rw-r--r-- 1 root root 7649 Apr 25 2012 /etc/pnm2ppa.conf
-rw-r--r-- 1 root root 2064 Nov 23 2006 /etc/netscsid.conf
-rw-r----- 1 root fuse 216 Oct 18 2011 /etc/fuse.conf
-rw-r--r-- 1 root root 2083 Dec 5 2011 /etc/sysctl.conf
-rw-r--r-- 1 root root 2969 Mar 15 2012 /etc/debconf.conf
-rw-r--r-- 1 root root 350 Dec 11 2017 /etc/popularity-contest.conf
-rw-r--r-- 1 root root 4728 Mar 24 2012 /etc/hdparm.conf
-rw-r--r-- 1 root root 599 Oct 4 2011 /etc/logrotate.conf
-rw-r--r-- 1 root root 19925 Apr 10 2012 /etc/brltty.conf
-rw-r--r-- 1 root root 1343 Jan 9 2007 /etc/wodim.conf
-rw-r--r-- 1 root root 699 Feb 13 2012 /etc/colord.conf
-rw-r--r-- 1 root root 513 Apr 25 2012 /etc/nsswitch.conf
-rw-r--r-- 1 root root 1309 Nov 28 08:56 /etc/tpvmlp.conf
-rw-r--r-- 1 root root 1263 Mar 30 2012 /etc/rsyslog.conf
-rw-r--r-- 1 root root 2981 Apr 25 2012 /etc/adduser.conf
-rw-r--r-- 1 root root 572 Mar 7 2012 /etc/usb_modeswitch.conf
-rw-r--r-- 1 root root 3343 Apr 19 2012 /etc/gai.conf
-rw-r--r-- 1 root root 92 Apr 19 2012 /etc/host.conf
-rw-r--r-- 1 root root 552 Feb 8 2012 /etc/pam.conf
-rw-r--r-- 1 root root 839 Apr 9 2012 /etc/insserv.conf
-rw-r--r-- 1 root root 604 Oct 19 2011 /etc/deluser.conf
[-] Current user's history files:
-rw------- 1 hype hype 164 Nov 28 13:10 /home/hype/.bash_history
[-] Location and contents (if accessible) of .bash_history file(s):
/home/hype/.bash_history
exit
exot
exit
ls -la
cd /
ls -la
cd .devs
ls -la
tmux -L dev_sess
tmux a -t dev_sess
tmux --help
tmux -S /.devs/dev_sess
exit
ls -l
cat Desktop/user.txt
exit
[-] Location and Permissions (if accessible) of .bak file(s):
-rw------- 1 root root 1711 Dec 11 2017 /var/backups/passwd.bak
-rw------- 1 root root 850 Feb 6 2018 /var/backups/group.bak
-rw------- 1 root shadow 702 Feb 6 2018 /var/backups/gshadow.bak
-rw------- 1 root shadow 1164 Feb 6 2018 /var/backups/shadow.bak
[-] Any interesting mail in /var/mail:
total 8
drwxrwsr-x 2 root mail 4096 Apr 25 2012 .
drwxr-xr-x 14 root root 4096 Feb 6 2018 ..
### SCAN COMPLETE ####################################
Back
