System/Kernel
$ file /bin/sh ; uname -a ; cat /etc/*release
/bin/sh: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /libexec/ld.elf_so, for NetBSD 9.0, not stripped
netbsd luanne.htb 9.0 netbsd 9.0 (generic) #0: Fri Feb 14 00:06:28 UTC 2020 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
NetBSD 9.0/amd64
Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017,
2018, 2019, 2020 The NetBSD Foundation, Inc. All rights reserved.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
build information:
build date fri feb 14 00:06:28 UTC 2020
Built by builder@localhost.NetBSD.org
Build ID 202002140019Z
build settings:
DISTRIBVER = '9.0'
EXTERNAL_TOOLCHAIN = (undefined)
HAVE_GCC = '7'
HAVE_GDB = '830'
HAVE_LLVM = (undefined)
HAVE_PCC = (undefined)
INSTALLWORLDDIR = (undefined)
MACHINE = 'amd64'
MACHINE_ARCH = 'x86_64'
[...REDACTED...]NetBSD 9.0 (GENERIC)
x86_64
Networks
$ netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 10.10.10.218.65436 10.10.14.2.9999 ESTABLISHED
tcp 0 0 127.0.0.1.3000 127.0.0.1.65437 CLOSE_WAIT
tcp 0 0 127.0.0.1.65437 127.0.0.1.3000 FIN_WAIT_2
tcp 0 0 127.0.0.1.3000 127.0.0.1.65445 CLOSE_WAIT
tcp 0 0 127.0.0.1.65445 127.0.0.1.3000 FIN_WAIT_2
tcp 0 0 127.0.0.1.3000 127.0.0.1.65447 CLOSE_WAIT
tcp 0 0 127.0.0.1.65447 127.0.0.1.3000 FIN_WAIT_2
tcp 0 0 127.0.0.1.3000 *.* LISTEN
tcp 0 0 127.0.0.1.3001 *.* LISTEN
tcp 0 0 *.80 *.* LISTEN
tcp 0 0 *.22 *.* LISTEN
tcp 0 0 *.9001 *.* LISTEN
Active Internet6 connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp6 0 0 *.22 *.* LISTEN
[...REDACTED...]127.0.0.1.3000
127.0.0.1.3001
Users & Groups
$ cat /etc/passwd ; ls -la /home
root:*:0:0:Charlie &:/root:/bin/sh
toor:*:0:0:Bourne-again Superuser:/root:/bin/sh
daemon:*:1:1:The devil himself:/:/sbin/nologin
operator:*:2:5:System &:/usr/guest/operator:/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/sbin/nologin
games:*:7:13:& pseudo-user:/usr/games:/sbin/nologin
postfix:*:12:12:& pseudo-user:/var/spool/postfix:/sbin/nologin
named:*:14:14:& pseudo-user:/var/chroot/named:/sbin/nologin
ntpd:*:15:15:& pseudo-user:/var/chroot/ntpd:/sbin/nologin
sshd:*:16:16:& pseudo-user:/var/chroot/sshd:/sbin/nologin
_pflogd:*:18:18:& pseudo-user:/var/chroot/pflogd:/sbin/nologin
_rwhod:*:19:19:& pseudo-user:/var/rwho:/sbin/nologin
_proxy:*:21:21:Proxy Services:/nonexistent:/sbin/nologin
_timedc:*:22:22:& pseudo-user:/nonexistent:/sbin/nologin
_sdpd:*:23:23:& pseudo-user:/nonexistent:/sbin/nologin
_httpd:*:24:24:& pseudo-user:/var/www:/sbin/nologin
_mdnsd:*:25:25:& pseudo-user:/nonexistent:/sbin/nologin
_tests:*:26:26:& pseudo-user:/nonexistent:/sbin/nologin
_tcpdump:*:27:27:& pseudo-user:/var/chroot/tcpdump:/sbin/nologin
_tss:*:28:28:& pseudo-user:/var/tpm:/sbin/nologin
_rtadvd:*:30:30:& pseudo-user:/var/chroot/rtadvd:/sbin/nologin
_unbound:*:32:32:& pseudo-user:/var/chroot/unbound:/sbin/nologin
_nsd:*:33:33:& pseudo-user:/var/chroot/nsd:/sbin/nologin
uucp:*:66:1:UNIX-to-UNIX Copy:/nonexistent:/sbin/nologin
nobody:*:32767:39:Unprivileged user:/nonexistent:/sbin/nologin
r.michaels:*:1000:100::/home/r.michaels:/bin/ksh
nginx:*:1001:1000:NGINX server user:/var/db/nginx:/sbin/nologin
dbus:*:1002:1001:System message bus:/var/run/dbus:/sbin/nologin
total 12
drwxr-xr-x 3 root wheel 512 Sep 14 2020 .
drwxr-xr-x 21 root wheel 512 Sep 16 2020 ..
dr-xr-x--- 7 r.michaels users 512 Sep 16 2020 r.michaelsr.michaels
SUIDs
$ find / -perm -04000 -ls -type f 2>/dev/null
458245 72 -r-sr-xr-x 4 root wheel 36448 Feb 14 2020 /usr/bin/at
458245 72 -r-sr-xr-x 4 root wheel 36448 Feb 14 2020 /usr/bin/atq
458245 72 -r-sr-xr-x 4 root wheel 36448 Feb 14 2020 /usr/bin/atrm
458245 72 -r-sr-xr-x 4 root wheel 36448 Feb 14 2020 /usr/bin/batch
458272 68 -r-sr-xr-x 3 root wheel 32872 Feb 14 2020 /usr/bin/chfn
458272 68 -r-sr-xr-x 3 root wheel 32872 Feb 14 2020 /usr/bin/chpass
458272 68 -r-sr-xr-x 3 root wheel 32872 Feb 14 2020 /usr/bin/chsh
458288 100 -r-sr-xr-x 1 root wheel 50064 Feb 14 2020 /usr/bin/crontab
458383 40 -r-sr-xr-x 1 root wheel 20104 Feb 14 2020 /usr/bin/lock
458385 64 -r-sr-xr-x 1 root wheel 32128 Feb 14 2020 /usr/bin/login
458389 64 -r-sr-sr-x 1 root daemon 31904 Feb 14 2020 /usr/bin/lpq
458390 76 -r-sr-sr-x 1 root daemon 37008 Feb 14 2020 /usr/bin/lpr
458391 84 -r-sr-sr-x 1 root daemon 40984 Feb 14 2020 /usr/bin/lprm
458423 40 -r-sr-xr-x 1 root wheel 19472 Feb 14 2020 /usr/bin/newgrp
458433 76 -r-sr-xr-x 2 root wheel 38160 Feb 14 2020 /usr/bin/passwd
458467 52 -r-sr-xr-x 1 root wheel 25896 Feb 14 2020 /usr/bin/rlogin
458498 28 -r-sr-xr-x 1 root wheel 14216 Feb 14 2020 /usr/bin/skeyinfo
458499 48 -r-sr-xr-x 1 root wheel 24024 Feb 14 2020 /usr/bin/skeyinit
458513 56 -r-sr-xr-x 1 root wheel 26640 Feb 14 2020 /usr/bin/su
458433 76 -r-sr-xr-x 2 root wheel 38160 Feb 14 2020 /usr/bin/yppasswd
481802 44 -r-sr-xr-x 1 root wheel 20720 Feb 14 2020 /usr/libexec/mail.local
481815 148 -r-sr-xr-x 1 root wheel 74536 Feb 14 2020 /usr/libexec/ssh-keysign
481820 32 -r-sr-xr-x 1 root wheel 15416 Feb 14 2020 /usr/libexec/utmp_update
481892 68 -r-sr-sr-x 1 root authpf 34296 Feb 14 2020 /usr/sbin/authpf
482016 64 -r-sr-xr-x 1 root wheel 31240 Feb 14 2020 /usr/sbin/mrinfo
482019 92 -r-sr-xr-x 1 root wheel 45336 Feb 14 2020 /usr/sbin/mtrace
482068 736 -r-sr-xr-x 1 root wheel 354176 Feb 14 2020 /usr/sbin/pppd
482132 40 -r-sr-xr-x 1 root wheel 20136 Feb 14 2020 /usr/sbin/sliplogin
482153 76 -r-sr-xr-x 1 root wheel 37336 Feb 14 2020 /usr/sbin/traceroute
482154 60 -r-sr-xr-x 1 root wheel 30528 Feb 14 2020 /usr/sbin/traceroute6
507862 68 -r-s--x--x 1 root wheel 33912 Jul 17 2020 /usr/pkg/bin/doas
597634 108 -r-s--x--x 1 root dbus 53872 Sep 17 2020 /usr/pkg/libexec/dbus-daemon-launch-helper
1260187 40 -r-sr-xr-x 1 root wheel 20480 Feb 14 2020 /bin/rcmd
1420641 80 -r-sr-xr-x 1 root wheel 40576 Feb 14 2020 /sbin/ping
1420642 88 -r-sr-xr-x 1 root wheel 44536 Feb 14 2020 /sbin/ping6
1420667 52 -r-sr-xr-- 1 root operator 25440 Feb 14 2020 /sbin/shutdownSGIDs
$ find / -perm -02000 -ls -type f 2>/dev/null
458321 120 -r-xr-sr-x 1 root kmem 61120 Feb 14 2020 /usr/bin/fstat
458389 64 -r-sr-sr-x 1 root daemon 31904 Feb 14 2020 /usr/bin/lpq
458390 76 -r-sr-sr-x 1 root daemon 37008 Feb 14 2020 /usr/bin/lpr
458391 84 -r-sr-sr-x 1 root daemon 40984 Feb 14 2020 /usr/bin/lprm
458421 356 -r-xr-sr-x 1 root kmem 181808 Feb 14 2020 /usr/bin/netstat
458441 96 -r-xr-sr-x 1 root kmem 47896 Feb 14 2020 /usr/bin/pmap
458515 368 -r-xr-sr-x 2 root kmem 188072 Feb 14 2020 /usr/bin/sysstat
458515 368 -r-xr-sr-x 2 root kmem 188072 Feb 14 2020 /usr/bin/systat
458554 140 -r-xr-sr-x 1 root kmem 70952 Feb 14 2020 /usr/bin/vmstat
458556 52 -r-xr-sr-x 1 root tty 26096 Feb 14 2020 /usr/bin/wall
458563 44 -r-xr-sr-x 1 root tty 21184 Feb 14 2020 /usr/bin/write
481892 68 -r-sr-sr-x 1 root authpf 34296 Feb 14 2020 /usr/sbin/authpf
481989 92 -r-xr-sr-x 1 root daemon 46976 Feb 14 2020 /usr/sbin/lpc
482041 32 -r-xr-sr-x 1 root nvmm 15064 Feb 14 2020 /usr/sbin/nvmmctl
482056 640 -r-xr-sr-x 1 root maildrop 295096 Feb 14 2020 /usr/sbin/postdrop
482064 608 -r-xr-sr-x 1 root maildrop 294424 Feb 14 2020 /usr/sbin/postqueue
482073 92 -r-xr-sr-x 1 root kmem 45744 Feb 14 2020 /usr/sbin/pstatProcesses
$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT STARTED TIME COMMAND
root 0 0.0 0.2 0 12612 ? OKl 12:50PM 0:04.24 [system]
root 1 0.0 0.0 19848 1516 ? Is 12:50PM 0:00.01 init
root 163 0.0 0.0 32528 2292 ? Is 12:50PM 0:00.05 /usr/sbin/syslogd -s
r.michaels 185 0.0 0.0 34996 1976 ? Is 12:50PM 0:00.00 /usr/libexec/httpd -u -X -s -i 127.0.0.1 -I 3001 -L weather /home/r.michaels/devel/webapi/weather.lua -P /var/run/httpd_devel.pid -U r.michaels -b /home/r.michaels/devel/www
nginx 271 0.0 0.1 33652 3256 ? I 12:50PM 1:11.23 nginx: worker process
root 298 0.0 0.0 19704 1340 ? Is 12:50PM 0:00.00 /usr/sbin/powerd
root 299 0.0 0.0 33372 1840 ? Is 12:50PM 0:00.00 nginx: master process /usr/pkg/sbin/nginx
root 318 0.0 0.1 118356 7176 ? Il 12:50PM 0:06.58 /usr/pkg/bin/vmtoolsd
_httpd 336 0.0 0.3 119092 16468 ? Ss 12:50PM 4:28.09 /usr/pkg/bin/python3.8 /usr/pkg/bin/supervisord-3.8
root 348 0.0 0.0 75424 2940 ? Is 12:50PM 0:00.01 /usr/sbin/sshd
_httpd 350 0.0 0.0 35252 2328 ? I 3:22PM 0:00.00 /usr/libexec/httpd -u -X -s -i 127.0.0.1 -I 3000 -L weather /usr/local/webapi/weather.lua -U _httpd -b /var/www
_httpd 376 0.0 0.0 34952 1996 ? Is 12:50PM 0:00.02 /usr/libexec/httpd -u -X -s -i 127.0.0.1 -I 3000 -L weather /usr/local/webapi/weather.lua -U _httpd -b /var/www
root 402 0.0 0.0 20220 1668 ? Is 12:50PM 0:00.03 /usr/sbin/cron
[...REDACTED...]
root 423 0.0 0.0 19784 1584 ttyE0 Is+ 12:50PM 0:00.00 /usr/libexec/getty Pc constty
root 421 0.0 0.0 19780 1584 ttyE1 Is+ 12:50PM 0:00.00 /usr/libexec/getty Pc ttyE1
root 388 0.0 0.0 19780 1584 ttyE2 Is+ 12:50PM 0:00.00 /usr/libexec/getty Pc ttyE2
root 433 0.0 0.0 19780 1584 ttyE3 Is+ 12:50PM 0:00.00 /usr/libexec/getty Pc ttyE3 /usr/libexec/httpd -u -X -s -i 127.0.0.1 -I 3001 -L weather /home/r.michaels/devel/webapi/weather.lua -P /var/run/httpd_devel.pid -U r.michaels -b /home/r.michaels/devel/www
/usr/sbin/cron
Cron & Systemd
$ crontab -l
crontab: no crontab for `_httpd'Sudo Version
n/aGlibc Version
n/a