System/Kernel
bash-4.2$ file /bin/bash ; uname -a ; cat /etc/*release
/bin/bash: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=9223530b1aa05d3dbea7e72738b28b1e9d82fbad, stripped
linux networked.htb 3.10.0-957.21.3.el7.x86_64 #1 smp tue jun 18 16:35:19 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
CentOS Linux release 7.6.1810 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
cpe_name="cpe:/o:centos:centos:7"
home_url="https://www.centos.org/"
bug_report_url="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
CentOS Linux release 7.6.1810 (Core)
CentOS Linux release 7.6.1810 (Core)
3.10.0-957.21.3.el7.x86_64
CentOS Linux 7 (Core)
x86_64
Networks
bash-4.2$ ss -tunlp4
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 10 127.0.0.1:25 *:* 127.0.0.1:25
Users & Groups
bash-4.2$ cat /etc/passwd ; ls -lasht /home
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
guly:x:1000:1000:guly:/home/guly:/bin/bash
saslauth:x:998:76:Saslauthd user:/run/saslauthd:/sbin/nologin
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
total 8.0K
4.0k drwxr-xr-x. 17 root root 4.0k sep 7 13:05 ..
4.0k drwxr-xr-x. 2 guly guly 4.0k sep 6 15:57 guly
0 drwxr-xr-x. 3 root root 18 Jul 2 2019 .guly
SUIDs
bash-4.2$ find / -perm -04000 -ls -type f 2>/dev/null
12733809 60 -rwsr-x--- 1 root dbus 58024 Mar 14 2019 /usr/libexec/dbus-1/dbus-daemon-launch-helper
12733813 16 -rwsr-xr-x 1 root root 15512 Mar 8 2019 /usr/lib/polkit-1/polkit-agent-helper-1
8454014 12 -rwsr-xr-x 1 root root 11216 Apr 11 2018 /usr/sbin/pam_timestamp_check
8455968 36 -rwsr-xr-x 1 root root 36280 Apr 11 2018 /usr/sbin/unix_chkpwd
8506249 12 -rwsr-xr-x 1 root root 11376 Oct 30 2018 /usr/sbin/usernetctl
13005101 64 -rwsr-xr-x 1 root root 64328 Mar 14 2019 /usr/bin/chage
13005102 80 -rwsr-xr-x 1 root root 78272 Mar 14 2019 /usr/bin/gpasswd
13005104 44 -rwsr-xr-x 1 root root 41872 Mar 14 2019 /usr/bin/newgrp
13154592 24 -rws--x--x 1 root root 24048 Mar 14 2019 /usr/bin/chfn
13154595 24 -rws--x--x 1 root root 23960 Mar 14 2019 /usr/bin/chsh
13218952 24 -rwsr-xr-x 1 root root 23656 Mar 8 2019 /usr/bin/pkexec
13218966 60 -rwsr-xr-x 1 root root 57664 Nov 20 2018 /usr/bin/crontab
13219002 44 -rwsr-xr-x 1 root root 44320 Mar 14 2019 /usr/bin/mount
13240233 32 -rwsr-xr-x 1 root root 32208 Mar 14 2019 /usr/bin/su
13252005 32 -rwsr-xr-x 1 root root 32048 Mar 14 2019 /usr/bin/umount
13389159 144 ---s--x--x 1 root root 147392 Oct 31 2018 /usr/bin/sudo
13389167 28 -rwsr-xr-x 1 root root 27832 Jun 10 2014 /usr/bin/passwd
13393458 32 -rwsr-xr-x 1 root root 32096 Oct 30 2018 /usr/bin/fusermount/usr/bin/pkexec
/usr/bin/crontab
SGIDs
bash-4.2$ bash-4.2$ find / -perm -02000 -ls -type f 2>/dev/null
1227210 460 ---x--s--x 1 root ssh_keys 469880 Apr 11 2018 /usr/libexec/openssh/ssh-keysign
487816 12 -rwx--s--x 1 root utmp 11192 Jun 10 2014 /usr/libexec/utempter/utempter
8431456 820 -rwxr-sr-x 1 root smmsp 836936 Aug 3 2017 /usr/sbin/sendmail.sendmail
8506244 8 -rwxr-sr-x 1 root root 7208 Oct 30 2018 /usr/sbin/netreport
8733348 216 -rwxr-sr-x 1 root postdrop 218632 Oct 30 2018 /usr/sbin/postdrop
8733355 256 -rwxr-sr-x 1 root postdrop 260112 Oct 30 2018 /usr/sbin/postqueue
13066852 16 -r-xr-sr-x 1 root tty 15344 Jun 10 2014 /usr/bin/wall
13252011 20 -rwxr-sr-x 1 root tty 19624 Mar 14 2019 /usr/bin/write
13296146 20 -rwxr-sr-x 1 root mail 19824 Nov 28 2017 /usr/bin/lockfile
13371090 376 ---x--s--x 1 root nobody 382240 Apr 11 2018 /usr/bin/ssh-agent
9184 0 drwxr-sr-x 3 root systemd-journal 60 jan 27 15:05 /run/log/journal
9185 0 drwxr-s--- 2 root systemd-journal 60 jan 27 15:05 /run/log/journal/e1a6ab0dceb44da38dac3494ad76813dProcesses
bash-4.2$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 51564 3732 ? Ss 15:05 0:02 /usr/lib/systemd/systemd --switched-root --system --deserialize 22
root 3031 0.0 0.3 37116 3212 ? Ss 15:05 0:00 /usr/lib/systemd/systemd-journald
root 3051 0.0 0.1 190360 1360 ? Ss 15:05 0:00 /usr/sbin/lvmetad -f
root 3056 0.0 0.2 44824 2212 ? Ss 15:05 0:00 /usr/lib/systemd/systemd-udevd
root 3262 0.0 0.0 55520 912 ? S<sl 15:05 0:00 /sbin/auditd
root 3284 0.0 1.2 314852 12800 ? Ss 15:05 0:01 /usr/sbin/httpd -DFOREGROUND
root 3287 0.0 0.6 99672 6092 ? Ss 15:05 0:00 /usr/bin/VGAuthService -s
polkitd 3288 0.0 1.5 612996 15032 ? Ssl 15:05 0:00 /usr/lib/polkit-1/polkitd --no-debug
root 3289 0.1 0.7 309976 7112 ? Ssl 15:05 0:11 /usr/bin/vmtoolsd
dbus 3290 0.0 0.2 58096 2336 ? Ss 15:05 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
root 3294 0.0 0.1 26376 1764 ? Ss 15:05 0:00 /usr/lib/systemd/systemd-logind
root 3305 0.0 2.9 358288 29104 ? Ssl 15:05 0:00 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
root 3348 0.0 0.1 126284 1592 ? Ss 15:05 0:00 /usr/sbin/crond -n
root 3351 0.0 0.0 110104 872 tty1 Ss+ 15:05 0:00 /sbin/agetty --noclear tty1 linux
root 3735 0.0 1.7 573924 17124 ? Ssl 15:05 0:01 /usr/bin/python2 -Es /usr/sbin/tuned -l -P
root 3737 0.0 0.4 112864 4344 ? Ss 15:05 0:00 /usr/sbin/sshd -D
root 3739 0.0 0.6 214444 6264 ? Ssl 15:05 0:00 /usr/sbin/rsyslogd -n
root 3947 0.0 0.2 111192 2428 ? Ss 15:06 0:00 sendmail: accepting connections
smmsp 3960 0.0 0.2 106616 2124 ? Ss 15:08 0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
apache 4506 0.0 0.1 51740 1748 pts/0 R+ 18:13 0:00 ps -auxwww/usr/lib/polkit-1/polkitd --no-debug
/usr/sbin/crond -n
Cron & Systemd
bash-4.2$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for apache
SHELL=/bin/bash
path=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# For details see man 4 crontabs
# example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
NEXT LEFT LAST PASSED
sat 2023-01-28 15:20:19 CET 21h left Fri 2023-01-27 15:20:19 CET 2h 54min ago
1 timers listed.
Pass --all to see loaded but inactive timers, too.Sudo Version
bash-4.2$ sudo -V
Sudo version 1.8.23
Sudoers policy plugin version 1.8.23
Sudoers file grammar version 46
Sudoers I/O plugin version 1.8.23Sudo version 1.8.23
Glibc Version
bash-4.2$ ldd --version
ldd (GNU libc) 2.17
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (GNU libc) 2.17