System/Kernel
www-data@driftingblues:/var/www/textpattern/files$ uname -a ; cat /etc/*release
Linux driftingblues 3.2.0-4-amd64 #1 SMP Debian 3.2.78-1 x86_64 GNU/Linux
PRETTY_NAME="Debian GNU/Linux 7 (wheezy)"
NAME="Debian GNU/Linux"
VERSION_ID="7"
VERSION="7 (wheezy)"
ID=debian
ANSI_COLOR="1;31"
HOME_URL="http://www.debian.org/"
SUPPORT_URL="http://www.debian.org/support/"
BUG_REPORT_URL="http://bugs.debian.org/"3.2.0-4-amd64x86_64Debian GNU/Linux 7 (wheezy)
Networks
www-data@driftingblues:/var/www/textpattern/files$ ip route ; arp -a
bash: line 5: arp: command not found
default via 192.168.207.254 dev eth0
192.168.207.0/24 dev eth0 proto kernel scope link src 192.168.207.219 www-data@driftingblues:/var/www/textpattern/files$ netstat -antup
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 192.168.207.219:35736 192.168.45.247:9999 ESTABLISHED 4230/sh
tcp6 0 0 :::80 :::* LISTEN -
tcp6 0 0 ::1:25 :::* LISTEN -
tcp6 0 0 192.168.207.219:80 192.168.45.247:43926 ESTABLISHED - 127.0.0.1:3306
Users & Groups
www-data@driftingblues:/var/www/textpattern/files$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
Debian-exim:x:101:103::/var/spool/exim4:/bin/false
mysql:x:102:105:MySQL Server,,,:/nonexistent:/bin/false
total 8.0K
4.0K drwxr-xr-x 2 root root 4.0K Mar 17 2021 .
4.0K drwxr-xr-x 23 root root 4.0K Mar 17 2021 ..www-data@driftingblues:/var/www/textpattern/files$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(libuuid) gid=101(libuuid) groups=101(libuuid)
uid=101(Debian-exim) gid=103(Debian-exim) groups=103(Debian-exim)
uid=102(mysql) gid=105(mysql) groups=105(mysql)SUIDs
www-data@driftingblues:/var/www/textpattern/files$ find / -perm -04000 -ls -type f 2>/dev/null | grep -v '/snap'
14034 952 -rwsr-xr-x 1 root root 973856 Mar 14 2016 /usr/sbin/exim4
551 48 -rwsr-xr-x 1 root root 46264 May 25 2012 /usr/bin/chfn
555 52 -rwsr-xr-x 1 root root 51096 May 25 2012 /usr/bin/passwd
552 44 -rwsr-xr-x 1 root root 41272 May 25 2012 /usr/bin/chsh
554 68 -rwsr-xr-x 1 root root 68024 May 25 2012 /usr/bin/gpasswd
6521 36 -rwsr-xr-x 1 root root 36432 May 25 2012 /usr/bin/newgrp
11703 12 -rwsr-xr-x 1 root root 10168 Dec 23 2012 /usr/lib/eject/dmcrypt-get-device
1463 12 -rwsr-xr-x 1 root root 10496 Feb 11 2016 /usr/lib/pt_chown
18334 240 -rwsr-xr-x 1 root root 245064 Apr 14 2016 /usr/lib/openssh/ssh-keysign
6853 36 -rwsr-xr-x 1 root root 36136 Apr 12 2011 /bin/ping
4113 96 -rwsr-xr-x 1 root root 94776 Dec 11 2012 /bin/mount
4114 68 -rwsr-xr-x 1 root root 69080 Dec 11 2012 /bin/umount
6527 36 -rwsr-xr-x 1 root root 36816 May 25 2012 /bin/su
6845 40 -rwsr-xr-x 1 root root 36896 Apr 12 2011 /bin/ping6SGIDs
www-data@driftingblues:/var/www/textpattern/files$ find / -type f -perm -02000 -ls 2>/dev/null | grep -v '/snap'
260 16 -rwxr-sr-x 1 root tty 14624 Jun 11 2012 /usr/bin/bsd-write
1041 24 -rwxr-sr-x 1 root tty 23056 Dec 11 2012 /usr/bin/wall
550 56 -rwxr-sr-x 1 root shadow 54904 May 25 2012 /usr/bin/chage
553 24 -rwxr-sr-x 1 root shadow 23312 May 25 2012 /usr/bin/expiry
5839 36 -rwxr-sr-x 1 root crontab 35880 Jul 3 2012 /usr/bin/crontab
18339 128 -rwxr-sr-x 1 root ssh 129088 Apr 14 2016 /usr/bin/ssh-agent
1814 36 -rwxr-sr-x 1 root shadow 35408 Apr 29 2012 /sbin/unix_chkpwdCapabilities
www-data@driftingblues:/var/www/textpattern/files$ getcap -r / 2>/dev/nullProcesses
www-data@driftingblues:/var/www/textpattern/files$ ps -auxwww
warning: bad ps syntax, perhaps a bogus '-'?
See http://gitorious.org/procps/procps/blobs/master/Documentation/FAQ
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 10656 816 ? Ss 11:42 0:00 init [2]
root 338 0.0 0.1 21592 1620 ? Ss 11:42 0:00 udevd --daemon
root 507 0.0 0.1 21792 1528 ? S 11:42 0:00 udevd --daemon
root 508 0.0 0.1 21588 1240 ? S 11:42 0:00 udevd --daemon
root 1916 0.0 0.1 53308 2052 ? Sl 11:42 0:00 /usr/sbin/rsyslogd -c5
root 1970 0.0 0.0 4124 656 ? Ss 11:42 0:00 /usr/sbin/acpid
root 1989 0.0 0.4 102800 4816 ? Sl 11:42 0:02 /usr/bin/vmtoolsd
root 2035 0.0 1.5 234896 15892 ? Ss 11:42 0:00 /usr/sbin/apache2 -k start
root 2084 0.0 0.1 20416 1076 ? Ss 11:42 0:00 /usr/sbin/cron
root 2134 0.0 0.0 4188 716 ? S 11:42 0:00 /bin/sh /usr/bin/mysqld_safe
mysql 2461 0.0 4.2 366168 43248 ? Sl 11:42 0:02 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306
root 2462 0.0 0.0 4096 632 ? S 11:42 0:00 logger -t mysqld -p daemon.error
101 2873 0.0 0.0 46816 996 ? Ss 11:42 0:00 /usr/sbin/exim4 -bd -q30m
root 2924 0.0 0.0 16264 952 tty1 Ss+ 11:42 0:00 /sbin/getty 38400 tty1
root 2925 0.0 0.0 16264 952 tty2 Ss+ 11:42 0:00 /sbin/getty 38400 tty2
root 2926 0.0 0.0 16264 948 tty3 Ss+ 11:42 0:00 /sbin/getty 38400 tty3
root 2927 0.0 0.0 16264 944 tty4 Ss+ 11:42 0:00 /sbin/getty 38400 tty4
root 2928 0.0 0.0 16264 952 tty5 Ss+ 11:42 0:00 /sbin/getty 38400 tty5
root 2929 0.0 0.0 16264 952 tty6 Ss+ 11:42 0:00 /sbin/getty 38400 tty6
www-data 3935 0.0 1.5 235876 15808 ? S 13:06 0:00 /usr/sbin/apache2 -k start
www-data 4230 0.0 0.0 4188 576 ? S 13:35 0:00 sh -c bash
www-data 4231 0.0 0.1 17656 1496 ? S 13:35 0:00 bash
www-data 4257 0.0 0.0 14564 792 ? S 13:43 0:00 script /dev/null -c bash
www-data 4259 0.0 0.0 4188 576 pts/0 Ss 13:43 0:00 sh -c bash
www-data 4260 0.0 0.1 17844 1936 pts/0 S 13:43 0:00 bash
www-data 4291 0.0 0.1 15316 1152 pts/0 R+ 13:44 0:00 ps -auxwwwroot 2084 0.0 0.1 20416 1076 ? Ss 11:42 0:00 /usr/sbin/cronroot 2134 0.0 0.0 4188 716 ? S 11:42 0:00 /bin/sh /usr/bin/mysqld_safemysql 2461 0.0 4.2 366168 43248 ? Sl 11:42 0:02 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306root 2462 0.0 0.0 4096 632 ? S 11:42 0:00 logger -t mysqld -p daemon.error101 2873 0.0 0.0 46816 996 ? Ss 11:42 0:00 /usr/sbin/exim4 -bd -q30m
Cron & Systemd
www-data@driftingblues:/var/www/textpattern/files$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for www-data
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
bash: systemctl: command not foundServices
www-data@driftingblues:/var/www/textpattern/files$ systemctl list-units --state=running
bash: systemctl: command not foundSudo Version
www-data@driftingblues:/var/www/textpattern/files$ sudo --version
bash: sudo: command not foundGlibc Version
www-data@driftingblues:/var/www/textpattern/files$ ldd --version
ldd (Debian EGLIBC 2.13-38+deb7u10) 2.13
Copyright (C) 2011 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (Debian EGLIBC 2.13-38+deb7u10) 2.13