Results 1 to 9 of 9
  1. #1
    Join Date
    Sep 2006
    Posts
    53

    set uid & root access

    ls -al /usr/bin/passwd
    -r-s--x--x 1 root root 21200 Aug 21 2005 /usr/bin/passwd*

    i want to know all files that have the permission in clude s
    which have setuid permition

  2. #2
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    8,910
    You could try:

    find / -perm -4000

    If you decide to remove a SUID flag, make sure you know what the file does first.
    Patrick William | RACK911 Labs | Software Security Auditing
    400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com

    www.HostingSecList.com - Security notices for the hosting community.

  3. #3
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,560
    -2000 will give you setgid too

    you could also do something like -uid 0 to get only the root owned suits

  4. #4
    Join Date
    Sep 2006
    Posts
    53
    sorry all the above not working
    at least it should extract
    -r-s--x--x 1 root root 21200 Aug 21 2005 /usr/bin/passwd*

    but it show
    -bash: find: command not found

    so ..!!

  5. #5
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    8,910
    What OS are you using?

    (That's odd that find is not installed).
    Patrick William | RACK911 Labs | Software Security Auditing
    400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com

    www.HostingSecList.com - Security notices for the hosting community.

  6. #6
    Join Date
    Oct 2006
    Location
    arizona/romania
    Posts
    169
    Hi,
    maybe find is not on your PATH.
    $(which find) / -path /proc -prune -o -type f -perm +6000 -ls

  7. #7
    Join Date
    Sep 2006
    Posts
    53
    sorry guys it worked well now
    sorry for inconvenience
    ============

  8. #8
    Hello,
    Can you tell me which linux commands should I run in order to find all the users with shell access on my Virtuozzo VPS. I run Centos 4 + Cpanel.

    Rocco.

  9. #9
    Join Date
    Oct 2006
    Location
    arizona/romania
    Posts
    169
    Hi
    cat /etc/passwd
    if they have the following shells they can login on your box.
    ----------------------
    /bin/sh
    /bin/bash
    /bin/tcsh
    /bin/csh
    /bin/esh
    /bin/ksh
    /bin/zsh
    ----------------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •