Prv8 Shell
Server : Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
System : Linux server.jackjohnson.com 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64
User : jackjohn ( 502)
PHP Version : 5.3.17
Disable Function : NONE
Directory :  /home/jackjohn/mail/jackjohnson.com/jackjohnson/cur/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/jackjohn/mail/jackjohnson.com/jackjohnson/cur/1349317088.000087.mbox:2,
Return-Path: <root@jackjohnson.nethosting.com>
Received: from jackjohnson.nethosting.com ([127.0.0.17])
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6) with ESMTP id l21A4YCp092452
	for <root@jackjohnson.nethosting.com>; Thu, 1 Mar 2007 03:04:34 -0700 (MST)
Received: (from root@localhost)
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6/Submit) id l21A4YD7092435
	for root; Thu, 1 Mar 2007 03:04:34 -0700 (MST)
Date: Thu, 1 Mar 2007 03:04:34 -0700 (MST)
From: Charlie Root <root@jackjohnson.nethosting.com>
Message-Id: <200703011004.l21A4YD7092435@jackjohnson.nethosting.com>
To: root@jackjohnson.nethosting.com
Subject: jackjohnson.nethosting.com security run output


Checking setuid files and devices:

jackjohnson.nethosting.com setuid diffs:
--- /var/log/setuid.today	Wed Feb 21 03:09:12 2007
+++ /tmp/security.O7XTvqeu	Thu Mar  1 03:04:33 2007
@@ -1,3 +1,11 @@
+124664343 -r-sr-xr-x  1 man   wheel    33152 Nov  2 12:34:29 2006 /backup/usr/local/bin/jman
+124664368 -rwxr-sr-x  1 root  mail     12784 Nov 17 18:17:16 2005 /backup/usr/local/bin/lockfile
+124664413 -rwxr-sr-x  1 root  mail      7668 Jan  3 09:10:32 2007 /backup/usr/local/bin/muttng_dotlock
+124664700 -rwsr-sr-x  1 root  mail     74140 Nov 17 18:17:16 2005 /backup/usr/local/bin/procmail
+124664757 -rws--x--x  1 root  wheel   949226 Nov 14 15:32:22 2005 /backup/usr/local/bin/sperl5.8.7
+124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudo
+124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudoedit
+124956217 -rwx--s--x  1 root  mail     12499 Nov 18 10:34:50 2005 /backup/usr/local/libexec/mlock
 124242811 -r-sr-xr-x  1 root  wheel      18332 Nov  3 01:10:07 2005 /bin/rcp
 124373523 -r-sr-xr-x  1 root  wheel      22528 Nov 18 08:57:07 2005 /sbin/ping
 124373524 -r-sr-xr-x  1 root  wheel      30696 Sep 20 14:15:21 2006 /sbin/ping6

jackjohnson.nethosting.com changes in mounted filesystems:
--- /var/log/mount.today	Wed Feb 28 03:06:12 2007
+++ /tmp/security.CnNfWdlD	Thu Mar  1 03:04:33 2007
@@ -3,3 +3,4 @@
 devfs	/dev	devfs rw	0 0
 procfs	/proc	procfs rw	0 0
 /dev/aacd0s1d	/ports	ufs ro	0 0
+/dev/aacd1s1e	/backup	ufs ro	0 0

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

jackjohnson.nethosting.com login failures:
Feb 28 11:09:34 jackjohnson sshd[20461]: Failed password for root from 195.234.171.233 port 50363 ssh2
Feb 28 11:09:36 jackjohnson sshd[20469]: Failed password for invalid user admin from 195.234.171.233 port 50526 ssh2
Feb 28 11:09:38 jackjohnson sshd[20478]: Failed password for invalid user test from 195.234.171.233 port 50675 ssh2
Feb 28 11:09:40 jackjohnson sshd[20487]: Failed password for invalid user guest from 195.234.171.233 port 50856 ssh2
Feb 28 11:09:42 jackjohnson sshd[20503]: Failed password for invalid user webmaster from 195.234.171.233 port 51018 ssh2

jackjohnson.nethosting.com refused connections:

-- End of security output --

haha - 2025