Prv8 Shell
Server : Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
System : Linux server.jackjohnson.com 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64
User : jackjohn ( 502)
PHP Version : 5.3.17
Disable Function : NONE
Directory :  /home/jackjohn/mail/jackjohnson.com/jackjohnson/cur/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/jackjohn/mail/jackjohnson.com/jackjohnson/cur/1349317088.000114.mbox:2,
Return-Path: <root@jackjohnson.nethosting.com>
Received: from jackjohnson.nethosting.com ([127.0.0.17])
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6) with ESMTP id l2C94tAr019002
	for <root@jackjohnson.nethosting.com>; Mon, 12 Mar 2007 02:04:56 -0700 (MST)
Received: (from root@localhost)
	by jackjohnson.nethosting.com (8.13.6.20060614/8.13.6/Submit) id l2C94t8d018965
	for root; Mon, 12 Mar 2007 03:04:55 -0600 (MDT)
Date: Mon, 12 Mar 2007 03:04:55 -0600 (MDT)
From: Charlie Root <root@jackjohnson.nethosting.com>
Message-Id: <200703120904.l2C94t8d018965@jackjohnson.nethosting.com>
To: root@jackjohnson.nethosting.com
Subject: jackjohnson.nethosting.com security run output


Checking setuid files and devices:
find: /backup: No such file or directory
find: /backup: No such file or directory

jackjohnson.nethosting.com setuid diffs:
--- /var/log/setuid.today	Sun Mar 11 03:05:20 2007
+++ /tmp/security.IUK8Mrqf	Mon Mar 12 03:04:54 2007
@@ -1,11 +1,3 @@
-124664343 -r-sr-xr-x  1 man   wheel    33152 Nov  2 12:34:29 2006 /backup/usr/local/bin/jman
-124664368 -rwxr-sr-x  1 root  mail     12784 Nov 17 18:17:16 2005 /backup/usr/local/bin/lockfile
-124664413 -rwxr-sr-x  1 root  mail      7668 Jan  3 09:10:32 2007 /backup/usr/local/bin/muttng_dotlock
-124664700 -rwsr-sr-x  1 root  mail     74140 Nov 17 18:17:16 2005 /backup/usr/local/bin/procmail
-124664757 -rws--x--x  1 root  wheel   949226 Nov 14 15:32:22 2005 /backup/usr/local/bin/sperl5.8.7
-124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudo
-124664766 ---s--x--x  2 root  wheel    93244 Feb 15 16:20:17 2006 /backup/usr/local/bin/sudoedit
-124956217 -rwx--s--x  1 root  mail     12499 Nov 18 10:34:50 2005 /backup/usr/local/libexec/mlock
 124242811 -r-sr-xr-x  1 root  wheel      18332 Nov  3 01:10:07 2005 /bin/rcp
 124373523 -r-sr-xr-x  1 root  wheel      22528 Nov 18 08:57:07 2005 /sbin/ping
 124373524 -r-sr-xr-x  1 root  wheel      30696 Sep 20 14:15:21 2006 /sbin/ping6

Checking for uids of 0:
root 0
toor 0

Checking for passwordless accounts:

jackjohnson.nethosting.com login failures:
Mar 11 06:11:45 jackjohnson sshd[514]: Failed password for invalid user eff from 59.124.83.212 port 50642 ssh2
Mar 11 06:11:48 jackjohnson sshd[531]: Failed password for invalid user elf from 59.124.83.212 port 50791 ssh2
Mar 11 06:11:52 jackjohnson sshd[545]: Failed password for invalid user cross from 59.124.83.212 port 50932 ssh2
Mar 11 06:11:55 jackjohnson sshd[557]: Failed password for invalid user hacker2k from 59.124.83.212 port 51077 ssh2
Mar 11 06:11:58 jackjohnson sshd[569]: Failed password for invalid user thisisnotyourexploit from 59.124.83.212 port 51218 ssh2
Mar 11 15:34:27 jackjohnson sshd[50530]: Failed password for invalid user test from 129.132.1.72 port 54417 ssh2
Mar 11 15:34:29 jackjohnson sshd[50553]: Failed password for invalid user guest from 129.132.1.72 port 54518 ssh2
Mar 11 15:34:31 jackjohnson sshd[50580]: Failed password for invalid user admin from 129.132.1.72 port 54617 ssh2
Mar 11 15:34:33 jackjohnson sshd[50614]: Failed password for invalid user admin from 129.132.1.72 port 54708 ssh2
Mar 11 15:34:35 jackjohnson sshd[50656]: Failed password for invalid user user from 129.132.1.72 port 54809 ssh2
Mar 11 19:54:49 jackjohnson sshd[72102]: Failed password for invalid user unknown from 211.100.30.212 port 44895 ssh2
Mar 11 19:54:52 jackjohnson sshd[72112]: Failed password for invalid user unknown from 211.100.30.212 port 45041 ssh2
Mar 11 19:54:55 jackjohnson sshd[72123]: Failed password for invalid user unknown from 211.100.30.212 port 45172 ssh2
Mar 11 19:54:57 jackjohnson sshd[72136]: Failed password for invalid user unknown from 211.100.30.212 port 45302 ssh2
Mar 11 19:55:00 jackjohnson sshd[72151]: Failed password for invalid user unknown from 211.100.30.212 port 45436 ssh2
Mar 11 23:09:25 jackjohnson sshd[93802]: Failed password for root from 71.121.254.42 port 7092 ssh2
Mar 11 23:09:34 jackjohnson sshd[93837]: Failed password for root from 71.121.254.42 port 4198 ssh2
Mar 11 23:09:44 jackjohnson sshd[93867]: Failed password for root from 71.121.254.42 port 4588 ssh2
Mar 11 23:09:53 jackjohnson sshd[93898]: Failed password for invalid user admin from 71.121.254.42 port 4828 ssh2
Mar 11 23:10:03 jackjohnson sshd[93935]: Failed password for invalid user miquelfi from 71.121.254.42 port 6468 ssh2

jackjohnson.nethosting.com refused connections:

-- End of security output --

haha - 2025