/l3/users/eb/2009/linux13/root :1 :2 :3 :4 :5 :6 :7 :8 :9 :10 :11 :12 :13 :14 :15 :16 :17 :18 :19 :20 :21 :22 :23 :24 :25 :26 :27 :28 :29 :30 :31 :32 :33 :34 :35 :36 :37 :38 :39 :40 :41 :42 :43 :44 :45 :46 :47 :48 :49 :50 :51 :52 :53 :54 :55 :56 :57 :58 :59 :60 :61 :62 :63 :64 :65 :66 :67 :68 :69 :70 :71 :72 :73 :74 :75 :76 |
|
#iptables-save
# Generated by iptables-save v1.4.3.2 on Tue Jun 2 17:45:16 2009 *filter :INPUT ACCEPT [1347:198396] :FORWARD ACCEPT [3057:1378613] :OUTPUT ACCEPT [1153:133483] COMMIT # Completed on Tue Jun 2 17:45:16 2009 # Generated by iptables-save v1.4.3.2 on Tue Jun 2 17:45:16 2009 *nat :PREROUTING ACCEPT [69:6101] :POSTROUTING ACCEPT [93:6011] :OUTPUT ACCEPT [87:5659] -A PREROUTING -d 192.168.107.1/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.107.2:80 -A POSTROUTING -s 192.168.107.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Tue Jun 2 17:45:16 2009 |
#iptables-save
# Generated by iptables-save v1.4.3.2 on Tue Jun 2 17:45:23 2009 *filter :INPUT ACCEPT [1353:199001] :FORWARD ACCEPT [3057:1378613] :OUTPUT ACCEPT [1160:135543] COMMIT # Completed on Tue Jun 2 17:45:23 2009 # Generated by iptables-save v1.4.3.2 on Tue Jun 2 17:45:23 2009 *nat :PREROUTING ACCEPT [70:6344] :POSTROUTING ACCEPT [95:6123] :OUTPUT ACCEPT [89:5771] -A PREROUTING -d 192.168.107.1/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.107.2:80 -A POSTROUTING -s 192.168.107.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Tue Jun 2 17:45:23 2009 |
#ssh quiz@192.168.15.13
quiz@192.168.15.13's password: |
#ssh quiz@10.0.35.100
-----------------------------------------------------------------[40/40]----- Как получить полный список файлов, которые процесс 1234 открывает в ходе своей работы (не только, которые открыты сейчас). 1. strace -p 1234 -o /tmp/1234.strace; grep open /tmp/1234.strace 2. lsof -p 1234 3. strings `which 1234` 4. strings 'which 1234' --------------------------------------------------------------------------- 2 Your score: 29 Connection to 10.0.35.100 closed. |
#su user
|
$echo messss|logger
|
$cat /var/log/messages
cat: /var/log/messages: Permission denied |
$exit
exit |
#cat /var/log/messages
Jun 1 09:53:16 linux13 kernel: [ 2.910571] ata3: SATA max UDMA/133 cmd 0xd000 ctl 0xcc00 bmdma 0xc480 irq 18 Jun 1 09:53:16 linux13 kernel: [ 2.910624] ata4: SATA max UDMA/133 cmd 0xc880 ctl 0xc800 bmdma 0xc488 irq 18 Jun 1 09:53:16 linux13 kernel: [ 3.384094] ata3: SATA link up 1.5 Gbps (SStatus 113 SControl 300) Jun 1 09:53:16 linux13 kernel: [ 3.393649] ata3.00: ATA-7: Maxtor 6L080M0, BANC1G10, max UDMA/133 Jun 1 09:53:16 linux13 kernel: [ 3.393702] ata3.00: 160086528 sectors, multi 0: LBA NCQ (not used) Jun 1 09:53:16 linux13 kernel: [ 3.396085] ide0 at 0xec00-0xec07,0xe882 on irq 17 Jun 1 09:53:16 linux13 kernel: [ 3.400225] ide1 at 0xe800-0xe807,0xe482 on irq 17 Jun 1 09:53:16 linux13 kernel: [ 3.409157] ata3.00: configured for UDMA/133 Jun 1 09:53:16 linux13 kernel: [ 3.409289] scsi 2:0:0:0: Direct-Access ATA Maxtor 6L080M0 BANC PQ: 0 ANSI: 5 Jun 1 09:53:16 linux13 kernel: [ 3.884054] ata4: SATA link up 3.0 Gbps (SStatus 123 SControl 300) ... Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-provided physical RAM map: Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 0000000000000000 - 000000000009fc00 (usable) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 00000000000e4000 - 0000000000100000 (reserved) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 0000000000100000 - 00000000bf790000 (usable) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 00000000bf790000 - 00000000bf79e000 (ACPI data) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 00000000bf79e000 - 00000000bf7e0000 (ACPI NVS) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 00000000bf7e0000 - 00000000bf800000 (reserved) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 00000000fee00000 - 00000000fee01000 (reserved) Jun 1 10:31:14 linux13 kernel: [ 0.000000] BIOS-e820: 00000000fff00000 - 0000000100000000 (reserved) |
#su user
|
$cd
|
$vim tab
|
$crontab tab
/var/spool/cron/crontabs/tmp.pFzyeE: Permission denied |
$exit
exit |
#crontab reload
reload: No such file or directory |
#crontab restart
restart: No such file or directory |
#vim tab
--- /tmp/l3-saved-3944.14848.22632 2009-06-02 18:11:53.000000000 +0300 +++ /etc/crontab 2009-06-02 18:12:10.000000000 +0300 @@ -12,5 +12,5 @@ 25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ) 47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly ) 52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly ) -# * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua +* * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua |
#~ :
2 # Unlike any other crontab you don't have to run the `crontab' 3 # command to install the new version when you edit this file 4 # and files in /etc/cron.d. These files also have username fields, 5 # that none of the other crontabs do. 6 eport /etc/cron.daily ) eport /etc/cron.weekly )test -x /usr/sbin/anacron || ( cd / && run-parts --r eport /etc/cron.monthly )est -x /usr/sbin/anacron || ( cd / && run-parts --r * * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua 15 # * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua ~ ~ ~ ~ ~ ~ ~ "/etc/crontab" 16L, 777C written |
#crontab /etc/crontab
"/etc/crontab":14: bad command errors in crontab file, can't install. |
#crontab /etc/crontab
|
#man at
|
#ech he | at now + 60 minutes
bash: ech: command not found warning: commands will be executed using /bin/sh job 2 at Tue Jun 2 19:14:00 2009 |
#lsof | grep /dir
|
#lsof | grep /bin
syslog2ja 3276 root txt REG 8,1 725100 2052297 /bin/bash syslog2ja 3276 root 255r REG 8,1 100 1353039 /usr/local/bin/syslog2jabber dbus-daem 3287 messagebus txt REG 8,1 292604 1354946 /usr/bin/dbus-daemon login 3728 root txt REG 8,1 36132 2052324 /bin/login runsvdir 3729 root txt REG 8,1 12704 1352903 /usr/bin/runsvdir script 3735 root txt REG 8,1 9852 1352352 /usr/bin/script script 3770 root txt REG 8,1 9852 1352352 /usr/bin/script bash 3771 root txt REG 8,1 725100 2052297 /bin/bash script 3806 root txt REG 8,1 9852 1352352 /usr/bin/script script 3857 root txt REG 8,1 9852 1352352 /usr/bin/script ... bash 4030 root txt REG 8,1 725100 2052297 /bin/bash script 4037 root txt REG 8,1 9852 1352352 /usr/bin/script script 4115 root txt REG 8,1 9852 1352352 /usr/bin/script bash 4116 root txt REG 8,1 725100 2052297 /bin/bash ssh 4365 root txt REG 8,1 332928 1352473 /usr/bin/ssh finch 5955 root txt REG 8,1 231304 1352608 /usr/bin/finch ssh 7027 root txt REG 8,1 332928 1352473 /usr/bin/ssh lsof 7673 root txt REG 8,1 121412 1353047 /usr/bin/lsof grep 7674 root txt REG 8,1 100500 2052316 /bin/grep lsof 7675 root txt REG 8,1 121412 1353047 /usr/bin/lsof |
#lsof | grep /sbin
init 1 root txt REG 8,1 31296 651562 /sbin/init udevd 1251 root txt REG 8,1 103288 651616 /sbin/udevd syslog-ng 3277 root txt REG 8,1 114492 1353036 /usr/sbin/syslog-ng exim4 3565 Debian-exim txt REG 8,1 695968 1355999 /usr/sbin/exim4 lpd 3582 lp txt REG 8,1 68032 1355313 /usr/sbin/lpd inetd 3592 root txt REG 8,1 29492 1355975 /usr/sbin/inetd mdadm 3621 root txt REG 8,1 192064 651699 /sbin/mdadm atd 3648 daemon txt REG 8,1 15716 1356017 /usr/sbin/atd cron 3680 root txt REG 8,1 32572 1353084 /usr/sbin/cron monit 3707 root txt REG 8,1 336568 1353038 /usr/sbin/monit sshd 6310 root txt REG 8,1 438756 1353120 /usr/sbin/sshd |
#lsof /dir
lsof: status error on /dir: No such file or directory lsof 4.81 latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/ latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man usage: [-?abhlnNoOPRtUvVX] [+|-c c] [+|-d s] [+D D] [+|-f[gG]] [-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+m [m]] [+|-M] [-o [o]] [-p s] [+|-r [t]] [-s [p:s]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names] Use the ``-h'' option to get more help information. |
#env -p cron
env: invalid option -- 'p' Try `env --help' for more information. |
#strace -p cron | grep env
strace: Invalid process id: cron usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file] [-p pid] ... [-s strsize] [-u username] [-E var=val] ... [command [arg ...]] or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ... [command [arg ...]] -c -- count time, calls, and errors for each syscall and report summary -f -- follow forks, -ff -- with output into separate files -F -- attempt to follow vforks, -h -- print help message -i -- print instruction pointer at time of syscall ... -e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]... options: trace, abbrev, verbose, raw, signal, read, or write -o file -- send trace output to FILE instead of stderr -O overhead -- set overhead for tracing syscalls to OVERHEAD usecs -p pid -- trace process with process id PID, may be repeated -s strsize -- limit length of print strings to STRSIZE chars (default 32) -S sortby -- sort syscall counts by: time, calls, name, nothing (default time) -u username -- run command as username handling setuid and/or setgid -E var=val -- put var=val in the environment for command -E var -- remove var from the environment for command |
#strings `which cron`
|ouK [^_] syst em_u [^_] [^_] [^_] [^_] [^_] t"9X ... /var/spool/cron %s: created %s: mkdir can't lock %s, otherpid may be %d: %s '%s' is not a directory, bailing out. cannot chdir(%s), bailing out. this program was compiled without debugging enabled %[^ =] = %[^ popen: setuid(%lu) failed: %s |
#lsof -p cron
lsof: illegal process ID: cron lsof 4.81 latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/ latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man usage: [-?abhlnNoOPRtUvVX] [+|-c c] [+|-d s] [+D D] [+|-f[gG]] [-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+m [m]] [+|-M] [-o [o]] [-p s] [+|-r [t]] [-s [p:s]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names] Use the ``-h'' option to get more help information. |
#pgrep cron
3680 |
#lsof -p 3680
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME cron 3680 root cwd DIR 8,1 4096 1905777 /var/spool/cron cron 3680 root rtd DIR 8,1 4096 2 / cron 3680 root txt REG 8,1 32572 1353084 /usr/sbin/cron cron 3680 root mem REG 8,1 42504 2020022 /lib/i686/cmov/libnss_files-2.9.so cron 3680 root mem REG 8,1 38444 2020031 /lib/i686/cmov/libnss_nis-2.9.so cron 3680 root mem REG 8,1 87804 2020024 /lib/i686/cmov/libnsl-2.9.so cron 3680 root mem REG 8,1 30436 2020010 /lib/i686/cmov/libnss_compat-2.9.so cron 3680 root mem REG 8,1 26048 1352266 /usr/lib/gconv/gconv-modules.cache cron 3680 root mem REG 8,1 3462848 1499598 /usr/lib/locale/locale-archive cron 3680 root mem REG 8,1 9676 2020042 /lib/i686/cmov/libdl-2.9.so cron 3680 root mem REG 8,1 1433988 2019995 /lib/i686/cmov/libc-2.9.so cron 3680 root mem REG 8,1 95976 2020038 /lib/libselinux.so.1 cron 3680 root mem REG 8,1 40472 2020028 /lib/libpam.so.0.81.12 cron 3680 root mem REG 8,1 117348 2022719 /lib/ld-2.9.so cron 3680 root 0r CHR 1,3 0t0 756 /dev/null cron 3680 root 1w CHR 1,3 0t0 756 /dev/null cron 3680 root 2w CHR 1,3 0t0 756 /dev/null cron 3680 root 3u REG 8,1 5 1906289 /var/run/crond.pid |
#openvt
|
#openvt
|
#openvt
|
#vim /etc/apt/sources.list
--- /tmp/l3-saved-3768.11056.31488 2009-06-03 09:06:23.000000000 +0300 +++ /etc/apt/sources.list 2009-06-03 09:06:44.000000000 +0300 @@ -1,2 +1,2 @@ -deb http://192.168.15.13:9999/debian sid main contrib non-free +deb http://192.168.15.13:9999/debian lenny main contrib non-free # deb http://www.debian-multimedia.org sid main |
#apt-get update
Get:1 http://192.168.15.13 lenny Release.gpg [1032B] Ign http://192.168.15.13 lenny/main Translation-en_US Ign http://192.168.15.13 lenny/contrib Translation-en_US Ign http://192.168.15.13 lenny/non-free Translation-en_US Get:2 http://192.168.15.13 lenny Release [73.6kB] Ign http://192.168.15.13 lenny/main Packages Ign http://192.168.15.13 lenny/contrib Packages Ign http://192.168.15.13 lenny/non-free Packages Get:3 http://192.168.15.13 lenny/main Packages [6924kB] Get:4 http://192.168.15.13 lenny/contrib Packages [93.4kB] Get:5 http://192.168.15.13 lenny/non-free Packages [125kB] Fetched 7217kB in 2s (2644kB/s) Reading package lists... Done |
#apt-get install hald
Reading package lists... Done Building dependency tree Reading state information... Done E: Couldn't find package hald |
#apt-cache search hald
wesnoth-trow - The Rise of Wesnoth official campaign for Wesnoth |
#apt-cache search hal
libroxen-deepleap - Deepleap database registry module for the Roxen Challenger web server libroxen-diary - Diary module for the Roxen Challenger web server libroxen-dirlist - Directory listing module for the Roxen Challenger web server libroxen-disclaimer - Disclaimer module for the Roxen Challenger web server libroxen-discussit - Discussion module for the Roxen Challenger web server libroxen-errormessage - Error message generator module for the Roxen Challenger web server libroxen-expires - Page expiration module for the Roxen Challenger web server libroxen-explaindir - Directory listing module for the Roxen Challenger web server libroxen-faq - FAQ module for the Roxen Challenger web server libroxen-finder - Select box module for the Roxen Challenger web server ... libjboss-xml-binding-java - JBoss XML Binding rutebook - Linux: Rute User's Tutorial and Exposition, an online book policykit - framework for managing administrative policies and privileges ettercap - Multipurpose sniffer/interceptor/logger for switched LAN hal-info - Hardware Abstraction Layer - fdi files libhal-storage1 - Hardware Abstraction Layer - shared library for storage devices hal - Hardware Abstraction Layer rar - Archiver for .rar files libhal1 - Hardware Abstraction Layer - shared library cron - process scheduling daemon |
#apt-cache search hal|less
|
#apt-get install hal
Reading package lists... Done Building dependency tree Reading state information... Done hal is already the newest version. hal set to manually installed. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 1 not fully installed or removed. After this operation, 0B of additional disk space will be used. Setting up ed (1.3-3) ... update-alternatives: error: alternative path /bin/ed doesn't exist. dpkg: error processing ed (--configure): subprocess installed post-installation script returned error exit status 2 Errors were encountered while processing: ed E: Sub-process /usr/bin/dpkg returned an error code (1) |
#which ed
/usr/bin/ed |
#find / -name update-alternatives
/usr/bin/update-alternatives /usr/sbin/update-alternatives |
#openvt
|
#openvt
|
|