Navegando por diferentes paginas de diferentes gobiernos observando diferentes vulnerabilidades un amigo de Perú me retó a ver si podía entrar en la Municipalidad de su ciudad. Era nada menos que la Capital de Peru: Lima. La web en cuestion no la modifique porque eso de hacer un Deface me parece algo idiota pero aqui les dejo un enlace en donde podrán ver que he dejado un pequeño mensaje:
y Aqui les dejo información sobre la maquina y las bases de datos halladas:
============
Software :
Apache/2.2.20 (EL) DAV/2 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.20
OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8.Safe Mode:OFF (Not Secure)
Magic Quotes:ON
Uname -a : Linux centosweb.munlima.local 2.6.18-238.19.1.el5 #1 SMP Fri Jul 15 07:31:24 EDT 2011 x86_64
id : uid=48(apache) gid=48(apache) groups=48(apache)
Freespace : 49.49 GB of 189.89 GB (26.06%)
Bases de datos
cat /etc/passwd:
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
hsqldb:x:96:96::/var/lib/hsqldb:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
newrelic:x:101:103:New Relic monitoring daemon:/:/sbin/nologin
rrdcached:x:102:104:rrdcached:/var/rrdtool/rrdcached:/sbin/nologin
cacti:x:103:105:cacti:/var/www/cacti:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
hsqldb:x:96:96::/var/lib/hsqldb:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
newrelic:x:101:103:New Relic monitoring daemon:/:/sbin/nologin
rrdcached:x:102:104:rrdcached:/var/rrdtool/rrdcached:/sbin/nologin
cacti:x:103:105:cacti:/var/www/cacti:/bin/sh
Distrib Name
CentOS release 5.6 (Final)
Información de Sistema:
processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 apicid : 0 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8] processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 0 siblings : 2 core id : 1 cpu cores : 2 apicid : 1 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8] processor : 2 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 1 siblings : 2 core id : 0 cpu cores : 2 apicid : 2 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8] processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 1 siblings : 2 core id : 1 cpu cores : 2 apicid : 3 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8] processor : 4 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 2 siblings : 2 core id : 0 cpu cores : 2 apicid : 4 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8] processor : 5 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 2 siblings : 2 core id : 1 cpu cores : 2 apicid : 5 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8] processor : 6 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 3 siblings : 2 core id : 0 cpu cores : 2 apicid : 6 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8] processor : 7 vendor_id : GenuineIntel cpu family : 6 model : 37 model name : Intel(R) Xeon(R) CPU E5649 @ 2.53GHz stepping : 1 cpu MHz : 2527.000 cache size : 12288 KB physical id : 3 siblings : 2 core id : 1 cpu cores : 2 apicid : 7 fpu : yes fpu_exception : yes cpuid level : 11 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm bogomips : 5054.00 clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: [8]
HDD Space
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
190G 131G 50G 73% /
/dev/sda1 99M 20M 75M 21% /boot
tmpfs 3.9G 0 3.9G 0% /dev/shm
//172.20.4.88/Web76/ 800G -2.4T 3.2T - /var/web-backup
Mount Options
/dev/VolGroup00/LogVol00 / ext3 defaults 1 1 LABEL=/boot /boot ext3 defaults 1 2 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/VolGroup00/LogVol01 swap swap defaults 0 0
| cURL installed? | /usr/bin/curl |
| lynx installed? | which: no lynx in (/sbin:/usr/sbin:/bin:/usr/bin) |
| links installed? | /usr/bin/links |
| fetch installed? | which: no fetch in (/sbin:/usr/sbin:/bin:/usr/bin) |
| GET installed? | /usr/bin/GET |
| perl installed? | /usr/bin/perl |
| Where is perl? | perl: /usr/bin/perl /opt/omni/bin/perl /usr/share/man/man1/perl.1.gz |
| Locate httpd.conf | /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.old /etc/httpd/conf/httpd.conf~ /instaladores/seg/httpd.conf /usr/share/system-config-httpd/httpd.conf.xsl |
CAT HOST:
# Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 172.25.16.76 centosweb.munlima.local centosweb 172.23.16.76 centosweb.munlima.local centosweb 172.23.16.250 MMLSRVADM.munlima.local MMLSRVADM
Syslog Config
# Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;news.none;authpriv.none;cron.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* -/var/log/maillog # Log cron stuff cron.* /var/log/cron # Everybody gets emergency messages *.emerg * # Save news errors of level crit and higher in a special file. uucp,news.crit /var/log/spooler # Save boot messages also to boot.log local7.* /var/log/boot.log # # INN # news.=crit /var/log/news/news.crit news.=err /var/log/news/news.err news.notice /var/log/news/news.notice
0 comentarios:
Publicar un comentario