Posts Tagged ‘Unprotected files owned by root’
Potential leak of data: Unprotected files owned by root
0 votedvote
Detected 1 occurrence(s) of ‘[d\-]rwxrwxrwx.*root[:\t ]+root’:
Guys anyone got any ideas what is wrong with the following : Requirement is to rw to/from a secondary HD ( /dev/sdb1 ) mount point /media/D drwxrwxrwx 1 root root 24576 Nov 21 05:37 D fstab entry # /dev/sdb1 UUID=E6XX74XXB87XXBD5 /media/D auto defaults,umask=000 mtab entry /dev/sdb1 /media/D ntfs rw,relatime,uid=0,gid=0,umask=00,nls=utf8,errors=continue,mft_zone_multiplier=1 0 0 I can see the contents of
Potential leak of data: Unprotected files owned by root
0 votedvote
Detected 1 occurrence(s) of ‘[d\-]rwxrwxrwx.*root[:\t ]+root’:
--x 27 system system 4096 Nov 23 20:13 data drwxr-xr-x 2 root root 0 Nov 23 20:40 datadata -rw-r--r-- 1 root root 2072 Jan 1 1970 default.prop drwxr-xr-x 12 root root 3360 Nov 23 20:40 dev drwxrwxrwx 2 root root 0 Nov 23 20:40 devlog drwxr-xr-x 2 root root 0 Nov 23 20:40 emmc drwxr-xr-x 2 root root 0 Nov 23 20:40 etc -rw-r--r-- 1 root root 960 Jan 1 1970 fstab.qcom -rwxr-x--- 1 root r
Potential leak of data: Unprotected files owned by root
0 votedvote
Detected 176 occurrence(s) of ‘[d\-]rwxrwxrwx.*root[:\t ]+root’:
:33 Wheel Of Fortune drwxrwxrwx 3 root root 4096 Aug 1 17:26 Whisker Wars drwxrwxrwx 5 root root 4096 Jul 30 10:51 White Collar drwxrwxrwx 10 root root 4096 Jul 11 00:52 Whose Line Is It Anyway drwxrwxrwx 4 root root 4096 Jul 3 14:22 Wilfred (US) drwxrwxrwx 3 root root 4096 Sep 8 18:17 Worlds Worst Tenants
Potential leak of data: Unprotected files owned by root
0 votedvote
Detected 20 occurrence(s) of ‘[d\-]rwxrwxrwx.*root[:\t ]+root’:
ot 4.0K Nov 1 02:12 Mr Bean drwxrwxrwx 1 root root 0 Jun 26 16:40 Parks and Recreation drwxrwxrwx 1 root root 4.0K Nov 7 04:17 The League drwxrwxrwx 1 root root 0 Oct 15 00:08 The Walking Dead drwxrwxrwx 1 root root 4.0K Jun 26 16:39 Top Gear drwxrwxrwx 1 root root 4.0K May 20 16:59 Whose Line
Potential leak of data: Email/Password Dump
0 votedvote
Detected 400 occurrence(s) of ‘^[a-z0-9\-\._]+@[a-z0-9\-\.]+\.[a-z]{2,4}[ \t;,:\|]+\S+’:
teamdefiancesite@gmail.com // LOL HACKED
tyga@aol.com // LOL HACKED
crutchhhh@gmail.com // LOL HACKED
sm0k3nac3z@hotmail.com // LOL HACKED
contrailing@hotmail.com
===================================
Detected 1 occurrence(s) of ‘(\| [a-z0-9\-\._]+@\S+\.[a-z]{2,4} \| \S+)’:
address: 42 Wyckoff Ave, Ramsey, NJ 07446 Old number: (201) 327-4971 Emails: incipit_interregnum@yahoo.com (main) | ameliahc@aol.com (connected to her MySpace) | ameliahc@gmail.com | keepsmereeling@aol.com | assassinatedyouth@yahoo.com AOL: TeterOnTheEdge | Skype: r0cks0cks | Yahoo: Incipit_Interregnum | Yahoo: AssassinatedYouth (she has 2)
Detected 77 occurrence(s) of ‘[d\-]rwxrwxrwx.*root[:\t ]+root’:
-rw-r--r-- 1 root root 72174 Feb 13 2010 jquery-1.4.2.min.js
-rw-r--r-- 1 root root 3617 Apr 13 2008 rebootfinder.php
-rw-r--r-- 1 root root 12795 Mar 17 2008 jquery.tablesorter.min.js
-rwxrwxrwx 1 root root 265072 Mar 14 2008 osxwp.jpg
-rw-rw-r-- 1 image image 1165 Feb 26 2008 import.txt
-rw-rw-r-- 1 image image 514 Oct 24 2005 .htaccess
-rw-r--r-- 1 image image 0 A
Detected 3 occurrence(s) of ‘\|\s+Pass(word)*\s+\|’:
| first_name | nvarchar | | last_active | datetime | | last_name | nvarchar | | password | nvarchar | | phone | nvarchar | | url | nvarchar | | user_guid | char
Detected 1 occurrence(s) of ‘doxed’:
make my point. My fight is the fight for information to be free,
and for the wrongdoers to be wronged."
LOL let's hope a cop he doxed kicks his door in and beats him with a phone book.
http://the-duck-pond-blog.blogspot.com/2012/09/im-anonymous-please-donate.html
// Aside from mistaking Emmi's outlines
Detected 2 occurrence(s) of ‘root:.*:0:99999:7:::’:
build:x:715:715::/home/build:/bin/bash
moe:x:725:100::/home/moe:/bin/bash
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
root:$1$gQ5eTV9K$EejhJfWSmlZhODzygiTmt/:15575:0:99999:7:::
bin:*:14469:0:99999:7:::
daemon:*:14469:0:99999:7:::
adm:*:14469:0:99999:7:::
Detected 4900 occurrence(s) of ‘[\s\|,;']+[a-z0-9\-\._]+@[a-z0-9\-\.]+\.[a-z]{2,4}[\s\|,;:']+’:
RNOCHandle: NOC124-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-480-505-8809
RNOCEmail: noc@godaddy.com
RNOCRef: http://whois.arin.net/rest/poc/NOC124-ARIN
# ARIN WHOIS data and services are subject to the Terms of Use
# availabl
Detected 1 occurrence(s) of ‘enable secret’:
!
hostname sw1.q.1655.sj
!
enable secret 5 $1$KYn3$RVuLboZmN27kmYOYTYS9f/
!
!
!
Detected 414 occurrence(s) of ‘^[a-z0-9\-\._]+@[a-z0-9\-\.]+\.[a-z]{2,4}[:,\|]*.*’:
tyga@aol.com // LOL HACKED
crutchhhh@gmail.com // LOL HACKED
sm0k3nac3z@hotmail.com // LOL HACKED
contrailing@hotmail.com
===============================================================================
Premium w