悠悠网校官网服务配置不当getshell | wooyun-2015-0152248| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0152248

漏洞标题：悠悠网校官网服务配置不当getshell

漏洞作者：朱元璋

提交时间：2015-11-08 16:36

修复时间：2016-01-11 15:32

公开时间：2016-01-11 15:32

漏洞类型：系统/服务补丁不及时

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-11-08：细节已通知厂商并且等待厂商处理中
2015-11-19：厂商已经确认，细节仅向厂商公开
2015-11-29：细节向核心白帽子及相关领域专家公开
2015-12-09：细节向普通白帽子公开
2015-12-19：细节向实习白帽子公开
2016-01-11：细节向公众公开
简要描述：

详细说明：

地址http://**.**.**.**/user/login.action?method=check存在命令执行漏洞
直接上传木马到服务器
http://**.**.**.**/test.jsp密码tom
漏洞证明：

[/usr/local/tomcat/tomcat7/webapps/ROOT/]$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
rtkit:x:499:497:RealtimeKit:/proc:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
abrt:x:173:173::/etc/abrt:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
saslauth:x:498:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
pulse:x:497:496:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
uustudyweb:x:500:500::/home/uustudyweb:/bin/bash
[/usr/local/tomcat/tomcat7/webapps/ROOT/]$ chkconfig --list
NetworkManager 	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
abrt-ccpp      	0:关闭	1:关闭	2:关闭	3:启用	4:关闭	5:启用	6:关闭
abrtd          	0:关闭	1:关闭	2:关闭	3:启用	4:关闭	5:启用	6:关闭
acpid          	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
atd            	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
auditd         	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
autofs         	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
blk-availability	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
bluetooth      	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
certmonger     	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
cpuspeed       	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
crond          	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
cups           	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
dnsmasq        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
firstboot      	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
haldaemon      	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
htcacheclean   	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
httpd          	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
ip6tables      	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
iptables       	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
irqbalance     	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
jexec          	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
kdump          	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
lvm2-monitor   	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
mdmonitor      	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
messagebus     	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
netconsole     	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
netfs          	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
network        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
nfs            	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
nfslock        	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
nginx          	0:关闭	1:关闭	2:启用	3:启用	4:关闭	5:启用	6:关闭
ntpd           	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
ntpdate        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
oddjobd        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
portreserve    	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
postfix        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
psacct         	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
quota_nld      	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rdisc          	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
restorecond    	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rngd           	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rpcbind        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
rpcgssd        	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
rpcsvcgssd     	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rsync          	0:关闭	1:关闭	2:启用	3:启用	4:关闭	5:启用	6:关闭
rsyslog        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
saslauthd      	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
smartd         	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
snmpd          	0:关闭	1:关闭	2:启用	3:启用	4:关闭	5:启用	6:关闭
snmptrapd      	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
spice-vdagentd 	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:启用	6:关闭
sshd           	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
sssd           	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
sysstat        	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
tomcat         	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
tomcat_cms     	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
udev-post      	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
wdaemon        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
winbind        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
wpa_supplicant 	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
ypbind         	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
[/usr/local/tomcat/tomcat7/webapps/ROOT/]$ ifconfig
em1       Link encap:Ethernet  HWaddr F8:BC:12:4D:89:8C  
          inet addr:**.**.**.**  Bcast:**.**.**.**  Mask:**.**.**.**
          inet6 addr: fe80::fabc:12ff:fe4d:898c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:724074036 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1296183112 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:63532365321 (59.1 GiB)  TX bytes:1913659415890 (1.7 TiB)
          Interrupt:35 
em1:0     Link encap:Ethernet  HWaddr F8:BC:12:4D:89:8C  
          inet addr:**.**.**.**  Bcast:**.**.**.**  Mask:**.**.**.**
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:35 
em2       Link encap:Ethernet  HWaddr F8:BC:12:4D:89:8D  
          inet addr:**.**.**.**  Bcast:**.**.**.**  Mask:**.**.**.**
          inet6 addr: fe80::fabc:12ff:fe4d:898d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:125722388 errors:0 dropped:0 overruns:0 frame:0
          TX packets:64432404 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:40022846170 (37.2 GiB)  TX bytes:12396924474 (11.5 GiB)
          Interrupt:38 
em3       Link encap:Ethernet  HWaddr F8:BC:12:4D:89:8E  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:34 
em4       Link encap:Ethernet  HWaddr F8:BC:12:4D:89:8F  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:36 
lo        Link encap:Local Loopback  
          inet addr:**.**.**.**  Mask:**.**.**.**
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:104450945 errors:0 dropped:0 overruns:0 frame:0
          TX packets:104450945 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:46708383748 (43.5 GiB)  TX bytes:46708383748 (43.5 GiB)
[/usr/local/tomcat/tomcat7/webapps/ROOT/]$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver **.**.**.**
[/usr/local/tomcat/tomcat7/webapps/ROOT/]$ bash prompt:
bash: prompt:: 没有那个文件或目录
[/usr/local/tomcat/tomcat7/webapps/ROOT/]$ lsb_release -a
LSB Version:	:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID:	CentOS
Description:	CentOS release 6.5 (Final)
Release:	6.5
Codename:	Final
[/usr/local/tomcat/tomcat7/webapps/ROOT/]$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 **.**.**.**:111                 **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:80                  **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:10000               **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:631               **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:25                **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:44642               **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:199               **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:80            **.**.**.**:22523        FIN_WAIT2   
tcp        0      0 **.**.**.**:41996             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:42000             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:41994             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:42003             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:80            **.**.**.**:38340        ESTABLISHED 
tcp        0      0 **.**.**.**:42006             **.**.**.**:8080              ESTABLISHED 
tcp        0      0 **.**.**.**:41988             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:42004             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:80            **.**.**.**:36409        ESTABLISHED 
tcp        0      0 **.**.**.**:41986             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:80            **.**.**.**:52112        ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:18000         ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:12778        ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:55157        FIN_WAIT2   
tcp        0      0 **.**.**.**:80            **.**.**.**:35127        ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:52419        ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:40952        ESTABLISHED 
tcp        0      0 **.**.**.**:80          **.**.**.**:36852        ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:24249        ESTABLISHED 
tcp        0      0 **.**.**.**:41987             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:80            **.**.**.**:14409        ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:23625        ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:30290          ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:62450        FIN_WAIT2   
tcp        0      0 **.**.**.**:42001             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:80            **.**.**.**:26682        ESTABLISHED 
tcp        0      0 **.**.**.**:42005             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:41991             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 **.**.**.**:80            **.**.**.**:24804        FIN_WAIT2   
tcp        0      0 **.**.**.**:80            **.**.**.**:29350          ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:19369         ESTABLISHED 
tcp        0      0 **.**.**.**:80            **.**.**.**:14503        ESTABLISHED 
tcp        0      0 **.**.**.**:41998             **.**.**.**:8080              TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:8015       :::*                        LISTEN      
tcp        0      0 :::111                      :::*                        LISTEN      
tcp        0      0 :::8080                     :::*                        LISTEN      
tcp        0      0 :::10000                    :::*                        LISTEN      
tcp        0      0 :::8019                     :::*                        LISTEN      
tcp        0      0 ::1:631                     :::*                        LISTEN      
tcp        0      0 :::8088                     :::*                        LISTEN      
tcp        0      0 ::1:25                      :::*                        LISTEN      
tcp        0      0 :::32895                    :::*                        LISTEN      
tcp        0      0 ::ffff:**.**.**.**:8005       :::*                        LISTEN      
tcp        0      0 :::8009                     :::*                        LISTEN      
tcp        0      0 ::ffff:**.**.**.**:41658  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41621  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:42000      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41595  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41564  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41552  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41522  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41632  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41648  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41637  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41585  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41594  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41568  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41583  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41549  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41639  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41537  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41560  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41562  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41545  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:38392  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41587  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41576  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41569  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41991      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41598  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41577  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41590  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41539  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41540  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41166  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41523  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41653  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41616  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41567  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41538  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41992      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41650  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41588  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41605  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41553  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41599  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41626  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41542  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:42005      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41619  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41629  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41609  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41603  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41618  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41647  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41601  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41519  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41654  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41543  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41582  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41554  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41593  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41570  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41655  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41645  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41584  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:40524  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41640  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41642  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41656  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:42004      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41613  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41657  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41652  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:42002      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:60691  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41644  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41614  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41558  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41555  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41631  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:43700  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:43801  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41999      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:39697  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41600  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41556  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:46225  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41998      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41586  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41210  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:42001      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41604  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:38097  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41566  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:42006      ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41610  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41996      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41572  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41622  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41612  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41547  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41651  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41623  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41995      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:40823  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41988      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41617  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41561  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41596  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41987      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41630  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41521  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41541  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41643  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41563  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41611  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41517  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41565  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41544  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41993      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41620  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:40918  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41990      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41606  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41573  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41575  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41634  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41524  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41636  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41520  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41989      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41118  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41625  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41997      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41597  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41548  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41615  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41551  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41559  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41633  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41646  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41608  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41602  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41518  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41659  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41571  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41557  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41578  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41592  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41589  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41516  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:41550  ::ffff:**.**.**.**:3306    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:8080       ::ffff:**.**.**.**:41986      TIME_WAIT   
tcp        0      0 ::ffff:**.**.**.**:41635  ::ffff:**.**.**.**:3306    ESTABLISHED 
udp        0      0 **.**.**.**:111                 **.**.**.**:*                               
udp        0      0 **.**.**.**:885                 **.**.**.**:*                               
udp        0      0 **.**.**.**:631                 **.**.**.**:*                               
udp        0      0 **.**.**.**:161                 **.**.**.**:*                               
udp        0      0 **.**.**.**:56774               **.**.**.**:*                               
udp        0      0 **.**.**.**:839                 **.**.**.**:*                               
udp        0      0 :::111                      :::*                                    
udp        0      0 :::839                      :::*                                    
udp        0      0 :::48478                    :::*                                    
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     15405  @/var/run/hald/dbus-R72qdiAGVD
unix  2      [ ACC ]     STREAM     LISTENING     9899   @/com/ubuntu/upstart
unix  2      [ ACC ]     STREAM     LISTENING     18182  @/tmp/dbus-fR6ZGuWtwx
unix  2      [ ACC ]     STREAM     LISTENING     17953  /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     18245  /tmp/.ICE-unix/3106
unix  2      [ ACC ]     STREAM     LISTENING     18313  /tmp/orbit-gdm/linc-c2a-0-aa091324ec84
unix  2      [ ACC ]     STREAM     LISTENING     18389  /tmp/orbit-gdm/linc-c22-0-67c25e2555426
unix  2      [ ACC ]     STREAM     LISTENING     18485  /tmp/orbit-gdm/linc-c3d-0-78f687ce7bab2
unix  2      [ ACC ]     STREAM     LISTENING     17952  @/tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     18529  /tmp/orbit-gdm/linc-c3f-0-4b2142eabecdf
unix  2      [ ACC ]     STREAM     LISTENING     18047  @/tmp/gdm-greeter-anjlBbcC
unix  2      [ ]         DGRAM                    11085  @/org/kernel/udev/udevd
unix  2      [ ACC ]     STREAM     LISTENING     18536  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  2      [ ACC ]     STREAM     LISTENING     18218  @/tmp/gdm-session-gdaXjUNw
unix  2      [ ACC ]     STREAM     LISTENING     18244  @/tmp/.ICE-unix/3106
unix  16     [ ]         DGRAM                    14474  /dev/log
unix  2      [ ]         DGRAM                    15430  @/org/freedesktop/hal/udev_event
unix  2      [ ACC ]     STREAM     LISTENING     14687  /var/run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     14769  /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     19187  /tmp/orbit-gdm/linc-ca1-0-4bee153fbe3ad
unix  2      [ ACC ]     STREAM     LISTENING     19222  /tmp/orbit-gdm/linc-ca2-0-4ba1c647c4160
unix  2      [ ACC ]     STREAM     LISTENING     19368  /var/lib/gdm/.pulse/99f4d77ab998beeb7dc182f00000001a-runtime/native
unix  2      [ ACC ]     STREAM     LISTENING     15398  @/var/run/hald/dbus-F6TldDBbM9
unix  2      [ ACC ]     STREAM     LISTENING     15249  /var/run/cups/cups.sock
unix  2      [ ACC ]     STREAM     LISTENING     15361  /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     16159  public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     16166  private/tlsmgr
unix  2      [ ACC ]     STREAM     LISTENING     16170  private/rewrite
unix  2      [ ACC ]     STREAM     LISTENING     16174  private/bounce
unix  2      [ ACC ]     STREAM     LISTENING     16178  private/defer
unix  2      [ ACC ]     STREAM     LISTENING     16182  private/trace
unix  2      [ ACC ]     STREAM     LISTENING     16189  private/verify
unix  2      [ ACC ]     STREAM     LISTENING     16193  public/flush
unix  2      [ ACC ]     STREAM     LISTENING     16197  private/proxymap
unix  2      [ ACC ]     STREAM     LISTENING     16201  private/proxywrite
unix  2      [ ACC ]     STREAM     LISTENING     16207  private/smtp
unix  2      [ ACC ]     STREAM     LISTENING     16211  private/relay
unix  2      [ ACC ]     STREAM     LISTENING     16215  public/showq
unix  2      [ ACC ]     STREAM     LISTENING     16219  private/error
unix  2      [ ACC ]     STREAM     LISTENING     16223  private/retry
unix  2      [ ACC ]     STREAM     LISTENING     16227  private/discard
unix  2      [ ACC ]     STREAM     LISTENING     16231  private/local
unix  2      [ ACC ]     STREAM     LISTENING     16235  private/virtual
unix  2      [ ACC ]     STREAM     LISTENING     16239  private/lmtp
unix  2      [ ACC ]     STREAM     LISTENING     16243  private/anvil
unix  2      [ ACC ]     STREAM     LISTENING     16247  private/scache
unix  2      [ ACC ]     STREAM     LISTENING     16393  /var/run/abrt/abrt.socket
unix  2      [ ACC ]     STREAM     LISTENING     19130  /tmp/orbit-gdm/linc-ca0-0-7b140fdeb46a1
unix  2      [ ACC ]     STREAM     LISTENING     18953  /tmp/orbit-gdm/linc-c9f-0-1be80bb6a1b7a
unix  2      [ ]         DGRAM                    57925395 
unix  2      [ ]         STREAM     CONNECTED     40723411 
unix  2      [ ]         STREAM     CONNECTED     40722715 
unix  2      [ ]         STREAM     CONNECTED     23818299 
unix  2      [ ]         STREAM     CONNECTED     23817645 
unix  2      [ ]         DGRAM                    1225649 
unix  3      [ ]         STREAM     CONNECTED     20096  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     20093  
unix  3      [ ]         STREAM     CONNECTED     19417  @/tmp/gdm-session-gdaXjUNw
unix  3      [ ]         STREAM     CONNECTED     19416  
unix  3      [ ]         STREAM     CONNECTED     19413  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19412  
unix  3      [ ]         STREAM     CONNECTED     19391  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     19390  
unix  3      [ ]         STREAM     CONNECTED     19375  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     19374  
unix  3      [ ]         STREAM     CONNECTED     19371  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19370  
unix  3      [ ]         STREAM     CONNECTED     19342  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19341  
unix  2      [ ]         DGRAM                    19339  
unix  3      [ ]         STREAM     CONNECTED     19320  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19319  
unix  2      [ ]         DGRAM                    19313  
unix  3      [ ]         STREAM     CONNECTED     19305  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19304  
unix  3      [ ]         STREAM     CONNECTED     19253  /tmp/orbit-gdm/linc-ca2-0-4ba1c647c4160
unix  3      [ ]         STREAM     CONNECTED     19252  
unix  3      [ ]         STREAM     CONNECTED     19250  /tmp/orbit-gdm/linc-c2a-0-aa091324ec84
unix  3      [ ]         STREAM     CONNECTED     19249  
unix  3      [ ]         STREAM     CONNECTED     19248  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     19247  
unix  3      [ ]         STREAM     CONNECTED     19235  @/tmp/gdm-greeter-anjlBbcC
unix  3      [ ]         STREAM     CONNECTED     19234  
unix  3      [ ]         STREAM     CONNECTED     19232  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     19231  
unix  3      [ ]         STREAM     CONNECTED     19251  /tmp/orbit-gdm/linc-ca2-0-4ba1c647c4160
unix  3      [ ]         STREAM     CONNECTED     19224  
unix  3      [ ]         STREAM     CONNECTED     19221  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  3      [ ]         STREAM     CONNECTED     19220  
unix  3      [ ]         STREAM     CONNECTED     19219  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     19218  
unix  3      [ ]         STREAM     CONNECTED     19213  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     19212  
unix  3      [ ]         STREAM     CONNECTED     19207  /tmp/orbit-gdm/linc-ca1-0-4bee153fbe3ad
unix  3      [ ]         STREAM     CONNECTED     19206  
unix  3      [ ]         STREAM     CONNECTED     19204  /tmp/orbit-gdm/linc-c2a-0-aa091324ec84
unix  3      [ ]         STREAM     CONNECTED     19203  
unix  3      [ ]         STREAM     CONNECTED     19195  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19194  
unix  3      [ ]         STREAM     CONNECTED     19193  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     19192  
unix  3      [ ]         STREAM     CONNECTED     19191  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19190  
unix  3      [ ]         STREAM     CONNECTED     19205  /tmp/orbit-gdm/linc-ca1-0-4bee153fbe3ad
unix  3      [ ]         STREAM     CONNECTED     19189  
unix  3      [ ]         STREAM     CONNECTED     19186  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  3      [ ]         STREAM     CONNECTED     19185  
unix  3      [ ]         STREAM     CONNECTED     19184  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     19183  
unix  3      [ ]         STREAM     CONNECTED     19178  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     19177  
unix  3      [ ]         STREAM     CONNECTED     19134  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19133  
unix  3      [ ]         STREAM     CONNECTED     19314  /tmp/orbit-gdm/linc-ca0-0-7b140fdeb46a1
unix  3      [ ]         STREAM     CONNECTED     19132  
unix  3      [ ]         STREAM     CONNECTED     19129  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  3      [ ]         STREAM     CONNECTED     19128  
unix  3      [ ]         STREAM     CONNECTED     19127  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     19126  
unix  3      [ ]         STREAM     CONNECTED     19091  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     19090  
unix  3      [ ]         STREAM     CONNECTED     18967  @/tmp/.ICE-unix/3106
unix  3      [ ]         STREAM     CONNECTED     18966  
unix  3      [ ]         STREAM     CONNECTED     18964  /tmp/orbit-gdm/linc-c9f-0-1be80bb6a1b7a
unix  3      [ ]         STREAM     CONNECTED     18963  
unix  3      [ ]         STREAM     CONNECTED     18961  /tmp/orbit-gdm/linc-c2a-0-aa091324ec84
unix  3      [ ]         STREAM     CONNECTED     18960  
unix  3      [ ]         STREAM     CONNECTED     18958  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18957  
unix  3      [ ]         STREAM     CONNECTED     18962  /tmp/orbit-gdm/linc-c9f-0-1be80bb6a1b7a
unix  3      [ ]         STREAM     CONNECTED     18955  
unix  3      [ ]         STREAM     CONNECTED     18952  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  3      [ ]         STREAM     CONNECTED     18951  
unix  3      [ ]         STREAM     CONNECTED     18950  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18949  
unix  3      [ ]         STREAM     CONNECTED     18956  /tmp/orbit-gdm/linc-c3d-0-78f687ce7bab2
unix  3      [ ]         STREAM     CONNECTED     18946  
unix  3      [ ]         STREAM     CONNECTED     18945  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  3      [ ]         STREAM     CONNECTED     18944  
unix  3      [ ]         STREAM     CONNECTED     18959  /tmp/orbit-gdm/linc-c22-0-67c25e2555426
unix  3      [ ]         STREAM     CONNECTED     18943  
unix  3      [ ]         STREAM     CONNECTED     18941  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18940  
unix  3      [ ]         STREAM     CONNECTED     18942  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  3      [ ]         STREAM     CONNECTED     18939  
unix  3      [ ]         STREAM     CONNECTED     18938  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18937  
unix  3      [ ]         STREAM     CONNECTED     18935  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18934  
unix  3      [ ]         STREAM     CONNECTED     18899  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18898  
unix  3      [ ]         STREAM     CONNECTED     18893  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18892  
unix  3      [ ]         STREAM     CONNECTED     18542  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18541  
unix  3      [ ]         STREAM     CONNECTED     18540  /tmp/orbit-gdm/linc-c3c-0-5553e3d1beef3
unix  3      [ ]         STREAM     CONNECTED     18539  
unix  3      [ ]         STREAM     CONNECTED     18535  /tmp/orbit-gdm/linc-c3f-0-4b2142eabecdf
unix  3      [ ]         STREAM     CONNECTED     18534  
unix  3      [ ]         STREAM     CONNECTED     18533  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18531  
unix  3      [ ]         STREAM     CONNECTED     18495  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18494  
unix  3      [ ]         STREAM     CONNECTED     18488  /tmp/orbit-gdm/linc-c3d-0-78f687ce7bab2
unix  3      [ ]         STREAM     CONNECTED     18487  
unix  3      [ ]         STREAM     CONNECTED     18484  /tmp/orbit-gdm/linc-c2a-0-aa091324ec84
unix  3      [ ]         STREAM     CONNECTED     18483  
unix  3      [ ]         STREAM     CONNECTED     18479  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18478  
unix  3      [ ]         STREAM     CONNECTED     18474  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18473  
unix  3      [ ]         STREAM     CONNECTED     18392  /tmp/orbit-gdm/linc-c22-0-67c25e2555426
unix  3      [ ]         STREAM     CONNECTED     18391  
unix  3      [ ]         STREAM     CONNECTED     18388  /tmp/orbit-gdm/linc-c2a-0-aa091324ec84
unix  3      [ ]         STREAM     CONNECTED     18387  
unix  3      [ ]         STREAM     CONNECTED     18382  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18381  
unix  3      [ ]         STREAM     CONNECTED     18316  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18315  
unix  3      [ ]         STREAM     CONNECTED     18275  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18274  
unix  3      [ ]         STREAM     CONNECTED     18268  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18267  
unix  3      [ ]         STREAM     CONNECTED     18256  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18255  
unix  3      [ ]         STREAM     CONNECTED     18227  @/tmp/dbus-fR6ZGuWtwx
unix  3      [ ]         STREAM     CONNECTED     18226  
unix  3      [ ]         STREAM     CONNECTED     18222  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18221  
unix  3      [ ]         STREAM     CONNECTED     18194  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18193  
unix  3      [ ]         STREAM     CONNECTED     18192  
unix  3      [ ]         STREAM     CONNECTED     18191  
unix  3      [ ]         STREAM     CONNECTED     18166  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     18165  
unix  3      [ ]         STREAM     CONNECTED     18089  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18088  
unix  3      [ ]         STREAM     CONNECTED     18063  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18062  
unix  3      [ ]         STREAM     CONNECTED     18049  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18048  
unix  3      [ ]         STREAM     CONNECTED     17991  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     17983  
unix  3      [ ]         STREAM     CONNECTED     17984  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     17982  
unix  3      [ ]         STREAM     CONNECTED     17916  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     17915  
unix  3      [ ]         STREAM     CONNECTED     17840  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     17839  
unix  3      [ ]         STREAM     CONNECTED     16797  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     16796  
unix  2      [ ]         DGRAM                    16494  
unix  3      [ ]         STREAM     CONNECTED     16466  
unix  3      [ ]         STREAM     CONNECTED     16465  
unix  3      [ ]         STREAM     CONNECTED     16464  
unix  3      [ ]         STREAM     CONNECTED     16463  
unix  3      [ ]         STREAM     CONNECTED     16462  
unix  3      [ ]         STREAM     CONNECTED     16461  
unix  3      [ ]         STREAM     CONNECTED     16460  
unix  3      [ ]         STREAM     CONNECTED     16459  
unix  3      [ ]         STREAM     CONNECTED     16456  
unix  3      [ ]         STREAM     CONNECTED     16455  
unix  3      [ ]         STREAM     CONNECTED     16454  
unix  3      [ ]         STREAM     CONNECTED     16453  
unix  3      [ ]         STREAM     CONNECTED     16452  
unix  3      [ ]         STREAM     CONNECTED     16451  
unix  3      [ ]         STREAM     CONNECTED     16450  
unix  3      [ ]         STREAM     CONNECTED     16449  
unix  2      [ ]         DGRAM                    16395  
unix  2      [ ]         DGRAM                    16268  
unix  3      [ ]         STREAM     CONNECTED     16250  
unix  3      [ ]         STREAM     CONNECTED     16249  
unix  3      [ ]         STREAM     CONNECTED     16246  
unix  3      [ ]         STREAM     CONNECTED     16245  
unix  3      [ ]         STREAM     CONNECTED     16242  
unix  3      [ ]         STREAM     CONNECTED     16241  
unix  3      [ ]         STREAM     CONNECTED     16238  
unix  3      [ ]         STREAM     CONNECTED     16237  
unix  3      [ ]         STREAM     CONNECTED     16234  
unix  3      [ ]         STREAM     CONNECTED     16233  
unix  3      [ ]         STREAM     CONNECTED     16230  
unix  3      [ ]         STREAM     CONNECTED     16229  
unix  3      [ ]         STREAM     CONNECTED     16226  
unix  3      [ ]         STREAM     CONNECTED     16225  
unix  3      [ ]         STREAM     CONNECTED     16222  
unix  3      [ ]         STREAM     CONNECTED     16221  
unix  3      [ ]         STREAM     CONNECTED     16218  
unix  3      [ ]         STREAM     CONNECTED     16217  
unix  3      [ ]         STREAM     CONNECTED     16214  
unix  3      [ ]         STREAM     CONNECTED     16213  
unix  3      [ ]         STREAM     CONNECTED     16210  
unix  3      [ ]         STREAM     CONNECTED     16209  
unix  3      [ ]         STREAM     CONNECTED     16204  
unix  3      [ ]         STREAM     CONNECTED     16203  
unix  3      [ ]         STREAM     CONNECTED     16200  
unix  3      [ ]         STREAM     CONNECTED     16199  
unix  3      [ ]         STREAM     CONNECTED     16196  
unix  3      [ ]         STREAM     CONNECTED     16195  
unix  3      [ ]         STREAM     CONNECTED     16192  
unix  3      [ ]         STREAM     CONNECTED     16191  
unix  3      [ ]         STREAM     CONNECTED     16188  
unix  3      [ ]         STREAM     CONNECTED     16187  
unix  3      [ ]         STREAM     CONNECTED     16181  
unix  3      [ ]         STREAM     CONNECTED     16180  
unix  3      [ ]         STREAM     CONNECTED     16177  
unix  3      [ ]         STREAM     CONNECTED     16176  
unix  3      [ ]         STREAM     CONNECTED     16173  
unix  3      [ ]         STREAM     CONNECTED     16172  
unix  3      [ ]         STREAM     CONNECTED     16169  
unix  3      [ ]         STREAM     CONNECTED     16168  
unix  3      [ ]         STREAM     CONNECTED     16165  
unix  3      [ ]         STREAM     CONNECTED     16164  
unix  3      [ ]         STREAM     CONNECTED     16162  
unix  3      [ ]         STREAM     CONNECTED     16161  
unix  3      [ ]         STREAM     CONNECTED     16158  
unix  3      [ ]         STREAM     CONNECTED     16157  
unix  3      [ ]         STREAM     CONNECTED     16155  
unix  3      [ ]         STREAM     CONNECTED     16154  
unix  2      [ ]         DGRAM                    16118  
unix  2      [ ]         DGRAM                    15910  
unix  2      [ ]         DGRAM                    15757  
unix  3      [ ]         STREAM     CONNECTED     15664  /var/run/acpid.socket
unix  3      [ ]         STREAM     CONNECTED     15663  
unix  3      [ ]         STREAM     CONNECTED     15658  @/var/run/hald/dbus-F6TldDBbM9
unix  3      [ ]         STREAM     CONNECTED     15646  
unix  3      [ ]         STREAM     CONNECTED     15645  @/var/run/hald/dbus-F6TldDBbM9
unix  3      [ ]         STREAM     CONNECTED     15635  
unix  3      [ ]         STREAM     CONNECTED     15425  @/var/run/hald/dbus-R72qdiAGVD
unix  3      [ ]         STREAM     CONNECTED     15424  
unix  3      [ ]         STREAM     CONNECTED     15400  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     15399  
unix  2      [ ]         DGRAM                    15365  
unix  3      [ ]         STREAM     CONNECTED     15180  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     15179  
unix  2      [ ]         DGRAM                    14921  
unix  3      [ ]         STREAM     CONNECTED     14894  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     14893  
unix  2      [ ]         DGRAM                    14892  
unix  3      [ ]         STREAM     CONNECTED     14832  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     14828  
unix  3      [ ]         STREAM     CONNECTED     14820  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     14819  
unix  2      [ ]         DGRAM                    14813  
unix  3      [ ]         STREAM     CONNECTED     14789  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     14788  
unix  3      [ ]         STREAM     CONNECTED     14784  
unix  3      [ ]         STREAM     CONNECTED     14783  
unix  3      [ ]         DGRAM                    11104  
unix  3      [ ]         DGRAM                    11103  
[/usr/local/tomcat/tomcat7/webapps/ROOT/]$
修复方案：

加强安全意识
版权声明：转载请注明来源朱元璋@乌云

漏洞回应

厂商回应：

危害等级：高
漏洞Rank：12
确认时间：2015-11-19 14:07
厂商回复：

CNVD确认所述漏洞情况，暂未建立与网站管理单位的直接处置渠道，待认领。
WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0152248

漏洞标题：悠悠网校官网服务配置不当getshell

相关厂商：悠悠网校

漏洞作者：朱元璋

提交时间：2015-11-08 16:36

修复时间：2016-01-11 15:32

公开时间：2016-01-11 15:32

漏洞类型：系统/服务补丁不及时

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源朱元璋@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评价

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0152248

漏洞标题：悠悠网校官网服务配置不当getshell

相关厂商：悠悠网校

漏洞作者： 朱元璋

提交时间：2015-11-08 16:36

修复时间：2016-01-11 15:32

公开时间：2016-01-11 15:32

漏洞类型：系统/服务补丁不及时

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0152248"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 朱元璋@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评价

漏洞概要关注数(24) 关注此漏洞

漏洞作者：朱元璋

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源朱元璋@乌云
