电商平台畅销网官网服务器getshell | wooyun-2015-0160874| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0160874

漏洞标题：电商平台畅销网官网服务器getshell

漏洞作者：朱元璋

提交时间：2015-12-18 11:42

修复时间：2016-02-01 19:48

公开时间：2016-02-01 19:48

漏洞类型：系统/服务补丁不及时

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-12-18：细节已通知厂商并且等待厂商处理中
2015-12-22：厂商已经确认，细节仅向厂商公开
2016-01-01：细节向核心白帽子及相关领域专家公开
2016-01-11：细节向普通白帽子公开
2016-01-21：细节向实习白帽子公开
2016-02-01：细节向公众公开
简要描述：

详细说明：

链接地址http://**.**.**.**/ForgetPwd.action存在命令执行漏洞
直接上传木马到服务器
漏洞证明：

　
[/home/tour/project/war/shop/shop1/]$ whoami
root
[/home/tour/project/war/shop/shop1/]$ chkconfig --list
NetworkManager 	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
abrt-ccpp      	0:关闭	1:关闭	2:关闭	3:启用	4:关闭	5:启用	6:关闭
abrtd          	0:关闭	1:关闭	2:关闭	3:启用	4:关闭	5:启用	6:关闭
acpid          	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
atd            	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
auditd         	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
autofs         	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
blk-availability	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
certmonger     	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
cpuspeed       	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
crond          	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
cups           	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
dnsmasq        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
firstboot      	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
haldaemon      	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
htcacheclean   	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
httpd          	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
ip6tables      	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
iptables       	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
irqbalance     	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
jexec          	0:启用	1:启用	2:启用	3:启用	4:启用	5:启用	6:启用
kdump          	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
lvm2-monitor   	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
mdmonitor      	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
messagebus     	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
netconsole     	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
netfs          	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
network        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
nfs            	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
nfslock        	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
ntpd           	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
ntpdate        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
oddjobd        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
portreserve    	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
postfix        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
psacct         	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
quota_nld      	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rdisc          	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
restorecond    	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rngd           	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rpcbind        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
rpcgssd        	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
rpcidmapd      	0:关闭	1:关闭	2:关闭	3:启用	4:启用	5:启用	6:关闭
rpcsvcgssd     	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
rsyslog        	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
saslauthd      	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
smartd         	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
spice-vdagentd 	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:启用	6:关闭
sshd           	0:关闭	1:关闭	2:启用	3:启用	4:启用	5:启用	6:关闭
sssd           	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
sysstat        	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
tomcat6        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
udev-post      	0:关闭	1:启用	2:启用	3:启用	4:启用	5:启用	6:关闭
wdaemon        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
winbind        	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
wpa_supplicant 	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
ypbind         	0:关闭	1:关闭	2:关闭	3:关闭	4:关闭	5:关闭	6:关闭
[/home/tour/project/war/shop/shop1/]$ cat /etc/shadow
root:$6$KSDQEYVX$oK8JDqlqvL.ciz1jm7korMdKRVTK7D5xQoeHjt0Z0aLZbgsgcmjVA3CordbklWGqohoAhQFpeIb5Eow1oY7AZ1:16756:0:99999:7:::
bin:*:15628:0:99999:7:::
daemon:*:15628:0:99999:7:::
adm:*:15628:0:99999:7:::
lp:*:15628:0:99999:7:::
sync:*:15628:0:99999:7:::
shutdown:*:15628:0:99999:7:::
halt:*:15628:0:99999:7:::
mail:*:15628:0:99999:7:::
uucp:*:15628:0:99999:7:::
operator:*:15628:0:99999:7:::
games:*:15628:0:99999:7:::
gopher:*:15628:0:99999:7:::
ftp:*:15628:0:99999:7:::
nobody:*:15628:0:99999:7:::
dbus:!!:16754::::::
vcsa:!!:16754::::::
rpc:!!:16754:0:99999:7:::
rtkit:!!:16754::::::
avahi-autoipd:!!:16754::::::
abrt:!!:16754::::::
apache:!!:16754::::::
rpcuser:!!:16754::::::
nfsnobody:!!:16754::::::
haldaemon:!!:16754::::::
gdm:!!:16754::::::
ntp:!!:16754::::::
saslauth:!!:16754::::::
postfix:!!:16754::::::
pulse:!!:16754::::::
tomcat:!!:16754::::::
webalizer:!!:16754::::::
sshd:!!:16754::::::
tcpdump:!!:16754::::::
oprofile:!!:16754::::::
[/home/tour/project/war/shop/shop1/]$ ifconfig
em1       Link encap:Ethernet  HWaddr B0:83:FE:DA:6A:F7  
          inet addr:**.**.**.**  Bcast:**.**.**.**55  Mask:**.**.**.**
          inet6 addr: fe80::b283:feff:feda:6af7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:38061374 errors:0 dropped:0 overruns:0 frame:0
          TX packets:56788154 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:13885713826 (12.9 GiB)  TX bytes:65867337423 (61.3 GiB)
          Interrupt:35 
em2       Link encap:Ethernet  HWaddr B0:83:FE:DA:6A:F8  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:38 
em3       Link encap:Ethernet  HWaddr B0:83:FE:DA:6A:F9  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:34 
em4       Link encap:Ethernet  HWaddr B0:83:FE:DA:6A:FA  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:36 
lo        Link encap:Local Loopback  
          inet addr:**.**.**.**  Mask:**.**.**.**
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2898786 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2898786 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:144947134 (138.2 MiB)  TX bytes:144947134 (138.2 MiB)
[/home/tour/project/war/shop/shop1/]$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver **.**.**.**
[/home/tour/project/war/shop/shop1/]$ bash prompt:
bash: prompt:: 没有那个文件或目录
[/home/tour/project/war/shop/shop1/]$ lsb_release -a
LSB Version:	:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID:	CentOS
Description:	CentOS release 6.4 (Final)
Release:	6.4
Codename:	Final
[/home/tour/project/war/shop/shop1/]$ arp -a
? (**.**.**.**) at fc:e3:3c:a9:02:ab [ether] on em1
[/home/tour/project/war/shop/shop1/]$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
**.**.**.**      *               **.**.**.**   U     1      0        0 em1
default         **.**.**.**      **.**.**.**         UG    0      0        0 em1
[/home/tour/project/war/shop/shop1/]$ netstat -ano
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       Timer
tcp        0      0 **.**.**.**:111                 **.**.**.**:*                   LISTEN      off (0.00/0/0)
tcp        0      0 **.**.**.**:22                  **.**.**.**:*                   LISTEN      off (0.00/0/0)
tcp        0      0 **.**.**.**:631               **.**.**.**:*                   LISTEN      off (0.00/0/0)
tcp        0      0 **.**.**.**:25                **.**.**.**:*                   LISTEN      off (0.00/0/0)
tcp        0      0 **.**.**.**:37159               **.**.**.**:*                   LISTEN      off (0.00/0/0)
tcp        1      0 **.**.**.**:42127            **.**.**.**:80               CLOSE_WAIT  off (0.00/0/0)
tcp        0      0 **.**.**.**:50051            **.**.**.**:59001        ESTABLISHED keepalive (14.48/0/0)
tcp        0      0 :::111                      :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::8080                     :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::42420                    :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::22                       :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 ::1:631                     :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 ::1:25                      :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:8005       :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::8009                     :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40548     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:52378     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40476     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40567     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40515     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40584     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:8080      ::ffff:**.**.**.**:17076 ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40502     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40622     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40543     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:50412     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:44799     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40658     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:8080      ::ffff:**.**.**.**:13314 ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40600     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40675     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40641     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40669     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40595     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:54705     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
tcp        0      0 ::ffff:**.**.**.**:40510     ::ffff:**.**.**.**:1521      ESTABLISHED off (0.00/0/0)
udp        0      0 **.**.**.**:111                 **.**.**.**:*                               off (0.00/0/0)
udp        0      0 **.**.**.**:625                 **.**.**.**:*                               off (0.00/0/0)
udp        0      0 **.**.**.**:631                 **.**.**.**:*                               off (0.00/0/0)
udp        0      0 **.**.**.**:942                 **.**.**.**:*                               off (0.00/0/0)
udp        0      0 **.**.**.**:37976               **.**.**.**:*                               off (0.00/0/0)
udp        0      0 :::111                      :::*                                    off (0.00/0/0)
udp        0      0 :::942                      :::*                                    off (0.00/0/0)
udp        0      0 :::35285                    :::*                                    off (0.00/0/0)
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     30100  /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     15491  /var/run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     69206  /tmp/.ICE-unix/7835
unix  2      [ ACC ]     STREAM     LISTENING     69229  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  2      [ ACC ]     STREAM     LISTENING     18377  /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     69392  /tmp/orbit-root/linc-1e9b-0-34b56bed1469c
unix  2      [ ACC ]     STREAM     LISTENING     69529  /tmp/orbit-root/linc-1e92-0-1d96abf22b73c
unix  2      [ ACC ]     STREAM     LISTENING     69540  /tmp/orbit-root/linc-1ee6-0-4c672f612bf5d
unix  17     [ ]         DGRAM                    15130  /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     69743  /tmp/orbit-root/linc-1ef7-0-33a39e36bb228
unix  2      [ ACC ]     STREAM     LISTENING     69788  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  2      [ ACC ]     STREAM     LISTENING     69873  /tmp/orbit-root/linc-1efc-0-690194aed28fd
unix  2      [ ACC ]     STREAM     LISTENING     71824  /tmp/orbit-root/linc-2019-0-3b20225ae326a
unix  2      [ ACC ]     STREAM     LISTENING     19024  /var/run/cups/cups.sock
unix  2      [ ACC ]     STREAM     LISTENING     69984  /tmp/orbit-root/linc-1f02-0-5e537223d792e
unix  2      [ ACC ]     STREAM     LISTENING     69988  /tmp/orbit-root/linc-1f04-0-e54951cd79d4
unix  2      [ ACC ]     STREAM     LISTENING     19102  /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     70211  /tmp/orbit-root/linc-1f11-0-5b6f580f15e1
unix  2      [ ACC ]     STREAM     LISTENING     70221  /tmp/orbit-root/linc-1f12-0-7b9d3a91f1ac0
unix  2      [ ACC ]     STREAM     LISTENING     70241  /tmp/orbit-root/linc-1f13-0-362673d3f33c6
unix  2      [ ACC ]     STREAM     LISTENING     70913  /tmp/orbit-root/linc-1efa-0-298bc78ceacb2
unix  2      [ ACC ]     STREAM     LISTENING     71032  /tmp/orbit-root/linc-1f22-0-262eba262e18
unix  2      [ ACC ]     STREAM     LISTENING     70954  /tmp/.esd-0/socket
unix  2      [ ACC ]     STREAM     LISTENING     70957  /root/.pulse/59c21159656d0dba57e8bf150000001a-runtime/native
unix  2      [ ACC ]     STREAM     LISTENING     71248  /tmp/orbit-root/linc-1fe7-0-b0c39e82f35a
unix  2      [ ACC ]     STREAM     LISTENING     71256  @/tmp/dbus-HCDyej8bRR
unix  2      [ ACC ]     STREAM     LISTENING     70997  /tmp/orbit-root/linc-1f5a-0-28dd5f27f35ee
unix  2      [ ACC ]     STREAM     LISTENING     10796  @/com/ubuntu/upstart
unix  2      [ ACC ]     STREAM     LISTENING     71111  /tmp/orbit-root/linc-1f1f-0-1e9e11029e8b
unix  2      [ ACC ]     STREAM     LISTENING     71117  /tmp/orbit-root/linc-1f1e-0-687969e7a2cd
unix  2      [ ACC ]     STREAM     LISTENING     71321  /tmp/orbit-root/linc-1fe8-0-3537e58632ea3
unix  2      [ ACC ]     STREAM     LISTENING     19859  public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     19866  private/tlsmgr
unix  2      [ ACC ]     STREAM     LISTENING     19870  private/rewrite
unix  2      [ ACC ]     STREAM     LISTENING     19874  private/bounce
unix  2      [ ACC ]     STREAM     LISTENING     19878  private/defer
unix  2      [ ACC ]     STREAM     LISTENING     19882  private/trace
unix  2      [ ACC ]     STREAM     LISTENING     19886  private/verify
unix  2      [ ACC ]     STREAM     LISTENING     19890  public/flush
unix  2      [ ACC ]     STREAM     LISTENING     19894  private/proxymap
unix  2      [ ACC ]     STREAM     LISTENING     19898  private/proxywrite
unix  2      [ ACC ]     STREAM     LISTENING     19902  private/smtp
unix  2      [ ACC ]     STREAM     LISTENING     19906  private/relay
unix  2      [ ACC ]     STREAM     LISTENING     19910  public/showq
unix  2      [ ACC ]     STREAM     LISTENING     19914  private/error
unix  2      [ ACC ]     STREAM     LISTENING     19138  @/var/run/hald/dbus-53ECzzMgrX
unix  2      [ ACC ]     STREAM     LISTENING     19918  private/retry
unix  2      [ ACC ]     STREAM     LISTENING     19922  private/discard
unix  2      [ ACC ]     STREAM     LISTENING     19926  private/local
unix  2      [ ACC ]     STREAM     LISTENING     19930  private/virtual
unix  2      [ ACC ]     STREAM     LISTENING     19934  private/lmtp
unix  2      [ ACC ]     STREAM     LISTENING     68737  @/tmp/gdm-session-xyabaDVE
unix  2      [ ACC ]     STREAM     LISTENING     19938  private/anvil
unix  2      [ ACC ]     STREAM     LISTENING     19942  private/scache
unix  2      [ ACC ]     STREAM     LISTENING     20024  /var/run/abrt/abrt.socket
unix  2      [ ACC ]     STREAM     LISTENING     30099  @/tmp/.X11-unix/X0
unix  2      [ ]         DGRAM                    11008  @/org/kernel/udev/udevd
unix  2      [ ]         DGRAM                    19179  @/org/freedesktop/hal/udev_event
unix  2      [ ACC ]     STREAM     LISTENING     30186  @/tmp/gdm-greeter-eVWPZppw
unix  2      [ ACC ]     STREAM     LISTENING     19145  @/var/run/hald/dbus-VKiUt0atap
unix  2      [ ACC ]     STREAM     LISTENING     69110  @/tmp/dbus-61jGFFx6LX
unix  2      [ ACC ]     STREAM     LISTENING     68849  /tmp/keyring-wEoNNM/socket
unix  2      [ ACC ]     STREAM     LISTENING     69534  /tmp/keyring-wEoNNM/socket.ssh
unix  2      [ ACC ]     STREAM     LISTENING     69544  /tmp/keyring-wEoNNM/socket.pkcs11
unix  2      [ ACC ]     STREAM     LISTENING     69205  @/tmp/.ICE-unix/7835
unix  2      [ ACC ]     STREAM     LISTENING     91902  /tmp/orbit-root/linc-820e-0-14e3b425171ca
unix  2      [ ]         DGRAM                    2146511 
unix  2      [ ]         STREAM     CONNECTED     2030285 
unix  3      [ ]         STREAM     CONNECTED     107467 /root/.pulse/59c21159656d0dba57e8bf150000001a-runtime/native
unix  3      [ ]         STREAM     CONNECTED     107466 
unix  3      [ ]         STREAM     CONNECTED     91954  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     91953  
unix  3      [ ]         STREAM     CONNECTED     91913  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     91912  
unix  3      [ ]         STREAM     CONNECTED     91907  /tmp/orbit-root/linc-820e-0-14e3b425171ca
unix  3      [ ]         STREAM     CONNECTED     91905  
unix  3      [ ]         STREAM     CONNECTED     91901  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     91900  
unix  3      [ ]         STREAM     CONNECTED     91897  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     91896  
unix  3      [ ]         STREAM     CONNECTED     91893  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     91892  
unix  3      [ ]         STREAM     CONNECTED     71835  
unix  3      [ ]         STREAM     CONNECTED     71834  
unix  3      [ ]         STREAM     CONNECTED     71833  @/tmp/dbus-HCDyej8bRR
unix  3      [ ]         STREAM     CONNECTED     71832  
unix  3      [ ]         STREAM     CONNECTED     71829  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71828  
unix  3      [ ]         STREAM     CONNECTED     71827  /tmp/orbit-root/linc-2019-0-3b20225ae326a
unix  3      [ ]         STREAM     CONNECTED     71826  
unix  3      [ ]         STREAM     CONNECTED     71823  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     71822  
unix  3      [ ]         STREAM     CONNECTED     71819  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71818  
unix  3      [ ]         STREAM     CONNECTED     71817  @/tmp/.ICE-unix/7835
unix  3      [ ]         STREAM     CONNECTED     71816  
unix  3      [ ]         STREAM     CONNECTED     71813  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     71811  
unix  3      [ ]         STREAM     CONNECTED     71807  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71806  
unix  3      [ ]         STREAM     CONNECTED     71447  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71446  
unix  3      [ ]         STREAM     CONNECTED     71445  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71444  
unix  3      [ ]         STREAM     CONNECTED     71428  @/tmp/dbus-HCDyej8bRR
unix  3      [ ]         STREAM     CONNECTED     71427  
unix  3      [ ]         STREAM     CONNECTED     71426  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71425  
unix  3      [ ]         STREAM     CONNECTED     71424  @/tmp/dbus-HCDyej8bRR
unix  3      [ ]         STREAM     CONNECTED     71423  
unix  3      [ ]         STREAM     CONNECTED     71421  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71420  
unix  3      [ ]         STREAM     CONNECTED     71419  @/tmp/.ICE-unix/7835
unix  3      [ ]         STREAM     CONNECTED     71418  
unix  3      [ ]         STREAM     CONNECTED     71400  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71399  
unix  3      [ ]         STREAM     CONNECTED     71386  /root/.pulse/59c21159656d0dba57e8bf150000001a-runtime/native
unix  3      [ ]         STREAM     CONNECTED     71385  
unix  3      [ ]         STREAM     CONNECTED     71376  @/dbus-vfs-daemon/socket-fdwhOAr5
unix  3      [ ]         STREAM     CONNECTED     71374  
unix  3      [ ]         STREAM     CONNECTED     71375  @/dbus-vfs-daemon/socket-ofao60bi
unix  3      [ ]         STREAM     CONNECTED     71373  
unix  3      [ ]         STREAM     CONNECTED     71372  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71371  
unix  3      [ ]         STREAM     CONNECTED     71370  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71369  
unix  3      [ ]         STREAM     CONNECTED     71364  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71363  
unix  3      [ ]         STREAM     CONNECTED     71362  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71361  
unix  3      [ ]         STREAM     CONNECTED     71357  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     71348  
unix  3      [ ]         STREAM     CONNECTED     71344  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71343  
unix  3      [ ]         STREAM     CONNECTED     71342  @/tmp/dbus-HCDyej8bRR
unix  3      [ ]         STREAM     CONNECTED     71341  
unix  3      [ ]         STREAM     CONNECTED     71324  /tmp/orbit-root/linc-1fe8-0-3537e58632ea3
unix  3      [ ]         STREAM     CONNECTED     71323  
unix  3      [ ]         STREAM     CONNECTED     71355  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     71320  
unix  3      [ ]         STREAM     CONNECTED     71319  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     71318  
unix  3      [ ]         STREAM     CONNECTED     71312  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71311  
unix  3      [ ]         STREAM     CONNECTED     71309  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71308  
unix  3      [ ]         STREAM     CONNECTED     71305  @/tmp/dbus-HCDyej8bRR
unix  3      [ ]         STREAM     CONNECTED     71304  
unix  3      [ ]         STREAM     CONNECTED     71251  /tmp/orbit-root/linc-1fe7-0-b0c39e82f35a
unix  3      [ ]         STREAM     CONNECTED     71250  
unix  3      [ ]         STREAM     CONNECTED     71247  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     71246  
unix  3      [ ]         STREAM     CONNECTED     71238  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71237  
unix  3      [ ]         STREAM     CONNECTED     71121  /tmp/orbit-root/linc-1f1e-0-687969e7a2cd
unix  3      [ ]         STREAM     CONNECTED     71120  
unix  3      [ ]         STREAM     CONNECTED     71116  /tmp/orbit-root/linc-1f1f-0-1e9e11029e8b
unix  3      [ ]         STREAM     CONNECTED     71115  
unix  3      [ ]         STREAM     CONNECTED     71114  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     71107  
unix  3      [ ]         STREAM     CONNECTED     71102  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     71101  
unix  3      [ ]         STREAM     CONNECTED     71095  @/dbus-vfs-daemon/socket-Bwaxf6m0
unix  3      [ ]         STREAM     CONNECTED     71093  
unix  3      [ ]         STREAM     CONNECTED     71094  @/dbus-vfs-daemon/socket-FZCmjGeJ
unix  3      [ ]         STREAM     CONNECTED     71092  
unix  3      [ ]         STREAM     CONNECTED     71084  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71083  
unix  3      [ ]         STREAM     CONNECTED     71071  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71070  
unix  3      [ ]         STREAM     CONNECTED     71066  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     71065  
unix  3      [ ]         STREAM     CONNECTED     71060  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71056  
unix  3      [ ]         STREAM     CONNECTED     71054  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71053  
unix  3      [ ]         STREAM     CONNECTED     71046  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71041  
unix  3      [ ]         STREAM     CONNECTED     71039  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71043  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71037  
unix  3      [ ]         STREAM     CONNECTED     71036  
unix  3      [ ]         STREAM     CONNECTED     71035  /tmp/orbit-root/linc-1f22-0-262eba262e18
unix  3      [ ]         STREAM     CONNECTED     71034  
unix  3      [ ]         STREAM     CONNECTED     71030  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71028  
unix  3      [ ]         STREAM     CONNECTED     71029  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     71027  
unix  3      [ ]         STREAM     CONNECTED     71026  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71025  
unix  3      [ ]         STREAM     CONNECTED     71024  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71020  
unix  3      [ ]         STREAM     CONNECTED     71015  /root/.pulse/59c21159656d0dba57e8bf150000001a-runtime/native
unix  3      [ ]         STREAM     CONNECTED     71014  
unix  3      [ ]         STREAM     CONNECTED     71016  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71013  
unix  3      [ ]         STREAM     CONNECTED     71011  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     71009  
unix  3      [ ]         STREAM     CONNECTED     71004  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     71003  
unix  3      [ ]         STREAM     CONNECTED     71000  /tmp/orbit-root/linc-1f5a-0-28dd5f27f35ee
unix  3      [ ]         STREAM     CONNECTED     70999  
unix  3      [ ]         STREAM     CONNECTED     70996  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     70995  
unix  3      [ ]         STREAM     CONNECTED     70986  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70985  
unix  3      [ ]         STREAM     CONNECTED     70940  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70939  
unix  3      [ ]         STREAM     CONNECTED     70919  /tmp/orbit-root/linc-1efa-0-298bc78ceacb2
unix  3      [ ]         STREAM     CONNECTED     70918  
unix  3      [ ]         STREAM     CONNECTED     70911  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     70909  
unix  3      [ ]         STREAM     CONNECTED     70906  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70905  
unix  3      [ ]         STREAM     CONNECTED     70901  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70836  
unix  3      [ ]         STREAM     CONNECTED     70835  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70834  
unix  3      [ ]         STREAM     CONNECTED     70899  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70830  
unix  3      [ ]         STREAM     CONNECTED     70897  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70813  
unix  3      [ ]         STREAM     CONNECTED     70808  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70807  
unix  3      [ ]         STREAM     CONNECTED     70895  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70646  
unix  3      [ ]         STREAM     CONNECTED     70641  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70600  
unix  3      [ ]         STREAM     CONNECTED     70639  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70567  
unix  3      [ ]         STREAM     CONNECTED     70635  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70530  
unix  3      [ ]         STREAM     CONNECTED     70325  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  3      [ ]         STREAM     CONNECTED     70297  
unix  3      [ ]         STREAM     CONNECTED     70291  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70290  
unix  3      [ ]         STREAM     CONNECTED     70275  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     70274  
unix  3      [ ]         STREAM     CONNECTED     70273  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  3      [ ]         STREAM     CONNECTED     70272  
unix  3      [ ]         STREAM     CONNECTED     70262  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     70261  
unix  3      [ ]         STREAM     CONNECTED     70260  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70259  
unix  3      [ ]         STREAM     CONNECTED     70258  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  3      [ ]         STREAM     CONNECTED     70257  
unix  3      [ ]         STREAM     CONNECTED     70256  /tmp/orbit-root/linc-1f13-0-362673d3f33c6
unix  3      [ ]         STREAM     CONNECTED     70255  
unix  3      [ ]         STREAM     CONNECTED     70254  /tmp/orbit-root/linc-1f12-0-7b9d3a91f1ac0
unix  3      [ ]         STREAM     CONNECTED     70253  
unix  3      [ ]         STREAM     CONNECTED     70252  /tmp/orbit-root/linc-1f11-0-5b6f580f15e1
unix  3      [ ]         STREAM     CONNECTED     70251  
unix  3      [ ]         STREAM     CONNECTED     70250  /tmp/orbit-root/linc-1f13-0-362673d3f33c6
unix  3      [ ]         STREAM     CONNECTED     70249  
unix  3      [ ]         STREAM     CONNECTED     70248  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     70247  
unix  3      [ ]         STREAM     CONNECTED     70246  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70245  
unix  3      [ ]         STREAM     CONNECTED     70244  /tmp/orbit-root/linc-1f13-0-362673d3f33c6
unix  3      [ ]         STREAM     CONNECTED     70243  
unix  3      [ ]         STREAM     CONNECTED     70240  /tmp/orbit-root/linc-1efc-0-690194aed28fd
unix  3      [ ]         STREAM     CONNECTED     70239  
unix  3      [ ]         STREAM     CONNECTED     70235  /tmp/orbit-root/linc-1f12-0-7b9d3a91f1ac0
unix  3      [ ]         STREAM     CONNECTED     70234  
unix  3      [ ]         STREAM     CONNECTED     70233  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     70232  
unix  3      [ ]         STREAM     CONNECTED     70231  /tmp/orbit-root/linc-1f11-0-5b6f580f15e1
unix  3      [ ]         STREAM     CONNECTED     70230  
unix  3      [ ]         STREAM     CONNECTED     70228  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70229  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     70227  
unix  3      [ ]         STREAM     CONNECTED     70226  
unix  3      [ ]         STREAM     CONNECTED     70225  /tmp/orbit-root/linc-1f12-0-7b9d3a91f1ac0
unix  3      [ ]         STREAM     CONNECTED     70224  
unix  3      [ ]         STREAM     CONNECTED     70223  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70220  
unix  3      [ ]         STREAM     CONNECTED     70219  /tmp/orbit-root/linc-1efc-0-690194aed28fd
unix  3      [ ]         STREAM     CONNECTED     70218  
unix  3      [ ]         STREAM     CONNECTED     70214  /tmp/orbit-root/linc-1f11-0-5b6f580f15e1
unix  3      [ ]         STREAM     CONNECTED     70213  
unix  3      [ ]         STREAM     CONNECTED     70210  /tmp/orbit-root/linc-1efc-0-690194aed28fd
unix  3      [ ]         STREAM     CONNECTED     70209  
unix  3      [ ]         STREAM     CONNECTED     70204  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70203  
unix  3      [ ]         STREAM     CONNECTED     70199  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70196  
unix  3      [ ]         STREAM     CONNECTED     70197  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     70195  
unix  3      [ ]         STREAM     CONNECTED     70061  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70060  
unix  3      [ ]         STREAM     CONNECTED     70059  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  3      [ ]         STREAM     CONNECTED     70058  
unix  3      [ ]         STREAM     CONNECTED     70057  /tmp/orbit-root/linc-1f04-0-e54951cd79d4
unix  3      [ ]         STREAM     CONNECTED     70056  
unix  3      [ ]         STREAM     CONNECTED     70055  @/dbus-vfs-daemon/socket-OtflgkGu
unix  3      [ ]         STREAM     CONNECTED     70053  
unix  3      [ ]         STREAM     CONNECTED     70054  @/dbus-vfs-daemon/socket-l34SA1rk
unix  3      [ ]         STREAM     CONNECTED     70052  
unix  3      [ ]         STREAM     CONNECTED     70049  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  3      [ ]         STREAM     CONNECTED     70048  
unix  3      [ ]         STREAM     CONNECTED     70045  @/dbus-vfs-daemon/socket-fxVrCm80
unix  3      [ ]         STREAM     CONNECTED     70043  
unix  3      [ ]         STREAM     CONNECTED     70044  @/dbus-vfs-daemon/socket-81Zil2P9
unix  3      [ ]         STREAM     CONNECTED     70042  
unix  3      [ ]         STREAM     CONNECTED     70039  /tmp/orbit-root/linc-1f02-0-5e537223d792e
unix  3      [ ]         STREAM     CONNECTED     70038  
unix  3      [ ]         STREAM     CONNECTED     70034  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70032  
unix  3      [ ]         STREAM     CONNECTED     70033  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70031  
unix  3      [ ]         STREAM     CONNECTED     70027  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70026  
unix  3      [ ]         STREAM     CONNECTED     70009  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70008  
unix  3      [ ]         STREAM     CONNECTED     70007  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     70006  
unix  3      [ ]         STREAM     CONNECTED     70005  /tmp/orbit-root/linc-1f02-0-5e537223d792e
unix  3      [ ]         STREAM     CONNECTED     70004  
unix  3      [ ]         STREAM     CONNECTED     70003  /tmp/orbit-root/linc-1f04-0-e54951cd79d4
unix  3      [ ]         STREAM     CONNECTED     70002  
unix  3      [ ]         STREAM     CONNECTED     70001  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     69999  
unix  3      [ ]         STREAM     CONNECTED     70000  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     69998  
unix  3      [ ]         STREAM     CONNECTED     69997  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69996  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69995  
unix  3      [ ]         STREAM     CONNECTED     69994  
unix  3      [ ]         STREAM     CONNECTED     69993  /tmp/orbit-root/linc-1f04-0-e54951cd79d4
unix  3      [ ]         STREAM     CONNECTED     69992  
unix  3      [ ]         STREAM     CONNECTED     69991  /tmp/orbit-root/linc-1f02-0-5e537223d792e
unix  3      [ ]         STREAM     CONNECTED     69990  
unix  3      [ ]         STREAM     CONNECTED     69987  /tmp/orbit-root/linc-1efc-0-690194aed28fd
unix  3      [ ]         STREAM     CONNECTED     69985  
unix  3      [ ]         STREAM     CONNECTED     69983  /tmp/orbit-root/linc-1efc-0-690194aed28fd
unix  3      [ ]         STREAM     CONNECTED     69982  
unix  3      [ ]         STREAM     CONNECTED     69975  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69974  
unix  3      [ ]         STREAM     CONNECTED     69972  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69971  
unix  3      [ ]         STREAM     CONNECTED     69967  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69966  
unix  3      [ ]         STREAM     CONNECTED     69963  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     69962  
unix  3      [ ]         STREAM     CONNECTED     69957  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69956  
unix  3      [ ]         STREAM     CONNECTED     69892  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69891  
unix  3      [ ]         STREAM     CONNECTED     69882  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  3      [ ]         STREAM     CONNECTED     69881  
unix  3      [ ]         STREAM     CONNECTED     69880  /tmp/orbit-root/linc-1efc-0-690194aed28fd
unix  3      [ ]         STREAM     CONNECTED     69878  
unix  3      [ ]         STREAM     CONNECTED     69876  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69875  
unix  3      [ ]         STREAM     CONNECTED     69872  @/tmp/.ICE-unix/7835
unix  3      [ ]         STREAM     CONNECTED     69871  
unix  3      [ ]         STREAM     CONNECTED     69868  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69867  
unix  3      [ ]         STREAM     CONNECTED     69798  @/tmp/.ICE-unix/7835
unix  3      [ ]         STREAM     CONNECTED     69797  
unix  3      [ ]         STREAM     CONNECTED     69794  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69793  
unix  3      [ ]         STREAM     CONNECTED     69791  /tmp/orbit-root/linc-1ef9-0-142b7babc1d0b
unix  3      [ ]         STREAM     CONNECTED     69790  
unix  3      [ ]         STREAM     CONNECTED     69787  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     69786  
unix  3      [ ]         STREAM     CONNECTED     69785  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69784  
unix  3      [ ]         STREAM     CONNECTED     69779  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69778  
unix  3      [ ]         STREAM     CONNECTED     69748  @/tmp/.ICE-unix/7835
unix  3      [ ]         STREAM     CONNECTED     69747  
unix  3      [ ]         STREAM     CONNECTED     69746  /tmp/orbit-root/linc-1ef7-0-33a39e36bb228
unix  3      [ ]         STREAM     CONNECTED     69745  
unix  3      [ ]         STREAM     CONNECTED     69742  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     69741  
unix  3      [ ]         STREAM     CONNECTED     69738  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69737  
unix  3      [ ]         STREAM     CONNECTED     69733  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     69732  
unix  3      [ ]         STREAM     CONNECTED     69730  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69729  
unix  3      [ ]         STREAM     CONNECTED     69728  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69727  
unix  3      [ ]         STREAM     CONNECTED     69686  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69685  
unix  3      [ ]         STREAM     CONNECTED     69674  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69673  
unix  3      [ ]         STREAM     CONNECTED     69641  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69640  
unix  3      [ ]         STREAM     CONNECTED     69635  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69634  
unix  3      [ ]         STREAM     CONNECTED     69543  /tmp/orbit-root/linc-1ee6-0-4c672f612bf5d
unix  3      [ ]         STREAM     CONNECTED     69542  
unix  3      [ ]         STREAM     CONNECTED     69539  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     69538  
unix  3      [ ]         STREAM     CONNECTED     69532  /tmp/orbit-root/linc-1e92-0-1d96abf22b73c
unix  3      [ ]         STREAM     CONNECTED     69531  
unix  3      [ ]         STREAM     CONNECTED     69528  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     69527  
unix  3      [ ]         STREAM     CONNECTED     69524  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69523  
unix  3      [ ]         STREAM     CONNECTED     69521  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69519  
unix  3      [ ]         STREAM     CONNECTED     69507  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69506  
unix  3      [ ]         STREAM     CONNECTED     69395  /tmp/orbit-root/linc-1e9b-0-34b56bed1469c
unix  3      [ ]         STREAM     CONNECTED     69394  
unix  3      [ ]         STREAM     CONNECTED     69391  /tmp/orbit-root/linc-1ee0-0-68762d0bec3d
unix  3      [ ]         STREAM     CONNECTED     69390  
unix  3      [ ]         STREAM     CONNECTED     69386  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     69385  
unix  3      [ ]         STREAM     CONNECTED     69232  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69231  
unix  3      [ ]         STREAM     CONNECTED     69217  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     69216  
unix  3      [ ]         STREAM     CONNECTED     69190  @/tmp/dbus-61jGFFx6LX
unix  3      [ ]         STREAM     CONNECTED     69189  
unix  3      [ ]         STREAM     CONNECTED     69185  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69184  
unix  3      [ ]         STREAM     CONNECTED     69122  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69121  
unix  3      [ ]         STREAM     CONNECTED     69120  
unix  3      [ ]         STREAM     CONNECTED     69119  
unix  3      [ ]         STREAM     CONNECTED     69093  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     69092  
unix  3      [ ]         STREAM     CONNECTED     68983  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     68982  
unix  2      [ ]         DGRAM                    68852  
unix  3      [ ]         STREAM     CONNECTED     68761  @/tmp/gdm-session-xyabaDVE
unix  3      [ ]         STREAM     CONNECTED     68760  
unix  3      [ ]         STREAM     CONNECTED     68756  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     68755  
unix  3      [ ]         STREAM     CONNECTED     68643  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     68642  
unix  3      [ ]         STREAM     CONNECTED     30280  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     30279  
unix  3      [ ]         STREAM     CONNECTED     30262  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     30261  
unix  3      [ ]         STREAM     CONNECTED     30138  @/tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     30130  
unix  3      [ ]         STREAM     CONNECTED     30131  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     30129  
unix  3      [ ]         STREAM     CONNECTED     30067  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     30066  
unix  2      [ ]         DGRAM                    25375  
unix  3      [ ]         STREAM     CONNECTED     23797  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     23796  
unix  3      [ ]         STREAM     CONNECTED     23769  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     23765  
unix  2      [ ]         DGRAM                    22504  
unix  3      [ ]         STREAM     CONNECTED     22490  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     22487  
unix  2      [ ]         DGRAM                    22486  
unix  3      [ ]         STREAM     CONNECTED     22483  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     22482  
unix  2      [ ]         DGRAM                    22028  
unix  3      [ ]         STREAM     CONNECTED     21736  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     21735  
unix  3      [ ]         STREAM     CONNECTED     21730  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     21729  
unix  3      [ ]         STREAM     CONNECTED     21557  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     21556  
unix  3      [ ]         STREAM     CONNECTED     21530  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     21529  
unix  3      [ ]         STREAM     CONNECTED     21347  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     21346  
unix  3      [ ]         STREAM     CONNECTED     20458  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     20457  
unix  2      [ ]         DGRAM                    20054  
unix  2      [ ]         DGRAM                    20026  
unix  2      [ ]         DGRAM                    19972  
unix  3      [ ]         STREAM     CONNECTED     19945  
unix  3      [ ]         STREAM     CONNECTED     19944  
unix  3      [ ]         STREAM     CONNECTED     19941  
unix  3      [ ]         STREAM     CONNECTED     19940  
unix  3      [ ]         STREAM     CONNECTED     19937  
unix  3      [ ]         STREAM     CONNECTED     19936  
unix  3      [ ]         STREAM     CONNECTED     19933  
unix  3      [ ]         STREAM     CONNECTED     19932  
unix  3      [ ]         STREAM     CONNECTED     19929  
unix  3      [ ]         STREAM     CONNECTED     19928  
unix  3      [ ]         STREAM     CONNECTED     19925  
unix  3      [ ]         STREAM     CONNECTED     19924  
unix  3      [ ]         STREAM     CONNECTED     19921  
unix  3      [ ]         STREAM     CONNECTED     19920  
unix  3      [ ]         STREAM     CONNECTED     19917  
unix  3      [ ]         STREAM     CONNECTED     19916  
unix  3      [ ]         STREAM     CONNECTED     19913  
unix  3      [ ]         STREAM     CONNECTED     19912  
unix  3      [ ]         STREAM     CONNECTED     19909  
unix  3      [ ]         STREAM     CONNECTED     19908  
unix  3      [ ]         STREAM     CONNECTED     19905  
unix  3      [ ]         STREAM     CONNECTED     19904  
unix  3      [ ]         STREAM     CONNECTED     19901  
unix  3      [ ]         STREAM     CONNECTED     19900  
unix  3      [ ]         STREAM     CONNECTED     19897  
unix  3      [ ]         STREAM     CONNECTED     19896  
unix  3      [ ]         STREAM     CONNECTED     19893  
unix  3      [ ]         STREAM     CONNECTED     19892  
unix  3      [ ]         STREAM     CONNECTED     19889  
unix  3      [ ]         STREAM     CONNECTED     19888  
unix  3      [ ]         STREAM     CONNECTED     19885  
unix  3      [ ]         STREAM     CONNECTED     19884  
unix  3      [ ]         STREAM     CONNECTED     19881  
unix  3      [ ]         STREAM     CONNECTED     19880  
unix  3      [ ]         STREAM     CONNECTED     19877  
unix  3      [ ]         STREAM     CONNECTED     19876  
unix  3      [ ]         STREAM     CONNECTED     19873  
unix  3      [ ]         STREAM     CONNECTED     19872  
unix  3      [ ]         STREAM     CONNECTED     19869  
unix  3      [ ]         STREAM     CONNECTED     19868  
unix  3      [ ]         STREAM     CONNECTED     19865  
unix  3      [ ]         STREAM     CONNECTED     19864  
unix  3      [ ]         STREAM     CONNECTED     19862  
unix  3      [ ]         STREAM     CONNECTED     19861  
unix  3      [ ]         STREAM     CONNECTED     19858  
unix  3      [ ]         STREAM     CONNECTED     19857  
unix  3      [ ]         STREAM     CONNECTED     19855  
unix  3      [ ]         STREAM     CONNECTED     19854  
unix  2      [ ]         DGRAM                    19809  
unix  2      [ ]         DGRAM                    19524  
unix  3      [ ]         STREAM     CONNECTED     19441  /var/run/acpid.socket
unix  3      [ ]         STREAM     CONNECTED     19440  
unix  3      [ ]         STREAM     CONNECTED     19435  @/var/run/hald/dbus-53ECzzMgrX
unix  3      [ ]         STREAM     CONNECTED     19434  
unix  3      [ ]         STREAM     CONNECTED     19409  @/var/run/hald/dbus-53ECzzMgrX
unix  3      [ ]         STREAM     CONNECTED     19397  
unix  3      [ ]         STREAM     CONNECTED     19162  @/var/run/hald/dbus-VKiUt0atap
unix  3      [ ]         STREAM     CONNECTED     19161  
unix  3      [ ]         STREAM     CONNECTED     19140  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19139  
unix  2      [ ]         DGRAM                    19106  
unix  3      [ ]         STREAM     CONNECTED     18963  
unix  3      [ ]         STREAM     CONNECTED     18962  
unix  3      [ ]         STREAM     CONNECTED     18821  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18811  
unix  2      [ ]         DGRAM                    18592  
unix  3      [ ]         STREAM     CONNECTED     18457  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18456  
unix  2      [ ]         DGRAM                    18455  
unix  3      [ ]         STREAM     CONNECTED     18441  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18437  
unix  3      [ ]         STREAM     CONNECTED     18429  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18428  
unix  2      [ ]         DGRAM                    18422  
unix  3      [ ]         STREAM     CONNECTED     18397  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18396  
unix  3      [ ]         STREAM     CONNECTED     18390  
unix  3      [ ]         STREAM     CONNECTED     18389  
unix  3      [ ]         DGRAM                    11025  
unix  3      [ ]         DGRAM                    11024  
[/home/tour/project/war/shop/shop1/]$ lsb_release -a
LSB Version:	:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID:	CentOS
Description:	CentOS release 6.4 (Final)
Release:	6.4
Codename:	Final
[/home/tour/project/war/shop/shop1/]$ cat /etc/issue
CentOS release 6.4 (Final)
Kernel \r on an \m
[/home/tour/project/war/shop/shop1/]$ file /sbin/init
/sbin/init: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
[/home/tour/project/war/shop/shop1/]$ cat /proc/version
Linux version 2.6.32-358.el6.x86_64 (mockbuild@**.**.**.**) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) ) #1 SMP Fri Feb 22 00:31:26 UTC 2013
[/home/tour/project/war/shop/shop1/]$
修复方案：

加强安全意识
版权声明：转载请注明来源朱元璋@乌云

漏洞回应

厂商回应：

危害等级：中
漏洞Rank：10
确认时间：2015-12-22 18:26
厂商回复：

CNVD未直接复现所述情况，暂未建立与网站管理单位的直接处置渠道，待认领。
WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0160874

漏洞标题：电商平台畅销网官网服务器getshell

相关厂商：畅销网

漏洞作者：朱元璋

提交时间：2015-12-18 11:42

修复时间：2016-02-01 19:48

公开时间：2016-02-01 19:48

漏洞类型：系统/服务补丁不及时

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源朱元璋@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评价

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0160874

漏洞标题：电商平台畅销网官网服务器getshell

相关厂商：畅销网

漏洞作者： 朱元璋

提交时间：2015-12-18 11:42

修复时间：2016-02-01 19:48

公开时间：2016-02-01 19:48

漏洞类型：系统/服务补丁不及时

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0160874"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 朱元璋@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评价

漏洞概要关注数(24) 关注此漏洞

漏洞作者：朱元璋

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源朱元璋@乌云
