Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

searching for 777 directories on a box

Discussion in 'General Discussion' started by Radio_Head, May 16, 2003.

  1. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343
    [security] searching for 777 directories on a box

    Anyone knows a fast way to list all the directories on a box which have chmod 777 ?

    I am using

    # ls -Rl | grep / | grep drwxrwxrwt

    but it is not the best way ....(i receive also not useful results)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  2. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    343
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Try this

    This finds Directories
    find / \( -type d -a -perm -777 \) -print |more

    This one finds files
    find / -perm -2 ! -type l -ls |more
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 dgbaker, May 16, 2003
    Last edited: May 16, 2003
  3. howard

    howard Well-Known Member

    Joined:
    Apr 20, 2003
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    166
    nevermind dg posted before i did
     
  4. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343
    thank you!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  5. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    343
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Added more to the first post.

    Also

    find / -perm -2 ! -type l -ls

    change the / to /home or /tmp etc......
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    343
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343
    running...

    find / \( -type d -a -perm -0777 -group root \) -print


    i find all good places where an hacker could try to execute c code (fo example), am I right ?

    If yes I found other 6 dir which could be vulnerable on my box ... over /tmp :mad:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #7 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  8. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    343
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Those 6 should have shown up though without include -group root, since they have 777 permission.

    Any file or directory that has permission 777 is a potential security issue, but sometimes 777 files and directories are required by programs.

    The best thing is to note which are 777 and gain an understanding of why and then monitor regularily.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343
    I want say ... on another post someone suggested that is a good idea nosuid nosexec /tmp .
    But if the hacker could make damage on every 777 directory as you wrote , then there is no reason to nosuid nosexec /tmp ..
    :confused:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #9 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  10. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343
    up

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice