The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

searching for 777 directories on a box

Discussion in 'General Discussion' started by Radio_Head, May 16, 2003.

  1. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    [security] searching for 777 directories on a box

    Anyone knows a fast way to list all the directories on a box which have chmod 777 ?

    I am using

    # ls -Rl | grep / | grep drwxrwxrwt

    but it is not the best way ....(i receive also not useful results)
     
    #1 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  2. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Try this

    This finds Directories
    find / \( -type d -a -perm -777 \) -print |more

    This one finds files
    find / -perm -2 ! -type l -ls |more
     
    #2 dgbaker, May 16, 2003
    Last edited: May 16, 2003
  3. howard

    howard Well-Known Member

    Joined:
    Apr 20, 2003
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    nevermind dg posted before i did
     
  4. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    thank you!
     
    #4 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  5. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Added more to the first post.

    Also

    find / -perm -2 ! -type l -ls

    change the / to /home or /tmp etc......
     
  6. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    :D
     
  7. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    running...

    find / \( -type d -a -perm -0777 -group root \) -print


    i find all good places where an hacker could try to execute c code (fo example), am I right ?

    If yes I found other 6 dir which could be vulnerable on my box ... over /tmp :mad:
     
    #7 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  8. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Those 6 should have shown up though without include -group root, since they have 777 permission.

    Any file or directory that has permission 777 is a potential security issue, but sometimes 777 files and directories are required by programs.

    The best thing is to note which are 777 and gain an understanding of why and then monitor regularily.
     
  9. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    I want say ... on another post someone suggested that is a good idea nosuid nosexec /tmp .
    But if the hacker could make damage on every 777 directory as you wrote , then there is no reason to nosuid nosexec /tmp ..
    :confused:
     
    #9 Radio_Head, May 16, 2003
    Last edited: May 16, 2003
  10. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    up

    cPanel.net Support Ticket Number:
     
Loading...
Similar Threads - searching 777 directories
  1. Valetia
    Replies:
    5
    Views:
    796

Share This Page