▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                    ▄▄▄▄▄▄▄             ▄▄▄▄▄▄▄▄
             ▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄
         ▄▄▄▄     ▄ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄
         ▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
         ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄       ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
         ▄▄▄▄▄▄▄▄▄▄▄          ▄▄▄▄▄▄               ▄▄▄▄▄▄ ▄
         ▄▄▄▄▄▄              ▄▄▄▄▄▄▄▄                 ▄▄▄▄
         ▄▄                  ▄▄▄ ▄▄▄▄▄                  ▄▄▄
         ▄▄                ▄▄▄▄▄▄▄▄▄▄▄▄                  ▄▄
         ▄            ▄▄ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄
         ▄      ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
         ▄▄▄▄▄▄▄▄▄▄▄▄▄▄                                ▄▄▄▄
         ▄▄▄▄▄  ▄▄▄▄▄                       ▄▄▄▄▄▄     ▄▄▄▄
         ▄▄▄▄   ▄▄▄▄▄                       ▄▄▄▄▄      ▄ ▄▄
         ▄▄▄▄▄  ▄▄▄▄▄        ▄▄▄▄▄▄▄        ▄▄▄▄▄     ▄▄▄▄▄
         ▄▄▄▄▄▄  ▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄   ▄▄▄▄▄
          ▄▄▄▄▄▄▄▄▄▄▄▄▄▄        ▄          ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
         ▄▄▄▄▄▄▄▄▄▄▄▄▄                       ▄▄▄▄▄▄▄▄▄▄▄▄▄▄
         ▄▄▄▄▄▄▄▄▄▄▄                         ▄▄▄▄▄▄▄▄▄▄▄▄▄▄
         ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
          ▀▀▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▀▀▀▀▀▀
               ▀▀▀▄▄▄▄▄      ▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▀▀
                     ▀▀▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀▀

    /---------------------------------------------------------------------------------\
    |                             Do you like PEASS?                                  |
    |---------------------------------------------------------------------------------|
    |         Get the latest version    :     https://github.com/sponsors/carlospolop |
    |         Follow on Twitter         :     @hacktricks_live                        |
    |         Respect on HTB            :     SirBroccoli                             |
    |---------------------------------------------------------------------------------|
    |                                 Thank you!                                      |
    \---------------------------------------------------------------------------------/
          linpeas-ng by carlospolop

ADVISORY: This script should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own computers and/or with the computer owner's permission.

Linux Privesc Checklist: https://book.hacktricks.xyz/linux-hardening/linux-privilege-escalation-checklist
 LEGEND:
  RED/YELLOW: 95% a PE vector
  RED: You should take a look to it
  LightCyan: Users with console
  Blue: Users without console & mounted devs
  Green: Common things (users, groups, SUID/SGID, mounts, .sh scripts, cronjobs)
  LightMagenta: Your username

  YOU ARE ALREADY ROOT!!! (it could take longer to complete execution)

 Starting linpeas. Caching Writable Folders...

                               ╔═══════════════════╗
═══════════════════════════════╣ Basic information ╠═══════════════════════════════
                               ╚═══════════════════╝
OS: Linux version 5.15.0-67-generic (buildd@lcy02-amd64-116) (gcc (Ubuntu 11.3.0-1ubuntu1~22.04) 11.3.0, GNU ld (GNU Binutils for Ubuntu) 2.38) #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023
User & Groups: uid=0(root) gid=0(root) groups=0(root)
Hostname: ls-2024-9
Writable folder: /dev/shm
[+] /usr/bin/ping is available for network discovery (linpeas can discover hosts, learn more with -h)
[+] /usr/bin/bash is available for network discovery, port scanning and port forwarding (linpeas can discover hosts, scan ports, and forward ports. Learn more with -h)
[+] /usr/bin/nc is available for network discovery & port scanning (linpeas can discover hosts and scan ports, learn more with -h)

[+] nmap is available for network discovery & port scanning, you should use it yourself


Caching directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DONE

                              ╔════════════════════╗
══════════════════════════════╣ System Information ╠══════════════════════════════
                              ╚════════════════════╝
╔══════════╣ Operative system
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#kernel-exploits
Linux version 5.15.0-67-generic (buildd@lcy02-amd64-116) (gcc (Ubuntu 11.3.0-1ubuntu1~22.04) 11.3.0, GNU ld (GNU Binutils for Ubuntu) 2.38) #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.2 LTS
Release:        22.04
Codename:       jammy

╔══════════╣ Sudo version
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-version
Sudo version 1.9.9


╔══════════╣ PATH
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#writable-path-abuses

╔══════════╣ Date & uptime
Fri Feb  2 08:13:10 UTC 2024
 08:13:10 up 14 min,  2 users,  load average: 0.33, 0.09, 0.04

╔══════════╣ Any sd*/disk* disk in /dev? (limit 20)
disk

╔══════════╣ Unmounted file-system?
╚ Check if you can mount umounted devices
LABEL=cloudimg-rootfs   /        ext4   discard,errors=remount-ro       0 1
LABEL=UEFI      /boot/efi       vfat    umask=0077      0 1

╔══════════╣ Environment
╚ Any private information inside environment variables?
LESSOPEN=| /usr/bin/lesspipe %s
HISTFILESIZE=0
MAIL=/var/mail/root
USER=root
SSH_CLIENT=31.220.83.175 59290 22
SHLVL=0
HOME=/root
SSH_TTY=/dev/pts/0
LOGNAME=root
_=/usr/bin/sh
TERM=tmux-256color
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
HISTSIZE=0
SHELL=/bin/bash
LESSCLOSE=/usr/bin/lesspipe %s %s
PWD=/root
SSH_CONNECTION=31.220.83.175 59290 64.227.120.192 22
XDG_DATA_DIRS=/usr/local/share:/usr/share:/var/lib/snapd/desktop
HISTFILE=/dev/null

╔══════════╣ Searching Signature verification failed in dmesg
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#dmesg-signature-verification-failed
dmesg Not Found

╔══════════╣ Executing Linux Exploit Suggester
╚ https://github.com/mzet-/linux-exploit-suggester
[+] [CVE-2022-32250] nft_object UAF (NFT_MSG_NEWSET)

   Details: https://research.nccgroup.com/2022/09/01/settlers-of-netlink-exploiting-a-limited-uaf-in-nf_tables-cve-2022-32250/
https://blog.theori.io/research/CVE-2022-32250-linux-kernel-lpe-2022/
   Exposure: probable
   Tags: [ ubuntu=(22.04) ]{kernel:5.15.0-27-generic}
   Download URL: https://raw.githubusercontent.com/theori-io/CVE-2022-32250-exploit/main/exp.c
   Comments: kernel.unprivileged_userns_clone=1 required (to obtain CAP_NET_ADMIN)

[+] [CVE-2022-2586] nft_object UAF

   Details: https://www.openwall.com/lists/oss-security/2022/08/29/5
   Exposure: less probable
   Tags: ubuntu=(20.04){kernel:5.12.13}
   Download URL: https://www.openwall.com/lists/oss-security/2022/08/29/5/1
   Comments: kernel.unprivileged_userns_clone=1 required (to obtain CAP_NET_ADMIN)

[+] [CVE-2022-0847] DirtyPipe

   Details: https://dirtypipe.cm4all.com/
   Exposure: less probable
   Tags: ubuntu=(20.04|21.04),debian=11
   Download URL: https://haxx.in/files/dirtypipez.c

[+] [CVE-2021-4034] PwnKit

   Details: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
   Exposure: less probable
   Tags: ubuntu=10|11|12|13|14|15|16|17|18|19|20|21,debian=7|8|9|10|11,fedora,manjaro
   Download URL: https://codeload.github.com/berdav/CVE-2021-4034/zip/main

[+] [CVE-2021-3156] sudo Baron Samedit

   Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
   Exposure: less probable
   Tags: mint=19,ubuntu=18|20, debian=10
   Download URL: https://codeload.github.com/blasty/CVE-2021-3156/zip/main

[+] [CVE-2021-3156] sudo Baron Samedit 2

   Details: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
   Exposure: less probable
   Tags: centos=6|7|8,ubuntu=14|16|17|18|19|20, debian=9|10
   Download URL: https://codeload.github.com/worawit/CVE-2021-3156/zip/main

[+] [CVE-2021-22555] Netfilter heap out-of-bounds write

   Details: https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
   Exposure: less probable
   Tags: ubuntu=20.04{kernel:5.8.0-*}
   Download URL: https://raw.githubusercontent.com/google/security-research/master/pocs/linux/cve-2021-22555/exploit.c
   ext-url: https://raw.githubusercontent.com/bcoles/kernel-exploits/master/CVE-2021-22555/exploit.c
   Comments: ip_tables kernel module must be loaded

[+] [CVE-2017-5618] setuid screen v4.5.0 LPE

   Details: https://seclists.org/oss-sec/2017/q1/184
   Exposure: less probable
   Download URL: https://www.exploit-db.com/download/https://www.exploit-db.com/exploits/41154


╔══════════╣ Executing Linux Exploit Suggester 2
╚ https://github.com/jondonas/linux-exploit-suggester-2

╔══════════╣ Protections
═╣ AppArmor enabled? .............. apparmor module is loaded.
33 profiles are loaded.
33 profiles are in enforce mode.
   /snap/snapd/18357/usr/lib/snapd/snap-confine
   /snap/snapd/18357/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /snap/snapd/20671/usr/lib/snapd/snap-confine
   /snap/snapd/20671/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /usr/bin/man
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper
   /usr/lib/connman/scripts/dhclient-script
   /usr/lib/snapd/snap-confine
   /usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /usr/sbin/mysqld
   /usr/sbin/unbound
   /{,usr/}sbin/dhclient
   lsb_release
   man_filter
   man_groff
   nvidia_modprobe
   nvidia_modprobe//kmod
   snap-update-ns.lxd
   snap.lxd.activate
   snap.lxd.benchmark
   snap.lxd.buginfo
   snap.lxd.check-kernel
   snap.lxd.daemon
   snap.lxd.hook.configure
   snap.lxd.hook.install
   snap.lxd.hook.remove
   snap.lxd.lxc
   snap.lxd.lxc-to-lxd
   snap.lxd.lxd
   snap.lxd.migrate
   snap.lxd.user-daemon
   tcpdump
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
2 processes have profiles defined.
2 processes are in enforce mode.
   /usr/sbin/mysqld (608)
   /usr/sbin/unbound (575)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.
═╣ AppArmor profile? .............. unconfined
═╣ is linuxONE? ................... s390x Not Found
═╣ grsecurity present? ............ grsecurity Not Found
═╣ PaX bins present? .............. PaX Not Found
═╣ Execshield enabled? ............ Execshield Not Found
═╣ SELinux enabled? ............... sestatus Not Found
═╣ Seccomp enabled? ............... disabled
═╣ User namespace? ................ enabled
═╣ Cgroup2 enabled? ............... enabled
═╣ Is ASLR enabled? ............... Yes
═╣ Printer? ....................... No
═╣ Is this a virtual machine? ..... Yes (kvm)

                                   ╔═══════════╗
═══════════════════════════════════╣ Container ╠═══════════════════════════════════
                                   ╚═══════════╝
╔══════════╣ Container related tools present (if any):
/snap/bin/lxc
/usr/bin/podman
╔══════════╣ Am I Containered?
╔══════════╣ Container details
═╣ Is this a container? ........... No
═╣ Any running containers? ........ Yes podman(1)
Running Podman Containers
4d05d4a1a404  docker.io/nejec/2048:latest  apache2-foregroun...  14 minutes ago  Up 14 minutes ago  0.0.0.0:8018->22/tcp  2048



                                     ╔═══════╗
═════════════════════════════════════╣ Cloud ╠═════════════════════════════════════
                                     ╚═══════╝
═╣ Google Cloud Platform? ............... No
═╣ AWS ECS? ............................. No
═╣ AWS EC2? ............................. No
═╣ AWS EC2 Beanstalk? ................... No
═╣ AWS Lambda? .......................... No
═╣ AWS Codebuild? ....................... No
═╣ DO Droplet? .......................... Yes
═╣ Aliyun ECS? .......................... No
═╣ IBM Cloud VM? ........................ No
═╣ Azure VM? ............................ No
═╣ Azure APP? ........................... No

╔══════════╣ DO Droplet Enumeration
Id: 398869447
Region: fra1
Public keys: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFeyPsS/zvRqho8r1ZosjOve5dP080XcvryKm6tb5k68kavPwpX4TDRTL9kPI2iF7xVPYWCqYJT+Bmn6S7+OcwfVVfIx59+rMPXMvsG9oLZfU6s1P0ogPH+0Nxnn/4N6hT+yJMzNbDKWsqPA7uXjmOUHLaIGvTfjhT+tA5ofWgMvOIRIdjSewVVFqsRvQZHc4ZppP6IBx43G7dBOHEKPI7y01O6WsEltErdPlTZQWDf43gO5GxwPFawgrRekT3YY8qo8U1kJMho46ajby3qoWO3RITb76fc4qiTK418AUoQFAndcbRYuhBNlWUYOwYEZm2fCtG44WvG0ckuUKL1CdB jernej.porenta@3fs.si
User data:
Dns: 67.207.67.2,67.207.67.3
Interfaces: sh: 2496: jq: not found
Floating_ip: sh: 2497: jq: not found
Reserved_ip: sh: 2498: jq: not found
Tags: sh: 2499: jq: not found
Features: sh: 2500: jq: not found


                ╔════════════════════════════════════════════════╗
════════════════╣ Processes, Crons, Timers, Services and Sockets ╠════════════════
                ╚════════════════════════════════════════════════╝
╔══════════╣ Cleaned processes
╚ Check weird & unexpected proceses run by root: https://book.hacktricks.xyz/linux-hardening/privilege-escalation#processes
root           1  0.2  0.8 100872  8036 ?        Ss   07:59   0:02 /sbin/init
root         324  0.0  0.9  31768  9236 ?        S<s  07:59   0:00 /lib/systemd/systemd-journald
root         366  0.0  2.7 289316 27100 ?        SLsl 07:59   0:00 /sbin/multipathd -d -s
root         369  0.0  0.5  22780  5616 ?        Ss   07:59   0:00 /lib/systemd/systemd-udevd
root        5246  0.0  0.3  22780  3484 ?        S    08:13   0:00  _ /lib/systemd/systemd-udevd
root        5255  0.0  0.3  22780  3484 ?        S    08:13   0:00  _ /lib/systemd/systemd-udevd
systemd+     436  0.0  0.6  16252  5996 ?        Ss   07:59   0:00 /lib/systemd/systemd-networkd
  └─(Caps) 0x0000000000003c00=cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw
systemd+     442  0.0  0.4  89360  4608 ?        Ssl  07:59   0:00 /lib/systemd/systemd-timesyncd
  └─(Caps) 0x0000000002000000=cap_sys_time
root         459  0.0  0.0   1088    44 ?        S    07:59   0:00 nftablesd
message+     521  0.0  0.4   8560  4296 ?        Ss   07:59   0:00 @dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  └─(Caps) 0x0000000020000000=cap_audit_write
root         528  0.0  1.5  33108 15392 ?        Ss   07:59   0:00 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
root         529  0.0  1.8 220240 18604 ?        Ss   07:59   0:00 php-fpm: master process (/etc/php/8.1/fpm/php-fpm.conf)
www-data     591  0.0  1.0 220680 10616 ?        S    07:59   0:00  _ php-fpm: pool www
www-data     592  0.0  0.9 220680  9552 ?        S    07:59   0:00  _ php-fpm: pool www
syslog       532  0.0  0.5 222404  5044 ?        Ssl  07:59   0:00 /usr/sbin/rsyslogd -n -iNONE
root         534  0.4  2.0 1245220 20044 ?       Ssl  07:59   0:03 /usr/lib/snapd/snapd
root         535  0.0  0.4  14908  4464 ?        Ss   07:59   0:00 /lib/systemd/systemd-logind
unbound      575  0.0  1.4  30168 14728 ?        Ss   07:59   0:00 /usr/sbin/unbound -d -p
mysql        608  1.1 37.4 1322632 372228 ?      Ssl  07:59   0:09 /usr/sbin/mysqld --skip-grant-tables
root         638  0.0  0.2  55936  2420 ?        Ss   07:59   0:00 nginx: master process /usr/sbin/nginx -g daemon[0m on; master_process on;
www-data     639  0.0  0.8  56988  8900 ?        S    07:59   0:00  _ nginx: worker process
root         815  0.0  0.1 1230260 1180 ?        Ssl  07:59   0:00 /opt/digitalocean/bin/droplet-agent
root         820  0.0  0.2   7288  2532 ?        Ss   07:59   0:00 /usr/sbin/cron -f -P
daemon[0m       834  0.0  0.1   3864  1204 ?        Ss   07:59   0:00 /usr/sbin/atd -f
root         835  0.0  0.4   9496  4336 ?        Ss   07:59   0:00 /usr/sbin/fwknopd
root         843  0.0  0.0   6220   904 ttyS0    Ss+  07:59   0:00 /sbin/agetty -o -p -- u --keep-baud 115200,57600,38400,9600 ttyS0 vt220
root         845  0.0  0.0   6176   844 tty1     Ss+  07:59   0:00 /sbin/agetty -o -p -- u --noclear tty1 linux
root        1705  0.0  0.9  16128  8972 ?        Ss   08:07   0:00  _ sshd: root@pts/0
root        1707  0.0  0.4   5684  4684 pts/0    Ss   08:07   0:00  |   _ -bash
root        1792  0.6  1.0  95620 10692 pts/0    S+   08:12   0:00  |       _ curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh
root        1793  0.2  0.3   4384  3324 pts/0    S+   08:12   0:00  |       _ sh
root        5410  0.0  0.1   4384  1604 pts/0    S+   08:13   0:00  |           _ sh
root        5414  0.0  0.3   7208  2992 pts/0    R+   08:13   0:00  |           |   _ ps fauxwww
root        5413  0.0  0.1   4384  1604 pts/0    S+   08:13   0:00  |           _ sh
root        2137  0.1  0.8  16000  8776 ?        Ss   08:13   0:00  _ sshd: root@pts/2
root        2139  0.0  0.4   5684  4676 pts/2    Ss+  08:13   0:00      _ -bash
root         978  0.0  0.2   9688  2228 ?        Ss   07:59   0:00 /usr/sbin/xinetd -pidfile /run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
root        1147  0.0  0.1  82724  1204 ?        Ssl  07:59   0:00 /usr/bin/conmon --api-version 1 -c 4d05d4a1a4042edcef3194f270ace0d96e8c6b06592a073ce788d7c66b0fd9f6 -u 4d05d4a1a4042edcef3194f270ace0d96e8c6b06592a073ce788d7c66b0fd9f6 -r /usr/bin/crun -b /var/lib/containers/storage/overlay-containers/4d05d4a1a4042edcef3194f270ace0d96e8c6b06592a073ce788d7c66b0fd9f6/userdata -p /run/containers/storage/overlay-containers/4d05d4a1a4042edcef3194f270ace0d96e8c6b06592a073ce788d7c66b0fd9f6/userdata/pidfile -n 2048 --exit-dir /run/libpod/exits --full-attach -s -l journald --log-level warning --runtime-arg --log-format=json --runtime-arg --log --runtime-arg=/run/containers/storage/overlay-containers/4d05d4a1a4042edcef3194f270ace0d96e8c6b06592a073ce788d7c66b0fd9f6/userdata/oci-log --conmon-pidfile /run/containers/storage/overlay-containers/4d05d4a1a4042edcef3194f270ace0d96e8c6b06592a073ce788d7c66b0fd9f6/userdata/conmon.pid --exit-command /usr/bin/podman --exit-command-arg --root --exit-command-arg /var/lib/containers/storage --exit-command-arg --runroot --exit-command-arg /run/containers/storage --exit-command-arg --log-level --exit-command-arg warning --exit-command-arg --cgroup-manager --exit-command-arg systemd --exit-command-arg --tmpdir --exit-command-arg /run/libpod --exit-command-arg --runtime --exit-command-arg crun --exit-command-arg --events-backend --exit-command-arg journald --exit-command-arg container --exit-command-arg cleanup --exit-command-arg --rm --exit-command-arg 4d05d4a1a4042edcef3194f270ace0d96e8c6b06592a073ce788d7c66b0fd9f6
root        1151  0.0  1.3  82904 12992 ?        Ss   07:59   0:00  _ apache2 -DFOREGROUND
www-data    1202  0.0  0.5  83212  5440 ?        S    07:59   0:00      _ apache2 -DFOREGROUND
www-data    1203  0.0  0.5  83212  5484 ?        S    07:59   0:00      _ apache2 -DFOREGROUND
www-data    1204  0.0  0.5  83212  5484 ?        S    07:59   0:00      _ apache2 -DFOREGROUND
www-data    1205  0.0  0.5  83212  5484 ?        S    07:59   0:00      _ apache2 -DFOREGROUND
www-data    1206  0.0  0.5  83212  5488 ?        S    07:59   0:00      _ apache2 -DFOREGROUND
root        1651  0.0  0.3  41224  3196 ?        Ss   07:59   0:00 /usr/lib/postfix/sbin/master -w
postfix     1654  0.0  0.4  41564  4108 ?        S    07:59   0:00  _ pickup -l -t unix -u -c
postfix     1655  0.0  0.4  41608  4148 ?        S    07:59   0:00  _ qmgr -l -t unix -u
postfix     1664  0.0  0.8  47332  8216 ?        S    08:01   0:00  _ tlsmgr -l -t unix -u -c
postfix     1724  0.0  0.4  41560  4040 ?        S    08:08   0:00  _ anvil -l -t unix -u -c
root        1672  0.0  0.1   4172  1964 ?        Ss   08:01   0:00 SCREEN -d -m /usr/bin/socat TCP6-LISTEN:2227,reuseaddr,fork EXEC:/usr/bin/bash,stderr
root        1673  0.0  0.1  10292  1548 pts/1    Ss+  08:01   0:00  _ /usr/bin/socat TCP6-LISTEN:2227,reuseaddr,fork EXEC:/usr/bin/bash,stderr
root        5013  0.6  0.1   2624  1604 ?        Ss   08:13   0:00 /bin/sh /snap/lxd/24322/commands/daemon.start
root        5180 28.8  5.8 1414164 57936 ?       Sl   08:13   0:04  _ lxd --logfile /var/snap/lxd/common/lxd/logs/lxd.log --group lxd
root        5167  0.1  0.1 153028  1960 ?        Sl   08:13   0:00 lxcfs /var/snap/lxd/common/var/lib/lxcfs -p /var/snap/lxd/common/lxcfs.pid

╔══════════╣ Binary processes permissions (non 'root root' and not belonging to current user)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#processes

╔══════════╣ Processes whose PPID belongs to a different user (not root)
╚ You will know if a user can somehow spawn processes as a different user
Proc 436 with ppid 1 is run by user systemd-network but the ppid user is root
Proc 442 with ppid 1 is run by user systemd-timesync but the ppid user is root
Proc 521 with ppid 1 is run by user messagebus but the ppid user is root
Proc 532 with ppid 1 is run by user syslog but the ppid user is root
Proc 575 with ppid 1 is run by user unbound but the ppid user is root
Proc 591 with ppid 529 is run by user www-data but the ppid user is root
Proc 592 with ppid 529 is run by user www-data but the ppid user is root
Proc 608 with ppid 1 is run by user mysql but the ppid user is root
Proc 639 with ppid 638 is run by user www-data but the ppid user is root
Proc 834 with ppid 1 is run by user daemon but the ppid user is root
Proc 1202 with ppid 1151 is run by user www-data but the ppid user is root
Proc 1203 with ppid 1151 is run by user www-data but the ppid user is root
Proc 1204 with ppid 1151 is run by user www-data but the ppid user is root
Proc 1205 with ppid 1151 is run by user www-data but the ppid user is root
Proc 1206 with ppid 1151 is run by user www-data but the ppid user is root
Proc 1654 with ppid 1651 is run by user postfix but the ppid user is root
Proc 1655 with ppid 1651 is run by user postfix but the ppid user is root
Proc 1664 with ppid 1651 is run by user postfix but the ppid user is root
Proc 1724 with ppid 1651 is run by user postfix but the ppid user is root

╔══════════╣ Processes with credentials in memory (root req)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#credentials-from-process-memory
gdm-password Not Found
gnome-keyring-daemon Not Found
lightdm Not Found
vsftpd Not Found
apache2 process found (dump creds from memory as root)
sshd: process found (dump creds from memory as root)

╔══════════╣ Cron jobs
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#scheduled-cron-jobs
/usr/bin/crontab
incrontab Not Found
-rw-r--r-- 1 root root    1136 Mar 23  2022 /etc/crontab

/etc/cron.d:
total 24
drwxr-xr-x   2 root root 4096 Feb  1 14:47 .
drwxr-xr-x 111 root root 4096 Feb  2 08:07 ..
-rw-r--r--   1 root root  102 Mar 23  2022 .placeholder
-rw-r--r--   1 root root  303 Jun  1  2022 e2scrub_all
-rw-r--r--   1 root root  712 Jan 28  2022 php
-rw-r--r--   1 root root  396 Feb  2  2021 sysstat

/etc/cron.daily:
total 72
drwxr-xr-x   2 root root  4096 Feb  1 14:38 .
drwxr-xr-x 111 root root  4096 Feb  2 08:07 ..
-rw-r--r--   1 root root   102 Mar 23  2022 .placeholder
-rwxr-xr-x   1 root root 34194 Dec 30  2021 aide
-rwxr-xr-x   1 root root   376 Nov 11  2019 apport
-rwxr-xr-x   1 root root  1478 Apr  8  2022 apt-compat
-rwxr-xr-x   1 root root   123 Dec  5  2021 dpkg
-rwxr-xr-x   1 root root   377 Jan 24  2022 logrotate
-rwxr-xr-x   1 root root  1330 Mar 17  2022 man-db
-rwxr-xr-x   1 root root   518 Feb  2  2021 sysstat

/etc/cron.hourly:
total 16
drwxr-xr-x   2 root root 4096 Feb  1 14:24 .
drwxr-xr-x 111 root root 4096 Feb  2 08:07 ..
-rw-r--r--   1 root root  102 Mar 23  2022 .placeholder
-rwxr-xr-x   1 root root  110 Feb  1 14:24 droplet-agent

/etc/cron.monthly:
total 12
drwxr-xr-x   2 root root 4096 Mar 17  2023 .
drwxr-xr-x 111 root root 4096 Feb  2 08:07 ..
-rw-r--r--   1 root root  102 Mar 23  2022 .placeholder

/etc/cron.weekly:
total 16
drwxr-xr-x   2 root root 4096 Mar 17  2023 .
drwxr-xr-x 111 root root 4096 Feb  2 08:07 ..
-rw-r--r--   1 root root  102 Mar 23  2022 .placeholder
-rwxr-xr-x   1 root root 1020 Mar 17  2022 man-db

/var/spool/cron/crontabs:
total 8
drwx-wx--T 2 root crontab 4096 Mar 23  2022 .
drwxr-xr-x 5 root root    4096 Feb  1 14:36 ..

SHELL=/bin/sh

17 *    * * *   root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6    1 * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
alias
backup
bin
daemon
ftp
games
gnats
guest
irc
lp
mail
man
nobody
operator
proxy
qmaild
qmaill
qmailp
qmailq
qmailr
qmails
sync
sys
www-data

╔══════════╣ Systemd PATH
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#systemd-path-relative-paths
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin

╔══════════╣ Analyzing .service files
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#services

╔══════════╣ System timers
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#timers
NEXT                        LEFT               LAST                        PASSED       UNIT                           ACTIVATES
Fri 2024-02-02 08:14:06 UTC 30s left           n/a                         n/a          systemd-tmpfiles-clean.timer   systemd-tmpfiles-clean.service
Fri 2024-02-02 08:16:24 UTC 2min 47s left      n/a                         n/a          ua-timer.timer                 ua-timer.service
Fri 2024-02-02 08:39:00 UTC 25min left         Fri 2024-02-02 08:09:00 UTC 4min 35s ago phpsessionclean.timer          phpsessionclean.service
Fri 2024-02-02 14:01:49 UTC 5h 48min left      Fri 2024-02-02 02:22:06 UTC 5h 51min ago motd-news.timer                motd-news.service
Fri 2024-02-02 18:39:33 UTC 10h left           Thu 2024-02-01 21:33:59 UTC 10h ago      apt-daily.timer                apt-daily.service
Sat 2024-02-03 00:00:00 UTC 15h left           n/a                         n/a          dpkg-db-backup.timer           dpkg-db-backup.service
Sat 2024-02-03 00:00:00 UTC 15h left           Fri 2024-02-02 00:00:05 UTC 8h ago       logrotate.timer                logrotate.service
Sat 2024-02-03 00:02:48 UTC 15h left           Fri 2024-02-02 00:01:25 UTC 8h ago       podman-auto-update.timer       podman-auto-update.service
Sat 2024-02-03 06:09:49 UTC 21h left           Fri 2024-02-02 06:07:18 UTC 2h 6min ago  apt-daily-upgrade.timer        apt-daily-upgrade.service
Sat 2024-02-03 06:16:16 UTC 22h left           Fri 2024-02-02 02:56:06 UTC 5h 17min ago man-db.timer                   man-db.service
Sat 2024-02-03 08:04:15 UTC 23h left           Fri 2024-02-02 08:04:15 UTC 9min ago     update-notifier-download.timer update-notifier-download.service
Sun 2024-02-04 03:10:44 UTC 1 day 18h left     Thu 2024-02-01 14:23:10 UTC 17h ago      e2scrub_all.timer              e2scrub_all.service
Mon 2024-02-05 00:07:27 UTC 2 days left        Thu 2024-02-01 14:23:10 UTC 17h ago      fstrim.timer                   fstrim.service
Fri 2024-02-09 05:06:06 UTC 6 days left        Thu 2024-02-01 14:23:10 UTC 17h ago      update-notifier-motd.timer     update-notifier-motd.service
Sat 2024-02-10 00:00:00 UTC 1 week 0 days left Thu 2024-02-01 14:47:09 UTC 17h ago      unbound-cleanup.timer          unbound-cleanup.service
n/a                         n/a                n/a                         n/a          apport-autoreport.timer        apport-autoreport.service
n/a                         n/a                n/a                         n/a          snapd.snap-repair.timer        snapd.snap-repair.service

╔══════════╣ Analyzing .timer files
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#timers

╔══════════╣ D-Bus config files
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#d-bus
Possible weak user policy found on /etc/dbus-1/system.d/dnsmasq.conf (        <policy user="dnsmasq">)

╔══════════╣ D-Bus Service Objects list
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#d-bus
NAME                           PID PROCESS         USER             CONNECTION    UNIT                        SESSION DESCRIPTION
:1.0                           442 systemd-timesyn systemd-timesync :1.0          systemd-timesyncd.service   -       -
:1.1                           436 systemd-network systemd-network  :1.1          systemd-networkd.service    -       -
:1.10                          534 snapd           root             :1.10         snapd.service               -       -
:1.2                             1 systemd         root             :1.2          init.scope                  -       -
:1.25                         7551 busctl          root             :1.25         ssh.service                 -       -
:1.3                           535 systemd-logind  root             :1.3          systemd-logind.service      -       -
:1.5                           528 networkd-dispat root             :1.5          networkd-dispatcher.service -       -
com.ubuntu.SoftwareProperties    - -               -                (activatable) -                           -       -
io.netplan.Netplan               - -               -                (activatable) -                           -       -
org.freedesktop.DBus             1 systemd         root             -             init.scope                  -       -
org.freedesktop.PackageKit       - -               -                (activatable) -                           -       -
org.freedesktop.PolicyKit1       - -               -                (activatable) -                           -       -
org.freedesktop.bolt             - -               -                (activatable) -                           -       -
org.freedesktop.hostname1        - -               -                (activatable) -                           -       -
org.freedesktop.locale1          - -               -                (activatable) -                           -       -
org.freedesktop.login1         535 systemd-logind  root             :1.3          systemd-logind.service      -       -
org.freedesktop.network1       436 systemd-network systemd-network  :1.1          systemd-networkd.service    -       -
org.freedesktop.resolve1         - -               -                (activatable) -                           -       -
org.freedesktop.systemd1         1 systemd         root             :1.2          init.scope                  -       -
org.freedesktop.timedate1        - -               -                (activatable) -                           -       -
org.freedesktop.timesync1      442 systemd-timesyn systemd-timesync :1.0          systemd-timesyncd.service   -       -


                              ╔═════════════════════╗
══════════════════════════════╣ Network Information ╠══════════════════════════════
                              ╚═════════════════════╝
╔══════════╣ Hostname, hosts and DNS
ls-2024-9
127.0.1.1 ls-2024-9 ls-2024-9
127.0.0.1 localhost

::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters


nameserver 127.0.0.1
options edns0 trust-ad
search .

╔══════════╣ Interfaces
# symbolic names for networks, see networks(5) for more information
link-local 169.254.0.0
cni-podman0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.88.0.1  netmask 255.255.0.0  broadcast 10.88.255.255
        inet6 fe80::f486:a1ff:fe85:a4fc  prefixlen 64  scopeid 0x20<link>
        ether f6:86:a1:85:a4:fc  txqueuelen 1000  (Ethernet)
        RX packets 14  bytes 852 (852.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9  bytes 854 (854.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 64.227.120.192  netmask 255.255.240.0  broadcast 64.227.127.255
        inet6 2a03:b0c0:3:d0::e03:e001  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::a490:c2ff:fef4:a02f  prefixlen 64  scopeid 0x20<link>
        ether a6:90:c2:f4:a0:2f  txqueuelen 1000  (Ethernet)
        RX packets 3483  bytes 1408677 (1.4 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3546  bytes 604090 (604.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.114.0.10  netmask 255.255.240.0  broadcast 10.114.15.255
        inet6 fe80::f08a:52ff:fe90:dd6  prefixlen 64  scopeid 0x20<link>
        ether f2:8a:52:90:0d:d6  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 1006 (1.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 264  bytes 24100 (24.1 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 264  bytes 24100 (24.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth7496452b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::106b:bfff:fe58:b5b5  prefixlen 64  scopeid 0x20<link>
        ether fe:55:38:78:87:87  txqueuelen 0  (Ethernet)
        RX packets 14  bytes 1048 (1.0 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 26  bytes 2184 (2.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


╔══════════╣ Active Ports
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#open-ports
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      638/nginx: master p
tcp        0      0 0.0.0.0:8018            0.0.0.0:*               LISTEN      1147/conmon
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      638/nginx: master p
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      575/unbound
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      860/sshd: /usr/sbin
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      1651/master
tcp6       0      0 :::443                  :::*                    LISTEN      638/nginx: master p
tcp6       0      0 :::8953                 :::*                    LISTEN      575/unbound
tcp6       0      0 :::2227                 :::*                    LISTEN      1673/socat
tcp6       0      0 :::53                   :::*                    LISTEN      575/unbound
tcp6       0      0 :::22                   :::*                    LISTEN      860/sshd: /usr/sbin
tcp6       0      0 :::25                   :::*                    LISTEN      1651/master

╔══════════╣ Can I sniff with tcpdump?
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sniffing
You can sniff with tcpdump!



                               ╔═══════════════════╗
═══════════════════════════════╣ Users Information ╠═══════════════════════════════
                               ╚═══════════════════╝
╔══════════╣ My user
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#users
uid=0(root) gid=0(root) groups=0(root)

╔══════════╣ Do I have PGP keys?
/usr/bin/gpg
netpgpkeys Not Found
netpgp Not Found

╔══════════╣ Checking 'sudo -l', /etc/sudoers, and /etc/sudoers.d
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-and-suid
Matching Defaults entries for root on ls-2024-9:
    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin, use_pty

User root may run the following commands on ls-2024-9:
    (ALL : ALL) ALL
    (ALL) NOPASSWD: ALL
/etc/sudoers:Defaults   env_reset
/etc/sudoers:Defaults   mail_badpass
/etc/sudoers:Defaults   secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
/etc/sudoers:Defaults   use_pty
/etc/sudoers:%unbound ALL=(ALL) NOPASSWD:ALL
/etc/sudoers:root       ALL=(ALL:ALL) ALL
/etc/sudoers:%admin ALL=(ALL) ALL
/etc/sudoers:%sudo      ALL=(ALL:ALL) ALL
/etc/sudoers:@includedir /etc/sudoers.d
Sudoers file: /etc/sudoers.d/90-cloud-init-users is readable
root ALL=(ALL) NOPASSWD:ALL
Sudoers file: /etc/sudoers.d/README is readable

╔══════════╣ Checking sudo tokens
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#reusing-sudo-tokens
ptrace protection is enabled (1)

╔══════════╣ Checking doas.conf
permit nopass :users
permit nopass :root

╔══════════╣ Checking Pkexec policy
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation/interesting-groups-linux-pe#pe-method-2

[Configuration]
AdminIdentities=unix-user:0
[Configuration]
AdminIdentities=unix-group:sudo;unix-group:admin

╔══════════╣ Superusers
root:x:0:0:root:/root:/bin/bash

╔══════════╣ Users with console
alex:x:1001:1001:Alex Johnson:/home/alex:/bin/bash
blake:x:1006:1006:Blake Miller:/home/blake:/bin/bash
cameron:x:1007:1007:Cameron Wilson:/home/cameron:/bin/bash
casey:x:1005:1005:Casey Davis:/home/casey:/bin/bash
drew:x:1010:1013:Drew Anderson:/home/drew:/bin/bash
jordan:x:1002:1002:Jordan Smith:/home/jordan:/bin/bash
kendall:x:1009:1012:Kendall Taylor:/home/kendall:/bin/bash
morgan:x:1004:1004:Morgan Brown:/home/morgan:/bin/bash
peyton:x:1008:1011:Peyton Moore:/home/peyton:/bin/bash
root:x:0:0:root:/root:/bin/bash
taylor:x:1003:1003:Taylor Williams:/home/taylor:/bin/bash

╔══════════╣ All users & groups
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon[0m) gid=1(daemon[0m) groups=1(daemon[0m)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=100(systemd-network) gid=102(systemd-network) groups=102(systemd-network)
uid=1001(alex) gid=1001(alex) groups=1001(alex),1008(users)
uid=1002(jordan) gid=1002(jordan) groups=1002(jordan),1008(users),1009(logs),1010(lvm)
uid=1003(taylor) gid=1003(taylor) groups=1003(taylor),1008(users),123(postfix),1009(logs)
uid=1004(morgan) gid=1004(morgan) groups=1004(morgan),1008(users)
uid=1005(casey) gid=1005(casey) groups=1005(casey),1008(users),1010(lvm)
uid=1006(blake) gid=1006(blake) groups=1006(blake),1008(users)
uid=1007(cameron) gid=1007(cameron) groups=1007(cameron),1008(users),1009(logs)
uid=1008(peyton) gid=1011(peyton) groups=1011(peyton),1008(users),1009(logs)
uid=1009(kendall) gid=1012(kendall) groups=1012(kendall),27(sudo),1008(users),1009(logs)
uid=101(systemd-resolve) gid=103(systemd-resolve) groups=103(systemd-resolve)
uid=1010(drew) gid=1013(drew) groups=1013(drew),27(sudo),1008(users),1009(logs)
uid=102(messagebus) gid=105(messagebus) groups=105(messagebus)
uid=103(systemd-timesync) gid=106(systemd-timesync) groups=106(systemd-timesync)
uid=104(syslog) gid=111(syslog) groups=111(syslog),4(adm)
uid=105(_apt) gid=65534(nogroup) groups=65534(nogroup)
uid=106(tss) gid=112(tss) groups=112(tss)
uid=107(uuidd) gid=113(uuidd) groups=113(uuidd)
uid=108(tcpdump) gid=114(tcpdump) groups=114(tcpdump)
uid=109(sshd) gid=65534(nogroup) groups=65534(nogroup)
uid=110(pollinate) gid=1(daemon[0m) groups=1(daemon[0m)
uid=111(landscape) gid=116(landscape) groups=116(landscape)
uid=112(fwupd-refresh) gid=117(fwupd-refresh) groups=117(fwupd-refresh)
uid=113(mysql) gid=121(mysql) groups=121(mysql)
uid=114(dnsmasq) gid=65534(nogroup) groups=65534(nogroup)
uid=115(postfix) gid=123(postfix) groups=123(postfix)
uid=116(unbound) gid=125(unbound) groups=125(unbound)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=999(lxd) gid=1008(users) groups=1008(users)

╔══════════╣ Login now
 08:13:38 up 14 min,  2 users,  load average: 0.90, 0.25, 0.10
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    31.220.83.175    08:07   52.00s  0.44s  0.00s w
root     pts/2    31.220.83.175    08:13    0.00s  0.02s  0.02s -bash

╔══════════╣ Last logons
root     pts/0        Fri Feb  2 08:06:03 2024 - Fri Feb  2 08:07:41 2024  (00:01)     31.220.83.175
root     pts/0        Fri Feb  2 08:01:16 2024 - Fri Feb  2 08:05:54 2024  (00:04)     31.220.83.175
reboot   system boot  Fri Feb  2 07:59:10 2024   still running                         0.0.0.0
root     pts/0        Thu Feb  1 14:51:05 2024 - Thu Feb  1 14:51:05 2024  (00:00)     89.212.81.147
root     pts/0        Thu Feb  1 14:51:05 2024 - Thu Feb  1 14:51:05 2024  (00:00)     89.212.81.147
reboot   system boot  Thu Feb  1 14:50:47 2024 - Fri Feb  2 07:59:03 2024  (17:08)     0.0.0.0
root     pts/0        Thu Feb  1 14:50:39 2024 - Thu Feb  1 14:50:39 2024  (00:00)     89.212.81.147
root     pts/0        Thu Feb  1 14:50:38 2024 - Thu Feb  1 14:50:38 2024  (00:00)     89.212.81.147

wtmp begins Thu Feb  1 14:50:38 2024

╔══════════╣ Last time logon each user
Username         Port     From             Latest
root             pts/2    31.220.83.175    Fri Feb  2 08:13:08 +0000 2024

╔══════════╣ Do not forget to test 'su' as any other user with shell: without password and with their names as password (I don't do it in FAST mode...)

╔══════════╣ Do not forget to execute 'sudo -l' without password or with valid password (if you know it)!!



                             ╔══════════════════════╗
═════════════════════════════╣ Software Information ╠═════════════════════════════
                             ╚══════════════════════╝
╔══════════╣ Useful software
/usr/bin/base64
/usr/bin/curl
/usr/bin/doas
/usr/bin/gcc
/snap/bin/lxc
/usr/bin/nc
/usr/bin/ncat
/usr/bin/netcat
/usr/bin/nmap
/usr/bin/perl
/usr/bin/php
/usr/bin/ping
/usr/bin/podman
/usr/bin/python3
/usr/bin/socat
/usr/bin/sudo
/usr/bin/wget

╔══════════╣ Installed Compilers
ii  gcc                                              4:11.2.0-1ubuntu1                       amd64        GNU C compiler
ii  gcc-11                                           11.4.0-1ubuntu1~22.04                   amd64        GNU C compiler
ii  rpcsvc-proto                                     1.4.2-0ubuntu6                          amd64        RPC protocol compiler and definitions
/usr/bin/gcc

╔══════════╣ MySQL version
mysql  Ver 8.0.36-0ubuntu0.22.04.1 for Linux on x86_64 ((Ubuntu))


═╣ MySQL connection using default root/root ........... Yes
User    Host    authentication_string
debian-sys-maint        localhost       $A$005$4t*VS*XV-k)qW;G;H:ZfGWAW.OAve60mL71D1hJkYqnK97xPNYZ5ozVAsMLj5
mysql.infoschema        localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
mysql.session   localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
mysql.sys       localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
root    localhost
═╣ MySQL connection using root/toor ................... Yes
User    Host    authentication_string
debian-sys-maint        localhost       $A$005$4t*VS*XV-k)qW;G;H:ZfGWAW.OAve60mL71D1hJkYqnK97xPNYZ5ozVAsMLj5
mysql.infoschema        localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
mysql.session   localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
mysql.sys       localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
root    localhost
═╣ MySQL connection using root/NOPASS ................. Yes
User    Host    authentication_string
debian-sys-maint        localhost       $A$005$4t*VS*XV-k)qW;G;H:ZfGWAW.OAve60mL71D1hJkYqnK97xPNYZ5ozVAsMLj5
mysql.infoschema        localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
mysql.session   localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
mysql.sys       localhost       $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED
root    localhost

╔══════════╣ Searching mysql credentials and exec
We can read the mysql debian.cnf. You can use this username/password to log in MySQL
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host     = localhost
user     = debian-sys-maint
password = fXbOVrCdjqjt9OYZ
socket   = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host     = localhost
user     = debian-sys-maint
password = fXbOVrCdjqjt9OYZ
socket   = /var/run/mysqld/mysqld.sock
From '/etc/mysql/mysql.conf.d/mysqld.cnf' Mysql user: user              = mysql
Found readable /etc/mysql/my.cnf
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mysql.conf.d/
grep: (standard input): binary file matches
From '/var/lib/mysql/#innodb_redo/#ib_redo6' Mysql user:

╔══════════╣ Analyzing MariaDB Files (limit 70)

-rw------- 1 root root 317 Feb  1 14:38 /etc/mysql/debian.cnf
user     = debian-sys-maint
password = fXbOVrCdjqjt9OYZ
user     = debian-sys-maint
password = fXbOVrCdjqjt9OYZ

╔══════════╣ Analyzing Mongo Files (limit 70)
Version: mongo Not Found
mongod Not Found

-rw-r--r-- 1 root root 2279 Nov 23  2020 /etc/fail2ban/filter.d/mongodb-auth.conf
[Definition]
failregex = ^\s+\[conn(?P<__connid>\d+)\] Failed to authenticate [^\n]+<SKIPLINES>\s+\[conn(?P=__connid)\] end connection <HOST>
ignoreregex =
[Init]
maxlines = 10

╔══════════╣ Analyzing Apache-Nginx Files (limit 70)
Apache version: apache2 Not Found
httpd Not Found

Nginx version:
══╣ Nginx modules
ngx_http_geoip2_module.so
ngx_http_image_filter_module.so
ngx_http_xslt_filter_module.so
ngx_mail_module.so
ngx_stream_geoip2_module.so
ngx_stream_module.so
══╣ PHP exec extensions
drwxr-xr-x 2 root root 4096 Feb  1 14:47 /etc/nginx/sites-enabled
drwxr-xr-x 2 root root 4096 Feb  1 14:47 /etc/nginx/sites-enabled
lrwxrwxrwx 1 root root 34 Feb  1 14:47 /etc/nginx/sites-enabled/default -> /etc/nginx/sites-available/default
server {
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;
        include snippets/snakeoil.conf;
        root /var/www/html;
        index index.html index.htm index.php;
        listen 80 default_server;
        server_name _;
        location /2048/ {
            proxy_pass http://localhost:8018/;
            proxy_set_header Host $host;
        }
        location / {
                try_files $uri $uri/ =404;
        }
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;

                fastcgi_pass unix:/run/php/php-fpm.sock;
        }
}

drwxr-xr-x 2 root root 4096 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apache2/sites-enabled
drwxr-xr-x 2 root root 4096 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apache2/sites-enabled
lrwxrwxrwx 1 root root 35 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apache2/sites-enabled/000-default.conf -> ../sites-available/000-default.conf
<VirtualHost *:22>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

drwxr-xr-x 2 root root 4096 Dec 11  2020 /var/lib/containers/storage/overlay/fda57903e9f43dc02ae8315fc92ac23d40d45f161406063cd720d3402b88e388/diff/etc/apache2/sites-enabled
drwxr-xr-x 2 root root 4096 Dec 11  2020 /var/lib/containers/storage/overlay/fda57903e9f43dc02ae8315fc92ac23d40d45f161406063cd720d3402b88e388/diff/etc/apache2/sites-enabled
lrwxrwxrwx 1 root root 35 Dec 11  2020 /var/lib/containers/storage/overlay/fda57903e9f43dc02ae8315fc92ac23d40d45f161406063cd720d3402b88e388/diff/etc/apache2/sites-enabled/000-default.conf -> ../sites-available/000-default.conf
<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>


-rw-r--r-- 1 root root 1332 Jan  2  2023 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apache2/sites-available/000-default.conf
<VirtualHost *:22>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
lrwxrwxrwx 1 root root 35 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apache2/sites-enabled/000-default.conf -> ../sites-available/000-default.conf
<VirtualHost *:22>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
-rw-r--r-- 1 root root 1332 Jan  2  2023 /var/lib/containers/storage/overlay/fbb76ef8de42c51c2608d79bd95caf64f2d204c0b9a80b23b6a2ce69b5e2bded/diff/etc/apache2/sites-available/000-default.conf
<VirtualHost *:22>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
-rw-r--r-- 1 root root 1332 Aug  8  2020 /var/lib/containers/storage/overlay/fda57903e9f43dc02ae8315fc92ac23d40d45f161406063cd720d3402b88e388/diff/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
lrwxrwxrwx 1 root root 35 Dec 11  2020 /var/lib/containers/storage/overlay/fda57903e9f43dc02ae8315fc92ac23d40d45f161406063cd720d3402b88e388/diff/etc/apache2/sites-enabled/000-default.conf -> ../sites-available/000-default.conf
<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

-rw-r--r-- 1 root root 72924 Aug 18 11:41 /etc/php/8.1/cli/php.ini
allow_url_fopen = On
allow_url_include = Off
odbc.allow_persistent = On
mysqli.allow_persistent = On
pgsql.allow_persistent = On
-rw-r--r-- 1 root root 72928 Aug 18 11:41 /etc/php/8.1/fpm/php.ini
allow_url_fopen = On
allow_url_include = Off
odbc.allow_persistent = On
mysqli.allow_persistent = On
pgsql.allow_persistent = On

-rw-r--r-- 1 root root 1447 May 30  2023 /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
        worker_connections 768;
}
http {
        sendfile on;
        tcp_nopush on;
        types_hash_max_size 2048;
        include /etc/nginx/mime.types;
        default_type application/octet-stream;
        ssl_prefer_server_ciphers on;
        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;
        gzip on;
        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}

-rw-r--r-- 1 root root 389 May 30  2023 /etc/default/nginx

-rwxr-xr-x 1 root root 4579 May 30  2023 /etc/init.d/nginx

-rw-r--r-- 1 root root 329 May 30  2023 /etc/logrotate.d/nginx

drwxr-xr-x 8 root root 4096 Feb  1 14:36 /etc/nginx
-rw-r--r-- 1 root root 1125 May 30  2023 /etc/nginx/fastcgi.conf
fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  REMOTE_USER        $remote_user;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;
fastcgi_param  REDIRECT_STATUS    200;
-rw-r--r-- 1 root root 1447 May 30  2023 /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
        worker_connections 768;
}
http {
        sendfile on;
        tcp_nopush on;
        types_hash_max_size 2048;
        include /etc/nginx/mime.types;
        default_type application/octet-stream;
        ssl_prefer_server_ciphers on;
        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;
        gzip on;
        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}
lrwxrwxrwx 1 root root 48 Feb  1 14:37 /etc/nginx/modules-enabled/50-mod-mail.conf -> /usr/share/nginx/modules-available/mod-mail.conf
load_module modules/ngx_mail_module.so;
lrwxrwxrwx 1 root root 55 Feb  1 14:37 /etc/nginx/modules-enabled/50-mod-http-geoip2.conf -> /usr/share/nginx/modules-available/mod-http-geoip2.conf
load_module modules/ngx_http_geoip2_module.so;
lrwxrwxrwx 1 root root 60 Feb  1 14:36 /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf -> /usr/share/nginx/modules-available/mod-http-xslt-filter.conf
load_module modules/ngx_http_xslt_filter_module.so;
lrwxrwxrwx 1 root root 57 Feb  1 14:37 /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf -> /usr/share/nginx/modules-available/mod-stream-geoip2.conf
load_module modules/ngx_stream_geoip2_module.so;
lrwxrwxrwx 1 root root 50 Feb  1 14:37 /etc/nginx/modules-enabled/50-mod-stream.conf -> /usr/share/nginx/modules-available/mod-stream.conf
load_module modules/ngx_stream_module.so;
lrwxrwxrwx 1 root root 61 Feb  1 14:38 /etc/nginx/modules-enabled/50-mod-http-image-filter.conf -> /usr/share/nginx/modules-available/mod-http-image-filter.conf
load_module modules/ngx_http_image_filter_module.so;
-rw-r--r-- 1 root root 423 May 30  2023 /etc/nginx/snippets/fastcgi-php.conf
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
try_files $fastcgi_script_name =404;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
-rw-r--r-- 1 root root 217 May 30  2023 /etc/nginx/snippets/snakeoil.conf
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

-rw-r--r-- 1 root root 374 May 30  2023 /etc/ufw/applications.d/nginx

drwxr-xr-x 3 root root 4096 Feb  1 14:36 /usr/lib/nginx

-rwxr-xr-x 1 root root 1240136 May 30  2023 /usr/sbin/nginx

drwxr-xr-x 2 root root 4096 Feb  1 14:36 /usr/share/doc/nginx

drwxr-xr-x 4 root root 4096 Feb  1 14:36 /usr/share/nginx
-rw-r--r-- 1 root root 42 May 30  2023 /usr/share/nginx/modules-available/mod-stream.conf
load_module modules/ngx_stream_module.so;
-rw-r--r-- 1 root root 53 May 30  2023 /usr/share/nginx/modules-available/mod-http-image-filter.conf
load_module modules/ngx_http_image_filter_module.so;
-rw-r--r-- 1 root root 40 May 30  2023 /usr/share/nginx/modules-available/mod-mail.conf
load_module modules/ngx_mail_module.so;
-rw-r--r-- 1 root root 52 May 30  2023 /usr/share/nginx/modules-available/mod-http-xslt-filter.conf
load_module modules/ngx_http_xslt_filter_module.so;
-rw-r--r-- 1 root root 47 May 30  2023 /usr/share/nginx/modules-available/mod-http-geoip2.conf
load_module modules/ngx_http_geoip2_module.so;
-rw-r--r-- 1 root root 49 May 30  2023 /usr/share/nginx/modules-available/mod-stream-geoip2.conf
load_module modules/ngx_stream_geoip2_module.so;

drwxr-xr-x 7 root root 4096 Feb  1 14:36 /var/lib/nginx

drwxr-xr-x 2 root adm 4096 Feb  1 14:36 /var/log/nginx


╔══════════╣ Analyzing FastCGI Files (limit 70)
-rw-r--r-- 1 root root 1055 May 30  2023 /etc/nginx/fastcgi_params

╔══════════╣ Analyzing Htpasswd Files (limit 70)
-rw-r--r-- 1 root root 47 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/basic/authz_owner/.htpasswd
username:$apr1$1f5oQUl4$21lLXSN7xQOPtNsj5s4Nk/
-rw-r--r-- 1 root root 47 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/basic/file/.htpasswd
username:$apr1$uUMsOjCQ$.BzXClI/B/vZKddgIAJCR.
-rw-r--r-- 1 root root 62 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest/.htpasswd
username:digest private area:fad48d3a7c63f61b5b3567a4105bbb04
-rw-r--r-- 1 root root 117 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest_anon/.htpasswd
username:digest anon:25e4077a9344ceb1a88f2a62c9fb60d8
05bbb04
anonymous:digest anon:faa4e5870970cf935bb9674776e6b26a
-rw-r--r-- 1 root root 62 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest_time/.htpasswd
username:digest private area:fad48d3a7c63f61b5b3567a4105bbb04
-rw-r--r-- 1 root root 62 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest_wrongrelm/.htpasswd
username:wrongrelm:99cd340e1283c6d0ab34734bd47bdc30
4105bbb04

╔══════════╣ Analyzing Rsync Files (limit 70)
-rw-r--r-- 1 root root 1044 Oct 11  2022 /usr/share/doc/rsync/examples/rsyncd.conf
[ftp]
        comment = public archive
        path = /var/www/pub
        use chroot = yes
        lock file = /var/lock/rsyncd
        read only = yes
        list = yes
        uid = nobody
        gid = nogroup
        strict modes = yes
        ignore errors = no
        ignore nonreadable = yes
        transfer logging = no
        timeout = 600
        refuse options = checksum dry-run
        dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz


╔══════════╣ Analyzing Ldap Files (limit 70)
The password hash is from the {SSHA} to 'structural'
drwxr-xr-x 2 root root 4096 Mar 17  2023 /etc/ldap

drwxr-xr-x 2 root root 4096 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/ldap

drwxr-xr-x 2 root root 4096 Dec 11  2020 /var/lib/containers/storage/overlay/997a5ede1171f8a59f01b0d101fe47fcf4f62aff0a8b1ca16d284f2a2d0f4e21/diff/etc/ldap


╔══════════╣ Searching ssl/ssh files
╔══════════╣ Analyzing SSH Files (limit 70)

-rw------- 1 alex alex 2622 Feb  1 14:45 /home/alex/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAsqJvyeJxf+8W73OgF7Av/GoO2Bp5Co0YU4H8x5YSNlgVwzZxmNgL
7TXnZYwvsdUGnPRuQf3I8kO8tHEPXcNlW1nTDuBhhY6QEibXxJ1sSbCSc6e44HMKods+EH
pXQhRmfn0oOembXb2zdzhTmFZ9xma3EIiaxqleapml7H2jqHpgPTvZ/SLhy0nEbFt0b+d7
LLVyspYlVeHMvzVJUR9NICbhAfJV1ykrbeqegPZvvOxOjN1NEp7LsHPYge3dXnjnKebPMK
GZILXggoveS8N5pvpi233vOvstf4fkGX/Tzb3++FJrDG2JhV89YelbCzy9125tqagndJvO
xMoP8nrKF4QSzb7CgMRMub6S4oTl0Us5hxmtrraZfFoMETmXfOYxeC2YTQXl8siAmyVHM/
VM6616l1d6v7JgDqGlTmdFriFG+5+F3LxD0aF74xUriPNScT704Cc45uh6Q+cox6Z5iEWR
DiySksjRy7QxNfCbPzFMiiXnFw+VmQyKLrjW8VMBAAAFmLyD6Nm8g+jZAAAAB3NzaC1yc2
EAAAGBALKib8nicX/vFu9zoBewL/xqDtgaeQqNGFOB/MeWEjZYFcM2cZjYC+0152WML7HV
Bpz0bkH9yPJDvLRxD13DZVtZ0w7gYYWOkBIm18SdbEmwknOnuOBzCqHbPhB6V0IUZn59KD
npm129s3c4U5hWfcZmtxCImsapXmqZpex9o6h6YD072f0i4ctJxGxbdG/neyy1crKWJVXh
zL81SVEfTSAm4QHyVdcpK23qnoD2b7zsTozdTRKey7Bz2IHt3V545ynmzzChmSC14IKL3k
vDeab6Ytt97zr7LX+H5Bl/0829/vhSawxtiYVfPWHpWws8vddubamoJ3SbzsTKD/J6yheE
Es2+woDETLm+kuKE5dFLOYcZra62mXxaDBE5l3zmMXgtmE0F5fLIgJslRzP1TOutepdXer
+yYA6hpU5nRa4hRvufhdy8Q9Ghe+MVK4jzUnE+9OAnOOboekPnKMemeYhFkQ4skpLI0cu0
MTXwmz8xTIol5xcPlZkMii641vFTAQAAAAMBAAEAAAGADMSuxN/NfEPn5pNKY1pFAJlifw
pCK85/nKIMu9KVC3ld8adXyBsGAmosV5/R91FIuOznxj1dOnCipMTBpzjeN83CpKxfjB8i
je/+bQYexWDWA81+c3Y40YgZ3MeoRDrjdv5IyWSFpglD/xOLNh2IilpKxeddvzFzMQXTTF
IdFPlnHTleXXxuzNinx5VjfzqTUIcvsAAqojbfkazXYfFtnwy1LJRyLYAhCikPZ0+cfdG0
oHD5BbzmX+U7GbgACLUPgiMcNq8h/1MLW1j+nk7zKsOM9x7rjEdmokL+xMtB3gg/pCUd/u
zWDpCHdDKA3pES4ug9OrUlev99eYox9ouObFs2UnzZdF/SIexoZ+k02i7XGZDrX10RSKls
H4e2yh7sKawv4RlEK/efEfNfX8eoOEgagw3QzBZE3iYYhse35Y7T+NA5daI3hLihtkzelv
2wshHPEv33a5ZW6M1q6haS0p6PJGitpKGTur3udX6PXH7+ZxKjwxg1dotkvJ7BANOZAAAA
wQC1HbxsQ5m7PaW5eJolRwZLeUsx+jA6dOD7Unj5CevaHATiIAOTEmfWYEHwuJ3Fbb3WAd
Ec4ZGRLd2v8ewtYv/6rizuKWGyDcoOAxUEvx52PJIRwB4APUr9FMfpTUvmVAC5VVJGFMml
6A/4ReX3QJpo0v/AydoEq/pAWUD9WciWds26hyuv/Z1c5CiN1bgOrtVUdOPK9nUikNXUhl
UD3znGjdy7/0v+zdcSa5K1+CSvGVZHTto1lAqwjjaqY+kADGUAAADBAO1LE4Bg6pyGHngn
KDpm0MPKUoYzN3rbZbpAFEni7M5V6abc+QkdBnnnwK7MuEtHzwIf7F3nySRHzXLT0CKiJc
kcOJClN1SnB1CaWezjV8yc4u+fLybaPlj5+A0MQDew0TgXZnkXOM6ldq0MS8sjEPMDg/LC
SVorD46QXE7+AjERcXbqJUMMgIwtTk4wT9eEWyHLDPN9jLmDSVdxK1n/py+Yk6PoleSyBQ
Qvh8CALZWMlbEPiGN0FrhmFN7SfS1U/wAAAMEAwLeKn98mWT2fojvxzhRJ7BxtOPIrwqxx
Iwka9GEwYEhniIEF+sP8ui6P1LwLa+5LrDx2mTO2VdPWVMzDwsdMPOp4rEe8jWLjg8JQ/O
NKBiP7rS8oaNbr18oOJkmLXwpn7y+1KCOjhWFp5WUif1L9ClSwUoDT6FhJHFWPYc+CMzk9
hmcgUYXylxeI0TH5fuDZ0BHu9piIqF6mVfXR0rzI4ak+OF6WafkNB5uXwweKxBMJA+tZE4
edz8sRpw+OGVf/AAAAHmFuc2libGUtZ2VuZXJhdGVkIG9uIGxzLTIwMjQtOQECAwQ=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 alex alex 584 Feb  1 14:45 /home/alex/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyom/J4nF/7xbvc6AXsC/8ag7YGnkKjRhTgfzHlhI2WBXDNnGY2AvtNedljC+x1Qac9G5B/cjyQ7y0cQ9dw2VbWdMO4GGFjpASJtfEnWxJsJJzp7jgcwqh2z4QeldCFGZ+fSg56ZtdvbN3OFOYVn3GZrcQiJrGqV5qmaXsfaOoemA9O9n9IuHLScRsW3Rv53sstXKyliVV4cy/NUlRH00gJuEB8lXXKStt6p6A9m+87E6M3U0Snsuwc9iB7d1eeOcp5s8woZkgteCCi95Lw3mm+mLbfe86+y1/h+QZf9PNvf74UmsMbYmFXz1h6VsLPL3Xbm2pqCd0m87Eyg/yesoXhBLNvsKAxEy5vpLihOXRSzmHGa2utpl8WgwROZd85jF4LZhNBeXyyICbJUcz9UzrrXqXV3q/smAOoaVOZ0WuIUb7n4XcvEPRoXvjFSuI81JxPvTgJzjm6HpD5yjHpnmIRZEOLJKSyNHLtDE18Js/MUyKJecXD5WZDIouuNbxUwE= ansible-generated on ls-2024-9
-rw------- 1 blake blake 2622 Feb  1 14:45 /home/blake/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAk5uMAf9wHjosMqXyX/BZt6EHQ6MV8PL2CoJikbJSwtEk1C1lZb2f
ZsweIqiW7w3P2gZBEKhccMGc9hHSmdVo5HsbQUioDU9ULKXPSiq/IhNYUzikw9gwuMn2Vo
3Q5vrEdGPo8sWuoX23KpFs6LMFEIaa4VzbceUvwwv+36nk1wVZxTnw5o9JmQ+sNrYgUaO+
m5EJOlfV2V17tISHazQmH+wlRSR5pBxz3BYqhooJjKUOfhsfmYXmmUhxIwZpVxqmx2gIdW
NAECe8cEAbOMVxwMFgRQsXYU+ZstVmlT14cKC9MnpgQwRgVdbj1+Ada5ZFiLWQD84I8noc
Gus6Ks5JBNcsjAERugCaM47O9Du9ARNTDN6BxnwhyvEn7j0GhygTOODuUrUVeI0G0bsn/6
dBrhTTX+a6S2k7iTpXXMXDzwOmdTLeb1lt6sE3FcF66J+4Pu56CGrV4yt86a9FWrZI9I4h
daoZfAHg0KfKgND8OOzR9+g9gUpcFui68K7xJHXdAAAFmFwPoRJcD6ESAAAAB3NzaC1yc2
EAAAGBAJObjAH/cB46LDKl8l/wWbehB0OjFfDy9gqCYpGyUsLRJNQtZWW9n2bMHiKolu8N
z9oGQRCoXHDBnPYR0pnVaOR7G0FIqA1PVCylz0oqvyITWFM4pMPYMLjJ9laN0Ob6xHRj6P
LFrqF9tyqRbOizBRCGmuFc23HlL8ML/t+p5NcFWcU58OaPSZkPrDa2IFGjvpuRCTpX1dld
e7SEh2s0Jh/sJUUkeaQcc9wWKoaKCYylDn4bH5mF5plIcSMGaVcapsdoCHVjQBAnvHBAGz
jFccDBYEULF2FPmbLVZpU9eHCgvTJ6YEMEYFXW49fgHWuWRYi1kA/OCPJ6HBrrOirOSQTX
LIwBEboAmjOOzvQ7vQETUwzegcZ8IcrxJ+49BocoEzjg7lK1FXiNBtG7J/+nQa4U01/muk
tpO4k6V1zFw88DpnUy3m9ZberBNxXBeuifuD7ueghq1eMrfOmvRVq2SPSOIXWqGXwB4NCn
yoDQ/Djs0ffoPYFKXBbouvCu8SR13QAAAAMBAAEAAAGAEkuWR+0cPXLiZYiyCPgmdp8r4l
NFde73VgghJYPfxCveD7pstfaR2lD0b0FMK+cfWxupVuI3SvaEeO9ulgigjqk/kJDr23J4
sWv/zGaN+DBDo1UC/w89wrmtob7EJMzyKqbziZu88GE/obQStqjxuMGmUsaKoIxSpi9HcP
uC1K/iF5L96+XYrnMF2mYqjVPpXSjV5vhaFi4DFjXS/xOgohZH7FEADrpEFgRdUv2q/1a5
/CFqgkHZeihDdZ7m0ZgI4b5EuJZ7eeizr9BDhV/azWoSyUfvak7WFAtcaZgmFUfknyf0zV
NTgb2Bs3CVg4ipWi7X7D19BPBj+1OlPyslUzDqqRThXvFzPB13whtGReNb14LQZnT8TXW8
EPiBd5DI1ZLt8NC8tmSX3yhh5GJVm8IDNaC/eiaFpMqxlqYTHAdh685qGcIlljSehsvWR6
qsh35j1Wtz5vZbP6pf3ocxqk7qEtNHk7diRlfAhL0dSZuRE4FcNkQvXEeDnoLQIzmhAAAA
wBju5iWyMa8YPyH3LUXH1PFa8TxuOU2NIizdKUZPeo1OJfdcA10kCpwHL8rcYEgmlwfFOA
HCDIWkTYhfCCJL7WumE/VJUKakq+PoaTZZSsALccfHJM5ZQxE+r1AQIrCqkEPRZld74lqu
+sBcI1xQs1Y85KT3KWIIlDHJFfuyOXr8ea+E0PohvLSmOWTK4Nol79jgwaiyt3XDUGcR+x
wFxRdWRNcybP5dM+Df4q28IvmJyLt17c/S3cDWPj25Uuj++QAAAMEAxdqJfue9b94dPVEP
fFwTFOG7bDj4Ms0/qhLmnQy8Z/7tAISCYjmhhM5lPNIAKY8XxCvhAOzcMyArhpSEvCCuw6
YfRNY4sGJmjfbRdOlq1QSzfb074F74rij14CDspBfp2i/z6atpKU7m0SH2kt3U7wzK3x/Y
lkTrlbVSwHkbSnLalA+3ZZI+MahE/Qip2D6Bcl0mm4GJPAGP6gv5xDqLbt/sQWE2B6mGW/
ZkWrWUrneEvu3V1OGEIvaNApqAKD45AAAAwQC+/MMqsniflrCcWsFO0g796YiRAX/E1HgC
WSktZvuWO1P9wKuB7SpgbZUL3xg+Ra1xFCjMtzg0o4/2RNpXwQgzkb72UC3qC44D7cd+R9
B7HAaeZPCD1inzBdrMUang+aWfvyTWkGqgkw0BoWKw4nLDRDJ+MacXkIr4RI6TC2W7u9EK
wjbCSxFUvuocLVu/YvD0oFky4eIWDvkxwmJYVTjrvaNsBkCNHhTg2metejvOYOvOWP3jTA
TI5l1D8iHRNMUAAAAeYW5zaWJsZS1nZW5lcmF0ZWQgb24gbHMtMjAyNC05AQIDBAU=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 blake blake 584 Feb  1 14:45 /home/blake/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCTm4wB/3AeOiwypfJf8Fm3oQdDoxXw8vYKgmKRslLC0STULWVlvZ9mzB4iqJbvDc/aBkEQqFxwwZz2EdKZ1WjkextBSKgNT1Qspc9KKr8iE1hTOKTD2DC4yfZWjdDm+sR0Y+jyxa6hfbcqkWzoswUQhprhXNtx5S/DC/7fqeTXBVnFOfDmj0mZD6w2tiBRo76bkQk6V9XZXXu0hIdrNCYf7CVFJHmkHHPcFiqGigmMpQ5+Gx+ZheaZSHEjBmlXGqbHaAh1Y0AQJ7xwQBs4xXHAwWBFCxdhT5my1WaVPXhwoL0yemBDBGBV1uPX4B1rlkWItZAPzgjyehwa6zoqzkkE1yyMARG6AJozjs70O70BE1MM3oHGfCHK8SfuPQaHKBM44O5StRV4jQbRuyf/p0GuFNNf5rpLaTuJOldcxcPPA6Z1Mt5vWW3qwTcVwXron7g+7noIatXjK3zpr0Vatkj0jiF1qhl8AeDQp8qA0Pw47NH36D2BSlwW6LrwrvEkdd0= ansible-generated on ls-2024-9
-rw------- 1 cameron cameron 2622 Feb  1 14:45 /home/cameron/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEA8vqPPPb5jfwPm8KB8ESTSGfeopdu63sHgH9qn21NyvwW/ki6HEXN
qOj2m/XpMp+tK2ajBTmoXl4LipwuaSPDad9JqxDFhSXKgKzLXr+UHT/zOkTj39o/h6LpMD
cqL5DcDe+WkVhE1JPjXiHQlNAk9OpqHu1YGH8S5pnsxWb5tTutcKZvim9KUz2C63f8IyY+
PHG4lRPA7AeNLUBBnnMj//Kdm3vcpXMzR3Tr1+TWv9dEItSLHZGRd7UtIwGSGBUQhBDtU7
mBe38tvXXzlEC43pgMlF/LSdlGKGVMBSmfGEyBLJmaiAvEPK64B3Uv+oynAfMwWqGa+/Ce
gcMNHjI5PjfmQnl3KZvSlM/ak42NniKhjk519aIVTusDg7de2rejmy0f11IbhWkpgna5zl
qa4SkFmbsfp64vhef6BleRr3Y2EfD3Cv36rKUp/hfXdmoGE86KM4w/Jkwwgf37QAwWlPzs
ymrG8LqHPfYR/ImjUd7GhQEWjT0oIkJc4rvevB8RAAAFmIVS0TKFUtEyAAAAB3NzaC1yc2
EAAAGBAPL6jzz2+Y38D5vCgfBEk0hn3qKXbut7B4B/ap9tTcr8Fv5IuhxFzajo9pv16TKf
rStmowU5qF5eC4qcLmkjw2nfSasQxYUlyoCsy16/lB0/8zpE49/aP4ei6TA3Ki+Q3A3vlp
FYRNST414h0JTQJPTqah7tWBh/EuaZ7MVm+bU7rXCmb4pvSlM9gut3/CMmPjxxuJUTwOwH
jS1AQZ5zI//ynZt73KVzM0d069fk1r/XRCLUix2RkXe1LSMBkhgVEIQQ7VO5gXt/Lb1185
RAuN6YDJRfy0nZRihlTAUpnxhMgSyZmogLxDyuuAd1L/qMpwHzMFqhmvvwnoHDDR4yOT43
5kJ5dymb0pTP2pONjZ4ioY5OdfWiFU7rA4O3Xtq3o5stH9dSG4VpKYJ2uc5amuEpBZm7H6
euL4Xn+gZXka92NhHw9wr9+qylKf4X13ZqBhPOijOMPyZMMIH9+0AMFpT87MpqxvC6hz32
EfyJo1HexoUBFo09KCJCXOK73rwfEQAAAAMBAAEAAAGAE6jz5ZArPZKPVcBNgLofu6xR3p
CHtEyCXSKSJz+yG3I9zwnl6ys3uorNB24ElijG23vkxWO2rJoJ74d3FuFCqsKbJJkJDl6y
LaqtkudH7fzyanzP/lkbqlcjbJgOFQaw03zXD0AX46Zqr39nb98OmnWMLB/ysJq5lgiO2K
MeIcyoGjURUd9y4VzZBsHw2Aw8XWorL/7G7aInyWlJVe+FkmxYVdAWGJoDZG0AtzmIKcIa
fIH7lqMkZM33Tr2OC15KzTSJYaeL2VTCX0nwHeNS2BUsu8nYGlR9nA7j+1dlO+OF47i2tw
2wXG8hIijUYmOTu0Tz1ezKv68fjC5FGto0qqrFij04F2Q5udqr1ZDIF89g0usD/sQtiI6/
kRUHIO17pVE6l07OA7OOgYZnvIgSwLyv15vo8SpbLKVjgmyslk1+Mp/yKHQ1wg7Q45nS3t
do1/TPvz3T4Ic82LAHAzhUx0tleJeIKMypdX+PTtwegEYxHJ6Sg+4MOK+Z8CR0I8ExAAAA
wBd7rKw95sS6H8C+NvQZOWCRkajChPJkwcDWdCymvPJO1z0LwfYt0vJ31NZh4f2mLgaxZW
U8OYvKrXMjZupKlP48yjCgl7QRBGARRbpW4cYCnJnIG/jluerGnUe8+Whi2Lkh72rTPatN
ahVDKjRoRqE9wa9xjtWQ/3iV2vgfdDyb/U70hXmzMyqDk2hhbLjqapZQM4aER6KufikYP7
xfCmonV4TD2pojm8JRB+NVxV+C3deW3PY7IHz1qHr0hx5/rwAAAMEA+ZGKZ8H2s/N7buAN
rH6xHhJciZGYVWwLVf8B5SgtX+oOU3Srg6XOdYLy1NzsyjcPwxyFsbEBhQMdXfxVG8VEFD
XfwGifZ2QilUjnY1smKfIv1D586aXzYS6AomsZshWDE45AT1ikw5NVGQszJrbKe3/YPnQ2
ind1JvAuG+kPzqyNOchzPgfNhHpf2kt9j8T11x2vy++nJIIO4bZpqalF8Mmk899htM8Ryd
pbtVDEG7HWfcf1XqBfddO3eMiBQjVpAAAAwQD5PYtw4Ge/nGokkdjtX3xt+uBhlE7sPT7Z
wwPubmbCf4vOv2kYrd9fIoWjqTGFYDfMKPxTe9JMtCoePssrYrXCNCB0009iIZ6Kz4+wun
b4btXpPJKgPyyx8ah1ry3hHiu9WMFnlfMkY5WsDvRhC1Fj0THhWo6LCo/72kF0aPqkya8E
o3ArOoCEoDORglgbU09LCJxRcvMECn2Mff29YIiz7hx5VXhcHfGjUnSKhgl+xktjoNJeur
VNoxriP+son2kAAAAeYW5zaWJsZS1nZW5lcmF0ZWQgb24gbHMtMjAyNC05AQIDBAU=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 cameron cameron 584 Feb  1 14:45 /home/cameron/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDy+o889vmN/A+bwoHwRJNIZ96il27reweAf2qfbU3K/Bb+SLocRc2o6Pab9ekyn60rZqMFOaheXguKnC5pI8Np30mrEMWFJcqArMtev5QdP/M6ROPf2j+HoukwNyovkNwN75aRWETUk+NeIdCU0CT06moe7VgYfxLmmezFZvm1O61wpm+Kb0pTPYLrd/wjJj48cbiVE8DsB40tQEGecyP/8p2be9ylczNHdOvX5Na/10Qi1IsdkZF3tS0jAZIYFRCEEO1TuYF7fy29dfOUQLjemAyUX8tJ2UYoZUwFKZ8YTIEsmZqIC8Q8rrgHdS/6jKcB8zBaoZr78J6Bww0eMjk+N+ZCeXcpm9KUz9qTjY2eIqGOTnX1ohVO6wODt17at6ObLR/XUhuFaSmCdrnOWprhKQWZux+nri+F5/oGV5GvdjYR8PcK/fqspSn+F9d2agYTzoozjD8mTDCB/ftADBaU/OzKasbwuoc99hH8iaNR3saFARaNPSgiQlziu968HxE= ansible-generated on ls-2024-9
-rw------- 1 casey casey 2622 Feb  1 14:45 /home/casey/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAsWQb/KvPmXO3sm7GG/+WSBO91Ht5Tbdhu29K+UZ2Y7xbHLCbeV21
xE/MIdaORKyJ6qC56V/dF3iWs/bpDOZxvXgKBSPEiIMyqApxVzgxCOw6+QfwkvSEPQsrDv
XyAJLVFedJ8lFHm9gfUjMAD/eXW8UTem3aN3YGM0SgwnjZGrXzgv0Fv+NornM3ORK8W50o
EILIqPcdK/8+fcG5Vq498z8S6/4kqncnku+RE8p0tIfcggG0mbdJ0Ve08kbUaVzUGtoJOR
2wSsR3f7nmsmvduaiwt2PWEPphD80fIG7zR71lLNHDu30XyeqFT+joQhK2Ij6iRdxFUd+Y
gZVjGN4DWcnaiCYKaqHcg2NNuyNmWADfb9s5ZNzJSnUfmH2wI1/8dC1c2wVhEoeA4JkUiD
arb/PeaYk7wFAzg4wh16YVntSM6YZXj6uKOn4ky+R3hYSifudVqg6bLOMg4uJOP8QdjRKc
a+lKbyLHKLgoy/BJJQkw8vtU+1mG2TXMW8fj4yTnAAAFmAp7ONkKezjZAAAAB3NzaC1yc2
EAAAGBALFkG/yrz5lzt7Juxhv/lkgTvdR7eU23YbtvSvlGdmO8Wxywm3ldtcRPzCHWjkSs
ieqguelf3Rd4lrP26Qzmcb14CgUjxIiDMqgKcVc4MQjsOvkH8JL0hD0LKw718gCS1RXnSf
JRR5vYH1IzAA/3l1vFE3pt2jd2BjNEoMJ42Rq184L9Bb/jaK5zNzkSvFudKBCCyKj3HSv/
Pn3BuVauPfM/Euv+JKp3J5LvkRPKdLSH3IIBtJm3SdFXtPJG1Glc1BraCTkdsErEd3+55r
Jr3bmosLdj1hD6YQ/NHyBu80e9ZSzRw7t9F8nqhU/o6EIStiI+okXcRVHfmIGVYxjeA1nJ
2ogmCmqh3INjTbsjZlgA32/bOWTcyUp1H5h9sCNf/HQtXNsFYRKHgOCZFIg2q2/z3mmJO8
BQM4OMIdemFZ7UjOmGV4+rijp+JMvkd4WEon7nVaoOmyzjIOLiTj/EHY0SnGvpSm8ixyi4
KMvwSSUJMPL7VPtZhtk1zFvH4+Mk5wAAAAMBAAEAAAGAKiUpOxJM293w1m1YFx3VxCEgmE
OPseWwTBpoeyoBBbgiA4J4JdEcVtxImP+DRJCjocF2+hnjCukFERPIEd8MReInq0nwryhQ
mDkG7Zx1lfOeHT2ELD34zxIAtGi9iuJXywDtAivKch3abyqbyK9f4BdGBe/kiQm69mJHOX
0Bw8VX6haYT5tFazEHfUFUzAVeF/Iin3Y6kZHudG1azdvO7yRcqAH1DyUJG3FcjBGtQZkH
zEGAeYbg/GI0pN0sKS469nj6y3UMzEDR+UT59knPj9B/SXB7JIXmdYg3ChCRkLWlMtVSsh
zVQ8VCT/VATHTWr7E7xFq0JJ3FKVFnOOWcTUurTxthwwYOhZPWp/6hFTP36k4NE1k1132d
uczMdhTt8cntFFL08Zw/fEnOBZjy7rH4gK4FTZEwBzoo1sHzw8sYvTZv+OUOIOPyASN1/5
e+Tve1Hpnw9bVWDCNNBqXke8A0Dx/xl0dI8wCR5dVru8k9/jF6zmgAnn94Qj7HxDtBAAAA
wQCEQbjzWTSfJZpdpZJ691wMlHul1v/D66N3owTPzKYkqCso1OGvnX0rdm3Ea/B4VY9Eqf
Xosqr2vcQwsPH2AIafvgciPmWobQK5L3Ku6vp1QCnvQz5y5ro/nXscsCxF4gG+qqr9TtnQ
vkpwNxD2NGUnKbbbuo7Tgq0aguA84qVUDkFPr9gKSd6Cq6EtGQF5+jGy//PtbjnvLfRnyN
z/Sfc2y0gycEMWxZ6aEjDIQHLH7XiN6DYQ1eCOfL2avQSJmNwAAADBAPBoZC8utLoK9vyp
n2VxIEW8J28e0mzF+fmlyuBlpBRpRVqPHFeWueUjIMvffvnBWKare16GKJnEQwtgAEiRVU
vGE1cwc64IAltnsq53LhUg+Ex2sPDS65lLgx6Aw2KfW3ErlkdRYw1yBI1neoe9LNFbHX5L
1F0xjyTWOOtHaFLeS0BVIWkuyJ0MPHr5MNbG3Uuj2Xfs6j6O09yWtI2+2fEgsEfKVyL4YS
JM335FqA+tOVlie6txvEISn/VXCE2LpwAAAMEAvOVrlea5lMq6krdxLkEab0+q7jlhcHJW
aGxbX3Q5rrN2Adl4SW3HnB2vBj4zQLg8gDiHJl1hGghp2xVXVSow3zLQqCwimLqcXg1w0H
4iJn76rJ73sFlS6mEOXfrQ5zw311DxZPOXWct5LQU4pWG8gra5ENDwyTyv43aRh9vtP+E8
VkipfTkkERNjTeDCddvE6LfhVoHQgQ4kNZl9EmSSiq2zwiFjbIH+idvvlaQ5ZqEU/4irrD
5BiQmYPl9ll8TBAAAAHmFuc2libGUtZ2VuZXJhdGVkIG9uIGxzLTIwMjQtOQECAwQ=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 casey casey 584 Feb  1 14:45 /home/casey/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxZBv8q8+Zc7eybsYb/5ZIE73Ue3lNt2G7b0r5RnZjvFscsJt5XbXET8wh1o5ErInqoLnpX90XeJaz9ukM5nG9eAoFI8SIgzKoCnFXODEI7Dr5B/CS9IQ9CysO9fIAktUV50nyUUeb2B9SMwAP95dbxRN6bdo3dgYzRKDCeNkatfOC/QW/42iuczc5ErxbnSgQgsio9x0r/z59wblWrj3zPxLr/iSqdyeS75ETynS0h9yCAbSZt0nRV7TyRtRpXNQa2gk5HbBKxHd/ueaya925qLC3Y9YQ+mEPzR8gbvNHvWUs0cO7fRfJ6oVP6OhCErYiPqJF3EVR35iBlWMY3gNZydqIJgpqodyDY027I2ZYAN9v2zlk3MlKdR+YfbAjX/x0LVzbBWESh4DgmRSINqtv895piTvAUDODjCHXphWe1IzphlePq4o6fiTL5HeFhKJ+51WqDpss4yDi4k4/xB2NEpxr6UpvIscouCjL8EklCTDy+1T7WYbZNcxbx+PjJOc= ansible-generated on ls-2024-9
-rw------- 1 drew drew 2622 Feb  1 14:45 /home/drew/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAvt2ZLrCQ0PBUnHR2qmNVzrI0uLW4qH5maQsLSl+uvFgW+mAaV/SX
XdWudvZTKrwyu0Uuj91Uf8Aq64ai8hcVXg3BdLZzOZThtBsfUTLg4qLIvr83W/XoMDaHIk
7brRLJLTmCR3RVOA4pv+5jt+E7owsasH0TRK4AoGjWopioPZutMEX0qsYDQYWJ2JkBzXyX
baXRK6zbV6wK+5U8pqMcwoOpoqwxE8e1fUy1WiuIqg4qGC4maqRhJusdUr9DEsW/XvSn4R
SA5PmoWQ7CPNlPyQNAu1m/xgf4PEYSEBFbkxuldBx3R+NqwP0gVzgD/aevM4oJbvoNRgn+
ZWHDS7VzUBKVTxrvMywrKjZpvEEPBujCi5btvZZkQKogmQC16aNCEepgk1eeFatmCm1tZo
YwkQNxFdjriNbh6dckWsku+Ys3U5zWlV6GS4sO7SjGEp0gGhuTJkIwxp2PS+k7kr/kufKy
3qf+W7/tPbLz6ibuipZwEl+mdqndJ1M2ilP3ffJHAAAFmE58+l9OfPpfAAAAB3NzaC1yc2
EAAAGBAL7dmS6wkNDwVJx0dqpjVc6yNLi1uKh+ZmkLC0pfrrxYFvpgGlf0l13Vrnb2Uyq8
MrtFLo/dVH/AKuuGovIXFV4NwXS2czmU4bQbH1Ey4OKiyL6/N1v16DA2hyJO260SyS05gk
d0VTgOKb/uY7fhO6MLGrB9E0SuAKBo1qKYqD2brTBF9KrGA0GFidiZAc18l22l0Sus21es
CvuVPKajHMKDqaKsMRPHtX1MtVoriKoOKhguJmqkYSbrHVK/QxLFv170p+EUgOT5qFkOwj
zZT8kDQLtZv8YH+DxGEhARW5MbpXQcd0fjasD9IFc4A/2nrzOKCW76DUYJ/mVhw0u1c1AS
lU8a7zMsKyo2abxBDwbowouW7b2WZECqIJkAtemjQhHqYJNXnhWrZgptbWaGMJEDcRXY64
jW4enXJFrJLvmLN1Oc1pVehkuLDu0oxhKdIBobkyZCMMadj0vpO5K/5Lnyst6n/lu/7T2y
8+om7oqWcBJfpnap3SdTNopT933yRwAAAAMBAAEAAAGAP0O+kZ5O8iKnORDVgJbai1/AX/
VEFv2Gvoy9mlJq3d0pCKawNLVLMvwwDxiI6qJlAnPlAiSv7IRq9ZS0ECCcoYdXt3L+cHir
84IF+Gkv549jkO5a0C2LX+fDFRkkcZLHgikMyNiDosf3CLpg7UNH/DwjBZr/twUiCgmWE2
Ecawdd+aFGfxCRZbd4wIW+9ji1DNAorBxou/+3yDpoVye70bHImbYPsmnA+55gglnpu8xk
IY2yiCiiVz8ZgiMJfYBz4t9ZGKHs/lpx8cSu1wQel9FwHMU2sU3y1z/ech/rguDLCc0n5v
UcOM4fTg3J6HaezRQF3DSaIS38DB99Eh4SaiUJGYDdHqzh5UuOxz/GlHKso2D+29NLwaHe
uzUQHdWLmpnxHTeh6mivdBvYI+JrML631EsnAEkLhHq+8W2RsbD29exEtD2rFCcvGMsqp6
x3YfvwNrlpjncFEAOQEQ7cTyxTcbeVkM9vppi7fqS3O8tgeEnrz5tZ56MWvdt5CdpJAAAA
wCpq/lyllVs8WOp2rtTJ5oDlVepuRN0yyYZiog4HPR/be86kQZ5LqioxmQDis58AqLChEW
cByAi8sYfHozqu/dFlqyss2k8OT5wyqFLaJVQ+CZtYDuV5CDRxcG5BzWxrnRKWVaIjHx0A
C8i417u3ivMQZco+ZDVkKFgU7XpJV4cpbf7CQYLWDF7Js6RKjBtfeiXuSp7iGeVoYz73cL
5UmyWikAXG4YLAyARTTbdiWAgTSqpAD+RXVwHaDRgMYouzwgAAAMEA2z/pLZeOLVb+leLO
EYdCvKIQ7bOF33m8hffFdLLl2eODqbDwHYFQ0+NGCGhQP/IJZxLCTFPHt701ZEAcML+U0o
BKGEGwoJYMGPtXdpRUTAJgikljTpZx4vhhcxbBxqbNPorxTitXKR91v1xhqyB6VtQG+GLr
osugYNIM8QmWXwb4gLKbYK2rYYlHDkVhZR0O3j2pS4KUvIoceo415Z+jrySWrk98SzLeJc
wP30nllvn9OJEs8N2atJlTu8mMAcItAAAAwQDe27eqdfDLCio/uqLktPD9V4ktJifpNh30
DK91GX/0fjF7IUabfjeyCCOVVIRB4Yru2xtvUMsCRbMqgFpJA3Zhq/JBs+ov/sZikE8/q3
Vr3lIweEH1o4AXFaREJOiu4AO8z3O2D9/OmDJHR7lfI8Z5/ShYIyxGWS3WNPTDjc3bE9Kz
PyUOaNu9uoP0l7fYNO1YEF+Zj0boZnE29Mzj2u6PdWAgnN43edsuYfg2py4dW3blnDku+k
7tpyHI/NDLcsMAAAAeYW5zaWJsZS1nZW5lcmF0ZWQgb24gbHMtMjAyNC05AQIDBAU=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 drew drew 584 Feb  1 14:45 /home/drew/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC+3ZkusJDQ8FScdHaqY1XOsjS4tbiofmZpCwtKX668WBb6YBpX9Jdd1a529lMqvDK7RS6P3VR/wCrrhqLyFxVeDcF0tnM5lOG0Gx9RMuDiosi+vzdb9egwNociTtutEsktOYJHdFU4Dim/7mO34TujCxqwfRNErgCgaNaimKg9m60wRfSqxgNBhYnYmQHNfJdtpdErrNtXrAr7lTymoxzCg6mirDETx7V9TLVaK4iqDioYLiZqpGEm6x1Sv0MSxb9e9KfhFIDk+ahZDsI82U/JA0C7Wb/GB/g8RhIQEVuTG6V0HHdH42rA/SBXOAP9p68ziglu+g1GCf5lYcNLtXNQEpVPGu8zLCsqNmm8QQ8G6MKLlu29lmRAqiCZALXpo0IR6mCTV54Vq2YKbW1mhjCRA3EV2OuI1uHp1yRayS75izdTnNaVXoZLiw7tKMYSnSAaG5MmQjDGnY9L6TuSv+S58rLep/5bv+09svPqJu6KlnASX6Z2qd0nUzaKU/d98kc= ansible-generated on ls-2024-9
-rw------- 1 jordan jordan 2622 Feb  1 14:45 /home/jordan/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAzhTk0G1xBT0BDYL9atu2/VN7aJ+aRwPGQNGJufm98XPezOnQdmyB
Dj7M4h082uS9Vlop/2oXABlsIs7t/nua436egQKe4TR7f2WV7oRmoKMZoST5FrRppebWVS
WDItvVwRyslREnfXPMV/xx6fILo0mba9EbQzEZBDqsQmO6q43RDNjAgpRY14j88NGUwqhp
QXcBKD1IGIvVNjCEoAmZ84WeiFHEaBa/bP/sckitamR1LDiZ8ofIevcmBwdEV9ZggvXdsb
OCiXBnszz9jTtvu6cg8BIt9XtOXP6qXaol7JAK0EwEWPqle8OFllpoNgE90IsBilvme1TY
1QVBWN3tZWf7mWQ+FRNmU8jV7S7SLM0OQjvB4d0OzYtPp1dLq/AYfSz1gVuvMwa5cu4AEa
RFCifDm83iY9/VTI61M/waXowPK2frsmKgc2Ahu7pkmQ2RhbDL+S6k8gbiqbFk6P4sXyUG
yNmSwJp2HzO0t0C382Yh3WZgD0mFHYxdElymQkehAAAFmCk661spOutbAAAAB3NzaC1yc2
EAAAGBAM4U5NBtcQU9AQ2C/Wrbtv1Te2ifmkcDxkDRibn5vfFz3szp0HZsgQ4+zOIdPNrk
vVZaKf9qFwAZbCLO7f57muN+noECnuE0e39lle6EZqCjGaEk+Ra0aaXm1lUlgyLb1cEcrJ
URJ31zzFf8cenyC6NJm2vRG0MxGQQ6rEJjuquN0QzYwIKUWNeI/PDRlMKoaUF3ASg9SBiL
1TYwhKAJmfOFnohRxGgWv2z/7HJIrWpkdSw4mfKHyHr3JgcHRFfWYIL13bGzgolwZ7M8/Y
07b7unIPASLfV7Tlz+ql2qJeyQCtBMBFj6pXvDhZZaaDYBPdCLAYpb5ntU2NUFQVjd7WVn
+5lkPhUTZlPI1e0u0izNDkI7weHdDs2LT6dXS6vwGH0s9YFbrzMGuXLuABGkRQonw5vN4m
Pf1UyOtTP8Gl6MDytn67JioHNgIbu6ZJkNkYWwy/kupPIG4qmxZOj+LF8lBsjZksCadh8z
tLdAt/NmId1mYA9JhR2MXRJcpkJHoQAAAAMBAAEAAAGAAXXC+HMfeKoMETy9/3wKncE7B8
pZQAQDPZwkI/R2359HHpR+RXent8S1PSLKNqvcp5ufK97NYfLsKMqdaCOFJirGrTxqGzUq
kXZmenmiettCGUd4XhWLPCPRwimiiJR1BkeYUMWwJM86BAN995yj1Depnz2MfsWQ5q5bzf
VkGPAVU5X9v5cU7dXXUHw9oQKiL0RsTTqyoW++5AHEYeqEpAExP9qG3/8fsHSONbHZ3ocK
IrBxUzK1rU8zZ5u8RKDTuaJR0Ap/cMi74GDlW1jNgPyneDa8whymZm2ZQpLGG7aFJl8X3L
//KsBdl1mFRyhV15DYCT40DsOR+NN1ubwKydeOFEmpURh2APK3w+xRgOMqCl1pbZIHNeMN
+QZxna0nK0wqghjm3nzEtvwGRYgXDmBokbGETFccWEN4aqc3ZI/4CzuxfM1XXlqE4zgORD
taUlEMZtCnrb8WCG+Uy0BKvWRunYAVPInyW4eSyt6KoGnJcO1qczvjO7kLtVEnqOXhAAAA
wQDZjKk/sjQR6NkKszEZsmynKVNPEdVvEbzUOkwdD2T7yXZgUaPqiZvsUjBKST/a1PZiKO
1qfaOgver35iMgr6cw7nUVve8ado5fQHzs6O/0sBTkTXYwL4aT1poIhBqB0YJbOGK+Mx4p
04Ye8QNe9FYLwoUZJ+KDDLPBEZaT8066e1+cc4kwZQXvxGqdwoiwyDUe+plMKCBsA0UXoI
euES4qRCVqWlMZTFWT6u3XGeu24f23cC3/zrLNzrqcPAxaQakAAADBAPIsQ3jaWD6aSizY
6OnJe5hEXCPrcHLeqRH8Ca73yz6vi+/0KiDMUHuGdFWxppvde5apVL8eOCxDByLB2oooVX
XcMbbB8cKvzOpWhW+7gjpmTDvH5WDi0fZ2veiwwIss6WfYIKPRi1WNPhVde3p0LNDwUrpp
3L5jyRXjtvfk1tgH7BjGhZLaQ3OW4CILd1h++MHUs208cokAPuog1eebTO33e+Qi+kCL5e
Nz+VJiDT2R/UC8P3HkXjtqzwJ+5r4+0QAAAMEA2dkZehAa3bfKWE9pnw32qBQsmHIES7uf
qtmGru8Z2h860C4ijeCnvu7o528oMf9eccgjTw/ev5hrK6Fe7A9JIot8x/eI0f6lIRiFey
ZMu2YoYCyD0CHUhZGW7cn1rn3lUQdQhV7+qPNFXqI/L7JJQRA+zEDyOIMztxcAGKvUsgWo
niRuzMFTT9DDe4cFHgfvqLpA+EwSlYBCFfeipEbOuIiuRGS+xcMupTImQJTJUPKEziE9fR
oQ/oy3BvPTRs/RAAAAHmFuc2libGUtZ2VuZXJhdGVkIG9uIGxzLTIwMjQtOQECAwQ=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 jordan jordan 584 Feb  1 14:45 /home/jordan/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDOFOTQbXEFPQENgv1q27b9U3ton5pHA8ZA0Ym5+b3xc97M6dB2bIEOPsziHTza5L1WWin/ahcAGWwizu3+e5rjfp6BAp7hNHt/ZZXuhGagoxmhJPkWtGml5tZVJYMi29XBHKyVESd9c8xX/HHp8gujSZtr0RtDMRkEOqxCY7qrjdEM2MCClFjXiPzw0ZTCqGlBdwEoPUgYi9U2MISgCZnzhZ6IUcRoFr9s/+xySK1qZHUsOJnyh8h69yYHB0RX1mCC9d2xs4KJcGezPP2NO2+7pyDwEi31e05c/qpdqiXskArQTARY+qV7w4WWWmg2AT3QiwGKW+Z7VNjVBUFY3e1lZ/uZZD4VE2ZTyNXtLtIszQ5CO8Hh3Q7Ni0+nV0ur8Bh9LPWBW68zBrly7gARpEUKJ8ObzeJj39VMjrUz/BpejA8rZ+uyYqBzYCG7umSZDZGFsMv5LqTyBuKpsWTo/ixfJQbI2ZLAmnYfM7S3QLfzZiHdZmAPSYUdjF0SXKZCR6E= ansible-generated on ls-2024-9
-rw------- 1 kendall kendall 2622 Feb  1 14:45 /home/kendall/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEArEf9sx4+yTcBMsi3OrRUGQpUPge1ZuV2ueO8aab+WkmbVVUbyeMB
Pnyb0BgkfBCyC1cAqKeIwTRj0OvxQz7Ud5iptC5Pyb/PJHua8dOFtuweZn5RLM3ip5/GaQ
OzIrHVoPkilYQ7KX+yXPMnJsaIeXKoGR2QR0ajITyRimEn9VoQlA/cPs2T9uWuX30yBzoJ
BUeeCAnBEyR1Lhwvzmi7Hcb/JZy2HikCo7AwOWS/21byjeMpSSY0m1vLM4GB4AnG/eSYuP
7ZQD4WVWop66h0Vy4z0Aw1VONK/9hjc4IuUynkD42SI42RLGj+jCahCvKmzrJTyYSUPjl7
QnQ7SSpvrdYYEExjGsS/ACkJsmBvvV9D3tQFdg4WnD2yR0CY3iWO1Qn8L5n5Xv4r4jmFYs
upb1ZMYKDNjvr1QNVJsamiRYMNhhLryOZLjIiWMCExcpYtA3/7ZkgT5cFAkanpp4DtqJiv
Ot16ew72EJ0t6QKSNhSXLlzwpdBva8eKqMM+xWh7AAAFmI4rJKeOKySnAAAAB3NzaC1yc2
EAAAGBAKxH/bMePsk3ATLItzq0VBkKVD4HtWbldrnjvGmm/lpJm1VVG8njAT58m9AYJHwQ
sgtXAKiniME0Y9Dr8UM+1HeYqbQuT8m/zyR7mvHThbbsHmZ+USzN4qefxmkDsyKx1aD5Ip
WEOyl/slzzJybGiHlyqBkdkEdGoyE8kYphJ/VaEJQP3D7Nk/blrl99Mgc6CQVHnggJwRMk
dS4cL85oux3G/yWcth4pAqOwMDlkv9tW8o3jKUkmNJtbyzOBgeAJxv3kmLj+2UA+FlVqKe
uodFcuM9AMNVTjSv/YY3OCLlMp5A+NkiONkSxo/owmoQryps6yU8mElD45e0J0O0kqb63W
GBBMYxrEvwApCbJgb71fQ97UBXYOFpw9skdAmN4ljtUJ/C+Z+V7+K+I5hWLLqW9WTGCgzY
769UDVSbGpokWDDYYS68jmS4yIljAhMXKWLQN/+2ZIE+XBQJGp6aeA7aiYrzrdensO9hCd
LekCkjYUly5c8KXQb2vHiqjDPsVoewAAAAMBAAEAAAGAAeVuSWu/zSnUfYvwAwQRGOV1ip
PoeeV0qmnInRvAGPD5ILX7GacXUGoWskenFHvVOdgPTcvqRBYg3cp7BqkeYDfx8OXBmGWK
u3VmKIXnfDKacw5Y3mFgaUU87dL4mcfTTh5FNILBaUeFMw4KFEctzAhoXpO7ZCLG5jVrH1
bKayI+pHfi414SjtkgU4oROZB4oPI/hF8hx5Aof1rCu/GIfbS/Ai74t4RECdaFRrHGhXzY
1pmgJAn48kIkY8C9KTYc/J5GtsLqAFA7H8aqQn/wbl4VY7U0fFq9XlfyzOn/02TOHLxixw
NwGliraxVNYz82qhPZZZi6/NEmsSnxp+zdVCA9qBBBYTwmtQOIeHaYUHXFN+hc5T1ro0Ac
+aGmDwwhDF0Y2YvAIsM81L8ljCkvEixQUTC6SjNvgmlE8MwDinW+yCqagov63rtg26CUJq
+1jLo7e74nxftHbKHKfzMGJ/dlp7pBgXSqe4Npss1wz7rvYXaZehPt/oWk5QhWsilhAAAA
wDi2SyZThPmIhcQT/DSWMk+L4F60f6VoNflxrgJN9imxizmOqxDsUN3UT7OSYH9CDfPK2u
6GonjYV3YlH8iHW9zQJfnNeqvnJzFgqr18mVibU7hPECe4+KvGiH0DkHCYozUiYigco696
odtkf/BqfACRXEGZQ1LIQhkeabDkftgwGnO5ntALJuJv1G5wRfmfYxX9NkOV8f603nQudp
+mIP8yNo2ral5un/CgS8+cC5GwDvh7Ig7pyfxaSEk1nwJtrwAAAMEA4k/OGOoMSg3NRBXr
4/M+mLag4k7mPVVciSTJO7p+gXSCfYuLkgCqoezRdxtNStdTMR91TM5KssoxIrmhczjH/U
LM/9xcZBybs7TTv/gZcauHUXZOl9cJ7yAu3bF7pc5YLQdQy3NAiMLrRzW/UeoxEkaGuPch
ssvZw3wZ6oG/Owbo2b0kJnvaqm3LY7hLXLpQRSI8bS/rnQrByCHwszjn8qmb6PfEANyPA5
ZQa25q6/y7DOiDcdgTww5G0+tHsDXXAAAAwQDC4a/CDAMuLh56N5nj6Sr8+66vTZDJR0lo
CcqmspqBCn7VvCpFhpbiOcZ8azgcKryuMKFnnA3YhEjUQ8YgSbKx6UF+A5/5Trlcsaw/Zb
H1UD4WCEDyNrzw3viekolV2U8Wc1VHErldULDCTE4elJyOBPN+mNIYnTqJ2S4ZJ0s2glPJ
p6O8gR/zScjJD4sE35BnYAmCr8Ca6ZMqlByQ193Y31uOf4mgOngFurk255LDUmD1N8KchV
hsSGCxY6elBf0AAAAeYW5zaWJsZS1nZW5lcmF0ZWQgb24gbHMtMjAyNC05AQIDBAU=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 kendall kendall 584 Feb  1 14:45 /home/kendall/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsR/2zHj7JNwEyyLc6tFQZClQ+B7Vm5Xa547xppv5aSZtVVRvJ4wE+fJvQGCR8ELILVwCop4jBNGPQ6/FDPtR3mKm0Lk/Jv88ke5rx04W27B5mflEszeKnn8ZpA7MisdWg+SKVhDspf7Jc8ycmxoh5cqgZHZBHRqMhPJGKYSf1WhCUD9w+zZP25a5ffTIHOgkFR54ICcETJHUuHC/OaLsdxv8lnLYeKQKjsDA5ZL/bVvKN4ylJJjSbW8szgYHgCcb95Ji4/tlAPhZVainrqHRXLjPQDDVU40r/2GNzgi5TKeQPjZIjjZEsaP6MJqEK8qbOslPJhJQ+OXtCdDtJKm+t1hgQTGMaxL8AKQmyYG+9X0Pe1AV2DhacPbJHQJjeJY7VCfwvmfle/iviOYViy6lvVkxgoM2O+vVA1UmxqaJFgw2GEuvI5kuMiJYwITFyli0Df/tmSBPlwUCRqemngO2omK863Xp7DvYQnS3pApI2FJcuXPCl0G9rx4qowz7FaHs= ansible-generated on ls-2024-9
-rw------- 1 morgan morgan 2622 Feb  1 14:45 /home/morgan/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAzdIy6JjtGIghvogkj+oTCBi9pUgqH29CHstt+K6bDTZyWWkBI06D
mxOwHNfJUpXyKToUj8ZVa+ukR79gjsdYl02ZqIj3Ir2emQkoBAhqtwg0lhsezcweGYBytC
ZYHZ97byi9k4gkXjXMPeqZhl16M43gLXzcDwS9m7EzJpRzhnP/go25tuel4XDUAuVXyoXa
Fbc3u0AOuGBK/LXzC0tPTcXKfGNO+adrrwh4Bp/C+WugCeUXpWn9r3KzVzcaWaSvUhZDaU
b0ErSbGAHtpXXsv5SY95ymq9jXVfUg/o1Gu4Ug4Zh0gI9vb1rdztwhWNgw0W+UqXIBO8vX
lDOtsyNH3Cgk6OmwqPhKOvkaeyG/zWo4RKlAztjUFhxkTL+kag0+8Mso4kZcivwEAKDg2p
QKyR80Y5wf44vkZmMLqhpcI2GsS5XW5VSTtf7pe2QBfislymfmnJdsWHxd8qHAwKFrb3Jb
/PjVPCwEA5tGtpxIAACepOGmVrZeNnMwUVyZJWVfAAAFmHaO7+x2ju/sAAAAB3NzaC1yc2
EAAAGBAM3SMuiY7RiIIb6IJI/qEwgYvaVIKh9vQh7Lbfiumw02cllpASNOg5sTsBzXyVKV
8ik6FI/GVWvrpEe/YI7HWJdNmaiI9yK9npkJKAQIarcINJYbHs3MHhmAcrQmWB2fe28ovZ
OIJF41zD3qmYZdejON4C183A8EvZuxMyaUc4Zz/4KNubbnpeFw1ALlV8qF2hW3N7tADrhg
Svy18wtLT03FynxjTvmna68IeAafwvlroAnlF6Vp/a9ys1c3Glmkr1IWQ2lG9BK0mxgB7a
V17L+UmPecpqvY11X1IP6NRruFIOGYdICPb29a3c7cIVjYMNFvlKlyATvL15QzrbMjR9wo
JOjpsKj4Sjr5Gnshv81qOESpQM7Y1BYcZEy/pGoNPvDLKOJGXIr8BACg4NqUCskfNGOcH+
OL5GZjC6oaXCNhrEuV1uVUk7X+6XtkAX4rJcpn5pyXbFh8XfKhwMCha29yW/z41TwsBAOb
RracSAAAnqThpla2XjZzMFFcmSVlXwAAAAMBAAEAAAGAFczvmCl9O5L3wrRYQxIaZUom6Z
cvjFgphb+AbM3PHeLS0TDzw5HxE1T423qTwsv1HslzHMN3kCXL0c8DODxZ4DTXqL1RMqcp
DFv8QWkZfJJBl6tUY5ynjNtJIFcgut/bStaNi08+ouf0iT5hzT9LeU3MHU/+CG01HtpHE7
gNAIR635Dex0aEEHv185SSlvX/N+ZJ4JXpY+gh0+Cl12ATt1DS9hftaTjYNBhOi6JnxtQl
MHHJQ7u/+NHKYzDdTqTIaI8hoy4W5feSdSshZyWowEelhAjVxXQgy3LbkmCfC0DdXbwwBp
3LIOigZEnfU+C6qVcfGs6e27T8tFjbk0ai5z3LPJRdMM+jneJ49vlImkh/vtuhEkALL2ZL
prNfhdIAxnZ99Mka4JJ7iqXay1MljvjvYQm7ud7RY/UP4HWOvEBTLuQYWD3tJld2OoTVfx
w/8nVrNZP4TZuXv4VC9VeTCeYgm6MiSeA1ZuK9ppAgxBgoQMnkYi5HJKWpxCT2DmzpAAAA
wQDggx6665BHQ5p4clfm5khjCX2+3fO8O6snJmxA+jQ4okjGVdpCecw8KaE2lT7Lu1Do1T
krJ4YKqQkwvngcd9Gi4gG4aXaTuktKt7hVGt9GsFu8siwSP0kjgjR31uVuly989vcp5Om8
kF9eYmDo6hjgnkI0FgURFvt2k5iKYTapEsCThHwPXo5Yi4RuKy250uiWp5eI106HiwbfdH
mlAWuenQ99CaOBUpgy5nblddNEiuxO4hx+AwYnqF5OlfZgaB8AAADBAOIURTI4povrgQ1b
eHrt2owiGpn9ZYWsvNPFFjme0uH0pexonZe+H65KV9gsMZw6wDop7YUx9crg38OUdCLlGD
jjfFBm2WYQUf2HqRCnUCC8qMFTcLr/ud0C3a2zwvbH4ZCbpv0v/naVQb749c/KlU4ox/gx
aCFd5FfCUeJ/PMcP9qAj9cFOaNjwntSkTVy/D50msfvUgtx751jN+z8ZE/kSavedJF44bE
9LLACzFofBF8y20QePo3vRM64QsxOyewAAAMEA6Q+Rx7EuXKPv1ljFG+m3rZykKnh6PTNc
CHncO13ZA01c2tjprPhWssbj0runSqIKxB/o1mvrDKmajGy6eW6HC3+r6dGieBdxAspTjW
GIuy4LjDWL58xc+1jR+hyHghbQaG/CYrTZEeeroff3MXZv1V7/qkdY9TZM9ScLUvFDm3Dq
6ict0uSketAXzv5ZB6D00xXABHmTrt+tX7sFP0ENo2XJWRtm047XhpP3Tt4XyBfuREc2E4
sKOud5zJYN8gVtAAAAHmFuc2libGUtZ2VuZXJhdGVkIG9uIGxzLTIwMjQtOQECAwQ=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 morgan morgan 584 Feb  1 14:45 /home/morgan/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDN0jLomO0YiCG+iCSP6hMIGL2lSCofb0Iey234rpsNNnJZaQEjToObE7Ac18lSlfIpOhSPxlVr66RHv2COx1iXTZmoiPcivZ6ZCSgECGq3CDSWGx7NzB4ZgHK0Jlgdn3tvKL2TiCReNcw96pmGXXozjeAtfNwPBL2bsTMmlHOGc/+Cjbm256XhcNQC5VfKhdoVtze7QA64YEr8tfMLS09Nxcp8Y075p2uvCHgGn8L5a6AJ5Relaf2vcrNXNxpZpK9SFkNpRvQStJsYAe2ldey/lJj3nKar2NdV9SD+jUa7hSDhmHSAj29vWt3O3CFY2DDRb5SpcgE7y9eUM62zI0fcKCTo6bCo+Eo6+Rp7Ib/NajhEqUDO2NQWHGRMv6RqDT7wyyjiRlyK/AQAoODalArJHzRjnB/ji+RmYwuqGlwjYaxLldblVJO1/ul7ZAF+KyXKZ+acl2xYfF3yocDAoWtvclv8+NU8LAQDm0a2nEgAAJ6k4aZWtl42czBRXJklZV8= ansible-generated on ls-2024-9
-rw------- 1 peyton peyton 2622 Feb  1 14:45 /home/peyton/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEA1ANceJtI4YOQXmq/GKvHCh4kTOZXS24nzCRNktiIzdnLbmpq1fXf
u5QoRF9s4pHAk+RzbLBn3NwUt3XnTY7U+gxgXkagTIVVwzHlWD8IhEbu9awIBTXkXxMZZg
pzjlA55Ui8FowG5Y9eNirqT5P2ddLwJtrKEIRGa7EXO2enkBblBndC+DjyvlNrD2Lqup2l
vaKiM5XrwlMOqL8WmJYSdnDlQK0Ny79e2BXY1rqK61IvqUbi+sO8iouOYS6QLmWdMOYfOz
iDEvL+XRoFNC/HU9mAEgKhhFXsOhkV79IkiYzLdZHvSVqv/QhpgqlYnHPUgq7bAbsBbl5T
pBrrR1NRTj1CaKZmfouZabO5/9xKzXiUs3OyDy2e5XbM9OfAbU0n/E2meA+m9w/B13R1/b
O/h3zMiufTa6R2AooW6YMlTYQ7p0vjgXQp1NTAoMdPY33xrpqarTEX4uG9/7GrQ+ZuKgn0
OsKHVkjyaXJmV6+vTYN2+3nMyWF+gI/f96WCJLeZAAAFmNzcdszc3HbMAAAAB3NzaC1yc2
EAAAGBANQDXHibSOGDkF5qvxirxwoeJEzmV0tuJ8wkTZLYiM3Zy25qatX137uUKERfbOKR
wJPkc2ywZ9zcFLd1502O1PoMYF5GoEyFVcMx5Vg/CIRG7vWsCAU15F8TGWYKc45QOeVIvB
aMBuWPXjYq6k+T9nXS8CbayhCERmuxFztnp5AW5QZ3Qvg48r5Taw9i6rqdpb2iojOV68JT
Dqi/FpiWEnZw5UCtDcu/XtgV2Na6iutSL6lG4vrDvIqLjmEukC5lnTDmHzs4gxLy/l0aBT
Qvx1PZgBICoYRV7DoZFe/SJImMy3WR70lar/0IaYKpWJxz1IKu2wG7AW5eU6Qa60dTUU49
QmimZn6LmWmzuf/cSs14lLNzsg8tnuV2zPTnwG1NJ/xNpngPpvcPwdd0df2zv4d8zIrn02
ukdgKKFumDJU2EO6dL44F0KdTUwKDHT2N98a6amq0xF+Lhvf+xq0PmbioJ9DrCh1ZI8mly
Zlevr02Ddvt5zMlhfoCP3/elgiS3mQAAAAMBAAEAAAGAX6yGobx9lpr+3sSwKMt33iZ8/i
DiGt2CYxqs0QwbLD3REio+vQAgLy9sPnKLmfDpJTQuLEmtDRtZ0/KGZ1cB4DcOk+yuMOno
qlXNZ9XGG59A/adc1TEdNhRR3VzxCbNFdSUuD8Sv5g8dFjemljOwwDno+re4AN0YREfdso
aTtK/IOXM/SvG0BVRylzZts7opjZqjNME+a2p8zoSxBzmN6loG8nlFpQDepYeyWzBCOXBU
psCg9EW5QxI4Nb3D/dQHWUbY80XezM0sH0H94+84/b3PfDqcFdlqSe/7X30lUfSfl05Ujm
ijcQeI/9qCkjR9lSLjkKz8mGp87vJsh9y99yYl6ZDGdqWn4sFVpE4fmZoeiDDLjO66WNdn
IEYah6UoDZLkIFTWPC5TUeAbMD8OD5ycGo5fiPNqk5rHumSDcgQoKV97phkMD8z5yHmOc2
VtExR3b14d61h9ttzBKx6GRQkaPS4epk1lKIEY8bh7B2Cf0n5YP+5MsTudDlri7TYTAAAA
wQDT95nKPur4PIkm8c6lJBOjTZ6SyetH5fGjSCEiZp5QVR7ojDEmrybCTR8T2Z+7lLVRHH
mJ1XmRFklQsDZvGq1F3qlnbU7JwjaFojM3Oh9Qgj03mwPWuzdon3BRLU/le/gwr5NuNcRh
alfET5uqWrXRj/SO7C8kViJu30RforUJMA7ZOiRI2rUdXXai82s4K4H0Gcihs2ArazgEms
TnUFyqibJHqVbCz0VxK6hHdt87eU4/Rg1eKp7X97MeHyBh0xQAAADBAPlINYOiK2AwPanj
hbF/Yyo+NcSv4TGDLAmBnpv9M39QotNsqMEW7MO0Otd6T0ReGZ1pd64Yyw0QdN9PTDKEZC
/iiD1o9IEXu6JkutGZfl0FOCeMbWum82YyMqvdgxKkAd9yz1xRT6Iraf7w2r87xlFRZGnD
lfcLRtqbtLr36SUMJtPFcvCPHDtFQPWclEyHtGtf8/giu3B9W/7TvdWb8X5qQAc7XoBdDE
3HQ3f6XDmrpzRkvP0CWr1bydOEmLrjzwAAAMEA2boI4Mmdyz/GBi9cHuMx0Il4PVoWw4V7
FuKQVdBbALjwvu++Nr+bVuguCI6b9ZdB7gOS6b9UR3TR1BMcxRDetQRrxeWkTej6lAPRxQ
JQ1RszxgfX4alYBpUXfXJHcwfHsJ6PzlzSJO/GBfR37+HQOBtncbZ5u9jiXhOMyj06Qf/W
fTNtbol2JBV5DSw4ZnTPI7vHTaHrVWCsVI8JEz+q9nYYkP5VfAghjyAxdOa5BqmrJN2LLh
lA6WMhQppWUcAXAAAAHmFuc2libGUtZ2VuZXJhdGVkIG9uIGxzLTIwMjQtOQECAwQ=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 peyton peyton 584 Feb  1 14:45 /home/peyton/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDUA1x4m0jhg5Bear8Yq8cKHiRM5ldLbifMJE2S2IjN2ctuamrV9d+7lChEX2zikcCT5HNssGfc3BS3dedNjtT6DGBeRqBMhVXDMeVYPwiERu71rAgFNeRfExlmCnOOUDnlSLwWjAblj142KupPk/Z10vAm2soQhEZrsRc7Z6eQFuUGd0L4OPK+U2sPYuq6naW9oqIzlevCUw6ovxaYlhJ2cOVArQ3Lv17YFdjWuorrUi+pRuL6w7yKi45hLpAuZZ0w5h87OIMS8v5dGgU0L8dT2YASAqGEVew6GRXv0iSJjMt1ke9JWq/9CGmCqVicc9SCrtsBuwFuXlOkGutHU1FOPUJopmZ+i5lps7n/3ErNeJSzc7IPLZ7ldsz058BtTSf8TaZ4D6b3D8HXdHX9s7+HfMyK59NrpHYCihbpgyVNhDunS+OBdCnU1MCgx09jffGumpqtMRfi4b3/satD5m4qCfQ6wodWSPJpcmZXr69Ng3b7eczJYX6Aj9/3pYIkt5k= ansible-generated on ls-2024-9
-rw------- 1 taylor taylor 2622 Feb  1 14:45 /home/taylor/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEA0fkYQSqqIpTmHq3TBwJ85g9BDh92Fqww6QS44E+pJ9WPLtiWwDiZ
vD8tAQXTCcgGTwShmjUVPiTUzvTFt0497wX3C17bpIj/g1XjjChe0+HfkU/IHjm6HruoXg
z94l9vpU6esAsxwMYXVACcBWE0D1/fBVcSW7DLOmVHql8AEHekoh3mIF6QvvnBkg5Y6EjX
oG/EaDkaQyxXDNGs5K+Etjpa5qZzIUP3V4Ai7TbeYsy4IrCRt3MJ06oWJqm3Z5yZWuXO9y
W31JwQGb48GLNkiDkmMN9ri/hsJ3uAFnIPfGEycP/OrkO66FTShi9ciGWoPjtGBouSB9pY
sQJVxJqByLoS5r4CNi8BU/UDB3T4TrlHHI+TDSIFePcSnZox3Quu7/o8Vi8HOSRP/6KHwO
Q27xu2d+nM6Zmipj3O1Rd2jyOQXQUUUfMeTin0nWnzLYI+RsIZXLcSlQgydMQcFiS5rImm
sPsqfWCHKNOYI6VfoNTCRzVggKUAABq42z0Ew9M5AAAFmLLs0i6y7NIuAAAAB3NzaC1yc2
EAAAGBANH5GEEqqiKU5h6t0wcCfOYPQQ4fdhasMOkEuOBPqSfVjy7YlsA4mbw/LQEF0wnI
Bk8EoZo1FT4k1M70xbdOPe8F9wte26SI/4NV44woXtPh35FPyB45uh67qF4M/eJfb6VOnr
ALMcDGF1QAnAVhNA9f3wVXEluwyzplR6pfABB3pKId5iBekL75wZIOWOhI16BvxGg5GkMs
VwzRrOSvhLY6WuamcyFD91eAIu023mLMuCKwkbdzCdOqFiapt2ecmVrlzvclt9ScEBm+PB
izZIg5JjDfa4v4bCd7gBZyD3xhMnD/zq5DuuhU0oYvXIhlqD47RgaLkgfaWLECVcSagci6
Eua+AjYvAVP1Awd0+E65RxyPkw0iBXj3Ep2aMd0Lru/6PFYvBzkkT/+ih8DkNu8btnfpzO
mZoqY9ztUXdo8jkF0FFFHzHk4p9J1p8y2CPkbCGVy3EpUIMnTEHBYkuayJprD7Kn1ghyjT
mCOlX6DUwkc1YIClAAAauNs9BMPTOQAAAAMBAAEAAAGACz8FEmHMyLBinkG00VB2ocMvD/
4VuZjRv9FNw6SQof5kE7VsZvGWeQjbNLhRTtn5+IZ+JKpzhPy9BzQArlTlp/qQ+k4Y2Thb
Pcy+X3XpalN+ls5dS2fPyltGZSSF/qIaR+eCRASSzslCsPBIFa5YoaWCu6BSbpB1ZMnNll
hN7RPeFgQgR3COiSQLFEhqG6WMeF6JeFmX81bEd354J6wnoV5WcGR5kHkO846nOumwQejG
yK4zXSOEuGOzmbDdDr104mcUVrxkkwXJWsQ9iiGsjclqxzV2wSNu9CZsvGf2+LN4ZzU0pY
lwulZTVAZRF75n0zMWi6ob2yB87PfEfhd1XaUOsLgO6E9IA7kNlch/Kt3zrGMM4IlHAB/M
8/1YiXlQFPDcvcs4rOP07+Y+9Fkypo6MaT9AP0PDcvYp86uwvmaOJ7d0ettq3cs1s/yVGy
N6JtB3/AacNyK73Lua1HbWuh/D3a0BdkhYHJxrmndpmrv8FXqFVsvsUgRk5D8v/A0/AAAA
wD5bnpa0rnS+vUnI2I0cttWeKCAmP8GKBRsj3ReOCqX3TWkWBQnTNQU4kD/rT1DQ3j+iHw
nrd09uueFDxmLmQQMuk/mN5/9l1SoJczbYOsYAZoAhA9oGjuQ3AccYyr/+zUn3w4BANO3T
GZSKPTj5NCgBmtvjklno+ZiI/WXIz2C2yYLSPz5QK4orAXecfVNDrZiDXlYs0gh9mmM21F
UpsabrFeZT1PRi+S2UT4IJIg7oDBmq1Z3ytlNtz7sT80zr6QAAAMEA9nl6Lw3P0UvgAM5I
Bia0hpjyA09FO/wNHrC2yWGgQAnEhHsSsOPOW28oX9dPWBrIlxB387Sj6s2YopBaUGWKOu
4FmJwZe29E2W2Jml9dOk43skAU53jltnt9DENjKEYTOdDjX6U/sAVp78yS8N3H3ngqlXm8
vnIPKfCwaGBCrANaVnE85orhN0pqCtWinXV4WzFdCAkNqMsX3UjidzQiv8w4ZMFLMiMRYq
tv23Q0iyaRjHRQbsiiaCp7g8Km6x6LAAAAwQDaFnxliNd2uXwi4q6UG6ra/JQPmFhMl84H
fP1J8zK3FrINgwf0OkjTB09sINvGAf+W0Ax77x4PghemWLCyoJRu4UM6zL2jC3au7/ZFia
SCjCfiG5IpDYXoITFZ/Kmrmw+kJtFvBd+xI1Xy0ffIosYQtZyA3ljwv4x629OrmJoqk488
qPPsy1XoLf2xJzDk/w2XEOb70Y41q/ioLDx45/hBAAq6GAWu5vvWL+vIJfr52crDMcElvV
yEHCBdnE+uMcsAAAAeYW5zaWJsZS1nZW5lcmF0ZWQgb24gbHMtMjAyNC05AQIDBAU=
-----END OPENSSH PRIVATE KEY-----
-rw-r--r-- 1 taylor taylor 584 Feb  1 14:45 /home/taylor/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDR+RhBKqoilOYerdMHAnzmD0EOH3YWrDDpBLjgT6kn1Y8u2JbAOJm8Py0BBdMJyAZPBKGaNRU+JNTO9MW3Tj3vBfcLXtukiP+DVeOMKF7T4d+RT8geOboeu6heDP3iX2+lTp6wCzHAxhdUAJwFYTQPX98FVxJbsMs6ZUeqXwAQd6SiHeYgXpC++cGSDljoSNegb8RoORpDLFcM0azkr4S2OlrmpnMhQ/dXgCLtNt5izLgisJG3cwnTqhYmqbdnnJla5c73JbfUnBAZvjwYs2SIOSYw32uL+Gwne4AWcg98YTJw/86uQ7roVNKGL1yIZag+O0YGi5IH2lixAlXEmoHIuhLmvgI2LwFT9QMHdPhOuUccj5MNIgV49xKdmjHdC67v+jxWLwc5JE//oofA5DbvG7Z36czpmaKmPc7VF3aPI5BdBRRR8x5OKfSdafMtgj5GwhlctxKVCDJ0xBwWJLmsiaaw+yp9YIco05gjpV+g1MJHNWCApQAAGrjbPQTD0zk= ansible-generated on ls-2024-9



-rw------- 1 root root 565 Feb  1 14:47 /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFeyPsS/zvRqho8r1ZosjOve5dP080XcvryKm6tb5k68kavPwpX4TDRTL9kPI2iF7xVPYWCqYJT+Bmn6S7+OcwfVVfIx59+rMPXMvsG9oLZfU6s1P0ogPH+0Nxnn/4N6hT+yJMzNbDKWsqPA7uXjmOUHLaIGvTfjhT+tA5ofWgMvOIRIdjSewVVFqsRvQZHc4ZppP6IBx43G7dBOHEKPI7y01O6WsEltErdPlTZQWDf43gO5GxwPFawgrRekT3YY8qo8U1kJMho46ajby3qoWO3RITb76fc4qiTK418AUoQFAndcbRYuhBNlWUYOwYEZm2fCtG44WvG0ckuUKL1CdB jernej.porenta@3fs.si
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO/DLidFTt+BEa8YbFKE1DwyjbhdxhgZJGZYDOsbFGVh
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO/DLidFTt+BEa8YbFKE1DwyjbhdxhgZJGZYDOsbFGVh
-rw------- 1 unbound unbound 565 Feb  1 14:38 /var/lib/unbound/.ssh/authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINKOliO5L0TA84lclwmsdu+Wcm/r3LDQH9G2jICZ3ECC
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFeyPsS/zvRqho8r1ZosjOve5dP080XcvryKm6tb5k68kavPwpX4TDRTL9kPI2iF7xVPYWCqYJT+Bmn6S7+OcwfVVfIx59+rMPXMvsG9oLZfU6s1P0ogPH+0Nxnn/4N6hT+yJMzNbDKWsqPA7uXjmOUHLaIGvTfjhT+tA5ofWgMvOIRIdjSewVVFqsRvQZHc4ZppP6IBx43G7dBOHEKPI7y01O6WsEltErdPlTZQWDf43gO5GxwPFawgrRekT3YY8qo8U1kJMho46ajby3qoWO3RITb76fc4qiTK418AUoQFAndcbRYuhBNlWUYOwYEZm2fCtG44WvG0ckuUKL1CdB jernej.porenta@3fs.si
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO/DLidFTt+BEa8YbFKE1DwyjbhdxhgZJGZYDOsbFGVh

-rw-r--r-- 1 root root 604 Feb  1 14:23 /etc/ssh/ssh_host_dsa_key.pub
-rw-r--r-- 1 root root 176 Feb  1 14:23 /etc/ssh/ssh_host_ecdsa_key.pub
-rw-r--r-- 1 root root 96 Feb  1 14:23 /etc/ssh/ssh_host_echd_key.pub
-rw-r--r-- 1 root root 96 Feb  1 14:23 /etc/ssh/ssh_host_ed25519_key.pub
-rw-r--r-- 1 root root 568 Feb  1 14:23 /etc/ssh/ssh_host_rsa_key.pub
-rw-r--r-- 1 alex alex 584 Feb  1 14:45 /home/alex/.ssh/id_rsa.pub
-rw-r--r-- 1 blake blake 584 Feb  1 14:45 /home/blake/.ssh/id_rsa.pub
-rw-r--r-- 1 cameron cameron 584 Feb  1 14:45 /home/cameron/.ssh/id_rsa.pub
-rw-r--r-- 1 casey casey 584 Feb  1 14:45 /home/casey/.ssh/id_rsa.pub
-rw-r--r-- 1 drew drew 584 Feb  1 14:45 /home/drew/.ssh/id_rsa.pub
-rw-r--r-- 1 jordan jordan 584 Feb  1 14:45 /home/jordan/.ssh/id_rsa.pub
-rw-r--r-- 1 kendall kendall 584 Feb  1 14:45 /home/kendall/.ssh/id_rsa.pub
-rw-r--r-- 1 morgan morgan 584 Feb  1 14:45 /home/morgan/.ssh/id_rsa.pub
-rw-r--r-- 1 peyton peyton 584 Feb  1 14:45 /home/peyton/.ssh/id_rsa.pub
-rw-r--r-- 1 taylor taylor 584 Feb  1 14:45 /home/taylor/.ssh/id_rsa.pub
-rw-r--r-- 1 root root 179 Jan  2  2023 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/ssh/ssh_host_ecdsa_key.pub
-rw-r--r-- 1 root root 99 Jan  2  2023 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/ssh/ssh_host_ed25519_key.pub
-rw-r--r-- 1 root root 399 Jan  2  2023 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/ssh/ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 179 Jan  2  2023 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/etc/ssh/ssh_host_ecdsa_key.pub
-rw-r--r-- 1 root root 99 Jan  2  2023 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/etc/ssh/ssh_host_ed25519_key.pub
-rw-r--r-- 1 root root 399 Jan  2  2023 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/etc/ssh/ssh_host_rsa_key.pub

PermitRootLogin yes
PasswordAuthentication no
PermitEmptyPasswords yes
UsePAM no

══╣ Possible private SSH keys were found!
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_dsa_key
/home/peyton/.ssh/id_rsa
/home/morgan/.ssh/id_rsa
/home/blake/.ssh/id_rsa
/home/drew/.ssh/id_rsa
/home/casey/.ssh/id_rsa
/home/jordan/.ssh/id_rsa
/home/alex/.ssh/id_rsa
/home/kendall/.ssh/id_rsa
/home/cameron/.ssh/id_rsa
/home/taylor/.ssh/id_rsa

══╣ Some certificates were found (out limited):
/etc/pollinate/entropy.ubuntu.com.pem
/etc/ssl/certs/ACCVRAIZ1.pem
/etc/ssl/certs/AC_RAIZ_FNMT-RCM.pem
/etc/ssl/certs/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
/etc/ssl/certs/ANF_Secure_Server_Root_CA.pem
/etc/ssl/certs/Actalis_Authentication_Root_CA.pem
/etc/ssl/certs/AffirmTrust_Commercial.pem
/etc/ssl/certs/AffirmTrust_Networking.pem
/etc/ssl/certs/AffirmTrust_Premium.pem
/etc/ssl/certs/AffirmTrust_Premium_ECC.pem
/etc/ssl/certs/Amazon_Root_CA_1.pem
/etc/ssl/certs/Amazon_Root_CA_2.pem
/etc/ssl/certs/Amazon_Root_CA_3.pem
/etc/ssl/certs/Amazon_Root_CA_4.pem
/etc/ssl/certs/Atos_TrustedRoot_2011.pem
/etc/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
/etc/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068_2.pem
/etc/ssl/certs/Baltimore_CyberTrust_Root.pem
/etc/ssl/certs/Buypass_Class_2_Root_CA.pem
/etc/ssl/certs/Buypass_Class_3_Root_CA.pem
1793PSTORAGE_CERTSBIN

══╣ Writable ssh and gpg agents
/etc/X11/Xsession.d/90gpg-agent
/etc/logcheck/ignore.d.server/gpg-agent
/etc/systemd/user/sockets.target.wants/gpg-agent.socket
/etc/systemd/user/sockets.target.wants/gpg-agent-ssh.socket
/etc/systemd/user/sockets.target.wants/gpg-agent-extra.socket
/etc/systemd/user/sockets.target.wants/gpg-agent-browser.socket
══╣ Some home ssh config file was found
/usr/share/openssh/sshd_config
Include /etc/ssh/sshd_config.d/*.conf
KbdInteractiveAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
AcceptEnv LANG LC_*
Subsystem       sftp    /usr/lib/openssh/sftp-server

══╣ /etc/hosts.allow file found, trying to read the rules:
/etc/hosts.allow


Searching inside /etc/ssh/ssh_config for interesting info
Include /etc/ssh/ssh_config.d/*.conf
Host *
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes

╔══════════╣ Analyzing PAM Auth Files (limit 70)
drwxr-xr-x 2 root root 4096 Feb  1 14:47 /etc/pam.d
-rw-r--r-- 1 root root 2133 Nov 23  2022 /etc/pam.d/sshd
account    required     pam_nologin.so
session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so close
session    required     pam_loginuid.so
session    optional     pam_keyinit.so force revoke
session    optional     pam_motd.so  motd=/run/motd.dynamic
session    optional     pam_motd.so noupdate
session    optional     pam_mail.so standard noenv # [1]
session    required     pam_limits.so
session    required     pam_env.so # [1]
session    required     pam_env.so user_readenv=1 envfile=/etc/default/locale
session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so open


╔══════════╣ Analyzing FreeIPA Files (limit 70)
drwxr-xr-x 2 root root 4096 Mar 17  2023 /usr/src/linux-headers-5.15.0-67/drivers/net/ipa





╔══════════╣ Searching tmux sessions
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#open-shell-sessions
tmux 3.2a


/tmp/tmux-0
╔══════════╣ Analyzing Cloud Init Files (limit 70)
-rw-r--r-- 1 root root 3786 Dec  8  2022 /snap/core20/1828/etc/cloud/cloud.cfg
     lock_passwd: True
-rw-r--r-- 1 root root 3756 Sep  6 17:11 /snap/core20/2105/etc/cloud/cloud.cfg
    lock_passwd: True

╔══════════╣ Analyzing Keyring Files (limit 70)
drwxr-xr-x 2 root root 4096 Apr  8  2022 /etc/apt/keyrings
drwxr-xr-x 2 root root 200 Feb  7  2023 /snap/core20/1828/usr/share/keyrings
drwxr-xr-x 2 root root 200 Nov 23 08:13 /snap/core20/2105/usr/share/keyrings
drwxr-xr-x 2 root root 4096 Feb  1 14:24 /usr/share/keyrings
drwxr-xr-x 2 root root 4096 Dec  9  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings
drwxr-xr-x 2 root root 4096 Dec  9  2020 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings




╔══════════╣ Searching uncommon passwd files (splunk)
passwd file: /etc/pam.d/passwd
passwd file: /etc/passwd
passwd file: /snap/core20/1828/etc/pam.d/passwd
passwd file: /snap/core20/1828/etc/passwd
passwd file: /snap/core20/1828/usr/share/bash-completion/completions/passwd
passwd file: /snap/core20/1828/usr/share/lintian/overrides/passwd
passwd file: /snap/core20/1828/var/lib/extrausers/passwd
passwd file: /snap/core20/2105/etc/pam.d/passwd
passwd file: /snap/core20/2105/etc/passwd
passwd file: /snap/core20/2105/usr/share/bash-completion/completions/passwd
passwd file: /snap/core20/2105/usr/share/lintian/overrides/passwd
passwd file: /snap/core20/2105/var/lib/extrausers/passwd
passwd file: /usr/share/bash-completion/completions/passwd
passwd file: /usr/share/lintian/overrides/passwd
passwd file: /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/pam.d/passwd
passwd file: /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/passwd
passwd file: /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/pam.d/passwd
passwd file: /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/passwd
passwd file: /var/lib/containers/storage/overlay/98074541ea3b10ad46266d8675687b485fc4ad15e7ed53414b295568892fee8e/diff/etc/passwd
passwd file: /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/etc/passwd

╔══════════╣ Analyzing PGP-GPG Files (limit 70)
/usr/bin/gpg
netpgpkeys Not Found
netpgp Not Found

-rw-r--r-- 1 root root 2794 Mar 26  2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
-rw-r--r-- 1 root root 1733 Mar 26  2021 /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
-rw-r--r-- 1 root root 7399 Sep 17  2018 /snap/core20/1828/usr/share/keyrings/ubuntu-archive-keyring.gpg
-rw-r--r-- 1 root root 6713 Oct 27  2016 /snap/core20/1828/usr/share/keyrings/ubuntu-archive-removed-keys.gpg
-rw-r--r-- 1 root root 4097 Feb  6  2018 /snap/core20/1828/usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
-rw-r--r-- 1 root root 0 Jan 17  2018 /snap/core20/1828/usr/share/keyrings/ubuntu-cloudimage-removed-keys.gpg
-rw-r--r-- 1 root root 1227 May 27  2010 /snap/core20/1828/usr/share/keyrings/ubuntu-master-keyring.gpg
-rw-r--r-- 1 root root 7399 Sep 17  2018 /snap/core20/2105/usr/share/keyrings/ubuntu-archive-keyring.gpg
-rw-r--r-- 1 root root 6713 Oct 27  2016 /snap/core20/2105/usr/share/keyrings/ubuntu-archive-removed-keys.gpg
-rw-r--r-- 1 root root 4097 Feb  6  2018 /snap/core20/2105/usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
-rw-r--r-- 1 root root 0 Jan 17  2018 /snap/core20/2105/usr/share/keyrings/ubuntu-cloudimage-removed-keys.gpg
-rw-r--r-- 1 root root 1227 May 27  2010 /snap/core20/2105/usr/share/keyrings/ubuntu-master-keyring.gpg
-rw-r--r-- 1 root root 2899 Jul  4  2022 /usr/share/gnupg/distsigkey.gpg
-rw-r--r-- 1 root root 2287 Sep 27  2022 /usr/share/keyrings/droplet-agent-keyring.gpg
-rw-r--r-- 1 root root 2247 Feb 28  2023 /usr/share/keyrings/ubuntu-advantage-cc-eal.gpg
-rw-r--r-- 1 root root 2274 Feb 28  2023 /usr/share/keyrings/ubuntu-advantage-cis.gpg
-rw-r--r-- 1 root root 2236 Feb 28  2023 /usr/share/keyrings/ubuntu-advantage-esm-apps.gpg
-rw-r--r-- 1 root root 2264 Feb 28  2023 /usr/share/keyrings/ubuntu-advantage-esm-infra-trusty.gpg
-rw-r--r-- 1 root root 2275 Feb 28  2023 /usr/share/keyrings/ubuntu-advantage-fips.gpg
-rw-r--r-- 1 root root 2250 Feb 28  2023 /usr/share/keyrings/ubuntu-advantage-realtime-kernel.gpg
-rw-r--r-- 1 root root 2235 Feb 28  2023 /usr/share/keyrings/ubuntu-advantage-ros.gpg
-rw-r--r-- 1 root root 7399 Sep 17  2018 /usr/share/keyrings/ubuntu-archive-keyring.gpg
-rw-r--r-- 1 root root 6713 Oct 27  2016 /usr/share/keyrings/ubuntu-archive-removed-keys.gpg
-rw-r--r-- 1 root root 3023 Mar 26  2021 /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
-rw-r--r-- 1 root root 0 Jan 17  2018 /usr/share/keyrings/ubuntu-cloudimage-removed-keys.gpg
-rw-r--r-- 1 root root 1227 May 27  2010 /usr/share/keyrings/ubuntu-master-keyring.gpg
-rw-r--r-- 1 root root 8132 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg
-rw-r--r-- 1 root root 8141 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.gpg
-rw-r--r-- 1 root root 2332 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg
-rw-r--r-- 1 root root 5106 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
-rw-r--r-- 1 root root 5115 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-rw-r--r-- 1 root root 2763 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-rw-r--r-- 1 root root 7443 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-rw-r--r-- 1 root root 7452 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
-rw-r--r-- 1 root root 2263 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
-rw-r--r-- 1 root root 8132 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-buster-automatic.gpg
-rw-r--r-- 1 root root 8141 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-buster-security-automatic.gpg
-rw-r--r-- 1 root root 2332 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-buster-stable.gpg
-rw-r--r-- 1 root root 5106 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-jessie-automatic.gpg
-rw-r--r-- 1 root root 5115 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-jessie-security-automatic.gpg
-rw-r--r-- 1 root root 2763 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-jessie-stable.gpg
-rw-r--r-- 1 root root 48747 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-keyring.gpg
-rw-r--r-- 1 root root 23889 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-removed-keys.gpg
-rw-r--r-- 1 root root 7443 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-stretch-automatic.gpg
-rw-r--r-- 1 root root 7452 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-stretch-security-automatic.gpg
-rw-r--r-- 1 root root 2263 Apr 23  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/share/keyrings/debian-archive-stretch-stable.gpg
-rw-r--r-- 1 root root 8132 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg
-rw-r--r-- 1 root root 8141 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.gpg
-rw-r--r-- 1 root root 2332 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg
-rw-r--r-- 1 root root 5106 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
-rw-r--r-- 1 root root 5115 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-rw-r--r-- 1 root root 2763 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-rw-r--r-- 1 root root 7443 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-rw-r--r-- 1 root root 7452 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
-rw-r--r-- 1 root root 2263 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
-rw-r--r-- 1 root root 8132 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-buster-automatic.gpg
-rw-r--r-- 1 root root 8141 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-buster-security-automatic.gpg
-rw-r--r-- 1 root root 2332 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-buster-stable.gpg
-rw-r--r-- 1 root root 5106 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-jessie-automatic.gpg
-rw-r--r-- 1 root root 5115 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-jessie-security-automatic.gpg
-rw-r--r-- 1 root root 2763 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-jessie-stable.gpg
-rw-r--r-- 1 root root 48747 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-keyring.gpg
-rw-r--r-- 1 root root 23889 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-removed-keys.gpg
-rw-r--r-- 1 root root 7443 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-stretch-automatic.gpg
-rw-r--r-- 1 root root 7452 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-stretch-security-automatic.gpg
-rw-r--r-- 1 root root 2263 Apr 23  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/share/keyrings/debian-archive-stretch-stable.gpg
-rw-r--r-- 1 root root 2236 Feb  1 14:23 /var/lib/ubuntu-advantage/apt-esm/etc/apt/trusted.gpg.d/ubuntu-advantage-esm-apps.gpg



╔══════════╣ Analyzing Postfix Files (limit 70)
-rwxr-xr-x 1 root root 3089 Mar 30  2023 /etc/init.d/postfix

-rw-r--r-- 1 root root 30 Jan 29 08:02 /etc/insserv.conf.d/postfix

-rwxr-xr-x 1 root root 800 Jan 29 08:02 /etc/network/if-down.d/postfix

-rwxr-xr-x 1 root root 1183 Jan 29 08:02 /etc/network/if-up.d/postfix

drwxr-xr-x 5 root root 4096 Feb  1 14:37 /etc/postfix
-rw-r--r-- 1 root root 6524 Feb  1 14:36 /etc/postfix/master.cf
  flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#  flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
  flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}

-rwxr-xr-x 1 root root 800 Jan 29 08:02 /etc/ppp/ip-down.d/postfix

-rwxr-xr-x 1 root root 1183 Jan 29 08:02 /etc/ppp/ip-up.d/postfix

-rwxr-xr-x 1 root root 441 Jan 29 08:02 /etc/resolvconf/update-libc.d/postfix

-rw-r--r-- 1 root root 361 Jan 29 08:02 /etc/ufw/applications.d/postfix

-rw-r--r-- 1 root root 813 Feb  2  2020 /snap/core20/1828/usr/share/bash-completion/completions/postfix

-rw-r--r-- 1 root root 813 Feb  2  2020 /snap/core20/2105/usr/share/bash-completion/completions/postfix

-rwxr-xr-x 1 root root 800 Jan 29 08:02 /usr/lib/networkd-dispatcher/off.d/postfix

-rwxr-xr-x 1 root root 1183 Jan 29 08:02 /usr/lib/networkd-dispatcher/routable.d/postfix

drwxr-xr-x 3 root root 4096 Feb  1 14:36 /usr/lib/postfix

-rw-r--r-- 1 root root 13300 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/logs/postfix

-rwxr-xr-x 1 root root 18816 Jan 29 08:02 /usr/sbin/postfix

-rw-r--r-- 1 root root 761 Nov 15  2021 /usr/share/bash-completion/completions/postfix

drwxr-xr-x 2 root root 4096 Feb  1 14:36 /usr/share/doc/postfix

-rw-r--r-- 1 root root 319 Jan 29 08:02 /usr/share/lintian/overrides/postfix

drwxr-xr-x 2 root root 4096 Feb  1 14:36 /usr/share/postfix

drwxr-xr-x 2 postfix postfix 4096 Feb  1 14:37 /var/lib/postfix

drwxr-xr-x 20 root root 4096 Feb  1 14:37 /var/spool/postfix


╔══════════╣ Analyzing FTP Files (limit 70)
-rw-r--r-- 1 root root 637 Nov 23  2020 /etc/fail2ban/filter.d/vsftpd.conf



-rw-r--r-- 1 root root 69 Aug 18 11:41 /etc/php/8.1/mods-available/ftp.ini
-rw-r--r-- 1 root root 69 Aug 18 11:41 /usr/share/php8.1-common/common/ftp.ini






╔══════════╣ Analyzing DNS Files (limit 70)
-rw-r--r-- 1 root root 826 Nov 15  2021 /usr/share/bash-completion/completions/bind
-rw-r--r-- 1 root root 826 Nov 15  2021 /usr/share/bash-completion/completions/bind




╔══════════╣ Analyzing Cacti Files (limit 70)
drwxr-xr-x 2 root root 4096 Feb  1 14:36 /usr/share/doc/fail2ban/examples/cacti





╔══════════╣ Analyzing Interesting logs Files (limit 70)
lrwxrwxrwx 1 www-data www-data 11 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/var/log/apache2/access.log -> /dev/stdout
lrwxrwxrwx 1 www-data www-data 11 Dec 11  2020 /var/lib/containers/storage/overlay/fda57903e9f43dc02ae8315fc92ac23d40d45f161406063cd720d3402b88e388/diff/var/log/apache2/access.log -> /dev/stdout
-rw-r----- 1 www-data adm 12844 Feb  2 08:13 /var/log/nginx/access.log

lrwxrwxrwx 1 www-data www-data 11 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/var/log/apache2/error.log -> /dev/stderr
lrwxrwxrwx 1 www-data www-data 11 Dec 11  2020 /var/lib/containers/storage/overlay/fda57903e9f43dc02ae8315fc92ac23d40d45f161406063cd720d3402b88e388/diff/var/log/apache2/error.log -> /dev/stderr
-rw-r----- 1 mysql adm 6716 Feb  2 07:59 /var/log/mysql/error.log
-rw-r----- 1 www-data adm 78 Feb  1 14:38 /var/log/nginx/error.log

╔══════════╣ Analyzing Windows Files (limit 70)






















lrwxrwxrwx 1 root root 20 Feb  1 14:38 /etc/alternatives/my.cnf -> /etc/mysql/mysql.cnf
lrwxrwxrwx 1 root root 24 Feb  1 14:36 /etc/mysql/my.cnf -> /etc/alternatives/my.cnf
-rw-r--r-- 1 root root 81 Feb  1 14:38 /var/lib/dpkg/alternatives/my.cnf





























╔══════════╣ Analyzing Other Interesting Files (limit 70)
-rw-r--r-- 1 root root 3771 Feb  1 14:47 /etc/skel/.bashrc
-rw-r--r-- 1 alex alex 3771 Jan  6  2022 /home/alex/.bashrc
-rw-r--r-- 1 blake blake 3771 Jan  6  2022 /home/blake/.bashrc
-rw-r--r-- 1 cameron cameron 3771 Jan  6  2022 /home/cameron/.bashrc
-rw-r--r-- 1 casey casey 3771 Jan  6  2022 /home/casey/.bashrc
-rw-r--r-- 1 drew drew 3771 Jan  6  2022 /home/drew/.bashrc
-rw-r--r-- 1 jordan jordan 3771 Jan  6  2022 /home/jordan/.bashrc
-rw-r--r-- 1 kendall kendall 3771 Jan  6  2022 /home/kendall/.bashrc
-rw-r--r-- 1 morgan morgan 3771 Jan  6  2022 /home/morgan/.bashrc
-rw-r--r-- 1 peyton peyton 3771 Jan  6  2022 /home/peyton/.bashrc
-rw-r--r-- 1 taylor taylor 3771 Jan  6  2022 /home/taylor/.bashrc
-rw-r--r-- 1 root root 3106 Feb  1 14:47 /root/.bashrc
-rw-r--r-- 1 root root 3771 Feb 25  2020 /snap/core20/1828/etc/skel/.bashrc
-rw-r--r-- 1 root root 3106 Dec  5  2019 /snap/core20/1828/root/.bashrc
-rw-r--r-- 1 root root 3771 Feb 25  2020 /snap/core20/2105/etc/skel/.bashrc
-rw-r--r-- 1 root root 3106 Dec  5  2019 /snap/core20/2105/root/.bashrc
-rw-r--r-- 1 root root 3526 Apr 18  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/skel/.bashrc
-rw-r--r-- 1 root root 570 Jan 31  2010 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/root/.bashrc
-rw-r--r-- 1 root root 3526 Apr 18  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/skel/.bashrc
-rw-r--r-- 1 root root 570 Jan 31  2010 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/root/.bashrc





-rw-r--r-- 1 root root 807 Jan  6  2022 /etc/skel/.profile
-rw-r--r-- 1 alex alex 807 Jan  6  2022 /home/alex/.profile
-rw-r--r-- 1 blake blake 807 Jan  6  2022 /home/blake/.profile
-rw-r--r-- 1 cameron cameron 807 Jan  6  2022 /home/cameron/.profile
-rw-r--r-- 1 casey casey 807 Jan  6  2022 /home/casey/.profile
-rw-r--r-- 1 drew drew 807 Jan  6  2022 /home/drew/.profile
-rw-r--r-- 1 jordan jordan 807 Jan  6  2022 /home/jordan/.profile
-rw-r--r-- 1 kendall kendall 807 Jan  6  2022 /home/kendall/.profile
-rw-r--r-- 1 morgan morgan 807 Jan  6  2022 /home/morgan/.profile
-rw-r--r-- 1 peyton peyton 807 Jan  6  2022 /home/peyton/.profile
-rw-r--r-- 1 taylor taylor 807 Jan  6  2022 /home/taylor/.profile
-rw-r--r-- 1 root root 161 Jul  9  2019 /root/.profile
-rw-r--r-- 1 root root 807 Feb 25  2020 /snap/core20/1828/etc/skel/.profile
-rw-r--r-- 1 root root 161 Dec  5  2019 /snap/core20/1828/root/.profile
-rw-r--r-- 1 root root 807 Feb 25  2020 /snap/core20/2105/etc/skel/.profile
-rw-r--r-- 1 root root 161 Dec  5  2019 /snap/core20/2105/root/.profile
-rw-r--r-- 1 root root 807 Apr 18  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/skel/.profile
-rw-r--r-- 1 root root 148 Aug 17  2015 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/root/.profile
-rw-r--r-- 1 root root 807 Apr 18  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/skel/.profile
-rw-r--r-- 1 root root 148 Aug 17  2015 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/root/.profile






100  833k  100  833k    0     0  15159      0  0:00:56  0:00:56 --:--:-- 15190
                      ╔════════════════════════════════════╗
══════════════════════╣ Files with Interesting Permissions ╠══════════════════════
                      ╚════════════════════════════════════╝
╔══════════╣ SUID - Check easy privesc, exploits and write perms
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-and-suid
-rwsr-xr-x 1 root root 19K Feb 26  2022 /usr/libexec/polkit-agent-helper-1
-rwsr-xr-x 1 root root 331K Nov 23  2022 /usr/lib/openssh/ssh-keysign
-rwsr-xr-x 1 root root 136K Dec  1  2022 /usr/lib/snapd/snap-confine  --->  Ubuntu_snapd<2.37_dirty_sock_Local_Privilege_Escalation(CVE-2019-7304)
-rwsr-xr-- 1 root messagebus 35K Oct 25  2022 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
-rwsr-sr-x 1 daemon daemon 55K Apr 14  2022 /usr/bin/at  --->  RTru64_UNIX_4.0g(CVE-2002-1614)
-rwsr-sr-x 1 root root 115K Jul 11  2018 /usr/bin/pexec
-rwsr-xr-x 1 root root 28K Nov 24  2022 /usr/bin/newuidmap
-rwsr-xr-x 1 root root 35K Feb 21  2022 /usr/bin/umount  --->  BSD/Linux(08-1996)
-rwsr-xr-x 1 root root 35K Mar 23  2022 /usr/bin/fusermount3
-rwsr-xr-x 1 root root 39K Oct 18  2021 /usr/bin/doas
-rwsr-xr-x 1 root root 40K Nov 24  2022 /usr/bin/newgrp  --->  HP-UX_10.20
-rwsr-xr-x 1 root root 55K Feb 21  2022 /usr/bin/su
-rwsr-xr-x 1 root root 31K Feb 26  2022 /usr/bin/pkexec  --->  Linux4.10_to_5.1.17(CVE-2019-13272)/rhel_6(CVE-2011-1485)
-rwsr-xr-x 1 root root 59K Nov 24  2022 /usr/bin/passwd  --->  Apple_Mac_OSX(03-2006)/Solaris_8/9(12-2004)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1(02-1997)
-rwsr-xr-x 1 root root 71K Nov 24  2022 /usr/bin/gpasswd
-rwsr-xr-x 1 root root 44K Nov 24  2022 /usr/bin/chsh
-rwsr-xr-x 1 root root 28K Nov 24  2022 /usr/bin/newgidmap
-rwsr-xr-x 1 root root 47K Feb 21  2022 /usr/bin/mount  --->  Apple_Mac_OSX(Lion)_Kernel_xnu-1699.32.7_except_xnu-1699.24.8
-rwsr-xr-x 1 root root 227K Mar  1  2023 /usr/bin/sudo  --->  check_if_the_sudo_version_is_vulnerable
-rwsr-xr-x 1 root root 72K Nov 24  2022 /usr/bin/chfn  --->  SuSE_9.3/10
-rwsr-xr-x 1 root root 427K Jan 31  2020 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/usr/lib/openssh/ssh-keysign
-rwsr-xr-- 1 root systemd-timesync 50K Oct 10  2022 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/usr/lib/dbus-1.0/dbus-daemon-launch-helper
-rwsr-xr-x 1 root root 154K Nov  7  2022 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/usr/bin/sudo  --->  check_if_the_sudo_version_is_vulnerable
-rwsr-xr-x 1 root root 427K Jan 31  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/lib/openssh/ssh-keysign
-rwsr-xr-- 1 root systemd-timesync 50K Oct 10  2022 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/lib/dbus-1.0/dbus-daemon-launch-helper
-rwsr-xr-x 1 root root 44K Jul 27  2018 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/newgrp  --->  HP-UX_10.20
-rwsr-xr-x 1 root root 63K Jul 27  2018 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/passwd  --->  Apple_Mac_OSX(03-2006)/Solaris_8/9(12-2004)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1(02-1997)
-rwsr-xr-x 1 root root 83K Jul 27  2018 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/gpasswd
-rwsr-xr-x 1 root root 44K Jul 27  2018 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/chsh
-rwsr-xr-x 1 root root 53K Jul 27  2018 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/chfn  --->  SuSE_9.3/10
-rwsr-xr-x 1 root root 154K Nov  7  2022 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/sudo  --->  check_if_the_sudo_version_is_vulnerable
-rwsr-xr-x 1 root root 35K Jan 10  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/bin/umount  --->  BSD/Linux(08-1996)
-rwsr-xr-x 1 root root 63K Jan 10  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/bin/su
-rwsr-xr-x 1 root root 51K Jan 10  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/bin/mount  --->  Apple_Mac_OSX(Lion)_Kernel_xnu-1699.32.7_except_xnu-1699.24.8
-rwsr-xr-x 1 root root 44K Jul 27  2018 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/newgrp  --->  HP-UX_10.20
-rwsr-xr-x 1 root root 63K Jul 27  2018 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/passwd  --->  Apple_Mac_OSX(03-2006)/Solaris_8/9(12-2004)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1(02-1997)
-rwsr-xr-x 1 root root 83K Jul 27  2018 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/gpasswd
-rwsr-xr-x 1 root root 44K Jul 27  2018 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/chsh
-rwsr-xr-x 1 root root 53K Jul 27  2018 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/chfn  --->  SuSE_9.3/10
-rwsr-xr-x 1 root root 35K Jan 10  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/bin/umount  --->  BSD/Linux(08-1996)
-rwsr-xr-x 1 root root 63K Jan 10  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/bin/su
-rwsr-xr-x 1 root root 51K Jan 10  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/bin/mount  --->  Apple_Mac_OSX(Lion)_Kernel_xnu-1699.32.7_except_xnu-1699.24.8
-rwsr-xr-x 1 root root 84K Nov 29  2022 /snap/core20/2105/usr/bin/chfn  --->  SuSE_9.3/10
-rwsr-xr-x 1 root root 52K Nov 29  2022 /snap/core20/2105/usr/bin/chsh
-rwsr-xr-x 1 root root 87K Nov 29  2022 /snap/core20/2105/usr/bin/gpasswd
-rwsr-xr-x 1 root root 55K May 30  2023 /snap/core20/2105/usr/bin/mount  --->  Apple_Mac_OSX(Lion)_Kernel_xnu-1699.32.7_except_xnu-1699.24.8
-rwsr-xr-x 1 root root 44K Nov 29  2022 /snap/core20/2105/usr/bin/newgrp  --->  HP-UX_10.20
-rwsr-xr-x 1 root root 67K Nov 29  2022 /snap/core20/2105/usr/bin/passwd  --->  Apple_Mac_OSX(03-2006)/Solaris_8/9(12-2004)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1(02-1997)
-rwsr-xr-x 1 root root 67K May 30  2023 /snap/core20/2105/usr/bin/su
-rwsr-xr-x 1 root root 163K Apr  4  2023 /snap/core20/2105/usr/bin/sudo  --->  check_if_the_sudo_version_is_vulnerable
-rwsr-xr-x 1 root root 39K May 30  2023 /snap/core20/2105/usr/bin/umount  --->  BSD/Linux(08-1996)
-rwsr-xr-- 1 root systemd-resolve 51K Oct 25  2022 /snap/core20/2105/usr/lib/dbus-1.0/dbus-daemon-launch-helper
-rwsr-xr-x 1 root root 463K Aug  4 22:02 /snap/core20/2105/usr/lib/openssh/ssh-keysign
-rwsr-xr-x 1 root root 84K Nov 29  2022 /snap/core20/1828/usr/bin/chfn  --->  SuSE_9.3/10
-rwsr-xr-x 1 root root 52K Nov 29  2022 /snap/core20/1828/usr/bin/chsh
-rwsr-xr-x 1 root root 87K Nov 29  2022 /snap/core20/1828/usr/bin/gpasswd
-rwsr-xr-x 1 root root 55K Feb  7  2022 /snap/core20/1828/usr/bin/mount  --->  Apple_Mac_OSX(Lion)_Kernel_xnu-1699.32.7_except_xnu-1699.24.8
-rwsr-xr-x 1 root root 44K Nov 29  2022 /snap/core20/1828/usr/bin/newgrp  --->  HP-UX_10.20
-rwsr-xr-x 1 root root 67K Nov 29  2022 /snap/core20/1828/usr/bin/passwd  --->  Apple_Mac_OSX(03-2006)/Solaris_8/9(12-2004)/SPARC_8/9/Sun_Solaris_2.3_to_2.5.1(02-1997)
-rwsr-xr-x 1 root root 67K Feb  7  2022 /snap/core20/1828/usr/bin/su
-rwsr-xr-x 1 root root 163K Jan 16  2023 /snap/core20/1828/usr/bin/sudo  --->  check_if_the_sudo_version_is_vulnerable
-rwsr-xr-x 1 root root 39K Feb  7  2022 /snap/core20/1828/usr/bin/umount  --->  BSD/Linux(08-1996)
-rwsr-xr-- 1 root systemd-resolve 51K Oct 25  2022 /snap/core20/1828/usr/lib/dbus-1.0/dbus-daemon-launch-helper
-rwsr-xr-x 1 root root 463K Mar 30  2022 /snap/core20/1828/usr/lib/openssh/ssh-keysign
-rwsr-xr-x 1 root root 129K Nov 29 14:54 /snap/snapd/20671/usr/lib/snapd/snap-confine  --->  Ubuntu_snapd<2.37_dirty_sock_Local_Privilege_Escalation(CVE-2019-7304)
-rwsr-xr-x 1 root root 121K Jan 25  2023 /snap/snapd/18357/usr/lib/snapd/snap-confine  --->  Ubuntu_snapd<2.37_dirty_sock_Local_Privilege_Escalation(CVE-2019-7304)

╔══════════╣ SGID
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#sudo-and-suid
-rwxr-sr-x 1 root shadow 23K Feb  2  2023 /usr/sbin/pam_extrausers_chkpwd
-r-xr-sr-x 1 root postdrop 23K Jan 29 08:02 /usr/sbin/postqueue
-r-xr-sr-x 1 root postdrop 23K Jan 29 08:02 /usr/sbin/postdrop
-rwxr-sr-x 1 root shadow 27K Feb  2  2023 /usr/sbin/unix_chkpwd
-rwxr-sr-x 1 root utmp 15K Mar 24  2022 /usr/lib/x86_64-linux-gnu/utempter/utempter
-rwsr-sr-x 1 daemon daemon 55K Apr 14  2022 /usr/bin/at  --->  RTru64_UNIX_4.0g(CVE-2002-1614)
-rwxr-sr-x 1 root shadow 71K Nov 24  2022 /usr/bin/chage
-rwxr-sr-x 1 root tty 23K Feb 21  2022 /usr/bin/wall
-rwsr-sr-x 1 root root 115K Jul 11  2018 /usr/bin/pexec
-rwxr-sr-x 1 root mail 23K Mar 24  2022 /usr/bin/dotlockfile
-rwxr-sr-x 1 root _ssh 287K Nov 23  2022 /usr/bin/ssh-agent
-rwxr-sr-x 1 root crontab 39K Mar 23  2022 /usr/bin/crontab
-rwxr-sr-x 1 root shadow 23K Nov 24  2022 /usr/bin/expiry
-rwxr-sr-x 1 root tty 23K Feb 21  2022 /usr/bin/write.ul (Unknown SGID binary)
-rwxr-sr-x 1 root messagebus 315K Jan 31  2020 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/usr/bin/ssh-agent
-rwxr-sr-x 1 root shadow 39K Feb 14  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/sbin/unix_chkpwd
-rwxr-sr-x 1 root shadow 71K Jul 27  2018 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/chage
-rwxr-sr-x 1 root tty 35K Jan 10  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/wall
-rwxr-sr-x 1 root shadow 31K Jul 27  2018 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/expiry
-rwxr-sr-x 1 root messagebus 315K Jan 31  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/bin/ssh-agent
-rwxr-sr-x 1 root shadow 39K Feb 14  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/sbin/unix_chkpwd
-rwxr-sr-x 1 root shadow 71K Jul 27  2018 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/chage
-rwxr-sr-x 1 root tty 35K Jan 10  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/wall
-rwxr-sr-x 1 root shadow 31K Jul 27  2018 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/usr/bin/expiry
-rwxr-sr-x 1 root shadow 83K Nov 29  2022 /snap/core20/2105/usr/bin/chage
-rwxr-sr-x 1 root shadow 31K Nov 29  2022 /snap/core20/2105/usr/bin/expiry
-rwxr-sr-x 1 root messagebus 343K Aug  4 22:02 /snap/core20/2105/usr/bin/ssh-agent
-rwxr-sr-x 1 root tty 35K May 30  2023 /snap/core20/2105/usr/bin/wall
-rwxr-sr-x 1 root shadow 43K Feb  2  2023 /snap/core20/2105/usr/sbin/pam_extrausers_chkpwd
-rwxr-sr-x 1 root shadow 43K Feb  2  2023 /snap/core20/2105/usr/sbin/unix_chkpwd
-rwxr-sr-x 1 root shadow 83K Nov 29  2022 /snap/core20/1828/usr/bin/chage
-rwxr-sr-x 1 root shadow 31K Nov 29  2022 /snap/core20/1828/usr/bin/expiry
-rwxr-sr-x 1 root messagebus 343K Mar 30  2022 /snap/core20/1828/usr/bin/ssh-agent
-rwxr-sr-x 1 root tty 35K Feb  7  2022 /snap/core20/1828/usr/bin/wall
-rwxr-sr-x 1 root shadow 43K Feb  2  2023 /snap/core20/1828/usr/sbin/pam_extrausers_chkpwd
-rwxr-sr-x 1 root shadow 43K Feb  2  2023 /snap/core20/1828/usr/sbin/unix_chkpwd

╔══════════╣ Capabilities
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#capabilities
══╣ Current shell capabilities
CapInh:  0x0000000000000000=
CapPrm:  0x000001ffffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read,cap_perfmon,cap_bpf,cap_checkpoint_restore
CapEff:  0x000001ffffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read,cap_perfmon,cap_bpf,cap_checkpoint_restore
CapBnd:  0x000001ffffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read,cap_perfmon,cap_bpf,cap_checkpoint_restore
CapAmb:  0x0000000000000000=

══╣ Parent process capabilities
CapInh:  0x0000000000000000=
CapPrm:  0x000001ffffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read,cap_perfmon,cap_bpf,cap_checkpoint_restore
CapEff:  0x000001ffffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read,cap_perfmon,cap_bpf,cap_checkpoint_restore
CapBnd:  0x000001ffffffffff=cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read,cap_perfmon,cap_bpf,cap_checkpoint_restore
CapAmb:  0x0000000000000000=


Files with capabilities (limited to 50):
/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-ptp-helper cap_net_bind_service,cap_net_admin=ep
/usr/bin/mtr-packet cap_net_raw=ep
/usr/bin/ping cap_net_raw=ep
/var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/bin/ping cap_net_raw=ep
/var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/bin/ping cap_net_raw=ep
/snap/core20/2105/usr/bin/ping cap_net_raw=ep
/snap/core20/1828/usr/bin/ping cap_net_raw=ep

╔══════════╣ Users with capabilities
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#capabilities

╔══════════╣ AppArmor binary profiles
-rw-r--r-- 1 root root  3500 Jan 31  2023 sbin.dhclient
-rw-r--r-- 1 root root  3448 Mar 17  2022 usr.bin.man
-rw-r--r-- 1 root root  1518 Feb 10  2023 usr.bin.tcpdump
-rw-r--r-- 1 root root 28486 Dec  1  2022 usr.lib.snapd.snap-confine.real
-rw-r--r-- 1 root root  2006 Jan 17 20:13 usr.sbin.mysqld
-rw-r--r-- 1 root root  1592 Nov 16  2021 usr.sbin.rsyslogd
-rw-r--r-- 1 root root  1205 Nov 15  2022 usr.sbin.unbound

╔══════════╣ Files with ACLs (limited to 50)
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#acls
files with acls in searched folders Not Found

╔══════════╣ Files (scripts) in /etc/profile.d/
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#profiles-files

╔══════════╣ Permissions in init, init.d, systemd, and rc.d
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#init-init-d-systemd-and-rc-d

═╣ Hashes inside passwd file? ........... No
═╣ Writable passwd file? ................ /etc/passwd is writable
═╣ Credentials in fstab/mtab? ........... No
═╣ Can I read shadow files? ............. root:jhzE1DqmxFI4U:19755:0:99999:7:::
daemon:*:19433:0:99999:7:::
bin:*:19433:0:99999:7:::
sys:*:19433:0:99999:7:::
sync:*:19433:0:99999:7:::
games:*:19433:0:99999:7:::
man:*:19433:0:99999:7:::
lp:*:19433:0:99999:7:::
mail:*:19433:0:99999:7:::
news:*:19433:0:99999:7:::
uucp:*:19433:0:99999:7:::
proxy:*:19433:0:99999:7:::
www-data:*:19433:0:99999:7:::
backup:*:19433:0:99999:7:::
list:*:19433:0:99999:7:::
irc:*:19433:0:99999:7:::
gnats:*:19433:0:99999:7:::
nobody:*:19433:0:99999:7:::
systemd-network:*:19433:0:99999:7:::
systemd-resolve:*:19433:0:99999:7:::
messagebus:*:19433:0:99999:7:::
systemd-timesync:*:19433:0:99999:7:::
syslog:*:19433:0:99999:7:::
_apt:*:19433:0:99999:7:::
tss:*:19433:0:99999:7:::
uuidd:*:19433:0:99999:7:::
tcpdump:*:19433:0:99999:7:::
sshd:*:19433:0:99999:7:::
pollinate:*:19433:0:99999:7:::
landscape:*:19433:0:99999:7:::
fwupd-refresh:*:19433:0:99999:7:::
lxd:!:19754::::::
mysql:!:19754:0:99999:7:::
dnsmasq:*:19754:0:99999:7:::
postfix:*:19754:0:99999:7:::
unbound:*:19754:0:99999:7:::
alex:$1$FNgvGvqE$xBwDNv31lMukto/Zt0c4q0:19754:0:99999:7:::
jordan:$1$HjWUQwqV$wfAJYkukIvhuLV0qcIUt9.:19754:0:99999:7:::
taylor:$1$Xw13Npg9$dd67JA1xWDtCuEIKAY1.91:19754:0:99999:7:::
morgan:$1$CP.SkF68$ADKewzV6R7hYMYGds2KA21:19754:0:99999:7:::
casey:$1$dqoPX9VP$nr6Mlxo4Te95amThpqt7T/:19754:0:99999:7:::
blake:$1$A56eVMJ8$1Iu3UVNxH4U4t/v8pV0vV/:19754:0:99999:7:::
cameron:$1$3qFB4qSu$gwkFA6nVAqcm5RhZ7kBLS0:19754:0:99999:7:::
peyton:$1$bPhx55UQ$OGSuRzQ/XwUweNgPgWMje.:19754:0:99999:7:::
kendall:$1$i.0TYn3t$dBbfMIwOQ3GK7V1Hcu.1e.:19754:0:99999:7:::
drew:$1$Pvgz9b3s$yTMlz2PmD6MwXFLkDHBK5.:19754:0:99999:7:::
root:$6$oZsCie.9DSySo3xN$J54WwMKZYqThLSQ1duV1wDhGBBDSvuW239E7mIhSNbsoY35903ug4Jb2gqVipMkajpexUrCRuAPIBhqlxqqiZ1:19754:0:99999:7:::
daemon:*:19433:0:99999:7:::
bin:*:19433:0:99999:7:::
sys:*:19433:0:99999:7:::
sync:*:19433:0:99999:7:::
games:*:19433:0:99999:7:::
man:*:19433:0:99999:7:::
lp:*:19433:0:99999:7:::
mail:*:19433:0:99999:7:::
news:*:19433:0:99999:7:::
uucp:*:19433:0:99999:7:::
proxy:*:19433:0:99999:7:::
www-data:*:19433:0:99999:7:::
backup:*:19433:0:99999:7:::
list:*:19433:0:99999:7:::
irc:*:19433:0:99999:7:::
gnats:*:19433:0:99999:7:::
nobody:*:19433:0:99999:7:::
systemd-network:*:19433:0:99999:7:::
systemd-resolve:*:19433:0:99999:7:::
messagebus:*:19433:0:99999:7:::
systemd-timesync:*:19433:0:99999:7:::
syslog:*:19433:0:99999:7:::
_apt:*:19433:0:99999:7:::
tss:*:19433:0:99999:7:::
uuidd:*:19433:0:99999:7:::
tcpdump:*:19433:0:99999:7:::
sshd:*:19433:0:99999:7:::
pollinate:*:19433:0:99999:7:::
landscape:*:19433:0:99999:7:::
fwupd-refresh:*:19433:0:99999:7:::
lxd:!:19754::::::
mysql:!:19754:0:99999:7:::
dnsmasq:*:19754:0:99999:7:::
postfix:*:19754:0:99999:7:::
unbound:*:19754:0:99999:7:::
alex:$1$FNgvGvqE$xBwDNv31lMukto/Zt0c4q0:19754:0:99999:7:::
jordan:$1$HjWUQwqV$wfAJYkukIvhuLV0qcIUt9.:19754:0:99999:7:::
taylor:$1$Xw13Npg9$dd67JA1xWDtCuEIKAY1.91:19754:0:99999:7:::
morgan:$1$CP.SkF68$ADKewzV6R7hYMYGds2KA21:19754:0:99999:7:::
casey:$1$dqoPX9VP$nr6Mlxo4Te95amThpqt7T/:19754:0:99999:7:::
blake:$1$A56eVMJ8$1Iu3UVNxH4U4t/v8pV0vV/:19754:0:99999:7:::
cameron:$1$3qFB4qSu$gwkFA6nVAqcm5RhZ7kBLS0:19754:0:99999:7:::
peyton:$1$bPhx55UQ$OGSuRzQ/XwUweNgPgWMje.:19754:0:99999:7:::
kendall:$1$i.0TYn3t$dBbfMIwOQ3GK7V1Hcu.1e.:19754:0:99999:7:::
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::syslog
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::kendall,drew
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::alex,jordan,taylor,morgan,casey,blake,cameron,peyton,kendall,drew
nogroup:*::
systemd-journal:!::
systemd-network:!::
systemd-resolve:!::
crontab:!::
messagebus:!::
systemd-timesync:!::
input:!::
sgx:!::
kvm:!::
render:!::
syslog:!::
tss:!::
uuidd:!::
tcpdump:!::
_ssh:!::
landscape:!::
fwupd-refresh:!::
admin:!::
netdev:!::
lxd:!::
mysql:!::
ssl-cert:!::
postfix:!::taylor
postdrop:!::
unbound:!::
logs:!::jordan,taylor,cameron,peyton,kendall,drew
lvm:!::jordan,casey
alex:!::
jordan:!::
taylor:!::
morgan:!::
casey:!::
blake:!::
cameron:!::
peyton:!::
kendall:!::
drew:!::
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::syslog
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::kendall
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::alex,jordan,taylor,morgan,casey,blake,cameron,peyton,kendall
nogroup:*::
systemd-journal:!::
systemd-network:!::
systemd-resolve:!::
crontab:!::
messagebus:!::
systemd-timesync:!::
input:!::
sgx:!::
kvm:!::
render:!::
syslog:!::
tss:!::
uuidd:!::
tcpdump:!::
_ssh:!::
landscape:!::
fwupd-refresh:!::
admin:!::
netdev:!::
lxd:!::
mysql:!::
ssl-cert:!::
postfix:!::taylor
postdrop:!::
unbound:!::
logs:!::jordan,taylor,cameron,peyton,kendall
lvm:!::jordan,casey
alex:!::
jordan:!::
taylor:!::
morgan:!::
casey:!::
blake:!::
cameron:!::
peyton:!::
kendall:!::
═╣ Can I read shadow plists? ............ No
═╣ Can I write shadow plists? ........... No
═╣ Can I read opasswd file? ............. ═╣ Can I write in network-scripts? ...... No
═╣ Can I read root folder? .............. total 40
drwx------  6 root root 4096 Feb  2 08:13 .
drwxr-xr-x 19 root root 4096 Feb  1 14:23 ..
-rw-------  1 root root   20 Feb  2 08:07 .bash_history
-rw-r--r--  1 root root 3106 Feb  1 14:47 .bashrc
drwx------  2 root root 4096 Feb  1 14:30 .cache
-rw-r--r--  1 root root    0 Feb  1 14:23 .cloud-locale-test.skip
drwx------  3 root root 4096 Feb  2 08:13 .gnupg
-rw-r--r--  1 root root  161 Jul  9  2019 .profile
drwx------  2 root root 4096 Feb  1 14:23 .ssh
-rw-r--r--  1 root root  185 Feb  2 07:29 .wget-hsts
drwx------  3 root root 4096 Feb  1 14:23 snap

╔══════════╣ Searching root files in home dirs (limit 30)
/home/
/root/
/root/.bashrc
/root/.gnupg
/root/.gnupg/S.gpg-agent.extra
/root/.gnupg/S.gpg-agent.browser
/root/.gnupg/trustdb.gpg
/root/.gnupg/private-keys-v1.d
/root/.gnupg/S.gpg-agent.ssh
/root/.gnupg/pubring.kbx
/root/.gnupg/S.gpg-agent
/root/.cache
/root/.cache/motd.legal-displayed
/root/.profile
/root/.cloud-locale-test.skip
/root/.bash_history
/root/.wget-hsts
/root/.ssh
/root/.ssh/authorized_keys
/root/snap
/root/snap/lxd
/root/snap/lxd/current
/root/snap/lxd/24322
/root/snap/lxd/common
/root/snap/lxd/common/config
/root/snap/lxd/common/config/config.yml
/var/www
/var/www/html
/var/www/html/index.php



                            ╔═════════════════════════╗
════════════════════════════╣ Other Interesting Files ╠════════════════════════════
                            ╚═════════════════════════╝
╔══════════╣ .sh files in path
╚ https://book.hacktricks.xyz/linux-hardening/privilege-escalation#script-binaries-in-path
/usr/bin/rescan-scsi-bus.sh
/usr/bin/gettext.sh

╔══════════╣ Executable files potentially added by user (limit 70)
2024-02-02+07:59:29.7086415650 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/run/.containerenv
2024-02-02+07:59:29.7086415650 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/hosts
2024-02-02+07:59:29.7086415650 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/diff/run/.containerenv
2024-02-02+07:59:29.7086415650 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/diff/etc/hosts
2024-02-02+07:59:29.1370937790 /var/lib/cni/networks/podman/lock
2024-02-01+14:24:26.1928035550 /etc/cron.hourly/droplet-agent
2023-03-17+02:10:55.0168469260 /etc/grub.d/01_track_initrdless_boot_fallback
2023-03-17+02:09:58.2745601850 /etc/console-setup/cached_setup_terminal.sh
2023-03-17+02:09:58.2745601850 /etc/console-setup/cached_setup_font.sh
2023-03-17+02:09:58.2705600250 /etc/console-setup/cached_setup_keyboard.sh

╔══════════╣ Unexpected in /opt (usually empty)
total 12
drwxr-xr-x  3 root root 4096 Feb  1 14:47 .
drwxr-xr-x 19 root root 4096 Feb  1 14:23 ..
drwxr-xr-x  4 root root 4096 Feb  1 14:24 digitalocean

╔══════════╣ Unexpected in root

╔══════════╣ Modified interesting files in the last 5mins (limit 100)
/var/log/journal/f02cd6b7880255a87f31b27865bba99d/system.journal
/var/log/auth.log
/var/log/wtmp
/var/log/lastlog
/var/log/syslog
/var/log/nginx/access.log
/var/log/mail.log
/var/log/kern.log
/var/snap/lxd/common/lxc/local.conf
/var/snap/lxd/common/lxd/logs/lxd.log
/var/snap/lxd/common/lxd/server.key
/var/snap/lxd/common/lxd/cache/instance_types.yaml
/var/snap/lxd/common/lxd/server.crt
/var/snap/lxd/common/lxd/database/global/open-2
/var/snap/lxd/common/lxd/database/global/0000000000000001-0000000000000001
/var/snap/lxd/common/lxd/database/global/open-1
/var/snap/lxd/common/lxd/database/global/metadata1
/var/snap/lxd/common/lxd/database/global/open-3
/var/snap/lxd/common/lxd/database/local.db
/var/snap/lxd/common/state
/var/snap/lxd/common/lxd.pid
/var/snap/lxd/common/ns/shmounts
/var/snap/lxd/common/lxcfs.pid
/etc/nginx/sites-available/.default.swp
/root/.gnupg/trustdb.gpg
/root/.gnupg/pubring.kbx
/root/snap/lxd/common/config/config.yml


╔══════════╣ Files inside /root (limit 20)
total 40
drwx------  6 root root 4096 Feb  2 08:13 .
drwxr-xr-x 19 root root 4096 Feb  1 14:23 ..
-rw-------  1 root root   20 Feb  2 08:07 .bash_history
-rw-r--r--  1 root root 3106 Feb  1 14:47 .bashrc
drwx------  2 root root 4096 Feb  1 14:30 .cache
-rw-r--r--  1 root root    0 Feb  1 14:23 .cloud-locale-test.skip
drwx------  3 root root 4096 Feb  2 08:13 .gnupg
-rw-r--r--  1 root root  161 Jul  9  2019 .profile
drwx------  2 root root 4096 Feb  1 14:23 .ssh
-rw-r--r--  1 root root  185 Feb  2 07:29 .wget-hsts
drwx------  3 root root 4096 Feb  1 14:23 snap

╔══════════╣ Files inside others home (limit 20)
/home/peyton/.bashrc
/home/peyton/.profile
/home/peyton/.cloud-locale-test.skip
/home/peyton/.ssh/id_rsa.pub
/home/peyton/.ssh/id_rsa
/home/peyton/.bash_logout
/home/morgan/.bashrc
/home/morgan/.profile
/home/morgan/.cloud-locale-test.skip
/home/morgan/.ssh/id_rsa.pub
/home/morgan/.ssh/id_rsa
/home/morgan/.bash_logout
/home/blake/.bashrc
/home/blake/.profile
/home/blake/.cloud-locale-test.skip
/home/blake/.ssh/id_rsa.pub
/home/blake/.ssh/id_rsa
/home/blake/.bash_logout
/home/drew/.bashrc
/home/drew/.profile

╔══════════╣ Searching installed mail applications
postfix
postfix-add-filter
postfix-add-policy
postfix-collate
sendmail

╔══════════╣ Mails (limit 50)
      489     12 -rw-------   1 root     mail        11425 Feb  2 06:25 /var/mail/root
      489     12 -rw-------   1 root     mail        11425 Feb  2 06:25 /var/spool/mail/root

╔══════════╣ Backup files (limited 100)
-rwxr-xr-x 1 root root 2196 May 25  2022 /usr/libexec/dpkg/dpkg-db-backup
-rw-r--r-- 1 root root 44008 Sep 19  2022 /usr/lib/x86_64-linux-gnu/open-vm-tools/plugins/vmsvc/libvmbackup.so
-rw-r--r-- 1 root root 39456 Jan 17 20:13 /usr/lib/mysql/plugin/component_mysqlbackup.so
-rw-r--r-- 1 root root 147 Dec  5  2021 /usr/lib/systemd/system/dpkg-db-backup.service
-rw-r--r-- 1 root root 138 Dec  5  2021 /usr/lib/systemd/system/dpkg-db-backup.timer
-rw-r--r-- 1 root root 1423 Mar 17  2023 /usr/lib/python3/dist-packages/sos/report/plugins/__pycache__/ovirt_engine_backup.cpython-310.pyc
-rw-r--r-- 1 root root 1802 Aug 15  2022 /usr/lib/python3/dist-packages/sos/report/plugins/ovirt_engine_backup.py
-rw-r--r-- 1 root root 4531 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest.py.bak
-rw-r--r-- 1 root root 5391 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/action_d/test_badips.py.bak
-rwxr-xr-x 1 root root 1086 Oct 31  2021 /usr/src/linux-headers-5.15.0-67/tools/testing/selftests/net/tcp_fastopen_backup_key.sh
-rwxr-xr-x 1 root root 226 Feb 17  2020 /usr/share/byobu/desktop/byobu.desktop.old
-rw-r--r-- 1 root root 7867 Jul 16  1996 /usr/share/doc/telnet/README.old.gz
-rw-r--r-- 1 root root 416107 Dec 21  2020 /usr/share/doc/manpages/Changes.old.gz
-rw-r--r-- 1 root root 11849 Feb  1 14:38 /usr/share/info/dir.old
-rw-r--r-- 1 root root 869 Dec 30  2021 /usr/share/aide/config/aide/aide.conf.d/31_aide_borgbackup
-rw-r--r-- 1 root root 2747 Feb 16  2022 /usr/share/man/man8/vgcfgbackup.8.gz
-rw-r--r-- 1 root root 7251 Jan 12  2023 /usr/share/nmap/scripts/http-config-backup.nse
-rw-r--r-- 1 root root 5484 Jan 12  2023 /usr/share/nmap/scripts/http-backup-finder.nse
-rw-r--r-- 1 root root 869 Dec 30  2021 /var/lib/ucf/cache/:etc:aide:aide.conf.d:31_aide_borgbackup
-rw-r--r-- 1 root root 61 Mar 17  2023 /var/lib/systemd/deb-systemd-helper-enabled/dpkg-db-backup.timer.dsh-also
-rw-r--r-- 1 root root 0 Mar 17  2023 /var/lib/systemd/deb-systemd-helper-enabled/timers.target.wants/dpkg-db-backup.timer
-rw-r--r-- 1 root root 4096 Feb  2 08:14 /sys/devices/virtual/net/veth7496452b/brport/backup_port
-rw-r--r-- 1 root root 869 Dec 30  2021 /etc/aide/aide.conf.d/31_aide_borgbackup

╔══════════╣ Searching tables inside readable .db/.sql/.sqlite files (limit 100)
Found /etc/aliases.db: Berkeley DB (Hash, version 9, native byte-order)
Found /var/lib/PackageKit/transactions.db: SQLite 3.x database, last written using SQLite version 3037002, file counter 5, database pages 8, cookie 0x4, schema 4, UTF-8, version-valid-for 5
Found /var/lib/command-not-found/commands.db: SQLite 3.x database, last written using SQLite version 3037002, file counter 5, database pages 868, cookie 0x4, schema 4, UTF-8, version-valid-for 5
Found /var/lib/containers/storage/libpod/bolt_state.db: data
Found /var/lib/postfix/smtp_scache.db: Berkeley DB (Btree, version 9, native byte-order)

 -> Extracting tables from /var/lib/PackageKit/transactions.db (limit 20)
 -> Extracting tables from /var/lib/command-not-found/commands.db (limit 20)

╔══════════╣ Web files?(output limit)
/var/www/:
total 12K
drwxr-xr-x  3 root root 4.0K Feb  1 14:36 .
drwxr-xr-x 14 root root 4.0K Feb  1 14:36 ..
drwxr-xr-x  2 root root 4.0K Feb  1 14:47 html

/var/www/html:
total 12K
drwxr-xr-x 2 root root 4.0K Feb  1 14:47 .
drwxr-xr-x 3 root root 4.0K Feb  1 14:36 ..

╔══════════╣ All relevant hidden files (not in /sys/ or the ones listed in the previous check) (limit 70)
-rw-r--r-- 1 peyton peyton 0 Feb  1 14:23 /home/peyton/.cloud-locale-test.skip
-rw-r--r-- 1 peyton peyton 220 Jan  6  2022 /home/peyton/.bash_logout
-rw-r--r-- 1 morgan morgan 0 Feb  1 14:23 /home/morgan/.cloud-locale-test.skip
-rw-r--r-- 1 morgan morgan 220 Jan  6  2022 /home/morgan/.bash_logout
-rw-r--r-- 1 blake blake 0 Feb  1 14:23 /home/blake/.cloud-locale-test.skip
-rw-r--r-- 1 blake blake 220 Jan  6  2022 /home/blake/.bash_logout
-rw-r--r-- 1 drew drew 0 Feb  1 14:23 /home/drew/.cloud-locale-test.skip
-rw-r--r-- 1 drew drew 220 Jan  6  2022 /home/drew/.bash_logout
-rw-r--r-- 1 casey casey 0 Feb  1 14:23 /home/casey/.cloud-locale-test.skip
-rw-r--r-- 1 casey casey 220 Jan  6  2022 /home/casey/.bash_logout
-rw-r--r-- 1 jordan jordan 0 Feb  1 14:23 /home/jordan/.cloud-locale-test.skip
-rw-r--r-- 1 jordan jordan 220 Jan  6  2022 /home/jordan/.bash_logout
-rw-r--r-- 1 alex alex 0 Feb  1 14:23 /home/alex/.cloud-locale-test.skip
-rw-r--r-- 1 alex alex 220 Jan  6  2022 /home/alex/.bash_logout
-rw-r--r-- 1 kendall kendall 0 Feb  1 14:23 /home/kendall/.cloud-locale-test.skip
-rw-r--r-- 1 kendall kendall 220 Jan  6  2022 /home/kendall/.bash_logout
-rw-r--r-- 1 cameron cameron 0 Feb  1 14:23 /home/cameron/.cloud-locale-test.skip
-rw-r--r-- 1 cameron cameron 220 Jan  6  2022 /home/cameron/.bash_logout
-rw-r--r-- 1 taylor taylor 0 Feb  1 14:23 /home/taylor/.cloud-locale-test.skip
-rw-r--r-- 1 taylor taylor 220 Jan  6  2022 /home/taylor/.bash_logout
-rw-r--r-- 1 root root 179 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest_wrongrelm/.htaccess
-rw-r--r-- 1 root root 14 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/noentry/.htaccess
-rw-r--r-- 1 root root 231 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest_anon/.htaccess
-rw-r--r-- 1 root root 136 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/basic/authz_owner/.htaccess
-rw-r--r-- 1 root root 129 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/basic/file/.htaccess
-rw-r--r-- 1 root root 195 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest_time/.htaccess
-rw-r--r-- 1 root root 159 Nov 23  2020 /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/digest/.htaccess
-rw------- 1 daemon daemon 6 Feb  1 14:47 /var/spool/cron/atjobs/.SEQ
-rw-r--r-- 1 landscape landscape 0 Mar 17  2023 /var/lib/landscape/.cleanup.user
-rw------- 1 root root 0 Dec  9  2020 /var/lib/containers/storage/overlay/e7ab906bfb619eccc81cceecd835d918bc921df078726f74ab68d92e54a3b185/diff/etc/.pwd.lock
-rw-r--r-- 1 root root 6961 Dec 11  2020 /var/lib/containers/storage/overlay/0adf123149ba4b47e640de18ebf729fda2607712240eb53dfb39d8d057d4ce38/diff/usr/local/lib/php/.filemap
-rw-r--r-- 1 root root 0 Dec 11  2020 /var/lib/containers/storage/overlay/0adf123149ba4b47e640de18ebf729fda2607712240eb53dfb39d8d057d4ce38/diff/usr/local/lib/php/.lock
-rw-r--r-- 1 root root 6961 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/local/lib/php/.filemap
-rw-r--r-- 1 root root 0 Dec 11  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/usr/local/lib/php/.lock
-rw------- 1 root root 0 Dec  9  2020 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/.pwd.lock
-rw-r--r-- 1 root root 220 Apr 18  2019 /var/lib/containers/storage/overlay/6ae9c44b96e50fffc43a71d0dfed62163eaa5e7b41b1cfb55d2704d562a2ec45/merged/etc/skel/.bash_logout
-rw------- 1 root root 0 Dec  9  2020 /var/lib/containers/storage/overlay/98074541ea3b10ad46266d8675687b485fc4ad15e7ed53414b295568892fee8e/diff/etc/.pwd.lock
-rw------- 1 root root 0 Dec  9  2020 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/.pwd.lock
-rw-r--r-- 1 root root 220 Apr 18  2019 /var/lib/containers/storage/overlay/87c8a1d8f54f3aa4e05569e8919397b65056aa71cdf48b7f061432c98475eee9/diff/etc/skel/.bash_logout
-rw-r--r-- 1 root root 1913 Mar 17  2023 /var/cache/apparmor/e10c1cf9.0/.features
-rw-r--r-- 1 root root 1976 Feb  1 14:22 /var/cache/apparmor/c47eabf7.0/.features
-rw------- 1 root root 0 Mar 17  2023 /etc/.pwd.lock
-rw-r--r-- 1 root root 0 Feb  1 14:23 /etc/skel/.cloud-locale-test.skip
-rw-r--r-- 1 root root 220 Jan  6  2022 /etc/skel/.bash_logout
-rw-r--r-- 1 root root 0 Feb  1 14:23 /root/.cloud-locale-test.skip
-rw-r--r-- 1 root root 185 Feb  2 07:29 /root/.wget-hsts
-rw------- 1 root root 0 Nov 23 04:34 /snap/core20/2105/etc/.pwd.lock
-rw-r--r-- 1 root root 220 Feb 25  2020 /snap/core20/2105/etc/skel/.bash_logout
-rw------- 1 root root 0 Feb  7  2023 /snap/core20/1828/etc/.pwd.lock
-rw-r--r-- 1 root root 220 Feb 25  2020 /snap/core20/1828/etc/skel/.bash_logout
-rw------- 1 root root 0 Feb  2 07:59 /run/snapd/lock/.lock

╔══════════╣ Readable files inside /tmp, /var/tmp, /private/tmp, /private/var/at/tmp, /private/var/tmp, and backup folders (limit 70)
-rw-r--r-- 1 root root 0 Feb  2 00:00 /var/backups/dpkg.arch.0
-rw-r--r-- 1 root root 61440 Feb  2 00:00 /var/backups/alternatives.tar.0

╔══════════╣ Searching passwords in history files
/root/.bash_history:passwd root

╔══════════╣ Searching *password* or *credential* files in home (limit 70)
/etc/pam.d/common-password
/etc/ssl/private/ssl-cert-snakeoil.key
/etc/unbound/unbound_control.key
/etc/unbound/unbound_server.key
/usr/bin/systemd-ask-password
/usr/bin/systemd-tty-ask-password-agent
/usr/lib/git-core/git-credential
/usr/lib/git-core/git-credential-cache
/usr/lib/git-core/git-credential-cache--daemon
/usr/lib/git-core/git-credential-store
  #)There are more creds/passwds files in the previous parent folder

/usr/lib/grub/i386-pc/password.mod
/usr/lib/grub/i386-pc/password_pbkdf2.mod
/usr/lib/grub/x86_64-efi/legacy_password_test.mod
/usr/lib/grub/x86_64-efi/password.mod
/usr/lib/grub/x86_64-efi/password_pbkdf2.mod
/usr/lib/mysql/plugin/component_validate_password.so
/usr/lib/mysql/plugin/validate_password.so
/usr/lib/python3/dist-packages/keyring/__pycache__/credentials.cpython-310.pyc
/usr/lib/python3/dist-packages/keyring/credentials.py
/usr/lib/python3/dist-packages/launchpadlib/__pycache__/credentials.cpython-310.pyc
/usr/lib/python3/dist-packages/launchpadlib/credentials.py
/usr/lib/python3/dist-packages/launchpadlib/tests/__pycache__/test_credential_store.cpython-310.pyc
/usr/lib/python3/dist-packages/launchpadlib/tests/test_credential_store.py
/usr/lib/python3/dist-packages/oauthlib/oauth2/rfc6749/grant_types/__pycache__/client_credentials.cpython-310.pyc
/usr/lib/python3/dist-packages/oauthlib/oauth2/rfc6749/grant_types/__pycache__/resource_owner_password_credentials.cpython-310.pyc
/usr/lib/python3/dist-packages/oauthlib/oauth2/rfc6749/grant_types/client_credentials.py
/usr/lib/python3/dist-packages/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py
/usr/lib/python3/dist-packages/twisted/cred/__pycache__/credentials.cpython-310.pyc
/usr/lib/python3/dist-packages/twisted/cred/credentials.py

╔══════════╣ Checking for TTY (sudo/su) passwords in audit logs

╔══════════╣ Searching passwords inside logs (limit 70)
Feb  1 14:50:50 ls-2024-9 kernel: [    4.206620] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
Feb  1 14:50:50 ls-2024-9 systemd[1]: Condition check resulted in Forward Password Requests to Plymouth Directory Watch being skipped.
Feb  1 14:50:50 ls-2024-9 systemd[1]: Started Dispatch Password Requests to Console Directory Watch.
Feb  2 07:59:14 ls-2024-9 kernel: [    4.504123] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
Feb  2 07:59:14 ls-2024-9 systemd[1]: Condition check resulted in Forward Password Requests to Plymouth Directory Watch being skipped.
Feb  2 07:59:14 ls-2024-9 systemd[1]: Started Dispatch Password Requests to Console Directory Watch.
Feb  2 08:01:16 ls-2024-9 sshd[1660]: Accepted password for root from 31.220.83.175 port 52432 ssh2
Feb  2 08:06:03 ls-2024-9 sshd[1693]: Accepted password for root from 31.220.83.175 port 48220 ssh2
Feb  2 08:07:39 ls-2024-9 passwd[1704]: pam_unix(passwd:chauthtok): password changed for root
Feb  2 08:07:50 ls-2024-9 sshd[1705]: Accepted password for root from 31.220.83.175 port 59290 ssh2
Feb  2 08:13:08 ls-2024-9 sshd[2137]: Accepted password for root from 31.220.83.175 port 49316 ssh2
[    4.206620] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
[    4.504123] systemd[1]: Started Forward Password Requests to Wall Directory Watch.



                                ╔════════════════╗
════════════════════════════════╣ API Keys Regex ╠════════════════════════════════
                                ╚════════════════╝
Regexes to search for API keys aren't activated, use param '-r'