Do not run the script as "root". Create a temporary non-privileged user and run it. If it doesn't output/log anything, run it with strace.
Regards, Sunjith On Sunday 24 September 2006 10:43, mbpillai at asianetindia.com wrote: > Quoting Anoop Alias <anoopalias01 at gmail.com>: > > Sir's, > > > > Please help me with this.I have found the following vulnerable file in > > the /tmp directory of a cpanel server > > > > ==================================== > > /tmp]# pwd > > /tmp > > > > =================================================================== > > ll > > total 879 > > drwxrwxrwt 2 root root 268288 Sep 23 23:23 ./ > > drwx--x--x 25 root root 4096 Sep 23 21:21 ../ > > -rw-r--r-- 1 root root 332 Sep 23 23:19 MAIL-HOST > > lrwxrwxrwx 1 root root 30 Sep 23 23:23 mysql.sock -> > > ../../var/lib/mysql/mysql.sock= > > -rwsr-xr-x 1 root root 616248 Sep 23 23:23 sh* > > Can you read the content of the file sh*. Is so just see what it does. > If not try to run the script and read messages/logs generated. > > > With regards > > M.Balakrishna Pillai
