早上写的一个用find查找带S权限的,感觉不记一下可惜了。
[root@iZ28wg1kditZ ~]# find / -type f -exec ls -al {} \;|awk 'BEGIN {print "permission","name"} {if ($1~/s/)print $1,$9}'
permission name
-rwsr-xr-x /sbin/mount.nfs
-rwxr-sr-x /sbin/netreport
-rwsr-xr-x. /sbin/unix_chkpwd
-rwsr-xr-x. /sbin/pam_timestamp_check
-rwsr-x--- /lib64/dbus-/dbus-daemon-launch-helper
-rws--x--x /usr/sbin/userhelper
-r-s--x--- /usr/sbin/suexec
-rwsr-xr-x /usr/sbin/exim
-rwsr-xr-x. /usr/sbin/usernetctl
-rwsr-xr-x /usr/libexec/lxc/lxc-user-nic
-rwx--s--x /usr/libexec/utempter/utempter
-rwsr-xr-x /usr/libexec/polkit-/polkit-agent-helper-
-rwsr-xr-x /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache
-rws--x--x /usr/libexec/pt_chown
-rwsr-xr-x. /usr/libexec/openssh/ssh-keysign
-rwsr-xr-x. /usr/bin/passwd
-rwsr-xr-x. /usr/bin/at
-rwsr-xr-x. /usr/bin/newgrp
-rwsr-xr-x. /usr/bin/gpasswd
-r-xr-sr-x /usr/bin/wall
-rwx--s--x /usr/bin/locate
-rwxr-sr-x. /usr/bin/write
-rwxr-sr-x. /usr/bin/ssh-agent
-rwsr-xr-x. /usr/bin/chage
-rwsr-xr-x /usr/bin/crontab
---s--x--x. /usr/bin/sudo
---s--x---. /usr/bin/staprun
-rws--x--x. /usr/bin/chfn
-rwsr-xr-x /usr/bin/pkexec
-rws--x--x. /usr/bin/chsh
-rwxr-sr-x /bin/cgclassify
-rwsr-xr-x. /bin/mount
-rwxr-sr-x /bin/cgexec
-rwsr-xr-x. /bin/ping6
-rwsr-xr-x. /bin/su
-rwsr-xr-x. /bin/umount
-rwsr-xr-x. /bin/ping
==============================================================================
[root@localhost ~]# find / -type f -exec ls -al {} \;|awk 'BEGIN {print "permission","name"} {if ($1~/s/)print $1,$9}'
permission name
-rwsr-xr-x. /bin/ping6
-rwsr-xr-x. /bin/mount
-rwsr-xr-x. /bin/su
-rwsr-xr-x. /bin/ping
-rwsr-xr-x. /bin/umount
-rwsr-x---. /bin/fusermount
-rwsr-xr-x. /usr/libexec/polkit-/polkit-agent-helper-
-rwsr-xr-x. /usr/libexec/openssh/ssh-keysign
-rwx--s--x. /usr/libexec/utempter/utempter
-rws--x--x. /usr/libexec/pt_chown
-rwsr-xr-x. /usr/libexec/pulse/proximity-helper
-rwsr-xr-x. /usr/bin/newgrp
-rws--x--x. /usr/bin/chsh
-rwsr-xr-x. /usr/bin/Xorg
-rwsr-xr-x. /usr/bin/crontab
-rwsr-xr-x. /usr/bin/at
-rwxr-sr-x. /usr/bin/ssh-agent
-rws--x--x. /usr/bin/chfn
-r-xr-sr-x. /usr/bin/wall
-rwxr-sr-x. /usr/bin/write
-rwsr-xr-x. /usr/bin/pkexec
-rwsr-xr-x. /usr/bin/passwd
-rwsr-xr-x. /usr/bin/gpasswd
---s--x---. /usr/bin/staprun
-rwx--s--x. /usr/bin/locate
---s--x--x. /usr/bin/sudo
-rwsr-xr-x. /usr/bin/chage
-rwsr-xr-x. /usr/bin/vncserver-x11
-rwsr-xr-x. /usr/bin/Xvnc-realvnc
-rwx--s--x. /usr/lib64/vte/gnome-pty-helper
-rwsr-xr-x. /usr/lib64/nspluginwrapper/plugin-config
-rwx--s--x. /usr/sbin/lockdev
-r-s--x---. /usr/sbin/suexec
-rws--x--x. /usr/sbin/userhelper
-rwsr-xr-x. /usr/sbin/usernetctl
-rwsr-xr-x. /usr/sbin/exim
-r-sr-xr-x. /usr/lib/vmware-tools/bin64/vmware-user-suid-wrapper
-r-sr-xr-x. /usr/lib/vmware-tools/bin32/vmware-user-suid-wrapper
-rwsr-x---. /lib64/dbus-/dbus-daemon-launch-helper
-rwxr-sr-x. /sbin/netreport
-rwsr-xr-x. /sbin/unix_chkpwd
-rwsr-xr-x. /sbin/pam_timestamp_check
-rwsr-xr-x. /root/Desktop/vmware-tools-distrib/lib/bin64/vmware-user-suid-wrapper
-rwsr-xr-x. /root/Desktop/vmware-tools-distrib/lib/bin32/vmware-user-suid-wrapper
==============================================================================================
[root@localhost ~]# find / -type f -exec ls -al {} \;|awk 'BEGIN {print "permission","name"} {if ($1~/s/)print $1,$9}'
permission name
-rwsr-x---. /lib64/dbus-/dbus-daemon-launch-helper
-rwsr-s--x. /home/oracle/app/oracle/product/12.1./dbhome_1/bin/oracle
-rwsr-xr-x. /bin/ping
-rwsr-xr-x. /bin/mount
-rwsr-xr-x. /bin/ping6
-rwsr-xr-x. /bin/su
-rwsr-x---. /bin/fusermount
-rwsr-xr-x. /bin/umount
-rwxr-sr-x. /usr/libexec/kde4/kdesud
-rwx--s--x. /usr/libexec/utempter/utempter
-rwsr-xr-x. /usr/libexec/pulse/proximity-helper
-rwsr-xr-x. /usr/libexec/openssh/ssh-keysign
-rwsr-xr-x. /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache
-rwsr-xr-x. /usr/libexec/polkit-/polkit-agent-helper-
-rws--x--x. /usr/libexec/pt_chown
-rwx--s--x. /usr/lib64/vte/gnome-pty-helper
-rwsr-xr-x. /usr/lib64/nspluginwrapper/plugin-config
-rwsr-xr-x. /usr/bin/Xvnc
-rwsr-xr-x. /usr/bin/vncserver-x11
-rwsr-xr-x. /usr/bin/crontab
-rwsr-xr-x. /usr/bin/newgrp
-rwx--s--x. /usr/bin/locate
-rwsr-xr-x. /usr/bin/pkexec
-rwsr-xr-x. /usr/bin/gpasswd
---s--x---. /usr/bin/staprun
-rws--x--x. /usr/bin/chsh
---s--x--x. /usr/bin/sudo
-rwsr-xr-x. /usr/bin/ksu
-rwxr-sr-x. /usr/bin/write
-rwsr-xr-x. /usr/bin/kpac_dhcp_helper
-rws--x--x. /usr/bin/chfn
-r-xr-sr-x. /usr/bin/wall
-rwxr-sr-x. /usr/bin/ssh-agent
-rwsr-xr-x. /usr/bin/kgrantpty
-rwsr-xr-x. /usr/bin/chage
-rwsr-xr-x. /usr/bin/Xorg
-rwxr-sr-x. /usr/bin/screen
-rwsr-xr-x. /usr/bin/at
-rwsr-xr-x. /usr/bin/passwd
-r-sr-xr-x. /usr/lib/vmware-tools/bin64/vmware-user-suid-wrapper
-r-sr-xr-x. /usr/lib/vmware-tools/bin32/vmware-user-suid-wrapper
-rwsr-xr-x. /usr/sbin/usernetctl
-rwxr-sr-x. /usr/sbin/postqueue
-rwx--s--x. /usr/sbin/lockdev
-rwsr-xr-x. /usr/sbin/exim
-rwxr-sr-x. /usr/sbin/postdrop
-rws--x--x. /usr/sbin/userhelper
-r-s--x---. /usr/sbin/suexec
-rwxr-sr-x. /sbin/netreport
-rwsr-xr-x. /sbin/pam_timestamp_check
-rwsr-xr-x. /sbin/mount.nfs
-rwsr-xr-x. /sbin/unix_chkpwd
-rwsrwxr-x. /tm1/test/test
-rwsrwxrwx. /tm1/mysql_privesc_exploit/mysql_suid_shell.MYD
-rwsrwxrwx. /tm1/mysql_privesc_exploit/exploit_table.MYD