Created
January 29, 2018 06:43
-
-
Save donaldpipowitch/105b9b2f5802657593d468ae35265739 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
11433 execve("/bin/ping", ["ping", "google.com"], [/* 14 vars */]) = 0 | |
11433 brk(NULL) = 0xc9b000 | |
11433 fcntl(0, F_GETFD) = 0 | |
11433 fcntl(1, F_GETFD) = 0 | |
11433 fcntl(2, F_GETFD) = 0 | |
11433 access("/etc/suid-debug", F_OK) = -1 ENOENT (No such file or directory) | |
11433 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) | |
11433 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) | |
11433 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 | |
11433 fstat(3, {st_mode=S_IFREG|0644, st_size=33275, ...}) = 0 | |
11433 mmap(NULL, 33275, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f67ef1a0000 | |
11433 close(3) = 0 | |
11433 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) | |
11433 open("/lib/x86_64-linux-gnu/libcap.so.2", O_RDONLY|O_CLOEXEC) = 3 | |
11433 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\30\0\0\0\0\0\0"..., 832) = 832 | |
11433 fstat(3, {st_mode=S_IFREG|0644, st_size=23128, ...}) = 0 | |
11433 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f67ef190000 | |
11433 mmap(NULL, 2118192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f67eebf0000 | |
11433 mprotect(0x7f67eebf4000, 2097152, PROT_NONE) = 0 | |
11433 mmap(0x7f67eedf4000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f67eedf4000 | |
11433 close(3) = 0 | |
11433 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) | |
11433 open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 | |
11433 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\t\2\0\0\0\0\0"..., 832) = 832 | |
11433 fstat(3, {st_mode=S_IFREG|0755, st_size=1868984, ...}) = 0 | |
11433 mmap(NULL, 3971488, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f67ee820000 | |
11433 mprotect(0x7f67ee9e0000, 2097152, PROT_NONE) = 0 | |
11433 mmap(0x7f67eebe0000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c0000) = 0x7f67eebe0000 | |
11433 mmap(0x7f67eebe6000, 14752, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f67eebe6000 | |
11433 close(3) = 0 | |
11433 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f67ef180000 | |
11433 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f67ef170000 | |
11433 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f67ef160000 | |
11433 arch_prctl(ARCH_SET_FS, 0x7f67ef170700) = 0 | |
11433 mprotect(0x7f67eebe0000, 16384, PROT_READ) = 0 | |
11433 mprotect(0x7f67eedf4000, 4096, PROT_READ) = 0 | |
11433 mprotect(0x609000, 4096, PROT_READ) = 0 | |
11433 mprotect(0x7f67ef025000, 4096, PROT_READ) = 0 | |
11433 munmap(0x7f67ef1a0000, 33275) = 0 | |
11433 brk(NULL) = 0xc9b000 | |
11433 brk(0xcbc000) = 0xcbc000 | |
11433 capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address) | |
11433 capget({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP|CAP_MAC_OVERRIDE|CAP_MAC_ADMIN|CAP_SYSLOG|CAP_WAKE_ALARM|CAP_BLOCK_SUSPEND, CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP|CAP_MAC_OVERRIDE|CAP_MAC_ADMIN|CAP_SYSLOG|CAP_WAKE_ALARM|CAP_BLOCK_SUSPEND, 0}) = 0 | |
11433 capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address) | |
11433 capset({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0 | |
11433 prctl(PR_SET_KEEPCAPS, 1) = 0 | |
11433 getuid() = 0 | |
11433 setuid(0) = 0 | |
11433 prctl(PR_SET_KEEPCAPS, 0) = 0 | |
11433 getuid() = 0 | |
11433 geteuid() = 0 | |
11433 capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address) | |
11433 capget({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0 | |
11433 capset({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_NET_RAW, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0 | |
11433 socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) = 3 | |
11433 capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address) | |
11433 capget({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_NET_RAW, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0 | |
11433 capset({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0 | |
11433 getpid() = 11433 | |
11433 open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=259, ...}) = 0 | |
11433 read(4, "# This file was automatically ge"..., 512) = 259 | |
11433 read(4, "", 512) = 0 | |
11433 close(4) = 0 | |
11433 stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=259, ...}) = 0 | |
11433 open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=259, ...}) = 0 | |
11433 read(4, "# This file was automatically ge"..., 512) = 259 | |
11433 read(4, "", 512) = 0 | |
11433 close(4) = 0 | |
11433 socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4 | |
11433 connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) | |
11433 close(4) = 0 | |
11433 socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4 | |
11433 connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) | |
11433 close(4) = 0 | |
11433 open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 4 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=497, ...}) = 0 | |
11433 read(4, "# /etc/nsswitch.conf\n#\n# Example"..., 512) = 497 | |
11433 read(4, "", 512) = 0 | |
11433 close(4) = 0 | |
11433 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=33275, ...}) = 0 | |
11433 mmap(NULL, 33275, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f67ef1a0000 | |
11433 close(4) = 0 | |
11433 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) | |
11433 open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 4 | |
11433 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260!\0\0\0\0\0\0"..., 832) = 832 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=47600, ...}) = 0 | |
11433 mmap(NULL, 2168600, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f67ee600000 | |
11433 mprotect(0x7f67ee60b000, 2093056, PROT_NONE) = 0 | |
11433 mmap(0x7f67ee80a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7f67ee80a000 | |
11433 mmap(0x7f67ee80c000, 22296, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f67ee80c000 | |
11433 close(4) = 0 | |
11433 mprotect(0x7f67ee80a000, 4096, PROT_READ) = 0 | |
11433 munmap(0x7f67ef1a0000, 33275) = 0 | |
11433 open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 4 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=92, ...}) = 0 | |
11433 read(4, "# The \"order\" line is only used "..., 512) = 92 | |
11433 read(4, "", 512) = 0 | |
11433 close(4) = 0 | |
11433 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 4 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=423, ...}) = 0 | |
11433 read(4, "# This file is automatically gen"..., 512) = 423 | |
11433 read(4, "", 512) = 0 | |
11433 close(4) = 0 | |
11433 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=33275, ...}) = 0 | |
11433 mmap(NULL, 33275, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f67ef1a0000 | |
11433 close(4) = 0 | |
11433 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) | |
11433 open("/lib/x86_64-linux-gnu/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = 4 | |
11433 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\17\0\0\0\0\0\0"..., 832) = 832 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=27000, ...}) = 0 | |
11433 mmap(NULL, 2121944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f67ee3f0000 | |
11433 mprotect(0x7f67ee3f5000, 2097152, PROT_NONE) = 0 | |
11433 mmap(0x7f67ee5f5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x5000) = 0x7f67ee5f5000 | |
11433 close(4) = 0 | |
11433 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) | |
11433 open("/lib/x86_64-linux-gnu/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 4 | |
11433 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P9\0\0\0\0\0\0"..., 832) = 832 | |
11433 fstat(4, {st_mode=S_IFREG|0644, st_size=101200, ...}) = 0 | |
11433 mmap(NULL, 2206280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f67ee1d0000 | |
11433 mprotect(0x7f67ee1e7000, 2097152, PROT_NONE) = 0 | |
11433 mmap(0x7f67ee3e7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x17000) = 0x7f67ee3e7000 | |
11433 mmap(0x7f67ee3e9000, 6728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f67ee3e9000 | |
11433 close(4) = 0 | |
11433 mprotect(0x7f67ee3e7000, 4096, PROT_READ) = 0 | |
11433 mprotect(0x7f67ee5f5000, 4096, PROT_READ) = 0 | |
11433 munmap(0x7f67ef1a0000, 33275) = 0 | |
11433 stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=259, ...}) = 0 | |
11433 socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 4 | |
11433 connect(4, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.1.2.3")}, 16) = 0 | |
11433 gettimeofday({1517207029, 805941}, NULL) = 0 | |
11433 poll([{fd=4, events=POLLOUT}], 1, 0) = 1 ([{fd=4, revents=POLLOUT}]) | |
11433 sendto(4, "~|\1\0\0\1\0\0\0\0\0\0\6google\3com\0\0\1\0\1", 28, MSG_NOSIGNAL, NULL, 0) = 28 | |
11433 poll([{fd=4, events=POLLIN}], 1, 5000) = 1 ([{fd=4, revents=POLLIN}]) | |
11433 ioctl(4, FIONREAD, [28]) = 0 | |
11433 recvfrom(4, "~|\201\3\0\1\0\0\0\0\0\0\6google\3com\0\0\1\0\1", 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.1.2.3")}, [16]) = 28 | |
11433 close(4) = 0 | |
11433 socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 4 | |
11433 connect(4, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.1.2.3")}, 16) = 0 | |
11433 gettimeofday({1517207029, 807021}, NULL) = 0 | |
11433 poll([{fd=4, events=POLLOUT}], 1, 0) = 1 ([{fd=4, revents=POLLOUT}]) | |
11433 sendto(4, "\333\17\1\0\0\1\0\0\0\0\0\0\6google\3com\10example"..., 41, MSG_NOSIGNAL, NULL, 0) = 41 | |
11433 poll([{fd=4, events=POLLIN}], 1, 5000) = 1 ([{fd=4, revents=POLLIN}]) | |
11433 ioctl(4, FIONREAD, [144]) = 0 | |
11433 recvfrom(4, "\333\17\205\203\0\1\0\0\0\1\0\0\6google\3com\10example"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("172.1.2.3")}, [16]) = 144 | |
11433 close(4) = 0 | |
11433 write(2, "ping: unknown host google.com\n", 30) = 30 | |
11433 exit_group(2) = ? | |
11433 +++ exited with 2 +++ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment