In Linux, a file “world writable” is a file that everyone can write. These files used as sensitive by people who did not aim at the base to write data to the system or out of a given directory.
The world-writable files are more dangerous. When they run by anyone on the system, as they can then make a script. Today, we will see how easily we can locate these files on a Linux system through the command “Find” which is available on most of Linux systems.
Using the Find command:
To find the world-writable files on a Linux system, just use the following command:
| find / -type f! -path "/ proc / *" -prune -perm o + w exec ls {} -lg /; 2> / dev / null
Then we will back all world writable system files and display their rights, their owner and their full path:
For those who wish to understand the command:
Find command search files in a directory for the fact that we specify here as the root “/”
- “-type” specifies the type of object you are looking for. “F” for file and “d” for directory
- ” ! path “/ proc / *” -prune “to exclude the” / proc ” which always takes a lot of profit
- “perm” used to search given permission, here ‘o + w” or “2” that is the octal value of the license “w” written for “other” users
- “- exec ‘to execute a command
- ” -lg ls {} ” will list the files in a list format (” l “) without displaying the owner – (” g “) from the root
- ” 2> / dev / null ” used to redirect errors to a null file
For those who quickly grasped the principle of command and options used, it is entirely possible to use it to find the files “world readable” files/folders according to specific rights or rules of other folders.