HOW TO FIND OUT IF YOU HAVE BEEN ROOTED:
If you find the file and RPM shows “is not owned by any package” you have been rooted.
http://blog.solidshellsecurity.com/2013/02/18/0day-linuxcentos-sshd-spam-exploit-libkeyutils-so-1-9/
P.S. I have seen original makers comment of this exploit and it is being forced onto the system by perl attacks so please disable compilers and also limit perl to root by chmod or else you will get rooted
Code:
ls -la /lib64/libkeyutils.so.1.9
rpm -qf /lib64/libkeyutils.so.1.9
ls -la /lib/libkeyutils.so.1.9
rpm -qf /lib/libkeyutils.so.1.9
If you find the file and RPM shows “is not owned by any package” you have been rooted.
http://blog.solidshellsecurity.com/2013/02/18/0day-linuxcentos-sshd-spam-exploit-libkeyutils-so-1-9/
P.S. I have seen original makers comment of this exploit and it is being forced onto the system by perl attacks so please disable compilers and also limit perl to root by chmod or else you will get rooted