Tried evrything.. debian7 x86 box,.... then, i tried something on my own, and seem to have fixed...
root@sudoer:~# ls -l /usr/bin/sudo
-rwsr-xr-x 2 hax hax 119172 Mar 1 2013 /usr/bin/sudo
root@sudoer:~# chown -R root:root /usr/bin/sudo
root@sudoer:~# sudo ls
sudo: parse error in /etc/sudoers near line 25
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
root@sudoer:~# chown -R root:root /usr/bin/sudo
root@sudoer:~# sudo ls
sudo: parse error in /etc/sudoers near line 25
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
root@sudoer:~# nano /etc/sudoers
root@sudoer:~# sudo ls
sudo: parse error in /etc/sudoers near line 24
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
root@sudoer:~# nano /etc/sudoers
root@sudoer:~# sudo ls
sudo: parse error in /etc/sudoers.d/sudoers near line 29
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
root@sudoer:~# nano /etc/sudoers.d/sudoers
root@sudoer:~# sudo ls
sudo: parse error in /etc/sudoers.d/sudoers near line 28
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
root@sudoer:~# sudo -l
sudo: parse error in /etc/sudoers.d/sudoers near line 28
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
root@sudoer:~# cd /etc/sudoers.d
root@sudoer:/etc/sudoers.d# ls
README sudoers sudoers.so
root@sudoer:/etc/sudoers.d# rm sudoers sudoers.so
root@sudoer:/etc/sudoers.d# sudo ls
README
so, i got my sudo back... then i did chmod settings wich i asked for from a vps hoster
of mine, they simply gave me a very good start, so il post it here
chmod o= /usr/bin/last
chmod o= /usr/bin/lastlog
chmod o= /usr/bin/w
chmod o= /usr/bin/who
chmod o= /usr/bin/chsh
chmod o= /usr/bin/chfn ##added in as it is abused with some methods
chmod o= /usr/bin/sudoedit
chmod o= /usr/bin/smbmnt
chmod o= /usr/bin/traceroute6
chmod o= /bin/umount
chmod o= /bin/ping6
chmod o= /bin/ping
chmod o= /usr/bin/finger
chmod o= /usr/bin/write
chmod o= /usr/bin/nmap
chmod o= /usr/bin/ncat
chmod o= /usr/bin/nping
chmod o= /usr/sbin/hping3
chmod o= /usr/bin/oping
#chmod o= /usr/bin/
chmod o= /usr/bin/nc
chmod o= /usr/bin/cc
chmod o= /usr/bin/netcat
chmod o= /usr/bin/netcat6
chmod o= /bin/mount
chmod o= /usr/bin/top
chmod o= /sbin/umount.cifs
chmod o= /sbin/mount.cifs
chmod og-rwx /etc/rc*
chmod og-rwx /usr/bin/last
chmod og-rwx /usr/sbin/lastlogin
chmod og-rwx /var/log/messages
chmod og-rwx /var/log/maillog
chmod og-rwx /log/maillog
chmod og-rwx /bin/lastlogin
chmod go= /usr/bin/telnet
chmod go= /bin/netstat
chmod go= /bin/telnet
chmod go= /usr/bin/locate
#chmod go-r /bin
#chmod go-r /etc ## we will be making this much better now,readon
chmod go-r /home ## NOTE: I have used for ages simply chmod -r /home ,seems to work fine with debian/ubuntu based,and possibly centOS v5,not v6
#chmod -r /home
#chmod go-r /sbin
#chmod go-r /usr
#chmod go-r /usr/bin
chmod go-r /usr/local
chmod go-r /usr/local/bin/
chmod go-r /usr/local/sbin
chmod go-r /usr/sbin
chmod go-r /usr/src
chmod go-r /usr/src/sys
chmod go-r /usr/src/sys/i386/conf
chmod go-r /var
chmod go-r /var/log
chmod go-r /src/sys/i386/conf
chmod go-r /src/sys
chmod 700 /boot
chmod 700 /dist
chmod 700 /rescue
chmod 700 /root
chmod o+x-r /mnt
chmod 0 /proc/net/netlink
## for tmp dirs, we can also add tmpwatch app on most Linux ..wich then is easily started once, on restart of box.. so need universal-starter.sh made also (todo's)
chmod 660 /var/log/tmp
chmod 660 /var/log/wtmp
chmod 660 /var/run/utmp
chmod 660 /var/log/btmp
## Small read-on section, explaining wqhat is todo,has been done and, ofc, still it is in TESTING on CentOS-6
## ok some simple addins wich are essential (this will both kill most auditd bugs and mainly the udev.d 0days),but really need a perl-pipe-upload blocker,and a FWall tht GOOD!
## wich can add ips as it is being attackd, wich can have own sigs added, or, even script to generate those rules for the ips, and how the rule should be structered.Simply
## using methods like --hash-limit ,will almost kill your use of TCp,so, i have made eth0 based ipv4/6; */network/interface/eth0/* ipv4 or ipv6/ then, modified EACH rule
## THEn there is KNOWN blocks of IPS like, ones we do NOT need, nor will ever use for anything BUT these are also many of boxes wich are pwnable,so must kill them thru iptables
## mixed with (BSD: sysctl.conf and Linux is thru interfaces/ to achieve same thing),BSD has a few different places,and handles tmp dirrently,and will be added to universal
## script for setup of boxes,and for adding of users, after the actual setup scripts,and ip6tables* ipfw6/pf ,must also be accounted for,but on BSD,it use many things.
## Also dont be scred to use some anti-* scripts,nor ddos_deflate, IF you set it right, it works gr8,aswith an upto-date A/V,one wich will find shelling,bindshells,rkits.
## WILL be added/done for Linux/BSD and, will have 2-3 scripts wich you basically then get info for on howto use, plz,dont beg me for shit, if your luicky, and ask, i will ask
## you maybe for some minor helps like, login.sh wich, i would LOVE to be able to make asciigenerator for the motd,and, basically GUI for setting motd,banner.
## MAIN todo, i thik is to check some methods out on restricting /sbin/nologin accounts,passwd/shadow,and blocking even root user echoing to those files,MUST use editor as root
## that, then, i gues, adding as we find new problems, ie; XML,TYP03 ,and other Java/Pdf/Browser exploit stuff wich MAY be used on linux websites hacked,and need to kill these.
## Udev.D and other stuffs we need and have added
chmod 700 /sbin/udevd
chmod 660 /var/log/faillog
chmod 660 /var/log/lastlog
chmod 660 /var/log/lastlogin
## not many people think about 'dash' or 'ash' but theyre BOTH used BUT permissions are VERY different
chmod 511 /bin/dash
chmod 511 /bin/ash
chmod 511 /bin/sh
## this can maybe JUSt be the config wich need to have 100% chmod,but dont know if /ssh/ is useful to blockout. i dont see any harm,so this would be better,or add more to chmod.
chmod 700 /etc/ssh/sshd_config
chmod 700 /etc/ssh/*
chmod 700 /etc/hosts.allow
chmod 700 /etc/hosts.deny
chmod 700 /etc/hosts.equiv
## MAKESURE you do chmod the '/etc/sudoers' file, or it will NOT work right! MUST be,always 0440 .
chmod +x `which sudo`
chmod 440 /etc/sudoers
## Other GOOD ways to chmod what we need ONLY in /etc ,not the WHOLE dir.Pretty easy way to get out of doing a 'good' script/job,so,do BY FILE you NEED ONLY.
## Now we add syslog-ng and use this BUT remmeber rsyslogd ,is STILL active..so must edit syslogging conf, for this and other 'notifiers' of abusive stuff,ie; root-use eMech,etc
chmod 700 /etc/sysctl.conf
chmod 700 /etc/syslog.conf
chmod 700 /etc/syslog-ng.conf
chmod 700 /etc/pam.conf
chmod 700 /etc/profile
chmod 700 /etc/bashrc
chmod 700 /etc/cshrc
chmod 700 /etc/tcshrc
chmod 700 /etc/fstab
chmod 700 /etc/php.ini
chmod 700 /etc/php.conf
## Directory /libs
chmod g+w /usr/lib
chmod 755 /usr/lib
## anti-AUDIT-xploit stuff ie; common pathways used to attack,and the EXACT libs,we can restrict
chmod 711 /sbin/auditd
chmod 711 /dev/shm/*
chmod 755 /proc/fd3/map/*
chmod g+r /proc/fd3/map/*
chmod 755 /proc/*
chmod g+r proc/*
chmod 700 /libs/pcprofile.so
chmod 700 /libs/pcprofile.so.*
chmod 700 /libs/liblftp.so
chmod 700 /libs/liblftp.so.3
chmod 700 /libs/liblftp.so.4
chmod 700 /libs/liblftp.so.*
## apps we add (MOST COMMDON)
chmod 660 /usr/sbin/pure-ftpd
chmod go-r /usr/sbin/pure-ftpd
chmod 700 /usr/etc/pure-ftpd.conf
chmod g+r /usr/sbin/oidentd
chmod 755 /usr/sbin/oidentd
chmod go-r /etc/oidentd.conf
chmod go-r /usr/etc/oidentd.conf
chmod go-r /etc/oidentd_masq.conf
chmod go-r /usr/etc/oidentd.conf
touch ~/.oidentd.conf
chmod 644 ~/.oidentd.conf
## we better CHECk these and also makesure the pure-ftpd stuff done right in /opt/ftpusers/* coz this is user ftp-dir; setup when you add the user (bash-script-addon).
chmod 700 /etc/php-zts.d
chmod 700 /etc/php.d
chmod 700 /etc/php.ini.rpmnew
chmod 700 /etc/httpd/conf.d/php.conf
chmod 700 /etc/php-zts.d/*
chmod 700 /etc/php.d/*
chmod 700 /lib/modules/*
## sometimes this could be anything your using for easy setup and backup, but, to chmod etc/ alone is NOT a great idea,is better to restrict by filenames.
chmod 700 /root/vhosts.php
chmod 700 /root/vhoststest.php
chmod 700 /root/llvm
chmod 700 /root/ftpd-up.sh
chmod 700 /root/webminstart.sh
chmod 700 /root/oidentd.sh
chmod 700 /root/webminstart.sh
chmod 700 /root/ipv6.sh
chmod 700 /root/ipv6-he.sh
chmod 700 /root/vhosts.sh
chmod a+x /etc/motd
## IRC/IRCD and/or anything USER necessary, and some blocks against PHP (.ini) attacks
chmod a+x /usr/bin/irssi
chmod 700 /etc/irssi.conf
chmod a+x /usr/bin/znc
chmod a+x /usr/bin/BitchX
cp /usr/lib64/bx/script/example-.bitchxr ~/.bitchxrc
chmod 711 .bitchxrc
cp /usr/bin/BitchX /usr/bin/bx
chmod a+x /usr/bin/bx
chmod a+x /usr/bin/scr-bx
## added for php,apache,lynx and var/www/ and anything else wich does not fit in other areas.
chmod 700 /usr/bin/php
chmod 700 /usr/bin/php-cgi
chmod 700 /usr/bin/phpize
chmod 700 /usr/lib64/php
chmod 700 /usr/lib64/php-zts
chmod 700 /usr/lib64/php/modules/
chmod 700 /usr/share/php
chmod 700 /var/lib/php
chmod 700 /var/lib/php/session
chmod a+x /usr/bin/lynx
chmod 644 /etc/lynx.cfg
cp /etc/lynx.cfg ~/lynx.cfg
chmod 644 ~/lynx.cfg
## now for httpd and /var/www/
chmod 700 /usr/lib64/httpd/modules/
chmod 660 /var/www/icons/*
chmod 660 /var/www/*
## added for 'syslog-ng' on LINUX,and for -> (CentOS.v6.3 x64-Minimal 2012 Kernel)
## NOTE: THis is currently the box Im using to make this script
## TODO: need x86 pathways for centOS and more better setup chmods ,still need to test some but sofar it is OK for sudo/root,user base being tested/debugged
chmod 700 /etc/syslog-ng
chmod 700 /etc/rc.d/init.d/syslog-ng
chmod 700 /etc/sysconfig/syslog-ng
chmod 700 /etc/syslog-ng/modules.conf
chmod 700 /etc/syslog-ng/patterndb.d
chmod 700 /etc/syslog-ng/scl.conf
chmod 660 /etc/syslog-ng/syslog-ng.conf
chmod 660 /lib64/libsyslog-ng.so.0
chmod 700 /lib64/libsyslog-ng.so.0.0.0
chmod 660 /lib64/syslog-ng
chmod 660 /lib64/syslog-ng/libaffile.so
chmod 660 /lib64/syslog-ng/libafprog.so
chmod 660 /lib64/syslog-ng/libafsocket-notls.so
chmod 700 /lib64/syslog-ng/libafsocket.so
chmod 700 /lib64/syslog-ng/libafuser.so
chmod 700 /lib64/syslog-ng/libbasicfuncs.so
chmod 700 /lib64/syslog-ng/libconfgen.so
chmod 700 /lib64/syslog-ng/libconvertfuncs.so
chmod 700 /lib64/syslog-ng/libcsvparser.so
chmod 700 /lib64/syslog-ng/libdbparser.so
chmod 700 /lib64/syslog-ng/libdummy.so
chmod 700 /lib64/syslog-ng/libsyslogformat.so
chmod 700 /sbin/syslog-ng
chmod 700 /sbin/syslog-ng-ctl
chmod 700 /usr/share/syslog-ng
chmod 700 /usr/share/syslog-ng/include/scl/*
chmod 700 /usr/share/syslog-ng/include/scl/pacct/plugin.conf
chmod 700 /usr/share/syslog-ng/include/scl/syslogconf/plugin.conf
chmod 700 /usr/share/syslog-ng/include/scl/system/generate-system-source.sh
chmod 700 /usr/share/syslog-ng/include/scl/system/plugin.conf
chmod 660 /usr/share/syslog-ng/xsd/*
chmod 660 /var/lib/syslog-ng
chmod 644 /usr/share/doc/*
chmod 644 /usr/share/doc/*/rsyslog_php_syslog_ng.html
## yum manager/repos on centOS/RHEL based distros wich use yum.
chmod 700 /var/lib/yum/yumdb/
chmod 700 /var/lib/yum/yumdb/s/
chmod 700 /etc/yum.repos.d/
## rc.d directorys (centOS6.3-x64) based paths.
#chmod 700 /etc/rc.d/*
chmod 700 /etc/rc.d/rc0.d/*
chmod 700 /etc/rc.d/rc1.d/*
chmod 700 /etc/rc.d/rc2.d/*
chmod 700 /etc/rc.d/rc3.d/*
chmod 700 /etc/rc.d/rc4.d/*
chmod 700 /etc/rc.d/rc5.d/*
chmod 700 /etc/rc.d/rc6.d/*
along with the o/s , might help... oh, i had to run dpkg-reconfigure vsftpd for vsftpd users,thats only way to reset your configs then just reset that up.. theres alot still untouched, but this atleast gives you a chance... and heym , now my vps loaded all init scripts etc fine no erors...so i have somewhat reccovered from this on debian ** (remember deb was apprently not possible,..and frankly i tried everything..until the above when i removed the sudoers file from sudoers.d it seeemed to work as there is a sudoers.tmp file wich seems visudo will create, thats the problem in debian.. you have to reset your sudoers file in /etc/ chmod it as root, then go hard
xd
Just a note... tried eveything then...
