c99shell - /etc/passwd

AlexisMeroni · Apr 29, 2013

Hello,
How prevent the acces to /etc/passwd with the c99 shell.

Thank you,
Alexis M.

AlexisMeroni · May 3, 2013

UP Please

robb3369 · May 3, 2013

Check out CXS... ConfigServer eXploit Scanner (cxs)... This will scan for scripts (regardless of the name of the script) that have code that accesses the /etc/passwd file... You can set the scanner to remove and quarantine those scripts...

Also, there are mod_security rules you could add to prevent execution of the scripts...
https://www.atomicorp.com/products/modsecurity.html

AlexisMeroni · May 4, 2013

There is no free solution? : s

PenguinInternet · May 4, 2013

Yes, you could code something yourself Be fair, people deserve payment for coding decent scripts and I'd highly recommend CXS

24x7server · May 7, 2013

You can install mod_security with delayed rules on your server to protect your /etc/passwd file

http://updates.atomicorp.com/channels/rules/delayed/

Atomic ModSecurity Rules - Atomicorp Wiki

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

c99shell - /etc/passwd

AlexisMeroni Active Member

AlexisMeroni Active Member

robb3369 Well-Known Member

AlexisMeroni Active Member

PenguinInternet Well-Known Member
PartnerNOC

24x7server Well-Known Member

Since 56.0.13, passwd hashes do not match

Global passwd file?

passwdpop function (cPanel API2) question

lfd /bin/passwd: FAILED

UAPI::Ftp:passwd

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

c99shell - /etc/passwd

AlexisMeroni Active Member

AlexisMeroni Active Member

robb3369 Well-Known Member

AlexisMeroni Active Member

PenguinInternet Well-Known Member PartnerNOC

24x7server Well-Known Member

Since 56.0.13, passwd hashes do not match

Global passwd file?

passwdpop function (cPanel API2) question

lfd /bin/passwd: FAILED

UAPI::Ftp:passwd

Share This Page

PenguinInternet Well-Known Member
PartnerNOC