The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mysql connection from other account and hacking

Discussion in 'Security' started by Maximum, Dec 28, 2008.

  1. Maximum

    Maximum Member

    Joined:
    Feb 14, 2007
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    hello every one , I have a big bug in my server one of my clients (siteA) make shortcuts to the other forums config files at all server's accounts example :
    Code:
    v12 -> /home/site[COLOR="Red"]B[/COLOR]/public_html/forum/includes/config.php
    
    then he read the shortcut from his site http://site[COLOR="red"]A[/COLOR].com/v12 , now he can get the contain of the config file

    now he use other php file to update forum style templates with his name :mad:

    the php file he use contain database connection

    Code:
    site[COLOR="Red"]B[/COLOR]_forum
    
    site[COLOR="Red"]B[/COLOR]_usernam
    password
    
    Please help me how Can I stop creating shortcuts and make the user only can connect his database

    Please help , really I will lose all my clients because this ways to hack

    Thank you for help
     
  2. activa

    activa Well-Known Member

    Joined:
    May 23, 2006
    Messages:
    204
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Morocco
    cPanel Access Level:
    Root Administrator
    a simple fix is disabling th symlink function in php.ini .

    also disabling cgi perl with mod security .
     
  3. Maximum

    Maximum Member

    Joined:
    Feb 14, 2007
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    I disabled the symlink function but they make it in there computers and upload it from FTP :eek:

    cgi perl I disabled it by chmod 700 /usr/bin/perl :(


    Please any one have any way to make more security ?

    Thank you
     
  4. Voltar

    Voltar Well-Known Member

    Joined:
    Apr 30, 2007
    Messages:
    269
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Bakersfield, California
    Are you running suPHP? Do you have the php open_basedir tweak enabled ?
     
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    If you are using suphp just use the filesystem built-in protection.

    Make sure that the file /home/siteB/public_html/forum/includes/config.php is owned by the user and user's group and set the permissions on the file so that the file cannot be read by any other:

    Code:
    chown siteB:siteB /home/siteB/public_html/forum/includes/config.php
    chmod 600 /home/siteB/public_html/forum/includes/config.php
    This should result in the file showing -rw------- as its permissions.

    Now when siteA tries to symlink, the symlink will be successful, but they won't have permission to open the file and read it.
     
  6. Maximum

    Maximum Member

    Joined:
    Feb 14, 2007
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Yes I'm using suphp but just now I active open_basedir

    mmmm I feel the chmod 600 for config.php files are very tired as I can't do it for 200 user with different folder of forum name ..

    Are there any affect solution we can do , as SeLinux ? or similar program


    Thank you
     
  7. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    If you know all of the files are named config.php then you can run the command:

    Code:
    find /home -name config\.php -exec chmod 600 {} \;
    This will look for all files named config.php under your /home directory and change the permissions on all of those files to 600.

    This may or may not be what you want to do.

    A bit of advice concerning the above command, you may want to double check and see exactly what this command is going to do. Running the above find line will actually change the permissions. To see the actually set of commands that will run, add an echo in the exec:

    Code:
    find /home -name config\.php -exec echo chmod 600 {} \;
    This won't do anything, it will just echo to the screen the commands that would be run. Adding this echo part is a good way to debug a command like this and see exactly what is going to be done without actually doing it.
     
Loading...

Share This Page