Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Protection against Shell Scripts

Discussion in 'General Discussion' started by bin_asc, Dec 25, 2007.

  1. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    166
    What methods do you use to get protected ? What modules do you using Apache and php to get protected ?
    I`m interested because I tried suphp, disable_functions and suexec, nothing works. I can still read for example : /etc/passwd.
    Need your suggestions.
     
    #1 bin_asc, Dec 25, 2007
  2. Vinayak

    Vinayak Well-Known Member

    Joined:
    Jun 27, 2003
    Messages:
    274
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    Bharat
    cPanel Access Level:
    Root Administrator
    Have you enabled the open base directory protection in WHM.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Vinayak, Dec 25, 2007
  3. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    166
    You can forget about that, with a normal shell script, that`s very easy to bypass.
     
    #3 bin_asc, Dec 26, 2007
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,561
    Likes Received:
    42
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    Which functions are you disabling via disable_functions in php.ini?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelKenneth, Dec 26, 2007
  5. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    166
    exec, system, popen, passthru, shell_exec, proc_open, proc_close, proc_nice, proc_terminate, pclose
     
    #5 bin_asc, Dec 26, 2007
  6. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,561
    Likes Received:
    42
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    You may wan to add dl. Also check out more of the File System functions. Also, open_basedir can at least be used to lock the PHP functions to a specific directory.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 cPanelKenneth, Dec 27, 2007
  7. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    166
    Well, I did do something, now I can`t browse /home/, but thing is, I can still list /etc/passwd, and I think the only way to stop that is to stop the fopen function which is pretty much out of discussion.

    PS. I can list / too.
     
    #7 bin_asc, Dec 28, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - Protection against Shell
  1. moodyeye12

    Protection against brute force attacks

    moodyeye12, Feb 23, 2017, in forum: Security
    Replies:
    1
    Views:
    536
    cPanelMichael
    Feb 24, 2017
  2. Elisabeth J Bertrand

    Website owner, very confused about Symlink Protection on Dedi

    Elisabeth J Bertrand, Jun 22, 2018 at 1:52 AM, in forum: General Discussion
    Replies:
    1
    Views:
    44
    cPanelLauren
    Jun 22, 2018 at 11:46 AM
  3. Skin

    Apache Symlink Protection False positive?

    Skin, Jun 6, 2018, in forum: Security
    Replies:
    3
    Views:
    71
    cPanelLauren
    Jun 6, 2018
  4. matt1206

    No symlink protection detected

    matt1206, May 31, 2018, in forum: Security
    Replies:
    5
    Views:
    82
    cPanelMichael
    Jun 1, 2018
  5. celiac101

    Is Symlink Race Condition Protection Needed on a Non-Shared Server?

    celiac101, May 17, 2018, in forum: Security
    Replies:
    4
    Views:
    122
    celiac101
    May 21, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice