Protection against Shell Scripts

bin_asc · Dec 25, 2007

What methods do you use to get protected ? What modules do you using Apache and php to get protected ?
I`m interested because I tried suphp, disable_functions and suexec, nothing works. I can still read for example : /etc/passwd.
Need your suggestions.

Vinayak · Dec 25, 2007

Have you enabled the open base directory protection in WHM.

bin_asc · Dec 26, 2007

You can forget about that, with a normal shell script, that`s very easy to bypass.

cPanelKenneth · Dec 26, 2007

Which functions are you disabling via disable_functions in php.ini?

bin_asc · Dec 26, 2007

exec, system, popen, passthru, shell_exec, proc_open, proc_close, proc_nice, proc_terminate, pclose

cPanelKenneth · Dec 27, 2007

bin_asc said:
exec, system, popen, passthru, shell_exec, proc_open, proc_close, proc_nice, proc_terminate, pclose

You may wan to add dl. Also check out more of the File System functions. Also, open_basedir can at least be used to lock the PHP functions to a specific directory.

bin_asc · Dec 28, 2007

Well, I did do something, now I can`t browse /home/, but thing is, I can still list /etc/passwd, and I think the only way to stop that is to stop the fopen function which is pretty much out of discussion.

PS. I can list / too.

Thread starter	Similar threads	Forum	Replies	Date
	In Progress CPANEL-40545 - No brute force protection detected while Imunify360 active	Security	5	Apr 28, 2022
H	Shell fork Protection	Security	2	Mar 30, 2022
7	KernelCare's Free Symlink Protection Removed After Update	Security	6	Nov 15, 2021
M	Protection against brute force attacks	Security	1	Feb 23, 2017
S	Protection against rogue domains pointing to our IP's	Security	5	May 13, 2015

Search

Search

Protection against Shell Scripts

bin_asc

Well-Known Member

Vinayak

Well-Known Member

bin_asc

Well-Known Member

cPanelKenneth

cPanel Development

bin_asc

Well-Known Member

cPanelKenneth

cPanel Development

bin_asc

Well-Known Member