Hacker run a PHP script on an user account and can list all the domains and users on the same server. I have no evidence showing they can get the password, but it's not good to reveal the user ID.
The script is simple, it gets the domain name from /etc/named.conf file, then get the users from /etc/valiases/. I tested with a normal user, but it does not have permission to read the files under /etc/valiases/. How can this PHP script read it?
Thanks for any help.
Code: ls -lah /etc/valiases/
/bin/ls: /etc/valiases/: Permission deniedHack code snippet:
Code: $d0mains = @file("/etc/named.conf"); Code: $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
How to disallow normal user read named.conf file?
[Cpanel Blog] CSF and Google bots ??? May,2012
Kamis, 14 Juni 2012
[Cpanel Blog] How to disallow normal user read named.conf file? June,2012
Diposting oleh Bimo Hery Prabowo di 19.32
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar