9
Jan
Posted in Linux by carlosap |
Dynamic SSH
$ssh -D 9999 username@ip-address-of-ssh-server
En firefox usar red manual
solamente
localhost:9999 socks 4
—————————————————————————
Desktop ssh -L 9999:localhost:8000 miservidorseguro.com Server miservidorseguro.com —————————————————
Para squid:
Desktop ssh -L 9999:localhost:3128 squidserver.com servidor squid squidserver.com
12
Dec
Posted in Linux by carlosap |
locate [options] pattern
Search database(s) of filenames and print matches. Matches include all files that contain pattern unless pattern includes metacharacters, in which case locate requires an exact match. *, ?, [, and ] are treated specially; / and . are not. Searches are conducted against a database of system contents that is updated periodically. To update the database, use the updatedb command.
Options
-d path, –database=path
Search databases in path. path must be a colon-separated list.
-h, –help
Print a help message and then exit.
–version
Print version information and then exit.
8
Dec
Posted in Linux by carlosap |
Task: How to halt/stop user called didi
Type the skill command as follows:
# skill -STOP -u didi
You muse be root to stop other users.
Task: How to resume already halted user called didi
Send CONT single to user didi, type the following command:
# skill -CONT -u didi
Task: How to kill and logout user called didi
You can send KILL single, type the following command:
# skill -KILL -u didi
Task: Kill and logout all users
The ultimate command to kill and logout all users, type the following command:
# skill -KILL -v /dev/pts/*
Please note that send users warning message or logout notice using wall command to avoid data loss.
20
Nov
Posted in Security by carlosap |
If you have unchecked Allow people to post comments on the article on the Options > Discussion panel, then you have only disabled comments on future posts. To completely disable comments, you will have to edit each past post and uncheck Allow Comments from the Write Post SubPanel. Alternatively, you could delete the wp-comments-post.php file, or run this MySQL query, from the command line on a shell account, or using phpMyAdmin: UPDATE wp_posts SET comment_status=”closed”;
Tags: wordpress
9
Jun
Posted in Linux by carlosap |
sudo mount -t cifs -o username=usuario,password=miclave /compu/awd /mnt/awd
9
Jun
Posted in Linux by carlosap |
zip -r wp.zip public_html/wp
6
May
Posted in Linux by carlosap |
section .data
hello: db ‘Hello world!’,10 ; ‘Hello world!’ plus a linefeed character
helloLen: equ $-hello ; Length of the ‘Hello world!’ string
; (I’ll explain soon)
section .text
global _start
_start:
mov eax,4 ; The system call for write (sys_write)
mov ebx,1 ; File descriptor 1 - standard output
mov ecx,hello ; Put the offset of hello in ecx
mov edx,helloLen ; helloLen is a constant, so we don’t need to say
; mov edx,[helloLen] to get it’s actual value
int 80h ; Call the kernel
mov eax,1 ; The system call for exit (sys_exit)
mov ebx,0 ; Exit with return code of 0 (no error)
int 80h
Copy this program into a text editor of your choice (I use vi or SciTE), and save it as hello.asm in your home directory (/home/yourname).
4.5 Compiling and Linking
1. If you don’t have a terminal or console open, open one now.
2. Make sure you are in the same directory as where you saved hello.asm.
3. To assemble the program, type
nasm -f elf hello.asm
If there are any errors, NASM will tell you on what line you did what wrong.
4. Now type ld -s -o hello hello.o
This will link the object file NASM produced into an executable file.
5. Run your program by typing ./hello
(To run programs/scripts in the current directory, you must always type ./ before the name, unless the current directory is in the path.)
You should see Hello world! printed to the screen. Congratulations! You have just written your first assembly program in Linux!
5
May
Posted in Security by carlosap |
Re: IMPORTANT More UpLoad hacks
Click to flag this post 3 stars [3 stars] [3 stars]
by Harold Hallikainen Apr 12, 2007; 12:31pm :: Rate this Message: - Use ratings to moderate (?)
Reply | Reply to Author | View Threaded | Show Only this Message
> 2007/4/12, Harold Hallikainen :
>> > 2007/4/12, Sabri LABBENE :
>> >> Reini Urban wrote:
>> >> >Via the Phpwiki 1.3.x UpLoad feature some hackers from russia upload
>> a
>> >> >php3 or php4 file,
>> >> >install a backdoor at port 8081 and have access to your whole
>> >> >disc and overtake the server.
>> >> >
>> >> >See http://ccteam.ru/releases/c99shell
>> >>
>> >> I think that the URL is wrong.
>> >
>> > This url obviously worked in 2006. Now it is gone.
>> >
>> > I submitted a critical security alert to CERT and it will be in the
>> > cve reports of mitre.org
>> > also then (hopefully).
>>
>> As the one who was attacked, I can give you the IP addresses of the
>> attackers. Second, instead of disallowed extensions, I think it would be
>> much safet to have a list of ALLOWED extensions. I see this as a todo in
>> the upload plugin.
>
> Hm, I will think about it. Other opinions?
>
>> I have set my upload directory as read only and require users to now
>> email
>> me stuff to post.
>>
>> As to how much was visible to the hackers (and I have the code for their
>> script), it SEEMS that it would only be what user apache could see,
>> which
>> would be stuff it owns and stuff that is world readable. Is that
>> correct?
>
> Well not really. The c99shell script tries in various ways to get more
> access.
> At first it compiles and installs a backdoor at port 8081 and then
> with shell access it’s normally quite easy for an experienced hacker
> to get root.
>
> –
> Reini Urban
THANKS for the support on this issue! I did an updatedb, then did locate
c99. The only stuff that comes up is this:
/usr/include/boost/numeric/interval/detail/c99sub_rounding_control.hpp
/usr/include/boost/numeric/interval/detail/c99_rounding_control.hpp
/usr/share/man/man1p/c99.1p.gz
/usr/bin/c99
In addition, port 8081 is blocked at the router (for incoming requests).
So, I’m hoping I’m ok!
Nabble - IMPORTANT More UpLoad hacks.
5
May
Posted in Linux by carlosap |
Easily access the file system of any computer which is running a SSH daemon. For example, to access the files of caesar.somedomain.com as user bob, enter:
fish://bob@caesar.somedomain.com
into the Konqueror location bar. A dialog prompts for the password, and bob’s files are now available for browsing and editing in Konqueror.
fish://bob@caesar.somedomain.com:22
Konqueror tips
http://en.opensuse.org/Konqueror_Tips_and_Tricks
|
