On Wed, July 11, 2007 11:16 pm, deb4o wrote: > няколко пъти пробиват през уеб сървъра и копират разни неща за пускане на > irc bot > все в /tmp, но там сетнах noexec,nosuid на този дял и не могат да ги > страртират. > но искам да разбера къде е дупката в апачето. > Apache 2.0.53 и php 4.3.9 > > Така и не мога да разбера от къде влизат. търсих по логовете но само > единственно в error log-a на апачето намирам подобни на тези неща: > > --00:43:08-- http://private.whitehat.ro/flood > => `flood' > Resolving private.whitehat.ro... 72.22.77.22 > Connecting to private.whitehat.ro[72.22.77.22]:80... connected. > HTTP request sent, awaiting response... 200 OK > Length: 208,412 [text/plain] > > 0K .......... .......... .......... .......... .......... 24% 60.12 > KB/s > 50K .......... .......... .......... .......... .......... 49% 237.64 > KB/s > 100K .......... .......... .......... .......... .......... 73% 16.05 > KB/s > 150K .......... .......... .......... .......... .......... 98% 60.06 > KB/s > 200K ... 100% 10.13 > MB/s > > 00:43:13 (40.79 KB/s) - `flood' saved [208412/208412] > > ------------------- > --11:39:45-- http://private.whitehat.ro/n.jpg > => `n.jpg' > Resolving private.whitehat.ro... 72.22.77.22 > Connecting to private.whitehat.ro[72.22.77.22]:80... connected. > HTTP request sent, awaiting response... 200 OK > Length: 261,375 [image/jpeg] > > 0K .......... .......... .......... .......... .......... 19% 60.85 > KB/s > 50K .......... .......... .......... .......... .......... 39% 122.81 > KB/s > 100K .......... .......... .......... .......... .......... 58% 16.38 > KB/s > 150K .......... .......... .......... .......... .......... 78% 61.60 > KB/s > 200K .......... .......... .......... .......... .......... 97% 81.52 > KB/s > 250K ..... 100% 1.02 > MB/s > > 11:39:52 (44.69 KB/s) - `n.jpg' saved [261375/261375] > > _______________________________________________ > Lug-bg mailing list > [email protected] > http://linux-bulgaria.org/mailman/listinfo/lug-bg >
Малко оффтопик, но nosuid,noexec е лека заблуда на противника: test:~# dd if=/dev/zero of=fs bs=1k count=100 100+0 records in 100+0 records out 102400 bytes (102 kB) copied, 0.000681537 seconds, 150 MB/s test:~# losetup -f fs test:~# mkfs.ext3 /dev/loop0 mke2fs 1.40-WIP (14-Nov-2006) Filesystem label= OS type: Linux <snip> </snip> test:~# test:~# mount -o loop,nosuid,noexec fs mnt test:~# mount|grep mnt /root/fs on /root/mnt type ext2 (rw,noexec,nosuid,loop=/dev/loop1) test:~# test:~/mnt# cat << EOF > test > #!/bin/bash > echo test > EOF test:~/mnt# test:~/mnt# chmod 0755 test test:~/mnt# ./test -su: ./test: /bin/bash: bad interpreter: Permission denied test:~/mnt# /bin/bash test test test:~/mnt# Пробвай safe_mode :) -- WWell by Iassen Anadoliev _______________________________________________ Lug-bg mailing list [email protected] http://linux-bulgaria.org/mailman/listinfo/lug-bg
