Showing posts with label linux. Show all posts
Showing posts with label linux. Show all posts

8 September 2018

execute root commands via php

Solution using a binary wrapper (with suid bit)

1) Create a script (preferrably .sh) that contains what you want to be ran as root.
# cat > php_shell.sh <<CONTENT
  #!/bin/sh
  /sbin/service sshd restart
CONTENT
2) This file should be owned by root, and since it will later run with root permissions make sure that only root has permission to write to the file.
# chown root php_shell.sh
# chmod u=rwx,go=xr php_shell.sh
3) To run the script as root no matter what user that executes it, we will need a binary wrapper. Create one that will execute our php_shell.sh.
# cat > wrapper.c <<CONTENT
  #include <stdlib.h>
  #include <sys/types.h>
  #include <unistd.h>

  int
  main (int argc, char *argv[])
  {
     setuid (0);

     /* WARNING: Only use an absolute path to the script to execute,
      *          a malicious user might fool the binary and execute
      *          arbitary commands if not.
      * */

     system ("/bin/sh /path/to/php_shell.sh");

     return 0;
   }
CONTENT
4) Compile and set proper permissions, including the suid bit (saying that it should run with root privileges):
# gcc wrapper.c -o php_root
# chown root php_root
# chmod u=rwx,go=xr,+s php_root
php_root will now run with root permissions, and execute the commands specified in php_root.sh.

If you don't need to the option to easily change what commands that will be executed I'd recommend you to write the commands directly in wrapper.c under step 4. Then you don't need to have a binary executing a external script executing the commands in question.
In wrapper.c, use system ("your shell command here"); to specify what commands you'd like to execute

source https://stackoverflow.com/a/8532448

4 August 2017

bsnl 's digital india journey begins with blocking ssh port 22

UPDATE: 15/08/2017 FINALLY BSNL UNBLOCKED PORT 22

As you may have noticed BSNL broadband users no longer able to access to their remote servers through SSH ,

also many users reported the same here https://broadbandforum.co/threads/bsnl-broadband-seems-to-have-blocked-ssh-port-22-on-their-network.151617/

if you have root access to your remote server you can use iptables's port redirect rule to fuck dumb bsnl bastards right in their holes.


run this simple command once you logged into your remote server using VPN or proxy.


iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 222 -j REDIRECT --to-port 22

you can change 222 to any number you want but make sure the port number is not already in use.


after this, just change port from 22 to 222 in your putty or any ssh client,now you should be able to access your server without VPN or proxy.





29 February 2012

How to install the Sun Java JDK on Ubuntu 10.10?

sudo apt-get install python-software-properties

sudo add-apt-repository ppa:sun-java-community-team/sun-java6

sudo apt-get update

sudo apt-get install sun-java6-jdk

30 January 2012

search files in linux server

find /etc -name '*.conf'





/etc is directory or path


*.conf is file name * represents any name.conf files.

install Imagick on CentOS 5.x 32bit

Run the following commands


yum install ImageMagick

yum install ImageMagick-devel

yum install php-pear

pecl install imagick

echo "extension=imagick.so"> /etc/php.d/imagick.ini



service httpd restart

check Imagick is configured corectly by following command.

php -m | grep imagick

this will display output as "Imagick" that means you are Done.

cron job in kloxo/lxAdmin

command php -q /home/username/domain name/path to cron file

know the list of disabled functions on server

<?php
error_reporting(E_ALL);
$disabled_functions = ini_get('disable_functions');
if ($disabled_functions!='')
{
$arr = explode(',', $disabled_functions);
sort($arr);
echo 'Disabled Functions:
';
for ($i=0; $i<count($arr); $i++)
{
echo $i.' - '.$arr[$i].'<br>';
}
}
else
{
echo 'No functions disabled';
}
?>

check/list services running on server

service command - list running services
service --status-all
service --status-all | grep ntpd
service --status-all | less




Print the status of any service
To print the status of apache (httpd) service:
service httpd status


List all known services (configured via SysV)
chkconfig --list

List service and their open ports
netstat -tulpn
Turn on / off service
ntsysv
chkconfig service off
chkconfig service on
chkconfig httpd off
chkconfig ntpd on

change timezone on linux server

1 )
# cd /etc
# ln -sf /usr/share/zoneinfo/Asia/Calcutta localtime

Or

2) cp /usr/share/zoneinfo/Asia/Calcutta /etc/localtime

Or

3) # sudo ln -s /usr/share/zoneinfo/Asia/Calcutta /etc/localtime

wget multiple urls

usualy we do wget http://www.stephin/file/download.zip


but now i am going to show tell you how to download files to server from different different urls..

make a .txt files and put all the links in that loks like

 u may use linux command to make .txt file vi links.txt


finaly run wget -i links.txt


your files will get downloaded one by one...

yum no package available

1. Create and open a new file called /etc/yum.repos.d/dag.repo
(vi /etc/yum.repos.d/dag.repo )

2. Add the following text to the file:
[dag]
name=DAG RPM Repository
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1

3. Finally, save and close the file.