Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /etc/rc.d/rc1.d/ drwxr-xr-x |
Viewing file: K88auditd (3.25 KB) -rwxr-xr-x Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | #!/bin/bash # # auditd This starts and stops auditd # # chkconfig: 2345 11 88 # description: This starts the Linux Auditing System Daemon, \ # which collects security related events in a dedicated \ # audit log. If this daemon is turned off, audit events \ # will be sent to syslog. # # processname: /sbin/auditd # config: /etc/sysconfig/auditd # config: /etc/audit/auditd.conf # pidfile: /var/run/auditd.pid # # Return values according to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - insufficient privilege # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # PATH=/sbin:/bin:/usr/bin:/usr/sbin prog="auditd" # Source function library. . /etc/init.d/functions # Allow anyone to run status if [ "$1" = "status" ] ; then status $prog RETVAL=$? exit $RETVAL fi # Check that we are root ... so non-root users stop here test $EUID = 0 || exit 4 # Check config test -f /etc/sysconfig/auditd && . /etc/sysconfig/auditd RETVAL=0 start(){ test -x /sbin/auditd || exit 5 test -f /etc/audit/auditd.conf || exit 6 echo -n $"Starting $prog: " # Localization for auditd is controlled in /etc/synconfig/auditd if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE else LANG="$AUDITD_LANG" LC_TIME="$AUDITD_LANG" LC_ALL="$AUDITD_LANG" LC_MESSAGES="$AUDITD_LANG" LC_NUMERIC="$AUDITD_LANG" LC_MONETARY="$AUDITD_LANG" LC_COLLATE="$AUDITD_LANG" export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE fi unset HOME MAIL USER USERNAME daemon $prog "$EXTRAOPTIONS" RETVAL=$? echo if test $RETVAL = 0 ; then touch /var/lock/subsys/auditd # Load the default rules test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null fi return $RETVAL } stop(){ echo -n $"Stopping $prog: " killproc $prog RETVAL=$? echo rm -f /var/lock/subsys/auditd # Remove watches so shutdown works cleanly if test x"$AUDITD_CLEAN_STOP" != "x" ; then if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" then /sbin/auditctl -D >/dev/null fi fi if test x"$AUDITD_STOP_DISABLE" != "x" ; then if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no" then /sbin/auditctl -e 0 >/dev/null fi fi return $RETVAL } reload(){ test -f /etc/audit/auditd.conf || exit 6 echo -n $"Reloading configuration: " killproc $prog -HUP RETVAL=$? echo return $RETVAL } rotate(){ echo -n $"Rotating logs: " killproc $prog -USR1 RETVAL=$? echo return $RETVAL } resume(){ echo -n $"Resuming logging: " killproc $prog -USR2 RETVAL=$? echo return $RETVAL } restart(){ test -f /etc/audit/auditd.conf || exit 6 stop start } condrestart(){ [ -e /var/lock/subsys/auditd ] && restart return 0 } # See how we were called. case "$1" in start) start ;; stop) stop ;; restart) restart ;; reload) reload ;; rotate) rotate ;; resume) resume ;; condrestart) condrestart ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|rotate|resume}" RETVAL=3 esac exit $RETVAL |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0061 ]-- |