!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/squid/help/   drwxr-xr-x
Free 50.88 GB of 127.8 GB (39.81%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     edit_misc.it.html (4.76 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
Miscellaneous Options
Startup DNS test addresses: DNS servers that Squid will query to test whether DNS lookups are working correctly.

SIGUSR1 logfile rotations: Defaults to 10 or 0, dependent on system. Specifies the number of logfile rotations to make when you type 'squid -k rotate'. The default is 10, which will rotate with extensions 0 through 9. Setting logfile_rotate to 0 will disable the rotation, but the logfiles are still closed and re-opened. This will enable you to rename the logfiles yourself just before sending the rotate signal.

Note, the 'squid -k rotate' command normally sends a USR1 signal to the running squid process. In certain situations (e.g. on Linux with Async I/O), USR1 is used for other purposes, so -k rotate uses another signal. It is best to get in the habit of using 'squid -k rotate' instead of 'kill -USR1 '.

Error messages text: HTML text to include in error messages. Make this a "mailto" URL to your admin address, or maybe just a link to your organizations Web page.

To include this in your error messages, you must rewrite the error template files (found in the "errors" directory). Wherever you want the 'err_html_text' line to appear, insert a %L tag in the error template file.

Per-client statistics: If you want to disable collecting per-client statistics, then turn off client_db here.

X-Forwarded-For header: Default is 'on'. If set, Squid will include your system's IP address or name in the HTTP requests it forwards. By default it looks like in the HTTP requests it forwards. By default it looks like this:

X-Forwarded-For: 192.1.2.3

If you disable this, it will appear as:

X-Forwarded-For: unknown

Log ICP queries: Default is 'on'. If set, ICP queries are logged to access.log. You may wish do disable this if your ICP load is VERY high to speed things up or to simplify log analysis.

Minimum direct hops: Default is 4. If using the ICMP pinging stuff, do direct fetches for sites which are no more than this many hops away.

Keep memory for future use: Default is 'yes'. If set, Squid will keep pools of allocated (but unused) memory available for future use. If memory is a premium on your system and you believe your malloc library outperforms Squid routines, disable this.

Amount of memory to keep: Default is 'Unlimited'. If set to a non-zero value, Squid will keep at most the specified limit of allocated (but unused) memory in memory pools. All free() requests that exceed this limit will be handled by your malloc library. Squid does not pre-allocate any memory, just safe-keeps objects that otherwise would be free()d. Thus, it is safe to set memory_pools_limit to a reasonably high value even if your configuration will use less memory.

If not set (default) or set to zero, Squid will keep all memory it can. That is, there will be no limit on the total amount of memory used for safe-keeping.

Headers to pass through: Default is 'All headers'. This option replaces the old 'http_anonymizer' option with something that is much more configurable. You may now specify exactly which headers are to be allowed, or which are to be removed from outgoing requests.

There are two methods of using this option. You may either allow specific headers (thus denying all others), or you may deny specific headers (thus allowing all others).

Fake User-Agent: Default is 'none'. If you filter the User-Agent header with the Headers to pass through option it may cause some Web servers to refuse your request. Use this to fake one up.

HTTP Accel Host: Default is 'none'. If you want to run Squid as an httpd accelerator, set this to the address of the real HTTP server.

HTTP Accel Port: Default is 'none'. In addition to setting the HTTP Accel Host you must set the real servers port, here, if you are using Squid as an accelerator.

HTTP Accel With Proxy: Default is 'off'. Enable this if you would like for your Squid to act as a traditional proxy while also providing HTTP acceleration. This option should also be enabled when using transparent proxying.

HTTP Accel Uses Host Header: Default is off. HTTP/1.1 requests include a Host: header which is basically the hostname from the URL. Squid can be an accelerator for different HTTP servers by looking at this header. However, Squid does NOT check the value of the Host header, so it opens a big security hole. We recommend that this option remain disabled unless you are sure of what you are doing.

However, you will need to enable this option if you run Squid as a transparent proxy. Otherwise, virtual servers which require the Host: header will not be properly cached.



:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0117 ]--