!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/share/doc/gamin-0.1.7/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     differences.html (6.77 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
Differences from FAM

Gamin the File Alteration Monitor

Differences from FAM

Main Menu
Related links

Differences

gamin should be binary and source code compatible with FAM 2.6.8. However there are some differences and at least one significant extension.

The differences are in term of implementation:

  • No system wide server, instead it relies on per user server, if needed started on demand by the fam/gamin library.
  • The functions FAMSuspendMonitor(), FAMResumeMonitor() and FAMMonitorCollection() are not implemented. They all raise problem of accumulating unbounded state on the server side and better handled at the client level if needed.
  • FAMErrno is provided, but the values may not match their FAM counterparts, similary FamErrlist[] error messages are different.
  • No NFS support based on specific RPC and server, instead gamin monitors only the state as reported locally by the kernel, not that locally done changes on NFS or AFS filesystems are reported on Linux which is the main criteria when having user home directories on such filesystems.

Extension(s)

We tried to limit changes in gamin but a number of features were deemed more important than sticking to the exact same set than FAM:

  • Support for inotify on Linux if compiled in the kernel, this override most of the deficiencies related to dnotify.
  • A lot of debugging support was added both for client and server see the specific page on the matter.
  • The possibility to block Exist/EndExists callbacks when monitoring directories based on a new API, see below

FAM when monitoring a directory, immediately send a set of events listing the files found in that directory, this ends up with an EndExists events. However when monitoring hierarchy it's usually far more efficient and simple to do the scanning on the client side and ignore those directory listing events from the FAM server (the only drawback is a potential mismatch of the directory content between the FAM server and the client). In such a case, all those events are not only superfluous but they are also dangerous since they can lead to a congested pipe to the client which is just scanning directories and not listening to FAM. To that intent we added in gamin 0.0.23 a new API disabling the Exists/EndExists sequences when watching directories for a given FAMConnection:

int FAMNoExists(FAMConnection *fc)

and with the Python bindings:

WatchMonitor.no_exists()

This feature is also used when the client reconnect to the server after a connection loss or if the server died.

Calling it changes the protocol as described below, directory monitoring from that call will only get mutation events and not the initial lists:

The NoExists behaviour change on callbacks

Daniel Veillard


:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.011 ]--