110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/share/doc/mgetty-1.1.33/ drwxr-xr-x Free 43.79 GB of 127.8 GB (34.27%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/usr/share/doc/mgetty-1.1.33/ drwxr-xr-x
Free 43.79 GB of 127.8 GB (34.27%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: loginv2.txt (1.73 KB) -rw-r--r--
Select action/file-type:
(+) | (+) |

(+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

From gert@greenie.muc.de Mon Feb 22 08:35:40 1999
Message-ID: <19990222083540.G1089@greenie.muc.de>
Date: Mon, 22 Feb 1999 08:35:40 +0100
From: Gert Doering <gert@greenie.muc.de>
To: Pang Wai Man Raymond <wmpang@se.cuhk.edu.hk>, mgetty@muc.de
Subject: Re: Restrict login through callback, not dial-in by mgetty?
References: <19990222105324.56820@se.cuhk.edu.hk>
X-mgetty-docs: http://alpha.greenie.net/mgetty/

Hi,

On Mon, Feb 22, 1999 at 10:53:24AM +0800, Pang Wai Man Raymond wrote:
> Requirement
> ===========
> Without using the dialback modem, 
> 1. a dummy account with password, can initiate the callback 
> 2. users can only login through callback, but not dial-in.
> 
> I can implement step 1 but not 2. Does anybody have alternative?

Set up login.config like this:

------- login.config sample, file version 2 ----------
# login.config
#
# use version-2 format
!version 2
#
#
# this is the dummy user name, it's allowed to login only if this 
# is not already an ongoing callback
callback	N	-	-	/usr/local/sbin/callback -S 12345
#
# these are the real users: only allowed if it's a callback ("Y")
*		Y	-	- 	/bin/login @
#
# if some other user name was entered, and it's not a callback, 
# throw them out
*		-	-	-	/bin/false
------- login.config sample, file version 2 ----------

I admit that the "version 2" stuff isn't documented anywhere yet (except
the source) and it hasn't been fully tested either.  So please get mgetty
1.1.20, test it, and report back to us :)

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert@greenie.muc.de
fax: +49-89-35655025                        gert.doering@physik.tu-muenchen.de

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0086 ]--