!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/share/setools/   drwxr-xr-x
Free 51.24 GB of 127.8 GB (40.09%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     sechecker_help.txt (3.47 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
SELinux Policy Checker Tool Help File
sechecker, version 3.0
October 1, 2006
selinux@tresys.com

This file contains the basic help information for using sechecker,
version 3.0.  This version of sechecker allows you to run a series of
policy checks (modules) on a policy.  Sechecker is designed to be
extensible and configurable so that developers can easily add new
policy checks and configure them to run in batches with different
options.

Each module analyzes a policy.  If you do not specify a policy on the
command line, the tool uses the system policy by default.  In
addition, some checks will require the file_contexts file in order to
run correctly.  If you do not specify the file_contexts file the tool
will use the system file_contexts file by default.

Checks can be run one at a time on the command line (by specifying a
module) or in a batch (by specifying a profile).  You can create a
custom profile to configure a batch of modules with the options that
you commonly use.

The return value of sechecker indicates whether a check failed on the
policy.  Therefore sechecker may be used in shell scripts or makefiles
to do conditional branching.


Report Output:
--------------
Sechecker generates a report with the output of each module that was
run.  The report includes an explanation of each module, the modules'
severity, and the modules' results.  There are three output options to
specify what gets included in the report.

1.) quiet - don't print the report
2.) short - print the list of results for each module
3.) verbose - print the list of results for each module and the list of 
    proofs for each result


Modules:
--------
A module encapsulates a single check on the policy.  Modules can be
data driven by information specified in a profile.  However, each
module will work using default values if no profile is used.  See the
help for the specific module(s) to determine what data may be
overridden in a profile.

Each module has a specified severity (high, med, low).  These are
defined as follows:

1) "high":  the module-results indicate an identifiable security risk
   in the SELinux policy.

2) "med":  the module-results indicate a flaw in the SELinux policy
   that changes the manner in which the policy is enforced; however,
   it does not present an identifiable security risk.

3) "low":  the module-results indicate a flaw in the policy that does
   not effect the manner in which the policy is enforced, but is
   considered to be improper.


Profiles:
---------
There are three profiles that are installed with the sechecker
program.  The three profiles are described below.

1.) development: this profile includes several policy checks of low
    and med severity.  The checks are common tasks that a policy
    developer will consider helpful for writing good policy.

2.) analysis: this profile includes several policy checks of med and
    low severity that are of higher computational complexity than the
    development profile and not meant to be used very often by policy
    developers.

3.) all: this profile runs all known modules.

Profiles can be created to run any set of modules with different
options.  The profile can specify the output format for each module.


Other Options:
--------------
You can specify a minimum module severity to report.  If the minimum
severity is "med" and the "all" profile is used, all modules that are
"med" or "high" will be run and the results for those modules will be
reported by sechecker.  The "low" severity modules listed in the
profile will be ignored.

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0144 ]--