Results 1 to 9 of 9
-
17th Jun 2010, 12:17 PM#1
OPMemberWebsite's:
hostero.net
How to protect from C99 Shell ?
Is there any way to protect from c99 shell? if an user uploads it...
Mareshal Reviewed by Mareshal on . How to protect from C99 Shell ? Is there any way to protect from c99 shell? if an user uploads it... Rating: 5
-
17th Jun 2010, 12:26 PM#2
Member
http://www.eukhost.com/forums/f42/di...unctions-6020/
Disable the functions listed there, hope I helped
-
17th Jun 2010, 12:30 PM#3
Member
as far as i know denying remote inclusion can help you with this, also update your software or use disable_functions = shell() , exec() in the php.ini
-
17th Jun 2010, 03:16 PM#4
(╯?□?)╯︵ ┻━┻
Website's:
Xenu.ws WarezLinkers.com SerialSurf.com CracksDirect.comThere isn't a simple way to completely stop PHP shells.
Most of the functions you disable are only part of the collection of system-related calls.
Additionally, even if disabling the functions does 'stop' it, you're doing something to PHP you shouldn't be.
Many scripts make use of functions such as eval and exec, disabling them would break them.
The best way to protect yourself from these 'shells' is to not get them in the first place.Projects:
WCDDL - The Professional DDL Script
Top Secret Project: In Development - ZOMG
ImgTrack - Never Have Dead Images Again!
-
17th Jun 2010, 04:07 PM#5
OPMemberWebsite's:
hostero.netI am not using those functions, not even one. If my script is stolen using a shell, my business is over.
And the shell would be uploaded by the person who owns that account.
-
17th Jun 2010, 04:11 PM#6
MemberNot really know - if your website/script is vuln then anybody can get into yoru system by uploading a shell.
Originally Posted by Mareshal
A good way of ensuring your secure on your website/forum etc is to ensure that it is ALWAYS upto date, secure passwords for everything (Not all the same!), Use trusted plugins etc.It's amazing, being in a community can cause hate. Competitors or not - DDOS isn't cool :)
-
17th Jun 2010, 04:23 PM#7
OPMemberWebsite's:
hostero.netI want to create a small shared hosting on a VPS. Every client will get the same PHP applications, but over the ftp he can only change the template. The application is built under CodeIgniter using MVC Structure. Controllers and models are stored somewhere in the system. I am choosing this method, instead of encoding files with zend/ioncube, because they can be decoded and my work is lost.
This is why I don't want to have a client which will upload the shell and steal my scripts.
-
17th Jun 2010, 05:28 PM#8
Member
I got a common PHP shells(like c99, r57 etc) completely blocked on my servers. If you setup/configure/secure the server well, PHP shells can't do much harm anyway.
KnownSRV.com - Quality comes at a price, and we provide it at affordable prices.
PayPal, Skrill(MoneyBookers), Payza(AlertPay), 2CheckOut and LibertyReserve accepted!
-
17th Jun 2010, 05:36 PM#9
BannedWebsite's:
KWWHunction.comhttp://www.besthostingforums.com/sho...d.php?p=340208
Read my thread i can help you if you have any security issues
Register To ReplySponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
Regex in shell
By mahjong in forum Server ManagementReplies: 0Last Post: 8th Apr 2012, 08:58 AM -
[Buying] Shell account
By mietosz in forum Completed TransactionsReplies: 4Last Post: 26th Jun 2011, 09:18 PM -
[Buying] Shell account for uploading (FS/FSC)
By miki3475 in forum Completed TransactionsReplies: 1Last Post: 3rd Jun 2011, 04:21 PM -
vbSEO ? From XSS to Reverse PHP Shell
By Europe in forum Tutorials and GuidesReplies: 2Last Post: 11th Mar 2011, 07:35 PM -
[Selling] security-shell.org
By ViPeRR in forum Completed TransactionsReplies: 2Last Post: 27th Nov 2010, 04:23 AM
Staff Online
themaPoster - post to forums and...
Version 5.07 released. Open older version (or...