General Informations Online Notebook

Finding web backdoor shells (1) grep -RPn "(system|phpinfo|pcntl_exec|python_eval|base64_decode|gzip|mkdir|fopen|fclose|read file|passthru)" (2) Install GIT and download git clone ssh://git@github.com:Neohapsis/NeoPI.git (see the documentation) (3) grep -RPl --include=*.{php,txt,asp} "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile) *\(" /var/www/ (4) grep -RPnDskip "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile) *\(" public_html/ Other Useful Links

if (/^From: .*@conal\.com/) {         log "conal.com disable SPAM filtering"     to "$HOME/$DEFAULT" } if (/^From: .*@atl\.com/) {         log "atl.com disable SPAM filtering"     to "$HOME/$DEFAULT" }}

Option FollowSymLinks not allowed here Virtualmin: To fix change FollowSymlinks to SymLinksIfOwnerMatch

E: The package XXXXX needs to be reinstalled, but I can't find an archive for it. Solution: sudo gedit /var/lib/dpkg/status Search for the broken / problematic package and delete the lines (a paragrah like or something like that whatever you might call it. Then save.

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf /etc/mail/sendmail.mc:10: m4: cannot open `/usr/share/sendmail-cf/m4/cf.m4': No such file or directory Reason :  sendmail-cf    is not installed yum install sendmail-cf

if you have example portal.tenerife.com portal.mazaredo.com portal.antolines.com and you want to redirect it to www.mazaredo.com in httpd.conf put this line RewriteEngine on RewriteCond %{HTTP_HOST} !^portal\.!^\.com$ [NC] RewriteRule ^(.*)$ http://www.mazaredo.com/$1 [R=301,L] As you can see the the url has 3 parts    portal, domain, com  !^portal\.!^\.com$ first part is !^portal\     you can also remove portal so any .com request going to your site will be redirected. second part is !^\ where it is like * anything. last part is .com$

Setup: Centos 5.8 HVM Xen (Use Default Installation) My ethernets are eth1 and eth2 since somethings wrong with eth0 so change eth numbers to your needs 1. Edit Xen Config : xend-config.sxp edit the network script to (network-script network-xen-multi-bridge) 2. Copy network-bridge to network-bridge.xen in scripts folder ---- network-xen-multi-bridge script---- #!/bin/sh # network-xen-multi-bridge # Exit if anything goes wrong. set -e # First arg is the operation. OP=$1 shift script=/etc/xen/scripts/network-bridge.xen case ${OP} in start)         $script start vifnum=1 bridge=xenbr1 netdev=eth1         $script start vifnum=2 bridge=xenbr2 netdev=eth2         ;; stop)         $script stop vifnum=1 bridge=xenbr1 netdev=eth1         $script stop vifnum=2 bridge=xenbr2 netdev=eth2  ...