Skip to content

Instantly share code, notes, and snippets.

View chris001's full-sized avatar

Chris Coleman chris001

34 followers · 5 following
View GitHub Profile
@dergachev
dergachev / setuid-root-backdoor.md
Last active May 24, 2024 13:43
How to use setuid to install a root backdoor.

Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.

While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).

If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur

@KyleGawryluk
KyleGawryluk / gist:7418600
Created November 11, 2013 19:09
SugarCRM - Generating custom error popup from logic hook
Create a custom view to load popup widget js
custom/modules/{module}/views/view.detail.php
<?php
if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
require_once('include/json_config.php');
require_once('include/MVC/View/views/view.detail.php');
class po_purchaseOrdersViewDetail extends ViewDetail {
@dergachev
dergachev / enlarge-proxmox-root-partition.sh
Last active April 12, 2024 09:30
# Copied from http://ttaportal.org/wp-content/uploads/2012/10/7-Reallocation-using-LVM.pdf
##
## Showing the problem: need to reallocate 32GB from /dev/mapper/pve-data to /dev/mapper/pve-root
##
df -h
# Filesystem Size Used Avail Use% Mounted on
# /dev/mapper/pve-root 37G 37G 0 100% /
# tmpfs 2.0G 0 2.0G 0% /lib/init/rw
@cballou
cballou / get-ip-address-optimized.php
Created March 26, 2012 00:51
PHP - Advanced Method to Retrieve Client IP Address
<?php
function get_ip_address() {
$ip_keys = array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR');
foreach ($ip_keys as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $ip) {
// trim for safety measures
$ip = trim($ip);
// attempt to validate IP
if (validate_ip($ip)) {
@1stvamp
1stvamp / mac-curl-ca-bundle.sh
Created March 22, 2012 12:50
Script to install cURL CA certificates on OS X without macports
#!/bin/bash
mkdir /tmp/curl-ca-bundle
cd /tmp/curl-ca-bundle
wget http://curl.haxx.se/download/curl-7.22.0.tar.bz2
tar xzf curl-7.22.0.tar.bz2
cd curl-7.22.0/lib/
./mk-ca-bundle.pl
if [ ! -d /usr/share/curl/ ]; then
sudo mkdir -p /usr/share/curl/
else