Archive for October, 2009

Enabling serial port in iMX27ADS

diff –exclude CVS –exclude .git -uNr linux-2.6.22/arch/arm/mach-mx27/board-mx27ads.h linux-2.6.22.modified/arch/arm/mach-mx27/board-mx27ads.h
— linux-2.6.22/arch/arm/mach-mx27/board-mx27ads.h     2009-10-23 19:03:32.000000000 -0200
+++ linux-2.6.22.modified/arch/arm/mach-mx27/board-mx27ads.h    2009-10-23 19:03:00.000000000 -0200
@@ -73,7 +73,7 @@
#define UART2_ENABLED           1
/* UART 3 configuration */
#define UART3_MODE              MODE_DCE
-#define UART3_IR                IRDA
+#define UART3_IR                NO_IRDA
#define UART3_ENABLED           1
/* UART 4 configuration */
#define UART4_MODE              MODE_DTE

Leave a comment

Fighting Back PHP Reverse Shell

To avoid PHP reverse shell, just disable some functions in your php.ini, and restrict PHP working directory:


allow_url_fopen = Off
allow_url_include = Off

disable_functions = apache_get_modules, exec,apache_get_version, apache_getenv, apache_lookup_uri, apache_note, apache_request_headers, apache_reset_timeout, apache_response_headers, apache_setenv, c, chgrp, chmod, chown, debugger_off, debugger_on, define_syslog_var, disk_free_space, dl, escapeshellarg, escapeshellcmd,ftok, ftpexec, gid, glob, highlight_file, hypot, ini_alter, ini_get_all, ini_restore, leak, limit, link, list, listen, ls, mkdir, mysql_list_dbs, openlog, passthru, pclose, pcntl_exec, pfsockpoen, pg_host, phpinfo, popen, pos, posix_access, posix_getcwd, posix_getgid, posix_getpid, posix_getpwnam, posix_getpwuid, posix_getsid, posix_getuid, posix_i, posix_kill, posix_mkfifo, posix_mknod, posix_setgid, posix_setp, posix_setsid, posix_setuid, posix_times, posix_uname, print_rdl, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, ps_aux, ps_fill, readfile, readlink, safe_dir, satty, scandir, set_time, shell_exe, shell_exec, show_source, symlink, symlink, syslog, system, virtual

To websites that does not require PHP or provide public upload areas (where the folder owner is the apache user), add this to your virtual host in http.conf
<VirtualHost *>

php_value register_globals “Off”
php_value session.cache_limiter   “nocache”

php_admin_value open_base_dir /home/wvirt/

php_admin_flag safe_mode “On”

<Directory “/home/wvirt/”>
<FilesMatch “\.(?i:php)$”>
Order allow,deny
Deny from all
Satisfy All

Leave a comment