This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Security issue urgent
#1
Security issue urgent
Hello to everybody. I am using sentora as my panel many year, since zpanel 1.0.0.0.
I am the only one that can 

Yesterday i executed a php function that returned me the full access to sentora db.

echo shell_exec("cat /etc/sentora/panel/cnf/db.php");

* @author Bobby Allen (ballen@bobbyallen.me)
* @copyright ZPanel Project (http://www.zpanelcp.com/)
* @link http://www.zpanelcp.com/
* @license GPL (http://www.gnu.org/licenses/gpl.html)
*/
$host = 'localhost';
$dbname = 'sentora_core';
$user = 'root';
$pass = 'xxxxxxxxxxxxxxxxx';

Did i do something wrong during the installation?

Thank you
Thanks given by:
#2
RE: Security issue urgent
(02-12-2020, 05:23 PM)johnnyp Wrote: Hello to everybody. I am using sentora as my panel many year, since zpanel 1.0.0.0.
I am the only one that can 

Yesterday i executed a php function that returned me the full access to sentora db.

echo shell_exec("cat /etc/sentora/panel/cnf/db.php");

* @author Bobby Allen (ballen@bobbyallen.me)
* @copyright ZPanel Project (http://www.zpanelcp.com/)
* @link http://www.zpanelcp.com/
* @license GPL (http://www.gnu.org/licenses/gpl.html)
*/
$host = 'localhost';
$dbname = 'sentora_core';
$user = 'root';
$pass = 'xxxxxxxxxxxxxxxxx';

Did i do something wrong during the installation?

Thank you
 
Hi Johnnyp,

Could you explain more in detail... 

What version of Sentora are you using? You can find this by login into Control Panel then go to ADMIN->UPDATES.

What version of PHP?

How did you run the PHP Function-

Code:
echo shell_exec("cat /etc/sentora/panel/cnf/db.php");

Did you run it from a php script in a vhost or add it to somewhere in panel like text input??? Im here to help.
-Jettaman-

NEW: Sentora v.2.0.1 has been released!!!

Sentora's quick recovery depends on community support and donations. We need to stand as one and help Sentora into the future.

Donate HERE and do your part. We thank you for your support.
Thanks given by:
#3
RE: Security issue urgent
Hi, i am running the latest sentora version 1.0.3 on an ubuntu 14.04.06 virtual server.
any user can just create a php file and execute that command.

I understannd that shell_exec cmd should be disabled but it is a function that is much needed in many scripts.

I found that "bug" while i was writing a module to deal with ssl certificates and had to read some files in order to deside if i will update them or not.

Anuway i use sentora for personal use only so i have no problem with that function, just thought to let you know.

I find sentora a good panel but some needed functions are missing.

Btw how can i use the zsudo binary to restart apache after ssl creation?

Have a nice day
Thanks given by:
#4
RE: Security issue urgent
issn't the shell_exec function disabled by default tru suhosin?
So if you can run shell_exec you costumed Sentora and you compromised the security of Sentora yourself or suhosin is broken.

Quote:php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"

I got this message:
Quote:Warning: shell_exec() has been disabled for security reasons in /var/sentora/hostdata/zadmin/public_html/xxx_xx/test.php on line 5

When executing:
Code:
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
echo shell_exec("cat /etc/sentora/panel/cnf/db.php");
?>

My Sentora DemoMy GithubAuxio Github
Zentora themeS-Type themeCstyleX theme
flat-color-iconssmall-n-flat-icons

Sentora's development takes way too long, so i'm transitioning to HestiaCP.
Thanks given by:
#5
RE: Security issue urgent
likely a modded php version and this why you shouldn't run it without suhosin jail.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Thanks given by:
#6
RE: Security issue urgent
(02-15-2020, 12:24 AM)Ron-e Wrote: issn't the shell_exec function disabled by default tru suhosin?
So if you can run shell_exec you costumed Sentora and you compromised the security of Sentora yourself or suhosin is broken.


I got this message:

When executing:
Code:
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
echo shell_exec("cat /etc/sentora/panel/cnf/db.php");
?>

Well it seems that i did my self, but shouldn't the admin be able to just enable some commands to some users?

I believe that some commands are crucial for web development and exec is one of them. 

Maybe locking php interpreter inside a user virtual home would be a solution to that. 

Anyway as stated i do not use the cpanel for commercial use so i can't find any security issues by enabling some commands as i am the only one that has access to php but on the other hand i can think some situations were a simple code injection could be catastrophic. 

What is your opinion on that, am i safe with disabled suhosin as long as i am the only one with access to server? 

Thank you.
Thanks given by:
#7
RE: Security issue urgent
This is PHP and I'm afraid you can't, in fact there is a hack you can change some suhosin commands but it's not advised.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Thanks given by:
#8
RE: Security issue urgent
Sorry for late reply.
It's ok, so anyone that wants to use sentora as public hosting panel must use the suhosin functions.
Thank you all for your time.
Thanks given by: jibranahmed


Possibly Related Threads…
Thread Author Replies Views Last Post
Old issue on Daily Backup iraqiboy90 24 111 ,736 12-26-2020, 12:48 PM
Last Post: conglynina
sub-domain issue kevwebbie 15 29 ,586 12-21-2018, 05:51 PM
Last Post: kevwebbie
Wordpress "Temp Folder Missing" Issue NickNeverSleeps 5 12 ,344 12-13-2018, 09:20 PM
Last Post: ngeluis@gmail.com

Forum Jump:


Users browsing this thread: 1 Guest(s)