API tools faq
paste
Advertisement
Guest User

ilikenuts

a guest
Sep 24th, 2018
128
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.39 KB | None | 0 0
raw download clone embed print report
  1. ! grep '\#.*bind-address' /etc/mysql/my.cnf
  2. grep 'user.*mysql' /etc/mysql/my.cnf
  3. ! grep tsar /var/lib/mysql/ibdata1
  4. grep '\-FollowSymLinks' /etc/apache2/apache2.conf
  5. grep '-Indexes' /etc/apache2/apache2.conf
  6. grep -i 'ServerSignature.*Off' /etc/apache2/apache2.conf]
  7. ! [ -e /var/www/html/info.php ]
  8. ! [ -e /var/www/html/wp-content/plugins/wp-downloader ]
  9. grep -i 'expose_php.*Off' /etc/php5/apache2/php.ini
  10. grep -i 'display_erros.*Off' /etc/php5/apache2/php.ini
  11. grep -i 'file_uploads.*Off' /etc/php5/apache2/php.ini
  12. ! grep -i tsar /var/lib/mysql/wordpress
  13.  
  14.  
  15. {
  16. "1": ["Mysql remote acess diabled%s", 10, "! grep '\#.*bind-address' /etc/mysql/my.cnf", [" "]]
  17. "2": ["Mysql runs as mysql user%s", 5, "grep 'user.*mysql' /etc/mysql/my.cnf", [" "]]
  18. "3": ["Mysql user tsar removed%s", 5, "! grep tsar /var/lib/mysql/ibdata1", [" "]]
  19. "4": ["Wordpress user theTsar removed%s", 5, "! grep Thetsar /var/lib/mysql/ibdata1", [" "]]
  20. "5": ["Apache2 does not follow sym links%s", 5, "grep '\-FollowSymLinks' /etc/apache2/apache2.conf", [" "]]
  21. "6": ["Apache2 does not index%s", 5, "grep '-Indexes' /etc/apache2/apache2.conf", [" "]]] ]", [" "]]
  22. "10": ["PHP not exposed%s", 5, "grep -i 'expose_php.*Off' /etc/php5/apache2/php.ini", [" "]]
  23. "11": ["PHP does not display errors%s", 5, "grep -i 'display_erros.*Off' /etc/php5/apache2/php.ini", [" "]]
  24. "12": ["PHP file uploads disbaled%s", 5, "grep -i 'file_uploads.*Off' /etc/php5/apache2/php.i
  25. "7": ["Apache2 does not show signature%s", 10, "grep -i 'ServerSignature.*Off' /etc/apache2/apache2.conf]", [" "]]]
  26. "8": ["PHP info removed%s", 5, "! [ -e /var/www/html/info.php ]", [" "]]
  27. "9": ["Malicious plugin removed%s", 10, "! [ -e /var/www/html/wp-content/plugins/wp-downloaderni", [" "]]
  28. "13": ["Slanderous post removed%s", 5, "! grep -i tsar /var/lib/mysql/wordpress", [" "]]
  29. "14": ["Wordpress not functioning!%s", -40, "if [[ "$(curl -s 127.0.0.1/wp-login.php | md5sum)" != "sum" ]] ", [" "]]
  30.  
  31. }
  32.  
  33. Tevye the milkman needs help securing his buisness website. He has outlined serveral policies and standards he wants his wordpress site to meet. Only official milk related buisness and family matters may
  34. be posted to the blog. Wordpress and all its parent services must be secured in their entirety. No non-related wordpress services should run on this server.
  35.  
  36. System:
  37.  
  38. username:tevye
  39. password:williams
  40.  
  41. Wordpress:
  42.  
  43. admin
  44. password
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!