shell bypass 403

UnknownSec Shell

: /proc/thread-self/root/scripts/ [ drwxr-xr-x ]
upload mass deface mass delete console info server

name : setpostgresconfig
#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/setpostgresconfig               Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

#----------------------------------------------------------------------
# XXX XXX IMPORTANT!! XXX XXX
#
# This modulino is loaded and run as a module in at least one place.
# Do NOT add exit() to this code!
#----------------------------------------------------------------------

package scripts::setpostgresconfig;

use strict;
use warnings;

use Whostmgr::Postgres            ();
use Cpanel::PwCache               ();
use Cpanel::FileUtils::TouchFile  ();
use Cpanel::PostgresAdmin         ();
use Cpanel::PostgresUtils         ();
use Cpanel::PostgresUtils::PgPass ();
use Cpanel::Postgres::Connect     ();    # PPI USE OK -- This binary always needs to so ok perlcc ahead of time
use Cpanel::Config::Users         ();
use Cpanel::Usage                 ();
use Cpanel::SafeFile              ();

exit( run(@ARGV) ) unless caller();

my $dryrun  = 0;
my $force   = 0;
my $verbose = 0;

sub run {
    my (@argv) = @_;

    my $dryrun  = 0;
    my $force   = 0;
    my $verbose = 0;

    my %opts = (
        'dryrun'  => \$dryrun,
        'dry-run' => \$dryrun,
        'force'   => \$force,
        'verbose' => \$verbose,
    );

    # ==== init process options
    Cpanel::Usage::wrap_options( \@argv, \&usage, \%opts );
    $verbose = 1 if $dryrun;

    my $setup = scripts::setpostgresconfig->new( dryrun => $dryrun, force => $force, verbose => $verbose );

    return $setup->check() ? 0 : 1;
}

sub new {
    my ( $class, %opts ) = @_;

    return bless {%opts}, $class;
}

sub check {
    my $self = shift;

    my @actions = qw{check_prerequires};
    push @actions, 'check_first_upgrade' unless $self->{force};
    push @actions, qw{update_config fix_users add_lock};

    foreach my $action (@actions) {
        $self->msg("running action $action") if $self->{dryrun};
        my $status = $self->$action();
        return $status unless $status && $status == 1;
    }

    return 1;
}

sub check_prerequires {
    my $self = shift;

    return $self->by("Cannot find postgres version.") unless Whostmgr::Postgres::get_version();
    return $self->by("Cannot find pgsql_data dir.")   unless Cpanel::PostgresUtils::find_pgsql_data();

    if ( $self->{force} && !-e _pg_hba_file() ) {
        my $pg_hba = _pg_hba_file();
        Cpanel::FileUtils::TouchFile::touchfile($pg_hba);
        my $user = Cpanel::PostgresUtils::PgPass::getpostgresuser();
        my ( $uid, $gid ) = ( Cpanel::PwCache::getpwnam($user) )[ 2, 3 ];

        # If we change the uid/gid on the file we need to update Whostmgr::Postgres::update_config
        chown( $uid, $gid, $pg_hba ) or warn "Failed to chown($uid,$gid,$pg_hba): $!";

        # If we change the mode on the file we need to update Whostmgr::Postgres::update_config
        chmod( 0600, $pg_hba ) or warn "Failed to chmod(0600,$pg_hba): $!";

    }

    return $self->by("Cannot find pg_hba.conf.") unless -e _pg_hba_file();

    return 1;
}

sub check_first_upgrade {
    my $self = shift;

    my $cfg;
    my $lock = Cpanel::SafeFile::safeopen( $cfg, '<', _pg_hba_file() );
    return $self->by("cannot read config file") unless $lock;
    my $ok = grep { /^\s*local\s+samerole\s+all/ } (<$cfg>);
    Cpanel::SafeFile::safeclose( $cfg, $lock );
    if ($ok) {
        $self->msg("Nothing todo, configuration looks fine.");

        # solve problem with users having already upgraded to 11.36.1 without the lock file
        $self->add_lock();
        return -1;
    }
    return $self->by("Warning: pg_hba.conf was secured but entries have been removed ( you can run it with --force ).") if !$self->{force} && -e _version_file();

    return 1;
}

sub add_lock {
    return Cpanel::FileUtils::TouchFile::touchfile( _version_file() );
}

sub _version_file {
    return '/var/cpanel/version/pg_hba_conf_secured';
}

sub _pg_hba_file {
    return join( '/', Cpanel::PostgresUtils::find_pgsql_data(), 'pg_hba.conf' );
}

sub usage {
    my $prog = $0;
    $prog =~ s{^.+/(.+)$}{$1};
    print <<EOF;
$prog [options] [ -f FILE ]

This script will improve postgres security :
    - update pg_hba.conf
    - create role foreach database
    - grant users to roles

Modifiers Flags:

    --force     - force to update config.
    --verbose   - display some friendly verbose messages.
    --dry-run   - do nothing and display some verbose messages.
    --help      - dislay this help message and exit.
EOF
    exit;

}

sub update_config {
    my $self = shift;

    my $dryrun = $self->{dryrun};

    $self->msg( "-", $dryrun ? 'will' : '', "update postgres configuration" );
    $self->msg("\tnothing done [dryrun]") and return if $dryrun;
    my ( $status, $message ) = Whostmgr::Postgres::update_config();
    $self->by("Cannot update postgres config") unless $status;
    $self->msg($message) if $message;
    return Whostmgr::Postgres::reload();
}

sub fix_users {
    my $self = shift;

    my $postgresadmin = Cpanel::PostgresAdmin->new( { 'cpuser' => 'root' } );

    return 0 if !$postgresadmin;

    foreach my $cpuser ( Cpanel::Config::Users::getcpusers() ) {
        local $postgresadmin->{'cpuser'} = $cpuser;

        $postgresadmin->clear_map();
        my @dbs = $postgresadmin->listdbs();
        next unless scalar @dbs;
        $postgresadmin->setupdbrole( \@dbs );

        my %dbusers = $postgresadmin->listusersindb();

        foreach my $db ( keys %dbusers ) {
            foreach my $user ( @{ $dbusers{$db} } ) {
                $self->msg( '-', $dryrun ? 'will' : '', 'repair access to', $db, 'for user', $user );
                next if $dryrun;
                $postgresadmin->addusertodb( $db, $user, 1 );
            }
        }
    }
    return 1;
}

sub msg {
    my ( $self, @msg ) = @_;
    print join( ' ', @msg, "\n" ) if $self->{verbose};
    return;
}

sub by {
    my ( $self, @msg ) = @_;
    $self->msg(@msg);
    return;
}

1;

© 2025 UnknownSec
Web Design for Beginners | Anyleson - Learning Platform
INR (₹)
India Rupee
$
United States Dollar
Your cart is empty
Empty notifications
Login Register
Web Design for Beginners

Web Design for Beginners

in Design
Created by Linda Anderson
+2
5 Users are following this upcoming course
Course Published
This course was published already and you can check the main course
Course
Web Design for Beginners

Web Design for Beginners
in Design
Linda Anderson
Linda Anderson
4.25
1:45 Hours
8 Jul 2021
₹11.80

What you will learn?

Create any website layout you can imagine

Support any device size with Responsive (mobile-friendly) Design

Add tasteful animations and effects with CSS3

Course description

You can launch a new career in web development today by learning HTML & CSS. You don't need a computer science degree or expensive software. All you need is a computer, a bit of time, a lot of determination, and a teacher you trust. I've taught HTML and CSS to countless coworkers and held training sessions for fortune 100 companies. I am that teacher you can trust. 


Don't limit yourself by creating websites with some cheesy “site-builder" tool. This course teaches you how to take 100% control over your webpages by using the same concepts that every professional website is created with.


This course does not assume any prior experience. We start at square one and learn together bit by bit. By the end of the course you will have created (by hand) a website that looks great on phones, tablets, laptops, and desktops alike.


In the summer of 2020 the course has received a new section where we push our website live up onto the web using the free GitHub Pages service; this means you'll be able to share a link to what you've created with your friends, family, colleagues and the world!

Requirements

No prerequisite knowledge required

No special software required

Comments (0)

View Course
You'll get notified about course publish
This course includes:
Downloadable content
Official certificate
Quizzes
Instructor support
Course Forum
Reminder
Favorite
Share

Course specifications

Publish Date:
15 Mar 2023 | 09:30
Duration:
3:30 Hours
Sections:
6
Parts:
85
Price:
₹10
Progress:
100%
Linda Anderson

Linda Anderson

IT Technician at IBM
4.63
Faithful User
Senior Vendor
Golden Classes
Best Seller
Fantastic Support
Profile Book a Meeting

Tags

Web Design

Report course

Please describe about the report short and clearly.

Share

Share course with your friends

https://anyleson.com/upcoming_courses/Web-Design-for-Beginners
telegram Telegram whatsapp Whatsapp facebook Facebook twitter Twitter