CCcamPHPinfo linux v4.5

satdemon

CCcamPHPinfo linux v4.5 modifaed by SatDemon

Enjoy

Attached Files

CCcamInfoPHP by SatDemon v 4.5.zip (1,003.5 KB, 300 views)

__________________
The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at or repair

ALoGeNo

hey thank you satdemon, I was installed in a folder in my apache server in debian, like /www/cccam/ and all is working but i have some issues with security (login & pass, i has been set rigth in the cccam.cfg) and with the editor, that let edit and view cccam.cfg without login, is that rigth installed or i need installed in another way?, can you give me a hand please?

Regards.

satdemon

Hi,
i recommend you to do this:
1.Create a password file
2.Set the configuration to use this password file

1.1
htpasswd -c /usr/local/apache/passwd/passwords username

htpasswd will ask you for the password, and then ask you to type it again to confirm it:
# htpasswd -c /usr/local/apache/passwd/passwords rbowen
New password: mypassword
Re-type new password: mypassword
Adding password for user rbowen

Note that in the example shown, a password file is being created containing a user called rbowen, and this password file is being placed in the location /usr/local/apache/passwd/passwords. You will substitute the location, and the username, which you want to use to start your password file.

If htpasswd is not in your path, you will have to type the full path to the file to get it to run. That is, in the example above, you would replace htpasswd with /usr/local/apache/bin/htpasswd

The -c flag is used only when you are creating a new file. After the first time, you will omit the -c flag, when you are adding new users to an already-existing password file.
htpasswd /usr/local/apache/passwd/passwords sungo

The example just shown will add a user named sungo to a password file which has already been created earlier. As before, you will be asked for the password at the command line, and then will be asked to confirm the password by typing it again.

2.2
AuthType Authentication type being used. In this case, it will be set to Basic
AuthName The authentication realm or name
AuthUserFile The location of the password file
AuthGroupFile The location of the group file, if any
Require The requirement(s) which must be satisfied in order to grant admission
These directives may be placed in a .htaccess file in the particular directory being protected, or may go in the main server configuration file, in a <Directory> section, or other scope container.

The example shown below defines an authentication realm called ``By Invitation Only''. The password file located at /usr/local/apache/passwd/passwords will be used to verify the user's identity. Only users named rbowen or sungo will be granted access, and even then only if they provide a password which matches the password stored in the password file.
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /usr/local/apache/passwd/passwords
Require user rbowen sungo

The phrase ``By Invitation Only'' will be displayed in the password pop-up box, where the user will have to type their credentials.

You will need to restart your Apache server in order for the new configuration to take effect, if these directives were put in the main server configuration file. Directives placed in .htaccess files take effect immediately, since .htaccess files are parsed each time files are served.

The next time that you load a file from that directory, you will see the familiar username/password dialog box pop up, requiring that you type the username and password before you are permitted to proceed.

or

edit

vim /etc/apache2/sites-available/default

DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>


next is .htaccess

vim /var/www/.htaccess

AuthUserFile /var/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic

require user you're user


htpasswd -c /var/.htpasswd you're user

When you restart apache (/etc/init.d/apache2 start|stop|reload|restart|configtest) it will require a user and pass.

Filter traffic
you can put this in rc.local
vim /etc/rc.local

/sbin/iptables -A INPUT -p tcp -m state --state NEW --source 127.0.0.1 --dport 16000 --destination 127.0.0.1 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m state --state NEW --source 127.0.0.1 --dport 16001 --destination 127.0.0.1 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 16000 -j DROP
/sbin/iptables -A INPUT -p tcp --dport 16001 -j DROP
/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
/sbin/iptables -A INPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP


I hope to help you at least a little bit :)

Regards

__________________
The major difference between a thing that might go wrong and a thing that cannot possibly go wrong is that when a thing that cannot possibly go wrong goes wrong it usually turns out to be impossible to get at or repair

ALoGeNo

MAN YOU ARE THE ONE! THAT IS WORKING !!

Thank a lot mate :) much apreciated

Regards