shell bypass 403
UnknownSec Shell
:
/
lib
/
systemd
/
portable
/
profile
/
nonetwork
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
service.conf
# The "nonetwork" security profile for services, i.e. like "default" but without networking [Service] MountAPIVFS=yes TemporaryFileSystem=/run BindReadOnlyPaths=/run/systemd/notify BindReadOnlyPaths=/dev/log /run/systemd/journal/socket /run/systemd/journal/stdout BindReadOnlyPaths=/etc/machine-id BindReadOnlyPaths=/run/dbus/system_bus_socket DynamicUser=yes RemoveIPC=yes CapabilityBoundingSet=CAP_CHOWN CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER \ CAP_FSETID CAP_IPC_LOCK CAP_IPC_OWNER CAP_KILL CAP_MKNOD CAP_SETGID CAP_SETPCAP \ CAP_SETUID CAP_SYS_ADMIN CAP_SYS_CHROOT CAP_SYS_NICE CAP_SYS_RESOURCE PrivateTmp=yes PrivateDevices=yes PrivateUsers=yes ProtectSystem=strict ProtectHome=yes ProtectKernelTunables=yes ProtectKernelModules=yes ProtectControlGroups=yes RestrictAddressFamilies=AF_UNIX AF_NETLINK LockPersonality=yes MemoryDenyWriteExecute=yes RestrictRealtime=yes RestrictNamespaces=yes SystemCallFilter=@system-service SystemCallErrorNumber=EPERM SystemCallArchitectures=native PrivateNetwork=yes IPAddressDeny=any
© 2024 UnknownSec