403WebShell

????JFIF??x?x????'403WebShell403Webshell
Server IP : 79.136.114.73 / Your IP : 3.145.124.186
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /usr/share/sendmail/
Upload File :
[ Back ]
Current File : /usr/share/sendmail/update_auth
#!/bin/sh -e
#-----------------------------------------------------------------------------
#
# $Sendmail: update_auth,v 8.14.4 2019-02-05 18:41:16 cowboy Exp $
#
# Sendmail support for SMTP AUTH (SASL)
#
# Copyright (c) 2000-2010 Richard Nelson.  All Rights Reserved.
#
# Notes:
#
#-----------------------------------------------------------------------------
set -e;

NEW=0;
DEFAULT=0;
HOSTNAME=`hostname -s`;
HOSTFQDN=`hostname -f`;
DOMAINNAME=`hostname -d`;
SMUID=sendmail;
SMAID=sendmail;
SMPWD=sendmailpwd;
SMRLM="$HOSTNAME.$DOMAINNAME";
SMMCH='';

# Path to other sendmail helpers
if [ -x ./update_sendmail ]; then
	sm_path='.';
elif [ -x $(dirname $0)/update_sendmail ]; then
	sm_path=$(dirname $0);
else
	sm_path=/usr/share/sendmail;
	fi;
# Bring in sendmail.conf for the network definitions
if [ ! -f /etc/mail/sendmail.conf ]; then
	if [ -x $sm_path/update_conf ]; then
		$sm_path/update_conf;
		fi;
	fi; 
if [ -f /etc/mail/sendmail.conf ]; then
	. /etc/mail/sendmail.conf;
	fi;
if [ "$HANDS_OFF" != 'No' ]; then
	exit 0;
	fi;

# See what sendmail was linked with
if [ "yes" != "yes" ]; then
	echo "SASL support not included in sendmail, skipping...";
	exit 0;
elif [ 2 -eq 2 ]; then
	SASLDBLISTUSERS='/usr/sbin/sasldblistusers2';
	SASLPASSWD='/usr/sbin/saslpasswd2';
	SASLLIB='/usr/lib/sasl2';
	SASLSO='2';
	SASLDB='/etc/sasldb2';
	SASL_BIN='sasl2-bin';
	SASL_LIB='libsasl2';
	SASL='SASL2';
elif [ 2 -eq 1 ]; then
	SASLDBLISTUSERS='/usr/sbin/sasldblistusers';
	SASLPASSWD='/usr/sbin/saslpasswd';
	SASLLIB='/usr/lib/sasl';
	SASLSO='1';
	SASLDB='/etc/sasldb';
	SASL_BIN='sasl-bin';
	SASL_LIB='libsasl';
	SASL='SASL';
	fi;	

# Check if SASL is installed
if [ ! -d ${SASLLIB} ]; then
	cat <<-EOT

		${SASL} not installed, not configuring sendmail support.

		EOT
	if [ "${SASLSO}" = '1' ]; then
		cat <<-EOT
		To install ${SASL}, get ${SASL_BIN}, ${SASL_LIB}-modules-plain,
		${SASL_LIB}-digestmd5-plain or ${SASL_LIB}-digestmd5-des.
		EOT
	else
		cat <<-EOT
		To install ${SASL}, get ${SASL_BIN} and ${SASL_LIB}-modules.
		EOT
		fi;
	cat <<-EOT

		To enable sendmail ${SASL} support at a later date, invoke "$0"

		EOT
	exit 0;
	fi;

# Check for sasl-bin (wherein resides saslpasswd)
if [ ! -x ${SASLPASSWD} ]; then
	cat <<-EOT
		${SASL_BIN} not installed, not configuring sendmail support.

		To enable sendmail ${SASL} support at a later date, invoke "$0"

		EOT
	exit 0;
	fi;
#echo " ";
#echo "Creating/Updating ${SASL} information";
touch /etc/mail/tsasl;
if chown root:sasl /etc/mail/tsasl 2>/dev/null; then
	adduser smmta sasl 1>/dev/null 2>&1;
	adduser smmsp sasl 1>/dev/null 2>&1;
	fi;
	rm /etc/mail/tsasl;

# See if we need to rename an existing SASL info file
if [ -f /etc/mail/auth-info ] \
&&	[ ! -f /etc/mail/default-auth-info ]; then
	mv /etc/mail/auth-info \
		/etc/mail/default-auth-info;
	fi;

# Use exisisting SASL auth information
if [ -f /etc/mail/default-auth-info ]; then
	SMUID=$(head -n1 /etc/mail/default-auth-info);
	SMAID=$(head -n2 /etc/mail/default-auth-info | tail -n1 -);
	SMPWD=$(head -n3 /etc/mail/default-auth-info | tail -n1 -);
	SMRLM=$(head -n4 /etc/mail/default-auth-info | tail -n1 -);
	SMMCH=$(head -n5 /etc/mail/default-auth-info | tail -n1 -);
	fi;

# Check for default settings, used in later test
if [ "$SMUID" = 'sendmail' ] \
&& [ "$SMAID" = 'sendmail' ] \
&& [ "$SMPWD" = 'sendmailpwd' ]; then
	DEFAULT=1;
	fi;

# Create Default SASL auth information
if [ ! -f /etc/mail/default-auth-info ]; then
	cat <<-EOT > /etc/mail/default-auth-info
	$SMUID
	$SMAID
	$SMPWD
	$SMRLM
	$SMMCH
	EOT
	fi;

# Create any missing SASL configuration files
if [ -d ${SASLLIB} ]; then
	# SASL password configuration
	if [ ! -f ${SASLLIB}/saslpasswd.conf ]; then
		NEW=1;
		cp /usr/share/sendmail/examples/sasl/saslpasswd.conf.${SASLSO} \
			${SASLLIB}/saslpasswd.conf;
		fi;
	chown root:root ${SASLLIB}/saslpasswd.conf;
	chmod 0640 ${SASLLIB}/saslpasswd.conf;

	# Sendmail SASL configuration
	if [ -L ${SASLLIB}/Sendmail.conf ]; then
		ln -sf /etc/mail/sasl/Sendmail.conf.${SASLSO} \
			${SASLLIB}/Sendmail.conf;
	else
		if [ -f ${SASLLIB}/Sendmail.conf ]; then
			mv ${SASLLIB}/Sendmail.conf \
				/etc/mail/sasl/Sendmail.conf.${SASLSO};
			fi;
		ln -sf /etc/mail/sasl/Sendmail.conf.${SASLSO} \
			${SASLLIB}/Sendmail.conf;
		fi;

	# Make sure libraries are properly installed...
	( cd ${SASLLIB} && \
	if [ -L libanonymous.so.${SASLSO} ] && [ ! -L libanonymous.so ]; then \
		ln -s libanonymous.so.${SASLSO} libanonymous.so; \
		fi; \
	if [ -L libcrammd5.so.${SASLSO} ] && [ ! -L libcrammd5.so ]; then \
		ln -s libcrammd5.so.${SASLSO} libcrammd5.so; \
		fi; \
	if [ -L libdigestmd5.so.${SASLSO} ] && [ ! -L libdigestmd5.so ]; then \
		ln -s libdigestmd5.so.${SASLSO} libdigestmd5.so; \
		fi; \
	if [ -L libdigestmd5.so.0 ] && [ ! -L libdigestmd5.so ]; then \
		ln -s libdigestmd5.so.0 libdigestmd5.so; \
		fi; \
	if [ -L libgssapiv2.so.${SASLSO} ] && [ ! -L libgssapiv2.so ]; then \
		ln -s libgssapiv2.so.${SASLSO} libgssapiv2.so; \
		fi; \
	if [ -L liblogin.so.${SASLSO} ] && [ ! -L liblogin.so ]; then \
		ln -s liblogin.so.${SASLSO} liblogin.so; \
		fi; \
	if [ -L liblogin.so.0 ] && [ ! -L liblogin.so ]; then \
		ln -s liblogin.so.0 liblogin.so; \
		fi; \
	if [ -L libplain.so.${SASLSO} ] && [ ! -L libplain.so ]; then \
		ln -s libplain.so.${SASLSO} libplain.so; \
		fi; )
	fi;

# Create/update sendmail SASL files
chown smmta:smmsp /etc/mail/sasl;
chmod 0755 /etc/mail/sasl;
if [ ! -f /etc/mail/sasl/Sendmail.conf.${SASLSO} ] \
&& [ -f /etc/mail/sasl/Sendmail.conf ]; then
		mv /etc/mail/sasl/Sendmail.conf \
			/etc/mail/sasl/Sendmail.conf.${SASLSO};
	fi;
if [ ! -f /etc/mail/sasl/Sendmail.conf.${SASLSO} ]; then
	NEW=1;
	cp /usr/share/sendmail/examples/sasl/Sendmail.conf.${SASLSO} \
		/etc/mail/sasl/;
	fi;
chown smmta:smmsp /etc/mail/sasl/Sendmail.conf.${SASLSO};
chmod 0640 /etc/mail/sasl/Sendmail.conf.${SASLSO};

#---------------------------------------------------------------------------
# Make sure prototype /etc/mail/sasl/sasl.m4 exists
$sm_path/update_authm4 || true;

# Recommend PAM for sendmail authorization
if [ "${SASLSO}" = "2" ]; then
	if grep -qEe '^[[:space:]]*auto_transition:[[:space:]]*false' \
		/etc/mail/sasl/Sendmail.conf.${SASLSO}; then
		sed -e \
			's?^[[:space:]]*auto_transition:.*$?auto_transition: true?' \
			/etc/mail/sasl/Sendmail.conf.${SASLSO} \
			> /etc/mail/sasl/Sendmail.conf.new;
		fi;
	if [ -f /etc/mail/sasl/Sendmail.conf.new ]; then
		chown smmta:smmsp /etc/mail/sasl/Sendmail.conf.new;
		chmod 0644 /etc/mail/sasl/Sendmail.conf.new;
		mv /etc/mail/sasl/Sendmail.conf.new \
		/etc/mail/sasl/Sendmail.conf.${SASLSO};
		fi;

	cat <<-EOT
	
	Ah, you're setup with SASL${SASLSO} !

	Unfortunately, there is no automagic way to migrate to ${SASLDB} :(

	You'll want to make sure /etc/default/saslauthd is setup to start,
	and has at least MECHANISMS="pam" !

	If you find out what more is needed, please let me know!
	EOT
else 
	if ! grep -qEe "^[[:space:]]*pwcheck_method:[[:space:]]*PAM" \
		${SASLLIB}/Sendmail.conf; then
		cat <<-EOT

		It is *strongly* recommended that you use PAM as the authentication
		method for sendmail via ${SASL}.  Doing so will allow *all* your shell
		users (those with an /etc/passwd entry) to automagically authenticate
		themselves when using a MUA with ${SASL} support turned on.

		Do you wish to use PAM (Y|n)?
		EOT
		read yn;
		yn=$(echo -n "$yn" | sed -e "s/^\ *//" -e "s/^\t*//");
		test -n "$yn" || yn="Y";
		case "$yn" in
			[Yy]*)
				if grep -qEe '^[[:space:]]*pwcheck_method:' \
					/etc/mail/sasl/Sendmail.conf.${SASLSO}; then
					sed -e \
					's?^[[:space:]]*pwcheck_method:.*$?pwcheck_method: PAM?' \
					/etc/mail/sasl/Sendmail.conf.${SASLSO} \
					> /etc/mail/sasl/Sendmail.conf.new;
				else
					echo 'pwcheck_method: PAM' \
						| cat /etc/mail/sasl/Sendmail.conf.${SASLSO} - \
						> /etc/mail/sasl/Sendmail.conf.new;
					fi;
				if [ -f /etc/mail/sasl/Sendmail.conf.new ]; then
					chown smmta:smmsp /etc/mail/sasl/Sendmail.conf.new;
					chmod 0640 /etc/mail/sasl/Sendmail.conf.new;
					mv /etc/mail/sasl/Sendmail.conf.new \
						/etc/mail/sasl/Sendmail.conf.${SASLSO};
					fi;
				;;
			esac;
		fi;
	fi;

# Make sure default-auth-info is secure
if [ -f /etc/mail/default-auth-info ]; then
	chown smmta:smmsp /etc/mail/default-auth-info;
	chmod 0640 /etc/mail/default-auth-info;
	fi;

# Create skeleton file, the saslpasswd command will get a failure ;-{
if [ ! -f ${SASLDB} ]; then
	NEW=1;
	if [ -x ${SASLPASSWD} ]; then
		${SASLDBLISTUSERS} 1>/dev/null 2>&1 || true;
		echo "$SMPWD" | ${SASLPASSWD} -p -c -u $SMRLM $SMAID \
			1>/dev/null 2>&1 || true;
		chown root:sasl ${SASLDB};
		chmod 0660 ${SASLDB};
	else
		echo "*** You do not have the ${SASL_BIN} package installed!";
		echo "*** Please install it and rerun $0";
		echo "*** Sendmail can't use ${SASL} until this is done...";
		fi;
	fi;

# Set SMTP auth password
if [ -x ${SASLPASSWD} ]; then
	if [ $DEFAULT = 0 ]; then
		echo "$SMPWD" | ${SASLPASSWD} -p -c -u $SMRLM $SMAID || true;
	else
		${SASLPASSWD} -d -u $SMRLM $SMAID 1>/dev/null 2>&1 || true;
		fi;
	fi;

# For sendmail, /etc/sasldb must be 0600 or (0640/0660 w/dontblamesendmail)
if [ -f ${SASLDB} ]; then
	find ${SASLDB} -gid 0 -print | xargs -r chown root:sasl;
	find ${SASLDB} -gid 8 -print | xargs -r chown root:sasl;
	find ${SASLDB} -group smmsp -print | xargs -r chown root:sasl;
	chmod g-x,o-rwx ${SASLDB};
	fi;

# Tell them about the new wizbang features...
if [ $NEW -eq 1 ]; then
	cat <<-EOT

	To enable sendmail to use SASLS, you need to:
		1) Add this line to /etc/mail/sendmail.mc and optionally
		   to /etc/mail/submit.mc:
			  include(\`/etc/mail/sasl/sasl.m4')dnl
		2) Run sendmailconfig
		3) Restart sendmail

	${SASL} is now minimally setup, there are a few ways to handle users:
	   *) Allow only shell users (default)
		  You're all set, nothing else to do !
	   *) Allow users other than shell
		  Add users via ${SASLPASSWD} and make sure that the
		  realm you used matches what your users specify in their
		  netscape/outlook/mutt/etc profiles.

	If you need to authorize sendmail as a sender, also update
	/etc/mail/default-auth-info and rerun $0.

	EOT
	fi;
Youez - 2016 - github.com/yon3zu
LinuXploit