NineSec Team Shell

Server IP : 184.107.3.203 / Your IP : 216.73.216.51
Web Server : Apache
System : Linux dedicated2.avenfashion.com.ph 4.18.0-553.40.1.el8_10.x86_64 #1 SMP Mon Feb 10 12:11:18 EST 2025 x86_64
User : adminteladeoro ( 1015)
PHP Version : 8.2.28
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON
Directory (0755) : /usr/share/audit/sample-rules/

[ Home ]	[ C0mmand ]	[ Upload File ]

Current File : //usr/share/audit/sample-rules/42-injection.rules

## These rules watch for code injection by the ptrace facility.
## This could indicate someone trying to do something bad or
## just debugging

#-a always,exit -F arch=b32 -S ptrace -F key=tracing
-a always,exit -F arch=b64 -S ptrace -F key=tracing
-a always,exit -F arch=b32 -S ptrace -F a0=0x4 -F key=code-injection
-a always,exit -F arch=b64 -S ptrace -F a0=0x4 -F key=code-injection
-a always,exit -F arch=b32 -S ptrace -F a0=0x5 -F key=data-injection
-a always,exit -F arch=b64 -S ptrace -F a0=0x5 -F key=data-injection
-a always,exit -F arch=b32 -S ptrace -F a0=0x6 -F key=register-injection
-a always,exit -F arch=b64 -S ptrace -F a0=0x6 -F key=register-injection

NineSec Team - 2022