Contenu connexe Plus de Daniel Garcia (a.k.a cr0hn) (19) III Hack and beers: evadiendo técnicas de fingerprinting en Linux y Wordpress6. ##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_tokens off; # version number in error pages
# server_name_in_redirect off; # if off, nginx will use the
requested Host header
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
…..
10. if ($uri ~ "readme.|(html|txt)$" ) {
return 301 /;
}
Modo enfermizo:
wp-includes/general-template.php
11. Reset Kernel
sysctl -w net.ipv4.ip_default_ttl=64
sysctl -w net.ipv4.ip_local_port_range="32768 61000"
sysctl -w net.ipv4.tcp_rmem="4096 87380 6291456"
sysctl -w net.ipv4.tcp_wmem="4096 16384 4194304"
Acces Wordpress info:
url
u: manuesoyyo
p: 10sdk8j2