⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.93
Server IP:
65.108.141.171
Server:
Linux server.heloix.com 5.4.0-214-generic #234-Ubuntu SMP Fri Mar 14 23:50:27 UTC 2025 x86_64
Server Software:
Apache
PHP Version:
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
share
/
augeas
/
lenses
/
dist
/
tests
/
View File Name :
test_mailscanner_rules.aug
module Test_Mailscanner_Rules = let conf = "# JKF 10/08/2007 Adobe Acrobat nastiness rename \.fdf$ Dangerous Adobe Acrobat data-file Opening this file can cause auto-loading of any file from the internet # JKF 04/01/2005 More Microsoft security vulnerabilities deny \.ico$ Windows icon file security vulnerability Possible buffer overflow in Windows allow \.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$ - - deny+delete \.cur$ Windows cursor file security vulnerability Possible buffer overflow in Windows andrew@baruwa.com,andrew@baruwa.net \.reg$ Possible Windows registry attack Windows registry entries are very dangerous in email andrew@baruwa.com andrew@baruwa.net \.chm$ Possible compiled Help file-based virus Compiled help files are very dangerous in email rename to .ppt \.pps$ Renamed .pps to .ppt Renamed .pps to .ppt " test Mailscanner_Rules.lns get conf = { "#comment" = "JKF 10/08/2007 Adobe Acrobat nastiness" } { "1" { "action" = "rename" } { "regex" = "\.fdf$" } { "log-text" = "Dangerous Adobe Acrobat data-file" } { "user-report" = "Opening this file can cause auto-loading of any file from the internet" } } {} { "#comment" = "JKF 04/01/2005 More Microsoft security vulnerabilities" } { "2" { "action" = "deny" } { "regex" = "\.ico$" } { "log-text" = "Windows icon file security vulnerability" } { "user-report" = "Possible buffer overflow in Windows" } } { "3" { "action" = "allow" } { "regex" = "\.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$" } { "log-text" = "-" } { "user-report" = "-" } } { "4" { "action" = "deny+delete" } { "regex" = "\.cur$" } { "log-text" = "Windows cursor file security vulnerability" } { "user-report" = "Possible buffer overflow in Windows" } } { "5" { "action" = "andrew@baruwa.com,andrew@baruwa.net" } { "regex" = "\.reg$" } { "log-text" = "Possible Windows registry attack" } { "user-report" = "Windows registry entries are very dangerous in email" } } { "6" { "action" = "andrew@baruwa.com andrew@baruwa.net" } { "regex" = "\.chm$" } { "log-text" = "Possible compiled Help file-based virus" } { "user-report" = "Compiled help files are very dangerous in email" } } { "7" { "action" = "rename to .ppt" } { "regex" = "\.pps$" } { "log-text" = "Renamed .pps to .ppt" } { "user-report" = "Renamed .pps to .ppt" } }