Team Injector Hack Into Exploit-db Website !


================================
Data Extracted From Exploit-db's Server !
================================

$ uname -a
Linux www 2.6.32-25-server #45-Ubuntu SMP Sat Oct 16 20:06:58 UTC 2010 x86_64 GNU/Linux


$ id
uid=33(www-data) gid=33(www-data) groups=33(www-data)


$ pwd
/var/www


$ ls -la
total 24180
drwxr-xr-x 18 www-data www-data     4096 Nov 26 10:16 .
drwxr-xr-x 19 root     root         4096 Sep 24 09:26 ..
-rw-r--r--  1 www-data www-data     1005 Nov 12 19:03 .htaccess
-rw-r--r--  1 www-data www-data      764 Nov  5 17:32 .htaccess.save
-rw-r--r--  1 www-data www-data  2820676 Nov 15 14:26 1920x1200_edb-wallpaper.png
drwxr-xr-x  4 www-data www-data     4096 Nov 11 07:43 92384723987239847239847234982734
-rw-r--r--  1 www-data www-data    46149 Nov 11 17:04 apc123456.php
-rw-r--r--  1 www-data www-data 10723590 Nov 28 06:52 archive.tar.bz2
-rw-r--r--  1 www-data www-data    18851 Jul  9 14:42 disclosure.html
-rw-r--r--  1 www-data www-data    11662 Nov 11 11:42 dorkorinos.txt
drwxr-xr-x  2 www-data www-data     4096 Jul  9 14:42 edbpartners
-rw-r--r--  1 www-data www-data     1406 Jul  9 14:53 favicon.ico
-rw-r--r--  1 www-data www-data     1921 Jul  9 14:42 feature.txt
-rw-r--r--  1 www-data www-data     1923 Jul 11 16:01 feature1.txt
drwxr-xr-x 21 www-data www-data     4096 Nov 22 20:06 forums
drwxr-xr-x  2 www-data www-data     4096 Sep 23 06:41 funny404
-rw-r--r--  1 www-data www-data     1119 Nov 22 07:45 gd_rss.php
-rw-r--r--  1 www-data www-data       65 Aug 26 04:53 goaway.php
-rw-r--r--  1 www-data www-data       53 Jul  9 14:42 googled6c4817aa45e0032.html
-rw-r--r--  1 www-data www-data        5 Nov 11 07:24 hola.txt
-rw-r--r--  1 www-data www-data  3154634 Nov 11 07:25 hola.xml
drwxr-xr-x 15 www-data www-data     4096 Nov 22 15:50 images
-rw-r--r--  1 www-data www-data      397 Aug 26 04:53 index.php
drwxr-xr-x  2 www-data www-data     4096 Nov  4 12:20 leetdownloads
-rw-r--r--  1 www-data www-data      311 Nov 12 18:40 maintenance.php
drwxr-xr-x  2 root     root         4096 Nov 26 10:18 movies
-rw-r--r--  1 www-data www-data      106 Aug 26 04:53 news.php
drwxr-xr-x  2 www-data www-data     4096 Nov 11 17:20 nginx-default
-rw-r--r--  1 www-data www-data      220 Oct 30 17:00 pagerank.html
-rw-r--r--  1 www-data www-data      761 Sep  6 06:12 rating.txt
-rw-r--r--  1 www-data www-data     9122 Aug 18 05:32 readme.html
-rw-r--r--  1 www-data www-data       47 Jul  9 14:53 robots_ssl.txt
-rw-r--r--  1 www-data www-data  4007150 Dec  1 07:47 ror.xml
-rw-r--r--  1 www-data www-data     2102 Sep  1 05:40 rss.php
drwxr-xr-x  2 www-data www-data     4096 Jul  9 14:42 scripts
-rw-r--r--  1 www-data www-data     1056 Sep  3 18:05 search-mobile.php
-rw-r--r--  1 www-data www-data      108 Aug 26 04:53 search.php
-rw-r--r--  1 www-data www-data  3337393 Dec  1 07:47 sitemap.xml
-rw-r--r--  1 www-data www-data     3462 Aug 19 11:37 sitemap.xsl
-rw-r--r--  1 www-data www-data    30533 Nov 30 17:52 sitemap_blog.xml
-rw-r--r--  1 www-data www-data     4229 Nov 30 17:52 sitemap_blog.xml.gz
drwxr-xr-x  3 www-data www-data     4096 Jul  9 14:42 slider
drwxr-xr-x  2 www-data www-data    20480 Dec  4 09:18 sploits
-rw-r--r--  1 www-data www-data     9621 Nov  3 19:52 style.css
drwxr-xr-x  2 www-data www-data     4096 Sep 23 06:40 testme
-rw-r--r--  1 www-data www-data     5699 Nov  4 07:22 tpl_search.php
-rw-r--r--  1 www-data www-data       16 Nov 28 06:52 update-982374.txt
-rw-r--r--  1 www-data www-data       50 Aug 26 04:53 updated.php
drwxr-xr-x  3 www-data www-data     4096 Aug  3 09:35 videos
-rw-r--r--  1 www-data www-data     4391 Aug 26 04:53 wp-activate.php
drwxr-xr-x  8 www-data www-data     4096 Nov 11 17:59 wp-admin
-rw-r--r--  1 www-data www-data    40284 Aug 26 04:53 wp-app.php
-rw-r--r--  1 www-data www-data      220 Aug 26 04:53 wp-atom.php
-rw-r--r--  1 www-data www-data      274 Aug 26 04:53 wp-blog-header.php
-rw-r--r--  1 www-data www-data     3926 Aug 26 04:53 wp-comments-post.php
-rw-r--r--  1 www-data www-data      238 Aug 26 04:53 wp-commentsrss2.php
-rw-r--r--  1 www-data www-data     3173 Aug 26 04:53 wp-config-sample.php
-rw-r--r--  1 www-data www-data     2832 Nov 11 17:59 wp-config.php
drwxr-xr-x  8 www-data www-data     4096 Dec  3 22:49 wp-content
-rw-r--r--  1 www-data www-data     1255 Aug 26 04:53 wp-cron.php
-rw-r--r--  1 www-data www-data      240 Aug 26 04:53 wp-feed.php
drwxr-xr-x  7 www-data www-data     4096 Sep  8 13:52 wp-includes
-rw-r--r--  1 www-data www-data     2002 Aug 26 04:53 wp-links-opml.php
-rw-r--r--  1 www-data www-data     2441 Aug 26 04:53 wp-load.php
-rw-r--r--  1 www-data www-data    26160 Sep  3 21:48 wp-login.php
-rw-r--r--  1 www-data www-data     7774 Aug 26 04:53 wp-mail.php
-rw-r--r--  1 www-data www-data      487 Aug 26 04:53 wp-pass.php
-rw-r--r--  1 www-data www-data      218 Aug 26 04:53 wp-rdf.php
-rw-r--r--  1 www-data www-data      316 Aug 26 04:53 wp-register.php
-rw-r--r--  1 www-data www-data      218 Aug 26 04:53 wp-rss.php
-rw-r--r--  1 www-data www-data      220 Aug 26 04:53 wp-rss2.php
-rw-r--r--  1 www-data www-data     9177 Sep  8 13:01 wp-settings.php
-rw-r--r--  1 www-data www-data    18695 Aug 26 04:53 wp-signup.php
-rw-r--r--  1 www-data www-data     3702 Aug 26 04:53 wp-trackback.php
-rw-r--r--  1 www-data www-data    93955 Aug 26 04:53 xmlrpc-orig.php
-rw-r--r--  1 www-data www-data    94184 Aug 26 04:53 xmlrpc.php




$ cat wp-config.php
<?php
/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, WordPress Language, and ABSPATH. You can find more information by
 * visiting {@link https://codex.wordpress.org/Editing_wp-config.php Editing
 * wp-config.php} Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */


// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
//define('DB_NAME', 'explot2');
define('WP_CACHE', true); //Added by WP-Cache Manager
define('DB_NAME', 'edb_new');


/** MySQL database username */
define('DB_USER', 'edbuser');


/** MySQL database password */
//define('DB_PASSWORD', 'admin123');
define('DB_PASSWORD', '2834729347928372342');
//define('DB_PASSWORD', 'f00b204e98009d22b68e54a');


/** MySQL hostname */
define('DB_HOST', 'localhost');
define('WP_MEMORY_LIMIT', '1024M');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');


/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');
define('FORCE_SSL_LOGIN', true);


/**#@+
 * Authentication Unique Keys.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/ WordPress.org secret-k
 * You can change these at any point in time to invalidate all existing cookies. This will force all users 
 in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
/**#@-*/


/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';


/**
 * WordPress Localized Language, defaults to English.
 *
 * Change this to localize WordPress.  A corresponding MO file for the chosen
 * language must be installed to wp-content/languages. For example, install
 * de.mo to wp-content/languages and set WPLANG to 'de' to enable German
 * language support.
 */
define ('WPLANG', '');


/* That's all, stop editing! Happy blogging. */


/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
        define('ABSPATH', dirname(__FILE__) . '/');


/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');


define('WP_DEBUG',true);
define('WP_MEMORY_LIMIT', '128M');


$ cd forums


$ ls -la
total 2344
drwxr-xr-x 21 www-data www-data   4096 Nov 22 20:06 .
drwxr-xr-x 18 www-data www-data   4096 Nov 26 10:16 ..
-rw-r--r--  1 www-data www-data   1008 Nov  6 12:03 .htaccess
-rw-rw-r--  1 www-data www-data  17862 Nov 22 20:01 LICENSE
drwxr-xr-x  3 www-data www-data   4096 Nov 22 20:04 admincp
drwxr-xr-x  3 www-data www-data   4096 Nov 22 20:04 admincp-23987239874298273987234
-rwxr-xr-x  1 www-data www-data  40193 Nov 22 20:01 ajax.php
-rwxr-xr-x  1 www-data www-data  75603 Nov 22 20:01 album.php
-rwxr-xr-x  1 www-data www-data  19119 Nov 22 20:01 announcement.php
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 archive
-rwxr-xr-x  1 www-data www-data   9040 Nov 22 20:01 asset.php
-rwxr-xr-x  1 www-data www-data  21161 Nov 22 20:01 assetmanage.php
-rwxr-xr-x  1 www-data www-data  15788 Nov 22 20:01 attachment.php
-rwxr-xr-x  1 www-data www-data   6935 Nov 22 20:01 attachment_inlinemod.php
-rwxr-xr-x  1 www-data www-data   3616 Nov 22 20:01 blog_attachment.php
-rwxr-xr-x  1 www-data www-data  96121 Nov 22 20:01 calendar.php
-rwxr-xr-x  1 www-data www-data     43 Nov 22 20:01 clear.gif
drwxr-xr-x  9 www-data www-data   4096 Nov  6 11:22 clientscript
-rwxr-xr-x  1 www-data www-data  15786 Nov 22 20:01 converse.php
drwxr-xr-x  7 www-data www-data   4096 Nov  6 11:22 cpstyles
-rwxr-xr-x  1 www-data www-data   3309 Nov 22 20:01 cron.php
-rwxr-xr-x  1 www-data www-data   6145 Nov 22 20:01 css.php
drwxr-xr-x  3 www-data www-data   4096 Nov  6 11:22 customavatars
drwxr-xr-x  3 www-data www-data   4096 Nov  6 11:22 customgroupicons
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 customprofilepics
-rwxr-xr-x  1 www-data www-data   1823 Nov 22 20:01 editor.php
-rwxr-xr-x  1 www-data www-data  47010 Nov 22 20:01 editpost.php
-rwxr-xr-x  1 www-data www-data   1427 Nov 22 20:01 entry.php
-rwxr-xr-x  1 www-data www-data  30084 Nov 22 20:01 external.php
-rwxr-xr-x  1 www-data www-data   9966 Nov 22 20:01 faq.php
-rwxr-xr-x  1 www-data www-data  10134 Nov 22 20:01 favicon.ico
-rwxr-xr-x  1 www-data www-data  23332 Nov 22 20:01 forum.php
-rwxr-xr-x  1 www-data www-data  42452 Nov 22 20:01 forumdisplay.php
-rwxr-xr-x  1 www-data www-data   2066 Nov 22 20:01 global.php
-rwxr-xr-x  1 www-data www-data 155838 Nov 22 20:01 group.php
-rwxr-xr-x  1 www-data www-data  26150 Nov 22 20:01 group_inlinemod.php
-rwxr-xr-x  1 www-data www-data  11883 Nov 22 20:01 groupsubscription.php
-rwxr-xr-x  1 www-data www-data   9039 Nov 22 20:01 image.php
drwxr-xr-x 24 www-data www-data   4096 Nov  6 13:16 images
drwxr-xr-x  8 www-data www-data  12288 Nov  6 14:29 includes
-rwxr-xr-x  1 www-data www-data   2396 Nov 22 20:01 index.php
-rwxr-xr-x  1 www-data www-data  47021 Nov 22 20:01 infraction.php
-rwxr-xr-x  1 www-data www-data 187803 Nov 22 20:01 inlinemod.php
-rwxr-xr-x  1 www-data www-data  11440 Nov 22 20:01 joinrequests.php
-rwxr-xr-x  1 www-data www-data   1757 Nov 22 20:01 list.php
-rwxr-xr-x  1 www-data www-data  10947 Nov 22 20:01 login.php
-rwxr-xr-x  1 www-data www-data  30244 Nov 22 20:01 member.php
-rwxr-xr-x  1 www-data www-data  16392 Nov 22 20:01 member_inlinemod.php
-rwxr-xr-x  1 www-data www-data  40345 Nov 22 20:01 memberlist.php
-rwxr-xr-x  1 www-data www-data  22264 Nov 22 20:01 misc.php
drwxr-xr-x  2 www-data www-data   4096 Nov 22 20:01 modcp
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:55 modcp-23987239874298273987234
-rwxr-xr-x  1 www-data www-data  76827 Nov 22 20:01 moderation.php
-rwxr-xr-x  1 www-data www-data   6779 Nov 22 20:01 moderator.php
-rwxr-xr-x  1 www-data www-data  17552 Nov 22 20:01 newattachment.php
-rwxr-xr-x  1 www-data www-data  41079 Nov 22 20:01 newreply.php
-rwxr-xr-x  1 www-data www-data  20185 Nov 22 20:01 newthread.php
-rwxr-xr-x  1 www-data www-data  21802 Nov 22 20:01 online.php
drwxr-xr-x  5 www-data www-data   4096 Nov  6 11:22 packages
-rwxr-xr-x  1 www-data www-data   8096 Nov 22 20:01 payment_gateway.php
-rwxr-xr-x  1 www-data www-data  13360 Nov 22 20:01 payments.php
-rwxr-xr-x  1 www-data www-data   4156 Nov 22 20:01 picture.php
-rwxr-xr-x  1 www-data www-data  16665 Nov 22 20:01 picture_inlinemod.php
-rwxr-xr-x  1 www-data www-data  26169 Nov 22 20:01 picturecomment.php
-rwxr-xr-x  1 www-data www-data  29338 Nov 22 20:01 poll.php
-rwxr-xr-x  1 www-data www-data  10414 Nov 22 20:01 posthistory.php
-rwxr-xr-x  1 www-data www-data  76585 Nov 22 20:01 postings.php
-rwxr-xr-x  1 www-data www-data   7087 Nov 22 20:01 printthread.php
-rwxr-xr-x  1 www-data www-data  79435 Nov 22 20:01 private.php
-rwxr-xr-x  1 www-data www-data 163695 Nov 22 20:01 profile.php
-rwxr-xr-x  1 www-data www-data  56363 Nov 22 20:01 register.php
-rwxr-xr-x  1 www-data www-data   7294 Nov 22 20:01 report.php
-rwxr-xr-x  1 www-data www-data  14765 Nov 22 20:01 reputation.php
-rwxr-xr-x  1 www-data www-data  35793 Nov 22 20:01 search.php
-rwxr-xr-x  1 www-data www-data  22710 Nov 22 20:01 sendmessage.php
-rwxr-xr-x  1 www-data www-data  12485 Nov 22 20:01 showgroups.php
-rwxr-xr-x  1 www-data www-data  12738 Nov 22 20:01 showpost.php
-rwxr-xr-x  1 www-data www-data  80115 Nov 22 20:01 showthread.php
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 signaturepics
drwxr-xr-x  2 www-data www-data   4096 Nov  6 11:22 store_sitemap
-rwxr-xr-x  1 www-data www-data  38862 Nov 22 20:01 subscription.php
-rwxr-xr-x  1 www-data www-data   5399 Nov 22 20:01 tags.php
-rwxr-xr-x  1 www-data www-data   8800 Nov 22 20:01 threadrate.php
-rwxr-xr-x  1 www-data www-data  11146 Nov 22 20:01 threadtag.php
-rwxr-xr-x  1 www-data www-data     61 Nov 22 20:01 uploadprogress.gif
-rwxr-xr-x  1 www-data www-data  39717 Nov 22 20:01 usercp.php
-rwxr-xr-x  1 www-data www-data  21034 Nov 22 20:01 usernote.php
drwxr-xr-x 13 www-data www-data   4096 Nov  6 11:22 vb
drwxr-xr-x  8 www-data www-data   4096 Nov  6 12:23 vboptimise
-rw-r--r--  1 www-data www-data   2324 Nov  6 12:23 vboptimise.php
drwxr-xr-x  4 www-data www-data   4096 Nov  6 11:55 vbseo
-rw-r--r--  1 www-data www-data  45286 Nov  6 11:55 vbseo.php
drwxr-xr-x  4 www-data www-data   4096 Nov  6 14:29 vbseo_sitemap
-rw-r--r--  1 www-data www-data   4335 Nov  6 11:55 vbseocp.php
-rwxr-xr-x  1 www-data www-data  27879 Nov 22 20:01 visitormessage.php
-rwxr-xr-x  1 www-data www-data   1761 Nov 22 20:01 widget.php
-rwxr-xr-x  1 www-data www-data   3952 Nov 22 20:01 xmlsitemap.php


$ cat includes/config.php
<?php
/*======================================================================*\
|| #################################################################### ||
|| # vBulletin 4.0.8
|| # ---------------------------------------------------------------- # ||
|| # All PHP code in this file is i??2000-2010 vBulletin Solutions Inc. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # https://www.vbulletin.com | https://www.vbulletin.com/license.html # ||
|| #################################################################### ||
\*======================================================================*/


/*-------------------------------------------------------*\
| ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** |
+---------------------------------------------------------+
| If you get any errors while attempting to connect to    |
| MySQL, you will need to email your webhost because we   |
| cannot tell you the correct values for the variables    |
| in this file.                                           |
\*-------------------------------------------------------*/


        //      ****** DATABASE TYPE ******
        //      This is the type of the database server on which your vBulletin database will be located.
        //      Valid options are mysql and mysqli, for slave support add _slave.  Try to use mysqli if you are using PHP
 5 and MySQL 4.1+
        // for slave options just append _slave to your preferred database type.
$config['Database']['dbtype'] = 'mysql';


        //      ****** DATABASE NAME ******
        //      This is the name of the database where your vBulletin will be located.
        //      This must be created by your webhost.
$config['Database']['dbname'] = 'edbforum';


        //      ****** TABLE PREFIX ******
        //      Prefix that your vBulletin tables have in the database.
$config['Database']['tableprefix'] = '';


        //      ****** TECHNICAL EMAIL ADDRESS ******
        //      If any database errors occur, they will be emailed to the address specified here.
        //      Leave this blank to not send any emails when there is a database error.
$config['Database']['technicalemail'] = 'dbmaster@example.com';


        //      ****** FORCE EMPTY SQL MODE ******
        // New versions of MySQL (4.1+) have introduced some behaviors that are
        // incompatible with vBulletin. Setting this value to "true" disables those
        // behaviors. You only need to modify this value if vBulletin recommends it.
$config['Database']['force_sql_mode'] = false;






        //      ****** MASTER DATABASE SERVER NAME AND PORT ******
        //      This is the hostname or IP address and port of the database server.
        //      If you are unsure of what to put here, leave the default values.
        //
        //      Note: If you are using IIS 7+ and MySQL is on the same machine, you
        //      need to use 127.0.0.1 instead of localhost
$config['MasterServer']['servername'] = 'localhost';
$config['MasterServer']['port'] = 3306;


        //      ****** MASTER DATABASE USERNAME & PASSWORD ******
        //      This is the username and password you use to access MySQL.
        //      These must be obtained through your webhost.
$config['MasterServer']['username'] = 'forums';
$config['MasterServer']['password'] = '2834725234523472342';


        //      ****** MASTER DATABASE PERSISTENT CONNECTIONS ******
        //      This option allows you to turn persistent connections to MySQL on or off.
        //      The difference in performance is negligible for all but the largest boards.
        //      If you are unsure what this should be, leave it off. (0 = off; 1 = on)
$config['MasterServer']['usepconnect'] = 0;






        //      ****** SLAVE DATABASE CONFIGURATION ******
        //      If you have multiple database backends, this is the information for your slave
        //      server. If you are not 100% sure you need to fill in this information,
        //      do not change any of the values here.
$config['SlaveServer']['servername'] = '';
$config['SlaveServer']['port'] = 3306;
$config['SlaveServer']['username'] = '';
$config['SlaveServer']['password'] = '';
$config['SlaveServer']['usepconnect'] = 0;






        //      ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
        //      This setting allows you to change the name of the folders that the admin and
        //      moderator control panels reside in. You may wish to do this for security purposes.
        //      Please note that if you change the name of the directory here, you will still need
        //      to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincp-23987239874298273987234';
$config['Misc']['modcpdir'] = 'modcp-23987239874298273987234';


        //      Prefix that all vBulletin cookies will have
        //      Keep this short and only use numbers and letters, i.e. 1-9 and a-Z
$config['Misc']['cookieprefix'] = 'bb';


        //      ******** FULL PATH TO FORUMS DIRECTORY ******
        //      On a few systems it may be necessary to input the full path to your forums directory
        //      for vBulletin to function normally. You can ignore this setting unless vBulletin
        //      tells you to fill this in. Do not include a trailing slash!
        //      Example Unix:
        //        $config['Misc']['forumpath'] = '/home/users/public_html/forums';
        //      Example Win32:
        //        $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdocs\vb3';
$config['Misc']['forumpath'] = '';






        //      ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
        //      The users specified here will be allowed to view the admin log in the control panel.
        //      Users must be specified by *ID number* here. To obtain a user's ID number,
        //      view their profile via the control panel. If this is a new installation, leave
        //      the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '1';


        //      ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
        //      The users specified here will be allowed to remove ("prune") entries from the admin
        //      log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '1';


        //      ****** USERS WITH QUERY RUNNING PERMISSIONS ******
        //      The users specified here will be allowed to run queries from the control panel.
        //      See the above entries for more information on the format.
        //      Please note that the ability to run queries is quite powerful. You may wish
        //      to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '';


        //      ****** UNDELETABLE / UNALTERABLE USERS ******
        //      The users specified here will not be deletable or alterable from the control panel by any users.
        //      To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '';


        //      ****** SUPER ADMINISTRATORS ******
        //      The users specified below will have permission to access the administrator permissions
        //      page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '1';


        // ****** DATASTORE CACHE CONFIGURATION *****
        // Here you can configure different methods for caching datastore items.
        // vB_Datastore_Filecache  - to use includes/datastore/datastore_cache.php
        // vB_Datastore_APC - to use APC
        // vB_Datastore_XCache - to use XCache
        // vB_Datastore_Memcached - to use a Memcache server, more configuration below
// $config['Datastore']['class'] = 'vB_Datastore_Filecache';


        // ******** DATASTORE PREFIX ******
        // If you are using a PHP Caching system (APC, XCache, eAccelerator) with more
        // than one set of forums installed on your host, you *may* need to use a prefix
        // so that they do not try to use the same variable within the cache.
        // This works in a similar manner to the database table prefix.
// $config['Datastore']['prefix'] = '';


        // It is also necessary to specify the hostname or IP address and the port the server is listening on
/*
$config['Datastore']['class'] = 'vB_Datastore_Memcached';
$i = 0;
// First Server
$i++;
$config['Misc']['memcacheserver'][$i]           = '127.0.0.1';
$config['Misc']['memcacheport'][$i]                     = 11211;
$config['Misc']['memcachepersistent'][$i]       = true;
$config['Misc']['memcacheweight'][$i]           = 1;
$config['Misc']['memcachetimeout'][$i]          = 1;
$config['Misc']['memcacheretry_interval'][$i] = 15;
*/


// ****** The following options are only needed in special cases ******


        //      ****** MySQLI OPTIONS *****
        // When using MySQL 4.1+, MySQLi should be used to connect to the database.
        // If you need to set the default connection charset because your database
        // is using a charset other than latin1, you can set the charset here.
        // If you don't set the charset to be the same as your database, you
        // may receive collation errors.  Ignore this setting unless you
        // are sure you need to use it.
// $config['Mysqli']['charset'] = 'utf8';


        //      Optionally, PHP can be instructed to set connection parameters by reading from the
        //      file named in 'ini_file'. Please use a full path to the file.
        //      Example:
        //      $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my.ini';
$config['Mysqli']['ini_file'] = '';


// Image Processing Options
        // Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger image
s, alter these settings.
$config['Misc']['maxwidth'] = 2592;
$config['Misc']['maxheight'] = 1944;


/*======================================================================*\
|| ####################################################################
|| # Downloaded: 10:22, Sat Nov 6th 2010
|| # CVS: $RCSfile$ - $Revision: 39199 $
|| ####################################################################
\*======================================================================*/


$ cd /


$ ls -la
total 112
drwxr-xr-x  26 root root  4096 Nov 30 06:53 .
drwxr-xr-x  26 root root  4096 Nov 30 06:53 ..
drw-------   2 root root  4096 Dec  4 03:45 backup
drw-------   2 root root  4096 Sep  1 07:38 backup-fix
drwxr-xr-x   2 root root  4096 Oct 11 09:00 bin
drwxr-xr-x   3 root root  4096 Nov 30 06:53 boot
drwxr-xr-x   3 root root  4096 Nov 11 16:56 build
drwxr-xr-x   2 root root  4096 Jul  9 05:29 cdrom
drwxr-xr-x  14 root root  3800 Nov 30 06:53 dev
drwxr-xr-x  91 root root  4096 Dec  2 06:34 etc
drwxr-xr-x   3 root root  4096 Aug  3 11:48 home
lrwxrwxrwx   1 root root    32 Nov 30 06:53 initrd.img -> boot/initrd.img-2.6.32-26-server
lrwxrwxrwx   1 root root    32 Oct  4 16:30 initrd.img.old -> boot/initrd.img-2.6.32-25-server
drwxr-xr-x  13 root root 12288 Nov 18 06:54 lib
lrwxrwxrwx   1 root root     4 Jul  9 05:28 lib64 -> /lib
drwx------   2 root root 16384 Jul  9 05:28 lost+found
drwxr-xr-x   2 root root  4096 Jul  9 15:17 maint
drwxr-xr-x   3 root root  4096 Jul  9 05:28 media
drwxr-xr-x   4 root root  4096 Jul  9 20:03 mnt
drwxr-xr-x   3 root root  4096 Oct  7 16:53 opt
dr-xr-xr-x 227 root root     0 Nov 11 10:45 proc
drwx------   9 root root  4096 Nov 25 09:08 root
drwxr-xr-x   2 root root  4096 Oct 29 19:00 sbin
drwxr-xr-x   2 root root  4096 Dec  5  2009 selinux
drwxr-xr-x   2 root root  4096 Jul  9 05:28 srv
drwxr-xr-x  13 root root     0 Nov 11 10:45 sys
drwxrwxrwt   3 root root  4096 Dec  4 14:59 tmp
drwxr-xr-x  10 root root  4096 Jul  9 05:28 usr
drwxr-xr-x  19 root root  4096 Sep 24 09:26 var
lrwxrwxrwx   1 root root    29 Nov 30 06:53 vmlinuz -> boot/vmlinuz-2.6.32-26-server
lrwxrwxrwx   1 root root    29 Oct  4 16:30 vmlinuz.old -> boot/vmlinuz-2.6.32-25-server


$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
sshd:x:102:65534::/var/run/sshd:/usr/sbin/nologin
landscape:x:103:108::/var/lib/landscape:/bin/false
mysql:x:104:112:MySQL Server,,,:/var/lib/mysql:/bin/false
smmta:x:105:114:Mail Transfer Agent,,,:/var/lib/sendmail:/bin/false
smmsp:x:106:115:Mail Submission Program,,,:/var/lib/sendmail:/bin/false
emgent:x:1003:1002:,,,:/home/emgent:/bin/bash
ossec:x:1004:1003::/var/ossec:/bin/false
ossecm:x:1005:1003::/var/ossec:/bin/false
ossecr:x:1006:1003::/var/ossec:/bin/false


$ cat /etc/issue
Ubuntu 10.04.1 LTS \n \l




$ cat /etc/ssh/sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details


# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes


# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768


# Logging
SyslogFacility AUTH
LogLevel INFO


# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes


RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     %h/.ssh/authorized_keys


# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes


# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no


# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no


# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes


# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes


# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes


X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no


#MaxStartups 10:30:60
#Banner /etc/issue.net


# Allow client to pass locale environment variables
AcceptEnv LANG LC_*


Subsystem sftp /usr/lib/openssh/sftp-server


# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes


$ cd /home


$ ls -la
total 12
drwxr-xr-x  3 root   root   4096 Aug  3 11:48 .
drwxr-xr-x 26 root   root   4096 Nov 30 06:53 ..
drwxr-xr-x  7 emgent emgent 4096 Aug  7 07:45 emgent


$ cd emgent


$ ls -la
total 48
drwxr-xr-x 7 emgent emgent 4096 Aug  7 07:45 .
drwxr-xr-x 3 root   root   4096 Aug  3 11:48 ..
-rw------- 1 emgent emgent  259 Oct 18 11:39 .bash_history
-rw-r--r-- 1 emgent emgent  220 Aug  3 11:48 .bash_logout
-rw-r--r-- 1 emgent emgent 3103 Aug  3 11:48 .bashrc
drwx------ 2 emgent emgent 4096 Aug  3 11:49 .cache
drwx------ 2 emgent emgent 4096 Aug  3 11:49 .irssi
-rw------- 1 emgent emgent    9 Aug  3 11:50 .nano_history
-rw-r--r-- 1 emgent emgent  675 Aug  3 11:48 .profile
drwxr-xr-x 2 emgent emgent 4096 Aug  3 11:49 .ssh
drwxr-xr-x 3 emgent emgent 4096 Aug  7 07:45 .subversion
drwxr-xr-x 4 emgent emgent 4096 Aug  7 07:46 exploitdb






$ cd .ssh


$ ls
authorized_keys
cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAntXlep19oECqVocmK6UIhsxI5yGQSPUVYWOZXWO7Q0wP9vF5FfHmE4yCmKt+MleWcPWkkbI6IXBt9TNtw7m6usPx2IEbpEVr8sl7pT8hiW8tKNew74gEEgE53AGLhWr/+vViL+5K4SKCt591oABDtWA6KIEOuyx9/jqLLwBTQP0UyrqIJpR9VhQ2GQ6tN6Y+LV4tvpqy8ehevsIqdj+HvdsvVU2sREJsSH5xAncaRJQ1sfQepyeAwi7yZ1fBT4U4/LlukkBLIqjXk2D6jPZG870R4KCEI280rBJ9DX4fPX9qvYUwOm/OtWwxC7kivuCnNM1v2wBRUVCBmSUimqWnpQ== emgent@enJoy


$ ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  23680  1244 ?        Ss   Nov11   0:07 /sbin/init
root         2  0.0  0.0      0     0 ?        S    Nov11   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    Nov11   0:01 [migration/0]
root         4  0.0  0.0      0     0 ?        S    Nov11   0:12 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/0]
root         6  0.0  0.0      0     0 ?        S    Nov11   0:02 [migration/1]
root         7  0.0  0.0      0     0 ?        S    Nov11   0:04 [ksoftirqd/1]
root         8  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/1]
root         9  0.0  0.0      0     0 ?        S    Nov11   0:02 [migration/2]
root        10  0.0  0.0      0     0 ?        S    Nov11   0:02 [ksoftirqd/2]
root        11  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/2]
root        12  0.0  0.0      0     0 ?        S    Nov11   0:01 [migration/3]
root        13  0.0  0.0      0     0 ?        S    Nov11   0:05 [ksoftirqd/3]
root        14  0.0  0.0      0     0 ?        S    Nov11   0:00 [watchdog/3]
root        15  0.0  0.0      0     0 ?        S    Nov11   0:32 [events/0]
root        16  0.0  0.0      0     0 ?        S    Nov11  13:44 [events/1]
root        17  0.0  0.0      0     0 ?        S    Nov11   0:17 [events/2]
root        18  0.0  0.0      0     0 ?        S    Nov11   0:18 [events/3]
root        19  0.0  0.0      0     0 ?        S    Nov11   0:00 [cpuset]
root        20  0.0  0.0      0     0 ?        S    Nov11   0:00 [khelper]
root        21  0.0  0.0      0     0 ?        S    Nov11   0:00 [netns]
root        22  0.0  0.0      0     0 ?        S    Nov11   0:00 [async/mgr]
root        23  0.0  0.0      0     0 ?        S    Nov11   0:00 [pm]
root        25  0.0  0.0      0     0 ?        S    Nov11   0:02 [sync_supers]
root        26  0.0  0.0      0     0 ?        S    Nov11   0:04 [bdi-default]
root        27  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/0]
root        28  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/1]
root        29  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/2]
root        30  0.0  0.0      0     0 ?        S    Nov11   0:00 [kintegrityd/3]
root        31  0.0  0.0      0     0 ?        S    Nov11  11:09 [kblockd/0]
root        32  0.0  0.0      0     0 ?        S    Nov11   2:17 [kblockd/1]
root        33  0.0  0.0      0     0 ?        S    Nov11   1:33 [kblockd/2]
root        34  0.0  0.0      0     0 ?        S    Nov11   1:14 [kblockd/3]
root        35  0.0  0.0      0     0 ?        S    Nov11   0:00 [kacpid]
root        36  0.0  0.0      0     0 ?        S    Nov11   0:00 [kacpi_notify]
root        37  0.0  0.0      0     0 ?        S    Nov11   0:00 [kacpi_hotplug]
root        38  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/0]
root        39  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/1]
root        40  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/2]
root        41  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata/3]
root        42  0.0  0.0      0     0 ?        S    Nov11   0:00 [ata_aux]
root        43  0.0  0.0      0     0 ?        S    Nov11   0:00 [ksuspend_usbd]
root        44  0.0  0.0      0     0 ?        S    Nov11   0:00 [khubd]
root        45  0.0  0.0      0     0 ?        S    Nov11   0:00 [kseriod]
root        46  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmmcd]
root        51  0.0  0.0      0     0 ?        S    Nov11   0:00 [khungtaskd]
root        52  0.0  0.0      0     0 ?        S    Nov11   0:30 [kswapd0]
root        53  0.0  0.0      0     0 ?        SN   Nov11   0:00 [ksmd]
root        54  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/0]
root        55  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/1]
root        56  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/2]
root        57  0.0  0.0      0     0 ?        S    Nov11   0:00 [aio/3]
root        58  0.0  0.0      0     0 ?        S    Nov11   0:00 [ecryptfs-kthrea]
root        59  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/0]
root        60  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/1]
root        61  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/2]
root        62  0.0  0.0      0     0 ?        S    Nov11   0:00 [crypto/3]
root        65  0.0  0.0      0     0 ?        S    Nov11   0:00 [pciehpd]
root        66  0.0  0.0      0     0 ?        S    Nov11   0:00 [scsi_eh_0]
root        67  0.0  0.0      0     0 ?        S    Nov11   0:00 [scsi_eh_1]
root        69  0.0  0.0      0     0 ?        S    Nov11   0:00 [kstriped]
root        70  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/0]
root        71  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/1]
root        72  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/2]
root        73  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpathd/3]
root        74  0.0  0.0      0     0 ?        S    Nov11   0:00 [kmpath_handlerd]
root        75  0.0  0.0      0     0 ?        S    Nov11   0:00 [ksnapd]
root        76  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/0]
root        77  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/1]
root        78  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/2]
root        79  0.0  0.0      0     0 ?        S    Nov11   0:00 [kondemand/3]
root        80  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/0]
root        81  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/1]
root        82  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/2]
root        83  0.0  0.0      0     0 ?        S    Nov11   0:00 [kconservative/3]
root       191  0.0  0.0      0     0 ?        S    Nov11   1:03 [mpt_poll_0]
root       192  0.0  0.0      0     0 ?        S    Nov11   0:00 [mpt/0]
root       268  0.0  0.0      0     0 ?        S    Nov11   0:00 [scsi_eh_2]
root       285  0.3  0.0      0     0 ?        S    Nov11 125:09 [jbd2/sda1-8]
root       286  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       287  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       288  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       289  0.0  0.0      0     0 ?        S    Nov11   0:00 [ext4-dio-unwrit]
root       322  0.3  0.0      0     0 ?        S    Nov11 115:40 [flush-8:0]
root       347  0.0  0.0  16904   640 ?        S    Nov11   0:00 upstart-udev-bridge --daemon
root       363  0.0  0.0  16920   416 ?        S<s  Nov11   0:00 udevd --daemon
root       582  0.0  0.0      0     0 ?        S    Nov11   0:00 [kpsmoused]
syslog     714  0.0  0.0 191492  1148 ?        Sl   Nov11   3:22 rsyslogd -c4
root       732  0.0  0.0  49260   528 ?        Ss   Nov11   0:01 /usr/sbin/sshd
root       773  0.0  0.0   6080   284 tty4     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty4
root       777  0.0  0.0   6080   284 tty5     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty5
root       787  0.0  0.0   6080   284 tty2     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty2
root       788  0.0  0.0   6080   284 tty3     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty3
root       792  0.0  0.0   6080   284 tty6     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty6
root       806  0.0  0.0  21076   428 ?        Ss   Nov11   0:07 cron
daemon     807  0.0  0.0  18884   348 ?        Ss   Nov11   0:00 atd
root       817  0.0  0.0  11284   428 ?        Ss   Nov11   1:53 /usr/sbin/irqbalance
root       950  0.0  0.0  84384   848 ?        Ss   Nov11   1:24 sendmail: MTA: accepting connections
root      1318  0.0  0.0  53108  4076 ?        Sl   Nov11   7:28 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock
root      1354  0.0  0.0  97040   408 ?        Ss   Nov11   0:07 /usr/bin/svnserve -d -r /var/svn/
root      1357  0.0  0.0   6080   284 tty1     Ss+  Nov11   0:00 /sbin/getty -8 38400 tty1
root      3467  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfs_mru_cache]
root      3468  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/0]
root      3469  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/1]
root      3470  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/2]
root      3471  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfslogd/3]
root      3472  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/0]
root      3473  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/1]
root      3474  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/2]
root      3475  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsdatad/3]
root      3476  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/0]
root      3477  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/1]
root      3478  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/2]
root      3479  0.0  0.0      0     0 ?        S    Nov30   0:00 [xfsconvertd/3]
root      3489  0.0  0.0  16980   372 ?        S<   Nov30   0:00 udevd --daemon
root      3490  0.0  0.0  16980   376 ?        S<   Nov30   0:00 udevd --daemon
root      3491  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsIO]
root      3492  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3493  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3494  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3495  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsCommit]
root      3496  0.0  0.0      0     0 ?        S    Nov30   0:00 [jfsSync]
root      4114  0.0  0.0 107552  1928 ?        S    Nov23   0:00 /usr/bin/svnserve -d -r /var/svn/
root      7702  0.0  0.0 107420  1960 ?        S    13:31   0:00 /usr/bin/svnserve -d -r /var/svn/
root      8080  0.1  0.1 346236 11548 ?        Ss   Nov26  18:14 /usr/sbin/apache2 -k start
root      9853  0.0  0.0   9756   384 ?        Ss   Nov11   1:04 tail -f /var/log/apache2/jesys.log
www-data 10874  0.0  0.6 354384 38764 ?        S    14:15   0:00 /usr/sbin/apache2 -k start
www-data 10909  0.0  0.0  25632  2876 ?        S    14:15   0:00 dhcpcd
www-data 10910  0.0  0.0   4096   656 ?        S    14:15   0:00 /bin/sh
www-data 13491  0.1  0.6 356496 39580 ?        S    14:54   0:01 /usr/sbin/apache2 -k start
root     13493  0.1  0.1 116628 11268 ?        S    14:54   0:00 /usr/bin/svnserve -d -r /var/svn/
www-data 13510  0.0  0.0   4040   524 ?        S    14:55   0:00 cat www.tar.gz
root     13561  0.0  0.0 107420  1940 ?        S    Nov30   0:00 /usr/bin/svnserve -d -r /var/svn/
www-data 13681  0.1  0.5 354240 32356 ?        S    14:57   0:00 /usr/sbin/apache2 -k start
www-data 13884  0.1  0.5 354792 33064 ?        S    14:59   0:00 /usr/sbin/apache2 -k start
www-data 13889  0.2  0.5 353632 31568 ?        S    14:59   0:01 /usr/sbin/apache2 -k start
www-data 13960  0.0  0.6 354384 38812 ?        S    15:01   0:00 /usr/sbin/apache2 -k start
www-data 13976  0.2  0.5 355192 32200 ?        S    15:01   0:00 /usr/sbin/apache2 -k start
www-data 14022  0.0  0.0  25632  2876 ?        S    15:02   0:00 dhcpcd
www-data 14023  0.0  0.0   4096   628 ?        S    15:02   0:00 /bin/sh
www-data 14026  0.2  0.5 353888 33228 ?        S    15:02   0:00 /usr/sbin/apache2 -k start
www-data 14027  0.1  0.5 356512 32860 ?        S    15:02   0:00 /usr/sbin/apache2 -k start
www-data 14062  0.2  0.5 353548 32144 ?        S    15:03   0:00 /usr/sbin/apache2 -k start
www-data 14063  0.1  0.5 353644 30840 ?        S    15:03   0:00 /usr/sbin/apache2 -k start
www-data 14152  0.2  0.5 353376 31236 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14154  0.3  0.5 352856 31284 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14159  0.1  0.5 353888 30852 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14160  0.2  0.5 355332 31280 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14163  0.1  0.5 354204 31520 ?        S    15:04   0:00 /usr/sbin/apache2 -k start
www-data 14183  0.1  0.4 353804 30404 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14185  0.2  0.4 352724 30460 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14188  0.2  0.5 353544 32600 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14194  0.1  0.4 353880 30564 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14201  0.1  0.5 353500 31264 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14204  0.2  0.5 354516 32044 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14205  0.1  0.4 353360 29148 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
ossecm   14276  0.0  0.0  16844   644 ?        S    Dec02   0:01 /var/ossec/bin/ossec-maild
root     14286  0.0  0.0  12496   576 ?        S    Dec02   0:03 /var/ossec/bin/ossec-execd
ossec    14291  0.0  0.0  14924  3052 ?        S    Dec02   0:43 /var/ossec/bin/ossec-analysisd
root     14295  0.0  0.0   4236   584 ?        S    Dec02   0:22 /var/ossec/bin/ossec-logcollector
www-data 14315  0.0  0.4 352972 29480 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14316  0.2  0.5 353360 31168 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14317  0.1  0.5 354404 30832 ?        S    15:05   0:00 /usr/sbin/apache2 -k start
www-data 14345  0.2  0.4 352592 30052 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14346  0.1  0.4 354008 30416 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14348  0.1  0.4 352356 29156 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14350  0.0  0.1 347492 10892 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14351  0.1  0.4 353272 30452 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14352  0.3  0.5 354176 31516 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14355  0.3  0.4 352328 29492 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14356  0.2  0.5 354200 31508 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14357  0.0  0.4 352584 28180 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
root     14361  0.0  0.0   4996  1664 ?        S    Dec02   0:34 /var/ossec/bin/ossec-syscheckd
ossec    14365  0.0  0.0  12764   844 ?        S    Dec02   0:00 /var/ossec/bin/ossec-monitord
www-data 14366  0.2  0.4 352348 29836 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14367  0.1  0.4 353492 30468 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14369  0.1  0.4 353424 30616 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14370  0.1  0.5 356216 31440 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14371  0.2  0.5 353996 31636 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14372  0.1  0.4 352356 28228 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14377  0.0  0.1 347236 10808 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14378  0.2  0.4 352612 29308 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
root     14386  0.0  0.0      0     0 ?        Z    15:07   0:00 [host-deny.sh] <defunct>
root     14387  0.0  0.0      0     0 ?        Z    15:07   0:00 [firewall-drop.s] <defunct>
www-data 14407  0.4  0.5 354384 32672 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14408  0.1  0.4 352604 29276 ?        S    15:07   0:00 /usr/sbin/apache2 -k start
www-data 14412  0.3  0.5 354716 32420 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14413  0.4  0.4 352592 29272 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14414  0.2  0.4 352600 28200 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14415  0.3  0.4 352724 29088 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14416  0.2  0.4 353776 29452 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14417  0.2  0.4 353136 28616 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14418  0.3  0.4 353520 29500 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14419  0.7  0.0      0     0 ?        Z    15:08   0:00 [apache2] <defunct>
www-data 14420  0.5  0.5 353976 31084 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14421  0.3  0.4 353252 29180 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14422  0.0  0.1 346724  8076 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14423  0.6  0.5 354352 31720 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14424  0.4  0.4 353808 29848 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14425  0.3  0.4 352584 28252 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14426  0.1  0.1 346748 10564 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14427  0.6  0.4 352976 28944 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14428  0.0  0.1 346724  8204 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14429  0.0  0.1 346724  8196 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14430  0.7  0.4 352976 29032 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14431  0.9  0.4 353668 30120 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14432  0.9  0.4 353368 29668 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14433  0.8  0.4 352976 28836 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14435  1.3  0.4 352716 29364 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14436  1.8  0.4 353736 30320 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14437  0.1  0.1 346236  7760 ?        S    15:08   0:00 /usr/sbin/apache2 -k start
www-data 14438  0.0  0.0  14976  1116 ?        R    15:08   0:00 ps aux
root     19786  0.0  0.0 107420  1884 ?        S    Nov16   0:00 /usr/bin/svnserve -d -r /var/svn/
root     19983  0.0  0.0 107420  1940 ?        S    Nov29   0:00 /usr/bin/svnserve -d -r /var/svn/
root     19989  0.0  0.0 107420  1884 ?        S    Nov16   0:00 /usr/bin/svnserve -d -r /var/svn/
root     20015  0.0  0.0 107420  1884 ?        S    Nov16   0:00 /usr/bin/svnserve -d -r /var/svn/
root     20286  0.0  0.0 107420  1888 ?        S    Nov18   0:00 /usr/bin/svnserve -d -r /var/svn/
mysql    22394 10.4 24.9 2441860 1529604 ?     Ssl  Nov12 3357:17 /usr/sbin/mysqld


$ df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1              48G   17G   29G  37% /
none                  3.0G  172K  3.0G   1% /dev
none                  3.0G     0  3.0G   0% /dev/shm
none                  3.0G   56K  3.0G   1% /var/run
none                  3.0G     0  3.0G   0% /var/lock
none                  3.0G     0  3.0G   0% /lib/init/rw
none                   48G   17G   29G  37% /var/lib/ureadahead/debugfs


Wordpress:
admin:$P$B./Y8qG9A2YuqIz4uBAjFRo.9Yv0Fb1::muts@offsec.com
dookie2000ca:$P$B7YVdu0JG/JOf2YAS8WsmQqHnZHf.b/:dookie2000ca:dookie@exploit-db.com
innrwrld:$P$BaJi4YkAt5o/paWUfDMdOOWuqHx/is/:innrwrld:innrwrld@exploit-db.com
ivan:$P$B/YVWEkaYIq3s2QLSmVB/wvXWYqoM80::centaur.mail@gmail.com
sinn3r:$P$BYzu/ozErhWi8hB8IPFdr6Tv2R9rat/:3r:sinn3r@exploit-db.com
loneferret:$P$Bgsl0.nlu4De51qkI8MDoeHDS6iLcM1:loneferret:loneferret@exploit-db.com
ronin:$P$BFw9OFuWa1s/t5DUJwKO6A0Otfkewo0::ronin@exploit-db.com
dijital1:$P$BirOcybWYDo/Z/wrJ5zBq2zaGElV.f/:dijital1:rlh@ciphermonk.net
emgent:$P$BYiha9WKXDzXQm8A8RXboRc7zZuus0.::emgent@backtrack-linux.org
j0fer:$P$Bgtsc7w.Vb6mCkJfJi7JkSO5zJUEBY.::j0fer@exploit-db.com
ReL1K:$P$B6DyRPNYrBuC.WRv5GrDnFg3wAQPo91::kennedyd013@gmail.com
Xpl0it:$P$BGBdVhFBaUM8s9ooGcmB01t.zoK.0V0::mr.xpl0it@gmail.com
fdiskyou:$P$BlgwWd3EmVg4SsfIxzOjqUQfGKfLZD0:fdiskyou:rui@exploit-db.com
rawjaw:$P$Bovffv59pNKpCOOvKlbGqFOmAh.HKb0::rawjaw@exploit-db.com
djokica:$P$BNeyg6NPYJWO9fzjfZs1okvMiM0vq51::centaur@pavko.info
xxDigiPxx:$P$B2eEGgTNsZnM4DFpIr4kNrKXv.ivyg/:xxdigipxx:xxtwistedpairxx@comcast.net
muts:$P$Bn.MAuG.OlZ1NtTxq0WWAUwhVEfusC.::muts@offensive-security.com
Ryujin:$P$BZ75UnhRqkJZj82bWfXbeD6dVxzXTG0::ryujin@offsec.com
didn0t:$P$BkGM.gSmmmuDlkJUKjCzy1LfUn9AnS.::paul@pizza.org
zelik:$P$BYjCAaqW0tcdNV3MZviRZoN./.HMKn0::tal.zeltzer@gmail.com
bitform:$P$BLk7y3.7JTn12lRYj25A/JXJ1W0SIA1::mattgraeber@gmail.com
bolexxx:$P$B1liji1bDZoOOwnVwV3Aa59Mqux0FC1::bolexxx@offsec.com
h00die:$P$Behl/g/GHQo5zxciUMgjPPzu7ZI8nO/::ragecyr@exploit-db.com
MaXe:$P$B6PKmgTlcm5L5kpysXfksmEmRfMy6U.::MaXe@intern0t.net
marked_doe:$P$By1rR96ByDsyil/yQa79qBE/A7nbOA1:marked_doe:marc@doudiet.net
code0wnz:$P$Bw1OuJHHzMtUBd8oSjmFoQYKtzjaC..:code0wnz:code0wnz@gmail.com
Dr_IDE:$P$BR.ReeHZDabreI8G0D5NARv8oY6SOP/::dr_ide@hushmail.com
Sud0:$P$BqovGmeqOSCzsHFso9q4goSZ4hkWbK1: :Sud0.x90@gmail.com
TecR0c:$P$BXoaJm6vL1VKJWz.K3m1M.XXVoXU9K/::tecr0c@corelan.be
kripthor:$P$BpUEGtZ3PvzfYotKDvvRA1AU9U4.iq1:kripthor:umbelino@crazydog.pt
ryp:$P$BwQ3FGe9q7spL3vkhxTyYMBkL4UGOQ.::adam@rypmarketing.com
fdisk:$P$Blv3X9wG6b/Yo3SDi22/nIJ34t2jGi/::ruifilipe.reis@gmail.com
root-boy:$P$BWq8dOxSe/HKG/kE3cXpGyAOgR6F.n1:root-boy:root-boy@exploit-db.com


Inj3ct0r said, "is not the end! expected to continue".
Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.