Salamlar Hamıya. Bu Gün sizlərə irex.am phpmyadmin bilgiləriə + əlavə maillər falan verəcəm. Nə Shell uplaya bildim nədə meta ata bildim. bu site MySQL-ə qoşulmayıb :/ Hamıya Uğurlar. Girin nə ata bilirsiz atın =)
http://pastebin.com/EqHbXd9t
Kod:
/*
Avatar Fearless
Special Thank`Z to : BOT_25
Special Respect To :
Leroy , MetaizM , AkaStep , MCH , XEY , BOT_25 , System_Invisible , Ferid23 , AzSecurity and All Bro*s
And AlL Anti-armenia Team!
And Specially Matador!
*/
http://www.irex.am/
IREX.AM pwned
Kod:
+-------------Attack Type : LFI(Local File Inclusion)-------------+
~~~~~~~~~~~~~CAT /ETC/PASSWD (Files)~~~~~~~~~~~~~
# $FreeBSD: src/etc/master.passwd,v 1.40.18.1 2008/11/25 02:59:29 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8:News Subsystem:/:/usr/sbin/nologin
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
sevachh:*:1001:1001:Sevak Harutyunyan:/home/sevachh:/bin/sh
mysql:*:88:88:MySQL Daemon:/nonexistent:/sbin/nologin
cyrus:*:60:60:the cyrus mail server:/nonexistent:/usr/sbin/nologin
courier:*:465:465:Courier Mail System:/var/spool/courier:/sbin/nologin
postfix:*:125:125:Postfix Mail System:/var/spool/postfix:/usr/sbin/nologin
virtual:*:1981:1981:User &:/home/virtual:/sbin/nologin
webmaster:*:1982:1982:Lusine:/usr/local/www/data/irex.am:/bin/true
vacation:*:65501:65501:Vacation:nonexistent:/usr/sbin/nologin
~~~~~~~~~~~~~Path Disclosure : Local Path~~~~~~~~~~~~~
/usr/local/www/data-dist/irex.am/news/
------------------------------------------------------
FCK Editor
Login : Parol
EPDIREX:tBptk/iyOATXI
get parolu qir
irex.am/editor
------------------------------------------------------
PostFixAdmin :
phpmyadmin.irex.am
Login : postfixadmin
Parol : irexvh777
-------------------------------------------------------
Kod:
//
// Postfix Admin
// by Mischa Peters
// Copyright (c) 2002 - 2005 High5!
// License Info: http://www.postfixadmin.com/?file=LICENSE.TXT
//
// File: config.inc.php
//
if (ereg ("config.inc.php", $_SERVER['PHP_SELF']))
{
header ("Location: login.php");
exit;
}
// Postfix Admin Path
// Set the location to your Postfix Admin installation here.
$CONF['postfix_admin_url'] = 'http://postfix-admin.irex.am/';
$CONF['postfix_admin_path'] = '/usr/local/www/postfixadmin/';
$CONF['default_language'] = 'en';
// Database Config
// mysql = MySQL 3.23 and 4.0
// mysqli = MySQL 4.1
// pgsql = PostgreSQL
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'irexvh777';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';
$CONF['admin@irex.am'] = '<>';
$CONF['smtp_server'] = 'localhost';
$CONF['smtp_port'] = '25';
$CONF['encrypt'] = 'cleartext';
$CONF['generate_password'] = 'NO';
$CONF['page_size'] = '20';
$CONF['default_aliases'] = array (
'webmaster' => 'webmaster@irex.am'
);
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'YES';
$CONF['aliases'] = '10';
$CONF['mailboxes'] = '50';
$CONF['maxquota'] = '0';
$CONF['quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
$CONF['transport'] = 'YES';
$CONF['vacation'] = 'YES';
$CONF['vacation_domain'] = 'autoreply.irex.am';
$CONF['vacation_control'] = 'YES';
$CONF['vacation_control_admin'] = 'YES';
$CONF['alias_control'] = 'NO';
$CONF['special_alias_control'] = 'NO';
$CONF['logging'] = 'YES';
$CONF['show_header_text'] = 'NO';
$CONF['header_text'] = ':: Postfix Admin ::';
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = ''
;
$CONF['footer_link'] = 'http://www.irex.am/';
$CONF['welcome_text'] = <<Hi,
Welcome to your new account.
EOM;
//
// END OF CONFIG FILE
//
?>
phpMyAdmin "Admin" Case :
phpmyadmin.irex.am
login : root
password : irexvh777
Kod:
-------------------------------------------------------
/* $Id: config.sample.inc.php,v 2.1.2.2 2006/08/28 08:14:14 nijel Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
* phpMyAdmin sample configuration, you can use it as base for
* manual configuration. For easier setup you can use scripts/setup.php
*
* All directives are explained in Documentation.html and on phpMyAdmin
* wiki .
*/
/*
* This is needed for cookie based authentication to encrypt password in
* cookie
*/
$cfg['blowfish_secret'] = 'tcp'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
/*
* Servers configuration
*/
$i = 0;
/*
* First server
*/
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
/* Select mysqli if your server has it */
$cfg['Servers'][$i]['extension'] = 'mysql';
/* User for advanced features */
$cfg['Servers'][$i]['controluser'] = 'root';
$cfg['Servers'][$i]['controlpass'] = 'irexvh777';
/* Advanced phpMyAdmin features */
$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
$cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
$cfg['Servers'][$i]['relation'] = 'pma_relation';
$cfg['Servers'][$i]['table_info'] = 'pma_table_info';
$cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
$cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
$cfg['Servers'][$i]['column_info'] = 'pma_column_info';
$cfg['Servers'][$i]['history'] = 'pma_history';
/*
* End of servers configuration
*/
/*
* Directories for saving/loading files from server
*/
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
?>
Extra Mail's :
Kod:
username password name maildir quota domain created modified active
Düzenle Sil lilit@irex.am vlilit09 Lilit Voskanyan irex.am/lilit@irex.am/ 2097152000 irex.am 2008-12-26 03:46:29 2011-11-15 09:14:32 1
Düzenle Sil armine@irex.am arminqw12 Armine Sahakyan irex.am/armine@irex.am/ 2097152000 irex.am 2010-09-02 04:48:43 2010-09-02 04:48:43 1
Düzenle Sil anarine@irex.am nano Narine Ayvazyan irex.am/anarine@irex.am/ 2147483647 irex.am 2008-12-29 01:14:49 2010-06-09 07:06:02 1
Düzenle Sil ugrad@irex.am MUSIK&*( Global Ugrad irex.am/ugrad@irex.am/ 256000000 irex.am 2010-02-08 06:35:35 2011-09-26 12:08:00 1
Düzenle Sil shushanik@irex.am shushik Shushanik Karpetyan irex.am/shushanik@irex.am/ 2097152000 irex.am 2009-09-10 10:53:10 2009-09-14 15:18:03 1
Düzenle Sil zhaneta@irex.am s@s3d! Zhaneta Khachatryan irex.am/zhaneta@irex.am/ 2147483647 irex.am 2008-12-29 01:23:48 2011-04-21 10:31:41 1
Düzenle Sil arina@irex.am xhbNHkCvM Arina Zohrabian irex.am/arina@irex.am/ 2147483647 irex.am 2008-12-29 01:26:15 2010-12-16 21:13:21 1
Düzenle Sil muskie@irex.am MUSIK&*( MUSKIE irex.am/muskie@irex.am/ 262144000 irex.am 2010-12-20 10:25:48 2011-09-26 12:06:56 1
Düzenle Sil reception@irex.am lilit IREX RECEPTION irex.am/reception@irex.am/ 262144000 irex.am 2010-08-27 08:39:24 2011-08-02 04:34:25 1
Düzenle Sil ariadna@irex.am Dionis1986 Ariadna Grigoryan irex.am/ariadna@irex.am/ 2097152000 irex.am 2009-12-03 10:39:48 2010-03-12 10:08:40 1
Düzenle Sil marinag@irex.am hellomarina Marina Gevorgyan irex.am/marinag@irex.am/ 2097152000 irex.am 2008-12-26 03:40:04 2008-12-26 03:44:59 1
Düzenle Sil mailman@irex.am irex! Mailer irex.am/mailman@irex.am/ 131072000 irex.am 2009-08-11 15:49:58 2009-08-11 15:49:58 1
Düzenle Sil admin@irex.am sevachuk Sevak Harutyunyan irex.am/admin@irex.am/ 256000000 irex.am 2008-12-26 02:06:34 2009-06-12 01:38:59 1
Düzenle Sil psfp@irex.am psfp1234567 PSFP irex.am/psfp@irex.am/ 1048576000 irex.am 2010-08-09 09:43:31 2010-08-09 09:43:31 1
Düzenle Sil edmond@irex.am edmond789 Edmond Ghulyan irex.am/edmond@irex.am/ 1048576000 irex.am 2010-09-28 07:07:29 2010-09-28 07:07:29 1
Düzenle Sil tigran@irex.am ttigran Tigran irex.am/tigran@irex.am/ 1048576000 irex.am 2011-07-22 04:40:32 2011-07-22 04:40:32 1
User's :
Düzenle Sil 1 Armen Petrosyan armenpm 66dfdc2bc4146c2c7ab4879700f804
Düzenle Sil 5 EPDArmenia EPDArmenia EPDArmenia IREXArmenia123!@#
Düzenle Sil 4 Armen Petrosyan armenpm 66dfdc2bc4146c2c7ab4879700f804
Düzenle Sil 7 viewUser viewUser viewUser 94aa9a21833ea3b96ea84059c3b803
Düzenle Sil 8 viewUser viewUser viewUser 94aa9a21833ea3b96ea84059c3b803
6ea84059c3b803[/code]
Special PHPMYADMIN(MySQL) Users :
[code]Tam Metinler Host User Password
Düzenle Sil localhost root *0D9A298D714FA9B944BC3625396549810F51AC1A
Düzenle Sil localhost postfixadmin *0D9A298D714FA9B944BC3625396549810F51AC1A
Düzenle Sil localhost pma
Düzenle Sil localhost postfix *0D9A298D714FA9B944BC3625396549810F51AC1A
Düzenle Sil localhost armen *816C4727178159A7A6BC2892EE9E313730336DB5[/code]
Open directory :
http://www.irex.am/arm/programs/
[code]$db_hostname = 'localhost';
$db_database = 'irexsite';
$db_username = 'armen';
$db_password = 'armen123#@!';[/code]
CMS-lərində LFİ var kim shell uplasa scripti çəkib vulnları tapıb 0day eləsin. Hamıya Uğurıar 
