.

martes, 21 de mayo de 2013

rs-labs.com[88.198.93.158] Semi-Comprometido

Buen dia!

Bueno, en este dia me paso algo extraño en irc-hispano estabamos todos en el canal #Hackers Tranquilos como es de constumbre y de pronto entro un nick "nico_montezco"

y yo dije: "joder...pero este de que va este nick usa el seudonimo de mi email nico_montezco@hotmail.com" asi que entre amablemente a conversar con el ....

Y Bueno supongo que fue él no creen en fin esto para mi fue una especie de insultito de niño molesto proque solo use por joder su Nick en mi ident!...asi que me puse a buscar en la web de RomanSoft (www.rs-labs.com):

Address lookup

canonical name	www.rs-labs.com.
aliases
addresses	88.198.93.158

Service scan

FTP - 21 220-------------------------------------------------------------------------------- 220-WARNING: To protect the system from unauthorized use and to ensure that the 220-system is functioning properly, activities on this system are monitored and 220-recorded and subject to audit. Use of this system is expressed consent to 220-such monitoring and recording. Any unauthorized access or use of this 220-Automated Information System is prohibited and could be subject to criminal 220-and civil penalties. 220-------------------------------------------------------------------------------- 220 This is a private system - No anonymous login 220 Logout.

SMTP - 25 220 mx.hosting-seguridad.com ESMTP Sendmail 8.14.2/8.14.1

HTTP - 80 HTTP/1.1 200 OK Date: Tue, 21 May 2013 16:02:52 GMT Server: Sun Java System Web Server 6.1 Last-Modified: Tue, 28 Apr 2009 16:56:13 GMT ETag: "5001b-750-468a05725e540" Accept-Ranges: bytes Content-Length: 1872 Connection: close Content-Type: text/html

POP3 - 110 Error: ConnectionRefused

IMAP - 143 Error: TimedOut

y pude entrar y ver algunas cosas como estas:

Software : Sun Java System Web Server 6.1. PHP/5.3.3-7+squeeze15 - php.ini
Safe Mode:ON (Secure)
Magic Quotes:ON
Uname -a : Linux hetzner 2.6.32-5-686-bigmem #1 SMP Fri May 10 09:11:45 UTC 2013 i686
Server IP : 88.198.93.158
Freespace : 107.25 MB of 9.84 GB (1.06%)
MySQL: ON MSSQL: ON Oracle: OFF MSSQL: ON PostgreSQL: ON cURL: ON WGet: OFF Fetch: OFF Perl: OFF
Disabled Functions: NONE

Y el "etc/passwd"

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
sshd:x:100:65534::/var/run/sshd:/usr/sbin/nologin
stunnel4:x:101:104::/var/run/stunnel4:/bin/false
postfix:x:102:107::/var/spool/postfix:/bin/false
cyrus:x:103:8:Cyrus Mailsystem User,,,:/var/spool/cyrus:/bin/sh
mysql:x:104:109:MySQL Server,,,:/var/lib/mysql:/bin/false
clamav:x:105:110::/var/lib/clamav:/bin/false
obs:x:106:106::/usr/local/obs:
amavis:x:107:111:AMaViS system user,,,:/var/lib/amavis:/bin/sh
bind:x:108:112::/var/cache/bind:/bin/false
firebird:x:109:113:Firebird Database Administator,,,:/var/lib/firebird2:/bin/bash
libuuid:x:110:114::/var/lib/libuuid:/bin/sh
messagebus:x:111:115::/var/run/dbus:/bin/false
mumble-server:x:112:116::/var/lib/mumble-server:/bin/false
ntop:x:113:117::/var/lib/ntop:/bin/false
arpalert:x:114:118:ARP Alerter,,,:/var/lib/arpalert:/bin/sh
arpwatch:x:115:119:ARP Watcher,,,:/var/lib/arpwatch:/bin/sh
uml-net:x:116:121::/home/uml-net:/bin/false
vde2-net:x:117:122::/var/run/vde2:/bin/false
sbnc:x:118:123::/var/lib/sbnc:/bin/false
oident:x:119:124::/:/bin/false
haldaemon:x:120:126:Hardware abstraction layer,,,:/var/run/hald:/bin/false
cl-builder:x:121:129::/usr/share/common-lisp/:/bin/false
avahi:x:122:130:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
stats:x:200:200::/nonexistent:/bin/sh
roman:x:1000:1000::/home/roman:/bin/bash
hs001:x:1001:1001::/clientes/rs-labs.com:/bin/false
hs001-http:x:1002:1001::/clientes/rs-labs.com/http:/bin/false
hs002:x:1003:1002::/clientes/cogollosdeguadix.com:/bin/false
hs002-http:x:1004:1002::/clientes/cogollosdeguadix.com/http:/bin/false
hs003:x:1005:1003::/clientes/bordadostudio.com:/bin/false
hs003-http:x:1006:1003::/clientes/bordadostudio.com/http:/bin/false
hs004:x:1007:1004::/clientes/cliner.com:/bin/false
hs004-http:x:1008:1004::/clientes/cliner.com/http:/bin/false
hs005:x:1009:1005::/clientes/hotelelpostigo.com:/bin/false
hs005-http:x:1010:1005::/clientes/hotelelpostigo.com/http:/bin/false
hs006:x:1011:1006::/clientes/gruasxauen.es:/bin/false
hs006-http:x:1012:1006::/clientes/gruasxauen.es/http:/bin/false
hs007:x:1013:1007::/clientes/gomusicco.com:/bin/false
hs007-http:x:1014:1007::/clientes/gomusicco.com/http:/bin/false
hs008:x:1015:1008::/clientes/centroopticoramonycajal.com:/bin/false
hs008-http:x:1016:1008::/clientes/centroopticoramonycajal.com/http:/bin/false
hs009:x:1017:1009::/clientes/acumula.es:/bin/false
hs009-http:x:1018:1009::/clientes/acumula.es/http:/bin/false
hs010:x:1019:1010::/clientes/agarimaria.com:/bin/false
hs010-http:x:1020:1010::/clientes/agarimaria.com/http:/bin/false
hs011:x:1021:1011::/clientes/ateneaxxi.com:/bin/false
hs011-http:x:1022:1011::/clientes/ateneaxxi.com/http:/bin/false
hs012:x:1023:1012::/clientes/hosting-seguridad.com:/bin/false
hs012-http:x:1024:1012::/clientes/hosting-seguridad.com/http:/bin/false
hs001-dsr:x:1025:1001::/clientes/rs-labs.com/ftp/dsr:/bin/false
hs013:x:1027:1027::/clientes/rootedcon.es:/bin/false
hs013-http:x:1028:1027::/clientes/rootedcon.es/http:/bin/false
hs001-god:x:1029:1001::/clientes/rs-labs.com/ftp/god:/bin/false
ftpbackup:x:1030:1030::/backup:/bin/sh
snort:x:1034:1034:SNORT_IDS:/var/log/snort:/bin/false
hs015:x:1035:1035::/clientes/grupomcg.es:/bin/false
hs015-http:x:1036:1035::/clientes/grupomcg.es/http:/bin/false
hs001-casav:x:1037:1001::/clientes/rs-labs.com/ftp/casavieja:/bin/false
int3pids:x:1039:1039::/home/int3pids:/bin/bash
hs016:x:1040:1040::/clientes/imfimplosion.com:/bin/false
hs016-http:x:1041:1040::/clientes/imfimplosion.com/http:/bin/false
etherpad-lite:x:1042:1042::/home/etherpad-lite:/bin/bash
hs017:x:1043:1043::/clientes/geodesic-cons.com:/bin/false
hs017-http:x:1044:1043::/clientes/geodesic-cons.com/http:/bin/false
pork:x:1045:1045::/home/pork:/bin/bash
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh

Los de Color ROJO es la web de romansoft y de color verde es porque esa web no etsa alojada ahi (no se que hace ese registroa ahi bueno..sera por esto: http://www.rs-labs.com/rooted2010-ctf/ ?? Ni idea xDD

ahora ese HS001 será el user de alguna db de la web porque analizando un dominio me encuentro que el usuario es este:

[12:26:42] [INFO] the back-end DBMS is MySQL
back-end DBMS: MySQL 5
[12:26:42] [INFO] fetching database users
[12:26:42] [INFO] fetching number of database users
[12:26:43] [INFO] resumed: 1
[12:26:43] [INFO] resumed: 'hs003'@'localhost'
database management system users [1]:
[*] 'hs003'@'localhost'

que corresponde a bordadostudio.com Uds mismos pueden comprobarlo...no se necesita de muchos conocimientos para entrar y ver el usuario de ese dominio...pero bueno la verdad me da flojera seguir asi que..no quise hacer más porque no estoy seguro que quien haya registrado mi Nombre sea Romansoft, pero si lo fue..solo te respondo con este post a lo que escribiste:

Y agrego... si mi "nivel" logro saber esa información y piensas que no tengo mucho nivel...entonces no se porque los que te odian y tienen mas "nivel" que este servidor no hacen nada.... xDDD

Eso es todo Que tengan Buen día!

tintaamarilla.es Hacked!

19:31 No comments

El sitio web http://www.tintaamarilla.es/ ha sido comprometido por nosotros y queremos hacer publico no hemos hecho deface pero hemos dejado un mensaje el cual lo pueden ver en el siguiente link:

http://www.tintaamarilla.es/.uber.txt

La informacion de la maquina comprometida es la siguiente:

Open Base Dir	/home/tinta/:/tmp:/var/tmp:/usr/local/lib/php/
Password File	*nix /etc/passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh postgres:x:31:32:postgres:/var/lib/postgres:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh operator:x:37:37:Operator:/var:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
Config Files
OS Version	Linux version 2.6.26-2-xen-686 (Debian 2.6.26-29) (dannf@debian.org) (gcc version 4.1.3 20080704 (prerelease) (Debian 4.1.2-25)) #1 SMP Mon Mar 5 02:55:27 UTC 2012
Kernel Version	sh: sysctl: command not found
Distrib Name	Debian GNU/Linux 5.0
Distrib Name (2)	cat: /etc/*-realise: No such file or directory
CPU Info	processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 26 model name : Intel(R) Xeon(R) CPU E5506 @ 2.13GHz stepping : 5 cpu MHz : 2133.408 cache size : 4096 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ss nx constant_tsc pni vmx ssse3 sse4_1 sse4_2 popcnt bogomips : 4269.66 clflush size : 64 power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 26 model name : Intel(R) Xeon(R) CPU E5506 @ 2.13GHz stepping : 5 cpu MHz : 2133.408 cache size : 4096 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ss nx constant_tsc pni vmx ssse3 sse4_1 sse4_2 popcnt bogomips : 4269.66 clflush size : 64 power management: processor : 2 vendor_id : GenuineIntel cpu family : 6 model : 26 model name : Intel(R) Xeon(R) CPU E5506 @ 2.13GHz stepping : 5 cpu MHz : 2133.408 cache size : 4096 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ss nx constant_tsc pni vmx ssse3 sse4_1 sse4_2 popcnt bogomips : 4269.66 clflush size : 64 power management: processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 26 model name : Intel(R) Xeon(R) CPU E5506 @ 2.13GHz stepping : 5 cpu MHz : 2133.408 cache size : 4096 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu tsc msr pae cx8 apic cmov pat clflush mmx fxsr sse sse2 ss nx constant_tsc pni vmx ssse3 sse4_1 sse4_2 popcnt bogomips : 4269.66 clflush size : 64 power management:
RAM	total used free shared buffers cached Mem: 2000 1883 116 0 147 1087 -/+ buffers/cache: 648 1351 Swap: 4087 9 4078
HDD Space	Filesystem Size Used Avail Use% Mounted on /dev/xvda1 80G 55G 22G 73% / tmpfs 1001M 0 1001M 0% /lib/init/rw udev 10M 464K 9.6M 5% /dev tmpfs 1001M 0 1001M 0% /dev/shm

Mount Options	/dev/xvda1 / ext3 defaults,usrquota,grpquota 1 1 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/xvda2 swap swap defaults 0 0
lynx installed?	/usr/bin/lynx
GET installed?	/usr/bin/GET
perl installed?	/usr/bin/perl
Where is Apache?	apache: /usr/lib/apache /usr/include/apache
Where is perl?	perl: /usr/bin/perl /etc/perl /usr/lib/perl /usr/local/lib/perl /usr/share/perl /usr/share/man/man1/perl.1.gz
Locate proftpd.conf	sh: locate: command not found
Locate httpd.conf	sh: locate: command not found
Locate my.conf	sh: locate: command not found
Locate psybnc.conf	sh: locate: command not found

Municipalidad Metropolitana de Lima !HACKED!

11:19 No comments

Navegando por diferentes paginas de diferentes gobiernos observando diferentes vulnerabilidades un amigo de Perú me retó a ver si podía entrar en la Municipalidad de su ciudad. Era nada menos que la Capital de Peru: Lima. La web en cuestion no la modifique porque eso de hacer un Deface me parece algo idiota pero aqui les dejo un enlace en donde podrán ver que he dejado un pequeño mensaje:

http://www.munlima.gob.pe/.uber.txt

y Aqui les dejo información sobre la maquina y las bases de datos halladas:

============

Software : Apache/2.2.20 (EL) DAV/2 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.20 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8.
Safe Mode:OFF (Not Secure)
Magic Quotes:ON
Uname -a : Linux centosweb.munlima.local 2.6.18-238.19.1.el5 #1 SMP Fri Jul 15 07:31:24 EDT 2011 x86_64
id : uid=48(apache) gid=48(apache) groups=48(apache)
Freespace : 49.49 GB of 189.89 GB (26.06%)

Bases de datos

	Base de datos	Cotejamiento
	blog	latin1_swedish_ci
	casa	latin1_swedish_ci
	ciclolimaxD	latin1_swedish_ci
	cultura	latin1_swedish_ci
	db_webcl	latin1_swedish_ci
	encuentramepexD	latin1_swedish_ci
	lamuni	latin1_swedish_ci
	limaculturaxD	latin1_swedish_ci
	limaverdexD	latin1_swedish_ci
	munlima	latin1_swedish_ci
	mysql	latin1_swedish_ci
	newportal	latin1_swedish_ci
	portalweb	latin1_swedish_ci
	postal	latin1_swedish_ci
	test	latin1_swedish_ci
	visitalimaxD	latin1_swedish_ci

cat /etc/passwd:

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
hsqldb:x:96:96::/var/lib/hsqldb:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
newrelic:x:101:103:New Relic monitoring daemon:/:/sbin/nologin
rrdcached:x:102:104:rrdcached:/var/rrdtool/rrdcached:/sbin/nologin
cacti:x:103:105:cacti:/var/www/cacti:/bin/sh

Distrib Name

CentOS release 5.6 (Final)

Información de Sistema:

processor : 0
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 0
siblings : 2
core id  : 0
cpu cores : 2
apicid  : 0
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

processor : 1
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 0
siblings : 2
core id  : 1
cpu cores : 2
apicid  : 1
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

processor : 2
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 1
siblings : 2
core id  : 0
cpu cores : 2
apicid  : 2
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

processor : 3
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 1
siblings : 2
core id  : 1
cpu cores : 2
apicid  : 3
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

processor : 4
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 2
siblings : 2
core id  : 0
cpu cores : 2
apicid  : 4
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

processor : 5
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 2
siblings : 2
core id  : 1
cpu cores : 2
apicid  : 5
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

processor : 6
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 3
siblings : 2
core id  : 0
cpu cores : 2
apicid  : 6
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

processor : 7
vendor_id : GenuineIntel
cpu family : 6
model  : 37
model name : Intel(R) Xeon(R) CPU           E5649  @ 2.53GHz
stepping : 1
cpu MHz  : 2527.000
cache size : 12288 KB
physical id : 3
siblings : 2
core id  : 1
cpu cores : 2
apicid  : 7
fpu  : yes
fpu_exception : yes
cpuid level : 11
wp  : yes
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx
fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc ida nonstop_tsc arat pni ssse3 cx16 sse4_1
sse4_2 popcnt lahf_lm
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management: [8]

HDD Space

Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
                      190G  131G   50G  73% /
/dev/sda1              99M   20M   75M  21% /boot
tmpfs                 3.9G     0  3.9G   0% /dev/shm
//172.20.4.88/Web76/  800G -2.4T  3.2T   -  /var/web-backup

Mount Options

/dev/VolGroup00/LogVol00 /                       ext3    defaults        1 1
LABEL=/boot             /boot                   ext3    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
/dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0

cURL installed?	/usr/bin/curl
lynx installed?	which: no lynx in (/sbin:/usr/sbin:/bin:/usr/bin)
links installed?	/usr/bin/links
fetch installed?	which: no fetch in (/sbin:/usr/sbin:/bin:/usr/bin)
GET installed?	/usr/bin/GET
perl installed?	/usr/bin/perl

Where is perl?	perl: /usr/bin/perl /opt/omni/bin/perl /usr/share/man/man1/perl.1.gz
Locate httpd.conf	/etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.old /etc/httpd/conf/httpd.conf~ /instaladores/seg/httpd.conf /usr/share/system-config-httpd/httpd.conf.xsl

CAT HOST:

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1  localhost.localdomain localhost
::1  localhost6.localdomain6 localhost6
172.25.16.76 centosweb.munlima.local centosweb
172.23.16.76 centosweb.munlima.local centosweb
172.23.16.250 MMLSRVADM.munlima.local MMLSRVADM

  Syslog Config

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*       /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;news.none;authpriv.none;cron.none  /var/log/messages

# The authpriv file has restricted access.
authpriv.*      /var/log/secure

# Log all the mail messages in one place.
mail.*       -/var/log/maillog


# Log cron stuff
cron.*       /var/log/cron

# Everybody gets emergency messages
*.emerg       *

# Save news errors of level crit and higher in a special file.
uucp,news.crit      /var/log/spooler

# Save boot messages also to boot.log
local7.*      /var/log/boot.log

#
# INN
#
news.=crit                                        /var/log/news/news.crit
news.=err                                         /var/log/news/news.err
news.notice                                       /var/log/news/news.notice

Hacked Reniecgob.pe By Ubercracker - Method: XSS

17:29 No comments

SERVICIO HACKING A TU DISPOSICIÓN

Base de Datos de Ife.org.mx en VENTA

Anonymous Hacked by UberCracker hack team :)

Radio UberCracker hack team ONLINE!

Nuevo: Curso C++ Completo: Descubre todos sus secretos

WEBCHAT

martes, 21 de mayo de 2013

rs-labs.com[88.198.93.158] Semi-Comprometido

Address lookup

Service scan

martes, 14 de mayo de 2013

tintaamarilla.es Hacked!

lunes, 6 de mayo de 2013

Municipalidad Metropolitana de Lima !HACKED!

Bases de datos

miércoles, 24 de abril de 2013

Hacked Reniecgob.pe By Ubercracker - Method: XSS

Facebook

RADIO ONLINE

Buscar este blog

Popular Posts

Archivo del blog

Recent Posts

Suscribirse

Pages

WEBCHAT

martes, 21 de mayo de 2013

Address lookup

Service scan

martes, 14 de mayo de 2013

lunes, 6 de mayo de 2013

Bases de datos

miércoles, 24 de abril de 2013

Social Profiles

Facebook

RADIO ONLINE

Buscar este blog

Popular Posts

Archivo del blog

Recent Posts

Suscribirse

Pages