Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- bluehost.com Hacked by Dark Knight for full dump visit http://darkknight.6te.net
- Server IP : 66.147.244.90 |
- Linux box790.bluehost.com 3.12.35.1418868052 #1 SMP Wed Dec 17 20:04:02 CST 2014 x86_64
- Apache | PHP 5.2.17
- cd account
- name server ips
- /etc/>cat nameserverips
- 54.252.175.135=dns1.ilisys.com.au
- 117.104.160.110=dns2.ilisys.com.au
- 117.104.164.110=dns3.ilisys.com.au
- 117.104.160.109=ns0.magic-moments.com.au
- 74.220.195.31=ns1.bluehost.com
- 117.104.164.110=ns1.magic-moments.com.au
- 69.89.16.4=ns2.bluehost.com
- /sbin/>cat /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- BOOTPROTO=none
- ONBOOT=yes
- TYPE=Ethernet
- IPADDR=50.87.248.78
- NETMASK=255.255.255.0
- GATEWAY=50.87.248.1
- /etc/>cat hosts
- 67.20.126.74 ntp.bluehost.com rdate.cpanel.net
- 74.220.195.50 www.bluehost.com main
- 67.20.126.88 rsync.cpanel.net httpupdate.cpanel.net layer1.cpanel.net layer2.cpanel.net updates.cpanel.net ftp.cpanel.net cpan.cpanel.net oldrdate.cpanel.net downloads.zend.com www.configserver.com www.cpanelthemes.com cpanelthemes.com files.status365.com files.betaservant.com netenberg.com www.cpanelskindepot.com
- 127.0.0.1 localhost
- 66.147.244.90 box790.bluehost.com box790
- /etc/backup/>cat mdadm.conf.2015-07-06.07.53
- DEVICES /dev/sda1 /dev/sda2 /dev/sda3 /dev/sdb1 /dev/sdb2 /dev/sdb3 /dev/sdc1 /dev/sdc2 /dev/sdd1 /dev/sdd2 /dev/disk/local/* /dev/mapper/* /dev/dm-*
- HOMEHOST <ignore>
- MAILADDR admins@bluehost.com
- ARRAY /dev/md0 metadata=1.0 UUID=9adfe1e9:a41fba8e:eda6b91e:5dbc03c0 name=bhrescue.pxe.bluehost.com:0
- ARRAY /dev/md1 metadata=1.0 UUID=79bdcace:5bf8f365:3e3a7d49:3d8867eb name=bhrescue.pxe.bluehost.com:1
- #ARRAY /dev/md2 UUID=df7058f9:5b879305:e8f11f45:e7d095e3
- #ARRAY /dev/md/0 metadata=1.0 UUID=daab2d9c:78bb53a9:dd141c0e:4815f818 name=bhrescue.pxe.bluehost.com:0
- #ARRAY /dev/md/1 metadata=1.0 UUID=d93c5952:0fc13d9c:2e548c06:d4b5e3c0 name=bhrescue.pxe.bluehost.com:1
- Some Information
- etc/ssh/>cat ssh_host_dsa_key.pub
- ssh-dss AAAAB3NzaC1kc3MAAACBAP7ej+1ODBD045nu1Ck44QWsyU4lM9mkaS1CXDIpM9cgO3v/+3t/NQdw63l0tbpi1MTC/I995zKMWm+VBdfpHWJ0PcEMohyFdptHV08Z8r6u9PxqRilzwIG9e39tD4cmxB75DcESgTQ7rjLT3Z8OH/0/vy+XG04E8m4RNED8nEURAAAAFQCp4eQHnl3cau1UgrUvDWl4/Sn4iwAAAIAFX/XPbFUxlL9J+reIqXmGwQGPCEwuW1peW27Ldt21hkSCyn0SQWQ00dQ3hh5z+JTwTi4hALY2hal34bHxe3/Nk5ejpdBzW9TwRfnAcwI7dQkBn+qXJnjM53/fsMBPi/3e2mTmWiIpHbbdANM1gvVbspD1yb2q7rtBK6EmOUbfEgAAAIEApZuKLKI4rVPiV1amD/HJJkRzhUKKzww/FhzSqJIu9HoYobV60ZGR1966PlqTMfKWBzmTCwYxyl3420Jl6uBFeAe3CbbQiRY0YUDpOW11OC/cscA5uXMD3b/+JgttiUWiaWKHuQh3wnTNMZGMPJ2q3jeiTALXSUEL7uS8fYTvSdY=
- cat ssh_host_key.pub
- 2048 65537 23626023828597082487093789329899381468929683155488117996746182178630660772754230710339399151176277727232632737217679488101679992537880678080117623260757396865912067511891070160860976777823826639401887997427188172513858545479652970368352289778026016887902353435258029972174367359005034691974520991643476807782281334959931104917793408364617941314963113793342117224088961615761210833023338399822354790499485209158056051294582448100402802615361353410330866534842613608077453971991199877447316574028796592270458262407786197219882667279082984089789363176439368291922545815330448755771616562965832678090693058491737502430299
- cat ssh_host_rsa_key.pub
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQvaEoiOPfB+QRUV14Z/7RJEKIUNgiaR8B+lXiE6fhl2x+Gkc3LwmdJPnBCGvBSW6c53tdDMgujkA9tWzha/wSfCuav4WIrwPJRfrGZLjlG3Na/rWvzEfplqEqReFJpiBPxC0on1rSYYdMENPHs6I94m9gnAvQCBnxGX75hVJwpxb/G/JN8kACR0OoFpMrThIwfTxuraSh7QyQkFErc797qdZtkiHfrNjRnKhoIt1t6KuuNlTNRcMxXeUiAGsBaf/Wh8dTmCyCBg0NZ8KhU+LGQTY1NrBJo18uzcBxEjTeZiDgHzzzmWkk4jQ23Fy6AJF4ozADtWQ5yH4f89U6l70d
- bin: root
- daemon: root
- adm: root
- lp: root
- sync: root
- shutdown: root
- halt: root
- mail: root
- news: root
- uucp: root
- operator: root
- games: root
- gopher: root
- ftp: root
- nobody: root
- radiusd: root
- nut: root
- dbus: root
- vcsa: root
- canna: root
- wnn: root
- rpm: root
- nscd: root
- pcap: root
- apache: root
- webalizer: root
- dovecot: root
- fax: root
- quagga: root
- radvd: root
- pvm: root
- amanda: root
- privoxy: root
- ident: root
- named: root
- xfs: root
- gdm: root
- mailnull: root
- postgres: root
- sshd: root
- smmsp: root
- postfix: root
- netdump: root
- ldap: root
- squid: root
- ntp: root
- mysql: root
- desktop: root
- rpcuser: root
- rpc: root
- nfsnobody: root
- ingres: root
- system: root
- toor: root
- manager: root
- dumper: root
- abuse: root
- newsadm: news
- newsadmin: news
- usenet: news
- ftpadm: ftp
- ftpadmin: ftp
- ftp-adm: ftp
- ftp-admin: ftp
- www: webmaster
- webmaster: root
- noc: root
- security: root
- hostmaster: root
- info: postmaster
- marketing: postmaster
- sales: postmaster
- support: postmaster
- /etc/>cat passwd
- root:x:0:0::/ramdisk/root:/ramdisk/bin/bash
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:12:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:12:Nobody:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- mailnull:x:47:47:Exim:/var/spool/mqueue:/bin/false
- rick:x:508:508::/ramdisk/home/rick:/ramdisk/bin/bash
- kdshamu:x:403:403::/admin/kdshamu:/bin/bash
- cody:x:405:405::/ramdisk/home/cody:/ramdisk/bin/bash
- csjewell:x:464:464::/ramdisk/home/csjewell:/ramdisk/bin/bash
- eweight:x:447:447::/ramdisk/home/eweight:/ramdisk/bin/bash
- jamie:x:461:461::/ramdisk/home/jamie:/ramdisk/bin/bash
- jcummings:x:482:482::/ramdisk/home/jcummings:/ramdisk/bin/bash
- jearl:x:394:394::/ramdisk/home/jearl:/ramdisk/bin/bash
- jjcall:x:477:477::/ramdisk/home/jjcall:/ramdisk/bin/bash
- paul:x:485:485::/ramdisk/home/paul:/ramdisk/bin/bash
- pbagley:x:474:474::/ramdisk/home/pbagley:/ramdisk/bin/bash
- rbrown:x:468:468::/ramdisk/home/rbrown:/ramdisk/bin/bash
- rchaudhry:x:418:418::/ramdisk/home/rchaudhry:/ramdisk/bin/bash
- robert:x:471:471::/ramdisk/home/robert:/ramdisk/bin/bash
- ryan:x:479:479::/ramdisk/home/ryan:/ramdisk/bin/bash
- sbhat:x:399:399::/ramdisk/home/sbhat:/ramdisk/bin/bash
- shashi:x:460:460::/ramdisk/home/shashi:/ramdisk/bin/bash
- sheppler:x:396:396::/ramdisk/home/sheppler:/ramdisk/bin/bash
- skumar:x:432:432::/ramdisk/home/skumar:/ramdisk/bin/bash
- stephen:x:475:475::/ramdisk/home/stephen:/ramdisk/bin/bash
- vjanardhan:x:431:431::/ramdisk/home/vjanardhan:/ramdisk/bin/bash
- named:x:25:25:Named:/var/named:/sbin/nologin
- cpanel:x:503:503::/var/cpanel/userhomes/cpanel:/bin/noshell
- cpanelhorde:x:504:504::/var/cpanel/userhomes/cpanelhorde:/bin/noshell
- cpanelphpmyadmin:x:505:505::/var/cpanel/userhomes/cpanelphpmyadmin:/bin/noshell
- cpanelphppgadmin:x:506:506::/var/cpanel/userhomes/cpanelphppgadmin:/bin/noshell
- cpanelroundcube:x:507:507::/var/cpanel/userhomes/cpanelroundcube:/bin/noshell
- mailman:x:510:510::/usr/local/cpanel/3rdparty/mailman:/bin/noshell
- cpaneleximfilter:x:511:511::/var/cpanel/userhomes/cpaneleximfilter:/bin/noshell
- tcpdump:x:72:72::/:/sbin/nologin
- tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
- xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
- postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
- mysql:x:393:393:MySQL server:/var/lib/mysql:/bin/bash
- dbus:x:81:81:System message bus:/:/sbin/nologin
- avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
- saslauth:x:392:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- _lldpd:x:324:324:LLDP daemon:/var/run/lldpd:/bin/false
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
- puppet:x:52:52:Puppet:/var/lib/puppet:/sbin/nologin
- rrdcached:x:323:323:rrdcached:/var/rrdtool/rrdcached:/sbin/nologin
- migration:x:66:66::/tmp/VhAuQ62wtw:/bin/bash
- rgubler:x:476:476::/ramdisk/home/rgubler:/ramdisk/bin/bash
- prajwalm:x:391:391::/ramdisk/home/prajwalm:/ramdisk/bin/bash
- mbonnell:x:441:441::/ramdisk/home/mbonnell:/ramdisk/bin/bash
- cpanellogin:x:32001:512::/var/cpanel/userhomes/cpanellogin:/bin/noshell
- cpanellogaholic:x:32002:513::/var/cpanel/userhomes/cpanellogaholic:/bin/noshell
- pastors5:x:3022:3024::/home3/pastors5:/bin/false
- theurbe2:x:2865:2867::/home2/theurbe2:/bin/false
- englewo7:x:2630:2632::/home5/englewo7:/bin/bash
- extendha:x:1370:1369::/home5/extendha:/bin/noshell
- pegandre:x:2021:2020::/home1/pegandre:/bin/noshell
- reedwate:x:2370:2372::/home5/reedwate:/bin/noshell
- justinr9:x:2216:2218::/home2/justinr9:/bin/noshell
- txonecal:x:1605:1604::/home4/txonecal:/bin/false
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement