Extracted File ~~> http://engardelinux.org <~~ #FailSecBR

1. Site: http://engardelinux.org
2. Arquivos do servidor
3. Por: @Spirit_Hacker1 && @Cracker_Failsec
4.  
5. FailSecurityBR, revolucionando a idéia ANONYMOUS no Brasil !
6.  
7. WE ARE ANONYMOUS ! WE ARE LEGION ! WE DON'T FORGIVE ! WE DON'T FORGET !
8. EXPECT US
9.  
10.  
11. =============================================================================================================================================
12. $$$$$$$$\ $$\ $$\ $$$$$$\ $$$$$$$\ $$$$$$$\
13. $$ _____| \__|$$ |$$ __$$\ $$ __$$\ $$ __$$\
14. $$ | $$$$$$\ $$\ $$ |$$ / \__| $$$$$$\ $$$$$$$\ $$ | $$ |$$ | $$ |
15. $$$$$\ \____$$\ $$ |$$ |\$$$$$$\ $$ __$$\ $$ _____|$$$$$$$\ |$$$$$$$ |
16. $$ __|$$$$$$$ |$$ |$$ | \____$$\ $$$$$$$$ |$$ / $$ __$$\ $$ __$$<
17. $$ | $$ __$$ |$$ |$$ |$$\ $$ |$$ ____|$$ | $$ | $$ |$$ | $$ |
18. $$ | \$$$$$$$ |$$ |$$ |\$$$$$$ |\$$$$$$$\ \$$$$$$$\ $$$$$$$ |$$ | $$ |
19. \__| \_______|\__|\__| \______/ \_______| \_______|\_______/ \__| \__|
20.  
21. ===========================================================================================================================================
22.  
23.  
24. The linux Engarde PWNED ?
25. Obs.: Os arquivos divulgados aqui, estão
26. sobre o acesso de todos ^^ Nada foi invadido!
27. Apenas divulgamos o que está livre !
28.  
29. Start /ryan/sm-changepass/sm-changepass-1.0.tar.gz.md5
30.  
31. 408dcbd25b1ffbad4b6fc02198f1563f sm-changepass-1.0.tar.gz
32.  
33. Start /ryan/sm-changepass/sm-changepass-1.0.tar.gz
34. #!/usr/bin/suidperl -wT
35.  
36. =begin comment info
37. +-----------------------------------------------------------------------------+
38. | Copyright 2003, Guardian Digital Inc.
39. | $Id: do_changepass.pl,v 1.1.1.1 2003/01/09 00:59:43 rwm Exp $
40. |
41. | Ryan W. Maple <ryan@guardiandigital.com>
42. +-----------------------------------------------------------------------------+
43. =end comment info
44. =cut
45.  
46. # use perl;
47. use Authen::PAM;
48. use CGI;
49. use strict;
50. use vars qw($username $old_pass $new_pass1 $new_pass2 $pamh $pam_state);
51.  
52. # Subroutine prototypes.
53. sub handle_error($@);
54. sub pam_conv_func()
55.  
56. # Make -T happy, become root.
57. $ENV{'PATH'} = '/usr/bin:/usr/sbin:/bin:/sbin';
58. $ENV{'BASH_ENV'} = '/etc/bashrc';
59. $< = 0;
60.  
61. # Get inputs.
62. my $q = new CGI;
63. $username = $q->param('username');
64. $old_pass = $q->param('old_pass');
65. $new_pass1 = $q->param('new_pass1');
66. $new_pass2 = $q->param('new_pass2');
67.  
68.  
69. #
70. # Input validation.
71. #
72. if (! $username) {
73. handle_error("'$username' is not a valid 'Username'", 0, 1);
74. }
75. elsif (! getpwnam($username)) {
76. handle_error("'$username' is not a valid 'Username'", 0, 1);
77. }
78. elsif (! $old_pass) {
79. handle_error("Please enter an 'Old Password'", 0, 1);
80. }
81. elsif (! $new_pass1) {
82. handle_error("Please enter a 'New Password'", 0, 1);
83. }
84. elsif (! $new_pass2) {
85. handle_error("Please verify your 'New Password'", 0, 1);
86. }
87. elsif ($new_pass1 ne $new_pass2) {
88. handle_error("The two 'New Passwords' do not match.", 0, 1);
89. }
90.  
91.  
92. # Initalizize PAM session.
93. my $rv;
94. $rv = pam_start('passwd', $username, \&pam_conv_func, $pamh);
95. $rv = pam_set_item($pamh, PAM_USER, $username);
96.  
97. # Authenticate user before we let them change their password.
98. $pam_state = "AUTHENTICATE";
99. $rv = pam_authenticate($pamh, 0);
100. if ($rv != 0) { handle_error("Incorrect 'Old Password'.", 0, 1); }
101.  
102. # Change the password.
103. $pam_state = "CHAUTH-AUTHEN";
104. $rv = pam_chauthtok($pamh, 0);
105. $rv = pam_end($pamh, 0);
106.  
107. # Exit gracefully.
108. handle_error("Password successfully changed.", 1, 0);
109. exit 0;
110.  
111. ################################################################################
112. sub pam_conv_func() {
113. my @rv = ();
114.  
115. while (@_) {
116. my $code = shift;
117. my $msg = shift;
118. my $ans = undef;
119.  
120. if ($code == &PAM_PROMPT_ECHO_OFF) {
121. if ($pam_state eq "AUTHENTICATE") {
122. $pam_state = "CHAUTH-AUTHEN";
123. $ans = $old_pass;
124. }
125.  
126. elsif ($pam_state eq "CHAUTH-AUTHEN") {
127. $pam_state = "CHAUTHTOK";
128. $ans = $new_pass1;
129. }
130.  
131. else { $ans = $new_pass1; }
132. }
133. # else { handle_error("Error: $msg", 0, 1); }
134.  
135. push @rv, &PAM_SUCCESS;
136. push @rv, $ans;
137. }
138.  
139. push @rv, &PAM_SUCCESS;
140. return @rv;
141. }
142.  
143. ################################################################################
144. sub handle_error($@) {
145. my $msg = shift || return undef;
146. my $die = shift;
147. my $foo = shift;
148.  
149. print "Content-type: text/html\n\n";
150.  
151. print "<HTML>\n";
152. print " <HEAD>\n";
153. print " <TITLE>Error!</TITLE>\n\n";
154. print " <SCRIPT LANGUAGE=\"JavaScript\">\n";
155. print " alert(\"$msg\");\n";
156. ($die)
157. ? print " window.location='/webmail/src/signout.php';\n"
158. : print " history.go(-1);\n";
159. print " </SCRIPT>\n";
160. print " </HEAD>\n";
161. print "</HTML>\n";
162.  
163. exit -1 if ($foo);
164. }
165.  
166.  
167. Start file /etc/group
168.  
169. root::0:root
170. nobody::99:
171. gdftp::502:dave,nick,pete,ben,rwm
172.  
173. Start file /etc/passwd
174.  
175. root:x:0:0:root:/root:/bin/bash
176. operator:*:11:0:operator:/root:
177. nobody:*:99:99:Nobody:/:
178. dave:x:501:110:Dave:/home/dave:/bin/bash
179. pete:x:503:110::/home/pete:/bin/bash
180. rwm:x:504:110::/home/rwm:/bin/bash
181. ben:x:505:110::/home/ben:/bin/bash
182. pax:x:511:110:Pax Dickinson:/home/pax:/bin/bash