daily pastebin goal
44%
SHARE
TWEET

Owned & Exposed - srblche.com

a guest Oct 10th, 2011 4,638 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Owning the big Skid.
  2.  
  3. Target  [http://srblche.com]
  4.  
  5. Due security reasons. Srblche's published has become a private community you need to pay 29.99$ monthly to enjoy the daily vulnerabilities view.
  6. Payment through LR ID: U4562589 - If you done your payment email me with your payment details at: Srblche@gmail.com so you can receive access details
  7.  
  8. Anyone willing to pay for this service must be as stupid as he is.
  9.  
  10.  
  11. Server software: Apache
  12. Server IP: 69.167.176.192
  13. Disabled PHP Functions: show_source, system, shell_exec, passthru,phpinfo, exec,popen, proc_open
  14.  
  15. $ uname -a
  16. Linux nairahost.web4africa.net 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:20 EST 2010 x86_64
  17.  
  18. http://srblche.com/private/
  19.  
  20. Due security reasons. Srblche's published has become a private community you need to pay 29.99$ monthly to enjoy the daily vulnerabilities view.
  21.  
  22. $ cat /home/srblchec/public_html/private/.htaccess
  23. AuthName "Srblche's published is a private community. You will need to buy access."
  24. AuthUserFile "/home/srblchec/.htpasswds/public_html/private/passwd"
  25. AuthType Basic
  26. require valid-user
  27.  
  28. $ cat /home/srblchec/.htpasswds/public_html/private/passwd
  29. Srblche:$apr1$n1f7_Y1S$KN4PBd5A0XRKyeesekhUo1
  30. dal33t:$apr1$50MTHbJo$ZTnmor4sFUbkQ6BmfXVXA.
  31. phisher:$apr1$PRhQSIth$Sl5Mi0c9uBpaHVRJ62HZh/
  32. adam:$apr1$Y9DMCoDB$JdzFLFykbAO02eef6/WNt.
  33. zied:$apr1$3LhCqLbN$r2tCLLCNeQzgyklNy/Jpk/
  34. srblchec:$apr1$VaEiq5SJ$Ikx/5awaXmpPDgG1wARyv.
  35. varun:$apr1$k2no4fcy$PQhu4h3Yq2zVaXyqmd8j//
  36. yaacea:$apr1$uzNHOTjT$SVmVMfcR1SUFGFeoC/Xbi.
  37. d0rian:$apr1$KBgtnCr_$yvOXAjVeTs2FxHq7W1Dak.
  38. injection:$apr1$H4q1Pk1J$P2dz5AsnfttPQ0llSKQ5U1
  39. badhackz8t:$apr1$psudy0xj$84TG0nIRxJGoMaEtOLO7L/
  40. epsilon:$apr1$0RGOU4HG$e4HR/hul0RBFJdbPC7KOZ0
  41. genius89:$apr1$yHt2LKih$pXwChiieZpMqIsxd63JGc1
  42. swpower:$apr1$STX19Mz6$v9Utgw2FD3zSlnmR1981A/
  43. Farhan:$apr1$fy5gcs7N$IyOgwNa550flJjWoQyfUK0
  44. pop:$apr1$3521NwCU$kSkR0jcM7QisZMqJIBnfC1
  45. fortezza:$apr1$SJc7Sfdf$w95s.7yMRLTU2Wf4d0jtE.
  46. m4v3r1ck:$apr1$8EIGYyfd$320efzNhjmPyVXj304aeo1
  47. micky:$apr1$x9HBQVoI$MEUYcmaUHCRmEixHhbAHD1
  48. slack3r:$apr1$r6qAOETf$i6beu3HcsxIFnP6iqV2IL.
  49. balkanb0y:$apr1$mYsyqUwj$QriLuhu1iBl.R1FLvnK1P1
  50. Zer0x:$apr1$Xi59iiJk$/WfM/K51XlkGBgNE3V7TK0
  51. heylow:$apr1$jc81XkyJ$LeKwkce6PF8xWtt6gdrLK/
  52. joel:$apr1$_QBQfeLy$8oXe9Xt7m1clPJoPMRiAV1
  53. porno:$apr1$kImP9KpN$TjSjCFCwYpV20xfZaV6P//
  54.  
  55.  
  56.  
  57. http://www.srblche.com/private/adminlogin.php
  58.  
  59. $ cat /home/srblchec/public_html/private/adminlogin.php
  60. <?php
  61. ini_set('display_errors', 0);
  62. session_start();
  63.  
  64. $adminuser = 'Srblche';
  65. $adminpass = 'Ilovetofuckyouallthetime';
  66.  
  67.         if($_SESSION['login']) { header('Location: add_new_vuln_site3322.php'); exit(); }
  68.  
  69.         $user = $_POST[user];
  70.         $pass = $_POST[pass];
  71.         if(isset($_POST['login'])){
  72.                 if($user == $adminuser && $pass == $adminpass)
  73.                         {      
  74.                                 $_SESSION['login'] = true;
  75.                                 $_SESSION['username'] = $user;
  76.                                 header('Location: add_new_vuln_site3322.php');
  77.                         }else{
  78.                        
  79.                                 $error = 'Username or password is incorrect.';
  80.                         }
  81.         }
  82. ?>
  83.  
  84.         <p><form action="" method="post">
  85.                 <p><label>User </label><input type="text" name="user" class="tb" /></p>
  86.                 <p><label>Password </label><input type="password" name="pass" class="tb" /></p>
  87.                 <input type="submit" name="login" value="Login" class="btn" />
  88.         </form></p>
  89.         <?php echo '<p style="color: red;">'.$error.'</p>'; ?>
  90.  
  91.  
  92.  
  93. #Database Info
  94.  
  95. $ cat /home/srblchec/public_html/private/connect.php
  96. <?php
  97.  
  98. // database connection info
  99. $conn = mysql_connect('localhost','srblchec_dbuse','X_3fe$1M^zZ&') or trigger_error("SQL", E_USER_ERROR);
  100. $db = mysql_select_db('srblchec_fulldb',$conn) or trigger_error("SQL", E_USER_ERROR);
  101.  
  102. ?>
  103.  
  104.  
  105. If interested in the database contact by email.
  106.  
  107.  
  108.  
  109. Greetings to Kishan and D33Ds Co.
  110.  
  111. More at http://d33ds.org/Zine/
  112.  
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top