__| || |__ \ __ / | || | /_ ~~ _\ |_||_|

_____ _____/ |_|__| ______ ____ ____ \__ \ / \ __\ |/ ___// __ \_/ ___\ / __ \| | \ | | |\___ \\ ___/\ \___ (____ /___| /__| |__/____ \ \___ \ \___ | \/ \/ \/ \/ \/

#anonymous #antisec #solidarity

################################################################################ COMBINEDSYSTEMS DEFACED AND RM'D BY ANONYMOUS ON ANNIVERSARY OF BAHRAIN UPRISING So you war profiteering all crazy, selling mad chemical weapons to militaries and cop shops around the world, thin ing you will get away unscathed by the rising tides of insurrection? Thin again, assholes. Combined Systems, lay down your arms: you just lost the game. In the past we have marched on your offices in Jamestown, Pennsylvania: now it is time to march on your websites. All your "less than lethal" arms were simply no match for our 9000 coc s and mad blac hat technique. We came, we saw, we rooted and rm'd your website. Umad? From the streets of Oa land to Tahrir Square, to Palestine, Greece, Bahrain and Syria, your sinister instruments of torture and brutality have been used by the vile swine enforcers of the rich ruling classes to repress our revolutionary movements. You shot and gassed protesters, running them off public par s in the US. Several dozen died because of your tear gas used in Egypt. You wave the Israeli flag outside of your offices, while just two months ago your tear gas cannisters fired by the IDF illed a man in the West Ban . Did you thin we forgot? Why did you not expect us? In addition to dumping name, address, phone and password information for dozens of CSI employees and clients, our tag team of mayhem went the extra mile by dumping email for some of the pigs ordering anti-protester gear off their shitty website. We also hit sur-tec.com, some shitty CCTV surveillance company owned by former FBI director Clarence M. Kelley (their password was 'government'). Do you thin they will appreciate the irony of being owned due to buying "security" products from a compromised website? How long do you thin we had your website bac doored, capturing all incoming customers registrations and orders? 42? If you ever get your website bac up, do you thin you will be anything more than a shadow of your former self? Will your clients ever trust you again? Unfortunately, some random paypal phisher also hac ed and abused the server. This noob was reported to the sysadmins by google, forcing us to move forward with our plans ahead of schedule. To the system administrators and web developers who aided and abetted CombinedSystems.com, we got something for your asses too (and it's more than getting pounded with 9000 dildos at maximum vibration speed): if you so much as lift a finger to support CSI in rebuilding their websites, we will post all your mail on you and all your clients (a a The Lolcaust). Any other brave whitehats want to step up to CSI's defense? To our hac er allies, our fellow occupiers, our militant comrades all around the world, the time for tal is over: it's time to hac and smash, beat and shag. Each and every #Fuc FBIFriday we will ma e war on the infrastructure of the military prison industrial non-organic complex, targeting all war profiteers, corporate executives, white hats, snitches and pigs. We're coming to loot, plunder, and ma e all their base belong to us. You really thin you can crush the spirit of the Arab Spring, the Occupation Movement, and Anonymous with tear gas and subpoenas?! Mothafuc a, our mad s ills iz bulletproof. Now let's bust out that hac log! www.yinrunning.com aeoniun.com -> www.aeoniun.com alittlebirdbizdev.com -> www.alittlebird

Oct 23 2010 ba _SLS_10_23_2010 Mar 3 2010 bo.tensquirrel.com Mar 25 2010 cambridgechurch.org -> www.cambridgechur Apr 4 2011 cbts.edu -> www.cbts.edu Apr 5 2011 clinicalris solutions.com -> www.clinica Sep 15 17:24 combinedsystems.com -> www.combinedsyste Apr 26 2009 cragarwheel.com -> www.cragarwheel.com Sep 22 2010 crs.tensquirrel.com -> www.clinicalris s Sep 17 00:28 csi.mar branding.com -> www.combinedsyst Apr 5 2011 dealers.dioaccessories.com -> dealers.gs Mar 15 2010 dealers.gstdio.com

Dec 10 2010 dsto.tensquirrel.com Apr 5 2011 gstdio.com -> www.gstdio.com Jan 13 16:50 handcuffsusa.com -> www.combinedsystems. Jul 17 2009 hawleywoodfilms.com -> www.hawleywoodfil Apr 8 2011 wotez.tensquirrel.com Jan 13 16:50 less-lethal.com -> www.combinedsystems.c May 11 2011 lilbird.tensquirrel.com -> www.alittlebi

Apr 15 2011 milcahsolutions.com -> www.milcahsolutio Apr 15 2011 milcahsolutions.tensquirrel.com -> www.m Jul 10 2008 milesincdesign.com -> www.milesincdesign Apr Apr Apr Jan Mar 4 5 20 13 16 2011 2011 2010 16:50 2010 mysql.tensquirrel.com new new.mar branding.com pennarms.com -> www.combinedsystems.com petitepawsbnb.com -> www.petitepawsbnb.c

Sep 17 11:40 plusovella.com -> www.plusovella.com Apr 5 2011 signlanguagespecialists.com -> www.signl Jun 16 2010 sls.tensquirrel.com Oct 5 2010 sls.yinrunning.com -> sls.tensquirrel.co Oct 14 2009 squirrel.tensquirrel.com Nov 2 2009 sumrallcommunications.com -> www.sumrall Apr 5 2011 sur-tec.com -> www.sur-tec.com Mar 26 2011 surtec.mar branding.com -> www.sur-tec.c Sep Mar Feb May Jun Nov Nov May Sep Sep 29 16 8 17 16 2 29 11 6 2 2009 2010 14:30 2010 2011 14:04 11:16 2011 10:49 2009 tensquirrel.com -> www.tensquirrel.com txt.txt voltage.tensquirrel.com webmail.tensquirrel.com wor .yinrunning.com wor shop.tensquirrel.com www.aeoniun.com www.alittlebirdbizdev.com www.cambridgechurch.org www.cambridgechurch.org~

Aug Nov Apr Apr

20 14 15 15

11:59 18:16 2011 2011

mail.tensquirrel.com mar branding.com -> www.mar branding.com mehtaphor.com -> www.mehtaphor.com mehtaphor.tensquirrel.com -> www.mehtaph

lrwxrwxrwx 1 ftp ftp 18 com lrwxrwxrwx 1 ftp ftp 18 lrwxrwxrwx 1 ftp ftp 14 lrwxrwxrwx 1 ftp ftp 13 lrwxrwxrwx 1 ftp ftp 13 lrwxrwxrwx 1 ftp ftp 13 drwxrwxrwx 4 ftp ftp 4096 lrwxrwxrwx 1 ftp ftp 20 l.com drwxrwxrwx 4 ftp ftp 4096 lrwxrwxrwx 1 ftp ftp 14 lrwxrwxrwx 1 ftp ftp 23 com lrwxrwxrwx 1 ftp ftp 23 ms.com drwxrwxrwx 4 ftp ftp 4096 lrwxrwxrwx 1 ftp ftp 23 om lrwxrwxrwx 1 ftp ftp 25 rdbizdev.com drwxr-xr-x 2 ftp ftp 4096 lrwxrwxrwx 1 ftp ftp 20 lrwxrwxrwx 1 ftp ftp 17 lrwxrwxrwx 1 ftp ftp 17 or.com lrwxrwxrwx 1 ftp ftp 23 ns.com lrwxrwxrwx 1 ftp ftp 23 ilcahsolutions.com lrwxrwxrwx 1 ftp ftp 22 .com drwxrwxrwx 3 ftp ftp 4096 -rwxrwx--- 1 ftp ftp 466 drwxr-xr-x 4 ftp ftp 4096 lrwxrwxrwx 1 ftp ftp 23 lrwxrwxrwx 1 ftp ftp 21 om lrwxrwxrwx 1 ftp ftp 18 lrwxrwxrwx 1 ftp ftp 31 anguagespecialists.com drwxrwxrwx 4 ftp ftp 4096 lrwxrwxrwx 1 ftp ftp 19 m drwxr-xr-x 4 ftp ftp 4096 lrwxrwxrwx 1 ftp ftp 29 communications.com lrwxrwxrwx 1 ftp ftp 15 lrwxrwxrwx 1 ftp ftp 15 om lrwxrwxrwx 1 ftp ftp 19 -rwxrwxrwx 1 ftp ftp 1 drwxrwxrwx 4 ftp ftp 4096 drwxrwxrwx 4 ftp ftp 4096 drwxrwxrwx 5 ftp ftp 4096 drwxr-xr-x 4 ftp ftp 4096 drwxrwxrwx 4 ftp ftp 4096 drwxrwxrwx 4 ftp ftp 4096 drwxrwxrwx 4 ftp ftp 4096 drwxrwxrwx 4 ftp ftp 4096

Aug 22 19:11 devin.tensquirrel.com -> www.devinwolfe. Aug Mar Mar Mar Apr Jul Dec 22 10 28 28 5 1 10 19:11 2010 2011 2011 2011 2010 2010 devinwolfe.com -> www.devinwolfe.com dioaccessories.com -> www.gstdio.com dmi.tensquirrel.com -> www.dmi c.com dmifloors.com -> www.dmi c.com dmi c.com -> www.dmi c.com dns.tensquirrel.com dsto.mar branding.com -> dsto.tensquirre

4 ftp ftp 4096 Jan 28 2010 www.hawleywoodfilms.com 5 ftp ftp 4096 Nov 11 2009 www.hawleywoodfilms.com~ 1 ftp ftp 23 Jan 13 16:50 www.less-lethal.com -> www.combinedsyste

4 4 4 4 4 4 5 1

ftp ftp ftp ftp ftp ftp ftp ftp

ftp ftp ftp ftp ftp ftp ftp ftp

4096 4096 4096 4096 4096 4096 4096 18

Mar Sep Jun Oct Oct Mar Jun Jun

16 17 16 30 12 1 18 4

2010 11:40 2010 2009 18:04 2010 2009 2008

www.petitepawsbnb.com www.plusovella.com www.signlanguagespecialists.com www.sumrallcommunications.com www.sur-tec.com www.tensquirrel.com www.yinrunning.com yinrunning.com -> www.yinrunning.com

# cd /var/www/vhosts/combinedsystems.com/docroot; ls -al total 164 drwxrwxrwx 23 ftp ftp 4096 Feb 13 19:57 . drwxrwxrwx 4 ftp ftp 4096 Feb 10 18:54 .. -rwxrwxrwx 1 ftp ftp 95 Sep 15 17:24 .htaccess drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:52 _css drwxr-xr-x 3 ftp ftp 4096 Jan 13 10:46 _img drwxr-xr-x 3 ftp ftp 4096 Sep 16 15:53 _inc~ drwxr-xr-x 3 ftp ftp 4096 Sep 16 15:53 _js drwxrwxr-x 4 ftp ftp 4096 Feb 10 12:12 _pdf drwxr-xr-x 2 ftp ftp 4096 Oct 31 11:11 cart -rw-r--r-- 1 ftp ftp 6690 Jan 11 13:09 categories.php drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:54 categories~ drwxr-xr-x 15 ftp ftp 4096 Feb 13 17:52 cc -rw-r--r-- 1 ftp ftp 196 Dec 22 15:23 comingsoon.php drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:58 contact drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:58 content -rw-r--r-- 1 ftp ftp 5957 Dec 22 15:15 createAccount.form.php~ drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:58 distributors drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:58 download drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:58 events drwxr-xr-x 4 ftp ftp 4096 Sep 16 15:58 fancybox~ -rw-r--r-- 1 ftp ftp 0 Sep 16 15:52 favicon.ico -rw-r--r-- 1 ftp ftp 14003 Dec 22 15:31 findDistributor.php~ -rw-r--r-- 1 ftp ftp 2487 Jan 12 13:54 index.php drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:58 login -rw-r--r-- 1 ftp ftp 2434 Jan 11 13:14 login.form.php drwxr-xr-x 2 ftp ftp 4096 Oct 31 11:13 myaccount drwxr-xr-x 2 ftp ftp 4096 Sep 16 15:58 news -rw-r--r-- 1 ftp ftp 24 Dec 26 18:56 phpInfo.php

4 4 4 3 1

ftp ftp ftp ftp ftp

ftp ftp ftp ftp ftp

4096 4096 4096 4096 23

Oct Apr Apr Feb Jan

1 15 15 14 13

13:47 2011 2011 2009 16:50

www.mar branding.com www.mehtaphor.com www.milcahsolutions.com www.milesincdesign.com www.pennarms.com -> www.combinedsystems.

drwxrwxrwx drwxrwxrwx drwxrwxrwx drwxrwxrwx drwxrwxrwx lrwxrwxrwx lrwxrwxrwx drwxrwxrwx drwxrwxrwx lrwxrwxrwx ems.com drwxrwxrwx drwxrwxrwx lrwxrwxrwx ms.com drwxrwxrwx drwxrwxrwx drwxrwxrwx drwxrwxrwx lrwxrwxrwx com drwxrwxrwx drwxrwxrwx drwxrwxrwx drwxrwxrwx drwxrwxrwx drwxr-xr-x drwxrwxrwx lrwxrwxrwx

4 4 4 4 4 1 1 4 4 1

ftp ftp ftp ftp ftp ftp ftp ftp ftp ftp

ftp ftp ftp ftp ftp ftp ftp ftp ftp ftp

4096 4096 4096 4096 4096 14 13 4096 4096 23

May Sep Feb Jul Aug Mar Mar Mar Mar Jan

9 22 10 6 22 10 28 28 10 13

2011 2010 18:54 2009 19:11 2010 2011 2011 2010 16:50

www.cbts.edu www.clinicalris solutions.com www.combinedsystems.com www.cragarwheel.com www.devinwolfe.com www.dioaccessories.com -> www.gstdio.com www.dmifloors.com -> www.dmi c.com www.dmi c.com www.gstdio.com www.handcuffsusa.com -> www.combinedsyst

-rw-r--r-drwxr-xr-x drwxr-xr-x -rw-r--r--rw-r--r--rw-r--r-drwxr-xr-x drwxr-xr-x

1 2 2 1 1 1 2 2

ftp ftp ftp ftp ftp ftp ftp ftp

ftp ftp ftp ftp ftp ftp ftp ftp

3339 4096 4096 6863 2112 29 4096 4096

Jan Sep Jan Jan Jan Feb Sep Jan

5 16 5 18 6 13 16 10

15:25 15:58 16:18 12:32 14:48 19:57 15:58 10:36

productDetail.php products quote requestAccount.form.php resetPW.form.php robots.txt search training

# cd /var/www/vhosts/sur-tec.com/docroot; ls -al total 164 drwxrwxrwx 33 ftp ftp 4096 Feb 10 18:59 . drwxrwxrwx 4 ftp ftp 4096 Oct 12 18:04 .. -rwxrwxrwx 1 ftp ftp 87 Mar 26 2011 .htaccess drwxr-xr-x 6 ftp ftp 4096 May 1 2011 NOT-ME drwxr-xr-x 2 ftp ftp 4096 Apr 6 2011 _css drwxr-xr-x 9 ftp ftp 4096 Jul 16 2011 _img drwxr-xr-x 2 ftp ftp 4096 Mar 1 2011 _js drwxr-xr-x 2 ftp ftp 4096 Jul 15 2011 _pdf drwxr-xr-x 3 ftp ftp 4096 Jun 2 2011 _swf -rw-r--r-- 1 ftp ftp 9143 Oct 3 11:41 access-request.php drwxr-xr-x 2 ftp ftp 4096 Jul 16 2011 cameras drwxr-xr-x 2 ftp ftp 4096 Mar 23 2011 company drwxr-xr-x 2 ftp ftp 4096 Jan 5 2011 content-to-sort drwxr-xr-x 2 ftp ftp 4096 Jul 15 2011 datalauncher drwxr-xr-x 2 ftp ftp 4096 Jul 15 2011 datalauncher-e drwxr-xr-x 2 ftp ftp 4096 Jul 16 2011 enclosures drwxr-xr-x 2 ftp ftp 4096 Mar 21 2011 exhibit-schedule -rw-r--r-- 1 ftp ftp 1406 Jan 5 2011 favicon.ico drwxr-xr-x 2 ftp ftp 4096 Jul 6 2011 home -rw-r--r-- 1 ftp ftp 1955 Jun 2 2011 index.php -rw-r--r-- 1 ftp ftp 326 Oct 19 12:17 login.php -rw-r--r-- 1 ftp ftp 305 Oct 20 08:44 login_sprint.php drwxr-xr-x 2 ftp ftp 4096 Mar 7 2011 mvss drwxr-xr-x 2 ftp ftp 4096 Apr 2 2011 request drwxr-xr-x 2 ftp ftp 4096 Oct 20 10:16 sprint drwxr-xr-x 3 ftp ftp 4096 Mar 27 2011 support drwxr-xr-x 2 ftp ftp 4096 Mar 29 2011 vantage drwxr-xr-x 2 ftp ftp 4096 Apr 30 2011 vp-alliance drwxr-xr-x 2 ftp ftp 4096 Jul 15 2011 vp-android drwxr-xr-x 2 ftp ftp 4096 Jul 15 2011 vp-avg drwxr-xr-x 2 ftp ftp 4096 Apr 30 2011 vp-enterprise-server drwxr-xr-x 2 ftp ftp 4096 Jul 15 2011 vp-insider drwxr-xr-x 2 ftp ftp 4096 May 9 2011 vp-mobile drwxr-xr-x 2 ftp ftp 4096 Apr 30 2011 vp-pes drwxr-xr-x 2 ftp ftp 4096 Apr 30 2011 vp-server-standard drwxr-xr-x 2 ftp ftp 4096 May 9 2011 vpmobile drwxr-xr-x 2 ftp ftp 4096 May 20 2011 vpserveractivation drwxr-xr-x 2 ftp ftp 4096 Feb 27 2011 wireless drwxr-xr-x 2 ftp ftp 4096 Mar 23 2011 xoa # cat login.php # cat login_sprint.php # cat vpserveractivation/index.php Untitled Document # cd /var/www/vhosts; # tar -czf sur-tec.tar.gz sur-tec.com & # tar -czf csi.tar.gz combinedsystems.com & # cd ~root; ls -al total 228 drwx------ 8 root drwxr-xr-x 19 root -rw------- 1 root -rw-r--r-- 1 root -rw------- 1 root drwx------ 2 root -rw------- 1 root

root root root root root root root

4096 4096 10300 0 35 4096 4407

Aug Apr Feb Apr May Sep Jun

20 17 10 19 10 14 14

16:06 2008 23:58 2007 2008 2010 2011

. .. .bash_history . eep .lesshst .lin s .mysql_history

-rw-------rw-------rw------drwxr-xr-x drwxr-xr-x -rw-r--r-drwxr-xr-x -rw-r--r--rwxrwx--drwx------rw-r--r--rwxr-xr-x drwxr-xr-x -rw-r--r--rwxr-xr-x -rwxrwx---

1 1 1 2 3 1 3 1 1 2 1 1 3 1 1 1

root root root root root root root ftp root root root root root root root ftp

root 1318 Nov 2 13:52 .php_history root 19422 Apr 17 2008 .pinerc root 1024 Jan 5 19:01 .rnd root 4096 Jun 22 2009 .ssh root 4096 Jul 10 2009 .subversion ssmtp 104510 Jan 31 14:38 dead.letter root 4096 Jul 10 2009 django ftp 9716 Oct 2 2008 ez_setup.py root 26 Jun 10 2008 ftpPerms.sh root 4096 Apr 17 2008 mail root 112 Apr 22 2008 mail.php root 180 Jun 4 2008 my_emerges.txt root 4096 Jul 10 2009 orbited root 504 Jul 28 2011 passwords.php root 3451 Jun 30 2010 qmail-filter.sh ftp 223 Jun 30 2010 setup-filter.sh

# cat ftpPerms.sh chown ftp:ftp /var/www -R # cat .bash_history */ // An ordered array of the ids of the addressboo s that should be searched // when populating address autocomplete fields server-side. ex: array('sql','Ver isign'); $rcmail_config['autocomplete_addressboo s'] = array('sql'); // ---------------------------------// USER PREFERENCES // ---------------------------------// Use this charset as fallbac for message decoding $rcmail_config['default_charset'] = 'ISO-8859-1'; // s in name: folder from s ins/ $rcmail_config['s in'] = 'default'; // show up to X items in list view $rcmail_config['pagesize'] = 40; // use this timezone to display date/time $rcmail_config['timezone'] = 'auto'; // is daylight saving On? $rcmail_config['dst_active'] = (bool)date('I'); // prefer displaying HTML messages $rcmail_config['prefer_html'] = true; // display remote inline images // 0 - Never, always as // 1 - As if sender is not in address boo // 2 - Always show inline images $rcmail_config['show_images'] = 0; // compose html formatted messages by default $rcmail_config['htmleditor'] = false; // show pretty dates as standard $rcmail_config['prettydate'] = true; // save compose message every 300 seconds (5min) $rcmail_config['draft_autosave'] = 300; // default setting if preview pane is enabled $rcmail_config['preview_pane'] = false; // Mar as read when viewed in preview pane (delay in seconds) // Set to -1 if messages in preview pane should not be mar ed as read $rcmail_config['preview_pane_mar _read'] = 0; // focus new window if new message arrives $rcmail_config['focus_on_new_message'] = true; // Clear Trash on logout

$rcmail_config['logout_purge'] = false; // Compact INBOX on logout $rcmail_config['logout_expunge'] = false; // Display attached images below the message body $rcmail_config['inline_images'] = true; // Encoding of long/non-ascii attachment names: // 0 - Full RFC 2231 compatible // 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) // 2 - Full 2047 compatible $rcmail_config['mime_param_folding'] = 1; // Set true if deleted messages should not be displayed // This will ma e the application run slower $rcmail_config['s ip_deleted'] = false; // Set true to Mar deleted messages as read as well as deleted // False means that a message's read status is not affected by mar ing it as del eted $rcmail_config['read_when_deleted'] = true; // Set to true to newer delete messages immediately // Use 'Purge' to remove messages mar ed as deleted $rcmail_config['flag_for_deletion'] = false; // Default interval for eep-alive/chec -recent requests (in seconds) // Must be greater than or equal to 'min_ eep_alive' and less than 'session_life time' $rcmail_config[' eep_alive'] = 60; // If true all folders will be chec ed for recent messages $rcmail_config['chec _all_folders'] = false; // If true, after message delete/move, the next message will be displayed $rcmail_config['display_next'] = false; // 0 - Do not expand threads // 1 - Expand all threads automatically // 2 - Expand only threads with unread messages $rcmail_config['autoexpand_threads'] = 0; // When replying place cursor above original message (top posting) $rcmail_config['top_posting'] = false; // When replying strip original signature from message $rcmail_config['strip_existing_sig'] = true; // Show signature: // 0 - Never // 1 - Always // 2 - New messages only // 3 - Forwards and Replies only $rcmail_config['show_sig'] = 1; // When replying or forwarding place sender's signature above existing message $rcmail_config['sig_above'] = false; // Use MIME encoding (quoted-printable) for 8bit characters in message body $rcmail_config['force_7bit'] = false; // Defaults of the search field configuration. // The array can contain a per-folder list of header fields which should be cons idered when searching // The entry with ey '*' stands for all folders which do not have a specific li

st set. // Please note that folder names should to be in sync with $rcmail_config['defau lt_imap_folders'] $rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'= >1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); // 'Delete always' // This setting reflects if mail should be always deleted // when moving to Trash fails. This is necessary in some setups // when user is over quota and Trash is included in the quota. $rcmail_config['delete_always'] = false; // end of config file echo "" > main.inc.php nano main.inc.php ssh mail cd /var/www/vhosts/ ./new www.aeoniun.com aeoniun.com cd /var/bac up/mysql/ ls ls -l grep '`roundcube' mysql_all.dmp.1 grep '`roundcube' mysql_all.dmp.1 -N grep '`roundcube' mysql_all.dmp.1 -n grep 'USE `' mysql_all.dmp.1 -n sed -n '4692,4897 p' mysql_all.dmp.1 > roundcubemail.sql ls nano roundcubemail.sql cd /var/www/vhosts/wor shop.tensquirrel.com/docroot/widespread/ ls -al cat index.html top rc-status ssh mail passwd squ1rr3lm3 passwd uptime drives cd /var/www/vhosts/ du -sh . du -sh * drives cd .. du -sh * cd ../../ du -sh * cd /var du -sh * cd log du -sh * cd apache2/ ls ls -h ls -hl mv access_log access_log~ touch access_log ls ls -lh /etc/init.d/apache2 restart ls -lh rm access_log~ drives

cd /etc/ cd ../var cd www cd vhosts ls cd csi.mar branding.com/ ls cd docroot/ ls cd _img ls ls -al chmod 777 products ls -al exit ls cd ../ ls cd var/www ls cd vhosts cd csi.mar branding.com/ cd docroot cd cc ls cd c editor/ ls cd filemanager/ ls cd -al ls -al chmod 777 userfiles lsl -al ls -al exit cd ../ ls cd var/www/vhosts/ cd csi.mar branding.com/ cd docroot/cc ls cd c editor/filemanager/ ls ls -al chmod 777 userfiles ls -al cd ../ls cd ../ ls ls -al chmod 777 filemanager ls -al cd /var/www ls cd vhosts/www.combinedsystems.com/ ls cd docroot ls cd cc/c editor ls

cd filemanager/ ls -al cd ../../ ls cd ../ ls cd la -al ls -al chmod 777 .htaccess cd ../ ls cd docroot ls nano .htaccess exit cd /var/www/vhosts/www.petitepawsbnb.com/docroot/ ls -al chmod 755 index.php cd admin/ ls ls -al chmod 755 index.php ls -al * cd .. cd .. find . -type f -name *php -exec chmod 755 {} \; ls -al * find . -type f -name *php -exec chmod 744 {} \; ls -al * find . -type f -name *php -exec chmod 766 {} \; ls -al * cd /etc/apache2/ssl/ ls cd 2011 ls cd .. ls m dir 2012 cd 2012 ls ls ../2011 ls ../2010 ls /usr/local/bin df -h w openssl genrsa -out www.cbts.edu. ey 2048 openssl req -new - ey www.cbts.edu. ey -out www.cbts.edu.csr ls cat *.csr cd /etc/apache2/ssl/ ls cd 2012 ls nano -w www.cbts.edu.crt ls -lh chmod 400 * ls -lh nano -w /etc/apache2/httpd.conf /etc/init.d/apache2 restart cd /var/www/vhosts

ls cd csi.mar branding.com/ ls cs docroot/ ls cd docroot/ ls cd _img ls ls -al cd /var/www/vhosts cd combinedsystems.com/ ls cd docroot ls cd _img ls ls -al exit cd /var/www/vhosts/ ls ln -sf www.combinedsystems.com www.pennarms.com ln -sf www.combinedsystems.com pennarms.com ln -sf www.combinedsystems.com less-lethal.com ln -sf www.combinedsystems.com www.less-lethal.com ln -sf www.combinedsystems.com www.handcuffsusa.com ln -sf www.combinedsystems.com handcuffsusa.com cd www.combinedsystems.com/ du -sh . ifconfig ifconfig cat /etc/resolv.conf rc-status /etc/init.d/metalog restart rc-status /etc/init.d/mysql start ps aux | grep mysql /etc/init.d/mysql restart cd /var/www/vhosts/ ls *mail* ssh mail cd mail.tensquirrel.com/ ls ssh mail cd /var/www/vhosts/www.cambridgechurch.org/docroot/ ls cd contact/ ls nano index.php cd /var/www/vhosts/ ./new voltage.tensquirrel.com cd php passwords.php cd /var/www/vhosts/www.cbts.edu/docroot/ ls cd Paypal.com ls less Pay_EN.php ls -al ls -lu

ls -lc cd WEBSCR-640-20101004-1/ ls ls -al ls * cd .. cd .. rm -r Pay* ls cd / cd /var/www/vhosts/ find . type f -name *Paypal* find . type f -name *Paypal* -exec rm -r {}\; find . type f -name *Paypal* -exec rm -r {}; find . type f -name *Paypal* -exec rm -rf {}; rm -r www.sur-tec.com/docroot/Pay* rm -r www.combinedsystems.com/docroot/cc/c editor/filemanager/userfiles/Pay* find . type f -name *Paypal* find . -type f -name *Paypal* find . -type d -name *Paypal* clear cd www.combinedsystems.com/docroot/cc/c editor/filemanager/userfiles/ ls ls cheddar_bay/ cd .. ls less ReadMe.txt cd userfiles/ cd .. ls less user.php ls scripts/ ls -al cd userfiles/ cd cheddar_bay/ less cheddar_bay.sh less cheddar_bay.sh getent getent --help cd ../../ rm -r userfiles/ ls rm user.php ls less connector.inc.php tail dme dmesg | tail cd /var/log/ ls cd sshd/ ls tail current cd ../pwdfail/ ls tail current cd /var/www/vhosts/www.sur-tec.com/docroot/ ls cd 1 ls cd ..

rm -r 1* rm user.php rm fleurshi-.-.php less access-request.php cd datalauncher ls less index.php less login cd .. less login.php clear cd .. cd .. find . -type f -name *fleur* find . -type f -name user.php cd www.combinedsystems.com/ ls less user.php rm user.php cd docroot/ ls ls cgi_bin/ less cgi_bin/index.php rm -r cgi* ls cd ../../ find . -type d -name *cgi* find . -type d -name *zip find . -type d -name *1* find . -type f -name *1* find . -type f -name *zip find . -type f -name Final-production-files* find . -type f -name Final-production-files* -exec rm -r {} \; cd www.combinedsystems.com/docroot/cc/c editor/filemanager/ ls -al ls .manage/ rm -r .manage/ ls -al less ReadMe.txt cd .. ls chmod 766 filemanager/ ls ls -al chmod 755 filemanager/ ls -al chmod 755 filemanager/ -R find . -type f -name *sh rm -r _samples/ cd .. ls cd c editor~ ls cd filemanager/ ls ls -al cd userfiles/ ls -al cd ../../ cd ../

ls less index.php ls users/ cd ../../includes/ ls ls lib/ less master.class.php less lib/site.class.php less prepend.php~ cd ../docroot/cc/ ls cd lib ls cd lib ls less Permission.php cd .. less admin.init.php ls cd lib less DF.php clear cd /var/www/vhosts/ grep -h grep --help grep -i paypal * -R tail /var/log/everything/current cd /var/log/apache2/ grep fleur access_log tail -n 2000 access_log > snip.log grep fleur snip.log grep fleur Paypal.com grep fleur Paypal.com snip.log grep 'Paypal' snip.log grep '41.200.63.234' access_log > snip.log cd /var/www/vhosts/ find . -type f -name *gz cd /var/log/apache2/ ls ls -l grep fleur error_log cd /var/www/vhosts/www.combinedsystems.com/docroot/cc/ ls mv c editor .c editor rm -r c editor~ find . -type f -name uploadtest* find . -type f -name *test* cd .c editor/ find . -type f -name *test* # cat .ssh/* ssh-dss AAAAB3NzaC1 c3MAAACBALTusKcd1w5RSRD8xq zZ0K/2FGFF9SDuts5SjL53mh09spbBKVe ezSiz2LqCpnooO649tGnUDBYp9e8eDn845PUx79X1HtN+jabqAD5+ZLJ cp0IOwdU4d2qiZYwNNJyf2Y ScdQXIXlaPlxt2tV2RI2OJPXewr4PQqsrogTSqtVAAAAFQCL64xTJWFjYynfKqoQadQviVOXXwAAAIBo xAwlQg62XZO9 CEXyJnN8M/OSyED1jtGcfulisGiK1dOv7oDHaPWCb7Lwu6sGP53sA747ciidXBOSoxN tmuDnKYmXyQq3K/a42dnpUMlufwVRbHX27iOxzdbaQL7IOmB07oZ95+vxVeITCAaQY8Lt7lKs+1VY83v hzNZBCvJwQAAAIEAicNBsi0KidsYh1Kb2 dE8z98WfUQVomtf5Pr+zlYU+N6EDM5d3lja8G5A2LYMdiW 0fPWYTh8wapwwpS6lsTpsERJzeF9HACug46YvjFwMunsr37dMF8Lcegn61iKDjsxJVEKHyD+sBtMby8s gplZy4Y8Ux4dWhZEb1Ad4ZLvoLc= geeojr@one ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAs3tWolNRJ6atYIX 0W FB1FOeKo71XLYGGE/mpJYAKKq

4QqDTEuxgxPB4MxhJEg+VIYIcZixEZ+1njh83bobb6Id7x2S63PIg2XoDKfn0t9TUnrSJUbbrwdw4AWi oFXjTb 5NvWngFhQW1sW+pGfzTs0TejCXD8J7+4CMnJqo4HKb3ii5N2oZ2YjNMqdy0dXChAeru6zdWYf 2ccxxzBLuxdo4rgoYwafWG83pxO2D1DBCO8GOeUmOdpfTy1D4St9T9zImIyG+zYDg PB+JBz9KH3I348 64g5Rro8FUbtPSGSRbE27WR5Y2OHrBF8OzH03gGB6qrPxixWb/aXaxi+yw== jgeeo@fuji ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsSQc+lG487maU5LROdvXUb3dtQzEA1xcOlYaoFiIOOEt a2d/0x7S0SPxvwpjpem5lO50O5K/yPxJGyEPzcSa8 16I3ujIUCtMNlUjCo6/KNOBaGbLGvedbjECm5g Vgx04lANC8uVZIVQt5cSxPwAthyn64varQPus060B6pZFEs+QZM1+uBMAT4vj/RB3m B2+mwL2CdhT/ 0GT5/ijCs5ECqco7DZmG9O2t1YX3iXegpCQcMq/BKEAJOI/gE0IXe9XT+HLuTGEdhU gO57Ss3E0M7q4 oWuOAzXZAzvvbxwqU7 i/HG9Th0gNEKyfcveio1F6sK/ZKfAxYAG5eBW9w== geeojr@two ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAotlHRfPpO6j2jM4 +swF7V1fFMIc7T0hS93hEAWP4WUD 6gTW3TNbh9pe2SFLiBvn3m1MUgEvz4GtpH9Ety6B45/q2y4Cf4CKZqAmWDXVpY5 frGK+ZW88tCXGwqh i0wMzVIY5LeHcIaRWUzswZr3U6oi0IXGz hzeE1L2K8+IIzIjmLHPaA3 zgWuQttvLz3yjKcWZGEUg/A 22JXHm/XXKQlmi0f3iD7rJJ CR3/QjORjQmruOp6uQ31ndNFN7jspGxPtH+4roCOPoXzPiOjlWdCeowZ /mdLnxDH7IA+gSV/nciigq4AyPgWFiE5K+U6SA5K0rG8dqloozDELAQ51Q== root@zero ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxcszrBEYcXYKdyPdJA9aiGoVXb9vvy8KutFlKjZIvJxs pZnbsdFwj8+g2AFLGWXE98AlXYXdzTupjdU9thmy5TTnSvvT4EVMIr7rPp0b7aodZaaH/EIjal +9qHQ g7PUhtLE1SL2SqF/Vc5OvxR4cu dDRm1Z+o1/nIu2nitDaUuD // pILKVg0Hr5grDmPPiqAcf2wvrac PYTErzje8TBOq0J CC6EmsH5ptAzsm+cjRoE5hvHbuXG+gR3ecr4HtHPXwut6goqYEAbHddaVlMoxsKE xEdHlrxUzXK+OPjwQ35bqjA31L2FValYCC8rbte0CmrX5gReVjtAqnzgQ== geeojr@one ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzZlG+uPSQfd8e9UhnjuefL/HuISgfYVVbbIHCydDdXmj ZMq6 dXKdG4JC65G6pQbhe/ Gc8rumv1QUL O4N f3h/0QLCWiBAsEFysOJcQY1M1aZUIVH6H 5wAQsU Z5TY+LP7dQVEsd3KYwbSnU1ucmBc5LXY4mXbNF6+iEgjLsInYxmDyHezNBs/v1fq0GUSyICNwYyL4pdu e638RDopLlQ8ctRLxrz86LMGXAecP/E3N50KfFRXum7rfoudDTWKF 0DAYJ93EfJrzic2GFZZmJwVPA1 xfKdcGGLdYTAOrh0zdM245fU4KqQKuozdx0h62ULuoRxbLFh3S h0 J93Q== root@fs0 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0UnumTWKqtXFoXuQHa56KWN B9UH5OzoXaWvxhFdliCc +jrJbV0A98RGE88CR8wMUDW6sya3tir8P3DajPZTLPCzggvVstwGwGPo9QFaqgpREjjCb mEoKRbE691 uA7+2I4B6eZ AIHAHYoPmU8zEoCJCp2n3ybugzadLDD51x9s/1cvVDUIVwmDU2GhzfjiKOGmFd9+QxV+ heWyOvsrS4ufayZzCtej1gu4O RWvDWVs319Di5uvZ5XyQbDzWydVfLTvsYXJbWm8S8f41S+X24eNtAi H8eF69ZpSzf1ff8pHKqOB6HdWXin1/4U8hfThJSKHlfPeottXXTQM6wnfQ== root@ c1 66.6.112.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwjOL3bBin510vUN8UZvpQrAztjPU00glM EApXmZULxV/VHHJgsPuH3vUgH4bppF/0c0uGTR3QKGC+zdsUQ7AbxXi4o2C+WsbTvLWaMhPh +jrPDHg ovts5vpVTwg6LnEKRLenZo5ivhcix1eoX2XCqdLw xVyCD/iXfgvsYaOLx58QVDquacVZ74 uJY1/67G lYwVvRCn1EYZlL+K5F4f95y4eXp9jI4MEs/riNU6sQlWs380cQ8clO5Fh8L5bdriZ0b/dm775IR4iEpD YRVIqP/fmVZ5XO++upO84BZyeLGErxSaNw52vIe/c6uaC/2fKtnOchKiyQNZG2u8MxjWw== fs0.rivercitynet.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwjOL3bBin510vUN8UZvpQrA ztjPU00glMEApXmZULxV/VHHJgsPuH3vUgH4bppF/0c0uGTR3QKGC+zdsUQ7AbxXi4o2C+WsbTvLWaMh Ph +jrPDHgovts5vpVTwg6LnEKRLenZo5ivhcix1eoX2XCqdLw xVyCD/iXfgvsYaOLx58QVDquacVZ7 4 uJY1/67GlYwVvRCn1EYZlL+K5F4f95y4eXp9jI4MEs/riNU6sQlWs380cQ8clO5Fh8L5bdriZ0b/dm 775IR4iEpDYRVIqP/fmVZ5XO++upO84BZyeLGErxSaNw52vIe/c6uaC/2fKtnOchKiyQNZG2u8MxjWw= = fs1. rombie.net,208.110.93.110 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAut1wInovVXvG6 odiRAAJNDg1X1p A4RljV686HBysaOG9 vh SQc2 SvdIrfWxg VLaWdlIvnqD/aR X+Mh9whCaZWTD YdmXtfIZ7SnYxgBqSwsLyrqnCLCaSD 3lHVSN5IlFwxENT/wgub3uINvs+QaeDTC4CRJmsClPS6RLCcm Aq4K R7Uwqr1jo3FlZitNRmKHyv0vxrmY7HaHBR5QRChj8 UrxjSyocmA2szRPYEBbMg NCteyg376gj KAyq2ds79KI+2M5AMotIbJOJnC95OMQOhjf8Qa5swRR3aO1rf9X6hehuhFwb/4O9F80v2SJx+PhBlq D wY0lee0Zw== mail.tensquirrel.com,69.30.233.89 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArb+3YCSUu6 eupDt9zeqSQhbF2Ne7B0ww8LjL95F1f97299E2Mnf5s3dDLZ5Xi/UcVKjGP71ijcNRO6 EEKcb7/1nS/ LO+ewe7B1t/vSbd6+R6XeztVy+N1Vmml04rZGUmyECfL2Ry188rjYJW/S8/jtEF1tYNoSMZEzn4BYREL 5CYRf3zG4I Dwhxo7QiV7JCbd4PPc+8O2t2LqPzI9c+smddRYbeHp2wzCLcxN9fRf4e jzqJTw+G//7 Np5v+bRSpyvUrx1Cev8aWG7lhUd1Dqf/NqU8jFYCv6Uj 6HomG2uYntjdrjWsNvd0zB0bCHLSScw22rN lE+aEZxUbnTQ== mail ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLh D02 Flxwn2hGI31YfgBZSh2J5XaX/cD4DTVen5q2h0MyAbtgJy301l2EZpIXdt2i4bRT+/inCr8a0Z0h 1tjA= # cd /var/bac up; ls -al total 16 drwxr-xr-x 3 root root 4096 May 10 2010 .

drwxr-xr-x 17 root root 4096 Dec 14 2010 .. -rwxrwx--- 1 root root 914 Dec 2 2010 bac up_mysql.sh drwxr-xr-x 2 root root 4096 Feb 13 00:00 mysql # cat bac up_mysql.sh #!/bin/bash rm /var/bac up/mysql/mysql_all.dmp.10 && mv /var/bac up/mysql/mysql_all.dmp.9 /var/bac up/mysql/mysql_all.dmp.10 && mv /var/bac up/mysql/mysql_all.dmp.8 /var/bac up/mysql/mysql_all.dmp.9 && mv /var/bac up/mysql/mysql_all.dmp.7 /var/bac up/mysql/mysql_all.dmp.8 && mv /var/bac up/mysql/mysql_all.dmp.6 /var/bac up/mysql/mysql_all.dmp.7 && mv /var/bac up/mysql/mysql_all.dmp.5 /var/bac up/mysql/mysql_all.dmp.6 && mv /var/bac up/mysql/mysql_all.dmp.4 /var/bac up/mysql/mysql_all.dmp.5 && mv /var/bac up/mysql/mysql_all.dmp.3 /var/bac up/mysql/mysql_all.dmp.4 && mv /var/bac up/mysql/mysql_all.dmp.2 /var/bac up/mysql/mysql_all.dmp.3 && mv /var/bac up/mysql/mysql_all.dmp.1 /var/bac up/mysql/mysql_all.dmp.2 && mv /var/bac up/mysql/mysql_all.dmp /var/bac up/mysql/mysql_all.dmp.1 && mysqldump -u root -pbigGoat -r /var/bac up/mysql/mysql_all.dmp -A echo "MySQL Bac up Run Done `ls -l /var/bac up/mysql/`" # rm -rf /* & // BLACK BLOC ATTACK!!!!1

################################################################################ Tal to you then! ~B On 11/09/2011 04:44 PM, Paul Davies wrote: > We await with baited breath... 10:30 it is.. > > Conference Dial-in Number: (218) 844-8230 > Participant Access Code: 624522# > > tal to you tomorrow. > > Paul > > > Paul Davies > President, MARK Corporate Branding > > 104 East 5th Street, Suite 200 I Kansas City, MO 64106 I c] 816.520.1791 I p] 816.256.3477 I f] 816.326.0888 I pdavies@MARKbranding.com I www.M ARKbranding.com > > P.S. Please don't eep us a secret! Your referrals are the lifeblood of our b usiness. If you now someone who would appreciate the high level of service we provide, please call us immediately, and we will be happy to follow up! Than yo u. > > > > > > On Nov 9, 2011, at 4:29 PM, Paul Ford wrote: > >> Just to confirm 10:30A tomorrow. >> -- P >> >>

>> From: Paul Davies >> Date: Tue, 8 Nov 2011 11:56:06 -0600 >> To: Paul Ford >> Subject: Re: CSI Site Lin >> >> Thursday 10, 10:30 it is!! I'll initiate the call. >> >> paul >> >> >> Paul Davies >> President, MARK Corporate Branding >> >> 104 East 5th Street, Suite 200 I Kansas City, MO 64106 I c] 816.520.1791 I p] 816.256.3477 I f] 816.326.0888 I pdavies@MARKbranding.com I www. MARKbranding.com >> >> P.S. Please don't eep us a secret! Your referrals are the lifeblood of our business. If you now someone who would appreciate the high level of service we provide, please call us immediately, and we will be happy to follow up! Than y ou. >> >> >> >> >> >> On Nov 8, 2011, at 11:04 AM, Paul Ford wrote: >> >>> Can we do 1030am ? >>> >>> Paul Ford >>> Sent from my iPhone >>> >>> On Nov 8, 2011, at 11:44 AM, Paul Davies wrote: >>> >>>> Paul, >>>> >>>> I forwarded this on to Bec y, our programmer. We'd li e a conference call w ith you on Thursday morning, 10:00 am or thereabouts... can you be available? If not... shoot bac a possible time. Thx. >>>> >>>> Paul >>>> >>>> >>>> Paul Davies >>>> President, MARK Corporate Branding >>>> >>>> 104 East 5th Street, Suite 200 I Kansas City, MO 64106 I c] 816.520.179 1 I p] 816.256.3477 I f] 816.326.0888 I pdavies@MARKbranding.com I ww w.MARKbranding.com >>>> >>>> P.S. Please don't eep us a secret! Your referrals are the lifeblood of ou r business. If you now someone who would appreciate the high level of service we provide, please call us immediately, and we will be happy to follow up! Than you. >>>> >>>> >>>> >>>> >>>>

>>>> On Nov 7, 2011, at 11:07 PM, Paul Ford wrote: >>>> >>>>> Paul, My answers are below: >>>>> >>>>> On Nov 4, 2011, at 3:52 PM, Paul Davies wrote: >>>>> >>>>>> Paul, >>>>>> >>>>>> I'm hoping you are now recovered from your travels and might find some ti me to loo at where we are on the web site. Here's the lin to the dev site: >>>>>> >>>>>> http://csi.mar branding.com/ >>>>>> >>>>>> >>>>>> We have a few questions for you as we're twea ing things: >>>>>> >>>>>> 1. Handcuffs and Aerosol products are the only ones that can be purchased online - is that still correct? >>>>> [Paul Ford] This is still correct. That's not to say that in the future we won't add other products, li e gun cleaning its, weapons sights for the 40MM o r other less lethal products that a police officer can purchase himself or a pri vate citizen could buy. I don't see any differentiation from my brief visit to t he site or any area designated as a store. Loo s li e you can put anything in a shopping bas et. >>>>>> >>>>>> 2. Each product has 2 prices, Distributor Price and Agency Price. In ord er to determine who sees what price, customers will need to log in and their acc ount needs to be able to determine which price they see. From our notes, the pla n for this is to allow customers to request an account. CSI will then grant the m access and assign them a status of Distributor or Agent. Currently, all price s are showing on the site - we will remedy this after we tal with you to confir m this feature. >>>>> [Paul Ford] That is correct. I see three variations here. You tell me whet her or not we can do one or all three. >>>>> 1. Distributors & Independant reps can have access to the site to see curr ent prices (agency and distributor prices). >>>>> 2. Distributor Special Price Request - Often our distributors are receivin g requests for price quotes. We call them RFQs. These can be very informal and m ost times are, li e faxes, emails and just a telephone call. Or they can be form al and published by the agency. Especially if it is a larger opportunity. At any rate, the distributor nows they are in a competitive situation, so they have t o offer the best price they can. So what happens then is they call me and as fo r better pricing, lower than published distributor price. What I would li e is f or a distributor to be able to request a special price quote from CSI by designa ted the items and quantities. They can also give me us information, li e: >>>>> - What agency is requesting the price >>>>> - When is the bid due >>>>> - And maybe a message at the bottom of the where they put in any incidenta l info. >>>>> 3. An officer from a Police Agency, should be able to log on to the site, select certain items and name the quantity and receive a "Budgetary Quote." I th in we should call it a budgetary quote, because everything will be listed at Ag ency Price. If they were to call their distributor and get the same quote it wou ld be the distributor's discretion on what price and generally be much lower tha n this. I don't want to scare an agency off, when they get these quotes. Hence, we stress "Budgetary Quote." >>>>>> >>>>>> 3. How are the details of the Merchant account coming along? Has a merch ant account been established and if so, with which vendor? We will need a us ername and password for that account in order to set up the API connection code.

>>>>> I do remember Bec y going over this and this has not been done. We are pro bably going to need a refresher and I am delegating this responsibility to Amber to get done. >>>>>> >>>>>> 4. The only product images we have are on the existing site. If there are updated images to be used, please direct us to those. Otherwise, we will leave the images out for now and allow you to update those yourselves. >>>>> Multiple steps here. Again, I'm delegating to Amber / requesting her assis tance. It will ta e both of us. >>>>> 1. Amber figure out a way to get this organized we can ta e inventory and account for what we have, then save them with logical file names. Li e by model numbers. the The 12GA Super Soc should be something li e 2581_1.jpg and 2581_2 .jpg. There is a column on this spreadsheet to enter the files names of photos. >>>>> 2. Amber we need to go through our current inventory of digital files and what is currently on our website and see what we have. I cannot find the rewor e d images that Steve Jones did for the updated CTS Less Lethal Brochure. >>>>> 3. Once we now what we are missing, we'll need a plan to get the photos. >>>>> >>>>>> >>>>>> 5. We would li e to go over the Request A Quote feature with you again be cause our notes on that are pretty old and we had some outstanding questions tha t we don't thin we've come to a conclusion on. >>>>> See number two. But I will be available on Thursday and Friday to spend as much time as necessary discussing. >>>>>> >>>>>> 6. We have listed the products in Categories and Subcategories according to the Excel file you sent, but we will want to go over the categorization with you to ma e sure we've got everything in the correct place. >>>>> Agreed >>>>>> >>>>>> Let me now if you want to tal about this, I can conference call Bec y o ur programmer in also, whatever you are ready for >>>>> Let's do definitely get together on Thursday or Friday. This is ta ing mor e time than we first discussed, but li e I said I'm o ay with it. I just want to have this done and live before SHOT Show January 16. >>>>>> < Hi, Paul: Sounds good. Sales tax, I definitely want to go over to ma e sure I'm covering that base properly for you. Not sure about the insurance issue - that may be mo re internal than website-related, but I loo forward to our conversation tomorro w to get everything ironed out and your new site ready on its way to launch. ~B On 11/09/2011 05:35 AM, Paul Ford wrote: > Becca, I'm sharing some of the comments from our VP of finance with you. I thi n her concerns are a little bit over stated, but I do need to discuss these wit h you when we tal on Thursday. > -- P > > > From: Janet Scott > Organization: Combined Systems, Inc. > Date: Tue, 8 Nov 2011 15:57:01 -0500 > To: Richard Edge > Cc: Paul Ford

> Subject: FW: Merchant Account for new web site > > Are you aware of this? > > > > There are all inds of issues, sales tax, insurance, etc that need to be discu ssed before we jump into this. > > > > If we do not plan it properly, it will not become my emergency. > > > > > > Janet > > > > From: Amberlyn Jones [mailto:ajones@combinedsystems.com] > Sent: Tuesday, November 08, 2011 3:13 PM > To: 'Janet Scott' > Cc: 'Paul Ford' > Subject: FW: Merchant Account for new web site > > > > Janet, > > > > We need to set up an account to be able to process payments online for aerosol s & handcuffs. Please read below. Is this something your team should ta e of c are of because of the ban notification? > > > > Amberlyn A. Jones > > Training & Mar eting Specialist > > Combined Systems, Inc. > > 388 Kinsman Road > > Jamestown, PA 16134 > > PH: 724-932-2177 Ext. 119 > > FAX: 724-932-2157 > > > > This e-mail message is for the sole use of the intended recipient(s) and may c ontain confidential and privileged information. Any unauthorized review, use, di sclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original e-mail.

> > > > From: Rebecca Adamson [mailto:becca.adamson@gmail.com] > Sent: Tuesday, November 08, 2011 2:42 PM > To: Amberlyn Jones > Cc: Paul Davies > Subject: Re: Merchant Account for new web site > > > > Hi, Amber: > > I'd recommend Authorize.net or Cybersource (they're actually the same company now, but two slightly different interfaces. They're both good). > > Start an account with one of them and then let your ban now that you intend to ta e purchases online (be specific about "online", they might need to have yo u fill out specific paperwor for that). > > While the ban is wor ing on their end, Cybersource or Authorize can move forw ard with setting you up in test mode. They'll give you a username and password to their control panel. Log in to that to finish the set up (just a couple of q uestions, I thin ). And then forward the username and password to me and I can get the site connected from there. (You'll be able to change the password after your site goes live, so there won't be any worries about security). > > http://www.authorize.net/ > > http://www.cybersource.com/ > > As soon as you decide on one, let me now, because I can move forward with tha t part of the code while we're waiting for the username and password to be issue d. > > Let me now if questions come up. I've not actually been through thispart of the process myself, I only recommend these two because I've wor ed with them fro m a code standpoint so much and I am familiar with their control panels. > > The sooner, the better. I've seen this process ta es wee s to get to the poin t where you get a username and password issued. > > ~B

Hi, David: It shouldn't be necessary to move to another DNS server, just to update the name server records. But, you now more about things on your end, so I'll trust in y our way. The IP address is 69.30.233.88 My understanding is that Paul wants the new site to go live on Tuesday. Than s! ~B On 01/12/2012 04:22 AM, David Bricca wrote: > Hi Rebecca,

> > We just need to now the new IP address of the web server when you are ready t o launch the new site. Moving to another DNS server is too much trouble. > > Regards, > David Bricca > ----------------------> Sent from my iPhone > > On Jan 10, 2012, at 11:35 AM, "Rebecca Adamson" wrot e: > >> Hi, Dave: >> >> Please let me now if I can do anything to assist. My number is 816.8385.461 7. >> >> Than s! >> >> ~Rebecca >> >> On 01/10/2012 06:06 AM, Paul Ford wrote: >>> Happy New Year Dave, >>> >>> We are in the process and getting close to launching a new website. http:/ /csi.mar branding.com/myaccount/login.php >>> >>> Rebecca, our web developer at Mar Branding has as ed about the DNS settings so that when the time comes, we can ta e the new site live on their servers poi nting to NS1.KROMBIE.NET and NS2.KROMBIE.NET >>> >>> We don't want to do this just yet, but I would guess by Friday afternoon, we will be there. I hope. >>> >>> Can you assist us with this? >>> >>> All the best, Paul >>> >>> >>> >>> On 01/09/2012 12:52 PM, Paul Ford wrote: >>>> O ay. Can we set up a test run for >>>> -Distributor log in and RFQ >>>> -Agency log in and RFQ >>>> >>>> Answers: >>>> 1. Here are my thoughts, but I'll ta e your advice. I thin by having it on every product increases the probability of the agency and the distributor first finding and second using the feature. >>>> >>>> We should also note that the RFQ feature is for US domestic law enforcement agencies and distributors only. Int'l clients will have to use a different meth od to obtain quotes. >>>> >>>> 2. No, but I will put you in direct contact with the guy who does have all the access. >>>> 3. Yes this is still correct. Before the end of the wee , we'll have to ma e sure that every product has a price listed. >>>> -- P >>>>

>>>> >>>> From: Rebecca Adamson >>>> Date: Fri, 06 Jan 2012 13:47:46 -0600 >>>> To: Paul Ford >>>> Cc: Amberlyn Jones , Paul Davies >>>> Subject: Questions & Notes >>>> >>>> Questions: >>>> >>>> 1. Right now, I have all products that do not have prices listed to d isplay a Request A Quote button. But, do you want clients to be able to Request A Quote on any and all products regardless of price listed? >>>> >>>> 2. Do you have control of your DNS settings so that when the time come s, we can ta e the new site live? We'll need to switch the nameservers to point to >>>> NS1.KROMBIE.NET and NS2.KROMBIE.NET >>> -- P >>> >>> >>> From: Rebecca Adamson >>> Date: Mon, 09 Jan 2012 13:07:25 -0600 >>> To: Paul Ford >>> Cc: Amberlyn Jones , Paul Davies >>> Subject: Re: Questions & Notes >>> >>> Hi, Paul: >>> >>> Go ahead and create a test account for a Distributor and then one for an Age ncy. http://csi.mar branding.com/myaccount/login.php >>> >>> Using those test accounts, you can log in and do a test run of the RFQ's. This will allow you to see the entire process that your clients will go through in creating an account, and so forth - puts you in their shoes, so to spea . >>> >>> Note: You will need to "approve" the accounts in the admin panel before you r created test accounts can log in. >>> >>> I will put the RFQ button on every product, as you suggested. And, then, I' ll add some wording about US-only. >>> >>> We should get our duc s lined up as soon as we can on changing the DNS. It can sometimes ta e 24-48 after ma ing the change before it ta es effect across t he web. >>> >>> ~B >>> >>> >>> >>> On 01/09/2012 12:52 PM, Paul Ford wrote: >>>> O ay. Can we set up a test run for >>>> -Distributor log in and RFQ >>>> -Agency log in and RFQ >>>> >>>> Answers: >>>> 1. Here are my thoughts, but I'll ta e your advice. I thin by having it on every product increases the probability of the agency and the distributor first finding and second using the feature.

>>>> >>>> We should also note that the RFQ feature is for US domestic law enforcement agencies and distributors only. Int'l clients will have to use a different meth od to obtain quotes. >>>> >>>> 2. No, but I will put you in direct contact with the guy who does have all the access. >>>> 3. Yes this is still correct. Before the end of the wee , we'll have to ma e sure that every product has a price listed. >>>> -- P >>>> >>>> >>>> From: Rebecca Adamson >>>> Date: Fri, 06 Jan 2012 13:47:46 -0600 >>>> To: Paul Ford >>>> Cc: Amberlyn Jones , Paul Davies >>>> Subject: Questions & Notes >>>> >>>> Questions: >>>> >>>> 1. Right now, I have all products that do not have prices listed to d isplay a Request A Quote button. But, do you want clients to be able to Request A Quote on any and all products regardless of price listed? >>>> >>>> 2. Do you have control of your DNS settings so that when the time come s, we can ta e the new site live? We'll need to switch the nameservers to point to >>>> NS1.KROMBIE.NET and NS2.KROMBIE.NET >>>> >>>> 3. My notes tell me that you want real-time price calculating for the B udgetary Quote. But not for Request a Quote (for Distributors), is this still c orrect? Some of the products do not have prices yet, so I just want to ma e sure that's still the plan. Subject Fwd: CSI New Project: Website Redesign Sender Paul Davies Add contact Recipient Peter DeMarco Add contact Date 11.02.2011 16:23 Website Redesign_021111.doc Peter, I just got this, this morning. Are you interested? It may sound bigger than what it is, but... video, shopping cart, admin... inda borderline between you and S cotty, right? But i have not sent this to Scotty yet, unless you pass on it. Paul Paul Paul Davies President, MARK Corporate Branding 104 East 5th Street, Suite 200 I Kansas City, MO 64106 I c] 816.520.1791 I p] 816.256.3477 I f] 800.260.4069 I pdavies@MARKbranding.com I www.MAR Kbranding.com

P.S. Please don't

eep us a secret! Your referrals are the lifeblood of our bus

iness. If you now someone who would appreciate the high level of service we pr ovide, please call us immediately, and we will be happy to follow up! Than you. Begin forwarded message: From: "Paul Ford" Date: February 11, 2011 9:55:45 AM CST To: "'Paul Davies'" Subject: CSI New Project: Website Redesign Paul ,

I went over my plans for the website this wee with Richard Edge. He thin s the site we have is o ay and that we just need to include the new handcuff site. However, after pushing the benefits of a new site, he is open to a complete red o if I can justify it. So, I m putting together a one-pager for him this wee describi how a new site would be better and how in the long run it would ma e better fina ncial sense either by saving us money or ma ing us money. For this project, I have t et three quotes, but that doesn t necessarily mean I have to go with cheapest, rather best value for the money. For the complete redo, there are several things I need and I have included this in the creative brief. Here s a couple I just want to stress:

1. E-commerce (shopping cart) capability for handcuffs and pepper spray and maybe some accessories and apparel. Also, please include any recurring month ly costs on for shopping cart capability and if you now any cost per transactio n. 2. Better organization and access to the product specification sheets. I thin what we have now is terrible. 3. The final product should incorporate all these sites in a logical arc hitecture: a. www.combinedsystems.com --- that s the main gateway to the companies s s that presents the product lines as the CSI family of companies or brands. I ve inclu some examples of sites in the creative brief. I thin the Taser and Defense Tech nology sites are most impressive and loo the most professional. I actually thin we could adopt something similar organizational format. I also thin it ma es sense to organize our sites the same way our brochures are organized. i. www.less-lethal.c om -- CTS Less Lethal product line ii. www.pennarms.com -- Penn Arms Launchers iii. www.handcuffsusa.c om -4. We are interested in including videos, either initially or priced ou t as an option that we can add on later if decide not to include at first. 5. Also would be interested in something dynamic or different. Li e some thing that is always changing, li e a newsfeed or perhaps an instant messaging s ystem where during business hours you can tal to a customer service rep live. 6. Last thing, the recurring monthly costs on our website are too much. We want to be able to give a couple of our employees a little bit of training an d ma e minor changes to the website ourselves. Examples of changes would be: tra ining calendar updates, change out a photo, ma e small corrections to paragraph s cont . I thin we should also note the things that still will require maintenance on a monthly or quarterly basis and what those costs are estimated to be. If all goes well I would li e to get this project approved soon and be ready to begin the project sometime in late February or March.

If the approval for the complete redo is not successful at the bare minimum, I will be redesigning thewww.handcuffsusa.com site. Regards, Paul

Subject Re: FW: Phishing notification regarding cbts.edu Sender Peter DeMarco Add contact Recipient Francisco Litardo Add contact Copy becca.adamson@gmail.com Add contact, Paul Davies Add contact, John Gravl ey Add contact Date Sat 00:57 It loo s li e the vulnerability came in through another site. I'm loc ing down t he initial entry point and sweeping the system. We'll be loo ing to into it more over the wee end. - Peter On 2/10/2012 6:47 PM, Francisco Litardo wrote: Than s. Please eep us posted. We are traveling through Asia and are accessi ng wifi at times. Let us now if that has anything to do with it. Francisco From: Peter DeMarco [peter@tensquirrel.com] Sent: Friday, February 10, 2012 6:39 PM To: Francisco Litardo Cc: becca.adamson@gmail.com; bec y@tensquirrel.com; Paul Davies; John Gravle y Francisco, I've eliminated these and am loo ing into how they got there. - Peter On 2/10/2012 5:50 PM, Francisco Litardo wrote: Hello everyone - I am traveling in Myanmar and Thailand but I am passin g this along for you to respond to as soon as possible. Ta e a loo at the e-mai ls below. Especially our IT vendor's e-mail about you having been Hac ed. Can you verify this and eep us updated. Please ma e sure to reply to al l so that John Gravley is aware of th e developments. I won't always have access to e-mail. Francisco From: Steve Guinn Sent: Friday, February 10, 2012 2:06 PM To: John Gravley; Francisco Litardo Cc: Jon Miller Subject: FW: Phishing notification regarding cbts.edu For immediate attention. Please see message below from Google about sus picious URLs on our website. This is li ely something our web hosting service Subject: Re: FW: Phishing notification regarding cbts.edu

will need to address/investigate/etc.

Steve Guinn Assistant to the Dean 913-667-5700 ext. 107

From: Jon Miller [mailto:jmiller@integrity c.com] Sent: Friday, February 10, 2012 2:02 PM To: Steve Guinn Subject: FW: Phishing notification regarding cbts.edu

Hi Steve,

Loo s li e our web hosts got hac ed. They need to get this fixed as soon as possible.

Description: cid:image001.jpg@01CC9EE8.B53C7020 Email Support: help@integrity c.com Live Chat: www.integrity c.com Emergency Line: 913-324-8404 x1

From: noreply@google.com [mailto:noreply@google.com] Sent: Friday, February 10, 2012 12:05 PM To: abuse@cbts.edu; admin@cbts.edu; administrator@cbts.edu; contact@cbts .edu; info@cbts.edu; postmaster@cbts.edu; support@cbts.edu; webmaster@cbts.edu Subject: Phishing notification regarding cbts.edu

Dear site owner or webmaster of cbts.edu,

We recently discovered that some pages on your site loo

li e a possible

phishing attac , in which users are encouraged to give up sensitive information such as login credentials or ban ing information. We have removed the suspiciou s URLs from Google.com search results and have begun showing a warning page to u sers who visit these URLs in certain browsers that receive anti-phishing data fr om Google. Below are one or more example URLs on your site which may be part of a p hishing attac : http://www.cbts .edu/Paypal.com/webscr/ http://www.cbts .edu/Paypal.com/webscr/update.php Here is a lin to a sample warning page: http://www.google.com/interstitial?url=http%3A//www.cbts.edu/Paypal.com/ webscr/ We strongly encourage you to investigate this immediately to protect use rs who are being directed to a suspected phishing attac being hosted on your we b site. Although some sites intentionally host such attac s, in many cases the w ebmaster is unaware because: 1) the site was compromised 2) the site doesn't monitor for malicious user-contributed content If your site was compromised, it's important to not only remove the cont ent involved in the phishing attac , but to also identify and fix the vulnerabil ity that enabled such content to be placed on your site. We suggest contacting y our hosting provider if you are unsure of how to proceed. Once you've secured your site, and removed the content involved in the s uspected phishing attac , or if you believe we have made an error and this is no t actually a phishing attac , you can request that the warning be removed by vis iting http://www.google.com/safebrowsing/report_error/?tpl=emailer and reporting an "incorrect forgery alert." We will review this request and ta e the appropriate actions. Sincerely, Google Search Quality Team Note: if you have an account in Google's Webmaster Tools, you can verify the authenticity of this message by logging into https://www.google.com/webmast ers/tools/siteoverview and going to the Message Center, where a warning will app ear shortly.

-Peter DeMarco Ten Squirrel, LLC 816.878.3624

-Peter DeMarco Ten Squirrel, LLC 816.878.3624

Subject Re: CSI uploads Sender Peter DeMarco Add contact Recipient Rebecca Adamson Add contact, webguy@mar branding.com Add contact , jeremy@geeo.net Add contact Date Sat 00:44 Copying Jeremy on this as well. This may explain that ernel panic the other day . Going to start loo ing around. yinrunning vhosts # cd /var/www/vhosts/www.combinedsystems.com/docroot/cc/c edit or/filemanager/userfiles/ yinrunning userfiles # ls 10 12 14 16 18 2.6 5 7 9 cpanel.php inboxnchallah.php user.php 11 13 15 17 19 4 6 8 cheddar_bay fleurshi-.-.php indexa.php user1.php yinrunning userfiles # ls cheddar_bay/ cheddar_bay.sh exploit exploit.c pwn ernel pwn ernel.c Those are obviously exploitative. I'm going to ill the entire directory for the moment. - Peter On 2/10/2012 6:37 PM, Peter DeMarco wrote: Does CSI have any file uploads as part of their site? I've got an intrusive script on the server and it loo s li e it originated in their c editor directori es. -Peter DeMarco Ten Squirrel, LLC 816.878.3624

-Peter DeMarco Ten Squirrel, LLC 816.878.3624

From: Ron Daniel Subject: Fwd: A couple sites found hac ed on your fireflym t.com vps To: You Date: 2/12/12 7:13 PM -----Bec y thought you needed to now this. Sent from my iPad

Begin forwarded message: > From: David Lowe > Date: February 12, 2012 4:11:49 PM CST > To: Ron Daniel > Subject: A couple sites found hac ed on your fireflym t.com vps > > Hi Ron, > > I found a couple of your sites hac ed on your first vps fireflym t.com. I noti ced when your site was using a lot of bandwidth. > > It loo s li e the file upload editor part of these sites are vulnerable they u ploaded files and were attac ing people. > > I found 3 sites below hac ed and a few others that use the same software not s ure if it is the software that it was built on or just c editor part or filemana ger module in c editor. > > I removed the c editor part on these sites and scanned all your sites on both vps for malware installed. > > I removed the uploaded files and moved the c editor part to where it says belo w. I also disabled root direct login via ssh if you login as a user then su root and the password you can get to root. > > If you want tal about it give us a call tomorrow and we can discuss. > > > Best Regards, > > David > > > arialliance.org > /var/www/vhosts/arialliance.org/httpdocs/cc/c editor/filemanager/userfiles/ > > /cc moved to: > /root/arialliance.org/c editor > > precisionmfg.com > /var/www/vhosts/precisionmfg.com/httpdocs/cc/c editor/filemanager/userfiles/ > > /cc moved to: > /root/precisionmfg.com/c editor > > gotoacs.com > /var/www/vhosts/gotoacs.com/httpdocs/cc/c editor/filemanager/userfiles/ > > /cc moved to: > /root/gotoacs.com/c editor > > You will need to login as a user the su root > Do to security concerns direct login as root user has been disabled. > > > Other sites with same software and directory structure but not presently hac e d not sure if newer or not. > >

> > > > >

billsoft.com m.moumethodist.org m.whatsnext c.org r groupdesignbuild.com tripleloophousewares-dev.com