next »

[Mr.XXXX]

For Lynx box:

Code:

http://milw0rm.com/video/watch.php?id=92

Windows box:

Code:

http://milw0rm.com/video/watch.php?id=88

[Sm4rt_Hax0r]

y0! they are cool!

[tango_charlie]

ehh thanx much bro u rocks 

[D4rk357]

thanks man.....butstill way to long to go for me before i am ablee to root one

[Sm4rt_Hax0r]

thanks man.....butstill way to long to go for me before i am ablee to root one

rooting server is an art... this is BASIC trick! MOST BASIC!!! but understand this -> God is found in small details!


look for small details and fetch a big picture! Best of luck dude! 

[Mr.XXXX]

thanks man.....butstill way to long to go for me before i am ablee to root one

rooting server is an art... this is BASIC trick! MOST BASIC!!! but understand this -> God is found in small details!


look for small details and fetch a big picture! Best of luck dude! 

If it is basic method ,then wat r advanced ? N wat r other ways to root servers...

[D4rk357]

thanks man.....butstill way to long to go for me before i am ablee to root one

rooting server is an art... this is BASIC trick! MOST BASIC!!! but understand this -> God is found in small details!


look for small details and fetch a big picture! Best of luck dude! 

your first step>..

upload a shell..
i know about shells a bit..r57 and c99 and even chakravyuh  i guess..
but how to upload it??

[D4rk357]

Requirements: system,passthru, NOT disabled, so it is always a good idea to check phpinfo() before proceeding. Site admin MAY get to know about intrusion if system is disabled or SELinux is activated. You will need netcat (nc) for back connection. I prefer using my favourite Locus or C99 shells.
^^^^^^^^^
system , passthry , NOT DISABLED..are they option in shells..

sorry for my ignorance!!

[Sm4rt_Hax0r]

Requirements: system,passthru, NOT disabled, so it is always a good idea to check phpinfo() before proceeding. Site admin MAY get to know about intrusion if system is disabled or SELinux is activated. You will need netcat (nc) for back connection. I prefer using my favourite Locus or C99 shells.
^^^^^^^^^
system , passthry , NOT DISABLED..are they option in shells..

sorry for my ignorance!!

No, they are PHP configurations, check the images, I have also shown if it would look in phpinfo()

[Sm4rt_Hax0r]

thanks man.....butstill way to long to go for me before i am ablee to root one

rooting server is an art... this is BASIC trick! MOST BASIC!!! but understand this -> God is found in small details!


look for small details and fetch a big picture! Best of luck dude! 

your first step>..

upload a shell..
i know about shells a bit..r57 and c99 and even chakravyuh  i guess..
but how to upload it??

There are MANY methods to upload shell. For example when Zombie or his troupes attacked ICW server, they found a loop in signature, yes, you upload images in signature, I did not sanitize it.. However, since my SELinux was "well configured", it caught the port opening and blocked the execution, right there! now, you are getting confused my friend, Chakraviewh is asp shell and NOT php shell... If you find Linux box with php and apache on it, you can follow this method! else, you cannot, I have heard of python shell but, haven't seen it yet so if I get a server that runs ONLY python script like django framework project dpaste is... so php/asp shells wont work there.. I would suggest that you seek basic web knowledge then proceed with rooting a box 

[Sm4rt_Hax0r]

thanks man.....butstill way to long to go for me before i am ablee to root one

rooting server is an art... this is BASIC trick! MOST BASIC!!! but understand this -> God is found in small details!


look for small details and fetch a big picture! Best of luck dude! 

If it is basic method ,then wat r advanced ? N wat r other ways to root servers...

Port Poisoning
Server-side exploits
and
Social engineering 

[D4rk357]

thanks man.....butstill way to long to go for me before i am ablee to root one

rooting server is an art... this is BASIC trick! MOST BASIC!!! but understand this -> God is found in small details!


look for small details and fetch a big picture! Best of luck dude! 

your first step>..

upload a shell..
i know about shells a bit..r57 and c99 and even chakravyuh  i guess..
but how to upload it??

There are MANY methods to upload shell. For example when Zombie or his troupes attacked ICW server, they found a loop in signature, yes, you upload images in signature, I did not sanitize it.. However, since my SELinux was "well configured", it caught the port opening and blocked the execution, right there! now, you are getting confused my friend, Chakraviewh is asp shell and NOT php shell... If you find Linux box with php and apache on it, you can follow this method! else, you cannot, I have heard of python shell but, haven't seen it yet so if I get a server that runs ONLY python script like django framework project dpaste is... so php/asp shells wont work there.. I would suggest that you seek basic web knowledge then proceed with rooting a box 

yeah...you are righto...

[d4rk-blu™®]

thanks man.....butstill way to long to go for me before i am ablee to root one

rooting server is an art... this is BASIC trick! MOST BASIC!!! but understand this -> God is found in small details!


look for small details and fetch a big picture! Best of luck dude! 

If it is basic method ,then wat r advanced ? N wat r other ways to root servers...

Port Poisoning
Server-side exploits
and
Social engineering 

Lolz sm4rt is 100% vul to social engineering

[silent123]

  \m/KewLL.......

awesome

[Evil-Reddy]

thanxxxxxxxxx