Follow us on Twitter!
Capitalism is an Island of wealth in a sea of poverty
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 26
Guests Online: 22
Members Online: 4

Registered Members: 82885
Newest Member: ConiBE
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Page 1 of 2 1 2 >
Author

gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 22:58
ya see my friend has this website but he made it using freewebs. and he wants to see if i can gain root to it. but i dont know how to get the ip of his website. would it be the freewebs ip or would his website have is own ip?


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:04
Just ping it?

It will be freewebs, though. They'll run a number of websites (probably a lot, no one visits them) off a dedicated server. They'll have tonnes of servers, though, so you'll still need to find the specific server's IP.

P.S. I doubt you'll get root if you're asking this.


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:06
Freewebs website. Read ^.


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:13
well ill give it a go im using the article on gaining root. i just need to know the ip address. any any ideas on finding the server its running off



Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:17
cmd

ping <site>


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:21
yeah but it just says uknowen host


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:43
ok ive used putty to get it and now im asked for user name and password
in http://www.hellboundhackers.org/readarticle.php?article_id=183 is says to log in as anon and teh password should be anonymous but that doesnt work!! can any1 help?


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:45
hmm, out of curiosity why use ping for a DNS query? Seems a bit pointless to give your IP to the server just to find out it's IP when you can just DNS it using nslookup, dig, host, etc.

Whenever I'm investigating a new server I actually block it's IP with my router or IDS software initially to prevent any direct connections AT ALL. Better safe than sorry. Wink


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:50
yes i spose but this is my friends site...or will freewebs get pissed off? and btw do u no wat username or passwords i cud try out?


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:52
Oh and I think the article you're referring to is about the rooting challenge that just happened, there will NOT be a default pass of anonymous on every server.

My advice would be don't even attempt to root an internet server with the amount of knowledge you don't have, you are asking to get busted. If you end up getting in by accident you will no doubt leave traces of your entry all over the place (can you say LOG FILES).

Playing around with SQL or JavaScript injection and gaining admin rights to some tom joe's website is one thing... rooting an actual server that belongs to an internet services company is another. If you don't know completely what you are doing, then dont try.


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-05 23:55
lol kk. whoa thanks for the heads up dude. that coulda got nasty!!!! well do you have any tips on any java or sql injections i could do?


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 00:02
well if he wrote his site with PHP/MySQL then you could try and play with the any variable input to get an error (that will tell you if its vulnerable), you can use javascript to manipulate data in forms, cookies, etc and you can sometimes use XSS to steal cookies and crap.

Just study the site and get a feel for the code, then use logic and a little imagination to find a weakness.


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 01:15
what exactly is stealing cookies, is it stealing other peoples cookies to see what sites they visited or am i way off track?
Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 01:20
Well cookies can hold a number of things, such as the last time they visited, their name's, etc. The most useful data collection from a cookie would be a username/password. Even the most secure sites can fall to simple XSS attacks.


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 02:02
Neoquesty wrote:
lol kk. whoa thanks for the heads up dude. that coulda got nasty!!!! well do you have any tips on any java or sql injections i could do?


I strongly suggest you learn about sql injections, javascript injections. like, ffs java != javascript. 2 different laguages. And also, we cant just say "oh use this sql injection" because it probably wont work. The amount of times sql injection actually works is extremely low. Take the time to map out the site, save all the files on your hard drive, view the source for each page. Spend time lookinig for exploits on the server, you need to do your research before attempting a hack, or you will be busted.


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 09:30
To further refine what fagitz said, the main use of XSS cookie stealers is to steal admin session cookies. When you replace your cookies with a stolen admin's session cookie the website thinks you are logged in as them.

I would agree that you definitely need to research. Learn PHP, JavaScript and SQL and read up on injection and XSS. Then get a few good proxies and go play Pfft


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 10:19
kk ty guys ill have my head in the books from now on.


Author

RE: gaining root

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 04-11-05 10:23
just to point out.

freewebs, only hosts html sites. So SQL injection wont work.

basically - you wont be able to hack a freewebs site. you wont be able to root it.. unless your extremely skilled, and from your "java or SQL injections" it seems you really dont know alot.


http://www.hellboundhackers.org/
Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 11:57
Nicely said Mr_Cheese. I agree, since you think javascript injection is the same as "java injection" then you really dont know alot.

And Mr_Cheese thanks for pointing they only host .html files, i totaly forgot ehAngry


Author

RE: gaining root


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-05 12:08
nononnno i knew java and javascripy were different. java is a way more powerful lnaguage. i was just being lazy and not writing javascript. i know. really stupidSad


Page 1 of 2 1 2 >