Follow us on Twitter!
Don't judge the unknown - Grindordie
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 22
Guests Online: 19
Members Online: 3

Registered Members: 82905
Newest Member: BLckLIght
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Rooting a box


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 10:32
Ok, Say I wanted to root a box which we will call Rocky. Now Rocky has ftp, http, smtp and pop3 ports open and imap how would i got about accessing this server and gaining root. Lets also say its running a linux server shall we

(This isnt a "tell me how" post its a "Give me a nudge in the right direction" post)





Edited by on 07-11-05 10:34
Author

RE: Rooting a box

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 07-11-05 18:59
check out the versions of the serivices, and the version of the OS (in this case it would be the kernal version). i can think of several remote root exploits for those services off the top of my head.

If you're not authorized to do this and don't have local access, try the following nmap syntax:

Code

[root@localhost hacking]# nmap -vvv -sS -sV -O -P0 target-host





that will do OS detection, and a Version scan.

course, using telnet (or netcat) is a better way to grab the banners at times. i'd use nmap and then back up its guesses with telnet or netcat.

BTW, if you're really not authorized to do this, maybe you should get some more expirence before you go and try something like this... no offense.... ;)


"Root is a state of mind" -- K0resh

Edited by n3w7yp3 on 07-11-05 19:00
Author

RE: Rooting a box


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 20:01
umm everytime i use nmap it disconnects me until i restart...ive heard by many people that it's really good...i had to get a whole buncha different tools and havnt found a portscanner thats all that great yet please help -death11284


Author

RE: Rooting a box


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 20:50
n3w7yp3 wrote:
check out the versions of the serivices, and the version of the OS (in this case it would be the kernal version). i can think of several remote root exploits for those services off the top of my head.

If you're not authorized to do this and don't have local access, try the following nmap syntax:

Code

[root@localhost hacking]# nmap -vvv -sS -sV -O -P0 target-host





that will do OS detection, and a Version scan.

course, using telnet (or netcat) is a better way to grab the banners at times. i'd use nmap and then back up its guesses with telnet or netcat.

BTW, if you're really not authorized to do this, maybe you should get some more expirence before you go and try something like this... no offense.... ;)


I did use nmap to get the info and no offense taken by your last comment


Author

RE: Rooting a box

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 07-11-05 20:59
Darth_Pengo: well, then just look up some exploits on securityfocus, or try using the various services to enumerate user accounts. you have a plethora of possibilities open to you Pfft


"Root is a state of mind" -- K0resh
Author

RE: Rooting a box


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 21:08
death11284 fucking awesome sig...

Darth pengo, just look up exploits for the services and such.


Author

RE: Rooting a box


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 22:25
Or download the programs (or source if it's open) that are used and try finding your own 0days.