Follow us on Twitter!
Understanding is the answer, hatred is the problem, and hackers are the slaves abused and destroyed in the process of peace online - Deshouleres
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 14
Guests Online: 13
Members Online: 1

Registered Members: 82876
Newest Member: bhl1986
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 16-05-05 12:52
I'm just wondering what you guys do once you get root.[site admin acces or root server]
I mean getting in is the challenge, so after you got root what do you do?
I wanna hear who has the most creative ideas so come on with those replies Wink







Edited by on 16-05-05 15:49
Author

RE: What after root?

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 16-05-05 14:03
well, theres alwasy defacing every site on the server.

or you can just use that server as a free shell account.

or you could use it as a zombie and attack other servers / Dos websites etc etc


http://www.hellboundhackers.org/
Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 16-05-05 17:26
Well, i'd delete the logs.....That'd come first.

Well, depends on the site, i'll give the pass to one of my friends if they wanted, or deface it if i truly disliked the site, or i'll just leave it alone. I mostly just leave it alone and send a message to the admin stating the exploit so they can fix it, if they can.


Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-05-05 01:58
If you legitimately root a server, not just a little piece of web software, then you do whatever the hell you want. I've come across this about three times, and I got a pretty good story out of it.

The server had pretty nice security overwall, excess watchguard applications, but I got in through a hole in SSH. It was a FreeBSD server, clearly not updated, most likely using ports ineffectively. The server was actually a local company that was causing some unrest. Basically, they were a web development/design company that threw mud every which way, and bragged up the ass. They made a couple persaonl attacks and one too many moves at other local companies that were better established.

I doubt very many of you have even tried linux rooting, or have but never got access. I will honestly say that I used an exploit long since previously found, so I'm not claiming to be leet in that regard. It's really a pretty amazing experience. You coffee, and a lot of time. Maybe some rubber undergarments.

Many of you with no experience whatsoever will first, not know to clear logs. Others, like most, will know to clear the logs and will say thats what they would do, but have no clue how.

Now that I was in, I didn't wanna to do much to their site, but I had to touch. More than anything I just changed a few CSS colors and added a snide line at the bottom of the page, so they could know where they crossed the line. I chmod'd every file to only allow read, even from the owner, I promptly then began mucking their DNS up. Bind8 at the time, so I made a few awkward references, looping Subdomains and the main domain nearly 15 times, and changing MX priorities.

I changed the sudo'r file to not allow any sudo, and I updated the passwd application via Ports, followed by a quick password change. It was only AFTER this step of course, that I stoped to ps -ea, seeing the 5 or so watchguard applications flagging my ass. After a little research, I found where every application stored logs, as well as all the original unix applications like syslogd, and a true network monitor. Now, deleting them that instant would be stupid, as would killing the applications. This is why I love perl so much. Perl script changes all the logs back to what they were before I touched it, added a few fake records, then I set a cron to handle that, and the perl script removed itself from cron.

I also removed about 15-20 nice tools, such as wget, and all was good. Damage done, traces gone, fun had. I also know about ISP logs, of course handled previously by my own application to tunnel me through about 20 proxies.

Personally I find it annoying when people message a Sysadmin that theirs a hole, UNLESS The person messaging legitimately found it.


Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-05-05 17:06
nice read Smile anyone else has some comments or are those the only 3 persons on a site with currently 1603 users who got admin or root to something? Wink

And where is the creative stuff, like hacking with ethics etc Wink
let's hear about those stuff



Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-05-05 17:18
i've got root on my own linux box.... but thats it Sad. I've never had the chance really to learn how...


Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-05-05 22:46
I've found my own holes in PHPNuke, PunBB, and a few custom-made data-driven sites, so I've had admin there. That isn't good for much often, but sometimes it can be fun. I might write out one of the other big rooting experiences I had later. Basically, it involved not having a clue what distrobution I was on, and there was no true root account accessable by humans. Difficult log work around there.


Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-06-05 14:10
I don't know how to find where logs are, what applications keep them or where to find out, except maybe google. But it doesn't matter for what I had done. In our school, I got root on the server, and messed about a little, not caring if I leaved a trace, because the friday before I had broken into the admins office, on a whim, and found a reciept kind of thing, which for some weird reason was to install a HDD a small 20GB, and this was where the logs would be kept( it was to be installed as a log drive). Ofcourse later that day, I had disconected that Hard drive Wink, and left free to hack. This was before I had got to know and like the stupid admin.


Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-06-05 19:55
scankyfrank wrote:
i've got root on my own linux box.... but thats it Sad. I've never had the chance really to learn how...
Hey I've got root on yur linux box too ... isn't that funny ... er, I mean ....


Author

RE: What after root?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-06-05 21:59
nights_shadow wrote:
Well, i'd delete the logs.....That'd come first.

good call, ns, and even if you do, a proxy is always a must Smile