Search This Blog

20080209

How to get root legitimately

how to root legitimately:

you must have the following:

a minimum of 2 computers that will install linux -- with at least 64 MB ram and 500 MB drive space on one that will be used as the server

internet connection (for linux updates)

router connected to your broadband modem, and the usual cables

experience with linux

directions:

  1. install server version of linux on the minimal computer and workstation on the best computer. you should know which is which.
  2. update the client with dist-upgrade. if you know how to do that, then fine. if not, then rtfm.
  3. you could use chkrootkit on the server and see where it fails. or use nessus, tho it means your client will need apache running for that. or you could just upgrade python and ruby and install metaploit framework according to instructions. use google to find these suckers and rtfm before proceeding.
  4. once you root your server, using your exploit tool, patch the server to prevent that root exploit from working again. do this with all the exploits that work.


The objective of this exercise is to learn how to prevent someone from rooting a server. This involves preventing buffer overflows. Google "buffer overflows" for details.


Short FAQ:

Will this howto help me get root on xyz.tld's server? No, but it will teach you how to get root on your own server. Furthermore it will teach you that you may need physical access to get some privileges. However, rooting your employer's server could result in getting blackballed in the IT field, especially if you use it to get warezs and pr0n, plus use it to serve that illegal content to your warez buddies. If you must be illicit, then google "rackspace" and learn.

Can you help me setting up my computers and network? No, i am not gonna tell you how to set up a server under Linux or how to patch it. You may learn how to build kernels, etc. on your own, though. Nor am I going to give out urls to the stuff revealed in this howto. This howto covers the basics, and you should know where to get real howto's to help you.

Why did you write this stupid lame-azzed howto and write this stupid FAQ? I forget; probably cos I can't KISS.
Created and/or compiled by at
Labels: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)