waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
There are thousands of vulnerable IPB <= 2.3.5 forums out there even right now. Most of them will let you easily get to the php code level. Next will be linux shell level, success depends on security of specific php installation. And once you are @ linux shell level, you need local root exploit. Servers with older, unpatched kernel can be easy targets. Another way too root is to look around in server and search for administration flaws - vulnerable and unpatched software, weak directory or file permissions, etc. But be aware, that excellent linux and C knowledge is needed for getting UID 0 |
|