How I Abused “Runnable.com” Compiler to use it as a VPS


Hey Everyone,

Hope you are doing great! It’s been a month, Since I’ve been active online. So, Now got some time to show you something which I’ve found while exploring the internet. This is my First post, Hope I’ll not bore you.

Let’s start! So, As I’ve already mentioned. www.runnable.com providing Session based Online VM compilers with ROOT Access, where you can compile your Python , C++ ,PHP, Node.Js, Java etc.

I see everything in a security perspective. So As a Hacker, All I need is a “ROOT access to the machine” The first and foremost thing which we’re going to do is getting a PHP shell in that compiler somehow and it’s pretty easy because We don’t have to upload and The scenario goes like this, Copy the PHP shell code and paste it in the PHP compiler and click “Save and Run” and what’s next?

Boom! We got the shell! :P But, No write permission in the current directory which is “/var/www” :(

But, Hey wait, We can upload in “/var/tmp” Isn’t cool uh?

So, Now we got the shell and a terminal with ROOT access by default and what else we need? Isn’t it more than enough?

You may question me what else we can do with is, We can use it to perform a lot of things, But am not going to cover it.

We can crack hashes too, But how?
Just install john the ripper and do it.

You can Backconnect with Netcat As well, But Before that let’s try to test the bandwidth and configuration of this compiler.

For this purpose I got A python Script Through which we can do it easily.

Oh! Wait, Dafuq! I’ve just seen :o.

Configuration of these Machine, Given Below.

Uploaded backconnect perl script and Backconnected, Now, let’s explore it!

Connected via Netcat Tada!

Ps : This information is only for educational purpose! . The site is no way responsible for any misuse of the information.

That’s about it, Thanks!

Hope You enjoyed it!

There was an another Website, Do Check this video which I’ve made with tutorialspoint.com

Click Here To Check This video

Ps: Now, It’s completely Patched now! :D

Like what you read? Give Sriram a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.