Skip to main content

Hacking a Website - Exploiting Webserver

Hacking a Website - Exploiting Webserver (Old Method)

Note: This guide is only for knowledge purpose

Old Trick but many works...Try to have local website.

This method uses website vulnerability to hack it through PHP,Python,Perl,C++ exploits.
First of all you need a target website. (Google & find one)

Step1
Next thing you need to do is find out is, it online or offline. (Ping)
Go to https://ping.eu/ & ping the target website.
Observe the results from ping. (Okay means online).

Step 3
Now, we need to gather information about the website. (Whois lookup)
Go to http://whois.domaintools.com & plug up the IP or the website.
You’ll see a large amount of information about the website.
Use Google to find even more information about the website.

Step 4
Once you’re done download, install & open Nmap.
Once you have done that, do a –sT –sV scan of the website.
[That is put, nmap –sT –sV, in Nmap’s command bar & scan website.]
Once done, observe open OS, ports, services running on the website server.]

Step 5
Once done, you’ll need to find banner of the software.
[Banner: It shows the software & version running on ports.]
Methods depend on the OS of the server.

Step 6
For WIN VISTA & 7:

You need to download & Open Netcat.
[Because Telnet is disabled in WIN VISTA & 7]

Once done type, nc <IP> <PORT>
Ex: nc 127.0.0.1 21
Once you’ve done that, you’ll get a banner.
This will be displaying all the details of the software running on port.

Step 7
For other OS:

Open Telnet
[Start > RUN > telnet]

Once done type, O <IP> <PORT>
Ex: O 127.0.0.1 21
Once you’ve done that, you’ll get a banner.
This will be displaying all the details of the software running on port.
If this doesn’t work you can try the first method.

Once you’ve got the banner, you need to search for vulnerability matching with banner.

Exploit databases:
Security Focus: https://www.securityfocus.com/
Cve Mitre: http://cve.mitre.org/
Metasploit: 
https://www.metasploit.com/
Once you’ve got the matching exploit of the same version software.
[If you haven’t got, try another port.]
You need to edit values, compile & run it.

Most common exploit Coders:

Perl

For perl exploits, Copy the exploit in notepad & save it with .pl extension.
Download & Install, Active Perl: https://www.activestate.com/products/activeperl/
Once done, edit the exploit with notepad & double click to run it.

PHP

For PHP exploits, copy & save it in .php extension.
Download & Install WAMP: http://www.wampserver.com/en/
Once done, edit the exploit with notepad & execute it from CMD.

Python

For python exploits, copy & save it in .py extension.
Download & Install python: https://www.python.org/downloads/
Once done, edit the exploit with notepad & double click to run it.

C/C++

For C/C++ exploits, copy & save it in notepad.
Download & Install Blood Shed. (Google the link)
Once done, edit the exploit, compile & double click to run it.

If your exploit is successful you will get access to server,
You’ll be able to edit every part of the website.
If your exploit wasn’t successful try with different port, services & software.
You can also use Metasploit web to search exploits.

Comments

  1. You have Shared great content here about Website Hacker. I am glad to discover this post as I found lots of valuable data in your article. Thanks for sharing an article like this. Website Hacker

    ReplyDelete
  2. You are providing good knowledge. It is really helpful and factual information for us and everyone to increase knowledge. Continue sharing your data. Thank you. Hire A Verified Hacker

    ReplyDelete
  3. It is a proficient post that you have shared here about Hire A Professional Hacker. I got some unique and valuable information from your post. Thankful to you for sharing this post here.

    ReplyDelete
  4. You have a genuine capacity to compose a substance that is useful for us. You have shared an amazing post about Hire Expert Hackers Online.Much obliged to you for your endeavors in sharing such information with us.

    ReplyDelete
  5. It is a proficient article that you have shared here. I got some different kind of information from your article which I will be sharing with my friends who need this info. Thankful to you for sharing an article like this.Ethical Hacker For Hire in Usa

    ReplyDelete
  6. Incredibly accommodating which you have shared here. I'm intrigued by the subtleties and furthermore it is a critical article for us. Keep conferring this kind of data, Thank you.Genuine hackers for hire

    ReplyDelete

Post a Comment

Popular posts from this blog

IBM iAccess for windows 7.1 "a system restart is pending" error

 IBM iAccess for windows 7.1 "a system restart is pending" error HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager 1. Look for the following key:  PendingFileRenameOperations or   FileRenameOperations ** 2. Right-click ->  Rename . 3. Add a prefix ### and press Enter. 4. Close regedit and attempt the installation.  Note:  Make sure to go back and remove the ### prefix. The installation should continue.

How to change processor name permanently to fool your friends

How to change processor name permanently to fool your friends ------------------------------ ------------------------------ -------------- Would you like to show a brand new processor name which may not even published on market? Yes, definitely you will like it! With this trick, you can change the name of your processor to a personalized one like Intel i12 or something extreme like AMD Radon 30 GHz . So follow the given steps, Steps you have to perform 1. Open Notepad. Copy and paste below code into file. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\HARDWARE\D ESCRIPTION\System\CentralProce ssor\0] "ProcessorNameString"="Intel(R ) Core(TM) i12-3470 CPU @ 32.5GHz " How to change processor name -- 2. Save the file with .reg extension, such as "anyname.reg". How to change processor name permanantly 3. Double click on file. You will get two prompt, Just allow them to install registry key. How to change processor n