BadB
Professional
- Messages
- 2,455
- Reaction score
- 2,442
- Points
- 113
1. Toolkit.
We only need 3 out of the set. Moreover, even demo versions are suitable:
a) Xspider - scans the server and site for open ports according to its vulnerability base. The demo version does not write where exactly they were found, but answers the ass that they are. That's enough for us.
b) Havij - since we will hack onli through sql-inj, it’s better not to find it. Here you need to look for a crack, because not all databases in the free version are supported, fortunately, the crack is googled instantly.
c) WSO 2.5.1 (web shell). To make what you do looks like real hacking.
2. Process.
We are looking for a goal. Everything is simple here. Write any word in Google and click "search". Take the desired site and put it in Xspider, click "scan". Along the way, you go to 2ip.ru, for example, and look for the neighboring sites of your already almost hacked site with bucks. Grab them and toss them into the Hspider. We wait...
Let's say Xspider did it and found something. We open the asshole and see what we have there in 80 / tcp - HTTP. Hooray! There SQL-inj is written in red. We are lucky today, we continue.
Since he does not write where this whine was found, we will ask Google. We write a request:
We will see all links with parameters (this is when something is equal to something in the address bar). They are what we need. 33% done.
Launch Havij.
Enter the link into target as in the example. It should be similar to the one that Honorable Googol shared with us.
You don't need to press anything else, let those who do not give a shit do it. Click Analyze. It works! The letters ran. For greater effect, set full screen mode) If nothing worked, then fuck it, this site is not worthy of our attention, let's move on. If it turned out db found, then in the tables tab we press in turn from left to right the buttons get db, get tables (bad memory, but something like that). Now we are looking for something similar to user, admin, etc. We open them, put a checkmark on something similar to login, pass and then Get Data.
If you are lucky, you will immediately receive a username and password. But usually the password is encrypted and looks like "1afa148eb41f2e7103f21410bf48346c" and we have to go to our friend Google and stupidly drive the hash into it. Here we climb a little and look for it, in huge lists it will be faster to press Ctrl + F and put the password there.
So. We have an admin username and password. What's next? Open Havij and click on the Find Admin button, there is only one graph and one button, so let's figure it out.
3. Administrator.
We can stop at this. But the achievement of the goal does not stop us and we want more. Now there will be little specifics, because there is a fucking bunch of different types of admin panels. Look in the admin panel for any way to download a file, or better a file manager and download our WSO shell. IMPORTANT. look into which folder the downloads are taking place or which one you download it to, whether the name changes, etc. In general, we need its specific address, which we go to and write root in the password window.
In front of you is the insides of the site, you can have fun, merge databases, climb and dig. Optionally refill and rename the shell somewhere where it will not be particularly noticeable.
If something does not work out at any stage, then we just look for another victim and again. Someday it will definitely work out.
We only need 3 out of the set. Moreover, even demo versions are suitable:
a) Xspider - scans the server and site for open ports according to its vulnerability base. The demo version does not write where exactly they were found, but answers the ass that they are. That's enough for us.
b) Havij - since we will hack onli through sql-inj, it’s better not to find it. Here you need to look for a crack, because not all databases in the free version are supported, fortunately, the crack is googled instantly.
c) WSO 2.5.1 (web shell). To make what you do looks like real hacking.
2. Process.
We are looking for a goal. Everything is simple here. Write any word in Google and click "search". Take the desired site and put it in Xspider, click "scan". Along the way, you go to 2ip.ru, for example, and look for the neighboring sites of your already almost hacked site with bucks. Grab them and toss them into the Hspider. We wait...
Let's say Xspider did it and found something. We open the asshole and see what we have there in 80 / tcp - HTTP. Hooray! There SQL-inj is written in red. We are lucky today, we continue.
Since he does not write where this whine was found, we will ask Google. We write a request:
Code:
site: victim.ru inurl: =We will see all links with parameters (this is when something is equal to something in the address bar). They are what we need. 33% done.
Launch Havij.
Enter the link into target as in the example. It should be similar to the one that Honorable Googol shared with us.
You don't need to press anything else, let those who do not give a shit do it. Click Analyze. It works! The letters ran. For greater effect, set full screen mode) If nothing worked, then fuck it, this site is not worthy of our attention, let's move on. If it turned out db found, then in the tables tab we press in turn from left to right the buttons get db, get tables (bad memory, but something like that). Now we are looking for something similar to user, admin, etc. We open them, put a checkmark on something similar to login, pass and then Get Data.
If you are lucky, you will immediately receive a username and password. But usually the password is encrypted and looks like "1afa148eb41f2e7103f21410bf48346c" and we have to go to our friend Google and stupidly drive the hash into it. Here we climb a little and look for it, in huge lists it will be faster to press Ctrl + F and put the password there.
So. We have an admin username and password. What's next? Open Havij and click on the Find Admin button, there is only one graph and one button, so let's figure it out.
3. Administrator.
We can stop at this. But the achievement of the goal does not stop us and we want more. Now there will be little specifics, because there is a fucking bunch of different types of admin panels. Look in the admin panel for any way to download a file, or better a file manager and download our WSO shell. IMPORTANT. look into which folder the downloads are taking place or which one you download it to, whether the name changes, etc. In general, we need its specific address, which we go to and write root in the password window.
In front of you is the insides of the site, you can have fun, merge databases, climb and dig. Optionally refill and rename the shell somewhere where it will not be particularly noticeable.
If something does not work out at any stage, then we just look for another victim and again. Someday it will definitely work out.
