Jump to content
sandabot

How to hack a un-hackable site

Recommended Posts

Posted (edited)

Introduction

Sometimes site that is your TARGET just isn't hackable. Even Acunetix Web Security Scanner can't find useful vulnerability. In that kind of situation the only thing that might work is to hack site (backdoor site) that is on same server and through that site and through server to penetrate the site.

Tools required:

GNY.Shell

Shell - Pestebin

Finding Backdoor Site

To find backdoor site go to

http://www.domaintools.com/

and in Whois Lookup enter your TARGET site

As a result you'll get Whois Record

yj4zgv59y870.png

Look for "Reverse IP"

In our case 25 other sites hosted on this server.

Click on it to see names of the hosted sites on the same server.

You will see few of them, to see all, click on more...

To see them all you must be a member.

You can easily Sign up for a FREE account by cicking on Create an Account

(use some ********* email service for that)

As a member you can see all 25 other sites hosted on that server.

ttvofzahtmny.png

Hacking Backdoor Site

Here we have 25 potentional backdoor sites and our target one.

Let's say after analysing we find that our backdoor sites No17 (as example) and target No22

8lgqjhj76hqz.png

Backdoor site can be any one from the list who can be hacked and sell uploaded

rq9k3vq8go5k.png

By cicking on var/ at www.backdoorsite.com we go straight to root of the server

2x5pk22e8u24.png

Where we can find our www.target.com dir.

Sometimes premisions isn't drwx but dr-x which is more then enough to read configuration file.

rni1js1ocemg.png

With data from that file we can hack unhackable site...

:)

Edited by sandabot
Posted
Interesant postul dar restul nu vor intelege cum o sa folosesti tu scriptul ala de pe paste bin sa uploadezi shell:)

Probabil majoritatea nu vor în?elege nici un sfert din tutorial.. ap?i s? ajung? la shell :)) . Oricum, bun tutorial ?i interesant !

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...