Jump to content
Cartus_C

Hacking with shells

Recommended Posts

Posted

| Hacking with Shells |

-----------------------

Written by entr0py

-= www.securitybay.org =-

Introduction

-------------------

I am very sure that many of you must have heard about various

attackers who deploy web shells to deface and disfigure websites.

But, do you actually know what are web shells and how to use them

in order to deface websites? Well, the main motive of this tutorial

is to make you all aware of the various ways to deface websites using

web shells. I know some of you may be thinking that I am just providing

script kiddiesh information, but let me tell you that the number of

queries I have received on this topic cannot be counted. Thats why I am

doing full justice to all the wannabe-h4x0rs and script kiddies who are

craving to learn about these web shells and attacks associated with it.

So, just sit back and enjoy...

Web Shells

-------------------

A web shell is a script programmed in web application programming

languages like ASP, PHP etc. If the shell is executed on a particular

web server, the attacker can generate capricious commands. The shells

allows the attacker to delete, upload, replicate, create and alter files.

Web shells are popularly used by script kiddies, because its somewhat

easy to execute on a specific web server. Mostly, web shells are executed

by manipulating the URL string. You dont expect the script kiddies to

mould an altered URL string! So, that's why they find RFI (Remote File

Inclusion) vulnerabilities to gather the obfuscated URL string that

enables them to upload the web shell on a web server remotely.

Hacking with Shells

--------------------

In the previous section, I have briefly explained the web shells. Now, in

this section, I am going to elucidate the technique to use such web shells

to deface websites. So, first and foremost, you need to have a web shell.

The commonly used web shells are c99, c66, r57 etc. Obtain a web shell from

www.hacktivist.net or you can search Google for c99 shell. After, obtaining

a web shell, search for web space. Actually, you require web space to upload

the web shell. You can get web space from AOL Hometown or Free Web. After

acquiring a web space, upload your web shell as .txt (Text file). Now, you are

panoplied with web shell. Next, you need to find Remote File Inclusion (RFI)

vulnerabilities. You can get them from Security Bay Exploit Den or milw0rm or

Security Focus or Packetstorm Security. In the RFI disclosure you will find

Obfuscated URL string that enables you to upload web shells remotely. An example

of a malformed URL would be www.anysite.com/nameofthecompany/somephp=evilscript.

Once you obtain the malformed URL, search for a website that is vulnerable to

the specific RFI. You can use Google to find websites that equates with the

vulnerability. Now, that you have a vulnerable website and web shell gear, what

would you do next. Just substitute the malformed URL string with the information

you have gathered and then execute it, in order to connect to the web server remotely

via web shells. If everything goes perfectly, then you will be redirected to the

web shell. In the web shell, you will get features and options to alter the web

server settings!

I need a live description

--------------------------

To make your work easier, let me give you an elucidated explanation of web shells. In

this section, I am actually going to show you how to deface a website using shells.

Please note that the site have been concealed for security reasons.

Say, I got a c99 shell, uploaded it in www.entr0py.securitybay.org. I also obtained

a Remote File Inclusion (RFI) vulnerability of a popular forum application. I also searched

Google for vulnerable websites. So, finally got all the things ready, like web shell, RFI

and vulnerable website. Next off, I execute the obfuscated URL string and find myself

in the web shell data screen. I wonder what should I do to please the readers. I suddenly

feel that I should get administrator privileges in the forum, which is vulnerable to the

RFI vulnerability. So, I quickly find the forum config.php file and acquire the database

username and password. Now, in the c99 web shell I shoot the SQL Manager and provide the

database username and password. This redirects me to the SQL information of the forum. In

the SQL information tables, I find the user table. There, I search for my username and alter

it in such a manner that I get to sit in the administrator group. So, it's clear that once

I get to be in the administrator group, I am myself the administrator of the forum! Piece of

cake, ain't it?

Conclusion

--------------

Whew, justice done to all those who mass-mailed me for this tutorial. Though, there are many

other techniques associated with web shells. But, I guess you can figure out those yourselves.

I will get back to you as soon as possible. And, one more thing, these techniques are deployed by script kiddies, so I recommend you to try out high-end and sophisticated techniques like XSS or script injections to hack websites, not that I support defacement, just an advice. So, that pretty much concludes the tutorial on Hacking with Shells by Yours Truly. So, until next time ...Peace Out ...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...