Now here is a real hacking tutorial in which I am going to hack a real website,and that too in less than 20 seconds.and I am not kidding. Actually sites with PHP 4.4 have a SQL injection vulnerability in them which makes their Admin control panel easily accessible,and I mean in one big shot,you will be admin of that site.
Remember,this
tutorial is applicable on PHP4.4 machines with Apache running in
parallel with them.Also,since I will be hacking REAL websites,I will not
be displaying their URL’s or else I will be gunned down (by law of
course ).
Here is how you can start -
Step 1 – Search for them
Yep,make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy.
Step 2 – Scan them
Start by scanning them using Nmap,Do and intense scan and find the open
ports. If you find port 2000 open,then you have almost got it. most
websites running PHP4.4 have this port for admin login.
Now just login using port 2000 ie -
"http://www.website.com:2000/"
and you will be comfortably login into admin page like this -
Step 3 – Hack them
Now in the fields,you have to type -
username – admin
password – a’ or 1=1 or ‘b
domain – a’ or 1=1 or ‘b
and press go,you will login into admin
voila..you have hacked into admin. Actually sites based on PHP 4.4 have
the vulnerability in them that they are vulnerable to SQL injection.
Related Posts: Website Hacking Tricks
Posts
0 comments:
Post a Comment
Note: only a member of this blog may post a comment.