Tuesday, February 26, 2013

Exploiting a Web server - A complete tutorial by Mr. FreaK aka Silent Hacker



Hello Everyone ! Today I Mr. Freak aka Silent Hacker and am here to tell you about " How to exploit any server " . This is guide for the beginners to learn How to Hack the website by Exploiting the Server .  Here are some common question asked by the Newbie regarding this.

Why this Method ?
- This method is used when the Target site is not vulnerable to any of the vulnerabilities such as LFI , RFI , SQLI , XSS etc. 

Any benefit of this method ?
- By this method attacker is able to get the server access by finding the vulnerable website in the server and then attacker tries to get the access of the website what the attacker wants.  


 So here we begin :-

First of the things we require :-

  • Any PHP shell ( i am using DK shell beta version )
  • A Target website (  http://www.pakistanescortservices.com )
  • Brain xD
As in my example Our target is  www.pakistanescortservices.com  first of all we will try to find any vulnerability in the website. In my case target website is made in Wordpress . So we  scan it with Wp-Scan which is a Backtrack tool . Leave Backtrack we try to explore more about it . So, if you remember about SYMLINK . Yeah that's right Wordpress or Joomla websites can be hacked through the method called Symlink . 
One more Question arises here How to do Symlink when we don't have the server access. 
That's the thing we are going to Learn :D
Now we need to get the Target website's IP address . As we know we have lots of ways to get the Website IP address you can use any of the method.
I am going to use Yougetsignal.com website. The reason of using this site is that from this Reverse IP Lookup website we can also come to know about how many websites are hosted in the same server and which are the hosted sites ( We can get the Approx. websites )

So from above Image you can see that we got the IP Address of the website.
Now the Main work begins :D
Copy the IP address and go to http://www.bing.com
In the search type :- 
" ip:173.192.51.226 "
 ( Without quotes )
Now we will get the sites hosted in same Ip address now we need to find the vulnerable website in the server. For that we will use this search command :-
ip:173.192.51.226 .php?id= 

We are using .php?id= because sqli website contains .php?id= in their respective Url's

Now we have got the website for checking whether the website is vulnerable or not we will put the " ' " single inverted comma at the end of the Url . If we will get the SQL Syntax error then it means the website is Vulnerable to SQL Injection .
In my case the vulnerable website is :- http://www.mansol.com.pk/job.php?query=165'
Now You can inject your sql injection queries to the website by manually or Using tool for SQL Injection Such as Havij , SQL Map etc.

My Manual SQL Injection tutorial link :- http://zyan.me/PzUyJ 
Links for Tools :- Havij 1.15 Pro :- Click here

Now after analyzing the Target I got the Admin's User Info as Follows :-
Username:- admin
      Password:- *********
*Password not shown as per the security reasons 
Now find the admin panel of the website . In Havij there is option " Find Admin " You can get the admin panel from there .
Put the username and Password there and Login!
Now we have to upload the shell in the website . We need to look for the upload area . In this website i got it in the File Manager and i upload my shell there.
After successfully i uploaded my shell . Now time to get the shell link of the Upload shell.
Now open your uploaded shell then in my shell i.e. DK shell beta version . This is a auto Symlink Option click that.
Now search for your target www.pakistanescortservices.com and click on the Green Highlighted text. There you will find the Website Symlinked :D
As the website is in Wordpress click on wp-config you will get the config file and put in the Database .

My Manual Symlink video link :- Symlink tutorial by Silent Hacker ( Also shown how to change the database config and using it )
My Symlink Video by Using Perl Script :- Symlink by using Perl Script
*You can get the tools in the video description :D

Now after getting the database change the username and password of the website. Login in the website and upload shell and Do whatever you want to do :)
Target taken down successfully :- http://www.pakistanescortservices.com/

Thanx for reading my Tutorial . If you are facing any problem regarding this topic you can contact me on Facebook :-  https://www.facebook.com/Sil3nt.H4x0r
Here you can get my all videos regarding Hacking tutorial :)









6 comments:

  1. RESPECTABLE AV SIR PLZ GIVE ME THE LINK OF DK SHELL <<< >>> THANK YOU

    ReplyDelete
    Replies
    1. http://sourceforge.net/projects/icfdkshell/files/
      Pass for shell DK

      Delete
  2. Nice Tut Bro...but I hope font size could be bigger.

    ReplyDelete