Tools required:
Hacking Knowledge
GNY.Shell
DISCLAIMER:
THIS TUTORIAL IS FOR EDUCATION PURPOSE ONLY!!! YOU MAY NOT READ THIS TUTORIAL IF YOU DON'T UNDERSTAND AND AGREE TO THIS DISCLAIMER. ME AS AUTHOR OF THIS TUTORIAL NOT BE HELD RESPONSIBLE FOR THE MISUSE OF THE INFORMATION CONTAINED WITHIN THIS TUTORIAL. IF YOU ABUSE THIS TUTORIAL FOR ILLEGAL PURPOSES I WILL NOT BE HELD RESPONSIBLE FOR ANY ACTION THAT MAY BE TAKEN AGAINST YOU AS A RESULT OF YOUR MISUSE.
NOTE:
USE ANONYMOUS PROXY!!!
Introduction
Sometimes site that is your TARGET just isn't hackable. Even Acunetix Web Security Scanner can't find useful vulnerability. In that kind of situation the only thing that might work is to hack site (backdoor site) that
is on same server and through that site and through server to penetrate the site.
Finding Backdoor Site
To find backdoor site go to
Code:
http://www.domaintools.com/
As a result you'll get Whois Record
Look for Reverse IP
In our case 25 other sites hosted on this server.
Click on it to see names of the hosted sites on the same server.
You will see few of them, to see all, click on more...
To see them all you must be a member.
You can easily Sign up for a FREE account by cicking on Create an Account >
(use some anonymous email service for that)
As a member you can see all 25 other sites hosted on that server.
Hacking Backdoor Site
Here we have 25 potentional backdoor sites and our target one.
Let's say after analysing we find that our backdoor sites No17 (as example) and target No22
Backdoor site can be any one from the list who can be hacked and sell uploaded
Penetrate Target Site
By cicking on var/ at www.backdoorsite.com we go straight to root of the server
Where we can find our www.target.com dir.
Sometimes premisions isn't drwx but dr-x which is more then enough to readconfiguration file.
With data from that file we can hack unhackable site...
0 comments:
Post a Comment