How to deface a website
Hack or Deface Websites Online
Hello geekers. I will explain the methods used to deface a website or hack website’s database. This is the first hacking websites tutorial, Here I will briefly explain the methods used for hacking or defacing websites. I will also tell you how to protect your websites from these attacks such as sql injection.
Note: This post is only for educational purposes only.
WHAT IS DEFACEMENT?
Defacing a website simply means that we replace the index.html file of a site with our file. Then all the users who open it will see our uploaded page.
For defacing a website, three things that you need are:
1. SQL Injection (for database)
2. Admin Password
3. Shell Script
Now let’s start the tutorial:
For defacing a website, three things that you need are:
1. SQL Injection (for database)
2. Admin Password
3. Shell Script
Now let’s start the tutorial:
Check for vulnerability
Let’s say that we have a site like this
http://www.example.com/dept.php?id=5
To test if is vulernable, we add to the end of url ‘ (quote),
and that would be http://www.example.com/dept.php?id=5′
If we get an message like:
“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right etc…”
or something similar, that means the site is vulnerable to SQL injection.
if it not give error there may be blind SQL injection (discussed later).
DEFACING THE WEBSITE
First we have to find admin page.
1) You can use an admin finder website:
Code: http://4dm1n.houbysoft.com/
2) You can use an admin finder software:
Code: http://rapidshare.com/files/248020485/adminfinder.rar
Download the shell here:
http://rapidshare.com/files/248023722/c99.rar
Extract it, you will get a c99.php, then upload it.
Some sites wont allow you to upload a php file, so rename it as c99.php.gif and then upload.then go to
Extract it, you will get a c99.php, then upload it.
Some sites wont allow you to upload a php file, so rename it as c99.php.gif and then upload.then go to
http://www.site.com/images (in most sites images are saved in this dir, but if you cant find c99 there then you have to guess the dir)
Find the c99.php.gif and click it.
Now you can see a big control panel. You’re in!
Search for the index.html file and replace it with your own file.
If anyone goes to that site, they will see your page.
Find the c99.php.gif and click it.
Now you can see a big control panel. You’re in!
Search for the index.html file and replace it with your own file.
If anyone goes to that site, they will see your page.
How to deface a website online 2018 |100% working
Reviewed by Sourabh Sharma
on
May 01, 2018
Rating:
No comments: