DO AT YOUR OWN RISK.I AM NOT RESPONSIBLE FOR ANY DAMAGE OR ANY OTHER BY DOING SO..
THIS IS ONLY FOR EDUCATIONAL PURPOSE....
This tutorial is applicable on PHP4.4 machines with Apache running in parallel with them.The sites with PHP have a SQL injection vulnerability in them which makes their Admin control panel easily accessible.I will show u how to hack a website in the following steps..
I am repeating..I AM NOT RESPONSIBLE FOR ANY DAMAGE..
Step 1 – Search for them
Make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy.
Step 2 – Scan them
Start by scanning them using Nmap,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login.
Now just login using port 2000 ie -
http://www.website.com:2000
and you will be comfortably login into admin page like this -
Step 3 – Hack
Now in the fields,you have to type -
username – admin
password – a’ or 1=1 or ‘b
domain - a’ or 1=1 or ‘b
and press go,you will login into admin
That' all...you have hacked into admin. Actually sites based on PHP 4.4 have the vulnerability in them that they are vulnerable to SQL injection.It will literally take abt 20 seconds.Hope it is helpfull...
TRY AT UR RISK...
0 comments:
Post a Comment