Hacking webpages part1
There is many different methods of hacking users web pages on a server. I
will attempt to list as many ways possible but don't expect very much in depth
Okay suppose you found a page you want to hack, that is on someone else's server
that's a basic server, light security. Okay very light security. I will be
truthful. This pretty much works on servers with no security.
Getting a password file is pretty easy. Simply telnet into the servers FTP
anonymously and look in the ETC directory and get the file called Passwd.
Another way to get them is to find your target and in
a WWW browser type cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd after
the servers name. For example the name may be http://www.hackme.com/, you
except instead of www.hackme.com you would replace that with your targets URL.
You may get a passwd file that has no user accounds, but only defaults which
where the encrypted password should be a * would be in its place. On certain
servers with this you may have a shadowed passwd but on all passwd files i have
come across there is some user names like FTP and NEWS that have no encrypted
passwords which is replaced with *. If you find only this and no encrypted
passwds you probably have found a fixed passwd file and you must try another
method of hacking the server. You need to examine this file and look for a line
in the text that looks like this:
rrc:uXDg04UkZgWOQ:201:4:Richard Clark:/export/home/rrc:/bin/kshdoes not
need to look exactly like that, the only important part it needs it the
uXDg04UkZgWOQ and rcc, which is the login part. Get a program called John the
Ripper which can be found on any hacking site on the web. If you are to lazy, or
stupid to find one on the web here is a good place to go for newbies
will not go in depth right here on passwd files, but i have written a text on
passwd's going good into the subject which can be found at
http://www.xtalwind.net/~lmclaulin/ugpasswd.txt. Anyway, using John the
Ripper is easy, if you want to quickly hack something give the command (in DOS
prompt) "john passwd -single" Replace "passwd" in there with the name of the
passwd file, you may have saved it as passwd.txt or something. An important
thing to remember is that the passwd file needs to be in the same directory as
John. To see a list of other methods for
cracking a passwd file, just type John and it will give you a list of commands.
I have found john won't work for me with wordlists but other people say that it
works fine for them. You can use incremental mode (to use that the command is
"John passwd -incremental" It takes like a few days to finish so I wouldn't
really want it to let it go on forever and ever if it was just some normal
passwd file. Unless its like NASA's passwd file (keep dreaming, they probably
change passwords everyday and that file is very outdated) I wouldn't want to use
that too much. To see a complete list of John's cracking capabilities, just type
john and it will give you a list of commands that you may use.
In my next post you will find a tutorial on "How to hack website if you
Have an Account with the Users Server"
About the Author
Write admin description here..