Skip to main content

SQL Injection ,Hacking PHP 4.4 sites in seconds

Today I am going to teach you how to hack a certain type of websites with very least efforts. Websites with PHP  4.4 have a SQL injection vulnerability in them which makes their Admin control panel easily accessible,and in just few steps you will access the admin's account of that website.

Remember,this tutorial is applicable on PHP 4.4 machines with Apache running in parallel with them. Also,since I will be hacking REAL websites,I will not be displaying their URL’s or else I will be sued!!!.

 Also this tutorial is only for educational purpose.

 Here we go!!!



Step 1 – Search for them

Yep,make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy.You can do this by searching inurl:adminlogin .

 Step 2 – Scan them

Start by scanning them using Nmap ,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login.

Now just login using port 2000 ie -

http://www.website.com:2000

and you will be comfortably login into admin page like this -



Step 3 – Hack them

Now in the fields,you have to type -

username – admin

password – a’ or 1=1 or ‘b

domain – a’ or 1=1 or ‘b



and press go,you will login into admin


Now you have entered the admin panel ,Congrats!!
Labels:

Comments

Post a Comment

Popular posts from this blog

Finding IP address using facebook!!!!!

If you want to check for ip address of particular person on facebook or orkut or any other social site just invite them for a chat, so that your browser should connect to that system, than only when chat is ON open command prompt type the below command Netstat –an This will show you the  connected ip addresses, than from shown ip addresses search for suspicious ip address that is not the local connection address. Local connections normally start from 192.168.1.1 ranging to 192.168.1.255 Other netstat commands: -a Displays all connections and listening ports. -e Displays Ethernet statistics. This may be combined with the -s option. -n Displays addresses and port numbers in numerical form. -p proto Shows connections for the protocol specified by proto; proto may be TCP or UDP. -s option to display per-protocol statistics, proto may be TCP, UDP, or IP. -r Displays the routing table. -s Displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP; the -p op...
2 comments
Read more

How to create Bootable USB using Rufus

Rufus is a great software that allows you to create a bootable USB drive using an .ISO file.Its Ideal for installing programs and software on windows for whom CD drive are not available. In order to create a bootable USB drive you will need three things : 1 USB drive 2 Your .ISO file which you want to boot your USB with. 3. Rufus Let's get going!! STEP 1 First of all download Rufus , you can download it from their site -  https://rufus.akeo.ie/ Download the latest version (right now its Rufus 2.9). You don't need to install it , it runs directly STEP 2 : Inser the USB drive and open Rufus , make sure you take backup of all files in your USB drive because Rufus will format the USB before booting it. STEP 3: Once you have started Rufus check for all desired things. Make sure device field is set to the correct device(device that you want to boot i.e USB) Also Make Sure "Create a bootable disk " option is ticked else i...
Post a Comment
Read more