Hello HackForums.
Today i will attempt to facilitate begginer webhackers by teaching them a way referred to as symlink.
What is symlink ?
Symlink could be a technique utilized by hackers to browse files from different users on a Linux server, solely by employing a php-shell.
So what will we need to start out the tutorial :
Requirements :
- a phpshell uploaded in a very Linux server (Safe MODE = OFF )
- a target website
- basic phpshell & Linux data
- a brain !
Let's begin by the tutorial.
Where to urge a target, if you simply have a phpshell uploaded in a very Linux server that has some sites ?
It's easy , 1st get the scientific discipline of the server.
Then visit bing.com and search like that :
Code:
ip:xx.xxx.xxx.xxx vbulletin
xxx replace with the scientific discipline adress of the server , and 'vbulletin', you'll be able to amendment to a reputation of a forum code or a CMS you would like as a target. except for this instance i will take vBulletin.
OK , currently we have a tendency to got the target website , let's suppose that its name is mytarget.com and it uses vBulletin forum code.
Now starts the $64000 hacking !
Go to your phpshell , and within the 'Execute command' field , execute there that command :
Code:
ls -la /etc/valiases/mytarget.com
By capital punishment this command , i will get the name of the user (on the Linux server) that keeps the web site mytarget.com.
It ought to come with a result just like that :
>>>>>>>-rw-r--r-- one target mail twenty eight might twenty eight 2011 /etc/valiases/mytarget.com
The red coloured piece is that the user of mytarget.com on the server.
So in our case the username is 'target'
Many people apprehend that the configuration file of vBulletin script ,can be found in /includes/config.php.
This is the file we'd like to browse in our case , so as to urge access at our target website.
How will we have a tendency to browse that file ?
Simple , execute that command on the shell :
Code:
ln -s /home/target/public_html/includes/config.php symlink.txt
As you'll be able to see, we're writting the content of config.php , into symlink.txt file.
After you execute the command , you'll se a replacement file referred to as symlink.txt.
Open it and w00t !! You with success browse the configuration file (symlinked).
Now , simply get AN MySQL connecter script coded in PHP , and login with the main points you get from configuration file of your target.Then at the admin table, get the admin's hash and crack it , or better , amendment the admin's email you yours , so do a forgot arcanum at mytarget.com
And then you with success can get full access in your target website !
That was all ,very simple if you follow over and over. perhaps shortly i'll create a video tutorial if you continue to did not perceive , simply request the video tut within the comments , and that i can strive ASAP to create it for you !
Thanks for reading , -ThatGuy- !
About Unknown
Hi, My Name is Hafeez. I am a webdesigner, blogspot developer and UI designer. I am a certified Themeforest top contributor and popular at JavaScript engineers. We have a team of professinal programmers, developers work together and make unique blogger templates.
0 comments:
Post a Comment