gopher.createaforum.com/1/forums/gworld/p/278

   DIR Return Create A Forum - Home
       ---------------------------------------------------------
       gworld
  HTML https://gworld.createaforum.com
       ---------------------------------------------------------
       *****************************************************
   DIR Return to: HACKZ WORLD
       *****************************************************
       #Post#: 278--------------------------------------------------
       HOW TO.HACK A WEBSITE
       By: eba95 Date: August 4, 2010, 7:39 am
       ---------------------------------------------------------
       Hacking a website or its member
       section
       First of all,why you want to hack a
       webpage?Is it a certain webpage or
       any site at all? There are many
       reasons to hack a website, or a
       webmaster.Maybe you want to take
       a revenge or maybe you want to
       have fun or just learn how to do it !
       You can deface the website which
       means replace the original index
       with a new one or you can gain
       access to the member area of the
       site which might be easier.
       Defacing
       You can deface the site through
       telnet or your browser by running
       remote commands on an old or
       misconfigured server, the hard thing
       to do is find an old server , maybe a
       network of a school or university
       would do,get a CGI BUG searcher.This
       program will scan ranges of IPs for
       web-servers and will scan them for
       known bugs in their cgis or other
       bugs and holes.You can learn how to
       exploite a certain hole by adding in
       yahoo the name of the bug/hole and
       the word exploit,search for "
       cmd.exe exploit".There are more
       than 700 holes that many servers
       might have! You can also deface a
       website by finding the ftp password
       and just browse through the sites ftp
       and replace the index.htm.You do
       that with the : Brute force
       To do that you need a brute forcer or
       brute force attacker and some word
       lists,the brute forcer sends multiple
       user/pass requests of words that
       picks up from namelists and tries to
       hack the account untill it does! So
       lets say imagine a porn site that asks
       for a password , you go there you
       copy their address , you add the
       address in a program called brute
       forcer and then from the brute forcer
       you choose a text file with names to
       be used as usernames and a text
       with names to be used as
       passwords,the brute forcer will try
       untill it finds a correct user/pass This
       should be easier for the newbies
       than exploiting cgi bugs , many of
       the newbies havent even heard of it
       i hope i didnt confuse you with this
       tutorial there might be more tuts
       about web hacking and cgi bugs and
       such.Till then try to find the way to
       cgi bugs yourself with the cgi
       scanners in the Web Hacks section or
       download a brute forcer to crack
       accounts.
       *****************************************************