Website Hijacking – Complete Tutorial Part-1
Hello viewers!
I would make sure that all the viewers are comfortable and enjoying the posts
Okay now lets begin with the topic I have mentioned above.
What is the first thing that comes to your mind when you see a topic like
Website Hijacking ?? Do you feel like today after reading this you gonna hijack somebody’s website and bring the hell out of him?
lolz.. Well you can do that unless you are good at heart just to use
this material for educational and awareness purpose and the most
important thing is to safeguard your own website or your related website
that may be your family business or someone close enough needs to be
secured.
Alright as some of you may think why am I teaching you this and why
is the topic name hijack if I recommend you to secure and not steal.
Then let me tell you that the best way to secure yourself is to hack it
yourself. You can provide yourself the best security only when you are
good enough a thief
Well so here I begin with a motto to teach you guys how to secure yourselves.
Shall I ??
Okay! Here I go…
Every website that you visit or every website that is completely well
available in the net obviously has somebody controlling it. I guess you
call the guy ADMIN ?
Alright so does the admin sit there at the other end and wait for
you to enter login ID and password and then check it out with his
collection and allows or denies permission to access ?
Is it the case ?
Obviously “
NO” would be the reply, the admin has a
control panel as in case of your PC you have a control panel where you
have designed and predefined things to manage your system. The same goes
here the control panel is the mother of any website where the admin
acts as a very good obedient kid. The control gives a database to the
admin to store all the ID’s and passwords and when you try logging in
you enter the ID and password which is then approved by the website
database storing the ID’s and passwords.
Hence we all know that human are more intelligent than machine as we
created machine so we can cheat the machine, that is we bypass the
database procedure in some cases and in some cases we cheat the machine
and upload our shells or deface the website or in some cases the worst
is we poke and poke and poke the database using database management
system technique and steal all the information from the database and
gain access to the website. Have you guys not seen movies where one guy
gets the other guy drunk and flatter him and acquire the required info ?
That is the same in this case 3 too. We name this cases like the first
case is called kidding where you bypass the asp governed sites, the
second is XSS (cross site scripting method) and 3rd is the SQLi (my
sequel commands injection).
Now how many of you are aware of binary coding ?
Well I am here for the one’s who haven’t yet.
Binary coding is in terms of 0′s and 1′s for every single thing we
type as this is only what the system understands actually. even for ON
ad OFF its o for OFF and 1 for ON.
in case of TRUE-FALSE o for FALSE and 1 represents TRUE.
so we’ll move direct to the first hijacking method that is KIDDING or call it KIDDO method:
usually the admins are a bit more intelligent as they have been
gifted with few extra pounds of brain by their mother, so they use their
login page as followed by domain name:
/ADMIN
/admin
/Admin
/Administrator
/administrator
/ADMINISTRATOR.
Now whats the password how do we find that out? In fact who cares and
why should we waste our limited pounds brain finding the password for
an asp governed website when we can simply bypass the database.
Lets see how…
There are few gates that you must know before you attempt the bypass method:
AND gate and OR gate, as the name suggest AND similar to ADD (so this gate multiplies any two input and returns the output)
where as the OR gate adds the inputs and returns the output value correspondingly.
““““““““““““““““““““““““““““““““““`
Okay now understand these tables: `
““““““““““““““““““““““““““““““““““`
Now we bypass the password using these tables making the database to
read this conditions instead of typing the password and then the machine
converts it to binary and then checks it out, we simply give it the
binary codes directly and make the machine check the condition and give
us access!
Remember
this bypass is for asp governed site only so lets take an
asp governed site and show it to you:
Go to Google and search for asp login site and type the
username/user ID as types I have mentioned above and in place of
password try bypassing it using this method.
0 ‘or’ 0 ‘=’ 0 and hit enter you are either logged in or denied, if denied then try
1 ‘or’ 1 ‘=’ 1 and enter
Enjoy this, you have the entire tables above
Then XSS and SQLi are too big to be posted in this post so it will be
posted in my next post following thing… Hope you enjoy by then
http://www.webstatschecker.com/stats/keyword/adminlogin_asp_pk
Here are some dorks that will avail you this kinda vulnerable websites. Copy and paste them in Google search!
"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp"
cheers!!