About
Community
Bad Ideas
Drugs
Ego
Erotica
Fringe
Society
Technology
Hack
Introduction to Hacking
Hack Attack
Hacker Zines
Hacking LANs, WANs, Networks, & Outdials
Magnetic Stripes and Other Data Formats
Software Cracking
Understanding the Internet
Legalities of Hacking
Word Lists
register | bbs | search | rss | faq | about
meet up | add to del.icio.us | digg it

Nemesis: Tactical Guide to Web Server Infiltration

by protonigger

NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.

This article is in no way a complete guide to breaking into any web server. Instead this article serves as an introduction to beginners who want to "learn how to hack". Though breaking into web servers is far from hacking, it can at times be a good learning experience, and is a good first step into bigger and better things. For the most part, web site defacing is frowned upon by most. Personally, I support defacing as long as it is done for a cause (a cause besides to tell the world that you "0wn" them), however the fun of simply breaking in should be enough. So lets begin...

Section I: What you will need

For this part I will assume the reader of this article is running on a windows operating system (windows being one of the most popular operating systems on the market, and what most users run on). First you should download yourself a c compiler, and perl. Then download a tool called Sam Spade, and any network scanner you feel most comfortable with (nessus, LANguard, Shadow Security Scanner, just to name a few....keep in mind that nessus comes in two parts, client and server, and only comes with a windows client. Therefore if you are using windows you will still need to install the server portion on a linux OS). There will be other tools you will want to pick up on later (netcat, nmap, just to name a few), but for now this is a decent beginner collection. So let's get cracking....

Section II: Identifying your target

Now it's time to seek out your target if you don't already have one picked out. To do this you can load up a search engine (www.google.com for example), search for anything, and skim the results for an easytarget. Since this is your first crack you will be looking for a non-corporate web site on an IIS server. Web sites for libraries in rural USA, personal sites hosted from third world countries, you are going to be trying to aim as low as possible. Once you think you have found an easy target, load up Sam Spade, type in the site address, and click "Web". When the window pops up just click "ok" (don't worry about the options). Now you will see a window pop up that will show server and site information at the top, and the site's source below it. If the part that says "Server:" doesn't say "Microsoft IIS (version number)" then move on to another site. However, if it does then you have your first target (you can worry about exploiting other servers later). Click "dns" to resolve to ip address of the site (for an easy target, it is usually safe to just dns, but as you advance you will discover other safer methods of resolving ip addresses).

Section III: Infiltrating your target

Now you are ready to scan, but first you need to change the settings on your scanner to bounce the scan off a proxy server (so that it looks like the scan is coming from somewhere else of course). To do this you need to take a visit to www.multiproxy.org and pick out an anonymous proxy. Then go into "options" and find where it says "use proxy" (or something like that), add the proxy address and port, and click "ok". Now start the scan, sit back, and wait for the results.

If you picked a good target you should see plenty of exploits to choose from, and since this is an IIS server that you are exploiting, then you should be able to exploit most of the vulnerabilities with yourinternet browser (the simplicity of it all will astonish you). Now to exploit these vulnerabilities you need to first edit your browser options to make it go through a proxy server before connecting to thesite (Control Panel/Internet Properties). The vulnerabilities that can't be exploited using the internet browser will have bugtraq links attached that will bring you to a page that will explain the vulnerability in further detail and tell you how the vulnerability can be exploited. If the scanner you use does not come up with many results, or no results at all. Try installing a different scanner and trying it (for example, if you used LANguard and didn't come up with much, then download Shadow Security Scanner and try scanning the same address). If the results are the same then simply move on to a different site. Anyways, back to the exploitation. Once you have access it would be wise to first search for the log files. These are held in different directories, usually depending on which operating system the server is running off of. Then just clear out the logs. After that you can do what you want. If you are going to deface then I would suggest already having an html file ready so that when you are in you can simply swap it with the original html file (index.html usually). You don't want to spend too much time in the server and you want to do this as late as possible (as late as possible according to their time, you have to keep time zones in mind). Three or four o' clock a.m. is usually a good time.

Section IV: Conclusion

If you do get into web site defacing, then just keep in mind that it is nothing you want to just settle into. You also need to get familiar with different operating systems, and learn to exploit different types of servers. You will also after a while need to learn to write your own scripts. I suggest learning perl very early on. With perl you can write a script to exploit certain vulnerabilities you know exist on a certain server, or write a script that scans for servers that are vulnerable to a certain exploit (there are seemingly endless possibilities with perl). The point is you need to develop. Never stop learning. There will always being something new to learn, and you need to approach that which you don't know as a willing pupil, eager to learn. Good luck.

Note: If you have any questions or comments you can reach me at [email protected] and I will try to get back with you as soon as possible.

 
To the best of our knowledge, the text on this page may be freely reproduced and distributed.
If you have any questions about this, please check out our Copyright Policy.
 

totse.com certificate signatures
 
 
About | Advertise | Bad Ideas | Community | Contact Us | Copyright Policy | Drugs | Ego | Erotica
FAQ | Fringe | Link to totse.com | Search | Society | Submissions | Technology
Hot Topics
Php
Withstanding an EMP
Good computer destroyer?
Wow, I never thought the navy would be so obvious.
Alternatives Internets to HTTP
Anti-Virus
a way to monitor someones AIM conversation
VERY simple question: browser history
 
Sponsored Links
 
Ads presented by the
AdBrite Ad Network

 

TSHIRT HELL T-SHIRTS