Wednesday, December 07, 2011

Complete Information On Web Hacking

HI FRIENDS,

I AM GOING TO DISCUSS SOME MOST COMMONLY USED WEB HACKING.WHICH ARE HELPFULL FOR HACKERS TO HACK ANY SITE. THIS WILL BE USEFUL TO SAVE YOUR SITE!
1.SQL INJECTION
2.XSS
3.SHELLS
4.RFI
5.THERE ARE SOME MORE ..


1.SQL INJECTION:-

SOME OF THE WEBSITES NOW A DAYS CONNECTED WITH SQL DATABASE.WHICH HELP THEM TO STORE USERNAMES AND PASSWORS(ENCRYPTED) IT IS USEFUL TO STORE USERNAMES AND PASS WORDS OF REGISTERED PERSONS
FOR SQL INJECTION WEBSITE MUST BE VULNERABLE
FOLLOW THESE RULES TO CHECK WHETHER TO CHECK VULNERABLITY..

IF THE SIT OF URL IS LIKE THIS

mysite. com/index. php?id=545

JUST ADD ' THIS AT THE END OF URL

mysite. com/index. php?id=545'

2.XSS:-

THIS IS ANOTHER WAY TO HACK ANOTHER WEBSITE. SUPPOSE THE WEBSITE FORUM ALLOWING FOR HTML IN THE POST OR ARTICLE then a hacker can post a malicious script into the content. So whenever a user opens up the page, the cookies would be sent to the hacker.
AND SHE/HE CAN DISGUISE THE WEBSITE UP 
 
 
3.SHELLS:-

Shell is a malicious .php script. What you have to do is, find a place in any website where you can upload any file like avatars, recepie, your tricks, your feedbacks. And you try to upload your shell files from there. And if its uploaded then WHOA!you open it from the URL bar and u can see the entire "FTP" account of that webhosting. YOu can rename/edit / upload/download anything u want including the index page.
This is also known as deface. 
 
4.RFI:-

RFI is a good way to deface a website. It is used with shell. Suppose you have uploaded your shell on:url as follows

mysite. com/shell.txt

just add something link this at the end

mysite. com/index. php?id=http://www. google. com

And if it includes the google page into your page, that means its vulnerable to RFI.  


 
 

0 comments: