Hey guys,today after many day i am going to share some information on website hacking.I have performed this hack as a test locally on my website and it was 100% successful.All you need to do is to perform the below steps properly and inject your shells in the website which will do work for yours.Steps for hacking website using 0penCart VuInerabilityOpen Google and search this dork "Index of /fckeditor/editor/filemanager/connectors/" in googlesearch,a new page will load showing the result whichwill contain list many website.Select anyone website you want.Open the select website which you want to hack.You will find a folder name "connector".Open that folder(if connector folder is not there,don't panic,stay calm and open the "test.html" file).Once you have open the connector folder,you will find a file with name "test.html",open that file.At top left corner you will find "connector,current folder and resource type".Change the "connector" from "ASP.net" to "PHP" and select the directory where you want to upload your shell,default directoryis "root",you can change it from the field Current Folder by replacing "/" with the directory you want.Then select the resource file which by default is"files".You can change it to what ever you want(image,flash,media,invalid type,files).Now all you need to do is select the file you want to upload,for that click on choose file,browse to the file you want to upload,select it and click ok,then click onupload,Your file will be uploaded to the directory of the website.If it does not allow you to upload the "PHP" file,try uploading it your deface in html.Still same happens,then try uploading it as a image or a specialkind of extension with some special shells.NOTE : If none of your scripts or shells work,then it means that either your shells or scripts are not powerful or the target is not vulnerable at all.But in most of cases the targets are always vulnerable but the shells and scripts are not that powerful.So make strong and powerful scripts and then try.Always use proxy(proxy chains) or vpn before doing such type ofwork for your safety
Monday 6 April 2015
Hack Website with Google
Hey guys,today after many day i am going to share some information on website hacking.I have performed this hack as a test locally on my website and it was 100% successful.All you need to do is to perform the below steps properly and inject your shells in the website which will do work for yours.Steps for hacking website using 0penCart VuInerabilityOpen Google and search this dork "Index of /fckeditor/editor/filemanager/connectors/" in googlesearch,a new page will load showing the result whichwill contain list many website.Select anyone website you want.Open the select website which you want to hack.You will find a folder name "connector".Open that folder(if connector folder is not there,don't panic,stay calm and open the "test.html" file).Once you have open the connector folder,you will find a file with name "test.html",open that file.At top left corner you will find "connector,current folder and resource type".Change the "connector" from "ASP.net" to "PHP" and select the directory where you want to upload your shell,default directoryis "root",you can change it from the field Current Folder by replacing "/" with the directory you want.Then select the resource file which by default is"files".You can change it to what ever you want(image,flash,media,invalid type,files).Now all you need to do is select the file you want to upload,for that click on choose file,browse to the file you want to upload,select it and click ok,then click onupload,Your file will be uploaded to the directory of the website.If it does not allow you to upload the "PHP" file,try uploading it your deface in html.Still same happens,then try uploading it as a image or a specialkind of extension with some special shells.NOTE : If none of your scripts or shells work,then it means that either your shells or scripts are not powerful or the target is not vulnerable at all.But in most of cases the targets are always vulnerable but the shells and scripts are not that powerful.So make strong and powerful scripts and then try.Always use proxy(proxy chains) or vpn before doing such type ofwork for your safety
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment