This post is not written by me just wanted to share this interesting article which i found while i was surfing .. so read on
Hacking PHP 4.4 sites with in 4 seconds
[b]Step 1 [/b]– Search for vulnerable sites
Make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy.
Step 2 – Scan them
Start by scanning them using Nmap,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login.
Now just login using port 2000
and you will be comfortably login into admin page like this -
![[Image: asd%5B12%5D.jpg?imgmax=800]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5kXcnoa0ZtrQnWAHUnL-6NPG35qTMtuB1_OQ-NwNOaWjS-IWBwLT2lvrtY_mVB71AZcvxJkXP_4EQ0aSQdBTEynBTuNeBHUjwuE92Wlso_emYjnn5BegAlpAGt3OjUpf_ErfUiq4GaPbQ/?imgmax=800)
Step 3 – Hack them
Now in the fields,you have to type -
![[Image: asdf%5B12%5D.jpg?imgmax=800]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDxopVEH9Dk_BW-9CYwCZuuYsAA0jR-tqAua1_CjKJclYEFOTkEWgFxPoR5qtCmTg7zsN6tnfR8tfRY07sATiVMMWJCa-WcV3RDA_hL3_UPE60OWnOgP2HYedSiwxXuQ7aDq9UZ-zbkS0o/?imgmax=800)
and press go,you will login into admin
![[Image: dfr%5B9%5D.jpg?imgmax=800]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi4V1lOCmKnJdbaS6DrUmopZBPwX2eITB6hz4t70vJzvgHhE71gG8NPnfZ3KKae_32ueNFTa9sXBIAtslv0UKtmk4FwDFAPrABaYxtEQ8b-viMZvMHKfbLKL0OnAKG9eyhbb9y1DDsUC5L/?imgmax=800)
[/code]
voila..you have hacked into admin. Actually sites based on PHP 4.4 have the vulnerability in them that they are vulnerable to SQL injection.It will literally take 20 seconds.
I hope that was informative :P go learn something.
Hacking PHP 4.4 sites with in 4 seconds
[b]Step 1 [/b]– Search for vulnerable sites
Make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy.
Step 2 – Scan them
Start by scanning them using Nmap,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login.
Now just login using port 2000
Code:
ie -
[b]http://www.website.com:2000[/b]and you will be comfortably login into admin page like this -
Step 3 – Hack them
Now in the fields,you have to type -
Code:
username – admin
password – a’ or 1=1 or ‘b
domain - a’ or 1=1 or ‘band press go,you will login into admin
[/code]voila..you have hacked into admin. Actually sites based on PHP 4.4 have the vulnerability in them that they are vulnerable to SQL injection.It will literally take 20 seconds.
I hope that was informative :P go learn something.
0 comments:
Post a Comment