Follow us on Twitter!
Become the change you seek in the world. - Gandhi
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 21
Guests Online: 20
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles

FrontPage Extension Hacking made easy

Arrow Image Just a simple tute for beginners on FrontPage Extension



Hello there n welcome to my very first tute. I will try to make as simple as it is. So let’s get started, I hope you know what FrontPage is, or at least you have heard of it. If you haven’t, then FrontPage is a program that is used to code web pages. And FrontPage Extension is add-on to the web server. FPext ( I will use from now on this tute for FrontPage Extension) can run in most of the web servers and most of the platforms. So it can run in Apache in a FreeBSD or in Windows 2000 with IIS. Well I guess that is enough for an introduction. So lets get started.

Well, to hack FPext you don’t need to be a master in it. Just the basics would do. If you have ever had a look at a FPext enabled web server, in the root you would notice a folder named _vti_pvt. Like www.vicitm.com/_vti_pvt/. This folder is what we are all after. In this folder there will be some files like.
access.cnf
botinfs.cnf
service.cnf
service.pwd
writeto.cnf
… and other files

What we are after is the service.pwd, Cuz this is the file that is holding the username and the encrypted password for that user. So now that you have an idea what we are after lets start some hacking. First of all, Blast some music. For hacks like this I like Justice for all – Metallica (guys don’t worry, I paid for the cd .

Lets find some targets for our hack. What we are gonna do is google for some targets. Fire up your best browser. I personally do not recommend Micro$ofts Internet Explorer. Use Mozilla or Firebird. I like Mozilla. Goto google.com, search with the keyword inurl:\"_vti_pvt\" inurl:service filetype:pwd . Hey just type that. Don’t wonder wtf is inurl and those shit. For the time being keep in mind it’s a google keyword. I will do a tute on google hacking laterz. In the time of writing this I found 150 results. Click on a search result. I clicked on the first one, eg: http://www.victim.com/_vti_pvt/service.pwd .
The file looks like this.
# -FrontPage-
admin:YbV1JnafKRmnQ
Let me explain what’s in the file. The first line is just a harmless comment. The second line the admin is the username and YbV1JnafKRmnQ is the encrypted password ( also called password hash). Its encrypted in DES (is an encryption algorithm).
So do a little search. Gather all the username+password hashes you wanna to crack.
Next step is cracking the passwords. I use John the Ripper to crack the hashes. It’s the best cracker I have found (hey, I aint advertising it). You can get it from http://www.openwall.com/john/ . Put all you usernames and hashes in this form and save it to a file.
Username:hash
Username:hash

Then start JTR and crack it. Run it bruteforcely or with a dictionary. I hope you know how to run JTR. As I am not gonna teach you. If you are hacker or Wanna to be a hacker then you should also learn something your self. Don’t just wait everything to be spoon-fed. Let the JTR run and take a rest. Hangout with some friends. I usually like to have a chat with some friends and exchange ideas while JTR is running. I don’t like to pop my eyes looking at the screen to see when its gonna get cracked.

The time JTR takes to crack a hash depends on the password. A password like abc wouldn’t take a second to get cracked. And a password like 1aml#$@x0& would take a while to crack (and that ‘while’ could depend on the speed of your pc).
Once you got it cracked, fire up FrontPage and go to File ~ open web. Then write the address and username and password. It should let you in to his account. And one thing I would check is when I am successfully logged in is, Check to see if the same username and password work for the ftp too. It happens. Everyone is talking about customer friendliness. So there is a fat chance.
Now upload the h4x0r page saying ‘I h4x0red ur website’ you designed. Now I strongly recommend not deleting anything. Don’t even delete the original index.html, just rename it.
One you are done. Don’t wait logged in to look around in the website. Just get out. And don’t go bragging to your friends about your hack. Sharing with some handful of trusted friends is okay. I even myself do that. Surely my girl knows things that hack. :p. Oh one thing. Don’t do things like this from your home. Then is will be a pissa cake to track your ass down.
And if you got caught by doing this. Don’t blame me, I wrote this for educational purpose. Not to break things. And you are the guy who did it. You are responsible for you own actions.


That’s it and happy hacking.
Geek007

Comments
No Comments have been Posted.
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.