Follow us on Twitter!
It is never to LATE to become what you never WERE.
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 21
Guests Online: 21
Members Online: 0

Registered Members: 82908
Newest Member: krishna7799
Latest Articles

Basics OF webhacking

Arrow Image Basics Of WeBhAcKiNg
nothing more nothing less



Basics of webhacking

Tools : Command Prompt

\\*\\/*/
/*/\\*\\

1) Finding a server I.P

\\*\\/*/
/*/\\*\\

First of all you will want the server I.P address, to gain this goto your start menu and click run. Then type cmd or command (whichever works).

Type the following :

ping target.com

You should get something similiar to the following output :

Pinging target.com [80.20.20.20] with 32 bytes of data:

Reply from 80.20.20.20: bytes=32 time=121ms TTL=51
Reply from 80.20.20.20: bytes=32 time=123ms TTL=51
Reply from 80.20.20.20: bytes=32 time=120ms TTL=51
Reply from 80.20.20.20: bytes=32 time=120ms TTL=51

Ping statistics for 80.20.20.20:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 120ms, Maximum = 123ms, Average = 121ms

You now have the server I.P

\\*\\/*/
/*/\\*\\

2) Look up the host\'s name server

\\*\\/*/
/*/\\*\\

Now in command prompt, type nslookup. Nslookup will say something like:

Default Server: blah.blah.net
Address: <ip>

Now type set type=all, this will show all server details.
Next type the server domain E.G target.com

You should get an output similiar to :

Non-authoritative answer:
target.com internet address = 80.20.20.20
target.com
primary name server = ns1.target.com
responsible mail addr = hostmaster.target.com
serial = 2005032200
refresh = 50400 (14 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
target.com nameserver = ns1.target.com
target.com nameserver = ns2.target.com
target.com MX preference = 5, mail exchanger = smtp1.target.com
target.com MX preference = 10, mail exchanger = smtp2.target.com

ns2.target.com internet address = 80.20.232.20
ns1.target.com internet address = 80.20.3.2

You now have the nameserver details of this website. What to do next?

Well open up your browser and type http://ns1.target.com or http://ns2.target.com

What you get there depends on the website you are looking at, sometimes you get a placeholder or a domain name login page.

\\*\\/*/
/*/\\*\\

3) What about that i.p, what do i do with that? (part 1)

\\*\\/*/
/*/\\*\\

First of all you will want to scan for all open ports on that server. To do that check the end of this article where tools you will need will be listed.
When you obtain one of the tools just type in an i.p and it will scan for open ports.

You will now have a list of open ports on the webserver.

Here is a list of some common webserver ports:

Port Service
21 FTP (File Transfer Protocol)
25 SMTP (Simple Mail Transer Protocol)
53 Domain
80 HTTP (Hyper Text Transfer Protocol)
3306 MYSQL

For an advanced list goto http://www.chebucto.ns.ca/~rakerman/port-table.html

Now you can do one of the following :
Open command prompt and type Telnet i.p port E.G telnet 80.6.6.5 80
This will connect to the i.p on the port which is open.

Sometimes you will get an output for example if it was port 25 you may get

220 mail.target.com ESMTP Sendmail 8.12.10/8.12.10; Sat, 26 Mar 2005 17
:50:43 -0500

You could use that to send emails.

Or for port 21 it could be something like :

220 ProFTPD FTP Server ready.

User : type user
Pass : type pass

On port 3306 you could access their sql database.

To do this download the newest version of mysql and install it:
http://dev.mysql.com/downloads/

Once you have install MYSQL goto the installed directory and goto the bin folder and execute MySqlManager.exe

You will have a window in the center named something like MysqlM1, right click this window and goto register server.
A new window will come up:
In the following input the server details :

Servername : anything doesn\'t matter
Host : the target i.p
Port : 3306 usually

Select use standard security.

Obviously you will need the username and password.

Here are common ones:

User Password

\\*\\/*/
/*/\\*\\

root root
admin root
admin admin
admin root
apache apache
root apache

and so on, try various combinations. Your chances are very slim though, your better off trying to gain the password with an alternative method. Brute Force,Dictionary.

Now click register, the newly assigned server will appear in the main window, double click it, if you gave correct login info it will open up the database.

\\*\\/*/
/*/\\*\\

4) What else can i do with that I.P (part 2)

\\*\\/*/
/*/\\*\\

Well, there are other things you may do with the newly obtained I.P. I will show you some below.

http://ip:port
ftp://ip
https://ip:port

Or open command prompt and type :
net use * \\\\ip\\directory$ \'
note : directory being your input

You should get a message if you guess a correct directory e.g
Enter the user name for \'targetip\':

If you get an incorrect directory you will receive this message :
System error 53 has occurred.

The network path was not found.

For those of you who don\'t know, the command net will map a network drive on your system. The * simply tells the command to use the next free drive. For full synthax type net use /? or net /?.

\\*\\/*/
/*/\\*\\

5) Sql Injection

\\*\\/*/
/*/\\*\\

As there are plenty of articles on this site explain Sql injection i won\'t bother. I just thought i would mention it.

\\*\\/*/
/*/\\*\\

6) Cookie viewing,changing

\\*\\/*/
/*/\\*\\

Again i have seen articles on cookies so i won\'t explain this.

\\*\\/*/
/*/\\*\\

7) Good Tools for web hacking. (google them)

\\*\\/*/
/*/\\*\\

Brain (You might get one....maybe :-P)
Angry I.P Scanner (can be setup to scan ports)
BluesPortScanner (port scanner)
Stealth Http vulnerability scanner (Scans websites for known vulnerabilities)
N-Stealth (same as above)
WinSSLMiM (Man in the middle)
WinTCPKill (TCP connection killer)
WinDNSSpoof (DNS I.D spoofer)
SQLdict (Cracks SQL Servers with a dictionary attack)
WWWhack (guess passwords on login forms)
NETBrute (port scanner,password cracker)
Nmap (Excellent tool you should get it)
NTbrute (Hacking network shares)

\\*\\/*/
/*/\\*\\

If you need any help, send me a message at or add me to msn. o x i o<<<<at>>>>hotmail.co.uk (without the spaces or arrows)

And yes i know i make little sense, if you add me i may be able to help you.

\\*\\/*/ Araym|Velocity
/*/\\*\\ x9000q

Comments

Agazarothon June 24 2005 - 05:22:32
Erm, this is my article and that is my email?
frndteqon August 15 2006 - 11:45:06
hi , from which sites i can get these tools....................! ........
frndteqon August 15 2006 - 11:48:53
my email is frndteq@hotmail.com
Zephyr_Pureon October 12 2007 - 02:03:47
Well... you covered "server compromise", not "web hacking". In fact, none of your techniques actually addressed web technologies... this was not covered until the "Miscellaneous Tools" section. So, I can't really rate this article as anything more than poor... Maybe you should keep your article on topic next time.
austinatoron August 02 2008 - 04:58:51
Even tho this was not exactly what the title says it was going to be... still all in all a good read.
Legacyon November 03 2012 - 18:53:36
Okay So I Just Have One Question, I downloaded Hydra and tried to run it when I did this i just got a command prompt for about two seconds then it terminates itself and won't let me open it again. All help would be greatly appreciated.
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.