Wednesday, March 18, 2015

How to inject,upload shell and Deface Website

Website defacement is an attack on a website that changes the visual appearance of the site or a webpage. These are typically the work of system crackers, who break into aweb server and replace the hosted website with one of their own. Defacement is generally meant as a kind of electronic graffiti, although recently it has become a means to spread messages by politically motivated "cyber protesters" or hacktivists.
The most common method of defacement is using SQL injections which allows gaining administrative access. Another method of defacement is through FTP once the username and password are obtained.
Defacements usually consist of an entire page. This page usually includes the defacer's pseudonym or "Hacking Codename." Sometimes, the Website Defacer makes fun of thesystem administrator for failing to maintain server security. Most times, the defacement is harmless and is only done to show off a system cracker's skills or for Hacktivism; however it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware or deleting essential files from the server.

A backdoor shell is a malicious piece of code (e.g. PHPPythonRuby) that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the hacker can use it to edit, delete, or download any files on the site, or upload their own.

How to upload Shell !! 
Hackers usually take advantage of an upload panel designed for uploading images onto sites. This is usually found once the hacker has logged in as the admin of the site. Shells can also be uploaded via exploits or remote file inclusion

TO Deface A wabsite we should following things:
  1. Vulnerable site
  2. admin panel | or | Full path
  3. Shell like C99.php
  4. Mind
  5. Defacing Page


         :::::::::::::::Watch on Youtube ::::::::




              :::::::::::::::Watch on playit.pk::::::::::::::


No comments:

Post a Comment