Code:Now here is a real hacking tutorial in which I am going to hack a real website,and that too in less than 20 seconds.and I am not kidding. Actually sites with PHP Hacking PHP 4.4 sites in 20 seconds - rdhacker.blogspot.com 4.4 have a SQL injection vulnerability in them which makes their Admin control panel easily accessible,and I mean in one big shot,you will be admin of that site. Remember,this tutorial is applicable on PHP4.4 machines with Apache running in parallel with them.Also,since I will be hacking REAL websites,I will not be displaying their URL’s or else I will be gunned down (by law of course :P).It will be partial in nature,that is I WILL not be teaching each and everything to you,I assume you know basics of SQL injection/PHP injection/Google searching,and if you don't then read these articles first - In the mean time,here is how you can start - Step 1 – Search for them Yep,make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy. Step 2 – Scan them Start by scanning them using Nmap,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login. Now just login using port 2000 ie - http://www.website.com:2000 and you will be comfortably login into admin page like this - You will login with port 2000 into website - rdhacker.blogspot.com Step 3 – Hack them Now in the fields,you have to type - username – admin password – a’ or 1=1 or ‘b domain - a’ or 1=1 or ‘b Inject the fields qith these values - rdhacker.blogspot.com and press go,you will login into admin and you have hacked into admin - rdhacker.blospot.com voila..you have hacked into admin. Actually sites based on PHP 4.4 have the vulnerability in them that they are vulnerable to SQL injection.It will literally take 20 seconds. I hope that was informative :P go learn something.Code:
Tutorial Originally made by : Me please dont leach, took me an hour to type the guide and yes Im X.E.R.O
Results 1 to 9 of 9
- 29 Nov. 2009 01:43am #1
[PHP]Hacking 4.4 sites in 20 seconds
- 29 Nov. 2009 02:10am #2
This is called Googledorking and you obviously got this from somewhere else and rewrote it.
- 29 Nov. 2009 04:17am #3
- 29 Nov. 2009 05:54am #4
I'm not completely sure that this works. I've never heard of a port 2000 being used to hack into any sort of admin CP. In fact, PHP nor Apache come with admin CPs, nor do I know what would possibly be in said CPs, nor is this a SQL injection as it claims.
I'm quite confused as to what this is supposed to do.
- 30 Nov. 2009 11:34pm #5
- 01 Dec. 2009 01:11am #6
For the password there's a list of them. That one doesn't always work and you can alsrk with the url to insert stuff to sql inject it.
But on topic, that doesn't make sense like gamechief said and I doubt that really works :/
- 01 Dec. 2009 03:23am #7
Yeah this doesn't exactly work he just leeched it off somewhere.
- 01 Dec. 2009 03:25am #8
um this is patched on most sql ejections. this is fail
- 01 Dec. 2009 03:57am #9ummm -___- nvm i hacked a web before with this but nvm.....