Moonbat
07-23-2007, 05:55 PM
*. Identify the target.
Example, let's see... http://www.all-nettools.com/
2. Do research on said target. Example, let's see...
Using a site called Netcraft (http://news.netcraft.com/) you can find out a lot.
IP: 2*6.*2.207.*77
Operating System: FreeBSD (Unix-like operating system)
Web Server: Apache, version *.*.2*
Organization: TamoSoft, PO Box **85, Christchurch, 8*40, New Zealand (Aotearoa)
Now, we gotta research any vulnerabilities for this version of Apache, because before you can get into the Operating System, you have to get into the Web Server. Unless you can somehow install a trojan on the server, which most likely you won't be able to do on a server that has no human operator to be stupid and download something, this is the route you will have to follow.
Now, look on http://www.milw0rm.com/ for exploits, and I found a few that MAY work for this version.
Apache *.*.*-2.0.48 mod_userdir Remote Users Disclosure Exploit
http://www.milw0rm.com/exploits/**2
Apache *.*.x mod_mylo Remote Code Execution Exploit
http://www.milw0rm.com/exploits/67
Now, before we try something like using server exploits, we should look for web based vulnerabilites in the site itself. We should look for either 'SQL Injections' or 'Remote File Inclusion' vulnerabilites, if you dont' know what those are, Google them up. Now on a site like AllNetTools, you will most likely NOT find one of these vulnerabilites, because it doesn't use a CMS (content management system) and most likely will not have much room for human error in coding. So we will have to skip to trying exploits, which I won't do because I don't want to try to hack this site :D
Anyway, since we can't (or won't) get into the web server, I'll speak hypothetically from now.
Now, if you get into the web server, upload a web shell, a shell is a way of interfacing with the web server, other than logging into FTP or using a cPanel to access your files. Now, here is an example of a shell you can upload:
http://thedefaced.org/shell.phps
Very basic shell, only one I could find quickly. Now, you would take the code on that page, and make a .php file in your own computer, and copy/paste the code there. Save it as anything (like shell.php, config*.php, or anything), then upload the file you made to the web server.
TO BE CONTINUED IN A SECOND PART
Example, let's see... http://www.all-nettools.com/
2. Do research on said target. Example, let's see...
Using a site called Netcraft (http://news.netcraft.com/) you can find out a lot.
IP: 2*6.*2.207.*77
Operating System: FreeBSD (Unix-like operating system)
Web Server: Apache, version *.*.2*
Organization: TamoSoft, PO Box **85, Christchurch, 8*40, New Zealand (Aotearoa)
Now, we gotta research any vulnerabilities for this version of Apache, because before you can get into the Operating System, you have to get into the Web Server. Unless you can somehow install a trojan on the server, which most likely you won't be able to do on a server that has no human operator to be stupid and download something, this is the route you will have to follow.
Now, look on http://www.milw0rm.com/ for exploits, and I found a few that MAY work for this version.
Apache *.*.*-2.0.48 mod_userdir Remote Users Disclosure Exploit
http://www.milw0rm.com/exploits/**2
Apache *.*.x mod_mylo Remote Code Execution Exploit
http://www.milw0rm.com/exploits/67
Now, before we try something like using server exploits, we should look for web based vulnerabilites in the site itself. We should look for either 'SQL Injections' or 'Remote File Inclusion' vulnerabilites, if you dont' know what those are, Google them up. Now on a site like AllNetTools, you will most likely NOT find one of these vulnerabilites, because it doesn't use a CMS (content management system) and most likely will not have much room for human error in coding. So we will have to skip to trying exploits, which I won't do because I don't want to try to hack this site :D
Anyway, since we can't (or won't) get into the web server, I'll speak hypothetically from now.
Now, if you get into the web server, upload a web shell, a shell is a way of interfacing with the web server, other than logging into FTP or using a cPanel to access your files. Now, here is an example of a shell you can upload:
http://thedefaced.org/shell.phps
Very basic shell, only one I could find quickly. Now, you would take the code on that page, and make a .php file in your own computer, and copy/paste the code there. Save it as anything (like shell.php, config*.php, or anything), then upload the file you made to the web server.
TO BE CONTINUED IN A SECOND PART