How to invade a designated website!
First, observe the specified Web site.
The intrusion of the specified site is conditional:
To see whether the site is dynamic or static.
First introduced under what kind of site can be invaded: I think it must be a dynamic site such as ASP, PHP, JSP and other code to write the site
If it is static (. htm or HTML), it is generally not successful.
If the target site to be invaded is dynamic, you can exploit the vulnerability of the dynamic website.
Quote: The following are common ways to invade a website:
1. Upload Vulnerability
If you see: Select the file you want to upload [re-upload] or "Please login to use", 80% there is a loophole!
Sometimes uploads do not necessarily succeed, because cookies are different. We are going to use Wsockexpert to get cookies. Then upload it with domain.
2. Injection vulnerability
Character filtering is not strictly caused by
3. Bauku:%5c in the middle of the two-level catalogue
4. ' or ' = ' or ' This is a language that can connect to SQL. Can be directly into the background. I collected a bit. Similar to the following:
' or ' = ' or ' a ' = ' a ') or (' a ' = ' a ') or ("a" = "a" or 1=1– ' or ' a ' = ' a
5. Social engineering. We all know that. is to guess the solution.
6. Write to the ASP format database. It's just a word. Trojan 〈%execute request ("value")%〉 (the database must be an ASP or ASA suffix)
7. Source use: Some websites are used to download the source code. Some webmasters are lazy. Don't change anything.
For example: default database, default background address, default Administrator account password, etc.
8. Default database/webshell Path utilization: Such a site a lot of people others
/databackup/dvbbs7. Mdb
/bbs/databackup/dvbbs7. Mdb
/bbs/data/dvbbs7. Mdb
/data/dvbbs7.mdb W7
/bbs/diy.asp
/diy.asp
/bbs/cmd.asp
/bbs/cmd.exe
/bbs/s-u.exe
/bbs/servu.exe
Tool: Website Hunter digging chicken Ming Boy
9. View Catalog method: Some websites can be disconnected from the directory and can access the directory.
210.37.95.65 Images
10. Tool Overflow
11. Search Engine Use
(1). inurl:flasher_list.asp default database: Database/flash.mdb background
(2). Find the management background address of the website
Site:xxxx.comintext: Management
Site:xxxx.comintitle: Management keywords many, self-search
(3). Find Access database, MSSQL, MySQL connection file
Allinurl:bbsdata
Filetype:mdbinurl:database
Filetype:incconn
Inurl:datafiletype:mdb
12.COOKIE scam: Change your ID to admin, MD5 password is also changed to his, with Guilin veteran tool can modify cookies.
13. Use of common vulnerabilities: such as dynamic network
You can use the: Dvbbs Permission Elevation tool to make yourself a foreground administrator.
Then, use: Dynamic network headspace paste tool, find a headspace paste, and then get cookies, this wants you to do it yourself. We can get cookies/nc bags with Wsockexpert.
This I do not do, the online tutorial is more, self-the next look.
Tools: Dvbbs rights lifting tool Dynamic mesh headspace paste Tool
14. There are some old loopholes. such as iis3,4 View Source, 5 of
Cgi,php some of the old holes, I will not say AH. It's too old. There's no big use.
General intrusion Ideas
1. Script vulnerability: script injection (ASP PHP JSP); Other scripting vulnerabilities (upload vulnerability, cross-site vulnerability, etc.)
2. Side note: The domain name next to the note; IP "Side note
3. Overflow vulnerability: local overflow, remote overflow
4. Network eavesdropping: ARP spoofing; IP spoofing
5. Social engineering
Simply put, you can use the above methods to invade, if the designated site does not have loopholes, you can also use other ways ...
There's more than one way to the computer.
If the target site program does not have a vulnerability, you can follow these methods:
First judge the other Site server host IP address, such as: Ping www.baidu.com, you can get Baidu website server IP address, of course, can also use the side note and other tools to query the IP address of the target website server ...
Can try to invade the target site is located on the server, you can use the side-note tool to find out how many sites on this server ...
If the target site is not vulnerable, you can try to invade other sites on the same server ... If you can invade other sites on the same server, you can get permission to see if you can get the right to the server and so on.
You can also directly invade the server of this website!
For example: Scan the software with the IP port, scan which ports the target server has open, and then exploit the open vulnerability port. Common Vulnerability port How to invade, the forum has a lot of this information. You can also query the target server what vulnerabilities, such as Microsoft's latest oday vulnerability, exploit the vulnerability to get server permissions. Trojan Invasion, let the website host infect your Trojan. Mainly to see if the target Web Server system exists a vulnerability
Some ways to invade a designated website (Idea article)