Deface Help !

[Teodor]

Well i've been hearing a lot of things about site defaceing ! Well can anyone help me to learn ? What exactly does a person need to deface a website?(besides knowledge ) ?

Help appreciated !

Cheers

[RNA]

Well i've been hearing a lot of things about site defaceing ! Well can anyone help me to learn ? What exactly does a person need to deface a website?(besides knowledge ) ?

Help appreciated !

Cheers

Well, to be able to defeace you need access.

So you'd have to know about exploits, vulerabilities and what nots.

Though I must say defacing isn't a good use of the gained knowledge, its your ethics that matter

[Lyecdevf]

Usually you would want to deface a PHP website. They are easier to get admin acess than most others and I have even seen tols to help you do it although I have never tried wether they really work.

[Teodor]

what program should i use for scanning?
Something simple to understand.... I know about acunetix, but i've heard talking about nmap !

So.....

[Lyecdevf]

Nmap is a port scanner. It shows you all the open ports at a given webserver. It is open source of course and is the most popular port scanner around as it is arguablly the best.

Nessus is a good vulnerabiliy scanner. It is still open source. You just have to fill out some stuff before you are allowed to download.

[Big-E]

Please explain to me why you would want to deface a website? Other than child pornography sites, I would have no need to deface any website regardless of what information is portrayed on it. Even if I don't agree with it, I am a huge supporter of free speach and a free internet. If people have the abilities and no morals as to deface websites, well it's not quite a free internet, is it?

[bad_brain]

keep away from vulnerability scanners.....they light up the logs like a christmas tree...and I don't know one that is really good anyway (too much false positives)..
nessus IS a good scanner, BUT you can't scan a random host with it! the "scanner" is just a client that connects to nessusd (the nessus daemon) on the host and nessusd is doing the actual scans, no nessusd on the host = no scan...

php sites are mostly attacked with remote file inclusions (rfi), check here for more info:
http://en.wikipedia.org/wiki/Remote_File_Inclusion


big-e: I agree with you, but well....if we are honest that was the stuff we were interested in as beginners too, right? it's ok to give some general info, but of course we will never support such activities by giving something like a step-by-step guide....

[Lyecdevf]

Please explain to me why you would want to deface a website?

By the time a person actually learns to deface a website starting from stratch he or she will spend countless of hours asking him self or her self wether it is actually worth it. I guess if you spend countless of unslept night pondering on how to deface a web site it is up to you to make that call.

[alien100]

i think we should make a tutorial on this!

[Nerdz]

big-e: I agree with you, but well....if we are honest that was the stuff we were interested in as beginners too, right? it's ok to give some general info, but of course we will never support such activities by giving something like a step-by-step guide....

Don't think so Alien...

[mo2332]

there is no reason to mess up a site for every 1 mabye hack in to i t and fuck with the admin but thats it

[kill3r]

i think we should make a tutorial on this!

I agree

[alien100]

i think we should make a tutorial on this!

I agree

its just because people keep asking and asking the same thing over and over agian

[visser]

will anybody or any group of people volunteer to write a tut on this subject. that would be pretty cool!!!!!!!!! and help us all out

[bubzuru]

iv got a couple ov tuts on RFI and sql injection ill send you them if u want