this one is on hacking web pages, and i included alot more information
on other methods than the traditional passwd file method, which most the
web page texts are on in the library right now. I fixed this one so it
doesn't scroll on and on like my text on passwd files [=. Goat
-***Hacking Web Pages***-
by Goat
Introduction
Please know that hacking webpages is consitered lame
in many's opinions, and it will most likly not give
you a good reputation. People can always check logs
once notified of hacking and most likly your address
will come up and then at worst they will press charges
for some elaborate computer crimes law and you will
goto prison for up to 10 years and owe alot of $. So
please attempt to refrain from abusing your knowlage
on this subject. This is for informational purposes
only.
"Free" Web Pages
Free webpages is web page hosting companies
like Tripod and Geocities that host peoples web pages
for free and make money off advertising. There is ways
to hack these companies and have access to all users,
but it would be to complex for most people. This way
is simply social engineering which is not very hard to
do, so don't proclaim yourself an Uberhacker because
you vandalised a poor guy's webpage, who just happened
to have his information on his site. All you have to do
is set up an account with a free email service like
hotmail and find your target. On your targets page up
need to have the date of birth, name, and their old
email, or instead of the DOB there address (I have lost
my pass to a smaller company, and they needed the
address i had registered with). All these free web page
companies have their "verification" for people who have
lost there password to their page. All their is to it
is once you have this information is you either email
the company telling them you changed your email address
and once that is done wait about 2 weeks and then email
them again saying that you lost your password. Most will
email you telling you that you need some sort of
verification, like the DOB or Address. In which you
email them back and tell them and get a new password.
On the other hand, companies like Geocities are too
busy for email so they have set up a web site where
members can get there password back
(http://www.geocities.com/help/pass_form.html).
User's Pages
There is many different methods of hacking users
web pages on a server. I will attempt to list as many
ways possible but don't expect very much in depth
information.
Getting Passwords
Okay suppose you found a page you want to hack,
that is on someone elses server thats a basic server,
light security. Okay very light security. I will be
truthful. This pretty much works on servers with no
security [=.
Getting a passwd file is pretty easy. Simply telnet
into the servers FTP anonymously and look in the ETC
directory and get the file called Passwd.
Another way to get them is to find your target and in
a WWW browser type
cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd after
the servers name. For example the name may be
http://www.hackme.com/, you would goto
http://www.hackme.com/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd except instead of www.hackme.com you would replace that with your targets URL.
You may get a passwd file that has no user accounds,
but only defaults which where the encrypted password
should be a * would be in its place. On certain servers
with this you may have a shadowed passwd but on all
passwd files i have come across there is some user
names like FTP and NEWS that have no encrypted passwords
which is replaced with *. If you find only this and no
encrypted passwds you probably have found a fixed
passwd file and you must try another method of hacking
the server. You need to examine this file and look for
a line in the text that looks like this:
rrc:uXDg04UkZgWOQ:201:4:Richard Clark:/export/home/rrc:/bin/kshdoes not need to look exactly like that, the only important part it needs it the uXDg04UkZgWOQ and rcc, which is the login part. Get a program called John the Ripper whcih can be found on any hacking site on the web. If you are to lazy, or stupid to find one on the web heres a good place to go for newbies http://www.hackersclub.com/km/
I will not go in depth right here on passwd files, but i
have written a text on passwd's going good into the
subject which can be found at
http://www.xtalwind.net/~lmclaulin/ugpasswd.txt.
Anyway, using John the Ripper is easy, if you want to
quickly hack something give the command (in DOS prompt)
"john passwd -single" Replace "passwd" in there with
the name of the passwd file, you may have saved it as
passwd.txt or something. An important thing to remember
is that the passwd file needs to be in the same
directory as John. To see a list of other methods for
cracking a passwd file, just type John and it will give
you a list of commands. I have found john won't work
for me with wordlists but other people say that it
works fine for them. You can use incremental mode
(to use that the command is "John passwd -incremental"
It takes like a few days to finish so I wouldn't really
want it to let it go on forever and ever if it was
just some normal passwd file. Unless its like NASA's
passwd file (keep dreaming, they probably change
passwords everyday and that file is very outdated)
I wouldn't want to use that too much. To see a
complete list of John's cracking capabilities, just
type john and it will give you a list of commands
that you may use.
If you Have an Account with the Users Server
The next section is on how you can hack a webpage if
you already have an account with the server.
This was taken from a text by Lord Somer and since
i don't want to butcher something important out of it
I will just keep the text in its whole form.
Exploiting Net Adminstration CGI (taken from a text by Lord Somer)
#######################################
# Exploiting Net Administration Cgi's #
# like nethosting.com #
# Written by:Lord Somer #
# Date:9/2/97 #
#######################################
Well since nethosting.com either shutdown or whatever I figured what the hell before I forget
how I did the more recent hacks etc... I'd tell you how so maybe you'll find the same sys
elsewhere or be able to use it for ideas.
Basically Nethosting.com did all it's administration via cgi's at net-admin.nethosting.com,
well you need an account, card it if necessary, log in to net-administration, you'll see crap
like ftp administration, email, etc... who really cares about e-mail so we'll go to ftp.
Click on ftp administration. Lets say you were logged in as 7thsphere.com your url would be