Scribd
Upload
297 views

Hacking Websites Attacking Ports: - Author Rishi Malve

This document provides steps for hacking into websites by attacking their ports. It explains how to find a target website's IP address, scan it using Nmap to find open ports and services, obtain banners to identify the software and versions running, search for matching exploits, and compile and run exploits written in various programming languages like Perl, PHP, Python and C/C++. The goal is to successfully exploit a vulnerability to gain access and control of the target server.

Uploaded by

rishi malve
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
297 views

Hacking Websites Attacking Ports: - Author Rishi Malve

This document provides steps for hacking into websites by attacking their ports. It explains how to find a target website's IP address, scan it using Nmap to find open ports and services, obtain banners to identify the software and versions running, search for matching exploits, and compile and run exploits written in various programming languages like Perl, PHP, Python and C/C++. The goal is to successfully exploit a vulnerability to gain access and control of the target server.

Uploaded by

rishi malve
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

Hacking Websites Attacking Ports

-Author Rishi Malve

Follow the steps:


1.) First of all you need a target website. (Google & find one) 2.) Once you have got your target website you have to Ping the website in order to get its I.P address. For lazy peoples :Enter target website in this website.
http://www.selfseo.com/find_ip_address_of_a_website.php

Once youve done that, itll Reveal its IP address.

-Author Rishi Malve

-Author Rishi Malve

Follow the steps: (Cont.)


1.) Once youre done download, install & open Nmap. Once you have done that, do a sT sV scan of the website.
[That is put, nmap sT sV, in Nmaps command bar & scan website.]

2.) Once done, observe open OS, ports, services running on the website server.

-Author Rishi Malve

Follow the steps: (Cont.)


1.) Once done, youll need to find banner of the software. [Banner: It shows the software & version running on ports.] Methods depend on the OS of the server. 2.) Look at the above slide which corresponds to your OS.

-Author Rishi Malve

Vista & windows 7.


You need to download & Open Netcat. Once done type, nc <IP> <PORT> Ex: nc 198.168.1.1 Once youve done that, youll get a banner. This will display all the details of the software running on port.

-Author Rishi Malve

windows XP and others.


Open Telnet [Start > RUN > telnet] Once done type, O <IP> <PORT> Ex: O 198.168.1.1 23 Once youve done that, youll get a banner. This will be displaying all the details of the software running on port. If this doesnt work you can try Nc (netcat). -Author Rishi Malve

Follow the steps: (Cont.)


1.) Once youve got the banner, you need to search for vulnerability matching with banner. 2.) Look Exploit databases: Milw0rm: http://www.milw0rm.com ~~ www.exploit-db.com Security Focus: http://www.securityfocus.com Osvdb: http://www.osvdb.org Cve Mitre: http://cve.mitre.org Metasploit: http://www.metasploit.com -Author Rishi Malve

Follow the steps: (Cont.)


1.) Once youve got the matching exploit of the same version software. [If you havent got, try another port.] You need to edit values, compile & run it. 2.) Once youve got Exploit then you should compile, Exploits come in various languages such as Perl, python, PHP C & C++. -Author Rishi Malve

How to Exploit.

-Author Rishi Malve

Exploit For Perl lang.


1.) For Perl exploits, Copy the exploit in notepad & save it with .pl extension. Download & Install, Active Perl: http://www.activestate.com/activeperl Once done, edit the exploit with notepad & double click to run it.

-Author Rishi Malve

Exploit For PHP lang.


1.) For PHP exploits, copy & save it in .php extension. Download & Install WAMP: http://www.wampserver.com/en/ Once done, edit the exploit with notepad & execute it from CMD.

-Author Rishi Malve

Exploit For Python lang.


1.) For python exploits, copy & save it in .py extension. Download & Install python: http://www.python.org/download Once done, edit the exploit with notepad & double click to run it.

-Author Rishi Malve

Exploit For C/C++ lang.


1.) For C/C++ exploits, copy & save it in notepad. Download & Install Blood Shed. (Google the link) Once done, edit the exploit, compile & double click to run it. If your exploit is successful you will get access to server, Youll be able to edit every part of the website. If your exploit wasnt successful try with different port, services & software. You can also use Metasploit web to search exploits. -Author Rishi Malve

Thank you! For Queries : [email protected] [email protected]

You might also like