how to deface a website
First of all you will need shell. I will give you modified c100 shell which I use and it is undetectable.
Download Link: c100 v2 shell
Download Link: c100 shell
If you are using c100v2 skip the part about setting username/password because it don't have it. If you are using c100 wich is false positive, disable your av and continue with tutorial. First when you download c100.php you will need to edit it with notepad. And set your Username and Password, so that only one who know
user/pw can access shell and website.
Thee green part, Username and passowrd edit as you like. But the md5 pass must be crypted. For that you go to
get this MD5 password, copy it and paste in our shell c100.php
So in my case c100 should look like this
When you do that, save it and now find on website place where you can upload some file. Sometimes the
website will block .php extension so you will have to bypass it. First open your shell with notepad and then Save As and change the
extension to one of these
If website doesn't have any place where you can upload files, but have place where you can add news o
new event or something you can use meta http-equiv to make redirection from website to your deface page. You do that by adding this
code in news
You could also use javascript
Once you find admin panel upload your shell, if you can't upload .php directly upload it with modified
extensions as I stated above.
After you uploaded it find the link where you uploaded it, example if you uploaded it in images then it will be
in site/images/c100.php After you enter the link the new Pop up windows will apear and it will ask you for login. Here you write you
username and password your wrote in c100.php. After that you should get in website.
Sometimes simply extension hiding will not work so you will have to use one addon for firefox [url=https://addons.mozilla.org/en-
US/firefox/addon/live-http-headers/]Live HTTP Headers[/url] Install it and then hide shell extension, go to the upload section. Open Live
HTTP Headers and upload shell. Now if you try to go to the link where you have your shell uploaded it will give you error (only on some
websites) so we will have to change that hided .php.jpg extension into the .php. So as we uploaded the shell and opened the Live
HTTP Headers you should find where you have uploaded your shell. You will have to find the line where ti writes that you uploaded the
shell. Select it and then click on button reply.
After that you will have to find once again the same line of code which shows that you have uploaded
shell. So when you find it select the extension you used to hide original .php. In my case it is .jpg (List of all these extension is given in
this tutorial at the beginning). When you select it delete it so that we have only c100.php. And after that once again click on reply.
It should take you to the shell screen and if it doesn't you will have to find manually where shell has been
uploaded and go to that link. Niote: This doesn't work for every website but work for a lot. Now you are in website.
Find main index.php and edit it with your deface page source code, and click save. Thats it
First of all you will need shell. I will give you modified c100 shell which I use and it is undetectable.
Download Link: c100 v2 shell
Download Link: c100 shell
If you are using c100v2 skip the part about setting username/password because it don't have it. If you are using c100 wich is false positive, disable your av and continue with tutorial. First when you download c100.php you will need to edit it with notepad. And set your Username and Password, so that only one who know
user/pw can access shell and website.
so on crypo.com you write the password you writed in c100.php in my case it is hakforums and for that I
get this MD5 password, copy it and paste in our shell c100.php
Code:
ad3dd2ebd28e5d7f81ec326fbdf1fa7bSo in my case c100 should look like this
Code:
$login = "Dimitrije"; //login
//DON'T FORGOT ABOUT PASSWORD!!!
$pass = "hackforums"; //password
$md5_pass = "ad3dd2ebd28e5d7f81ec326fbdf1fa7b"; //md5-cryped pass. if null, md5($pass)When you do that, save it and now find on website place where you can upload some file. Sometimes the
website will block .php extension so you will have to bypass it. First open your shell with notepad and then Save As and change the
extension to one of these
Code:
shell.php;.jpg
c100.php.jpg
c100.php..jpg
c100.php.jpg
c100.php.jpg:;
c100.php.jpg%;
c100.php.jpg;
c100.php.jpg;
c100.php.jpg:;If website doesn't have any place where you can upload files, but have place where you can add news o
new event or something you can use meta http-equiv to make redirection from website to your deface page. You do that by adding this
code in news
Code:
<meta http-equiv="refresh" content="0;url=http://link_to_your_defacee_page">You could also use javascript
Code:
<script type="text/javascript">
<!--
window.location = "http://www.link_to_your_deface_page.html"
//-->
</script>Once you find admin panel upload your shell, if you can't upload .php directly upload it with modified
extensions as I stated above.
After you uploaded it find the link where you uploaded it, example if you uploaded it in images then it will be
in site/images/c100.php After you enter the link the new Pop up windows will apear and it will ask you for login. Here you write you
username and password your wrote in c100.php. After that you should get in website.
Sometimes simply extension hiding will not work so you will have to use one addon for firefox [url=https://addons.mozilla.org/en-
US/firefox/addon/live-http-headers/]Live HTTP Headers[/url] Install it and then hide shell extension, go to the upload section. Open Live
HTTP Headers and upload shell. Now if you try to go to the link where you have your shell uploaded it will give you error (only on some
websites) so we will have to change that hided .php.jpg extension into the .php. So as we uploaded the shell and opened the Live
HTTP Headers you should find where you have uploaded your shell. You will have to find the line where ti writes that you uploaded the
shell. Select it and then click on button reply.
After that you will have to find once again the same line of code which shows that you have uploaded
shell. So when you find it select the extension you used to hide original .php. In my case it is .jpg (List of all these extension is given in
this tutorial at the beginning). When you select it delete it so that we have only c100.php. And after that once again click on reply.
uploaded and go to that link. Niote: This doesn't work for every website but work for a lot. Now you are in website.
Find main index.php and edit it with your deface page source code, and click save. Thats it
0 comments:
Post a Comment