Friday, 7 August 2009

EASY WEBSITE HACKING

EASY WEBSITE HACKING


This definitely doesn't work on every single website, so please please please dont complain.
This took a really long time to make so please be happy
Starting (Must use Firefox)
1. Open Google
2. type in Code: "Powered by EasySiteNetwork /category.php " When choosing a site to hack, make sure you dont choose one talking about the sql injection.. that wont get you anywhere .
I Found the site im going to use in this tutorial, on page 8 of my google search
Exploit
1. Take a look at the url box, make sure it says category.php somewhere in the link otherwise this wont work
This is the exploit Code: /category.php?catid=1+union+select+111,222,concat_ws(char(58),login,password,email),444+from+users/* Starting from category.php highlight the rest of the url and replace it with the exploit code .
Ok now click Enter and notice the changes to the page .
The user information is set up like this : Username: Password: Email
NOTE: if there is more then one username and password, then its most likely that the 2nd one is the Admin Account, but if there is only one username, then it of course is the only one displayed
So in this situation the Admin username is :1stAngel and the password is: akhual
Now in order to login to the admin control panel, we most add this extension to the original url : /siteadmin/index.php

NOTE: Sometimes there is a popup to login to the admin panel, thats okay to, but if it doesnt work, then just login like any other user would on the home page

Congrats you are now logged into the admin control panel, do as you please, also if you find out the hosting the website is using, by typing in a false path, you can login to there FTP
Note : This information is for education purpose only
Ping your blog