Wednesday, May 27, 2009

PHP Remote File Inclusion

Remote File Inclusion is a technique used to attack websites from a remote computer.RFI allow malicious users to run their own PHP code on a vulnerable website.This allows the attacker to use and run any remote file just by editing the URL. Like a webshell can display the files and folders on the server and can add,edit or delete files and folders,send spams and even get hold of root.

More details on PHP Webshell are here.

Saturday, May 23, 2009

Top Ten Web Hacking Techniques

Top Ten Web Hacking Techniques 2008 by Jeremiah Grossman,Founder & Chief Technology Officer of WhiteHat Security.

Thursday, May 21, 2009


This is a demonstration of hacking wireless access points networks with Aircrack-NG.Before running airodump we need to find an adaptor driver which can be downloaded from the here.

Please note few points regarding wireless as mentioned below -

Channels are the channel your Access Point is Broadcasting on.
ESSID is the Name of your wireless network.
BSSID is the MAC address of your Access Point.

We will have to put the wireless card in monitor mode before capturing the data.Complete step by step documentation can be found here.

Monday, May 18, 2009

SSH Hacking

A Dictionary attack is launched against SSH using a Shell Script to crack Passwords.

Friday, May 15, 2009

Using NetCat as a Backdoor

In this video a windows RPC exploit is used with the help of Metasploit on Backtrack.After exploiting the RPC vulnerability in windows,hacker uploads Netcat tool to regain access when ever he wants.

Thursday, May 14, 2009

Metasploit Autopwn tool

This Video shows MetaSploit Autopwn tool in action.After identifying a victim's machine using port scanning techniques,Just run the Metasploit framework and connect to sqlite database.Again run a port scan on victim's machine so that the result is saved in the database.Then run the Autopwn tool against the port scan result,Autopwn will automatically run all the exploits against the open port.When the attack completes successfully, we get open sessions. Job Done !!!!

This can also be achived by running Autopwn exploits against the result saved by Nessus in NBE format.

Wednesday, May 13, 2009

Dump Cleartext Passwords From Windows Memory

This video shows how you can dump the cleartext passwords from a memory dump of a Windows system by using a tool called MDD.

Monday, May 11, 2009

DNS Spoof Virutal Hosts

DNS Spoofing is a type of MITM attack in which victim's computer is sent a fake DNS reply for a particular website,forcing his machine to visit a different site.But when this Spoofed IP is hosting multiple virtual sites with multiple Host Headers and attacker wants to use this IP as a fake DNS reply for DNS Spoofing then the server will not be able to determine the proper destination as Host Header will be missing in the request.Hence DNS Spoofing attack will not success.

In this video , Ettercap is combined with a C program to change the host header on the fly and submits a new get request to the web server, which allows an attacker to successfully launch DNS Spoofing attack with a IP hosting multiple virtual web sites.

More info can be found here.