Hello Readers!
In This Tutorial I going To show You
How to Symlink On A Server
What is Symlink ?
Symlink is a method used by hackers to read
files from other users on a linux server, only
by using a php-shell.
So what do we require to start the tutorial :
Requirements :
- a phpshell uploaded in a linux server (Safe
MODE = OFF )
- a target site
- basic phpshell & linux knowledge
- a brain !
Let's start by the tutorial.
Where to get a target, if you only have a
phpshell uploaded in a linux server that has
some sites ?
It's easy , first get the IP of the server.
Then go to bing.com and search like that :
Code:
ip:xx.xxx.xxx.xxx vbulletin
xxx replace with the ip adress of the server ,
and 'vbulletin', you can change to a name of a
forum software or a CMS you wish as a
target. But for this example i'll take vBulletin.
OK , now we got the target site , let's suppose
that its domain name is mytarget.com and it
uses vBulletin forum software.
Now starts the real hacking !
Go to your phpshell , and in the 'Execute
command' field , execute there that
command :
Code:
ls -la /etc/valiases/mytarget.com
By executing this command , i'll get the name
of the user (on the linux server) that keeps
the website mytarget.com.
It should return with a result similar to that :
>>>>>>>-rw-r--r-- 1 target mail 28 May 28
2011 /etc/valiases/mytarget.com
The red colored piece is the user of
mytarget.com on the server.
So in our case the username is 'target '
Many of us know that the configuration file of
vBulletin script ,can be found in /includes/
config.php.
This is the file we need to read in our case ,
in order to get access at our target site.
How can we read that file ?
Simple , execute that command on the shell :
Code:
ln -s /home/target/public_html/includes/
config.php symlink.txt
As you can see, we're writting the content of
config.php , into symlink.txt file.
After you execute the command , you will se a
new file called symlink.txt.
Open it and w00t !! You successfully read the
configuration file (symlinked).
Now , just get an MySQL connector script
coded in PHP , and login with the details you
get from configuration file of your target.Then
at the admin table, get the admin's hash and
crack it , or better , change the admin's email
you yours , and then do a forgot password at
mytarget.com
And then you successfully will get full access
in your target site !
That was all ,very easy if you practice many
times. Maybe soon i will make a video tutorial
if you still didn't understand , just request the
video tut in the comments , and i will try
ASAP to make it for you !
Hope You Enjoyed!
#AnonyMous_Knw
0 comments:
Post a Comment