Wednesday, 21 December 2011

Part 2: Server Side
Want to know about website account hacking ,don't know where to start !!

we have already discussed about client side hacking now we'll discuss

Server Side Hacking

1) Exploiting : Exploiting means finding a vulnerability and using it to your advantage. There are various publically disclosed vulnerabilities and exploits that you can simply search on google and HC. There are ways to exploit a server the most common ones are

1) XSS Cross Site Scripting,
3) Uploading Shells
4) SQL Injections
6) Gaining Root Access to websites hosted on the same server and then intruding another site on the server.
7) Using Scripts to gain information known as Exploits.

These methods are very vast and cannot be explained in a few lines so I am not explaining them in this guide.

2) Bruteforce Attack : Bruteforcing is using a bruteforcer software to try combinations of words, numbers and symbols to fetch the login of your victim. But this rarely works and you need to have a powerful computer.

3) Reverting Accounts : Here we are fooling the website servers that we are the authorized user and we are the holder of an account. One of this vulnerability exists in Hotmail and existed in Facebook. Users just supplied some information about the clients such as last accessed ip address, contacts on contact list, date of birth, location, etc. With a bit of SE its not that hard to extract such information from the client.

No comments:

Post a Comment