In IIS Exploit we can upload the Defaced page on the Vulnerable Server without any Login. It is most Easiest way to Hack any site.
STEP 1: Click on Start button and open "RUN".
STEP 2: Now Type this in RUN
%WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}
STEP 3: Now "Right-Click" in the folder and Goto "New" and then "Web Folder".
STEP 4: Now type the name of the Vulnerable site in this. e.g." http://autoqingdao.com/ " and click "Next".
STEP 5: Now Click on "Finish"
STEP 6: Now the folder will appear. You can open it and put any deface page or anything.
STEP 7: I put text file in that folder. Named "securityalert.txt" (you can put a shell or HTML file also). If the file appear in the folder then the Hack is successful but if it don't then the site is not Vulnerable.
.
Now to view the uploaded site i will go to "http://autoqingdao.com/securityalert.txt"In your case it will be " www.[sitename].com/[file name that you uploaded] "
0 comments:
Post a Comment