Hello friends, this is my 3rd article on HTP. Hope you are liking my articles.
There are several ways to hack a website
By Spl Injection
Now you accessed admin panel of a website and you want to edit its
file. To edit files you need a php shell.
What is a php shell?
PHP Shell is a shell wrapped in a PHP script. It’s a tool you can use
to execute arbitrary shell- commands or browse the filesystem on your
remote webserver. This replaces, to a degree, a normal telnet
connection, and to a lesser degree a SSH connection. You use it for
administration and maintenance of your website, which is often much
easier to do if you can work directly on the server. For example, you
could use PHP Shell to unpack and move big files
around. All the normal command line programs like ps, free, du, df,
etc… can be used.
C99 is the shell by which you can manage the files of a website. Let
me explain practically :-
Create a fake account on http://www.my3gb.com and download c99
shell(link given below in step 1) in zip extract it to your pc. After
extracing upload c99.php file to your my3gb account and logout from
your account. Now just go to the link of the shell i.e.
Yourusername.my3gb.com/c99.php
Now you can access control panel of the website without login into your account.
To hack the website's control panel Just follow these steps :
Step 1 : Download a php shell. I recommended c99 because of its
extended features. For download go to http://sh3ll.org/ and download
c99 shell in zip.
Then extract it.
Step 2 : Now find a place where you can upload photos in website.
Step 3 : Upload your shell here. If the website dont allow to upload
.php file then change it to .php.gif or .jpg
Step 4 : Now go to the link of the file that should be
www.abc.com/yourfilename.
or
abc.com/images/yourfilename.
Now here you can see all the files of that website. Now you can access cpanel.
0 comments:
Post a Comment