Sethioz wrote:depends what you trying to do, you should first use search and search thru the forum, there's lot about website hacking.
but explain what you're trying to do there.
Sethioz wrote:1 - WebScarab is indeed good tool to go, but might not show everything.
i recommend scan the website with some vulnerability scanner (google for them). good one to use is Acunetix web vulnerability scanner, but its not free. so buy or torrent it.
So you get some kind of overview of what is going on and if there are known vulnerabilites they will be shown in scanner.
Then you might also want to try other tools, like burp suite, paros proxy, wpe pro (yes it works on browsers too). There are few others but can't remember the names.
2. steal script from FTP? what exactly you mean?
FTP = file transfer protocol
not sure what you mean by "steal from ftp"
can you see the script somewhere on web page?
you know its somewhere in their system and need to find it?
explain more.
Sethioz wrote:there is nothing specific, you have to go step by step, just read thru each vulnerability. if you don't understand the terms, google them.
not everything is real vulnerability, acunetix just gives you an idea how site works.
hacking a site needs lot of effort. lot of googling and patience is needed.
what exactly did you try with webscarab?
on some sites you can intercept the request and change values and they take effect. like on low security sites you can change the payment amount if you buy something and get something for 0.1 for example.
also in webscarab, there's option "reveal hidden fields", enable that.
Sethioz wrote:"i have problems with it" doesn't help at all, explain.
webscarab is one of the best tools of its kind and i did mention other ones.
I can't remember the name of the proxy i used, it had a quitar logo (yellow / orange / white).
might have been "Charles proxy" earlier version, try Charles Proxy.
but i still find webscarab most useful.
Also don't forget old good "firebug" extension for firefox. it comes in handy.
Sethioz wrote:I don't understand what you doing.
what exactly is "browsers ip/port" ?
all you do, is get add-on like "proxysel" for firefox and add "127.0.0.1:8008" there
then you enable it and select WebScarab and it will work.
Sethioz wrote:... duh
you need to go back to basics.
those "windows" that it opens are intercepted requests waiting for your action (i thought its common sense..)
it only told you that keep alive packet was not sent, because YOU did not send it...DUH!
you're the cause of the "error" because you did not choose action for "keep alive" packet so connection timed out.
you have to first understand WHAT webscarab is and what it can do .. before clicking everything and saying there is error.
and that thing at end ... are you checking for some plugins or updates? or WHY are you connecting to "org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse" ?
i don't know what you are doing, WebScarab works fine for me.
to me it seems like you just don't know how to use it, but i can't tell for sure.
if you believe it is not your fault, take screenshots of what you are doing or make video.
Sethioz wrote:once again, you need to go to BASICS.
what you call "HEX" is ASCii ..
your knowledge is simply too low to go into these things, if you don't even know what HEX is and what packet is.
HEX contains only 0123456789ABCDEF, duh. there are no symbols.
its simple as that, you can't begin hacking if you don't know most basic things, like what is HEX and what is ASCii
Sethioz wrote:lol ... i don't know what else to say.
Return to PC / Website / Console / Others > Hacking / Cracking / Exploits / Research
Users browsing this forum: No registered users and 2 guests