Website hack help

Researching, Proof of Concepts, Hacking, Console Modding and Hacking and more. No game hacking / modding here.
Post Reply
spade
Newbie..
Newbie..
Posts: 7
Joined: Thu Apr 12, 2012 10:39 pm

Website hack help

Post by spade »

Hey im tryin to hack http://howtomodtf2onps3.webs.com/apps/forums/ trying to get a moderator account to access area 51. Any help on this would be appreciated Thanks!
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Website hack help

Post by Sethioz »

can't bother registering, but i suggest you run scan using some web vulnerability scanner to get some general idea whats going on.
have you googled for webs.com exploits ?
have you googled at all ?
find out what site system webs.com uses and search google, maybe there are known exploits already.

otherwise its usual stuff, try cookie stealer, keylogger ..etc
spade
Newbie..
Newbie..
Posts: 7
Joined: Thu Apr 12, 2012 10:39 pm

Re: Website hack help

Post by spade »

Yes I've tried googling I can't seem to find anything on what im looking for. The programs im using arnt getting me anywhere, but I am not so good at using them. It's proabaly something simple im overlooking
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Website hack help

Post by Sethioz »

as i said, find out what kind of website system it uses. that's the first thing.
Acunetix is quite ok scannner.
NetTools (made by Ahmadi) is quite good for some simple things, but you would first have to find something to exploit.
WebScarab can be used to exploit other things in website, but getting password hashes is not that simple nowdays.

Weakest link in computers is always the human factor, so i suggest you try exploit the human stupidity.
try sending a keylogger, use a cookie stealer ..etc
stolen cookie can give you access to admin / moderator rights and you can make quite of a chaos, you can't go to admin panel because it will ask for password, but you can still delete, rename, move ..etc

I have working cookie stealer here:
http://sethioz.com/forum/viewtopic.php?f=47&t=986

Follow the topic, it's all explained how to use it. if you have issues with that cookie stealer, do not post in this topic, post in cookie stealer topic.


There's also XXS (cross site scripting) and SQL injection that might work, those are most common, but again those hosting companies that offer a pre-configured sites are usually not so easy to hack. once someone exploits one of the site, most likely it gets reported and they will fix it.
For example on my website, i see every request made. if someone finds exploit in my site, i would see each detail what was done so i would know exactly how to patch it.
Post Reply