A website can be attacked in many ways but we are discussing some of the easy and best ways to hack website below.
1)Password Cracking
2)Simple SQL Injection
3)Brute force attack for servers/control panel
3)Denial of service
Lets start discussing them
1)The first and foremost thing to do is look for the hosting IP address of the website that you want to hack.You can directly find the IP address of any website from yourcommand prompt itself or from whois other details that you may need are also provided on that whois site like the server , admin information.Always its better to gather much more information about the site that you want to hack.
To get hosting IP Address of a site easily go to command prompt and type
nslookup
nslookup google.com
you can see the image below for details.
the next thing to do is scan the IP we have got just now to see which protocols the Website at this IP is using a small software called Advance Ip scanner click here to downloadAnd install it.
As you can see a window as shown below.Just paste the IP you have just got and click scan button.
In the above image FTP is shown,That means this website is using FTP to access to its servers.just double click on the FTP to see a window as shown below.
Now this is the final stage.When you enter exact username and password you can login to that website and do whatever you like.To find this username and password we have to do brute force attack which is explained in details below.
BRUTE FORCE ATTACK
A brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example, exhaustively working through all possible keys in order to decrypt a message.Well, to put it in simple words, brute-force attack guess a password by trying all probable variants by given character set. Eg. checking all combination in lower Latin character set, that is 'abcdefghijklmnopqrstuvwxyz'. Brute-force attack is very slow. For example, once you set lower Latin charset for your brute-force attack, you'll have to look through 217 180 147 158 variants for 1-8 symbol password. It must be used only if other attacks have failed to recover your password.For attacking any account using this technique you should need high patience and it will take a lot of time depending upon the number of characters but it is one of the best way to hack a website till the time.Denial of service ( Ddos attack )
A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.this is not actually hacking a webite but it is used to take down a website.
If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking.It is generally used to crack a website or destroy a website.
I will be Discussing Sql Injection in my next post so stay tuned to DARKSITE And learn hacking easily.
NOTE:All These Hacking related post are educational purpose only just to make the owner the site to secure himself and test different vulnerabilities,to enable maximum security.
nice tutorial!!
ReplyDeleteThanx Harwinder :)
ReplyDeleteuseful tutorial..!! :)
ReplyDeleteThanks 4 reading jeet
DeleteIt's fantastic that you are getting thoughts from this post as
ReplyDeletewell as from our discussion made at this time.
My website; acne relief