Subscribe For Free Updates!

We'll not spam mate! We promise.

Tuesday, 6 August 2013

Popular Ways To Hack And Crack A Website

Brute Force Attack, DoS,Hacking Course, SQL, SQLi, web Application Security, website Hacking



Hacking a website not only means taking the whole control of website but can be either changing the website datas or make the website down by making denial of serviceattack.Here in this article we will see some possible ways of attacking a website.A website can be attacked in any one of the following Ways.......

  • Password Cracking
  • Simple SQL Injection Hack
  • Brute force attack for servers
  • Denial of service
  • PASSWORD CRACKING

The first and foremost thing that every hacker must need to hack a website is the hostingIP address of the website.You can directly find the IP address of any website from yourcommand prompt itself.

1. For that open command prompt (window + r) and type cmd and hit enter.
2. Type the following command followed by the URL of the website 

nslookup URL addressFor example
nslookup www.realhackings.comand hit enter.you can see a window as shown below with the ip address of the website

Now you have got the IP address of the website.next step is to scan the IP we have got just now to see which protocols the Website at this IP is using 

For scanninng DOWNLOAD IP scanner and open it you can see a window as shown below.Just paste the IP you have just got and click scan button.
In the above image FTP is shown,That means this website is using FTP to access to its servers.just double click on the FTP to see a window as shown below


Now this is the final stage.When you enter exact username and password you can login to that website and do whatever you like.To find this username and password we have to do brute force attack

BRUTE FORCE ATTACK

In cryptanalysis, a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example, exhaustively working through all possible keys in order to decrypt a message.Well, to put it in simple words, brute-force attack guess a password by trying all probable variants by given character set. Eg. checking all combination in lower Latin character set, that is 'abcdefghijklmnopqrstuvwxyz'. Brute-force attack is very slow. For example, once you set lower Latin charset for your brute-force attack, you'll have to look through 217 180 147 158 variants for 1-8 symbol password. It must be used only if other attacks have failed to recover your password.For attacking any account using this technique you should need high patience and it will take a lot of time depending upon the number of characters 

            Denial of service ( Ddos attack ):

A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.this is not actually hacking a webite but it is used to take down a website.

If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking

SQL INJECTION
SQL injection is a vulnerability that allows an attacker to influence the queries that are passed to the back-end database.It has been present since the time databases have been attached to the web applications.Before understanding the how SQL injection attacks we need to understand the Simple Three Tier Architecture or a Four Tier Architecture.This will clear your basics and give you a rough idea of how database-driven web applicationswork.


NOTE: This is only for the website owners to test their websites for different vulnerabilities and to enable maximum security.










































Socialize This Post
SOCIALIZE IT →
FOLLOW →
SHARE IT →

2 comments:

  1. Can please tell me how to hijack browser's saved password using script or PHP code.
    I know about phishing but its' not the way.
    In phishing victim has to insert the ID-PASSWORD.
    I'm thinking a way of attack in which attacker can get stored login detail of browser by just visit of victim.
    AND PLEASE ALSO SUGGEST HOW TO STOP IT.

    ReplyDelete
  2. ok i m uploading this tutorial on hijack browser's saved password using script or PHP code.
    on ur request

    ReplyDelete