Hacking Password Protected Website's By Pinglocalhost
************************
There are many ways to defeat java-script protected
websites. Some are very simplistic, such as hitting
[ctl-alt-del ]when the password box is displayed, to
simply turning offjava capability, which will dump you into the default
page.You can try manually searching for other directories, by typing the
directory name into the url address box of your browser, ie: you want access to
www.target.com .
Try typing
www.target.com/images .(almost ever y web site has an images directory) This
will put you into the images directory,and give you a text list of all the
images located there. Often, the title of an image will give you a clue to the
name of another directory. ie: in
www.target.com/images, there is
a .gif named gamestitle.gif . There is a good chance then, that there is a
'games' directory on the site,so you would then type in www.target.com/games, and if it isa valid directory, you again get
a text listing of all the files available there.
For a
more automated approach, use a program like WEB SNAKE from anawave, or Web
Wacker. These programs will create a mirror image of an entire web site,
showing all director ies,or even mirror a complete server. They are
indispensable for locating hidden files and directories.What do you do if you
can't get past an opening "PasswordRequired" box? . First do an WHOIS
Lookup for the site. In our example, www.target.com . We find it's hosted by
www.host.com at 100.100.100. 1.
We then go to
100.100.100.1, and then launch \Web Snake, and mirror the entire server. Set
Web Snake to NOT download anything over about 20K. (not many HTML pages are
bigger than this) This speeds things up some, and keeps you from getting a lot
of files and images you don't care about. This can take a long time, so
consider running it right before bed time. Once you have an image of the entire
server, you look through the directories listed, and find /target.
When we open that directory, we find its contents, and all of its
sub-directories listed. Let's say we find
/target/games/zip/zipindex.html .
This would be the index page that would be displayed had you gone
through the password procedure, and allowed it to redirect you here.By simply
typing in the url
www.target.com/games/zip/zipindex.html
you will be onthe index page and ready to follow the links for
downloading.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
(DISCLAIMER)XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The Info Above Is Lame!!!. I Dont Condone The Use Of This Document In A Malisous Manner. I Suggest
That U Dont Do it But U Do What Ever U Want. I Will Not Be Responsible For Any
Thing That Might Happen To U If U Use This.
:)
0 comments:
Post a Comment