EvilZone
Hacking and Security => Hacking and Security => : Titanisking April 19, 2014, 10:45:55 PM
-
I know for websites there is SQL injection, DDoS/DoS, and XSS but are there anymore website hacking techniques? I know for getting control of other computers one would use either a botnet or RAT, are there any other things someone could use? besides viruses/worms? Thanks
-
Check out http://www.exploit-db.com/ and read about the myriad of different ways things get hacked.
Also hack this webapp. (https://evilzone.org/tutorials/%28php%29-d4rkcat%27s-super-secure-webapp/)
Good Luck!
-
https://www.owasp.org/index.php/Category:Attack (https://www.owasp.org/index.php/Category:Attack)
https://www.owasp.org/index.php/Category:OWASP_Testing_Project (https://www.owasp.org/index.php/Category:OWASP_Testing_Project)
-
You can use metasploit. If you want to learn I will recommend you to setup windowsXP virtual machine and try exploits on it. Using netapi exploit with some payloads will get computer access. though I am also learning metasploit these days and its really Interesting.
GL
-
There are many many methods one may use to approach breaking into a web application. It all depends on what mistakes the web-devs make. For example, lets say you were poking around a website and found that the file types for uploads are not being checked. This could allow you to upload a simple php script to the server and run it by requesting it through your browser. This is unfortunately something that you will come across more often than not.
If you want to learn more and practice some web exploitation there are a few sources out there that you can use for practice like the DVWA (Damn Vulnerable Web Application)
I would also suggest checking out www.vulnhub.com. Specifically the DE-ICE iso's.