This tut Shows how to hack Sites running: Php 4.4 Sites.

Step 1 – Search for them

Yep,make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy.

Step 2 – Scan them

Start by scanning them using Nmap,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login.

Now just login using port 2000 ie –

and you will be comfortably login into admin page like this –

Step 3 – Hack them

Now in the fields,you have to type –

username – admin

password – a’ or 1=1 or ‘b

domain – a’ or 1=1 or ‘b

and press go,you will login into admin

voila..you have hacked into admin. Actually sites based on PHP 4.4 have the vulnerability in them that they are vulnerable to SQL injection.

credit: prohack

Explore More

Critical SQL Injection (http://www.mysuboo.com)

Today we shall consider the SQL Injection error on the site http://www.mysuboo.com/. Applications: ———— PlanetCreator’s_Universal_Advanced_Internet_Security_T00L System Time: ———— (UTC+08:00) Kuala Lumpur, Singapore, 03/23/2010 01:01:56 AM Site : http://www.mysuboo.com/ SQL Version

Malaysia Government DBKL Web Vulnerability (2nd)

PlanetCreator has reported Critical XSS vulnerability on Official Portal of Kuala Lumpur, Malaysia Web Site, http://www.planetcreator.net/2009/09/criti…aysia-web-site/ and http://www.xssed.com/mirror/64058/ but nobody takes action ~~~ How come? Hello, DBKL’s Staffs! Are you

Detecting New Rootkits

A new rootkit can either be one that has never been seen before, or one that uses new technologies or previously unused methods of attack. Or both. Andthat is where