This tut Shows how to hack Sites running: Php 4.4 Sites.

Step 1 – Search for them

Yep,make a Google dork to find sites running Apache and PHP 4.4 . Its quite easy.

Step 2 – Scan them

Start by scanning them using Nmap,Do and intense scan and find the open ports. If you find port 2000 open,then you have almost got it. most websites running PHP4.4 have this port for admin login.

Now just login using port 2000 ie –

and you will be comfortably login into admin page like this –

Step 3 – Hack them

Now in the fields,you have to type –

username – admin

password – a’ or 1=1 or ‘b

domain – a’ or 1=1 or ‘b

and press go,you will login into admin

voila..you have hacked into admin. Actually sites based on PHP 4.4 have the vulnerability in them that they are vulnerable to SQL injection.

credit: prohack

Explore More

Facebook “CSRF” attack-Full Disclosure

How a Facebook App works Anyone can create an application (or app) that will run within the Facebook platform (and many do!). An app is like a regular website with

Read More

Tracking Down A BotNet

This will not be very long, nor will I go into excessive amounts of detail into the tools and steps required. The purpose of this paper is simply to help

Read More

Critical Blind SQL Injection and Persistent XSS Vulnerability in Airmandalay http://www.airmandalay.com

PlanetCreator has reported another Critical Blind SQL Injection and Persistent XSS Vulnerability in Myanmar (Burma) Domestic and International Airline, Myanmar Domestic Flight http://www.airmandalay.com Cross-site scripting (XSS) is a type of

Read More