Website Hacking Method – IIS EXPLOIT Hacking [Engish]






This Method only works on sites being hosted on Ms-IIS server. Now a days many boxes are patched so it will not work on them !!
Steps for Xp User
!- Click on START and click on RUN then enter the below code and then press Enter
%WINDIR%EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}
2- A new window name “WEB FOLDER” gets open


3-Right click and click on New, Add Web Folder then enter your vulnerable website address

4- Click on Next , Next , Finish..
5- Double click on that folder to open it
Now u can insert your deface page on that site by simply Copy & Paste in that folder you deface page will be avaliable at
www.site.com/your defacepagename.html
Note- Also after getting access to the website…Many websites don’t allows you to add/edit your deface page ( Because Microsoft has already fixed this vulnerability in many website ).
For windows 7 user
1- Click Start.
2-  Click Computer.
3-  In the following dialog click Map Network Drive.

4-  On the Map Network Drive dialog, click “Connect to a Web site that you can use to store your documents and Pictures” this will pop up the “Welcome to the Add Network Location Wizard“.
5-  Click on Next.
6 – Click on ”Choose a custom network location”.

7-  Click on Next.
8-  Now type the web folder address that you want to access.

9-  Enter a NAME to help you identify the web folder and click Next.
10- Place a checkmark onOpen this network location when I click finish‘.
11- Click Finish.
12- To open the web folder next time, just double click on the one you want to open from the My Network Places list.
Note:- Remeber Some sites you might get an error while   uploading xyz.html file that time just change the extension to xyz.htm and you can also deface some of the websites  using Shell.
Dork- “Powered by IIS” or use your own unique dork.

0 comments:

Post a Comment