TUCoPS :: Web :: General :: stupid.txt

Hacking Web pages for Dummies 

     _|_|_|  _|        _|     _| _|     _|  _|     _|    _|_|_|   _|      _|_|_|
     _|      _|      _|  _|  _| _| _|  _| _| _|  _|  _|  _|   _|  _|      _|
     _|_|    _|      _|_|_|  _|    _|  _|    _|  _|_|_|  _|_|_|   _|      _|_|
     _|      _|      _|  _|  _|    _|  _|    _|  _|  _|  _|   _|  _|      _|
     _|      _|_|_|  _|  _|  _|    _|  _|    _|  _|  _|  _|_|_|   _|_|_|  _|_|_|


                  _|_|_|   _|  _|  _|_|_|  _|_|_|  _|_|_|  _|_|_|
                  _|   _|  _|  _|  _|      _|      _|      _|
                  _|_|_|   _|_|_|  _|_|    _|      _|_|    _|_|_|
                  _|       _|  _|  _|      _|      _|          _|
                  _|       _|  _|  _|_|_|  _|_|_|  _|_|_|  _|_|_|


                           http://www.pheces.org
                         magic people, voodoo people


öööööööööööööööööööööööööööööööö

Title:      |||| Hacking Webpages for Dummies ||||

Date:       February 08, 1998 [rewritten May 24, 1999]
Author:     rootwurm

öööööööööööööööööööööööööööööööö

Ok, i wasn't going to write this text cause i thought it was mildly retarded...but tonight i
got bored and went on a hacking spree and altred 8 websites...so i figured 'what the hell,
maybe someone will get a kick out of this'

one of the biggest (and easiest) exploits i've found so far is in Micro$oft's FruitPage
Extensions.  if you haven't heard already (loads of txt's about it on the net) then it's just
the fact that there's no default password, and when there is, you can sometimes get the .pwd
(password) files.

to check to see if a site is vunerable, try going to www.thesite.com/_vti_inf.html
(www.thesite.com is (obviously) the site you want to examine)  if you get a 404 or some other
error, then in all likely hood, frontpage is not running on the server.  if instead you get
a "Front Page Configuration" page, then you hit a server running frontpage extensions.

to check the restraints in place, try loading www.thesite.com/_vti_cnf/ and you should,
if the server is installed with the default configuration, get the contents of the
root directory.

you can tag /_vti_cnf/ on the end of any subfolder to list the contents of that folder,
for instance, you could load www.thesite.com/somedir/_vti_cnf/ and get a listing of
the files there.

now open up front page explorer (comes with frontpage 98, which i think you can download a
trial version from www.microsoft.com) and click on More Webs.  put in www.thesite.com and
you should get a list of frontpage servers.  double click one to modify it.

if when you double click the site you get prompted for a password, don't fret.  instead, go
back to your browser and try going to the following urls:
	www.thesite.com/_vti_pvt/authors.pwd
	www.thesite.com/_vti_pvt/administrators.pwd
	www.thesite.com/_vti_pvt/services.pwd
in case you didn't put two and two together, you can also simply goto
	www.thesite.com/_vti_pvt/_vti_cnf/ to see which files are there.

if you get ahold of one of the .pwd files, you should be able to brute force crack it.
instead of me eplaining this, i'm gonna quote something i found on www.insecure.org
written by chameleon <chameleon@PEMAIL.COM>

      " As Vacuum and I first discovered an documented, frontpage
	server extensions use DES encryption. So basically you can
	take the frontpage service.pwd (chameleon:jk53kjnb43) and
	then add chameleon:jk53kjnb43:0:0:comments:/:/bin/bash and
	drop that into your password cracker and boom.  You get the
	idea. Note: A lot of times people will use the same frontpage
	password as their other passwords for the un!x shell. Thats
	a givin though to any hacker/cracker/security d00d :-] " 4-26-1998

now that you're (hopefully) in, you can feel free to change what you want.

a side note:
	before you modify ANYTHING, make a backup of the site for them.
	if it was your hard work someone was fucking with, wouldn't you
	feel better if the person made backups of your site before
	changing it?  they probably spent weeks upon weeks of time on
	that site, and if you make it funny, more power to you.  just
	don't destroy that much work just to get a point across.  after
	all, it's about LEARNING SOMETHING NEW, and maybe teaching them
	something new.  it's not about modifying the site.  being able
	to change the site is the fun part, but also remember that you
	learned something new, and hopefully taught the sysadmin something
	in the process.  the sysadmin will be much more relaxed if you
	didn't destroy the site than if you had.
end side note:

well, that about sums it up. if you have any questions, meditate and get the answer.  if
and when that fails, don't hesitate to email me with non-stupid questions ;-)

later,

rootwurm (rootwurm@pheces.org)

(((((((((((((((((((((((((((((((((((((((((((((#yep)))))))))))))))))))))))))))))))))))))))))))))

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH