site hacking
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
site hacking
hello everyone,this is my firs tipic here :) first of all i want to say sorry because my english is just terrible :D
so can anyone explain me how to get own this site ? http://legenda.wapop.org/ this is wap site..
any ideas ?
so can anyone explain me how to get own this site ? http://legenda.wapop.org/ this is wap site..
any ideas ?
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
depends what you trying to do, you should first use search and search thru the forum, there's lot about website hacking.
but explain what you're trying to do there.
but explain what you're trying to do there.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
i have 2 goals...Sethioz wrote:depends what you trying to do, you should first use search and search thru the forum, there's lot about website hacking.
but explain what you're trying to do there.
1- i am trying to hack in-game stats ( exp,coins) by webscarab but i am faced difficulties...
2-i want to stole script from ftp but its really hard for me... i have not enough knowledge...
i need someone to show me right way :)
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
1 - WebScarab is indeed good tool to go, but might not show everything.
i recommend scan the website with some vulnerability scanner (google for them). good one to use is Acunetix web vulnerability scanner, but its not free. so buy or torrent it.
So you get some kind of overview of what is going on and if there are known vulnerabilites they will be shown in scanner.
Then you might also want to try other tools, like burp suite, paros proxy, wpe pro (yes it works on browsers too). There are few others but can't remember the names.
2. steal script from FTP? what exactly you mean?
FTP = file transfer protocol
not sure what you mean by "steal from ftp"
can you see the script somewhere on web page?
you know its somewhere in their system and need to find it?
explain more.
i recommend scan the website with some vulnerability scanner (google for them). good one to use is Acunetix web vulnerability scanner, but its not free. so buy or torrent it.
So you get some kind of overview of what is going on and if there are known vulnerabilites they will be shown in scanner.
Then you might also want to try other tools, like burp suite, paros proxy, wpe pro (yes it works on browsers too). There are few others but can't remember the names.
2. steal script from FTP? what exactly you mean?
FTP = file transfer protocol
not sure what you mean by "steal from ftp"
can you see the script somewhere on web page?
you know its somewhere in their system and need to find it?
explain more.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
first of all i want to say thank you for answer :)Sethioz wrote:1 - WebScarab is indeed good tool to go, but might not show everything.
i recommend scan the website with some vulnerability scanner (google for them). good one to use is Acunetix web vulnerability scanner, but its not free. so buy or torrent it.
So you get some kind of overview of what is going on and if there are known vulnerabilites they will be shown in scanner.
Then you might also want to try other tools, like burp suite, paros proxy, wpe pro (yes it works on browsers too). There are few others but can't remember the names.
2. steal script from FTP? what exactly you mean?
FTP = file transfer protocol
not sure what you mean by "steal from ftp"
can you see the script somewhere on web page?
you know its somewhere in their system and need to find it?
explain more.
1- i will try scanners what u said and will write some results what i will got
2- when i said ftp i mean server where are saved website files like scripts... i know that it can be hacked if u hack admin ftp...
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
i scanned site via Acunetix web vulnerability scanner :) and i got many results :)
so please tell me what is that am i looking for exactly ?
so please tell me what is that am i looking for exactly ?
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
there is nothing specific, you have to go step by step, just read thru each vulnerability. if you don't understand the terms, google them.
not everything is real vulnerability, acunetix just gives you an idea how site works.
hacking a site needs lot of effort. lot of googling and patience is needed.
what exactly did you try with webscarab?
on some sites you can intercept the request and change values and they take effect. like on low security sites you can change the payment amount if you buy something and get something for 0.1 for example.
also in webscarab, there's option "reveal hidden fields", enable that.
not everything is real vulnerability, acunetix just gives you an idea how site works.
hacking a site needs lot of effort. lot of googling and patience is needed.
what exactly did you try with webscarab?
on some sites you can intercept the request and change values and they take effect. like on low security sites you can change the payment amount if you buy something and get something for 0.1 for example.
also in webscarab, there's option "reveal hidden fields", enable that.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
i think that this site is low defenced ..Sethioz wrote:there is nothing specific, you have to go step by step, just read thru each vulnerability. if you don't understand the terms, google them.
not everything is real vulnerability, acunetix just gives you an idea how site works.
hacking a site needs lot of effort. lot of googling and patience is needed.
what exactly did you try with webscarab?
on some sites you can intercept the request and change values and they take effect. like on low security sites you can change the payment amount if you buy something and get something for 0.1 for example.
also in webscarab, there's option "reveal hidden fields", enable that.
i will try something with webscarab
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
and also can you tell me other tool like webscarab ? ::) because i have problems with it :(
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
"i have problems with it" doesn't help at all, explain.
webscarab is one of the best tools of its kind and i did mention other ones.
I can't remember the name of the proxy i used, it had a quitar logo (yellow / orange / white).
might have been "Charles proxy" earlier version, try Charles Proxy.
but i still find webscarab most useful.
Also don't forget old good "firebug" extension for firefox. it comes in handy.
webscarab is one of the best tools of its kind and i did mention other ones.
I can't remember the name of the proxy i used, it had a quitar logo (yellow / orange / white).
might have been "Charles proxy" earlier version, try Charles Proxy.
but i still find webscarab most useful.
Also don't forget old good "firebug" extension for firefox. it comes in handy.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
when i use webscarab and type webscarab's port/Ip AND BRowsers PORT/IP same....it cant connect internet error text : (ConnectionHandler.run): ConnectionHandler got an error : java.lang.NullPointerExceptionSethioz wrote:"i have problems with it" doesn't help at all, explain.
webscarab is one of the best tools of its kind and i did mention other ones.
I can't remember the name of the proxy i used, it had a quitar logo (yellow / orange / white).
might have been "Charles proxy" earlier version, try Charles Proxy.
but i still find webscarab most useful.
Also don't forget old good "firebug" extension for firefox. it comes in handy.
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
I don't understand what you doing.
what exactly is "browsers ip/port" ?
all you do, is get add-on like "proxysel" for firefox and add "127.0.0.1:8008" there
then you enable it and select WebScarab and it will work.
what exactly is "browsers ip/port" ?
all you do, is get add-on like "proxysel" for firefox and add "127.0.0.1:8008" there
then you enable it and select WebScarab and it will work.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
i saw your tutorial on knowledge base and try to do everything step by step...Sethioz wrote:I don't understand what you doing.
what exactly is "browsers ip/port" ?
all you do, is get add-on like "proxysel" for firefox and add "127.0.0.1:8008" there
then you enable it and select WebScarab and it will work.
when i connected to google and search something (your example is sethioz) webscarab opens several windows...after this i ignored them by abort requests and i am faced with this error
WebScarab encountered an error trying to retrieve
GET http://www.google.ge:80/search?site=&so ... sgaUjYC4DQ HTTP/1.1
Host: www.google.ge
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: PREF=ID=61c47992060df6a5:U=fd0ab95803c967f9:FF=0:TM=1362774351:LM=1362774392:S=5h92wnSrXsNOOL7_; NID=67=OzslDqMywEy9TInfb3xBZRHlhzQOHUdDxrlyUyVmJ7Fiosx96rUcnyo9WBP_km38e9ghkaKM6hmV-HZRU8__vqYV25VKUTmA9cnNyVw3t3eMr5dUaFlHSv31qCAeLrc5; _GPL_it=1
Connection: keep-alive
The error was :
Request aborted in Manual Edit
at org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse(ManualEdit.java:237)
at org.owasp.webscarab.plugin.proxy.ConnectionHandler.run(ConnectionHandler.java:233)
at java.lang.Thread.run(Unknown Source)
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
... duh
you need to go back to basics.
those "windows" that it opens are intercepted requests waiting for your action (i thought its common sense..)
it only told you that keep alive packet was not sent, because YOU did not send it...DUH!
you're the cause of the "error" because you did not choose action for "keep alive" packet so connection timed out.
you have to first understand WHAT webscarab is and what it can do .. before clicking everything and saying there is error.
and that thing at end ... are you checking for some plugins or updates? or WHY are you connecting to "org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse" ?
i don't know what you are doing, WebScarab works fine for me.
to me it seems like you just don't know how to use it, but i can't tell for sure.
if you believe it is not your fault, take screenshots of what you are doing or make video.
you need to go back to basics.
those "windows" that it opens are intercepted requests waiting for your action (i thought its common sense..)
it only told you that keep alive packet was not sent, because YOU did not send it...DUH!
you're the cause of the "error" because you did not choose action for "keep alive" packet so connection timed out.
you have to first understand WHAT webscarab is and what it can do .. before clicking everything and saying there is error.
and that thing at end ... are you checking for some plugins or updates? or WHY are you connecting to "org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse" ?
i don't know what you are doing, WebScarab works fine for me.
to me it seems like you just don't know how to use it, but i can't tell for sure.
if you believe it is not your fault, take screenshots of what you are doing or make video.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
nii. i am not saying that i did everything well :) maybe its my fault...i will test it againSethioz wrote:... duh
you need to go back to basics.
those "windows" that it opens are intercepted requests waiting for your action (i thought its common sense..)
it only told you that keep alive packet was not sent, because YOU did not send it...DUH!
you're the cause of the "error" because you did not choose action for "keep alive" packet so connection timed out.
you have to first understand WHAT webscarab is and what it can do .. before clicking everything and saying there is error.
and that thing at end ... are you checking for some plugins or updates? or WHY are you connecting to "org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse" ?
i don't know what you are doing, WebScarab works fine for me.
to me it seems like you just don't know how to use it, but i can't tell for sure.
if you believe it is not your fault, take screenshots of what you are doing or make video.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
i have one question :( why is that i cant see whole function ? ( PICTURE IS FROM WPE PRO)
this HEX includes some special symbols or what happen ?
this HEX includes some special symbols or what happen ?
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
once again, you need to go to BASICS.
what you call "HEX" is ASCii ..
your knowledge is simply too low to go into these things, if you don't even know what HEX is and what packet is.
HEX contains only 0123456789ABCDEF, duh. there are no symbols.
its simple as that, you can't begin hacking if you don't know most basic things, like what is HEX and what is ASCii
what you call "HEX" is ASCii ..
your knowledge is simply too low to go into these things, if you don't even know what HEX is and what packet is.
HEX contains only 0123456789ABCDEF, duh. there are no symbols.
its simple as that, you can't begin hacking if you don't know most basic things, like what is HEX and what is ASCii
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
yes,i know what contains HEX but... i have no idea why is that when i trying to decode some HEX i cant see whole text ( see my image) what is this ....(dots) ? why is that i cant see whole decoded hex ?Sethioz wrote:once again, you need to go to BASICS.
what you call "HEX" is ASCii ..
your knowledge is simply too low to go into these things, if you don't even know what HEX is and what packet is.
HEX contains only 0123456789ABCDEF, duh. there are no symbols.
its simple as that, you can't begin hacking if you don't know most basic things, like what is HEX and what is ASCii
- Sethioz
- Admin
- Posts: 4764
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: site hacking
lol ... i don't know what else to say.
-
- Newbie..
- Posts: 20
- Joined: Wed Mar 06, 2013 1:54 pm
Re: site hacking
BREAK YOUR MIND :dSethioz wrote:lol ... i don't know what else to say.