One of the most popular topics among the internet computer is the hacking. In fact, seems like many people would like to learn how to hack a web-site, and get it down, but as you can easily imagine, we cannot give you all the sensible information about the argument.
Anyway, We’ve have decided to create an article in which we will be listing you some of the major techniques used by hackers to “bomb” websites . There is a step by step procedure that can be used by attackers to violate other people’s sites , but reading it , by reading this list you’ll achieve a solid knowledge to prevent any attacks on your site.
Let’s start this guide talking of SQL , SQL is a database query language used by many websites and web applications. Seems like among the web there are lots of sites with an outdated version of the SQL structure, in these sites, the structure can easily be bombed with the SQL injection.
To find out if your site has a vulnerable database, it must has this index style http://www.site.com/page?id=number (ex http://www. hackingsite.com / news / detail.php ? id = 201) , so you have to connect to it and look for links with these characteristics.
Once you have found the right address , you must add quotation mark before the ID number (eg http://www.hackingsite.com/news/detail.php?id = ‘201 ) and press the Enter key on the keyb. If you receive this error message: “You have an error in your SQL syntax” , it actually is vulnerable.
Then we have to know the number of database modules , adding these string order by 1 – , order by 2 – , order by 3 – and so on. Once we’ve detected the version of the database the site is using , it becomes very easy to view the number of tables. By knowing their number we have the possibility to extract the admin’s information that are conserved in the privileges module.
What I have just described is one of the most used technique to hack a website based on PHP SQL database but there are other hacking techniques that are used by attackers to take possession of the external sites.
For example, on vulnerable ASP sites is possible to obtain administrator privileges by simply entering the code strings in the form to login, as well as for sites that use JPortal could be enough simple to add a line of code at the end of ‘ in the address bar of the browser to be able to bomb the site.
Safer , however, are the sites in HTML structure even though they may be “bombed” by expert hackers exploiting security flaws or vulnerabilities in the FTP XSS.
For demonstrative actions against institutions or sites of major companies, it is often also adopted the massive DDoS attack. It Stands for Distributed Denial of Service , this type of hacking is to overload the server in a site with an abnormal amount of access requests (carried out by thousands of computers distributed worldwide) so that it “collapse” and make it unreachable for hours or days.
In short, no website can really be said to be safe when it comes under hacker attacks, but if you will keep upgrading your site structure the risk will be considerably reduced.