How To Hack And Deface Website

 Note: This post is only for educational purposes only

A lot of people have been sending me mails pleading that i should teach them  how to hack and deface website which is why am writing this post but on no account should you use this knowledge for illegitimate reasons as you will bear the consequences if you ever get caught. So today, I will explain all the methods used to hack and gain access to a website's database.

 

What do we know by Website defacement?

This is simply an attack on a website that changes the homepage or appearance of the website. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own. Defacement is generally meant as a kind of electronic graffiti, although recently it has become a means to spread messages by politically motivated  hacktivists or "cyber protesters"

The most common method of defacement is using SQL injections which allows gaining administrative access. Another method of defacement is through FTP once the username and password are obtained.

Defacements usually consist of an entire page, which contains the Hacker's codename or signature." Sometimes, the Hacker makes fun of the system administrator for failing to maintain website and server security. And, most times, the defacement is harmless and is only done to show off the Hacker's  skills.But, we have to be careful as this could be like a distraction to upload malware, copying or deleting essential server files and others. There are several methods of defacing websites Like: SQL Injection, Remote File Inclusion, Local File Inclusion, Cross site scripting, DOS(Denial of Service). But we will be talking about Backdoor Shell. (A backdoor shell can be described as a malicious piece of code (e.g. PHP, Python) that can be uploaded to a website to gain access to files stored on that site. And once it is uploaded, the Hacker can use it to modify, delete, or download any files on the website, or upload theirs.

What we need:

1. My custom Shell [DOWNLOAD HERE]

2. A website vulnerable to SQL Injection Or that has a shell Or I should assume you have hacked and gotten admin details

3. And my Deface custom page(NOT VIRUS) which you can  [DOWNLAD HERE]

 

Recommended post: How To Hack a Website Successfully

                                            Top 6 Techniques Use In Cracking Passwords

                                            Become a Hacker With these 20 Tips For Beginners

I will just sum everything up so you could do more research as this would help so you just don't just follow everything without becoming a real Hacker.

=> Go get yourself a vulnerable site, try to hack it and get the Admin Login details and get the Admin Page address.

=> If you are successful,  Login to the admin dashboard with the admin details you got.

=> Go through the admin page until you find a place where you can upload a picture (Usually a picture).

=> Now you have to upload the shell. Right if you don't get an error it is all good.

=> Now to find the shell

=> Go through the site until you find any image and if you are using Firefox Right- Click on it and "Copy Image Location"

=> Make a new tab and paste it there.

=> It will probably look something like this- http://www.site.com/images/photoname.jpg

=> So now that we know that change "/photoname.jpg" to "/Khalidsblog.php.jpg" (Qoutes not included)

=> Now a page will come up looking like this the picture above^

=> Now you have access to all the files on the site

=> Find index.php or index.html, and replace it with the defaced page attached up which would also be the Homepage.

=> Then you can either delete all the other files OR Instead of doing bad, Let it redirect to the homepage.

DO NOT FORGET TO:

• Change Admin Username and Password

•Always use a Proxy or VPN [Highly Advised]

BELOW IS A WEBSITE BREACHED BY ME-

Dont forget to share this post!