Monday, October 15, 2012

Hack Website : Basic Information About Website Hacking Part 1

 Hack Website : Basic Information About Website Hacking Part 1
 
Well I have posted lots of articles on Email Hacking which includes Phishing and keylogging etc, but today I would like to throw some light on new topic which is "Website Hacking". Today i am first time writing article on "Website Hacking". why I am writing this article as there are lots of newbies having lots of misconceptions related hacking website, So I hope this tutorial cover all those misconception and if not all most of them.

Website security is a major problem today and should be a priority in any organization or a webmaster, Now a days Hackers are concentrating alot of their efforts to find holes in a web application, If you are a website owner and having a High Page rank and High Traffic then there is a chance that you might be a victim of these Hackers.
Few years back their existed no proper tools search for vulnerability, but now a days there are tons of tools available such as SQL Injection through which even a newbie can find a vulnerable site and start Hacking in just few minutes. 
Basic Information About Website Hacking
What is a website hack?


The files of your website are stored on a computer somewhere. The computer, called a "server" or "web server", is not too much different from your home PC, except that its configuration is specialized for making files available to the world wide web, so it has a lot of hard drive capacity and a very high speed internet connection. It probably doesn't have its own monitor or keyboard because everyone who communicates with it does so through its internet connection, just like you do.

With everybody connecting to your site through the internet, it might seem like just an accident if one of your files gets changed once in a while in all the commotion, but it's not.

Your website and server have several security systems that determine what kind of access each person has. You are the owner, so you have passwords that give you read/write access to your site. You can view files (read) and you can also change them (write). Everybody else only has read access. They can view your files, but they are never, ever supposed to be able to change them, delete them, or add new ones.


A hack occurs when somebody gets through these security systems and obtains write access to your server, the same kind you have. Once they obtain that, they can change, add, or delete files however they want. If you can imagine someone breaking into your home and sitting down at your PC with a box of installation CD's, that's what a website hack is like. They might do only a little damage, or a lot. The choice is up to them.

People often ask, "But how could my page, which was 100% pure HTML, have been hacked?"

The answer is that the defacement of the page wasn't the hack. The hack was when they got write access to the server. The "pure HTML" page had nothing at all to do with that.

Altering the page was simply the thing they chose to do after they got in. Once they get in, they can do ANYTHING, including alter your pages that are pure HTML. That is the reason why, after a hack, the most important thing isn't repairing the damage they did (which most people focus on), but finding out how they got in.


Who are the hackers?
Website hacking is one of the modern enterprises of organized crime, but if you think that means it's being done amateurishly by a bunch of elderly mobsters who took night classes in Computer ABC's to learn what "this Internet Explore thing is", think again. These organizations have professional programmers. Their campaigns to take control of thousands of the world's computers are well planned and sophisticated, drawing on an in-depth knowledge of operating system software, browser vulnerabilities, programming, and even psychology, and their attacks are almost always automated.

Strangely enough, if your site was hacked, it probably wasn't done by a person, but by another computer, which was hacked by another computer, which was hacked by yet another, and somewhere way back in the chain is a programmer who initially unleashed the sequence of events that set all these computers to attacking each other and building a giant network, a "botnet", a massively parallel virtual supercomputer whose purpose is to suck up all of the world's information that the criminals can efficiently turn into money. They need to have as many computers as possible recruited into the enterprise, and that's why they wanted to hack your little website.

Other hackers do it, whether they realize it or not, as affiliates of organized crime. Using tools provided by the larger organization, they get a small commission ($5, last I heard) for each website they successfully break into.

And there are still hackers who are motivated by fun, challenge, and prestige among their peers or by the desire to deface the site of someone they dislike, but their numbers and impact today are dwarfed by the commercial robotic crawling operations.


Why do they do it? What do they want?

What they want is money. While you may be racking your brain and tearing your hair out trying to figure out how to monetize your website, these people already know just how to do it, and they have a plan, too. You can't use the same monetization methods they do because their methods are illegal!

To use your server to make money, in approximate order of decreasing value and decreasing incidence of occurrence, they want:

    Your visitors' confidential financial information. They want credit card and Social Security numbers, FTP passwords, website logins, and other information from the people who trustingly visit your site. Credit card numbers are sold in bulk to brokers who resell them. More complete financial information is used in identity theft schemes involving mortgages or car loans.

Theft methods:
        They install malicious content on your website so that your visitors are attacked with viruses, Trojans, keyloggers, and other spyware. Once on the PCs, the malware either searches for the data it wants, or keyloggers capture passwords as users log into their bank accounts. The stolen data is relayed to remote computers using the victim's internet connection. In spite of the availability of antivirus and antispyware software, many home PCs are still poorly protected, and one of the sophisticated attack packages (MPack) claims that it successfully infects 50% of the computers it attacks.
        They copy your customer database.
        They install spyware or phishing pages in your site, to grab data as your customers log in.
    Use of your visitors' computers. When they got into your server, they took control of one computer, but now they can attack all your visitors, too, and maybe get hundreds or thousands of new zombie computers under their control. One of the things that makes your server an attractive target is the opportunity to attack all these poorly protected PC's.
    Your mail server, for sending spam.
    Your server's high-speed internet connection, for relaying stolen data, spamming, communicating with other sites in a botnet, crawling the web searching for new websites to victimize, and attacking them.
    Free use of your server's processing power, to reprogram however they want.
    Free use of your webspace, to host illegal content or even an entire illegal website. They avoid webhosting fees, electricity bills, and can engage in activities that no webhost would allow, leaving you with the worries about TOS violations and legal liability. Even after you clean up the site and remove the content, it may remain indexed by search engines for months.

Examples:
        Phishing sites: they create a fake (spoof) site that looks like a popular one such as PayPal. Then they send spam emails containing links to the phishing page on your site. When victims log in, thinking it's PayPal, your site steals their login data and relays it to a remote computer. Then the thieves log into the real PayPal accounts and steal the money.
Illegal pornographic content.
        Use your webspace to store PHP or Perl scripts like c99 or r57 for use in Remote File Inclusion (RFI) attacks on other sites, making your site look like the attacker.
    Your traffic. They put visible links on your pages that visitors on your site can follow. Or they install code to redirect all of your traffic to a different site. Either way, your visitors become their visitors.
    Your money, by extortion, threatening to launch a worse attack against your site if you don't pay them.
    Your PageRank. By putting invisible outbound links on your pages (so only search engines see them) they inflate another site's inbound links and boost its PageRank. Appearing higher in search results makes more money for them.
    Your advertising space. They monetize your popularity by inserting their ads onto your pages. Clicks are credited to them.

Common Methods used for Website HackingThere are lots of methods that can be used to hack a website but most common ones are as follows:

    SQL Injection
    Cross Site Scripting (XSS)
    Remote File Inclusion(RFI)
    Local File inclusion(LFI)
    Directory Traversal
    Cross-site request forgery( CSRF )
    SSI Injection
    LDAP Injection
    XPath Injection
    Denial of Service - DOS Attacks

In this article, I have just shared basic information on Hacking Website. I hope you have liked the post uptill now, I will cover the method to hack website in the next post, So stay tuned !.

0 Comments:

Related Posts Plugin for WordPress, Blogger...