Hacker's way : learning about targeted website

In Today's World Many Of us want to become Hacker . So Here Is a First Step Of Hacker's Way.It shouldn't be necessary to say that it's is necessary to learn more about our secured target website. There's no general approach which will enable you to access all secured websites. First, it's necessary to find out what type of protection we are dealing with. Since we are mainly talking about gaining access to secured websites here, it's obvious to start with our browser.

Using Our Browser :

  • Fire up your browser (which should be Netscape Communicator 4.6 or higher) and surf to your target website: http://www.target.com. 
  • Naturally, we then try to get access to the secured section of the website which we would like to see.
  • It's very important to analyse how users are authorized right now, because that will determine our approach to hacking it.
  • What kind of protection are we dealing with? Let me explain how you can recognize the possibilities. These possibilities can be divided in two types: server-side protections and client-side protections. 
  • Server-side protections can be rather difficult to tackle, client-side protections aren't much of a problem.

  • Web server software : we will  start with the best protection of all. server-side user authentication by the web server. Very easy to recognize, a dialog box pops up which asks you to provide user name and password.
  •  Returns you a `user authentication failed'-page if you choose `Cancel'.

  • CGI : We are dealing with a server-side CGI protection if there is a form in a normal webpage which requires you to fill in some data, to click on a button and if the data you provided is then transmitted to the server. 
  • You can check this by looking at the page source: if there's a tag like <FORM ACTION=\something.cgi" METHOD=\POST">, you know that you're dealing with a CGI protection.

      • Java applet : I have seen sites protected with a Java applet quite regular, which is rather stupid, because Java applets are client-side. 
      • It's easy to recognize an applet, when you don't see it's a Java applet when browsing the website, you only have to look at the page source. 
      • The <APPLET SRC=appletname.class> - tag is the only way to load a Java applet in a webpage.

      • JavaScript Websites : protected with JavaScript are the most stupid ones, because the user has access to all scripts used - it's also client-side.
      •  Also easy to recognize: view the page source and look at everything which is between <SCRIPT LANGUAGE=\JavaScript">- and </SCRIPT>-tags. You will see soon enough if it has something to do with the protection.

      Finding our Target more using other protocols

      • In most cases, a web server is a computer connected to the Internet which hosts one or more websites. But a server can do much more. 
      • While web server software is listening to port 80 for connections, many other services can listen to other ports.
      •  A computer connected to the Internet can be web server, FTP server and mail server at the same time: the different services each listen to a certain port.
      • Web server software listens to port 80, FTP server listens to port 21. 

      Telnet :

      Using Telnet could certainly learn us something about the target server. Launch `telnet' and try to connect to the target server. With the Telnet program, you can connect to any port you would like, but we choose to connect to the standard telnet port - 23. You'll now see something like this:

      Digital UNIX (target.com) (ttyq6)


      • You can now try to enter a dummy name and a dummy password, but the chance that your name and password combination will be correct isn't very large, no need to explain that. . .
      • But we certainly have learned something about our target: our target server is running UNIX, Digital UNIX if you want to know exactly. 
      • Trying this could also reveal that you're dealing with a Windows NT server, which makes a great difference .
      •  It's also possible that you aren't able to connect like this and that the connection is immediately closed with an error message.
      •  In that case, Telnet won't help you, but it was worth trying.Please note There's an important di erence between the Telnet program,the Telnet protocol and the Telnet port. 
      • The Telnet program is just telnet.exe which comes with Windows (or any other operating system), the Telnet protocol is a set of rules about communication between two computers, the Telnet port is (in most cases) port 23 which is used for Telnet (the protocol!) connections.


      • If Telnet refuses all connections, it might be possible that users are only allowed to use SSH. SSH stands for Secure Shell and does the same as Telnet, but all data is encrypted before transmission and decrypted afterwards.
      •  Besides, authorization methods available with SSH are much safer than those of Telnet.To a nd out if a server supports SSH, just telnet to port 22. 
      • If you are able to connect to this port and you see something like SSH-1.5-1.2.26, this means that SSH is enabled.
      •  It's good to know that SSH is enabled, but it won't help you much, because SSH it too well protected for us. We won't be able to use it for our purposes. 
      • When you now press enter, the remote host will close the connection because you didn't send data the SSH protocol expects. It will say:Protocol mismatch. and close the connection.

      FTP :

      • We can use FTP for the same thing as Telnet - we can try to gain more  information about our target. What we do is launch the Windows `telnet' application and try to open a connection to target.com port 21.
      •  If telnet is unable to establish a connection, target.com is not a FTP server.
      • On the other hand, if telnet actually is able to connect to port 21, FTP server software is running. 

      Okay , That's It Friends ..
      If You Have Any Doubt Feel Free to comment.....

      HTML Comment Box is loading comments...