ould anyone please tell me how to use the info gathered on a website vulnerability in order to hack in? Thank you
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
ould anyone please tell me how to use the info gathered on a website vulnerability in order to hack in? Thank you
Newbie here ...Could anyone please tell me how to use the info gathered on a website vulnerability in order to hack in without any damage to get documents in the server?
I need at least a nudge in the directions of what Kali tools to use, and what vulnerabilities to use to access the database of the webserver thank you for any insights
Here is what nikto found
Server: Apache/2.2.15 (Unix)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Server banner has changed from 'Apache/2.2.15 (Unix)' to 'Apache/2.4.43 (Unix) OpenSSL/1.1.1g' which may suggest a WAF, load balancer or proxy is in place
+ Retrieved x-powered-by header: PHP/5.2.13
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.4.37). Apache 2.2.34 is the EOL for the 2.x branch.
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS
+ Uncommon header 'server-error' found, with contents: true
+ OSVDB-3092: /manual/: Web server manual found.
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3268: /manual/images/: Directory indexing found.
+ Server may leak inodes via ETags, header found with file /icons/README, inode: 2763612, size: 5108, mtime: Tue Aug 28 10:48:10 2007
+ OSVDB-3233: /icons/README: Apache default file found.
+ Cookie JSESSIONID created without the httponly flag
+ /flex2gateway/http: Adobe BlazeDS identified.
+ ERROR: Error limit (20) reached for host, giving up. Last error:
+ Scan terminated: 9 error(s) and 14 item(s) reported on remote host
Server: Apache/2.4.43 (Unix) OpenSSL/1.1.1g
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Server banner has changed from 'Apache/2.4.43 (Unix) OpenSSL/1.1.1g' to 'Apache/2.2.15 (Unix)' which may suggest a WAF, load balancer or proxy is in place
+ Retrieved x-powered-by header: PHP/5.2.13
+ ERROR: Error limit (20) reached for host, giving up. Last error:
+ Scan terminated: 9 error(s) and 4 item(s) reported on remote host
Could anyone please tell me how to use the info gathered on a website vulnerability in order to hack in without any damage to get documents in the server?
No. A mod is about to come along and tell you that talking about hacking is a violation of LQ's TOSS.
Quote:
I need at least a nudge in the directions of what Kali tools to use
Kali is for experienced users, not beginners. If you need to ask, then stop trying to use it. A distro like Ubuntu or Mint may work better for you. Nothing in kali that almost every other distos repo doesn't have.
All web servers keep logs, your IP address, time, sometimes browser and OS metrics. If you are going through a proxy using https, the original packet header is still there, with the originating IP.
Quote:
to get documents in the server
Are these documents made available on the page by hyperlinks, or are they rendered with server side scripts? How do you know that there are documents there?
No. A mod is about to come along and tell you that talking about hacking is a violation of LQ's TOSS.
Kali is for experienced users, not beginners. If you need to ask, then stop trying to use it. A distro like Ubuntu or Mint may work better for you. Nothing in kali that almost every other distos repo doesn't have.
All web servers keep logs, your IP address, time, sometimes browser and OS metrics. If you are going through a proxy using https, the original packet header is still there, with the originating IP.
Are these documents made available on the page by hyperlinks, or are they rendered with server side scripts? How do you know that there are documents there?
Sorry I didn't know it was a violation of the rules
I used VPNs an TOR to try
Well, I know there are restricted areas with https authentication and I know that at least a few documents I need are in one of the restricted sections. I'm not trying to get in to do damage or anything by the way, just very hard to get info on a subject I am interested in
Well, I know there are restricted areas with https authentication and I know that at least a few documents I need are in one of the restricted sections. I'm not trying to get in to do damage or anything by the way, just very hard to get info on a subject I am interested in
I do not really understand what do you need (interested), but I'm sure you need to learn a lot. There is no tool which will work for you if you have no enough knowledge about that software.
If you're performing a penetration test, you should be capable enough to find what you desire without asking us. If not, well... That's STILL your problem, but somehow differently.
Well, I know there are restricted areas with https authentication and I know that at least a few documents I need are in one of the restricted sections. I'm not trying to get in to do damage or anything by the way, just very hard to get info on a subject I am interested in
Bypassing their security measure is damage itself.
Why do you think that your intentions are important to the situation?
The owner of the website has clearly indicated that they do not want you to access those areas by putting "locks" on the door. Have you considered simply respecting their wishes instead of trying to pick the locks?
Think of it this way: My neighbor keeps his doors locked, but he has a few things in his house that I want make use of. I don't intend to damage his house in any way. Will you help me pick his locks?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
