Tuesday, 22 December 2015

HACK WHM PANEL SCRIPT "LFI EXPLOITS""


"LFI EXPLOITS""

HELLO GUYS TODAY I WILL TEACH YOU HOW TO HACK WHM SERVER. BASICALLY WHM IS HOSTING WEB SERVER ITS MOST POWERFUL PANEL FOR HACKERS AND SPAMMERS OR OTHER SCAMMERS.
AND MOST THINK IS LFI EXPLOIT IS SCRIPT TO USE FOR HACK. MY OVER NEXT TUTORIAL I WILL EXPLAIN YOU EXPLOITS.

FIRST WE NEED WHM (WEB HOST MANAGER) RESELLER ACCOUNT IN WHICH THE SITE ARE HOSTED. FOR ATTACKER WE NEED ACCESS TO THE WHM PANEL AFTER THE GET ACCESS WHM PANEL THERE ARE LFI EXPLOIT. LOCAL FILE INCLUSION IN THE CART.PHP FILE OF THE SITE 

THINGS ARE REQUIRED.

A lfi vulnerable whm site ( cart.php )

A lfi exploit.( cart.php?a=projectx&templatefile=../../../configuration.php )

FIRST STEP.
FIRST OF ALL WE WILL FIND  THE CART. PHP HOSTED IN THE SITE IN MY CASE IT IS
( http://www.netxidh.com/support/cart.php ).

NOW WE WILL PUT OUR LFI EXPLOIT AFTER CART.PHP AND IT WILL LOOK LIKE THIS.
http://www.netxidh.com/support/cart.php?a=projectx&templatefile=../../../configuration.php

NOW YOU SEE THERE IS ON DATA PRESENTED IN THE SITE LIKE (ONLY THE TEMPLATE AND OTHERS FEATURES ) 
NOE YOU HAVE GOT THE WHM CONFIGURATION FILE JUST PRESS CTRL+U OR RIGHT  CLICK >VIEW SOURCE. SCROLL DOWN A BIT YOU WILL SEE THE WHM CONFIGURATION FILE. 

YEAH! WE GOT THE WHM CONFIG FILE NOW TO COMMAND PROMPT. TYPE FTP  www.netxidh.com (YOUR WHM SITE) THEN HIT ENTER IT WILL ASK FOR THE USERNAME AND PASSWORD . TYPE THE USERNAME AND PASSWORD  YOU GOT FROM THE WHM CONFIG FILE. THEN YOU WILL BE IN THE FTP OF THE SITES.  

  





No comments:

nkjlfnernfgne

Note: only a member of this blog may post a comment.