Except SQLi are there any vulnerabilities that can deface web sites?
- Hot
- Active
-
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
1 mo ago -
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
1 mo ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
2 mo ago -
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
3 mo ago -
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
4 mo ago -
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
5 mo ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
5 mo ago -
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
6 mo ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
6 mo ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
7 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
9 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
9 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
9 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
9 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
9 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
9 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
10 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
10 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
11 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
11 mo ago
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Track Wi-Fi Devices & Connect to Them Using Probequest
-
Hack Like a Pro:
Networking Basics for the Aspiring Hacker, Part 2 (TCP/IP)
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
Become an Elite Hacker Part 4:
Hacking a Website. [Part 1]
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Extract Bitcoin Wallet Addresses & Balances from Websites with SpiderFoot CLI
-
How To:
Unlock Facial Detection & Recognition on the Inexpensive ESP32-Based Wi-Fi Spy Camera
-
Hacking Pranks:
How to Flip Photos, Change Images & Inject Messages into Friends' Browsers on Your Wi-Fi Network
-
How To:
Fix Bidirectional Copy/Paste Issues for Kali Linux Running in VirtualBox
-
How To:
Crack Wi-Fi Passwords—For Beginners!
-
How To:
Get Root with Metasploit's Local Exploit Suggester
-
How To:
Run USB Rubber Ducky Scripts on a Super Inexpensive Digispark Board
-
How To:
Build an Off-Grid Wi-Fi Voice Communication System with Android & Raspberry Pi
-
How To:
Use SQL Injection to Run OS Commands & Get a Shell
-
How To:
Pick an Antenna for Wi-Fi Hacking
-
How To:
Brute-Force FTP Credentials & Get Server Access
5 Responses
good question .
XSS maybe
Then DoS or DDoS maybe. But that won't be a vulnerability.
I guess any software/protocol being used by the web-server could turn into a vulnerability.
it's mean only way that can deface web site is SQLi?
You can use RFI (remote file inclusion) and/or arbitrary file upload exploits to get a PHP shell on there, then go from there.
C|H has a tutorial on here about hiding some PHP code in a JPEG to use as a connection to upload a shell. I wasn't able to get it to work, personally, but it wouldn't hurt to give it a shot ... https://null-byte.wonderhowto.com/how-to/upload-shell-web-server-and-get-root-rfi-part-1-0162818/
Share Your Thoughts