All about SHELLS | Impressive Web Hacking Method

Discussion in 'Ethical hacking Tips' started by indiansword, Aug 30, 2009.

  1. indiansword

    indiansword Security Expert

    Joined:
    Oct 19, 2008
    Messages:
    491
    Likes Received:
    37
    Trophy Points:
    0
    Occupation:
    Operation Planner for 3 Australia
    Home Page:
    http://www.Secworm.net

    Introduction



    I am sure many have you have read about "Hacked / Defaced with shells", So I am pretty sure that the first thing that comes to your mind is "What the heck are these shells?" . So this article would give you complete idea about shells and its use.


    Difference between FTP & Shells:



    Many times I see that some of us know how to use the shell but once they have uploaded they get confused. So to start with, Let me give you some information about FTP:

    File Transfer Protocol

    Whenever you want to open your website, the first thing you will do is to get some web hosting for your self. That cud be either free or paid. When your get your hosting services, you create a website on your computer first and then upload it to your hosting server so it becomes a World Wide Web. This process of uploading the documents from your computer to your hosting server is done through FTP [File Transfer Protocol]. It basically looks like a program with 2 columns, one column shows your computer files and another shows your servers files. Just like when you copy the stuffs from some USB drive to your computer. So here, I will show you an example is how you would connect if you own go4expert. So when you want to connect your self to your web hosting server, following information is required in order to authenticate yourself:

    Server : ftp.go4expert.com
    Username: shabbir
    password: whatever

    So, once you put in this information, server understands that you are shabbir and gives you access to all the files on the server so you can work on it.

    Shells:

    Since you understand the FTP now, we know that none of us will get access to Go4expert's server because we don't have the username and password authenticate yourself. Somehow we can manage to get the access to G4E's FTP we can easily remove/edit/replace files. So we can destroy this entire forum and upload our own stuffs. That is when shells comes into the picture. Shells are a malicious PHP files which you will need to upload to any website, and once you execute it you will get access to its server directly WITHOUT authenticating your self.

    Moral of the Story:



    I wrote the difference between FTP and shells so that you guyz can understand it, because lots of people tends to get confused between them. So again to make it clear, you can following thing:

    Funny Incidents:

    Let me tell you guyz why i gave time to write this much about FTP in this article. In my forum, i reelased a couple of videos about "hacking with shells" etc .etc. So some guyz saw it and just copied what I was doing without understanding the logic.

    I remember i saw couple of threads which said following thing:
    " Hi guyz, i managed to hack my 1st website today! YAY, I am really happy! But theres only 1 problem, i uploaded the shell and ran it and it worked fine. The only problem is i dont have access to FTP."

    Y0, i hacked a website today, uploaded a shell and it worked fine, now i am trying to get access to FTP

    Logic



    Shell is not a tool that you can run and complete your work. As I said, its just a normal ".php" file, you have to find a way in any website to upload that shell. The Idea is, you upload the shell to any website so it will be saved on their server and it will give you the access to it.

    Phase 1 : Uploading a shell:

    Suppose you want to hack "something.com". So the first thing that you will do is, open up "something.com", and try to find some place from where you can upload the files on the website. There are many such places for example, "file uploads, avatars, resume upload, cooking recipe uploads, upload your photo". So these are the places which will give you an opportunity to upload your shell. All you have to do is, try to upload the shell.php which is located in your computer and click on submit. So suppose you went to the webpage "something.com/submit_resume.php" and you uploaded your resume.

    Phase 2 : Executing your uploaded shelll:

    Once we have uploaded the shell as shown in "Phase:1", we know that its sitting on the server. The only thing we need to do now is to execute the shell from a browser so we get access to it.

    Example:

    So suppose i uploaded my shell as an attachment in THIS THREAD. SO now taht attachment is sitting on G4E's server. Now if we want to executive it, we will use following URL:
    Code:
    http://www.go4expert.com/attachment.php?attachmentid=456&d=1249607339
    So that is the DIRECT url to the attachment which is called EXECUTION. In the same way if you execute your shell, it will take you to a webpage where you will see everything thats on the server. And you will have FULL ACCESS to remove/edit/replace/delete the files. So you are another shabbir!

    Phase 3 : Defacing:

    Defacign is a word which means "replacing the current index file with our own index with our motive and slogan on it". So once you have access to the server, you are the king ;)

    Different types of shells:

    There are many shells available, most of them are public and some of them are private. Most of them does the samething to give you the access of the server. "c99, r57, b0yzone, j32" are some very common and easily available shells.

    Where do I get them from?:

    I'd have uploaded them here, but then it might have marked G4E as "Harmful web" on Google. So the best way is Google search with "inurl:c99.txt". You can replace c99 with r57, j32 or anything else.

    Conclusion:



    Now that you guyz know what are shells and how it works, i will start covering other method in coming articles. I will soon write about "RFI, LFI" which are somewhat connected with shells. Meanwhile, keep playing with it and learn more.

    Important Piece of advice:

    I would suggest you to download WAMP SERVER, which lets you make your own server on your comptuer. And then try to use shells on it. Which will help you avoid hacking in live environment. Because, if webmaster is smart then, he can simply check the logs for that shell fine and track down your IP which executed the shell. Then you might be in problem.


    Thanks for your time to read the article :) . Hope you liked it :surprised. PEACE! :shy:
     
  2. nimesh

    nimesh New Member

    Joined:
    Apr 13, 2009
    Messages:
    769
    Likes Received:
    20
    Trophy Points:
    0
    Occupation:
    Oracle Apps Admin
    Location:
    Mumbai
    Home Page:
    http://techiethakkar.blogspot.com
    Nice Article :)
     
  3. indiansword

    indiansword Security Expert

    Joined:
    Oct 19, 2008
    Messages:
    491
    Likes Received:
    37
    Trophy Points:
    0
    Occupation:
    Operation Planner for 3 Australia
    Home Page:
    http://www.Secworm.net
    Glad you liked it.
    Its just an article to give basic ideas about shells to members. In next article i will cover more things which cud be done with it ;)
     
  4. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
  5. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
  6. sameer_havakajoka

    sameer_havakajoka New Member

    Joined:
    Sep 14, 2009
    Messages:
    271
    Likes Received:
    2
    Trophy Points:
    0
    Occupation:
    Sleeping
    Location:
    Hava Ke Paro Me
    Cool one, rarely found this kinda articles on the net
     
  7. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
  8. warlikearvind

    warlikearvind New Member

    Joined:
    Oct 20, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Cheeka (haryana)
    it's very interesting...
     
  9. BlackSpot

    BlackSpot New Member

    Joined:
    Jan 26, 2011
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    0
  10. Cianoo333

    Cianoo333 New Member

    Joined:
    Feb 21, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    0
    Great article, finally one that I can understand.

    One question though, if I do this do I need to take any security measures to make sure I don't get caught
     
  11. fadirano

    fadirano New Member

    Joined:
    Apr 18, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Great article, but what of website that does not have where to upload your shell?? is there any other way you can work on such website.
    waiting for reply.
     
  12. supupoff

    supupoff New Member

    Joined:
    Aug 16, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    noce article thanks very usefull
     
  13. dutchmandonpedro

    dutchmandonpedro New Member

    Joined:
    May 10, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    0
    This is really a nice article, very strait forward and understanding. How will someone upload the shell into website that doesn't have anywhere to upload file. And what is the countermesure an admin go use so attackers will not gain access the the web servers when shell php code is injected or will not be able to work on the server.
     
  14. P455w0rd_Cr4kz

    P455w0rd_Cr4kz Member

    Joined:
    Jan 12, 2007
    Messages:
    198
    Likes Received:
    12
    Trophy Points:
    18
    Location:
    H3LL
    Home Page:
    http://amishrakefight.org

    If you're lucky you coud find a text/pict editor to post,that will allow you to upload a jpg,not a php shell. However..you can rename your php shell to somethink like shell.php;jpg. There are many other ways i cant remember right now
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice